drivers/staging/greybus/bootrom.c at v4.9-rc8

tjh.dev / kernel
fork
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork
kernel / drivers / staging / greybus / bootrom.c
at v4.9-rc8 524 lines 14 kB view raw
wrap content
  1/*
  2 * BOOTROM Greybus driver.
  3 *
  4 * Copyright 2016 Google Inc.
  5 * Copyright 2016 Linaro Ltd.
  6 *
  7 * Released under the GPLv2 only.
  8 */
  9
 10#include <linux/firmware.h>
 11#include <linux/jiffies.h>
 12#include <linux/mutex.h>
 13#include <linux/workqueue.h>
 14
 15#include "greybus.h"
 16#include "firmware.h"
 17
 18/* Timeout, in jiffies, within which the next request must be received */
 19#define NEXT_REQ_TIMEOUT_MS	1000
 20
 21/*
 22 * FIXME: Reduce this timeout once svc core handles parallel processing of
 23 * events from the SVC, which are handled sequentially today.
 24 */
 25#define MODE_SWITCH_TIMEOUT_MS	10000
 26
 27enum next_request_type {
 28	NEXT_REQ_FIRMWARE_SIZE,
 29	NEXT_REQ_GET_FIRMWARE,
 30	NEXT_REQ_READY_TO_BOOT,
 31	NEXT_REQ_MODE_SWITCH,
 32};
 33
 34struct gb_bootrom {
 35	struct gb_connection	*connection;
 36	const struct firmware	*fw;
 37	u8			protocol_major;
 38	u8			protocol_minor;
 39	enum next_request_type	next_request;
 40	struct delayed_work	dwork;
 41	struct mutex		mutex; /* Protects bootrom->fw */
 42};
 43
 44static void free_firmware(struct gb_bootrom *bootrom)
 45{
 46	if (!bootrom->fw)
 47		return;
 48
 49	release_firmware(bootrom->fw);
 50	bootrom->fw = NULL;
 51}
 52
 53static void gb_bootrom_timedout(struct work_struct *work)
 54{
 55	struct delayed_work *dwork = to_delayed_work(work);
 56	struct gb_bootrom *bootrom = container_of(dwork, struct gb_bootrom, dwork);
 57	struct device *dev = &bootrom->connection->bundle->dev;
 58	const char *reason;
 59
 60	switch (bootrom->next_request) {
 61	case NEXT_REQ_FIRMWARE_SIZE:
 62		reason = "Firmware Size Request";
 63		break;
 64	case NEXT_REQ_GET_FIRMWARE:
 65		reason = "Get Firmware Request";
 66		break;
 67	case NEXT_REQ_READY_TO_BOOT:
 68		reason = "Ready to Boot Request";
 69		break;
 70	case NEXT_REQ_MODE_SWITCH:
 71		reason = "Interface Mode Switch";
 72		break;
 73	default:
 74		reason = NULL;
 75		dev_err(dev, "Invalid next-request: %u", bootrom->next_request);
 76		break;
 77	}
 78
 79	dev_err(dev, "Timed out waiting for %s from the Module\n", reason);
 80
 81	mutex_lock(&bootrom->mutex);
 82	free_firmware(bootrom);
 83	mutex_unlock(&bootrom->mutex);
 84
 85	/* TODO: Power-off Module ? */
 86}
 87
 88static void gb_bootrom_set_timeout(struct gb_bootrom *bootrom,
 89			enum next_request_type next, unsigned long timeout)
 90{
 91	bootrom->next_request = next;
 92	schedule_delayed_work(&bootrom->dwork, msecs_to_jiffies(timeout));
 93}
 94
 95static void gb_bootrom_cancel_timeout(struct gb_bootrom *bootrom)
 96{
 97	cancel_delayed_work_sync(&bootrom->dwork);
 98}
 99
100/*
101 * The es2 chip doesn't have VID/PID programmed into the hardware and we need to
102 * hack that up to distinguish different modules and their firmware blobs.
103 *
104 * This fetches VID/PID (over bootrom protocol) for es2 chip only, when VID/PID
105 * already sent during hotplug are 0.
106 *
107 * Otherwise, we keep intf->vendor_id/product_id same as what's passed
108 * during hotplug.
109 */
110static void bootrom_es2_fixup_vid_pid(struct gb_bootrom *bootrom)
111{
112	struct gb_bootrom_get_vid_pid_response response;
113	struct gb_connection *connection = bootrom->connection;
114	struct gb_interface *intf = connection->bundle->intf;
115	int ret;
116
117	if (!(intf->quirks & GB_INTERFACE_QUIRK_NO_GMP_IDS))
118		return;
119
120	ret = gb_operation_sync(connection, GB_BOOTROM_TYPE_GET_VID_PID,
121				NULL, 0, &response, sizeof(response));
122	if (ret) {
123		dev_err(&connection->bundle->dev,
124			"Bootrom get vid/pid operation failed (%d)\n", ret);
125		return;
126	}
127
128	/*
129	 * NOTE: This is hacked, so that the same values of VID/PID can be used
130	 * by next firmware level as well. The uevent for bootrom will still
131	 * have VID/PID as 0, though after this point the sysfs files will start
132	 * showing the updated values. But yeah, that's a bit racy as the same
133	 * sysfs files would be showing 0 before this point.
134	 */
135	intf->vendor_id = le32_to_cpu(response.vendor_id);
136	intf->product_id = le32_to_cpu(response.product_id);
137
138	dev_dbg(&connection->bundle->dev, "Bootrom got vid (0x%x)/pid (0x%x)\n",
139		intf->vendor_id, intf->product_id);
140}
141
142/* This returns path of the firmware blob on the disk */
143static int find_firmware(struct gb_bootrom *bootrom, u8 stage)
144{
145	struct gb_connection *connection = bootrom->connection;
146	struct gb_interface *intf = connection->bundle->intf;
147	char firmware_name[49];
148	int rc;
149
150	/* Already have a firmware, free it */
151	free_firmware(bootrom);
152
153	/* Bootrom protocol is only supported for loading Stage 2 firmware */
154	if (stage != 2) {
155		dev_err(&connection->bundle->dev, "Invalid boot stage: %u\n",
156			stage);
157		return -EINVAL;
158	}
159
160	/*
161	 * Create firmware name
162	 *
163	 * XXX Name it properly..
164	 */
165	snprintf(firmware_name, sizeof(firmware_name),
166		 FW_NAME_PREFIX "%08x_%08x_%08x_%08x_s2l.tftf",
167		 intf->ddbl1_manufacturer_id, intf->ddbl1_product_id,
168		 intf->vendor_id, intf->product_id);
169
170	// FIXME:
171	// Turn to dev_dbg later after everyone has valid bootloaders with good
172	// ids, but leave this as dev_info for now to make it easier to track
173	// down "empty" vid/pid modules.
174	dev_info(&connection->bundle->dev, "Firmware file '%s' requested\n",
175		 firmware_name);
176
177	rc = request_firmware(&bootrom->fw, firmware_name,
178		&connection->bundle->dev);
179	if (rc) {
180		dev_err(&connection->bundle->dev,
181			"failed to find %s firmware (%d)\n", firmware_name, rc);
182	}
183
184	return rc;
185}
186
187static int gb_bootrom_firmware_size_request(struct gb_operation *op)
188{
189	struct gb_bootrom *bootrom = gb_connection_get_data(op->connection);
190	struct gb_bootrom_firmware_size_request *size_request = op->request->payload;
191	struct gb_bootrom_firmware_size_response *size_response;
192	struct device *dev = &op->connection->bundle->dev;
193	int ret;
194
195	/* Disable timeouts */
196	gb_bootrom_cancel_timeout(bootrom);
197
198	if (op->request->payload_size != sizeof(*size_request)) {
199		dev_err(dev, "%s: illegal size of firmware size request (%zu != %zu)\n",
200			__func__, op->request->payload_size,
201			sizeof(*size_request));
202		ret = -EINVAL;
203		goto queue_work;
204	}
205
206	mutex_lock(&bootrom->mutex);
207
208	ret = find_firmware(bootrom, size_request->stage);
209	if (ret)
210		goto unlock;
211
212	if (!gb_operation_response_alloc(op, sizeof(*size_response),
213					 GFP_KERNEL)) {
214		dev_err(dev, "%s: error allocating response\n", __func__);
215		free_firmware(bootrom);
216		ret = -ENOMEM;
217		goto unlock;
218	}
219
220	size_response = op->response->payload;
221	size_response->size = cpu_to_le32(bootrom->fw->size);
222
223	dev_dbg(dev, "%s: firmware size %d bytes\n", __func__, size_response->size);
224
225unlock:
226	mutex_unlock(&bootrom->mutex);
227
228queue_work:
229	if (!ret) {
230		/* Refresh timeout */
231		gb_bootrom_set_timeout(bootrom, NEXT_REQ_GET_FIRMWARE,
232				       NEXT_REQ_TIMEOUT_MS);
233	}
234
235	return ret;
236}
237
238static int gb_bootrom_get_firmware(struct gb_operation *op)
239{
240	struct gb_bootrom *bootrom = gb_connection_get_data(op->connection);
241	const struct firmware *fw;
242	struct gb_bootrom_get_firmware_request *firmware_request;
243	struct gb_bootrom_get_firmware_response *firmware_response;
244	struct device *dev = &op->connection->bundle->dev;
245	unsigned int offset, size;
246	enum next_request_type next_request;
247	int ret = 0;
248
249	/* Disable timeouts */
250	gb_bootrom_cancel_timeout(bootrom);
251
252	if (op->request->payload_size != sizeof(*firmware_request)) {
253		dev_err(dev, "%s: Illegal size of get firmware request (%zu %zu)\n",
254			__func__, op->request->payload_size,
255			sizeof(*firmware_request));
256		ret = -EINVAL;
257		goto queue_work;
258	}
259
260	mutex_lock(&bootrom->mutex);
261
262	fw = bootrom->fw;
263	if (!fw) {
264		dev_err(dev, "%s: firmware not available\n", __func__);
265		ret = -EINVAL;
266		goto unlock;
267	}
268
269	firmware_request = op->request->payload;
270	offset = le32_to_cpu(firmware_request->offset);
271	size = le32_to_cpu(firmware_request->size);
272
273	if (offset >= fw->size || size > fw->size - offset) {
274		dev_warn(dev, "bad firmware request (offs = %u, size = %u)\n",
275				offset, size);
276		ret = -EINVAL;
277		goto unlock;
278	}
279
280	if (!gb_operation_response_alloc(op, sizeof(*firmware_response) + size,
281					 GFP_KERNEL)) {
282		dev_err(dev, "%s: error allocating response\n", __func__);
283		ret = -ENOMEM;
284		goto unlock;
285	}
286
287	firmware_response = op->response->payload;
288	memcpy(firmware_response->data, fw->data + offset, size);
289
290	dev_dbg(dev, "responding with firmware (offs = %u, size = %u)\n", offset,
291		size);
292
293unlock:
294	mutex_unlock(&bootrom->mutex);
295
296queue_work:
297	/* Refresh timeout */
298	if (!ret && (offset + size == fw->size))
299		next_request = NEXT_REQ_READY_TO_BOOT;
300	else
301		next_request = NEXT_REQ_GET_FIRMWARE;
302
303	gb_bootrom_set_timeout(bootrom, next_request, NEXT_REQ_TIMEOUT_MS);
304
305	return ret;
306}
307
308static int gb_bootrom_ready_to_boot(struct gb_operation *op)
309{
310	struct gb_connection *connection = op->connection;
311	struct gb_bootrom *bootrom = gb_connection_get_data(connection);
312	struct gb_bootrom_ready_to_boot_request *rtb_request;
313	struct device *dev = &connection->bundle->dev;
314	u8 status;
315	int ret = 0;
316
317	/* Disable timeouts */
318	gb_bootrom_cancel_timeout(bootrom);
319
320	if (op->request->payload_size != sizeof(*rtb_request)) {
321		dev_err(dev, "%s: Illegal size of ready to boot request (%zu %zu)\n",
322			__func__, op->request->payload_size,
323			sizeof(*rtb_request));
324		ret = -EINVAL;
325		goto queue_work;
326	}
327
328	rtb_request = op->request->payload;
329	status = rtb_request->status;
330
331	/* Return error if the blob was invalid */
332	if (status == GB_BOOTROM_BOOT_STATUS_INVALID) {
333		ret = -EINVAL;
334		goto queue_work;
335	}
336
337	/*
338	 * XXX Should we return error for insecure firmware?
339	 */
340	dev_dbg(dev, "ready to boot: 0x%x, 0\n", status);
341
342queue_work:
343	/*
344	 * Refresh timeout, the Interface shall load the new personality and
345	 * send a new hotplug request, which shall get rid of the bootrom
346	 * connection. As that can take some time, increase the timeout a bit.
347	 */
348	gb_bootrom_set_timeout(bootrom, NEXT_REQ_MODE_SWITCH,
349			       MODE_SWITCH_TIMEOUT_MS);
350
351	return ret;
352}
353
354static int gb_bootrom_request_handler(struct gb_operation *op)
355{
356	u8 type = op->type;
357
358	switch (type) {
359	case GB_BOOTROM_TYPE_FIRMWARE_SIZE:
360		return gb_bootrom_firmware_size_request(op);
361	case GB_BOOTROM_TYPE_GET_FIRMWARE:
362		return gb_bootrom_get_firmware(op);
363	case GB_BOOTROM_TYPE_READY_TO_BOOT:
364		return gb_bootrom_ready_to_boot(op);
365	default:
366		dev_err(&op->connection->bundle->dev,
367			"unsupported request: %u\n", type);
368		return -EINVAL;
369	}
370}
371
372static int gb_bootrom_get_version(struct gb_bootrom *bootrom)
373{
374	struct gb_bundle *bundle = bootrom->connection->bundle;
375	struct gb_bootrom_version_request request;
376	struct gb_bootrom_version_response response;
377	int ret;
378
379	request.major = GB_BOOTROM_VERSION_MAJOR;
380	request.minor = GB_BOOTROM_VERSION_MINOR;
381
382	ret = gb_operation_sync(bootrom->connection,
383				GB_BOOTROM_TYPE_VERSION,
384				&request, sizeof(request), &response,
385				sizeof(response));
386	if (ret) {
387		dev_err(&bundle->dev,
388				"failed to get protocol version: %d\n",
389				ret);
390		return ret;
391	}
392
393	if (response.major > request.major) {
394		dev_err(&bundle->dev,
395				"unsupported major protocol version (%u > %u)\n",
396				response.major, request.major);
397		return -ENOTSUPP;
398	}
399
400	bootrom->protocol_major = response.major;
401	bootrom->protocol_minor = response.minor;
402
403	dev_dbg(&bundle->dev, "%s - %u.%u\n", __func__, response.major,
404			response.minor);
405
406	return 0;
407}
408
409static int gb_bootrom_probe(struct gb_bundle *bundle,
410					const struct greybus_bundle_id *id)
411{
412	struct greybus_descriptor_cport *cport_desc;
413	struct gb_connection *connection;
414	struct gb_bootrom *bootrom;
415	int ret;
416
417	if (bundle->num_cports != 1)
418		return -ENODEV;
419
420	cport_desc = &bundle->cport_desc[0];
421	if (cport_desc->protocol_id != GREYBUS_PROTOCOL_BOOTROM)
422		return -ENODEV;
423
424	bootrom = kzalloc(sizeof(*bootrom), GFP_KERNEL);
425	if (!bootrom)
426		return -ENOMEM;
427
428	connection = gb_connection_create(bundle,
429						le16_to_cpu(cport_desc->id),
430						gb_bootrom_request_handler);
431	if (IS_ERR(connection)) {
432		ret = PTR_ERR(connection);
433		goto err_free_bootrom;
434	}
435
436	gb_connection_set_data(connection, bootrom);
437
438	bootrom->connection = connection;
439
440	mutex_init(&bootrom->mutex);
441	INIT_DELAYED_WORK(&bootrom->dwork, gb_bootrom_timedout);
442	greybus_set_drvdata(bundle, bootrom);
443
444	ret = gb_connection_enable_tx(connection);
445	if (ret)
446		goto err_connection_destroy;
447
448	ret = gb_bootrom_get_version(bootrom);
449	if (ret)
450		goto err_connection_disable;
451
452	bootrom_es2_fixup_vid_pid(bootrom);
453
454	ret = gb_connection_enable(connection);
455	if (ret)
456		goto err_connection_disable;
457
458	/* Refresh timeout */
459	gb_bootrom_set_timeout(bootrom, NEXT_REQ_FIRMWARE_SIZE,
460			       NEXT_REQ_TIMEOUT_MS);
461
462	/* Tell bootrom we're ready. */
463	ret = gb_operation_sync(connection, GB_BOOTROM_TYPE_AP_READY, NULL, 0,
464				NULL, 0);
465	if (ret) {
466		dev_err(&connection->bundle->dev,
467				"failed to send AP READY: %d\n", ret);
468		goto err_cancel_timeout;
469	}
470
471	dev_dbg(&bundle->dev, "AP_READY sent\n");
472
473	return 0;
474
475err_cancel_timeout:
476	gb_bootrom_cancel_timeout(bootrom);
477err_connection_disable:
478	gb_connection_disable(connection);
479err_connection_destroy:
480	gb_connection_destroy(connection);
481err_free_bootrom:
482	kfree(bootrom);
483
484	return ret;
485}
486
487static void gb_bootrom_disconnect(struct gb_bundle *bundle)
488{
489	struct gb_bootrom *bootrom = greybus_get_drvdata(bundle);
490
491	dev_dbg(&bundle->dev, "%s\n", __func__);
492
493	gb_connection_disable(bootrom->connection);
494
495	/* Disable timeouts */
496	gb_bootrom_cancel_timeout(bootrom);
497
498	/*
499	 * Release firmware:
500	 *
501	 * As the connection and the delayed work are already disabled, we don't
502	 * need to lock access to bootrom->fw here.
503	 */
504	free_firmware(bootrom);
505
506	gb_connection_destroy(bootrom->connection);
507	kfree(bootrom);
508}
509
510static const struct greybus_bundle_id gb_bootrom_id_table[] = {
511	{ GREYBUS_DEVICE_CLASS(GREYBUS_CLASS_BOOTROM) },
512	{ }
513};
514
515static struct greybus_driver gb_bootrom_driver = {
516	.name		= "bootrom",
517	.probe		= gb_bootrom_probe,
518	.disconnect	= gb_bootrom_disconnect,
519	.id_table	= gb_bootrom_id_table,
520};
521
522module_greybus_driver(gb_bootrom_driver);
523
524MODULE_LICENSE("GPL v2");
Configure Feed

Configure Feed
