1 // SPDX-License-Identifier: GPL-2.0
2 /*
3 * Copyright (C) 2019-2022 Red Hat, Inc. Daniel Bristot de Oliveira <bristot@kernel.org>
4 *
5 * Runtime reactor interface.
6 *
7 * A runtime monitor can cause a reaction to the detection of an
8 * exception on the model's execution. By default, the monitors have
9 * tracing reactions, printing the monitor output via tracepoints.
10 * But other reactions can be added (on-demand) via this interface.
11 *
12 * == Registering reactors ==
13 *
14 * The struct rv_reactor defines a callback function to be executed
15 * in case of a model exception happens. The callback function
16 * receives a message to be (optionally) printed before executing
17 * the reaction.
18 *
19 * A RV reactor is registered via:
20 * int rv_register_reactor(struct rv_reactor *reactor)
21 * And unregistered via:
22 * int rv_unregister_reactor(struct rv_reactor *reactor)
23 *
24 * These functions are exported to modules, enabling reactors to be
25 * dynamically loaded.
26 *
27 * == User interface ==
28 *
29 * The user interface resembles the kernel tracing interface and
30 * presents these files:
31 *
32 * "available_reactors"
33 * - List the available reactors, one per line.
34 *
35 * For example:
36 * # cat available_reactors
37 * nop
38 * panic
39 * printk
40 *
41 * "reacting_on"
42 * - It is an on/off general switch for reactors, disabling
43 * all reactions.
44 *
45 * "monitors/MONITOR/reactors"
46 * - List available reactors, with the select reaction for the given
47 * MONITOR inside []. The default one is the nop (no operation)
48 * reactor.
49 * - Writing the name of an reactor enables it to the given
50 * MONITOR.
51 *
52 * For example:
53 * # cat monitors/wip/reactors
54 * [nop]
55 * panic
56 * printk
57 * # echo panic > monitors/wip/reactors
58 * # cat monitors/wip/reactors
59 * nop
60 * [panic]
61 * printk
62 */
63
64 #include <linux/slab.h>
65
66 #include "rv.h"
67
68 /*
69 * Interface for the reactor register.
70 */
71 static LIST_HEAD(rv_reactors_list);
72
get_reactor_rdef_by_name(char * name)73 static struct rv_reactor *get_reactor_rdef_by_name(char *name)
74 {
75 struct rv_reactor *r;
76
77 list_for_each_entry(r, &rv_reactors_list, list) {
78 if (strcmp(name, r->name) == 0)
79 return r;
80 }
81 return NULL;
82 }
83
84 /*
85 * Available reactors seq functions.
86 */
reactors_show(struct seq_file * m,void * p)87 static int reactors_show(struct seq_file *m, void *p)
88 {
89 struct rv_reactor *reactor = container_of(p, struct rv_reactor, list);
90
91 seq_printf(m, "%s\n", reactor->name);
92 return 0;
93 }
94
reactors_stop(struct seq_file * m,void * p)95 static void reactors_stop(struct seq_file *m, void *p)
96 {
97 mutex_unlock(&rv_interface_lock);
98 }
99
reactors_start(struct seq_file * m,loff_t * pos)100 static void *reactors_start(struct seq_file *m, loff_t *pos)
101 {
102 mutex_lock(&rv_interface_lock);
103 return seq_list_start(&rv_reactors_list, *pos);
104 }
105
reactors_next(struct seq_file * m,void * p,loff_t * pos)106 static void *reactors_next(struct seq_file *m, void *p, loff_t *pos)
107 {
108 return seq_list_next(p, &rv_reactors_list, pos);
109 }
110
111 /*
112 * available_reactors seq definition.
113 */
114 static const struct seq_operations available_reactors_seq_ops = {
115 .start = reactors_start,
116 .next = reactors_next,
117 .stop = reactors_stop,
118 .show = reactors_show
119 };
120
121 /*
122 * available_reactors interface.
123 */
available_reactors_open(struct inode * inode,struct file * file)124 static int available_reactors_open(struct inode *inode, struct file *file)
125 {
126 return seq_open(file, &available_reactors_seq_ops);
127 };
128
129 static const struct file_operations available_reactors_ops = {
130 .open = available_reactors_open,
131 .read = seq_read,
132 .llseek = seq_lseek,
133 .release = seq_release
134 };
135
136 /*
137 * Monitor's reactor file.
138 */
monitor_reactor_show(struct seq_file * m,void * p)139 static int monitor_reactor_show(struct seq_file *m, void *p)
140 {
141 struct rv_monitor *mon = m->private;
142 struct rv_reactor *reactor = container_of(p, struct rv_reactor, list);
143
144 if (mon->reactor == reactor)
145 seq_printf(m, "[%s]\n", reactor->name);
146 else
147 seq_printf(m, "%s\n", reactor->name);
148 return 0;
149 }
150
151 /*
152 * available_reactors seq definition.
153 */
154 static const struct seq_operations monitor_reactors_seq_ops = {
155 .start = reactors_start,
156 .next = reactors_next,
157 .stop = reactors_stop,
158 .show = monitor_reactor_show
159 };
160
monitor_swap_reactors_single(struct rv_monitor * mon,struct rv_reactor * reactor,bool nested)161 static void monitor_swap_reactors_single(struct rv_monitor *mon,
162 struct rv_reactor *reactor,
163 bool nested)
164 {
165 bool monitor_enabled;
166
167 /* nothing to do */
168 if (mon->reactor == reactor)
169 return;
170
171 monitor_enabled = mon->enabled;
172 if (monitor_enabled)
173 rv_disable_monitor(mon);
174
175 mon->reactor = reactor;
176 mon->react = reactor->react;
177
178 /* enable only once if iterating through a container */
179 if (monitor_enabled && !nested)
180 rv_enable_monitor(mon);
181 }
182
monitor_swap_reactors(struct rv_monitor * mon,struct rv_reactor * reactor)183 static void monitor_swap_reactors(struct rv_monitor *mon, struct rv_reactor *reactor)
184 {
185 struct rv_monitor *p = mon;
186
187 if (rv_is_container_monitor(mon))
188 list_for_each_entry_continue(p, &rv_monitors_list, list) {
189 if (p->parent != mon)
190 break;
191 monitor_swap_reactors_single(p, reactor, true);
192 }
193 /*
194 * This call enables and disables the monitor if they were active.
195 * In case of a container, we already disabled all and will enable all.
196 * All nested monitors are enabled also if they were off, we may refine
197 * this logic in the future.
198 */
199 monitor_swap_reactors_single(mon, reactor, false);
200 }
201
202 static ssize_t
monitor_reactors_write(struct file * file,const char __user * user_buf,size_t count,loff_t * ppos)203 monitor_reactors_write(struct file *file, const char __user *user_buf,
204 size_t count, loff_t *ppos)
205 {
206 char buff[MAX_RV_REACTOR_NAME_SIZE + 2];
207 struct rv_monitor *mon;
208 struct rv_reactor *reactor;
209 struct seq_file *seq_f;
210 int retval = -EINVAL;
211 char *ptr;
212 int len;
213
214 if (count < 1 || count > MAX_RV_REACTOR_NAME_SIZE + 1)
215 return -EINVAL;
216
217 memset(buff, 0, sizeof(buff));
218
219 retval = simple_write_to_buffer(buff, sizeof(buff) - 1, ppos, user_buf, count);
220 if (retval < 0)
221 return -EFAULT;
222
223 ptr = strim(buff);
224
225 len = strlen(ptr);
226 if (!len)
227 return count;
228
229 /*
230 * See monitor_reactors_open()
231 */
232 seq_f = file->private_data;
233 mon = seq_f->private;
234
235 mutex_lock(&rv_interface_lock);
236
237 retval = -EINVAL;
238
239 list_for_each_entry(reactor, &rv_reactors_list, list) {
240 if (strcmp(ptr, reactor->name) != 0)
241 continue;
242
243 monitor_swap_reactors(mon, reactor);
244
245 retval = count;
246 break;
247 }
248
249 mutex_unlock(&rv_interface_lock);
250
251 return retval;
252 }
253
254 /*
255 * available_reactors interface.
256 */
monitor_reactors_open(struct inode * inode,struct file * file)257 static int monitor_reactors_open(struct inode *inode, struct file *file)
258 {
259 struct rv_monitor *mon = inode->i_private;
260 struct seq_file *seq_f;
261 int ret;
262
263 ret = seq_open(file, &monitor_reactors_seq_ops);
264 if (ret < 0)
265 return ret;
266
267 /*
268 * seq_open stores the seq_file on the file->private data.
269 */
270 seq_f = file->private_data;
271
272 /*
273 * Copy the create file "private" data to the seq_file private data.
274 */
275 seq_f->private = mon;
276
277 return 0;
278 };
279
280 static const struct file_operations monitor_reactors_ops = {
281 .open = monitor_reactors_open,
282 .read = seq_read,
283 .llseek = seq_lseek,
284 .release = seq_release,
285 .write = monitor_reactors_write
286 };
287
__rv_register_reactor(struct rv_reactor * reactor)288 static int __rv_register_reactor(struct rv_reactor *reactor)
289 {
290 struct rv_reactor *r;
291
292 list_for_each_entry(r, &rv_reactors_list, list) {
293 if (strcmp(reactor->name, r->name) == 0) {
294 pr_info("Reactor %s is already registered\n", reactor->name);
295 return -EINVAL;
296 }
297 }
298
299 list_add_tail(&reactor->list, &rv_reactors_list);
300
301 return 0;
302 }
303
304 /**
305 * rv_register_reactor - register a rv reactor.
306 * @reactor: The rv_reactor to be registered.
307 *
308 * Returns 0 if successful, error otherwise.
309 */
rv_register_reactor(struct rv_reactor * reactor)310 int rv_register_reactor(struct rv_reactor *reactor)
311 {
312 int retval = 0;
313
314 if (strlen(reactor->name) >= MAX_RV_REACTOR_NAME_SIZE) {
315 pr_info("Reactor %s has a name longer than %d\n",
316 reactor->name, MAX_RV_MONITOR_NAME_SIZE);
317 return -EINVAL;
318 }
319
320 mutex_lock(&rv_interface_lock);
321 retval = __rv_register_reactor(reactor);
322 mutex_unlock(&rv_interface_lock);
323 return retval;
324 }
325
326 /**
327 * rv_unregister_reactor - unregister a rv reactor.
328 * @reactor: The rv_reactor to be unregistered.
329 *
330 * Returns 0 if successful, error otherwise.
331 */
rv_unregister_reactor(struct rv_reactor * reactor)332 int rv_unregister_reactor(struct rv_reactor *reactor)
333 {
334 mutex_lock(&rv_interface_lock);
335 list_del(&reactor->list);
336 mutex_unlock(&rv_interface_lock);
337 return 0;
338 }
339
340 /*
341 * reacting_on interface.
342 */
343 static bool __read_mostly reacting_on;
344
345 /**
346 * rv_reacting_on - checks if reacting is on
347 *
348 * Returns 1 if on, 0 otherwise.
349 */
rv_reacting_on(void)350 bool rv_reacting_on(void)
351 {
352 /* Ensures that concurrent monitors read consistent reacting_on */
353 smp_rmb();
354 return READ_ONCE(reacting_on);
355 }
356
reacting_on_read_data(struct file * filp,char __user * user_buf,size_t count,loff_t * ppos)357 static ssize_t reacting_on_read_data(struct file *filp,
358 char __user *user_buf,
359 size_t count, loff_t *ppos)
360 {
361 char *buff;
362
363 buff = rv_reacting_on() ? "1\n" : "0\n";
364
365 return simple_read_from_buffer(user_buf, count, ppos, buff, strlen(buff)+1);
366 }
367
turn_reacting_off(void)368 static void turn_reacting_off(void)
369 {
370 WRITE_ONCE(reacting_on, false);
371 /* Ensures that concurrent monitors read consistent reacting_on */
372 smp_wmb();
373 }
374
turn_reacting_on(void)375 static void turn_reacting_on(void)
376 {
377 WRITE_ONCE(reacting_on, true);
378 /* Ensures that concurrent monitors read consistent reacting_on */
379 smp_wmb();
380 }
381
reacting_on_write_data(struct file * filp,const char __user * user_buf,size_t count,loff_t * ppos)382 static ssize_t reacting_on_write_data(struct file *filp, const char __user *user_buf,
383 size_t count, loff_t *ppos)
384 {
385 int retval;
386 bool val;
387
388 retval = kstrtobool_from_user(user_buf, count, &val);
389 if (retval)
390 return retval;
391
392 mutex_lock(&rv_interface_lock);
393
394 if (val)
395 turn_reacting_on();
396 else
397 turn_reacting_off();
398
399 /*
400 * Wait for the execution of all events to finish
401 * before returning to user-space.
402 */
403 tracepoint_synchronize_unregister();
404
405 mutex_unlock(&rv_interface_lock);
406
407 return count;
408 }
409
410 static const struct file_operations reacting_on_fops = {
411 .open = simple_open,
412 .write = reacting_on_write_data,
413 .read = reacting_on_read_data,
414 };
415
416 /**
417 * reactor_populate_monitor - creates per monitor reactors file
418 * @mon: The monitor.
419 *
420 * Returns 0 if successful, error otherwise.
421 */
reactor_populate_monitor(struct rv_monitor * mon)422 int reactor_populate_monitor(struct rv_monitor *mon)
423 {
424 struct dentry *tmp;
425
426 tmp = rv_create_file("reactors", RV_MODE_WRITE, mon->root_d, mon, &monitor_reactors_ops);
427 if (!tmp)
428 return -ENOMEM;
429
430 /*
431 * Configure as the rv_nop reactor.
432 */
433 mon->reactor = get_reactor_rdef_by_name("nop");
434
435 return 0;
436 }
437
438 /*
439 * Nop reactor register
440 */
rv_nop_reaction(const char * msg,...)441 __printf(1, 2) static void rv_nop_reaction(const char *msg, ...)
442 {
443 }
444
445 static struct rv_reactor rv_nop = {
446 .name = "nop",
447 .description = "no-operation reactor: do nothing.",
448 .react = rv_nop_reaction
449 };
450
init_rv_reactors(struct dentry * root_dir)451 int init_rv_reactors(struct dentry *root_dir)
452 {
453 struct dentry *available, *reacting;
454 int retval;
455
456 available = rv_create_file("available_reactors", RV_MODE_READ, root_dir, NULL,
457 &available_reactors_ops);
458 if (!available)
459 goto out_err;
460
461 reacting = rv_create_file("reacting_on", RV_MODE_WRITE, root_dir, NULL, &reacting_on_fops);
462 if (!reacting)
463 goto rm_available;
464
465 retval = __rv_register_reactor(&rv_nop);
466 if (retval)
467 goto rm_reacting;
468
469 turn_reacting_on();
470
471 return 0;
472
473 rm_reacting:
474 rv_remove(reacting);
475 rm_available:
476 rv_remove(available);
477 out_err:
478 return -ENOMEM;
479 }
480