path: root/drivers/platform/x86/think-lmi.c

// SPDX-License-Identifier: GPL-2.0-or-later
/*
 * Think LMI BIOS configuration driver
 *
 * Copyright(C) 2019-2021 Lenovo
 *
 * Original code from Thinkpad-wmi project https://github.com/iksaif/thinkpad-wmi
 * Copyright(C) 2017 Corentin Chary <corentin.chary@gmail.com>
 * Distributed under the GPL-2.0 license
 */

#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt

#include <linux/acpi.h>
#include <linux/errno.h>
#include <linux/fs.h>
#include <linux/string.h>
#include <linux/types.h>
#include <linux/dmi.h>
#include <linux/wmi.h>
#include "firmware_attributes_class.h"
#include "think-lmi.h"

static bool debug_support;
module_param(debug_support, bool, 0444);
MODULE_PARM_DESC(debug_support, "Enable debug command support");

/*
 * Name: BiosSetting
 * Description: Get item name and settings for current LMI instance.
 * Type: Query
 * Returns: "Item,Value"
 * Example: "WakeOnLAN,Enable"
 */
#define LENOVO_BIOS_SETTING_GUID "51F5230E-9677-46CD-A1CF-C0B23EE34DB7"

/*
 * Name: SetBiosSetting
 * Description: Change the BIOS setting to the desired value using the SetBiosSetting
 *  class. To save the settings, use the SaveBiosSetting class.
 *  BIOS settings and values are case sensitive.
 *  After making changes to the BIOS settings, you must reboot the computer
 *  before the changes will take effect.
 * Type: Method
 * Arguments: "Item,Value,Password,Encoding,KbdLang;"
 * Example: "WakeOnLAN,Disable,pa55w0rd,ascii,us;"
 */
#define LENOVO_SET_BIOS_SETTINGS_GUID "98479A64-33F5-4E33-A707-8E251EBBC3A1"

/*
 * Name: SaveBiosSettings
 * Description: Save any pending changes in settings.
 * Type: Method
 * Arguments: "Password,Encoding,KbdLang;"
 * Example: "pa55w0rd,ascii,us;"
 */
#define LENOVO_SAVE_BIOS_SETTINGS_GUID "6A4B54EF-A5ED-4D33-9455-B0D9B48DF4B3"

/*
 * Name: BiosPasswordSettings
 * Description: Return BIOS Password settings
 * Type: Query
 * Returns: PasswordMode, PasswordState, MinLength, MaxLength,
 *  SupportedEncoding, SupportedKeyboard
 */
#define LENOVO_BIOS_PASSWORD_SETTINGS_GUID "8ADB159E-1E32-455C-BC93-308A7ED98246"

/*
 * Name: SetBiosPassword
 * Description: Change a specific password.
 *  - BIOS settings cannot be changed at the same boot as power-on
 *    passwords (POP) and hard disk passwords (HDP). If you want to change
 *    BIOS settings and POP or HDP, you must reboot the system after changing
 *    one of them.
 *  - A password cannot be set using this method when one does not already
 *    exist. Passwords can only be updated or cleared.
 * Type: Method
 * Arguments: "PasswordType,CurrentPassword,NewPassword,Encoding,KbdLang;"
 * Example: "pop,pa55w0rd,newpa55w0rd,ascii,us;”
 */
#define LENOVO_SET_BIOS_PASSWORD_GUID "2651D9FD-911C-4B69-B94E-D0DED5963BD7"

/*
 * Name: GetBiosSelections
 * Description: Return a list of valid settings for a given item.
 * Type: Method
 * Arguments: "Item"
 * Returns: "Value1,Value2,Value3,..."
 * Example:
 *  -> "FlashOverLAN"
 *  <- "Enabled,Disabled"
 */
#define LENOVO_GET_BIOS_SELECTIONS_GUID	"7364651A-132F-4FE7-ADAA-40C6C7EE2E3B"

/*
 * Name: DebugCmd
 * Description: Debug entry method for entering debug commands to the BIOS
 */
#define LENOVO_DEBUG_CMD_GUID "7FF47003-3B6C-4E5E-A227-E979824A85D1"

/*
 * Name: OpcodeIF
 * Description: Opcode interface which provides the ability to set multiple
 *  parameters and then trigger an action with a final command.
 *  This is particularly useful for simplifying setting passwords.
 *  With this support comes the ability to set System, HDD and NVMe
 *  passwords.
 *  This is currently available on ThinkCenter and ThinkStations platforms
 */
#define LENOVO_OPCODE_IF_GUID "DFDDEF2C-57D4-48ce-B196-0FB787D90836"

/*
 * Name: SetBiosCert
 * Description: Install BIOS certificate.
 * Type: Method
 * Arguments: "Certificate,Password"
 * You must reboot the computer before the changes will take effect.
 */
#define LENOVO_SET_BIOS_CERT_GUID    "26861C9F-47E9-44C4-BD8B-DFE7FA2610FE"

/*
 * Name: UpdateBiosCert
 * Description: Update BIOS certificate.
 * Type: Method
 * Format: "Certificate,Signature"
 * You must reboot the computer before the changes will take effect.
 */
#define LENOVO_UPDATE_BIOS_CERT_GUID "9AA3180A-9750-41F7-B9F7-D5D3B1BAC3CE"

/*
 * Name: ClearBiosCert
 * Description: Uninstall BIOS certificate.
 * Type: Method
 * Format: "Serial,Signature"
 * You must reboot the computer before the changes will take effect.
 */
#define LENOVO_CLEAR_BIOS_CERT_GUID  "B2BC39A7-78DD-4D71-B059-A510DEC44890"
/*
 * Name: CertToPassword
 * Description: Switch from certificate to password authentication.
 * Type: Method
 * Format: "Password,Signature"
 * You must reboot the computer before the changes will take effect.
 */
#define LENOVO_CERT_TO_PASSWORD_GUID "0DE8590D-5510-4044-9621-77C227F5A70D"

/*
 * Name: SetBiosSettingCert
 * Description: Set attribute using certificate authentication.
 * Type: Method
 * Format: "Item,Value,Signature"
 */
#define LENOVO_SET_BIOS_SETTING_CERT_GUID  "34A008CC-D205-4B62-9E67-31DFA8B90003"

/*
 * Name: SaveBiosSettingCert
 * Description: Save any pending changes in settings.
 * Type: Method
 * Format: "Signature"
 */
#define LENOVO_SAVE_BIOS_SETTING_CERT_GUID "C050FB9D-DF5F-4606-B066-9EFC401B2551"

/*
 * Name: CertThumbprint
 * Description: Display Certificate thumbprints
 * Type: Query
 * Returns: MD5, SHA1 & SHA256 thumbprints
 */
#define LENOVO_CERT_THUMBPRINT_GUID "C59119ED-1C0D-4806-A8E9-59AA318176C4"

#define TLMI_POP_PWD (1 << 0)
#define TLMI_PAP_PWD (1 << 1)
#define TLMI_HDD_PWD (1 << 2)
#define TLMI_SYS_PWD (1 << 3)
#define TLMI_CERT    (1 << 7)

#define to_tlmi_pwd_setting(kobj)  container_of(kobj, struct tlmi_pwd_setting, kobj)
#define to_tlmi_attr_setting(kobj)  container_of(kobj, struct tlmi_attr_setting, kobj)

static const struct tlmi_err_codes tlmi_errs[] = {
	{"Success", 0},
	{"Not Supported", -EOPNOTSUPP},
	{"Invalid Parameter", -EINVAL},
	{"Access Denied", -EACCES},
	{"System Busy", -EBUSY},
};

static const char * const encoding_options[] = {
	[TLMI_ENCODING_ASCII] = "ascii",
	[TLMI_ENCODING_SCANCODE] = "scancode",
};
static const char * const level_options[] = {
	[TLMI_LEVEL_USER] = "user",
	[TLMI_LEVEL_MASTER] = "master",
};
static struct think_lmi tlmi_priv;
static struct class *fw_attr_class;

/* ------ Utility functions ------------*/
/* Strip out CR if one is present */
static void strip_cr(char *str)
{
	char *p = strchrnul(str, '\n');
	*p = '\0';
}

/* Convert BIOS WMI error string to suitable error code */
static int tlmi_errstr_to_err(const char *errstr)
{
	int i;

	for (i = 0; i < sizeof(tlmi_errs)/sizeof(struct tlmi_err_codes); i++) {
		if (!strcmp(tlmi_errs[i].err_str, errstr))
			return tlmi_errs[i].err_code;
	}
	return -EPERM;
}

/* Extract error string from WMI return buffer */
static int tlmi_extract_error(const struct acpi_buffer *output)
{
	const union acpi_object *obj;

	obj = output->pointer;
	if (!obj)
		return -ENOMEM;
	if (obj->type