1*4882a593Smuzhiyun.. SPDX-License-Identifier: GPL-2.0 2*4882a593Smuzhiyun 3*4882a593SmuzhiyunIntroduction 4*4882a593Smuzhiyun============ 5*4882a593Smuzhiyun 6*4882a593SmuzhiyunThe Intel Management Engine (Intel ME) is an isolated and protected computing 7*4882a593Smuzhiyunresource (Co-processor) residing inside certain Intel chipsets. The Intel ME 8*4882a593Smuzhiyunprovides support for computer/IT management and security features. 9*4882a593SmuzhiyunThe actual feature set depends on the Intel chipset SKU. 10*4882a593Smuzhiyun 11*4882a593SmuzhiyunThe Intel Management Engine Interface (Intel MEI, previously known as HECI) 12*4882a593Smuzhiyunis the interface between the Host and Intel ME. This interface is exposed 13*4882a593Smuzhiyunto the host as a PCI device, actually multiple PCI devices might be exposed. 14*4882a593SmuzhiyunThe Intel MEI Driver is in charge of the communication channel between 15*4882a593Smuzhiyuna host application and the Intel ME features. 16*4882a593Smuzhiyun 17*4882a593SmuzhiyunEach Intel ME feature, or Intel ME Client is addressed by a unique GUID and 18*4882a593Smuzhiyuneach client has its own protocol. The protocol is message-based with a 19*4882a593Smuzhiyunheader and payload up to maximal number of bytes advertised by the client, 20*4882a593Smuzhiyunupon connection. 21*4882a593Smuzhiyun 22*4882a593SmuzhiyunIntel MEI Driver 23*4882a593Smuzhiyun================ 24*4882a593Smuzhiyun 25*4882a593SmuzhiyunThe driver exposes a character device with device nodes /dev/meiX. 26*4882a593Smuzhiyun 27*4882a593SmuzhiyunAn application maintains communication with an Intel ME feature while 28*4882a593Smuzhiyun/dev/meiX is open. The binding to a specific feature is performed by calling 29*4882a593Smuzhiyun:c:macro:`MEI_CONNECT_CLIENT_IOCTL`, which passes the desired GUID. 30*4882a593SmuzhiyunThe number of instances of an Intel ME feature that can be opened 31*4882a593Smuzhiyunat the same time depends on the Intel ME feature, but most of the 32*4882a593Smuzhiyunfeatures allow only a single instance. 33*4882a593Smuzhiyun 34*4882a593SmuzhiyunThe driver is transparent to data that are passed between firmware feature 35*4882a593Smuzhiyunand host application. 36*4882a593Smuzhiyun 37*4882a593SmuzhiyunBecause some of the Intel ME features can change the system 38*4882a593Smuzhiyunconfiguration, the driver by default allows only a privileged 39*4882a593Smuzhiyunuser to access it. 40*4882a593Smuzhiyun 41*4882a593SmuzhiyunThe session is terminated calling :c:expr:`close(fd)`. 42*4882a593Smuzhiyun 43*4882a593SmuzhiyunA code snippet for an application communicating with Intel AMTHI client: 44*4882a593Smuzhiyun 45*4882a593SmuzhiyunIn order to support virtualization or sandboxing a trusted supervisor 46*4882a593Smuzhiyuncan use :c:macro:`MEI_CONNECT_CLIENT_IOCTL_VTAG` to create 47*4882a593Smuzhiyunvirtual channels with an Intel ME feature. Not all features support 48*4882a593Smuzhiyunvirtual channels such client with answer EOPNOTSUPP. 49*4882a593Smuzhiyun 50*4882a593Smuzhiyun.. code-block:: C 51*4882a593Smuzhiyun 52*4882a593Smuzhiyun struct mei_connect_client_data data; 53*4882a593Smuzhiyun fd = open(MEI_DEVICE); 54*4882a593Smuzhiyun 55*4882a593Smuzhiyun data.d.in_client_uuid = AMTHI_GUID; 56*4882a593Smuzhiyun 57*4882a593Smuzhiyun ioctl(fd, IOCTL_MEI_CONNECT_CLIENT, &data); 58*4882a593Smuzhiyun 59*4882a593Smuzhiyun printf("Ver=%d, MaxLen=%ld\n", 60*4882a593Smuzhiyun data.d.in_client_uuid.protocol_version, 61*4882a593Smuzhiyun data.d.in_client_uuid.max_msg_length); 62*4882a593Smuzhiyun 63*4882a593Smuzhiyun [...] 64*4882a593Smuzhiyun 65*4882a593Smuzhiyun write(fd, amthi_req_data, amthi_req_data_len); 66*4882a593Smuzhiyun 67*4882a593Smuzhiyun [...] 68*4882a593Smuzhiyun 69*4882a593Smuzhiyun read(fd, &amthi_res_data, amthi_res_data_len); 70*4882a593Smuzhiyun 71*4882a593Smuzhiyun [...] 72*4882a593Smuzhiyun close(fd); 73*4882a593Smuzhiyun 74*4882a593Smuzhiyun 75*4882a593SmuzhiyunUser space API 76*4882a593Smuzhiyun 77*4882a593SmuzhiyunIOCTLs: 78*4882a593Smuzhiyun======= 79*4882a593Smuzhiyun 80*4882a593SmuzhiyunThe Intel MEI Driver supports the following IOCTL commands: 81*4882a593Smuzhiyun 82*4882a593SmuzhiyunIOCTL_MEI_CONNECT_CLIENT 83*4882a593Smuzhiyun------------------------- 84*4882a593SmuzhiyunConnect to firmware Feature/Client. 85*4882a593Smuzhiyun 86*4882a593Smuzhiyun.. code-block:: none 87*4882a593Smuzhiyun 88*4882a593Smuzhiyun Usage: 89*4882a593Smuzhiyun 90*4882a593Smuzhiyun struct mei_connect_client_data client_data; 91*4882a593Smuzhiyun 92*4882a593Smuzhiyun ioctl(fd, IOCTL_MEI_CONNECT_CLIENT, &client_data); 93*4882a593Smuzhiyun 94*4882a593Smuzhiyun Inputs: 95*4882a593Smuzhiyun 96*4882a593Smuzhiyun struct mei_connect_client_data - contain the following 97*4882a593Smuzhiyun Input field: 98*4882a593Smuzhiyun 99*4882a593Smuzhiyun in_client_uuid - GUID of the FW Feature that needs 100*4882a593Smuzhiyun to connect to. 101*4882a593Smuzhiyun Outputs: 102*4882a593Smuzhiyun out_client_properties - Client Properties: MTU and Protocol Version. 103*4882a593Smuzhiyun 104*4882a593Smuzhiyun Error returns: 105*4882a593Smuzhiyun 106*4882a593Smuzhiyun ENOTTY No such client (i.e. wrong GUID) or connection is not allowed. 107*4882a593Smuzhiyun EINVAL Wrong IOCTL Number 108*4882a593Smuzhiyun ENODEV Device or Connection is not initialized or ready. 109*4882a593Smuzhiyun ENOMEM Unable to allocate memory to client internal data. 110*4882a593Smuzhiyun EFAULT Fatal Error (e.g. Unable to access user input data) 111*4882a593Smuzhiyun EBUSY Connection Already Open 112*4882a593Smuzhiyun 113*4882a593Smuzhiyun:Note: 114*4882a593Smuzhiyun max_msg_length (MTU) in client properties describes the maximum 115*4882a593Smuzhiyun data that can be sent or received. (e.g. if MTU=2K, can send 116*4882a593Smuzhiyun requests up to bytes 2k and received responses up to 2k bytes). 117*4882a593Smuzhiyun 118*4882a593SmuzhiyunIOCTL_MEI_CONNECT_CLIENT_VTAG: 119*4882a593Smuzhiyun------------------------------ 120*4882a593Smuzhiyun 121*4882a593Smuzhiyun.. code-block:: none 122*4882a593Smuzhiyun 123*4882a593Smuzhiyun Usage: 124*4882a593Smuzhiyun 125*4882a593Smuzhiyun struct mei_connect_client_data_vtag client_data_vtag; 126*4882a593Smuzhiyun 127*4882a593Smuzhiyun ioctl(fd, IOCTL_MEI_CONNECT_CLIENT_VTAG, &client_data_vtag); 128*4882a593Smuzhiyun 129*4882a593Smuzhiyun Inputs: 130*4882a593Smuzhiyun 131*4882a593Smuzhiyun struct mei_connect_client_data_vtag - contain the following 132*4882a593Smuzhiyun Input field: 133*4882a593Smuzhiyun 134*4882a593Smuzhiyun in_client_uuid - GUID of the FW Feature that needs 135*4882a593Smuzhiyun to connect to. 136*4882a593Smuzhiyun vtag - virtual tag [1, 255] 137*4882a593Smuzhiyun 138*4882a593Smuzhiyun Outputs: 139*4882a593Smuzhiyun out_client_properties - Client Properties: MTU and Protocol Version. 140*4882a593Smuzhiyun 141*4882a593Smuzhiyun Error returns: 142*4882a593Smuzhiyun 143*4882a593Smuzhiyun ENOTTY No such client (i.e. wrong GUID) or connection is not allowed. 144*4882a593Smuzhiyun EINVAL Wrong IOCTL Number or tag == 0 145*4882a593Smuzhiyun ENODEV Device or Connection is not initialized or ready. 146*4882a593Smuzhiyun ENOMEM Unable to allocate memory to client internal data. 147*4882a593Smuzhiyun EFAULT Fatal Error (e.g. Unable to access user input data) 148*4882a593Smuzhiyun EBUSY Connection Already Open 149*4882a593Smuzhiyun EOPNOTSUPP Vtag is not supported 150*4882a593Smuzhiyun 151*4882a593SmuzhiyunIOCTL_MEI_NOTIFY_SET 152*4882a593Smuzhiyun--------------------- 153*4882a593SmuzhiyunEnable or disable event notifications. 154*4882a593Smuzhiyun 155*4882a593Smuzhiyun 156*4882a593Smuzhiyun.. code-block:: none 157*4882a593Smuzhiyun 158*4882a593Smuzhiyun Usage: 159*4882a593Smuzhiyun 160*4882a593Smuzhiyun uint32_t enable; 161*4882a593Smuzhiyun 162*4882a593Smuzhiyun ioctl(fd, IOCTL_MEI_NOTIFY_SET, &enable); 163*4882a593Smuzhiyun 164*4882a593Smuzhiyun 165*4882a593Smuzhiyun uint32_t enable = 1; 166*4882a593Smuzhiyun or 167*4882a593Smuzhiyun uint32_t enable[disable] = 0; 168*4882a593Smuzhiyun 169*4882a593Smuzhiyun Error returns: 170*4882a593Smuzhiyun 171*4882a593Smuzhiyun 172*4882a593Smuzhiyun EINVAL Wrong IOCTL Number 173*4882a593Smuzhiyun ENODEV Device is not initialized or the client not connected 174*4882a593Smuzhiyun ENOMEM Unable to allocate memory to client internal data. 175*4882a593Smuzhiyun EFAULT Fatal Error (e.g. Unable to access user input data) 176*4882a593Smuzhiyun EOPNOTSUPP if the device doesn't support the feature 177*4882a593Smuzhiyun 178*4882a593Smuzhiyun:Note: 179*4882a593Smuzhiyun The client must be connected in order to enable notification events 180*4882a593Smuzhiyun 181*4882a593Smuzhiyun 182*4882a593SmuzhiyunIOCTL_MEI_NOTIFY_GET 183*4882a593Smuzhiyun-------------------- 184*4882a593SmuzhiyunRetrieve event 185*4882a593Smuzhiyun 186*4882a593Smuzhiyun.. code-block:: none 187*4882a593Smuzhiyun 188*4882a593Smuzhiyun Usage: 189*4882a593Smuzhiyun uint32_t event; 190*4882a593Smuzhiyun ioctl(fd, IOCTL_MEI_NOTIFY_GET, &event); 191*4882a593Smuzhiyun 192*4882a593Smuzhiyun Outputs: 193*4882a593Smuzhiyun 1 - if an event is pending 194*4882a593Smuzhiyun 0 - if there is no even pending 195*4882a593Smuzhiyun 196*4882a593Smuzhiyun Error returns: 197*4882a593Smuzhiyun EINVAL Wrong IOCTL Number 198*4882a593Smuzhiyun ENODEV Device is not initialized or the client not connected 199*4882a593Smuzhiyun ENOMEM Unable to allocate memory to client internal data. 200*4882a593Smuzhiyun EFAULT Fatal Error (e.g. Unable to access user input data) 201*4882a593Smuzhiyun EOPNOTSUPP if the device doesn't support the feature 202*4882a593Smuzhiyun 203*4882a593Smuzhiyun:Note: 204*4882a593Smuzhiyun The client must be connected and event notification has to be enabled 205*4882a593Smuzhiyun in order to receive an event 206*4882a593Smuzhiyun 207*4882a593Smuzhiyun 208*4882a593Smuzhiyun 209*4882a593SmuzhiyunSupported Chipsets 210*4882a593Smuzhiyun================== 211*4882a593Smuzhiyun82X38/X48 Express and newer 212*4882a593Smuzhiyun 213*4882a593Smuzhiyunlinux-mei@linux.intel.com 214