1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16#include <linux/module.h>
17#include <linux/init.h>
18#include <linux/slab.h>
19#include <linux/proc_fs.h>
20#include <asm/delay.h>
21#include <asm/uaccess.h>
22#include <asm/rtas.h>
23#include <asm/abs_addr.h>
24
25#define MODULE_VERS "1.0"
26#define MODULE_NAME "rtas_flash"
27
28#define FIRMWARE_FLASH_NAME "firmware_flash"
29#define FIRMWARE_UPDATE_NAME "firmware_update"
30#define MANAGE_FLASH_NAME "manage_flash"
31#define VALIDATE_FLASH_NAME "validate_flash"
32
33
34#define RTAS_RC_SUCCESS 0
35#define RTAS_RC_HW_ERR -1
36#define RTAS_RC_BUSY -2
37
38
39#define FLASH_AUTH -9002
40#define FLASH_NO_OP -1099
41#define FLASH_IMG_SHORT -1005
42#define FLASH_IMG_BAD_LEN -1004
43#define FLASH_IMG_NULL_DATA -1003
44#define FLASH_IMG_READY 0
45
46
47#define MANAGE_AUTH -9002
48#define MANAGE_ACTIVE_ERR -9001
49#define MANAGE_NO_OP -1099
50#define MANAGE_PARAM_ERR -3
51#define MANAGE_HW_ERR -1
52
53
54#define VALIDATE_AUTH -9002
55#define VALIDATE_NO_OP -1099
56#define VALIDATE_INCOMPLETE -1002
57#define VALIDATE_READY -1001
58#define VALIDATE_PARAM_ERR -3
59#define VALIDATE_HW_ERR -1
60#define VALIDATE_TMP_UPDATE 0
61#define VALIDATE_FLASH_AUTH 1
62#define VALIDATE_INVALID_IMG 2
63#define VALIDATE_CUR_UNKNOWN 3
64#define VALIDATE_TMP_COMMIT_DL 4
65#define VALIDATE_TMP_COMMIT 5
66#define VALIDATE_TMP_UPDATE_DL 6
67
68
69#define RTAS_REJECT_TMP_IMG 0
70#define RTAS_COMMIT_TMP_IMG 1
71
72
73#define VALIDATE_BUF_SIZE 4096
74#define RTAS_MSG_MAXLEN 64
75
76
77#define RTAS_BLKLIST_LENGTH 4096
78#define RTAS_BLK_SIZE 4096
79
80struct flash_block {
81 char *data;
82 unsigned long length;
83};
84
85
86
87
88
89
90
91#define FLASH_BLOCKS_PER_NODE ((RTAS_BLKLIST_LENGTH - 16) / sizeof(struct flash_block))
92struct flash_block_list {
93 unsigned long num_blocks;
94 struct flash_block_list *next;
95 struct flash_block blocks[FLASH_BLOCKS_PER_NODE];
96};
97
98static struct flash_block_list *rtas_firmware_flash_list;
99
100
101static struct kmem_cache *flash_block_cache = NULL;
102
103#define FLASH_BLOCK_LIST_VERSION (1UL)
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118struct rtas_update_flash_t
119{
120 int status;
121 struct flash_block_list *flist;
122};
123
124
125struct rtas_manage_flash_t
126{
127 int status;
128 unsigned int op;
129};
130
131
132struct rtas_validate_flash_t
133{
134 int status;
135 char buf[VALIDATE_BUF_SIZE];
136 unsigned int buf_size;
137 unsigned int update_results;
138};
139
140static DEFINE_SPINLOCK(flash_file_open_lock);
141static struct proc_dir_entry *firmware_flash_pde;
142static struct proc_dir_entry *firmware_update_pde;
143static struct proc_dir_entry *validate_pde;
144static struct proc_dir_entry *manage_pde;
145
146
147static int flash_list_valid(struct flash_block_list *flist)
148{
149 struct flash_block_list *f;
150 int i;
151 unsigned long block_size, image_size;
152
153
154 image_size = 0;
155 for (f = flist; f; f = f->next) {
156 for (i = 0; i < f->num_blocks; i++) {
157 if (f->blocks[i].data == NULL) {
158 return FLASH_IMG_NULL_DATA;
159 }
160 block_size = f->blocks[i].length;
161 if (block_size <= 0 || block_size > RTAS_BLK_SIZE) {
162 return FLASH_IMG_BAD_LEN;
163 }
164 image_size += block_size;
165 }
166 }
167
168 if (image_size < (256 << 10)) {
169 if (image_size < 2)
170 return FLASH_NO_OP;
171 }
172
173 printk(KERN_INFO "FLASH: flash image with %ld bytes stored for hardware flash on reboot\n", image_size);
174
175 return FLASH_IMG_READY;
176}
177
178static void free_flash_list(struct flash_block_list *f)
179{
180 struct flash_block_list *next;
181 int i;
182
183 while (f) {
184 for (i = 0; i < f->num_blocks; i++)
185 kmem_cache_free(flash_block_cache, f->blocks[i].data);
186 next = f->next;
187 kmem_cache_free(flash_block_cache, f);
188 f = next;
189 }
190}
191
192static int rtas_flash_release(struct inode *inode, struct file *file)
193{
194 struct proc_dir_entry *dp = PDE(file->f_path.dentry->d_inode);
195 struct rtas_update_flash_t *uf;
196
197 uf = (struct rtas_update_flash_t *) dp->data;
198 if (uf->flist) {
199
200
201 if (rtas_firmware_flash_list) {
202 free_flash_list(rtas_firmware_flash_list);
203 rtas_firmware_flash_list = NULL;
204 }
205
206 if (uf->status != FLASH_AUTH)
207 uf->status = flash_list_valid(uf->flist);
208
209 if (uf->status == FLASH_IMG_READY)
210 rtas_firmware_flash_list = uf->flist;
211 else
212 free_flash_list(uf->flist);
213
214 uf->flist = NULL;
215 }
216
217 atomic_dec(&dp->count);
218 return 0;
219}
220
221static void get_flash_status_msg(int status, char *buf)
222{
223 char *msg;
224
225 switch (status) {
226 case FLASH_AUTH:
227 msg = "error: this partition does not have service authority\n";
228 break;
229 case FLASH_NO_OP:
230 msg = "info: no firmware image for flash\n";
231 break;
232 case FLASH_IMG_SHORT:
233 msg = "error: flash image short\n";
234 break;
235 case FLASH_IMG_BAD_LEN:
236 msg = "error: internal error bad length\n";
237 break;
238 case FLASH_IMG_NULL_DATA:
239 msg = "error: internal error null data\n";
240 break;
241 case FLASH_IMG_READY:
242 msg = "ready: firmware image ready for flash on reboot\n";
243 break;
244 default:
245 sprintf(buf, "error: unexpected status value %d\n", status);
246 return;
247 }
248
249 strcpy(buf, msg);
250}
251
252
253static ssize_t rtas_flash_read(struct file *file, char __user *buf,
254 size_t count, loff_t *ppos)
255{
256 struct proc_dir_entry *dp = PDE(file->f_path.dentry->d_inode);
257 struct rtas_update_flash_t *uf;
258 char msg[RTAS_MSG_MAXLEN];
259
260 uf = dp->data;
261
262 if (!strcmp(dp->name, FIRMWARE_FLASH_NAME)) {
263 get_flash_status_msg(uf->status, msg);
264 } else {
265 sprintf(msg, "%d\n", uf->status);
266 }
267
268 return simple_read_from_buffer(buf, count, ppos, msg, strlen(msg));
269}
270
271
272void rtas_block_ctor(void *ptr)
273{
274 memset(ptr, 0, RTAS_BLK_SIZE);
275}
276
277
278
279
280
281
282static ssize_t rtas_flash_write(struct file *file, const char __user *buffer,
283 size_t count, loff_t *off)
284{
285 struct proc_dir_entry *dp = PDE(file->f_path.dentry->d_inode);
286 struct rtas_update_flash_t *uf;
287 char *p;
288 int next_free;
289 struct flash_block_list *fl;
290
291 uf = (struct rtas_update_flash_t *) dp->data;
292
293 if (uf->status == FLASH_AUTH || count == 0)
294 return count;
295
296
297
298
299
300 if (uf->flist == NULL) {
301 uf->flist = kmem_cache_alloc(flash_block_cache, GFP_KERNEL);
302 if (!uf->flist)
303 return -ENOMEM;
304 }
305
306 fl = uf->flist;
307 while (fl->next)
308 fl = fl->next;
309 next_free = fl->num_blocks;
310 if (next_free == FLASH_BLOCKS_PER_NODE) {
311
312 fl->next = kmem_cache_alloc(flash_block_cache, GFP_KERNEL);
313 if (!fl->next)
314 return -ENOMEM;
315 fl = fl->next;
316 next_free = 0;
317 }
318
319 if (count > RTAS_BLK_SIZE)
320 count = RTAS_BLK_SIZE;
321 p = kmem_cache_alloc(flash_block_cache, GFP_KERNEL);
322 if (!p)
323 return -ENOMEM;
324
325 if(copy_from_user(p, buffer, count)) {
326 kmem_cache_free(flash_block_cache, p);
327 return -EFAULT;
328 }
329 fl->blocks[next_free].data = p;
330 fl->blocks[next_free].length = count;
331 fl->num_blocks++;
332
333 return count;
334}
335
336static int rtas_excl_open(struct inode *inode, struct file *file)
337{
338 struct proc_dir_entry *dp = PDE(inode);
339
340
341 spin_lock(&flash_file_open_lock);
342 if (atomic_read(&dp->count) > 2) {
343 spin_unlock(&flash_file_open_lock);
344 return -EBUSY;
345 }
346
347 atomic_inc(&dp->count);
348 spin_unlock(&flash_file_open_lock);
349
350 return 0;
351}
352
353static int rtas_excl_release(struct inode *inode, struct file *file)
354{
355 struct proc_dir_entry *dp = PDE(inode);
356
357 atomic_dec(&dp->count);
358
359 return 0;
360}
361
362static void manage_flash(struct rtas_manage_flash_t *args_buf)
363{
364 s32 rc;
365
366 do {
367 rc = rtas_call(rtas_token("ibm,manage-flash-image"), 1,
368 1, NULL, args_buf->op);
369 } while (rtas_busy_delay(rc));
370
371 args_buf->status = rc;
372}
373
374static ssize_t manage_flash_read(struct file *file, char __user *buf,
375 size_t count, loff_t *ppos)
376{
377 struct proc_dir_entry *dp = PDE(file->f_path.dentry->d_inode);
378 struct rtas_manage_flash_t *args_buf;
379 char msg[RTAS_MSG_MAXLEN];
380 int msglen;
381
382 args_buf = dp->data;
383 if (args_buf == NULL)
384 return 0;
385
386 msglen = sprintf(msg, "%d\n", args_buf->status);
387
388 return simple_read_from_buffer(buf, count, ppos, msg, msglen);
389}
390
391static ssize_t manage_flash_write(struct file *file, const char __user *buf,
392 size_t count, loff_t *off)
393{
394 struct proc_dir_entry *dp = PDE(file->f_path.dentry->d_inode);
395 struct rtas_manage_flash_t *args_buf;
396 const char reject_str[] = "0";
397 const char commit_str[] = "1";
398 char stkbuf[10];
399 int op;
400
401 args_buf = (struct rtas_manage_flash_t *) dp->data;
402 if ((args_buf->status == MANAGE_AUTH) || (count == 0))
403 return count;
404
405 op = -1;
406 if (buf) {
407 if (count > 9) count = 9;
408 if (copy_from_user (stkbuf, buf, count)) {
409 return -EFAULT;
410 }
411 if (strncmp(stkbuf, reject_str, strlen(reject_str)) == 0)
412 op = RTAS_REJECT_TMP_IMG;
413 else if (strncmp(stkbuf, commit_str, strlen(commit_str)) == 0)
414 op = RTAS_COMMIT_TMP_IMG;
415 }
416
417 if (op == -1)
418 return -EINVAL;
419
420 args_buf->op = op;
421 manage_flash(args_buf);
422
423 return count;
424}
425
426static void validate_flash(struct rtas_validate_flash_t *args_buf)
427{
428 int token = rtas_token("ibm,validate-flash-image");
429 int update_results;
430 s32 rc;
431
432 rc = 0;
433 do {
434 spin_lock(&rtas_data_buf_lock);
435 memcpy(rtas_data_buf, args_buf->buf, VALIDATE_BUF_SIZE);
436 rc = rtas_call(token, 2, 2, &update_results,
437 (u32) __pa(rtas_data_buf), args_buf->buf_size);
438 memcpy(args_buf->buf, rtas_data_buf, VALIDATE_BUF_SIZE);
439 spin_unlock(&rtas_data_buf_lock);
440 } while (rtas_busy_delay(rc));
441
442 args_buf->status = rc;
443 args_buf->update_results = update_results;
444}
445
446static int get_validate_flash_msg(struct rtas_validate_flash_t *args_buf,
447 char *msg)
448{
449 int n;
450
451 if (args_buf->status >= VALIDATE_TMP_UPDATE) {
452 n = sprintf(msg, "%d\n", args_buf->update_results);
453 if ((args_buf->update_results >= VALIDATE_CUR_UNKNOWN) ||
454 (args_buf->update_results == VALIDATE_TMP_UPDATE))
455 n += sprintf(msg + n, "%s\n", args_buf->buf);
456 } else {
457 n = sprintf(msg, "%d\n", args_buf->status);
458 }
459 return n;
460}
461
462static ssize_t validate_flash_read(struct file *file, char __user *buf,
463 size_t count, loff_t *ppos)
464{
465 struct proc_dir_entry *dp = PDE(file->f_path.dentry->d_inode);
466 struct rtas_validate_flash_t *args_buf;
467 char msg[RTAS_MSG_MAXLEN];
468 int msglen;
469
470 args_buf = dp->data;
471
472 msglen = get_validate_flash_msg(args_buf, msg);
473
474 return simple_read_from_buffer(buf, count, ppos, msg, msglen);
475}
476
477static ssize_t validate_flash_write(struct file *file, const char __user *buf,
478 size_t count, loff_t *off)
479{
480 struct proc_dir_entry *dp = PDE(file->f_path.dentry->d_inode);
481 struct rtas_validate_flash_t *args_buf;
482 int rc;
483
484 args_buf = (struct rtas_validate_flash_t *) dp->data;
485
486 if (dp->data == NULL) {
487 dp->data = kmalloc(sizeof(struct rtas_validate_flash_t),
488 GFP_KERNEL);
489 if (dp->data == NULL)
490 return -ENOMEM;
491 }
492
493
494
495 if ((*off >= VALIDATE_BUF_SIZE) ||
496 (args_buf->status == VALIDATE_AUTH)) {
497 *off += count;
498 return count;
499 }
500
501 if (*off + count >= VALIDATE_BUF_SIZE) {
502 count = VALIDATE_BUF_SIZE - *off;
503 args_buf->status = VALIDATE_READY;
504 } else {
505 args_buf->status = VALIDATE_INCOMPLETE;
506 }
507
508 if (!access_ok(VERIFY_READ, buf, count)) {
509 rc = -EFAULT;
510 goto done;
511 }
512 if (copy_from_user(args_buf->buf + *off, buf, count)) {
513 rc = -EFAULT;
514 goto done;
515 }
516
517 *off += count;
518 rc = count;
519done:
520 if (rc < 0) {
521 kfree(dp->data);
522 dp->data = NULL;
523 }
524 return rc;
525}
526
527static int validate_flash_release(struct inode *inode, struct file *file)
528{
529 struct proc_dir_entry *dp = PDE(file->f_path.dentry->d_inode);
530 struct rtas_validate_flash_t *args_buf;
531
532 args_buf = (struct rtas_validate_flash_t *) dp->data;
533
534 if (args_buf->status == VALIDATE_READY) {
535 args_buf->buf_size = VALIDATE_BUF_SIZE;
536 validate_flash(args_buf);
537 }
538
539
540 atomic_dec(&dp->count);
541
542 return 0;
543}
544
545static void rtas_flash_firmware(int reboot_type)
546{
547 unsigned long image_size;
548 struct flash_block_list *f, *next, *flist;
549 unsigned long rtas_block_list;
550 int i, status, update_token;
551
552 if (rtas_firmware_flash_list == NULL)
553 return;
554
555 if (reboot_type != SYS_RESTART) {
556 printk(KERN_ALERT "FLASH: firmware flash requires a reboot\n");
557 printk(KERN_ALERT "FLASH: the firmware image will NOT be flashed\n");
558 return;
559 }
560
561 update_token = rtas_token("ibm,update-flash-64-and-reboot");
562 if (update_token == RTAS_UNKNOWN_SERVICE) {
563 printk(KERN_ALERT "FLASH: ibm,update-flash-64-and-reboot "
564 "is not available -- not a service partition?\n");
565 printk(KERN_ALERT "FLASH: firmware will not be flashed\n");
566 return;
567 }
568
569
570
571
572
573
574 spin_lock(&rtas_data_buf_lock);
575 flist = (struct flash_block_list *)&rtas_data_buf[0];
576 flist->num_blocks = 0;
577 flist->next = rtas_firmware_flash_list;
578 rtas_block_list = virt_to_abs(flist);
579 if (rtas_block_list >= 4UL*1024*1024*1024) {
580 printk(KERN_ALERT "FLASH: kernel bug...flash list header addr above 4GB\n");
581 spin_unlock(&rtas_data_buf_lock);
582 return;
583 }
584
585 printk(KERN_ALERT "FLASH: preparing saved firmware image for flash\n");
586
587 rtas_firmware_flash_list = NULL;
588 image_size = 0;
589 for (f = flist; f; f = next) {
590
591 for (i = 0; i < f->num_blocks; i++) {
592 f->blocks[i].data = (char *)virt_to_abs(f->blocks[i].data);
593 image_size += f->blocks[i].length;
594 }
595 next = f->next;
596
597 if (f->next)
598 f->next = (struct flash_block_list *)virt_to_abs(f->next);
599 else
600 f->next = NULL;
601
602 f->num_blocks = (FLASH_BLOCK_LIST_VERSION << 56) | ((f->num_blocks+1)*16);
603 }
604
605 printk(KERN_ALERT "FLASH: flash image is %ld bytes\n", image_size);
606 printk(KERN_ALERT "FLASH: performing flash and reboot\n");
607 rtas_progress("Flashing \n", 0x0);
608 rtas_progress("Please Wait... ", 0x0);
609 printk(KERN_ALERT "FLASH: this will take several minutes. Do not power off!\n");
610 status = rtas_call(update_token, 1, 1, NULL, rtas_block_list);
611 switch (status) {
612 case 0:
613 printk(KERN_ALERT "FLASH: success\n");
614 break;
615 case -1:
616 printk(KERN_ALERT "FLASH: hardware error. Firmware may not be not flashed\n");
617 break;
618 case -3:
619 printk(KERN_ALERT "FLASH: image is corrupt or not correct for this platform. Firmware not flashed\n");
620 break;
621 case -4:
622 printk(KERN_ALERT "FLASH: flash failed when partially complete. System may not reboot\n");
623 break;
624 default:
625 printk(KERN_ALERT "FLASH: unknown flash return code %d\n", status);
626 break;
627 }
628 spin_unlock(&rtas_data_buf_lock);
629}
630
631static void remove_flash_pde(struct proc_dir_entry *dp)
632{
633 if (dp) {
634 kfree(dp->data);
635 remove_proc_entry(dp->name, dp->parent);
636 }
637}
638
639static int initialize_flash_pde_data(const char *rtas_call_name,
640 size_t buf_size,
641 struct proc_dir_entry *dp)
642{
643 int *status;
644 int token;
645
646 dp->data = kzalloc(buf_size, GFP_KERNEL);
647 if (dp->data == NULL) {
648 remove_flash_pde(dp);
649 return -ENOMEM;
650 }
651
652
653
654
655
656 status = (int *) dp->data;
657 token = rtas_token(rtas_call_name);
658 if (token == RTAS_UNKNOWN_SERVICE)
659 *status = FLASH_AUTH;
660 else
661 *status = FLASH_NO_OP;
662
663 return 0;
664}
665
666static struct proc_dir_entry *create_flash_pde(const char *filename,
667 const struct file_operations *fops)
668{
669 return proc_create(filename, S_IRUSR | S_IWUSR, NULL, fops);
670}
671
672static const struct file_operations rtas_flash_operations = {
673 .owner = THIS_MODULE,
674 .read = rtas_flash_read,
675 .write = rtas_flash_write,
676 .open = rtas_excl_open,
677 .release = rtas_flash_release,
678 .llseek = default_llseek,
679};
680
681static const struct file_operations manage_flash_operations = {
682 .owner = THIS_MODULE,
683 .read = manage_flash_read,
684 .write = manage_flash_write,
685 .open = rtas_excl_open,
686 .release = rtas_excl_release,
687 .llseek = default_llseek,
688};
689
690static const struct file_operations validate_flash_operations = {
691 .owner = THIS_MODULE,
692 .read = validate_flash_read,
693 .write = validate_flash_write,
694 .open = rtas_excl_open,
695 .release = validate_flash_release,
696 .llseek = default_llseek,
697};
698
699static int __init rtas_flash_init(void)
700{
701 int rc;
702
703 if (rtas_token("ibm,update-flash-64-and-reboot") ==
704 RTAS_UNKNOWN_SERVICE) {
705 printk(KERN_ERR "rtas_flash: no firmware flash support\n");
706 return 1;
707 }
708
709 firmware_flash_pde = create_flash_pde("powerpc/rtas/"
710 FIRMWARE_FLASH_NAME,
711 &rtas_flash_operations);
712 if (firmware_flash_pde == NULL) {
713 rc = -ENOMEM;
714 goto cleanup;
715 }
716
717 rc = initialize_flash_pde_data("ibm,update-flash-64-and-reboot",
718 sizeof(struct rtas_update_flash_t),
719 firmware_flash_pde);
720 if (rc != 0)
721 goto cleanup;
722
723 firmware_update_pde = create_flash_pde("powerpc/rtas/"
724 FIRMWARE_UPDATE_NAME,
725 &rtas_flash_operations);
726 if (firmware_update_pde == NULL) {
727 rc = -ENOMEM;
728 goto cleanup;
729 }
730
731 rc = initialize_flash_pde_data("ibm,update-flash-64-and-reboot",
732 sizeof(struct rtas_update_flash_t),
733 firmware_update_pde);
734 if (rc != 0)
735 goto cleanup;
736
737 validate_pde = create_flash_pde("powerpc/rtas/" VALIDATE_FLASH_NAME,
738 &validate_flash_operations);
739 if (validate_pde == NULL) {
740 rc = -ENOMEM;
741 goto cleanup;
742 }
743
744 rc = initialize_flash_pde_data("ibm,validate-flash-image",
745 sizeof(struct rtas_validate_flash_t),
746 validate_pde);
747 if (rc != 0)
748 goto cleanup;
749
750 manage_pde = create_flash_pde("powerpc/rtas/" MANAGE_FLASH_NAME,
751 &manage_flash_operations);
752 if (manage_pde == NULL) {
753 rc = -ENOMEM;
754 goto cleanup;
755 }
756
757 rc = initialize_flash_pde_data("ibm,manage-flash-image",
758 sizeof(struct rtas_manage_flash_t),
759 manage_pde);
760 if (rc != 0)
761 goto cleanup;
762
763 rtas_flash_term_hook = rtas_flash_firmware;
764
765 flash_block_cache = kmem_cache_create("rtas_flash_cache",
766 RTAS_BLK_SIZE, RTAS_BLK_SIZE, 0,
767 rtas_block_ctor);
768 if (!flash_block_cache) {
769 printk(KERN_ERR "%s: failed to create block cache\n",
770 __func__);
771 rc = -ENOMEM;
772 goto cleanup;
773 }
774 return 0;
775
776cleanup:
777 remove_flash_pde(firmware_flash_pde);
778 remove_flash_pde(firmware_update_pde);
779 remove_flash_pde(validate_pde);
780 remove_flash_pde(manage_pde);
781
782 return rc;
783}
784
785static void __exit rtas_flash_cleanup(void)
786{
787 rtas_flash_term_hook = NULL;
788
789 if (flash_block_cache)
790 kmem_cache_destroy(flash_block_cache);
791
792 remove_flash_pde(firmware_flash_pde);
793 remove_flash_pde(firmware_update_pde);
794 remove_flash_pde(validate_pde);
795 remove_flash_pde(manage_pde);
796}
797
798module_init(rtas_flash_init);
799module_exit(rtas_flash_cleanup);
800MODULE_LICENSE("GPL");
801