search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Linux 3.4.71
[linux/fpc-iii.git] / drivers / staging / mei / main.c
blob7c9321fa7bb15b59706a7b239f9fd803bc9e95b2
1 /*
2 *
3 * Intel Management Engine Interface (Intel MEI) Linux driver
4 * Copyright (c) 2003-2012, Intel Corporation.
5 *
6 * This program is free software; you can redistribute it and/or modify it
7 * under the terms and conditions of the GNU General Public License,
8 * version 2, as published by the Free Software Foundation.
9 *
10 * This program is distributed in the hope it will be useful, but WITHOUT
11 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
12 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
13 * more details.
14 *
15 */
16
17 #include <linux/module.h>
18 #include <linux/moduleparam.h>
19 #include <linux/kernel.h>
20 #include <linux/device.h>
21 #include <linux/fs.h>
22 #include <linux/errno.h>
23 #include <linux/types.h>
24 #include <linux/fcntl.h>
25 #include <linux/aio.h>
26 #include <linux/pci.h>
27 #include <linux/poll.h>
28 #include <linux/init.h>
29 #include <linux/ioctl.h>
30 #include <linux/cdev.h>
31 #include <linux/sched.h>
32 #include <linux/uuid.h>
33 #include <linux/compat.h>
34 #include <linux/jiffies.h>
35 #include <linux/interrupt.h>
36 #include <linux/miscdevice.h>
37
38 #include "mei_dev.h"
39 #include "mei.h"
40 #include "interface.h"
41
42
43 #define MEI_READ_TIMEOUT 45
44 #define MEI_DRIVER_NAME "mei"
45 #define MEI_DEV_NAME "mei"
46
47 /*
48 * mei driver strings
49 */
50 static char mei_driver_name[] = MEI_DRIVER_NAME;
51 static const char mei_driver_string[] = "Intel(R) Management Engine Interface";
52
53 /* The device pointer */
54 /* Currently this driver works as long as there is only a single AMT device. */
55 struct pci_dev *mei_device;
56
57 /* mei_pci_tbl - PCI Device ID Table */
58 static DEFINE_PCI_DEVICE_TABLE(mei_pci_tbl) = {
59 {PCI_DEVICE(PCI_VENDOR_ID_INTEL, MEI_DEV_ID_82946GZ)},
60 {PCI_DEVICE(PCI_VENDOR_ID_INTEL, MEI_DEV_ID_82G35)},
61 {PCI_DEVICE(PCI_VENDOR_ID_INTEL, MEI_DEV_ID_82Q965)},
62 {PCI_DEVICE(PCI_VENDOR_ID_INTEL, MEI_DEV_ID_82G965)},
63 {PCI_DEVICE(PCI_VENDOR_ID_INTEL, MEI_DEV_ID_82GM965)},
64 {PCI_DEVICE(PCI_VENDOR_ID_INTEL, MEI_DEV_ID_82GME965)},
65 {PCI_DEVICE(PCI_VENDOR_ID_INTEL, MEI_DEV_ID_ICH9_82Q35)},
66 {PCI_DEVICE(PCI_VENDOR_ID_INTEL, MEI_DEV_ID_ICH9_82G33)},
67 {PCI_DEVICE(PCI_VENDOR_ID_INTEL, MEI_DEV_ID_ICH9_82Q33)},
68 {PCI_DEVICE(PCI_VENDOR_ID_INTEL, MEI_DEV_ID_ICH9_82X38)},
69 {PCI_DEVICE(PCI_VENDOR_ID_INTEL, MEI_DEV_ID_ICH9_3200)},
70 {PCI_DEVICE(PCI_VENDOR_ID_INTEL, MEI_DEV_ID_ICH9_6)},
71 {PCI_DEVICE(PCI_VENDOR_ID_INTEL, MEI_DEV_ID_ICH9_7)},
72 {PCI_DEVICE(PCI_VENDOR_ID_INTEL, MEI_DEV_ID_ICH9_8)},
73 {PCI_DEVICE(PCI_VENDOR_ID_INTEL, MEI_DEV_ID_ICH9_9)},
74 {PCI_DEVICE(PCI_VENDOR_ID_INTEL, MEI_DEV_ID_ICH9_10)},
75 {PCI_DEVICE(PCI_VENDOR_ID_INTEL, MEI_DEV_ID_ICH9M_1)},
76 {PCI_DEVICE(PCI_VENDOR_ID_INTEL, MEI_DEV_ID_ICH9M_2)},
77 {PCI_DEVICE(PCI_VENDOR_ID_INTEL, MEI_DEV_ID_ICH9M_3)},
78 {PCI_DEVICE(PCI_VENDOR_ID_INTEL, MEI_DEV_ID_ICH9M_4)},
79 {PCI_DEVICE(PCI_VENDOR_ID_INTEL, MEI_DEV_ID_ICH10_1)},
80 {PCI_DEVICE(PCI_VENDOR_ID_INTEL, MEI_DEV_ID_ICH10_2)},
81 {PCI_DEVICE(PCI_VENDOR_ID_INTEL, MEI_DEV_ID_ICH10_3)},
82 {PCI_DEVICE(PCI_VENDOR_ID_INTEL, MEI_DEV_ID_ICH10_4)},
83 {PCI_DEVICE(PCI_VENDOR_ID_INTEL, MEI_DEV_ID_IBXPK_1)},
84 {PCI_DEVICE(PCI_VENDOR_ID_INTEL, MEI_DEV_ID_IBXPK_2)},
85 {PCI_DEVICE(PCI_VENDOR_ID_INTEL, MEI_DEV_ID_CPT_1)},
86 {PCI_DEVICE(PCI_VENDOR_ID_INTEL, MEI_DEV_ID_PBG_1)},
87 {PCI_DEVICE(PCI_VENDOR_ID_INTEL, MEI_DEV_ID_PPT_1)},
88 {PCI_DEVICE(PCI_VENDOR_ID_INTEL, MEI_DEV_ID_PPT_2)},
89 {PCI_DEVICE(PCI_VENDOR_ID_INTEL, MEI_DEV_ID_PPT_3)},
90
91 /* required last entry */
92 {0, }
93 };
94
95 MODULE_DEVICE_TABLE(pci, mei_pci_tbl);
96
97 static DEFINE_MUTEX(mei_mutex);
98
99
100 /**
101 * mei_clear_list - removes all callbacks associated with file
102 * from mei_cb_list
103 *
104 * @dev: device structure.
105 * @file: file structure
106 * @mei_cb_list: callbacks list
107 *
108 * mei_clear_list is called to clear resources associated with file
109 * when application calls close function or Ctrl-C was pressed
110 *
111 * returns true if callback removed from the list, false otherwise
112 */
113 static bool mei_clear_list(struct mei_device *dev,
114 struct file *file, struct list_head *mei_cb_list)
115 {
116 struct mei_cl_cb *cb_pos = NULL;
117 struct mei_cl_cb *cb_next = NULL;
118 struct file *file_temp;
119 bool removed = false;
120
121 /* list all list member */
122 list_for_each_entry_safe(cb_pos, cb_next, mei_cb_list, cb_list) {
123 file_temp = (struct file *)cb_pos->file_object;
124 /* check if list member associated with a file */
125 if (file_temp == file) {
126 /* remove member from the list */
127 list_del(&cb_pos->cb_list);
128 /* check if cb equal to current iamthif cb */
129 if (dev->iamthif_current_cb == cb_pos) {
130 dev->iamthif_current_cb = NULL;
131 /* send flow control to iamthif client */
132 mei_send_flow_control(dev, &dev->iamthif_cl);
133 }
134 /* free all allocated buffers */
135 mei_free_cb_private(cb_pos);
136 cb_pos = NULL;
137 removed = true;
138 }
139 }
140 return removed;
141 }
142
143 /**
144 * mei_clear_lists - removes all callbacks associated with file
145 *
146 * @dev: device structure
147 * @file: file structure
148 *
149 * mei_clear_lists is called to clear resources associated with file
150 * when application calls close function or Ctrl-C was pressed
151 *
152 * returns true if callback removed from the list, false otherwise
153 */
154 static bool mei_clear_lists(struct mei_device *dev, struct file *file)
155 {
156 bool removed = false;
157
158 /* remove callbacks associated with a file */
159 mei_clear_list(dev, file, &dev->amthi_cmd_list.mei_cb.cb_list);
160 if (mei_clear_list(dev, file,
161 &dev->amthi_read_complete_list.mei_cb.cb_list))
162 removed = true;
163
164 mei_clear_list(dev, file, &dev->ctrl_rd_list.mei_cb.cb_list);
165
166 if (mei_clear_list(dev, file, &dev->ctrl_wr_list.mei_cb.cb_list))
167 removed = true;
168
169 if (mei_clear_list(dev, file, &dev->write_waiting_list.mei_cb.cb_list))
170 removed = true;
171
172 if (mei_clear_list(dev, file, &dev->write_list.mei_cb.cb_list))
173 removed = true;
174
175 /* check if iamthif_current_cb not NULL */
176 if (dev->iamthif_current_cb && !removed) {
177 /* check file and iamthif current cb association */
178 if (dev->iamthif_current_cb->file_object == file) {
179 /* remove cb */
180 mei_free_cb_private(dev->iamthif_current_cb);
181 dev->iamthif_current_cb = NULL;
182 removed = true;
183 }
184 }
185 return removed;
186 }
187 /**
188 * find_read_list_entry - find read list entry
189 *
190 * @dev: device structure
191 * @file: pointer to file structure
192 *
193 * returns cb on success, NULL on error
194 */
195 static struct mei_cl_cb *find_read_list_entry(
196 struct mei_device *dev,
197 struct mei_cl *cl)
198 {
199 struct mei_cl_cb *pos = NULL;
200 struct mei_cl_cb *next = NULL;
201
202 dev_dbg(&dev->pdev->dev, "remove read_list CB\n");
203 list_for_each_entry_safe(pos, next,
204 &dev->read_list.mei_cb.cb_list, cb_list) {
205 struct mei_cl *cl_temp;
206 cl_temp = (struct mei_cl *)pos->file_private;
207
208 if (mei_cl_cmp_id(cl, cl_temp))
209 return pos;
210 }
211 return NULL;
212 }
213
214 /**
215 * mei_open - the open function
216 *
217 * @inode: pointer to inode structure
218 * @file: pointer to file structure
219 *
220 * returns 0 on success, <0 on error
221 */
222 static int mei_open(struct inode *inode, struct file *file)
223 {
224 struct mei_cl *cl;
225 struct mei_device *dev;
226 unsigned long cl_id;
227 int err;
228
229 err = -ENODEV;
230 if (!mei_device)
231 goto out;
232
233 dev = pci_get_drvdata(mei_device);
234 if (!dev)
235 goto out;
236
237 mutex_lock(&dev->device_lock);
238 err = -ENOMEM;
239 cl = mei_cl_allocate(dev);
240 if (!cl)
241 goto out_unlock;
242
243 err = -ENODEV;
244 if (dev->mei_state != MEI_ENABLED) {
245 dev_dbg(&dev->pdev->dev, "mei_state != MEI_ENABLED mei_state= %d\n",
246 dev->mei_state);
247 goto out_unlock;
248 }
249 err = -EMFILE;
250 if (dev->open_handle_count >= MEI_MAX_OPEN_HANDLE_COUNT)
251 goto out_unlock;
252
253 cl_id = find_first_zero_bit(dev->host_clients_map, MEI_CLIENTS_MAX);
254 if (cl_id >= MEI_CLIENTS_MAX)
255 goto out_unlock;
256
257 cl->host_client_id = cl_id;
258
259 dev_dbg(&dev->pdev->dev, "client_id = %d\n", cl->host_client_id);
260
261 dev->open_handle_count++;
262
263 list_add_tail(&cl->link, &dev->file_list);
264
265 set_bit(cl->host_client_id, dev->host_clients_map);
266 cl->state = MEI_FILE_INITIALIZING;
267 cl->sm_state = 0;
268
269 file->private_data = cl;
270 mutex_unlock(&dev->device_lock);
271
272 return nonseekable_open(inode, file);
273
274 out_unlock:
275 mutex_unlock(&dev->device_lock);
276 kfree(cl);
277 out:
278 return err;
279 }
280
281 /**
282 * mei_release - the release function
283 *
284 * @inode: pointer to inode structure
285 * @file: pointer to file structure
286 *
287 * returns 0 on success, <0 on error
288 */
289 static int mei_release(struct inode *inode, struct file *file)
290 {
291 struct mei_cl *cl = file->private_data;
292 struct mei_cl_cb *cb;
293 struct mei_device *dev;
294 int rets = 0;
295
296 if (WARN_ON(!cl || !cl->dev))
297 return -ENODEV;
298
299 dev = cl->dev;
300
301 mutex_lock(&dev->device_lock);
302 if (cl != &dev->iamthif_cl) {
303 if (cl->state == MEI_FILE_CONNECTED) {
304 cl->state = MEI_FILE_DISCONNECTING;
305 dev_dbg(&dev->pdev->dev,
306 "disconnecting client host client = %d, "
307 "ME client = %d\n",
308 cl->host_client_id,
309 cl->me_client_id);
310 rets = mei_disconnect_host_client(dev, cl);
311 }
312 mei_cl_flush_queues(cl);
313 dev_dbg(&dev->pdev->dev, "remove client host client = %d, ME client = %d\n",
314 cl->host_client_id,
315 cl->me_client_id);
316
317 if (dev->open_handle_count > 0) {
318 clear_bit(cl->host_client_id, dev->host_clients_map);
319 dev->open_handle_count--;
320 }
321 mei_remove_client_from_file_list(dev, cl->host_client_id);
322
323 /* free read cb */
324 cb = NULL;
325 if (cl->read_cb) {
326 cb = find_read_list_entry(dev, cl);
327 /* Remove entry from read list */
328 if (cb)
329 list_del(&cb->cb_list);
330
331 cb = cl->read_cb;
332 cl->read_cb = NULL;
333 }
334
335 file->private_data = NULL;
336
337 if (cb) {
338 mei_free_cb_private(cb);
339 cb = NULL;
340 }
341
342 kfree(cl);
343 } else {
344 if (dev->open_handle_count > 0)
345 dev->open_handle_count--;
346
347 if (dev->iamthif_file_object == file &&
348 dev->iamthif_state != MEI_IAMTHIF_IDLE) {
349
350 dev_dbg(&dev->pdev->dev, "amthi canceled iamthif state %d\n",
351 dev->iamthif_state);
352 dev->iamthif_canceled = true;
353 if (dev->iamthif_state == MEI_IAMTHIF_READ_COMPLETE) {
354 dev_dbg(&dev->pdev->dev, "run next amthi iamthif cb\n");
355 mei_run_next_iamthif_cmd(dev);
356 }
357 }
358
359 if (mei_clear_lists(dev, file))
360 dev->iamthif_state = MEI_IAMTHIF_IDLE;
361
362 }
363 mutex_unlock(&dev->device_lock);
364 return rets;
365 }
366
367
368 /**
369 * mei_read - the read function.
370 *
371 * @file: pointer to file structure
372 * @ubuf: pointer to user buffer
373 * @length: buffer length
374 * @offset: data offset in buffer
375 *
376 * returns >=0 data length on success , <0 on error
377 */
378 static ssize_t mei_read(struct file *file, char __user *ubuf,
379 size_t length, loff_t *offset)
380 {
381 struct mei_cl *cl = file->private_data;
382 struct mei_cl_cb *cb_pos = NULL;
383 struct mei_cl_cb *cb = NULL;
384 struct mei_device *dev;
385 int i;
386 int rets;
387 int err;
388
389
390 if (WARN_ON(!cl || !cl->dev))
391 return -ENODEV;
392
393 dev = cl->dev;
394
395 mutex_lock(&dev->device_lock);
396 if (dev->mei_state != MEI_ENABLED) {
397 rets = -ENODEV;
398 goto out;
399 }
400
401 if ((cl->sm_state & MEI_WD_STATE_INDEPENDENCE_MSG_SENT) == 0) {
402 /* Do not allow to read watchdog client */
403 i = mei_find_me_client_index(dev, mei_wd_guid);
404 if (i >= 0) {
405 struct mei_me_client *me_client = &dev->me_clients[i];
406
407 if (cl->me_client_id == me_client->client_id) {
408 rets = -EBADF;
409 goto out;
410 }
411 }
412 } else {
413 cl->sm_state &= ~MEI_WD_STATE_INDEPENDENCE_MSG_SENT;
414 }
415
416 if (cl == &dev->iamthif_cl) {
417 rets = amthi_read(dev, file, ubuf, length, offset);
418 goto out;
419 }
420
421 if (cl->read_cb && cl->read_cb->information > *offset) {
422 cb = cl->read_cb;
423 goto copy_buffer;
424 } else if (cl->read_cb && cl->read_cb->information > 0 &&
425 cl->read_cb->information <= *offset) {
426 cb = cl->read_cb;
427 rets = 0;
428 goto free;
429 } else if ((!cl->read_cb || !cl->read_cb->information) &&
430 *offset > 0) {
431 /*Offset needs to be cleaned for contiguous reads*/
432 *offset = 0;
433 rets = 0;
434 goto out;
435 }
436
437 err = mei_start_read(dev, cl);
438 if (err && err != -EBUSY) {
439 dev_dbg(&dev->pdev->dev,
440 "mei start read failure with status = %d\n", err);
441 rets = err;
442 goto out;
443 }
444
445 if (MEI_READ_COMPLETE != cl->reading_state &&
446 !waitqueue_active(&cl->rx_wait)) {
447 if (file->f_flags & O_NONBLOCK) {
448 rets = -EAGAIN;
449 goto out;
450 }
451
452 mutex_unlock(&dev->device_lock);
453
454 if (wait_event_interruptible(cl->rx_wait,
455 (MEI_READ_COMPLETE == cl->reading_state ||
456 MEI_FILE_INITIALIZING == cl->state ||
457 MEI_FILE_DISCONNECTED == cl->state ||
458 MEI_FILE_DISCONNECTING == cl->state))) {
459 if (signal_pending(current))
460 return -EINTR;
461 return -ERESTARTSYS;
462 }
463
464 mutex_lock(&dev->device_lock);
465 if (MEI_FILE_INITIALIZING == cl->state ||
466 MEI_FILE_DISCONNECTED == cl->state ||
467 MEI_FILE_DISCONNECTING == cl->state) {
468 rets = -EBUSY;
469 goto out;
470 }
471 }
472
473 cb = cl->read_cb;
474
475 if (!cb) {
476 rets = -ENODEV;
477 goto out;
478 }
479 if (cl->reading_state != MEI_READ_COMPLETE) {
480 rets = 0;
481 goto out;
482 }
483 /* now copy the data to user space */
484 copy_buffer:
485 dev_dbg(&dev->pdev->dev, "cb->response_buffer size - %d\n",
486 cb->response_buffer.size);
487 dev_dbg(&dev->pdev->dev, "cb->information - %lu\n",
488 cb->information);
489 if (length == 0 || ubuf == NULL || *offset > cb->information) {
490 rets = -EMSGSIZE;
491 goto free;
492 }
493
494 /* length is being truncated to PAGE_SIZE, however, */
495 /* information size may be longer */
496 length = min_t(size_t, length, (cb->information - *offset));
497
498 if (copy_to_user(ubuf, cb->response_buffer.data + *offset, length)) {
499 rets = -EFAULT;
500 goto free;
501 }
502
503 rets = length;
504 *offset += length;
505 if ((unsigned long)*offset < cb->information)
506 goto out;
507
508 free:
509 cb_pos = find_read_list_entry(dev, cl);
510 /* Remove entry from read list */
511 if (cb_pos)
512 list_del(&cb_pos->cb_list);
513 mei_free_cb_private(cb);
514 cl->reading_state = MEI_IDLE;
515 cl->read_cb = NULL;
516 cl->read_pending = 0;
517 out:
518 dev_dbg(&dev->pdev->dev, "end mei read rets= %d\n", rets);
519 mutex_unlock(&dev->device_lock);
520 return rets;
521 }
522
523 /**
524 * mei_write - the write function.
525 *
526 * @file: pointer to file structure
527 * @ubuf: pointer to user buffer
528 * @length: buffer length
529 * @offset: data offset in buffer
530 *
531 * returns >=0 data length on success , <0 on error
532 */
533 static ssize_t mei_write(struct file *file, const char __user *ubuf,
534 size_t length, loff_t *offset)
535 {
536 struct mei_cl *cl = file->private_data;
537 struct mei_cl_cb *write_cb = NULL;
538 struct mei_msg_hdr mei_hdr;
539 struct mei_device *dev;
540 unsigned long timeout = 0;
541 int rets;
542 int i;
543
544 if (WARN_ON(!cl || !cl->dev))
545 return -ENODEV;
546
547 dev = cl->dev;
548
549 mutex_lock(&dev->device_lock);
550
551 if (dev->mei_state != MEI_ENABLED) {
552 mutex_unlock(&dev->device_lock);
553 return -ENODEV;
554 }
555
556 if (cl == &dev->iamthif_cl) {
557 write_cb = find_amthi_read_list_entry(dev, file);
558
559 if (write_cb) {
560 timeout = write_cb->read_time +
561 msecs_to_jiffies(IAMTHIF_READ_TIMER);
562
563 if (time_after(jiffies, timeout) ||
564 cl->reading_state == MEI_READ_COMPLETE) {
565 *offset = 0;
566 list_del(&write_cb->cb_list);
567 mei_free_cb_private(write_cb);
568 write_cb = NULL;
569 }
570 }
571 }
572
573 /* free entry used in read */
574 if (cl->reading_state == MEI_READ_COMPLETE) {
575 *offset = 0;
576 write_cb = find_read_list_entry(dev, cl);
577 if (write_cb) {
578 list_del(&write_cb->cb_list);
579 mei_free_cb_private(write_cb);
580 write_cb = NULL;
581 cl->reading_state = MEI_IDLE;
582 cl->read_cb = NULL;
583 cl->read_pending = 0;
584 }
585 } else if (cl->reading_state == MEI_IDLE && !cl->read_pending)
586 *offset = 0;
587
588
589 write_cb = kzalloc(sizeof(struct mei_cl_cb), GFP_KERNEL);
590 if (!write_cb) {
591 mutex_unlock(&dev->device_lock);
592 return -ENOMEM;
593 }
594
595 write_cb->file_object = file;
596 write_cb->file_private = cl;
597 write_cb->request_buffer.data = kmalloc(length, GFP_KERNEL);
598 rets = -ENOMEM;
599 if (!write_cb->request_buffer.data)
600 goto unlock_dev;
601
602 dev_dbg(&dev->pdev->dev, "length =%d\n", (int) length);
603
604 rets = -EFAULT;
605 if (copy_from_user(write_cb->request_buffer.data, ubuf, length))
606 goto unlock_dev;
607
608 cl->sm_state = 0;
609 if (length == 4 &&
610 ((memcmp(mei_wd_state_independence_msg[0],
611 write_cb->request_buffer.data, 4) == 0) ||
612 (memcmp(mei_wd_state_independence_msg[1],
613 write_cb->request_buffer.data, 4) == 0) ||
614 (memcmp(mei_wd_state_independence_msg[2],
615 write_cb->request_buffer.data, 4) == 0)))
616 cl->sm_state |= MEI_WD_STATE_INDEPENDENCE_MSG_SENT;
617
618 INIT_LIST_HEAD(&write_cb->cb_list);
619 if (cl == &dev->iamthif_cl) {
620 write_cb->response_buffer.data =
621 kmalloc(dev->iamthif_mtu, GFP_KERNEL);
622 if (!write_cb->response_buffer.data) {
623 rets = -ENOMEM;
624 goto unlock_dev;
625 }
626 if (dev->mei_state != MEI_ENABLED) {
627 rets = -ENODEV;
628 goto unlock_dev;
629 }
630 for (i = 0; i < dev->me_clients_num; i++) {
631 if (dev->me_clients[i].client_id ==
632 dev->iamthif_cl.me_client_id)
633 break;
634 }
635
636 if (WARN_ON(dev->me_clients[i].client_id != cl->me_client_id)) {
637 rets = -ENODEV;
638 goto unlock_dev;
639 }
640 if (i == dev->me_clients_num ||
641 (dev->me_clients[i].client_id !=
642 dev->iamthif_cl.me_client_id)) {
643 rets = -ENODEV;
644 goto unlock_dev;
645 } else if (length > dev->me_clients[i].props.max_msg_length ||
646 length <= 0) {
647 rets = -EMSGSIZE;
648 goto unlock_dev;
649 }
650
651 write_cb->response_buffer.size = dev->iamthif_mtu;
652 write_cb->major_file_operations = MEI_IOCTL;
653 write_cb->information = 0;
654 write_cb->request_buffer.size = length;
655 if (dev->iamthif_cl.state != MEI_FILE_CONNECTED) {
656 rets = -ENODEV;
657 goto unlock_dev;
658 }
659
660 if (!list_empty(&dev->amthi_cmd_list.mei_cb.cb_list) ||
661 dev->iamthif_state != MEI_IAMTHIF_IDLE) {
662 dev_dbg(&dev->pdev->dev, "amthi_state = %d\n",
663 (int) dev->iamthif_state);
664 dev_dbg(&dev->pdev->dev, "add amthi cb to amthi cmd waiting list\n");
665 list_add_tail(&write_cb->cb_list,
666 &dev->amthi_cmd_list.mei_cb.cb_list);
667 rets = length;
668 } else {
669 dev_dbg(&dev->pdev->dev, "call amthi write\n");
670 rets = amthi_write(dev, write_cb);
671
672 if (rets) {
673 dev_dbg(&dev->pdev->dev, "amthi write failed with status = %d\n",
674 rets);
675 goto unlock_dev;
676 }
677 rets = length;
678 }
679 mutex_unlock(&dev->device_lock);
680 return rets;
681 }
682
683 write_cb->major_file_operations = MEI_WRITE;
684 /* make sure information is zero before we start */
685
686 write_cb->information = 0;
687 write_cb->request_buffer.size = length;
688
689 dev_dbg(&dev->pdev->dev, "host client = %d, ME client = %d\n",
690 cl->host_client_id, cl->me_client_id);
691 if (cl->state != MEI_FILE_CONNECTED) {
692 rets = -ENODEV;
693 dev_dbg(&dev->pdev->dev, "host client = %d, is not connected to ME client = %d",
694 cl->host_client_id,
695 cl->me_client_id);
696 goto unlock_dev;
697 }
698 for (i = 0; i < dev->me_clients_num; i++) {
699 if (dev->me_clients[i].client_id ==
700 cl->me_client_id)
701 break;
702 }
703 if (WARN_ON(dev->me_clients[i].client_id != cl->me_client_id)) {
704 rets = -ENODEV;
705 goto unlock_dev;
706 }
707 if (i == dev->me_clients_num) {
708 rets = -ENODEV;
709 goto unlock_dev;
710 }
711 if (length > dev->me_clients[i].props.max_msg_length || length <= 0) {
712 rets = -EINVAL;
713 goto unlock_dev;
714 }
715 write_cb->file_private = cl;
716
717 rets = mei_flow_ctrl_creds(dev, cl);
718 if (rets < 0)
719 goto unlock_dev;
720
721 if (rets && dev->mei_host_buffer_is_empty) {
722 rets = 0;
723 dev->mei_host_buffer_is_empty = false;
724 if (length > ((((dev->host_hw_state & H_CBD) >> 24) *
725 sizeof(u32)) - sizeof(struct mei_msg_hdr))) {
726
727 mei_hdr.length =
728 (((dev->host_hw_state & H_CBD) >> 24) *
729 sizeof(u32)) -
730 sizeof(struct mei_msg_hdr);
731 mei_hdr.msg_complete = 0;
732 } else {
733 mei_hdr.length = length;
734 mei_hdr.msg_complete = 1;
735 }
736 mei_hdr.host_addr = cl->host_client_id;
737 mei_hdr.me_addr = cl->me_client_id;
738 mei_hdr.reserved = 0;
739 dev_dbg(&dev->pdev->dev, "call mei_write_message header=%08x.\n",
740 *((u32 *) &mei_hdr));
741 if (mei_write_message(dev, &mei_hdr,
742 (unsigned char *) (write_cb->request_buffer.data),
743 mei_hdr.length)) {
744 rets = -ENODEV;
745 goto unlock_dev;
746 }
747 cl->writing_state = MEI_WRITING;
748 write_cb->information = mei_hdr.length;
749 if (mei_hdr.msg_complete) {
750 if (mei_flow_ctrl_reduce(dev, cl)) {
751 rets = -ENODEV;
752 goto unlock_dev;
753 }
754 list_add_tail(&write_cb->cb_list,
755 &dev->write_waiting_list.mei_cb.cb_list);
756 } else {
757 list_add_tail(&write_cb->cb_list,
758 &dev->write_list.mei_cb.cb_list);
759 }
760
761 } else {
762
763 write_cb->information = 0;
764 cl->writing_state = MEI_WRITING;
765 list_add_tail(&write_cb->cb_list,
766 &dev->write_list.mei_cb.cb_list);
767 }
768 mutex_unlock(&dev->device_lock);
769 return length;
770
771 unlock_dev:
772 mutex_unlock(&dev->device_lock);
773 mei_free_cb_private(write_cb);
774 return rets;
775 }
776
777
778 /**
779 * mei_ioctl - the IOCTL function
780 *
781 * @file: pointer to file structure
782 * @cmd: ioctl command
783 * @data: pointer to mei message structure
784 *
785 * returns 0 on success , <0 on error
786 */
787 static long mei_ioctl(struct file *file, unsigned int cmd, unsigned long data)
788 {
789 struct mei_device *dev;
790 struct mei_cl *cl = file->private_data;
791 struct mei_connect_client_data *connect_data = NULL;
792 int rets;
793
794 if (cmd != IOCTL_MEI_CONNECT_CLIENT)
795 return -EINVAL;
796
797 if (WARN_ON(!cl || !cl->dev))
798 return -ENODEV;
799
800 dev = cl->dev;
801
802 dev_dbg(&dev->pdev->dev, "IOCTL cmd = 0x%x", cmd);
803
804 mutex_lock(&dev->device_lock);
805 if (dev->mei_state != MEI_ENABLED) {
806 rets = -ENODEV;
807 goto out;
808 }
809
810 dev_dbg(&dev->pdev->dev, ": IOCTL_MEI_CONNECT_CLIENT.\n");
811
812 connect_data = kzalloc(sizeof(struct mei_connect_client_data),
813 GFP_KERNEL);
814 if (!connect_data) {
815 rets = -ENOMEM;
816 goto out;
817 }
818 dev_dbg(&dev->pdev->dev, "copy connect data from user\n");
819 if (copy_from_user(connect_data, (char __user *)data,
820 sizeof(struct mei_connect_client_data))) {
821 dev_dbg(&dev->pdev->dev, "failed to copy data from userland\n");
822 rets = -EFAULT;
823 goto out;
824 }
825 rets = mei_ioctl_connect_client(file, connect_data);
826
827 /* if all is ok, copying the data back to user. */
828 if (rets)
829 goto out;
830
831 dev_dbg(&dev->pdev->dev, "copy connect data to user\n");
832 if (copy_to_user((char __user *)data, connect_data,
833 sizeof(struct mei_connect_client_data))) {
834 dev_dbg(&dev->pdev->dev, "failed to copy data to userland\n");
835 rets = -EFAULT;
836 goto out;
837 }
838
839 out:
840 kfree(connect_data);
841 mutex_unlock(&dev->device_lock);
842 return rets;
843 }
844
845 /**
846 * mei_compat_ioctl - the compat IOCTL function
847 *
848 * @file: pointer to file structure
849 * @cmd: ioctl command
850 * @data: pointer to mei message structure
851 *
852 * returns 0 on success , <0 on error
853 */
854 #ifdef CONFIG_COMPAT
855 static long mei_compat_ioctl(struct file *file,
856 unsigned int cmd, unsigned long data)
857 {
858 return mei_ioctl(file, cmd, (unsigned long)compat_ptr(data));
859 }
860 #endif
861
862
863 /**
864 * mei_poll - the poll function
865 *
866 * @file: pointer to file structure
867 * @wait: pointer to poll_table structure
868 *
869 * returns poll mask
870 */
871 static unsigned int mei_poll(struct file *file, poll_table *wait)
872 {
873 struct mei_cl *cl = file->private_data;
874 struct mei_device *dev;
875 unsigned int mask = 0;
876
877 if (WARN_ON(!cl || !cl->dev))
878 return mask;
879
880 dev = cl->dev;
881
882 mutex_lock(&dev->device_lock);
883
884 if (dev->mei_state != MEI_ENABLED)
885 goto out;
886
887
888 if (cl == &dev->iamthif_cl) {
889 mutex_unlock(&dev->device_lock);
890 poll_wait(file, &dev->iamthif_cl.wait, wait);
891 mutex_lock(&dev->device_lock);
892 if (dev->iamthif_state == MEI_IAMTHIF_READ_COMPLETE &&
893 dev->iamthif_file_object == file) {
894 mask |= (POLLIN | POLLRDNORM);
895 dev_dbg(&dev->pdev->dev, "run next amthi cb\n");
896 mei_run_next_iamthif_cmd(dev);
897 }
898 goto out;
899 }
900
901 mutex_unlock(&dev->device_lock);
902 poll_wait(file, &cl->tx_wait, wait);
903 mutex_lock(&dev->device_lock);
904 if (MEI_WRITE_COMPLETE == cl->writing_state)
905 mask |= (POLLIN | POLLRDNORM);
906
907 out:
908 mutex_unlock(&dev->device_lock);
909 return mask;
910 }
911
912 /*
913 * file operations structure will be used for mei char device.
914 */
915 static const struct file_operations mei_fops = {
916 .owner = THIS_MODULE,
917 .read = mei_read,
918 .unlocked_ioctl = mei_ioctl,
919 #ifdef CONFIG_COMPAT
920 .compat_ioctl = mei_compat_ioctl,
921 #endif
922 .open = mei_open,
923 .release = mei_release,
924 .write = mei_write,
925 .poll = mei_poll,
926 .llseek = no_llseek
927 };
928
929
930 /*
931 * Misc Device Struct
932 */
933 static struct miscdevice mei_misc_device = {
934 .name = MEI_DRIVER_NAME,
935 .fops = &mei_fops,
936 .minor = MISC_DYNAMIC_MINOR,
937 };
938
939 /**
940 * mei_probe - Device Initialization Routine
941 *
942 * @pdev: PCI device structure
943 * @ent: entry in kcs_pci_tbl
944 *
945 * returns 0 on success, <0 on failure.
946 */
947 static int __devinit mei_probe(struct pci_dev *pdev,
948 const struct pci_device_id *ent)
949 {
950 struct mei_device *dev;
951 int err;
952
953 mutex_lock(&mei_mutex);
954 if (mei_device) {
955 err = -EEXIST;
956 goto end;
957 }
958 /* enable pci dev */
959 err = pci_enable_device(pdev);
960 if (err) {
961 printk(KERN_ERR "mei: Failed to enable pci device.\n");
962 goto end;
963 }
964 /* set PCI host mastering */
965 pci_set_master(pdev);
966 /* pci request regions for mei driver */
967 err = pci_request_regions(pdev, mei_driver_name);
968 if (err) {
969 printk(KERN_ERR "mei: Failed to get pci regions.\n");
970 goto disable_device;
971 }
972 /* allocates and initializes the mei dev structure */
973 dev = mei_device_init(pdev);
974 if (!dev) {
975 err = -ENOMEM;
976 goto release_regions;
977 }
978 /* mapping IO device memory */
979 dev->mem_addr = pci_iomap(pdev, 0, 0);
980 if (!dev->mem_addr) {
981 printk(KERN_ERR "mei: mapping I/O device memory failure.\n");
982 err = -ENOMEM;
983 goto free_device;
984 }
985 pci_enable_msi(pdev);
986
987 /* request and enable interrupt */
988 if (pci_dev_msi_enabled(pdev))
989 err = request_threaded_irq(pdev->irq,
990 NULL,
991 mei_interrupt_thread_handler,
992 0, mei_driver_name, dev);
993 else
994 err = request_threaded_irq(pdev->irq,
995 mei_interrupt_quick_handler,
996 mei_interrupt_thread_handler,
997 IRQF_SHARED, mei_driver_name, dev);
998
999 if (err) {
1000 printk(KERN_ERR "mei: request_threaded_irq failure. irq = %d\n",
1001 pdev->irq);
1002 goto unmap_memory;
1003 }
1004 INIT_DELAYED_WORK(&dev->timer_work, mei_timer);
1005 if (mei_hw_init(dev)) {
1006 printk(KERN_ERR "mei: Init hw failure.\n");
1007 err = -ENODEV;
1008 goto release_irq;
1009 }
1010
1011 err = misc_register(&mei_misc_device);
1012 if (err)
1013 goto release_irq;
1014
1015 mei_device = pdev;
1016 pci_set_drvdata(pdev, dev);
1017
1018
1019 schedule_delayed_work(&dev->timer_work, HZ);
1020
1021 mutex_unlock(&mei_mutex);
1022
1023 pr_debug("mei: Driver initialization successful.\n");
1024
1025 return 0;
1026
1027 release_irq:
1028 /* disable interrupts */
1029 dev->host_hw_state = mei_hcsr_read(dev);
1030 mei_disable_interrupts(dev);
1031 flush_scheduled_work();
1032 free_irq(pdev->irq, dev);
1033 pci_disable_msi(pdev);
1034 unmap_memory:
1035 pci_iounmap(pdev, dev->mem_addr);
1036 free_device:
1037 kfree(dev);
1038 release_regions:
1039 pci_release_regions(pdev);
1040 disable_device:
1041 pci_disable_device(pdev);
1042 end:
1043 mutex_unlock(&mei_mutex);
1044 printk(KERN_ERR "mei: Driver initialization failed.\n");
1045 return err;
1046 }
1047
1048 /**
1049 * mei_remove - Device Removal Routine
1050 *
1051 * @pdev: PCI device structure
1052 *
1053 * mei_remove is called by the PCI subsystem to alert the driver
1054 * that it should release a PCI device.
1055 */
1056 static void __devexit mei_remove(struct pci_dev *pdev)
1057 {
1058 struct mei_device *dev;
1059
1060 if (mei_device != pdev)
1061 return;
1062
1063 dev = pci_get_drvdata(pdev);
1064 if (!dev)
1065 return;
1066
1067 mutex_lock(&dev->device_lock);
1068
1069 mei_wd_stop(dev, false);
1070
1071 mei_device = NULL;
1072
1073 if (dev->iamthif_cl.state == MEI_FILE_CONNECTED) {
1074 dev->iamthif_cl.state = MEI_FILE_DISCONNECTING;
1075 mei_disconnect_host_client(dev, &dev->iamthif_cl);
1076 }
1077 if (dev->wd_cl.state == MEI_FILE_CONNECTED) {
1078 dev->wd_cl.state = MEI_FILE_DISCONNECTING;
1079 mei_disconnect_host_client(dev, &dev->wd_cl);
1080 }
1081
1082 /* Unregistering watchdog device */
1083 mei_watchdog_unregister(dev);
1084
1085 /* remove entry if already in list */
1086 dev_dbg(&pdev->dev, "list del iamthif and wd file list.\n");
1087 mei_remove_client_from_file_list(dev, dev->wd_cl.host_client_id);
1088 mei_remove_client_from_file_list(dev, dev->iamthif_cl.host_client_id);
1089
1090 dev->iamthif_current_cb = NULL;
1091 dev->me_clients_num = 0;
1092
1093 mutex_unlock(&dev->device_lock);
1094
1095 flush_scheduled_work();
1096
1097 /* disable interrupts */
1098 mei_disable_interrupts(dev);
1099
1100 free_irq(pdev->irq, dev);
1101 pci_disable_msi(pdev);
1102 pci_set_drvdata(pdev, NULL);
1103
1104 if (dev->mem_addr)
1105 pci_iounmap(pdev, dev->mem_addr);
1106
1107 kfree(dev);
1108
1109 pci_release_regions(pdev);
1110 pci_disable_device(pdev);
1111 }
1112 #ifdef CONFIG_PM
1113 static int mei_pci_suspend(struct device *device)
1114 {
1115 struct pci_dev *pdev = to_pci_dev(device);
1116 struct mei_device *dev = pci_get_drvdata(pdev);
1117 int err;
1118
1119 if (!dev)
1120 return -ENODEV;
1121 mutex_lock(&dev->device_lock);
1122 /* Stop watchdog if exists */
1123 err = mei_wd_stop(dev, true);
1124 /* Set new mei state */
1125 if (dev->mei_state == MEI_ENABLED ||
1126 dev->mei_state == MEI_RECOVERING_FROM_RESET) {
1127 dev->mei_state = MEI_POWER_DOWN;
1128 mei_reset(dev, 0);
1129 }
1130 mutex_unlock(&dev->device_lock);
1131
1132 free_irq(pdev->irq, dev);
1133 pci_disable_msi(pdev);
1134
1135 return err;
1136 }
1137
1138 static int mei_pci_resume(struct device *device)
1139 {
1140 struct pci_dev *pdev = to_pci_dev(device);
1141 struct mei_device *dev;
1142 int err;
1143
1144 dev = pci_get_drvdata(pdev);
1145 if (!dev)
1146 return -ENODEV;
1147
1148 pci_enable_msi(pdev);
1149
1150 /* request and enable interrupt */
1151 if (pci_dev_msi_enabled(pdev))
1152 err = request_threaded_irq(pdev->irq,
1153 NULL,
1154 mei_interrupt_thread_handler,
1155 0, mei_driver_name, dev);
1156 else
1157 err = request_threaded_irq(pdev->irq,
1158 mei_interrupt_quick_handler,
1159 mei_interrupt_thread_handler,
1160 IRQF_SHARED, mei_driver_name, dev);
1161
1162 if (err) {
1163 printk(KERN_ERR "mei: Request_irq failure. irq = %d\n",
1164 pdev->irq);
1165 return err;
1166 }
1167
1168 mutex_lock(&dev->device_lock);
1169 dev->mei_state = MEI_POWER_UP;
1170 mei_reset(dev, 1);
1171 mutex_unlock(&dev->device_lock);
1172
1173 /* Start timer if stopped in suspend */
1174 schedule_delayed_work(&dev->timer_work, HZ);
1175
1176 return err;
1177 }
1178 static SIMPLE_DEV_PM_OPS(mei_pm_ops, mei_pci_suspend, mei_pci_resume);
1179 #define MEI_PM_OPS (&mei_pm_ops)
1180 #else
1181 #define MEI_PM_OPS NULL
1182 #endif /* CONFIG_PM */
1183 /*
1184 * PCI driver structure
1185 */
1186 static struct pci_driver mei_driver = {
1187 .name = mei_driver_name,
1188 .id_table = mei_pci_tbl,
1189 .probe = mei_probe,
1190 .remove = __devexit_p(mei_remove),
1191 .shutdown = __devexit_p(mei_remove),
1192 .driver.pm = MEI_PM_OPS,
1193 };
1194
1195 /**
1196 * mei_init_module - Driver Registration Routine
1197 *
1198 * mei_init_module is the first routine called when the driver is
1199 * loaded. All it does is to register with the PCI subsystem.
1200 *
1201 * returns 0 on success, <0 on failure.
1202 */
1203 static int __init mei_init_module(void)
1204 {
1205 int ret;
1206
1207 pr_debug("mei: %s\n", mei_driver_string);
1208 /* init pci module */
1209 ret = pci_register_driver(&mei_driver);
1210 if (ret < 0)
1211 printk(KERN_ERR "mei: Error registering driver.\n");
1212
1213 return ret;
1214 }
1215
1216 module_init(mei_init_module);
1217
1218 /**
1219 * mei_exit_module - Driver Exit Cleanup Routine
1220 *
1221 * mei_exit_module is called just before the driver is removed
1222 * from memory.
1223 */
1224 static void __exit mei_exit_module(void)
1225 {
1226 misc_deregister(&mei_misc_device);
1227 pci_unregister_driver(&mei_driver);
1228
1229 pr_debug("mei: Driver unloaded successfully.\n");
1230 }
1231
1232 module_exit(mei_exit_module);
1233
1234
1235 MODULE_AUTHOR("Intel Corporation");
1236 MODULE_DESCRIPTION("Intel(R) Management Engine Interface");
1237 MODULE_LICENSE("GPL v2");
Linux with added FPC-III support