[PATCH] IB/ipath: don't allow resources to be created with illegal values
[linux-2.6] / drivers / acpi / parser / psargs.c
1 /******************************************************************************
2  *
3  * Module Name: psargs - Parse AML opcode arguments
4  *
5  *****************************************************************************/
6
7 /*
8  * Copyright (C) 2000 - 2006, R. Byron Moore
9  * All rights reserved.
10  *
11  * Redistribution and use in source and binary forms, with or without
12  * modification, are permitted provided that the following conditions
13  * are met:
14  * 1. Redistributions of source code must retain the above copyright
15  *    notice, this list of conditions, and the following disclaimer,
16  *    without modification.
17  * 2. Redistributions in binary form must reproduce at minimum a disclaimer
18  *    substantially similar to the "NO WARRANTY" disclaimer below
19  *    ("Disclaimer") and any redistribution must be conditioned upon
20  *    including a substantially similar Disclaimer requirement for further
21  *    binary redistribution.
22  * 3. Neither the names of the above-listed copyright holders nor the names
23  *    of any contributors may be used to endorse or promote products derived
24  *    from this software without specific prior written permission.
25  *
26  * Alternatively, this software may be distributed under the terms of the
27  * GNU General Public License ("GPL") version 2 as published by the Free
28  * Software Foundation.
29  *
30  * NO WARRANTY
31  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
32  * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
33  * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR
34  * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
35  * HOLDERS OR CONTRIBUTORS BE LIABLE FOR SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
36  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
37  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
38  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
39  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
40  * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
41  * POSSIBILITY OF SUCH DAMAGES.
42  */
43
44 #include <acpi/acpi.h>
45 #include <acpi/acparser.h>
46 #include <acpi/amlcode.h>
47 #include <acpi/acnamesp.h>
48 #include <acpi/acdispat.h>
49
50 #define _COMPONENT          ACPI_PARSER
51 ACPI_MODULE_NAME("psargs")
52
53 /* Local prototypes */
54 static u32
55 acpi_ps_get_next_package_length(struct acpi_parse_state *parser_state);
56
57 static union acpi_parse_object *acpi_ps_get_next_field(struct acpi_parse_state
58                                                        *parser_state);
59
60 /*******************************************************************************
61  *
62  * FUNCTION:    acpi_ps_get_next_package_length
63  *
64  * PARAMETERS:  parser_state        - Current parser state object
65  *
66  * RETURN:      Decoded package length. On completion, the AML pointer points
67  *              past the length byte or bytes.
68  *
69  * DESCRIPTION: Decode and return a package length field.
70  *              Note: Largest package length is 28 bits, from ACPI specification
71  *
72  ******************************************************************************/
73
74 static u32
75 acpi_ps_get_next_package_length(struct acpi_parse_state *parser_state)
76 {
77         u8 *aml = parser_state->aml;
78         u32 package_length = 0;
79         acpi_native_uint byte_count;
80         u8 byte_zero_mask = 0x3F;       /* Default [0:5] */
81
82         ACPI_FUNCTION_TRACE(ps_get_next_package_length);
83
84         /*
85          * Byte 0 bits [6:7] contain the number of additional bytes
86          * used to encode the package length, either 0,1,2, or 3
87          */
88         byte_count = (aml[0] >> 6);
89         parser_state->aml += (byte_count + 1);
90
91         /* Get bytes 3, 2, 1 as needed */
92
93         while (byte_count) {
94                 /*
95                  * Final bit positions for the package length bytes:
96                  *      Byte3->[20:27]
97                  *      Byte2->[12:19]
98                  *      Byte1->[04:11]
99                  *      Byte0->[00:03]
100                  */
101                 package_length |= (aml[byte_count] << ((byte_count << 3) - 4));
102
103                 byte_zero_mask = 0x0F;  /* Use bits [0:3] of byte 0 */
104                 byte_count--;
105         }
106
107         /* Byte 0 is a special case, either bits [0:3] or [0:5] are used */
108
109         package_length |= (aml[0] & byte_zero_mask);
110         return_UINT32(package_length);
111 }
112
113 /*******************************************************************************
114  *
115  * FUNCTION:    acpi_ps_get_next_package_end
116  *
117  * PARAMETERS:  parser_state        - Current parser state object
118  *
119  * RETURN:      Pointer to end-of-package +1
120  *
121  * DESCRIPTION: Get next package length and return a pointer past the end of
122  *              the package.  Consumes the package length field
123  *
124  ******************************************************************************/
125
126 u8 *acpi_ps_get_next_package_end(struct acpi_parse_state *parser_state)
127 {
128         u8 *start = parser_state->aml;
129         u32 package_length;
130
131         ACPI_FUNCTION_TRACE(ps_get_next_package_end);
132
133         /* Function below updates parser_state->Aml */
134
135         package_length = acpi_ps_get_next_package_length(parser_state);
136
137         return_PTR(start + package_length);     /* end of package */
138 }
139
140 /*******************************************************************************
141  *
142  * FUNCTION:    acpi_ps_get_next_namestring
143  *
144  * PARAMETERS:  parser_state        - Current parser state object
145  *
146  * RETURN:      Pointer to the start of the name string (pointer points into
147  *              the AML.
148  *
149  * DESCRIPTION: Get next raw namestring within the AML stream.  Handles all name
150  *              prefix characters.  Set parser state to point past the string.
151  *              (Name is consumed from the AML.)
152  *
153  ******************************************************************************/
154
155 char *acpi_ps_get_next_namestring(struct acpi_parse_state *parser_state)
156 {
157         u8 *start = parser_state->aml;
158         u8 *end = parser_state->aml;
159
160         ACPI_FUNCTION_TRACE(ps_get_next_namestring);
161
162         /* Point past any namestring prefix characters (backslash or carat) */
163
164         while (acpi_ps_is_prefix_char(*end)) {
165                 end++;
166         }
167
168         /* Decode the path prefix character */
169
170         switch (*end) {
171         case 0:
172
173                 /* null_name */
174
175                 if (end == start) {
176                         start = NULL;
177                 }
178                 end++;
179                 break;
180
181         case AML_DUAL_NAME_PREFIX:
182
183                 /* Two name segments */
184
185                 end += 1 + (2 * ACPI_NAME_SIZE);
186                 break;
187
188         case AML_MULTI_NAME_PREFIX_OP:
189
190                 /* Multiple name segments, 4 chars each, count in next byte */
191
192                 end += 2 + (*(end + 1) * ACPI_NAME_SIZE);
193                 break;
194
195         default:
196
197                 /* Single name segment */
198
199                 end += ACPI_NAME_SIZE;
200                 break;
201         }
202
203         parser_state->aml = end;
204         return_PTR((char *)start);
205 }
206
207 /*******************************************************************************
208  *
209  * FUNCTION:    acpi_ps_get_next_namepath
210  *
211  * PARAMETERS:  parser_state        - Current parser state object
212  *              Arg                 - Where the namepath will be stored
213  *              arg_count           - If the namepath points to a control method
214  *                                    the method's argument is returned here.
215  *              possible_method_call - Whether the namepath can possibly be the
216  *                                    start of a method call
217  *
218  * RETURN:      Status
219  *
220  * DESCRIPTION: Get next name (if method call, return # of required args).
221  *              Names are looked up in the internal namespace to determine
222  *              if the name represents a control method.  If a method
223  *              is found, the number of arguments to the method is returned.
224  *              This information is critical for parsing to continue correctly.
225  *
226  ******************************************************************************/
227
228 acpi_status
229 acpi_ps_get_next_namepath(struct acpi_walk_state *walk_state,
230                           struct acpi_parse_state *parser_state,
231                           union acpi_parse_object *arg, u8 possible_method_call)
232 {
233         char *path;
234         union acpi_parse_object *name_op;
235         acpi_status status;
236         union acpi_operand_object *method_desc;
237         struct acpi_namespace_node *node;
238         union acpi_generic_state scope_info;
239
240         ACPI_FUNCTION_TRACE(ps_get_next_namepath);
241
242         path = acpi_ps_get_next_namestring(parser_state);
243         acpi_ps_init_op(arg, AML_INT_NAMEPATH_OP);
244
245         /* Null path case is allowed, just exit */
246
247         if (!path) {
248                 arg->common.value.name = path;
249                 return_ACPI_STATUS(AE_OK);
250         }
251
252         /* Setup search scope info */
253
254         scope_info.scope.node = NULL;
255         node = parser_state->start_node;
256         if (node) {
257                 scope_info.scope.node = node;
258         }
259
260         /*
261          * Lookup the name in the internal namespace. We don't want to add
262          * anything new to the namespace here, however, so we use MODE_EXECUTE.
263          * Allow searching of the parent tree, but don't open a new scope -
264          * we just want to lookup the object (must be mode EXECUTE to perform
265          * the upsearch)
266          */
267         status =
268             acpi_ns_lookup(&scope_info, path, ACPI_TYPE_ANY, ACPI_IMODE_EXECUTE,
269                            ACPI_NS_SEARCH_PARENT | ACPI_NS_DONT_OPEN_SCOPE,
270                            NULL, &node);
271
272         /*
273          * If this name is a control method invocation, we must
274          * setup the method call
275          */
276         if (ACPI_SUCCESS(status) &&
277             possible_method_call && (node->type == ACPI_TYPE_METHOD)) {
278
279                 /* This name is actually a control method invocation */
280
281                 method_desc = acpi_ns_get_attached_object(node);
282                 ACPI_DEBUG_PRINT((ACPI_DB_PARSE,
283                                   "Control Method - %p Desc %p Path=%p\n", node,
284                                   method_desc, path));
285
286                 name_op = acpi_ps_alloc_op(AML_INT_NAMEPATH_OP);
287                 if (!name_op) {
288                         return_ACPI_STATUS(AE_NO_MEMORY);
289                 }
290
291                 /* Change Arg into a METHOD CALL and attach name to it */
292
293                 acpi_ps_init_op(arg, AML_INT_METHODCALL_OP);
294                 name_op->common.value.name = path;
295
296                 /* Point METHODCALL/NAME to the METHOD Node */
297
298                 name_op->common.node = node;
299                 acpi_ps_append_arg(arg, name_op);
300
301                 if (!method_desc) {
302                         ACPI_ERROR((AE_INFO,
303                                     "Control Method %p has no attached object",
304                                     node));
305                         return_ACPI_STATUS(AE_AML_INTERNAL);
306                 }
307
308                 ACPI_DEBUG_PRINT((ACPI_DB_PARSE,
309                                   "Control Method - %p Args %X\n",
310                                   node, method_desc->method.param_count));
311
312                 /* Get the number of arguments to expect */
313
314                 walk_state->arg_count = method_desc->method.param_count;
315                 return_ACPI_STATUS(AE_OK);
316         }
317
318         /*
319          * Special handling if the name was not found during the lookup -
320          * some not_found cases are allowed
321          */
322         if (status == AE_NOT_FOUND) {
323
324                 /* 1) not_found is ok during load pass 1/2 (allow forward references) */
325
326                 if ((walk_state->parse_flags & ACPI_PARSE_MODE_MASK) !=
327                     ACPI_PARSE_EXECUTE) {
328                         status = AE_OK;
329                 }
330
331                 /* 2) not_found during a cond_ref_of(x) is ok by definition */
332
333                 else if (walk_state->op->common.aml_opcode ==
334                          AML_COND_REF_OF_OP) {
335                         status = AE_OK;
336                 }
337
338                 /*
339                  * 3) not_found while building a Package is ok at this point, we
340                  * may flag as an error later if slack mode is not enabled.
341                  * (Some ASL code depends on allowing this behavior)
342                  */
343                 else if ((arg->common.parent) &&
344                          ((arg->common.parent->common.aml_opcode ==
345                            AML_PACKAGE_OP)
346                           || (arg->common.parent->common.aml_opcode ==
347                               AML_VAR_PACKAGE_OP))) {
348                         status = AE_OK;
349                 }
350         }
351
352         /* Final exception check (may have been changed from code above) */
353
354         if (ACPI_FAILURE(status)) {
355                 ACPI_ERROR_NAMESPACE(path, status);
356
357                 if ((walk_state->parse_flags & ACPI_PARSE_MODE_MASK) ==
358                     ACPI_PARSE_EXECUTE) {
359
360                         /* Report a control method execution error */
361
362                         status = acpi_ds_method_error(status, walk_state);
363                 }
364         }
365
366         /* Save the namepath */
367
368         arg->common.value.name = path;
369         return_ACPI_STATUS(status);
370 }
371
372 /*******************************************************************************
373  *
374  * FUNCTION:    acpi_ps_get_next_simple_arg
375  *
376  * PARAMETERS:  parser_state        - Current parser state object
377  *              arg_type            - The argument type (AML_*_ARG)
378  *              Arg                 - Where the argument is returned
379  *
380  * RETURN:      None
381  *
382  * DESCRIPTION: Get the next simple argument (constant, string, or namestring)
383  *
384  ******************************************************************************/
385
386 void
387 acpi_ps_get_next_simple_arg(struct acpi_parse_state *parser_state,
388                             u32 arg_type, union acpi_parse_object *arg)
389 {
390         u32 length;
391         u16 opcode;
392         u8 *aml = parser_state->aml;
393
394         ACPI_FUNCTION_TRACE_U32(ps_get_next_simple_arg, arg_type);
395
396         switch (arg_type) {
397         case ARGP_BYTEDATA:
398
399                 /* Get 1 byte from the AML stream */
400
401                 opcode = AML_BYTE_OP;
402                 arg->common.value.integer = (acpi_integer) * aml;
403                 length = 1;
404                 break;
405
406         case ARGP_WORDDATA:
407
408                 /* Get 2 bytes from the AML stream */
409
410                 opcode = AML_WORD_OP;
411                 ACPI_MOVE_16_TO_64(&arg->common.value.integer, aml);
412                 length = 2;
413                 break;
414
415         case ARGP_DWORDDATA:
416
417                 /* Get 4 bytes from the AML stream */
418
419                 opcode = AML_DWORD_OP;
420                 ACPI_MOVE_32_TO_64(&arg->common.value.integer, aml);
421                 length = 4;
422                 break;
423
424         case ARGP_QWORDDATA:
425
426                 /* Get 8 bytes from the AML stream */
427
428                 opcode = AML_QWORD_OP;
429                 ACPI_MOVE_64_TO_64(&arg->common.value.integer, aml);
430                 length = 8;
431                 break;
432
433         case ARGP_CHARLIST:
434
435                 /* Get a pointer to the string, point past the string */
436
437                 opcode = AML_STRING_OP;
438                 arg->common.value.string = ACPI_CAST_PTR(char, aml);
439
440                 /* Find the null terminator */
441
442                 length = 0;
443                 while (aml[length]) {
444                         length++;
445                 }
446                 length++;
447                 break;
448
449         case ARGP_NAME:
450         case ARGP_NAMESTRING:
451
452                 acpi_ps_init_op(arg, AML_INT_NAMEPATH_OP);
453                 arg->common.value.name =
454                     acpi_ps_get_next_namestring(parser_state);
455                 return_VOID;
456
457         default:
458
459                 ACPI_ERROR((AE_INFO, "Invalid ArgType %X", arg_type));
460                 return_VOID;
461         }
462
463         acpi_ps_init_op(arg, opcode);
464         parser_state->aml += length;
465         return_VOID;
466 }
467
468 /*******************************************************************************
469  *
470  * FUNCTION:    acpi_ps_get_next_field
471  *
472  * PARAMETERS:  parser_state        - Current parser state object
473  *
474  * RETURN:      A newly allocated FIELD op
475  *
476  * DESCRIPTION: Get next field (named_field, reserved_field, or access_field)
477  *
478  ******************************************************************************/
479
480 static union acpi_parse_object *acpi_ps_get_next_field(struct acpi_parse_state
481                                                        *parser_state)
482 {
483         u32 aml_offset = (u32)
484             ACPI_PTR_DIFF(parser_state->aml,
485                           parser_state->aml_start);
486         union acpi_parse_object *field;
487         u16 opcode;
488         u32 name;
489
490         ACPI_FUNCTION_TRACE(ps_get_next_field);
491
492         /* Determine field type */
493
494         switch (ACPI_GET8(parser_state->aml)) {
495         default:
496
497                 opcode = AML_INT_NAMEDFIELD_OP;
498                 break;
499
500         case 0x00:
501
502                 opcode = AML_INT_RESERVEDFIELD_OP;
503                 parser_state->aml++;
504                 break;
505
506         case 0x01:
507
508                 opcode = AML_INT_ACCESSFIELD_OP;
509                 parser_state->aml++;
510                 break;
511         }
512
513         /* Allocate a new field op */
514
515         field = acpi_ps_alloc_op(opcode);
516         if (!field) {
517                 return_PTR(NULL);
518         }
519
520         field->common.aml_offset = aml_offset;
521
522         /* Decode the field type */
523
524         switch (opcode) {
525         case AML_INT_NAMEDFIELD_OP:
526
527                 /* Get the 4-character name */
528
529                 ACPI_MOVE_32_TO_32(&name, parser_state->aml);
530                 acpi_ps_set_name(field, name);
531                 parser_state->aml += ACPI_NAME_SIZE;
532
533                 /* Get the length which is encoded as a package length */
534
535                 field->common.value.size =
536                     acpi_ps_get_next_package_length(parser_state);
537                 break;
538
539         case AML_INT_RESERVEDFIELD_OP:
540
541                 /* Get the length which is encoded as a package length */
542
543                 field->common.value.size =
544                     acpi_ps_get_next_package_length(parser_state);
545                 break;
546
547         case AML_INT_ACCESSFIELD_OP:
548
549                 /*
550                  * Get access_type and access_attrib and merge into the field Op
551                  * access_type is first operand, access_attribute is second
552                  */
553                 field->common.value.integer =
554                     (((u32) ACPI_GET8(parser_state->aml) << 8));
555                 parser_state->aml++;
556                 field->common.value.integer |= ACPI_GET8(parser_state->aml);
557                 parser_state->aml++;
558                 break;
559
560         default:
561
562                 /* Opcode was set in previous switch */
563                 break;
564         }
565
566         return_PTR(field);
567 }
568
569 /*******************************************************************************
570  *
571  * FUNCTION:    acpi_ps_get_next_arg
572  *
573  * PARAMETERS:  walk_state          - Current state
574  *              parser_state        - Current parser state object
575  *              arg_type            - The argument type (AML_*_ARG)
576  *              return_arg          - Where the next arg is returned
577  *
578  * RETURN:      Status, and an op object containing the next argument.
579  *
580  * DESCRIPTION: Get next argument (including complex list arguments that require
581  *              pushing the parser stack)
582  *
583  ******************************************************************************/
584
585 acpi_status
586 acpi_ps_get_next_arg(struct acpi_walk_state *walk_state,
587                      struct acpi_parse_state *parser_state,
588                      u32 arg_type, union acpi_parse_object **return_arg)
589 {
590         union acpi_parse_object *arg = NULL;
591         union acpi_parse_object *prev = NULL;
592         union acpi_parse_object *field;
593         u32 subop;
594         acpi_status status = AE_OK;
595
596         ACPI_FUNCTION_TRACE_PTR(ps_get_next_arg, parser_state);
597
598         switch (arg_type) {
599         case ARGP_BYTEDATA:
600         case ARGP_WORDDATA:
601         case ARGP_DWORDDATA:
602         case ARGP_CHARLIST:
603         case ARGP_NAME:
604         case ARGP_NAMESTRING:
605
606                 /* Constants, strings, and namestrings are all the same size */
607
608                 arg = acpi_ps_alloc_op(AML_BYTE_OP);
609                 if (!arg) {
610                         return_ACPI_STATUS(AE_NO_MEMORY);
611                 }
612                 acpi_ps_get_next_simple_arg(parser_state, arg_type, arg);
613                 break;
614
615         case ARGP_PKGLENGTH:
616
617                 /* Package length, nothing returned */
618
619                 parser_state->pkg_end =
620                     acpi_ps_get_next_package_end(parser_state);
621                 break;
622
623         case ARGP_FIELDLIST:
624
625                 if (parser_state->aml < parser_state->pkg_end) {
626
627                         /* Non-empty list */
628
629                         while (parser_state->aml < parser_state->pkg_end) {
630                                 field = acpi_ps_get_next_field(parser_state);
631                                 if (!field) {
632                                         return_ACPI_STATUS(AE_NO_MEMORY);
633                                 }
634
635                                 if (prev) {
636                                         prev->common.next = field;
637                                 } else {
638                                         arg = field;
639                                 }
640                                 prev = field;
641                         }
642
643                         /* Skip to End of byte data */
644
645                         parser_state->aml = parser_state->pkg_end;
646                 }
647                 break;
648
649         case ARGP_BYTELIST:
650
651                 if (parser_state->aml < parser_state->pkg_end) {
652
653                         /* Non-empty list */
654
655                         arg = acpi_ps_alloc_op(AML_INT_BYTELIST_OP);
656                         if (!arg) {
657                                 return_ACPI_STATUS(AE_NO_MEMORY);
658                         }
659
660                         /* Fill in bytelist data */
661
662                         arg->common.value.size = (u32)
663                             ACPI_PTR_DIFF(parser_state->pkg_end,
664                                           parser_state->aml);
665                         arg->named.data = parser_state->aml;
666
667                         /* Skip to End of byte data */
668
669                         parser_state->aml = parser_state->pkg_end;
670                 }
671                 break;
672
673         case ARGP_TARGET:
674         case ARGP_SUPERNAME:
675         case ARGP_SIMPLENAME:
676
677                 subop = acpi_ps_peek_opcode(parser_state);
678                 if (subop == 0 ||
679                     acpi_ps_is_leading_char(subop) ||
680                     acpi_ps_is_prefix_char(subop)) {
681
682                         /* null_name or name_string */
683
684                         arg = acpi_ps_alloc_op(AML_INT_NAMEPATH_OP);
685                         if (!arg) {
686                                 return_ACPI_STATUS(AE_NO_MEMORY);
687                         }
688
689                         status =
690                             acpi_ps_get_next_namepath(walk_state, parser_state,
691                                                       arg, 0);
692                 } else {
693                         /* Single complex argument, nothing returned */
694
695                         walk_state->arg_count = 1;
696                 }
697                 break;
698
699         case ARGP_DATAOBJ:
700         case ARGP_TERMARG:
701
702                 /* Single complex argument, nothing returned */
703
704                 walk_state->arg_count = 1;
705                 break;
706
707         case ARGP_DATAOBJLIST:
708         case ARGP_TERMLIST:
709         case ARGP_OBJLIST:
710
711                 if (parser_state->aml < parser_state->pkg_end) {
712
713                         /* Non-empty list of variable arguments, nothing returned */
714
715                         walk_state->arg_count = ACPI_VAR_ARGS;
716                 }
717                 break;
718
719         default:
720
721                 ACPI_ERROR((AE_INFO, "Invalid ArgType: %X", arg_type));
722                 status = AE_AML_OPERAND_TYPE;
723                 break;
724         }
725
726         *return_arg = arg;
727         return_ACPI_STATUS(status);
728 }