Back to home page

OSCL-LXR

 
 

    


0001 // SPDX-License-Identifier: GPL-2.0
0002 /*
0003  * Copyright © 2016 Intel Corporation
0004  *
0005  * Authors:
0006  *    Scott  Bauer      <scott.bauer@intel.com>
0007  *    Rafael Antognolli <rafael.antognolli@intel.com>
0008  */
0009 
0010 #define pr_fmt(fmt) KBUILD_MODNAME ":OPAL: " fmt
0011 
0012 #include <linux/delay.h>
0013 #include <linux/device.h>
0014 #include <linux/kernel.h>
0015 #include <linux/list.h>
0016 #include <linux/blkdev.h>
0017 #include <linux/slab.h>
0018 #include <linux/uaccess.h>
0019 #include <uapi/linux/sed-opal.h>
0020 #include <linux/sed-opal.h>
0021 #include <linux/string.h>
0022 #include <linux/kdev_t.h>
0023 
0024 #include "opal_proto.h"
0025 
0026 #define IO_BUFFER_LENGTH 2048
0027 #define MAX_TOKS 64
0028 
0029 /* Number of bytes needed by cmd_finalize. */
0030 #define CMD_FINALIZE_BYTES_NEEDED 7
0031 
0032 struct opal_step {
0033     int (*fn)(struct opal_dev *dev, void *data);
0034     void *data;
0035 };
0036 typedef int (cont_fn)(struct opal_dev *dev);
0037 
0038 enum opal_atom_width {
0039     OPAL_WIDTH_TINY,
0040     OPAL_WIDTH_SHORT,
0041     OPAL_WIDTH_MEDIUM,
0042     OPAL_WIDTH_LONG,
0043     OPAL_WIDTH_TOKEN
0044 };
0045 
0046 /*
0047  * On the parsed response, we don't store again the toks that are already
0048  * stored in the response buffer. Instead, for each token, we just store a
0049  * pointer to the position in the buffer where the token starts, and the size
0050  * of the token in bytes.
0051  */
0052 struct opal_resp_tok {
0053     const u8 *pos;
0054     size_t len;
0055     enum opal_response_token type;
0056     enum opal_atom_width width;
0057     union {
0058         u64 u;
0059         s64 s;
0060     } stored;
0061 };
0062 
0063 /*
0064  * From the response header it's not possible to know how many tokens there are
0065  * on the payload. So we hardcode that the maximum will be MAX_TOKS, and later
0066  * if we start dealing with messages that have more than that, we can increase
0067  * this number. This is done to avoid having to make two passes through the
0068  * response, the first one counting how many tokens we have and the second one
0069  * actually storing the positions.
0070  */
0071 struct parsed_resp {
0072     int num;
0073     struct opal_resp_tok toks[MAX_TOKS];
0074 };
0075 
0076 struct opal_dev {
0077     bool supported;
0078     bool mbr_enabled;
0079 
0080     void *data;
0081     sec_send_recv *send_recv;
0082 
0083     struct mutex dev_lock;
0084     u16 comid;
0085     u32 hsn;
0086     u32 tsn;
0087     u64 align;
0088     u64 lowest_lba;
0089 
0090     size_t pos;
0091     u8 cmd[IO_BUFFER_LENGTH];
0092     u8 resp[IO_BUFFER_LENGTH];
0093 
0094     struct parsed_resp parsed;
0095     size_t prev_d_len;
0096     void *prev_data;
0097 
0098     struct list_head unlk_lst;
0099 };
0100 
0101 
0102 static const u8 opaluid[][OPAL_UID_LENGTH] = {
0103     /* users */
0104     [OPAL_SMUID_UID] =
0105         { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff },
0106     [OPAL_THISSP_UID] =
0107         { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 },
0108     [OPAL_ADMINSP_UID] =
0109         { 0x00, 0x00, 0x02, 0x05, 0x00, 0x00, 0x00, 0x01 },
0110     [OPAL_LOCKINGSP_UID] =
0111         { 0x00, 0x00, 0x02, 0x05, 0x00, 0x00, 0x00, 0x02 },
0112     [OPAL_ENTERPRISE_LOCKINGSP_UID] =
0113         { 0x00, 0x00, 0x02, 0x05, 0x00, 0x01, 0x00, 0x01 },
0114     [OPAL_ANYBODY_UID] =
0115         { 0x00, 0x00, 0x00, 0x09, 0x00, 0x00, 0x00, 0x01 },
0116     [OPAL_SID_UID] =
0117         { 0x00, 0x00, 0x00, 0x09, 0x00, 0x00, 0x00, 0x06 },
0118     [OPAL_ADMIN1_UID] =
0119         { 0x00, 0x00, 0x00, 0x09, 0x00, 0x01, 0x00, 0x01 },
0120     [OPAL_USER1_UID] =
0121         { 0x00, 0x00, 0x00, 0x09, 0x00, 0x03, 0x00, 0x01 },
0122     [OPAL_USER2_UID] =
0123         { 0x00, 0x00, 0x00, 0x09, 0x00, 0x03, 0x00, 0x02 },
0124     [OPAL_PSID_UID] =
0125         { 0x00, 0x00, 0x00, 0x09, 0x00, 0x01, 0xff, 0x01 },
0126     [OPAL_ENTERPRISE_BANDMASTER0_UID] =
0127         { 0x00, 0x00, 0x00, 0x09, 0x00, 0x00, 0x80, 0x01 },
0128     [OPAL_ENTERPRISE_ERASEMASTER_UID] =
0129         { 0x00, 0x00, 0x00, 0x09, 0x00, 0x00, 0x84, 0x01 },
0130 
0131     /* tables */
0132     [OPAL_TABLE_TABLE] =
0133         { 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x01 },
0134     [OPAL_LOCKINGRANGE_GLOBAL] =
0135         { 0x00, 0x00, 0x08, 0x02, 0x00, 0x00, 0x00, 0x01 },
0136     [OPAL_LOCKINGRANGE_ACE_RDLOCKED] =
0137         { 0x00, 0x00, 0x00, 0x08, 0x00, 0x03, 0xE0, 0x01 },
0138     [OPAL_LOCKINGRANGE_ACE_WRLOCKED] =
0139         { 0x00, 0x00, 0x00, 0x08, 0x00, 0x03, 0xE8, 0x01 },
0140     [OPAL_MBRCONTROL] =
0141         { 0x00, 0x00, 0x08, 0x03, 0x00, 0x00, 0x00, 0x01 },
0142     [OPAL_MBR] =
0143         { 0x00, 0x00, 0x08, 0x04, 0x00, 0x00, 0x00, 0x00 },
0144     [OPAL_AUTHORITY_TABLE] =
0145         { 0x00, 0x00, 0x00, 0x09, 0x00, 0x00, 0x00, 0x00},
0146     [OPAL_C_PIN_TABLE] =
0147         { 0x00, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0x00},
0148     [OPAL_LOCKING_INFO_TABLE] =
0149         { 0x00, 0x00, 0x08, 0x01, 0x00, 0x00, 0x00, 0x01 },
0150     [OPAL_ENTERPRISE_LOCKING_INFO_TABLE] =
0151         { 0x00, 0x00, 0x08, 0x01, 0x00, 0x00, 0x00, 0x00 },
0152     [OPAL_DATASTORE] =
0153         { 0x00, 0x00, 0x10, 0x01, 0x00, 0x00, 0x00, 0x00 },
0154 
0155     /* C_PIN_TABLE object ID's */
0156     [OPAL_C_PIN_MSID] =
0157         { 0x00, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x84, 0x02},
0158     [OPAL_C_PIN_SID] =
0159         { 0x00, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0x01},
0160     [OPAL_C_PIN_ADMIN1] =
0161         { 0x00, 0x00, 0x00, 0x0B, 0x00, 0x01, 0x00, 0x01},
0162 
0163     /* half UID's (only first 4 bytes used) */
0164     [OPAL_HALF_UID_AUTHORITY_OBJ_REF] =
0165         { 0x00, 0x00, 0x0C, 0x05, 0xff, 0xff, 0xff, 0xff },
0166     [OPAL_HALF_UID_BOOLEAN_ACE] =
0167         { 0x00, 0x00, 0x04, 0x0E, 0xff, 0xff, 0xff, 0xff },
0168 
0169     /* special value for omitted optional parameter */
0170     [OPAL_UID_HEXFF] =
0171         { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff},
0172 };
0173 
0174 /*
0175  * TCG Storage SSC Methods.
0176  * Derived from: TCG_Storage_Architecture_Core_Spec_v2.01_r1.00
0177  * Section: 6.3 Assigned UIDs
0178  */
0179 static const u8 opalmethod[][OPAL_METHOD_LENGTH] = {
0180     [OPAL_PROPERTIES] =
0181         { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0x01 },
0182     [OPAL_STARTSESSION] =
0183         { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0x02 },
0184     [OPAL_REVERT] =
0185         { 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x02, 0x02 },
0186     [OPAL_ACTIVATE] =
0187         { 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x02, 0x03 },
0188     [OPAL_EGET] =
0189         { 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x06 },
0190     [OPAL_ESET] =
0191         { 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x07 },
0192     [OPAL_NEXT] =
0193         { 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x08 },
0194     [OPAL_EAUTHENTICATE] =
0195         { 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x0c },
0196     [OPAL_GETACL] =
0197         { 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x0d },
0198     [OPAL_GENKEY] =
0199         { 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x10 },
0200     [OPAL_REVERTSP] =
0201         { 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x11 },
0202     [OPAL_GET] =
0203         { 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x16 },
0204     [OPAL_SET] =
0205         { 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x17 },
0206     [OPAL_AUTHENTICATE] =
0207         { 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x1c },
0208     [OPAL_RANDOM] =
0209         { 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x06, 0x01 },
0210     [OPAL_ERASE] =
0211         { 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x08, 0x03 },
0212 };
0213 
0214 static int end_opal_session_error(struct opal_dev *dev);
0215 static int opal_discovery0_step(struct opal_dev *dev);
0216 
0217 struct opal_suspend_data {
0218     struct opal_lock_unlock unlk;
0219     u8 lr;
0220     struct list_head node;
0221 };
0222 
0223 /*
0224  * Derived from:
0225  * TCG_Storage_Architecture_Core_Spec_v2.01_r1.00
0226  * Section: 5.1.5 Method Status Codes
0227  */
0228 static const char * const opal_errors[] = {
0229     "Success",
0230     "Not Authorized",
0231     "Unknown Error",
0232     "SP Busy",
0233     "SP Failed",
0234     "SP Disabled",
0235     "SP Frozen",
0236     "No Sessions Available",
0237     "Uniqueness Conflict",
0238     "Insufficient Space",
0239     "Insufficient Rows",
0240     "Invalid Function",
0241     "Invalid Parameter",
0242     "Invalid Reference",
0243     "Unknown Error",
0244     "TPER Malfunction",
0245     "Transaction Failure",
0246     "Response Overflow",
0247     "Authority Locked Out",
0248 };
0249 
0250 static const char *opal_error_to_human(int error)
0251 {
0252     if (error == 0x3f)
0253         return "Failed";
0254 
0255     if (error >= ARRAY_SIZE(opal_errors) || error < 0)
0256         return "Unknown Error";
0257 
0258     return opal_errors[error];
0259 }
0260 
0261 static void print_buffer(const u8 *ptr, u32 length)
0262 {
0263 #ifdef DEBUG
0264     print_hex_dump_bytes("OPAL: ", DUMP_PREFIX_OFFSET, ptr, length);
0265     pr_debug("\n");
0266 #endif
0267 }
0268 
0269 static bool check_tper(const void *data)
0270 {
0271     const struct d0_tper_features *tper = data;
0272     u8 flags = tper->supported_features;
0273 
0274     if (!(flags & TPER_SYNC_SUPPORTED)) {
0275         pr_debug("TPer sync not supported. flags = %d\n",
0276              tper->supported_features);
0277         return false;
0278     }
0279 
0280     return true;
0281 }
0282 
0283 static bool check_mbrenabled(const void *data)
0284 {
0285     const struct d0_locking_features *lfeat = data;
0286     u8 sup_feat = lfeat->supported_features;
0287 
0288     return !!(sup_feat & MBR_ENABLED_MASK);
0289 }
0290 
0291 static bool check_sum(const void *data)
0292 {
0293     const struct d0_single_user_mode *sum = data;
0294     u32 nlo = be32_to_cpu(sum->num_locking_objects);
0295 
0296     if (nlo == 0) {
0297         pr_debug("Need at least one locking object.\n");
0298         return false;
0299     }
0300 
0301     pr_debug("Number of locking objects: %d\n", nlo);
0302 
0303     return true;
0304 }
0305 
0306 static u16 get_comid_v100(const void *data)
0307 {
0308     const struct d0_opal_v100 *v100 = data;
0309 
0310     return be16_to_cpu(v100->baseComID);
0311 }
0312 
0313 static u16 get_comid_v200(const void *data)
0314 {
0315     const struct d0_opal_v200 *v200 = data;
0316 
0317     return be16_to_cpu(v200->baseComID);
0318 }
0319 
0320 static int opal_send_cmd(struct opal_dev *dev)
0321 {
0322     return dev->send_recv(dev->data, dev->comid, TCG_SECP_01,
0323                   dev->cmd, IO_BUFFER_LENGTH,
0324                   true);
0325 }
0326 
0327 static int opal_recv_cmd(struct opal_dev *dev)
0328 {
0329     return dev->send_recv(dev->data, dev->comid, TCG_SECP_01,
0330                   dev->resp, IO_BUFFER_LENGTH,
0331                   false);
0332 }
0333 
0334 static int opal_recv_check(struct opal_dev *dev)
0335 {
0336     size_t buflen = IO_BUFFER_LENGTH;
0337     void *buffer = dev->resp;
0338     struct opal_header *hdr = buffer;
0339     int ret;
0340 
0341     do {
0342         pr_debug("Sent OPAL command: outstanding=%d, minTransfer=%d\n",
0343              hdr->cp.outstandingData,
0344              hdr->cp.minTransfer);
0345 
0346         if (hdr->cp.outstandingData == 0 ||
0347             hdr->cp.minTransfer != 0)
0348             return 0;
0349 
0350         memset(buffer, 0, buflen);
0351         ret = opal_recv_cmd(dev);
0352     } while (!ret);
0353 
0354     return ret;
0355 }
0356 
0357 static int opal_send_recv(struct opal_dev *dev, cont_fn *cont)
0358 {
0359     int ret;
0360 
0361     ret = opal_send_cmd(dev);
0362     if (ret)
0363         return ret;
0364     ret = opal_recv_cmd(dev);
0365     if (ret)
0366         return ret;
0367     ret = opal_recv_check(dev);
0368     if (ret)
0369         return ret;
0370     return cont(dev);
0371 }
0372 
0373 static void check_geometry(struct opal_dev *dev, const void *data)
0374 {
0375     const struct d0_geometry_features *geo = data;
0376 
0377     dev->align = be64_to_cpu(geo->alignment_granularity);
0378     dev->lowest_lba = be64_to_cpu(geo->lowest_aligned_lba);
0379 }
0380 
0381 static int execute_step(struct opal_dev *dev,
0382             const struct opal_step *step, size_t stepIndex)
0383 {
0384     int error = step->fn(dev, step->data);
0385 
0386     if (error) {
0387         pr_debug("Step %zu (%pS) failed with error %d: %s\n",
0388              stepIndex, step->fn, error,
0389              opal_error_to_human(error));
0390     }
0391 
0392     return error;
0393 }
0394 
0395 static int execute_steps(struct opal_dev *dev,
0396              const struct opal_step *steps, size_t n_steps)
0397 {
0398     size_t state = 0;
0399     int error;
0400 
0401     /* first do a discovery0 */
0402     error = opal_discovery0_step(dev);
0403     if (error)
0404         return error;
0405 
0406     for (state = 0; state < n_steps; state++) {
0407         error = execute_step(dev, &steps[state], state);
0408         if (error)
0409             goto out_error;
0410     }
0411 
0412     return 0;
0413 
0414 out_error:
0415     /*
0416      * For each OPAL command the first step in steps starts some sort of
0417      * session. If an error occurred in the initial discovery0 or if an
0418      * error occurred in the first step (and thus stopping the loop with
0419      * state == 0) then there was an error before or during the attempt to
0420      * start a session. Therefore we shouldn't attempt to terminate a
0421      * session, as one has not yet been created.
0422      */
0423     if (state > 0)
0424         end_opal_session_error(dev);
0425 
0426     return error;
0427 }
0428 
0429 static int opal_discovery0_end(struct opal_dev *dev)
0430 {
0431     bool found_com_id = false, supported = true, single_user = false;
0432     const struct d0_header *hdr = (struct d0_header *)dev->resp;
0433     const u8 *epos = dev->resp, *cpos = dev->resp;
0434     u16 comid = 0;
0435     u32 hlen = be32_to_cpu(hdr->length);
0436 
0437     print_buffer(dev->resp, hlen);
0438     dev->mbr_enabled = false;
0439 
0440     if (hlen > IO_BUFFER_LENGTH - sizeof(*hdr)) {
0441         pr_debug("Discovery length overflows buffer (%zu+%u)/%u\n",
0442              sizeof(*hdr), hlen, IO_BUFFER_LENGTH);
0443         return -EFAULT;
0444     }
0445 
0446     epos += hlen; /* end of buffer */
0447     cpos += sizeof(*hdr); /* current position on buffer */
0448 
0449     while (cpos < epos && supported) {
0450         const struct d0_features *body =
0451             (const struct d0_features *)cpos;
0452 
0453         switch (be16_to_cpu(body->code)) {
0454         case FC_TPER:
0455             supported = check_tper(body->features);
0456             break;
0457         case FC_SINGLEUSER:
0458             single_user = check_sum(body->features);
0459             break;
0460         case FC_GEOMETRY:
0461             check_geometry(dev, body);
0462             break;
0463         case FC_LOCKING:
0464             dev->mbr_enabled = check_mbrenabled(body->features);
0465             break;
0466         case FC_ENTERPRISE:
0467         case FC_DATASTORE:
0468             /* some ignored properties */
0469             pr_debug("Found OPAL feature description: %d\n",
0470                  be16_to_cpu(body->code));
0471             break;
0472         case FC_OPALV100:
0473             comid = get_comid_v100(body->features);
0474             found_com_id = true;
0475             break;
0476         case FC_OPALV200:
0477             comid = get_comid_v200(body->features);
0478             found_com_id = true;
0479             break;
0480         case 0xbfff ... 0xffff:
0481             /* vendor specific, just ignore */
0482             break;
0483         default:
0484             pr_debug("OPAL Unknown feature: %d\n",
0485                  be16_to_cpu(body->code));
0486 
0487         }
0488         cpos += body->length + 4;
0489     }
0490 
0491     if (!supported) {
0492         pr_debug("This device is not Opal enabled. Not Supported!\n");
0493         return -EOPNOTSUPP;
0494     }
0495 
0496     if (!single_user)
0497         pr_debug("Device doesn't support single user mode\n");
0498 
0499 
0500     if (!found_com_id) {
0501         pr_debug("Could not find OPAL comid for device. Returning early\n");
0502         return -EOPNOTSUPP;
0503     }
0504 
0505     dev->comid = comid;
0506 
0507     return 0;
0508 }
0509 
0510 static int opal_discovery0(struct opal_dev *dev, void *data)
0511 {
0512     int ret;
0513 
0514     memset(dev->resp, 0, IO_BUFFER_LENGTH);
0515     dev->comid = OPAL_DISCOVERY_COMID;
0516     ret = opal_recv_cmd(dev);
0517     if (ret)
0518         return ret;
0519 
0520     return opal_discovery0_end(dev);
0521 }
0522 
0523 static int opal_discovery0_step(struct opal_dev *dev)
0524 {
0525     const struct opal_step discovery0_step = {
0526         opal_discovery0,
0527     };
0528 
0529     return execute_step(dev, &discovery0_step, 0);
0530 }
0531 
0532 static size_t remaining_size(struct opal_dev *cmd)
0533 {
0534     return IO_BUFFER_LENGTH - cmd->pos;
0535 }
0536 
0537 static bool can_add(int *err, struct opal_dev *cmd, size_t len)
0538 {
0539     if (*err)
0540         return false;
0541 
0542     if (remaining_size(cmd) < len) {
0543         pr_debug("Error adding %zu bytes: end of buffer.\n", len);
0544         *err = -ERANGE;
0545         return false;
0546     }
0547 
0548     return true;
0549 }
0550 
0551 static void add_token_u8(int *err, struct opal_dev *cmd, u8 tok)
0552 {
0553     if (!can_add(err, cmd, 1))
0554         return;
0555 
0556     cmd->cmd[cmd->pos++] = tok;
0557 }
0558 
0559 static void add_short_atom_header(struct opal_dev *cmd, bool bytestring,
0560                   bool has_sign, int len)
0561 {
0562     u8 atom;
0563     int err = 0;
0564 
0565     atom = SHORT_ATOM_ID;
0566     atom |= bytestring ? SHORT_ATOM_BYTESTRING : 0;
0567     atom |= has_sign ? SHORT_ATOM_SIGNED : 0;
0568     atom |= len & SHORT_ATOM_LEN_MASK;
0569 
0570     add_token_u8(&err, cmd, atom);
0571 }
0572 
0573 static void add_medium_atom_header(struct opal_dev *cmd, bool bytestring,
0574                    bool has_sign, int len)
0575 {
0576     u8 header0;
0577 
0578     header0 = MEDIUM_ATOM_ID;
0579     header0 |= bytestring ? MEDIUM_ATOM_BYTESTRING : 0;
0580     header0 |= has_sign ? MEDIUM_ATOM_SIGNED : 0;
0581     header0 |= (len >> 8) & MEDIUM_ATOM_LEN_MASK;
0582 
0583     cmd->cmd[cmd->pos++] = header0;
0584     cmd->cmd[cmd->pos++] = len;
0585 }
0586 
0587 static void add_token_u64(int *err, struct opal_dev *cmd, u64 number)
0588 {
0589     size_t len;
0590     int msb;
0591 
0592     if (!(number & ~TINY_ATOM_DATA_MASK)) {
0593         add_token_u8(err, cmd, number);
0594         return;
0595     }
0596 
0597     msb = fls64(number);
0598     len = DIV_ROUND_UP(msb, 8);
0599 
0600     if (!can_add(err, cmd, len + 1)) {
0601         pr_debug("Error adding u64: end of buffer.\n");
0602         return;
0603     }
0604     add_short_atom_header(cmd, false, false, len);
0605     while (len--)
0606         add_token_u8(err, cmd, number >> (len * 8));
0607 }
0608 
0609 static u8 *add_bytestring_header(int *err, struct opal_dev *cmd, size_t len)
0610 {
0611     size_t header_len = 1;
0612     bool is_short_atom = true;
0613 
0614     if (len & ~SHORT_ATOM_LEN_MASK) {
0615         header_len = 2;
0616         is_short_atom = false;
0617     }
0618 
0619     if (!can_add(err, cmd, header_len + len)) {
0620         pr_debug("Error adding bytestring: end of buffer.\n");
0621         return NULL;
0622     }
0623 
0624     if (is_short_atom)
0625         add_short_atom_header(cmd, true, false, len);
0626     else
0627         add_medium_atom_header(cmd, true, false, len);
0628 
0629     return &cmd->cmd[cmd->pos];
0630 }
0631 
0632 static void add_token_bytestring(int *err, struct opal_dev *cmd,
0633                  const u8 *bytestring, size_t len)
0634 {
0635     u8 *start;
0636 
0637     start = add_bytestring_header(err, cmd, len);
0638     if (!start)
0639         return;
0640     memcpy(start, bytestring, len);
0641     cmd->pos += len;
0642 }
0643 
0644 static int build_locking_range(u8 *buffer, size_t length, u8 lr)
0645 {
0646     if (length > OPAL_UID_LENGTH) {
0647         pr_debug("Can't build locking range. Length OOB\n");
0648         return -ERANGE;
0649     }
0650 
0651     memcpy(buffer, opaluid[OPAL_LOCKINGRANGE_GLOBAL], OPAL_UID_LENGTH);
0652 
0653     if (lr == 0)
0654         return 0;
0655 
0656     buffer[5] = LOCKING_RANGE_NON_GLOBAL;
0657     buffer[7] = lr;
0658 
0659     return 0;
0660 }
0661 
0662 static int build_locking_user(u8 *buffer, size_t length, u8 lr)
0663 {
0664     if (length > OPAL_UID_LENGTH) {
0665         pr_debug("Can't build locking range user. Length OOB\n");
0666         return -ERANGE;
0667     }
0668 
0669     memcpy(buffer, opaluid[OPAL_USER1_UID], OPAL_UID_LENGTH);
0670 
0671     buffer[7] = lr + 1;
0672 
0673     return 0;
0674 }
0675 
0676 static void set_comid(struct opal_dev *cmd, u16 comid)
0677 {
0678     struct opal_header *hdr = (struct opal_header *)cmd->cmd;
0679 
0680     hdr->cp.extendedComID[0] = comid >> 8;
0681     hdr->cp.extendedComID[1] = comid;
0682     hdr->cp.extendedComID[2] = 0;
0683     hdr->cp.extendedComID[3] = 0;
0684 }
0685 
0686 static int cmd_finalize(struct opal_dev *cmd, u32 hsn, u32 tsn)
0687 {
0688     struct opal_header *hdr;
0689     int err = 0;
0690 
0691     /*
0692      * Close the parameter list opened from cmd_start.
0693      * The number of bytes added must be equal to
0694      * CMD_FINALIZE_BYTES_NEEDED.
0695      */
0696     add_token_u8(&err, cmd, OPAL_ENDLIST);
0697 
0698     add_token_u8(&err, cmd, OPAL_ENDOFDATA);
0699     add_token_u8(&err, cmd, OPAL_STARTLIST);
0700     add_token_u8(&err, cmd, 0);
0701     add_token_u8(&err, cmd, 0);
0702     add_token_u8(&err, cmd, 0);
0703     add_token_u8(&err, cmd, OPAL_ENDLIST);
0704 
0705     if (err) {
0706         pr_debug("Error finalizing command.\n");
0707         return -EFAULT;
0708     }
0709 
0710     hdr = (struct opal_header *) cmd->cmd;
0711 
0712     hdr->pkt.tsn = cpu_to_be32(tsn);
0713     hdr->pkt.hsn = cpu_to_be32(hsn);
0714 
0715     hdr->subpkt.length = cpu_to_be32(cmd->pos - sizeof(*hdr));
0716     while (cmd->pos % 4) {
0717         if (cmd->pos >= IO_BUFFER_LENGTH) {
0718             pr_debug("Error: Buffer overrun\n");
0719             return -ERANGE;
0720         }
0721         cmd->cmd[cmd->pos++] = 0;
0722     }
0723     hdr->pkt.length = cpu_to_be32(cmd->pos - sizeof(hdr->cp) -
0724                       sizeof(hdr->pkt));
0725     hdr->cp.length = cpu_to_be32(cmd->pos - sizeof(hdr->cp));
0726 
0727     return 0;
0728 }
0729 
0730 static const struct opal_resp_tok *response_get_token(
0731                 const struct parsed_resp *resp,
0732                 int n)
0733 {
0734     const struct opal_resp_tok *tok;
0735 
0736     if (!resp) {
0737         pr_debug("Response is NULL\n");
0738         return ERR_PTR(-EINVAL);
0739     }
0740 
0741     if (n >= resp->num) {
0742         pr_debug("Token number doesn't exist: %d, resp: %d\n",
0743              n, resp->num);
0744         return ERR_PTR(-EINVAL);
0745     }
0746 
0747     tok = &resp->toks[n];
0748     if (tok->len == 0) {
0749         pr_debug("Token length must be non-zero\n");
0750         return ERR_PTR(-EINVAL);
0751     }
0752 
0753     return tok;
0754 }
0755 
0756 static ssize_t response_parse_tiny(struct opal_resp_tok *tok,
0757                    const u8 *pos)
0758 {
0759     tok->pos = pos;
0760     tok->len = 1;
0761     tok->width = OPAL_WIDTH_TINY;
0762 
0763     if (pos[0] & TINY_ATOM_SIGNED) {
0764         tok->type = OPAL_DTA_TOKENID_SINT;
0765     } else {
0766         tok->type = OPAL_DTA_TOKENID_UINT;
0767         tok->stored.u = pos[0] & 0x3f;
0768     }
0769 
0770     return tok->len;
0771 }
0772 
0773 static ssize_t response_parse_short(struct opal_resp_tok *tok,
0774                     const u8 *pos)
0775 {
0776     tok->pos = pos;
0777     tok->len = (pos[0] & SHORT_ATOM_LEN_MASK) + 1;
0778     tok->width = OPAL_WIDTH_SHORT;
0779 
0780     if (pos[0] & SHORT_ATOM_BYTESTRING) {
0781         tok->type = OPAL_DTA_TOKENID_BYTESTRING;
0782     } else if (pos[0] & SHORT_ATOM_SIGNED) {
0783         tok->type = OPAL_DTA_TOKENID_SINT;
0784     } else {
0785         u64 u_integer = 0;
0786         ssize_t i, b = 0;
0787 
0788         tok->type = OPAL_DTA_TOKENID_UINT;
0789         if (tok->len > 9) {
0790             pr_debug("uint64 with more than 8 bytes\n");
0791             return -EINVAL;
0792         }
0793         for (i = tok->len - 1; i > 0; i--) {
0794             u_integer |= ((u64)pos[i] << (8 * b));
0795             b++;
0796         }
0797         tok->stored.u = u_integer;
0798     }
0799 
0800     return tok->len;
0801 }
0802 
0803 static ssize_t response_parse_medium(struct opal_resp_tok *tok,
0804                      const u8 *pos)
0805 {
0806     tok->pos = pos;
0807     tok->len = (((pos[0] & MEDIUM_ATOM_LEN_MASK) << 8) | pos[1]) + 2;
0808     tok->width = OPAL_WIDTH_MEDIUM;
0809 
0810     if (pos[0] & MEDIUM_ATOM_BYTESTRING)
0811         tok->type = OPAL_DTA_TOKENID_BYTESTRING;
0812     else if (pos[0] & MEDIUM_ATOM_SIGNED)
0813         tok->type = OPAL_DTA_TOKENID_SINT;
0814     else
0815         tok->type = OPAL_DTA_TOKENID_UINT;
0816 
0817     return tok->len;
0818 }
0819 
0820 static ssize_t response_parse_long(struct opal_resp_tok *tok,
0821                    const u8 *pos)
0822 {
0823     tok->pos = pos;
0824     tok->len = ((pos[1] << 16) | (pos[2] << 8) | pos[3]) + 4;
0825     tok->width = OPAL_WIDTH_LONG;
0826 
0827     if (pos[0] & LONG_ATOM_BYTESTRING)
0828         tok->type = OPAL_DTA_TOKENID_BYTESTRING;
0829     else if (pos[0] & LONG_ATOM_SIGNED)
0830         tok->type = OPAL_DTA_TOKENID_SINT;
0831     else
0832         tok->type = OPAL_DTA_TOKENID_UINT;
0833 
0834     return tok->len;
0835 }
0836 
0837 static ssize_t response_parse_token(struct opal_resp_tok *tok,
0838                     const u8 *pos)
0839 {
0840     tok->pos = pos;
0841     tok->len = 1;
0842     tok->type = OPAL_DTA_TOKENID_TOKEN;
0843     tok->width = OPAL_WIDTH_TOKEN;
0844 
0845     return tok->len;
0846 }
0847 
0848 static int response_parse(const u8 *buf, size_t length,
0849               struct parsed_resp *resp)
0850 {
0851     const struct opal_header *hdr;
0852     struct opal_resp_tok *iter;
0853     int num_entries = 0;
0854     int total;
0855     ssize_t token_length;
0856     const u8 *pos;
0857     u32 clen, plen, slen;
0858 
0859     if (!buf)
0860         return -EFAULT;
0861 
0862     if (!resp)
0863         return -EFAULT;
0864 
0865     hdr = (struct opal_header *)buf;
0866     pos = buf;
0867     pos += sizeof(*hdr);
0868 
0869     clen = be32_to_cpu(hdr->cp.length);
0870     plen = be32_to_cpu(hdr->pkt.length);
0871     slen = be32_to_cpu(hdr->subpkt.length);
0872     pr_debug("Response size: cp: %u, pkt: %u, subpkt: %u\n",
0873          clen, plen, slen);
0874 
0875     if (clen == 0 || plen == 0 || slen == 0 ||
0876         slen > IO_BUFFER_LENGTH - sizeof(*hdr)) {
0877         pr_debug("Bad header length. cp: %u, pkt: %u, subpkt: %u\n",
0878              clen, plen, slen);
0879         print_buffer(pos, sizeof(*hdr));
0880         return -EINVAL;
0881     }
0882 
0883     if (pos > buf + length)
0884         return -EFAULT;
0885 
0886     iter = resp->toks;
0887     total = slen;
0888     print_buffer(pos, total);
0889     while (total > 0) {
0890         if (pos[0] <= TINY_ATOM_BYTE) /* tiny atom */
0891             token_length = response_parse_tiny(iter, pos);
0892         else if (pos[0] <= SHORT_ATOM_BYTE) /* short atom */
0893             token_length = response_parse_short(iter, pos);
0894         else if (pos[0] <= MEDIUM_ATOM_BYTE) /* medium atom */
0895             token_length = response_parse_medium(iter, pos);
0896         else if (pos[0] <= LONG_ATOM_BYTE) /* long atom */
0897             token_length = response_parse_long(iter, pos);
0898         else /* TOKEN */
0899             token_length = response_parse_token(iter, pos);
0900 
0901         if (token_length < 0)
0902             return token_length;
0903 
0904         pos += token_length;
0905         total -= token_length;
0906         iter++;
0907         num_entries++;
0908     }
0909 
0910     resp->num = num_entries;
0911 
0912     return 0;
0913 }
0914 
0915 static size_t response_get_string(const struct parsed_resp *resp, int n,
0916                   const char **store)
0917 {
0918     u8 skip;
0919     const struct opal_resp_tok *tok;
0920 
0921     *store = NULL;
0922     tok = response_get_token(resp, n);
0923     if (IS_ERR(tok))
0924         return 0;
0925 
0926     if (tok->type != OPAL_DTA_TOKENID_BYTESTRING) {
0927         pr_debug("Token is not a byte string!\n");
0928         return 0;
0929     }
0930 
0931     switch (tok->width) {
0932     case OPAL_WIDTH_TINY:
0933     case OPAL_WIDTH_SHORT:
0934         skip = 1;
0935         break;
0936     case OPAL_WIDTH_MEDIUM:
0937         skip = 2;
0938         break;
0939     case OPAL_WIDTH_LONG:
0940         skip = 4;
0941         break;
0942     default:
0943         pr_debug("Token has invalid width!\n");
0944         return 0;
0945     }
0946 
0947     *store = tok->pos + skip;
0948 
0949     return tok->len - skip;
0950 }
0951 
0952 static u64 response_get_u64(const struct parsed_resp *resp, int n)
0953 {
0954     const struct opal_resp_tok *tok;
0955 
0956     tok = response_get_token(resp, n);
0957     if (IS_ERR(tok))
0958         return 0;
0959 
0960     if (tok->type != OPAL_DTA_TOKENID_UINT) {
0961         pr_debug("Token is not unsigned int: %d\n", tok->type);
0962         return 0;
0963     }
0964 
0965     if (tok->width != OPAL_WIDTH_TINY && tok->width != OPAL_WIDTH_SHORT) {
0966         pr_debug("Atom is not short or tiny: %d\n", tok->width);
0967         return 0;
0968     }
0969 
0970     return tok->stored.u;
0971 }
0972 
0973 static bool response_token_matches(const struct opal_resp_tok *token, u8 match)
0974 {
0975     if (IS_ERR(token) ||
0976         token->type != OPAL_DTA_TOKENID_TOKEN ||
0977         token->pos[0] != match)
0978         return false;
0979     return true;
0980 }
0981 
0982 static u8 response_status(const struct parsed_resp *resp)
0983 {
0984     const struct opal_resp_tok *tok;
0985 
0986     tok = response_get_token(resp, 0);
0987     if (response_token_matches(tok, OPAL_ENDOFSESSION))
0988         return 0;
0989 
0990     if (resp->num < 5)
0991         return DTAERROR_NO_METHOD_STATUS;
0992 
0993     tok = response_get_token(resp, resp->num - 5);
0994     if (!response_token_matches(tok, OPAL_STARTLIST))
0995         return DTAERROR_NO_METHOD_STATUS;
0996 
0997     tok = response_get_token(resp, resp->num - 1);
0998     if (!response_token_matches(tok, OPAL_ENDLIST))
0999         return DTAERROR_NO_METHOD_STATUS;
1000 
1001     return response_get_u64(resp, resp->num - 4);
1002 }
1003 
1004 /* Parses and checks for errors */
1005 static int parse_and_check_status(struct opal_dev *dev)
1006 {
1007     int error;
1008 
1009     print_buffer(dev->cmd, dev->pos);
1010 
1011     error = response_parse(dev->resp, IO_BUFFER_LENGTH, &dev->parsed);
1012     if (error) {
1013         pr_debug("Couldn't parse response.\n");
1014         return error;
1015     }
1016 
1017     return response_status(&dev->parsed);
1018 }
1019 
1020 static void clear_opal_cmd(struct opal_dev *dev)
1021 {
1022     dev->pos = sizeof(struct opal_header);
1023     memset(dev->cmd, 0, IO_BUFFER_LENGTH);
1024 }
1025 
1026 static int cmd_start(struct opal_dev *dev, const u8 *uid, const u8 *method)
1027 {
1028     int err = 0;
1029 
1030     clear_opal_cmd(dev);
1031     set_comid(dev, dev->comid);
1032 
1033     add_token_u8(&err, dev, OPAL_CALL);
1034     add_token_bytestring(&err, dev, uid, OPAL_UID_LENGTH);
1035     add_token_bytestring(&err, dev, method, OPAL_METHOD_LENGTH);
1036 
1037     /*
1038      * Every method call is followed by its parameters enclosed within
1039      * OPAL_STARTLIST and OPAL_ENDLIST tokens. We automatically open the
1040      * parameter list here and close it later in cmd_finalize.
1041      */
1042     add_token_u8(&err, dev, OPAL_STARTLIST);
1043 
1044     return err;
1045 }
1046 
1047 static int start_opal_session_cont(struct opal_dev *dev)
1048 {
1049     u32 hsn, tsn;
1050     int error = 0;
1051 
1052     error = parse_and_check_status(dev);
1053     if (error)
1054         return error;
1055 
1056     hsn = response_get_u64(&dev->parsed, 4);
1057     tsn = response_get_u64(&dev->parsed, 5);
1058 
1059     if (hsn != GENERIC_HOST_SESSION_NUM || tsn < FIRST_TPER_SESSION_NUM) {
1060         pr_debug("Couldn't authenticate session\n");
1061         return -EPERM;
1062     }
1063 
1064     dev->hsn = hsn;
1065     dev->tsn = tsn;
1066 
1067     return 0;
1068 }
1069 
1070 static void add_suspend_info(struct opal_dev *dev,
1071                  struct opal_suspend_data *sus)
1072 {
1073     struct opal_suspend_data *iter;
1074 
1075     list_for_each_entry(iter, &dev->unlk_lst, node) {
1076         if (iter->lr == sus->lr) {
1077             list_del(&iter->node);
1078             kfree(iter);
1079             break;
1080         }
1081     }
1082     list_add_tail(&sus->node, &dev->unlk_lst);
1083 }
1084 
1085 static int end_session_cont(struct opal_dev *dev)
1086 {
1087     dev->hsn = 0;
1088     dev->tsn = 0;
1089 
1090     return parse_and_check_status(dev);
1091 }
1092 
1093 static int finalize_and_send(struct opal_dev *dev, cont_fn cont)
1094 {
1095     int ret;
1096 
1097     ret = cmd_finalize(dev, dev->hsn, dev->tsn);
1098     if (ret) {
1099         pr_debug("Error finalizing command buffer: %d\n", ret);
1100         return ret;
1101     }
1102 
1103     print_buffer(dev->cmd, dev->pos);
1104 
1105     return opal_send_recv(dev, cont);
1106 }
1107 
1108 /*
1109  * request @column from table @table on device @dev. On success, the column
1110  * data will be available in dev->resp->tok[4]
1111  */
1112 static int generic_get_column(struct opal_dev *dev, const u8 *table,
1113                   u64 column)
1114 {
1115     int err;
1116 
1117     err = cmd_start(dev, table, opalmethod[OPAL_GET]);
1118 
1119     add_token_u8(&err, dev, OPAL_STARTLIST);
1120 
1121     add_token_u8(&err, dev, OPAL_STARTNAME);
1122     add_token_u8(&err, dev, OPAL_STARTCOLUMN);
1123     add_token_u64(&err, dev, column);
1124     add_token_u8(&err, dev, OPAL_ENDNAME);
1125 
1126     add_token_u8(&err, dev, OPAL_STARTNAME);
1127     add_token_u8(&err, dev, OPAL_ENDCOLUMN);
1128     add_token_u64(&err, dev, column);
1129     add_token_u8(&err, dev, OPAL_ENDNAME);
1130 
1131     add_token_u8(&err, dev, OPAL_ENDLIST);
1132 
1133     if (err)
1134         return err;
1135 
1136     return finalize_and_send(dev, parse_and_check_status);
1137 }
1138 
1139 /*
1140  * see TCG SAS 5.3.2.3 for a description of the available columns
1141  *
1142  * the result is provided in dev->resp->tok[4]
1143  */
1144 static int generic_get_table_info(struct opal_dev *dev, const u8 *table_uid,
1145                   u64 column)
1146 {
1147     u8 uid[OPAL_UID_LENGTH];
1148     const unsigned int half = OPAL_UID_LENGTH_HALF;
1149 
1150     /* sed-opal UIDs can be split in two halves:
1151      *  first:  actual table index
1152      *  second: relative index in the table
1153      * so we have to get the first half of the OPAL_TABLE_TABLE and use the
1154      * first part of the target table as relative index into that table
1155      */
1156     memcpy(uid, opaluid[OPAL_TABLE_TABLE], half);
1157     memcpy(uid + half, table_uid, half);
1158 
1159     return generic_get_column(dev, uid, column);
1160 }
1161 
1162 static int gen_key(struct opal_dev *dev, void *data)
1163 {
1164     u8 uid[OPAL_UID_LENGTH];
1165     int err;
1166 
1167     memcpy(uid, dev->prev_data, min(sizeof(uid), dev->prev_d_len));
1168     kfree(dev->prev_data);
1169     dev->prev_data = NULL;
1170 
1171     err = cmd_start(dev, uid, opalmethod[OPAL_GENKEY]);
1172 
1173     if (err) {
1174         pr_debug("Error building gen key command\n");
1175         return err;
1176 
1177     }
1178 
1179     return finalize_and_send(dev, parse_and_check_status);
1180 }
1181 
1182 static int get_active_key_cont(struct opal_dev *dev)
1183 {
1184     const char *activekey;
1185     size_t keylen;
1186     int error = 0;
1187 
1188     error = parse_and_check_status(dev);
1189     if (error)
1190         return error;
1191 
1192     keylen = response_get_string(&dev->parsed, 4, &activekey);
1193     if (!activekey) {
1194         pr_debug("%s: Couldn't extract the Activekey from the response\n",
1195              __func__);
1196         return OPAL_INVAL_PARAM;
1197     }
1198 
1199     dev->prev_data = kmemdup(activekey, keylen, GFP_KERNEL);
1200 
1201     if (!dev->prev_data)
1202         return -ENOMEM;
1203 
1204     dev->prev_d_len = keylen;
1205 
1206     return 0;
1207 }
1208 
1209 static int get_active_key(struct opal_dev *dev, void *data)
1210 {
1211     u8 uid[OPAL_UID_LENGTH];
1212     int err;
1213     u8 *lr = data;
1214 
1215     err = build_locking_range(uid, sizeof(uid), *lr);
1216     if (err)
1217         return err;
1218 
1219     err = generic_get_column(dev, uid, OPAL_ACTIVEKEY);
1220     if (err)
1221         return err;
1222 
1223     return get_active_key_cont(dev);
1224 }
1225 
1226 static int generic_table_write_data(struct opal_dev *dev, const u64 data,
1227                     u64 offset, u64 size, const u8 *uid)
1228 {
1229     const u8 __user *src = (u8 __user *)(uintptr_t)data;
1230     u8 *dst;
1231     u64 len;
1232     size_t off = 0;
1233     int err;
1234 
1235     /* do we fit in the available space? */
1236     err = generic_get_table_info(dev, uid, OPAL_TABLE_ROWS);
1237     if (err) {
1238         pr_debug("Couldn't get the table size\n");
1239         return err;
1240     }
1241 
1242     len = response_get_u64(&dev->parsed, 4);
1243     if (size > len || offset > len - size) {
1244         pr_debug("Does not fit in the table (%llu vs. %llu)\n",
1245               offset + size, len);
1246         return -ENOSPC;
1247     }
1248 
1249     /* do the actual transmission(s) */
1250     while (off < size) {
1251         err = cmd_start(dev, uid, opalmethod[OPAL_SET]);
1252         add_token_u8(&err, dev, OPAL_STARTNAME);
1253         add_token_u8(&err, dev, OPAL_WHERE);
1254         add_token_u64(&err, dev, offset + off);
1255         add_token_u8(&err, dev, OPAL_ENDNAME);
1256 
1257         add_token_u8(&err, dev, OPAL_STARTNAME);
1258         add_token_u8(&err, dev, OPAL_VALUES);
1259 
1260         /*
1261          * The bytestring header is either 1 or 2 bytes, so assume 2.
1262          * There also needs to be enough space to accommodate the
1263          * trailing OPAL_ENDNAME (1 byte) and tokens added by
1264          * cmd_finalize.
1265          */
1266         len = min(remaining_size(dev) - (2+1+CMD_FINALIZE_BYTES_NEEDED),
1267               (size_t)(size - off));
1268         pr_debug("Write bytes %zu+%llu/%llu\n", off, len, size);
1269 
1270         dst = add_bytestring_header(&err, dev, len);
1271         if (!dst)
1272             break;
1273 
1274         if (copy_from_user(dst, src + off, len)) {
1275             err = -EFAULT;
1276             break;
1277         }
1278 
1279         dev->pos += len;
1280 
1281         add_token_u8(&err, dev, OPAL_ENDNAME);
1282         if (err)
1283             break;
1284 
1285         err = finalize_and_send(dev, parse_and_check_status);
1286         if (err)
1287             break;
1288 
1289         off += len;
1290     }
1291 
1292     return err;
1293 }
1294 
1295 static int generic_lr_enable_disable(struct opal_dev *dev,
1296                      u8 *uid, bool rle, bool wle,
1297                      bool rl, bool wl)
1298 {
1299     int err;
1300 
1301     err = cmd_start(dev, uid, opalmethod[OPAL_SET]);
1302 
1303     add_token_u8(&err, dev, OPAL_STARTNAME);
1304     add_token_u8(&err, dev, OPAL_VALUES);
1305     add_token_u8(&err, dev, OPAL_STARTLIST);
1306 
1307     add_token_u8(&err, dev, OPAL_STARTNAME);
1308     add_token_u8(&err, dev, OPAL_READLOCKENABLED);
1309     add_token_u8(&err, dev, rle);
1310     add_token_u8(&err, dev, OPAL_ENDNAME);
1311 
1312     add_token_u8(&err, dev, OPAL_STARTNAME);
1313     add_token_u8(&err, dev, OPAL_WRITELOCKENABLED);
1314     add_token_u8(&err, dev, wle);
1315     add_token_u8(&err, dev, OPAL_ENDNAME);
1316 
1317     add_token_u8(&err, dev, OPAL_STARTNAME);
1318     add_token_u8(&err, dev, OPAL_READLOCKED);
1319     add_token_u8(&err, dev, rl);
1320     add_token_u8(&err, dev, OPAL_ENDNAME);
1321 
1322     add_token_u8(&err, dev, OPAL_STARTNAME);
1323     add_token_u8(&err, dev, OPAL_WRITELOCKED);
1324     add_token_u8(&err, dev, wl);
1325     add_token_u8(&err, dev, OPAL_ENDNAME);
1326 
1327     add_token_u8(&err, dev, OPAL_ENDLIST);
1328     add_token_u8(&err, dev, OPAL_ENDNAME);
1329 
1330     return err;
1331 }
1332 
1333 static inline int enable_global_lr(struct opal_dev *dev, u8 *uid,
1334                    struct opal_user_lr_setup *setup)
1335 {
1336     int err;
1337 
1338     err = generic_lr_enable_disable(dev, uid, !!setup->RLE, !!setup->WLE,
1339                     0, 0);
1340     if (err)
1341         pr_debug("Failed to create enable global lr command\n");
1342 
1343     return err;
1344 }
1345 
1346 static int setup_locking_range(struct opal_dev *dev, void *data)
1347 {
1348     u8 uid[OPAL_UID_LENGTH];
1349     struct opal_user_lr_setup *setup = data;
1350     u8 lr;
1351     int err;
1352 
1353     lr = setup->session.opal_key.lr;
1354     err = build_locking_range(uid, sizeof(uid), lr);
1355     if (err)
1356         return err;
1357 
1358     if (lr == 0)
1359         err = enable_global_lr(dev, uid, setup);
1360     else {
1361         err = cmd_start(dev, uid, opalmethod[OPAL_SET]);
1362 
1363         add_token_u8(&err, dev, OPAL_STARTNAME);
1364         add_token_u8(&err, dev, OPAL_VALUES);
1365         add_token_u8(&err, dev, OPAL_STARTLIST);
1366 
1367         add_token_u8(&err, dev, OPAL_STARTNAME);
1368         add_token_u8(&err, dev, OPAL_RANGESTART);
1369         add_token_u64(&err, dev, setup->range_start);
1370         add_token_u8(&err, dev, OPAL_ENDNAME);
1371 
1372         add_token_u8(&err, dev, OPAL_STARTNAME);
1373         add_token_u8(&err, dev, OPAL_RANGELENGTH);
1374         add_token_u64(&err, dev, setup->range_length);
1375         add_token_u8(&err, dev, OPAL_ENDNAME);
1376 
1377         add_token_u8(&err, dev, OPAL_STARTNAME);
1378         add_token_u8(&err, dev, OPAL_READLOCKENABLED);
1379         add_token_u64(&err, dev, !!setup->RLE);
1380         add_token_u8(&err, dev, OPAL_ENDNAME);
1381 
1382         add_token_u8(&err, dev, OPAL_STARTNAME);
1383         add_token_u8(&err, dev, OPAL_WRITELOCKENABLED);
1384         add_token_u64(&err, dev, !!setup->WLE);
1385         add_token_u8(&err, dev, OPAL_ENDNAME);
1386 
1387         add_token_u8(&err, dev, OPAL_ENDLIST);
1388         add_token_u8(&err, dev, OPAL_ENDNAME);
1389     }
1390     if (err) {
1391         pr_debug("Error building Setup Locking range command.\n");
1392         return err;
1393     }
1394 
1395     return finalize_and_send(dev, parse_and_check_status);
1396 }
1397 
1398 static int start_generic_opal_session(struct opal_dev *dev,
1399                       enum opal_uid auth,
1400                       enum opal_uid sp_type,
1401                       const char *key,
1402                       u8 key_len)
1403 {
1404     u32 hsn;
1405     int err;
1406 
1407     if (key == NULL && auth != OPAL_ANYBODY_UID)
1408         return OPAL_INVAL_PARAM;
1409 
1410     hsn = GENERIC_HOST_SESSION_NUM;
1411     err = cmd_start(dev, opaluid[OPAL_SMUID_UID],
1412             opalmethod[OPAL_STARTSESSION]);
1413 
1414     add_token_u64(&err, dev, hsn);
1415     add_token_bytestring(&err, dev, opaluid[sp_type], OPAL_UID_LENGTH);
1416     add_token_u8(&err, dev, 1);
1417 
1418     switch (auth) {
1419     case OPAL_ANYBODY_UID:
1420         break;
1421     case OPAL_ADMIN1_UID:
1422     case OPAL_SID_UID:
1423     case OPAL_PSID_UID:
1424         add_token_u8(&err, dev, OPAL_STARTNAME);
1425         add_token_u8(&err, dev, 0); /* HostChallenge */
1426         add_token_bytestring(&err, dev, key, key_len);
1427         add_token_u8(&err, dev, OPAL_ENDNAME);
1428         add_token_u8(&err, dev, OPAL_STARTNAME);
1429         add_token_u8(&err, dev, 3); /* HostSignAuth */
1430         add_token_bytestring(&err, dev, opaluid[auth],
1431                      OPAL_UID_LENGTH);
1432         add_token_u8(&err, dev, OPAL_ENDNAME);
1433         break;
1434     default:
1435         pr_debug("Cannot start Admin SP session with auth %d\n", auth);
1436         return OPAL_INVAL_PARAM;
1437     }
1438 
1439     if (err) {
1440         pr_debug("Error building start adminsp session command.\n");
1441         return err;
1442     }
1443 
1444     return finalize_and_send(dev, start_opal_session_cont);
1445 }
1446 
1447 static int start_anybodyASP_opal_session(struct opal_dev *dev, void *data)
1448 {
1449     return start_generic_opal_session(dev, OPAL_ANYBODY_UID,
1450                       OPAL_ADMINSP_UID, NULL, 0);
1451 }
1452 
1453 static int start_SIDASP_opal_session(struct opal_dev *dev, void *data)
1454 {
1455     int ret;
1456     const u8 *key = dev->prev_data;
1457 
1458     if (!key) {
1459         const struct opal_key *okey = data;
1460 
1461         ret = start_generic_opal_session(dev, OPAL_SID_UID,
1462                          OPAL_ADMINSP_UID,
1463                          okey->key,
1464                          okey->key_len);
1465     } else {
1466         ret = start_generic_opal_session(dev, OPAL_SID_UID,
1467                          OPAL_ADMINSP_UID,
1468                          key, dev->prev_d_len);
1469         kfree(key);
1470         dev->prev_data = NULL;
1471     }
1472 
1473     return ret;
1474 }
1475 
1476 static int start_admin1LSP_opal_session(struct opal_dev *dev, void *data)
1477 {
1478     struct opal_key *key = data;
1479 
1480     return start_generic_opal_session(dev, OPAL_ADMIN1_UID,
1481                       OPAL_LOCKINGSP_UID,
1482                       key->key, key->key_len);
1483 }
1484 
1485 static int start_PSID_opal_session(struct opal_dev *dev, void *data)
1486 {
1487     const struct opal_key *okey = data;
1488 
1489     return start_generic_opal_session(dev, OPAL_PSID_UID,
1490                       OPAL_ADMINSP_UID,
1491                       okey->key,
1492                       okey->key_len);
1493 }
1494 
1495 static int start_auth_opal_session(struct opal_dev *dev, void *data)
1496 {
1497     struct opal_session_info *session = data;
1498     u8 lk_ul_user[OPAL_UID_LENGTH];
1499     size_t keylen = session->opal_key.key_len;
1500     int err = 0;
1501 
1502     u8 *key = session->opal_key.key;
1503     u32 hsn = GENERIC_HOST_SESSION_NUM;
1504 
1505     if (session->sum)
1506         err = build_locking_user(lk_ul_user, sizeof(lk_ul_user),
1507                      session->opal_key.lr);
1508     else if (session->who != OPAL_ADMIN1 && !session->sum)
1509         err = build_locking_user(lk_ul_user, sizeof(lk_ul_user),
1510                      session->who - 1);
1511     else
1512         memcpy(lk_ul_user, opaluid[OPAL_ADMIN1_UID], OPAL_UID_LENGTH);
1513 
1514     if (err)
1515         return err;
1516 
1517     err = cmd_start(dev, opaluid[OPAL_SMUID_UID],
1518             opalmethod[OPAL_STARTSESSION]);
1519 
1520     add_token_u64(&err, dev, hsn);
1521     add_token_bytestring(&err, dev, opaluid[OPAL_LOCKINGSP_UID],
1522                  OPAL_UID_LENGTH);
1523     add_token_u8(&err, dev, 1);
1524     add_token_u8(&err, dev, OPAL_STARTNAME);
1525     add_token_u8(&err, dev, 0);
1526     add_token_bytestring(&err, dev, key, keylen);
1527     add_token_u8(&err, dev, OPAL_ENDNAME);
1528     add_token_u8(&err, dev, OPAL_STARTNAME);
1529     add_token_u8(&err, dev, 3);
1530     add_token_bytestring(&err, dev, lk_ul_user, OPAL_UID_LENGTH);
1531     add_token_u8(&err, dev, OPAL_ENDNAME);
1532 
1533     if (err) {
1534         pr_debug("Error building STARTSESSION command.\n");
1535         return err;
1536     }
1537 
1538     return finalize_and_send(dev, start_opal_session_cont);
1539 }
1540 
1541 static int revert_tper(struct opal_dev *dev, void *data)
1542 {
1543     int err;
1544 
1545     err = cmd_start(dev, opaluid[OPAL_ADMINSP_UID],
1546             opalmethod[OPAL_REVERT]);
1547     if (err) {
1548         pr_debug("Error building REVERT TPER command.\n");
1549         return err;
1550     }
1551 
1552     return finalize_and_send(dev, parse_and_check_status);
1553 }
1554 
1555 static int internal_activate_user(struct opal_dev *dev, void *data)
1556 {
1557     struct opal_session_info *session = data;
1558     u8 uid[OPAL_UID_LENGTH];
1559     int err;
1560 
1561     memcpy(uid, opaluid[OPAL_USER1_UID], OPAL_UID_LENGTH);
1562     uid[7] = session->who;
1563 
1564     err = cmd_start(dev, uid, opalmethod[OPAL_SET]);
1565     add_token_u8(&err, dev, OPAL_STARTNAME);
1566     add_token_u8(&err, dev, OPAL_VALUES);
1567     add_token_u8(&err, dev, OPAL_STARTLIST);
1568     add_token_u8(&err, dev, OPAL_STARTNAME);
1569     add_token_u8(&err, dev, 5); /* Enabled */
1570     add_token_u8(&err, dev, OPAL_TRUE);
1571     add_token_u8(&err, dev, OPAL_ENDNAME);
1572     add_token_u8(&err, dev, OPAL_ENDLIST);
1573     add_token_u8(&err, dev, OPAL_ENDNAME);
1574 
1575     if (err) {
1576         pr_debug("Error building Activate UserN command.\n");
1577         return err;
1578     }
1579 
1580     return finalize_and_send(dev, parse_and_check_status);
1581 }
1582 
1583 static int erase_locking_range(struct opal_dev *dev, void *data)
1584 {
1585     struct opal_session_info *session = data;
1586     u8 uid[OPAL_UID_LENGTH];
1587     int err;
1588 
1589     if (build_locking_range(uid, sizeof(uid), session->opal_key.lr) < 0)
1590         return -ERANGE;
1591 
1592     err = cmd_start(dev, uid, opalmethod[OPAL_ERASE]);
1593 
1594     if (err) {
1595         pr_debug("Error building Erase Locking Range Command.\n");
1596         return err;
1597     }
1598 
1599     return finalize_and_send(dev, parse_and_check_status);
1600 }
1601 
1602 static int set_mbr_done(struct opal_dev *dev, void *data)
1603 {
1604     u8 *mbr_done_tf = data;
1605     int err;
1606 
1607     err = cmd_start(dev, opaluid[OPAL_MBRCONTROL],
1608             opalmethod[OPAL_SET]);
1609 
1610     add_token_u8(&err, dev, OPAL_STARTNAME);
1611     add_token_u8(&err, dev, OPAL_VALUES);
1612     add_token_u8(&err, dev, OPAL_STARTLIST);
1613     add_token_u8(&err, dev, OPAL_STARTNAME);
1614     add_token_u8(&err, dev, OPAL_MBRDONE);
1615     add_token_u8(&err, dev, *mbr_done_tf); /* Done T or F */
1616     add_token_u8(&err, dev, OPAL_ENDNAME);
1617     add_token_u8(&err, dev, OPAL_ENDLIST);
1618     add_token_u8(&err, dev, OPAL_ENDNAME);
1619 
1620     if (err) {
1621         pr_debug("Error Building set MBR Done command\n");
1622         return err;
1623     }
1624 
1625     return finalize_and_send(dev, parse_and_check_status);
1626 }
1627 
1628 static int set_mbr_enable_disable(struct opal_dev *dev, void *data)
1629 {
1630     u8 *mbr_en_dis = data;
1631     int err;
1632 
1633     err = cmd_start(dev, opaluid[OPAL_MBRCONTROL],
1634             opalmethod[OPAL_SET]);
1635 
1636     add_token_u8(&err, dev, OPAL_STARTNAME);
1637     add_token_u8(&err, dev, OPAL_VALUES);
1638     add_token_u8(&err, dev, OPAL_STARTLIST);
1639     add_token_u8(&err, dev, OPAL_STARTNAME);
1640     add_token_u8(&err, dev, OPAL_MBRENABLE);
1641     add_token_u8(&err, dev, *mbr_en_dis);
1642     add_token_u8(&err, dev, OPAL_ENDNAME);
1643     add_token_u8(&err, dev, OPAL_ENDLIST);
1644     add_token_u8(&err, dev, OPAL_ENDNAME);
1645 
1646     if (err) {
1647         pr_debug("Error Building set MBR done command\n");
1648         return err;
1649     }
1650 
1651     return finalize_and_send(dev, parse_and_check_status);
1652 }
1653 
1654 static int write_shadow_mbr(struct opal_dev *dev, void *data)
1655 {
1656     struct opal_shadow_mbr *shadow = data;
1657 
1658     return generic_table_write_data(dev, shadow->data, shadow->offset,
1659                     shadow->size, opaluid[OPAL_MBR]);
1660 }
1661 
1662 static int generic_pw_cmd(u8 *key, size_t key_len, u8 *cpin_uid,
1663               struct opal_dev *dev)
1664 {
1665     int err;
1666 
1667     err = cmd_start(dev, cpin_uid, opalmethod[OPAL_SET]);
1668 
1669     add_token_u8(&err, dev, OPAL_STARTNAME);
1670     add_token_u8(&err, dev, OPAL_VALUES);
1671     add_token_u8(&err, dev, OPAL_STARTLIST);
1672     add_token_u8(&err, dev, OPAL_STARTNAME);
1673     add_token_u8(&err, dev, OPAL_PIN);
1674     add_token_bytestring(&err, dev, key, key_len);
1675     add_token_u8(&err, dev, OPAL_ENDNAME);
1676     add_token_u8(&err, dev, OPAL_ENDLIST);
1677     add_token_u8(&err, dev, OPAL_ENDNAME);
1678 
1679     return err;
1680 }
1681 
1682 static int set_new_pw(struct opal_dev *dev, void *data)
1683 {
1684     u8 cpin_uid[OPAL_UID_LENGTH];
1685     struct opal_session_info *usr = data;
1686 
1687     memcpy(cpin_uid, opaluid[OPAL_C_PIN_ADMIN1], OPAL_UID_LENGTH);
1688 
1689     if (usr->who != OPAL_ADMIN1) {
1690         cpin_uid[5] = 0x03;
1691         if (usr->sum)
1692             cpin_uid[7] = usr->opal_key.lr + 1;
1693         else
1694             cpin_uid[7] = usr->who;
1695     }
1696 
1697     if (generic_pw_cmd(usr->opal_key.key, usr->opal_key.key_len,
1698                cpin_uid, dev)) {
1699         pr_debug("Error building set password command.\n");
1700         return -ERANGE;
1701     }
1702 
1703     return finalize_and_send(dev, parse_and_check_status);
1704 }
1705 
1706 static int set_sid_cpin_pin(struct opal_dev *dev, void *data)
1707 {
1708     u8 cpin_uid[OPAL_UID_LENGTH];
1709     struct opal_key *key = data;
1710 
1711     memcpy(cpin_uid, opaluid[OPAL_C_PIN_SID], OPAL_UID_LENGTH);
1712 
1713     if (generic_pw_cmd(key->key, key->key_len, cpin_uid, dev)) {
1714         pr_debug("Error building Set SID cpin\n");
1715         return -ERANGE;
1716     }
1717     return finalize_and_send(dev, parse_and_check_status);
1718 }
1719 
1720 static int add_user_to_lr(struct opal_dev *dev, void *data)
1721 {
1722     u8 lr_buffer[OPAL_UID_LENGTH];
1723     u8 user_uid[OPAL_UID_LENGTH];
1724     struct opal_lock_unlock *lkul = data;
1725     int err;
1726 
1727     memcpy(lr_buffer, opaluid[OPAL_LOCKINGRANGE_ACE_RDLOCKED],
1728            OPAL_UID_LENGTH);
1729 
1730     if (lkul->l_state == OPAL_RW)
1731         memcpy(lr_buffer, opaluid[OPAL_LOCKINGRANGE_ACE_WRLOCKED],
1732                OPAL_UID_LENGTH);
1733 
1734     lr_buffer[7] = lkul->session.opal_key.lr;
1735 
1736     memcpy(user_uid, opaluid[OPAL_USER1_UID], OPAL_UID_LENGTH);
1737 
1738     user_uid[7] = lkul->session.who;
1739 
1740     err = cmd_start(dev, lr_buffer, opalmethod[OPAL_SET]);
1741 
1742     add_token_u8(&err, dev, OPAL_STARTNAME);
1743     add_token_u8(&err, dev, OPAL_VALUES);
1744 
1745     add_token_u8(&err, dev, OPAL_STARTLIST);
1746     add_token_u8(&err, dev, OPAL_STARTNAME);
1747     add_token_u8(&err, dev, 3);
1748 
1749     add_token_u8(&err, dev, OPAL_STARTLIST);
1750 
1751 
1752     add_token_u8(&err, dev, OPAL_STARTNAME);
1753     add_token_bytestring(&err, dev,
1754                  opaluid[OPAL_HALF_UID_AUTHORITY_OBJ_REF],
1755                  OPAL_UID_LENGTH/2);
1756     add_token_bytestring(&err, dev, user_uid, OPAL_UID_LENGTH);
1757     add_token_u8(&err, dev, OPAL_ENDNAME);
1758 
1759 
1760     add_token_u8(&err, dev, OPAL_STARTNAME);
1761     add_token_bytestring(&err, dev,
1762                  opaluid[OPAL_HALF_UID_AUTHORITY_OBJ_REF],
1763                  OPAL_UID_LENGTH/2);
1764     add_token_bytestring(&err, dev, user_uid, OPAL_UID_LENGTH);
1765     add_token_u8(&err, dev, OPAL_ENDNAME);
1766 
1767 
1768     add_token_u8(&err, dev, OPAL_STARTNAME);
1769     add_token_bytestring(&err, dev, opaluid[OPAL_HALF_UID_BOOLEAN_ACE],
1770                  OPAL_UID_LENGTH/2);
1771     add_token_u8(&err, dev, 1);
1772     add_token_u8(&err, dev, OPAL_ENDNAME);
1773 
1774 
1775     add_token_u8(&err, dev, OPAL_ENDLIST);
1776     add_token_u8(&err, dev, OPAL_ENDNAME);
1777     add_token_u8(&err, dev, OPAL_ENDLIST);
1778     add_token_u8(&err, dev, OPAL_ENDNAME);
1779 
1780     if (err) {
1781         pr_debug("Error building add user to locking range command.\n");
1782         return err;
1783     }
1784 
1785     return finalize_and_send(dev, parse_and_check_status);
1786 }
1787 
1788 static int lock_unlock_locking_range(struct opal_dev *dev, void *data)
1789 {
1790     u8 lr_buffer[OPAL_UID_LENGTH];
1791     struct opal_lock_unlock *lkul = data;
1792     u8 read_locked = 1, write_locked = 1;
1793     int err = 0;
1794 
1795     if (build_locking_range(lr_buffer, sizeof(lr_buffer),
1796                 lkul->session.opal_key.lr) < 0)
1797         return -ERANGE;
1798 
1799     switch (lkul->l_state) {
1800     case OPAL_RO:
1801         read_locked = 0;
1802         write_locked = 1;
1803         break;
1804     case OPAL_RW:
1805         read_locked = 0;
1806         write_locked = 0;
1807         break;
1808     case OPAL_LK:
1809         /* vars are initialized to locked */
1810         break;
1811     default:
1812         pr_debug("Tried to set an invalid locking state... returning to uland\n");
1813         return OPAL_INVAL_PARAM;
1814     }
1815 
1816     err = cmd_start(dev, lr_buffer, opalmethod[OPAL_SET]);
1817 
1818     add_token_u8(&err, dev, OPAL_STARTNAME);
1819     add_token_u8(&err, dev, OPAL_VALUES);
1820     add_token_u8(&err, dev, OPAL_STARTLIST);
1821 
1822     add_token_u8(&err, dev, OPAL_STARTNAME);
1823     add_token_u8(&err, dev, OPAL_READLOCKED);
1824     add_token_u8(&err, dev, read_locked);
1825     add_token_u8(&err, dev, OPAL_ENDNAME);
1826 
1827     add_token_u8(&err, dev, OPAL_STARTNAME);
1828     add_token_u8(&err, dev, OPAL_WRITELOCKED);
1829     add_token_u8(&err, dev, write_locked);
1830     add_token_u8(&err, dev, OPAL_ENDNAME);
1831 
1832     add_token_u8(&err, dev, OPAL_ENDLIST);
1833     add_token_u8(&err, dev, OPAL_ENDNAME);
1834 
1835     if (err) {
1836         pr_debug("Error building SET command.\n");
1837         return err;
1838     }
1839 
1840     return finalize_and_send(dev, parse_and_check_status);
1841 }
1842 
1843 
1844 static int lock_unlock_locking_range_sum(struct opal_dev *dev, void *data)
1845 {
1846     u8 lr_buffer[OPAL_UID_LENGTH];
1847     u8 read_locked = 1, write_locked = 1;
1848     struct opal_lock_unlock *lkul = data;
1849     int ret;
1850 
1851     clear_opal_cmd(dev);
1852     set_comid(dev, dev->comid);
1853 
1854     if (build_locking_range(lr_buffer, sizeof(lr_buffer),
1855                 lkul->session.opal_key.lr) < 0)
1856         return -ERANGE;
1857 
1858     switch (lkul->l_state) {
1859     case OPAL_RO:
1860         read_locked = 0;
1861         write_locked = 1;
1862         break;
1863     case OPAL_RW:
1864         read_locked = 0;
1865         write_locked = 0;
1866         break;
1867     case OPAL_LK:
1868         /* vars are initialized to locked */
1869         break;
1870     default:
1871         pr_debug("Tried to set an invalid locking state.\n");
1872         return OPAL_INVAL_PARAM;
1873     }
1874     ret = generic_lr_enable_disable(dev, lr_buffer, 1, 1,
1875                     read_locked, write_locked);
1876 
1877     if (ret < 0) {
1878         pr_debug("Error building SET command.\n");
1879         return ret;
1880     }
1881 
1882     return finalize_and_send(dev, parse_and_check_status);
1883 }
1884 
1885 static int activate_lsp(struct opal_dev *dev, void *data)
1886 {
1887     struct opal_lr_act *opal_act = data;
1888     u8 user_lr[OPAL_UID_LENGTH];
1889     int err, i;
1890 
1891     err = cmd_start(dev, opaluid[OPAL_LOCKINGSP_UID],
1892             opalmethod[OPAL_ACTIVATE]);
1893 
1894     if (opal_act->sum) {
1895         err = build_locking_range(user_lr, sizeof(user_lr),
1896                       opal_act->lr[0]);
1897         if (err)
1898             return err;
1899 
1900         add_token_u8(&err, dev, OPAL_STARTNAME);
1901         add_token_u64(&err, dev, OPAL_SUM_SET_LIST);
1902 
1903         add_token_u8(&err, dev, OPAL_STARTLIST);
1904         add_token_bytestring(&err, dev, user_lr, OPAL_UID_LENGTH);
1905         for (i = 1; i < opal_act->num_lrs; i++) {
1906             user_lr[7] = opal_act->lr[i];
1907             add_token_bytestring(&err, dev, user_lr, OPAL_UID_LENGTH);
1908         }
1909         add_token_u8(&err, dev, OPAL_ENDLIST);
1910         add_token_u8(&err, dev, OPAL_ENDNAME);
1911     }
1912 
1913     if (err) {
1914         pr_debug("Error building Activate LockingSP command.\n");
1915         return err;
1916     }
1917 
1918     return finalize_and_send(dev, parse_and_check_status);
1919 }
1920 
1921 /* Determine if we're in the Manufactured Inactive or Active state */
1922 static int get_lsp_lifecycle(struct opal_dev *dev, void *data)
1923 {
1924     u8 lc_status;
1925     int err;
1926 
1927     err = generic_get_column(dev, opaluid[OPAL_LOCKINGSP_UID],
1928                  OPAL_LIFECYCLE);
1929     if (err)
1930         return err;
1931 
1932     lc_status = response_get_u64(&dev->parsed, 4);
1933     /* 0x08 is Manufactured Inactive */
1934     /* 0x09 is Manufactured */
1935     if (lc_status != OPAL_MANUFACTURED_INACTIVE) {
1936         pr_debug("Couldn't determine the status of the Lifecycle state\n");
1937         return -ENODEV;
1938     }
1939 
1940     return 0;
1941 }
1942 
1943 static int get_msid_cpin_pin(struct opal_dev *dev, void *data)
1944 {
1945     const char *msid_pin;
1946     size_t strlen;
1947     int err;
1948 
1949     err = generic_get_column(dev, opaluid[OPAL_C_PIN_MSID], OPAL_PIN);
1950     if (err)
1951         return err;
1952 
1953     strlen = response_get_string(&dev->parsed, 4, &msid_pin);
1954     if (!msid_pin) {
1955         pr_debug("Couldn't extract MSID_CPIN from response\n");
1956         return OPAL_INVAL_PARAM;
1957     }
1958 
1959     dev->prev_data = kmemdup(msid_pin, strlen, GFP_KERNEL);
1960     if (!dev->prev_data)
1961         return -ENOMEM;
1962 
1963     dev->prev_d_len = strlen;
1964 
1965     return 0;
1966 }
1967 
1968 static int write_table_data(struct opal_dev *dev, void *data)
1969 {
1970     struct opal_read_write_table *write_tbl = data;
1971 
1972     return generic_table_write_data(dev, write_tbl->data, write_tbl->offset,
1973                     write_tbl->size, write_tbl->table_uid);
1974 }
1975 
1976 static int read_table_data_cont(struct opal_dev *dev)
1977 {
1978     int err;
1979     const char *data_read;
1980 
1981     err = parse_and_check_status(dev);
1982     if (err)
1983         return err;
1984 
1985     dev->prev_d_len = response_get_string(&dev->parsed, 1, &data_read);
1986     dev->prev_data = (void *)data_read;
1987     if (!dev->prev_data) {
1988         pr_debug("%s: Couldn't read data from the table.\n", __func__);
1989         return OPAL_INVAL_PARAM;
1990     }
1991 
1992     return 0;
1993 }
1994 
1995 /*
1996  * IO_BUFFER_LENGTH = 2048
1997  * sizeof(header) = 56
1998  * No. of Token Bytes in the Response = 11
1999  * MAX size of data that can be carried in response buffer
2000  * at a time is : 2048 - (56 + 11) = 1981 = 0x7BD.
2001  */
2002 #define OPAL_MAX_READ_TABLE (0x7BD)
2003 
2004 static int read_table_data(struct opal_dev *dev, void *data)
2005 {
2006     struct opal_read_write_table *read_tbl = data;
2007     int err;
2008     size_t off = 0, max_read_size = OPAL_MAX_READ_TABLE;
2009     u64 table_len, len;
2010     u64 offset = read_tbl->offset, read_size = read_tbl->size - 1;
2011     u8 __user *dst;
2012 
2013     err = generic_get_table_info(dev, read_tbl->table_uid, OPAL_TABLE_ROWS);
2014     if (err) {
2015         pr_debug("Couldn't get the table size\n");
2016         return err;
2017     }
2018 
2019     table_len = response_get_u64(&dev->parsed, 4);
2020 
2021     /* Check if the user is trying to read from the table limits */
2022     if (read_size > table_len || offset > table_len - read_size) {
2023         pr_debug("Read size exceeds the Table size limits (%llu vs. %llu)\n",
2024               offset + read_size, table_len);
2025         return -EINVAL;
2026     }
2027 
2028     while (off < read_size) {
2029         err = cmd_start(dev, read_tbl->table_uid, opalmethod[OPAL_GET]);
2030 
2031         add_token_u8(&err, dev, OPAL_STARTLIST);
2032         add_token_u8(&err, dev, OPAL_STARTNAME);
2033         add_token_u8(&err, dev, OPAL_STARTROW);
2034         add_token_u64(&err, dev, offset + off); /* start row value */
2035         add_token_u8(&err, dev, OPAL_ENDNAME);
2036 
2037         add_token_u8(&err, dev, OPAL_STARTNAME);
2038         add_token_u8(&err, dev, OPAL_ENDROW);
2039 
2040         len = min(max_read_size, (size_t)(read_size - off));
2041         add_token_u64(&err, dev, offset + off + len); /* end row value
2042                                    */
2043         add_token_u8(&err, dev, OPAL_ENDNAME);
2044         add_token_u8(&err, dev, OPAL_ENDLIST);
2045 
2046         if (err) {
2047             pr_debug("Error building read table data command.\n");
2048             break;
2049         }
2050 
2051         err = finalize_and_send(dev, read_table_data_cont);
2052         if (err)
2053             break;
2054 
2055         /* len+1: This includes the NULL terminator at the end*/
2056         if (dev->prev_d_len > len + 1) {
2057             err = -EOVERFLOW;
2058             break;
2059         }
2060 
2061         dst = (u8 __user *)(uintptr_t)read_tbl->data;
2062         if (copy_to_user(dst + off, dev->prev_data, dev->prev_d_len)) {
2063             pr_debug("Error copying data to userspace\n");
2064             err = -EFAULT;
2065             break;
2066         }
2067         dev->prev_data = NULL;
2068 
2069         off += len;
2070     }
2071 
2072     return err;
2073 }
2074 
2075 static int end_opal_session(struct opal_dev *dev, void *data)
2076 {
2077     int err = 0;
2078 
2079     clear_opal_cmd(dev);
2080     set_comid(dev, dev->comid);
2081     add_token_u8(&err, dev, OPAL_ENDOFSESSION);
2082 
2083     if (err < 0)
2084         return err;
2085 
2086     return finalize_and_send(dev, end_session_cont);
2087 }
2088 
2089 static int end_opal_session_error(struct opal_dev *dev)
2090 {
2091     const struct opal_step error_end_session = {
2092         end_opal_session,
2093     };
2094 
2095     return execute_step(dev, &error_end_session, 0);
2096 }
2097 
2098 static inline void setup_opal_dev(struct opal_dev *dev)
2099 {
2100     dev->tsn = 0;
2101     dev->hsn = 0;
2102     dev->prev_data = NULL;
2103 }
2104 
2105 static int check_opal_support(struct opal_dev *dev)
2106 {
2107     int ret;
2108 
2109     mutex_lock(&dev->dev_lock);
2110     setup_opal_dev(dev);
2111     ret = opal_discovery0_step(dev);
2112     dev->supported = !ret;
2113     mutex_unlock(&dev->dev_lock);
2114 
2115     return ret;
2116 }
2117 
2118 static void clean_opal_dev(struct opal_dev *dev)
2119 {
2120 
2121     struct opal_suspend_data *suspend, *next;
2122 
2123     mutex_lock(&dev->dev_lock);
2124     list_for_each_entry_safe(suspend, next, &dev->unlk_lst, node) {
2125         list_del(&suspend->node);
2126         kfree(suspend);
2127     }
2128     mutex_unlock(&dev->dev_lock);
2129 }
2130 
2131 void free_opal_dev(struct opal_dev *dev)
2132 {
2133     if (!dev)
2134         return;
2135 
2136     clean_opal_dev(dev);
2137     kfree(dev);
2138 }
2139 EXPORT_SYMBOL(free_opal_dev);
2140 
2141 struct opal_dev *init_opal_dev(void *data, sec_send_recv *send_recv)
2142 {
2143     struct opal_dev *dev;
2144 
2145     dev = kmalloc(sizeof(*dev), GFP_KERNEL);
2146     if (!dev)
2147         return NULL;
2148 
2149     INIT_LIST_HEAD(&dev->unlk_lst);
2150     mutex_init(&dev->dev_lock);
2151     dev->data = data;
2152     dev->send_recv = send_recv;
2153     if (check_opal_support(dev) != 0) {
2154         pr_debug("Opal is not supported on this device\n");
2155         kfree(dev);
2156         return NULL;
2157     }
2158 
2159     return dev;
2160 }
2161 EXPORT_SYMBOL(init_opal_dev);
2162 
2163 static int opal_secure_erase_locking_range(struct opal_dev *dev,
2164                        struct opal_session_info *opal_session)
2165 {
2166     const struct opal_step erase_steps[] = {
2167         { start_auth_opal_session, opal_session },
2168         { get_active_key, &opal_session->opal_key.lr },
2169         { gen_key, },
2170         { end_opal_session, }
2171     };
2172     int ret;
2173 
2174     mutex_lock(&dev->dev_lock);
2175     setup_opal_dev(dev);
2176     ret = execute_steps(dev, erase_steps, ARRAY_SIZE(erase_steps));
2177     mutex_unlock(&dev->dev_lock);
2178 
2179     return ret;
2180 }
2181 
2182 static int opal_erase_locking_range(struct opal_dev *dev,
2183                     struct opal_session_info *opal_session)
2184 {
2185     const struct opal_step erase_steps[] = {
2186         { start_auth_opal_session, opal_session },
2187         { erase_locking_range, opal_session },
2188         { end_opal_session, }
2189     };
2190     int ret;
2191 
2192     mutex_lock(&dev->dev_lock);
2193     setup_opal_dev(dev);
2194     ret = execute_steps(dev, erase_steps, ARRAY_SIZE(erase_steps));
2195     mutex_unlock(&dev->dev_lock);
2196 
2197     return ret;
2198 }
2199 
2200 static int opal_enable_disable_shadow_mbr(struct opal_dev *dev,
2201                       struct opal_mbr_data *opal_mbr)
2202 {
2203     u8 enable_disable = opal_mbr->enable_disable == OPAL_MBR_ENABLE ?
2204         OPAL_TRUE : OPAL_FALSE;
2205 
2206     const struct opal_step mbr_steps[] = {
2207         { start_admin1LSP_opal_session, &opal_mbr->key },
2208         { set_mbr_done, &enable_disable },
2209         { end_opal_session, },
2210         { start_admin1LSP_opal_session, &opal_mbr->key },
2211         { set_mbr_enable_disable, &enable_disable },
2212         { end_opal_session, }
2213     };
2214     int ret;
2215 
2216     if (opal_mbr->enable_disable != OPAL_MBR_ENABLE &&
2217         opal_mbr->enable_disable != OPAL_MBR_DISABLE)
2218         return -EINVAL;
2219 
2220     mutex_lock(&dev->dev_lock);
2221     setup_opal_dev(dev);
2222     ret = execute_steps(dev, mbr_steps, ARRAY_SIZE(mbr_steps));
2223     mutex_unlock(&dev->dev_lock);
2224 
2225     return ret;
2226 }
2227 
2228 static int opal_set_mbr_done(struct opal_dev *dev,
2229                  struct opal_mbr_done *mbr_done)
2230 {
2231     u8 mbr_done_tf = mbr_done->done_flag == OPAL_MBR_DONE ?
2232         OPAL_TRUE : OPAL_FALSE;
2233 
2234     const struct opal_step mbr_steps[] = {
2235         { start_admin1LSP_opal_session, &mbr_done->key },
2236         { set_mbr_done, &mbr_done_tf },
2237         { end_opal_session, }
2238     };
2239     int ret;
2240 
2241     if (mbr_done->done_flag != OPAL_MBR_DONE &&
2242         mbr_done->done_flag != OPAL_MBR_NOT_DONE)
2243         return -EINVAL;
2244 
2245     mutex_lock(&dev->dev_lock);
2246     setup_opal_dev(dev);
2247     ret = execute_steps(dev, mbr_steps, ARRAY_SIZE(mbr_steps));
2248     mutex_unlock(&dev->dev_lock);
2249 
2250     return ret;
2251 }
2252 
2253 static int opal_write_shadow_mbr(struct opal_dev *dev,
2254                  struct opal_shadow_mbr *info)
2255 {
2256     const struct opal_step mbr_steps[] = {
2257         { start_admin1LSP_opal_session, &info->key },
2258         { write_shadow_mbr, info },
2259         { end_opal_session, }
2260     };
2261     int ret;
2262 
2263     if (info->size == 0)
2264         return 0;
2265 
2266     mutex_lock(&dev->dev_lock);
2267     setup_opal_dev(dev);
2268     ret = execute_steps(dev, mbr_steps, ARRAY_SIZE(mbr_steps));
2269     mutex_unlock(&dev->dev_lock);
2270 
2271     return ret;
2272 }
2273 
2274 static int opal_save(struct opal_dev *dev, struct opal_lock_unlock *lk_unlk)
2275 {
2276     struct opal_suspend_data *suspend;
2277 
2278     suspend = kzalloc(sizeof(*suspend), GFP_KERNEL);
2279     if (!suspend)
2280         return -ENOMEM;
2281 
2282     suspend->unlk = *lk_unlk;
2283     suspend->lr = lk_unlk->session.opal_key.lr;
2284 
2285     mutex_lock(&dev->dev_lock);
2286     setup_opal_dev(dev);
2287     add_suspend_info(dev, suspend);
2288     mutex_unlock(&dev->dev_lock);
2289 
2290     return 0;
2291 }
2292 
2293 static int opal_add_user_to_lr(struct opal_dev *dev,
2294                    struct opal_lock_unlock *lk_unlk)
2295 {
2296     const struct opal_step steps[] = {
2297         { start_admin1LSP_opal_session, &lk_unlk->session.opal_key },
2298         { add_user_to_lr, lk_unlk },
2299         { end_opal_session, }
2300     };
2301     int ret;
2302 
2303     if (lk_unlk->l_state != OPAL_RO &&
2304         lk_unlk->l_state != OPAL_RW) {
2305         pr_debug("Locking state was not RO or RW\n");
2306         return -EINVAL;
2307     }
2308 
2309     if (lk_unlk->session.who < OPAL_USER1 ||
2310         lk_unlk->session.who > OPAL_USER9) {
2311         pr_debug("Authority was not within the range of users: %d\n",
2312              lk_unlk->session.who);
2313         return -EINVAL;
2314     }
2315 
2316     if (lk_unlk->session.sum) {
2317         pr_debug("%s not supported in sum. Use setup locking range\n",
2318              __func__);
2319         return -EINVAL;
2320     }
2321 
2322     mutex_lock(&dev->dev_lock);
2323     setup_opal_dev(dev);
2324     ret = execute_steps(dev, steps, ARRAY_SIZE(steps));
2325     mutex_unlock(&dev->dev_lock);
2326 
2327     return ret;
2328 }
2329 
2330 static int opal_reverttper(struct opal_dev *dev, struct opal_key *opal, bool psid)
2331 {
2332     /* controller will terminate session */
2333     const struct opal_step revert_steps[] = {
2334         { start_SIDASP_opal_session, opal },
2335         { revert_tper, }
2336     };
2337     const struct opal_step psid_revert_steps[] = {
2338         { start_PSID_opal_session, opal },
2339         { revert_tper, }
2340     };
2341 
2342     int ret;
2343 
2344     mutex_lock(&dev->dev_lock);
2345     setup_opal_dev(dev);
2346     if (psid)
2347         ret = execute_steps(dev, psid_revert_steps,
2348                     ARRAY_SIZE(psid_revert_steps));
2349     else
2350         ret = execute_steps(dev, revert_steps,
2351                     ARRAY_SIZE(revert_steps));
2352     mutex_unlock(&dev->dev_lock);
2353 
2354     /*
2355      * If we successfully reverted lets clean
2356      * any saved locking ranges.
2357      */
2358     if (!ret)
2359         clean_opal_dev(dev);
2360 
2361     return ret;
2362 }
2363 
2364 static int __opal_lock_unlock(struct opal_dev *dev,
2365                   struct opal_lock_unlock *lk_unlk)
2366 {
2367     const struct opal_step unlock_steps[] = {
2368         { start_auth_opal_session, &lk_unlk->session },
2369         { lock_unlock_locking_range, lk_unlk },
2370         { end_opal_session, }
2371     };
2372     const struct opal_step unlock_sum_steps[] = {
2373         { start_auth_opal_session, &lk_unlk->session },
2374         { lock_unlock_locking_range_sum, lk_unlk },
2375         { end_opal_session, }
2376     };
2377 
2378     if (lk_unlk->session.sum)
2379         return execute_steps(dev, unlock_sum_steps,
2380                      ARRAY_SIZE(unlock_sum_steps));
2381     else
2382         return execute_steps(dev, unlock_steps,
2383                      ARRAY_SIZE(unlock_steps));
2384 }
2385 
2386 static int __opal_set_mbr_done(struct opal_dev *dev, struct opal_key *key)
2387 {
2388     u8 mbr_done_tf = OPAL_TRUE;
2389     const struct opal_step mbrdone_step[] = {
2390         { start_admin1LSP_opal_session, key },
2391         { set_mbr_done, &mbr_done_tf },
2392         { end_opal_session, }
2393     };
2394 
2395     return execute_steps(dev, mbrdone_step, ARRAY_SIZE(mbrdone_step));
2396 }
2397 
2398 static int opal_lock_unlock(struct opal_dev *dev,
2399                 struct opal_lock_unlock *lk_unlk)
2400 {
2401     int ret;
2402 
2403     if (lk_unlk->session.who > OPAL_USER9)
2404         return -EINVAL;
2405 
2406     mutex_lock(&dev->dev_lock);
2407     ret = __opal_lock_unlock(dev, lk_unlk);
2408     mutex_unlock(&dev->dev_lock);
2409 
2410     return ret;
2411 }
2412 
2413 static int opal_take_ownership(struct opal_dev *dev, struct opal_key *opal)
2414 {
2415     const struct opal_step owner_steps[] = {
2416         { start_anybodyASP_opal_session, },
2417         { get_msid_cpin_pin, },
2418         { end_opal_session, },
2419         { start_SIDASP_opal_session, opal },
2420         { set_sid_cpin_pin, opal },
2421         { end_opal_session, }
2422     };
2423     int ret;
2424 
2425     if (!dev)
2426         return -ENODEV;
2427 
2428     mutex_lock(&dev->dev_lock);
2429     setup_opal_dev(dev);
2430     ret = execute_steps(dev, owner_steps, ARRAY_SIZE(owner_steps));
2431     mutex_unlock(&dev->dev_lock);
2432 
2433     return ret;
2434 }
2435 
2436 static int opal_activate_lsp(struct opal_dev *dev,
2437                  struct opal_lr_act *opal_lr_act)
2438 {
2439     const struct opal_step active_steps[] = {
2440         { start_SIDASP_opal_session, &opal_lr_act->key },
2441         { get_lsp_lifecycle, },
2442         { activate_lsp, opal_lr_act },
2443         { end_opal_session, }
2444     };
2445     int ret;
2446 
2447     if (!opal_lr_act->num_lrs || opal_lr_act->num_lrs > OPAL_MAX_LRS)
2448         return -EINVAL;
2449 
2450     mutex_lock(&dev->dev_lock);
2451     setup_opal_dev(dev);
2452     ret = execute_steps(dev, active_steps, ARRAY_SIZE(active_steps));
2453     mutex_unlock(&dev->dev_lock);
2454 
2455     return ret;
2456 }
2457 
2458 static int opal_setup_locking_range(struct opal_dev *dev,
2459                     struct opal_user_lr_setup *opal_lrs)
2460 {
2461     const struct opal_step lr_steps[] = {
2462         { start_auth_opal_session, &opal_lrs->session },
2463         { setup_locking_range, opal_lrs },
2464         { end_opal_session, }
2465     };
2466     int ret;
2467 
2468     mutex_lock(&dev->dev_lock);
2469     setup_opal_dev(dev);
2470     ret = execute_steps(dev, lr_steps, ARRAY_SIZE(lr_steps));
2471     mutex_unlock(&dev->dev_lock);
2472 
2473     return ret;
2474 }
2475 
2476 static int opal_set_new_pw(struct opal_dev *dev, struct opal_new_pw *opal_pw)
2477 {
2478     const struct opal_step pw_steps[] = {
2479         { start_auth_opal_session, &opal_pw->session },
2480         { set_new_pw, &opal_pw->new_user_pw },
2481         { end_opal_session, }
2482     };
2483     int ret;
2484 
2485     if (opal_pw->session.who > OPAL_USER9  ||
2486         opal_pw->new_user_pw.who > OPAL_USER9)
2487         return -EINVAL;
2488 
2489     mutex_lock(&dev->dev_lock);
2490     setup_opal_dev(dev);
2491     ret = execute_steps(dev, pw_steps, ARRAY_SIZE(pw_steps));
2492     mutex_unlock(&dev->dev_lock);
2493 
2494     return ret;
2495 }
2496 
2497 static int opal_activate_user(struct opal_dev *dev,
2498                   struct opal_session_info *opal_session)
2499 {
2500     const struct opal_step act_steps[] = {
2501         { start_admin1LSP_opal_session, &opal_session->opal_key },
2502         { internal_activate_user, opal_session },
2503         { end_opal_session, }
2504     };
2505     int ret;
2506 
2507     /* We can't activate Admin1 it's active as manufactured */
2508     if (opal_session->who < OPAL_USER1 ||
2509         opal_session->who > OPAL_USER9) {
2510         pr_debug("Who was not a valid user: %d\n", opal_session->who);
2511         return -EINVAL;
2512     }
2513 
2514     mutex_lock(&dev->dev_lock);
2515     setup_opal_dev(dev);
2516     ret = execute_steps(dev, act_steps, ARRAY_SIZE(act_steps));
2517     mutex_unlock(&dev->dev_lock);
2518 
2519     return ret;
2520 }
2521 
2522 bool opal_unlock_from_suspend(struct opal_dev *dev)
2523 {
2524     struct opal_suspend_data *suspend;
2525     bool was_failure = false;
2526     int ret = 0;
2527 
2528     if (!dev)
2529         return false;
2530 
2531     if (!dev->supported)
2532         return false;
2533 
2534     mutex_lock(&dev->dev_lock);
2535     setup_opal_dev(dev);
2536 
2537     list_for_each_entry(suspend, &dev->unlk_lst, node) {
2538         dev->tsn = 0;
2539         dev->hsn = 0;
2540 
2541         ret = __opal_lock_unlock(dev, &suspend->unlk);
2542         if (ret) {
2543             pr_debug("Failed to unlock LR %hhu with sum %d\n",
2544                  suspend->unlk.session.opal_key.lr,
2545                  suspend->unlk.session.sum);
2546             was_failure = true;
2547         }
2548 
2549         if (dev->mbr_enabled) {
2550             ret = __opal_set_mbr_done(dev, &suspend->unlk.session.opal_key);
2551             if (ret)
2552                 pr_debug("Failed to set MBR Done in S3 resume\n");
2553         }
2554     }
2555     mutex_unlock(&dev->dev_lock);
2556 
2557     return was_failure;
2558 }
2559 EXPORT_SYMBOL(opal_unlock_from_suspend);
2560 
2561 static int opal_read_table(struct opal_dev *dev,
2562                struct opal_read_write_table *rw_tbl)
2563 {
2564     const struct opal_step read_table_steps[] = {
2565         { start_admin1LSP_opal_session, &rw_tbl->key },
2566         { read_table_data, rw_tbl },
2567         { end_opal_session, }
2568     };
2569     int ret = 0;
2570 
2571     if (!rw_tbl->size)
2572         return ret;
2573 
2574     return execute_steps(dev, read_table_steps,
2575                  ARRAY_SIZE(read_table_steps));
2576 }
2577 
2578 static int opal_write_table(struct opal_dev *dev,
2579                 struct opal_read_write_table *rw_tbl)
2580 {
2581     const struct opal_step write_table_steps[] = {
2582         { start_admin1LSP_opal_session, &rw_tbl->key },
2583         { write_table_data, rw_tbl },
2584         { end_opal_session, }
2585     };
2586     int ret = 0;
2587 
2588     if (!rw_tbl->size)
2589         return ret;
2590 
2591     return execute_steps(dev, write_table_steps,
2592                  ARRAY_SIZE(write_table_steps));
2593 }
2594 
2595 static int opal_generic_read_write_table(struct opal_dev *dev,
2596                      struct opal_read_write_table *rw_tbl)
2597 {
2598     int ret, bit_set;
2599 
2600     mutex_lock(&dev->dev_lock);
2601     setup_opal_dev(dev);
2602 
2603     bit_set = fls64(rw_tbl->flags) - 1;
2604     switch (bit_set) {
2605     case OPAL_READ_TABLE:
2606         ret = opal_read_table(dev, rw_tbl);
2607         break;
2608     case OPAL_WRITE_TABLE:
2609         ret = opal_write_table(dev, rw_tbl);
2610         break;
2611     default:
2612         pr_debug("Invalid bit set in the flag (%016llx).\n",
2613              rw_tbl->flags);
2614         ret = -EINVAL;
2615         break;
2616     }
2617 
2618     mutex_unlock(&dev->dev_lock);
2619 
2620     return ret;
2621 }
2622 
2623 int sed_ioctl(struct opal_dev *dev, unsigned int cmd, void __user *arg)
2624 {
2625     void *p;
2626     int ret = -ENOTTY;
2627 
2628     if (!capable(CAP_SYS_ADMIN))
2629         return -EACCES;
2630     if (!dev)
2631         return -ENOTSUPP;
2632     if (!dev->supported)
2633         return -ENOTSUPP;
2634 
2635     p = memdup_user(arg, _IOC_SIZE(cmd));
2636     if (IS_ERR(p))
2637         return PTR_ERR(p);
2638 
2639     switch (cmd) {
2640     case IOC_OPAL_SAVE:
2641         ret = opal_save(dev, p);
2642         break;
2643     case IOC_OPAL_LOCK_UNLOCK:
2644         ret = opal_lock_unlock(dev, p);
2645         break;
2646     case IOC_OPAL_TAKE_OWNERSHIP:
2647         ret = opal_take_ownership(dev, p);
2648         break;
2649     case IOC_OPAL_ACTIVATE_LSP:
2650         ret = opal_activate_lsp(dev, p);
2651         break;
2652     case IOC_OPAL_SET_PW:
2653         ret = opal_set_new_pw(dev, p);
2654         break;
2655     case IOC_OPAL_ACTIVATE_USR:
2656         ret = opal_activate_user(dev, p);
2657         break;
2658     case IOC_OPAL_REVERT_TPR:
2659         ret = opal_reverttper(dev, p, false);
2660         break;
2661     case IOC_OPAL_LR_SETUP:
2662         ret = opal_setup_locking_range(dev, p);
2663         break;
2664     case IOC_OPAL_ADD_USR_TO_LR:
2665         ret = opal_add_user_to_lr(dev, p);
2666         break;
2667     case IOC_OPAL_ENABLE_DISABLE_MBR:
2668         ret = opal_enable_disable_shadow_mbr(dev, p);
2669         break;
2670     case IOC_OPAL_MBR_DONE:
2671         ret = opal_set_mbr_done(dev, p);
2672         break;
2673     case IOC_OPAL_WRITE_SHADOW_MBR:
2674         ret = opal_write_shadow_mbr(dev, p);
2675         break;
2676     case IOC_OPAL_ERASE_LR:
2677         ret = opal_erase_locking_range(dev, p);
2678         break;
2679     case IOC_OPAL_SECURE_ERASE_LR:
2680         ret = opal_secure_erase_locking_range(dev, p);
2681         break;
2682     case IOC_OPAL_PSID_REVERT_TPR:
2683         ret = opal_reverttper(dev, p, true);
2684         break;
2685     case IOC_OPAL_GENERIC_TABLE_RW:
2686         ret = opal_generic_read_write_table(dev, p);
2687         break;
2688     default:
2689         break;
2690     }
2691 
2692     kfree(p);
2693     return ret;
2694 }
2695 EXPORT_SYMBOL_GPL(sed_ioctl);