1 // SPDX-License-Identifier: GPL-2.0-or-later 2 /* 3 * 4 * Procedures for interfacing to the RTAS on CHRP machines. 5 * 6 * Peter Bergner, IBM March 2001. 7 * Copyright (C) 2001 IBM. 8 */ 9 10 #include <linux/stdarg.h> 11 #include <linux/kernel.h> 12 #include <linux/types.h> 13 #include <linux/spinlock.h> 14 #include <linux/export.h> 15 #include <linux/init.h> 16 #include <linux/capability.h> 17 #include <linux/delay.h> 18 #include <linux/cpu.h> 19 #include <linux/sched.h> 20 #include <linux/smp.h> 21 #include <linux/completion.h> 22 #include <linux/cpumask.h> 23 #include <linux/memblock.h> 24 #include <linux/slab.h> 25 #include <linux/reboot.h> 26 #include <linux/syscalls.h> 27 #include <linux/of.h> 28 #include <linux/of_fdt.h> 29 30 #include <asm/interrupt.h> 31 #include <asm/rtas.h> 32 #include <asm/hvcall.h> 33 #include <asm/machdep.h> 34 #include <asm/firmware.h> 35 #include <asm/page.h> 36 #include <asm/param.h> 37 #include <asm/delay.h> 38 #include <linux/uaccess.h> 39 #include <asm/udbg.h> 40 #include <asm/syscalls.h> 41 #include <asm/smp.h> 42 #include <linux/atomic.h> 43 #include <asm/time.h> 44 #include <asm/mmu.h> 45 #include <asm/topology.h> 46 #include <asm/paca.h> 47 48 /* This is here deliberately so it's only used in this file */ 49 void enter_rtas(unsigned long); 50 51 static inline void do_enter_rtas(unsigned long args) 52 { 53 enter_rtas(args); 54 55 srr_regs_clobbered(); /* rtas uses SRRs, invalidate */ 56 } 57 58 struct rtas_t rtas = { 59 .lock = __ARCH_SPIN_LOCK_UNLOCKED 60 }; 61 EXPORT_SYMBOL(rtas); 62 63 DEFINE_SPINLOCK(rtas_data_buf_lock); 64 EXPORT_SYMBOL(rtas_data_buf_lock); 65 66 char rtas_data_buf[RTAS_DATA_BUF_SIZE] __cacheline_aligned; 67 EXPORT_SYMBOL(rtas_data_buf); 68 69 unsigned long rtas_rmo_buf; 70 71 /* 72 * If non-NULL, this gets called when the kernel terminates. 73 * This is done like this so rtas_flash can be a module. 74 */ 75 void (*rtas_flash_term_hook)(int); 76 EXPORT_SYMBOL(rtas_flash_term_hook); 77 78 /* RTAS use home made raw locking instead of spin_lock_irqsave 79 * because those can be called from within really nasty contexts 80 * such as having the timebase stopped which would lockup with 81 * normal locks and spinlock debugging enabled 82 */ 83 static unsigned long lock_rtas(void) 84 { 85 unsigned long flags; 86 87 local_irq_save(flags); 88 preempt_disable(); 89 arch_spin_lock(&rtas.lock); 90 return flags; 91 } 92 93 static void unlock_rtas(unsigned long flags) 94 { 95 arch_spin_unlock(&rtas.lock); 96 local_irq_restore(flags); 97 preempt_enable(); 98 } 99 100 /* 101 * call_rtas_display_status and call_rtas_display_status_delay 102 * are designed only for very early low-level debugging, which 103 * is why the token is hard-coded to 10. 104 */ 105 static void call_rtas_display_status(unsigned char c) 106 { 107 unsigned long s; 108 109 if (!rtas.base) 110 return; 111 112 s = lock_rtas(); 113 rtas_call_unlocked(&rtas.args, 10, 1, 1, NULL, c); 114 unlock_rtas(s); 115 } 116 117 static void call_rtas_display_status_delay(char c) 118 { 119 static int pending_newline = 0; /* did last write end with unprinted newline? */ 120 static int width = 16; 121 122 if (c == '\n') { 123 while (width-- > 0) 124 call_rtas_display_status(' '); 125 width = 16; 126 mdelay(500); 127 pending_newline = 1; 128 } else { 129 if (pending_newline) { 130 call_rtas_display_status('\r'); 131 call_rtas_display_status('\n'); 132 } 133 pending_newline = 0; 134 if (width--) { 135 call_rtas_display_status(c); 136 udelay(10000); 137 } 138 } 139 } 140 141 void __init udbg_init_rtas_panel(void) 142 { 143 udbg_putc = call_rtas_display_status_delay; 144 } 145 146 #ifdef CONFIG_UDBG_RTAS_CONSOLE 147 148 /* If you think you're dying before early_init_dt_scan_rtas() does its 149 * work, you can hard code the token values for your firmware here and 150 * hardcode rtas.base/entry etc. 151 */ 152 static unsigned int rtas_putchar_token = RTAS_UNKNOWN_SERVICE; 153 static unsigned int rtas_getchar_token = RTAS_UNKNOWN_SERVICE; 154 155 static void udbg_rtascon_putc(char c) 156 { 157 int tries; 158 159 if (!rtas.base) 160 return; 161 162 /* Add CRs before LFs */ 163 if (c == '\n') 164 udbg_rtascon_putc('\r'); 165 166 /* if there is more than one character to be displayed, wait a bit */ 167 for (tries = 0; tries < 16; tries++) { 168 if (rtas_call(rtas_putchar_token, 1, 1, NULL, c) == 0) 169 break; 170 udelay(1000); 171 } 172 } 173 174 static int udbg_rtascon_getc_poll(void) 175 { 176 int c; 177 178 if (!rtas.base) 179 return -1; 180 181 if (rtas_call(rtas_getchar_token, 0, 2, &c)) 182 return -1; 183 184 return c; 185 } 186 187 static int udbg_rtascon_getc(void) 188 { 189 int c; 190 191 while ((c = udbg_rtascon_getc_poll()) == -1) 192 ; 193 194 return c; 195 } 196 197 198 void __init udbg_init_rtas_console(void) 199 { 200 udbg_putc = udbg_rtascon_putc; 201 udbg_getc = udbg_rtascon_getc; 202 udbg_getc_poll = udbg_rtascon_getc_poll; 203 } 204 #endif /* CONFIG_UDBG_RTAS_CONSOLE */ 205 206 void rtas_progress(char *s, unsigned short hex) 207 { 208 struct device_node *root; 209 int width; 210 const __be32 *p; 211 char *os; 212 static int display_character, set_indicator; 213 static int display_width, display_lines, form_feed; 214 static const int *row_width; 215 static DEFINE_SPINLOCK(progress_lock); 216 static int current_line; 217 static int pending_newline = 0; /* did last write end with unprinted newline? */ 218 219 if (!rtas.base) 220 return; 221 222 if (display_width == 0) { 223 display_width = 0x10; 224 if ((root = of_find_node_by_path("/rtas"))) { 225 if ((p = of_get_property(root, 226 "ibm,display-line-length", NULL))) 227 display_width = be32_to_cpu(*p); 228 if ((p = of_get_property(root, 229 "ibm,form-feed", NULL))) 230 form_feed = be32_to_cpu(*p); 231 if ((p = of_get_property(root, 232 "ibm,display-number-of-lines", NULL))) 233 display_lines = be32_to_cpu(*p); 234 row_width = of_get_property(root, 235 "ibm,display-truncation-length", NULL); 236 of_node_put(root); 237 } 238 display_character = rtas_token("display-character"); 239 set_indicator = rtas_token("set-indicator"); 240 } 241 242 if (display_character == RTAS_UNKNOWN_SERVICE) { 243 /* use hex display if available */ 244 if (set_indicator != RTAS_UNKNOWN_SERVICE) 245 rtas_call(set_indicator, 3, 1, NULL, 6, 0, hex); 246 return; 247 } 248 249 spin_lock(&progress_lock); 250 251 /* 252 * Last write ended with newline, but we didn't print it since 253 * it would just clear the bottom line of output. Print it now 254 * instead. 255 * 256 * If no newline is pending and form feed is supported, clear the 257 * display with a form feed; otherwise, print a CR to start output 258 * at the beginning of the line. 259 */ 260 if (pending_newline) { 261 rtas_call(display_character, 1, 1, NULL, '\r'); 262 rtas_call(display_character, 1, 1, NULL, '\n'); 263 pending_newline = 0; 264 } else { 265 current_line = 0; 266 if (form_feed) 267 rtas_call(display_character, 1, 1, NULL, 268 (char)form_feed); 269 else 270 rtas_call(display_character, 1, 1, NULL, '\r'); 271 } 272 273 if (row_width) 274 width = row_width[current_line]; 275 else 276 width = display_width; 277 os = s; 278 while (*os) { 279 if (*os == '\n' || *os == '\r') { 280 /* If newline is the last character, save it 281 * until next call to avoid bumping up the 282 * display output. 283 */ 284 if (*os == '\n' && !os[1]) { 285 pending_newline = 1; 286 current_line++; 287 if (current_line > display_lines-1) 288 current_line = display_lines-1; 289 spin_unlock(&progress_lock); 290 return; 291 } 292 293 /* RTAS wants CR-LF, not just LF */ 294 295 if (*os == '\n') { 296 rtas_call(display_character, 1, 1, NULL, '\r'); 297 rtas_call(display_character, 1, 1, NULL, '\n'); 298 } else { 299 /* CR might be used to re-draw a line, so we'll 300 * leave it alone and not add LF. 301 */ 302 rtas_call(display_character, 1, 1, NULL, *os); 303 } 304 305 if (row_width) 306 width = row_width[current_line]; 307 else 308 width = display_width; 309 } else { 310 width--; 311 rtas_call(display_character, 1, 1, NULL, *os); 312 } 313 314 os++; 315 316 /* if we overwrite the screen length */ 317 if (width <= 0) 318 while ((*os != 0) && (*os != '\n') && (*os != '\r')) 319 os++; 320 } 321 322 spin_unlock(&progress_lock); 323 } 324 EXPORT_SYMBOL(rtas_progress); /* needed by rtas_flash module */ 325 326 int rtas_token(const char *service) 327 { 328 const __be32 *tokp; 329 if (rtas.dev == NULL) 330 return RTAS_UNKNOWN_SERVICE; 331 tokp = of_get_property(rtas.dev, service, NULL); 332 return tokp ? be32_to_cpu(*tokp) : RTAS_UNKNOWN_SERVICE; 333 } 334 EXPORT_SYMBOL(rtas_token); 335 336 int rtas_service_present(const char *service) 337 { 338 return rtas_token(service) != RTAS_UNKNOWN_SERVICE; 339 } 340 EXPORT_SYMBOL(rtas_service_present); 341 342 #ifdef CONFIG_RTAS_ERROR_LOGGING 343 /* 344 * Return the firmware-specified size of the error log buffer 345 * for all rtas calls that require an error buffer argument. 346 * This includes 'check-exception' and 'rtas-last-error'. 347 */ 348 int rtas_get_error_log_max(void) 349 { 350 static int rtas_error_log_max; 351 if (rtas_error_log_max) 352 return rtas_error_log_max; 353 354 rtas_error_log_max = rtas_token ("rtas-error-log-max"); 355 if ((rtas_error_log_max == RTAS_UNKNOWN_SERVICE) || 356 (rtas_error_log_max > RTAS_ERROR_LOG_MAX)) { 357 printk (KERN_WARNING "RTAS: bad log buffer size %d\n", 358 rtas_error_log_max); 359 rtas_error_log_max = RTAS_ERROR_LOG_MAX; 360 } 361 return rtas_error_log_max; 362 } 363 EXPORT_SYMBOL(rtas_get_error_log_max); 364 365 366 static char rtas_err_buf[RTAS_ERROR_LOG_MAX]; 367 static int rtas_last_error_token; 368 369 /** Return a copy of the detailed error text associated with the 370 * most recent failed call to rtas. Because the error text 371 * might go stale if there are any other intervening rtas calls, 372 * this routine must be called atomically with whatever produced 373 * the error (i.e. with rtas.lock still held from the previous call). 374 */ 375 static char *__fetch_rtas_last_error(char *altbuf) 376 { 377 struct rtas_args err_args, save_args; 378 u32 bufsz; 379 char *buf = NULL; 380 381 if (rtas_last_error_token == -1) 382 return NULL; 383 384 bufsz = rtas_get_error_log_max(); 385 386 err_args.token = cpu_to_be32(rtas_last_error_token); 387 err_args.nargs = cpu_to_be32(2); 388 err_args.nret = cpu_to_be32(1); 389 err_args.args[0] = cpu_to_be32(__pa(rtas_err_buf)); 390 err_args.args[1] = cpu_to_be32(bufsz); 391 err_args.args[2] = 0; 392 393 save_args = rtas.args; 394 rtas.args = err_args; 395 396 do_enter_rtas(__pa(&rtas.args)); 397 398 err_args = rtas.args; 399 rtas.args = save_args; 400 401 /* Log the error in the unlikely case that there was one. */ 402 if (unlikely(err_args.args[2] == 0)) { 403 if (altbuf) { 404 buf = altbuf; 405 } else { 406 buf = rtas_err_buf; 407 if (slab_is_available()) 408 buf = kmalloc(RTAS_ERROR_LOG_MAX, GFP_ATOMIC); 409 } 410 if (buf) 411 memcpy(buf, rtas_err_buf, RTAS_ERROR_LOG_MAX); 412 } 413 414 return buf; 415 } 416 417 #define get_errorlog_buffer() kmalloc(RTAS_ERROR_LOG_MAX, GFP_KERNEL) 418 419 #else /* CONFIG_RTAS_ERROR_LOGGING */ 420 #define __fetch_rtas_last_error(x) NULL 421 #define get_errorlog_buffer() NULL 422 #endif 423 424 425 static void 426 va_rtas_call_unlocked(struct rtas_args *args, int token, int nargs, int nret, 427 va_list list) 428 { 429 int i; 430 431 args->token = cpu_to_be32(token); 432 args->nargs = cpu_to_be32(nargs); 433 args->nret = cpu_to_be32(nret); 434 args->rets = &(args->args[nargs]); 435 436 for (i = 0; i < nargs; ++i) 437 args->args[i] = cpu_to_be32(va_arg(list, __u32)); 438 439 for (i = 0; i < nret; ++i) 440 args->rets[i] = 0; 441 442 do_enter_rtas(__pa(args)); 443 } 444 445 void rtas_call_unlocked(struct rtas_args *args, int token, int nargs, int nret, ...) 446 { 447 va_list list; 448 449 va_start(list, nret); 450 va_rtas_call_unlocked(args, token, nargs, nret, list); 451 va_end(list); 452 } 453 454 int rtas_call(int token, int nargs, int nret, int *outputs, ...) 455 { 456 va_list list; 457 int i; 458 unsigned long s; 459 struct rtas_args *rtas_args; 460 char *buff_copy = NULL; 461 int ret; 462 463 if (!rtas.entry || token == RTAS_UNKNOWN_SERVICE) 464 return -1; 465 466 s = lock_rtas(); 467 468 /* We use the global rtas args buffer */ 469 rtas_args = &rtas.args; 470 471 va_start(list, outputs); 472 va_rtas_call_unlocked(rtas_args, token, nargs, nret, list); 473 va_end(list); 474 475 /* A -1 return code indicates that the last command couldn't 476 be completed due to a hardware error. */ 477 if (be32_to_cpu(rtas_args->rets[0]) == -1) 478 buff_copy = __fetch_rtas_last_error(NULL); 479 480 if (nret > 1 && outputs != NULL) 481 for (i = 0; i < nret-1; ++i) 482 outputs[i] = be32_to_cpu(rtas_args->rets[i+1]); 483 ret = (nret > 0)? be32_to_cpu(rtas_args->rets[0]): 0; 484 485 unlock_rtas(s); 486 487 if (buff_copy) { 488 log_error(buff_copy, ERR_TYPE_RTAS_LOG, 0); 489 if (slab_is_available()) 490 kfree(buff_copy); 491 } 492 return ret; 493 } 494 EXPORT_SYMBOL(rtas_call); 495 496 /** 497 * rtas_busy_delay_time() - From an RTAS status value, calculate the 498 * suggested delay time in milliseconds. 499 * 500 * @status: a value returned from rtas_call() or similar APIs which return 501 * the status of a RTAS function call. 502 * 503 * Context: Any context. 504 * 505 * Return: 506 * * 100000 - If @status is 9905. 507 * * 10000 - If @status is 9904. 508 * * 1000 - If @status is 9903. 509 * * 100 - If @status is 9902. 510 * * 10 - If @status is 9901. 511 * * 1 - If @status is either 9900 or -2. This is "wrong" for -2, but 512 * some callers depend on this behavior, and the worst outcome 513 * is that they will delay for longer than necessary. 514 * * 0 - If @status is not a busy or extended delay value. 515 */ 516 unsigned int rtas_busy_delay_time(int status) 517 { 518 int order; 519 unsigned int ms = 0; 520 521 if (status == RTAS_BUSY) { 522 ms = 1; 523 } else if (status >= RTAS_EXTENDED_DELAY_MIN && 524 status <= RTAS_EXTENDED_DELAY_MAX) { 525 order = status - RTAS_EXTENDED_DELAY_MIN; 526 for (ms = 1; order > 0; order--) 527 ms *= 10; 528 } 529 530 return ms; 531 } 532 EXPORT_SYMBOL(rtas_busy_delay_time); 533 534 /** 535 * rtas_busy_delay() - helper for RTAS busy and extended delay statuses 536 * 537 * @status: a value returned from rtas_call() or similar APIs which return 538 * the status of a RTAS function call. 539 * 540 * Context: Process context. May sleep or schedule. 541 * 542 * Return: 543 * * true - @status is RTAS_BUSY or an extended delay hint. The 544 * caller may assume that the CPU has been yielded if necessary, 545 * and that an appropriate delay for @status has elapsed. 546 * Generally the caller should reattempt the RTAS call which 547 * yielded @status. 548 * 549 * * false - @status is not @RTAS_BUSY nor an extended delay hint. The 550 * caller is responsible for handling @status. 551 */ 552 bool rtas_busy_delay(int status) 553 { 554 unsigned int ms; 555 bool ret; 556 557 switch (status) { 558 case RTAS_EXTENDED_DELAY_MIN...RTAS_EXTENDED_DELAY_MAX: 559 ret = true; 560 ms = rtas_busy_delay_time(status); 561 /* 562 * The extended delay hint can be as high as 100 seconds. 563 * Surely any function returning such a status is either 564 * buggy or isn't going to be significantly slowed by us 565 * polling at 1HZ. Clamp the sleep time to one second. 566 */ 567 ms = clamp(ms, 1U, 1000U); 568 /* 569 * The delay hint is an order-of-magnitude suggestion, not 570 * a minimum. It is fine, possibly even advantageous, for 571 * us to pause for less time than hinted. For small values, 572 * use usleep_range() to ensure we don't sleep much longer 573 * than actually needed. 574 * 575 * See Documentation/timers/timers-howto.rst for 576 * explanation of the threshold used here. In effect we use 577 * usleep_range() for 9900 and 9901, msleep() for 578 * 9902-9905. 579 */ 580 if (ms <= 20) 581 usleep_range(ms * 100, ms * 1000); 582 else 583 msleep(ms); 584 break; 585 case RTAS_BUSY: 586 ret = true; 587 /* 588 * We should call again immediately if there's no other 589 * work to do. 590 */ 591 cond_resched(); 592 break; 593 default: 594 ret = false; 595 /* 596 * Not a busy or extended delay status; the caller should 597 * handle @status itself. Ensure we warn on misuses in 598 * atomic context regardless. 599 */ 600 might_sleep(); 601 break; 602 } 603 604 return ret; 605 } 606 EXPORT_SYMBOL(rtas_busy_delay); 607 608 static int rtas_error_rc(int rtas_rc) 609 { 610 int rc; 611 612 switch (rtas_rc) { 613 case -1: /* Hardware Error */ 614 rc = -EIO; 615 break; 616 case -3: /* Bad indicator/domain/etc */ 617 rc = -EINVAL; 618 break; 619 case -9000: /* Isolation error */ 620 rc = -EFAULT; 621 break; 622 case -9001: /* Outstanding TCE/PTE */ 623 rc = -EEXIST; 624 break; 625 case -9002: /* No usable slot */ 626 rc = -ENODEV; 627 break; 628 default: 629 printk(KERN_ERR "%s: unexpected RTAS error %d\n", 630 __func__, rtas_rc); 631 rc = -ERANGE; 632 break; 633 } 634 return rc; 635 } 636 637 int rtas_get_power_level(int powerdomain, int *level) 638 { 639 int token = rtas_token("get-power-level"); 640 int rc; 641 642 if (token == RTAS_UNKNOWN_SERVICE) 643 return -ENOENT; 644 645 while ((rc = rtas_call(token, 1, 2, level, powerdomain)) == RTAS_BUSY) 646 udelay(1); 647 648 if (rc < 0) 649 return rtas_error_rc(rc); 650 return rc; 651 } 652 EXPORT_SYMBOL(rtas_get_power_level); 653 654 int rtas_set_power_level(int powerdomain, int level, int *setlevel) 655 { 656 int token = rtas_token("set-power-level"); 657 int rc; 658 659 if (token == RTAS_UNKNOWN_SERVICE) 660 return -ENOENT; 661 662 do { 663 rc = rtas_call(token, 2, 2, setlevel, powerdomain, level); 664 } while (rtas_busy_delay(rc)); 665 666 if (rc < 0) 667 return rtas_error_rc(rc); 668 return rc; 669 } 670 EXPORT_SYMBOL(rtas_set_power_level); 671 672 int rtas_get_sensor(int sensor, int index, int *state) 673 { 674 int token = rtas_token("get-sensor-state"); 675 int rc; 676 677 if (token == RTAS_UNKNOWN_SERVICE) 678 return -ENOENT; 679 680 do { 681 rc = rtas_call(token, 2, 2, state, sensor, index); 682 } while (rtas_busy_delay(rc)); 683 684 if (rc < 0) 685 return rtas_error_rc(rc); 686 return rc; 687 } 688 EXPORT_SYMBOL(rtas_get_sensor); 689 690 int rtas_get_sensor_fast(int sensor, int index, int *state) 691 { 692 int token = rtas_token("get-sensor-state"); 693 int rc; 694 695 if (token == RTAS_UNKNOWN_SERVICE) 696 return -ENOENT; 697 698 rc = rtas_call(token, 2, 2, state, sensor, index); 699 WARN_ON(rc == RTAS_BUSY || (rc >= RTAS_EXTENDED_DELAY_MIN && 700 rc <= RTAS_EXTENDED_DELAY_MAX)); 701 702 if (rc < 0) 703 return rtas_error_rc(rc); 704 return rc; 705 } 706 707 bool rtas_indicator_present(int token, int *maxindex) 708 { 709 int proplen, count, i; 710 const struct indicator_elem { 711 __be32 token; 712 __be32 maxindex; 713 } *indicators; 714 715 indicators = of_get_property(rtas.dev, "rtas-indicators", &proplen); 716 if (!indicators) 717 return false; 718 719 count = proplen / sizeof(struct indicator_elem); 720 721 for (i = 0; i < count; i++) { 722 if (__be32_to_cpu(indicators[i].token) != token) 723 continue; 724 if (maxindex) 725 *maxindex = __be32_to_cpu(indicators[i].maxindex); 726 return true; 727 } 728 729 return false; 730 } 731 EXPORT_SYMBOL(rtas_indicator_present); 732 733 int rtas_set_indicator(int indicator, int index, int new_value) 734 { 735 int token = rtas_token("set-indicator"); 736 int rc; 737 738 if (token == RTAS_UNKNOWN_SERVICE) 739 return -ENOENT; 740 741 do { 742 rc = rtas_call(token, 3, 1, NULL, indicator, index, new_value); 743 } while (rtas_busy_delay(rc)); 744 745 if (rc < 0) 746 return rtas_error_rc(rc); 747 return rc; 748 } 749 EXPORT_SYMBOL(rtas_set_indicator); 750 751 /* 752 * Ignoring RTAS extended delay 753 */ 754 int rtas_set_indicator_fast(int indicator, int index, int new_value) 755 { 756 int rc; 757 int token = rtas_token("set-indicator"); 758 759 if (token == RTAS_UNKNOWN_SERVICE) 760 return -ENOENT; 761 762 rc = rtas_call(token, 3, 1, NULL, indicator, index, new_value); 763 764 WARN_ON(rc == RTAS_BUSY || (rc >= RTAS_EXTENDED_DELAY_MIN && 765 rc <= RTAS_EXTENDED_DELAY_MAX)); 766 767 if (rc < 0) 768 return rtas_error_rc(rc); 769 770 return rc; 771 } 772 773 /** 774 * rtas_ibm_suspend_me() - Call ibm,suspend-me to suspend the LPAR. 775 * 776 * @fw_status: RTAS call status will be placed here if not NULL. 777 * 778 * rtas_ibm_suspend_me() should be called only on a CPU which has 779 * received H_CONTINUE from the H_JOIN hcall. All other active CPUs 780 * should be waiting to return from H_JOIN. 781 * 782 * rtas_ibm_suspend_me() may suspend execution of the OS 783 * indefinitely. Callers should take appropriate measures upon return, such as 784 * resetting watchdog facilities. 785 * 786 * Callers may choose to retry this call if @fw_status is 787 * %RTAS_THREADS_ACTIVE. 788 * 789 * Return: 790 * 0 - The partition has resumed from suspend, possibly after 791 * migration to a different host. 792 * -ECANCELED - The operation was aborted. 793 * -EAGAIN - There were other CPUs not in H_JOIN at the time of the call. 794 * -EBUSY - Some other condition prevented the suspend from succeeding. 795 * -EIO - Hardware/platform error. 796 */ 797 int rtas_ibm_suspend_me(int *fw_status) 798 { 799 int fwrc; 800 int ret; 801 802 fwrc = rtas_call(rtas_token("ibm,suspend-me"), 0, 1, NULL); 803 804 switch (fwrc) { 805 case 0: 806 ret = 0; 807 break; 808 case RTAS_SUSPEND_ABORTED: 809 ret = -ECANCELED; 810 break; 811 case RTAS_THREADS_ACTIVE: 812 ret = -EAGAIN; 813 break; 814 case RTAS_NOT_SUSPENDABLE: 815 case RTAS_OUTSTANDING_COPROC: 816 ret = -EBUSY; 817 break; 818 case -1: 819 default: 820 ret = -EIO; 821 break; 822 } 823 824 if (fw_status) 825 *fw_status = fwrc; 826 827 return ret; 828 } 829 830 void __noreturn rtas_restart(char *cmd) 831 { 832 if (rtas_flash_term_hook) 833 rtas_flash_term_hook(SYS_RESTART); 834 printk("RTAS system-reboot returned %d\n", 835 rtas_call(rtas_token("system-reboot"), 0, 1, NULL)); 836 for (;;); 837 } 838 839 void rtas_power_off(void) 840 { 841 if (rtas_flash_term_hook) 842 rtas_flash_term_hook(SYS_POWER_OFF); 843 /* allow power on only with power button press */ 844 printk("RTAS power-off returned %d\n", 845 rtas_call(rtas_token("power-off"), 2, 1, NULL, -1, -1)); 846 for (;;); 847 } 848 849 void __noreturn rtas_halt(void) 850 { 851 if (rtas_flash_term_hook) 852 rtas_flash_term_hook(SYS_HALT); 853 /* allow power on only with power button press */ 854 printk("RTAS power-off returned %d\n", 855 rtas_call(rtas_token("power-off"), 2, 1, NULL, -1, -1)); 856 for (;;); 857 } 858 859 /* Must be in the RMO region, so we place it here */ 860 static char rtas_os_term_buf[2048]; 861 862 void rtas_os_term(char *str) 863 { 864 int status; 865 866 /* 867 * Firmware with the ibm,extended-os-term property is guaranteed 868 * to always return from an ibm,os-term call. Earlier versions without 869 * this property may terminate the partition which we want to avoid 870 * since it interferes with panic_timeout. 871 */ 872 if (RTAS_UNKNOWN_SERVICE == rtas_token("ibm,os-term") || 873 RTAS_UNKNOWN_SERVICE == rtas_token("ibm,extended-os-term")) 874 return; 875 876 snprintf(rtas_os_term_buf, 2048, "OS panic: %s", str); 877 878 do { 879 status = rtas_call(rtas_token("ibm,os-term"), 1, 1, NULL, 880 __pa(rtas_os_term_buf)); 881 } while (rtas_busy_delay(status)); 882 883 if (status != 0) 884 printk(KERN_EMERG "ibm,os-term call failed %d\n", status); 885 } 886 887 /** 888 * rtas_activate_firmware() - Activate a new version of firmware. 889 * 890 * Context: This function may sleep. 891 * 892 * Activate a new version of partition firmware. The OS must call this 893 * after resuming from a partition hibernation or migration in order 894 * to maintain the ability to perform live firmware updates. It's not 895 * catastrophic for this method to be absent or to fail; just log the 896 * condition in that case. 897 */ 898 void rtas_activate_firmware(void) 899 { 900 int token; 901 int fwrc; 902 903 token = rtas_token("ibm,activate-firmware"); 904 if (token == RTAS_UNKNOWN_SERVICE) { 905 pr_notice("ibm,activate-firmware method unavailable\n"); 906 return; 907 } 908 909 do { 910 fwrc = rtas_call(token, 0, 1, NULL); 911 } while (rtas_busy_delay(fwrc)); 912 913 if (fwrc) 914 pr_err("ibm,activate-firmware failed (%i)\n", fwrc); 915 } 916 917 #ifdef CONFIG_PPC_PSERIES 918 /** 919 * rtas_call_reentrant() - Used for reentrant rtas calls 920 * @token: Token for desired reentrant RTAS call 921 * @nargs: Number of Input Parameters 922 * @nret: Number of Output Parameters 923 * @outputs: Array of outputs 924 * @...: Inputs for desired RTAS call 925 * 926 * According to LoPAR documentation, only "ibm,int-on", "ibm,int-off", 927 * "ibm,get-xive" and "ibm,set-xive" are currently reentrant. 928 * Reentrant calls need their own rtas_args buffer, so not using rtas.args, but 929 * PACA one instead. 930 * 931 * Return: -1 on error, 932 * First output value of RTAS call if (nret > 0), 933 * 0 otherwise, 934 */ 935 int rtas_call_reentrant(int token, int nargs, int nret, int *outputs, ...) 936 { 937 va_list list; 938 struct rtas_args *args; 939 unsigned long flags; 940 int i, ret = 0; 941 942 if (!rtas.entry || token == RTAS_UNKNOWN_SERVICE) 943 return -1; 944 945 local_irq_save(flags); 946 preempt_disable(); 947 948 /* We use the per-cpu (PACA) rtas args buffer */ 949 args = local_paca->rtas_args_reentrant; 950 951 va_start(list, outputs); 952 va_rtas_call_unlocked(args, token, nargs, nret, list); 953 va_end(list); 954 955 if (nret > 1 && outputs) 956 for (i = 0; i < nret - 1; ++i) 957 outputs[i] = be32_to_cpu(args->rets[i + 1]); 958 959 if (nret > 0) 960 ret = be32_to_cpu(args->rets[0]); 961 962 local_irq_restore(flags); 963 preempt_enable(); 964 965 return ret; 966 } 967 968 #endif /* CONFIG_PPC_PSERIES */ 969 970 /** 971 * get_pseries_errorlog() - Find a specific pseries error log in an RTAS 972 * extended event log. 973 * @log: RTAS error/event log 974 * @section_id: two character section identifier 975 * 976 * Return: A pointer to the specified errorlog or NULL if not found. 977 */ 978 struct pseries_errorlog *get_pseries_errorlog(struct rtas_error_log *log, 979 uint16_t section_id) 980 { 981 struct rtas_ext_event_log_v6 *ext_log = 982 (struct rtas_ext_event_log_v6 *)log->buffer; 983 struct pseries_errorlog *sect; 984 unsigned char *p, *log_end; 985 uint32_t ext_log_length = rtas_error_extended_log_length(log); 986 uint8_t log_format = rtas_ext_event_log_format(ext_log); 987 uint32_t company_id = rtas_ext_event_company_id(ext_log); 988 989 /* Check that we understand the format */ 990 if (ext_log_length < sizeof(struct rtas_ext_event_log_v6) || 991 log_format != RTAS_V6EXT_LOG_FORMAT_EVENT_LOG || 992 company_id != RTAS_V6EXT_COMPANY_ID_IBM) 993 return NULL; 994 995 log_end = log->buffer + ext_log_length; 996 p = ext_log->vendor_log; 997 998 while (p < log_end) { 999 sect = (struct pseries_errorlog *)p; 1000 if (pseries_errorlog_id(sect) == section_id) 1001 return sect; 1002 p += pseries_errorlog_length(sect); 1003 } 1004 1005 return NULL; 1006 } 1007 1008 #ifdef CONFIG_PPC_RTAS_FILTER 1009 1010 /* 1011 * The sys_rtas syscall, as originally designed, allows root to pass 1012 * arbitrary physical addresses to RTAS calls. A number of RTAS calls 1013 * can be abused to write to arbitrary memory and do other things that 1014 * are potentially harmful to system integrity, and thus should only 1015 * be used inside the kernel and not exposed to userspace. 1016 * 1017 * All known legitimate users of the sys_rtas syscall will only ever 1018 * pass addresses that fall within the RMO buffer, and use a known 1019 * subset of RTAS calls. 1020 * 1021 * Accordingly, we filter RTAS requests to check that the call is 1022 * permitted, and that provided pointers fall within the RMO buffer. 1023 * The rtas_filters list contains an entry for each permitted call, 1024 * with the indexes of the parameters which are expected to contain 1025 * addresses and sizes of buffers allocated inside the RMO buffer. 1026 */ 1027 struct rtas_filter { 1028 const char *name; 1029 int token; 1030 /* Indexes into the args buffer, -1 if not used */ 1031 int buf_idx1; 1032 int size_idx1; 1033 int buf_idx2; 1034 int size_idx2; 1035 1036 int fixed_size; 1037 }; 1038 1039 static struct rtas_filter rtas_filters[] __ro_after_init = { 1040 { "ibm,activate-firmware", -1, -1, -1, -1, -1 }, 1041 { "ibm,configure-connector", -1, 0, -1, 1, -1, 4096 }, /* Special cased */ 1042 { "display-character", -1, -1, -1, -1, -1 }, 1043 { "ibm,display-message", -1, 0, -1, -1, -1 }, 1044 { "ibm,errinjct", -1, 2, -1, -1, -1, 1024 }, 1045 { "ibm,close-errinjct", -1, -1, -1, -1, -1 }, 1046 { "ibm,open-errinjct", -1, -1, -1, -1, -1 }, 1047 { "ibm,get-config-addr-info2", -1, -1, -1, -1, -1 }, 1048 { "ibm,get-dynamic-sensor-state", -1, 1, -1, -1, -1 }, 1049 { "ibm,get-indices", -1, 2, 3, -1, -1 }, 1050 { "get-power-level", -1, -1, -1, -1, -1 }, 1051 { "get-sensor-state", -1, -1, -1, -1, -1 }, 1052 { "ibm,get-system-parameter", -1, 1, 2, -1, -1 }, 1053 { "get-time-of-day", -1, -1, -1, -1, -1 }, 1054 { "ibm,get-vpd", -1, 0, -1, 1, 2 }, 1055 { "ibm,lpar-perftools", -1, 2, 3, -1, -1 }, 1056 { "ibm,platform-dump", -1, 4, 5, -1, -1 }, 1057 { "ibm,read-slot-reset-state", -1, -1, -1, -1, -1 }, 1058 { "ibm,scan-log-dump", -1, 0, 1, -1, -1 }, 1059 { "ibm,set-dynamic-indicator", -1, 2, -1, -1, -1 }, 1060 { "ibm,set-eeh-option", -1, -1, -1, -1, -1 }, 1061 { "set-indicator", -1, -1, -1, -1, -1 }, 1062 { "set-power-level", -1, -1, -1, -1, -1 }, 1063 { "set-time-for-power-on", -1, -1, -1, -1, -1 }, 1064 { "ibm,set-system-parameter", -1, 1, -1, -1, -1 }, 1065 { "set-time-of-day", -1, -1, -1, -1, -1 }, 1066 #ifdef CONFIG_CPU_BIG_ENDIAN 1067 { "ibm,suspend-me", -1, -1, -1, -1, -1 }, 1068 { "ibm,update-nodes", -1, 0, -1, -1, -1, 4096 }, 1069 { "ibm,update-properties", -1, 0, -1, -1, -1, 4096 }, 1070 #endif 1071 { "ibm,physical-attestation", -1, 0, 1, -1, -1 }, 1072 }; 1073 1074 static bool in_rmo_buf(u32 base, u32 end) 1075 { 1076 return base >= rtas_rmo_buf && 1077 base < (rtas_rmo_buf + RTAS_USER_REGION_SIZE) && 1078 base <= end && 1079 end >= rtas_rmo_buf && 1080 end < (rtas_rmo_buf + RTAS_USER_REGION_SIZE); 1081 } 1082 1083 static bool block_rtas_call(int token, int nargs, 1084 struct rtas_args *args) 1085 { 1086 int i; 1087 1088 for (i = 0; i < ARRAY_SIZE(rtas_filters); i++) { 1089 struct rtas_filter *f = &rtas_filters[i]; 1090 u32 base, size, end; 1091 1092 if (token != f->token) 1093 continue; 1094 1095 if (f->buf_idx1 != -1) { 1096 base = be32_to_cpu(args->args[f->buf_idx1]); 1097 if (f->size_idx1 != -1) 1098 size = be32_to_cpu(args->args[f->size_idx1]); 1099 else if (f->fixed_size) 1100 size = f->fixed_size; 1101 else 1102 size = 1; 1103 1104 end = base + size - 1; 1105 if (!in_rmo_buf(base, end)) 1106 goto err; 1107 } 1108 1109 if (f->buf_idx2 != -1) { 1110 base = be32_to_cpu(args->args[f->buf_idx2]); 1111 if (f->size_idx2 != -1) 1112 size = be32_to_cpu(args->args[f->size_idx2]); 1113 else if (f->fixed_size) 1114 size = f->fixed_size; 1115 else 1116 size = 1; 1117 end = base + size - 1; 1118 1119 /* 1120 * Special case for ibm,configure-connector where the 1121 * address can be 0 1122 */ 1123 if (!strcmp(f->name, "ibm,configure-connector") && 1124 base == 0) 1125 return false; 1126 1127 if (!in_rmo_buf(base, end)) 1128 goto err; 1129 } 1130 1131 return false; 1132 } 1133 1134 err: 1135 pr_err_ratelimited("sys_rtas: RTAS call blocked - exploit attempt?\n"); 1136 pr_err_ratelimited("sys_rtas: token=0x%x, nargs=%d (called by %s)\n", 1137 token, nargs, current->comm); 1138 return true; 1139 } 1140 1141 static void __init rtas_syscall_filter_init(void) 1142 { 1143 unsigned int i; 1144 1145 for (i = 0; i < ARRAY_SIZE(rtas_filters); i++) 1146 rtas_filters[i].token = rtas_token(rtas_filters[i].name); 1147 } 1148 1149 #else 1150 1151 static bool block_rtas_call(int token, int nargs, 1152 struct rtas_args *args) 1153 { 1154 return false; 1155 } 1156 1157 static void __init rtas_syscall_filter_init(void) 1158 { 1159 } 1160 1161 #endif /* CONFIG_PPC_RTAS_FILTER */ 1162 1163 /* We assume to be passed big endian arguments */ 1164 SYSCALL_DEFINE1(rtas, struct rtas_args __user *, uargs) 1165 { 1166 struct rtas_args args; 1167 unsigned long flags; 1168 char *buff_copy, *errbuf = NULL; 1169 int nargs, nret, token; 1170 1171 if (!capable(CAP_SYS_ADMIN)) 1172 return -EPERM; 1173 1174 if (!rtas.entry) 1175 return -EINVAL; 1176 1177 if (copy_from_user(&args, uargs, 3 * sizeof(u32)) != 0) 1178 return -EFAULT; 1179 1180 nargs = be32_to_cpu(args.nargs); 1181 nret = be32_to_cpu(args.nret); 1182 token = be32_to_cpu(args.token); 1183 1184 if (nargs >= ARRAY_SIZE(args.args) 1185 || nret > ARRAY_SIZE(args.args) 1186 || nargs + nret > ARRAY_SIZE(args.args)) 1187 return -EINVAL; 1188 1189 /* Copy in args. */ 1190 if (copy_from_user(args.args, uargs->args, 1191 nargs * sizeof(rtas_arg_t)) != 0) 1192 return -EFAULT; 1193 1194 if (token == RTAS_UNKNOWN_SERVICE) 1195 return -EINVAL; 1196 1197 args.rets = &args.args[nargs]; 1198 memset(args.rets, 0, nret * sizeof(rtas_arg_t)); 1199 1200 if (block_rtas_call(token, nargs, &args)) 1201 return -EINVAL; 1202 1203 /* Need to handle ibm,suspend_me call specially */ 1204 if (token == rtas_token("ibm,suspend-me")) { 1205 1206 /* 1207 * rtas_ibm_suspend_me assumes the streamid handle is in cpu 1208 * endian, or at least the hcall within it requires it. 1209 */ 1210 int rc = 0; 1211 u64 handle = ((u64)be32_to_cpu(args.args[0]) << 32) 1212 | be32_to_cpu(args.args[1]); 1213 rc = rtas_syscall_dispatch_ibm_suspend_me(handle); 1214 if (rc == -EAGAIN) 1215 args.rets[0] = cpu_to_be32(RTAS_NOT_SUSPENDABLE); 1216 else if (rc == -EIO) 1217 args.rets[0] = cpu_to_be32(-1); 1218 else if (rc) 1219 return rc; 1220 goto copy_return; 1221 } 1222 1223 buff_copy = get_errorlog_buffer(); 1224 1225 flags = lock_rtas(); 1226 1227 rtas.args = args; 1228 do_enter_rtas(__pa(&rtas.args)); 1229 args = rtas.args; 1230 1231 /* A -1 return code indicates that the last command couldn't 1232 be completed due to a hardware error. */ 1233 if (be32_to_cpu(args.rets[0]) == -1) 1234 errbuf = __fetch_rtas_last_error(buff_copy); 1235 1236 unlock_rtas(flags); 1237 1238 if (buff_copy) { 1239 if (errbuf) 1240 log_error(errbuf, ERR_TYPE_RTAS_LOG, 0); 1241 kfree(buff_copy); 1242 } 1243 1244 copy_return: 1245 /* Copy out args. */ 1246 if (copy_to_user(uargs->args + nargs, 1247 args.args + nargs, 1248 nret * sizeof(rtas_arg_t)) != 0) 1249 return -EFAULT; 1250 1251 return 0; 1252 } 1253 1254 /* 1255 * Call early during boot, before mem init, to retrieve the RTAS 1256 * information from the device-tree and allocate the RMO buffer for userland 1257 * accesses. 1258 */ 1259 void __init rtas_initialize(void) 1260 { 1261 unsigned long rtas_region = RTAS_INSTANTIATE_MAX; 1262 u32 base, size, entry; 1263 int no_base, no_size, no_entry; 1264 1265 /* Get RTAS dev node and fill up our "rtas" structure with infos 1266 * about it. 1267 */ 1268 rtas.dev = of_find_node_by_name(NULL, "rtas"); 1269 if (!rtas.dev) 1270 return; 1271 1272 no_base = of_property_read_u32(rtas.dev, "linux,rtas-base", &base); 1273 no_size = of_property_read_u32(rtas.dev, "rtas-size", &size); 1274 if (no_base || no_size) { 1275 of_node_put(rtas.dev); 1276 rtas.dev = NULL; 1277 return; 1278 } 1279 1280 rtas.base = base; 1281 rtas.size = size; 1282 no_entry = of_property_read_u32(rtas.dev, "linux,rtas-entry", &entry); 1283 rtas.entry = no_entry ? rtas.base : entry; 1284 1285 /* If RTAS was found, allocate the RMO buffer for it and look for 1286 * the stop-self token if any 1287 */ 1288 #ifdef CONFIG_PPC64 1289 if (firmware_has_feature(FW_FEATURE_LPAR)) 1290 rtas_region = min(ppc64_rma_size, RTAS_INSTANTIATE_MAX); 1291 #endif 1292 rtas_rmo_buf = memblock_phys_alloc_range(RTAS_USER_REGION_SIZE, PAGE_SIZE, 1293 0, rtas_region); 1294 if (!rtas_rmo_buf) 1295 panic("ERROR: RTAS: Failed to allocate %lx bytes below %pa\n", 1296 PAGE_SIZE, &rtas_region); 1297 1298 #ifdef CONFIG_RTAS_ERROR_LOGGING 1299 rtas_last_error_token = rtas_token("rtas-last-error"); 1300 #endif 1301 1302 rtas_syscall_filter_init(); 1303 } 1304 1305 int __init early_init_dt_scan_rtas(unsigned long node, 1306 const char *uname, int depth, void *data) 1307 { 1308 const u32 *basep, *entryp, *sizep; 1309 1310 if (depth != 1 || strcmp(uname, "rtas") != 0) 1311 return 0; 1312 1313 basep = of_get_flat_dt_prop(node, "linux,rtas-base", NULL); 1314 entryp = of_get_flat_dt_prop(node, "linux,rtas-entry", NULL); 1315 sizep = of_get_flat_dt_prop(node, "rtas-size", NULL); 1316 1317 #ifdef CONFIG_PPC64 1318 /* need this feature to decide the crashkernel offset */ 1319 if (of_get_flat_dt_prop(node, "ibm,hypertas-functions", NULL)) 1320 powerpc_firmware_features |= FW_FEATURE_LPAR; 1321 #endif 1322 1323 if (basep && entryp && sizep) { 1324 rtas.base = *basep; 1325 rtas.entry = *entryp; 1326 rtas.size = *sizep; 1327 } 1328 1329 #ifdef CONFIG_UDBG_RTAS_CONSOLE 1330 basep = of_get_flat_dt_prop(node, "put-term-char", NULL); 1331 if (basep) 1332 rtas_putchar_token = *basep; 1333 1334 basep = of_get_flat_dt_prop(node, "get-term-char", NULL); 1335 if (basep) 1336 rtas_getchar_token = *basep; 1337 1338 if (rtas_putchar_token != RTAS_UNKNOWN_SERVICE && 1339 rtas_getchar_token != RTAS_UNKNOWN_SERVICE) 1340 udbg_init_rtas_console(); 1341 1342 #endif 1343 1344 /* break now */ 1345 return 1; 1346 } 1347 1348 static arch_spinlock_t timebase_lock; 1349 static u64 timebase = 0; 1350 1351 void rtas_give_timebase(void) 1352 { 1353 unsigned long flags; 1354 1355 local_irq_save(flags); 1356 hard_irq_disable(); 1357 arch_spin_lock(&timebase_lock); 1358 rtas_call(rtas_token("freeze-time-base"), 0, 1, NULL); 1359 timebase = get_tb(); 1360 arch_spin_unlock(&timebase_lock); 1361 1362 while (timebase) 1363 barrier(); 1364 rtas_call(rtas_token("thaw-time-base"), 0, 1, NULL); 1365 local_irq_restore(flags); 1366 } 1367 1368 void rtas_take_timebase(void) 1369 { 1370 while (!timebase) 1371 barrier(); 1372 arch_spin_lock(&timebase_lock); 1373 set_tb(timebase >> 32, timebase & 0xffffffff); 1374 timebase = 0; 1375 arch_spin_unlock(&timebase_lock); 1376 } 1377