drivers/firewire/fw-device-cdev.c

   1 /*                                              -*- c-basic-offset: 8 -*-
   2  *
   3  * fw-device-cdev.c - Char device for device raw access
   4  *
   5  * Copyright (C) 2005-2006  Kristian Hoegsberg <krh@bitplanet.net>
   6  *
   7  * This program is free software; you can redistribute it and/or modify
   8  * it under the terms of the GNU General Public License as published by
   9  * the Free Software Foundation; either version 2 of the License, or
  10  * (at your option) any later version.
  11  *
  12  * This program is distributed in the hope that it will be useful,
  13  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  14  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  15  * GNU General Public License for more details.
  16  *
  17  * You should have received a copy of the GNU General Public License
  18  * along with this program; if not, write to the Free Software Foundation,
  19  * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
  20  */
  21
  22 #include <linux/module.h>
  23 #include <linux/kernel.h>
  24 #include <linux/wait.h>
  25 #include <linux/errno.h>
  26 #include <linux/device.h>
  27 #include <linux/vmalloc.h>
  28 #include <linux/poll.h>
  29 #include <linux/delay.h>
  30 #include <linux/mm.h>
  31 #include <linux/compat.h>
  32 #include <asm/uaccess.h>
  33 #include "fw-transaction.h"
  34 #include "fw-topology.h"
  35 #include "fw-device.h"
  36 #include "fw-device-cdev.h"
  37
  38 /*
  39  * todo
  40  *
  41  * - bus resets sends a new packet with new generation and node id
  42  *
  43  */
  44
  45 /* dequeue_event() just kfree()'s the event, so the event has to be
  46  * the first field in the struct. */
  47
  48 struct event {
  49         struct { void *data; size_t size; } v[2];
  50         struct list_head link;
  51 };
  52
  53 struct response {
  54         struct event event;
  55         struct fw_transaction transaction;
  56         struct client *client;
  57         struct fw_cdev_event_response response;
  58 };
  59
  60 struct iso_interrupt {
  61         struct event event;
  62         struct fw_cdev_event_iso_interrupt interrupt;
  63 };
  64
  65 struct client {
  66         struct fw_device *device;
  67         spinlock_t lock;
  68         struct list_head handler_list;
  69         struct list_head request_list;
  70         u32 request_serial;
  71         struct list_head event_list;
  72         struct semaphore event_list_sem;
  73         wait_queue_head_t wait;
  74
  75         struct fw_iso_context *iso_context;
  76         struct fw_iso_buffer buffer;
  77         unsigned long vm_start;
  78 };
  79
  80 static inline void __user *
  81 u64_to_uptr(__u64 value)
  82 {
  83         return (void __user *)(unsigned long)value;
  84 }
  85
  86 static inline __u64
  87 uptr_to_u64(void __user *ptr)
  88 {
  89         return (__u64)(unsigned long)ptr;
  90 }
  91
  92 static int fw_device_op_open(struct inode *inode, struct file *file)
  93 {
  94         struct fw_device *device;
  95         struct client *client;
  96
  97         device = container_of(inode->i_cdev, struct fw_device, cdev);
  98
  99         client = kzalloc(sizeof *client, GFP_KERNEL);
 100         if (client == NULL)
 101                 return -ENOMEM;
 102
 103         client->device = fw_device_get(device);
 104         INIT_LIST_HEAD(&client->event_list);
 105         sema_init(&client->event_list_sem, 0);
 106         INIT_LIST_HEAD(&client->handler_list);
 107         INIT_LIST_HEAD(&client->request_list);
 108         spin_lock_init(&client->lock);
 109         init_waitqueue_head(&client->wait);
 110
 111         file->private_data = client;
 112
 113         return 0;
 114 }
 115
 116 static void queue_event(struct client *client, struct event *event,
 117                         void *data0, size_t size0, void *data1, size_t size1)
 118 {
 119         unsigned long flags;
 120
 121         event->v[0].data = data0;
 122         event->v[0].size = size0;
 123         event->v[1].data = data1;
 124         event->v[1].size = size1;
 125
 126         spin_lock_irqsave(&client->lock, flags);
 127
 128         list_add_tail(&event->link, &client->event_list);
 129
 130         up(&client->event_list_sem);
 131         wake_up_interruptible(&client->wait);
 132
 133         spin_unlock_irqrestore(&client->lock, flags);
 134 }
 135
 136 static int dequeue_event(struct client *client, char __user *buffer, size_t count)
 137 {
 138         unsigned long flags;
 139         struct event *event;
 140         size_t size, total;
 141         int i, retval = -EFAULT;
 142
 143         if (down_interruptible(&client->event_list_sem) < 0)
 144                 return -EINTR;
 145
 146         spin_lock_irqsave(&client->lock, flags);
 147
 148         event = container_of(client->event_list.next, struct event, link);
 149         list_del(&event->link);
 150
 151         spin_unlock_irqrestore(&client->lock, flags);
 152
 153         if (buffer == NULL)
 154                 goto out;
 155
 156         total = 0;
 157         for (i = 0; i < ARRAY_SIZE(event->v) && total < count; i++) {
 158                 size = min(event->v[i].size, count - total);
 159                 if (copy_to_user(buffer + total, event->v[i].data, size))
 160                         goto out;
 161                 total += size;
 162         }
 163         retval = total;
 164
 165  out:
 166         kfree(event);
 167
 168         return retval;
 169 }
 170
 171 static ssize_t
 172 fw_device_op_read(struct file *file,
 173                   char __user *buffer, size_t count, loff_t *offset)
 174 {
 175         struct client *client = file->private_data;
 176
 177         return dequeue_event(client, buffer, count);
 178 }
 179
 180 static int ioctl_config_rom(struct client *client, void __user *arg)
 181 {
 182         struct fw_cdev_get_config_rom rom;
 183
 184         rom.length = client->device->config_rom_length;
 185         memcpy(rom.data, client->device->config_rom, rom.length * 4);
 186         if (copy_to_user(arg, &rom,
 187                          (char *)&rom.data[rom.length] - (char *)&rom))
 188                 return -EFAULT;
 189
 190         return 0;
 191 }
 192
 193 static void
 194 complete_transaction(struct fw_card *card, int rcode,
 195                      void *payload, size_t length, void *data)
 196 {
 197         struct response *response = data;
 198         struct client *client = response->client;
 199
 200         if (length < response->response.length)
 201                 response->response.length = length;
 202         if (rcode == RCODE_COMPLETE)
 203                 memcpy(response->response.data, payload,
 204                        response->response.length);
 205
 206         response->response.type   = FW_CDEV_EVENT_RESPONSE;
 207         response->response.rcode  = rcode;
 208         queue_event(client, &response->event,
 209                     &response->response, sizeof response->response,
 210                     response->response.data, response->response.length);
 211 }
 212
 213 static ssize_t ioctl_send_request(struct client *client, void __user *arg)
 214 {
 215         struct fw_device *device = client->device;
 216         struct fw_cdev_send_request request;
 217         struct response *response;
 218
 219         if (copy_from_user(&request, arg, sizeof request))
 220                 return -EFAULT;
 221
 222         /* What is the biggest size we'll accept, really? */
 223         if (request.length > 4096)
 224                 return -EINVAL;
 225
 226         response = kmalloc(sizeof *response + request.length, GFP_KERNEL);
 227         if (response == NULL)
 228                 return -ENOMEM;
 229
 230         response->client = client;
 231         response->response.length = request.length;
 232         response->response.closure = request.closure;
 233
 234         if (request.data &&
 235             copy_from_user(response->response.data,
 236                            u64_to_uptr(request.data), request.length)) {
 237                 kfree(response);
 238                 return -EFAULT;
 239         }
 240
 241         fw_send_request(device->card, &response->transaction,
 242                         request.tcode,
 243                         device->node->node_id,
 244                         device->card->generation,
 245                         device->node->max_speed,
 246                         request.offset,
 247                         response->response.data, request.length,
 248                         complete_transaction, response);
 249
 250         if (request.data)
 251                 return sizeof request + request.length;
 252         else
 253                 return sizeof request;
 254 }
 255
 256 struct address_handler {
 257         struct fw_address_handler handler;
 258         __u64 closure;
 259         struct client *client;
 260         struct list_head link;
 261 };
 262
 263 struct request {
 264         struct fw_request *request;
 265         void *data;
 266         size_t length;
 267         u32 serial;
 268         struct list_head link;
 269 };
 270
 271 struct request_event {
 272         struct event event;
 273         struct fw_cdev_event_request request;
 274 };
 275
 276 static void
 277 handle_request(struct fw_card *card, struct fw_request *r,
 278                int tcode, int destination, int source,
 279                int generation, int speed,
 280                unsigned long long offset,
 281                void *payload, size_t length, void *callback_data)
 282 {
 283         struct address_handler *handler = callback_data;
 284         struct request *request;
 285         struct request_event *e;
 286         unsigned long flags;
 287         struct client *client = handler->client;
 288
 289         request = kmalloc(sizeof *request, GFP_ATOMIC);
 290         e = kmalloc(sizeof *e, GFP_ATOMIC);
 291         if (request == NULL || e == NULL) {
 292                 kfree(request);
 293                 kfree(e);
 294                 fw_send_response(card, r, RCODE_CONFLICT_ERROR);
 295                 return;
 296         }
 297
 298         request->request = r;
 299         request->data    = payload;
 300         request->length  = length;
 301
 302         spin_lock_irqsave(&client->lock, flags);
 303         request->serial = client->request_serial++;
 304         list_add_tail(&request->link, &client->request_list);
 305         spin_unlock_irqrestore(&client->lock, flags);
 306
 307         e->request.type    = FW_CDEV_EVENT_REQUEST;
 308         e->request.tcode   = tcode;
 309         e->request.offset  = offset;
 310         e->request.length  = length;
 311         e->request.serial  = request->serial;
 312         e->request.closure = handler->closure;
 313
 314         queue_event(client, &e->event,
 315                     &e->request, sizeof e->request, payload, length);
 316 }
 317
 318 static int ioctl_allocate(struct client *client, void __user *arg)
 319 {
 320         struct fw_cdev_allocate request;
 321         struct address_handler *handler;
 322         unsigned long flags;
 323         struct fw_address_region region;
 324
 325         if (copy_from_user(&request, arg, sizeof request))
 326                 return -EFAULT;
 327
 328         handler = kmalloc(sizeof *handler, GFP_KERNEL);
 329         if (handler == NULL)
 330                 return -ENOMEM;
 331
 332         region.start = request.offset;
 333         region.end = request.offset + request.length;
 334         handler->handler.length = request.length;
 335         handler->handler.address_callback = handle_request;
 336         handler->handler.callback_data = handler;
 337         handler->closure = request.closure;
 338         handler->client = client;
 339
 340         if (fw_core_add_address_handler(&handler->handler, &region) < 0) {
 341                 kfree(handler);
 342                 return -EBUSY;
 343         }
 344
 345         spin_lock_irqsave(&client->lock, flags);
 346         list_add_tail(&handler->link, &client->handler_list);
 347         spin_unlock_irqrestore(&client->lock, flags);
 348
 349         return 0;
 350 }
 351
 352 static int ioctl_send_response(struct client *client, void __user *arg)
 353 {
 354         struct fw_cdev_send_response request;
 355         struct request *r;
 356         unsigned long flags;
 357
 358         if (copy_from_user(&request, arg, sizeof request))
 359                 return -EFAULT;
 360
 361         spin_lock_irqsave(&client->lock, flags);
 362         list_for_each_entry(r, &client->request_list, link) {
 363                 if (r->serial == request.serial) {
 364                         list_del(&r->link);
 365                         break;
 366                 }
 367         }
 368         spin_unlock_irqrestore(&client->lock, flags);
 369
 370         if (&r->link == &client->request_list)
 371                 return -EINVAL;
 372
 373         if (request.length < r->length)
 374                 r->length = request.length;
 375         if (copy_from_user(r->data, u64_to_uptr(request.data), r->length))
 376                 return -EFAULT;
 377
 378         fw_send_response(client->device->card, r->request, request.rcode);
 379
 380         kfree(r);
 381
 382         return 0;
 383 }
 384
 385 static void
 386 iso_callback(struct fw_iso_context *context, int status, u32 cycle, void *data)
 387 {
 388         struct client *client = data;
 389         struct iso_interrupt *interrupt;
 390
 391         interrupt = kzalloc(sizeof *interrupt, GFP_ATOMIC);
 392         if (interrupt == NULL)
 393                 return;
 394
 395         interrupt->interrupt.type      = FW_CDEV_EVENT_ISO_INTERRUPT;
 396         interrupt->interrupt.closure   = 0;
 397         interrupt->interrupt.cycle     = cycle;
 398         queue_event(client, &interrupt->event,
 399                     &interrupt->interrupt, sizeof interrupt->interrupt, NULL, 0);
 400 }
 401
 402 static int ioctl_create_iso_context(struct client *client, void __user *arg)
 403 {
 404         struct fw_cdev_create_iso_context request;
 405
 406         if (copy_from_user(&request, arg, sizeof request))
 407                 return -EFAULT;
 408
 409         client->iso_context = fw_iso_context_create(client->device->card,
 410                                                     FW_ISO_CONTEXT_TRANSMIT,
 411                                                     iso_callback, client);
 412         if (IS_ERR(client->iso_context))
 413                 return PTR_ERR(client->iso_context);
 414
 415         return 0;
 416 }
 417
 418 static int ioctl_queue_iso(struct client *client, void __user *arg)
 419 {
 420         struct fw_cdev_queue_iso request;
 421         struct fw_cdev_iso_packet __user *p, *end, *next;
 422         unsigned long payload, payload_end;
 423         int count;
 424         struct {
 425                 struct fw_iso_packet packet;
 426                 u8 header[256];
 427         } u;
 428
 429         if (client->iso_context == NULL)
 430                 return -EINVAL;
 431         if (copy_from_user(&request, arg, sizeof request))
 432                 return -EFAULT;
 433
 434         /* If the user passes a non-NULL data pointer, has mmap()'ed
 435          * the iso buffer, and the pointer points inside the buffer,
 436          * we setup the payload pointers accordingly.  Otherwise we
 437          * set them both to 0, which will still let packets with
 438          * payload_length == 0 through.  In other words, if no packets
 439          * use the indirect payload, the iso buffer need not be mapped
 440          * and the request.data pointer is ignored.*/
 441
 442         payload = (unsigned long)request.data - client->vm_start;
 443         payload_end = payload + (client->buffer.page_count << PAGE_SHIFT);
 444         if (request.data == 0 || client->buffer.pages == NULL ||
 445             payload >= payload_end) {
 446                 payload = 0;
 447                 payload_end = 0;
 448         }
 449
 450         if (!access_ok(VERIFY_READ, request.packets, request.size))
 451                 return -EFAULT;
 452
 453         p = (struct fw_cdev_iso_packet __user *)u64_to_uptr(request.packets);
 454         end = (void __user *)p + request.size;
 455         count = 0;
 456         while (p < end) {
 457                 if (__copy_from_user(&u.packet, p, sizeof *p))
 458                         return -EFAULT;
 459                 next = (struct fw_cdev_iso_packet __user *)
 460                         &p->header[u.packet.header_length / 4];
 461                 if (next > end)
 462                         return -EINVAL;
 463                 if (__copy_from_user
 464                     (u.packet.header, p->header, u.packet.header_length))
 465                         return -EFAULT;
 466                 if (u.packet.skip &&
 467                     u.packet.header_length + u.packet.payload_length > 0)
 468                         return -EINVAL;
 469                 if (payload + u.packet.payload_length > payload_end)
 470                         return -EINVAL;
 471
 472                 if (fw_iso_context_queue(client->iso_context,
 473                                          &u.packet, &client->buffer, payload))
 474                         break;
 475
 476                 p = next;
 477                 payload += u.packet.payload_length;
 478                 count++;
 479         }
 480
 481         request.size    -= uptr_to_u64(p) - request.packets;
 482         request.packets  = uptr_to_u64(p);
 483         request.data     = client->vm_start + payload;
 484
 485         if (copy_to_user(arg, &request, sizeof request))
 486                 return -EFAULT;
 487
 488         return count;
 489 }
 490
 491 static int ioctl_send_iso(struct client *client, void __user *arg)
 492 {
 493         struct fw_cdev_send_iso request;
 494
 495         if (copy_from_user(&request, arg, sizeof request))
 496                 return -EFAULT;
 497
 498         return fw_iso_context_send(client->iso_context, request.channel,
 499                                    request.speed, request.cycle);
 500 }
 501
 502 static int
 503 dispatch_ioctl(struct client *client, unsigned int cmd, void __user *arg)
 504 {
 505         switch (cmd) {
 506         case FW_CDEV_IOC_GET_CONFIG_ROM:
 507                 return ioctl_config_rom(client, arg);
 508         case FW_CDEV_IOC_SEND_REQUEST:
 509                 return ioctl_send_request(client, arg);
 510         case FW_CDEV_IOC_ALLOCATE:
 511                 return ioctl_allocate(client, arg);
 512         case FW_CDEV_IOC_SEND_RESPONSE:
 513                 return ioctl_send_response(client, arg);
 514         case FW_CDEV_IOC_CREATE_ISO_CONTEXT:
 515                 return ioctl_create_iso_context(client, arg);
 516         case FW_CDEV_IOC_QUEUE_ISO:
 517                 return ioctl_queue_iso(client, arg);
 518         case FW_CDEV_IOC_SEND_ISO:
 519                 return ioctl_send_iso(client, arg);
 520         default:
 521                 return -EINVAL;
 522         }
 523 }
 524
 525 static long
 526 fw_device_op_ioctl(struct file *file,
 527                    unsigned int cmd, unsigned long arg)
 528 {
 529         struct client *client = file->private_data;
 530
 531         return dispatch_ioctl(client, cmd, (void __user *) arg);
 532 }
 533
 534 #ifdef CONFIG_COMPAT
 535 static long
 536 fw_device_op_compat_ioctl(struct file *file,
 537                           unsigned int cmd, unsigned long arg)
 538 {
 539         struct client *client = file->private_data;
 540
 541         return dispatch_ioctl(client, cmd, compat_ptr(arg));
 542 }
 543 #endif
 544
 545 static int fw_device_op_mmap(struct file *file, struct vm_area_struct *vma)
 546 {
 547         struct client *client = file->private_data;
 548         enum dma_data_direction direction;
 549         unsigned long size;
 550         int page_count, retval;
 551
 552         /* FIXME: We could support multiple buffers, but we don't. */
 553         if (client->buffer.pages != NULL)
 554                 return -EBUSY;
 555
 556         if (!(vma->vm_flags & VM_SHARED))
 557                 return -EINVAL;
 558
 559         if (vma->vm_start & ~PAGE_MASK)
 560                 return -EINVAL;
 561
 562         client->vm_start = vma->vm_start;
 563         size = vma->vm_end - vma->vm_start;
 564         page_count = size >> PAGE_SHIFT;
 565         if (size & ~PAGE_MASK)
 566                 return -EINVAL;
 567
 568         if (vma->vm_flags & VM_WRITE)
 569                 direction = DMA_TO_DEVICE;
 570         else
 571                 direction = DMA_FROM_DEVICE;
 572
 573         retval = fw_iso_buffer_init(&client->buffer, client->device->card,
 574                                     page_count, direction);
 575         if (retval < 0)
 576                 return retval;
 577
 578         retval = fw_iso_buffer_map(&client->buffer, vma);
 579         if (retval < 0)
 580                 fw_iso_buffer_destroy(&client->buffer, client->device->card);
 581
 582         return retval;
 583 }
 584
 585 static int fw_device_op_release(struct inode *inode, struct file *file)
 586 {
 587         struct client *client = file->private_data;
 588         struct address_handler *h, *next;
 589         struct request *r, *next_r;
 590
 591         if (client->buffer.pages)
 592                 fw_iso_buffer_destroy(&client->buffer, client->device->card);
 593
 594         if (client->iso_context)
 595                 fw_iso_context_destroy(client->iso_context);
 596
 597         list_for_each_entry_safe(h, next, &client->handler_list, link) {
 598                 fw_core_remove_address_handler(&h->handler);
 599                 kfree(h);
 600         }
 601
 602         list_for_each_entry_safe(r, next_r, &client->request_list, link) {
 603                 fw_send_response(client->device->card, r->request,
 604                                  RCODE_CONFLICT_ERROR);
 605                 kfree(r);
 606         }
 607
 608         /* TODO: wait for all transactions to finish so
 609          * complete_transaction doesn't try to queue up responses
 610          * after we free client. */
 611         while (!list_empty(&client->event_list))
 612                 dequeue_event(client, NULL, 0);
 613
 614         fw_device_put(client->device);
 615         kfree(client);
 616
 617         return 0;
 618 }
 619
 620 static unsigned int fw_device_op_poll(struct file *file, poll_table * pt)
 621 {
 622         struct client *client = file->private_data;
 623
 624         poll_wait(file, &client->wait, pt);
 625
 626         if (!list_empty(&client->event_list))
 627                 return POLLIN | POLLRDNORM;
 628         else
 629                 return 0;
 630 }
 631
 632 const struct file_operations fw_device_ops = {
 633         .owner          = THIS_MODULE,
 634         .open           = fw_device_op_open,
 635         .read           = fw_device_op_read,
 636         .unlocked_ioctl = fw_device_op_ioctl,
 637         .poll           = fw_device_op_poll,
 638         .release        = fw_device_op_release,
 639         .mmap           = fw_device_op_mmap,
 640
 641 #ifdef CONFIG_COMPAT
 642         .compat_ioctl   = fw_device_op_compat_ioctl,
 643 #endif
 644 };