drivers/firewire/fw-device-cdev.c

   1 /*                                              -*- c-basic-offset: 8 -*-
   2  *
   3  * fw-device-cdev.c - Char device for device raw access
   4  *
   5  * Copyright (C) 2005-2006  Kristian Hoegsberg <krh@bitplanet.net>
   6  *
   7  * This program is free software; you can redistribute it and/or modify
   8  * it under the terms of the GNU General Public License as published by
   9  * the Free Software Foundation; either version 2 of the License, or
  10  * (at your option) any later version.
  11  *
  12  * This program is distributed in the hope that it will be useful,
  13  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  14  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  15  * GNU General Public License for more details.
  16  *
  17  * You should have received a copy of the GNU General Public License
  18  * along with this program; if not, write to the Free Software Foundation,
  19  * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
  20  */
  21
  22 #include <linux/module.h>
  23 #include <linux/kernel.h>
  24 #include <linux/wait.h>
  25 #include <linux/errno.h>
  26 #include <linux/device.h>
  27 #include <linux/vmalloc.h>
  28 #include <linux/poll.h>
  29 #include <linux/delay.h>
  30 #include <linux/mm.h>
  31 #include <linux/compat.h>
  32 #include <asm/uaccess.h>
  33 #include "fw-transaction.h"
  34 #include "fw-topology.h"
  35 #include "fw-device.h"
  36 #include "fw-device-cdev.h"
  37
  38 /*
  39  * todo
  40  *
  41  * - bus resets sends a new packet with new generation and node id
  42  *
  43  */
  44
  45 /* dequeue_event() just kfree()'s the event, so the event has to be
  46  * the first field in the struct. */
  47
  48 struct event {
  49         struct { void *data; size_t size; } v[2];
  50         struct list_head link;
  51 };
  52
  53 struct response {
  54         struct event event;
  55         struct fw_transaction transaction;
  56         struct client *client;
  57         struct fw_cdev_event_response response;
  58 };
  59
  60 struct iso_interrupt {
  61         struct event event;
  62         struct fw_cdev_event_iso_interrupt interrupt;
  63 };
  64
  65 struct client {
  66         struct fw_device *device;
  67         spinlock_t lock;
  68         struct list_head handler_list;
  69         struct list_head request_list;
  70         u32 request_serial;
  71         struct list_head event_list;
  72         struct semaphore event_list_sem;
  73         wait_queue_head_t wait;
  74
  75         struct fw_iso_context *iso_context;
  76         struct fw_iso_buffer buffer;
  77         unsigned long vm_start;
  78 };
  79
  80 static inline void __user *
  81 u64_to_uptr(__u64 value)
  82 {
  83         return (void __user *)(unsigned long)value;
  84 }
  85
  86 static inline __u64
  87 uptr_to_u64(void __user *ptr)
  88 {
  89         return (__u64)(unsigned long)ptr;
  90 }
  91
  92 static int fw_device_op_open(struct inode *inode, struct file *file)
  93 {
  94         struct fw_device *device;
  95         struct client *client;
  96
  97         device = container_of(inode->i_cdev, struct fw_device, cdev);
  98
  99         client = kzalloc(sizeof *client, GFP_KERNEL);
 100         if (client == NULL)
 101                 return -ENOMEM;
 102
 103         client->device = fw_device_get(device);
 104         INIT_LIST_HEAD(&client->event_list);
 105         sema_init(&client->event_list_sem, 0);
 106         INIT_LIST_HEAD(&client->handler_list);
 107         INIT_LIST_HEAD(&client->request_list);
 108         spin_lock_init(&client->lock);
 109         init_waitqueue_head(&client->wait);
 110
 111         file->private_data = client;
 112
 113         return 0;
 114 }
 115
 116 static void queue_event(struct client *client, struct event *event,
 117                         void *data0, size_t size0, void *data1, size_t size1)
 118 {
 119         unsigned long flags;
 120
 121         event->v[0].data = data0;
 122         event->v[0].size = size0;
 123         event->v[1].data = data1;
 124         event->v[1].size = size1;
 125
 126         spin_lock_irqsave(&client->lock, flags);
 127
 128         list_add_tail(&event->link, &client->event_list);
 129
 130         up(&client->event_list_sem);
 131         wake_up_interruptible(&client->wait);
 132
 133         spin_unlock_irqrestore(&client->lock, flags);
 134 }
 135
 136 static int dequeue_event(struct client *client, char __user *buffer, size_t count)
 137 {
 138         unsigned long flags;
 139         struct event *event;
 140         size_t size, total;
 141         int i, retval = -EFAULT;
 142
 143         if (down_interruptible(&client->event_list_sem) < 0)
 144                 return -EINTR;
 145
 146         spin_lock_irqsave(&client->lock, flags);
 147
 148         event = container_of(client->event_list.next, struct event, link);
 149         list_del(&event->link);
 150
 151         spin_unlock_irqrestore(&client->lock, flags);
 152
 153         if (buffer == NULL)
 154                 goto out;
 155
 156         total = 0;
 157         for (i = 0; i < ARRAY_SIZE(event->v) && total < count; i++) {
 158                 size = min(event->v[i].size, count - total);
 159                 if (copy_to_user(buffer + total, event->v[i].data, size))
 160                         goto out;
 161                 total += size;
 162         }
 163         retval = total;
 164
 165  out:
 166         kfree(event);
 167
 168         return retval;
 169 }
 170
 171 static ssize_t
 172 fw_device_op_read(struct file *file,
 173                   char __user *buffer, size_t count, loff_t *offset)
 174 {
 175         struct client *client = file->private_data;
 176
 177         return dequeue_event(client, buffer, count);
 178 }
 179
 180 static int ioctl_config_rom(struct client *client, void __user *arg)
 181 {
 182         struct fw_cdev_get_config_rom rom;
 183
 184         rom.length = client->device->config_rom_length;
 185         memcpy(rom.data, client->device->config_rom, rom.length * 4);
 186         if (copy_to_user(arg, &rom,
 187                          (char *)&rom.data[rom.length] - (char *)&rom))
 188                 return -EFAULT;
 189
 190         return 0;
 191 }
 192
 193 static void
 194 complete_transaction(struct fw_card *card, int rcode,
 195                      void *payload, size_t length, void *data)
 196 {
 197         struct response *response = data;
 198         struct client *client = response->client;
 199
 200         if (length < response->response.length)
 201                 response->response.length = length;
 202         if (rcode == RCODE_COMPLETE)
 203                 memcpy(response->response.data, payload,
 204                        response->response.length);
 205
 206         response->response.type   = FW_CDEV_EVENT_RESPONSE;
 207         response->response.rcode  = rcode;
 208         queue_event(client, &response->event,
 209                     &response->response, sizeof response->response,
 210                     response->response.data, response->response.length);
 211 }
 212
 213 static ssize_t ioctl_send_request(struct client *client, void __user *arg)
 214 {
 215         struct fw_device *device = client->device;
 216         struct fw_cdev_send_request request;
 217         struct response *response;
 218
 219         if (copy_from_user(&request, arg, sizeof request))
 220                 return -EFAULT;
 221
 222         /* What is the biggest size we'll accept, really? */
 223         if (request.length > 4096)
 224                 return -EINVAL;
 225
 226         response = kmalloc(sizeof *response + request.length, GFP_KERNEL);
 227         if (response == NULL)
 228                 return -ENOMEM;
 229
 230         response->client = client;
 231         response->response.length = request.length;
 232         response->response.closure = request.closure;
 233
 234         if (request.data &&
 235             copy_from_user(response->response.data,
 236                            u64_to_uptr(request.data), request.length)) {
 237                 kfree(response);
 238                 return -EFAULT;
 239         }
 240
 241         fw_send_request(device->card, &response->transaction,
 242                         request.tcode,
 243                         device->node->node_id,
 244                         device->card->generation,
 245                         device->node->max_speed,
 246                         request.offset,
 247                         response->response.data, request.length,
 248                         complete_transaction, response);
 249
 250         if (request.data)
 251                 return sizeof request + request.length;
 252         else
 253                 return sizeof request;
 254 }
 255
 256 struct address_handler {
 257         struct fw_address_handler handler;
 258         __u64 closure;
 259         struct client *client;
 260         struct list_head link;
 261 };
 262
 263 struct request {
 264         struct fw_request *request;
 265         void *data;
 266         size_t length;
 267         u32 serial;
 268         struct list_head link;
 269 };
 270
 271 struct request_event {
 272         struct event event;
 273         struct fw_cdev_event_request request;
 274 };
 275
 276 static void
 277 handle_request(struct fw_card *card, struct fw_request *r,
 278                int tcode, int destination, int source,
 279                int generation, int speed,
 280                unsigned long long offset,
 281                void *payload, size_t length, void *callback_data)
 282 {
 283         struct address_handler *handler = callback_data;
 284         struct request *request;
 285         struct request_event *e;
 286         unsigned long flags;
 287         struct client *client = handler->client;
 288
 289         request = kmalloc(sizeof *request, GFP_ATOMIC);
 290         e = kmalloc(sizeof *e, GFP_ATOMIC);
 291         if (request == NULL || e == NULL) {
 292                 kfree(request);
 293                 kfree(e);
 294                 fw_send_response(card, r, RCODE_CONFLICT_ERROR);
 295                 return;
 296         }
 297
 298         request->request = r;
 299         request->data    = payload;
 300         request->length  = length;
 301
 302         spin_lock_irqsave(&client->lock, flags);
 303         request->serial = client->request_serial++;
 304         list_add_tail(&request->link, &client->request_list);
 305         spin_unlock_irqrestore(&client->lock, flags);
 306
 307         e->request.type    = FW_CDEV_EVENT_REQUEST;
 308         e->request.tcode   = tcode;
 309         e->request.offset  = offset;
 310         e->request.length  = length;
 311         e->request.serial  = request->serial;
 312         e->request.closure = handler->closure;
 313
 314         queue_event(client, &e->event,
 315                     &e->request, sizeof e->request, payload, length);
 316 }
 317
 318 static int ioctl_allocate(struct client *client, void __user *arg)
 319 {
 320         struct fw_cdev_allocate request;
 321         struct address_handler *handler;
 322         unsigned long flags;
 323         struct fw_address_region region;
 324
 325         if (copy_from_user(&request, arg, sizeof request))
 326                 return -EFAULT;
 327
 328         handler = kmalloc(sizeof *handler, GFP_KERNEL);
 329         if (handler == NULL)
 330                 return -ENOMEM;
 331
 332         region.start = request.offset;
 333         region.end = request.offset + request.length;
 334         handler->handler.length = request.length;
 335         handler->handler.address_callback = handle_request;
 336         handler->handler.callback_data = handler;
 337         handler->closure = request.closure;
 338         handler->client = client;
 339
 340         if (fw_core_add_address_handler(&handler->handler, &region) < 0) {
 341                 kfree(handler);
 342                 return -EBUSY;
 343         }
 344
 345         spin_lock_irqsave(&client->lock, flags);
 346         list_add_tail(&handler->link, &client->handler_list);
 347         spin_unlock_irqrestore(&client->lock, flags);
 348
 349         return 0;
 350 }
 351
 352 static int ioctl_send_response(struct client *client, void __user *arg)
 353 {
 354         struct fw_cdev_send_response request;
 355         struct request *r;
 356         unsigned long flags;
 357
 358         if (copy_from_user(&request, arg, sizeof request))
 359                 return -EFAULT;
 360
 361         spin_lock_irqsave(&client->lock, flags);
 362         list_for_each_entry(r, &client->request_list, link) {
 363                 if (r->serial == request.serial) {
 364                         list_del(&r->link);
 365                         break;
 366                 }
 367         }
 368         spin_unlock_irqrestore(&client->lock, flags);
 369
 370         if (&r->link == &client->request_list)
 371                 return -EINVAL;
 372
 373         if (request.length < r->length)
 374                 r->length = request.length;
 375         if (copy_from_user(r->data, u64_to_uptr(request.data), r->length))
 376                 return -EFAULT;
 377
 378         fw_send_response(client->device->card, r->request, request.rcode);
 379
 380         kfree(r);
 381
 382         return 0;
 383 }
 384
 385 static void
 386 iso_callback(struct fw_iso_context *context, int status, u32 cycle, void *data)
 387 {
 388         struct client *client = data;
 389         struct iso_interrupt *interrupt;
 390
 391         interrupt = kzalloc(sizeof *interrupt, GFP_ATOMIC);
 392         if (interrupt == NULL)
 393                 return;
 394
 395         interrupt->interrupt.type      = FW_CDEV_EVENT_ISO_INTERRUPT;
 396         interrupt->interrupt.closure   = 0;
 397         interrupt->interrupt.cycle     = cycle;
 398         queue_event(client, &interrupt->event,
 399                     &interrupt->interrupt, sizeof interrupt->interrupt, NULL, 0);
 400 }
 401
 402 static int ioctl_create_iso_context(struct client *client, void __user *arg)
 403 {
 404         struct fw_cdev_create_iso_context request;
 405
 406         if (copy_from_user(&request, arg, sizeof request))
 407                 return -EFAULT;
 408
 409         if (request.type > FW_ISO_CONTEXT_RECEIVE)
 410                 return -EINVAL;
 411
 412         client->iso_context = fw_iso_context_create(client->device->card,
 413                                                     request.type,
 414                                                     request.header_size,
 415                                                     iso_callback, client);
 416         if (IS_ERR(client->iso_context))
 417                 return PTR_ERR(client->iso_context);
 418
 419         return 0;
 420 }
 421
 422 static int ioctl_queue_iso(struct client *client, void __user *arg)
 423 {
 424         struct fw_cdev_queue_iso request;
 425         struct fw_cdev_iso_packet __user *p, *end, *next;
 426         unsigned long payload, payload_end, header_length;
 427         int count;
 428         struct {
 429                 struct fw_iso_packet packet;
 430                 u8 header[256];
 431         } u;
 432
 433         if (client->iso_context == NULL)
 434                 return -EINVAL;
 435         if (copy_from_user(&request, arg, sizeof request))
 436                 return -EFAULT;
 437
 438         /* If the user passes a non-NULL data pointer, has mmap()'ed
 439          * the iso buffer, and the pointer points inside the buffer,
 440          * we setup the payload pointers accordingly.  Otherwise we
 441          * set them both to 0, which will still let packets with
 442          * payload_length == 0 through.  In other words, if no packets
 443          * use the indirect payload, the iso buffer need not be mapped
 444          * and the request.data pointer is ignored.*/
 445
 446         payload = (unsigned long)request.data - client->vm_start;
 447         payload_end = payload + (client->buffer.page_count << PAGE_SHIFT);
 448         if (request.data == 0 || client->buffer.pages == NULL ||
 449             payload >= payload_end) {
 450                 payload = 0;
 451                 payload_end = 0;
 452         }
 453
 454         if (!access_ok(VERIFY_READ, request.packets, request.size))
 455                 return -EFAULT;
 456
 457         p = (struct fw_cdev_iso_packet __user *)u64_to_uptr(request.packets);
 458         end = (void __user *)p + request.size;
 459         count = 0;
 460         while (p < end) {
 461                 if (__copy_from_user(&u.packet, p, sizeof *p))
 462                         return -EFAULT;
 463
 464                 if (client->iso_context->type == FW_ISO_CONTEXT_TRANSMIT) {
 465                         header_length = u.packet.header_length;
 466                 } else {
 467                         /* We require that header_length is a multiple of
 468                          * the fixed header size, ctx->header_size */
 469                         if (u.packet.header_length % client->iso_context->header_size != 0)
 470                                 return -EINVAL;
 471                         header_length = 0;
 472                 }
 473
 474                 next = (struct fw_cdev_iso_packet __user *)
 475                         &p->header[header_length / 4];
 476                 if (next > end)
 477                         return -EINVAL;
 478                 if (__copy_from_user
 479                     (u.packet.header, p->header, header_length))
 480                         return -EFAULT;
 481                 if (u.packet.skip &&
 482                     u.packet.header_length + u.packet.payload_length > 0)
 483                         return -EINVAL;
 484                 if (payload + u.packet.payload_length > payload_end)
 485                         return -EINVAL;
 486
 487                 if (fw_iso_context_queue(client->iso_context,
 488                                          &u.packet, &client->buffer, payload))
 489                         break;
 490
 491                 p = next;
 492                 payload += u.packet.payload_length;
 493                 count++;
 494         }
 495
 496         request.size    -= uptr_to_u64(p) - request.packets;
 497         request.packets  = uptr_to_u64(p);
 498         request.data     = client->vm_start + payload;
 499
 500         if (copy_to_user(arg, &request, sizeof request))
 501                 return -EFAULT;
 502
 503         return count;
 504 }
 505
 506 static int ioctl_start_iso(struct client *client, void __user *arg)
 507 {
 508         struct fw_cdev_start_iso request;
 509
 510         if (copy_from_user(&request, arg, sizeof request))
 511                 return -EFAULT;
 512
 513         return fw_iso_context_start(client->iso_context, request.channel,
 514                                     request.speed, request.cycle);
 515 }
 516
 517 static int
 518 dispatch_ioctl(struct client *client, unsigned int cmd, void __user *arg)
 519 {
 520         switch (cmd) {
 521         case FW_CDEV_IOC_GET_CONFIG_ROM:
 522                 return ioctl_config_rom(client, arg);
 523         case FW_CDEV_IOC_SEND_REQUEST:
 524                 return ioctl_send_request(client, arg);
 525         case FW_CDEV_IOC_ALLOCATE:
 526                 return ioctl_allocate(client, arg);
 527         case FW_CDEV_IOC_SEND_RESPONSE:
 528                 return ioctl_send_response(client, arg);
 529         case FW_CDEV_IOC_CREATE_ISO_CONTEXT:
 530                 return ioctl_create_iso_context(client, arg);
 531         case FW_CDEV_IOC_QUEUE_ISO:
 532                 return ioctl_queue_iso(client, arg);
 533         case FW_CDEV_IOC_START_ISO:
 534                 return ioctl_start_iso(client, arg);
 535         default:
 536                 return -EINVAL;
 537         }
 538 }
 539
 540 static long
 541 fw_device_op_ioctl(struct file *file,
 542                    unsigned int cmd, unsigned long arg)
 543 {
 544         struct client *client = file->private_data;
 545
 546         return dispatch_ioctl(client, cmd, (void __user *) arg);
 547 }
 548
 549 #ifdef CONFIG_COMPAT
 550 static long
 551 fw_device_op_compat_ioctl(struct file *file,
 552                           unsigned int cmd, unsigned long arg)
 553 {
 554         struct client *client = file->private_data;
 555
 556         return dispatch_ioctl(client, cmd, compat_ptr(arg));
 557 }
 558 #endif
 559
 560 static int fw_device_op_mmap(struct file *file, struct vm_area_struct *vma)
 561 {
 562         struct client *client = file->private_data;
 563         enum dma_data_direction direction;
 564         unsigned long size;
 565         int page_count, retval;
 566
 567         /* FIXME: We could support multiple buffers, but we don't. */
 568         if (client->buffer.pages != NULL)
 569                 return -EBUSY;
 570
 571         if (!(vma->vm_flags & VM_SHARED))
 572                 return -EINVAL;
 573
 574         if (vma->vm_start & ~PAGE_MASK)
 575                 return -EINVAL;
 576
 577         client->vm_start = vma->vm_start;
 578         size = vma->vm_end - vma->vm_start;
 579         page_count = size >> PAGE_SHIFT;
 580         if (size & ~PAGE_MASK)
 581                 return -EINVAL;
 582
 583         if (vma->vm_flags & VM_WRITE)
 584                 direction = DMA_TO_DEVICE;
 585         else
 586                 direction = DMA_FROM_DEVICE;
 587
 588         retval = fw_iso_buffer_init(&client->buffer, client->device->card,
 589                                     page_count, direction);
 590         if (retval < 0)
 591                 return retval;
 592
 593         retval = fw_iso_buffer_map(&client->buffer, vma);
 594         if (retval < 0)
 595                 fw_iso_buffer_destroy(&client->buffer, client->device->card);
 596
 597         return retval;
 598 }
 599
 600 static int fw_device_op_release(struct inode *inode, struct file *file)
 601 {
 602         struct client *client = file->private_data;
 603         struct address_handler *h, *next;
 604         struct request *r, *next_r;
 605
 606         if (client->buffer.pages)
 607                 fw_iso_buffer_destroy(&client->buffer, client->device->card);
 608
 609         if (client->iso_context)
 610                 fw_iso_context_destroy(client->iso_context);
 611
 612         list_for_each_entry_safe(h, next, &client->handler_list, link) {
 613                 fw_core_remove_address_handler(&h->handler);
 614                 kfree(h);
 615         }
 616
 617         list_for_each_entry_safe(r, next_r, &client->request_list, link) {
 618                 fw_send_response(client->device->card, r->request,
 619                                  RCODE_CONFLICT_ERROR);
 620                 kfree(r);
 621         }
 622
 623         /* TODO: wait for all transactions to finish so
 624          * complete_transaction doesn't try to queue up responses
 625          * after we free client. */
 626         while (!list_empty(&client->event_list))
 627                 dequeue_event(client, NULL, 0);
 628
 629         fw_device_put(client->device);
 630         kfree(client);
 631
 632         return 0;
 633 }
 634
 635 static unsigned int fw_device_op_poll(struct file *file, poll_table * pt)
 636 {
 637         struct client *client = file->private_data;
 638
 639         poll_wait(file, &client->wait, pt);
 640
 641         if (!list_empty(&client->event_list))
 642                 return POLLIN | POLLRDNORM;
 643         else
 644                 return 0;
 645 }
 646
 647 const struct file_operations fw_device_ops = {
 648         .owner          = THIS_MODULE,
 649         .open           = fw_device_op_open,
 650         .read           = fw_device_op_read,
 651         .unlocked_ioctl = fw_device_op_ioctl,
 652         .poll           = fw_device_op_poll,
 653         .release        = fw_device_op_release,
 654         .mmap           = fw_device_op_mmap,
 655
 656 #ifdef CONFIG_COMPAT
 657         .compat_ioctl   = fw_device_op_compat_ioctl,
 658 #endif
 659 };