1 // SPDX-License-Identifier: GPL-2.0
3 * Greybus Firmware Management Protocol Driver.
5 * Copyright 2016 Google Inc.
6 * Copyright 2016 Linaro Ltd.
9 #include <linux/cdev.h>
10 #include <linux/completion.h>
11 #include <linux/firmware.h>
13 #include <linux/idr.h>
14 #include <linux/ioctl.h>
15 #include <linux/uaccess.h>
16 #include <linux/greybus.h>
19 #include "greybus_firmware.h"
21 #define FW_MGMT_TIMEOUT_MS 1000
24 struct device *parent;
25 struct gb_connection *connection;
27 struct list_head node;
29 /* Common id-map for interface and backend firmware requests */
32 struct completion completion;
34 struct device *class_device;
36 unsigned int timeout_jiffies;
37 bool disabled; /* connection getting disabled */
39 /* Interface Firmware specific fields */
40 bool mode_switch_started;
42 u8 intf_fw_request_id;
47 /* Backend Firmware specific fields */
48 u8 backend_fw_request_id;
53 * Number of minor devices this driver supports.
54 * There will be exactly one required per Interface.
56 #define NUM_MINORS U8_MAX
58 static const struct class fw_mgmt_class = {
62 static dev_t fw_mgmt_dev_num;
63 static DEFINE_IDA(fw_mgmt_minors_map);
64 static LIST_HEAD(fw_mgmt_list);
65 static DEFINE_MUTEX(list_mutex);
67 static void fw_mgmt_kref_release(struct kref *kref)
69 struct fw_mgmt *fw_mgmt = container_of(kref, struct fw_mgmt, kref);
71 ida_destroy(&fw_mgmt->id_map);
76 * All users of fw_mgmt take a reference (from within list_mutex lock), before
77 * they get a pointer to play with. And the structure will be freed only after
78 * the last user has put the reference to it.
80 static void put_fw_mgmt(struct fw_mgmt *fw_mgmt)
82 kref_put(&fw_mgmt->kref, fw_mgmt_kref_release);
85 /* Caller must call put_fw_mgmt() after using struct fw_mgmt */
86 static struct fw_mgmt *get_fw_mgmt(struct cdev *cdev)
88 struct fw_mgmt *fw_mgmt;
90 mutex_lock(&list_mutex);
92 list_for_each_entry(fw_mgmt, &fw_mgmt_list, node) {
93 if (&fw_mgmt->cdev == cdev) {
94 kref_get(&fw_mgmt->kref);
102 mutex_unlock(&list_mutex);
107 static int fw_mgmt_interface_fw_version_operation(struct fw_mgmt *fw_mgmt,
108 struct fw_mgmt_ioc_get_intf_version *fw_info)
110 struct gb_connection *connection = fw_mgmt->connection;
111 struct gb_fw_mgmt_interface_fw_version_response response;
114 ret = gb_operation_sync(connection,
115 GB_FW_MGMT_TYPE_INTERFACE_FW_VERSION, NULL, 0,
116 &response, sizeof(response));
118 dev_err(fw_mgmt->parent,
119 "failed to get interface firmware version (%d)\n", ret);
123 fw_info->major = le16_to_cpu(response.major);
124 fw_info->minor = le16_to_cpu(response.minor);
126 strncpy(fw_info->firmware_tag, response.firmware_tag,
127 GB_FIRMWARE_TAG_MAX_SIZE);
130 * The firmware-tag should be NULL terminated, otherwise throw error but
133 if (fw_info->firmware_tag[GB_FIRMWARE_TAG_MAX_SIZE - 1] != '\0') {
134 dev_err(fw_mgmt->parent,
135 "fw-version: firmware-tag is not NULL terminated\n");
136 fw_info->firmware_tag[GB_FIRMWARE_TAG_MAX_SIZE - 1] = '\0';
142 static int fw_mgmt_load_and_validate_operation(struct fw_mgmt *fw_mgmt,
143 u8 load_method, const char *tag)
145 struct gb_fw_mgmt_load_and_validate_fw_request request;
148 if (load_method != GB_FW_LOAD_METHOD_UNIPRO &&
149 load_method != GB_FW_LOAD_METHOD_INTERNAL) {
150 dev_err(fw_mgmt->parent,
151 "invalid load-method (%d)\n", load_method);
155 request.load_method = load_method;
156 strncpy(request.firmware_tag, tag, GB_FIRMWARE_TAG_MAX_SIZE);
159 * The firmware-tag should be NULL terminated, otherwise throw error and
162 if (request.firmware_tag[GB_FIRMWARE_TAG_MAX_SIZE - 1] != '\0') {
163 dev_err(fw_mgmt->parent, "load-and-validate: firmware-tag is not NULL terminated\n");
167 /* Allocate ids from 1 to 255 (u8-max), 0 is an invalid id */
168 ret = ida_simple_get(&fw_mgmt->id_map, 1, 256, GFP_KERNEL);
170 dev_err(fw_mgmt->parent, "failed to allocate request id (%d)\n",
175 fw_mgmt->intf_fw_request_id = ret;
176 fw_mgmt->intf_fw_loaded = false;
177 request.request_id = ret;
179 ret = gb_operation_sync(fw_mgmt->connection,
180 GB_FW_MGMT_TYPE_LOAD_AND_VALIDATE_FW, &request,
181 sizeof(request), NULL, 0);
183 ida_simple_remove(&fw_mgmt->id_map,
184 fw_mgmt->intf_fw_request_id);
185 fw_mgmt->intf_fw_request_id = 0;
186 dev_err(fw_mgmt->parent,
187 "load and validate firmware request failed (%d)\n",
195 static int fw_mgmt_interface_fw_loaded_operation(struct gb_operation *op)
197 struct gb_connection *connection = op->connection;
198 struct fw_mgmt *fw_mgmt = gb_connection_get_data(connection);
199 struct gb_fw_mgmt_loaded_fw_request *request;
201 /* No pending load and validate request ? */
202 if (!fw_mgmt->intf_fw_request_id) {
203 dev_err(fw_mgmt->parent,
204 "unexpected firmware loaded request received\n");
208 if (op->request->payload_size != sizeof(*request)) {
209 dev_err(fw_mgmt->parent, "illegal size of firmware loaded request (%zu != %zu)\n",
210 op->request->payload_size, sizeof(*request));
214 request = op->request->payload;
216 /* Invalid request-id ? */
217 if (request->request_id != fw_mgmt->intf_fw_request_id) {
218 dev_err(fw_mgmt->parent, "invalid request id for firmware loaded request (%02u != %02u)\n",
219 fw_mgmt->intf_fw_request_id, request->request_id);
223 ida_simple_remove(&fw_mgmt->id_map, fw_mgmt->intf_fw_request_id);
224 fw_mgmt->intf_fw_request_id = 0;
225 fw_mgmt->intf_fw_status = request->status;
226 fw_mgmt->intf_fw_major = le16_to_cpu(request->major);
227 fw_mgmt->intf_fw_minor = le16_to_cpu(request->minor);
229 if (fw_mgmt->intf_fw_status == GB_FW_LOAD_STATUS_FAILED)
230 dev_err(fw_mgmt->parent,
231 "failed to load interface firmware, status:%02x\n",
232 fw_mgmt->intf_fw_status);
233 else if (fw_mgmt->intf_fw_status == GB_FW_LOAD_STATUS_VALIDATION_FAILED)
234 dev_err(fw_mgmt->parent,
235 "failed to validate interface firmware, status:%02x\n",
236 fw_mgmt->intf_fw_status);
238 fw_mgmt->intf_fw_loaded = true;
240 complete(&fw_mgmt->completion);
245 static int fw_mgmt_backend_fw_version_operation(struct fw_mgmt *fw_mgmt,
246 struct fw_mgmt_ioc_get_backend_version *fw_info)
248 struct gb_connection *connection = fw_mgmt->connection;
249 struct gb_fw_mgmt_backend_fw_version_request request;
250 struct gb_fw_mgmt_backend_fw_version_response response;
253 strncpy(request.firmware_tag, fw_info->firmware_tag,
254 GB_FIRMWARE_TAG_MAX_SIZE);
257 * The firmware-tag should be NULL terminated, otherwise throw error and
260 if (request.firmware_tag[GB_FIRMWARE_TAG_MAX_SIZE - 1] != '\0') {
261 dev_err(fw_mgmt->parent, "backend-version: firmware-tag is not NULL terminated\n");
265 ret = gb_operation_sync(connection,
266 GB_FW_MGMT_TYPE_BACKEND_FW_VERSION, &request,
267 sizeof(request), &response, sizeof(response));
269 dev_err(fw_mgmt->parent, "failed to get version of %s backend firmware (%d)\n",
270 fw_info->firmware_tag, ret);
274 fw_info->status = response.status;
276 /* Reset version as that should be non-zero only for success case */
280 switch (fw_info->status) {
281 case GB_FW_BACKEND_VERSION_STATUS_SUCCESS:
282 fw_info->major = le16_to_cpu(response.major);
283 fw_info->minor = le16_to_cpu(response.minor);
285 case GB_FW_BACKEND_VERSION_STATUS_NOT_AVAILABLE:
286 case GB_FW_BACKEND_VERSION_STATUS_RETRY:
288 case GB_FW_BACKEND_VERSION_STATUS_NOT_SUPPORTED:
289 dev_err(fw_mgmt->parent,
290 "Firmware with tag %s is not supported by Interface\n",
291 fw_info->firmware_tag);
294 dev_err(fw_mgmt->parent, "Invalid status received: %u\n",
301 static int fw_mgmt_backend_fw_update_operation(struct fw_mgmt *fw_mgmt,
304 struct gb_fw_mgmt_backend_fw_update_request request;
307 strncpy(request.firmware_tag, tag, GB_FIRMWARE_TAG_MAX_SIZE);
310 * The firmware-tag should be NULL terminated, otherwise throw error and
313 if (request.firmware_tag[GB_FIRMWARE_TAG_MAX_SIZE - 1] != '\0') {
314 dev_err(fw_mgmt->parent, "backend-update: firmware-tag is not NULL terminated\n");
318 /* Allocate ids from 1 to 255 (u8-max), 0 is an invalid id */
319 ret = ida_simple_get(&fw_mgmt->id_map, 1, 256, GFP_KERNEL);
321 dev_err(fw_mgmt->parent, "failed to allocate request id (%d)\n",
326 fw_mgmt->backend_fw_request_id = ret;
327 request.request_id = ret;
329 ret = gb_operation_sync(fw_mgmt->connection,
330 GB_FW_MGMT_TYPE_BACKEND_FW_UPDATE, &request,
331 sizeof(request), NULL, 0);
333 ida_simple_remove(&fw_mgmt->id_map,
334 fw_mgmt->backend_fw_request_id);
335 fw_mgmt->backend_fw_request_id = 0;
336 dev_err(fw_mgmt->parent,
337 "backend %s firmware update request failed (%d)\n", tag,
345 static int fw_mgmt_backend_fw_updated_operation(struct gb_operation *op)
347 struct gb_connection *connection = op->connection;
348 struct fw_mgmt *fw_mgmt = gb_connection_get_data(connection);
349 struct gb_fw_mgmt_backend_fw_updated_request *request;
351 /* No pending load and validate request ? */
352 if (!fw_mgmt->backend_fw_request_id) {
353 dev_err(fw_mgmt->parent, "unexpected backend firmware updated request received\n");
357 if (op->request->payload_size != sizeof(*request)) {
358 dev_err(fw_mgmt->parent, "illegal size of backend firmware updated request (%zu != %zu)\n",
359 op->request->payload_size, sizeof(*request));
363 request = op->request->payload;
365 /* Invalid request-id ? */
366 if (request->request_id != fw_mgmt->backend_fw_request_id) {
367 dev_err(fw_mgmt->parent, "invalid request id for backend firmware updated request (%02u != %02u)\n",
368 fw_mgmt->backend_fw_request_id, request->request_id);
372 ida_simple_remove(&fw_mgmt->id_map, fw_mgmt->backend_fw_request_id);
373 fw_mgmt->backend_fw_request_id = 0;
374 fw_mgmt->backend_fw_status = request->status;
376 if ((fw_mgmt->backend_fw_status != GB_FW_BACKEND_FW_STATUS_SUCCESS) &&
377 (fw_mgmt->backend_fw_status != GB_FW_BACKEND_FW_STATUS_RETRY))
378 dev_err(fw_mgmt->parent,
379 "failed to load backend firmware: %02x\n",
380 fw_mgmt->backend_fw_status);
382 complete(&fw_mgmt->completion);
387 /* Char device fops */
389 static int fw_mgmt_open(struct inode *inode, struct file *file)
391 struct fw_mgmt *fw_mgmt = get_fw_mgmt(inode->i_cdev);
393 /* fw_mgmt structure can't get freed until file descriptor is closed */
395 file->private_data = fw_mgmt;
402 static int fw_mgmt_release(struct inode *inode, struct file *file)
404 struct fw_mgmt *fw_mgmt = file->private_data;
406 put_fw_mgmt(fw_mgmt);
410 static int fw_mgmt_ioctl(struct fw_mgmt *fw_mgmt, unsigned int cmd,
413 struct fw_mgmt_ioc_get_intf_version intf_fw_info;
414 struct fw_mgmt_ioc_get_backend_version backend_fw_info;
415 struct fw_mgmt_ioc_intf_load_and_validate intf_load;
416 struct fw_mgmt_ioc_backend_fw_update backend_update;
417 unsigned int timeout;
420 /* Reject any operations after mode-switch has started */
421 if (fw_mgmt->mode_switch_started)
425 case FW_MGMT_IOC_GET_INTF_FW:
426 ret = fw_mgmt_interface_fw_version_operation(fw_mgmt,
431 if (copy_to_user(buf, &intf_fw_info, sizeof(intf_fw_info)))
435 case FW_MGMT_IOC_GET_BACKEND_FW:
436 if (copy_from_user(&backend_fw_info, buf,
437 sizeof(backend_fw_info)))
440 ret = fw_mgmt_backend_fw_version_operation(fw_mgmt,
445 if (copy_to_user(buf, &backend_fw_info,
446 sizeof(backend_fw_info)))
450 case FW_MGMT_IOC_INTF_LOAD_AND_VALIDATE:
451 if (copy_from_user(&intf_load, buf, sizeof(intf_load)))
454 ret = fw_mgmt_load_and_validate_operation(fw_mgmt,
455 intf_load.load_method, intf_load.firmware_tag);
459 if (!wait_for_completion_timeout(&fw_mgmt->completion,
460 fw_mgmt->timeout_jiffies)) {
461 dev_err(fw_mgmt->parent, "timed out waiting for firmware load and validation to finish\n");
465 intf_load.status = fw_mgmt->intf_fw_status;
466 intf_load.major = fw_mgmt->intf_fw_major;
467 intf_load.minor = fw_mgmt->intf_fw_minor;
469 if (copy_to_user(buf, &intf_load, sizeof(intf_load)))
473 case FW_MGMT_IOC_INTF_BACKEND_FW_UPDATE:
474 if (copy_from_user(&backend_update, buf,
475 sizeof(backend_update)))
478 ret = fw_mgmt_backend_fw_update_operation(fw_mgmt,
479 backend_update.firmware_tag);
483 if (!wait_for_completion_timeout(&fw_mgmt->completion,
484 fw_mgmt->timeout_jiffies)) {
485 dev_err(fw_mgmt->parent, "timed out waiting for backend firmware update to finish\n");
489 backend_update.status = fw_mgmt->backend_fw_status;
491 if (copy_to_user(buf, &backend_update, sizeof(backend_update)))
495 case FW_MGMT_IOC_SET_TIMEOUT_MS:
496 if (get_user(timeout, (unsigned int __user *)buf))
500 dev_err(fw_mgmt->parent, "timeout can't be zero\n");
504 fw_mgmt->timeout_jiffies = msecs_to_jiffies(timeout);
507 case FW_MGMT_IOC_MODE_SWITCH:
508 if (!fw_mgmt->intf_fw_loaded) {
509 dev_err(fw_mgmt->parent,
510 "Firmware not loaded for mode-switch\n");
515 * Disallow new ioctls as the fw-core bundle driver is going to
516 * get disconnected soon and the character device will get
519 fw_mgmt->mode_switch_started = true;
521 ret = gb_interface_request_mode_switch(fw_mgmt->connection->intf);
523 dev_err(fw_mgmt->parent, "Mode-switch failed: %d\n",
525 fw_mgmt->mode_switch_started = false;
535 static long fw_mgmt_ioctl_unlocked(struct file *file, unsigned int cmd,
538 struct fw_mgmt *fw_mgmt = file->private_data;
539 struct gb_bundle *bundle = fw_mgmt->connection->bundle;
545 * We don't want the user to do few operations in parallel. For example,
546 * updating Interface firmware in parallel for the same Interface. There
547 * is no need to do things in parallel for speed and we can avoid having
548 * complicated code for now.
550 * This is also used to protect ->disabled, which is used to check if
551 * the connection is getting disconnected, so that we don't start any
554 mutex_lock(&fw_mgmt->mutex);
555 if (!fw_mgmt->disabled) {
556 ret = gb_pm_runtime_get_sync(bundle);
558 ret = fw_mgmt_ioctl(fw_mgmt, cmd, (void __user *)arg);
559 gb_pm_runtime_put_autosuspend(bundle);
562 mutex_unlock(&fw_mgmt->mutex);
567 static const struct file_operations fw_mgmt_fops = {
568 .owner = THIS_MODULE,
569 .open = fw_mgmt_open,
570 .release = fw_mgmt_release,
571 .unlocked_ioctl = fw_mgmt_ioctl_unlocked,
574 int gb_fw_mgmt_request_handler(struct gb_operation *op)
579 case GB_FW_MGMT_TYPE_LOADED_FW:
580 return fw_mgmt_interface_fw_loaded_operation(op);
581 case GB_FW_MGMT_TYPE_BACKEND_FW_UPDATED:
582 return fw_mgmt_backend_fw_updated_operation(op);
584 dev_err(&op->connection->bundle->dev,
585 "unsupported request: %u\n", type);
590 int gb_fw_mgmt_connection_init(struct gb_connection *connection)
592 struct fw_mgmt *fw_mgmt;
598 fw_mgmt = kzalloc(sizeof(*fw_mgmt), GFP_KERNEL);
602 fw_mgmt->parent = &connection->bundle->dev;
603 fw_mgmt->timeout_jiffies = msecs_to_jiffies(FW_MGMT_TIMEOUT_MS);
604 fw_mgmt->connection = connection;
606 gb_connection_set_data(connection, fw_mgmt);
607 init_completion(&fw_mgmt->completion);
608 ida_init(&fw_mgmt->id_map);
609 mutex_init(&fw_mgmt->mutex);
610 kref_init(&fw_mgmt->kref);
612 mutex_lock(&list_mutex);
613 list_add(&fw_mgmt->node, &fw_mgmt_list);
614 mutex_unlock(&list_mutex);
616 ret = gb_connection_enable(connection);
620 minor = ida_simple_get(&fw_mgmt_minors_map, 0, NUM_MINORS, GFP_KERNEL);
623 goto err_connection_disable;
626 /* Add a char device to allow userspace to interact with fw-mgmt */
627 fw_mgmt->dev_num = MKDEV(MAJOR(fw_mgmt_dev_num), minor);
628 cdev_init(&fw_mgmt->cdev, &fw_mgmt_fops);
630 ret = cdev_add(&fw_mgmt->cdev, fw_mgmt->dev_num, 1);
634 /* Add a soft link to the previously added char-dev within the bundle */
635 fw_mgmt->class_device = device_create(&fw_mgmt_class, fw_mgmt->parent,
636 fw_mgmt->dev_num, NULL,
637 "gb-fw-mgmt-%d", minor);
638 if (IS_ERR(fw_mgmt->class_device)) {
639 ret = PTR_ERR(fw_mgmt->class_device);
646 cdev_del(&fw_mgmt->cdev);
648 ida_simple_remove(&fw_mgmt_minors_map, minor);
649 err_connection_disable:
650 gb_connection_disable(connection);
652 mutex_lock(&list_mutex);
653 list_del(&fw_mgmt->node);
654 mutex_unlock(&list_mutex);
656 put_fw_mgmt(fw_mgmt);
661 void gb_fw_mgmt_connection_exit(struct gb_connection *connection)
663 struct fw_mgmt *fw_mgmt;
668 fw_mgmt = gb_connection_get_data(connection);
670 device_destroy(&fw_mgmt_class, fw_mgmt->dev_num);
671 cdev_del(&fw_mgmt->cdev);
672 ida_simple_remove(&fw_mgmt_minors_map, MINOR(fw_mgmt->dev_num));
675 * Disallow any new ioctl operations on the char device and wait for
676 * existing ones to finish.
678 mutex_lock(&fw_mgmt->mutex);
679 fw_mgmt->disabled = true;
680 mutex_unlock(&fw_mgmt->mutex);
682 /* All pending greybus operations should have finished by now */
683 gb_connection_disable(fw_mgmt->connection);
685 /* Disallow new users to get access to the fw_mgmt structure */
686 mutex_lock(&list_mutex);
687 list_del(&fw_mgmt->node);
688 mutex_unlock(&list_mutex);
691 * All current users of fw_mgmt would have taken a reference to it by
692 * now, we can drop our reference and wait the last user will get
695 put_fw_mgmt(fw_mgmt);
698 int fw_mgmt_init(void)
702 ret = class_register(&fw_mgmt_class);
706 ret = alloc_chrdev_region(&fw_mgmt_dev_num, 0, NUM_MINORS,
709 goto err_remove_class;
714 class_unregister(&fw_mgmt_class);
718 void fw_mgmt_exit(void)
720 unregister_chrdev_region(fw_mgmt_dev_num, NUM_MINORS);
721 class_unregister(&fw_mgmt_class);
722 ida_destroy(&fw_mgmt_minors_map);
projects / linux.git / blob