1 /*
2 * firmware_class.c - Multi purpose firmware loading support
3 *
4 * Copyright (c) 2003 Manuel Estrada Sainz
5 *
6 * Please see Documentation/firmware_class/ for more information.
7 *
8 */
9
10 #include <linux/capability.h>
11 #include <linux/device.h>
12 #include <linux/module.h>
13 #include <linux/init.h>
14 #include <linux/timer.h>
15 #include <linux/vmalloc.h>
16 #include <linux/interrupt.h>
17 #include <linux/bitops.h>
18 #include <linux/mutex.h>
19 #include <linux/workqueue.h>
20 #include <linux/highmem.h>
21 #include <linux/firmware.h>
22 #include <linux/slab.h>
23 #include <linux/sched.h>
24 #include <linux/file.h>
25 #include <linux/list.h>
26 #include <linux/async.h>
27 #include <linux/pm.h>
28 #include <linux/suspend.h>
29 #include <linux/syscore_ops.h>
30 #include <linux/reboot.h>
31 #include <linux/security.h>
32
33 #include <generated/utsrelease.h>
34
35 #include "base.h"
36
37 MODULE_AUTHOR("Manuel Estrada Sainz");
38 MODULE_DESCRIPTION("Multi purpose firmware loading support");
39 MODULE_LICENSE("GPL");
40
41 /* Builtin firmware support */
42
43 #ifdef CONFIG_FW_LOADER
44
45 extern struct builtin_fw __start_builtin_fw[];
46 extern struct builtin_fw __end_builtin_fw[];
47
fw_get_builtin_firmware(struct firmware * fw,const char * name)48 static bool fw_get_builtin_firmware(struct firmware *fw, const char *name)
49 {
50 struct builtin_fw *b_fw;
51
52 for (b_fw = __start_builtin_fw; b_fw != __end_builtin_fw; b_fw++) {
53 if (strcmp(name, b_fw->name) == 0) {
54 fw->size = b_fw->size;
55 fw->data = b_fw->data;
56 return true;
57 }
58 }
59
60 return false;
61 }
62
fw_is_builtin_firmware(const struct firmware * fw)63 static bool fw_is_builtin_firmware(const struct firmware *fw)
64 {
65 struct builtin_fw *b_fw;
66
67 for (b_fw = __start_builtin_fw; b_fw != __end_builtin_fw; b_fw++)
68 if (fw->data == b_fw->data)
69 return true;
70
71 return false;
72 }
73
74 #else /* Module case - no builtin firmware support */
75
fw_get_builtin_firmware(struct firmware * fw,const char * name)76 static inline bool fw_get_builtin_firmware(struct firmware *fw, const char *name)
77 {
78 return false;
79 }
80
fw_is_builtin_firmware(const struct firmware * fw)81 static inline bool fw_is_builtin_firmware(const struct firmware *fw)
82 {
83 return false;
84 }
85 #endif
86
87 enum {
88 FW_STATUS_LOADING,
89 FW_STATUS_DONE,
90 FW_STATUS_ABORT,
91 };
92
93 static int loading_timeout = 60; /* In seconds */
94
firmware_loading_timeout(void)95 static inline long firmware_loading_timeout(void)
96 {
97 return loading_timeout > 0 ? loading_timeout * HZ : MAX_SCHEDULE_TIMEOUT;
98 }
99
100 /* firmware behavior options */
101 #define FW_OPT_UEVENT (1U << 0)
102 #define FW_OPT_NOWAIT (1U << 1)
103 #ifdef CONFIG_FW_LOADER_USER_HELPER
104 #define FW_OPT_USERHELPER (1U << 2)
105 #else
106 #define FW_OPT_USERHELPER 0
107 #endif
108 #ifdef CONFIG_FW_LOADER_USER_HELPER_FALLBACK
109 #define FW_OPT_FALLBACK FW_OPT_USERHELPER
110 #else
111 #define FW_OPT_FALLBACK 0
112 #endif
113 #define FW_OPT_NO_WARN (1U << 3)
114
115 struct firmware_cache {
116 /* firmware_buf instance will be added into the below list */
117 spinlock_t lock;
118 struct list_head head;
119 int state;
120
121 #ifdef CONFIG_PM_SLEEP
122 /*
123 * Names of firmware images which have been cached successfully
124 * will be added into the below list so that device uncache
125 * helper can trace which firmware images have been cached
126 * before.
127 */
128 spinlock_t name_lock;
129 struct list_head fw_names;
130
131 struct delayed_work work;
132
133 struct notifier_block pm_notify;
134 #endif
135 };
136
137 struct firmware_buf {
138 struct kref ref;
139 struct list_head list;
140 struct completion completion;
141 struct firmware_cache *fwc;
142 unsigned long status;
143 void *data;
144 size_t size;
145 #ifdef CONFIG_FW_LOADER_USER_HELPER
146 bool is_paged_buf;
147 bool need_uevent;
148 struct page **pages;
149 int nr_pages;
150 int page_array_size;
151 struct list_head pending_list;
152 #endif
153 char fw_id[];
154 };
155
156 struct fw_cache_entry {
157 struct list_head list;
158 char name[];
159 };
160
161 struct fw_name_devm {
162 unsigned long magic;
163 char name[];
164 };
165
166 #define to_fwbuf(d) container_of(d, struct firmware_buf, ref)
167
168 #define FW_LOADER_NO_CACHE 0
169 #define FW_LOADER_START_CACHE 1
170
171 static int fw_cache_piggyback_on_request(const char *name);
172
173 /* fw_lock could be moved to 'struct firmware_priv' but since it is just
174 * guarding for corner cases a global lock should be OK */
175 static DEFINE_MUTEX(fw_lock);
176
177 static struct firmware_cache fw_cache;
178
__allocate_fw_buf(const char * fw_name,struct firmware_cache * fwc)179 static struct firmware_buf *__allocate_fw_buf(const char *fw_name,
180 struct firmware_cache *fwc)
181 {
182 struct firmware_buf *buf;
183
184 buf = kzalloc(sizeof(*buf) + strlen(fw_name) + 1 , GFP_ATOMIC);
185
186 if (!buf)
187 return buf;
188
189 kref_init(&buf->ref);
190 strcpy(buf->fw_id, fw_name);
191 buf->fwc = fwc;
192 init_completion(&buf->completion);
193 #ifdef CONFIG_FW_LOADER_USER_HELPER
194 INIT_LIST_HEAD(&buf->pending_list);
195 #endif
196
197 pr_debug("%s: fw-%s buf=%p\n", __func__, fw_name, buf);
198
199 return buf;
200 }
201
__fw_lookup_buf(const char * fw_name)202 static struct firmware_buf *__fw_lookup_buf(const char *fw_name)
203 {
204 struct firmware_buf *tmp;
205 struct firmware_cache *fwc = &fw_cache;
206
207 list_for_each_entry(tmp, &fwc->head, list)
208 if (!strcmp(tmp->fw_id, fw_name))
209 return tmp;
210 return NULL;
211 }
212
fw_lookup_and_allocate_buf(const char * fw_name,struct firmware_cache * fwc,struct firmware_buf ** buf)213 static int fw_lookup_and_allocate_buf(const char *fw_name,
214 struct firmware_cache *fwc,
215 struct firmware_buf **buf)
216 {
217 struct firmware_buf *tmp;
218
219 spin_lock(&fwc->lock);
220 tmp = __fw_lookup_buf(fw_name);
221 if (tmp) {
222 kref_get(&tmp->ref);
223 spin_unlock(&fwc->lock);
224 *buf = tmp;
225 return 1;
226 }
227 tmp = __allocate_fw_buf(fw_name, fwc);
228 if (tmp)
229 list_add(&tmp->list, &fwc->head);
230 spin_unlock(&fwc->lock);
231
232 *buf = tmp;
233
234 return tmp ? 0 : -ENOMEM;
235 }
236
__fw_free_buf(struct kref * ref)237 static void __fw_free_buf(struct kref *ref)
238 __releases(&fwc->lock)
239 {
240 struct firmware_buf *buf = to_fwbuf(ref);
241 struct firmware_cache *fwc = buf->fwc;
242
243 pr_debug("%s: fw-%s buf=%p data=%p size=%u\n",
244 __func__, buf->fw_id, buf, buf->data,
245 (unsigned int)buf->size);
246
247 list_del(&buf->list);
248 spin_unlock(&fwc->lock);
249
250 #ifdef CONFIG_FW_LOADER_USER_HELPER
251 if (buf->is_paged_buf) {
252 int i;
253 vunmap(buf->data);
254 for (i = 0; i < buf->nr_pages; i++)
255 __free_page(buf->pages[i]);
256 kfree(buf->pages);
257 } else
258 #endif
259 vfree(buf->data);
260 kfree(buf);
261 }
262
fw_free_buf(struct firmware_buf * buf)263 static void fw_free_buf(struct firmware_buf *buf)
264 {
265 struct firmware_cache *fwc = buf->fwc;
266 spin_lock(&fwc->lock);
267 if (!kref_put(&buf->ref, __fw_free_buf))
268 spin_unlock(&fwc->lock);
269 }
270
271 /* direct firmware loading support */
272 static char fw_path_para[256];
273 static const char * const fw_path[] = {
274 fw_path_para,
275 "/lib/firmware/updates/" UTS_RELEASE,
276 "/lib/firmware/updates",
277 "/lib/firmware/" UTS_RELEASE,
278 "/lib/firmware"
279 };
280
281 /*
282 * Typical usage is that passing 'firmware_class.path=$CUSTOMIZED_PATH'
283 * from kernel command line because firmware_class is generally built in
284 * kernel instead of module.
285 */
286 module_param_string(path, fw_path_para, sizeof(fw_path_para), 0644);
287 MODULE_PARM_DESC(path, "customized firmware image search path with a higher priority than default path");
288
fw_read_file_contents(struct file * file,struct firmware_buf * fw_buf)289 static int fw_read_file_contents(struct file *file, struct firmware_buf *fw_buf)
290 {
291 int size;
292 char *buf;
293 int rc;
294
295 if (!S_ISREG(file_inode(file)->i_mode))
296 return -EINVAL;
297 size = i_size_read(file_inode(file));
298 if (size <= 0)
299 return -EINVAL;
300 buf = vmalloc(size);
301 if (!buf)
302 return -ENOMEM;
303 rc = kernel_read(file, 0, buf, size);
304 if (rc != size) {
305 if (rc > 0)
306 rc = -EIO;
307 goto fail;
308 }
309 rc = security_kernel_fw_from_file(file, buf, size);
310 if (rc)
311 goto fail;
312 fw_buf->data = buf;
313 fw_buf->size = size;
314 return 0;
315 fail:
316 vfree(buf);
317 return rc;
318 }
319
fw_get_filesystem_firmware(struct device * device,struct firmware_buf * buf)320 static int fw_get_filesystem_firmware(struct device *device,
321 struct firmware_buf *buf)
322 {
323 int i;
324 int rc = -ENOENT;
325 char *path = __getname();
326
327 for (i = 0; i < ARRAY_SIZE(fw_path); i++) {
328 struct file *file;
329
330 /* skip the unset customized path */
331 if (!fw_path[i][0])
332 continue;
333
334 snprintf(path, PATH_MAX, "%s/%s", fw_path[i], buf->fw_id);
335
336 file = filp_open(path, O_RDONLY, 0);
337 if (IS_ERR(file))
338 continue;
339 rc = fw_read_file_contents(file, buf);
340 fput(file);
341 if (rc)
342 dev_warn(device, "firmware, attempted to load %s, but failed with error %d\n",
343 path, rc);
344 else
345 break;
346 }
347 __putname(path);
348
349 if (!rc) {
350 dev_dbg(device, "firmware: direct-loading firmware %s\n",
351 buf->fw_id);
352 mutex_lock(&fw_lock);
353 set_bit(FW_STATUS_DONE, &buf->status);
354 complete_all(&buf->completion);
355 mutex_unlock(&fw_lock);
356 }
357
358 return rc;
359 }
360
361 /* firmware holds the ownership of pages */
firmware_free_data(const struct firmware * fw)362 static void firmware_free_data(const struct firmware *fw)
363 {
364 /* Loaded directly? */
365 if (!fw->priv) {
366 vfree(fw->data);
367 return;
368 }
369 fw_free_buf(fw->priv);
370 }
371
372 /* store the pages buffer info firmware from buf */
fw_set_page_data(struct firmware_buf * buf,struct firmware * fw)373 static void fw_set_page_data(struct firmware_buf *buf, struct firmware *fw)
374 {
375 fw->priv = buf;
376 #ifdef CONFIG_FW_LOADER_USER_HELPER
377 fw->pages = buf->pages;
378 #endif
379 fw->size = buf->size;
380 fw->data = buf->data;
381
382 pr_debug("%s: fw-%s buf=%p data=%p size=%u\n",
383 __func__, buf->fw_id, buf, buf->data,
384 (unsigned int)buf->size);
385 }
386
387 #ifdef CONFIG_PM_SLEEP
fw_name_devm_release(struct device * dev,void * res)388 static void fw_name_devm_release(struct device *dev, void *res)
389 {
390 struct fw_name_devm *fwn = res;
391
392 if (fwn->magic == (unsigned long)&fw_cache)
393 pr_debug("%s: fw_name-%s devm-%p released\n",
394 __func__, fwn->name, res);
395 }
396
fw_devm_match(struct device * dev,void * res,void * match_data)397 static int fw_devm_match(struct device *dev, void *res,
398 void *match_data)
399 {
400 struct fw_name_devm *fwn = res;
401
402 return (fwn->magic == (unsigned long)&fw_cache) &&
403 !strcmp(fwn->name, match_data);
404 }
405
fw_find_devm_name(struct device * dev,const char * name)406 static struct fw_name_devm *fw_find_devm_name(struct device *dev,
407 const char *name)
408 {
409 struct fw_name_devm *fwn;
410
411 fwn = devres_find(dev, fw_name_devm_release,
412 fw_devm_match, (void *)name);
413 return fwn;
414 }
415
416 /* add firmware name into devres list */
fw_add_devm_name(struct device * dev,const char * name)417 static int fw_add_devm_name(struct device *dev, const char *name)
418 {
419 struct fw_name_devm *fwn;
420
421 fwn = fw_find_devm_name(dev, name);
422 if (fwn)
423 return 1;
424
425 fwn = devres_alloc(fw_name_devm_release, sizeof(struct fw_name_devm) +
426 strlen(name) + 1, GFP_KERNEL);
427 if (!fwn)
428 return -ENOMEM;
429
430 fwn->magic = (unsigned long)&fw_cache;
431 strcpy(fwn->name, name);
432 devres_add(dev, fwn);
433
434 return 0;
435 }
436 #else
fw_add_devm_name(struct device * dev,const char * name)437 static int fw_add_devm_name(struct device *dev, const char *name)
438 {
439 return 0;
440 }
441 #endif
442
443
444 /*
445 * user-mode helper code
446 */
447 #ifdef CONFIG_FW_LOADER_USER_HELPER
448 struct firmware_priv {
449 struct delayed_work timeout_work;
450 bool nowait;
451 struct device dev;
452 struct firmware_buf *buf;
453 struct firmware *fw;
454 };
455
to_firmware_priv(struct device * dev)456 static struct firmware_priv *to_firmware_priv(struct device *dev)
457 {
458 return container_of(dev, struct firmware_priv, dev);
459 }
460
__fw_load_abort(struct firmware_buf * buf)461 static void __fw_load_abort(struct firmware_buf *buf)
462 {
463 /*
464 * There is a small window in which user can write to 'loading'
465 * between loading done and disappearance of 'loading'
466 */
467 if (test_bit(FW_STATUS_DONE, &buf->status))
468 return;
469
470 list_del_init(&buf->pending_list);
471 set_bit(FW_STATUS_ABORT, &buf->status);
472 complete_all(&buf->completion);
473 }
474
fw_load_abort(struct firmware_priv * fw_priv)475 static void fw_load_abort(struct firmware_priv *fw_priv)
476 {
477 struct firmware_buf *buf = fw_priv->buf;
478
479 __fw_load_abort(buf);
480
481 /* avoid user action after loading abort */
482 fw_priv->buf = NULL;
483 }
484
485 #define is_fw_load_aborted(buf) \
486 test_bit(FW_STATUS_ABORT, &(buf)->status)
487
488 static LIST_HEAD(pending_fw_head);
489
490 /* reboot notifier for avoid deadlock with usermode_lock */
fw_shutdown_notify(struct notifier_block * unused1,unsigned long unused2,void * unused3)491 static int fw_shutdown_notify(struct notifier_block *unused1,
492 unsigned long unused2, void *unused3)
493 {
494 mutex_lock(&fw_lock);
495 while (!list_empty(&pending_fw_head))
496 __fw_load_abort(list_first_entry(&pending_fw_head,
497 struct firmware_buf,
498 pending_list));
499 mutex_unlock(&fw_lock);
500 return NOTIFY_DONE;
501 }
502
503 static struct notifier_block fw_shutdown_nb = {
504 .notifier_call = fw_shutdown_notify,
505 };
506
timeout_show(struct class * class,struct class_attribute * attr,char * buf)507 static ssize_t timeout_show(struct class *class, struct class_attribute *attr,
508 char *buf)
509 {
510 return sprintf(buf, "%d\n", loading_timeout);
511 }
512
513 /**
514 * firmware_timeout_store - set number of seconds to wait for firmware
515 * @class: device class pointer
516 * @attr: device attribute pointer
517 * @buf: buffer to scan for timeout value
518 * @count: number of bytes in @buf
519 *
520 * Sets the number of seconds to wait for the firmware. Once
521 * this expires an error will be returned to the driver and no
522 * firmware will be provided.
523 *
524 * Note: zero means 'wait forever'.
525 **/
timeout_store(struct class * class,struct class_attribute * attr,const char * buf,size_t count)526 static ssize_t timeout_store(struct class *class, struct class_attribute *attr,
527 const char *buf, size_t count)
528 {
529 loading_timeout = simple_strtol(buf, NULL, 10);
530 if (loading_timeout < 0)
531 loading_timeout = 0;
532
533 return count;
534 }
535
536 static struct class_attribute firmware_class_attrs[] = {
537 __ATTR_RW(timeout),
538 __ATTR_NULL
539 };
540
fw_dev_release(struct device * dev)541 static void fw_dev_release(struct device *dev)
542 {
543 struct firmware_priv *fw_priv = to_firmware_priv(dev);
544
545 kfree(fw_priv);
546 }
547
do_firmware_uevent(struct firmware_priv * fw_priv,struct kobj_uevent_env * env)548 static int do_firmware_uevent(struct firmware_priv *fw_priv, struct kobj_uevent_env *env)
549 {
550 if (add_uevent_var(env, "FIRMWARE=%s", fw_priv->buf->fw_id))
551 return -ENOMEM;
552 if (add_uevent_var(env, "TIMEOUT=%i", loading_timeout))
553 return -ENOMEM;
554 if (add_uevent_var(env, "ASYNC=%d", fw_priv->nowait))
555 return -ENOMEM;
556
557 return 0;
558 }
559
firmware_uevent(struct device * dev,struct kobj_uevent_env * env)560 static int firmware_uevent(struct device *dev, struct kobj_uevent_env *env)
561 {
562 struct firmware_priv *fw_priv = to_firmware_priv(dev);
563 int err = 0;
564
565 mutex_lock(&fw_lock);
566 if (fw_priv->buf)
567 err = do_firmware_uevent(fw_priv, env);
568 mutex_unlock(&fw_lock);
569 return err;
570 }
571
572 static struct class firmware_class = {
573 .name = "firmware",
574 .class_attrs = firmware_class_attrs,
575 .dev_uevent = firmware_uevent,
576 .dev_release = fw_dev_release,
577 };
578
firmware_loading_show(struct device * dev,struct device_attribute * attr,char * buf)579 static ssize_t firmware_loading_show(struct device *dev,
580 struct device_attribute *attr, char *buf)
581 {
582 struct firmware_priv *fw_priv = to_firmware_priv(dev);
583 int loading = 0;
584
585 mutex_lock(&fw_lock);
586 if (fw_priv->buf)
587 loading = test_bit(FW_STATUS_LOADING, &fw_priv->buf->status);
588 mutex_unlock(&fw_lock);
589
590 return sprintf(buf, "%d\n", loading);
591 }
592
593 /* Some architectures don't have PAGE_KERNEL_RO */
594 #ifndef PAGE_KERNEL_RO
595 #define PAGE_KERNEL_RO PAGE_KERNEL
596 #endif
597
598 /* one pages buffer should be mapped/unmapped only once */
fw_map_pages_buf(struct firmware_buf * buf)599 static int fw_map_pages_buf(struct firmware_buf *buf)
600 {
601 if (!buf->is_paged_buf)
602 return 0;
603
604 if (buf->data)
605 vunmap(buf->data);
606 buf->data = vmap(buf->pages, buf->nr_pages, 0, PAGE_KERNEL_RO);
607 if (!buf->data)
608 return -ENOMEM;
609 return 0;
610 }
611
612 /**
613 * firmware_loading_store - set value in the 'loading' control file
614 * @dev: device pointer
615 * @attr: device attribute pointer
616 * @buf: buffer to scan for loading control value
617 * @count: number of bytes in @buf
618 *
619 * The relevant values are:
620 *
621 * 1: Start a load, discarding any previous partial load.
622 * 0: Conclude the load and hand the data to the driver code.
623 * -1: Conclude the load with an error and discard any written data.
624 **/
firmware_loading_store(struct device * dev,struct device_attribute * attr,const char * buf,size_t count)625 static ssize_t firmware_loading_store(struct device *dev,
626 struct device_attribute *attr,
627 const char *buf, size_t count)
628 {
629 struct firmware_priv *fw_priv = to_firmware_priv(dev);
630 struct firmware_buf *fw_buf;
631 ssize_t written = count;
632 int loading = simple_strtol(buf, NULL, 10);
633 int i;
634
635 mutex_lock(&fw_lock);
636 fw_buf = fw_priv->buf;
637 if (!fw_buf)
638 goto out;
639
640 switch (loading) {
641 case 1:
642 /* discarding any previous partial load */
643 if (!test_bit(FW_STATUS_DONE, &fw_buf->status)) {
644 for (i = 0; i < fw_buf->nr_pages; i++)
645 __free_page(fw_buf->pages[i]);
646 kfree(fw_buf->pages);
647 fw_buf->pages = NULL;
648 fw_buf->page_array_size = 0;
649 fw_buf->nr_pages = 0;
650 set_bit(FW_STATUS_LOADING, &fw_buf->status);
651 }
652 break;
653 case 0:
654 if (test_bit(FW_STATUS_LOADING, &fw_buf->status)) {
655 int rc;
656
657 set_bit(FW_STATUS_DONE, &fw_buf->status);
658 clear_bit(FW_STATUS_LOADING, &fw_buf->status);
659
660 /*
661 * Several loading requests may be pending on
662 * one same firmware buf, so let all requests
663 * see the mapped 'buf->data' once the loading
664 * is completed.
665 * */
666 rc = fw_map_pages_buf(fw_buf);
667 if (rc)
668 dev_err(dev, "%s: map pages failed\n",
669 __func__);
670 else
671 rc = security_kernel_fw_from_file(NULL,
672 fw_buf->data, fw_buf->size);
673
674 /*
675 * Same logic as fw_load_abort, only the DONE bit
676 * is ignored and we set ABORT only on failure.
677 */
678 list_del_init(&fw_buf->pending_list);
679 if (rc) {
680 set_bit(FW_STATUS_ABORT, &fw_buf->status);
681 written = rc;
682 }
683 complete_all(&fw_buf->completion);
684 break;
685 }
686 /* fallthrough */
687 default:
688 dev_err(dev, "%s: unexpected value (%d)\n", __func__, loading);
689 /* fallthrough */
690 case -1:
691 fw_load_abort(fw_priv);
692 break;
693 }
694 out:
695 mutex_unlock(&fw_lock);
696 return written;
697 }
698
699 static DEVICE_ATTR(loading, 0644, firmware_loading_show, firmware_loading_store);
700
firmware_data_read(struct file * filp,struct kobject * kobj,struct bin_attribute * bin_attr,char * buffer,loff_t offset,size_t count)701 static ssize_t firmware_data_read(struct file *filp, struct kobject *kobj,
702 struct bin_attribute *bin_attr,
703 char *buffer, loff_t offset, size_t count)
704 {
705 struct device *dev = kobj_to_dev(kobj);
706 struct firmware_priv *fw_priv = to_firmware_priv(dev);
707 struct firmware_buf *buf;
708 ssize_t ret_count;
709
710 mutex_lock(&fw_lock);
711 buf = fw_priv->buf;
712 if (!buf || test_bit(FW_STATUS_DONE, &buf->status)) {
713 ret_count = -ENODEV;
714 goto out;
715 }
716 if (offset > buf->size) {
717 ret_count = 0;
718 goto out;
719 }
720 if (count > buf->size - offset)
721 count = buf->size - offset;
722
723 ret_count = count;
724
725 while (count) {
726 void *page_data;
727 int page_nr = offset >> PAGE_SHIFT;
728 int page_ofs = offset & (PAGE_SIZE-1);
729 int page_cnt = min_t(size_t, PAGE_SIZE - page_ofs, count);
730
731 page_data = kmap(buf->pages[page_nr]);
732
733 memcpy(buffer, page_data + page_ofs, page_cnt);
734
735 kunmap(buf->pages[page_nr]);
736 buffer += page_cnt;
737 offset += page_cnt;
738 count -= page_cnt;
739 }
740 out:
741 mutex_unlock(&fw_lock);
742 return ret_count;
743 }
744
fw_realloc_buffer(struct firmware_priv * fw_priv,int min_size)745 static int fw_realloc_buffer(struct firmware_priv *fw_priv, int min_size)
746 {
747 struct firmware_buf *buf = fw_priv->buf;
748 int pages_needed = PAGE_ALIGN(min_size) >> PAGE_SHIFT;
749
750 /* If the array of pages is too small, grow it... */
751 if (buf->page_array_size < pages_needed) {
752 int new_array_size = max(pages_needed,
753 buf->page_array_size * 2);
754 struct page **new_pages;
755
756 new_pages = kmalloc(new_array_size * sizeof(void *),
757 GFP_KERNEL);
758 if (!new_pages) {
759 fw_load_abort(fw_priv);
760 return -ENOMEM;
761 }
762 memcpy(new_pages, buf->pages,
763 buf->page_array_size * sizeof(void *));
764 memset(&new_pages[buf->page_array_size], 0, sizeof(void *) *
765 (new_array_size - buf->page_array_size));
766 kfree(buf->pages);
767 buf->pages = new_pages;
768 buf->page_array_size = new_array_size;
769 }
770
771 while (buf->nr_pages < pages_needed) {
772 buf->pages[buf->nr_pages] =
773 alloc_page(GFP_KERNEL | __GFP_HIGHMEM);
774
775 if (!buf->pages[buf->nr_pages]) {
776 fw_load_abort(fw_priv);
777 return -ENOMEM;
778 }
779 buf->nr_pages++;
780 }
781 return 0;
782 }
783
784 /**
785 * firmware_data_write - write method for firmware
786 * @filp: open sysfs file
787 * @kobj: kobject for the device
788 * @bin_attr: bin_attr structure
789 * @buffer: buffer being written
790 * @offset: buffer offset for write in total data store area
791 * @count: buffer size
792 *
793 * Data written to the 'data' attribute will be later handed to
794 * the driver as a firmware image.
795 **/
firmware_data_write(struct file * filp,struct kobject * kobj,struct bin_attribute * bin_attr,char * buffer,loff_t offset,size_t count)796 static ssize_t firmware_data_write(struct file *filp, struct kobject *kobj,
797 struct bin_attribute *bin_attr,
798 char *buffer, loff_t offset, size_t count)
799 {
800 struct device *dev = kobj_to_dev(kobj);
801 struct firmware_priv *fw_priv = to_firmware_priv(dev);
802 struct firmware_buf *buf;
803 ssize_t retval;
804
805 if (!capable(CAP_SYS_RAWIO))
806 return -EPERM;
807
808 mutex_lock(&fw_lock);
809 buf = fw_priv->buf;
810 if (!buf || test_bit(FW_STATUS_DONE, &buf->status)) {
811 retval = -ENODEV;
812 goto out;
813 }
814
815 retval = fw_realloc_buffer(fw_priv, offset + count);
816 if (retval)
817 goto out;
818
819 retval = count;
820
821 while (count) {
822 void *page_data;
823 int page_nr = offset >> PAGE_SHIFT;
824 int page_ofs = offset & (PAGE_SIZE - 1);
825 int page_cnt = min_t(size_t, PAGE_SIZE - page_ofs, count);
826
827 page_data = kmap(buf->pages[page_nr]);
828
829 memcpy(page_data + page_ofs, buffer, page_cnt);
830
831 kunmap(buf->pages[page_nr]);
832 buffer += page_cnt;
833 offset += page_cnt;
834 count -= page_cnt;
835 }
836
837 buf->size = max_t(size_t, offset, buf->size);
838 out:
839 mutex_unlock(&fw_lock);
840 return retval;
841 }
842
843 static struct bin_attribute firmware_attr_data = {
844 .attr = { .name = "data", .mode = 0644 },
845 .size = 0,
846 .read = firmware_data_read,
847 .write = firmware_data_write,
848 };
849
firmware_class_timeout_work(struct work_struct * work)850 static void firmware_class_timeout_work(struct work_struct *work)
851 {
852 struct firmware_priv *fw_priv = container_of(work,
853 struct firmware_priv, timeout_work.work);
854
855 mutex_lock(&fw_lock);
856 fw_load_abort(fw_priv);
857 mutex_unlock(&fw_lock);
858 }
859
860 static struct firmware_priv *
fw_create_instance(struct firmware * firmware,const char * fw_name,struct device * device,unsigned int opt_flags)861 fw_create_instance(struct firmware *firmware, const char *fw_name,
862 struct device *device, unsigned int opt_flags)
863 {
864 struct firmware_priv *fw_priv;
865 struct device *f_dev;
866
867 fw_priv = kzalloc(sizeof(*fw_priv), GFP_KERNEL);
868 if (!fw_priv) {
869 dev_err(device, "%s: kmalloc failed\n", __func__);
870 fw_priv = ERR_PTR(-ENOMEM);
871 goto exit;
872 }
873
874 fw_priv->nowait = !!(opt_flags & FW_OPT_NOWAIT);
875 fw_priv->fw = firmware;
876 INIT_DELAYED_WORK(&fw_priv->timeout_work,
877 firmware_class_timeout_work);
878
879 f_dev = &fw_priv->dev;
880
881 device_initialize(f_dev);
882 dev_set_name(f_dev, "%s", fw_name);
883 f_dev->parent = device;
884 f_dev->class = &firmware_class;
885 exit:
886 return fw_priv;
887 }
888
889 /* load a firmware via user helper */
_request_firmware_load(struct firmware_priv * fw_priv,unsigned int opt_flags,long timeout)890 static int _request_firmware_load(struct firmware_priv *fw_priv,
891 unsigned int opt_flags, long timeout)
892 {
893 int retval = 0;
894 struct device *f_dev = &fw_priv->dev;
895 struct firmware_buf *buf = fw_priv->buf;
896
897 /* fall back on userspace loading */
898 buf->is_paged_buf = true;
899
900 dev_set_uevent_suppress(f_dev, true);
901
902 retval = device_add(f_dev);
903 if (retval) {
904 dev_err(f_dev, "%s: device_register failed\n", __func__);
905 goto err_put_dev;
906 }
907
908 retval = device_create_bin_file(f_dev, &firmware_attr_data);
909 if (retval) {
910 dev_err(f_dev, "%s: sysfs_create_bin_file failed\n", __func__);
911 goto err_del_dev;
912 }
913
914 mutex_lock(&fw_lock);
915 list_add(&buf->pending_list, &pending_fw_head);
916 mutex_unlock(&fw_lock);
917
918 retval = device_create_file(f_dev, &dev_attr_loading);
919 if (retval) {
920 mutex_lock(&fw_lock);
921 list_del_init(&buf->pending_list);
922 mutex_unlock(&fw_lock);
923 dev_err(f_dev, "%s: device_create_file failed\n", __func__);
924 goto err_del_bin_attr;
925 }
926
927 if (opt_flags & FW_OPT_UEVENT) {
928 buf->need_uevent = true;
929 dev_set_uevent_suppress(f_dev, false);
930 dev_dbg(f_dev, "firmware: requesting %s\n", buf->fw_id);
931 if (timeout != MAX_SCHEDULE_TIMEOUT)
932 queue_delayed_work(system_power_efficient_wq,
933 &fw_priv->timeout_work, timeout);
934
935 kobject_uevent(&fw_priv->dev.kobj, KOBJ_ADD);
936 }
937
938 wait_for_completion(&buf->completion);
939
940 cancel_delayed_work_sync(&fw_priv->timeout_work);
941 if (is_fw_load_aborted(buf))
942 retval = -EAGAIN;
943 else if (!buf->data)
944 retval = -ENOMEM;
945
946 device_remove_file(f_dev, &dev_attr_loading);
947 err_del_bin_attr:
948 device_remove_bin_file(f_dev, &firmware_attr_data);
949 err_del_dev:
950 device_del(f_dev);
951 err_put_dev:
952 put_device(f_dev);
953 return retval;
954 }
955
fw_load_from_user_helper(struct firmware * firmware,const char * name,struct device * device,unsigned int opt_flags,long timeout)956 static int fw_load_from_user_helper(struct firmware *firmware,
957 const char *name, struct device *device,
958 unsigned int opt_flags, long timeout)
959 {
960 struct firmware_priv *fw_priv;
961
962 fw_priv = fw_create_instance(firmware, name, device, opt_flags);
963 if (IS_ERR(fw_priv))
964 return PTR_ERR(fw_priv);
965
966 fw_priv->buf = firmware->priv;
967 return _request_firmware_load(fw_priv, opt_flags, timeout);
968 }
969
970 #ifdef CONFIG_PM_SLEEP
971 /* kill pending requests without uevent to avoid blocking suspend */
kill_requests_without_uevent(void)972 static void kill_requests_without_uevent(void)
973 {
974 struct firmware_buf *buf;
975 struct firmware_buf *next;
976
977 mutex_lock(&fw_lock);
978 list_for_each_entry_safe(buf, next, &pending_fw_head, pending_list) {
979 if (!buf->need_uevent)
980 __fw_load_abort(buf);
981 }
982 mutex_unlock(&fw_lock);
983 }
984 #endif
985
986 #else /* CONFIG_FW_LOADER_USER_HELPER */
987 static inline int
fw_load_from_user_helper(struct firmware * firmware,const char * name,struct device * device,unsigned int opt_flags,long timeout)988 fw_load_from_user_helper(struct firmware *firmware, const char *name,
989 struct device *device, unsigned int opt_flags,
990 long timeout)
991 {
992 return -ENOENT;
993 }
994
995 /* No abort during direct loading */
996 #define is_fw_load_aborted(buf) false
997
998 #ifdef CONFIG_PM_SLEEP
kill_requests_without_uevent(void)999 static inline void kill_requests_without_uevent(void) { }
1000 #endif
1001
1002 #endif /* CONFIG_FW_LOADER_USER_HELPER */
1003
1004
1005 /* wait until the shared firmware_buf becomes ready (or error) */
sync_cached_firmware_buf(struct firmware_buf * buf)1006 static int sync_cached_firmware_buf(struct firmware_buf *buf)
1007 {
1008 int ret = 0;
1009
1010 mutex_lock(&fw_lock);
1011 while (!test_bit(FW_STATUS_DONE, &buf->status)) {
1012 if (is_fw_load_aborted(buf)) {
1013 ret = -ENOENT;
1014 break;
1015 }
1016 mutex_unlock(&fw_lock);
1017 wait_for_completion(&buf->completion);
1018 mutex_lock(&fw_lock);
1019 }
1020 mutex_unlock(&fw_lock);
1021 return ret;
1022 }
1023
1024 /* prepare firmware and firmware_buf structs;
1025 * return 0 if a firmware is already assigned, 1 if need to load one,
1026 * or a negative error code
1027 */
1028 static int
_request_firmware_prepare(struct firmware ** firmware_p,const char * name,struct device * device)1029 _request_firmware_prepare(struct firmware **firmware_p, const char *name,
1030 struct device *device)
1031 {
1032 struct firmware *firmware;
1033 struct firmware_buf *buf;
1034 int ret;
1035
1036 *firmware_p = firmware = kzalloc(sizeof(*firmware), GFP_KERNEL);
1037 if (!firmware) {
1038 dev_err(device, "%s: kmalloc(struct firmware) failed\n",
1039 __func__);
1040 return -ENOMEM;
1041 }
1042
1043 if (fw_get_builtin_firmware(firmware, name)) {
1044 dev_dbg(device, "firmware: using built-in firmware %s\n", name);
1045 return 0; /* assigned */
1046 }
1047
1048 ret = fw_lookup_and_allocate_buf(name, &fw_cache, &buf);
1049
1050 /*
1051 * bind with 'buf' now to avoid warning in failure path
1052 * of requesting firmware.
1053 */
1054 firmware->priv = buf;
1055
1056 if (ret > 0) {
1057 ret = sync_cached_firmware_buf(buf);
1058 if (!ret) {
1059 fw_set_page_data(buf, firmware);
1060 return 0; /* assigned */
1061 }
1062 }
1063
1064 if (ret < 0)
1065 return ret;
1066 return 1; /* need to load */
1067 }
1068
assign_firmware_buf(struct firmware * fw,struct device * device,unsigned int opt_flags)1069 static int assign_firmware_buf(struct firmware *fw, struct device *device,
1070 unsigned int opt_flags)
1071 {
1072 struct firmware_buf *buf = fw->priv;
1073
1074 mutex_lock(&fw_lock);
1075 if (!buf->size || is_fw_load_aborted(buf)) {
1076 mutex_unlock(&fw_lock);
1077 return -ENOENT;
1078 }
1079
1080 /*
1081 * add firmware name into devres list so that we can auto cache
1082 * and uncache firmware for device.
1083 *
1084 * device may has been deleted already, but the problem
1085 * should be fixed in devres or driver core.
1086 */
1087 /* don't cache firmware handled without uevent */
1088 if (device && (opt_flags & FW_OPT_UEVENT))
1089 fw_add_devm_name(device, buf->fw_id);
1090
1091 /*
1092 * After caching firmware image is started, let it piggyback
1093 * on request firmware.
1094 */
1095 if (buf->fwc->state == FW_LOADER_START_CACHE) {
1096 if (fw_cache_piggyback_on_request(buf->fw_id))
1097 kref_get(&buf->ref);
1098 }
1099
1100 /* pass the pages buffer to driver at the last minute */
1101 fw_set_page_data(buf, fw);
1102 mutex_unlock(&fw_lock);
1103 return 0;
1104 }
1105
1106 /* called from request_firmware() and request_firmware_work_func() */
1107 static int
_request_firmware(const struct firmware ** firmware_p,const char * name,struct device * device,unsigned int opt_flags)1108 _request_firmware(const struct firmware **firmware_p, const char *name,
1109 struct device *device, unsigned int opt_flags)
1110 {
1111 struct firmware *fw;
1112 long timeout;
1113 int ret;
1114
1115 if (!firmware_p)
1116 return -EINVAL;
1117
1118 if (!name || name[0] == '\0')
1119 return -EINVAL;
1120
1121 ret = _request_firmware_prepare(&fw, name, device);
1122 if (ret <= 0) /* error or already assigned */
1123 goto out;
1124
1125 ret = 0;
1126 timeout = firmware_loading_timeout();
1127 if (opt_flags & FW_OPT_NOWAIT) {
1128 timeout = usermodehelper_read_lock_wait(timeout);
1129 if (!timeout) {
1130 dev_dbg(device, "firmware: %s loading timed out\n",
1131 name);
1132 ret = -EBUSY;
1133 goto out;
1134 }
1135 } else {
1136 ret = usermodehelper_read_trylock();
1137 if (WARN_ON(ret)) {
1138 dev_err(device, "firmware: %s will not be loaded\n",
1139 name);
1140 goto out;
1141 }
1142 }
1143
1144 ret = fw_get_filesystem_firmware(device, fw->priv);
1145 if (ret) {
1146 if (!(opt_flags & FW_OPT_NO_WARN))
1147 dev_warn(device,
1148 "Direct firmware load for %s failed with error %d\n",
1149 name, ret);
1150 if (opt_flags & FW_OPT_USERHELPER) {
1151 dev_warn(device, "Falling back to user helper\n");
1152 ret = fw_load_from_user_helper(fw, name, device,
1153 opt_flags, timeout);
1154 }
1155 }
1156
1157 if (!ret)
1158 ret = assign_firmware_buf(fw, device, opt_flags);
1159
1160 usermodehelper_read_unlock();
1161
1162 out:
1163 if (ret < 0) {
1164 release_firmware(fw);
1165 fw = NULL;
1166 }
1167
1168 *firmware_p = fw;
1169 return ret;
1170 }
1171
1172 /**
1173 * request_firmware: - send firmware request and wait for it
1174 * @firmware_p: pointer to firmware image
1175 * @name: name of firmware file
1176 * @device: device for which firmware is being loaded
1177 *
1178 * @firmware_p will be used to return a firmware image by the name
1179 * of @name for device @device.
1180 *
1181 * Should be called from user context where sleeping is allowed.
1182 *
1183 * @name will be used as $FIRMWARE in the uevent environment and
1184 * should be distinctive enough not to be confused with any other
1185 * firmware image for this or any other device.
1186 *
1187 * Caller must hold the reference count of @device.
1188 *
1189 * The function can be called safely inside device's suspend and
1190 * resume callback.
1191 **/
1192 int
request_firmware(const struct firmware ** firmware_p,const char * name,struct device * device)1193 request_firmware(const struct firmware **firmware_p, const char *name,
1194 struct device *device)
1195 {
1196 int ret;
1197
1198 /* Need to pin this module until return */
1199 __module_get(THIS_MODULE);
1200 ret = _request_firmware(firmware_p, name, device,
1201 FW_OPT_UEVENT | FW_OPT_FALLBACK);
1202 module_put(THIS_MODULE);
1203 return ret;
1204 }
1205 EXPORT_SYMBOL(request_firmware);
1206
1207 /**
1208 * request_firmware: - load firmware directly without usermode helper
1209 * @firmware_p: pointer to firmware image
1210 * @name: name of firmware file
1211 * @device: device for which firmware is being loaded
1212 *
1213 * This function works pretty much like request_firmware(), but this doesn't
1214 * fall back to usermode helper even if the firmware couldn't be loaded
1215 * directly from fs. Hence it's useful for loading optional firmwares, which
1216 * aren't always present, without extra long timeouts of udev.
1217 **/
request_firmware_direct(const struct firmware ** firmware_p,const char * name,struct device * device)1218 int request_firmware_direct(const struct firmware **firmware_p,
1219 const char *name, struct device *device)
1220 {
1221 int ret;
1222 __module_get(THIS_MODULE);
1223 ret = _request_firmware(firmware_p, name, device,
1224 FW_OPT_UEVENT | FW_OPT_NO_WARN);
1225 module_put(THIS_MODULE);
1226 return ret;
1227 }
1228 EXPORT_SYMBOL_GPL(request_firmware_direct);
1229
1230 /**
1231 * release_firmware: - release the resource associated with a firmware image
1232 * @fw: firmware resource to release
1233 **/
release_firmware(const struct firmware * fw)1234 void release_firmware(const struct firmware *fw)
1235 {
1236 if (fw) {
1237 if (!fw_is_builtin_firmware(fw))
1238 firmware_free_data(fw);
1239 kfree(fw);
1240 }
1241 }
1242 EXPORT_SYMBOL(release_firmware);
1243
1244 /* Async support */
1245 struct firmware_work {
1246 struct work_struct work;
1247 struct module *module;
1248 const char *name;
1249 struct device *device;
1250 void *context;
1251 void (*cont)(const struct firmware *fw, void *context);
1252 unsigned int opt_flags;
1253 };
1254
request_firmware_work_func(struct work_struct * work)1255 static void request_firmware_work_func(struct work_struct *work)
1256 {
1257 struct firmware_work *fw_work;
1258 const struct firmware *fw;
1259
1260 fw_work = container_of(work, struct firmware_work, work);
1261
1262 _request_firmware(&fw, fw_work->name, fw_work->device,
1263 fw_work->opt_flags);
1264 fw_work->cont(fw, fw_work->context);
1265 put_device(fw_work->device); /* taken in request_firmware_nowait() */
1266
1267 module_put(fw_work->module);
1268 kfree(fw_work);
1269 }
1270
1271 /**
1272 * request_firmware_nowait - asynchronous version of request_firmware
1273 * @module: module requesting the firmware
1274 * @uevent: sends uevent to copy the firmware image if this flag
1275 * is non-zero else the firmware copy must be done manually.
1276 * @name: name of firmware file
1277 * @device: device for which firmware is being loaded
1278 * @gfp: allocation flags
1279 * @context: will be passed over to @cont, and
1280 * @fw may be %NULL if firmware request fails.
1281 * @cont: function will be called asynchronously when the firmware
1282 * request is over.
1283 *
1284 * Caller must hold the reference count of @device.
1285 *
1286 * Asynchronous variant of request_firmware() for user contexts:
1287 * - sleep for as small periods as possible since it may
1288 * increase kernel boot time of built-in device drivers
1289 * requesting firmware in their ->probe() methods, if
1290 * @gfp is GFP_KERNEL.
1291 *
1292 * - can't sleep at all if @gfp is GFP_ATOMIC.
1293 **/
1294 int
request_firmware_nowait(struct module * module,bool uevent,const char * name,struct device * device,gfp_t gfp,void * context,void (* cont)(const struct firmware * fw,void * context))1295 request_firmware_nowait(
1296 struct module *module, bool uevent,
1297 const char *name, struct device *device, gfp_t gfp, void *context,
1298 void (*cont)(const struct firmware *fw, void *context))
1299 {
1300 struct firmware_work *fw_work;
1301
1302 fw_work = kzalloc(sizeof (struct firmware_work), gfp);
1303 if (!fw_work)
1304 return -ENOMEM;
1305
1306 fw_work->module = module;
1307 fw_work->name = name;
1308 fw_work->device = device;
1309 fw_work->context = context;
1310 fw_work->cont = cont;
1311 fw_work->opt_flags = FW_OPT_NOWAIT | FW_OPT_FALLBACK |
1312 (uevent ? FW_OPT_UEVENT : FW_OPT_USERHELPER);
1313
1314 if (!try_module_get(module)) {
1315 kfree(fw_work);
1316 return -EFAULT;
1317 }
1318
1319 get_device(fw_work->device);
1320 INIT_WORK(&fw_work->work, request_firmware_work_func);
1321 schedule_work(&fw_work->work);
1322 return 0;
1323 }
1324 EXPORT_SYMBOL(request_firmware_nowait);
1325
1326 #ifdef CONFIG_PM_SLEEP
1327 static ASYNC_DOMAIN_EXCLUSIVE(fw_cache_domain);
1328
1329 /**
1330 * cache_firmware - cache one firmware image in kernel memory space
1331 * @fw_name: the firmware image name
1332 *
1333 * Cache firmware in kernel memory so that drivers can use it when
1334 * system isn't ready for them to request firmware image from userspace.
1335 * Once it returns successfully, driver can use request_firmware or its
1336 * nowait version to get the cached firmware without any interacting
1337 * with userspace
1338 *
1339 * Return 0 if the firmware image has been cached successfully
1340 * Return !0 otherwise
1341 *
1342 */
cache_firmware(const char * fw_name)1343 static int cache_firmware(const char *fw_name)
1344 {
1345 int ret;
1346 const struct firmware *fw;
1347
1348 pr_debug("%s: %s\n", __func__, fw_name);
1349
1350 ret = request_firmware(&fw, fw_name, NULL);
1351 if (!ret)
1352 kfree(fw);
1353
1354 pr_debug("%s: %s ret=%d\n", __func__, fw_name, ret);
1355
1356 return ret;
1357 }
1358
fw_lookup_buf(const char * fw_name)1359 static struct firmware_buf *fw_lookup_buf(const char *fw_name)
1360 {
1361 struct firmware_buf *tmp;
1362 struct firmware_cache *fwc = &fw_cache;
1363
1364 spin_lock(&fwc->lock);
1365 tmp = __fw_lookup_buf(fw_name);
1366 spin_unlock(&fwc->lock);
1367
1368 return tmp;
1369 }
1370
1371 /**
1372 * uncache_firmware - remove one cached firmware image
1373 * @fw_name: the firmware image name
1374 *
1375 * Uncache one firmware image which has been cached successfully
1376 * before.
1377 *
1378 * Return 0 if the firmware cache has been removed successfully
1379 * Return !0 otherwise
1380 *
1381 */
uncache_firmware(const char * fw_name)1382 static int uncache_firmware(const char *fw_name)
1383 {
1384 struct firmware_buf *buf;
1385 struct firmware fw;
1386
1387 pr_debug("%s: %s\n", __func__, fw_name);
1388
1389 if (fw_get_builtin_firmware(&fw, fw_name))
1390 return 0;
1391
1392 buf = fw_lookup_buf(fw_name);
1393 if (buf) {
1394 fw_free_buf(buf);
1395 return 0;
1396 }
1397
1398 return -EINVAL;
1399 }
1400
alloc_fw_cache_entry(const char * name)1401 static struct fw_cache_entry *alloc_fw_cache_entry(const char *name)
1402 {
1403 struct fw_cache_entry *fce;
1404
1405 fce = kzalloc(sizeof(*fce) + strlen(name) + 1, GFP_ATOMIC);
1406 if (!fce)
1407 goto exit;
1408
1409 strcpy(fce->name, name);
1410 exit:
1411 return fce;
1412 }
1413
__fw_entry_found(const char * name)1414 static int __fw_entry_found(const char *name)
1415 {
1416 struct firmware_cache *fwc = &fw_cache;
1417 struct fw_cache_entry *fce;
1418
1419 list_for_each_entry(fce, &fwc->fw_names, list) {
1420 if (!strcmp(fce->name, name))
1421 return 1;
1422 }
1423 return 0;
1424 }
1425
fw_cache_piggyback_on_request(const char * name)1426 static int fw_cache_piggyback_on_request(const char *name)
1427 {
1428 struct firmware_cache *fwc = &fw_cache;
1429 struct fw_cache_entry *fce;
1430 int ret = 0;
1431
1432 spin_lock(&fwc->name_lock);
1433 if (__fw_entry_found(name))
1434 goto found;
1435
1436 fce = alloc_fw_cache_entry(name);
1437 if (fce) {
1438 ret = 1;
1439 list_add(&fce->list, &fwc->fw_names);
1440 pr_debug("%s: fw: %s\n", __func__, name);
1441 }
1442 found:
1443 spin_unlock(&fwc->name_lock);
1444 return ret;
1445 }
1446
free_fw_cache_entry(struct fw_cache_entry * fce)1447 static void free_fw_cache_entry(struct fw_cache_entry *fce)
1448 {
1449 kfree(fce);
1450 }
1451
__async_dev_cache_fw_image(void * fw_entry,async_cookie_t cookie)1452 static void __async_dev_cache_fw_image(void *fw_entry,
1453 async_cookie_t cookie)
1454 {
1455 struct fw_cache_entry *fce = fw_entry;
1456 struct firmware_cache *fwc = &fw_cache;
1457 int ret;
1458
1459 ret = cache_firmware(fce->name);
1460 if (ret) {
1461 spin_lock(&fwc->name_lock);
1462 list_del(&fce->list);
1463 spin_unlock(&fwc->name_lock);
1464
1465 free_fw_cache_entry(fce);
1466 }
1467 }
1468
1469 /* called with dev->devres_lock held */
dev_create_fw_entry(struct device * dev,void * res,void * data)1470 static void dev_create_fw_entry(struct device *dev, void *res,
1471 void *data)
1472 {
1473 struct fw_name_devm *fwn = res;
1474 const char *fw_name = fwn->name;
1475 struct list_head *head = data;
1476 struct fw_cache_entry *fce;
1477
1478 fce = alloc_fw_cache_entry(fw_name);
1479 if (fce)
1480 list_add(&fce->list, head);
1481 }
1482
devm_name_match(struct device * dev,void * res,void * match_data)1483 static int devm_name_match(struct device *dev, void *res,
1484 void *match_data)
1485 {
1486 struct fw_name_devm *fwn = res;
1487 return (fwn->magic == (unsigned long)match_data);
1488 }
1489
dev_cache_fw_image(struct device * dev,void * data)1490 static void dev_cache_fw_image(struct device *dev, void *data)
1491 {
1492 LIST_HEAD(todo);
1493 struct fw_cache_entry *fce;
1494 struct fw_cache_entry *fce_next;
1495 struct firmware_cache *fwc = &fw_cache;
1496
1497 devres_for_each_res(dev, fw_name_devm_release,
1498 devm_name_match, &fw_cache,
1499 dev_create_fw_entry, &todo);
1500
1501 list_for_each_entry_safe(fce, fce_next, &todo, list) {
1502 list_del(&fce->list);
1503
1504 spin_lock(&fwc->name_lock);
1505 /* only one cache entry for one firmware */
1506 if (!__fw_entry_found(fce->name)) {
1507 list_add(&fce->list, &fwc->fw_names);
1508 } else {
1509 free_fw_cache_entry(fce);
1510 fce = NULL;
1511 }
1512 spin_unlock(&fwc->name_lock);
1513
1514 if (fce)
1515 async_schedule_domain(__async_dev_cache_fw_image,
1516 (void *)fce,
1517 &fw_cache_domain);
1518 }
1519 }
1520
__device_uncache_fw_images(void)1521 static void __device_uncache_fw_images(void)
1522 {
1523 struct firmware_cache *fwc = &fw_cache;
1524 struct fw_cache_entry *fce;
1525
1526 spin_lock(&fwc->name_lock);
1527 while (!list_empty(&fwc->fw_names)) {
1528 fce = list_entry(fwc->fw_names.next,
1529 struct fw_cache_entry, list);
1530 list_del(&fce->list);
1531 spin_unlock(&fwc->name_lock);
1532
1533 uncache_firmware(fce->name);
1534 free_fw_cache_entry(fce);
1535
1536 spin_lock(&fwc->name_lock);
1537 }
1538 spin_unlock(&fwc->name_lock);
1539 }
1540
1541 /**
1542 * device_cache_fw_images - cache devices' firmware
1543 *
1544 * If one device called request_firmware or its nowait version
1545 * successfully before, the firmware names are recored into the
1546 * device's devres link list, so device_cache_fw_images can call
1547 * cache_firmware() to cache these firmwares for the device,
1548 * then the device driver can load its firmwares easily at
1549 * time when system is not ready to complete loading firmware.
1550 */
device_cache_fw_images(void)1551 static void device_cache_fw_images(void)
1552 {
1553 struct firmware_cache *fwc = &fw_cache;
1554 int old_timeout;
1555 DEFINE_WAIT(wait);
1556
1557 pr_debug("%s\n", __func__);
1558
1559 /* cancel uncache work */
1560 cancel_delayed_work_sync(&fwc->work);
1561
1562 /*
1563 * use small loading timeout for caching devices' firmware
1564 * because all these firmware images have been loaded
1565 * successfully at lease once, also system is ready for
1566 * completing firmware loading now. The maximum size of
1567 * firmware in current distributions is about 2M bytes,
1568 * so 10 secs should be enough.
1569 */
1570 old_timeout = loading_timeout;
1571 loading_timeout = 10;
1572
1573 mutex_lock(&fw_lock);
1574 fwc->state = FW_LOADER_START_CACHE;
1575 dpm_for_each_dev(NULL, dev_cache_fw_image);
1576 mutex_unlock(&fw_lock);
1577
1578 /* wait for completion of caching firmware for all devices */
1579 async_synchronize_full_domain(&fw_cache_domain);
1580
1581 loading_timeout = old_timeout;
1582 }
1583
1584 /**
1585 * device_uncache_fw_images - uncache devices' firmware
1586 *
1587 * uncache all firmwares which have been cached successfully
1588 * by device_uncache_fw_images earlier
1589 */
device_uncache_fw_images(void)1590 static void device_uncache_fw_images(void)
1591 {
1592 pr_debug("%s\n", __func__);
1593 __device_uncache_fw_images();
1594 }
1595
device_uncache_fw_images_work(struct work_struct * work)1596 static void device_uncache_fw_images_work(struct work_struct *work)
1597 {
1598 device_uncache_fw_images();
1599 }
1600
1601 /**
1602 * device_uncache_fw_images_delay - uncache devices firmwares
1603 * @delay: number of milliseconds to delay uncache device firmwares
1604 *
1605 * uncache all devices's firmwares which has been cached successfully
1606 * by device_cache_fw_images after @delay milliseconds.
1607 */
device_uncache_fw_images_delay(unsigned long delay)1608 static void device_uncache_fw_images_delay(unsigned long delay)
1609 {
1610 queue_delayed_work(system_power_efficient_wq, &fw_cache.work,
1611 msecs_to_jiffies(delay));
1612 }
1613
fw_pm_notify(struct notifier_block * notify_block,unsigned long mode,void * unused)1614 static int fw_pm_notify(struct notifier_block *notify_block,
1615 unsigned long mode, void *unused)
1616 {
1617 switch (mode) {
1618 case PM_HIBERNATION_PREPARE:
1619 case PM_SUSPEND_PREPARE:
1620 case PM_RESTORE_PREPARE:
1621 kill_requests_without_uevent();
1622 device_cache_fw_images();
1623 break;
1624
1625 case PM_POST_SUSPEND:
1626 case PM_POST_HIBERNATION:
1627 case PM_POST_RESTORE:
1628 /*
1629 * In case that system sleep failed and syscore_suspend is
1630 * not called.
1631 */
1632 mutex_lock(&fw_lock);
1633 fw_cache.state = FW_LOADER_NO_CACHE;
1634 mutex_unlock(&fw_lock);
1635
1636 device_uncache_fw_images_delay(10 * MSEC_PER_SEC);
1637 break;
1638 }
1639
1640 return 0;
1641 }
1642
1643 /* stop caching firmware once syscore_suspend is reached */
fw_suspend(void)1644 static int fw_suspend(void)
1645 {
1646 fw_cache.state = FW_LOADER_NO_CACHE;
1647 return 0;
1648 }
1649
1650 static struct syscore_ops fw_syscore_ops = {
1651 .suspend = fw_suspend,
1652 };
1653 #else
fw_cache_piggyback_on_request(const char * name)1654 static int fw_cache_piggyback_on_request(const char *name)
1655 {
1656 return 0;
1657 }
1658 #endif
1659
fw_cache_init(void)1660 static void __init fw_cache_init(void)
1661 {
1662 spin_lock_init(&fw_cache.lock);
1663 INIT_LIST_HEAD(&fw_cache.head);
1664 fw_cache.state = FW_LOADER_NO_CACHE;
1665
1666 #ifdef CONFIG_PM_SLEEP
1667 spin_lock_init(&fw_cache.name_lock);
1668 INIT_LIST_HEAD(&fw_cache.fw_names);
1669
1670 INIT_DELAYED_WORK(&fw_cache.work,
1671 device_uncache_fw_images_work);
1672
1673 fw_cache.pm_notify.notifier_call = fw_pm_notify;
1674 register_pm_notifier(&fw_cache.pm_notify);
1675
1676 register_syscore_ops(&fw_syscore_ops);
1677 #endif
1678 }
1679
firmware_class_init(void)1680 static int __init firmware_class_init(void)
1681 {
1682 fw_cache_init();
1683 #ifdef CONFIG_FW_LOADER_USER_HELPER
1684 register_reboot_notifier(&fw_shutdown_nb);
1685 return class_register(&firmware_class);
1686 #else
1687 return 0;
1688 #endif
1689 }
1690
firmware_class_exit(void)1691 static void __exit firmware_class_exit(void)
1692 {
1693 #ifdef CONFIG_PM_SLEEP
1694 unregister_syscore_ops(&fw_syscore_ops);
1695 unregister_pm_notifier(&fw_cache.pm_notify);
1696 #endif
1697 #ifdef CONFIG_FW_LOADER_USER_HELPER
1698 unregister_reboot_notifier(&fw_shutdown_nb);
1699 class_unregister(&firmware_class);
1700 #endif
1701 }
1702
1703 fs_initcall(firmware_class_init);
1704 module_exit(firmware_class_exit);
1705