xref: /openbmc/linux/drivers/cxl/core/mbox.c (revision 1f012283)
1 // SPDX-License-Identifier: GPL-2.0-only
2 /* Copyright(c) 2020 Intel Corporation. All rights reserved. */
3 #include <linux/io-64-nonatomic-lo-hi.h>
4 #include <linux/security.h>
5 #include <linux/debugfs.h>
6 #include <linux/mutex.h>
7 #include <cxlmem.h>
8 #include <cxl.h>
9 
10 #include "core.h"
11 
12 static bool cxl_raw_allow_all;
13 
14 /**
15  * DOC: cxl mbox
16  *
17  * Core implementation of the CXL 2.0 Type-3 Memory Device Mailbox. The
18  * implementation is used by the cxl_pci driver to initialize the device
19  * and implement the cxl_mem.h IOCTL UAPI. It also implements the
20  * backend of the cxl_pmem_ctl() transport for LIBNVDIMM.
21  */
22 
23 #define cxl_for_each_cmd(cmd)                                                  \
24 	for ((cmd) = &cxl_mem_commands[0];                                     \
25 	     ((cmd) - cxl_mem_commands) < ARRAY_SIZE(cxl_mem_commands); (cmd)++)
26 
27 #define CXL_CMD(_id, sin, sout, _flags)                                        \
28 	[CXL_MEM_COMMAND_ID_##_id] = {                                         \
29 	.info =	{                                                              \
30 			.id = CXL_MEM_COMMAND_ID_##_id,                        \
31 			.size_in = sin,                                        \
32 			.size_out = sout,                                      \
33 		},                                                             \
34 	.opcode = CXL_MBOX_OP_##_id,                                           \
35 	.flags = _flags,                                                       \
36 	}
37 
38 /*
39  * This table defines the supported mailbox commands for the driver. This table
40  * is made up of a UAPI structure. Non-negative values as parameters in the
41  * table will be validated against the user's input. For example, if size_in is
42  * 0, and the user passed in 1, it is an error.
43  */
44 static struct cxl_mem_command cxl_mem_commands[CXL_MEM_COMMAND_ID_MAX] = {
45 	CXL_CMD(IDENTIFY, 0, 0x43, CXL_CMD_FLAG_FORCE_ENABLE),
46 #ifdef CONFIG_CXL_MEM_RAW_COMMANDS
47 	CXL_CMD(RAW, ~0, ~0, 0),
48 #endif
49 	CXL_CMD(GET_SUPPORTED_LOGS, 0, ~0, CXL_CMD_FLAG_FORCE_ENABLE),
50 	CXL_CMD(GET_FW_INFO, 0, 0x50, 0),
51 	CXL_CMD(GET_PARTITION_INFO, 0, 0x20, 0),
52 	CXL_CMD(GET_LSA, 0x8, ~0, 0),
53 	CXL_CMD(GET_HEALTH_INFO, 0, 0x12, 0),
54 	CXL_CMD(GET_LOG, 0x18, ~0, CXL_CMD_FLAG_FORCE_ENABLE),
55 	CXL_CMD(SET_PARTITION_INFO, 0x0a, 0, 0),
56 	CXL_CMD(SET_LSA, ~0, 0, 0),
57 	CXL_CMD(GET_ALERT_CONFIG, 0, 0x10, 0),
58 	CXL_CMD(SET_ALERT_CONFIG, 0xc, 0, 0),
59 	CXL_CMD(GET_SHUTDOWN_STATE, 0, 0x1, 0),
60 	CXL_CMD(SET_SHUTDOWN_STATE, 0x1, 0, 0),
61 	CXL_CMD(GET_POISON, 0x10, ~0, 0),
62 	CXL_CMD(INJECT_POISON, 0x8, 0, 0),
63 	CXL_CMD(CLEAR_POISON, 0x48, 0, 0),
64 	CXL_CMD(GET_SCAN_MEDIA_CAPS, 0x10, 0x4, 0),
65 	CXL_CMD(SCAN_MEDIA, 0x11, 0, 0),
66 	CXL_CMD(GET_SCAN_MEDIA, 0, ~0, 0),
67 };
68 
69 /*
70  * Commands that RAW doesn't permit. The rationale for each:
71  *
72  * CXL_MBOX_OP_ACTIVATE_FW: Firmware activation requires adjustment /
73  * coordination of transaction timeout values at the root bridge level.
74  *
75  * CXL_MBOX_OP_SET_PARTITION_INFO: The device memory map may change live
76  * and needs to be coordinated with HDM updates.
77  *
78  * CXL_MBOX_OP_SET_LSA: The label storage area may be cached by the
79  * driver and any writes from userspace invalidates those contents.
80  *
81  * CXL_MBOX_OP_SET_SHUTDOWN_STATE: Set shutdown state assumes no writes
82  * to the device after it is marked clean, userspace can not make that
83  * assertion.
84  *
85  * CXL_MBOX_OP_[GET_]SCAN_MEDIA: The kernel provides a native error list that
86  * is kept up to date with patrol notifications and error management.
87  */
88 static u16 cxl_disabled_raw_commands[] = {
89 	CXL_MBOX_OP_ACTIVATE_FW,
90 	CXL_MBOX_OP_SET_PARTITION_INFO,
91 	CXL_MBOX_OP_SET_LSA,
92 	CXL_MBOX_OP_SET_SHUTDOWN_STATE,
93 	CXL_MBOX_OP_SCAN_MEDIA,
94 	CXL_MBOX_OP_GET_SCAN_MEDIA,
95 };
96 
97 /*
98  * Command sets that RAW doesn't permit. All opcodes in this set are
99  * disabled because they pass plain text security payloads over the
100  * user/kernel boundary. This functionality is intended to be wrapped
101  * behind the keys ABI which allows for encrypted payloads in the UAPI
102  */
103 static u8 security_command_sets[] = {
104 	0x44, /* Sanitize */
105 	0x45, /* Persistent Memory Data-at-rest Security */
106 	0x46, /* Security Passthrough */
107 };
108 
109 static bool cxl_is_security_command(u16 opcode)
110 {
111 	int i;
112 
113 	for (i = 0; i < ARRAY_SIZE(security_command_sets); i++)
114 		if (security_command_sets[i] == (opcode >> 8))
115 			return true;
116 	return false;
117 }
118 
119 static struct cxl_mem_command *cxl_mem_find_command(u16 opcode)
120 {
121 	struct cxl_mem_command *c;
122 
123 	cxl_for_each_cmd(c)
124 		if (c->opcode == opcode)
125 			return c;
126 
127 	return NULL;
128 }
129 
130 /**
131  * cxl_mem_mbox_send_cmd() - Send a mailbox command to a memory device.
132  * @cxlm: The CXL memory device to communicate with.
133  * @opcode: Opcode for the mailbox command.
134  * @in: The input payload for the mailbox command.
135  * @in_size: The length of the input payload
136  * @out: Caller allocated buffer for the output.
137  * @out_size: Expected size of output.
138  *
139  * Context: Any context. Will acquire and release mbox_mutex.
140  * Return:
141  *  * %>=0	- Number of bytes returned in @out.
142  *  * %-E2BIG	- Payload is too large for hardware.
143  *  * %-EBUSY	- Couldn't acquire exclusive mailbox access.
144  *  * %-EFAULT	- Hardware error occurred.
145  *  * %-ENXIO	- Command completed, but device reported an error.
146  *  * %-EIO	- Unexpected output size.
147  *
148  * Mailbox commands may execute successfully yet the device itself reported an
149  * error. While this distinction can be useful for commands from userspace, the
150  * kernel will only be able to use results when both are successful.
151  *
152  * See __cxl_mem_mbox_send_cmd()
153  */
154 int cxl_mem_mbox_send_cmd(struct cxl_mem *cxlm, u16 opcode, void *in,
155 			  size_t in_size, void *out, size_t out_size)
156 {
157 	const struct cxl_mem_command *cmd = cxl_mem_find_command(opcode);
158 	struct cxl_mbox_cmd mbox_cmd = {
159 		.opcode = opcode,
160 		.payload_in = in,
161 		.size_in = in_size,
162 		.size_out = out_size,
163 		.payload_out = out,
164 	};
165 	int rc;
166 
167 	if (out_size > cxlm->payload_size)
168 		return -E2BIG;
169 
170 	rc = cxlm->mbox_send(cxlm, &mbox_cmd);
171 	if (rc)
172 		return rc;
173 
174 	/* TODO: Map return code to proper kernel style errno */
175 	if (mbox_cmd.return_code != CXL_MBOX_SUCCESS)
176 		return -ENXIO;
177 
178 	/*
179 	 * Variable sized commands can't be validated and so it's up to the
180 	 * caller to do that if they wish.
181 	 */
182 	if (cmd->info.size_out >= 0 && mbox_cmd.size_out != out_size)
183 		return -EIO;
184 
185 	return 0;
186 }
187 EXPORT_SYMBOL_GPL(cxl_mem_mbox_send_cmd);
188 
189 static bool cxl_mem_raw_command_allowed(u16 opcode)
190 {
191 	int i;
192 
193 	if (!IS_ENABLED(CONFIG_CXL_MEM_RAW_COMMANDS))
194 		return false;
195 
196 	if (security_locked_down(LOCKDOWN_PCI_ACCESS))
197 		return false;
198 
199 	if (cxl_raw_allow_all)
200 		return true;
201 
202 	if (cxl_is_security_command(opcode))
203 		return false;
204 
205 	for (i = 0; i < ARRAY_SIZE(cxl_disabled_raw_commands); i++)
206 		if (cxl_disabled_raw_commands[i] == opcode)
207 			return false;
208 
209 	return true;
210 }
211 
212 /**
213  * cxl_validate_cmd_from_user() - Check fields for CXL_MEM_SEND_COMMAND.
214  * @cxlm: &struct cxl_mem device whose mailbox will be used.
215  * @send_cmd: &struct cxl_send_command copied in from userspace.
216  * @out_cmd: Sanitized and populated &struct cxl_mem_command.
217  *
218  * Return:
219  *  * %0	- @out_cmd is ready to send.
220  *  * %-ENOTTY	- Invalid command specified.
221  *  * %-EINVAL	- Reserved fields or invalid values were used.
222  *  * %-ENOMEM	- Input or output buffer wasn't sized properly.
223  *  * %-EPERM	- Attempted to use a protected command.
224  *  * %-EBUSY	- Kernel has claimed exclusive access to this opcode
225  *
226  * The result of this command is a fully validated command in @out_cmd that is
227  * safe to send to the hardware.
228  *
229  * See handle_mailbox_cmd_from_user()
230  */
231 static int cxl_validate_cmd_from_user(struct cxl_mem *cxlm,
232 				      const struct cxl_send_command *send_cmd,
233 				      struct cxl_mem_command *out_cmd)
234 {
235 	const struct cxl_command_info *info;
236 	struct cxl_mem_command *c;
237 
238 	if (send_cmd->id == 0 || send_cmd->id >= CXL_MEM_COMMAND_ID_MAX)
239 		return -ENOTTY;
240 
241 	/*
242 	 * The user can never specify an input payload larger than what hardware
243 	 * supports, but output can be arbitrarily large (simply write out as
244 	 * much data as the hardware provides).
245 	 */
246 	if (send_cmd->in.size > cxlm->payload_size)
247 		return -EINVAL;
248 
249 	/*
250 	 * Checks are bypassed for raw commands but a WARN/taint will occur
251 	 * later in the callchain
252 	 */
253 	if (send_cmd->id == CXL_MEM_COMMAND_ID_RAW) {
254 		const struct cxl_mem_command temp = {
255 			.info = {
256 				.id = CXL_MEM_COMMAND_ID_RAW,
257 				.flags = 0,
258 				.size_in = send_cmd->in.size,
259 				.size_out = send_cmd->out.size,
260 			},
261 			.opcode = send_cmd->raw.opcode
262 		};
263 
264 		if (send_cmd->raw.rsvd)
265 			return -EINVAL;
266 
267 		/*
268 		 * Unlike supported commands, the output size of RAW commands
269 		 * gets passed along without further checking, so it must be
270 		 * validated here.
271 		 */
272 		if (send_cmd->out.size > cxlm->payload_size)
273 			return -EINVAL;
274 
275 		if (!cxl_mem_raw_command_allowed(send_cmd->raw.opcode))
276 			return -EPERM;
277 
278 		memcpy(out_cmd, &temp, sizeof(temp));
279 
280 		return 0;
281 	}
282 
283 	if (send_cmd->flags & ~CXL_MEM_COMMAND_FLAG_MASK)
284 		return -EINVAL;
285 
286 	if (send_cmd->rsvd)
287 		return -EINVAL;
288 
289 	if (send_cmd->in.rsvd || send_cmd->out.rsvd)
290 		return -EINVAL;
291 
292 	/* Convert user's command into the internal representation */
293 	c = &cxl_mem_commands[send_cmd->id];
294 	info = &c->info;
295 
296 	/* Check that the command is enabled for hardware */
297 	if (!test_bit(info->id, cxlm->enabled_cmds))
298 		return -ENOTTY;
299 
300 	/* Check that the command is not claimed for exclusive kernel use */
301 	if (test_bit(info->id, cxlm->exclusive_cmds))
302 		return -EBUSY;
303 
304 	/* Check the input buffer is the expected size */
305 	if (info->size_in >= 0 && info->size_in != send_cmd->in.size)
306 		return -ENOMEM;
307 
308 	/* Check the output buffer is at least large enough */
309 	if (info->size_out >= 0 && send_cmd->out.size < info->size_out)
310 		return -ENOMEM;
311 
312 	memcpy(out_cmd, c, sizeof(*c));
313 	out_cmd->info.size_in = send_cmd->in.size;
314 	/*
315 	 * XXX: out_cmd->info.size_out will be controlled by the driver, and the
316 	 * specified number of bytes @send_cmd->out.size will be copied back out
317 	 * to userspace.
318 	 */
319 
320 	return 0;
321 }
322 
323 int cxl_query_cmd(struct cxl_memdev *cxlmd,
324 		  struct cxl_mem_query_commands __user *q)
325 {
326 	struct device *dev = &cxlmd->dev;
327 	struct cxl_mem_command *cmd;
328 	u32 n_commands;
329 	int j = 0;
330 
331 	dev_dbg(dev, "Query IOCTL\n");
332 
333 	if (get_user(n_commands, &q->n_commands))
334 		return -EFAULT;
335 
336 	/* returns the total number if 0 elements are requested. */
337 	if (n_commands == 0)
338 		return put_user(ARRAY_SIZE(cxl_mem_commands), &q->n_commands);
339 
340 	/*
341 	 * otherwise, return max(n_commands, total commands) cxl_command_info
342 	 * structures.
343 	 */
344 	cxl_for_each_cmd(cmd) {
345 		const struct cxl_command_info *info = &cmd->info;
346 
347 		if (copy_to_user(&q->commands[j++], info, sizeof(*info)))
348 			return -EFAULT;
349 
350 		if (j == n_commands)
351 			break;
352 	}
353 
354 	return 0;
355 }
356 
357 /**
358  * handle_mailbox_cmd_from_user() - Dispatch a mailbox command for userspace.
359  * @cxlm: The CXL memory device to communicate with.
360  * @cmd: The validated command.
361  * @in_payload: Pointer to userspace's input payload.
362  * @out_payload: Pointer to userspace's output payload.
363  * @size_out: (Input) Max payload size to copy out.
364  *            (Output) Payload size hardware generated.
365  * @retval: Hardware generated return code from the operation.
366  *
367  * Return:
368  *  * %0	- Mailbox transaction succeeded. This implies the mailbox
369  *		  protocol completed successfully not that the operation itself
370  *		  was successful.
371  *  * %-ENOMEM  - Couldn't allocate a bounce buffer.
372  *  * %-EFAULT	- Something happened with copy_to/from_user.
373  *  * %-EINTR	- Mailbox acquisition interrupted.
374  *  * %-EXXX	- Transaction level failures.
375  *
376  * Creates the appropriate mailbox command and dispatches it on behalf of a
377  * userspace request. The input and output payloads are copied between
378  * userspace.
379  *
380  * See cxl_send_cmd().
381  */
382 static int handle_mailbox_cmd_from_user(struct cxl_mem *cxlm,
383 					const struct cxl_mem_command *cmd,
384 					u64 in_payload, u64 out_payload,
385 					s32 *size_out, u32 *retval)
386 {
387 	struct device *dev = cxlm->dev;
388 	struct cxl_mbox_cmd mbox_cmd = {
389 		.opcode = cmd->opcode,
390 		.size_in = cmd->info.size_in,
391 		.size_out = cmd->info.size_out,
392 	};
393 	int rc;
394 
395 	if (cmd->info.size_out) {
396 		mbox_cmd.payload_out = kvzalloc(cmd->info.size_out, GFP_KERNEL);
397 		if (!mbox_cmd.payload_out)
398 			return -ENOMEM;
399 	}
400 
401 	if (cmd->info.size_in) {
402 		mbox_cmd.payload_in = vmemdup_user(u64_to_user_ptr(in_payload),
403 						   cmd->info.size_in);
404 		if (IS_ERR(mbox_cmd.payload_in)) {
405 			kvfree(mbox_cmd.payload_out);
406 			return PTR_ERR(mbox_cmd.payload_in);
407 		}
408 	}
409 
410 	dev_dbg(dev,
411 		"Submitting %s command for user\n"
412 		"\topcode: %x\n"
413 		"\tsize: %ub\n",
414 		cxl_command_names[cmd->info.id].name, mbox_cmd.opcode,
415 		cmd->info.size_in);
416 
417 	dev_WARN_ONCE(dev, cmd->info.id == CXL_MEM_COMMAND_ID_RAW,
418 		      "raw command path used\n");
419 
420 	rc = cxlm->mbox_send(cxlm, &mbox_cmd);
421 	if (rc)
422 		goto out;
423 
424 	/*
425 	 * @size_out contains the max size that's allowed to be written back out
426 	 * to userspace. While the payload may have written more output than
427 	 * this it will have to be ignored.
428 	 */
429 	if (mbox_cmd.size_out) {
430 		dev_WARN_ONCE(dev, mbox_cmd.size_out > *size_out,
431 			      "Invalid return size\n");
432 		if (copy_to_user(u64_to_user_ptr(out_payload),
433 				 mbox_cmd.payload_out, mbox_cmd.size_out)) {
434 			rc = -EFAULT;
435 			goto out;
436 		}
437 	}
438 
439 	*size_out = mbox_cmd.size_out;
440 	*retval = mbox_cmd.return_code;
441 
442 out:
443 	kvfree(mbox_cmd.payload_in);
444 	kvfree(mbox_cmd.payload_out);
445 	return rc;
446 }
447 
448 int cxl_send_cmd(struct cxl_memdev *cxlmd, struct cxl_send_command __user *s)
449 {
450 	struct cxl_mem *cxlm = cxlmd->cxlm;
451 	struct device *dev = &cxlmd->dev;
452 	struct cxl_send_command send;
453 	struct cxl_mem_command c;
454 	int rc;
455 
456 	dev_dbg(dev, "Send IOCTL\n");
457 
458 	if (copy_from_user(&send, s, sizeof(send)))
459 		return -EFAULT;
460 
461 	rc = cxl_validate_cmd_from_user(cxlmd->cxlm, &send, &c);
462 	if (rc)
463 		return rc;
464 
465 	/* Prepare to handle a full payload for variable sized output */
466 	if (c.info.size_out < 0)
467 		c.info.size_out = cxlm->payload_size;
468 
469 	rc = handle_mailbox_cmd_from_user(cxlm, &c, send.in.payload,
470 					  send.out.payload, &send.out.size,
471 					  &send.retval);
472 	if (rc)
473 		return rc;
474 
475 	if (copy_to_user(s, &send, sizeof(send)))
476 		return -EFAULT;
477 
478 	return 0;
479 }
480 
481 static int cxl_xfer_log(struct cxl_mem *cxlm, uuid_t *uuid, u32 size, u8 *out)
482 {
483 	u32 remaining = size;
484 	u32 offset = 0;
485 
486 	while (remaining) {
487 		u32 xfer_size = min_t(u32, remaining, cxlm->payload_size);
488 		struct cxl_mbox_get_log log = {
489 			.uuid = *uuid,
490 			.offset = cpu_to_le32(offset),
491 			.length = cpu_to_le32(xfer_size)
492 		};
493 		int rc;
494 
495 		rc = cxl_mem_mbox_send_cmd(cxlm, CXL_MBOX_OP_GET_LOG, &log,
496 					   sizeof(log), out, xfer_size);
497 		if (rc < 0)
498 			return rc;
499 
500 		out += xfer_size;
501 		remaining -= xfer_size;
502 		offset += xfer_size;
503 	}
504 
505 	return 0;
506 }
507 
508 /**
509  * cxl_walk_cel() - Walk through the Command Effects Log.
510  * @cxlm: Device.
511  * @size: Length of the Command Effects Log.
512  * @cel: CEL
513  *
514  * Iterate over each entry in the CEL and determine if the driver supports the
515  * command. If so, the command is enabled for the device and can be used later.
516  */
517 static void cxl_walk_cel(struct cxl_mem *cxlm, size_t size, u8 *cel)
518 {
519 	struct cxl_cel_entry *cel_entry;
520 	const int cel_entries = size / sizeof(*cel_entry);
521 	int i;
522 
523 	cel_entry = (struct cxl_cel_entry *) cel;
524 
525 	for (i = 0; i < cel_entries; i++) {
526 		u16 opcode = le16_to_cpu(cel_entry[i].opcode);
527 		struct cxl_mem_command *cmd = cxl_mem_find_command(opcode);
528 
529 		if (!cmd) {
530 			dev_dbg(cxlm->dev,
531 				"Opcode 0x%04x unsupported by driver", opcode);
532 			continue;
533 		}
534 
535 		set_bit(cmd->info.id, cxlm->enabled_cmds);
536 	}
537 }
538 
539 static struct cxl_mbox_get_supported_logs *cxl_get_gsl(struct cxl_mem *cxlm)
540 {
541 	struct cxl_mbox_get_supported_logs *ret;
542 	int rc;
543 
544 	ret = kvmalloc(cxlm->payload_size, GFP_KERNEL);
545 	if (!ret)
546 		return ERR_PTR(-ENOMEM);
547 
548 	rc = cxl_mem_mbox_send_cmd(cxlm, CXL_MBOX_OP_GET_SUPPORTED_LOGS, NULL,
549 				   0, ret, cxlm->payload_size);
550 	if (rc < 0) {
551 		kvfree(ret);
552 		return ERR_PTR(rc);
553 	}
554 
555 	return ret;
556 }
557 
558 enum {
559 	CEL_UUID,
560 	VENDOR_DEBUG_UUID,
561 };
562 
563 /* See CXL 2.0 Table 170. Get Log Input Payload */
564 static const uuid_t log_uuid[] = {
565 	[CEL_UUID] = DEFINE_CXL_CEL_UUID,
566 	[VENDOR_DEBUG_UUID] = DEFINE_CXL_VENDOR_DEBUG_UUID,
567 };
568 
569 /**
570  * cxl_mem_enumerate_cmds() - Enumerate commands for a device.
571  * @cxlm: The device.
572  *
573  * Returns 0 if enumerate completed successfully.
574  *
575  * CXL devices have optional support for certain commands. This function will
576  * determine the set of supported commands for the hardware and update the
577  * enabled_cmds bitmap in the @cxlm.
578  */
579 int cxl_mem_enumerate_cmds(struct cxl_mem *cxlm)
580 {
581 	struct cxl_mbox_get_supported_logs *gsl;
582 	struct device *dev = cxlm->dev;
583 	struct cxl_mem_command *cmd;
584 	int i, rc;
585 
586 	gsl = cxl_get_gsl(cxlm);
587 	if (IS_ERR(gsl))
588 		return PTR_ERR(gsl);
589 
590 	rc = -ENOENT;
591 	for (i = 0; i < le16_to_cpu(gsl->entries); i++) {
592 		u32 size = le32_to_cpu(gsl->entry[i].size);
593 		uuid_t uuid = gsl->entry[i].uuid;
594 		u8 *log;
595 
596 		dev_dbg(dev, "Found LOG type %pU of size %d", &uuid, size);
597 
598 		if (!uuid_equal(&uuid, &log_uuid[CEL_UUID]))
599 			continue;
600 
601 		log = kvmalloc(size, GFP_KERNEL);
602 		if (!log) {
603 			rc = -ENOMEM;
604 			goto out;
605 		}
606 
607 		rc = cxl_xfer_log(cxlm, &uuid, size, log);
608 		if (rc) {
609 			kvfree(log);
610 			goto out;
611 		}
612 
613 		cxl_walk_cel(cxlm, size, log);
614 		kvfree(log);
615 
616 		/* In case CEL was bogus, enable some default commands. */
617 		cxl_for_each_cmd(cmd)
618 			if (cmd->flags & CXL_CMD_FLAG_FORCE_ENABLE)
619 				set_bit(cmd->info.id, cxlm->enabled_cmds);
620 
621 		/* Found the required CEL */
622 		rc = 0;
623 	}
624 
625 out:
626 	kvfree(gsl);
627 	return rc;
628 }
629 EXPORT_SYMBOL_GPL(cxl_mem_enumerate_cmds);
630 
631 /**
632  * cxl_mem_get_partition_info - Get partition info
633  * @cxlm: cxl_mem instance to update partition info
634  *
635  * Retrieve the current partition info for the device specified.  The active
636  * values are the current capacity in bytes.  If not 0, the 'next' values are
637  * the pending values, in bytes, which take affect on next cold reset.
638  *
639  * Return: 0 if no error: or the result of the mailbox command.
640  *
641  * See CXL @8.2.9.5.2.1 Get Partition Info
642  */
643 static int cxl_mem_get_partition_info(struct cxl_mem *cxlm)
644 {
645 	struct cxl_mbox_get_partition_info {
646 		__le64 active_volatile_cap;
647 		__le64 active_persistent_cap;
648 		__le64 next_volatile_cap;
649 		__le64 next_persistent_cap;
650 	} __packed pi;
651 	int rc;
652 
653 	rc = cxl_mem_mbox_send_cmd(cxlm, CXL_MBOX_OP_GET_PARTITION_INFO,
654 				   NULL, 0, &pi, sizeof(pi));
655 
656 	if (rc)
657 		return rc;
658 
659 	cxlm->active_volatile_bytes =
660 		le64_to_cpu(pi.active_volatile_cap) * CXL_CAPACITY_MULTIPLIER;
661 	cxlm->active_persistent_bytes =
662 		le64_to_cpu(pi.active_persistent_cap) * CXL_CAPACITY_MULTIPLIER;
663 	cxlm->next_volatile_bytes =
664 		le64_to_cpu(pi.next_volatile_cap) * CXL_CAPACITY_MULTIPLIER;
665 	cxlm->next_persistent_bytes =
666 		le64_to_cpu(pi.next_volatile_cap) * CXL_CAPACITY_MULTIPLIER;
667 
668 	return 0;
669 }
670 
671 /**
672  * cxl_mem_identify() - Send the IDENTIFY command to the device.
673  * @cxlm: The device to identify.
674  *
675  * Return: 0 if identify was executed successfully.
676  *
677  * This will dispatch the identify command to the device and on success populate
678  * structures to be exported to sysfs.
679  */
680 int cxl_mem_identify(struct cxl_mem *cxlm)
681 {
682 	/* See CXL 2.0 Table 175 Identify Memory Device Output Payload */
683 	struct cxl_mbox_identify id;
684 	int rc;
685 
686 	rc = cxl_mem_mbox_send_cmd(cxlm, CXL_MBOX_OP_IDENTIFY, NULL, 0, &id,
687 				   sizeof(id));
688 	if (rc < 0)
689 		return rc;
690 
691 	cxlm->total_bytes =
692 		le64_to_cpu(id.total_capacity) * CXL_CAPACITY_MULTIPLIER;
693 	cxlm->volatile_only_bytes =
694 		le64_to_cpu(id.volatile_capacity) * CXL_CAPACITY_MULTIPLIER;
695 	cxlm->persistent_only_bytes =
696 		le64_to_cpu(id.persistent_capacity) * CXL_CAPACITY_MULTIPLIER;
697 	cxlm->partition_align_bytes =
698 		le64_to_cpu(id.partition_align) * CXL_CAPACITY_MULTIPLIER;
699 
700 	dev_dbg(cxlm->dev,
701 		"Identify Memory Device\n"
702 		"     total_bytes = %#llx\n"
703 		"     volatile_only_bytes = %#llx\n"
704 		"     persistent_only_bytes = %#llx\n"
705 		"     partition_align_bytes = %#llx\n",
706 		cxlm->total_bytes, cxlm->volatile_only_bytes,
707 		cxlm->persistent_only_bytes, cxlm->partition_align_bytes);
708 
709 	cxlm->lsa_size = le32_to_cpu(id.lsa_size);
710 	memcpy(cxlm->firmware_version, id.fw_revision, sizeof(id.fw_revision));
711 
712 	return 0;
713 }
714 EXPORT_SYMBOL_GPL(cxl_mem_identify);
715 
716 int cxl_mem_create_range_info(struct cxl_mem *cxlm)
717 {
718 	int rc;
719 
720 	if (cxlm->partition_align_bytes == 0) {
721 		cxlm->ram_range.start = 0;
722 		cxlm->ram_range.end = cxlm->volatile_only_bytes - 1;
723 		cxlm->pmem_range.start = cxlm->volatile_only_bytes;
724 		cxlm->pmem_range.end = cxlm->volatile_only_bytes +
725 				       cxlm->persistent_only_bytes - 1;
726 		return 0;
727 	}
728 
729 	rc = cxl_mem_get_partition_info(cxlm);
730 	if (rc) {
731 		dev_err(cxlm->dev, "Failed to query partition information\n");
732 		return rc;
733 	}
734 
735 	dev_dbg(cxlm->dev,
736 		"Get Partition Info\n"
737 		"     active_volatile_bytes = %#llx\n"
738 		"     active_persistent_bytes = %#llx\n"
739 		"     next_volatile_bytes = %#llx\n"
740 		"     next_persistent_bytes = %#llx\n",
741 		cxlm->active_volatile_bytes, cxlm->active_persistent_bytes,
742 		cxlm->next_volatile_bytes, cxlm->next_persistent_bytes);
743 
744 	cxlm->ram_range.start = 0;
745 	cxlm->ram_range.end = cxlm->active_volatile_bytes - 1;
746 
747 	cxlm->pmem_range.start = cxlm->active_volatile_bytes;
748 	cxlm->pmem_range.end =
749 		cxlm->active_volatile_bytes + cxlm->active_persistent_bytes - 1;
750 
751 	return 0;
752 }
753 EXPORT_SYMBOL_GPL(cxl_mem_create_range_info);
754 
755 struct cxl_mem *cxl_mem_create(struct device *dev)
756 {
757 	struct cxl_mem *cxlm;
758 
759 	cxlm = devm_kzalloc(dev, sizeof(*cxlm), GFP_KERNEL);
760 	if (!cxlm) {
761 		dev_err(dev, "No memory available\n");
762 		return ERR_PTR(-ENOMEM);
763 	}
764 
765 	mutex_init(&cxlm->mbox_mutex);
766 	cxlm->dev = dev;
767 
768 	return cxlm;
769 }
770 EXPORT_SYMBOL_GPL(cxl_mem_create);
771 
772 static struct dentry *cxl_debugfs;
773 
774 void __init cxl_mbox_init(void)
775 {
776 	struct dentry *mbox_debugfs;
777 
778 	cxl_debugfs = debugfs_create_dir("cxl", NULL);
779 	mbox_debugfs = debugfs_create_dir("mbox", cxl_debugfs);
780 	debugfs_create_bool("raw_allow_all", 0600, mbox_debugfs,
781 			    &cxl_raw_allow_all);
782 }
783 
784 void cxl_mbox_exit(void)
785 {
786 	debugfs_remove_recursive(cxl_debugfs);
787 }
788