1 // SPDX-License-Identifier: GPL-2.0 2 /* 3 * Copyright (c) 2003-2020, Intel Corporation. All rights reserved. 4 * Intel Management Engine Interface (Intel MEI) Linux driver 5 */ 6 7 #include <linux/sched/signal.h> 8 #include <linux/wait.h> 9 #include <linux/delay.h> 10 #include <linux/slab.h> 11 #include <linux/pm_runtime.h> 12 13 #include <linux/mei.h> 14 15 #include "mei_dev.h" 16 #include "hbm.h" 17 #include "client.h" 18 19 /** 20 * mei_me_cl_init - initialize me client 21 * 22 * @me_cl: me client 23 */ 24 void mei_me_cl_init(struct mei_me_client *me_cl) 25 { 26 INIT_LIST_HEAD(&me_cl->list); 27 kref_init(&me_cl->refcnt); 28 } 29 30 /** 31 * mei_me_cl_get - increases me client refcount 32 * 33 * @me_cl: me client 34 * 35 * Locking: called under "dev->device_lock" lock 36 * 37 * Return: me client or NULL 38 */ 39 struct mei_me_client *mei_me_cl_get(struct mei_me_client *me_cl) 40 { 41 if (me_cl && kref_get_unless_zero(&me_cl->refcnt)) 42 return me_cl; 43 44 return NULL; 45 } 46 47 /** 48 * mei_me_cl_release - free me client 49 * 50 * Locking: called under "dev->device_lock" lock 51 * 52 * @ref: me_client refcount 53 */ 54 static void mei_me_cl_release(struct kref *ref) 55 { 56 struct mei_me_client *me_cl = 57 container_of(ref, struct mei_me_client, refcnt); 58 59 kfree(me_cl); 60 } 61 62 /** 63 * mei_me_cl_put - decrease me client refcount and free client if necessary 64 * 65 * Locking: called under "dev->device_lock" lock 66 * 67 * @me_cl: me client 68 */ 69 void mei_me_cl_put(struct mei_me_client *me_cl) 70 { 71 if (me_cl) 72 kref_put(&me_cl->refcnt, mei_me_cl_release); 73 } 74 75 /** 76 * __mei_me_cl_del - delete me client from the list and decrease 77 * reference counter 78 * 79 * @dev: mei device 80 * @me_cl: me client 81 * 82 * Locking: dev->me_clients_rwsem 83 */ 84 static void __mei_me_cl_del(struct mei_device *dev, struct mei_me_client *me_cl) 85 { 86 if (!me_cl) 87 return; 88 89 list_del_init(&me_cl->list); 90 mei_me_cl_put(me_cl); 91 } 92 93 /** 94 * mei_me_cl_del - delete me client from the list and decrease 95 * reference counter 96 * 97 * @dev: mei device 98 * @me_cl: me client 99 */ 100 void mei_me_cl_del(struct mei_device *dev, struct mei_me_client *me_cl) 101 { 102 down_write(&dev->me_clients_rwsem); 103 __mei_me_cl_del(dev, me_cl); 104 up_write(&dev->me_clients_rwsem); 105 } 106 107 /** 108 * mei_me_cl_add - add me client to the list 109 * 110 * @dev: mei device 111 * @me_cl: me client 112 */ 113 void mei_me_cl_add(struct mei_device *dev, struct mei_me_client *me_cl) 114 { 115 down_write(&dev->me_clients_rwsem); 116 list_add(&me_cl->list, &dev->me_clients); 117 up_write(&dev->me_clients_rwsem); 118 } 119 120 /** 121 * __mei_me_cl_by_uuid - locate me client by uuid 122 * increases ref count 123 * 124 * @dev: mei device 125 * @uuid: me client uuid 126 * 127 * Return: me client or NULL if not found 128 * 129 * Locking: dev->me_clients_rwsem 130 */ 131 static struct mei_me_client *__mei_me_cl_by_uuid(struct mei_device *dev, 132 const uuid_le *uuid) 133 { 134 struct mei_me_client *me_cl; 135 const uuid_le *pn; 136 137 WARN_ON(!rwsem_is_locked(&dev->me_clients_rwsem)); 138 139 list_for_each_entry(me_cl, &dev->me_clients, list) { 140 pn = &me_cl->props.protocol_name; 141 if (uuid_le_cmp(*uuid, *pn) == 0) 142 return mei_me_cl_get(me_cl); 143 } 144 145 return NULL; 146 } 147 148 /** 149 * mei_me_cl_by_uuid - locate me client by uuid 150 * increases ref count 151 * 152 * @dev: mei device 153 * @uuid: me client uuid 154 * 155 * Return: me client or NULL if not found 156 * 157 * Locking: dev->me_clients_rwsem 158 */ 159 struct mei_me_client *mei_me_cl_by_uuid(struct mei_device *dev, 160 const uuid_le *uuid) 161 { 162 struct mei_me_client *me_cl; 163 164 down_read(&dev->me_clients_rwsem); 165 me_cl = __mei_me_cl_by_uuid(dev, uuid); 166 up_read(&dev->me_clients_rwsem); 167 168 return me_cl; 169 } 170 171 /** 172 * mei_me_cl_by_id - locate me client by client id 173 * increases ref count 174 * 175 * @dev: the device structure 176 * @client_id: me client id 177 * 178 * Return: me client or NULL if not found 179 * 180 * Locking: dev->me_clients_rwsem 181 */ 182 struct mei_me_client *mei_me_cl_by_id(struct mei_device *dev, u8 client_id) 183 { 184 185 struct mei_me_client *__me_cl, *me_cl = NULL; 186 187 down_read(&dev->me_clients_rwsem); 188 list_for_each_entry(__me_cl, &dev->me_clients, list) { 189 if (__me_cl->client_id == client_id) { 190 me_cl = mei_me_cl_get(__me_cl); 191 break; 192 } 193 } 194 up_read(&dev->me_clients_rwsem); 195 196 return me_cl; 197 } 198 199 /** 200 * __mei_me_cl_by_uuid_id - locate me client by client id and uuid 201 * increases ref count 202 * 203 * @dev: the device structure 204 * @uuid: me client uuid 205 * @client_id: me client id 206 * 207 * Return: me client or null if not found 208 * 209 * Locking: dev->me_clients_rwsem 210 */ 211 static struct mei_me_client *__mei_me_cl_by_uuid_id(struct mei_device *dev, 212 const uuid_le *uuid, u8 client_id) 213 { 214 struct mei_me_client *me_cl; 215 const uuid_le *pn; 216 217 WARN_ON(!rwsem_is_locked(&dev->me_clients_rwsem)); 218 219 list_for_each_entry(me_cl, &dev->me_clients, list) { 220 pn = &me_cl->props.protocol_name; 221 if (uuid_le_cmp(*uuid, *pn) == 0 && 222 me_cl->client_id == client_id) 223 return mei_me_cl_get(me_cl); 224 } 225 226 return NULL; 227 } 228 229 230 /** 231 * mei_me_cl_by_uuid_id - locate me client by client id and uuid 232 * increases ref count 233 * 234 * @dev: the device structure 235 * @uuid: me client uuid 236 * @client_id: me client id 237 * 238 * Return: me client or null if not found 239 */ 240 struct mei_me_client *mei_me_cl_by_uuid_id(struct mei_device *dev, 241 const uuid_le *uuid, u8 client_id) 242 { 243 struct mei_me_client *me_cl; 244 245 down_read(&dev->me_clients_rwsem); 246 me_cl = __mei_me_cl_by_uuid_id(dev, uuid, client_id); 247 up_read(&dev->me_clients_rwsem); 248 249 return me_cl; 250 } 251 252 /** 253 * mei_me_cl_rm_by_uuid - remove all me clients matching uuid 254 * 255 * @dev: the device structure 256 * @uuid: me client uuid 257 * 258 * Locking: called under "dev->device_lock" lock 259 */ 260 void mei_me_cl_rm_by_uuid(struct mei_device *dev, const uuid_le *uuid) 261 { 262 struct mei_me_client *me_cl; 263 264 dev_dbg(dev->dev, "remove %pUl\n", uuid); 265 266 down_write(&dev->me_clients_rwsem); 267 me_cl = __mei_me_cl_by_uuid(dev, uuid); 268 __mei_me_cl_del(dev, me_cl); 269 mei_me_cl_put(me_cl); 270 up_write(&dev->me_clients_rwsem); 271 } 272 273 /** 274 * mei_me_cl_rm_by_uuid_id - remove all me clients matching client id 275 * 276 * @dev: the device structure 277 * @uuid: me client uuid 278 * @id: me client id 279 * 280 * Locking: called under "dev->device_lock" lock 281 */ 282 void mei_me_cl_rm_by_uuid_id(struct mei_device *dev, const uuid_le *uuid, u8 id) 283 { 284 struct mei_me_client *me_cl; 285 286 dev_dbg(dev->dev, "remove %pUl %d\n", uuid, id); 287 288 down_write(&dev->me_clients_rwsem); 289 me_cl = __mei_me_cl_by_uuid_id(dev, uuid, id); 290 __mei_me_cl_del(dev, me_cl); 291 mei_me_cl_put(me_cl); 292 up_write(&dev->me_clients_rwsem); 293 } 294 295 /** 296 * mei_me_cl_rm_all - remove all me clients 297 * 298 * @dev: the device structure 299 * 300 * Locking: called under "dev->device_lock" lock 301 */ 302 void mei_me_cl_rm_all(struct mei_device *dev) 303 { 304 struct mei_me_client *me_cl, *next; 305 306 down_write(&dev->me_clients_rwsem); 307 list_for_each_entry_safe(me_cl, next, &dev->me_clients, list) 308 __mei_me_cl_del(dev, me_cl); 309 up_write(&dev->me_clients_rwsem); 310 } 311 312 /** 313 * mei_io_cb_free - free mei_cb_private related memory 314 * 315 * @cb: mei callback struct 316 */ 317 void mei_io_cb_free(struct mei_cl_cb *cb) 318 { 319 if (cb == NULL) 320 return; 321 322 list_del(&cb->list); 323 kfree(cb->buf.data); 324 kfree(cb); 325 } 326 327 /** 328 * mei_tx_cb_queue - queue tx callback 329 * 330 * Locking: called under "dev->device_lock" lock 331 * 332 * @cb: mei callback struct 333 * @head: an instance of list to queue on 334 */ 335 static inline void mei_tx_cb_enqueue(struct mei_cl_cb *cb, 336 struct list_head *head) 337 { 338 list_add_tail(&cb->list, head); 339 cb->cl->tx_cb_queued++; 340 } 341 342 /** 343 * mei_tx_cb_dequeue - dequeue tx callback 344 * 345 * Locking: called under "dev->device_lock" lock 346 * 347 * @cb: mei callback struct to dequeue and free 348 */ 349 static inline void mei_tx_cb_dequeue(struct mei_cl_cb *cb) 350 { 351 if (!WARN_ON(cb->cl->tx_cb_queued == 0)) 352 cb->cl->tx_cb_queued--; 353 354 mei_io_cb_free(cb); 355 } 356 357 /** 358 * mei_cl_set_read_by_fp - set pending_read flag to vtag struct for given fp 359 * 360 * Locking: called under "dev->device_lock" lock 361 * 362 * @cl: mei client 363 * @fp: pointer to file structure 364 */ 365 static void mei_cl_set_read_by_fp(const struct mei_cl *cl, 366 const struct file *fp) 367 { 368 struct mei_cl_vtag *cl_vtag; 369 370 list_for_each_entry(cl_vtag, &cl->vtag_map, list) { 371 if (cl_vtag->fp == fp) { 372 cl_vtag->pending_read = true; 373 return; 374 } 375 } 376 } 377 378 /** 379 * mei_io_cb_init - allocate and initialize io callback 380 * 381 * @cl: mei client 382 * @type: operation type 383 * @fp: pointer to file structure 384 * 385 * Return: mei_cl_cb pointer or NULL; 386 */ 387 static struct mei_cl_cb *mei_io_cb_init(struct mei_cl *cl, 388 enum mei_cb_file_ops type, 389 const struct file *fp) 390 { 391 struct mei_cl_cb *cb; 392 393 cb = kzalloc(sizeof(*cb), GFP_KERNEL); 394 if (!cb) 395 return NULL; 396 397 INIT_LIST_HEAD(&cb->list); 398 cb->fp = fp; 399 cb->cl = cl; 400 cb->buf_idx = 0; 401 cb->fop_type = type; 402 cb->vtag = 0; 403 404 return cb; 405 } 406 407 /** 408 * mei_io_list_flush_cl - removes cbs belonging to the cl. 409 * 410 * @head: an instance of our list structure 411 * @cl: host client 412 */ 413 static void mei_io_list_flush_cl(struct list_head *head, 414 const struct mei_cl *cl) 415 { 416 struct mei_cl_cb *cb, *next; 417 418 list_for_each_entry_safe(cb, next, head, list) { 419 if (cl == cb->cl) { 420 list_del_init(&cb->list); 421 if (cb->fop_type == MEI_FOP_READ) 422 mei_io_cb_free(cb); 423 } 424 } 425 } 426 427 /** 428 * mei_io_tx_list_free_cl - removes cb belonging to the cl and free them 429 * 430 * @head: An instance of our list structure 431 * @cl: host client 432 * @fp: file pointer (matching cb file object), may be NULL 433 */ 434 static void mei_io_tx_list_free_cl(struct list_head *head, 435 const struct mei_cl *cl, 436 const struct file *fp) 437 { 438 struct mei_cl_cb *cb, *next; 439 440 list_for_each_entry_safe(cb, next, head, list) { 441 if (cl == cb->cl && (!fp || fp == cb->fp)) 442 mei_tx_cb_dequeue(cb); 443 } 444 } 445 446 /** 447 * mei_io_list_free_fp - free cb from a list that matches file pointer 448 * 449 * @head: io list 450 * @fp: file pointer (matching cb file object), may be NULL 451 */ 452 static void mei_io_list_free_fp(struct list_head *head, const struct file *fp) 453 { 454 struct mei_cl_cb *cb, *next; 455 456 list_for_each_entry_safe(cb, next, head, list) 457 if (!fp || fp == cb->fp) 458 mei_io_cb_free(cb); 459 } 460 461 /** 462 * mei_cl_free_pending - free pending cb 463 * 464 * @cl: host client 465 */ 466 static void mei_cl_free_pending(struct mei_cl *cl) 467 { 468 struct mei_cl_cb *cb; 469 470 cb = list_first_entry_or_null(&cl->rd_pending, struct mei_cl_cb, list); 471 mei_io_cb_free(cb); 472 } 473 474 /** 475 * mei_cl_alloc_cb - a convenient wrapper for allocating read cb 476 * 477 * @cl: host client 478 * @length: size of the buffer 479 * @fop_type: operation type 480 * @fp: associated file pointer (might be NULL) 481 * 482 * Return: cb on success and NULL on failure 483 */ 484 struct mei_cl_cb *mei_cl_alloc_cb(struct mei_cl *cl, size_t length, 485 enum mei_cb_file_ops fop_type, 486 const struct file *fp) 487 { 488 struct mei_cl_cb *cb; 489 490 cb = mei_io_cb_init(cl, fop_type, fp); 491 if (!cb) 492 return NULL; 493 494 if (length == 0) 495 return cb; 496 497 cb->buf.data = kmalloc(roundup(length, MEI_SLOT_SIZE), GFP_KERNEL); 498 if (!cb->buf.data) { 499 mei_io_cb_free(cb); 500 return NULL; 501 } 502 cb->buf.size = length; 503 504 return cb; 505 } 506 507 /** 508 * mei_cl_enqueue_ctrl_wr_cb - a convenient wrapper for allocating 509 * and enqueuing of the control commands cb 510 * 511 * @cl: host client 512 * @length: size of the buffer 513 * @fop_type: operation type 514 * @fp: associated file pointer (might be NULL) 515 * 516 * Return: cb on success and NULL on failure 517 * Locking: called under "dev->device_lock" lock 518 */ 519 struct mei_cl_cb *mei_cl_enqueue_ctrl_wr_cb(struct mei_cl *cl, size_t length, 520 enum mei_cb_file_ops fop_type, 521 const struct file *fp) 522 { 523 struct mei_cl_cb *cb; 524 525 /* for RX always allocate at least client's mtu */ 526 if (length) 527 length = max_t(size_t, length, mei_cl_mtu(cl)); 528 529 cb = mei_cl_alloc_cb(cl, length, fop_type, fp); 530 if (!cb) 531 return NULL; 532 533 list_add_tail(&cb->list, &cl->dev->ctrl_wr_list); 534 return cb; 535 } 536 537 /** 538 * mei_cl_read_cb - find this cl's callback in the read list 539 * for a specific file 540 * 541 * @cl: host client 542 * @fp: file pointer (matching cb file object), may be NULL 543 * 544 * Return: cb on success, NULL if cb is not found 545 */ 546 struct mei_cl_cb *mei_cl_read_cb(struct mei_cl *cl, const struct file *fp) 547 { 548 struct mei_cl_cb *cb; 549 struct mei_cl_cb *ret_cb = NULL; 550 551 spin_lock(&cl->rd_completed_lock); 552 list_for_each_entry(cb, &cl->rd_completed, list) 553 if (!fp || fp == cb->fp) { 554 ret_cb = cb; 555 break; 556 } 557 spin_unlock(&cl->rd_completed_lock); 558 return ret_cb; 559 } 560 561 /** 562 * mei_cl_flush_queues - flushes queue lists belonging to cl. 563 * 564 * @cl: host client 565 * @fp: file pointer (matching cb file object), may be NULL 566 * 567 * Return: 0 on success, -EINVAL if cl or cl->dev is NULL. 568 */ 569 int mei_cl_flush_queues(struct mei_cl *cl, const struct file *fp) 570 { 571 struct mei_device *dev; 572 573 if (WARN_ON(!cl || !cl->dev)) 574 return -EINVAL; 575 576 dev = cl->dev; 577 578 cl_dbg(dev, cl, "remove list entry belonging to cl\n"); 579 mei_io_tx_list_free_cl(&cl->dev->write_list, cl, fp); 580 mei_io_tx_list_free_cl(&cl->dev->write_waiting_list, cl, fp); 581 /* free pending and control cb only in final flush */ 582 if (!fp) { 583 mei_io_list_flush_cl(&cl->dev->ctrl_wr_list, cl); 584 mei_io_list_flush_cl(&cl->dev->ctrl_rd_list, cl); 585 mei_cl_free_pending(cl); 586 } 587 spin_lock(&cl->rd_completed_lock); 588 mei_io_list_free_fp(&cl->rd_completed, fp); 589 spin_unlock(&cl->rd_completed_lock); 590 591 return 0; 592 } 593 594 /** 595 * mei_cl_init - initializes cl. 596 * 597 * @cl: host client to be initialized 598 * @dev: mei device 599 */ 600 static void mei_cl_init(struct mei_cl *cl, struct mei_device *dev) 601 { 602 memset(cl, 0, sizeof(*cl)); 603 init_waitqueue_head(&cl->wait); 604 init_waitqueue_head(&cl->rx_wait); 605 init_waitqueue_head(&cl->tx_wait); 606 init_waitqueue_head(&cl->ev_wait); 607 INIT_LIST_HEAD(&cl->vtag_map); 608 spin_lock_init(&cl->rd_completed_lock); 609 INIT_LIST_HEAD(&cl->rd_completed); 610 INIT_LIST_HEAD(&cl->rd_pending); 611 INIT_LIST_HEAD(&cl->link); 612 cl->writing_state = MEI_IDLE; 613 cl->state = MEI_FILE_UNINITIALIZED; 614 cl->dev = dev; 615 } 616 617 /** 618 * mei_cl_allocate - allocates cl structure and sets it up. 619 * 620 * @dev: mei device 621 * Return: The allocated file or NULL on failure 622 */ 623 struct mei_cl *mei_cl_allocate(struct mei_device *dev) 624 { 625 struct mei_cl *cl; 626 627 cl = kmalloc(sizeof(*cl), GFP_KERNEL); 628 if (!cl) 629 return NULL; 630 631 mei_cl_init(cl, dev); 632 633 return cl; 634 } 635 636 /** 637 * mei_cl_link - allocate host id in the host map 638 * 639 * @cl: host client 640 * 641 * Return: 0 on success 642 * -EINVAL on incorrect values 643 * -EMFILE if open count exceeded. 644 */ 645 int mei_cl_link(struct mei_cl *cl) 646 { 647 struct mei_device *dev; 648 int id; 649 650 if (WARN_ON(!cl || !cl->dev)) 651 return -EINVAL; 652 653 dev = cl->dev; 654 655 id = find_first_zero_bit(dev->host_clients_map, MEI_CLIENTS_MAX); 656 if (id >= MEI_CLIENTS_MAX) { 657 dev_err(dev->dev, "id exceeded %d", MEI_CLIENTS_MAX); 658 return -EMFILE; 659 } 660 661 if (dev->open_handle_count >= MEI_MAX_OPEN_HANDLE_COUNT) { 662 dev_err(dev->dev, "open_handle_count exceeded %d", 663 MEI_MAX_OPEN_HANDLE_COUNT); 664 return -EMFILE; 665 } 666 667 dev->open_handle_count++; 668 669 cl->host_client_id = id; 670 list_add_tail(&cl->link, &dev->file_list); 671 672 set_bit(id, dev->host_clients_map); 673 674 cl->state = MEI_FILE_INITIALIZING; 675 676 cl_dbg(dev, cl, "link cl\n"); 677 return 0; 678 } 679 680 /** 681 * mei_cl_unlink - remove host client from the list 682 * 683 * @cl: host client 684 * 685 * Return: always 0 686 */ 687 int mei_cl_unlink(struct mei_cl *cl) 688 { 689 struct mei_device *dev; 690 691 /* don't shout on error exit path */ 692 if (!cl) 693 return 0; 694 695 if (WARN_ON(!cl->dev)) 696 return 0; 697 698 dev = cl->dev; 699 700 cl_dbg(dev, cl, "unlink client"); 701 702 if (dev->open_handle_count > 0) 703 dev->open_handle_count--; 704 705 /* never clear the 0 bit */ 706 if (cl->host_client_id) 707 clear_bit(cl->host_client_id, dev->host_clients_map); 708 709 list_del_init(&cl->link); 710 711 cl->state = MEI_FILE_UNINITIALIZED; 712 cl->writing_state = MEI_IDLE; 713 714 WARN_ON(!list_empty(&cl->rd_completed) || 715 !list_empty(&cl->rd_pending) || 716 !list_empty(&cl->link)); 717 718 return 0; 719 } 720 721 void mei_host_client_init(struct mei_device *dev) 722 { 723 mei_set_devstate(dev, MEI_DEV_ENABLED); 724 dev->reset_count = 0; 725 726 schedule_work(&dev->bus_rescan_work); 727 728 pm_runtime_mark_last_busy(dev->dev); 729 dev_dbg(dev->dev, "rpm: autosuspend\n"); 730 pm_request_autosuspend(dev->dev); 731 } 732 733 /** 734 * mei_hbuf_acquire - try to acquire host buffer 735 * 736 * @dev: the device structure 737 * Return: true if host buffer was acquired 738 */ 739 bool mei_hbuf_acquire(struct mei_device *dev) 740 { 741 if (mei_pg_state(dev) == MEI_PG_ON || 742 mei_pg_in_transition(dev)) { 743 dev_dbg(dev->dev, "device is in pg\n"); 744 return false; 745 } 746 747 if (!dev->hbuf_is_ready) { 748 dev_dbg(dev->dev, "hbuf is not ready\n"); 749 return false; 750 } 751 752 dev->hbuf_is_ready = false; 753 754 return true; 755 } 756 757 /** 758 * mei_cl_wake_all - wake up readers, writers and event waiters so 759 * they can be interrupted 760 * 761 * @cl: host client 762 */ 763 static void mei_cl_wake_all(struct mei_cl *cl) 764 { 765 struct mei_device *dev = cl->dev; 766 767 /* synchronized under device mutex */ 768 if (waitqueue_active(&cl->rx_wait)) { 769 cl_dbg(dev, cl, "Waking up reading client!\n"); 770 wake_up_interruptible(&cl->rx_wait); 771 } 772 /* synchronized under device mutex */ 773 if (waitqueue_active(&cl->tx_wait)) { 774 cl_dbg(dev, cl, "Waking up writing client!\n"); 775 wake_up_interruptible(&cl->tx_wait); 776 } 777 /* synchronized under device mutex */ 778 if (waitqueue_active(&cl->ev_wait)) { 779 cl_dbg(dev, cl, "Waking up waiting for event clients!\n"); 780 wake_up_interruptible(&cl->ev_wait); 781 } 782 /* synchronized under device mutex */ 783 if (waitqueue_active(&cl->wait)) { 784 cl_dbg(dev, cl, "Waking up ctrl write clients!\n"); 785 wake_up(&cl->wait); 786 } 787 } 788 789 /** 790 * mei_cl_set_disconnected - set disconnected state and clear 791 * associated states and resources 792 * 793 * @cl: host client 794 */ 795 static void mei_cl_set_disconnected(struct mei_cl *cl) 796 { 797 struct mei_device *dev = cl->dev; 798 799 if (cl->state == MEI_FILE_DISCONNECTED || 800 cl->state <= MEI_FILE_INITIALIZING) 801 return; 802 803 cl->state = MEI_FILE_DISCONNECTED; 804 mei_io_tx_list_free_cl(&dev->write_list, cl, NULL); 805 mei_io_tx_list_free_cl(&dev->write_waiting_list, cl, NULL); 806 mei_io_list_flush_cl(&dev->ctrl_rd_list, cl); 807 mei_io_list_flush_cl(&dev->ctrl_wr_list, cl); 808 mei_cl_wake_all(cl); 809 cl->rx_flow_ctrl_creds = 0; 810 cl->tx_flow_ctrl_creds = 0; 811 cl->timer_count = 0; 812 813 if (!cl->me_cl) 814 return; 815 816 if (!WARN_ON(cl->me_cl->connect_count == 0)) 817 cl->me_cl->connect_count--; 818 819 if (cl->me_cl->connect_count == 0) 820 cl->me_cl->tx_flow_ctrl_creds = 0; 821 822 mei_me_cl_put(cl->me_cl); 823 cl->me_cl = NULL; 824 } 825 826 static int mei_cl_set_connecting(struct mei_cl *cl, struct mei_me_client *me_cl) 827 { 828 if (!mei_me_cl_get(me_cl)) 829 return -ENOENT; 830 831 /* only one connection is allowed for fixed address clients */ 832 if (me_cl->props.fixed_address) { 833 if (me_cl->connect_count) { 834 mei_me_cl_put(me_cl); 835 return -EBUSY; 836 } 837 } 838 839 cl->me_cl = me_cl; 840 cl->state = MEI_FILE_CONNECTING; 841 cl->me_cl->connect_count++; 842 843 return 0; 844 } 845 846 /* 847 * mei_cl_send_disconnect - send disconnect request 848 * 849 * @cl: host client 850 * @cb: callback block 851 * 852 * Return: 0, OK; otherwise, error. 853 */ 854 static int mei_cl_send_disconnect(struct mei_cl *cl, struct mei_cl_cb *cb) 855 { 856 struct mei_device *dev; 857 int ret; 858 859 dev = cl->dev; 860 861 ret = mei_hbm_cl_disconnect_req(dev, cl); 862 cl->status = ret; 863 if (ret) { 864 cl->state = MEI_FILE_DISCONNECT_REPLY; 865 return ret; 866 } 867 868 list_move_tail(&cb->list, &dev->ctrl_rd_list); 869 cl->timer_count = MEI_CONNECT_TIMEOUT; 870 mei_schedule_stall_timer(dev); 871 872 return 0; 873 } 874 875 /** 876 * mei_cl_irq_disconnect - processes close related operation from 877 * interrupt thread context - send disconnect request 878 * 879 * @cl: client 880 * @cb: callback block. 881 * @cmpl_list: complete list. 882 * 883 * Return: 0, OK; otherwise, error. 884 */ 885 int mei_cl_irq_disconnect(struct mei_cl *cl, struct mei_cl_cb *cb, 886 struct list_head *cmpl_list) 887 { 888 struct mei_device *dev = cl->dev; 889 u32 msg_slots; 890 int slots; 891 int ret; 892 893 msg_slots = mei_hbm2slots(sizeof(struct hbm_client_connect_request)); 894 slots = mei_hbuf_empty_slots(dev); 895 if (slots < 0) 896 return -EOVERFLOW; 897 898 if ((u32)slots < msg_slots) 899 return -EMSGSIZE; 900 901 ret = mei_cl_send_disconnect(cl, cb); 902 if (ret) 903 list_move_tail(&cb->list, cmpl_list); 904 905 return ret; 906 } 907 908 /** 909 * __mei_cl_disconnect - disconnect host client from the me one 910 * internal function runtime pm has to be already acquired 911 * 912 * @cl: host client 913 * 914 * Return: 0 on success, <0 on failure. 915 */ 916 static int __mei_cl_disconnect(struct mei_cl *cl) 917 { 918 struct mei_device *dev; 919 struct mei_cl_cb *cb; 920 int rets; 921 922 dev = cl->dev; 923 924 cl->state = MEI_FILE_DISCONNECTING; 925 926 cb = mei_cl_enqueue_ctrl_wr_cb(cl, 0, MEI_FOP_DISCONNECT, NULL); 927 if (!cb) { 928 rets = -ENOMEM; 929 goto out; 930 } 931 932 if (mei_hbuf_acquire(dev)) { 933 rets = mei_cl_send_disconnect(cl, cb); 934 if (rets) { 935 cl_err(dev, cl, "failed to disconnect.\n"); 936 goto out; 937 } 938 } 939 940 mutex_unlock(&dev->device_lock); 941 wait_event_timeout(cl->wait, 942 cl->state == MEI_FILE_DISCONNECT_REPLY || 943 cl->state == MEI_FILE_DISCONNECTED, 944 mei_secs_to_jiffies(MEI_CL_CONNECT_TIMEOUT)); 945 mutex_lock(&dev->device_lock); 946 947 rets = cl->status; 948 if (cl->state != MEI_FILE_DISCONNECT_REPLY && 949 cl->state != MEI_FILE_DISCONNECTED) { 950 cl_dbg(dev, cl, "timeout on disconnect from FW client.\n"); 951 rets = -ETIME; 952 } 953 954 out: 955 /* we disconnect also on error */ 956 mei_cl_set_disconnected(cl); 957 if (!rets) 958 cl_dbg(dev, cl, "successfully disconnected from FW client.\n"); 959 960 mei_io_cb_free(cb); 961 return rets; 962 } 963 964 /** 965 * mei_cl_disconnect - disconnect host client from the me one 966 * 967 * @cl: host client 968 * 969 * Locking: called under "dev->device_lock" lock 970 * 971 * Return: 0 on success, <0 on failure. 972 */ 973 int mei_cl_disconnect(struct mei_cl *cl) 974 { 975 struct mei_device *dev; 976 int rets; 977 978 if (WARN_ON(!cl || !cl->dev)) 979 return -ENODEV; 980 981 dev = cl->dev; 982 983 cl_dbg(dev, cl, "disconnecting"); 984 985 if (!mei_cl_is_connected(cl)) 986 return 0; 987 988 if (mei_cl_is_fixed_address(cl)) { 989 mei_cl_set_disconnected(cl); 990 return 0; 991 } 992 993 if (dev->dev_state == MEI_DEV_POWER_DOWN) { 994 cl_dbg(dev, cl, "Device is powering down, don't bother with disconnection\n"); 995 mei_cl_set_disconnected(cl); 996 return 0; 997 } 998 999 rets = pm_runtime_get(dev->dev); 1000 if (rets < 0 && rets != -EINPROGRESS) { 1001 pm_runtime_put_noidle(dev->dev); 1002 cl_err(dev, cl, "rpm: get failed %d\n", rets); 1003 return rets; 1004 } 1005 1006 rets = __mei_cl_disconnect(cl); 1007 1008 cl_dbg(dev, cl, "rpm: autosuspend\n"); 1009 pm_runtime_mark_last_busy(dev->dev); 1010 pm_runtime_put_autosuspend(dev->dev); 1011 1012 return rets; 1013 } 1014 1015 1016 /** 1017 * mei_cl_is_other_connecting - checks if other 1018 * client with the same me client id is connecting 1019 * 1020 * @cl: private data of the file object 1021 * 1022 * Return: true if other client is connected, false - otherwise. 1023 */ 1024 static bool mei_cl_is_other_connecting(struct mei_cl *cl) 1025 { 1026 struct mei_device *dev; 1027 struct mei_cl_cb *cb; 1028 1029 dev = cl->dev; 1030 1031 list_for_each_entry(cb, &dev->ctrl_rd_list, list) { 1032 if (cb->fop_type == MEI_FOP_CONNECT && 1033 mei_cl_me_id(cl) == mei_cl_me_id(cb->cl)) 1034 return true; 1035 } 1036 1037 return false; 1038 } 1039 1040 /** 1041 * mei_cl_send_connect - send connect request 1042 * 1043 * @cl: host client 1044 * @cb: callback block 1045 * 1046 * Return: 0, OK; otherwise, error. 1047 */ 1048 static int mei_cl_send_connect(struct mei_cl *cl, struct mei_cl_cb *cb) 1049 { 1050 struct mei_device *dev; 1051 int ret; 1052 1053 dev = cl->dev; 1054 1055 ret = mei_hbm_cl_connect_req(dev, cl); 1056 cl->status = ret; 1057 if (ret) { 1058 cl->state = MEI_FILE_DISCONNECT_REPLY; 1059 return ret; 1060 } 1061 1062 list_move_tail(&cb->list, &dev->ctrl_rd_list); 1063 cl->timer_count = MEI_CONNECT_TIMEOUT; 1064 mei_schedule_stall_timer(dev); 1065 return 0; 1066 } 1067 1068 /** 1069 * mei_cl_irq_connect - send connect request in irq_thread context 1070 * 1071 * @cl: host client 1072 * @cb: callback block 1073 * @cmpl_list: complete list 1074 * 1075 * Return: 0, OK; otherwise, error. 1076 */ 1077 int mei_cl_irq_connect(struct mei_cl *cl, struct mei_cl_cb *cb, 1078 struct list_head *cmpl_list) 1079 { 1080 struct mei_device *dev = cl->dev; 1081 u32 msg_slots; 1082 int slots; 1083 int rets; 1084 1085 if (mei_cl_is_other_connecting(cl)) 1086 return 0; 1087 1088 msg_slots = mei_hbm2slots(sizeof(struct hbm_client_connect_request)); 1089 slots = mei_hbuf_empty_slots(dev); 1090 if (slots < 0) 1091 return -EOVERFLOW; 1092 1093 if ((u32)slots < msg_slots) 1094 return -EMSGSIZE; 1095 1096 rets = mei_cl_send_connect(cl, cb); 1097 if (rets) 1098 list_move_tail(&cb->list, cmpl_list); 1099 1100 return rets; 1101 } 1102 1103 /** 1104 * mei_cl_connect - connect host client to the me one 1105 * 1106 * @cl: host client 1107 * @me_cl: me client 1108 * @fp: pointer to file structure 1109 * 1110 * Locking: called under "dev->device_lock" lock 1111 * 1112 * Return: 0 on success, <0 on failure. 1113 */ 1114 int mei_cl_connect(struct mei_cl *cl, struct mei_me_client *me_cl, 1115 const struct file *fp) 1116 { 1117 struct mei_device *dev; 1118 struct mei_cl_cb *cb; 1119 int rets; 1120 1121 if (WARN_ON(!cl || !cl->dev || !me_cl)) 1122 return -ENODEV; 1123 1124 dev = cl->dev; 1125 1126 rets = mei_cl_set_connecting(cl, me_cl); 1127 if (rets) 1128 goto nortpm; 1129 1130 if (mei_cl_is_fixed_address(cl)) { 1131 cl->state = MEI_FILE_CONNECTED; 1132 rets = 0; 1133 goto nortpm; 1134 } 1135 1136 rets = pm_runtime_get(dev->dev); 1137 if (rets < 0 && rets != -EINPROGRESS) { 1138 pm_runtime_put_noidle(dev->dev); 1139 cl_err(dev, cl, "rpm: get failed %d\n", rets); 1140 goto nortpm; 1141 } 1142 1143 cb = mei_cl_enqueue_ctrl_wr_cb(cl, 0, MEI_FOP_CONNECT, fp); 1144 if (!cb) { 1145 rets = -ENOMEM; 1146 goto out; 1147 } 1148 1149 /* run hbuf acquire last so we don't have to undo */ 1150 if (!mei_cl_is_other_connecting(cl) && mei_hbuf_acquire(dev)) { 1151 rets = mei_cl_send_connect(cl, cb); 1152 if (rets) 1153 goto out; 1154 } 1155 1156 mutex_unlock(&dev->device_lock); 1157 wait_event_timeout(cl->wait, 1158 (cl->state == MEI_FILE_CONNECTED || 1159 cl->state == MEI_FILE_DISCONNECTED || 1160 cl->state == MEI_FILE_DISCONNECT_REQUIRED || 1161 cl->state == MEI_FILE_DISCONNECT_REPLY), 1162 mei_secs_to_jiffies(MEI_CL_CONNECT_TIMEOUT)); 1163 mutex_lock(&dev->device_lock); 1164 1165 if (!mei_cl_is_connected(cl)) { 1166 if (cl->state == MEI_FILE_DISCONNECT_REQUIRED) { 1167 mei_io_list_flush_cl(&dev->ctrl_rd_list, cl); 1168 mei_io_list_flush_cl(&dev->ctrl_wr_list, cl); 1169 /* ignore disconnect return valuue; 1170 * in case of failure reset will be invoked 1171 */ 1172 __mei_cl_disconnect(cl); 1173 rets = -EFAULT; 1174 goto out; 1175 } 1176 1177 /* timeout or something went really wrong */ 1178 if (!cl->status) 1179 cl->status = -EFAULT; 1180 } 1181 1182 rets = cl->status; 1183 out: 1184 cl_dbg(dev, cl, "rpm: autosuspend\n"); 1185 pm_runtime_mark_last_busy(dev->dev); 1186 pm_runtime_put_autosuspend(dev->dev); 1187 1188 mei_io_cb_free(cb); 1189 1190 nortpm: 1191 if (!mei_cl_is_connected(cl)) 1192 mei_cl_set_disconnected(cl); 1193 1194 return rets; 1195 } 1196 1197 /** 1198 * mei_cl_alloc_linked - allocate and link host client 1199 * 1200 * @dev: the device structure 1201 * 1202 * Return: cl on success ERR_PTR on failure 1203 */ 1204 struct mei_cl *mei_cl_alloc_linked(struct mei_device *dev) 1205 { 1206 struct mei_cl *cl; 1207 int ret; 1208 1209 cl = mei_cl_allocate(dev); 1210 if (!cl) { 1211 ret = -ENOMEM; 1212 goto err; 1213 } 1214 1215 ret = mei_cl_link(cl); 1216 if (ret) 1217 goto err; 1218 1219 return cl; 1220 err: 1221 kfree(cl); 1222 return ERR_PTR(ret); 1223 } 1224 1225 /** 1226 * mei_cl_tx_flow_ctrl_creds - checks flow_control credits for cl. 1227 * 1228 * @cl: host client 1229 * 1230 * Return: 1 if tx_flow_ctrl_creds >0, 0 - otherwise. 1231 */ 1232 static int mei_cl_tx_flow_ctrl_creds(struct mei_cl *cl) 1233 { 1234 if (WARN_ON(!cl || !cl->me_cl)) 1235 return -EINVAL; 1236 1237 if (cl->tx_flow_ctrl_creds > 0) 1238 return 1; 1239 1240 if (mei_cl_is_fixed_address(cl)) 1241 return 1; 1242 1243 if (mei_cl_is_single_recv_buf(cl)) { 1244 if (cl->me_cl->tx_flow_ctrl_creds > 0) 1245 return 1; 1246 } 1247 return 0; 1248 } 1249 1250 /** 1251 * mei_cl_tx_flow_ctrl_creds_reduce - reduces transmit flow control credits 1252 * for a client 1253 * 1254 * @cl: host client 1255 * 1256 * Return: 1257 * 0 on success 1258 * -EINVAL when ctrl credits are <= 0 1259 */ 1260 static int mei_cl_tx_flow_ctrl_creds_reduce(struct mei_cl *cl) 1261 { 1262 if (WARN_ON(!cl || !cl->me_cl)) 1263 return -EINVAL; 1264 1265 if (mei_cl_is_fixed_address(cl)) 1266 return 0; 1267 1268 if (mei_cl_is_single_recv_buf(cl)) { 1269 if (WARN_ON(cl->me_cl->tx_flow_ctrl_creds <= 0)) 1270 return -EINVAL; 1271 cl->me_cl->tx_flow_ctrl_creds--; 1272 } else { 1273 if (WARN_ON(cl->tx_flow_ctrl_creds <= 0)) 1274 return -EINVAL; 1275 cl->tx_flow_ctrl_creds--; 1276 } 1277 return 0; 1278 } 1279 1280 /** 1281 * mei_cl_vtag_alloc - allocate and fill the vtag structure 1282 * 1283 * @fp: pointer to file structure 1284 * @vtag: vm tag 1285 * 1286 * Return: 1287 * * Pointer to allocated struct - on success 1288 * * ERR_PTR(-ENOMEM) on memory allocation failure 1289 */ 1290 struct mei_cl_vtag *mei_cl_vtag_alloc(struct file *fp, u8 vtag) 1291 { 1292 struct mei_cl_vtag *cl_vtag; 1293 1294 cl_vtag = kzalloc(sizeof(*cl_vtag), GFP_KERNEL); 1295 if (!cl_vtag) 1296 return ERR_PTR(-ENOMEM); 1297 1298 INIT_LIST_HEAD(&cl_vtag->list); 1299 cl_vtag->vtag = vtag; 1300 cl_vtag->fp = fp; 1301 1302 return cl_vtag; 1303 } 1304 1305 /** 1306 * mei_cl_fp_by_vtag - obtain the file pointer by vtag 1307 * 1308 * @cl: host client 1309 * @vtag: virtual tag 1310 * 1311 * Return: 1312 * * A file pointer - on success 1313 * * ERR_PTR(-ENOENT) if vtag is not found in the client vtag list 1314 */ 1315 const struct file *mei_cl_fp_by_vtag(const struct mei_cl *cl, u8 vtag) 1316 { 1317 struct mei_cl_vtag *vtag_l; 1318 1319 list_for_each_entry(vtag_l, &cl->vtag_map, list) 1320 /* The client on bus has one fixed fp */ 1321 if ((cl->cldev && mei_cldev_enabled(cl->cldev)) || 1322 vtag_l->vtag == vtag) 1323 return vtag_l->fp; 1324 1325 return ERR_PTR(-ENOENT); 1326 } 1327 1328 /** 1329 * mei_cl_reset_read_by_vtag - reset pending_read flag by given vtag 1330 * 1331 * @cl: host client 1332 * @vtag: vm tag 1333 */ 1334 static void mei_cl_reset_read_by_vtag(const struct mei_cl *cl, u8 vtag) 1335 { 1336 struct mei_cl_vtag *vtag_l; 1337 1338 list_for_each_entry(vtag_l, &cl->vtag_map, list) { 1339 if (vtag_l->vtag == vtag) { 1340 vtag_l->pending_read = false; 1341 break; 1342 } 1343 } 1344 } 1345 1346 /** 1347 * mei_cl_read_vtag_add_fc - add flow control for next pending reader 1348 * in the vtag list 1349 * 1350 * @cl: host client 1351 */ 1352 static void mei_cl_read_vtag_add_fc(struct mei_cl *cl) 1353 { 1354 struct mei_cl_vtag *cl_vtag; 1355 1356 list_for_each_entry(cl_vtag, &cl->vtag_map, list) { 1357 if (cl_vtag->pending_read) { 1358 if (mei_cl_enqueue_ctrl_wr_cb(cl, 1359 mei_cl_mtu(cl), 1360 MEI_FOP_READ, 1361 cl_vtag->fp)) 1362 cl->rx_flow_ctrl_creds++; 1363 break; 1364 } 1365 } 1366 } 1367 1368 /** 1369 * mei_cl_vt_support_check - check if client support vtags 1370 * 1371 * @cl: host client 1372 * 1373 * Return: 1374 * * 0 - supported, or not connected at all 1375 * * -EOPNOTSUPP - vtags are not supported by client 1376 */ 1377 int mei_cl_vt_support_check(const struct mei_cl *cl) 1378 { 1379 struct mei_device *dev = cl->dev; 1380 1381 if (!dev->hbm_f_vt_supported) 1382 return -EOPNOTSUPP; 1383 1384 if (!cl->me_cl) 1385 return 0; 1386 1387 return cl->me_cl->props.vt_supported ? 0 : -EOPNOTSUPP; 1388 } 1389 1390 /** 1391 * mei_cl_add_rd_completed - add read completed callback to list with lock 1392 * and vtag check 1393 * 1394 * @cl: host client 1395 * @cb: callback block 1396 * 1397 */ 1398 void mei_cl_add_rd_completed(struct mei_cl *cl, struct mei_cl_cb *cb) 1399 { 1400 const struct file *fp; 1401 1402 if (!mei_cl_vt_support_check(cl)) { 1403 fp = mei_cl_fp_by_vtag(cl, cb->vtag); 1404 if (IS_ERR(fp)) { 1405 /* client already disconnected, discarding */ 1406 mei_io_cb_free(cb); 1407 return; 1408 } 1409 cb->fp = fp; 1410 mei_cl_reset_read_by_vtag(cl, cb->vtag); 1411 mei_cl_read_vtag_add_fc(cl); 1412 } 1413 1414 spin_lock(&cl->rd_completed_lock); 1415 list_add_tail(&cb->list, &cl->rd_completed); 1416 spin_unlock(&cl->rd_completed_lock); 1417 } 1418 1419 /** 1420 * mei_cl_del_rd_completed - free read completed callback with lock 1421 * 1422 * @cl: host client 1423 * @cb: callback block 1424 * 1425 */ 1426 void mei_cl_del_rd_completed(struct mei_cl *cl, struct mei_cl_cb *cb) 1427 { 1428 spin_lock(&cl->rd_completed_lock); 1429 mei_io_cb_free(cb); 1430 spin_unlock(&cl->rd_completed_lock); 1431 } 1432 1433 /** 1434 * mei_cl_notify_fop2req - convert fop to proper request 1435 * 1436 * @fop: client notification start response command 1437 * 1438 * Return: MEI_HBM_NOTIFICATION_START/STOP 1439 */ 1440 u8 mei_cl_notify_fop2req(enum mei_cb_file_ops fop) 1441 { 1442 if (fop == MEI_FOP_NOTIFY_START) 1443 return MEI_HBM_NOTIFICATION_START; 1444 else 1445 return MEI_HBM_NOTIFICATION_STOP; 1446 } 1447 1448 /** 1449 * mei_cl_notify_req2fop - convert notification request top file operation type 1450 * 1451 * @req: hbm notification request type 1452 * 1453 * Return: MEI_FOP_NOTIFY_START/STOP 1454 */ 1455 enum mei_cb_file_ops mei_cl_notify_req2fop(u8 req) 1456 { 1457 if (req == MEI_HBM_NOTIFICATION_START) 1458 return MEI_FOP_NOTIFY_START; 1459 else 1460 return MEI_FOP_NOTIFY_STOP; 1461 } 1462 1463 /** 1464 * mei_cl_irq_notify - send notification request in irq_thread context 1465 * 1466 * @cl: client 1467 * @cb: callback block. 1468 * @cmpl_list: complete list. 1469 * 1470 * Return: 0 on such and error otherwise. 1471 */ 1472 int mei_cl_irq_notify(struct mei_cl *cl, struct mei_cl_cb *cb, 1473 struct list_head *cmpl_list) 1474 { 1475 struct mei_device *dev = cl->dev; 1476 u32 msg_slots; 1477 int slots; 1478 int ret; 1479 bool request; 1480 1481 msg_slots = mei_hbm2slots(sizeof(struct hbm_client_connect_request)); 1482 slots = mei_hbuf_empty_slots(dev); 1483 if (slots < 0) 1484 return -EOVERFLOW; 1485 1486 if ((u32)slots < msg_slots) 1487 return -EMSGSIZE; 1488 1489 request = mei_cl_notify_fop2req(cb->fop_type); 1490 ret = mei_hbm_cl_notify_req(dev, cl, request); 1491 if (ret) { 1492 cl->status = ret; 1493 list_move_tail(&cb->list, cmpl_list); 1494 return ret; 1495 } 1496 1497 list_move_tail(&cb->list, &dev->ctrl_rd_list); 1498 return 0; 1499 } 1500 1501 /** 1502 * mei_cl_notify_request - send notification stop/start request 1503 * 1504 * @cl: host client 1505 * @fp: associate request with file 1506 * @request: 1 for start or 0 for stop 1507 * 1508 * Locking: called under "dev->device_lock" lock 1509 * 1510 * Return: 0 on such and error otherwise. 1511 */ 1512 int mei_cl_notify_request(struct mei_cl *cl, 1513 const struct file *fp, u8 request) 1514 { 1515 struct mei_device *dev; 1516 struct mei_cl_cb *cb; 1517 enum mei_cb_file_ops fop_type; 1518 int rets; 1519 1520 if (WARN_ON(!cl || !cl->dev)) 1521 return -ENODEV; 1522 1523 dev = cl->dev; 1524 1525 if (!dev->hbm_f_ev_supported) { 1526 cl_dbg(dev, cl, "notifications not supported\n"); 1527 return -EOPNOTSUPP; 1528 } 1529 1530 if (!mei_cl_is_connected(cl)) 1531 return -ENODEV; 1532 1533 rets = pm_runtime_get(dev->dev); 1534 if (rets < 0 && rets != -EINPROGRESS) { 1535 pm_runtime_put_noidle(dev->dev); 1536 cl_err(dev, cl, "rpm: get failed %d\n", rets); 1537 return rets; 1538 } 1539 1540 fop_type = mei_cl_notify_req2fop(request); 1541 cb = mei_cl_enqueue_ctrl_wr_cb(cl, 0, fop_type, fp); 1542 if (!cb) { 1543 rets = -ENOMEM; 1544 goto out; 1545 } 1546 1547 if (mei_hbuf_acquire(dev)) { 1548 if (mei_hbm_cl_notify_req(dev, cl, request)) { 1549 rets = -ENODEV; 1550 goto out; 1551 } 1552 list_move_tail(&cb->list, &dev->ctrl_rd_list); 1553 } 1554 1555 mutex_unlock(&dev->device_lock); 1556 wait_event_timeout(cl->wait, 1557 cl->notify_en == request || 1558 cl->status || 1559 !mei_cl_is_connected(cl), 1560 mei_secs_to_jiffies(MEI_CL_CONNECT_TIMEOUT)); 1561 mutex_lock(&dev->device_lock); 1562 1563 if (cl->notify_en != request && !cl->status) 1564 cl->status = -EFAULT; 1565 1566 rets = cl->status; 1567 1568 out: 1569 cl_dbg(dev, cl, "rpm: autosuspend\n"); 1570 pm_runtime_mark_last_busy(dev->dev); 1571 pm_runtime_put_autosuspend(dev->dev); 1572 1573 mei_io_cb_free(cb); 1574 return rets; 1575 } 1576 1577 /** 1578 * mei_cl_notify - raise notification 1579 * 1580 * @cl: host client 1581 * 1582 * Locking: called under "dev->device_lock" lock 1583 */ 1584 void mei_cl_notify(struct mei_cl *cl) 1585 { 1586 struct mei_device *dev; 1587 1588 if (!cl || !cl->dev) 1589 return; 1590 1591 dev = cl->dev; 1592 1593 if (!cl->notify_en) 1594 return; 1595 1596 cl_dbg(dev, cl, "notify event"); 1597 cl->notify_ev = true; 1598 if (!mei_cl_bus_notify_event(cl)) 1599 wake_up_interruptible(&cl->ev_wait); 1600 1601 if (cl->ev_async) 1602 kill_fasync(&cl->ev_async, SIGIO, POLL_PRI); 1603 1604 } 1605 1606 /** 1607 * mei_cl_notify_get - get or wait for notification event 1608 * 1609 * @cl: host client 1610 * @block: this request is blocking 1611 * @notify_ev: true if notification event was received 1612 * 1613 * Locking: called under "dev->device_lock" lock 1614 * 1615 * Return: 0 on such and error otherwise. 1616 */ 1617 int mei_cl_notify_get(struct mei_cl *cl, bool block, bool *notify_ev) 1618 { 1619 struct mei_device *dev; 1620 int rets; 1621 1622 *notify_ev = false; 1623 1624 if (WARN_ON(!cl || !cl->dev)) 1625 return -ENODEV; 1626 1627 dev = cl->dev; 1628 1629 if (!dev->hbm_f_ev_supported) { 1630 cl_dbg(dev, cl, "notifications not supported\n"); 1631 return -EOPNOTSUPP; 1632 } 1633 1634 if (!mei_cl_is_connected(cl)) 1635 return -ENODEV; 1636 1637 if (cl->notify_ev) 1638 goto out; 1639 1640 if (!block) 1641 return -EAGAIN; 1642 1643 mutex_unlock(&dev->device_lock); 1644 rets = wait_event_interruptible(cl->ev_wait, cl->notify_ev); 1645 mutex_lock(&dev->device_lock); 1646 1647 if (rets < 0) 1648 return rets; 1649 1650 out: 1651 *notify_ev = cl->notify_ev; 1652 cl->notify_ev = false; 1653 return 0; 1654 } 1655 1656 /** 1657 * mei_cl_read_start - the start read client message function. 1658 * 1659 * @cl: host client 1660 * @length: number of bytes to read 1661 * @fp: pointer to file structure 1662 * 1663 * Return: 0 on success, <0 on failure. 1664 */ 1665 int mei_cl_read_start(struct mei_cl *cl, size_t length, const struct file *fp) 1666 { 1667 struct mei_device *dev; 1668 struct mei_cl_cb *cb; 1669 int rets; 1670 1671 if (WARN_ON(!cl || !cl->dev)) 1672 return -ENODEV; 1673 1674 dev = cl->dev; 1675 1676 if (!mei_cl_is_connected(cl)) 1677 return -ENODEV; 1678 1679 if (!mei_me_cl_is_active(cl->me_cl)) { 1680 cl_err(dev, cl, "no such me client\n"); 1681 return -ENOTTY; 1682 } 1683 1684 if (mei_cl_is_fixed_address(cl)) 1685 return 0; 1686 1687 /* HW currently supports only one pending read */ 1688 if (cl->rx_flow_ctrl_creds) { 1689 mei_cl_set_read_by_fp(cl, fp); 1690 return -EBUSY; 1691 } 1692 1693 cb = mei_cl_enqueue_ctrl_wr_cb(cl, length, MEI_FOP_READ, fp); 1694 if (!cb) 1695 return -ENOMEM; 1696 1697 mei_cl_set_read_by_fp(cl, fp); 1698 1699 rets = pm_runtime_get(dev->dev); 1700 if (rets < 0 && rets != -EINPROGRESS) { 1701 pm_runtime_put_noidle(dev->dev); 1702 cl_err(dev, cl, "rpm: get failed %d\n", rets); 1703 goto nortpm; 1704 } 1705 1706 rets = 0; 1707 if (mei_hbuf_acquire(dev)) { 1708 rets = mei_hbm_cl_flow_control_req(dev, cl); 1709 if (rets < 0) 1710 goto out; 1711 1712 list_move_tail(&cb->list, &cl->rd_pending); 1713 } 1714 cl->rx_flow_ctrl_creds++; 1715 1716 out: 1717 cl_dbg(dev, cl, "rpm: autosuspend\n"); 1718 pm_runtime_mark_last_busy(dev->dev); 1719 pm_runtime_put_autosuspend(dev->dev); 1720 nortpm: 1721 if (rets) 1722 mei_io_cb_free(cb); 1723 1724 return rets; 1725 } 1726 1727 static inline u8 mei_ext_hdr_set_vtag(struct mei_ext_hdr *ext, u8 vtag) 1728 { 1729 ext->type = MEI_EXT_HDR_VTAG; 1730 ext->ext_payload[0] = vtag; 1731 ext->length = mei_data2slots(sizeof(*ext)); 1732 return ext->length; 1733 } 1734 1735 /** 1736 * mei_msg_hdr_init - allocate and initialize mei message header 1737 * 1738 * @cb: message callback structure 1739 * 1740 * Return: a pointer to initialized header 1741 */ 1742 static struct mei_msg_hdr *mei_msg_hdr_init(const struct mei_cl_cb *cb) 1743 { 1744 size_t hdr_len; 1745 struct mei_ext_meta_hdr *meta; 1746 struct mei_ext_hdr *ext; 1747 struct mei_msg_hdr *mei_hdr; 1748 bool is_ext, is_vtag; 1749 1750 if (!cb) 1751 return ERR_PTR(-EINVAL); 1752 1753 /* Extended header for vtag is attached only on the first fragment */ 1754 is_vtag = (cb->vtag && cb->buf_idx == 0); 1755 is_ext = is_vtag; 1756 1757 /* Compute extended header size */ 1758 hdr_len = sizeof(*mei_hdr); 1759 1760 if (!is_ext) 1761 goto setup_hdr; 1762 1763 hdr_len += sizeof(*meta); 1764 if (is_vtag) 1765 hdr_len += sizeof(*ext); 1766 1767 setup_hdr: 1768 mei_hdr = kzalloc(hdr_len, GFP_KERNEL); 1769 if (!mei_hdr) 1770 return ERR_PTR(-ENOMEM); 1771 1772 mei_hdr->host_addr = mei_cl_host_addr(cb->cl); 1773 mei_hdr->me_addr = mei_cl_me_id(cb->cl); 1774 mei_hdr->internal = cb->internal; 1775 mei_hdr->extended = is_ext; 1776 1777 if (!is_ext) 1778 goto out; 1779 1780 meta = (struct mei_ext_meta_hdr *)mei_hdr->extension; 1781 if (is_vtag) { 1782 meta->count++; 1783 meta->size += mei_ext_hdr_set_vtag(meta->hdrs, cb->vtag); 1784 } 1785 out: 1786 mei_hdr->length = hdr_len - sizeof(*mei_hdr); 1787 return mei_hdr; 1788 } 1789 1790 /** 1791 * mei_cl_irq_write - write a message to device 1792 * from the interrupt thread context 1793 * 1794 * @cl: client 1795 * @cb: callback block. 1796 * @cmpl_list: complete list. 1797 * 1798 * Return: 0, OK; otherwise error. 1799 */ 1800 int mei_cl_irq_write(struct mei_cl *cl, struct mei_cl_cb *cb, 1801 struct list_head *cmpl_list) 1802 { 1803 struct mei_device *dev; 1804 struct mei_msg_data *buf; 1805 struct mei_msg_hdr *mei_hdr = NULL; 1806 size_t hdr_len; 1807 size_t hbuf_len, dr_len; 1808 size_t buf_len; 1809 size_t data_len; 1810 int hbuf_slots; 1811 u32 dr_slots; 1812 u32 dma_len; 1813 int rets; 1814 bool first_chunk; 1815 const void *data; 1816 1817 if (WARN_ON(!cl || !cl->dev)) 1818 return -ENODEV; 1819 1820 dev = cl->dev; 1821 1822 buf = &cb->buf; 1823 1824 first_chunk = cb->buf_idx == 0; 1825 1826 rets = first_chunk ? mei_cl_tx_flow_ctrl_creds(cl) : 1; 1827 if (rets < 0) 1828 goto err; 1829 1830 if (rets == 0) { 1831 cl_dbg(dev, cl, "No flow control credentials: not sending.\n"); 1832 return 0; 1833 } 1834 1835 buf_len = buf->size - cb->buf_idx; 1836 data = buf->data + cb->buf_idx; 1837 hbuf_slots = mei_hbuf_empty_slots(dev); 1838 if (hbuf_slots < 0) { 1839 rets = -EOVERFLOW; 1840 goto err; 1841 } 1842 1843 hbuf_len = mei_slots2data(hbuf_slots) & MEI_MSG_MAX_LEN_MASK; 1844 dr_slots = mei_dma_ring_empty_slots(dev); 1845 dr_len = mei_slots2data(dr_slots); 1846 1847 mei_hdr = mei_msg_hdr_init(cb); 1848 if (IS_ERR(mei_hdr)) { 1849 rets = PTR_ERR(mei_hdr); 1850 mei_hdr = NULL; 1851 goto err; 1852 } 1853 1854 cl_dbg(dev, cl, "Extended Header %d vtag = %d\n", 1855 mei_hdr->extended, cb->vtag); 1856 1857 hdr_len = sizeof(*mei_hdr) + mei_hdr->length; 1858 1859 /** 1860 * Split the message only if we can write the whole host buffer 1861 * otherwise wait for next time the host buffer is empty. 1862 */ 1863 if (hdr_len + buf_len <= hbuf_len) { 1864 data_len = buf_len; 1865 mei_hdr->msg_complete = 1; 1866 } else if (dr_slots && hbuf_len >= hdr_len + sizeof(dma_len)) { 1867 mei_hdr->dma_ring = 1; 1868 if (buf_len > dr_len) 1869 buf_len = dr_len; 1870 else 1871 mei_hdr->msg_complete = 1; 1872 1873 data_len = sizeof(dma_len); 1874 dma_len = buf_len; 1875 data = &dma_len; 1876 } else if ((u32)hbuf_slots == mei_hbuf_depth(dev)) { 1877 buf_len = hbuf_len - hdr_len; 1878 data_len = buf_len; 1879 } else { 1880 kfree(mei_hdr); 1881 return 0; 1882 } 1883 mei_hdr->length += data_len; 1884 1885 if (mei_hdr->dma_ring) 1886 mei_dma_ring_write(dev, buf->data + cb->buf_idx, buf_len); 1887 rets = mei_write_message(dev, mei_hdr, hdr_len, data, data_len); 1888 1889 if (rets) 1890 goto err; 1891 1892 cl->status = 0; 1893 cl->writing_state = MEI_WRITING; 1894 cb->buf_idx += buf_len; 1895 1896 if (first_chunk) { 1897 if (mei_cl_tx_flow_ctrl_creds_reduce(cl)) { 1898 rets = -EIO; 1899 goto err; 1900 } 1901 } 1902 1903 if (mei_hdr->msg_complete) 1904 list_move_tail(&cb->list, &dev->write_waiting_list); 1905 1906 kfree(mei_hdr); 1907 return 0; 1908 1909 err: 1910 kfree(mei_hdr); 1911 cl->status = rets; 1912 list_move_tail(&cb->list, cmpl_list); 1913 return rets; 1914 } 1915 1916 /** 1917 * mei_cl_write - submit a write cb to mei device 1918 * assumes device_lock is locked 1919 * 1920 * @cl: host client 1921 * @cb: write callback with filled data 1922 * 1923 * Return: number of bytes sent on success, <0 on failure. 1924 */ 1925 ssize_t mei_cl_write(struct mei_cl *cl, struct mei_cl_cb *cb) 1926 { 1927 struct mei_device *dev; 1928 struct mei_msg_data *buf; 1929 struct mei_msg_hdr *mei_hdr = NULL; 1930 size_t hdr_len; 1931 size_t hbuf_len, dr_len; 1932 size_t buf_len; 1933 size_t data_len; 1934 int hbuf_slots; 1935 u32 dr_slots; 1936 u32 dma_len; 1937 ssize_t rets; 1938 bool blocking; 1939 const void *data; 1940 1941 if (WARN_ON(!cl || !cl->dev)) 1942 return -ENODEV; 1943 1944 if (WARN_ON(!cb)) 1945 return -EINVAL; 1946 1947 dev = cl->dev; 1948 1949 buf = &cb->buf; 1950 buf_len = buf->size; 1951 1952 cl_dbg(dev, cl, "buf_len=%zd\n", buf_len); 1953 1954 blocking = cb->blocking; 1955 data = buf->data; 1956 1957 rets = pm_runtime_get(dev->dev); 1958 if (rets < 0 && rets != -EINPROGRESS) { 1959 pm_runtime_put_noidle(dev->dev); 1960 cl_err(dev, cl, "rpm: get failed %zd\n", rets); 1961 goto free; 1962 } 1963 1964 cb->buf_idx = 0; 1965 cl->writing_state = MEI_IDLE; 1966 1967 1968 rets = mei_cl_tx_flow_ctrl_creds(cl); 1969 if (rets < 0) 1970 goto err; 1971 1972 mei_hdr = mei_msg_hdr_init(cb); 1973 if (IS_ERR(mei_hdr)) { 1974 rets = -PTR_ERR(mei_hdr); 1975 mei_hdr = NULL; 1976 goto err; 1977 } 1978 1979 cl_dbg(dev, cl, "Extended Header %d vtag = %d\n", 1980 mei_hdr->extended, cb->vtag); 1981 1982 hdr_len = sizeof(*mei_hdr) + mei_hdr->length; 1983 1984 if (rets == 0) { 1985 cl_dbg(dev, cl, "No flow control credentials: not sending.\n"); 1986 rets = buf_len; 1987 goto out; 1988 } 1989 1990 if (!mei_hbuf_acquire(dev)) { 1991 cl_dbg(dev, cl, "Cannot acquire the host buffer: not sending.\n"); 1992 rets = buf_len; 1993 goto out; 1994 } 1995 1996 hbuf_slots = mei_hbuf_empty_slots(dev); 1997 if (hbuf_slots < 0) { 1998 rets = -EOVERFLOW; 1999 goto out; 2000 } 2001 2002 hbuf_len = mei_slots2data(hbuf_slots) & MEI_MSG_MAX_LEN_MASK; 2003 dr_slots = mei_dma_ring_empty_slots(dev); 2004 dr_len = mei_slots2data(dr_slots); 2005 2006 if (hdr_len + buf_len <= hbuf_len) { 2007 data_len = buf_len; 2008 mei_hdr->msg_complete = 1; 2009 } else if (dr_slots && hbuf_len >= hdr_len + sizeof(dma_len)) { 2010 mei_hdr->dma_ring = 1; 2011 if (buf_len > dr_len) 2012 buf_len = dr_len; 2013 else 2014 mei_hdr->msg_complete = 1; 2015 2016 data_len = sizeof(dma_len); 2017 dma_len = buf_len; 2018 data = &dma_len; 2019 } else { 2020 buf_len = hbuf_len - hdr_len; 2021 data_len = buf_len; 2022 } 2023 2024 mei_hdr->length += data_len; 2025 2026 if (mei_hdr->dma_ring) 2027 mei_dma_ring_write(dev, buf->data, buf_len); 2028 rets = mei_write_message(dev, mei_hdr, hdr_len, data, data_len); 2029 2030 if (rets) 2031 goto err; 2032 2033 rets = mei_cl_tx_flow_ctrl_creds_reduce(cl); 2034 if (rets) 2035 goto err; 2036 2037 cl->writing_state = MEI_WRITING; 2038 cb->buf_idx = buf_len; 2039 /* restore return value */ 2040 buf_len = buf->size; 2041 2042 out: 2043 if (mei_hdr->msg_complete) 2044 mei_tx_cb_enqueue(cb, &dev->write_waiting_list); 2045 else 2046 mei_tx_cb_enqueue(cb, &dev->write_list); 2047 2048 cb = NULL; 2049 if (blocking && cl->writing_state != MEI_WRITE_COMPLETE) { 2050 2051 mutex_unlock(&dev->device_lock); 2052 rets = wait_event_interruptible(cl->tx_wait, 2053 cl->writing_state == MEI_WRITE_COMPLETE || 2054 (!mei_cl_is_connected(cl))); 2055 mutex_lock(&dev->device_lock); 2056 /* wait_event_interruptible returns -ERESTARTSYS */ 2057 if (rets) { 2058 if (signal_pending(current)) 2059 rets = -EINTR; 2060 goto err; 2061 } 2062 if (cl->writing_state != MEI_WRITE_COMPLETE) { 2063 rets = -EFAULT; 2064 goto err; 2065 } 2066 } 2067 2068 rets = buf_len; 2069 err: 2070 cl_dbg(dev, cl, "rpm: autosuspend\n"); 2071 pm_runtime_mark_last_busy(dev->dev); 2072 pm_runtime_put_autosuspend(dev->dev); 2073 free: 2074 mei_io_cb_free(cb); 2075 2076 kfree(mei_hdr); 2077 2078 return rets; 2079 } 2080 2081 /** 2082 * mei_cl_complete - processes completed operation for a client 2083 * 2084 * @cl: private data of the file object. 2085 * @cb: callback block. 2086 */ 2087 void mei_cl_complete(struct mei_cl *cl, struct mei_cl_cb *cb) 2088 { 2089 struct mei_device *dev = cl->dev; 2090 2091 switch (cb->fop_type) { 2092 case MEI_FOP_WRITE: 2093 mei_tx_cb_dequeue(cb); 2094 cl->writing_state = MEI_WRITE_COMPLETE; 2095 if (waitqueue_active(&cl->tx_wait)) { 2096 wake_up_interruptible(&cl->tx_wait); 2097 } else { 2098 pm_runtime_mark_last_busy(dev->dev); 2099 pm_request_autosuspend(dev->dev); 2100 } 2101 break; 2102 2103 case MEI_FOP_READ: 2104 mei_cl_add_rd_completed(cl, cb); 2105 if (!mei_cl_is_fixed_address(cl) && 2106 !WARN_ON(!cl->rx_flow_ctrl_creds)) 2107 cl->rx_flow_ctrl_creds--; 2108 if (!mei_cl_bus_rx_event(cl)) 2109 wake_up_interruptible(&cl->rx_wait); 2110 break; 2111 2112 case MEI_FOP_CONNECT: 2113 case MEI_FOP_DISCONNECT: 2114 case MEI_FOP_NOTIFY_STOP: 2115 case MEI_FOP_NOTIFY_START: 2116 if (waitqueue_active(&cl->wait)) 2117 wake_up(&cl->wait); 2118 2119 break; 2120 case MEI_FOP_DISCONNECT_RSP: 2121 mei_io_cb_free(cb); 2122 mei_cl_set_disconnected(cl); 2123 break; 2124 default: 2125 BUG_ON(0); 2126 } 2127 } 2128 2129 2130 /** 2131 * mei_cl_all_disconnect - disconnect forcefully all connected clients 2132 * 2133 * @dev: mei device 2134 */ 2135 void mei_cl_all_disconnect(struct mei_device *dev) 2136 { 2137 struct mei_cl *cl; 2138 2139 list_for_each_entry(cl, &dev->file_list, link) 2140 mei_cl_set_disconnected(cl); 2141 } 2142