search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Staging: bcm: Fix information leak in IOCTL_BCM_GET_DRIVER_VERSION
[linux-2.6/btrfs-unstable.git] / drivers / staging / bcm / Bcmchar.c
blobfa4a854ba054b9e46ba92101a2bd3c3812dd2b5d
1 #include <linux/fs.h>
2
3 #include "headers.h"
4 /***************************************************************
5 * Function - bcm_char_open()
6 *
7 * Description - This is the "open" entry point for the character
8 * driver.
9 *
10 * Parameters - inode: Pointer to the Inode structure of char device
11 * filp : File pointer of the char device
12 *
13 * Returns - Zero(Success)
14 ****************************************************************/
15
16 static int bcm_char_open(struct inode *inode, struct file * filp)
17 {
18 PMINI_ADAPTER Adapter = NULL;
19 PPER_TARANG_DATA pTarang = NULL;
20
21 Adapter = GET_BCM_ADAPTER(gblpnetdev);
22 pTarang = kzalloc(sizeof(PER_TARANG_DATA), GFP_KERNEL);
23 if (!pTarang)
24 return -ENOMEM;
25
26 pTarang->Adapter = Adapter;
27 pTarang->RxCntrlMsgBitMask = 0xFFFFFFFF & ~(1 << 0xB);
28
29 down(&Adapter->RxAppControlQueuelock);
30 pTarang->next = Adapter->pTarangs;
31 Adapter->pTarangs = pTarang;
32 up(&Adapter->RxAppControlQueuelock);
33
34 /* Store the Adapter structure */
35 filp->private_data = pTarang;
36
37 /* Start Queuing the control response Packets */
38 atomic_inc(&Adapter->ApplicationRunning);
39
40 nonseekable_open(inode, filp);
41 return 0;
42 }
43
44 static int bcm_char_release(struct inode *inode, struct file *filp)
45 {
46 PPER_TARANG_DATA pTarang, tmp, ptmp;
47 PMINI_ADAPTER Adapter = NULL;
48 struct sk_buff *pkt, *npkt;
49
50 pTarang = (PPER_TARANG_DATA)filp->private_data;
51
52 if (pTarang == NULL) {
53 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0,
54 "ptarang is null\n");
55 return 0;
56 }
57
58 Adapter = pTarang->Adapter;
59
60 down(&Adapter->RxAppControlQueuelock);
61
62 tmp = Adapter->pTarangs;
63 for (ptmp = NULL; tmp; ptmp = tmp, tmp = tmp->next) {
64 if (tmp == pTarang)
65 break;
66 }
67
68 if (tmp) {
69 if (!ptmp)
70 Adapter->pTarangs = tmp->next;
71 else
72 ptmp->next = tmp->next;
73 } else {
74 up(&Adapter->RxAppControlQueuelock);
75 return 0;
76 }
77
78 pkt = pTarang->RxAppControlHead;
79 while (pkt) {
80 npkt = pkt->next;
81 kfree_skb(pkt);
82 pkt = npkt;
83 }
84
85 up(&Adapter->RxAppControlQueuelock);
86
87 /* Stop Queuing the control response Packets */
88 atomic_dec(&Adapter->ApplicationRunning);
89
90 kfree(pTarang);
91
92 /* remove this filp from the asynchronously notified filp's */
93 filp->private_data = NULL;
94 return 0;
95 }
96
97 static ssize_t bcm_char_read(struct file *filp, char __user *buf, size_t size,
98 loff_t *f_pos)
99 {
100 PPER_TARANG_DATA pTarang = filp->private_data;
101 PMINI_ADAPTER Adapter = pTarang->Adapter;
102 struct sk_buff *Packet = NULL;
103 ssize_t PktLen = 0;
104 int wait_ret_val = 0;
105 unsigned long ret = 0;
106
107 wait_ret_val = wait_event_interruptible(Adapter->process_read_wait_queue,
108 (pTarang->RxAppControlHead ||
109 Adapter->device_removed));
110 if ((wait_ret_val == -ERESTARTSYS)) {
111 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL,
112 "Exiting as i've been asked to exit!!!\n");
113 return wait_ret_val;
114 }
115
116 if (Adapter->device_removed) {
117 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL,
118 "Device Removed... Killing the Apps...\n");
119 return -ENODEV;
120 }
121
122 if (FALSE == Adapter->fw_download_done)
123 return -EACCES;
124
125 down(&Adapter->RxAppControlQueuelock);
126
127 if (pTarang->RxAppControlHead) {
128 Packet = pTarang->RxAppControlHead;
129 DEQUEUEPACKET(pTarang->RxAppControlHead,
130 pTarang->RxAppControlTail);
131 pTarang->AppCtrlQueueLen--;
132 }
133
134 up(&Adapter->RxAppControlQueuelock);
135
136 if (Packet) {
137 PktLen = Packet->len;
138 ret = copy_to_user(buf, Packet->data,
139 min_t(size_t, PktLen, size));
140 if (ret) {
141 dev_kfree_skb(Packet);
142 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0,
143 "Returning from copy to user failure\n");
144 return -EFAULT;
145 }
146 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL,
147 "Read %zd Bytes From Adapter packet = %p by process %d!\n",
148 PktLen, Packet, current->pid);
149 dev_kfree_skb(Packet);
150 }
151
152 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "<\n");
153 return PktLen;
154 }
155
156 static long bcm_char_ioctl(struct file *filp, UINT cmd, ULONG arg)
157 {
158 PPER_TARANG_DATA pTarang = filp->private_data;
159 void __user *argp = (void __user *)arg;
160 PMINI_ADAPTER Adapter = pTarang->Adapter;
161 INT Status = STATUS_FAILURE;
162 int timeout = 0;
163 IOCTL_BUFFER IoBuffer;
164 int bytes;
165
166 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "Parameters Passed to control IOCTL cmd=0x%X arg=0x%lX", cmd, arg);
167
168 if (_IOC_TYPE(cmd) != BCM_IOCTL)
169 return -EFAULT;
170 if (_IOC_DIR(cmd) & _IOC_READ)
171 Status = !access_ok(VERIFY_WRITE, argp, _IOC_SIZE(cmd));
172 else if (_IOC_DIR(cmd) & _IOC_WRITE)
173 Status = !access_ok(VERIFY_READ, argp, _IOC_SIZE(cmd));
174 else if (_IOC_NONE == (_IOC_DIR(cmd) & _IOC_NONE))
175 Status = STATUS_SUCCESS;
176
177 if (Status)
178 return -EFAULT;
179
180 if (Adapter->device_removed)
181 return -EFAULT;
182
183 if (FALSE == Adapter->fw_download_done) {
184 switch (cmd) {
185 case IOCTL_MAC_ADDR_REQ:
186 case IOCTL_LINK_REQ:
187 case IOCTL_CM_REQUEST:
188 case IOCTL_SS_INFO_REQ:
189 case IOCTL_SEND_CONTROL_MESSAGE:
190 case IOCTL_IDLE_REQ:
191 case IOCTL_BCM_GPIO_SET_REQUEST:
192 case IOCTL_BCM_GPIO_STATUS_REQUEST:
193 return -EACCES;
194 default:
195 break;
196 }
197 }
198
199 Status = vendorextnIoctl(Adapter, cmd, arg);
200 if (Status != CONTINUE_COMMON_PATH)
201 return Status;
202
203 switch (cmd) {
204 /* Rdms for Swin Idle... */
205 case IOCTL_BCM_REGISTER_READ_PRIVATE: {
206 RDM_BUFFER sRdmBuffer = {0};
207 PCHAR temp_buff;
208 UINT Bufflen;
209 u16 temp_value;
210
211 /* Copy Ioctl Buffer structure */
212 if (copy_from_user(&IoBuffer, argp, sizeof(IOCTL_BUFFER)))
213 return -EFAULT;
214
215 if (IoBuffer.InputLength > sizeof(sRdmBuffer))
216 return -EINVAL;
217
218 if (copy_from_user(&sRdmBuffer, IoBuffer.InputBuffer, IoBuffer.InputLength))
219 return -EFAULT;
220
221 if (IoBuffer.OutputLength > USHRT_MAX ||
222 IoBuffer.OutputLength == 0) {
223 return -EINVAL;
224 }
225
226 Bufflen = IoBuffer.OutputLength;
227 temp_value = 4 - (Bufflen % 4);
228 Bufflen += temp_value % 4;
229
230 temp_buff = kmalloc(Bufflen, GFP_KERNEL);
231 if (!temp_buff)
232 return -ENOMEM;
233
234 bytes = rdmalt(Adapter, (UINT)sRdmBuffer.Register,
235 (PUINT)temp_buff, Bufflen);
236 if (bytes > 0) {
237 Status = STATUS_SUCCESS;
238 if (copy_to_user(IoBuffer.OutputBuffer, temp_buff, bytes)) {
239 kfree(temp_buff);
240 return -EFAULT;
241 }
242 } else {
243 Status = bytes;
244 }
245
246 kfree(temp_buff);
247 break;
248 }
249
250 case IOCTL_BCM_REGISTER_WRITE_PRIVATE: {
251 WRM_BUFFER sWrmBuffer = {0};
252 UINT uiTempVar = 0;
253 /* Copy Ioctl Buffer structure */
254
255 if (copy_from_user(&IoBuffer, argp, sizeof(IOCTL_BUFFER)))
256 return -EFAULT;
257
258 if (IoBuffer.InputLength > sizeof(sWrmBuffer))
259 return -EINVAL;
260
261 /* Get WrmBuffer structure */
262 if (copy_from_user(&sWrmBuffer, IoBuffer.InputBuffer, IoBuffer.InputLength))
263 return -EFAULT;
264
265 uiTempVar = sWrmBuffer.Register & EEPROM_REJECT_MASK;
266 if (!((Adapter->pstargetparams->m_u32Customize) & VSG_MODE) &&
267 ((uiTempVar == EEPROM_REJECT_REG_1) ||
268 (uiTempVar == EEPROM_REJECT_REG_2) ||
269 (uiTempVar == EEPROM_REJECT_REG_3) ||
270 (uiTempVar == EEPROM_REJECT_REG_4))) {
271
272 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "EEPROM Access Denied, not in VSG Mode\n");
273 return -EFAULT;
274 }
275
276 Status = wrmalt(Adapter, (UINT)sWrmBuffer.Register,
277 (PUINT)sWrmBuffer.Data, sizeof(ULONG));
278
279 if (Status == STATUS_SUCCESS) {
280 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "WRM Done\n");
281 } else {
282 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "WRM Failed\n");
283 Status = -EFAULT;
284 }
285 break;
286 }
287
288 case IOCTL_BCM_REGISTER_READ:
289 case IOCTL_BCM_EEPROM_REGISTER_READ: {
290 RDM_BUFFER sRdmBuffer = {0};
291 PCHAR temp_buff = NULL;
292 UINT uiTempVar = 0;
293 if ((Adapter->IdleMode == TRUE) ||
294 (Adapter->bShutStatus == TRUE) ||
295 (Adapter->bPreparingForLowPowerMode == TRUE)) {
296
297 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "Device in Idle Mode, Blocking Rdms\n");
298 return -EACCES;
299 }
300
301 /* Copy Ioctl Buffer structure */
302 if (copy_from_user(&IoBuffer, argp, sizeof(IOCTL_BUFFER)))
303 return -EFAULT;
304
305 if (IoBuffer.InputLength > sizeof(sRdmBuffer))
306 return -EINVAL;
307
308 if (copy_from_user(&sRdmBuffer, IoBuffer.InputBuffer, IoBuffer.InputLength))
309 return -EFAULT;
310
311 if (IoBuffer.OutputLength > USHRT_MAX ||
312 IoBuffer.OutputLength == 0) {
313 return -EINVAL;
314 }
315
316 temp_buff = kmalloc(IoBuffer.OutputLength, GFP_KERNEL);
317 if (!temp_buff)
318 return STATUS_FAILURE;
319
320 if ((((ULONG)sRdmBuffer.Register & 0x0F000000) != 0x0F000000) ||
321 ((ULONG)sRdmBuffer.Register & 0x3)) {
322
323 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "RDM Done On invalid Address : %x Access Denied.\n",
324 (int)sRdmBuffer.Register);
325
326 kfree(temp_buff);
327 return -EINVAL;
328 }
329
330 uiTempVar = sRdmBuffer.Register & EEPROM_REJECT_MASK;
331 bytes = rdmaltWithLock(Adapter, (UINT)sRdmBuffer.Register, (PUINT)temp_buff, IoBuffer.OutputLength);
332
333 if (bytes > 0) {
334 Status = STATUS_SUCCESS;
335 if (copy_to_user(IoBuffer.OutputBuffer, temp_buff, bytes)) {
336 kfree(temp_buff);
337 return -EFAULT;
338 }
339 } else {
340 Status = bytes;
341 }
342
343 kfree(temp_buff);
344 break;
345 }
346 case IOCTL_BCM_REGISTER_WRITE:
347 case IOCTL_BCM_EEPROM_REGISTER_WRITE: {
348 WRM_BUFFER sWrmBuffer = {0};
349 UINT uiTempVar = 0;
350 if ((Adapter->IdleMode == TRUE) ||
351 (Adapter->bShutStatus == TRUE) ||
352 (Adapter->bPreparingForLowPowerMode == TRUE)) {
353
354 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "Device in Idle Mode, Blocking Wrms\n");
355 return -EACCES;
356 }
357
358 /* Copy Ioctl Buffer structure */
359 if (copy_from_user(&IoBuffer, argp, sizeof(IOCTL_BUFFER)))
360 return -EFAULT;
361
362 if (IoBuffer.InputLength > sizeof(sWrmBuffer))
363 return -EINVAL;
364
365 /* Get WrmBuffer structure */
366 if (copy_from_user(&sWrmBuffer, IoBuffer.InputBuffer, IoBuffer.InputLength))
367 return -EFAULT;
368
369 if ((((ULONG)sWrmBuffer.Register & 0x0F000000) != 0x0F000000) ||
370 ((ULONG)sWrmBuffer.Register & 0x3)) {
371
372 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "WRM Done On invalid Address : %x Access Denied.\n", (int)sWrmBuffer.Register);
373 return -EINVAL;
374 }
375
376 uiTempVar = sWrmBuffer.Register & EEPROM_REJECT_MASK;
377 if (!((Adapter->pstargetparams->m_u32Customize) & VSG_MODE) &&
378 ((uiTempVar == EEPROM_REJECT_REG_1) ||
379 (uiTempVar == EEPROM_REJECT_REG_2) ||
380 (uiTempVar == EEPROM_REJECT_REG_3) ||
381 (uiTempVar == EEPROM_REJECT_REG_4)) &&
382 (cmd == IOCTL_BCM_REGISTER_WRITE)) {
383
384 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "EEPROM Access Denied, not in VSG Mode\n");
385 return -EFAULT;
386 }
387
388 Status = wrmaltWithLock(Adapter, (UINT)sWrmBuffer.Register,
389 (PUINT)sWrmBuffer.Data, sWrmBuffer.Length);
390
391 if (Status == STATUS_SUCCESS) {
392 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, OSAL_DBG, DBG_LVL_ALL, "WRM Done\n");
393 } else {
394 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "WRM Failed\n");
395 Status = -EFAULT;
396 }
397 break;
398 }
399 case IOCTL_BCM_GPIO_SET_REQUEST: {
400 UCHAR ucResetValue[4];
401 UINT value = 0;
402 UINT uiBit = 0;
403 UINT uiOperation = 0;
404
405 GPIO_INFO gpio_info = {0};
406 if ((Adapter->IdleMode == TRUE) ||
407 (Adapter->bShutStatus == TRUE) ||
408 (Adapter->bPreparingForLowPowerMode == TRUE)) {
409
410 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "GPIO Can't be set/clear in Low power Mode");
411 return -EACCES;
412 }
413
414 if (copy_from_user(&IoBuffer, argp, sizeof(IOCTL_BUFFER)))
415 return -EFAULT;
416
417 if (IoBuffer.InputLength > sizeof(gpio_info))
418 return -EINVAL;
419
420 if (copy_from_user(&gpio_info, IoBuffer.InputBuffer, IoBuffer.InputLength))
421 return -EFAULT;
422
423 uiBit = gpio_info.uiGpioNumber;
424 uiOperation = gpio_info.uiGpioValue;
425 value = (1<<uiBit);
426
427 if (IsReqGpioIsLedInNVM(Adapter, value) == FALSE) {
428 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "Sorry, Requested GPIO<0x%X> is not correspond to LED !!!", value);
429 Status = -EINVAL;
430 break;
431 }
432
433 /* Set - setting 1 */
434 if (uiOperation) {
435 /* Set the gpio output register */
436 Status = wrmaltWithLock(Adapter, BCM_GPIO_OUTPUT_SET_REG, (PUINT)(&value), sizeof(UINT));
437
438 if (Status == STATUS_SUCCESS) {
439 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "Set the GPIO bit\n");
440 } else {
441 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "Failed to set the %dth GPIO\n", uiBit);
442 break;
443 }
444 } else {
445 /* Set the gpio output register */
446 Status = wrmaltWithLock(Adapter, BCM_GPIO_OUTPUT_CLR_REG, (PUINT)(&value), sizeof(UINT));
447
448 if (Status == STATUS_SUCCESS) {
449 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "Set the GPIO bit\n");
450 } else {
451 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "Failed to clear the %dth GPIO\n", uiBit);
452 break;
453 }
454 }
455
456 bytes = rdmaltWithLock(Adapter, (UINT)GPIO_MODE_REGISTER, (PUINT)ucResetValue, sizeof(UINT));
457 if (bytes < 0) {
458 Status = bytes;
459 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL,
460 "GPIO_MODE_REGISTER read failed");
461 break;
462 } else {
463 Status = STATUS_SUCCESS;
464 }
465
466 /* Set the gpio mode register to output */
467 *(UINT *)ucResetValue |= (1<<uiBit);
468 Status = wrmaltWithLock(Adapter, GPIO_MODE_REGISTER,
469 (PUINT)ucResetValue, sizeof(UINT));
470
471 if (Status == STATUS_SUCCESS) {
472 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "Set the GPIO to output Mode\n");
473 } else {
474 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "Failed to put GPIO in Output Mode\n");
475 break;
476 }
477 }
478 break;
479
480 case BCM_LED_THREAD_STATE_CHANGE_REQ: {
481 USER_THREAD_REQ threadReq = {0};
482 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "User made LED thread InActive");
483
484 if ((Adapter->IdleMode == TRUE) ||
485 (Adapter->bShutStatus == TRUE) ||
486 (Adapter->bPreparingForLowPowerMode == TRUE)) {
487
488 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "GPIO Can't be set/clear in Low power Mode");
489 Status = -EACCES;
490 break;
491 }
492
493 if (copy_from_user(&IoBuffer, argp, sizeof(IOCTL_BUFFER)))
494 return -EFAULT;
495
496 if (IoBuffer.InputLength > sizeof(threadReq))
497 return -EINVAL;
498
499 if (copy_from_user(&threadReq, IoBuffer.InputBuffer, IoBuffer.InputLength))
500 return -EFAULT;
501
502 /* if LED thread is running(Actively or Inactively) set it state to make inactive */
503 if (Adapter->LEDInfo.led_thread_running) {
504 if (threadReq.ThreadState == LED_THREAD_ACTIVATION_REQ) {
505 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "Activating thread req");
506 Adapter->DriverState = LED_THREAD_ACTIVE;
507 } else {
508 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "DeActivating Thread req.....");
509 Adapter->DriverState = LED_THREAD_INACTIVE;
510 }
511
512 /* signal thread. */
513 wake_up(&Adapter->LEDInfo.notify_led_event);
514 }
515 }
516 break;
517
518 case IOCTL_BCM_GPIO_STATUS_REQUEST: {
519 ULONG uiBit = 0;
520 UCHAR ucRead[4];
521 GPIO_INFO gpio_info = {0};
522
523 if ((Adapter->IdleMode == TRUE) ||
524 (Adapter->bShutStatus == TRUE) ||
525 (Adapter->bPreparingForLowPowerMode == TRUE))
526 return -EACCES;
527
528 if (copy_from_user(&IoBuffer, argp, sizeof(IOCTL_BUFFER)))
529 return -EFAULT;
530
531 if (IoBuffer.InputLength > sizeof(gpio_info))
532 return -EINVAL;
533
534 if (copy_from_user(&gpio_info, IoBuffer.InputBuffer, IoBuffer.InputLength))
535 return -EFAULT;
536
537 uiBit = gpio_info.uiGpioNumber;
538
539 /* Set the gpio output register */
540 bytes = rdmaltWithLock(Adapter, (UINT)GPIO_PIN_STATE_REGISTER,
541 (PUINT)ucRead, sizeof(UINT));
542
543 if (bytes < 0) {
544 Status = bytes;
545 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "RDM Failed\n");
546 return Status;
547 } else {
548 Status = STATUS_SUCCESS;
549 }
550 }
551 break;
552
553 case IOCTL_BCM_GPIO_MULTI_REQUEST: {
554 UCHAR ucResetValue[4];
555 GPIO_MULTI_INFO gpio_multi_info[MAX_IDX];
556 PGPIO_MULTI_INFO pgpio_multi_info = (PGPIO_MULTI_INFO)gpio_multi_info;
557
558 memset(pgpio_multi_info, 0, MAX_IDX * sizeof(GPIO_MULTI_INFO));
559
560 if ((Adapter->IdleMode == TRUE) ||
561 (Adapter->bShutStatus == TRUE) ||
562 (Adapter->bPreparingForLowPowerMode == TRUE))
563 return -EINVAL;
564
565 if (copy_from_user(&IoBuffer, argp, sizeof(IOCTL_BUFFER)))
566 return -EFAULT;
567
568 if (IoBuffer.InputLength > sizeof(gpio_multi_info))
569 return -EINVAL;
570
571 if (copy_from_user(&gpio_multi_info, IoBuffer.InputBuffer, IoBuffer.InputLength))
572 return -EFAULT;
573
574 if (IsReqGpioIsLedInNVM(Adapter, pgpio_multi_info[WIMAX_IDX].uiGPIOMask) == FALSE) {
575 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL,
576 "Sorry, Requested GPIO<0x%X> is not correspond to NVM LED bit map<0x%X>!!!",
577 pgpio_multi_info[WIMAX_IDX].uiGPIOMask, Adapter->gpioBitMap);
578 Status = -EINVAL;
579 break;
580 }
581
582 /* Set the gpio output register */
583 if ((pgpio_multi_info[WIMAX_IDX].uiGPIOMask) &
584 (pgpio_multi_info[WIMAX_IDX].uiGPIOCommand)) {
585 /* Set 1's in GPIO OUTPUT REGISTER */
586 *(UINT *)ucResetValue = pgpio_multi_info[WIMAX_IDX].uiGPIOMask &
587 pgpio_multi_info[WIMAX_IDX].uiGPIOCommand &
588 pgpio_multi_info[WIMAX_IDX].uiGPIOValue;
589
590 if (*(UINT *) ucResetValue)
591 Status = wrmaltWithLock(Adapter, BCM_GPIO_OUTPUT_SET_REG,
592 (PUINT)ucResetValue, sizeof(ULONG));
593
594 if (Status != STATUS_SUCCESS) {
595 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "WRM to BCM_GPIO_OUTPUT_SET_REG Failed.");
596 return Status;
597 }
598
599 /* Clear to 0's in GPIO OUTPUT REGISTER */
600 *(UINT *)ucResetValue = (pgpio_multi_info[WIMAX_IDX].uiGPIOMask &
601 pgpio_multi_info[WIMAX_IDX].uiGPIOCommand &
602 (~(pgpio_multi_info[WIMAX_IDX].uiGPIOValue)));
603
604 if (*(UINT *) ucResetValue)
605 Status = wrmaltWithLock(Adapter, BCM_GPIO_OUTPUT_CLR_REG, (PUINT)ucResetValue, sizeof(ULONG));
606
607 if (Status != STATUS_SUCCESS) {
608 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "WRM to BCM_GPIO_OUTPUT_CLR_REG Failed.");
609 return Status;
610 }
611 }
612
613 if (pgpio_multi_info[WIMAX_IDX].uiGPIOMask) {
614 bytes = rdmaltWithLock(Adapter, (UINT)GPIO_PIN_STATE_REGISTER, (PUINT)ucResetValue, sizeof(UINT));
615
616 if (bytes < 0) {
617 Status = bytes;
618 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "RDM to GPIO_PIN_STATE_REGISTER Failed.");
619 return Status;
620 } else {
621 Status = STATUS_SUCCESS;
622 }
623
624 pgpio_multi_info[WIMAX_IDX].uiGPIOValue = (*(UINT *)ucResetValue &
625 pgpio_multi_info[WIMAX_IDX].uiGPIOMask);
626 }
627
628 Status = copy_to_user(IoBuffer.OutputBuffer, &gpio_multi_info, IoBuffer.OutputLength);
629 if (Status) {
630 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0,
631 "Failed while copying Content to IOBufer for user space err:%d", Status);
632 return -EFAULT;
633 }
634 }
635 break;
636
637 case IOCTL_BCM_GPIO_MODE_REQUEST: {
638 UCHAR ucResetValue[4];
639 GPIO_MULTI_MODE gpio_multi_mode[MAX_IDX];
640 PGPIO_MULTI_MODE pgpio_multi_mode = (PGPIO_MULTI_MODE)gpio_multi_mode;
641
642 if ((Adapter->IdleMode == TRUE) ||
643 (Adapter->bShutStatus == TRUE) ||
644 (Adapter->bPreparingForLowPowerMode == TRUE))
645 return -EINVAL;
646
647 if (copy_from_user(&IoBuffer, argp, sizeof(IOCTL_BUFFER)))
648 return -EFAULT;
649
650 if (IoBuffer.InputLength > sizeof(gpio_multi_mode))
651 return -EINVAL;
652
653 if (copy_from_user(&gpio_multi_mode, IoBuffer.InputBuffer, IoBuffer.InputLength))
654 return -EFAULT;
655
656 bytes = rdmaltWithLock(Adapter, (UINT)GPIO_MODE_REGISTER, (PUINT)ucResetValue, sizeof(UINT));
657
658 if (bytes < 0) {
659 Status = bytes;
660 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "Read of GPIO_MODE_REGISTER failed");
661 return Status;
662 } else {
663 Status = STATUS_SUCCESS;
664 }
665
666 /* Validating the request */
667 if (IsReqGpioIsLedInNVM(Adapter, pgpio_multi_mode[WIMAX_IDX].uiGPIOMask) == FALSE) {
668 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL,
669 "Sorry, Requested GPIO<0x%X> is not correspond to NVM LED bit map<0x%X>!!!",
670 pgpio_multi_mode[WIMAX_IDX].uiGPIOMask, Adapter->gpioBitMap);
671 Status = -EINVAL;
672 break;
673 }
674
675 if (pgpio_multi_mode[WIMAX_IDX].uiGPIOMask) {
676 /* write all OUT's (1's) */
677 *(UINT *) ucResetValue |= (pgpio_multi_mode[WIMAX_IDX].uiGPIOMode &
678 pgpio_multi_mode[WIMAX_IDX].uiGPIOMask);
679
680 /* write all IN's (0's) */
681 *(UINT *) ucResetValue &= ~((~pgpio_multi_mode[WIMAX_IDX].uiGPIOMode) &
682 pgpio_multi_mode[WIMAX_IDX].uiGPIOMask);
683
684 /* Currently implemented return the modes of all GPIO's
685 * else needs to bit AND with mask
686 */
687 pgpio_multi_mode[WIMAX_IDX].uiGPIOMode = *(UINT *)ucResetValue;
688
689 Status = wrmaltWithLock(Adapter, GPIO_MODE_REGISTER, (PUINT)ucResetValue, sizeof(ULONG));
690 if (Status == STATUS_SUCCESS) {
691 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL,
692 "WRM to GPIO_MODE_REGISTER Done");
693 } else {
694 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0,
695 "WRM to GPIO_MODE_REGISTER Failed");
696 Status = -EFAULT;
697 break;
698 }
699 } else {
700 /* if uiGPIOMask is 0 then return mode register configuration */
701 pgpio_multi_mode[WIMAX_IDX].uiGPIOMode = *(UINT *)ucResetValue;
702 }
703
704 Status = copy_to_user(IoBuffer.OutputBuffer, &gpio_multi_mode, IoBuffer.OutputLength);
705 if (Status) {
706 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0,
707 "Failed while copying Content to IOBufer for user space err:%d", Status);
708 return -EFAULT;
709 }
710 }
711 break;
712
713 case IOCTL_MAC_ADDR_REQ:
714 case IOCTL_LINK_REQ:
715 case IOCTL_CM_REQUEST:
716 case IOCTL_SS_INFO_REQ:
717 case IOCTL_SEND_CONTROL_MESSAGE:
718 case IOCTL_IDLE_REQ: {
719 PVOID pvBuffer = NULL;
720
721 /* Copy Ioctl Buffer structure */
722 if (copy_from_user(&IoBuffer, argp, sizeof(IOCTL_BUFFER)))
723 return -EFAULT;
724
725 if (IoBuffer.InputLength < sizeof(struct link_request))
726 return -EINVAL;
727
728 if (IoBuffer.InputLength > MAX_CNTL_PKT_SIZE)
729 return -EINVAL;
730
731 pvBuffer = kmalloc(IoBuffer.InputLength, GFP_KERNEL);
732 if (!pvBuffer)
733 return -ENOMEM;
734
735 if (copy_from_user(pvBuffer, IoBuffer.InputBuffer, IoBuffer.InputLength)) {
736 kfree(pvBuffer);
737 return -EFAULT;
738 }
739
740 down(&Adapter->LowPowerModeSync);
741 Status = wait_event_interruptible_timeout(Adapter->lowpower_mode_wait_queue,
742 !Adapter->bPreparingForLowPowerMode,
743 (1 * HZ));
744 if (Status == -ERESTARTSYS)
745 goto cntrlEnd;
746
747 if (Adapter->bPreparingForLowPowerMode) {
748 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL,
749 "Preparing Idle Mode is still True - Hence Rejecting control message\n");
750 Status = STATUS_FAILURE;
751 goto cntrlEnd;
752 }
753 Status = CopyBufferToControlPacket(Adapter, (PVOID)pvBuffer);
754
755 cntrlEnd:
756 up(&Adapter->LowPowerModeSync);
757 kfree(pvBuffer);
758 break;
759 }
760
761 case IOCTL_BCM_BUFFER_DOWNLOAD_START: {
762 if (down_trylock(&Adapter->NVMRdmWrmLock)) {
763 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL,
764 "IOCTL_BCM_CHIP_RESET not allowed as EEPROM Read/Write is in progress\n");
765 return -EACCES;
766 }
767
768 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0,
769 "Starting the firmware download PID =0x%x!!!!\n", current->pid);
770
771 if (down_trylock(&Adapter->fw_download_sema))
772 return -EBUSY;
773
774 Adapter->bBinDownloaded = FALSE;
775 Adapter->fw_download_process_pid = current->pid;
776 Adapter->bCfgDownloaded = FALSE;
777 Adapter->fw_download_done = FALSE;
778 netif_carrier_off(Adapter->dev);
779 netif_stop_queue(Adapter->dev);
780 Status = reset_card_proc(Adapter);
781 if (Status) {
782 pr_err(PFX "%s: reset_card_proc Failed!\n", Adapter->dev->name);
783 up(&Adapter->fw_download_sema);
784 up(&Adapter->NVMRdmWrmLock);
785 return Status;
786 }
787 mdelay(10);
788
789 up(&Adapter->NVMRdmWrmLock);
790 return Status;
791 }
792
793 case IOCTL_BCM_BUFFER_DOWNLOAD: {
794 FIRMWARE_INFO *psFwInfo = NULL;
795 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "Starting the firmware download PID =0x%x!!!!\n", current->pid);
796
797 if (!down_trylock(&Adapter->fw_download_sema)) {
798 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0,
799 "Invalid way to download buffer. Use Start and then call this!!!\n");
800 up(&Adapter->fw_download_sema);
801 Status = -EINVAL;
802 return Status;
803 }
804
805 /* Copy Ioctl Buffer structure */
806 if (copy_from_user(&IoBuffer, argp, sizeof(IOCTL_BUFFER))) {
807 up(&Adapter->fw_download_sema);
808 return -EFAULT;
809 }
810
811 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0,
812 "Length for FW DLD is : %lx\n", IoBuffer.InputLength);
813
814 if (IoBuffer.InputLength > sizeof(FIRMWARE_INFO)) {
815 up(&Adapter->fw_download_sema);
816 return -EINVAL;
817 }
818
819 psFwInfo = kmalloc(sizeof(*psFwInfo), GFP_KERNEL);
820 if (!psFwInfo) {
821 up(&Adapter->fw_download_sema);
822 return -ENOMEM;
823 }
824
825 if (copy_from_user(psFwInfo, IoBuffer.InputBuffer, IoBuffer.InputLength)) {
826 up(&Adapter->fw_download_sema);
827 return -EFAULT;
828 }
829
830 if (!psFwInfo->pvMappedFirmwareAddress ||
831 (psFwInfo->u32FirmwareLength == 0)) {
832
833 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "Something else is wrong %lu\n",
834 psFwInfo->u32FirmwareLength);
835 up(&Adapter->fw_download_sema);
836 Status = -EINVAL;
837 return Status;
838 }
839
840 Status = bcm_ioctl_fw_download(Adapter, psFwInfo);
841
842 if (Status != STATUS_SUCCESS) {
843 if (psFwInfo->u32StartingAddress == CONFIG_BEGIN_ADDR)
844 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "IOCTL: Configuration File Upload Failed\n");
845 else
846 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "IOCTL: Firmware File Upload Failed\n");
847
848 /* up(&Adapter->fw_download_sema); */
849
850 if (Adapter->LEDInfo.led_thread_running & BCM_LED_THREAD_RUNNING_ACTIVELY) {
851 Adapter->DriverState = DRIVER_INIT;
852 Adapter->LEDInfo.bLedInitDone = FALSE;
853 wake_up(&Adapter->LEDInfo.notify_led_event);
854 }
855 }
856
857 if (Status != STATUS_SUCCESS)
858 up(&Adapter->fw_download_sema);
859
860 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, OSAL_DBG, DBG_LVL_ALL, "IOCTL: Firmware File Uploaded\n");
861 kfree(psFwInfo);
862 return Status;
863 }
864
865 case IOCTL_BCM_BUFFER_DOWNLOAD_STOP: {
866 if (!down_trylock(&Adapter->fw_download_sema)) {
867 up(&Adapter->fw_download_sema);
868 return -EINVAL;
869 }
870
871 if (down_trylock(&Adapter->NVMRdmWrmLock)) {
872 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0,
873 "FW download blocked as EEPROM Read/Write is in progress\n");
874 up(&Adapter->fw_download_sema);
875 return -EACCES;
876 }
877
878 Adapter->bBinDownloaded = TRUE;
879 Adapter->bCfgDownloaded = TRUE;
880 atomic_set(&Adapter->CurrNumFreeTxDesc, 0);
881 Adapter->CurrNumRecvDescs = 0;
882 Adapter->downloadDDR = 0;
883
884 /* setting the Mips to Run */
885 Status = run_card_proc(Adapter);
886
887 if (Status) {
888 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "Firm Download Failed\n");
889 up(&Adapter->fw_download_sema);
890 up(&Adapter->NVMRdmWrmLock);
891 return Status;
892 } else {
893 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG,
894 DBG_LVL_ALL, "Firm Download Over...\n");
895 }
896
897 mdelay(10);
898
899 /* Wait for MailBox Interrupt */
900 if (StartInterruptUrb((PS_INTERFACE_ADAPTER)Adapter->pvInterfaceAdapter))
901 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "Unable to send interrupt...\n");
902
903 timeout = 5*HZ;
904 Adapter->waiting_to_fw_download_done = FALSE;
905 wait_event_timeout(Adapter->ioctl_fw_dnld_wait_queue,
906 Adapter->waiting_to_fw_download_done, timeout);
907 Adapter->fw_download_process_pid = INVALID_PID;
908 Adapter->fw_download_done = TRUE;
909 atomic_set(&Adapter->CurrNumFreeTxDesc, 0);
910 Adapter->CurrNumRecvDescs = 0;
911 Adapter->PrevNumRecvDescs = 0;
912 atomic_set(&Adapter->cntrlpktCnt, 0);
913 Adapter->LinkUpStatus = 0;
914 Adapter->LinkStatus = 0;
915
916 if (Adapter->LEDInfo.led_thread_running & BCM_LED_THREAD_RUNNING_ACTIVELY) {
917 Adapter->DriverState = FW_DOWNLOAD_DONE;
918 wake_up(&Adapter->LEDInfo.notify_led_event);
919 }
920
921 if (!timeout)
922 Status = -ENODEV;
923
924 up(&Adapter->fw_download_sema);
925 up(&Adapter->NVMRdmWrmLock);
926 return Status;
927 }
928
929 case IOCTL_BE_BUCKET_SIZE:
930 Status = 0;
931 if (get_user(Adapter->BEBucketSize, (unsigned long __user *)arg))
932 Status = -EFAULT;
933 break;
934
935 case IOCTL_RTPS_BUCKET_SIZE:
936 Status = 0;
937 if (get_user(Adapter->rtPSBucketSize, (unsigned long __user *)arg))
938 Status = -EFAULT;
939 break;
940
941 case IOCTL_CHIP_RESET: {
942 INT NVMAccess = down_trylock(&Adapter->NVMRdmWrmLock);
943 if (NVMAccess) {
944 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, " IOCTL_BCM_CHIP_RESET not allowed as EEPROM Read/Write is in progress\n");
945 return -EACCES;
946 }
947
948 down(&Adapter->RxAppControlQueuelock);
949 Status = reset_card_proc(Adapter);
950 flushAllAppQ();
951 up(&Adapter->RxAppControlQueuelock);
952 up(&Adapter->NVMRdmWrmLock);
953 ResetCounters(Adapter);
954 break;
955 }
956
957 case IOCTL_QOS_THRESHOLD: {
958 USHORT uiLoopIndex;
959
960 Status = 0;
961 for (uiLoopIndex = 0; uiLoopIndex < NO_OF_QUEUES; uiLoopIndex++) {
962 if (get_user(Adapter->PackInfo[uiLoopIndex].uiThreshold,
963 (unsigned long __user *)arg)) {
964 Status = -EFAULT;
965 break;
966 }
967 }
968 break;
969 }
970
971 case IOCTL_DUMP_PACKET_INFO:
972 DumpPackInfo(Adapter);
973 DumpPhsRules(&Adapter->stBCMPhsContext);
974 Status = STATUS_SUCCESS;
975 break;
976
977 case IOCTL_GET_PACK_INFO:
978 if (copy_to_user(argp, &Adapter->PackInfo, sizeof(PacketInfo)*NO_OF_QUEUES))
979 return -EFAULT;
980 Status = STATUS_SUCCESS;
981 break;
982
983 case IOCTL_BCM_SWITCH_TRANSFER_MODE: {
984 UINT uiData = 0;
985 if (copy_from_user(&uiData, argp, sizeof(UINT)))
986 return -EFAULT;
987
988 if (uiData) {
989 /* Allow All Packets */
990 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "IOCTL_BCM_SWITCH_TRANSFER_MODE: ETH_PACKET_TUNNELING_MODE\n");
991 Adapter->TransferMode = ETH_PACKET_TUNNELING_MODE;
992 } else {
993 /* Allow IP only Packets */
994 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "IOCTL_BCM_SWITCH_TRANSFER_MODE: IP_PACKET_ONLY_MODE\n");
995 Adapter->TransferMode = IP_PACKET_ONLY_MODE;
996 }
997 Status = STATUS_SUCCESS;
998 break;
999 }
1000
1001 case IOCTL_BCM_GET_DRIVER_VERSION: {
1002 ulong len;
1003
1004 /* Copy Ioctl Buffer structure */
1005 if (copy_from_user(&IoBuffer, argp, sizeof(IOCTL_BUFFER)))
1006 return -EFAULT;
1007
1008 len = min_t(ulong, IoBuffer.OutputLength, strlen(VER_FILEVERSION_STR) + 1);
1009
1010 if (copy_to_user(IoBuffer.OutputBuffer, VER_FILEVERSION_STR, len))
1011 return -EFAULT;
1012 Status = STATUS_SUCCESS;
1013 break;
1014 }
1015
1016 case IOCTL_BCM_GET_CURRENT_STATUS: {
1017 LINK_STATE link_state;
1018
1019 /* Copy Ioctl Buffer structure */
1020 if (copy_from_user(&IoBuffer, argp, sizeof(IOCTL_BUFFER))) {
1021 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "copy_from_user failed..\n");
1022 return -EFAULT;
1023 }
1024
1025 if (IoBuffer.OutputLength != sizeof(link_state)) {
1026 Status = -EINVAL;
1027 break;
1028 }
1029
1030 memset(&link_state, 0, sizeof(link_state));
1031 link_state.bIdleMode = Adapter->IdleMode;
1032 link_state.bShutdownMode = Adapter->bShutStatus;
1033 link_state.ucLinkStatus = Adapter->LinkStatus;
1034
1035 if (copy_to_user(IoBuffer.OutputBuffer, &link_state, min_t(size_t, sizeof(link_state), IoBuffer.OutputLength))) {
1036 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "Copy_to_user Failed..\n");
1037 return -EFAULT;
1038 }
1039 Status = STATUS_SUCCESS;
1040 break;
1041 }
1042
1043 case IOCTL_BCM_SET_MAC_TRACING: {
1044 UINT tracing_flag;
1045
1046 /* copy ioctl Buffer structure */
1047 if (copy_from_user(&IoBuffer, argp, sizeof(IOCTL_BUFFER)))
1048 return -EFAULT;
1049
1050 if (copy_from_user(&tracing_flag, IoBuffer.InputBuffer, sizeof(UINT)))
1051 return -EFAULT;
1052
1053 if (tracing_flag)
1054 Adapter->pTarangs->MacTracingEnabled = TRUE;
1055 else
1056 Adapter->pTarangs->MacTracingEnabled = FALSE;
1057 break;
1058 }
1059
1060 case IOCTL_BCM_GET_DSX_INDICATION: {
1061 ULONG ulSFId = 0;
1062 if (copy_from_user(&IoBuffer, argp, sizeof(IOCTL_BUFFER)))
1063 return -EFAULT;
1064
1065 if (IoBuffer.OutputLength < sizeof(stLocalSFAddIndicationAlt)) {
1066 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0,
1067 "Mismatch req: %lx needed is =0x%zx!!!",
1068 IoBuffer.OutputLength, sizeof(stLocalSFAddIndicationAlt));
1069 return -EINVAL;
1070 }
1071
1072 if (copy_from_user(&ulSFId, IoBuffer.InputBuffer, sizeof(ulSFId)))
1073 return -EFAULT;
1074
1075 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "Get DSX Data SF ID is =%lx\n", ulSFId);
1076 get_dsx_sf_data_to_application(Adapter, ulSFId, IoBuffer.OutputBuffer);
1077 Status = STATUS_SUCCESS;
1078 }
1079 break;
1080
1081 case IOCTL_BCM_GET_HOST_MIBS: {
1082 PVOID temp_buff;
1083
1084 if (copy_from_user(&IoBuffer, argp, sizeof(IOCTL_BUFFER)))
1085 return -EFAULT;
1086
1087 if (IoBuffer.OutputLength != sizeof(S_MIBS_HOST_STATS_MIBS)) {
1088 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0,
1089 "Length Check failed %lu %zd\n",
1090 IoBuffer.OutputLength, sizeof(S_MIBS_HOST_STATS_MIBS));
1091 return -EINVAL;
1092 }
1093
1094 /* FIXME: HOST_STATS are too big for kmalloc (122048)! */
1095 temp_buff = kzalloc(sizeof(S_MIBS_HOST_STATS_MIBS), GFP_KERNEL);
1096 if (!temp_buff)
1097 return STATUS_FAILURE;
1098
1099 Status = ProcessGetHostMibs(Adapter, temp_buff);
1100 GetDroppedAppCntrlPktMibs(temp_buff, pTarang);
1101
1102 if (Status != STATUS_FAILURE)
1103 if (copy_to_user(IoBuffer.OutputBuffer, temp_buff, sizeof(S_MIBS_HOST_STATS_MIBS))) {
1104 kfree(temp_buff);
1105 return -EFAULT;
1106 }
1107
1108 kfree(temp_buff);
1109 break;
1110 }
1111
1112 case IOCTL_BCM_WAKE_UP_DEVICE_FROM_IDLE:
1113 if ((FALSE == Adapter->bTriedToWakeUpFromlowPowerMode) && (TRUE == Adapter->IdleMode)) {
1114 Adapter->usIdleModePattern = ABORT_IDLE_MODE;
1115 Adapter->bWakeUpDevice = TRUE;
1116 wake_up(&Adapter->process_rx_cntrlpkt);
1117 }
1118
1119 Status = STATUS_SUCCESS;
1120 break;
1121
1122 case IOCTL_BCM_BULK_WRM: {
1123 PBULKWRM_BUFFER pBulkBuffer;
1124 UINT uiTempVar = 0;
1125 PCHAR pvBuffer = NULL;
1126
1127 if ((Adapter->IdleMode == TRUE) ||
1128 (Adapter->bShutStatus == TRUE) ||
1129 (Adapter->bPreparingForLowPowerMode == TRUE)) {
1130
1131 BCM_DEBUG_PRINT (Adapter, DBG_TYPE_PRINTK, 0, 0, "Device in Idle/Shutdown Mode, Blocking Wrms\n");
1132 Status = -EACCES;
1133 break;
1134 }
1135
1136 /* Copy Ioctl Buffer structure */
1137 if (copy_from_user(&IoBuffer, argp, sizeof(IOCTL_BUFFER)))
1138 return -EFAULT;
1139
1140 /* FIXME: restrict length */
1141 pvBuffer = kmalloc(IoBuffer.InputLength, GFP_KERNEL);
1142 if (!pvBuffer)
1143 return -ENOMEM;
1144
1145 /* Get WrmBuffer structure */
1146 if (copy_from_user(pvBuffer, IoBuffer.InputBuffer, IoBuffer.InputLength)) {
1147 kfree(pvBuffer);
1148 return -EFAULT;
1149 }
1150
1151 pBulkBuffer = (PBULKWRM_BUFFER)pvBuffer;
1152
1153 if (((ULONG)pBulkBuffer->Register & 0x0F000000) != 0x0F000000 ||
1154 ((ULONG)pBulkBuffer->Register & 0x3)) {
1155 kfree(pvBuffer);
1156 BCM_DEBUG_PRINT (Adapter, DBG_TYPE_PRINTK, 0, 0, "WRM Done On invalid Address : %x Access Denied.\n", (int)pBulkBuffer->Register);
1157 Status = -EINVAL;
1158 break;
1159 }
1160
1161 uiTempVar = pBulkBuffer->Register & EEPROM_REJECT_MASK;
1162 if (!((Adapter->pstargetparams->m_u32Customize)&VSG_MODE) &&
1163 ((uiTempVar == EEPROM_REJECT_REG_1) ||
1164 (uiTempVar == EEPROM_REJECT_REG_2) ||
1165 (uiTempVar == EEPROM_REJECT_REG_3) ||
1166 (uiTempVar == EEPROM_REJECT_REG_4)) &&
1167 (cmd == IOCTL_BCM_REGISTER_WRITE)) {
1168
1169 kfree(pvBuffer);
1170 BCM_DEBUG_PRINT (Adapter, DBG_TYPE_PRINTK, 0, 0, "EEPROM Access Denied, not in VSG Mode\n");
1171 Status = -EFAULT;
1172 break;
1173 }
1174
1175 if (pBulkBuffer->SwapEndian == FALSE)
1176 Status = wrmWithLock(Adapter, (UINT)pBulkBuffer->Register, (PCHAR)pBulkBuffer->Values, IoBuffer.InputLength - 2*sizeof(ULONG));
1177 else
1178 Status = wrmaltWithLock(Adapter, (UINT)pBulkBuffer->Register, (PUINT)pBulkBuffer->Values, IoBuffer.InputLength - 2*sizeof(ULONG));
1179
1180 if (Status != STATUS_SUCCESS)
1181 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "WRM Failed\n");
1182
1183 kfree(pvBuffer);
1184 break;
1185 }
1186
1187 case IOCTL_BCM_GET_NVM_SIZE:
1188 if (copy_from_user(&IoBuffer, argp, sizeof(IOCTL_BUFFER)))
1189 return -EFAULT;
1190
1191 if (Adapter->eNVMType == NVM_EEPROM || Adapter->eNVMType == NVM_FLASH) {
1192 if (copy_to_user(IoBuffer.OutputBuffer, &Adapter->uiNVMDSDSize, sizeof(UINT)))
1193 return -EFAULT;
1194 }
1195
1196 Status = STATUS_SUCCESS;
1197 break;
1198
1199 case IOCTL_BCM_CAL_INIT: {
1200 UINT uiSectorSize = 0 ;
1201 if (Adapter->eNVMType == NVM_FLASH) {
1202 if (copy_from_user(&IoBuffer, argp, sizeof(IOCTL_BUFFER)))
1203 return -EFAULT;
1204
1205 if (copy_from_user(&uiSectorSize, IoBuffer.InputBuffer, sizeof(UINT)))
1206 return -EFAULT;
1207
1208 if ((uiSectorSize < MIN_SECTOR_SIZE) || (uiSectorSize > MAX_SECTOR_SIZE)) {
1209 if (copy_to_user(IoBuffer.OutputBuffer, &Adapter->uiSectorSize,
1210 sizeof(UINT)))
1211 return -EFAULT;
1212 } else {
1213 if (IsFlash2x(Adapter)) {
1214 if (copy_to_user(IoBuffer.OutputBuffer, &Adapter->uiSectorSize, sizeof(UINT)))
1215 return -EFAULT;
1216 } else {
1217 if ((TRUE == Adapter->bShutStatus) || (TRUE == Adapter->IdleMode)) {
1218 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "Device is in Idle/Shutdown Mode\n");
1219 return -EACCES;
1220 }
1221
1222 Adapter->uiSectorSize = uiSectorSize;
1223 BcmUpdateSectorSize(Adapter, Adapter->uiSectorSize);
1224 }
1225 }
1226 Status = STATUS_SUCCESS;
1227 } else {
1228 Status = STATUS_FAILURE;
1229 }
1230 }
1231 break;
1232
1233 case IOCTL_BCM_SET_DEBUG:
1234 #ifdef DEBUG
1235 {
1236 USER_BCM_DBG_STATE sUserDebugState;
1237
1238 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "In SET_DEBUG ioctl\n");
1239 if (copy_from_user(&IoBuffer, argp, sizeof(IOCTL_BUFFER)))
1240 return -EFAULT;
1241
1242 if (copy_from_user(&sUserDebugState, IoBuffer.InputBuffer, sizeof(USER_BCM_DBG_STATE)))
1243 return -EFAULT;
1244
1245 BCM_DEBUG_PRINT (Adapter, DBG_TYPE_PRINTK, 0, 0, "IOCTL_BCM_SET_DEBUG: OnOff=%d Type = 0x%x ",
1246 sUserDebugState.OnOff, sUserDebugState.Type);
1247 /* sUserDebugState.Subtype <<= 1; */
1248 sUserDebugState.Subtype = 1 << sUserDebugState.Subtype;
1249 BCM_DEBUG_PRINT (Adapter, DBG_TYPE_PRINTK, 0, 0, "actual Subtype=0x%x\n", sUserDebugState.Subtype);
1250
1251 /* Update new 'DebugState' in the Adapter */
1252 Adapter->stDebugState.type |= sUserDebugState.Type;
1253 /* Subtype: A bitmap of 32 bits for Subtype per Type.
1254 * Valid indexes in 'subtype' array: 1,2,4,8
1255 * corresponding to valid Type values. Hence we can use the 'Type' field
1256 * as the index value, ignoring the array entries 0,3,5,6,7 !
1257 */
1258 if (sUserDebugState.OnOff)
1259 Adapter->stDebugState.subtype[sUserDebugState.Type] |= sUserDebugState.Subtype;
1260 else
1261 Adapter->stDebugState.subtype[sUserDebugState.Type] &= ~sUserDebugState.Subtype;
1262
1263 BCM_SHOW_DEBUG_BITMAP(Adapter);
1264 }
1265 #endif
1266 break;
1267
1268 case IOCTL_BCM_NVM_READ:
1269 case IOCTL_BCM_NVM_WRITE: {
1270 NVM_READWRITE stNVMReadWrite;
1271 PUCHAR pReadData = NULL;
1272 ULONG ulDSDMagicNumInUsrBuff = 0;
1273 struct timeval tv0, tv1;
1274 memset(&tv0, 0, sizeof(struct timeval));
1275 memset(&tv1, 0, sizeof(struct timeval));
1276 if ((Adapter->eNVMType == NVM_FLASH) && (Adapter->uiFlashLayoutMajorVersion == 0)) {
1277 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "The Flash Control Section is Corrupted. Hence Rejection on NVM Read/Write\n");
1278 return -EFAULT;
1279 }
1280
1281 if (IsFlash2x(Adapter)) {
1282 if ((Adapter->eActiveDSD != DSD0) &&
1283 (Adapter->eActiveDSD != DSD1) &&
1284 (Adapter->eActiveDSD != DSD2)) {
1285
1286 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "No DSD is active..hence NVM Command is blocked");
1287 return STATUS_FAILURE;
1288 }
1289 }
1290
1291 /* Copy Ioctl Buffer structure */
1292 if (copy_from_user(&IoBuffer, argp, sizeof(IOCTL_BUFFER)))
1293 return -EFAULT;
1294
1295 if (copy_from_user(&stNVMReadWrite,
1296 (IOCTL_BCM_NVM_READ == cmd) ? IoBuffer.OutputBuffer : IoBuffer.InputBuffer,
1297 sizeof(NVM_READWRITE)))
1298 return -EFAULT;
1299
1300 /*
1301 * Deny the access if the offset crosses the cal area limit.
1302 */
1303
1304 if ((stNVMReadWrite.uiOffset + stNVMReadWrite.uiNumBytes) > Adapter->uiNVMDSDSize) {
1305 /* BCM_DEBUG_PRINT(Adapter,DBG_TYPE_PRINTK, 0, 0,"Can't allow access beyond NVM Size: 0x%x 0x%x\n", stNVMReadWrite.uiOffset, stNVMReadWrite.uiNumBytes); */
1306 return STATUS_FAILURE;
1307 }
1308
1309 pReadData = kzalloc(stNVMReadWrite.uiNumBytes, GFP_KERNEL);
1310 if (!pReadData)
1311 return -ENOMEM;
1312
1313 if (copy_from_user(pReadData, stNVMReadWrite.pBuffer, stNVMReadWrite.uiNumBytes)) {
1314 kfree(pReadData);
1315 return -EFAULT;
1316 }
1317
1318 do_gettimeofday(&tv0);
1319 if (IOCTL_BCM_NVM_READ == cmd) {
1320 down(&Adapter->NVMRdmWrmLock);
1321
1322 if ((Adapter->IdleMode == TRUE) ||
1323 (Adapter->bShutStatus == TRUE) ||
1324 (Adapter->bPreparingForLowPowerMode == TRUE)) {
1325
1326 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "Device is in Idle/Shutdown Mode\n");
1327 up(&Adapter->NVMRdmWrmLock);
1328 kfree(pReadData);
1329 return -EACCES;
1330 }
1331
1332 Status = BeceemNVMRead(Adapter, (PUINT)pReadData, stNVMReadWrite.uiOffset, stNVMReadWrite.uiNumBytes);
1333 up(&Adapter->NVMRdmWrmLock);
1334
1335 if (Status != STATUS_SUCCESS) {
1336 kfree(pReadData);
1337 return Status;
1338 }
1339
1340 if (copy_to_user(stNVMReadWrite.pBuffer, pReadData, stNVMReadWrite.uiNumBytes)) {
1341 kfree(pReadData);
1342 return -EFAULT;
1343 }
1344 } else {
1345 down(&Adapter->NVMRdmWrmLock);
1346
1347 if ((Adapter->IdleMode == TRUE) ||
1348 (Adapter->bShutStatus == TRUE) ||
1349 (Adapter->bPreparingForLowPowerMode == TRUE)) {
1350
1351 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "Device is in Idle/Shutdown Mode\n");
1352 up(&Adapter->NVMRdmWrmLock);
1353 kfree(pReadData);
1354 return -EACCES;
1355 }
1356
1357 Adapter->bHeaderChangeAllowed = TRUE;
1358 if (IsFlash2x(Adapter)) {
1359 /*
1360 * New Requirement:-
1361 * DSD section updation will be allowed in two case:-
1362 * 1. if DSD sig is present in DSD header means dongle is ok and updation is fruitfull
1363 * 2. if point 1 failes then user buff should have DSD sig. this point ensures that if dongle is
1364 * corrupted then user space program first modify the DSD header with valid DSD sig so
1365 * that this as well as further write may be worthwhile.
1366 *
1367 * This restriction has been put assuming that if DSD sig is corrupted, DSD
1368 * data won't be considered valid.
1369 */
1370
1371 Status = BcmFlash2xCorruptSig(Adapter, Adapter->eActiveDSD);
1372 if (Status != STATUS_SUCCESS) {
1373 if (((stNVMReadWrite.uiOffset + stNVMReadWrite.uiNumBytes) != Adapter->uiNVMDSDSize) ||
1374 (stNVMReadWrite.uiNumBytes < SIGNATURE_SIZE)) {
1375
1376 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "DSD Sig is present neither in Flash nor User provided Input..");
1377 up(&Adapter->NVMRdmWrmLock);
1378 kfree(pReadData);
1379 return Status;
1380 }
1381
1382 ulDSDMagicNumInUsrBuff = ntohl(*(PUINT)(pReadData + stNVMReadWrite.uiNumBytes - SIGNATURE_SIZE));
1383 if (ulDSDMagicNumInUsrBuff != DSD_IMAGE_MAGIC_NUMBER) {
1384 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "DSD Sig is present neither in Flash nor User provided Input..");
1385 up(&Adapter->NVMRdmWrmLock);
1386 kfree(pReadData);
1387 return Status;
1388 }
1389 }
1390 }
1391
1392 Status = BeceemNVMWrite(Adapter, (PUINT)pReadData, stNVMReadWrite.uiOffset, stNVMReadWrite.uiNumBytes, stNVMReadWrite.bVerify);
1393 if (IsFlash2x(Adapter))
1394 BcmFlash2xWriteSig(Adapter, Adapter->eActiveDSD);
1395
1396 Adapter->bHeaderChangeAllowed = FALSE;
1397
1398 up(&Adapter->NVMRdmWrmLock);
1399
1400 if (Status != STATUS_SUCCESS) {
1401 kfree(pReadData);
1402 return Status;
1403 }
1404 }
1405
1406 do_gettimeofday(&tv1);
1407 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, " timetaken by Write/read :%ld msec\n", (tv1.tv_sec - tv0.tv_sec)*1000 + (tv1.tv_usec - tv0.tv_usec)/1000);
1408
1409 kfree(pReadData);
1410 return STATUS_SUCCESS;
1411 }
1412
1413 case IOCTL_BCM_FLASH2X_SECTION_READ: {
1414 FLASH2X_READWRITE sFlash2xRead = {0};
1415 PUCHAR pReadBuff = NULL ;
1416 UINT NOB = 0;
1417 UINT BuffSize = 0;
1418 UINT ReadBytes = 0;
1419 UINT ReadOffset = 0;
1420 void __user *OutPutBuff;
1421
1422 if (IsFlash2x(Adapter) != TRUE) {
1423 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "Flash Does not have 2.x map");
1424 return -EINVAL;
1425 }
1426
1427 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "IOCTL_BCM_FLASH2X_SECTION_READ Called");
1428 if (copy_from_user(&IoBuffer, argp, sizeof(IOCTL_BUFFER)))
1429 return -EFAULT;
1430
1431 /* Reading FLASH 2.x READ structure */
1432 if (copy_from_user(&sFlash2xRead, IoBuffer.InputBuffer, sizeof(FLASH2X_READWRITE)))
1433 return -EFAULT;
1434
1435 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "\nsFlash2xRead.Section :%x", sFlash2xRead.Section);
1436 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "\nsFlash2xRead.offset :%x", sFlash2xRead.offset);
1437 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "\nsFlash2xRead.numOfBytes :%x", sFlash2xRead.numOfBytes);
1438 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "\nsFlash2xRead.bVerify :%x\n", sFlash2xRead.bVerify);
1439
1440 /* This was internal to driver for raw read. now it has ben exposed to user space app. */
1441 if (validateFlash2xReadWrite(Adapter, &sFlash2xRead) == FALSE)
1442 return STATUS_FAILURE;
1443
1444 NOB = sFlash2xRead.numOfBytes;
1445 if (NOB > Adapter->uiSectorSize)
1446 BuffSize = Adapter->uiSectorSize;
1447 else
1448 BuffSize = NOB;
1449
1450 ReadOffset = sFlash2xRead.offset ;
1451 OutPutBuff = IoBuffer.OutputBuffer;
1452 pReadBuff = (PCHAR)kzalloc(BuffSize , GFP_KERNEL);
1453
1454 if (pReadBuff == NULL) {
1455 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "Memory allocation failed for Flash 2.x Read Structure");
1456 return -ENOMEM;
1457 }
1458 down(&Adapter->NVMRdmWrmLock);
1459
1460 if ((Adapter->IdleMode == TRUE) ||
1461 (Adapter->bShutStatus == TRUE) ||
1462 (Adapter->bPreparingForLowPowerMode == TRUE)) {
1463
1464 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "Device is in Idle/Shutdown Mode\n");
1465 up(&Adapter->NVMRdmWrmLock);
1466 kfree(pReadBuff);
1467 return -EACCES;
1468 }
1469
1470 while (NOB) {
1471 if (NOB > Adapter->uiSectorSize)
1472 ReadBytes = Adapter->uiSectorSize;
1473 else
1474 ReadBytes = NOB;
1475
1476 /* Reading the data from Flash 2.x */
1477 Status = BcmFlash2xBulkRead(Adapter, (PUINT)pReadBuff, sFlash2xRead.Section, ReadOffset, ReadBytes);
1478 if (Status) {
1479 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "Flash 2x read err with Status :%d", Status);
1480 break;
1481 }
1482
1483 BCM_DEBUG_PRINT_BUFFER(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, pReadBuff, ReadBytes);
1484
1485 Status = copy_to_user(OutPutBuff, pReadBuff, ReadBytes);
1486 if (Status) {
1487 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "Copy to use failed with status :%d", Status);
1488 up(&Adapter->NVMRdmWrmLock);
1489 kfree(pReadBuff);
1490 return -EFAULT;
1491 }
1492 NOB = NOB - ReadBytes;
1493 if (NOB) {
1494 ReadOffset = ReadOffset + ReadBytes;
1495 OutPutBuff = OutPutBuff + ReadBytes ;
1496 }
1497 }
1498
1499 up(&Adapter->NVMRdmWrmLock);
1500 kfree(pReadBuff);
1501 }
1502 break;
1503
1504 case IOCTL_BCM_FLASH2X_SECTION_WRITE: {
1505 FLASH2X_READWRITE sFlash2xWrite = {0};
1506 PUCHAR pWriteBuff;
1507 void __user *InputAddr;
1508 UINT NOB = 0;
1509 UINT BuffSize = 0;
1510 UINT WriteOffset = 0;
1511 UINT WriteBytes = 0;
1512
1513 if (IsFlash2x(Adapter) != TRUE) {
1514 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "Flash Does not have 2.x map");
1515 return -EINVAL;
1516 }
1517
1518 /* First make this False so that we can enable the Sector Permission Check in BeceemFlashBulkWrite */
1519 Adapter->bAllDSDWriteAllow = FALSE;
1520
1521 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "IOCTL_BCM_FLASH2X_SECTION_WRITE Called");
1522
1523 if (copy_from_user(&IoBuffer, argp, sizeof(IOCTL_BUFFER)))
1524 return -EFAULT;
1525
1526 /* Reading FLASH 2.x READ structure */
1527 if (copy_from_user(&sFlash2xWrite, IoBuffer.InputBuffer, sizeof(FLASH2X_READWRITE)))
1528 return -EFAULT;
1529
1530 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "\nsFlash2xRead.Section :%x", sFlash2xWrite.Section);
1531 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "\nsFlash2xRead.offset :%d", sFlash2xWrite.offset);
1532 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "\nsFlash2xRead.numOfBytes :%x", sFlash2xWrite.numOfBytes);
1533 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "\nsFlash2xRead.bVerify :%x\n", sFlash2xWrite.bVerify);
1534
1535 if ((sFlash2xWrite.Section != VSA0) && (sFlash2xWrite.Section != VSA1) && (sFlash2xWrite.Section != VSA2)) {
1536 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "Only VSA write is allowed");
1537 return -EINVAL;
1538 }
1539
1540 if (validateFlash2xReadWrite(Adapter, &sFlash2xWrite) == FALSE)
1541 return STATUS_FAILURE;
1542
1543 InputAddr = sFlash2xWrite.pDataBuff;
1544 WriteOffset = sFlash2xWrite.offset;
1545 NOB = sFlash2xWrite.numOfBytes;
1546
1547 if (NOB > Adapter->uiSectorSize)
1548 BuffSize = Adapter->uiSectorSize;
1549 else
1550 BuffSize = NOB ;
1551
1552 pWriteBuff = kmalloc(BuffSize, GFP_KERNEL);
1553
1554 if (pWriteBuff == NULL)
1555 return -ENOMEM;
1556
1557 /* extracting the remainder of the given offset. */
1558 WriteBytes = Adapter->uiSectorSize;
1559 if (WriteOffset % Adapter->uiSectorSize)
1560 WriteBytes = Adapter->uiSectorSize - (WriteOffset % Adapter->uiSectorSize);
1561
1562 if (NOB < WriteBytes)
1563 WriteBytes = NOB;
1564
1565 down(&Adapter->NVMRdmWrmLock);
1566
1567 if ((Adapter->IdleMode == TRUE) ||
1568 (Adapter->bShutStatus == TRUE) ||
1569 (Adapter->bPreparingForLowPowerMode == TRUE)) {
1570
1571 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "Device is in Idle/Shutdown Mode\n");
1572 up(&Adapter->NVMRdmWrmLock);
1573 kfree(pWriteBuff);
1574 return -EACCES;
1575 }
1576
1577 BcmFlash2xCorruptSig(Adapter, sFlash2xWrite.Section);
1578 do {
1579 Status = copy_from_user(pWriteBuff, InputAddr, WriteBytes);
1580 if (Status) {
1581 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "Copy to user failed with status :%d", Status);
1582 up(&Adapter->NVMRdmWrmLock);
1583 kfree(pWriteBuff);
1584 return -EFAULT;
1585 }
1586 BCM_DEBUG_PRINT_BUFFER(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, pWriteBuff, WriteBytes);
1587
1588 /* Writing the data from Flash 2.x */
1589 Status = BcmFlash2xBulkWrite(Adapter, (PUINT)pWriteBuff, sFlash2xWrite.Section, WriteOffset, WriteBytes, sFlash2xWrite.bVerify);
1590
1591 if (Status) {
1592 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "Flash 2x read err with Status :%d", Status);
1593 break;
1594 }
1595
1596 NOB = NOB - WriteBytes;
1597 if (NOB) {
1598 WriteOffset = WriteOffset + WriteBytes;
1599 InputAddr = InputAddr + WriteBytes;
1600 if (NOB > Adapter->uiSectorSize)
1601 WriteBytes = Adapter->uiSectorSize;
1602 else
1603 WriteBytes = NOB;
1604 }
1605 } while (NOB > 0);
1606
1607 BcmFlash2xWriteSig(Adapter, sFlash2xWrite.Section);
1608 up(&Adapter->NVMRdmWrmLock);
1609 kfree(pWriteBuff);
1610 }
1611 break;
1612
1613 case IOCTL_BCM_GET_FLASH2X_SECTION_BITMAP: {
1614 PFLASH2X_BITMAP psFlash2xBitMap;
1615 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "IOCTL_BCM_GET_FLASH2X_SECTION_BITMAP Called");
1616
1617 if (copy_from_user(&IoBuffer, argp, sizeof(IOCTL_BUFFER)))
1618 return -EFAULT;
1619
1620 if (IoBuffer.OutputLength != sizeof(FLASH2X_BITMAP))
1621 return -EINVAL;
1622
1623 psFlash2xBitMap = kzalloc(sizeof(FLASH2X_BITMAP), GFP_KERNEL);
1624 if (psFlash2xBitMap == NULL) {
1625 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "Memory is not available");
1626 return -ENOMEM;
1627 }
1628
1629 /* Reading the Flash Sectio Bit map */
1630 down(&Adapter->NVMRdmWrmLock);
1631
1632 if ((Adapter->IdleMode == TRUE) ||
1633 (Adapter->bShutStatus == TRUE) ||
1634 (Adapter->bPreparingForLowPowerMode == TRUE)) {
1635
1636 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "Device is in Idle/Shutdown Mode\n");
1637 up(&Adapter->NVMRdmWrmLock);
1638 kfree(psFlash2xBitMap);
1639 return -EACCES;
1640 }
1641
1642 BcmGetFlash2xSectionalBitMap(Adapter, psFlash2xBitMap);
1643 up(&Adapter->NVMRdmWrmLock);
1644 if (copy_to_user(IoBuffer.OutputBuffer, psFlash2xBitMap, sizeof(FLASH2X_BITMAP))) {
1645 kfree(psFlash2xBitMap);
1646 return -EFAULT;
1647 }
1648
1649 kfree(psFlash2xBitMap);
1650 }
1651 break;
1652
1653 case IOCTL_BCM_SET_ACTIVE_SECTION: {
1654 FLASH2X_SECTION_VAL eFlash2xSectionVal = 0;
1655 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "IOCTL_BCM_SET_ACTIVE_SECTION Called");
1656
1657 if (IsFlash2x(Adapter) != TRUE) {
1658 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "Flash Does not have 2.x map");
1659 return -EINVAL;
1660 }
1661
1662 Status = copy_from_user(&IoBuffer, argp, sizeof(IOCTL_BUFFER));
1663 if (Status) {
1664 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "Copy of IOCTL BUFFER failed");
1665 return -EFAULT;
1666 }
1667
1668 Status = copy_from_user(&eFlash2xSectionVal, IoBuffer.InputBuffer, sizeof(INT));
1669 if (Status) {
1670 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "Copy of flash section val failed");
1671 return -EFAULT;
1672 }
1673
1674 down(&Adapter->NVMRdmWrmLock);
1675
1676 if ((Adapter->IdleMode == TRUE) ||
1677 (Adapter->bShutStatus == TRUE) ||
1678 (Adapter->bPreparingForLowPowerMode == TRUE)) {
1679
1680 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "Device is in Idle/Shutdown Mode\n");
1681 up(&Adapter->NVMRdmWrmLock);
1682 return -EACCES;
1683 }
1684
1685 Status = BcmSetActiveSection(Adapter, eFlash2xSectionVal);
1686 if (Status)
1687 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "Failed to make it's priority Highest. Status %d", Status);
1688
1689 up(&Adapter->NVMRdmWrmLock);
1690 }
1691 break;
1692
1693 case IOCTL_BCM_IDENTIFY_ACTIVE_SECTION: {
1694 /* Right Now we are taking care of only DSD */
1695 Adapter->bAllDSDWriteAllow = FALSE;
1696 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "IOCTL_BCM_IDENTIFY_ACTIVE_SECTION called");
1697 Status = STATUS_SUCCESS;
1698 }
1699 break;
1700
1701 case IOCTL_BCM_COPY_SECTION: {
1702 FLASH2X_COPY_SECTION sCopySectStrut = {0};
1703 Status = STATUS_SUCCESS;
1704 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "IOCTL_BCM_COPY_SECTION Called");
1705
1706 Adapter->bAllDSDWriteAllow = FALSE;
1707 if (IsFlash2x(Adapter) != TRUE) {
1708 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "Flash Does not have 2.x map");
1709 return -EINVAL;
1710 }
1711
1712 Status = copy_from_user(&IoBuffer, argp, sizeof(IOCTL_BUFFER));
1713 if (Status) {
1714 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "Copy of IOCTL BUFFER failed Status :%d", Status);
1715 return -EFAULT;
1716 }
1717
1718 Status = copy_from_user(&sCopySectStrut, IoBuffer.InputBuffer, sizeof(FLASH2X_COPY_SECTION));
1719 if (Status) {
1720 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "Copy of Copy_Section_Struct failed with Status :%d", Status);
1721 return -EFAULT;
1722 }
1723
1724 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "Source SEction :%x", sCopySectStrut.SrcSection);
1725 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "Destination SEction :%x", sCopySectStrut.DstSection);
1726 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "offset :%x", sCopySectStrut.offset);
1727 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "NOB :%x", sCopySectStrut.numOfBytes);
1728
1729 if (IsSectionExistInFlash(Adapter, sCopySectStrut.SrcSection) == FALSE) {
1730 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "Source Section<%x> does not exixt in Flash ", sCopySectStrut.SrcSection);
1731 return -EINVAL;
1732 }
1733
1734 if (IsSectionExistInFlash(Adapter, sCopySectStrut.DstSection) == FALSE) {
1735 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "Destinatio Section<%x> does not exixt in Flash ", sCopySectStrut.DstSection);
1736 return -EINVAL;
1737 }
1738
1739 if (sCopySectStrut.SrcSection == sCopySectStrut.DstSection) {
1740 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "Source and Destination section should be different");
1741 return -EINVAL;
1742 }
1743
1744 down(&Adapter->NVMRdmWrmLock);
1745
1746 if ((Adapter->IdleMode == TRUE) ||
1747 (Adapter->bShutStatus == TRUE) ||
1748 (Adapter->bPreparingForLowPowerMode == TRUE)) {
1749
1750 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "Device is in Idle/Shutdown Mode\n");
1751 up(&Adapter->NVMRdmWrmLock);
1752 return -EACCES;
1753 }
1754
1755 if (sCopySectStrut.SrcSection == ISO_IMAGE1 || sCopySectStrut.SrcSection == ISO_IMAGE2) {
1756 if (IsNonCDLessDevice(Adapter)) {
1757 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "Device is Non-CDLess hence won't have ISO !!");
1758 Status = -EINVAL;
1759 } else if (sCopySectStrut.numOfBytes == 0) {
1760 Status = BcmCopyISO(Adapter, sCopySectStrut);
1761 } else {
1762 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "Partial Copy of ISO section is not Allowed..");
1763 Status = STATUS_FAILURE;
1764 }
1765 up(&Adapter->NVMRdmWrmLock);
1766 return Status;
1767 }
1768
1769 Status = BcmCopySection(Adapter, sCopySectStrut.SrcSection,
1770 sCopySectStrut.DstSection, sCopySectStrut.offset, sCopySectStrut.numOfBytes);
1771 up(&Adapter->NVMRdmWrmLock);
1772 }
1773 break;
1774
1775 case IOCTL_BCM_GET_FLASH_CS_INFO: {
1776 Status = STATUS_SUCCESS;
1777 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, " IOCTL_BCM_GET_FLASH_CS_INFO Called");
1778
1779 Status = copy_from_user(&IoBuffer, argp, sizeof(IOCTL_BUFFER));
1780 if (Status) {
1781 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "Copy of IOCTL BUFFER failed");
1782 return -EFAULT;
1783 }
1784
1785 if (Adapter->eNVMType != NVM_FLASH) {
1786 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "Connected device does not have flash");
1787 Status = -EINVAL;
1788 break;
1789 }
1790
1791 if (IsFlash2x(Adapter) == TRUE) {
1792 if (IoBuffer.OutputLength < sizeof(FLASH2X_CS_INFO))
1793 return -EINVAL;
1794
1795 if (copy_to_user(IoBuffer.OutputBuffer, Adapter->psFlash2xCSInfo, sizeof(FLASH2X_CS_INFO)))
1796 return -EFAULT;
1797 } else {
1798 if (IoBuffer.OutputLength < sizeof(FLASH_CS_INFO))
1799 return -EINVAL;
1800
1801 if (copy_to_user(IoBuffer.OutputBuffer, Adapter->psFlashCSInfo, sizeof(FLASH_CS_INFO)))
1802 return -EFAULT;
1803 }
1804 }
1805 break;
1806
1807 case IOCTL_BCM_SELECT_DSD: {
1808 UINT SectOfset = 0;
1809 FLASH2X_SECTION_VAL eFlash2xSectionVal;
1810 eFlash2xSectionVal = NO_SECTION_VAL;
1811 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "IOCTL_BCM_SELECT_DSD Called");
1812
1813 if (IsFlash2x(Adapter) != TRUE) {
1814 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "Flash Does not have 2.x map");
1815 return -EINVAL;
1816 }
1817
1818 Status = copy_from_user(&IoBuffer, argp, sizeof(IOCTL_BUFFER));
1819 if (Status) {
1820 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "Copy of IOCTL BUFFER failed");
1821 return -EFAULT;
1822 }
1823 Status = copy_from_user(&eFlash2xSectionVal, IoBuffer.InputBuffer, sizeof(INT));
1824 if (Status) {
1825 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "Copy of flash section val failed");
1826 return -EFAULT;
1827 }
1828
1829 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "Read Section :%d", eFlash2xSectionVal);
1830 if ((eFlash2xSectionVal != DSD0) &&
1831 (eFlash2xSectionVal != DSD1) &&
1832 (eFlash2xSectionVal != DSD2)) {
1833
1834 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "Passed section<%x> is not DSD section", eFlash2xSectionVal);
1835 return STATUS_FAILURE;
1836 }
1837
1838 SectOfset = BcmGetSectionValStartOffset(Adapter, eFlash2xSectionVal);
1839 if (SectOfset == INVALID_OFFSET) {
1840 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "Provided Section val <%d> does not exixt in Flash 2.x", eFlash2xSectionVal);
1841 return -EINVAL;
1842 }
1843
1844 Adapter->bAllDSDWriteAllow = TRUE;
1845 Adapter->ulFlashCalStart = SectOfset;
1846 Adapter->eActiveDSD = eFlash2xSectionVal;
1847 }
1848 Status = STATUS_SUCCESS;
1849 break;
1850
1851 case IOCTL_BCM_NVM_RAW_READ: {
1852 NVM_READWRITE stNVMRead;
1853 INT NOB ;
1854 INT BuffSize ;
1855 INT ReadOffset = 0;
1856 UINT ReadBytes = 0 ;
1857 PUCHAR pReadBuff;
1858 void __user *OutPutBuff;
1859
1860 if (Adapter->eNVMType != NVM_FLASH) {
1861 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "NVM TYPE is not Flash");
1862 return -EINVAL;
1863 }
1864
1865 /* Copy Ioctl Buffer structure */
1866 if (copy_from_user(&IoBuffer, argp, sizeof(IOCTL_BUFFER))) {
1867 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "copy_from_user 1 failed\n");
1868 return -EFAULT;
1869 }
1870
1871 if (copy_from_user(&stNVMRead, IoBuffer.OutputBuffer, sizeof(NVM_READWRITE)))
1872 return -EFAULT;
1873
1874 NOB = stNVMRead.uiNumBytes;
1875 /* In Raw-Read max Buff size : 64MB */
1876
1877 if (NOB > DEFAULT_BUFF_SIZE)
1878 BuffSize = DEFAULT_BUFF_SIZE;
1879 else
1880 BuffSize = NOB;
1881
1882 ReadOffset = stNVMRead.uiOffset;
1883 OutPutBuff = stNVMRead.pBuffer;
1884
1885 pReadBuff = kzalloc(BuffSize , GFP_KERNEL);
1886 if (pReadBuff == NULL) {
1887 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "Memory allocation failed for Flash 2.x Read Structure");
1888 Status = -ENOMEM;
1889 break;
1890 }
1891 down(&Adapter->NVMRdmWrmLock);
1892
1893 if ((Adapter->IdleMode == TRUE) ||
1894 (Adapter->bShutStatus == TRUE) ||
1895 (Adapter->bPreparingForLowPowerMode == TRUE)) {
1896
1897 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "Device is in Idle/Shutdown Mode\n");
1898 kfree(pReadBuff);
1899 up(&Adapter->NVMRdmWrmLock);
1900 return -EACCES;
1901 }
1902
1903 Adapter->bFlashRawRead = TRUE;
1904
1905 while (NOB) {
1906 if (NOB > DEFAULT_BUFF_SIZE)
1907 ReadBytes = DEFAULT_BUFF_SIZE;
1908 else
1909 ReadBytes = NOB;
1910
1911 /* Reading the data from Flash 2.x */
1912 Status = BeceemNVMRead(Adapter, (PUINT)pReadBuff, ReadOffset, ReadBytes);
1913 if (Status) {
1914 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "Flash 2x read err with Status :%d", Status);
1915 break;
1916 }
1917
1918 BCM_DEBUG_PRINT_BUFFER(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, pReadBuff, ReadBytes);
1919
1920 Status = copy_to_user(OutPutBuff, pReadBuff, ReadBytes);
1921 if (Status) {
1922 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "Copy to use failed with status :%d", Status);
1923 up(&Adapter->NVMRdmWrmLock);
1924 kfree(pReadBuff);
1925 return -EFAULT;
1926 }
1927 NOB = NOB - ReadBytes;
1928 if (NOB) {
1929 ReadOffset = ReadOffset + ReadBytes;
1930 OutPutBuff = OutPutBuff + ReadBytes;
1931 }
1932 }
1933 Adapter->bFlashRawRead = FALSE;
1934 up(&Adapter->NVMRdmWrmLock);
1935 kfree(pReadBuff);
1936 break;
1937 }
1938
1939 case IOCTL_BCM_CNTRLMSG_MASK: {
1940 ULONG RxCntrlMsgBitMask = 0;
1941
1942 /* Copy Ioctl Buffer structure */
1943 Status = copy_from_user(&IoBuffer, argp, sizeof(IOCTL_BUFFER));
1944 if (Status) {
1945 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "copy of Ioctl buffer is failed from user space");
1946 return -EFAULT;
1947 }
1948
1949 if (IoBuffer.InputLength != sizeof(unsigned long)) {
1950 Status = -EINVAL;
1951 break;
1952 }
1953
1954 Status = copy_from_user(&RxCntrlMsgBitMask, IoBuffer.InputBuffer, IoBuffer.InputLength);
1955 if (Status) {
1956 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "copy of control bit mask failed from user space");
1957 return -EFAULT;
1958 }
1959 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "\n Got user defined cntrl msg bit mask :%lx", RxCntrlMsgBitMask);
1960 pTarang->RxCntrlMsgBitMask = RxCntrlMsgBitMask;
1961 }
1962 break;
1963
1964 case IOCTL_BCM_GET_DEVICE_DRIVER_INFO: {
1965 DEVICE_DRIVER_INFO DevInfo;
1966
1967 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "Called IOCTL_BCM_GET_DEVICE_DRIVER_INFO\n");
1968
1969 DevInfo.MaxRDMBufferSize = BUFFER_4K;
1970 DevInfo.u32DSDStartOffset = EEPROM_CALPARAM_START;
1971 DevInfo.u32RxAlignmentCorrection = 0;
1972 DevInfo.u32NVMType = Adapter->eNVMType;
1973 DevInfo.u32InterfaceType = BCM_USB;
1974
1975 if (copy_from_user(&IoBuffer, argp, sizeof(IOCTL_BUFFER)))
1976 return -EFAULT;
1977
1978 if (IoBuffer.OutputLength < sizeof(DevInfo))
1979 return -EINVAL;
1980
1981 if (copy_to_user(IoBuffer.OutputBuffer, &DevInfo, sizeof(DevInfo)))
1982 return -EFAULT;
1983 }
1984 break;
1985
1986 case IOCTL_BCM_TIME_SINCE_NET_ENTRY: {
1987 ST_TIME_ELAPSED stTimeElapsedSinceNetEntry = {0};
1988
1989 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "IOCTL_BCM_TIME_SINCE_NET_ENTRY called");
1990
1991 if (copy_from_user(&IoBuffer, argp, sizeof(IOCTL_BUFFER)))
1992 return -EFAULT;
1993
1994 if (IoBuffer.OutputLength < sizeof(ST_TIME_ELAPSED))
1995 return -EINVAL;
1996
1997 stTimeElapsedSinceNetEntry.ul64TimeElapsedSinceNetEntry = get_seconds() - Adapter->liTimeSinceLastNetEntry;
1998
1999 if (copy_to_user(IoBuffer.OutputBuffer, &stTimeElapsedSinceNetEntry, sizeof(ST_TIME_ELAPSED)))
2000 return -EFAULT;
2001 }
2002 break;
2003
2004 case IOCTL_CLOSE_NOTIFICATION:
2005 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "IOCTL_CLOSE_NOTIFICATION");
2006 break;
2007
2008 default:
2009 pr_info(DRV_NAME ": unknown ioctl cmd=%#x\n", cmd);
2010 Status = STATUS_FAILURE;
2011 break;
2012 }
2013 return Status;
2014 }
2015
2016
2017 static const struct file_operations bcm_fops = {
2018 .owner = THIS_MODULE,
2019 .open = bcm_char_open,
2020 .release = bcm_char_release,
2021 .read = bcm_char_read,
2022 .unlocked_ioctl = bcm_char_ioctl,
2023 .llseek = no_llseek,
2024 };
2025
2026 int register_control_device_interface(PMINI_ADAPTER Adapter)
2027 {
2028
2029 if (Adapter->major > 0)
2030 return Adapter->major;
2031
2032 Adapter->major = register_chrdev(0, DEV_NAME, &bcm_fops);
2033 if (Adapter->major < 0) {
2034 pr_err(DRV_NAME ": could not created character device\n");
2035 return Adapter->major;
2036 }
2037
2038 Adapter->pstCreatedClassDevice = device_create(bcm_class, NULL,
2039 MKDEV(Adapter->major, 0),
2040 Adapter, DEV_NAME);
2041
2042 if (IS_ERR(Adapter->pstCreatedClassDevice)) {
2043 pr_err(DRV_NAME ": class device create failed\n");
2044 unregister_chrdev(Adapter->major, DEV_NAME);
2045 return PTR_ERR(Adapter->pstCreatedClassDevice);
2046 }
2047
2048 return 0;
2049 }
2050
2051 void unregister_control_device_interface(PMINI_ADAPTER Adapter)
2052 {
2053 if (Adapter->major > 0) {
2054 device_destroy(bcm_class, MKDEV(Adapter->major, 0));
2055 unregister_chrdev(Adapter->major, DEV_NAME);
2056 }
2057 }
2058
(deprecated) Btrfs devel tree