intel-m10-bmc-sec-update.c source code [linux/drivers/fpga/intel-m10-bmc-sec-update.c]

1	// SPDX-License-Identifier: GPL-2.0
2	/*
3	* Intel MAX10 Board Management Controller Secure Update Driver
4	*
5	* Copyright (C) 2019-2022 Intel Corporation. All rights reserved.
6	*
7	*/
8	#include <linux/bitfield.h>
9	#include <linux/device.h>
10	#include <linux/firmware.h>
11	#include <linux/mfd/intel-m10-bmc.h>
12	#include <linux/mod_devicetable.h>
13	#include <linux/module.h>
14	#include <linux/platform_device.h>
15	#include <linux/slab.h>
16
17	struct m10bmc_sec;
18
19	struct m10bmc_sec_ops {
20	int (rsu_status)(struct* m10bmc_sec *sec);
21	};
22
23	struct m10bmc_sec {
24	struct device *dev;
25	struct intel_m10bmc *m10bmc;
26	struct fw_upload *fwl;
27	char *fw_name;
28	u32 fw_name_id;
29	bool cancel_request;
30	const struct m10bmc_sec_ops *ops;
31	};
32
33	static DEFINE_XARRAY_ALLOC(fw_upload_xa);
34
35	/ Root Entry Hash (REH) support /
36	#define REH_SHA256_SIZE 32
37	#define REH_SHA384_SIZE 48
38	#define REH_MAGIC GENMASK(15, 0)
39	#define REH_SHA_NUM_BYTES GENMASK(31, 16)
40
41	static int m10bmc_sec_write(struct m10bmc_sec sec, const* u8 *buf, u32 offset, u32 size)
42	{
43	struct intel_m10bmc *m10bmc = sec->m10bmc;
44	unsigned int stride = regmap_get_reg_stride(map: m10bmc->regmap);
45	u32 write_count = size / stride;
46	u32 leftover_offset = write_count * stride;
47	u32 leftover_size = size - leftover_offset;
48	u32 leftover_tmp = `0`;
49	int ret;
50
51	if (sec->m10bmc->flash_bulk_ops)
52	return sec->m10bmc->flash_bulk_ops->write(m10bmc, buf, offset, size);
53
54	if (WARN_ON_ONCE(stride > sizeof(leftover_tmp)))
55	return -EINVAL;
56
57	ret = regmap_bulk_write(map: m10bmc->regmap, M10BMC_STAGING_BASE + offset,
58	val: buf + offset, val_count: write_count);
59	if (ret)
60	return ret;
61
62	/ If size is not aligned to stride, handle the remainder bytes with regmap_write() /
63	if (leftover_size) {
64	memcpy(&leftover_tmp, buf + leftover_offset, leftover_size);
65	ret = regmap_write(map: m10bmc->regmap, M10BMC_STAGING_BASE + offset + leftover_offset,
66	val: leftover_tmp);
67	if (ret)
68	return ret;
69	}
70
71	return `0`;
72	}
73
74	static int m10bmc_sec_read(struct m10bmc_sec sec, u8 buf, u32 addr, u32 size)
75	{
76	struct intel_m10bmc *m10bmc = sec->m10bmc;
77	unsigned int stride = regmap_get_reg_stride(map: m10bmc->regmap);
78	u32 read_count = size / stride;
79	u32 leftover_offset = read_count * stride;
80	u32 leftover_size = size - leftover_offset;
81	u32 leftover_tmp;
82	int ret;
83
84	if (sec->m10bmc->flash_bulk_ops)
85	return sec->m10bmc->flash_bulk_ops->read(m10bmc, buf, addr, size);
86
87	if (WARN_ON_ONCE(stride > sizeof(leftover_tmp)))
88	return -EINVAL;
89
90	ret = regmap_bulk_read(map: m10bmc->regmap, reg: addr, val: buf, val_count: read_count);
91	if (ret)
92	return ret;
93
94	/ If size is not aligned to stride, handle the remainder bytes with regmap_read() /
95	if (leftover_size) {
96	ret = regmap_read(map: m10bmc->regmap, reg: addr + leftover_offset, val: &leftover_tmp);
97	if (ret)
98	return ret;
99	memcpy(buf + leftover_offset, &leftover_tmp, leftover_size);
100	}
101
102	return `0`;
103	}
104
105
106	static ssize_t
107	show_root_entry_hash(struct device *dev, u32 exp_magic,
108	u32 prog_addr, u32 reh_addr, char *buf)
109	{
110	struct m10bmc_sec *sec = dev_get_drvdata(dev);
111	int sha_num_bytes, i, ret, cnt = `0`;
112	u8 hash[REH_SHA384_SIZE];
113	u32 magic;
114
115	ret = m10bmc_sec_read(sec, buf: (u8 )&magic, addr: prog_addr, size: sizeof*(magic));
116	if (ret)
117	return ret;
118
119	if (FIELD_GET(REH_MAGIC, magic) != exp_magic)
120	return sysfs_emit(buf, fmt: "hash not programmed\n");
121
122	sha_num_bytes = FIELD_GET(REH_SHA_NUM_BYTES, magic) / `8`;
123	if (sha_num_bytes != REH_SHA256_SIZE &&
124	sha_num_bytes != REH_SHA384_SIZE) {
125	dev_err(sec->dev, "%s bad sha num bytes %d\n", __func__,
126	sha_num_bytes);
127	return -EINVAL;
128	}
129
130	ret = m10bmc_sec_read(sec, buf: hash, addr: reh_addr, size: sha_num_bytes);
131	if (ret) {
132	dev_err(dev, "failed to read root entry hash\n");
133	return ret;
134	}
135
136	for (i = `0`; i < sha_num_bytes; i++)
137	cnt += sprintf(buf: buf + cnt, fmt: "%02x", hash[i]);
138	cnt += sprintf(buf: buf + cnt, fmt: "\n");
139
140	return cnt;
141	}
142
143	#define DEVICE_ATTR_SEC_REH_RO(_name) \
144	static ssize_t _name##_root_entry_hash_show(struct device *dev, \
145	struct device_attribute *attr, \
146	char *buf) \
147	{ \
148	struct m10bmc_sec *sec = dev_get_drvdata(dev); \
149	const struct m10bmc_csr_map *csr_map = sec->m10bmc->info->csr_map; \
150	\
151	return show_root_entry_hash(dev, csr_map->_name##_magic, \
152	csr_map->_name##_prog_addr, \
153	csr_map->_name##_reh_addr, \
154	buf); \
155	} \
156	static DEVICE_ATTR_RO(_name##_root_entry_hash)
157
158	DEVICE_ATTR_SEC_REH_RO(bmc);
159	DEVICE_ATTR_SEC_REH_RO(sr);
160	DEVICE_ATTR_SEC_REH_RO(pr);
161
162	#define CSK_BIT_LEN 128U
163	#define CSK_32ARRAY_SIZE DIV_ROUND_UP(CSK_BIT_LEN, 32)
164
165	static ssize_t
166	show_canceled_csk(struct device dev, u32 addr, char* *buf)
167	{
168	unsigned int i, size = CSK_32ARRAY_SIZE * sizeof(u32);
169	struct m10bmc_sec *sec = dev_get_drvdata(dev);
170	DECLARE_BITMAP(csk_map, CSK_BIT_LEN);
171	__le32 csk_le32[CSK_32ARRAY_SIZE];
172	u32 csk32[CSK_32ARRAY_SIZE];
173	int ret;
174
175	ret = m10bmc_sec_read(sec, buf: (u8 *)&csk_le32, addr, size);
176	if (ret) {
177	dev_err(sec->dev, "failed to read CSK vector\n");
178	return ret;
179	}
180
181	for (i = `0`; i < CSK_32ARRAY_SIZE; i++)
182	csk32[i] = le32_to_cpu(((csk_le32[i])));
183
184	bitmap_from_arr32(bitmap: csk_map, buf: csk32, CSK_BIT_LEN);
185	bitmap_complement(dst: csk_map, src: csk_map, CSK_BIT_LEN);
186	return bitmap_print_to_pagebuf(list: `1`, buf, maskp: csk_map, CSK_BIT_LEN);
187	}
188
189	#define DEVICE_ATTR_SEC_CSK_RO(_name) \
190	static ssize_t _name##_canceled_csks_show(struct device *dev, \
191	struct device_attribute *attr, \
192	char *buf) \
193	{ \
194	struct m10bmc_sec *sec = dev_get_drvdata(dev); \
195	const struct m10bmc_csr_map *csr_map = sec->m10bmc->info->csr_map; \
196	\
197	return show_canceled_csk(dev, \
198	csr_map->_name##_prog_addr + CSK_VEC_OFFSET, \
199	buf); \
200	} \
201	static DEVICE_ATTR_RO(_name##_canceled_csks)
202
203	#define CSK_VEC_OFFSET 0x34
204
205	DEVICE_ATTR_SEC_CSK_RO(bmc);
206	DEVICE_ATTR_SEC_CSK_RO(sr);
207	DEVICE_ATTR_SEC_CSK_RO(pr);
208
209	#define FLASH_COUNT_SIZE 4096 /* count stored as inverted bit vector */
210
211	static ssize_t flash_count_show(struct device *dev,
212	struct device_attribute attr, char* *buf)
213	{
214	struct m10bmc_sec *sec = dev_get_drvdata(dev);
215	const struct m10bmc_csr_map *csr_map = sec->m10bmc->info->csr_map;
216	unsigned int num_bits;
217	u8 *flash_buf;
218	int cnt, ret;
219
220	num_bits = FLASH_COUNT_SIZE * `8`;
221
222	flash_buf = kmalloc(FLASH_COUNT_SIZE, GFP_KERNEL);
223	if (!flash_buf)
224	return -ENOMEM;
225
226	ret = m10bmc_sec_read(sec, buf: flash_buf, addr: csr_map->rsu_update_counter,
227	FLASH_COUNT_SIZE);
228	if (ret) {
229	dev_err(sec->dev, "failed to read flash count\n");
230	goto exit_free;
231	}
232	cnt = num_bits - bitmap_weight(src: (unsigned long *)flash_buf, nbits: num_bits);
233
234	exit_free:
235	kfree(objp: flash_buf);
236
237	return ret ? : sysfs_emit(buf, fmt: "%u\n", cnt);
238	}
239	static DEVICE_ATTR_RO(flash_count);
240
241	static struct attribute *m10bmc_security_attrs[] = {
242	&dev_attr_flash_count.attr,
243	&dev_attr_bmc_root_entry_hash.attr,
244	&dev_attr_sr_root_entry_hash.attr,
245	&dev_attr_pr_root_entry_hash.attr,
246	&dev_attr_sr_canceled_csks.attr,
247	&dev_attr_pr_canceled_csks.attr,
248	&dev_attr_bmc_canceled_csks.attr,
249	NULL,
250	};
251
252	static struct attribute_group m10bmc_security_attr_group = {
253	.name = "security",
254	.attrs = m10bmc_security_attrs,
255	};
256
257	static const struct attribute_group *m10bmc_sec_attr_groups[] = {
258	&m10bmc_security_attr_group,
259	NULL,
260	};
261
262	static void log_error_regs(struct m10bmc_sec *sec, u32 doorbell)
263	{
264	const struct m10bmc_csr_map *csr_map = sec->m10bmc->info->csr_map;
265	u32 auth_result;
266
267	dev_err(sec->dev, "Doorbell: 0x%08x\n", doorbell);
268
269	if (!m10bmc_sys_read(m10bmc: sec->m10bmc, offset: csr_map->auth_result, val: &auth_result))
270	dev_err(sec->dev, "RSU auth result: 0x%08x\n", auth_result);
271	}
272
273	static int m10bmc_sec_n3000_rsu_status(struct m10bmc_sec *sec)
274	{
275	const struct m10bmc_csr_map *csr_map = sec->m10bmc->info->csr_map;
276	u32 doorbell;
277	int ret;
278
279	ret = m10bmc_sys_read(m10bmc: sec->m10bmc, offset: csr_map->doorbell, val: &doorbell);
280	if (ret)
281	return ret;
282
283	return FIELD_GET(DRBL_RSU_STATUS, doorbell);
284	}
285
286	static int m10bmc_sec_n6000_rsu_status(struct m10bmc_sec *sec)
287	{
288	const struct m10bmc_csr_map *csr_map = sec->m10bmc->info->csr_map;
289	u32 auth_result;
290	int ret;
291
292	ret = m10bmc_sys_read(m10bmc: sec->m10bmc, offset: csr_map->auth_result, val: &auth_result);
293	if (ret)
294	return ret;
295
296	return FIELD_GET(AUTH_RESULT_RSU_STATUS, auth_result);
297	}
298
299	static bool rsu_status_ok(u32 status)
300	{
301	return (status == RSU_STAT_NORMAL \|\|
302	status == RSU_STAT_NIOS_OK \|\|
303	status == RSU_STAT_USER_OK \|\|
304	status == RSU_STAT_FACTORY_OK);
305	}
306
307	static bool rsu_progress_done(u32 progress)
308	{
309	return (progress == RSU_PROG_IDLE \|\|
310	progress == RSU_PROG_RSU_DONE);
311	}
312
313	static bool rsu_progress_busy(u32 progress)
314	{
315	return (progress == RSU_PROG_AUTHENTICATING \|\|
316	progress == RSU_PROG_COPYING \|\|
317	progress == RSU_PROG_UPDATE_CANCEL \|\|
318	progress == RSU_PROG_PROGRAM_KEY_HASH);
319	}
320
321	static int m10bmc_sec_progress_status(struct m10bmc_sec sec, u32 doorbell_reg,
322	u32 progress, u32 status)
323	{
324	const struct m10bmc_csr_map *csr_map = sec->m10bmc->info->csr_map;
325	int ret;
326
327	ret = m10bmc_sys_read(m10bmc: sec->m10bmc, offset: csr_map->doorbell, val: doorbell_reg);
328	if (ret)
329	return ret;
330
331	ret = sec->ops->rsu_status(sec);
332	if (ret < `0`)
333	return ret;
334
335	*status = ret;
336	progress = rsu_prog(doorbell_reg);
337
338	return `0`;
339	}
340
341	static enum fw_upload_err rsu_check_idle(struct m10bmc_sec *sec)
342	{
343	const struct m10bmc_csr_map *csr_map = sec->m10bmc->info->csr_map;
344	u32 doorbell;
345	int ret;
346
347	ret = m10bmc_sys_read(m10bmc: sec->m10bmc, offset: csr_map->doorbell, val: &doorbell);
348	if (ret)
349	return FW_UPLOAD_ERR_RW_ERROR;
350
351	if (!rsu_progress_done(rsu_prog(doorbell))) {
352	log_error_regs(sec, doorbell);
353	return FW_UPLOAD_ERR_BUSY;
354	}
355
356	return FW_UPLOAD_ERR_NONE;
357	}
358
359	static inline bool rsu_start_done(u32 doorbell_reg, u32 progress, u32 status)
360	{
361	if (doorbell_reg & DRBL_RSU_REQUEST)
362	return false;
363
364	if (status == RSU_STAT_ERASE_FAIL \|\| status == RSU_STAT_WEAROUT)
365	return true;
366
367	if (!rsu_progress_done(progress))
368	return true;
369
370	return false;
371	}
372
373	static enum fw_upload_err rsu_update_init(struct m10bmc_sec *sec)
374	{
375	const struct m10bmc_csr_map *csr_map = sec->m10bmc->info->csr_map;
376	u32 doorbell_reg, progress, status;
377	int ret, err;
378
379	ret = m10bmc_sys_update_bits(m10bmc: sec->m10bmc, offset: csr_map->doorbell,
380	DRBL_RSU_REQUEST \| DRBL_HOST_STATUS,
381	DRBL_RSU_REQUEST \|
382	FIELD_PREP(DRBL_HOST_STATUS,
383	HOST_STATUS_IDLE));
384	if (ret)
385	return FW_UPLOAD_ERR_RW_ERROR;
386
387	ret = read_poll_timeout(m10bmc_sec_progress_status, err,
388	err < `0` \|\| rsu_start_done(doorbell_reg, progress, status),
389	NIOS_HANDSHAKE_INTERVAL_US,
390	NIOS_HANDSHAKE_TIMEOUT_US,
391	false,
392	sec, &doorbell_reg, &progress, &status);
393
394	if (ret == -ETIMEDOUT) {
395	log_error_regs(sec, doorbell: doorbell_reg);
396	return FW_UPLOAD_ERR_TIMEOUT;
397	} else if (err) {
398	return FW_UPLOAD_ERR_RW_ERROR;
399	}
400
401	if (status == RSU_STAT_WEAROUT) {
402	dev_warn(sec->dev, "Excessive flash update count detected\n");
403	return FW_UPLOAD_ERR_WEAROUT;
404	} else if (status == RSU_STAT_ERASE_FAIL) {
405	log_error_regs(sec, doorbell: doorbell_reg);
406	return FW_UPLOAD_ERR_HW_ERROR;
407	}
408
409	return FW_UPLOAD_ERR_NONE;
410	}
411
412	static enum fw_upload_err rsu_prog_ready(struct m10bmc_sec *sec)
413	{
414	const struct m10bmc_csr_map *csr_map = sec->m10bmc->info->csr_map;
415	unsigned long poll_timeout;
416	u32 doorbell, progress;
417	int ret;
418
419	ret = m10bmc_sys_read(m10bmc: sec->m10bmc, offset: csr_map->doorbell, val: &doorbell);
420	if (ret)
421	return FW_UPLOAD_ERR_RW_ERROR;
422
423	poll_timeout = jiffies + msecs_to_jiffies(RSU_PREP_TIMEOUT_MS);
424	while (rsu_prog(doorbell) == RSU_PROG_PREPARE) {
425	msleep(RSU_PREP_INTERVAL_MS);
426	if (time_after(jiffies, poll_timeout))
427	break;
428
429	ret = m10bmc_sys_read(m10bmc: sec->m10bmc, offset: csr_map->doorbell, val: &doorbell);
430	if (ret)
431	return FW_UPLOAD_ERR_RW_ERROR;
432	}
433
434	progress = rsu_prog(doorbell);
435	if (progress == RSU_PROG_PREPARE) {
436	log_error_regs(sec, doorbell);
437	return FW_UPLOAD_ERR_TIMEOUT;
438	} else if (progress != RSU_PROG_READY) {
439	log_error_regs(sec, doorbell);
440	return FW_UPLOAD_ERR_HW_ERROR;
441	}
442
443	return FW_UPLOAD_ERR_NONE;
444	}
445
446	static enum fw_upload_err rsu_send_data(struct m10bmc_sec *sec)
447	{
448	const struct m10bmc_csr_map *csr_map = sec->m10bmc->info->csr_map;
449	u32 doorbell_reg, status;
450	int ret;
451
452	ret = m10bmc_sys_update_bits(m10bmc: sec->m10bmc, offset: csr_map->doorbell,
453	DRBL_HOST_STATUS,
454	FIELD_PREP(DRBL_HOST_STATUS,
455	HOST_STATUS_WRITE_DONE));
456	if (ret)
457	return FW_UPLOAD_ERR_RW_ERROR;
458
459	ret = regmap_read_poll_timeout(sec->m10bmc->regmap,
460	csr_map->base + csr_map->doorbell,
461	doorbell_reg,
462	rsu_prog(doorbell_reg) != RSU_PROG_READY,
463	NIOS_HANDSHAKE_INTERVAL_US,
464	NIOS_HANDSHAKE_TIMEOUT_US);
465
466	if (ret == -ETIMEDOUT) {
467	log_error_regs(sec, doorbell: doorbell_reg);
468	return FW_UPLOAD_ERR_TIMEOUT;
469	} else if (ret) {
470	return FW_UPLOAD_ERR_RW_ERROR;
471	}
472
473	ret = sec->ops->rsu_status(sec);
474	if (ret < `0`)
475	return FW_UPLOAD_ERR_HW_ERROR;
476	status = ret;
477
478	if (!rsu_status_ok(status)) {
479	log_error_regs(sec, doorbell: doorbell_reg);
480	return FW_UPLOAD_ERR_HW_ERROR;
481	}
482
483	return FW_UPLOAD_ERR_NONE;
484	}
485
486	static int rsu_check_complete(struct m10bmc_sec sec, u32 doorbell_reg)
487	{
488	u32 progress, status;
489
490	if (m10bmc_sec_progress_status(sec, doorbell_reg, progress: &progress, status: &status))
491	return -EIO;
492
493	if (!rsu_status_ok(status))
494	return -EINVAL;
495
496	if (rsu_progress_done(progress))
497	return `0`;
498
499	if (rsu_progress_busy(progress))
500	return -EAGAIN;
501
502	return -EINVAL;
503	}
504
505	static enum fw_upload_err rsu_cancel(struct m10bmc_sec *sec)
506	{
507	const struct m10bmc_csr_map *csr_map = sec->m10bmc->info->csr_map;
508	u32 doorbell;
509	int ret;
510
511	ret = m10bmc_sys_read(m10bmc: sec->m10bmc, offset: csr_map->doorbell, val: &doorbell);
512	if (ret)
513	return FW_UPLOAD_ERR_RW_ERROR;
514
515	if (rsu_prog(doorbell) != RSU_PROG_READY)
516	return FW_UPLOAD_ERR_BUSY;
517
518	ret = m10bmc_sys_update_bits(m10bmc: sec->m10bmc, offset: csr_map->doorbell,
519	DRBL_HOST_STATUS,
520	FIELD_PREP(DRBL_HOST_STATUS,
521	HOST_STATUS_ABORT_RSU));
522	if (ret)
523	return FW_UPLOAD_ERR_RW_ERROR;
524
525	return FW_UPLOAD_ERR_CANCELED;
526	}
527
528	static enum fw_upload_err m10bmc_sec_prepare(struct fw_upload *fwl,
529	const u8 *data, u32 size)
530	{
531	struct m10bmc_sec *sec = fwl->dd_handle;
532	u32 ret;
533
534	sec->cancel_request = false;
535
536	if (!size \|\| size > M10BMC_STAGING_SIZE)
537	return FW_UPLOAD_ERR_INVALID_SIZE;
538
539	if (sec->m10bmc->flash_bulk_ops)
540	if (sec->m10bmc->flash_bulk_ops->lock_write(sec->m10bmc))
541	return FW_UPLOAD_ERR_BUSY;
542
543	ret = rsu_check_idle(sec);
544	if (ret != FW_UPLOAD_ERR_NONE)
545	goto unlock_flash;
546
547	m10bmc_fw_state_set(m10bmc: sec->m10bmc, new_state: M10BMC_FW_STATE_SEC_UPDATE_PREPARE);
548
549	ret = rsu_update_init(sec);
550	if (ret != FW_UPLOAD_ERR_NONE)
551	goto fw_state_exit;
552
553	ret = rsu_prog_ready(sec);
554	if (ret != FW_UPLOAD_ERR_NONE)
555	goto fw_state_exit;
556
557	if (sec->cancel_request) {
558	ret = rsu_cancel(sec);
559	goto fw_state_exit;
560	}
561
562	m10bmc_fw_state_set(m10bmc: sec->m10bmc, new_state: M10BMC_FW_STATE_SEC_UPDATE_WRITE);
563
564	return FW_UPLOAD_ERR_NONE;
565
566	fw_state_exit:
567	m10bmc_fw_state_set(m10bmc: sec->m10bmc, new_state: M10BMC_FW_STATE_NORMAL);
568
569	unlock_flash:
570	if (sec->m10bmc->flash_bulk_ops)
571	sec->m10bmc->flash_bulk_ops->unlock_write(sec->m10bmc);
572	return ret;
573	}
574
575	#define WRITE_BLOCK_SIZE 0x4000 /* Default write-block size is 0x4000 bytes */
576
577	static enum fw_upload_err m10bmc_sec_fw_write(struct fw_upload fwl, const* u8 *data,
578	u32 offset, u32 size, u32 *written)
579	{
580	struct m10bmc_sec *sec = fwl->dd_handle;
581	const struct m10bmc_csr_map *csr_map = sec->m10bmc->info->csr_map;
582	struct intel_m10bmc *m10bmc = sec->m10bmc;
583	u32 blk_size, doorbell;
584	int ret;
585
586	if (sec->cancel_request)
587	return rsu_cancel(sec);
588
589	ret = m10bmc_sys_read(m10bmc, offset: csr_map->doorbell, val: &doorbell);
590	if (ret) {
591	return FW_UPLOAD_ERR_RW_ERROR;
592	} else if (rsu_prog(doorbell) != RSU_PROG_READY) {
593	log_error_regs(sec, doorbell);
594	return FW_UPLOAD_ERR_HW_ERROR;
595	}
596
597	WARN_ON_ONCE(WRITE_BLOCK_SIZE % regmap_get_reg_stride(m10bmc->regmap));
598	blk_size = min_t(u32, WRITE_BLOCK_SIZE, size);
599	ret = m10bmc_sec_write(sec, buf: data, offset, size: blk_size);
600	if (ret)
601	return FW_UPLOAD_ERR_RW_ERROR;
602
603	*written = blk_size;
604	return FW_UPLOAD_ERR_NONE;
605	}
606
607	static enum fw_upload_err m10bmc_sec_poll_complete(struct fw_upload *fwl)
608	{
609	struct m10bmc_sec *sec = fwl->dd_handle;
610	unsigned long poll_timeout;
611	u32 doorbell, result;
612	int ret;
613
614	if (sec->cancel_request)
615	return rsu_cancel(sec);
616
617	m10bmc_fw_state_set(m10bmc: sec->m10bmc, new_state: M10BMC_FW_STATE_SEC_UPDATE_PROGRAM);
618
619	result = rsu_send_data(sec);
620	if (result != FW_UPLOAD_ERR_NONE)
621	return result;
622
623	poll_timeout = jiffies + msecs_to_jiffies(RSU_COMPLETE_TIMEOUT_MS);
624	do {
625	msleep(RSU_COMPLETE_INTERVAL_MS);
626	ret = rsu_check_complete(sec, doorbell_reg: &doorbell);
627	} while (ret == -EAGAIN && !time_after(jiffies, poll_timeout));
628
629	if (ret == -EAGAIN) {
630	log_error_regs(sec, doorbell);
631	return FW_UPLOAD_ERR_TIMEOUT;
632	} else if (ret == -EIO) {
633	return FW_UPLOAD_ERR_RW_ERROR;
634	} else if (ret) {
635	log_error_regs(sec, doorbell);
636	return FW_UPLOAD_ERR_HW_ERROR;
637	}
638
639	return FW_UPLOAD_ERR_NONE;
640	}
641
642	/*
643	* m10bmc_sec_cancel() may be called asynchronously with an on-going update.
644	* All other functions are called sequentially in a single thread. To avoid
645	* contention on register accesses, m10bmc_sec_cancel() must only update
646	* the cancel_request flag. Other functions will check this flag and handle
647	* the cancel request synchronously.
648	*/
649	static void m10bmc_sec_cancel(struct fw_upload *fwl)
650	{
651	struct m10bmc_sec *sec = fwl->dd_handle;
652
653	sec->cancel_request = true;
654	}
655
656	static void m10bmc_sec_cleanup(struct fw_upload *fwl)
657	{
658	struct m10bmc_sec *sec = fwl->dd_handle;
659
660	(void)rsu_cancel(sec);
661
662	m10bmc_fw_state_set(m10bmc: sec->m10bmc, new_state: M10BMC_FW_STATE_NORMAL);
663
664	if (sec->m10bmc->flash_bulk_ops)
665	sec->m10bmc->flash_bulk_ops->unlock_write(sec->m10bmc);
666	}
667
668	static const struct fw_upload_ops m10bmc_ops = {
669	.prepare = m10bmc_sec_prepare,
670	.write = m10bmc_sec_fw_write,
671	.poll_complete = m10bmc_sec_poll_complete,
672	.cancel = m10bmc_sec_cancel,
673	.cleanup = m10bmc_sec_cleanup,
674	};
675
676	static const struct m10bmc_sec_ops m10sec_n3000_ops = {
677	.rsu_status = m10bmc_sec_n3000_rsu_status,
678	};
679
680	static const struct m10bmc_sec_ops m10sec_n6000_ops = {
681	.rsu_status = m10bmc_sec_n6000_rsu_status,
682	};
683
684	#define SEC_UPDATE_LEN_MAX 32
685	static int m10bmc_sec_probe(struct platform_device *pdev)
686	{
687	char buf[SEC_UPDATE_LEN_MAX];
688	struct m10bmc_sec *sec;
689	struct fw_upload *fwl;
690	unsigned int len;
691	int ret;
692
693	sec = devm_kzalloc(dev: &pdev->dev, size: sizeof(*sec), GFP_KERNEL);
694	if (!sec)
695	return -ENOMEM;
696
697	sec->dev = &pdev->dev;
698	sec->m10bmc = dev_get_drvdata(dev: pdev->dev.parent);
699	sec->ops = (struct m10bmc_sec_ops *)platform_get_device_id(pdev)->driver_data;
700	dev_set_drvdata(dev: &pdev->dev, data: sec);
701
702	ret = xa_alloc(xa: &fw_upload_xa, id: &sec->fw_name_id, entry: sec,
703	xa_limit_32b, GFP_KERNEL);
704	if (ret)
705	return ret;
706
707	len = scnprintf(buf, SEC_UPDATE_LEN_MAX, fmt: "secure-update%d",
708	sec->fw_name_id);
709	sec->fw_name = kmemdup_nul(s: buf, len, GFP_KERNEL);
710	if (!sec->fw_name) {
711	ret = -ENOMEM;
712	goto fw_name_fail;
713	}
714
715	fwl = firmware_upload_register(THIS_MODULE, parent: sec->dev, name: sec->fw_name,
716	ops: &m10bmc_ops, dd_handle: sec);
717	if (IS_ERR(ptr: fwl)) {
718	dev_err(sec->dev, "Firmware Upload driver failed to start\n");
719	ret = PTR_ERR(ptr: fwl);
720	goto fw_uploader_fail;
721	}
722
723	sec->fwl = fwl;
724	return `0`;
725
726	fw_uploader_fail:
727	kfree(objp: sec->fw_name);
728	fw_name_fail:
729	xa_erase(&fw_upload_xa, index: sec->fw_name_id);
730	return ret;
731	}
732
733	static void m10bmc_sec_remove(struct platform_device *pdev)
734	{
735	struct m10bmc_sec *sec = dev_get_drvdata(dev: &pdev->dev);
736
737	firmware_upload_unregister(fw_upload: sec->fwl);
738	kfree(objp: sec->fw_name);
739	xa_erase(&fw_upload_xa, index: sec->fw_name_id);
740	}
741
742	static const struct platform_device_id intel_m10bmc_sec_ids[] = {
743	{
744	.name = "n3000bmc-sec-update",
745	.driver_data = (kernel_ulong_t)&m10sec_n3000_ops,
746	},
747	{
748	.name = "d5005bmc-sec-update",
749	.driver_data = (kernel_ulong_t)&m10sec_n3000_ops,
750	},
751	{
752	.name = "n6000bmc-sec-update",
753	.driver_data = (kernel_ulong_t)&m10sec_n6000_ops,
754	},
755	{ }
756	};
757	MODULE_DEVICE_TABLE(platform, intel_m10bmc_sec_ids);
758
759	static struct platform_driver intel_m10bmc_sec_driver = {
760	.probe = m10bmc_sec_probe,
761	.remove_new = m10bmc_sec_remove,
762	.driver = {
763	.name = "intel-m10bmc-sec-update",
764	.dev_groups = m10bmc_sec_attr_groups,
765	},
766	.id_table = intel_m10bmc_sec_ids,
767	};
768	module_platform_driver(intel_m10bmc_sec_driver);
769
770	MODULE_AUTHOR("Intel Corporation");
771	MODULE_DESCRIPTION("Intel MAX10 BMC Secure Update");
772	MODULE_LICENSE("GPL");
773	MODULE_IMPORT_NS(INTEL_M10_BMC_CORE);
774

source code of linux/drivers/fpga/intel-m10-bmc-sec-update.c