2 * Thunderbolt bus support
4 * Copyright (C) 2017, Intel Corporation
5 * Author: Mika Westerberg <mika.westerberg@linux.intel.com>
7 * This program is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License version 2 as
9 * published by the Free Software Foundation.
12 #include <linux/device.h>
13 #include <linux/idr.h>
14 #include <linux/module.h>
15 #include <linux/slab.h>
16 #include <linux/random.h>
17 #include <crypto/hash.h>
21 static DEFINE_IDA(tb_domain_ida);
23 static bool match_service_id(const struct tb_service_id *id,
24 const struct tb_service *svc)
26 if (id->match_flags & TBSVC_MATCH_PROTOCOL_KEY) {
27 if (strcmp(id->protocol_key, svc->key))
31 if (id->match_flags & TBSVC_MATCH_PROTOCOL_ID) {
32 if (id->protocol_id != svc->prtcid)
36 if (id->match_flags & TBSVC_MATCH_PROTOCOL_VERSION) {
37 if (id->protocol_version != svc->prtcvers)
41 if (id->match_flags & TBSVC_MATCH_PROTOCOL_VERSION) {
42 if (id->protocol_revision != svc->prtcrevs)
49 static const struct tb_service_id *__tb_service_match(struct device *dev,
50 struct device_driver *drv)
52 struct tb_service_driver *driver;
53 const struct tb_service_id *ids;
54 struct tb_service *svc;
56 svc = tb_to_service(dev);
60 driver = container_of(drv, struct tb_service_driver, driver);
61 if (!driver->id_table)
64 for (ids = driver->id_table; ids->match_flags != 0; ids++) {
65 if (match_service_id(ids, svc))
72 static int tb_service_match(struct device *dev, struct device_driver *drv)
74 return !!__tb_service_match(dev, drv);
77 static int tb_service_probe(struct device *dev)
79 struct tb_service *svc = tb_to_service(dev);
80 struct tb_service_driver *driver;
81 const struct tb_service_id *id;
83 driver = container_of(dev->driver, struct tb_service_driver, driver);
84 id = __tb_service_match(dev, &driver->driver);
86 return driver->probe(svc, id);
89 static int tb_service_remove(struct device *dev)
91 struct tb_service *svc = tb_to_service(dev);
92 struct tb_service_driver *driver;
94 driver = container_of(dev->driver, struct tb_service_driver, driver);
101 static void tb_service_shutdown(struct device *dev)
103 struct tb_service_driver *driver;
104 struct tb_service *svc;
106 svc = tb_to_service(dev);
107 if (!svc || !dev->driver)
110 driver = container_of(dev->driver, struct tb_service_driver, driver);
111 if (driver->shutdown)
112 driver->shutdown(svc);
115 static const char * const tb_security_names[] = {
116 [TB_SECURITY_NONE] = "none",
117 [TB_SECURITY_USER] = "user",
118 [TB_SECURITY_SECURE] = "secure",
119 [TB_SECURITY_DPONLY] = "dponly",
122 static ssize_t boot_acl_show(struct device *dev, struct device_attribute *attr,
125 struct tb *tb = container_of(dev, struct tb, dev);
130 uuids = kcalloc(tb->nboot_acl, sizeof(uuid_t), GFP_KERNEL);
134 if (mutex_lock_interruptible(&tb->lock)) {
138 ret = tb->cm_ops->get_boot_acl(tb, uuids, tb->nboot_acl);
140 mutex_unlock(&tb->lock);
143 mutex_unlock(&tb->lock);
145 for (ret = 0, i = 0; i < tb->nboot_acl; i++) {
146 if (!uuid_is_null(&uuids[i]))
147 ret += snprintf(buf + ret, PAGE_SIZE - ret, "%pUb",
150 ret += snprintf(buf + ret, PAGE_SIZE - ret, "%s",
151 i < tb->nboot_acl - 1 ? "," : "\n");
159 static ssize_t boot_acl_store(struct device *dev, struct device_attribute *attr,
160 const char *buf, size_t count)
162 struct tb *tb = container_of(dev, struct tb, dev);
163 char *str, *s, *uuid_str;
169 * Make sure the value is not bigger than tb->nboot_acl * UUID
170 * length + commas and optional "\n". Also the smallest allowable
171 * string is tb->nboot_acl * ",".
173 if (count > (UUID_STRING_LEN + 1) * tb->nboot_acl + 1)
175 if (count < tb->nboot_acl - 1)
178 str = kstrdup(buf, GFP_KERNEL);
182 acl = kcalloc(tb->nboot_acl, sizeof(uuid_t), GFP_KERNEL);
188 uuid_str = strim(str);
189 while ((s = strsep(&uuid_str, ",")) != NULL && i < tb->nboot_acl) {
190 size_t len = strlen(s);
193 if (len != UUID_STRING_LEN) {
197 ret = uuid_parse(s, &acl[i]);
205 if (s || i < tb->nboot_acl) {
210 if (mutex_lock_interruptible(&tb->lock)) {
214 ret = tb->cm_ops->set_boot_acl(tb, acl, tb->nboot_acl);
215 mutex_unlock(&tb->lock);
224 static DEVICE_ATTR_RW(boot_acl);
226 static ssize_t security_show(struct device *dev, struct device_attribute *attr,
229 struct tb *tb = container_of(dev, struct tb, dev);
231 return sprintf(buf, "%s\n", tb_security_names[tb->security_level]);
233 static DEVICE_ATTR_RO(security);
235 static struct attribute *domain_attrs[] = {
236 &dev_attr_boot_acl.attr,
237 &dev_attr_security.attr,
241 static umode_t domain_attr_is_visible(struct kobject *kobj,
242 struct attribute *attr, int n)
244 struct device *dev = container_of(kobj, struct device, kobj);
245 struct tb *tb = container_of(dev, struct tb, dev);
247 if (attr == &dev_attr_boot_acl.attr) {
249 tb->cm_ops->get_boot_acl &&
250 tb->cm_ops->set_boot_acl)
258 static struct attribute_group domain_attr_group = {
259 .is_visible = domain_attr_is_visible,
260 .attrs = domain_attrs,
263 static const struct attribute_group *domain_attr_groups[] = {
268 struct bus_type tb_bus_type = {
269 .name = "thunderbolt",
270 .match = tb_service_match,
271 .probe = tb_service_probe,
272 .remove = tb_service_remove,
273 .shutdown = tb_service_shutdown,
276 static void tb_domain_release(struct device *dev)
278 struct tb *tb = container_of(dev, struct tb, dev);
280 tb_ctl_free(tb->ctl);
281 destroy_workqueue(tb->wq);
282 ida_simple_remove(&tb_domain_ida, tb->index);
283 mutex_destroy(&tb->lock);
287 struct device_type tb_domain_type = {
288 .name = "thunderbolt_domain",
289 .release = tb_domain_release,
293 * tb_domain_alloc() - Allocate a domain
294 * @nhi: Pointer to the host controller
295 * @privsize: Size of the connection manager private data
297 * Allocates and initializes a new Thunderbolt domain. Connection
298 * managers are expected to call this and then fill in @cm_ops
301 * Call tb_domain_put() to release the domain before it has been added
304 * Return: allocated domain structure on %NULL in case of error
306 struct tb *tb_domain_alloc(struct tb_nhi *nhi, size_t privsize)
311 * Make sure the structure sizes map with that the hardware
312 * expects because bit-fields are being used.
314 BUILD_BUG_ON(sizeof(struct tb_regs_switch_header) != 5 * 4);
315 BUILD_BUG_ON(sizeof(struct tb_regs_port_header) != 8 * 4);
316 BUILD_BUG_ON(sizeof(struct tb_regs_hop) != 2 * 4);
318 tb = kzalloc(sizeof(*tb) + privsize, GFP_KERNEL);
323 mutex_init(&tb->lock);
325 tb->index = ida_simple_get(&tb_domain_ida, 0, 0, GFP_KERNEL);
329 tb->wq = alloc_ordered_workqueue("thunderbolt%d", 0, tb->index);
333 tb->dev.parent = &nhi->pdev->dev;
334 tb->dev.bus = &tb_bus_type;
335 tb->dev.type = &tb_domain_type;
336 tb->dev.groups = domain_attr_groups;
337 dev_set_name(&tb->dev, "domain%d", tb->index);
338 device_initialize(&tb->dev);
343 ida_simple_remove(&tb_domain_ida, tb->index);
350 static bool tb_domain_event_cb(void *data, enum tb_cfg_pkg_type type,
351 const void *buf, size_t size)
353 struct tb *tb = data;
355 if (!tb->cm_ops->handle_event) {
356 tb_warn(tb, "domain does not have event handler\n");
361 case TB_CFG_PKG_XDOMAIN_REQ:
362 case TB_CFG_PKG_XDOMAIN_RESP:
363 return tb_xdomain_handle_request(tb, type, buf, size);
366 tb->cm_ops->handle_event(tb, type, buf, size);
373 * tb_domain_add() - Add domain to the system
376 * Starts the domain and adds it to the system. Hotplugging devices will
377 * work after this has been returned successfully. In order to remove
378 * and release the domain after this function has been called, call
379 * tb_domain_remove().
381 * Return: %0 in case of success and negative errno in case of error
383 int tb_domain_add(struct tb *tb)
387 if (WARN_ON(!tb->cm_ops))
390 mutex_lock(&tb->lock);
392 tb->ctl = tb_ctl_alloc(tb->nhi, tb_domain_event_cb, tb);
399 * tb_schedule_hotplug_handler may be called as soon as the config
400 * channel is started. Thats why we have to hold the lock here.
402 tb_ctl_start(tb->ctl);
404 if (tb->cm_ops->driver_ready) {
405 ret = tb->cm_ops->driver_ready(tb);
410 ret = device_add(&tb->dev);
414 /* Start the domain */
415 if (tb->cm_ops->start) {
416 ret = tb->cm_ops->start(tb);
421 /* This starts event processing */
422 mutex_unlock(&tb->lock);
427 device_del(&tb->dev);
429 tb_ctl_stop(tb->ctl);
431 mutex_unlock(&tb->lock);
437 * tb_domain_remove() - Removes and releases a domain
438 * @tb: Domain to remove
440 * Stops the domain, removes it from the system and releases all
441 * resources once the last reference has been released.
443 void tb_domain_remove(struct tb *tb)
445 mutex_lock(&tb->lock);
446 if (tb->cm_ops->stop)
447 tb->cm_ops->stop(tb);
448 /* Stop the domain control traffic */
449 tb_ctl_stop(tb->ctl);
450 mutex_unlock(&tb->lock);
452 flush_workqueue(tb->wq);
453 device_unregister(&tb->dev);
457 * tb_domain_suspend_noirq() - Suspend a domain
458 * @tb: Domain to suspend
460 * Suspends all devices in the domain and stops the control channel.
462 int tb_domain_suspend_noirq(struct tb *tb)
467 * The control channel interrupt is left enabled during suspend
468 * and taking the lock here prevents any events happening before
469 * we actually have stopped the domain and the control channel.
471 mutex_lock(&tb->lock);
472 if (tb->cm_ops->suspend_noirq)
473 ret = tb->cm_ops->suspend_noirq(tb);
475 tb_ctl_stop(tb->ctl);
476 mutex_unlock(&tb->lock);
482 * tb_domain_resume_noirq() - Resume a domain
483 * @tb: Domain to resume
485 * Re-starts the control channel, and resumes all devices connected to
488 int tb_domain_resume_noirq(struct tb *tb)
492 mutex_lock(&tb->lock);
493 tb_ctl_start(tb->ctl);
494 if (tb->cm_ops->resume_noirq)
495 ret = tb->cm_ops->resume_noirq(tb);
496 mutex_unlock(&tb->lock);
501 int tb_domain_suspend(struct tb *tb)
505 mutex_lock(&tb->lock);
506 if (tb->cm_ops->suspend) {
507 ret = tb->cm_ops->suspend(tb);
509 mutex_unlock(&tb->lock);
513 mutex_unlock(&tb->lock);
517 void tb_domain_complete(struct tb *tb)
519 mutex_lock(&tb->lock);
520 if (tb->cm_ops->complete)
521 tb->cm_ops->complete(tb);
522 mutex_unlock(&tb->lock);
526 * tb_domain_approve_switch() - Approve switch
527 * @tb: Domain the switch belongs to
528 * @sw: Switch to approve
530 * This will approve switch by connection manager specific means. In
531 * case of success the connection manager will create tunnels for all
532 * supported protocols.
534 int tb_domain_approve_switch(struct tb *tb, struct tb_switch *sw)
536 struct tb_switch *parent_sw;
538 if (!tb->cm_ops->approve_switch)
541 /* The parent switch must be authorized before this one */
542 parent_sw = tb_to_switch(sw->dev.parent);
543 if (!parent_sw || !parent_sw->authorized)
546 return tb->cm_ops->approve_switch(tb, sw);
550 * tb_domain_approve_switch_key() - Approve switch and add key
551 * @tb: Domain the switch belongs to
552 * @sw: Switch to approve
554 * For switches that support secure connect, this function first adds
555 * key to the switch NVM using connection manager specific means. If
556 * adding the key is successful, the switch is approved and connected.
558 * Return: %0 on success and negative errno in case of failure.
560 int tb_domain_approve_switch_key(struct tb *tb, struct tb_switch *sw)
562 struct tb_switch *parent_sw;
565 if (!tb->cm_ops->approve_switch || !tb->cm_ops->add_switch_key)
568 /* The parent switch must be authorized before this one */
569 parent_sw = tb_to_switch(sw->dev.parent);
570 if (!parent_sw || !parent_sw->authorized)
573 ret = tb->cm_ops->add_switch_key(tb, sw);
577 return tb->cm_ops->approve_switch(tb, sw);
581 * tb_domain_challenge_switch_key() - Challenge and approve switch
582 * @tb: Domain the switch belongs to
583 * @sw: Switch to approve
585 * For switches that support secure connect, this function generates
586 * random challenge and sends it to the switch. The switch responds to
587 * this and if the response matches our random challenge, the switch is
588 * approved and connected.
590 * Return: %0 on success and negative errno in case of failure.
592 int tb_domain_challenge_switch_key(struct tb *tb, struct tb_switch *sw)
594 u8 challenge[TB_SWITCH_KEY_SIZE];
595 u8 response[TB_SWITCH_KEY_SIZE];
596 u8 hmac[TB_SWITCH_KEY_SIZE];
597 struct tb_switch *parent_sw;
598 struct crypto_shash *tfm;
599 struct shash_desc *shash;
602 if (!tb->cm_ops->approve_switch || !tb->cm_ops->challenge_switch_key)
605 /* The parent switch must be authorized before this one */
606 parent_sw = tb_to_switch(sw->dev.parent);
607 if (!parent_sw || !parent_sw->authorized)
610 get_random_bytes(challenge, sizeof(challenge));
611 ret = tb->cm_ops->challenge_switch_key(tb, sw, challenge, response);
615 tfm = crypto_alloc_shash("hmac(sha256)", 0, 0);
619 ret = crypto_shash_setkey(tfm, sw->key, TB_SWITCH_KEY_SIZE);
623 shash = kzalloc(sizeof(*shash) + crypto_shash_descsize(tfm),
631 shash->flags = CRYPTO_TFM_REQ_MAY_SLEEP;
633 memset(hmac, 0, sizeof(hmac));
634 ret = crypto_shash_digest(shash, challenge, sizeof(hmac), hmac);
638 /* The returned HMAC must match the one we calculated */
639 if (memcmp(response, hmac, sizeof(hmac))) {
644 crypto_free_shash(tfm);
647 return tb->cm_ops->approve_switch(tb, sw);
652 crypto_free_shash(tfm);
658 * tb_domain_disconnect_pcie_paths() - Disconnect all PCIe paths
659 * @tb: Domain whose PCIe paths to disconnect
661 * This needs to be called in preparation for NVM upgrade of the host
662 * controller. Makes sure all PCIe paths are disconnected.
664 * Return %0 on success and negative errno in case of error.
666 int tb_domain_disconnect_pcie_paths(struct tb *tb)
668 if (!tb->cm_ops->disconnect_pcie_paths)
671 return tb->cm_ops->disconnect_pcie_paths(tb);
675 * tb_domain_approve_xdomain_paths() - Enable DMA paths for XDomain
676 * @tb: Domain enabling the DMA paths
677 * @xd: XDomain DMA paths are created to
679 * Calls connection manager specific method to enable DMA paths to the
680 * XDomain in question.
682 * Return: 0% in case of success and negative errno otherwise. In
683 * particular returns %-ENOTSUPP if the connection manager
684 * implementation does not support XDomains.
686 int tb_domain_approve_xdomain_paths(struct tb *tb, struct tb_xdomain *xd)
688 if (!tb->cm_ops->approve_xdomain_paths)
691 return tb->cm_ops->approve_xdomain_paths(tb, xd);
695 * tb_domain_disconnect_xdomain_paths() - Disable DMA paths for XDomain
696 * @tb: Domain disabling the DMA paths
697 * @xd: XDomain whose DMA paths are disconnected
699 * Calls connection manager specific method to disconnect DMA paths to
700 * the XDomain in question.
702 * Return: 0% in case of success and negative errno otherwise. In
703 * particular returns %-ENOTSUPP if the connection manager
704 * implementation does not support XDomains.
706 int tb_domain_disconnect_xdomain_paths(struct tb *tb, struct tb_xdomain *xd)
708 if (!tb->cm_ops->disconnect_xdomain_paths)
711 return tb->cm_ops->disconnect_xdomain_paths(tb, xd);
714 static int disconnect_xdomain(struct device *dev, void *data)
716 struct tb_xdomain *xd;
717 struct tb *tb = data;
720 xd = tb_to_xdomain(dev);
721 if (xd && xd->tb == tb)
722 ret = tb_xdomain_disable_paths(xd);
728 * tb_domain_disconnect_all_paths() - Disconnect all paths for the domain
729 * @tb: Domain whose paths are disconnected
731 * This function can be used to disconnect all paths (PCIe, XDomain) for
732 * example in preparation for host NVM firmware upgrade. After this is
733 * called the paths cannot be established without resetting the switch.
735 * Return: %0 in case of success and negative errno otherwise.
737 int tb_domain_disconnect_all_paths(struct tb *tb)
741 ret = tb_domain_disconnect_pcie_paths(tb);
745 return bus_for_each_dev(&tb_bus_type, NULL, tb, disconnect_xdomain);
748 int tb_domain_init(void)
752 ret = tb_xdomain_init();
755 ret = bus_register(&tb_bus_type);
762 void tb_domain_exit(void)
764 bus_unregister(&tb_bus_type);
765 ida_destroy(&tb_domain_ida);