[PATCH] Fix filp being passed through raw ioctl handler
[linux-2.6/verdex.git] / drivers / message / i2o / i2o_config.c
blob1fb5cdf67f8fa82e6245586bdf151da6a26d60a7
1 /*
2 * I2O Configuration Interface Driver
4 * (C) Copyright 1999-2002 Red Hat
6 * Written by Alan Cox, Building Number Three Ltd
8 * Fixes/additions:
9 * Deepak Saxena (04/20/1999):
10 * Added basic ioctl() support
11 * Deepak Saxena (06/07/1999):
12 * Added software download ioctl (still testing)
13 * Auvo Häkkinen (09/10/1999):
14 * Changes to i2o_cfg_reply(), ioctl_parms()
15 * Added ioct_validate()
16 * Taneli Vähäkangas (09/30/1999):
17 * Fixed ioctl_swdl()
18 * Taneli Vähäkangas (10/04/1999):
19 * Changed ioctl_swdl(), implemented ioctl_swul() and ioctl_swdel()
20 * Deepak Saxena (11/18/1999):
21 * Added event managmenet support
22 * Alan Cox <alan@redhat.com>:
23 * 2.4 rewrite ported to 2.5
24 * Markus Lidel <Markus.Lidel@shadowconnect.com>:
25 * Added pass-thru support for Adaptec's raidutils
27 * This program is free software; you can redistribute it and/or
28 * modify it under the terms of the GNU General Public License
29 * as published by the Free Software Foundation; either version
30 * 2 of the License, or (at your option) any later version.
33 #include <linux/module.h>
34 #include <linux/kernel.h>
35 #include <linux/pci.h>
36 #include <linux/i2o.h>
37 #include <linux/errno.h>
38 #include <linux/init.h>
39 #include <linux/slab.h>
40 #include <linux/miscdevice.h>
41 #include <linux/mm.h>
42 #include <linux/spinlock.h>
43 #include <linux/smp_lock.h>
44 #include <linux/ioctl32.h>
45 #include <linux/compat.h>
46 #include <linux/syscalls.h>
48 #include <asm/uaccess.h>
49 #include <asm/io.h>
51 #define OSM_NAME "config-osm"
52 #define OSM_VERSION "$Rev$"
53 #define OSM_DESCRIPTION "I2O Configuration OSM"
55 extern int i2o_parm_issue(struct i2o_device *, int, void *, int, void *, int);
57 static int i2o_cfg_ioctl(struct inode *inode, struct file *fp, unsigned int cmd,
58 unsigned long arg);
60 static spinlock_t i2o_config_lock;
62 #define MODINC(x,y) ((x) = ((x) + 1) % (y))
64 struct sg_simple_element {
65 u32 flag_count;
66 u32 addr_bus;
69 struct i2o_cfg_info {
70 struct file *fp;
71 struct fasync_struct *fasync;
72 struct i2o_evt_info event_q[I2O_EVT_Q_LEN];
73 u16 q_in; // Queue head index
74 u16 q_out; // Queue tail index
75 u16 q_len; // Queue length
76 u16 q_lost; // Number of lost events
77 ulong q_id; // Event queue ID...used as tx_context
78 struct i2o_cfg_info *next;
80 static struct i2o_cfg_info *open_files = NULL;
81 static ulong i2o_cfg_info_id = 0;
84 * Each of these describes an i2o message handler. They are
85 * multiplexed by the i2o_core code
88 static struct i2o_driver i2o_config_driver = {
89 .name = OSM_NAME
92 static int i2o_cfg_getiops(unsigned long arg)
94 struct i2o_controller *c;
95 u8 __user *user_iop_table = (void __user *)arg;
96 u8 tmp[MAX_I2O_CONTROLLERS];
97 int ret = 0;
99 memset(tmp, 0, MAX_I2O_CONTROLLERS);
101 list_for_each_entry(c, &i2o_controllers, list)
102 tmp[c->unit] = 1;
104 if (copy_to_user(user_iop_table, tmp, MAX_I2O_CONTROLLERS))
105 ret = -EFAULT;
107 return ret;
110 static int i2o_cfg_gethrt(unsigned long arg)
112 struct i2o_controller *c;
113 struct i2o_cmd_hrtlct __user *cmd = (struct i2o_cmd_hrtlct __user *)arg;
114 struct i2o_cmd_hrtlct kcmd;
115 i2o_hrt *hrt;
116 int len;
117 u32 reslen;
118 int ret = 0;
120 if (copy_from_user(&kcmd, cmd, sizeof(struct i2o_cmd_hrtlct)))
121 return -EFAULT;
123 if (get_user(reslen, kcmd.reslen) < 0)
124 return -EFAULT;
126 if (kcmd.resbuf == NULL)
127 return -EFAULT;
129 c = i2o_find_iop(kcmd.iop);
130 if (!c)
131 return -ENXIO;
133 hrt = (i2o_hrt *) c->hrt.virt;
135 len = 8 + ((hrt->entry_len * hrt->num_entries) << 2);
137 /* We did a get user...so assuming mem is ok...is this bad? */
138 put_user(len, kcmd.reslen);
139 if (len > reslen)
140 ret = -ENOBUFS;
141 if (copy_to_user(kcmd.resbuf, (void *)hrt, len))
142 ret = -EFAULT;
144 return ret;
147 static int i2o_cfg_getlct(unsigned long arg)
149 struct i2o_controller *c;
150 struct i2o_cmd_hrtlct __user *cmd = (struct i2o_cmd_hrtlct __user *)arg;
151 struct i2o_cmd_hrtlct kcmd;
152 i2o_lct *lct;
153 int len;
154 int ret = 0;
155 u32 reslen;
157 if (copy_from_user(&kcmd, cmd, sizeof(struct i2o_cmd_hrtlct)))
158 return -EFAULT;
160 if (get_user(reslen, kcmd.reslen) < 0)
161 return -EFAULT;
163 if (kcmd.resbuf == NULL)
164 return -EFAULT;
166 c = i2o_find_iop(kcmd.iop);
167 if (!c)
168 return -ENXIO;
170 lct = (i2o_lct *) c->lct;
172 len = (unsigned int)lct->table_size << 2;
173 put_user(len, kcmd.reslen);
174 if (len > reslen)
175 ret = -ENOBUFS;
176 else if (copy_to_user(kcmd.resbuf, lct, len))
177 ret = -EFAULT;
179 return ret;
182 static int i2o_cfg_parms(unsigned long arg, unsigned int type)
184 int ret = 0;
185 struct i2o_controller *c;
186 struct i2o_device *dev;
187 struct i2o_cmd_psetget __user *cmd =
188 (struct i2o_cmd_psetget __user *)arg;
189 struct i2o_cmd_psetget kcmd;
190 u32 reslen;
191 u8 *ops;
192 u8 *res;
193 int len = 0;
195 u32 i2o_cmd = (type == I2OPARMGET ?
196 I2O_CMD_UTIL_PARAMS_GET : I2O_CMD_UTIL_PARAMS_SET);
198 if (copy_from_user(&kcmd, cmd, sizeof(struct i2o_cmd_psetget)))
199 return -EFAULT;
201 if (get_user(reslen, kcmd.reslen))
202 return -EFAULT;
204 c = i2o_find_iop(kcmd.iop);
205 if (!c)
206 return -ENXIO;
208 dev = i2o_iop_find_device(c, kcmd.tid);
209 if (!dev)
210 return -ENXIO;
212 ops = (u8 *) kmalloc(kcmd.oplen, GFP_KERNEL);
213 if (!ops)
214 return -ENOMEM;
216 if (copy_from_user(ops, kcmd.opbuf, kcmd.oplen)) {
217 kfree(ops);
218 return -EFAULT;
222 * It's possible to have a _very_ large table
223 * and that the user asks for all of it at once...
225 res = (u8 *) kmalloc(65536, GFP_KERNEL);
226 if (!res) {
227 kfree(ops);
228 return -ENOMEM;
231 len = i2o_parm_issue(dev, i2o_cmd, ops, kcmd.oplen, res, 65536);
232 kfree(ops);
234 if (len < 0) {
235 kfree(res);
236 return -EAGAIN;
239 put_user(len, kcmd.reslen);
240 if (len > reslen)
241 ret = -ENOBUFS;
242 else if (copy_to_user(kcmd.resbuf, res, len))
243 ret = -EFAULT;
245 kfree(res);
247 return ret;
250 static int i2o_cfg_swdl(unsigned long arg)
252 struct i2o_sw_xfer kxfer;
253 struct i2o_sw_xfer __user *pxfer = (struct i2o_sw_xfer __user *)arg;
254 unsigned char maxfrag = 0, curfrag = 1;
255 struct i2o_dma buffer;
256 struct i2o_message __iomem *msg;
257 u32 m;
258 unsigned int status = 0, swlen = 0, fragsize = 8192;
259 struct i2o_controller *c;
261 if (copy_from_user(&kxfer, pxfer, sizeof(struct i2o_sw_xfer)))
262 return -EFAULT;
264 if (get_user(swlen, kxfer.swlen) < 0)
265 return -EFAULT;
267 if (get_user(maxfrag, kxfer.maxfrag) < 0)
268 return -EFAULT;
270 if (get_user(curfrag, kxfer.curfrag) < 0)
271 return -EFAULT;
273 if (curfrag == maxfrag)
274 fragsize = swlen - (maxfrag - 1) * 8192;
276 if (!kxfer.buf || !access_ok(VERIFY_READ, kxfer.buf, fragsize))
277 return -EFAULT;
279 c = i2o_find_iop(kxfer.iop);
280 if (!c)
281 return -ENXIO;
283 m = i2o_msg_get_wait(c, &msg, I2O_TIMEOUT_MESSAGE_GET);
284 if (m == I2O_QUEUE_EMPTY)
285 return -EBUSY;
287 if (i2o_dma_alloc(&c->pdev->dev, &buffer, fragsize, GFP_KERNEL)) {
288 i2o_msg_nop(c, m);
289 return -ENOMEM;
292 __copy_from_user(buffer.virt, kxfer.buf, fragsize);
294 writel(NINE_WORD_MSG_SIZE | SGL_OFFSET_7, &msg->u.head[0]);
295 writel(I2O_CMD_SW_DOWNLOAD << 24 | HOST_TID << 12 | ADAPTER_TID,
296 &msg->u.head[1]);
297 writel(i2o_config_driver.context, &msg->u.head[2]);
298 writel(0, &msg->u.head[3]);
299 writel((((u32) kxfer.flags) << 24) | (((u32) kxfer.sw_type) << 16) |
300 (((u32) maxfrag) << 8) | (((u32) curfrag)), &msg->body[0]);
301 writel(swlen, &msg->body[1]);
302 writel(kxfer.sw_id, &msg->body[2]);
303 writel(0xD0000000 | fragsize, &msg->body[3]);
304 writel(buffer.phys, &msg->body[4]);
306 osm_debug("swdl frag %d/%d (size %d)\n", curfrag, maxfrag, fragsize);
307 status = i2o_msg_post_wait_mem(c, m, 60, &buffer);
309 if (status != -ETIMEDOUT)
310 i2o_dma_free(&c->pdev->dev, &buffer);
312 if (status != I2O_POST_WAIT_OK) {
313 // it fails if you try and send frags out of order
314 // and for some yet unknown reasons too
315 osm_info("swdl failed, DetailedStatus = %d\n", status);
316 return status;
319 return 0;
322 static int i2o_cfg_swul(unsigned long arg)
324 struct i2o_sw_xfer kxfer;
325 struct i2o_sw_xfer __user *pxfer = (struct i2o_sw_xfer __user *)arg;
326 unsigned char maxfrag = 0, curfrag = 1;
327 struct i2o_dma buffer;
328 struct i2o_message __iomem *msg;
329 u32 m;
330 unsigned int status = 0, swlen = 0, fragsize = 8192;
331 struct i2o_controller *c;
332 int ret = 0;
334 if (copy_from_user(&kxfer, pxfer, sizeof(struct i2o_sw_xfer)))
335 goto return_fault;
337 if (get_user(swlen, kxfer.swlen) < 0)
338 goto return_fault;
340 if (get_user(maxfrag, kxfer.maxfrag) < 0)
341 goto return_fault;
343 if (get_user(curfrag, kxfer.curfrag) < 0)
344 goto return_fault;
346 if (curfrag == maxfrag)
347 fragsize = swlen - (maxfrag - 1) * 8192;
349 if (!kxfer.buf)
350 goto return_fault;
352 c = i2o_find_iop(kxfer.iop);
353 if (!c)
354 return -ENXIO;
356 m = i2o_msg_get_wait(c, &msg, I2O_TIMEOUT_MESSAGE_GET);
357 if (m == I2O_QUEUE_EMPTY)
358 return -EBUSY;
360 if (i2o_dma_alloc(&c->pdev->dev, &buffer, fragsize, GFP_KERNEL)) {
361 i2o_msg_nop(c, m);
362 return -ENOMEM;
365 writel(NINE_WORD_MSG_SIZE | SGL_OFFSET_7, &msg->u.head[0]);
366 writel(I2O_CMD_SW_UPLOAD << 24 | HOST_TID << 12 | ADAPTER_TID,
367 &msg->u.head[1]);
368 writel(i2o_config_driver.context, &msg->u.head[2]);
369 writel(0, &msg->u.head[3]);
370 writel((u32) kxfer.flags << 24 | (u32) kxfer.
371 sw_type << 16 | (u32) maxfrag << 8 | (u32) curfrag,
372 &msg->body[0]);
373 writel(swlen, &msg->body[1]);
374 writel(kxfer.sw_id, &msg->body[2]);
375 writel(0xD0000000 | fragsize, &msg->body[3]);
376 writel(buffer.phys, &msg->body[4]);
378 osm_debug("swul frag %d/%d (size %d)\n", curfrag, maxfrag, fragsize);
379 status = i2o_msg_post_wait_mem(c, m, 60, &buffer);
381 if (status != I2O_POST_WAIT_OK) {
382 if (status != -ETIMEDOUT)
383 i2o_dma_free(&c->pdev->dev, &buffer);
385 osm_info("swul failed, DetailedStatus = %d\n", status);
386 return status;
389 if (copy_to_user(kxfer.buf, buffer.virt, fragsize))
390 ret = -EFAULT;
392 i2o_dma_free(&c->pdev->dev, &buffer);
394 return_ret:
395 return ret;
396 return_fault:
397 ret = -EFAULT;
398 goto return_ret;
401 static int i2o_cfg_swdel(unsigned long arg)
403 struct i2o_controller *c;
404 struct i2o_sw_xfer kxfer;
405 struct i2o_sw_xfer __user *pxfer = (struct i2o_sw_xfer __user *)arg;
406 struct i2o_message __iomem *msg;
407 u32 m;
408 unsigned int swlen;
409 int token;
411 if (copy_from_user(&kxfer, pxfer, sizeof(struct i2o_sw_xfer)))
412 return -EFAULT;
414 if (get_user(swlen, kxfer.swlen) < 0)
415 return -EFAULT;
417 c = i2o_find_iop(kxfer.iop);
418 if (!c)
419 return -ENXIO;
421 m = i2o_msg_get_wait(c, &msg, I2O_TIMEOUT_MESSAGE_GET);
422 if (m == I2O_QUEUE_EMPTY)
423 return -EBUSY;
425 writel(SEVEN_WORD_MSG_SIZE | SGL_OFFSET_0, &msg->u.head[0]);
426 writel(I2O_CMD_SW_REMOVE << 24 | HOST_TID << 12 | ADAPTER_TID,
427 &msg->u.head[1]);
428 writel(i2o_config_driver.context, &msg->u.head[2]);
429 writel(0, &msg->u.head[3]);
430 writel((u32) kxfer.flags << 24 | (u32) kxfer.sw_type << 16,
431 &msg->body[0]);
432 writel(swlen, &msg->body[1]);
433 writel(kxfer.sw_id, &msg->body[2]);
435 token = i2o_msg_post_wait(c, m, 10);
437 if (token != I2O_POST_WAIT_OK) {
438 osm_info("swdel failed, DetailedStatus = %d\n", token);
439 return -ETIMEDOUT;
442 return 0;
445 static int i2o_cfg_validate(unsigned long arg)
447 int token;
448 int iop = (int)arg;
449 struct i2o_message __iomem *msg;
450 u32 m;
451 struct i2o_controller *c;
453 c = i2o_find_iop(iop);
454 if (!c)
455 return -ENXIO;
457 m = i2o_msg_get_wait(c, &msg, I2O_TIMEOUT_MESSAGE_GET);
458 if (m == I2O_QUEUE_EMPTY)
459 return -EBUSY;
461 writel(FOUR_WORD_MSG_SIZE | SGL_OFFSET_0, &msg->u.head[0]);
462 writel(I2O_CMD_CONFIG_VALIDATE << 24 | HOST_TID << 12 | iop,
463 &msg->u.head[1]);
464 writel(i2o_config_driver.context, &msg->u.head[2]);
465 writel(0, &msg->u.head[3]);
467 token = i2o_msg_post_wait(c, m, 10);
469 if (token != I2O_POST_WAIT_OK) {
470 osm_info("Can't validate configuration, ErrorStatus = %d\n",
471 token);
472 return -ETIMEDOUT;
475 return 0;
478 static int i2o_cfg_evt_reg(unsigned long arg, struct file *fp)
480 struct i2o_message __iomem *msg;
481 u32 m;
482 struct i2o_evt_id __user *pdesc = (struct i2o_evt_id __user *)arg;
483 struct i2o_evt_id kdesc;
484 struct i2o_controller *c;
485 struct i2o_device *d;
487 if (copy_from_user(&kdesc, pdesc, sizeof(struct i2o_evt_id)))
488 return -EFAULT;
490 /* IOP exists? */
491 c = i2o_find_iop(kdesc.iop);
492 if (!c)
493 return -ENXIO;
495 /* Device exists? */
496 d = i2o_iop_find_device(c, kdesc.tid);
497 if (!d)
498 return -ENODEV;
500 m = i2o_msg_get_wait(c, &msg, I2O_TIMEOUT_MESSAGE_GET);
501 if (m == I2O_QUEUE_EMPTY)
502 return -EBUSY;
504 writel(FOUR_WORD_MSG_SIZE | SGL_OFFSET_0, &msg->u.head[0]);
505 writel(I2O_CMD_UTIL_EVT_REGISTER << 24 | HOST_TID << 12 | kdesc.tid,
506 &msg->u.head[1]);
507 writel(i2o_config_driver.context, &msg->u.head[2]);
508 writel(i2o_cntxt_list_add(c, fp->private_data), &msg->u.head[3]);
509 writel(kdesc.evt_mask, &msg->body[0]);
511 i2o_msg_post(c, m);
513 return 0;
516 static int i2o_cfg_evt_get(unsigned long arg, struct file *fp)
518 struct i2o_cfg_info *p = NULL;
519 struct i2o_evt_get __user *uget = (struct i2o_evt_get __user *)arg;
520 struct i2o_evt_get kget;
521 unsigned long flags;
523 for (p = open_files; p; p = p->next)
524 if (p->q_id == (ulong) fp->private_data)
525 break;
527 if (!p->q_len)
528 return -ENOENT;
530 memcpy(&kget.info, &p->event_q[p->q_out], sizeof(struct i2o_evt_info));
531 MODINC(p->q_out, I2O_EVT_Q_LEN);
532 spin_lock_irqsave(&i2o_config_lock, flags);
533 p->q_len--;
534 kget.pending = p->q_len;
535 kget.lost = p->q_lost;
536 spin_unlock_irqrestore(&i2o_config_lock, flags);
538 if (copy_to_user(uget, &kget, sizeof(struct i2o_evt_get)))
539 return -EFAULT;
540 return 0;
543 #ifdef CONFIG_COMPAT
544 static int i2o_cfg_passthru32(struct file *file, unsigned cmnd, unsigned long arg)
546 struct i2o_cmd_passthru32 __user *cmd;
547 struct i2o_controller *c;
548 u32 __user *user_msg;
549 u32 *reply = NULL;
550 u32 __user *user_reply = NULL;
551 u32 size = 0;
552 u32 reply_size = 0;
553 u32 rcode = 0;
554 struct i2o_dma sg_list[SG_TABLESIZE];
555 u32 sg_offset = 0;
556 u32 sg_count = 0;
557 u32 i = 0;
558 i2o_status_block *sb;
559 struct i2o_message *msg;
560 u32 m;
561 unsigned int iop;
563 cmd = (struct i2o_cmd_passthru32 __user *)arg;
565 if (get_user(iop, &cmd->iop) || get_user(i, &cmd->msg))
566 return -EFAULT;
568 user_msg = compat_ptr(i);
570 c = i2o_find_iop(iop);
571 if (!c) {
572 osm_debug("controller %d not found\n", iop);
573 return -ENXIO;
576 m = i2o_msg_get_wait(c, &msg, I2O_TIMEOUT_MESSAGE_GET);
578 sb = c->status_block.virt;
580 if (get_user(size, &user_msg[0])) {
581 osm_warn("unable to get size!\n");
582 return -EFAULT;
584 size = size >> 16;
586 if (size > sb->inbound_frame_size) {
587 osm_warn("size of message > inbound_frame_size");
588 return -EFAULT;
591 user_reply = &user_msg[size];
593 size <<= 2; // Convert to bytes
595 /* Copy in the user's I2O command */
596 if (copy_from_user(msg, user_msg, size)) {
597 osm_warn("unable to copy user message\n");
598 return -EFAULT;
600 i2o_dump_message(msg);
602 if (get_user(reply_size, &user_reply[0]) < 0)
603 return -EFAULT;
605 reply_size >>= 16;
606 reply_size <<= 2;
608 reply = kmalloc(reply_size, GFP_KERNEL);
609 if (!reply) {
610 printk(KERN_WARNING "%s: Could not allocate reply buffer\n",
611 c->name);
612 return -ENOMEM;
614 memset(reply, 0, reply_size);
616 sg_offset = (msg->u.head[0] >> 4) & 0x0f;
618 writel(i2o_config_driver.context, &msg->u.s.icntxt);
619 writel(i2o_cntxt_list_add(c, reply), &msg->u.s.tcntxt);
621 memset(sg_list, 0, sizeof(sg_list[0]) * SG_TABLESIZE);
622 if (sg_offset) {
623 struct sg_simple_element *sg;
625 if (sg_offset * 4 >= size) {
626 rcode = -EFAULT;
627 goto cleanup;
629 // TODO 64bit fix
630 sg = (struct sg_simple_element *)((&msg->u.head[0]) +
631 sg_offset);
632 sg_count =
633 (size - sg_offset * 4) / sizeof(struct sg_simple_element);
634 if (sg_count > SG_TABLESIZE) {
635 printk(KERN_DEBUG "%s:IOCTL SG List too large (%u)\n",
636 c->name, sg_count);
637 kfree(reply);
638 return -EINVAL;
641 for (i = 0; i < sg_count; i++) {
642 int sg_size;
643 struct i2o_dma *p;
645 if (!(sg[i].flag_count & 0x10000000
646 /*I2O_SGL_FLAGS_SIMPLE_ADDRESS_ELEMENT */ )) {
647 printk(KERN_DEBUG
648 "%s:Bad SG element %d - not simple (%x)\n",
649 c->name, i, sg[i].flag_count);
650 rcode = -EINVAL;
651 goto cleanup;
653 sg_size = sg[i].flag_count & 0xffffff;
654 p = &(sg_list[i]);
655 /* Allocate memory for the transfer */
656 if (i2o_dma_alloc
657 (&c->pdev->dev, p, sg_size,
658 PCI_DMA_BIDIRECTIONAL)) {
659 printk(KERN_DEBUG
660 "%s: Could not allocate SG buffer - size = %d buffer number %d of %d\n",
661 c->name, sg_size, i, sg_count);
662 rcode = -ENOMEM;
663 goto cleanup;
665 /* Copy in the user's SG buffer if necessary */
666 if (sg[i].
667 flag_count & 0x04000000 /*I2O_SGL_FLAGS_DIR */ ) {
668 // TODO 64bit fix
669 if (copy_from_user
670 (p->virt, (void __user *)(unsigned long)sg[i].addr_bus,
671 sg_size)) {
672 printk(KERN_DEBUG
673 "%s: Could not copy SG buf %d FROM user\n",
674 c->name, i);
675 rcode = -EFAULT;
676 goto cleanup;
679 //TODO 64bit fix
680 sg[i].addr_bus = (u32) p->phys;
684 rcode = i2o_msg_post_wait(c, m, 60);
685 if (rcode)
686 goto cleanup;
688 if (sg_offset) {
689 u32 msg[128];
690 /* Copy back the Scatter Gather buffers back to user space */
691 u32 j;
692 // TODO 64bit fix
693 struct sg_simple_element *sg;
694 int sg_size;
696 // re-acquire the original message to handle correctly the sg copy operation
697 memset(&msg, 0, MSG_FRAME_SIZE * 4);
698 // get user msg size in u32s
699 if (get_user(size, &user_msg[0])) {
700 rcode = -EFAULT;
701 goto cleanup;
703 size = size >> 16;
704 size *= 4;
705 /* Copy in the user's I2O command */
706 if (copy_from_user(msg, user_msg, size)) {
707 rcode = -EFAULT;
708 goto cleanup;
710 sg_count =
711 (size - sg_offset * 4) / sizeof(struct sg_simple_element);
713 // TODO 64bit fix
714 sg = (struct sg_simple_element *)(msg + sg_offset);
715 for (j = 0; j < sg_count; j++) {
716 /* Copy out the SG list to user's buffer if necessary */
717 if (!
718 (sg[j].
719 flag_count & 0x4000000 /*I2O_SGL_FLAGS_DIR */ )) {
720 sg_size = sg[j].flag_count & 0xffffff;
721 // TODO 64bit fix
722 if (copy_to_user
723 ((void __user *)(u64) sg[j].addr_bus,
724 sg_list[j].virt, sg_size)) {
725 printk(KERN_WARNING
726 "%s: Could not copy %p TO user %x\n",
727 c->name, sg_list[j].virt,
728 sg[j].addr_bus);
729 rcode = -EFAULT;
730 goto cleanup;
736 /* Copy back the reply to user space */
737 if (reply_size) {
738 // we wrote our own values for context - now restore the user supplied ones
739 if (copy_from_user(reply + 2, user_msg + 2, sizeof(u32) * 2)) {
740 printk(KERN_WARNING
741 "%s: Could not copy message context FROM user\n",
742 c->name);
743 rcode = -EFAULT;
745 if (copy_to_user(user_reply, reply, reply_size)) {
746 printk(KERN_WARNING
747 "%s: Could not copy reply TO user\n", c->name);
748 rcode = -EFAULT;
752 cleanup:
753 kfree(reply);
754 return rcode;
757 static long i2o_cfg_compat_ioctl(struct file *file, unsigned cmd, unsigned long arg)
759 int ret;
760 lock_kernel();
761 switch (cmd) {
762 case I2OGETIOPS:
763 ret = i2o_cfg_ioctl(NULL, file, cmd, arg);
764 break;
765 case I2OPASSTHRU32:
766 ret = i2o_cfg_passthru32(file, cmd, arg);
767 break;
768 default:
769 ret = -ENOIOCTLCMD;
770 break;
772 unlock_kernel();
773 return ret;
776 #endif
778 static int i2o_cfg_passthru(unsigned long arg)
780 struct i2o_cmd_passthru __user *cmd =
781 (struct i2o_cmd_passthru __user *)arg;
782 struct i2o_controller *c;
783 u32 __user *user_msg;
784 u32 *reply = NULL;
785 u32 __user *user_reply = NULL;
786 u32 size = 0;
787 u32 reply_size = 0;
788 u32 rcode = 0;
789 void *sg_list[SG_TABLESIZE];
790 u32 sg_offset = 0;
791 u32 sg_count = 0;
792 int sg_index = 0;
793 u32 i = 0;
794 void *p = NULL;
795 i2o_status_block *sb;
796 struct i2o_message __iomem *msg;
797 u32 m;
798 unsigned int iop;
800 if (get_user(iop, &cmd->iop) || get_user(user_msg, &cmd->msg))
801 return -EFAULT;
803 c = i2o_find_iop(iop);
804 if (!c) {
805 osm_warn("controller %d not found\n", iop);
806 return -ENXIO;
809 m = i2o_msg_get_wait(c, &msg, I2O_TIMEOUT_MESSAGE_GET);
811 sb = c->status_block.virt;
813 if (get_user(size, &user_msg[0]))
814 return -EFAULT;
815 size = size >> 16;
817 if (size > sb->inbound_frame_size) {
818 osm_warn("size of message > inbound_frame_size");
819 return -EFAULT;
822 user_reply = &user_msg[size];
824 size <<= 2; // Convert to bytes
826 /* Copy in the user's I2O command */
827 if (copy_from_user(msg, user_msg, size))
828 return -EFAULT;
830 if (get_user(reply_size, &user_reply[0]) < 0)
831 return -EFAULT;
833 reply_size >>= 16;
834 reply_size <<= 2;
836 reply = kmalloc(reply_size, GFP_KERNEL);
837 if (!reply) {
838 printk(KERN_WARNING "%s: Could not allocate reply buffer\n",
839 c->name);
840 return -ENOMEM;
842 memset(reply, 0, reply_size);
844 sg_offset = (msg->u.head[0] >> 4) & 0x0f;
846 writel(i2o_config_driver.context, &msg->u.s.icntxt);
847 writel(i2o_cntxt_list_add(c, reply), &msg->u.s.tcntxt);
849 memset(sg_list, 0, sizeof(sg_list[0]) * SG_TABLESIZE);
850 if (sg_offset) {
851 struct sg_simple_element *sg;
853 if (sg_offset * 4 >= size) {
854 rcode = -EFAULT;
855 goto cleanup;
857 // TODO 64bit fix
858 sg = (struct sg_simple_element *)((&msg->u.head[0]) +
859 sg_offset);
860 sg_count =
861 (size - sg_offset * 4) / sizeof(struct sg_simple_element);
862 if (sg_count > SG_TABLESIZE) {
863 printk(KERN_DEBUG "%s:IOCTL SG List too large (%u)\n",
864 c->name, sg_count);
865 kfree(reply);
866 return -EINVAL;
869 for (i = 0; i < sg_count; i++) {
870 int sg_size;
872 if (!(sg[i].flag_count & 0x10000000
873 /*I2O_SGL_FLAGS_SIMPLE_ADDRESS_ELEMENT */ )) {
874 printk(KERN_DEBUG
875 "%s:Bad SG element %d - not simple (%x)\n",
876 c->name, i, sg[i].flag_count);
877 rcode = -EINVAL;
878 goto cleanup;
880 sg_size = sg[i].flag_count & 0xffffff;
881 /* Allocate memory for the transfer */
882 p = kmalloc(sg_size, GFP_KERNEL);
883 if (!p) {
884 printk(KERN_DEBUG
885 "%s: Could not allocate SG buffer - size = %d buffer number %d of %d\n",
886 c->name, sg_size, i, sg_count);
887 rcode = -ENOMEM;
888 goto cleanup;
890 sg_list[sg_index++] = p; // sglist indexed with input frame, not our internal frame.
891 /* Copy in the user's SG buffer if necessary */
892 if (sg[i].
893 flag_count & 0x04000000 /*I2O_SGL_FLAGS_DIR */ ) {
894 // TODO 64bit fix
895 if (copy_from_user
896 (p, (void __user *)sg[i].addr_bus,
897 sg_size)) {
898 printk(KERN_DEBUG
899 "%s: Could not copy SG buf %d FROM user\n",
900 c->name, i);
901 rcode = -EFAULT;
902 goto cleanup;
905 //TODO 64bit fix
906 sg[i].addr_bus = virt_to_bus(p);
910 rcode = i2o_msg_post_wait(c, m, 60);
911 if (rcode)
912 goto cleanup;
914 if (sg_offset) {
915 u32 msg[128];
916 /* Copy back the Scatter Gather buffers back to user space */
917 u32 j;
918 // TODO 64bit fix
919 struct sg_simple_element *sg;
920 int sg_size;
922 // re-acquire the original message to handle correctly the sg copy operation
923 memset(&msg, 0, MSG_FRAME_SIZE * 4);
924 // get user msg size in u32s
925 if (get_user(size, &user_msg[0])) {
926 rcode = -EFAULT;
927 goto cleanup;
929 size = size >> 16;
930 size *= 4;
931 /* Copy in the user's I2O command */
932 if (copy_from_user(msg, user_msg, size)) {
933 rcode = -EFAULT;
934 goto cleanup;
936 sg_count =
937 (size - sg_offset * 4) / sizeof(struct sg_simple_element);
939 // TODO 64bit fix
940 sg = (struct sg_simple_element *)(msg + sg_offset);
941 for (j = 0; j < sg_count; j++) {
942 /* Copy out the SG list to user's buffer if necessary */
943 if (!
944 (sg[j].
945 flag_count & 0x4000000 /*I2O_SGL_FLAGS_DIR */ )) {
946 sg_size = sg[j].flag_count & 0xffffff;
947 // TODO 64bit fix
948 if (copy_to_user
949 ((void __user *)sg[j].addr_bus, sg_list[j],
950 sg_size)) {
951 printk(KERN_WARNING
952 "%s: Could not copy %p TO user %x\n",
953 c->name, sg_list[j],
954 sg[j].addr_bus);
955 rcode = -EFAULT;
956 goto cleanup;
962 /* Copy back the reply to user space */
963 if (reply_size) {
964 // we wrote our own values for context - now restore the user supplied ones
965 if (copy_from_user(reply + 2, user_msg + 2, sizeof(u32) * 2)) {
966 printk(KERN_WARNING
967 "%s: Could not copy message context FROM user\n",
968 c->name);
969 rcode = -EFAULT;
971 if (copy_to_user(user_reply, reply, reply_size)) {
972 printk(KERN_WARNING
973 "%s: Could not copy reply TO user\n", c->name);
974 rcode = -EFAULT;
978 cleanup:
979 kfree(reply);
980 return rcode;
984 * IOCTL Handler
986 static int i2o_cfg_ioctl(struct inode *inode, struct file *fp, unsigned int cmd,
987 unsigned long arg)
989 int ret;
991 switch (cmd) {
992 case I2OGETIOPS:
993 ret = i2o_cfg_getiops(arg);
994 break;
996 case I2OHRTGET:
997 ret = i2o_cfg_gethrt(arg);
998 break;
1000 case I2OLCTGET:
1001 ret = i2o_cfg_getlct(arg);
1002 break;
1004 case I2OPARMSET:
1005 ret = i2o_cfg_parms(arg, I2OPARMSET);
1006 break;
1008 case I2OPARMGET:
1009 ret = i2o_cfg_parms(arg, I2OPARMGET);
1010 break;
1012 case I2OSWDL:
1013 ret = i2o_cfg_swdl(arg);
1014 break;
1016 case I2OSWUL:
1017 ret = i2o_cfg_swul(arg);
1018 break;
1020 case I2OSWDEL:
1021 ret = i2o_cfg_swdel(arg);
1022 break;
1024 case I2OVALIDATE:
1025 ret = i2o_cfg_validate(arg);
1026 break;
1028 case I2OEVTREG:
1029 ret = i2o_cfg_evt_reg(arg, fp);
1030 break;
1032 case I2OEVTGET:
1033 ret = i2o_cfg_evt_get(arg, fp);
1034 break;
1036 case I2OPASSTHRU:
1037 ret = i2o_cfg_passthru(arg);
1038 break;
1040 default:
1041 osm_debug("unknown ioctl called!\n");
1042 ret = -EINVAL;
1045 return ret;
1048 static int cfg_open(struct inode *inode, struct file *file)
1050 struct i2o_cfg_info *tmp =
1051 (struct i2o_cfg_info *)kmalloc(sizeof(struct i2o_cfg_info),
1052 GFP_KERNEL);
1053 unsigned long flags;
1055 if (!tmp)
1056 return -ENOMEM;
1058 file->private_data = (void *)(i2o_cfg_info_id++);
1059 tmp->fp = file;
1060 tmp->fasync = NULL;
1061 tmp->q_id = (ulong) file->private_data;
1062 tmp->q_len = 0;
1063 tmp->q_in = 0;
1064 tmp->q_out = 0;
1065 tmp->q_lost = 0;
1066 tmp->next = open_files;
1068 spin_lock_irqsave(&i2o_config_lock, flags);
1069 open_files = tmp;
1070 spin_unlock_irqrestore(&i2o_config_lock, flags);
1072 return 0;
1075 static int cfg_fasync(int fd, struct file *fp, int on)
1077 ulong id = (ulong) fp->private_data;
1078 struct i2o_cfg_info *p;
1080 for (p = open_files; p; p = p->next)
1081 if (p->q_id == id)
1082 break;
1084 if (!p)
1085 return -EBADF;
1087 return fasync_helper(fd, fp, on, &p->fasync);
1090 static int cfg_release(struct inode *inode, struct file *file)
1092 ulong id = (ulong) file->private_data;
1093 struct i2o_cfg_info *p1, *p2;
1094 unsigned long flags;
1096 lock_kernel();
1097 p1 = p2 = NULL;
1099 spin_lock_irqsave(&i2o_config_lock, flags);
1100 for (p1 = open_files; p1;) {
1101 if (p1->q_id == id) {
1103 if (p1->fasync)
1104 cfg_fasync(-1, file, 0);
1105 if (p2)
1106 p2->next = p1->next;
1107 else
1108 open_files = p1->next;
1110 kfree(p1);
1111 break;
1113 p2 = p1;
1114 p1 = p1->next;
1116 spin_unlock_irqrestore(&i2o_config_lock, flags);
1117 unlock_kernel();
1119 return 0;
1122 static struct file_operations config_fops = {
1123 .owner = THIS_MODULE,
1124 .llseek = no_llseek,
1125 .ioctl = i2o_cfg_ioctl,
1126 #ifdef CONFIG_COMPAT
1127 .compat_ioctl = i2o_cfg_compat_ioctl,
1128 #endif
1129 .open = cfg_open,
1130 .release = cfg_release,
1131 .fasync = cfg_fasync,
1134 static struct miscdevice i2o_miscdev = {
1135 I2O_MINOR,
1136 "i2octl",
1137 &config_fops
1140 static int __init i2o_config_init(void)
1142 printk(KERN_INFO OSM_DESCRIPTION " v" OSM_VERSION "\n");
1144 spin_lock_init(&i2o_config_lock);
1146 if (misc_register(&i2o_miscdev) < 0) {
1147 osm_err("can't register device.\n");
1148 return -EBUSY;
1151 * Install our handler
1153 if (i2o_driver_register(&i2o_config_driver)) {
1154 osm_err("handler register failed.\n");
1155 misc_deregister(&i2o_miscdev);
1156 return -EBUSY;
1158 return 0;
1161 static void i2o_config_exit(void)
1163 misc_deregister(&i2o_miscdev);
1164 i2o_driver_unregister(&i2o_config_driver);
1167 MODULE_AUTHOR("Red Hat Software");
1168 MODULE_LICENSE("GPL");
1169 MODULE_DESCRIPTION(OSM_DESCRIPTION);
1170 MODULE_VERSION(OSM_VERSION);
1172 module_init(i2o_config_init);
1173 module_exit(i2o_config_exit);