fix a kmap leak in virtio_console
[linux/fpc-iii.git] / drivers / staging / bcm / Bcmchar.c
blobf1b6de0293c8f69d7b205c39fc598be43b86e092
1 #include <linux/fs.h>
3 #include "headers.h"
4 /***************************************************************
5 * Function - bcm_char_open()
7 * Description - This is the "open" entry point for the character
8 * driver.
10 * Parameters - inode: Pointer to the Inode structure of char device
11 * filp : File pointer of the char device
13 * Returns - Zero(Success)
14 ****************************************************************/
16 static int bcm_char_open(struct inode *inode, struct file *filp)
18 struct bcm_mini_adapter *Adapter = NULL;
19 struct bcm_tarang_data *pTarang = NULL;
21 Adapter = GET_BCM_ADAPTER(gblpnetdev);
22 pTarang = kzalloc(sizeof(struct bcm_tarang_data), GFP_KERNEL);
23 if (!pTarang)
24 return -ENOMEM;
26 pTarang->Adapter = Adapter;
27 pTarang->RxCntrlMsgBitMask = 0xFFFFFFFF & ~(1 << 0xB);
29 down(&Adapter->RxAppControlQueuelock);
30 pTarang->next = Adapter->pTarangs;
31 Adapter->pTarangs = pTarang;
32 up(&Adapter->RxAppControlQueuelock);
34 /* Store the Adapter structure */
35 filp->private_data = pTarang;
37 /* Start Queuing the control response Packets */
38 atomic_inc(&Adapter->ApplicationRunning);
40 nonseekable_open(inode, filp);
41 return 0;
44 static int bcm_char_release(struct inode *inode, struct file *filp)
46 struct bcm_tarang_data *pTarang, *tmp, *ptmp;
47 struct bcm_mini_adapter *Adapter = NULL;
48 struct sk_buff *pkt, *npkt;
50 pTarang = (struct bcm_tarang_data *)filp->private_data;
52 if (pTarang == NULL)
53 return 0;
55 Adapter = pTarang->Adapter;
57 down(&Adapter->RxAppControlQueuelock);
59 tmp = Adapter->pTarangs;
60 for (ptmp = NULL; tmp; ptmp = tmp, tmp = tmp->next) {
61 if (tmp == pTarang)
62 break;
65 if (tmp) {
66 if (!ptmp)
67 Adapter->pTarangs = tmp->next;
68 else
69 ptmp->next = tmp->next;
70 } else {
71 up(&Adapter->RxAppControlQueuelock);
72 return 0;
75 pkt = pTarang->RxAppControlHead;
76 while (pkt) {
77 npkt = pkt->next;
78 kfree_skb(pkt);
79 pkt = npkt;
82 up(&Adapter->RxAppControlQueuelock);
84 /* Stop Queuing the control response Packets */
85 atomic_dec(&Adapter->ApplicationRunning);
87 kfree(pTarang);
89 /* remove this filp from the asynchronously notified filp's */
90 filp->private_data = NULL;
91 return 0;
94 static ssize_t bcm_char_read(struct file *filp, char __user *buf, size_t size,
95 loff_t *f_pos)
97 struct bcm_tarang_data *pTarang = filp->private_data;
98 struct bcm_mini_adapter *Adapter = pTarang->Adapter;
99 struct sk_buff *Packet = NULL;
100 ssize_t PktLen = 0;
101 int wait_ret_val = 0;
102 unsigned long ret = 0;
104 wait_ret_val = wait_event_interruptible(Adapter->process_read_wait_queue,
105 (pTarang->RxAppControlHead ||
106 Adapter->device_removed));
107 if ((wait_ret_val == -ERESTARTSYS)) {
108 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL,
109 "Exiting as i've been asked to exit!!!\n");
110 return wait_ret_val;
113 if (Adapter->device_removed) {
114 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL,
115 "Device Removed... Killing the Apps...\n");
116 return -ENODEV;
119 if (false == Adapter->fw_download_done)
120 return -EACCES;
122 down(&Adapter->RxAppControlQueuelock);
124 if (pTarang->RxAppControlHead) {
125 Packet = pTarang->RxAppControlHead;
126 DEQUEUEPACKET(pTarang->RxAppControlHead,
127 pTarang->RxAppControlTail);
128 pTarang->AppCtrlQueueLen--;
131 up(&Adapter->RxAppControlQueuelock);
133 if (Packet) {
134 PktLen = Packet->len;
135 ret = copy_to_user(buf, Packet->data,
136 min_t(size_t, PktLen, size));
137 if (ret) {
138 dev_kfree_skb(Packet);
139 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0,
140 "Returning from copy to user failure\n");
141 return -EFAULT;
143 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL,
144 "Read %zd Bytes From Adapter packet = %p by process %d!\n",
145 PktLen, Packet, current->pid);
146 dev_kfree_skb(Packet);
149 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "<\n");
150 return PktLen;
153 static long bcm_char_ioctl(struct file *filp, UINT cmd, ULONG arg)
155 struct bcm_tarang_data *pTarang = filp->private_data;
156 void __user *argp = (void __user *)arg;
157 struct bcm_mini_adapter *Adapter = pTarang->Adapter;
158 INT Status = STATUS_FAILURE;
159 int timeout = 0;
160 struct bcm_ioctl_buffer IoBuffer;
161 int bytes;
163 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL,
164 "Parameters Passed to control IOCTL cmd=0x%X arg=0x%lX",
165 cmd, arg);
167 if (_IOC_TYPE(cmd) != BCM_IOCTL)
168 return -EFAULT;
169 if (_IOC_DIR(cmd) & _IOC_READ)
170 Status = !access_ok(VERIFY_WRITE, argp, _IOC_SIZE(cmd));
171 else if (_IOC_DIR(cmd) & _IOC_WRITE)
172 Status = !access_ok(VERIFY_READ, argp, _IOC_SIZE(cmd));
173 else if (_IOC_NONE == (_IOC_DIR(cmd) & _IOC_NONE))
174 Status = STATUS_SUCCESS;
176 if (Status)
177 return -EFAULT;
179 if (Adapter->device_removed)
180 return -EFAULT;
182 if (false == Adapter->fw_download_done) {
183 switch (cmd) {
184 case IOCTL_MAC_ADDR_REQ:
185 case IOCTL_LINK_REQ:
186 case IOCTL_CM_REQUEST:
187 case IOCTL_SS_INFO_REQ:
188 case IOCTL_SEND_CONTROL_MESSAGE:
189 case IOCTL_IDLE_REQ:
190 case IOCTL_BCM_GPIO_SET_REQUEST:
191 case IOCTL_BCM_GPIO_STATUS_REQUEST:
192 return -EACCES;
193 default:
194 break;
198 Status = vendorextnIoctl(Adapter, cmd, arg);
199 if (Status != CONTINUE_COMMON_PATH)
200 return Status;
202 switch (cmd) {
203 /* Rdms for Swin Idle... */
204 case IOCTL_BCM_REGISTER_READ_PRIVATE: {
205 struct bcm_rdm_buffer sRdmBuffer = {0};
206 PCHAR temp_buff;
207 UINT Bufflen;
208 u16 temp_value;
210 /* Copy Ioctl Buffer structure */
211 if (copy_from_user(&IoBuffer, argp, sizeof(struct bcm_ioctl_buffer)))
212 return -EFAULT;
214 if (IoBuffer.InputLength > sizeof(sRdmBuffer))
215 return -EINVAL;
217 if (copy_from_user(&sRdmBuffer, IoBuffer.InputBuffer, IoBuffer.InputLength))
218 return -EFAULT;
220 if (IoBuffer.OutputLength > USHRT_MAX ||
221 IoBuffer.OutputLength == 0) {
222 return -EINVAL;
225 Bufflen = IoBuffer.OutputLength;
226 temp_value = 4 - (Bufflen % 4);
227 Bufflen += temp_value % 4;
229 temp_buff = kmalloc(Bufflen, GFP_KERNEL);
230 if (!temp_buff)
231 return -ENOMEM;
233 bytes = rdmalt(Adapter, (UINT)sRdmBuffer.Register,
234 (PUINT)temp_buff, Bufflen);
235 if (bytes > 0) {
236 Status = STATUS_SUCCESS;
237 if (copy_to_user(IoBuffer.OutputBuffer, temp_buff, bytes)) {
238 kfree(temp_buff);
239 return -EFAULT;
241 } else {
242 Status = bytes;
245 kfree(temp_buff);
246 break;
249 case IOCTL_BCM_REGISTER_WRITE_PRIVATE: {
250 struct bcm_wrm_buffer sWrmBuffer = {0};
251 UINT uiTempVar = 0;
252 /* Copy Ioctl Buffer structure */
254 if (copy_from_user(&IoBuffer, argp, sizeof(struct bcm_ioctl_buffer)))
255 return -EFAULT;
257 if (IoBuffer.InputLength > sizeof(sWrmBuffer))
258 return -EINVAL;
260 /* Get WrmBuffer structure */
261 if (copy_from_user(&sWrmBuffer, IoBuffer.InputBuffer, IoBuffer.InputLength))
262 return -EFAULT;
264 uiTempVar = sWrmBuffer.Register & EEPROM_REJECT_MASK;
265 if (!((Adapter->pstargetparams->m_u32Customize) & VSG_MODE) &&
266 ((uiTempVar == EEPROM_REJECT_REG_1) ||
267 (uiTempVar == EEPROM_REJECT_REG_2) ||
268 (uiTempVar == EEPROM_REJECT_REG_3) ||
269 (uiTempVar == EEPROM_REJECT_REG_4))) {
271 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0,
272 "EEPROM Access Denied, not in VSG Mode\n");
273 return -EFAULT;
276 Status = wrmalt(Adapter, (UINT)sWrmBuffer.Register,
277 (PUINT)sWrmBuffer.Data, sizeof(ULONG));
279 if (Status == STATUS_SUCCESS) {
280 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG,
281 DBG_LVL_ALL, "WRM Done\n");
282 } else {
283 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG,
284 DBG_LVL_ALL, "WRM Failed\n");
285 Status = -EFAULT;
287 break;
290 case IOCTL_BCM_REGISTER_READ:
291 case IOCTL_BCM_EEPROM_REGISTER_READ: {
292 struct bcm_rdm_buffer sRdmBuffer = {0};
293 PCHAR temp_buff = NULL;
294 UINT uiTempVar = 0;
295 if ((Adapter->IdleMode == TRUE) ||
296 (Adapter->bShutStatus == TRUE) ||
297 (Adapter->bPreparingForLowPowerMode == TRUE)) {
299 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0,
300 "Device in Idle Mode, Blocking Rdms\n");
301 return -EACCES;
304 /* Copy Ioctl Buffer structure */
305 if (copy_from_user(&IoBuffer, argp, sizeof(struct bcm_ioctl_buffer)))
306 return -EFAULT;
308 if (IoBuffer.InputLength > sizeof(sRdmBuffer))
309 return -EINVAL;
311 if (copy_from_user(&sRdmBuffer, IoBuffer.InputBuffer, IoBuffer.InputLength))
312 return -EFAULT;
314 if (IoBuffer.OutputLength > USHRT_MAX ||
315 IoBuffer.OutputLength == 0) {
316 return -EINVAL;
319 temp_buff = kmalloc(IoBuffer.OutputLength, GFP_KERNEL);
320 if (!temp_buff)
321 return STATUS_FAILURE;
323 if ((((ULONG)sRdmBuffer.Register & 0x0F000000) != 0x0F000000) ||
324 ((ULONG)sRdmBuffer.Register & 0x3)) {
326 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0,
327 "RDM Done On invalid Address : %x Access Denied.\n",
328 (int)sRdmBuffer.Register);
330 kfree(temp_buff);
331 return -EINVAL;
334 uiTempVar = sRdmBuffer.Register & EEPROM_REJECT_MASK;
335 bytes = rdmaltWithLock(Adapter, (UINT)sRdmBuffer.Register,
336 (PUINT)temp_buff, IoBuffer.OutputLength);
338 if (bytes > 0) {
339 Status = STATUS_SUCCESS;
340 if (copy_to_user(IoBuffer.OutputBuffer, temp_buff, bytes)) {
341 kfree(temp_buff);
342 return -EFAULT;
344 } else {
345 Status = bytes;
348 kfree(temp_buff);
349 break;
351 case IOCTL_BCM_REGISTER_WRITE:
352 case IOCTL_BCM_EEPROM_REGISTER_WRITE: {
353 struct bcm_wrm_buffer sWrmBuffer = {0};
354 UINT uiTempVar = 0;
356 if ((Adapter->IdleMode == TRUE) ||
357 (Adapter->bShutStatus == TRUE) ||
358 (Adapter->bPreparingForLowPowerMode == TRUE)) {
360 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0,
361 "Device in Idle Mode, Blocking Wrms\n");
362 return -EACCES;
365 /* Copy Ioctl Buffer structure */
366 if (copy_from_user(&IoBuffer, argp, sizeof(struct bcm_ioctl_buffer)))
367 return -EFAULT;
369 if (IoBuffer.InputLength > sizeof(sWrmBuffer))
370 return -EINVAL;
372 /* Get WrmBuffer structure */
373 if (copy_from_user(&sWrmBuffer, IoBuffer.InputBuffer, IoBuffer.InputLength))
374 return -EFAULT;
376 if ((((ULONG)sWrmBuffer.Register & 0x0F000000) != 0x0F000000) ||
377 ((ULONG)sWrmBuffer.Register & 0x3)) {
379 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0,
380 "WRM Done On invalid Address : %x Access Denied.\n",
381 (int)sWrmBuffer.Register);
382 return -EINVAL;
385 uiTempVar = sWrmBuffer.Register & EEPROM_REJECT_MASK;
386 if (!((Adapter->pstargetparams->m_u32Customize) & VSG_MODE) &&
387 ((uiTempVar == EEPROM_REJECT_REG_1) ||
388 (uiTempVar == EEPROM_REJECT_REG_2) ||
389 (uiTempVar == EEPROM_REJECT_REG_3) ||
390 (uiTempVar == EEPROM_REJECT_REG_4)) &&
391 (cmd == IOCTL_BCM_REGISTER_WRITE)) {
393 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0,
394 "EEPROM Access Denied, not in VSG Mode\n");
395 return -EFAULT;
398 Status = wrmaltWithLock(Adapter, (UINT)sWrmBuffer.Register,
399 (PUINT)sWrmBuffer.Data,
400 sWrmBuffer.Length);
402 if (Status == STATUS_SUCCESS) {
403 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, OSAL_DBG,
404 DBG_LVL_ALL, "WRM Done\n");
405 } else {
406 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG,
407 DBG_LVL_ALL, "WRM Failed\n");
408 Status = -EFAULT;
410 break;
412 case IOCTL_BCM_GPIO_SET_REQUEST: {
413 UCHAR ucResetValue[4];
414 UINT value = 0;
415 UINT uiBit = 0;
416 UINT uiOperation = 0;
417 struct bcm_gpio_info gpio_info = {0};
419 if ((Adapter->IdleMode == TRUE) ||
420 (Adapter->bShutStatus == TRUE) ||
421 (Adapter->bPreparingForLowPowerMode == TRUE)) {
423 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG,
424 DBG_LVL_ALL,
425 "GPIO Can't be set/clear in Low power Mode");
426 return -EACCES;
429 if (copy_from_user(&IoBuffer, argp, sizeof(struct bcm_ioctl_buffer)))
430 return -EFAULT;
432 if (IoBuffer.InputLength > sizeof(gpio_info))
433 return -EINVAL;
435 if (copy_from_user(&gpio_info, IoBuffer.InputBuffer, IoBuffer.InputLength))
436 return -EFAULT;
438 uiBit = gpio_info.uiGpioNumber;
439 uiOperation = gpio_info.uiGpioValue;
440 value = (1<<uiBit);
442 if (IsReqGpioIsLedInNVM(Adapter, value) == false) {
443 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG,
444 DBG_LVL_ALL,
445 "Sorry, Requested GPIO<0x%X> is not correspond to LED !!!",
446 value);
447 Status = -EINVAL;
448 break;
451 /* Set - setting 1 */
452 if (uiOperation) {
453 /* Set the gpio output register */
454 Status = wrmaltWithLock(Adapter,
455 BCM_GPIO_OUTPUT_SET_REG,
456 (PUINT)(&value), sizeof(UINT));
458 if (Status == STATUS_SUCCESS) {
459 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS,
460 OSAL_DBG, DBG_LVL_ALL,
461 "Set the GPIO bit\n");
462 } else {
463 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS,
464 OSAL_DBG, DBG_LVL_ALL,
465 "Failed to set the %dth GPIO\n",
466 uiBit);
467 break;
469 } else {
470 /* Set the gpio output register */
471 Status = wrmaltWithLock(Adapter,
472 BCM_GPIO_OUTPUT_CLR_REG,
473 (PUINT)(&value), sizeof(UINT));
475 if (Status == STATUS_SUCCESS) {
476 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS,
477 OSAL_DBG, DBG_LVL_ALL,
478 "Set the GPIO bit\n");
479 } else {
480 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS,
481 OSAL_DBG, DBG_LVL_ALL,
482 "Failed to clear the %dth GPIO\n",
483 uiBit);
484 break;
488 bytes = rdmaltWithLock(Adapter, (UINT)GPIO_MODE_REGISTER,
489 (PUINT)ucResetValue, sizeof(UINT));
490 if (bytes < 0) {
491 Status = bytes;
492 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL,
493 "GPIO_MODE_REGISTER read failed");
494 break;
495 } else {
496 Status = STATUS_SUCCESS;
499 /* Set the gpio mode register to output */
500 *(UINT *)ucResetValue |= (1<<uiBit);
501 Status = wrmaltWithLock(Adapter, GPIO_MODE_REGISTER,
502 (PUINT)ucResetValue, sizeof(UINT));
504 if (Status == STATUS_SUCCESS) {
505 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG,
506 DBG_LVL_ALL,
507 "Set the GPIO to output Mode\n");
508 } else {
509 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG,
510 DBG_LVL_ALL,
511 "Failed to put GPIO in Output Mode\n");
512 break;
515 break;
517 case BCM_LED_THREAD_STATE_CHANGE_REQ: {
518 struct bcm_user_thread_req threadReq = {0};
519 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL,
520 "User made LED thread InActive");
522 if ((Adapter->IdleMode == TRUE) ||
523 (Adapter->bShutStatus == TRUE) ||
524 (Adapter->bPreparingForLowPowerMode == TRUE)) {
526 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG,
527 DBG_LVL_ALL,
528 "GPIO Can't be set/clear in Low power Mode");
529 Status = -EACCES;
530 break;
533 if (copy_from_user(&IoBuffer, argp, sizeof(struct bcm_ioctl_buffer)))
534 return -EFAULT;
536 if (IoBuffer.InputLength > sizeof(threadReq))
537 return -EINVAL;
539 if (copy_from_user(&threadReq, IoBuffer.InputBuffer, IoBuffer.InputLength))
540 return -EFAULT;
542 /* if LED thread is running(Actively or Inactively) set it state to make inactive */
543 if (Adapter->LEDInfo.led_thread_running) {
544 if (threadReq.ThreadState == LED_THREAD_ACTIVATION_REQ) {
545 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS,
546 OSAL_DBG, DBG_LVL_ALL,
547 "Activating thread req");
548 Adapter->DriverState = LED_THREAD_ACTIVE;
549 } else {
550 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS,
551 OSAL_DBG, DBG_LVL_ALL,
552 "DeActivating Thread req.....");
553 Adapter->DriverState = LED_THREAD_INACTIVE;
556 /* signal thread. */
557 wake_up(&Adapter->LEDInfo.notify_led_event);
560 break;
562 case IOCTL_BCM_GPIO_STATUS_REQUEST: {
563 ULONG uiBit = 0;
564 UCHAR ucRead[4];
565 struct bcm_gpio_info gpio_info = {0};
567 if ((Adapter->IdleMode == TRUE) ||
568 (Adapter->bShutStatus == TRUE) ||
569 (Adapter->bPreparingForLowPowerMode == TRUE))
570 return -EACCES;
572 if (copy_from_user(&IoBuffer, argp, sizeof(struct bcm_ioctl_buffer)))
573 return -EFAULT;
575 if (IoBuffer.InputLength > sizeof(gpio_info))
576 return -EINVAL;
578 if (copy_from_user(&gpio_info, IoBuffer.InputBuffer, IoBuffer.InputLength))
579 return -EFAULT;
581 uiBit = gpio_info.uiGpioNumber;
583 /* Set the gpio output register */
584 bytes = rdmaltWithLock(Adapter, (UINT)GPIO_PIN_STATE_REGISTER,
585 (PUINT)ucRead, sizeof(UINT));
587 if (bytes < 0) {
588 Status = bytes;
589 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0,
590 "RDM Failed\n");
591 return Status;
592 } else {
593 Status = STATUS_SUCCESS;
596 break;
598 case IOCTL_BCM_GPIO_MULTI_REQUEST: {
599 UCHAR ucResetValue[4];
600 struct bcm_gpio_multi_info gpio_multi_info[MAX_IDX];
601 struct bcm_gpio_multi_info *pgpio_multi_info = (struct bcm_gpio_multi_info *)gpio_multi_info;
603 memset(pgpio_multi_info, 0, MAX_IDX * sizeof(struct bcm_gpio_multi_info));
605 if ((Adapter->IdleMode == TRUE) ||
606 (Adapter->bShutStatus == TRUE) ||
607 (Adapter->bPreparingForLowPowerMode == TRUE))
608 return -EINVAL;
610 if (copy_from_user(&IoBuffer, argp, sizeof(struct bcm_ioctl_buffer)))
611 return -EFAULT;
613 if (IoBuffer.InputLength > sizeof(gpio_multi_info))
614 return -EINVAL;
616 if (copy_from_user(&gpio_multi_info, IoBuffer.InputBuffer, IoBuffer.InputLength))
617 return -EFAULT;
619 if (IsReqGpioIsLedInNVM(Adapter, pgpio_multi_info[WIMAX_IDX].uiGPIOMask) == false) {
620 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG,
621 DBG_LVL_ALL,
622 "Sorry, Requested GPIO<0x%X> is not correspond to NVM LED bit map<0x%X>!!!",
623 pgpio_multi_info[WIMAX_IDX].uiGPIOMask,
624 Adapter->gpioBitMap);
625 Status = -EINVAL;
626 break;
629 /* Set the gpio output register */
630 if ((pgpio_multi_info[WIMAX_IDX].uiGPIOMask) &
631 (pgpio_multi_info[WIMAX_IDX].uiGPIOCommand)) {
632 /* Set 1's in GPIO OUTPUT REGISTER */
633 *(UINT *)ucResetValue = pgpio_multi_info[WIMAX_IDX].uiGPIOMask &
634 pgpio_multi_info[WIMAX_IDX].uiGPIOCommand &
635 pgpio_multi_info[WIMAX_IDX].uiGPIOValue;
637 if (*(UINT *) ucResetValue)
638 Status = wrmaltWithLock(Adapter, BCM_GPIO_OUTPUT_SET_REG,
639 (PUINT)ucResetValue, sizeof(ULONG));
641 if (Status != STATUS_SUCCESS) {
642 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0,
643 "WRM to BCM_GPIO_OUTPUT_SET_REG Failed.");
644 return Status;
647 /* Clear to 0's in GPIO OUTPUT REGISTER */
648 *(UINT *)ucResetValue = (pgpio_multi_info[WIMAX_IDX].uiGPIOMask &
649 pgpio_multi_info[WIMAX_IDX].uiGPIOCommand &
650 (~(pgpio_multi_info[WIMAX_IDX].uiGPIOValue)));
652 if (*(UINT *) ucResetValue)
653 Status = wrmaltWithLock(Adapter, BCM_GPIO_OUTPUT_CLR_REG, (PUINT)ucResetValue, sizeof(ULONG));
655 if (Status != STATUS_SUCCESS) {
656 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0,
657 "WRM to BCM_GPIO_OUTPUT_CLR_REG Failed.");
658 return Status;
662 if (pgpio_multi_info[WIMAX_IDX].uiGPIOMask) {
663 bytes = rdmaltWithLock(Adapter, (UINT)GPIO_PIN_STATE_REGISTER, (PUINT)ucResetValue, sizeof(UINT));
665 if (bytes < 0) {
666 Status = bytes;
667 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0,
668 "RDM to GPIO_PIN_STATE_REGISTER Failed.");
669 return Status;
670 } else {
671 Status = STATUS_SUCCESS;
674 pgpio_multi_info[WIMAX_IDX].uiGPIOValue = (*(UINT *)ucResetValue &
675 pgpio_multi_info[WIMAX_IDX].uiGPIOMask);
678 Status = copy_to_user(IoBuffer.OutputBuffer, &gpio_multi_info, IoBuffer.OutputLength);
679 if (Status) {
680 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0,
681 "Failed while copying Content to IOBufer for user space err:%d", Status);
682 return -EFAULT;
685 break;
687 case IOCTL_BCM_GPIO_MODE_REQUEST: {
688 UCHAR ucResetValue[4];
689 struct bcm_gpio_multi_mode gpio_multi_mode[MAX_IDX];
690 struct bcm_gpio_multi_mode *pgpio_multi_mode = (struct bcm_gpio_multi_mode *)gpio_multi_mode;
692 if ((Adapter->IdleMode == TRUE) ||
693 (Adapter->bShutStatus == TRUE) ||
694 (Adapter->bPreparingForLowPowerMode == TRUE))
695 return -EINVAL;
697 if (copy_from_user(&IoBuffer, argp, sizeof(struct bcm_ioctl_buffer)))
698 return -EFAULT;
700 if (IoBuffer.InputLength > sizeof(gpio_multi_mode))
701 return -EINVAL;
703 if (copy_from_user(&gpio_multi_mode, IoBuffer.InputBuffer, IoBuffer.InputLength))
704 return -EFAULT;
706 bytes = rdmaltWithLock(Adapter, (UINT)GPIO_MODE_REGISTER, (PUINT)ucResetValue, sizeof(UINT));
708 if (bytes < 0) {
709 Status = bytes;
710 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "Read of GPIO_MODE_REGISTER failed");
711 return Status;
712 } else {
713 Status = STATUS_SUCCESS;
716 /* Validating the request */
717 if (IsReqGpioIsLedInNVM(Adapter, pgpio_multi_mode[WIMAX_IDX].uiGPIOMask) == false) {
718 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL,
719 "Sorry, Requested GPIO<0x%X> is not correspond to NVM LED bit map<0x%X>!!!",
720 pgpio_multi_mode[WIMAX_IDX].uiGPIOMask, Adapter->gpioBitMap);
721 Status = -EINVAL;
722 break;
725 if (pgpio_multi_mode[WIMAX_IDX].uiGPIOMask) {
726 /* write all OUT's (1's) */
727 *(UINT *) ucResetValue |= (pgpio_multi_mode[WIMAX_IDX].uiGPIOMode &
728 pgpio_multi_mode[WIMAX_IDX].uiGPIOMask);
730 /* write all IN's (0's) */
731 *(UINT *) ucResetValue &= ~((~pgpio_multi_mode[WIMAX_IDX].uiGPIOMode) &
732 pgpio_multi_mode[WIMAX_IDX].uiGPIOMask);
734 /* Currently implemented return the modes of all GPIO's
735 * else needs to bit AND with mask
737 pgpio_multi_mode[WIMAX_IDX].uiGPIOMode = *(UINT *)ucResetValue;
739 Status = wrmaltWithLock(Adapter, GPIO_MODE_REGISTER, (PUINT)ucResetValue, sizeof(ULONG));
740 if (Status == STATUS_SUCCESS) {
741 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL,
742 "WRM to GPIO_MODE_REGISTER Done");
743 } else {
744 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0,
745 "WRM to GPIO_MODE_REGISTER Failed");
746 Status = -EFAULT;
747 break;
749 } else {
750 /* if uiGPIOMask is 0 then return mode register configuration */
751 pgpio_multi_mode[WIMAX_IDX].uiGPIOMode = *(UINT *)ucResetValue;
754 Status = copy_to_user(IoBuffer.OutputBuffer, &gpio_multi_mode, IoBuffer.OutputLength);
755 if (Status) {
756 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0,
757 "Failed while copying Content to IOBufer for user space err:%d", Status);
758 return -EFAULT;
761 break;
763 case IOCTL_MAC_ADDR_REQ:
764 case IOCTL_LINK_REQ:
765 case IOCTL_CM_REQUEST:
766 case IOCTL_SS_INFO_REQ:
767 case IOCTL_SEND_CONTROL_MESSAGE:
768 case IOCTL_IDLE_REQ: {
769 PVOID pvBuffer = NULL;
771 /* Copy Ioctl Buffer structure */
772 if (copy_from_user(&IoBuffer, argp, sizeof(struct bcm_ioctl_buffer)))
773 return -EFAULT;
775 if (IoBuffer.InputLength < sizeof(struct bcm_link_request))
776 return -EINVAL;
778 if (IoBuffer.InputLength > MAX_CNTL_PKT_SIZE)
779 return -EINVAL;
781 pvBuffer = memdup_user(IoBuffer.InputBuffer,
782 IoBuffer.InputLength);
783 if (IS_ERR(pvBuffer))
784 return PTR_ERR(pvBuffer);
786 down(&Adapter->LowPowerModeSync);
787 Status = wait_event_interruptible_timeout(Adapter->lowpower_mode_wait_queue,
788 !Adapter->bPreparingForLowPowerMode,
789 (1 * HZ));
790 if (Status == -ERESTARTSYS)
791 goto cntrlEnd;
793 if (Adapter->bPreparingForLowPowerMode) {
794 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL,
795 "Preparing Idle Mode is still True - Hence Rejecting control message\n");
796 Status = STATUS_FAILURE;
797 goto cntrlEnd;
799 Status = CopyBufferToControlPacket(Adapter, (PVOID)pvBuffer);
801 cntrlEnd:
802 up(&Adapter->LowPowerModeSync);
803 kfree(pvBuffer);
804 break;
807 case IOCTL_BCM_BUFFER_DOWNLOAD_START: {
808 if (down_trylock(&Adapter->NVMRdmWrmLock)) {
809 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL,
810 "IOCTL_BCM_CHIP_RESET not allowed as EEPROM Read/Write is in progress\n");
811 return -EACCES;
814 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0,
815 "Starting the firmware download PID =0x%x!!!!\n", current->pid);
817 if (down_trylock(&Adapter->fw_download_sema))
818 return -EBUSY;
820 Adapter->bBinDownloaded = false;
821 Adapter->fw_download_process_pid = current->pid;
822 Adapter->bCfgDownloaded = false;
823 Adapter->fw_download_done = false;
824 netif_carrier_off(Adapter->dev);
825 netif_stop_queue(Adapter->dev);
826 Status = reset_card_proc(Adapter);
827 if (Status) {
828 pr_err(PFX "%s: reset_card_proc Failed!\n", Adapter->dev->name);
829 up(&Adapter->fw_download_sema);
830 up(&Adapter->NVMRdmWrmLock);
831 return Status;
833 mdelay(10);
835 up(&Adapter->NVMRdmWrmLock);
836 return Status;
839 case IOCTL_BCM_BUFFER_DOWNLOAD: {
840 struct bcm_firmware_info *psFwInfo = NULL;
841 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "Starting the firmware download PID =0x%x!!!!\n", current->pid);
843 if (!down_trylock(&Adapter->fw_download_sema)) {
844 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0,
845 "Invalid way to download buffer. Use Start and then call this!!!\n");
846 up(&Adapter->fw_download_sema);
847 Status = -EINVAL;
848 return Status;
851 /* Copy Ioctl Buffer structure */
852 if (copy_from_user(&IoBuffer, argp, sizeof(struct bcm_ioctl_buffer))) {
853 up(&Adapter->fw_download_sema);
854 return -EFAULT;
857 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0,
858 "Length for FW DLD is : %lx\n", IoBuffer.InputLength);
860 if (IoBuffer.InputLength > sizeof(struct bcm_firmware_info)) {
861 up(&Adapter->fw_download_sema);
862 return -EINVAL;
865 psFwInfo = kmalloc(sizeof(*psFwInfo), GFP_KERNEL);
866 if (!psFwInfo) {
867 up(&Adapter->fw_download_sema);
868 return -ENOMEM;
871 if (copy_from_user(psFwInfo, IoBuffer.InputBuffer, IoBuffer.InputLength)) {
872 up(&Adapter->fw_download_sema);
873 kfree(psFwInfo);
874 return -EFAULT;
877 if (!psFwInfo->pvMappedFirmwareAddress ||
878 (psFwInfo->u32FirmwareLength == 0)) {
880 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "Something else is wrong %lu\n",
881 psFwInfo->u32FirmwareLength);
882 up(&Adapter->fw_download_sema);
883 kfree(psFwInfo);
884 Status = -EINVAL;
885 return Status;
888 Status = bcm_ioctl_fw_download(Adapter, psFwInfo);
890 if (Status != STATUS_SUCCESS) {
891 if (psFwInfo->u32StartingAddress == CONFIG_BEGIN_ADDR)
892 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "IOCTL: Configuration File Upload Failed\n");
893 else
894 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "IOCTL: Firmware File Upload Failed\n");
896 /* up(&Adapter->fw_download_sema); */
898 if (Adapter->LEDInfo.led_thread_running & BCM_LED_THREAD_RUNNING_ACTIVELY) {
899 Adapter->DriverState = DRIVER_INIT;
900 Adapter->LEDInfo.bLedInitDone = false;
901 wake_up(&Adapter->LEDInfo.notify_led_event);
905 if (Status != STATUS_SUCCESS)
906 up(&Adapter->fw_download_sema);
908 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, OSAL_DBG, DBG_LVL_ALL, "IOCTL: Firmware File Uploaded\n");
909 kfree(psFwInfo);
910 return Status;
913 case IOCTL_BCM_BUFFER_DOWNLOAD_STOP: {
914 if (!down_trylock(&Adapter->fw_download_sema)) {
915 up(&Adapter->fw_download_sema);
916 return -EINVAL;
919 if (down_trylock(&Adapter->NVMRdmWrmLock)) {
920 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0,
921 "FW download blocked as EEPROM Read/Write is in progress\n");
922 up(&Adapter->fw_download_sema);
923 return -EACCES;
926 Adapter->bBinDownloaded = TRUE;
927 Adapter->bCfgDownloaded = TRUE;
928 atomic_set(&Adapter->CurrNumFreeTxDesc, 0);
929 Adapter->CurrNumRecvDescs = 0;
930 Adapter->downloadDDR = 0;
932 /* setting the Mips to Run */
933 Status = run_card_proc(Adapter);
935 if (Status) {
936 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "Firm Download Failed\n");
937 up(&Adapter->fw_download_sema);
938 up(&Adapter->NVMRdmWrmLock);
939 return Status;
940 } else {
941 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG,
942 DBG_LVL_ALL, "Firm Download Over...\n");
945 mdelay(10);
947 /* Wait for MailBox Interrupt */
948 if (StartInterruptUrb((struct bcm_interface_adapter *)Adapter->pvInterfaceAdapter))
949 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "Unable to send interrupt...\n");
951 timeout = 5*HZ;
952 Adapter->waiting_to_fw_download_done = false;
953 wait_event_timeout(Adapter->ioctl_fw_dnld_wait_queue,
954 Adapter->waiting_to_fw_download_done, timeout);
955 Adapter->fw_download_process_pid = INVALID_PID;
956 Adapter->fw_download_done = TRUE;
957 atomic_set(&Adapter->CurrNumFreeTxDesc, 0);
958 Adapter->CurrNumRecvDescs = 0;
959 Adapter->PrevNumRecvDescs = 0;
960 atomic_set(&Adapter->cntrlpktCnt, 0);
961 Adapter->LinkUpStatus = 0;
962 Adapter->LinkStatus = 0;
964 if (Adapter->LEDInfo.led_thread_running & BCM_LED_THREAD_RUNNING_ACTIVELY) {
965 Adapter->DriverState = FW_DOWNLOAD_DONE;
966 wake_up(&Adapter->LEDInfo.notify_led_event);
969 if (!timeout)
970 Status = -ENODEV;
972 up(&Adapter->fw_download_sema);
973 up(&Adapter->NVMRdmWrmLock);
974 return Status;
977 case IOCTL_BE_BUCKET_SIZE:
978 Status = 0;
979 if (get_user(Adapter->BEBucketSize, (unsigned long __user *)arg))
980 Status = -EFAULT;
981 break;
983 case IOCTL_RTPS_BUCKET_SIZE:
984 Status = 0;
985 if (get_user(Adapter->rtPSBucketSize, (unsigned long __user *)arg))
986 Status = -EFAULT;
987 break;
989 case IOCTL_CHIP_RESET: {
990 INT NVMAccess = down_trylock(&Adapter->NVMRdmWrmLock);
991 if (NVMAccess) {
992 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, " IOCTL_BCM_CHIP_RESET not allowed as EEPROM Read/Write is in progress\n");
993 return -EACCES;
996 down(&Adapter->RxAppControlQueuelock);
997 Status = reset_card_proc(Adapter);
998 flushAllAppQ();
999 up(&Adapter->RxAppControlQueuelock);
1000 up(&Adapter->NVMRdmWrmLock);
1001 ResetCounters(Adapter);
1002 break;
1005 case IOCTL_QOS_THRESHOLD: {
1006 USHORT uiLoopIndex;
1008 Status = 0;
1009 for (uiLoopIndex = 0; uiLoopIndex < NO_OF_QUEUES; uiLoopIndex++) {
1010 if (get_user(Adapter->PackInfo[uiLoopIndex].uiThreshold,
1011 (unsigned long __user *)arg)) {
1012 Status = -EFAULT;
1013 break;
1016 break;
1019 case IOCTL_DUMP_PACKET_INFO:
1020 DumpPackInfo(Adapter);
1021 DumpPhsRules(&Adapter->stBCMPhsContext);
1022 Status = STATUS_SUCCESS;
1023 break;
1025 case IOCTL_GET_PACK_INFO:
1026 if (copy_to_user(argp, &Adapter->PackInfo, sizeof(struct bcm_packet_info)*NO_OF_QUEUES))
1027 return -EFAULT;
1028 Status = STATUS_SUCCESS;
1029 break;
1031 case IOCTL_BCM_SWITCH_TRANSFER_MODE: {
1032 UINT uiData = 0;
1033 if (copy_from_user(&uiData, argp, sizeof(UINT)))
1034 return -EFAULT;
1036 if (uiData) {
1037 /* Allow All Packets */
1038 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "IOCTL_BCM_SWITCH_TRANSFER_MODE: ETH_PACKET_TUNNELING_MODE\n");
1039 Adapter->TransferMode = ETH_PACKET_TUNNELING_MODE;
1040 } else {
1041 /* Allow IP only Packets */
1042 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "IOCTL_BCM_SWITCH_TRANSFER_MODE: IP_PACKET_ONLY_MODE\n");
1043 Adapter->TransferMode = IP_PACKET_ONLY_MODE;
1045 Status = STATUS_SUCCESS;
1046 break;
1049 case IOCTL_BCM_GET_DRIVER_VERSION: {
1050 ulong len;
1052 /* Copy Ioctl Buffer structure */
1053 if (copy_from_user(&IoBuffer, argp, sizeof(struct bcm_ioctl_buffer)))
1054 return -EFAULT;
1056 len = min_t(ulong, IoBuffer.OutputLength, strlen(DRV_VERSION) + 1);
1058 if (copy_to_user(IoBuffer.OutputBuffer, DRV_VERSION, len))
1059 return -EFAULT;
1060 Status = STATUS_SUCCESS;
1061 break;
1064 case IOCTL_BCM_GET_CURRENT_STATUS: {
1065 struct bcm_link_state link_state;
1067 /* Copy Ioctl Buffer structure */
1068 if (copy_from_user(&IoBuffer, argp, sizeof(struct bcm_ioctl_buffer))) {
1069 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "copy_from_user failed..\n");
1070 return -EFAULT;
1073 if (IoBuffer.OutputLength != sizeof(link_state)) {
1074 Status = -EINVAL;
1075 break;
1078 memset(&link_state, 0, sizeof(link_state));
1079 link_state.bIdleMode = Adapter->IdleMode;
1080 link_state.bShutdownMode = Adapter->bShutStatus;
1081 link_state.ucLinkStatus = Adapter->LinkStatus;
1083 if (copy_to_user(IoBuffer.OutputBuffer, &link_state, min_t(size_t, sizeof(link_state), IoBuffer.OutputLength))) {
1084 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "Copy_to_user Failed..\n");
1085 return -EFAULT;
1087 Status = STATUS_SUCCESS;
1088 break;
1091 case IOCTL_BCM_SET_MAC_TRACING: {
1092 UINT tracing_flag;
1094 /* copy ioctl Buffer structure */
1095 if (copy_from_user(&IoBuffer, argp, sizeof(struct bcm_ioctl_buffer)))
1096 return -EFAULT;
1098 if (copy_from_user(&tracing_flag, IoBuffer.InputBuffer, sizeof(UINT)))
1099 return -EFAULT;
1101 if (tracing_flag)
1102 Adapter->pTarangs->MacTracingEnabled = TRUE;
1103 else
1104 Adapter->pTarangs->MacTracingEnabled = false;
1105 break;
1108 case IOCTL_BCM_GET_DSX_INDICATION: {
1109 ULONG ulSFId = 0;
1110 if (copy_from_user(&IoBuffer, argp, sizeof(struct bcm_ioctl_buffer)))
1111 return -EFAULT;
1113 if (IoBuffer.OutputLength < sizeof(struct bcm_add_indication_alt)) {
1114 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0,
1115 "Mismatch req: %lx needed is =0x%zx!!!",
1116 IoBuffer.OutputLength, sizeof(struct bcm_add_indication_alt));
1117 return -EINVAL;
1120 if (copy_from_user(&ulSFId, IoBuffer.InputBuffer, sizeof(ulSFId)))
1121 return -EFAULT;
1123 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "Get DSX Data SF ID is =%lx\n", ulSFId);
1124 get_dsx_sf_data_to_application(Adapter, ulSFId, IoBuffer.OutputBuffer);
1125 Status = STATUS_SUCCESS;
1127 break;
1129 case IOCTL_BCM_GET_HOST_MIBS: {
1130 PVOID temp_buff;
1132 if (copy_from_user(&IoBuffer, argp, sizeof(struct bcm_ioctl_buffer)))
1133 return -EFAULT;
1135 if (IoBuffer.OutputLength != sizeof(struct bcm_host_stats_mibs)) {
1136 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0,
1137 "Length Check failed %lu %zd\n",
1138 IoBuffer.OutputLength, sizeof(struct bcm_host_stats_mibs));
1139 return -EINVAL;
1142 /* FIXME: HOST_STATS are too big for kmalloc (122048)! */
1143 temp_buff = kzalloc(sizeof(struct bcm_host_stats_mibs), GFP_KERNEL);
1144 if (!temp_buff)
1145 return STATUS_FAILURE;
1147 Status = ProcessGetHostMibs(Adapter, temp_buff);
1148 GetDroppedAppCntrlPktMibs(temp_buff, pTarang);
1150 if (Status != STATUS_FAILURE)
1151 if (copy_to_user(IoBuffer.OutputBuffer, temp_buff, sizeof(struct bcm_host_stats_mibs))) {
1152 kfree(temp_buff);
1153 return -EFAULT;
1156 kfree(temp_buff);
1157 break;
1160 case IOCTL_BCM_WAKE_UP_DEVICE_FROM_IDLE:
1161 if ((false == Adapter->bTriedToWakeUpFromlowPowerMode) && (TRUE == Adapter->IdleMode)) {
1162 Adapter->usIdleModePattern = ABORT_IDLE_MODE;
1163 Adapter->bWakeUpDevice = TRUE;
1164 wake_up(&Adapter->process_rx_cntrlpkt);
1167 Status = STATUS_SUCCESS;
1168 break;
1170 case IOCTL_BCM_BULK_WRM: {
1171 struct bcm_bulk_wrm_buffer *pBulkBuffer;
1172 UINT uiTempVar = 0;
1173 PCHAR pvBuffer = NULL;
1175 if ((Adapter->IdleMode == TRUE) ||
1176 (Adapter->bShutStatus == TRUE) ||
1177 (Adapter->bPreparingForLowPowerMode == TRUE)) {
1179 BCM_DEBUG_PRINT (Adapter, DBG_TYPE_PRINTK, 0, 0, "Device in Idle/Shutdown Mode, Blocking Wrms\n");
1180 Status = -EACCES;
1181 break;
1184 /* Copy Ioctl Buffer structure */
1185 if (copy_from_user(&IoBuffer, argp, sizeof(struct bcm_ioctl_buffer)))
1186 return -EFAULT;
1188 if (IoBuffer.InputLength < sizeof(ULONG) * 2)
1189 return -EINVAL;
1191 pvBuffer = memdup_user(IoBuffer.InputBuffer,
1192 IoBuffer.InputLength);
1193 if (IS_ERR(pvBuffer))
1194 return PTR_ERR(pvBuffer);
1196 pBulkBuffer = (struct bcm_bulk_wrm_buffer *)pvBuffer;
1198 if (((ULONG)pBulkBuffer->Register & 0x0F000000) != 0x0F000000 ||
1199 ((ULONG)pBulkBuffer->Register & 0x3)) {
1200 BCM_DEBUG_PRINT (Adapter, DBG_TYPE_PRINTK, 0, 0, "WRM Done On invalid Address : %x Access Denied.\n", (int)pBulkBuffer->Register);
1201 kfree(pvBuffer);
1202 Status = -EINVAL;
1203 break;
1206 uiTempVar = pBulkBuffer->Register & EEPROM_REJECT_MASK;
1207 if (!((Adapter->pstargetparams->m_u32Customize)&VSG_MODE) &&
1208 ((uiTempVar == EEPROM_REJECT_REG_1) ||
1209 (uiTempVar == EEPROM_REJECT_REG_2) ||
1210 (uiTempVar == EEPROM_REJECT_REG_3) ||
1211 (uiTempVar == EEPROM_REJECT_REG_4)) &&
1212 (cmd == IOCTL_BCM_REGISTER_WRITE)) {
1214 kfree(pvBuffer);
1215 BCM_DEBUG_PRINT (Adapter, DBG_TYPE_PRINTK, 0, 0, "EEPROM Access Denied, not in VSG Mode\n");
1216 Status = -EFAULT;
1217 break;
1220 if (pBulkBuffer->SwapEndian == false)
1221 Status = wrmWithLock(Adapter, (UINT)pBulkBuffer->Register, (PCHAR)pBulkBuffer->Values, IoBuffer.InputLength - 2*sizeof(ULONG));
1222 else
1223 Status = wrmaltWithLock(Adapter, (UINT)pBulkBuffer->Register, (PUINT)pBulkBuffer->Values, IoBuffer.InputLength - 2*sizeof(ULONG));
1225 if (Status != STATUS_SUCCESS)
1226 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "WRM Failed\n");
1228 kfree(pvBuffer);
1229 break;
1232 case IOCTL_BCM_GET_NVM_SIZE:
1233 if (copy_from_user(&IoBuffer, argp, sizeof(struct bcm_ioctl_buffer)))
1234 return -EFAULT;
1236 if (Adapter->eNVMType == NVM_EEPROM || Adapter->eNVMType == NVM_FLASH) {
1237 if (copy_to_user(IoBuffer.OutputBuffer, &Adapter->uiNVMDSDSize, sizeof(UINT)))
1238 return -EFAULT;
1241 Status = STATUS_SUCCESS;
1242 break;
1244 case IOCTL_BCM_CAL_INIT: {
1245 UINT uiSectorSize = 0;
1246 if (Adapter->eNVMType == NVM_FLASH) {
1247 if (copy_from_user(&IoBuffer, argp, sizeof(struct bcm_ioctl_buffer)))
1248 return -EFAULT;
1250 if (copy_from_user(&uiSectorSize, IoBuffer.InputBuffer, sizeof(UINT)))
1251 return -EFAULT;
1253 if ((uiSectorSize < MIN_SECTOR_SIZE) || (uiSectorSize > MAX_SECTOR_SIZE)) {
1254 if (copy_to_user(IoBuffer.OutputBuffer, &Adapter->uiSectorSize,
1255 sizeof(UINT)))
1256 return -EFAULT;
1257 } else {
1258 if (IsFlash2x(Adapter)) {
1259 if (copy_to_user(IoBuffer.OutputBuffer, &Adapter->uiSectorSize, sizeof(UINT)))
1260 return -EFAULT;
1261 } else {
1262 if ((TRUE == Adapter->bShutStatus) || (TRUE == Adapter->IdleMode)) {
1263 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "Device is in Idle/Shutdown Mode\n");
1264 return -EACCES;
1267 Adapter->uiSectorSize = uiSectorSize;
1268 BcmUpdateSectorSize(Adapter, Adapter->uiSectorSize);
1271 Status = STATUS_SUCCESS;
1272 } else {
1273 Status = STATUS_FAILURE;
1276 break;
1278 case IOCTL_BCM_SET_DEBUG:
1279 #ifdef DEBUG
1281 struct bcm_user_debug_state sUserDebugState;
1283 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "In SET_DEBUG ioctl\n");
1284 if (copy_from_user(&IoBuffer, argp, sizeof(struct bcm_ioctl_buffer)))
1285 return -EFAULT;
1287 if (copy_from_user(&sUserDebugState, IoBuffer.InputBuffer, sizeof(struct bcm_user_debug_state)))
1288 return -EFAULT;
1290 BCM_DEBUG_PRINT (Adapter, DBG_TYPE_PRINTK, 0, 0, "IOCTL_BCM_SET_DEBUG: OnOff=%d Type = 0x%x ",
1291 sUserDebugState.OnOff, sUserDebugState.Type);
1292 /* sUserDebugState.Subtype <<= 1; */
1293 sUserDebugState.Subtype = 1 << sUserDebugState.Subtype;
1294 BCM_DEBUG_PRINT (Adapter, DBG_TYPE_PRINTK, 0, 0, "actual Subtype=0x%x\n", sUserDebugState.Subtype);
1296 /* Update new 'DebugState' in the Adapter */
1297 Adapter->stDebugState.type |= sUserDebugState.Type;
1298 /* Subtype: A bitmap of 32 bits for Subtype per Type.
1299 * Valid indexes in 'subtype' array: 1,2,4,8
1300 * corresponding to valid Type values. Hence we can use the 'Type' field
1301 * as the index value, ignoring the array entries 0,3,5,6,7 !
1303 if (sUserDebugState.OnOff)
1304 Adapter->stDebugState.subtype[sUserDebugState.Type] |= sUserDebugState.Subtype;
1305 else
1306 Adapter->stDebugState.subtype[sUserDebugState.Type] &= ~sUserDebugState.Subtype;
1308 BCM_SHOW_DEBUG_BITMAP(Adapter);
1310 #endif
1311 break;
1313 case IOCTL_BCM_NVM_READ:
1314 case IOCTL_BCM_NVM_WRITE: {
1315 struct bcm_nvm_readwrite stNVMReadWrite;
1316 PUCHAR pReadData = NULL;
1317 ULONG ulDSDMagicNumInUsrBuff = 0;
1318 struct timeval tv0, tv1;
1319 memset(&tv0, 0, sizeof(struct timeval));
1320 memset(&tv1, 0, sizeof(struct timeval));
1321 if ((Adapter->eNVMType == NVM_FLASH) && (Adapter->uiFlashLayoutMajorVersion == 0)) {
1322 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "The Flash Control Section is Corrupted. Hence Rejection on NVM Read/Write\n");
1323 return -EFAULT;
1326 if (IsFlash2x(Adapter)) {
1327 if ((Adapter->eActiveDSD != DSD0) &&
1328 (Adapter->eActiveDSD != DSD1) &&
1329 (Adapter->eActiveDSD != DSD2)) {
1331 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "No DSD is active..hence NVM Command is blocked");
1332 return STATUS_FAILURE;
1336 /* Copy Ioctl Buffer structure */
1337 if (copy_from_user(&IoBuffer, argp, sizeof(struct bcm_ioctl_buffer)))
1338 return -EFAULT;
1340 if (copy_from_user(&stNVMReadWrite,
1341 (IOCTL_BCM_NVM_READ == cmd) ? IoBuffer.OutputBuffer : IoBuffer.InputBuffer,
1342 sizeof(struct bcm_nvm_readwrite)))
1343 return -EFAULT;
1346 * Deny the access if the offset crosses the cal area limit.
1348 if (stNVMReadWrite.uiNumBytes > Adapter->uiNVMDSDSize)
1349 return STATUS_FAILURE;
1351 if (stNVMReadWrite.uiOffset > Adapter->uiNVMDSDSize - stNVMReadWrite.uiNumBytes) {
1352 /* BCM_DEBUG_PRINT(Adapter,DBG_TYPE_PRINTK, 0, 0,"Can't allow access beyond NVM Size: 0x%x 0x%x\n", stNVMReadWrite.uiOffset, stNVMReadWrite.uiNumBytes); */
1353 return STATUS_FAILURE;
1356 pReadData = memdup_user(stNVMReadWrite.pBuffer,
1357 stNVMReadWrite.uiNumBytes);
1358 if (IS_ERR(pReadData))
1359 return PTR_ERR(pReadData);
1361 do_gettimeofday(&tv0);
1362 if (IOCTL_BCM_NVM_READ == cmd) {
1363 down(&Adapter->NVMRdmWrmLock);
1365 if ((Adapter->IdleMode == TRUE) ||
1366 (Adapter->bShutStatus == TRUE) ||
1367 (Adapter->bPreparingForLowPowerMode == TRUE)) {
1369 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "Device is in Idle/Shutdown Mode\n");
1370 up(&Adapter->NVMRdmWrmLock);
1371 kfree(pReadData);
1372 return -EACCES;
1375 Status = BeceemNVMRead(Adapter, (PUINT)pReadData, stNVMReadWrite.uiOffset, stNVMReadWrite.uiNumBytes);
1376 up(&Adapter->NVMRdmWrmLock);
1378 if (Status != STATUS_SUCCESS) {
1379 kfree(pReadData);
1380 return Status;
1383 if (copy_to_user(stNVMReadWrite.pBuffer, pReadData, stNVMReadWrite.uiNumBytes)) {
1384 kfree(pReadData);
1385 return -EFAULT;
1387 } else {
1388 down(&Adapter->NVMRdmWrmLock);
1390 if ((Adapter->IdleMode == TRUE) ||
1391 (Adapter->bShutStatus == TRUE) ||
1392 (Adapter->bPreparingForLowPowerMode == TRUE)) {
1394 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "Device is in Idle/Shutdown Mode\n");
1395 up(&Adapter->NVMRdmWrmLock);
1396 kfree(pReadData);
1397 return -EACCES;
1400 Adapter->bHeaderChangeAllowed = TRUE;
1401 if (IsFlash2x(Adapter)) {
1403 * New Requirement:-
1404 * DSD section updation will be allowed in two case:-
1405 * 1. if DSD sig is present in DSD header means dongle is ok and updation is fruitfull
1406 * 2. if point 1 failes then user buff should have DSD sig. this point ensures that if dongle is
1407 * corrupted then user space program first modify the DSD header with valid DSD sig so
1408 * that this as well as further write may be worthwhile.
1410 * This restriction has been put assuming that if DSD sig is corrupted, DSD
1411 * data won't be considered valid.
1414 Status = BcmFlash2xCorruptSig(Adapter, Adapter->eActiveDSD);
1415 if (Status != STATUS_SUCCESS) {
1416 if (((stNVMReadWrite.uiOffset + stNVMReadWrite.uiNumBytes) != Adapter->uiNVMDSDSize) ||
1417 (stNVMReadWrite.uiNumBytes < SIGNATURE_SIZE)) {
1419 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "DSD Sig is present neither in Flash nor User provided Input..");
1420 up(&Adapter->NVMRdmWrmLock);
1421 kfree(pReadData);
1422 return Status;
1425 ulDSDMagicNumInUsrBuff = ntohl(*(PUINT)(pReadData + stNVMReadWrite.uiNumBytes - SIGNATURE_SIZE));
1426 if (ulDSDMagicNumInUsrBuff != DSD_IMAGE_MAGIC_NUMBER) {
1427 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "DSD Sig is present neither in Flash nor User provided Input..");
1428 up(&Adapter->NVMRdmWrmLock);
1429 kfree(pReadData);
1430 return Status;
1435 Status = BeceemNVMWrite(Adapter, (PUINT)pReadData, stNVMReadWrite.uiOffset, stNVMReadWrite.uiNumBytes, stNVMReadWrite.bVerify);
1436 if (IsFlash2x(Adapter))
1437 BcmFlash2xWriteSig(Adapter, Adapter->eActiveDSD);
1439 Adapter->bHeaderChangeAllowed = false;
1441 up(&Adapter->NVMRdmWrmLock);
1443 if (Status != STATUS_SUCCESS) {
1444 kfree(pReadData);
1445 return Status;
1449 do_gettimeofday(&tv1);
1450 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, " timetaken by Write/read :%ld msec\n", (tv1.tv_sec - tv0.tv_sec)*1000 + (tv1.tv_usec - tv0.tv_usec)/1000);
1452 kfree(pReadData);
1453 return STATUS_SUCCESS;
1456 case IOCTL_BCM_FLASH2X_SECTION_READ: {
1457 struct bcm_flash2x_readwrite sFlash2xRead = {0};
1458 PUCHAR pReadBuff = NULL;
1459 UINT NOB = 0;
1460 UINT BuffSize = 0;
1461 UINT ReadBytes = 0;
1462 UINT ReadOffset = 0;
1463 void __user *OutPutBuff;
1465 if (IsFlash2x(Adapter) != TRUE) {
1466 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "Flash Does not have 2.x map");
1467 return -EINVAL;
1470 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "IOCTL_BCM_FLASH2X_SECTION_READ Called");
1471 if (copy_from_user(&IoBuffer, argp, sizeof(struct bcm_ioctl_buffer)))
1472 return -EFAULT;
1474 /* Reading FLASH 2.x READ structure */
1475 if (copy_from_user(&sFlash2xRead, IoBuffer.InputBuffer, sizeof(struct bcm_flash2x_readwrite)))
1476 return -EFAULT;
1478 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "\nsFlash2xRead.Section :%x", sFlash2xRead.Section);
1479 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "\nsFlash2xRead.offset :%x", sFlash2xRead.offset);
1480 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "\nsFlash2xRead.numOfBytes :%x", sFlash2xRead.numOfBytes);
1481 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "\nsFlash2xRead.bVerify :%x\n", sFlash2xRead.bVerify);
1483 /* This was internal to driver for raw read. now it has ben exposed to user space app. */
1484 if (validateFlash2xReadWrite(Adapter, &sFlash2xRead) == false)
1485 return STATUS_FAILURE;
1487 NOB = sFlash2xRead.numOfBytes;
1488 if (NOB > Adapter->uiSectorSize)
1489 BuffSize = Adapter->uiSectorSize;
1490 else
1491 BuffSize = NOB;
1493 ReadOffset = sFlash2xRead.offset;
1494 OutPutBuff = IoBuffer.OutputBuffer;
1495 pReadBuff = (PCHAR)kzalloc(BuffSize , GFP_KERNEL);
1497 if (pReadBuff == NULL) {
1498 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "Memory allocation failed for Flash 2.x Read Structure");
1499 return -ENOMEM;
1501 down(&Adapter->NVMRdmWrmLock);
1503 if ((Adapter->IdleMode == TRUE) ||
1504 (Adapter->bShutStatus == TRUE) ||
1505 (Adapter->bPreparingForLowPowerMode == TRUE)) {
1507 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "Device is in Idle/Shutdown Mode\n");
1508 up(&Adapter->NVMRdmWrmLock);
1509 kfree(pReadBuff);
1510 return -EACCES;
1513 while (NOB) {
1514 if (NOB > Adapter->uiSectorSize)
1515 ReadBytes = Adapter->uiSectorSize;
1516 else
1517 ReadBytes = NOB;
1519 /* Reading the data from Flash 2.x */
1520 Status = BcmFlash2xBulkRead(Adapter, (PUINT)pReadBuff, sFlash2xRead.Section, ReadOffset, ReadBytes);
1521 if (Status) {
1522 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "Flash 2x read err with Status :%d", Status);
1523 break;
1526 BCM_DEBUG_PRINT_BUFFER(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, pReadBuff, ReadBytes);
1528 Status = copy_to_user(OutPutBuff, pReadBuff, ReadBytes);
1529 if (Status) {
1530 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "Copy to use failed with status :%d", Status);
1531 up(&Adapter->NVMRdmWrmLock);
1532 kfree(pReadBuff);
1533 return -EFAULT;
1535 NOB = NOB - ReadBytes;
1536 if (NOB) {
1537 ReadOffset = ReadOffset + ReadBytes;
1538 OutPutBuff = OutPutBuff + ReadBytes;
1542 up(&Adapter->NVMRdmWrmLock);
1543 kfree(pReadBuff);
1545 break;
1547 case IOCTL_BCM_FLASH2X_SECTION_WRITE: {
1548 struct bcm_flash2x_readwrite sFlash2xWrite = {0};
1549 PUCHAR pWriteBuff;
1550 void __user *InputAddr;
1551 UINT NOB = 0;
1552 UINT BuffSize = 0;
1553 UINT WriteOffset = 0;
1554 UINT WriteBytes = 0;
1556 if (IsFlash2x(Adapter) != TRUE) {
1557 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "Flash Does not have 2.x map");
1558 return -EINVAL;
1561 /* First make this False so that we can enable the Sector Permission Check in BeceemFlashBulkWrite */
1562 Adapter->bAllDSDWriteAllow = false;
1564 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "IOCTL_BCM_FLASH2X_SECTION_WRITE Called");
1566 if (copy_from_user(&IoBuffer, argp, sizeof(struct bcm_ioctl_buffer)))
1567 return -EFAULT;
1569 /* Reading FLASH 2.x READ structure */
1570 if (copy_from_user(&sFlash2xWrite, IoBuffer.InputBuffer, sizeof(struct bcm_flash2x_readwrite)))
1571 return -EFAULT;
1573 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "\nsFlash2xRead.Section :%x", sFlash2xWrite.Section);
1574 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "\nsFlash2xRead.offset :%d", sFlash2xWrite.offset);
1575 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "\nsFlash2xRead.numOfBytes :%x", sFlash2xWrite.numOfBytes);
1576 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "\nsFlash2xRead.bVerify :%x\n", sFlash2xWrite.bVerify);
1578 if ((sFlash2xWrite.Section != VSA0) && (sFlash2xWrite.Section != VSA1) && (sFlash2xWrite.Section != VSA2)) {
1579 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "Only VSA write is allowed");
1580 return -EINVAL;
1583 if (validateFlash2xReadWrite(Adapter, &sFlash2xWrite) == false)
1584 return STATUS_FAILURE;
1586 InputAddr = sFlash2xWrite.pDataBuff;
1587 WriteOffset = sFlash2xWrite.offset;
1588 NOB = sFlash2xWrite.numOfBytes;
1590 if (NOB > Adapter->uiSectorSize)
1591 BuffSize = Adapter->uiSectorSize;
1592 else
1593 BuffSize = NOB;
1595 pWriteBuff = kmalloc(BuffSize, GFP_KERNEL);
1597 if (pWriteBuff == NULL)
1598 return -ENOMEM;
1600 /* extracting the remainder of the given offset. */
1601 WriteBytes = Adapter->uiSectorSize;
1602 if (WriteOffset % Adapter->uiSectorSize)
1603 WriteBytes = Adapter->uiSectorSize - (WriteOffset % Adapter->uiSectorSize);
1605 if (NOB < WriteBytes)
1606 WriteBytes = NOB;
1608 down(&Adapter->NVMRdmWrmLock);
1610 if ((Adapter->IdleMode == TRUE) ||
1611 (Adapter->bShutStatus == TRUE) ||
1612 (Adapter->bPreparingForLowPowerMode == TRUE)) {
1614 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "Device is in Idle/Shutdown Mode\n");
1615 up(&Adapter->NVMRdmWrmLock);
1616 kfree(pWriteBuff);
1617 return -EACCES;
1620 BcmFlash2xCorruptSig(Adapter, sFlash2xWrite.Section);
1621 do {
1622 Status = copy_from_user(pWriteBuff, InputAddr, WriteBytes);
1623 if (Status) {
1624 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "Copy to user failed with status :%d", Status);
1625 up(&Adapter->NVMRdmWrmLock);
1626 kfree(pWriteBuff);
1627 return -EFAULT;
1629 BCM_DEBUG_PRINT_BUFFER(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, pWriteBuff, WriteBytes);
1631 /* Writing the data from Flash 2.x */
1632 Status = BcmFlash2xBulkWrite(Adapter, (PUINT)pWriteBuff, sFlash2xWrite.Section, WriteOffset, WriteBytes, sFlash2xWrite.bVerify);
1634 if (Status) {
1635 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "Flash 2x read err with Status :%d", Status);
1636 break;
1639 NOB = NOB - WriteBytes;
1640 if (NOB) {
1641 WriteOffset = WriteOffset + WriteBytes;
1642 InputAddr = InputAddr + WriteBytes;
1643 if (NOB > Adapter->uiSectorSize)
1644 WriteBytes = Adapter->uiSectorSize;
1645 else
1646 WriteBytes = NOB;
1648 } while (NOB > 0);
1650 BcmFlash2xWriteSig(Adapter, sFlash2xWrite.Section);
1651 up(&Adapter->NVMRdmWrmLock);
1652 kfree(pWriteBuff);
1654 break;
1656 case IOCTL_BCM_GET_FLASH2X_SECTION_BITMAP: {
1657 struct bcm_flash2x_bitmap *psFlash2xBitMap;
1658 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "IOCTL_BCM_GET_FLASH2X_SECTION_BITMAP Called");
1660 if (copy_from_user(&IoBuffer, argp, sizeof(struct bcm_ioctl_buffer)))
1661 return -EFAULT;
1663 if (IoBuffer.OutputLength != sizeof(struct bcm_flash2x_bitmap))
1664 return -EINVAL;
1666 psFlash2xBitMap = kzalloc(sizeof(struct bcm_flash2x_bitmap), GFP_KERNEL);
1667 if (psFlash2xBitMap == NULL) {
1668 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "Memory is not available");
1669 return -ENOMEM;
1672 /* Reading the Flash Sectio Bit map */
1673 down(&Adapter->NVMRdmWrmLock);
1675 if ((Adapter->IdleMode == TRUE) ||
1676 (Adapter->bShutStatus == TRUE) ||
1677 (Adapter->bPreparingForLowPowerMode == TRUE)) {
1679 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "Device is in Idle/Shutdown Mode\n");
1680 up(&Adapter->NVMRdmWrmLock);
1681 kfree(psFlash2xBitMap);
1682 return -EACCES;
1685 BcmGetFlash2xSectionalBitMap(Adapter, psFlash2xBitMap);
1686 up(&Adapter->NVMRdmWrmLock);
1687 if (copy_to_user(IoBuffer.OutputBuffer, psFlash2xBitMap, sizeof(struct bcm_flash2x_bitmap))) {
1688 kfree(psFlash2xBitMap);
1689 return -EFAULT;
1692 kfree(psFlash2xBitMap);
1694 break;
1696 case IOCTL_BCM_SET_ACTIVE_SECTION: {
1697 enum bcm_flash2x_section_val eFlash2xSectionVal = 0;
1698 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "IOCTL_BCM_SET_ACTIVE_SECTION Called");
1700 if (IsFlash2x(Adapter) != TRUE) {
1701 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "Flash Does not have 2.x map");
1702 return -EINVAL;
1705 Status = copy_from_user(&IoBuffer, argp, sizeof(struct bcm_ioctl_buffer));
1706 if (Status) {
1707 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "Copy of IOCTL BUFFER failed");
1708 return -EFAULT;
1711 Status = copy_from_user(&eFlash2xSectionVal, IoBuffer.InputBuffer, sizeof(INT));
1712 if (Status) {
1713 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "Copy of flash section val failed");
1714 return -EFAULT;
1717 down(&Adapter->NVMRdmWrmLock);
1719 if ((Adapter->IdleMode == TRUE) ||
1720 (Adapter->bShutStatus == TRUE) ||
1721 (Adapter->bPreparingForLowPowerMode == TRUE)) {
1723 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "Device is in Idle/Shutdown Mode\n");
1724 up(&Adapter->NVMRdmWrmLock);
1725 return -EACCES;
1728 Status = BcmSetActiveSection(Adapter, eFlash2xSectionVal);
1729 if (Status)
1730 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "Failed to make it's priority Highest. Status %d", Status);
1732 up(&Adapter->NVMRdmWrmLock);
1734 break;
1736 case IOCTL_BCM_IDENTIFY_ACTIVE_SECTION: {
1737 /* Right Now we are taking care of only DSD */
1738 Adapter->bAllDSDWriteAllow = false;
1739 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "IOCTL_BCM_IDENTIFY_ACTIVE_SECTION called");
1740 Status = STATUS_SUCCESS;
1742 break;
1744 case IOCTL_BCM_COPY_SECTION: {
1745 struct bcm_flash2x_copy_section sCopySectStrut = {0};
1746 Status = STATUS_SUCCESS;
1747 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "IOCTL_BCM_COPY_SECTION Called");
1749 Adapter->bAllDSDWriteAllow = false;
1750 if (IsFlash2x(Adapter) != TRUE) {
1751 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "Flash Does not have 2.x map");
1752 return -EINVAL;
1755 Status = copy_from_user(&IoBuffer, argp, sizeof(struct bcm_ioctl_buffer));
1756 if (Status) {
1757 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "Copy of IOCTL BUFFER failed Status :%d", Status);
1758 return -EFAULT;
1761 Status = copy_from_user(&sCopySectStrut, IoBuffer.InputBuffer, sizeof(struct bcm_flash2x_copy_section));
1762 if (Status) {
1763 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "Copy of Copy_Section_Struct failed with Status :%d", Status);
1764 return -EFAULT;
1767 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "Source SEction :%x", sCopySectStrut.SrcSection);
1768 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "Destination SEction :%x", sCopySectStrut.DstSection);
1769 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "offset :%x", sCopySectStrut.offset);
1770 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "NOB :%x", sCopySectStrut.numOfBytes);
1772 if (IsSectionExistInFlash(Adapter, sCopySectStrut.SrcSection) == false) {
1773 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "Source Section<%x> does not exist in Flash ", sCopySectStrut.SrcSection);
1774 return -EINVAL;
1777 if (IsSectionExistInFlash(Adapter, sCopySectStrut.DstSection) == false) {
1778 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "Destinatio Section<%x> does not exist in Flash ", sCopySectStrut.DstSection);
1779 return -EINVAL;
1782 if (sCopySectStrut.SrcSection == sCopySectStrut.DstSection) {
1783 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "Source and Destination section should be different");
1784 return -EINVAL;
1787 down(&Adapter->NVMRdmWrmLock);
1789 if ((Adapter->IdleMode == TRUE) ||
1790 (Adapter->bShutStatus == TRUE) ||
1791 (Adapter->bPreparingForLowPowerMode == TRUE)) {
1793 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "Device is in Idle/Shutdown Mode\n");
1794 up(&Adapter->NVMRdmWrmLock);
1795 return -EACCES;
1798 if (sCopySectStrut.SrcSection == ISO_IMAGE1 || sCopySectStrut.SrcSection == ISO_IMAGE2) {
1799 if (IsNonCDLessDevice(Adapter)) {
1800 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "Device is Non-CDLess hence won't have ISO !!");
1801 Status = -EINVAL;
1802 } else if (sCopySectStrut.numOfBytes == 0) {
1803 Status = BcmCopyISO(Adapter, sCopySectStrut);
1804 } else {
1805 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "Partial Copy of ISO section is not Allowed..");
1806 Status = STATUS_FAILURE;
1808 up(&Adapter->NVMRdmWrmLock);
1809 return Status;
1812 Status = BcmCopySection(Adapter, sCopySectStrut.SrcSection,
1813 sCopySectStrut.DstSection, sCopySectStrut.offset, sCopySectStrut.numOfBytes);
1814 up(&Adapter->NVMRdmWrmLock);
1816 break;
1818 case IOCTL_BCM_GET_FLASH_CS_INFO: {
1819 Status = STATUS_SUCCESS;
1820 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, " IOCTL_BCM_GET_FLASH_CS_INFO Called");
1822 Status = copy_from_user(&IoBuffer, argp, sizeof(struct bcm_ioctl_buffer));
1823 if (Status) {
1824 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "Copy of IOCTL BUFFER failed");
1825 return -EFAULT;
1828 if (Adapter->eNVMType != NVM_FLASH) {
1829 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "Connected device does not have flash");
1830 Status = -EINVAL;
1831 break;
1834 if (IsFlash2x(Adapter) == TRUE) {
1835 if (IoBuffer.OutputLength < sizeof(struct bcm_flash2x_cs_info))
1836 return -EINVAL;
1838 if (copy_to_user(IoBuffer.OutputBuffer, Adapter->psFlash2xCSInfo, sizeof(struct bcm_flash2x_cs_info)))
1839 return -EFAULT;
1840 } else {
1841 if (IoBuffer.OutputLength < sizeof(struct bcm_flash_cs_info))
1842 return -EINVAL;
1844 if (copy_to_user(IoBuffer.OutputBuffer, Adapter->psFlashCSInfo, sizeof(struct bcm_flash_cs_info)))
1845 return -EFAULT;
1848 break;
1850 case IOCTL_BCM_SELECT_DSD: {
1851 UINT SectOfset = 0;
1852 enum bcm_flash2x_section_val eFlash2xSectionVal;
1853 eFlash2xSectionVal = NO_SECTION_VAL;
1854 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "IOCTL_BCM_SELECT_DSD Called");
1856 if (IsFlash2x(Adapter) != TRUE) {
1857 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "Flash Does not have 2.x map");
1858 return -EINVAL;
1861 Status = copy_from_user(&IoBuffer, argp, sizeof(struct bcm_ioctl_buffer));
1862 if (Status) {
1863 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "Copy of IOCTL BUFFER failed");
1864 return -EFAULT;
1866 Status = copy_from_user(&eFlash2xSectionVal, IoBuffer.InputBuffer, sizeof(INT));
1867 if (Status) {
1868 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "Copy of flash section val failed");
1869 return -EFAULT;
1872 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "Read Section :%d", eFlash2xSectionVal);
1873 if ((eFlash2xSectionVal != DSD0) &&
1874 (eFlash2xSectionVal != DSD1) &&
1875 (eFlash2xSectionVal != DSD2)) {
1877 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "Passed section<%x> is not DSD section", eFlash2xSectionVal);
1878 return STATUS_FAILURE;
1881 SectOfset = BcmGetSectionValStartOffset(Adapter, eFlash2xSectionVal);
1882 if (SectOfset == INVALID_OFFSET) {
1883 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "Provided Section val <%d> does not exist in Flash 2.x", eFlash2xSectionVal);
1884 return -EINVAL;
1887 Adapter->bAllDSDWriteAllow = TRUE;
1888 Adapter->ulFlashCalStart = SectOfset;
1889 Adapter->eActiveDSD = eFlash2xSectionVal;
1891 Status = STATUS_SUCCESS;
1892 break;
1894 case IOCTL_BCM_NVM_RAW_READ: {
1895 struct bcm_nvm_readwrite stNVMRead;
1896 INT NOB;
1897 INT BuffSize;
1898 INT ReadOffset = 0;
1899 UINT ReadBytes = 0;
1900 PUCHAR pReadBuff;
1901 void __user *OutPutBuff;
1903 if (Adapter->eNVMType != NVM_FLASH) {
1904 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "NVM TYPE is not Flash");
1905 return -EINVAL;
1908 /* Copy Ioctl Buffer structure */
1909 if (copy_from_user(&IoBuffer, argp, sizeof(struct bcm_ioctl_buffer))) {
1910 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "copy_from_user 1 failed\n");
1911 return -EFAULT;
1914 if (copy_from_user(&stNVMRead, IoBuffer.OutputBuffer, sizeof(struct bcm_nvm_readwrite)))
1915 return -EFAULT;
1917 NOB = stNVMRead.uiNumBytes;
1918 /* In Raw-Read max Buff size : 64MB */
1920 if (NOB > DEFAULT_BUFF_SIZE)
1921 BuffSize = DEFAULT_BUFF_SIZE;
1922 else
1923 BuffSize = NOB;
1925 ReadOffset = stNVMRead.uiOffset;
1926 OutPutBuff = stNVMRead.pBuffer;
1928 pReadBuff = kzalloc(BuffSize , GFP_KERNEL);
1929 if (pReadBuff == NULL) {
1930 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "Memory allocation failed for Flash 2.x Read Structure");
1931 Status = -ENOMEM;
1932 break;
1934 down(&Adapter->NVMRdmWrmLock);
1936 if ((Adapter->IdleMode == TRUE) ||
1937 (Adapter->bShutStatus == TRUE) ||
1938 (Adapter->bPreparingForLowPowerMode == TRUE)) {
1940 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "Device is in Idle/Shutdown Mode\n");
1941 kfree(pReadBuff);
1942 up(&Adapter->NVMRdmWrmLock);
1943 return -EACCES;
1946 Adapter->bFlashRawRead = TRUE;
1948 while (NOB) {
1949 if (NOB > DEFAULT_BUFF_SIZE)
1950 ReadBytes = DEFAULT_BUFF_SIZE;
1951 else
1952 ReadBytes = NOB;
1954 /* Reading the data from Flash 2.x */
1955 Status = BeceemNVMRead(Adapter, (PUINT)pReadBuff, ReadOffset, ReadBytes);
1956 if (Status) {
1957 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "Flash 2x read err with Status :%d", Status);
1958 break;
1961 BCM_DEBUG_PRINT_BUFFER(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, pReadBuff, ReadBytes);
1963 Status = copy_to_user(OutPutBuff, pReadBuff, ReadBytes);
1964 if (Status) {
1965 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "Copy to use failed with status :%d", Status);
1966 up(&Adapter->NVMRdmWrmLock);
1967 kfree(pReadBuff);
1968 return -EFAULT;
1970 NOB = NOB - ReadBytes;
1971 if (NOB) {
1972 ReadOffset = ReadOffset + ReadBytes;
1973 OutPutBuff = OutPutBuff + ReadBytes;
1976 Adapter->bFlashRawRead = false;
1977 up(&Adapter->NVMRdmWrmLock);
1978 kfree(pReadBuff);
1979 break;
1982 case IOCTL_BCM_CNTRLMSG_MASK: {
1983 ULONG RxCntrlMsgBitMask = 0;
1985 /* Copy Ioctl Buffer structure */
1986 Status = copy_from_user(&IoBuffer, argp, sizeof(struct bcm_ioctl_buffer));
1987 if (Status) {
1988 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "copy of Ioctl buffer is failed from user space");
1989 return -EFAULT;
1992 if (IoBuffer.InputLength != sizeof(unsigned long)) {
1993 Status = -EINVAL;
1994 break;
1997 Status = copy_from_user(&RxCntrlMsgBitMask, IoBuffer.InputBuffer, IoBuffer.InputLength);
1998 if (Status) {
1999 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "copy of control bit mask failed from user space");
2000 return -EFAULT;
2002 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "\n Got user defined cntrl msg bit mask :%lx", RxCntrlMsgBitMask);
2003 pTarang->RxCntrlMsgBitMask = RxCntrlMsgBitMask;
2005 break;
2007 case IOCTL_BCM_GET_DEVICE_DRIVER_INFO: {
2008 struct bcm_driver_info DevInfo;
2010 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "Called IOCTL_BCM_GET_DEVICE_DRIVER_INFO\n");
2012 memset(&DevInfo, 0, sizeof(DevInfo));
2013 DevInfo.MaxRDMBufferSize = BUFFER_4K;
2014 DevInfo.u32DSDStartOffset = EEPROM_CALPARAM_START;
2015 DevInfo.u32RxAlignmentCorrection = 0;
2016 DevInfo.u32NVMType = Adapter->eNVMType;
2017 DevInfo.u32InterfaceType = BCM_USB;
2019 if (copy_from_user(&IoBuffer, argp, sizeof(struct bcm_ioctl_buffer)))
2020 return -EFAULT;
2022 if (IoBuffer.OutputLength < sizeof(DevInfo))
2023 return -EINVAL;
2025 if (copy_to_user(IoBuffer.OutputBuffer, &DevInfo, sizeof(DevInfo)))
2026 return -EFAULT;
2028 break;
2030 case IOCTL_BCM_TIME_SINCE_NET_ENTRY: {
2031 struct bcm_time_elapsed stTimeElapsedSinceNetEntry = {0};
2033 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "IOCTL_BCM_TIME_SINCE_NET_ENTRY called");
2035 if (copy_from_user(&IoBuffer, argp, sizeof(struct bcm_ioctl_buffer)))
2036 return -EFAULT;
2038 if (IoBuffer.OutputLength < sizeof(struct bcm_time_elapsed))
2039 return -EINVAL;
2041 stTimeElapsedSinceNetEntry.ul64TimeElapsedSinceNetEntry = get_seconds() - Adapter->liTimeSinceLastNetEntry;
2043 if (copy_to_user(IoBuffer.OutputBuffer, &stTimeElapsedSinceNetEntry, sizeof(struct bcm_time_elapsed)))
2044 return -EFAULT;
2046 break;
2048 case IOCTL_CLOSE_NOTIFICATION:
2049 BCM_DEBUG_PRINT(Adapter, DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "IOCTL_CLOSE_NOTIFICATION");
2050 break;
2052 default:
2053 pr_info(DRV_NAME ": unknown ioctl cmd=%#x\n", cmd);
2054 Status = STATUS_FAILURE;
2055 break;
2057 return Status;
2061 static const struct file_operations bcm_fops = {
2062 .owner = THIS_MODULE,
2063 .open = bcm_char_open,
2064 .release = bcm_char_release,
2065 .read = bcm_char_read,
2066 .unlocked_ioctl = bcm_char_ioctl,
2067 .llseek = no_llseek,
2070 int register_control_device_interface(struct bcm_mini_adapter *Adapter)
2073 if (Adapter->major > 0)
2074 return Adapter->major;
2076 Adapter->major = register_chrdev(0, DEV_NAME, &bcm_fops);
2077 if (Adapter->major < 0) {
2078 pr_err(DRV_NAME ": could not created character device\n");
2079 return Adapter->major;
2082 Adapter->pstCreatedClassDevice = device_create(bcm_class, NULL,
2083 MKDEV(Adapter->major, 0),
2084 Adapter, DEV_NAME);
2086 if (IS_ERR(Adapter->pstCreatedClassDevice)) {
2087 pr_err(DRV_NAME ": class device create failed\n");
2088 unregister_chrdev(Adapter->major, DEV_NAME);
2089 return PTR_ERR(Adapter->pstCreatedClassDevice);
2092 return 0;
2095 void unregister_control_device_interface(struct bcm_mini_adapter *Adapter)
2097 if (Adapter->major > 0) {
2098 device_destroy(bcm_class, MKDEV(Adapter->major, 0));
2099 unregister_chrdev(Adapter->major, DEV_NAME);