Complete some clean-ups as reqested from the last review as follow-ups
- Remove certificate from structure as no need to store it any more
- Clean up return code handling
- Moved freeing of signature to before admin object released (issue
seen in testing when unloading module)
- Minor code flow improvements
Signed-off-by: Mark Pearson <markpearson@lenovo.com>
Link: https://lore.kernel.org/r/20220321180624.4761-1-markpearson@lenovo.com
Reviewed-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Implementation of certificate authentication feature for Lenovo
platforms. This allows for signed updates of BIOS settings.
Functionality supported:
- Cert support available check. At initialisation check if BIOS
supports certification authentication and if a certificate is
installed. Enable the sysfs nodes appropriately
- certificate and signature authentication attributes to enable
a user to install, update and delete a certificate using signed
signatures
- certificate_thumbprint to confirm installed certificate details
- support to go from certificate to password based authentication
- signature and save_signature attributes needed for setting BIOS
attributes using certificate authentication.
Tested on X1 Carbon G10 and X1 Yoga G7. This feature is not
generally available yet but will be released later this year.
Note, I also cleaned up the formating of the GUIDs when I was adding
the new defines. Hope that's OK to combine in this commit.
Signed-off-by: Mark Pearson <markpearson@lenovo.com>
Link: https://lore.kernel.org/r/20220317214008.3459-2-markpearson@lenovo.com
Reviewed-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
There needs to be a check to prevent negative offsets for
setting->index. I have reviewed this code and I think that the
"if (block->instance_count <= instance)" check in __query_block() will
prevent this from resulting in an out of bounds access. But it's
still worth fixing.
Fixes: 640a5fa50a ("platform/x86: think-lmi: Opcode support")
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Link: https://lore.kernel.org/r/20211217071209.GF26548@kili
Reviewed-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Creating the tlmi_pwd_setting structs can only fail with -ENOMEM, set
ret to this once and simplify the error handling a bit.
Tested-by: Mark Pearson <markpearson@lenovo.com>
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Link: https://lore.kernel.org/r/20211118114150.271274-2-hdegoede@redhat.com
All callers of tlmi_create_auth() also call
kobject_init(&pwd_setting->kobj, &tlmi_pwd_setting_ktype) on the returned
tlmi_pwd_setting struct. Move this into tlmi_create_auth().
Tested-by: Mark Pearson <markpearson@lenovo.com>
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Link: https://lore.kernel.org/r/20211118114150.271274-1-hdegoede@redhat.com
Implement Opcode support.
This is available on ThinkCenter and ThinkStations platforms and
gives improved password setting capabilities
Add options to configure System, HDD & NVMe passwords.
HDD & NVMe passwords need a user level (user/master) along with
drive index.
Signed-off-by: Mark Pearson <markpearson@lenovo.com>
Link: https://lore.kernel.org/r/20211117184453.2476-2-markpearson@lenovo.com
Reviewed-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
A Lenovo ThinkStation S20 (4157CTO BIOS 60KT41AUS) fails to boot on
recent kernels including the think-lmi driver, due to the fact that
errors returned by the tlmi_analyze() function are ignored by
tlmi_probe(), where tlmi_sysfs_init() is called unconditionally.
This results in making use of an array of already freed, non-null
pointers and other uninitialized globals, causing all sorts of nasty
kobject and memory faults.
Make use of the analyze function return value, free a couple leaked
allocations, and remove the settings_count field, which is incremented
but never consumed.
Fixes: a40cd7ef22 ("platform/x86: think-lmi: Add WMI interface support on Lenovo platforms")
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Reviewed-by: Mark Gross <markgross@kernel.org>
Reviewed-by: Mark Pearson <markpearson@lenovo.com>
Link: https://lore.kernel.org/r/163639463588.1330483.15850167112490200219.stgit@omen
Reviewed-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Many Lenovo BIOS's support the ability to send a debug command which
is useful for debugging and testing unreleased or early features.
Adding support for this feature as a module parameter.
Signed-off-by: Mark Pearson <markpearson@lenovo.com>
Link: https://lore.kernel.org/r/20210817001501.293501-1-markpearson@lenovo.com
Reviewed-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Fix 2 possible memleaks on error-exits from tlmi_analyze():
1. If the kzalloc of pwd_power fails, then not only free the atributes,
but also the allocated pwd_admin struct.
2. Freeing the attributes should also free the possible_values strings.
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Link: https://lore.kernel.org/r/20210717143607.3580-3-hdegoede@redhat.com
tlmi_sysfs_init() calls tlmi_release_attr() on errors which calls
kobject_put() for attributes created by tlmi_analyze(), but if we
bail early because of an error, then this means that some of the
kobjects will not have been initialized yet; and we should thus not
call kobject_put() on them.
Switch from using kobject_init_and_add() inside tlmi_sysfs_init() to
initializing all the created kobjects directly in tlmi_analyze() and
only adding them from tlmi_sysfs_init(). This way all kobjects will
always be initialized when tlmi_release_attr() gets called.
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Link: https://lore.kernel.org/r/20210717143607.3580-2-hdegoede@redhat.com
Move the pending_reboot node under attributes dir where it should live, as
documented in: Documentation/ABI/testing/sysfs-class-firmware-attributes.
Also move the create / remove code to be together with the other code
populating / cleaning the attributes sysfs dir. In the removal path this
is necessary so that the remove is done before the
kset_unregister(tlmi_priv.attribute_kset) call.
Signed-off-by: Mark Pearson <markpearson@lenovo.com>
Co-developed-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Link: https://lore.kernel.org/r/20210717143607.3580-1-hdegoede@redhat.com
The Think-lmi driver was missing pending_reboot support as it wasn't
available from the BIOS. Turns out this is really useful to have from
user space so implementing from a purely SW point of view.
Thanks to Mario Limonciello for guidance on how fwupd would use this.
Suggested-by: Mario Limonciello <mario.limonciello@amd.com>
Signed-off-by: Mark Pearson <markpearson@lenovo.com>
Reviewed-by: Hans de Goede <hdegoede@redhat.com>
Link: https://lore.kernel.org/r/20210628222846.8830-1-markpearson@lenovo.com
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
We must not free the possible_values string before we have called
sysfs_remove_group(kobj, &tlmi_attr_group) otherwise there is a race
where a sysfs read of possible_values could reference the free-ed
memory.
Move the kfree(setting->possible_values) together with the free of the
actual tlmi_attr_setting struct to avoid this race.
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Currently attributes will show things like:
`BootOrderLock,Disable`
rather than just
`Disable`.
Of course this works, but the attribute is intended to be read by
userspace tools and not require further processing. That is a userspace
tool can display a drop down of `possible_values` and `current_value` is
one of them from the list.
This also aligns `think-lmi` with how `dell-wmi-sysman` works.
Signed-off-by: Mario Limonciello <mario.limonciello@amd.com>
Link: https://lore.kernel.org/r/20210622200755.12379-3-mario.limonciello@amd.com
Reviewed-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
On an AMD based Lenovo T14, I find that the module doesn't work at
all, and instead has a traceback with messages like:
```
sysfs: cannot create duplicate filename '/devices/virtual/firmware-attributes/thinklmi/attributes/Reserved'
```
Duplicate and reserved values showing up appear to be a firmware bug,
but they shouldn't make the driver explode. So catch them and skip
them.
Fixes: a40cd7ef22 ("platform/x86: think-lmi: Add WMI interface support on Lenovo platforms")
Signed-off-by: Mario Limonciello <mario.limonciello@amd.com>
Link: https://lore.kernel.org/r/20210622200755.12379-2-mario.limonciello@amd.com
[hdegoede@redhat.com: Add missing kfree(tlmi_priv.setting[i])]
Reviewed-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Commit 0ddcf3a6b4 ("platform/x86: think-lmi: Avoid potential read before
start of the buffer") moved the length == 0 up to before stripping the '\n'
which typically gets added when users echo a value to a sysfs-attribute
from the shell.
This avoids a potential buffer-underrun, but it also causes a behavioral
change, prior to this change "echo > kbdlang", iow writing just a single
'\n' would result in an EINVAL error, but after the change this gets
accepted setting kbdlang to an empty string.
Fix this by replacing the manual '\n' check with using strchrnul() to get
the length till '\n' or terminating 0 in one go; and then do the
length != 0 check after this.
Fixes: 0ddcf3a6b4 ("platform/x86: think-lmi: Avoid potential read before start of the buffer")
Reported-by: Juha Leppänen <juha_efku@dnainternet.net>
Suggested-by: Andy Shevchenko <andy.shevchenko@gmail.com>
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Link: https://lore.kernel.org/r/20210621193648.44138-1-hdegoede@redhat.com
This patch adds missing MODULE_DEVICE_TABLE definition which generates
correct modalias for automatic loading of this driver when it is built
as an external module.
Reported-by: Hulk Robot <hulkci@huawei.com>
Signed-off-by: Zou Wei <zou_wei@huawei.com>
Link: https://lore.kernel.org/r/1623811809-65099-1-git-send-email-zou_wei@huawei.com
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
If length equals 0 then reading buf[length-1] will read before the start
of the buffer.
Avoid this by moving the length == 0 check up.
Cc: Mark Pearson <markpearson@lenovo.com>
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Link: https://lore.kernel.org/r/20210609151752.156902-2-hdegoede@redhat.com
tlmi_priv.pwd_admin->password is an array (not a pointer), so the correct
way to check for the password being set is to check for
tlmi_priv.pwd_admin->password[0] != 0.
For the second check, replace the check with checking that auth_str is
set instead.
Cc: Mark Pearson <markpearson@lenovo.com>
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Reported-by: coverity-bot <keescook+coverity-bot@chromium.org>
Addresses-Coverity-ID: 1505158 ("NO_EFFECT")
Fixes: a7314b3b1d8a ("platform/x86: think-lmi: Add WMI interface support on Lenovo platforms")
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Link: https://lore.kernel.org/r/20210609151752.156902-1-hdegoede@redhat.com
The dell-wmi-sysman and think-lmi kernel modules both have a global
struct class *fw_attr_class variable, leading to the following compile
errors when both are builtin:
ld: drivers/platform/x86/think-lmi.o:(.bss+0x0): multiple definition of `fw_attr_class'; drivers/platform/x86/dell/dell-wmi-sysman/sysman.o:(.bss+0x0): first defined here
In both cases the variable is only used in the file where it is declared.
Make both declarations static to avoid the linker error.
Cc: Mark Pearson <markpearson@lenovo.com>
Cc: Dell.Client.Kernel@dell.com
Reported-by: Nathan Chancellor <nathan@kernel.org>
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Link: https://lore.kernel.org/r/20210609145952.113393-1-hdegoede@redhat.com
The struct tlmi_pwd_setting display_name member is initialized,
but never read. Remove it and the TLMI_PWDTYPE_MAXLEN define.
While at it also remove some other unused [MAX]LEN defines.
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Link: https://lore.kernel.org/r/20210531135911.82582-1-hdegoede@redhat.com
For Lenovo platforms that support a WMI interface to the BIOS add
support, using the firmware-attributes class, to allow users to access
and modify various BIOS related settings.
Signed-off-by: Mark Pearson <markpearson@lenovo.com>
Link: https://lore.kernel.org/r/20210530223111.25929-3-markpearson@lenovo.com
Reviewed-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Mark Pearson