Avoid reading past buffer when calling GETACL
[zen-stable.git] / drivers / acpi / acpica / dsfield.c
blobcd243cf2cab2373f25c40f076b2d211b8f5641a2
1 /******************************************************************************
3 * Module Name: dsfield - Dispatcher field routines
5 *****************************************************************************/
7 /*
8 * Copyright (C) 2000 - 2012, Intel Corp.
9 * All rights reserved.
11 * Redistribution and use in source and binary forms, with or without
12 * modification, are permitted provided that the following conditions
13 * are met:
14 * 1. Redistributions of source code must retain the above copyright
15 * notice, this list of conditions, and the following disclaimer,
16 * without modification.
17 * 2. Redistributions in binary form must reproduce at minimum a disclaimer
18 * substantially similar to the "NO WARRANTY" disclaimer below
19 * ("Disclaimer") and any redistribution must be conditioned upon
20 * including a substantially similar Disclaimer requirement for further
21 * binary redistribution.
22 * 3. Neither the names of the above-listed copyright holders nor the names
23 * of any contributors may be used to endorse or promote products derived
24 * from this software without specific prior written permission.
26 * Alternatively, this software may be distributed under the terms of the
27 * GNU General Public License ("GPL") version 2 as published by the Free
28 * Software Foundation.
30 * NO WARRANTY
31 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
32 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
33 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR
34 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
35 * HOLDERS OR CONTRIBUTORS BE LIABLE FOR SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
36 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
37 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
38 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
39 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
40 * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
41 * POSSIBILITY OF SUCH DAMAGES.
44 #include <acpi/acpi.h>
45 #include "accommon.h"
46 #include "amlcode.h"
47 #include "acdispat.h"
48 #include "acinterp.h"
49 #include "acnamesp.h"
50 #include "acparser.h"
52 #define _COMPONENT ACPI_DISPATCHER
53 ACPI_MODULE_NAME("dsfield")
55 /* Local prototypes */
56 static acpi_status
57 acpi_ds_get_field_names(struct acpi_create_field_info *info,
58 struct acpi_walk_state *walk_state,
59 union acpi_parse_object *arg);
61 /*******************************************************************************
63 * FUNCTION: acpi_ds_create_buffer_field
65 * PARAMETERS: Op - Current parse op (create_xXField)
66 * walk_state - Current state
68 * RETURN: Status
70 * DESCRIPTION: Execute the create_field operators:
71 * create_bit_field_op,
72 * create_byte_field_op,
73 * create_word_field_op,
74 * create_dword_field_op,
75 * create_qword_field_op,
76 * create_field_op (all of which define a field in a buffer)
78 ******************************************************************************/
80 acpi_status
81 acpi_ds_create_buffer_field(union acpi_parse_object *op,
82 struct acpi_walk_state *walk_state)
84 union acpi_parse_object *arg;
85 struct acpi_namespace_node *node;
86 acpi_status status;
87 union acpi_operand_object *obj_desc;
88 union acpi_operand_object *second_desc = NULL;
89 u32 flags;
91 ACPI_FUNCTION_TRACE(ds_create_buffer_field);
94 * Get the name_string argument (name of the new buffer_field)
96 if (op->common.aml_opcode == AML_CREATE_FIELD_OP) {
98 /* For create_field, name is the 4th argument */
100 arg = acpi_ps_get_arg(op, 3);
101 } else {
102 /* For all other create_xXXField operators, name is the 3rd argument */
104 arg = acpi_ps_get_arg(op, 2);
107 if (!arg) {
108 return_ACPI_STATUS(AE_AML_NO_OPERAND);
111 if (walk_state->deferred_node) {
112 node = walk_state->deferred_node;
113 status = AE_OK;
114 } else {
115 /* Execute flag should always be set when this function is entered */
117 if (!(walk_state->parse_flags & ACPI_PARSE_EXECUTE)) {
118 return_ACPI_STATUS(AE_AML_INTERNAL);
121 /* Creating new namespace node, should not already exist */
123 flags = ACPI_NS_NO_UPSEARCH | ACPI_NS_DONT_OPEN_SCOPE |
124 ACPI_NS_ERROR_IF_FOUND;
127 * Mark node temporary if we are executing a normal control
128 * method. (Don't mark if this is a module-level code method)
130 if (walk_state->method_node &&
131 !(walk_state->parse_flags & ACPI_PARSE_MODULE_LEVEL)) {
132 flags |= ACPI_NS_TEMPORARY;
135 /* Enter the name_string into the namespace */
137 status =
138 acpi_ns_lookup(walk_state->scope_info,
139 arg->common.value.string, ACPI_TYPE_ANY,
140 ACPI_IMODE_LOAD_PASS1, flags, walk_state,
141 &node);
142 if (ACPI_FAILURE(status)) {
143 ACPI_ERROR_NAMESPACE(arg->common.value.string, status);
144 return_ACPI_STATUS(status);
149 * We could put the returned object (Node) on the object stack for later,
150 * but for now, we will put it in the "op" object that the parser uses,
151 * so we can get it again at the end of this scope.
153 op->common.node = node;
156 * If there is no object attached to the node, this node was just created
157 * and we need to create the field object. Otherwise, this was a lookup
158 * of an existing node and we don't want to create the field object again.
160 obj_desc = acpi_ns_get_attached_object(node);
161 if (obj_desc) {
162 return_ACPI_STATUS(AE_OK);
166 * The Field definition is not fully parsed at this time.
167 * (We must save the address of the AML for the buffer and index operands)
170 /* Create the buffer field object */
172 obj_desc = acpi_ut_create_internal_object(ACPI_TYPE_BUFFER_FIELD);
173 if (!obj_desc) {
174 status = AE_NO_MEMORY;
175 goto cleanup;
179 * Remember location in AML stream of the field unit opcode and operands --
180 * since the buffer and index operands must be evaluated.
182 second_desc = obj_desc->common.next_object;
183 second_desc->extra.aml_start = op->named.data;
184 second_desc->extra.aml_length = op->named.length;
185 obj_desc->buffer_field.node = node;
187 /* Attach constructed field descriptors to parent node */
189 status = acpi_ns_attach_object(node, obj_desc, ACPI_TYPE_BUFFER_FIELD);
190 if (ACPI_FAILURE(status)) {
191 goto cleanup;
194 cleanup:
196 /* Remove local reference to the object */
198 acpi_ut_remove_reference(obj_desc);
199 return_ACPI_STATUS(status);
202 /*******************************************************************************
204 * FUNCTION: acpi_ds_get_field_names
206 * PARAMETERS: Info - create_field info structure
207 * ` walk_state - Current method state
208 * Arg - First parser arg for the field name list
210 * RETURN: Status
212 * DESCRIPTION: Process all named fields in a field declaration. Names are
213 * entered into the namespace.
215 ******************************************************************************/
217 static acpi_status
218 acpi_ds_get_field_names(struct acpi_create_field_info *info,
219 struct acpi_walk_state *walk_state,
220 union acpi_parse_object *arg)
222 acpi_status status;
223 u64 position;
224 union acpi_parse_object *child;
226 ACPI_FUNCTION_TRACE_PTR(ds_get_field_names, info);
228 /* First field starts at bit zero */
230 info->field_bit_position = 0;
232 /* Process all elements in the field list (of parse nodes) */
234 while (arg) {
236 * Four types of field elements are handled:
237 * 1) Name - Enters a new named field into the namespace
238 * 2) Offset - specifies a bit offset
239 * 3) access_as - changes the access mode/attributes
240 * 4) Connection - Associate a resource template with the field
242 switch (arg->common.aml_opcode) {
243 case AML_INT_RESERVEDFIELD_OP:
245 position = (u64) info->field_bit_position
246 + (u64) arg->common.value.size;
248 if (position > ACPI_UINT32_MAX) {
249 ACPI_ERROR((AE_INFO,
250 "Bit offset within field too large (> 0xFFFFFFFF)"));
251 return_ACPI_STATUS(AE_SUPPORT);
254 info->field_bit_position = (u32) position;
255 break;
257 case AML_INT_ACCESSFIELD_OP:
258 case AML_INT_EXTACCESSFIELD_OP:
260 * Get new access_type, access_attribute, and access_length fields
261 * -- to be used for all field units that follow, until the
262 * end-of-field or another access_as keyword is encountered.
263 * NOTE. These three bytes are encoded in the integer value
264 * of the parseop for convenience.
266 * In field_flags, preserve the flag bits other than the
267 * ACCESS_TYPE bits.
270 /* access_type (byte_acc, word_acc, etc.) */
272 info->field_flags = (u8)
273 ((info->
274 field_flags & ~(AML_FIELD_ACCESS_TYPE_MASK)) |
275 ((u8)((u32)(arg->common.value.integer & 0x07))));
277 /* access_attribute (attrib_quick, attrib_byte, etc.) */
279 info->attribute =
280 (u8)((arg->common.value.integer >> 8) & 0xFF);
282 /* access_length (for serial/buffer protocols) */
284 info->access_length =
285 (u8)((arg->common.value.integer >> 16) & 0xFF);
286 break;
288 case AML_INT_CONNECTION_OP:
290 * Clear any previous connection. New connection is used for all
291 * fields that follow, similar to access_as
293 info->resource_buffer = NULL;
294 info->connection_node = NULL;
297 * A Connection() is either an actual resource descriptor (buffer)
298 * or a named reference to a resource template
300 child = arg->common.value.arg;
301 if (child->common.aml_opcode == AML_INT_BYTELIST_OP) {
302 info->resource_buffer = child->named.data;
303 info->resource_length =
304 (u16)child->named.value.integer;
305 } else {
306 /* Lookup the Connection() namepath, it should already exist */
308 status = acpi_ns_lookup(walk_state->scope_info,
309 child->common.value.
310 name, ACPI_TYPE_ANY,
311 ACPI_IMODE_EXECUTE,
312 ACPI_NS_DONT_OPEN_SCOPE,
313 walk_state,
314 &info->connection_node);
315 if (ACPI_FAILURE(status)) {
316 ACPI_ERROR_NAMESPACE(child->common.
317 value.name,
318 status);
319 return_ACPI_STATUS(status);
322 break;
324 case AML_INT_NAMEDFIELD_OP:
326 /* Lookup the name, it should already exist */
328 status = acpi_ns_lookup(walk_state->scope_info,
329 (char *)&arg->named.name,
330 info->field_type,
331 ACPI_IMODE_EXECUTE,
332 ACPI_NS_DONT_OPEN_SCOPE,
333 walk_state, &info->field_node);
334 if (ACPI_FAILURE(status)) {
335 ACPI_ERROR_NAMESPACE((char *)&arg->named.name,
336 status);
337 return_ACPI_STATUS(status);
338 } else {
339 arg->common.node = info->field_node;
340 info->field_bit_length = arg->common.value.size;
343 * If there is no object attached to the node, this node was
344 * just created and we need to create the field object.
345 * Otherwise, this was a lookup of an existing node and we
346 * don't want to create the field object again.
348 if (!acpi_ns_get_attached_object
349 (info->field_node)) {
350 status = acpi_ex_prep_field_value(info);
351 if (ACPI_FAILURE(status)) {
352 return_ACPI_STATUS(status);
357 /* Keep track of bit position for the next field */
359 position = (u64) info->field_bit_position
360 + (u64) arg->common.value.size;
362 if (position > ACPI_UINT32_MAX) {
363 ACPI_ERROR((AE_INFO,
364 "Field [%4.4s] bit offset too large (> 0xFFFFFFFF)",
365 ACPI_CAST_PTR(char,
366 &info->field_node->
367 name)));
368 return_ACPI_STATUS(AE_SUPPORT);
371 info->field_bit_position += info->field_bit_length;
372 break;
374 default:
376 ACPI_ERROR((AE_INFO,
377 "Invalid opcode in field list: 0x%X",
378 arg->common.aml_opcode));
379 return_ACPI_STATUS(AE_AML_BAD_OPCODE);
382 arg = arg->common.next;
385 return_ACPI_STATUS(AE_OK);
388 /*******************************************************************************
390 * FUNCTION: acpi_ds_create_field
392 * PARAMETERS: Op - Op containing the Field definition and args
393 * region_node - Object for the containing Operation Region
394 * ` walk_state - Current method state
396 * RETURN: Status
398 * DESCRIPTION: Create a new field in the specified operation region
400 ******************************************************************************/
402 acpi_status
403 acpi_ds_create_field(union acpi_parse_object *op,
404 struct acpi_namespace_node *region_node,
405 struct acpi_walk_state *walk_state)
407 acpi_status status;
408 union acpi_parse_object *arg;
409 struct acpi_create_field_info info;
411 ACPI_FUNCTION_TRACE_PTR(ds_create_field, op);
413 /* First arg is the name of the parent op_region (must already exist) */
415 arg = op->common.value.arg;
416 if (!region_node) {
417 status =
418 acpi_ns_lookup(walk_state->scope_info,
419 arg->common.value.name, ACPI_TYPE_REGION,
420 ACPI_IMODE_EXECUTE, ACPI_NS_SEARCH_PARENT,
421 walk_state, &region_node);
422 if (ACPI_FAILURE(status)) {
423 ACPI_ERROR_NAMESPACE(arg->common.value.name, status);
424 return_ACPI_STATUS(status);
428 ACPI_MEMSET(&info, 0, sizeof(struct acpi_create_field_info));
430 /* Second arg is the field flags */
432 arg = arg->common.next;
433 info.field_flags = (u8) arg->common.value.integer;
434 info.attribute = 0;
436 /* Each remaining arg is a Named Field */
438 info.field_type = ACPI_TYPE_LOCAL_REGION_FIELD;
439 info.region_node = region_node;
441 status = acpi_ds_get_field_names(&info, walk_state, arg->common.next);
442 return_ACPI_STATUS(status);
445 /*******************************************************************************
447 * FUNCTION: acpi_ds_init_field_objects
449 * PARAMETERS: Op - Op containing the Field definition and args
450 * ` walk_state - Current method state
452 * RETURN: Status
454 * DESCRIPTION: For each "Field Unit" name in the argument list that is
455 * part of the field declaration, enter the name into the
456 * namespace.
458 ******************************************************************************/
460 acpi_status
461 acpi_ds_init_field_objects(union acpi_parse_object *op,
462 struct acpi_walk_state *walk_state)
464 acpi_status status;
465 union acpi_parse_object *arg = NULL;
466 struct acpi_namespace_node *node;
467 u8 type = 0;
468 u32 flags;
470 ACPI_FUNCTION_TRACE_PTR(ds_init_field_objects, op);
472 /* Execute flag should always be set when this function is entered */
474 if (!(walk_state->parse_flags & ACPI_PARSE_EXECUTE)) {
475 if (walk_state->parse_flags & ACPI_PARSE_DEFERRED_OP) {
477 /* bank_field Op is deferred, just return OK */
479 return_ACPI_STATUS(AE_OK);
482 return_ACPI_STATUS(AE_AML_INTERNAL);
486 * Get the field_list argument for this opcode. This is the start of the
487 * list of field elements.
489 switch (walk_state->opcode) {
490 case AML_FIELD_OP:
491 arg = acpi_ps_get_arg(op, 2);
492 type = ACPI_TYPE_LOCAL_REGION_FIELD;
493 break;
495 case AML_BANK_FIELD_OP:
496 arg = acpi_ps_get_arg(op, 4);
497 type = ACPI_TYPE_LOCAL_BANK_FIELD;
498 break;
500 case AML_INDEX_FIELD_OP:
501 arg = acpi_ps_get_arg(op, 3);
502 type = ACPI_TYPE_LOCAL_INDEX_FIELD;
503 break;
505 default:
506 return_ACPI_STATUS(AE_BAD_PARAMETER);
509 /* Creating new namespace node(s), should not already exist */
511 flags = ACPI_NS_NO_UPSEARCH | ACPI_NS_DONT_OPEN_SCOPE |
512 ACPI_NS_ERROR_IF_FOUND;
515 * Mark node(s) temporary if we are executing a normal control
516 * method. (Don't mark if this is a module-level code method)
518 if (walk_state->method_node &&
519 !(walk_state->parse_flags & ACPI_PARSE_MODULE_LEVEL)) {
520 flags |= ACPI_NS_TEMPORARY;
524 * Walk the list of entries in the field_list
525 * Note: field_list can be of zero length. In this case, Arg will be NULL.
527 while (arg) {
529 * Ignore OFFSET/ACCESSAS/CONNECTION terms here; we are only interested
530 * in the field names in order to enter them into the namespace.
532 if (arg->common.aml_opcode == AML_INT_NAMEDFIELD_OP) {
533 status = acpi_ns_lookup(walk_state->scope_info,
534 (char *)&arg->named.name, type,
535 ACPI_IMODE_LOAD_PASS1, flags,
536 walk_state, &node);
537 if (ACPI_FAILURE(status)) {
538 ACPI_ERROR_NAMESPACE((char *)&arg->named.name,
539 status);
540 if (status != AE_ALREADY_EXISTS) {
541 return_ACPI_STATUS(status);
544 /* Name already exists, just ignore this error */
546 status = AE_OK;
549 arg->common.node = node;
552 /* Get the next field element in the list */
554 arg = arg->common.next;
557 return_ACPI_STATUS(AE_OK);
560 /*******************************************************************************
562 * FUNCTION: acpi_ds_create_bank_field
564 * PARAMETERS: Op - Op containing the Field definition and args
565 * region_node - Object for the containing Operation Region
566 * walk_state - Current method state
568 * RETURN: Status
570 * DESCRIPTION: Create a new bank field in the specified operation region
572 ******************************************************************************/
574 acpi_status
575 acpi_ds_create_bank_field(union acpi_parse_object *op,
576 struct acpi_namespace_node *region_node,
577 struct acpi_walk_state *walk_state)
579 acpi_status status;
580 union acpi_parse_object *arg;
581 struct acpi_create_field_info info;
583 ACPI_FUNCTION_TRACE_PTR(ds_create_bank_field, op);
585 /* First arg is the name of the parent op_region (must already exist) */
587 arg = op->common.value.arg;
588 if (!region_node) {
589 status =
590 acpi_ns_lookup(walk_state->scope_info,
591 arg->common.value.name, ACPI_TYPE_REGION,
592 ACPI_IMODE_EXECUTE, ACPI_NS_SEARCH_PARENT,
593 walk_state, &region_node);
594 if (ACPI_FAILURE(status)) {
595 ACPI_ERROR_NAMESPACE(arg->common.value.name, status);
596 return_ACPI_STATUS(status);
600 /* Second arg is the Bank Register (Field) (must already exist) */
602 arg = arg->common.next;
603 status =
604 acpi_ns_lookup(walk_state->scope_info, arg->common.value.string,
605 ACPI_TYPE_ANY, ACPI_IMODE_EXECUTE,
606 ACPI_NS_SEARCH_PARENT, walk_state,
607 &info.register_node);
608 if (ACPI_FAILURE(status)) {
609 ACPI_ERROR_NAMESPACE(arg->common.value.string, status);
610 return_ACPI_STATUS(status);
614 * Third arg is the bank_value
615 * This arg is a term_arg, not a constant
616 * It will be evaluated later, by acpi_ds_eval_bank_field_operands
618 arg = arg->common.next;
620 /* Fourth arg is the field flags */
622 arg = arg->common.next;
623 info.field_flags = (u8) arg->common.value.integer;
625 /* Each remaining arg is a Named Field */
627 info.field_type = ACPI_TYPE_LOCAL_BANK_FIELD;
628 info.region_node = region_node;
631 * Use Info.data_register_node to store bank_field Op
632 * It's safe because data_register_node will never be used when create bank field
633 * We store aml_start and aml_length in the bank_field Op for late evaluation
634 * Used in acpi_ex_prep_field_value(Info)
636 * TBD: Or, should we add a field in struct acpi_create_field_info, like "void *ParentOp"?
638 info.data_register_node = (struct acpi_namespace_node *)op;
640 status = acpi_ds_get_field_names(&info, walk_state, arg->common.next);
641 return_ACPI_STATUS(status);
644 /*******************************************************************************
646 * FUNCTION: acpi_ds_create_index_field
648 * PARAMETERS: Op - Op containing the Field definition and args
649 * region_node - Object for the containing Operation Region
650 * ` walk_state - Current method state
652 * RETURN: Status
654 * DESCRIPTION: Create a new index field in the specified operation region
656 ******************************************************************************/
658 acpi_status
659 acpi_ds_create_index_field(union acpi_parse_object *op,
660 struct acpi_namespace_node *region_node,
661 struct acpi_walk_state *walk_state)
663 acpi_status status;
664 union acpi_parse_object *arg;
665 struct acpi_create_field_info info;
667 ACPI_FUNCTION_TRACE_PTR(ds_create_index_field, op);
669 /* First arg is the name of the Index register (must already exist) */
671 arg = op->common.value.arg;
672 status =
673 acpi_ns_lookup(walk_state->scope_info, arg->common.value.string,
674 ACPI_TYPE_ANY, ACPI_IMODE_EXECUTE,
675 ACPI_NS_SEARCH_PARENT, walk_state,
676 &info.register_node);
677 if (ACPI_FAILURE(status)) {
678 ACPI_ERROR_NAMESPACE(arg->common.value.string, status);
679 return_ACPI_STATUS(status);
682 /* Second arg is the data register (must already exist) */
684 arg = arg->common.next;
685 status =
686 acpi_ns_lookup(walk_state->scope_info, arg->common.value.string,
687 ACPI_TYPE_ANY, ACPI_IMODE_EXECUTE,
688 ACPI_NS_SEARCH_PARENT, walk_state,
689 &info.data_register_node);
690 if (ACPI_FAILURE(status)) {
691 ACPI_ERROR_NAMESPACE(arg->common.value.string, status);
692 return_ACPI_STATUS(status);
695 /* Next arg is the field flags */
697 arg = arg->common.next;
698 info.field_flags = (u8) arg->common.value.integer;
700 /* Each remaining arg is a Named Field */
702 info.field_type = ACPI_TYPE_LOCAL_INDEX_FIELD;
703 info.region_node = region_node;
705 status = acpi_ds_get_field_names(&info, walk_state, arg->common.next);
706 return_ACPI_STATUS(status);