1// SPDX-License-Identifier: GPL-2.0 2/* 3 * Copyright (c) 2003-2020, Intel Corporation. All rights reserved. 4 * Intel Management Engine Interface (Intel MEI) Linux driver 5 */ 6 7#include <linux/sched/signal.h> 8#include <linux/wait.h> 9#include <linux/delay.h> 10#include <linux/slab.h> 11#include <linux/pm_runtime.h> 12 13#include <linux/mei.h> 14 15#include "mei_dev.h" 16#include "hbm.h" 17#include "client.h" 18 19/** 20 * mei_me_cl_init - initialize me client 21 * 22 * @me_cl: me client 23 */ 24void mei_me_cl_init(struct mei_me_client *me_cl) 25{ 26 INIT_LIST_HEAD(&me_cl->list); 27 kref_init(&me_cl->refcnt); 28} 29 30/** 31 * mei_me_cl_get - increases me client refcount 32 * 33 * @me_cl: me client 34 * 35 * Locking: called under "dev->device_lock" lock 36 * 37 * Return: me client or NULL 38 */ 39struct mei_me_client *mei_me_cl_get(struct mei_me_client *me_cl) 40{ 41 if (me_cl && kref_get_unless_zero(&me_cl->refcnt)) 42 return me_cl; 43 44 return NULL; 45} 46 47/** 48 * mei_me_cl_release - free me client 49 * 50 * Locking: called under "dev->device_lock" lock 51 * 52 * @ref: me_client refcount 53 */ 54static void mei_me_cl_release(struct kref *ref) 55{ 56 struct mei_me_client *me_cl = 57 container_of(ref, struct mei_me_client, refcnt); 58 59 kfree(me_cl); 60} 61 62/** 63 * mei_me_cl_put - decrease me client refcount and free client if necessary 64 * 65 * Locking: called under "dev->device_lock" lock 66 * 67 * @me_cl: me client 68 */ 69void mei_me_cl_put(struct mei_me_client *me_cl) 70{ 71 if (me_cl) 72 kref_put(&me_cl->refcnt, mei_me_cl_release); 73} 74 75/** 76 * __mei_me_cl_del - delete me client from the list and decrease 77 * reference counter 78 * 79 * @dev: mei device 80 * @me_cl: me client 81 * 82 * Locking: dev->me_clients_rwsem 83 */ 84static void __mei_me_cl_del(struct mei_device *dev, struct mei_me_client *me_cl) 85{ 86 if (!me_cl) 87 return; 88 89 list_del_init(&me_cl->list); 90 mei_me_cl_put(me_cl); 91} 92 93/** 94 * mei_me_cl_del - delete me client from the list and decrease 95 * reference counter 96 * 97 * @dev: mei device 98 * @me_cl: me client 99 */ 100void mei_me_cl_del(struct mei_device *dev, struct mei_me_client *me_cl) 101{ 102 down_write(&dev->me_clients_rwsem); 103 __mei_me_cl_del(dev, me_cl); 104 up_write(&dev->me_clients_rwsem); 105} 106 107/** 108 * mei_me_cl_add - add me client to the list 109 * 110 * @dev: mei device 111 * @me_cl: me client 112 */ 113void mei_me_cl_add(struct mei_device *dev, struct mei_me_client *me_cl) 114{ 115 down_write(&dev->me_clients_rwsem); 116 list_add(&me_cl->list, &dev->me_clients); 117 up_write(&dev->me_clients_rwsem); 118} 119 120/** 121 * __mei_me_cl_by_uuid - locate me client by uuid 122 * increases ref count 123 * 124 * @dev: mei device 125 * @uuid: me client uuid 126 * 127 * Return: me client or NULL if not found 128 * 129 * Locking: dev->me_clients_rwsem 130 */ 131static struct mei_me_client *__mei_me_cl_by_uuid(struct mei_device *dev, 132 const uuid_le *uuid) 133{ 134 struct mei_me_client *me_cl; 135 const uuid_le *pn; 136 137 WARN_ON(!rwsem_is_locked(&dev->me_clients_rwsem)); 138 139 list_for_each_entry(me_cl, &dev->me_clients, list) { 140 pn = &me_cl->props.protocol_name; 141 if (uuid_le_cmp(*uuid, *pn) == 0) 142 return mei_me_cl_get(me_cl); 143 } 144 145 return NULL; 146} 147 148/** 149 * mei_me_cl_by_uuid - locate me client by uuid 150 * increases ref count 151 * 152 * @dev: mei device 153 * @uuid: me client uuid 154 * 155 * Return: me client or NULL if not found 156 * 157 * Locking: dev->me_clients_rwsem 158 */ 159struct mei_me_client *mei_me_cl_by_uuid(struct mei_device *dev, 160 const uuid_le *uuid) 161{ 162 struct mei_me_client *me_cl; 163 164 down_read(&dev->me_clients_rwsem); 165 me_cl = __mei_me_cl_by_uuid(dev, uuid); 166 up_read(&dev->me_clients_rwsem); 167 168 return me_cl; 169} 170 171/** 172 * mei_me_cl_by_id - locate me client by client id 173 * increases ref count 174 * 175 * @dev: the device structure 176 * @client_id: me client id 177 * 178 * Return: me client or NULL if not found 179 * 180 * Locking: dev->me_clients_rwsem 181 */ 182struct mei_me_client *mei_me_cl_by_id(struct mei_device *dev, u8 client_id) 183{ 184 185 struct mei_me_client *__me_cl, *me_cl = NULL; 186 187 down_read(&dev->me_clients_rwsem); 188 list_for_each_entry(__me_cl, &dev->me_clients, list) { 189 if (__me_cl->client_id == client_id) { 190 me_cl = mei_me_cl_get(__me_cl); 191 break; 192 } 193 } 194 up_read(&dev->me_clients_rwsem); 195 196 return me_cl; 197} 198 199/** 200 * __mei_me_cl_by_uuid_id - locate me client by client id and uuid 201 * increases ref count 202 * 203 * @dev: the device structure 204 * @uuid: me client uuid 205 * @client_id: me client id 206 * 207 * Return: me client or null if not found 208 * 209 * Locking: dev->me_clients_rwsem 210 */ 211static struct mei_me_client *__mei_me_cl_by_uuid_id(struct mei_device *dev, 212 const uuid_le *uuid, u8 client_id) 213{ 214 struct mei_me_client *me_cl; 215 const uuid_le *pn; 216 217 WARN_ON(!rwsem_is_locked(&dev->me_clients_rwsem)); 218 219 list_for_each_entry(me_cl, &dev->me_clients, list) { 220 pn = &me_cl->props.protocol_name; 221 if (uuid_le_cmp(*uuid, *pn) == 0 && 222 me_cl->client_id == client_id) 223 return mei_me_cl_get(me_cl); 224 } 225 226 return NULL; 227} 228 229 230/** 231 * mei_me_cl_by_uuid_id - locate me client by client id and uuid 232 * increases ref count 233 * 234 * @dev: the device structure 235 * @uuid: me client uuid 236 * @client_id: me client id 237 * 238 * Return: me client or null if not found 239 */ 240struct mei_me_client *mei_me_cl_by_uuid_id(struct mei_device *dev, 241 const uuid_le *uuid, u8 client_id) 242{ 243 struct mei_me_client *me_cl; 244 245 down_read(&dev->me_clients_rwsem); 246 me_cl = __mei_me_cl_by_uuid_id(dev, uuid, client_id); 247 up_read(&dev->me_clients_rwsem); 248 249 return me_cl; 250} 251 252/** 253 * mei_me_cl_rm_by_uuid - remove all me clients matching uuid 254 * 255 * @dev: the device structure 256 * @uuid: me client uuid 257 * 258 * Locking: called under "dev->device_lock" lock 259 */ 260void mei_me_cl_rm_by_uuid(struct mei_device *dev, const uuid_le *uuid) 261{ 262 struct mei_me_client *me_cl; 263 264 dev_dbg(dev->dev, "remove %pUl\n", uuid); 265 266 down_write(&dev->me_clients_rwsem); 267 me_cl = __mei_me_cl_by_uuid(dev, uuid); 268 __mei_me_cl_del(dev, me_cl); 269 mei_me_cl_put(me_cl); 270 up_write(&dev->me_clients_rwsem); 271} 272 273/** 274 * mei_me_cl_rm_by_uuid_id - remove all me clients matching client id 275 * 276 * @dev: the device structure 277 * @uuid: me client uuid 278 * @id: me client id 279 * 280 * Locking: called under "dev->device_lock" lock 281 */ 282void mei_me_cl_rm_by_uuid_id(struct mei_device *dev, const uuid_le *uuid, u8 id) 283{ 284 struct mei_me_client *me_cl; 285 286 dev_dbg(dev->dev, "remove %pUl %d\n", uuid, id); 287 288 down_write(&dev->me_clients_rwsem); 289 me_cl = __mei_me_cl_by_uuid_id(dev, uuid, id); 290 __mei_me_cl_del(dev, me_cl); 291 mei_me_cl_put(me_cl); 292 up_write(&dev->me_clients_rwsem); 293} 294 295/** 296 * mei_me_cl_rm_all - remove all me clients 297 * 298 * @dev: the device structure 299 * 300 * Locking: called under "dev->device_lock" lock 301 */ 302void mei_me_cl_rm_all(struct mei_device *dev) 303{ 304 struct mei_me_client *me_cl, *next; 305 306 down_write(&dev->me_clients_rwsem); 307 list_for_each_entry_safe(me_cl, next, &dev->me_clients, list) 308 __mei_me_cl_del(dev, me_cl); 309 up_write(&dev->me_clients_rwsem); 310} 311 312/** 313 * mei_io_cb_free - free mei_cb_private related memory 314 * 315 * @cb: mei callback struct 316 */ 317void mei_io_cb_free(struct mei_cl_cb *cb) 318{ 319 if (cb == NULL) 320 return; 321 322 list_del(&cb->list); 323 kfree(cb->buf.data); 324 kfree(cb); 325} 326 327/** 328 * mei_tx_cb_queue - queue tx callback 329 * 330 * Locking: called under "dev->device_lock" lock 331 * 332 * @cb: mei callback struct 333 * @head: an instance of list to queue on 334 */ 335static inline void mei_tx_cb_enqueue(struct mei_cl_cb *cb, 336 struct list_head *head) 337{ 338 list_add_tail(&cb->list, head); 339 cb->cl->tx_cb_queued++; 340} 341 342/** 343 * mei_tx_cb_dequeue - dequeue tx callback 344 * 345 * Locking: called under "dev->device_lock" lock 346 * 347 * @cb: mei callback struct to dequeue and free 348 */ 349static inline void mei_tx_cb_dequeue(struct mei_cl_cb *cb) 350{ 351 if (!WARN_ON(cb->cl->tx_cb_queued == 0)) 352 cb->cl->tx_cb_queued--; 353 354 mei_io_cb_free(cb); 355} 356 357/** 358 * mei_cl_set_read_by_fp - set pending_read flag to vtag struct for given fp 359 * 360 * Locking: called under "dev->device_lock" lock 361 * 362 * @cl: mei client 363 * @fp: pointer to file structure 364 */ 365static void mei_cl_set_read_by_fp(const struct mei_cl *cl, 366 const struct file *fp) 367{ 368 struct mei_cl_vtag *cl_vtag; 369 370 list_for_each_entry(cl_vtag, &cl->vtag_map, list) { 371 if (cl_vtag->fp == fp) { 372 cl_vtag->pending_read = true; 373 return; 374 } 375 } 376} 377 378/** 379 * mei_io_cb_init - allocate and initialize io callback 380 * 381 * @cl: mei client 382 * @type: operation type 383 * @fp: pointer to file structure 384 * 385 * Return: mei_cl_cb pointer or NULL; 386 */ 387static struct mei_cl_cb *mei_io_cb_init(struct mei_cl *cl, 388 enum mei_cb_file_ops type, 389 const struct file *fp) 390{ 391 struct mei_cl_cb *cb; 392 393 cb = kzalloc(sizeof(*cb), GFP_KERNEL); 394 if (!cb) 395 return NULL; 396 397 INIT_LIST_HEAD(&cb->list); 398 cb->fp = fp; 399 cb->cl = cl; 400 cb->buf_idx = 0; 401 cb->fop_type = type; 402 cb->vtag = 0; 403 404 return cb; 405} 406 407/** 408 * mei_io_list_flush_cl - removes cbs belonging to the cl. 409 * 410 * @head: an instance of our list structure 411 * @cl: host client 412 */ 413static void mei_io_list_flush_cl(struct list_head *head, 414 const struct mei_cl *cl) 415{ 416 struct mei_cl_cb *cb, *next; 417 418 list_for_each_entry_safe(cb, next, head, list) { 419 if (cl == cb->cl) { 420 list_del_init(&cb->list); 421 if (cb->fop_type == MEI_FOP_READ) 422 mei_io_cb_free(cb); 423 } 424 } 425} 426 427/** 428 * mei_io_tx_list_free_cl - removes cb belonging to the cl and free them 429 * 430 * @head: An instance of our list structure 431 * @cl: host client 432 * @fp: file pointer (matching cb file object), may be NULL 433 */ 434static void mei_io_tx_list_free_cl(struct list_head *head, 435 const struct mei_cl *cl, 436 const struct file *fp) 437{ 438 struct mei_cl_cb *cb, *next; 439 440 list_for_each_entry_safe(cb, next, head, list) { 441 if (cl == cb->cl && (!fp || fp == cb->fp)) 442 mei_tx_cb_dequeue(cb); 443 } 444} 445 446/** 447 * mei_io_list_free_fp - free cb from a list that matches file pointer 448 * 449 * @head: io list 450 * @fp: file pointer (matching cb file object), may be NULL 451 */ 452static void mei_io_list_free_fp(struct list_head *head, const struct file *fp) 453{ 454 struct mei_cl_cb *cb, *next; 455 456 list_for_each_entry_safe(cb, next, head, list) 457 if (!fp || fp == cb->fp) 458 mei_io_cb_free(cb); 459} 460 461/** 462 * mei_cl_free_pending - free pending cb 463 * 464 * @cl: host client 465 */ 466static void mei_cl_free_pending(struct mei_cl *cl) 467{ 468 struct mei_cl_cb *cb; 469 470 cb = list_first_entry_or_null(&cl->rd_pending, struct mei_cl_cb, list); 471 mei_io_cb_free(cb); 472} 473 474/** 475 * mei_cl_alloc_cb - a convenient wrapper for allocating read cb 476 * 477 * @cl: host client 478 * @length: size of the buffer 479 * @fop_type: operation type 480 * @fp: associated file pointer (might be NULL) 481 * 482 * Return: cb on success and NULL on failure 483 */ 484struct mei_cl_cb *mei_cl_alloc_cb(struct mei_cl *cl, size_t length, 485 enum mei_cb_file_ops fop_type, 486 const struct file *fp) 487{ 488 struct mei_cl_cb *cb; 489 490 cb = mei_io_cb_init(cl, fop_type, fp); 491 if (!cb) 492 return NULL; 493 494 if (length == 0) 495 return cb; 496 497 cb->buf.data = kmalloc(roundup(length, MEI_SLOT_SIZE), GFP_KERNEL); 498 if (!cb->buf.data) { 499 mei_io_cb_free(cb); 500 return NULL; 501 } 502 cb->buf.size = length; 503 504 return cb; 505} 506 507/** 508 * mei_cl_enqueue_ctrl_wr_cb - a convenient wrapper for allocating 509 * and enqueuing of the control commands cb 510 * 511 * @cl: host client 512 * @length: size of the buffer 513 * @fop_type: operation type 514 * @fp: associated file pointer (might be NULL) 515 * 516 * Return: cb on success and NULL on failure 517 * Locking: called under "dev->device_lock" lock 518 */ 519struct mei_cl_cb *mei_cl_enqueue_ctrl_wr_cb(struct mei_cl *cl, size_t length, 520 enum mei_cb_file_ops fop_type, 521 const struct file *fp) 522{ 523 struct mei_cl_cb *cb; 524 525 /* for RX always allocate at least client's mtu */ 526 if (length) 527 length = max_t(size_t, length, mei_cl_mtu(cl)); 528 529 cb = mei_cl_alloc_cb(cl, length, fop_type, fp); 530 if (!cb) 531 return NULL; 532 533 list_add_tail(&cb->list, &cl->dev->ctrl_wr_list); 534 return cb; 535} 536 537/** 538 * mei_cl_read_cb - find this cl's callback in the read list 539 * for a specific file 540 * 541 * @cl: host client 542 * @fp: file pointer (matching cb file object), may be NULL 543 * 544 * Return: cb on success, NULL if cb is not found 545 */ 546struct mei_cl_cb *mei_cl_read_cb(struct mei_cl *cl, const struct file *fp) 547{ 548 struct mei_cl_cb *cb; 549 struct mei_cl_cb *ret_cb = NULL; 550 551 spin_lock(&cl->rd_completed_lock); 552 list_for_each_entry(cb, &cl->rd_completed, list) 553 if (!fp || fp == cb->fp) { 554 ret_cb = cb; 555 break; 556 } 557 spin_unlock(&cl->rd_completed_lock); 558 return ret_cb; 559} 560 561/** 562 * mei_cl_flush_queues - flushes queue lists belonging to cl. 563 * 564 * @cl: host client 565 * @fp: file pointer (matching cb file object), may be NULL 566 * 567 * Return: 0 on success, -EINVAL if cl or cl->dev is NULL. 568 */ 569int mei_cl_flush_queues(struct mei_cl *cl, const struct file *fp) 570{ 571 struct mei_device *dev; 572 573 if (WARN_ON(!cl || !cl->dev)) 574 return -EINVAL; 575 576 dev = cl->dev; 577 578 cl_dbg(dev, cl, "remove list entry belonging to cl\n"); 579 mei_io_tx_list_free_cl(&cl->dev->write_list, cl, fp); 580 mei_io_tx_list_free_cl(&cl->dev->write_waiting_list, cl, fp); 581 /* free pending and control cb only in final flush */ 582 if (!fp) { 583 mei_io_list_flush_cl(&cl->dev->ctrl_wr_list, cl); 584 mei_io_list_flush_cl(&cl->dev->ctrl_rd_list, cl); 585 mei_cl_free_pending(cl); 586 } 587 spin_lock(&cl->rd_completed_lock); 588 mei_io_list_free_fp(&cl->rd_completed, fp); 589 spin_unlock(&cl->rd_completed_lock); 590 591 return 0; 592} 593 594/** 595 * mei_cl_init - initializes cl. 596 * 597 * @cl: host client to be initialized 598 * @dev: mei device 599 */ 600static void mei_cl_init(struct mei_cl *cl, struct mei_device *dev) 601{ 602 memset(cl, 0, sizeof(*cl)); 603 init_waitqueue_head(&cl->wait); 604 init_waitqueue_head(&cl->rx_wait); 605 init_waitqueue_head(&cl->tx_wait); 606 init_waitqueue_head(&cl->ev_wait); 607 INIT_LIST_HEAD(&cl->vtag_map); 608 spin_lock_init(&cl->rd_completed_lock); 609 INIT_LIST_HEAD(&cl->rd_completed); 610 INIT_LIST_HEAD(&cl->rd_pending); 611 INIT_LIST_HEAD(&cl->link); 612 cl->writing_state = MEI_IDLE; 613 cl->state = MEI_FILE_UNINITIALIZED; 614 cl->dev = dev; 615} 616 617/** 618 * mei_cl_allocate - allocates cl structure and sets it up. 619 * 620 * @dev: mei device 621 * Return: The allocated file or NULL on failure 622 */ 623struct mei_cl *mei_cl_allocate(struct mei_device *dev) 624{ 625 struct mei_cl *cl; 626 627 cl = kmalloc(sizeof(*cl), GFP_KERNEL); 628 if (!cl) 629 return NULL; 630 631 mei_cl_init(cl, dev); 632 633 return cl; 634} 635 636/** 637 * mei_cl_link - allocate host id in the host map 638 * 639 * @cl: host client 640 * 641 * Return: 0 on success 642 * -EINVAL on incorrect values 643 * -EMFILE if open count exceeded. 644 */ 645int mei_cl_link(struct mei_cl *cl) 646{ 647 struct mei_device *dev; 648 int id; 649 650 if (WARN_ON(!cl || !cl->dev)) 651 return -EINVAL; 652 653 dev = cl->dev; 654 655 id = find_first_zero_bit(dev->host_clients_map, MEI_CLIENTS_MAX); 656 if (id >= MEI_CLIENTS_MAX) { 657 dev_err(dev->dev, "id exceeded %d", MEI_CLIENTS_MAX); 658 return -EMFILE; 659 } 660 661 if (dev->open_handle_count >= MEI_MAX_OPEN_HANDLE_COUNT) { 662 dev_err(dev->dev, "open_handle_count exceeded %d", 663 MEI_MAX_OPEN_HANDLE_COUNT); 664 return -EMFILE; 665 } 666 667 dev->open_handle_count++; 668 669 cl->host_client_id = id; 670 list_add_tail(&cl->link, &dev->file_list); 671 672 set_bit(id, dev->host_clients_map); 673 674 cl->state = MEI_FILE_INITIALIZING; 675 676 cl_dbg(dev, cl, "link cl\n"); 677 return 0; 678} 679 680/** 681 * mei_cl_unlink - remove host client from the list 682 * 683 * @cl: host client 684 * 685 * Return: always 0 686 */ 687int mei_cl_unlink(struct mei_cl *cl) 688{ 689 struct mei_device *dev; 690 691 /* don't shout on error exit path */ 692 if (!cl) 693 return 0; 694 695 if (WARN_ON(!cl->dev)) 696 return 0; 697 698 dev = cl->dev; 699 700 cl_dbg(dev, cl, "unlink client"); 701 702 if (dev->open_handle_count > 0) 703 dev->open_handle_count--; 704 705 /* never clear the 0 bit */ 706 if (cl->host_client_id) 707 clear_bit(cl->host_client_id, dev->host_clients_map); 708 709 list_del_init(&cl->link); 710 711 cl->state = MEI_FILE_UNINITIALIZED; 712 cl->writing_state = MEI_IDLE; 713 714 WARN_ON(!list_empty(&cl->rd_completed) || 715 !list_empty(&cl->rd_pending) || 716 !list_empty(&cl->link)); 717 718 return 0; 719} 720 721void mei_host_client_init(struct mei_device *dev) 722{ 723 mei_set_devstate(dev, MEI_DEV_ENABLED); 724 dev->reset_count = 0; 725 726 schedule_work(&dev->bus_rescan_work); 727 728 pm_runtime_mark_last_busy(dev->dev); 729 dev_dbg(dev->dev, "rpm: autosuspend\n"); 730 pm_request_autosuspend(dev->dev); 731} 732 733/** 734 * mei_hbuf_acquire - try to acquire host buffer 735 * 736 * @dev: the device structure 737 * Return: true if host buffer was acquired 738 */ 739bool mei_hbuf_acquire(struct mei_device *dev) 740{ 741 if (mei_pg_state(dev) == MEI_PG_ON || 742 mei_pg_in_transition(dev)) { 743 dev_dbg(dev->dev, "device is in pg\n"); 744 return false; 745 } 746 747 if (!dev->hbuf_is_ready) { 748 dev_dbg(dev->dev, "hbuf is not ready\n"); 749 return false; 750 } 751 752 dev->hbuf_is_ready = false; 753 754 return true; 755} 756 757/** 758 * mei_cl_wake_all - wake up readers, writers and event waiters so 759 * they can be interrupted 760 * 761 * @cl: host client 762 */ 763static void mei_cl_wake_all(struct mei_cl *cl) 764{ 765 struct mei_device *dev = cl->dev; 766 767 /* synchronized under device mutex */ 768 if (waitqueue_active(&cl->rx_wait)) { 769 cl_dbg(dev, cl, "Waking up reading client!\n"); 770 wake_up_interruptible(&cl->rx_wait); 771 } 772 /* synchronized under device mutex */ 773 if (waitqueue_active(&cl->tx_wait)) { 774 cl_dbg(dev, cl, "Waking up writing client!\n"); 775 wake_up_interruptible(&cl->tx_wait); 776 } 777 /* synchronized under device mutex */ 778 if (waitqueue_active(&cl->ev_wait)) { 779 cl_dbg(dev, cl, "Waking up waiting for event clients!\n"); 780 wake_up_interruptible(&cl->ev_wait); 781 } 782 /* synchronized under device mutex */ 783 if (waitqueue_active(&cl->wait)) { 784 cl_dbg(dev, cl, "Waking up ctrl write clients!\n"); 785 wake_up(&cl->wait); 786 } 787} 788 789/** 790 * mei_cl_set_disconnected - set disconnected state and clear 791 * associated states and resources 792 * 793 * @cl: host client 794 */ 795static void mei_cl_set_disconnected(struct mei_cl *cl) 796{ 797 struct mei_device *dev = cl->dev; 798 799 if (cl->state == MEI_FILE_DISCONNECTED || 800 cl->state <= MEI_FILE_INITIALIZING) 801 return; 802 803 cl->state = MEI_FILE_DISCONNECTED; 804 mei_io_tx_list_free_cl(&dev->write_list, cl, NULL); 805 mei_io_tx_list_free_cl(&dev->write_waiting_list, cl, NULL); 806 mei_io_list_flush_cl(&dev->ctrl_rd_list, cl); 807 mei_io_list_flush_cl(&dev->ctrl_wr_list, cl); 808 mei_cl_wake_all(cl); 809 cl->rx_flow_ctrl_creds = 0; 810 cl->tx_flow_ctrl_creds = 0; 811 cl->timer_count = 0; 812 813 if (!cl->me_cl) 814 return; 815 816 if (!WARN_ON(cl->me_cl->connect_count == 0)) 817 cl->me_cl->connect_count--; 818 819 if (cl->me_cl->connect_count == 0) 820 cl->me_cl->tx_flow_ctrl_creds = 0; 821 822 mei_me_cl_put(cl->me_cl); 823 cl->me_cl = NULL; 824} 825 826static int mei_cl_set_connecting(struct mei_cl *cl, struct mei_me_client *me_cl) 827{ 828 if (!mei_me_cl_get(me_cl)) 829 return -ENOENT; 830 831 /* only one connection is allowed for fixed address clients */ 832 if (me_cl->props.fixed_address) { 833 if (me_cl->connect_count) { 834 mei_me_cl_put(me_cl); 835 return -EBUSY; 836 } 837 } 838 839 cl->me_cl = me_cl; 840 cl->state = MEI_FILE_CONNECTING; 841 cl->me_cl->connect_count++; 842 843 return 0; 844} 845 846/* 847 * mei_cl_send_disconnect - send disconnect request 848 * 849 * @cl: host client 850 * @cb: callback block 851 * 852 * Return: 0, OK; otherwise, error. 853 */ 854static int mei_cl_send_disconnect(struct mei_cl *cl, struct mei_cl_cb *cb) 855{ 856 struct mei_device *dev; 857 int ret; 858 859 dev = cl->dev; 860 861 ret = mei_hbm_cl_disconnect_req(dev, cl); 862 cl->status = ret; 863 if (ret) { 864 cl->state = MEI_FILE_DISCONNECT_REPLY; 865 return ret; 866 } 867 868 list_move_tail(&cb->list, &dev->ctrl_rd_list); 869 cl->timer_count = MEI_CONNECT_TIMEOUT; 870 mei_schedule_stall_timer(dev); 871 872 return 0; 873} 874 875/** 876 * mei_cl_irq_disconnect - processes close related operation from 877 * interrupt thread context - send disconnect request 878 * 879 * @cl: client 880 * @cb: callback block. 881 * @cmpl_list: complete list. 882 * 883 * Return: 0, OK; otherwise, error. 884 */ 885int mei_cl_irq_disconnect(struct mei_cl *cl, struct mei_cl_cb *cb, 886 struct list_head *cmpl_list) 887{ 888 struct mei_device *dev = cl->dev; 889 u32 msg_slots; 890 int slots; 891 int ret; 892 893 msg_slots = mei_hbm2slots(sizeof(struct hbm_client_connect_request)); 894 slots = mei_hbuf_empty_slots(dev); 895 if (slots < 0) 896 return -EOVERFLOW; 897 898 if ((u32)slots < msg_slots) 899 return -EMSGSIZE; 900 901 ret = mei_cl_send_disconnect(cl, cb); 902 if (ret) 903 list_move_tail(&cb->list, cmpl_list); 904 905 return ret; 906} 907 908/** 909 * __mei_cl_disconnect - disconnect host client from the me one 910 * internal function runtime pm has to be already acquired 911 * 912 * @cl: host client 913 * 914 * Return: 0 on success, <0 on failure. 915 */ 916static int __mei_cl_disconnect(struct mei_cl *cl) 917{ 918 struct mei_device *dev; 919 struct mei_cl_cb *cb; 920 int rets; 921 922 dev = cl->dev; 923 924 cl->state = MEI_FILE_DISCONNECTING; 925 926 cb = mei_cl_enqueue_ctrl_wr_cb(cl, 0, MEI_FOP_DISCONNECT, NULL); 927 if (!cb) { 928 rets = -ENOMEM; 929 goto out; 930 } 931 932 if (mei_hbuf_acquire(dev)) { 933 rets = mei_cl_send_disconnect(cl, cb); 934 if (rets) { 935 cl_err(dev, cl, "failed to disconnect.\n"); 936 goto out; 937 } 938 } 939 940 mutex_unlock(&dev->device_lock); 941 wait_event_timeout(cl->wait, 942 cl->state == MEI_FILE_DISCONNECT_REPLY || 943 cl->state == MEI_FILE_DISCONNECTED, 944 mei_secs_to_jiffies(MEI_CL_CONNECT_TIMEOUT)); 945 mutex_lock(&dev->device_lock); 946 947 rets = cl->status; 948 if (cl->state != MEI_FILE_DISCONNECT_REPLY && 949 cl->state != MEI_FILE_DISCONNECTED) { 950 cl_dbg(dev, cl, "timeout on disconnect from FW client.\n"); 951 rets = -ETIME; 952 } 953 954out: 955 /* we disconnect also on error */ 956 mei_cl_set_disconnected(cl); 957 if (!rets) 958 cl_dbg(dev, cl, "successfully disconnected from FW client.\n"); 959 960 mei_io_cb_free(cb); 961 return rets; 962} 963 964/** 965 * mei_cl_disconnect - disconnect host client from the me one 966 * 967 * @cl: host client 968 * 969 * Locking: called under "dev->device_lock" lock 970 * 971 * Return: 0 on success, <0 on failure. 972 */ 973int mei_cl_disconnect(struct mei_cl *cl) 974{ 975 struct mei_device *dev; 976 int rets; 977 978 if (WARN_ON(!cl || !cl->dev)) 979 return -ENODEV; 980 981 dev = cl->dev; 982 983 cl_dbg(dev, cl, "disconnecting"); 984 985 if (!mei_cl_is_connected(cl)) 986 return 0; 987 988 if (mei_cl_is_fixed_address(cl)) { 989 mei_cl_set_disconnected(cl); 990 return 0; 991 } 992 993 if (dev->dev_state == MEI_DEV_POWER_DOWN) { 994 cl_dbg(dev, cl, "Device is powering down, don't bother with disconnection\n"); 995 mei_cl_set_disconnected(cl); 996 return 0; 997 } 998 999 rets = pm_runtime_get(dev->dev); 1000 if (rets < 0 && rets != -EINPROGRESS) { 1001 pm_runtime_put_noidle(dev->dev); 1002 cl_err(dev, cl, "rpm: get failed %d\n", rets); 1003 return rets; 1004 } 1005 1006 rets = __mei_cl_disconnect(cl); 1007 1008 cl_dbg(dev, cl, "rpm: autosuspend\n"); 1009 pm_runtime_mark_last_busy(dev->dev); 1010 pm_runtime_put_autosuspend(dev->dev); 1011 1012 return rets; 1013} 1014 1015 1016/** 1017 * mei_cl_is_other_connecting - checks if other 1018 * client with the same me client id is connecting 1019 * 1020 * @cl: private data of the file object 1021 * 1022 * Return: true if other client is connected, false - otherwise. 1023 */ 1024static bool mei_cl_is_other_connecting(struct mei_cl *cl) 1025{ 1026 struct mei_device *dev; 1027 struct mei_cl_cb *cb; 1028 1029 dev = cl->dev; 1030 1031 list_for_each_entry(cb, &dev->ctrl_rd_list, list) { 1032 if (cb->fop_type == MEI_FOP_CONNECT && 1033 mei_cl_me_id(cl) == mei_cl_me_id(cb->cl)) 1034 return true; 1035 } 1036 1037 return false; 1038} 1039 1040/** 1041 * mei_cl_send_connect - send connect request 1042 * 1043 * @cl: host client 1044 * @cb: callback block 1045 * 1046 * Return: 0, OK; otherwise, error. 1047 */ 1048static int mei_cl_send_connect(struct mei_cl *cl, struct mei_cl_cb *cb) 1049{ 1050 struct mei_device *dev; 1051 int ret; 1052 1053 dev = cl->dev; 1054 1055 ret = mei_hbm_cl_connect_req(dev, cl); 1056 cl->status = ret; 1057 if (ret) { 1058 cl->state = MEI_FILE_DISCONNECT_REPLY; 1059 return ret; 1060 } 1061 1062 list_move_tail(&cb->list, &dev->ctrl_rd_list); 1063 cl->timer_count = MEI_CONNECT_TIMEOUT; 1064 mei_schedule_stall_timer(dev); 1065 return 0; 1066} 1067 1068/** 1069 * mei_cl_irq_connect - send connect request in irq_thread context 1070 * 1071 * @cl: host client 1072 * @cb: callback block 1073 * @cmpl_list: complete list 1074 * 1075 * Return: 0, OK; otherwise, error. 1076 */ 1077int mei_cl_irq_connect(struct mei_cl *cl, struct mei_cl_cb *cb, 1078 struct list_head *cmpl_list) 1079{ 1080 struct mei_device *dev = cl->dev; 1081 u32 msg_slots; 1082 int slots; 1083 int rets; 1084 1085 if (mei_cl_is_other_connecting(cl)) 1086 return 0; 1087 1088 msg_slots = mei_hbm2slots(sizeof(struct hbm_client_connect_request)); 1089 slots = mei_hbuf_empty_slots(dev); 1090 if (slots < 0) 1091 return -EOVERFLOW; 1092 1093 if ((u32)slots < msg_slots) 1094 return -EMSGSIZE; 1095 1096 rets = mei_cl_send_connect(cl, cb); 1097 if (rets) 1098 list_move_tail(&cb->list, cmpl_list); 1099 1100 return rets; 1101} 1102 1103/** 1104 * mei_cl_connect - connect host client to the me one 1105 * 1106 * @cl: host client 1107 * @me_cl: me client 1108 * @fp: pointer to file structure 1109 * 1110 * Locking: called under "dev->device_lock" lock 1111 * 1112 * Return: 0 on success, <0 on failure. 1113 */ 1114int mei_cl_connect(struct mei_cl *cl, struct mei_me_client *me_cl, 1115 const struct file *fp) 1116{ 1117 struct mei_device *dev; 1118 struct mei_cl_cb *cb; 1119 int rets; 1120 1121 if (WARN_ON(!cl || !cl->dev || !me_cl)) 1122 return -ENODEV; 1123 1124 dev = cl->dev; 1125 1126 rets = mei_cl_set_connecting(cl, me_cl); 1127 if (rets) 1128 goto nortpm; 1129 1130 if (mei_cl_is_fixed_address(cl)) { 1131 cl->state = MEI_FILE_CONNECTED; 1132 rets = 0; 1133 goto nortpm; 1134 } 1135 1136 rets = pm_runtime_get(dev->dev); 1137 if (rets < 0 && rets != -EINPROGRESS) { 1138 pm_runtime_put_noidle(dev->dev); 1139 cl_err(dev, cl, "rpm: get failed %d\n", rets); 1140 goto nortpm; 1141 } 1142 1143 cb = mei_cl_enqueue_ctrl_wr_cb(cl, 0, MEI_FOP_CONNECT, fp); 1144 if (!cb) { 1145 rets = -ENOMEM; 1146 goto out; 1147 } 1148 1149 /* run hbuf acquire last so we don't have to undo */ 1150 if (!mei_cl_is_other_connecting(cl) && mei_hbuf_acquire(dev)) { 1151 rets = mei_cl_send_connect(cl, cb); 1152 if (rets) 1153 goto out; 1154 } 1155 1156 mutex_unlock(&dev->device_lock); 1157 wait_event_timeout(cl->wait, 1158 (cl->state == MEI_FILE_CONNECTED || 1159 cl->state == MEI_FILE_DISCONNECTED || 1160 cl->state == MEI_FILE_DISCONNECT_REQUIRED || 1161 cl->state == MEI_FILE_DISCONNECT_REPLY), 1162 mei_secs_to_jiffies(MEI_CL_CONNECT_TIMEOUT)); 1163 mutex_lock(&dev->device_lock); 1164 1165 if (!mei_cl_is_connected(cl)) { 1166 if (cl->state == MEI_FILE_DISCONNECT_REQUIRED) { 1167 mei_io_list_flush_cl(&dev->ctrl_rd_list, cl); 1168 mei_io_list_flush_cl(&dev->ctrl_wr_list, cl); 1169 /* ignore disconnect return valuue; 1170 * in case of failure reset will be invoked 1171 */ 1172 __mei_cl_disconnect(cl); 1173 rets = -EFAULT; 1174 goto out; 1175 } 1176 1177 /* timeout or something went really wrong */ 1178 if (!cl->status) 1179 cl->status = -EFAULT; 1180 } 1181 1182 rets = cl->status; 1183out: 1184 cl_dbg(dev, cl, "rpm: autosuspend\n"); 1185 pm_runtime_mark_last_busy(dev->dev); 1186 pm_runtime_put_autosuspend(dev->dev); 1187 1188 mei_io_cb_free(cb); 1189 1190nortpm: 1191 if (!mei_cl_is_connected(cl)) 1192 mei_cl_set_disconnected(cl); 1193 1194 return rets; 1195} 1196 1197/** 1198 * mei_cl_alloc_linked - allocate and link host client 1199 * 1200 * @dev: the device structure 1201 * 1202 * Return: cl on success ERR_PTR on failure 1203 */ 1204struct mei_cl *mei_cl_alloc_linked(struct mei_device *dev) 1205{ 1206 struct mei_cl *cl; 1207 int ret; 1208 1209 cl = mei_cl_allocate(dev); 1210 if (!cl) { 1211 ret = -ENOMEM; 1212 goto err; 1213 } 1214 1215 ret = mei_cl_link(cl); 1216 if (ret) 1217 goto err; 1218 1219 return cl; 1220err: 1221 kfree(cl); 1222 return ERR_PTR(ret); 1223} 1224 1225/** 1226 * mei_cl_tx_flow_ctrl_creds - checks flow_control credits for cl. 1227 * 1228 * @cl: host client 1229 * 1230 * Return: 1 if tx_flow_ctrl_creds >0, 0 - otherwise. 1231 */ 1232static int mei_cl_tx_flow_ctrl_creds(struct mei_cl *cl) 1233{ 1234 if (WARN_ON(!cl || !cl->me_cl)) 1235 return -EINVAL; 1236 1237 if (cl->tx_flow_ctrl_creds > 0) 1238 return 1; 1239 1240 if (mei_cl_is_fixed_address(cl)) 1241 return 1; 1242 1243 if (mei_cl_is_single_recv_buf(cl)) { 1244 if (cl->me_cl->tx_flow_ctrl_creds > 0) 1245 return 1; 1246 } 1247 return 0; 1248} 1249 1250/** 1251 * mei_cl_tx_flow_ctrl_creds_reduce - reduces transmit flow control credits 1252 * for a client 1253 * 1254 * @cl: host client 1255 * 1256 * Return: 1257 * 0 on success 1258 * -EINVAL when ctrl credits are <= 0 1259 */ 1260static int mei_cl_tx_flow_ctrl_creds_reduce(struct mei_cl *cl) 1261{ 1262 if (WARN_ON(!cl || !cl->me_cl)) 1263 return -EINVAL; 1264 1265 if (mei_cl_is_fixed_address(cl)) 1266 return 0; 1267 1268 if (mei_cl_is_single_recv_buf(cl)) { 1269 if (WARN_ON(cl->me_cl->tx_flow_ctrl_creds <= 0)) 1270 return -EINVAL; 1271 cl->me_cl->tx_flow_ctrl_creds--; 1272 } else { 1273 if (WARN_ON(cl->tx_flow_ctrl_creds <= 0)) 1274 return -EINVAL; 1275 cl->tx_flow_ctrl_creds--; 1276 } 1277 return 0; 1278} 1279 1280/** 1281 * mei_cl_vtag_alloc - allocate and fill the vtag structure 1282 * 1283 * @fp: pointer to file structure 1284 * @vtag: vm tag 1285 * 1286 * Return: 1287 * * Pointer to allocated struct - on success 1288 * * ERR_PTR(-ENOMEM) on memory allocation failure 1289 */ 1290struct mei_cl_vtag *mei_cl_vtag_alloc(struct file *fp, u8 vtag) 1291{ 1292 struct mei_cl_vtag *cl_vtag; 1293 1294 cl_vtag = kzalloc(sizeof(*cl_vtag), GFP_KERNEL); 1295 if (!cl_vtag) 1296 return ERR_PTR(-ENOMEM); 1297 1298 INIT_LIST_HEAD(&cl_vtag->list); 1299 cl_vtag->vtag = vtag; 1300 cl_vtag->fp = fp; 1301 1302 return cl_vtag; 1303} 1304 1305/** 1306 * mei_cl_fp_by_vtag - obtain the file pointer by vtag 1307 * 1308 * @cl: host client 1309 * @vtag: vm tag 1310 * 1311 * Return: 1312 * * A file pointer - on success 1313 * * ERR_PTR(-ENOENT) if vtag is not found in the client vtag list 1314 */ 1315const struct file *mei_cl_fp_by_vtag(const struct mei_cl *cl, u8 vtag) 1316{ 1317 struct mei_cl_vtag *vtag_l; 1318 1319 list_for_each_entry(vtag_l, &cl->vtag_map, list) 1320 if (vtag_l->vtag == vtag) 1321 return vtag_l->fp; 1322 1323 return ERR_PTR(-ENOENT); 1324} 1325 1326/** 1327 * mei_cl_reset_read_by_vtag - reset pending_read flag by given vtag 1328 * 1329 * @cl: host client 1330 * @vtag: vm tag 1331 */ 1332static void mei_cl_reset_read_by_vtag(const struct mei_cl *cl, u8 vtag) 1333{ 1334 struct mei_cl_vtag *vtag_l; 1335 1336 list_for_each_entry(vtag_l, &cl->vtag_map, list) { 1337 if (vtag_l->vtag == vtag) { 1338 vtag_l->pending_read = false; 1339 break; 1340 } 1341 } 1342} 1343 1344/** 1345 * mei_cl_read_vtag_add_fc - add flow control for next pending reader 1346 * in the vtag list 1347 * 1348 * @cl: host client 1349 */ 1350static void mei_cl_read_vtag_add_fc(struct mei_cl *cl) 1351{ 1352 struct mei_cl_vtag *cl_vtag; 1353 1354 list_for_each_entry(cl_vtag, &cl->vtag_map, list) { 1355 if (cl_vtag->pending_read) { 1356 if (mei_cl_enqueue_ctrl_wr_cb(cl, 1357 mei_cl_mtu(cl), 1358 MEI_FOP_READ, 1359 cl_vtag->fp)) 1360 cl->rx_flow_ctrl_creds++; 1361 break; 1362 } 1363 } 1364} 1365 1366/** 1367 * mei_cl_vt_support_check - check if client support vtags 1368 * 1369 * @cl: host client 1370 * 1371 * Return: 1372 * * 0 - supported, or not connected at all 1373 * * -EOPNOTSUPP - vtags are not supported by client 1374 */ 1375int mei_cl_vt_support_check(const struct mei_cl *cl) 1376{ 1377 struct mei_device *dev = cl->dev; 1378 1379 if (!dev->hbm_f_vt_supported) 1380 return -EOPNOTSUPP; 1381 1382 if (!cl->me_cl) 1383 return 0; 1384 1385 return cl->me_cl->props.vt_supported ? 0 : -EOPNOTSUPP; 1386} 1387 1388/** 1389 * mei_cl_add_rd_completed - add read completed callback to list with lock 1390 * and vtag check 1391 * 1392 * @cl: host client 1393 * @cb: callback block 1394 * 1395 */ 1396void mei_cl_add_rd_completed(struct mei_cl *cl, struct mei_cl_cb *cb) 1397{ 1398 const struct file *fp; 1399 1400 if (!mei_cl_vt_support_check(cl)) { 1401 fp = mei_cl_fp_by_vtag(cl, cb->vtag); 1402 if (IS_ERR(fp)) { 1403 /* client already disconnected, discarding */ 1404 mei_io_cb_free(cb); 1405 return; 1406 } 1407 cb->fp = fp; 1408 mei_cl_reset_read_by_vtag(cl, cb->vtag); 1409 mei_cl_read_vtag_add_fc(cl); 1410 } 1411 1412 spin_lock(&cl->rd_completed_lock); 1413 list_add_tail(&cb->list, &cl->rd_completed); 1414 spin_unlock(&cl->rd_completed_lock); 1415} 1416 1417/** 1418 * mei_cl_del_rd_completed - free read completed callback with lock 1419 * 1420 * @cl: host client 1421 * @cb: callback block 1422 * 1423 */ 1424void mei_cl_del_rd_completed(struct mei_cl *cl, struct mei_cl_cb *cb) 1425{ 1426 spin_lock(&cl->rd_completed_lock); 1427 mei_io_cb_free(cb); 1428 spin_unlock(&cl->rd_completed_lock); 1429} 1430 1431/** 1432 * mei_cl_notify_fop2req - convert fop to proper request 1433 * 1434 * @fop: client notification start response command 1435 * 1436 * Return: MEI_HBM_NOTIFICATION_START/STOP 1437 */ 1438u8 mei_cl_notify_fop2req(enum mei_cb_file_ops fop) 1439{ 1440 if (fop == MEI_FOP_NOTIFY_START) 1441 return MEI_HBM_NOTIFICATION_START; 1442 else 1443 return MEI_HBM_NOTIFICATION_STOP; 1444} 1445 1446/** 1447 * mei_cl_notify_req2fop - convert notification request top file operation type 1448 * 1449 * @req: hbm notification request type 1450 * 1451 * Return: MEI_FOP_NOTIFY_START/STOP 1452 */ 1453enum mei_cb_file_ops mei_cl_notify_req2fop(u8 req) 1454{ 1455 if (req == MEI_HBM_NOTIFICATION_START) 1456 return MEI_FOP_NOTIFY_START; 1457 else 1458 return MEI_FOP_NOTIFY_STOP; 1459} 1460 1461/** 1462 * mei_cl_irq_notify - send notification request in irq_thread context 1463 * 1464 * @cl: client 1465 * @cb: callback block. 1466 * @cmpl_list: complete list. 1467 * 1468 * Return: 0 on such and error otherwise. 1469 */ 1470int mei_cl_irq_notify(struct mei_cl *cl, struct mei_cl_cb *cb, 1471 struct list_head *cmpl_list) 1472{ 1473 struct mei_device *dev = cl->dev; 1474 u32 msg_slots; 1475 int slots; 1476 int ret; 1477 bool request; 1478 1479 msg_slots = mei_hbm2slots(sizeof(struct hbm_client_connect_request)); 1480 slots = mei_hbuf_empty_slots(dev); 1481 if (slots < 0) 1482 return -EOVERFLOW; 1483 1484 if ((u32)slots < msg_slots) 1485 return -EMSGSIZE; 1486 1487 request = mei_cl_notify_fop2req(cb->fop_type); 1488 ret = mei_hbm_cl_notify_req(dev, cl, request); 1489 if (ret) { 1490 cl->status = ret; 1491 list_move_tail(&cb->list, cmpl_list); 1492 return ret; 1493 } 1494 1495 list_move_tail(&cb->list, &dev->ctrl_rd_list); 1496 return 0; 1497} 1498 1499/** 1500 * mei_cl_notify_request - send notification stop/start request 1501 * 1502 * @cl: host client 1503 * @fp: associate request with file 1504 * @request: 1 for start or 0 for stop 1505 * 1506 * Locking: called under "dev->device_lock" lock 1507 * 1508 * Return: 0 on such and error otherwise. 1509 */ 1510int mei_cl_notify_request(struct mei_cl *cl, 1511 const struct file *fp, u8 request) 1512{ 1513 struct mei_device *dev; 1514 struct mei_cl_cb *cb; 1515 enum mei_cb_file_ops fop_type; 1516 int rets; 1517 1518 if (WARN_ON(!cl || !cl->dev)) 1519 return -ENODEV; 1520 1521 dev = cl->dev; 1522 1523 if (!dev->hbm_f_ev_supported) { 1524 cl_dbg(dev, cl, "notifications not supported\n"); 1525 return -EOPNOTSUPP; 1526 } 1527 1528 if (!mei_cl_is_connected(cl)) 1529 return -ENODEV; 1530 1531 rets = pm_runtime_get(dev->dev); 1532 if (rets < 0 && rets != -EINPROGRESS) { 1533 pm_runtime_put_noidle(dev->dev); 1534 cl_err(dev, cl, "rpm: get failed %d\n", rets); 1535 return rets; 1536 } 1537 1538 fop_type = mei_cl_notify_req2fop(request); 1539 cb = mei_cl_enqueue_ctrl_wr_cb(cl, 0, fop_type, fp); 1540 if (!cb) { 1541 rets = -ENOMEM; 1542 goto out; 1543 } 1544 1545 if (mei_hbuf_acquire(dev)) { 1546 if (mei_hbm_cl_notify_req(dev, cl, request)) { 1547 rets = -ENODEV; 1548 goto out; 1549 } 1550 list_move_tail(&cb->list, &dev->ctrl_rd_list); 1551 } 1552 1553 mutex_unlock(&dev->device_lock); 1554 wait_event_timeout(cl->wait, 1555 cl->notify_en == request || 1556 cl->status || 1557 !mei_cl_is_connected(cl), 1558 mei_secs_to_jiffies(MEI_CL_CONNECT_TIMEOUT)); 1559 mutex_lock(&dev->device_lock); 1560 1561 if (cl->notify_en != request && !cl->status) 1562 cl->status = -EFAULT; 1563 1564 rets = cl->status; 1565 1566out: 1567 cl_dbg(dev, cl, "rpm: autosuspend\n"); 1568 pm_runtime_mark_last_busy(dev->dev); 1569 pm_runtime_put_autosuspend(dev->dev); 1570 1571 mei_io_cb_free(cb); 1572 return rets; 1573} 1574 1575/** 1576 * mei_cl_notify - raise notification 1577 * 1578 * @cl: host client 1579 * 1580 * Locking: called under "dev->device_lock" lock 1581 */ 1582void mei_cl_notify(struct mei_cl *cl) 1583{ 1584 struct mei_device *dev; 1585 1586 if (!cl || !cl->dev) 1587 return; 1588 1589 dev = cl->dev; 1590 1591 if (!cl->notify_en) 1592 return; 1593 1594 cl_dbg(dev, cl, "notify event"); 1595 cl->notify_ev = true; 1596 if (!mei_cl_bus_notify_event(cl)) 1597 wake_up_interruptible(&cl->ev_wait); 1598 1599 if (cl->ev_async) 1600 kill_fasync(&cl->ev_async, SIGIO, POLL_PRI); 1601 1602} 1603 1604/** 1605 * mei_cl_notify_get - get or wait for notification event 1606 * 1607 * @cl: host client 1608 * @block: this request is blocking 1609 * @notify_ev: true if notification event was received 1610 * 1611 * Locking: called under "dev->device_lock" lock 1612 * 1613 * Return: 0 on such and error otherwise. 1614 */ 1615int mei_cl_notify_get(struct mei_cl *cl, bool block, bool *notify_ev) 1616{ 1617 struct mei_device *dev; 1618 int rets; 1619 1620 *notify_ev = false; 1621 1622 if (WARN_ON(!cl || !cl->dev)) 1623 return -ENODEV; 1624 1625 dev = cl->dev; 1626 1627 if (!dev->hbm_f_ev_supported) { 1628 cl_dbg(dev, cl, "notifications not supported\n"); 1629 return -EOPNOTSUPP; 1630 } 1631 1632 if (!mei_cl_is_connected(cl)) 1633 return -ENODEV; 1634 1635 if (cl->notify_ev) 1636 goto out; 1637 1638 if (!block) 1639 return -EAGAIN; 1640 1641 mutex_unlock(&dev->device_lock); 1642 rets = wait_event_interruptible(cl->ev_wait, cl->notify_ev); 1643 mutex_lock(&dev->device_lock); 1644 1645 if (rets < 0) 1646 return rets; 1647 1648out: 1649 *notify_ev = cl->notify_ev; 1650 cl->notify_ev = false; 1651 return 0; 1652} 1653 1654/** 1655 * mei_cl_read_start - the start read client message function. 1656 * 1657 * @cl: host client 1658 * @length: number of bytes to read 1659 * @fp: pointer to file structure 1660 * 1661 * Return: 0 on success, <0 on failure. 1662 */ 1663int mei_cl_read_start(struct mei_cl *cl, size_t length, const struct file *fp) 1664{ 1665 struct mei_device *dev; 1666 struct mei_cl_cb *cb; 1667 int rets; 1668 1669 if (WARN_ON(!cl || !cl->dev)) 1670 return -ENODEV; 1671 1672 dev = cl->dev; 1673 1674 if (!mei_cl_is_connected(cl)) 1675 return -ENODEV; 1676 1677 if (!mei_me_cl_is_active(cl->me_cl)) { 1678 cl_err(dev, cl, "no such me client\n"); 1679 return -ENOTTY; 1680 } 1681 1682 if (mei_cl_is_fixed_address(cl)) 1683 return 0; 1684 1685 /* HW currently supports only one pending read */ 1686 if (cl->rx_flow_ctrl_creds) { 1687 mei_cl_set_read_by_fp(cl, fp); 1688 return -EBUSY; 1689 } 1690 1691 cb = mei_cl_enqueue_ctrl_wr_cb(cl, length, MEI_FOP_READ, fp); 1692 if (!cb) 1693 return -ENOMEM; 1694 1695 mei_cl_set_read_by_fp(cl, fp); 1696 1697 rets = pm_runtime_get(dev->dev); 1698 if (rets < 0 && rets != -EINPROGRESS) { 1699 pm_runtime_put_noidle(dev->dev); 1700 cl_err(dev, cl, "rpm: get failed %d\n", rets); 1701 goto nortpm; 1702 } 1703 1704 rets = 0; 1705 if (mei_hbuf_acquire(dev)) { 1706 rets = mei_hbm_cl_flow_control_req(dev, cl); 1707 if (rets < 0) 1708 goto out; 1709 1710 list_move_tail(&cb->list, &cl->rd_pending); 1711 } 1712 cl->rx_flow_ctrl_creds++; 1713 1714out: 1715 cl_dbg(dev, cl, "rpm: autosuspend\n"); 1716 pm_runtime_mark_last_busy(dev->dev); 1717 pm_runtime_put_autosuspend(dev->dev); 1718nortpm: 1719 if (rets) 1720 mei_io_cb_free(cb); 1721 1722 return rets; 1723} 1724 1725static inline u8 mei_ext_hdr_set_vtag(struct mei_ext_hdr *ext, u8 vtag) 1726{ 1727 ext->type = MEI_EXT_HDR_VTAG; 1728 ext->ext_payload[0] = vtag; 1729 ext->length = mei_data2slots(sizeof(*ext)); 1730 return ext->length; 1731} 1732 1733/** 1734 * mei_msg_hdr_init - allocate and initialize mei message header 1735 * 1736 * @cb: message callback structure 1737 * 1738 * Return: a pointer to initialized header 1739 */ 1740static struct mei_msg_hdr *mei_msg_hdr_init(const struct mei_cl_cb *cb) 1741{ 1742 size_t hdr_len; 1743 struct mei_ext_meta_hdr *meta; 1744 struct mei_ext_hdr *ext; 1745 struct mei_msg_hdr *mei_hdr; 1746 bool is_ext, is_vtag; 1747 1748 if (!cb) 1749 return ERR_PTR(-EINVAL); 1750 1751 /* Extended header for vtag is attached only on the first fragment */ 1752 is_vtag = (cb->vtag && cb->buf_idx == 0); 1753 is_ext = is_vtag; 1754 1755 /* Compute extended header size */ 1756 hdr_len = sizeof(*mei_hdr); 1757 1758 if (!is_ext) 1759 goto setup_hdr; 1760 1761 hdr_len += sizeof(*meta); 1762 if (is_vtag) 1763 hdr_len += sizeof(*ext); 1764 1765setup_hdr: 1766 mei_hdr = kzalloc(hdr_len, GFP_KERNEL); 1767 if (!mei_hdr) 1768 return ERR_PTR(-ENOMEM); 1769 1770 mei_hdr->host_addr = mei_cl_host_addr(cb->cl); 1771 mei_hdr->me_addr = mei_cl_me_id(cb->cl); 1772 mei_hdr->internal = cb->internal; 1773 mei_hdr->extended = is_ext; 1774 1775 if (!is_ext) 1776 goto out; 1777 1778 meta = (struct mei_ext_meta_hdr *)mei_hdr->extension; 1779 if (is_vtag) { 1780 meta->count++; 1781 meta->size += mei_ext_hdr_set_vtag(meta->hdrs, cb->vtag); 1782 } 1783out: 1784 mei_hdr->length = hdr_len - sizeof(*mei_hdr); 1785 return mei_hdr; 1786} 1787 1788/** 1789 * mei_cl_irq_write - write a message to device 1790 * from the interrupt thread context 1791 * 1792 * @cl: client 1793 * @cb: callback block. 1794 * @cmpl_list: complete list. 1795 * 1796 * Return: 0, OK; otherwise error. 1797 */ 1798int mei_cl_irq_write(struct mei_cl *cl, struct mei_cl_cb *cb, 1799 struct list_head *cmpl_list) 1800{ 1801 struct mei_device *dev; 1802 struct mei_msg_data *buf; 1803 struct mei_msg_hdr *mei_hdr = NULL; 1804 size_t hdr_len; 1805 size_t hbuf_len, dr_len; 1806 size_t buf_len; 1807 size_t data_len; 1808 int hbuf_slots; 1809 u32 dr_slots; 1810 u32 dma_len; 1811 int rets; 1812 bool first_chunk; 1813 const void *data; 1814 1815 if (WARN_ON(!cl || !cl->dev)) 1816 return -ENODEV; 1817 1818 dev = cl->dev; 1819 1820 buf = &cb->buf; 1821 1822 first_chunk = cb->buf_idx == 0; 1823 1824 rets = first_chunk ? mei_cl_tx_flow_ctrl_creds(cl) : 1; 1825 if (rets < 0) 1826 goto err; 1827 1828 if (rets == 0) { 1829 cl_dbg(dev, cl, "No flow control credentials: not sending.\n"); 1830 return 0; 1831 } 1832 1833 buf_len = buf->size - cb->buf_idx; 1834 data = buf->data + cb->buf_idx; 1835 hbuf_slots = mei_hbuf_empty_slots(dev); 1836 if (hbuf_slots < 0) { 1837 rets = -EOVERFLOW; 1838 goto err; 1839 } 1840 1841 hbuf_len = mei_slots2data(hbuf_slots) & MEI_MSG_MAX_LEN_MASK; 1842 dr_slots = mei_dma_ring_empty_slots(dev); 1843 dr_len = mei_slots2data(dr_slots); 1844 1845 mei_hdr = mei_msg_hdr_init(cb); 1846 if (IS_ERR(mei_hdr)) { 1847 rets = PTR_ERR(mei_hdr); 1848 mei_hdr = NULL; 1849 goto err; 1850 } 1851 1852 cl_dbg(dev, cl, "Extended Header %d vtag = %d\n", 1853 mei_hdr->extended, cb->vtag); 1854 1855 hdr_len = sizeof(*mei_hdr) + mei_hdr->length; 1856 1857 /** 1858 * Split the message only if we can write the whole host buffer 1859 * otherwise wait for next time the host buffer is empty. 1860 */ 1861 if (hdr_len + buf_len <= hbuf_len) { 1862 data_len = buf_len; 1863 mei_hdr->msg_complete = 1; 1864 } else if (dr_slots && hbuf_len >= hdr_len + sizeof(dma_len)) { 1865 mei_hdr->dma_ring = 1; 1866 if (buf_len > dr_len) 1867 buf_len = dr_len; 1868 else 1869 mei_hdr->msg_complete = 1; 1870 1871 data_len = sizeof(dma_len); 1872 dma_len = buf_len; 1873 data = &dma_len; 1874 } else if ((u32)hbuf_slots == mei_hbuf_depth(dev)) { 1875 buf_len = hbuf_len - hdr_len; 1876 data_len = buf_len; 1877 } else { 1878 kfree(mei_hdr); 1879 return 0; 1880 } 1881 mei_hdr->length += data_len; 1882 1883 if (mei_hdr->dma_ring) 1884 mei_dma_ring_write(dev, buf->data + cb->buf_idx, buf_len); 1885 rets = mei_write_message(dev, mei_hdr, hdr_len, data, data_len); 1886 1887 if (rets) 1888 goto err; 1889 1890 cl->status = 0; 1891 cl->writing_state = MEI_WRITING; 1892 cb->buf_idx += buf_len; 1893 1894 if (first_chunk) { 1895 if (mei_cl_tx_flow_ctrl_creds_reduce(cl)) { 1896 rets = -EIO; 1897 goto err; 1898 } 1899 } 1900 1901 if (mei_hdr->msg_complete) 1902 list_move_tail(&cb->list, &dev->write_waiting_list); 1903 1904 kfree(mei_hdr); 1905 return 0; 1906 1907err: 1908 kfree(mei_hdr); 1909 cl->status = rets; 1910 list_move_tail(&cb->list, cmpl_list); 1911 return rets; 1912} 1913 1914/** 1915 * mei_cl_write - submit a write cb to mei device 1916 * assumes device_lock is locked 1917 * 1918 * @cl: host client 1919 * @cb: write callback with filled data 1920 * 1921 * Return: number of bytes sent on success, <0 on failure. 1922 */ 1923ssize_t mei_cl_write(struct mei_cl *cl, struct mei_cl_cb *cb) 1924{ 1925 struct mei_device *dev; 1926 struct mei_msg_data *buf; 1927 struct mei_msg_hdr *mei_hdr = NULL; 1928 size_t hdr_len; 1929 size_t hbuf_len, dr_len; 1930 size_t buf_len; 1931 size_t data_len; 1932 int hbuf_slots; 1933 u32 dr_slots; 1934 u32 dma_len; 1935 ssize_t rets; 1936 bool blocking; 1937 const void *data; 1938 1939 if (WARN_ON(!cl || !cl->dev)) 1940 return -ENODEV; 1941 1942 if (WARN_ON(!cb)) 1943 return -EINVAL; 1944 1945 dev = cl->dev; 1946 1947 buf = &cb->buf; 1948 buf_len = buf->size; 1949 1950 cl_dbg(dev, cl, "buf_len=%zd\n", buf_len); 1951 1952 blocking = cb->blocking; 1953 data = buf->data; 1954 1955 rets = pm_runtime_get(dev->dev); 1956 if (rets < 0 && rets != -EINPROGRESS) { 1957 pm_runtime_put_noidle(dev->dev); 1958 cl_err(dev, cl, "rpm: get failed %zd\n", rets); 1959 goto free; 1960 } 1961 1962 cb->buf_idx = 0; 1963 cl->writing_state = MEI_IDLE; 1964 1965 1966 rets = mei_cl_tx_flow_ctrl_creds(cl); 1967 if (rets < 0) 1968 goto err; 1969 1970 mei_hdr = mei_msg_hdr_init(cb); 1971 if (IS_ERR(mei_hdr)) { 1972 rets = PTR_ERR(mei_hdr); 1973 mei_hdr = NULL; 1974 goto err; 1975 } 1976 1977 cl_dbg(dev, cl, "Extended Header %d vtag = %d\n", 1978 mei_hdr->extended, cb->vtag); 1979 1980 hdr_len = sizeof(*mei_hdr) + mei_hdr->length; 1981 1982 if (rets == 0) { 1983 cl_dbg(dev, cl, "No flow control credentials: not sending.\n"); 1984 rets = buf_len; 1985 goto out; 1986 } 1987 1988 if (!mei_hbuf_acquire(dev)) { 1989 cl_dbg(dev, cl, "Cannot acquire the host buffer: not sending.\n"); 1990 rets = buf_len; 1991 goto out; 1992 } 1993 1994 hbuf_slots = mei_hbuf_empty_slots(dev); 1995 if (hbuf_slots < 0) { 1996 buf_len = -EOVERFLOW; 1997 goto out; 1998 } 1999 2000 hbuf_len = mei_slots2data(hbuf_slots) & MEI_MSG_MAX_LEN_MASK; 2001 dr_slots = mei_dma_ring_empty_slots(dev); 2002 dr_len = mei_slots2data(dr_slots); 2003 2004 if (hdr_len + buf_len <= hbuf_len) { 2005 data_len = buf_len; 2006 mei_hdr->msg_complete = 1; 2007 } else if (dr_slots && hbuf_len >= hdr_len + sizeof(dma_len)) { 2008 mei_hdr->dma_ring = 1; 2009 if (buf_len > dr_len) 2010 buf_len = dr_len; 2011 else 2012 mei_hdr->msg_complete = 1; 2013 2014 data_len = sizeof(dma_len); 2015 dma_len = buf_len; 2016 data = &dma_len; 2017 } else { 2018 buf_len = hbuf_len - hdr_len; 2019 data_len = buf_len; 2020 } 2021 2022 mei_hdr->length += data_len; 2023 2024 if (mei_hdr->dma_ring) 2025 mei_dma_ring_write(dev, buf->data, buf_len); 2026 rets = mei_write_message(dev, mei_hdr, hdr_len, data, data_len); 2027 2028 if (rets) 2029 goto err; 2030 2031 rets = mei_cl_tx_flow_ctrl_creds_reduce(cl); 2032 if (rets) 2033 goto err; 2034 2035 cl->writing_state = MEI_WRITING; 2036 cb->buf_idx = buf_len; 2037 /* restore return value */ 2038 buf_len = buf->size; 2039 2040out: 2041 if (mei_hdr->msg_complete) 2042 mei_tx_cb_enqueue(cb, &dev->write_waiting_list); 2043 else 2044 mei_tx_cb_enqueue(cb, &dev->write_list); 2045 2046 cb = NULL; 2047 if (blocking && cl->writing_state != MEI_WRITE_COMPLETE) { 2048 2049 mutex_unlock(&dev->device_lock); 2050 rets = wait_event_interruptible(cl->tx_wait, 2051 cl->writing_state == MEI_WRITE_COMPLETE || 2052 (!mei_cl_is_connected(cl))); 2053 mutex_lock(&dev->device_lock); 2054 /* wait_event_interruptible returns -ERESTARTSYS */ 2055 if (rets) { 2056 if (signal_pending(current)) 2057 rets = -EINTR; 2058 goto err; 2059 } 2060 if (cl->writing_state != MEI_WRITE_COMPLETE) { 2061 rets = -EFAULT; 2062 goto err; 2063 } 2064 } 2065 2066 rets = buf_len; 2067err: 2068 cl_dbg(dev, cl, "rpm: autosuspend\n"); 2069 pm_runtime_mark_last_busy(dev->dev); 2070 pm_runtime_put_autosuspend(dev->dev); 2071free: 2072 mei_io_cb_free(cb); 2073 2074 kfree(mei_hdr); 2075 2076 return rets; 2077} 2078 2079/** 2080 * mei_cl_complete - processes completed operation for a client 2081 * 2082 * @cl: private data of the file object. 2083 * @cb: callback block. 2084 */ 2085void mei_cl_complete(struct mei_cl *cl, struct mei_cl_cb *cb) 2086{ 2087 struct mei_device *dev = cl->dev; 2088 2089 switch (cb->fop_type) { 2090 case MEI_FOP_WRITE: 2091 mei_tx_cb_dequeue(cb); 2092 cl->writing_state = MEI_WRITE_COMPLETE; 2093 if (waitqueue_active(&cl->tx_wait)) { 2094 wake_up_interruptible(&cl->tx_wait); 2095 } else { 2096 pm_runtime_mark_last_busy(dev->dev); 2097 pm_request_autosuspend(dev->dev); 2098 } 2099 break; 2100 2101 case MEI_FOP_READ: 2102 mei_cl_add_rd_completed(cl, cb); 2103 if (!mei_cl_is_fixed_address(cl) && 2104 !WARN_ON(!cl->rx_flow_ctrl_creds)) 2105 cl->rx_flow_ctrl_creds--; 2106 if (!mei_cl_bus_rx_event(cl)) 2107 wake_up_interruptible(&cl->rx_wait); 2108 break; 2109 2110 case MEI_FOP_CONNECT: 2111 case MEI_FOP_DISCONNECT: 2112 case MEI_FOP_NOTIFY_STOP: 2113 case MEI_FOP_NOTIFY_START: 2114 if (waitqueue_active(&cl->wait)) 2115 wake_up(&cl->wait); 2116 2117 break; 2118 case MEI_FOP_DISCONNECT_RSP: 2119 mei_io_cb_free(cb); 2120 mei_cl_set_disconnected(cl); 2121 break; 2122 default: 2123 BUG_ON(0); 2124 } 2125} 2126 2127 2128/** 2129 * mei_cl_all_disconnect - disconnect forcefully all connected clients 2130 * 2131 * @dev: mei device 2132 */ 2133void mei_cl_all_disconnect(struct mei_device *dev) 2134{ 2135 struct mei_cl *cl; 2136 2137 list_for_each_entry(cl, &dev->file_list, link) 2138 mei_cl_set_disconnected(cl); 2139} 2140