Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm
[platform/kernel/linux-exynos.git] / block / sed-opal.c
1 /*
2  * Copyright © 2016 Intel Corporation
3  *
4  * Authors:
5  *    Scott  Bauer      <scott.bauer@intel.com>
6  *    Rafael Antognolli <rafael.antognolli@intel.com>
7  *
8  * This program is free software; you can redistribute it and/or modify it
9  * under the terms and conditions of the GNU General Public License,
10  * version 2, as published by the Free Software Foundation.
11  *
12  * This program is distributed in the hope it will be useful, but WITHOUT
13  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
14  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
15  * more details.
16  */
17
18 #define pr_fmt(fmt) KBUILD_MODNAME ":OPAL: " fmt
19
20 #include <linux/delay.h>
21 #include <linux/device.h>
22 #include <linux/kernel.h>
23 #include <linux/list.h>
24 #include <linux/genhd.h>
25 #include <linux/slab.h>
26 #include <linux/uaccess.h>
27 #include <uapi/linux/sed-opal.h>
28 #include <linux/sed-opal.h>
29 #include <linux/string.h>
30 #include <linux/kdev_t.h>
31
32 #include "opal_proto.h"
33
34 #define IO_BUFFER_LENGTH 2048
35 #define MAX_TOKS 64
36
37 struct opal_step {
38         int (*fn)(struct opal_dev *dev, void *data);
39         void *data;
40 };
41 typedef int (cont_fn)(struct opal_dev *dev);
42
43 enum opal_atom_width {
44         OPAL_WIDTH_TINY,
45         OPAL_WIDTH_SHORT,
46         OPAL_WIDTH_MEDIUM,
47         OPAL_WIDTH_LONG,
48         OPAL_WIDTH_TOKEN
49 };
50
51 /*
52  * On the parsed response, we don't store again the toks that are already
53  * stored in the response buffer. Instead, for each token, we just store a
54  * pointer to the position in the buffer where the token starts, and the size
55  * of the token in bytes.
56  */
57 struct opal_resp_tok {
58         const u8 *pos;
59         size_t len;
60         enum opal_response_token type;
61         enum opal_atom_width width;
62         union {
63                 u64 u;
64                 s64 s;
65         } stored;
66 };
67
68 /*
69  * From the response header it's not possible to know how many tokens there are
70  * on the payload. So we hardcode that the maximum will be MAX_TOKS, and later
71  * if we start dealing with messages that have more than that, we can increase
72  * this number. This is done to avoid having to make two passes through the
73  * response, the first one counting how many tokens we have and the second one
74  * actually storing the positions.
75  */
76 struct parsed_resp {
77         int num;
78         struct opal_resp_tok toks[MAX_TOKS];
79 };
80
81 struct opal_dev {
82         bool supported;
83         bool mbr_enabled;
84
85         void *data;
86         sec_send_recv *send_recv;
87
88         const struct opal_step *steps;
89         struct mutex dev_lock;
90         u16 comid;
91         u32 hsn;
92         u32 tsn;
93         u64 align;
94         u64 lowest_lba;
95
96         size_t pos;
97         u8 cmd[IO_BUFFER_LENGTH];
98         u8 resp[IO_BUFFER_LENGTH];
99
100         struct parsed_resp parsed;
101         size_t prev_d_len;
102         void *prev_data;
103
104         struct list_head unlk_lst;
105 };
106
107
108 static const u8 opaluid[][OPAL_UID_LENGTH] = {
109         /* users */
110         [OPAL_SMUID_UID] =
111                 { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff },
112         [OPAL_THISSP_UID] =
113                 { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 },
114         [OPAL_ADMINSP_UID] =
115                 { 0x00, 0x00, 0x02, 0x05, 0x00, 0x00, 0x00, 0x01 },
116         [OPAL_LOCKINGSP_UID] =
117                 { 0x00, 0x00, 0x02, 0x05, 0x00, 0x00, 0x00, 0x02 },
118         [OPAL_ENTERPRISE_LOCKINGSP_UID] =
119                 { 0x00, 0x00, 0x02, 0x05, 0x00, 0x01, 0x00, 0x01 },
120         [OPAL_ANYBODY_UID] =
121                 { 0x00, 0x00, 0x00, 0x09, 0x00, 0x00, 0x00, 0x01 },
122         [OPAL_SID_UID] =
123                 { 0x00, 0x00, 0x00, 0x09, 0x00, 0x00, 0x00, 0x06 },
124         [OPAL_ADMIN1_UID] =
125                 { 0x00, 0x00, 0x00, 0x09, 0x00, 0x01, 0x00, 0x01 },
126         [OPAL_USER1_UID] =
127                 { 0x00, 0x00, 0x00, 0x09, 0x00, 0x03, 0x00, 0x01 },
128         [OPAL_USER2_UID] =
129                 { 0x00, 0x00, 0x00, 0x09, 0x00, 0x03, 0x00, 0x02 },
130         [OPAL_PSID_UID] =
131                 { 0x00, 0x00, 0x00, 0x09, 0x00, 0x01, 0xff, 0x01 },
132         [OPAL_ENTERPRISE_BANDMASTER0_UID] =
133                 { 0x00, 0x00, 0x00, 0x09, 0x00, 0x00, 0x80, 0x01 },
134         [OPAL_ENTERPRISE_ERASEMASTER_UID] =
135                 { 0x00, 0x00, 0x00, 0x09, 0x00, 0x00, 0x84, 0x01 },
136
137         /* tables */
138
139         [OPAL_LOCKINGRANGE_GLOBAL] =
140                 { 0x00, 0x00, 0x08, 0x02, 0x00, 0x00, 0x00, 0x01 },
141         [OPAL_LOCKINGRANGE_ACE_RDLOCKED] =
142                 { 0x00, 0x00, 0x00, 0x08, 0x00, 0x03, 0xE0, 0x01 },
143         [OPAL_LOCKINGRANGE_ACE_WRLOCKED] =
144                 { 0x00, 0x00, 0x00, 0x08, 0x00, 0x03, 0xE8, 0x01 },
145         [OPAL_MBRCONTROL] =
146                 { 0x00, 0x00, 0x08, 0x03, 0x00, 0x00, 0x00, 0x01 },
147         [OPAL_MBR] =
148                 { 0x00, 0x00, 0x08, 0x04, 0x00, 0x00, 0x00, 0x00 },
149         [OPAL_AUTHORITY_TABLE] =
150                 { 0x00, 0x00, 0x00, 0x09, 0x00, 0x00, 0x00, 0x00},
151         [OPAL_C_PIN_TABLE] =
152                 { 0x00, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0x00},
153         [OPAL_LOCKING_INFO_TABLE] =
154                 { 0x00, 0x00, 0x08, 0x01, 0x00, 0x00, 0x00, 0x01 },
155         [OPAL_ENTERPRISE_LOCKING_INFO_TABLE] =
156                 { 0x00, 0x00, 0x08, 0x01, 0x00, 0x00, 0x00, 0x00 },
157
158         /* C_PIN_TABLE object ID's */
159
160         [OPAL_C_PIN_MSID] =
161                 { 0x00, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x84, 0x02},
162         [OPAL_C_PIN_SID] =
163                 { 0x00, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0x01},
164         [OPAL_C_PIN_ADMIN1] =
165                 { 0x00, 0x00, 0x00, 0x0B, 0x00, 0x01, 0x00, 0x01},
166
167         /* half UID's (only first 4 bytes used) */
168
169         [OPAL_HALF_UID_AUTHORITY_OBJ_REF] =
170                 { 0x00, 0x00, 0x0C, 0x05, 0xff, 0xff, 0xff, 0xff },
171         [OPAL_HALF_UID_BOOLEAN_ACE] =
172                 { 0x00, 0x00, 0x04, 0x0E, 0xff, 0xff, 0xff, 0xff },
173
174         /* special value for omitted optional parameter */
175         [OPAL_UID_HEXFF] =
176                 { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff},
177 };
178
179 /*
180  * TCG Storage SSC Methods.
181  * Derived from: TCG_Storage_Architecture_Core_Spec_v2.01_r1.00
182  * Section: 6.3 Assigned UIDs
183  */
184 static const u8 opalmethod[][OPAL_UID_LENGTH] = {
185         [OPAL_PROPERTIES] =
186                 { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0x01 },
187         [OPAL_STARTSESSION] =
188                 { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0x02 },
189         [OPAL_REVERT] =
190                 { 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x02, 0x02 },
191         [OPAL_ACTIVATE] =
192                 { 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x02, 0x03 },
193         [OPAL_EGET] =
194                 { 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x06 },
195         [OPAL_ESET] =
196                 { 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x07 },
197         [OPAL_NEXT] =
198                 { 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x08 },
199         [OPAL_EAUTHENTICATE] =
200                 { 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x0c },
201         [OPAL_GETACL] =
202                 { 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x0d },
203         [OPAL_GENKEY] =
204                 { 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x10 },
205         [OPAL_REVERTSP] =
206                 { 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x11 },
207         [OPAL_GET] =
208                 { 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x16 },
209         [OPAL_SET] =
210                 { 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x17 },
211         [OPAL_AUTHENTICATE] =
212                 { 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x1c },
213         [OPAL_RANDOM] =
214                 { 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x06, 0x01 },
215         [OPAL_ERASE] =
216                 { 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x08, 0x03 },
217 };
218
219 static int end_opal_session_error(struct opal_dev *dev);
220
221 struct opal_suspend_data {
222         struct opal_lock_unlock unlk;
223         u8 lr;
224         struct list_head node;
225 };
226
227 /*
228  * Derived from:
229  * TCG_Storage_Architecture_Core_Spec_v2.01_r1.00
230  * Section: 5.1.5 Method Status Codes
231  */
232 static const char * const opal_errors[] = {
233         "Success",
234         "Not Authorized",
235         "Unknown Error",
236         "SP Busy",
237         "SP Failed",
238         "SP Disabled",
239         "SP Frozen",
240         "No Sessions Available",
241         "Uniqueness Conflict",
242         "Insufficient Space",
243         "Insufficient Rows",
244         "Invalid Function",
245         "Invalid Parameter",
246         "Invalid Reference",
247         "Unknown Error",
248         "TPER Malfunction",
249         "Transaction Failure",
250         "Response Overflow",
251         "Authority Locked Out",
252 };
253
254 static const char *opal_error_to_human(int error)
255 {
256         if (error == 0x3f)
257                 return "Failed";
258
259         if (error >= ARRAY_SIZE(opal_errors) || error < 0)
260                 return "Unknown Error";
261
262         return opal_errors[error];
263 }
264
265 static void print_buffer(const u8 *ptr, u32 length)
266 {
267 #ifdef DEBUG
268         print_hex_dump_bytes("OPAL: ", DUMP_PREFIX_OFFSET, ptr, length);
269         pr_debug("\n");
270 #endif
271 }
272
273 static bool check_tper(const void *data)
274 {
275         const struct d0_tper_features *tper = data;
276         u8 flags = tper->supported_features;
277
278         if (!(flags & TPER_SYNC_SUPPORTED)) {
279                 pr_debug("TPer sync not supported. flags = %d\n",
280                          tper->supported_features);
281                 return false;
282         }
283
284         return true;
285 }
286
287 static bool check_mbrenabled(const void *data)
288 {
289         const struct d0_locking_features *lfeat = data;
290         u8 sup_feat = lfeat->supported_features;
291
292         return !!(sup_feat & MBR_ENABLED_MASK);
293 }
294
295 static bool check_sum(const void *data)
296 {
297         const struct d0_single_user_mode *sum = data;
298         u32 nlo = be32_to_cpu(sum->num_locking_objects);
299
300         if (nlo == 0) {
301                 pr_debug("Need at least one locking object.\n");
302                 return false;
303         }
304
305         pr_debug("Number of locking objects: %d\n", nlo);
306
307         return true;
308 }
309
310 static u16 get_comid_v100(const void *data)
311 {
312         const struct d0_opal_v100 *v100 = data;
313
314         return be16_to_cpu(v100->baseComID);
315 }
316
317 static u16 get_comid_v200(const void *data)
318 {
319         const struct d0_opal_v200 *v200 = data;
320
321         return be16_to_cpu(v200->baseComID);
322 }
323
324 static int opal_send_cmd(struct opal_dev *dev)
325 {
326         return dev->send_recv(dev->data, dev->comid, TCG_SECP_01,
327                               dev->cmd, IO_BUFFER_LENGTH,
328                               true);
329 }
330
331 static int opal_recv_cmd(struct opal_dev *dev)
332 {
333         return dev->send_recv(dev->data, dev->comid, TCG_SECP_01,
334                               dev->resp, IO_BUFFER_LENGTH,
335                               false);
336 }
337
338 static int opal_recv_check(struct opal_dev *dev)
339 {
340         size_t buflen = IO_BUFFER_LENGTH;
341         void *buffer = dev->resp;
342         struct opal_header *hdr = buffer;
343         int ret;
344
345         do {
346                 pr_debug("Sent OPAL command: outstanding=%d, minTransfer=%d\n",
347                          hdr->cp.outstandingData,
348                          hdr->cp.minTransfer);
349
350                 if (hdr->cp.outstandingData == 0 ||
351                     hdr->cp.minTransfer != 0)
352                         return 0;
353
354                 memset(buffer, 0, buflen);
355                 ret = opal_recv_cmd(dev);
356         } while (!ret);
357
358         return ret;
359 }
360
361 static int opal_send_recv(struct opal_dev *dev, cont_fn *cont)
362 {
363         int ret;
364
365         ret = opal_send_cmd(dev);
366         if (ret)
367                 return ret;
368         ret = opal_recv_cmd(dev);
369         if (ret)
370                 return ret;
371         ret = opal_recv_check(dev);
372         if (ret)
373                 return ret;
374         return cont(dev);
375 }
376
377 static void check_geometry(struct opal_dev *dev, const void *data)
378 {
379         const struct d0_geometry_features *geo = data;
380
381         dev->align = geo->alignment_granularity;
382         dev->lowest_lba = geo->lowest_aligned_lba;
383 }
384
385 static int next(struct opal_dev *dev)
386 {
387         const struct opal_step *step;
388         int state = 0, error = 0;
389
390         do {
391                 step = &dev->steps[state];
392                 if (!step->fn)
393                         break;
394
395                 error = step->fn(dev, step->data);
396                 if (error) {
397                         pr_debug("Error on step function: %d with error %d: %s\n",
398                                  state, error,
399                                  opal_error_to_human(error));
400
401                         /* For each OPAL command we do a discovery0 then we
402                          * start some sort of session.
403                          * If we haven't passed state 1 then there was an error
404                          * on discovery0 or during the attempt to start a
405                          * session. Therefore we shouldn't attempt to terminate
406                          * a session, as one has not yet been created.
407                          */
408                         if (state > 1) {
409                                 end_opal_session_error(dev);
410                                 return error;
411                         }
412
413                 }
414                 state++;
415         } while (!error);
416
417         return error;
418 }
419
420 static int opal_discovery0_end(struct opal_dev *dev)
421 {
422         bool found_com_id = false, supported = true, single_user = false;
423         const struct d0_header *hdr = (struct d0_header *)dev->resp;
424         const u8 *epos = dev->resp, *cpos = dev->resp;
425         u16 comid = 0;
426         u32 hlen = be32_to_cpu(hdr->length);
427
428         print_buffer(dev->resp, hlen);
429         dev->mbr_enabled = false;
430
431         if (hlen > IO_BUFFER_LENGTH - sizeof(*hdr)) {
432                 pr_debug("Discovery length overflows buffer (%zu+%u)/%u\n",
433                          sizeof(*hdr), hlen, IO_BUFFER_LENGTH);
434                 return -EFAULT;
435         }
436
437         epos += hlen; /* end of buffer */
438         cpos += sizeof(*hdr); /* current position on buffer */
439
440         while (cpos < epos && supported) {
441                 const struct d0_features *body =
442                         (const struct d0_features *)cpos;
443
444                 switch (be16_to_cpu(body->code)) {
445                 case FC_TPER:
446                         supported = check_tper(body->features);
447                         break;
448                 case FC_SINGLEUSER:
449                         single_user = check_sum(body->features);
450                         break;
451                 case FC_GEOMETRY:
452                         check_geometry(dev, body);
453                         break;
454                 case FC_LOCKING:
455                         dev->mbr_enabled = check_mbrenabled(body->features);
456                         break;
457                 case FC_ENTERPRISE:
458                 case FC_DATASTORE:
459                         /* some ignored properties */
460                         pr_debug("Found OPAL feature description: %d\n",
461                                  be16_to_cpu(body->code));
462                         break;
463                 case FC_OPALV100:
464                         comid = get_comid_v100(body->features);
465                         found_com_id = true;
466                         break;
467                 case FC_OPALV200:
468                         comid = get_comid_v200(body->features);
469                         found_com_id = true;
470                         break;
471                 case 0xbfff ... 0xffff:
472                         /* vendor specific, just ignore */
473                         break;
474                 default:
475                         pr_debug("OPAL Unknown feature: %d\n",
476                                  be16_to_cpu(body->code));
477
478                 }
479                 cpos += body->length + 4;
480         }
481
482         if (!supported) {
483                 pr_debug("This device is not Opal enabled. Not Supported!\n");
484                 return -EOPNOTSUPP;
485         }
486
487         if (!single_user)
488                 pr_debug("Device doesn't support single user mode\n");
489
490
491         if (!found_com_id) {
492                 pr_debug("Could not find OPAL comid for device. Returning early\n");
493                 return -EOPNOTSUPP;;
494         }
495
496         dev->comid = comid;
497
498         return 0;
499 }
500
501 static int opal_discovery0(struct opal_dev *dev, void *data)
502 {
503         int ret;
504
505         memset(dev->resp, 0, IO_BUFFER_LENGTH);
506         dev->comid = OPAL_DISCOVERY_COMID;
507         ret = opal_recv_cmd(dev);
508         if (ret)
509                 return ret;
510         return opal_discovery0_end(dev);
511 }
512
513 static void add_token_u8(int *err, struct opal_dev *cmd, u8 tok)
514 {
515         if (*err)
516                 return;
517         if (cmd->pos >= IO_BUFFER_LENGTH - 1) {
518                 pr_debug("Error adding u8: end of buffer.\n");
519                 *err = -ERANGE;
520                 return;
521         }
522         cmd->cmd[cmd->pos++] = tok;
523 }
524
525 static void add_short_atom_header(struct opal_dev *cmd, bool bytestring,
526                                   bool has_sign, int len)
527 {
528         u8 atom;
529         int err = 0;
530
531         atom = SHORT_ATOM_ID;
532         atom |= bytestring ? SHORT_ATOM_BYTESTRING : 0;
533         atom |= has_sign ? SHORT_ATOM_SIGNED : 0;
534         atom |= len & SHORT_ATOM_LEN_MASK;
535
536         add_token_u8(&err, cmd, atom);
537 }
538
539 static void add_medium_atom_header(struct opal_dev *cmd, bool bytestring,
540                                    bool has_sign, int len)
541 {
542         u8 header0;
543
544         header0 = MEDIUM_ATOM_ID;
545         header0 |= bytestring ? MEDIUM_ATOM_BYTESTRING : 0;
546         header0 |= has_sign ? MEDIUM_ATOM_SIGNED : 0;
547         header0 |= (len >> 8) & MEDIUM_ATOM_LEN_MASK;
548         cmd->cmd[cmd->pos++] = header0;
549         cmd->cmd[cmd->pos++] = len;
550 }
551
552 static void add_token_u64(int *err, struct opal_dev *cmd, u64 number)
553 {
554
555         size_t len;
556         int msb;
557         u8 n;
558
559         if (!(number & ~TINY_ATOM_DATA_MASK)) {
560                 add_token_u8(err, cmd, number);
561                 return;
562         }
563
564         msb = fls(number);
565         len = DIV_ROUND_UP(msb, 4);
566
567         if (cmd->pos >= IO_BUFFER_LENGTH - len - 1) {
568                 pr_debug("Error adding u64: end of buffer.\n");
569                 *err = -ERANGE;
570                 return;
571         }
572         add_short_atom_header(cmd, false, false, len);
573         while (len--) {
574                 n = number >> (len * 8);
575                 add_token_u8(err, cmd, n);
576         }
577 }
578
579 static void add_token_bytestring(int *err, struct opal_dev *cmd,
580                                  const u8 *bytestring, size_t len)
581 {
582         size_t header_len = 1;
583         bool is_short_atom = true;
584
585         if (*err)
586                 return;
587
588         if (len & ~SHORT_ATOM_LEN_MASK) {
589                 header_len = 2;
590                 is_short_atom = false;
591         }
592
593         if (len >= IO_BUFFER_LENGTH - cmd->pos - header_len) {
594                 pr_debug("Error adding bytestring: end of buffer.\n");
595                 *err = -ERANGE;
596                 return;
597         }
598
599         if (is_short_atom)
600                 add_short_atom_header(cmd, true, false, len);
601         else
602                 add_medium_atom_header(cmd, true, false, len);
603
604         memcpy(&cmd->cmd[cmd->pos], bytestring, len);
605         cmd->pos += len;
606
607 }
608
609 static int build_locking_range(u8 *buffer, size_t length, u8 lr)
610 {
611         if (length > OPAL_UID_LENGTH) {
612                 pr_debug("Can't build locking range. Length OOB\n");
613                 return -ERANGE;
614         }
615
616         memcpy(buffer, opaluid[OPAL_LOCKINGRANGE_GLOBAL], OPAL_UID_LENGTH);
617
618         if (lr == 0)
619                 return 0;
620         buffer[5] = LOCKING_RANGE_NON_GLOBAL;
621         buffer[7] = lr;
622
623         return 0;
624 }
625
626 static int build_locking_user(u8 *buffer, size_t length, u8 lr)
627 {
628         if (length > OPAL_UID_LENGTH) {
629                 pr_debug("Can't build locking range user, Length OOB\n");
630                 return -ERANGE;
631         }
632
633         memcpy(buffer, opaluid[OPAL_USER1_UID], OPAL_UID_LENGTH);
634
635         buffer[7] = lr + 1;
636
637         return 0;
638 }
639
640 static void set_comid(struct opal_dev *cmd, u16 comid)
641 {
642         struct opal_header *hdr = (struct opal_header *)cmd->cmd;
643
644         hdr->cp.extendedComID[0] = comid >> 8;
645         hdr->cp.extendedComID[1] = comid;
646         hdr->cp.extendedComID[2] = 0;
647         hdr->cp.extendedComID[3] = 0;
648 }
649
650 static int cmd_finalize(struct opal_dev *cmd, u32 hsn, u32 tsn)
651 {
652         struct opal_header *hdr;
653         int err = 0;
654
655         add_token_u8(&err, cmd, OPAL_ENDOFDATA);
656         add_token_u8(&err, cmd, OPAL_STARTLIST);
657         add_token_u8(&err, cmd, 0);
658         add_token_u8(&err, cmd, 0);
659         add_token_u8(&err, cmd, 0);
660         add_token_u8(&err, cmd, OPAL_ENDLIST);
661
662         if (err) {
663                 pr_debug("Error finalizing command.\n");
664                 return -EFAULT;
665         }
666
667         hdr = (struct opal_header *) cmd->cmd;
668
669         hdr->pkt.tsn = cpu_to_be32(tsn);
670         hdr->pkt.hsn = cpu_to_be32(hsn);
671
672         hdr->subpkt.length = cpu_to_be32(cmd->pos - sizeof(*hdr));
673         while (cmd->pos % 4) {
674                 if (cmd->pos >= IO_BUFFER_LENGTH) {
675                         pr_debug("Error: Buffer overrun\n");
676                         return -ERANGE;
677                 }
678                 cmd->cmd[cmd->pos++] = 0;
679         }
680         hdr->pkt.length = cpu_to_be32(cmd->pos - sizeof(hdr->cp) -
681                                       sizeof(hdr->pkt));
682         hdr->cp.length = cpu_to_be32(cmd->pos - sizeof(hdr->cp));
683
684         return 0;
685 }
686
687 static const struct opal_resp_tok *response_get_token(
688                                 const struct parsed_resp *resp,
689                                 int n)
690 {
691         const struct opal_resp_tok *tok;
692
693         if (n >= resp->num) {
694                 pr_debug("Token number doesn't exist: %d, resp: %d\n",
695                          n, resp->num);
696                 return ERR_PTR(-EINVAL);
697         }
698
699         tok = &resp->toks[n];
700         if (tok->len == 0) {
701                 pr_debug("Token length must be non-zero\n");
702                 return ERR_PTR(-EINVAL);
703         }
704
705         return tok;
706 }
707
708 static ssize_t response_parse_tiny(struct opal_resp_tok *tok,
709                                    const u8 *pos)
710 {
711         tok->pos = pos;
712         tok->len = 1;
713         tok->width = OPAL_WIDTH_TINY;
714
715         if (pos[0] & TINY_ATOM_SIGNED) {
716                 tok->type = OPAL_DTA_TOKENID_SINT;
717         } else {
718                 tok->type = OPAL_DTA_TOKENID_UINT;
719                 tok->stored.u = pos[0] & 0x3f;
720         }
721
722         return tok->len;
723 }
724
725 static ssize_t response_parse_short(struct opal_resp_tok *tok,
726                                     const u8 *pos)
727 {
728         tok->pos = pos;
729         tok->len = (pos[0] & SHORT_ATOM_LEN_MASK) + 1;
730         tok->width = OPAL_WIDTH_SHORT;
731
732         if (pos[0] & SHORT_ATOM_BYTESTRING) {
733                 tok->type = OPAL_DTA_TOKENID_BYTESTRING;
734         } else if (pos[0] & SHORT_ATOM_SIGNED) {
735                 tok->type = OPAL_DTA_TOKENID_SINT;
736         } else {
737                 u64 u_integer = 0;
738                 ssize_t i, b = 0;
739
740                 tok->type = OPAL_DTA_TOKENID_UINT;
741                 if (tok->len > 9) {
742                         pr_debug("uint64 with more than 8 bytes\n");
743                         return -EINVAL;
744                 }
745                 for (i = tok->len - 1; i > 0; i--) {
746                         u_integer |= ((u64)pos[i] << (8 * b));
747                         b++;
748                 }
749                 tok->stored.u = u_integer;
750         }
751
752         return tok->len;
753 }
754
755 static ssize_t response_parse_medium(struct opal_resp_tok *tok,
756                                      const u8 *pos)
757 {
758         tok->pos = pos;
759         tok->len = (((pos[0] & MEDIUM_ATOM_LEN_MASK) << 8) | pos[1]) + 2;
760         tok->width = OPAL_WIDTH_MEDIUM;
761
762         if (pos[0] & MEDIUM_ATOM_BYTESTRING)
763                 tok->type = OPAL_DTA_TOKENID_BYTESTRING;
764         else if (pos[0] & MEDIUM_ATOM_SIGNED)
765                 tok->type = OPAL_DTA_TOKENID_SINT;
766         else
767                 tok->type = OPAL_DTA_TOKENID_UINT;
768
769         return tok->len;
770 }
771
772 static ssize_t response_parse_long(struct opal_resp_tok *tok,
773                                    const u8 *pos)
774 {
775         tok->pos = pos;
776         tok->len = ((pos[1] << 16) | (pos[2] << 8) | pos[3]) + 4;
777         tok->width = OPAL_WIDTH_LONG;
778
779         if (pos[0] & LONG_ATOM_BYTESTRING)
780                 tok->type = OPAL_DTA_TOKENID_BYTESTRING;
781         else if (pos[0] & LONG_ATOM_SIGNED)
782                 tok->type = OPAL_DTA_TOKENID_SINT;
783         else
784                 tok->type = OPAL_DTA_TOKENID_UINT;
785
786         return tok->len;
787 }
788
789 static ssize_t response_parse_token(struct opal_resp_tok *tok,
790                                     const u8 *pos)
791 {
792         tok->pos = pos;
793         tok->len = 1;
794         tok->type = OPAL_DTA_TOKENID_TOKEN;
795         tok->width = OPAL_WIDTH_TOKEN;
796
797         return tok->len;
798 }
799
800 static int response_parse(const u8 *buf, size_t length,
801                           struct parsed_resp *resp)
802 {
803         const struct opal_header *hdr;
804         struct opal_resp_tok *iter;
805         int num_entries = 0;
806         int total;
807         ssize_t token_length;
808         const u8 *pos;
809         u32 clen, plen, slen;
810
811         if (!buf)
812                 return -EFAULT;
813
814         if (!resp)
815                 return -EFAULT;
816
817         hdr = (struct opal_header *)buf;
818         pos = buf;
819         pos += sizeof(*hdr);
820
821         clen = be32_to_cpu(hdr->cp.length);
822         plen = be32_to_cpu(hdr->pkt.length);
823         slen = be32_to_cpu(hdr->subpkt.length);
824         pr_debug("Response size: cp: %u, pkt: %u, subpkt: %u\n",
825                  clen, plen, slen);
826
827         if (clen == 0 || plen == 0 || slen == 0 ||
828             slen > IO_BUFFER_LENGTH - sizeof(*hdr)) {
829                 pr_debug("Bad header length. cp: %u, pkt: %u, subpkt: %u\n",
830                          clen, plen, slen);
831                 print_buffer(pos, sizeof(*hdr));
832                 return -EINVAL;
833         }
834
835         if (pos > buf + length)
836                 return -EFAULT;
837
838         iter = resp->toks;
839         total = slen;
840         print_buffer(pos, total);
841         while (total > 0) {
842                 if (pos[0] <= TINY_ATOM_BYTE) /* tiny atom */
843                         token_length = response_parse_tiny(iter, pos);
844                 else if (pos[0] <= SHORT_ATOM_BYTE) /* short atom */
845                         token_length = response_parse_short(iter, pos);
846                 else if (pos[0] <= MEDIUM_ATOM_BYTE) /* medium atom */
847                         token_length = response_parse_medium(iter, pos);
848                 else if (pos[0] <= LONG_ATOM_BYTE) /* long atom */
849                         token_length = response_parse_long(iter, pos);
850                 else /* TOKEN */
851                         token_length = response_parse_token(iter, pos);
852
853                 if (token_length < 0)
854                         return token_length;
855
856                 pos += token_length;
857                 total -= token_length;
858                 iter++;
859                 num_entries++;
860         }
861
862         if (num_entries == 0) {
863                 pr_debug("Couldn't parse response.\n");
864                 return -EINVAL;
865         }
866         resp->num = num_entries;
867
868         return 0;
869 }
870
871 static size_t response_get_string(const struct parsed_resp *resp, int n,
872                                   const char **store)
873 {
874         *store = NULL;
875         if (!resp) {
876                 pr_debug("Response is NULL\n");
877                 return 0;
878         }
879
880         if (n > resp->num) {
881                 pr_debug("Response has %d tokens. Can't access %d\n",
882                          resp->num, n);
883                 return 0;
884         }
885
886         if (resp->toks[n].type != OPAL_DTA_TOKENID_BYTESTRING) {
887                 pr_debug("Token is not a byte string!\n");
888                 return 0;
889         }
890
891         *store = resp->toks[n].pos + 1;
892         return resp->toks[n].len - 1;
893 }
894
895 static u64 response_get_u64(const struct parsed_resp *resp, int n)
896 {
897         if (!resp) {
898                 pr_debug("Response is NULL\n");
899                 return 0;
900         }
901
902         if (n > resp->num) {
903                 pr_debug("Response has %d tokens. Can't access %d\n",
904                          resp->num, n);
905                 return 0;
906         }
907
908         if (resp->toks[n].type != OPAL_DTA_TOKENID_UINT) {
909                 pr_debug("Token is not unsigned it: %d\n",
910                          resp->toks[n].type);
911                 return 0;
912         }
913
914         if (!(resp->toks[n].width == OPAL_WIDTH_TINY ||
915               resp->toks[n].width == OPAL_WIDTH_SHORT)) {
916                 pr_debug("Atom is not short or tiny: %d\n",
917                          resp->toks[n].width);
918                 return 0;
919         }
920
921         return resp->toks[n].stored.u;
922 }
923
924 static bool response_token_matches(const struct opal_resp_tok *token, u8 match)
925 {
926         if (IS_ERR(token) ||
927             token->type != OPAL_DTA_TOKENID_TOKEN ||
928             token->pos[0] != match)
929                 return false;
930         return true;
931 }
932
933 static u8 response_status(const struct parsed_resp *resp)
934 {
935         const struct opal_resp_tok *tok;
936
937         tok = response_get_token(resp, 0);
938         if (response_token_matches(tok, OPAL_ENDOFSESSION))
939                 return 0;
940
941         if (resp->num < 5)
942                 return DTAERROR_NO_METHOD_STATUS;
943
944         tok = response_get_token(resp, resp->num - 5);
945         if (!response_token_matches(tok, OPAL_STARTLIST))
946                 return DTAERROR_NO_METHOD_STATUS;
947
948         tok = response_get_token(resp, resp->num - 1);
949         if (!response_token_matches(tok, OPAL_ENDLIST))
950                 return DTAERROR_NO_METHOD_STATUS;
951
952         return response_get_u64(resp, resp->num - 4);
953 }
954
955 /* Parses and checks for errors */
956 static int parse_and_check_status(struct opal_dev *dev)
957 {
958         int error;
959
960         print_buffer(dev->cmd, dev->pos);
961
962         error = response_parse(dev->resp, IO_BUFFER_LENGTH, &dev->parsed);
963         if (error) {
964                 pr_debug("Couldn't parse response.\n");
965                 return error;
966         }
967
968         return response_status(&dev->parsed);
969 }
970
971 static void clear_opal_cmd(struct opal_dev *dev)
972 {
973         dev->pos = sizeof(struct opal_header);
974         memset(dev->cmd, 0, IO_BUFFER_LENGTH);
975 }
976
977 static int start_opal_session_cont(struct opal_dev *dev)
978 {
979         u32 hsn, tsn;
980         int error = 0;
981
982         error = parse_and_check_status(dev);
983         if (error)
984                 return error;
985
986         hsn = response_get_u64(&dev->parsed, 4);
987         tsn = response_get_u64(&dev->parsed, 5);
988
989         if (hsn == 0 && tsn == 0) {
990                 pr_debug("Couldn't authenticate session\n");
991                 return -EPERM;
992         }
993
994         dev->hsn = hsn;
995         dev->tsn = tsn;
996         return 0;
997 }
998
999 static void add_suspend_info(struct opal_dev *dev,
1000                              struct opal_suspend_data *sus)
1001 {
1002         struct opal_suspend_data *iter;
1003
1004         list_for_each_entry(iter, &dev->unlk_lst, node) {
1005                 if (iter->lr == sus->lr) {
1006                         list_del(&iter->node);
1007                         kfree(iter);
1008                         break;
1009                 }
1010         }
1011         list_add_tail(&sus->node, &dev->unlk_lst);
1012 }
1013
1014 static int end_session_cont(struct opal_dev *dev)
1015 {
1016         dev->hsn = 0;
1017         dev->tsn = 0;
1018         return parse_and_check_status(dev);
1019 }
1020
1021 static int finalize_and_send(struct opal_dev *dev, cont_fn cont)
1022 {
1023         int ret;
1024
1025         ret = cmd_finalize(dev, dev->hsn, dev->tsn);
1026         if (ret) {
1027                 pr_debug("Error finalizing command buffer: %d\n", ret);
1028                 return ret;
1029         }
1030
1031         print_buffer(dev->cmd, dev->pos);
1032
1033         return opal_send_recv(dev, cont);
1034 }
1035
1036 static int gen_key(struct opal_dev *dev, void *data)
1037 {
1038         u8 uid[OPAL_UID_LENGTH];
1039         int err = 0;
1040
1041         clear_opal_cmd(dev);
1042         set_comid(dev, dev->comid);
1043
1044         memcpy(uid, dev->prev_data, min(sizeof(uid), dev->prev_d_len));
1045         kfree(dev->prev_data);
1046         dev->prev_data = NULL;
1047
1048         add_token_u8(&err, dev, OPAL_CALL);
1049         add_token_bytestring(&err, dev, uid, OPAL_UID_LENGTH);
1050         add_token_bytestring(&err, dev, opalmethod[OPAL_GENKEY],
1051                              OPAL_UID_LENGTH);
1052         add_token_u8(&err, dev, OPAL_STARTLIST);
1053         add_token_u8(&err, dev, OPAL_ENDLIST);
1054
1055         if (err) {
1056                 pr_debug("Error building gen key command\n");
1057                 return err;
1058
1059         }
1060         return finalize_and_send(dev, parse_and_check_status);
1061 }
1062
1063 static int get_active_key_cont(struct opal_dev *dev)
1064 {
1065         const char *activekey;
1066         size_t keylen;
1067         int error = 0;
1068
1069         error = parse_and_check_status(dev);
1070         if (error)
1071                 return error;
1072         keylen = response_get_string(&dev->parsed, 4, &activekey);
1073         if (!activekey) {
1074                 pr_debug("%s: Couldn't extract the Activekey from the response\n",
1075                          __func__);
1076                 return OPAL_INVAL_PARAM;
1077         }
1078         dev->prev_data = kmemdup(activekey, keylen, GFP_KERNEL);
1079
1080         if (!dev->prev_data)
1081                 return -ENOMEM;
1082
1083         dev->prev_d_len = keylen;
1084
1085         return 0;
1086 }
1087
1088 static int get_active_key(struct opal_dev *dev, void *data)
1089 {
1090         u8 uid[OPAL_UID_LENGTH];
1091         int err = 0;
1092         u8 *lr = data;
1093
1094         clear_opal_cmd(dev);
1095         set_comid(dev, dev->comid);
1096
1097         err = build_locking_range(uid, sizeof(uid), *lr);
1098         if (err)
1099                 return err;
1100
1101         err = 0;
1102         add_token_u8(&err, dev, OPAL_CALL);
1103         add_token_bytestring(&err, dev, uid, OPAL_UID_LENGTH);
1104         add_token_bytestring(&err, dev, opalmethod[OPAL_GET], OPAL_UID_LENGTH);
1105         add_token_u8(&err, dev, OPAL_STARTLIST);
1106         add_token_u8(&err, dev, OPAL_STARTLIST);
1107         add_token_u8(&err, dev, OPAL_STARTNAME);
1108         add_token_u8(&err, dev, 3); /* startCloumn */
1109         add_token_u8(&err, dev, 10); /* ActiveKey */
1110         add_token_u8(&err, dev, OPAL_ENDNAME);
1111         add_token_u8(&err, dev, OPAL_STARTNAME);
1112         add_token_u8(&err, dev, 4); /* endColumn */
1113         add_token_u8(&err, dev, 10); /* ActiveKey */
1114         add_token_u8(&err, dev, OPAL_ENDNAME);
1115         add_token_u8(&err, dev, OPAL_ENDLIST);
1116         add_token_u8(&err, dev, OPAL_ENDLIST);
1117         if (err) {
1118                 pr_debug("Error building get active key command\n");
1119                 return err;
1120         }
1121
1122         return finalize_and_send(dev, get_active_key_cont);
1123 }
1124
1125 static int generic_lr_enable_disable(struct opal_dev *dev,
1126                                      u8 *uid, bool rle, bool wle,
1127                                      bool rl, bool wl)
1128 {
1129         int err = 0;
1130
1131         add_token_u8(&err, dev, OPAL_CALL);
1132         add_token_bytestring(&err, dev, uid, OPAL_UID_LENGTH);
1133         add_token_bytestring(&err, dev, opalmethod[OPAL_SET], OPAL_UID_LENGTH);
1134
1135         add_token_u8(&err, dev, OPAL_STARTLIST);
1136         add_token_u8(&err, dev, OPAL_STARTNAME);
1137         add_token_u8(&err, dev, OPAL_VALUES);
1138         add_token_u8(&err, dev, OPAL_STARTLIST);
1139
1140         add_token_u8(&err, dev, OPAL_STARTNAME);
1141         add_token_u8(&err, dev, 5); /* ReadLockEnabled */
1142         add_token_u8(&err, dev, rle);
1143         add_token_u8(&err, dev, OPAL_ENDNAME);
1144
1145         add_token_u8(&err, dev, OPAL_STARTNAME);
1146         add_token_u8(&err, dev, 6); /* WriteLockEnabled */
1147         add_token_u8(&err, dev, wle);
1148         add_token_u8(&err, dev, OPAL_ENDNAME);
1149
1150         add_token_u8(&err, dev, OPAL_STARTNAME);
1151         add_token_u8(&err, dev, OPAL_READLOCKED);
1152         add_token_u8(&err, dev, rl);
1153         add_token_u8(&err, dev, OPAL_ENDNAME);
1154
1155         add_token_u8(&err, dev, OPAL_STARTNAME);
1156         add_token_u8(&err, dev, OPAL_WRITELOCKED);
1157         add_token_u8(&err, dev, wl);
1158         add_token_u8(&err, dev, OPAL_ENDNAME);
1159
1160         add_token_u8(&err, dev, OPAL_ENDLIST);
1161         add_token_u8(&err, dev, OPAL_ENDNAME);
1162         add_token_u8(&err, dev, OPAL_ENDLIST);
1163         return err;
1164 }
1165
1166 static inline int enable_global_lr(struct opal_dev *dev, u8 *uid,
1167                                    struct opal_user_lr_setup *setup)
1168 {
1169         int err;
1170
1171         err = generic_lr_enable_disable(dev, uid, !!setup->RLE, !!setup->WLE,
1172                                         0, 0);
1173         if (err)
1174                 pr_debug("Failed to create enable global lr command\n");
1175         return err;
1176 }
1177
1178 static int setup_locking_range(struct opal_dev *dev, void *data)
1179 {
1180         u8 uid[OPAL_UID_LENGTH];
1181         struct opal_user_lr_setup *setup = data;
1182         u8 lr;
1183         int err = 0;
1184
1185         clear_opal_cmd(dev);
1186         set_comid(dev, dev->comid);
1187
1188         lr = setup->session.opal_key.lr;
1189         err = build_locking_range(uid, sizeof(uid), lr);
1190         if (err)
1191                 return err;
1192
1193         if (lr == 0)
1194                 err = enable_global_lr(dev, uid, setup);
1195         else {
1196                 add_token_u8(&err, dev, OPAL_CALL);
1197                 add_token_bytestring(&err, dev, uid, OPAL_UID_LENGTH);
1198                 add_token_bytestring(&err, dev, opalmethod[OPAL_SET],
1199                                      OPAL_UID_LENGTH);
1200
1201                 add_token_u8(&err, dev, OPAL_STARTLIST);
1202                 add_token_u8(&err, dev, OPAL_STARTNAME);
1203                 add_token_u8(&err, dev, OPAL_VALUES);
1204                 add_token_u8(&err, dev, OPAL_STARTLIST);
1205
1206                 add_token_u8(&err, dev, OPAL_STARTNAME);
1207                 add_token_u8(&err, dev, 3); /* Ranges Start */
1208                 add_token_u64(&err, dev, setup->range_start);
1209                 add_token_u8(&err, dev, OPAL_ENDNAME);
1210
1211                 add_token_u8(&err, dev, OPAL_STARTNAME);
1212                 add_token_u8(&err, dev, 4); /* Ranges length */
1213                 add_token_u64(&err, dev, setup->range_length);
1214                 add_token_u8(&err, dev, OPAL_ENDNAME);
1215
1216                 add_token_u8(&err, dev, OPAL_STARTNAME);
1217                 add_token_u8(&err, dev, 5); /*ReadLockEnabled */
1218                 add_token_u64(&err, dev, !!setup->RLE);
1219                 add_token_u8(&err, dev, OPAL_ENDNAME);
1220
1221                 add_token_u8(&err, dev, OPAL_STARTNAME);
1222                 add_token_u8(&err, dev, 6); /*WriteLockEnabled*/
1223                 add_token_u64(&err, dev, !!setup->WLE);
1224                 add_token_u8(&err, dev, OPAL_ENDNAME);
1225
1226                 add_token_u8(&err, dev, OPAL_ENDLIST);
1227                 add_token_u8(&err, dev, OPAL_ENDNAME);
1228                 add_token_u8(&err, dev, OPAL_ENDLIST);
1229
1230         }
1231         if (err) {
1232                 pr_debug("Error building Setup Locking range command.\n");
1233                 return err;
1234
1235         }
1236
1237         return finalize_and_send(dev, parse_and_check_status);
1238 }
1239
1240 static int start_generic_opal_session(struct opal_dev *dev,
1241                                       enum opal_uid auth,
1242                                       enum opal_uid sp_type,
1243                                       const char *key,
1244                                       u8 key_len)
1245 {
1246         u32 hsn;
1247         int err = 0;
1248
1249         if (key == NULL && auth != OPAL_ANYBODY_UID)
1250                 return OPAL_INVAL_PARAM;
1251
1252         clear_opal_cmd(dev);
1253
1254         set_comid(dev, dev->comid);
1255         hsn = GENERIC_HOST_SESSION_NUM;
1256
1257         add_token_u8(&err, dev, OPAL_CALL);
1258         add_token_bytestring(&err, dev, opaluid[OPAL_SMUID_UID],
1259                              OPAL_UID_LENGTH);
1260         add_token_bytestring(&err, dev, opalmethod[OPAL_STARTSESSION],
1261                              OPAL_UID_LENGTH);
1262         add_token_u8(&err, dev, OPAL_STARTLIST);
1263         add_token_u64(&err, dev, hsn);
1264         add_token_bytestring(&err, dev, opaluid[sp_type], OPAL_UID_LENGTH);
1265         add_token_u8(&err, dev, 1);
1266
1267         switch (auth) {
1268         case OPAL_ANYBODY_UID:
1269                 add_token_u8(&err, dev, OPAL_ENDLIST);
1270                 break;
1271         case OPAL_ADMIN1_UID:
1272         case OPAL_SID_UID:
1273                 add_token_u8(&err, dev, OPAL_STARTNAME);
1274                 add_token_u8(&err, dev, 0); /* HostChallenge */
1275                 add_token_bytestring(&err, dev, key, key_len);
1276                 add_token_u8(&err, dev, OPAL_ENDNAME);
1277                 add_token_u8(&err, dev, OPAL_STARTNAME);
1278                 add_token_u8(&err, dev, 3); /* HostSignAuth */
1279                 add_token_bytestring(&err, dev, opaluid[auth],
1280                                      OPAL_UID_LENGTH);
1281                 add_token_u8(&err, dev, OPAL_ENDNAME);
1282                 add_token_u8(&err, dev, OPAL_ENDLIST);
1283                 break;
1284         default:
1285                 pr_debug("Cannot start Admin SP session with auth %d\n", auth);
1286                 return OPAL_INVAL_PARAM;
1287         }
1288
1289         if (err) {
1290                 pr_debug("Error building start adminsp session command.\n");
1291                 return err;
1292         }
1293
1294         return finalize_and_send(dev, start_opal_session_cont);
1295 }
1296
1297 static int start_anybodyASP_opal_session(struct opal_dev *dev, void *data)
1298 {
1299         return start_generic_opal_session(dev, OPAL_ANYBODY_UID,
1300                                           OPAL_ADMINSP_UID, NULL, 0);
1301 }
1302
1303 static int start_SIDASP_opal_session(struct opal_dev *dev, void *data)
1304 {
1305         int ret;
1306         const u8 *key = dev->prev_data;
1307
1308         if (!key) {
1309                 const struct opal_key *okey = data;
1310                 ret = start_generic_opal_session(dev, OPAL_SID_UID,
1311                                                  OPAL_ADMINSP_UID,
1312                                                  okey->key,
1313                                                  okey->key_len);
1314         } else {
1315                 ret = start_generic_opal_session(dev, OPAL_SID_UID,
1316                                                  OPAL_ADMINSP_UID,
1317                                                  key, dev->prev_d_len);
1318                 kfree(key);
1319                 dev->prev_data = NULL;
1320         }
1321         return ret;
1322 }
1323
1324 static int start_admin1LSP_opal_session(struct opal_dev *dev, void *data)
1325 {
1326         struct opal_key *key = data;
1327         return start_generic_opal_session(dev, OPAL_ADMIN1_UID,
1328                                           OPAL_LOCKINGSP_UID,
1329                                           key->key, key->key_len);
1330 }
1331
1332 static int start_auth_opal_session(struct opal_dev *dev, void *data)
1333 {
1334         struct opal_session_info *session = data;
1335         u8 lk_ul_user[OPAL_UID_LENGTH];
1336         size_t keylen = session->opal_key.key_len;
1337         int err = 0;
1338
1339         u8 *key = session->opal_key.key;
1340         u32 hsn = GENERIC_HOST_SESSION_NUM;
1341
1342         clear_opal_cmd(dev);
1343         set_comid(dev, dev->comid);
1344
1345         if (session->sum) {
1346                 err = build_locking_user(lk_ul_user, sizeof(lk_ul_user),
1347                                          session->opal_key.lr);
1348                 if (err)
1349                         return err;
1350
1351         } else if (session->who != OPAL_ADMIN1 && !session->sum) {
1352                 err = build_locking_user(lk_ul_user, sizeof(lk_ul_user),
1353                                          session->who - 1);
1354                 if (err)
1355                         return err;
1356         } else
1357                 memcpy(lk_ul_user, opaluid[OPAL_ADMIN1_UID], OPAL_UID_LENGTH);
1358
1359         add_token_u8(&err, dev, OPAL_CALL);
1360         add_token_bytestring(&err, dev, opaluid[OPAL_SMUID_UID],
1361                              OPAL_UID_LENGTH);
1362         add_token_bytestring(&err, dev, opalmethod[OPAL_STARTSESSION],
1363                              OPAL_UID_LENGTH);
1364
1365         add_token_u8(&err, dev, OPAL_STARTLIST);
1366         add_token_u64(&err, dev, hsn);
1367         add_token_bytestring(&err, dev, opaluid[OPAL_LOCKINGSP_UID],
1368                              OPAL_UID_LENGTH);
1369         add_token_u8(&err, dev, 1);
1370         add_token_u8(&err, dev, OPAL_STARTNAME);
1371         add_token_u8(&err, dev, 0);
1372         add_token_bytestring(&err, dev, key, keylen);
1373         add_token_u8(&err, dev, OPAL_ENDNAME);
1374         add_token_u8(&err, dev, OPAL_STARTNAME);
1375         add_token_u8(&err, dev, 3);
1376         add_token_bytestring(&err, dev, lk_ul_user, OPAL_UID_LENGTH);
1377         add_token_u8(&err, dev, OPAL_ENDNAME);
1378         add_token_u8(&err, dev, OPAL_ENDLIST);
1379
1380         if (err) {
1381                 pr_debug("Error building STARTSESSION command.\n");
1382                 return err;
1383         }
1384
1385         return finalize_and_send(dev, start_opal_session_cont);
1386 }
1387
1388 static int revert_tper(struct opal_dev *dev, void *data)
1389 {
1390         int err = 0;
1391
1392         clear_opal_cmd(dev);
1393         set_comid(dev, dev->comid);
1394
1395         add_token_u8(&err, dev, OPAL_CALL);
1396         add_token_bytestring(&err, dev, opaluid[OPAL_ADMINSP_UID],
1397                              OPAL_UID_LENGTH);
1398         add_token_bytestring(&err, dev, opalmethod[OPAL_REVERT],
1399                              OPAL_UID_LENGTH);
1400         add_token_u8(&err, dev, OPAL_STARTLIST);
1401         add_token_u8(&err, dev, OPAL_ENDLIST);
1402         if (err) {
1403                 pr_debug("Error building REVERT TPER command.\n");
1404                 return err;
1405         }
1406
1407         return finalize_and_send(dev, parse_and_check_status);
1408 }
1409
1410 static int internal_activate_user(struct opal_dev *dev, void *data)
1411 {
1412         struct opal_session_info *session = data;
1413         u8 uid[OPAL_UID_LENGTH];
1414         int err = 0;
1415
1416         clear_opal_cmd(dev);
1417         set_comid(dev, dev->comid);
1418
1419         memcpy(uid, opaluid[OPAL_USER1_UID], OPAL_UID_LENGTH);
1420         uid[7] = session->who;
1421
1422         add_token_u8(&err, dev, OPAL_CALL);
1423         add_token_bytestring(&err, dev, uid, OPAL_UID_LENGTH);
1424         add_token_bytestring(&err, dev, opalmethod[OPAL_SET], OPAL_UID_LENGTH);
1425         add_token_u8(&err, dev, OPAL_STARTLIST);
1426         add_token_u8(&err, dev, OPAL_STARTNAME);
1427         add_token_u8(&err, dev, OPAL_VALUES);
1428         add_token_u8(&err, dev, OPAL_STARTLIST);
1429         add_token_u8(&err, dev, OPAL_STARTNAME);
1430         add_token_u8(&err, dev, 5); /* Enabled */
1431         add_token_u8(&err, dev, OPAL_TRUE);
1432         add_token_u8(&err, dev, OPAL_ENDNAME);
1433         add_token_u8(&err, dev, OPAL_ENDLIST);
1434         add_token_u8(&err, dev, OPAL_ENDNAME);
1435         add_token_u8(&err, dev, OPAL_ENDLIST);
1436
1437         if (err) {
1438                 pr_debug("Error building Activate UserN command.\n");
1439                 return err;
1440         }
1441
1442         return finalize_and_send(dev, parse_and_check_status);
1443 }
1444
1445 static int erase_locking_range(struct opal_dev *dev, void *data)
1446 {
1447         struct opal_session_info *session = data;
1448         u8 uid[OPAL_UID_LENGTH];
1449         int err = 0;
1450
1451         clear_opal_cmd(dev);
1452         set_comid(dev, dev->comid);
1453
1454         if (build_locking_range(uid, sizeof(uid), session->opal_key.lr) < 0)
1455                 return -ERANGE;
1456
1457         add_token_u8(&err, dev, OPAL_CALL);
1458         add_token_bytestring(&err, dev, uid, OPAL_UID_LENGTH);
1459         add_token_bytestring(&err, dev, opalmethod[OPAL_ERASE],
1460                              OPAL_UID_LENGTH);
1461         add_token_u8(&err, dev, OPAL_STARTLIST);
1462         add_token_u8(&err, dev, OPAL_ENDLIST);
1463
1464         if (err) {
1465                 pr_debug("Error building Erase Locking Range Command.\n");
1466                 return err;
1467         }
1468         return finalize_and_send(dev, parse_and_check_status);
1469 }
1470
1471 static int set_mbr_done(struct opal_dev *dev, void *data)
1472 {
1473         u8 *mbr_done_tf = data;
1474         int err = 0;
1475
1476         clear_opal_cmd(dev);
1477         set_comid(dev, dev->comid);
1478
1479         add_token_u8(&err, dev, OPAL_CALL);
1480         add_token_bytestring(&err, dev, opaluid[OPAL_MBRCONTROL],
1481                              OPAL_UID_LENGTH);
1482         add_token_bytestring(&err, dev, opalmethod[OPAL_SET], OPAL_UID_LENGTH);
1483         add_token_u8(&err, dev, OPAL_STARTLIST);
1484         add_token_u8(&err, dev, OPAL_STARTNAME);
1485         add_token_u8(&err, dev, OPAL_VALUES);
1486         add_token_u8(&err, dev, OPAL_STARTLIST);
1487         add_token_u8(&err, dev, OPAL_STARTNAME);
1488         add_token_u8(&err, dev, 2); /* Done */
1489         add_token_u8(&err, dev, *mbr_done_tf); /* Done T or F */
1490         add_token_u8(&err, dev, OPAL_ENDNAME);
1491         add_token_u8(&err, dev, OPAL_ENDLIST);
1492         add_token_u8(&err, dev, OPAL_ENDNAME);
1493         add_token_u8(&err, dev, OPAL_ENDLIST);
1494
1495         if (err) {
1496                 pr_debug("Error Building set MBR Done command\n");
1497                 return err;
1498         }
1499
1500         return finalize_and_send(dev, parse_and_check_status);
1501 }
1502
1503 static int set_mbr_enable_disable(struct opal_dev *dev, void *data)
1504 {
1505         u8 *mbr_en_dis = data;
1506         int err = 0;
1507
1508         clear_opal_cmd(dev);
1509         set_comid(dev, dev->comid);
1510
1511         add_token_u8(&err, dev, OPAL_CALL);
1512         add_token_bytestring(&err, dev, opaluid[OPAL_MBRCONTROL],
1513                              OPAL_UID_LENGTH);
1514         add_token_bytestring(&err, dev, opalmethod[OPAL_SET], OPAL_UID_LENGTH);
1515         add_token_u8(&err, dev, OPAL_STARTLIST);
1516         add_token_u8(&err, dev, OPAL_STARTNAME);
1517         add_token_u8(&err, dev, OPAL_VALUES);
1518         add_token_u8(&err, dev, OPAL_STARTLIST);
1519         add_token_u8(&err, dev, OPAL_STARTNAME);
1520         add_token_u8(&err, dev, 1);
1521         add_token_u8(&err, dev, *mbr_en_dis);
1522         add_token_u8(&err, dev, OPAL_ENDNAME);
1523         add_token_u8(&err, dev, OPAL_ENDLIST);
1524         add_token_u8(&err, dev, OPAL_ENDNAME);
1525         add_token_u8(&err, dev, OPAL_ENDLIST);
1526
1527         if (err) {
1528                 pr_debug("Error Building set MBR done command\n");
1529                 return err;
1530         }
1531
1532         return finalize_and_send(dev, parse_and_check_status);
1533 }
1534
1535 static int generic_pw_cmd(u8 *key, size_t key_len, u8 *cpin_uid,
1536                           struct opal_dev *dev)
1537 {
1538         int err = 0;
1539
1540         clear_opal_cmd(dev);
1541         set_comid(dev, dev->comid);
1542
1543         add_token_u8(&err, dev, OPAL_CALL);
1544         add_token_bytestring(&err, dev, cpin_uid, OPAL_UID_LENGTH);
1545         add_token_bytestring(&err, dev, opalmethod[OPAL_SET],
1546                              OPAL_UID_LENGTH);
1547         add_token_u8(&err, dev, OPAL_STARTLIST);
1548         add_token_u8(&err, dev, OPAL_STARTNAME);
1549         add_token_u8(&err, dev, OPAL_VALUES);
1550         add_token_u8(&err, dev, OPAL_STARTLIST);
1551         add_token_u8(&err, dev, OPAL_STARTNAME);
1552         add_token_u8(&err, dev, 3); /* PIN */
1553         add_token_bytestring(&err, dev, key, key_len);
1554         add_token_u8(&err, dev, OPAL_ENDNAME);
1555         add_token_u8(&err, dev, OPAL_ENDLIST);
1556         add_token_u8(&err, dev, OPAL_ENDNAME);
1557         add_token_u8(&err, dev, OPAL_ENDLIST);
1558
1559         return err;
1560 }
1561
1562 static int set_new_pw(struct opal_dev *dev, void *data)
1563 {
1564         u8 cpin_uid[OPAL_UID_LENGTH];
1565         struct opal_session_info *usr = data;
1566
1567         memcpy(cpin_uid, opaluid[OPAL_C_PIN_ADMIN1], OPAL_UID_LENGTH);
1568
1569         if (usr->who != OPAL_ADMIN1) {
1570                 cpin_uid[5] = 0x03;
1571                 if (usr->sum)
1572                         cpin_uid[7] = usr->opal_key.lr + 1;
1573                 else
1574                         cpin_uid[7] = usr->who;
1575         }
1576
1577         if (generic_pw_cmd(usr->opal_key.key, usr->opal_key.key_len,
1578                            cpin_uid, dev)) {
1579                 pr_debug("Error building set password command.\n");
1580                 return -ERANGE;
1581         }
1582
1583         return finalize_and_send(dev, parse_and_check_status);
1584 }
1585
1586 static int set_sid_cpin_pin(struct opal_dev *dev, void *data)
1587 {
1588         u8 cpin_uid[OPAL_UID_LENGTH];
1589         struct opal_key *key = data;
1590
1591         memcpy(cpin_uid, opaluid[OPAL_C_PIN_SID], OPAL_UID_LENGTH);
1592
1593         if (generic_pw_cmd(key->key, key->key_len, cpin_uid, dev)) {
1594                 pr_debug("Error building Set SID cpin\n");
1595                 return -ERANGE;
1596         }
1597         return finalize_and_send(dev, parse_and_check_status);
1598 }
1599
1600 static int add_user_to_lr(struct opal_dev *dev, void *data)
1601 {
1602         u8 lr_buffer[OPAL_UID_LENGTH];
1603         u8 user_uid[OPAL_UID_LENGTH];
1604         struct opal_lock_unlock *lkul = data;
1605         int err = 0;
1606
1607         clear_opal_cmd(dev);
1608         set_comid(dev, dev->comid);
1609
1610         memcpy(lr_buffer, opaluid[OPAL_LOCKINGRANGE_ACE_RDLOCKED],
1611                OPAL_UID_LENGTH);
1612
1613         if (lkul->l_state == OPAL_RW)
1614                 memcpy(lr_buffer, opaluid[OPAL_LOCKINGRANGE_ACE_WRLOCKED],
1615                        OPAL_UID_LENGTH);
1616
1617         lr_buffer[7] = lkul->session.opal_key.lr;
1618
1619         memcpy(user_uid, opaluid[OPAL_USER1_UID], OPAL_UID_LENGTH);
1620
1621         user_uid[7] = lkul->session.who;
1622
1623         add_token_u8(&err, dev, OPAL_CALL);
1624         add_token_bytestring(&err, dev, lr_buffer, OPAL_UID_LENGTH);
1625         add_token_bytestring(&err, dev, opalmethod[OPAL_SET],
1626                              OPAL_UID_LENGTH);
1627
1628         add_token_u8(&err, dev, OPAL_STARTLIST);
1629         add_token_u8(&err, dev, OPAL_STARTNAME);
1630         add_token_u8(&err, dev, OPAL_VALUES);
1631
1632         add_token_u8(&err, dev, OPAL_STARTLIST);
1633         add_token_u8(&err, dev, OPAL_STARTNAME);
1634         add_token_u8(&err, dev, 3);
1635
1636         add_token_u8(&err, dev, OPAL_STARTLIST);
1637
1638
1639         add_token_u8(&err, dev, OPAL_STARTNAME);
1640         add_token_bytestring(&err, dev,
1641                              opaluid[OPAL_HALF_UID_AUTHORITY_OBJ_REF],
1642                              OPAL_UID_LENGTH/2);
1643         add_token_bytestring(&err, dev, user_uid, OPAL_UID_LENGTH);
1644         add_token_u8(&err, dev, OPAL_ENDNAME);
1645
1646
1647         add_token_u8(&err, dev, OPAL_STARTNAME);
1648         add_token_bytestring(&err, dev,
1649                              opaluid[OPAL_HALF_UID_AUTHORITY_OBJ_REF],
1650                              OPAL_UID_LENGTH/2);
1651         add_token_bytestring(&err, dev, user_uid, OPAL_UID_LENGTH);
1652         add_token_u8(&err, dev, OPAL_ENDNAME);
1653
1654
1655         add_token_u8(&err, dev, OPAL_STARTNAME);
1656         add_token_bytestring(&err, dev, opaluid[OPAL_HALF_UID_BOOLEAN_ACE],
1657                              OPAL_UID_LENGTH/2);
1658         add_token_u8(&err, dev, 1);
1659         add_token_u8(&err, dev, OPAL_ENDNAME);
1660
1661
1662         add_token_u8(&err, dev, OPAL_ENDLIST);
1663         add_token_u8(&err, dev, OPAL_ENDNAME);
1664         add_token_u8(&err, dev, OPAL_ENDLIST);
1665         add_token_u8(&err, dev, OPAL_ENDNAME);
1666         add_token_u8(&err, dev, OPAL_ENDLIST);
1667
1668         if (err) {
1669                 pr_debug("Error building add user to locking range command.\n");
1670                 return err;
1671         }
1672
1673         return finalize_and_send(dev, parse_and_check_status);
1674 }
1675
1676 static int lock_unlock_locking_range(struct opal_dev *dev, void *data)
1677 {
1678         u8 lr_buffer[OPAL_UID_LENGTH];
1679         struct opal_lock_unlock *lkul = data;
1680         u8 read_locked = 1, write_locked = 1;
1681         int err = 0;
1682
1683         clear_opal_cmd(dev);
1684         set_comid(dev, dev->comid);
1685
1686         if (build_locking_range(lr_buffer, sizeof(lr_buffer),
1687                                 lkul->session.opal_key.lr) < 0)
1688                 return -ERANGE;
1689
1690         switch (lkul->l_state) {
1691         case OPAL_RO:
1692                 read_locked = 0;
1693                 write_locked = 1;
1694                 break;
1695         case OPAL_RW:
1696                 read_locked = 0;
1697                 write_locked = 0;
1698                 break;
1699         case OPAL_LK:
1700                 /* vars are initalized to locked */
1701                 break;
1702         default:
1703                 pr_debug("Tried to set an invalid locking state... returning to uland\n");
1704                 return OPAL_INVAL_PARAM;
1705         }
1706
1707         add_token_u8(&err, dev, OPAL_CALL);
1708         add_token_bytestring(&err, dev, lr_buffer, OPAL_UID_LENGTH);
1709         add_token_bytestring(&err, dev, opalmethod[OPAL_SET], OPAL_UID_LENGTH);
1710         add_token_u8(&err, dev, OPAL_STARTLIST);
1711         add_token_u8(&err, dev, OPAL_STARTNAME);
1712         add_token_u8(&err, dev, OPAL_VALUES);
1713         add_token_u8(&err, dev, OPAL_STARTLIST);
1714
1715         add_token_u8(&err, dev, OPAL_STARTNAME);
1716         add_token_u8(&err, dev, OPAL_READLOCKED);
1717         add_token_u8(&err, dev, read_locked);
1718         add_token_u8(&err, dev, OPAL_ENDNAME);
1719
1720         add_token_u8(&err, dev, OPAL_STARTNAME);
1721         add_token_u8(&err, dev, OPAL_WRITELOCKED);
1722         add_token_u8(&err, dev, write_locked);
1723         add_token_u8(&err, dev, OPAL_ENDNAME);
1724
1725         add_token_u8(&err, dev, OPAL_ENDLIST);
1726         add_token_u8(&err, dev, OPAL_ENDNAME);
1727         add_token_u8(&err, dev, OPAL_ENDLIST);
1728
1729         if (err) {
1730                 pr_debug("Error building SET command.\n");
1731                 return err;
1732         }
1733         return finalize_and_send(dev, parse_and_check_status);
1734 }
1735
1736
1737 static int lock_unlock_locking_range_sum(struct opal_dev *dev, void *data)
1738 {
1739         u8 lr_buffer[OPAL_UID_LENGTH];
1740         u8 read_locked = 1, write_locked = 1;
1741         struct opal_lock_unlock *lkul = data;
1742         int ret;
1743
1744         clear_opal_cmd(dev);
1745         set_comid(dev, dev->comid);
1746
1747         if (build_locking_range(lr_buffer, sizeof(lr_buffer),
1748                                 lkul->session.opal_key.lr) < 0)
1749                 return -ERANGE;
1750
1751         switch (lkul->l_state) {
1752         case OPAL_RO:
1753                 read_locked = 0;
1754                 write_locked = 1;
1755                 break;
1756         case OPAL_RW:
1757                 read_locked = 0;
1758                 write_locked = 0;
1759                 break;
1760         case OPAL_LK:
1761                 /* vars are initalized to locked */
1762                 break;
1763         default:
1764                 pr_debug("Tried to set an invalid locking state.\n");
1765                 return OPAL_INVAL_PARAM;
1766         }
1767         ret = generic_lr_enable_disable(dev, lr_buffer, 1, 1,
1768                                         read_locked, write_locked);
1769
1770         if (ret < 0) {
1771                 pr_debug("Error building SET command.\n");
1772                 return ret;
1773         }
1774         return finalize_and_send(dev, parse_and_check_status);
1775 }
1776
1777 static int activate_lsp(struct opal_dev *dev, void *data)
1778 {
1779         struct opal_lr_act *opal_act = data;
1780         u8 user_lr[OPAL_UID_LENGTH];
1781         u8 uint_3 = 0x83;
1782         int err = 0, i;
1783
1784         clear_opal_cmd(dev);
1785         set_comid(dev, dev->comid);
1786
1787         add_token_u8(&err, dev, OPAL_CALL);
1788         add_token_bytestring(&err, dev, opaluid[OPAL_LOCKINGSP_UID],
1789                              OPAL_UID_LENGTH);
1790         add_token_bytestring(&err, dev, opalmethod[OPAL_ACTIVATE],
1791                              OPAL_UID_LENGTH);
1792
1793
1794         if (opal_act->sum) {
1795                 err = build_locking_range(user_lr, sizeof(user_lr),
1796                                           opal_act->lr[0]);
1797                 if (err)
1798                         return err;
1799
1800                 add_token_u8(&err, dev, OPAL_STARTLIST);
1801                 add_token_u8(&err, dev, OPAL_STARTNAME);
1802                 add_token_u8(&err, dev, uint_3);
1803                 add_token_u8(&err, dev, 6);
1804                 add_token_u8(&err, dev, 0);
1805                 add_token_u8(&err, dev, 0);
1806
1807                 add_token_u8(&err, dev, OPAL_STARTLIST);
1808                 add_token_bytestring(&err, dev, user_lr, OPAL_UID_LENGTH);
1809                 for (i = 1; i < opal_act->num_lrs; i++) {
1810                         user_lr[7] = opal_act->lr[i];
1811                         add_token_bytestring(&err, dev, user_lr, OPAL_UID_LENGTH);
1812                 }
1813                 add_token_u8(&err, dev, OPAL_ENDLIST);
1814                 add_token_u8(&err, dev, OPAL_ENDNAME);
1815                 add_token_u8(&err, dev, OPAL_ENDLIST);
1816
1817         } else {
1818                 add_token_u8(&err, dev, OPAL_STARTLIST);
1819                 add_token_u8(&err, dev, OPAL_ENDLIST);
1820         }
1821
1822         if (err) {
1823                 pr_debug("Error building Activate LockingSP command.\n");
1824                 return err;
1825         }
1826
1827         return finalize_and_send(dev, parse_and_check_status);
1828 }
1829
1830 static int get_lsp_lifecycle_cont(struct opal_dev *dev)
1831 {
1832         u8 lc_status;
1833         int error = 0;
1834
1835         error = parse_and_check_status(dev);
1836         if (error)
1837                 return error;
1838
1839         lc_status = response_get_u64(&dev->parsed, 4);
1840         /* 0x08 is Manufacured Inactive */
1841         /* 0x09 is Manufactured */
1842         if (lc_status != OPAL_MANUFACTURED_INACTIVE) {
1843                 pr_debug("Couldn't determine the status of the Lifecycle state\n");
1844                 return -ENODEV;
1845         }
1846
1847         return 0;
1848 }
1849
1850 /* Determine if we're in the Manufactured Inactive or Active state */
1851 static int get_lsp_lifecycle(struct opal_dev *dev, void *data)
1852 {
1853         int err = 0;
1854
1855         clear_opal_cmd(dev);
1856         set_comid(dev, dev->comid);
1857
1858         add_token_u8(&err, dev, OPAL_CALL);
1859         add_token_bytestring(&err, dev, opaluid[OPAL_LOCKINGSP_UID],
1860                              OPAL_UID_LENGTH);
1861         add_token_bytestring(&err, dev, opalmethod[OPAL_GET], OPAL_UID_LENGTH);
1862
1863         add_token_u8(&err, dev, OPAL_STARTLIST);
1864         add_token_u8(&err, dev, OPAL_STARTLIST);
1865
1866         add_token_u8(&err, dev, OPAL_STARTNAME);
1867         add_token_u8(&err, dev, 3); /* Start Column */
1868         add_token_u8(&err, dev, 6); /* Lifecycle Column */
1869         add_token_u8(&err, dev, OPAL_ENDNAME);
1870
1871         add_token_u8(&err, dev, OPAL_STARTNAME);
1872         add_token_u8(&err, dev, 4); /* End Column */
1873         add_token_u8(&err, dev, 6); /* Lifecycle Column */
1874         add_token_u8(&err, dev, OPAL_ENDNAME);
1875
1876         add_token_u8(&err, dev, OPAL_ENDLIST);
1877         add_token_u8(&err, dev, OPAL_ENDLIST);
1878
1879         if (err) {
1880                 pr_debug("Error Building GET Lifecycle Status command\n");
1881                 return err;
1882         }
1883
1884         return finalize_and_send(dev, get_lsp_lifecycle_cont);
1885 }
1886
1887 static int get_msid_cpin_pin_cont(struct opal_dev *dev)
1888 {
1889         const char *msid_pin;
1890         size_t strlen;
1891         int error = 0;
1892
1893         error = parse_and_check_status(dev);
1894         if (error)
1895                 return error;
1896
1897         strlen = response_get_string(&dev->parsed, 4, &msid_pin);
1898         if (!msid_pin) {
1899                 pr_debug("%s: Couldn't extract PIN from response\n", __func__);
1900                 return OPAL_INVAL_PARAM;
1901         }
1902
1903         dev->prev_data = kmemdup(msid_pin, strlen, GFP_KERNEL);
1904         if (!dev->prev_data)
1905                 return -ENOMEM;
1906
1907         dev->prev_d_len = strlen;
1908
1909         return 0;
1910 }
1911
1912 static int get_msid_cpin_pin(struct opal_dev *dev, void *data)
1913 {
1914         int err = 0;
1915
1916         clear_opal_cmd(dev);
1917         set_comid(dev, dev->comid);
1918
1919         add_token_u8(&err, dev, OPAL_CALL);
1920         add_token_bytestring(&err, dev, opaluid[OPAL_C_PIN_MSID],
1921                              OPAL_UID_LENGTH);
1922         add_token_bytestring(&err, dev, opalmethod[OPAL_GET], OPAL_UID_LENGTH);
1923
1924         add_token_u8(&err, dev, OPAL_STARTLIST);
1925         add_token_u8(&err, dev, OPAL_STARTLIST);
1926
1927         add_token_u8(&err, dev, OPAL_STARTNAME);
1928         add_token_u8(&err, dev, 3); /* Start Column */
1929         add_token_u8(&err, dev, 3); /* PIN */
1930         add_token_u8(&err, dev, OPAL_ENDNAME);
1931
1932         add_token_u8(&err, dev, OPAL_STARTNAME);
1933         add_token_u8(&err, dev, 4); /* End Column */
1934         add_token_u8(&err, dev, 3); /* Lifecycle Column */
1935         add_token_u8(&err, dev, OPAL_ENDNAME);
1936
1937         add_token_u8(&err, dev, OPAL_ENDLIST);
1938         add_token_u8(&err, dev, OPAL_ENDLIST);
1939
1940         if (err) {
1941                 pr_debug("Error building Get MSID CPIN PIN command.\n");
1942                 return err;
1943         }
1944
1945         return finalize_and_send(dev, get_msid_cpin_pin_cont);
1946 }
1947
1948 static int end_opal_session(struct opal_dev *dev, void *data)
1949 {
1950         int err = 0;
1951
1952         clear_opal_cmd(dev);
1953         set_comid(dev, dev->comid);
1954         add_token_u8(&err, dev, OPAL_ENDOFSESSION);
1955
1956         if (err < 0)
1957                 return err;
1958         return finalize_and_send(dev, end_session_cont);
1959 }
1960
1961 static int end_opal_session_error(struct opal_dev *dev)
1962 {
1963         const struct opal_step error_end_session[] = {
1964                 { end_opal_session, },
1965                 { NULL, }
1966         };
1967         dev->steps = error_end_session;
1968         return next(dev);
1969 }
1970
1971 static inline void setup_opal_dev(struct opal_dev *dev,
1972                                   const struct opal_step *steps)
1973 {
1974         dev->steps = steps;
1975         dev->tsn = 0;
1976         dev->hsn = 0;
1977         dev->prev_data = NULL;
1978 }
1979
1980 static int check_opal_support(struct opal_dev *dev)
1981 {
1982         const struct opal_step steps[] = {
1983                 { opal_discovery0, },
1984                 { NULL, }
1985         };
1986         int ret;
1987
1988         mutex_lock(&dev->dev_lock);
1989         setup_opal_dev(dev, steps);
1990         ret = next(dev);
1991         dev->supported = !ret;
1992         mutex_unlock(&dev->dev_lock);
1993         return ret;
1994 }
1995
1996 static void clean_opal_dev(struct opal_dev *dev)
1997 {
1998
1999         struct opal_suspend_data *suspend, *next;
2000
2001         mutex_lock(&dev->dev_lock);
2002         list_for_each_entry_safe(suspend, next, &dev->unlk_lst, node) {
2003                 list_del(&suspend->node);
2004                 kfree(suspend);
2005         }
2006         mutex_unlock(&dev->dev_lock);
2007 }
2008
2009 void free_opal_dev(struct opal_dev *dev)
2010 {
2011         if (!dev)
2012                 return;
2013         clean_opal_dev(dev);
2014         kfree(dev);
2015 }
2016 EXPORT_SYMBOL(free_opal_dev);
2017
2018 struct opal_dev *init_opal_dev(void *data, sec_send_recv *send_recv)
2019 {
2020         struct opal_dev *dev;
2021
2022         dev = kmalloc(sizeof(*dev), GFP_KERNEL);
2023         if (!dev)
2024                 return NULL;
2025
2026         INIT_LIST_HEAD(&dev->unlk_lst);
2027         mutex_init(&dev->dev_lock);
2028         dev->data = data;
2029         dev->send_recv = send_recv;
2030         if (check_opal_support(dev) != 0) {
2031                 pr_debug("Opal is not supported on this device\n");
2032                 kfree(dev);
2033                 return NULL;
2034         }
2035         return dev;
2036 }
2037 EXPORT_SYMBOL(init_opal_dev);
2038
2039 static int opal_secure_erase_locking_range(struct opal_dev *dev,
2040                                            struct opal_session_info *opal_session)
2041 {
2042         const struct opal_step erase_steps[] = {
2043                 { opal_discovery0, },
2044                 { start_auth_opal_session, opal_session },
2045                 { get_active_key, &opal_session->opal_key.lr },
2046                 { gen_key, },
2047                 { end_opal_session, },
2048                 { NULL, }
2049         };
2050         int ret;
2051
2052         mutex_lock(&dev->dev_lock);
2053         setup_opal_dev(dev, erase_steps);
2054         ret = next(dev);
2055         mutex_unlock(&dev->dev_lock);
2056         return ret;
2057 }
2058
2059 static int opal_erase_locking_range(struct opal_dev *dev,
2060                                     struct opal_session_info *opal_session)
2061 {
2062         const struct opal_step erase_steps[] = {
2063                 { opal_discovery0, },
2064                 { start_auth_opal_session, opal_session },
2065                 { erase_locking_range, opal_session },
2066                 { end_opal_session, },
2067                 { NULL, }
2068         };
2069         int ret;
2070
2071         mutex_lock(&dev->dev_lock);
2072         setup_opal_dev(dev, erase_steps);
2073         ret = next(dev);
2074         mutex_unlock(&dev->dev_lock);
2075         return ret;
2076 }
2077
2078 static int opal_enable_disable_shadow_mbr(struct opal_dev *dev,
2079                                           struct opal_mbr_data *opal_mbr)
2080 {
2081         const struct opal_step mbr_steps[] = {
2082                 { opal_discovery0, },
2083                 { start_admin1LSP_opal_session, &opal_mbr->key },
2084                 { set_mbr_done, &opal_mbr->enable_disable },
2085                 { end_opal_session, },
2086                 { start_admin1LSP_opal_session, &opal_mbr->key },
2087                 { set_mbr_enable_disable, &opal_mbr->enable_disable },
2088                 { end_opal_session, },
2089                 { NULL, }
2090         };
2091         int ret;
2092
2093         if (opal_mbr->enable_disable != OPAL_MBR_ENABLE &&
2094             opal_mbr->enable_disable != OPAL_MBR_DISABLE)
2095                 return -EINVAL;
2096
2097         mutex_lock(&dev->dev_lock);
2098         setup_opal_dev(dev, mbr_steps);
2099         ret = next(dev);
2100         mutex_unlock(&dev->dev_lock);
2101         return ret;
2102 }
2103
2104 static int opal_save(struct opal_dev *dev, struct opal_lock_unlock *lk_unlk)
2105 {
2106         struct opal_suspend_data *suspend;
2107
2108         suspend = kzalloc(sizeof(*suspend), GFP_KERNEL);
2109         if (!suspend)
2110                 return -ENOMEM;
2111
2112         suspend->unlk = *lk_unlk;
2113         suspend->lr = lk_unlk->session.opal_key.lr;
2114
2115         mutex_lock(&dev->dev_lock);
2116         setup_opal_dev(dev, NULL);
2117         add_suspend_info(dev, suspend);
2118         mutex_unlock(&dev->dev_lock);
2119         return 0;
2120 }
2121
2122 static int opal_add_user_to_lr(struct opal_dev *dev,
2123                                struct opal_lock_unlock *lk_unlk)
2124 {
2125         const struct opal_step steps[] = {
2126                 { opal_discovery0, },
2127                 { start_admin1LSP_opal_session, &lk_unlk->session.opal_key },
2128                 { add_user_to_lr, lk_unlk },
2129                 { end_opal_session, },
2130                 { NULL, }
2131         };
2132         int ret;
2133
2134         if (lk_unlk->l_state != OPAL_RO &&
2135             lk_unlk->l_state != OPAL_RW) {
2136                 pr_debug("Locking state was not RO or RW\n");
2137                 return -EINVAL;
2138         }
2139         if (lk_unlk->session.who < OPAL_USER1 ||
2140             lk_unlk->session.who > OPAL_USER9) {
2141                 pr_debug("Authority was not within the range of users: %d\n",
2142                          lk_unlk->session.who);
2143                 return -EINVAL;
2144         }
2145         if (lk_unlk->session.sum) {
2146                 pr_debug("%s not supported in sum. Use setup locking range\n",
2147                          __func__);
2148                 return -EINVAL;
2149         }
2150
2151         mutex_lock(&dev->dev_lock);
2152         setup_opal_dev(dev, steps);
2153         ret = next(dev);
2154         mutex_unlock(&dev->dev_lock);
2155         return ret;
2156 }
2157
2158 static int opal_reverttper(struct opal_dev *dev, struct opal_key *opal)
2159 {
2160         const struct opal_step revert_steps[] = {
2161                 { opal_discovery0, },
2162                 { start_SIDASP_opal_session, opal },
2163                 { revert_tper, }, /* controller will terminate session */
2164                 { NULL, }
2165         };
2166         int ret;
2167
2168         mutex_lock(&dev->dev_lock);
2169         setup_opal_dev(dev, revert_steps);
2170         ret = next(dev);
2171         mutex_unlock(&dev->dev_lock);
2172
2173         /*
2174          * If we successfully reverted lets clean
2175          * any saved locking ranges.
2176          */
2177         if (!ret)
2178                 clean_opal_dev(dev);
2179
2180         return ret;
2181 }
2182
2183 static int __opal_lock_unlock(struct opal_dev *dev,
2184                               struct opal_lock_unlock *lk_unlk)
2185 {
2186         const struct opal_step unlock_steps[] = {
2187                 { opal_discovery0, },
2188                 { start_auth_opal_session, &lk_unlk->session },
2189                 { lock_unlock_locking_range, lk_unlk },
2190                 { end_opal_session, },
2191                 { NULL, }
2192         };
2193         const struct opal_step unlock_sum_steps[] = {
2194                 { opal_discovery0, },
2195                 { start_auth_opal_session, &lk_unlk->session },
2196                 { lock_unlock_locking_range_sum, lk_unlk },
2197                 { end_opal_session, },
2198                 { NULL, }
2199         };
2200
2201         dev->steps = lk_unlk->session.sum ? unlock_sum_steps : unlock_steps;
2202         return next(dev);
2203 }
2204
2205 static int __opal_set_mbr_done(struct opal_dev *dev, struct opal_key *key)
2206 {
2207         u8 mbr_done_tf = 1;
2208         const struct opal_step mbrdone_step [] = {
2209                 { opal_discovery0, },
2210                 { start_admin1LSP_opal_session, key },
2211                 { set_mbr_done, &mbr_done_tf },
2212                 { end_opal_session, },
2213                 { NULL, }
2214         };
2215
2216         dev->steps = mbrdone_step;
2217         return next(dev);
2218 }
2219
2220 static int opal_lock_unlock(struct opal_dev *dev,
2221                             struct opal_lock_unlock *lk_unlk)
2222 {
2223         int ret;
2224
2225         if (lk_unlk->session.who < OPAL_ADMIN1 ||
2226             lk_unlk->session.who > OPAL_USER9)
2227                 return -EINVAL;
2228
2229         mutex_lock(&dev->dev_lock);
2230         ret = __opal_lock_unlock(dev, lk_unlk);
2231         mutex_unlock(&dev->dev_lock);
2232         return ret;
2233 }
2234
2235 static int opal_take_ownership(struct opal_dev *dev, struct opal_key *opal)
2236 {
2237         const struct opal_step owner_steps[] = {
2238                 { opal_discovery0, },
2239                 { start_anybodyASP_opal_session, },
2240                 { get_msid_cpin_pin, },
2241                 { end_opal_session, },
2242                 { start_SIDASP_opal_session, opal },
2243                 { set_sid_cpin_pin, opal },
2244                 { end_opal_session, },
2245                 { NULL, }
2246         };
2247         int ret;
2248
2249         if (!dev)
2250                 return -ENODEV;
2251
2252         mutex_lock(&dev->dev_lock);
2253         setup_opal_dev(dev, owner_steps);
2254         ret = next(dev);
2255         mutex_unlock(&dev->dev_lock);
2256         return ret;
2257 }
2258
2259 static int opal_activate_lsp(struct opal_dev *dev, struct opal_lr_act *opal_lr_act)
2260 {
2261         const struct opal_step active_steps[] = {
2262                 { opal_discovery0, },
2263                 { start_SIDASP_opal_session, &opal_lr_act->key },
2264                 { get_lsp_lifecycle, },
2265                 { activate_lsp, opal_lr_act },
2266                 { end_opal_session, },
2267                 { NULL, }
2268         };
2269         int ret;
2270
2271         if (!opal_lr_act->num_lrs || opal_lr_act->num_lrs > OPAL_MAX_LRS)
2272                 return -EINVAL;
2273
2274         mutex_lock(&dev->dev_lock);
2275         setup_opal_dev(dev, active_steps);
2276         ret = next(dev);
2277         mutex_unlock(&dev->dev_lock);
2278         return ret;
2279 }
2280
2281 static int opal_setup_locking_range(struct opal_dev *dev,
2282                                     struct opal_user_lr_setup *opal_lrs)
2283 {
2284         const struct opal_step lr_steps[] = {
2285                 { opal_discovery0, },
2286                 { start_auth_opal_session, &opal_lrs->session },
2287                 { setup_locking_range, opal_lrs },
2288                 { end_opal_session, },
2289                 { NULL, }
2290         };
2291         int ret;
2292
2293         mutex_lock(&dev->dev_lock);
2294         setup_opal_dev(dev, lr_steps);
2295         ret = next(dev);
2296         mutex_unlock(&dev->dev_lock);
2297         return ret;
2298 }
2299
2300 static int opal_set_new_pw(struct opal_dev *dev, struct opal_new_pw *opal_pw)
2301 {
2302         const struct opal_step pw_steps[] = {
2303                 { opal_discovery0, },
2304                 { start_auth_opal_session, &opal_pw->session },
2305                 { set_new_pw, &opal_pw->new_user_pw },
2306                 { end_opal_session, },
2307                 { NULL }
2308         };
2309         int ret;
2310
2311         if (opal_pw->session.who < OPAL_ADMIN1 ||
2312             opal_pw->session.who > OPAL_USER9  ||
2313             opal_pw->new_user_pw.who < OPAL_ADMIN1 ||
2314             opal_pw->new_user_pw.who > OPAL_USER9)
2315                 return -EINVAL;
2316
2317         mutex_lock(&dev->dev_lock);
2318         setup_opal_dev(dev, pw_steps);
2319         ret = next(dev);
2320         mutex_unlock(&dev->dev_lock);
2321         return ret;
2322 }
2323
2324 static int opal_activate_user(struct opal_dev *dev,
2325                               struct opal_session_info *opal_session)
2326 {
2327         const struct opal_step act_steps[] = {
2328                 { opal_discovery0, },
2329                 { start_admin1LSP_opal_session, &opal_session->opal_key },
2330                 { internal_activate_user, opal_session },
2331                 { end_opal_session, },
2332                 { NULL, }
2333         };
2334         int ret;
2335
2336         /* We can't activate Admin1 it's active as manufactured */
2337         if (opal_session->who < OPAL_USER1 ||
2338             opal_session->who > OPAL_USER9) {
2339                 pr_debug("Who was not a valid user: %d\n", opal_session->who);
2340                 return -EINVAL;
2341         }
2342
2343         mutex_lock(&dev->dev_lock);
2344         setup_opal_dev(dev, act_steps);
2345         ret = next(dev);
2346         mutex_unlock(&dev->dev_lock);
2347         return ret;
2348 }
2349
2350 bool opal_unlock_from_suspend(struct opal_dev *dev)
2351 {
2352         struct opal_suspend_data *suspend;
2353         bool was_failure = false;
2354         int ret = 0;
2355
2356         if (!dev)
2357                 return false;
2358         if (!dev->supported)
2359                 return false;
2360
2361         mutex_lock(&dev->dev_lock);
2362         setup_opal_dev(dev, NULL);
2363
2364         list_for_each_entry(suspend, &dev->unlk_lst, node) {
2365                 dev->tsn = 0;
2366                 dev->hsn = 0;
2367
2368                 ret = __opal_lock_unlock(dev, &suspend->unlk);
2369                 if (ret) {
2370                         pr_debug("Failed to unlock LR %hhu with sum %d\n",
2371                                  suspend->unlk.session.opal_key.lr,
2372                                  suspend->unlk.session.sum);
2373                         was_failure = true;
2374                 }
2375                 if (dev->mbr_enabled) {
2376                         ret = __opal_set_mbr_done(dev, &suspend->unlk.session.opal_key);
2377                         if (ret)
2378                                 pr_debug("Failed to set MBR Done in S3 resume\n");
2379                 }
2380         }
2381         mutex_unlock(&dev->dev_lock);
2382         return was_failure;
2383 }
2384 EXPORT_SYMBOL(opal_unlock_from_suspend);
2385
2386 int sed_ioctl(struct opal_dev *dev, unsigned int cmd, void __user *arg)
2387 {
2388         void *p;
2389         int ret = -ENOTTY;
2390
2391         if (!capable(CAP_SYS_ADMIN))
2392                 return -EACCES;
2393         if (!dev)
2394                 return -ENOTSUPP;
2395         if (!dev->supported)
2396                 return -ENOTSUPP;
2397
2398         p = memdup_user(arg, _IOC_SIZE(cmd));
2399         if (IS_ERR(p))
2400                 return PTR_ERR(p);
2401
2402         switch (cmd) {
2403         case IOC_OPAL_SAVE:
2404                 ret = opal_save(dev, p);
2405                 break;
2406         case IOC_OPAL_LOCK_UNLOCK:
2407                 ret = opal_lock_unlock(dev, p);
2408                 break;
2409         case IOC_OPAL_TAKE_OWNERSHIP:
2410                 ret = opal_take_ownership(dev, p);
2411                 break;
2412         case IOC_OPAL_ACTIVATE_LSP:
2413                 ret = opal_activate_lsp(dev, p);
2414                 break;
2415         case IOC_OPAL_SET_PW:
2416                 ret = opal_set_new_pw(dev, p);
2417                 break;
2418         case IOC_OPAL_ACTIVATE_USR:
2419                 ret = opal_activate_user(dev, p);
2420                 break;
2421         case IOC_OPAL_REVERT_TPR:
2422                 ret = opal_reverttper(dev, p);
2423                 break;
2424         case IOC_OPAL_LR_SETUP:
2425                 ret = opal_setup_locking_range(dev, p);
2426                 break;
2427         case IOC_OPAL_ADD_USR_TO_LR:
2428                 ret = opal_add_user_to_lr(dev, p);
2429                 break;
2430         case IOC_OPAL_ENABLE_DISABLE_MBR:
2431                 ret = opal_enable_disable_shadow_mbr(dev, p);
2432                 break;
2433         case IOC_OPAL_ERASE_LR:
2434                 ret = opal_erase_locking_range(dev, p);
2435                 break;
2436         case IOC_OPAL_SECURE_ERASE_LR:
2437                 ret = opal_secure_erase_locking_range(dev, p);
2438                 break;
2439         default:
2440                 break;
2441         }
2442
2443         kfree(p);
2444         return ret;
2445 }
2446 EXPORT_SYMBOL_GPL(sed_ioctl);