1 // SPDX-License-Identifier: GPL-2.0
2 /*
3 * Greybus manifest parsing
4 *
5 * Copyright 2014-2015 Google Inc.
6 * Copyright 2014-2015 Linaro Ltd.
7 */
8
9 #include "greybus.h"
10
get_descriptor_type_string(u8 type)11 static const char *get_descriptor_type_string(u8 type)
12 {
13 switch (type) {
14 case GREYBUS_TYPE_INVALID:
15 return "invalid";
16 case GREYBUS_TYPE_STRING:
17 return "string";
18 case GREYBUS_TYPE_INTERFACE:
19 return "interface";
20 case GREYBUS_TYPE_CPORT:
21 return "cport";
22 case GREYBUS_TYPE_BUNDLE:
23 return "bundle";
24 default:
25 WARN_ON(1);
26 return "unknown";
27 }
28 }
29
30 /*
31 * We scan the manifest once to identify where all the descriptors
32 * are. The result is a list of these manifest_desc structures. We
33 * then pick through them for what we're looking for (starting with
34 * the interface descriptor). As each is processed we remove it from
35 * the list. When we're done the list should (probably) be empty.
36 */
37 struct manifest_desc {
38 struct list_head links;
39
40 size_t size;
41 void *data;
42 enum greybus_descriptor_type type;
43 };
44
release_manifest_descriptor(struct manifest_desc * descriptor)45 static void release_manifest_descriptor(struct manifest_desc *descriptor)
46 {
47 list_del(&descriptor->links);
48 kfree(descriptor);
49 }
50
release_manifest_descriptors(struct gb_interface * intf)51 static void release_manifest_descriptors(struct gb_interface *intf)
52 {
53 struct manifest_desc *descriptor;
54 struct manifest_desc *next;
55
56 list_for_each_entry_safe(descriptor, next, &intf->manifest_descs, links)
57 release_manifest_descriptor(descriptor);
58 }
59
release_cport_descriptors(struct list_head * head,u8 bundle_id)60 static void release_cport_descriptors(struct list_head *head, u8 bundle_id)
61 {
62 struct manifest_desc *desc, *tmp;
63 struct greybus_descriptor_cport *desc_cport;
64
65 list_for_each_entry_safe(desc, tmp, head, links) {
66 desc_cport = desc->data;
67
68 if (desc->type != GREYBUS_TYPE_CPORT)
69 continue;
70
71 if (desc_cport->bundle == bundle_id)
72 release_manifest_descriptor(desc);
73 }
74 }
75
get_next_bundle_desc(struct gb_interface * intf)76 static struct manifest_desc *get_next_bundle_desc(struct gb_interface *intf)
77 {
78 struct manifest_desc *descriptor;
79 struct manifest_desc *next;
80
81 list_for_each_entry_safe(descriptor, next, &intf->manifest_descs, links)
82 if (descriptor->type == GREYBUS_TYPE_BUNDLE)
83 return descriptor;
84
85 return NULL;
86 }
87
88 /*
89 * Validate the given descriptor. Its reported size must fit within
90 * the number of bytes remaining, and it must have a recognized
91 * type. Check that the reported size is at least as big as what
92 * we expect to see. (It could be bigger, perhaps for a new version
93 * of the format.)
94 *
95 * Returns the (non-zero) number of bytes consumed by the descriptor,
96 * or a negative errno.
97 */
identify_descriptor(struct gb_interface * intf,struct greybus_descriptor * desc,size_t size)98 static int identify_descriptor(struct gb_interface *intf,
99 struct greybus_descriptor *desc, size_t size)
100 {
101 struct greybus_descriptor_header *desc_header = &desc->header;
102 struct manifest_desc *descriptor;
103 size_t desc_size;
104 size_t expected_size;
105
106 if (size < sizeof(*desc_header)) {
107 dev_err(&intf->dev, "manifest too small (%zu < %zu)\n",
108 size, sizeof(*desc_header));
109 return -EINVAL; /* Must at least have header */
110 }
111
112 desc_size = le16_to_cpu(desc_header->size);
113 if (desc_size > size) {
114 dev_err(&intf->dev, "descriptor too big (%zu > %zu)\n",
115 desc_size, size);
116 return -EINVAL;
117 }
118
119 /* Descriptor needs to at least have a header */
120 expected_size = sizeof(*desc_header);
121
122 switch (desc_header->type) {
123 case GREYBUS_TYPE_STRING:
124 expected_size += sizeof(struct greybus_descriptor_string);
125 expected_size += desc->string.length;
126
127 /* String descriptors are padded to 4 byte boundaries */
128 expected_size = ALIGN(expected_size, 4);
129 break;
130 case GREYBUS_TYPE_INTERFACE:
131 expected_size += sizeof(struct greybus_descriptor_interface);
132 break;
133 case GREYBUS_TYPE_BUNDLE:
134 expected_size += sizeof(struct greybus_descriptor_bundle);
135 break;
136 case GREYBUS_TYPE_CPORT:
137 expected_size += sizeof(struct greybus_descriptor_cport);
138 break;
139 case GREYBUS_TYPE_INVALID:
140 default:
141 dev_err(&intf->dev, "invalid descriptor type (%u)\n",
142 desc_header->type);
143 return -EINVAL;
144 }
145
146 if (desc_size < expected_size) {
147 dev_err(&intf->dev, "%s descriptor too small (%zu < %zu)\n",
148 get_descriptor_type_string(desc_header->type),
149 desc_size, expected_size);
150 return -EINVAL;
151 }
152
153 /* Descriptor bigger than what we expect */
154 if (desc_size > expected_size) {
155 dev_warn(&intf->dev, "%s descriptor size mismatch (want %zu got %zu)\n",
156 get_descriptor_type_string(desc_header->type),
157 expected_size, desc_size);
158 }
159
160 descriptor = kzalloc(sizeof(*descriptor), GFP_KERNEL);
161 if (!descriptor)
162 return -ENOMEM;
163
164 descriptor->size = desc_size;
165 descriptor->data = (char *)desc + sizeof(*desc_header);
166 descriptor->type = desc_header->type;
167 list_add_tail(&descriptor->links, &intf->manifest_descs);
168
169 /* desc_size is positive and is known to fit in a signed int */
170
171 return desc_size;
172 }
173
174 /*
175 * Find the string descriptor having the given id, validate it, and
176 * allocate a duplicate copy of it. The duplicate has an extra byte
177 * which guarantees the returned string is NUL-terminated.
178 *
179 * String index 0 is valid (it represents "no string"), and for
180 * that a null pointer is returned.
181 *
182 * Otherwise returns a pointer to a newly-allocated copy of the
183 * descriptor string, or an error-coded pointer on failure.
184 */
gb_string_get(struct gb_interface * intf,u8 string_id)185 static char *gb_string_get(struct gb_interface *intf, u8 string_id)
186 {
187 struct greybus_descriptor_string *desc_string;
188 struct manifest_desc *descriptor;
189 bool found = false;
190 char *string;
191
192 /* A zero string id means no string (but no error) */
193 if (!string_id)
194 return NULL;
195
196 list_for_each_entry(descriptor, &intf->manifest_descs, links) {
197 if (descriptor->type != GREYBUS_TYPE_STRING)
198 continue;
199
200 desc_string = descriptor->data;
201 if (desc_string->id == string_id) {
202 found = true;
203 break;
204 }
205 }
206 if (!found)
207 return ERR_PTR(-ENOENT);
208
209 /* Allocate an extra byte so we can guarantee it's NUL-terminated */
210 string = kmemdup(&desc_string->string, desc_string->length + 1,
211 GFP_KERNEL);
212 if (!string)
213 return ERR_PTR(-ENOMEM);
214 string[desc_string->length] = '\0';
215
216 /* Ok we've used this string, so we're done with it */
217 release_manifest_descriptor(descriptor);
218
219 return string;
220 }
221
222 /*
223 * Find cport descriptors in the manifest associated with the given
224 * bundle, and set up data structures for the functions that use
225 * them. Returns the number of cports set up for the bundle, or 0
226 * if there is an error.
227 */
gb_manifest_parse_cports(struct gb_bundle * bundle)228 static u32 gb_manifest_parse_cports(struct gb_bundle *bundle)
229 {
230 struct gb_interface *intf = bundle->intf;
231 struct greybus_descriptor_cport *desc_cport;
232 struct manifest_desc *desc, *next, *tmp;
233 LIST_HEAD(list);
234 u8 bundle_id = bundle->id;
235 u16 cport_id;
236 u32 count = 0;
237 int i;
238
239 /* Set up all cport descriptors associated with this bundle */
240 list_for_each_entry_safe(desc, next, &intf->manifest_descs, links) {
241 if (desc->type != GREYBUS_TYPE_CPORT)
242 continue;
243
244 desc_cport = desc->data;
245 if (desc_cport->bundle != bundle_id)
246 continue;
247
248 cport_id = le16_to_cpu(desc_cport->id);
249 if (cport_id > CPORT_ID_MAX)
250 goto exit;
251
252 /* Nothing else should have its cport_id as control cport id */
253 if (cport_id == GB_CONTROL_CPORT_ID) {
254 dev_err(&bundle->dev, "invalid cport id found (%02u)\n",
255 cport_id);
256 goto exit;
257 }
258
259 /*
260 * Found one, move it to our temporary list after checking for
261 * duplicates.
262 */
263 list_for_each_entry(tmp, &list, links) {
264 desc_cport = tmp->data;
265 if (cport_id == le16_to_cpu(desc_cport->id)) {
266 dev_err(&bundle->dev,
267 "duplicate CPort %u found\n",
268 cport_id);
269 goto exit;
270 }
271 }
272 list_move_tail(&desc->links, &list);
273 count++;
274 }
275
276 if (!count)
277 return 0;
278
279 bundle->cport_desc = kcalloc(count, sizeof(*bundle->cport_desc),
280 GFP_KERNEL);
281 if (!bundle->cport_desc)
282 goto exit;
283
284 bundle->num_cports = count;
285
286 i = 0;
287 list_for_each_entry_safe(desc, next, &list, links) {
288 desc_cport = desc->data;
289 memcpy(&bundle->cport_desc[i++], desc_cport,
290 sizeof(*desc_cport));
291
292 /* Release the cport descriptor */
293 release_manifest_descriptor(desc);
294 }
295
296 return count;
297 exit:
298 release_cport_descriptors(&list, bundle_id);
299 /*
300 * Free all cports for this bundle to avoid 'excess descriptors'
301 * warnings.
302 */
303 release_cport_descriptors(&intf->manifest_descs, bundle_id);
304
305 return 0; /* Error; count should also be 0 */
306 }
307
308 /*
309 * Find bundle descriptors in the manifest and set up their data
310 * structures. Returns the number of bundles set up for the
311 * given interface.
312 */
gb_manifest_parse_bundles(struct gb_interface * intf)313 static u32 gb_manifest_parse_bundles(struct gb_interface *intf)
314 {
315 struct manifest_desc *desc;
316 struct gb_bundle *bundle;
317 struct gb_bundle *bundle_next;
318 u32 count = 0;
319 u8 bundle_id;
320 u8 class;
321
322 while ((desc = get_next_bundle_desc(intf))) {
323 struct greybus_descriptor_bundle *desc_bundle;
324
325 /* Found one. Set up its bundle structure*/
326 desc_bundle = desc->data;
327 bundle_id = desc_bundle->id;
328 class = desc_bundle->class;
329
330 /* Done with this bundle descriptor */
331 release_manifest_descriptor(desc);
332
333 /* Ignore any legacy control bundles */
334 if (bundle_id == GB_CONTROL_BUNDLE_ID) {
335 dev_dbg(&intf->dev, "%s - ignoring control bundle\n",
336 __func__);
337 release_cport_descriptors(&intf->manifest_descs,
338 bundle_id);
339 continue;
340 }
341
342 /* Nothing else should have its class set to control class */
343 if (class == GREYBUS_CLASS_CONTROL) {
344 dev_err(&intf->dev,
345 "bundle %u cannot use control class\n",
346 bundle_id);
347 goto cleanup;
348 }
349
350 bundle = gb_bundle_create(intf, bundle_id, class);
351 if (!bundle)
352 goto cleanup;
353
354 /*
355 * Now go set up this bundle's functions and cports.
356 *
357 * A 'bundle' represents a device in greybus. It may require
358 * multiple cports for its functioning. If we fail to setup any
359 * cport of a bundle, we better reject the complete bundle as
360 * the device may not be able to function properly then.
361 *
362 * But, failing to setup a cport of bundle X doesn't mean that
363 * the device corresponding to bundle Y will not work properly.
364 * Bundles should be treated as separate independent devices.
365 *
366 * While parsing manifest for an interface, treat bundles as
367 * separate entities and don't reject entire interface and its
368 * bundles on failing to initialize a cport. But make sure the
369 * bundle which needs the cport, gets destroyed properly.
370 */
371 if (!gb_manifest_parse_cports(bundle)) {
372 gb_bundle_destroy(bundle);
373 continue;
374 }
375
376 count++;
377 }
378
379 return count;
380 cleanup:
381 /* An error occurred; undo any changes we've made */
382 list_for_each_entry_safe(bundle, bundle_next, &intf->bundles, links) {
383 gb_bundle_destroy(bundle);
384 count--;
385 }
386 return 0; /* Error; count should also be 0 */
387 }
388
gb_manifest_parse_interface(struct gb_interface * intf,struct manifest_desc * interface_desc)389 static bool gb_manifest_parse_interface(struct gb_interface *intf,
390 struct manifest_desc *interface_desc)
391 {
392 struct greybus_descriptor_interface *desc_intf = interface_desc->data;
393 struct gb_control *control = intf->control;
394 char *str;
395
396 /* Handle the strings first--they can fail */
397 str = gb_string_get(intf, desc_intf->vendor_stringid);
398 if (IS_ERR(str))
399 return false;
400 control->vendor_string = str;
401
402 str = gb_string_get(intf, desc_intf->product_stringid);
403 if (IS_ERR(str))
404 goto out_free_vendor_string;
405 control->product_string = str;
406
407 /* Assign feature flags communicated via manifest */
408 intf->features = desc_intf->features;
409
410 /* Release the interface descriptor, now that we're done with it */
411 release_manifest_descriptor(interface_desc);
412
413 /* An interface must have at least one bundle descriptor */
414 if (!gb_manifest_parse_bundles(intf)) {
415 dev_err(&intf->dev, "manifest bundle descriptors not valid\n");
416 goto out_err;
417 }
418
419 return true;
420 out_err:
421 kfree(control->product_string);
422 control->product_string = NULL;
423 out_free_vendor_string:
424 kfree(control->vendor_string);
425 control->vendor_string = NULL;
426
427 return false;
428 }
429
430 /*
431 * Parse a buffer containing an interface manifest.
432 *
433 * If we find anything wrong with the content/format of the buffer
434 * we reject it.
435 *
436 * The first requirement is that the manifest's version is
437 * one we can parse.
438 *
439 * We make an initial pass through the buffer and identify all of
440 * the descriptors it contains, keeping track for each its type
441 * and the location size of its data in the buffer.
442 *
443 * Next we scan the descriptors, looking for an interface descriptor;
444 * there must be exactly one of those. When found, we record the
445 * information it contains, and then remove that descriptor (and any
446 * string descriptors it refers to) from further consideration.
447 *
448 * After that we look for the interface's bundles--there must be at
449 * least one of those.
450 *
451 * Returns true if parsing was successful, false otherwise.
452 */
gb_manifest_parse(struct gb_interface * intf,void * data,size_t size)453 bool gb_manifest_parse(struct gb_interface *intf, void *data, size_t size)
454 {
455 struct greybus_manifest *manifest;
456 struct greybus_manifest_header *header;
457 struct greybus_descriptor *desc;
458 struct manifest_desc *descriptor;
459 struct manifest_desc *interface_desc = NULL;
460 u16 manifest_size;
461 u32 found = 0;
462 bool result;
463
464 /* Manifest descriptor list should be empty here */
465 if (WARN_ON(!list_empty(&intf->manifest_descs)))
466 return false;
467
468 /* we have to have at _least_ the manifest header */
469 if (size < sizeof(*header)) {
470 dev_err(&intf->dev, "short manifest (%zu < %zu)\n",
471 size, sizeof(*header));
472 return false;
473 }
474
475 /* Make sure the size is right */
476 manifest = data;
477 header = &manifest->header;
478 manifest_size = le16_to_cpu(header->size);
479 if (manifest_size != size) {
480 dev_err(&intf->dev, "manifest size mismatch (%zu != %u)\n",
481 size, manifest_size);
482 return false;
483 }
484
485 /* Validate major/minor number */
486 if (header->version_major > GREYBUS_VERSION_MAJOR) {
487 dev_err(&intf->dev, "manifest version too new (%u.%u > %u.%u)\n",
488 header->version_major, header->version_minor,
489 GREYBUS_VERSION_MAJOR, GREYBUS_VERSION_MINOR);
490 return false;
491 }
492
493 /* OK, find all the descriptors */
494 desc = manifest->descriptors;
495 size -= sizeof(*header);
496 while (size) {
497 int desc_size;
498
499 desc_size = identify_descriptor(intf, desc, size);
500 if (desc_size < 0) {
501 result = false;
502 goto out;
503 }
504 desc = (struct greybus_descriptor *)((char *)desc + desc_size);
505 size -= desc_size;
506 }
507
508 /* There must be a single interface descriptor */
509 list_for_each_entry(descriptor, &intf->manifest_descs, links) {
510 if (descriptor->type == GREYBUS_TYPE_INTERFACE)
511 if (!found++)
512 interface_desc = descriptor;
513 }
514 if (found != 1) {
515 dev_err(&intf->dev, "manifest must have 1 interface descriptor (%u found)\n",
516 found);
517 result = false;
518 goto out;
519 }
520
521 /* Parse the manifest, starting with the interface descriptor */
522 result = gb_manifest_parse_interface(intf, interface_desc);
523
524 /*
525 * We really should have no remaining descriptors, but we
526 * don't know what newer format manifests might leave.
527 */
528 if (result && !list_empty(&intf->manifest_descs))
529 dev_info(&intf->dev, "excess descriptors in interface manifest\n");
530 out:
531 release_manifest_descriptors(intf);
532
533 return result;
534 }
535
