]> bbs.cooldavid.org Git - net-next-2.6.git/blame - drivers/ieee1394/raw1394.c
git://bbs.cooldavid.org / net-next-2.6.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
[PATCH] slab: remove SLAB_ATOMIC
[net-next-2.6.git] / drivers / ieee1394 / raw1394.c
CommitLineData
1da177e4
LT		 1/*
2 * IEEE 1394 for Linux
3 *
4 * Raw interface to the bus
5 *
6 * Copyright (C) 1999, 2000 Andreas E. Bombe
7 * 2001, 2002 Manfred Weihs <weihs@ict.tuwien.ac.at>
8 * 2002 Christian Toegel <christian.toegel@gmx.at>
9 *
10 * This code is licensed under the GPL. See the file COPYING in the root
11 * directory of the kernel sources for details.
12 *
13 *
14 * Contributions:
15 *
16 * Manfred Weihs <weihs@ict.tuwien.ac.at>
17 * configuration ROM manipulation
18 * address range mapping
19 * adaptation for new (transparent) loopback mechanism
20 * sending of arbitrary async packets
21 * Christian Toegel <christian.toegel@gmx.at>
22 * address range mapping
23 * lock64 request
24 * transmit physical packet
25 * busreset notification control (switch on/off)
26 * busreset with selection of type (short/long)
27 * request_reply
28 */
29
30#include <linux/kernel.h>
31#include <linux/list.h>
32#include <linux/string.h>
33#include <linux/slab.h>
34#include <linux/fs.h>
35#include <linux/poll.h>
36#include <linux/module.h>
37#include <linux/init.h>
38#include <linux/smp_lock.h>
39#include <linux/interrupt.h>
40#include <linux/vmalloc.h>
41#include <linux/cdev.h>
42#include <asm/uaccess.h>
43#include <asm/atomic.h>
4bc32c4d 44#include <linux/compat.h>
1da177e4
LT		 45
46#include "csr1212.h"
de4394f1
SR		 47#include "highlevel.h"
48#include "hosts.h"
1da177e4 49#include "ieee1394.h"
1da177e4 50#include "ieee1394_core.h"
de4394f1 51#include "ieee1394_hotplug.h"
1da177e4 52#include "ieee1394_transactions.h"
de4394f1
SR		 53#include "ieee1394_types.h"
54#include "iso.h"
55#include "nodemgr.h"
1da177e4
LT		 56#include "raw1394.h"
57#include "raw1394-private.h"
58
59#define int2ptr(x) ((void __user *)(unsigned long)x)
60#define ptr2int(x) ((u64)(unsigned long)(void __user *)x)
61
62#ifdef CONFIG_IEEE1394_VERBOSEDEBUG
63#define RAW1394_DEBUG
64#endif
65
66#ifdef RAW1394_DEBUG
67#define DBGMSG(fmt, args...) \
68printk(KERN_INFO "raw1394:" fmt "\n" , ## args)
69#else
611aa19f 70#define DBGMSG(fmt, args...) do {} while (0)
1da177e4
LT		 71#endif
72
73static LIST_HEAD(host_info_list);
74static int host_count;
75static DEFINE_SPINLOCK(host_info_lock);
76static atomic_t internal_generation = ATOMIC_INIT(0);
77
78static atomic_t iso_buffer_size;
79static const int iso_buffer_max = 4 * 1024 * 1024; /* 4 MB */
80
81static struct hpsb_highlevel raw1394_highlevel;
82
83static int arm_read(struct hpsb_host *host, int nodeid, quadlet_t * buffer,
84 u64 addr, size_t length, u16 flags);
85static int arm_write(struct hpsb_host *host, int nodeid, int destid,
86 quadlet_t * data, u64 addr, size_t length, u16 flags);
87static int arm_lock(struct hpsb_host *host, int nodeid, quadlet_t * store,
88 u64 addr, quadlet_t data, quadlet_t arg, int ext_tcode,
89 u16 flags);
90static int arm_lock64(struct hpsb_host *host, int nodeid, octlet_t * store,
91 u64 addr, octlet_t data, octlet_t arg, int ext_tcode,
92 u16 flags);
93static struct hpsb_address_ops arm_ops = {
94 .read = arm_read,
95 .write = arm_write,
96 .lock = arm_lock,
97 .lock64 = arm_lock64,
98};
99
100static void queue_complete_cb(struct pending_request *req);
101
dd0fc66f 102static struct pending_request *__alloc_pending_request(gfp_t flags)
1da177e4
LT		 103{
104 struct pending_request *req;
105
8551158a
SR		 106 req = kzalloc(sizeof(*req), flags);
107 if (req)
1da177e4 108 INIT_LIST_HEAD(&req->list);
1da177e4
LT		 109
110 return req;
111}
112
113static inline struct pending_request *alloc_pending_request(void)
114{
115 return __alloc_pending_request(SLAB_KERNEL);
116}
117
118static void free_pending_request(struct pending_request *req)
119{
120 if (req->ibs) {
121 if (atomic_dec_and_test(&req->ibs->refcount)) {
122 atomic_sub(req->ibs->data_size, &iso_buffer_size);
123 kfree(req->ibs);
124 }
125 } else if (req->free_data) {
126 kfree(req->data);
127 }
128 hpsb_free_packet(req->packet);
129 kfree(req);
130}
131
132/* fi->reqlists_lock must be taken */
133static void __queue_complete_req(struct pending_request *req)
134{
135 struct file_info *fi = req->file_info;
1da177e4 136
45289bf6
SR		 137 list_move_tail(&req->list, &fi->req_complete);
138 wake_up(&fi->wait_complete);
1da177e4
LT		 139}
140
141static void queue_complete_req(struct pending_request *req)
142{
143 unsigned long flags;
144 struct file_info *fi = req->file_info;
145
146 spin_lock_irqsave(&fi->reqlists_lock, flags);
147 __queue_complete_req(req);
148 spin_unlock_irqrestore(&fi->reqlists_lock, flags);
149}
150
151static void queue_complete_cb(struct pending_request *req)
152{
153 struct hpsb_packet *packet = req->packet;
154 int rcode = (packet->header[1] >> 12) & 0xf;
155
156 switch (packet->ack_code) {
157 case ACKX_NONE:
158 case ACKX_SEND_ERROR:
159 req->req.error = RAW1394_ERROR_SEND_ERROR;
160 break;
161 case ACKX_ABORTED:
162 req->req.error = RAW1394_ERROR_ABORTED;
163 break;
164 case ACKX_TIMEOUT:
165 req->req.error = RAW1394_ERROR_TIMEOUT;
166 break;
167 default:
168 req->req.error = (packet->ack_code << 16) | rcode;
169 break;
170 }
171
172 if (!((packet->ack_code == ACK_PENDING) && (rcode == RCODE_COMPLETE))) {
173 req->req.length = 0;
174 }
175
176 if ((req->req.type == RAW1394_REQ_ASYNC_READ) ||
177 (req->req.type == RAW1394_REQ_ASYNC_WRITE) ||
178 (req->req.type == RAW1394_REQ_ASYNC_STREAM) ||
179 (req->req.type == RAW1394_REQ_LOCK) ||
180 (req->req.type == RAW1394_REQ_LOCK64))
181 hpsb_free_tlabel(packet);
182
183 queue_complete_req(req);
184}
185
186static void add_host(struct hpsb_host *host)
187{
188 struct host_info *hi;
189 unsigned long flags;
190
8551158a 191 hi = kmalloc(sizeof(*hi), GFP_KERNEL);
1da177e4 192
8551158a 193 if (hi) {
1da177e4
LT		 194 INIT_LIST_HEAD(&hi->list);
195 hi->host = host;
196 INIT_LIST_HEAD(&hi->file_info_list);
197
198 spin_lock_irqsave(&host_info_lock, flags);
199 list_add_tail(&hi->list, &host_info_list);
200 host_count++;
201 spin_unlock_irqrestore(&host_info_lock, flags);
202 }
203
204 atomic_inc(&internal_generation);
205}
206
207static struct host_info *find_host_info(struct hpsb_host *host)
208{
209 struct host_info *hi;
210
211 list_for_each_entry(hi, &host_info_list, list)
212 if (hi->host == host)
213 return hi;
214
215 return NULL;
216}
217
218static void remove_host(struct hpsb_host *host)
219{
220 struct host_info *hi;
221 unsigned long flags;
222
223 spin_lock_irqsave(&host_info_lock, flags);
224 hi = find_host_info(host);
225
226 if (hi != NULL) {
227 list_del(&hi->list);
228 host_count--;
229 /*
230 FIXME: address ranges should be removed
231 and fileinfo states should be initialized
232 (including setting generation to
233 internal-generation ...)
234 */
235 }
236 spin_unlock_irqrestore(&host_info_lock, flags);
237
238 if (hi == NULL) {
239 printk(KERN_ERR "raw1394: attempt to remove unknown host "
240 "0x%p\n", host);
241 return;
242 }
243
244 kfree(hi);
245
246 atomic_inc(&internal_generation);
247}
248
249static void host_reset(struct hpsb_host *host)
250{
251 unsigned long flags;
252 struct host_info *hi;
253 struct file_info *fi;
254 struct pending_request *req;
255
256 spin_lock_irqsave(&host_info_lock, flags);
257 hi = find_host_info(host);
258
259 if (hi != NULL) {
260 list_for_each_entry(fi, &hi->file_info_list, list) {
261 if (fi->notification == RAW1394_NOTIFY_ON) {
54e6ecb2 262 req = __alloc_pending_request(GFP_ATOMIC);
1da177e4
LT		 263
264 if (req != NULL) {
265 req->file_info = fi;
266 req->req.type = RAW1394_REQ_BUS_RESET;
267 req->req.generation =
268 get_hpsb_generation(host);
269 req->req.misc = (host->node_id << 16)
270 | host->node_count;
271 if (fi->protocol_version > 3) {
272 req->req.misc |=
273 (NODEID_TO_NODE
274 (host->irm_id)
275 << 8);
276 }
277
278 queue_complete_req(req);
279 }
280 }
281 }
282 }
283 spin_unlock_irqrestore(&host_info_lock, flags);
284}
285
286static void iso_receive(struct hpsb_host *host, int channel, quadlet_t * data,
287 size_t length)
288{
289 unsigned long flags;
290 struct host_info *hi;
291 struct file_info *fi;
292 struct pending_request *req, *req_next;
293 struct iso_block_store *ibs = NULL;
294 LIST_HEAD(reqs);
295
296 if ((atomic_read(&iso_buffer_size) + length) > iso_buffer_max) {
297 HPSB_INFO("dropped iso packet");
298 return;
299 }
300
301 spin_lock_irqsave(&host_info_lock, flags);
302 hi = find_host_info(host);
303
304 if (hi != NULL) {
305 list_for_each_entry(fi, &hi->file_info_list, list) {
306 if (!(fi->listen_channels & (1ULL << channel)))
307 continue;
308
54e6ecb2 309 req = __alloc_pending_request(GFP_ATOMIC);
1da177e4
LT		 310 if (!req)
311 break;
312
313 if (!ibs) {
8551158a 314 ibs = kmalloc(sizeof(*ibs) + length,
54e6ecb2 315 GFP_ATOMIC);
1da177e4
LT		 316 if (!ibs) {
317 kfree(req);
318 break;
319 }
320
321 atomic_add(length, &iso_buffer_size);
322 atomic_set(&ibs->refcount, 0);
323 ibs->data_size = length;
324 memcpy(ibs->data, data, length);
325 }
326
327 atomic_inc(&ibs->refcount);
328
329 req->file_info = fi;
330 req->ibs = ibs;
331 req->data = ibs->data;
332 req->req.type = RAW1394_REQ_ISO_RECEIVE;
333 req->req.generation = get_hpsb_generation(host);
334 req->req.misc = 0;
335 req->req.recvb = ptr2int(fi->iso_buffer);
336 req->req.length = min(length, fi->iso_buffer_length);
337
338 list_add_tail(&req->list, &reqs);
339 }
340 }
341 spin_unlock_irqrestore(&host_info_lock, flags);
342
343 list_for_each_entry_safe(req, req_next, &reqs, list)
344 queue_complete_req(req);
345}
346
347static void fcp_request(struct hpsb_host *host, int nodeid, int direction,
348 int cts, u8 * data, size_t length)
349{
350 unsigned long flags;
351 struct host_info *hi;
352 struct file_info *fi;
353 struct pending_request *req, *req_next;
354 struct iso_block_store *ibs = NULL;
355 LIST_HEAD(reqs);
356
357 if ((atomic_read(&iso_buffer_size) + length) > iso_buffer_max) {
358 HPSB_INFO("dropped fcp request");
359 return;
360 }
361
362 spin_lock_irqsave(&host_info_lock, flags);
363 hi = find_host_info(host);
364
365 if (hi != NULL) {
366 list_for_each_entry(fi, &hi->file_info_list, list) {
367 if (!fi->fcp_buffer)
368 continue;
369
54e6ecb2 370 req = __alloc_pending_request(GFP_ATOMIC);
1da177e4
LT		 371 if (!req)
372 break;
373
374 if (!ibs) {
8551158a 375 ibs = kmalloc(sizeof(*ibs) + length,
54e6ecb2 376 GFP_ATOMIC);
1da177e4
LT		 377 if (!ibs) {
378 kfree(req);
379 break;
380 }
381
382 atomic_add(length, &iso_buffer_size);
383 atomic_set(&ibs->refcount, 0);
384 ibs->data_size = length;
385 memcpy(ibs->data, data, length);
386 }
387
388 atomic_inc(&ibs->refcount);
389
390 req->file_info = fi;
391 req->ibs = ibs;
392 req->data = ibs->data;
393 req->req.type = RAW1394_REQ_FCP_REQUEST;
394 req->req.generation = get_hpsb_generation(host);
395 req->req.misc = nodeid | (direction << 16);
396 req->req.recvb = ptr2int(fi->fcp_buffer);
397 req->req.length = length;
398
399 list_add_tail(&req->list, &reqs);
400 }
401 }
402 spin_unlock_irqrestore(&host_info_lock, flags);
403
404 list_for_each_entry_safe(req, req_next, &reqs, list)
405 queue_complete_req(req);
406}
407
4bc32c4d
AK		 408#ifdef CONFIG_COMPAT
409struct compat_raw1394_req {
7597028a
BC		 410 __u32 type;
411 __s32 error;
412 __u32 misc;
4bc32c4d 413
7597028a
BC		 414 __u32 generation;
415 __u32 length;
4bc32c4d 416
7597028a 417 __u64 address;
4bc32c4d 418
7597028a 419 __u64 tag;
4bc32c4d 420
7597028a
BC		 421 __u64 sendb;
422 __u64 recvb;
423} __attribute__((packed));
4bc32c4d
AK		 424
425static const char __user *raw1394_compat_write(const char __user *buf)
426{
7597028a 427 struct compat_raw1394_req __user *cr = (typeof(cr)) buf;
4bc32c4d
AK		 428 struct raw1394_request __user *r;
429 r = compat_alloc_user_space(sizeof(struct raw1394_request));
430
431#define C(x) __copy_in_user(&r->x, &cr->x, sizeof(r->x))
432
433 if (copy_in_user(r, cr, sizeof(struct compat_raw1394_req)) ||
7597028a
BC		 434 C(address) ||
435 C(tag) ||
436 C(sendb) ||
437 C(recvb))
4bc32c4d
AK		 438 return ERR_PTR(-EFAULT);
439 return (const char __user *)r;
440}
441#undef C
442
443#define P(x) __put_user(r->x, &cr->x)
444
7597028a 445static int
4bc32c4d
AK		 446raw1394_compat_read(const char __user *buf, struct raw1394_request *r)
447{
7597028a
BC		 448 struct compat_raw1394_req __user *cr = (typeof(cr)) r;
449 if (!access_ok(VERIFY_WRITE, cr, sizeof(struct compat_raw1394_req)) ||
4bc32c4d
AK		 450 P(type) ||
451 P(error) ||
452 P(misc) ||
453 P(generation) ||
454 P(length) ||
455 P(address) ||
456 P(tag) ||
457 P(sendb) ||
458 P(recvb))
459 return -EFAULT;
460 return sizeof(struct compat_raw1394_req);
461}
462#undef P
463
464#endif
465
45289bf6
SR		 466/* get next completed request (caller must hold fi->reqlists_lock) */
467static inline struct pending_request *__next_complete_req(struct file_info *fi)
468{
469 struct list_head *lh;
470 struct pending_request *req = NULL;
471
472 if (!list_empty(&fi->req_complete)) {
473 lh = fi->req_complete.next;
474 list_del(lh);
475 req = list_entry(lh, struct pending_request, list);
476 }
477 return req;
478}
479
480/* atomically get next completed request */
481static struct pending_request *next_complete_req(struct file_info *fi)
482{
483 unsigned long flags;
484 struct pending_request *req;
485
486 spin_lock_irqsave(&fi->reqlists_lock, flags);
487 req = __next_complete_req(fi);
488 spin_unlock_irqrestore(&fi->reqlists_lock, flags);
489 return req;
490}
4bc32c4d 491
1da177e4
LT		 492static ssize_t raw1394_read(struct file *file, char __user * buffer,
493 size_t count, loff_t * offset_is_ignored)
494{
495 struct file_info *fi = (struct file_info *)file->private_data;
1da177e4
LT		 496 struct pending_request *req;
497 ssize_t ret;
498
4bc32c4d
AK		 499#ifdef CONFIG_COMPAT
500 if (count == sizeof(struct compat_raw1394_req)) {
501 /* ok */
502 } else
503#endif
1da177e4
LT		 504 if (count != sizeof(struct raw1394_request)) {
505 return -EINVAL;
506 }
507
508 if (!access_ok(VERIFY_WRITE, buffer, count)) {
509 return -EFAULT;
510 }
511
512 if (file->f_flags & O_NONBLOCK) {
45289bf6 513 if (!(req = next_complete_req(fi)))
1da177e4 514 return -EAGAIN;
1da177e4 515 } else {
45289bf6
SR		 516 /*
517 * NB: We call the macro wait_event_interruptible() with a
518 * condition argument with side effect. This is only possible
519 * because the side effect does not occur until the condition
520 * became true, and wait_event_interruptible() won't evaluate
521 * the condition again after that.
522 */
523 if (wait_event_interruptible(fi->wait_complete,
524 (req = next_complete_req(fi))))
1da177e4 525 return -ERESTARTSYS;
1da177e4
LT		 526 }
527
1da177e4
LT		 528 if (req->req.length) {
529 if (copy_to_user(int2ptr(req->req.recvb), req->data,
530 req->req.length)) {
531 req->req.error = RAW1394_ERROR_MEMFAULT;
532 }
533 }
1da177e4 534
4bc32c4d 535#ifdef CONFIG_COMPAT
7597028a
BC		 536 if (count == sizeof(struct compat_raw1394_req) &&
537 sizeof(struct compat_raw1394_req) !=
538 sizeof(struct raw1394_request)) {
4bc32c4d 539 ret = raw1394_compat_read(buffer, &req->req);
7597028a 540 } else
4bc32c4d
AK		 541#endif
542 {
543 if (copy_to_user(buffer, &req->req, sizeof(req->req))) {
544 ret = -EFAULT;
545 goto out;
7597028a 546 }
4bc32c4d
AK		 547 ret = (ssize_t) sizeof(struct raw1394_request);
548 }
1da177e4
LT		 549 out:
550 free_pending_request(req);
551 return ret;
552}
553
554static int state_opened(struct file_info *fi, struct pending_request *req)
555{
556 if (req->req.type == RAW1394_REQ_INITIALIZE) {
557 switch (req->req.misc) {
558 case RAW1394_KERNELAPI_VERSION:
559 case 3:
560 fi->state = initialized;
561 fi->protocol_version = req->req.misc;
562 req->req.error = RAW1394_ERROR_NONE;
563 req->req.generation = atomic_read(&internal_generation);
564 break;
565
566 default:
567 req->req.error = RAW1394_ERROR_COMPAT;
568 req->req.misc = RAW1394_KERNELAPI_VERSION;
569 }
570 } else {
571 req->req.error = RAW1394_ERROR_STATE_ORDER;
572 }
573
574 req->req.length = 0;
575 queue_complete_req(req);
576 return sizeof(struct raw1394_request);
577}
578
579static int state_initialized(struct file_info *fi, struct pending_request *req)
580{
4a9949d7 581 unsigned long flags;
1da177e4
LT		 582 struct host_info *hi;
583 struct raw1394_khost_list *khl;
584
585 if (req->req.generation != atomic_read(&internal_generation)) {
586 req->req.error = RAW1394_ERROR_GENERATION;
587 req->req.generation = atomic_read(&internal_generation);
588 req->req.length = 0;
589 queue_complete_req(req);
590 return sizeof(struct raw1394_request);
591 }
592
593 switch (req->req.type) {
594 case RAW1394_REQ_LIST_CARDS:
4a9949d7 595 spin_lock_irqsave(&host_info_lock, flags);
54e6ecb2 596 khl = kmalloc(sizeof(*khl) * host_count, GFP_ATOMIC);
1da177e4 597
8551158a 598 if (khl) {
1da177e4
LT		 599 req->req.misc = host_count;
600 req->data = (quadlet_t *) khl;
601
602 list_for_each_entry(hi, &host_info_list, list) {
603 khl->nodes = hi->host->node_count;
604 strcpy(khl->name, hi->host->driver->name);
605 khl++;
606 }
607 }
4a9949d7 608 spin_unlock_irqrestore(&host_info_lock, flags);
1da177e4 609
8551158a 610 if (khl) {
1da177e4
LT		 611 req->req.error = RAW1394_ERROR_NONE;
612 req->req.length = min(req->req.length,
613 (u32) (sizeof
614 (struct raw1394_khost_list)
615 * req->req.misc));
616 req->free_data = 1;
617 } else {
618 return -ENOMEM;
619 }
620 break;
621
622 case RAW1394_REQ_SET_CARD:
4a9949d7 623 spin_lock_irqsave(&host_info_lock, flags);
1da177e4
LT		 624 if (req->req.misc < host_count) {
625 list_for_each_entry(hi, &host_info_list, list) {
626 if (!req->req.misc--)
627 break;
628 }
629 get_device(&hi->host->device); // XXX Need to handle failure case
630 list_add_tail(&fi->list, &hi->file_info_list);
631 fi->host = hi->host;
632 fi->state = connected;
633
634 req->req.error = RAW1394_ERROR_NONE;
635 req->req.generation = get_hpsb_generation(fi->host);
636 req->req.misc = (fi->host->node_id << 16)
637 | fi->host->node_count;
638 if (fi->protocol_version > 3) {
639 req->req.misc |=
640 NODEID_TO_NODE(fi->host->irm_id) << 8;
641 }
642 } else {
643 req->req.error = RAW1394_ERROR_INVALID_ARG;
644 }
4a9949d7 645 spin_unlock_irqrestore(&host_info_lock, flags);
1da177e4
LT		 646
647 req->req.length = 0;
648 break;
649
650 default:
651 req->req.error = RAW1394_ERROR_STATE_ORDER;
652 req->req.length = 0;
653 break;
654 }
655
656 queue_complete_req(req);
657 return sizeof(struct raw1394_request);
658}
659
660static void handle_iso_listen(struct file_info *fi, struct pending_request *req)
661{
662 int channel = req->req.misc;
663
1da177e4
LT		 664 if ((channel > 63) || (channel < -64)) {
665 req->req.error = RAW1394_ERROR_INVALID_ARG;
666 } else if (channel >= 0) {
667 /* allocate channel req.misc */
668 if (fi->listen_channels & (1ULL << channel)) {
669 req->req.error = RAW1394_ERROR_ALREADY;
670 } else {
671 if (hpsb_listen_channel
672 (&raw1394_highlevel, fi->host, channel)) {
673 req->req.error = RAW1394_ERROR_ALREADY;
674 } else {
675 fi->listen_channels |= 1ULL << channel;
676 fi->iso_buffer = int2ptr(req->req.recvb);
677 fi->iso_buffer_length = req->req.length;
678 }
679 }
680 } else {
681 /* deallocate channel (one's complement neg) req.misc */
682 channel = ~channel;
683
684 if (fi->listen_channels & (1ULL << channel)) {
685 hpsb_unlisten_channel(&raw1394_highlevel, fi->host,
686 channel);
687 fi->listen_channels &= ~(1ULL << channel);
688 } else {
689 req->req.error = RAW1394_ERROR_INVALID_ARG;
690 }
691 }
692
693 req->req.length = 0;
694 queue_complete_req(req);
1da177e4
LT		 695}
696
697static void handle_fcp_listen(struct file_info *fi, struct pending_request *req)
698{
699 if (req->req.misc) {
700 if (fi->fcp_buffer) {
701 req->req.error = RAW1394_ERROR_ALREADY;
702 } else {
703 fi->fcp_buffer = int2ptr(req->req.recvb);
704 }
705 } else {
706 if (!fi->fcp_buffer) {
707 req->req.error = RAW1394_ERROR_ALREADY;
708 } else {
709 fi->fcp_buffer = NULL;
710 }
711 }
712
713 req->req.length = 0;
714 queue_complete_req(req);
715}
716
717static int handle_async_request(struct file_info *fi,
718 struct pending_request *req, int node)
719{
4a9949d7 720 unsigned long flags;
1da177e4
LT		 721 struct hpsb_packet *packet = NULL;
722 u64 addr = req->req.address & 0xffffffffffffULL;
723
724 switch (req->req.type) {
725 case RAW1394_REQ_ASYNC_READ:
726 DBGMSG("read_request called");
727 packet =
728 hpsb_make_readpacket(fi->host, node, addr, req->req.length);
729
730 if (!packet)
731 return -ENOMEM;
732
733 if (req->req.length == 4)
734 req->data = &packet->header[3];
735 else
736 req->data = packet->data;
737
738 break;
739
740 case RAW1394_REQ_ASYNC_WRITE:
741 DBGMSG("write_request called");
742
743 packet = hpsb_make_writepacket(fi->host, node, addr, NULL,
744 req->req.length);
745 if (!packet)
746 return -ENOMEM;
747
748 if (req->req.length == 4) {
749 if (copy_from_user
750 (&packet->header[3], int2ptr(req->req.sendb),
751 req->req.length))
752 req->req.error = RAW1394_ERROR_MEMFAULT;
753 } else {
754 if (copy_from_user
755 (packet->data, int2ptr(req->req.sendb),
756 req->req.length))
757 req->req.error = RAW1394_ERROR_MEMFAULT;
758 }
759
760 req->req.length = 0;
761 break;
762
763 case RAW1394_REQ_ASYNC_STREAM:
764 DBGMSG("stream_request called");
765
766 packet =
767 hpsb_make_streampacket(fi->host, NULL, req->req.length,
768 node & 0x3f /*channel */ ,
769 (req->req.misc >> 16) & 0x3,
770 req->req.misc & 0xf);
771 if (!packet)
772 return -ENOMEM;
773
774 if (copy_from_user(packet->data, int2ptr(req->req.sendb),
775 req->req.length))
776 req->req.error = RAW1394_ERROR_MEMFAULT;
777
778 req->req.length = 0;
779 break;
780
781 case RAW1394_REQ_LOCK:
782 DBGMSG("lock_request called");
783 if ((req->req.misc == EXTCODE_FETCH_ADD)
784 || (req->req.misc == EXTCODE_LITTLE_ADD)) {
785 if (req->req.length != 4) {
786 req->req.error = RAW1394_ERROR_INVALID_ARG;
787 break;
788 }
789 } else {
790 if (req->req.length != 8) {
791 req->req.error = RAW1394_ERROR_INVALID_ARG;
792 break;
793 }
794 }
795
796 packet = hpsb_make_lockpacket(fi->host, node, addr,
797 req->req.misc, NULL, 0);
798 if (!packet)
799 return -ENOMEM;
800
801 if (copy_from_user(packet->data, int2ptr(req->req.sendb),
802 req->req.length)) {
803 req->req.error = RAW1394_ERROR_MEMFAULT;
804 break;
805 }
806
807 req->data = packet->data;
808 req->req.length = 4;
809 break;
810
811 case RAW1394_REQ_LOCK64:
812 DBGMSG("lock64_request called");
813 if ((req->req.misc == EXTCODE_FETCH_ADD)
814 || (req->req.misc == EXTCODE_LITTLE_ADD)) {
815 if (req->req.length != 8) {
816 req->req.error = RAW1394_ERROR_INVALID_ARG;
817 break;
818 }
819 } else {
820 if (req->req.length != 16) {
821 req->req.error = RAW1394_ERROR_INVALID_ARG;
822 break;
823 }
824 }
825 packet = hpsb_make_lock64packet(fi->host, node, addr,
826 req->req.misc, NULL, 0);
827 if (!packet)
828 return -ENOMEM;
829
830 if (copy_from_user(packet->data, int2ptr(req->req.sendb),
831 req->req.length)) {
832 req->req.error = RAW1394_ERROR_MEMFAULT;
833 break;
834 }
835
836 req->data = packet->data;
837 req->req.length = 8;
838 break;
839
840 default:
841 req->req.error = RAW1394_ERROR_STATE_ORDER;
842 }
843
844 req->packet = packet;
845
846 if (req->req.error) {
847 req->req.length = 0;
848 queue_complete_req(req);
849 return sizeof(struct raw1394_request);
850 }
851
852 hpsb_set_packet_complete_task(packet,
853 (void (*)(void *))queue_complete_cb, req);
854
4a9949d7 855 spin_lock_irqsave(&fi->reqlists_lock, flags);
1da177e4 856 list_add_tail(&req->list, &fi->req_pending);
4a9949d7 857 spin_unlock_irqrestore(&fi->reqlists_lock, flags);
1da177e4
LT		 858
859 packet->generation = req->req.generation;
860
861 if (hpsb_send_packet(packet) < 0) {
862 req->req.error = RAW1394_ERROR_SEND_ERROR;
863 req->req.length = 0;
864 hpsb_free_tlabel(packet);
865 queue_complete_req(req);
866 }
867 return sizeof(struct raw1394_request);
868}
869
870static int handle_iso_send(struct file_info *fi, struct pending_request *req,
871 int channel)
872{
4a9949d7 873 unsigned long flags;
1da177e4
LT		 874 struct hpsb_packet *packet;
875
876 packet = hpsb_make_isopacket(fi->host, req->req.length, channel & 0x3f,
877 (req->req.misc >> 16) & 0x3,
878 req->req.misc & 0xf);
879 if (!packet)
880 return -ENOMEM;
881
882 packet->speed_code = req->req.address & 0x3;
883
884 req->packet = packet;
885
886 if (copy_from_user(packet->data, int2ptr(req->req.sendb),
887 req->req.length)) {
888 req->req.error = RAW1394_ERROR_MEMFAULT;
889 req->req.length = 0;
890 queue_complete_req(req);
891 return sizeof(struct raw1394_request);
892 }
893
894 req->req.length = 0;
895 hpsb_set_packet_complete_task(packet,
896 (void (*)(void *))queue_complete_req,
897 req);
898
4a9949d7 899 spin_lock_irqsave(&fi->reqlists_lock, flags);
1da177e4 900 list_add_tail(&req->list, &fi->req_pending);
4a9949d7 901 spin_unlock_irqrestore(&fi->reqlists_lock, flags);
1da177e4
LT		 902
903 /* Update the generation of the packet just before sending. */
904 packet->generation = req->req.generation;
905
906 if (hpsb_send_packet(packet) < 0) {
907 req->req.error = RAW1394_ERROR_SEND_ERROR;
908 queue_complete_req(req);
909 }
910
911 return sizeof(struct raw1394_request);
912}
913
914static int handle_async_send(struct file_info *fi, struct pending_request *req)
915{
4a9949d7 916 unsigned long flags;
1da177e4
LT		 917 struct hpsb_packet *packet;
918 int header_length = req->req.misc & 0xffff;
919 int expect_response = req->req.misc >> 16;
920
921 if ((header_length > req->req.length) || (header_length < 12)) {
922 req->req.error = RAW1394_ERROR_INVALID_ARG;
923 req->req.length = 0;
924 queue_complete_req(req);
925 return sizeof(struct raw1394_request);
926 }
927
928 packet = hpsb_alloc_packet(req->req.length - header_length);
929 req->packet = packet;
930 if (!packet)
931 return -ENOMEM;
932
933 if (copy_from_user(packet->header, int2ptr(req->req.sendb),
934 header_length)) {
935 req->req.error = RAW1394_ERROR_MEMFAULT;
936 req->req.length = 0;
937 queue_complete_req(req);
938 return sizeof(struct raw1394_request);
939 }
940
941 if (copy_from_user
942 (packet->data, int2ptr(req->req.sendb) + header_length,
943 packet->data_size)) {
944 req->req.error = RAW1394_ERROR_MEMFAULT;
945 req->req.length = 0;
946 queue_complete_req(req);
947 return sizeof(struct raw1394_request);
948 }
949
950 packet->type = hpsb_async;
951 packet->node_id = packet->header[0] >> 16;
952 packet->tcode = (packet->header[0] >> 4) & 0xf;
953 packet->tlabel = (packet->header[0] >> 10) & 0x3f;
954 packet->host = fi->host;
955 packet->expect_response = expect_response;
956 packet->header_size = header_length;
957 packet->data_size = req->req.length - header_length;
958
959 req->req.length = 0;
960 hpsb_set_packet_complete_task(packet,
961 (void (*)(void *))queue_complete_cb, req);
962
4a9949d7 963 spin_lock_irqsave(&fi->reqlists_lock, flags);
1da177e4 964 list_add_tail(&req->list, &fi->req_pending);
4a9949d7 965 spin_unlock_irqrestore(&fi->reqlists_lock, flags);
1da177e4
LT		 966
967 /* Update the generation of the packet just before sending. */
968 packet->generation = req->req.generation;
969
970 if (hpsb_send_packet(packet) < 0) {
971 req->req.error = RAW1394_ERROR_SEND_ERROR;
972 queue_complete_req(req);
973 }
974
975 return sizeof(struct raw1394_request);
976}
977
978static int arm_read(struct hpsb_host *host, int nodeid, quadlet_t * buffer,
979 u64 addr, size_t length, u16 flags)
980{
4a9949d7 981 unsigned long irqflags;
1da177e4
LT		 982 struct pending_request *req;
983 struct host_info *hi;
984 struct file_info *fi = NULL;
985 struct list_head *entry;
986 struct arm_addr *arm_addr = NULL;
987 struct arm_request *arm_req = NULL;
988 struct arm_response *arm_resp = NULL;
989 int found = 0, size = 0, rcode = -1;
990 struct arm_request_response *arm_req_resp = NULL;
991
992 DBGMSG("arm_read called by node: %X"
993 "addr: %4.4x %8.8x length: %Zu", nodeid,
994 (u16) ((addr >> 32) & 0xFFFF), (u32) (addr & 0xFFFFFFFF),
995 length);
4a9949d7 996 spin_lock_irqsave(&host_info_lock, irqflags);
1da177e4
LT		 997 hi = find_host_info(host); /* search address-entry */
998 if (hi != NULL) {
999 list_for_each_entry(fi, &hi->file_info_list, list) {
1000 entry = fi->addr_list.next;
1001 while (entry != &(fi->addr_list)) {
1002 arm_addr =
1003 list_entry(entry, struct arm_addr,
1004 addr_list);
1005 if (((arm_addr->start) <= (addr))
1006 && ((arm_addr->end) >= (addr + length))) {
1007 found = 1;
1008 break;
1009 }
1010 entry = entry->next;
1011 }
1012 if (found) {
1013 break;
1014 }
1015 }
1016 }
1017 rcode = -1;
1018 if (!found) {
1019 printk(KERN_ERR "raw1394: arm_read FAILED addr_entry not found"
1020 " -> rcode_address_error\n");
4a9949d7 1021 spin_unlock_irqrestore(&host_info_lock, irqflags);
1da177e4
LT		 1022 return (RCODE_ADDRESS_ERROR);
1023 } else {
1024 DBGMSG("arm_read addr_entry FOUND");
1025 }
1026 if (arm_addr->rec_length < length) {
1027 DBGMSG("arm_read blocklength too big -> rcode_data_error");
1028 rcode = RCODE_DATA_ERROR; /* hardware error, data is unavailable */
1029 }
1030 if (rcode == -1) {
1031 if (arm_addr->access_rights & ARM_READ) {
1032 if (!(arm_addr->client_transactions & ARM_READ)) {
1033 memcpy(buffer,
1034 (arm_addr->addr_space_buffer) + (addr -
1035 (arm_addr->
1036 start)),
1037 length);
1038 DBGMSG("arm_read -> (rcode_complete)");
1039 rcode = RCODE_COMPLETE;
1040 }
1041 } else {
1042 rcode = RCODE_TYPE_ERROR; /* function not allowed */
1043 DBGMSG("arm_read -> rcode_type_error (access denied)");
1044 }
1045 }
1046 if (arm_addr->notification_options & ARM_READ) {
1047 DBGMSG("arm_read -> entering notification-section");
54e6ecb2 1048 req = __alloc_pending_request(GFP_ATOMIC);
1da177e4
LT		 1049 if (!req) {
1050 DBGMSG("arm_read -> rcode_conflict_error");
4a9949d7 1051 spin_unlock_irqrestore(&host_info_lock, irqflags);
1da177e4
LT		 1052 return (RCODE_CONFLICT_ERROR); /* A resource conflict was detected.
1053 The request may be retried */
1054 }
1055 if (rcode == RCODE_COMPLETE) {
1056 size =
1057 sizeof(struct arm_request) +
1058 sizeof(struct arm_response) +
1059 length * sizeof(byte_t) +
1060 sizeof(struct arm_request_response);
1061 } else {
1062 size =
1063 sizeof(struct arm_request) +
1064 sizeof(struct arm_response) +
1065 sizeof(struct arm_request_response);
1066 }
54e6ecb2 1067 req->data = kmalloc(size, GFP_ATOMIC);
1da177e4
LT		 1068 if (!(req->data)) {
1069 free_pending_request(req);
1070 DBGMSG("arm_read -> rcode_conflict_error");
4a9949d7 1071 spin_unlock_irqrestore(&host_info_lock, irqflags);
1da177e4
LT		 1072 return (RCODE_CONFLICT_ERROR); /* A resource conflict was detected.
1073 The request may be retried */
1074 }
1075 req->free_data = 1;
1076 req->file_info = fi;
1077 req->req.type = RAW1394_REQ_ARM;
1078 req->req.generation = get_hpsb_generation(host);
1079 req->req.misc =
1080 (((length << 16) & (0xFFFF0000)) | (ARM_READ & 0xFF));
1081 req->req.tag = arm_addr->arm_tag;
1082 req->req.recvb = arm_addr->recvb;
1083 req->req.length = size;
1084 arm_req_resp = (struct arm_request_response *)(req->data);
1085 arm_req = (struct arm_request *)((byte_t *) (req->data) +
1086 (sizeof
1087 (struct
1088 arm_request_response)));
1089 arm_resp =
1090 (struct arm_response *)((byte_t *) (arm_req) +
1091 (sizeof(struct arm_request)));
1092 arm_req->buffer = NULL;
1093 arm_resp->buffer = NULL;
1094 if (rcode == RCODE_COMPLETE) {
1095 byte_t *buf =
1096 (byte_t *) arm_resp + sizeof(struct arm_response);
1097 memcpy(buf,
1098 (arm_addr->addr_space_buffer) + (addr -
1099 (arm_addr->
1100 start)),
1101 length);
1102 arm_resp->buffer =
1103 int2ptr((arm_addr->recvb) +
1104 sizeof(struct arm_request_response) +
1105 sizeof(struct arm_request) +
1106 sizeof(struct arm_response));
1107 }
1108 arm_resp->buffer_length =
1109 (rcode == RCODE_COMPLETE) ? length : 0;
1110 arm_resp->response_code = rcode;
1111 arm_req->buffer_length = 0;
1112 arm_req->generation = req->req.generation;
1113 arm_req->extended_transaction_code = 0;
1114 arm_req->destination_offset = addr;
1115 arm_req->source_nodeid = nodeid;
1116 arm_req->destination_nodeid = host->node_id;
1117 arm_req->tlabel = (flags >> 10) & 0x3f;
1118 arm_req->tcode = (flags >> 4) & 0x0f;
1119 arm_req_resp->request = int2ptr((arm_addr->recvb) +
1120 sizeof(struct
1121 arm_request_response));
1122 arm_req_resp->response =
1123 int2ptr((arm_addr->recvb) +
1124 sizeof(struct arm_request_response) +
1125 sizeof(struct arm_request));
1126 queue_complete_req(req);
1127 }
4a9949d7 1128 spin_unlock_irqrestore(&host_info_lock, irqflags);
1da177e4
LT		 1129 return (rcode);
1130}
1131
1132static int arm_write(struct hpsb_host *host, int nodeid, int destid,
1133 quadlet_t * data, u64 addr, size_t length, u16 flags)
1134{
4a9949d7 1135 unsigned long irqflags;
1da177e4
LT		 1136 struct pending_request *req;
1137 struct host_info *hi;
1138 struct file_info *fi = NULL;
1139 struct list_head *entry;
1140 struct arm_addr *arm_addr = NULL;
1141 struct arm_request *arm_req = NULL;
1142 struct arm_response *arm_resp = NULL;
1143 int found = 0, size = 0, rcode = -1, length_conflict = 0;
1144 struct arm_request_response *arm_req_resp = NULL;
1145
1146 DBGMSG("arm_write called by node: %X"
1147 "addr: %4.4x %8.8x length: %Zu", nodeid,
1148 (u16) ((addr >> 32) & 0xFFFF), (u32) (addr & 0xFFFFFFFF),
1149 length);
4a9949d7 1150 spin_lock_irqsave(&host_info_lock, irqflags);
1da177e4
LT		 1151 hi = find_host_info(host); /* search address-entry */
1152 if (hi != NULL) {
1153 list_for_each_entry(fi, &hi->file_info_list, list) {
1154 entry = fi->addr_list.next;
1155 while (entry != &(fi->addr_list)) {
1156 arm_addr =
1157 list_entry(entry, struct arm_addr,
1158 addr_list);
1159 if (((arm_addr->start) <= (addr))
1160 && ((arm_addr->end) >= (addr + length))) {
1161 found = 1;
1162 break;
1163 }
1164 entry = entry->next;
1165 }
1166 if (found) {
1167 break;
1168 }
1169 }
1170 }
1171 rcode = -1;
1172 if (!found) {
1173 printk(KERN_ERR "raw1394: arm_write FAILED addr_entry not found"
1174 " -> rcode_address_error\n");
4a9949d7 1175 spin_unlock_irqrestore(&host_info_lock, irqflags);
1da177e4
LT		 1176 return (RCODE_ADDRESS_ERROR);
1177 } else {
1178 DBGMSG("arm_write addr_entry FOUND");
1179 }
1180 if (arm_addr->rec_length < length) {
1181 DBGMSG("arm_write blocklength too big -> rcode_data_error");
1182 length_conflict = 1;
1183 rcode = RCODE_DATA_ERROR; /* hardware error, data is unavailable */
1184 }
1185 if (rcode == -1) {
1186 if (arm_addr->access_rights & ARM_WRITE) {
1187 if (!(arm_addr->client_transactions & ARM_WRITE)) {
1188 memcpy((arm_addr->addr_space_buffer) +
1189 (addr - (arm_addr->start)), data,
1190 length);
1191 DBGMSG("arm_write -> (rcode_complete)");
1192 rcode = RCODE_COMPLETE;
1193 }
1194 } else {
1195 rcode = RCODE_TYPE_ERROR; /* function not allowed */
1196 DBGMSG("arm_write -> rcode_type_error (access denied)");
1197 }
1198 }
1199 if (arm_addr->notification_options & ARM_WRITE) {
1200 DBGMSG("arm_write -> entering notification-section");
54e6ecb2 1201 req = __alloc_pending_request(GFP_ATOMIC);
1da177e4
LT		 1202 if (!req) {
1203 DBGMSG("arm_write -> rcode_conflict_error");
4a9949d7 1204 spin_unlock_irqrestore(&host_info_lock, irqflags);
1da177e4
LT		 1205 return (RCODE_CONFLICT_ERROR); /* A resource conflict was detected.
1206 The request my be retried */
1207 }
1208 size =
1209 sizeof(struct arm_request) + sizeof(struct arm_response) +
1210 (length) * sizeof(byte_t) +
1211 sizeof(struct arm_request_response);
54e6ecb2 1212 req->data = kmalloc(size, GFP_ATOMIC);
1da177e4
LT		 1213 if (!(req->data)) {
1214 free_pending_request(req);
1215 DBGMSG("arm_write -> rcode_conflict_error");
4a9949d7 1216 spin_unlock_irqrestore(&host_info_lock, irqflags);
1da177e4
LT		 1217 return (RCODE_CONFLICT_ERROR); /* A resource conflict was detected.
1218 The request may be retried */
1219 }
1220 req->free_data = 1;
1221 req->file_info = fi;
1222 req->req.type = RAW1394_REQ_ARM;
1223 req->req.generation = get_hpsb_generation(host);
1224 req->req.misc =
1225 (((length << 16) & (0xFFFF0000)) | (ARM_WRITE & 0xFF));
1226 req->req.tag = arm_addr->arm_tag;
1227 req->req.recvb = arm_addr->recvb;
1228 req->req.length = size;
1229 arm_req_resp = (struct arm_request_response *)(req->data);
1230 arm_req = (struct arm_request *)((byte_t *) (req->data) +
1231 (sizeof
1232 (struct
1233 arm_request_response)));
1234 arm_resp =
1235 (struct arm_response *)((byte_t *) (arm_req) +
1236 (sizeof(struct arm_request)));
1237 arm_resp->buffer = NULL;
1238 memcpy((byte_t *) arm_resp + sizeof(struct arm_response),
1239 data, length);
1240 arm_req->buffer = int2ptr((arm_addr->recvb) +
1241 sizeof(struct arm_request_response) +
1242 sizeof(struct arm_request) +
1243 sizeof(struct arm_response));
1244 arm_req->buffer_length = length;
1245 arm_req->generation = req->req.generation;
1246 arm_req->extended_transaction_code = 0;
1247 arm_req->destination_offset = addr;
1248 arm_req->source_nodeid = nodeid;
1249 arm_req->destination_nodeid = destid;
1250 arm_req->tlabel = (flags >> 10) & 0x3f;
1251 arm_req->tcode = (flags >> 4) & 0x0f;
1252 arm_resp->buffer_length = 0;
1253 arm_resp->response_code = rcode;
1254 arm_req_resp->request = int2ptr((arm_addr->recvb) +
1255 sizeof(struct
1256 arm_request_response));
1257 arm_req_resp->response =
1258 int2ptr((arm_addr->recvb) +
1259 sizeof(struct arm_request_response) +
1260 sizeof(struct arm_request));
1261 queue_complete_req(req);
1262 }
4a9949d7 1263 spin_unlock_irqrestore(&host_info_lock, irqflags);
1da177e4
LT		 1264 return (rcode);
1265}
1266
1267static int arm_lock(struct hpsb_host *host, int nodeid, quadlet_t * store,
1268 u64 addr, quadlet_t data, quadlet_t arg, int ext_tcode,
1269 u16 flags)
1270{
4a9949d7 1271 unsigned long irqflags;
1da177e4
LT		 1272 struct pending_request *req;
1273 struct host_info *hi;
1274 struct file_info *fi = NULL;
1275 struct list_head *entry;
1276 struct arm_addr *arm_addr = NULL;
1277 struct arm_request *arm_req = NULL;
1278 struct arm_response *arm_resp = NULL;
1279 int found = 0, size = 0, rcode = -1;
1280 quadlet_t old, new;
1281 struct arm_request_response *arm_req_resp = NULL;
1282
1283 if (((ext_tcode & 0xFF) == EXTCODE_FETCH_ADD) ||
1284 ((ext_tcode & 0xFF) == EXTCODE_LITTLE_ADD)) {
1285 DBGMSG("arm_lock called by node: %X "
1286 "addr: %4.4x %8.8x extcode: %2.2X data: %8.8X",
1287 nodeid, (u16) ((addr >> 32) & 0xFFFF),
1288 (u32) (addr & 0xFFFFFFFF), ext_tcode & 0xFF,
1289 be32_to_cpu(data));
1290 } else {
1291 DBGMSG("arm_lock called by node: %X "
1292 "addr: %4.4x %8.8x extcode: %2.2X data: %8.8X arg: %8.8X",
1293 nodeid, (u16) ((addr >> 32) & 0xFFFF),
1294 (u32) (addr & 0xFFFFFFFF), ext_tcode & 0xFF,
1295 be32_to_cpu(data), be32_to_cpu(arg));
1296 }
4a9949d7 1297 spin_lock_irqsave(&host_info_lock, irqflags);
1da177e4
LT		 1298 hi = find_host_info(host); /* search address-entry */
1299 if (hi != NULL) {
1300 list_for_each_entry(fi, &hi->file_info_list, list) {
1301 entry = fi->addr_list.next;
1302 while (entry != &(fi->addr_list)) {
1303 arm_addr =
1304 list_entry(entry, struct arm_addr,
1305 addr_list);
1306 if (((arm_addr->start) <= (addr))
1307 && ((arm_addr->end) >=
1308 (addr + sizeof(*store)))) {
1309 found = 1;
1310 break;
1311 }
1312 entry = entry->next;
1313 }
1314 if (found) {
1315 break;
1316 }
1317 }
1318 }
1319 rcode = -1;
1320 if (!found) {
1321 printk(KERN_ERR "raw1394: arm_lock FAILED addr_entry not found"
1322 " -> rcode_address_error\n");
4a9949d7 1323 spin_unlock_irqrestore(&host_info_lock, irqflags);
1da177e4
LT		 1324 return (RCODE_ADDRESS_ERROR);
1325 } else {
1326 DBGMSG("arm_lock addr_entry FOUND");
1327 }
1328 if (rcode == -1) {
1329 if (arm_addr->access_rights & ARM_LOCK) {
1330 if (!(arm_addr->client_transactions & ARM_LOCK)) {
1331 memcpy(&old,
1332 (arm_addr->addr_space_buffer) + (addr -
1333 (arm_addr->
1334 start)),
1335 sizeof(old));
1336 switch (ext_tcode) {
1337 case (EXTCODE_MASK_SWAP):
1338 new = data | (old & ~arg);
1339 break;
1340 case (EXTCODE_COMPARE_SWAP):
1341 if (old == arg) {
1342 new = data;
1343 } else {
1344 new = old;
1345 }
1346 break;
1347 case (EXTCODE_FETCH_ADD):
1348 new =
1349 cpu_to_be32(be32_to_cpu(data) +
1350 be32_to_cpu(old));
1351 break;
1352 case (EXTCODE_LITTLE_ADD):
1353 new =
1354 cpu_to_le32(le32_to_cpu(data) +
1355 le32_to_cpu(old));
1356 break;
1357 case (EXTCODE_BOUNDED_ADD):
1358 if (old != arg) {
1359 new =
1360 cpu_to_be32(be32_to_cpu
1361 (data) +
1362 be32_to_cpu
1363 (old));
1364 } else {
1365 new = old;
1366 }
1367 break;
1368 case (EXTCODE_WRAP_ADD):
1369 if (old != arg) {
1370 new =
1371 cpu_to_be32(be32_to_cpu
1372 (data) +
1373 be32_to_cpu
1374 (old));
1375 } else {
1376 new = data;
1377 }
1378 break;
1379 default:
1380 rcode = RCODE_TYPE_ERROR; /* function not allowed */
1381 printk(KERN_ERR
1382 "raw1394: arm_lock FAILED "
1383 "ext_tcode not allowed -> rcode_type_error\n");
1384 break;
1385 } /*switch */
1386 if (rcode == -1) {
1387 DBGMSG("arm_lock -> (rcode_complete)");
1388 rcode = RCODE_COMPLETE;
1389 memcpy(store, &old, sizeof(*store));
1390 memcpy((arm_addr->addr_space_buffer) +
1391 (addr - (arm_addr->start)),
1392 &new, sizeof(*store));
1393 }
1394 }
1395 } else {
1396 rcode = RCODE_TYPE_ERROR; /* function not allowed */
1397 DBGMSG("arm_lock -> rcode_type_error (access denied)");
1398 }
1399 }
1400 if (arm_addr->notification_options & ARM_LOCK) {
1401 byte_t *buf1, *buf2;
1402 DBGMSG("arm_lock -> entering notification-section");
54e6ecb2 1403 req = __alloc_pending_request(GFP_ATOMIC);
1da177e4
LT		 1404 if (!req) {
1405 DBGMSG("arm_lock -> rcode_conflict_error");
4a9949d7 1406 spin_unlock_irqrestore(&host_info_lock, irqflags);
1da177e4
LT		 1407 return (RCODE_CONFLICT_ERROR); /* A resource conflict was detected.
1408 The request may be retried */
1409 }
1410 size = sizeof(struct arm_request) + sizeof(struct arm_response) + 3 * sizeof(*store) + sizeof(struct arm_request_response); /* maximum */
54e6ecb2 1411 req->data = kmalloc(size, GFP_ATOMIC);
1da177e4
LT		 1412 if (!(req->data)) {
1413 free_pending_request(req);
1414 DBGMSG("arm_lock -> rcode_conflict_error");
4a9949d7 1415 spin_unlock_irqrestore(&host_info_lock, irqflags);
1da177e4
LT		 1416 return (RCODE_CONFLICT_ERROR); /* A resource conflict was detected.
1417 The request may be retried */
1418 }
1419 req->free_data = 1;
1420 arm_req_resp = (struct arm_request_response *)(req->data);
1421 arm_req = (struct arm_request *)((byte_t *) (req->data) +
1422 (sizeof
1423 (struct
1424 arm_request_response)));
1425 arm_resp =
1426 (struct arm_response *)((byte_t *) (arm_req) +
1427 (sizeof(struct arm_request)));
1428 buf1 = (byte_t *) arm_resp + sizeof(struct arm_response);
1429 buf2 = buf1 + 2 * sizeof(*store);
1430 if ((ext_tcode == EXTCODE_FETCH_ADD) ||
1431 (ext_tcode == EXTCODE_LITTLE_ADD)) {
1432 arm_req->buffer_length = sizeof(*store);
1433 memcpy(buf1, &data, sizeof(*store));
1434
1435 } else {
1436 arm_req->buffer_length = 2 * sizeof(*store);
1437 memcpy(buf1, &arg, sizeof(*store));
1438 memcpy(buf1 + sizeof(*store), &data, sizeof(*store));
1439 }
1440 if (rcode == RCODE_COMPLETE) {
1441 arm_resp->buffer_length = sizeof(*store);
1442 memcpy(buf2, &old, sizeof(*store));
1443 } else {
1444 arm_resp->buffer_length = 0;
1445 }
1446 req->file_info = fi;
1447 req->req.type = RAW1394_REQ_ARM;
1448 req->req.generation = get_hpsb_generation(host);
1449 req->req.misc = ((((sizeof(*store)) << 16) & (0xFFFF0000)) |
1450 (ARM_LOCK & 0xFF));
1451 req->req.tag = arm_addr->arm_tag;
1452 req->req.recvb = arm_addr->recvb;
1453 req->req.length = size;
1454 arm_req->generation = req->req.generation;
1455 arm_req->extended_transaction_code = ext_tcode;
1456 arm_req->destination_offset = addr;
1457 arm_req->source_nodeid = nodeid;
1458 arm_req->destination_nodeid = host->node_id;
1459 arm_req->tlabel = (flags >> 10) & 0x3f;
1460 arm_req->tcode = (flags >> 4) & 0x0f;
1461 arm_resp->response_code = rcode;
1462 arm_req_resp->request = int2ptr((arm_addr->recvb) +
1463 sizeof(struct
1464 arm_request_response));
1465 arm_req_resp->response =
1466 int2ptr((arm_addr->recvb) +
1467 sizeof(struct arm_request_response) +
1468 sizeof(struct arm_request));
1469 arm_req->buffer =
1470 int2ptr((arm_addr->recvb) +
1471 sizeof(struct arm_request_response) +
1472 sizeof(struct arm_request) +
1473 sizeof(struct arm_response));
1474 arm_resp->buffer =
1475 int2ptr((arm_addr->recvb) +
1476 sizeof(struct arm_request_response) +
1477 sizeof(struct arm_request) +
1478 sizeof(struct arm_response) + 2 * sizeof(*store));
1479 queue_complete_req(req);
1480 }
4a9949d7 1481 spin_unlock_irqrestore(&host_info_lock, irqflags);
1da177e4
LT		 1482 return (rcode);
1483}
1484
1485static int arm_lock64(struct hpsb_host *host, int nodeid, octlet_t * store,
1486 u64 addr, octlet_t data, octlet_t arg, int ext_tcode,
1487 u16 flags)
1488{
4a9949d7 1489 unsigned long irqflags;
1da177e4
LT		 1490 struct pending_request *req;
1491 struct host_info *hi;
1492 struct file_info *fi = NULL;
1493 struct list_head *entry;
1494 struct arm_addr *arm_addr = NULL;
1495 struct arm_request *arm_req = NULL;
1496 struct arm_response *arm_resp = NULL;
1497 int found = 0, size = 0, rcode = -1;
1498 octlet_t old, new;
1499 struct arm_request_response *arm_req_resp = NULL;
1500
1501 if (((ext_tcode & 0xFF) == EXTCODE_FETCH_ADD) ||
1502 ((ext_tcode & 0xFF) == EXTCODE_LITTLE_ADD)) {
1503 DBGMSG("arm_lock64 called by node: %X "
1504 "addr: %4.4x %8.8x extcode: %2.2X data: %8.8X %8.8X ",
1505 nodeid, (u16) ((addr >> 32) & 0xFFFF),
1506 (u32) (addr & 0xFFFFFFFF),
1507 ext_tcode & 0xFF,
1508 (u32) ((be64_to_cpu(data) >> 32) & 0xFFFFFFFF),
1509 (u32) (be64_to_cpu(data) & 0xFFFFFFFF));
1510 } else {
1511 DBGMSG("arm_lock64 called by node: %X "
1512 "addr: %4.4x %8.8x extcode: %2.2X data: %8.8X %8.8X arg: "
1513 "%8.8X %8.8X ",
1514 nodeid, (u16) ((addr >> 32) & 0xFFFF),
1515 (u32) (addr & 0xFFFFFFFF),
1516 ext_tcode & 0xFF,
1517 (u32) ((be64_to_cpu(data) >> 32) & 0xFFFFFFFF),
1518 (u32) (be64_to_cpu(data) & 0xFFFFFFFF),
1519 (u32) ((be64_to_cpu(arg) >> 32) & 0xFFFFFFFF),
1520 (u32) (be64_to_cpu(arg) & 0xFFFFFFFF));
1521 }
4a9949d7 1522 spin_lock_irqsave(&host_info_lock, irqflags);
1da177e4
LT		 1523 hi = find_host_info(host); /* search addressentry in file_info's for host */
1524 if (hi != NULL) {
1525 list_for_each_entry(fi, &hi->file_info_list, list) {
1526 entry = fi->addr_list.next;
1527 while (entry != &(fi->addr_list)) {
1528 arm_addr =
1529 list_entry(entry, struct arm_addr,
1530 addr_list);
1531 if (((arm_addr->start) <= (addr))
1532 && ((arm_addr->end) >=
1533 (addr + sizeof(*store)))) {
1534 found = 1;
1535 break;
1536 }
1537 entry = entry->next;
1538 }
1539 if (found) {
1540 break;
1541 }
1542 }
1543 }
1544 rcode = -1;
1545 if (!found) {
1546 printk(KERN_ERR
1547 "raw1394: arm_lock64 FAILED addr_entry not found"
1548 " -> rcode_address_error\n");
4a9949d7 1549 spin_unlock_irqrestore(&host_info_lock, irqflags);
1da177e4
LT		 1550 return (RCODE_ADDRESS_ERROR);
1551 } else {
1552 DBGMSG("arm_lock64 addr_entry FOUND");
1553 }
1554 if (rcode == -1) {
1555 if (arm_addr->access_rights & ARM_LOCK) {
1556 if (!(arm_addr->client_transactions & ARM_LOCK)) {
1557 memcpy(&old,
1558 (arm_addr->addr_space_buffer) + (addr -
1559 (arm_addr->
1560 start)),
1561 sizeof(old));
1562 switch (ext_tcode) {
1563 case (EXTCODE_MASK_SWAP):
1564 new = data | (old & ~arg);
1565 break;
1566 case (EXTCODE_COMPARE_SWAP):
1567 if (old == arg) {
1568 new = data;
1569 } else {
1570 new = old;
1571 }
1572 break;
1573 case (EXTCODE_FETCH_ADD):
1574 new =
1575 cpu_to_be64(be64_to_cpu(data) +
1576 be64_to_cpu(old));
1577 break;
1578 case (EXTCODE_LITTLE_ADD):
1579 new =
1580 cpu_to_le64(le64_to_cpu(data) +
1581 le64_to_cpu(old));
1582 break;
1583 case (EXTCODE_BOUNDED_ADD):
1584 if (old != arg) {
1585 new =
1586 cpu_to_be64(be64_to_cpu
1587 (data) +
1588 be64_to_cpu
1589 (old));
1590 } else {
1591 new = old;
1592 }
1593 break;
1594 case (EXTCODE_WRAP_ADD):
1595 if (old != arg) {
1596 new =
1597 cpu_to_be64(be64_to_cpu
1598 (data) +
1599 be64_to_cpu
1600 (old));
1601 } else {
1602 new = data;
1603 }
1604 break;
1605 default:
1606 printk(KERN_ERR
1607 "raw1394: arm_lock64 FAILED "
1608 "ext_tcode not allowed -> rcode_type_error\n");
1609 rcode = RCODE_TYPE_ERROR; /* function not allowed */
1610 break;
1611 } /*switch */
1612 if (rcode == -1) {
1613 DBGMSG
1614 ("arm_lock64 -> (rcode_complete)");
1615 rcode = RCODE_COMPLETE;
1616 memcpy(store, &old, sizeof(*store));
1617 memcpy((arm_addr->addr_space_buffer) +
1618 (addr - (arm_addr->start)),
1619 &new, sizeof(*store));
1620 }
1621 }
1622 } else {
1623 rcode = RCODE_TYPE_ERROR; /* function not allowed */
1624 DBGMSG
1625 ("arm_lock64 -> rcode_type_error (access denied)");
1626 }
1627 }
1628 if (arm_addr->notification_options & ARM_LOCK) {
1629 byte_t *buf1, *buf2;
1630 DBGMSG("arm_lock64 -> entering notification-section");
54e6ecb2 1631 req = __alloc_pending_request(GFP_ATOMIC);
1da177e4 1632 if (!req) {
4a9949d7 1633 spin_unlock_irqrestore(&host_info_lock, irqflags);
1da177e4
LT		 1634 DBGMSG("arm_lock64 -> rcode_conflict_error");
1635 return (RCODE_CONFLICT_ERROR); /* A resource conflict was detected.
1636 The request may be retried */
1637 }
1638 size = sizeof(struct arm_request) + sizeof(struct arm_response) + 3 * sizeof(*store) + sizeof(struct arm_request_response); /* maximum */
54e6ecb2 1639 req->data = kmalloc(size, GFP_ATOMIC);
1da177e4
LT		 1640 if (!(req->data)) {
1641 free_pending_request(req);
4a9949d7 1642 spin_unlock_irqrestore(&host_info_lock, irqflags);
1da177e4
LT		 1643 DBGMSG("arm_lock64 -> rcode_conflict_error");
1644 return (RCODE_CONFLICT_ERROR); /* A resource conflict was detected.
1645 The request may be retried */
1646 }
1647 req->free_data = 1;
1648 arm_req_resp = (struct arm_request_response *)(req->data);
1649 arm_req = (struct arm_request *)((byte_t *) (req->data) +
1650 (sizeof
1651 (struct
1652 arm_request_response)));
1653 arm_resp =
1654 (struct arm_response *)((byte_t *) (arm_req) +
1655 (sizeof(struct arm_request)));
1656 buf1 = (byte_t *) arm_resp + sizeof(struct arm_response);
1657 buf2 = buf1 + 2 * sizeof(*store);
1658 if ((ext_tcode == EXTCODE_FETCH_ADD) ||
1659 (ext_tcode == EXTCODE_LITTLE_ADD)) {
1660 arm_req->buffer_length = sizeof(*store);
1661 memcpy(buf1, &data, sizeof(*store));
1662
1663 } else {
1664 arm_req->buffer_length = 2 * sizeof(*store);
1665 memcpy(buf1, &arg, sizeof(*store));
1666 memcpy(buf1 + sizeof(*store), &data, sizeof(*store));
1667 }
1668 if (rcode == RCODE_COMPLETE) {
1669 arm_resp->buffer_length = sizeof(*store);
1670 memcpy(buf2, &old, sizeof(*store));
1671 } else {
1672 arm_resp->buffer_length = 0;
1673 }
1674 req->file_info = fi;
1675 req->req.type = RAW1394_REQ_ARM;
1676 req->req.generation = get_hpsb_generation(host);
1677 req->req.misc = ((((sizeof(*store)) << 16) & (0xFFFF0000)) |
1678 (ARM_LOCK & 0xFF));
1679 req->req.tag = arm_addr->arm_tag;
1680 req->req.recvb = arm_addr->recvb;
1681 req->req.length = size;
1682 arm_req->generation = req->req.generation;
1683 arm_req->extended_transaction_code = ext_tcode;
1684 arm_req->destination_offset = addr;
1685 arm_req->source_nodeid = nodeid;
1686 arm_req->destination_nodeid = host->node_id;
1687 arm_req->tlabel = (flags >> 10) & 0x3f;
1688 arm_req->tcode = (flags >> 4) & 0x0f;
1689 arm_resp->response_code = rcode;
1690 arm_req_resp->request = int2ptr((arm_addr->recvb) +
1691 sizeof(struct
1692 arm_request_response));
1693 arm_req_resp->response =
1694 int2ptr((arm_addr->recvb) +
1695 sizeof(struct arm_request_response) +
1696 sizeof(struct arm_request));
1697 arm_req->buffer =
1698 int2ptr((arm_addr->recvb) +
1699 sizeof(struct arm_request_response) +
1700 sizeof(struct arm_request) +
1701 sizeof(struct arm_response));
1702 arm_resp->buffer =
1703 int2ptr((arm_addr->recvb) +
1704 sizeof(struct arm_request_response) +
1705 sizeof(struct arm_request) +
1706 sizeof(struct arm_response) + 2 * sizeof(*store));
1707 queue_complete_req(req);
1708 }
4a9949d7 1709 spin_unlock_irqrestore(&host_info_lock, irqflags);
1da177e4
LT		 1710 return (rcode);
1711}
1712
1713static int arm_register(struct file_info *fi, struct pending_request *req)
1714{
1715 int retval;
1716 struct arm_addr *addr;
1717 struct host_info *hi;
1718 struct file_info *fi_hlp = NULL;
1719 struct list_head *entry;
1720 struct arm_addr *arm_addr = NULL;
1721 int same_host, another_host;
1722 unsigned long flags;
1723
1724 DBGMSG("arm_register called "
1725 "addr(Offset): %8.8x %8.8x length: %u "
1726 "rights: %2.2X notify: %2.2X "
1727 "max_blk_len: %4.4X",
1728 (u32) ((req->req.address >> 32) & 0xFFFF),
1729 (u32) (req->req.address & 0xFFFFFFFF),
1730 req->req.length, ((req->req.misc >> 8) & 0xFF),
1731 (req->req.misc & 0xFF), ((req->req.misc >> 16) & 0xFFFF));
1732 /* check addressrange */
1733 if ((((req->req.address) & ~(0xFFFFFFFFFFFFULL)) != 0) ||
1734 (((req->req.address + req->req.length) & ~(0xFFFFFFFFFFFFULL)) !=
1735 0)) {
1736 req->req.length = 0;
1737 return (-EINVAL);
1738 }
1739 /* addr-list-entry for fileinfo */
8551158a 1740 addr = kmalloc(sizeof(*addr), SLAB_KERNEL);
1da177e4
LT		 1741 if (!addr) {
1742 req->req.length = 0;
1743 return (-ENOMEM);
1744 }
1745 /* allocation of addr_space_buffer */
8551158a 1746 addr->addr_space_buffer = vmalloc(req->req.length);
1da177e4
LT		 1747 if (!(addr->addr_space_buffer)) {
1748 kfree(addr);
1749 req->req.length = 0;
1750 return (-ENOMEM);
1751 }
1752 /* initialization of addr_space_buffer */
1753 if ((req->req.sendb) == (unsigned long)NULL) {
1754 /* init: set 0 */
1755 memset(addr->addr_space_buffer, 0, req->req.length);
1756 } else {
1757 /* init: user -> kernel */
1758 if (copy_from_user
1759 (addr->addr_space_buffer, int2ptr(req->req.sendb),
1760 req->req.length)) {
1761 vfree(addr->addr_space_buffer);
1762 kfree(addr);
1763 return (-EFAULT);
1764 }
1765 }
1766 INIT_LIST_HEAD(&addr->addr_list);
1767 addr->arm_tag = req->req.tag;
1768 addr->start = req->req.address;
1769 addr->end = req->req.address + req->req.length;
1770 addr->access_rights = (u8) (req->req.misc & 0x0F);
1771 addr->notification_options = (u8) ((req->req.misc >> 4) & 0x0F);
1772 addr->client_transactions = (u8) ((req->req.misc >> 8) & 0x0F);
1773 addr->access_rights |= addr->client_transactions;
1774 addr->notification_options |= addr->client_transactions;
1775 addr->recvb = req->req.recvb;
1776 addr->rec_length = (u16) ((req->req.misc >> 16) & 0xFFFF);
3253b669 1777
1da177e4
LT		 1778 spin_lock_irqsave(&host_info_lock, flags);
1779 hi = find_host_info(fi->host);
1780 same_host = 0;
1781 another_host = 0;
1782 /* same host with address-entry containing same addressrange ? */
1783 list_for_each_entry(fi_hlp, &hi->file_info_list, list) {
1784 entry = fi_hlp->addr_list.next;
1785 while (entry != &(fi_hlp->addr_list)) {
1786 arm_addr =
1787 list_entry(entry, struct arm_addr, addr_list);
1788 if ((arm_addr->start == addr->start)
1789 && (arm_addr->end == addr->end)) {
1790 DBGMSG("same host ownes same "
1791 "addressrange -> EALREADY");
1792 same_host = 1;
1793 break;
1794 }
1795 entry = entry->next;
1796 }
1797 if (same_host) {
1798 break;
1799 }
1800 }
1801 if (same_host) {
1802 /* addressrange occupied by same host */
3253b669 1803 spin_unlock_irqrestore(&host_info_lock, flags);
1da177e4
LT		 1804 vfree(addr->addr_space_buffer);
1805 kfree(addr);
1da177e4
LT		 1806 return (-EALREADY);
1807 }
1808 /* another host with valid address-entry containing same addressrange */
1809 list_for_each_entry(hi, &host_info_list, list) {
1810 if (hi->host != fi->host) {
1811 list_for_each_entry(fi_hlp, &hi->file_info_list, list) {
1812 entry = fi_hlp->addr_list.next;
1813 while (entry != &(fi_hlp->addr_list)) {
1814 arm_addr =
1815 list_entry(entry, struct arm_addr,
1816 addr_list);
1817 if ((arm_addr->start == addr->start)
1818 && (arm_addr->end == addr->end)) {
1819 DBGMSG
1820 ("another host ownes same "
1821 "addressrange");
1822 another_host = 1;
1823 break;
1824 }
1825 entry = entry->next;
1826 }
1827 if (another_host) {
1828 break;
1829 }
1830 }
1831 }
1832 }
3253b669
SR		 1833 spin_unlock_irqrestore(&host_info_lock, flags);
1834
1da177e4
LT		 1835 if (another_host) {
1836 DBGMSG("another hosts entry is valid -> SUCCESS");
1837 if (copy_to_user(int2ptr(req->req.recvb),
1838 &addr->start, sizeof(u64))) {
1839 printk(KERN_ERR "raw1394: arm_register failed "
1840 " address-range-entry is invalid -> EFAULT !!!\n");
1841 vfree(addr->addr_space_buffer);
1842 kfree(addr);
1da177e4
LT		 1843 return (-EFAULT);
1844 }
1845 free_pending_request(req); /* immediate success or fail */
1846 /* INSERT ENTRY */
3253b669 1847 spin_lock_irqsave(&host_info_lock, flags);
1da177e4
LT		 1848 list_add_tail(&addr->addr_list, &fi->addr_list);
1849 spin_unlock_irqrestore(&host_info_lock, flags);
1850 return sizeof(struct raw1394_request);
1851 }
1852 retval =
1853 hpsb_register_addrspace(&raw1394_highlevel, fi->host, &arm_ops,
1854 req->req.address,
1855 req->req.address + req->req.length);
1856 if (retval) {
1857 /* INSERT ENTRY */
3253b669 1858 spin_lock_irqsave(&host_info_lock, flags);
1da177e4 1859 list_add_tail(&addr->addr_list, &fi->addr_list);
3253b669 1860 spin_unlock_irqrestore(&host_info_lock, flags);
1da177e4
LT		 1861 } else {
1862 DBGMSG("arm_register failed errno: %d \n", retval);
1863 vfree(addr->addr_space_buffer);
1864 kfree(addr);
1da177e4
LT		 1865 return (-EALREADY);
1866 }
1da177e4
LT		 1867 free_pending_request(req); /* immediate success or fail */
1868 return sizeof(struct raw1394_request);
1869}
1870
1871static int arm_unregister(struct file_info *fi, struct pending_request *req)
1872{
1873 int found = 0;
1874 int retval = 0;
1875 struct list_head *entry;
1876 struct arm_addr *addr = NULL;
1877 struct host_info *hi;
1878 struct file_info *fi_hlp = NULL;
1879 struct arm_addr *arm_addr = NULL;
1880 int another_host;
1881 unsigned long flags;
1882
1883 DBGMSG("arm_Unregister called addr(Offset): "
1884 "%8.8x %8.8x",
1885 (u32) ((req->req.address >> 32) & 0xFFFF),
1886 (u32) (req->req.address & 0xFFFFFFFF));
1887 spin_lock_irqsave(&host_info_lock, flags);
1888 /* get addr */
1889 entry = fi->addr_list.next;
1890 while (entry != &(fi->addr_list)) {
1891 addr = list_entry(entry, struct arm_addr, addr_list);
1892 if (addr->start == req->req.address) {
1893 found = 1;
1894 break;
1895 }
1896 entry = entry->next;
1897 }
1898 if (!found) {
1899 DBGMSG("arm_Unregister addr not found");
1900 spin_unlock_irqrestore(&host_info_lock, flags);
1901 return (-EINVAL);
1902 }
1903 DBGMSG("arm_Unregister addr found");
1904 another_host = 0;
1905 /* another host with valid address-entry containing
1906 same addressrange */
1907 list_for_each_entry(hi, &host_info_list, list) {
1908 if (hi->host != fi->host) {
1909 list_for_each_entry(fi_hlp, &hi->file_info_list, list) {
1910 entry = fi_hlp->addr_list.next;
1911 while (entry != &(fi_hlp->addr_list)) {
1912 arm_addr = list_entry(entry,
1913 struct arm_addr,
1914 addr_list);
1915 if (arm_addr->start == addr->start) {
1916 DBGMSG("another host ownes "
1917 "same addressrange");
1918 another_host = 1;
1919 break;
1920 }
1921 entry = entry->next;
1922 }
1923 if (another_host) {
1924 break;
1925 }
1926 }
1927 }
1928 }
1929 if (another_host) {
1930 DBGMSG("delete entry from list -> success");
1931 list_del(&addr->addr_list);
3253b669 1932 spin_unlock_irqrestore(&host_info_lock, flags);
1da177e4
LT		 1933 vfree(addr->addr_space_buffer);
1934 kfree(addr);
1935 free_pending_request(req); /* immediate success or fail */
1da177e4
LT		 1936 return sizeof(struct raw1394_request);
1937 }
1938 retval =
1939 hpsb_unregister_addrspace(&raw1394_highlevel, fi->host,
1940 addr->start);
1941 if (!retval) {
1942 printk(KERN_ERR "raw1394: arm_Unregister failed -> EINVAL\n");
1943 spin_unlock_irqrestore(&host_info_lock, flags);
1944 return (-EINVAL);
1945 }
1946 DBGMSG("delete entry from list -> success");
1947 list_del(&addr->addr_list);
1948 spin_unlock_irqrestore(&host_info_lock, flags);
1949 vfree(addr->addr_space_buffer);
1950 kfree(addr);
1951 free_pending_request(req); /* immediate success or fail */
1952 return sizeof(struct raw1394_request);
1953}
1954
1955/* Copy data from ARM buffer(s) to user buffer. */
1956static int arm_get_buf(struct file_info *fi, struct pending_request *req)
1957{
1958 struct arm_addr *arm_addr = NULL;
1959 unsigned long flags;
1960 unsigned long offset;
1961
1962 struct list_head *entry;
1963
1964 DBGMSG("arm_get_buf "
1965 "addr(Offset): %04X %08X length: %u",
1966 (u32) ((req->req.address >> 32) & 0xFFFF),
1967 (u32) (req->req.address & 0xFFFFFFFF), (u32) req->req.length);
1968
1969 spin_lock_irqsave(&host_info_lock, flags);
1970 entry = fi->addr_list.next;
1971 while (entry != &(fi->addr_list)) {
1972 arm_addr = list_entry(entry, struct arm_addr, addr_list);
1973 if ((arm_addr->start <= req->req.address) &&
1974 (arm_addr->end > req->req.address)) {
1975 if (req->req.address + req->req.length <= arm_addr->end) {
1976 offset = req->req.address - arm_addr->start;
3253b669 1977 spin_unlock_irqrestore(&host_info_lock, flags);
1da177e4
LT		 1978
1979 DBGMSG
1980 ("arm_get_buf copy_to_user( %08X, %p, %u )",
1981 (u32) req->req.recvb,
1982 arm_addr->addr_space_buffer + offset,
1983 (u32) req->req.length);
1da177e4
LT		 1984 if (copy_to_user
1985 (int2ptr(req->req.recvb),
1986 arm_addr->addr_space_buffer + offset,
3253b669 1987 req->req.length))
1da177e4 1988 return (-EFAULT);
1da177e4 1989
1da177e4
LT		 1990 /* We have to free the request, because we
1991 * queue no response, and therefore nobody
1992 * will free it. */
1993 free_pending_request(req);
1994 return sizeof(struct raw1394_request);
1995 } else {
1996 DBGMSG("arm_get_buf request exceeded mapping");
1997 spin_unlock_irqrestore(&host_info_lock, flags);
1998 return (-EINVAL);
1999 }
2000 }
2001 entry = entry->next;
2002 }
2003 spin_unlock_irqrestore(&host_info_lock, flags);
2004 return (-EINVAL);
2005}
2006
2007/* Copy data from user buffer to ARM buffer(s). */
2008static int arm_set_buf(struct file_info *fi, struct pending_request *req)
2009{
2010 struct arm_addr *arm_addr = NULL;
2011 unsigned long flags;
2012 unsigned long offset;
2013
2014 struct list_head *entry;
2015
2016 DBGMSG("arm_set_buf "
2017 "addr(Offset): %04X %08X length: %u",
2018 (u32) ((req->req.address >> 32) & 0xFFFF),
2019 (u32) (req->req.address & 0xFFFFFFFF), (u32) req->req.length);
2020
2021 spin_lock_irqsave(&host_info_lock, flags);
2022 entry = fi->addr_list.next;
2023 while (entry != &(fi->addr_list)) {
2024 arm_addr = list_entry(entry, struct arm_addr, addr_list);
2025 if ((arm_addr->start <= req->req.address) &&
2026 (arm_addr->end > req->req.address)) {
2027 if (req->req.address + req->req.length <= arm_addr->end) {
2028 offset = req->req.address - arm_addr->start;
3253b669 2029 spin_unlock_irqrestore(&host_info_lock, flags);
1da177e4
LT		 2030
2031 DBGMSG
2032 ("arm_set_buf copy_from_user( %p, %08X, %u )",
2033 arm_addr->addr_space_buffer + offset,
2034 (u32) req->req.sendb,
2035 (u32) req->req.length);
1da177e4
LT		 2036 if (copy_from_user
2037 (arm_addr->addr_space_buffer + offset,
2038 int2ptr(req->req.sendb),
3253b669 2039 req->req.length))
1da177e4 2040 return (-EFAULT);
1da177e4 2041
3253b669
SR		 2042 /* We have to free the request, because we
2043 * queue no response, and therefore nobody
2044 * will free it. */
2045 free_pending_request(req);
1da177e4
LT		 2046 return sizeof(struct raw1394_request);
2047 } else {
2048 DBGMSG("arm_set_buf request exceeded mapping");
2049 spin_unlock_irqrestore(&host_info_lock, flags);
2050 return (-EINVAL);
2051 }
2052 }
2053 entry = entry->next;
2054 }
2055 spin_unlock_irqrestore(&host_info_lock, flags);
2056 return (-EINVAL);
2057}
2058
2059static int reset_notification(struct file_info *fi, struct pending_request *req)
2060{
2061 DBGMSG("reset_notification called - switch %s ",
2062 (req->req.misc == RAW1394_NOTIFY_OFF) ? "OFF" : "ON");
2063 if ((req->req.misc == RAW1394_NOTIFY_OFF) ||
2064 (req->req.misc == RAW1394_NOTIFY_ON)) {
2065 fi->notification = (u8) req->req.misc;
2066 free_pending_request(req); /* we have to free the request, because we queue no response, and therefore nobody will free it */
2067 return sizeof(struct raw1394_request);
2068 }
2069 /* error EINVAL (22) invalid argument */
2070 return (-EINVAL);
2071}
2072
2073static int write_phypacket(struct file_info *fi, struct pending_request *req)
2074{
2075 struct hpsb_packet *packet = NULL;
2076 int retval = 0;
2077 quadlet_t data;
4a9949d7 2078 unsigned long flags;
1da177e4
LT		 2079
2080 data = be32_to_cpu((u32) req->req.sendb);
2081 DBGMSG("write_phypacket called - quadlet 0x%8.8x ", data);
2082 packet = hpsb_make_phypacket(fi->host, data);
2083 if (!packet)
2084 return -ENOMEM;
2085 req->req.length = 0;
2086 req->packet = packet;
2087 hpsb_set_packet_complete_task(packet,
2088 (void (*)(void *))queue_complete_cb, req);
4a9949d7 2089 spin_lock_irqsave(&fi->reqlists_lock, flags);
1da177e4 2090 list_add_tail(&req->list, &fi->req_pending);
4a9949d7 2091 spin_unlock_irqrestore(&fi->reqlists_lock, flags);
1da177e4
LT		 2092 packet->generation = req->req.generation;
2093 retval = hpsb_send_packet(packet);
2094 DBGMSG("write_phypacket send_packet called => retval: %d ", retval);
2095 if (retval < 0) {
2096 req->req.error = RAW1394_ERROR_SEND_ERROR;
2097 req->req.length = 0;
2098 queue_complete_req(req);
2099 }
2100 return sizeof(struct raw1394_request);
2101}
2102
2103static int get_config_rom(struct file_info *fi, struct pending_request *req)
2104{
2105 int ret = sizeof(struct raw1394_request);
2106 quadlet_t *data = kmalloc(req->req.length, SLAB_KERNEL);
2107 int status;
2108
2109 if (!data)
2110 return -ENOMEM;
2111
2112 status =
2113 csr1212_read(fi->host->csr.rom, CSR1212_CONFIG_ROM_SPACE_OFFSET,
2114 data, req->req.length);
2115 if (copy_to_user(int2ptr(req->req.recvb), data, req->req.length))
2116 ret = -EFAULT;
2117 if (copy_to_user
2118 (int2ptr(req->req.tag), &fi->host->csr.rom->cache_head->len,
2119 sizeof(fi->host->csr.rom->cache_head->len)))
2120 ret = -EFAULT;
2121 if (copy_to_user(int2ptr(req->req.address), &fi->host->csr.generation,
2122 sizeof(fi->host->csr.generation)))
2123 ret = -EFAULT;
2124 if (copy_to_user(int2ptr(req->req.sendb), &status, sizeof(status)))
2125 ret = -EFAULT;
2126 kfree(data);
2127 if (ret >= 0) {
2128 free_pending_request(req); /* we have to free the request, because we queue no response, and therefore nobody will free it */
2129 }
2130 return ret;
2131}
2132
2133static int update_config_rom(struct file_info *fi, struct pending_request *req)
2134{
2135 int ret = sizeof(struct raw1394_request);
2136 quadlet_t *data = kmalloc(req->req.length, SLAB_KERNEL);
2137 if (!data)
2138 return -ENOMEM;
2139 if (copy_from_user(data, int2ptr(req->req.sendb), req->req.length)) {
2140 ret = -EFAULT;
2141 } else {
2142 int status = hpsb_update_config_rom(fi->host,
2143 data, req->req.length,
2144 (unsigned char)req->req.
2145 misc);
2146 if (copy_to_user
2147 (int2ptr(req->req.recvb), &status, sizeof(status)))
2148 ret = -ENOMEM;
2149 }
2150 kfree(data);
2151 if (ret >= 0) {
2152 free_pending_request(req); /* we have to free the request, because we queue no response, and therefore nobody will free it */
2153 fi->cfgrom_upd = 1;
2154 }
2155 return ret;
2156}
2157
2158static int modify_config_rom(struct file_info *fi, struct pending_request *req)
2159{
2160 struct csr1212_keyval *kv;
2161 struct csr1212_csr_rom_cache *cache;
2162 struct csr1212_dentry *dentry;
2163 u32 dr;
2164 int ret = 0;
2165
2166 if (req->req.misc == ~0) {
2167 if (req->req.length == 0)
2168 return -EINVAL;
2169
2170 /* Find an unused slot */
2171 for (dr = 0;
2172 dr < RAW1394_MAX_USER_CSR_DIRS && fi->csr1212_dirs[dr];
2173 dr++) ;
2174
2175 if (dr == RAW1394_MAX_USER_CSR_DIRS)
2176 return -ENOMEM;
2177
2178 fi->csr1212_dirs[dr] =
2179 csr1212_new_directory(CSR1212_KV_ID_VENDOR);
2180 if (!fi->csr1212_dirs[dr])
2181 return -ENOMEM;
2182 } else {
2183 dr = req->req.misc;
2184 if (!fi->csr1212_dirs[dr])
2185 return -EINVAL;
2186
2187 /* Delete old stuff */
2188 for (dentry =
2189 fi->csr1212_dirs[dr]->value.directory.dentries_head;
2190 dentry; dentry = dentry->next) {
2191 csr1212_detach_keyval_from_directory(fi->host->csr.rom->
2192 root_kv,
2193 dentry->kv);
2194 }
2195
2196 if (req->req.length == 0) {
2197 csr1212_release_keyval(fi->csr1212_dirs[dr]);
2198 fi->csr1212_dirs[dr] = NULL;
2199
2200 hpsb_update_config_rom_image(fi->host);
2201 free_pending_request(req);
2202 return sizeof(struct raw1394_request);
2203 }
2204 }
2205
2206 cache = csr1212_rom_cache_malloc(0, req->req.length);
2207 if (!cache) {
2208 csr1212_release_keyval(fi->csr1212_dirs[dr]);
2209 fi->csr1212_dirs[dr] = NULL;
2210 return -ENOMEM;
2211 }
2212
8551158a 2213 cache->filled_head = kmalloc(sizeof(*cache->filled_head), GFP_KERNEL);
1da177e4
LT		 2214 if (!cache->filled_head) {
2215 csr1212_release_keyval(fi->csr1212_dirs[dr]);
2216 fi->csr1212_dirs[dr] = NULL;
2217 CSR1212_FREE(cache);
2218 return -ENOMEM;
2219 }
2220 cache->filled_tail = cache->filled_head;
2221
2222 if (copy_from_user(cache->data, int2ptr(req->req.sendb),
2223 req->req.length)) {
2224 csr1212_release_keyval(fi->csr1212_dirs[dr]);
2225 fi->csr1212_dirs[dr] = NULL;
1da177e4
LT		 2226 ret = -EFAULT;
2227 } else {
2228 cache->len = req->req.length;
2229 cache->filled_head->offset_start = 0;
2230 cache->filled_head->offset_end = cache->size - 1;
2231
2232 cache->layout_head = cache->layout_tail = fi->csr1212_dirs[dr];
2233
2234 ret = CSR1212_SUCCESS;
2235 /* parse all the items */
2236 for (kv = cache->layout_head; ret == CSR1212_SUCCESS && kv;
2237 kv = kv->next) {
2238 ret = csr1212_parse_keyval(kv, cache);
2239 }
2240
2241 /* attach top level items to the root directory */
2242 for (dentry =
2243 fi->csr1212_dirs[dr]->value.directory.dentries_head;
2244 ret == CSR1212_SUCCESS && dentry; dentry = dentry->next) {
2245 ret =
2246 csr1212_attach_keyval_to_directory(fi->host->csr.
2247 rom->root_kv,
2248 dentry->kv);
2249 }
2250
2251 if (ret == CSR1212_SUCCESS) {
2252 ret = hpsb_update_config_rom_image(fi->host);
2253
2254 if (ret >= 0 && copy_to_user(int2ptr(req->req.recvb),
2255 &dr, sizeof(dr))) {
2256 ret = -ENOMEM;
2257 }
2258 }
2259 }
2260 kfree(cache->filled_head);
b12479dd 2261 CSR1212_FREE(cache);
1da177e4
LT		 2262
2263 if (ret >= 0) {
2264 /* we have to free the request, because we queue no response,
2265 * and therefore nobody will free it */
2266 free_pending_request(req);
2267 return sizeof(struct raw1394_request);
2268 } else {
2269 for (dentry =
2270 fi->csr1212_dirs[dr]->value.directory.dentries_head;
2271 dentry; dentry = dentry->next) {
2272 csr1212_detach_keyval_from_directory(fi->host->csr.rom->
2273 root_kv,
2274 dentry->kv);
2275 }
2276 csr1212_release_keyval(fi->csr1212_dirs[dr]);
2277 fi->csr1212_dirs[dr] = NULL;
2278 return ret;
2279 }
2280}
2281
2282static int state_connected(struct file_info *fi, struct pending_request *req)
2283{
2284 int node = req->req.address >> 48;
2285
2286 req->req.error = RAW1394_ERROR_NONE;
2287
2288 switch (req->req.type) {
2289
2290 case RAW1394_REQ_ECHO:
2291 queue_complete_req(req);
2292 return sizeof(struct raw1394_request);
2293
2294 case RAW1394_REQ_ISO_SEND:
2295 return handle_iso_send(fi, req, node);
2296
2297 case RAW1394_REQ_ARM_REGISTER:
2298 return arm_register(fi, req);
2299
2300 case RAW1394_REQ_ARM_UNREGISTER:
2301 return arm_unregister(fi, req);
2302
2303 case RAW1394_REQ_ARM_SET_BUF:
2304 return arm_set_buf(fi, req);
2305
2306 case RAW1394_REQ_ARM_GET_BUF:
2307 return arm_get_buf(fi, req);
2308
2309 case RAW1394_REQ_RESET_NOTIFY:
2310 return reset_notification(fi, req);
2311
2312 case RAW1394_REQ_ISO_LISTEN:
2313 handle_iso_listen(fi, req);
2314 return sizeof(struct raw1394_request);
2315
2316 case RAW1394_REQ_FCP_LISTEN:
2317 handle_fcp_listen(fi, req);
2318 return sizeof(struct raw1394_request);
2319
2320 case RAW1394_REQ_RESET_BUS:
2321 if (req->req.misc == RAW1394_LONG_RESET) {
2322 DBGMSG("busreset called (type: LONG)");
2323 hpsb_reset_bus(fi->host, LONG_RESET);
2324 free_pending_request(req); /* we have to free the request, because we queue no response, and therefore nobody will free it */
2325 return sizeof(struct raw1394_request);
2326 }
2327 if (req->req.misc == RAW1394_SHORT_RESET) {
2328 DBGMSG("busreset called (type: SHORT)");
2329 hpsb_reset_bus(fi->host, SHORT_RESET);
2330 free_pending_request(req); /* we have to free the request, because we queue no response, and therefore nobody will free it */
2331 return sizeof(struct raw1394_request);
2332 }
2333 /* error EINVAL (22) invalid argument */
2334 return (-EINVAL);
2335 case RAW1394_REQ_GET_ROM:
2336 return get_config_rom(fi, req);
2337
2338 case RAW1394_REQ_UPDATE_ROM:
2339 return update_config_rom(fi, req);
2340
2341 case RAW1394_REQ_MODIFY_ROM:
2342 return modify_config_rom(fi, req);
2343 }
2344
2345 if (req->req.generation != get_hpsb_generation(fi->host)) {
2346 req->req.error = RAW1394_ERROR_GENERATION;
2347 req->req.generation = get_hpsb_generation(fi->host);
2348 req->req.length = 0;
2349 queue_complete_req(req);
2350 return sizeof(struct raw1394_request);
2351 }
2352
2353 switch (req->req.type) {
2354 case RAW1394_REQ_PHYPACKET:
2355 return write_phypacket(fi, req);
2356 case RAW1394_REQ_ASYNC_SEND:
2357 return handle_async_send(fi, req);
2358 }
2359
2360 if (req->req.length == 0) {
2361 req->req.error = RAW1394_ERROR_INVALID_ARG;
2362 queue_complete_req(req);
2363 return sizeof(struct raw1394_request);
2364 }
2365
2366 return handle_async_request(fi, req, node);
2367}
2368
2369static ssize_t raw1394_write(struct file *file, const char __user * buffer,
2370 size_t count, loff_t * offset_is_ignored)
2371{
2372 struct file_info *fi = (struct file_info *)file->private_data;
2373 struct pending_request *req;
2374 ssize_t retval = 0;
2375
4bc32c4d 2376#ifdef CONFIG_COMPAT
7597028a
BC		 2377 if (count == sizeof(struct compat_raw1394_req) &&
2378 sizeof(struct compat_raw1394_req) !=
2379 sizeof(struct raw1394_request)) {
4bc32c4d
AK		 2380 buffer = raw1394_compat_write(buffer);
2381 if (IS_ERR(buffer))
2382 return PTR_ERR(buffer);
2383 } else
2384#endif
1da177e4
LT		 2385 if (count != sizeof(struct raw1394_request)) {
2386 return -EINVAL;
2387 }
2388
2389 req = alloc_pending_request();
2390 if (req == NULL) {
2391 return -ENOMEM;
2392 }
2393 req->file_info = fi;
2394
2395 if (copy_from_user(&req->req, buffer, sizeof(struct raw1394_request))) {
2396 free_pending_request(req);
2397 return -EFAULT;
2398 }
2399
2400 switch (fi->state) {
2401 case opened:
2402 retval = state_opened(fi, req);
2403 break;
2404
2405 case initialized:
2406 retval = state_initialized(fi, req);
2407 break;
2408
2409 case connected:
2410 retval = state_connected(fi, req);
2411 break;
2412 }
2413
2414 if (retval < 0) {
2415 free_pending_request(req);
2416 }
2417
2418 return retval;
2419}
2420
2421/* rawiso operations */
2422
2423/* check if any RAW1394_REQ_RAWISO_ACTIVITY event is already in the
2424 * completion queue (reqlists_lock must be taken) */
2425static inline int __rawiso_event_in_queue(struct file_info *fi)
2426{
2427 struct pending_request *req;
2428
2429 list_for_each_entry(req, &fi->req_complete, list)
2430 if (req->req.type == RAW1394_REQ_RAWISO_ACTIVITY)
2431 return 1;
2432
2433 return 0;
2434}
2435
2436/* put a RAWISO_ACTIVITY event in the queue, if one isn't there already */
2437static void queue_rawiso_event(struct file_info *fi)
2438{
2439 unsigned long flags;
2440
2441 spin_lock_irqsave(&fi->reqlists_lock, flags);
2442
2443 /* only one ISO activity event may be in the queue */
2444 if (!__rawiso_event_in_queue(fi)) {
2445 struct pending_request *req =
54e6ecb2 2446 __alloc_pending_request(GFP_ATOMIC);
1da177e4
LT		 2447
2448 if (req) {
2449 req->file_info = fi;
2450 req->req.type = RAW1394_REQ_RAWISO_ACTIVITY;
2451 req->req.generation = get_hpsb_generation(fi->host);
2452 __queue_complete_req(req);
2453 } else {
2454 /* on allocation failure, signal an overflow */
2455 if (fi->iso_handle) {
2456 atomic_inc(&fi->iso_handle->overflows);
2457 }
2458 }
2459 }
2460 spin_unlock_irqrestore(&fi->reqlists_lock, flags);
2461}
2462
2463static void rawiso_activity_cb(struct hpsb_iso *iso)
2464{
2465 unsigned long flags;
2466 struct host_info *hi;
2467 struct file_info *fi;
2468
2469 spin_lock_irqsave(&host_info_lock, flags);
2470 hi = find_host_info(iso->host);
2471
2472 if (hi != NULL) {
2473 list_for_each_entry(fi, &hi->file_info_list, list) {
2474 if (fi->iso_handle == iso)
2475 queue_rawiso_event(fi);
2476 }
2477 }
2478
2479 spin_unlock_irqrestore(&host_info_lock, flags);
2480}
2481
2482/* helper function - gather all the kernel iso status bits for returning to user-space */
2483static void raw1394_iso_fill_status(struct hpsb_iso *iso,
2484 struct raw1394_iso_status *stat)
2485{
2486 stat->config.data_buf_size = iso->buf_size;
2487 stat->config.buf_packets = iso->buf_packets;
2488 stat->config.channel = iso->channel;
2489 stat->config.speed = iso->speed;
2490 stat->config.irq_interval = iso->irq_interval;
2491 stat->n_packets = hpsb_iso_n_ready(iso);
2492 stat->overflows = atomic_read(&iso->overflows);
2493 stat->xmit_cycle = iso->xmit_cycle;
2494}
2495
2496static int raw1394_iso_xmit_init(struct file_info *fi, void __user * uaddr)
2497{
2498 struct raw1394_iso_status stat;
2499
2500 if (!fi->host)
2501 return -EINVAL;
2502
2503 if (copy_from_user(&stat, uaddr, sizeof(stat)))
2504 return -EFAULT;
2505
2506 fi->iso_handle = hpsb_iso_xmit_init(fi->host,
2507 stat.config.data_buf_size,
2508 stat.config.buf_packets,
2509 stat.config.channel,
2510 stat.config.speed,
2511 stat.config.irq_interval,
2512 rawiso_activity_cb);
2513 if (!fi->iso_handle)
2514 return -ENOMEM;
2515
2516 fi->iso_state = RAW1394_ISO_XMIT;
2517
2518 raw1394_iso_fill_status(fi->iso_handle, &stat);
2519 if (copy_to_user(uaddr, &stat, sizeof(stat)))
2520 return -EFAULT;
2521
2522 /* queue an event to get things started */
2523 rawiso_activity_cb(fi->iso_handle);
2524
2525 return 0;
2526}
2527
2528static int raw1394_iso_recv_init(struct file_info *fi, void __user * uaddr)
2529{
2530 struct raw1394_iso_status stat;
2531
2532 if (!fi->host)
2533 return -EINVAL;
2534
2535 if (copy_from_user(&stat, uaddr, sizeof(stat)))
2536 return -EFAULT;
2537
2538 fi->iso_handle = hpsb_iso_recv_init(fi->host,
2539 stat.config.data_buf_size,
2540 stat.config.buf_packets,
2541 stat.config.channel,
2542 stat.config.dma_mode,
2543 stat.config.irq_interval,
2544 rawiso_activity_cb);
2545 if (!fi->iso_handle)
2546 return -ENOMEM;
2547
2548 fi->iso_state = RAW1394_ISO_RECV;
2549
2550 raw1394_iso_fill_status(fi->iso_handle, &stat);
2551 if (copy_to_user(uaddr, &stat, sizeof(stat)))
2552 return -EFAULT;
2553 return 0;
2554}
2555
2556static int raw1394_iso_get_status(struct file_info *fi, void __user * uaddr)
2557{
2558 struct raw1394_iso_status stat;
2559 struct hpsb_iso *iso = fi->iso_handle;
2560
2561 raw1394_iso_fill_status(fi->iso_handle, &stat);
2562 if (copy_to_user(uaddr, &stat, sizeof(stat)))
2563 return -EFAULT;
2564
2565 /* reset overflow counter */
2566 atomic_set(&iso->overflows, 0);
2567
2568 return 0;
2569}
2570
2571/* copy N packet_infos out of the ringbuffer into user-supplied array */
2572static int raw1394_iso_recv_packets(struct file_info *fi, void __user * uaddr)
2573{
2574 struct raw1394_iso_packets upackets;
2575 unsigned int packet = fi->iso_handle->first_packet;
2576 int i;
2577
2578 if (copy_from_user(&upackets, uaddr, sizeof(upackets)))
2579 return -EFAULT;
2580
2581 if (upackets.n_packets > hpsb_iso_n_ready(fi->iso_handle))
2582 return -EINVAL;
2583
2584 /* ensure user-supplied buffer is accessible and big enough */
2585 if (!access_ok(VERIFY_WRITE, upackets.infos,
c64d472a
JMH		 2586 upackets.n_packets *
2587 sizeof(struct raw1394_iso_packet_info)))
1da177e4
LT		 2588 return -EFAULT;
2589
2590 /* copy the packet_infos out */
2591 for (i = 0; i < upackets.n_packets; i++) {
2592 if (__copy_to_user(&upackets.infos[i],
2593 &fi->iso_handle->infos[packet],
2594 sizeof(struct raw1394_iso_packet_info)))
2595 return -EFAULT;
2596
2597 packet = (packet + 1) % fi->iso_handle->buf_packets;
2598 }
2599
2600 return 0;
2601}
2602
2603/* copy N packet_infos from user to ringbuffer, and queue them for transmission */
2604static int raw1394_iso_send_packets(struct file_info *fi, void __user * uaddr)
2605{
2606 struct raw1394_iso_packets upackets;
2607 int i, rv;
2608
2609 if (copy_from_user(&upackets, uaddr, sizeof(upackets)))
2610 return -EFAULT;
2611
1934b8b6 2612 if (upackets.n_packets >= fi->iso_handle->buf_packets)
1da177e4
LT		 2613 return -EINVAL;
2614
1934b8b6
BC		 2615 if (upackets.n_packets >= hpsb_iso_n_ready(fi->iso_handle))
2616 return -EAGAIN;
2617
1da177e4
LT		 2618 /* ensure user-supplied buffer is accessible and big enough */
2619 if (!access_ok(VERIFY_READ, upackets.infos,
c64d472a
JMH		 2620 upackets.n_packets *
2621 sizeof(struct raw1394_iso_packet_info)))
1da177e4
LT		 2622 return -EFAULT;
2623
2624 /* copy the infos structs in and queue the packets */
2625 for (i = 0; i < upackets.n_packets; i++) {
2626 struct raw1394_iso_packet_info info;
2627
2628 if (__copy_from_user(&info, &upackets.infos[i],
2629 sizeof(struct raw1394_iso_packet_info)))
2630 return -EFAULT;
2631
2632 rv = hpsb_iso_xmit_queue_packet(fi->iso_handle, info.offset,
2633 info.len, info.tag, info.sy);
2634 if (rv)
2635 return rv;
2636 }
2637
2638 return 0;
2639}
2640
2641static void raw1394_iso_shutdown(struct file_info *fi)
2642{
2643 if (fi->iso_handle)
2644 hpsb_iso_shutdown(fi->iso_handle);
2645
2646 fi->iso_handle = NULL;
2647 fi->iso_state = RAW1394_ISO_INACTIVE;
2648}
2649
2650/* mmap the rawiso xmit/recv buffer */
2651static int raw1394_mmap(struct file *file, struct vm_area_struct *vma)
2652{
2653 struct file_info *fi = file->private_data;
2654
2655 if (fi->iso_state == RAW1394_ISO_INACTIVE)
2656 return -EINVAL;
2657
2658 return dma_region_mmap(&fi->iso_handle->data_buf, file, vma);
2659}
2660
2661/* ioctl is only used for rawiso operations */
2662static int raw1394_ioctl(struct inode *inode, struct file *file,
2663 unsigned int cmd, unsigned long arg)
2664{
2665 struct file_info *fi = file->private_data;
2666 void __user *argp = (void __user *)arg;
2667
2668 switch (fi->iso_state) {
2669 case RAW1394_ISO_INACTIVE:
2670 switch (cmd) {
2671 case RAW1394_IOC_ISO_XMIT_INIT:
2672 return raw1394_iso_xmit_init(fi, argp);
2673 case RAW1394_IOC_ISO_RECV_INIT:
2674 return raw1394_iso_recv_init(fi, argp);
2675 default:
2676 break;
2677 }
2678 break;
2679 case RAW1394_ISO_RECV:
2680 switch (cmd) {
2681 case RAW1394_IOC_ISO_RECV_START:{
2682 /* copy args from user-space */
2683 int args[3];
2684 if (copy_from_user
2685 (&args[0], argp, sizeof(args)))
2686 return -EFAULT;
2687 return hpsb_iso_recv_start(fi->iso_handle,
2688 args[0], args[1],
2689 args[2]);
2690 }
2691 case RAW1394_IOC_ISO_XMIT_RECV_STOP:
2692 hpsb_iso_stop(fi->iso_handle);
2693 return 0;
2694 case RAW1394_IOC_ISO_RECV_LISTEN_CHANNEL:
2695 return hpsb_iso_recv_listen_channel(fi->iso_handle,
2696 arg);
2697 case RAW1394_IOC_ISO_RECV_UNLISTEN_CHANNEL:
2698 return hpsb_iso_recv_unlisten_channel(fi->iso_handle,
2699 arg);
2700 case RAW1394_IOC_ISO_RECV_SET_CHANNEL_MASK:{
2701 /* copy the u64 from user-space */
2702 u64 mask;
2703 if (copy_from_user(&mask, argp, sizeof(mask)))
2704 return -EFAULT;
2705 return hpsb_iso_recv_set_channel_mask(fi->
2706 iso_handle,
2707 mask);
2708 }
2709 case RAW1394_IOC_ISO_GET_STATUS:
2710 return raw1394_iso_get_status(fi, argp);
2711 case RAW1394_IOC_ISO_RECV_PACKETS:
2712 return raw1394_iso_recv_packets(fi, argp);
2713 case RAW1394_IOC_ISO_RECV_RELEASE_PACKETS:
2714 return hpsb_iso_recv_release_packets(fi->iso_handle,
2715 arg);
2716 case RAW1394_IOC_ISO_RECV_FLUSH:
2717 return hpsb_iso_recv_flush(fi->iso_handle);
2718 case RAW1394_IOC_ISO_SHUTDOWN:
2719 raw1394_iso_shutdown(fi);
2720 return 0;
2721 case RAW1394_IOC_ISO_QUEUE_ACTIVITY:
2722 queue_rawiso_event(fi);
2723 return 0;
2724 }
2725 break;
2726 case RAW1394_ISO_XMIT:
2727 switch (cmd) {
2728 case RAW1394_IOC_ISO_XMIT_START:{
2729 /* copy two ints from user-space */
2730 int args[2];
2731 if (copy_from_user
2732 (&args[0], argp, sizeof(args)))
2733 return -EFAULT;
2734 return hpsb_iso_xmit_start(fi->iso_handle,
2735 args[0], args[1]);
2736 }
2737 case RAW1394_IOC_ISO_XMIT_SYNC:
2738 return hpsb_iso_xmit_sync(fi->iso_handle);
2739 case RAW1394_IOC_ISO_XMIT_RECV_STOP:
2740 hpsb_iso_stop(fi->iso_handle);
2741 return 0;
2742 case RAW1394_IOC_ISO_GET_STATUS:
2743 return raw1394_iso_get_status(fi, argp);
2744 case RAW1394_IOC_ISO_XMIT_PACKETS:
2745 return raw1394_iso_send_packets(fi, argp);
2746 case RAW1394_IOC_ISO_SHUTDOWN:
2747 raw1394_iso_shutdown(fi);
2748 return 0;
2749 case RAW1394_IOC_ISO_QUEUE_ACTIVITY:
2750 queue_rawiso_event(fi);
2751 return 0;
2752 }
2753 break;
2754 default:
2755 break;
2756 }
2757
2758 return -EINVAL;
2759}
2760
2761static unsigned int raw1394_poll(struct file *file, poll_table * pt)
2762{
2763 struct file_info *fi = file->private_data;
2764 unsigned int mask = POLLOUT | POLLWRNORM;
4a9949d7 2765 unsigned long flags;
1da177e4 2766
45289bf6 2767 poll_wait(file, &fi->wait_complete, pt);
1da177e4 2768
4a9949d7 2769 spin_lock_irqsave(&fi->reqlists_lock, flags);
1da177e4
LT		 2770 if (!list_empty(&fi->req_complete)) {
2771 mask |= POLLIN | POLLRDNORM;
2772 }
4a9949d7 2773 spin_unlock_irqrestore(&fi->reqlists_lock, flags);
1da177e4
LT		 2774
2775 return mask;
2776}
2777
2778static int raw1394_open(struct inode *inode, struct file *file)
2779{
2780 struct file_info *fi;
2781
8551158a
SR		 2782 fi = kzalloc(sizeof(*fi), SLAB_KERNEL);
2783 if (!fi)
1da177e4
LT		 2784 return -ENOMEM;
2785
1da177e4
LT		 2786 fi->notification = (u8) RAW1394_NOTIFY_ON; /* busreset notification */
2787
2788 INIT_LIST_HEAD(&fi->list);
2789 fi->state = opened;
2790 INIT_LIST_HEAD(&fi->req_pending);
2791 INIT_LIST_HEAD(&fi->req_complete);
1da177e4 2792 spin_lock_init(&fi->reqlists_lock);
45289bf6 2793 init_waitqueue_head(&fi->wait_complete);
1da177e4
LT		 2794 INIT_LIST_HEAD(&fi->addr_list);
2795
2796 file->private_data = fi;
2797
2798 return 0;
2799}
2800
2801static int raw1394_release(struct inode *inode, struct file *file)
2802{
2803 struct file_info *fi = file->private_data;
2804 struct list_head *lh;
2805 struct pending_request *req;
45289bf6 2806 int i, fail;
1da177e4
LT		 2807 int retval = 0;
2808 struct list_head *entry;
2809 struct arm_addr *addr = NULL;
2810 struct host_info *hi;
2811 struct file_info *fi_hlp = NULL;
2812 struct arm_addr *arm_addr = NULL;
2813 int another_host;
2814 int csr_mod = 0;
4a9949d7 2815 unsigned long flags;
1da177e4
LT		 2816
2817 if (fi->iso_state != RAW1394_ISO_INACTIVE)
2818 raw1394_iso_shutdown(fi);
2819
2820 for (i = 0; i < 64; i++) {
2821 if (fi->listen_channels & (1ULL << i)) {
2822 hpsb_unlisten_channel(&raw1394_highlevel, fi->host, i);
2823 }
2824 }
2825
4a9949d7 2826 spin_lock_irqsave(&host_info_lock, flags);
1da177e4 2827 fi->listen_channels = 0;
1da177e4
LT		 2828
2829 fail = 0;
2830 /* set address-entries invalid */
1da177e4
LT		 2831
2832 while (!list_empty(&fi->addr_list)) {
2833 another_host = 0;
2834 lh = fi->addr_list.next;
2835 addr = list_entry(lh, struct arm_addr, addr_list);
2836 /* another host with valid address-entry containing
2837 same addressrange? */
2838 list_for_each_entry(hi, &host_info_list, list) {
2839 if (hi->host != fi->host) {
2840 list_for_each_entry(fi_hlp, &hi->file_info_list,
2841 list) {
2842 entry = fi_hlp->addr_list.next;
2843 while (entry != &(fi_hlp->addr_list)) {
c64d472a 2844 arm_addr = list_entry(entry, struct
1da177e4
LT		 2845 arm_addr,
2846 addr_list);
2847 if (arm_addr->start ==
2848 addr->start) {
2849 DBGMSG
2850 ("raw1394_release: "
2851 "another host ownes "
2852 "same addressrange");
2853 another_host = 1;
2854 break;
2855 }
2856 entry = entry->next;
2857 }
2858 if (another_host) {
2859 break;
2860 }
2861 }
2862 }
2863 }
2864 if (!another_host) {
2865 DBGMSG("raw1394_release: call hpsb_arm_unregister");
2866 retval =
2867 hpsb_unregister_addrspace(&raw1394_highlevel,
2868 fi->host, addr->start);
2869 if (!retval) {
2870 ++fail;
2871 printk(KERN_ERR
2872 "raw1394_release arm_Unregister failed\n");
2873 }
2874 }
2875 DBGMSG("raw1394_release: delete addr_entry from list");
2876 list_del(&addr->addr_list);
2877 vfree(addr->addr_space_buffer);
2878 kfree(addr);
2879 } /* while */
4a9949d7 2880 spin_unlock_irqrestore(&host_info_lock, flags);
1da177e4
LT		 2881 if (fail > 0) {
2882 printk(KERN_ERR "raw1394: during addr_list-release "
2883 "error(s) occurred \n");
2884 }
2885
45289bf6
SR		 2886 for (;;) {
2887 /* This locked section guarantees that neither
2888 * complete nor pending requests exist once i!=0 */
4a9949d7 2889 spin_lock_irqsave(&fi->reqlists_lock, flags);
45289bf6 2890 while ((req = __next_complete_req(fi)))
1da177e4 2891 free_pending_request(req);
1da177e4 2892
45289bf6 2893 i = list_empty(&fi->req_pending);
4a9949d7 2894 spin_unlock_irqrestore(&fi->reqlists_lock, flags);
1da177e4 2895
45289bf6
SR		 2896 if (i)
2897 break;
2898 /*
2899 * Sleep until more requests can be freed.
2900 *
2901 * NB: We call the macro wait_event() with a condition argument
2902 * with side effect. This is only possible because the side
2903 * effect does not occur until the condition became true, and
2904 * wait_event() won't evaluate the condition again after that.
2905 */
2906 wait_event(fi->wait_complete, (req = next_complete_req(fi)));
2907 free_pending_request(req);
1da177e4
LT		 2908 }
2909
2910 /* Remove any sub-trees left by user space programs */
2911 for (i = 0; i < RAW1394_MAX_USER_CSR_DIRS; i++) {
2912 struct csr1212_dentry *dentry;
2913 if (!fi->csr1212_dirs[i])
2914 continue;
2915 for (dentry =
2916 fi->csr1212_dirs[i]->value.directory.dentries_head; dentry;
2917 dentry = dentry->next) {
2918 csr1212_detach_keyval_from_directory(fi->host->csr.rom->
2919 root_kv,
2920 dentry->kv);
2921 }
2922 csr1212_release_keyval(fi->csr1212_dirs[i]);
2923 fi->csr1212_dirs[i] = NULL;
2924 csr_mod = 1;
2925 }
2926
2927 if ((csr_mod || fi->cfgrom_upd)
2928 && hpsb_update_config_rom_image(fi->host) < 0)
2929 HPSB_ERR
2930 ("Failed to generate Configuration ROM image for host %d",
2931 fi->host->id);
2932
2933 if (fi->state == connected) {
4a9949d7 2934 spin_lock_irqsave(&host_info_lock, flags);
1da177e4 2935 list_del(&fi->list);
4a9949d7 2936 spin_unlock_irqrestore(&host_info_lock, flags);
1da177e4
LT		 2937
2938 put_device(&fi->host->device);
2939 }
2940
2941 kfree(fi);
2942
2943 return 0;
2944}
2945
2946/*** HOTPLUG STUFF **********************************************************/
2947/*
2948 * Export information about protocols/devices supported by this driver.
2949 */
2950static struct ieee1394_device_id raw1394_id_table[] = {
2951 {
2952 .match_flags = IEEE1394_MATCH_SPECIFIER_ID | IEEE1394_MATCH_VERSION,
2953 .specifier_id = AVC_UNIT_SPEC_ID_ENTRY & 0xffffff,
2954 .version = AVC_SW_VERSION_ENTRY & 0xffffff},
2955 {
2956 .match_flags = IEEE1394_MATCH_SPECIFIER_ID | IEEE1394_MATCH_VERSION,
2957 .specifier_id = CAMERA_UNIT_SPEC_ID_ENTRY & 0xffffff,
2958 .version = CAMERA_SW_VERSION_ENTRY & 0xffffff},
2959 {
2960 .match_flags = IEEE1394_MATCH_SPECIFIER_ID | IEEE1394_MATCH_VERSION,
2961 .specifier_id = CAMERA_UNIT_SPEC_ID_ENTRY & 0xffffff,
2962 .version = (CAMERA_SW_VERSION_ENTRY + 1) & 0xffffff},
2963 {
2964 .match_flags = IEEE1394_MATCH_SPECIFIER_ID | IEEE1394_MATCH_VERSION,
2965 .specifier_id = CAMERA_UNIT_SPEC_ID_ENTRY & 0xffffff,
2966 .version = (CAMERA_SW_VERSION_ENTRY + 2) & 0xffffff},
2967 {}
2968};
2969
2970MODULE_DEVICE_TABLE(ieee1394, raw1394_id_table);
2971
2972static struct hpsb_protocol_driver raw1394_driver = {
2973 .name = "raw1394 Driver",
2974 .id_table = raw1394_id_table,
2975 .driver = {
2976 .name = "raw1394",
2977 .bus = &ieee1394_bus_type,
2978 },
2979};
2980
2981/******************************************************************************/
2982
2983static struct hpsb_highlevel raw1394_highlevel = {
2984 .name = RAW1394_DEVICE_NAME,
2985 .add_host = add_host,
2986 .remove_host = remove_host,
2987 .host_reset = host_reset,
2988 .iso_receive = iso_receive,
2989 .fcp_request = fcp_request,
2990};
2991
2992static struct cdev raw1394_cdev;
2993static struct file_operations raw1394_fops = {
2994 .owner = THIS_MODULE,
2995 .read = raw1394_read,
2996 .write = raw1394_write,
2997 .mmap = raw1394_mmap,
2998 .ioctl = raw1394_ioctl,
4bc32c4d 2999 // .compat_ioctl = ... someone needs to do this
1da177e4
LT		 3000 .poll = raw1394_poll,
3001 .open = raw1394_open,
3002 .release = raw1394_release,
3003};
3004
3005static int __init init_raw1394(void)
3006{
3007 int ret = 0;
3008
3009 hpsb_register_highlevel(&raw1394_highlevel);
3010
c64d472a
JMH		 3011 if (IS_ERR
3012 (class_device_create
3013 (hpsb_protocol_class, NULL,
3014 MKDEV(IEEE1394_MAJOR, IEEE1394_MINOR_BLOCK_RAW1394 * 16), NULL,
3015 RAW1394_DEVICE_NAME))) {
1da177e4
LT		 3016 ret = -EFAULT;
3017 goto out_unreg;
3018 }
c64d472a 3019
1da177e4
LT		 3020 cdev_init(&raw1394_cdev, &raw1394_fops);
3021 raw1394_cdev.owner = THIS_MODULE;
3022 kobject_set_name(&raw1394_cdev.kobj, RAW1394_DEVICE_NAME);
3023 ret = cdev_add(&raw1394_cdev, IEEE1394_RAW1394_DEV, 1);
3024 if (ret) {
3025 HPSB_ERR("raw1394 failed to register minor device block");
3026 goto out_dev;
3027 }
3028
3029 HPSB_INFO("raw1394: /dev/%s device initialized", RAW1394_DEVICE_NAME);
3030
3031 ret = hpsb_register_protocol(&raw1394_driver);
3032 if (ret) {
3033 HPSB_ERR("raw1394: failed to register protocol");
3034 cdev_del(&raw1394_cdev);
3035 goto out_dev;
3036 }
3037
3038 goto out;
3039
c64d472a 3040 out_dev:
7e25ab91 3041 class_device_destroy(hpsb_protocol_class,
c64d472a
JMH		 3042 MKDEV(IEEE1394_MAJOR,
3043 IEEE1394_MINOR_BLOCK_RAW1394 * 16));
3044 out_unreg:
1da177e4 3045 hpsb_unregister_highlevel(&raw1394_highlevel);
c64d472a 3046 out:
1da177e4
LT		 3047 return ret;
3048}
3049
3050static void __exit cleanup_raw1394(void)
3051{
7e25ab91 3052 class_device_destroy(hpsb_protocol_class,
c64d472a
JMH		 3053 MKDEV(IEEE1394_MAJOR,
3054 IEEE1394_MINOR_BLOCK_RAW1394 * 16));
1da177e4 3055 cdev_del(&raw1394_cdev);
1da177e4
LT		 3056 hpsb_unregister_highlevel(&raw1394_highlevel);
3057 hpsb_unregister_protocol(&raw1394_driver);
3058}
3059
3060module_init(init_raw1394);
3061module_exit(cleanup_raw1394);
3062MODULE_LICENSE("GPL");
Clone of davem's net-next-2.6 tree