projects / linux-2.6-block.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
staging: mei: expose misc interface instead of char device
[linux-2.6-block.git] / drivers / staging / mei / main.c
CommitLineData
ab841160
OW		 1/*
2 *
3 * Intel Management Engine Interface (Intel MEI) Linux driver
4 * Copyright (c) 2003-2011, Intel Corporation.
5 *
6 * This program is free software; you can redistribute it and/or modify it
7 * under the terms and conditions of the GNU General Public License,
8 * version 2, as published by the Free Software Foundation.
9 *
10 * This program is distributed in the hope it will be useful, but WITHOUT
11 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
12 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
13 * more details.
14 *
15 */
16
ab841160
OW		 17#include <linux/module.h>
18#include <linux/moduleparam.h>
19#include <linux/kernel.h>
20#include <linux/device.h>
21#include <linux/fs.h>
22#include <linux/errno.h>
23#include <linux/types.h>
24#include <linux/fcntl.h>
25#include <linux/aio.h>
26#include <linux/pci.h>
27#include <linux/poll.h>
28#include <linux/init.h>
29#include <linux/ioctl.h>
30#include <linux/cdev.h>
ab841160
OW		 31#include <linux/sched.h>
32#include <linux/uuid.h>
33#include <linux/compat.h>
34#include <linux/jiffies.h>
35#include <linux/interrupt.h>
5b881e3c 36#include <linux/miscdevice.h>
ab841160
OW		 37
38#include "mei_dev.h"
39#include "mei.h"
40#include "interface.h"
41#include "mei_version.h"
42
43
44#define MEI_READ_TIMEOUT 45
45#define MEI_DRIVER_NAME "mei"
46#define MEI_DEV_NAME "mei"
47
48/*
49 * mei driver strings
50 */
51static char mei_driver_name[] = MEI_DRIVER_NAME;
52static const char mei_driver_string[] = "Intel(R) Management Engine Interface";
53static const char mei_driver_version[] = MEI_DRIVER_VERSION;
54
ab841160
OW		 55/* The device pointer */
56/* Currently this driver works as long as there is only a single AMT device. */
4a3cafd5 57struct pci_dev *mei_device;
ab841160 58
ab841160
OW		 59/* mei_pci_tbl - PCI Device ID Table */
60static DEFINE_PCI_DEVICE_TABLE(mei_pci_tbl) = {
61 {PCI_DEVICE(PCI_VENDOR_ID_INTEL, MEI_DEV_ID_82946GZ)},
62 {PCI_DEVICE(PCI_VENDOR_ID_INTEL, MEI_DEV_ID_82G35)},
63 {PCI_DEVICE(PCI_VENDOR_ID_INTEL, MEI_DEV_ID_82Q965)},
64 {PCI_DEVICE(PCI_VENDOR_ID_INTEL, MEI_DEV_ID_82G965)},
65 {PCI_DEVICE(PCI_VENDOR_ID_INTEL, MEI_DEV_ID_82GM965)},
66 {PCI_DEVICE(PCI_VENDOR_ID_INTEL, MEI_DEV_ID_82GME965)},
67 {PCI_DEVICE(PCI_VENDOR_ID_INTEL, MEI_DEV_ID_ICH9_82Q35)},
68 {PCI_DEVICE(PCI_VENDOR_ID_INTEL, MEI_DEV_ID_ICH9_82G33)},
69 {PCI_DEVICE(PCI_VENDOR_ID_INTEL, MEI_DEV_ID_ICH9_82Q33)},
70 {PCI_DEVICE(PCI_VENDOR_ID_INTEL, MEI_DEV_ID_ICH9_82X38)},
71 {PCI_DEVICE(PCI_VENDOR_ID_INTEL, MEI_DEV_ID_ICH9_3200)},
72 {PCI_DEVICE(PCI_VENDOR_ID_INTEL, MEI_DEV_ID_ICH9_6)},
73 {PCI_DEVICE(PCI_VENDOR_ID_INTEL, MEI_DEV_ID_ICH9_7)},
74 {PCI_DEVICE(PCI_VENDOR_ID_INTEL, MEI_DEV_ID_ICH9_8)},
75 {PCI_DEVICE(PCI_VENDOR_ID_INTEL, MEI_DEV_ID_ICH9_9)},
76 {PCI_DEVICE(PCI_VENDOR_ID_INTEL, MEI_DEV_ID_ICH9_10)},
77 {PCI_DEVICE(PCI_VENDOR_ID_INTEL, MEI_DEV_ID_ICH9M_1)},
78 {PCI_DEVICE(PCI_VENDOR_ID_INTEL, MEI_DEV_ID_ICH9M_2)},
79 {PCI_DEVICE(PCI_VENDOR_ID_INTEL, MEI_DEV_ID_ICH9M_3)},
80 {PCI_DEVICE(PCI_VENDOR_ID_INTEL, MEI_DEV_ID_ICH9M_4)},
81 {PCI_DEVICE(PCI_VENDOR_ID_INTEL, MEI_DEV_ID_ICH10_1)},
82 {PCI_DEVICE(PCI_VENDOR_ID_INTEL, MEI_DEV_ID_ICH10_2)},
83 {PCI_DEVICE(PCI_VENDOR_ID_INTEL, MEI_DEV_ID_ICH10_3)},
84 {PCI_DEVICE(PCI_VENDOR_ID_INTEL, MEI_DEV_ID_ICH10_4)},
85 {PCI_DEVICE(PCI_VENDOR_ID_INTEL, MEI_DEV_ID_IBXPK_1)},
86 {PCI_DEVICE(PCI_VENDOR_ID_INTEL, MEI_DEV_ID_IBXPK_2)},
87 {PCI_DEVICE(PCI_VENDOR_ID_INTEL, MEI_DEV_ID_CPT_1)},
88 {PCI_DEVICE(PCI_VENDOR_ID_INTEL, MEI_DEV_ID_PBG_1)},
89 {PCI_DEVICE(PCI_VENDOR_ID_INTEL, MEI_DEV_ID_PPT_1)},
90 {PCI_DEVICE(PCI_VENDOR_ID_INTEL, MEI_DEV_ID_PPT_2)},
91 {PCI_DEVICE(PCI_VENDOR_ID_INTEL, MEI_DEV_ID_PPT_3)},
92
93 /* required last entry */
94 {0, }
95};
96
97MODULE_DEVICE_TABLE(pci, mei_pci_tbl);
98
99static DEFINE_MUTEX(mei_mutex);
100
ab841160
OW		 101
102/**
103 * mei_clear_list - removes all callbacks associated with file
104 * from mei_cb_list
105 *
106 * @dev: device structure.
107 * @file: file structure
108 * @mei_cb_list: callbacks list
109 *
110 * mei_clear_list is called to clear resources associated with file
111 * when application calls close function or Ctrl-C was pressed
112 *
113 * returns true if callback removed from the list, false otherwise
114 */
115static bool mei_clear_list(struct mei_device *dev,
116 struct file *file, struct list_head *mei_cb_list)
117{
118 struct mei_cl_cb *cb_pos = NULL;
119 struct mei_cl_cb *cb_next = NULL;
120 struct file *file_temp;
121 bool removed = false;
122
123 /* list all list member */
124 list_for_each_entry_safe(cb_pos, cb_next, mei_cb_list, cb_list) {
125 file_temp = (struct file *)cb_pos->file_object;
126 /* check if list member associated with a file */
127 if (file_temp == file) {
128 /* remove member from the list */
129 list_del(&cb_pos->cb_list);
130 /* check if cb equal to current iamthif cb */
131 if (dev->iamthif_current_cb == cb_pos) {
132 dev->iamthif_current_cb = NULL;
133 /* send flow control to iamthif client */
134 mei_send_flow_control(dev, &dev->iamthif_cl);
135 }
136 /* free all allocated buffers */
137 mei_free_cb_private(cb_pos);
138 cb_pos = NULL;
139 removed = true;
140 }
141 }
142 return removed;
143}
144
145/**
146 * mei_clear_lists - removes all callbacks associated with file
147 *
148 * @dev: device structure
149 * @file: file structure
150 *
151 * mei_clear_lists is called to clear resources associated with file
152 * when application calls close function or Ctrl-C was pressed
153 *
154 * returns true if callback removed from the list, false otherwise
155 */
156static bool mei_clear_lists(struct mei_device *dev, struct file *file)
157{
158 bool removed = false;
159
160 /* remove callbacks associated with a file */
161 mei_clear_list(dev, file, &dev->amthi_cmd_list.mei_cb.cb_list);
162 if (mei_clear_list(dev, file,
163 &dev->amthi_read_complete_list.mei_cb.cb_list))
164 removed = true;
165
166 mei_clear_list(dev, file, &dev->ctrl_rd_list.mei_cb.cb_list);
167
168 if (mei_clear_list(dev, file, &dev->ctrl_wr_list.mei_cb.cb_list))
169 removed = true;
170
171 if (mei_clear_list(dev, file, &dev->write_waiting_list.mei_cb.cb_list))
172 removed = true;
173
174 if (mei_clear_list(dev, file, &dev->write_list.mei_cb.cb_list))
175 removed = true;
176
177 /* check if iamthif_current_cb not NULL */
178 if (dev->iamthif_current_cb && !removed) {
179 /* check file and iamthif current cb association */
180 if (dev->iamthif_current_cb->file_object == file) {
181 /* remove cb */
182 mei_free_cb_private(dev->iamthif_current_cb);
183 dev->iamthif_current_cb = NULL;
184 removed = true;
185 }
186 }
187 return removed;
188}
189/**
190 * find_read_list_entry - find read list entry
191 *
192 * @dev: device structure
193 * @file: pointer to file structure
194 *
195 * returns cb on success, NULL on error
196 */
197static struct mei_cl_cb *find_read_list_entry(
198 struct mei_device *dev,
199 struct mei_cl *cl)
200{
201 struct mei_cl_cb *cb_pos = NULL;
202 struct mei_cl_cb *cb_next = NULL;
ab841160
OW		 203
204 if (!dev->read_list.status &&
205 !list_empty(&dev->read_list.mei_cb.cb_list)) {
206
207 dev_dbg(&dev->pdev->dev, "remove read_list CB\n");
208 list_for_each_entry_safe(cb_pos, cb_next,
209 &dev->read_list.mei_cb.cb_list, cb_list) {
0288c7c9
TW		 210 struct mei_cl *cl_temp;
211 cl_temp = (struct mei_cl *)cb_pos->file_private;
ab841160 212
0288c7c9 213 if (mei_cl_cmp_id(cl, cl_temp))
ab841160 214 return cb_pos;
ab841160
OW		 215 }
216 }
217 return NULL;
218}
219
220/**
221 * mei_open - the open function
222 *
223 * @inode: pointer to inode structure
224 * @file: pointer to file structure
225 *
226 * returns 0 on success, <0 on error
227 */
228static int mei_open(struct inode *inode, struct file *file)
229{
230 struct mei_cl *cl;
5b881e3c 231 int err;
ab841160
OW		 232 struct mei_device *dev;
233
234 err = -ENODEV;
235 if (!mei_device)
236 goto out;
237
238 dev = pci_get_drvdata(mei_device);
5b881e3c 239 if (!dev)
ab841160
OW		 240 goto out;
241
242 mutex_lock(&dev->device_lock);
243 err = -ENOMEM;
c95efb74 244 cl = mei_cl_allocate(dev);
ab841160 245 if (!cl)
303dfbf5 246 goto out_unlock;
ab841160
OW		 247
248 err = -ENODEV;
249 if (dev->mei_state != MEI_ENABLED) {
250 dev_dbg(&dev->pdev->dev, "mei_state != MEI_ENABLED mei_state= %d\n",
251 dev->mei_state);
252 goto out_unlock;
253 }
254 err = -EMFILE;
255 if (dev->open_handle_count >= MEI_MAX_OPEN_HANDLE_COUNT)
256 goto out_unlock;
257
258 cl->host_client_id = find_first_zero_bit(dev->host_clients_map,
259 MEI_CLIENTS_MAX);
260 if (cl->host_client_id > MEI_CLIENTS_MAX)
261 goto out_unlock;
262
263 dev_dbg(&dev->pdev->dev, "client_id = %d\n", cl->host_client_id);
264
265 dev->open_handle_count++;
266 list_add_tail(&cl->link, &dev->file_list);
267
268 set_bit(cl->host_client_id, dev->host_clients_map);
269 cl->state = MEI_FILE_INITIALIZING;
270 cl->sm_state = 0;
271
272 file->private_data = cl;
273 mutex_unlock(&dev->device_lock);
274
5b881e3c 275 return nonseekable_open(inode, file);
ab841160
OW		 276
277out_unlock:
278 mutex_unlock(&dev->device_lock);
279 kfree(cl);
280out:
281 return err;
282}
283
284/**
285 * mei_release - the release function
286 *
287 * @inode: pointer to inode structure
288 * @file: pointer to file structure
289 *
290 * returns 0 on success, <0 on error
291 */
292static int mei_release(struct inode *inode, struct file *file)
293{
294 struct mei_cl *cl = file->private_data;
295 struct mei_cl_cb *cb;
296 struct mei_device *dev;
297 int rets = 0;
298
299 if (WARN_ON(!cl || !cl->dev))
300 return -ENODEV;
301
302 dev = cl->dev;
303
304 mutex_lock(&dev->device_lock);
305 if (cl != &dev->iamthif_cl) {
306 if (cl->state == MEI_FILE_CONNECTED) {
307 cl->state = MEI_FILE_DISCONNECTING;
308 dev_dbg(&dev->pdev->dev,
309 "disconnecting client host client = %d, "
310 "ME client = %d\n",
311 cl->host_client_id,
312 cl->me_client_id);
313 rets = mei_disconnect_host_client(dev, cl);
314 }
0288c7c9 315 mei_cl_flush_queues(cl);
ab841160
OW		 316 dev_dbg(&dev->pdev->dev, "remove client host client = %d, ME client = %d\n",
317 cl->host_client_id,
318 cl->me_client_id);
319
320 if (dev->open_handle_count > 0) {
321 clear_bit(cl->host_client_id,
322 dev->host_clients_map);
323 dev->open_handle_count--;
324 }
325 mei_remove_client_from_file_list(dev, cl->host_client_id);
326
327 /* free read cb */
328 cb = NULL;
329 if (cl->read_cb) {
330 cb = find_read_list_entry(dev, cl);
331 /* Remove entry from read list */
332 if (cb)
333 list_del(&cb->cb_list);
334
335 cb = cl->read_cb;
336 cl->read_cb = NULL;
337 }
338
339 file->private_data = NULL;
340
341 if (cb) {
342 mei_free_cb_private(cb);
343 cb = NULL;
344 }
345
346 kfree(cl);
347 } else {
348 if (dev->open_handle_count > 0)
349 dev->open_handle_count--;
350
351 if (dev->iamthif_file_object == file &&
352 dev->iamthif_state != MEI_IAMTHIF_IDLE) {
353
354 dev_dbg(&dev->pdev->dev, "amthi canceled iamthif state %d\n",
355 dev->iamthif_state);
eb9af0ac 356 dev->iamthif_canceled = true;
ab841160
OW		 357 if (dev->iamthif_state == MEI_IAMTHIF_READ_COMPLETE) {
358 dev_dbg(&dev->pdev->dev, "run next amthi iamthif cb\n");
c95efb74 359 mei_run_next_iamthif_cmd(dev);
ab841160
OW		 360 }
361 }
362
363 if (mei_clear_lists(dev, file))
364 dev->iamthif_state = MEI_IAMTHIF_IDLE;
365
366 }
367 mutex_unlock(&dev->device_lock);
368 return rets;
369}
370
371
372/**
373 * mei_read - the read function.
374 *
375 * @file: pointer to file structure
376 * @ubuf: pointer to user buffer
377 * @length: buffer length
378 * @offset: data offset in buffer
379 *
380 * returns >=0 data length on success , <0 on error
381 */
382static ssize_t mei_read(struct file *file, char __user *ubuf,
383 size_t length, loff_t *offset)
384{
385 struct mei_cl *cl = file->private_data;
386 struct mei_cl_cb *cb_pos = NULL;
387 struct mei_cl_cb *cb = NULL;
388 struct mei_device *dev;
389 int i;
390 int rets;
391 int err;
392
393
394 if (WARN_ON(!cl || !cl->dev))
395 return -ENODEV;
396
397 dev = cl->dev;
398
399 mutex_lock(&dev->device_lock);
400 if (dev->mei_state != MEI_ENABLED) {
401 rets = -ENODEV;
402 goto out;
403 }
404
405 if ((cl->sm_state & MEI_WD_STATE_INDEPENDENCE_MSG_SENT) == 0) {
406 /* Do not allow to read watchdog client */
407 i = mei_find_me_client_index(dev, mei_wd_guid);
408 if (i >= 0) {
409 struct mei_me_client *me_client = &dev->me_clients[i];
410
411 if (cl->me_client_id == me_client->client_id) {
412 rets = -EBADF;
413 goto out;
414 }
415 }
416 } else {
417 cl->sm_state &= ~MEI_WD_STATE_INDEPENDENCE_MSG_SENT;
418 }
419
420 if (cl == &dev->iamthif_cl) {
421 rets = amthi_read(dev, file, ubuf, length, offset);
422 goto out;
423 }
424
425 if (cl->read_cb && cl->read_cb->information > *offset) {
426 cb = cl->read_cb;
427 goto copy_buffer;
428 } else if (cl->read_cb && cl->read_cb->information > 0 &&
429 cl->read_cb->information <= *offset) {
430 cb = cl->read_cb;
431 rets = 0;
432 goto free;
433 } else if ((!cl->read_cb || !cl->read_cb->information) &&
434 *offset > 0) {
435 /*Offset needs to be cleaned for contingous reads*/
436 *offset = 0;
437 rets = 0;
438 goto out;
439 }
440
441 err = mei_start_read(dev, cl);
442 if (err && err != -EBUSY) {
443 dev_dbg(&dev->pdev->dev,
444 "mei start read failure with status = %d\n", err);
445 rets = err;
446 goto out;
447 }
448
449 if (MEI_READ_COMPLETE != cl->reading_state &&
450 !waitqueue_active(&cl->rx_wait)) {
451 if (file->f_flags & O_NONBLOCK) {
452 rets = -EAGAIN;
453 goto out;
454 }
455
456 mutex_unlock(&dev->device_lock);
457
458 if (wait_event_interruptible(cl->rx_wait,
459 (MEI_READ_COMPLETE == cl->reading_state ||
460 MEI_FILE_INITIALIZING == cl->state ||
461 MEI_FILE_DISCONNECTED == cl->state ||
462 MEI_FILE_DISCONNECTING == cl->state))) {
463 if (signal_pending(current))
464 return -EINTR;
465 return -ERESTARTSYS;
466 }
467
468 mutex_lock(&dev->device_lock);
469 if (MEI_FILE_INITIALIZING == cl->state ||
470 MEI_FILE_DISCONNECTED == cl->state ||
471 MEI_FILE_DISCONNECTING == cl->state) {
472 rets = -EBUSY;
473 goto out;
474 }
475 }
476
477 cb = cl->read_cb;
478
479 if (!cb) {
480 rets = -ENODEV;
481 goto out;
482 }
483 if (cl->reading_state != MEI_READ_COMPLETE) {
484 rets = 0;
485 goto out;
486 }
487 /* now copy the data to user space */
488copy_buffer:
489 dev_dbg(&dev->pdev->dev, "cb->response_buffer size - %d\n",
490 cb->response_buffer.size);
491 dev_dbg(&dev->pdev->dev, "cb->information - %lu\n",
492 cb->information);
493 if (length == 0 || ubuf == NULL || *offset > cb->information) {
494 rets = -EMSGSIZE;
495 goto free;
496 }
497
498 /* length is being turncated to PAGE_SIZE, however, */
499 /* information size may be longer */
500 length = min_t(size_t, length, (cb->information - *offset));
501
502 if (copy_to_user(ubuf,
503 cb->response_buffer.data + *offset,
504 length)) {
505 rets = -EFAULT;
506 goto free;
507 }
508
509 rets = length;
510 *offset += length;
511 if ((unsigned long)*offset < cb->information)
512 goto out;
513
514free:
515 cb_pos = find_read_list_entry(dev, cl);
516 /* Remove entry from read list */
517 if (cb_pos)
518 list_del(&cb_pos->cb_list);
519 mei_free_cb_private(cb);
520 cl->reading_state = MEI_IDLE;
521 cl->read_cb = NULL;
522 cl->read_pending = 0;
523out:
524 dev_dbg(&dev->pdev->dev, "end mei read rets= %d\n", rets);
525 mutex_unlock(&dev->device_lock);
526 return rets;
527}
528
529/**
530 * mei_write - the write function.
531 *
532 * @file: pointer to file structure
533 * @ubuf: pointer to user buffer
534 * @length: buffer length
535 * @offset: data offset in buffer
536 *
537 * returns >=0 data length on success , <0 on error
538 */
539static ssize_t mei_write(struct file *file, const char __user *ubuf,
540 size_t length, loff_t *offset)
541{
542 struct mei_cl *cl = file->private_data;
543 struct mei_cl_cb *write_cb = NULL;
544 struct mei_msg_hdr mei_hdr;
545 struct mei_device *dev;
546 unsigned long timeout = 0;
547 int rets;
548 int i;
549
550 if (WARN_ON(!cl || !cl->dev))
551 return -ENODEV;
552
553 dev = cl->dev;
554
555 mutex_lock(&dev->device_lock);
556
557 if (dev->mei_state != MEI_ENABLED) {
558 mutex_unlock(&dev->device_lock);
559 return -ENODEV;
560 }
561
562 if (cl == &dev->iamthif_cl) {
563 write_cb = find_amthi_read_list_entry(dev, file);
564
565 if (write_cb) {
566 timeout = write_cb->read_time +
567 msecs_to_jiffies(IAMTHIF_READ_TIMER);
568
569 if (time_after(jiffies, timeout) ||
570 cl->reading_state == MEI_READ_COMPLETE) {
571 *offset = 0;
572 list_del(&write_cb->cb_list);
573 mei_free_cb_private(write_cb);
574 write_cb = NULL;
575 }
576 }
577 }
578
579 /* free entry used in read */
580 if (cl->reading_state == MEI_READ_COMPLETE) {
581 *offset = 0;
582 write_cb = find_read_list_entry(dev, cl);
583 if (write_cb) {
584 list_del(&write_cb->cb_list);
585 mei_free_cb_private(write_cb);
586 write_cb = NULL;
587 cl->reading_state = MEI_IDLE;
588 cl->read_cb = NULL;
589 cl->read_pending = 0;
590 }
591 } else if (cl->reading_state == MEI_IDLE &&
592 !cl->read_pending)
593 *offset = 0;
594
595
596 write_cb = kzalloc(sizeof(struct mei_cl_cb), GFP_KERNEL);
597 if (!write_cb) {
598 mutex_unlock(&dev->device_lock);
599 return -ENOMEM;
600 }
601
602 write_cb->file_object = file;
603 write_cb->file_private = cl;
604 write_cb->request_buffer.data = kmalloc(length, GFP_KERNEL);
605 rets = -ENOMEM;
606 if (!write_cb->request_buffer.data)
607 goto unlock_dev;
608
609 dev_dbg(&dev->pdev->dev, "length =%d\n", (int) length);
610
611 rets = -EFAULT;
612 if (copy_from_user(write_cb->request_buffer.data, ubuf, length))
613 goto unlock_dev;
614
615 cl->sm_state = 0;
616 if (length == 4 &&
617 ((memcmp(mei_wd_state_independence_msg[0],
618 write_cb->request_buffer.data, 4) == 0) ||
619 (memcmp(mei_wd_state_independence_msg[1],
620 write_cb->request_buffer.data, 4) == 0) ||
621 (memcmp(mei_wd_state_independence_msg[2],
622 write_cb->request_buffer.data, 4) == 0)))
623 cl->sm_state |= MEI_WD_STATE_INDEPENDENCE_MSG_SENT;
624
625 INIT_LIST_HEAD(&write_cb->cb_list);
626 if (cl == &dev->iamthif_cl) {
627 write_cb->response_buffer.data =
628 kmalloc(dev->iamthif_mtu, GFP_KERNEL);
629 if (!write_cb->response_buffer.data) {
630 rets = -ENOMEM;
631 goto unlock_dev;
632 }
633 if (dev->mei_state != MEI_ENABLED) {
634 rets = -ENODEV;
635 goto unlock_dev;
636 }
cf9673da 637 for (i = 0; i < dev->me_clients_num; i++) {
ab841160
OW		 638 if (dev->me_clients[i].client_id ==
639 dev->iamthif_cl.me_client_id)
640 break;
641 }
642
643 if (WARN_ON(dev->me_clients[i].client_id != cl->me_client_id)) {
644 rets = -ENODEV;
645 goto unlock_dev;
646 }
cf9673da 647 if (i == dev->me_clients_num ||
ab841160
OW		 648 (dev->me_clients[i].client_id !=
649 dev->iamthif_cl.me_client_id)) {
650 rets = -ENODEV;
651 goto unlock_dev;
652 } else if (length > dev->me_clients[i].props.max_msg_length ||
653 length <= 0) {
654 rets = -EMSGSIZE;
655 goto unlock_dev;
656 }
657
658 write_cb->response_buffer.size = dev->iamthif_mtu;
659 write_cb->major_file_operations = MEI_IOCTL;
660 write_cb->information = 0;
661 write_cb->request_buffer.size = length;
662 if (dev->iamthif_cl.state != MEI_FILE_CONNECTED) {
663 rets = -ENODEV;
664 goto unlock_dev;
665 }
666
667 if (!list_empty(&dev->amthi_cmd_list.mei_cb.cb_list) ||
668 dev->iamthif_state != MEI_IAMTHIF_IDLE) {
669 dev_dbg(&dev->pdev->dev, "amthi_state = %d\n",
670 (int) dev->iamthif_state);
671 dev_dbg(&dev->pdev->dev, "add amthi cb to amthi cmd waiting list\n");
672 list_add_tail(&write_cb->cb_list,
673 &dev->amthi_cmd_list.mei_cb.cb_list);
674 rets = length;
675 } else {
676 dev_dbg(&dev->pdev->dev, "call amthi write\n");
677 rets = amthi_write(dev, write_cb);
678
679 if (rets) {
680 dev_dbg(&dev->pdev->dev, "amthi write failed with status = %d\n",
681 rets);
682 goto unlock_dev;
683 }
684 rets = length;
685 }
686 mutex_unlock(&dev->device_lock);
687 return rets;
688 }
689
690 write_cb->major_file_operations = MEI_WRITE;
691 /* make sure information is zero before we start */
692
693 write_cb->information = 0;
694 write_cb->request_buffer.size = length;
695
696 dev_dbg(&dev->pdev->dev, "host client = %d, ME client = %d\n",
697 cl->host_client_id, cl->me_client_id);
698 if (cl->state != MEI_FILE_CONNECTED) {
699 rets = -ENODEV;
700 dev_dbg(&dev->pdev->dev, "host client = %d, is not connected to ME client = %d",
701 cl->host_client_id,
702 cl->me_client_id);
703 goto unlock_dev;
704 }
cf9673da 705 for (i = 0; i < dev->me_clients_num; i++) {
ab841160
OW		 706 if (dev->me_clients[i].client_id ==
707 cl->me_client_id)
708 break;
709 }
710 if (WARN_ON(dev->me_clients[i].client_id != cl->me_client_id)) {
711 rets = -ENODEV;
712 goto unlock_dev;
713 }
cf9673da 714 if (i == dev->me_clients_num) {
ab841160
OW		 715 rets = -ENODEV;
716 goto unlock_dev;
717 }
718 if (length > dev->me_clients[i].props.max_msg_length || length <= 0) {
719 rets = -EINVAL;
720 goto unlock_dev;
721 }
722 write_cb->file_private = cl;
723
724 rets = mei_flow_ctrl_creds(dev, cl);
725 if (rets < 0)
726 goto unlock_dev;
727
728 if (rets && dev->mei_host_buffer_is_empty) {
729 rets = 0;
eb9af0ac 730 dev->mei_host_buffer_is_empty = false;
ab841160
OW		 731 if (length > ((((dev->host_hw_state & H_CBD) >> 24) *
732 sizeof(u32)) - sizeof(struct mei_msg_hdr))) {
733
734 mei_hdr.length =
735 (((dev->host_hw_state & H_CBD) >> 24) *
736 sizeof(u32)) -
737 sizeof(struct mei_msg_hdr);
738 mei_hdr.msg_complete = 0;
739 } else {
740 mei_hdr.length = length;
741 mei_hdr.msg_complete = 1;
742 }
743 mei_hdr.host_addr = cl->host_client_id;
744 mei_hdr.me_addr = cl->me_client_id;
745 mei_hdr.reserved = 0;
746 dev_dbg(&dev->pdev->dev, "call mei_write_message header=%08x.\n",
747 *((u32 *) &mei_hdr));
748 if (!mei_write_message(dev, &mei_hdr,
749 (unsigned char *) (write_cb->request_buffer.data),
750 mei_hdr.length)) {
751 rets = -ENODEV;
752 goto unlock_dev;
753 }
754 cl->writing_state = MEI_WRITING;
755 write_cb->information = mei_hdr.length;
756 if (mei_hdr.msg_complete) {
757 if (mei_flow_ctrl_reduce(dev, cl)) {
758 rets = -ENODEV;
759 goto unlock_dev;
760 }
761 list_add_tail(&write_cb->cb_list,
762 &dev->write_waiting_list.mei_cb.cb_list);
763 } else {
764 list_add_tail(&write_cb->cb_list,
765 &dev->write_list.mei_cb.cb_list);
766 }
767
768 } else {
769
770 write_cb->information = 0;
771 cl->writing_state = MEI_WRITING;
772 list_add_tail(&write_cb->cb_list,
773 &dev->write_list.mei_cb.cb_list);
774 }
775 mutex_unlock(&dev->device_lock);
776 return length;
777
778unlock_dev:
779 mutex_unlock(&dev->device_lock);
780 mei_free_cb_private(write_cb);
781 return rets;
782}
783
784
785/**
786 * mei_ioctl - the IOCTL function
787 *
788 * @file: pointer to file structure
789 * @cmd: ioctl command
790 * @data: pointer to mei message structure
791 *
792 * returns 0 on success , <0 on error
793 */
794static long mei_ioctl(struct file *file, unsigned int cmd, unsigned long data)
795{
796 struct mei_device *dev;
797 struct mei_cl *cl = file->private_data;
798 struct mei_connect_client_data *connect_data = NULL;
799 int rets;
800
801 if (cmd != IOCTL_MEI_CONNECT_CLIENT)
802 return -EINVAL;
803
804 if (WARN_ON(!cl || !cl->dev))
805 return -ENODEV;
806
807 dev = cl->dev;
808
809 dev_dbg(&dev->pdev->dev, "IOCTL cmd = 0x%x", cmd);
810
811 mutex_lock(&dev->device_lock);
812 if (dev->mei_state != MEI_ENABLED) {
813 rets = -ENODEV;
814 goto out;
815 }
816
817 dev_dbg(&dev->pdev->dev, ": IOCTL_MEI_CONNECT_CLIENT.\n");
818
819 connect_data = kzalloc(sizeof(struct mei_connect_client_data),
820 GFP_KERNEL);
821 if (!connect_data) {
822 rets = -ENOMEM;
823 goto out;
824 }
825 dev_dbg(&dev->pdev->dev, "copy connect data from user\n");
826 if (copy_from_user(connect_data, (char __user *)data,
827 sizeof(struct mei_connect_client_data))) {
828 dev_dbg(&dev->pdev->dev, "failed to copy data from userland\n");
829 rets = -EFAULT;
830 goto out;
831 }
832 rets = mei_ioctl_connect_client(file, connect_data);
833
834 /* if all is ok, copying the data back to user. */
835 if (rets)
836 goto out;
837
838 dev_dbg(&dev->pdev->dev, "copy connect data to user\n");
839 if (copy_to_user((char __user *)data, connect_data,
840 sizeof(struct mei_connect_client_data))) {
841 dev_dbg(&dev->pdev->dev, "failed to copy data to userland\n");
842 rets = -EFAULT;
843 goto out;
844 }
845
846out:
847 kfree(connect_data);
848 mutex_unlock(&dev->device_lock);
849 return rets;
850}
851
852/**
853 * mei_compat_ioctl - the compat IOCTL function
854 *
855 * @file: pointer to file structure
856 * @cmd: ioctl command
857 * @data: pointer to mei message structure
858 *
859 * returns 0 on success , <0 on error
860 */
861#ifdef CONFIG_COMPAT
862static long mei_compat_ioctl(struct file *file,
863 unsigned int cmd, unsigned long data)
864{
865 return mei_ioctl(file, cmd, (unsigned long)compat_ptr(data));
866}
867#endif
868
869
870/**
871 * mei_poll - the poll function
872 *
873 * @file: pointer to file structure
874 * @wait: pointer to poll_table structure
875 *
876 * returns poll mask
877 */
878static unsigned int mei_poll(struct file *file, poll_table *wait)
879{
880 struct mei_cl *cl = file->private_data;
881 struct mei_device *dev;
882 unsigned int mask = 0;
883
884 if (WARN_ON(!cl || !cl->dev))
885 return mask;
886
887 dev = cl->dev;
888
889 mutex_lock(&dev->device_lock);
890
891 if (dev->mei_state != MEI_ENABLED)
892 goto out;
893
894
895 if (cl == &dev->iamthif_cl) {
896 mutex_unlock(&dev->device_lock);
897 poll_wait(file, &dev->iamthif_cl.wait, wait);
898 mutex_lock(&dev->device_lock);
899 if (dev->iamthif_state == MEI_IAMTHIF_READ_COMPLETE &&
900 dev->iamthif_file_object == file) {
901 mask |= (POLLIN | POLLRDNORM);
902 dev_dbg(&dev->pdev->dev, "run next amthi cb\n");
c95efb74 903 mei_run_next_iamthif_cmd(dev);
ab841160
OW		 904 }
905 goto out;
906 }
907
908 mutex_unlock(&dev->device_lock);
909 poll_wait(file, &cl->tx_wait, wait);
910 mutex_lock(&dev->device_lock);
911 if (MEI_WRITE_COMPLETE == cl->writing_state)
912 mask |= (POLLIN | POLLRDNORM);
913
914out:
915 mutex_unlock(&dev->device_lock);
916 return mask;
917}
918
5b881e3c
OW		 919/*
920 * file operations structure will be used for mei char device.
921 */
922static const struct file_operations mei_fops = {
923 .owner = THIS_MODULE,
924 .read = mei_read,
925 .unlocked_ioctl = mei_ioctl,
926#ifdef CONFIG_COMPAT
927 .compat_ioctl = mei_compat_ioctl,
928#endif
929 .open = mei_open,
930 .release = mei_release,
931 .write = mei_write,
932 .poll = mei_poll,
933 .llseek = no_llseek
934};
935
936
937/*
938 * Misc Device Struct
939 */
940static struct miscdevice mei_misc_device = {
941 .name = MEI_DRIVER_NAME,
942 .fops = &mei_fops,
943 .minor = MISC_DYNAMIC_MINOR,
944};
945
946/**
947 * mei_probe - Device Initialization Routine
948 *
949 * @pdev: PCI device structure
950 * @ent: entry in kcs_pci_tbl
951 *
952 * returns 0 on success, <0 on failure.
953 */
954static int __devinit mei_probe(struct pci_dev *pdev,
955 const struct pci_device_id *ent)
956{
957 struct mei_device *dev;
958 int err;
959
960 mutex_lock(&mei_mutex);
961 if (mei_device) {
962 err = -EEXIST;
963 goto end;
964 }
965 /* enable pci dev */
966 err = pci_enable_device(pdev);
967 if (err) {
968 printk(KERN_ERR "mei: Failed to enable pci device.\n");
969 goto end;
970 }
971 /* set PCI host mastering */
972 pci_set_master(pdev);
973 /* pci request regions for mei driver */
974 err = pci_request_regions(pdev, mei_driver_name);
975 if (err) {
976 printk(KERN_ERR "mei: Failed to get pci regions.\n");
977 goto disable_device;
978 }
979 /* allocates and initializes the mei dev structure */
980 dev = mei_device_init(pdev);
981 if (!dev) {
982 err = -ENOMEM;
983 goto release_regions;
984 }
985 /* mapping IO device memory */
986 dev->mem_addr = pci_iomap(pdev, 0, 0);
987 if (!dev->mem_addr) {
988 printk(KERN_ERR "mei: mapping I/O device memory failure.\n");
989 err = -ENOMEM;
990 goto free_device;
991 }
992 pci_enable_msi(pdev);
993
994 /* request and enable interrupt */
995 if (pci_dev_msi_enabled(pdev))
996 err = request_threaded_irq(pdev->irq,
997 NULL,
998 mei_interrupt_thread_handler,
999 0, mei_driver_name, dev);
1000 else
1001 err = request_threaded_irq(pdev->irq,
1002 mei_interrupt_quick_handler,
1003 mei_interrupt_thread_handler,
1004 IRQF_SHARED, mei_driver_name, dev);
1005
1006 if (err) {
1007 printk(KERN_ERR "mei: request_threaded_irq failure. irq = %d\n",
1008 pdev->irq);
1009 goto unmap_memory;
1010 }
1011 INIT_DELAYED_WORK(&dev->timer_work, mei_timer);
1012 if (mei_hw_init(dev)) {
1013 printk(KERN_ERR "mei: Init hw failure.\n");
1014 err = -ENODEV;
1015 goto release_irq;
1016 }
1017
1018 err = misc_register(&mei_misc_device);
1019 if (err)
1020 goto release_irq;
1021
1022 mei_device = pdev;
1023 pci_set_drvdata(pdev, dev);
1024
1025
1026 schedule_delayed_work(&dev->timer_work, HZ);
1027
1028 mutex_unlock(&mei_mutex);
1029
1030 pr_debug("mei: Driver initialization successful.\n");
1031
1032 return 0;
1033
1034release_irq:
1035 /* disable interrupts */
1036 dev->host_hw_state = mei_hcsr_read(dev);
1037 mei_disable_interrupts(dev);
1038 flush_scheduled_work();
1039 free_irq(pdev->irq, dev);
1040 pci_disable_msi(pdev);
1041unmap_memory:
1042 pci_iounmap(pdev, dev->mem_addr);
1043free_device:
1044 kfree(dev);
1045release_regions:
1046 pci_release_regions(pdev);
1047disable_device:
1048 pci_disable_device(pdev);
1049end:
1050 mutex_unlock(&mei_mutex);
1051 printk(KERN_ERR "mei: Driver initialization failed.\n");
1052 return err;
1053}
1054
1055/**
1056 * mei_remove - Device Removal Routine
1057 *
1058 * @pdev: PCI device structure
1059 *
1060 * mei_remove is called by the PCI subsystem to alert the driver
1061 * that it should release a PCI device.
1062 */
1063static void __devexit mei_remove(struct pci_dev *pdev)
1064{
1065 struct mei_device *dev;
1066
1067 if (mei_device != pdev)
1068 return;
1069
1070 dev = pci_get_drvdata(pdev);
1071 if (!dev)
1072 return;
1073
1074 mutex_lock(&dev->device_lock);
1075
1076 mei_wd_stop(dev, false);
1077
1078 mei_device = NULL;
1079
1080 if (dev->iamthif_cl.state == MEI_FILE_CONNECTED) {
1081 dev->iamthif_cl.state = MEI_FILE_DISCONNECTING;
1082 mei_disconnect_host_client(dev, &dev->iamthif_cl);
1083 }
1084 if (dev->wd_cl.state == MEI_FILE_CONNECTED) {
1085 dev->wd_cl.state = MEI_FILE_DISCONNECTING;
1086 mei_disconnect_host_client(dev, &dev->wd_cl);
1087 }
1088
1089 /* Unregistering watchdog device */
1090 if (dev->wd_interface_reg)
1091 watchdog_unregister_device(&amt_wd_dev);
1092
1093 /* remove entry if already in list */
1094 dev_dbg(&pdev->dev, "list del iamthif and wd file list.\n");
1095 mei_remove_client_from_file_list(dev, dev->wd_cl.host_client_id);
1096 mei_remove_client_from_file_list(dev, dev->iamthif_cl.host_client_id);
1097
1098 dev->iamthif_current_cb = NULL;
1099 dev->me_clients_num = 0;
1100
1101 mutex_unlock(&dev->device_lock);
1102
1103 flush_scheduled_work();
1104
1105 /* disable interrupts */
1106 mei_disable_interrupts(dev);
1107
1108 free_irq(pdev->irq, dev);
1109 pci_disable_msi(pdev);
1110 pci_set_drvdata(pdev, NULL);
1111
1112 if (dev->mem_addr)
1113 pci_iounmap(pdev, dev->mem_addr);
1114
1115 kfree(dev);
1116
1117 pci_release_regions(pdev);
1118 pci_disable_device(pdev);
1119}
ab841160
OW		 1120#ifdef CONFIG_PM
1121static int mei_pci_suspend(struct device *device)
1122{
1123 struct pci_dev *pdev = to_pci_dev(device);
1124 struct mei_device *dev = pci_get_drvdata(pdev);
1125 int err;
1126
1127 if (!dev)
1128 return -ENODEV;
1129 mutex_lock(&dev->device_lock);
1130 /* Stop watchdog if exists */
1131 err = mei_wd_stop(dev, true);
1132 /* Set new mei state */
1133 if (dev->mei_state == MEI_ENABLED ||
1134 dev->mei_state == MEI_RECOVERING_FROM_RESET) {
1135 dev->mei_state = MEI_POWER_DOWN;
1136 mei_reset(dev, 0);
1137 }
1138 mutex_unlock(&dev->device_lock);
1139
1140 free_irq(pdev->irq, dev);
4f61a7ad 1141 pci_disable_msi(pdev);
ab841160
OW		 1142
1143 return err;
1144}
1145
1146static int mei_pci_resume(struct device *device)
1147{
1148 struct pci_dev *pdev = to_pci_dev(device);
1149 struct mei_device *dev;
1150 int err;
1151
1152 dev = pci_get_drvdata(pdev);
1153 if (!dev)
1154 return -ENODEV;
1155
4f61a7ad
TW		 1156 pci_enable_msi(pdev);
1157
1158 /* request and enable interrupt */
1159 if (pci_dev_msi_enabled(pdev))
1160 err = request_threaded_irq(pdev->irq,
1161 NULL,
1162 mei_interrupt_thread_handler,
1163 0, mei_driver_name, dev);
1164 else
1165 err = request_threaded_irq(pdev->irq,
ab841160
OW		 1166 mei_interrupt_quick_handler,
1167 mei_interrupt_thread_handler,
1168 IRQF_SHARED, mei_driver_name, dev);
4f61a7ad 1169
ab841160
OW		 1170 if (err) {
1171 printk(KERN_ERR "mei: Request_irq failure. irq = %d\n",
1172 pdev->irq);
1173 return err;
1174 }
1175
1176 mutex_lock(&dev->device_lock);
1177 dev->mei_state = MEI_POWER_UP;
1178 mei_reset(dev, 1);
1179 mutex_unlock(&dev->device_lock);
1180
6d70e935
OW		 1181 /* Start timer if stopped in suspend */
1182 schedule_delayed_work(&dev->timer_work, HZ);
1183
ab841160
OW		 1184 return err;
1185}
1186static SIMPLE_DEV_PM_OPS(mei_pm_ops, mei_pci_suspend, mei_pci_resume);
1187#define MEI_PM_OPS (&mei_pm_ops)
1188#else
2d990362 1189#define MEI_PM_OPS NULL
ab841160
OW		 1190#endif /* CONFIG_PM */
1191/*
1192 * PCI driver structure
1193 */
1194static struct pci_driver mei_driver = {
1195 .name = mei_driver_name,
1196 .id_table = mei_pci_tbl,
1197 .probe = mei_probe,
1198 .remove = __devexit_p(mei_remove),
1199 .shutdown = __devexit_p(mei_remove),
1200 .driver.pm = MEI_PM_OPS,
1201};
1202
ab841160
OW		 1203/**
1204 * mei_init_module - Driver Registration Routine
1205 *
1206 * mei_init_module is the first routine called when the driver is
1207 * loaded. All it does is to register with the PCI subsystem.
1208 *
1209 * returns 0 on success, <0 on failure.
1210 */
1211static int __init mei_init_module(void)
1212{
1213 int ret;
1214
1215 pr_debug("mei: %s - version %s\n",
1216 mei_driver_string, mei_driver_version);
1217 /* init pci module */
1218 ret = pci_register_driver(&mei_driver);
5b881e3c 1219 if (ret < 0)
ab841160 1220 printk(KERN_ERR "mei: Error registering driver.\n");
ab841160 1221
ab841160
OW		 1222 return ret;
1223}
1224
1225module_init(mei_init_module);
1226
1227/**
1228 * mei_exit_module - Driver Exit Cleanup Routine
1229 *
1230 * mei_exit_module is called just before the driver is removed
1231 * from memory.
1232 */
1233static void __exit mei_exit_module(void)
1234{
5b881e3c 1235 misc_deregister(&mei_misc_device);
cbecb8bf 1236 pci_unregister_driver(&mei_driver);
ab841160
OW		 1237
1238 pr_debug("mei: Driver unloaded successfully.\n");
1239}
1240
1241module_exit(mei_exit_module);
1242
1243
1244MODULE_AUTHOR("Intel Corporation");
1245MODULE_DESCRIPTION("Intel(R) Management Engine Interface");
1246MODULE_LICENSE("GPL v2");
1247MODULE_VERSION(MEI_DRIVER_VERSION);
Linux 6.x block layer and io_uring tree(s)