projects / deliverable / linux.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
firewire: ohci: release channel in error path
[deliverable/linux.git] / drivers / firewire / core-cdev.c
CommitLineData
c781c06d
KH		 1/*
2 * Char device for device raw access
19a15b93 3 *
c781c06d 4 * Copyright (C) 2005-2007 Kristian Hoegsberg <krh@bitplanet.net>
19a15b93
KH		 5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 2 of the License, or
9 * (at your option) any later version.
10 *
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, write to the Free Software Foundation,
18 * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
19 */
20
eb5b35a5 21#include <linux/bug.h>
be5bbd67
SR		 22#include <linux/compat.h>
23#include <linux/delay.h>
24#include <linux/device.h>
25#include <linux/errno.h>
77c9a5da 26#include <linux/firewire.h>
be5bbd67
SR		 27#include <linux/firewire-cdev.h>
28#include <linux/idr.h>
4a9bde9b 29#include <linux/irqflags.h>
b1bda4cd 30#include <linux/jiffies.h>
19a15b93 31#include <linux/kernel.h>
fb443036 32#include <linux/kref.h>
be5bbd67
SR		 33#include <linux/mm.h>
34#include <linux/module.h>
d67cfb96 35#include <linux/mutex.h>
19a15b93 36#include <linux/poll.h>
a99bbaf5 37#include <linux/sched.h>
cf417e54 38#include <linux/spinlock.h>
281e2032 39#include <linux/string.h>
be5bbd67 40#include <linux/time.h>
e034d242 41#include <linux/uaccess.h>
be5bbd67
SR		 42#include <linux/vmalloc.h>
43#include <linux/wait.h>
b1bda4cd 44#include <linux/workqueue.h>
be5bbd67 45
a64408b9 46#include <asm/system.h>
be5bbd67 47
77c9a5da 48#include "core.h"
19a15b93 49
604f4516
SR		 50/*
51 * ABI version history is documented in linux/firewire-cdev.h.
52 */
8e2b2b46
SR		 53#define FW_CDEV_KERNEL_VERSION 4
54#define FW_CDEV_VERSION_EVENT_REQUEST2 4
55#define FW_CDEV_VERSION_ALLOCATE_REGION_END 4
604f4516 56
19a15b93 57struct client {
344bbc4d 58 u32 version;
19a15b93 59 struct fw_device *device;
45ee3199 60
19a15b93 61 spinlock_t lock;
45ee3199
JF		 62 bool in_shutdown;
63 struct idr resource_idr;
19a15b93 64 struct list_head event_list;
19a15b93 65 wait_queue_head_t wait;
da8ecffa 66 u64 bus_reset_closure;
9aad8125 67
19a15b93 68 struct fw_iso_context *iso_context;
abaa5743 69 u64 iso_closure;
9aad8125
KH		 70 struct fw_iso_buffer buffer;
71 unsigned long vm_start;
97bd9efa 72
bf54e146
SR		 73 struct list_head phy_receiver_link;
74 u64 phy_receiver_closure;
75
97bd9efa 76 struct list_head link;
fb443036 77 struct kref kref;
19a15b93
KH		 78};
79
fb443036
SR		 80static inline void client_get(struct client *client)
81{
82 kref_get(&client->kref);
83}
84
85static void client_release(struct kref *kref)
86{
87 struct client *client = container_of(kref, struct client, kref);
88
89 fw_device_put(client->device);
90 kfree(client);
91}
92
93static void client_put(struct client *client)
94{
95 kref_put(&client->kref, client_release);
96}
97
97c18b7f
SR		 98struct client_resource;
99typedef void (*client_resource_release_fn_t)(struct client *,
100 struct client_resource *);
101struct client_resource {
102 client_resource_release_fn_t release;
103 int handle;
104};
105
106struct address_handler_resource {
107 struct client_resource resource;
108 struct fw_address_handler handler;
109 __u64 closure;
110 struct client *client;
111};
112
113struct outbound_transaction_resource {
114 struct client_resource resource;
115 struct fw_transaction transaction;
116};
117
118struct inbound_transaction_resource {
119 struct client_resource resource;
08bd34c9 120 struct fw_card *card;
97c18b7f
SR		 121 struct fw_request *request;
122 void *data;
123 size_t length;
124};
125
126struct descriptor_resource {
127 struct client_resource resource;
128 struct fw_descriptor descriptor;
129 u32 data[0];
130};
131
b1bda4cd
JFSR		 132struct iso_resource {
133 struct client_resource resource;
134 struct client *client;
135 /* Schedule work and access todo only with client->lock held. */
136 struct delayed_work work;
1ec3c026
SR		 137 enum {ISO_RES_ALLOC, ISO_RES_REALLOC, ISO_RES_DEALLOC,
138 ISO_RES_ALLOC_ONCE, ISO_RES_DEALLOC_ONCE,} todo;
b1bda4cd
JFSR		 139 int generation;
140 u64 channels;
141 s32 bandwidth;
6fdc0370 142 __be32 transaction_data[2];
b1bda4cd
JFSR		 143 struct iso_resource_event *e_alloc, *e_dealloc;
144};
145
b1bda4cd
JFSR		 146static void release_iso_resource(struct client *, struct client_resource *);
147
9fb551bf
SR		 148static void schedule_iso_resource(struct iso_resource *r, unsigned long delay)
149{
150 client_get(r->client);
151 if (!schedule_delayed_work(&r->work, delay))
152 client_put(r->client);
153}
154
155static void schedule_if_iso_resource(struct client_resource *resource)
156{
157 if (resource->release == release_iso_resource)
158 schedule_iso_resource(container_of(resource,
159 struct iso_resource, resource), 0);
160}
161
97c18b7f
SR		 162/*
163 * dequeue_event() just kfree()'s the event, so the event has to be
164 * the first field in a struct XYZ_event.
165 */
166struct event {
167 struct { void *data; size_t size; } v[2];
168 struct list_head link;
169};
170
171struct bus_reset_event {
172 struct event event;
173 struct fw_cdev_event_bus_reset reset;
174};
175
176struct outbound_transaction_event {
177 struct event event;
178 struct client *client;
179 struct outbound_transaction_resource r;
180 struct fw_cdev_event_response response;
181};
182
183struct inbound_transaction_event {
184 struct event event;
e205597d
SR		 185 union {
186 struct fw_cdev_event_request request;
187 struct fw_cdev_event_request2 request2;
188 } req;
97c18b7f
SR		 189};
190
191struct iso_interrupt_event {
192 struct event event;
193 struct fw_cdev_event_iso_interrupt interrupt;
194};
195
b1bda4cd
JFSR		 196struct iso_resource_event {
197 struct event event;
e21fcf79 198 struct fw_cdev_event_iso_resource iso_resource;
b1bda4cd
JFSR		 199};
200
850bb6f2
SR		 201struct outbound_phy_packet_event {
202 struct event event;
203 struct client *client;
204 struct fw_packet p;
205 struct fw_cdev_event_phy_packet phy_packet;
206};
207
bf54e146
SR		 208struct inbound_phy_packet_event {
209 struct event event;
210 struct fw_cdev_event_phy_packet phy_packet;
211};
212
53dca511 213static inline void __user *u64_to_uptr(__u64 value)
19a15b93
KH		 214{
215 return (void __user *)(unsigned long)value;
216}
217
53dca511 218static inline __u64 uptr_to_u64(void __user *ptr)
19a15b93
KH		 219{
220 return (__u64)(unsigned long)ptr;
221}
222
223static int fw_device_op_open(struct inode *inode, struct file *file)
224{
225 struct fw_device *device;
226 struct client *client;
227
96b19062 228 device = fw_device_get_by_devt(inode->i_rdev);
a3aca3da
KH		 229 if (device == NULL)
230 return -ENODEV;
19a15b93 231
551f4cb9
JF		 232 if (fw_device_is_shutdown(device)) {
233 fw_device_put(device);
234 return -ENODEV;
235 }
236
2d826cc5 237 client = kzalloc(sizeof(*client), GFP_KERNEL);
96b19062
SR		 238 if (client == NULL) {
239 fw_device_put(device);
19a15b93 240 return -ENOMEM;
96b19062 241 }
19a15b93 242
96b19062 243 client->device = device;
19a15b93 244 spin_lock_init(&client->lock);
45ee3199
JF		 245 idr_init(&client->resource_idr);
246 INIT_LIST_HEAD(&client->event_list);
19a15b93 247 init_waitqueue_head(&client->wait);
bf54e146 248 INIT_LIST_HEAD(&client->phy_receiver_link);
fb443036 249 kref_init(&client->kref);
19a15b93
KH		 250
251 file->private_data = client;
252
d67cfb96 253 mutex_lock(&device->client_list_mutex);
97bd9efa 254 list_add_tail(&client->link, &device->client_list);
d67cfb96 255 mutex_unlock(&device->client_list_mutex);
97bd9efa 256
3ac26b2e 257 return nonseekable_open(inode, file);
19a15b93
KH		 258}
259
260static void queue_event(struct client *client, struct event *event,
261 void *data0, size_t size0, void *data1, size_t size1)
262{
263 unsigned long flags;
264
265 event->v[0].data = data0;
266 event->v[0].size = size0;
267 event->v[1].data = data1;
268 event->v[1].size = size1;
269
270 spin_lock_irqsave(&client->lock, flags);
45ee3199
JF		 271 if (client->in_shutdown)
272 kfree(event);
273 else
274 list_add_tail(&event->link, &client->event_list);
19a15b93 275 spin_unlock_irqrestore(&client->lock, flags);
83431cba
JF		 276
277 wake_up_interruptible(&client->wait);
19a15b93
KH		 278}
279
53dca511
SR		 280static int dequeue_event(struct client *client,
281 char __user *buffer, size_t count)
19a15b93 282{
19a15b93
KH		 283 struct event *event;
284 size_t size, total;
2dbd7d7e 285 int i, ret;
19a15b93 286
2dbd7d7e
SR		 287 ret = wait_event_interruptible(client->wait,
288 !list_empty(&client->event_list) ||
289 fw_device_is_shutdown(client->device));
290 if (ret < 0)
291 return ret;
19a15b93 292
2603bf21
KH		 293 if (list_empty(&client->event_list) &&
294 fw_device_is_shutdown(client->device))
295 return -ENODEV;
19a15b93 296
3ba94986 297 spin_lock_irq(&client->lock);
a459b8ab 298 event = list_first_entry(&client->event_list, struct event, link);
19a15b93 299 list_del(&event->link);
3ba94986 300 spin_unlock_irq(&client->lock);
19a15b93 301
19a15b93
KH		 302 total = 0;
303 for (i = 0; i < ARRAY_SIZE(event->v) && total < count; i++) {
304 size = min(event->v[i].size, count - total);
2603bf21 305 if (copy_to_user(buffer + total, event->v[i].data, size)) {
2dbd7d7e 306 ret = -EFAULT;
19a15b93 307 goto out;
2603bf21 308 }
19a15b93
KH		 309 total += size;
310 }
2dbd7d7e 311 ret = total;
19a15b93
KH		 312
313 out:
314 kfree(event);
315
2dbd7d7e 316 return ret;
19a15b93
KH		 317}
318
53dca511
SR		 319static ssize_t fw_device_op_read(struct file *file, char __user *buffer,
320 size_t count, loff_t *offset)
19a15b93
KH		 321{
322 struct client *client = file->private_data;
323
324 return dequeue_event(client, buffer, count);
325}
326
53dca511
SR		 327static void fill_bus_reset_event(struct fw_cdev_event_bus_reset *event,
328 struct client *client)
344bbc4d 329{
da8ecffa 330 struct fw_card *card = client->device->card;
cf417e54 331
3ba94986 332 spin_lock_irq(&card->lock);
344bbc4d 333
da8ecffa 334 event->closure = client->bus_reset_closure;
344bbc4d 335 event->type = FW_CDEV_EVENT_BUS_RESET;
cf5a56ac 336 event->generation = client->device->generation;
da8ecffa 337 event->node_id = client->device->node_id;
344bbc4d 338 event->local_node_id = card->local_node->node_id;
250b2b6d 339 event->bm_node_id = card->bm_node_id;
344bbc4d
KH		 340 event->irm_node_id = card->irm_node->node_id;
341 event->root_node_id = card->root_node->node_id;
cf417e54 342
3ba94986 343 spin_unlock_irq(&card->lock);
344bbc4d
KH		 344}
345
53dca511
SR		 346static void for_each_client(struct fw_device *device,
347 void (*callback)(struct client *client))
2603bf21 348{
2603bf21 349 struct client *c;
2603bf21 350
d67cfb96 351 mutex_lock(&device->client_list_mutex);
2603bf21
KH		 352 list_for_each_entry(c, &device->client_list, link)
353 callback(c);
d67cfb96 354 mutex_unlock(&device->client_list_mutex);
2603bf21
KH		 355}
356
b1bda4cd
JFSR		 357static int schedule_reallocations(int id, void *p, void *data)
358{
9fb551bf 359 schedule_if_iso_resource(p);
b1bda4cd 360
b1bda4cd
JFSR		 361 return 0;
362}
363
53dca511 364static void queue_bus_reset_event(struct client *client)
97bd9efa 365{
97c18b7f 366 struct bus_reset_event *e;
97bd9efa 367
97c18b7f
SR		 368 e = kzalloc(sizeof(*e), GFP_KERNEL);
369 if (e == NULL) {
bf54e146 370 fw_notify("Out of memory when allocating event\n");
97bd9efa
KH		 371 return;
372 }
373
97c18b7f 374 fill_bus_reset_event(&e->reset, client);
97bd9efa 375
97c18b7f
SR		 376 queue_event(client, &e->event,
377 &e->reset, sizeof(e->reset), NULL, 0);
b1bda4cd
JFSR		 378
379 spin_lock_irq(&client->lock);
380 idr_for_each(&client->resource_idr, schedule_reallocations, client);
381 spin_unlock_irq(&client->lock);
97bd9efa
KH		 382}
383
384void fw_device_cdev_update(struct fw_device *device)
385{
2603bf21
KH		 386 for_each_client(device, queue_bus_reset_event);
387}
97bd9efa 388
2603bf21
KH		 389static void wake_up_client(struct client *client)
390{
391 wake_up_interruptible(&client->wait);
392}
97bd9efa 393
2603bf21
KH		 394void fw_device_cdev_remove(struct fw_device *device)
395{
396 for_each_client(device, wake_up_client);
97bd9efa
KH		 397}
398
6e95dea7
SR		 399union ioctl_arg {
400 struct fw_cdev_get_info get_info;
401 struct fw_cdev_send_request send_request;
402 struct fw_cdev_allocate allocate;
403 struct fw_cdev_deallocate deallocate;
404 struct fw_cdev_send_response send_response;
405 struct fw_cdev_initiate_bus_reset initiate_bus_reset;
406 struct fw_cdev_add_descriptor add_descriptor;
407 struct fw_cdev_remove_descriptor remove_descriptor;
408 struct fw_cdev_create_iso_context create_iso_context;
409 struct fw_cdev_queue_iso queue_iso;
410 struct fw_cdev_start_iso start_iso;
411 struct fw_cdev_stop_iso stop_iso;
412 struct fw_cdev_get_cycle_timer get_cycle_timer;
413 struct fw_cdev_allocate_iso_resource allocate_iso_resource;
414 struct fw_cdev_send_stream_packet send_stream_packet;
415 struct fw_cdev_get_cycle_timer2 get_cycle_timer2;
850bb6f2 416 struct fw_cdev_send_phy_packet send_phy_packet;
bf54e146 417 struct fw_cdev_receive_phy_packets receive_phy_packets;
6e95dea7
SR		 418};
419
420static int ioctl_get_info(struct client *client, union ioctl_arg *arg)
19a15b93 421{
6e95dea7 422 struct fw_cdev_get_info *a = &arg->get_info;
344bbc4d 423 struct fw_cdev_event_bus_reset bus_reset;
c9755e14 424 unsigned long ret = 0;
344bbc4d 425
6e95dea7 426 client->version = a->version;
604f4516 427 a->version = FW_CDEV_KERNEL_VERSION;
6e95dea7 428 a->card = client->device->card->index;
344bbc4d 429
c9755e14
SR		 430 down_read(&fw_device_rwsem);
431
6e95dea7
SR		 432 if (a->rom != 0) {
433 size_t want = a->rom_length;
d84702a5 434 size_t have = client->device->config_rom_length * 4;
344bbc4d 435
6e95dea7
SR		 436 ret = copy_to_user(u64_to_uptr(a->rom),
437 client->device->config_rom, min(want, have));
344bbc4d 438 }
6e95dea7 439 a->rom_length = client->device->config_rom_length * 4;
344bbc4d 440
c9755e14
SR		 441 up_read(&fw_device_rwsem);
442
443 if (ret != 0)
444 return -EFAULT;
445
6e95dea7
SR		 446 client->bus_reset_closure = a->bus_reset_closure;
447 if (a->bus_reset != 0) {
da8ecffa 448 fill_bus_reset_event(&bus_reset, client);
6e95dea7
SR		 449 if (copy_to_user(u64_to_uptr(a->bus_reset),
450 &bus_reset, sizeof(bus_reset)))
344bbc4d
KH		 451 return -EFAULT;
452 }
19a15b93 453
19a15b93
KH		 454 return 0;
455}
456
53dca511
SR		 457static int add_client_resource(struct client *client,
458 struct client_resource *resource, gfp_t gfp_mask)
3964a449
KH		 459{
460 unsigned long flags;
45ee3199
JF		 461 int ret;
462
463 retry:
464 if (idr_pre_get(&client->resource_idr, gfp_mask) == 0)
465 return -ENOMEM;
3964a449
KH		 466
467 spin_lock_irqsave(&client->lock, flags);
45ee3199
JF		 468 if (client->in_shutdown)
469 ret = -ECANCELED;
470 else
471 ret = idr_get_new(&client->resource_idr, resource,
472 &resource->handle);
b1bda4cd 473 if (ret >= 0) {
fb443036 474 client_get(client);
9fb551bf 475 schedule_if_iso_resource(resource);
b1bda4cd 476 }
3964a449 477 spin_unlock_irqrestore(&client->lock, flags);
45ee3199
JF		 478
479 if (ret == -EAGAIN)
480 goto retry;
481
482 return ret < 0 ? ret : 0;
3964a449
KH		 483}
484
53dca511
SR		 485static int release_client_resource(struct client *client, u32 handle,
486 client_resource_release_fn_t release,
e21fcf79 487 struct client_resource **return_resource)
3964a449 488{
e21fcf79 489 struct client_resource *resource;
3964a449 490
3ba94986 491 spin_lock_irq(&client->lock);
45ee3199 492 if (client->in_shutdown)
e21fcf79 493 resource = NULL;
45ee3199 494 else
e21fcf79
SR		 495 resource = idr_find(&client->resource_idr, handle);
496 if (resource && resource->release == release)
45ee3199 497 idr_remove(&client->resource_idr, handle);
3ba94986 498 spin_unlock_irq(&client->lock);
3964a449 499
e21fcf79 500 if (!(resource && resource->release == release))
3964a449
KH		 501 return -EINVAL;
502
e21fcf79
SR		 503 if (return_resource)
504 *return_resource = resource;
3964a449 505 else
e21fcf79 506 resource->release(client, resource);
3964a449 507
fb443036
SR		 508 client_put(client);
509
3964a449
KH		 510 return 0;
511}
512
53dca511
SR		 513static void release_transaction(struct client *client,
514 struct client_resource *resource)
3964a449 515{
97c18b7f
SR		 516 struct outbound_transaction_resource *r = container_of(resource,
517 struct outbound_transaction_resource, resource);
3964a449 518
97c18b7f 519 fw_cancel_transaction(client->device->card, &r->transaction);
3964a449
KH		 520}
521
53dca511
SR		 522static void complete_transaction(struct fw_card *card, int rcode,
523 void *payload, size_t length, void *data)
19a15b93 524{
97c18b7f
SR		 525 struct outbound_transaction_event *e = data;
526 struct fw_cdev_event_response *rsp = &e->response;
527 struct client *client = e->client;
28cf6a04 528 unsigned long flags;
19a15b93 529
97c18b7f
SR		 530 if (length < rsp->length)
531 rsp->length = length;
19a15b93 532 if (rcode == RCODE_COMPLETE)
97c18b7f 533 memcpy(rsp->data, payload, rsp->length);
19a15b93 534
28cf6a04 535 spin_lock_irqsave(&client->lock, flags);
45ee3199 536 /*
fb443036
SR		 537 * 1. If called while in shutdown, the idr tree must be left untouched.
538 * The idr handle will be removed and the client reference will be
539 * dropped later.
540 * 2. If the call chain was release_client_resource ->
541 * release_transaction -> complete_transaction (instead of a normal
542 * conclusion of the transaction), i.e. if this resource was already
543 * unregistered from the idr, the client reference will be dropped
544 * by release_client_resource and we must not drop it here.
45ee3199 545 */
fb443036 546 if (!client->in_shutdown &&
97c18b7f
SR		 547 idr_find(&client->resource_idr, e->r.resource.handle)) {
548 idr_remove(&client->resource_idr, e->r.resource.handle);
fb443036
SR		 549 /* Drop the idr's reference */
550 client_put(client);
551 }
28cf6a04
KH		 552 spin_unlock_irqrestore(&client->lock, flags);
553
97c18b7f
SR		 554 rsp->type = FW_CDEV_EVENT_RESPONSE;
555 rsp->rcode = rcode;
8401d92b
DM		 556
557 /*
97c18b7f 558 * In the case that sizeof(*rsp) doesn't align with the position of the
8401d92b
DM		 559 * data, and the read is short, preserve an extra copy of the data
560 * to stay compatible with a pre-2.6.27 bug. Since the bug is harmless
561 * for short reads and some apps depended on it, this is both safe
562 * and prudent for compatibility.
563 */
97c18b7f
SR		 564 if (rsp->length <= sizeof(*rsp) - offsetof(typeof(*rsp), data))
565 queue_event(client, &e->event, rsp, sizeof(*rsp),
566 rsp->data, rsp->length);
8401d92b 567 else
97c18b7f 568 queue_event(client, &e->event, rsp, sizeof(*rsp) + rsp->length,
8401d92b 569 NULL, 0);
fb443036
SR		 570
571 /* Drop the transaction callback's reference */
572 client_put(client);
19a15b93
KH		 573}
574
acfe8333
JFSR		 575static int init_request(struct client *client,
576 struct fw_cdev_send_request *request,
577 int destination_id, int speed)
19a15b93 578{
97c18b7f 579 struct outbound_transaction_event *e;
1f3125af 580 int ret;
19a15b93 581
18e9b10f
SR		 582 if (request->tcode != TCODE_STREAM_DATA &&
583 (request->length > 4096 || request->length > 512 << speed))
5d3fd692 584 return -EIO;
19a15b93 585
a8e93f3d
CL		 586 if (request->tcode == TCODE_WRITE_QUADLET_REQUEST &&
587 request->length < 4)
588 return -EINVAL;
589
97c18b7f
SR		 590 e = kmalloc(sizeof(*e) + request->length, GFP_KERNEL);
591 if (e == NULL)
19a15b93
KH		 592 return -ENOMEM;
593
97c18b7f
SR		 594 e->client = client;
595 e->response.length = request->length;
596 e->response.closure = request->closure;
19a15b93 597
4f259223 598 if (request->data &&
97c18b7f 599 copy_from_user(e->response.data,
4f259223 600 u64_to_uptr(request->data), request->length)) {
1f3125af 601 ret = -EFAULT;
45ee3199 602 goto failed;
1f3125af
SR		 603 }
604
97c18b7f
SR		 605 e->r.resource.release = release_transaction;
606 ret = add_client_resource(client, &e->r.resource, GFP_KERNEL);
45ee3199
JF		 607 if (ret < 0)
608 goto failed;
28cf6a04 609
fb443036
SR		 610 /* Get a reference for the transaction callback */
611 client_get(client);
612
acfe8333 613 fw_send_request(client->device->card, &e->r.transaction,
664d8010
SR		 614 request->tcode, destination_id, request->generation,
615 speed, request->offset, e->response.data,
616 request->length, complete_transaction, e);
617 return 0;
19a15b93 618
45ee3199 619 failed:
97c18b7f 620 kfree(e);
1f3125af
SR		 621
622 return ret;
19a15b93
KH		 623}
624
6e95dea7 625static int ioctl_send_request(struct client *client, union ioctl_arg *arg)
acfe8333 626{
6e95dea7 627 switch (arg->send_request.tcode) {
acfe8333
JFSR		 628 case TCODE_WRITE_QUADLET_REQUEST:
629 case TCODE_WRITE_BLOCK_REQUEST:
630 case TCODE_READ_QUADLET_REQUEST:
631 case TCODE_READ_BLOCK_REQUEST:
632 case TCODE_LOCK_MASK_SWAP:
633 case TCODE_LOCK_COMPARE_SWAP:
634 case TCODE_LOCK_FETCH_ADD:
635 case TCODE_LOCK_LITTLE_ADD:
636 case TCODE_LOCK_BOUNDED_ADD:
637 case TCODE_LOCK_WRAP_ADD:
638 case TCODE_LOCK_VENDOR_DEPENDENT:
639 break;
640 default:
641 return -EINVAL;
642 }
643
6e95dea7 644 return init_request(client, &arg->send_request, client->device->node_id,
acfe8333
JFSR		 645 client->device->max_speed);
646}
647
281e2032
SR		 648static inline bool is_fcp_request(struct fw_request *request)
649{
650 return request == NULL;
651}
652
53dca511
SR		 653static void release_request(struct client *client,
654 struct client_resource *resource)
3964a449 655{
97c18b7f
SR		 656 struct inbound_transaction_resource *r = container_of(resource,
657 struct inbound_transaction_resource, resource);
3964a449 658
281e2032
SR		 659 if (is_fcp_request(r->request))
660 kfree(r->data);
661 else
08bd34c9 662 fw_send_response(r->card, r->request, RCODE_CONFLICT_ERROR);
0244f573
SR		 663
664 fw_card_put(r->card);
97c18b7f 665 kfree(r);
3964a449
KH		 666}
667
97c18b7f 668static void handle_request(struct fw_card *card, struct fw_request *request,
53dca511 669 int tcode, int destination, int source,
33e553fe 670 int generation, unsigned long long offset,
53dca511 671 void *payload, size_t length, void *callback_data)
19a15b93 672{
97c18b7f
SR		 673 struct address_handler_resource *handler = callback_data;
674 struct inbound_transaction_resource *r;
675 struct inbound_transaction_event *e;
e205597d 676 size_t event_size0;
281e2032 677 void *fcp_frame = NULL;
45ee3199 678 int ret;
19a15b93 679
0244f573
SR		 680 /* card may be different from handler->client->device->card */
681 fw_card_get(card);
682
97c18b7f 683 r = kmalloc(sizeof(*r), GFP_ATOMIC);
2d826cc5 684 e = kmalloc(sizeof(*e), GFP_ATOMIC);
bf54e146
SR		 685 if (r == NULL || e == NULL) {
686 fw_notify("Out of memory when allocating event\n");
45ee3199 687 goto failed;
bf54e146 688 }
08bd34c9 689 r->card = card;
97c18b7f
SR		 690 r->request = request;
691 r->data = payload;
692 r->length = length;
19a15b93 693
281e2032
SR		 694 if (is_fcp_request(request)) {
695 /*
696 * FIXME: Let core-transaction.c manage a
697 * single reference-counted copy?
698 */
699 fcp_frame = kmemdup(payload, length, GFP_ATOMIC);
700 if (fcp_frame == NULL)
701 goto failed;
702
703 r->data = fcp_frame;
704 }
705
97c18b7f
SR		 706 r->resource.release = release_request;
707 ret = add_client_resource(handler->client, &r->resource, GFP_ATOMIC);
45ee3199
JF		 708 if (ret < 0)
709 goto failed;
19a15b93 710
e205597d
SR		 711 if (handler->client->version < FW_CDEV_VERSION_EVENT_REQUEST2) {
712 struct fw_cdev_event_request *req = &e->req.request;
713
714 if (tcode & 0x10)
715 tcode = TCODE_LOCK_REQUEST;
716
717 req->type = FW_CDEV_EVENT_REQUEST;
718 req->tcode = tcode;
719 req->offset = offset;
720 req->length = length;
721 req->handle = r->resource.handle;
722 req->closure = handler->closure;
723 event_size0 = sizeof(*req);
724 } else {
725 struct fw_cdev_event_request2 *req = &e->req.request2;
726
727 req->type = FW_CDEV_EVENT_REQUEST2;
728 req->tcode = tcode;
729 req->offset = offset;
730 req->source_node_id = source;
731 req->destination_node_id = destination;
732 req->card = card->index;
733 req->generation = generation;
734 req->length = length;
735 req->handle = r->resource.handle;
736 req->closure = handler->closure;
737 event_size0 = sizeof(*req);
738 }
19a15b93 739
97c18b7f 740 queue_event(handler->client, &e->event,
e205597d 741 &e->req, event_size0, r->data, length);
45ee3199
JF		 742 return;
743
744 failed:
97c18b7f 745 kfree(r);
45ee3199 746 kfree(e);
281e2032
SR		 747 kfree(fcp_frame);
748
749 if (!is_fcp_request(request))
db5d247a 750 fw_send_response(card, request, RCODE_CONFLICT_ERROR);
0244f573
SR		 751
752 fw_card_put(card);
19a15b93
KH		 753}
754
53dca511
SR		 755static void release_address_handler(struct client *client,
756 struct client_resource *resource)
3964a449 757{
97c18b7f
SR		 758 struct address_handler_resource *r =
759 container_of(resource, struct address_handler_resource, resource);
3964a449 760
97c18b7f
SR		 761 fw_core_remove_address_handler(&r->handler);
762 kfree(r);
3964a449
KH		 763}
764
6e95dea7 765static int ioctl_allocate(struct client *client, union ioctl_arg *arg)
19a15b93 766{
6e95dea7 767 struct fw_cdev_allocate *a = &arg->allocate;
97c18b7f 768 struct address_handler_resource *r;
19a15b93 769 struct fw_address_region region;
45ee3199 770 int ret;
19a15b93 771
97c18b7f
SR		 772 r = kmalloc(sizeof(*r), GFP_KERNEL);
773 if (r == NULL)
19a15b93
KH		 774 return -ENOMEM;
775
6e95dea7 776 region.start = a->offset;
8e2b2b46
SR		 777 if (client->version < FW_CDEV_VERSION_ALLOCATE_REGION_END)
778 region.end = a->offset + a->length;
779 else
780 region.end = a->region_end;
781
6e95dea7 782 r->handler.length = a->length;
97c18b7f 783 r->handler.address_callback = handle_request;
6e95dea7
SR		 784 r->handler.callback_data = r;
785 r->closure = a->closure;
786 r->client = client;
19a15b93 787
97c18b7f 788 ret = fw_core_add_address_handler(&r->handler, &region);
3e0b5f0d 789 if (ret < 0) {
97c18b7f 790 kfree(r);
3e0b5f0d 791 return ret;
19a15b93 792 }
8e2b2b46 793 a->offset = r->handler.offset;
19a15b93 794
97c18b7f
SR		 795 r->resource.release = release_address_handler;
796 ret = add_client_resource(client, &r->resource, GFP_KERNEL);
45ee3199 797 if (ret < 0) {
97c18b7f 798 release_address_handler(client, &r->resource);
45ee3199
JF		 799 return ret;
800 }
6e95dea7 801 a->handle = r->resource.handle;
19a15b93
KH		 802
803 return 0;
804}
805
6e95dea7 806static int ioctl_deallocate(struct client *client, union ioctl_arg *arg)
9472316b 807{
6e95dea7 808 return release_client_resource(client, arg->deallocate.handle,
45ee3199 809 release_address_handler, NULL);
9472316b
KH		 810}
811
6e95dea7 812static int ioctl_send_response(struct client *client, union ioctl_arg *arg)
19a15b93 813{
6e95dea7 814 struct fw_cdev_send_response *a = &arg->send_response;
3964a449 815 struct client_resource *resource;
97c18b7f 816 struct inbound_transaction_resource *r;
7e44c0b5 817 int ret = 0;
19a15b93 818
6e95dea7 819 if (release_client_resource(client, a->handle,
45ee3199 820 release_request, &resource) < 0)
19a15b93 821 return -EINVAL;
45ee3199 822
97c18b7f
SR		 823 r = container_of(resource, struct inbound_transaction_resource,
824 resource);
281e2032
SR		 825 if (is_fcp_request(r->request))
826 goto out;
827
a10c0ce7
CL		 828 if (a->length != fw_get_response_length(r->request)) {
829 ret = -EINVAL;
830 kfree(r->request);
831 goto out;
832 }
833 if (copy_from_user(r->data, u64_to_uptr(a->data), a->length)) {
281e2032
SR		 834 ret = -EFAULT;
835 kfree(r->request);
836 goto out;
7e44c0b5 837 }
08bd34c9 838 fw_send_response(r->card, r->request, a->rcode);
7e44c0b5 839 out:
0244f573 840 fw_card_put(r->card);
19a15b93
KH		 841 kfree(r);
842
7e44c0b5 843 return ret;
19a15b93
KH		 844}
845
6e95dea7 846static int ioctl_initiate_bus_reset(struct client *client, union ioctl_arg *arg)
5371842b 847{
02d37bed 848 fw_schedule_bus_reset(client->device->card, true,
6e95dea7 849 arg->initiate_bus_reset.type == FW_CDEV_SHORT_RESET);
02d37bed 850 return 0;
5371842b
KH		 851}
852
3964a449
KH		 853static void release_descriptor(struct client *client,
854 struct client_resource *resource)
855{
97c18b7f
SR		 856 struct descriptor_resource *r =
857 container_of(resource, struct descriptor_resource, resource);
3964a449 858
97c18b7f
SR		 859 fw_core_remove_descriptor(&r->descriptor);
860 kfree(r);
3964a449
KH		 861}
862
6e95dea7 863static int ioctl_add_descriptor(struct client *client, union ioctl_arg *arg)
66dea3e5 864{
6e95dea7 865 struct fw_cdev_add_descriptor *a = &arg->add_descriptor;
97c18b7f 866 struct descriptor_resource *r;
45ee3199 867 int ret;
66dea3e5 868
de487da8 869 /* Access policy: Allow this ioctl only on local nodes' device files. */
92368890 870 if (!client->device->is_local)
de487da8
SR		 871 return -ENOSYS;
872
6e95dea7 873 if (a->length > 256)
66dea3e5
KH		 874 return -EINVAL;
875
6e95dea7 876 r = kmalloc(sizeof(*r) + a->length * 4, GFP_KERNEL);
97c18b7f 877 if (r == NULL)
66dea3e5
KH		 878 return -ENOMEM;
879
6e95dea7 880 if (copy_from_user(r->data, u64_to_uptr(a->data), a->length * 4)) {
45ee3199
JF		 881 ret = -EFAULT;
882 goto failed;
66dea3e5
KH		 883 }
884
6e95dea7
SR		 885 r->descriptor.length = a->length;
886 r->descriptor.immediate = a->immediate;
887 r->descriptor.key = a->key;
97c18b7f 888 r->descriptor.data = r->data;
66dea3e5 889
97c18b7f 890 ret = fw_core_add_descriptor(&r->descriptor);
45ee3199
JF		 891 if (ret < 0)
892 goto failed;
66dea3e5 893
97c18b7f
SR		 894 r->resource.release = release_descriptor;
895 ret = add_client_resource(client, &r->resource, GFP_KERNEL);
45ee3199 896 if (ret < 0) {
97c18b7f 897 fw_core_remove_descriptor(&r->descriptor);
45ee3199
JF		 898 goto failed;
899 }
6e95dea7 900 a->handle = r->resource.handle;
66dea3e5
KH		 901
902 return 0;
45ee3199 903 failed:
97c18b7f 904 kfree(r);
45ee3199
JF		 905
906 return ret;
66dea3e5
KH		 907}
908
6e95dea7 909static int ioctl_remove_descriptor(struct client *client, union ioctl_arg *arg)
66dea3e5 910{
6e95dea7 911 return release_client_resource(client, arg->remove_descriptor.handle,
45ee3199 912 release_descriptor, NULL);
66dea3e5
KH		 913}
914
53dca511
SR		 915static void iso_callback(struct fw_iso_context *context, u32 cycle,
916 size_t header_length, void *header, void *data)
19a15b93
KH		 917{
918 struct client *client = data;
97c18b7f 919 struct iso_interrupt_event *e;
19a15b93 920
56d04cb1 921 e = kmalloc(sizeof(*e) + header_length, GFP_ATOMIC);
bf54e146
SR		 922 if (e == NULL) {
923 fw_notify("Out of memory when allocating event\n");
19a15b93 924 return;
bf54e146 925 }
97c18b7f
SR		 926 e->interrupt.type = FW_CDEV_EVENT_ISO_INTERRUPT;
927 e->interrupt.closure = client->iso_closure;
928 e->interrupt.cycle = cycle;
929 e->interrupt.header_length = header_length;
930 memcpy(e->interrupt.header, header, header_length);
931 queue_event(client, &e->event, &e->interrupt,
932 sizeof(e->interrupt) + header_length, NULL, 0);
19a15b93
KH		 933}
934
6e95dea7 935static int ioctl_create_iso_context(struct client *client, union ioctl_arg *arg)
19a15b93 936{
6e95dea7 937 struct fw_cdev_create_iso_context *a = &arg->create_iso_context;
24315c5e 938 struct fw_iso_context *context;
19a15b93 939
eb5b35a5
SR		 940 BUILD_BUG_ON(FW_CDEV_ISO_CONTEXT_TRANSMIT != FW_ISO_CONTEXT_TRANSMIT ||
941 FW_CDEV_ISO_CONTEXT_RECEIVE != FW_ISO_CONTEXT_RECEIVE);
942
6e95dea7 943 if (a->channel > 63)
21efb3cf
KH		 944 return -EINVAL;
945
6e95dea7 946 switch (a->type) {
c70dc788 947 case FW_ISO_CONTEXT_RECEIVE:
6e95dea7 948 if (a->header_size < 4 || (a->header_size & 3))
c70dc788 949 return -EINVAL;
c70dc788
KH		 950 break;
951
952 case FW_ISO_CONTEXT_TRANSMIT:
6e95dea7 953 if (a->speed > SCODE_3200)
c70dc788 954 return -EINVAL;
c70dc788
KH		 955 break;
956
957 default:
21efb3cf 958 return -EINVAL;
c70dc788
KH		 959 }
960
6e95dea7
SR		 961 context = fw_iso_context_create(client->device->card, a->type,
962 a->channel, a->speed, a->header_size,
963 iso_callback, client);
24315c5e
KH		 964 if (IS_ERR(context))
965 return PTR_ERR(context);
966
bdfe273e
CL		 967 /* We only support one context at this time. */
968 spin_lock_irq(&client->lock);
969 if (client->iso_context != NULL) {
970 spin_unlock_irq(&client->lock);
971 fw_iso_context_destroy(context);
972 return -EBUSY;
973 }
6e95dea7 974 client->iso_closure = a->closure;
24315c5e 975 client->iso_context = context;
bdfe273e 976 spin_unlock_irq(&client->lock);
19a15b93 977
6e95dea7 978 a->handle = 0;
abaa5743 979
19a15b93
KH		 980 return 0;
981}
982
1ca31ae7
KH		 983/* Macros for decoding the iso packet control header. */
984#define GET_PAYLOAD_LENGTH(v) ((v) & 0xffff)
985#define GET_INTERRUPT(v) (((v) >> 16) & 0x01)
986#define GET_SKIP(v) (((v) >> 17) & 0x01)
7a100344
SR		 987#define GET_TAG(v) (((v) >> 18) & 0x03)
988#define GET_SY(v) (((v) >> 20) & 0x0f)
1ca31ae7
KH		 989#define GET_HEADER_LENGTH(v) (((v) >> 24) & 0xff)
990
6e95dea7 991static int ioctl_queue_iso(struct client *client, union ioctl_arg *arg)
19a15b93 992{
6e95dea7 993 struct fw_cdev_queue_iso *a = &arg->queue_iso;
19a15b93 994 struct fw_cdev_iso_packet __user *p, *end, *next;
9b32d5f3 995 struct fw_iso_context *ctx = client->iso_context;
ef370ee7 996 unsigned long payload, buffer_end, header_length;
1ca31ae7 997 u32 control;
19a15b93
KH		 998 int count;
999 struct {
1000 struct fw_iso_packet packet;
1001 u8 header[256];
1002 } u;
1003
6e95dea7 1004 if (ctx == NULL || a->handle != 0)
19a15b93 1005 return -EINVAL;
19a15b93 1006
c781c06d
KH		 1007 /*
1008 * If the user passes a non-NULL data pointer, has mmap()'ed
19a15b93
KH		 1009 * the iso buffer, and the pointer points inside the buffer,
1010 * we setup the payload pointers accordingly. Otherwise we
9aad8125 1011 * set them both to 0, which will still let packets with
19a15b93
KH		 1012 * payload_length == 0 through. In other words, if no packets
1013 * use the indirect payload, the iso buffer need not be mapped
6e95dea7 1014 * and the a->data pointer is ignored.
c781c06d 1015 */
19a15b93 1016
6e95dea7 1017 payload = (unsigned long)a->data - client->vm_start;
ef370ee7 1018 buffer_end = client->buffer.page_count << PAGE_SHIFT;
6e95dea7 1019 if (a->data == 0 || client->buffer.pages == NULL ||
ef370ee7 1020 payload >= buffer_end) {
9aad8125 1021 payload = 0;
ef370ee7 1022 buffer_end = 0;
19a15b93
KH		 1023 }
1024
6e95dea7 1025 p = (struct fw_cdev_iso_packet __user *)u64_to_uptr(a->packets);
1ccc9147 1026
6e95dea7 1027 if (!access_ok(VERIFY_READ, p, a->size))
19a15b93
KH		 1028 return -EFAULT;
1029
6e95dea7 1030 end = (void __user *)p + a->size;
19a15b93
KH		 1031 count = 0;
1032 while (p < end) {
1ca31ae7 1033 if (get_user(control, &p->control))
19a15b93 1034 return -EFAULT;
1ca31ae7
KH		 1035 u.packet.payload_length = GET_PAYLOAD_LENGTH(control);
1036 u.packet.interrupt = GET_INTERRUPT(control);
1037 u.packet.skip = GET_SKIP(control);
1038 u.packet.tag = GET_TAG(control);
1039 u.packet.sy = GET_SY(control);
1040 u.packet.header_length = GET_HEADER_LENGTH(control);
295e3feb 1041
9b32d5f3 1042 if (ctx->type == FW_ISO_CONTEXT_TRANSMIT) {
385ab5bc
CL		 1043 if (u.packet.header_length % 4 != 0)
1044 return -EINVAL;
295e3feb
KH		 1045 header_length = u.packet.header_length;
1046 } else {
c781c06d
KH		 1047 /*
1048 * We require that header_length is a multiple of
1049 * the fixed header size, ctx->header_size.
1050 */
9b32d5f3
KH		 1051 if (ctx->header_size == 0) {
1052 if (u.packet.header_length > 0)
1053 return -EINVAL;
4ba1d9c0
CL		 1054 } else if (u.packet.header_length == 0 ||
1055 u.packet.header_length % ctx->header_size != 0) {
295e3feb 1056 return -EINVAL;
9b32d5f3 1057 }
295e3feb
KH		 1058 header_length = 0;
1059 }
1060
19a15b93 1061 next = (struct fw_cdev_iso_packet __user *)
295e3feb 1062 &p->header[header_length / 4];
19a15b93
KH		 1063 if (next > end)
1064 return -EINVAL;
1065 if (__copy_from_user
295e3feb 1066 (u.packet.header, p->header, header_length))
19a15b93 1067 return -EFAULT;
98b6cbe8 1068 if (u.packet.skip && ctx->type == FW_ISO_CONTEXT_TRANSMIT &&
19a15b93
KH		 1069 u.packet.header_length + u.packet.payload_length > 0)
1070 return -EINVAL;
ef370ee7 1071 if (payload + u.packet.payload_length > buffer_end)
19a15b93
KH		 1072 return -EINVAL;
1073
9b32d5f3
KH		 1074 if (fw_iso_context_queue(ctx, &u.packet,
1075 &client->buffer, payload))
19a15b93
KH		 1076 break;
1077
1078 p = next;
1079 payload += u.packet.payload_length;
1080 count++;
1081 }
1082
6e95dea7
SR		 1083 a->size -= uptr_to_u64(p) - a->packets;
1084 a->packets = uptr_to_u64(p);
1085 a->data = client->vm_start + payload;
19a15b93
KH		 1086
1087 return count;
1088}
1089
6e95dea7 1090static int ioctl_start_iso(struct client *client, union ioctl_arg *arg)
19a15b93 1091{
6e95dea7 1092 struct fw_cdev_start_iso *a = &arg->start_iso;
19a15b93 1093
eb5b35a5
SR		 1094 BUILD_BUG_ON(
1095 FW_CDEV_ISO_CONTEXT_MATCH_TAG0 != FW_ISO_CONTEXT_MATCH_TAG0 ||
1096 FW_CDEV_ISO_CONTEXT_MATCH_TAG1 != FW_ISO_CONTEXT_MATCH_TAG1 ||
1097 FW_CDEV_ISO_CONTEXT_MATCH_TAG2 != FW_ISO_CONTEXT_MATCH_TAG2 ||
1098 FW_CDEV_ISO_CONTEXT_MATCH_TAG3 != FW_ISO_CONTEXT_MATCH_TAG3 ||
1099 FW_CDEV_ISO_CONTEXT_MATCH_ALL_TAGS != FW_ISO_CONTEXT_MATCH_ALL_TAGS);
1100
6e95dea7 1101 if (client->iso_context == NULL || a->handle != 0)
abaa5743 1102 return -EINVAL;
fae60312 1103
6e95dea7
SR		 1104 if (client->iso_context->type == FW_ISO_CONTEXT_RECEIVE &&
1105 (a->tags == 0 || a->tags > 15 || a->sync > 15))
1106 return -EINVAL;
eb0306ea 1107
6e95dea7
SR		 1108 return fw_iso_context_start(client->iso_context,
1109 a->cycle, a->sync, a->tags);
19a15b93
KH		 1110}
1111
6e95dea7 1112static int ioctl_stop_iso(struct client *client, union ioctl_arg *arg)
b8295668 1113{
6e95dea7 1114 struct fw_cdev_stop_iso *a = &arg->stop_iso;
abaa5743 1115
6e95dea7 1116 if (client->iso_context == NULL || a->handle != 0)
abaa5743
KH		 1117 return -EINVAL;
1118
b8295668
KH		 1119 return fw_iso_context_stop(client->iso_context);
1120}
1121
6e95dea7 1122static int ioctl_get_cycle_timer2(struct client *client, union ioctl_arg *arg)
a64408b9 1123{
6e95dea7 1124 struct fw_cdev_get_cycle_timer2 *a = &arg->get_cycle_timer2;
a64408b9 1125 struct fw_card *card = client->device->card;
abfe5a01 1126 struct timespec ts = {0, 0};
4a9bde9b 1127 u32 cycle_time;
abfe5a01 1128 int ret = 0;
a64408b9 1129
4a9bde9b 1130 local_irq_disable();
a64408b9 1131
0fcff4e3 1132 cycle_time = card->driver->read_csr(card, CSR_CYCLE_TIME);
abfe5a01 1133
6e95dea7 1134 switch (a->clk_id) {
abfe5a01
SR		 1135 case CLOCK_REALTIME: getnstimeofday(&ts); break;
1136 case CLOCK_MONOTONIC: do_posix_clock_monotonic_gettime(&ts); break;
1137 case CLOCK_MONOTONIC_RAW: getrawmonotonic(&ts); break;
1138 default:
1139 ret = -EINVAL;
1140 }
a64408b9 1141
4a9bde9b 1142 local_irq_enable();
a64408b9 1143
6e95dea7
SR		 1144 a->tv_sec = ts.tv_sec;
1145 a->tv_nsec = ts.tv_nsec;
1146 a->cycle_timer = cycle_time;
abfe5a01
SR		 1147
1148 return ret;
1149}
1150
6e95dea7 1151static int ioctl_get_cycle_timer(struct client *client, union ioctl_arg *arg)
abfe5a01 1152{
6e95dea7 1153 struct fw_cdev_get_cycle_timer *a = &arg->get_cycle_timer;
abfe5a01
SR		 1154 struct fw_cdev_get_cycle_timer2 ct2;
1155
1156 ct2.clk_id = CLOCK_REALTIME;
6e95dea7 1157 ioctl_get_cycle_timer2(client, (union ioctl_arg *)&ct2);
abfe5a01 1158
6e95dea7
SR		 1159 a->local_time = ct2.tv_sec * USEC_PER_SEC + ct2.tv_nsec / NSEC_PER_USEC;
1160 a->cycle_timer = ct2.cycle_timer;
4a9bde9b 1161
a64408b9
SR		 1162 return 0;
1163}
1164
b1bda4cd
JFSR		 1165static void iso_resource_work(struct work_struct *work)
1166{
1167 struct iso_resource_event *e;
1168 struct iso_resource *r =
1169 container_of(work, struct iso_resource, work.work);
1170 struct client *client = r->client;
1171 int generation, channel, bandwidth, todo;
1172 bool skip, free, success;
1173
1174 spin_lock_irq(&client->lock);
1175 generation = client->device->generation;
1176 todo = r->todo;
1177 /* Allow 1000ms grace period for other reallocations. */
1178 if (todo == ISO_RES_ALLOC &&
1179 time_is_after_jiffies(client->device->card->reset_jiffies + HZ)) {
9fb551bf 1180 schedule_iso_resource(r, DIV_ROUND_UP(HZ, 3));
b1bda4cd
JFSR		 1181 skip = true;
1182 } else {
1183 /* We could be called twice within the same generation. */
1184 skip = todo == ISO_RES_REALLOC &&
1185 r->generation == generation;
1186 }
1ec3c026
SR		 1187 free = todo == ISO_RES_DEALLOC ||
1188 todo == ISO_RES_ALLOC_ONCE ||
1189 todo == ISO_RES_DEALLOC_ONCE;
b1bda4cd
JFSR		 1190 r->generation = generation;
1191 spin_unlock_irq(&client->lock);
1192
1193 if (skip)
1194 goto out;
1195
1196 bandwidth = r->bandwidth;
1197
1198 fw_iso_resource_manage(client->device->card, generation,
1199 r->channels, &channel, &bandwidth,
1ec3c026
SR		 1200 todo == ISO_RES_ALLOC ||
1201 todo == ISO_RES_REALLOC ||
6fdc0370
SR		 1202 todo == ISO_RES_ALLOC_ONCE,
1203 r->transaction_data);
b1bda4cd
JFSR		 1204 /*
1205 * Is this generation outdated already? As long as this resource sticks
1206 * in the idr, it will be scheduled again for a newer generation or at
1207 * shutdown.
1208 */
1209 if (channel == -EAGAIN &&
1210 (todo == ISO_RES_ALLOC || todo == ISO_RES_REALLOC))
1211 goto out;
1212
1213 success = channel >= 0 || bandwidth > 0;
1214
1215 spin_lock_irq(&client->lock);
1216 /*
1217 * Transit from allocation to reallocation, except if the client
1218 * requested deallocation in the meantime.
1219 */
1220 if (r->todo == ISO_RES_ALLOC)
1221 r->todo = ISO_RES_REALLOC;
1222 /*
1223 * Allocation or reallocation failure? Pull this resource out of the
1224 * idr and prepare for deletion, unless the client is shutting down.
1225 */
1226 if (r->todo == ISO_RES_REALLOC && !success &&
1227 !client->in_shutdown &&
1228 idr_find(&client->resource_idr, r->resource.handle)) {
1229 idr_remove(&client->resource_idr, r->resource.handle);
1230 client_put(client);
1231 free = true;
1232 }
1233 spin_unlock_irq(&client->lock);
1234
1235 if (todo == ISO_RES_ALLOC && channel >= 0)
5d9cb7d2 1236 r->channels = 1ULL << channel;
b1bda4cd
JFSR		 1237
1238 if (todo == ISO_RES_REALLOC && success)
1239 goto out;
1240
1ec3c026 1241 if (todo == ISO_RES_ALLOC || todo == ISO_RES_ALLOC_ONCE) {
b1bda4cd
JFSR		 1242 e = r->e_alloc;
1243 r->e_alloc = NULL;
1244 } else {
1245 e = r->e_dealloc;
1246 r->e_dealloc = NULL;
1247 }
e21fcf79
SR		 1248 e->iso_resource.handle = r->resource.handle;
1249 e->iso_resource.channel = channel;
1250 e->iso_resource.bandwidth = bandwidth;
b1bda4cd
JFSR		 1251
1252 queue_event(client, &e->event,
e21fcf79 1253 &e->iso_resource, sizeof(e->iso_resource), NULL, 0);
b1bda4cd
JFSR		 1254
1255 if (free) {
1256 cancel_delayed_work(&r->work);
1257 kfree(r->e_alloc);
1258 kfree(r->e_dealloc);
1259 kfree(r);
1260 }
1261 out:
1262 client_put(client);
1263}
1264
b1bda4cd
JFSR		 1265static void release_iso_resource(struct client *client,
1266 struct client_resource *resource)
1267{
1268 struct iso_resource *r =
1269 container_of(resource, struct iso_resource, resource);
1270
1271 spin_lock_irq(&client->lock);
1272 r->todo = ISO_RES_DEALLOC;
9fb551bf 1273 schedule_iso_resource(r, 0);
b1bda4cd
JFSR		 1274 spin_unlock_irq(&client->lock);
1275}
1276
1ec3c026
SR		 1277static int init_iso_resource(struct client *client,
1278 struct fw_cdev_allocate_iso_resource *request, int todo)
b1bda4cd 1279{
b1bda4cd
JFSR		 1280 struct iso_resource_event *e1, *e2;
1281 struct iso_resource *r;
1282 int ret;
1283
1284 if ((request->channels == 0 && request->bandwidth == 0) ||
1285 request->bandwidth > BANDWIDTH_AVAILABLE_INITIAL ||
1286 request->bandwidth < 0)
1287 return -EINVAL;
1288
1289 r = kmalloc(sizeof(*r), GFP_KERNEL);
1290 e1 = kmalloc(sizeof(*e1), GFP_KERNEL);
1291 e2 = kmalloc(sizeof(*e2), GFP_KERNEL);
1292 if (r == NULL || e1 == NULL || e2 == NULL) {
1293 ret = -ENOMEM;
1294 goto fail;
1295 }
1296
1297 INIT_DELAYED_WORK(&r->work, iso_resource_work);
1298 r->client = client;
1ec3c026 1299 r->todo = todo;
b1bda4cd
JFSR		 1300 r->generation = -1;
1301 r->channels = request->channels;
1302 r->bandwidth = request->bandwidth;
1303 r->e_alloc = e1;
1304 r->e_dealloc = e2;
1305
e21fcf79
SR		 1306 e1->iso_resource.closure = request->closure;
1307 e1->iso_resource.type = FW_CDEV_EVENT_ISO_RESOURCE_ALLOCATED;
1308 e2->iso_resource.closure = request->closure;
1309 e2->iso_resource.type = FW_CDEV_EVENT_ISO_RESOURCE_DEALLOCATED;
b1bda4cd 1310
1ec3c026
SR		 1311 if (todo == ISO_RES_ALLOC) {
1312 r->resource.release = release_iso_resource;
1313 ret = add_client_resource(client, &r->resource, GFP_KERNEL);
81610b8f
SR		 1314 if (ret < 0)
1315 goto fail;
1ec3c026
SR		 1316 } else {
1317 r->resource.release = NULL;
1318 r->resource.handle = -1;
9fb551bf 1319 schedule_iso_resource(r, 0);
1ec3c026 1320 }
b1bda4cd
JFSR		 1321 request->handle = r->resource.handle;
1322
1323 return 0;
1324 fail:
1325 kfree(r);
1326 kfree(e1);
1327 kfree(e2);
1328
1329 return ret;
1330}
1331
6e95dea7
SR		 1332static int ioctl_allocate_iso_resource(struct client *client,
1333 union ioctl_arg *arg)
1ec3c026 1334{
6e95dea7
SR		 1335 return init_iso_resource(client,
1336 &arg->allocate_iso_resource, ISO_RES_ALLOC);
1ec3c026
SR		 1337}
1338
6e95dea7
SR		 1339static int ioctl_deallocate_iso_resource(struct client *client,
1340 union ioctl_arg *arg)
b1bda4cd 1341{
6e95dea7
SR		 1342 return release_client_resource(client,
1343 arg->deallocate.handle, release_iso_resource, NULL);
b1bda4cd
JFSR		 1344}
1345
6e95dea7
SR		 1346static int ioctl_allocate_iso_resource_once(struct client *client,
1347 union ioctl_arg *arg)
1ec3c026 1348{
6e95dea7
SR		 1349 return init_iso_resource(client,
1350 &arg->allocate_iso_resource, ISO_RES_ALLOC_ONCE);
1ec3c026
SR		 1351}
1352
6e95dea7
SR		 1353static int ioctl_deallocate_iso_resource_once(struct client *client,
1354 union ioctl_arg *arg)
1ec3c026 1355{
6e95dea7
SR		 1356 return init_iso_resource(client,
1357 &arg->allocate_iso_resource, ISO_RES_DEALLOC_ONCE);
1ec3c026
SR		 1358}
1359
c8a25900
SR		 1360/*
1361 * Returns a speed code: Maximum speed to or from this device,
1362 * limited by the device's link speed, the local node's link speed,
1363 * and all PHY port speeds between the two links.
1364 */
6e95dea7 1365static int ioctl_get_speed(struct client *client, union ioctl_arg *arg)
33580a3e 1366{
c8a25900 1367 return client->device->max_speed;
33580a3e
SR		 1368}
1369
6e95dea7
SR		 1370static int ioctl_send_broadcast_request(struct client *client,
1371 union ioctl_arg *arg)
acfe8333 1372{
6e95dea7 1373 struct fw_cdev_send_request *a = &arg->send_request;
acfe8333 1374
6e95dea7 1375 switch (a->tcode) {
acfe8333
JFSR		 1376 case TCODE_WRITE_QUADLET_REQUEST:
1377 case TCODE_WRITE_BLOCK_REQUEST:
1378 break;
1379 default:
1380 return -EINVAL;
1381 }
1382
1566f3dc 1383 /* Security policy: Only allow accesses to Units Space. */
6e95dea7 1384 if (a->offset < CSR_REGISTER_BASE + CSR_CONFIG_ROM_END)
1566f3dc
SR		 1385 return -EACCES;
1386
6e95dea7 1387 return init_request(client, a, LOCAL_BUS | 0x3f, SCODE_100);
acfe8333
JFSR		 1388}
1389
6e95dea7 1390static int ioctl_send_stream_packet(struct client *client, union ioctl_arg *arg)
f8c2287c 1391{
6e95dea7 1392 struct fw_cdev_send_stream_packet *a = &arg->send_stream_packet;
18e9b10f
SR		 1393 struct fw_cdev_send_request request;
1394 int dest;
f8c2287c 1395
6e95dea7
SR		 1396 if (a->speed > client->device->card->link_speed ||
1397 a->length > 1024 << a->speed)
18e9b10f 1398 return -EIO;
f8c2287c 1399
6e95dea7 1400 if (a->tag > 3 || a->channel > 63 || a->sy > 15)
18e9b10f
SR		 1401 return -EINVAL;
1402
6e95dea7 1403 dest = fw_stream_packet_destination_id(a->tag, a->channel, a->sy);
18e9b10f 1404 request.tcode = TCODE_STREAM_DATA;
6e95dea7
SR		 1405 request.length = a->length;
1406 request.closure = a->closure;
1407 request.data = a->data;
1408 request.generation = a->generation;
18e9b10f 1409
6e95dea7 1410 return init_request(client, &request, dest, a->speed);
f8c2287c
JF		 1411}
1412
850bb6f2
SR		 1413static void outbound_phy_packet_callback(struct fw_packet *packet,
1414 struct fw_card *card, int status)
1415{
1416 struct outbound_phy_packet_event *e =
1417 container_of(packet, struct outbound_phy_packet_event, p);
1418
1419 switch (status) {
1420 /* expected: */
1421 case ACK_COMPLETE: e->phy_packet.rcode = RCODE_COMPLETE; break;
1422 /* should never happen with PHY packets: */
1423 case ACK_PENDING: e->phy_packet.rcode = RCODE_COMPLETE; break;
1424 case ACK_BUSY_X:
1425 case ACK_BUSY_A:
1426 case ACK_BUSY_B: e->phy_packet.rcode = RCODE_BUSY; break;
1427 case ACK_DATA_ERROR: e->phy_packet.rcode = RCODE_DATA_ERROR; break;
1428 case ACK_TYPE_ERROR: e->phy_packet.rcode = RCODE_TYPE_ERROR; break;
1429 /* stale generation; cancelled; on certain controllers: no ack */
1430 default: e->phy_packet.rcode = status; break;
1431 }
cc550216 1432 e->phy_packet.data[0] = packet->timestamp;
850bb6f2 1433
cc550216
SR		 1434 queue_event(e->client, &e->event, &e->phy_packet,
1435 sizeof(e->phy_packet) + e->phy_packet.length, NULL, 0);
850bb6f2
SR		 1436 client_put(e->client);
1437}
1438
1439static int ioctl_send_phy_packet(struct client *client, union ioctl_arg *arg)
1440{
1441 struct fw_cdev_send_phy_packet *a = &arg->send_phy_packet;
1442 struct fw_card *card = client->device->card;
1443 struct outbound_phy_packet_event *e;
1444
1445 /* Access policy: Allow this ioctl only on local nodes' device files. */
1446 if (!client->device->is_local)
1447 return -ENOSYS;
1448
cc550216 1449 e = kzalloc(sizeof(*e) + 4, GFP_KERNEL);
850bb6f2
SR		 1450 if (e == NULL)
1451 return -ENOMEM;
1452
1453 client_get(client);
1454 e->client = client;
1455 e->p.speed = SCODE_100;
1456 e->p.generation = a->generation;
1457 e->p.header[0] = a->data[0];
1458 e->p.header[1] = a->data[1];
1459 e->p.header_length = 8;
1460 e->p.callback = outbound_phy_packet_callback;
1461 e->phy_packet.closure = a->closure;
1462 e->phy_packet.type = FW_CDEV_EVENT_PHY_PACKET_SENT;
cc550216
SR		 1463 if (is_ping_packet(a->data))
1464 e->phy_packet.length = 4;
850bb6f2
SR		 1465
1466 card->driver->send_request(card, &e->p);
1467
1468 return 0;
1469}
1470
bf54e146
SR		 1471static int ioctl_receive_phy_packets(struct client *client, union ioctl_arg *arg)
1472{
1473 struct fw_cdev_receive_phy_packets *a = &arg->receive_phy_packets;
1474 struct fw_card *card = client->device->card;
1475
1476 /* Access policy: Allow this ioctl only on local nodes' device files. */
1477 if (!client->device->is_local)
1478 return -ENOSYS;
1479
1480 spin_lock_irq(&card->lock);
1481
1482 list_move_tail(&client->phy_receiver_link, &card->phy_receiver_list);
1483 client->phy_receiver_closure = a->closure;
1484
1485 spin_unlock_irq(&card->lock);
1486
1487 return 0;
1488}
1489
1490void fw_cdev_handle_phy_packet(struct fw_card *card, struct fw_packet *p)
1491{
1492 struct client *client;
1493 struct inbound_phy_packet_event *e;
1494 unsigned long flags;
1495
1496 spin_lock_irqsave(&card->lock, flags);
1497
1498 list_for_each_entry(client, &card->phy_receiver_list, phy_receiver_link) {
1499 e = kmalloc(sizeof(*e) + 8, GFP_ATOMIC);
1500 if (e == NULL) {
1501 fw_notify("Out of memory when allocating event\n");
1502 break;
1503 }
1504 e->phy_packet.closure = client->phy_receiver_closure;
1505 e->phy_packet.type = FW_CDEV_EVENT_PHY_PACKET_RECEIVED;
1506 e->phy_packet.rcode = RCODE_COMPLETE;
1507 e->phy_packet.length = 8;
1508 e->phy_packet.data[0] = p->header[1];
1509 e->phy_packet.data[1] = p->header[2];
1510 queue_event(client, &e->event,
1511 &e->phy_packet, sizeof(e->phy_packet) + 8, NULL, 0);
1512 }
1513
1514 spin_unlock_irqrestore(&card->lock, flags);
1515}
1516
6e95dea7 1517static int (* const ioctl_handlers[])(struct client *, union ioctl_arg *) = {
b9dc61cf
SR		 1518 [0x00] = ioctl_get_info,
1519 [0x01] = ioctl_send_request,
1520 [0x02] = ioctl_allocate,
1521 [0x03] = ioctl_deallocate,
1522 [0x04] = ioctl_send_response,
1523 [0x05] = ioctl_initiate_bus_reset,
1524 [0x06] = ioctl_add_descriptor,
1525 [0x07] = ioctl_remove_descriptor,
1526 [0x08] = ioctl_create_iso_context,
1527 [0x09] = ioctl_queue_iso,
1528 [0x0a] = ioctl_start_iso,
1529 [0x0b] = ioctl_stop_iso,
1530 [0x0c] = ioctl_get_cycle_timer,
1531 [0x0d] = ioctl_allocate_iso_resource,
1532 [0x0e] = ioctl_deallocate_iso_resource,
1533 [0x0f] = ioctl_allocate_iso_resource_once,
1534 [0x10] = ioctl_deallocate_iso_resource_once,
1535 [0x11] = ioctl_get_speed,
1536 [0x12] = ioctl_send_broadcast_request,
1537 [0x13] = ioctl_send_stream_packet,
1538 [0x14] = ioctl_get_cycle_timer2,
850bb6f2 1539 [0x15] = ioctl_send_phy_packet,
bf54e146 1540 [0x16] = ioctl_receive_phy_packets,
4f259223
KH		 1541};
1542
53dca511
SR		 1543static int dispatch_ioctl(struct client *client,
1544 unsigned int cmd, void __user *arg)
19a15b93 1545{
6e95dea7 1546 union ioctl_arg buffer;
2dbd7d7e 1547 int ret;
4f259223 1548
64582298
SR		 1549 if (fw_device_is_shutdown(client->device))
1550 return -ENODEV;
1551
4f259223 1552 if (_IOC_TYPE(cmd) != '#' ||
9cac00b8
SR		 1553 _IOC_NR(cmd) >= ARRAY_SIZE(ioctl_handlers) ||
1554 _IOC_SIZE(cmd) > sizeof(buffer))
19a15b93 1555 return -EINVAL;
4f259223 1556
9cac00b8
SR		 1557 if (_IOC_DIR(cmd) == _IOC_READ)
1558 memset(&buffer, 0, _IOC_SIZE(cmd));
1559
1560 if (_IOC_DIR(cmd) & _IOC_WRITE)
1561 if (copy_from_user(&buffer, arg, _IOC_SIZE(cmd)))
4f259223 1562 return -EFAULT;
4f259223 1563
6e95dea7 1564 ret = ioctl_handlers[_IOC_NR(cmd)](client, &buffer);
2dbd7d7e
SR		 1565 if (ret < 0)
1566 return ret;
4f259223 1567
9cac00b8
SR		 1568 if (_IOC_DIR(cmd) & _IOC_READ)
1569 if (copy_to_user(arg, &buffer, _IOC_SIZE(cmd)))
4f259223 1570 return -EFAULT;
4f259223 1571
2dbd7d7e 1572 return ret;
19a15b93
KH		 1573}
1574
53dca511
SR		 1575static long fw_device_op_ioctl(struct file *file,
1576 unsigned int cmd, unsigned long arg)
19a15b93 1577{
64582298 1578 return dispatch_ioctl(file->private_data, cmd, (void __user *)arg);
19a15b93
KH		 1579}
1580
1581#ifdef CONFIG_COMPAT
53dca511
SR		 1582static long fw_device_op_compat_ioctl(struct file *file,
1583 unsigned int cmd, unsigned long arg)
19a15b93 1584{
64582298 1585 return dispatch_ioctl(file->private_data, cmd, compat_ptr(arg));
19a15b93
KH		 1586}
1587#endif
1588
1589static int fw_device_op_mmap(struct file *file, struct vm_area_struct *vma)
1590{
1591 struct client *client = file->private_data;
9aad8125
KH		 1592 enum dma_data_direction direction;
1593 unsigned long size;
2dbd7d7e 1594 int page_count, ret;
9aad8125 1595
551f4cb9
JF		 1596 if (fw_device_is_shutdown(client->device))
1597 return -ENODEV;
1598
9aad8125
KH		 1599 /* FIXME: We could support multiple buffers, but we don't. */
1600 if (client->buffer.pages != NULL)
1601 return -EBUSY;
1602
1603 if (!(vma->vm_flags & VM_SHARED))
1604 return -EINVAL;
19a15b93 1605
9aad8125 1606 if (vma->vm_start & ~PAGE_MASK)
19a15b93
KH		 1607 return -EINVAL;
1608
1609 client->vm_start = vma->vm_start;
9aad8125
KH		 1610 size = vma->vm_end - vma->vm_start;
1611 page_count = size >> PAGE_SHIFT;
1612 if (size & ~PAGE_MASK)
1613 return -EINVAL;
1614
1615 if (vma->vm_flags & VM_WRITE)
1616 direction = DMA_TO_DEVICE;
1617 else
1618 direction = DMA_FROM_DEVICE;
1619
2dbd7d7e
SR		 1620 ret = fw_iso_buffer_init(&client->buffer, client->device->card,
1621 page_count, direction);
1622 if (ret < 0)
1623 return ret;
19a15b93 1624
2dbd7d7e
SR		 1625 ret = fw_iso_buffer_map(&client->buffer, vma);
1626 if (ret < 0)
9aad8125
KH		 1627 fw_iso_buffer_destroy(&client->buffer, client->device->card);
1628
2dbd7d7e 1629 return ret;
19a15b93
KH		 1630}
1631
45ee3199
JF		 1632static int shutdown_resource(int id, void *p, void *data)
1633{
e21fcf79 1634 struct client_resource *resource = p;
45ee3199
JF		 1635 struct client *client = data;
1636
e21fcf79 1637 resource->release(client, resource);
fb443036 1638 client_put(client);
45ee3199
JF		 1639
1640 return 0;
1641}
1642
19a15b93
KH		 1643static int fw_device_op_release(struct inode *inode, struct file *file)
1644{
1645 struct client *client = file->private_data;
e21fcf79 1646 struct event *event, *next_event;
19a15b93 1647
bf54e146
SR		 1648 spin_lock_irq(&client->device->card->lock);
1649 list_del(&client->phy_receiver_link);
1650 spin_unlock_irq(&client->device->card->lock);
1651
97811e34
SR		 1652 mutex_lock(&client->device->client_list_mutex);
1653 list_del(&client->link);
1654 mutex_unlock(&client->device->client_list_mutex);
1655
19a15b93
KH		 1656 if (client->iso_context)
1657 fw_iso_context_destroy(client->iso_context);
1658
36a755cf
SR		 1659 if (client->buffer.pages)
1660 fw_iso_buffer_destroy(&client->buffer, client->device->card);
1661
45ee3199 1662 /* Freeze client->resource_idr and client->event_list */
3ba94986 1663 spin_lock_irq(&client->lock);
45ee3199 1664 client->in_shutdown = true;
3ba94986 1665 spin_unlock_irq(&client->lock);
66dea3e5 1666
45ee3199
JF		 1667 idr_for_each(&client->resource_idr, shutdown_resource, client);
1668 idr_remove_all(&client->resource_idr);
1669 idr_destroy(&client->resource_idr);
28cf6a04 1670
e21fcf79
SR		 1671 list_for_each_entry_safe(event, next_event, &client->event_list, link)
1672 kfree(event);
19a15b93 1673
fb443036 1674 client_put(client);
19a15b93
KH		 1675
1676 return 0;
1677}
1678
1679static unsigned int fw_device_op_poll(struct file *file, poll_table * pt)
1680{
1681 struct client *client = file->private_data;
2603bf21 1682 unsigned int mask = 0;
19a15b93
KH		 1683
1684 poll_wait(file, &client->wait, pt);
1685
2603bf21
KH		 1686 if (fw_device_is_shutdown(client->device))
1687 mask |= POLLHUP | POLLERR;
19a15b93 1688 if (!list_empty(&client->event_list))
2603bf21
KH		 1689 mask |= POLLIN | POLLRDNORM;
1690
1691 return mask;
19a15b93
KH		 1692}
1693
21ebcd12 1694const struct file_operations fw_device_ops = {
19a15b93 1695 .owner = THIS_MODULE,
3ac26b2e 1696 .llseek = no_llseek,
19a15b93
KH		 1697 .open = fw_device_op_open,
1698 .read = fw_device_op_read,
1699 .unlocked_ioctl = fw_device_op_ioctl,
19a15b93 1700 .mmap = fw_device_op_mmap,
3ac26b2e
SR		 1701 .release = fw_device_op_release,
1702 .poll = fw_device_op_poll,
19a15b93 1703#ifdef CONFIG_COMPAT
5af4e5ea 1704 .compat_ioctl = fw_device_op_compat_ioctl,
19a15b93
KH		 1705#endif
1706};
Linux kernel - Deliverables
This page took 0.351991 seconds and 5 git commands to generate.