event.c (16856B)
1// SPDX-License-Identifier: GPL-2.0 2/* 3 * ACPI event handling for Wilco Embedded Controller 4 * 5 * Copyright 2019 Google LLC 6 * 7 * The Wilco Embedded Controller can create custom events that 8 * are not handled as standard ACPI objects. These events can 9 * contain information about changes in EC controlled features, 10 * such as errors and events in the dock or display. For example, 11 * an event is triggered if the dock is plugged into a display 12 * incorrectly. These events are needed for telemetry and 13 * diagnostics reasons, and for possibly alerting the user. 14 15 * These events are triggered by the EC with an ACPI Notify(0x90), 16 * and then the BIOS reads the event buffer from EC RAM via an 17 * ACPI method. When the OS receives these events via ACPI, 18 * it passes them along to this driver. The events are put into 19 * a queue which can be read by a userspace daemon via a char device 20 * that implements read() and poll(). The event queue acts as a 21 * circular buffer of size 64, so if there are no userspace consumers 22 * the kernel will not run out of memory. The char device will appear at 23 * /dev/wilco_event{n}, where n is some small non-negative integer, 24 * starting from 0. Standard ACPI events such as the battery getting 25 * plugged/unplugged can also come through this path, but they are 26 * dealt with via other paths, and are ignored here. 27 28 * To test, you can tail the binary data with 29 * $ cat /dev/wilco_event0 | hexdump -ve '1/1 "%x\n"' 30 * and then create an event by plugging/unplugging the battery. 31 */ 32 33#include <linux/acpi.h> 34#include <linux/cdev.h> 35#include <linux/device.h> 36#include <linux/fs.h> 37#include <linux/idr.h> 38#include <linux/io.h> 39#include <linux/list.h> 40#include <linux/module.h> 41#include <linux/poll.h> 42#include <linux/spinlock.h> 43#include <linux/uaccess.h> 44#include <linux/wait.h> 45 46/* ACPI Notify event code indicating event data is available. */ 47#define EC_ACPI_NOTIFY_EVENT 0x90 48/* ACPI Method to execute to retrieve event data buffer from the EC. */ 49#define EC_ACPI_GET_EVENT "QSET" 50/* Maximum number of words in event data returned by the EC. */ 51#define EC_ACPI_MAX_EVENT_WORDS 6 52#define EC_ACPI_MAX_EVENT_SIZE \ 53 (sizeof(struct ec_event) + (EC_ACPI_MAX_EVENT_WORDS) * sizeof(u16)) 54 55/* Node will appear in /dev/EVENT_DEV_NAME */ 56#define EVENT_DEV_NAME "wilco_event" 57#define EVENT_CLASS_NAME EVENT_DEV_NAME 58#define DRV_NAME EVENT_DEV_NAME 59#define EVENT_DEV_NAME_FMT (EVENT_DEV_NAME "%d") 60static struct class event_class = { 61 .owner = THIS_MODULE, 62 .name = EVENT_CLASS_NAME, 63}; 64 65/* Keep track of all the device numbers used. */ 66#define EVENT_MAX_DEV 128 67static int event_major; 68static DEFINE_IDA(event_ida); 69 70/* Size of circular queue of events. */ 71#define MAX_NUM_EVENTS 64 72 73/** 74 * struct ec_event - Extended event returned by the EC. 75 * @size: Number of 16bit words in structure after the size word. 76 * @type: Extended event type, meaningless for us. 77 * @event: Event data words. Max count is %EC_ACPI_MAX_EVENT_WORDS. 78 */ 79struct ec_event { 80 u16 size; 81 u16 type; 82 u16 event[]; 83} __packed; 84 85#define ec_event_num_words(ev) (ev->size - 1) 86#define ec_event_size(ev) (sizeof(*ev) + (ec_event_num_words(ev) * sizeof(u16))) 87 88/** 89 * struct ec_event_queue - Circular queue for events. 90 * @capacity: Number of elements the queue can hold. 91 * @head: Next index to write to. 92 * @tail: Next index to read from. 93 * @entries: Array of events. 94 */ 95struct ec_event_queue { 96 int capacity; 97 int head; 98 int tail; 99 struct ec_event *entries[]; 100}; 101 102/* Maximum number of events to store in ec_event_queue */ 103static int queue_size = 64; 104module_param(queue_size, int, 0644); 105 106static struct ec_event_queue *event_queue_new(int capacity) 107{ 108 struct ec_event_queue *q; 109 110 q = kzalloc(struct_size(q, entries, capacity), GFP_KERNEL); 111 if (!q) 112 return NULL; 113 114 q->capacity = capacity; 115 116 return q; 117} 118 119static inline bool event_queue_empty(struct ec_event_queue *q) 120{ 121 /* head==tail when both full and empty, but head==NULL when empty */ 122 return q->head == q->tail && !q->entries[q->head]; 123} 124 125static inline bool event_queue_full(struct ec_event_queue *q) 126{ 127 /* head==tail when both full and empty, but head!=NULL when full */ 128 return q->head == q->tail && q->entries[q->head]; 129} 130 131static struct ec_event *event_queue_pop(struct ec_event_queue *q) 132{ 133 struct ec_event *ev; 134 135 if (event_queue_empty(q)) 136 return NULL; 137 138 ev = q->entries[q->tail]; 139 q->entries[q->tail] = NULL; 140 q->tail = (q->tail + 1) % q->capacity; 141 142 return ev; 143} 144 145/* 146 * If full, overwrite the oldest event and return it so the caller 147 * can kfree it. If not full, return NULL. 148 */ 149static struct ec_event *event_queue_push(struct ec_event_queue *q, 150 struct ec_event *ev) 151{ 152 struct ec_event *popped = NULL; 153 154 if (event_queue_full(q)) 155 popped = event_queue_pop(q); 156 q->entries[q->head] = ev; 157 q->head = (q->head + 1) % q->capacity; 158 159 return popped; 160} 161 162static void event_queue_free(struct ec_event_queue *q) 163{ 164 struct ec_event *event; 165 166 while ((event = event_queue_pop(q)) != NULL) 167 kfree(event); 168 169 kfree(q); 170} 171 172/** 173 * struct event_device_data - Data for a Wilco EC device that responds to ACPI. 174 * @events: Circular queue of EC events to be provided to userspace. 175 * @queue_lock: Protect the queue from simultaneous read/writes. 176 * @wq: Wait queue to notify processes when events are available or the 177 * device has been removed. 178 * @cdev: Char dev that userspace reads() and polls() from. 179 * @dev: Device associated with the %cdev. 180 * @exist: Has the device been not been removed? Once a device has been removed, 181 * writes, reads, and new opens will fail. 182 * @available: Guarantee only one client can open() file and read from queue. 183 * 184 * There will be one of these structs for each ACPI device registered. This data 185 * is the queue of events received from ACPI that still need to be read from 186 * userspace, the device and char device that userspace is using, a wait queue 187 * used to notify different threads when something has changed, plus a flag 188 * on whether the ACPI device has been removed. 189 */ 190struct event_device_data { 191 struct ec_event_queue *events; 192 spinlock_t queue_lock; 193 wait_queue_head_t wq; 194 struct device dev; 195 struct cdev cdev; 196 bool exist; 197 atomic_t available; 198}; 199 200/** 201 * enqueue_events() - Place EC events in queue to be read by userspace. 202 * @adev: Device the events came from. 203 * @buf: Buffer of event data. 204 * @length: Length of event data buffer. 205 * 206 * %buf contains a number of ec_event's, packed one after the other. 207 * Each ec_event is of variable length. Start with the first event, copy it 208 * into a persistent ec_event, store that entry in the queue, move on 209 * to the next ec_event in buf, and repeat. 210 * 211 * Return: 0 on success or negative error code on failure. 212 */ 213static int enqueue_events(struct acpi_device *adev, const u8 *buf, u32 length) 214{ 215 struct event_device_data *dev_data = adev->driver_data; 216 struct ec_event *event, *queue_event, *old_event; 217 size_t num_words, event_size; 218 u32 offset = 0; 219 220 while (offset < length) { 221 event = (struct ec_event *)(buf + offset); 222 223 num_words = ec_event_num_words(event); 224 event_size = ec_event_size(event); 225 if (num_words > EC_ACPI_MAX_EVENT_WORDS) { 226 dev_err(&adev->dev, "Too many event words: %zu > %d\n", 227 num_words, EC_ACPI_MAX_EVENT_WORDS); 228 return -EOVERFLOW; 229 } 230 231 /* Ensure event does not overflow the available buffer */ 232 if ((offset + event_size) > length) { 233 dev_err(&adev->dev, "Event exceeds buffer: %zu > %d\n", 234 offset + event_size, length); 235 return -EOVERFLOW; 236 } 237 238 /* Point to the next event in the buffer */ 239 offset += event_size; 240 241 /* Copy event into the queue */ 242 queue_event = kmemdup(event, event_size, GFP_KERNEL); 243 if (!queue_event) 244 return -ENOMEM; 245 spin_lock(&dev_data->queue_lock); 246 old_event = event_queue_push(dev_data->events, queue_event); 247 spin_unlock(&dev_data->queue_lock); 248 kfree(old_event); 249 wake_up_interruptible(&dev_data->wq); 250 } 251 252 return 0; 253} 254 255/** 256 * event_device_notify() - Callback when EC generates an event over ACPI. 257 * @adev: The device that the event is coming from. 258 * @value: Value passed to Notify() in ACPI. 259 * 260 * This function will read the events from the device and enqueue them. 261 */ 262static void event_device_notify(struct acpi_device *adev, u32 value) 263{ 264 struct acpi_buffer event_buffer = { ACPI_ALLOCATE_BUFFER, NULL }; 265 union acpi_object *obj; 266 acpi_status status; 267 268 if (value != EC_ACPI_NOTIFY_EVENT) { 269 dev_err(&adev->dev, "Invalid event: 0x%08x\n", value); 270 return; 271 } 272 273 /* Execute ACPI method to get event data buffer. */ 274 status = acpi_evaluate_object(adev->handle, EC_ACPI_GET_EVENT, 275 NULL, &event_buffer); 276 if (ACPI_FAILURE(status)) { 277 dev_err(&adev->dev, "Error executing ACPI method %s()\n", 278 EC_ACPI_GET_EVENT); 279 return; 280 } 281 282 obj = (union acpi_object *)event_buffer.pointer; 283 if (!obj) { 284 dev_err(&adev->dev, "Nothing returned from %s()\n", 285 EC_ACPI_GET_EVENT); 286 return; 287 } 288 if (obj->type != ACPI_TYPE_BUFFER) { 289 dev_err(&adev->dev, "Invalid object returned from %s()\n", 290 EC_ACPI_GET_EVENT); 291 kfree(obj); 292 return; 293 } 294 if (obj->buffer.length < sizeof(struct ec_event)) { 295 dev_err(&adev->dev, "Invalid buffer length %d from %s()\n", 296 obj->buffer.length, EC_ACPI_GET_EVENT); 297 kfree(obj); 298 return; 299 } 300 301 enqueue_events(adev, obj->buffer.pointer, obj->buffer.length); 302 kfree(obj); 303} 304 305static int event_open(struct inode *inode, struct file *filp) 306{ 307 struct event_device_data *dev_data; 308 309 dev_data = container_of(inode->i_cdev, struct event_device_data, cdev); 310 if (!dev_data->exist) 311 return -ENODEV; 312 313 if (atomic_cmpxchg(&dev_data->available, 1, 0) == 0) 314 return -EBUSY; 315 316 /* Increase refcount on device so dev_data is not freed */ 317 get_device(&dev_data->dev); 318 stream_open(inode, filp); 319 filp->private_data = dev_data; 320 321 return 0; 322} 323 324static __poll_t event_poll(struct file *filp, poll_table *wait) 325{ 326 struct event_device_data *dev_data = filp->private_data; 327 __poll_t mask = 0; 328 329 poll_wait(filp, &dev_data->wq, wait); 330 if (!dev_data->exist) 331 return EPOLLHUP; 332 if (!event_queue_empty(dev_data->events)) 333 mask |= EPOLLIN | EPOLLRDNORM | EPOLLPRI; 334 return mask; 335} 336 337/** 338 * event_read() - Callback for passing event data to userspace via read(). 339 * @filp: The file we are reading from. 340 * @buf: Pointer to userspace buffer to fill with one event. 341 * @count: Number of bytes requested. Must be at least EC_ACPI_MAX_EVENT_SIZE. 342 * @pos: File position pointer, irrelevant since we don't support seeking. 343 * 344 * Removes the first event from the queue, places it in the passed buffer. 345 * 346 * If there are no events in the the queue, then one of two things happens, 347 * depending on if the file was opened in nonblocking mode: If in nonblocking 348 * mode, then return -EAGAIN to say there's no data. If in blocking mode, then 349 * block until an event is available. 350 * 351 * Return: Number of bytes placed in buffer, negative error code on failure. 352 */ 353static ssize_t event_read(struct file *filp, char __user *buf, size_t count, 354 loff_t *pos) 355{ 356 struct event_device_data *dev_data = filp->private_data; 357 struct ec_event *event; 358 ssize_t n_bytes_written = 0; 359 int err; 360 361 /* We only will give them the entire event at once */ 362 if (count != 0 && count < EC_ACPI_MAX_EVENT_SIZE) 363 return -EINVAL; 364 365 spin_lock(&dev_data->queue_lock); 366 while (event_queue_empty(dev_data->events)) { 367 spin_unlock(&dev_data->queue_lock); 368 if (filp->f_flags & O_NONBLOCK) 369 return -EAGAIN; 370 371 err = wait_event_interruptible(dev_data->wq, 372 !event_queue_empty(dev_data->events) || 373 !dev_data->exist); 374 if (err) 375 return err; 376 377 /* Device was removed as we waited? */ 378 if (!dev_data->exist) 379 return -ENODEV; 380 spin_lock(&dev_data->queue_lock); 381 } 382 event = event_queue_pop(dev_data->events); 383 spin_unlock(&dev_data->queue_lock); 384 n_bytes_written = ec_event_size(event); 385 if (copy_to_user(buf, event, n_bytes_written)) 386 n_bytes_written = -EFAULT; 387 kfree(event); 388 389 return n_bytes_written; 390} 391 392static int event_release(struct inode *inode, struct file *filp) 393{ 394 struct event_device_data *dev_data = filp->private_data; 395 396 atomic_set(&dev_data->available, 1); 397 put_device(&dev_data->dev); 398 399 return 0; 400} 401 402static const struct file_operations event_fops = { 403 .open = event_open, 404 .poll = event_poll, 405 .read = event_read, 406 .release = event_release, 407 .llseek = no_llseek, 408 .owner = THIS_MODULE, 409}; 410 411/** 412 * free_device_data() - Callback to free the event_device_data structure. 413 * @d: The device embedded in our device data, which we have been ref counting. 414 * 415 * This is called only after event_device_remove() has been called and all 416 * userspace programs have called event_release() on all the open file 417 * descriptors. 418 */ 419static void free_device_data(struct device *d) 420{ 421 struct event_device_data *dev_data; 422 423 dev_data = container_of(d, struct event_device_data, dev); 424 event_queue_free(dev_data->events); 425 kfree(dev_data); 426} 427 428static void hangup_device(struct event_device_data *dev_data) 429{ 430 dev_data->exist = false; 431 /* Wake up the waiting processes so they can close. */ 432 wake_up_interruptible(&dev_data->wq); 433 put_device(&dev_data->dev); 434} 435 436/** 437 * event_device_add() - Callback when creating a new device. 438 * @adev: ACPI device that we will be receiving events from. 439 * 440 * This finds a free minor number for the device, allocates and initializes 441 * some device data, and creates a new device and char dev node. 442 * 443 * The device data is freed in free_device_data(), which is called when 444 * %dev_data->dev is release()ed. This happens after all references to 445 * %dev_data->dev are dropped, which happens once both event_device_remove() 446 * has been called and every open()ed file descriptor has been release()ed. 447 * 448 * Return: 0 on success, negative error code on failure. 449 */ 450static int event_device_add(struct acpi_device *adev) 451{ 452 struct event_device_data *dev_data; 453 int error, minor; 454 455 minor = ida_alloc_max(&event_ida, EVENT_MAX_DEV-1, GFP_KERNEL); 456 if (minor < 0) { 457 error = minor; 458 dev_err(&adev->dev, "Failed to find minor number: %d\n", error); 459 return error; 460 } 461 462 dev_data = kzalloc(sizeof(*dev_data), GFP_KERNEL); 463 if (!dev_data) { 464 error = -ENOMEM; 465 goto free_minor; 466 } 467 468 /* Initialize the device data. */ 469 adev->driver_data = dev_data; 470 dev_data->events = event_queue_new(queue_size); 471 if (!dev_data->events) { 472 kfree(dev_data); 473 error = -ENOMEM; 474 goto free_minor; 475 } 476 spin_lock_init(&dev_data->queue_lock); 477 init_waitqueue_head(&dev_data->wq); 478 dev_data->exist = true; 479 atomic_set(&dev_data->available, 1); 480 481 /* Initialize the device. */ 482 dev_data->dev.devt = MKDEV(event_major, minor); 483 dev_data->dev.class = &event_class; 484 dev_data->dev.release = free_device_data; 485 dev_set_name(&dev_data->dev, EVENT_DEV_NAME_FMT, minor); 486 device_initialize(&dev_data->dev); 487 488 /* Initialize the character device, and add it to userspace. */ 489 cdev_init(&dev_data->cdev, &event_fops); 490 error = cdev_device_add(&dev_data->cdev, &dev_data->dev); 491 if (error) 492 goto free_dev_data; 493 494 return 0; 495 496free_dev_data: 497 hangup_device(dev_data); 498free_minor: 499 ida_simple_remove(&event_ida, minor); 500 return error; 501} 502 503static int event_device_remove(struct acpi_device *adev) 504{ 505 struct event_device_data *dev_data = adev->driver_data; 506 507 cdev_device_del(&dev_data->cdev, &dev_data->dev); 508 ida_simple_remove(&event_ida, MINOR(dev_data->dev.devt)); 509 hangup_device(dev_data); 510 511 return 0; 512} 513 514static const struct acpi_device_id event_acpi_ids[] = { 515 { "GOOG000D", 0 }, 516 { } 517}; 518MODULE_DEVICE_TABLE(acpi, event_acpi_ids); 519 520static struct acpi_driver event_driver = { 521 .name = DRV_NAME, 522 .class = DRV_NAME, 523 .ids = event_acpi_ids, 524 .ops = { 525 .add = event_device_add, 526 .notify = event_device_notify, 527 .remove = event_device_remove, 528 }, 529 .owner = THIS_MODULE, 530}; 531 532static int __init event_module_init(void) 533{ 534 dev_t dev_num = 0; 535 int ret; 536 537 ret = class_register(&event_class); 538 if (ret) { 539 pr_err(DRV_NAME ": Failed registering class: %d\n", ret); 540 return ret; 541 } 542 543 /* Request device numbers, starting with minor=0. Save the major num. */ 544 ret = alloc_chrdev_region(&dev_num, 0, EVENT_MAX_DEV, EVENT_DEV_NAME); 545 if (ret) { 546 pr_err(DRV_NAME ": Failed allocating dev numbers: %d\n", ret); 547 goto destroy_class; 548 } 549 event_major = MAJOR(dev_num); 550 551 ret = acpi_bus_register_driver(&event_driver); 552 if (ret < 0) { 553 pr_err(DRV_NAME ": Failed registering driver: %d\n", ret); 554 goto unregister_region; 555 } 556 557 return 0; 558 559unregister_region: 560 unregister_chrdev_region(MKDEV(event_major, 0), EVENT_MAX_DEV); 561destroy_class: 562 class_unregister(&event_class); 563 ida_destroy(&event_ida); 564 return ret; 565} 566 567static void __exit event_module_exit(void) 568{ 569 acpi_bus_unregister_driver(&event_driver); 570 unregister_chrdev_region(MKDEV(event_major, 0), EVENT_MAX_DEV); 571 class_unregister(&event_class); 572 ida_destroy(&event_ida); 573} 574 575module_init(event_module_init); 576module_exit(event_module_exit); 577 578MODULE_AUTHOR("Nick Crews <ncrews@chromium.org>"); 579MODULE_DESCRIPTION("Wilco EC ACPI event driver"); 580MODULE_LICENSE("GPL"); 581MODULE_ALIAS("platform:" DRV_NAME);