]> git.proxmox.com Git - mirror_ubuntu-focal-kernel.git/blob - drivers/ieee1394/raw1394.c
projects / mirror_ubuntu-focal-kernel.git / blob
? search:


c6aefd9ad0e836fff8ca4aab262e98347d7d91fd
[mirror_ubuntu-focal-kernel.git] / drivers / ieee1394 / raw1394.c
1 /*
2 * IEEE 1394 for Linux
3 *
4 * Raw interface to the bus
5 *
6 * Copyright (C) 1999, 2000 Andreas E. Bombe
7 * 2001, 2002 Manfred Weihs <weihs@ict.tuwien.ac.at>
8 * 2002 Christian Toegel <christian.toegel@gmx.at>
9 *
10 * This code is licensed under the GPL. See the file COPYING in the root
11 * directory of the kernel sources for details.
12 *
13 *
14 * Contributions:
15 *
16 * Manfred Weihs <weihs@ict.tuwien.ac.at>
17 * configuration ROM manipulation
18 * address range mapping
19 * adaptation for new (transparent) loopback mechanism
20 * sending of arbitrary async packets
21 * Christian Toegel <christian.toegel@gmx.at>
22 * address range mapping
23 * lock64 request
24 * transmit physical packet
25 * busreset notification control (switch on/off)
26 * busreset with selection of type (short/long)
27 * request_reply
28 */
29
30 #include <linux/kernel.h>
31 #include <linux/list.h>
32 #include <linux/string.h>
33 #include <linux/slab.h>
34 #include <linux/fs.h>
35 #include <linux/poll.h>
36 #include <linux/module.h>
37 #include <linux/init.h>
38 #include <linux/smp_lock.h>
39 #include <linux/interrupt.h>
40 #include <linux/vmalloc.h>
41 #include <linux/cdev.h>
42 #include <asm/uaccess.h>
43 #include <asm/atomic.h>
44 #include <linux/compat.h>
45
46 #include "csr1212.h"
47 #include "highlevel.h"
48 #include "hosts.h"
49 #include "ieee1394.h"
50 #include "ieee1394_core.h"
51 #include "ieee1394_hotplug.h"
52 #include "ieee1394_transactions.h"
53 #include "ieee1394_types.h"
54 #include "iso.h"
55 #include "nodemgr.h"
56 #include "raw1394.h"
57 #include "raw1394-private.h"
58
59 #define int2ptr(x) ((void __user *)(unsigned long)x)
60 #define ptr2int(x) ((u64)(unsigned long)(void __user *)x)
61
62 #ifdef CONFIG_IEEE1394_VERBOSEDEBUG
63 #define RAW1394_DEBUG
64 #endif
65
66 #ifdef RAW1394_DEBUG
67 #define DBGMSG(fmt, args...) \
68 printk(KERN_INFO "raw1394:" fmt "\n" , ## args)
69 #else
70 #define DBGMSG(fmt, args...) do {} while (0)
71 #endif
72
73 static LIST_HEAD(host_info_list);
74 static int host_count;
75 static DEFINE_SPINLOCK(host_info_lock);
76 static atomic_t internal_generation = ATOMIC_INIT(0);
77
78 static atomic_t iso_buffer_size;
79 static const int iso_buffer_max = 4 * 1024 * 1024; /* 4 MB */
80
81 static struct hpsb_highlevel raw1394_highlevel;
82
83 static int arm_read(struct hpsb_host *host, int nodeid, quadlet_t * buffer,
84 u64 addr, size_t length, u16 flags);
85 static int arm_write(struct hpsb_host *host, int nodeid, int destid,
86 quadlet_t * data, u64 addr, size_t length, u16 flags);
87 static int arm_lock(struct hpsb_host *host, int nodeid, quadlet_t * store,
88 u64 addr, quadlet_t data, quadlet_t arg, int ext_tcode,
89 u16 flags);
90 static int arm_lock64(struct hpsb_host *host, int nodeid, octlet_t * store,
91 u64 addr, octlet_t data, octlet_t arg, int ext_tcode,
92 u16 flags);
93 static struct hpsb_address_ops arm_ops = {
94 .read = arm_read,
95 .write = arm_write,
96 .lock = arm_lock,
97 .lock64 = arm_lock64,
98 };
99
100 static void queue_complete_cb(struct pending_request *req);
101
102 #include <asm/current.h>
103 static void print_old_iso_deprecation(void)
104 {
105 static pid_t p;
106
107 if (p == current->pid)
108 return;
109 p = current->pid;
110 printk(KERN_WARNING "raw1394: WARNING - Program \"%s\" uses unsupported"
111 " isochronous request types which will be removed in a next"
112 " kernel release\n", current->comm);
113 printk(KERN_WARNING "raw1394: Update your software to use libraw1394's"
114 " newer interface\n");
115 }
116
117 static struct pending_request *__alloc_pending_request(gfp_t flags)
118 {
119 struct pending_request *req;
120
121 req = kzalloc(sizeof(*req), flags);
122 if (req)
123 INIT_LIST_HEAD(&req->list);
124
125 return req;
126 }
127
128 static inline struct pending_request *alloc_pending_request(void)
129 {
130 return __alloc_pending_request(GFP_KERNEL);
131 }
132
133 static void free_pending_request(struct pending_request *req)
134 {
135 if (req->ibs) {
136 if (atomic_dec_and_test(&req->ibs->refcount)) {
137 atomic_sub(req->ibs->data_size, &iso_buffer_size);
138 kfree(req->ibs);
139 }
140 } else if (req->free_data) {
141 kfree(req->data);
142 }
143 hpsb_free_packet(req->packet);
144 kfree(req);
145 }
146
147 /* fi->reqlists_lock must be taken */
148 static void __queue_complete_req(struct pending_request *req)
149 {
150 struct file_info *fi = req->file_info;
151
152 list_move_tail(&req->list, &fi->req_complete);
153 wake_up(&fi->wait_complete);
154 }
155
156 static void queue_complete_req(struct pending_request *req)
157 {
158 unsigned long flags;
159 struct file_info *fi = req->file_info;
160
161 spin_lock_irqsave(&fi->reqlists_lock, flags);
162 __queue_complete_req(req);
163 spin_unlock_irqrestore(&fi->reqlists_lock, flags);
164 }
165
166 static void queue_complete_cb(struct pending_request *req)
167 {
168 struct hpsb_packet *packet = req->packet;
169 int rcode = (packet->header[1] >> 12) & 0xf;
170
171 switch (packet->ack_code) {
172 case ACKX_NONE:
173 case ACKX_SEND_ERROR:
174 req->req.error = RAW1394_ERROR_SEND_ERROR;
175 break;
176 case ACKX_ABORTED:
177 req->req.error = RAW1394_ERROR_ABORTED;
178 break;
179 case ACKX_TIMEOUT:
180 req->req.error = RAW1394_ERROR_TIMEOUT;
181 break;
182 default:
183 req->req.error = (packet->ack_code << 16) | rcode;
184 break;
185 }
186
187 if (!((packet->ack_code == ACK_PENDING) && (rcode == RCODE_COMPLETE))) {
188 req->req.length = 0;
189 }
190
191 if ((req->req.type == RAW1394_REQ_ASYNC_READ) ||
192 (req->req.type == RAW1394_REQ_ASYNC_WRITE) ||
193 (req->req.type == RAW1394_REQ_ASYNC_STREAM) ||
194 (req->req.type == RAW1394_REQ_LOCK) ||
195 (req->req.type == RAW1394_REQ_LOCK64))
196 hpsb_free_tlabel(packet);
197
198 queue_complete_req(req);
199 }
200
201 static void add_host(struct hpsb_host *host)
202 {
203 struct host_info *hi;
204 unsigned long flags;
205
206 hi = kmalloc(sizeof(*hi), GFP_KERNEL);
207
208 if (hi) {
209 INIT_LIST_HEAD(&hi->list);
210 hi->host = host;
211 INIT_LIST_HEAD(&hi->file_info_list);
212
213 spin_lock_irqsave(&host_info_lock, flags);
214 list_add_tail(&hi->list, &host_info_list);
215 host_count++;
216 spin_unlock_irqrestore(&host_info_lock, flags);
217 }
218
219 atomic_inc(&internal_generation);
220 }
221
222 static struct host_info *find_host_info(struct hpsb_host *host)
223 {
224 struct host_info *hi;
225
226 list_for_each_entry(hi, &host_info_list, list)
227 if (hi->host == host)
228 return hi;
229
230 return NULL;
231 }
232
233 static void remove_host(struct hpsb_host *host)
234 {
235 struct host_info *hi;
236 unsigned long flags;
237
238 spin_lock_irqsave(&host_info_lock, flags);
239 hi = find_host_info(host);
240
241 if (hi != NULL) {
242 list_del(&hi->list);
243 host_count--;
244 /*
245 FIXME: address ranges should be removed
246 and fileinfo states should be initialized
247 (including setting generation to
248 internal-generation ...)
249 */
250 }
251 spin_unlock_irqrestore(&host_info_lock, flags);
252
253 if (hi == NULL) {
254 printk(KERN_ERR "raw1394: attempt to remove unknown host "
255 "0x%p\n", host);
256 return;
257 }
258
259 kfree(hi);
260
261 atomic_inc(&internal_generation);
262 }
263
264 static void host_reset(struct hpsb_host *host)
265 {
266 unsigned long flags;
267 struct host_info *hi;
268 struct file_info *fi;
269 struct pending_request *req;
270
271 spin_lock_irqsave(&host_info_lock, flags);
272 hi = find_host_info(host);
273
274 if (hi != NULL) {
275 list_for_each_entry(fi, &hi->file_info_list, list) {
276 if (fi->notification == RAW1394_NOTIFY_ON) {
277 req = __alloc_pending_request(GFP_ATOMIC);
278
279 if (req != NULL) {
280 req->file_info = fi;
281 req->req.type = RAW1394_REQ_BUS_RESET;
282 req->req.generation =
283 get_hpsb_generation(host);
284 req->req.misc = (host->node_id << 16)
285 | host->node_count;
286 if (fi->protocol_version > 3) {
287 req->req.misc |=
288 (NODEID_TO_NODE
289 (host->irm_id)
290 << 8);
291 }
292
293 queue_complete_req(req);
294 }
295 }
296 }
297 }
298 spin_unlock_irqrestore(&host_info_lock, flags);
299 }
300
301 static void iso_receive(struct hpsb_host *host, int channel, quadlet_t * data,
302 size_t length)
303 {
304 unsigned long flags;
305 struct host_info *hi;
306 struct file_info *fi;
307 struct pending_request *req, *req_next;
308 struct iso_block_store *ibs = NULL;
309 LIST_HEAD(reqs);
310
311 if ((atomic_read(&iso_buffer_size) + length) > iso_buffer_max) {
312 HPSB_INFO("dropped iso packet");
313 return;
314 }
315
316 spin_lock_irqsave(&host_info_lock, flags);
317 hi = find_host_info(host);
318
319 if (hi != NULL) {
320 list_for_each_entry(fi, &hi->file_info_list, list) {
321 if (!(fi->listen_channels & (1ULL << channel)))
322 continue;
323
324 req = __alloc_pending_request(GFP_ATOMIC);
325 if (!req)
326 break;
327
328 if (!ibs) {
329 ibs = kmalloc(sizeof(*ibs) + length,
330 GFP_ATOMIC);
331 if (!ibs) {
332 kfree(req);
333 break;
334 }
335
336 atomic_add(length, &iso_buffer_size);
337 atomic_set(&ibs->refcount, 0);
338 ibs->data_size = length;
339 memcpy(ibs->data, data, length);
340 }
341
342 atomic_inc(&ibs->refcount);
343
344 req->file_info = fi;
345 req->ibs = ibs;
346 req->data = ibs->data;
347 req->req.type = RAW1394_REQ_ISO_RECEIVE;
348 req->req.generation = get_hpsb_generation(host);
349 req->req.misc = 0;
350 req->req.recvb = ptr2int(fi->iso_buffer);
351 req->req.length = min(length, fi->iso_buffer_length);
352
353 list_add_tail(&req->list, &reqs);
354 }
355 }
356 spin_unlock_irqrestore(&host_info_lock, flags);
357
358 list_for_each_entry_safe(req, req_next, &reqs, list)
359 queue_complete_req(req);
360 }
361
362 static void fcp_request(struct hpsb_host *host, int nodeid, int direction,
363 int cts, u8 * data, size_t length)
364 {
365 unsigned long flags;
366 struct host_info *hi;
367 struct file_info *fi;
368 struct pending_request *req, *req_next;
369 struct iso_block_store *ibs = NULL;
370 LIST_HEAD(reqs);
371
372 if ((atomic_read(&iso_buffer_size) + length) > iso_buffer_max) {
373 HPSB_INFO("dropped fcp request");
374 return;
375 }
376
377 spin_lock_irqsave(&host_info_lock, flags);
378 hi = find_host_info(host);
379
380 if (hi != NULL) {
381 list_for_each_entry(fi, &hi->file_info_list, list) {
382 if (!fi->fcp_buffer)
383 continue;
384
385 req = __alloc_pending_request(GFP_ATOMIC);
386 if (!req)
387 break;
388
389 if (!ibs) {
390 ibs = kmalloc(sizeof(*ibs) + length,
391 GFP_ATOMIC);
392 if (!ibs) {
393 kfree(req);
394 break;
395 }
396
397 atomic_add(length, &iso_buffer_size);
398 atomic_set(&ibs->refcount, 0);
399 ibs->data_size = length;
400 memcpy(ibs->data, data, length);
401 }
402
403 atomic_inc(&ibs->refcount);
404
405 req->file_info = fi;
406 req->ibs = ibs;
407 req->data = ibs->data;
408 req->req.type = RAW1394_REQ_FCP_REQUEST;
409 req->req.generation = get_hpsb_generation(host);
410 req->req.misc = nodeid | (direction << 16);
411 req->req.recvb = ptr2int(fi->fcp_buffer);
412 req->req.length = length;
413
414 list_add_tail(&req->list, &reqs);
415 }
416 }
417 spin_unlock_irqrestore(&host_info_lock, flags);
418
419 list_for_each_entry_safe(req, req_next, &reqs, list)
420 queue_complete_req(req);
421 }
422
423 #ifdef CONFIG_COMPAT
424 struct compat_raw1394_req {
425 __u32 type;
426 __s32 error;
427 __u32 misc;
428
429 __u32 generation;
430 __u32 length;
431
432 __u64 address;
433
434 __u64 tag;
435
436 __u64 sendb;
437 __u64 recvb;
438 } __attribute__((packed));
439
440 static const char __user *raw1394_compat_write(const char __user *buf)
441 {
442 struct compat_raw1394_req __user *cr = (typeof(cr)) buf;
443 struct raw1394_request __user *r;
444 r = compat_alloc_user_space(sizeof(struct raw1394_request));
445
446 #define C(x) __copy_in_user(&r->x, &cr->x, sizeof(r->x))
447
448 if (copy_in_user(r, cr, sizeof(struct compat_raw1394_req)) ||
449 C(address) ||
450 C(tag) ||
451 C(sendb) ||
452 C(recvb))
453 return ERR_PTR(-EFAULT);
454 return (const char __user *)r;
455 }
456 #undef C
457
458 #define P(x) __put_user(r->x, &cr->x)
459
460 static int
461 raw1394_compat_read(const char __user *buf, struct raw1394_request *r)
462 {
463 struct compat_raw1394_req __user *cr = (typeof(cr)) r;
464 if (!access_ok(VERIFY_WRITE, cr, sizeof(struct compat_raw1394_req)) ||
465 P(type) ||
466 P(error) ||
467 P(misc) ||
468 P(generation) ||
469 P(length) ||
470 P(address) ||
471 P(tag) ||
472 P(sendb) ||
473 P(recvb))
474 return -EFAULT;
475 return sizeof(struct compat_raw1394_req);
476 }
477 #undef P
478
479 #endif
480
481 /* get next completed request (caller must hold fi->reqlists_lock) */
482 static inline struct pending_request *__next_complete_req(struct file_info *fi)
483 {
484 struct list_head *lh;
485 struct pending_request *req = NULL;
486
487 if (!list_empty(&fi->req_complete)) {
488 lh = fi->req_complete.next;
489 list_del(lh);
490 req = list_entry(lh, struct pending_request, list);
491 }
492 return req;
493 }
494
495 /* atomically get next completed request */
496 static struct pending_request *next_complete_req(struct file_info *fi)
497 {
498 unsigned long flags;
499 struct pending_request *req;
500
501 spin_lock_irqsave(&fi->reqlists_lock, flags);
502 req = __next_complete_req(fi);
503 spin_unlock_irqrestore(&fi->reqlists_lock, flags);
504 return req;
505 }
506
507 static ssize_t raw1394_read(struct file *file, char __user * buffer,
508 size_t count, loff_t * offset_is_ignored)
509 {
510 struct file_info *fi = (struct file_info *)file->private_data;
511 struct pending_request *req;
512 ssize_t ret;
513
514 #ifdef CONFIG_COMPAT
515 if (count == sizeof(struct compat_raw1394_req)) {
516 /* ok */
517 } else
518 #endif
519 if (count != sizeof(struct raw1394_request)) {
520 return -EINVAL;
521 }
522
523 if (!access_ok(VERIFY_WRITE, buffer, count)) {
524 return -EFAULT;
525 }
526
527 if (file->f_flags & O_NONBLOCK) {
528 if (!(req = next_complete_req(fi)))
529 return -EAGAIN;
530 } else {
531 /*
532 * NB: We call the macro wait_event_interruptible() with a
533 * condition argument with side effect. This is only possible
534 * because the side effect does not occur until the condition
535 * became true, and wait_event_interruptible() won't evaluate
536 * the condition again after that.
537 */
538 if (wait_event_interruptible(fi->wait_complete,
539 (req = next_complete_req(fi))))
540 return -ERESTARTSYS;
541 }
542
543 if (req->req.length) {
544 if (copy_to_user(int2ptr(req->req.recvb), req->data,
545 req->req.length)) {
546 req->req.error = RAW1394_ERROR_MEMFAULT;
547 }
548 }
549
550 #ifdef CONFIG_COMPAT
551 if (count == sizeof(struct compat_raw1394_req) &&
552 sizeof(struct compat_raw1394_req) !=
553 sizeof(struct raw1394_request)) {
554 ret = raw1394_compat_read(buffer, &req->req);
555 } else
556 #endif
557 {
558 if (copy_to_user(buffer, &req->req, sizeof(req->req))) {
559 ret = -EFAULT;
560 goto out;
561 }
562 ret = (ssize_t) sizeof(struct raw1394_request);
563 }
564 out:
565 free_pending_request(req);
566 return ret;
567 }
568
569 static int state_opened(struct file_info *fi, struct pending_request *req)
570 {
571 if (req->req.type == RAW1394_REQ_INITIALIZE) {
572 switch (req->req.misc) {
573 case RAW1394_KERNELAPI_VERSION:
574 case 3:
575 fi->state = initialized;
576 fi->protocol_version = req->req.misc;
577 req->req.error = RAW1394_ERROR_NONE;
578 req->req.generation = atomic_read(&internal_generation);
579 break;
580
581 default:
582 req->req.error = RAW1394_ERROR_COMPAT;
583 req->req.misc = RAW1394_KERNELAPI_VERSION;
584 }
585 } else {
586 req->req.error = RAW1394_ERROR_STATE_ORDER;
587 }
588
589 req->req.length = 0;
590 queue_complete_req(req);
591 return sizeof(struct raw1394_request);
592 }
593
594 static int state_initialized(struct file_info *fi, struct pending_request *req)
595 {
596 unsigned long flags;
597 struct host_info *hi;
598 struct raw1394_khost_list *khl;
599
600 if (req->req.generation != atomic_read(&internal_generation)) {
601 req->req.error = RAW1394_ERROR_GENERATION;
602 req->req.generation = atomic_read(&internal_generation);
603 req->req.length = 0;
604 queue_complete_req(req);
605 return sizeof(struct raw1394_request);
606 }
607
608 switch (req->req.type) {
609 case RAW1394_REQ_LIST_CARDS:
610 spin_lock_irqsave(&host_info_lock, flags);
611 khl = kmalloc(sizeof(*khl) * host_count, GFP_ATOMIC);
612
613 if (khl) {
614 req->req.misc = host_count;
615 req->data = (quadlet_t *) khl;
616
617 list_for_each_entry(hi, &host_info_list, list) {
618 khl->nodes = hi->host->node_count;
619 strcpy(khl->name, hi->host->driver->name);
620 khl++;
621 }
622 }
623 spin_unlock_irqrestore(&host_info_lock, flags);
624
625 if (khl) {
626 req->req.error = RAW1394_ERROR_NONE;
627 req->req.length = min(req->req.length,
628 (u32) (sizeof
629 (struct raw1394_khost_list)
630 * req->req.misc));
631 req->free_data = 1;
632 } else {
633 return -ENOMEM;
634 }
635 break;
636
637 case RAW1394_REQ_SET_CARD:
638 spin_lock_irqsave(&host_info_lock, flags);
639 if (req->req.misc >= host_count) {
640 req->req.error = RAW1394_ERROR_INVALID_ARG;
641 goto out_set_card;
642 }
643 list_for_each_entry(hi, &host_info_list, list)
644 if (!req->req.misc--)
645 break;
646 get_device(&hi->host->device); /* FIXME handle failure case */
647 list_add_tail(&fi->list, &hi->file_info_list);
648
649 /* prevent unloading of the host's low-level driver */
650 if (!try_module_get(hi->host->driver->owner)) {
651 req->req.error = RAW1394_ERROR_ABORTED;
652 goto out_set_card;
653 }
654 WARN_ON(fi->host);
655 fi->host = hi->host;
656 fi->state = connected;
657
658 req->req.error = RAW1394_ERROR_NONE;
659 req->req.generation = get_hpsb_generation(fi->host);
660 req->req.misc = (fi->host->node_id << 16)
661 | fi->host->node_count;
662 if (fi->protocol_version > 3)
663 req->req.misc |= NODEID_TO_NODE(fi->host->irm_id) << 8;
664 out_set_card:
665 spin_unlock_irqrestore(&host_info_lock, flags);
666
667 req->req.length = 0;
668 break;
669
670 default:
671 req->req.error = RAW1394_ERROR_STATE_ORDER;
672 req->req.length = 0;
673 break;
674 }
675
676 queue_complete_req(req);
677 return sizeof(struct raw1394_request);
678 }
679
680 static void handle_iso_listen(struct file_info *fi, struct pending_request *req)
681 {
682 int channel = req->req.misc;
683
684 if ((channel > 63) || (channel < -64)) {
685 req->req.error = RAW1394_ERROR_INVALID_ARG;
686 } else if (channel >= 0) {
687 /* allocate channel req.misc */
688 if (fi->listen_channels & (1ULL << channel)) {
689 req->req.error = RAW1394_ERROR_ALREADY;
690 } else {
691 if (hpsb_listen_channel
692 (&raw1394_highlevel, fi->host, channel)) {
693 req->req.error = RAW1394_ERROR_ALREADY;
694 } else {
695 fi->listen_channels |= 1ULL << channel;
696 fi->iso_buffer = int2ptr(req->req.recvb);
697 fi->iso_buffer_length = req->req.length;
698 }
699 }
700 } else {
701 /* deallocate channel (one's complement neg) req.misc */
702 channel = ~channel;
703
704 if (fi->listen_channels & (1ULL << channel)) {
705 hpsb_unlisten_channel(&raw1394_highlevel, fi->host,
706 channel);
707 fi->listen_channels &= ~(1ULL << channel);
708 } else {
709 req->req.error = RAW1394_ERROR_INVALID_ARG;
710 }
711 }
712
713 req->req.length = 0;
714 queue_complete_req(req);
715 }
716
717 static void handle_fcp_listen(struct file_info *fi, struct pending_request *req)
718 {
719 if (req->req.misc) {
720 if (fi->fcp_buffer) {
721 req->req.error = RAW1394_ERROR_ALREADY;
722 } else {
723 fi->fcp_buffer = int2ptr(req->req.recvb);
724 }
725 } else {
726 if (!fi->fcp_buffer) {
727 req->req.error = RAW1394_ERROR_ALREADY;
728 } else {
729 fi->fcp_buffer = NULL;
730 }
731 }
732
733 req->req.length = 0;
734 queue_complete_req(req);
735 }
736
737 static int handle_async_request(struct file_info *fi,
738 struct pending_request *req, int node)
739 {
740 unsigned long flags;
741 struct hpsb_packet *packet = NULL;
742 u64 addr = req->req.address & 0xffffffffffffULL;
743
744 switch (req->req.type) {
745 case RAW1394_REQ_ASYNC_READ:
746 DBGMSG("read_request called");
747 packet =
748 hpsb_make_readpacket(fi->host, node, addr, req->req.length);
749
750 if (!packet)
751 return -ENOMEM;
752
753 if (req->req.length == 4)
754 req->data = &packet->header[3];
755 else
756 req->data = packet->data;
757
758 break;
759
760 case RAW1394_REQ_ASYNC_WRITE:
761 DBGMSG("write_request called");
762
763 packet = hpsb_make_writepacket(fi->host, node, addr, NULL,
764 req->req.length);
765 if (!packet)
766 return -ENOMEM;
767
768 if (req->req.length == 4) {
769 if (copy_from_user
770 (&packet->header[3], int2ptr(req->req.sendb),
771 req->req.length))
772 req->req.error = RAW1394_ERROR_MEMFAULT;
773 } else {
774 if (copy_from_user
775 (packet->data, int2ptr(req->req.sendb),
776 req->req.length))
777 req->req.error = RAW1394_ERROR_MEMFAULT;
778 }
779
780 req->req.length = 0;
781 break;
782
783 case RAW1394_REQ_ASYNC_STREAM:
784 DBGMSG("stream_request called");
785
786 packet =
787 hpsb_make_streampacket(fi->host, NULL, req->req.length,
788 node & 0x3f /*channel */ ,
789 (req->req.misc >> 16) & 0x3,
790 req->req.misc & 0xf);
791 if (!packet)
792 return -ENOMEM;
793
794 if (copy_from_user(packet->data, int2ptr(req->req.sendb),
795 req->req.length))
796 req->req.error = RAW1394_ERROR_MEMFAULT;
797
798 req->req.length = 0;
799 break;
800
801 case RAW1394_REQ_LOCK:
802 DBGMSG("lock_request called");
803 if ((req->req.misc == EXTCODE_FETCH_ADD)
804 || (req->req.misc == EXTCODE_LITTLE_ADD)) {
805 if (req->req.length != 4) {
806 req->req.error = RAW1394_ERROR_INVALID_ARG;
807 break;
808 }
809 } else {
810 if (req->req.length != 8) {
811 req->req.error = RAW1394_ERROR_INVALID_ARG;
812 break;
813 }
814 }
815
816 packet = hpsb_make_lockpacket(fi->host, node, addr,
817 req->req.misc, NULL, 0);
818 if (!packet)
819 return -ENOMEM;
820
821 if (copy_from_user(packet->data, int2ptr(req->req.sendb),
822 req->req.length)) {
823 req->req.error = RAW1394_ERROR_MEMFAULT;
824 break;
825 }
826
827 req->data = packet->data;
828 req->req.length = 4;
829 break;
830
831 case RAW1394_REQ_LOCK64:
832 DBGMSG("lock64_request called");
833 if ((req->req.misc == EXTCODE_FETCH_ADD)
834 || (req->req.misc == EXTCODE_LITTLE_ADD)) {
835 if (req->req.length != 8) {
836 req->req.error = RAW1394_ERROR_INVALID_ARG;
837 break;
838 }
839 } else {
840 if (req->req.length != 16) {
841 req->req.error = RAW1394_ERROR_INVALID_ARG;
842 break;
843 }
844 }
845 packet = hpsb_make_lock64packet(fi->host, node, addr,
846 req->req.misc, NULL, 0);
847 if (!packet)
848 return -ENOMEM;
849
850 if (copy_from_user(packet->data, int2ptr(req->req.sendb),
851 req->req.length)) {
852 req->req.error = RAW1394_ERROR_MEMFAULT;
853 break;
854 }
855
856 req->data = packet->data;
857 req->req.length = 8;
858 break;
859
860 default:
861 req->req.error = RAW1394_ERROR_STATE_ORDER;
862 }
863
864 req->packet = packet;
865
866 if (req->req.error) {
867 req->req.length = 0;
868 queue_complete_req(req);
869 return sizeof(struct raw1394_request);
870 }
871
872 hpsb_set_packet_complete_task(packet,
873 (void (*)(void *))queue_complete_cb, req);
874
875 spin_lock_irqsave(&fi->reqlists_lock, flags);
876 list_add_tail(&req->list, &fi->req_pending);
877 spin_unlock_irqrestore(&fi->reqlists_lock, flags);
878
879 packet->generation = req->req.generation;
880
881 if (hpsb_send_packet(packet) < 0) {
882 req->req.error = RAW1394_ERROR_SEND_ERROR;
883 req->req.length = 0;
884 hpsb_free_tlabel(packet);
885 queue_complete_req(req);
886 }
887 return sizeof(struct raw1394_request);
888 }
889
890 static int handle_iso_send(struct file_info *fi, struct pending_request *req,
891 int channel)
892 {
893 unsigned long flags;
894 struct hpsb_packet *packet;
895
896 packet = hpsb_make_isopacket(fi->host, req->req.length, channel & 0x3f,
897 (req->req.misc >> 16) & 0x3,
898 req->req.misc & 0xf);
899 if (!packet)
900 return -ENOMEM;
901
902 packet->speed_code = req->req.address & 0x3;
903
904 req->packet = packet;
905
906 if (copy_from_user(packet->data, int2ptr(req->req.sendb),
907 req->req.length)) {
908 req->req.error = RAW1394_ERROR_MEMFAULT;
909 req->req.length = 0;
910 queue_complete_req(req);
911 return sizeof(struct raw1394_request);
912 }
913
914 req->req.length = 0;
915 hpsb_set_packet_complete_task(packet,
916 (void (*)(void *))queue_complete_req,
917 req);
918
919 spin_lock_irqsave(&fi->reqlists_lock, flags);
920 list_add_tail(&req->list, &fi->req_pending);
921 spin_unlock_irqrestore(&fi->reqlists_lock, flags);
922
923 /* Update the generation of the packet just before sending. */
924 packet->generation = req->req.generation;
925
926 if (hpsb_send_packet(packet) < 0) {
927 req->req.error = RAW1394_ERROR_SEND_ERROR;
928 queue_complete_req(req);
929 }
930
931 return sizeof(struct raw1394_request);
932 }
933
934 static int handle_async_send(struct file_info *fi, struct pending_request *req)
935 {
936 unsigned long flags;
937 struct hpsb_packet *packet;
938 int header_length = req->req.misc & 0xffff;
939 int expect_response = req->req.misc >> 16;
940
941 if (header_length > req->req.length || header_length < 12 ||
942 header_length > FIELD_SIZEOF(struct hpsb_packet, header)) {
943 req->req.error = RAW1394_ERROR_INVALID_ARG;
944 req->req.length = 0;
945 queue_complete_req(req);
946 return sizeof(struct raw1394_request);
947 }
948
949 packet = hpsb_alloc_packet(req->req.length - header_length);
950 req->packet = packet;
951 if (!packet)
952 return -ENOMEM;
953
954 if (copy_from_user(packet->header, int2ptr(req->req.sendb),
955 header_length)) {
956 req->req.error = RAW1394_ERROR_MEMFAULT;
957 req->req.length = 0;
958 queue_complete_req(req);
959 return sizeof(struct raw1394_request);
960 }
961
962 if (copy_from_user
963 (packet->data, int2ptr(req->req.sendb) + header_length,
964 packet->data_size)) {
965 req->req.error = RAW1394_ERROR_MEMFAULT;
966 req->req.length = 0;
967 queue_complete_req(req);
968 return sizeof(struct raw1394_request);
969 }
970
971 packet->type = hpsb_async;
972 packet->node_id = packet->header[0] >> 16;
973 packet->tcode = (packet->header[0] >> 4) & 0xf;
974 packet->tlabel = (packet->header[0] >> 10) & 0x3f;
975 packet->host = fi->host;
976 packet->expect_response = expect_response;
977 packet->header_size = header_length;
978 packet->data_size = req->req.length - header_length;
979
980 req->req.length = 0;
981 hpsb_set_packet_complete_task(packet,
982 (void (*)(void *))queue_complete_cb, req);
983
984 spin_lock_irqsave(&fi->reqlists_lock, flags);
985 list_add_tail(&req->list, &fi->req_pending);
986 spin_unlock_irqrestore(&fi->reqlists_lock, flags);
987
988 /* Update the generation of the packet just before sending. */
989 packet->generation = req->req.generation;
990
991 if (hpsb_send_packet(packet) < 0) {
992 req->req.error = RAW1394_ERROR_SEND_ERROR;
993 queue_complete_req(req);
994 }
995
996 return sizeof(struct raw1394_request);
997 }
998
999 static int arm_read(struct hpsb_host *host, int nodeid, quadlet_t * buffer,
1000 u64 addr, size_t length, u16 flags)
1001 {
1002 unsigned long irqflags;
1003 struct pending_request *req;
1004 struct host_info *hi;
1005 struct file_info *fi = NULL;
1006 struct list_head *entry;
1007 struct arm_addr *arm_addr = NULL;
1008 struct arm_request *arm_req = NULL;
1009 struct arm_response *arm_resp = NULL;
1010 int found = 0, size = 0, rcode = -1;
1011 struct arm_request_response *arm_req_resp = NULL;
1012
1013 DBGMSG("arm_read called by node: %X"
1014 "addr: %4.4x %8.8x length: %Zu", nodeid,
1015 (u16) ((addr >> 32) & 0xFFFF), (u32) (addr & 0xFFFFFFFF),
1016 length);
1017 spin_lock_irqsave(&host_info_lock, irqflags);
1018 hi = find_host_info(host); /* search address-entry */
1019 if (hi != NULL) {
1020 list_for_each_entry(fi, &hi->file_info_list, list) {
1021 entry = fi->addr_list.next;
1022 while (entry != &(fi->addr_list)) {
1023 arm_addr =
1024 list_entry(entry, struct arm_addr,
1025 addr_list);
1026 if (((arm_addr->start) <= (addr))
1027 && ((arm_addr->end) >= (addr + length))) {
1028 found = 1;
1029 break;
1030 }
1031 entry = entry->next;
1032 }
1033 if (found) {
1034 break;
1035 }
1036 }
1037 }
1038 rcode = -1;
1039 if (!found) {
1040 printk(KERN_ERR "raw1394: arm_read FAILED addr_entry not found"
1041 " -> rcode_address_error\n");
1042 spin_unlock_irqrestore(&host_info_lock, irqflags);
1043 return (RCODE_ADDRESS_ERROR);
1044 } else {
1045 DBGMSG("arm_read addr_entry FOUND");
1046 }
1047 if (arm_addr->rec_length < length) {
1048 DBGMSG("arm_read blocklength too big -> rcode_data_error");
1049 rcode = RCODE_DATA_ERROR; /* hardware error, data is unavailable */
1050 }
1051 if (rcode == -1) {
1052 if (arm_addr->access_rights & ARM_READ) {
1053 if (!(arm_addr->client_transactions & ARM_READ)) {
1054 memcpy(buffer,
1055 (arm_addr->addr_space_buffer) + (addr -
1056 (arm_addr->
1057 start)),
1058 length);
1059 DBGMSG("arm_read -> (rcode_complete)");
1060 rcode = RCODE_COMPLETE;
1061 }
1062 } else {
1063 rcode = RCODE_TYPE_ERROR; /* function not allowed */
1064 DBGMSG("arm_read -> rcode_type_error (access denied)");
1065 }
1066 }
1067 if (arm_addr->notification_options & ARM_READ) {
1068 DBGMSG("arm_read -> entering notification-section");
1069 req = __alloc_pending_request(GFP_ATOMIC);
1070 if (!req) {
1071 DBGMSG("arm_read -> rcode_conflict_error");
1072 spin_unlock_irqrestore(&host_info_lock, irqflags);
1073 return (RCODE_CONFLICT_ERROR); /* A resource conflict was detected.
1074 The request may be retried */
1075 }
1076 if (rcode == RCODE_COMPLETE) {
1077 size =
1078 sizeof(struct arm_request) +
1079 sizeof(struct arm_response) +
1080 length * sizeof(byte_t) +
1081 sizeof(struct arm_request_response);
1082 } else {
1083 size =
1084 sizeof(struct arm_request) +
1085 sizeof(struct arm_response) +
1086 sizeof(struct arm_request_response);
1087 }
1088 req->data = kmalloc(size, GFP_ATOMIC);
1089 if (!(req->data)) {
1090 free_pending_request(req);
1091 DBGMSG("arm_read -> rcode_conflict_error");
1092 spin_unlock_irqrestore(&host_info_lock, irqflags);
1093 return (RCODE_CONFLICT_ERROR); /* A resource conflict was detected.
1094 The request may be retried */
1095 }
1096 req->free_data = 1;
1097 req->file_info = fi;
1098 req->req.type = RAW1394_REQ_ARM;
1099 req->req.generation = get_hpsb_generation(host);
1100 req->req.misc =
1101 (((length << 16) & (0xFFFF0000)) | (ARM_READ & 0xFF));
1102 req->req.tag = arm_addr->arm_tag;
1103 req->req.recvb = arm_addr->recvb;
1104 req->req.length = size;
1105 arm_req_resp = (struct arm_request_response *)(req->data);
1106 arm_req = (struct arm_request *)((byte_t *) (req->data) +
1107 (sizeof
1108 (struct
1109 arm_request_response)));
1110 arm_resp =
1111 (struct arm_response *)((byte_t *) (arm_req) +
1112 (sizeof(struct arm_request)));
1113 arm_req->buffer = NULL;
1114 arm_resp->buffer = NULL;
1115 if (rcode == RCODE_COMPLETE) {
1116 byte_t *buf =
1117 (byte_t *) arm_resp + sizeof(struct arm_response);
1118 memcpy(buf,
1119 (arm_addr->addr_space_buffer) + (addr -
1120 (arm_addr->
1121 start)),
1122 length);
1123 arm_resp->buffer =
1124 int2ptr((arm_addr->recvb) +
1125 sizeof(struct arm_request_response) +
1126 sizeof(struct arm_request) +
1127 sizeof(struct arm_response));
1128 }
1129 arm_resp->buffer_length =
1130 (rcode == RCODE_COMPLETE) ? length : 0;
1131 arm_resp->response_code = rcode;
1132 arm_req->buffer_length = 0;
1133 arm_req->generation = req->req.generation;
1134 arm_req->extended_transaction_code = 0;
1135 arm_req->destination_offset = addr;
1136 arm_req->source_nodeid = nodeid;
1137 arm_req->destination_nodeid = host->node_id;
1138 arm_req->tlabel = (flags >> 10) & 0x3f;
1139 arm_req->tcode = (flags >> 4) & 0x0f;
1140 arm_req_resp->request = int2ptr((arm_addr->recvb) +
1141 sizeof(struct
1142 arm_request_response));
1143 arm_req_resp->response =
1144 int2ptr((arm_addr->recvb) +
1145 sizeof(struct arm_request_response) +
1146 sizeof(struct arm_request));
1147 queue_complete_req(req);
1148 }
1149 spin_unlock_irqrestore(&host_info_lock, irqflags);
1150 return (rcode);
1151 }
1152
1153 static int arm_write(struct hpsb_host *host, int nodeid, int destid,
1154 quadlet_t * data, u64 addr, size_t length, u16 flags)
1155 {
1156 unsigned long irqflags;
1157 struct pending_request *req;
1158 struct host_info *hi;
1159 struct file_info *fi = NULL;
1160 struct list_head *entry;
1161 struct arm_addr *arm_addr = NULL;
1162 struct arm_request *arm_req = NULL;
1163 struct arm_response *arm_resp = NULL;
1164 int found = 0, size = 0, rcode = -1, length_conflict = 0;
1165 struct arm_request_response *arm_req_resp = NULL;
1166
1167 DBGMSG("arm_write called by node: %X"
1168 "addr: %4.4x %8.8x length: %Zu", nodeid,
1169 (u16) ((addr >> 32) & 0xFFFF), (u32) (addr & 0xFFFFFFFF),
1170 length);
1171 spin_lock_irqsave(&host_info_lock, irqflags);
1172 hi = find_host_info(host); /* search address-entry */
1173 if (hi != NULL) {
1174 list_for_each_entry(fi, &hi->file_info_list, list) {
1175 entry = fi->addr_list.next;
1176 while (entry != &(fi->addr_list)) {
1177 arm_addr =
1178 list_entry(entry, struct arm_addr,
1179 addr_list);
1180 if (((arm_addr->start) <= (addr))
1181 && ((arm_addr->end) >= (addr + length))) {
1182 found = 1;
1183 break;
1184 }
1185 entry = entry->next;
1186 }
1187 if (found) {
1188 break;
1189 }
1190 }
1191 }
1192 rcode = -1;
1193 if (!found) {
1194 printk(KERN_ERR "raw1394: arm_write FAILED addr_entry not found"
1195 " -> rcode_address_error\n");
1196 spin_unlock_irqrestore(&host_info_lock, irqflags);
1197 return (RCODE_ADDRESS_ERROR);
1198 } else {
1199 DBGMSG("arm_write addr_entry FOUND");
1200 }
1201 if (arm_addr->rec_length < length) {
1202 DBGMSG("arm_write blocklength too big -> rcode_data_error");
1203 length_conflict = 1;
1204 rcode = RCODE_DATA_ERROR; /* hardware error, data is unavailable */
1205 }
1206 if (rcode == -1) {
1207 if (arm_addr->access_rights & ARM_WRITE) {
1208 if (!(arm_addr->client_transactions & ARM_WRITE)) {
1209 memcpy((arm_addr->addr_space_buffer) +
1210 (addr - (arm_addr->start)), data,
1211 length);
1212 DBGMSG("arm_write -> (rcode_complete)");
1213 rcode = RCODE_COMPLETE;
1214 }
1215 } else {
1216 rcode = RCODE_TYPE_ERROR; /* function not allowed */
1217 DBGMSG("arm_write -> rcode_type_error (access denied)");
1218 }
1219 }
1220 if (arm_addr->notification_options & ARM_WRITE) {
1221 DBGMSG("arm_write -> entering notification-section");
1222 req = __alloc_pending_request(GFP_ATOMIC);
1223 if (!req) {
1224 DBGMSG("arm_write -> rcode_conflict_error");
1225 spin_unlock_irqrestore(&host_info_lock, irqflags);
1226 return (RCODE_CONFLICT_ERROR); /* A resource conflict was detected.
1227 The request my be retried */
1228 }
1229 size =
1230 sizeof(struct arm_request) + sizeof(struct arm_response) +
1231 (length) * sizeof(byte_t) +
1232 sizeof(struct arm_request_response);
1233 req->data = kmalloc(size, GFP_ATOMIC);
1234 if (!(req->data)) {
1235 free_pending_request(req);
1236 DBGMSG("arm_write -> rcode_conflict_error");
1237 spin_unlock_irqrestore(&host_info_lock, irqflags);
1238 return (RCODE_CONFLICT_ERROR); /* A resource conflict was detected.
1239 The request may be retried */
1240 }
1241 req->free_data = 1;
1242 req->file_info = fi;
1243 req->req.type = RAW1394_REQ_ARM;
1244 req->req.generation = get_hpsb_generation(host);
1245 req->req.misc =
1246 (((length << 16) & (0xFFFF0000)) | (ARM_WRITE & 0xFF));
1247 req->req.tag = arm_addr->arm_tag;
1248 req->req.recvb = arm_addr->recvb;
1249 req->req.length = size;
1250 arm_req_resp = (struct arm_request_response *)(req->data);
1251 arm_req = (struct arm_request *)((byte_t *) (req->data) +
1252 (sizeof
1253 (struct
1254 arm_request_response)));
1255 arm_resp =
1256 (struct arm_response *)((byte_t *) (arm_req) +
1257 (sizeof(struct arm_request)));
1258 arm_resp->buffer = NULL;
1259 memcpy((byte_t *) arm_resp + sizeof(struct arm_response),
1260 data, length);
1261 arm_req->buffer = int2ptr((arm_addr->recvb) +
1262 sizeof(struct arm_request_response) +
1263 sizeof(struct arm_request) +
1264 sizeof(struct arm_response));
1265 arm_req->buffer_length = length;
1266 arm_req->generation = req->req.generation;
1267 arm_req->extended_transaction_code = 0;
1268 arm_req->destination_offset = addr;
1269 arm_req->source_nodeid = nodeid;
1270 arm_req->destination_nodeid = destid;
1271 arm_req->tlabel = (flags >> 10) & 0x3f;
1272 arm_req->tcode = (flags >> 4) & 0x0f;
1273 arm_resp->buffer_length = 0;
1274 arm_resp->response_code = rcode;
1275 arm_req_resp->request = int2ptr((arm_addr->recvb) +
1276 sizeof(struct
1277 arm_request_response));
1278 arm_req_resp->response =
1279 int2ptr((arm_addr->recvb) +
1280 sizeof(struct arm_request_response) +
1281 sizeof(struct arm_request));
1282 queue_complete_req(req);
1283 }
1284 spin_unlock_irqrestore(&host_info_lock, irqflags);
1285 return (rcode);
1286 }
1287
1288 static int arm_lock(struct hpsb_host *host, int nodeid, quadlet_t * store,
1289 u64 addr, quadlet_t data, quadlet_t arg, int ext_tcode,
1290 u16 flags)
1291 {
1292 unsigned long irqflags;
1293 struct pending_request *req;
1294 struct host_info *hi;
1295 struct file_info *fi = NULL;
1296 struct list_head *entry;
1297 struct arm_addr *arm_addr = NULL;
1298 struct arm_request *arm_req = NULL;
1299 struct arm_response *arm_resp = NULL;
1300 int found = 0, size = 0, rcode = -1;
1301 quadlet_t old, new;
1302 struct arm_request_response *arm_req_resp = NULL;
1303
1304 if (((ext_tcode & 0xFF) == EXTCODE_FETCH_ADD) ||
1305 ((ext_tcode & 0xFF) == EXTCODE_LITTLE_ADD)) {
1306 DBGMSG("arm_lock called by node: %X "
1307 "addr: %4.4x %8.8x extcode: %2.2X data: %8.8X",
1308 nodeid, (u16) ((addr >> 32) & 0xFFFF),
1309 (u32) (addr & 0xFFFFFFFF), ext_tcode & 0xFF,
1310 be32_to_cpu(data));
1311 } else {
1312 DBGMSG("arm_lock called by node: %X "
1313 "addr: %4.4x %8.8x extcode: %2.2X data: %8.8X arg: %8.8X",
1314 nodeid, (u16) ((addr >> 32) & 0xFFFF),
1315 (u32) (addr & 0xFFFFFFFF), ext_tcode & 0xFF,
1316 be32_to_cpu(data), be32_to_cpu(arg));
1317 }
1318 spin_lock_irqsave(&host_info_lock, irqflags);
1319 hi = find_host_info(host); /* search address-entry */
1320 if (hi != NULL) {
1321 list_for_each_entry(fi, &hi->file_info_list, list) {
1322 entry = fi->addr_list.next;
1323 while (entry != &(fi->addr_list)) {
1324 arm_addr =
1325 list_entry(entry, struct arm_addr,
1326 addr_list);
1327 if (((arm_addr->start) <= (addr))
1328 && ((arm_addr->end) >=
1329 (addr + sizeof(*store)))) {
1330 found = 1;
1331 break;
1332 }
1333 entry = entry->next;
1334 }
1335 if (found) {
1336 break;
1337 }
1338 }
1339 }
1340 rcode = -1;
1341 if (!found) {
1342 printk(KERN_ERR "raw1394: arm_lock FAILED addr_entry not found"
1343 " -> rcode_address_error\n");
1344 spin_unlock_irqrestore(&host_info_lock, irqflags);
1345 return (RCODE_ADDRESS_ERROR);
1346 } else {
1347 DBGMSG("arm_lock addr_entry FOUND");
1348 }
1349 if (rcode == -1) {
1350 if (arm_addr->access_rights & ARM_LOCK) {
1351 if (!(arm_addr->client_transactions & ARM_LOCK)) {
1352 memcpy(&old,
1353 (arm_addr->addr_space_buffer) + (addr -
1354 (arm_addr->
1355 start)),
1356 sizeof(old));
1357 switch (ext_tcode) {
1358 case (EXTCODE_MASK_SWAP):
1359 new = data | (old & ~arg);
1360 break;
1361 case (EXTCODE_COMPARE_SWAP):
1362 if (old == arg) {
1363 new = data;
1364 } else {
1365 new = old;
1366 }
1367 break;
1368 case (EXTCODE_FETCH_ADD):
1369 new =
1370 cpu_to_be32(be32_to_cpu(data) +
1371 be32_to_cpu(old));
1372 break;
1373 case (EXTCODE_LITTLE_ADD):
1374 new =
1375 cpu_to_le32(le32_to_cpu(data) +
1376 le32_to_cpu(old));
1377 break;
1378 case (EXTCODE_BOUNDED_ADD):
1379 if (old != arg) {
1380 new =
1381 cpu_to_be32(be32_to_cpu
1382 (data) +
1383 be32_to_cpu
1384 (old));
1385 } else {
1386 new = old;
1387 }
1388 break;
1389 case (EXTCODE_WRAP_ADD):
1390 if (old != arg) {
1391 new =
1392 cpu_to_be32(be32_to_cpu
1393 (data) +
1394 be32_to_cpu
1395 (old));
1396 } else {
1397 new = data;
1398 }
1399 break;
1400 default:
1401 rcode = RCODE_TYPE_ERROR; /* function not allowed */
1402 printk(KERN_ERR
1403 "raw1394: arm_lock FAILED "
1404 "ext_tcode not allowed -> rcode_type_error\n");
1405 break;
1406 } /*switch */
1407 if (rcode == -1) {
1408 DBGMSG("arm_lock -> (rcode_complete)");
1409 rcode = RCODE_COMPLETE;
1410 memcpy(store, &old, sizeof(*store));
1411 memcpy((arm_addr->addr_space_buffer) +
1412 (addr - (arm_addr->start)),
1413 &new, sizeof(*store));
1414 }
1415 }
1416 } else {
1417 rcode = RCODE_TYPE_ERROR; /* function not allowed */
1418 DBGMSG("arm_lock -> rcode_type_error (access denied)");
1419 }
1420 }
1421 if (arm_addr->notification_options & ARM_LOCK) {
1422 byte_t *buf1, *buf2;
1423 DBGMSG("arm_lock -> entering notification-section");
1424 req = __alloc_pending_request(GFP_ATOMIC);
1425 if (!req) {
1426 DBGMSG("arm_lock -> rcode_conflict_error");
1427 spin_unlock_irqrestore(&host_info_lock, irqflags);
1428 return (RCODE_CONFLICT_ERROR); /* A resource conflict was detected.
1429 The request may be retried */
1430 }
1431 size = sizeof(struct arm_request) + sizeof(struct arm_response) + 3 * sizeof(*store) + sizeof(struct arm_request_response); /* maximum */
1432 req->data = kmalloc(size, GFP_ATOMIC);
1433 if (!(req->data)) {
1434 free_pending_request(req);
1435 DBGMSG("arm_lock -> rcode_conflict_error");
1436 spin_unlock_irqrestore(&host_info_lock, irqflags);
1437 return (RCODE_CONFLICT_ERROR); /* A resource conflict was detected.
1438 The request may be retried */
1439 }
1440 req->free_data = 1;
1441 arm_req_resp = (struct arm_request_response *)(req->data);
1442 arm_req = (struct arm_request *)((byte_t *) (req->data) +
1443 (sizeof
1444 (struct
1445 arm_request_response)));
1446 arm_resp =
1447 (struct arm_response *)((byte_t *) (arm_req) +
1448 (sizeof(struct arm_request)));
1449 buf1 = (byte_t *) arm_resp + sizeof(struct arm_response);
1450 buf2 = buf1 + 2 * sizeof(*store);
1451 if ((ext_tcode == EXTCODE_FETCH_ADD) ||
1452 (ext_tcode == EXTCODE_LITTLE_ADD)) {
1453 arm_req->buffer_length = sizeof(*store);
1454 memcpy(buf1, &data, sizeof(*store));
1455
1456 } else {
1457 arm_req->buffer_length = 2 * sizeof(*store);
1458 memcpy(buf1, &arg, sizeof(*store));
1459 memcpy(buf1 + sizeof(*store), &data, sizeof(*store));
1460 }
1461 if (rcode == RCODE_COMPLETE) {
1462 arm_resp->buffer_length = sizeof(*store);
1463 memcpy(buf2, &old, sizeof(*store));
1464 } else {
1465 arm_resp->buffer_length = 0;
1466 }
1467 req->file_info = fi;
1468 req->req.type = RAW1394_REQ_ARM;
1469 req->req.generation = get_hpsb_generation(host);
1470 req->req.misc = ((((sizeof(*store)) << 16) & (0xFFFF0000)) |
1471 (ARM_LOCK & 0xFF));
1472 req->req.tag = arm_addr->arm_tag;
1473 req->req.recvb = arm_addr->recvb;
1474 req->req.length = size;
1475 arm_req->generation = req->req.generation;
1476 arm_req->extended_transaction_code = ext_tcode;
1477 arm_req->destination_offset = addr;
1478 arm_req->source_nodeid = nodeid;
1479 arm_req->destination_nodeid = host->node_id;
1480 arm_req->tlabel = (flags >> 10) & 0x3f;
1481 arm_req->tcode = (flags >> 4) & 0x0f;
1482 arm_resp->response_code = rcode;
1483 arm_req_resp->request = int2ptr((arm_addr->recvb) +
1484 sizeof(struct
1485 arm_request_response));
1486 arm_req_resp->response =
1487 int2ptr((arm_addr->recvb) +
1488 sizeof(struct arm_request_response) +
1489 sizeof(struct arm_request));
1490 arm_req->buffer =
1491 int2ptr((arm_addr->recvb) +
1492 sizeof(struct arm_request_response) +
1493 sizeof(struct arm_request) +
1494 sizeof(struct arm_response));
1495 arm_resp->buffer =
1496 int2ptr((arm_addr->recvb) +
1497 sizeof(struct arm_request_response) +
1498 sizeof(struct arm_request) +
1499 sizeof(struct arm_response) + 2 * sizeof(*store));
1500 queue_complete_req(req);
1501 }
1502 spin_unlock_irqrestore(&host_info_lock, irqflags);
1503 return (rcode);
1504 }
1505
1506 static int arm_lock64(struct hpsb_host *host, int nodeid, octlet_t * store,
1507 u64 addr, octlet_t data, octlet_t arg, int ext_tcode,
1508 u16 flags)
1509 {
1510 unsigned long irqflags;
1511 struct pending_request *req;
1512 struct host_info *hi;
1513 struct file_info *fi = NULL;
1514 struct list_head *entry;
1515 struct arm_addr *arm_addr = NULL;
1516 struct arm_request *arm_req = NULL;
1517 struct arm_response *arm_resp = NULL;
1518 int found = 0, size = 0, rcode = -1;
1519 octlet_t old, new;
1520 struct arm_request_response *arm_req_resp = NULL;
1521
1522 if (((ext_tcode & 0xFF) == EXTCODE_FETCH_ADD) ||
1523 ((ext_tcode & 0xFF) == EXTCODE_LITTLE_ADD)) {
1524 DBGMSG("arm_lock64 called by node: %X "
1525 "addr: %4.4x %8.8x extcode: %2.2X data: %8.8X %8.8X ",
1526 nodeid, (u16) ((addr >> 32) & 0xFFFF),
1527 (u32) (addr & 0xFFFFFFFF),
1528 ext_tcode & 0xFF,
1529 (u32) ((be64_to_cpu(data) >> 32) & 0xFFFFFFFF),
1530 (u32) (be64_to_cpu(data) & 0xFFFFFFFF));
1531 } else {
1532 DBGMSG("arm_lock64 called by node: %X "
1533 "addr: %4.4x %8.8x extcode: %2.2X data: %8.8X %8.8X arg: "
1534 "%8.8X %8.8X ",
1535 nodeid, (u16) ((addr >> 32) & 0xFFFF),
1536 (u32) (addr & 0xFFFFFFFF),
1537 ext_tcode & 0xFF,
1538 (u32) ((be64_to_cpu(data) >> 32) & 0xFFFFFFFF),
1539 (u32) (be64_to_cpu(data) & 0xFFFFFFFF),
1540 (u32) ((be64_to_cpu(arg) >> 32) & 0xFFFFFFFF),
1541 (u32) (be64_to_cpu(arg) & 0xFFFFFFFF));
1542 }
1543 spin_lock_irqsave(&host_info_lock, irqflags);
1544 hi = find_host_info(host); /* search addressentry in file_info's for host */
1545 if (hi != NULL) {
1546 list_for_each_entry(fi, &hi->file_info_list, list) {
1547 entry = fi->addr_list.next;
1548 while (entry != &(fi->addr_list)) {
1549 arm_addr =
1550 list_entry(entry, struct arm_addr,
1551 addr_list);
1552 if (((arm_addr->start) <= (addr))
1553 && ((arm_addr->end) >=
1554 (addr + sizeof(*store)))) {
1555 found = 1;
1556 break;
1557 }
1558 entry = entry->next;
1559 }
1560 if (found) {
1561 break;
1562 }
1563 }
1564 }
1565 rcode = -1;
1566 if (!found) {
1567 printk(KERN_ERR
1568 "raw1394: arm_lock64 FAILED addr_entry not found"
1569 " -> rcode_address_error\n");
1570 spin_unlock_irqrestore(&host_info_lock, irqflags);
1571 return (RCODE_ADDRESS_ERROR);
1572 } else {
1573 DBGMSG("arm_lock64 addr_entry FOUND");
1574 }
1575 if (rcode == -1) {
1576 if (arm_addr->access_rights & ARM_LOCK) {
1577 if (!(arm_addr->client_transactions & ARM_LOCK)) {
1578 memcpy(&old,
1579 (arm_addr->addr_space_buffer) + (addr -
1580 (arm_addr->
1581 start)),
1582 sizeof(old));
1583 switch (ext_tcode) {
1584 case (EXTCODE_MASK_SWAP):
1585 new = data | (old & ~arg);
1586 break;
1587 case (EXTCODE_COMPARE_SWAP):
1588 if (old == arg) {
1589 new = data;
1590 } else {
1591 new = old;
1592 }
1593 break;
1594 case (EXTCODE_FETCH_ADD):
1595 new =
1596 cpu_to_be64(be64_to_cpu(data) +
1597 be64_to_cpu(old));
1598 break;
1599 case (EXTCODE_LITTLE_ADD):
1600 new =
1601 cpu_to_le64(le64_to_cpu(data) +
1602 le64_to_cpu(old));
1603 break;
1604 case (EXTCODE_BOUNDED_ADD):
1605 if (old != arg) {
1606 new =
1607 cpu_to_be64(be64_to_cpu
1608 (data) +
1609 be64_to_cpu
1610 (old));
1611 } else {
1612 new = old;
1613 }
1614 break;
1615 case (EXTCODE_WRAP_ADD):
1616 if (old != arg) {
1617 new =
1618 cpu_to_be64(be64_to_cpu
1619 (data) +
1620 be64_to_cpu
1621 (old));
1622 } else {
1623 new = data;
1624 }
1625 break;
1626 default:
1627 printk(KERN_ERR
1628 "raw1394: arm_lock64 FAILED "
1629 "ext_tcode not allowed -> rcode_type_error\n");
1630 rcode = RCODE_TYPE_ERROR; /* function not allowed */
1631 break;
1632 } /*switch */
1633 if (rcode == -1) {
1634 DBGMSG
1635 ("arm_lock64 -> (rcode_complete)");
1636 rcode = RCODE_COMPLETE;
1637 memcpy(store, &old, sizeof(*store));
1638 memcpy((arm_addr->addr_space_buffer) +
1639 (addr - (arm_addr->start)),
1640 &new, sizeof(*store));
1641 }
1642 }
1643 } else {
1644 rcode = RCODE_TYPE_ERROR; /* function not allowed */
1645 DBGMSG
1646 ("arm_lock64 -> rcode_type_error (access denied)");
1647 }
1648 }
1649 if (arm_addr->notification_options & ARM_LOCK) {
1650 byte_t *buf1, *buf2;
1651 DBGMSG("arm_lock64 -> entering notification-section");
1652 req = __alloc_pending_request(GFP_ATOMIC);
1653 if (!req) {
1654 spin_unlock_irqrestore(&host_info_lock, irqflags);
1655 DBGMSG("arm_lock64 -> rcode_conflict_error");
1656 return (RCODE_CONFLICT_ERROR); /* A resource conflict was detected.
1657 The request may be retried */
1658 }
1659 size = sizeof(struct arm_request) + sizeof(struct arm_response) + 3 * sizeof(*store) + sizeof(struct arm_request_response); /* maximum */
1660 req->data = kmalloc(size, GFP_ATOMIC);
1661 if (!(req->data)) {
1662 free_pending_request(req);
1663 spin_unlock_irqrestore(&host_info_lock, irqflags);
1664 DBGMSG("arm_lock64 -> rcode_conflict_error");
1665 return (RCODE_CONFLICT_ERROR); /* A resource conflict was detected.
1666 The request may be retried */
1667 }
1668 req->free_data = 1;
1669 arm_req_resp = (struct arm_request_response *)(req->data);
1670 arm_req = (struct arm_request *)((byte_t *) (req->data) +
1671 (sizeof
1672 (struct
1673 arm_request_response)));
1674 arm_resp =
1675 (struct arm_response *)((byte_t *) (arm_req) +
1676 (sizeof(struct arm_request)));
1677 buf1 = (byte_t *) arm_resp + sizeof(struct arm_response);
1678 buf2 = buf1 + 2 * sizeof(*store);
1679 if ((ext_tcode == EXTCODE_FETCH_ADD) ||
1680 (ext_tcode == EXTCODE_LITTLE_ADD)) {
1681 arm_req->buffer_length = sizeof(*store);
1682 memcpy(buf1, &data, sizeof(*store));
1683
1684 } else {
1685 arm_req->buffer_length = 2 * sizeof(*store);
1686 memcpy(buf1, &arg, sizeof(*store));
1687 memcpy(buf1 + sizeof(*store), &data, sizeof(*store));
1688 }
1689 if (rcode == RCODE_COMPLETE) {
1690 arm_resp->buffer_length = sizeof(*store);
1691 memcpy(buf2, &old, sizeof(*store));
1692 } else {
1693 arm_resp->buffer_length = 0;
1694 }
1695 req->file_info = fi;
1696 req->req.type = RAW1394_REQ_ARM;
1697 req->req.generation = get_hpsb_generation(host);
1698 req->req.misc = ((((sizeof(*store)) << 16) & (0xFFFF0000)) |
1699 (ARM_LOCK & 0xFF));
1700 req->req.tag = arm_addr->arm_tag;
1701 req->req.recvb = arm_addr->recvb;
1702 req->req.length = size;
1703 arm_req->generation = req->req.generation;
1704 arm_req->extended_transaction_code = ext_tcode;
1705 arm_req->destination_offset = addr;
1706 arm_req->source_nodeid = nodeid;
1707 arm_req->destination_nodeid = host->node_id;
1708 arm_req->tlabel = (flags >> 10) & 0x3f;
1709 arm_req->tcode = (flags >> 4) & 0x0f;
1710 arm_resp->response_code = rcode;
1711 arm_req_resp->request = int2ptr((arm_addr->recvb) +
1712 sizeof(struct
1713 arm_request_response));
1714 arm_req_resp->response =
1715 int2ptr((arm_addr->recvb) +
1716 sizeof(struct arm_request_response) +
1717 sizeof(struct arm_request));
1718 arm_req->buffer =
1719 int2ptr((arm_addr->recvb) +
1720 sizeof(struct arm_request_response) +
1721 sizeof(struct arm_request) +
1722 sizeof(struct arm_response));
1723 arm_resp->buffer =
1724 int2ptr((arm_addr->recvb) +
1725 sizeof(struct arm_request_response) +
1726 sizeof(struct arm_request) +
1727 sizeof(struct arm_response) + 2 * sizeof(*store));
1728 queue_complete_req(req);
1729 }
1730 spin_unlock_irqrestore(&host_info_lock, irqflags);
1731 return (rcode);
1732 }
1733
1734 static int arm_register(struct file_info *fi, struct pending_request *req)
1735 {
1736 int retval;
1737 struct arm_addr *addr;
1738 struct host_info *hi;
1739 struct file_info *fi_hlp = NULL;
1740 struct list_head *entry;
1741 struct arm_addr *arm_addr = NULL;
1742 int same_host, another_host;
1743 unsigned long flags;
1744
1745 DBGMSG("arm_register called "
1746 "addr(Offset): %8.8x %8.8x length: %u "
1747 "rights: %2.2X notify: %2.2X "
1748 "max_blk_len: %4.4X",
1749 (u32) ((req->req.address >> 32) & 0xFFFF),
1750 (u32) (req->req.address & 0xFFFFFFFF),
1751 req->req.length, ((req->req.misc >> 8) & 0xFF),
1752 (req->req.misc & 0xFF), ((req->req.misc >> 16) & 0xFFFF));
1753 /* check addressrange */
1754 if ((((req->req.address) & ~(0xFFFFFFFFFFFFULL)) != 0) ||
1755 (((req->req.address + req->req.length) & ~(0xFFFFFFFFFFFFULL)) !=
1756 0)) {
1757 req->req.length = 0;
1758 return (-EINVAL);
1759 }
1760 /* addr-list-entry for fileinfo */
1761 addr = kmalloc(sizeof(*addr), GFP_KERNEL);
1762 if (!addr) {
1763 req->req.length = 0;
1764 return (-ENOMEM);
1765 }
1766 /* allocation of addr_space_buffer */
1767 addr->addr_space_buffer = vmalloc(req->req.length);
1768 if (!(addr->addr_space_buffer)) {
1769 kfree(addr);
1770 req->req.length = 0;
1771 return (-ENOMEM);
1772 }
1773 /* initialization of addr_space_buffer */
1774 if ((req->req.sendb) == (unsigned long)NULL) {
1775 /* init: set 0 */
1776 memset(addr->addr_space_buffer, 0, req->req.length);
1777 } else {
1778 /* init: user -> kernel */
1779 if (copy_from_user
1780 (addr->addr_space_buffer, int2ptr(req->req.sendb),
1781 req->req.length)) {
1782 vfree(addr->addr_space_buffer);
1783 kfree(addr);
1784 return (-EFAULT);
1785 }
1786 }
1787 INIT_LIST_HEAD(&addr->addr_list);
1788 addr->arm_tag = req->req.tag;
1789 addr->start = req->req.address;
1790 addr->end = req->req.address + req->req.length;
1791 addr->access_rights = (u8) (req->req.misc & 0x0F);
1792 addr->notification_options = (u8) ((req->req.misc >> 4) & 0x0F);
1793 addr->client_transactions = (u8) ((req->req.misc >> 8) & 0x0F);
1794 addr->access_rights |= addr->client_transactions;
1795 addr->notification_options |= addr->client_transactions;
1796 addr->recvb = req->req.recvb;
1797 addr->rec_length = (u16) ((req->req.misc >> 16) & 0xFFFF);
1798
1799 spin_lock_irqsave(&host_info_lock, flags);
1800 hi = find_host_info(fi->host);
1801 same_host = 0;
1802 another_host = 0;
1803 /* same host with address-entry containing same addressrange ? */
1804 list_for_each_entry(fi_hlp, &hi->file_info_list, list) {
1805 entry = fi_hlp->addr_list.next;
1806 while (entry != &(fi_hlp->addr_list)) {
1807 arm_addr =
1808 list_entry(entry, struct arm_addr, addr_list);
1809 if ((arm_addr->start == addr->start)
1810 && (arm_addr->end == addr->end)) {
1811 DBGMSG("same host ownes same "
1812 "addressrange -> EALREADY");
1813 same_host = 1;
1814 break;
1815 }
1816 entry = entry->next;
1817 }
1818 if (same_host) {
1819 break;
1820 }
1821 }
1822 if (same_host) {
1823 /* addressrange occupied by same host */
1824 spin_unlock_irqrestore(&host_info_lock, flags);
1825 vfree(addr->addr_space_buffer);
1826 kfree(addr);
1827 return (-EALREADY);
1828 }
1829 /* another host with valid address-entry containing same addressrange */
1830 list_for_each_entry(hi, &host_info_list, list) {
1831 if (hi->host != fi->host) {
1832 list_for_each_entry(fi_hlp, &hi->file_info_list, list) {
1833 entry = fi_hlp->addr_list.next;
1834 while (entry != &(fi_hlp->addr_list)) {
1835 arm_addr =
1836 list_entry(entry, struct arm_addr,
1837 addr_list);
1838 if ((arm_addr->start == addr->start)
1839 && (arm_addr->end == addr->end)) {
1840 DBGMSG
1841 ("another host ownes same "
1842 "addressrange");
1843 another_host = 1;
1844 break;
1845 }
1846 entry = entry->next;
1847 }
1848 if (another_host) {
1849 break;
1850 }
1851 }
1852 }
1853 }
1854 spin_unlock_irqrestore(&host_info_lock, flags);
1855
1856 if (another_host) {
1857 DBGMSG("another hosts entry is valid -> SUCCESS");
1858 if (copy_to_user(int2ptr(req->req.recvb),
1859 &addr->start, sizeof(u64))) {
1860 printk(KERN_ERR "raw1394: arm_register failed "
1861 " address-range-entry is invalid -> EFAULT !!!\n");
1862 vfree(addr->addr_space_buffer);
1863 kfree(addr);
1864 return (-EFAULT);
1865 }
1866 free_pending_request(req); /* immediate success or fail */
1867 /* INSERT ENTRY */
1868 spin_lock_irqsave(&host_info_lock, flags);
1869 list_add_tail(&addr->addr_list, &fi->addr_list);
1870 spin_unlock_irqrestore(&host_info_lock, flags);
1871 return sizeof(struct raw1394_request);
1872 }
1873 retval =
1874 hpsb_register_addrspace(&raw1394_highlevel, fi->host, &arm_ops,
1875 req->req.address,
1876 req->req.address + req->req.length);
1877 if (retval) {
1878 /* INSERT ENTRY */
1879 spin_lock_irqsave(&host_info_lock, flags);
1880 list_add_tail(&addr->addr_list, &fi->addr_list);
1881 spin_unlock_irqrestore(&host_info_lock, flags);
1882 } else {
1883 DBGMSG("arm_register failed errno: %d \n", retval);
1884 vfree(addr->addr_space_buffer);
1885 kfree(addr);
1886 return (-EALREADY);
1887 }
1888 free_pending_request(req); /* immediate success or fail */
1889 return sizeof(struct raw1394_request);
1890 }
1891
1892 static int arm_unregister(struct file_info *fi, struct pending_request *req)
1893 {
1894 int found = 0;
1895 int retval = 0;
1896 struct list_head *entry;
1897 struct arm_addr *addr = NULL;
1898 struct host_info *hi;
1899 struct file_info *fi_hlp = NULL;
1900 struct arm_addr *arm_addr = NULL;
1901 int another_host;
1902 unsigned long flags;
1903
1904 DBGMSG("arm_Unregister called addr(Offset): "
1905 "%8.8x %8.8x",
1906 (u32) ((req->req.address >> 32) & 0xFFFF),
1907 (u32) (req->req.address & 0xFFFFFFFF));
1908 spin_lock_irqsave(&host_info_lock, flags);
1909 /* get addr */
1910 entry = fi->addr_list.next;
1911 while (entry != &(fi->addr_list)) {
1912 addr = list_entry(entry, struct arm_addr, addr_list);
1913 if (addr->start == req->req.address) {
1914 found = 1;
1915 break;
1916 }
1917 entry = entry->next;
1918 }
1919 if (!found) {
1920 DBGMSG("arm_Unregister addr not found");
1921 spin_unlock_irqrestore(&host_info_lock, flags);
1922 return (-EINVAL);
1923 }
1924 DBGMSG("arm_Unregister addr found");
1925 another_host = 0;
1926 /* another host with valid address-entry containing
1927 same addressrange */
1928 list_for_each_entry(hi, &host_info_list, list) {
1929 if (hi->host != fi->host) {
1930 list_for_each_entry(fi_hlp, &hi->file_info_list, list) {
1931 entry = fi_hlp->addr_list.next;
1932 while (entry != &(fi_hlp->addr_list)) {
1933 arm_addr = list_entry(entry,
1934 struct arm_addr,
1935 addr_list);
1936 if (arm_addr->start == addr->start) {
1937 DBGMSG("another host ownes "
1938 "same addressrange");
1939 another_host = 1;
1940 break;
1941 }
1942 entry = entry->next;
1943 }
1944 if (another_host) {
1945 break;
1946 }
1947 }
1948 }
1949 }
1950 if (another_host) {
1951 DBGMSG("delete entry from list -> success");
1952 list_del(&addr->addr_list);
1953 spin_unlock_irqrestore(&host_info_lock, flags);
1954 vfree(addr->addr_space_buffer);
1955 kfree(addr);
1956 free_pending_request(req); /* immediate success or fail */
1957 return sizeof(struct raw1394_request);
1958 }
1959 retval =
1960 hpsb_unregister_addrspace(&raw1394_highlevel, fi->host,
1961 addr->start);
1962 if (!retval) {
1963 printk(KERN_ERR "raw1394: arm_Unregister failed -> EINVAL\n");
1964 spin_unlock_irqrestore(&host_info_lock, flags);
1965 return (-EINVAL);
1966 }
1967 DBGMSG("delete entry from list -> success");
1968 list_del(&addr->addr_list);
1969 spin_unlock_irqrestore(&host_info_lock, flags);
1970 vfree(addr->addr_space_buffer);
1971 kfree(addr);
1972 free_pending_request(req); /* immediate success or fail */
1973 return sizeof(struct raw1394_request);
1974 }
1975
1976 /* Copy data from ARM buffer(s) to user buffer. */
1977 static int arm_get_buf(struct file_info *fi, struct pending_request *req)
1978 {
1979 struct arm_addr *arm_addr = NULL;
1980 unsigned long flags;
1981 unsigned long offset;
1982
1983 struct list_head *entry;
1984
1985 DBGMSG("arm_get_buf "
1986 "addr(Offset): %04X %08X length: %u",
1987 (u32) ((req->req.address >> 32) & 0xFFFF),
1988 (u32) (req->req.address & 0xFFFFFFFF), (u32) req->req.length);
1989
1990 spin_lock_irqsave(&host_info_lock, flags);
1991 entry = fi->addr_list.next;
1992 while (entry != &(fi->addr_list)) {
1993 arm_addr = list_entry(entry, struct arm_addr, addr_list);
1994 if ((arm_addr->start <= req->req.address) &&
1995 (arm_addr->end > req->req.address)) {
1996 if (req->req.address + req->req.length <= arm_addr->end) {
1997 offset = req->req.address - arm_addr->start;
1998 spin_unlock_irqrestore(&host_info_lock, flags);
1999
2000 DBGMSG
2001 ("arm_get_buf copy_to_user( %08X, %p, %u )",
2002 (u32) req->req.recvb,
2003 arm_addr->addr_space_buffer + offset,
2004 (u32) req->req.length);
2005 if (copy_to_user
2006 (int2ptr(req->req.recvb),
2007 arm_addr->addr_space_buffer + offset,
2008 req->req.length))
2009 return (-EFAULT);
2010
2011 /* We have to free the request, because we
2012 * queue no response, and therefore nobody
2013 * will free it. */
2014 free_pending_request(req);
2015 return sizeof(struct raw1394_request);
2016 } else {
2017 DBGMSG("arm_get_buf request exceeded mapping");
2018 spin_unlock_irqrestore(&host_info_lock, flags);
2019 return (-EINVAL);
2020 }
2021 }
2022 entry = entry->next;
2023 }
2024 spin_unlock_irqrestore(&host_info_lock, flags);
2025 return (-EINVAL);
2026 }
2027
2028 /* Copy data from user buffer to ARM buffer(s). */
2029 static int arm_set_buf(struct file_info *fi, struct pending_request *req)
2030 {
2031 struct arm_addr *arm_addr = NULL;
2032 unsigned long flags;
2033 unsigned long offset;
2034
2035 struct list_head *entry;
2036
2037 DBGMSG("arm_set_buf "
2038 "addr(Offset): %04X %08X length: %u",
2039 (u32) ((req->req.address >> 32) & 0xFFFF),
2040 (u32) (req->req.address & 0xFFFFFFFF), (u32) req->req.length);
2041
2042 spin_lock_irqsave(&host_info_lock, flags);
2043 entry = fi->addr_list.next;
2044 while (entry != &(fi->addr_list)) {
2045 arm_addr = list_entry(entry, struct arm_addr, addr_list);
2046 if ((arm_addr->start <= req->req.address) &&
2047 (arm_addr->end > req->req.address)) {
2048 if (req->req.address + req->req.length <= arm_addr->end) {
2049 offset = req->req.address - arm_addr->start;
2050 spin_unlock_irqrestore(&host_info_lock, flags);
2051
2052 DBGMSG
2053 ("arm_set_buf copy_from_user( %p, %08X, %u )",
2054 arm_addr->addr_space_buffer + offset,
2055 (u32) req->req.sendb,
2056 (u32) req->req.length);
2057 if (copy_from_user
2058 (arm_addr->addr_space_buffer + offset,
2059 int2ptr(req->req.sendb),
2060 req->req.length))
2061 return (-EFAULT);
2062
2063 /* We have to free the request, because we
2064 * queue no response, and therefore nobody
2065 * will free it. */
2066 free_pending_request(req);
2067 return sizeof(struct raw1394_request);
2068 } else {
2069 DBGMSG("arm_set_buf request exceeded mapping");
2070 spin_unlock_irqrestore(&host_info_lock, flags);
2071 return (-EINVAL);
2072 }
2073 }
2074 entry = entry->next;
2075 }
2076 spin_unlock_irqrestore(&host_info_lock, flags);
2077 return (-EINVAL);
2078 }
2079
2080 static int reset_notification(struct file_info *fi, struct pending_request *req)
2081 {
2082 DBGMSG("reset_notification called - switch %s ",
2083 (req->req.misc == RAW1394_NOTIFY_OFF) ? "OFF" : "ON");
2084 if ((req->req.misc == RAW1394_NOTIFY_OFF) ||
2085 (req->req.misc == RAW1394_NOTIFY_ON)) {
2086 fi->notification = (u8) req->req.misc;
2087 free_pending_request(req); /* we have to free the request, because we queue no response, and therefore nobody will free it */
2088 return sizeof(struct raw1394_request);
2089 }
2090 /* error EINVAL (22) invalid argument */
2091 return (-EINVAL);
2092 }
2093
2094 static int write_phypacket(struct file_info *fi, struct pending_request *req)
2095 {
2096 struct hpsb_packet *packet = NULL;
2097 int retval = 0;
2098 quadlet_t data;
2099 unsigned long flags;
2100
2101 data = be32_to_cpu((u32) req->req.sendb);
2102 DBGMSG("write_phypacket called - quadlet 0x%8.8x ", data);
2103 packet = hpsb_make_phypacket(fi->host, data);
2104 if (!packet)
2105 return -ENOMEM;
2106 req->req.length = 0;
2107 req->packet = packet;
2108 hpsb_set_packet_complete_task(packet,
2109 (void (*)(void *))queue_complete_cb, req);
2110 spin_lock_irqsave(&fi->reqlists_lock, flags);
2111 list_add_tail(&req->list, &fi->req_pending);
2112 spin_unlock_irqrestore(&fi->reqlists_lock, flags);
2113 packet->generation = req->req.generation;
2114 retval = hpsb_send_packet(packet);
2115 DBGMSG("write_phypacket send_packet called => retval: %d ", retval);
2116 if (retval < 0) {
2117 req->req.error = RAW1394_ERROR_SEND_ERROR;
2118 req->req.length = 0;
2119 queue_complete_req(req);
2120 }
2121 return sizeof(struct raw1394_request);
2122 }
2123
2124 static int get_config_rom(struct file_info *fi, struct pending_request *req)
2125 {
2126 int ret = sizeof(struct raw1394_request);
2127 quadlet_t *data = kmalloc(req->req.length, GFP_KERNEL);
2128 int status;
2129
2130 if (!data)
2131 return -ENOMEM;
2132
2133 status =
2134 csr1212_read(fi->host->csr.rom, CSR1212_CONFIG_ROM_SPACE_OFFSET,
2135 data, req->req.length);
2136 if (copy_to_user(int2ptr(req->req.recvb), data, req->req.length))
2137 ret = -EFAULT;
2138 if (copy_to_user
2139 (int2ptr(req->req.tag), &fi->host->csr.rom->cache_head->len,
2140 sizeof(fi->host->csr.rom->cache_head->len)))
2141 ret = -EFAULT;
2142 if (copy_to_user(int2ptr(req->req.address), &fi->host->csr.generation,
2143 sizeof(fi->host->csr.generation)))
2144 ret = -EFAULT;
2145 if (copy_to_user(int2ptr(req->req.sendb), &status, sizeof(status)))
2146 ret = -EFAULT;
2147 kfree(data);
2148 if (ret >= 0) {
2149 free_pending_request(req); /* we have to free the request, because we queue no response, and therefore nobody will free it */
2150 }
2151 return ret;
2152 }
2153
2154 static int update_config_rom(struct file_info *fi, struct pending_request *req)
2155 {
2156 int ret = sizeof(struct raw1394_request);
2157 quadlet_t *data = kmalloc(req->req.length, GFP_KERNEL);
2158 if (!data)
2159 return -ENOMEM;
2160 if (copy_from_user(data, int2ptr(req->req.sendb), req->req.length)) {
2161 ret = -EFAULT;
2162 } else {
2163 int status = hpsb_update_config_rom(fi->host,
2164 data, req->req.length,
2165 (unsigned char)req->req.
2166 misc);
2167 if (copy_to_user
2168 (int2ptr(req->req.recvb), &status, sizeof(status)))
2169 ret = -ENOMEM;
2170 }
2171 kfree(data);
2172 if (ret >= 0) {
2173 free_pending_request(req); /* we have to free the request, because we queue no response, and therefore nobody will free it */
2174 fi->cfgrom_upd = 1;
2175 }
2176 return ret;
2177 }
2178
2179 static int modify_config_rom(struct file_info *fi, struct pending_request *req)
2180 {
2181 struct csr1212_keyval *kv;
2182 struct csr1212_csr_rom_cache *cache;
2183 struct csr1212_dentry *dentry;
2184 u32 dr;
2185 int ret = 0;
2186
2187 if (req->req.misc == ~0) {
2188 if (req->req.length == 0)
2189 return -EINVAL;
2190
2191 /* Find an unused slot */
2192 for (dr = 0;
2193 dr < RAW1394_MAX_USER_CSR_DIRS && fi->csr1212_dirs[dr];
2194 dr++) ;
2195
2196 if (dr == RAW1394_MAX_USER_CSR_DIRS)
2197 return -ENOMEM;
2198
2199 fi->csr1212_dirs[dr] =
2200 csr1212_new_directory(CSR1212_KV_ID_VENDOR);
2201 if (!fi->csr1212_dirs[dr])
2202 return -ENOMEM;
2203 } else {
2204 dr = req->req.misc;
2205 if (!fi->csr1212_dirs[dr])
2206 return -EINVAL;
2207
2208 /* Delete old stuff */
2209 for (dentry =
2210 fi->csr1212_dirs[dr]->value.directory.dentries_head;
2211 dentry; dentry = dentry->next) {
2212 csr1212_detach_keyval_from_directory(fi->host->csr.rom->
2213 root_kv,
2214 dentry->kv);
2215 }
2216
2217 if (req->req.length == 0) {
2218 csr1212_release_keyval(fi->csr1212_dirs[dr]);
2219 fi->csr1212_dirs[dr] = NULL;
2220
2221 hpsb_update_config_rom_image(fi->host);
2222 free_pending_request(req);
2223 return sizeof(struct raw1394_request);
2224 }
2225 }
2226
2227 cache = csr1212_rom_cache_malloc(0, req->req.length);
2228 if (!cache) {
2229 csr1212_release_keyval(fi->csr1212_dirs[dr]);
2230 fi->csr1212_dirs[dr] = NULL;
2231 return -ENOMEM;
2232 }
2233
2234 cache->filled_head = kmalloc(sizeof(*cache->filled_head), GFP_KERNEL);
2235 if (!cache->filled_head) {
2236 csr1212_release_keyval(fi->csr1212_dirs[dr]);
2237 fi->csr1212_dirs[dr] = NULL;
2238 CSR1212_FREE(cache);
2239 return -ENOMEM;
2240 }
2241 cache->filled_tail = cache->filled_head;
2242
2243 if (copy_from_user(cache->data, int2ptr(req->req.sendb),
2244 req->req.length)) {
2245 csr1212_release_keyval(fi->csr1212_dirs[dr]);
2246 fi->csr1212_dirs[dr] = NULL;
2247 ret = -EFAULT;
2248 } else {
2249 cache->len = req->req.length;
2250 cache->filled_head->offset_start = 0;
2251 cache->filled_head->offset_end = cache->size - 1;
2252
2253 cache->layout_head = cache->layout_tail = fi->csr1212_dirs[dr];
2254
2255 ret = CSR1212_SUCCESS;
2256 /* parse all the items */
2257 for (kv = cache->layout_head; ret == CSR1212_SUCCESS && kv;
2258 kv = kv->next) {
2259 ret = csr1212_parse_keyval(kv, cache);
2260 }
2261
2262 /* attach top level items to the root directory */
2263 for (dentry =
2264 fi->csr1212_dirs[dr]->value.directory.dentries_head;
2265 ret == CSR1212_SUCCESS && dentry; dentry = dentry->next) {
2266 ret =
2267 csr1212_attach_keyval_to_directory(fi->host->csr.
2268 rom->root_kv,
2269 dentry->kv);
2270 }
2271
2272 if (ret == CSR1212_SUCCESS) {
2273 ret = hpsb_update_config_rom_image(fi->host);
2274
2275 if (ret >= 0 && copy_to_user(int2ptr(req->req.recvb),
2276 &dr, sizeof(dr))) {
2277 ret = -ENOMEM;
2278 }
2279 }
2280 }
2281 kfree(cache->filled_head);
2282 CSR1212_FREE(cache);
2283
2284 if (ret >= 0) {
2285 /* we have to free the request, because we queue no response,
2286 * and therefore nobody will free it */
2287 free_pending_request(req);
2288 return sizeof(struct raw1394_request);
2289 } else {
2290 for (dentry =
2291 fi->csr1212_dirs[dr]->value.directory.dentries_head;
2292 dentry; dentry = dentry->next) {
2293 csr1212_detach_keyval_from_directory(fi->host->csr.rom->
2294 root_kv,
2295 dentry->kv);
2296 }
2297 csr1212_release_keyval(fi->csr1212_dirs[dr]);
2298 fi->csr1212_dirs[dr] = NULL;
2299 return ret;
2300 }
2301 }
2302
2303 static int state_connected(struct file_info *fi, struct pending_request *req)
2304 {
2305 int node = req->req.address >> 48;
2306
2307 req->req.error = RAW1394_ERROR_NONE;
2308
2309 switch (req->req.type) {
2310
2311 case RAW1394_REQ_ECHO:
2312 queue_complete_req(req);
2313 return sizeof(struct raw1394_request);
2314
2315 case RAW1394_REQ_ISO_SEND:
2316 print_old_iso_deprecation();
2317 return handle_iso_send(fi, req, node);
2318
2319 case RAW1394_REQ_ARM_REGISTER:
2320 return arm_register(fi, req);
2321
2322 case RAW1394_REQ_ARM_UNREGISTER:
2323 return arm_unregister(fi, req);
2324
2325 case RAW1394_REQ_ARM_SET_BUF:
2326 return arm_set_buf(fi, req);
2327
2328 case RAW1394_REQ_ARM_GET_BUF:
2329 return arm_get_buf(fi, req);
2330
2331 case RAW1394_REQ_RESET_NOTIFY:
2332 return reset_notification(fi, req);
2333
2334 case RAW1394_REQ_ISO_LISTEN:
2335 print_old_iso_deprecation();
2336 handle_iso_listen(fi, req);
2337 return sizeof(struct raw1394_request);
2338
2339 case RAW1394_REQ_FCP_LISTEN:
2340 handle_fcp_listen(fi, req);
2341 return sizeof(struct raw1394_request);
2342
2343 case RAW1394_REQ_RESET_BUS:
2344 if (req->req.misc == RAW1394_LONG_RESET) {
2345 DBGMSG("busreset called (type: LONG)");
2346 hpsb_reset_bus(fi->host, LONG_RESET);
2347 free_pending_request(req); /* we have to free the request, because we queue no response, and therefore nobody will free it */
2348 return sizeof(struct raw1394_request);
2349 }
2350 if (req->req.misc == RAW1394_SHORT_RESET) {
2351 DBGMSG("busreset called (type: SHORT)");
2352 hpsb_reset_bus(fi->host, SHORT_RESET);
2353 free_pending_request(req); /* we have to free the request, because we queue no response, and therefore nobody will free it */
2354 return sizeof(struct raw1394_request);
2355 }
2356 /* error EINVAL (22) invalid argument */
2357 return (-EINVAL);
2358 case RAW1394_REQ_GET_ROM:
2359 return get_config_rom(fi, req);
2360
2361 case RAW1394_REQ_UPDATE_ROM:
2362 return update_config_rom(fi, req);
2363
2364 case RAW1394_REQ_MODIFY_ROM:
2365 return modify_config_rom(fi, req);
2366 }
2367
2368 if (req->req.generation != get_hpsb_generation(fi->host)) {
2369 req->req.error = RAW1394_ERROR_GENERATION;
2370 req->req.generation = get_hpsb_generation(fi->host);
2371 req->req.length = 0;
2372 queue_complete_req(req);
2373 return sizeof(struct raw1394_request);
2374 }
2375
2376 switch (req->req.type) {
2377 case RAW1394_REQ_PHYPACKET:
2378 return write_phypacket(fi, req);
2379 case RAW1394_REQ_ASYNC_SEND:
2380 return handle_async_send(fi, req);
2381 }
2382
2383 if (req->req.length == 0) {
2384 req->req.error = RAW1394_ERROR_INVALID_ARG;
2385 queue_complete_req(req);
2386 return sizeof(struct raw1394_request);
2387 }
2388
2389 return handle_async_request(fi, req, node);
2390 }
2391
2392 static ssize_t raw1394_write(struct file *file, const char __user * buffer,
2393 size_t count, loff_t * offset_is_ignored)
2394 {
2395 struct file_info *fi = (struct file_info *)file->private_data;
2396 struct pending_request *req;
2397 ssize_t retval = 0;
2398
2399 #ifdef CONFIG_COMPAT
2400 if (count == sizeof(struct compat_raw1394_req) &&
2401 sizeof(struct compat_raw1394_req) !=
2402 sizeof(struct raw1394_request)) {
2403 buffer = raw1394_compat_write(buffer);
2404 if (IS_ERR(buffer))
2405 return PTR_ERR(buffer);
2406 } else
2407 #endif
2408 if (count != sizeof(struct raw1394_request)) {
2409 return -EINVAL;
2410 }
2411
2412 req = alloc_pending_request();
2413 if (req == NULL) {
2414 return -ENOMEM;
2415 }
2416 req->file_info = fi;
2417
2418 if (copy_from_user(&req->req, buffer, sizeof(struct raw1394_request))) {
2419 free_pending_request(req);
2420 return -EFAULT;
2421 }
2422
2423 switch (fi->state) {
2424 case opened:
2425 retval = state_opened(fi, req);
2426 break;
2427
2428 case initialized:
2429 retval = state_initialized(fi, req);
2430 break;
2431
2432 case connected:
2433 retval = state_connected(fi, req);
2434 break;
2435 }
2436
2437 if (retval < 0) {
2438 free_pending_request(req);
2439 }
2440
2441 return retval;
2442 }
2443
2444 /* rawiso operations */
2445
2446 /* check if any RAW1394_REQ_RAWISO_ACTIVITY event is already in the
2447 * completion queue (reqlists_lock must be taken) */
2448 static inline int __rawiso_event_in_queue(struct file_info *fi)
2449 {
2450 struct pending_request *req;
2451
2452 list_for_each_entry(req, &fi->req_complete, list)
2453 if (req->req.type == RAW1394_REQ_RAWISO_ACTIVITY)
2454 return 1;
2455
2456 return 0;
2457 }
2458
2459 /* put a RAWISO_ACTIVITY event in the queue, if one isn't there already */
2460 static void queue_rawiso_event(struct file_info *fi)
2461 {
2462 unsigned long flags;
2463
2464 spin_lock_irqsave(&fi->reqlists_lock, flags);
2465
2466 /* only one ISO activity event may be in the queue */
2467 if (!__rawiso_event_in_queue(fi)) {
2468 struct pending_request *req =
2469 __alloc_pending_request(GFP_ATOMIC);
2470
2471 if (req) {
2472 req->file_info = fi;
2473 req->req.type = RAW1394_REQ_RAWISO_ACTIVITY;
2474 req->req.generation = get_hpsb_generation(fi->host);
2475 __queue_complete_req(req);
2476 } else {
2477 /* on allocation failure, signal an overflow */
2478 if (fi->iso_handle) {
2479 atomic_inc(&fi->iso_handle->overflows);
2480 }
2481 }
2482 }
2483 spin_unlock_irqrestore(&fi->reqlists_lock, flags);
2484 }
2485
2486 static void rawiso_activity_cb(struct hpsb_iso *iso)
2487 {
2488 unsigned long flags;
2489 struct host_info *hi;
2490 struct file_info *fi;
2491
2492 spin_lock_irqsave(&host_info_lock, flags);
2493 hi = find_host_info(iso->host);
2494
2495 if (hi != NULL) {
2496 list_for_each_entry(fi, &hi->file_info_list, list) {
2497 if (fi->iso_handle == iso)
2498 queue_rawiso_event(fi);
2499 }
2500 }
2501
2502 spin_unlock_irqrestore(&host_info_lock, flags);
2503 }
2504
2505 /* helper function - gather all the kernel iso status bits for returning to user-space */
2506 static void raw1394_iso_fill_status(struct hpsb_iso *iso,
2507 struct raw1394_iso_status *stat)
2508 {
2509 stat->config.data_buf_size = iso->buf_size;
2510 stat->config.buf_packets = iso->buf_packets;
2511 stat->config.channel = iso->channel;
2512 stat->config.speed = iso->speed;
2513 stat->config.irq_interval = iso->irq_interval;
2514 stat->n_packets = hpsb_iso_n_ready(iso);
2515 stat->overflows = atomic_read(&iso->overflows);
2516 stat->xmit_cycle = iso->xmit_cycle;
2517 }
2518
2519 static int raw1394_iso_xmit_init(struct file_info *fi, void __user * uaddr)
2520 {
2521 struct raw1394_iso_status stat;
2522
2523 if (!fi->host)
2524 return -EINVAL;
2525
2526 if (copy_from_user(&stat, uaddr, sizeof(stat)))
2527 return -EFAULT;
2528
2529 fi->iso_handle = hpsb_iso_xmit_init(fi->host,
2530 stat.config.data_buf_size,
2531 stat.config.buf_packets,
2532 stat.config.channel,
2533 stat.config.speed,
2534 stat.config.irq_interval,
2535 rawiso_activity_cb);
2536 if (!fi->iso_handle)
2537 return -ENOMEM;
2538
2539 fi->iso_state = RAW1394_ISO_XMIT;
2540
2541 raw1394_iso_fill_status(fi->iso_handle, &stat);
2542 if (copy_to_user(uaddr, &stat, sizeof(stat)))
2543 return -EFAULT;
2544
2545 /* queue an event to get things started */
2546 rawiso_activity_cb(fi->iso_handle);
2547
2548 return 0;
2549 }
2550
2551 static int raw1394_iso_recv_init(struct file_info *fi, void __user * uaddr)
2552 {
2553 struct raw1394_iso_status stat;
2554
2555 if (!fi->host)
2556 return -EINVAL;
2557
2558 if (copy_from_user(&stat, uaddr, sizeof(stat)))
2559 return -EFAULT;
2560
2561 fi->iso_handle = hpsb_iso_recv_init(fi->host,
2562 stat.config.data_buf_size,
2563 stat.config.buf_packets,
2564 stat.config.channel,
2565 stat.config.dma_mode,
2566 stat.config.irq_interval,
2567 rawiso_activity_cb);
2568 if (!fi->iso_handle)
2569 return -ENOMEM;
2570
2571 fi->iso_state = RAW1394_ISO_RECV;
2572
2573 raw1394_iso_fill_status(fi->iso_handle, &stat);
2574 if (copy_to_user(uaddr, &stat, sizeof(stat)))
2575 return -EFAULT;
2576 return 0;
2577 }
2578
2579 static int raw1394_iso_get_status(struct file_info *fi, void __user * uaddr)
2580 {
2581 struct raw1394_iso_status stat;
2582 struct hpsb_iso *iso = fi->iso_handle;
2583
2584 raw1394_iso_fill_status(fi->iso_handle, &stat);
2585 if (copy_to_user(uaddr, &stat, sizeof(stat)))
2586 return -EFAULT;
2587
2588 /* reset overflow counter */
2589 atomic_set(&iso->overflows, 0);
2590
2591 return 0;
2592 }
2593
2594 /* copy N packet_infos out of the ringbuffer into user-supplied array */
2595 static int raw1394_iso_recv_packets(struct file_info *fi, void __user * uaddr)
2596 {
2597 struct raw1394_iso_packets upackets;
2598 unsigned int packet = fi->iso_handle->first_packet;
2599 int i;
2600
2601 if (copy_from_user(&upackets, uaddr, sizeof(upackets)))
2602 return -EFAULT;
2603
2604 if (upackets.n_packets > hpsb_iso_n_ready(fi->iso_handle))
2605 return -EINVAL;
2606
2607 /* ensure user-supplied buffer is accessible and big enough */
2608 if (!access_ok(VERIFY_WRITE, upackets.infos,
2609 upackets.n_packets *
2610 sizeof(struct raw1394_iso_packet_info)))
2611 return -EFAULT;
2612
2613 /* copy the packet_infos out */
2614 for (i = 0; i < upackets.n_packets; i++) {
2615 if (__copy_to_user(&upackets.infos[i],
2616 &fi->iso_handle->infos[packet],
2617 sizeof(struct raw1394_iso_packet_info)))
2618 return -EFAULT;
2619
2620 packet = (packet + 1) % fi->iso_handle->buf_packets;
2621 }
2622
2623 return 0;
2624 }
2625
2626 /* copy N packet_infos from user to ringbuffer, and queue them for transmission */
2627 static int raw1394_iso_send_packets(struct file_info *fi, void __user * uaddr)
2628 {
2629 struct raw1394_iso_packets upackets;
2630 int i, rv;
2631
2632 if (copy_from_user(&upackets, uaddr, sizeof(upackets)))
2633 return -EFAULT;
2634
2635 if (upackets.n_packets >= fi->iso_handle->buf_packets)
2636 return -EINVAL;
2637
2638 if (upackets.n_packets >= hpsb_iso_n_ready(fi->iso_handle))
2639 return -EAGAIN;
2640
2641 /* ensure user-supplied buffer is accessible and big enough */
2642 if (!access_ok(VERIFY_READ, upackets.infos,
2643 upackets.n_packets *
2644 sizeof(struct raw1394_iso_packet_info)))
2645 return -EFAULT;
2646
2647 /* copy the infos structs in and queue the packets */
2648 for (i = 0; i < upackets.n_packets; i++) {
2649 struct raw1394_iso_packet_info info;
2650
2651 if (__copy_from_user(&info, &upackets.infos[i],
2652 sizeof(struct raw1394_iso_packet_info)))
2653 return -EFAULT;
2654
2655 rv = hpsb_iso_xmit_queue_packet(fi->iso_handle, info.offset,
2656 info.len, info.tag, info.sy);
2657 if (rv)
2658 return rv;
2659 }
2660
2661 return 0;
2662 }
2663
2664 static void raw1394_iso_shutdown(struct file_info *fi)
2665 {
2666 if (fi->iso_handle)
2667 hpsb_iso_shutdown(fi->iso_handle);
2668
2669 fi->iso_handle = NULL;
2670 fi->iso_state = RAW1394_ISO_INACTIVE;
2671 }
2672
2673 static int raw1394_read_cycle_timer(struct file_info *fi, void __user * uaddr)
2674 {
2675 struct raw1394_cycle_timer ct;
2676 int err;
2677
2678 err = hpsb_read_cycle_timer(fi->host, &ct.cycle_timer, &ct.local_time);
2679 if (!err)
2680 if (copy_to_user(uaddr, &ct, sizeof(ct)))
2681 err = -EFAULT;
2682 return err;
2683 }
2684
2685 /* mmap the rawiso xmit/recv buffer */
2686 static int raw1394_mmap(struct file *file, struct vm_area_struct *vma)
2687 {
2688 struct file_info *fi = file->private_data;
2689
2690 if (fi->iso_state == RAW1394_ISO_INACTIVE)
2691 return -EINVAL;
2692
2693 return dma_region_mmap(&fi->iso_handle->data_buf, file, vma);
2694 }
2695
2696 /* ioctl is only used for rawiso operations */
2697 static int raw1394_ioctl(struct inode *inode, struct file *file,
2698 unsigned int cmd, unsigned long arg)
2699 {
2700 struct file_info *fi = file->private_data;
2701 void __user *argp = (void __user *)arg;
2702
2703 switch (fi->iso_state) {
2704 case RAW1394_ISO_INACTIVE:
2705 switch (cmd) {
2706 case RAW1394_IOC_ISO_XMIT_INIT:
2707 return raw1394_iso_xmit_init(fi, argp);
2708 case RAW1394_IOC_ISO_RECV_INIT:
2709 return raw1394_iso_recv_init(fi, argp);
2710 default:
2711 break;
2712 }
2713 break;
2714 case RAW1394_ISO_RECV:
2715 switch (cmd) {
2716 case RAW1394_IOC_ISO_RECV_START:{
2717 /* copy args from user-space */
2718 int args[3];
2719 if (copy_from_user
2720 (&args[0], argp, sizeof(args)))
2721 return -EFAULT;
2722 return hpsb_iso_recv_start(fi->iso_handle,
2723 args[0], args[1],
2724 args[2]);
2725 }
2726 case RAW1394_IOC_ISO_XMIT_RECV_STOP:
2727 hpsb_iso_stop(fi->iso_handle);
2728 return 0;
2729 case RAW1394_IOC_ISO_RECV_LISTEN_CHANNEL:
2730 return hpsb_iso_recv_listen_channel(fi->iso_handle,
2731 arg);
2732 case RAW1394_IOC_ISO_RECV_UNLISTEN_CHANNEL:
2733 return hpsb_iso_recv_unlisten_channel(fi->iso_handle,
2734 arg);
2735 case RAW1394_IOC_ISO_RECV_SET_CHANNEL_MASK:{
2736 /* copy the u64 from user-space */
2737 u64 mask;
2738 if (copy_from_user(&mask, argp, sizeof(mask)))
2739 return -EFAULT;
2740 return hpsb_iso_recv_set_channel_mask(fi->
2741 iso_handle,
2742 mask);
2743 }
2744 case RAW1394_IOC_ISO_GET_STATUS:
2745 return raw1394_iso_get_status(fi, argp);
2746 case RAW1394_IOC_ISO_RECV_PACKETS:
2747 return raw1394_iso_recv_packets(fi, argp);
2748 case RAW1394_IOC_ISO_RECV_RELEASE_PACKETS:
2749 return hpsb_iso_recv_release_packets(fi->iso_handle,
2750 arg);
2751 case RAW1394_IOC_ISO_RECV_FLUSH:
2752 return hpsb_iso_recv_flush(fi->iso_handle);
2753 case RAW1394_IOC_ISO_SHUTDOWN:
2754 raw1394_iso_shutdown(fi);
2755 return 0;
2756 case RAW1394_IOC_ISO_QUEUE_ACTIVITY:
2757 queue_rawiso_event(fi);
2758 return 0;
2759 }
2760 break;
2761 case RAW1394_ISO_XMIT:
2762 switch (cmd) {
2763 case RAW1394_IOC_ISO_XMIT_START:{
2764 /* copy two ints from user-space */
2765 int args[2];
2766 if (copy_from_user
2767 (&args[0], argp, sizeof(args)))
2768 return -EFAULT;
2769 return hpsb_iso_xmit_start(fi->iso_handle,
2770 args[0], args[1]);
2771 }
2772 case RAW1394_IOC_ISO_XMIT_SYNC:
2773 return hpsb_iso_xmit_sync(fi->iso_handle);
2774 case RAW1394_IOC_ISO_XMIT_RECV_STOP:
2775 hpsb_iso_stop(fi->iso_handle);
2776 return 0;
2777 case RAW1394_IOC_ISO_GET_STATUS:
2778 return raw1394_iso_get_status(fi, argp);
2779 case RAW1394_IOC_ISO_XMIT_PACKETS:
2780 return raw1394_iso_send_packets(fi, argp);
2781 case RAW1394_IOC_ISO_SHUTDOWN:
2782 raw1394_iso_shutdown(fi);
2783 return 0;
2784 case RAW1394_IOC_ISO_QUEUE_ACTIVITY:
2785 queue_rawiso_event(fi);
2786 return 0;
2787 }
2788 break;
2789 default:
2790 break;
2791 }
2792
2793 /* state-independent commands */
2794 switch(cmd) {
2795 case RAW1394_IOC_GET_CYCLE_TIMER:
2796 return raw1394_read_cycle_timer(fi, argp);
2797 default:
2798 break;
2799 }
2800
2801 return -EINVAL;
2802 }
2803
2804 static unsigned int raw1394_poll(struct file *file, poll_table * pt)
2805 {
2806 struct file_info *fi = file->private_data;
2807 unsigned int mask = POLLOUT | POLLWRNORM;
2808 unsigned long flags;
2809
2810 poll_wait(file, &fi->wait_complete, pt);
2811
2812 spin_lock_irqsave(&fi->reqlists_lock, flags);
2813 if (!list_empty(&fi->req_complete)) {
2814 mask |= POLLIN | POLLRDNORM;
2815 }
2816 spin_unlock_irqrestore(&fi->reqlists_lock, flags);
2817
2818 return mask;
2819 }
2820
2821 static int raw1394_open(struct inode *inode, struct file *file)
2822 {
2823 struct file_info *fi;
2824
2825 fi = kzalloc(sizeof(*fi), GFP_KERNEL);
2826 if (!fi)
2827 return -ENOMEM;
2828
2829 fi->notification = (u8) RAW1394_NOTIFY_ON; /* busreset notification */
2830
2831 INIT_LIST_HEAD(&fi->list);
2832 fi->state = opened;
2833 INIT_LIST_HEAD(&fi->req_pending);
2834 INIT_LIST_HEAD(&fi->req_complete);
2835 spin_lock_init(&fi->reqlists_lock);
2836 init_waitqueue_head(&fi->wait_complete);
2837 INIT_LIST_HEAD(&fi->addr_list);
2838
2839 file->private_data = fi;
2840
2841 return 0;
2842 }
2843
2844 static int raw1394_release(struct inode *inode, struct file *file)
2845 {
2846 struct file_info *fi = file->private_data;
2847 struct list_head *lh;
2848 struct pending_request *req;
2849 int i, fail;
2850 int retval = 0;
2851 struct list_head *entry;
2852 struct arm_addr *addr = NULL;
2853 struct host_info *hi;
2854 struct file_info *fi_hlp = NULL;
2855 struct arm_addr *arm_addr = NULL;
2856 int another_host;
2857 int csr_mod = 0;
2858 unsigned long flags;
2859
2860 if (fi->iso_state != RAW1394_ISO_INACTIVE)
2861 raw1394_iso_shutdown(fi);
2862
2863 for (i = 0; i < 64; i++) {
2864 if (fi->listen_channels & (1ULL << i)) {
2865 hpsb_unlisten_channel(&raw1394_highlevel, fi->host, i);
2866 }
2867 }
2868
2869 spin_lock_irqsave(&host_info_lock, flags);
2870 fi->listen_channels = 0;
2871
2872 fail = 0;
2873 /* set address-entries invalid */
2874
2875 while (!list_empty(&fi->addr_list)) {
2876 another_host = 0;
2877 lh = fi->addr_list.next;
2878 addr = list_entry(lh, struct arm_addr, addr_list);
2879 /* another host with valid address-entry containing
2880 same addressrange? */
2881 list_for_each_entry(hi, &host_info_list, list) {
2882 if (hi->host != fi->host) {
2883 list_for_each_entry(fi_hlp, &hi->file_info_list,
2884 list) {
2885 entry = fi_hlp->addr_list.next;
2886 while (entry != &(fi_hlp->addr_list)) {
2887 arm_addr = list_entry(entry, struct
2888 arm_addr,
2889 addr_list);
2890 if (arm_addr->start ==
2891 addr->start) {
2892 DBGMSG
2893 ("raw1394_release: "
2894 "another host ownes "
2895 "same addressrange");
2896 another_host = 1;
2897 break;
2898 }
2899 entry = entry->next;
2900 }
2901 if (another_host) {
2902 break;
2903 }
2904 }
2905 }
2906 }
2907 if (!another_host) {
2908 DBGMSG("raw1394_release: call hpsb_arm_unregister");
2909 retval =
2910 hpsb_unregister_addrspace(&raw1394_highlevel,
2911 fi->host, addr->start);
2912 if (!retval) {
2913 ++fail;
2914 printk(KERN_ERR
2915 "raw1394_release arm_Unregister failed\n");
2916 }
2917 }
2918 DBGMSG("raw1394_release: delete addr_entry from list");
2919 list_del(&addr->addr_list);
2920 vfree(addr->addr_space_buffer);
2921 kfree(addr);
2922 } /* while */
2923 spin_unlock_irqrestore(&host_info_lock, flags);
2924 if (fail > 0) {
2925 printk(KERN_ERR "raw1394: during addr_list-release "
2926 "error(s) occurred \n");
2927 }
2928
2929 for (;;) {
2930 /* This locked section guarantees that neither
2931 * complete nor pending requests exist once i!=0 */
2932 spin_lock_irqsave(&fi->reqlists_lock, flags);
2933 while ((req = __next_complete_req(fi)))
2934 free_pending_request(req);
2935
2936 i = list_empty(&fi->req_pending);
2937 spin_unlock_irqrestore(&fi->reqlists_lock, flags);
2938
2939 if (i)
2940 break;
2941 /*
2942 * Sleep until more requests can be freed.
2943 *
2944 * NB: We call the macro wait_event() with a condition argument
2945 * with side effect. This is only possible because the side
2946 * effect does not occur until the condition became true, and
2947 * wait_event() won't evaluate the condition again after that.
2948 */
2949 wait_event(fi->wait_complete, (req = next_complete_req(fi)));
2950 free_pending_request(req);
2951 }
2952
2953 /* Remove any sub-trees left by user space programs */
2954 for (i = 0; i < RAW1394_MAX_USER_CSR_DIRS; i++) {
2955 struct csr1212_dentry *dentry;
2956 if (!fi->csr1212_dirs[i])
2957 continue;
2958 for (dentry =
2959 fi->csr1212_dirs[i]->value.directory.dentries_head; dentry;
2960 dentry = dentry->next) {
2961 csr1212_detach_keyval_from_directory(fi->host->csr.rom->
2962 root_kv,
2963 dentry->kv);
2964 }
2965 csr1212_release_keyval(fi->csr1212_dirs[i]);
2966 fi->csr1212_dirs[i] = NULL;
2967 csr_mod = 1;
2968 }
2969
2970 if ((csr_mod || fi->cfgrom_upd)
2971 && hpsb_update_config_rom_image(fi->host) < 0)
2972 HPSB_ERR
2973 ("Failed to generate Configuration ROM image for host %d",
2974 fi->host->id);
2975
2976 if (fi->state == connected) {
2977 spin_lock_irqsave(&host_info_lock, flags);
2978 list_del(&fi->list);
2979 spin_unlock_irqrestore(&host_info_lock, flags);
2980
2981 put_device(&fi->host->device);
2982 }
2983
2984 spin_lock_irqsave(&host_info_lock, flags);
2985 if (fi->host)
2986 module_put(fi->host->driver->owner);
2987 spin_unlock_irqrestore(&host_info_lock, flags);
2988
2989 kfree(fi);
2990
2991 return 0;
2992 }
2993
2994 /*** HOTPLUG STUFF **********************************************************/
2995 /*
2996 * Export information about protocols/devices supported by this driver.
2997 */
2998 static struct ieee1394_device_id raw1394_id_table[] = {
2999 {
3000 .match_flags = IEEE1394_MATCH_SPECIFIER_ID | IEEE1394_MATCH_VERSION,
3001 .specifier_id = AVC_UNIT_SPEC_ID_ENTRY & 0xffffff,
3002 .version = AVC_SW_VERSION_ENTRY & 0xffffff},
3003 {
3004 .match_flags = IEEE1394_MATCH_SPECIFIER_ID | IEEE1394_MATCH_VERSION,
3005 .specifier_id = CAMERA_UNIT_SPEC_ID_ENTRY & 0xffffff,
3006 .version = CAMERA_SW_VERSION_ENTRY & 0xffffff},
3007 {
3008 .match_flags = IEEE1394_MATCH_SPECIFIER_ID | IEEE1394_MATCH_VERSION,
3009 .specifier_id = CAMERA_UNIT_SPEC_ID_ENTRY & 0xffffff,
3010 .version = (CAMERA_SW_VERSION_ENTRY + 1) & 0xffffff},
3011 {
3012 .match_flags = IEEE1394_MATCH_SPECIFIER_ID | IEEE1394_MATCH_VERSION,
3013 .specifier_id = CAMERA_UNIT_SPEC_ID_ENTRY & 0xffffff,
3014 .version = (CAMERA_SW_VERSION_ENTRY + 2) & 0xffffff},
3015 {}
3016 };
3017
3018 MODULE_DEVICE_TABLE(ieee1394, raw1394_id_table);
3019
3020 static struct hpsb_protocol_driver raw1394_driver = {
3021 .name = "raw1394",
3022 .id_table = raw1394_id_table,
3023 };
3024
3025 /******************************************************************************/
3026
3027 static struct hpsb_highlevel raw1394_highlevel = {
3028 .name = RAW1394_DEVICE_NAME,
3029 .add_host = add_host,
3030 .remove_host = remove_host,
3031 .host_reset = host_reset,
3032 .iso_receive = iso_receive,
3033 .fcp_request = fcp_request,
3034 };
3035
3036 static struct cdev raw1394_cdev;
3037 static const struct file_operations raw1394_fops = {
3038 .owner = THIS_MODULE,
3039 .read = raw1394_read,
3040 .write = raw1394_write,
3041 .mmap = raw1394_mmap,
3042 .ioctl = raw1394_ioctl,
3043 // .compat_ioctl = ... someone needs to do this
3044 .poll = raw1394_poll,
3045 .open = raw1394_open,
3046 .release = raw1394_release,
3047 };
3048
3049 static int __init init_raw1394(void)
3050 {
3051 int ret = 0;
3052
3053 hpsb_register_highlevel(&raw1394_highlevel);
3054
3055 if (IS_ERR
3056 (class_device_create
3057 (hpsb_protocol_class, NULL,
3058 MKDEV(IEEE1394_MAJOR, IEEE1394_MINOR_BLOCK_RAW1394 * 16), NULL,
3059 RAW1394_DEVICE_NAME))) {
3060 ret = -EFAULT;
3061 goto out_unreg;
3062 }
3063
3064 cdev_init(&raw1394_cdev, &raw1394_fops);
3065 raw1394_cdev.owner = THIS_MODULE;
3066 kobject_set_name(&raw1394_cdev.kobj, RAW1394_DEVICE_NAME);
3067 ret = cdev_add(&raw1394_cdev, IEEE1394_RAW1394_DEV, 1);
3068 if (ret) {
3069 HPSB_ERR("raw1394 failed to register minor device block");
3070 goto out_dev;
3071 }
3072
3073 HPSB_INFO("raw1394: /dev/%s device initialized", RAW1394_DEVICE_NAME);
3074
3075 ret = hpsb_register_protocol(&raw1394_driver);
3076 if (ret) {
3077 HPSB_ERR("raw1394: failed to register protocol");
3078 cdev_del(&raw1394_cdev);
3079 goto out_dev;
3080 }
3081
3082 goto out;
3083
3084 out_dev:
3085 class_device_destroy(hpsb_protocol_class,
3086 MKDEV(IEEE1394_MAJOR,
3087 IEEE1394_MINOR_BLOCK_RAW1394 * 16));
3088 out_unreg:
3089 hpsb_unregister_highlevel(&raw1394_highlevel);
3090 out:
3091 return ret;
3092 }
3093
3094 static void __exit cleanup_raw1394(void)
3095 {
3096 class_device_destroy(hpsb_protocol_class,
3097 MKDEV(IEEE1394_MAJOR,
3098 IEEE1394_MINOR_BLOCK_RAW1394 * 16));
3099 cdev_del(&raw1394_cdev);
3100 hpsb_unregister_highlevel(&raw1394_highlevel);
3101 hpsb_unregister_protocol(&raw1394_driver);
3102 }
3103
3104 module_init(init_raw1394);
3105 module_exit(cleanup_raw1394);
3106 MODULE_LICENSE("GPL");
Ubuntu Focal Linux kernel mirror