Loading...
1// SPDX-License-Identifier: GPL-2.0-or-later
2/*
3 * c 2001 PPC 64 Team, IBM Corp
4 *
5 * /proc/powerpc/rtas/firmware_flash interface
6 *
7 * This file implements a firmware_flash interface to pump a firmware
8 * image into the kernel. At reboot time rtas_restart() will see the
9 * firmware image and flash it as it reboots (see rtas.c).
10 */
11
12#include <linux/module.h>
13#include <linux/init.h>
14#include <linux/slab.h>
15#include <linux/proc_fs.h>
16#include <linux/reboot.h>
17#include <asm/delay.h>
18#include <linux/uaccess.h>
19#include <asm/rtas.h>
20
21#define MODULE_VERS "1.0"
22#define MODULE_NAME "rtas_flash"
23
24#define FIRMWARE_FLASH_NAME "firmware_flash"
25#define FIRMWARE_UPDATE_NAME "firmware_update"
26#define MANAGE_FLASH_NAME "manage_flash"
27#define VALIDATE_FLASH_NAME "validate_flash"
28
29/* General RTAS Status Codes */
30#define RTAS_RC_SUCCESS 0
31#define RTAS_RC_HW_ERR -1
32#define RTAS_RC_BUSY -2
33
34/* Flash image status values */
35#define FLASH_AUTH -9002 /* RTAS Not Service Authority Partition */
36#define FLASH_NO_OP -1099 /* No operation initiated by user */
37#define FLASH_IMG_SHORT -1005 /* Flash image shorter than expected */
38#define FLASH_IMG_BAD_LEN -1004 /* Bad length value in flash list block */
39#define FLASH_IMG_NULL_DATA -1003 /* Bad data value in flash list block */
40#define FLASH_IMG_READY 0 /* Firmware img ready for flash on reboot */
41
42/* Manage image status values */
43#define MANAGE_AUTH -9002 /* RTAS Not Service Authority Partition */
44#define MANAGE_ACTIVE_ERR -9001 /* RTAS Cannot Overwrite Active Img */
45#define MANAGE_NO_OP -1099 /* No operation initiated by user */
46#define MANAGE_PARAM_ERR -3 /* RTAS Parameter Error */
47#define MANAGE_HW_ERR -1 /* RTAS Hardware Error */
48
49/* Validate image status values */
50#define VALIDATE_AUTH -9002 /* RTAS Not Service Authority Partition */
51#define VALIDATE_NO_OP -1099 /* No operation initiated by the user */
52#define VALIDATE_INCOMPLETE -1002 /* User copied < VALIDATE_BUF_SIZE */
53#define VALIDATE_READY -1001 /* Firmware image ready for validation */
54#define VALIDATE_PARAM_ERR -3 /* RTAS Parameter Error */
55#define VALIDATE_HW_ERR -1 /* RTAS Hardware Error */
56
57/* ibm,validate-flash-image update result tokens */
58#define VALIDATE_TMP_UPDATE 0 /* T side will be updated */
59#define VALIDATE_FLASH_AUTH 1 /* Partition does not have authority */
60#define VALIDATE_INVALID_IMG 2 /* Candidate image is not valid */
61#define VALIDATE_CUR_UNKNOWN 3 /* Current fixpack level is unknown */
62/*
63 * Current T side will be committed to P side before being replace with new
64 * image, and the new image is downlevel from current image
65 */
66#define VALIDATE_TMP_COMMIT_DL 4
67/*
68 * Current T side will be committed to P side before being replaced with new
69 * image
70 */
71#define VALIDATE_TMP_COMMIT 5
72/*
73 * T side will be updated with a downlevel image
74 */
75#define VALIDATE_TMP_UPDATE_DL 6
76/*
77 * The candidate image's release date is later than the system's firmware
78 * service entitlement date - service warranty period has expired
79 */
80#define VALIDATE_OUT_OF_WRNTY 7
81
82/* ibm,manage-flash-image operation tokens */
83#define RTAS_REJECT_TMP_IMG 0
84#define RTAS_COMMIT_TMP_IMG 1
85
86/* Array sizes */
87#define VALIDATE_BUF_SIZE 4096
88#define VALIDATE_MSG_LEN 256
89#define RTAS_MSG_MAXLEN 64
90
91/* Quirk - RTAS requires 4k list length and block size */
92#define RTAS_BLKLIST_LENGTH 4096
93#define RTAS_BLK_SIZE 4096
94
95struct flash_block {
96 char *data;
97 unsigned long length;
98};
99
100/* This struct is very similar but not identical to
101 * that needed by the rtas flash update.
102 * All we need to do for rtas is rewrite num_blocks
103 * into a version/length and translate the pointers
104 * to absolute.
105 */
106#define FLASH_BLOCKS_PER_NODE ((RTAS_BLKLIST_LENGTH - 16) / sizeof(struct flash_block))
107struct flash_block_list {
108 unsigned long num_blocks;
109 struct flash_block_list *next;
110 struct flash_block blocks[FLASH_BLOCKS_PER_NODE];
111};
112
113static struct flash_block_list *rtas_firmware_flash_list;
114
115/* Use slab cache to guarantee 4k alignment */
116static struct kmem_cache *flash_block_cache = NULL;
117
118#define FLASH_BLOCK_LIST_VERSION (1UL)
119
120/*
121 * Local copy of the flash block list.
122 *
123 * The rtas_firmware_flash_list variable will be
124 * set once the data is fully read.
125 *
126 * For convenience as we build the list we use virtual addrs,
127 * we do not fill in the version number, and the length field
128 * is treated as the number of entries currently in the block
129 * (i.e. not a byte count). This is all fixed when calling
130 * the flash routine.
131 */
132
133/* Status int must be first member of struct */
134struct rtas_update_flash_t
135{
136 int status; /* Flash update status */
137 struct flash_block_list *flist; /* Local copy of flash block list */
138};
139
140/* Status int must be first member of struct */
141struct rtas_manage_flash_t
142{
143 int status; /* Returned status */
144};
145
146/* Status int must be first member of struct */
147struct rtas_validate_flash_t
148{
149 int status; /* Returned status */
150 char *buf; /* Candidate image buffer */
151 unsigned int buf_size; /* Size of image buf */
152 unsigned int update_results; /* Update results token */
153};
154
155static struct rtas_update_flash_t rtas_update_flash_data;
156static struct rtas_manage_flash_t rtas_manage_flash_data;
157static struct rtas_validate_flash_t rtas_validate_flash_data;
158static DEFINE_MUTEX(rtas_update_flash_mutex);
159static DEFINE_MUTEX(rtas_manage_flash_mutex);
160static DEFINE_MUTEX(rtas_validate_flash_mutex);
161
162/* Do simple sanity checks on the flash image. */
163static int flash_list_valid(struct flash_block_list *flist)
164{
165 struct flash_block_list *f;
166 int i;
167 unsigned long block_size, image_size;
168
169 /* Paranoid self test here. We also collect the image size. */
170 image_size = 0;
171 for (f = flist; f; f = f->next) {
172 for (i = 0; i < f->num_blocks; i++) {
173 if (f->blocks[i].data == NULL) {
174 return FLASH_IMG_NULL_DATA;
175 }
176 block_size = f->blocks[i].length;
177 if (block_size <= 0 || block_size > RTAS_BLK_SIZE) {
178 return FLASH_IMG_BAD_LEN;
179 }
180 image_size += block_size;
181 }
182 }
183
184 if (image_size < (256 << 10)) {
185 if (image_size < 2)
186 return FLASH_NO_OP;
187 }
188
189 printk(KERN_INFO "FLASH: flash image with %ld bytes stored for hardware flash on reboot\n", image_size);
190
191 return FLASH_IMG_READY;
192}
193
194static void free_flash_list(struct flash_block_list *f)
195{
196 struct flash_block_list *next;
197 int i;
198
199 while (f) {
200 for (i = 0; i < f->num_blocks; i++)
201 kmem_cache_free(flash_block_cache, f->blocks[i].data);
202 next = f->next;
203 kmem_cache_free(flash_block_cache, f);
204 f = next;
205 }
206}
207
208static int rtas_flash_release(struct inode *inode, struct file *file)
209{
210 struct rtas_update_flash_t *const uf = &rtas_update_flash_data;
211
212 mutex_lock(&rtas_update_flash_mutex);
213
214 if (uf->flist) {
215 /* File was opened in write mode for a new flash attempt */
216 /* Clear saved list */
217 if (rtas_firmware_flash_list) {
218 free_flash_list(rtas_firmware_flash_list);
219 rtas_firmware_flash_list = NULL;
220 }
221
222 if (uf->status != FLASH_AUTH)
223 uf->status = flash_list_valid(uf->flist);
224
225 if (uf->status == FLASH_IMG_READY)
226 rtas_firmware_flash_list = uf->flist;
227 else
228 free_flash_list(uf->flist);
229
230 uf->flist = NULL;
231 }
232
233 mutex_unlock(&rtas_update_flash_mutex);
234 return 0;
235}
236
237static size_t get_flash_status_msg(int status, char *buf)
238{
239 const char *msg;
240 size_t len;
241
242 switch (status) {
243 case FLASH_AUTH:
244 msg = "error: this partition does not have service authority\n";
245 break;
246 case FLASH_NO_OP:
247 msg = "info: no firmware image for flash\n";
248 break;
249 case FLASH_IMG_SHORT:
250 msg = "error: flash image short\n";
251 break;
252 case FLASH_IMG_BAD_LEN:
253 msg = "error: internal error bad length\n";
254 break;
255 case FLASH_IMG_NULL_DATA:
256 msg = "error: internal error null data\n";
257 break;
258 case FLASH_IMG_READY:
259 msg = "ready: firmware image ready for flash on reboot\n";
260 break;
261 default:
262 return sprintf(buf, "error: unexpected status value %d\n",
263 status);
264 }
265
266 len = strlen(msg);
267 memcpy(buf, msg, len + 1);
268 return len;
269}
270
271/* Reading the proc file will show status (not the firmware contents) */
272static ssize_t rtas_flash_read_msg(struct file *file, char __user *buf,
273 size_t count, loff_t *ppos)
274{
275 struct rtas_update_flash_t *const uf = &rtas_update_flash_data;
276 char msg[RTAS_MSG_MAXLEN];
277 size_t len;
278 int status;
279
280 mutex_lock(&rtas_update_flash_mutex);
281 status = uf->status;
282 mutex_unlock(&rtas_update_flash_mutex);
283
284 /* Read as text message */
285 len = get_flash_status_msg(status, msg);
286 return simple_read_from_buffer(buf, count, ppos, msg, len);
287}
288
289static ssize_t rtas_flash_read_num(struct file *file, char __user *buf,
290 size_t count, loff_t *ppos)
291{
292 struct rtas_update_flash_t *const uf = &rtas_update_flash_data;
293 char msg[RTAS_MSG_MAXLEN];
294 int status;
295
296 mutex_lock(&rtas_update_flash_mutex);
297 status = uf->status;
298 mutex_unlock(&rtas_update_flash_mutex);
299
300 /* Read as number */
301 sprintf(msg, "%d\n", status);
302 return simple_read_from_buffer(buf, count, ppos, msg, strlen(msg));
303}
304
305/* We could be much more efficient here. But to keep this function
306 * simple we allocate a page to the block list no matter how small the
307 * count is. If the system is low on memory it will be just as well
308 * that we fail....
309 */
310static ssize_t rtas_flash_write(struct file *file, const char __user *buffer,
311 size_t count, loff_t *off)
312{
313 struct rtas_update_flash_t *const uf = &rtas_update_flash_data;
314 char *p;
315 int next_free, rc;
316 struct flash_block_list *fl;
317
318 mutex_lock(&rtas_update_flash_mutex);
319
320 if (uf->status == FLASH_AUTH || count == 0)
321 goto out; /* discard data */
322
323 /* In the case that the image is not ready for flashing, the memory
324 * allocated for the block list will be freed upon the release of the
325 * proc file
326 */
327 if (uf->flist == NULL) {
328 uf->flist = kmem_cache_zalloc(flash_block_cache, GFP_KERNEL);
329 if (!uf->flist)
330 goto nomem;
331 }
332
333 fl = uf->flist;
334 while (fl->next)
335 fl = fl->next; /* seek to last block_list for append */
336 next_free = fl->num_blocks;
337 if (next_free == FLASH_BLOCKS_PER_NODE) {
338 /* Need to allocate another block_list */
339 fl->next = kmem_cache_zalloc(flash_block_cache, GFP_KERNEL);
340 if (!fl->next)
341 goto nomem;
342 fl = fl->next;
343 next_free = 0;
344 }
345
346 if (count > RTAS_BLK_SIZE)
347 count = RTAS_BLK_SIZE;
348 p = kmem_cache_zalloc(flash_block_cache, GFP_KERNEL);
349 if (!p)
350 goto nomem;
351
352 if(copy_from_user(p, buffer, count)) {
353 kmem_cache_free(flash_block_cache, p);
354 rc = -EFAULT;
355 goto error;
356 }
357 fl->blocks[next_free].data = p;
358 fl->blocks[next_free].length = count;
359 fl->num_blocks++;
360out:
361 mutex_unlock(&rtas_update_flash_mutex);
362 return count;
363
364nomem:
365 rc = -ENOMEM;
366error:
367 mutex_unlock(&rtas_update_flash_mutex);
368 return rc;
369}
370
371/*
372 * Flash management routines.
373 */
374static void manage_flash(struct rtas_manage_flash_t *args_buf, unsigned int op)
375{
376 s32 rc;
377
378 do {
379 rc = rtas_call(rtas_token("ibm,manage-flash-image"), 1, 1,
380 NULL, op);
381 } while (rtas_busy_delay(rc));
382
383 args_buf->status = rc;
384}
385
386static ssize_t manage_flash_read(struct file *file, char __user *buf,
387 size_t count, loff_t *ppos)
388{
389 struct rtas_manage_flash_t *const args_buf = &rtas_manage_flash_data;
390 char msg[RTAS_MSG_MAXLEN];
391 int msglen, status;
392
393 mutex_lock(&rtas_manage_flash_mutex);
394 status = args_buf->status;
395 mutex_unlock(&rtas_manage_flash_mutex);
396
397 msglen = sprintf(msg, "%d\n", status);
398 return simple_read_from_buffer(buf, count, ppos, msg, msglen);
399}
400
401static ssize_t manage_flash_write(struct file *file, const char __user *buf,
402 size_t count, loff_t *off)
403{
404 struct rtas_manage_flash_t *const args_buf = &rtas_manage_flash_data;
405 static const char reject_str[] = "0";
406 static const char commit_str[] = "1";
407 char stkbuf[10];
408 int op, rc;
409
410 mutex_lock(&rtas_manage_flash_mutex);
411
412 if ((args_buf->status == MANAGE_AUTH) || (count == 0))
413 goto out;
414
415 op = -1;
416 if (buf) {
417 if (count > 9) count = 9;
418 rc = -EFAULT;
419 if (copy_from_user (stkbuf, buf, count))
420 goto error;
421 if (strncmp(stkbuf, reject_str, strlen(reject_str)) == 0)
422 op = RTAS_REJECT_TMP_IMG;
423 else if (strncmp(stkbuf, commit_str, strlen(commit_str)) == 0)
424 op = RTAS_COMMIT_TMP_IMG;
425 }
426
427 if (op == -1) { /* buf is empty, or contains invalid string */
428 rc = -EINVAL;
429 goto error;
430 }
431
432 manage_flash(args_buf, op);
433out:
434 mutex_unlock(&rtas_manage_flash_mutex);
435 return count;
436
437error:
438 mutex_unlock(&rtas_manage_flash_mutex);
439 return rc;
440}
441
442/*
443 * Validation routines.
444 */
445static void validate_flash(struct rtas_validate_flash_t *args_buf)
446{
447 int token = rtas_token("ibm,validate-flash-image");
448 int update_results;
449 s32 rc;
450
451 rc = 0;
452 do {
453 spin_lock(&rtas_data_buf_lock);
454 memcpy(rtas_data_buf, args_buf->buf, VALIDATE_BUF_SIZE);
455 rc = rtas_call(token, 2, 2, &update_results,
456 (u32) __pa(rtas_data_buf), args_buf->buf_size);
457 memcpy(args_buf->buf, rtas_data_buf, VALIDATE_BUF_SIZE);
458 spin_unlock(&rtas_data_buf_lock);
459 } while (rtas_busy_delay(rc));
460
461 args_buf->status = rc;
462 args_buf->update_results = update_results;
463}
464
465static int get_validate_flash_msg(struct rtas_validate_flash_t *args_buf,
466 char *msg, int msglen)
467{
468 int n;
469
470 if (args_buf->status >= VALIDATE_TMP_UPDATE) {
471 n = sprintf(msg, "%d\n", args_buf->update_results);
472 if ((args_buf->update_results >= VALIDATE_CUR_UNKNOWN) ||
473 (args_buf->update_results == VALIDATE_TMP_UPDATE))
474 n += snprintf(msg + n, msglen - n, "%s\n",
475 args_buf->buf);
476 } else {
477 n = sprintf(msg, "%d\n", args_buf->status);
478 }
479 return n;
480}
481
482static ssize_t validate_flash_read(struct file *file, char __user *buf,
483 size_t count, loff_t *ppos)
484{
485 struct rtas_validate_flash_t *const args_buf =
486 &rtas_validate_flash_data;
487 char msg[VALIDATE_MSG_LEN];
488 int msglen;
489
490 mutex_lock(&rtas_validate_flash_mutex);
491 msglen = get_validate_flash_msg(args_buf, msg, VALIDATE_MSG_LEN);
492 mutex_unlock(&rtas_validate_flash_mutex);
493
494 return simple_read_from_buffer(buf, count, ppos, msg, msglen);
495}
496
497static ssize_t validate_flash_write(struct file *file, const char __user *buf,
498 size_t count, loff_t *off)
499{
500 struct rtas_validate_flash_t *const args_buf =
501 &rtas_validate_flash_data;
502 int rc;
503
504 mutex_lock(&rtas_validate_flash_mutex);
505
506 /* We are only interested in the first 4K of the
507 * candidate image */
508 if ((*off >= VALIDATE_BUF_SIZE) ||
509 (args_buf->status == VALIDATE_AUTH)) {
510 *off += count;
511 mutex_unlock(&rtas_validate_flash_mutex);
512 return count;
513 }
514
515 if (*off + count >= VALIDATE_BUF_SIZE) {
516 count = VALIDATE_BUF_SIZE - *off;
517 args_buf->status = VALIDATE_READY;
518 } else {
519 args_buf->status = VALIDATE_INCOMPLETE;
520 }
521
522 if (!access_ok(buf, count)) {
523 rc = -EFAULT;
524 goto done;
525 }
526 if (copy_from_user(args_buf->buf + *off, buf, count)) {
527 rc = -EFAULT;
528 goto done;
529 }
530
531 *off += count;
532 rc = count;
533done:
534 mutex_unlock(&rtas_validate_flash_mutex);
535 return rc;
536}
537
538static int validate_flash_release(struct inode *inode, struct file *file)
539{
540 struct rtas_validate_flash_t *const args_buf =
541 &rtas_validate_flash_data;
542
543 mutex_lock(&rtas_validate_flash_mutex);
544
545 if (args_buf->status == VALIDATE_READY) {
546 args_buf->buf_size = VALIDATE_BUF_SIZE;
547 validate_flash(args_buf);
548 }
549
550 mutex_unlock(&rtas_validate_flash_mutex);
551 return 0;
552}
553
554/*
555 * On-reboot flash update applicator.
556 */
557static void rtas_flash_firmware(int reboot_type)
558{
559 unsigned long image_size;
560 struct flash_block_list *f, *next, *flist;
561 unsigned long rtas_block_list;
562 int i, status, update_token;
563
564 if (rtas_firmware_flash_list == NULL)
565 return; /* nothing to do */
566
567 if (reboot_type != SYS_RESTART) {
568 printk(KERN_ALERT "FLASH: firmware flash requires a reboot\n");
569 printk(KERN_ALERT "FLASH: the firmware image will NOT be flashed\n");
570 return;
571 }
572
573 update_token = rtas_token("ibm,update-flash-64-and-reboot");
574 if (update_token == RTAS_UNKNOWN_SERVICE) {
575 printk(KERN_ALERT "FLASH: ibm,update-flash-64-and-reboot "
576 "is not available -- not a service partition?\n");
577 printk(KERN_ALERT "FLASH: firmware will not be flashed\n");
578 return;
579 }
580
581 /*
582 * Just before starting the firmware flash, cancel the event scan work
583 * to avoid any soft lockup issues.
584 */
585 rtas_cancel_event_scan();
586
587 /*
588 * NOTE: the "first" block must be under 4GB, so we create
589 * an entry with no data blocks in the reserved buffer in
590 * the kernel data segment.
591 */
592 spin_lock(&rtas_data_buf_lock);
593 flist = (struct flash_block_list *)&rtas_data_buf[0];
594 flist->num_blocks = 0;
595 flist->next = rtas_firmware_flash_list;
596 rtas_block_list = __pa(flist);
597 if (rtas_block_list >= 4UL*1024*1024*1024) {
598 printk(KERN_ALERT "FLASH: kernel bug...flash list header addr above 4GB\n");
599 spin_unlock(&rtas_data_buf_lock);
600 return;
601 }
602
603 printk(KERN_ALERT "FLASH: preparing saved firmware image for flash\n");
604 /* Update the block_list in place. */
605 rtas_firmware_flash_list = NULL; /* too hard to backout on error */
606 image_size = 0;
607 for (f = flist; f; f = next) {
608 /* Translate data addrs to absolute */
609 for (i = 0; i < f->num_blocks; i++) {
610 f->blocks[i].data = (char *)cpu_to_be64(__pa(f->blocks[i].data));
611 image_size += f->blocks[i].length;
612 f->blocks[i].length = cpu_to_be64(f->blocks[i].length);
613 }
614 next = f->next;
615 /* Don't translate NULL pointer for last entry */
616 if (f->next)
617 f->next = (struct flash_block_list *)cpu_to_be64(__pa(f->next));
618 else
619 f->next = NULL;
620 /* make num_blocks into the version/length field */
621 f->num_blocks = (FLASH_BLOCK_LIST_VERSION << 56) | ((f->num_blocks+1)*16);
622 f->num_blocks = cpu_to_be64(f->num_blocks);
623 }
624
625 printk(KERN_ALERT "FLASH: flash image is %ld bytes\n", image_size);
626 printk(KERN_ALERT "FLASH: performing flash and reboot\n");
627 rtas_progress("Flashing \n", 0x0);
628 rtas_progress("Please Wait... ", 0x0);
629 printk(KERN_ALERT "FLASH: this will take several minutes. Do not power off!\n");
630 status = rtas_call(update_token, 1, 1, NULL, rtas_block_list);
631 switch (status) { /* should only get "bad" status */
632 case 0:
633 printk(KERN_ALERT "FLASH: success\n");
634 break;
635 case -1:
636 printk(KERN_ALERT "FLASH: hardware error. Firmware may not be not flashed\n");
637 break;
638 case -3:
639 printk(KERN_ALERT "FLASH: image is corrupt or not correct for this platform. Firmware not flashed\n");
640 break;
641 case -4:
642 printk(KERN_ALERT "FLASH: flash failed when partially complete. System may not reboot\n");
643 break;
644 default:
645 printk(KERN_ALERT "FLASH: unknown flash return code %d\n", status);
646 break;
647 }
648 spin_unlock(&rtas_data_buf_lock);
649}
650
651/*
652 * Manifest of proc files to create
653 */
654struct rtas_flash_file {
655 const char *filename;
656 const char *rtas_call_name;
657 int *status;
658 const struct proc_ops ops;
659};
660
661static const struct rtas_flash_file rtas_flash_files[] = {
662 {
663 .filename = "powerpc/rtas/" FIRMWARE_FLASH_NAME,
664 .rtas_call_name = "ibm,update-flash-64-and-reboot",
665 .status = &rtas_update_flash_data.status,
666 .ops.proc_read = rtas_flash_read_msg,
667 .ops.proc_write = rtas_flash_write,
668 .ops.proc_release = rtas_flash_release,
669 .ops.proc_lseek = default_llseek,
670 },
671 {
672 .filename = "powerpc/rtas/" FIRMWARE_UPDATE_NAME,
673 .rtas_call_name = "ibm,update-flash-64-and-reboot",
674 .status = &rtas_update_flash_data.status,
675 .ops.proc_read = rtas_flash_read_num,
676 .ops.proc_write = rtas_flash_write,
677 .ops.proc_release = rtas_flash_release,
678 .ops.proc_lseek = default_llseek,
679 },
680 {
681 .filename = "powerpc/rtas/" VALIDATE_FLASH_NAME,
682 .rtas_call_name = "ibm,validate-flash-image",
683 .status = &rtas_validate_flash_data.status,
684 .ops.proc_read = validate_flash_read,
685 .ops.proc_write = validate_flash_write,
686 .ops.proc_release = validate_flash_release,
687 .ops.proc_lseek = default_llseek,
688 },
689 {
690 .filename = "powerpc/rtas/" MANAGE_FLASH_NAME,
691 .rtas_call_name = "ibm,manage-flash-image",
692 .status = &rtas_manage_flash_data.status,
693 .ops.proc_read = manage_flash_read,
694 .ops.proc_write = manage_flash_write,
695 .ops.proc_lseek = default_llseek,
696 }
697};
698
699static int __init rtas_flash_init(void)
700{
701 int i;
702
703 if (rtas_token("ibm,update-flash-64-and-reboot") ==
704 RTAS_UNKNOWN_SERVICE) {
705 pr_info("rtas_flash: no firmware flash support\n");
706 return -EINVAL;
707 }
708
709 rtas_validate_flash_data.buf = kzalloc(VALIDATE_BUF_SIZE, GFP_KERNEL);
710 if (!rtas_validate_flash_data.buf)
711 return -ENOMEM;
712
713 flash_block_cache = kmem_cache_create("rtas_flash_cache",
714 RTAS_BLK_SIZE, RTAS_BLK_SIZE, 0,
715 NULL);
716 if (!flash_block_cache) {
717 printk(KERN_ERR "%s: failed to create block cache\n",
718 __func__);
719 goto enomem_buf;
720 }
721
722 for (i = 0; i < ARRAY_SIZE(rtas_flash_files); i++) {
723 const struct rtas_flash_file *f = &rtas_flash_files[i];
724 int token;
725
726 if (!proc_create(f->filename, 0600, NULL, &f->ops))
727 goto enomem;
728
729 /*
730 * This code assumes that the status int is the first member of the
731 * struct
732 */
733 token = rtas_token(f->rtas_call_name);
734 if (token == RTAS_UNKNOWN_SERVICE)
735 *f->status = FLASH_AUTH;
736 else
737 *f->status = FLASH_NO_OP;
738 }
739
740 rtas_flash_term_hook = rtas_flash_firmware;
741 return 0;
742
743enomem:
744 while (--i >= 0) {
745 const struct rtas_flash_file *f = &rtas_flash_files[i];
746 remove_proc_entry(f->filename, NULL);
747 }
748
749 kmem_cache_destroy(flash_block_cache);
750enomem_buf:
751 kfree(rtas_validate_flash_data.buf);
752 return -ENOMEM;
753}
754
755static void __exit rtas_flash_cleanup(void)
756{
757 int i;
758
759 rtas_flash_term_hook = NULL;
760
761 if (rtas_firmware_flash_list) {
762 free_flash_list(rtas_firmware_flash_list);
763 rtas_firmware_flash_list = NULL;
764 }
765
766 for (i = 0; i < ARRAY_SIZE(rtas_flash_files); i++) {
767 const struct rtas_flash_file *f = &rtas_flash_files[i];
768 remove_proc_entry(f->filename, NULL);
769 }
770
771 kmem_cache_destroy(flash_block_cache);
772 kfree(rtas_validate_flash_data.buf);
773}
774
775module_init(rtas_flash_init);
776module_exit(rtas_flash_cleanup);
777MODULE_LICENSE("GPL");
1/*
2 * c 2001 PPC 64 Team, IBM Corp
3 *
4 * This program is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU General Public License
6 * as published by the Free Software Foundation; either version
7 * 2 of the License, or (at your option) any later version.
8 *
9 * /proc/powerpc/rtas/firmware_flash interface
10 *
11 * This file implements a firmware_flash interface to pump a firmware
12 * image into the kernel. At reboot time rtas_restart() will see the
13 * firmware image and flash it as it reboots (see rtas.c).
14 */
15
16#include <linux/module.h>
17#include <linux/init.h>
18#include <linux/slab.h>
19#include <linux/proc_fs.h>
20#include <linux/reboot.h>
21#include <asm/delay.h>
22#include <linux/uaccess.h>
23#include <asm/rtas.h>
24
25#define MODULE_VERS "1.0"
26#define MODULE_NAME "rtas_flash"
27
28#define FIRMWARE_FLASH_NAME "firmware_flash"
29#define FIRMWARE_UPDATE_NAME "firmware_update"
30#define MANAGE_FLASH_NAME "manage_flash"
31#define VALIDATE_FLASH_NAME "validate_flash"
32
33/* General RTAS Status Codes */
34#define RTAS_RC_SUCCESS 0
35#define RTAS_RC_HW_ERR -1
36#define RTAS_RC_BUSY -2
37
38/* Flash image status values */
39#define FLASH_AUTH -9002 /* RTAS Not Service Authority Partition */
40#define FLASH_NO_OP -1099 /* No operation initiated by user */
41#define FLASH_IMG_SHORT -1005 /* Flash image shorter than expected */
42#define FLASH_IMG_BAD_LEN -1004 /* Bad length value in flash list block */
43#define FLASH_IMG_NULL_DATA -1003 /* Bad data value in flash list block */
44#define FLASH_IMG_READY 0 /* Firmware img ready for flash on reboot */
45
46/* Manage image status values */
47#define MANAGE_AUTH -9002 /* RTAS Not Service Authority Partition */
48#define MANAGE_ACTIVE_ERR -9001 /* RTAS Cannot Overwrite Active Img */
49#define MANAGE_NO_OP -1099 /* No operation initiated by user */
50#define MANAGE_PARAM_ERR -3 /* RTAS Parameter Error */
51#define MANAGE_HW_ERR -1 /* RTAS Hardware Error */
52
53/* Validate image status values */
54#define VALIDATE_AUTH -9002 /* RTAS Not Service Authority Partition */
55#define VALIDATE_NO_OP -1099 /* No operation initiated by the user */
56#define VALIDATE_INCOMPLETE -1002 /* User copied < VALIDATE_BUF_SIZE */
57#define VALIDATE_READY -1001 /* Firmware image ready for validation */
58#define VALIDATE_PARAM_ERR -3 /* RTAS Parameter Error */
59#define VALIDATE_HW_ERR -1 /* RTAS Hardware Error */
60
61/* ibm,validate-flash-image update result tokens */
62#define VALIDATE_TMP_UPDATE 0 /* T side will be updated */
63#define VALIDATE_FLASH_AUTH 1 /* Partition does not have authority */
64#define VALIDATE_INVALID_IMG 2 /* Candidate image is not valid */
65#define VALIDATE_CUR_UNKNOWN 3 /* Current fixpack level is unknown */
66/*
67 * Current T side will be committed to P side before being replace with new
68 * image, and the new image is downlevel from current image
69 */
70#define VALIDATE_TMP_COMMIT_DL 4
71/*
72 * Current T side will be committed to P side before being replaced with new
73 * image
74 */
75#define VALIDATE_TMP_COMMIT 5
76/*
77 * T side will be updated with a downlevel image
78 */
79#define VALIDATE_TMP_UPDATE_DL 6
80/*
81 * The candidate image's release date is later than the system's firmware
82 * service entitlement date - service warranty period has expired
83 */
84#define VALIDATE_OUT_OF_WRNTY 7
85
86/* ibm,manage-flash-image operation tokens */
87#define RTAS_REJECT_TMP_IMG 0
88#define RTAS_COMMIT_TMP_IMG 1
89
90/* Array sizes */
91#define VALIDATE_BUF_SIZE 4096
92#define VALIDATE_MSG_LEN 256
93#define RTAS_MSG_MAXLEN 64
94
95/* Quirk - RTAS requires 4k list length and block size */
96#define RTAS_BLKLIST_LENGTH 4096
97#define RTAS_BLK_SIZE 4096
98
99struct flash_block {
100 char *data;
101 unsigned long length;
102};
103
104/* This struct is very similar but not identical to
105 * that needed by the rtas flash update.
106 * All we need to do for rtas is rewrite num_blocks
107 * into a version/length and translate the pointers
108 * to absolute.
109 */
110#define FLASH_BLOCKS_PER_NODE ((RTAS_BLKLIST_LENGTH - 16) / sizeof(struct flash_block))
111struct flash_block_list {
112 unsigned long num_blocks;
113 struct flash_block_list *next;
114 struct flash_block blocks[FLASH_BLOCKS_PER_NODE];
115};
116
117static struct flash_block_list *rtas_firmware_flash_list;
118
119/* Use slab cache to guarantee 4k alignment */
120static struct kmem_cache *flash_block_cache = NULL;
121
122#define FLASH_BLOCK_LIST_VERSION (1UL)
123
124/*
125 * Local copy of the flash block list.
126 *
127 * The rtas_firmware_flash_list varable will be
128 * set once the data is fully read.
129 *
130 * For convenience as we build the list we use virtual addrs,
131 * we do not fill in the version number, and the length field
132 * is treated as the number of entries currently in the block
133 * (i.e. not a byte count). This is all fixed when calling
134 * the flash routine.
135 */
136
137/* Status int must be first member of struct */
138struct rtas_update_flash_t
139{
140 int status; /* Flash update status */
141 struct flash_block_list *flist; /* Local copy of flash block list */
142};
143
144/* Status int must be first member of struct */
145struct rtas_manage_flash_t
146{
147 int status; /* Returned status */
148};
149
150/* Status int must be first member of struct */
151struct rtas_validate_flash_t
152{
153 int status; /* Returned status */
154 char *buf; /* Candidate image buffer */
155 unsigned int buf_size; /* Size of image buf */
156 unsigned int update_results; /* Update results token */
157};
158
159static struct rtas_update_flash_t rtas_update_flash_data;
160static struct rtas_manage_flash_t rtas_manage_flash_data;
161static struct rtas_validate_flash_t rtas_validate_flash_data;
162static DEFINE_MUTEX(rtas_update_flash_mutex);
163static DEFINE_MUTEX(rtas_manage_flash_mutex);
164static DEFINE_MUTEX(rtas_validate_flash_mutex);
165
166/* Do simple sanity checks on the flash image. */
167static int flash_list_valid(struct flash_block_list *flist)
168{
169 struct flash_block_list *f;
170 int i;
171 unsigned long block_size, image_size;
172
173 /* Paranoid self test here. We also collect the image size. */
174 image_size = 0;
175 for (f = flist; f; f = f->next) {
176 for (i = 0; i < f->num_blocks; i++) {
177 if (f->blocks[i].data == NULL) {
178 return FLASH_IMG_NULL_DATA;
179 }
180 block_size = f->blocks[i].length;
181 if (block_size <= 0 || block_size > RTAS_BLK_SIZE) {
182 return FLASH_IMG_BAD_LEN;
183 }
184 image_size += block_size;
185 }
186 }
187
188 if (image_size < (256 << 10)) {
189 if (image_size < 2)
190 return FLASH_NO_OP;
191 }
192
193 printk(KERN_INFO "FLASH: flash image with %ld bytes stored for hardware flash on reboot\n", image_size);
194
195 return FLASH_IMG_READY;
196}
197
198static void free_flash_list(struct flash_block_list *f)
199{
200 struct flash_block_list *next;
201 int i;
202
203 while (f) {
204 for (i = 0; i < f->num_blocks; i++)
205 kmem_cache_free(flash_block_cache, f->blocks[i].data);
206 next = f->next;
207 kmem_cache_free(flash_block_cache, f);
208 f = next;
209 }
210}
211
212static int rtas_flash_release(struct inode *inode, struct file *file)
213{
214 struct rtas_update_flash_t *const uf = &rtas_update_flash_data;
215
216 mutex_lock(&rtas_update_flash_mutex);
217
218 if (uf->flist) {
219 /* File was opened in write mode for a new flash attempt */
220 /* Clear saved list */
221 if (rtas_firmware_flash_list) {
222 free_flash_list(rtas_firmware_flash_list);
223 rtas_firmware_flash_list = NULL;
224 }
225
226 if (uf->status != FLASH_AUTH)
227 uf->status = flash_list_valid(uf->flist);
228
229 if (uf->status == FLASH_IMG_READY)
230 rtas_firmware_flash_list = uf->flist;
231 else
232 free_flash_list(uf->flist);
233
234 uf->flist = NULL;
235 }
236
237 mutex_unlock(&rtas_update_flash_mutex);
238 return 0;
239}
240
241static size_t get_flash_status_msg(int status, char *buf)
242{
243 const char *msg;
244 size_t len;
245
246 switch (status) {
247 case FLASH_AUTH:
248 msg = "error: this partition does not have service authority\n";
249 break;
250 case FLASH_NO_OP:
251 msg = "info: no firmware image for flash\n";
252 break;
253 case FLASH_IMG_SHORT:
254 msg = "error: flash image short\n";
255 break;
256 case FLASH_IMG_BAD_LEN:
257 msg = "error: internal error bad length\n";
258 break;
259 case FLASH_IMG_NULL_DATA:
260 msg = "error: internal error null data\n";
261 break;
262 case FLASH_IMG_READY:
263 msg = "ready: firmware image ready for flash on reboot\n";
264 break;
265 default:
266 return sprintf(buf, "error: unexpected status value %d\n",
267 status);
268 }
269
270 len = strlen(msg);
271 memcpy(buf, msg, len + 1);
272 return len;
273}
274
275/* Reading the proc file will show status (not the firmware contents) */
276static ssize_t rtas_flash_read_msg(struct file *file, char __user *buf,
277 size_t count, loff_t *ppos)
278{
279 struct rtas_update_flash_t *const uf = &rtas_update_flash_data;
280 char msg[RTAS_MSG_MAXLEN];
281 size_t len;
282 int status;
283
284 mutex_lock(&rtas_update_flash_mutex);
285 status = uf->status;
286 mutex_unlock(&rtas_update_flash_mutex);
287
288 /* Read as text message */
289 len = get_flash_status_msg(status, msg);
290 return simple_read_from_buffer(buf, count, ppos, msg, len);
291}
292
293static ssize_t rtas_flash_read_num(struct file *file, char __user *buf,
294 size_t count, loff_t *ppos)
295{
296 struct rtas_update_flash_t *const uf = &rtas_update_flash_data;
297 char msg[RTAS_MSG_MAXLEN];
298 int status;
299
300 mutex_lock(&rtas_update_flash_mutex);
301 status = uf->status;
302 mutex_unlock(&rtas_update_flash_mutex);
303
304 /* Read as number */
305 sprintf(msg, "%d\n", status);
306 return simple_read_from_buffer(buf, count, ppos, msg, strlen(msg));
307}
308
309/* We could be much more efficient here. But to keep this function
310 * simple we allocate a page to the block list no matter how small the
311 * count is. If the system is low on memory it will be just as well
312 * that we fail....
313 */
314static ssize_t rtas_flash_write(struct file *file, const char __user *buffer,
315 size_t count, loff_t *off)
316{
317 struct rtas_update_flash_t *const uf = &rtas_update_flash_data;
318 char *p;
319 int next_free, rc;
320 struct flash_block_list *fl;
321
322 mutex_lock(&rtas_update_flash_mutex);
323
324 if (uf->status == FLASH_AUTH || count == 0)
325 goto out; /* discard data */
326
327 /* In the case that the image is not ready for flashing, the memory
328 * allocated for the block list will be freed upon the release of the
329 * proc file
330 */
331 if (uf->flist == NULL) {
332 uf->flist = kmem_cache_zalloc(flash_block_cache, GFP_KERNEL);
333 if (!uf->flist)
334 goto nomem;
335 }
336
337 fl = uf->flist;
338 while (fl->next)
339 fl = fl->next; /* seek to last block_list for append */
340 next_free = fl->num_blocks;
341 if (next_free == FLASH_BLOCKS_PER_NODE) {
342 /* Need to allocate another block_list */
343 fl->next = kmem_cache_zalloc(flash_block_cache, GFP_KERNEL);
344 if (!fl->next)
345 goto nomem;
346 fl = fl->next;
347 next_free = 0;
348 }
349
350 if (count > RTAS_BLK_SIZE)
351 count = RTAS_BLK_SIZE;
352 p = kmem_cache_zalloc(flash_block_cache, GFP_KERNEL);
353 if (!p)
354 goto nomem;
355
356 if(copy_from_user(p, buffer, count)) {
357 kmem_cache_free(flash_block_cache, p);
358 rc = -EFAULT;
359 goto error;
360 }
361 fl->blocks[next_free].data = p;
362 fl->blocks[next_free].length = count;
363 fl->num_blocks++;
364out:
365 mutex_unlock(&rtas_update_flash_mutex);
366 return count;
367
368nomem:
369 rc = -ENOMEM;
370error:
371 mutex_unlock(&rtas_update_flash_mutex);
372 return rc;
373}
374
375/*
376 * Flash management routines.
377 */
378static void manage_flash(struct rtas_manage_flash_t *args_buf, unsigned int op)
379{
380 s32 rc;
381
382 do {
383 rc = rtas_call(rtas_token("ibm,manage-flash-image"), 1, 1,
384 NULL, op);
385 } while (rtas_busy_delay(rc));
386
387 args_buf->status = rc;
388}
389
390static ssize_t manage_flash_read(struct file *file, char __user *buf,
391 size_t count, loff_t *ppos)
392{
393 struct rtas_manage_flash_t *const args_buf = &rtas_manage_flash_data;
394 char msg[RTAS_MSG_MAXLEN];
395 int msglen, status;
396
397 mutex_lock(&rtas_manage_flash_mutex);
398 status = args_buf->status;
399 mutex_unlock(&rtas_manage_flash_mutex);
400
401 msglen = sprintf(msg, "%d\n", status);
402 return simple_read_from_buffer(buf, count, ppos, msg, msglen);
403}
404
405static ssize_t manage_flash_write(struct file *file, const char __user *buf,
406 size_t count, loff_t *off)
407{
408 struct rtas_manage_flash_t *const args_buf = &rtas_manage_flash_data;
409 static const char reject_str[] = "0";
410 static const char commit_str[] = "1";
411 char stkbuf[10];
412 int op, rc;
413
414 mutex_lock(&rtas_manage_flash_mutex);
415
416 if ((args_buf->status == MANAGE_AUTH) || (count == 0))
417 goto out;
418
419 op = -1;
420 if (buf) {
421 if (count > 9) count = 9;
422 rc = -EFAULT;
423 if (copy_from_user (stkbuf, buf, count))
424 goto error;
425 if (strncmp(stkbuf, reject_str, strlen(reject_str)) == 0)
426 op = RTAS_REJECT_TMP_IMG;
427 else if (strncmp(stkbuf, commit_str, strlen(commit_str)) == 0)
428 op = RTAS_COMMIT_TMP_IMG;
429 }
430
431 if (op == -1) { /* buf is empty, or contains invalid string */
432 rc = -EINVAL;
433 goto error;
434 }
435
436 manage_flash(args_buf, op);
437out:
438 mutex_unlock(&rtas_manage_flash_mutex);
439 return count;
440
441error:
442 mutex_unlock(&rtas_manage_flash_mutex);
443 return rc;
444}
445
446/*
447 * Validation routines.
448 */
449static void validate_flash(struct rtas_validate_flash_t *args_buf)
450{
451 int token = rtas_token("ibm,validate-flash-image");
452 int update_results;
453 s32 rc;
454
455 rc = 0;
456 do {
457 spin_lock(&rtas_data_buf_lock);
458 memcpy(rtas_data_buf, args_buf->buf, VALIDATE_BUF_SIZE);
459 rc = rtas_call(token, 2, 2, &update_results,
460 (u32) __pa(rtas_data_buf), args_buf->buf_size);
461 memcpy(args_buf->buf, rtas_data_buf, VALIDATE_BUF_SIZE);
462 spin_unlock(&rtas_data_buf_lock);
463 } while (rtas_busy_delay(rc));
464
465 args_buf->status = rc;
466 args_buf->update_results = update_results;
467}
468
469static int get_validate_flash_msg(struct rtas_validate_flash_t *args_buf,
470 char *msg, int msglen)
471{
472 int n;
473
474 if (args_buf->status >= VALIDATE_TMP_UPDATE) {
475 n = sprintf(msg, "%d\n", args_buf->update_results);
476 if ((args_buf->update_results >= VALIDATE_CUR_UNKNOWN) ||
477 (args_buf->update_results == VALIDATE_TMP_UPDATE))
478 n += snprintf(msg + n, msglen - n, "%s\n",
479 args_buf->buf);
480 } else {
481 n = sprintf(msg, "%d\n", args_buf->status);
482 }
483 return n;
484}
485
486static ssize_t validate_flash_read(struct file *file, char __user *buf,
487 size_t count, loff_t *ppos)
488{
489 struct rtas_validate_flash_t *const args_buf =
490 &rtas_validate_flash_data;
491 char msg[VALIDATE_MSG_LEN];
492 int msglen;
493
494 mutex_lock(&rtas_validate_flash_mutex);
495 msglen = get_validate_flash_msg(args_buf, msg, VALIDATE_MSG_LEN);
496 mutex_unlock(&rtas_validate_flash_mutex);
497
498 return simple_read_from_buffer(buf, count, ppos, msg, msglen);
499}
500
501static ssize_t validate_flash_write(struct file *file, const char __user *buf,
502 size_t count, loff_t *off)
503{
504 struct rtas_validate_flash_t *const args_buf =
505 &rtas_validate_flash_data;
506 int rc;
507
508 mutex_lock(&rtas_validate_flash_mutex);
509
510 /* We are only interested in the first 4K of the
511 * candidate image */
512 if ((*off >= VALIDATE_BUF_SIZE) ||
513 (args_buf->status == VALIDATE_AUTH)) {
514 *off += count;
515 mutex_unlock(&rtas_validate_flash_mutex);
516 return count;
517 }
518
519 if (*off + count >= VALIDATE_BUF_SIZE) {
520 count = VALIDATE_BUF_SIZE - *off;
521 args_buf->status = VALIDATE_READY;
522 } else {
523 args_buf->status = VALIDATE_INCOMPLETE;
524 }
525
526 if (!access_ok(VERIFY_READ, buf, count)) {
527 rc = -EFAULT;
528 goto done;
529 }
530 if (copy_from_user(args_buf->buf + *off, buf, count)) {
531 rc = -EFAULT;
532 goto done;
533 }
534
535 *off += count;
536 rc = count;
537done:
538 mutex_unlock(&rtas_validate_flash_mutex);
539 return rc;
540}
541
542static int validate_flash_release(struct inode *inode, struct file *file)
543{
544 struct rtas_validate_flash_t *const args_buf =
545 &rtas_validate_flash_data;
546
547 mutex_lock(&rtas_validate_flash_mutex);
548
549 if (args_buf->status == VALIDATE_READY) {
550 args_buf->buf_size = VALIDATE_BUF_SIZE;
551 validate_flash(args_buf);
552 }
553
554 mutex_unlock(&rtas_validate_flash_mutex);
555 return 0;
556}
557
558/*
559 * On-reboot flash update applicator.
560 */
561static void rtas_flash_firmware(int reboot_type)
562{
563 unsigned long image_size;
564 struct flash_block_list *f, *next, *flist;
565 unsigned long rtas_block_list;
566 int i, status, update_token;
567
568 if (rtas_firmware_flash_list == NULL)
569 return; /* nothing to do */
570
571 if (reboot_type != SYS_RESTART) {
572 printk(KERN_ALERT "FLASH: firmware flash requires a reboot\n");
573 printk(KERN_ALERT "FLASH: the firmware image will NOT be flashed\n");
574 return;
575 }
576
577 update_token = rtas_token("ibm,update-flash-64-and-reboot");
578 if (update_token == RTAS_UNKNOWN_SERVICE) {
579 printk(KERN_ALERT "FLASH: ibm,update-flash-64-and-reboot "
580 "is not available -- not a service partition?\n");
581 printk(KERN_ALERT "FLASH: firmware will not be flashed\n");
582 return;
583 }
584
585 /*
586 * Just before starting the firmware flash, cancel the event scan work
587 * to avoid any soft lockup issues.
588 */
589 rtas_cancel_event_scan();
590
591 /*
592 * NOTE: the "first" block must be under 4GB, so we create
593 * an entry with no data blocks in the reserved buffer in
594 * the kernel data segment.
595 */
596 spin_lock(&rtas_data_buf_lock);
597 flist = (struct flash_block_list *)&rtas_data_buf[0];
598 flist->num_blocks = 0;
599 flist->next = rtas_firmware_flash_list;
600 rtas_block_list = __pa(flist);
601 if (rtas_block_list >= 4UL*1024*1024*1024) {
602 printk(KERN_ALERT "FLASH: kernel bug...flash list header addr above 4GB\n");
603 spin_unlock(&rtas_data_buf_lock);
604 return;
605 }
606
607 printk(KERN_ALERT "FLASH: preparing saved firmware image for flash\n");
608 /* Update the block_list in place. */
609 rtas_firmware_flash_list = NULL; /* too hard to backout on error */
610 image_size = 0;
611 for (f = flist; f; f = next) {
612 /* Translate data addrs to absolute */
613 for (i = 0; i < f->num_blocks; i++) {
614 f->blocks[i].data = (char *)cpu_to_be64(__pa(f->blocks[i].data));
615 image_size += f->blocks[i].length;
616 f->blocks[i].length = cpu_to_be64(f->blocks[i].length);
617 }
618 next = f->next;
619 /* Don't translate NULL pointer for last entry */
620 if (f->next)
621 f->next = (struct flash_block_list *)cpu_to_be64(__pa(f->next));
622 else
623 f->next = NULL;
624 /* make num_blocks into the version/length field */
625 f->num_blocks = (FLASH_BLOCK_LIST_VERSION << 56) | ((f->num_blocks+1)*16);
626 f->num_blocks = cpu_to_be64(f->num_blocks);
627 }
628
629 printk(KERN_ALERT "FLASH: flash image is %ld bytes\n", image_size);
630 printk(KERN_ALERT "FLASH: performing flash and reboot\n");
631 rtas_progress("Flashing \n", 0x0);
632 rtas_progress("Please Wait... ", 0x0);
633 printk(KERN_ALERT "FLASH: this will take several minutes. Do not power off!\n");
634 status = rtas_call(update_token, 1, 1, NULL, rtas_block_list);
635 switch (status) { /* should only get "bad" status */
636 case 0:
637 printk(KERN_ALERT "FLASH: success\n");
638 break;
639 case -1:
640 printk(KERN_ALERT "FLASH: hardware error. Firmware may not be not flashed\n");
641 break;
642 case -3:
643 printk(KERN_ALERT "FLASH: image is corrupt or not correct for this platform. Firmware not flashed\n");
644 break;
645 case -4:
646 printk(KERN_ALERT "FLASH: flash failed when partially complete. System may not reboot\n");
647 break;
648 default:
649 printk(KERN_ALERT "FLASH: unknown flash return code %d\n", status);
650 break;
651 }
652 spin_unlock(&rtas_data_buf_lock);
653}
654
655/*
656 * Manifest of proc files to create
657 */
658struct rtas_flash_file {
659 const char *filename;
660 const char *rtas_call_name;
661 int *status;
662 const struct file_operations fops;
663};
664
665static const struct rtas_flash_file rtas_flash_files[] = {
666 {
667 .filename = "powerpc/rtas/" FIRMWARE_FLASH_NAME,
668 .rtas_call_name = "ibm,update-flash-64-and-reboot",
669 .status = &rtas_update_flash_data.status,
670 .fops.read = rtas_flash_read_msg,
671 .fops.write = rtas_flash_write,
672 .fops.release = rtas_flash_release,
673 .fops.llseek = default_llseek,
674 },
675 {
676 .filename = "powerpc/rtas/" FIRMWARE_UPDATE_NAME,
677 .rtas_call_name = "ibm,update-flash-64-and-reboot",
678 .status = &rtas_update_flash_data.status,
679 .fops.read = rtas_flash_read_num,
680 .fops.write = rtas_flash_write,
681 .fops.release = rtas_flash_release,
682 .fops.llseek = default_llseek,
683 },
684 {
685 .filename = "powerpc/rtas/" VALIDATE_FLASH_NAME,
686 .rtas_call_name = "ibm,validate-flash-image",
687 .status = &rtas_validate_flash_data.status,
688 .fops.read = validate_flash_read,
689 .fops.write = validate_flash_write,
690 .fops.release = validate_flash_release,
691 .fops.llseek = default_llseek,
692 },
693 {
694 .filename = "powerpc/rtas/" MANAGE_FLASH_NAME,
695 .rtas_call_name = "ibm,manage-flash-image",
696 .status = &rtas_manage_flash_data.status,
697 .fops.read = manage_flash_read,
698 .fops.write = manage_flash_write,
699 .fops.llseek = default_llseek,
700 }
701};
702
703static int __init rtas_flash_init(void)
704{
705 int i;
706
707 if (rtas_token("ibm,update-flash-64-and-reboot") ==
708 RTAS_UNKNOWN_SERVICE) {
709 pr_info("rtas_flash: no firmware flash support\n");
710 return -EINVAL;
711 }
712
713 rtas_validate_flash_data.buf = kzalloc(VALIDATE_BUF_SIZE, GFP_KERNEL);
714 if (!rtas_validate_flash_data.buf)
715 return -ENOMEM;
716
717 flash_block_cache = kmem_cache_create("rtas_flash_cache",
718 RTAS_BLK_SIZE, RTAS_BLK_SIZE, 0,
719 NULL);
720 if (!flash_block_cache) {
721 printk(KERN_ERR "%s: failed to create block cache\n",
722 __func__);
723 goto enomem_buf;
724 }
725
726 for (i = 0; i < ARRAY_SIZE(rtas_flash_files); i++) {
727 const struct rtas_flash_file *f = &rtas_flash_files[i];
728 int token;
729
730 if (!proc_create(f->filename, 0600, NULL, &f->fops))
731 goto enomem;
732
733 /*
734 * This code assumes that the status int is the first member of the
735 * struct
736 */
737 token = rtas_token(f->rtas_call_name);
738 if (token == RTAS_UNKNOWN_SERVICE)
739 *f->status = FLASH_AUTH;
740 else
741 *f->status = FLASH_NO_OP;
742 }
743
744 rtas_flash_term_hook = rtas_flash_firmware;
745 return 0;
746
747enomem:
748 while (--i >= 0) {
749 const struct rtas_flash_file *f = &rtas_flash_files[i];
750 remove_proc_entry(f->filename, NULL);
751 }
752
753 kmem_cache_destroy(flash_block_cache);
754enomem_buf:
755 kfree(rtas_validate_flash_data.buf);
756 return -ENOMEM;
757}
758
759static void __exit rtas_flash_cleanup(void)
760{
761 int i;
762
763 rtas_flash_term_hook = NULL;
764
765 if (rtas_firmware_flash_list) {
766 free_flash_list(rtas_firmware_flash_list);
767 rtas_firmware_flash_list = NULL;
768 }
769
770 for (i = 0; i < ARRAY_SIZE(rtas_flash_files); i++) {
771 const struct rtas_flash_file *f = &rtas_flash_files[i];
772 remove_proc_entry(f->filename, NULL);
773 }
774
775 kmem_cache_destroy(flash_block_cache);
776 kfree(rtas_validate_flash_data.buf);
777}
778
779module_init(rtas_flash_init);
780module_exit(rtas_flash_cleanup);
781MODULE_LICENSE("GPL");