search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
x86-64, mm: Initialize VDSO earlier on 64 bits
[linux-2.6/linux-acpi-2.6/ibm-acpi-2.6.git] / drivers / ieee1394 / raw1394.c
blobb563d5e9fa2e5a7ea163390eb72c4e1a384505c1
1 /*
2 * IEEE 1394 for Linux
3 *
4 * Raw interface to the bus
5 *
6 * Copyright (C) 1999, 2000 Andreas E. Bombe
7 * 2001, 2002 Manfred Weihs <weihs@ict.tuwien.ac.at>
8 * 2002 Christian Toegel <christian.toegel@gmx.at>
9 *
10 * This code is licensed under the GPL. See the file COPYING in the root
11 * directory of the kernel sources for details.
12 *
13 *
14 * Contributions:
15 *
16 * Manfred Weihs <weihs@ict.tuwien.ac.at>
17 * configuration ROM manipulation
18 * address range mapping
19 * adaptation for new (transparent) loopback mechanism
20 * sending of arbitrary async packets
21 * Christian Toegel <christian.toegel@gmx.at>
22 * address range mapping
23 * lock64 request
24 * transmit physical packet
25 * busreset notification control (switch on/off)
26 * busreset with selection of type (short/long)
27 * request_reply
28 */
29
30 #include <linux/kernel.h>
31 #include <linux/list.h>
32 #include <linux/sched.h>
33 #include <linux/string.h>
34 #include <linux/slab.h>
35 #include <linux/fs.h>
36 #include <linux/poll.h>
37 #include <linux/module.h>
38 #include <linux/mutex.h>
39 #include <linux/init.h>
40 #include <linux/interrupt.h>
41 #include <linux/vmalloc.h>
42 #include <linux/cdev.h>
43 #include <asm/uaccess.h>
44 #include <asm/atomic.h>
45 #include <linux/compat.h>
46
47 #include "csr1212.h"
48 #include "highlevel.h"
49 #include "hosts.h"
50 #include "ieee1394.h"
51 #include "ieee1394_core.h"
52 #include "ieee1394_hotplug.h"
53 #include "ieee1394_transactions.h"
54 #include "ieee1394_types.h"
55 #include "iso.h"
56 #include "nodemgr.h"
57 #include "raw1394.h"
58 #include "raw1394-private.h"
59
60 #define int2ptr(x) ((void __user *)(unsigned long)x)
61 #define ptr2int(x) ((u64)(unsigned long)(void __user *)x)
62
63 #ifdef CONFIG_IEEE1394_VERBOSEDEBUG
64 #define RAW1394_DEBUG
65 #endif
66
67 #ifdef RAW1394_DEBUG
68 #define DBGMSG(fmt, args...) \
69 printk(KERN_INFO "raw1394:" fmt "\n" , ## args)
70 #else
71 #define DBGMSG(fmt, args...) do {} while (0)
72 #endif
73
74 static LIST_HEAD(host_info_list);
75 static int host_count;
76 static DEFINE_SPINLOCK(host_info_lock);
77 static atomic_t internal_generation = ATOMIC_INIT(0);
78
79 static atomic_t iso_buffer_size;
80 static const int iso_buffer_max = 4 * 1024 * 1024; /* 4 MB */
81
82 static struct hpsb_highlevel raw1394_highlevel;
83
84 static int arm_read(struct hpsb_host *host, int nodeid, quadlet_t * buffer,
85 u64 addr, size_t length, u16 flags);
86 static int arm_write(struct hpsb_host *host, int nodeid, int destid,
87 quadlet_t * data, u64 addr, size_t length, u16 flags);
88 static int arm_lock(struct hpsb_host *host, int nodeid, quadlet_t * store,
89 u64 addr, quadlet_t data, quadlet_t arg, int ext_tcode,
90 u16 flags);
91 static int arm_lock64(struct hpsb_host *host, int nodeid, octlet_t * store,
92 u64 addr, octlet_t data, octlet_t arg, int ext_tcode,
93 u16 flags);
94 static const struct hpsb_address_ops arm_ops = {
95 .read = arm_read,
96 .write = arm_write,
97 .lock = arm_lock,
98 .lock64 = arm_lock64,
99 };
100
101 static void queue_complete_cb(struct pending_request *req);
102
103 static struct pending_request *__alloc_pending_request(gfp_t flags)
104 {
105 struct pending_request *req;
106
107 req = kzalloc(sizeof(*req), flags);
108 if (req)
109 INIT_LIST_HEAD(&req->list);
110
111 return req;
112 }
113
114 static inline struct pending_request *alloc_pending_request(void)
115 {
116 return __alloc_pending_request(GFP_KERNEL);
117 }
118
119 static void free_pending_request(struct pending_request *req)
120 {
121 if (req->ibs) {
122 if (atomic_dec_and_test(&req->ibs->refcount)) {
123 atomic_sub(req->ibs->data_size, &iso_buffer_size);
124 kfree(req->ibs);
125 }
126 } else if (req->free_data) {
127 kfree(req->data);
128 }
129 hpsb_free_packet(req->packet);
130 kfree(req);
131 }
132
133 /* fi->reqlists_lock must be taken */
134 static void __queue_complete_req(struct pending_request *req)
135 {
136 struct file_info *fi = req->file_info;
137
138 list_move_tail(&req->list, &fi->req_complete);
139 wake_up(&fi->wait_complete);
140 }
141
142 static void queue_complete_req(struct pending_request *req)
143 {
144 unsigned long flags;
145 struct file_info *fi = req->file_info;
146
147 spin_lock_irqsave(&fi->reqlists_lock, flags);
148 __queue_complete_req(req);
149 spin_unlock_irqrestore(&fi->reqlists_lock, flags);
150 }
151
152 static void queue_complete_cb(struct pending_request *req)
153 {
154 struct hpsb_packet *packet = req->packet;
155 int rcode = (packet->header[1] >> 12) & 0xf;
156
157 switch (packet->ack_code) {
158 case ACKX_NONE:
159 case ACKX_SEND_ERROR:
160 req->req.error = RAW1394_ERROR_SEND_ERROR;
161 break;
162 case ACKX_ABORTED:
163 req->req.error = RAW1394_ERROR_ABORTED;
164 break;
165 case ACKX_TIMEOUT:
166 req->req.error = RAW1394_ERROR_TIMEOUT;
167 break;
168 default:
169 req->req.error = (packet->ack_code << 16) | rcode;
170 break;
171 }
172
173 if (!((packet->ack_code == ACK_PENDING) && (rcode == RCODE_COMPLETE))) {
174 req->req.length = 0;
175 }
176
177 if ((req->req.type == RAW1394_REQ_ASYNC_READ) ||
178 (req->req.type == RAW1394_REQ_ASYNC_WRITE) ||
179 (req->req.type == RAW1394_REQ_ASYNC_STREAM) ||
180 (req->req.type == RAW1394_REQ_LOCK) ||
181 (req->req.type == RAW1394_REQ_LOCK64))
182 hpsb_free_tlabel(packet);
183
184 queue_complete_req(req);
185 }
186
187 static void add_host(struct hpsb_host *host)
188 {
189 struct host_info *hi;
190 unsigned long flags;
191
192 hi = kmalloc(sizeof(*hi), GFP_KERNEL);
193
194 if (hi) {
195 INIT_LIST_HEAD(&hi->list);
196 hi->host = host;
197 INIT_LIST_HEAD(&hi->file_info_list);
198
199 spin_lock_irqsave(&host_info_lock, flags);
200 list_add_tail(&hi->list, &host_info_list);
201 host_count++;
202 spin_unlock_irqrestore(&host_info_lock, flags);
203 }
204
205 atomic_inc(&internal_generation);
206 }
207
208 static struct host_info *find_host_info(struct hpsb_host *host)
209 {
210 struct host_info *hi;
211
212 list_for_each_entry(hi, &host_info_list, list)
213 if (hi->host == host)
214 return hi;
215
216 return NULL;
217 }
218
219 static void remove_host(struct hpsb_host *host)
220 {
221 struct host_info *hi;
222 unsigned long flags;
223
224 spin_lock_irqsave(&host_info_lock, flags);
225 hi = find_host_info(host);
226
227 if (hi != NULL) {
228 list_del(&hi->list);
229 host_count--;
230 /*
231 FIXME: address ranges should be removed
232 and fileinfo states should be initialized
233 (including setting generation to
234 internal-generation ...)
235 */
236 }
237 spin_unlock_irqrestore(&host_info_lock, flags);
238
239 if (hi == NULL) {
240 printk(KERN_ERR "raw1394: attempt to remove unknown host "
241 "0x%p\n", host);
242 return;
243 }
244
245 kfree(hi);
246
247 atomic_inc(&internal_generation);
248 }
249
250 static void host_reset(struct hpsb_host *host)
251 {
252 unsigned long flags;
253 struct host_info *hi;
254 struct file_info *fi;
255 struct pending_request *req;
256
257 spin_lock_irqsave(&host_info_lock, flags);
258 hi = find_host_info(host);
259
260 if (hi != NULL) {
261 list_for_each_entry(fi, &hi->file_info_list, list) {
262 if (fi->notification == RAW1394_NOTIFY_ON) {
263 req = __alloc_pending_request(GFP_ATOMIC);
264
265 if (req != NULL) {
266 req->file_info = fi;
267 req->req.type = RAW1394_REQ_BUS_RESET;
268 req->req.generation =
269 get_hpsb_generation(host);
270 req->req.misc = (host->node_id << 16)
271 | host->node_count;
272 if (fi->protocol_version > 3) {
273 req->req.misc |=
274 (NODEID_TO_NODE
275 (host->irm_id)
276 << 8);
277 }
278
279 queue_complete_req(req);
280 }
281 }
282 }
283 }
284 spin_unlock_irqrestore(&host_info_lock, flags);
285 }
286
287 static void fcp_request(struct hpsb_host *host, int nodeid, int direction,
288 int cts, u8 * data, size_t length)
289 {
290 unsigned long flags;
291 struct host_info *hi;
292 struct file_info *fi;
293 struct pending_request *req, *req_next;
294 struct iso_block_store *ibs = NULL;
295 LIST_HEAD(reqs);
296
297 if ((atomic_read(&iso_buffer_size) + length) > iso_buffer_max) {
298 HPSB_INFO("dropped fcp request");
299 return;
300 }
301
302 spin_lock_irqsave(&host_info_lock, flags);
303 hi = find_host_info(host);
304
305 if (hi != NULL) {
306 list_for_each_entry(fi, &hi->file_info_list, list) {
307 if (!fi->fcp_buffer)
308 continue;
309
310 req = __alloc_pending_request(GFP_ATOMIC);
311 if (!req)
312 break;
313
314 if (!ibs) {
315 ibs = kmalloc(sizeof(*ibs) + length,
316 GFP_ATOMIC);
317 if (!ibs) {
318 kfree(req);
319 break;
320 }
321
322 atomic_add(length, &iso_buffer_size);
323 atomic_set(&ibs->refcount, 0);
324 ibs->data_size = length;
325 memcpy(ibs->data, data, length);
326 }
327
328 atomic_inc(&ibs->refcount);
329
330 req->file_info = fi;
331 req->ibs = ibs;
332 req->data = ibs->data;
333 req->req.type = RAW1394_REQ_FCP_REQUEST;
334 req->req.generation = get_hpsb_generation(host);
335 req->req.misc = nodeid | (direction << 16);
336 req->req.recvb = ptr2int(fi->fcp_buffer);
337 req->req.length = length;
338
339 list_add_tail(&req->list, &reqs);
340 }
341 }
342 spin_unlock_irqrestore(&host_info_lock, flags);
343
344 list_for_each_entry_safe(req, req_next, &reqs, list)
345 queue_complete_req(req);
346 }
347
348 #ifdef CONFIG_COMPAT
349 struct compat_raw1394_req {
350 __u32 type;
351 __s32 error;
352 __u32 misc;
353
354 __u32 generation;
355 __u32 length;
356
357 __u64 address;
358
359 __u64 tag;
360
361 __u64 sendb;
362 __u64 recvb;
363 }
364 #if defined(CONFIG_X86_64) || defined(CONFIG_IA64)
365 __attribute__((packed))
366 #endif
367 ;
368
369 static const char __user *raw1394_compat_write(const char __user *buf)
370 {
371 struct compat_raw1394_req __user *cr = (typeof(cr)) buf;
372 struct raw1394_request __user *r;
373
374 r = compat_alloc_user_space(sizeof(struct raw1394_request));
375
376 #define C(x) __copy_in_user(&r->x, &cr->x, sizeof(r->x))
377
378 if (copy_in_user(r, cr, sizeof(struct compat_raw1394_req)) ||
379 C(address) ||
380 C(tag) ||
381 C(sendb) ||
382 C(recvb))
383 return (__force const char __user *)ERR_PTR(-EFAULT);
384
385 return (const char __user *)r;
386 }
387 #undef C
388
389 #define P(x) __put_user(r->x, &cr->x)
390
391 static int
392 raw1394_compat_read(const char __user *buf, struct raw1394_request *r)
393 {
394 struct compat_raw1394_req __user *cr = (typeof(cr)) buf;
395
396 if (!access_ok(VERIFY_WRITE, cr, sizeof(struct compat_raw1394_req)) ||
397 P(type) ||
398 P(error) ||
399 P(misc) ||
400 P(generation) ||
401 P(length) ||
402 P(address) ||
403 P(tag) ||
404 P(sendb) ||
405 P(recvb))
406 return -EFAULT;
407
408 return sizeof(struct compat_raw1394_req);
409 }
410 #undef P
411
412 #endif
413
414 /* get next completed request (caller must hold fi->reqlists_lock) */
415 static inline struct pending_request *__next_complete_req(struct file_info *fi)
416 {
417 struct list_head *lh;
418 struct pending_request *req = NULL;
419
420 if (!list_empty(&fi->req_complete)) {
421 lh = fi->req_complete.next;
422 list_del(lh);
423 req = list_entry(lh, struct pending_request, list);
424 }
425 return req;
426 }
427
428 /* atomically get next completed request */
429 static struct pending_request *next_complete_req(struct file_info *fi)
430 {
431 unsigned long flags;
432 struct pending_request *req;
433
434 spin_lock_irqsave(&fi->reqlists_lock, flags);
435 req = __next_complete_req(fi);
436 spin_unlock_irqrestore(&fi->reqlists_lock, flags);
437 return req;
438 }
439
440 static ssize_t raw1394_read(struct file *file, char __user * buffer,
441 size_t count, loff_t * offset_is_ignored)
442 {
443 struct file_info *fi = (struct file_info *)file->private_data;
444 struct pending_request *req;
445 ssize_t ret;
446
447 #ifdef CONFIG_COMPAT
448 if (count == sizeof(struct compat_raw1394_req)) {
449 /* ok */
450 } else
451 #endif
452 if (count != sizeof(struct raw1394_request)) {
453 return -EINVAL;
454 }
455
456 if (!access_ok(VERIFY_WRITE, buffer, count)) {
457 return -EFAULT;
458 }
459
460 if (file->f_flags & O_NONBLOCK) {
461 if (!(req = next_complete_req(fi)))
462 return -EAGAIN;
463 } else {
464 /*
465 * NB: We call the macro wait_event_interruptible() with a
466 * condition argument with side effect. This is only possible
467 * because the side effect does not occur until the condition
468 * became true, and wait_event_interruptible() won't evaluate
469 * the condition again after that.
470 */
471 if (wait_event_interruptible(fi->wait_complete,
472 (req = next_complete_req(fi))))
473 return -ERESTARTSYS;
474 }
475
476 if (req->req.length) {
477 if (copy_to_user(int2ptr(req->req.recvb), req->data,
478 req->req.length)) {
479 req->req.error = RAW1394_ERROR_MEMFAULT;
480 }
481 }
482
483 #ifdef CONFIG_COMPAT
484 if (count == sizeof(struct compat_raw1394_req) &&
485 sizeof(struct compat_raw1394_req) !=
486 sizeof(struct raw1394_request)) {
487 ret = raw1394_compat_read(buffer, &req->req);
488 } else
489 #endif
490 {
491 if (copy_to_user(buffer, &req->req, sizeof(req->req))) {
492 ret = -EFAULT;
493 goto out;
494 }
495 ret = (ssize_t) sizeof(struct raw1394_request);
496 }
497 out:
498 free_pending_request(req);
499 return ret;
500 }
501
502 static int state_opened(struct file_info *fi, struct pending_request *req)
503 {
504 if (req->req.type == RAW1394_REQ_INITIALIZE) {
505 switch (req->req.misc) {
506 case RAW1394_KERNELAPI_VERSION:
507 case 3:
508 fi->state = initialized;
509 fi->protocol_version = req->req.misc;
510 req->req.error = RAW1394_ERROR_NONE;
511 req->req.generation = atomic_read(&internal_generation);
512 break;
513
514 default:
515 req->req.error = RAW1394_ERROR_COMPAT;
516 req->req.misc = RAW1394_KERNELAPI_VERSION;
517 }
518 } else {
519 req->req.error = RAW1394_ERROR_STATE_ORDER;
520 }
521
522 req->req.length = 0;
523 queue_complete_req(req);
524 return 0;
525 }
526
527 static int state_initialized(struct file_info *fi, struct pending_request *req)
528 {
529 unsigned long flags;
530 struct host_info *hi;
531 struct raw1394_khost_list *khl;
532
533 if (req->req.generation != atomic_read(&internal_generation)) {
534 req->req.error = RAW1394_ERROR_GENERATION;
535 req->req.generation = atomic_read(&internal_generation);
536 req->req.length = 0;
537 queue_complete_req(req);
538 return 0;
539 }
540
541 switch (req->req.type) {
542 case RAW1394_REQ_LIST_CARDS:
543 spin_lock_irqsave(&host_info_lock, flags);
544 khl = kmalloc(sizeof(*khl) * host_count, GFP_ATOMIC);
545
546 if (khl) {
547 req->req.misc = host_count;
548 req->data = (quadlet_t *) khl;
549
550 list_for_each_entry(hi, &host_info_list, list) {
551 khl->nodes = hi->host->node_count;
552 strcpy(khl->name, hi->host->driver->name);
553 khl++;
554 }
555 }
556 spin_unlock_irqrestore(&host_info_lock, flags);
557
558 if (khl) {
559 req->req.error = RAW1394_ERROR_NONE;
560 req->req.length = min(req->req.length,
561 (u32) (sizeof
562 (struct raw1394_khost_list)
563 * req->req.misc));
564 req->free_data = 1;
565 } else {
566 return -ENOMEM;
567 }
568 break;
569
570 case RAW1394_REQ_SET_CARD:
571 spin_lock_irqsave(&host_info_lock, flags);
572 if (req->req.misc >= host_count) {
573 req->req.error = RAW1394_ERROR_INVALID_ARG;
574 goto out_set_card;
575 }
576 list_for_each_entry(hi, &host_info_list, list)
577 if (!req->req.misc--)
578 break;
579 get_device(&hi->host->device); /* FIXME handle failure case */
580 list_add_tail(&fi->list, &hi->file_info_list);
581
582 /* prevent unloading of the host's low-level driver */
583 if (!try_module_get(hi->host->driver->owner)) {
584 req->req.error = RAW1394_ERROR_ABORTED;
585 goto out_set_card;
586 }
587 WARN_ON(fi->host);
588 fi->host = hi->host;
589 fi->state = connected;
590
591 req->req.error = RAW1394_ERROR_NONE;
592 req->req.generation = get_hpsb_generation(fi->host);
593 req->req.misc = (fi->host->node_id << 16)
594 | fi->host->node_count;
595 if (fi->protocol_version > 3)
596 req->req.misc |= NODEID_TO_NODE(fi->host->irm_id) << 8;
597 out_set_card:
598 spin_unlock_irqrestore(&host_info_lock, flags);
599
600 req->req.length = 0;
601 break;
602
603 default:
604 req->req.error = RAW1394_ERROR_STATE_ORDER;
605 req->req.length = 0;
606 break;
607 }
608
609 queue_complete_req(req);
610 return 0;
611 }
612
613 static void handle_fcp_listen(struct file_info *fi, struct pending_request *req)
614 {
615 if (req->req.misc) {
616 if (fi->fcp_buffer) {
617 req->req.error = RAW1394_ERROR_ALREADY;
618 } else {
619 fi->fcp_buffer = int2ptr(req->req.recvb);
620 }
621 } else {
622 if (!fi->fcp_buffer) {
623 req->req.error = RAW1394_ERROR_ALREADY;
624 } else {
625 fi->fcp_buffer = NULL;
626 }
627 }
628
629 req->req.length = 0;
630 queue_complete_req(req);
631 }
632
633 static int handle_async_request(struct file_info *fi,
634 struct pending_request *req, int node)
635 {
636 unsigned long flags;
637 struct hpsb_packet *packet = NULL;
638 u64 addr = req->req.address & 0xffffffffffffULL;
639
640 switch (req->req.type) {
641 case RAW1394_REQ_ASYNC_READ:
642 DBGMSG("read_request called");
643 packet =
644 hpsb_make_readpacket(fi->host, node, addr, req->req.length);
645
646 if (!packet)
647 return -ENOMEM;
648
649 if (req->req.length == 4)
650 req->data = &packet->header[3];
651 else
652 req->data = packet->data;
653
654 break;
655
656 case RAW1394_REQ_ASYNC_WRITE:
657 DBGMSG("write_request called");
658
659 packet = hpsb_make_writepacket(fi->host, node, addr, NULL,
660 req->req.length);
661 if (!packet)
662 return -ENOMEM;
663
664 if (req->req.length == 4) {
665 if (copy_from_user
666 (&packet->header[3], int2ptr(req->req.sendb),
667 req->req.length))
668 req->req.error = RAW1394_ERROR_MEMFAULT;
669 } else {
670 if (copy_from_user
671 (packet->data, int2ptr(req->req.sendb),
672 req->req.length))
673 req->req.error = RAW1394_ERROR_MEMFAULT;
674 }
675
676 req->req.length = 0;
677 break;
678
679 case RAW1394_REQ_ASYNC_STREAM:
680 DBGMSG("stream_request called");
681
682 packet =
683 hpsb_make_streampacket(fi->host, NULL, req->req.length,
684 node & 0x3f /*channel */ ,
685 (req->req.misc >> 16) & 0x3,
686 req->req.misc & 0xf);
687 if (!packet)
688 return -ENOMEM;
689
690 if (copy_from_user(packet->data, int2ptr(req->req.sendb),
691 req->req.length))
692 req->req.error = RAW1394_ERROR_MEMFAULT;
693
694 req->req.length = 0;
695 break;
696
697 case RAW1394_REQ_LOCK:
698 DBGMSG("lock_request called");
699 if ((req->req.misc == EXTCODE_FETCH_ADD)
700 || (req->req.misc == EXTCODE_LITTLE_ADD)) {
701 if (req->req.length != 4) {
702 req->req.error = RAW1394_ERROR_INVALID_ARG;
703 break;
704 }
705 } else {
706 if (req->req.length != 8) {
707 req->req.error = RAW1394_ERROR_INVALID_ARG;
708 break;
709 }
710 }
711
712 packet = hpsb_make_lockpacket(fi->host, node, addr,
713 req->req.misc, NULL, 0);
714 if (!packet)
715 return -ENOMEM;
716
717 if (copy_from_user(packet->data, int2ptr(req->req.sendb),
718 req->req.length)) {
719 req->req.error = RAW1394_ERROR_MEMFAULT;
720 break;
721 }
722
723 req->data = packet->data;
724 req->req.length = 4;
725 break;
726
727 case RAW1394_REQ_LOCK64:
728 DBGMSG("lock64_request called");
729 if ((req->req.misc == EXTCODE_FETCH_ADD)
730 || (req->req.misc == EXTCODE_LITTLE_ADD)) {
731 if (req->req.length != 8) {
732 req->req.error = RAW1394_ERROR_INVALID_ARG;
733 break;
734 }
735 } else {
736 if (req->req.length != 16) {
737 req->req.error = RAW1394_ERROR_INVALID_ARG;
738 break;
739 }
740 }
741 packet = hpsb_make_lock64packet(fi->host, node, addr,
742 req->req.misc, NULL, 0);
743 if (!packet)
744 return -ENOMEM;
745
746 if (copy_from_user(packet->data, int2ptr(req->req.sendb),
747 req->req.length)) {
748 req->req.error = RAW1394_ERROR_MEMFAULT;
749 break;
750 }
751
752 req->data = packet->data;
753 req->req.length = 8;
754 break;
755
756 default:
757 req->req.error = RAW1394_ERROR_STATE_ORDER;
758 }
759
760 req->packet = packet;
761
762 if (req->req.error) {
763 req->req.length = 0;
764 queue_complete_req(req);
765 return 0;
766 }
767
768 hpsb_set_packet_complete_task(packet,
769 (void (*)(void *))queue_complete_cb, req);
770
771 spin_lock_irqsave(&fi->reqlists_lock, flags);
772 list_add_tail(&req->list, &fi->req_pending);
773 spin_unlock_irqrestore(&fi->reqlists_lock, flags);
774
775 packet->generation = req->req.generation;
776
777 if (hpsb_send_packet(packet) < 0) {
778 req->req.error = RAW1394_ERROR_SEND_ERROR;
779 req->req.length = 0;
780 hpsb_free_tlabel(packet);
781 queue_complete_req(req);
782 }
783 return 0;
784 }
785
786 static int handle_async_send(struct file_info *fi, struct pending_request *req)
787 {
788 unsigned long flags;
789 struct hpsb_packet *packet;
790 int header_length = req->req.misc & 0xffff;
791 int expect_response = req->req.misc >> 16;
792 size_t data_size;
793
794 if (header_length > req->req.length || header_length < 12 ||
795 header_length > FIELD_SIZEOF(struct hpsb_packet, header)) {
796 req->req.error = RAW1394_ERROR_INVALID_ARG;
797 req->req.length = 0;
798 queue_complete_req(req);
799 return 0;
800 }
801
802 data_size = req->req.length - header_length;
803 packet = hpsb_alloc_packet(data_size);
804 req->packet = packet;
805 if (!packet)
806 return -ENOMEM;
807
808 if (copy_from_user(packet->header, int2ptr(req->req.sendb),
809 header_length)) {
810 req->req.error = RAW1394_ERROR_MEMFAULT;
811 req->req.length = 0;
812 queue_complete_req(req);
813 return 0;
814 }
815
816 if (copy_from_user
817 (packet->data, int2ptr(req->req.sendb) + header_length,
818 data_size)) {
819 req->req.error = RAW1394_ERROR_MEMFAULT;
820 req->req.length = 0;
821 queue_complete_req(req);
822 return 0;
823 }
824
825 packet->type = hpsb_async;
826 packet->node_id = packet->header[0] >> 16;
827 packet->tcode = (packet->header[0] >> 4) & 0xf;
828 packet->tlabel = (packet->header[0] >> 10) & 0x3f;
829 packet->host = fi->host;
830 packet->expect_response = expect_response;
831 packet->header_size = header_length;
832 packet->data_size = data_size;
833
834 req->req.length = 0;
835 hpsb_set_packet_complete_task(packet,
836 (void (*)(void *))queue_complete_cb, req);
837
838 spin_lock_irqsave(&fi->reqlists_lock, flags);
839 list_add_tail(&req->list, &fi->req_pending);
840 spin_unlock_irqrestore(&fi->reqlists_lock, flags);
841
842 /* Update the generation of the packet just before sending. */
843 packet->generation = req->req.generation;
844
845 if (hpsb_send_packet(packet) < 0) {
846 req->req.error = RAW1394_ERROR_SEND_ERROR;
847 queue_complete_req(req);
848 }
849
850 return 0;
851 }
852
853 static int arm_read(struct hpsb_host *host, int nodeid, quadlet_t * buffer,
854 u64 addr, size_t length, u16 flags)
855 {
856 unsigned long irqflags;
857 struct pending_request *req;
858 struct host_info *hi;
859 struct file_info *fi = NULL;
860 struct list_head *entry;
861 struct arm_addr *arm_addr = NULL;
862 struct arm_request *arm_req = NULL;
863 struct arm_response *arm_resp = NULL;
864 int found = 0, size = 0, rcode = -1;
865 struct arm_request_response *arm_req_resp = NULL;
866
867 DBGMSG("arm_read called by node: %X "
868 "addr: %4.4x %8.8x length: %Zu", nodeid,
869 (u16) ((addr >> 32) & 0xFFFF), (u32) (addr & 0xFFFFFFFF),
870 length);
871 spin_lock_irqsave(&host_info_lock, irqflags);
872 hi = find_host_info(host); /* search address-entry */
873 if (hi != NULL) {
874 list_for_each_entry(fi, &hi->file_info_list, list) {
875 entry = fi->addr_list.next;
876 while (entry != &(fi->addr_list)) {
877 arm_addr =
878 list_entry(entry, struct arm_addr,
879 addr_list);
880 if (((arm_addr->start) <= (addr))
881 && ((arm_addr->end) >= (addr + length))) {
882 found = 1;
883 break;
884 }
885 entry = entry->next;
886 }
887 if (found) {
888 break;
889 }
890 }
891 }
892 rcode = -1;
893 if (!found) {
894 printk(KERN_ERR "raw1394: arm_read FAILED addr_entry not found"
895 " -> rcode_address_error\n");
896 spin_unlock_irqrestore(&host_info_lock, irqflags);
897 return (RCODE_ADDRESS_ERROR);
898 } else {
899 DBGMSG("arm_read addr_entry FOUND");
900 }
901 if (arm_addr->rec_length < length) {
902 DBGMSG("arm_read blocklength too big -> rcode_data_error");
903 rcode = RCODE_DATA_ERROR; /* hardware error, data is unavailable */
904 }
905 if (rcode == -1) {
906 if (arm_addr->access_rights & ARM_READ) {
907 if (!(arm_addr->client_transactions & ARM_READ)) {
908 memcpy(buffer,
909 (arm_addr->addr_space_buffer) + (addr -
910 (arm_addr->
911 start)),
912 length);
913 DBGMSG("arm_read -> (rcode_complete)");
914 rcode = RCODE_COMPLETE;
915 }
916 } else {
917 rcode = RCODE_TYPE_ERROR; /* function not allowed */
918 DBGMSG("arm_read -> rcode_type_error (access denied)");
919 }
920 }
921 if (arm_addr->notification_options & ARM_READ) {
922 DBGMSG("arm_read -> entering notification-section");
923 req = __alloc_pending_request(GFP_ATOMIC);
924 if (!req) {
925 DBGMSG("arm_read -> rcode_conflict_error");
926 spin_unlock_irqrestore(&host_info_lock, irqflags);
927 return (RCODE_CONFLICT_ERROR); /* A resource conflict was detected.
928 The request may be retried */
929 }
930 if (rcode == RCODE_COMPLETE) {
931 size =
932 sizeof(struct arm_request) +
933 sizeof(struct arm_response) +
934 length * sizeof(byte_t) +
935 sizeof(struct arm_request_response);
936 } else {
937 size =
938 sizeof(struct arm_request) +
939 sizeof(struct arm_response) +
940 sizeof(struct arm_request_response);
941 }
942 req->data = kmalloc(size, GFP_ATOMIC);
943 if (!(req->data)) {
944 free_pending_request(req);
945 DBGMSG("arm_read -> rcode_conflict_error");
946 spin_unlock_irqrestore(&host_info_lock, irqflags);
947 return (RCODE_CONFLICT_ERROR); /* A resource conflict was detected.
948 The request may be retried */
949 }
950 req->free_data = 1;
951 req->file_info = fi;
952 req->req.type = RAW1394_REQ_ARM;
953 req->req.generation = get_hpsb_generation(host);
954 req->req.misc =
955 (((length << 16) & (0xFFFF0000)) | (ARM_READ & 0xFF));
956 req->req.tag = arm_addr->arm_tag;
957 req->req.recvb = arm_addr->recvb;
958 req->req.length = size;
959 arm_req_resp = (struct arm_request_response *)(req->data);
960 arm_req = (struct arm_request *)((byte_t *) (req->data) +
961 (sizeof
962 (struct
963 arm_request_response)));
964 arm_resp =
965 (struct arm_response *)((byte_t *) (arm_req) +
966 (sizeof(struct arm_request)));
967 arm_req->buffer = NULL;
968 arm_resp->buffer = NULL;
969 if (rcode == RCODE_COMPLETE) {
970 byte_t *buf =
971 (byte_t *) arm_resp + sizeof(struct arm_response);
972 memcpy(buf,
973 (arm_addr->addr_space_buffer) + (addr -
974 (arm_addr->
975 start)),
976 length);
977 arm_resp->buffer =
978 int2ptr((arm_addr->recvb) +
979 sizeof(struct arm_request_response) +
980 sizeof(struct arm_request) +
981 sizeof(struct arm_response));
982 }
983 arm_resp->buffer_length =
984 (rcode == RCODE_COMPLETE) ? length : 0;
985 arm_resp->response_code = rcode;
986 arm_req->buffer_length = 0;
987 arm_req->generation = req->req.generation;
988 arm_req->extended_transaction_code = 0;
989 arm_req->destination_offset = addr;
990 arm_req->source_nodeid = nodeid;
991 arm_req->destination_nodeid = host->node_id;
992 arm_req->tlabel = (flags >> 10) & 0x3f;
993 arm_req->tcode = (flags >> 4) & 0x0f;
994 arm_req_resp->request = int2ptr((arm_addr->recvb) +
995 sizeof(struct
996 arm_request_response));
997 arm_req_resp->response =
998 int2ptr((arm_addr->recvb) +
999 sizeof(struct arm_request_response) +
1000 sizeof(struct arm_request));
1001 queue_complete_req(req);
1002 }
1003 spin_unlock_irqrestore(&host_info_lock, irqflags);
1004 return (rcode);
1005 }
1006
1007 static int arm_write(struct hpsb_host *host, int nodeid, int destid,
1008 quadlet_t * data, u64 addr, size_t length, u16 flags)
1009 {
1010 unsigned long irqflags;
1011 struct pending_request *req;
1012 struct host_info *hi;
1013 struct file_info *fi = NULL;
1014 struct list_head *entry;
1015 struct arm_addr *arm_addr = NULL;
1016 struct arm_request *arm_req = NULL;
1017 struct arm_response *arm_resp = NULL;
1018 int found = 0, size = 0, rcode = -1, length_conflict = 0;
1019 struct arm_request_response *arm_req_resp = NULL;
1020
1021 DBGMSG("arm_write called by node: %X "
1022 "addr: %4.4x %8.8x length: %Zu", nodeid,
1023 (u16) ((addr >> 32) & 0xFFFF), (u32) (addr & 0xFFFFFFFF),
1024 length);
1025 spin_lock_irqsave(&host_info_lock, irqflags);
1026 hi = find_host_info(host); /* search address-entry */
1027 if (hi != NULL) {
1028 list_for_each_entry(fi, &hi->file_info_list, list) {
1029 entry = fi->addr_list.next;
1030 while (entry != &(fi->addr_list)) {
1031 arm_addr =
1032 list_entry(entry, struct arm_addr,
1033 addr_list);
1034 if (((arm_addr->start) <= (addr))
1035 && ((arm_addr->end) >= (addr + length))) {
1036 found = 1;
1037 break;
1038 }
1039 entry = entry->next;
1040 }
1041 if (found) {
1042 break;
1043 }
1044 }
1045 }
1046 rcode = -1;
1047 if (!found) {
1048 printk(KERN_ERR "raw1394: arm_write FAILED addr_entry not found"
1049 " -> rcode_address_error\n");
1050 spin_unlock_irqrestore(&host_info_lock, irqflags);
1051 return (RCODE_ADDRESS_ERROR);
1052 } else {
1053 DBGMSG("arm_write addr_entry FOUND");
1054 }
1055 if (arm_addr->rec_length < length) {
1056 DBGMSG("arm_write blocklength too big -> rcode_data_error");
1057 length_conflict = 1;
1058 rcode = RCODE_DATA_ERROR; /* hardware error, data is unavailable */
1059 }
1060 if (rcode == -1) {
1061 if (arm_addr->access_rights & ARM_WRITE) {
1062 if (!(arm_addr->client_transactions & ARM_WRITE)) {
1063 memcpy((arm_addr->addr_space_buffer) +
1064 (addr - (arm_addr->start)), data,
1065 length);
1066 DBGMSG("arm_write -> (rcode_complete)");
1067 rcode = RCODE_COMPLETE;
1068 }
1069 } else {
1070 rcode = RCODE_TYPE_ERROR; /* function not allowed */
1071 DBGMSG("arm_write -> rcode_type_error (access denied)");
1072 }
1073 }
1074 if (arm_addr->notification_options & ARM_WRITE) {
1075 DBGMSG("arm_write -> entering notification-section");
1076 req = __alloc_pending_request(GFP_ATOMIC);
1077 if (!req) {
1078 DBGMSG("arm_write -> rcode_conflict_error");
1079 spin_unlock_irqrestore(&host_info_lock, irqflags);
1080 return (RCODE_CONFLICT_ERROR); /* A resource conflict was detected.
1081 The request my be retried */
1082 }
1083 size =
1084 sizeof(struct arm_request) + sizeof(struct arm_response) +
1085 (length) * sizeof(byte_t) +
1086 sizeof(struct arm_request_response);
1087 req->data = kmalloc(size, GFP_ATOMIC);
1088 if (!(req->data)) {
1089 free_pending_request(req);
1090 DBGMSG("arm_write -> rcode_conflict_error");
1091 spin_unlock_irqrestore(&host_info_lock, irqflags);
1092 return (RCODE_CONFLICT_ERROR); /* A resource conflict was detected.
1093 The request may be retried */
1094 }
1095 req->free_data = 1;
1096 req->file_info = fi;
1097 req->req.type = RAW1394_REQ_ARM;
1098 req->req.generation = get_hpsb_generation(host);
1099 req->req.misc =
1100 (((length << 16) & (0xFFFF0000)) | (ARM_WRITE & 0xFF));
1101 req->req.tag = arm_addr->arm_tag;
1102 req->req.recvb = arm_addr->recvb;
1103 req->req.length = size;
1104 arm_req_resp = (struct arm_request_response *)(req->data);
1105 arm_req = (struct arm_request *)((byte_t *) (req->data) +
1106 (sizeof
1107 (struct
1108 arm_request_response)));
1109 arm_resp =
1110 (struct arm_response *)((byte_t *) (arm_req) +
1111 (sizeof(struct arm_request)));
1112 arm_resp->buffer = NULL;
1113 memcpy((byte_t *) arm_resp + sizeof(struct arm_response),
1114 data, length);
1115 arm_req->buffer = int2ptr((arm_addr->recvb) +
1116 sizeof(struct arm_request_response) +
1117 sizeof(struct arm_request) +
1118 sizeof(struct arm_response));
1119 arm_req->buffer_length = length;
1120 arm_req->generation = req->req.generation;
1121 arm_req->extended_transaction_code = 0;
1122 arm_req->destination_offset = addr;
1123 arm_req->source_nodeid = nodeid;
1124 arm_req->destination_nodeid = destid;
1125 arm_req->tlabel = (flags >> 10) & 0x3f;
1126 arm_req->tcode = (flags >> 4) & 0x0f;
1127 arm_resp->buffer_length = 0;
1128 arm_resp->response_code = rcode;
1129 arm_req_resp->request = int2ptr((arm_addr->recvb) +
1130 sizeof(struct
1131 arm_request_response));
1132 arm_req_resp->response =
1133 int2ptr((arm_addr->recvb) +
1134 sizeof(struct arm_request_response) +
1135 sizeof(struct arm_request));
1136 queue_complete_req(req);
1137 }
1138 spin_unlock_irqrestore(&host_info_lock, irqflags);
1139 return (rcode);
1140 }
1141
1142 static int arm_lock(struct hpsb_host *host, int nodeid, quadlet_t * store,
1143 u64 addr, quadlet_t data, quadlet_t arg, int ext_tcode,
1144 u16 flags)
1145 {
1146 unsigned long irqflags;
1147 struct pending_request *req;
1148 struct host_info *hi;
1149 struct file_info *fi = NULL;
1150 struct list_head *entry;
1151 struct arm_addr *arm_addr = NULL;
1152 struct arm_request *arm_req = NULL;
1153 struct arm_response *arm_resp = NULL;
1154 int found = 0, size = 0, rcode = -1;
1155 quadlet_t old, new;
1156 struct arm_request_response *arm_req_resp = NULL;
1157
1158 if (((ext_tcode & 0xFF) == EXTCODE_FETCH_ADD) ||
1159 ((ext_tcode & 0xFF) == EXTCODE_LITTLE_ADD)) {
1160 DBGMSG("arm_lock called by node: %X "
1161 "addr: %4.4x %8.8x extcode: %2.2X data: %8.8X",
1162 nodeid, (u16) ((addr >> 32) & 0xFFFF),
1163 (u32) (addr & 0xFFFFFFFF), ext_tcode & 0xFF,
1164 be32_to_cpu(data));
1165 } else {
1166 DBGMSG("arm_lock called by node: %X "
1167 "addr: %4.4x %8.8x extcode: %2.2X data: %8.8X arg: %8.8X",
1168 nodeid, (u16) ((addr >> 32) & 0xFFFF),
1169 (u32) (addr & 0xFFFFFFFF), ext_tcode & 0xFF,
1170 be32_to_cpu(data), be32_to_cpu(arg));
1171 }
1172 spin_lock_irqsave(&host_info_lock, irqflags);
1173 hi = find_host_info(host); /* search address-entry */
1174 if (hi != NULL) {
1175 list_for_each_entry(fi, &hi->file_info_list, list) {
1176 entry = fi->addr_list.next;
1177 while (entry != &(fi->addr_list)) {
1178 arm_addr =
1179 list_entry(entry, struct arm_addr,
1180 addr_list);
1181 if (((arm_addr->start) <= (addr))
1182 && ((arm_addr->end) >=
1183 (addr + sizeof(*store)))) {
1184 found = 1;
1185 break;
1186 }
1187 entry = entry->next;
1188 }
1189 if (found) {
1190 break;
1191 }
1192 }
1193 }
1194 rcode = -1;
1195 if (!found) {
1196 printk(KERN_ERR "raw1394: arm_lock FAILED addr_entry not found"
1197 " -> rcode_address_error\n");
1198 spin_unlock_irqrestore(&host_info_lock, irqflags);
1199 return (RCODE_ADDRESS_ERROR);
1200 } else {
1201 DBGMSG("arm_lock addr_entry FOUND");
1202 }
1203 if (rcode == -1) {
1204 if (arm_addr->access_rights & ARM_LOCK) {
1205 if (!(arm_addr->client_transactions & ARM_LOCK)) {
1206 memcpy(&old,
1207 (arm_addr->addr_space_buffer) + (addr -
1208 (arm_addr->
1209 start)),
1210 sizeof(old));
1211 switch (ext_tcode) {
1212 case (EXTCODE_MASK_SWAP):
1213 new = data | (old & ~arg);
1214 break;
1215 case (EXTCODE_COMPARE_SWAP):
1216 if (old == arg) {
1217 new = data;
1218 } else {
1219 new = old;
1220 }
1221 break;
1222 case (EXTCODE_FETCH_ADD):
1223 new =
1224 cpu_to_be32(be32_to_cpu(data) +
1225 be32_to_cpu(old));
1226 break;
1227 case (EXTCODE_LITTLE_ADD):
1228 new =
1229 cpu_to_le32(le32_to_cpu(data) +
1230 le32_to_cpu(old));
1231 break;
1232 case (EXTCODE_BOUNDED_ADD):
1233 if (old != arg) {
1234 new =
1235 cpu_to_be32(be32_to_cpu
1236 (data) +
1237 be32_to_cpu
1238 (old));
1239 } else {
1240 new = old;
1241 }
1242 break;
1243 case (EXTCODE_WRAP_ADD):
1244 if (old != arg) {
1245 new =
1246 cpu_to_be32(be32_to_cpu
1247 (data) +
1248 be32_to_cpu
1249 (old));
1250 } else {
1251 new = data;
1252 }
1253 break;
1254 default:
1255 rcode = RCODE_TYPE_ERROR; /* function not allowed */
1256 printk(KERN_ERR
1257 "raw1394: arm_lock FAILED "
1258 "ext_tcode not allowed -> rcode_type_error\n");
1259 break;
1260 } /*switch */
1261 if (rcode == -1) {
1262 DBGMSG("arm_lock -> (rcode_complete)");
1263 rcode = RCODE_COMPLETE;
1264 memcpy(store, &old, sizeof(*store));
1265 memcpy((arm_addr->addr_space_buffer) +
1266 (addr - (arm_addr->start)),
1267 &new, sizeof(*store));
1268 }
1269 }
1270 } else {
1271 rcode = RCODE_TYPE_ERROR; /* function not allowed */
1272 DBGMSG("arm_lock -> rcode_type_error (access denied)");
1273 }
1274 }
1275 if (arm_addr->notification_options & ARM_LOCK) {
1276 byte_t *buf1, *buf2;
1277 DBGMSG("arm_lock -> entering notification-section");
1278 req = __alloc_pending_request(GFP_ATOMIC);
1279 if (!req) {
1280 DBGMSG("arm_lock -> rcode_conflict_error");
1281 spin_unlock_irqrestore(&host_info_lock, irqflags);
1282 return (RCODE_CONFLICT_ERROR); /* A resource conflict was detected.
1283 The request may be retried */
1284 }
1285 size = sizeof(struct arm_request) + sizeof(struct arm_response) + 3 * sizeof(*store) + sizeof(struct arm_request_response); /* maximum */
1286 req->data = kmalloc(size, GFP_ATOMIC);
1287 if (!(req->data)) {
1288 free_pending_request(req);
1289 DBGMSG("arm_lock -> rcode_conflict_error");
1290 spin_unlock_irqrestore(&host_info_lock, irqflags);
1291 return (RCODE_CONFLICT_ERROR); /* A resource conflict was detected.
1292 The request may be retried */
1293 }
1294 req->free_data = 1;
1295 arm_req_resp = (struct arm_request_response *)(req->data);
1296 arm_req = (struct arm_request *)((byte_t *) (req->data) +
1297 (sizeof
1298 (struct
1299 arm_request_response)));
1300 arm_resp =
1301 (struct arm_response *)((byte_t *) (arm_req) +
1302 (sizeof(struct arm_request)));
1303 buf1 = (byte_t *) arm_resp + sizeof(struct arm_response);
1304 buf2 = buf1 + 2 * sizeof(*store);
1305 if ((ext_tcode == EXTCODE_FETCH_ADD) ||
1306 (ext_tcode == EXTCODE_LITTLE_ADD)) {
1307 arm_req->buffer_length = sizeof(*store);
1308 memcpy(buf1, &data, sizeof(*store));
1309
1310 } else {
1311 arm_req->buffer_length = 2 * sizeof(*store);
1312 memcpy(buf1, &arg, sizeof(*store));
1313 memcpy(buf1 + sizeof(*store), &data, sizeof(*store));
1314 }
1315 if (rcode == RCODE_COMPLETE) {
1316 arm_resp->buffer_length = sizeof(*store);
1317 memcpy(buf2, &old, sizeof(*store));
1318 } else {
1319 arm_resp->buffer_length = 0;
1320 }
1321 req->file_info = fi;
1322 req->req.type = RAW1394_REQ_ARM;
1323 req->req.generation = get_hpsb_generation(host);
1324 req->req.misc = ((((sizeof(*store)) << 16) & (0xFFFF0000)) |
1325 (ARM_LOCK & 0xFF));
1326 req->req.tag = arm_addr->arm_tag;
1327 req->req.recvb = arm_addr->recvb;
1328 req->req.length = size;
1329 arm_req->generation = req->req.generation;
1330 arm_req->extended_transaction_code = ext_tcode;
1331 arm_req->destination_offset = addr;
1332 arm_req->source_nodeid = nodeid;
1333 arm_req->destination_nodeid = host->node_id;
1334 arm_req->tlabel = (flags >> 10) & 0x3f;
1335 arm_req->tcode = (flags >> 4) & 0x0f;
1336 arm_resp->response_code = rcode;
1337 arm_req_resp->request = int2ptr((arm_addr->recvb) +
1338 sizeof(struct
1339 arm_request_response));
1340 arm_req_resp->response =
1341 int2ptr((arm_addr->recvb) +
1342 sizeof(struct arm_request_response) +
1343 sizeof(struct arm_request));
1344 arm_req->buffer =
1345 int2ptr((arm_addr->recvb) +
1346 sizeof(struct arm_request_response) +
1347 sizeof(struct arm_request) +
1348 sizeof(struct arm_response));
1349 arm_resp->buffer =
1350 int2ptr((arm_addr->recvb) +
1351 sizeof(struct arm_request_response) +
1352 sizeof(struct arm_request) +
1353 sizeof(struct arm_response) + 2 * sizeof(*store));
1354 queue_complete_req(req);
1355 }
1356 spin_unlock_irqrestore(&host_info_lock, irqflags);
1357 return (rcode);
1358 }
1359
1360 static int arm_lock64(struct hpsb_host *host, int nodeid, octlet_t * store,
1361 u64 addr, octlet_t data, octlet_t arg, int ext_tcode,
1362 u16 flags)
1363 {
1364 unsigned long irqflags;
1365 struct pending_request *req;
1366 struct host_info *hi;
1367 struct file_info *fi = NULL;
1368 struct list_head *entry;
1369 struct arm_addr *arm_addr = NULL;
1370 struct arm_request *arm_req = NULL;
1371 struct arm_response *arm_resp = NULL;
1372 int found = 0, size = 0, rcode = -1;
1373 octlet_t old, new;
1374 struct arm_request_response *arm_req_resp = NULL;
1375
1376 if (((ext_tcode & 0xFF) == EXTCODE_FETCH_ADD) ||
1377 ((ext_tcode & 0xFF) == EXTCODE_LITTLE_ADD)) {
1378 DBGMSG("arm_lock64 called by node: %X "
1379 "addr: %4.4x %8.8x extcode: %2.2X data: %8.8X %8.8X ",
1380 nodeid, (u16) ((addr >> 32) & 0xFFFF),
1381 (u32) (addr & 0xFFFFFFFF),
1382 ext_tcode & 0xFF,
1383 (u32) ((be64_to_cpu(data) >> 32) & 0xFFFFFFFF),
1384 (u32) (be64_to_cpu(data) & 0xFFFFFFFF));
1385 } else {
1386 DBGMSG("arm_lock64 called by node: %X "
1387 "addr: %4.4x %8.8x extcode: %2.2X data: %8.8X %8.8X arg: "
1388 "%8.8X %8.8X ",
1389 nodeid, (u16) ((addr >> 32) & 0xFFFF),
1390 (u32) (addr & 0xFFFFFFFF),
1391 ext_tcode & 0xFF,
1392 (u32) ((be64_to_cpu(data) >> 32) & 0xFFFFFFFF),
1393 (u32) (be64_to_cpu(data) & 0xFFFFFFFF),
1394 (u32) ((be64_to_cpu(arg) >> 32) & 0xFFFFFFFF),
1395 (u32) (be64_to_cpu(arg) & 0xFFFFFFFF));
1396 }
1397 spin_lock_irqsave(&host_info_lock, irqflags);
1398 hi = find_host_info(host); /* search addressentry in file_info's for host */
1399 if (hi != NULL) {
1400 list_for_each_entry(fi, &hi->file_info_list, list) {
1401 entry = fi->addr_list.next;
1402 while (entry != &(fi->addr_list)) {
1403 arm_addr =
1404 list_entry(entry, struct arm_addr,
1405 addr_list);
1406 if (((arm_addr->start) <= (addr))
1407 && ((arm_addr->end) >=
1408 (addr + sizeof(*store)))) {
1409 found = 1;
1410 break;
1411 }
1412 entry = entry->next;
1413 }
1414 if (found) {
1415 break;
1416 }
1417 }
1418 }
1419 rcode = -1;
1420 if (!found) {
1421 printk(KERN_ERR
1422 "raw1394: arm_lock64 FAILED addr_entry not found"
1423 " -> rcode_address_error\n");
1424 spin_unlock_irqrestore(&host_info_lock, irqflags);
1425 return (RCODE_ADDRESS_ERROR);
1426 } else {
1427 DBGMSG("arm_lock64 addr_entry FOUND");
1428 }
1429 if (rcode == -1) {
1430 if (arm_addr->access_rights & ARM_LOCK) {
1431 if (!(arm_addr->client_transactions & ARM_LOCK)) {
1432 memcpy(&old,
1433 (arm_addr->addr_space_buffer) + (addr -
1434 (arm_addr->
1435 start)),
1436 sizeof(old));
1437 switch (ext_tcode) {
1438 case (EXTCODE_MASK_SWAP):
1439 new = data | (old & ~arg);
1440 break;
1441 case (EXTCODE_COMPARE_SWAP):
1442 if (old == arg) {
1443 new = data;
1444 } else {
1445 new = old;
1446 }
1447 break;
1448 case (EXTCODE_FETCH_ADD):
1449 new =
1450 cpu_to_be64(be64_to_cpu(data) +
1451 be64_to_cpu(old));
1452 break;
1453 case (EXTCODE_LITTLE_ADD):
1454 new =
1455 cpu_to_le64(le64_to_cpu(data) +
1456 le64_to_cpu(old));
1457 break;
1458 case (EXTCODE_BOUNDED_ADD):
1459 if (old != arg) {
1460 new =
1461 cpu_to_be64(be64_to_cpu
1462 (data) +
1463 be64_to_cpu
1464 (old));
1465 } else {
1466 new = old;
1467 }
1468 break;
1469 case (EXTCODE_WRAP_ADD):
1470 if (old != arg) {
1471 new =
1472 cpu_to_be64(be64_to_cpu
1473 (data) +
1474 be64_to_cpu
1475 (old));
1476 } else {
1477 new = data;
1478 }
1479 break;
1480 default:
1481 printk(KERN_ERR
1482 "raw1394: arm_lock64 FAILED "
1483 "ext_tcode not allowed -> rcode_type_error\n");
1484 rcode = RCODE_TYPE_ERROR; /* function not allowed */
1485 break;
1486 } /*switch */
1487 if (rcode == -1) {
1488 DBGMSG
1489 ("arm_lock64 -> (rcode_complete)");
1490 rcode = RCODE_COMPLETE;
1491 memcpy(store, &old, sizeof(*store));
1492 memcpy((arm_addr->addr_space_buffer) +
1493 (addr - (arm_addr->start)),
1494 &new, sizeof(*store));
1495 }
1496 }
1497 } else {
1498 rcode = RCODE_TYPE_ERROR; /* function not allowed */
1499 DBGMSG
1500 ("arm_lock64 -> rcode_type_error (access denied)");
1501 }
1502 }
1503 if (arm_addr->notification_options & ARM_LOCK) {
1504 byte_t *buf1, *buf2;
1505 DBGMSG("arm_lock64 -> entering notification-section");
1506 req = __alloc_pending_request(GFP_ATOMIC);
1507 if (!req) {
1508 spin_unlock_irqrestore(&host_info_lock, irqflags);
1509 DBGMSG("arm_lock64 -> rcode_conflict_error");
1510 return (RCODE_CONFLICT_ERROR); /* A resource conflict was detected.
1511 The request may be retried */
1512 }
1513 size = sizeof(struct arm_request) + sizeof(struct arm_response) + 3 * sizeof(*store) + sizeof(struct arm_request_response); /* maximum */
1514 req->data = kmalloc(size, GFP_ATOMIC);
1515 if (!(req->data)) {
1516 free_pending_request(req);
1517 spin_unlock_irqrestore(&host_info_lock, irqflags);
1518 DBGMSG("arm_lock64 -> rcode_conflict_error");
1519 return (RCODE_CONFLICT_ERROR); /* A resource conflict was detected.
1520 The request may be retried */
1521 }
1522 req->free_data = 1;
1523 arm_req_resp = (struct arm_request_response *)(req->data);
1524 arm_req = (struct arm_request *)((byte_t *) (req->data) +
1525 (sizeof
1526 (struct
1527 arm_request_response)));
1528 arm_resp =
1529 (struct arm_response *)((byte_t *) (arm_req) +
1530 (sizeof(struct arm_request)));
1531 buf1 = (byte_t *) arm_resp + sizeof(struct arm_response);
1532 buf2 = buf1 + 2 * sizeof(*store);
1533 if ((ext_tcode == EXTCODE_FETCH_ADD) ||
1534 (ext_tcode == EXTCODE_LITTLE_ADD)) {
1535 arm_req->buffer_length = sizeof(*store);
1536 memcpy(buf1, &data, sizeof(*store));
1537
1538 } else {
1539 arm_req->buffer_length = 2 * sizeof(*store);
1540 memcpy(buf1, &arg, sizeof(*store));
1541 memcpy(buf1 + sizeof(*store), &data, sizeof(*store));
1542 }
1543 if (rcode == RCODE_COMPLETE) {
1544 arm_resp->buffer_length = sizeof(*store);
1545 memcpy(buf2, &old, sizeof(*store));
1546 } else {
1547 arm_resp->buffer_length = 0;
1548 }
1549 req->file_info = fi;
1550 req->req.type = RAW1394_REQ_ARM;
1551 req->req.generation = get_hpsb_generation(host);
1552 req->req.misc = ((((sizeof(*store)) << 16) & (0xFFFF0000)) |
1553 (ARM_LOCK & 0xFF));
1554 req->req.tag = arm_addr->arm_tag;
1555 req->req.recvb = arm_addr->recvb;
1556 req->req.length = size;
1557 arm_req->generation = req->req.generation;
1558 arm_req->extended_transaction_code = ext_tcode;
1559 arm_req->destination_offset = addr;
1560 arm_req->source_nodeid = nodeid;
1561 arm_req->destination_nodeid = host->node_id;
1562 arm_req->tlabel = (flags >> 10) & 0x3f;
1563 arm_req->tcode = (flags >> 4) & 0x0f;
1564 arm_resp->response_code = rcode;
1565 arm_req_resp->request = int2ptr((arm_addr->recvb) +
1566 sizeof(struct
1567 arm_request_response));
1568 arm_req_resp->response =
1569 int2ptr((arm_addr->recvb) +
1570 sizeof(struct arm_request_response) +
1571 sizeof(struct arm_request));
1572 arm_req->buffer =
1573 int2ptr((arm_addr->recvb) +
1574 sizeof(struct arm_request_response) +
1575 sizeof(struct arm_request) +
1576 sizeof(struct arm_response));
1577 arm_resp->buffer =
1578 int2ptr((arm_addr->recvb) +
1579 sizeof(struct arm_request_response) +
1580 sizeof(struct arm_request) +
1581 sizeof(struct arm_response) + 2 * sizeof(*store));
1582 queue_complete_req(req);
1583 }
1584 spin_unlock_irqrestore(&host_info_lock, irqflags);
1585 return (rcode);
1586 }
1587
1588 static int arm_register(struct file_info *fi, struct pending_request *req)
1589 {
1590 int retval;
1591 struct arm_addr *addr;
1592 struct host_info *hi;
1593 struct file_info *fi_hlp = NULL;
1594 struct list_head *entry;
1595 struct arm_addr *arm_addr = NULL;
1596 int same_host, another_host;
1597 unsigned long flags;
1598
1599 DBGMSG("arm_register called "
1600 "addr(Offset): %8.8x %8.8x length: %u "
1601 "rights: %2.2X notify: %2.2X "
1602 "max_blk_len: %4.4X",
1603 (u32) ((req->req.address >> 32) & 0xFFFF),
1604 (u32) (req->req.address & 0xFFFFFFFF),
1605 req->req.length, ((req->req.misc >> 8) & 0xFF),
1606 (req->req.misc & 0xFF), ((req->req.misc >> 16) & 0xFFFF));
1607 /* check addressrange */
1608 if ((((req->req.address) & ~(0xFFFFFFFFFFFFULL)) != 0) ||
1609 (((req->req.address + req->req.length) & ~(0xFFFFFFFFFFFFULL)) !=
1610 0)) {
1611 req->req.length = 0;
1612 return (-EINVAL);
1613 }
1614 /* addr-list-entry for fileinfo */
1615 addr = kmalloc(sizeof(*addr), GFP_KERNEL);
1616 if (!addr) {
1617 req->req.length = 0;
1618 return (-ENOMEM);
1619 }
1620 /* allocation of addr_space_buffer */
1621 addr->addr_space_buffer = vmalloc(req->req.length);
1622 if (!(addr->addr_space_buffer)) {
1623 kfree(addr);
1624 req->req.length = 0;
1625 return (-ENOMEM);
1626 }
1627 /* initialization of addr_space_buffer */
1628 if ((req->req.sendb) == (unsigned long)NULL) {
1629 /* init: set 0 */
1630 memset(addr->addr_space_buffer, 0, req->req.length);
1631 } else {
1632 /* init: user -> kernel */
1633 if (copy_from_user
1634 (addr->addr_space_buffer, int2ptr(req->req.sendb),
1635 req->req.length)) {
1636 vfree(addr->addr_space_buffer);
1637 kfree(addr);
1638 return (-EFAULT);
1639 }
1640 }
1641 INIT_LIST_HEAD(&addr->addr_list);
1642 addr->arm_tag = req->req.tag;
1643 addr->start = req->req.address;
1644 addr->end = req->req.address + req->req.length;
1645 addr->access_rights = (u8) (req->req.misc & 0x0F);
1646 addr->notification_options = (u8) ((req->req.misc >> 4) & 0x0F);
1647 addr->client_transactions = (u8) ((req->req.misc >> 8) & 0x0F);
1648 addr->access_rights |= addr->client_transactions;
1649 addr->notification_options |= addr->client_transactions;
1650 addr->recvb = req->req.recvb;
1651 addr->rec_length = (u16) ((req->req.misc >> 16) & 0xFFFF);
1652
1653 spin_lock_irqsave(&host_info_lock, flags);
1654 hi = find_host_info(fi->host);
1655 same_host = 0;
1656 another_host = 0;
1657 /* same host with address-entry containing same addressrange ? */
1658 list_for_each_entry(fi_hlp, &hi->file_info_list, list) {
1659 entry = fi_hlp->addr_list.next;
1660 while (entry != &(fi_hlp->addr_list)) {
1661 arm_addr =
1662 list_entry(entry, struct arm_addr, addr_list);
1663 if ((arm_addr->start == addr->start)
1664 && (arm_addr->end == addr->end)) {
1665 DBGMSG("same host ownes same "
1666 "addressrange -> EALREADY");
1667 same_host = 1;
1668 break;
1669 }
1670 entry = entry->next;
1671 }
1672 if (same_host) {
1673 break;
1674 }
1675 }
1676 if (same_host) {
1677 /* addressrange occupied by same host */
1678 spin_unlock_irqrestore(&host_info_lock, flags);
1679 vfree(addr->addr_space_buffer);
1680 kfree(addr);
1681 return (-EALREADY);
1682 }
1683 /* another host with valid address-entry containing same addressrange */
1684 list_for_each_entry(hi, &host_info_list, list) {
1685 if (hi->host != fi->host) {
1686 list_for_each_entry(fi_hlp, &hi->file_info_list, list) {
1687 entry = fi_hlp->addr_list.next;
1688 while (entry != &(fi_hlp->addr_list)) {
1689 arm_addr =
1690 list_entry(entry, struct arm_addr,
1691 addr_list);
1692 if ((arm_addr->start == addr->start)
1693 && (arm_addr->end == addr->end)) {
1694 DBGMSG
1695 ("another host ownes same "
1696 "addressrange");
1697 another_host = 1;
1698 break;
1699 }
1700 entry = entry->next;
1701 }
1702 if (another_host) {
1703 break;
1704 }
1705 }
1706 }
1707 }
1708 spin_unlock_irqrestore(&host_info_lock, flags);
1709
1710 if (another_host) {
1711 DBGMSG("another hosts entry is valid -> SUCCESS");
1712 if (copy_to_user(int2ptr(req->req.recvb),
1713 &addr->start, sizeof(u64))) {
1714 printk(KERN_ERR "raw1394: arm_register failed "
1715 " address-range-entry is invalid -> EFAULT !!!\n");
1716 vfree(addr->addr_space_buffer);
1717 kfree(addr);
1718 return (-EFAULT);
1719 }
1720 free_pending_request(req); /* immediate success or fail */
1721 /* INSERT ENTRY */
1722 spin_lock_irqsave(&host_info_lock, flags);
1723 list_add_tail(&addr->addr_list, &fi->addr_list);
1724 spin_unlock_irqrestore(&host_info_lock, flags);
1725 return 0;
1726 }
1727 retval =
1728 hpsb_register_addrspace(&raw1394_highlevel, fi->host, &arm_ops,
1729 req->req.address,
1730 req->req.address + req->req.length);
1731 if (retval) {
1732 /* INSERT ENTRY */
1733 spin_lock_irqsave(&host_info_lock, flags);
1734 list_add_tail(&addr->addr_list, &fi->addr_list);
1735 spin_unlock_irqrestore(&host_info_lock, flags);
1736 } else {
1737 DBGMSG("arm_register failed errno: %d \n", retval);
1738 vfree(addr->addr_space_buffer);
1739 kfree(addr);
1740 return (-EALREADY);
1741 }
1742 free_pending_request(req); /* immediate success or fail */
1743 return 0;
1744 }
1745
1746 static int arm_unregister(struct file_info *fi, struct pending_request *req)
1747 {
1748 int found = 0;
1749 int retval = 0;
1750 struct list_head *entry;
1751 struct arm_addr *addr = NULL;
1752 struct host_info *hi;
1753 struct file_info *fi_hlp = NULL;
1754 struct arm_addr *arm_addr = NULL;
1755 int another_host;
1756 unsigned long flags;
1757
1758 DBGMSG("arm_Unregister called addr(Offset): "
1759 "%8.8x %8.8x",
1760 (u32) ((req->req.address >> 32) & 0xFFFF),
1761 (u32) (req->req.address & 0xFFFFFFFF));
1762 spin_lock_irqsave(&host_info_lock, flags);
1763 /* get addr */
1764 entry = fi->addr_list.next;
1765 while (entry != &(fi->addr_list)) {
1766 addr = list_entry(entry, struct arm_addr, addr_list);
1767 if (addr->start == req->req.address) {
1768 found = 1;
1769 break;
1770 }
1771 entry = entry->next;
1772 }
1773 if (!found) {
1774 DBGMSG("arm_Unregister addr not found");
1775 spin_unlock_irqrestore(&host_info_lock, flags);
1776 return (-EINVAL);
1777 }
1778 DBGMSG("arm_Unregister addr found");
1779 another_host = 0;
1780 /* another host with valid address-entry containing
1781 same addressrange */
1782 list_for_each_entry(hi, &host_info_list, list) {
1783 if (hi->host != fi->host) {
1784 list_for_each_entry(fi_hlp, &hi->file_info_list, list) {
1785 entry = fi_hlp->addr_list.next;
1786 while (entry != &(fi_hlp->addr_list)) {
1787 arm_addr = list_entry(entry,
1788 struct arm_addr,
1789 addr_list);
1790 if (arm_addr->start == addr->start) {
1791 DBGMSG("another host ownes "
1792 "same addressrange");
1793 another_host = 1;
1794 break;
1795 }
1796 entry = entry->next;
1797 }
1798 if (another_host) {
1799 break;
1800 }
1801 }
1802 }
1803 }
1804 if (another_host) {
1805 DBGMSG("delete entry from list -> success");
1806 list_del(&addr->addr_list);
1807 spin_unlock_irqrestore(&host_info_lock, flags);
1808 vfree(addr->addr_space_buffer);
1809 kfree(addr);
1810 free_pending_request(req); /* immediate success or fail */
1811 return 0;
1812 }
1813 retval =
1814 hpsb_unregister_addrspace(&raw1394_highlevel, fi->host,
1815 addr->start);
1816 if (!retval) {
1817 printk(KERN_ERR "raw1394: arm_Unregister failed -> EINVAL\n");
1818 spin_unlock_irqrestore(&host_info_lock, flags);
1819 return (-EINVAL);
1820 }
1821 DBGMSG("delete entry from list -> success");
1822 list_del(&addr->addr_list);
1823 spin_unlock_irqrestore(&host_info_lock, flags);
1824 vfree(addr->addr_space_buffer);
1825 kfree(addr);
1826 free_pending_request(req); /* immediate success or fail */
1827 return 0;
1828 }
1829
1830 /* Copy data from ARM buffer(s) to user buffer. */
1831 static int arm_get_buf(struct file_info *fi, struct pending_request *req)
1832 {
1833 struct arm_addr *arm_addr = NULL;
1834 unsigned long flags;
1835 unsigned long offset;
1836
1837 struct list_head *entry;
1838
1839 DBGMSG("arm_get_buf "
1840 "addr(Offset): %04X %08X length: %u",
1841 (u32) ((req->req.address >> 32) & 0xFFFF),
1842 (u32) (req->req.address & 0xFFFFFFFF), (u32) req->req.length);
1843
1844 spin_lock_irqsave(&host_info_lock, flags);
1845 entry = fi->addr_list.next;
1846 while (entry != &(fi->addr_list)) {
1847 arm_addr = list_entry(entry, struct arm_addr, addr_list);
1848 if ((arm_addr->start <= req->req.address) &&
1849 (arm_addr->end > req->req.address)) {
1850 if (req->req.address + req->req.length <= arm_addr->end) {
1851 offset = req->req.address - arm_addr->start;
1852 spin_unlock_irqrestore(&host_info_lock, flags);
1853
1854 DBGMSG
1855 ("arm_get_buf copy_to_user( %08X, %p, %u )",
1856 (u32) req->req.recvb,
1857 arm_addr->addr_space_buffer + offset,
1858 (u32) req->req.length);
1859 if (copy_to_user
1860 (int2ptr(req->req.recvb),
1861 arm_addr->addr_space_buffer + offset,
1862 req->req.length))
1863 return (-EFAULT);
1864
1865 /* We have to free the request, because we
1866 * queue no response, and therefore nobody
1867 * will free it. */
1868 free_pending_request(req);
1869 return 0;
1870 } else {
1871 DBGMSG("arm_get_buf request exceeded mapping");
1872 spin_unlock_irqrestore(&host_info_lock, flags);
1873 return (-EINVAL);
1874 }
1875 }
1876 entry = entry->next;
1877 }
1878 spin_unlock_irqrestore(&host_info_lock, flags);
1879 return (-EINVAL);
1880 }
1881
1882 /* Copy data from user buffer to ARM buffer(s). */
1883 static int arm_set_buf(struct file_info *fi, struct pending_request *req)
1884 {
1885 struct arm_addr *arm_addr = NULL;
1886 unsigned long flags;
1887 unsigned long offset;
1888
1889 struct list_head *entry;
1890
1891 DBGMSG("arm_set_buf "
1892 "addr(Offset): %04X %08X length: %u",
1893 (u32) ((req->req.address >> 32) & 0xFFFF),
1894 (u32) (req->req.address & 0xFFFFFFFF), (u32) req->req.length);
1895
1896 spin_lock_irqsave(&host_info_lock, flags);
1897 entry = fi->addr_list.next;
1898 while (entry != &(fi->addr_list)) {
1899 arm_addr = list_entry(entry, struct arm_addr, addr_list);
1900 if ((arm_addr->start <= req->req.address) &&
1901 (arm_addr->end > req->req.address)) {
1902 if (req->req.address + req->req.length <= arm_addr->end) {
1903 offset = req->req.address - arm_addr->start;
1904 spin_unlock_irqrestore(&host_info_lock, flags);
1905
1906 DBGMSG
1907 ("arm_set_buf copy_from_user( %p, %08X, %u )",
1908 arm_addr->addr_space_buffer + offset,
1909 (u32) req->req.sendb,
1910 (u32) req->req.length);
1911 if (copy_from_user
1912 (arm_addr->addr_space_buffer + offset,
1913 int2ptr(req->req.sendb),
1914 req->req.length))
1915 return (-EFAULT);
1916
1917 /* We have to free the request, because we
1918 * queue no response, and therefore nobody
1919 * will free it. */
1920 free_pending_request(req);
1921 return 0;
1922 } else {
1923 DBGMSG("arm_set_buf request exceeded mapping");
1924 spin_unlock_irqrestore(&host_info_lock, flags);
1925 return (-EINVAL);
1926 }
1927 }
1928 entry = entry->next;
1929 }
1930 spin_unlock_irqrestore(&host_info_lock, flags);
1931 return (-EINVAL);
1932 }
1933
1934 static int reset_notification(struct file_info *fi, struct pending_request *req)
1935 {
1936 DBGMSG("reset_notification called - switch %s ",
1937 (req->req.misc == RAW1394_NOTIFY_OFF) ? "OFF" : "ON");
1938 if ((req->req.misc == RAW1394_NOTIFY_OFF) ||
1939 (req->req.misc == RAW1394_NOTIFY_ON)) {
1940 fi->notification = (u8) req->req.misc;
1941 free_pending_request(req); /* we have to free the request, because we queue no response, and therefore nobody will free it */
1942 return 0;
1943 }
1944 /* error EINVAL (22) invalid argument */
1945 return (-EINVAL);
1946 }
1947
1948 static int write_phypacket(struct file_info *fi, struct pending_request *req)
1949 {
1950 struct hpsb_packet *packet = NULL;
1951 int retval = 0;
1952 quadlet_t data;
1953 unsigned long flags;
1954
1955 data = be32_to_cpu((u32) req->req.sendb);
1956 DBGMSG("write_phypacket called - quadlet 0x%8.8x ", data);
1957 packet = hpsb_make_phypacket(fi->host, data);
1958 if (!packet)
1959 return -ENOMEM;
1960 req->req.length = 0;
1961 req->packet = packet;
1962 hpsb_set_packet_complete_task(packet,
1963 (void (*)(void *))queue_complete_cb, req);
1964 spin_lock_irqsave(&fi->reqlists_lock, flags);
1965 list_add_tail(&req->list, &fi->req_pending);
1966 spin_unlock_irqrestore(&fi->reqlists_lock, flags);
1967 packet->generation = req->req.generation;
1968 retval = hpsb_send_packet(packet);
1969 DBGMSG("write_phypacket send_packet called => retval: %d ", retval);
1970 if (retval < 0) {
1971 req->req.error = RAW1394_ERROR_SEND_ERROR;
1972 req->req.length = 0;
1973 queue_complete_req(req);
1974 }
1975 return 0;
1976 }
1977
1978 static int get_config_rom(struct file_info *fi, struct pending_request *req)
1979 {
1980 int ret = 0;
1981 quadlet_t *data = kmalloc(req->req.length, GFP_KERNEL);
1982 int status;
1983
1984 if (!data)
1985 return -ENOMEM;
1986
1987 status =
1988 csr1212_read(fi->host->csr.rom, CSR1212_CONFIG_ROM_SPACE_OFFSET,
1989 data, req->req.length);
1990 if (copy_to_user(int2ptr(req->req.recvb), data, req->req.length))
1991 ret = -EFAULT;
1992 if (copy_to_user
1993 (int2ptr(req->req.tag), &fi->host->csr.rom->cache_head->len,
1994 sizeof(fi->host->csr.rom->cache_head->len)))
1995 ret = -EFAULT;
1996 if (copy_to_user(int2ptr(req->req.address), &fi->host->csr.generation,
1997 sizeof(fi->host->csr.generation)))
1998 ret = -EFAULT;
1999 if (copy_to_user(int2ptr(req->req.sendb), &status, sizeof(status)))
2000 ret = -EFAULT;
2001 kfree(data);
2002 if (ret >= 0) {
2003 free_pending_request(req); /* we have to free the request, because we queue no response, and therefore nobody will free it */
2004 }
2005 return ret;
2006 }
2007
2008 static int update_config_rom(struct file_info *fi, struct pending_request *req)
2009 {
2010 int ret = 0;
2011 quadlet_t *data = kmalloc(req->req.length, GFP_KERNEL);
2012 if (!data)
2013 return -ENOMEM;
2014 if (copy_from_user(data, int2ptr(req->req.sendb), req->req.length)) {
2015 ret = -EFAULT;
2016 } else {
2017 int status = hpsb_update_config_rom(fi->host,
2018 data, req->req.length,
2019 (unsigned char)req->req.
2020 misc);
2021 if (copy_to_user
2022 (int2ptr(req->req.recvb), &status, sizeof(status)))
2023 ret = -ENOMEM;
2024 }
2025 kfree(data);
2026 if (ret >= 0) {
2027 free_pending_request(req); /* we have to free the request, because we queue no response, and therefore nobody will free it */
2028 fi->cfgrom_upd = 1;
2029 }
2030 return ret;
2031 }
2032
2033 static int modify_config_rom(struct file_info *fi, struct pending_request *req)
2034 {
2035 struct csr1212_keyval *kv;
2036 struct csr1212_csr_rom_cache *cache;
2037 struct csr1212_dentry *dentry;
2038 u32 dr;
2039 int ret = 0;
2040
2041 if (req->req.misc == ~0) {
2042 if (req->req.length == 0)
2043 return -EINVAL;
2044
2045 /* Find an unused slot */
2046 for (dr = 0;
2047 dr < RAW1394_MAX_USER_CSR_DIRS && fi->csr1212_dirs[dr];
2048 dr++) ;
2049
2050 if (dr == RAW1394_MAX_USER_CSR_DIRS)
2051 return -ENOMEM;
2052
2053 fi->csr1212_dirs[dr] =
2054 csr1212_new_directory(CSR1212_KV_ID_VENDOR);
2055 if (!fi->csr1212_dirs[dr])
2056 return -ENOMEM;
2057 } else {
2058 dr = req->req.misc;
2059 if (!fi->csr1212_dirs[dr])
2060 return -EINVAL;
2061
2062 /* Delete old stuff */
2063 for (dentry =
2064 fi->csr1212_dirs[dr]->value.directory.dentries_head;
2065 dentry; dentry = dentry->next) {
2066 csr1212_detach_keyval_from_directory(fi->host->csr.rom->
2067 root_kv,
2068 dentry->kv);
2069 }
2070
2071 if (req->req.length == 0) {
2072 csr1212_release_keyval(fi->csr1212_dirs[dr]);
2073 fi->csr1212_dirs[dr] = NULL;
2074
2075 hpsb_update_config_rom_image(fi->host);
2076 free_pending_request(req);
2077 return 0;
2078 }
2079 }
2080
2081 cache = csr1212_rom_cache_malloc(0, req->req.length);
2082 if (!cache) {
2083 csr1212_release_keyval(fi->csr1212_dirs[dr]);
2084 fi->csr1212_dirs[dr] = NULL;
2085 return -ENOMEM;
2086 }
2087
2088 cache->filled_head = kmalloc(sizeof(*cache->filled_head), GFP_KERNEL);
2089 if (!cache->filled_head) {
2090 csr1212_release_keyval(fi->csr1212_dirs[dr]);
2091 fi->csr1212_dirs[dr] = NULL;
2092 CSR1212_FREE(cache);
2093 return -ENOMEM;
2094 }
2095 cache->filled_tail = cache->filled_head;
2096
2097 if (copy_from_user(cache->data, int2ptr(req->req.sendb),
2098 req->req.length)) {
2099 csr1212_release_keyval(fi->csr1212_dirs[dr]);
2100 fi->csr1212_dirs[dr] = NULL;
2101 ret = -EFAULT;
2102 } else {
2103 cache->len = req->req.length;
2104 cache->filled_head->offset_start = 0;
2105 cache->filled_head->offset_end = cache->size - 1;
2106
2107 cache->layout_head = cache->layout_tail = fi->csr1212_dirs[dr];
2108
2109 ret = CSR1212_SUCCESS;
2110 /* parse all the items */
2111 for (kv = cache->layout_head; ret == CSR1212_SUCCESS && kv;
2112 kv = kv->next) {
2113 ret = csr1212_parse_keyval(kv, cache);
2114 }
2115
2116 /* attach top level items to the root directory */
2117 for (dentry =
2118 fi->csr1212_dirs[dr]->value.directory.dentries_head;
2119 ret == CSR1212_SUCCESS && dentry; dentry = dentry->next) {
2120 ret =
2121 csr1212_attach_keyval_to_directory(fi->host->csr.
2122 rom->root_kv,
2123 dentry->kv);
2124 }
2125
2126 if (ret == CSR1212_SUCCESS) {
2127 ret = hpsb_update_config_rom_image(fi->host);
2128
2129 if (ret >= 0 && copy_to_user(int2ptr(req->req.recvb),
2130 &dr, sizeof(dr))) {
2131 ret = -ENOMEM;
2132 }
2133 }
2134 }
2135 kfree(cache->filled_head);
2136 CSR1212_FREE(cache);
2137
2138 if (ret >= 0) {
2139 /* we have to free the request, because we queue no response,
2140 * and therefore nobody will free it */
2141 free_pending_request(req);
2142 return 0;
2143 } else {
2144 for (dentry =
2145 fi->csr1212_dirs[dr]->value.directory.dentries_head;
2146 dentry; dentry = dentry->next) {
2147 csr1212_detach_keyval_from_directory(fi->host->csr.rom->
2148 root_kv,
2149 dentry->kv);
2150 }
2151 csr1212_release_keyval(fi->csr1212_dirs[dr]);
2152 fi->csr1212_dirs[dr] = NULL;
2153 return ret;
2154 }
2155 }
2156
2157 static int state_connected(struct file_info *fi, struct pending_request *req)
2158 {
2159 int node = req->req.address >> 48;
2160
2161 req->req.error = RAW1394_ERROR_NONE;
2162
2163 switch (req->req.type) {
2164
2165 case RAW1394_REQ_ECHO:
2166 queue_complete_req(req);
2167 return 0;
2168
2169 case RAW1394_REQ_ARM_REGISTER:
2170 return arm_register(fi, req);
2171
2172 case RAW1394_REQ_ARM_UNREGISTER:
2173 return arm_unregister(fi, req);
2174
2175 case RAW1394_REQ_ARM_SET_BUF:
2176 return arm_set_buf(fi, req);
2177
2178 case RAW1394_REQ_ARM_GET_BUF:
2179 return arm_get_buf(fi, req);
2180
2181 case RAW1394_REQ_RESET_NOTIFY:
2182 return reset_notification(fi, req);
2183
2184 case RAW1394_REQ_ISO_SEND:
2185 case RAW1394_REQ_ISO_LISTEN:
2186 printk(KERN_DEBUG "raw1394: old iso ABI has been removed\n");
2187 req->req.error = RAW1394_ERROR_COMPAT;
2188 req->req.misc = RAW1394_KERNELAPI_VERSION;
2189 queue_complete_req(req);
2190 return 0;
2191
2192 case RAW1394_REQ_FCP_LISTEN:
2193 handle_fcp_listen(fi, req);
2194 return 0;
2195
2196 case RAW1394_REQ_RESET_BUS:
2197 if (req->req.misc == RAW1394_LONG_RESET) {
2198 DBGMSG("busreset called (type: LONG)");
2199 hpsb_reset_bus(fi->host, LONG_RESET);
2200 free_pending_request(req); /* we have to free the request, because we queue no response, and therefore nobody will free it */
2201 return 0;
2202 }
2203 if (req->req.misc == RAW1394_SHORT_RESET) {
2204 DBGMSG("busreset called (type: SHORT)");
2205 hpsb_reset_bus(fi->host, SHORT_RESET);
2206 free_pending_request(req); /* we have to free the request, because we queue no response, and therefore nobody will free it */
2207 return 0;
2208 }
2209 /* error EINVAL (22) invalid argument */
2210 return (-EINVAL);
2211 case RAW1394_REQ_GET_ROM:
2212 return get_config_rom(fi, req);
2213
2214 case RAW1394_REQ_UPDATE_ROM:
2215 return update_config_rom(fi, req);
2216
2217 case RAW1394_REQ_MODIFY_ROM:
2218 return modify_config_rom(fi, req);
2219 }
2220
2221 if (req->req.generation != get_hpsb_generation(fi->host)) {
2222 req->req.error = RAW1394_ERROR_GENERATION;
2223 req->req.generation = get_hpsb_generation(fi->host);
2224 req->req.length = 0;
2225 queue_complete_req(req);
2226 return 0;
2227 }
2228
2229 switch (req->req.type) {
2230 case RAW1394_REQ_PHYPACKET:
2231 return write_phypacket(fi, req);
2232 case RAW1394_REQ_ASYNC_SEND:
2233 return handle_async_send(fi, req);
2234 }
2235
2236 if (req->req.length == 0) {
2237 req->req.error = RAW1394_ERROR_INVALID_ARG;
2238 queue_complete_req(req);
2239 return 0;
2240 }
2241
2242 return handle_async_request(fi, req, node);
2243 }
2244
2245 static ssize_t raw1394_write(struct file *file, const char __user * buffer,
2246 size_t count, loff_t * offset_is_ignored)
2247 {
2248 struct file_info *fi = (struct file_info *)file->private_data;
2249 struct pending_request *req;
2250 ssize_t retval = -EBADFD;
2251
2252 #ifdef CONFIG_COMPAT
2253 if (count == sizeof(struct compat_raw1394_req) &&
2254 sizeof(struct compat_raw1394_req) !=
2255 sizeof(struct raw1394_request)) {
2256 buffer = raw1394_compat_write(buffer);
2257 if (IS_ERR((__force void *)buffer))
2258 return PTR_ERR((__force void *)buffer);
2259 } else
2260 #endif
2261 if (count != sizeof(struct raw1394_request)) {
2262 return -EINVAL;
2263 }
2264
2265 req = alloc_pending_request();
2266 if (req == NULL) {
2267 return -ENOMEM;
2268 }
2269 req->file_info = fi;
2270
2271 if (copy_from_user(&req->req, buffer, sizeof(struct raw1394_request))) {
2272 free_pending_request(req);
2273 return -EFAULT;
2274 }
2275
2276 if (!mutex_trylock(&fi->state_mutex)) {
2277 free_pending_request(req);
2278 return -EAGAIN;
2279 }
2280
2281 switch (fi->state) {
2282 case opened:
2283 retval = state_opened(fi, req);
2284 break;
2285
2286 case initialized:
2287 retval = state_initialized(fi, req);
2288 break;
2289
2290 case connected:
2291 retval = state_connected(fi, req);
2292 break;
2293 }
2294
2295 mutex_unlock(&fi->state_mutex);
2296
2297 if (retval < 0) {
2298 free_pending_request(req);
2299 } else {
2300 BUG_ON(retval);
2301 retval = count;
2302 }
2303
2304 return retval;
2305 }
2306
2307 /* rawiso operations */
2308
2309 /* check if any RAW1394_REQ_RAWISO_ACTIVITY event is already in the
2310 * completion queue (reqlists_lock must be taken) */
2311 static inline int __rawiso_event_in_queue(struct file_info *fi)
2312 {
2313 struct pending_request *req;
2314
2315 list_for_each_entry(req, &fi->req_complete, list)
2316 if (req->req.type == RAW1394_REQ_RAWISO_ACTIVITY)
2317 return 1;
2318
2319 return 0;
2320 }
2321
2322 /* put a RAWISO_ACTIVITY event in the queue, if one isn't there already */
2323 static void queue_rawiso_event(struct file_info *fi)
2324 {
2325 unsigned long flags;
2326
2327 spin_lock_irqsave(&fi->reqlists_lock, flags);
2328
2329 /* only one ISO activity event may be in the queue */
2330 if (!__rawiso_event_in_queue(fi)) {
2331 struct pending_request *req =
2332 __alloc_pending_request(GFP_ATOMIC);
2333
2334 if (req) {
2335 req->file_info = fi;
2336 req->req.type = RAW1394_REQ_RAWISO_ACTIVITY;
2337 req->req.generation = get_hpsb_generation(fi->host);
2338 __queue_complete_req(req);
2339 } else {
2340 /* on allocation failure, signal an overflow */
2341 if (fi->iso_handle) {
2342 atomic_inc(&fi->iso_handle->overflows);
2343 }
2344 }
2345 }
2346 spin_unlock_irqrestore(&fi->reqlists_lock, flags);
2347 }
2348
2349 static void rawiso_activity_cb(struct hpsb_iso *iso)
2350 {
2351 unsigned long flags;
2352 struct host_info *hi;
2353 struct file_info *fi;
2354
2355 spin_lock_irqsave(&host_info_lock, flags);
2356 hi = find_host_info(iso->host);
2357
2358 if (hi != NULL) {
2359 list_for_each_entry(fi, &hi->file_info_list, list) {
2360 if (fi->iso_handle == iso)
2361 queue_rawiso_event(fi);
2362 }
2363 }
2364
2365 spin_unlock_irqrestore(&host_info_lock, flags);
2366 }
2367
2368 /* helper function - gather all the kernel iso status bits for returning to user-space */
2369 static void raw1394_iso_fill_status(struct hpsb_iso *iso,
2370 struct raw1394_iso_status *stat)
2371 {
2372 int overflows = atomic_read(&iso->overflows);
2373 int skips = atomic_read(&iso->skips);
2374
2375 stat->config.data_buf_size = iso->buf_size;
2376 stat->config.buf_packets = iso->buf_packets;
2377 stat->config.channel = iso->channel;
2378 stat->config.speed = iso->speed;
2379 stat->config.irq_interval = iso->irq_interval;
2380 stat->n_packets = hpsb_iso_n_ready(iso);
2381 stat->overflows = ((skips & 0xFFFF) << 16) | ((overflows & 0xFFFF));
2382 stat->xmit_cycle = iso->xmit_cycle;
2383 }
2384
2385 static int raw1394_iso_xmit_init(struct file_info *fi, void __user * uaddr)
2386 {
2387 struct raw1394_iso_status stat;
2388
2389 if (!fi->host)
2390 return -EINVAL;
2391
2392 if (copy_from_user(&stat, uaddr, sizeof(stat)))
2393 return -EFAULT;
2394
2395 fi->iso_handle = hpsb_iso_xmit_init(fi->host,
2396 stat.config.data_buf_size,
2397 stat.config.buf_packets,
2398 stat.config.channel,
2399 stat.config.speed,
2400 stat.config.irq_interval,
2401 rawiso_activity_cb);
2402 if (!fi->iso_handle)
2403 return -ENOMEM;
2404
2405 fi->iso_state = RAW1394_ISO_XMIT;
2406
2407 raw1394_iso_fill_status(fi->iso_handle, &stat);
2408 if (copy_to_user(uaddr, &stat, sizeof(stat)))
2409 return -EFAULT;
2410
2411 /* queue an event to get things started */
2412 rawiso_activity_cb(fi->iso_handle);
2413
2414 return 0;
2415 }
2416
2417 static int raw1394_iso_recv_init(struct file_info *fi, void __user * uaddr)
2418 {
2419 struct raw1394_iso_status stat;
2420
2421 if (!fi->host)
2422 return -EINVAL;
2423
2424 if (copy_from_user(&stat, uaddr, sizeof(stat)))
2425 return -EFAULT;
2426
2427 fi->iso_handle = hpsb_iso_recv_init(fi->host,
2428 stat.config.data_buf_size,
2429 stat.config.buf_packets,
2430 stat.config.channel,
2431 stat.config.dma_mode,
2432 stat.config.irq_interval,
2433 rawiso_activity_cb);
2434 if (!fi->iso_handle)
2435 return -ENOMEM;
2436
2437 fi->iso_state = RAW1394_ISO_RECV;
2438
2439 raw1394_iso_fill_status(fi->iso_handle, &stat);
2440 if (copy_to_user(uaddr, &stat, sizeof(stat)))
2441 return -EFAULT;
2442 return 0;
2443 }
2444
2445 static int raw1394_iso_get_status(struct file_info *fi, void __user * uaddr)
2446 {
2447 struct raw1394_iso_status stat;
2448 struct hpsb_iso *iso = fi->iso_handle;
2449
2450 raw1394_iso_fill_status(fi->iso_handle, &stat);
2451 if (copy_to_user(uaddr, &stat, sizeof(stat)))
2452 return -EFAULT;
2453
2454 /* reset overflow counter */
2455 atomic_set(&iso->overflows, 0);
2456 /* reset skip counter */
2457 atomic_set(&iso->skips, 0);
2458
2459 return 0;
2460 }
2461
2462 /* copy N packet_infos out of the ringbuffer into user-supplied array */
2463 static int raw1394_iso_recv_packets(struct file_info *fi, void __user * uaddr)
2464 {
2465 struct raw1394_iso_packets upackets;
2466 unsigned int packet = fi->iso_handle->first_packet;
2467 int i;
2468
2469 if (copy_from_user(&upackets, uaddr, sizeof(upackets)))
2470 return -EFAULT;
2471
2472 if (upackets.n_packets > hpsb_iso_n_ready(fi->iso_handle))
2473 return -EINVAL;
2474
2475 /* ensure user-supplied buffer is accessible and big enough */
2476 if (!access_ok(VERIFY_WRITE, upackets.infos,
2477 upackets.n_packets *
2478 sizeof(struct raw1394_iso_packet_info)))
2479 return -EFAULT;
2480
2481 /* copy the packet_infos out */
2482 for (i = 0; i < upackets.n_packets; i++) {
2483 if (__copy_to_user(&upackets.infos[i],
2484 &fi->iso_handle->infos[packet],
2485 sizeof(struct raw1394_iso_packet_info)))
2486 return -EFAULT;
2487
2488 packet = (packet + 1) % fi->iso_handle->buf_packets;
2489 }
2490
2491 return 0;
2492 }
2493
2494 /* copy N packet_infos from user to ringbuffer, and queue them for transmission */
2495 static int raw1394_iso_send_packets(struct file_info *fi, void __user * uaddr)
2496 {
2497 struct raw1394_iso_packets upackets;
2498 int i, rv;
2499
2500 if (copy_from_user(&upackets, uaddr, sizeof(upackets)))
2501 return -EFAULT;
2502
2503 if (upackets.n_packets >= fi->iso_handle->buf_packets)
2504 return -EINVAL;
2505
2506 if (upackets.n_packets >= hpsb_iso_n_ready(fi->iso_handle))
2507 return -EAGAIN;
2508
2509 /* ensure user-supplied buffer is accessible and big enough */
2510 if (!access_ok(VERIFY_READ, upackets.infos,
2511 upackets.n_packets *
2512 sizeof(struct raw1394_iso_packet_info)))
2513 return -EFAULT;
2514
2515 /* copy the infos structs in and queue the packets */
2516 for (i = 0; i < upackets.n_packets; i++) {
2517 struct raw1394_iso_packet_info info;
2518
2519 if (__copy_from_user(&info, &upackets.infos[i],
2520 sizeof(struct raw1394_iso_packet_info)))
2521 return -EFAULT;
2522
2523 rv = hpsb_iso_xmit_queue_packet(fi->iso_handle, info.offset,
2524 info.len, info.tag, info.sy);
2525 if (rv)
2526 return rv;
2527 }
2528
2529 return 0;
2530 }
2531
2532 static void raw1394_iso_shutdown(struct file_info *fi)
2533 {
2534 if (fi->iso_handle)
2535 hpsb_iso_shutdown(fi->iso_handle);
2536
2537 fi->iso_handle = NULL;
2538 fi->iso_state = RAW1394_ISO_INACTIVE;
2539 }
2540
2541 static int raw1394_read_cycle_timer(struct file_info *fi, void __user * uaddr)
2542 {
2543 struct raw1394_cycle_timer ct;
2544 int err;
2545
2546 err = hpsb_read_cycle_timer(fi->host, &ct.cycle_timer, &ct.local_time);
2547 if (!err)
2548 if (copy_to_user(uaddr, &ct, sizeof(ct)))
2549 err = -EFAULT;
2550 return err;
2551 }
2552
2553 /* mmap the rawiso xmit/recv buffer */
2554 static int raw1394_mmap(struct file *file, struct vm_area_struct *vma)
2555 {
2556 struct file_info *fi = file->private_data;
2557 int ret;
2558
2559 if (!mutex_trylock(&fi->state_mutex))
2560 return -EAGAIN;
2561
2562 if (fi->iso_state == RAW1394_ISO_INACTIVE)
2563 ret = -EINVAL;
2564 else
2565 ret = dma_region_mmap(&fi->iso_handle->data_buf, file, vma);
2566
2567 mutex_unlock(&fi->state_mutex);
2568
2569 return ret;
2570 }
2571
2572 static long raw1394_ioctl_inactive(struct file_info *fi, unsigned int cmd,
2573 void __user *argp)
2574 {
2575 switch (cmd) {
2576 case RAW1394_IOC_ISO_XMIT_INIT:
2577 return raw1394_iso_xmit_init(fi, argp);
2578 case RAW1394_IOC_ISO_RECV_INIT:
2579 return raw1394_iso_recv_init(fi, argp);
2580 default:
2581 return -EINVAL;
2582 }
2583 }
2584
2585 static long raw1394_ioctl_recv(struct file_info *fi, unsigned int cmd,
2586 unsigned long arg)
2587 {
2588 void __user *argp = (void __user *)arg;
2589
2590 switch (cmd) {
2591 case RAW1394_IOC_ISO_RECV_START:{
2592 int args[3];
2593
2594 if (copy_from_user(&args[0], argp, sizeof(args)))
2595 return -EFAULT;
2596 return hpsb_iso_recv_start(fi->iso_handle,
2597 args[0], args[1], args[2]);
2598 }
2599 case RAW1394_IOC_ISO_XMIT_RECV_STOP:
2600 hpsb_iso_stop(fi->iso_handle);
2601 return 0;
2602 case RAW1394_IOC_ISO_RECV_LISTEN_CHANNEL:
2603 return hpsb_iso_recv_listen_channel(fi->iso_handle, arg);
2604 case RAW1394_IOC_ISO_RECV_UNLISTEN_CHANNEL:
2605 return hpsb_iso_recv_unlisten_channel(fi->iso_handle, arg);
2606 case RAW1394_IOC_ISO_RECV_SET_CHANNEL_MASK:{
2607 u64 mask;
2608
2609 if (copy_from_user(&mask, argp, sizeof(mask)))
2610 return -EFAULT;
2611 return hpsb_iso_recv_set_channel_mask(fi->iso_handle,
2612 mask);
2613 }
2614 case RAW1394_IOC_ISO_GET_STATUS:
2615 return raw1394_iso_get_status(fi, argp);
2616 case RAW1394_IOC_ISO_RECV_PACKETS:
2617 return raw1394_iso_recv_packets(fi, argp);
2618 case RAW1394_IOC_ISO_RECV_RELEASE_PACKETS:
2619 return hpsb_iso_recv_release_packets(fi->iso_handle, arg);
2620 case RAW1394_IOC_ISO_RECV_FLUSH:
2621 return hpsb_iso_recv_flush(fi->iso_handle);
2622 case RAW1394_IOC_ISO_SHUTDOWN:
2623 raw1394_iso_shutdown(fi);
2624 return 0;
2625 case RAW1394_IOC_ISO_QUEUE_ACTIVITY:
2626 queue_rawiso_event(fi);
2627 return 0;
2628 default:
2629 return -EINVAL;
2630 }
2631 }
2632
2633 static long raw1394_ioctl_xmit(struct file_info *fi, unsigned int cmd,
2634 void __user *argp)
2635 {
2636 switch (cmd) {
2637 case RAW1394_IOC_ISO_XMIT_START:{
2638 int args[2];
2639
2640 if (copy_from_user(&args[0], argp, sizeof(args)))
2641 return -EFAULT;
2642 return hpsb_iso_xmit_start(fi->iso_handle,
2643 args[0], args[1]);
2644 }
2645 case RAW1394_IOC_ISO_XMIT_SYNC:
2646 return hpsb_iso_xmit_sync(fi->iso_handle);
2647 case RAW1394_IOC_ISO_XMIT_RECV_STOP:
2648 hpsb_iso_stop(fi->iso_handle);
2649 return 0;
2650 case RAW1394_IOC_ISO_GET_STATUS:
2651 return raw1394_iso_get_status(fi, argp);
2652 case RAW1394_IOC_ISO_XMIT_PACKETS:
2653 return raw1394_iso_send_packets(fi, argp);
2654 case RAW1394_IOC_ISO_SHUTDOWN:
2655 raw1394_iso_shutdown(fi);
2656 return 0;
2657 case RAW1394_IOC_ISO_QUEUE_ACTIVITY:
2658 queue_rawiso_event(fi);
2659 return 0;
2660 default:
2661 return -EINVAL;
2662 }
2663 }
2664
2665 /* ioctl is only used for rawiso operations */
2666 static long raw1394_ioctl(struct file *file, unsigned int cmd,
2667 unsigned long arg)
2668 {
2669 struct file_info *fi = file->private_data;
2670 void __user *argp = (void __user *)arg;
2671 long ret;
2672
2673 /* state-independent commands */
2674 switch(cmd) {
2675 case RAW1394_IOC_GET_CYCLE_TIMER:
2676 return raw1394_read_cycle_timer(fi, argp);
2677 default:
2678 break;
2679 }
2680
2681 if (!mutex_trylock(&fi->state_mutex))
2682 return -EAGAIN;
2683
2684 switch (fi->iso_state) {
2685 case RAW1394_ISO_INACTIVE:
2686 ret = raw1394_ioctl_inactive(fi, cmd, argp);
2687 break;
2688 case RAW1394_ISO_RECV:
2689 ret = raw1394_ioctl_recv(fi, cmd, arg);
2690 break;
2691 case RAW1394_ISO_XMIT:
2692 ret = raw1394_ioctl_xmit(fi, cmd, argp);
2693 break;
2694 default:
2695 ret = -EINVAL;
2696 break;
2697 }
2698
2699 mutex_unlock(&fi->state_mutex);
2700
2701 return ret;
2702 }
2703
2704 #ifdef CONFIG_COMPAT
2705 struct raw1394_iso_packets32 {
2706 __u32 n_packets;
2707 compat_uptr_t infos;
2708 } __attribute__((packed));
2709
2710 struct raw1394_cycle_timer32 {
2711 __u32 cycle_timer;
2712 __u64 local_time;
2713 }
2714 #if defined(CONFIG_X86_64) || defined(CONFIG_IA64)
2715 __attribute__((packed))
2716 #endif
2717 ;
2718
2719 #define RAW1394_IOC_ISO_RECV_PACKETS32 \
2720 _IOW ('#', 0x25, struct raw1394_iso_packets32)
2721 #define RAW1394_IOC_ISO_XMIT_PACKETS32 \
2722 _IOW ('#', 0x27, struct raw1394_iso_packets32)
2723 #define RAW1394_IOC_GET_CYCLE_TIMER32 \
2724 _IOR ('#', 0x30, struct raw1394_cycle_timer32)
2725
2726 static long raw1394_iso_xmit_recv_packets32(struct file *file, unsigned int cmd,
2727 struct raw1394_iso_packets32 __user *arg)
2728 {
2729 compat_uptr_t infos32;
2730 void __user *infos;
2731 long err = -EFAULT;
2732 struct raw1394_iso_packets __user *dst = compat_alloc_user_space(sizeof(struct raw1394_iso_packets));
2733
2734 if (!copy_in_user(&dst->n_packets, &arg->n_packets, sizeof arg->n_packets) &&
2735 !copy_from_user(&infos32, &arg->infos, sizeof infos32)) {
2736 infos = compat_ptr(infos32);
2737 if (!copy_to_user(&dst->infos, &infos, sizeof infos))
2738 err = raw1394_ioctl(file, cmd, (unsigned long)dst);
2739 }
2740 return err;
2741 }
2742
2743 static long raw1394_read_cycle_timer32(struct file_info *fi, void __user * uaddr)
2744 {
2745 struct raw1394_cycle_timer32 ct;
2746 int err;
2747
2748 err = hpsb_read_cycle_timer(fi->host, &ct.cycle_timer, &ct.local_time);
2749 if (!err)
2750 if (copy_to_user(uaddr, &ct, sizeof(ct)))
2751 err = -EFAULT;
2752 return err;
2753 }
2754
2755 static long raw1394_compat_ioctl(struct file *file,
2756 unsigned int cmd, unsigned long arg)
2757 {
2758 struct file_info *fi = file->private_data;
2759 void __user *argp = (void __user *)arg;
2760 long err;
2761
2762 switch (cmd) {
2763 /* These requests have same format as long as 'int' has same size. */
2764 case RAW1394_IOC_ISO_RECV_INIT:
2765 case RAW1394_IOC_ISO_RECV_START:
2766 case RAW1394_IOC_ISO_RECV_LISTEN_CHANNEL:
2767 case RAW1394_IOC_ISO_RECV_UNLISTEN_CHANNEL:
2768 case RAW1394_IOC_ISO_RECV_SET_CHANNEL_MASK:
2769 case RAW1394_IOC_ISO_RECV_RELEASE_PACKETS:
2770 case RAW1394_IOC_ISO_RECV_FLUSH:
2771 case RAW1394_IOC_ISO_XMIT_RECV_STOP:
2772 case RAW1394_IOC_ISO_XMIT_INIT:
2773 case RAW1394_IOC_ISO_XMIT_START:
2774 case RAW1394_IOC_ISO_XMIT_SYNC:
2775 case RAW1394_IOC_ISO_GET_STATUS:
2776 case RAW1394_IOC_ISO_SHUTDOWN:
2777 case RAW1394_IOC_ISO_QUEUE_ACTIVITY:
2778 err = raw1394_ioctl(file, cmd, arg);
2779 break;
2780 /* These request have different format. */
2781 case RAW1394_IOC_ISO_RECV_PACKETS32:
2782 err = raw1394_iso_xmit_recv_packets32(file, RAW1394_IOC_ISO_RECV_PACKETS, argp);
2783 break;
2784 case RAW1394_IOC_ISO_XMIT_PACKETS32:
2785 err = raw1394_iso_xmit_recv_packets32(file, RAW1394_IOC_ISO_XMIT_PACKETS, argp);
2786 break;
2787 case RAW1394_IOC_GET_CYCLE_TIMER32:
2788 err = raw1394_read_cycle_timer32(fi, argp);
2789 break;
2790 default:
2791 err = -EINVAL;
2792 break;
2793 }
2794
2795 return err;
2796 }
2797 #endif
2798
2799 static unsigned int raw1394_poll(struct file *file, poll_table * pt)
2800 {
2801 struct file_info *fi = file->private_data;
2802 unsigned int mask = POLLOUT | POLLWRNORM;
2803 unsigned long flags;
2804
2805 poll_wait(file, &fi->wait_complete, pt);
2806
2807 spin_lock_irqsave(&fi->reqlists_lock, flags);
2808 if (!list_empty(&fi->req_complete)) {
2809 mask |= POLLIN | POLLRDNORM;
2810 }
2811 spin_unlock_irqrestore(&fi->reqlists_lock, flags);
2812
2813 return mask;
2814 }
2815
2816 static int raw1394_open(struct inode *inode, struct file *file)
2817 {
2818 struct file_info *fi;
2819
2820 fi = kzalloc(sizeof(*fi), GFP_KERNEL);
2821 if (!fi)
2822 return -ENOMEM;
2823
2824 fi->notification = (u8) RAW1394_NOTIFY_ON; /* busreset notification */
2825
2826 INIT_LIST_HEAD(&fi->list);
2827 mutex_init(&fi->state_mutex);
2828 fi->state = opened;
2829 INIT_LIST_HEAD(&fi->req_pending);
2830 INIT_LIST_HEAD(&fi->req_complete);
2831 spin_lock_init(&fi->reqlists_lock);
2832 init_waitqueue_head(&fi->wait_complete);
2833 INIT_LIST_HEAD(&fi->addr_list);
2834
2835 file->private_data = fi;
2836
2837 return nonseekable_open(inode, file);
2838 }
2839
2840 static int raw1394_release(struct inode *inode, struct file *file)
2841 {
2842 struct file_info *fi = file->private_data;
2843 struct list_head *lh;
2844 struct pending_request *req;
2845 int i, fail;
2846 int retval = 0;
2847 struct list_head *entry;
2848 struct arm_addr *addr = NULL;
2849 struct host_info *hi;
2850 struct file_info *fi_hlp = NULL;
2851 struct arm_addr *arm_addr = NULL;
2852 int another_host;
2853 int csr_mod = 0;
2854 unsigned long flags;
2855
2856 if (fi->iso_state != RAW1394_ISO_INACTIVE)
2857 raw1394_iso_shutdown(fi);
2858
2859 spin_lock_irqsave(&host_info_lock, flags);
2860
2861 fail = 0;
2862 /* set address-entries invalid */
2863
2864 while (!list_empty(&fi->addr_list)) {
2865 another_host = 0;
2866 lh = fi->addr_list.next;
2867 addr = list_entry(lh, struct arm_addr, addr_list);
2868 /* another host with valid address-entry containing
2869 same addressrange? */
2870 list_for_each_entry(hi, &host_info_list, list) {
2871 if (hi->host != fi->host) {
2872 list_for_each_entry(fi_hlp, &hi->file_info_list,
2873 list) {
2874 entry = fi_hlp->addr_list.next;
2875 while (entry != &(fi_hlp->addr_list)) {
2876 arm_addr = list_entry(entry, struct
2877 arm_addr,
2878 addr_list);
2879 if (arm_addr->start ==
2880 addr->start) {
2881 DBGMSG
2882 ("raw1394_release: "
2883 "another host ownes "
2884 "same addressrange");
2885 another_host = 1;
2886 break;
2887 }
2888 entry = entry->next;
2889 }
2890 if (another_host) {
2891 break;
2892 }
2893 }
2894 }
2895 }
2896 if (!another_host) {
2897 DBGMSG("raw1394_release: call hpsb_arm_unregister");
2898 retval =
2899 hpsb_unregister_addrspace(&raw1394_highlevel,
2900 fi->host, addr->start);
2901 if (!retval) {
2902 ++fail;
2903 printk(KERN_ERR
2904 "raw1394_release arm_Unregister failed\n");
2905 }
2906 }
2907 DBGMSG("raw1394_release: delete addr_entry from list");
2908 list_del(&addr->addr_list);
2909 vfree(addr->addr_space_buffer);
2910 kfree(addr);
2911 } /* while */
2912 spin_unlock_irqrestore(&host_info_lock, flags);
2913 if (fail > 0) {
2914 printk(KERN_ERR "raw1394: during addr_list-release "
2915 "error(s) occurred \n");
2916 }
2917
2918 for (;;) {
2919 /* This locked section guarantees that neither
2920 * complete nor pending requests exist once i!=0 */
2921 spin_lock_irqsave(&fi->reqlists_lock, flags);
2922 while ((req = __next_complete_req(fi)))
2923 free_pending_request(req);
2924
2925 i = list_empty(&fi->req_pending);
2926 spin_unlock_irqrestore(&fi->reqlists_lock, flags);
2927
2928 if (i)
2929 break;
2930 /*
2931 * Sleep until more requests can be freed.
2932 *
2933 * NB: We call the macro wait_event() with a condition argument
2934 * with side effect. This is only possible because the side
2935 * effect does not occur until the condition became true, and
2936 * wait_event() won't evaluate the condition again after that.
2937 */
2938 wait_event(fi->wait_complete, (req = next_complete_req(fi)));
2939 free_pending_request(req);
2940 }
2941
2942 /* Remove any sub-trees left by user space programs */
2943 for (i = 0; i < RAW1394_MAX_USER_CSR_DIRS; i++) {
2944 struct csr1212_dentry *dentry;
2945 if (!fi->csr1212_dirs[i])
2946 continue;
2947 for (dentry =
2948 fi->csr1212_dirs[i]->value.directory.dentries_head; dentry;
2949 dentry = dentry->next) {
2950 csr1212_detach_keyval_from_directory(fi->host->csr.rom->
2951 root_kv,
2952 dentry->kv);
2953 }
2954 csr1212_release_keyval(fi->csr1212_dirs[i]);
2955 fi->csr1212_dirs[i] = NULL;
2956 csr_mod = 1;
2957 }
2958
2959 if ((csr_mod || fi->cfgrom_upd)
2960 && hpsb_update_config_rom_image(fi->host) < 0)
2961 HPSB_ERR
2962 ("Failed to generate Configuration ROM image for host %d",
2963 fi->host->id);
2964
2965 if (fi->state == connected) {
2966 spin_lock_irqsave(&host_info_lock, flags);
2967 list_del(&fi->list);
2968 spin_unlock_irqrestore(&host_info_lock, flags);
2969
2970 put_device(&fi->host->device);
2971 }
2972
2973 spin_lock_irqsave(&host_info_lock, flags);
2974 if (fi->host)
2975 module_put(fi->host->driver->owner);
2976 spin_unlock_irqrestore(&host_info_lock, flags);
2977
2978 kfree(fi);
2979
2980 return 0;
2981 }
2982
2983 /*** HOTPLUG STUFF **********************************************************/
2984 /*
2985 * Export information about protocols/devices supported by this driver.
2986 */
2987 #ifdef MODULE
2988 static const struct ieee1394_device_id raw1394_id_table[] = {
2989 {
2990 .match_flags = IEEE1394_MATCH_SPECIFIER_ID | IEEE1394_MATCH_VERSION,
2991 .specifier_id = AVC_UNIT_SPEC_ID_ENTRY & 0xffffff,
2992 .version = AVC_SW_VERSION_ENTRY & 0xffffff},
2993 {
2994 .match_flags = IEEE1394_MATCH_SPECIFIER_ID | IEEE1394_MATCH_VERSION,
2995 .specifier_id = CAMERA_UNIT_SPEC_ID_ENTRY & 0xffffff,
2996 .version = CAMERA_SW_VERSION_ENTRY & 0xffffff},
2997 {
2998 .match_flags = IEEE1394_MATCH_SPECIFIER_ID | IEEE1394_MATCH_VERSION,
2999 .specifier_id = CAMERA_UNIT_SPEC_ID_ENTRY & 0xffffff,
3000 .version = (CAMERA_SW_VERSION_ENTRY + 1) & 0xffffff},
3001 {
3002 .match_flags = IEEE1394_MATCH_SPECIFIER_ID | IEEE1394_MATCH_VERSION,
3003 .specifier_id = CAMERA_UNIT_SPEC_ID_ENTRY & 0xffffff,
3004 .version = (CAMERA_SW_VERSION_ENTRY + 2) & 0xffffff},
3005 {}
3006 };
3007
3008 MODULE_DEVICE_TABLE(ieee1394, raw1394_id_table);
3009 #endif /* MODULE */
3010
3011 static struct hpsb_protocol_driver raw1394_driver = {
3012 .name = "raw1394",
3013 };
3014
3015 /******************************************************************************/
3016
3017 static struct hpsb_highlevel raw1394_highlevel = {
3018 .name = RAW1394_DEVICE_NAME,
3019 .add_host = add_host,
3020 .remove_host = remove_host,
3021 .host_reset = host_reset,
3022 .fcp_request = fcp_request,
3023 };
3024
3025 static struct cdev raw1394_cdev;
3026 static const struct file_operations raw1394_fops = {
3027 .owner = THIS_MODULE,
3028 .read = raw1394_read,
3029 .write = raw1394_write,
3030 .mmap = raw1394_mmap,
3031 .unlocked_ioctl = raw1394_ioctl,
3032 #ifdef CONFIG_COMPAT
3033 .compat_ioctl = raw1394_compat_ioctl,
3034 #endif
3035 .poll = raw1394_poll,
3036 .open = raw1394_open,
3037 .release = raw1394_release,
3038 .llseek = no_llseek,
3039 };
3040
3041 static int __init init_raw1394(void)
3042 {
3043 int ret = 0;
3044
3045 hpsb_register_highlevel(&raw1394_highlevel);
3046
3047 if (IS_ERR
3048 (device_create(hpsb_protocol_class, NULL,
3049 MKDEV(IEEE1394_MAJOR,
3050 IEEE1394_MINOR_BLOCK_RAW1394 * 16),
3051 NULL, RAW1394_DEVICE_NAME))) {
3052 ret = -EFAULT;
3053 goto out_unreg;
3054 }
3055
3056 cdev_init(&raw1394_cdev, &raw1394_fops);
3057 raw1394_cdev.owner = THIS_MODULE;
3058 ret = cdev_add(&raw1394_cdev, IEEE1394_RAW1394_DEV, 1);
3059 if (ret) {
3060 HPSB_ERR("raw1394 failed to register minor device block");
3061 goto out_dev;
3062 }
3063
3064 HPSB_INFO("raw1394: /dev/%s device initialized", RAW1394_DEVICE_NAME);
3065
3066 ret = hpsb_register_protocol(&raw1394_driver);
3067 if (ret) {
3068 HPSB_ERR("raw1394: failed to register protocol");
3069 cdev_del(&raw1394_cdev);
3070 goto out_dev;
3071 }
3072
3073 goto out;
3074
3075 out_dev:
3076 device_destroy(hpsb_protocol_class,
3077 MKDEV(IEEE1394_MAJOR,
3078 IEEE1394_MINOR_BLOCK_RAW1394 * 16));
3079 out_unreg:
3080 hpsb_unregister_highlevel(&raw1394_highlevel);
3081 out:
3082 return ret;
3083 }
3084
3085 static void __exit cleanup_raw1394(void)
3086 {
3087 device_destroy(hpsb_protocol_class,
3088 MKDEV(IEEE1394_MAJOR,
3089 IEEE1394_MINOR_BLOCK_RAW1394 * 16));
3090 cdev_del(&raw1394_cdev);
3091 hpsb_unregister_highlevel(&raw1394_highlevel);
3092 hpsb_unregister_protocol(&raw1394_driver);
3093 }
3094
3095 module_init(init_raw1394);
3096 module_exit(cleanup_raw1394);
3097 MODULE_LICENSE("GPL");
Linux 2.6 ibm-acpi/thinkpad-acpi driver git tree