1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3  * Copyright 2010 Google Inc. All Rights Reserved.
4  * Author: dlaurie@google.com (Duncan Laurie)
5  *
6  * Re-worked to expose sysfs APIs by mikew@google.com (Mike Waychison)
7  *
8  * EFI SMI interface for Google platforms
9  */
10 
11 #include <linux/kernel.h>
12 #include <linux/init.h>
13 #include <linux/types.h>
14 #include <linux/device.h>
15 #include <linux/platform_device.h>
16 #include <linux/errno.h>
17 #include <linux/string.h>
18 #include <linux/spinlock.h>
19 #include <linux/dma-mapping.h>
20 #include <linux/fs.h>
21 #include <linux/slab.h>
22 #include <linux/panic_notifier.h>
23 #include <linux/ioctl.h>
24 #include <linux/acpi.h>
25 #include <linux/io.h>
26 #include <linux/uaccess.h>
27 #include <linux/dmi.h>
28 #include <linux/kdebug.h>
29 #include <linux/reboot.h>
30 #include <linux/efi.h>
31 #include <linux/module.h>
32 #include <linux/ucs2_string.h>
33 #include <linux/suspend.h>
34 
35 #define GSMI_SHUTDOWN_CLEAN	0	/* Clean Shutdown */
36 /* TODO(mikew@google.com): Tie in HARDLOCKUP_DETECTOR with NMIWDT */
37 #define GSMI_SHUTDOWN_NMIWDT	1	/* NMI Watchdog */
38 #define GSMI_SHUTDOWN_PANIC	2	/* Panic */
39 #define GSMI_SHUTDOWN_OOPS	3	/* Oops */
40 #define GSMI_SHUTDOWN_DIE	4	/* Die -- No longer meaningful */
41 #define GSMI_SHUTDOWN_MCE	5	/* Machine Check */
42 #define GSMI_SHUTDOWN_SOFTWDT	6	/* Software Watchdog */
43 #define GSMI_SHUTDOWN_MBE	7	/* Uncorrected ECC */
44 #define GSMI_SHUTDOWN_TRIPLE	8	/* Triple Fault */
45 
46 #define DRIVER_VERSION		"1.0"
47 #define GSMI_GUID_SIZE		16
48 #define GSMI_BUF_SIZE		1024
49 #define GSMI_BUF_ALIGN		sizeof(u64)
50 #define GSMI_CALLBACK		0xef
51 
52 /* SMI return codes */
53 #define GSMI_SUCCESS		0x00
54 #define GSMI_UNSUPPORTED2	0x03
55 #define GSMI_LOG_FULL		0x0b
56 #define GSMI_VAR_NOT_FOUND	0x0e
57 #define GSMI_HANDSHAKE_SPIN	0x7d
58 #define GSMI_HANDSHAKE_CF	0x7e
59 #define GSMI_HANDSHAKE_NONE	0x7f
60 #define GSMI_INVALID_PARAMETER	0x82
61 #define GSMI_UNSUPPORTED	0x83
62 #define GSMI_BUFFER_TOO_SMALL	0x85
63 #define GSMI_NOT_READY		0x86
64 #define GSMI_DEVICE_ERROR	0x87
65 #define GSMI_NOT_FOUND		0x8e
66 
67 #define QUIRKY_BOARD_HASH 0x78a30a50
68 
69 /* Internally used commands passed to the firmware */
70 #define GSMI_CMD_GET_NVRAM_VAR		0x01
71 #define GSMI_CMD_GET_NEXT_VAR		0x02
72 #define GSMI_CMD_SET_NVRAM_VAR		0x03
73 #define GSMI_CMD_SET_EVENT_LOG		0x08
74 #define GSMI_CMD_CLEAR_EVENT_LOG	0x09
75 #define GSMI_CMD_LOG_S0IX_SUSPEND	0x0a
76 #define GSMI_CMD_LOG_S0IX_RESUME	0x0b
77 #define GSMI_CMD_CLEAR_CONFIG		0x20
78 #define GSMI_CMD_HANDSHAKE_TYPE		0xC1
79 #define GSMI_CMD_RESERVED		0xff
80 
81 /* Magic entry type for kernel events */
82 #define GSMI_LOG_ENTRY_TYPE_KERNEL     0xDEAD
83 
84 /* SMI buffers must be in 32bit physical address space */
85 struct gsmi_buf {
86 	u8 *start;			/* start of buffer */
87 	size_t length;			/* length of buffer */
88 	u32 address;			/* physical address of buffer */
89 };
90 
91 static struct gsmi_device {
92 	struct platform_device *pdev;	/* platform device */
93 	struct gsmi_buf *name_buf;	/* variable name buffer */
94 	struct gsmi_buf *data_buf;	/* generic data buffer */
95 	struct gsmi_buf *param_buf;	/* parameter buffer */
96 	spinlock_t lock;		/* serialize access to SMIs */
97 	u16 smi_cmd;			/* SMI command port */
98 	int handshake_type;		/* firmware handler interlock type */
99 	struct kmem_cache *mem_pool;	/* kmem cache for gsmi_buf allocations */
100 } gsmi_dev;
101 
102 /* Packed structures for communicating with the firmware */
103 struct gsmi_nvram_var_param {
104 	efi_guid_t	guid;
105 	u32		name_ptr;
106 	u32		attributes;
107 	u32		data_len;
108 	u32		data_ptr;
109 } __packed;
110 
111 struct gsmi_get_next_var_param {
112 	u8	guid[GSMI_GUID_SIZE];
113 	u32	name_ptr;
114 	u32	name_len;
115 } __packed;
116 
117 struct gsmi_set_eventlog_param {
118 	u32	data_ptr;
119 	u32	data_len;
120 	u32	type;
121 } __packed;
122 
123 /* Event log formats */
124 struct gsmi_log_entry_type_1 {
125 	u16	type;
126 	u32	instance;
127 } __packed;
128 
129 /*
130  * Some platforms don't have explicit SMI handshake
131  * and need to wait for SMI to complete.
132  */
133 #define GSMI_DEFAULT_SPINCOUNT	0x10000
134 static unsigned int spincount = GSMI_DEFAULT_SPINCOUNT;
135 module_param(spincount, uint, 0600);
136 MODULE_PARM_DESC(spincount,
137 	"The number of loop iterations to use when using the spin handshake.");
138 
139 /*
140  * Some older platforms with Apollo Lake chipsets do not support S0ix logging
141  * in their GSMI handlers, and behaved poorly when resuming via power button
142  * press if the logging was attempted. Updated firmware with proper behavior
143  * has long since shipped, removing the need for this opt-in parameter. It
144  * now exists as an opt-out parameter for folks defiantly running old
145  * firmware, or unforeseen circumstances. After the change from opt-in to
146  * opt-out has baked sufficiently, this parameter should probably be removed
147  * entirely.
148  */
149 static bool s0ix_logging_enable = true;
150 module_param(s0ix_logging_enable, bool, 0600);
151 
gsmi_buf_alloc(void)152 static struct gsmi_buf *gsmi_buf_alloc(void)
153 {
154 	struct gsmi_buf *smibuf;
155 
156 	smibuf = kzalloc(sizeof(*smibuf), GFP_KERNEL);
157 	if (!smibuf) {
158 		printk(KERN_ERR "gsmi: out of memory\n");
159 		return NULL;
160 	}
161 
162 	/* allocate buffer in 32bit address space */
163 	smibuf->start = kmem_cache_alloc(gsmi_dev.mem_pool, GFP_KERNEL);
164 	if (!smibuf->start) {
165 		printk(KERN_ERR "gsmi: failed to allocate name buffer\n");
166 		kfree(smibuf);
167 		return NULL;
168 	}
169 
170 	/* fill in the buffer handle */
171 	smibuf->length = GSMI_BUF_SIZE;
172 	smibuf->address = (u32)virt_to_phys(smibuf->start);
173 
174 	return smibuf;
175 }
176 
gsmi_buf_free(struct gsmi_buf * smibuf)177 static void gsmi_buf_free(struct gsmi_buf *smibuf)
178 {
179 	if (smibuf) {
180 		if (smibuf->start)
181 			kmem_cache_free(gsmi_dev.mem_pool, smibuf->start);
182 		kfree(smibuf);
183 	}
184 }
185 
186 /*
187  * Make a call to gsmi func(sub).  GSMI error codes are translated to
188  * in-kernel errnos (0 on success, -ERRNO on error).
189  */
gsmi_exec(u8 func,u8 sub)190 static int gsmi_exec(u8 func, u8 sub)
191 {
192 	u16 cmd = (sub << 8) | func;
193 	u16 result = 0;
194 	int rc = 0;
195 
196 	/*
197 	 * AH  : Subfunction number
198 	 * AL  : Function number
199 	 * EBX : Parameter block address
200 	 * DX  : SMI command port
201 	 *
202 	 * Three protocols here. See also the comment in gsmi_init().
203 	 */
204 	if (gsmi_dev.handshake_type == GSMI_HANDSHAKE_CF) {
205 		/*
206 		 * If handshake_type == HANDSHAKE_CF then set CF on the
207 		 * way in and wait for the handler to clear it; this avoids
208 		 * corrupting register state on those chipsets which have
209 		 * a delay between writing the SMI trigger register and
210 		 * entering SMM.
211 		 */
212 		asm volatile (
213 			"stc\n"
214 			"outb %%al, %%dx\n"
215 		"1:      jc 1b\n"
216 			: "=a" (result)
217 			: "0" (cmd),
218 			  "d" (gsmi_dev.smi_cmd),
219 			  "b" (gsmi_dev.param_buf->address)
220 			: "memory", "cc"
221 		);
222 	} else if (gsmi_dev.handshake_type == GSMI_HANDSHAKE_SPIN) {
223 		/*
224 		 * If handshake_type == HANDSHAKE_SPIN we spin a
225 		 * hundred-ish usecs to ensure the SMI has triggered.
226 		 */
227 		asm volatile (
228 			"outb %%al, %%dx\n"
229 		"1:      loop 1b\n"
230 			: "=a" (result)
231 			: "0" (cmd),
232 			  "d" (gsmi_dev.smi_cmd),
233 			  "b" (gsmi_dev.param_buf->address),
234 			  "c" (spincount)
235 			: "memory", "cc"
236 		);
237 	} else {
238 		/*
239 		 * If handshake_type == HANDSHAKE_NONE we do nothing;
240 		 * either we don't need to or it's legacy firmware that
241 		 * doesn't understand the CF protocol.
242 		 */
243 		asm volatile (
244 			"outb %%al, %%dx\n\t"
245 			: "=a" (result)
246 			: "0" (cmd),
247 			  "d" (gsmi_dev.smi_cmd),
248 			  "b" (gsmi_dev.param_buf->address)
249 			: "memory", "cc"
250 		);
251 	}
252 
253 	/* check return code from SMI handler */
254 	switch (result) {
255 	case GSMI_SUCCESS:
256 		break;
257 	case GSMI_VAR_NOT_FOUND:
258 		/* not really an error, but let the caller know */
259 		rc = 1;
260 		break;
261 	case GSMI_INVALID_PARAMETER:
262 		printk(KERN_ERR "gsmi: exec 0x%04x: Invalid parameter\n", cmd);
263 		rc = -EINVAL;
264 		break;
265 	case GSMI_BUFFER_TOO_SMALL:
266 		printk(KERN_ERR "gsmi: exec 0x%04x: Buffer too small\n", cmd);
267 		rc = -ENOMEM;
268 		break;
269 	case GSMI_UNSUPPORTED:
270 	case GSMI_UNSUPPORTED2:
271 		if (sub != GSMI_CMD_HANDSHAKE_TYPE)
272 			printk(KERN_ERR "gsmi: exec 0x%04x: Not supported\n",
273 			       cmd);
274 		rc = -ENOSYS;
275 		break;
276 	case GSMI_NOT_READY:
277 		printk(KERN_ERR "gsmi: exec 0x%04x: Not ready\n", cmd);
278 		rc = -EBUSY;
279 		break;
280 	case GSMI_DEVICE_ERROR:
281 		printk(KERN_ERR "gsmi: exec 0x%04x: Device error\n", cmd);
282 		rc = -EFAULT;
283 		break;
284 	case GSMI_NOT_FOUND:
285 		printk(KERN_ERR "gsmi: exec 0x%04x: Data not found\n", cmd);
286 		rc = -ENOENT;
287 		break;
288 	case GSMI_LOG_FULL:
289 		printk(KERN_ERR "gsmi: exec 0x%04x: Log full\n", cmd);
290 		rc = -ENOSPC;
291 		break;
292 	case GSMI_HANDSHAKE_CF:
293 	case GSMI_HANDSHAKE_SPIN:
294 	case GSMI_HANDSHAKE_NONE:
295 		rc = result;
296 		break;
297 	default:
298 		printk(KERN_ERR "gsmi: exec 0x%04x: Unknown error 0x%04x\n",
299 		       cmd, result);
300 		rc = -ENXIO;
301 	}
302 
303 	return rc;
304 }
305 
306 #ifdef CONFIG_EFI
307 
308 static struct efivars efivars;
309 
gsmi_get_variable(efi_char16_t * name,efi_guid_t * vendor,u32 * attr,unsigned long * data_size,void * data)310 static efi_status_t gsmi_get_variable(efi_char16_t *name,
311 				      efi_guid_t *vendor, u32 *attr,
312 				      unsigned long *data_size,
313 				      void *data)
314 {
315 	struct gsmi_nvram_var_param param = {
316 		.name_ptr = gsmi_dev.name_buf->address,
317 		.data_ptr = gsmi_dev.data_buf->address,
318 		.data_len = (u32)*data_size,
319 	};
320 	efi_status_t ret = EFI_SUCCESS;
321 	unsigned long flags;
322 	size_t name_len = ucs2_strnlen(name, GSMI_BUF_SIZE / 2);
323 	int rc;
324 
325 	if (name_len >= GSMI_BUF_SIZE / 2)
326 		return EFI_BAD_BUFFER_SIZE;
327 
328 	spin_lock_irqsave(&gsmi_dev.lock, flags);
329 
330 	/* Vendor guid */
331 	memcpy(&param.guid, vendor, sizeof(param.guid));
332 
333 	/* variable name, already in UTF-16 */
334 	memset(gsmi_dev.name_buf->start, 0, gsmi_dev.name_buf->length);
335 	memcpy(gsmi_dev.name_buf->start, name, name_len * 2);
336 
337 	/* data pointer */
338 	memset(gsmi_dev.data_buf->start, 0, gsmi_dev.data_buf->length);
339 
340 	/* parameter buffer */
341 	memset(gsmi_dev.param_buf->start, 0, gsmi_dev.param_buf->length);
342 	memcpy(gsmi_dev.param_buf->start, &param, sizeof(param));
343 
344 	rc = gsmi_exec(GSMI_CALLBACK, GSMI_CMD_GET_NVRAM_VAR);
345 	if (rc < 0) {
346 		printk(KERN_ERR "gsmi: Get Variable failed\n");
347 		ret = EFI_LOAD_ERROR;
348 	} else if (rc == 1) {
349 		/* variable was not found */
350 		ret = EFI_NOT_FOUND;
351 	} else {
352 		/* Get the arguments back */
353 		memcpy(&param, gsmi_dev.param_buf->start, sizeof(param));
354 
355 		/* The size reported is the min of all of our buffers */
356 		*data_size = min_t(unsigned long, *data_size,
357 						gsmi_dev.data_buf->length);
358 		*data_size = min_t(unsigned long, *data_size, param.data_len);
359 
360 		/* Copy data back to return buffer. */
361 		memcpy(data, gsmi_dev.data_buf->start, *data_size);
362 
363 		/* All variables are have the following attributes */
364 		*attr = EFI_VARIABLE_NON_VOLATILE |
365 			EFI_VARIABLE_BOOTSERVICE_ACCESS |
366 			EFI_VARIABLE_RUNTIME_ACCESS;
367 	}
368 
369 	spin_unlock_irqrestore(&gsmi_dev.lock, flags);
370 
371 	return ret;
372 }
373 
gsmi_get_next_variable(unsigned long * name_size,efi_char16_t * name,efi_guid_t * vendor)374 static efi_status_t gsmi_get_next_variable(unsigned long *name_size,
375 					   efi_char16_t *name,
376 					   efi_guid_t *vendor)
377 {
378 	struct gsmi_get_next_var_param param = {
379 		.name_ptr = gsmi_dev.name_buf->address,
380 		.name_len = gsmi_dev.name_buf->length,
381 	};
382 	efi_status_t ret = EFI_SUCCESS;
383 	int rc;
384 	unsigned long flags;
385 
386 	/* For the moment, only support buffers that exactly match in size */
387 	if (*name_size != GSMI_BUF_SIZE)
388 		return EFI_BAD_BUFFER_SIZE;
389 
390 	/* Let's make sure the thing is at least null-terminated */
391 	if (ucs2_strnlen(name, GSMI_BUF_SIZE / 2) == GSMI_BUF_SIZE / 2)
392 		return EFI_INVALID_PARAMETER;
393 
394 	spin_lock_irqsave(&gsmi_dev.lock, flags);
395 
396 	/* guid */
397 	memcpy(&param.guid, vendor, sizeof(param.guid));
398 
399 	/* variable name, already in UTF-16 */
400 	memcpy(gsmi_dev.name_buf->start, name, *name_size);
401 
402 	/* parameter buffer */
403 	memset(gsmi_dev.param_buf->start, 0, gsmi_dev.param_buf->length);
404 	memcpy(gsmi_dev.param_buf->start, &param, sizeof(param));
405 
406 	rc = gsmi_exec(GSMI_CALLBACK, GSMI_CMD_GET_NEXT_VAR);
407 	if (rc < 0) {
408 		printk(KERN_ERR "gsmi: Get Next Variable Name failed\n");
409 		ret = EFI_LOAD_ERROR;
410 	} else if (rc == 1) {
411 		/* variable not found -- end of list */
412 		ret = EFI_NOT_FOUND;
413 	} else {
414 		/* copy variable data back to return buffer */
415 		memcpy(&param, gsmi_dev.param_buf->start, sizeof(param));
416 
417 		/* Copy the name back */
418 		memcpy(name, gsmi_dev.name_buf->start, GSMI_BUF_SIZE);
419 		*name_size = ucs2_strnlen(name, GSMI_BUF_SIZE / 2) * 2;
420 
421 		/* copy guid to return buffer */
422 		memcpy(vendor, &param.guid, sizeof(param.guid));
423 		ret = EFI_SUCCESS;
424 	}
425 
426 	spin_unlock_irqrestore(&gsmi_dev.lock, flags);
427 
428 	return ret;
429 }
430 
gsmi_set_variable(efi_char16_t * name,efi_guid_t * vendor,u32 attr,unsigned long data_size,void * data)431 static efi_status_t gsmi_set_variable(efi_char16_t *name,
432 				      efi_guid_t *vendor,
433 				      u32 attr,
434 				      unsigned long data_size,
435 				      void *data)
436 {
437 	struct gsmi_nvram_var_param param = {
438 		.name_ptr = gsmi_dev.name_buf->address,
439 		.data_ptr = gsmi_dev.data_buf->address,
440 		.data_len = (u32)data_size,
441 		.attributes = EFI_VARIABLE_NON_VOLATILE |
442 			      EFI_VARIABLE_BOOTSERVICE_ACCESS |
443 			      EFI_VARIABLE_RUNTIME_ACCESS,
444 	};
445 	size_t name_len = ucs2_strnlen(name, GSMI_BUF_SIZE / 2);
446 	efi_status_t ret = EFI_SUCCESS;
447 	int rc;
448 	unsigned long flags;
449 
450 	if (name_len >= GSMI_BUF_SIZE / 2)
451 		return EFI_BAD_BUFFER_SIZE;
452 
453 	spin_lock_irqsave(&gsmi_dev.lock, flags);
454 
455 	/* guid */
456 	memcpy(&param.guid, vendor, sizeof(param.guid));
457 
458 	/* variable name, already in UTF-16 */
459 	memset(gsmi_dev.name_buf->start, 0, gsmi_dev.name_buf->length);
460 	memcpy(gsmi_dev.name_buf->start, name, name_len * 2);
461 
462 	/* data pointer */
463 	memset(gsmi_dev.data_buf->start, 0, gsmi_dev.data_buf->length);
464 	memcpy(gsmi_dev.data_buf->start, data, data_size);
465 
466 	/* parameter buffer */
467 	memset(gsmi_dev.param_buf->start, 0, gsmi_dev.param_buf->length);
468 	memcpy(gsmi_dev.param_buf->start, &param, sizeof(param));
469 
470 	rc = gsmi_exec(GSMI_CALLBACK, GSMI_CMD_SET_NVRAM_VAR);
471 	if (rc < 0) {
472 		printk(KERN_ERR "gsmi: Set Variable failed\n");
473 		ret = EFI_INVALID_PARAMETER;
474 	}
475 
476 	spin_unlock_irqrestore(&gsmi_dev.lock, flags);
477 
478 	return ret;
479 }
480 
481 static const struct efivar_operations efivar_ops = {
482 	.get_variable = gsmi_get_variable,
483 	.set_variable = gsmi_set_variable,
484 	.get_next_variable = gsmi_get_next_variable,
485 };
486 
487 #endif /* CONFIG_EFI */
488 
eventlog_write(struct file * filp,struct kobject * kobj,struct bin_attribute * bin_attr,char * buf,loff_t pos,size_t count)489 static ssize_t eventlog_write(struct file *filp, struct kobject *kobj,
490 			       struct bin_attribute *bin_attr,
491 			       char *buf, loff_t pos, size_t count)
492 {
493 	struct gsmi_set_eventlog_param param = {
494 		.data_ptr = gsmi_dev.data_buf->address,
495 	};
496 	int rc = 0;
497 	unsigned long flags;
498 
499 	/* Pull the type out */
500 	if (count < sizeof(u32))
501 		return -EINVAL;
502 	param.type = *(u32 *)buf;
503 	buf += sizeof(u32);
504 
505 	/* The remaining buffer is the data payload */
506 	if ((count - sizeof(u32)) > gsmi_dev.data_buf->length)
507 		return -EINVAL;
508 	param.data_len = count - sizeof(u32);
509 
510 	spin_lock_irqsave(&gsmi_dev.lock, flags);
511 
512 	/* data pointer */
513 	memset(gsmi_dev.data_buf->start, 0, gsmi_dev.data_buf->length);
514 	memcpy(gsmi_dev.data_buf->start, buf, param.data_len);
515 
516 	/* parameter buffer */
517 	memset(gsmi_dev.param_buf->start, 0, gsmi_dev.param_buf->length);
518 	memcpy(gsmi_dev.param_buf->start, &param, sizeof(param));
519 
520 	rc = gsmi_exec(GSMI_CALLBACK, GSMI_CMD_SET_EVENT_LOG);
521 	if (rc < 0)
522 		printk(KERN_ERR "gsmi: Set Event Log failed\n");
523 
524 	spin_unlock_irqrestore(&gsmi_dev.lock, flags);
525 
526 	return (rc == 0) ? count : rc;
527 
528 }
529 
530 static struct bin_attribute eventlog_bin_attr = {
531 	.attr = {.name = "append_to_eventlog", .mode = 0200},
532 	.write = eventlog_write,
533 };
534 
gsmi_clear_eventlog_store(struct kobject * kobj,struct kobj_attribute * attr,const char * buf,size_t count)535 static ssize_t gsmi_clear_eventlog_store(struct kobject *kobj,
536 					 struct kobj_attribute *attr,
537 					 const char *buf, size_t count)
538 {
539 	int rc;
540 	unsigned long flags;
541 	unsigned long val;
542 	struct {
543 		u32 percentage;
544 		u32 data_type;
545 	} param;
546 
547 	rc = kstrtoul(buf, 0, &val);
548 	if (rc)
549 		return rc;
550 
551 	/*
552 	 * Value entered is a percentage, 0 through 100, anything else
553 	 * is invalid.
554 	 */
555 	if (val > 100)
556 		return -EINVAL;
557 
558 	/* data_type here selects the smbios event log. */
559 	param.percentage = val;
560 	param.data_type = 0;
561 
562 	spin_lock_irqsave(&gsmi_dev.lock, flags);
563 
564 	/* parameter buffer */
565 	memset(gsmi_dev.param_buf->start, 0, gsmi_dev.param_buf->length);
566 	memcpy(gsmi_dev.param_buf->start, &param, sizeof(param));
567 
568 	rc = gsmi_exec(GSMI_CALLBACK, GSMI_CMD_CLEAR_EVENT_LOG);
569 
570 	spin_unlock_irqrestore(&gsmi_dev.lock, flags);
571 
572 	if (rc)
573 		return rc;
574 	return count;
575 }
576 
577 static struct kobj_attribute gsmi_clear_eventlog_attr = {
578 	.attr = {.name = "clear_eventlog", .mode = 0200},
579 	.store = gsmi_clear_eventlog_store,
580 };
581 
gsmi_clear_config_store(struct kobject * kobj,struct kobj_attribute * attr,const char * buf,size_t count)582 static ssize_t gsmi_clear_config_store(struct kobject *kobj,
583 				       struct kobj_attribute *attr,
584 				       const char *buf, size_t count)
585 {
586 	int rc;
587 	unsigned long flags;
588 
589 	spin_lock_irqsave(&gsmi_dev.lock, flags);
590 
591 	/* clear parameter buffer */
592 	memset(gsmi_dev.param_buf->start, 0, gsmi_dev.param_buf->length);
593 
594 	rc = gsmi_exec(GSMI_CALLBACK, GSMI_CMD_CLEAR_CONFIG);
595 
596 	spin_unlock_irqrestore(&gsmi_dev.lock, flags);
597 
598 	if (rc)
599 		return rc;
600 	return count;
601 }
602 
603 static struct kobj_attribute gsmi_clear_config_attr = {
604 	.attr = {.name = "clear_config", .mode = 0200},
605 	.store = gsmi_clear_config_store,
606 };
607 
608 static const struct attribute *gsmi_attrs[] = {
609 	&gsmi_clear_config_attr.attr,
610 	&gsmi_clear_eventlog_attr.attr,
611 	NULL,
612 };
613 
gsmi_shutdown_reason(int reason)614 static int gsmi_shutdown_reason(int reason)
615 {
616 	struct gsmi_log_entry_type_1 entry = {
617 		.type     = GSMI_LOG_ENTRY_TYPE_KERNEL,
618 		.instance = reason,
619 	};
620 	struct gsmi_set_eventlog_param param = {
621 		.data_len = sizeof(entry),
622 		.type     = 1,
623 	};
624 	static int saved_reason;
625 	int rc = 0;
626 	unsigned long flags;
627 
628 	/* avoid duplicate entries in the log */
629 	if (saved_reason & (1 << reason))
630 		return 0;
631 
632 	spin_lock_irqsave(&gsmi_dev.lock, flags);
633 
634 	saved_reason |= (1 << reason);
635 
636 	/* data pointer */
637 	memset(gsmi_dev.data_buf->start, 0, gsmi_dev.data_buf->length);
638 	memcpy(gsmi_dev.data_buf->start, &entry, sizeof(entry));
639 
640 	/* parameter buffer */
641 	param.data_ptr = gsmi_dev.data_buf->address;
642 	memset(gsmi_dev.param_buf->start, 0, gsmi_dev.param_buf->length);
643 	memcpy(gsmi_dev.param_buf->start, &param, sizeof(param));
644 
645 	rc = gsmi_exec(GSMI_CALLBACK, GSMI_CMD_SET_EVENT_LOG);
646 
647 	spin_unlock_irqrestore(&gsmi_dev.lock, flags);
648 
649 	if (rc < 0)
650 		printk(KERN_ERR "gsmi: Log Shutdown Reason failed\n");
651 	else
652 		printk(KERN_EMERG "gsmi: Log Shutdown Reason 0x%02x\n",
653 		       reason);
654 
655 	return rc;
656 }
657 
gsmi_reboot_callback(struct notifier_block * nb,unsigned long reason,void * arg)658 static int gsmi_reboot_callback(struct notifier_block *nb,
659 				unsigned long reason, void *arg)
660 {
661 	gsmi_shutdown_reason(GSMI_SHUTDOWN_CLEAN);
662 	return NOTIFY_DONE;
663 }
664 
665 static struct notifier_block gsmi_reboot_notifier = {
666 	.notifier_call = gsmi_reboot_callback
667 };
668 
gsmi_die_callback(struct notifier_block * nb,unsigned long reason,void * arg)669 static int gsmi_die_callback(struct notifier_block *nb,
670 			     unsigned long reason, void *arg)
671 {
672 	if (reason == DIE_OOPS)
673 		gsmi_shutdown_reason(GSMI_SHUTDOWN_OOPS);
674 	return NOTIFY_DONE;
675 }
676 
677 static struct notifier_block gsmi_die_notifier = {
678 	.notifier_call = gsmi_die_callback
679 };
680 
gsmi_panic_callback(struct notifier_block * nb,unsigned long reason,void * arg)681 static int gsmi_panic_callback(struct notifier_block *nb,
682 			       unsigned long reason, void *arg)
683 {
684 
685 	/*
686 	 * Panic callbacks are executed with all other CPUs stopped,
687 	 * so we must not attempt to spin waiting for gsmi_dev.lock
688 	 * to be released.
689 	 */
690 	if (spin_is_locked(&gsmi_dev.lock))
691 		return NOTIFY_DONE;
692 
693 	gsmi_shutdown_reason(GSMI_SHUTDOWN_PANIC);
694 	return NOTIFY_DONE;
695 }
696 
697 static struct notifier_block gsmi_panic_notifier = {
698 	.notifier_call = gsmi_panic_callback,
699 };
700 
701 /*
702  * This hash function was blatantly copied from include/linux/hash.h.
703  * It is used by this driver to obfuscate a board name that requires a
704  * quirk within this driver.
705  *
706  * Please do not remove this copy of the function as any changes to the
707  * global utility hash_64() function would break this driver's ability
708  * to identify a board and provide the appropriate quirk -- mikew@google.com
709  */
local_hash_64(u64 val,unsigned bits)710 static u64 __init local_hash_64(u64 val, unsigned bits)
711 {
712 	u64 hash = val;
713 
714 	/*  Sigh, gcc can't optimise this alone like it does for 32 bits. */
715 	u64 n = hash;
716 	n <<= 18;
717 	hash -= n;
718 	n <<= 33;
719 	hash -= n;
720 	n <<= 3;
721 	hash += n;
722 	n <<= 3;
723 	hash -= n;
724 	n <<= 4;
725 	hash += n;
726 	n <<= 2;
727 	hash += n;
728 
729 	/* High bits are more random, so use them. */
730 	return hash >> (64 - bits);
731 }
732 
hash_oem_table_id(char s[8])733 static u32 __init hash_oem_table_id(char s[8])
734 {
735 	u64 input;
736 	memcpy(&input, s, 8);
737 	return local_hash_64(input, 32);
738 }
739 
740 static const struct dmi_system_id gsmi_dmi_table[] __initconst = {
741 	{
742 		.ident = "Google Board",
743 		.matches = {
744 			DMI_MATCH(DMI_BOARD_VENDOR, "Google, Inc."),
745 		},
746 	},
747 	{
748 		.ident = "Coreboot Firmware",
749 		.matches = {
750 			DMI_MATCH(DMI_BIOS_VENDOR, "coreboot"),
751 		},
752 	},
753 	{}
754 };
755 MODULE_DEVICE_TABLE(dmi, gsmi_dmi_table);
756 
gsmi_system_valid(void)757 static __init int gsmi_system_valid(void)
758 {
759 	u32 hash;
760 	u16 cmd, result;
761 
762 	if (!dmi_check_system(gsmi_dmi_table))
763 		return -ENODEV;
764 
765 	/*
766 	 * Only newer firmware supports the gsmi interface.  All older
767 	 * firmware that didn't support this interface used to plug the
768 	 * table name in the first four bytes of the oem_table_id field.
769 	 * Newer firmware doesn't do that though, so use that as the
770 	 * discriminant factor.  We have to do this in order to
771 	 * whitewash our board names out of the public driver.
772 	 */
773 	if (!strncmp(acpi_gbl_FADT.header.oem_table_id, "FACP", 4)) {
774 		printk(KERN_INFO "gsmi: Board is too old\n");
775 		return -ENODEV;
776 	}
777 
778 	/* Disable on board with 1.0 BIOS due to Google bug 2602657 */
779 	hash = hash_oem_table_id(acpi_gbl_FADT.header.oem_table_id);
780 	if (hash == QUIRKY_BOARD_HASH) {
781 		const char *bios_ver = dmi_get_system_info(DMI_BIOS_VERSION);
782 		if (strncmp(bios_ver, "1.0", 3) == 0) {
783 			pr_info("gsmi: disabled on this board's BIOS %s\n",
784 				bios_ver);
785 			return -ENODEV;
786 		}
787 	}
788 
789 	/* check for valid SMI command port in ACPI FADT */
790 	if (acpi_gbl_FADT.smi_command == 0) {
791 		pr_info("gsmi: missing smi_command\n");
792 		return -ENODEV;
793 	}
794 
795 	/* Test the smihandler with a bogus command. If it leaves the
796 	 * calling argument in %ax untouched, there is no handler for
797 	 * GSMI commands.
798 	 */
799 	cmd = GSMI_CALLBACK | GSMI_CMD_RESERVED << 8;
800 	asm volatile (
801 		"outb %%al, %%dx\n\t"
802 		: "=a" (result)
803 		: "0" (cmd),
804 		  "d" (acpi_gbl_FADT.smi_command)
805 		: "memory", "cc"
806 		);
807 	if (cmd == result) {
808 		pr_info("gsmi: no gsmi handler in firmware\n");
809 		return -ENODEV;
810 	}
811 
812 	/* Found */
813 	return 0;
814 }
815 
816 static struct kobject *gsmi_kobj;
817 
818 static const struct platform_device_info gsmi_dev_info = {
819 	.name		= "gsmi",
820 	.id		= -1,
821 	/* SMI callbacks require 32bit addresses */
822 	.dma_mask	= DMA_BIT_MASK(32),
823 };
824 
825 #ifdef CONFIG_PM
gsmi_log_s0ix_info(u8 cmd)826 static void gsmi_log_s0ix_info(u8 cmd)
827 {
828 	unsigned long flags;
829 
830 	/*
831 	 * If platform has not enabled S0ix logging, then no action is
832 	 * necessary.
833 	 */
834 	if (!s0ix_logging_enable)
835 		return;
836 
837 	spin_lock_irqsave(&gsmi_dev.lock, flags);
838 
839 	memset(gsmi_dev.param_buf->start, 0, gsmi_dev.param_buf->length);
840 
841 	gsmi_exec(GSMI_CALLBACK, cmd);
842 
843 	spin_unlock_irqrestore(&gsmi_dev.lock, flags);
844 }
845 
gsmi_log_s0ix_suspend(struct device * dev)846 static int gsmi_log_s0ix_suspend(struct device *dev)
847 {
848 	/*
849 	 * If system is not suspending via firmware using the standard ACPI Sx
850 	 * types, then make a GSMI call to log the suspend info.
851 	 */
852 	if (!pm_suspend_via_firmware())
853 		gsmi_log_s0ix_info(GSMI_CMD_LOG_S0IX_SUSPEND);
854 
855 	/*
856 	 * Always return success, since we do not want suspend
857 	 * to fail just because of logging failure.
858 	 */
859 	return 0;
860 }
861 
gsmi_log_s0ix_resume(struct device * dev)862 static int gsmi_log_s0ix_resume(struct device *dev)
863 {
864 	/*
865 	 * If system did not resume via firmware, then make a GSMI call to log
866 	 * the resume info and wake source.
867 	 */
868 	if (!pm_resume_via_firmware())
869 		gsmi_log_s0ix_info(GSMI_CMD_LOG_S0IX_RESUME);
870 
871 	/*
872 	 * Always return success, since we do not want resume
873 	 * to fail just because of logging failure.
874 	 */
875 	return 0;
876 }
877 
878 static const struct dev_pm_ops gsmi_pm_ops = {
879 	.suspend_noirq = gsmi_log_s0ix_suspend,
880 	.resume_noirq = gsmi_log_s0ix_resume,
881 };
882 
gsmi_platform_driver_probe(struct platform_device * dev)883 static int gsmi_platform_driver_probe(struct platform_device *dev)
884 {
885 	return 0;
886 }
887 
888 static struct platform_driver gsmi_driver_info = {
889 	.driver = {
890 		.name = "gsmi",
891 		.pm = &gsmi_pm_ops,
892 	},
893 	.probe = gsmi_platform_driver_probe,
894 };
895 #endif
896 
gsmi_init(void)897 static __init int gsmi_init(void)
898 {
899 	unsigned long flags;
900 	int ret;
901 
902 	ret = gsmi_system_valid();
903 	if (ret)
904 		return ret;
905 
906 	gsmi_dev.smi_cmd = acpi_gbl_FADT.smi_command;
907 
908 #ifdef CONFIG_PM
909 	ret = platform_driver_register(&gsmi_driver_info);
910 	if (unlikely(ret)) {
911 		printk(KERN_ERR "gsmi: unable to register platform driver\n");
912 		return ret;
913 	}
914 #endif
915 
916 	/* register device */
917 	gsmi_dev.pdev = platform_device_register_full(&gsmi_dev_info);
918 	if (IS_ERR(gsmi_dev.pdev)) {
919 		printk(KERN_ERR "gsmi: unable to register platform device\n");
920 		return PTR_ERR(gsmi_dev.pdev);
921 	}
922 
923 	/* SMI access needs to be serialized */
924 	spin_lock_init(&gsmi_dev.lock);
925 
926 	ret = -ENOMEM;
927 
928 	/*
929 	 * SLAB cache is created using SLAB_CACHE_DMA32 to ensure that the
930 	 * allocations for gsmi_buf come from the DMA32 memory zone. These
931 	 * buffers have nothing to do with DMA. They are required for
932 	 * communication with firmware executing in SMI mode which can only
933 	 * access the bottom 4GiB of physical memory. Since DMA32 memory zone
934 	 * guarantees allocation under the 4GiB boundary, this driver creates
935 	 * a SLAB cache with SLAB_CACHE_DMA32 flag.
936 	 */
937 	gsmi_dev.mem_pool = kmem_cache_create("gsmi", GSMI_BUF_SIZE,
938 					      GSMI_BUF_ALIGN,
939 					      SLAB_CACHE_DMA32, NULL);
940 	if (!gsmi_dev.mem_pool)
941 		goto out_err;
942 
943 	/*
944 	 * pre-allocate buffers because sometimes we are called when
945 	 * this is not feasible: oops, panic, die, mce, etc
946 	 */
947 	gsmi_dev.name_buf = gsmi_buf_alloc();
948 	if (!gsmi_dev.name_buf) {
949 		printk(KERN_ERR "gsmi: failed to allocate name buffer\n");
950 		goto out_err;
951 	}
952 
953 	gsmi_dev.data_buf = gsmi_buf_alloc();
954 	if (!gsmi_dev.data_buf) {
955 		printk(KERN_ERR "gsmi: failed to allocate data buffer\n");
956 		goto out_err;
957 	}
958 
959 	gsmi_dev.param_buf = gsmi_buf_alloc();
960 	if (!gsmi_dev.param_buf) {
961 		printk(KERN_ERR "gsmi: failed to allocate param buffer\n");
962 		goto out_err;
963 	}
964 
965 	/*
966 	 * Determine type of handshake used to serialize the SMI
967 	 * entry. See also gsmi_exec().
968 	 *
969 	 * There's a "behavior" present on some chipsets where writing the
970 	 * SMI trigger register in the southbridge doesn't result in an
971 	 * immediate SMI. Rather, the processor can execute "a few" more
972 	 * instructions before the SMI takes effect. To ensure synchronous
973 	 * behavior, implement a handshake between the kernel driver and the
974 	 * firmware handler to spin until released. This ioctl determines
975 	 * the type of handshake.
976 	 *
977 	 * NONE: The firmware handler does not implement any
978 	 * handshake. Either it doesn't need to, or it's legacy firmware
979 	 * that doesn't know it needs to and never will.
980 	 *
981 	 * CF: The firmware handler will clear the CF in the saved
982 	 * state before returning. The driver may set the CF and test for
983 	 * it to clear before proceeding.
984 	 *
985 	 * SPIN: The firmware handler does not implement any handshake
986 	 * but the driver should spin for a hundred or so microseconds
987 	 * to ensure the SMI has triggered.
988 	 *
989 	 * Finally, the handler will return -ENOSYS if
990 	 * GSMI_CMD_HANDSHAKE_TYPE is unimplemented, which implies
991 	 * HANDSHAKE_NONE.
992 	 */
993 	spin_lock_irqsave(&gsmi_dev.lock, flags);
994 	gsmi_dev.handshake_type = GSMI_HANDSHAKE_SPIN;
995 	gsmi_dev.handshake_type =
996 	    gsmi_exec(GSMI_CALLBACK, GSMI_CMD_HANDSHAKE_TYPE);
997 	if (gsmi_dev.handshake_type == -ENOSYS)
998 		gsmi_dev.handshake_type = GSMI_HANDSHAKE_NONE;
999 	spin_unlock_irqrestore(&gsmi_dev.lock, flags);
1000 
1001 	/* Remove and clean up gsmi if the handshake could not complete. */
1002 	if (gsmi_dev.handshake_type == -ENXIO) {
1003 		printk(KERN_INFO "gsmi version " DRIVER_VERSION
1004 		       " failed to load\n");
1005 		ret = -ENODEV;
1006 		goto out_err;
1007 	}
1008 
1009 	/* Register in the firmware directory */
1010 	ret = -ENOMEM;
1011 	gsmi_kobj = kobject_create_and_add("gsmi", firmware_kobj);
1012 	if (!gsmi_kobj) {
1013 		printk(KERN_INFO "gsmi: Failed to create firmware kobj\n");
1014 		goto out_err;
1015 	}
1016 
1017 	/* Setup eventlog access */
1018 	ret = sysfs_create_bin_file(gsmi_kobj, &eventlog_bin_attr);
1019 	if (ret) {
1020 		printk(KERN_INFO "gsmi: Failed to setup eventlog");
1021 		goto out_err;
1022 	}
1023 
1024 	/* Other attributes */
1025 	ret = sysfs_create_files(gsmi_kobj, gsmi_attrs);
1026 	if (ret) {
1027 		printk(KERN_INFO "gsmi: Failed to add attrs");
1028 		goto out_remove_bin_file;
1029 	}
1030 
1031 #ifdef CONFIG_EFI
1032 	ret = efivars_register(&efivars, &efivar_ops, gsmi_kobj);
1033 	if (ret) {
1034 		printk(KERN_INFO "gsmi: Failed to register efivars\n");
1035 		sysfs_remove_files(gsmi_kobj, gsmi_attrs);
1036 		goto out_remove_bin_file;
1037 	}
1038 #endif
1039 
1040 	register_reboot_notifier(&gsmi_reboot_notifier);
1041 	register_die_notifier(&gsmi_die_notifier);
1042 	atomic_notifier_chain_register(&panic_notifier_list,
1043 				       &gsmi_panic_notifier);
1044 
1045 	printk(KERN_INFO "gsmi version " DRIVER_VERSION " loaded\n");
1046 
1047 	return 0;
1048 
1049 out_remove_bin_file:
1050 	sysfs_remove_bin_file(gsmi_kobj, &eventlog_bin_attr);
1051 out_err:
1052 	kobject_put(gsmi_kobj);
1053 	gsmi_buf_free(gsmi_dev.param_buf);
1054 	gsmi_buf_free(gsmi_dev.data_buf);
1055 	gsmi_buf_free(gsmi_dev.name_buf);
1056 	kmem_cache_destroy(gsmi_dev.mem_pool);
1057 	platform_device_unregister(gsmi_dev.pdev);
1058 	pr_info("gsmi: failed to load: %d\n", ret);
1059 #ifdef CONFIG_PM
1060 	platform_driver_unregister(&gsmi_driver_info);
1061 #endif
1062 	return ret;
1063 }
1064 
gsmi_exit(void)1065 static void __exit gsmi_exit(void)
1066 {
1067 	unregister_reboot_notifier(&gsmi_reboot_notifier);
1068 	unregister_die_notifier(&gsmi_die_notifier);
1069 	atomic_notifier_chain_unregister(&panic_notifier_list,
1070 					 &gsmi_panic_notifier);
1071 #ifdef CONFIG_EFI
1072 	efivars_unregister(&efivars);
1073 #endif
1074 
1075 	sysfs_remove_files(gsmi_kobj, gsmi_attrs);
1076 	sysfs_remove_bin_file(gsmi_kobj, &eventlog_bin_attr);
1077 	kobject_put(gsmi_kobj);
1078 	gsmi_buf_free(gsmi_dev.param_buf);
1079 	gsmi_buf_free(gsmi_dev.data_buf);
1080 	gsmi_buf_free(gsmi_dev.name_buf);
1081 	kmem_cache_destroy(gsmi_dev.mem_pool);
1082 	platform_device_unregister(gsmi_dev.pdev);
1083 #ifdef CONFIG_PM
1084 	platform_driver_unregister(&gsmi_driver_info);
1085 #endif
1086 }
1087 
1088 module_init(gsmi_init);
1089 module_exit(gsmi_exit);
1090 
1091 MODULE_AUTHOR("Google, Inc.");
1092 MODULE_LICENSE("GPL");
1093