Merge tag 'core-entry-2021-04-26' of git://git.kernel.org/pub/scm/linux/kernel/git...
[platform/kernel/linux-rpi.git] / block / sed-opal.c
1 // SPDX-License-Identifier: GPL-2.0
2 /*
3  * Copyright © 2016 Intel Corporation
4  *
5  * Authors:
6  *    Scott  Bauer      <scott.bauer@intel.com>
7  *    Rafael Antognolli <rafael.antognolli@intel.com>
8  */
9
10 #define pr_fmt(fmt) KBUILD_MODNAME ":OPAL: " fmt
11
12 #include <linux/delay.h>
13 #include <linux/device.h>
14 #include <linux/kernel.h>
15 #include <linux/list.h>
16 #include <linux/genhd.h>
17 #include <linux/slab.h>
18 #include <linux/uaccess.h>
19 #include <uapi/linux/sed-opal.h>
20 #include <linux/sed-opal.h>
21 #include <linux/string.h>
22 #include <linux/kdev_t.h>
23
24 #include "opal_proto.h"
25
26 #define IO_BUFFER_LENGTH 2048
27 #define MAX_TOKS 64
28
29 /* Number of bytes needed by cmd_finalize. */
30 #define CMD_FINALIZE_BYTES_NEEDED 7
31
32 struct opal_step {
33         int (*fn)(struct opal_dev *dev, void *data);
34         void *data;
35 };
36 typedef int (cont_fn)(struct opal_dev *dev);
37
38 enum opal_atom_width {
39         OPAL_WIDTH_TINY,
40         OPAL_WIDTH_SHORT,
41         OPAL_WIDTH_MEDIUM,
42         OPAL_WIDTH_LONG,
43         OPAL_WIDTH_TOKEN
44 };
45
46 /*
47  * On the parsed response, we don't store again the toks that are already
48  * stored in the response buffer. Instead, for each token, we just store a
49  * pointer to the position in the buffer where the token starts, and the size
50  * of the token in bytes.
51  */
52 struct opal_resp_tok {
53         const u8 *pos;
54         size_t len;
55         enum opal_response_token type;
56         enum opal_atom_width width;
57         union {
58                 u64 u;
59                 s64 s;
60         } stored;
61 };
62
63 /*
64  * From the response header it's not possible to know how many tokens there are
65  * on the payload. So we hardcode that the maximum will be MAX_TOKS, and later
66  * if we start dealing with messages that have more than that, we can increase
67  * this number. This is done to avoid having to make two passes through the
68  * response, the first one counting how many tokens we have and the second one
69  * actually storing the positions.
70  */
71 struct parsed_resp {
72         int num;
73         struct opal_resp_tok toks[MAX_TOKS];
74 };
75
76 struct opal_dev {
77         bool supported;
78         bool mbr_enabled;
79
80         void *data;
81         sec_send_recv *send_recv;
82
83         struct mutex dev_lock;
84         u16 comid;
85         u32 hsn;
86         u32 tsn;
87         u64 align;
88         u64 lowest_lba;
89
90         size_t pos;
91         u8 cmd[IO_BUFFER_LENGTH];
92         u8 resp[IO_BUFFER_LENGTH];
93
94         struct parsed_resp parsed;
95         size_t prev_d_len;
96         void *prev_data;
97
98         struct list_head unlk_lst;
99 };
100
101
102 static const u8 opaluid[][OPAL_UID_LENGTH] = {
103         /* users */
104         [OPAL_SMUID_UID] =
105                 { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff },
106         [OPAL_THISSP_UID] =
107                 { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 },
108         [OPAL_ADMINSP_UID] =
109                 { 0x00, 0x00, 0x02, 0x05, 0x00, 0x00, 0x00, 0x01 },
110         [OPAL_LOCKINGSP_UID] =
111                 { 0x00, 0x00, 0x02, 0x05, 0x00, 0x00, 0x00, 0x02 },
112         [OPAL_ENTERPRISE_LOCKINGSP_UID] =
113                 { 0x00, 0x00, 0x02, 0x05, 0x00, 0x01, 0x00, 0x01 },
114         [OPAL_ANYBODY_UID] =
115                 { 0x00, 0x00, 0x00, 0x09, 0x00, 0x00, 0x00, 0x01 },
116         [OPAL_SID_UID] =
117                 { 0x00, 0x00, 0x00, 0x09, 0x00, 0x00, 0x00, 0x06 },
118         [OPAL_ADMIN1_UID] =
119                 { 0x00, 0x00, 0x00, 0x09, 0x00, 0x01, 0x00, 0x01 },
120         [OPAL_USER1_UID] =
121                 { 0x00, 0x00, 0x00, 0x09, 0x00, 0x03, 0x00, 0x01 },
122         [OPAL_USER2_UID] =
123                 { 0x00, 0x00, 0x00, 0x09, 0x00, 0x03, 0x00, 0x02 },
124         [OPAL_PSID_UID] =
125                 { 0x00, 0x00, 0x00, 0x09, 0x00, 0x01, 0xff, 0x01 },
126         [OPAL_ENTERPRISE_BANDMASTER0_UID] =
127                 { 0x00, 0x00, 0x00, 0x09, 0x00, 0x00, 0x80, 0x01 },
128         [OPAL_ENTERPRISE_ERASEMASTER_UID] =
129                 { 0x00, 0x00, 0x00, 0x09, 0x00, 0x00, 0x84, 0x01 },
130
131         /* tables */
132         [OPAL_TABLE_TABLE] =
133                 { 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x01 },
134         [OPAL_LOCKINGRANGE_GLOBAL] =
135                 { 0x00, 0x00, 0x08, 0x02, 0x00, 0x00, 0x00, 0x01 },
136         [OPAL_LOCKINGRANGE_ACE_RDLOCKED] =
137                 { 0x00, 0x00, 0x00, 0x08, 0x00, 0x03, 0xE0, 0x01 },
138         [OPAL_LOCKINGRANGE_ACE_WRLOCKED] =
139                 { 0x00, 0x00, 0x00, 0x08, 0x00, 0x03, 0xE8, 0x01 },
140         [OPAL_MBRCONTROL] =
141                 { 0x00, 0x00, 0x08, 0x03, 0x00, 0x00, 0x00, 0x01 },
142         [OPAL_MBR] =
143                 { 0x00, 0x00, 0x08, 0x04, 0x00, 0x00, 0x00, 0x00 },
144         [OPAL_AUTHORITY_TABLE] =
145                 { 0x00, 0x00, 0x00, 0x09, 0x00, 0x00, 0x00, 0x00},
146         [OPAL_C_PIN_TABLE] =
147                 { 0x00, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0x00},
148         [OPAL_LOCKING_INFO_TABLE] =
149                 { 0x00, 0x00, 0x08, 0x01, 0x00, 0x00, 0x00, 0x01 },
150         [OPAL_ENTERPRISE_LOCKING_INFO_TABLE] =
151                 { 0x00, 0x00, 0x08, 0x01, 0x00, 0x00, 0x00, 0x00 },
152         [OPAL_DATASTORE] =
153                 { 0x00, 0x00, 0x10, 0x01, 0x00, 0x00, 0x00, 0x00 },
154
155         /* C_PIN_TABLE object ID's */
156         [OPAL_C_PIN_MSID] =
157                 { 0x00, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x84, 0x02},
158         [OPAL_C_PIN_SID] =
159                 { 0x00, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0x01},
160         [OPAL_C_PIN_ADMIN1] =
161                 { 0x00, 0x00, 0x00, 0x0B, 0x00, 0x01, 0x00, 0x01},
162
163         /* half UID's (only first 4 bytes used) */
164         [OPAL_HALF_UID_AUTHORITY_OBJ_REF] =
165                 { 0x00, 0x00, 0x0C, 0x05, 0xff, 0xff, 0xff, 0xff },
166         [OPAL_HALF_UID_BOOLEAN_ACE] =
167                 { 0x00, 0x00, 0x04, 0x0E, 0xff, 0xff, 0xff, 0xff },
168
169         /* special value for omitted optional parameter */
170         [OPAL_UID_HEXFF] =
171                 { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff},
172 };
173
174 /*
175  * TCG Storage SSC Methods.
176  * Derived from: TCG_Storage_Architecture_Core_Spec_v2.01_r1.00
177  * Section: 6.3 Assigned UIDs
178  */
179 static const u8 opalmethod[][OPAL_METHOD_LENGTH] = {
180         [OPAL_PROPERTIES] =
181                 { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0x01 },
182         [OPAL_STARTSESSION] =
183                 { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0x02 },
184         [OPAL_REVERT] =
185                 { 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x02, 0x02 },
186         [OPAL_ACTIVATE] =
187                 { 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x02, 0x03 },
188         [OPAL_EGET] =
189                 { 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x06 },
190         [OPAL_ESET] =
191                 { 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x07 },
192         [OPAL_NEXT] =
193                 { 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x08 },
194         [OPAL_EAUTHENTICATE] =
195                 { 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x0c },
196         [OPAL_GETACL] =
197                 { 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x0d },
198         [OPAL_GENKEY] =
199                 { 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x10 },
200         [OPAL_REVERTSP] =
201                 { 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x11 },
202         [OPAL_GET] =
203                 { 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x16 },
204         [OPAL_SET] =
205                 { 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x17 },
206         [OPAL_AUTHENTICATE] =
207                 { 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x1c },
208         [OPAL_RANDOM] =
209                 { 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x06, 0x01 },
210         [OPAL_ERASE] =
211                 { 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x08, 0x03 },
212 };
213
214 static int end_opal_session_error(struct opal_dev *dev);
215 static int opal_discovery0_step(struct opal_dev *dev);
216
217 struct opal_suspend_data {
218         struct opal_lock_unlock unlk;
219         u8 lr;
220         struct list_head node;
221 };
222
223 /*
224  * Derived from:
225  * TCG_Storage_Architecture_Core_Spec_v2.01_r1.00
226  * Section: 5.1.5 Method Status Codes
227  */
228 static const char * const opal_errors[] = {
229         "Success",
230         "Not Authorized",
231         "Unknown Error",
232         "SP Busy",
233         "SP Failed",
234         "SP Disabled",
235         "SP Frozen",
236         "No Sessions Available",
237         "Uniqueness Conflict",
238         "Insufficient Space",
239         "Insufficient Rows",
240         "Invalid Function",
241         "Invalid Parameter",
242         "Invalid Reference",
243         "Unknown Error",
244         "TPER Malfunction",
245         "Transaction Failure",
246         "Response Overflow",
247         "Authority Locked Out",
248 };
249
250 static const char *opal_error_to_human(int error)
251 {
252         if (error == 0x3f)
253                 return "Failed";
254
255         if (error >= ARRAY_SIZE(opal_errors) || error < 0)
256                 return "Unknown Error";
257
258         return opal_errors[error];
259 }
260
261 static void print_buffer(const u8 *ptr, u32 length)
262 {
263 #ifdef DEBUG
264         print_hex_dump_bytes("OPAL: ", DUMP_PREFIX_OFFSET, ptr, length);
265         pr_debug("\n");
266 #endif
267 }
268
269 static bool check_tper(const void *data)
270 {
271         const struct d0_tper_features *tper = data;
272         u8 flags = tper->supported_features;
273
274         if (!(flags & TPER_SYNC_SUPPORTED)) {
275                 pr_debug("TPer sync not supported. flags = %d\n",
276                          tper->supported_features);
277                 return false;
278         }
279
280         return true;
281 }
282
283 static bool check_mbrenabled(const void *data)
284 {
285         const struct d0_locking_features *lfeat = data;
286         u8 sup_feat = lfeat->supported_features;
287
288         return !!(sup_feat & MBR_ENABLED_MASK);
289 }
290
291 static bool check_sum(const void *data)
292 {
293         const struct d0_single_user_mode *sum = data;
294         u32 nlo = be32_to_cpu(sum->num_locking_objects);
295
296         if (nlo == 0) {
297                 pr_debug("Need at least one locking object.\n");
298                 return false;
299         }
300
301         pr_debug("Number of locking objects: %d\n", nlo);
302
303         return true;
304 }
305
306 static u16 get_comid_v100(const void *data)
307 {
308         const struct d0_opal_v100 *v100 = data;
309
310         return be16_to_cpu(v100->baseComID);
311 }
312
313 static u16 get_comid_v200(const void *data)
314 {
315         const struct d0_opal_v200 *v200 = data;
316
317         return be16_to_cpu(v200->baseComID);
318 }
319
320 static int opal_send_cmd(struct opal_dev *dev)
321 {
322         return dev->send_recv(dev->data, dev->comid, TCG_SECP_01,
323                               dev->cmd, IO_BUFFER_LENGTH,
324                               true);
325 }
326
327 static int opal_recv_cmd(struct opal_dev *dev)
328 {
329         return dev->send_recv(dev->data, dev->comid, TCG_SECP_01,
330                               dev->resp, IO_BUFFER_LENGTH,
331                               false);
332 }
333
334 static int opal_recv_check(struct opal_dev *dev)
335 {
336         size_t buflen = IO_BUFFER_LENGTH;
337         void *buffer = dev->resp;
338         struct opal_header *hdr = buffer;
339         int ret;
340
341         do {
342                 pr_debug("Sent OPAL command: outstanding=%d, minTransfer=%d\n",
343                          hdr->cp.outstandingData,
344                          hdr->cp.minTransfer);
345
346                 if (hdr->cp.outstandingData == 0 ||
347                     hdr->cp.minTransfer != 0)
348                         return 0;
349
350                 memset(buffer, 0, buflen);
351                 ret = opal_recv_cmd(dev);
352         } while (!ret);
353
354         return ret;
355 }
356
357 static int opal_send_recv(struct opal_dev *dev, cont_fn *cont)
358 {
359         int ret;
360
361         ret = opal_send_cmd(dev);
362         if (ret)
363                 return ret;
364         ret = opal_recv_cmd(dev);
365         if (ret)
366                 return ret;
367         ret = opal_recv_check(dev);
368         if (ret)
369                 return ret;
370         return cont(dev);
371 }
372
373 static void check_geometry(struct opal_dev *dev, const void *data)
374 {
375         const struct d0_geometry_features *geo = data;
376
377         dev->align = be64_to_cpu(geo->alignment_granularity);
378         dev->lowest_lba = be64_to_cpu(geo->lowest_aligned_lba);
379 }
380
381 static int execute_step(struct opal_dev *dev,
382                         const struct opal_step *step, size_t stepIndex)
383 {
384         int error = step->fn(dev, step->data);
385
386         if (error) {
387                 pr_debug("Step %zu (%pS) failed with error %d: %s\n",
388                          stepIndex, step->fn, error,
389                          opal_error_to_human(error));
390         }
391
392         return error;
393 }
394
395 static int execute_steps(struct opal_dev *dev,
396                          const struct opal_step *steps, size_t n_steps)
397 {
398         size_t state = 0;
399         int error;
400
401         /* first do a discovery0 */
402         error = opal_discovery0_step(dev);
403         if (error)
404                 return error;
405
406         for (state = 0; state < n_steps; state++) {
407                 error = execute_step(dev, &steps[state], state);
408                 if (error)
409                         goto out_error;
410         }
411
412         return 0;
413
414 out_error:
415         /*
416          * For each OPAL command the first step in steps starts some sort of
417          * session. If an error occurred in the initial discovery0 or if an
418          * error occurred in the first step (and thus stopping the loop with
419          * state == 0) then there was an error before or during the attempt to
420          * start a session. Therefore we shouldn't attempt to terminate a
421          * session, as one has not yet been created.
422          */
423         if (state > 0)
424                 end_opal_session_error(dev);
425
426         return error;
427 }
428
429 static int opal_discovery0_end(struct opal_dev *dev)
430 {
431         bool found_com_id = false, supported = true, single_user = false;
432         const struct d0_header *hdr = (struct d0_header *)dev->resp;
433         const u8 *epos = dev->resp, *cpos = dev->resp;
434         u16 comid = 0;
435         u32 hlen = be32_to_cpu(hdr->length);
436
437         print_buffer(dev->resp, hlen);
438         dev->mbr_enabled = false;
439
440         if (hlen > IO_BUFFER_LENGTH - sizeof(*hdr)) {
441                 pr_debug("Discovery length overflows buffer (%zu+%u)/%u\n",
442                          sizeof(*hdr), hlen, IO_BUFFER_LENGTH);
443                 return -EFAULT;
444         }
445
446         epos += hlen; /* end of buffer */
447         cpos += sizeof(*hdr); /* current position on buffer */
448
449         while (cpos < epos && supported) {
450                 const struct d0_features *body =
451                         (const struct d0_features *)cpos;
452
453                 switch (be16_to_cpu(body->code)) {
454                 case FC_TPER:
455                         supported = check_tper(body->features);
456                         break;
457                 case FC_SINGLEUSER:
458                         single_user = check_sum(body->features);
459                         break;
460                 case FC_GEOMETRY:
461                         check_geometry(dev, body);
462                         break;
463                 case FC_LOCKING:
464                         dev->mbr_enabled = check_mbrenabled(body->features);
465                         break;
466                 case FC_ENTERPRISE:
467                 case FC_DATASTORE:
468                         /* some ignored properties */
469                         pr_debug("Found OPAL feature description: %d\n",
470                                  be16_to_cpu(body->code));
471                         break;
472                 case FC_OPALV100:
473                         comid = get_comid_v100(body->features);
474                         found_com_id = true;
475                         break;
476                 case FC_OPALV200:
477                         comid = get_comid_v200(body->features);
478                         found_com_id = true;
479                         break;
480                 case 0xbfff ... 0xffff:
481                         /* vendor specific, just ignore */
482                         break;
483                 default:
484                         pr_debug("OPAL Unknown feature: %d\n",
485                                  be16_to_cpu(body->code));
486
487                 }
488                 cpos += body->length + 4;
489         }
490
491         if (!supported) {
492                 pr_debug("This device is not Opal enabled. Not Supported!\n");
493                 return -EOPNOTSUPP;
494         }
495
496         if (!single_user)
497                 pr_debug("Device doesn't support single user mode\n");
498
499
500         if (!found_com_id) {
501                 pr_debug("Could not find OPAL comid for device. Returning early\n");
502                 return -EOPNOTSUPP;
503         }
504
505         dev->comid = comid;
506
507         return 0;
508 }
509
510 static int opal_discovery0(struct opal_dev *dev, void *data)
511 {
512         int ret;
513
514         memset(dev->resp, 0, IO_BUFFER_LENGTH);
515         dev->comid = OPAL_DISCOVERY_COMID;
516         ret = opal_recv_cmd(dev);
517         if (ret)
518                 return ret;
519
520         return opal_discovery0_end(dev);
521 }
522
523 static int opal_discovery0_step(struct opal_dev *dev)
524 {
525         const struct opal_step discovery0_step = {
526                 opal_discovery0,
527         };
528
529         return execute_step(dev, &discovery0_step, 0);
530 }
531
532 static size_t remaining_size(struct opal_dev *cmd)
533 {
534         return IO_BUFFER_LENGTH - cmd->pos;
535 }
536
537 static bool can_add(int *err, struct opal_dev *cmd, size_t len)
538 {
539         if (*err)
540                 return false;
541
542         if (remaining_size(cmd) < len) {
543                 pr_debug("Error adding %zu bytes: end of buffer.\n", len);
544                 *err = -ERANGE;
545                 return false;
546         }
547
548         return true;
549 }
550
551 static void add_token_u8(int *err, struct opal_dev *cmd, u8 tok)
552 {
553         if (!can_add(err, cmd, 1))
554                 return;
555
556         cmd->cmd[cmd->pos++] = tok;
557 }
558
559 static void add_short_atom_header(struct opal_dev *cmd, bool bytestring,
560                                   bool has_sign, int len)
561 {
562         u8 atom;
563         int err = 0;
564
565         atom = SHORT_ATOM_ID;
566         atom |= bytestring ? SHORT_ATOM_BYTESTRING : 0;
567         atom |= has_sign ? SHORT_ATOM_SIGNED : 0;
568         atom |= len & SHORT_ATOM_LEN_MASK;
569
570         add_token_u8(&err, cmd, atom);
571 }
572
573 static void add_medium_atom_header(struct opal_dev *cmd, bool bytestring,
574                                    bool has_sign, int len)
575 {
576         u8 header0;
577
578         header0 = MEDIUM_ATOM_ID;
579         header0 |= bytestring ? MEDIUM_ATOM_BYTESTRING : 0;
580         header0 |= has_sign ? MEDIUM_ATOM_SIGNED : 0;
581         header0 |= (len >> 8) & MEDIUM_ATOM_LEN_MASK;
582
583         cmd->cmd[cmd->pos++] = header0;
584         cmd->cmd[cmd->pos++] = len;
585 }
586
587 static void add_token_u64(int *err, struct opal_dev *cmd, u64 number)
588 {
589         size_t len;
590         int msb;
591
592         if (!(number & ~TINY_ATOM_DATA_MASK)) {
593                 add_token_u8(err, cmd, number);
594                 return;
595         }
596
597         msb = fls64(number);
598         len = DIV_ROUND_UP(msb, 8);
599
600         if (!can_add(err, cmd, len + 1)) {
601                 pr_debug("Error adding u64: end of buffer.\n");
602                 return;
603         }
604         add_short_atom_header(cmd, false, false, len);
605         while (len--)
606                 add_token_u8(err, cmd, number >> (len * 8));
607 }
608
609 static u8 *add_bytestring_header(int *err, struct opal_dev *cmd, size_t len)
610 {
611         size_t header_len = 1;
612         bool is_short_atom = true;
613
614         if (len & ~SHORT_ATOM_LEN_MASK) {
615                 header_len = 2;
616                 is_short_atom = false;
617         }
618
619         if (!can_add(err, cmd, header_len + len)) {
620                 pr_debug("Error adding bytestring: end of buffer.\n");
621                 return NULL;
622         }
623
624         if (is_short_atom)
625                 add_short_atom_header(cmd, true, false, len);
626         else
627                 add_medium_atom_header(cmd, true, false, len);
628
629         return &cmd->cmd[cmd->pos];
630 }
631
632 static void add_token_bytestring(int *err, struct opal_dev *cmd,
633                                  const u8 *bytestring, size_t len)
634 {
635         u8 *start;
636
637         start = add_bytestring_header(err, cmd, len);
638         if (!start)
639                 return;
640         memcpy(start, bytestring, len);
641         cmd->pos += len;
642 }
643
644 static int build_locking_range(u8 *buffer, size_t length, u8 lr)
645 {
646         if (length > OPAL_UID_LENGTH) {
647                 pr_debug("Can't build locking range. Length OOB\n");
648                 return -ERANGE;
649         }
650
651         memcpy(buffer, opaluid[OPAL_LOCKINGRANGE_GLOBAL], OPAL_UID_LENGTH);
652
653         if (lr == 0)
654                 return 0;
655
656         buffer[5] = LOCKING_RANGE_NON_GLOBAL;
657         buffer[7] = lr;
658
659         return 0;
660 }
661
662 static int build_locking_user(u8 *buffer, size_t length, u8 lr)
663 {
664         if (length > OPAL_UID_LENGTH) {
665                 pr_debug("Can't build locking range user. Length OOB\n");
666                 return -ERANGE;
667         }
668
669         memcpy(buffer, opaluid[OPAL_USER1_UID], OPAL_UID_LENGTH);
670
671         buffer[7] = lr + 1;
672
673         return 0;
674 }
675
676 static void set_comid(struct opal_dev *cmd, u16 comid)
677 {
678         struct opal_header *hdr = (struct opal_header *)cmd->cmd;
679
680         hdr->cp.extendedComID[0] = comid >> 8;
681         hdr->cp.extendedComID[1] = comid;
682         hdr->cp.extendedComID[2] = 0;
683         hdr->cp.extendedComID[3] = 0;
684 }
685
686 static int cmd_finalize(struct opal_dev *cmd, u32 hsn, u32 tsn)
687 {
688         struct opal_header *hdr;
689         int err = 0;
690
691         /*
692          * Close the parameter list opened from cmd_start.
693          * The number of bytes added must be equal to
694          * CMD_FINALIZE_BYTES_NEEDED.
695          */
696         add_token_u8(&err, cmd, OPAL_ENDLIST);
697
698         add_token_u8(&err, cmd, OPAL_ENDOFDATA);
699         add_token_u8(&err, cmd, OPAL_STARTLIST);
700         add_token_u8(&err, cmd, 0);
701         add_token_u8(&err, cmd, 0);
702         add_token_u8(&err, cmd, 0);
703         add_token_u8(&err, cmd, OPAL_ENDLIST);
704
705         if (err) {
706                 pr_debug("Error finalizing command.\n");
707                 return -EFAULT;
708         }
709
710         hdr = (struct opal_header *) cmd->cmd;
711
712         hdr->pkt.tsn = cpu_to_be32(tsn);
713         hdr->pkt.hsn = cpu_to_be32(hsn);
714
715         hdr->subpkt.length = cpu_to_be32(cmd->pos - sizeof(*hdr));
716         while (cmd->pos % 4) {
717                 if (cmd->pos >= IO_BUFFER_LENGTH) {
718                         pr_debug("Error: Buffer overrun\n");
719                         return -ERANGE;
720                 }
721                 cmd->cmd[cmd->pos++] = 0;
722         }
723         hdr->pkt.length = cpu_to_be32(cmd->pos - sizeof(hdr->cp) -
724                                       sizeof(hdr->pkt));
725         hdr->cp.length = cpu_to_be32(cmd->pos - sizeof(hdr->cp));
726
727         return 0;
728 }
729
730 static const struct opal_resp_tok *response_get_token(
731                                 const struct parsed_resp *resp,
732                                 int n)
733 {
734         const struct opal_resp_tok *tok;
735
736         if (!resp) {
737                 pr_debug("Response is NULL\n");
738                 return ERR_PTR(-EINVAL);
739         }
740
741         if (n >= resp->num) {
742                 pr_debug("Token number doesn't exist: %d, resp: %d\n",
743                          n, resp->num);
744                 return ERR_PTR(-EINVAL);
745         }
746
747         tok = &resp->toks[n];
748         if (tok->len == 0) {
749                 pr_debug("Token length must be non-zero\n");
750                 return ERR_PTR(-EINVAL);
751         }
752
753         return tok;
754 }
755
756 static ssize_t response_parse_tiny(struct opal_resp_tok *tok,
757                                    const u8 *pos)
758 {
759         tok->pos = pos;
760         tok->len = 1;
761         tok->width = OPAL_WIDTH_TINY;
762
763         if (pos[0] & TINY_ATOM_SIGNED) {
764                 tok->type = OPAL_DTA_TOKENID_SINT;
765         } else {
766                 tok->type = OPAL_DTA_TOKENID_UINT;
767                 tok->stored.u = pos[0] & 0x3f;
768         }
769
770         return tok->len;
771 }
772
773 static ssize_t response_parse_short(struct opal_resp_tok *tok,
774                                     const u8 *pos)
775 {
776         tok->pos = pos;
777         tok->len = (pos[0] & SHORT_ATOM_LEN_MASK) + 1;
778         tok->width = OPAL_WIDTH_SHORT;
779
780         if (pos[0] & SHORT_ATOM_BYTESTRING) {
781                 tok->type = OPAL_DTA_TOKENID_BYTESTRING;
782         } else if (pos[0] & SHORT_ATOM_SIGNED) {
783                 tok->type = OPAL_DTA_TOKENID_SINT;
784         } else {
785                 u64 u_integer = 0;
786                 ssize_t i, b = 0;
787
788                 tok->type = OPAL_DTA_TOKENID_UINT;
789                 if (tok->len > 9) {
790                         pr_debug("uint64 with more than 8 bytes\n");
791                         return -EINVAL;
792                 }
793                 for (i = tok->len - 1; i > 0; i--) {
794                         u_integer |= ((u64)pos[i] << (8 * b));
795                         b++;
796                 }
797                 tok->stored.u = u_integer;
798         }
799
800         return tok->len;
801 }
802
803 static ssize_t response_parse_medium(struct opal_resp_tok *tok,
804                                      const u8 *pos)
805 {
806         tok->pos = pos;
807         tok->len = (((pos[0] & MEDIUM_ATOM_LEN_MASK) << 8) | pos[1]) + 2;
808         tok->width = OPAL_WIDTH_MEDIUM;
809
810         if (pos[0] & MEDIUM_ATOM_BYTESTRING)
811                 tok->type = OPAL_DTA_TOKENID_BYTESTRING;
812         else if (pos[0] & MEDIUM_ATOM_SIGNED)
813                 tok->type = OPAL_DTA_TOKENID_SINT;
814         else
815                 tok->type = OPAL_DTA_TOKENID_UINT;
816
817         return tok->len;
818 }
819
820 static ssize_t response_parse_long(struct opal_resp_tok *tok,
821                                    const u8 *pos)
822 {
823         tok->pos = pos;
824         tok->len = ((pos[1] << 16) | (pos[2] << 8) | pos[3]) + 4;
825         tok->width = OPAL_WIDTH_LONG;
826
827         if (pos[0] & LONG_ATOM_BYTESTRING)
828                 tok->type = OPAL_DTA_TOKENID_BYTESTRING;
829         else if (pos[0] & LONG_ATOM_SIGNED)
830                 tok->type = OPAL_DTA_TOKENID_SINT;
831         else
832                 tok->type = OPAL_DTA_TOKENID_UINT;
833
834         return tok->len;
835 }
836
837 static ssize_t response_parse_token(struct opal_resp_tok *tok,
838                                     const u8 *pos)
839 {
840         tok->pos = pos;
841         tok->len = 1;
842         tok->type = OPAL_DTA_TOKENID_TOKEN;
843         tok->width = OPAL_WIDTH_TOKEN;
844
845         return tok->len;
846 }
847
848 static int response_parse(const u8 *buf, size_t length,
849                           struct parsed_resp *resp)
850 {
851         const struct opal_header *hdr;
852         struct opal_resp_tok *iter;
853         int num_entries = 0;
854         int total;
855         ssize_t token_length;
856         const u8 *pos;
857         u32 clen, plen, slen;
858
859         if (!buf)
860                 return -EFAULT;
861
862         if (!resp)
863                 return -EFAULT;
864
865         hdr = (struct opal_header *)buf;
866         pos = buf;
867         pos += sizeof(*hdr);
868
869         clen = be32_to_cpu(hdr->cp.length);
870         plen = be32_to_cpu(hdr->pkt.length);
871         slen = be32_to_cpu(hdr->subpkt.length);
872         pr_debug("Response size: cp: %u, pkt: %u, subpkt: %u\n",
873                  clen, plen, slen);
874
875         if (clen == 0 || plen == 0 || slen == 0 ||
876             slen > IO_BUFFER_LENGTH - sizeof(*hdr)) {
877                 pr_debug("Bad header length. cp: %u, pkt: %u, subpkt: %u\n",
878                          clen, plen, slen);
879                 print_buffer(pos, sizeof(*hdr));
880                 return -EINVAL;
881         }
882
883         if (pos > buf + length)
884                 return -EFAULT;
885
886         iter = resp->toks;
887         total = slen;
888         print_buffer(pos, total);
889         while (total > 0) {
890                 if (pos[0] <= TINY_ATOM_BYTE) /* tiny atom */
891                         token_length = response_parse_tiny(iter, pos);
892                 else if (pos[0] <= SHORT_ATOM_BYTE) /* short atom */
893                         token_length = response_parse_short(iter, pos);
894                 else if (pos[0] <= MEDIUM_ATOM_BYTE) /* medium atom */
895                         token_length = response_parse_medium(iter, pos);
896                 else if (pos[0] <= LONG_ATOM_BYTE) /* long atom */
897                         token_length = response_parse_long(iter, pos);
898                 else /* TOKEN */
899                         token_length = response_parse_token(iter, pos);
900
901                 if (token_length < 0)
902                         return token_length;
903
904                 pos += token_length;
905                 total -= token_length;
906                 iter++;
907                 num_entries++;
908         }
909
910         resp->num = num_entries;
911
912         return 0;
913 }
914
915 static size_t response_get_string(const struct parsed_resp *resp, int n,
916                                   const char **store)
917 {
918         u8 skip;
919         const struct opal_resp_tok *tok;
920
921         *store = NULL;
922         tok = response_get_token(resp, n);
923         if (IS_ERR(tok))
924                 return 0;
925
926         if (tok->type != OPAL_DTA_TOKENID_BYTESTRING) {
927                 pr_debug("Token is not a byte string!\n");
928                 return 0;
929         }
930
931         switch (tok->width) {
932         case OPAL_WIDTH_TINY:
933         case OPAL_WIDTH_SHORT:
934                 skip = 1;
935                 break;
936         case OPAL_WIDTH_MEDIUM:
937                 skip = 2;
938                 break;
939         case OPAL_WIDTH_LONG:
940                 skip = 4;
941                 break;
942         default:
943                 pr_debug("Token has invalid width!\n");
944                 return 0;
945         }
946
947         *store = tok->pos + skip;
948
949         return tok->len - skip;
950 }
951
952 static u64 response_get_u64(const struct parsed_resp *resp, int n)
953 {
954         const struct opal_resp_tok *tok;
955
956         tok = response_get_token(resp, n);
957         if (IS_ERR(tok))
958                 return 0;
959
960         if (tok->type != OPAL_DTA_TOKENID_UINT) {
961                 pr_debug("Token is not unsigned int: %d\n", tok->type);
962                 return 0;
963         }
964
965         if (tok->width != OPAL_WIDTH_TINY && tok->width != OPAL_WIDTH_SHORT) {
966                 pr_debug("Atom is not short or tiny: %d\n", tok->width);
967                 return 0;
968         }
969
970         return tok->stored.u;
971 }
972
973 static bool response_token_matches(const struct opal_resp_tok *token, u8 match)
974 {
975         if (IS_ERR(token) ||
976             token->type != OPAL_DTA_TOKENID_TOKEN ||
977             token->pos[0] != match)
978                 return false;
979         return true;
980 }
981
982 static u8 response_status(const struct parsed_resp *resp)
983 {
984         const struct opal_resp_tok *tok;
985
986         tok = response_get_token(resp, 0);
987         if (response_token_matches(tok, OPAL_ENDOFSESSION))
988                 return 0;
989
990         if (resp->num < 5)
991                 return DTAERROR_NO_METHOD_STATUS;
992
993         tok = response_get_token(resp, resp->num - 5);
994         if (!response_token_matches(tok, OPAL_STARTLIST))
995                 return DTAERROR_NO_METHOD_STATUS;
996
997         tok = response_get_token(resp, resp->num - 1);
998         if (!response_token_matches(tok, OPAL_ENDLIST))
999                 return DTAERROR_NO_METHOD_STATUS;
1000
1001         return response_get_u64(resp, resp->num - 4);
1002 }
1003
1004 /* Parses and checks for errors */
1005 static int parse_and_check_status(struct opal_dev *dev)
1006 {
1007         int error;
1008
1009         print_buffer(dev->cmd, dev->pos);
1010
1011         error = response_parse(dev->resp, IO_BUFFER_LENGTH, &dev->parsed);
1012         if (error) {
1013                 pr_debug("Couldn't parse response.\n");
1014                 return error;
1015         }
1016
1017         return response_status(&dev->parsed);
1018 }
1019
1020 static void clear_opal_cmd(struct opal_dev *dev)
1021 {
1022         dev->pos = sizeof(struct opal_header);
1023         memset(dev->cmd, 0, IO_BUFFER_LENGTH);
1024 }
1025
1026 static int cmd_start(struct opal_dev *dev, const u8 *uid, const u8 *method)
1027 {
1028         int err = 0;
1029
1030         clear_opal_cmd(dev);
1031         set_comid(dev, dev->comid);
1032
1033         add_token_u8(&err, dev, OPAL_CALL);
1034         add_token_bytestring(&err, dev, uid, OPAL_UID_LENGTH);
1035         add_token_bytestring(&err, dev, method, OPAL_METHOD_LENGTH);
1036
1037         /*
1038          * Every method call is followed by its parameters enclosed within
1039          * OPAL_STARTLIST and OPAL_ENDLIST tokens. We automatically open the
1040          * parameter list here and close it later in cmd_finalize.
1041          */
1042         add_token_u8(&err, dev, OPAL_STARTLIST);
1043
1044         return err;
1045 }
1046
1047 static int start_opal_session_cont(struct opal_dev *dev)
1048 {
1049         u32 hsn, tsn;
1050         int error = 0;
1051
1052         error = parse_and_check_status(dev);
1053         if (error)
1054                 return error;
1055
1056         hsn = response_get_u64(&dev->parsed, 4);
1057         tsn = response_get_u64(&dev->parsed, 5);
1058
1059         if (hsn != GENERIC_HOST_SESSION_NUM || tsn < FIRST_TPER_SESSION_NUM) {
1060                 pr_debug("Couldn't authenticate session\n");
1061                 return -EPERM;
1062         }
1063
1064         dev->hsn = hsn;
1065         dev->tsn = tsn;
1066
1067         return 0;
1068 }
1069
1070 static void add_suspend_info(struct opal_dev *dev,
1071                              struct opal_suspend_data *sus)
1072 {
1073         struct opal_suspend_data *iter;
1074
1075         list_for_each_entry(iter, &dev->unlk_lst, node) {
1076                 if (iter->lr == sus->lr) {
1077                         list_del(&iter->node);
1078                         kfree(iter);
1079                         break;
1080                 }
1081         }
1082         list_add_tail(&sus->node, &dev->unlk_lst);
1083 }
1084
1085 static int end_session_cont(struct opal_dev *dev)
1086 {
1087         dev->hsn = 0;
1088         dev->tsn = 0;
1089
1090         return parse_and_check_status(dev);
1091 }
1092
1093 static int finalize_and_send(struct opal_dev *dev, cont_fn cont)
1094 {
1095         int ret;
1096
1097         ret = cmd_finalize(dev, dev->hsn, dev->tsn);
1098         if (ret) {
1099                 pr_debug("Error finalizing command buffer: %d\n", ret);
1100                 return ret;
1101         }
1102
1103         print_buffer(dev->cmd, dev->pos);
1104
1105         return opal_send_recv(dev, cont);
1106 }
1107
1108 /*
1109  * request @column from table @table on device @dev. On success, the column
1110  * data will be available in dev->resp->tok[4]
1111  */
1112 static int generic_get_column(struct opal_dev *dev, const u8 *table,
1113                               u64 column)
1114 {
1115         int err;
1116
1117         err = cmd_start(dev, table, opalmethod[OPAL_GET]);
1118
1119         add_token_u8(&err, dev, OPAL_STARTLIST);
1120
1121         add_token_u8(&err, dev, OPAL_STARTNAME);
1122         add_token_u8(&err, dev, OPAL_STARTCOLUMN);
1123         add_token_u64(&err, dev, column);
1124         add_token_u8(&err, dev, OPAL_ENDNAME);
1125
1126         add_token_u8(&err, dev, OPAL_STARTNAME);
1127         add_token_u8(&err, dev, OPAL_ENDCOLUMN);
1128         add_token_u64(&err, dev, column);
1129         add_token_u8(&err, dev, OPAL_ENDNAME);
1130
1131         add_token_u8(&err, dev, OPAL_ENDLIST);
1132
1133         if (err)
1134                 return err;
1135
1136         return finalize_and_send(dev, parse_and_check_status);
1137 }
1138
1139 /*
1140  * see TCG SAS 5.3.2.3 for a description of the available columns
1141  *
1142  * the result is provided in dev->resp->tok[4]
1143  */
1144 static int generic_get_table_info(struct opal_dev *dev, const u8 *table_uid,
1145                                   u64 column)
1146 {
1147         u8 uid[OPAL_UID_LENGTH];
1148         const unsigned int half = OPAL_UID_LENGTH_HALF;
1149
1150         /* sed-opal UIDs can be split in two halves:
1151          *  first:  actual table index
1152          *  second: relative index in the table
1153          * so we have to get the first half of the OPAL_TABLE_TABLE and use the
1154          * first part of the target table as relative index into that table
1155          */
1156         memcpy(uid, opaluid[OPAL_TABLE_TABLE], half);
1157         memcpy(uid + half, table_uid, half);
1158
1159         return generic_get_column(dev, uid, column);
1160 }
1161
1162 static int gen_key(struct opal_dev *dev, void *data)
1163 {
1164         u8 uid[OPAL_UID_LENGTH];
1165         int err;
1166
1167         memcpy(uid, dev->prev_data, min(sizeof(uid), dev->prev_d_len));
1168         kfree(dev->prev_data);
1169         dev->prev_data = NULL;
1170
1171         err = cmd_start(dev, uid, opalmethod[OPAL_GENKEY]);
1172
1173         if (err) {
1174                 pr_debug("Error building gen key command\n");
1175                 return err;
1176
1177         }
1178
1179         return finalize_and_send(dev, parse_and_check_status);
1180 }
1181
1182 static int get_active_key_cont(struct opal_dev *dev)
1183 {
1184         const char *activekey;
1185         size_t keylen;
1186         int error = 0;
1187
1188         error = parse_and_check_status(dev);
1189         if (error)
1190                 return error;
1191
1192         keylen = response_get_string(&dev->parsed, 4, &activekey);
1193         if (!activekey) {
1194                 pr_debug("%s: Couldn't extract the Activekey from the response\n",
1195                          __func__);
1196                 return OPAL_INVAL_PARAM;
1197         }
1198
1199         dev->prev_data = kmemdup(activekey, keylen, GFP_KERNEL);
1200
1201         if (!dev->prev_data)
1202                 return -ENOMEM;
1203
1204         dev->prev_d_len = keylen;
1205
1206         return 0;
1207 }
1208
1209 static int get_active_key(struct opal_dev *dev, void *data)
1210 {
1211         u8 uid[OPAL_UID_LENGTH];
1212         int err;
1213         u8 *lr = data;
1214
1215         err = build_locking_range(uid, sizeof(uid), *lr);
1216         if (err)
1217                 return err;
1218
1219         err = generic_get_column(dev, uid, OPAL_ACTIVEKEY);
1220         if (err)
1221                 return err;
1222
1223         return get_active_key_cont(dev);
1224 }
1225
1226 static int generic_table_write_data(struct opal_dev *dev, const u64 data,
1227                                     u64 offset, u64 size, const u8 *uid)
1228 {
1229         const u8 __user *src = (u8 __user *)(uintptr_t)data;
1230         u8 *dst;
1231         u64 len;
1232         size_t off = 0;
1233         int err;
1234
1235         /* do we fit in the available space? */
1236         err = generic_get_table_info(dev, uid, OPAL_TABLE_ROWS);
1237         if (err) {
1238                 pr_debug("Couldn't get the table size\n");
1239                 return err;
1240         }
1241
1242         len = response_get_u64(&dev->parsed, 4);
1243         if (size > len || offset > len - size) {
1244                 pr_debug("Does not fit in the table (%llu vs. %llu)\n",
1245                           offset + size, len);
1246                 return -ENOSPC;
1247         }
1248
1249         /* do the actual transmission(s) */
1250         while (off < size) {
1251                 err = cmd_start(dev, uid, opalmethod[OPAL_SET]);
1252                 add_token_u8(&err, dev, OPAL_STARTNAME);
1253                 add_token_u8(&err, dev, OPAL_WHERE);
1254                 add_token_u64(&err, dev, offset + off);
1255                 add_token_u8(&err, dev, OPAL_ENDNAME);
1256
1257                 add_token_u8(&err, dev, OPAL_STARTNAME);
1258                 add_token_u8(&err, dev, OPAL_VALUES);
1259
1260                 /*
1261                  * The bytestring header is either 1 or 2 bytes, so assume 2.
1262                  * There also needs to be enough space to accommodate the
1263                  * trailing OPAL_ENDNAME (1 byte) and tokens added by
1264                  * cmd_finalize.
1265                  */
1266                 len = min(remaining_size(dev) - (2+1+CMD_FINALIZE_BYTES_NEEDED),
1267                           (size_t)(size - off));
1268                 pr_debug("Write bytes %zu+%llu/%llu\n", off, len, size);
1269
1270                 dst = add_bytestring_header(&err, dev, len);
1271                 if (!dst)
1272                         break;
1273
1274                 if (copy_from_user(dst, src + off, len)) {
1275                         err = -EFAULT;
1276                         break;
1277                 }
1278
1279                 dev->pos += len;
1280
1281                 add_token_u8(&err, dev, OPAL_ENDNAME);
1282                 if (err)
1283                         break;
1284
1285                 err = finalize_and_send(dev, parse_and_check_status);
1286                 if (err)
1287                         break;
1288
1289                 off += len;
1290         }
1291
1292         return err;
1293 }
1294
1295 static int generic_lr_enable_disable(struct opal_dev *dev,
1296                                      u8 *uid, bool rle, bool wle,
1297                                      bool rl, bool wl)
1298 {
1299         int err;
1300
1301         err = cmd_start(dev, uid, opalmethod[OPAL_SET]);
1302
1303         add_token_u8(&err, dev, OPAL_STARTNAME);
1304         add_token_u8(&err, dev, OPAL_VALUES);
1305         add_token_u8(&err, dev, OPAL_STARTLIST);
1306
1307         add_token_u8(&err, dev, OPAL_STARTNAME);
1308         add_token_u8(&err, dev, OPAL_READLOCKENABLED);
1309         add_token_u8(&err, dev, rle);
1310         add_token_u8(&err, dev, OPAL_ENDNAME);
1311
1312         add_token_u8(&err, dev, OPAL_STARTNAME);
1313         add_token_u8(&err, dev, OPAL_WRITELOCKENABLED);
1314         add_token_u8(&err, dev, wle);
1315         add_token_u8(&err, dev, OPAL_ENDNAME);
1316
1317         add_token_u8(&err, dev, OPAL_STARTNAME);
1318         add_token_u8(&err, dev, OPAL_READLOCKED);
1319         add_token_u8(&err, dev, rl);
1320         add_token_u8(&err, dev, OPAL_ENDNAME);
1321
1322         add_token_u8(&err, dev, OPAL_STARTNAME);
1323         add_token_u8(&err, dev, OPAL_WRITELOCKED);
1324         add_token_u8(&err, dev, wl);
1325         add_token_u8(&err, dev, OPAL_ENDNAME);
1326
1327         add_token_u8(&err, dev, OPAL_ENDLIST);
1328         add_token_u8(&err, dev, OPAL_ENDNAME);
1329
1330         return err;
1331 }
1332
1333 static inline int enable_global_lr(struct opal_dev *dev, u8 *uid,
1334                                    struct opal_user_lr_setup *setup)
1335 {
1336         int err;
1337
1338         err = generic_lr_enable_disable(dev, uid, !!setup->RLE, !!setup->WLE,
1339                                         0, 0);
1340         if (err)
1341                 pr_debug("Failed to create enable global lr command\n");
1342
1343         return err;
1344 }
1345
1346 static int setup_locking_range(struct opal_dev *dev, void *data)
1347 {
1348         u8 uid[OPAL_UID_LENGTH];
1349         struct opal_user_lr_setup *setup = data;
1350         u8 lr;
1351         int err;
1352
1353         lr = setup->session.opal_key.lr;
1354         err = build_locking_range(uid, sizeof(uid), lr);
1355         if (err)
1356                 return err;
1357
1358         if (lr == 0)
1359                 err = enable_global_lr(dev, uid, setup);
1360         else {
1361                 err = cmd_start(dev, uid, opalmethod[OPAL_SET]);
1362
1363                 add_token_u8(&err, dev, OPAL_STARTNAME);
1364                 add_token_u8(&err, dev, OPAL_VALUES);
1365                 add_token_u8(&err, dev, OPAL_STARTLIST);
1366
1367                 add_token_u8(&err, dev, OPAL_STARTNAME);
1368                 add_token_u8(&err, dev, OPAL_RANGESTART);
1369                 add_token_u64(&err, dev, setup->range_start);
1370                 add_token_u8(&err, dev, OPAL_ENDNAME);
1371
1372                 add_token_u8(&err, dev, OPAL_STARTNAME);
1373                 add_token_u8(&err, dev, OPAL_RANGELENGTH);
1374                 add_token_u64(&err, dev, setup->range_length);
1375                 add_token_u8(&err, dev, OPAL_ENDNAME);
1376
1377                 add_token_u8(&err, dev, OPAL_STARTNAME);
1378                 add_token_u8(&err, dev, OPAL_READLOCKENABLED);
1379                 add_token_u64(&err, dev, !!setup->RLE);
1380                 add_token_u8(&err, dev, OPAL_ENDNAME);
1381
1382                 add_token_u8(&err, dev, OPAL_STARTNAME);
1383                 add_token_u8(&err, dev, OPAL_WRITELOCKENABLED);
1384                 add_token_u64(&err, dev, !!setup->WLE);
1385                 add_token_u8(&err, dev, OPAL_ENDNAME);
1386
1387                 add_token_u8(&err, dev, OPAL_ENDLIST);
1388                 add_token_u8(&err, dev, OPAL_ENDNAME);
1389         }
1390         if (err) {
1391                 pr_debug("Error building Setup Locking range command.\n");
1392                 return err;
1393         }
1394
1395         return finalize_and_send(dev, parse_and_check_status);
1396 }
1397
1398 static int start_generic_opal_session(struct opal_dev *dev,
1399                                       enum opal_uid auth,
1400                                       enum opal_uid sp_type,
1401                                       const char *key,
1402                                       u8 key_len)
1403 {
1404         u32 hsn;
1405         int err;
1406
1407         if (key == NULL && auth != OPAL_ANYBODY_UID)
1408                 return OPAL_INVAL_PARAM;
1409
1410         hsn = GENERIC_HOST_SESSION_NUM;
1411         err = cmd_start(dev, opaluid[OPAL_SMUID_UID],
1412                         opalmethod[OPAL_STARTSESSION]);
1413
1414         add_token_u64(&err, dev, hsn);
1415         add_token_bytestring(&err, dev, opaluid[sp_type], OPAL_UID_LENGTH);
1416         add_token_u8(&err, dev, 1);
1417
1418         switch (auth) {
1419         case OPAL_ANYBODY_UID:
1420                 break;
1421         case OPAL_ADMIN1_UID:
1422         case OPAL_SID_UID:
1423         case OPAL_PSID_UID:
1424                 add_token_u8(&err, dev, OPAL_STARTNAME);
1425                 add_token_u8(&err, dev, 0); /* HostChallenge */
1426                 add_token_bytestring(&err, dev, key, key_len);
1427                 add_token_u8(&err, dev, OPAL_ENDNAME);
1428                 add_token_u8(&err, dev, OPAL_STARTNAME);
1429                 add_token_u8(&err, dev, 3); /* HostSignAuth */
1430                 add_token_bytestring(&err, dev, opaluid[auth],
1431                                      OPAL_UID_LENGTH);
1432                 add_token_u8(&err, dev, OPAL_ENDNAME);
1433                 break;
1434         default:
1435                 pr_debug("Cannot start Admin SP session with auth %d\n", auth);
1436                 return OPAL_INVAL_PARAM;
1437         }
1438
1439         if (err) {
1440                 pr_debug("Error building start adminsp session command.\n");
1441                 return err;
1442         }
1443
1444         return finalize_and_send(dev, start_opal_session_cont);
1445 }
1446
1447 static int start_anybodyASP_opal_session(struct opal_dev *dev, void *data)
1448 {
1449         return start_generic_opal_session(dev, OPAL_ANYBODY_UID,
1450                                           OPAL_ADMINSP_UID, NULL, 0);
1451 }
1452
1453 static int start_SIDASP_opal_session(struct opal_dev *dev, void *data)
1454 {
1455         int ret;
1456         const u8 *key = dev->prev_data;
1457
1458         if (!key) {
1459                 const struct opal_key *okey = data;
1460
1461                 ret = start_generic_opal_session(dev, OPAL_SID_UID,
1462                                                  OPAL_ADMINSP_UID,
1463                                                  okey->key,
1464                                                  okey->key_len);
1465         } else {
1466                 ret = start_generic_opal_session(dev, OPAL_SID_UID,
1467                                                  OPAL_ADMINSP_UID,
1468                                                  key, dev->prev_d_len);
1469                 kfree(key);
1470                 dev->prev_data = NULL;
1471         }
1472
1473         return ret;
1474 }
1475
1476 static int start_admin1LSP_opal_session(struct opal_dev *dev, void *data)
1477 {
1478         struct opal_key *key = data;
1479
1480         return start_generic_opal_session(dev, OPAL_ADMIN1_UID,
1481                                           OPAL_LOCKINGSP_UID,
1482                                           key->key, key->key_len);
1483 }
1484
1485 static int start_PSID_opal_session(struct opal_dev *dev, void *data)
1486 {
1487         const struct opal_key *okey = data;
1488
1489         return start_generic_opal_session(dev, OPAL_PSID_UID,
1490                                           OPAL_ADMINSP_UID,
1491                                           okey->key,
1492                                           okey->key_len);
1493 }
1494
1495 static int start_auth_opal_session(struct opal_dev *dev, void *data)
1496 {
1497         struct opal_session_info *session = data;
1498         u8 lk_ul_user[OPAL_UID_LENGTH];
1499         size_t keylen = session->opal_key.key_len;
1500         int err = 0;
1501
1502         u8 *key = session->opal_key.key;
1503         u32 hsn = GENERIC_HOST_SESSION_NUM;
1504
1505         if (session->sum)
1506                 err = build_locking_user(lk_ul_user, sizeof(lk_ul_user),
1507                                          session->opal_key.lr);
1508         else if (session->who != OPAL_ADMIN1 && !session->sum)
1509                 err = build_locking_user(lk_ul_user, sizeof(lk_ul_user),
1510                                          session->who - 1);
1511         else
1512                 memcpy(lk_ul_user, opaluid[OPAL_ADMIN1_UID], OPAL_UID_LENGTH);
1513
1514         if (err)
1515                 return err;
1516
1517         err = cmd_start(dev, opaluid[OPAL_SMUID_UID],
1518                         opalmethod[OPAL_STARTSESSION]);
1519
1520         add_token_u64(&err, dev, hsn);
1521         add_token_bytestring(&err, dev, opaluid[OPAL_LOCKINGSP_UID],
1522                              OPAL_UID_LENGTH);
1523         add_token_u8(&err, dev, 1);
1524         add_token_u8(&err, dev, OPAL_STARTNAME);
1525         add_token_u8(&err, dev, 0);
1526         add_token_bytestring(&err, dev, key, keylen);
1527         add_token_u8(&err, dev, OPAL_ENDNAME);
1528         add_token_u8(&err, dev, OPAL_STARTNAME);
1529         add_token_u8(&err, dev, 3);
1530         add_token_bytestring(&err, dev, lk_ul_user, OPAL_UID_LENGTH);
1531         add_token_u8(&err, dev, OPAL_ENDNAME);
1532
1533         if (err) {
1534                 pr_debug("Error building STARTSESSION command.\n");
1535                 return err;
1536         }
1537
1538         return finalize_and_send(dev, start_opal_session_cont);
1539 }
1540
1541 static int revert_tper(struct opal_dev *dev, void *data)
1542 {
1543         int err;
1544
1545         err = cmd_start(dev, opaluid[OPAL_ADMINSP_UID],
1546                         opalmethod[OPAL_REVERT]);
1547         if (err) {
1548                 pr_debug("Error building REVERT TPER command.\n");
1549                 return err;
1550         }
1551
1552         return finalize_and_send(dev, parse_and_check_status);
1553 }
1554
1555 static int internal_activate_user(struct opal_dev *dev, void *data)
1556 {
1557         struct opal_session_info *session = data;
1558         u8 uid[OPAL_UID_LENGTH];
1559         int err;
1560
1561         memcpy(uid, opaluid[OPAL_USER1_UID], OPAL_UID_LENGTH);
1562         uid[7] = session->who;
1563
1564         err = cmd_start(dev, uid, opalmethod[OPAL_SET]);
1565         add_token_u8(&err, dev, OPAL_STARTNAME);
1566         add_token_u8(&err, dev, OPAL_VALUES);
1567         add_token_u8(&err, dev, OPAL_STARTLIST);
1568         add_token_u8(&err, dev, OPAL_STARTNAME);
1569         add_token_u8(&err, dev, 5); /* Enabled */
1570         add_token_u8(&err, dev, OPAL_TRUE);
1571         add_token_u8(&err, dev, OPAL_ENDNAME);
1572         add_token_u8(&err, dev, OPAL_ENDLIST);
1573         add_token_u8(&err, dev, OPAL_ENDNAME);
1574
1575         if (err) {
1576                 pr_debug("Error building Activate UserN command.\n");
1577                 return err;
1578         }
1579
1580         return finalize_and_send(dev, parse_and_check_status);
1581 }
1582
1583 static int erase_locking_range(struct opal_dev *dev, void *data)
1584 {
1585         struct opal_session_info *session = data;
1586         u8 uid[OPAL_UID_LENGTH];
1587         int err;
1588
1589         if (build_locking_range(uid, sizeof(uid), session->opal_key.lr) < 0)
1590                 return -ERANGE;
1591
1592         err = cmd_start(dev, uid, opalmethod[OPAL_ERASE]);
1593
1594         if (err) {
1595                 pr_debug("Error building Erase Locking Range Command.\n");
1596                 return err;
1597         }
1598
1599         return finalize_and_send(dev, parse_and_check_status);
1600 }
1601
1602 static int set_mbr_done(struct opal_dev *dev, void *data)
1603 {
1604         u8 *mbr_done_tf = data;
1605         int err;
1606
1607         err = cmd_start(dev, opaluid[OPAL_MBRCONTROL],
1608                         opalmethod[OPAL_SET]);
1609
1610         add_token_u8(&err, dev, OPAL_STARTNAME);
1611         add_token_u8(&err, dev, OPAL_VALUES);
1612         add_token_u8(&err, dev, OPAL_STARTLIST);
1613         add_token_u8(&err, dev, OPAL_STARTNAME);
1614         add_token_u8(&err, dev, OPAL_MBRDONE);
1615         add_token_u8(&err, dev, *mbr_done_tf); /* Done T or F */
1616         add_token_u8(&err, dev, OPAL_ENDNAME);
1617         add_token_u8(&err, dev, OPAL_ENDLIST);
1618         add_token_u8(&err, dev, OPAL_ENDNAME);
1619
1620         if (err) {
1621                 pr_debug("Error Building set MBR Done command\n");
1622                 return err;
1623         }
1624
1625         return finalize_and_send(dev, parse_and_check_status);
1626 }
1627
1628 static int set_mbr_enable_disable(struct opal_dev *dev, void *data)
1629 {
1630         u8 *mbr_en_dis = data;
1631         int err;
1632
1633         err = cmd_start(dev, opaluid[OPAL_MBRCONTROL],
1634                         opalmethod[OPAL_SET]);
1635
1636         add_token_u8(&err, dev, OPAL_STARTNAME);
1637         add_token_u8(&err, dev, OPAL_VALUES);
1638         add_token_u8(&err, dev, OPAL_STARTLIST);
1639         add_token_u8(&err, dev, OPAL_STARTNAME);
1640         add_token_u8(&err, dev, OPAL_MBRENABLE);
1641         add_token_u8(&err, dev, *mbr_en_dis);
1642         add_token_u8(&err, dev, OPAL_ENDNAME);
1643         add_token_u8(&err, dev, OPAL_ENDLIST);
1644         add_token_u8(&err, dev, OPAL_ENDNAME);
1645
1646         if (err) {
1647                 pr_debug("Error Building set MBR done command\n");
1648                 return err;
1649         }
1650
1651         return finalize_and_send(dev, parse_and_check_status);
1652 }
1653
1654 static int write_shadow_mbr(struct opal_dev *dev, void *data)
1655 {
1656         struct opal_shadow_mbr *shadow = data;
1657
1658         return generic_table_write_data(dev, shadow->data, shadow->offset,
1659                                         shadow->size, opaluid[OPAL_MBR]);
1660 }
1661
1662 static int generic_pw_cmd(u8 *key, size_t key_len, u8 *cpin_uid,
1663                           struct opal_dev *dev)
1664 {
1665         int err;
1666
1667         err = cmd_start(dev, cpin_uid, opalmethod[OPAL_SET]);
1668
1669         add_token_u8(&err, dev, OPAL_STARTNAME);
1670         add_token_u8(&err, dev, OPAL_VALUES);
1671         add_token_u8(&err, dev, OPAL_STARTLIST);
1672         add_token_u8(&err, dev, OPAL_STARTNAME);
1673         add_token_u8(&err, dev, OPAL_PIN);
1674         add_token_bytestring(&err, dev, key, key_len);
1675         add_token_u8(&err, dev, OPAL_ENDNAME);
1676         add_token_u8(&err, dev, OPAL_ENDLIST);
1677         add_token_u8(&err, dev, OPAL_ENDNAME);
1678
1679         return err;
1680 }
1681
1682 static int set_new_pw(struct opal_dev *dev, void *data)
1683 {
1684         u8 cpin_uid[OPAL_UID_LENGTH];
1685         struct opal_session_info *usr = data;
1686
1687         memcpy(cpin_uid, opaluid[OPAL_C_PIN_ADMIN1], OPAL_UID_LENGTH);
1688
1689         if (usr->who != OPAL_ADMIN1) {
1690                 cpin_uid[5] = 0x03;
1691                 if (usr->sum)
1692                         cpin_uid[7] = usr->opal_key.lr + 1;
1693                 else
1694                         cpin_uid[7] = usr->who;
1695         }
1696
1697         if (generic_pw_cmd(usr->opal_key.key, usr->opal_key.key_len,
1698                            cpin_uid, dev)) {
1699                 pr_debug("Error building set password command.\n");
1700                 return -ERANGE;
1701         }
1702
1703         return finalize_and_send(dev, parse_and_check_status);
1704 }
1705
1706 static int set_sid_cpin_pin(struct opal_dev *dev, void *data)
1707 {
1708         u8 cpin_uid[OPAL_UID_LENGTH];
1709         struct opal_key *key = data;
1710
1711         memcpy(cpin_uid, opaluid[OPAL_C_PIN_SID], OPAL_UID_LENGTH);
1712
1713         if (generic_pw_cmd(key->key, key->key_len, cpin_uid, dev)) {
1714                 pr_debug("Error building Set SID cpin\n");
1715                 return -ERANGE;
1716         }
1717         return finalize_and_send(dev, parse_and_check_status);
1718 }
1719
1720 static int add_user_to_lr(struct opal_dev *dev, void *data)
1721 {
1722         u8 lr_buffer[OPAL_UID_LENGTH];
1723         u8 user_uid[OPAL_UID_LENGTH];
1724         struct opal_lock_unlock *lkul = data;
1725         int err;
1726
1727         memcpy(lr_buffer, opaluid[OPAL_LOCKINGRANGE_ACE_RDLOCKED],
1728                OPAL_UID_LENGTH);
1729
1730         if (lkul->l_state == OPAL_RW)
1731                 memcpy(lr_buffer, opaluid[OPAL_LOCKINGRANGE_ACE_WRLOCKED],
1732                        OPAL_UID_LENGTH);
1733
1734         lr_buffer[7] = lkul->session.opal_key.lr;
1735
1736         memcpy(user_uid, opaluid[OPAL_USER1_UID], OPAL_UID_LENGTH);
1737
1738         user_uid[7] = lkul->session.who;
1739
1740         err = cmd_start(dev, lr_buffer, opalmethod[OPAL_SET]);
1741
1742         add_token_u8(&err, dev, OPAL_STARTNAME);
1743         add_token_u8(&err, dev, OPAL_VALUES);
1744
1745         add_token_u8(&err, dev, OPAL_STARTLIST);
1746         add_token_u8(&err, dev, OPAL_STARTNAME);
1747         add_token_u8(&err, dev, 3);
1748
1749         add_token_u8(&err, dev, OPAL_STARTLIST);
1750
1751
1752         add_token_u8(&err, dev, OPAL_STARTNAME);
1753         add_token_bytestring(&err, dev,
1754                              opaluid[OPAL_HALF_UID_AUTHORITY_OBJ_REF],
1755                              OPAL_UID_LENGTH/2);
1756         add_token_bytestring(&err, dev, user_uid, OPAL_UID_LENGTH);
1757         add_token_u8(&err, dev, OPAL_ENDNAME);
1758
1759
1760         add_token_u8(&err, dev, OPAL_STARTNAME);
1761         add_token_bytestring(&err, dev,
1762                              opaluid[OPAL_HALF_UID_AUTHORITY_OBJ_REF],
1763                              OPAL_UID_LENGTH/2);
1764         add_token_bytestring(&err, dev, user_uid, OPAL_UID_LENGTH);
1765         add_token_u8(&err, dev, OPAL_ENDNAME);
1766
1767
1768         add_token_u8(&err, dev, OPAL_STARTNAME);
1769         add_token_bytestring(&err, dev, opaluid[OPAL_HALF_UID_BOOLEAN_ACE],
1770                              OPAL_UID_LENGTH/2);
1771         add_token_u8(&err, dev, 1);
1772         add_token_u8(&err, dev, OPAL_ENDNAME);
1773
1774
1775         add_token_u8(&err, dev, OPAL_ENDLIST);
1776         add_token_u8(&err, dev, OPAL_ENDNAME);
1777         add_token_u8(&err, dev, OPAL_ENDLIST);
1778         add_token_u8(&err, dev, OPAL_ENDNAME);
1779
1780         if (err) {
1781                 pr_debug("Error building add user to locking range command.\n");
1782                 return err;
1783         }
1784
1785         return finalize_and_send(dev, parse_and_check_status);
1786 }
1787
1788 static int lock_unlock_locking_range(struct opal_dev *dev, void *data)
1789 {
1790         u8 lr_buffer[OPAL_UID_LENGTH];
1791         struct opal_lock_unlock *lkul = data;
1792         u8 read_locked = 1, write_locked = 1;
1793         int err = 0;
1794
1795         if (build_locking_range(lr_buffer, sizeof(lr_buffer),
1796                                 lkul->session.opal_key.lr) < 0)
1797                 return -ERANGE;
1798
1799         switch (lkul->l_state) {
1800         case OPAL_RO:
1801                 read_locked = 0;
1802                 write_locked = 1;
1803                 break;
1804         case OPAL_RW:
1805                 read_locked = 0;
1806                 write_locked = 0;
1807                 break;
1808         case OPAL_LK:
1809                 /* vars are initialized to locked */
1810                 break;
1811         default:
1812                 pr_debug("Tried to set an invalid locking state... returning to uland\n");
1813                 return OPAL_INVAL_PARAM;
1814         }
1815
1816         err = cmd_start(dev, lr_buffer, opalmethod[OPAL_SET]);
1817
1818         add_token_u8(&err, dev, OPAL_STARTNAME);
1819         add_token_u8(&err, dev, OPAL_VALUES);
1820         add_token_u8(&err, dev, OPAL_STARTLIST);
1821
1822         add_token_u8(&err, dev, OPAL_STARTNAME);
1823         add_token_u8(&err, dev, OPAL_READLOCKED);
1824         add_token_u8(&err, dev, read_locked);
1825         add_token_u8(&err, dev, OPAL_ENDNAME);
1826
1827         add_token_u8(&err, dev, OPAL_STARTNAME);
1828         add_token_u8(&err, dev, OPAL_WRITELOCKED);
1829         add_token_u8(&err, dev, write_locked);
1830         add_token_u8(&err, dev, OPAL_ENDNAME);
1831
1832         add_token_u8(&err, dev, OPAL_ENDLIST);
1833         add_token_u8(&err, dev, OPAL_ENDNAME);
1834
1835         if (err) {
1836                 pr_debug("Error building SET command.\n");
1837                 return err;
1838         }
1839
1840         return finalize_and_send(dev, parse_and_check_status);
1841 }
1842
1843
1844 static int lock_unlock_locking_range_sum(struct opal_dev *dev, void *data)
1845 {
1846         u8 lr_buffer[OPAL_UID_LENGTH];
1847         u8 read_locked = 1, write_locked = 1;
1848         struct opal_lock_unlock *lkul = data;
1849         int ret;
1850
1851         clear_opal_cmd(dev);
1852         set_comid(dev, dev->comid);
1853
1854         if (build_locking_range(lr_buffer, sizeof(lr_buffer),
1855                                 lkul->session.opal_key.lr) < 0)
1856                 return -ERANGE;
1857
1858         switch (lkul->l_state) {
1859         case OPAL_RO:
1860                 read_locked = 0;
1861                 write_locked = 1;
1862                 break;
1863         case OPAL_RW:
1864                 read_locked = 0;
1865                 write_locked = 0;
1866                 break;
1867         case OPAL_LK:
1868                 /* vars are initialized to locked */
1869                 break;
1870         default:
1871                 pr_debug("Tried to set an invalid locking state.\n");
1872                 return OPAL_INVAL_PARAM;
1873         }
1874         ret = generic_lr_enable_disable(dev, lr_buffer, 1, 1,
1875                                         read_locked, write_locked);
1876
1877         if (ret < 0) {
1878                 pr_debug("Error building SET command.\n");
1879                 return ret;
1880         }
1881
1882         return finalize_and_send(dev, parse_and_check_status);
1883 }
1884
1885 static int activate_lsp(struct opal_dev *dev, void *data)
1886 {
1887         struct opal_lr_act *opal_act = data;
1888         u8 user_lr[OPAL_UID_LENGTH];
1889         int err, i;
1890
1891         err = cmd_start(dev, opaluid[OPAL_LOCKINGSP_UID],
1892                         opalmethod[OPAL_ACTIVATE]);
1893
1894         if (opal_act->sum) {
1895                 err = build_locking_range(user_lr, sizeof(user_lr),
1896                                           opal_act->lr[0]);
1897                 if (err)
1898                         return err;
1899
1900                 add_token_u8(&err, dev, OPAL_STARTNAME);
1901                 add_token_u64(&err, dev, OPAL_SUM_SET_LIST);
1902
1903                 add_token_u8(&err, dev, OPAL_STARTLIST);
1904                 add_token_bytestring(&err, dev, user_lr, OPAL_UID_LENGTH);
1905                 for (i = 1; i < opal_act->num_lrs; i++) {
1906                         user_lr[7] = opal_act->lr[i];
1907                         add_token_bytestring(&err, dev, user_lr, OPAL_UID_LENGTH);
1908                 }
1909                 add_token_u8(&err, dev, OPAL_ENDLIST);
1910                 add_token_u8(&err, dev, OPAL_ENDNAME);
1911         }
1912
1913         if (err) {
1914                 pr_debug("Error building Activate LockingSP command.\n");
1915                 return err;
1916         }
1917
1918         return finalize_and_send(dev, parse_and_check_status);
1919 }
1920
1921 /* Determine if we're in the Manufactured Inactive or Active state */
1922 static int get_lsp_lifecycle(struct opal_dev *dev, void *data)
1923 {
1924         u8 lc_status;
1925         int err;
1926
1927         err = generic_get_column(dev, opaluid[OPAL_LOCKINGSP_UID],
1928                                  OPAL_LIFECYCLE);
1929         if (err)
1930                 return err;
1931
1932         lc_status = response_get_u64(&dev->parsed, 4);
1933         /* 0x08 is Manufactured Inactive */
1934         /* 0x09 is Manufactured */
1935         if (lc_status != OPAL_MANUFACTURED_INACTIVE) {
1936                 pr_debug("Couldn't determine the status of the Lifecycle state\n");
1937                 return -ENODEV;
1938         }
1939
1940         return 0;
1941 }
1942
1943 static int get_msid_cpin_pin(struct opal_dev *dev, void *data)
1944 {
1945         const char *msid_pin;
1946         size_t strlen;
1947         int err;
1948
1949         err = generic_get_column(dev, opaluid[OPAL_C_PIN_MSID], OPAL_PIN);
1950         if (err)
1951                 return err;
1952
1953         strlen = response_get_string(&dev->parsed, 4, &msid_pin);
1954         if (!msid_pin) {
1955                 pr_debug("Couldn't extract MSID_CPIN from response\n");
1956                 return OPAL_INVAL_PARAM;
1957         }
1958
1959         dev->prev_data = kmemdup(msid_pin, strlen, GFP_KERNEL);
1960         if (!dev->prev_data)
1961                 return -ENOMEM;
1962
1963         dev->prev_d_len = strlen;
1964
1965         return 0;
1966 }
1967
1968 static int write_table_data(struct opal_dev *dev, void *data)
1969 {
1970         struct opal_read_write_table *write_tbl = data;
1971
1972         return generic_table_write_data(dev, write_tbl->data, write_tbl->offset,
1973                                         write_tbl->size, write_tbl->table_uid);
1974 }
1975
1976 static int read_table_data_cont(struct opal_dev *dev)
1977 {
1978         int err;
1979         const char *data_read;
1980
1981         err = parse_and_check_status(dev);
1982         if (err)
1983                 return err;
1984
1985         dev->prev_d_len = response_get_string(&dev->parsed, 1, &data_read);
1986         dev->prev_data = (void *)data_read;
1987         if (!dev->prev_data) {
1988                 pr_debug("%s: Couldn't read data from the table.\n", __func__);
1989                 return OPAL_INVAL_PARAM;
1990         }
1991
1992         return 0;
1993 }
1994
1995 /*
1996  * IO_BUFFER_LENGTH = 2048
1997  * sizeof(header) = 56
1998  * No. of Token Bytes in the Response = 11
1999  * MAX size of data that can be carried in response buffer
2000  * at a time is : 2048 - (56 + 11) = 1981 = 0x7BD.
2001  */
2002 #define OPAL_MAX_READ_TABLE (0x7BD)
2003
2004 static int read_table_data(struct opal_dev *dev, void *data)
2005 {
2006         struct opal_read_write_table *read_tbl = data;
2007         int err;
2008         size_t off = 0, max_read_size = OPAL_MAX_READ_TABLE;
2009         u64 table_len, len;
2010         u64 offset = read_tbl->offset, read_size = read_tbl->size - 1;
2011         u8 __user *dst;
2012
2013         err = generic_get_table_info(dev, read_tbl->table_uid, OPAL_TABLE_ROWS);
2014         if (err) {
2015                 pr_debug("Couldn't get the table size\n");
2016                 return err;
2017         }
2018
2019         table_len = response_get_u64(&dev->parsed, 4);
2020
2021         /* Check if the user is trying to read from the table limits */
2022         if (read_size > table_len || offset > table_len - read_size) {
2023                 pr_debug("Read size exceeds the Table size limits (%llu vs. %llu)\n",
2024                           offset + read_size, table_len);
2025                 return -EINVAL;
2026         }
2027
2028         while (off < read_size) {
2029                 err = cmd_start(dev, read_tbl->table_uid, opalmethod[OPAL_GET]);
2030
2031                 add_token_u8(&err, dev, OPAL_STARTLIST);
2032                 add_token_u8(&err, dev, OPAL_STARTNAME);
2033                 add_token_u8(&err, dev, OPAL_STARTROW);
2034                 add_token_u64(&err, dev, offset + off); /* start row value */
2035                 add_token_u8(&err, dev, OPAL_ENDNAME);
2036
2037                 add_token_u8(&err, dev, OPAL_STARTNAME);
2038                 add_token_u8(&err, dev, OPAL_ENDROW);
2039
2040                 len = min(max_read_size, (size_t)(read_size - off));
2041                 add_token_u64(&err, dev, offset + off + len); /* end row value
2042                                                                */
2043                 add_token_u8(&err, dev, OPAL_ENDNAME);
2044                 add_token_u8(&err, dev, OPAL_ENDLIST);
2045
2046                 if (err) {
2047                         pr_debug("Error building read table data command.\n");
2048                         break;
2049                 }
2050
2051                 err = finalize_and_send(dev, read_table_data_cont);
2052                 if (err)
2053                         break;
2054
2055                 /* len+1: This includes the NULL terminator at the end*/
2056                 if (dev->prev_d_len > len + 1) {
2057                         err = -EOVERFLOW;
2058                         break;
2059                 }
2060
2061                 dst = (u8 __user *)(uintptr_t)read_tbl->data;
2062                 if (copy_to_user(dst + off, dev->prev_data, dev->prev_d_len)) {
2063                         pr_debug("Error copying data to userspace\n");
2064                         err = -EFAULT;
2065                         break;
2066                 }
2067                 dev->prev_data = NULL;
2068
2069                 off += len;
2070         }
2071
2072         return err;
2073 }
2074
2075 static int end_opal_session(struct opal_dev *dev, void *data)
2076 {
2077         int err = 0;
2078
2079         clear_opal_cmd(dev);
2080         set_comid(dev, dev->comid);
2081         add_token_u8(&err, dev, OPAL_ENDOFSESSION);
2082
2083         if (err < 0)
2084                 return err;
2085
2086         return finalize_and_send(dev, end_session_cont);
2087 }
2088
2089 static int end_opal_session_error(struct opal_dev *dev)
2090 {
2091         const struct opal_step error_end_session = {
2092                 end_opal_session,
2093         };
2094
2095         return execute_step(dev, &error_end_session, 0);
2096 }
2097
2098 static inline void setup_opal_dev(struct opal_dev *dev)
2099 {
2100         dev->tsn = 0;
2101         dev->hsn = 0;
2102         dev->prev_data = NULL;
2103 }
2104
2105 static int check_opal_support(struct opal_dev *dev)
2106 {
2107         int ret;
2108
2109         mutex_lock(&dev->dev_lock);
2110         setup_opal_dev(dev);
2111         ret = opal_discovery0_step(dev);
2112         dev->supported = !ret;
2113         mutex_unlock(&dev->dev_lock);
2114
2115         return ret;
2116 }
2117
2118 static void clean_opal_dev(struct opal_dev *dev)
2119 {
2120
2121         struct opal_suspend_data *suspend, *next;
2122
2123         mutex_lock(&dev->dev_lock);
2124         list_for_each_entry_safe(suspend, next, &dev->unlk_lst, node) {
2125                 list_del(&suspend->node);
2126                 kfree(suspend);
2127         }
2128         mutex_unlock(&dev->dev_lock);
2129 }
2130
2131 void free_opal_dev(struct opal_dev *dev)
2132 {
2133         if (!dev)
2134                 return;
2135
2136         clean_opal_dev(dev);
2137         kfree(dev);
2138 }
2139 EXPORT_SYMBOL(free_opal_dev);
2140
2141 struct opal_dev *init_opal_dev(void *data, sec_send_recv *send_recv)
2142 {
2143         struct opal_dev *dev;
2144
2145         dev = kmalloc(sizeof(*dev), GFP_KERNEL);
2146         if (!dev)
2147                 return NULL;
2148
2149         INIT_LIST_HEAD(&dev->unlk_lst);
2150         mutex_init(&dev->dev_lock);
2151         dev->data = data;
2152         dev->send_recv = send_recv;
2153         if (check_opal_support(dev) != 0) {
2154                 pr_debug("Opal is not supported on this device\n");
2155                 kfree(dev);
2156                 return NULL;
2157         }
2158
2159         return dev;
2160 }
2161 EXPORT_SYMBOL(init_opal_dev);
2162
2163 static int opal_secure_erase_locking_range(struct opal_dev *dev,
2164                                            struct opal_session_info *opal_session)
2165 {
2166         const struct opal_step erase_steps[] = {
2167                 { start_auth_opal_session, opal_session },
2168                 { get_active_key, &opal_session->opal_key.lr },
2169                 { gen_key, },
2170                 { end_opal_session, }
2171         };
2172         int ret;
2173
2174         mutex_lock(&dev->dev_lock);
2175         setup_opal_dev(dev);
2176         ret = execute_steps(dev, erase_steps, ARRAY_SIZE(erase_steps));
2177         mutex_unlock(&dev->dev_lock);
2178
2179         return ret;
2180 }
2181
2182 static int opal_erase_locking_range(struct opal_dev *dev,
2183                                     struct opal_session_info *opal_session)
2184 {
2185         const struct opal_step erase_steps[] = {
2186                 { start_auth_opal_session, opal_session },
2187                 { erase_locking_range, opal_session },
2188                 { end_opal_session, }
2189         };
2190         int ret;
2191
2192         mutex_lock(&dev->dev_lock);
2193         setup_opal_dev(dev);
2194         ret = execute_steps(dev, erase_steps, ARRAY_SIZE(erase_steps));
2195         mutex_unlock(&dev->dev_lock);
2196
2197         return ret;
2198 }
2199
2200 static int opal_enable_disable_shadow_mbr(struct opal_dev *dev,
2201                                           struct opal_mbr_data *opal_mbr)
2202 {
2203         u8 enable_disable = opal_mbr->enable_disable == OPAL_MBR_ENABLE ?
2204                 OPAL_TRUE : OPAL_FALSE;
2205
2206         const struct opal_step mbr_steps[] = {
2207                 { start_admin1LSP_opal_session, &opal_mbr->key },
2208                 { set_mbr_done, &enable_disable },
2209                 { end_opal_session, },
2210                 { start_admin1LSP_opal_session, &opal_mbr->key },
2211                 { set_mbr_enable_disable, &enable_disable },
2212                 { end_opal_session, }
2213         };
2214         int ret;
2215
2216         if (opal_mbr->enable_disable != OPAL_MBR_ENABLE &&
2217             opal_mbr->enable_disable != OPAL_MBR_DISABLE)
2218                 return -EINVAL;
2219
2220         mutex_lock(&dev->dev_lock);
2221         setup_opal_dev(dev);
2222         ret = execute_steps(dev, mbr_steps, ARRAY_SIZE(mbr_steps));
2223         mutex_unlock(&dev->dev_lock);
2224
2225         return ret;
2226 }
2227
2228 static int opal_set_mbr_done(struct opal_dev *dev,
2229                              struct opal_mbr_done *mbr_done)
2230 {
2231         u8 mbr_done_tf = mbr_done->done_flag == OPAL_MBR_DONE ?
2232                 OPAL_TRUE : OPAL_FALSE;
2233
2234         const struct opal_step mbr_steps[] = {
2235                 { start_admin1LSP_opal_session, &mbr_done->key },
2236                 { set_mbr_done, &mbr_done_tf },
2237                 { end_opal_session, }
2238         };
2239         int ret;
2240
2241         if (mbr_done->done_flag != OPAL_MBR_DONE &&
2242             mbr_done->done_flag != OPAL_MBR_NOT_DONE)
2243                 return -EINVAL;
2244
2245         mutex_lock(&dev->dev_lock);
2246         setup_opal_dev(dev);
2247         ret = execute_steps(dev, mbr_steps, ARRAY_SIZE(mbr_steps));
2248         mutex_unlock(&dev->dev_lock);
2249
2250         return ret;
2251 }
2252
2253 static int opal_write_shadow_mbr(struct opal_dev *dev,
2254                                  struct opal_shadow_mbr *info)
2255 {
2256         const struct opal_step mbr_steps[] = {
2257                 { start_admin1LSP_opal_session, &info->key },
2258                 { write_shadow_mbr, info },
2259                 { end_opal_session, }
2260         };
2261         int ret;
2262
2263         if (info->size == 0)
2264                 return 0;
2265
2266         mutex_lock(&dev->dev_lock);
2267         setup_opal_dev(dev);
2268         ret = execute_steps(dev, mbr_steps, ARRAY_SIZE(mbr_steps));
2269         mutex_unlock(&dev->dev_lock);
2270
2271         return ret;
2272 }
2273
2274 static int opal_save(struct opal_dev *dev, struct opal_lock_unlock *lk_unlk)
2275 {
2276         struct opal_suspend_data *suspend;
2277
2278         suspend = kzalloc(sizeof(*suspend), GFP_KERNEL);
2279         if (!suspend)
2280                 return -ENOMEM;
2281
2282         suspend->unlk = *lk_unlk;
2283         suspend->lr = lk_unlk->session.opal_key.lr;
2284
2285         mutex_lock(&dev->dev_lock);
2286         setup_opal_dev(dev);
2287         add_suspend_info(dev, suspend);
2288         mutex_unlock(&dev->dev_lock);
2289
2290         return 0;
2291 }
2292
2293 static int opal_add_user_to_lr(struct opal_dev *dev,
2294                                struct opal_lock_unlock *lk_unlk)
2295 {
2296         const struct opal_step steps[] = {
2297                 { start_admin1LSP_opal_session, &lk_unlk->session.opal_key },
2298                 { add_user_to_lr, lk_unlk },
2299                 { end_opal_session, }
2300         };
2301         int ret;
2302
2303         if (lk_unlk->l_state != OPAL_RO &&
2304             lk_unlk->l_state != OPAL_RW) {
2305                 pr_debug("Locking state was not RO or RW\n");
2306                 return -EINVAL;
2307         }
2308
2309         if (lk_unlk->session.who < OPAL_USER1 ||
2310             lk_unlk->session.who > OPAL_USER9) {
2311                 pr_debug("Authority was not within the range of users: %d\n",
2312                          lk_unlk->session.who);
2313                 return -EINVAL;
2314         }
2315
2316         if (lk_unlk->session.sum) {
2317                 pr_debug("%s not supported in sum. Use setup locking range\n",
2318                          __func__);
2319                 return -EINVAL;
2320         }
2321
2322         mutex_lock(&dev->dev_lock);
2323         setup_opal_dev(dev);
2324         ret = execute_steps(dev, steps, ARRAY_SIZE(steps));
2325         mutex_unlock(&dev->dev_lock);
2326
2327         return ret;
2328 }
2329
2330 static int opal_reverttper(struct opal_dev *dev, struct opal_key *opal, bool psid)
2331 {
2332         /* controller will terminate session */
2333         const struct opal_step revert_steps[] = {
2334                 { start_SIDASP_opal_session, opal },
2335                 { revert_tper, }
2336         };
2337         const struct opal_step psid_revert_steps[] = {
2338                 { start_PSID_opal_session, opal },
2339                 { revert_tper, }
2340         };
2341
2342         int ret;
2343
2344         mutex_lock(&dev->dev_lock);
2345         setup_opal_dev(dev);
2346         if (psid)
2347                 ret = execute_steps(dev, psid_revert_steps,
2348                                     ARRAY_SIZE(psid_revert_steps));
2349         else
2350                 ret = execute_steps(dev, revert_steps,
2351                                     ARRAY_SIZE(revert_steps));
2352         mutex_unlock(&dev->dev_lock);
2353
2354         /*
2355          * If we successfully reverted lets clean
2356          * any saved locking ranges.
2357          */
2358         if (!ret)
2359                 clean_opal_dev(dev);
2360
2361         return ret;
2362 }
2363
2364 static int __opal_lock_unlock(struct opal_dev *dev,
2365                               struct opal_lock_unlock *lk_unlk)
2366 {
2367         const struct opal_step unlock_steps[] = {
2368                 { start_auth_opal_session, &lk_unlk->session },
2369                 { lock_unlock_locking_range, lk_unlk },
2370                 { end_opal_session, }
2371         };
2372         const struct opal_step unlock_sum_steps[] = {
2373                 { start_auth_opal_session, &lk_unlk->session },
2374                 { lock_unlock_locking_range_sum, lk_unlk },
2375                 { end_opal_session, }
2376         };
2377
2378         if (lk_unlk->session.sum)
2379                 return execute_steps(dev, unlock_sum_steps,
2380                                      ARRAY_SIZE(unlock_sum_steps));
2381         else
2382                 return execute_steps(dev, unlock_steps,
2383                                      ARRAY_SIZE(unlock_steps));
2384 }
2385
2386 static int __opal_set_mbr_done(struct opal_dev *dev, struct opal_key *key)
2387 {
2388         u8 mbr_done_tf = OPAL_TRUE;
2389         const struct opal_step mbrdone_step[] = {
2390                 { start_admin1LSP_opal_session, key },
2391                 { set_mbr_done, &mbr_done_tf },
2392                 { end_opal_session, }
2393         };
2394
2395         return execute_steps(dev, mbrdone_step, ARRAY_SIZE(mbrdone_step));
2396 }
2397
2398 static int opal_lock_unlock(struct opal_dev *dev,
2399                             struct opal_lock_unlock *lk_unlk)
2400 {
2401         int ret;
2402
2403         if (lk_unlk->session.who > OPAL_USER9)
2404                 return -EINVAL;
2405
2406         mutex_lock(&dev->dev_lock);
2407         ret = __opal_lock_unlock(dev, lk_unlk);
2408         mutex_unlock(&dev->dev_lock);
2409
2410         return ret;
2411 }
2412
2413 static int opal_take_ownership(struct opal_dev *dev, struct opal_key *opal)
2414 {
2415         const struct opal_step owner_steps[] = {
2416                 { start_anybodyASP_opal_session, },
2417                 { get_msid_cpin_pin, },
2418                 { end_opal_session, },
2419                 { start_SIDASP_opal_session, opal },
2420                 { set_sid_cpin_pin, opal },
2421                 { end_opal_session, }
2422         };
2423         int ret;
2424
2425         if (!dev)
2426                 return -ENODEV;
2427
2428         mutex_lock(&dev->dev_lock);
2429         setup_opal_dev(dev);
2430         ret = execute_steps(dev, owner_steps, ARRAY_SIZE(owner_steps));
2431         mutex_unlock(&dev->dev_lock);
2432
2433         return ret;
2434 }
2435
2436 static int opal_activate_lsp(struct opal_dev *dev,
2437                              struct opal_lr_act *opal_lr_act)
2438 {
2439         const struct opal_step active_steps[] = {
2440                 { start_SIDASP_opal_session, &opal_lr_act->key },
2441                 { get_lsp_lifecycle, },
2442                 { activate_lsp, opal_lr_act },
2443                 { end_opal_session, }
2444         };
2445         int ret;
2446
2447         if (!opal_lr_act->num_lrs || opal_lr_act->num_lrs > OPAL_MAX_LRS)
2448                 return -EINVAL;
2449
2450         mutex_lock(&dev->dev_lock);
2451         setup_opal_dev(dev);
2452         ret = execute_steps(dev, active_steps, ARRAY_SIZE(active_steps));
2453         mutex_unlock(&dev->dev_lock);
2454
2455         return ret;
2456 }
2457
2458 static int opal_setup_locking_range(struct opal_dev *dev,
2459                                     struct opal_user_lr_setup *opal_lrs)
2460 {
2461         const struct opal_step lr_steps[] = {
2462                 { start_auth_opal_session, &opal_lrs->session },
2463                 { setup_locking_range, opal_lrs },
2464                 { end_opal_session, }
2465         };
2466         int ret;
2467
2468         mutex_lock(&dev->dev_lock);
2469         setup_opal_dev(dev);
2470         ret = execute_steps(dev, lr_steps, ARRAY_SIZE(lr_steps));
2471         mutex_unlock(&dev->dev_lock);
2472
2473         return ret;
2474 }
2475
2476 static int opal_set_new_pw(struct opal_dev *dev, struct opal_new_pw *opal_pw)
2477 {
2478         const struct opal_step pw_steps[] = {
2479                 { start_auth_opal_session, &opal_pw->session },
2480                 { set_new_pw, &opal_pw->new_user_pw },
2481                 { end_opal_session, }
2482         };
2483         int ret;
2484
2485         if (opal_pw->session.who > OPAL_USER9  ||
2486             opal_pw->new_user_pw.who > OPAL_USER9)
2487                 return -EINVAL;
2488
2489         mutex_lock(&dev->dev_lock);
2490         setup_opal_dev(dev);
2491         ret = execute_steps(dev, pw_steps, ARRAY_SIZE(pw_steps));
2492         mutex_unlock(&dev->dev_lock);
2493
2494         return ret;
2495 }
2496
2497 static int opal_activate_user(struct opal_dev *dev,
2498                               struct opal_session_info *opal_session)
2499 {
2500         const struct opal_step act_steps[] = {
2501                 { start_admin1LSP_opal_session, &opal_session->opal_key },
2502                 { internal_activate_user, opal_session },
2503                 { end_opal_session, }
2504         };
2505         int ret;
2506
2507         /* We can't activate Admin1 it's active as manufactured */
2508         if (opal_session->who < OPAL_USER1 ||
2509             opal_session->who > OPAL_USER9) {
2510                 pr_debug("Who was not a valid user: %d\n", opal_session->who);
2511                 return -EINVAL;
2512         }
2513
2514         mutex_lock(&dev->dev_lock);
2515         setup_opal_dev(dev);
2516         ret = execute_steps(dev, act_steps, ARRAY_SIZE(act_steps));
2517         mutex_unlock(&dev->dev_lock);
2518
2519         return ret;
2520 }
2521
2522 bool opal_unlock_from_suspend(struct opal_dev *dev)
2523 {
2524         struct opal_suspend_data *suspend;
2525         bool was_failure = false;
2526         int ret = 0;
2527
2528         if (!dev)
2529                 return false;
2530
2531         if (!dev->supported)
2532                 return false;
2533
2534         mutex_lock(&dev->dev_lock);
2535         setup_opal_dev(dev);
2536
2537         list_for_each_entry(suspend, &dev->unlk_lst, node) {
2538                 dev->tsn = 0;
2539                 dev->hsn = 0;
2540
2541                 ret = __opal_lock_unlock(dev, &suspend->unlk);
2542                 if (ret) {
2543                         pr_debug("Failed to unlock LR %hhu with sum %d\n",
2544                                  suspend->unlk.session.opal_key.lr,
2545                                  suspend->unlk.session.sum);
2546                         was_failure = true;
2547                 }
2548
2549                 if (dev->mbr_enabled) {
2550                         ret = __opal_set_mbr_done(dev, &suspend->unlk.session.opal_key);
2551                         if (ret)
2552                                 pr_debug("Failed to set MBR Done in S3 resume\n");
2553                 }
2554         }
2555         mutex_unlock(&dev->dev_lock);
2556
2557         return was_failure;
2558 }
2559 EXPORT_SYMBOL(opal_unlock_from_suspend);
2560
2561 static int opal_read_table(struct opal_dev *dev,
2562                            struct opal_read_write_table *rw_tbl)
2563 {
2564         const struct opal_step read_table_steps[] = {
2565                 { start_admin1LSP_opal_session, &rw_tbl->key },
2566                 { read_table_data, rw_tbl },
2567                 { end_opal_session, }
2568         };
2569         int ret = 0;
2570
2571         if (!rw_tbl->size)
2572                 return ret;
2573
2574         return execute_steps(dev, read_table_steps,
2575                              ARRAY_SIZE(read_table_steps));
2576 }
2577
2578 static int opal_write_table(struct opal_dev *dev,
2579                             struct opal_read_write_table *rw_tbl)
2580 {
2581         const struct opal_step write_table_steps[] = {
2582                 { start_admin1LSP_opal_session, &rw_tbl->key },
2583                 { write_table_data, rw_tbl },
2584                 { end_opal_session, }
2585         };
2586         int ret = 0;
2587
2588         if (!rw_tbl->size)
2589                 return ret;
2590
2591         return execute_steps(dev, write_table_steps,
2592                              ARRAY_SIZE(write_table_steps));
2593 }
2594
2595 static int opal_generic_read_write_table(struct opal_dev *dev,
2596                                          struct opal_read_write_table *rw_tbl)
2597 {
2598         int ret, bit_set;
2599
2600         mutex_lock(&dev->dev_lock);
2601         setup_opal_dev(dev);
2602
2603         bit_set = fls64(rw_tbl->flags) - 1;
2604         switch (bit_set) {
2605         case OPAL_READ_TABLE:
2606                 ret = opal_read_table(dev, rw_tbl);
2607                 break;
2608         case OPAL_WRITE_TABLE:
2609                 ret = opal_write_table(dev, rw_tbl);
2610                 break;
2611         default:
2612                 pr_debug("Invalid bit set in the flag (%016llx).\n",
2613                          rw_tbl->flags);
2614                 ret = -EINVAL;
2615                 break;
2616         }
2617
2618         mutex_unlock(&dev->dev_lock);
2619
2620         return ret;
2621 }
2622
2623 int sed_ioctl(struct opal_dev *dev, unsigned int cmd, void __user *arg)
2624 {
2625         void *p;
2626         int ret = -ENOTTY;
2627
2628         if (!capable(CAP_SYS_ADMIN))
2629                 return -EACCES;
2630         if (!dev)
2631                 return -ENOTSUPP;
2632         if (!dev->supported)
2633                 return -ENOTSUPP;
2634
2635         p = memdup_user(arg, _IOC_SIZE(cmd));
2636         if (IS_ERR(p))
2637                 return PTR_ERR(p);
2638
2639         switch (cmd) {
2640         case IOC_OPAL_SAVE:
2641                 ret = opal_save(dev, p);
2642                 break;
2643         case IOC_OPAL_LOCK_UNLOCK:
2644                 ret = opal_lock_unlock(dev, p);
2645                 break;
2646         case IOC_OPAL_TAKE_OWNERSHIP:
2647                 ret = opal_take_ownership(dev, p);
2648                 break;
2649         case IOC_OPAL_ACTIVATE_LSP:
2650                 ret = opal_activate_lsp(dev, p);
2651                 break;
2652         case IOC_OPAL_SET_PW:
2653                 ret = opal_set_new_pw(dev, p);
2654                 break;
2655         case IOC_OPAL_ACTIVATE_USR:
2656                 ret = opal_activate_user(dev, p);
2657                 break;
2658         case IOC_OPAL_REVERT_TPR:
2659                 ret = opal_reverttper(dev, p, false);
2660                 break;
2661         case IOC_OPAL_LR_SETUP:
2662                 ret = opal_setup_locking_range(dev, p);
2663                 break;
2664         case IOC_OPAL_ADD_USR_TO_LR:
2665                 ret = opal_add_user_to_lr(dev, p);
2666                 break;
2667         case IOC_OPAL_ENABLE_DISABLE_MBR:
2668                 ret = opal_enable_disable_shadow_mbr(dev, p);
2669                 break;
2670         case IOC_OPAL_MBR_DONE:
2671                 ret = opal_set_mbr_done(dev, p);
2672                 break;
2673         case IOC_OPAL_WRITE_SHADOW_MBR:
2674                 ret = opal_write_shadow_mbr(dev, p);
2675                 break;
2676         case IOC_OPAL_ERASE_LR:
2677                 ret = opal_erase_locking_range(dev, p);
2678                 break;
2679         case IOC_OPAL_SECURE_ERASE_LR:
2680                 ret = opal_secure_erase_locking_range(dev, p);
2681                 break;
2682         case IOC_OPAL_PSID_REVERT_TPR:
2683                 ret = opal_reverttper(dev, p, true);
2684                 break;
2685         case IOC_OPAL_GENERIC_TABLE_RW:
2686                 ret = opal_generic_read_write_table(dev, p);
2687                 break;
2688         default:
2689                 break;
2690         }
2691
2692         kfree(p);
2693         return ret;
2694 }
2695 EXPORT_SYMBOL_GPL(sed_ioctl);