mirror of
git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
synced 2025-08-31 23:27:20 +00:00
4ceb681f18
The if statement performs the same action if the strcmp result is true or false since there is identical code on both branches. The if statement is redundant and can be replaced with just one call to sysfs_remove_group. Signed-off-by: Colin Ian King <colin.i.king@gmail.com> Reviewed-by: Hans de Goede <hdegoede@redhat.com> Link: https://lore.kernel.org/r/20241107113543.17137-1-colin.i.king@gmail.com Reviewed-by: Ilpo Järvinen <ilpo.jarvinen@linux.intel.com> Signed-off-by: Ilpo Järvinen <ilpo.jarvinen@linux.intel.com>
541 lines
15 KiB
C
541 lines
15 KiB
C
// SPDX-License-Identifier: GPL-2.0
|
|
/*
|
|
* Functions corresponding to password object type attributes under
|
|
* BIOS PASSWORD for use with hp-bioscfg driver.
|
|
*
|
|
* Copyright (c) 2022 HP Development Company, L.P.
|
|
*/
|
|
|
|
#include "bioscfg.h"
|
|
|
|
GET_INSTANCE_ID(password);
|
|
/*
|
|
* Clear all passwords copied to memory for a particular
|
|
* authentication instance
|
|
*/
|
|
static int clear_passwords(const int instance)
|
|
{
|
|
struct password_data *password_data = &bioscfg_drv.password_data[instance];
|
|
|
|
if (!password_data->is_enabled)
|
|
return 0;
|
|
|
|
memset(password_data->current_password,
|
|
0, sizeof(password_data->current_password));
|
|
memset(password_data->new_password,
|
|
0, sizeof(password_data->new_password));
|
|
|
|
return 0;
|
|
}
|
|
|
|
/*
|
|
* Clear all credentials copied to memory for both Power-ON and Setup
|
|
* BIOS instances
|
|
*/
|
|
int hp_clear_all_credentials(void)
|
|
{
|
|
int count = bioscfg_drv.password_instances_count;
|
|
int instance;
|
|
|
|
/* clear all passwords */
|
|
for (instance = 0; instance < count; instance++)
|
|
clear_passwords(instance);
|
|
|
|
/* clear auth_token */
|
|
kfree(bioscfg_drv.spm_data.auth_token);
|
|
bioscfg_drv.spm_data.auth_token = NULL;
|
|
|
|
return 0;
|
|
}
|
|
|
|
int hp_get_password_instance_for_type(const char *name)
|
|
{
|
|
int count = bioscfg_drv.password_instances_count;
|
|
int instance;
|
|
|
|
for (instance = 0; instance < count; instance++)
|
|
if (!strcmp(bioscfg_drv.password_data[instance].common.display_name, name))
|
|
return instance;
|
|
|
|
return -EINVAL;
|
|
}
|
|
|
|
static int validate_password_input(int instance_id, const char *buf)
|
|
{
|
|
int length;
|
|
struct password_data *password_data = &bioscfg_drv.password_data[instance_id];
|
|
|
|
length = strlen(buf);
|
|
if (buf[length - 1] == '\n')
|
|
length--;
|
|
|
|
if (length > MAX_PASSWD_SIZE)
|
|
return INVALID_BIOS_AUTH;
|
|
|
|
if (password_data->min_password_length > length ||
|
|
password_data->max_password_length < length)
|
|
return INVALID_BIOS_AUTH;
|
|
return SUCCESS;
|
|
}
|
|
|
|
ATTRIBUTE_N_PROPERTY_SHOW(is_enabled, password);
|
|
static struct kobj_attribute password_is_password_set = __ATTR_RO(is_enabled);
|
|
|
|
static int store_password_instance(struct kobject *kobj, const char *buf,
|
|
size_t count, bool is_current)
|
|
{
|
|
char *buf_cp;
|
|
int id, ret = 0;
|
|
|
|
buf_cp = kstrdup(buf, GFP_KERNEL);
|
|
if (!buf_cp)
|
|
return -ENOMEM;
|
|
|
|
ret = hp_enforce_single_line_input(buf_cp, count);
|
|
if (!ret) {
|
|
id = get_password_instance_id(kobj);
|
|
|
|
if (id >= 0)
|
|
ret = validate_password_input(id, buf_cp);
|
|
}
|
|
|
|
if (!ret) {
|
|
if (is_current)
|
|
strscpy(bioscfg_drv.password_data[id].current_password, buf_cp);
|
|
else
|
|
strscpy(bioscfg_drv.password_data[id].new_password, buf_cp);
|
|
}
|
|
|
|
kfree(buf_cp);
|
|
return ret < 0 ? ret : count;
|
|
}
|
|
|
|
static ssize_t current_password_store(struct kobject *kobj,
|
|
struct kobj_attribute *attr,
|
|
const char *buf, size_t count)
|
|
{
|
|
return store_password_instance(kobj, buf, count, true);
|
|
}
|
|
|
|
static struct kobj_attribute password_current_password = __ATTR_WO(current_password);
|
|
|
|
static ssize_t new_password_store(struct kobject *kobj,
|
|
struct kobj_attribute *attr,
|
|
const char *buf, size_t count)
|
|
{
|
|
return store_password_instance(kobj, buf, count, true);
|
|
}
|
|
|
|
static struct kobj_attribute password_new_password = __ATTR_WO(new_password);
|
|
|
|
ATTRIBUTE_N_PROPERTY_SHOW(min_password_length, password);
|
|
static struct kobj_attribute password_min_password_length = __ATTR_RO(min_password_length);
|
|
|
|
ATTRIBUTE_N_PROPERTY_SHOW(max_password_length, password);
|
|
static struct kobj_attribute password_max_password_length = __ATTR_RO(max_password_length);
|
|
|
|
static ssize_t role_show(struct kobject *kobj, struct kobj_attribute *attr, char *buf)
|
|
{
|
|
if (!strcmp(kobj->name, SETUP_PASSWD))
|
|
return sysfs_emit(buf, "%s\n", BIOS_ADMIN);
|
|
|
|
if (!strcmp(kobj->name, POWER_ON_PASSWD))
|
|
return sysfs_emit(buf, "%s\n", POWER_ON);
|
|
|
|
return -EIO;
|
|
}
|
|
|
|
static struct kobj_attribute password_role = __ATTR_RO(role);
|
|
|
|
static ssize_t mechanism_show(struct kobject *kobj, struct kobj_attribute *attr,
|
|
char *buf)
|
|
{
|
|
int i = get_password_instance_id(kobj);
|
|
|
|
if (i < 0)
|
|
return i;
|
|
|
|
if (bioscfg_drv.password_data[i].mechanism != PASSWORD)
|
|
return -EINVAL;
|
|
|
|
return sysfs_emit(buf, "%s\n", PASSWD_MECHANISM_TYPES);
|
|
}
|
|
|
|
static struct kobj_attribute password_mechanism = __ATTR_RO(mechanism);
|
|
|
|
ATTRIBUTE_VALUES_PROPERTY_SHOW(encodings, password, SEMICOLON_SEP);
|
|
static struct kobj_attribute password_encodings_val = __ATTR_RO(encodings);
|
|
|
|
static struct attribute *password_attrs[] = {
|
|
&password_is_password_set.attr,
|
|
&password_min_password_length.attr,
|
|
&password_max_password_length.attr,
|
|
&password_current_password.attr,
|
|
&password_new_password.attr,
|
|
&password_role.attr,
|
|
&password_mechanism.attr,
|
|
&password_encodings_val.attr,
|
|
NULL
|
|
};
|
|
|
|
static const struct attribute_group password_attr_group = {
|
|
.attrs = password_attrs
|
|
};
|
|
|
|
int hp_alloc_password_data(void)
|
|
{
|
|
bioscfg_drv.password_instances_count = hp_get_instance_count(HP_WMI_BIOS_PASSWORD_GUID);
|
|
bioscfg_drv.password_data = kcalloc(bioscfg_drv.password_instances_count,
|
|
sizeof(*bioscfg_drv.password_data), GFP_KERNEL);
|
|
if (!bioscfg_drv.password_data) {
|
|
bioscfg_drv.password_instances_count = 0;
|
|
return -ENOMEM;
|
|
}
|
|
|
|
return 0;
|
|
}
|
|
|
|
/* Expected Values types associated with each element */
|
|
static const acpi_object_type expected_password_types[] = {
|
|
[NAME] = ACPI_TYPE_STRING,
|
|
[VALUE] = ACPI_TYPE_STRING,
|
|
[PATH] = ACPI_TYPE_STRING,
|
|
[IS_READONLY] = ACPI_TYPE_INTEGER,
|
|
[DISPLAY_IN_UI] = ACPI_TYPE_INTEGER,
|
|
[REQUIRES_PHYSICAL_PRESENCE] = ACPI_TYPE_INTEGER,
|
|
[SEQUENCE] = ACPI_TYPE_INTEGER,
|
|
[PREREQUISITES_SIZE] = ACPI_TYPE_INTEGER,
|
|
[PREREQUISITES] = ACPI_TYPE_STRING,
|
|
[SECURITY_LEVEL] = ACPI_TYPE_INTEGER,
|
|
[PSWD_MIN_LENGTH] = ACPI_TYPE_INTEGER,
|
|
[PSWD_MAX_LENGTH] = ACPI_TYPE_INTEGER,
|
|
[PSWD_SIZE] = ACPI_TYPE_INTEGER,
|
|
[PSWD_ENCODINGS] = ACPI_TYPE_STRING,
|
|
[PSWD_IS_SET] = ACPI_TYPE_INTEGER,
|
|
};
|
|
|
|
static int hp_populate_password_elements_from_package(union acpi_object *password_obj,
|
|
int password_obj_count,
|
|
int instance_id)
|
|
{
|
|
char *str_value = NULL;
|
|
int value_len;
|
|
int ret;
|
|
u32 size;
|
|
u32 int_value = 0;
|
|
int elem;
|
|
int reqs;
|
|
int eloc;
|
|
int pos_values;
|
|
struct password_data *password_data = &bioscfg_drv.password_data[instance_id];
|
|
|
|
if (!password_obj)
|
|
return -EINVAL;
|
|
|
|
for (elem = 1, eloc = 1; elem < password_obj_count; elem++, eloc++) {
|
|
/* ONLY look at the first PASSWORD_ELEM_CNT elements */
|
|
if (eloc == PSWD_ELEM_CNT)
|
|
goto exit_package;
|
|
|
|
switch (password_obj[elem].type) {
|
|
case ACPI_TYPE_STRING:
|
|
if (PREREQUISITES != elem && PSWD_ENCODINGS != elem) {
|
|
ret = hp_convert_hexstr_to_str(password_obj[elem].string.pointer,
|
|
password_obj[elem].string.length,
|
|
&str_value, &value_len);
|
|
if (ret)
|
|
continue;
|
|
}
|
|
break;
|
|
case ACPI_TYPE_INTEGER:
|
|
int_value = (u32)password_obj[elem].integer.value;
|
|
break;
|
|
default:
|
|
pr_warn("Unsupported object type [%d]\n", password_obj[elem].type);
|
|
continue;
|
|
}
|
|
|
|
/* Check that both expected and read object type match */
|
|
if (expected_password_types[eloc] != password_obj[elem].type) {
|
|
pr_err("Error expected type %d for elem %d, but got type %d instead\n",
|
|
expected_password_types[eloc], elem, password_obj[elem].type);
|
|
kfree(str_value);
|
|
return -EIO;
|
|
}
|
|
|
|
/* Assign appropriate element value to corresponding field*/
|
|
switch (eloc) {
|
|
case VALUE:
|
|
break;
|
|
case PATH:
|
|
strscpy(password_data->common.path, str_value);
|
|
break;
|
|
case IS_READONLY:
|
|
password_data->common.is_readonly = int_value;
|
|
break;
|
|
case DISPLAY_IN_UI:
|
|
password_data->common.display_in_ui = int_value;
|
|
break;
|
|
case REQUIRES_PHYSICAL_PRESENCE:
|
|
password_data->common.requires_physical_presence = int_value;
|
|
break;
|
|
case SEQUENCE:
|
|
password_data->common.sequence = int_value;
|
|
break;
|
|
case PREREQUISITES_SIZE:
|
|
if (int_value > MAX_PREREQUISITES_SIZE) {
|
|
pr_warn("Prerequisites size value exceeded the maximum number of elements supported or data may be malformed\n");
|
|
int_value = MAX_PREREQUISITES_SIZE;
|
|
}
|
|
password_data->common.prerequisites_size = int_value;
|
|
|
|
/* This step is needed to keep the expected
|
|
* element list pointing to the right obj[elem].type
|
|
* when the size is zero. PREREQUISITES
|
|
* object is omitted by BIOS when the size is
|
|
* zero.
|
|
*/
|
|
if (int_value == 0)
|
|
eloc++;
|
|
break;
|
|
case PREREQUISITES:
|
|
size = min_t(u32, password_data->common.prerequisites_size,
|
|
MAX_PREREQUISITES_SIZE);
|
|
|
|
for (reqs = 0; reqs < size; reqs++) {
|
|
ret = hp_convert_hexstr_to_str(password_obj[elem + reqs].string.pointer,
|
|
password_obj[elem + reqs].string.length,
|
|
&str_value, &value_len);
|
|
|
|
if (ret)
|
|
break;
|
|
|
|
strscpy(password_data->common.prerequisites[reqs], str_value);
|
|
|
|
kfree(str_value);
|
|
str_value = NULL;
|
|
|
|
}
|
|
break;
|
|
case SECURITY_LEVEL:
|
|
password_data->common.security_level = int_value;
|
|
break;
|
|
case PSWD_MIN_LENGTH:
|
|
password_data->min_password_length = int_value;
|
|
break;
|
|
case PSWD_MAX_LENGTH:
|
|
password_data->max_password_length = int_value;
|
|
break;
|
|
case PSWD_SIZE:
|
|
|
|
if (int_value > MAX_ENCODINGS_SIZE) {
|
|
pr_warn("Password Encoding size value exceeded the maximum number of elements supported or data may be malformed\n");
|
|
int_value = MAX_ENCODINGS_SIZE;
|
|
}
|
|
password_data->encodings_size = int_value;
|
|
|
|
/* This step is needed to keep the expected
|
|
* element list pointing to the right obj[elem].type
|
|
* when the size is zero. PSWD_ENCODINGS
|
|
* object is omitted by BIOS when the size is
|
|
* zero.
|
|
*/
|
|
if (int_value == 0)
|
|
eloc++;
|
|
break;
|
|
case PSWD_ENCODINGS:
|
|
size = min_t(u32, password_data->encodings_size, MAX_ENCODINGS_SIZE);
|
|
for (pos_values = 0; pos_values < size; pos_values++) {
|
|
ret = hp_convert_hexstr_to_str(password_obj[elem + pos_values].string.pointer,
|
|
password_obj[elem + pos_values].string.length,
|
|
&str_value, &value_len);
|
|
if (ret)
|
|
break;
|
|
|
|
strscpy(password_data->encodings[pos_values], str_value);
|
|
kfree(str_value);
|
|
str_value = NULL;
|
|
|
|
}
|
|
break;
|
|
case PSWD_IS_SET:
|
|
password_data->is_enabled = int_value;
|
|
break;
|
|
default:
|
|
pr_warn("Invalid element: %d found in Password attribute or data may be malformed\n", elem);
|
|
break;
|
|
}
|
|
|
|
kfree(str_value);
|
|
str_value = NULL;
|
|
}
|
|
|
|
exit_package:
|
|
kfree(str_value);
|
|
return 0;
|
|
}
|
|
|
|
/**
|
|
* hp_populate_password_package_data()
|
|
* Populate all properties for an instance under password attribute
|
|
*
|
|
* @password_obj: ACPI object with password data
|
|
* @instance_id: The instance to enumerate
|
|
* @attr_name_kobj: The parent kernel object
|
|
*/
|
|
int hp_populate_password_package_data(union acpi_object *password_obj, int instance_id,
|
|
struct kobject *attr_name_kobj)
|
|
{
|
|
struct password_data *password_data = &bioscfg_drv.password_data[instance_id];
|
|
|
|
password_data->attr_name_kobj = attr_name_kobj;
|
|
|
|
hp_populate_password_elements_from_package(password_obj,
|
|
password_obj->package.count,
|
|
instance_id);
|
|
|
|
hp_friendly_user_name_update(password_data->common.path,
|
|
attr_name_kobj->name,
|
|
password_data->common.display_name,
|
|
sizeof(password_data->common.display_name));
|
|
|
|
if (!strcmp(attr_name_kobj->name, SETUP_PASSWD))
|
|
return sysfs_create_group(attr_name_kobj, &password_attr_group);
|
|
|
|
return sysfs_create_group(attr_name_kobj, &password_attr_group);
|
|
}
|
|
|
|
static int hp_populate_password_elements_from_buffer(u8 *buffer_ptr, u32 *buffer_size,
|
|
int instance_id)
|
|
{
|
|
int values;
|
|
int isreadonly;
|
|
struct password_data *password_data = &bioscfg_drv.password_data[instance_id];
|
|
int ret = 0;
|
|
|
|
/*
|
|
* Only data relevant to this driver and its functionality is
|
|
* read. BIOS defines the order in which each * element is
|
|
* read. Element 0 data is not relevant to this
|
|
* driver hence it is ignored. For clarity, all element names
|
|
* (DISPLAY_IN_UI) which defines the order in which is read
|
|
* and the name matches the variable where the data is stored.
|
|
*
|
|
* In earlier implementation, reported errors were ignored
|
|
* causing the data to remain uninitialized. It is not
|
|
* possible to determine if data read from BIOS is valid or
|
|
* not. It is for this reason functions may return a error
|
|
* without validating the data itself.
|
|
*/
|
|
|
|
// VALUE:
|
|
ret = hp_get_string_from_buffer(&buffer_ptr, buffer_size, password_data->current_password,
|
|
sizeof(password_data->current_password));
|
|
if (ret < 0)
|
|
goto buffer_exit;
|
|
|
|
// COMMON:
|
|
ret = hp_get_common_data_from_buffer(&buffer_ptr, buffer_size,
|
|
&password_data->common);
|
|
if (ret < 0)
|
|
goto buffer_exit;
|
|
|
|
// PSWD_MIN_LENGTH:
|
|
ret = hp_get_integer_from_buffer(&buffer_ptr, buffer_size,
|
|
&password_data->min_password_length);
|
|
if (ret < 0)
|
|
goto buffer_exit;
|
|
|
|
// PSWD_MAX_LENGTH:
|
|
ret = hp_get_integer_from_buffer(&buffer_ptr, buffer_size,
|
|
&password_data->max_password_length);
|
|
if (ret < 0)
|
|
goto buffer_exit;
|
|
|
|
// PSWD_SIZE:
|
|
ret = hp_get_integer_from_buffer(&buffer_ptr, buffer_size,
|
|
&password_data->encodings_size);
|
|
if (ret < 0)
|
|
goto buffer_exit;
|
|
|
|
if (password_data->encodings_size > MAX_ENCODINGS_SIZE) {
|
|
/* Report a message and limit possible values size to maximum value */
|
|
pr_warn("Password Encoding size value exceeded the maximum number of elements supported or data may be malformed\n");
|
|
password_data->encodings_size = MAX_ENCODINGS_SIZE;
|
|
}
|
|
|
|
// PSWD_ENCODINGS:
|
|
for (values = 0; values < password_data->encodings_size; values++) {
|
|
ret = hp_get_string_from_buffer(&buffer_ptr, buffer_size,
|
|
password_data->encodings[values],
|
|
sizeof(password_data->encodings[values]));
|
|
if (ret < 0)
|
|
break;
|
|
}
|
|
|
|
// PSWD_IS_SET:
|
|
ret = hp_get_integer_from_buffer(&buffer_ptr, buffer_size, &isreadonly);
|
|
if (ret < 0)
|
|
goto buffer_exit;
|
|
|
|
password_data->is_enabled = isreadonly ? true : false;
|
|
|
|
buffer_exit:
|
|
return ret;
|
|
}
|
|
|
|
/**
|
|
* hp_populate_password_buffer_data()
|
|
* Populate all properties for an instance under password object attribute
|
|
*
|
|
* @buffer_ptr: Buffer pointer
|
|
* @buffer_size: Buffer size
|
|
* @instance_id: The instance to enumerate
|
|
* @attr_name_kobj: The parent kernel object
|
|
*/
|
|
int hp_populate_password_buffer_data(u8 *buffer_ptr, u32 *buffer_size, int instance_id,
|
|
struct kobject *attr_name_kobj)
|
|
{
|
|
struct password_data *password_data = &bioscfg_drv.password_data[instance_id];
|
|
int ret = 0;
|
|
|
|
password_data->attr_name_kobj = attr_name_kobj;
|
|
|
|
/* Populate Password attributes */
|
|
ret = hp_populate_password_elements_from_buffer(buffer_ptr, buffer_size,
|
|
instance_id);
|
|
if (ret < 0)
|
|
return ret;
|
|
|
|
hp_friendly_user_name_update(password_data->common.path,
|
|
attr_name_kobj->name,
|
|
password_data->common.display_name,
|
|
sizeof(password_data->common.display_name));
|
|
if (!strcmp(attr_name_kobj->name, SETUP_PASSWD))
|
|
return sysfs_create_group(attr_name_kobj, &password_attr_group);
|
|
|
|
return sysfs_create_group(attr_name_kobj, &password_attr_group);
|
|
}
|
|
|
|
/**
|
|
* hp_exit_password_attributes() - Clear all attribute data
|
|
*
|
|
* Clears all data allocated for this group of attributes
|
|
*/
|
|
void hp_exit_password_attributes(void)
|
|
{
|
|
int instance_id;
|
|
|
|
for (instance_id = 0; instance_id < bioscfg_drv.password_instances_count;
|
|
instance_id++) {
|
|
struct kobject *attr_name_kobj =
|
|
bioscfg_drv.password_data[instance_id].attr_name_kobj;
|
|
|
|
if (attr_name_kobj)
|
|
sysfs_remove_group(attr_name_kobj,
|
|
&password_attr_group);
|
|
}
|
|
bioscfg_drv.password_instances_count = 0;
|
|
kfree(bioscfg_drv.password_data);
|
|
bioscfg_drv.password_data = NULL;
|
|
}
|