0001
0002
0003
0004
0005
0006
0007
0008
0009
0010 #define pr_fmt(fmt) KBUILD_MODNAME ":OPAL: " fmt
0011
0012 #include <linux/delay.h>
0013 #include <linux/device.h>
0014 #include <linux/kernel.h>
0015 #include <linux/list.h>
0016 #include <linux/blkdev.h>
0017 #include <linux/slab.h>
0018 #include <linux/uaccess.h>
0019 #include <uapi/linux/sed-opal.h>
0020 #include <linux/sed-opal.h>
0021 #include <linux/string.h>
0022 #include <linux/kdev_t.h>
0023
0024 #include "opal_proto.h"
0025
0026 #define IO_BUFFER_LENGTH 2048
0027 #define MAX_TOKS 64
0028
0029
0030 #define CMD_FINALIZE_BYTES_NEEDED 7
0031
0032 struct opal_step {
0033 int (*fn)(struct opal_dev *dev, void *data);
0034 void *data;
0035 };
0036 typedef int (cont_fn)(struct opal_dev *dev);
0037
0038 enum opal_atom_width {
0039 OPAL_WIDTH_TINY,
0040 OPAL_WIDTH_SHORT,
0041 OPAL_WIDTH_MEDIUM,
0042 OPAL_WIDTH_LONG,
0043 OPAL_WIDTH_TOKEN
0044 };
0045
0046
0047
0048
0049
0050
0051
0052 struct opal_resp_tok {
0053 const u8 *pos;
0054 size_t len;
0055 enum opal_response_token type;
0056 enum opal_atom_width width;
0057 union {
0058 u64 u;
0059 s64 s;
0060 } stored;
0061 };
0062
0063
0064
0065
0066
0067
0068
0069
0070
0071 struct parsed_resp {
0072 int num;
0073 struct opal_resp_tok toks[MAX_TOKS];
0074 };
0075
0076 struct opal_dev {
0077 bool supported;
0078 bool mbr_enabled;
0079
0080 void *data;
0081 sec_send_recv *send_recv;
0082
0083 struct mutex dev_lock;
0084 u16 comid;
0085 u32 hsn;
0086 u32 tsn;
0087 u64 align;
0088 u64 lowest_lba;
0089
0090 size_t pos;
0091 u8 cmd[IO_BUFFER_LENGTH];
0092 u8 resp[IO_BUFFER_LENGTH];
0093
0094 struct parsed_resp parsed;
0095 size_t prev_d_len;
0096 void *prev_data;
0097
0098 struct list_head unlk_lst;
0099 };
0100
0101
0102 static const u8 opaluid[][OPAL_UID_LENGTH] = {
0103
0104 [OPAL_SMUID_UID] =
0105 { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff },
0106 [OPAL_THISSP_UID] =
0107 { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 },
0108 [OPAL_ADMINSP_UID] =
0109 { 0x00, 0x00, 0x02, 0x05, 0x00, 0x00, 0x00, 0x01 },
0110 [OPAL_LOCKINGSP_UID] =
0111 { 0x00, 0x00, 0x02, 0x05, 0x00, 0x00, 0x00, 0x02 },
0112 [OPAL_ENTERPRISE_LOCKINGSP_UID] =
0113 { 0x00, 0x00, 0x02, 0x05, 0x00, 0x01, 0x00, 0x01 },
0114 [OPAL_ANYBODY_UID] =
0115 { 0x00, 0x00, 0x00, 0x09, 0x00, 0x00, 0x00, 0x01 },
0116 [OPAL_SID_UID] =
0117 { 0x00, 0x00, 0x00, 0x09, 0x00, 0x00, 0x00, 0x06 },
0118 [OPAL_ADMIN1_UID] =
0119 { 0x00, 0x00, 0x00, 0x09, 0x00, 0x01, 0x00, 0x01 },
0120 [OPAL_USER1_UID] =
0121 { 0x00, 0x00, 0x00, 0x09, 0x00, 0x03, 0x00, 0x01 },
0122 [OPAL_USER2_UID] =
0123 { 0x00, 0x00, 0x00, 0x09, 0x00, 0x03, 0x00, 0x02 },
0124 [OPAL_PSID_UID] =
0125 { 0x00, 0x00, 0x00, 0x09, 0x00, 0x01, 0xff, 0x01 },
0126 [OPAL_ENTERPRISE_BANDMASTER0_UID] =
0127 { 0x00, 0x00, 0x00, 0x09, 0x00, 0x00, 0x80, 0x01 },
0128 [OPAL_ENTERPRISE_ERASEMASTER_UID] =
0129 { 0x00, 0x00, 0x00, 0x09, 0x00, 0x00, 0x84, 0x01 },
0130
0131
0132 [OPAL_TABLE_TABLE] =
0133 { 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x01 },
0134 [OPAL_LOCKINGRANGE_GLOBAL] =
0135 { 0x00, 0x00, 0x08, 0x02, 0x00, 0x00, 0x00, 0x01 },
0136 [OPAL_LOCKINGRANGE_ACE_RDLOCKED] =
0137 { 0x00, 0x00, 0x00, 0x08, 0x00, 0x03, 0xE0, 0x01 },
0138 [OPAL_LOCKINGRANGE_ACE_WRLOCKED] =
0139 { 0x00, 0x00, 0x00, 0x08, 0x00, 0x03, 0xE8, 0x01 },
0140 [OPAL_MBRCONTROL] =
0141 { 0x00, 0x00, 0x08, 0x03, 0x00, 0x00, 0x00, 0x01 },
0142 [OPAL_MBR] =
0143 { 0x00, 0x00, 0x08, 0x04, 0x00, 0x00, 0x00, 0x00 },
0144 [OPAL_AUTHORITY_TABLE] =
0145 { 0x00, 0x00, 0x00, 0x09, 0x00, 0x00, 0x00, 0x00},
0146 [OPAL_C_PIN_TABLE] =
0147 { 0x00, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0x00},
0148 [OPAL_LOCKING_INFO_TABLE] =
0149 { 0x00, 0x00, 0x08, 0x01, 0x00, 0x00, 0x00, 0x01 },
0150 [OPAL_ENTERPRISE_LOCKING_INFO_TABLE] =
0151 { 0x00, 0x00, 0x08, 0x01, 0x00, 0x00, 0x00, 0x00 },
0152 [OPAL_DATASTORE] =
0153 { 0x00, 0x00, 0x10, 0x01, 0x00, 0x00, 0x00, 0x00 },
0154
0155
0156 [OPAL_C_PIN_MSID] =
0157 { 0x00, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x84, 0x02},
0158 [OPAL_C_PIN_SID] =
0159 { 0x00, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0x01},
0160 [OPAL_C_PIN_ADMIN1] =
0161 { 0x00, 0x00, 0x00, 0x0B, 0x00, 0x01, 0x00, 0x01},
0162
0163
0164 [OPAL_HALF_UID_AUTHORITY_OBJ_REF] =
0165 { 0x00, 0x00, 0x0C, 0x05, 0xff, 0xff, 0xff, 0xff },
0166 [OPAL_HALF_UID_BOOLEAN_ACE] =
0167 { 0x00, 0x00, 0x04, 0x0E, 0xff, 0xff, 0xff, 0xff },
0168
0169
0170 [OPAL_UID_HEXFF] =
0171 { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff},
0172 };
0173
0174
0175
0176
0177
0178
0179 static const u8 opalmethod[][OPAL_METHOD_LENGTH] = {
0180 [OPAL_PROPERTIES] =
0181 { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0x01 },
0182 [OPAL_STARTSESSION] =
0183 { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0x02 },
0184 [OPAL_REVERT] =
0185 { 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x02, 0x02 },
0186 [OPAL_ACTIVATE] =
0187 { 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x02, 0x03 },
0188 [OPAL_EGET] =
0189 { 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x06 },
0190 [OPAL_ESET] =
0191 { 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x07 },
0192 [OPAL_NEXT] =
0193 { 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x08 },
0194 [OPAL_EAUTHENTICATE] =
0195 { 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x0c },
0196 [OPAL_GETACL] =
0197 { 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x0d },
0198 [OPAL_GENKEY] =
0199 { 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x10 },
0200 [OPAL_REVERTSP] =
0201 { 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x11 },
0202 [OPAL_GET] =
0203 { 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x16 },
0204 [OPAL_SET] =
0205 { 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x17 },
0206 [OPAL_AUTHENTICATE] =
0207 { 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x1c },
0208 [OPAL_RANDOM] =
0209 { 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x06, 0x01 },
0210 [OPAL_ERASE] =
0211 { 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x08, 0x03 },
0212 };
0213
0214 static int end_opal_session_error(struct opal_dev *dev);
0215 static int opal_discovery0_step(struct opal_dev *dev);
0216
0217 struct opal_suspend_data {
0218 struct opal_lock_unlock unlk;
0219 u8 lr;
0220 struct list_head node;
0221 };
0222
0223
0224
0225
0226
0227
0228 static const char * const opal_errors[] = {
0229 "Success",
0230 "Not Authorized",
0231 "Unknown Error",
0232 "SP Busy",
0233 "SP Failed",
0234 "SP Disabled",
0235 "SP Frozen",
0236 "No Sessions Available",
0237 "Uniqueness Conflict",
0238 "Insufficient Space",
0239 "Insufficient Rows",
0240 "Invalid Function",
0241 "Invalid Parameter",
0242 "Invalid Reference",
0243 "Unknown Error",
0244 "TPER Malfunction",
0245 "Transaction Failure",
0246 "Response Overflow",
0247 "Authority Locked Out",
0248 };
0249
0250 static const char *opal_error_to_human(int error)
0251 {
0252 if (error == 0x3f)
0253 return "Failed";
0254
0255 if (error >= ARRAY_SIZE(opal_errors) || error < 0)
0256 return "Unknown Error";
0257
0258 return opal_errors[error];
0259 }
0260
0261 static void print_buffer(const u8 *ptr, u32 length)
0262 {
0263 #ifdef DEBUG
0264 print_hex_dump_bytes("OPAL: ", DUMP_PREFIX_OFFSET, ptr, length);
0265 pr_debug("\n");
0266 #endif
0267 }
0268
0269 static bool check_tper(const void *data)
0270 {
0271 const struct d0_tper_features *tper = data;
0272 u8 flags = tper->supported_features;
0273
0274 if (!(flags & TPER_SYNC_SUPPORTED)) {
0275 pr_debug("TPer sync not supported. flags = %d\n",
0276 tper->supported_features);
0277 return false;
0278 }
0279
0280 return true;
0281 }
0282
0283 static bool check_mbrenabled(const void *data)
0284 {
0285 const struct d0_locking_features *lfeat = data;
0286 u8 sup_feat = lfeat->supported_features;
0287
0288 return !!(sup_feat & MBR_ENABLED_MASK);
0289 }
0290
0291 static bool check_sum(const void *data)
0292 {
0293 const struct d0_single_user_mode *sum = data;
0294 u32 nlo = be32_to_cpu(sum->num_locking_objects);
0295
0296 if (nlo == 0) {
0297 pr_debug("Need at least one locking object.\n");
0298 return false;
0299 }
0300
0301 pr_debug("Number of locking objects: %d\n", nlo);
0302
0303 return true;
0304 }
0305
0306 static u16 get_comid_v100(const void *data)
0307 {
0308 const struct d0_opal_v100 *v100 = data;
0309
0310 return be16_to_cpu(v100->baseComID);
0311 }
0312
0313 static u16 get_comid_v200(const void *data)
0314 {
0315 const struct d0_opal_v200 *v200 = data;
0316
0317 return be16_to_cpu(v200->baseComID);
0318 }
0319
0320 static int opal_send_cmd(struct opal_dev *dev)
0321 {
0322 return dev->send_recv(dev->data, dev->comid, TCG_SECP_01,
0323 dev->cmd, IO_BUFFER_LENGTH,
0324 true);
0325 }
0326
0327 static int opal_recv_cmd(struct opal_dev *dev)
0328 {
0329 return dev->send_recv(dev->data, dev->comid, TCG_SECP_01,
0330 dev->resp, IO_BUFFER_LENGTH,
0331 false);
0332 }
0333
0334 static int opal_recv_check(struct opal_dev *dev)
0335 {
0336 size_t buflen = IO_BUFFER_LENGTH;
0337 void *buffer = dev->resp;
0338 struct opal_header *hdr = buffer;
0339 int ret;
0340
0341 do {
0342 pr_debug("Sent OPAL command: outstanding=%d, minTransfer=%d\n",
0343 hdr->cp.outstandingData,
0344 hdr->cp.minTransfer);
0345
0346 if (hdr->cp.outstandingData == 0 ||
0347 hdr->cp.minTransfer != 0)
0348 return 0;
0349
0350 memset(buffer, 0, buflen);
0351 ret = opal_recv_cmd(dev);
0352 } while (!ret);
0353
0354 return ret;
0355 }
0356
0357 static int opal_send_recv(struct opal_dev *dev, cont_fn *cont)
0358 {
0359 int ret;
0360
0361 ret = opal_send_cmd(dev);
0362 if (ret)
0363 return ret;
0364 ret = opal_recv_cmd(dev);
0365 if (ret)
0366 return ret;
0367 ret = opal_recv_check(dev);
0368 if (ret)
0369 return ret;
0370 return cont(dev);
0371 }
0372
0373 static void check_geometry(struct opal_dev *dev, const void *data)
0374 {
0375 const struct d0_geometry_features *geo = data;
0376
0377 dev->align = be64_to_cpu(geo->alignment_granularity);
0378 dev->lowest_lba = be64_to_cpu(geo->lowest_aligned_lba);
0379 }
0380
0381 static int execute_step(struct opal_dev *dev,
0382 const struct opal_step *step, size_t stepIndex)
0383 {
0384 int error = step->fn(dev, step->data);
0385
0386 if (error) {
0387 pr_debug("Step %zu (%pS) failed with error %d: %s\n",
0388 stepIndex, step->fn, error,
0389 opal_error_to_human(error));
0390 }
0391
0392 return error;
0393 }
0394
0395 static int execute_steps(struct opal_dev *dev,
0396 const struct opal_step *steps, size_t n_steps)
0397 {
0398 size_t state = 0;
0399 int error;
0400
0401
0402 error = opal_discovery0_step(dev);
0403 if (error)
0404 return error;
0405
0406 for (state = 0; state < n_steps; state++) {
0407 error = execute_step(dev, &steps[state], state);
0408 if (error)
0409 goto out_error;
0410 }
0411
0412 return 0;
0413
0414 out_error:
0415
0416
0417
0418
0419
0420
0421
0422
0423 if (state > 0)
0424 end_opal_session_error(dev);
0425
0426 return error;
0427 }
0428
0429 static int opal_discovery0_end(struct opal_dev *dev)
0430 {
0431 bool found_com_id = false, supported = true, single_user = false;
0432 const struct d0_header *hdr = (struct d0_header *)dev->resp;
0433 const u8 *epos = dev->resp, *cpos = dev->resp;
0434 u16 comid = 0;
0435 u32 hlen = be32_to_cpu(hdr->length);
0436
0437 print_buffer(dev->resp, hlen);
0438 dev->mbr_enabled = false;
0439
0440 if (hlen > IO_BUFFER_LENGTH - sizeof(*hdr)) {
0441 pr_debug("Discovery length overflows buffer (%zu+%u)/%u\n",
0442 sizeof(*hdr), hlen, IO_BUFFER_LENGTH);
0443 return -EFAULT;
0444 }
0445
0446 epos += hlen;
0447 cpos += sizeof(*hdr);
0448
0449 while (cpos < epos && supported) {
0450 const struct d0_features *body =
0451 (const struct d0_features *)cpos;
0452
0453 switch (be16_to_cpu(body->code)) {
0454 case FC_TPER:
0455 supported = check_tper(body->features);
0456 break;
0457 case FC_SINGLEUSER:
0458 single_user = check_sum(body->features);
0459 break;
0460 case FC_GEOMETRY:
0461 check_geometry(dev, body);
0462 break;
0463 case FC_LOCKING:
0464 dev->mbr_enabled = check_mbrenabled(body->features);
0465 break;
0466 case FC_ENTERPRISE:
0467 case FC_DATASTORE:
0468
0469 pr_debug("Found OPAL feature description: %d\n",
0470 be16_to_cpu(body->code));
0471 break;
0472 case FC_OPALV100:
0473 comid = get_comid_v100(body->features);
0474 found_com_id = true;
0475 break;
0476 case FC_OPALV200:
0477 comid = get_comid_v200(body->features);
0478 found_com_id = true;
0479 break;
0480 case 0xbfff ... 0xffff:
0481
0482 break;
0483 default:
0484 pr_debug("OPAL Unknown feature: %d\n",
0485 be16_to_cpu(body->code));
0486
0487 }
0488 cpos += body->length + 4;
0489 }
0490
0491 if (!supported) {
0492 pr_debug("This device is not Opal enabled. Not Supported!\n");
0493 return -EOPNOTSUPP;
0494 }
0495
0496 if (!single_user)
0497 pr_debug("Device doesn't support single user mode\n");
0498
0499
0500 if (!found_com_id) {
0501 pr_debug("Could not find OPAL comid for device. Returning early\n");
0502 return -EOPNOTSUPP;
0503 }
0504
0505 dev->comid = comid;
0506
0507 return 0;
0508 }
0509
0510 static int opal_discovery0(struct opal_dev *dev, void *data)
0511 {
0512 int ret;
0513
0514 memset(dev->resp, 0, IO_BUFFER_LENGTH);
0515 dev->comid = OPAL_DISCOVERY_COMID;
0516 ret = opal_recv_cmd(dev);
0517 if (ret)
0518 return ret;
0519
0520 return opal_discovery0_end(dev);
0521 }
0522
0523 static int opal_discovery0_step(struct opal_dev *dev)
0524 {
0525 const struct opal_step discovery0_step = {
0526 opal_discovery0,
0527 };
0528
0529 return execute_step(dev, &discovery0_step, 0);
0530 }
0531
0532 static size_t remaining_size(struct opal_dev *cmd)
0533 {
0534 return IO_BUFFER_LENGTH - cmd->pos;
0535 }
0536
0537 static bool can_add(int *err, struct opal_dev *cmd, size_t len)
0538 {
0539 if (*err)
0540 return false;
0541
0542 if (remaining_size(cmd) < len) {
0543 pr_debug("Error adding %zu bytes: end of buffer.\n", len);
0544 *err = -ERANGE;
0545 return false;
0546 }
0547
0548 return true;
0549 }
0550
0551 static void add_token_u8(int *err, struct opal_dev *cmd, u8 tok)
0552 {
0553 if (!can_add(err, cmd, 1))
0554 return;
0555
0556 cmd->cmd[cmd->pos++] = tok;
0557 }
0558
0559 static void add_short_atom_header(struct opal_dev *cmd, bool bytestring,
0560 bool has_sign, int len)
0561 {
0562 u8 atom;
0563 int err = 0;
0564
0565 atom = SHORT_ATOM_ID;
0566 atom |= bytestring ? SHORT_ATOM_BYTESTRING : 0;
0567 atom |= has_sign ? SHORT_ATOM_SIGNED : 0;
0568 atom |= len & SHORT_ATOM_LEN_MASK;
0569
0570 add_token_u8(&err, cmd, atom);
0571 }
0572
0573 static void add_medium_atom_header(struct opal_dev *cmd, bool bytestring,
0574 bool has_sign, int len)
0575 {
0576 u8 header0;
0577
0578 header0 = MEDIUM_ATOM_ID;
0579 header0 |= bytestring ? MEDIUM_ATOM_BYTESTRING : 0;
0580 header0 |= has_sign ? MEDIUM_ATOM_SIGNED : 0;
0581 header0 |= (len >> 8) & MEDIUM_ATOM_LEN_MASK;
0582
0583 cmd->cmd[cmd->pos++] = header0;
0584 cmd->cmd[cmd->pos++] = len;
0585 }
0586
0587 static void add_token_u64(int *err, struct opal_dev *cmd, u64 number)
0588 {
0589 size_t len;
0590 int msb;
0591
0592 if (!(number & ~TINY_ATOM_DATA_MASK)) {
0593 add_token_u8(err, cmd, number);
0594 return;
0595 }
0596
0597 msb = fls64(number);
0598 len = DIV_ROUND_UP(msb, 8);
0599
0600 if (!can_add(err, cmd, len + 1)) {
0601 pr_debug("Error adding u64: end of buffer.\n");
0602 return;
0603 }
0604 add_short_atom_header(cmd, false, false, len);
0605 while (len--)
0606 add_token_u8(err, cmd, number >> (len * 8));
0607 }
0608
0609 static u8 *add_bytestring_header(int *err, struct opal_dev *cmd, size_t len)
0610 {
0611 size_t header_len = 1;
0612 bool is_short_atom = true;
0613
0614 if (len & ~SHORT_ATOM_LEN_MASK) {
0615 header_len = 2;
0616 is_short_atom = false;
0617 }
0618
0619 if (!can_add(err, cmd, header_len + len)) {
0620 pr_debug("Error adding bytestring: end of buffer.\n");
0621 return NULL;
0622 }
0623
0624 if (is_short_atom)
0625 add_short_atom_header(cmd, true, false, len);
0626 else
0627 add_medium_atom_header(cmd, true, false, len);
0628
0629 return &cmd->cmd[cmd->pos];
0630 }
0631
0632 static void add_token_bytestring(int *err, struct opal_dev *cmd,
0633 const u8 *bytestring, size_t len)
0634 {
0635 u8 *start;
0636
0637 start = add_bytestring_header(err, cmd, len);
0638 if (!start)
0639 return;
0640 memcpy(start, bytestring, len);
0641 cmd->pos += len;
0642 }
0643
0644 static int build_locking_range(u8 *buffer, size_t length, u8 lr)
0645 {
0646 if (length > OPAL_UID_LENGTH) {
0647 pr_debug("Can't build locking range. Length OOB\n");
0648 return -ERANGE;
0649 }
0650
0651 memcpy(buffer, opaluid[OPAL_LOCKINGRANGE_GLOBAL], OPAL_UID_LENGTH);
0652
0653 if (lr == 0)
0654 return 0;
0655
0656 buffer[5] = LOCKING_RANGE_NON_GLOBAL;
0657 buffer[7] = lr;
0658
0659 return 0;
0660 }
0661
0662 static int build_locking_user(u8 *buffer, size_t length, u8 lr)
0663 {
0664 if (length > OPAL_UID_LENGTH) {
0665 pr_debug("Can't build locking range user. Length OOB\n");
0666 return -ERANGE;
0667 }
0668
0669 memcpy(buffer, opaluid[OPAL_USER1_UID], OPAL_UID_LENGTH);
0670
0671 buffer[7] = lr + 1;
0672
0673 return 0;
0674 }
0675
0676 static void set_comid(struct opal_dev *cmd, u16 comid)
0677 {
0678 struct opal_header *hdr = (struct opal_header *)cmd->cmd;
0679
0680 hdr->cp.extendedComID[0] = comid >> 8;
0681 hdr->cp.extendedComID[1] = comid;
0682 hdr->cp.extendedComID[2] = 0;
0683 hdr->cp.extendedComID[3] = 0;
0684 }
0685
0686 static int cmd_finalize(struct opal_dev *cmd, u32 hsn, u32 tsn)
0687 {
0688 struct opal_header *hdr;
0689 int err = 0;
0690
0691
0692
0693
0694
0695
0696 add_token_u8(&err, cmd, OPAL_ENDLIST);
0697
0698 add_token_u8(&err, cmd, OPAL_ENDOFDATA);
0699 add_token_u8(&err, cmd, OPAL_STARTLIST);
0700 add_token_u8(&err, cmd, 0);
0701 add_token_u8(&err, cmd, 0);
0702 add_token_u8(&err, cmd, 0);
0703 add_token_u8(&err, cmd, OPAL_ENDLIST);
0704
0705 if (err) {
0706 pr_debug("Error finalizing command.\n");
0707 return -EFAULT;
0708 }
0709
0710 hdr = (struct opal_header *) cmd->cmd;
0711
0712 hdr->pkt.tsn = cpu_to_be32(tsn);
0713 hdr->pkt.hsn = cpu_to_be32(hsn);
0714
0715 hdr->subpkt.length = cpu_to_be32(cmd->pos - sizeof(*hdr));
0716 while (cmd->pos % 4) {
0717 if (cmd->pos >= IO_BUFFER_LENGTH) {
0718 pr_debug("Error: Buffer overrun\n");
0719 return -ERANGE;
0720 }
0721 cmd->cmd[cmd->pos++] = 0;
0722 }
0723 hdr->pkt.length = cpu_to_be32(cmd->pos - sizeof(hdr->cp) -
0724 sizeof(hdr->pkt));
0725 hdr->cp.length = cpu_to_be32(cmd->pos - sizeof(hdr->cp));
0726
0727 return 0;
0728 }
0729
0730 static const struct opal_resp_tok *response_get_token(
0731 const struct parsed_resp *resp,
0732 int n)
0733 {
0734 const struct opal_resp_tok *tok;
0735
0736 if (!resp) {
0737 pr_debug("Response is NULL\n");
0738 return ERR_PTR(-EINVAL);
0739 }
0740
0741 if (n >= resp->num) {
0742 pr_debug("Token number doesn't exist: %d, resp: %d\n",
0743 n, resp->num);
0744 return ERR_PTR(-EINVAL);
0745 }
0746
0747 tok = &resp->toks[n];
0748 if (tok->len == 0) {
0749 pr_debug("Token length must be non-zero\n");
0750 return ERR_PTR(-EINVAL);
0751 }
0752
0753 return tok;
0754 }
0755
0756 static ssize_t response_parse_tiny(struct opal_resp_tok *tok,
0757 const u8 *pos)
0758 {
0759 tok->pos = pos;
0760 tok->len = 1;
0761 tok->width = OPAL_WIDTH_TINY;
0762
0763 if (pos[0] & TINY_ATOM_SIGNED) {
0764 tok->type = OPAL_DTA_TOKENID_SINT;
0765 } else {
0766 tok->type = OPAL_DTA_TOKENID_UINT;
0767 tok->stored.u = pos[0] & 0x3f;
0768 }
0769
0770 return tok->len;
0771 }
0772
0773 static ssize_t response_parse_short(struct opal_resp_tok *tok,
0774 const u8 *pos)
0775 {
0776 tok->pos = pos;
0777 tok->len = (pos[0] & SHORT_ATOM_LEN_MASK) + 1;
0778 tok->width = OPAL_WIDTH_SHORT;
0779
0780 if (pos[0] & SHORT_ATOM_BYTESTRING) {
0781 tok->type = OPAL_DTA_TOKENID_BYTESTRING;
0782 } else if (pos[0] & SHORT_ATOM_SIGNED) {
0783 tok->type = OPAL_DTA_TOKENID_SINT;
0784 } else {
0785 u64 u_integer = 0;
0786 ssize_t i, b = 0;
0787
0788 tok->type = OPAL_DTA_TOKENID_UINT;
0789 if (tok->len > 9) {
0790 pr_debug("uint64 with more than 8 bytes\n");
0791 return -EINVAL;
0792 }
0793 for (i = tok->len - 1; i > 0; i--) {
0794 u_integer |= ((u64)pos[i] << (8 * b));
0795 b++;
0796 }
0797 tok->stored.u = u_integer;
0798 }
0799
0800 return tok->len;
0801 }
0802
0803 static ssize_t response_parse_medium(struct opal_resp_tok *tok,
0804 const u8 *pos)
0805 {
0806 tok->pos = pos;
0807 tok->len = (((pos[0] & MEDIUM_ATOM_LEN_MASK) << 8) | pos[1]) + 2;
0808 tok->width = OPAL_WIDTH_MEDIUM;
0809
0810 if (pos[0] & MEDIUM_ATOM_BYTESTRING)
0811 tok->type = OPAL_DTA_TOKENID_BYTESTRING;
0812 else if (pos[0] & MEDIUM_ATOM_SIGNED)
0813 tok->type = OPAL_DTA_TOKENID_SINT;
0814 else
0815 tok->type = OPAL_DTA_TOKENID_UINT;
0816
0817 return tok->len;
0818 }
0819
0820 static ssize_t response_parse_long(struct opal_resp_tok *tok,
0821 const u8 *pos)
0822 {
0823 tok->pos = pos;
0824 tok->len = ((pos[1] << 16) | (pos[2] << 8) | pos[3]) + 4;
0825 tok->width = OPAL_WIDTH_LONG;
0826
0827 if (pos[0] & LONG_ATOM_BYTESTRING)
0828 tok->type = OPAL_DTA_TOKENID_BYTESTRING;
0829 else if (pos[0] & LONG_ATOM_SIGNED)
0830 tok->type = OPAL_DTA_TOKENID_SINT;
0831 else
0832 tok->type = OPAL_DTA_TOKENID_UINT;
0833
0834 return tok->len;
0835 }
0836
0837 static ssize_t response_parse_token(struct opal_resp_tok *tok,
0838 const u8 *pos)
0839 {
0840 tok->pos = pos;
0841 tok->len = 1;
0842 tok->type = OPAL_DTA_TOKENID_TOKEN;
0843 tok->width = OPAL_WIDTH_TOKEN;
0844
0845 return tok->len;
0846 }
0847
0848 static int response_parse(const u8 *buf, size_t length,
0849 struct parsed_resp *resp)
0850 {
0851 const struct opal_header *hdr;
0852 struct opal_resp_tok *iter;
0853 int num_entries = 0;
0854 int total;
0855 ssize_t token_length;
0856 const u8 *pos;
0857 u32 clen, plen, slen;
0858
0859 if (!buf)
0860 return -EFAULT;
0861
0862 if (!resp)
0863 return -EFAULT;
0864
0865 hdr = (struct opal_header *)buf;
0866 pos = buf;
0867 pos += sizeof(*hdr);
0868
0869 clen = be32_to_cpu(hdr->cp.length);
0870 plen = be32_to_cpu(hdr->pkt.length);
0871 slen = be32_to_cpu(hdr->subpkt.length);
0872 pr_debug("Response size: cp: %u, pkt: %u, subpkt: %u\n",
0873 clen, plen, slen);
0874
0875 if (clen == 0 || plen == 0 || slen == 0 ||
0876 slen > IO_BUFFER_LENGTH - sizeof(*hdr)) {
0877 pr_debug("Bad header length. cp: %u, pkt: %u, subpkt: %u\n",
0878 clen, plen, slen);
0879 print_buffer(pos, sizeof(*hdr));
0880 return -EINVAL;
0881 }
0882
0883 if (pos > buf + length)
0884 return -EFAULT;
0885
0886 iter = resp->toks;
0887 total = slen;
0888 print_buffer(pos, total);
0889 while (total > 0) {
0890 if (pos[0] <= TINY_ATOM_BYTE)
0891 token_length = response_parse_tiny(iter, pos);
0892 else if (pos[0] <= SHORT_ATOM_BYTE)
0893 token_length = response_parse_short(iter, pos);
0894 else if (pos[0] <= MEDIUM_ATOM_BYTE)
0895 token_length = response_parse_medium(iter, pos);
0896 else if (pos[0] <= LONG_ATOM_BYTE)
0897 token_length = response_parse_long(iter, pos);
0898 else
0899 token_length = response_parse_token(iter, pos);
0900
0901 if (token_length < 0)
0902 return token_length;
0903
0904 pos += token_length;
0905 total -= token_length;
0906 iter++;
0907 num_entries++;
0908 }
0909
0910 resp->num = num_entries;
0911
0912 return 0;
0913 }
0914
0915 static size_t response_get_string(const struct parsed_resp *resp, int n,
0916 const char **store)
0917 {
0918 u8 skip;
0919 const struct opal_resp_tok *tok;
0920
0921 *store = NULL;
0922 tok = response_get_token(resp, n);
0923 if (IS_ERR(tok))
0924 return 0;
0925
0926 if (tok->type != OPAL_DTA_TOKENID_BYTESTRING) {
0927 pr_debug("Token is not a byte string!\n");
0928 return 0;
0929 }
0930
0931 switch (tok->width) {
0932 case OPAL_WIDTH_TINY:
0933 case OPAL_WIDTH_SHORT:
0934 skip = 1;
0935 break;
0936 case OPAL_WIDTH_MEDIUM:
0937 skip = 2;
0938 break;
0939 case OPAL_WIDTH_LONG:
0940 skip = 4;
0941 break;
0942 default:
0943 pr_debug("Token has invalid width!\n");
0944 return 0;
0945 }
0946
0947 *store = tok->pos + skip;
0948
0949 return tok->len - skip;
0950 }
0951
0952 static u64 response_get_u64(const struct parsed_resp *resp, int n)
0953 {
0954 const struct opal_resp_tok *tok;
0955
0956 tok = response_get_token(resp, n);
0957 if (IS_ERR(tok))
0958 return 0;
0959
0960 if (tok->type != OPAL_DTA_TOKENID_UINT) {
0961 pr_debug("Token is not unsigned int: %d\n", tok->type);
0962 return 0;
0963 }
0964
0965 if (tok->width != OPAL_WIDTH_TINY && tok->width != OPAL_WIDTH_SHORT) {
0966 pr_debug("Atom is not short or tiny: %d\n", tok->width);
0967 return 0;
0968 }
0969
0970 return tok->stored.u;
0971 }
0972
0973 static bool response_token_matches(const struct opal_resp_tok *token, u8 match)
0974 {
0975 if (IS_ERR(token) ||
0976 token->type != OPAL_DTA_TOKENID_TOKEN ||
0977 token->pos[0] != match)
0978 return false;
0979 return true;
0980 }
0981
0982 static u8 response_status(const struct parsed_resp *resp)
0983 {
0984 const struct opal_resp_tok *tok;
0985
0986 tok = response_get_token(resp, 0);
0987 if (response_token_matches(tok, OPAL_ENDOFSESSION))
0988 return 0;
0989
0990 if (resp->num < 5)
0991 return DTAERROR_NO_METHOD_STATUS;
0992
0993 tok = response_get_token(resp, resp->num - 5);
0994 if (!response_token_matches(tok, OPAL_STARTLIST))
0995 return DTAERROR_NO_METHOD_STATUS;
0996
0997 tok = response_get_token(resp, resp->num - 1);
0998 if (!response_token_matches(tok, OPAL_ENDLIST))
0999 return DTAERROR_NO_METHOD_STATUS;
1000
1001 return response_get_u64(resp, resp->num - 4);
1002 }
1003
1004
1005 static int parse_and_check_status(struct opal_dev *dev)
1006 {
1007 int error;
1008
1009 print_buffer(dev->cmd, dev->pos);
1010
1011 error = response_parse(dev->resp, IO_BUFFER_LENGTH, &dev->parsed);
1012 if (error) {
1013 pr_debug("Couldn't parse response.\n");
1014 return error;
1015 }
1016
1017 return response_status(&dev->parsed);
1018 }
1019
1020 static void clear_opal_cmd(struct opal_dev *dev)
1021 {
1022 dev->pos = sizeof(struct opal_header);
1023 memset(dev->cmd, 0, IO_BUFFER_LENGTH);
1024 }
1025
1026 static int cmd_start(struct opal_dev *dev, const u8 *uid, const u8 *method)
1027 {
1028 int err = 0;
1029
1030 clear_opal_cmd(dev);
1031 set_comid(dev, dev->comid);
1032
1033 add_token_u8(&err, dev, OPAL_CALL);
1034 add_token_bytestring(&err, dev, uid, OPAL_UID_LENGTH);
1035 add_token_bytestring(&err, dev, method, OPAL_METHOD_LENGTH);
1036
1037
1038
1039
1040
1041
1042 add_token_u8(&err, dev, OPAL_STARTLIST);
1043
1044 return err;
1045 }
1046
1047 static int start_opal_session_cont(struct opal_dev *dev)
1048 {
1049 u32 hsn, tsn;
1050 int error = 0;
1051
1052 error = parse_and_check_status(dev);
1053 if (error)
1054 return error;
1055
1056 hsn = response_get_u64(&dev->parsed, 4);
1057 tsn = response_get_u64(&dev->parsed, 5);
1058
1059 if (hsn != GENERIC_HOST_SESSION_NUM || tsn < FIRST_TPER_SESSION_NUM) {
1060 pr_debug("Couldn't authenticate session\n");
1061 return -EPERM;
1062 }
1063
1064 dev->hsn = hsn;
1065 dev->tsn = tsn;
1066
1067 return 0;
1068 }
1069
1070 static void add_suspend_info(struct opal_dev *dev,
1071 struct opal_suspend_data *sus)
1072 {
1073 struct opal_suspend_data *iter;
1074
1075 list_for_each_entry(iter, &dev->unlk_lst, node) {
1076 if (iter->lr == sus->lr) {
1077 list_del(&iter->node);
1078 kfree(iter);
1079 break;
1080 }
1081 }
1082 list_add_tail(&sus->node, &dev->unlk_lst);
1083 }
1084
1085 static int end_session_cont(struct opal_dev *dev)
1086 {
1087 dev->hsn = 0;
1088 dev->tsn = 0;
1089
1090 return parse_and_check_status(dev);
1091 }
1092
1093 static int finalize_and_send(struct opal_dev *dev, cont_fn cont)
1094 {
1095 int ret;
1096
1097 ret = cmd_finalize(dev, dev->hsn, dev->tsn);
1098 if (ret) {
1099 pr_debug("Error finalizing command buffer: %d\n", ret);
1100 return ret;
1101 }
1102
1103 print_buffer(dev->cmd, dev->pos);
1104
1105 return opal_send_recv(dev, cont);
1106 }
1107
1108
1109
1110
1111
1112 static int generic_get_column(struct opal_dev *dev, const u8 *table,
1113 u64 column)
1114 {
1115 int err;
1116
1117 err = cmd_start(dev, table, opalmethod[OPAL_GET]);
1118
1119 add_token_u8(&err, dev, OPAL_STARTLIST);
1120
1121 add_token_u8(&err, dev, OPAL_STARTNAME);
1122 add_token_u8(&err, dev, OPAL_STARTCOLUMN);
1123 add_token_u64(&err, dev, column);
1124 add_token_u8(&err, dev, OPAL_ENDNAME);
1125
1126 add_token_u8(&err, dev, OPAL_STARTNAME);
1127 add_token_u8(&err, dev, OPAL_ENDCOLUMN);
1128 add_token_u64(&err, dev, column);
1129 add_token_u8(&err, dev, OPAL_ENDNAME);
1130
1131 add_token_u8(&err, dev, OPAL_ENDLIST);
1132
1133 if (err)
1134 return err;
1135
1136 return finalize_and_send(dev, parse_and_check_status);
1137 }
1138
1139
1140
1141
1142
1143
1144 static int generic_get_table_info(struct opal_dev *dev, const u8 *table_uid,
1145 u64 column)
1146 {
1147 u8 uid[OPAL_UID_LENGTH];
1148 const unsigned int half = OPAL_UID_LENGTH_HALF;
1149
1150
1151
1152
1153
1154
1155
1156 memcpy(uid, opaluid[OPAL_TABLE_TABLE], half);
1157 memcpy(uid + half, table_uid, half);
1158
1159 return generic_get_column(dev, uid, column);
1160 }
1161
1162 static int gen_key(struct opal_dev *dev, void *data)
1163 {
1164 u8 uid[OPAL_UID_LENGTH];
1165 int err;
1166
1167 memcpy(uid, dev->prev_data, min(sizeof(uid), dev->prev_d_len));
1168 kfree(dev->prev_data);
1169 dev->prev_data = NULL;
1170
1171 err = cmd_start(dev, uid, opalmethod[OPAL_GENKEY]);
1172
1173 if (err) {
1174 pr_debug("Error building gen key command\n");
1175 return err;
1176
1177 }
1178
1179 return finalize_and_send(dev, parse_and_check_status);
1180 }
1181
1182 static int get_active_key_cont(struct opal_dev *dev)
1183 {
1184 const char *activekey;
1185 size_t keylen;
1186 int error = 0;
1187
1188 error = parse_and_check_status(dev);
1189 if (error)
1190 return error;
1191
1192 keylen = response_get_string(&dev->parsed, 4, &activekey);
1193 if (!activekey) {
1194 pr_debug("%s: Couldn't extract the Activekey from the response\n",
1195 __func__);
1196 return OPAL_INVAL_PARAM;
1197 }
1198
1199 dev->prev_data = kmemdup(activekey, keylen, GFP_KERNEL);
1200
1201 if (!dev->prev_data)
1202 return -ENOMEM;
1203
1204 dev->prev_d_len = keylen;
1205
1206 return 0;
1207 }
1208
1209 static int get_active_key(struct opal_dev *dev, void *data)
1210 {
1211 u8 uid[OPAL_UID_LENGTH];
1212 int err;
1213 u8 *lr = data;
1214
1215 err = build_locking_range(uid, sizeof(uid), *lr);
1216 if (err)
1217 return err;
1218
1219 err = generic_get_column(dev, uid, OPAL_ACTIVEKEY);
1220 if (err)
1221 return err;
1222
1223 return get_active_key_cont(dev);
1224 }
1225
1226 static int generic_table_write_data(struct opal_dev *dev, const u64 data,
1227 u64 offset, u64 size, const u8 *uid)
1228 {
1229 const u8 __user *src = (u8 __user *)(uintptr_t)data;
1230 u8 *dst;
1231 u64 len;
1232 size_t off = 0;
1233 int err;
1234
1235
1236 err = generic_get_table_info(dev, uid, OPAL_TABLE_ROWS);
1237 if (err) {
1238 pr_debug("Couldn't get the table size\n");
1239 return err;
1240 }
1241
1242 len = response_get_u64(&dev->parsed, 4);
1243 if (size > len || offset > len - size) {
1244 pr_debug("Does not fit in the table (%llu vs. %llu)\n",
1245 offset + size, len);
1246 return -ENOSPC;
1247 }
1248
1249
1250 while (off < size) {
1251 err = cmd_start(dev, uid, opalmethod[OPAL_SET]);
1252 add_token_u8(&err, dev, OPAL_STARTNAME);
1253 add_token_u8(&err, dev, OPAL_WHERE);
1254 add_token_u64(&err, dev, offset + off);
1255 add_token_u8(&err, dev, OPAL_ENDNAME);
1256
1257 add_token_u8(&err, dev, OPAL_STARTNAME);
1258 add_token_u8(&err, dev, OPAL_VALUES);
1259
1260
1261
1262
1263
1264
1265
1266 len = min(remaining_size(dev) - (2+1+CMD_FINALIZE_BYTES_NEEDED),
1267 (size_t)(size - off));
1268 pr_debug("Write bytes %zu+%llu/%llu\n", off, len, size);
1269
1270 dst = add_bytestring_header(&err, dev, len);
1271 if (!dst)
1272 break;
1273
1274 if (copy_from_user(dst, src + off, len)) {
1275 err = -EFAULT;
1276 break;
1277 }
1278
1279 dev->pos += len;
1280
1281 add_token_u8(&err, dev, OPAL_ENDNAME);
1282 if (err)
1283 break;
1284
1285 err = finalize_and_send(dev, parse_and_check_status);
1286 if (err)
1287 break;
1288
1289 off += len;
1290 }
1291
1292 return err;
1293 }
1294
1295 static int generic_lr_enable_disable(struct opal_dev *dev,
1296 u8 *uid, bool rle, bool wle,
1297 bool rl, bool wl)
1298 {
1299 int err;
1300
1301 err = cmd_start(dev, uid, opalmethod[OPAL_SET]);
1302
1303 add_token_u8(&err, dev, OPAL_STARTNAME);
1304 add_token_u8(&err, dev, OPAL_VALUES);
1305 add_token_u8(&err, dev, OPAL_STARTLIST);
1306
1307 add_token_u8(&err, dev, OPAL_STARTNAME);
1308 add_token_u8(&err, dev, OPAL_READLOCKENABLED);
1309 add_token_u8(&err, dev, rle);
1310 add_token_u8(&err, dev, OPAL_ENDNAME);
1311
1312 add_token_u8(&err, dev, OPAL_STARTNAME);
1313 add_token_u8(&err, dev, OPAL_WRITELOCKENABLED);
1314 add_token_u8(&err, dev, wle);
1315 add_token_u8(&err, dev, OPAL_ENDNAME);
1316
1317 add_token_u8(&err, dev, OPAL_STARTNAME);
1318 add_token_u8(&err, dev, OPAL_READLOCKED);
1319 add_token_u8(&err, dev, rl);
1320 add_token_u8(&err, dev, OPAL_ENDNAME);
1321
1322 add_token_u8(&err, dev, OPAL_STARTNAME);
1323 add_token_u8(&err, dev, OPAL_WRITELOCKED);
1324 add_token_u8(&err, dev, wl);
1325 add_token_u8(&err, dev, OPAL_ENDNAME);
1326
1327 add_token_u8(&err, dev, OPAL_ENDLIST);
1328 add_token_u8(&err, dev, OPAL_ENDNAME);
1329
1330 return err;
1331 }
1332
1333 static inline int enable_global_lr(struct opal_dev *dev, u8 *uid,
1334 struct opal_user_lr_setup *setup)
1335 {
1336 int err;
1337
1338 err = generic_lr_enable_disable(dev, uid, !!setup->RLE, !!setup->WLE,
1339 0, 0);
1340 if (err)
1341 pr_debug("Failed to create enable global lr command\n");
1342
1343 return err;
1344 }
1345
1346 static int setup_locking_range(struct opal_dev *dev, void *data)
1347 {
1348 u8 uid[OPAL_UID_LENGTH];
1349 struct opal_user_lr_setup *setup = data;
1350 u8 lr;
1351 int err;
1352
1353 lr = setup->session.opal_key.lr;
1354 err = build_locking_range(uid, sizeof(uid), lr);
1355 if (err)
1356 return err;
1357
1358 if (lr == 0)
1359 err = enable_global_lr(dev, uid, setup);
1360 else {
1361 err = cmd_start(dev, uid, opalmethod[OPAL_SET]);
1362
1363 add_token_u8(&err, dev, OPAL_STARTNAME);
1364 add_token_u8(&err, dev, OPAL_VALUES);
1365 add_token_u8(&err, dev, OPAL_STARTLIST);
1366
1367 add_token_u8(&err, dev, OPAL_STARTNAME);
1368 add_token_u8(&err, dev, OPAL_RANGESTART);
1369 add_token_u64(&err, dev, setup->range_start);
1370 add_token_u8(&err, dev, OPAL_ENDNAME);
1371
1372 add_token_u8(&err, dev, OPAL_STARTNAME);
1373 add_token_u8(&err, dev, OPAL_RANGELENGTH);
1374 add_token_u64(&err, dev, setup->range_length);
1375 add_token_u8(&err, dev, OPAL_ENDNAME);
1376
1377 add_token_u8(&err, dev, OPAL_STARTNAME);
1378 add_token_u8(&err, dev, OPAL_READLOCKENABLED);
1379 add_token_u64(&err, dev, !!setup->RLE);
1380 add_token_u8(&err, dev, OPAL_ENDNAME);
1381
1382 add_token_u8(&err, dev, OPAL_STARTNAME);
1383 add_token_u8(&err, dev, OPAL_WRITELOCKENABLED);
1384 add_token_u64(&err, dev, !!setup->WLE);
1385 add_token_u8(&err, dev, OPAL_ENDNAME);
1386
1387 add_token_u8(&err, dev, OPAL_ENDLIST);
1388 add_token_u8(&err, dev, OPAL_ENDNAME);
1389 }
1390 if (err) {
1391 pr_debug("Error building Setup Locking range command.\n");
1392 return err;
1393 }
1394
1395 return finalize_and_send(dev, parse_and_check_status);
1396 }
1397
1398 static int start_generic_opal_session(struct opal_dev *dev,
1399 enum opal_uid auth,
1400 enum opal_uid sp_type,
1401 const char *key,
1402 u8 key_len)
1403 {
1404 u32 hsn;
1405 int err;
1406
1407 if (key == NULL && auth != OPAL_ANYBODY_UID)
1408 return OPAL_INVAL_PARAM;
1409
1410 hsn = GENERIC_HOST_SESSION_NUM;
1411 err = cmd_start(dev, opaluid[OPAL_SMUID_UID],
1412 opalmethod[OPAL_STARTSESSION]);
1413
1414 add_token_u64(&err, dev, hsn);
1415 add_token_bytestring(&err, dev, opaluid[sp_type], OPAL_UID_LENGTH);
1416 add_token_u8(&err, dev, 1);
1417
1418 switch (auth) {
1419 case OPAL_ANYBODY_UID:
1420 break;
1421 case OPAL_ADMIN1_UID:
1422 case OPAL_SID_UID:
1423 case OPAL_PSID_UID:
1424 add_token_u8(&err, dev, OPAL_STARTNAME);
1425 add_token_u8(&err, dev, 0);
1426 add_token_bytestring(&err, dev, key, key_len);
1427 add_token_u8(&err, dev, OPAL_ENDNAME);
1428 add_token_u8(&err, dev, OPAL_STARTNAME);
1429 add_token_u8(&err, dev, 3);
1430 add_token_bytestring(&err, dev, opaluid[auth],
1431 OPAL_UID_LENGTH);
1432 add_token_u8(&err, dev, OPAL_ENDNAME);
1433 break;
1434 default:
1435 pr_debug("Cannot start Admin SP session with auth %d\n", auth);
1436 return OPAL_INVAL_PARAM;
1437 }
1438
1439 if (err) {
1440 pr_debug("Error building start adminsp session command.\n");
1441 return err;
1442 }
1443
1444 return finalize_and_send(dev, start_opal_session_cont);
1445 }
1446
1447 static int start_anybodyASP_opal_session(struct opal_dev *dev, void *data)
1448 {
1449 return start_generic_opal_session(dev, OPAL_ANYBODY_UID,
1450 OPAL_ADMINSP_UID, NULL, 0);
1451 }
1452
1453 static int start_SIDASP_opal_session(struct opal_dev *dev, void *data)
1454 {
1455 int ret;
1456 const u8 *key = dev->prev_data;
1457
1458 if (!key) {
1459 const struct opal_key *okey = data;
1460
1461 ret = start_generic_opal_session(dev, OPAL_SID_UID,
1462 OPAL_ADMINSP_UID,
1463 okey->key,
1464 okey->key_len);
1465 } else {
1466 ret = start_generic_opal_session(dev, OPAL_SID_UID,
1467 OPAL_ADMINSP_UID,
1468 key, dev->prev_d_len);
1469 kfree(key);
1470 dev->prev_data = NULL;
1471 }
1472
1473 return ret;
1474 }
1475
1476 static int start_admin1LSP_opal_session(struct opal_dev *dev, void *data)
1477 {
1478 struct opal_key *key = data;
1479
1480 return start_generic_opal_session(dev, OPAL_ADMIN1_UID,
1481 OPAL_LOCKINGSP_UID,
1482 key->key, key->key_len);
1483 }
1484
1485 static int start_PSID_opal_session(struct opal_dev *dev, void *data)
1486 {
1487 const struct opal_key *okey = data;
1488
1489 return start_generic_opal_session(dev, OPAL_PSID_UID,
1490 OPAL_ADMINSP_UID,
1491 okey->key,
1492 okey->key_len);
1493 }
1494
1495 static int start_auth_opal_session(struct opal_dev *dev, void *data)
1496 {
1497 struct opal_session_info *session = data;
1498 u8 lk_ul_user[OPAL_UID_LENGTH];
1499 size_t keylen = session->opal_key.key_len;
1500 int err = 0;
1501
1502 u8 *key = session->opal_key.key;
1503 u32 hsn = GENERIC_HOST_SESSION_NUM;
1504
1505 if (session->sum)
1506 err = build_locking_user(lk_ul_user, sizeof(lk_ul_user),
1507 session->opal_key.lr);
1508 else if (session->who != OPAL_ADMIN1 && !session->sum)
1509 err = build_locking_user(lk_ul_user, sizeof(lk_ul_user),
1510 session->who - 1);
1511 else
1512 memcpy(lk_ul_user, opaluid[OPAL_ADMIN1_UID], OPAL_UID_LENGTH);
1513
1514 if (err)
1515 return err;
1516
1517 err = cmd_start(dev, opaluid[OPAL_SMUID_UID],
1518 opalmethod[OPAL_STARTSESSION]);
1519
1520 add_token_u64(&err, dev, hsn);
1521 add_token_bytestring(&err, dev, opaluid[OPAL_LOCKINGSP_UID],
1522 OPAL_UID_LENGTH);
1523 add_token_u8(&err, dev, 1);
1524 add_token_u8(&err, dev, OPAL_STARTNAME);
1525 add_token_u8(&err, dev, 0);
1526 add_token_bytestring(&err, dev, key, keylen);
1527 add_token_u8(&err, dev, OPAL_ENDNAME);
1528 add_token_u8(&err, dev, OPAL_STARTNAME);
1529 add_token_u8(&err, dev, 3);
1530 add_token_bytestring(&err, dev, lk_ul_user, OPAL_UID_LENGTH);
1531 add_token_u8(&err, dev, OPAL_ENDNAME);
1532
1533 if (err) {
1534 pr_debug("Error building STARTSESSION command.\n");
1535 return err;
1536 }
1537
1538 return finalize_and_send(dev, start_opal_session_cont);
1539 }
1540
1541 static int revert_tper(struct opal_dev *dev, void *data)
1542 {
1543 int err;
1544
1545 err = cmd_start(dev, opaluid[OPAL_ADMINSP_UID],
1546 opalmethod[OPAL_REVERT]);
1547 if (err) {
1548 pr_debug("Error building REVERT TPER command.\n");
1549 return err;
1550 }
1551
1552 return finalize_and_send(dev, parse_and_check_status);
1553 }
1554
1555 static int internal_activate_user(struct opal_dev *dev, void *data)
1556 {
1557 struct opal_session_info *session = data;
1558 u8 uid[OPAL_UID_LENGTH];
1559 int err;
1560
1561 memcpy(uid, opaluid[OPAL_USER1_UID], OPAL_UID_LENGTH);
1562 uid[7] = session->who;
1563
1564 err = cmd_start(dev, uid, opalmethod[OPAL_SET]);
1565 add_token_u8(&err, dev, OPAL_STARTNAME);
1566 add_token_u8(&err, dev, OPAL_VALUES);
1567 add_token_u8(&err, dev, OPAL_STARTLIST);
1568 add_token_u8(&err, dev, OPAL_STARTNAME);
1569 add_token_u8(&err, dev, 5);
1570 add_token_u8(&err, dev, OPAL_TRUE);
1571 add_token_u8(&err, dev, OPAL_ENDNAME);
1572 add_token_u8(&err, dev, OPAL_ENDLIST);
1573 add_token_u8(&err, dev, OPAL_ENDNAME);
1574
1575 if (err) {
1576 pr_debug("Error building Activate UserN command.\n");
1577 return err;
1578 }
1579
1580 return finalize_and_send(dev, parse_and_check_status);
1581 }
1582
1583 static int erase_locking_range(struct opal_dev *dev, void *data)
1584 {
1585 struct opal_session_info *session = data;
1586 u8 uid[OPAL_UID_LENGTH];
1587 int err;
1588
1589 if (build_locking_range(uid, sizeof(uid), session->opal_key.lr) < 0)
1590 return -ERANGE;
1591
1592 err = cmd_start(dev, uid, opalmethod[OPAL_ERASE]);
1593
1594 if (err) {
1595 pr_debug("Error building Erase Locking Range Command.\n");
1596 return err;
1597 }
1598
1599 return finalize_and_send(dev, parse_and_check_status);
1600 }
1601
1602 static int set_mbr_done(struct opal_dev *dev, void *data)
1603 {
1604 u8 *mbr_done_tf = data;
1605 int err;
1606
1607 err = cmd_start(dev, opaluid[OPAL_MBRCONTROL],
1608 opalmethod[OPAL_SET]);
1609
1610 add_token_u8(&err, dev, OPAL_STARTNAME);
1611 add_token_u8(&err, dev, OPAL_VALUES);
1612 add_token_u8(&err, dev, OPAL_STARTLIST);
1613 add_token_u8(&err, dev, OPAL_STARTNAME);
1614 add_token_u8(&err, dev, OPAL_MBRDONE);
1615 add_token_u8(&err, dev, *mbr_done_tf);
1616 add_token_u8(&err, dev, OPAL_ENDNAME);
1617 add_token_u8(&err, dev, OPAL_ENDLIST);
1618 add_token_u8(&err, dev, OPAL_ENDNAME);
1619
1620 if (err) {
1621 pr_debug("Error Building set MBR Done command\n");
1622 return err;
1623 }
1624
1625 return finalize_and_send(dev, parse_and_check_status);
1626 }
1627
1628 static int set_mbr_enable_disable(struct opal_dev *dev, void *data)
1629 {
1630 u8 *mbr_en_dis = data;
1631 int err;
1632
1633 err = cmd_start(dev, opaluid[OPAL_MBRCONTROL],
1634 opalmethod[OPAL_SET]);
1635
1636 add_token_u8(&err, dev, OPAL_STARTNAME);
1637 add_token_u8(&err, dev, OPAL_VALUES);
1638 add_token_u8(&err, dev, OPAL_STARTLIST);
1639 add_token_u8(&err, dev, OPAL_STARTNAME);
1640 add_token_u8(&err, dev, OPAL_MBRENABLE);
1641 add_token_u8(&err, dev, *mbr_en_dis);
1642 add_token_u8(&err, dev, OPAL_ENDNAME);
1643 add_token_u8(&err, dev, OPAL_ENDLIST);
1644 add_token_u8(&err, dev, OPAL_ENDNAME);
1645
1646 if (err) {
1647 pr_debug("Error Building set MBR done command\n");
1648 return err;
1649 }
1650
1651 return finalize_and_send(dev, parse_and_check_status);
1652 }
1653
1654 static int write_shadow_mbr(struct opal_dev *dev, void *data)
1655 {
1656 struct opal_shadow_mbr *shadow = data;
1657
1658 return generic_table_write_data(dev, shadow->data, shadow->offset,
1659 shadow->size, opaluid[OPAL_MBR]);
1660 }
1661
1662 static int generic_pw_cmd(u8 *key, size_t key_len, u8 *cpin_uid,
1663 struct opal_dev *dev)
1664 {
1665 int err;
1666
1667 err = cmd_start(dev, cpin_uid, opalmethod[OPAL_SET]);
1668
1669 add_token_u8(&err, dev, OPAL_STARTNAME);
1670 add_token_u8(&err, dev, OPAL_VALUES);
1671 add_token_u8(&err, dev, OPAL_STARTLIST);
1672 add_token_u8(&err, dev, OPAL_STARTNAME);
1673 add_token_u8(&err, dev, OPAL_PIN);
1674 add_token_bytestring(&err, dev, key, key_len);
1675 add_token_u8(&err, dev, OPAL_ENDNAME);
1676 add_token_u8(&err, dev, OPAL_ENDLIST);
1677 add_token_u8(&err, dev, OPAL_ENDNAME);
1678
1679 return err;
1680 }
1681
1682 static int set_new_pw(struct opal_dev *dev, void *data)
1683 {
1684 u8 cpin_uid[OPAL_UID_LENGTH];
1685 struct opal_session_info *usr = data;
1686
1687 memcpy(cpin_uid, opaluid[OPAL_C_PIN_ADMIN1], OPAL_UID_LENGTH);
1688
1689 if (usr->who != OPAL_ADMIN1) {
1690 cpin_uid[5] = 0x03;
1691 if (usr->sum)
1692 cpin_uid[7] = usr->opal_key.lr + 1;
1693 else
1694 cpin_uid[7] = usr->who;
1695 }
1696
1697 if (generic_pw_cmd(usr->opal_key.key, usr->opal_key.key_len,
1698 cpin_uid, dev)) {
1699 pr_debug("Error building set password command.\n");
1700 return -ERANGE;
1701 }
1702
1703 return finalize_and_send(dev, parse_and_check_status);
1704 }
1705
1706 static int set_sid_cpin_pin(struct opal_dev *dev, void *data)
1707 {
1708 u8 cpin_uid[OPAL_UID_LENGTH];
1709 struct opal_key *key = data;
1710
1711 memcpy(cpin_uid, opaluid[OPAL_C_PIN_SID], OPAL_UID_LENGTH);
1712
1713 if (generic_pw_cmd(key->key, key->key_len, cpin_uid, dev)) {
1714 pr_debug("Error building Set SID cpin\n");
1715 return -ERANGE;
1716 }
1717 return finalize_and_send(dev, parse_and_check_status);
1718 }
1719
1720 static int add_user_to_lr(struct opal_dev *dev, void *data)
1721 {
1722 u8 lr_buffer[OPAL_UID_LENGTH];
1723 u8 user_uid[OPAL_UID_LENGTH];
1724 struct opal_lock_unlock *lkul = data;
1725 int err;
1726
1727 memcpy(lr_buffer, opaluid[OPAL_LOCKINGRANGE_ACE_RDLOCKED],
1728 OPAL_UID_LENGTH);
1729
1730 if (lkul->l_state == OPAL_RW)
1731 memcpy(lr_buffer, opaluid[OPAL_LOCKINGRANGE_ACE_WRLOCKED],
1732 OPAL_UID_LENGTH);
1733
1734 lr_buffer[7] = lkul->session.opal_key.lr;
1735
1736 memcpy(user_uid, opaluid[OPAL_USER1_UID], OPAL_UID_LENGTH);
1737
1738 user_uid[7] = lkul->session.who;
1739
1740 err = cmd_start(dev, lr_buffer, opalmethod[OPAL_SET]);
1741
1742 add_token_u8(&err, dev, OPAL_STARTNAME);
1743 add_token_u8(&err, dev, OPAL_VALUES);
1744
1745 add_token_u8(&err, dev, OPAL_STARTLIST);
1746 add_token_u8(&err, dev, OPAL_STARTNAME);
1747 add_token_u8(&err, dev, 3);
1748
1749 add_token_u8(&err, dev, OPAL_STARTLIST);
1750
1751
1752 add_token_u8(&err, dev, OPAL_STARTNAME);
1753 add_token_bytestring(&err, dev,
1754 opaluid[OPAL_HALF_UID_AUTHORITY_OBJ_REF],
1755 OPAL_UID_LENGTH/2);
1756 add_token_bytestring(&err, dev, user_uid, OPAL_UID_LENGTH);
1757 add_token_u8(&err, dev, OPAL_ENDNAME);
1758
1759
1760 add_token_u8(&err, dev, OPAL_STARTNAME);
1761 add_token_bytestring(&err, dev,
1762 opaluid[OPAL_HALF_UID_AUTHORITY_OBJ_REF],
1763 OPAL_UID_LENGTH/2);
1764 add_token_bytestring(&err, dev, user_uid, OPAL_UID_LENGTH);
1765 add_token_u8(&err, dev, OPAL_ENDNAME);
1766
1767
1768 add_token_u8(&err, dev, OPAL_STARTNAME);
1769 add_token_bytestring(&err, dev, opaluid[OPAL_HALF_UID_BOOLEAN_ACE],
1770 OPAL_UID_LENGTH/2);
1771 add_token_u8(&err, dev, 1);
1772 add_token_u8(&err, dev, OPAL_ENDNAME);
1773
1774
1775 add_token_u8(&err, dev, OPAL_ENDLIST);
1776 add_token_u8(&err, dev, OPAL_ENDNAME);
1777 add_token_u8(&err, dev, OPAL_ENDLIST);
1778 add_token_u8(&err, dev, OPAL_ENDNAME);
1779
1780 if (err) {
1781 pr_debug("Error building add user to locking range command.\n");
1782 return err;
1783 }
1784
1785 return finalize_and_send(dev, parse_and_check_status);
1786 }
1787
1788 static int lock_unlock_locking_range(struct opal_dev *dev, void *data)
1789 {
1790 u8 lr_buffer[OPAL_UID_LENGTH];
1791 struct opal_lock_unlock *lkul = data;
1792 u8 read_locked = 1, write_locked = 1;
1793 int err = 0;
1794
1795 if (build_locking_range(lr_buffer, sizeof(lr_buffer),
1796 lkul->session.opal_key.lr) < 0)
1797 return -ERANGE;
1798
1799 switch (lkul->l_state) {
1800 case OPAL_RO:
1801 read_locked = 0;
1802 write_locked = 1;
1803 break;
1804 case OPAL_RW:
1805 read_locked = 0;
1806 write_locked = 0;
1807 break;
1808 case OPAL_LK:
1809
1810 break;
1811 default:
1812 pr_debug("Tried to set an invalid locking state... returning to uland\n");
1813 return OPAL_INVAL_PARAM;
1814 }
1815
1816 err = cmd_start(dev, lr_buffer, opalmethod[OPAL_SET]);
1817
1818 add_token_u8(&err, dev, OPAL_STARTNAME);
1819 add_token_u8(&err, dev, OPAL_VALUES);
1820 add_token_u8(&err, dev, OPAL_STARTLIST);
1821
1822 add_token_u8(&err, dev, OPAL_STARTNAME);
1823 add_token_u8(&err, dev, OPAL_READLOCKED);
1824 add_token_u8(&err, dev, read_locked);
1825 add_token_u8(&err, dev, OPAL_ENDNAME);
1826
1827 add_token_u8(&err, dev, OPAL_STARTNAME);
1828 add_token_u8(&err, dev, OPAL_WRITELOCKED);
1829 add_token_u8(&err, dev, write_locked);
1830 add_token_u8(&err, dev, OPAL_ENDNAME);
1831
1832 add_token_u8(&err, dev, OPAL_ENDLIST);
1833 add_token_u8(&err, dev, OPAL_ENDNAME);
1834
1835 if (err) {
1836 pr_debug("Error building SET command.\n");
1837 return err;
1838 }
1839
1840 return finalize_and_send(dev, parse_and_check_status);
1841 }
1842
1843
1844 static int lock_unlock_locking_range_sum(struct opal_dev *dev, void *data)
1845 {
1846 u8 lr_buffer[OPAL_UID_LENGTH];
1847 u8 read_locked = 1, write_locked = 1;
1848 struct opal_lock_unlock *lkul = data;
1849 int ret;
1850
1851 clear_opal_cmd(dev);
1852 set_comid(dev, dev->comid);
1853
1854 if (build_locking_range(lr_buffer, sizeof(lr_buffer),
1855 lkul->session.opal_key.lr) < 0)
1856 return -ERANGE;
1857
1858 switch (lkul->l_state) {
1859 case OPAL_RO:
1860 read_locked = 0;
1861 write_locked = 1;
1862 break;
1863 case OPAL_RW:
1864 read_locked = 0;
1865 write_locked = 0;
1866 break;
1867 case OPAL_LK:
1868
1869 break;
1870 default:
1871 pr_debug("Tried to set an invalid locking state.\n");
1872 return OPAL_INVAL_PARAM;
1873 }
1874 ret = generic_lr_enable_disable(dev, lr_buffer, 1, 1,
1875 read_locked, write_locked);
1876
1877 if (ret < 0) {
1878 pr_debug("Error building SET command.\n");
1879 return ret;
1880 }
1881
1882 return finalize_and_send(dev, parse_and_check_status);
1883 }
1884
1885 static int activate_lsp(struct opal_dev *dev, void *data)
1886 {
1887 struct opal_lr_act *opal_act = data;
1888 u8 user_lr[OPAL_UID_LENGTH];
1889 int err, i;
1890
1891 err = cmd_start(dev, opaluid[OPAL_LOCKINGSP_UID],
1892 opalmethod[OPAL_ACTIVATE]);
1893
1894 if (opal_act->sum) {
1895 err = build_locking_range(user_lr, sizeof(user_lr),
1896 opal_act->lr[0]);
1897 if (err)
1898 return err;
1899
1900 add_token_u8(&err, dev, OPAL_STARTNAME);
1901 add_token_u64(&err, dev, OPAL_SUM_SET_LIST);
1902
1903 add_token_u8(&err, dev, OPAL_STARTLIST);
1904 add_token_bytestring(&err, dev, user_lr, OPAL_UID_LENGTH);
1905 for (i = 1; i < opal_act->num_lrs; i++) {
1906 user_lr[7] = opal_act->lr[i];
1907 add_token_bytestring(&err, dev, user_lr, OPAL_UID_LENGTH);
1908 }
1909 add_token_u8(&err, dev, OPAL_ENDLIST);
1910 add_token_u8(&err, dev, OPAL_ENDNAME);
1911 }
1912
1913 if (err) {
1914 pr_debug("Error building Activate LockingSP command.\n");
1915 return err;
1916 }
1917
1918 return finalize_and_send(dev, parse_and_check_status);
1919 }
1920
1921
1922 static int get_lsp_lifecycle(struct opal_dev *dev, void *data)
1923 {
1924 u8 lc_status;
1925 int err;
1926
1927 err = generic_get_column(dev, opaluid[OPAL_LOCKINGSP_UID],
1928 OPAL_LIFECYCLE);
1929 if (err)
1930 return err;
1931
1932 lc_status = response_get_u64(&dev->parsed, 4);
1933
1934
1935 if (lc_status != OPAL_MANUFACTURED_INACTIVE) {
1936 pr_debug("Couldn't determine the status of the Lifecycle state\n");
1937 return -ENODEV;
1938 }
1939
1940 return 0;
1941 }
1942
1943 static int get_msid_cpin_pin(struct opal_dev *dev, void *data)
1944 {
1945 const char *msid_pin;
1946 size_t strlen;
1947 int err;
1948
1949 err = generic_get_column(dev, opaluid[OPAL_C_PIN_MSID], OPAL_PIN);
1950 if (err)
1951 return err;
1952
1953 strlen = response_get_string(&dev->parsed, 4, &msid_pin);
1954 if (!msid_pin) {
1955 pr_debug("Couldn't extract MSID_CPIN from response\n");
1956 return OPAL_INVAL_PARAM;
1957 }
1958
1959 dev->prev_data = kmemdup(msid_pin, strlen, GFP_KERNEL);
1960 if (!dev->prev_data)
1961 return -ENOMEM;
1962
1963 dev->prev_d_len = strlen;
1964
1965 return 0;
1966 }
1967
1968 static int write_table_data(struct opal_dev *dev, void *data)
1969 {
1970 struct opal_read_write_table *write_tbl = data;
1971
1972 return generic_table_write_data(dev, write_tbl->data, write_tbl->offset,
1973 write_tbl->size, write_tbl->table_uid);
1974 }
1975
1976 static int read_table_data_cont(struct opal_dev *dev)
1977 {
1978 int err;
1979 const char *data_read;
1980
1981 err = parse_and_check_status(dev);
1982 if (err)
1983 return err;
1984
1985 dev->prev_d_len = response_get_string(&dev->parsed, 1, &data_read);
1986 dev->prev_data = (void *)data_read;
1987 if (!dev->prev_data) {
1988 pr_debug("%s: Couldn't read data from the table.\n", __func__);
1989 return OPAL_INVAL_PARAM;
1990 }
1991
1992 return 0;
1993 }
1994
1995
1996
1997
1998
1999
2000
2001
2002 #define OPAL_MAX_READ_TABLE (0x7BD)
2003
2004 static int read_table_data(struct opal_dev *dev, void *data)
2005 {
2006 struct opal_read_write_table *read_tbl = data;
2007 int err;
2008 size_t off = 0, max_read_size = OPAL_MAX_READ_TABLE;
2009 u64 table_len, len;
2010 u64 offset = read_tbl->offset, read_size = read_tbl->size - 1;
2011 u8 __user *dst;
2012
2013 err = generic_get_table_info(dev, read_tbl->table_uid, OPAL_TABLE_ROWS);
2014 if (err) {
2015 pr_debug("Couldn't get the table size\n");
2016 return err;
2017 }
2018
2019 table_len = response_get_u64(&dev->parsed, 4);
2020
2021
2022 if (read_size > table_len || offset > table_len - read_size) {
2023 pr_debug("Read size exceeds the Table size limits (%llu vs. %llu)\n",
2024 offset + read_size, table_len);
2025 return -EINVAL;
2026 }
2027
2028 while (off < read_size) {
2029 err = cmd_start(dev, read_tbl->table_uid, opalmethod[OPAL_GET]);
2030
2031 add_token_u8(&err, dev, OPAL_STARTLIST);
2032 add_token_u8(&err, dev, OPAL_STARTNAME);
2033 add_token_u8(&err, dev, OPAL_STARTROW);
2034 add_token_u64(&err, dev, offset + off);
2035 add_token_u8(&err, dev, OPAL_ENDNAME);
2036
2037 add_token_u8(&err, dev, OPAL_STARTNAME);
2038 add_token_u8(&err, dev, OPAL_ENDROW);
2039
2040 len = min(max_read_size, (size_t)(read_size - off));
2041 add_token_u64(&err, dev, offset + off + len);
2042
2043 add_token_u8(&err, dev, OPAL_ENDNAME);
2044 add_token_u8(&err, dev, OPAL_ENDLIST);
2045
2046 if (err) {
2047 pr_debug("Error building read table data command.\n");
2048 break;
2049 }
2050
2051 err = finalize_and_send(dev, read_table_data_cont);
2052 if (err)
2053 break;
2054
2055
2056 if (dev->prev_d_len > len + 1) {
2057 err = -EOVERFLOW;
2058 break;
2059 }
2060
2061 dst = (u8 __user *)(uintptr_t)read_tbl->data;
2062 if (copy_to_user(dst + off, dev->prev_data, dev->prev_d_len)) {
2063 pr_debug("Error copying data to userspace\n");
2064 err = -EFAULT;
2065 break;
2066 }
2067 dev->prev_data = NULL;
2068
2069 off += len;
2070 }
2071
2072 return err;
2073 }
2074
2075 static int end_opal_session(struct opal_dev *dev, void *data)
2076 {
2077 int err = 0;
2078
2079 clear_opal_cmd(dev);
2080 set_comid(dev, dev->comid);
2081 add_token_u8(&err, dev, OPAL_ENDOFSESSION);
2082
2083 if (err < 0)
2084 return err;
2085
2086 return finalize_and_send(dev, end_session_cont);
2087 }
2088
2089 static int end_opal_session_error(struct opal_dev *dev)
2090 {
2091 const struct opal_step error_end_session = {
2092 end_opal_session,
2093 };
2094
2095 return execute_step(dev, &error_end_session, 0);
2096 }
2097
2098 static inline void setup_opal_dev(struct opal_dev *dev)
2099 {
2100 dev->tsn = 0;
2101 dev->hsn = 0;
2102 dev->prev_data = NULL;
2103 }
2104
2105 static int check_opal_support(struct opal_dev *dev)
2106 {
2107 int ret;
2108
2109 mutex_lock(&dev->dev_lock);
2110 setup_opal_dev(dev);
2111 ret = opal_discovery0_step(dev);
2112 dev->supported = !ret;
2113 mutex_unlock(&dev->dev_lock);
2114
2115 return ret;
2116 }
2117
2118 static void clean_opal_dev(struct opal_dev *dev)
2119 {
2120
2121 struct opal_suspend_data *suspend, *next;
2122
2123 mutex_lock(&dev->dev_lock);
2124 list_for_each_entry_safe(suspend, next, &dev->unlk_lst, node) {
2125 list_del(&suspend->node);
2126 kfree(suspend);
2127 }
2128 mutex_unlock(&dev->dev_lock);
2129 }
2130
2131 void free_opal_dev(struct opal_dev *dev)
2132 {
2133 if (!dev)
2134 return;
2135
2136 clean_opal_dev(dev);
2137 kfree(dev);
2138 }
2139 EXPORT_SYMBOL(free_opal_dev);
2140
2141 struct opal_dev *init_opal_dev(void *data, sec_send_recv *send_recv)
2142 {
2143 struct opal_dev *dev;
2144
2145 dev = kmalloc(sizeof(*dev), GFP_KERNEL);
2146 if (!dev)
2147 return NULL;
2148
2149 INIT_LIST_HEAD(&dev->unlk_lst);
2150 mutex_init(&dev->dev_lock);
2151 dev->data = data;
2152 dev->send_recv = send_recv;
2153 if (check_opal_support(dev) != 0) {
2154 pr_debug("Opal is not supported on this device\n");
2155 kfree(dev);
2156 return NULL;
2157 }
2158
2159 return dev;
2160 }
2161 EXPORT_SYMBOL(init_opal_dev);
2162
2163 static int opal_secure_erase_locking_range(struct opal_dev *dev,
2164 struct opal_session_info *opal_session)
2165 {
2166 const struct opal_step erase_steps[] = {
2167 { start_auth_opal_session, opal_session },
2168 { get_active_key, &opal_session->opal_key.lr },
2169 { gen_key, },
2170 { end_opal_session, }
2171 };
2172 int ret;
2173
2174 mutex_lock(&dev->dev_lock);
2175 setup_opal_dev(dev);
2176 ret = execute_steps(dev, erase_steps, ARRAY_SIZE(erase_steps));
2177 mutex_unlock(&dev->dev_lock);
2178
2179 return ret;
2180 }
2181
2182 static int opal_erase_locking_range(struct opal_dev *dev,
2183 struct opal_session_info *opal_session)
2184 {
2185 const struct opal_step erase_steps[] = {
2186 { start_auth_opal_session, opal_session },
2187 { erase_locking_range, opal_session },
2188 { end_opal_session, }
2189 };
2190 int ret;
2191
2192 mutex_lock(&dev->dev_lock);
2193 setup_opal_dev(dev);
2194 ret = execute_steps(dev, erase_steps, ARRAY_SIZE(erase_steps));
2195 mutex_unlock(&dev->dev_lock);
2196
2197 return ret;
2198 }
2199
2200 static int opal_enable_disable_shadow_mbr(struct opal_dev *dev,
2201 struct opal_mbr_data *opal_mbr)
2202 {
2203 u8 enable_disable = opal_mbr->enable_disable == OPAL_MBR_ENABLE ?
2204 OPAL_TRUE : OPAL_FALSE;
2205
2206 const struct opal_step mbr_steps[] = {
2207 { start_admin1LSP_opal_session, &opal_mbr->key },
2208 { set_mbr_done, &enable_disable },
2209 { end_opal_session, },
2210 { start_admin1LSP_opal_session, &opal_mbr->key },
2211 { set_mbr_enable_disable, &enable_disable },
2212 { end_opal_session, }
2213 };
2214 int ret;
2215
2216 if (opal_mbr->enable_disable != OPAL_MBR_ENABLE &&
2217 opal_mbr->enable_disable != OPAL_MBR_DISABLE)
2218 return -EINVAL;
2219
2220 mutex_lock(&dev->dev_lock);
2221 setup_opal_dev(dev);
2222 ret = execute_steps(dev, mbr_steps, ARRAY_SIZE(mbr_steps));
2223 mutex_unlock(&dev->dev_lock);
2224
2225 return ret;
2226 }
2227
2228 static int opal_set_mbr_done(struct opal_dev *dev,
2229 struct opal_mbr_done *mbr_done)
2230 {
2231 u8 mbr_done_tf = mbr_done->done_flag == OPAL_MBR_DONE ?
2232 OPAL_TRUE : OPAL_FALSE;
2233
2234 const struct opal_step mbr_steps[] = {
2235 { start_admin1LSP_opal_session, &mbr_done->key },
2236 { set_mbr_done, &mbr_done_tf },
2237 { end_opal_session, }
2238 };
2239 int ret;
2240
2241 if (mbr_done->done_flag != OPAL_MBR_DONE &&
2242 mbr_done->done_flag != OPAL_MBR_NOT_DONE)
2243 return -EINVAL;
2244
2245 mutex_lock(&dev->dev_lock);
2246 setup_opal_dev(dev);
2247 ret = execute_steps(dev, mbr_steps, ARRAY_SIZE(mbr_steps));
2248 mutex_unlock(&dev->dev_lock);
2249
2250 return ret;
2251 }
2252
2253 static int opal_write_shadow_mbr(struct opal_dev *dev,
2254 struct opal_shadow_mbr *info)
2255 {
2256 const struct opal_step mbr_steps[] = {
2257 { start_admin1LSP_opal_session, &info->key },
2258 { write_shadow_mbr, info },
2259 { end_opal_session, }
2260 };
2261 int ret;
2262
2263 if (info->size == 0)
2264 return 0;
2265
2266 mutex_lock(&dev->dev_lock);
2267 setup_opal_dev(dev);
2268 ret = execute_steps(dev, mbr_steps, ARRAY_SIZE(mbr_steps));
2269 mutex_unlock(&dev->dev_lock);
2270
2271 return ret;
2272 }
2273
2274 static int opal_save(struct opal_dev *dev, struct opal_lock_unlock *lk_unlk)
2275 {
2276 struct opal_suspend_data *suspend;
2277
2278 suspend = kzalloc(sizeof(*suspend), GFP_KERNEL);
2279 if (!suspend)
2280 return -ENOMEM;
2281
2282 suspend->unlk = *lk_unlk;
2283 suspend->lr = lk_unlk->session.opal_key.lr;
2284
2285 mutex_lock(&dev->dev_lock);
2286 setup_opal_dev(dev);
2287 add_suspend_info(dev, suspend);
2288 mutex_unlock(&dev->dev_lock);
2289
2290 return 0;
2291 }
2292
2293 static int opal_add_user_to_lr(struct opal_dev *dev,
2294 struct opal_lock_unlock *lk_unlk)
2295 {
2296 const struct opal_step steps[] = {
2297 { start_admin1LSP_opal_session, &lk_unlk->session.opal_key },
2298 { add_user_to_lr, lk_unlk },
2299 { end_opal_session, }
2300 };
2301 int ret;
2302
2303 if (lk_unlk->l_state != OPAL_RO &&
2304 lk_unlk->l_state != OPAL_RW) {
2305 pr_debug("Locking state was not RO or RW\n");
2306 return -EINVAL;
2307 }
2308
2309 if (lk_unlk->session.who < OPAL_USER1 ||
2310 lk_unlk->session.who > OPAL_USER9) {
2311 pr_debug("Authority was not within the range of users: %d\n",
2312 lk_unlk->session.who);
2313 return -EINVAL;
2314 }
2315
2316 if (lk_unlk->session.sum) {
2317 pr_debug("%s not supported in sum. Use setup locking range\n",
2318 __func__);
2319 return -EINVAL;
2320 }
2321
2322 mutex_lock(&dev->dev_lock);
2323 setup_opal_dev(dev);
2324 ret = execute_steps(dev, steps, ARRAY_SIZE(steps));
2325 mutex_unlock(&dev->dev_lock);
2326
2327 return ret;
2328 }
2329
2330 static int opal_reverttper(struct opal_dev *dev, struct opal_key *opal, bool psid)
2331 {
2332
2333 const struct opal_step revert_steps[] = {
2334 { start_SIDASP_opal_session, opal },
2335 { revert_tper, }
2336 };
2337 const struct opal_step psid_revert_steps[] = {
2338 { start_PSID_opal_session, opal },
2339 { revert_tper, }
2340 };
2341
2342 int ret;
2343
2344 mutex_lock(&dev->dev_lock);
2345 setup_opal_dev(dev);
2346 if (psid)
2347 ret = execute_steps(dev, psid_revert_steps,
2348 ARRAY_SIZE(psid_revert_steps));
2349 else
2350 ret = execute_steps(dev, revert_steps,
2351 ARRAY_SIZE(revert_steps));
2352 mutex_unlock(&dev->dev_lock);
2353
2354
2355
2356
2357
2358 if (!ret)
2359 clean_opal_dev(dev);
2360
2361 return ret;
2362 }
2363
2364 static int __opal_lock_unlock(struct opal_dev *dev,
2365 struct opal_lock_unlock *lk_unlk)
2366 {
2367 const struct opal_step unlock_steps[] = {
2368 { start_auth_opal_session, &lk_unlk->session },
2369 { lock_unlock_locking_range, lk_unlk },
2370 { end_opal_session, }
2371 };
2372 const struct opal_step unlock_sum_steps[] = {
2373 { start_auth_opal_session, &lk_unlk->session },
2374 { lock_unlock_locking_range_sum, lk_unlk },
2375 { end_opal_session, }
2376 };
2377
2378 if (lk_unlk->session.sum)
2379 return execute_steps(dev, unlock_sum_steps,
2380 ARRAY_SIZE(unlock_sum_steps));
2381 else
2382 return execute_steps(dev, unlock_steps,
2383 ARRAY_SIZE(unlock_steps));
2384 }
2385
2386 static int __opal_set_mbr_done(struct opal_dev *dev, struct opal_key *key)
2387 {
2388 u8 mbr_done_tf = OPAL_TRUE;
2389 const struct opal_step mbrdone_step[] = {
2390 { start_admin1LSP_opal_session, key },
2391 { set_mbr_done, &mbr_done_tf },
2392 { end_opal_session, }
2393 };
2394
2395 return execute_steps(dev, mbrdone_step, ARRAY_SIZE(mbrdone_step));
2396 }
2397
2398 static int opal_lock_unlock(struct opal_dev *dev,
2399 struct opal_lock_unlock *lk_unlk)
2400 {
2401 int ret;
2402
2403 if (lk_unlk->session.who > OPAL_USER9)
2404 return -EINVAL;
2405
2406 mutex_lock(&dev->dev_lock);
2407 ret = __opal_lock_unlock(dev, lk_unlk);
2408 mutex_unlock(&dev->dev_lock);
2409
2410 return ret;
2411 }
2412
2413 static int opal_take_ownership(struct opal_dev *dev, struct opal_key *opal)
2414 {
2415 const struct opal_step owner_steps[] = {
2416 { start_anybodyASP_opal_session, },
2417 { get_msid_cpin_pin, },
2418 { end_opal_session, },
2419 { start_SIDASP_opal_session, opal },
2420 { set_sid_cpin_pin, opal },
2421 { end_opal_session, }
2422 };
2423 int ret;
2424
2425 if (!dev)
2426 return -ENODEV;
2427
2428 mutex_lock(&dev->dev_lock);
2429 setup_opal_dev(dev);
2430 ret = execute_steps(dev, owner_steps, ARRAY_SIZE(owner_steps));
2431 mutex_unlock(&dev->dev_lock);
2432
2433 return ret;
2434 }
2435
2436 static int opal_activate_lsp(struct opal_dev *dev,
2437 struct opal_lr_act *opal_lr_act)
2438 {
2439 const struct opal_step active_steps[] = {
2440 { start_SIDASP_opal_session, &opal_lr_act->key },
2441 { get_lsp_lifecycle, },
2442 { activate_lsp, opal_lr_act },
2443 { end_opal_session, }
2444 };
2445 int ret;
2446
2447 if (!opal_lr_act->num_lrs || opal_lr_act->num_lrs > OPAL_MAX_LRS)
2448 return -EINVAL;
2449
2450 mutex_lock(&dev->dev_lock);
2451 setup_opal_dev(dev);
2452 ret = execute_steps(dev, active_steps, ARRAY_SIZE(active_steps));
2453 mutex_unlock(&dev->dev_lock);
2454
2455 return ret;
2456 }
2457
2458 static int opal_setup_locking_range(struct opal_dev *dev,
2459 struct opal_user_lr_setup *opal_lrs)
2460 {
2461 const struct opal_step lr_steps[] = {
2462 { start_auth_opal_session, &opal_lrs->session },
2463 { setup_locking_range, opal_lrs },
2464 { end_opal_session, }
2465 };
2466 int ret;
2467
2468 mutex_lock(&dev->dev_lock);
2469 setup_opal_dev(dev);
2470 ret = execute_steps(dev, lr_steps, ARRAY_SIZE(lr_steps));
2471 mutex_unlock(&dev->dev_lock);
2472
2473 return ret;
2474 }
2475
2476 static int opal_set_new_pw(struct opal_dev *dev, struct opal_new_pw *opal_pw)
2477 {
2478 const struct opal_step pw_steps[] = {
2479 { start_auth_opal_session, &opal_pw->session },
2480 { set_new_pw, &opal_pw->new_user_pw },
2481 { end_opal_session, }
2482 };
2483 int ret;
2484
2485 if (opal_pw->session.who > OPAL_USER9 ||
2486 opal_pw->new_user_pw.who > OPAL_USER9)
2487 return -EINVAL;
2488
2489 mutex_lock(&dev->dev_lock);
2490 setup_opal_dev(dev);
2491 ret = execute_steps(dev, pw_steps, ARRAY_SIZE(pw_steps));
2492 mutex_unlock(&dev->dev_lock);
2493
2494 return ret;
2495 }
2496
2497 static int opal_activate_user(struct opal_dev *dev,
2498 struct opal_session_info *opal_session)
2499 {
2500 const struct opal_step act_steps[] = {
2501 { start_admin1LSP_opal_session, &opal_session->opal_key },
2502 { internal_activate_user, opal_session },
2503 { end_opal_session, }
2504 };
2505 int ret;
2506
2507
2508 if (opal_session->who < OPAL_USER1 ||
2509 opal_session->who > OPAL_USER9) {
2510 pr_debug("Who was not a valid user: %d\n", opal_session->who);
2511 return -EINVAL;
2512 }
2513
2514 mutex_lock(&dev->dev_lock);
2515 setup_opal_dev(dev);
2516 ret = execute_steps(dev, act_steps, ARRAY_SIZE(act_steps));
2517 mutex_unlock(&dev->dev_lock);
2518
2519 return ret;
2520 }
2521
2522 bool opal_unlock_from_suspend(struct opal_dev *dev)
2523 {
2524 struct opal_suspend_data *suspend;
2525 bool was_failure = false;
2526 int ret = 0;
2527
2528 if (!dev)
2529 return false;
2530
2531 if (!dev->supported)
2532 return false;
2533
2534 mutex_lock(&dev->dev_lock);
2535 setup_opal_dev(dev);
2536
2537 list_for_each_entry(suspend, &dev->unlk_lst, node) {
2538 dev->tsn = 0;
2539 dev->hsn = 0;
2540
2541 ret = __opal_lock_unlock(dev, &suspend->unlk);
2542 if (ret) {
2543 pr_debug("Failed to unlock LR %hhu with sum %d\n",
2544 suspend->unlk.session.opal_key.lr,
2545 suspend->unlk.session.sum);
2546 was_failure = true;
2547 }
2548
2549 if (dev->mbr_enabled) {
2550 ret = __opal_set_mbr_done(dev, &suspend->unlk.session.opal_key);
2551 if (ret)
2552 pr_debug("Failed to set MBR Done in S3 resume\n");
2553 }
2554 }
2555 mutex_unlock(&dev->dev_lock);
2556
2557 return was_failure;
2558 }
2559 EXPORT_SYMBOL(opal_unlock_from_suspend);
2560
2561 static int opal_read_table(struct opal_dev *dev,
2562 struct opal_read_write_table *rw_tbl)
2563 {
2564 const struct opal_step read_table_steps[] = {
2565 { start_admin1LSP_opal_session, &rw_tbl->key },
2566 { read_table_data, rw_tbl },
2567 { end_opal_session, }
2568 };
2569 int ret = 0;
2570
2571 if (!rw_tbl->size)
2572 return ret;
2573
2574 return execute_steps(dev, read_table_steps,
2575 ARRAY_SIZE(read_table_steps));
2576 }
2577
2578 static int opal_write_table(struct opal_dev *dev,
2579 struct opal_read_write_table *rw_tbl)
2580 {
2581 const struct opal_step write_table_steps[] = {
2582 { start_admin1LSP_opal_session, &rw_tbl->key },
2583 { write_table_data, rw_tbl },
2584 { end_opal_session, }
2585 };
2586 int ret = 0;
2587
2588 if (!rw_tbl->size)
2589 return ret;
2590
2591 return execute_steps(dev, write_table_steps,
2592 ARRAY_SIZE(write_table_steps));
2593 }
2594
2595 static int opal_generic_read_write_table(struct opal_dev *dev,
2596 struct opal_read_write_table *rw_tbl)
2597 {
2598 int ret, bit_set;
2599
2600 mutex_lock(&dev->dev_lock);
2601 setup_opal_dev(dev);
2602
2603 bit_set = fls64(rw_tbl->flags) - 1;
2604 switch (bit_set) {
2605 case OPAL_READ_TABLE:
2606 ret = opal_read_table(dev, rw_tbl);
2607 break;
2608 case OPAL_WRITE_TABLE:
2609 ret = opal_write_table(dev, rw_tbl);
2610 break;
2611 default:
2612 pr_debug("Invalid bit set in the flag (%016llx).\n",
2613 rw_tbl->flags);
2614 ret = -EINVAL;
2615 break;
2616 }
2617
2618 mutex_unlock(&dev->dev_lock);
2619
2620 return ret;
2621 }
2622
2623 int sed_ioctl(struct opal_dev *dev, unsigned int cmd, void __user *arg)
2624 {
2625 void *p;
2626 int ret = -ENOTTY;
2627
2628 if (!capable(CAP_SYS_ADMIN))
2629 return -EACCES;
2630 if (!dev)
2631 return -ENOTSUPP;
2632 if (!dev->supported)
2633 return -ENOTSUPP;
2634
2635 p = memdup_user(arg, _IOC_SIZE(cmd));
2636 if (IS_ERR(p))
2637 return PTR_ERR(p);
2638
2639 switch (cmd) {
2640 case IOC_OPAL_SAVE:
2641 ret = opal_save(dev, p);
2642 break;
2643 case IOC_OPAL_LOCK_UNLOCK:
2644 ret = opal_lock_unlock(dev, p);
2645 break;
2646 case IOC_OPAL_TAKE_OWNERSHIP:
2647 ret = opal_take_ownership(dev, p);
2648 break;
2649 case IOC_OPAL_ACTIVATE_LSP:
2650 ret = opal_activate_lsp(dev, p);
2651 break;
2652 case IOC_OPAL_SET_PW:
2653 ret = opal_set_new_pw(dev, p);
2654 break;
2655 case IOC_OPAL_ACTIVATE_USR:
2656 ret = opal_activate_user(dev, p);
2657 break;
2658 case IOC_OPAL_REVERT_TPR:
2659 ret = opal_reverttper(dev, p, false);
2660 break;
2661 case IOC_OPAL_LR_SETUP:
2662 ret = opal_setup_locking_range(dev, p);
2663 break;
2664 case IOC_OPAL_ADD_USR_TO_LR:
2665 ret = opal_add_user_to_lr(dev, p);
2666 break;
2667 case IOC_OPAL_ENABLE_DISABLE_MBR:
2668 ret = opal_enable_disable_shadow_mbr(dev, p);
2669 break;
2670 case IOC_OPAL_MBR_DONE:
2671 ret = opal_set_mbr_done(dev, p);
2672 break;
2673 case IOC_OPAL_WRITE_SHADOW_MBR:
2674 ret = opal_write_shadow_mbr(dev, p);
2675 break;
2676 case IOC_OPAL_ERASE_LR:
2677 ret = opal_erase_locking_range(dev, p);
2678 break;
2679 case IOC_OPAL_SECURE_ERASE_LR:
2680 ret = opal_secure_erase_locking_range(dev, p);
2681 break;
2682 case IOC_OPAL_PSID_REVERT_TPR:
2683 ret = opal_reverttper(dev, p, true);
2684 break;
2685 case IOC_OPAL_GENERIC_TABLE_RW:
2686 ret = opal_generic_read_write_table(dev, p);
2687 break;
2688 default:
2689 break;
2690 }
2691
2692 kfree(p);
2693 return ret;
2694 }
2695 EXPORT_SYMBOL_GPL(sed_ioctl);