-
Notifications
You must be signed in to change notification settings - Fork 32
/
Copy pathbootrom.c
524 lines (427 loc) · 13.3 KB
/
bootrom.c
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
/*
* BOOTROM Greybus driver.
*
* Copyright 2016 Google Inc.
* Copyright 2016 Linaro Ltd.
*
* Released under the GPLv2 only.
*/
#include <linux/firmware.h>
#include <linux/jiffies.h>
#include <linux/mutex.h>
#include <linux/workqueue.h>
#include "greybus.h"
#include "firmware.h"
/* Timeout, in jiffies, within which the next request must be received */
#define NEXT_REQ_TIMEOUT_MS 1000
/*
* FIXME: Reduce this timeout once svc core handles parallel processing of
* events from the SVC, which are handled sequentially today.
*/
#define MODE_SWITCH_TIMEOUT_MS 10000
enum next_request_type {
NEXT_REQ_FIRMWARE_SIZE,
NEXT_REQ_GET_FIRMWARE,
NEXT_REQ_READY_TO_BOOT,
NEXT_REQ_MODE_SWITCH,
};
struct gb_bootrom {
struct gb_connection *connection;
const struct firmware *fw;
u8 protocol_major;
u8 protocol_minor;
enum next_request_type next_request;
struct delayed_work dwork;
struct mutex mutex; /* Protects bootrom->fw */
};
static void free_firmware(struct gb_bootrom *bootrom)
{
if (!bootrom->fw)
return;
release_firmware(bootrom->fw);
bootrom->fw = NULL;
}
static void gb_bootrom_timedout(struct work_struct *work)
{
struct delayed_work *dwork = to_delayed_work(work);
struct gb_bootrom *bootrom = container_of(dwork, struct gb_bootrom, dwork);
struct device *dev = &bootrom->connection->bundle->dev;
const char *reason;
switch (bootrom->next_request) {
case NEXT_REQ_FIRMWARE_SIZE:
reason = "Firmware Size Request";
break;
case NEXT_REQ_GET_FIRMWARE:
reason = "Get Firmware Request";
break;
case NEXT_REQ_READY_TO_BOOT:
reason = "Ready to Boot Request";
break;
case NEXT_REQ_MODE_SWITCH:
reason = "Interface Mode Switch";
break;
default:
reason = NULL;
dev_err(dev, "Invalid next-request: %u", bootrom->next_request);
break;
}
dev_err(dev, "Timed out waiting for %s from the Module\n", reason);
mutex_lock(&bootrom->mutex);
free_firmware(bootrom);
mutex_unlock(&bootrom->mutex);
/* TODO: Power-off Module ? */
}
static void gb_bootrom_set_timeout(struct gb_bootrom *bootrom,
enum next_request_type next, unsigned long timeout)
{
bootrom->next_request = next;
schedule_delayed_work(&bootrom->dwork, msecs_to_jiffies(timeout));
}
static void gb_bootrom_cancel_timeout(struct gb_bootrom *bootrom)
{
cancel_delayed_work_sync(&bootrom->dwork);
}
/*
* The es2 chip doesn't have VID/PID programmed into the hardware and we need to
* hack that up to distinguish different modules and their firmware blobs.
*
* This fetches VID/PID (over bootrom protocol) for es2 chip only, when VID/PID
* already sent during hotplug are 0.
*
* Otherwise, we keep intf->vendor_id/product_id same as what's passed
* during hotplug.
*/
static void bootrom_es2_fixup_vid_pid(struct gb_bootrom *bootrom)
{
struct gb_bootrom_get_vid_pid_response response;
struct gb_connection *connection = bootrom->connection;
struct gb_interface *intf = connection->bundle->intf;
int ret;
if (!(intf->quirks & GB_INTERFACE_QUIRK_NO_GMP_IDS))
return;
ret = gb_operation_sync(connection, GB_BOOTROM_TYPE_GET_VID_PID,
NULL, 0, &response, sizeof(response));
if (ret) {
dev_err(&connection->bundle->dev,
"Bootrom get vid/pid operation failed (%d)\n", ret);
return;
}
/*
* NOTE: This is hacked, so that the same values of VID/PID can be used
* by next firmware level as well. The uevent for bootrom will still
* have VID/PID as 0, though after this point the sysfs files will start
* showing the updated values. But yeah, that's a bit racy as the same
* sysfs files would be showing 0 before this point.
*/
intf->vendor_id = le32_to_cpu(response.vendor_id);
intf->product_id = le32_to_cpu(response.product_id);
dev_dbg(&connection->bundle->dev, "Bootrom got vid (0x%x)/pid (0x%x)\n",
intf->vendor_id, intf->product_id);
}
/* This returns path of the firmware blob on the disk */
static int find_firmware(struct gb_bootrom *bootrom, u8 stage)
{
struct gb_connection *connection = bootrom->connection;
struct gb_interface *intf = connection->bundle->intf;
char firmware_name[49];
int rc;
/* Already have a firmware, free it */
free_firmware(bootrom);
/* Bootrom protocol is only supported for loading Stage 2 firmware */
if (stage != 2) {
dev_err(&connection->bundle->dev, "Invalid boot stage: %u\n",
stage);
return -EINVAL;
}
/*
* Create firmware name
*
* XXX Name it properly..
*/
snprintf(firmware_name, sizeof(firmware_name),
FW_NAME_PREFIX "%08x_%08x_%08x_%08x_s2l.tftf",
intf->ddbl1_manufacturer_id, intf->ddbl1_product_id,
intf->vendor_id, intf->product_id);
// FIXME:
// Turn to dev_dbg later after everyone has valid bootloaders with good
// ids, but leave this as dev_info for now to make it easier to track
// down "empty" vid/pid modules.
dev_info(&connection->bundle->dev, "Firmware file '%s' requested\n",
firmware_name);
rc = request_firmware(&bootrom->fw, firmware_name,
&connection->bundle->dev);
if (rc) {
dev_err(&connection->bundle->dev,
"failed to find %s firmware (%d)\n", firmware_name, rc);
}
return rc;
}
static int gb_bootrom_firmware_size_request(struct gb_operation *op)
{
struct gb_bootrom *bootrom = gb_connection_get_data(op->connection);
struct gb_bootrom_firmware_size_request *size_request = op->request->payload;
struct gb_bootrom_firmware_size_response *size_response;
struct device *dev = &op->connection->bundle->dev;
int ret;
/* Disable timeouts */
gb_bootrom_cancel_timeout(bootrom);
if (op->request->payload_size != sizeof(*size_request)) {
dev_err(dev, "%s: illegal size of firmware size request (%zu != %zu)\n",
__func__, op->request->payload_size,
sizeof(*size_request));
ret = -EINVAL;
goto queue_work;
}
mutex_lock(&bootrom->mutex);
ret = find_firmware(bootrom, size_request->stage);
if (ret)
goto unlock;
if (!gb_operation_response_alloc(op, sizeof(*size_response),
GFP_KERNEL)) {
dev_err(dev, "%s: error allocating response\n", __func__);
free_firmware(bootrom);
ret = -ENOMEM;
goto unlock;
}
size_response = op->response->payload;
size_response->size = cpu_to_le32(bootrom->fw->size);
dev_dbg(dev, "%s: firmware size %d bytes\n", __func__, size_response->size);
unlock:
mutex_unlock(&bootrom->mutex);
queue_work:
if (!ret) {
/* Refresh timeout */
gb_bootrom_set_timeout(bootrom, NEXT_REQ_GET_FIRMWARE,
NEXT_REQ_TIMEOUT_MS);
}
return ret;
}
static int gb_bootrom_get_firmware(struct gb_operation *op)
{
struct gb_bootrom *bootrom = gb_connection_get_data(op->connection);
const struct firmware *fw;
struct gb_bootrom_get_firmware_request *firmware_request;
struct gb_bootrom_get_firmware_response *firmware_response;
struct device *dev = &op->connection->bundle->dev;
unsigned int offset, size;
enum next_request_type next_request;
int ret = 0;
/* Disable timeouts */
gb_bootrom_cancel_timeout(bootrom);
if (op->request->payload_size != sizeof(*firmware_request)) {
dev_err(dev, "%s: Illegal size of get firmware request (%zu %zu)\n",
__func__, op->request->payload_size,
sizeof(*firmware_request));
ret = -EINVAL;
goto queue_work;
}
mutex_lock(&bootrom->mutex);
fw = bootrom->fw;
if (!fw) {
dev_err(dev, "%s: firmware not available\n", __func__);
ret = -EINVAL;
goto unlock;
}
firmware_request = op->request->payload;
offset = le32_to_cpu(firmware_request->offset);
size = le32_to_cpu(firmware_request->size);
if (offset >= fw->size || size > fw->size - offset) {
dev_warn(dev, "bad firmware request (offs = %u, size = %u)\n",
offset, size);
ret = -EINVAL;
goto unlock;
}
if (!gb_operation_response_alloc(op, sizeof(*firmware_response) + size,
GFP_KERNEL)) {
dev_err(dev, "%s: error allocating response\n", __func__);
ret = -ENOMEM;
goto unlock;
}
firmware_response = op->response->payload;
memcpy(firmware_response->data, fw->data + offset, size);
dev_dbg(dev, "responding with firmware (offs = %u, size = %u)\n", offset,
size);
unlock:
mutex_unlock(&bootrom->mutex);
queue_work:
/* Refresh timeout */
if (!ret && (offset + size == fw->size))
next_request = NEXT_REQ_READY_TO_BOOT;
else
next_request = NEXT_REQ_GET_FIRMWARE;
gb_bootrom_set_timeout(bootrom, next_request, NEXT_REQ_TIMEOUT_MS);
return ret;
}
static int gb_bootrom_ready_to_boot(struct gb_operation *op)
{
struct gb_connection *connection = op->connection;
struct gb_bootrom *bootrom = gb_connection_get_data(connection);
struct gb_bootrom_ready_to_boot_request *rtb_request;
struct device *dev = &connection->bundle->dev;
u8 status;
int ret = 0;
/* Disable timeouts */
gb_bootrom_cancel_timeout(bootrom);
if (op->request->payload_size != sizeof(*rtb_request)) {
dev_err(dev, "%s: Illegal size of ready to boot request (%zu %zu)\n",
__func__, op->request->payload_size,
sizeof(*rtb_request));
ret = -EINVAL;
goto queue_work;
}
rtb_request = op->request->payload;
status = rtb_request->status;
/* Return error if the blob was invalid */
if (status == GB_BOOTROM_BOOT_STATUS_INVALID) {
ret = -EINVAL;
goto queue_work;
}
/*
* XXX Should we return error for insecure firmware?
*/
dev_dbg(dev, "ready to boot: 0x%x, 0\n", status);
queue_work:
/*
* Refresh timeout, the Interface shall load the new personality and
* send a new hotplug request, which shall get rid of the bootrom
* connection. As that can take some time, increase the timeout a bit.
*/
gb_bootrom_set_timeout(bootrom, NEXT_REQ_MODE_SWITCH,
MODE_SWITCH_TIMEOUT_MS);
return ret;
}
static int gb_bootrom_request_handler(struct gb_operation *op)
{
u8 type = op->type;
switch (type) {
case GB_BOOTROM_TYPE_FIRMWARE_SIZE:
return gb_bootrom_firmware_size_request(op);
case GB_BOOTROM_TYPE_GET_FIRMWARE:
return gb_bootrom_get_firmware(op);
case GB_BOOTROM_TYPE_READY_TO_BOOT:
return gb_bootrom_ready_to_boot(op);
default:
dev_err(&op->connection->bundle->dev,
"unsupported request: %u\n", type);
return -EINVAL;
}
}
static int gb_bootrom_get_version(struct gb_bootrom *bootrom)
{
struct gb_bundle *bundle = bootrom->connection->bundle;
struct gb_bootrom_version_request request;
struct gb_bootrom_version_response response;
int ret;
request.major = GB_BOOTROM_VERSION_MAJOR;
request.minor = GB_BOOTROM_VERSION_MINOR;
ret = gb_operation_sync(bootrom->connection,
GB_BOOTROM_TYPE_VERSION,
&request, sizeof(request), &response,
sizeof(response));
if (ret) {
dev_err(&bundle->dev,
"failed to get protocol version: %d\n",
ret);
return ret;
}
if (response.major > request.major) {
dev_err(&bundle->dev,
"unsupported major protocol version (%u > %u)\n",
response.major, request.major);
return -ENOTSUPP;
}
bootrom->protocol_major = response.major;
bootrom->protocol_minor = response.minor;
dev_dbg(&bundle->dev, "%s - %u.%u\n", __func__, response.major,
response.minor);
return 0;
}
static int gb_bootrom_probe(struct gb_bundle *bundle,
const struct greybus_bundle_id *id)
{
struct greybus_descriptor_cport *cport_desc;
struct gb_connection *connection;
struct gb_bootrom *bootrom;
int ret;
if (bundle->num_cports != 1)
return -ENODEV;
cport_desc = &bundle->cport_desc[0];
if (cport_desc->protocol_id != GREYBUS_PROTOCOL_BOOTROM)
return -ENODEV;
bootrom = kzalloc(sizeof(*bootrom), GFP_KERNEL);
if (!bootrom)
return -ENOMEM;
connection = gb_connection_create(bundle,
le16_to_cpu(cport_desc->id),
gb_bootrom_request_handler);
if (IS_ERR(connection)) {
ret = PTR_ERR(connection);
goto err_free_bootrom;
}
gb_connection_set_data(connection, bootrom);
bootrom->connection = connection;
mutex_init(&bootrom->mutex);
INIT_DELAYED_WORK(&bootrom->dwork, gb_bootrom_timedout);
greybus_set_drvdata(bundle, bootrom);
ret = gb_connection_enable_tx(connection);
if (ret)
goto err_connection_destroy;
ret = gb_bootrom_get_version(bootrom);
if (ret)
goto err_connection_disable;
bootrom_es2_fixup_vid_pid(bootrom);
ret = gb_connection_enable(connection);
if (ret)
goto err_connection_disable;
/* Refresh timeout */
gb_bootrom_set_timeout(bootrom, NEXT_REQ_FIRMWARE_SIZE,
NEXT_REQ_TIMEOUT_MS);
/* Tell bootrom we're ready. */
ret = gb_operation_sync(connection, GB_BOOTROM_TYPE_AP_READY, NULL, 0,
NULL, 0);
if (ret) {
dev_err(&connection->bundle->dev,
"failed to send AP READY: %d\n", ret);
goto err_cancel_timeout;
}
dev_dbg(&bundle->dev, "AP_READY sent\n");
return 0;
err_cancel_timeout:
gb_bootrom_cancel_timeout(bootrom);
err_connection_disable:
gb_connection_disable(connection);
err_connection_destroy:
gb_connection_destroy(connection);
err_free_bootrom:
kfree(bootrom);
return ret;
}
static void gb_bootrom_disconnect(struct gb_bundle *bundle)
{
struct gb_bootrom *bootrom = greybus_get_drvdata(bundle);
dev_dbg(&bundle->dev, "%s\n", __func__);
gb_connection_disable(bootrom->connection);
/* Disable timeouts */
gb_bootrom_cancel_timeout(bootrom);
/*
* Release firmware:
*
* As the connection and the delayed work are already disabled, we don't
* need to lock access to bootrom->fw here.
*/
free_firmware(bootrom);
gb_connection_destroy(bootrom->connection);
kfree(bootrom);
}
static const struct greybus_bundle_id gb_bootrom_id_table[] = {
{ GREYBUS_DEVICE_CLASS(GREYBUS_CLASS_BOOTROM) },
{ }
};
static struct greybus_driver gb_bootrom_driver = {
.name = "bootrom",
.probe = gb_bootrom_probe,
.disconnect = gb_bootrom_disconnect,
.id_table = gb_bootrom_id_table,
};
module_greybus_driver(gb_bootrom_driver);
MODULE_LICENSE("GPL v2");