1 // SPDX-License-Identifier: GPL-2.0-or-later
4 * Procedures for interfacing to the RTAS on CHRP machines.
6 * Peter Bergner, IBM March 2001.
7 * Copyright (C) 2001 IBM.
11 #include <linux/kernel.h>
12 #include <linux/types.h>
13 #include <linux/spinlock.h>
14 #include <linux/export.h>
15 #include <linux/init.h>
16 #include <linux/capability.h>
17 #include <linux/delay.h>
18 #include <linux/cpu.h>
19 #include <linux/sched.h>
20 #include <linux/smp.h>
21 #include <linux/completion.h>
22 #include <linux/cpumask.h>
23 #include <linux/memblock.h>
24 #include <linux/slab.h>
25 #include <linux/reboot.h>
26 #include <linux/syscalls.h>
30 #include <asm/hvcall.h>
31 #include <asm/machdep.h>
32 #include <asm/firmware.h>
34 #include <asm/param.h>
35 #include <asm/delay.h>
36 #include <linux/uaccess.h>
38 #include <asm/syscalls.h>
40 #include <linux/atomic.h>
43 #include <asm/topology.h>
46 /* This is here deliberately so it's only used in this file */
47 void enter_rtas(unsigned long);
49 struct rtas_t rtas = {
50 .lock = __ARCH_SPIN_LOCK_UNLOCKED
54 DEFINE_SPINLOCK(rtas_data_buf_lock);
55 EXPORT_SYMBOL_GPL(rtas_data_buf_lock);
57 char rtas_data_buf[RTAS_DATA_BUF_SIZE] __aligned(SZ_4K);
58 EXPORT_SYMBOL_GPL(rtas_data_buf);
60 unsigned long rtas_rmo_buf;
63 * If non-NULL, this gets called when the kernel terminates.
64 * This is done like this so rtas_flash can be a module.
66 void (*rtas_flash_term_hook)(int);
67 EXPORT_SYMBOL_GPL(rtas_flash_term_hook);
69 /* RTAS use home made raw locking instead of spin_lock_irqsave
70 * because those can be called from within really nasty contexts
71 * such as having the timebase stopped which would lockup with
72 * normal locks and spinlock debugging enabled
74 static unsigned long lock_rtas(void)
78 local_irq_save(flags);
80 arch_spin_lock(&rtas.lock);
84 static void unlock_rtas(unsigned long flags)
86 arch_spin_unlock(&rtas.lock);
87 local_irq_restore(flags);
92 * call_rtas_display_status and call_rtas_display_status_delay
93 * are designed only for very early low-level debugging, which
94 * is why the token is hard-coded to 10.
96 static void call_rtas_display_status(unsigned char c)
104 rtas_call_unlocked(&rtas.args, 10, 1, 1, NULL, c);
108 static void call_rtas_display_status_delay(char c)
110 static int pending_newline = 0; /* did last write end with unprinted newline? */
111 static int width = 16;
115 call_rtas_display_status(' ');
120 if (pending_newline) {
121 call_rtas_display_status('\r');
122 call_rtas_display_status('\n');
126 call_rtas_display_status(c);
132 void __init udbg_init_rtas_panel(void)
134 udbg_putc = call_rtas_display_status_delay;
137 #ifdef CONFIG_UDBG_RTAS_CONSOLE
139 /* If you think you're dying before early_init_dt_scan_rtas() does its
140 * work, you can hard code the token values for your firmware here and
141 * hardcode rtas.base/entry etc.
143 static unsigned int rtas_putchar_token = RTAS_UNKNOWN_SERVICE;
144 static unsigned int rtas_getchar_token = RTAS_UNKNOWN_SERVICE;
146 static void udbg_rtascon_putc(char c)
153 /* Add CRs before LFs */
155 udbg_rtascon_putc('\r');
157 /* if there is more than one character to be displayed, wait a bit */
158 for (tries = 0; tries < 16; tries++) {
159 if (rtas_call(rtas_putchar_token, 1, 1, NULL, c) == 0)
165 static int udbg_rtascon_getc_poll(void)
172 if (rtas_call(rtas_getchar_token, 0, 2, &c))
178 static int udbg_rtascon_getc(void)
182 while ((c = udbg_rtascon_getc_poll()) == -1)
189 void __init udbg_init_rtas_console(void)
191 udbg_putc = udbg_rtascon_putc;
192 udbg_getc = udbg_rtascon_getc;
193 udbg_getc_poll = udbg_rtascon_getc_poll;
195 #endif /* CONFIG_UDBG_RTAS_CONSOLE */
197 void rtas_progress(char *s, unsigned short hex)
199 struct device_node *root;
203 static int display_character, set_indicator;
204 static int display_width, display_lines, form_feed;
205 static const int *row_width;
206 static DEFINE_SPINLOCK(progress_lock);
207 static int current_line;
208 static int pending_newline = 0; /* did last write end with unprinted newline? */
213 if (display_width == 0) {
214 display_width = 0x10;
215 if ((root = of_find_node_by_path("/rtas"))) {
216 if ((p = of_get_property(root,
217 "ibm,display-line-length", NULL)))
218 display_width = be32_to_cpu(*p);
219 if ((p = of_get_property(root,
220 "ibm,form-feed", NULL)))
221 form_feed = be32_to_cpu(*p);
222 if ((p = of_get_property(root,
223 "ibm,display-number-of-lines", NULL)))
224 display_lines = be32_to_cpu(*p);
225 row_width = of_get_property(root,
226 "ibm,display-truncation-length", NULL);
229 display_character = rtas_token("display-character");
230 set_indicator = rtas_token("set-indicator");
233 if (display_character == RTAS_UNKNOWN_SERVICE) {
234 /* use hex display if available */
235 if (set_indicator != RTAS_UNKNOWN_SERVICE)
236 rtas_call(set_indicator, 3, 1, NULL, 6, 0, hex);
240 spin_lock(&progress_lock);
243 * Last write ended with newline, but we didn't print it since
244 * it would just clear the bottom line of output. Print it now
247 * If no newline is pending and form feed is supported, clear the
248 * display with a form feed; otherwise, print a CR to start output
249 * at the beginning of the line.
251 if (pending_newline) {
252 rtas_call(display_character, 1, 1, NULL, '\r');
253 rtas_call(display_character, 1, 1, NULL, '\n');
258 rtas_call(display_character, 1, 1, NULL,
261 rtas_call(display_character, 1, 1, NULL, '\r');
265 width = row_width[current_line];
267 width = display_width;
270 if (*os == '\n' || *os == '\r') {
271 /* If newline is the last character, save it
272 * until next call to avoid bumping up the
275 if (*os == '\n' && !os[1]) {
278 if (current_line > display_lines-1)
279 current_line = display_lines-1;
280 spin_unlock(&progress_lock);
284 /* RTAS wants CR-LF, not just LF */
287 rtas_call(display_character, 1, 1, NULL, '\r');
288 rtas_call(display_character, 1, 1, NULL, '\n');
290 /* CR might be used to re-draw a line, so we'll
291 * leave it alone and not add LF.
293 rtas_call(display_character, 1, 1, NULL, *os);
297 width = row_width[current_line];
299 width = display_width;
302 rtas_call(display_character, 1, 1, NULL, *os);
307 /* if we overwrite the screen length */
309 while ((*os != 0) && (*os != '\n') && (*os != '\r'))
313 spin_unlock(&progress_lock);
315 EXPORT_SYMBOL_GPL(rtas_progress); /* needed by rtas_flash module */
317 int rtas_token(const char *service)
320 if (rtas.dev == NULL)
321 return RTAS_UNKNOWN_SERVICE;
322 tokp = of_get_property(rtas.dev, service, NULL);
323 return tokp ? be32_to_cpu(*tokp) : RTAS_UNKNOWN_SERVICE;
325 EXPORT_SYMBOL_GPL(rtas_token);
327 int rtas_service_present(const char *service)
329 return rtas_token(service) != RTAS_UNKNOWN_SERVICE;
331 EXPORT_SYMBOL(rtas_service_present);
333 #ifdef CONFIG_RTAS_ERROR_LOGGING
335 * Return the firmware-specified size of the error log buffer
336 * for all rtas calls that require an error buffer argument.
337 * This includes 'check-exception' and 'rtas-last-error'.
339 int rtas_get_error_log_max(void)
341 static int rtas_error_log_max;
342 if (rtas_error_log_max)
343 return rtas_error_log_max;
345 rtas_error_log_max = rtas_token ("rtas-error-log-max");
346 if ((rtas_error_log_max == RTAS_UNKNOWN_SERVICE) ||
347 (rtas_error_log_max > RTAS_ERROR_LOG_MAX)) {
348 printk (KERN_WARNING "RTAS: bad log buffer size %d\n",
350 rtas_error_log_max = RTAS_ERROR_LOG_MAX;
352 return rtas_error_log_max;
354 EXPORT_SYMBOL(rtas_get_error_log_max);
357 static char rtas_err_buf[RTAS_ERROR_LOG_MAX];
358 static int rtas_last_error_token;
360 /** Return a copy of the detailed error text associated with the
361 * most recent failed call to rtas. Because the error text
362 * might go stale if there are any other intervening rtas calls,
363 * this routine must be called atomically with whatever produced
364 * the error (i.e. with rtas.lock still held from the previous call).
366 static char *__fetch_rtas_last_error(char *altbuf)
368 struct rtas_args err_args, save_args;
372 if (rtas_last_error_token == -1)
375 bufsz = rtas_get_error_log_max();
377 err_args.token = cpu_to_be32(rtas_last_error_token);
378 err_args.nargs = cpu_to_be32(2);
379 err_args.nret = cpu_to_be32(1);
380 err_args.args[0] = cpu_to_be32(__pa(rtas_err_buf));
381 err_args.args[1] = cpu_to_be32(bufsz);
382 err_args.args[2] = 0;
384 save_args = rtas.args;
385 rtas.args = err_args;
387 enter_rtas(__pa(&rtas.args));
389 err_args = rtas.args;
390 rtas.args = save_args;
392 /* Log the error in the unlikely case that there was one. */
393 if (unlikely(err_args.args[2] == 0)) {
398 if (slab_is_available())
399 buf = kmalloc(RTAS_ERROR_LOG_MAX, GFP_ATOMIC);
402 memmove(buf, rtas_err_buf, RTAS_ERROR_LOG_MAX);
408 #define get_errorlog_buffer() kmalloc(RTAS_ERROR_LOG_MAX, GFP_KERNEL)
410 #else /* CONFIG_RTAS_ERROR_LOGGING */
411 #define __fetch_rtas_last_error(x) NULL
412 #define get_errorlog_buffer() NULL
417 va_rtas_call_unlocked(struct rtas_args *args, int token, int nargs, int nret,
422 args->token = cpu_to_be32(token);
423 args->nargs = cpu_to_be32(nargs);
424 args->nret = cpu_to_be32(nret);
425 args->rets = &(args->args[nargs]);
427 for (i = 0; i < nargs; ++i)
428 args->args[i] = cpu_to_be32(va_arg(list, __u32));
430 for (i = 0; i < nret; ++i)
433 enter_rtas(__pa(args));
436 void rtas_call_unlocked(struct rtas_args *args, int token, int nargs, int nret, ...)
440 va_start(list, nret);
441 va_rtas_call_unlocked(args, token, nargs, nret, list);
445 int rtas_call(int token, int nargs, int nret, int *outputs, ...)
450 struct rtas_args *rtas_args;
451 char *buff_copy = NULL;
454 if (!rtas.entry || token == RTAS_UNKNOWN_SERVICE)
459 /* We use the global rtas args buffer */
460 rtas_args = &rtas.args;
462 va_start(list, outputs);
463 va_rtas_call_unlocked(rtas_args, token, nargs, nret, list);
466 /* A -1 return code indicates that the last command couldn't
467 be completed due to a hardware error. */
468 if (be32_to_cpu(rtas_args->rets[0]) == -1)
469 buff_copy = __fetch_rtas_last_error(NULL);
471 if (nret > 1 && outputs != NULL)
472 for (i = 0; i < nret-1; ++i)
473 outputs[i] = be32_to_cpu(rtas_args->rets[i+1]);
474 ret = (nret > 0)? be32_to_cpu(rtas_args->rets[0]): 0;
479 log_error(buff_copy, ERR_TYPE_RTAS_LOG, 0);
480 if (slab_is_available())
485 EXPORT_SYMBOL_GPL(rtas_call);
487 /* For RTAS_BUSY (-2), delay for 1 millisecond. For an extended busy status
488 * code of 990n, perform the hinted delay of 10^n (last digit) milliseconds.
490 unsigned int rtas_busy_delay_time(int status)
495 if (status == RTAS_BUSY) {
497 } else if (status >= RTAS_EXTENDED_DELAY_MIN &&
498 status <= RTAS_EXTENDED_DELAY_MAX) {
499 order = status - RTAS_EXTENDED_DELAY_MIN;
500 for (ms = 1; order > 0; order--)
506 EXPORT_SYMBOL(rtas_busy_delay_time);
508 /* For an RTAS busy status code, perform the hinted delay. */
509 unsigned int rtas_busy_delay(int status)
514 ms = rtas_busy_delay_time(status);
515 if (ms && need_resched())
520 EXPORT_SYMBOL_GPL(rtas_busy_delay);
522 static int rtas_error_rc(int rtas_rc)
527 case -1: /* Hardware Error */
530 case -3: /* Bad indicator/domain/etc */
533 case -9000: /* Isolation error */
536 case -9001: /* Outstanding TCE/PTE */
539 case -9002: /* No usable slot */
543 printk(KERN_ERR "%s: unexpected RTAS error %d\n",
551 int rtas_get_power_level(int powerdomain, int *level)
553 int token = rtas_token("get-power-level");
556 if (token == RTAS_UNKNOWN_SERVICE)
559 while ((rc = rtas_call(token, 1, 2, level, powerdomain)) == RTAS_BUSY)
563 return rtas_error_rc(rc);
566 EXPORT_SYMBOL_GPL(rtas_get_power_level);
568 int rtas_set_power_level(int powerdomain, int level, int *setlevel)
570 int token = rtas_token("set-power-level");
573 if (token == RTAS_UNKNOWN_SERVICE)
577 rc = rtas_call(token, 2, 2, setlevel, powerdomain, level);
578 } while (rtas_busy_delay(rc));
581 return rtas_error_rc(rc);
584 EXPORT_SYMBOL_GPL(rtas_set_power_level);
586 int rtas_get_sensor(int sensor, int index, int *state)
588 int token = rtas_token("get-sensor-state");
591 if (token == RTAS_UNKNOWN_SERVICE)
595 rc = rtas_call(token, 2, 2, state, sensor, index);
596 } while (rtas_busy_delay(rc));
599 return rtas_error_rc(rc);
602 EXPORT_SYMBOL_GPL(rtas_get_sensor);
604 int rtas_get_sensor_fast(int sensor, int index, int *state)
606 int token = rtas_token("get-sensor-state");
609 if (token == RTAS_UNKNOWN_SERVICE)
612 rc = rtas_call(token, 2, 2, state, sensor, index);
613 WARN_ON(rc == RTAS_BUSY || (rc >= RTAS_EXTENDED_DELAY_MIN &&
614 rc <= RTAS_EXTENDED_DELAY_MAX));
617 return rtas_error_rc(rc);
621 bool rtas_indicator_present(int token, int *maxindex)
623 int proplen, count, i;
624 const struct indicator_elem {
629 indicators = of_get_property(rtas.dev, "rtas-indicators", &proplen);
633 count = proplen / sizeof(struct indicator_elem);
635 for (i = 0; i < count; i++) {
636 if (__be32_to_cpu(indicators[i].token) != token)
639 *maxindex = __be32_to_cpu(indicators[i].maxindex);
645 EXPORT_SYMBOL(rtas_indicator_present);
647 int rtas_set_indicator(int indicator, int index, int new_value)
649 int token = rtas_token("set-indicator");
652 if (token == RTAS_UNKNOWN_SERVICE)
656 rc = rtas_call(token, 3, 1, NULL, indicator, index, new_value);
657 } while (rtas_busy_delay(rc));
660 return rtas_error_rc(rc);
663 EXPORT_SYMBOL_GPL(rtas_set_indicator);
666 * Ignoring RTAS extended delay
668 int rtas_set_indicator_fast(int indicator, int index, int new_value)
671 int token = rtas_token("set-indicator");
673 if (token == RTAS_UNKNOWN_SERVICE)
676 rc = rtas_call(token, 3, 1, NULL, indicator, index, new_value);
678 WARN_ON(rc == RTAS_BUSY || (rc >= RTAS_EXTENDED_DELAY_MIN &&
679 rc <= RTAS_EXTENDED_DELAY_MAX));
682 return rtas_error_rc(rc);
687 void __noreturn rtas_restart(char *cmd)
689 if (rtas_flash_term_hook)
690 rtas_flash_term_hook(SYS_RESTART);
691 printk("RTAS system-reboot returned %d\n",
692 rtas_call(rtas_token("system-reboot"), 0, 1, NULL));
696 void rtas_power_off(void)
698 if (rtas_flash_term_hook)
699 rtas_flash_term_hook(SYS_POWER_OFF);
700 /* allow power on only with power button press */
701 printk("RTAS power-off returned %d\n",
702 rtas_call(rtas_token("power-off"), 2, 1, NULL, -1, -1));
706 void __noreturn rtas_halt(void)
708 if (rtas_flash_term_hook)
709 rtas_flash_term_hook(SYS_HALT);
710 /* allow power on only with power button press */
711 printk("RTAS power-off returned %d\n",
712 rtas_call(rtas_token("power-off"), 2, 1, NULL, -1, -1));
716 /* Must be in the RMO region, so we place it here */
717 static char rtas_os_term_buf[2048];
718 static s32 ibm_os_term_token = RTAS_UNKNOWN_SERVICE;
720 void rtas_os_term(char *str)
725 * Firmware with the ibm,extended-os-term property is guaranteed
726 * to always return from an ibm,os-term call. Earlier versions without
727 * this property may terminate the partition which we want to avoid
728 * since it interferes with panic_timeout.
730 if (ibm_os_term_token == RTAS_UNKNOWN_SERVICE)
733 snprintf(rtas_os_term_buf, 2048, "OS panic: %s", str);
736 * Keep calling as long as RTAS returns a "try again" status,
737 * but don't use rtas_busy_delay(), which potentially
741 status = rtas_call(ibm_os_term_token, 1, 1, NULL,
742 __pa(rtas_os_term_buf));
743 } while (rtas_busy_delay_time(status));
746 printk(KERN_EMERG "ibm,os-term call failed %d\n", status);
749 static int ibm_suspend_me_token = RTAS_UNKNOWN_SERVICE;
750 #ifdef CONFIG_PPC_PSERIES
751 static int __rtas_suspend_last_cpu(struct rtas_suspend_me_data *data, int wake_when_done)
753 u16 slb_size = mmu_slb_size;
754 int rc = H_MULTI_THREADS_ACTIVE;
757 slb_set_size(SLB_MIN_SIZE);
758 printk(KERN_DEBUG "calling ibm,suspend-me on cpu %i\n", smp_processor_id());
760 while (rc == H_MULTI_THREADS_ACTIVE && !atomic_read(&data->done) &&
761 !atomic_read(&data->error))
762 rc = rtas_call(data->token, 0, 1, NULL);
764 if (rc || atomic_read(&data->error)) {
765 printk(KERN_DEBUG "ibm,suspend-me returned %d\n", rc);
766 slb_set_size(slb_size);
769 if (atomic_read(&data->error))
770 rc = atomic_read(&data->error);
772 atomic_set(&data->error, rc);
773 pSeries_coalesce_init();
775 if (wake_when_done) {
776 atomic_set(&data->done, 1);
778 for_each_online_cpu(cpu)
779 plpar_hcall_norets(H_PROD, get_hard_smp_processor_id(cpu));
782 if (atomic_dec_return(&data->working) == 0)
783 complete(data->complete);
788 int rtas_suspend_last_cpu(struct rtas_suspend_me_data *data)
790 atomic_inc(&data->working);
791 return __rtas_suspend_last_cpu(data, 0);
794 static int __rtas_suspend_cpu(struct rtas_suspend_me_data *data, int wake_when_done)
797 unsigned long msr_save;
800 atomic_inc(&data->working);
802 /* really need to ensure MSR.EE is off for H_JOIN */
804 mtmsr(msr_save & ~(MSR_EE));
806 while (rc == H_SUCCESS && !atomic_read(&data->done) && !atomic_read(&data->error))
807 rc = plpar_hcall_norets(H_JOIN);
811 if (rc == H_SUCCESS) {
812 /* This cpu was prodded and the suspend is complete. */
814 } else if (rc == H_CONTINUE) {
815 /* All other cpus are in H_JOIN, this cpu does
818 return __rtas_suspend_last_cpu(data, wake_when_done);
820 printk(KERN_ERR "H_JOIN on cpu %i failed with rc = %ld\n",
821 smp_processor_id(), rc);
822 atomic_set(&data->error, rc);
825 if (wake_when_done) {
826 atomic_set(&data->done, 1);
828 /* This cpu did the suspend or got an error; in either case,
829 * we need to prod all other other cpus out of join state.
830 * Extra prods are harmless.
832 for_each_online_cpu(cpu)
833 plpar_hcall_norets(H_PROD, get_hard_smp_processor_id(cpu));
836 if (atomic_dec_return(&data->working) == 0)
837 complete(data->complete);
841 int rtas_suspend_cpu(struct rtas_suspend_me_data *data)
843 return __rtas_suspend_cpu(data, 0);
846 static void rtas_percpu_suspend_me(void *info)
848 __rtas_suspend_cpu((struct rtas_suspend_me_data *)info, 1);
851 int rtas_ibm_suspend_me(u64 handle)
855 unsigned long retbuf[PLPAR_HCALL_BUFSIZE];
856 struct rtas_suspend_me_data data;
857 DECLARE_COMPLETION_ONSTACK(done);
859 if (!rtas_service_present("ibm,suspend-me"))
862 /* Make sure the state is valid */
863 rc = plpar_hcall(H_VASI_STATE, retbuf, handle);
868 printk(KERN_ERR "rtas_ibm_suspend_me: vasi_state returned %ld\n",rc);
870 } else if (state == H_VASI_ENABLED) {
872 } else if (state != H_VASI_SUSPENDING) {
873 printk(KERN_ERR "rtas_ibm_suspend_me: vasi_state returned state %ld\n",
878 atomic_set(&data.working, 0);
879 atomic_set(&data.done, 0);
880 atomic_set(&data.error, 0);
881 data.token = rtas_token("ibm,suspend-me");
882 data.complete = &done;
884 lock_device_hotplug();
886 cpu_hotplug_disable();
888 /* Call function on all CPUs. One of us will make the
891 on_each_cpu(rtas_percpu_suspend_me, &data, 0);
893 wait_for_completion(&done);
895 if (atomic_read(&data.error) != 0)
896 printk(KERN_ERR "Error doing global join\n");
899 cpu_hotplug_enable();
901 unlock_device_hotplug();
903 return atomic_read(&data.error);
907 * rtas_call_reentrant() - Used for reentrant rtas calls
908 * @token: Token for desired reentrant RTAS call
909 * @nargs: Number of Input Parameters
910 * @nret: Number of Output Parameters
911 * @outputs: Array of outputs
912 * @...: Inputs for desired RTAS call
914 * According to LoPAR documentation, only "ibm,int-on", "ibm,int-off",
915 * "ibm,get-xive" and "ibm,set-xive" are currently reentrant.
916 * Reentrant calls need their own rtas_args buffer, so not using rtas.args, but
919 * Return: -1 on error,
920 * First output value of RTAS call if (nret > 0),
923 int rtas_call_reentrant(int token, int nargs, int nret, int *outputs, ...)
926 struct rtas_args *args;
930 if (!rtas.entry || token == RTAS_UNKNOWN_SERVICE)
933 local_irq_save(flags);
936 /* We use the per-cpu (PACA) rtas args buffer */
937 args = local_paca->rtas_args_reentrant;
939 va_start(list, outputs);
940 va_rtas_call_unlocked(args, token, nargs, nret, list);
943 if (nret > 1 && outputs)
944 for (i = 0; i < nret - 1; ++i)
945 outputs[i] = be32_to_cpu(args->rets[i + 1]);
948 ret = be32_to_cpu(args->rets[0]);
950 local_irq_restore(flags);
956 #else /* CONFIG_PPC_PSERIES */
957 int rtas_ibm_suspend_me(u64 handle)
964 * Find a specific pseries error log in an RTAS extended event log.
965 * @log: RTAS error/event log
966 * @section_id: two character section identifier
968 * Returns a pointer to the specified errorlog or NULL if not found.
970 struct pseries_errorlog *get_pseries_errorlog(struct rtas_error_log *log,
973 struct rtas_ext_event_log_v6 *ext_log =
974 (struct rtas_ext_event_log_v6 *)log->buffer;
975 struct pseries_errorlog *sect;
976 unsigned char *p, *log_end;
977 uint32_t ext_log_length = rtas_error_extended_log_length(log);
978 uint8_t log_format = rtas_ext_event_log_format(ext_log);
979 uint32_t company_id = rtas_ext_event_company_id(ext_log);
981 /* Check that we understand the format */
982 if (ext_log_length < sizeof(struct rtas_ext_event_log_v6) ||
983 log_format != RTAS_V6EXT_LOG_FORMAT_EVENT_LOG ||
984 company_id != RTAS_V6EXT_COMPANY_ID_IBM)
987 log_end = log->buffer + ext_log_length;
988 p = ext_log->vendor_log;
990 while (p < log_end) {
991 sect = (struct pseries_errorlog *)p;
992 if (pseries_errorlog_id(sect) == section_id)
994 p += pseries_errorlog_length(sect);
1000 #ifdef CONFIG_PPC_RTAS_FILTER
1003 * The sys_rtas syscall, as originally designed, allows root to pass
1004 * arbitrary physical addresses to RTAS calls. A number of RTAS calls
1005 * can be abused to write to arbitrary memory and do other things that
1006 * are potentially harmful to system integrity, and thus should only
1007 * be used inside the kernel and not exposed to userspace.
1009 * All known legitimate users of the sys_rtas syscall will only ever
1010 * pass addresses that fall within the RMO buffer, and use a known
1011 * subset of RTAS calls.
1013 * Accordingly, we filter RTAS requests to check that the call is
1014 * permitted, and that provided pointers fall within the RMO buffer.
1015 * The rtas_filters list contains an entry for each permitted call,
1016 * with the indexes of the parameters which are expected to contain
1017 * addresses and sizes of buffers allocated inside the RMO buffer.
1019 struct rtas_filter {
1022 /* Indexes into the args buffer, -1 if not used */
1031 static struct rtas_filter rtas_filters[] __ro_after_init = {
1032 { "ibm,activate-firmware", -1, -1, -1, -1, -1 },
1033 { "ibm,configure-connector", -1, 0, -1, 1, -1, 4096 }, /* Special cased */
1034 { "display-character", -1, -1, -1, -1, -1 },
1035 { "ibm,display-message", -1, 0, -1, -1, -1 },
1036 { "ibm,errinjct", -1, 2, -1, -1, -1, 1024 },
1037 { "ibm,close-errinjct", -1, -1, -1, -1, -1 },
1038 { "ibm,open-errinjct", -1, -1, -1, -1, -1 },
1039 { "ibm,get-config-addr-info2", -1, -1, -1, -1, -1 },
1040 { "ibm,get-dynamic-sensor-state", -1, 1, -1, -1, -1 },
1041 { "ibm,get-indices", -1, 2, 3, -1, -1 },
1042 { "get-power-level", -1, -1, -1, -1, -1 },
1043 { "get-sensor-state", -1, -1, -1, -1, -1 },
1044 { "ibm,get-system-parameter", -1, 1, 2, -1, -1 },
1045 { "get-time-of-day", -1, -1, -1, -1, -1 },
1046 { "ibm,get-vpd", -1, 0, -1, 1, 2 },
1047 { "ibm,lpar-perftools", -1, 2, 3, -1, -1 },
1048 { "ibm,platform-dump", -1, 4, 5, -1, -1 }, /* Special cased */
1049 { "ibm,read-slot-reset-state", -1, -1, -1, -1, -1 },
1050 { "ibm,scan-log-dump", -1, 0, 1, -1, -1 },
1051 { "ibm,set-dynamic-indicator", -1, 2, -1, -1, -1 },
1052 { "ibm,set-eeh-option", -1, -1, -1, -1, -1 },
1053 { "set-indicator", -1, -1, -1, -1, -1 },
1054 { "set-power-level", -1, -1, -1, -1, -1 },
1055 { "set-time-for-power-on", -1, -1, -1, -1, -1 },
1056 { "ibm,set-system-parameter", -1, 1, -1, -1, -1 },
1057 { "set-time-of-day", -1, -1, -1, -1, -1 },
1058 { "ibm,suspend-me", -1, -1, -1, -1, -1 },
1059 { "ibm,update-nodes", -1, 0, -1, -1, -1, 4096 },
1060 { "ibm,update-properties", -1, 0, -1, -1, -1, 4096 },
1061 { "ibm,physical-attestation", -1, 0, 1, -1, -1 },
1064 static bool in_rmo_buf(u32 base, u32 end)
1066 return base >= rtas_rmo_buf &&
1067 base < (rtas_rmo_buf + RTAS_RMOBUF_MAX) &&
1069 end >= rtas_rmo_buf &&
1070 end < (rtas_rmo_buf + RTAS_RMOBUF_MAX);
1073 static bool block_rtas_call(int token, int nargs,
1074 struct rtas_args *args)
1078 for (i = 0; i < ARRAY_SIZE(rtas_filters); i++) {
1079 struct rtas_filter *f = &rtas_filters[i];
1080 u32 base, size, end;
1082 if (token != f->token)
1085 if (f->buf_idx1 != -1) {
1086 base = be32_to_cpu(args->args[f->buf_idx1]);
1087 if (f->size_idx1 != -1)
1088 size = be32_to_cpu(args->args[f->size_idx1]);
1089 else if (f->fixed_size)
1090 size = f->fixed_size;
1094 end = base + size - 1;
1097 * Special case for ibm,platform-dump - NULL buffer
1098 * address is used to indicate end of dump processing
1100 if (!strcmp(f->name, "ibm,platform-dump") &&
1104 if (!in_rmo_buf(base, end))
1108 if (f->buf_idx2 != -1) {
1109 base = be32_to_cpu(args->args[f->buf_idx2]);
1110 if (f->size_idx2 != -1)
1111 size = be32_to_cpu(args->args[f->size_idx2]);
1112 else if (f->fixed_size)
1113 size = f->fixed_size;
1116 end = base + size - 1;
1119 * Special case for ibm,configure-connector where the
1122 if (!strcmp(f->name, "ibm,configure-connector") &&
1126 if (!in_rmo_buf(base, end))
1134 pr_err_ratelimited("sys_rtas: RTAS call blocked - exploit attempt?\n");
1135 pr_err_ratelimited("sys_rtas: token=0x%x, nargs=%d (called by %s)\n",
1136 token, nargs, current->comm);
1142 static bool block_rtas_call(int token, int nargs,
1143 struct rtas_args *args)
1148 #endif /* CONFIG_PPC_RTAS_FILTER */
1150 /* We assume to be passed big endian arguments */
1151 SYSCALL_DEFINE1(rtas, struct rtas_args __user *, uargs)
1153 struct rtas_args args;
1154 unsigned long flags;
1155 char *buff_copy, *errbuf = NULL;
1156 int nargs, nret, token;
1158 if (!capable(CAP_SYS_ADMIN))
1164 if (copy_from_user(&args, uargs, 3 * sizeof(u32)) != 0)
1167 nargs = be32_to_cpu(args.nargs);
1168 nret = be32_to_cpu(args.nret);
1169 token = be32_to_cpu(args.token);
1171 if (nargs >= ARRAY_SIZE(args.args)
1172 || nret > ARRAY_SIZE(args.args)
1173 || nargs + nret > ARRAY_SIZE(args.args))
1177 if (copy_from_user(args.args, uargs->args,
1178 nargs * sizeof(rtas_arg_t)) != 0)
1181 if (token == RTAS_UNKNOWN_SERVICE)
1184 args.rets = &args.args[nargs];
1185 memset(args.rets, 0, nret * sizeof(rtas_arg_t));
1187 if (block_rtas_call(token, nargs, &args))
1190 /* Need to handle ibm,suspend_me call specially */
1191 if (token == ibm_suspend_me_token) {
1194 * rtas_ibm_suspend_me assumes the streamid handle is in cpu
1195 * endian, or at least the hcall within it requires it.
1198 u64 handle = ((u64)be32_to_cpu(args.args[0]) << 32)
1199 | be32_to_cpu(args.args[1]);
1200 rc = rtas_ibm_suspend_me(handle);
1202 args.rets[0] = cpu_to_be32(RTAS_NOT_SUSPENDABLE);
1203 else if (rc == -EIO)
1204 args.rets[0] = cpu_to_be32(-1);
1210 buff_copy = get_errorlog_buffer();
1212 flags = lock_rtas();
1215 enter_rtas(__pa(&rtas.args));
1218 /* A -1 return code indicates that the last command couldn't
1219 be completed due to a hardware error. */
1220 if (be32_to_cpu(args.rets[0]) == -1)
1221 errbuf = __fetch_rtas_last_error(buff_copy);
1227 log_error(errbuf, ERR_TYPE_RTAS_LOG, 0);
1232 /* Copy out args. */
1233 if (copy_to_user(uargs->args + nargs,
1235 nret * sizeof(rtas_arg_t)) != 0)
1242 * Call early during boot, before mem init, to retrieve the RTAS
1243 * information from the device-tree and allocate the RMO buffer for userland
1246 void __init rtas_initialize(void)
1248 unsigned long rtas_region = RTAS_INSTANTIATE_MAX;
1249 u32 base, size, entry;
1250 int no_base, no_size, no_entry;
1251 #ifdef CONFIG_PPC_RTAS_FILTER
1255 /* Get RTAS dev node and fill up our "rtas" structure with infos
1258 rtas.dev = of_find_node_by_name(NULL, "rtas");
1262 no_base = of_property_read_u32(rtas.dev, "linux,rtas-base", &base);
1263 no_size = of_property_read_u32(rtas.dev, "rtas-size", &size);
1264 if (no_base || no_size) {
1265 of_node_put(rtas.dev);
1272 no_entry = of_property_read_u32(rtas.dev, "linux,rtas-entry", &entry);
1273 rtas.entry = no_entry ? rtas.base : entry;
1276 * Discover these now to avoid device tree lookups in the
1279 if (of_property_read_bool(rtas.dev, "ibm,extended-os-term"))
1280 ibm_os_term_token = rtas_token("ibm,os-term");
1282 /* If RTAS was found, allocate the RMO buffer for it and look for
1283 * the stop-self token if any
1286 if (firmware_has_feature(FW_FEATURE_LPAR)) {
1287 rtas_region = min(ppc64_rma_size, RTAS_INSTANTIATE_MAX);
1288 ibm_suspend_me_token = rtas_token("ibm,suspend-me");
1291 rtas_rmo_buf = memblock_phys_alloc_range(RTAS_RMOBUF_MAX, PAGE_SIZE,
1294 panic("ERROR: RTAS: Failed to allocate %lx bytes below %pa\n",
1295 PAGE_SIZE, &rtas_region);
1297 #ifdef CONFIG_RTAS_ERROR_LOGGING
1298 rtas_last_error_token = rtas_token("rtas-last-error");
1301 #ifdef CONFIG_PPC_RTAS_FILTER
1302 for (i = 0; i < ARRAY_SIZE(rtas_filters); i++) {
1303 rtas_filters[i].token = rtas_token(rtas_filters[i].name);
1308 int __init early_init_dt_scan_rtas(unsigned long node,
1309 const char *uname, int depth, void *data)
1311 const u32 *basep, *entryp, *sizep;
1313 if (depth != 1 || strcmp(uname, "rtas") != 0)
1316 basep = of_get_flat_dt_prop(node, "linux,rtas-base", NULL);
1317 entryp = of_get_flat_dt_prop(node, "linux,rtas-entry", NULL);
1318 sizep = of_get_flat_dt_prop(node, "rtas-size", NULL);
1321 /* need this feature to decide the crashkernel offset */
1322 if (of_get_flat_dt_prop(node, "ibm,hypertas-functions", NULL))
1323 powerpc_firmware_features |= FW_FEATURE_LPAR;
1326 if (basep && entryp && sizep) {
1328 rtas.entry = *entryp;
1332 #ifdef CONFIG_UDBG_RTAS_CONSOLE
1333 basep = of_get_flat_dt_prop(node, "put-term-char", NULL);
1335 rtas_putchar_token = *basep;
1337 basep = of_get_flat_dt_prop(node, "get-term-char", NULL);
1339 rtas_getchar_token = *basep;
1341 if (rtas_putchar_token != RTAS_UNKNOWN_SERVICE &&
1342 rtas_getchar_token != RTAS_UNKNOWN_SERVICE)
1343 udbg_init_rtas_console();
1351 static arch_spinlock_t timebase_lock;
1352 static u64 timebase = 0;
1354 void rtas_give_timebase(void)
1356 unsigned long flags;
1358 local_irq_save(flags);
1360 arch_spin_lock(&timebase_lock);
1361 rtas_call(rtas_token("freeze-time-base"), 0, 1, NULL);
1362 timebase = get_tb();
1363 arch_spin_unlock(&timebase_lock);
1367 rtas_call(rtas_token("thaw-time-base"), 0, 1, NULL);
1368 local_irq_restore(flags);
1371 void rtas_take_timebase(void)
1375 arch_spin_lock(&timebase_lock);
1376 set_tb(timebase >> 32, timebase & 0xffffffff);
1378 arch_spin_unlock(&timebase_lock);
projects / releases.git / blob