1 // SPDX-License-Identifier: GPL-2.0+
2 /*
3  * Provides user-space access to the SSAM EC via the /dev/surface/aggregator
4  * misc device. Intended for debugging and development.
5  *
6  * Copyright (C) 2020 Maximilian Luz <luzmaximilian@gmail.com>
7  */
8 
9 #include <linux/fs.h>
10 #include <linux/kernel.h>
11 #include <linux/kref.h>
12 #include <linux/miscdevice.h>
13 #include <linux/module.h>
14 #include <linux/platform_device.h>
15 #include <linux/rwsem.h>
16 #include <linux/slab.h>
17 #include <linux/uaccess.h>
18 
19 #include <linux/surface_aggregator/cdev.h>
20 #include <linux/surface_aggregator/controller.h>
21 
22 #define SSAM_CDEV_DEVICE_NAME	"surface_aggregator_cdev"
23 
24 struct ssam_cdev {
25 	struct kref kref;
26 	struct rw_semaphore lock;
27 	struct ssam_controller *ctrl;
28 	struct miscdevice mdev;
29 };
30 
31 static void __ssam_cdev_release(struct kref *kref)
32 {
33 	kfree(container_of(kref, struct ssam_cdev, kref));
34 }
35 
36 static struct ssam_cdev *ssam_cdev_get(struct ssam_cdev *cdev)
37 {
38 	if (cdev)
39 		kref_get(&cdev->kref);
40 
41 	return cdev;
42 }
43 
44 static void ssam_cdev_put(struct ssam_cdev *cdev)
45 {
46 	if (cdev)
47 		kref_put(&cdev->kref, __ssam_cdev_release);
48 }
49 
50 static int ssam_cdev_device_open(struct inode *inode, struct file *filp)
51 {
52 	struct miscdevice *mdev = filp->private_data;
53 	struct ssam_cdev *cdev = container_of(mdev, struct ssam_cdev, mdev);
54 
55 	filp->private_data = ssam_cdev_get(cdev);
56 	return stream_open(inode, filp);
57 }
58 
59 static int ssam_cdev_device_release(struct inode *inode, struct file *filp)
60 {
61 	ssam_cdev_put(filp->private_data);
62 	return 0;
63 }
64 
65 static long ssam_cdev_request(struct ssam_cdev *cdev, unsigned long arg)
66 {
67 	struct ssam_cdev_request __user *r;
68 	struct ssam_cdev_request rqst;
69 	struct ssam_request spec = {};
70 	struct ssam_response rsp = {};
71 	const void __user *plddata;
72 	void __user *rspdata;
73 	int status = 0, ret = 0, tmp;
74 
75 	r = (struct ssam_cdev_request __user *)arg;
76 	ret = copy_struct_from_user(&rqst, sizeof(rqst), r, sizeof(*r));
77 	if (ret)
78 		goto out;
79 
80 	plddata = u64_to_user_ptr(rqst.payload.data);
81 	rspdata = u64_to_user_ptr(rqst.response.data);
82 
83 	/* Setup basic request fields. */
84 	spec.target_category = rqst.target_category;
85 	spec.target_id = rqst.target_id;
86 	spec.command_id = rqst.command_id;
87 	spec.instance_id = rqst.instance_id;
88 	spec.flags = 0;
89 	spec.length = rqst.payload.length;
90 	spec.payload = NULL;
91 
92 	if (rqst.flags & SSAM_CDEV_REQUEST_HAS_RESPONSE)
93 		spec.flags |= SSAM_REQUEST_HAS_RESPONSE;
94 
95 	if (rqst.flags & SSAM_CDEV_REQUEST_UNSEQUENCED)
96 		spec.flags |= SSAM_REQUEST_UNSEQUENCED;
97 
98 	rsp.capacity = rqst.response.length;
99 	rsp.length = 0;
100 	rsp.pointer = NULL;
101 
102 	/* Get request payload from user-space. */
103 	if (spec.length) {
104 		if (!plddata) {
105 			ret = -EINVAL;
106 			goto out;
107 		}
108 
109 		/*
110 		 * Note: spec.length is limited to U16_MAX bytes via struct
111 		 * ssam_cdev_request. This is slightly larger than the
112 		 * theoretical maximum (SSH_COMMAND_MAX_PAYLOAD_SIZE) of the
113 		 * underlying protocol (note that nothing remotely this size
114 		 * should ever be allocated in any normal case). This size is
115 		 * validated later in ssam_request_sync(), for allocation the
116 		 * bound imposed by u16 should be enough.
117 		 */
118 		spec.payload = kzalloc(spec.length, GFP_KERNEL);
119 		if (!spec.payload) {
120 			ret = -ENOMEM;
121 			goto out;
122 		}
123 
124 		if (copy_from_user((void *)spec.payload, plddata, spec.length)) {
125 			ret = -EFAULT;
126 			goto out;
127 		}
128 	}
129 
130 	/* Allocate response buffer. */
131 	if (rsp.capacity) {
132 		if (!rspdata) {
133 			ret = -EINVAL;
134 			goto out;
135 		}
136 
137 		/*
138 		 * Note: rsp.capacity is limited to U16_MAX bytes via struct
139 		 * ssam_cdev_request. This is slightly larger than the
140 		 * theoretical maximum (SSH_COMMAND_MAX_PAYLOAD_SIZE) of the
141 		 * underlying protocol (note that nothing remotely this size
142 		 * should ever be allocated in any normal case). In later use,
143 		 * this capacity does not have to be strictly bounded, as it
144 		 * is only used as an output buffer to be written to. For
145 		 * allocation the bound imposed by u16 should be enough.
146 		 */
147 		rsp.pointer = kzalloc(rsp.capacity, GFP_KERNEL);
148 		if (!rsp.pointer) {
149 			ret = -ENOMEM;
150 			goto out;
151 		}
152 	}
153 
154 	/* Perform request. */
155 	status = ssam_request_sync(cdev->ctrl, &spec, &rsp);
156 	if (status)
157 		goto out;
158 
159 	/* Copy response to user-space. */
160 	if (rsp.length && copy_to_user(rspdata, rsp.pointer, rsp.length))
161 		ret = -EFAULT;
162 
163 out:
164 	/* Always try to set response-length and status. */
165 	tmp = put_user(rsp.length, &r->response.length);
166 	if (tmp)
167 		ret = tmp;
168 
169 	tmp = put_user(status, &r->status);
170 	if (tmp)
171 		ret = tmp;
172 
173 	/* Cleanup. */
174 	kfree(spec.payload);
175 	kfree(rsp.pointer);
176 
177 	return ret;
178 }
179 
180 static long __ssam_cdev_device_ioctl(struct ssam_cdev *cdev, unsigned int cmd,
181 				     unsigned long arg)
182 {
183 	switch (cmd) {
184 	case SSAM_CDEV_REQUEST:
185 		return ssam_cdev_request(cdev, arg);
186 
187 	default:
188 		return -ENOTTY;
189 	}
190 }
191 
192 static long ssam_cdev_device_ioctl(struct file *file, unsigned int cmd,
193 				   unsigned long arg)
194 {
195 	struct ssam_cdev *cdev = file->private_data;
196 	long status;
197 
198 	/* Ensure that controller is valid for as long as we need it. */
199 	if (down_read_killable(&cdev->lock))
200 		return -ERESTARTSYS;
201 
202 	if (!cdev->ctrl) {
203 		up_read(&cdev->lock);
204 		return -ENODEV;
205 	}
206 
207 	status = __ssam_cdev_device_ioctl(cdev, cmd, arg);
208 
209 	up_read(&cdev->lock);
210 	return status;
211 }
212 
213 static const struct file_operations ssam_controller_fops = {
214 	.owner          = THIS_MODULE,
215 	.open           = ssam_cdev_device_open,
216 	.release        = ssam_cdev_device_release,
217 	.unlocked_ioctl = ssam_cdev_device_ioctl,
218 	.compat_ioctl   = ssam_cdev_device_ioctl,
219 	.llseek         = noop_llseek,
220 };
221 
222 static int ssam_dbg_device_probe(struct platform_device *pdev)
223 {
224 	struct ssam_controller *ctrl;
225 	struct ssam_cdev *cdev;
226 	int status;
227 
228 	ctrl = ssam_client_bind(&pdev->dev);
229 	if (IS_ERR(ctrl))
230 		return PTR_ERR(ctrl) == -ENODEV ? -EPROBE_DEFER : PTR_ERR(ctrl);
231 
232 	cdev = kzalloc(sizeof(*cdev), GFP_KERNEL);
233 	if (!cdev)
234 		return -ENOMEM;
235 
236 	kref_init(&cdev->kref);
237 	init_rwsem(&cdev->lock);
238 	cdev->ctrl = ctrl;
239 
240 	cdev->mdev.parent   = &pdev->dev;
241 	cdev->mdev.minor    = MISC_DYNAMIC_MINOR;
242 	cdev->mdev.name     = "surface_aggregator";
243 	cdev->mdev.nodename = "surface/aggregator";
244 	cdev->mdev.fops     = &ssam_controller_fops;
245 
246 	status = misc_register(&cdev->mdev);
247 	if (status) {
248 		kfree(cdev);
249 		return status;
250 	}
251 
252 	platform_set_drvdata(pdev, cdev);
253 	return 0;
254 }
255 
256 static int ssam_dbg_device_remove(struct platform_device *pdev)
257 {
258 	struct ssam_cdev *cdev = platform_get_drvdata(pdev);
259 
260 	misc_deregister(&cdev->mdev);
261 
262 	/*
263 	 * The controller is only guaranteed to be valid for as long as the
264 	 * driver is bound. Remove controller so that any lingering open files
265 	 * cannot access it any more after we're gone.
266 	 */
267 	down_write(&cdev->lock);
268 	cdev->ctrl = NULL;
269 	up_write(&cdev->lock);
270 
271 	ssam_cdev_put(cdev);
272 	return 0;
273 }
274 
275 static struct platform_device *ssam_cdev_device;
276 
277 static struct platform_driver ssam_cdev_driver = {
278 	.probe = ssam_dbg_device_probe,
279 	.remove = ssam_dbg_device_remove,
280 	.driver = {
281 		.name = SSAM_CDEV_DEVICE_NAME,
282 		.probe_type = PROBE_PREFER_ASYNCHRONOUS,
283 	},
284 };
285 
286 static int __init ssam_debug_init(void)
287 {
288 	int status;
289 
290 	ssam_cdev_device = platform_device_alloc(SSAM_CDEV_DEVICE_NAME,
291 						 PLATFORM_DEVID_NONE);
292 	if (!ssam_cdev_device)
293 		return -ENOMEM;
294 
295 	status = platform_device_add(ssam_cdev_device);
296 	if (status)
297 		goto err_device;
298 
299 	status = platform_driver_register(&ssam_cdev_driver);
300 	if (status)
301 		goto err_driver;
302 
303 	return 0;
304 
305 err_driver:
306 	platform_device_del(ssam_cdev_device);
307 err_device:
308 	platform_device_put(ssam_cdev_device);
309 	return status;
310 }
311 module_init(ssam_debug_init);
312 
313 static void __exit ssam_debug_exit(void)
314 {
315 	platform_driver_unregister(&ssam_cdev_driver);
316 	platform_device_unregister(ssam_cdev_device);
317 }
318 module_exit(ssam_debug_exit);
319 
320 MODULE_AUTHOR("Maximilian Luz <luzmaximilian@gmail.com>");
321 MODULE_DESCRIPTION("User-space interface for Surface System Aggregator Module");
322 MODULE_LICENSE("GPL");
323