1 // SPDX-License-Identifier: GPL-2.0
3 * Greybus Firmware Management Protocol Driver.
5 * Copyright 2016 Google Inc.
6 * Copyright 2016 Linaro Ltd.
9 #include <linux/cdev.h>
10 #include <linux/completion.h>
11 #include <linux/firmware.h>
13 #include <linux/idr.h>
14 #include <linux/ioctl.h>
15 #include <linux/uaccess.h>
16 #include <linux/greybus.h>
19 #include "greybus_firmware.h"
21 #define FW_MGMT_TIMEOUT_MS 1000
24 struct device *parent;
25 struct gb_connection *connection;
27 struct list_head node;
29 /* Common id-map for interface and backend firmware requests */
32 struct completion completion;
34 struct device *class_device;
36 unsigned int timeout_jiffies;
37 bool disabled; /* connection getting disabled */
39 /* Interface Firmware specific fields */
40 bool mode_switch_started;
42 u8 intf_fw_request_id;
47 /* Backend Firmware specific fields */
48 u8 backend_fw_request_id;
53 * Number of minor devices this driver supports.
54 * There will be exactly one required per Interface.
56 #define NUM_MINORS U8_MAX
58 static struct class *fw_mgmt_class;
59 static dev_t fw_mgmt_dev_num;
60 static DEFINE_IDA(fw_mgmt_minors_map);
61 static LIST_HEAD(fw_mgmt_list);
62 static DEFINE_MUTEX(list_mutex);
64 static void fw_mgmt_kref_release(struct kref *kref)
66 struct fw_mgmt *fw_mgmt = container_of(kref, struct fw_mgmt, kref);
68 ida_destroy(&fw_mgmt->id_map);
73 * All users of fw_mgmt take a reference (from within list_mutex lock), before
74 * they get a pointer to play with. And the structure will be freed only after
75 * the last user has put the reference to it.
77 static void put_fw_mgmt(struct fw_mgmt *fw_mgmt)
79 kref_put(&fw_mgmt->kref, fw_mgmt_kref_release);
82 /* Caller must call put_fw_mgmt() after using struct fw_mgmt */
83 static struct fw_mgmt *get_fw_mgmt(struct cdev *cdev)
85 struct fw_mgmt *fw_mgmt;
87 mutex_lock(&list_mutex);
89 list_for_each_entry(fw_mgmt, &fw_mgmt_list, node) {
90 if (&fw_mgmt->cdev == cdev) {
91 kref_get(&fw_mgmt->kref);
99 mutex_unlock(&list_mutex);
104 static int fw_mgmt_interface_fw_version_operation(struct fw_mgmt *fw_mgmt,
105 struct fw_mgmt_ioc_get_intf_version *fw_info)
107 struct gb_connection *connection = fw_mgmt->connection;
108 struct gb_fw_mgmt_interface_fw_version_response response;
111 ret = gb_operation_sync(connection,
112 GB_FW_MGMT_TYPE_INTERFACE_FW_VERSION, NULL, 0,
113 &response, sizeof(response));
115 dev_err(fw_mgmt->parent,
116 "failed to get interface firmware version (%d)\n", ret);
120 fw_info->major = le16_to_cpu(response.major);
121 fw_info->minor = le16_to_cpu(response.minor);
123 strncpy(fw_info->firmware_tag, response.firmware_tag,
124 GB_FIRMWARE_TAG_MAX_SIZE);
127 * The firmware-tag should be NULL terminated, otherwise throw error but
130 if (fw_info->firmware_tag[GB_FIRMWARE_TAG_MAX_SIZE - 1] != '\0') {
131 dev_err(fw_mgmt->parent,
132 "fw-version: firmware-tag is not NULL terminated\n");
133 fw_info->firmware_tag[GB_FIRMWARE_TAG_MAX_SIZE - 1] = '\0';
139 static int fw_mgmt_load_and_validate_operation(struct fw_mgmt *fw_mgmt,
140 u8 load_method, const char *tag)
142 struct gb_fw_mgmt_load_and_validate_fw_request request;
145 if (load_method != GB_FW_LOAD_METHOD_UNIPRO &&
146 load_method != GB_FW_LOAD_METHOD_INTERNAL) {
147 dev_err(fw_mgmt->parent,
148 "invalid load-method (%d)\n", load_method);
152 request.load_method = load_method;
153 strncpy(request.firmware_tag, tag, GB_FIRMWARE_TAG_MAX_SIZE);
156 * The firmware-tag should be NULL terminated, otherwise throw error and
159 if (request.firmware_tag[GB_FIRMWARE_TAG_MAX_SIZE - 1] != '\0') {
160 dev_err(fw_mgmt->parent, "load-and-validate: firmware-tag is not NULL terminated\n");
164 /* Allocate ids from 1 to 255 (u8-max), 0 is an invalid id */
165 ret = ida_simple_get(&fw_mgmt->id_map, 1, 256, GFP_KERNEL);
167 dev_err(fw_mgmt->parent, "failed to allocate request id (%d)\n",
172 fw_mgmt->intf_fw_request_id = ret;
173 fw_mgmt->intf_fw_loaded = false;
174 request.request_id = ret;
176 ret = gb_operation_sync(fw_mgmt->connection,
177 GB_FW_MGMT_TYPE_LOAD_AND_VALIDATE_FW, &request,
178 sizeof(request), NULL, 0);
180 ida_simple_remove(&fw_mgmt->id_map,
181 fw_mgmt->intf_fw_request_id);
182 fw_mgmt->intf_fw_request_id = 0;
183 dev_err(fw_mgmt->parent,
184 "load and validate firmware request failed (%d)\n",
192 static int fw_mgmt_interface_fw_loaded_operation(struct gb_operation *op)
194 struct gb_connection *connection = op->connection;
195 struct fw_mgmt *fw_mgmt = gb_connection_get_data(connection);
196 struct gb_fw_mgmt_loaded_fw_request *request;
198 /* No pending load and validate request ? */
199 if (!fw_mgmt->intf_fw_request_id) {
200 dev_err(fw_mgmt->parent,
201 "unexpected firmware loaded request received\n");
205 if (op->request->payload_size != sizeof(*request)) {
206 dev_err(fw_mgmt->parent, "illegal size of firmware loaded request (%zu != %zu)\n",
207 op->request->payload_size, sizeof(*request));
211 request = op->request->payload;
213 /* Invalid request-id ? */
214 if (request->request_id != fw_mgmt->intf_fw_request_id) {
215 dev_err(fw_mgmt->parent, "invalid request id for firmware loaded request (%02u != %02u)\n",
216 fw_mgmt->intf_fw_request_id, request->request_id);
220 ida_simple_remove(&fw_mgmt->id_map, fw_mgmt->intf_fw_request_id);
221 fw_mgmt->intf_fw_request_id = 0;
222 fw_mgmt->intf_fw_status = request->status;
223 fw_mgmt->intf_fw_major = le16_to_cpu(request->major);
224 fw_mgmt->intf_fw_minor = le16_to_cpu(request->minor);
226 if (fw_mgmt->intf_fw_status == GB_FW_LOAD_STATUS_FAILED)
227 dev_err(fw_mgmt->parent,
228 "failed to load interface firmware, status:%02x\n",
229 fw_mgmt->intf_fw_status);
230 else if (fw_mgmt->intf_fw_status == GB_FW_LOAD_STATUS_VALIDATION_FAILED)
231 dev_err(fw_mgmt->parent,
232 "failed to validate interface firmware, status:%02x\n",
233 fw_mgmt->intf_fw_status);
235 fw_mgmt->intf_fw_loaded = true;
237 complete(&fw_mgmt->completion);
242 static int fw_mgmt_backend_fw_version_operation(struct fw_mgmt *fw_mgmt,
243 struct fw_mgmt_ioc_get_backend_version *fw_info)
245 struct gb_connection *connection = fw_mgmt->connection;
246 struct gb_fw_mgmt_backend_fw_version_request request;
247 struct gb_fw_mgmt_backend_fw_version_response response;
250 strncpy(request.firmware_tag, fw_info->firmware_tag,
251 GB_FIRMWARE_TAG_MAX_SIZE);
254 * The firmware-tag should be NULL terminated, otherwise throw error and
257 if (request.firmware_tag[GB_FIRMWARE_TAG_MAX_SIZE - 1] != '\0') {
258 dev_err(fw_mgmt->parent, "backend-version: firmware-tag is not NULL terminated\n");
262 ret = gb_operation_sync(connection,
263 GB_FW_MGMT_TYPE_BACKEND_FW_VERSION, &request,
264 sizeof(request), &response, sizeof(response));
266 dev_err(fw_mgmt->parent, "failed to get version of %s backend firmware (%d)\n",
267 fw_info->firmware_tag, ret);
271 fw_info->status = response.status;
273 /* Reset version as that should be non-zero only for success case */
277 switch (fw_info->status) {
278 case GB_FW_BACKEND_VERSION_STATUS_SUCCESS:
279 fw_info->major = le16_to_cpu(response.major);
280 fw_info->minor = le16_to_cpu(response.minor);
282 case GB_FW_BACKEND_VERSION_STATUS_NOT_AVAILABLE:
283 case GB_FW_BACKEND_VERSION_STATUS_RETRY:
285 case GB_FW_BACKEND_VERSION_STATUS_NOT_SUPPORTED:
286 dev_err(fw_mgmt->parent,
287 "Firmware with tag %s is not supported by Interface\n",
288 fw_info->firmware_tag);
291 dev_err(fw_mgmt->parent, "Invalid status received: %u\n",
298 static int fw_mgmt_backend_fw_update_operation(struct fw_mgmt *fw_mgmt,
301 struct gb_fw_mgmt_backend_fw_update_request request;
304 strncpy(request.firmware_tag, tag, GB_FIRMWARE_TAG_MAX_SIZE);
307 * The firmware-tag should be NULL terminated, otherwise throw error and
310 if (request.firmware_tag[GB_FIRMWARE_TAG_MAX_SIZE - 1] != '\0') {
311 dev_err(fw_mgmt->parent, "backend-update: firmware-tag is not NULL terminated\n");
315 /* Allocate ids from 1 to 255 (u8-max), 0 is an invalid id */
316 ret = ida_simple_get(&fw_mgmt->id_map, 1, 256, GFP_KERNEL);
318 dev_err(fw_mgmt->parent, "failed to allocate request id (%d)\n",
323 fw_mgmt->backend_fw_request_id = ret;
324 request.request_id = ret;
326 ret = gb_operation_sync(fw_mgmt->connection,
327 GB_FW_MGMT_TYPE_BACKEND_FW_UPDATE, &request,
328 sizeof(request), NULL, 0);
330 ida_simple_remove(&fw_mgmt->id_map,
331 fw_mgmt->backend_fw_request_id);
332 fw_mgmt->backend_fw_request_id = 0;
333 dev_err(fw_mgmt->parent,
334 "backend %s firmware update request failed (%d)\n", tag,
342 static int fw_mgmt_backend_fw_updated_operation(struct gb_operation *op)
344 struct gb_connection *connection = op->connection;
345 struct fw_mgmt *fw_mgmt = gb_connection_get_data(connection);
346 struct gb_fw_mgmt_backend_fw_updated_request *request;
348 /* No pending load and validate request ? */
349 if (!fw_mgmt->backend_fw_request_id) {
350 dev_err(fw_mgmt->parent, "unexpected backend firmware updated request received\n");
354 if (op->request->payload_size != sizeof(*request)) {
355 dev_err(fw_mgmt->parent, "illegal size of backend firmware updated request (%zu != %zu)\n",
356 op->request->payload_size, sizeof(*request));
360 request = op->request->payload;
362 /* Invalid request-id ? */
363 if (request->request_id != fw_mgmt->backend_fw_request_id) {
364 dev_err(fw_mgmt->parent, "invalid request id for backend firmware updated request (%02u != %02u)\n",
365 fw_mgmt->backend_fw_request_id, request->request_id);
369 ida_simple_remove(&fw_mgmt->id_map, fw_mgmt->backend_fw_request_id);
370 fw_mgmt->backend_fw_request_id = 0;
371 fw_mgmt->backend_fw_status = request->status;
373 if ((fw_mgmt->backend_fw_status != GB_FW_BACKEND_FW_STATUS_SUCCESS) &&
374 (fw_mgmt->backend_fw_status != GB_FW_BACKEND_FW_STATUS_RETRY))
375 dev_err(fw_mgmt->parent,
376 "failed to load backend firmware: %02x\n",
377 fw_mgmt->backend_fw_status);
379 complete(&fw_mgmt->completion);
384 /* Char device fops */
386 static int fw_mgmt_open(struct inode *inode, struct file *file)
388 struct fw_mgmt *fw_mgmt = get_fw_mgmt(inode->i_cdev);
390 /* fw_mgmt structure can't get freed until file descriptor is closed */
392 file->private_data = fw_mgmt;
399 static int fw_mgmt_release(struct inode *inode, struct file *file)
401 struct fw_mgmt *fw_mgmt = file->private_data;
403 put_fw_mgmt(fw_mgmt);
407 static int fw_mgmt_ioctl(struct fw_mgmt *fw_mgmt, unsigned int cmd,
410 struct fw_mgmt_ioc_get_intf_version intf_fw_info;
411 struct fw_mgmt_ioc_get_backend_version backend_fw_info;
412 struct fw_mgmt_ioc_intf_load_and_validate intf_load;
413 struct fw_mgmt_ioc_backend_fw_update backend_update;
414 unsigned int timeout;
417 /* Reject any operations after mode-switch has started */
418 if (fw_mgmt->mode_switch_started)
422 case FW_MGMT_IOC_GET_INTF_FW:
423 ret = fw_mgmt_interface_fw_version_operation(fw_mgmt,
428 if (copy_to_user(buf, &intf_fw_info, sizeof(intf_fw_info)))
432 case FW_MGMT_IOC_GET_BACKEND_FW:
433 if (copy_from_user(&backend_fw_info, buf,
434 sizeof(backend_fw_info)))
437 ret = fw_mgmt_backend_fw_version_operation(fw_mgmt,
442 if (copy_to_user(buf, &backend_fw_info,
443 sizeof(backend_fw_info)))
447 case FW_MGMT_IOC_INTF_LOAD_AND_VALIDATE:
448 if (copy_from_user(&intf_load, buf, sizeof(intf_load)))
451 ret = fw_mgmt_load_and_validate_operation(fw_mgmt,
452 intf_load.load_method, intf_load.firmware_tag);
456 if (!wait_for_completion_timeout(&fw_mgmt->completion,
457 fw_mgmt->timeout_jiffies)) {
458 dev_err(fw_mgmt->parent, "timed out waiting for firmware load and validation to finish\n");
462 intf_load.status = fw_mgmt->intf_fw_status;
463 intf_load.major = fw_mgmt->intf_fw_major;
464 intf_load.minor = fw_mgmt->intf_fw_minor;
466 if (copy_to_user(buf, &intf_load, sizeof(intf_load)))
470 case FW_MGMT_IOC_INTF_BACKEND_FW_UPDATE:
471 if (copy_from_user(&backend_update, buf,
472 sizeof(backend_update)))
475 ret = fw_mgmt_backend_fw_update_operation(fw_mgmt,
476 backend_update.firmware_tag);
480 if (!wait_for_completion_timeout(&fw_mgmt->completion,
481 fw_mgmt->timeout_jiffies)) {
482 dev_err(fw_mgmt->parent, "timed out waiting for backend firmware update to finish\n");
486 backend_update.status = fw_mgmt->backend_fw_status;
488 if (copy_to_user(buf, &backend_update, sizeof(backend_update)))
492 case FW_MGMT_IOC_SET_TIMEOUT_MS:
493 if (get_user(timeout, (unsigned int __user *)buf))
497 dev_err(fw_mgmt->parent, "timeout can't be zero\n");
501 fw_mgmt->timeout_jiffies = msecs_to_jiffies(timeout);
504 case FW_MGMT_IOC_MODE_SWITCH:
505 if (!fw_mgmt->intf_fw_loaded) {
506 dev_err(fw_mgmt->parent,
507 "Firmware not loaded for mode-switch\n");
512 * Disallow new ioctls as the fw-core bundle driver is going to
513 * get disconnected soon and the character device will get
516 fw_mgmt->mode_switch_started = true;
518 ret = gb_interface_request_mode_switch(fw_mgmt->connection->intf);
520 dev_err(fw_mgmt->parent, "Mode-switch failed: %d\n",
522 fw_mgmt->mode_switch_started = false;
532 static long fw_mgmt_ioctl_unlocked(struct file *file, unsigned int cmd,
535 struct fw_mgmt *fw_mgmt = file->private_data;
536 struct gb_bundle *bundle = fw_mgmt->connection->bundle;
542 * We don't want the user to do few operations in parallel. For example,
543 * updating Interface firmware in parallel for the same Interface. There
544 * is no need to do things in parallel for speed and we can avoid having
545 * complicated code for now.
547 * This is also used to protect ->disabled, which is used to check if
548 * the connection is getting disconnected, so that we don't start any
551 mutex_lock(&fw_mgmt->mutex);
552 if (!fw_mgmt->disabled) {
553 ret = gb_pm_runtime_get_sync(bundle);
555 ret = fw_mgmt_ioctl(fw_mgmt, cmd, (void __user *)arg);
556 gb_pm_runtime_put_autosuspend(bundle);
559 mutex_unlock(&fw_mgmt->mutex);
564 static const struct file_operations fw_mgmt_fops = {
565 .owner = THIS_MODULE,
566 .open = fw_mgmt_open,
567 .release = fw_mgmt_release,
568 .unlocked_ioctl = fw_mgmt_ioctl_unlocked,
571 int gb_fw_mgmt_request_handler(struct gb_operation *op)
576 case GB_FW_MGMT_TYPE_LOADED_FW:
577 return fw_mgmt_interface_fw_loaded_operation(op);
578 case GB_FW_MGMT_TYPE_BACKEND_FW_UPDATED:
579 return fw_mgmt_backend_fw_updated_operation(op);
581 dev_err(&op->connection->bundle->dev,
582 "unsupported request: %u\n", type);
587 int gb_fw_mgmt_connection_init(struct gb_connection *connection)
589 struct fw_mgmt *fw_mgmt;
595 fw_mgmt = kzalloc(sizeof(*fw_mgmt), GFP_KERNEL);
599 fw_mgmt->parent = &connection->bundle->dev;
600 fw_mgmt->timeout_jiffies = msecs_to_jiffies(FW_MGMT_TIMEOUT_MS);
601 fw_mgmt->connection = connection;
603 gb_connection_set_data(connection, fw_mgmt);
604 init_completion(&fw_mgmt->completion);
605 ida_init(&fw_mgmt->id_map);
606 mutex_init(&fw_mgmt->mutex);
607 kref_init(&fw_mgmt->kref);
609 mutex_lock(&list_mutex);
610 list_add(&fw_mgmt->node, &fw_mgmt_list);
611 mutex_unlock(&list_mutex);
613 ret = gb_connection_enable(connection);
617 minor = ida_simple_get(&fw_mgmt_minors_map, 0, NUM_MINORS, GFP_KERNEL);
620 goto err_connection_disable;
623 /* Add a char device to allow userspace to interact with fw-mgmt */
624 fw_mgmt->dev_num = MKDEV(MAJOR(fw_mgmt_dev_num), minor);
625 cdev_init(&fw_mgmt->cdev, &fw_mgmt_fops);
627 ret = cdev_add(&fw_mgmt->cdev, fw_mgmt->dev_num, 1);
631 /* Add a soft link to the previously added char-dev within the bundle */
632 fw_mgmt->class_device = device_create(fw_mgmt_class, fw_mgmt->parent,
633 fw_mgmt->dev_num, NULL,
634 "gb-fw-mgmt-%d", minor);
635 if (IS_ERR(fw_mgmt->class_device)) {
636 ret = PTR_ERR(fw_mgmt->class_device);
643 cdev_del(&fw_mgmt->cdev);
645 ida_simple_remove(&fw_mgmt_minors_map, minor);
646 err_connection_disable:
647 gb_connection_disable(connection);
649 mutex_lock(&list_mutex);
650 list_del(&fw_mgmt->node);
651 mutex_unlock(&list_mutex);
653 put_fw_mgmt(fw_mgmt);
658 void gb_fw_mgmt_connection_exit(struct gb_connection *connection)
660 struct fw_mgmt *fw_mgmt;
665 fw_mgmt = gb_connection_get_data(connection);
667 device_destroy(fw_mgmt_class, fw_mgmt->dev_num);
668 cdev_del(&fw_mgmt->cdev);
669 ida_simple_remove(&fw_mgmt_minors_map, MINOR(fw_mgmt->dev_num));
672 * Disallow any new ioctl operations on the char device and wait for
673 * existing ones to finish.
675 mutex_lock(&fw_mgmt->mutex);
676 fw_mgmt->disabled = true;
677 mutex_unlock(&fw_mgmt->mutex);
679 /* All pending greybus operations should have finished by now */
680 gb_connection_disable(fw_mgmt->connection);
682 /* Disallow new users to get access to the fw_mgmt structure */
683 mutex_lock(&list_mutex);
684 list_del(&fw_mgmt->node);
685 mutex_unlock(&list_mutex);
688 * All current users of fw_mgmt would have taken a reference to it by
689 * now, we can drop our reference and wait the last user will get
692 put_fw_mgmt(fw_mgmt);
695 int fw_mgmt_init(void)
699 fw_mgmt_class = class_create("gb_fw_mgmt");
700 if (IS_ERR(fw_mgmt_class))
701 return PTR_ERR(fw_mgmt_class);
703 ret = alloc_chrdev_region(&fw_mgmt_dev_num, 0, NUM_MINORS,
706 goto err_remove_class;
711 class_destroy(fw_mgmt_class);
715 void fw_mgmt_exit(void)
717 unregister_chrdev_region(fw_mgmt_dev_num, NUM_MINORS);
718 class_destroy(fw_mgmt_class);
719 ida_destroy(&fw_mgmt_minors_map);
projects / linux.git / blob