stm32_firewall.c 8.0 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294
  1. // SPDX-License-Identifier: GPL-2.0-only
  2. /*
  3. * Copyright (C) 2023, STMicroelectronics - All Rights Reserved
  4. */
  5. #include <linux/bitfield.h>
  6. #include <linux/bits.h>
  7. #include <linux/bus/stm32_firewall_device.h>
  8. #include <linux/device.h>
  9. #include <linux/err.h>
  10. #include <linux/init.h>
  11. #include <linux/io.h>
  12. #include <linux/kernel.h>
  13. #include <linux/module.h>
  14. #include <linux/of.h>
  15. #include <linux/of_platform.h>
  16. #include <linux/platform_device.h>
  17. #include <linux/types.h>
  18. #include <linux/slab.h>
  19. #include "stm32_firewall.h"
  20. /* Corresponds to STM32_FIREWALL_MAX_EXTRA_ARGS + firewall ID */
  21. #define STM32_FIREWALL_MAX_ARGS (STM32_FIREWALL_MAX_EXTRA_ARGS + 1)
  22. static LIST_HEAD(firewall_controller_list);
  23. static DEFINE_MUTEX(firewall_controller_list_lock);
  24. /* Firewall device API */
  25. int stm32_firewall_get_firewall(struct device_node *np, struct stm32_firewall *firewall,
  26. unsigned int nb_firewall)
  27. {
  28. struct stm32_firewall_controller *ctrl;
  29. struct of_phandle_iterator it;
  30. unsigned int i, j = 0;
  31. int err;
  32. if (!firewall || !nb_firewall)
  33. return -EINVAL;
  34. /* Parse property with phandle parsed out */
  35. of_for_each_phandle(&it, err, np, "access-controllers", "#access-controller-cells", 0) {
  36. struct of_phandle_args provider_args;
  37. struct device_node *provider = it.node;
  38. const char *fw_entry;
  39. bool match = false;
  40. if (err) {
  41. pr_err("Unable to get access-controllers property for node %s\n, err: %d",
  42. np->full_name, err);
  43. of_node_put(provider);
  44. return err;
  45. }
  46. if (j >= nb_firewall) {
  47. pr_err("Too many firewall controllers");
  48. of_node_put(provider);
  49. return -EINVAL;
  50. }
  51. provider_args.args_count = of_phandle_iterator_args(&it, provider_args.args,
  52. STM32_FIREWALL_MAX_ARGS);
  53. /* Check if the parsed phandle corresponds to a registered firewall controller */
  54. mutex_lock(&firewall_controller_list_lock);
  55. list_for_each_entry(ctrl, &firewall_controller_list, entry) {
  56. if (ctrl->dev->of_node->phandle == it.phandle) {
  57. match = true;
  58. firewall[j].firewall_ctrl = ctrl;
  59. break;
  60. }
  61. }
  62. mutex_unlock(&firewall_controller_list_lock);
  63. if (!match) {
  64. firewall[j].firewall_ctrl = NULL;
  65. pr_err("No firewall controller registered for %s\n", np->full_name);
  66. of_node_put(provider);
  67. return -ENODEV;
  68. }
  69. err = of_property_read_string_index(np, "access-controller-names", j, &fw_entry);
  70. if (err == 0)
  71. firewall[j].entry = fw_entry;
  72. /* Handle the case when there are no arguments given along with the phandle */
  73. if (provider_args.args_count < 0 ||
  74. provider_args.args_count > STM32_FIREWALL_MAX_ARGS) {
  75. of_node_put(provider);
  76. return -EINVAL;
  77. } else if (provider_args.args_count == 0) {
  78. firewall[j].extra_args_size = 0;
  79. firewall[j].firewall_id = U32_MAX;
  80. j++;
  81. continue;
  82. }
  83. /* The firewall ID is always the first argument */
  84. firewall[j].firewall_id = provider_args.args[0];
  85. /* Extra args start at the second argument */
  86. for (i = 0; i < provider_args.args_count - 1; i++)
  87. firewall[j].extra_args[i] = provider_args.args[i + 1];
  88. /* Remove the firewall ID arg that is not an extra argument */
  89. firewall[j].extra_args_size = provider_args.args_count - 1;
  90. j++;
  91. }
  92. return 0;
  93. }
  94. EXPORT_SYMBOL_GPL(stm32_firewall_get_firewall);
  95. int stm32_firewall_grant_access(struct stm32_firewall *firewall)
  96. {
  97. struct stm32_firewall_controller *firewall_controller;
  98. if (!firewall || firewall->firewall_id == U32_MAX)
  99. return -EINVAL;
  100. firewall_controller = firewall->firewall_ctrl;
  101. if (!firewall_controller)
  102. return -ENODEV;
  103. return firewall_controller->grant_access(firewall_controller, firewall->firewall_id);
  104. }
  105. EXPORT_SYMBOL_GPL(stm32_firewall_grant_access);
  106. int stm32_firewall_grant_access_by_id(struct stm32_firewall *firewall, u32 subsystem_id)
  107. {
  108. struct stm32_firewall_controller *firewall_controller;
  109. if (!firewall || subsystem_id == U32_MAX || firewall->firewall_id == U32_MAX)
  110. return -EINVAL;
  111. firewall_controller = firewall->firewall_ctrl;
  112. if (!firewall_controller)
  113. return -ENODEV;
  114. return firewall_controller->grant_access(firewall_controller, subsystem_id);
  115. }
  116. EXPORT_SYMBOL_GPL(stm32_firewall_grant_access_by_id);
  117. void stm32_firewall_release_access(struct stm32_firewall *firewall)
  118. {
  119. struct stm32_firewall_controller *firewall_controller;
  120. if (!firewall || firewall->firewall_id == U32_MAX) {
  121. pr_debug("Incorrect arguments when releasing a firewall access\n");
  122. return;
  123. }
  124. firewall_controller = firewall->firewall_ctrl;
  125. if (!firewall_controller) {
  126. pr_debug("No firewall controller to release\n");
  127. return;
  128. }
  129. firewall_controller->release_access(firewall_controller, firewall->firewall_id);
  130. }
  131. EXPORT_SYMBOL_GPL(stm32_firewall_release_access);
  132. void stm32_firewall_release_access_by_id(struct stm32_firewall *firewall, u32 subsystem_id)
  133. {
  134. struct stm32_firewall_controller *firewall_controller;
  135. if (!firewall || subsystem_id == U32_MAX || firewall->firewall_id == U32_MAX) {
  136. pr_debug("Incorrect arguments when releasing a firewall access");
  137. return;
  138. }
  139. firewall_controller = firewall->firewall_ctrl;
  140. if (!firewall_controller) {
  141. pr_debug("No firewall controller to release");
  142. return;
  143. }
  144. firewall_controller->release_access(firewall_controller, subsystem_id);
  145. }
  146. EXPORT_SYMBOL_GPL(stm32_firewall_release_access_by_id);
  147. /* Firewall controller API */
  148. int stm32_firewall_controller_register(struct stm32_firewall_controller *firewall_controller)
  149. {
  150. struct stm32_firewall_controller *ctrl;
  151. if (!firewall_controller)
  152. return -ENODEV;
  153. pr_info("Registering %s firewall controller\n", firewall_controller->name);
  154. mutex_lock(&firewall_controller_list_lock);
  155. list_for_each_entry(ctrl, &firewall_controller_list, entry) {
  156. if (ctrl == firewall_controller) {
  157. pr_debug("%s firewall controller already registered\n",
  158. firewall_controller->name);
  159. mutex_unlock(&firewall_controller_list_lock);
  160. return 0;
  161. }
  162. }
  163. list_add_tail(&firewall_controller->entry, &firewall_controller_list);
  164. mutex_unlock(&firewall_controller_list_lock);
  165. return 0;
  166. }
  167. EXPORT_SYMBOL_GPL(stm32_firewall_controller_register);
  168. void stm32_firewall_controller_unregister(struct stm32_firewall_controller *firewall_controller)
  169. {
  170. struct stm32_firewall_controller *ctrl;
  171. bool controller_removed = false;
  172. if (!firewall_controller) {
  173. pr_debug("Null reference while unregistering firewall controller\n");
  174. return;
  175. }
  176. mutex_lock(&firewall_controller_list_lock);
  177. list_for_each_entry(ctrl, &firewall_controller_list, entry) {
  178. if (ctrl == firewall_controller) {
  179. controller_removed = true;
  180. list_del_init(&ctrl->entry);
  181. break;
  182. }
  183. }
  184. mutex_unlock(&firewall_controller_list_lock);
  185. if (!controller_removed)
  186. pr_debug("There was no firewall controller named %s to unregister\n",
  187. firewall_controller->name);
  188. }
  189. EXPORT_SYMBOL_GPL(stm32_firewall_controller_unregister);
  190. int stm32_firewall_populate_bus(struct stm32_firewall_controller *firewall_controller)
  191. {
  192. struct stm32_firewall *firewalls;
  193. struct device_node *child;
  194. struct device *parent;
  195. unsigned int i;
  196. int len;
  197. int err;
  198. parent = firewall_controller->dev;
  199. dev_dbg(parent, "Populating %s system bus\n", dev_name(firewall_controller->dev));
  200. for_each_available_child_of_node(dev_of_node(parent), child) {
  201. /* The access-controllers property is mandatory for firewall bus devices */
  202. len = of_count_phandle_with_args(child, "access-controllers",
  203. "#access-controller-cells");
  204. if (len <= 0) {
  205. of_node_put(child);
  206. return -EINVAL;
  207. }
  208. firewalls = kcalloc(len, sizeof(*firewalls), GFP_KERNEL);
  209. if (!firewalls) {
  210. of_node_put(child);
  211. return -ENOMEM;
  212. }
  213. err = stm32_firewall_get_firewall(child, firewalls, (unsigned int)len);
  214. if (err) {
  215. kfree(firewalls);
  216. of_node_put(child);
  217. return err;
  218. }
  219. for (i = 0; i < len; i++) {
  220. if (firewall_controller->grant_access(firewall_controller,
  221. firewalls[i].firewall_id)) {
  222. /*
  223. * Peripheral access not allowed or not defined.
  224. * Mark the node as populated so platform bus won't probe it
  225. */
  226. of_detach_node(child);
  227. dev_err(parent, "%s: Device driver will not be probed\n",
  228. child->full_name);
  229. }
  230. }
  231. kfree(firewalls);
  232. }
  233. return 0;
  234. }
  235. EXPORT_SYMBOL_GPL(stm32_firewall_populate_bus);