2005-04-17 06:20:36 +08:00
|
|
|
/*
|
|
|
|
* c 2001 PPC 64 Team, IBM Corp
|
|
|
|
*
|
|
|
|
* This program is free software; you can redistribute it and/or
|
|
|
|
* modify it under the terms of the GNU General Public License
|
|
|
|
* as published by the Free Software Foundation; either version
|
|
|
|
* 2 of the License, or (at your option) any later version.
|
|
|
|
*
|
2009-09-25 03:29:13 +08:00
|
|
|
* /proc/powerpc/rtas/firmware_flash interface
|
2005-04-17 06:20:36 +08:00
|
|
|
*
|
|
|
|
* This file implements a firmware_flash interface to pump a firmware
|
|
|
|
* image into the kernel. At reboot time rtas_restart() will see the
|
|
|
|
* firmware image and flash it as it reboots (see rtas.c).
|
|
|
|
*/
|
|
|
|
|
|
|
|
#include <linux/module.h>
|
|
|
|
#include <linux/init.h>
|
include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h
percpu.h is included by sched.h and module.h and thus ends up being
included when building most .c files. percpu.h includes slab.h which
in turn includes gfp.h making everything defined by the two files
universally available and complicating inclusion dependencies.
percpu.h -> slab.h dependency is about to be removed. Prepare for
this change by updating users of gfp and slab facilities include those
headers directly instead of assuming availability. As this conversion
needs to touch large number of source files, the following script is
used as the basis of conversion.
http://userweb.kernel.org/~tj/misc/slabh-sweep.py
The script does the followings.
* Scan files for gfp and slab usages and update includes such that
only the necessary includes are there. ie. if only gfp is used,
gfp.h, if slab is used, slab.h.
* When the script inserts a new include, it looks at the include
blocks and try to put the new include such that its order conforms
to its surrounding. It's put in the include block which contains
core kernel includes, in the same order that the rest are ordered -
alphabetical, Christmas tree, rev-Xmas-tree or at the end if there
doesn't seem to be any matching order.
* If the script can't find a place to put a new include (mostly
because the file doesn't have fitting include block), it prints out
an error message indicating which .h file needs to be added to the
file.
The conversion was done in the following steps.
1. The initial automatic conversion of all .c files updated slightly
over 4000 files, deleting around 700 includes and adding ~480 gfp.h
and ~3000 slab.h inclusions. The script emitted errors for ~400
files.
2. Each error was manually checked. Some didn't need the inclusion,
some needed manual addition while adding it to implementation .h or
embedding .c file was more appropriate for others. This step added
inclusions to around 150 files.
3. The script was run again and the output was compared to the edits
from #2 to make sure no file was left behind.
4. Several build tests were done and a couple of problems were fixed.
e.g. lib/decompress_*.c used malloc/free() wrappers around slab
APIs requiring slab.h to be added manually.
5. The script was run on all .h files but without automatically
editing them as sprinkling gfp.h and slab.h inclusions around .h
files could easily lead to inclusion dependency hell. Most gfp.h
inclusion directives were ignored as stuff from gfp.h was usually
wildly available and often used in preprocessor macros. Each
slab.h inclusion directive was examined and added manually as
necessary.
6. percpu.h was updated not to include slab.h.
7. Build test were done on the following configurations and failures
were fixed. CONFIG_GCOV_KERNEL was turned off for all tests (as my
distributed build env didn't work with gcov compiles) and a few
more options had to be turned off depending on archs to make things
build (like ipr on powerpc/64 which failed due to missing writeq).
* x86 and x86_64 UP and SMP allmodconfig and a custom test config.
* powerpc and powerpc64 SMP allmodconfig
* sparc and sparc64 SMP allmodconfig
* ia64 SMP allmodconfig
* s390 SMP allmodconfig
* alpha SMP allmodconfig
* um on x86_64 SMP allmodconfig
8. percpu.h modifications were reverted so that it could be applied as
a separate patch and serve as bisection point.
Given the fact that I had only a couple of failures from tests on step
6, I'm fairly confident about the coverage of this conversion patch.
If there is a breakage, it's likely to be something in one of the arch
headers which should be easily discoverable easily on most builds of
the specific arch.
Signed-off-by: Tejun Heo <tj@kernel.org>
Guess-its-ok-by: Christoph Lameter <cl@linux-foundation.org>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: Lee Schermerhorn <Lee.Schermerhorn@hp.com>
2010-03-24 16:04:11 +08:00
|
|
|
#include <linux/slab.h>
|
2005-04-17 06:20:36 +08:00
|
|
|
#include <linux/proc_fs.h>
|
2011-07-26 08:13:10 +08:00
|
|
|
#include <linux/reboot.h>
|
2005-04-17 06:20:36 +08:00
|
|
|
#include <asm/delay.h>
|
2016-12-25 03:46:01 +08:00
|
|
|
#include <linux/uaccess.h>
|
2005-04-17 06:20:36 +08:00
|
|
|
#include <asm/rtas.h>
|
|
|
|
|
|
|
|
#define MODULE_VERS "1.0"
|
|
|
|
#define MODULE_NAME "rtas_flash"
|
|
|
|
|
|
|
|
#define FIRMWARE_FLASH_NAME "firmware_flash"
|
|
|
|
#define FIRMWARE_UPDATE_NAME "firmware_update"
|
|
|
|
#define MANAGE_FLASH_NAME "manage_flash"
|
|
|
|
#define VALIDATE_FLASH_NAME "validate_flash"
|
|
|
|
|
|
|
|
/* General RTAS Status Codes */
|
|
|
|
#define RTAS_RC_SUCCESS 0
|
|
|
|
#define RTAS_RC_HW_ERR -1
|
|
|
|
#define RTAS_RC_BUSY -2
|
|
|
|
|
|
|
|
/* Flash image status values */
|
|
|
|
#define FLASH_AUTH -9002 /* RTAS Not Service Authority Partition */
|
|
|
|
#define FLASH_NO_OP -1099 /* No operation initiated by user */
|
|
|
|
#define FLASH_IMG_SHORT -1005 /* Flash image shorter than expected */
|
|
|
|
#define FLASH_IMG_BAD_LEN -1004 /* Bad length value in flash list block */
|
|
|
|
#define FLASH_IMG_NULL_DATA -1003 /* Bad data value in flash list block */
|
|
|
|
#define FLASH_IMG_READY 0 /* Firmware img ready for flash on reboot */
|
|
|
|
|
|
|
|
/* Manage image status values */
|
|
|
|
#define MANAGE_AUTH -9002 /* RTAS Not Service Authority Partition */
|
|
|
|
#define MANAGE_ACTIVE_ERR -9001 /* RTAS Cannot Overwrite Active Img */
|
|
|
|
#define MANAGE_NO_OP -1099 /* No operation initiated by user */
|
|
|
|
#define MANAGE_PARAM_ERR -3 /* RTAS Parameter Error */
|
|
|
|
#define MANAGE_HW_ERR -1 /* RTAS Hardware Error */
|
|
|
|
|
|
|
|
/* Validate image status values */
|
|
|
|
#define VALIDATE_AUTH -9002 /* RTAS Not Service Authority Partition */
|
|
|
|
#define VALIDATE_NO_OP -1099 /* No operation initiated by the user */
|
|
|
|
#define VALIDATE_INCOMPLETE -1002 /* User copied < VALIDATE_BUF_SIZE */
|
|
|
|
#define VALIDATE_READY -1001 /* Firmware image ready for validation */
|
|
|
|
#define VALIDATE_PARAM_ERR -3 /* RTAS Parameter Error */
|
|
|
|
#define VALIDATE_HW_ERR -1 /* RTAS Hardware Error */
|
2013-04-23 12:20:48 +08:00
|
|
|
|
|
|
|
/* ibm,validate-flash-image update result tokens */
|
|
|
|
#define VALIDATE_TMP_UPDATE 0 /* T side will be updated */
|
|
|
|
#define VALIDATE_FLASH_AUTH 1 /* Partition does not have authority */
|
|
|
|
#define VALIDATE_INVALID_IMG 2 /* Candidate image is not valid */
|
|
|
|
#define VALIDATE_CUR_UNKNOWN 3 /* Current fixpack level is unknown */
|
|
|
|
/*
|
|
|
|
* Current T side will be committed to P side before being replace with new
|
|
|
|
* image, and the new image is downlevel from current image
|
|
|
|
*/
|
|
|
|
#define VALIDATE_TMP_COMMIT_DL 4
|
|
|
|
/*
|
|
|
|
* Current T side will be committed to P side before being replaced with new
|
|
|
|
* image
|
|
|
|
*/
|
|
|
|
#define VALIDATE_TMP_COMMIT 5
|
|
|
|
/*
|
|
|
|
* T side will be updated with a downlevel image
|
|
|
|
*/
|
|
|
|
#define VALIDATE_TMP_UPDATE_DL 6
|
2013-04-23 12:22:22 +08:00
|
|
|
/*
|
|
|
|
* The candidate image's release date is later than the system's firmware
|
|
|
|
* service entitlement date - service warranty period has expired
|
|
|
|
*/
|
|
|
|
#define VALIDATE_OUT_OF_WRNTY 7
|
2005-04-17 06:20:36 +08:00
|
|
|
|
|
|
|
/* ibm,manage-flash-image operation tokens */
|
|
|
|
#define RTAS_REJECT_TMP_IMG 0
|
|
|
|
#define RTAS_COMMIT_TMP_IMG 1
|
|
|
|
|
|
|
|
/* Array sizes */
|
|
|
|
#define VALIDATE_BUF_SIZE 4096
|
2013-05-08 00:54:47 +08:00
|
|
|
#define VALIDATE_MSG_LEN 256
|
2005-04-17 06:20:36 +08:00
|
|
|
#define RTAS_MSG_MAXLEN 64
|
|
|
|
|
2006-11-09 00:07:30 +08:00
|
|
|
/* Quirk - RTAS requires 4k list length and block size */
|
|
|
|
#define RTAS_BLKLIST_LENGTH 4096
|
|
|
|
#define RTAS_BLK_SIZE 4096
|
|
|
|
|
2005-11-03 11:41:19 +08:00
|
|
|
struct flash_block {
|
|
|
|
char *data;
|
|
|
|
unsigned long length;
|
|
|
|
};
|
|
|
|
|
|
|
|
/* This struct is very similar but not identical to
|
|
|
|
* that needed by the rtas flash update.
|
|
|
|
* All we need to do for rtas is rewrite num_blocks
|
|
|
|
* into a version/length and translate the pointers
|
|
|
|
* to absolute.
|
|
|
|
*/
|
2006-11-09 00:07:30 +08:00
|
|
|
#define FLASH_BLOCKS_PER_NODE ((RTAS_BLKLIST_LENGTH - 16) / sizeof(struct flash_block))
|
2005-11-03 11:41:19 +08:00
|
|
|
struct flash_block_list {
|
|
|
|
unsigned long num_blocks;
|
|
|
|
struct flash_block_list *next;
|
|
|
|
struct flash_block blocks[FLASH_BLOCKS_PER_NODE];
|
|
|
|
};
|
|
|
|
|
2010-06-12 11:48:47 +08:00
|
|
|
static struct flash_block_list *rtas_firmware_flash_list;
|
2005-11-03 11:41:19 +08:00
|
|
|
|
2006-11-09 00:07:30 +08:00
|
|
|
/* Use slab cache to guarantee 4k alignment */
|
2006-12-07 12:33:20 +08:00
|
|
|
static struct kmem_cache *flash_block_cache = NULL;
|
2006-11-09 00:07:30 +08:00
|
|
|
|
2005-11-03 11:41:19 +08:00
|
|
|
#define FLASH_BLOCK_LIST_VERSION (1UL)
|
|
|
|
|
2013-04-13 07:48:49 +08:00
|
|
|
/*
|
|
|
|
* Local copy of the flash block list.
|
|
|
|
*
|
|
|
|
* The rtas_firmware_flash_list varable will be
|
2010-06-12 11:48:47 +08:00
|
|
|
* set once the data is fully read.
|
2005-04-17 06:20:36 +08:00
|
|
|
*
|
|
|
|
* For convenience as we build the list we use virtual addrs,
|
|
|
|
* we do not fill in the version number, and the length field
|
|
|
|
* is treated as the number of entries currently in the block
|
2010-06-12 11:48:47 +08:00
|
|
|
* (i.e. not a byte count). This is all fixed when calling
|
|
|
|
* the flash routine.
|
2005-04-17 06:20:36 +08:00
|
|
|
*/
|
|
|
|
|
|
|
|
/* Status int must be first member of struct */
|
|
|
|
struct rtas_update_flash_t
|
|
|
|
{
|
|
|
|
int status; /* Flash update status */
|
|
|
|
struct flash_block_list *flist; /* Local copy of flash block list */
|
|
|
|
};
|
|
|
|
|
|
|
|
/* Status int must be first member of struct */
|
|
|
|
struct rtas_manage_flash_t
|
|
|
|
{
|
|
|
|
int status; /* Returned status */
|
|
|
|
};
|
|
|
|
|
|
|
|
/* Status int must be first member of struct */
|
|
|
|
struct rtas_validate_flash_t
|
|
|
|
{
|
|
|
|
int status; /* Returned status */
|
2013-04-13 07:48:49 +08:00
|
|
|
char *buf; /* Candidate image buffer */
|
2005-04-17 06:20:36 +08:00
|
|
|
unsigned int buf_size; /* Size of image buf */
|
|
|
|
unsigned int update_results; /* Update results token */
|
|
|
|
};
|
|
|
|
|
2013-04-13 07:48:49 +08:00
|
|
|
static struct rtas_update_flash_t rtas_update_flash_data;
|
|
|
|
static struct rtas_manage_flash_t rtas_manage_flash_data;
|
|
|
|
static struct rtas_validate_flash_t rtas_validate_flash_data;
|
|
|
|
static DEFINE_MUTEX(rtas_update_flash_mutex);
|
|
|
|
static DEFINE_MUTEX(rtas_manage_flash_mutex);
|
|
|
|
static DEFINE_MUTEX(rtas_validate_flash_mutex);
|
2005-04-17 06:20:36 +08:00
|
|
|
|
|
|
|
/* Do simple sanity checks on the flash image. */
|
|
|
|
static int flash_list_valid(struct flash_block_list *flist)
|
|
|
|
{
|
|
|
|
struct flash_block_list *f;
|
|
|
|
int i;
|
|
|
|
unsigned long block_size, image_size;
|
|
|
|
|
|
|
|
/* Paranoid self test here. We also collect the image size. */
|
|
|
|
image_size = 0;
|
|
|
|
for (f = flist; f; f = f->next) {
|
|
|
|
for (i = 0; i < f->num_blocks; i++) {
|
|
|
|
if (f->blocks[i].data == NULL) {
|
|
|
|
return FLASH_IMG_NULL_DATA;
|
|
|
|
}
|
|
|
|
block_size = f->blocks[i].length;
|
2006-11-09 00:07:30 +08:00
|
|
|
if (block_size <= 0 || block_size > RTAS_BLK_SIZE) {
|
2005-04-17 06:20:36 +08:00
|
|
|
return FLASH_IMG_BAD_LEN;
|
|
|
|
}
|
|
|
|
image_size += block_size;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if (image_size < (256 << 10)) {
|
|
|
|
if (image_size < 2)
|
|
|
|
return FLASH_NO_OP;
|
|
|
|
}
|
|
|
|
|
|
|
|
printk(KERN_INFO "FLASH: flash image with %ld bytes stored for hardware flash on reboot\n", image_size);
|
|
|
|
|
|
|
|
return FLASH_IMG_READY;
|
|
|
|
}
|
|
|
|
|
|
|
|
static void free_flash_list(struct flash_block_list *f)
|
|
|
|
{
|
|
|
|
struct flash_block_list *next;
|
|
|
|
int i;
|
|
|
|
|
|
|
|
while (f) {
|
|
|
|
for (i = 0; i < f->num_blocks; i++)
|
2006-11-09 00:07:30 +08:00
|
|
|
kmem_cache_free(flash_block_cache, f->blocks[i].data);
|
2005-04-17 06:20:36 +08:00
|
|
|
next = f->next;
|
2006-11-09 00:07:30 +08:00
|
|
|
kmem_cache_free(flash_block_cache, f);
|
2005-04-17 06:20:36 +08:00
|
|
|
f = next;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
static int rtas_flash_release(struct inode *inode, struct file *file)
|
|
|
|
{
|
2013-04-13 07:48:49 +08:00
|
|
|
struct rtas_update_flash_t *const uf = &rtas_update_flash_data;
|
|
|
|
|
|
|
|
mutex_lock(&rtas_update_flash_mutex);
|
|
|
|
|
2005-04-17 06:20:36 +08:00
|
|
|
if (uf->flist) {
|
|
|
|
/* File was opened in write mode for a new flash attempt */
|
|
|
|
/* Clear saved list */
|
2010-06-12 11:48:47 +08:00
|
|
|
if (rtas_firmware_flash_list) {
|
|
|
|
free_flash_list(rtas_firmware_flash_list);
|
|
|
|
rtas_firmware_flash_list = NULL;
|
2005-04-17 06:20:36 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
if (uf->status != FLASH_AUTH)
|
|
|
|
uf->status = flash_list_valid(uf->flist);
|
|
|
|
|
|
|
|
if (uf->status == FLASH_IMG_READY)
|
2010-06-12 11:48:47 +08:00
|
|
|
rtas_firmware_flash_list = uf->flist;
|
2005-04-17 06:20:36 +08:00
|
|
|
else
|
|
|
|
free_flash_list(uf->flist);
|
|
|
|
|
|
|
|
uf->flist = NULL;
|
|
|
|
}
|
|
|
|
|
2013-04-13 07:48:49 +08:00
|
|
|
mutex_unlock(&rtas_update_flash_mutex);
|
2005-04-17 06:20:36 +08:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2013-04-13 07:48:49 +08:00
|
|
|
static size_t get_flash_status_msg(int status, char *buf)
|
2005-04-17 06:20:36 +08:00
|
|
|
{
|
2013-04-13 07:48:49 +08:00
|
|
|
const char *msg;
|
|
|
|
size_t len;
|
2005-04-17 06:20:36 +08:00
|
|
|
|
|
|
|
switch (status) {
|
|
|
|
case FLASH_AUTH:
|
|
|
|
msg = "error: this partition does not have service authority\n";
|
|
|
|
break;
|
|
|
|
case FLASH_NO_OP:
|
|
|
|
msg = "info: no firmware image for flash\n";
|
|
|
|
break;
|
|
|
|
case FLASH_IMG_SHORT:
|
|
|
|
msg = "error: flash image short\n";
|
|
|
|
break;
|
|
|
|
case FLASH_IMG_BAD_LEN:
|
|
|
|
msg = "error: internal error bad length\n";
|
|
|
|
break;
|
|
|
|
case FLASH_IMG_NULL_DATA:
|
|
|
|
msg = "error: internal error null data\n";
|
|
|
|
break;
|
|
|
|
case FLASH_IMG_READY:
|
|
|
|
msg = "ready: firmware image ready for flash on reboot\n";
|
|
|
|
break;
|
|
|
|
default:
|
2013-04-13 07:48:49 +08:00
|
|
|
return sprintf(buf, "error: unexpected status value %d\n",
|
|
|
|
status);
|
2005-04-17 06:20:36 +08:00
|
|
|
}
|
|
|
|
|
2013-04-13 07:48:49 +08:00
|
|
|
len = strlen(msg);
|
|
|
|
memcpy(buf, msg, len + 1);
|
|
|
|
return len;
|
2005-04-17 06:20:36 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
/* Reading the proc file will show status (not the firmware contents) */
|
2013-04-13 07:48:49 +08:00
|
|
|
static ssize_t rtas_flash_read_msg(struct file *file, char __user *buf,
|
|
|
|
size_t count, loff_t *ppos)
|
2005-04-17 06:20:36 +08:00
|
|
|
{
|
2013-04-13 07:48:49 +08:00
|
|
|
struct rtas_update_flash_t *const uf = &rtas_update_flash_data;
|
2005-04-17 06:20:36 +08:00
|
|
|
char msg[RTAS_MSG_MAXLEN];
|
2013-04-13 07:48:49 +08:00
|
|
|
size_t len;
|
|
|
|
int status;
|
2005-04-17 06:20:36 +08:00
|
|
|
|
2013-04-13 07:48:49 +08:00
|
|
|
mutex_lock(&rtas_update_flash_mutex);
|
|
|
|
status = uf->status;
|
|
|
|
mutex_unlock(&rtas_update_flash_mutex);
|
2005-04-17 06:20:36 +08:00
|
|
|
|
2013-04-13 07:48:49 +08:00
|
|
|
/* Read as text message */
|
|
|
|
len = get_flash_status_msg(status, msg);
|
|
|
|
return simple_read_from_buffer(buf, count, ppos, msg, len);
|
|
|
|
}
|
|
|
|
|
|
|
|
static ssize_t rtas_flash_read_num(struct file *file, char __user *buf,
|
|
|
|
size_t count, loff_t *ppos)
|
|
|
|
{
|
|
|
|
struct rtas_update_flash_t *const uf = &rtas_update_flash_data;
|
|
|
|
char msg[RTAS_MSG_MAXLEN];
|
|
|
|
int status;
|
2005-04-17 06:20:36 +08:00
|
|
|
|
2013-04-13 07:48:49 +08:00
|
|
|
mutex_lock(&rtas_update_flash_mutex);
|
|
|
|
status = uf->status;
|
|
|
|
mutex_unlock(&rtas_update_flash_mutex);
|
|
|
|
|
|
|
|
/* Read as number */
|
|
|
|
sprintf(msg, "%d\n", status);
|
2010-12-25 04:03:59 +08:00
|
|
|
return simple_read_from_buffer(buf, count, ppos, msg, strlen(msg));
|
2005-04-17 06:20:36 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
/* We could be much more efficient here. But to keep this function
|
|
|
|
* simple we allocate a page to the block list no matter how small the
|
|
|
|
* count is. If the system is low on memory it will be just as well
|
|
|
|
* that we fail....
|
|
|
|
*/
|
2005-04-27 02:26:53 +08:00
|
|
|
static ssize_t rtas_flash_write(struct file *file, const char __user *buffer,
|
2005-04-17 06:20:36 +08:00
|
|
|
size_t count, loff_t *off)
|
|
|
|
{
|
2013-04-13 07:48:49 +08:00
|
|
|
struct rtas_update_flash_t *const uf = &rtas_update_flash_data;
|
2005-04-17 06:20:36 +08:00
|
|
|
char *p;
|
2013-04-13 07:48:49 +08:00
|
|
|
int next_free, rc;
|
2005-04-17 06:20:36 +08:00
|
|
|
struct flash_block_list *fl;
|
|
|
|
|
2013-04-13 07:48:49 +08:00
|
|
|
mutex_lock(&rtas_update_flash_mutex);
|
2005-04-17 06:20:36 +08:00
|
|
|
|
|
|
|
if (uf->status == FLASH_AUTH || count == 0)
|
2013-04-13 07:48:49 +08:00
|
|
|
goto out; /* discard data */
|
2005-04-17 06:20:36 +08:00
|
|
|
|
|
|
|
/* In the case that the image is not ready for flashing, the memory
|
|
|
|
* allocated for the block list will be freed upon the release of the
|
|
|
|
* proc file
|
|
|
|
*/
|
|
|
|
if (uf->flist == NULL) {
|
powerpc/rtas_flash: Fix bad memory access
We use kmem_cache_alloc() to allocate memory to hold the new firmware
which will be flashed. kmem_cache_alloc() calls rtas_block_ctor() to
set memory to NULL. But these constructor is called only for newly
allocated slabs.
If we run below command multiple time without rebooting, allocator may
allocate memory from the area which was free'd by kmem_cache_free and
it will not call constructor. In this situation we may hit kernel oops.
dd if=<fw image> of=/proc/ppc64/rtas/firmware_flash bs=4096
oops message:
-------------
[ 1602.399755] Oops: Kernel access of bad area, sig: 11 [#1]
[ 1602.399772] SMP NR_CPUS=1024 NUMA pSeries
[ 1602.399779] Modules linked in: rtas_flash nfsd lockd auth_rpcgss nfs_acl sunrpc fuse loop dm_mod sg ipv6 ses enclosure ehea ehci_pci ohci_hcd ehci_hcd usbcore sd_mod usb_common crc_t10dif scsi_dh_alua scsi_dh_emc scsi_dh_hp_sw scsi_dh_rdac scsi_dh ipr libata scsi_mod
[ 1602.399817] NIP: d00000000a170b9c LR: d00000000a170b64 CTR: c00000000079cd58
[ 1602.399823] REGS: c0000003b9937930 TRAP: 0300 Not tainted (3.9.0-rc4-0.27-ppc64)
[ 1602.399828] MSR: 8000000000009032 <SF,EE,ME,IR,DR,RI> CR: 22000428 XER: 20000000
[ 1602.399841] SOFTE: 1
[ 1602.399844] CFAR: c000000000005f24
[ 1602.399848] DAR: 8c2625a820631fef, DSISR: 40000000
[ 1602.399852] TASK = c0000003b4520760[3655] 'dd' THREAD: c0000003b9934000 CPU: 3
GPR00: 8c2625a820631fe7 c0000003b9937bb0 d00000000a179f28 d00000000a171f08
GPR04: 0000000010040000 0000000000001000 c0000003b9937df0 c0000003b5fb2080
GPR08: c0000003b58f7200 d00000000a179f28 c0000003b40058d4 c00000000079cd58
GPR12: d00000000a171450 c000000007f40900 0000000000000005 0000000010178d20
GPR16: 00000000100cb9d8 000000000000001d 0000000000000000 000000001003ffff
GPR20: 0000000000000001 0000000000000000 00003fffa0b50d30 000000001001f010
GPR24: 0000000010020888 0000000010040000 d00000000a171f08 d00000000a172808
GPR28: 0000000000001000 0000000010040000 c0000003b4005880 8c2625a820631fe7
[ 1602.399924] NIP [d00000000a170b9c] .rtas_flash_write+0x7c/0x1e8 [rtas_flash]
[ 1602.399930] LR [d00000000a170b64] .rtas_flash_write+0x44/0x1e8 [rtas_flash]
[ 1602.399934] Call Trace:
[ 1602.399939] [c0000003b9937bb0] [d00000000a170b64] .rtas_flash_write+0x44/0x1e8 [rtas_flash] (unreliable)
[ 1602.399948] [c0000003b9937c60] [c000000000282830] .proc_reg_write+0x90/0xe0
[ 1602.399955] [c0000003b9937ce0] [c0000000001ff374] .vfs_write+0x114/0x238
[ 1602.399961] [c0000003b9937d80] [c0000000001ff5d8] .SyS_write+0x70/0xe8
[ 1602.399968] [c0000003b9937e30] [c000000000009cdc] syscall_exit+0x0/0xa0
[ 1602.399973] Instruction dump:
[ 1602.399977] eb698010 801b0028 2f80dcd6 419e00a4 2fbc0000 419e009c ebfb0030 2fbf0000
[ 1602.399989] 409e0010 480000d8 60000000 7c1f0378 <e81f0008> 2fa00000 409efff4 e81f0000
[ 1602.400012] ---[ end trace b4136d115dc31dac ]---
[ 1602.402178]
[ 1602.402185] Sending IPI to other CPUs
[ 1602.403329] IPI complete
This patch uses kmem_cache_zalloc() instead of kmem_cache_alloc() to
allocate memory, which makes sure memory is set to 0 before using.
Also removes rtas_block_ctor(), which is no longer required.
Signed-off-by: Vasant Hegde <hegdevasant@linux.vnet.ibm.com>
Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
2013-04-29 02:43:56 +08:00
|
|
|
uf->flist = kmem_cache_zalloc(flash_block_cache, GFP_KERNEL);
|
2005-04-17 06:20:36 +08:00
|
|
|
if (!uf->flist)
|
2013-04-13 07:48:49 +08:00
|
|
|
goto nomem;
|
2005-04-17 06:20:36 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
fl = uf->flist;
|
|
|
|
while (fl->next)
|
|
|
|
fl = fl->next; /* seek to last block_list for append */
|
|
|
|
next_free = fl->num_blocks;
|
|
|
|
if (next_free == FLASH_BLOCKS_PER_NODE) {
|
|
|
|
/* Need to allocate another block_list */
|
powerpc/rtas_flash: Fix bad memory access
We use kmem_cache_alloc() to allocate memory to hold the new firmware
which will be flashed. kmem_cache_alloc() calls rtas_block_ctor() to
set memory to NULL. But these constructor is called only for newly
allocated slabs.
If we run below command multiple time without rebooting, allocator may
allocate memory from the area which was free'd by kmem_cache_free and
it will not call constructor. In this situation we may hit kernel oops.
dd if=<fw image> of=/proc/ppc64/rtas/firmware_flash bs=4096
oops message:
-------------
[ 1602.399755] Oops: Kernel access of bad area, sig: 11 [#1]
[ 1602.399772] SMP NR_CPUS=1024 NUMA pSeries
[ 1602.399779] Modules linked in: rtas_flash nfsd lockd auth_rpcgss nfs_acl sunrpc fuse loop dm_mod sg ipv6 ses enclosure ehea ehci_pci ohci_hcd ehci_hcd usbcore sd_mod usb_common crc_t10dif scsi_dh_alua scsi_dh_emc scsi_dh_hp_sw scsi_dh_rdac scsi_dh ipr libata scsi_mod
[ 1602.399817] NIP: d00000000a170b9c LR: d00000000a170b64 CTR: c00000000079cd58
[ 1602.399823] REGS: c0000003b9937930 TRAP: 0300 Not tainted (3.9.0-rc4-0.27-ppc64)
[ 1602.399828] MSR: 8000000000009032 <SF,EE,ME,IR,DR,RI> CR: 22000428 XER: 20000000
[ 1602.399841] SOFTE: 1
[ 1602.399844] CFAR: c000000000005f24
[ 1602.399848] DAR: 8c2625a820631fef, DSISR: 40000000
[ 1602.399852] TASK = c0000003b4520760[3655] 'dd' THREAD: c0000003b9934000 CPU: 3
GPR00: 8c2625a820631fe7 c0000003b9937bb0 d00000000a179f28 d00000000a171f08
GPR04: 0000000010040000 0000000000001000 c0000003b9937df0 c0000003b5fb2080
GPR08: c0000003b58f7200 d00000000a179f28 c0000003b40058d4 c00000000079cd58
GPR12: d00000000a171450 c000000007f40900 0000000000000005 0000000010178d20
GPR16: 00000000100cb9d8 000000000000001d 0000000000000000 000000001003ffff
GPR20: 0000000000000001 0000000000000000 00003fffa0b50d30 000000001001f010
GPR24: 0000000010020888 0000000010040000 d00000000a171f08 d00000000a172808
GPR28: 0000000000001000 0000000010040000 c0000003b4005880 8c2625a820631fe7
[ 1602.399924] NIP [d00000000a170b9c] .rtas_flash_write+0x7c/0x1e8 [rtas_flash]
[ 1602.399930] LR [d00000000a170b64] .rtas_flash_write+0x44/0x1e8 [rtas_flash]
[ 1602.399934] Call Trace:
[ 1602.399939] [c0000003b9937bb0] [d00000000a170b64] .rtas_flash_write+0x44/0x1e8 [rtas_flash] (unreliable)
[ 1602.399948] [c0000003b9937c60] [c000000000282830] .proc_reg_write+0x90/0xe0
[ 1602.399955] [c0000003b9937ce0] [c0000000001ff374] .vfs_write+0x114/0x238
[ 1602.399961] [c0000003b9937d80] [c0000000001ff5d8] .SyS_write+0x70/0xe8
[ 1602.399968] [c0000003b9937e30] [c000000000009cdc] syscall_exit+0x0/0xa0
[ 1602.399973] Instruction dump:
[ 1602.399977] eb698010 801b0028 2f80dcd6 419e00a4 2fbc0000 419e009c ebfb0030 2fbf0000
[ 1602.399989] 409e0010 480000d8 60000000 7c1f0378 <e81f0008> 2fa00000 409efff4 e81f0000
[ 1602.400012] ---[ end trace b4136d115dc31dac ]---
[ 1602.402178]
[ 1602.402185] Sending IPI to other CPUs
[ 1602.403329] IPI complete
This patch uses kmem_cache_zalloc() instead of kmem_cache_alloc() to
allocate memory, which makes sure memory is set to 0 before using.
Also removes rtas_block_ctor(), which is no longer required.
Signed-off-by: Vasant Hegde <hegdevasant@linux.vnet.ibm.com>
Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
2013-04-29 02:43:56 +08:00
|
|
|
fl->next = kmem_cache_zalloc(flash_block_cache, GFP_KERNEL);
|
2005-04-17 06:20:36 +08:00
|
|
|
if (!fl->next)
|
2013-04-13 07:48:49 +08:00
|
|
|
goto nomem;
|
2005-04-17 06:20:36 +08:00
|
|
|
fl = fl->next;
|
|
|
|
next_free = 0;
|
|
|
|
}
|
|
|
|
|
2006-11-09 00:07:30 +08:00
|
|
|
if (count > RTAS_BLK_SIZE)
|
|
|
|
count = RTAS_BLK_SIZE;
|
powerpc/rtas_flash: Fix bad memory access
We use kmem_cache_alloc() to allocate memory to hold the new firmware
which will be flashed. kmem_cache_alloc() calls rtas_block_ctor() to
set memory to NULL. But these constructor is called only for newly
allocated slabs.
If we run below command multiple time without rebooting, allocator may
allocate memory from the area which was free'd by kmem_cache_free and
it will not call constructor. In this situation we may hit kernel oops.
dd if=<fw image> of=/proc/ppc64/rtas/firmware_flash bs=4096
oops message:
-------------
[ 1602.399755] Oops: Kernel access of bad area, sig: 11 [#1]
[ 1602.399772] SMP NR_CPUS=1024 NUMA pSeries
[ 1602.399779] Modules linked in: rtas_flash nfsd lockd auth_rpcgss nfs_acl sunrpc fuse loop dm_mod sg ipv6 ses enclosure ehea ehci_pci ohci_hcd ehci_hcd usbcore sd_mod usb_common crc_t10dif scsi_dh_alua scsi_dh_emc scsi_dh_hp_sw scsi_dh_rdac scsi_dh ipr libata scsi_mod
[ 1602.399817] NIP: d00000000a170b9c LR: d00000000a170b64 CTR: c00000000079cd58
[ 1602.399823] REGS: c0000003b9937930 TRAP: 0300 Not tainted (3.9.0-rc4-0.27-ppc64)
[ 1602.399828] MSR: 8000000000009032 <SF,EE,ME,IR,DR,RI> CR: 22000428 XER: 20000000
[ 1602.399841] SOFTE: 1
[ 1602.399844] CFAR: c000000000005f24
[ 1602.399848] DAR: 8c2625a820631fef, DSISR: 40000000
[ 1602.399852] TASK = c0000003b4520760[3655] 'dd' THREAD: c0000003b9934000 CPU: 3
GPR00: 8c2625a820631fe7 c0000003b9937bb0 d00000000a179f28 d00000000a171f08
GPR04: 0000000010040000 0000000000001000 c0000003b9937df0 c0000003b5fb2080
GPR08: c0000003b58f7200 d00000000a179f28 c0000003b40058d4 c00000000079cd58
GPR12: d00000000a171450 c000000007f40900 0000000000000005 0000000010178d20
GPR16: 00000000100cb9d8 000000000000001d 0000000000000000 000000001003ffff
GPR20: 0000000000000001 0000000000000000 00003fffa0b50d30 000000001001f010
GPR24: 0000000010020888 0000000010040000 d00000000a171f08 d00000000a172808
GPR28: 0000000000001000 0000000010040000 c0000003b4005880 8c2625a820631fe7
[ 1602.399924] NIP [d00000000a170b9c] .rtas_flash_write+0x7c/0x1e8 [rtas_flash]
[ 1602.399930] LR [d00000000a170b64] .rtas_flash_write+0x44/0x1e8 [rtas_flash]
[ 1602.399934] Call Trace:
[ 1602.399939] [c0000003b9937bb0] [d00000000a170b64] .rtas_flash_write+0x44/0x1e8 [rtas_flash] (unreliable)
[ 1602.399948] [c0000003b9937c60] [c000000000282830] .proc_reg_write+0x90/0xe0
[ 1602.399955] [c0000003b9937ce0] [c0000000001ff374] .vfs_write+0x114/0x238
[ 1602.399961] [c0000003b9937d80] [c0000000001ff5d8] .SyS_write+0x70/0xe8
[ 1602.399968] [c0000003b9937e30] [c000000000009cdc] syscall_exit+0x0/0xa0
[ 1602.399973] Instruction dump:
[ 1602.399977] eb698010 801b0028 2f80dcd6 419e00a4 2fbc0000 419e009c ebfb0030 2fbf0000
[ 1602.399989] 409e0010 480000d8 60000000 7c1f0378 <e81f0008> 2fa00000 409efff4 e81f0000
[ 1602.400012] ---[ end trace b4136d115dc31dac ]---
[ 1602.402178]
[ 1602.402185] Sending IPI to other CPUs
[ 1602.403329] IPI complete
This patch uses kmem_cache_zalloc() instead of kmem_cache_alloc() to
allocate memory, which makes sure memory is set to 0 before using.
Also removes rtas_block_ctor(), which is no longer required.
Signed-off-by: Vasant Hegde <hegdevasant@linux.vnet.ibm.com>
Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
2013-04-29 02:43:56 +08:00
|
|
|
p = kmem_cache_zalloc(flash_block_cache, GFP_KERNEL);
|
2005-04-17 06:20:36 +08:00
|
|
|
if (!p)
|
2013-04-13 07:48:49 +08:00
|
|
|
goto nomem;
|
2005-04-17 06:20:36 +08:00
|
|
|
|
|
|
|
if(copy_from_user(p, buffer, count)) {
|
2006-11-09 00:07:30 +08:00
|
|
|
kmem_cache_free(flash_block_cache, p);
|
2013-04-13 07:48:49 +08:00
|
|
|
rc = -EFAULT;
|
|
|
|
goto error;
|
2005-04-17 06:20:36 +08:00
|
|
|
}
|
|
|
|
fl->blocks[next_free].data = p;
|
|
|
|
fl->blocks[next_free].length = count;
|
|
|
|
fl->num_blocks++;
|
2013-04-13 07:48:49 +08:00
|
|
|
out:
|
|
|
|
mutex_unlock(&rtas_update_flash_mutex);
|
2005-04-17 06:20:36 +08:00
|
|
|
return count;
|
|
|
|
|
2013-04-13 07:48:49 +08:00
|
|
|
nomem:
|
|
|
|
rc = -ENOMEM;
|
|
|
|
error:
|
|
|
|
mutex_unlock(&rtas_update_flash_mutex);
|
|
|
|
return rc;
|
2005-04-17 06:20:36 +08:00
|
|
|
}
|
|
|
|
|
2013-04-13 07:48:49 +08:00
|
|
|
/*
|
|
|
|
* Flash management routines.
|
|
|
|
*/
|
|
|
|
static void manage_flash(struct rtas_manage_flash_t *args_buf, unsigned int op)
|
2005-04-17 06:20:36 +08:00
|
|
|
{
|
|
|
|
s32 rc;
|
|
|
|
|
2006-06-06 05:31:48 +08:00
|
|
|
do {
|
2013-04-13 07:48:49 +08:00
|
|
|
rc = rtas_call(rtas_token("ibm,manage-flash-image"), 1, 1,
|
|
|
|
NULL, op);
|
2006-06-06 05:31:48 +08:00
|
|
|
} while (rtas_busy_delay(rc));
|
2005-04-17 06:20:36 +08:00
|
|
|
|
|
|
|
args_buf->status = rc;
|
|
|
|
}
|
|
|
|
|
2005-04-27 02:26:53 +08:00
|
|
|
static ssize_t manage_flash_read(struct file *file, char __user *buf,
|
2005-04-17 06:20:36 +08:00
|
|
|
size_t count, loff_t *ppos)
|
|
|
|
{
|
2013-04-13 07:48:49 +08:00
|
|
|
struct rtas_manage_flash_t *const args_buf = &rtas_manage_flash_data;
|
2005-04-17 06:20:36 +08:00
|
|
|
char msg[RTAS_MSG_MAXLEN];
|
2013-04-13 07:48:49 +08:00
|
|
|
int msglen, status;
|
2005-04-17 06:20:36 +08:00
|
|
|
|
2013-04-13 07:48:49 +08:00
|
|
|
mutex_lock(&rtas_manage_flash_mutex);
|
|
|
|
status = args_buf->status;
|
|
|
|
mutex_unlock(&rtas_manage_flash_mutex);
|
2005-04-17 06:20:36 +08:00
|
|
|
|
2013-04-13 07:48:49 +08:00
|
|
|
msglen = sprintf(msg, "%d\n", status);
|
2010-12-25 04:03:59 +08:00
|
|
|
return simple_read_from_buffer(buf, count, ppos, msg, msglen);
|
2005-04-17 06:20:36 +08:00
|
|
|
}
|
|
|
|
|
2005-04-27 02:26:53 +08:00
|
|
|
static ssize_t manage_flash_write(struct file *file, const char __user *buf,
|
2005-04-17 06:20:36 +08:00
|
|
|
size_t count, loff_t *off)
|
|
|
|
{
|
2013-04-13 07:48:49 +08:00
|
|
|
struct rtas_manage_flash_t *const args_buf = &rtas_manage_flash_data;
|
|
|
|
static const char reject_str[] = "0";
|
|
|
|
static const char commit_str[] = "1";
|
2005-04-17 06:20:36 +08:00
|
|
|
char stkbuf[10];
|
2013-04-13 07:48:49 +08:00
|
|
|
int op, rc;
|
|
|
|
|
|
|
|
mutex_lock(&rtas_manage_flash_mutex);
|
2005-04-17 06:20:36 +08:00
|
|
|
|
|
|
|
if ((args_buf->status == MANAGE_AUTH) || (count == 0))
|
2013-04-13 07:48:49 +08:00
|
|
|
goto out;
|
2005-04-17 06:20:36 +08:00
|
|
|
|
|
|
|
op = -1;
|
|
|
|
if (buf) {
|
|
|
|
if (count > 9) count = 9;
|
2013-04-13 07:48:49 +08:00
|
|
|
rc = -EFAULT;
|
|
|
|
if (copy_from_user (stkbuf, buf, count))
|
|
|
|
goto error;
|
2005-04-17 06:20:36 +08:00
|
|
|
if (strncmp(stkbuf, reject_str, strlen(reject_str)) == 0)
|
|
|
|
op = RTAS_REJECT_TMP_IMG;
|
|
|
|
else if (strncmp(stkbuf, commit_str, strlen(commit_str)) == 0)
|
|
|
|
op = RTAS_COMMIT_TMP_IMG;
|
|
|
|
}
|
|
|
|
|
2013-04-13 07:48:49 +08:00
|
|
|
if (op == -1) { /* buf is empty, or contains invalid string */
|
|
|
|
rc = -EINVAL;
|
|
|
|
goto error;
|
|
|
|
}
|
2005-04-17 06:20:36 +08:00
|
|
|
|
2013-04-13 07:48:49 +08:00
|
|
|
manage_flash(args_buf, op);
|
|
|
|
out:
|
|
|
|
mutex_unlock(&rtas_manage_flash_mutex);
|
2005-04-17 06:20:36 +08:00
|
|
|
return count;
|
2013-04-13 07:48:49 +08:00
|
|
|
|
|
|
|
error:
|
|
|
|
mutex_unlock(&rtas_manage_flash_mutex);
|
|
|
|
return rc;
|
2005-04-17 06:20:36 +08:00
|
|
|
}
|
|
|
|
|
2013-04-13 07:48:49 +08:00
|
|
|
/*
|
|
|
|
* Validation routines.
|
|
|
|
*/
|
2005-04-17 06:20:36 +08:00
|
|
|
static void validate_flash(struct rtas_validate_flash_t *args_buf)
|
|
|
|
{
|
|
|
|
int token = rtas_token("ibm,validate-flash-image");
|
|
|
|
int update_results;
|
|
|
|
s32 rc;
|
|
|
|
|
|
|
|
rc = 0;
|
2006-06-06 05:31:48 +08:00
|
|
|
do {
|
2005-04-17 06:20:36 +08:00
|
|
|
spin_lock(&rtas_data_buf_lock);
|
|
|
|
memcpy(rtas_data_buf, args_buf->buf, VALIDATE_BUF_SIZE);
|
|
|
|
rc = rtas_call(token, 2, 2, &update_results,
|
|
|
|
(u32) __pa(rtas_data_buf), args_buf->buf_size);
|
|
|
|
memcpy(args_buf->buf, rtas_data_buf, VALIDATE_BUF_SIZE);
|
|
|
|
spin_unlock(&rtas_data_buf_lock);
|
2006-06-06 05:31:48 +08:00
|
|
|
} while (rtas_busy_delay(rc));
|
2005-04-17 06:20:36 +08:00
|
|
|
|
|
|
|
args_buf->status = rc;
|
|
|
|
args_buf->update_results = update_results;
|
|
|
|
}
|
|
|
|
|
|
|
|
static int get_validate_flash_msg(struct rtas_validate_flash_t *args_buf,
|
2013-05-08 00:54:47 +08:00
|
|
|
char *msg, int msglen)
|
2005-04-17 06:20:36 +08:00
|
|
|
{
|
|
|
|
int n;
|
|
|
|
|
|
|
|
if (args_buf->status >= VALIDATE_TMP_UPDATE) {
|
|
|
|
n = sprintf(msg, "%d\n", args_buf->update_results);
|
|
|
|
if ((args_buf->update_results >= VALIDATE_CUR_UNKNOWN) ||
|
|
|
|
(args_buf->update_results == VALIDATE_TMP_UPDATE))
|
2013-05-08 00:54:47 +08:00
|
|
|
n += snprintf(msg + n, msglen - n, "%s\n",
|
|
|
|
args_buf->buf);
|
2005-04-17 06:20:36 +08:00
|
|
|
} else {
|
|
|
|
n = sprintf(msg, "%d\n", args_buf->status);
|
|
|
|
}
|
|
|
|
return n;
|
|
|
|
}
|
|
|
|
|
2005-04-27 02:26:53 +08:00
|
|
|
static ssize_t validate_flash_read(struct file *file, char __user *buf,
|
2005-04-17 06:20:36 +08:00
|
|
|
size_t count, loff_t *ppos)
|
|
|
|
{
|
2013-04-13 07:48:49 +08:00
|
|
|
struct rtas_validate_flash_t *const args_buf =
|
|
|
|
&rtas_validate_flash_data;
|
2013-05-08 00:54:47 +08:00
|
|
|
char msg[VALIDATE_MSG_LEN];
|
2005-04-17 06:20:36 +08:00
|
|
|
int msglen;
|
|
|
|
|
2013-04-13 07:48:49 +08:00
|
|
|
mutex_lock(&rtas_validate_flash_mutex);
|
2013-05-08 00:54:47 +08:00
|
|
|
msglen = get_validate_flash_msg(args_buf, msg, VALIDATE_MSG_LEN);
|
2013-04-13 07:48:49 +08:00
|
|
|
mutex_unlock(&rtas_validate_flash_mutex);
|
2005-04-17 06:20:36 +08:00
|
|
|
|
2010-12-25 04:03:59 +08:00
|
|
|
return simple_read_from_buffer(buf, count, ppos, msg, msglen);
|
2005-04-17 06:20:36 +08:00
|
|
|
}
|
|
|
|
|
2005-04-27 02:26:53 +08:00
|
|
|
static ssize_t validate_flash_write(struct file *file, const char __user *buf,
|
2005-04-17 06:20:36 +08:00
|
|
|
size_t count, loff_t *off)
|
|
|
|
{
|
2013-04-13 07:48:49 +08:00
|
|
|
struct rtas_validate_flash_t *const args_buf =
|
|
|
|
&rtas_validate_flash_data;
|
2005-04-17 06:20:36 +08:00
|
|
|
int rc;
|
|
|
|
|
2013-04-13 07:48:49 +08:00
|
|
|
mutex_lock(&rtas_validate_flash_mutex);
|
2005-04-17 06:20:36 +08:00
|
|
|
|
|
|
|
/* We are only interested in the first 4K of the
|
|
|
|
* candidate image */
|
|
|
|
if ((*off >= VALIDATE_BUF_SIZE) ||
|
|
|
|
(args_buf->status == VALIDATE_AUTH)) {
|
|
|
|
*off += count;
|
2013-04-13 07:48:49 +08:00
|
|
|
mutex_unlock(&rtas_validate_flash_mutex);
|
2005-04-17 06:20:36 +08:00
|
|
|
return count;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (*off + count >= VALIDATE_BUF_SIZE) {
|
|
|
|
count = VALIDATE_BUF_SIZE - *off;
|
|
|
|
args_buf->status = VALIDATE_READY;
|
|
|
|
} else {
|
|
|
|
args_buf->status = VALIDATE_INCOMPLETE;
|
|
|
|
}
|
|
|
|
|
Remove 'type' argument from access_ok() function
Nobody has actually used the type (VERIFY_READ vs VERIFY_WRITE) argument
of the user address range verification function since we got rid of the
old racy i386-only code to walk page tables by hand.
It existed because the original 80386 would not honor the write protect
bit when in kernel mode, so you had to do COW by hand before doing any
user access. But we haven't supported that in a long time, and these
days the 'type' argument is a purely historical artifact.
A discussion about extending 'user_access_begin()' to do the range
checking resulted this patch, because there is no way we're going to
move the old VERIFY_xyz interface to that model. And it's best done at
the end of the merge window when I've done most of my merges, so let's
just get this done once and for all.
This patch was mostly done with a sed-script, with manual fix-ups for
the cases that weren't of the trivial 'access_ok(VERIFY_xyz' form.
There were a couple of notable cases:
- csky still had the old "verify_area()" name as an alias.
- the iter_iov code had magical hardcoded knowledge of the actual
values of VERIFY_{READ,WRITE} (not that they mattered, since nothing
really used it)
- microblaze used the type argument for a debug printout
but other than those oddities this should be a total no-op patch.
I tried to fix up all architectures, did fairly extensive grepping for
access_ok() uses, and the changes are trivial, but I may have missed
something. Any missed conversion should be trivially fixable, though.
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2019-01-04 10:57:57 +08:00
|
|
|
if (!access_ok(buf, count)) {
|
2005-04-17 06:20:36 +08:00
|
|
|
rc = -EFAULT;
|
|
|
|
goto done;
|
|
|
|
}
|
|
|
|
if (copy_from_user(args_buf->buf + *off, buf, count)) {
|
|
|
|
rc = -EFAULT;
|
|
|
|
goto done;
|
|
|
|
}
|
|
|
|
|
|
|
|
*off += count;
|
|
|
|
rc = count;
|
|
|
|
done:
|
2013-04-13 07:48:49 +08:00
|
|
|
mutex_unlock(&rtas_validate_flash_mutex);
|
2005-04-17 06:20:36 +08:00
|
|
|
return rc;
|
|
|
|
}
|
|
|
|
|
|
|
|
static int validate_flash_release(struct inode *inode, struct file *file)
|
|
|
|
{
|
2013-04-13 07:48:49 +08:00
|
|
|
struct rtas_validate_flash_t *const args_buf =
|
|
|
|
&rtas_validate_flash_data;
|
2005-04-17 06:20:36 +08:00
|
|
|
|
2013-04-13 07:48:49 +08:00
|
|
|
mutex_lock(&rtas_validate_flash_mutex);
|
2005-04-17 06:20:36 +08:00
|
|
|
|
|
|
|
if (args_buf->status == VALIDATE_READY) {
|
|
|
|
args_buf->buf_size = VALIDATE_BUF_SIZE;
|
|
|
|
validate_flash(args_buf);
|
|
|
|
}
|
|
|
|
|
2013-04-13 07:48:49 +08:00
|
|
|
mutex_unlock(&rtas_validate_flash_mutex);
|
2005-04-17 06:20:36 +08:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2013-04-13 07:48:49 +08:00
|
|
|
/*
|
|
|
|
* On-reboot flash update applicator.
|
|
|
|
*/
|
2005-11-03 11:41:19 +08:00
|
|
|
static void rtas_flash_firmware(int reboot_type)
|
|
|
|
{
|
|
|
|
unsigned long image_size;
|
|
|
|
struct flash_block_list *f, *next, *flist;
|
|
|
|
unsigned long rtas_block_list;
|
|
|
|
int i, status, update_token;
|
|
|
|
|
2010-06-12 11:48:47 +08:00
|
|
|
if (rtas_firmware_flash_list == NULL)
|
2005-11-03 11:41:19 +08:00
|
|
|
return; /* nothing to do */
|
|
|
|
|
|
|
|
if (reboot_type != SYS_RESTART) {
|
|
|
|
printk(KERN_ALERT "FLASH: firmware flash requires a reboot\n");
|
|
|
|
printk(KERN_ALERT "FLASH: the firmware image will NOT be flashed\n");
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
update_token = rtas_token("ibm,update-flash-64-and-reboot");
|
|
|
|
if (update_token == RTAS_UNKNOWN_SERVICE) {
|
|
|
|
printk(KERN_ALERT "FLASH: ibm,update-flash-64-and-reboot "
|
|
|
|
"is not available -- not a service partition?\n");
|
|
|
|
printk(KERN_ALERT "FLASH: firmware will not be flashed\n");
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2011-10-04 05:49:53 +08:00
|
|
|
/*
|
|
|
|
* Just before starting the firmware flash, cancel the event scan work
|
|
|
|
* to avoid any soft lockup issues.
|
|
|
|
*/
|
|
|
|
rtas_cancel_event_scan();
|
|
|
|
|
2010-06-12 11:48:47 +08:00
|
|
|
/*
|
|
|
|
* NOTE: the "first" block must be under 4GB, so we create
|
|
|
|
* an entry with no data blocks in the reserved buffer in
|
|
|
|
* the kernel data segment.
|
2005-11-03 11:41:19 +08:00
|
|
|
*/
|
2010-06-12 11:48:47 +08:00
|
|
|
spin_lock(&rtas_data_buf_lock);
|
|
|
|
flist = (struct flash_block_list *)&rtas_data_buf[0];
|
|
|
|
flist->num_blocks = 0;
|
|
|
|
flist->next = rtas_firmware_flash_list;
|
2012-07-26 05:19:56 +08:00
|
|
|
rtas_block_list = __pa(flist);
|
2005-11-03 11:41:19 +08:00
|
|
|
if (rtas_block_list >= 4UL*1024*1024*1024) {
|
|
|
|
printk(KERN_ALERT "FLASH: kernel bug...flash list header addr above 4GB\n");
|
2010-06-12 11:48:47 +08:00
|
|
|
spin_unlock(&rtas_data_buf_lock);
|
2005-11-03 11:41:19 +08:00
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
printk(KERN_ALERT "FLASH: preparing saved firmware image for flash\n");
|
|
|
|
/* Update the block_list in place. */
|
2010-06-12 11:48:47 +08:00
|
|
|
rtas_firmware_flash_list = NULL; /* too hard to backout on error */
|
2005-11-03 11:41:19 +08:00
|
|
|
image_size = 0;
|
|
|
|
for (f = flist; f; f = next) {
|
|
|
|
/* Translate data addrs to absolute */
|
|
|
|
for (i = 0; i < f->num_blocks; i++) {
|
2014-07-26 01:47:42 +08:00
|
|
|
f->blocks[i].data = (char *)cpu_to_be64(__pa(f->blocks[i].data));
|
2005-11-03 11:41:19 +08:00
|
|
|
image_size += f->blocks[i].length;
|
2014-07-26 01:47:42 +08:00
|
|
|
f->blocks[i].length = cpu_to_be64(f->blocks[i].length);
|
2005-11-03 11:41:19 +08:00
|
|
|
}
|
|
|
|
next = f->next;
|
|
|
|
/* Don't translate NULL pointer for last entry */
|
|
|
|
if (f->next)
|
2014-07-26 01:47:42 +08:00
|
|
|
f->next = (struct flash_block_list *)cpu_to_be64(__pa(f->next));
|
2005-11-03 11:41:19 +08:00
|
|
|
else
|
|
|
|
f->next = NULL;
|
|
|
|
/* make num_blocks into the version/length field */
|
|
|
|
f->num_blocks = (FLASH_BLOCK_LIST_VERSION << 56) | ((f->num_blocks+1)*16);
|
2014-07-26 01:47:42 +08:00
|
|
|
f->num_blocks = cpu_to_be64(f->num_blocks);
|
2005-11-03 11:41:19 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
printk(KERN_ALERT "FLASH: flash image is %ld bytes\n", image_size);
|
|
|
|
printk(KERN_ALERT "FLASH: performing flash and reboot\n");
|
|
|
|
rtas_progress("Flashing \n", 0x0);
|
|
|
|
rtas_progress("Please Wait... ", 0x0);
|
|
|
|
printk(KERN_ALERT "FLASH: this will take several minutes. Do not power off!\n");
|
|
|
|
status = rtas_call(update_token, 1, 1, NULL, rtas_block_list);
|
|
|
|
switch (status) { /* should only get "bad" status */
|
|
|
|
case 0:
|
|
|
|
printk(KERN_ALERT "FLASH: success\n");
|
|
|
|
break;
|
|
|
|
case -1:
|
|
|
|
printk(KERN_ALERT "FLASH: hardware error. Firmware may not be not flashed\n");
|
|
|
|
break;
|
|
|
|
case -3:
|
|
|
|
printk(KERN_ALERT "FLASH: image is corrupt or not correct for this platform. Firmware not flashed\n");
|
|
|
|
break;
|
|
|
|
case -4:
|
|
|
|
printk(KERN_ALERT "FLASH: flash failed when partially complete. System may not reboot\n");
|
|
|
|
break;
|
|
|
|
default:
|
|
|
|
printk(KERN_ALERT "FLASH: unknown flash return code %d\n", status);
|
|
|
|
break;
|
|
|
|
}
|
2010-06-12 11:48:47 +08:00
|
|
|
spin_unlock(&rtas_data_buf_lock);
|
2005-11-03 11:41:19 +08:00
|
|
|
}
|
|
|
|
|
2013-04-13 07:48:49 +08:00
|
|
|
/*
|
|
|
|
* Manifest of proc files to create
|
|
|
|
*/
|
|
|
|
struct rtas_flash_file {
|
|
|
|
const char *filename;
|
|
|
|
const char *rtas_call_name;
|
2005-04-17 06:20:36 +08:00
|
|
|
int *status;
|
2013-04-13 07:48:49 +08:00
|
|
|
const struct file_operations fops;
|
2005-04-17 06:20:36 +08:00
|
|
|
};
|
|
|
|
|
2013-04-13 07:48:49 +08:00
|
|
|
static const struct rtas_flash_file rtas_flash_files[] = {
|
|
|
|
{
|
|
|
|
.filename = "powerpc/rtas/" FIRMWARE_FLASH_NAME,
|
|
|
|
.rtas_call_name = "ibm,update-flash-64-and-reboot",
|
|
|
|
.status = &rtas_update_flash_data.status,
|
|
|
|
.fops.read = rtas_flash_read_msg,
|
|
|
|
.fops.write = rtas_flash_write,
|
|
|
|
.fops.release = rtas_flash_release,
|
|
|
|
.fops.llseek = default_llseek,
|
|
|
|
},
|
|
|
|
{
|
|
|
|
.filename = "powerpc/rtas/" FIRMWARE_UPDATE_NAME,
|
|
|
|
.rtas_call_name = "ibm,update-flash-64-and-reboot",
|
|
|
|
.status = &rtas_update_flash_data.status,
|
|
|
|
.fops.read = rtas_flash_read_num,
|
|
|
|
.fops.write = rtas_flash_write,
|
|
|
|
.fops.release = rtas_flash_release,
|
|
|
|
.fops.llseek = default_llseek,
|
|
|
|
},
|
|
|
|
{
|
|
|
|
.filename = "powerpc/rtas/" VALIDATE_FLASH_NAME,
|
|
|
|
.rtas_call_name = "ibm,validate-flash-image",
|
|
|
|
.status = &rtas_validate_flash_data.status,
|
|
|
|
.fops.read = validate_flash_read,
|
|
|
|
.fops.write = validate_flash_write,
|
|
|
|
.fops.release = validate_flash_release,
|
|
|
|
.fops.llseek = default_llseek,
|
|
|
|
},
|
|
|
|
{
|
|
|
|
.filename = "powerpc/rtas/" MANAGE_FLASH_NAME,
|
|
|
|
.rtas_call_name = "ibm,manage-flash-image",
|
|
|
|
.status = &rtas_manage_flash_data.status,
|
|
|
|
.fops.read = manage_flash_read,
|
|
|
|
.fops.write = manage_flash_write,
|
|
|
|
.fops.llseek = default_llseek,
|
|
|
|
}
|
2005-04-17 06:20:36 +08:00
|
|
|
};
|
|
|
|
|
2008-05-08 12:27:19 +08:00
|
|
|
static int __init rtas_flash_init(void)
|
2005-04-17 06:20:36 +08:00
|
|
|
{
|
2013-04-13 07:48:49 +08:00
|
|
|
int i;
|
2005-04-17 06:20:36 +08:00
|
|
|
|
|
|
|
if (rtas_token("ibm,update-flash-64-and-reboot") ==
|
|
|
|
RTAS_UNKNOWN_SERVICE) {
|
2012-07-23 04:42:32 +08:00
|
|
|
pr_info("rtas_flash: no firmware flash support\n");
|
2014-04-14 19:23:32 +08:00
|
|
|
return -EINVAL;
|
2005-04-17 06:20:36 +08:00
|
|
|
}
|
|
|
|
|
2013-04-13 07:48:49 +08:00
|
|
|
rtas_validate_flash_data.buf = kzalloc(VALIDATE_BUF_SIZE, GFP_KERNEL);
|
|
|
|
if (!rtas_validate_flash_data.buf)
|
|
|
|
return -ENOMEM;
|
2005-04-17 06:20:36 +08:00
|
|
|
|
2013-04-13 07:48:49 +08:00
|
|
|
flash_block_cache = kmem_cache_create("rtas_flash_cache",
|
|
|
|
RTAS_BLK_SIZE, RTAS_BLK_SIZE, 0,
|
2013-05-03 01:16:16 +08:00
|
|
|
NULL);
|
2013-04-13 07:48:49 +08:00
|
|
|
if (!flash_block_cache) {
|
|
|
|
printk(KERN_ERR "%s: failed to create block cache\n",
|
|
|
|
__func__);
|
|
|
|
goto enomem_buf;
|
2005-04-17 06:20:36 +08:00
|
|
|
}
|
|
|
|
|
2013-04-13 07:48:49 +08:00
|
|
|
for (i = 0; i < ARRAY_SIZE(rtas_flash_files); i++) {
|
|
|
|
const struct rtas_flash_file *f = &rtas_flash_files[i];
|
|
|
|
int token;
|
2005-04-17 06:20:36 +08:00
|
|
|
|
2017-01-12 11:54:13 +08:00
|
|
|
if (!proc_create(f->filename, 0600, NULL, &f->fops))
|
2013-04-13 07:48:49 +08:00
|
|
|
goto enomem;
|
2005-04-17 06:20:36 +08:00
|
|
|
|
2013-04-13 07:48:49 +08:00
|
|
|
/*
|
|
|
|
* This code assumes that the status int is the first member of the
|
|
|
|
* struct
|
|
|
|
*/
|
|
|
|
token = rtas_token(f->rtas_call_name);
|
|
|
|
if (token == RTAS_UNKNOWN_SERVICE)
|
|
|
|
*f->status = FLASH_AUTH;
|
|
|
|
else
|
|
|
|
*f->status = FLASH_NO_OP;
|
|
|
|
}
|
2005-04-17 06:20:36 +08:00
|
|
|
|
2005-11-03 11:41:19 +08:00
|
|
|
rtas_flash_term_hook = rtas_flash_firmware;
|
2005-04-17 06:20:36 +08:00
|
|
|
return 0;
|
|
|
|
|
2013-04-13 07:48:49 +08:00
|
|
|
enomem:
|
|
|
|
while (--i >= 0) {
|
|
|
|
const struct rtas_flash_file *f = &rtas_flash_files[i];
|
|
|
|
remove_proc_entry(f->filename, NULL);
|
|
|
|
}
|
2005-04-17 06:20:36 +08:00
|
|
|
|
2013-04-13 07:48:49 +08:00
|
|
|
kmem_cache_destroy(flash_block_cache);
|
|
|
|
enomem_buf:
|
|
|
|
kfree(rtas_validate_flash_data.buf);
|
|
|
|
return -ENOMEM;
|
2005-04-17 06:20:36 +08:00
|
|
|
}
|
|
|
|
|
2008-05-08 12:27:19 +08:00
|
|
|
static void __exit rtas_flash_cleanup(void)
|
2005-04-17 06:20:36 +08:00
|
|
|
{
|
2013-04-13 07:48:49 +08:00
|
|
|
int i;
|
|
|
|
|
2005-11-03 11:41:19 +08:00
|
|
|
rtas_flash_term_hook = NULL;
|
2006-11-09 00:07:30 +08:00
|
|
|
|
2013-02-08 09:18:36 +08:00
|
|
|
if (rtas_firmware_flash_list) {
|
|
|
|
free_flash_list(rtas_firmware_flash_list);
|
|
|
|
rtas_firmware_flash_list = NULL;
|
|
|
|
}
|
|
|
|
|
2013-04-13 07:48:49 +08:00
|
|
|
for (i = 0; i < ARRAY_SIZE(rtas_flash_files); i++) {
|
|
|
|
const struct rtas_flash_file *f = &rtas_flash_files[i];
|
|
|
|
remove_proc_entry(f->filename, NULL);
|
|
|
|
}
|
2006-11-09 00:07:30 +08:00
|
|
|
|
2013-04-13 07:48:49 +08:00
|
|
|
kmem_cache_destroy(flash_block_cache);
|
|
|
|
kfree(rtas_validate_flash_data.buf);
|
2005-04-17 06:20:36 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
module_init(rtas_flash_init);
|
|
|
|
module_exit(rtas_flash_cleanup);
|
|
|
|
MODULE_LICENSE("GPL");
|