/drivers/staging/mei/iorw.c

  1/*
  2 *
  3 * Intel Management Engine Interface (Intel MEI) Linux driver
  4 * Copyright (c) 2003-2011, Intel Corporation.
  5 *
  6 * This program is free software; you can redistribute it and/or modify it
  7 * under the terms and conditions of the GNU General Public License,
  8 * version 2, as published by the Free Software Foundation.
  9 *
 10 * This program is distributed in the hope it will be useful, but WITHOUT
 11 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 12 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
 13 * more details.
 14 *
 15 */
 16
 17
 18#include <linux/kernel.h>
 19#include <linux/fs.h>
 20#include <linux/errno.h>
 21#include <linux/types.h>
 22#include <linux/fcntl.h>
 23#include <linux/aio.h>
 24#include <linux/pci.h>
 25#include <linux/init.h>
 26#include <linux/ioctl.h>
 27#include <linux/cdev.h>
 28#include <linux/list.h>
 29#include <linux/delay.h>
 30#include <linux/sched.h>
 31#include <linux/uuid.h>
 32#include <linux/jiffies.h>
 33#include <linux/uaccess.h>
 34
 35
 36#include "mei_dev.h"
 37#include "hw.h"
 38#include "mei.h"
 39#include "interface.h"
 40#include "mei_version.h"
 41
 42
 43
 44/**
 45 * mei_ioctl_connect_client - the connect to fw client IOCTL function
 46 *
 47 * @dev: the device structure
 48 * @data: IOCTL connect data, input and output parameters
 49 * @file: private data of the file object
 50 *
 51 * Locking: called under "dev->device_lock" lock
 52 *
 53 * returns 0 on success, <0 on failure.
 54 */
 55int mei_ioctl_connect_client(struct file *file,
 56			struct mei_connect_client_data *data)
 57{
 58	struct mei_device *dev;
 59	struct mei_cl_cb *cb;
 60	struct mei_client *client;
 61	struct mei_cl *cl;
 62	struct mei_cl *cl_pos = NULL;
 63	struct mei_cl *cl_next = NULL;
 64	long timeout = CONNECT_TIMEOUT;
 65	int i;
 66	int err;
 67	int rets;
 68
 69	cl = file->private_data;
 70	if (WARN_ON(!cl || !cl->dev))
 71		return -ENODEV;
 72
 73	dev = cl->dev;
 74
 75	dev_dbg(&dev->pdev->dev, "mei_ioctl_connect_client() Entry\n");
 76
 77
 78	/* buffered ioctl cb */
 79	cb = kzalloc(sizeof(struct mei_cl_cb), GFP_KERNEL);
 80	if (!cb) {
 81		rets = -ENOMEM;
 82		goto end;
 83	}
 84	INIT_LIST_HEAD(&cb->cb_list);
 85
 86	cb->major_file_operations = MEI_IOCTL;
 87
 88	if (dev->mei_state != MEI_ENABLED) {
 89		rets = -ENODEV;
 90		goto end;
 91	}
 92	if (cl->state != MEI_FILE_INITIALIZING &&
 93	    cl->state != MEI_FILE_DISCONNECTED) {
 94		rets = -EBUSY;
 95		goto end;
 96	}
 97
 98	/* find ME client we're trying to connect to */
 99	i = mei_find_me_client_index(dev, data->in_client_uuid);
100	if (i >= 0 && !dev->me_clients[i].props.fixed_address) {
101		cl->me_client_id = dev->me_clients[i].client_id;
102		cl->state = MEI_FILE_CONNECTING;
103	}
104
105	dev_dbg(&dev->pdev->dev, "Connect to FW Client ID = %d\n",
106			cl->me_client_id);
107	dev_dbg(&dev->pdev->dev, "FW Client - Protocol Version = %d\n",
108			dev->me_clients[i].props.protocol_version);
109	dev_dbg(&dev->pdev->dev, "FW Client - Max Msg Len = %d\n",
110			dev->me_clients[i].props.max_msg_length);
111
112	/* if we're connecting to amthi client so we will use the exist
113	 * connection
114	 */
115	if (uuid_le_cmp(data->in_client_uuid, mei_amthi_guid) == 0) {
116		dev_dbg(&dev->pdev->dev, "FW Client is amthi\n");
117		if (dev->iamthif_cl.state != MEI_FILE_CONNECTED) {
118			rets = -ENODEV;
119			goto end;
120		}
121		clear_bit(cl->host_client_id, dev->host_clients_map);
122		list_for_each_entry_safe(cl_pos, cl_next,
123					 &dev->file_list, link) {
124			if (mei_cl_cmp_id(cl, cl_pos)) {
125				dev_dbg(&dev->pdev->dev,
126					"remove file private data node host"
127				    " client = %d, ME client = %d.\n",
128				    cl_pos->host_client_id,
129				    cl_pos->me_client_id);
130				list_del(&cl_pos->link);
131			}
132
133		}
134		dev_dbg(&dev->pdev->dev, "free file private data memory.\n");
135		kfree(cl);
136
137		cl = NULL;
138		file->private_data = &dev->iamthif_cl;
139
140		client = &data->out_client_properties;
141		client->max_msg_length =
142			dev->me_clients[i].props.max_msg_length;
143		client->protocol_version =
144			dev->me_clients[i].props.protocol_version;
145		rets = dev->iamthif_cl.status;
146
147		goto end;
148	}
149
150	if (cl->state != MEI_FILE_CONNECTING) {
151		rets = -ENODEV;
152		goto end;
153	}
154
155
156	/* prepare the output buffer */
157	client = &data->out_client_properties;
158	client->max_msg_length = dev->me_clients[i].props.max_msg_length;
159	client->protocol_version = dev->me_clients[i].props.protocol_version;
160	dev_dbg(&dev->pdev->dev, "Can connect?\n");
161	if (dev->mei_host_buffer_is_empty
162	    && !mei_other_client_is_connecting(dev, cl)) {
163		dev_dbg(&dev->pdev->dev, "Sending Connect Message\n");
164		dev->mei_host_buffer_is_empty = false;
165		if (!mei_connect(dev, cl)) {
166			dev_dbg(&dev->pdev->dev, "Sending connect message - failed\n");
167			rets = -ENODEV;
168			goto end;
169		} else {
170			dev_dbg(&dev->pdev->dev, "Sending connect message - succeeded\n");
171			cl->timer_count = MEI_CONNECT_TIMEOUT;
172			cb->file_private = cl;
173			list_add_tail(&cb->cb_list,
174				      &dev->ctrl_rd_list.mei_cb.
175				      cb_list);
176		}
177
178
179	} else {
180		dev_dbg(&dev->pdev->dev, "Queuing the connect request due to device busy\n");
181		cb->file_private = cl;
182		dev_dbg(&dev->pdev->dev, "add connect cb to control write list.\n");
183		list_add_tail(&cb->cb_list,
184			      &dev->ctrl_wr_list.mei_cb.cb_list);
185	}
186	mutex_unlock(&dev->device_lock);
187	err = wait_event_timeout(dev->wait_recvd_msg,
188			(MEI_FILE_CONNECTED == cl->state ||
189			 MEI_FILE_DISCONNECTED == cl->state),
190			timeout * HZ);
191
192	mutex_lock(&dev->device_lock);
193	if (MEI_FILE_CONNECTED == cl->state) {
194		dev_dbg(&dev->pdev->dev, "successfully connected to FW client.\n");
195		rets = cl->status;
196		goto end;
197	} else {
198		dev_dbg(&dev->pdev->dev, "failed to connect to FW client.cl->state = %d.\n",
199		    cl->state);
200		if (!err) {
201			dev_dbg(&dev->pdev->dev,
202				"wait_event_interruptible_timeout failed on client"
203				" connect message fw response message.\n");
204		}
205		rets = -EFAULT;
206
207		mei_io_list_flush(&dev->ctrl_rd_list, cl);
208		mei_io_list_flush(&dev->ctrl_wr_list, cl);
209		goto end;
210	}
211	rets = 0;
212end:
213	dev_dbg(&dev->pdev->dev, "free connect cb memory.");
214	kfree(cb);
215	return rets;
216}
217
218/**
219 * find_amthi_read_list_entry - finds a amthilist entry for current file
220 *
221 * @dev: the device structure
222 * @file: pointer to file object
223 *
224 * returns   returned a list entry on success, NULL on failure.
225 */
226struct mei_cl_cb *find_amthi_read_list_entry(
227		struct mei_device *dev,
228		struct file *file)
229{
230	struct mei_cl *cl_temp;
231	struct mei_cl_cb *cb_pos = NULL;
232	struct mei_cl_cb *cb_next = NULL;
233
234	if (!dev->amthi_read_complete_list.status &&
235	    !list_empty(&dev->amthi_read_complete_list.mei_cb.cb_list)) {
236		list_for_each_entry_safe(cb_pos, cb_next,
237		    &dev->amthi_read_complete_list.mei_cb.cb_list, cb_list) {
238			cl_temp = (struct mei_cl *)cb_pos->file_private;
239			if (cl_temp && cl_temp == &dev->iamthif_cl &&
240				cb_pos->file_object == file)
241				return cb_pos;
242		}
243	}
244	return NULL;
245}
246
247/**
248 * amthi_read - read data from AMTHI client
249 *
250 * @dev: the device structure
251 * @if_num:  minor number
252 * @file: pointer to file object
253 * @*ubuf: pointer to user data in user space
254 * @length: data length to read
255 * @offset: data read offset
256 *
257 * Locking: called under "dev->device_lock" lock
258 *
259 * returns
260 *  returned data length on success,
261 *  zero if no data to read,
262 *  negative on failure.
263 */
264int amthi_read(struct mei_device *dev, struct file *file,
265	      char __user *ubuf, size_t length, loff_t *offset)
266{
267	int rets;
268	int wait_ret;
269	struct mei_cl_cb *cb = NULL;
270	struct mei_cl *cl = file->private_data;
271	unsigned long timeout;
272	int i;
273
274	/* Only Posible if we are in timeout */
275	if (!cl || cl != &dev->iamthif_cl) {
276		dev_dbg(&dev->pdev->dev, "bad file ext.\n");
277		return -ETIMEDOUT;
278	}
279
280	for (i = 0; i < dev->me_clients_num; i++) {
281		if (dev->me_clients[i].client_id ==
282		    dev->iamthif_cl.me_client_id)
283			break;
284	}
285
286	if (i == dev->me_clients_num) {
287		dev_dbg(&dev->pdev->dev, "amthi client not found.\n");
288		return -ENODEV;
289	}
290	if (WARN_ON(dev->me_clients[i].client_id != cl->me_client_id))
291		return -ENODEV;
292
293	dev_dbg(&dev->pdev->dev, "checking amthi data\n");
294	cb = find_amthi_read_list_entry(dev, file);
295
296	/* Check for if we can block or not*/
297	if (cb == NULL && file->f_flags & O_NONBLOCK)
298		return -EAGAIN;
299
300
301	dev_dbg(&dev->pdev->dev, "waiting for amthi data\n");
302	while (cb == NULL) {
303		/* unlock the Mutex */
304		mutex_unlock(&dev->device_lock);
305
306		wait_ret = wait_event_interruptible(dev->iamthif_cl.wait,
307			(cb = find_amthi_read_list_entry(dev, file)));
308
309		if (wait_ret)
310			return -ERESTARTSYS;
311
312		dev_dbg(&dev->pdev->dev, "woke up from sleep\n");
313
314		/* Locking again the Mutex */
315		mutex_lock(&dev->device_lock);
316	}
317
318
319	dev_dbg(&dev->pdev->dev, "Got amthi data\n");
320	dev->iamthif_timer = 0;
321
322	if (cb) {
323		timeout = cb->read_time +
324					msecs_to_jiffies(IAMTHIF_READ_TIMER);
325		dev_dbg(&dev->pdev->dev, "amthi timeout = %lud\n",
326				timeout);
327
328		if  (time_after(jiffies, timeout)) {
329			dev_dbg(&dev->pdev->dev, "amthi Time out\n");
330			/* 15 sec for the message has expired */
331			list_del(&cb->cb_list);
332			rets = -ETIMEDOUT;
333			goto free;
334		}
335	}
336	/* if the whole message will fit remove it from the list */
337	if (cb->information >= *offset &&
338	    length >= (cb->information - *offset))
339		list_del(&cb->cb_list);
340	else if (cb->information > 0 && cb->information <= *offset) {
341		/* end of the message has been reached */
342		list_del(&cb->cb_list);
343		rets = 0;
344		goto free;
345	}
346		/* else means that not full buffer will be read and do not
347		 * remove message from deletion list
348		 */
349
350	dev_dbg(&dev->pdev->dev, "amthi cb->response_buffer size - %d\n",
351	    cb->response_buffer.size);
352	dev_dbg(&dev->pdev->dev, "amthi cb->information - %lu\n",
353	    cb->information);
354
355	/* length is being turncated to PAGE_SIZE, however,
356	 * the information may be longer */
357	length = min_t(size_t, length, (cb->information - *offset));
358
359	if (copy_to_user(ubuf,
360			 cb->response_buffer.data + *offset,
361			 length))
362		rets = -EFAULT;
363	else {
364		rets = length;
365		if ((*offset + length) < cb->information) {
366			*offset += length;
367			goto out;
368		}
369	}
370free:
371	dev_dbg(&dev->pdev->dev, "free amthi cb memory.\n");
372	*offset = 0;
373	mei_free_cb_private(cb);
374out:
375	return rets;
376}
377
378/**
379 * mei_start_read - the start read client message function.
380 *
381 * @dev: the device structure
382 * @if_num:  minor number
383 * @cl: private data of the file object
384 *
385 * returns 0 on success, <0 on failure.
386 */
387int mei_start_read(struct mei_device *dev, struct mei_cl *cl)
388{
389	struct mei_cl_cb *cb;
390	int rets = 0;
391	int i;
392
393	if (cl->state != MEI_FILE_CONNECTED)
394		return -ENODEV;
395
396	if (dev->mei_state != MEI_ENABLED)
397		return -ENODEV;
398
399	dev_dbg(&dev->pdev->dev, "check if read is pending.\n");
400	if (cl->read_pending || cl->read_cb) {
401		dev_dbg(&dev->pdev->dev, "read is pending.\n");
402		return -EBUSY;
403	}
404
405	cb = kzalloc(sizeof(struct mei_cl_cb), GFP_KERNEL);
406	if (!cb)
407		return -ENOMEM;
408
409	dev_dbg(&dev->pdev->dev, "allocation call back successful. host client = %d, ME client = %d\n",
410		cl->host_client_id, cl->me_client_id);
411
412	for (i = 0; i < dev->me_clients_num; i++) {
413		if (dev->me_clients[i].client_id == cl->me_client_id)
414			break;
415
416	}
417
418	if (WARN_ON(dev->me_clients[i].client_id != cl->me_client_id)) {
419		rets = -ENODEV;
420		goto unlock;
421	}
422
423	if (i == dev->me_clients_num) {
424		rets = -ENODEV;
425		goto unlock;
426	}
427
428	cb->response_buffer.size = dev->me_clients[i].props.max_msg_length;
429	cb->response_buffer.data =
430	    kmalloc(cb->response_buffer.size, GFP_KERNEL);
431	if (!cb->response_buffer.data) {
432		rets = -ENOMEM;
433		goto unlock;
434	}
435	dev_dbg(&dev->pdev->dev, "allocation call back data success.\n");
436	cb->major_file_operations = MEI_READ;
437	/* make sure information is zero before we start */
438	cb->information = 0;
439	cb->file_private = (void *) cl;
440	cl->read_cb = cb;
441	if (dev->mei_host_buffer_is_empty) {
442		dev->mei_host_buffer_is_empty = false;
443		if (!mei_send_flow_control(dev, cl)) {
444			rets = -ENODEV;
445			goto unlock;
446		} else {
447			list_add_tail(&cb->cb_list,
448				      &dev->read_list.mei_cb.cb_list);
449		}
450	} else {
451		list_add_tail(&cb->cb_list,
452			      &dev->ctrl_wr_list.mei_cb.cb_list);
453	}
454	return rets;
455unlock:
456	mei_free_cb_private(cb);
457	return rets;
458}
459
460/**
461 * amthi_write - write iamthif data to amthi client
462 *
463 * @dev: the device structure
464 * @cb: mei call back struct
465 *
466 * returns 0 on success, <0 on failure.
467 */
468int amthi_write(struct mei_device *dev, struct mei_cl_cb *cb)
469{
470	struct mei_msg_hdr mei_hdr;
471	int ret;
472
473	if (!dev || !cb)
474		return -ENODEV;
475
476	dev_dbg(&dev->pdev->dev, "write data to amthi client.\n");
477
478	dev->iamthif_state = MEI_IAMTHIF_WRITING;
479	dev->iamthif_current_cb = cb;
480	dev->iamthif_file_object = cb->file_object;
481	dev->iamthif_canceled = false;
482	dev->iamthif_ioctl = true;
483	dev->iamthif_msg_buf_size = cb->request_buffer.size;
484	memcpy(dev->iamthif_msg_buf, cb->request_buffer.data,
485	    cb->request_buffer.size);
486
487	ret = mei_flow_ctrl_creds(dev, &dev->iamthif_cl);
488	if (ret < 0)
489		return ret;
490
491	if (ret && dev->mei_host_buffer_is_empty) {
492		ret = 0;
493		dev->mei_host_buffer_is_empty = false;
494		if (cb->request_buffer.size >
495			(((dev->host_hw_state & H_CBD) >> 24) * sizeof(u32))
496				-sizeof(struct mei_msg_hdr)) {
497			mei_hdr.length =
498			    (((dev->host_hw_state & H_CBD) >> 24) *
499			    sizeof(u32)) - sizeof(struct mei_msg_hdr);
500			mei_hdr.msg_complete = 0;
501		} else {
502			mei_hdr.length = cb->request_buffer.size;
503			mei_hdr.msg_complete = 1;
504		}
505
506		mei_hdr.host_addr = dev->iamthif_cl.host_client_id;
507		mei_hdr.me_addr = dev->iamthif_cl.me_client_id;
508		mei_hdr.reserved = 0;
509		dev->iamthif_msg_buf_index += mei_hdr.length;
510		if (!mei_write_message(dev, &mei_hdr,
511					(unsigned char *)(dev->iamthif_msg_buf),
512					mei_hdr.length))
513			return -ENODEV;
514
515		if (mei_hdr.msg_complete) {
516			if (mei_flow_ctrl_reduce(dev, &dev->iamthif_cl))
517				return -ENODEV;
518			dev->iamthif_flow_control_pending = true;
519			dev->iamthif_state = MEI_IAMTHIF_FLOW_CONTROL;
520			dev_dbg(&dev->pdev->dev, "add amthi cb to write waiting list\n");
521			dev->iamthif_current_cb = cb;
522			dev->iamthif_file_object = cb->file_object;
523			list_add_tail(&cb->cb_list,
524				      &dev->write_waiting_list.mei_cb.cb_list);
525		} else {
526			dev_dbg(&dev->pdev->dev, "message does not complete, "
527					"so add amthi cb to write list.\n");
528			list_add_tail(&cb->cb_list,
529				      &dev->write_list.mei_cb.cb_list);
530		}
531	} else {
532		if (!(dev->mei_host_buffer_is_empty))
533			dev_dbg(&dev->pdev->dev, "host buffer is not empty");
534
535		dev_dbg(&dev->pdev->dev, "No flow control credentials, "
536				"so add iamthif cb to write list.\n");
537		list_add_tail(&cb->cb_list,
538			      &dev->write_list.mei_cb.cb_list);
539	}
540	return 0;
541}
542
543/**
544 * iamthif_ioctl_send_msg - send cmd data to amthi client
545 *
546 * @dev: the device structure
547 *
548 * returns 0 on success, <0 on failure.
549 */
550void mei_run_next_iamthif_cmd(struct mei_device *dev)
551{
552	struct mei_cl *cl_tmp;
553	struct mei_cl_cb *cb_pos = NULL;
554	struct mei_cl_cb *cb_next = NULL;
555	int status;
556
557	if (!dev)
558		return;
559
560	dev->iamthif_msg_buf_size = 0;
561	dev->iamthif_msg_buf_index = 0;
562	dev->iamthif_canceled = false;
563	dev->iamthif_ioctl = true;
564	dev->iamthif_state = MEI_IAMTHIF_IDLE;
565	dev->iamthif_timer = 0;
566	dev->iamthif_file_object = NULL;
567
568	if (dev->amthi_cmd_list.status == 0 &&
569	    !list_empty(&dev->amthi_cmd_list.mei_cb.cb_list)) {
570		dev_dbg(&dev->pdev->dev, "complete amthi cmd_list cb.\n");
571
572		list_for_each_entry_safe(cb_pos, cb_next,
573		    &dev->amthi_cmd_list.mei_cb.cb_list, cb_list) {
574			list_del(&cb_pos->cb_list);
575			cl_tmp = (struct mei_cl *)cb_pos->file_private;
576
577			if (cl_tmp && cl_tmp == &dev->iamthif_cl) {
578				status = amthi_write(dev, cb_pos);
579				if (status) {
580					dev_dbg(&dev->pdev->dev,
581						"amthi write failed status = %d\n",
582							status);
583					return;
584				}
585				break;
586			}
587		}
588	}
589}
590
591/**
592 * mei_free_cb_private - free mei_cb_private related memory
593 *
594 * @cb: mei callback struct
595 */
596void mei_free_cb_private(struct mei_cl_cb *cb)
597{
598	if (cb == NULL)
599		return;
600
601	kfree(cb->request_buffer.data);
602	kfree(cb->response_buffer.data);
603	kfree(cb);
604}