1 // SPDX-License-Identifier: GPL-2.0 2 /* 3 * Greybus manifest parsing 4 * 5 * Copyright 2014-2015 Google Inc. 6 * Copyright 2014-2015 Linaro Ltd. 7 */ 8 9 #include <linux/greybus.h> 10 11 static const char *get_descriptor_type_string(u8 type) 12 { 13 switch (type) { 14 case GREYBUS_TYPE_INVALID: 15 return "invalid"; 16 case GREYBUS_TYPE_STRING: 17 return "string"; 18 case GREYBUS_TYPE_INTERFACE: 19 return "interface"; 20 case GREYBUS_TYPE_CPORT: 21 return "cport"; 22 case GREYBUS_TYPE_BUNDLE: 23 return "bundle"; 24 default: 25 WARN_ON(1); 26 return "unknown"; 27 } 28 } 29 30 /* 31 * We scan the manifest once to identify where all the descriptors 32 * are. The result is a list of these manifest_desc structures. We 33 * then pick through them for what we're looking for (starting with 34 * the interface descriptor). As each is processed we remove it from 35 * the list. When we're done the list should (probably) be empty. 36 */ 37 struct manifest_desc { 38 struct list_head links; 39 40 size_t size; 41 void *data; 42 enum greybus_descriptor_type type; 43 }; 44 45 static void release_manifest_descriptor(struct manifest_desc *descriptor) 46 { 47 list_del(&descriptor->links); 48 kfree(descriptor); 49 } 50 51 static void release_manifest_descriptors(struct gb_interface *intf) 52 { 53 struct manifest_desc *descriptor; 54 struct manifest_desc *next; 55 56 list_for_each_entry_safe(descriptor, next, &intf->manifest_descs, links) 57 release_manifest_descriptor(descriptor); 58 } 59 60 static void release_cport_descriptors(struct list_head *head, u8 bundle_id) 61 { 62 struct manifest_desc *desc, *tmp; 63 struct greybus_descriptor_cport *desc_cport; 64 65 list_for_each_entry_safe(desc, tmp, head, links) { 66 desc_cport = desc->data; 67 68 if (desc->type != GREYBUS_TYPE_CPORT) 69 continue; 70 71 if (desc_cport->bundle == bundle_id) 72 release_manifest_descriptor(desc); 73 } 74 } 75 76 static struct manifest_desc *get_next_bundle_desc(struct gb_interface *intf) 77 { 78 struct manifest_desc *descriptor; 79 struct manifest_desc *next; 80 81 list_for_each_entry_safe(descriptor, next, &intf->manifest_descs, links) 82 if (descriptor->type == GREYBUS_TYPE_BUNDLE) 83 return descriptor; 84 85 return NULL; 86 } 87 88 /* 89 * Validate the given descriptor. Its reported size must fit within 90 * the number of bytes remaining, and it must have a recognized 91 * type. Check that the reported size is at least as big as what 92 * we expect to see. (It could be bigger, perhaps for a new version 93 * of the format.) 94 * 95 * Returns the (non-zero) number of bytes consumed by the descriptor, 96 * or a negative errno. 97 */ 98 static int identify_descriptor(struct gb_interface *intf, 99 struct greybus_descriptor *desc, size_t size) 100 { 101 struct greybus_descriptor_header *desc_header = &desc->header; 102 struct manifest_desc *descriptor; 103 size_t desc_size; 104 size_t expected_size; 105 106 if (size < sizeof(*desc_header)) { 107 dev_err(&intf->dev, "manifest too small (%zu < %zu)\n", size, 108 sizeof(*desc_header)); 109 return -EINVAL; /* Must at least have header */ 110 } 111 112 desc_size = le16_to_cpu(desc_header->size); 113 if (desc_size > size) { 114 dev_err(&intf->dev, "descriptor too big (%zu > %zu)\n", 115 desc_size, size); 116 return -EINVAL; 117 } 118 119 /* Descriptor needs to at least have a header */ 120 expected_size = sizeof(*desc_header); 121 122 switch (desc_header->type) { 123 case GREYBUS_TYPE_STRING: 124 expected_size += sizeof(struct greybus_descriptor_string); 125 expected_size += desc->string.length; 126 127 /* String descriptors are padded to 4 byte boundaries */ 128 expected_size = ALIGN(expected_size, 4); 129 break; 130 case GREYBUS_TYPE_INTERFACE: 131 expected_size += sizeof(struct greybus_descriptor_interface); 132 break; 133 case GREYBUS_TYPE_BUNDLE: 134 expected_size += sizeof(struct greybus_descriptor_bundle); 135 break; 136 case GREYBUS_TYPE_CPORT: 137 expected_size += sizeof(struct greybus_descriptor_cport); 138 break; 139 case GREYBUS_TYPE_INVALID: 140 default: 141 dev_err(&intf->dev, "invalid descriptor type (%u)\n", 142 desc_header->type); 143 return -EINVAL; 144 } 145 146 if (desc_size < expected_size) { 147 dev_err(&intf->dev, "%s descriptor too small (%zu < %zu)\n", 148 get_descriptor_type_string(desc_header->type), 149 desc_size, expected_size); 150 return -EINVAL; 151 } 152 153 /* Descriptor bigger than what we expect */ 154 if (desc_size > expected_size) { 155 dev_warn(&intf->dev, "%s descriptor size mismatch (want %zu got %zu)\n", 156 get_descriptor_type_string(desc_header->type), 157 expected_size, desc_size); 158 } 159 160 descriptor = kzalloc_obj(*descriptor); 161 if (!descriptor) 162 return -ENOMEM; 163 164 descriptor->size = desc_size; 165 descriptor->data = (char *)desc + sizeof(*desc_header); 166 descriptor->type = desc_header->type; 167 list_add_tail(&descriptor->links, &intf->manifest_descs); 168 169 /* desc_size is positive and is known to fit in a signed int */ 170 171 return desc_size; 172 } 173 174 /* 175 * Find the string descriptor having the given id, validate it, and 176 * allocate a duplicate copy of it. The duplicate has an extra byte 177 * which guarantees the returned string is NUL-terminated. 178 * 179 * String index 0 is valid (it represents "no string"), and for 180 * that a null pointer is returned. 181 * 182 * Otherwise returns a pointer to a newly-allocated copy of the 183 * descriptor string, or an error-coded pointer on failure. 184 */ 185 static char *gb_string_get(struct gb_interface *intf, u8 string_id) 186 { 187 struct greybus_descriptor_string *desc_string; 188 struct manifest_desc *descriptor; 189 bool found = false; 190 char *string; 191 192 /* A zero string id means no string (but no error) */ 193 if (!string_id) 194 return NULL; 195 196 list_for_each_entry(descriptor, &intf->manifest_descs, links) { 197 if (descriptor->type != GREYBUS_TYPE_STRING) 198 continue; 199 200 desc_string = descriptor->data; 201 if (desc_string->id == string_id) { 202 found = true; 203 break; 204 } 205 } 206 if (!found) 207 return ERR_PTR(-ENOENT); 208 209 /* Allocate an extra byte so we can guarantee it's NUL-terminated */ 210 string = kmemdup(&desc_string->string, desc_string->length + 1, 211 GFP_KERNEL); 212 if (!string) 213 return ERR_PTR(-ENOMEM); 214 string[desc_string->length] = '\0'; 215 216 /* Ok we've used this string, so we're done with it */ 217 release_manifest_descriptor(descriptor); 218 219 return string; 220 } 221 222 /* 223 * Find cport descriptors in the manifest associated with the given 224 * bundle, and set up data structures for the functions that use 225 * them. Returns the number of cports set up for the bundle, or 0 226 * if there is an error. 227 */ 228 static u32 gb_manifest_parse_cports(struct gb_bundle *bundle) 229 { 230 struct gb_interface *intf = bundle->intf; 231 struct greybus_descriptor_cport *desc_cport; 232 struct manifest_desc *desc, *next, *tmp; 233 LIST_HEAD(list); 234 u8 bundle_id = bundle->id; 235 u16 cport_id; 236 u32 count = 0; 237 int i; 238 239 /* Set up all cport descriptors associated with this bundle */ 240 list_for_each_entry_safe(desc, next, &intf->manifest_descs, links) { 241 if (desc->type != GREYBUS_TYPE_CPORT) 242 continue; 243 244 desc_cport = desc->data; 245 if (desc_cport->bundle != bundle_id) 246 continue; 247 248 cport_id = le16_to_cpu(desc_cport->id); 249 if (cport_id > CPORT_ID_MAX) 250 goto exit; 251 252 /* Nothing else should have its cport_id as control cport id */ 253 if (cport_id == GB_CONTROL_CPORT_ID) { 254 dev_err(&bundle->dev, "invalid cport id found (%02u)\n", 255 cport_id); 256 goto exit; 257 } 258 259 /* 260 * Found one, move it to our temporary list after checking for 261 * duplicates. 262 */ 263 list_for_each_entry(tmp, &list, links) { 264 desc_cport = tmp->data; 265 if (cport_id == le16_to_cpu(desc_cport->id)) { 266 dev_err(&bundle->dev, 267 "duplicate CPort %u found\n", cport_id); 268 goto exit; 269 } 270 } 271 list_move_tail(&desc->links, &list); 272 count++; 273 } 274 275 if (!count) 276 return 0; 277 278 bundle->cport_desc = kzalloc_objs(*bundle->cport_desc, count); 279 if (!bundle->cport_desc) 280 goto exit; 281 282 bundle->num_cports = count; 283 284 i = 0; 285 list_for_each_entry_safe(desc, next, &list, links) { 286 desc_cport = desc->data; 287 memcpy(&bundle->cport_desc[i++], desc_cport, 288 sizeof(*desc_cport)); 289 290 /* Release the cport descriptor */ 291 release_manifest_descriptor(desc); 292 } 293 294 return count; 295 exit: 296 release_cport_descriptors(&list, bundle_id); 297 /* 298 * Free all cports for this bundle to avoid 'excess descriptors' 299 * warnings. 300 */ 301 release_cport_descriptors(&intf->manifest_descs, bundle_id); 302 303 return 0; /* Error; count should also be 0 */ 304 } 305 306 /* 307 * Find bundle descriptors in the manifest and set up their data 308 * structures. Returns the number of bundles set up for the 309 * given interface. 310 */ 311 static u32 gb_manifest_parse_bundles(struct gb_interface *intf) 312 { 313 struct manifest_desc *desc; 314 struct gb_bundle *bundle; 315 struct gb_bundle *bundle_next; 316 u32 count = 0; 317 u8 bundle_id; 318 u8 class; 319 320 while ((desc = get_next_bundle_desc(intf))) { 321 struct greybus_descriptor_bundle *desc_bundle; 322 323 /* Found one. Set up its bundle structure*/ 324 desc_bundle = desc->data; 325 bundle_id = desc_bundle->id; 326 class = desc_bundle->class; 327 328 /* Done with this bundle descriptor */ 329 release_manifest_descriptor(desc); 330 331 /* Ignore any legacy control bundles */ 332 if (bundle_id == GB_CONTROL_BUNDLE_ID) { 333 dev_dbg(&intf->dev, "%s - ignoring control bundle\n", 334 __func__); 335 release_cport_descriptors(&intf->manifest_descs, 336 bundle_id); 337 continue; 338 } 339 340 /* Nothing else should have its class set to control class */ 341 if (class == GREYBUS_CLASS_CONTROL) { 342 dev_err(&intf->dev, 343 "bundle %u cannot use control class\n", 344 bundle_id); 345 goto cleanup; 346 } 347 348 bundle = gb_bundle_create(intf, bundle_id, class); 349 if (!bundle) 350 goto cleanup; 351 352 /* 353 * Now go set up this bundle's functions and cports. 354 * 355 * A 'bundle' represents a device in greybus. It may require 356 * multiple cports for its functioning. If we fail to setup any 357 * cport of a bundle, we better reject the complete bundle as 358 * the device may not be able to function properly then. 359 * 360 * But, failing to setup a cport of bundle X doesn't mean that 361 * the device corresponding to bundle Y will not work properly. 362 * Bundles should be treated as separate independent devices. 363 * 364 * While parsing manifest for an interface, treat bundles as 365 * separate entities and don't reject entire interface and its 366 * bundles on failing to initialize a cport. But make sure the 367 * bundle which needs the cport, gets destroyed properly. 368 */ 369 if (!gb_manifest_parse_cports(bundle)) { 370 gb_bundle_destroy(bundle); 371 continue; 372 } 373 374 count++; 375 } 376 377 return count; 378 cleanup: 379 /* An error occurred; undo any changes we've made */ 380 list_for_each_entry_safe(bundle, bundle_next, &intf->bundles, links) { 381 gb_bundle_destroy(bundle); 382 count--; 383 } 384 return 0; /* Error; count should also be 0 */ 385 } 386 387 static bool gb_manifest_parse_interface(struct gb_interface *intf, 388 struct manifest_desc *interface_desc) 389 { 390 struct greybus_descriptor_interface *desc_intf = interface_desc->data; 391 struct gb_control *control = intf->control; 392 char *str; 393 394 /* Handle the strings first--they can fail */ 395 str = gb_string_get(intf, desc_intf->vendor_stringid); 396 if (IS_ERR(str)) 397 return false; 398 control->vendor_string = str; 399 400 str = gb_string_get(intf, desc_intf->product_stringid); 401 if (IS_ERR(str)) 402 goto out_free_vendor_string; 403 control->product_string = str; 404 405 /* Assign feature flags communicated via manifest */ 406 intf->features = desc_intf->features; 407 408 /* Release the interface descriptor, now that we're done with it */ 409 release_manifest_descriptor(interface_desc); 410 411 /* An interface must have at least one bundle descriptor */ 412 if (!gb_manifest_parse_bundles(intf)) { 413 dev_err(&intf->dev, "manifest bundle descriptors not valid\n"); 414 goto out_err; 415 } 416 417 return true; 418 out_err: 419 kfree(control->product_string); 420 control->product_string = NULL; 421 out_free_vendor_string: 422 kfree(control->vendor_string); 423 control->vendor_string = NULL; 424 425 return false; 426 } 427 428 /* 429 * Parse a buffer containing an interface manifest. 430 * 431 * If we find anything wrong with the content/format of the buffer 432 * we reject it. 433 * 434 * The first requirement is that the manifest's version is 435 * one we can parse. 436 * 437 * We make an initial pass through the buffer and identify all of 438 * the descriptors it contains, keeping track for each its type 439 * and the location size of its data in the buffer. 440 * 441 * Next we scan the descriptors, looking for an interface descriptor; 442 * there must be exactly one of those. When found, we record the 443 * information it contains, and then remove that descriptor (and any 444 * string descriptors it refers to) from further consideration. 445 * 446 * After that we look for the interface's bundles--there must be at 447 * least one of those. 448 * 449 * Returns true if parsing was successful, false otherwise. 450 */ 451 bool gb_manifest_parse(struct gb_interface *intf, void *data, size_t size) 452 { 453 struct greybus_manifest *manifest; 454 struct greybus_manifest_header *header; 455 struct greybus_descriptor *desc; 456 struct manifest_desc *descriptor; 457 struct manifest_desc *interface_desc = NULL; 458 u16 manifest_size; 459 u32 found = 0; 460 bool result; 461 462 /* Manifest descriptor list should be empty here */ 463 if (WARN_ON(!list_empty(&intf->manifest_descs))) 464 return false; 465 466 /* we have to have at _least_ the manifest header */ 467 if (size < sizeof(*header)) { 468 dev_err(&intf->dev, "short manifest (%zu < %zu)\n", 469 size, sizeof(*header)); 470 return false; 471 } 472 473 /* Make sure the size is right */ 474 manifest = data; 475 header = &manifest->header; 476 manifest_size = le16_to_cpu(header->size); 477 if (manifest_size != size) { 478 dev_err(&intf->dev, "manifest size mismatch (%zu != %u)\n", 479 size, manifest_size); 480 return false; 481 } 482 483 /* Validate major/minor number */ 484 if (header->version_major > GREYBUS_VERSION_MAJOR) { 485 dev_err(&intf->dev, "manifest version too new (%u.%u > %u.%u)\n", 486 header->version_major, header->version_minor, 487 GREYBUS_VERSION_MAJOR, GREYBUS_VERSION_MINOR); 488 return false; 489 } 490 491 /* OK, find all the descriptors */ 492 desc = manifest->descriptors; 493 size -= sizeof(*header); 494 while (size) { 495 int desc_size; 496 497 desc_size = identify_descriptor(intf, desc, size); 498 if (desc_size < 0) { 499 result = false; 500 goto out; 501 } 502 desc = (struct greybus_descriptor *)((char *)desc + desc_size); 503 size -= desc_size; 504 } 505 506 /* There must be a single interface descriptor */ 507 list_for_each_entry(descriptor, &intf->manifest_descs, links) { 508 if (descriptor->type == GREYBUS_TYPE_INTERFACE) 509 if (!found++) 510 interface_desc = descriptor; 511 } 512 if (found != 1) { 513 dev_err(&intf->dev, "manifest must have 1 interface descriptor (%u found)\n", 514 found); 515 result = false; 516 goto out; 517 } 518 519 /* Parse the manifest, starting with the interface descriptor */ 520 result = gb_manifest_parse_interface(intf, interface_desc); 521 522 /* 523 * We really should have no remaining descriptors, but we 524 * don't know what newer format manifests might leave. 525 */ 526 if (result && !list_empty(&intf->manifest_descs)) 527 dev_info(&intf->dev, "excess descriptors in interface manifest\n"); 528 out: 529 release_manifest_descriptors(intf); 530 531 return result; 532 } 533