fs: use kmem_cache_zalloc instead
[pv_ops_mirror.git] / drivers / ieee1394 / raw1394.c
blobcadf0479cce54d7b0150aaa833114d2b9b8f2b7e
1 /*
2 * IEEE 1394 for Linux
4 * Raw interface to the bus
6 * Copyright (C) 1999, 2000 Andreas E. Bombe
7 * 2001, 2002 Manfred Weihs <weihs@ict.tuwien.ac.at>
8 * 2002 Christian Toegel <christian.toegel@gmx.at>
10 * This code is licensed under the GPL. See the file COPYING in the root
11 * directory of the kernel sources for details.
14 * Contributions:
16 * Manfred Weihs <weihs@ict.tuwien.ac.at>
17 * configuration ROM manipulation
18 * address range mapping
19 * adaptation for new (transparent) loopback mechanism
20 * sending of arbitrary async packets
21 * Christian Toegel <christian.toegel@gmx.at>
22 * address range mapping
23 * lock64 request
24 * transmit physical packet
25 * busreset notification control (switch on/off)
26 * busreset with selection of type (short/long)
27 * request_reply
30 #include <linux/kernel.h>
31 #include <linux/list.h>
32 #include <linux/string.h>
33 #include <linux/slab.h>
34 #include <linux/fs.h>
35 #include <linux/poll.h>
36 #include <linux/module.h>
37 #include <linux/init.h>
38 #include <linux/interrupt.h>
39 #include <linux/vmalloc.h>
40 #include <linux/cdev.h>
41 #include <asm/uaccess.h>
42 #include <asm/atomic.h>
43 #include <linux/compat.h>
45 #include "csr1212.h"
46 #include "highlevel.h"
47 #include "hosts.h"
48 #include "ieee1394.h"
49 #include "ieee1394_core.h"
50 #include "ieee1394_hotplug.h"
51 #include "ieee1394_transactions.h"
52 #include "ieee1394_types.h"
53 #include "iso.h"
54 #include "nodemgr.h"
55 #include "raw1394.h"
56 #include "raw1394-private.h"
58 #define int2ptr(x) ((void __user *)(unsigned long)x)
59 #define ptr2int(x) ((u64)(unsigned long)(void __user *)x)
61 #ifdef CONFIG_IEEE1394_VERBOSEDEBUG
62 #define RAW1394_DEBUG
63 #endif
65 #ifdef RAW1394_DEBUG
66 #define DBGMSG(fmt, args...) \
67 printk(KERN_INFO "raw1394:" fmt "\n" , ## args)
68 #else
69 #define DBGMSG(fmt, args...) do {} while (0)
70 #endif
72 static LIST_HEAD(host_info_list);
73 static int host_count;
74 static DEFINE_SPINLOCK(host_info_lock);
75 static atomic_t internal_generation = ATOMIC_INIT(0);
77 static atomic_t iso_buffer_size;
78 static const int iso_buffer_max = 4 * 1024 * 1024; /* 4 MB */
80 static struct hpsb_highlevel raw1394_highlevel;
82 static int arm_read(struct hpsb_host *host, int nodeid, quadlet_t * buffer,
83 u64 addr, size_t length, u16 flags);
84 static int arm_write(struct hpsb_host *host, int nodeid, int destid,
85 quadlet_t * data, u64 addr, size_t length, u16 flags);
86 static int arm_lock(struct hpsb_host *host, int nodeid, quadlet_t * store,
87 u64 addr, quadlet_t data, quadlet_t arg, int ext_tcode,
88 u16 flags);
89 static int arm_lock64(struct hpsb_host *host, int nodeid, octlet_t * store,
90 u64 addr, octlet_t data, octlet_t arg, int ext_tcode,
91 u16 flags);
92 static struct hpsb_address_ops arm_ops = {
93 .read = arm_read,
94 .write = arm_write,
95 .lock = arm_lock,
96 .lock64 = arm_lock64,
99 static void queue_complete_cb(struct pending_request *req);
101 static struct pending_request *__alloc_pending_request(gfp_t flags)
103 struct pending_request *req;
105 req = kzalloc(sizeof(*req), flags);
106 if (req)
107 INIT_LIST_HEAD(&req->list);
109 return req;
112 static inline struct pending_request *alloc_pending_request(void)
114 return __alloc_pending_request(GFP_KERNEL);
117 static void free_pending_request(struct pending_request *req)
119 if (req->ibs) {
120 if (atomic_dec_and_test(&req->ibs->refcount)) {
121 atomic_sub(req->ibs->data_size, &iso_buffer_size);
122 kfree(req->ibs);
124 } else if (req->free_data) {
125 kfree(req->data);
127 hpsb_free_packet(req->packet);
128 kfree(req);
131 /* fi->reqlists_lock must be taken */
132 static void __queue_complete_req(struct pending_request *req)
134 struct file_info *fi = req->file_info;
136 list_move_tail(&req->list, &fi->req_complete);
137 wake_up(&fi->wait_complete);
140 static void queue_complete_req(struct pending_request *req)
142 unsigned long flags;
143 struct file_info *fi = req->file_info;
145 spin_lock_irqsave(&fi->reqlists_lock, flags);
146 __queue_complete_req(req);
147 spin_unlock_irqrestore(&fi->reqlists_lock, flags);
150 static void queue_complete_cb(struct pending_request *req)
152 struct hpsb_packet *packet = req->packet;
153 int rcode = (packet->header[1] >> 12) & 0xf;
155 switch (packet->ack_code) {
156 case ACKX_NONE:
157 case ACKX_SEND_ERROR:
158 req->req.error = RAW1394_ERROR_SEND_ERROR;
159 break;
160 case ACKX_ABORTED:
161 req->req.error = RAW1394_ERROR_ABORTED;
162 break;
163 case ACKX_TIMEOUT:
164 req->req.error = RAW1394_ERROR_TIMEOUT;
165 break;
166 default:
167 req->req.error = (packet->ack_code << 16) | rcode;
168 break;
171 if (!((packet->ack_code == ACK_PENDING) && (rcode == RCODE_COMPLETE))) {
172 req->req.length = 0;
175 if ((req->req.type == RAW1394_REQ_ASYNC_READ) ||
176 (req->req.type == RAW1394_REQ_ASYNC_WRITE) ||
177 (req->req.type == RAW1394_REQ_ASYNC_STREAM) ||
178 (req->req.type == RAW1394_REQ_LOCK) ||
179 (req->req.type == RAW1394_REQ_LOCK64))
180 hpsb_free_tlabel(packet);
182 queue_complete_req(req);
185 static void add_host(struct hpsb_host *host)
187 struct host_info *hi;
188 unsigned long flags;
190 hi = kmalloc(sizeof(*hi), GFP_KERNEL);
192 if (hi) {
193 INIT_LIST_HEAD(&hi->list);
194 hi->host = host;
195 INIT_LIST_HEAD(&hi->file_info_list);
197 spin_lock_irqsave(&host_info_lock, flags);
198 list_add_tail(&hi->list, &host_info_list);
199 host_count++;
200 spin_unlock_irqrestore(&host_info_lock, flags);
203 atomic_inc(&internal_generation);
206 static struct host_info *find_host_info(struct hpsb_host *host)
208 struct host_info *hi;
210 list_for_each_entry(hi, &host_info_list, list)
211 if (hi->host == host)
212 return hi;
214 return NULL;
217 static void remove_host(struct hpsb_host *host)
219 struct host_info *hi;
220 unsigned long flags;
222 spin_lock_irqsave(&host_info_lock, flags);
223 hi = find_host_info(host);
225 if (hi != NULL) {
226 list_del(&hi->list);
227 host_count--;
229 FIXME: address ranges should be removed
230 and fileinfo states should be initialized
231 (including setting generation to
232 internal-generation ...)
235 spin_unlock_irqrestore(&host_info_lock, flags);
237 if (hi == NULL) {
238 printk(KERN_ERR "raw1394: attempt to remove unknown host "
239 "0x%p\n", host);
240 return;
243 kfree(hi);
245 atomic_inc(&internal_generation);
248 static void host_reset(struct hpsb_host *host)
250 unsigned long flags;
251 struct host_info *hi;
252 struct file_info *fi;
253 struct pending_request *req;
255 spin_lock_irqsave(&host_info_lock, flags);
256 hi = find_host_info(host);
258 if (hi != NULL) {
259 list_for_each_entry(fi, &hi->file_info_list, list) {
260 if (fi->notification == RAW1394_NOTIFY_ON) {
261 req = __alloc_pending_request(GFP_ATOMIC);
263 if (req != NULL) {
264 req->file_info = fi;
265 req->req.type = RAW1394_REQ_BUS_RESET;
266 req->req.generation =
267 get_hpsb_generation(host);
268 req->req.misc = (host->node_id << 16)
269 | host->node_count;
270 if (fi->protocol_version > 3) {
271 req->req.misc |=
272 (NODEID_TO_NODE
273 (host->irm_id)
274 << 8);
277 queue_complete_req(req);
282 spin_unlock_irqrestore(&host_info_lock, flags);
285 static void fcp_request(struct hpsb_host *host, int nodeid, int direction,
286 int cts, u8 * data, size_t length)
288 unsigned long flags;
289 struct host_info *hi;
290 struct file_info *fi;
291 struct pending_request *req, *req_next;
292 struct iso_block_store *ibs = NULL;
293 LIST_HEAD(reqs);
295 if ((atomic_read(&iso_buffer_size) + length) > iso_buffer_max) {
296 HPSB_INFO("dropped fcp request");
297 return;
300 spin_lock_irqsave(&host_info_lock, flags);
301 hi = find_host_info(host);
303 if (hi != NULL) {
304 list_for_each_entry(fi, &hi->file_info_list, list) {
305 if (!fi->fcp_buffer)
306 continue;
308 req = __alloc_pending_request(GFP_ATOMIC);
309 if (!req)
310 break;
312 if (!ibs) {
313 ibs = kmalloc(sizeof(*ibs) + length,
314 GFP_ATOMIC);
315 if (!ibs) {
316 kfree(req);
317 break;
320 atomic_add(length, &iso_buffer_size);
321 atomic_set(&ibs->refcount, 0);
322 ibs->data_size = length;
323 memcpy(ibs->data, data, length);
326 atomic_inc(&ibs->refcount);
328 req->file_info = fi;
329 req->ibs = ibs;
330 req->data = ibs->data;
331 req->req.type = RAW1394_REQ_FCP_REQUEST;
332 req->req.generation = get_hpsb_generation(host);
333 req->req.misc = nodeid | (direction << 16);
334 req->req.recvb = ptr2int(fi->fcp_buffer);
335 req->req.length = length;
337 list_add_tail(&req->list, &reqs);
340 spin_unlock_irqrestore(&host_info_lock, flags);
342 list_for_each_entry_safe(req, req_next, &reqs, list)
343 queue_complete_req(req);
346 #ifdef CONFIG_COMPAT
347 struct compat_raw1394_req {
348 __u32 type;
349 __s32 error;
350 __u32 misc;
352 __u32 generation;
353 __u32 length;
355 __u64 address;
357 __u64 tag;
359 __u64 sendb;
360 __u64 recvb;
362 #if defined(CONFIG_X86_64) || defined(CONFIG_IA64)
363 __attribute__((packed))
364 #endif
367 static const char __user *raw1394_compat_write(const char __user *buf)
369 struct compat_raw1394_req __user *cr = (typeof(cr)) buf;
370 struct raw1394_request __user *r;
371 r = compat_alloc_user_space(sizeof(struct raw1394_request));
373 #define C(x) __copy_in_user(&r->x, &cr->x, sizeof(r->x))
375 if (copy_in_user(r, cr, sizeof(struct compat_raw1394_req)) ||
376 C(address) ||
377 C(tag) ||
378 C(sendb) ||
379 C(recvb))
380 return ERR_PTR(-EFAULT);
381 return (const char __user *)r;
383 #undef C
385 #define P(x) __put_user(r->x, &cr->x)
387 static int
388 raw1394_compat_read(const char __user *buf, struct raw1394_request *r)
390 struct compat_raw1394_req __user *cr = (typeof(cr)) buf;
391 if (!access_ok(VERIFY_WRITE, cr, sizeof(struct compat_raw1394_req)) ||
392 P(type) ||
393 P(error) ||
394 P(misc) ||
395 P(generation) ||
396 P(length) ||
397 P(address) ||
398 P(tag) ||
399 P(sendb) ||
400 P(recvb))
401 return -EFAULT;
402 return sizeof(struct compat_raw1394_req);
404 #undef P
406 #endif
408 /* get next completed request (caller must hold fi->reqlists_lock) */
409 static inline struct pending_request *__next_complete_req(struct file_info *fi)
411 struct list_head *lh;
412 struct pending_request *req = NULL;
414 if (!list_empty(&fi->req_complete)) {
415 lh = fi->req_complete.next;
416 list_del(lh);
417 req = list_entry(lh, struct pending_request, list);
419 return req;
422 /* atomically get next completed request */
423 static struct pending_request *next_complete_req(struct file_info *fi)
425 unsigned long flags;
426 struct pending_request *req;
428 spin_lock_irqsave(&fi->reqlists_lock, flags);
429 req = __next_complete_req(fi);
430 spin_unlock_irqrestore(&fi->reqlists_lock, flags);
431 return req;
434 static ssize_t raw1394_read(struct file *file, char __user * buffer,
435 size_t count, loff_t * offset_is_ignored)
437 struct file_info *fi = (struct file_info *)file->private_data;
438 struct pending_request *req;
439 ssize_t ret;
441 #ifdef CONFIG_COMPAT
442 if (count == sizeof(struct compat_raw1394_req)) {
443 /* ok */
444 } else
445 #endif
446 if (count != sizeof(struct raw1394_request)) {
447 return -EINVAL;
450 if (!access_ok(VERIFY_WRITE, buffer, count)) {
451 return -EFAULT;
454 if (file->f_flags & O_NONBLOCK) {
455 if (!(req = next_complete_req(fi)))
456 return -EAGAIN;
457 } else {
459 * NB: We call the macro wait_event_interruptible() with a
460 * condition argument with side effect. This is only possible
461 * because the side effect does not occur until the condition
462 * became true, and wait_event_interruptible() won't evaluate
463 * the condition again after that.
465 if (wait_event_interruptible(fi->wait_complete,
466 (req = next_complete_req(fi))))
467 return -ERESTARTSYS;
470 if (req->req.length) {
471 if (copy_to_user(int2ptr(req->req.recvb), req->data,
472 req->req.length)) {
473 req->req.error = RAW1394_ERROR_MEMFAULT;
477 #ifdef CONFIG_COMPAT
478 if (count == sizeof(struct compat_raw1394_req) &&
479 sizeof(struct compat_raw1394_req) !=
480 sizeof(struct raw1394_request)) {
481 ret = raw1394_compat_read(buffer, &req->req);
482 } else
483 #endif
485 if (copy_to_user(buffer, &req->req, sizeof(req->req))) {
486 ret = -EFAULT;
487 goto out;
489 ret = (ssize_t) sizeof(struct raw1394_request);
491 out:
492 free_pending_request(req);
493 return ret;
496 static int state_opened(struct file_info *fi, struct pending_request *req)
498 if (req->req.type == RAW1394_REQ_INITIALIZE) {
499 switch (req->req.misc) {
500 case RAW1394_KERNELAPI_VERSION:
501 case 3:
502 fi->state = initialized;
503 fi->protocol_version = req->req.misc;
504 req->req.error = RAW1394_ERROR_NONE;
505 req->req.generation = atomic_read(&internal_generation);
506 break;
508 default:
509 req->req.error = RAW1394_ERROR_COMPAT;
510 req->req.misc = RAW1394_KERNELAPI_VERSION;
512 } else {
513 req->req.error = RAW1394_ERROR_STATE_ORDER;
516 req->req.length = 0;
517 queue_complete_req(req);
518 return 0;
521 static int state_initialized(struct file_info *fi, struct pending_request *req)
523 unsigned long flags;
524 struct host_info *hi;
525 struct raw1394_khost_list *khl;
527 if (req->req.generation != atomic_read(&internal_generation)) {
528 req->req.error = RAW1394_ERROR_GENERATION;
529 req->req.generation = atomic_read(&internal_generation);
530 req->req.length = 0;
531 queue_complete_req(req);
532 return 0;
535 switch (req->req.type) {
536 case RAW1394_REQ_LIST_CARDS:
537 spin_lock_irqsave(&host_info_lock, flags);
538 khl = kmalloc(sizeof(*khl) * host_count, GFP_ATOMIC);
540 if (khl) {
541 req->req.misc = host_count;
542 req->data = (quadlet_t *) khl;
544 list_for_each_entry(hi, &host_info_list, list) {
545 khl->nodes = hi->host->node_count;
546 strcpy(khl->name, hi->host->driver->name);
547 khl++;
550 spin_unlock_irqrestore(&host_info_lock, flags);
552 if (khl) {
553 req->req.error = RAW1394_ERROR_NONE;
554 req->req.length = min(req->req.length,
555 (u32) (sizeof
556 (struct raw1394_khost_list)
557 * req->req.misc));
558 req->free_data = 1;
559 } else {
560 return -ENOMEM;
562 break;
564 case RAW1394_REQ_SET_CARD:
565 spin_lock_irqsave(&host_info_lock, flags);
566 if (req->req.misc >= host_count) {
567 req->req.error = RAW1394_ERROR_INVALID_ARG;
568 goto out_set_card;
570 list_for_each_entry(hi, &host_info_list, list)
571 if (!req->req.misc--)
572 break;
573 get_device(&hi->host->device); /* FIXME handle failure case */
574 list_add_tail(&fi->list, &hi->file_info_list);
576 /* prevent unloading of the host's low-level driver */
577 if (!try_module_get(hi->host->driver->owner)) {
578 req->req.error = RAW1394_ERROR_ABORTED;
579 goto out_set_card;
581 WARN_ON(fi->host);
582 fi->host = hi->host;
583 fi->state = connected;
585 req->req.error = RAW1394_ERROR_NONE;
586 req->req.generation = get_hpsb_generation(fi->host);
587 req->req.misc = (fi->host->node_id << 16)
588 | fi->host->node_count;
589 if (fi->protocol_version > 3)
590 req->req.misc |= NODEID_TO_NODE(fi->host->irm_id) << 8;
591 out_set_card:
592 spin_unlock_irqrestore(&host_info_lock, flags);
594 req->req.length = 0;
595 break;
597 default:
598 req->req.error = RAW1394_ERROR_STATE_ORDER;
599 req->req.length = 0;
600 break;
603 queue_complete_req(req);
604 return 0;
607 static void handle_fcp_listen(struct file_info *fi, struct pending_request *req)
609 if (req->req.misc) {
610 if (fi->fcp_buffer) {
611 req->req.error = RAW1394_ERROR_ALREADY;
612 } else {
613 fi->fcp_buffer = int2ptr(req->req.recvb);
615 } else {
616 if (!fi->fcp_buffer) {
617 req->req.error = RAW1394_ERROR_ALREADY;
618 } else {
619 fi->fcp_buffer = NULL;
623 req->req.length = 0;
624 queue_complete_req(req);
627 static int handle_async_request(struct file_info *fi,
628 struct pending_request *req, int node)
630 unsigned long flags;
631 struct hpsb_packet *packet = NULL;
632 u64 addr = req->req.address & 0xffffffffffffULL;
634 switch (req->req.type) {
635 case RAW1394_REQ_ASYNC_READ:
636 DBGMSG("read_request called");
637 packet =
638 hpsb_make_readpacket(fi->host, node, addr, req->req.length);
640 if (!packet)
641 return -ENOMEM;
643 if (req->req.length == 4)
644 req->data = &packet->header[3];
645 else
646 req->data = packet->data;
648 break;
650 case RAW1394_REQ_ASYNC_WRITE:
651 DBGMSG("write_request called");
653 packet = hpsb_make_writepacket(fi->host, node, addr, NULL,
654 req->req.length);
655 if (!packet)
656 return -ENOMEM;
658 if (req->req.length == 4) {
659 if (copy_from_user
660 (&packet->header[3], int2ptr(req->req.sendb),
661 req->req.length))
662 req->req.error = RAW1394_ERROR_MEMFAULT;
663 } else {
664 if (copy_from_user
665 (packet->data, int2ptr(req->req.sendb),
666 req->req.length))
667 req->req.error = RAW1394_ERROR_MEMFAULT;
670 req->req.length = 0;
671 break;
673 case RAW1394_REQ_ASYNC_STREAM:
674 DBGMSG("stream_request called");
676 packet =
677 hpsb_make_streampacket(fi->host, NULL, req->req.length,
678 node & 0x3f /*channel */ ,
679 (req->req.misc >> 16) & 0x3,
680 req->req.misc & 0xf);
681 if (!packet)
682 return -ENOMEM;
684 if (copy_from_user(packet->data, int2ptr(req->req.sendb),
685 req->req.length))
686 req->req.error = RAW1394_ERROR_MEMFAULT;
688 req->req.length = 0;
689 break;
691 case RAW1394_REQ_LOCK:
692 DBGMSG("lock_request called");
693 if ((req->req.misc == EXTCODE_FETCH_ADD)
694 || (req->req.misc == EXTCODE_LITTLE_ADD)) {
695 if (req->req.length != 4) {
696 req->req.error = RAW1394_ERROR_INVALID_ARG;
697 break;
699 } else {
700 if (req->req.length != 8) {
701 req->req.error = RAW1394_ERROR_INVALID_ARG;
702 break;
706 packet = hpsb_make_lockpacket(fi->host, node, addr,
707 req->req.misc, NULL, 0);
708 if (!packet)
709 return -ENOMEM;
711 if (copy_from_user(packet->data, int2ptr(req->req.sendb),
712 req->req.length)) {
713 req->req.error = RAW1394_ERROR_MEMFAULT;
714 break;
717 req->data = packet->data;
718 req->req.length = 4;
719 break;
721 case RAW1394_REQ_LOCK64:
722 DBGMSG("lock64_request called");
723 if ((req->req.misc == EXTCODE_FETCH_ADD)
724 || (req->req.misc == EXTCODE_LITTLE_ADD)) {
725 if (req->req.length != 8) {
726 req->req.error = RAW1394_ERROR_INVALID_ARG;
727 break;
729 } else {
730 if (req->req.length != 16) {
731 req->req.error = RAW1394_ERROR_INVALID_ARG;
732 break;
735 packet = hpsb_make_lock64packet(fi->host, node, addr,
736 req->req.misc, NULL, 0);
737 if (!packet)
738 return -ENOMEM;
740 if (copy_from_user(packet->data, int2ptr(req->req.sendb),
741 req->req.length)) {
742 req->req.error = RAW1394_ERROR_MEMFAULT;
743 break;
746 req->data = packet->data;
747 req->req.length = 8;
748 break;
750 default:
751 req->req.error = RAW1394_ERROR_STATE_ORDER;
754 req->packet = packet;
756 if (req->req.error) {
757 req->req.length = 0;
758 queue_complete_req(req);
759 return 0;
762 hpsb_set_packet_complete_task(packet,
763 (void (*)(void *))queue_complete_cb, req);
765 spin_lock_irqsave(&fi->reqlists_lock, flags);
766 list_add_tail(&req->list, &fi->req_pending);
767 spin_unlock_irqrestore(&fi->reqlists_lock, flags);
769 packet->generation = req->req.generation;
771 if (hpsb_send_packet(packet) < 0) {
772 req->req.error = RAW1394_ERROR_SEND_ERROR;
773 req->req.length = 0;
774 hpsb_free_tlabel(packet);
775 queue_complete_req(req);
777 return 0;
780 static int handle_async_send(struct file_info *fi, struct pending_request *req)
782 unsigned long flags;
783 struct hpsb_packet *packet;
784 int header_length = req->req.misc & 0xffff;
785 int expect_response = req->req.misc >> 16;
786 size_t data_size;
788 if (header_length > req->req.length || header_length < 12 ||
789 header_length > FIELD_SIZEOF(struct hpsb_packet, header)) {
790 req->req.error = RAW1394_ERROR_INVALID_ARG;
791 req->req.length = 0;
792 queue_complete_req(req);
793 return 0;
796 data_size = req->req.length - header_length;
797 packet = hpsb_alloc_packet(data_size);
798 req->packet = packet;
799 if (!packet)
800 return -ENOMEM;
802 if (copy_from_user(packet->header, int2ptr(req->req.sendb),
803 header_length)) {
804 req->req.error = RAW1394_ERROR_MEMFAULT;
805 req->req.length = 0;
806 queue_complete_req(req);
807 return 0;
810 if (copy_from_user
811 (packet->data, int2ptr(req->req.sendb) + header_length,
812 data_size)) {
813 req->req.error = RAW1394_ERROR_MEMFAULT;
814 req->req.length = 0;
815 queue_complete_req(req);
816 return 0;
819 packet->type = hpsb_async;
820 packet->node_id = packet->header[0] >> 16;
821 packet->tcode = (packet->header[0] >> 4) & 0xf;
822 packet->tlabel = (packet->header[0] >> 10) & 0x3f;
823 packet->host = fi->host;
824 packet->expect_response = expect_response;
825 packet->header_size = header_length;
826 packet->data_size = data_size;
828 req->req.length = 0;
829 hpsb_set_packet_complete_task(packet,
830 (void (*)(void *))queue_complete_cb, req);
832 spin_lock_irqsave(&fi->reqlists_lock, flags);
833 list_add_tail(&req->list, &fi->req_pending);
834 spin_unlock_irqrestore(&fi->reqlists_lock, flags);
836 /* Update the generation of the packet just before sending. */
837 packet->generation = req->req.generation;
839 if (hpsb_send_packet(packet) < 0) {
840 req->req.error = RAW1394_ERROR_SEND_ERROR;
841 queue_complete_req(req);
844 return 0;
847 static int arm_read(struct hpsb_host *host, int nodeid, quadlet_t * buffer,
848 u64 addr, size_t length, u16 flags)
850 unsigned long irqflags;
851 struct pending_request *req;
852 struct host_info *hi;
853 struct file_info *fi = NULL;
854 struct list_head *entry;
855 struct arm_addr *arm_addr = NULL;
856 struct arm_request *arm_req = NULL;
857 struct arm_response *arm_resp = NULL;
858 int found = 0, size = 0, rcode = -1;
859 struct arm_request_response *arm_req_resp = NULL;
861 DBGMSG("arm_read called by node: %X"
862 "addr: %4.4x %8.8x length: %Zu", nodeid,
863 (u16) ((addr >> 32) & 0xFFFF), (u32) (addr & 0xFFFFFFFF),
864 length);
865 spin_lock_irqsave(&host_info_lock, irqflags);
866 hi = find_host_info(host); /* search address-entry */
867 if (hi != NULL) {
868 list_for_each_entry(fi, &hi->file_info_list, list) {
869 entry = fi->addr_list.next;
870 while (entry != &(fi->addr_list)) {
871 arm_addr =
872 list_entry(entry, struct arm_addr,
873 addr_list);
874 if (((arm_addr->start) <= (addr))
875 && ((arm_addr->end) >= (addr + length))) {
876 found = 1;
877 break;
879 entry = entry->next;
881 if (found) {
882 break;
886 rcode = -1;
887 if (!found) {
888 printk(KERN_ERR "raw1394: arm_read FAILED addr_entry not found"
889 " -> rcode_address_error\n");
890 spin_unlock_irqrestore(&host_info_lock, irqflags);
891 return (RCODE_ADDRESS_ERROR);
892 } else {
893 DBGMSG("arm_read addr_entry FOUND");
895 if (arm_addr->rec_length < length) {
896 DBGMSG("arm_read blocklength too big -> rcode_data_error");
897 rcode = RCODE_DATA_ERROR; /* hardware error, data is unavailable */
899 if (rcode == -1) {
900 if (arm_addr->access_rights & ARM_READ) {
901 if (!(arm_addr->client_transactions & ARM_READ)) {
902 memcpy(buffer,
903 (arm_addr->addr_space_buffer) + (addr -
904 (arm_addr->
905 start)),
906 length);
907 DBGMSG("arm_read -> (rcode_complete)");
908 rcode = RCODE_COMPLETE;
910 } else {
911 rcode = RCODE_TYPE_ERROR; /* function not allowed */
912 DBGMSG("arm_read -> rcode_type_error (access denied)");
915 if (arm_addr->notification_options & ARM_READ) {
916 DBGMSG("arm_read -> entering notification-section");
917 req = __alloc_pending_request(GFP_ATOMIC);
918 if (!req) {
919 DBGMSG("arm_read -> rcode_conflict_error");
920 spin_unlock_irqrestore(&host_info_lock, irqflags);
921 return (RCODE_CONFLICT_ERROR); /* A resource conflict was detected.
922 The request may be retried */
924 if (rcode == RCODE_COMPLETE) {
925 size =
926 sizeof(struct arm_request) +
927 sizeof(struct arm_response) +
928 length * sizeof(byte_t) +
929 sizeof(struct arm_request_response);
930 } else {
931 size =
932 sizeof(struct arm_request) +
933 sizeof(struct arm_response) +
934 sizeof(struct arm_request_response);
936 req->data = kmalloc(size, GFP_ATOMIC);
937 if (!(req->data)) {
938 free_pending_request(req);
939 DBGMSG("arm_read -> rcode_conflict_error");
940 spin_unlock_irqrestore(&host_info_lock, irqflags);
941 return (RCODE_CONFLICT_ERROR); /* A resource conflict was detected.
942 The request may be retried */
944 req->free_data = 1;
945 req->file_info = fi;
946 req->req.type = RAW1394_REQ_ARM;
947 req->req.generation = get_hpsb_generation(host);
948 req->req.misc =
949 (((length << 16) & (0xFFFF0000)) | (ARM_READ & 0xFF));
950 req->req.tag = arm_addr->arm_tag;
951 req->req.recvb = arm_addr->recvb;
952 req->req.length = size;
953 arm_req_resp = (struct arm_request_response *)(req->data);
954 arm_req = (struct arm_request *)((byte_t *) (req->data) +
955 (sizeof
956 (struct
957 arm_request_response)));
958 arm_resp =
959 (struct arm_response *)((byte_t *) (arm_req) +
960 (sizeof(struct arm_request)));
961 arm_req->buffer = NULL;
962 arm_resp->buffer = NULL;
963 if (rcode == RCODE_COMPLETE) {
964 byte_t *buf =
965 (byte_t *) arm_resp + sizeof(struct arm_response);
966 memcpy(buf,
967 (arm_addr->addr_space_buffer) + (addr -
968 (arm_addr->
969 start)),
970 length);
971 arm_resp->buffer =
972 int2ptr((arm_addr->recvb) +
973 sizeof(struct arm_request_response) +
974 sizeof(struct arm_request) +
975 sizeof(struct arm_response));
977 arm_resp->buffer_length =
978 (rcode == RCODE_COMPLETE) ? length : 0;
979 arm_resp->response_code = rcode;
980 arm_req->buffer_length = 0;
981 arm_req->generation = req->req.generation;
982 arm_req->extended_transaction_code = 0;
983 arm_req->destination_offset = addr;
984 arm_req->source_nodeid = nodeid;
985 arm_req->destination_nodeid = host->node_id;
986 arm_req->tlabel = (flags >> 10) & 0x3f;
987 arm_req->tcode = (flags >> 4) & 0x0f;
988 arm_req_resp->request = int2ptr((arm_addr->recvb) +
989 sizeof(struct
990 arm_request_response));
991 arm_req_resp->response =
992 int2ptr((arm_addr->recvb) +
993 sizeof(struct arm_request_response) +
994 sizeof(struct arm_request));
995 queue_complete_req(req);
997 spin_unlock_irqrestore(&host_info_lock, irqflags);
998 return (rcode);
1001 static int arm_write(struct hpsb_host *host, int nodeid, int destid,
1002 quadlet_t * data, u64 addr, size_t length, u16 flags)
1004 unsigned long irqflags;
1005 struct pending_request *req;
1006 struct host_info *hi;
1007 struct file_info *fi = NULL;
1008 struct list_head *entry;
1009 struct arm_addr *arm_addr = NULL;
1010 struct arm_request *arm_req = NULL;
1011 struct arm_response *arm_resp = NULL;
1012 int found = 0, size = 0, rcode = -1, length_conflict = 0;
1013 struct arm_request_response *arm_req_resp = NULL;
1015 DBGMSG("arm_write called by node: %X"
1016 "addr: %4.4x %8.8x length: %Zu", nodeid,
1017 (u16) ((addr >> 32) & 0xFFFF), (u32) (addr & 0xFFFFFFFF),
1018 length);
1019 spin_lock_irqsave(&host_info_lock, irqflags);
1020 hi = find_host_info(host); /* search address-entry */
1021 if (hi != NULL) {
1022 list_for_each_entry(fi, &hi->file_info_list, list) {
1023 entry = fi->addr_list.next;
1024 while (entry != &(fi->addr_list)) {
1025 arm_addr =
1026 list_entry(entry, struct arm_addr,
1027 addr_list);
1028 if (((arm_addr->start) <= (addr))
1029 && ((arm_addr->end) >= (addr + length))) {
1030 found = 1;
1031 break;
1033 entry = entry->next;
1035 if (found) {
1036 break;
1040 rcode = -1;
1041 if (!found) {
1042 printk(KERN_ERR "raw1394: arm_write FAILED addr_entry not found"
1043 " -> rcode_address_error\n");
1044 spin_unlock_irqrestore(&host_info_lock, irqflags);
1045 return (RCODE_ADDRESS_ERROR);
1046 } else {
1047 DBGMSG("arm_write addr_entry FOUND");
1049 if (arm_addr->rec_length < length) {
1050 DBGMSG("arm_write blocklength too big -> rcode_data_error");
1051 length_conflict = 1;
1052 rcode = RCODE_DATA_ERROR; /* hardware error, data is unavailable */
1054 if (rcode == -1) {
1055 if (arm_addr->access_rights & ARM_WRITE) {
1056 if (!(arm_addr->client_transactions & ARM_WRITE)) {
1057 memcpy((arm_addr->addr_space_buffer) +
1058 (addr - (arm_addr->start)), data,
1059 length);
1060 DBGMSG("arm_write -> (rcode_complete)");
1061 rcode = RCODE_COMPLETE;
1063 } else {
1064 rcode = RCODE_TYPE_ERROR; /* function not allowed */
1065 DBGMSG("arm_write -> rcode_type_error (access denied)");
1068 if (arm_addr->notification_options & ARM_WRITE) {
1069 DBGMSG("arm_write -> entering notification-section");
1070 req = __alloc_pending_request(GFP_ATOMIC);
1071 if (!req) {
1072 DBGMSG("arm_write -> rcode_conflict_error");
1073 spin_unlock_irqrestore(&host_info_lock, irqflags);
1074 return (RCODE_CONFLICT_ERROR); /* A resource conflict was detected.
1075 The request my be retried */
1077 size =
1078 sizeof(struct arm_request) + sizeof(struct arm_response) +
1079 (length) * sizeof(byte_t) +
1080 sizeof(struct arm_request_response);
1081 req->data = kmalloc(size, GFP_ATOMIC);
1082 if (!(req->data)) {
1083 free_pending_request(req);
1084 DBGMSG("arm_write -> rcode_conflict_error");
1085 spin_unlock_irqrestore(&host_info_lock, irqflags);
1086 return (RCODE_CONFLICT_ERROR); /* A resource conflict was detected.
1087 The request may be retried */
1089 req->free_data = 1;
1090 req->file_info = fi;
1091 req->req.type = RAW1394_REQ_ARM;
1092 req->req.generation = get_hpsb_generation(host);
1093 req->req.misc =
1094 (((length << 16) & (0xFFFF0000)) | (ARM_WRITE & 0xFF));
1095 req->req.tag = arm_addr->arm_tag;
1096 req->req.recvb = arm_addr->recvb;
1097 req->req.length = size;
1098 arm_req_resp = (struct arm_request_response *)(req->data);
1099 arm_req = (struct arm_request *)((byte_t *) (req->data) +
1100 (sizeof
1101 (struct
1102 arm_request_response)));
1103 arm_resp =
1104 (struct arm_response *)((byte_t *) (arm_req) +
1105 (sizeof(struct arm_request)));
1106 arm_resp->buffer = NULL;
1107 memcpy((byte_t *) arm_resp + sizeof(struct arm_response),
1108 data, length);
1109 arm_req->buffer = int2ptr((arm_addr->recvb) +
1110 sizeof(struct arm_request_response) +
1111 sizeof(struct arm_request) +
1112 sizeof(struct arm_response));
1113 arm_req->buffer_length = length;
1114 arm_req->generation = req->req.generation;
1115 arm_req->extended_transaction_code = 0;
1116 arm_req->destination_offset = addr;
1117 arm_req->source_nodeid = nodeid;
1118 arm_req->destination_nodeid = destid;
1119 arm_req->tlabel = (flags >> 10) & 0x3f;
1120 arm_req->tcode = (flags >> 4) & 0x0f;
1121 arm_resp->buffer_length = 0;
1122 arm_resp->response_code = rcode;
1123 arm_req_resp->request = int2ptr((arm_addr->recvb) +
1124 sizeof(struct
1125 arm_request_response));
1126 arm_req_resp->response =
1127 int2ptr((arm_addr->recvb) +
1128 sizeof(struct arm_request_response) +
1129 sizeof(struct arm_request));
1130 queue_complete_req(req);
1132 spin_unlock_irqrestore(&host_info_lock, irqflags);
1133 return (rcode);
1136 static int arm_lock(struct hpsb_host *host, int nodeid, quadlet_t * store,
1137 u64 addr, quadlet_t data, quadlet_t arg, int ext_tcode,
1138 u16 flags)
1140 unsigned long irqflags;
1141 struct pending_request *req;
1142 struct host_info *hi;
1143 struct file_info *fi = NULL;
1144 struct list_head *entry;
1145 struct arm_addr *arm_addr = NULL;
1146 struct arm_request *arm_req = NULL;
1147 struct arm_response *arm_resp = NULL;
1148 int found = 0, size = 0, rcode = -1;
1149 quadlet_t old, new;
1150 struct arm_request_response *arm_req_resp = NULL;
1152 if (((ext_tcode & 0xFF) == EXTCODE_FETCH_ADD) ||
1153 ((ext_tcode & 0xFF) == EXTCODE_LITTLE_ADD)) {
1154 DBGMSG("arm_lock called by node: %X "
1155 "addr: %4.4x %8.8x extcode: %2.2X data: %8.8X",
1156 nodeid, (u16) ((addr >> 32) & 0xFFFF),
1157 (u32) (addr & 0xFFFFFFFF), ext_tcode & 0xFF,
1158 be32_to_cpu(data));
1159 } else {
1160 DBGMSG("arm_lock called by node: %X "
1161 "addr: %4.4x %8.8x extcode: %2.2X data: %8.8X arg: %8.8X",
1162 nodeid, (u16) ((addr >> 32) & 0xFFFF),
1163 (u32) (addr & 0xFFFFFFFF), ext_tcode & 0xFF,
1164 be32_to_cpu(data), be32_to_cpu(arg));
1166 spin_lock_irqsave(&host_info_lock, irqflags);
1167 hi = find_host_info(host); /* search address-entry */
1168 if (hi != NULL) {
1169 list_for_each_entry(fi, &hi->file_info_list, list) {
1170 entry = fi->addr_list.next;
1171 while (entry != &(fi->addr_list)) {
1172 arm_addr =
1173 list_entry(entry, struct arm_addr,
1174 addr_list);
1175 if (((arm_addr->start) <= (addr))
1176 && ((arm_addr->end) >=
1177 (addr + sizeof(*store)))) {
1178 found = 1;
1179 break;
1181 entry = entry->next;
1183 if (found) {
1184 break;
1188 rcode = -1;
1189 if (!found) {
1190 printk(KERN_ERR "raw1394: arm_lock FAILED addr_entry not found"
1191 " -> rcode_address_error\n");
1192 spin_unlock_irqrestore(&host_info_lock, irqflags);
1193 return (RCODE_ADDRESS_ERROR);
1194 } else {
1195 DBGMSG("arm_lock addr_entry FOUND");
1197 if (rcode == -1) {
1198 if (arm_addr->access_rights & ARM_LOCK) {
1199 if (!(arm_addr->client_transactions & ARM_LOCK)) {
1200 memcpy(&old,
1201 (arm_addr->addr_space_buffer) + (addr -
1202 (arm_addr->
1203 start)),
1204 sizeof(old));
1205 switch (ext_tcode) {
1206 case (EXTCODE_MASK_SWAP):
1207 new = data | (old & ~arg);
1208 break;
1209 case (EXTCODE_COMPARE_SWAP):
1210 if (old == arg) {
1211 new = data;
1212 } else {
1213 new = old;
1215 break;
1216 case (EXTCODE_FETCH_ADD):
1217 new =
1218 cpu_to_be32(be32_to_cpu(data) +
1219 be32_to_cpu(old));
1220 break;
1221 case (EXTCODE_LITTLE_ADD):
1222 new =
1223 cpu_to_le32(le32_to_cpu(data) +
1224 le32_to_cpu(old));
1225 break;
1226 case (EXTCODE_BOUNDED_ADD):
1227 if (old != arg) {
1228 new =
1229 cpu_to_be32(be32_to_cpu
1230 (data) +
1231 be32_to_cpu
1232 (old));
1233 } else {
1234 new = old;
1236 break;
1237 case (EXTCODE_WRAP_ADD):
1238 if (old != arg) {
1239 new =
1240 cpu_to_be32(be32_to_cpu
1241 (data) +
1242 be32_to_cpu
1243 (old));
1244 } else {
1245 new = data;
1247 break;
1248 default:
1249 rcode = RCODE_TYPE_ERROR; /* function not allowed */
1250 printk(KERN_ERR
1251 "raw1394: arm_lock FAILED "
1252 "ext_tcode not allowed -> rcode_type_error\n");
1253 break;
1254 } /*switch */
1255 if (rcode == -1) {
1256 DBGMSG("arm_lock -> (rcode_complete)");
1257 rcode = RCODE_COMPLETE;
1258 memcpy(store, &old, sizeof(*store));
1259 memcpy((arm_addr->addr_space_buffer) +
1260 (addr - (arm_addr->start)),
1261 &new, sizeof(*store));
1264 } else {
1265 rcode = RCODE_TYPE_ERROR; /* function not allowed */
1266 DBGMSG("arm_lock -> rcode_type_error (access denied)");
1269 if (arm_addr->notification_options & ARM_LOCK) {
1270 byte_t *buf1, *buf2;
1271 DBGMSG("arm_lock -> entering notification-section");
1272 req = __alloc_pending_request(GFP_ATOMIC);
1273 if (!req) {
1274 DBGMSG("arm_lock -> rcode_conflict_error");
1275 spin_unlock_irqrestore(&host_info_lock, irqflags);
1276 return (RCODE_CONFLICT_ERROR); /* A resource conflict was detected.
1277 The request may be retried */
1279 size = sizeof(struct arm_request) + sizeof(struct arm_response) + 3 * sizeof(*store) + sizeof(struct arm_request_response); /* maximum */
1280 req->data = kmalloc(size, GFP_ATOMIC);
1281 if (!(req->data)) {
1282 free_pending_request(req);
1283 DBGMSG("arm_lock -> rcode_conflict_error");
1284 spin_unlock_irqrestore(&host_info_lock, irqflags);
1285 return (RCODE_CONFLICT_ERROR); /* A resource conflict was detected.
1286 The request may be retried */
1288 req->free_data = 1;
1289 arm_req_resp = (struct arm_request_response *)(req->data);
1290 arm_req = (struct arm_request *)((byte_t *) (req->data) +
1291 (sizeof
1292 (struct
1293 arm_request_response)));
1294 arm_resp =
1295 (struct arm_response *)((byte_t *) (arm_req) +
1296 (sizeof(struct arm_request)));
1297 buf1 = (byte_t *) arm_resp + sizeof(struct arm_response);
1298 buf2 = buf1 + 2 * sizeof(*store);
1299 if ((ext_tcode == EXTCODE_FETCH_ADD) ||
1300 (ext_tcode == EXTCODE_LITTLE_ADD)) {
1301 arm_req->buffer_length = sizeof(*store);
1302 memcpy(buf1, &data, sizeof(*store));
1304 } else {
1305 arm_req->buffer_length = 2 * sizeof(*store);
1306 memcpy(buf1, &arg, sizeof(*store));
1307 memcpy(buf1 + sizeof(*store), &data, sizeof(*store));
1309 if (rcode == RCODE_COMPLETE) {
1310 arm_resp->buffer_length = sizeof(*store);
1311 memcpy(buf2, &old, sizeof(*store));
1312 } else {
1313 arm_resp->buffer_length = 0;
1315 req->file_info = fi;
1316 req->req.type = RAW1394_REQ_ARM;
1317 req->req.generation = get_hpsb_generation(host);
1318 req->req.misc = ((((sizeof(*store)) << 16) & (0xFFFF0000)) |
1319 (ARM_LOCK & 0xFF));
1320 req->req.tag = arm_addr->arm_tag;
1321 req->req.recvb = arm_addr->recvb;
1322 req->req.length = size;
1323 arm_req->generation = req->req.generation;
1324 arm_req->extended_transaction_code = ext_tcode;
1325 arm_req->destination_offset = addr;
1326 arm_req->source_nodeid = nodeid;
1327 arm_req->destination_nodeid = host->node_id;
1328 arm_req->tlabel = (flags >> 10) & 0x3f;
1329 arm_req->tcode = (flags >> 4) & 0x0f;
1330 arm_resp->response_code = rcode;
1331 arm_req_resp->request = int2ptr((arm_addr->recvb) +
1332 sizeof(struct
1333 arm_request_response));
1334 arm_req_resp->response =
1335 int2ptr((arm_addr->recvb) +
1336 sizeof(struct arm_request_response) +
1337 sizeof(struct arm_request));
1338 arm_req->buffer =
1339 int2ptr((arm_addr->recvb) +
1340 sizeof(struct arm_request_response) +
1341 sizeof(struct arm_request) +
1342 sizeof(struct arm_response));
1343 arm_resp->buffer =
1344 int2ptr((arm_addr->recvb) +
1345 sizeof(struct arm_request_response) +
1346 sizeof(struct arm_request) +
1347 sizeof(struct arm_response) + 2 * sizeof(*store));
1348 queue_complete_req(req);
1350 spin_unlock_irqrestore(&host_info_lock, irqflags);
1351 return (rcode);
1354 static int arm_lock64(struct hpsb_host *host, int nodeid, octlet_t * store,
1355 u64 addr, octlet_t data, octlet_t arg, int ext_tcode,
1356 u16 flags)
1358 unsigned long irqflags;
1359 struct pending_request *req;
1360 struct host_info *hi;
1361 struct file_info *fi = NULL;
1362 struct list_head *entry;
1363 struct arm_addr *arm_addr = NULL;
1364 struct arm_request *arm_req = NULL;
1365 struct arm_response *arm_resp = NULL;
1366 int found = 0, size = 0, rcode = -1;
1367 octlet_t old, new;
1368 struct arm_request_response *arm_req_resp = NULL;
1370 if (((ext_tcode & 0xFF) == EXTCODE_FETCH_ADD) ||
1371 ((ext_tcode & 0xFF) == EXTCODE_LITTLE_ADD)) {
1372 DBGMSG("arm_lock64 called by node: %X "
1373 "addr: %4.4x %8.8x extcode: %2.2X data: %8.8X %8.8X ",
1374 nodeid, (u16) ((addr >> 32) & 0xFFFF),
1375 (u32) (addr & 0xFFFFFFFF),
1376 ext_tcode & 0xFF,
1377 (u32) ((be64_to_cpu(data) >> 32) & 0xFFFFFFFF),
1378 (u32) (be64_to_cpu(data) & 0xFFFFFFFF));
1379 } else {
1380 DBGMSG("arm_lock64 called by node: %X "
1381 "addr: %4.4x %8.8x extcode: %2.2X data: %8.8X %8.8X arg: "
1382 "%8.8X %8.8X ",
1383 nodeid, (u16) ((addr >> 32) & 0xFFFF),
1384 (u32) (addr & 0xFFFFFFFF),
1385 ext_tcode & 0xFF,
1386 (u32) ((be64_to_cpu(data) >> 32) & 0xFFFFFFFF),
1387 (u32) (be64_to_cpu(data) & 0xFFFFFFFF),
1388 (u32) ((be64_to_cpu(arg) >> 32) & 0xFFFFFFFF),
1389 (u32) (be64_to_cpu(arg) & 0xFFFFFFFF));
1391 spin_lock_irqsave(&host_info_lock, irqflags);
1392 hi = find_host_info(host); /* search addressentry in file_info's for host */
1393 if (hi != NULL) {
1394 list_for_each_entry(fi, &hi->file_info_list, list) {
1395 entry = fi->addr_list.next;
1396 while (entry != &(fi->addr_list)) {
1397 arm_addr =
1398 list_entry(entry, struct arm_addr,
1399 addr_list);
1400 if (((arm_addr->start) <= (addr))
1401 && ((arm_addr->end) >=
1402 (addr + sizeof(*store)))) {
1403 found = 1;
1404 break;
1406 entry = entry->next;
1408 if (found) {
1409 break;
1413 rcode = -1;
1414 if (!found) {
1415 printk(KERN_ERR
1416 "raw1394: arm_lock64 FAILED addr_entry not found"
1417 " -> rcode_address_error\n");
1418 spin_unlock_irqrestore(&host_info_lock, irqflags);
1419 return (RCODE_ADDRESS_ERROR);
1420 } else {
1421 DBGMSG("arm_lock64 addr_entry FOUND");
1423 if (rcode == -1) {
1424 if (arm_addr->access_rights & ARM_LOCK) {
1425 if (!(arm_addr->client_transactions & ARM_LOCK)) {
1426 memcpy(&old,
1427 (arm_addr->addr_space_buffer) + (addr -
1428 (arm_addr->
1429 start)),
1430 sizeof(old));
1431 switch (ext_tcode) {
1432 case (EXTCODE_MASK_SWAP):
1433 new = data | (old & ~arg);
1434 break;
1435 case (EXTCODE_COMPARE_SWAP):
1436 if (old == arg) {
1437 new = data;
1438 } else {
1439 new = old;
1441 break;
1442 case (EXTCODE_FETCH_ADD):
1443 new =
1444 cpu_to_be64(be64_to_cpu(data) +
1445 be64_to_cpu(old));
1446 break;
1447 case (EXTCODE_LITTLE_ADD):
1448 new =
1449 cpu_to_le64(le64_to_cpu(data) +
1450 le64_to_cpu(old));
1451 break;
1452 case (EXTCODE_BOUNDED_ADD):
1453 if (old != arg) {
1454 new =
1455 cpu_to_be64(be64_to_cpu
1456 (data) +
1457 be64_to_cpu
1458 (old));
1459 } else {
1460 new = old;
1462 break;
1463 case (EXTCODE_WRAP_ADD):
1464 if (old != arg) {
1465 new =
1466 cpu_to_be64(be64_to_cpu
1467 (data) +
1468 be64_to_cpu
1469 (old));
1470 } else {
1471 new = data;
1473 break;
1474 default:
1475 printk(KERN_ERR
1476 "raw1394: arm_lock64 FAILED "
1477 "ext_tcode not allowed -> rcode_type_error\n");
1478 rcode = RCODE_TYPE_ERROR; /* function not allowed */
1479 break;
1480 } /*switch */
1481 if (rcode == -1) {
1482 DBGMSG
1483 ("arm_lock64 -> (rcode_complete)");
1484 rcode = RCODE_COMPLETE;
1485 memcpy(store, &old, sizeof(*store));
1486 memcpy((arm_addr->addr_space_buffer) +
1487 (addr - (arm_addr->start)),
1488 &new, sizeof(*store));
1491 } else {
1492 rcode = RCODE_TYPE_ERROR; /* function not allowed */
1493 DBGMSG
1494 ("arm_lock64 -> rcode_type_error (access denied)");
1497 if (arm_addr->notification_options & ARM_LOCK) {
1498 byte_t *buf1, *buf2;
1499 DBGMSG("arm_lock64 -> entering notification-section");
1500 req = __alloc_pending_request(GFP_ATOMIC);
1501 if (!req) {
1502 spin_unlock_irqrestore(&host_info_lock, irqflags);
1503 DBGMSG("arm_lock64 -> rcode_conflict_error");
1504 return (RCODE_CONFLICT_ERROR); /* A resource conflict was detected.
1505 The request may be retried */
1507 size = sizeof(struct arm_request) + sizeof(struct arm_response) + 3 * sizeof(*store) + sizeof(struct arm_request_response); /* maximum */
1508 req->data = kmalloc(size, GFP_ATOMIC);
1509 if (!(req->data)) {
1510 free_pending_request(req);
1511 spin_unlock_irqrestore(&host_info_lock, irqflags);
1512 DBGMSG("arm_lock64 -> rcode_conflict_error");
1513 return (RCODE_CONFLICT_ERROR); /* A resource conflict was detected.
1514 The request may be retried */
1516 req->free_data = 1;
1517 arm_req_resp = (struct arm_request_response *)(req->data);
1518 arm_req = (struct arm_request *)((byte_t *) (req->data) +
1519 (sizeof
1520 (struct
1521 arm_request_response)));
1522 arm_resp =
1523 (struct arm_response *)((byte_t *) (arm_req) +
1524 (sizeof(struct arm_request)));
1525 buf1 = (byte_t *) arm_resp + sizeof(struct arm_response);
1526 buf2 = buf1 + 2 * sizeof(*store);
1527 if ((ext_tcode == EXTCODE_FETCH_ADD) ||
1528 (ext_tcode == EXTCODE_LITTLE_ADD)) {
1529 arm_req->buffer_length = sizeof(*store);
1530 memcpy(buf1, &data, sizeof(*store));
1532 } else {
1533 arm_req->buffer_length = 2 * sizeof(*store);
1534 memcpy(buf1, &arg, sizeof(*store));
1535 memcpy(buf1 + sizeof(*store), &data, sizeof(*store));
1537 if (rcode == RCODE_COMPLETE) {
1538 arm_resp->buffer_length = sizeof(*store);
1539 memcpy(buf2, &old, sizeof(*store));
1540 } else {
1541 arm_resp->buffer_length = 0;
1543 req->file_info = fi;
1544 req->req.type = RAW1394_REQ_ARM;
1545 req->req.generation = get_hpsb_generation(host);
1546 req->req.misc = ((((sizeof(*store)) << 16) & (0xFFFF0000)) |
1547 (ARM_LOCK & 0xFF));
1548 req->req.tag = arm_addr->arm_tag;
1549 req->req.recvb = arm_addr->recvb;
1550 req->req.length = size;
1551 arm_req->generation = req->req.generation;
1552 arm_req->extended_transaction_code = ext_tcode;
1553 arm_req->destination_offset = addr;
1554 arm_req->source_nodeid = nodeid;
1555 arm_req->destination_nodeid = host->node_id;
1556 arm_req->tlabel = (flags >> 10) & 0x3f;
1557 arm_req->tcode = (flags >> 4) & 0x0f;
1558 arm_resp->response_code = rcode;
1559 arm_req_resp->request = int2ptr((arm_addr->recvb) +
1560 sizeof(struct
1561 arm_request_response));
1562 arm_req_resp->response =
1563 int2ptr((arm_addr->recvb) +
1564 sizeof(struct arm_request_response) +
1565 sizeof(struct arm_request));
1566 arm_req->buffer =
1567 int2ptr((arm_addr->recvb) +
1568 sizeof(struct arm_request_response) +
1569 sizeof(struct arm_request) +
1570 sizeof(struct arm_response));
1571 arm_resp->buffer =
1572 int2ptr((arm_addr->recvb) +
1573 sizeof(struct arm_request_response) +
1574 sizeof(struct arm_request) +
1575 sizeof(struct arm_response) + 2 * sizeof(*store));
1576 queue_complete_req(req);
1578 spin_unlock_irqrestore(&host_info_lock, irqflags);
1579 return (rcode);
1582 static int arm_register(struct file_info *fi, struct pending_request *req)
1584 int retval;
1585 struct arm_addr *addr;
1586 struct host_info *hi;
1587 struct file_info *fi_hlp = NULL;
1588 struct list_head *entry;
1589 struct arm_addr *arm_addr = NULL;
1590 int same_host, another_host;
1591 unsigned long flags;
1593 DBGMSG("arm_register called "
1594 "addr(Offset): %8.8x %8.8x length: %u "
1595 "rights: %2.2X notify: %2.2X "
1596 "max_blk_len: %4.4X",
1597 (u32) ((req->req.address >> 32) & 0xFFFF),
1598 (u32) (req->req.address & 0xFFFFFFFF),
1599 req->req.length, ((req->req.misc >> 8) & 0xFF),
1600 (req->req.misc & 0xFF), ((req->req.misc >> 16) & 0xFFFF));
1601 /* check addressrange */
1602 if ((((req->req.address) & ~(0xFFFFFFFFFFFFULL)) != 0) ||
1603 (((req->req.address + req->req.length) & ~(0xFFFFFFFFFFFFULL)) !=
1604 0)) {
1605 req->req.length = 0;
1606 return (-EINVAL);
1608 /* addr-list-entry for fileinfo */
1609 addr = kmalloc(sizeof(*addr), GFP_KERNEL);
1610 if (!addr) {
1611 req->req.length = 0;
1612 return (-ENOMEM);
1614 /* allocation of addr_space_buffer */
1615 addr->addr_space_buffer = vmalloc(req->req.length);
1616 if (!(addr->addr_space_buffer)) {
1617 kfree(addr);
1618 req->req.length = 0;
1619 return (-ENOMEM);
1621 /* initialization of addr_space_buffer */
1622 if ((req->req.sendb) == (unsigned long)NULL) {
1623 /* init: set 0 */
1624 memset(addr->addr_space_buffer, 0, req->req.length);
1625 } else {
1626 /* init: user -> kernel */
1627 if (copy_from_user
1628 (addr->addr_space_buffer, int2ptr(req->req.sendb),
1629 req->req.length)) {
1630 vfree(addr->addr_space_buffer);
1631 kfree(addr);
1632 return (-EFAULT);
1635 INIT_LIST_HEAD(&addr->addr_list);
1636 addr->arm_tag = req->req.tag;
1637 addr->start = req->req.address;
1638 addr->end = req->req.address + req->req.length;
1639 addr->access_rights = (u8) (req->req.misc & 0x0F);
1640 addr->notification_options = (u8) ((req->req.misc >> 4) & 0x0F);
1641 addr->client_transactions = (u8) ((req->req.misc >> 8) & 0x0F);
1642 addr->access_rights |= addr->client_transactions;
1643 addr->notification_options |= addr->client_transactions;
1644 addr->recvb = req->req.recvb;
1645 addr->rec_length = (u16) ((req->req.misc >> 16) & 0xFFFF);
1647 spin_lock_irqsave(&host_info_lock, flags);
1648 hi = find_host_info(fi->host);
1649 same_host = 0;
1650 another_host = 0;
1651 /* same host with address-entry containing same addressrange ? */
1652 list_for_each_entry(fi_hlp, &hi->file_info_list, list) {
1653 entry = fi_hlp->addr_list.next;
1654 while (entry != &(fi_hlp->addr_list)) {
1655 arm_addr =
1656 list_entry(entry, struct arm_addr, addr_list);
1657 if ((arm_addr->start == addr->start)
1658 && (arm_addr->end == addr->end)) {
1659 DBGMSG("same host ownes same "
1660 "addressrange -> EALREADY");
1661 same_host = 1;
1662 break;
1664 entry = entry->next;
1666 if (same_host) {
1667 break;
1670 if (same_host) {
1671 /* addressrange occupied by same host */
1672 spin_unlock_irqrestore(&host_info_lock, flags);
1673 vfree(addr->addr_space_buffer);
1674 kfree(addr);
1675 return (-EALREADY);
1677 /* another host with valid address-entry containing same addressrange */
1678 list_for_each_entry(hi, &host_info_list, list) {
1679 if (hi->host != fi->host) {
1680 list_for_each_entry(fi_hlp, &hi->file_info_list, list) {
1681 entry = fi_hlp->addr_list.next;
1682 while (entry != &(fi_hlp->addr_list)) {
1683 arm_addr =
1684 list_entry(entry, struct arm_addr,
1685 addr_list);
1686 if ((arm_addr->start == addr->start)
1687 && (arm_addr->end == addr->end)) {
1688 DBGMSG
1689 ("another host ownes same "
1690 "addressrange");
1691 another_host = 1;
1692 break;
1694 entry = entry->next;
1696 if (another_host) {
1697 break;
1702 spin_unlock_irqrestore(&host_info_lock, flags);
1704 if (another_host) {
1705 DBGMSG("another hosts entry is valid -> SUCCESS");
1706 if (copy_to_user(int2ptr(req->req.recvb),
1707 &addr->start, sizeof(u64))) {
1708 printk(KERN_ERR "raw1394: arm_register failed "
1709 " address-range-entry is invalid -> EFAULT !!!\n");
1710 vfree(addr->addr_space_buffer);
1711 kfree(addr);
1712 return (-EFAULT);
1714 free_pending_request(req); /* immediate success or fail */
1715 /* INSERT ENTRY */
1716 spin_lock_irqsave(&host_info_lock, flags);
1717 list_add_tail(&addr->addr_list, &fi->addr_list);
1718 spin_unlock_irqrestore(&host_info_lock, flags);
1719 return 0;
1721 retval =
1722 hpsb_register_addrspace(&raw1394_highlevel, fi->host, &arm_ops,
1723 req->req.address,
1724 req->req.address + req->req.length);
1725 if (retval) {
1726 /* INSERT ENTRY */
1727 spin_lock_irqsave(&host_info_lock, flags);
1728 list_add_tail(&addr->addr_list, &fi->addr_list);
1729 spin_unlock_irqrestore(&host_info_lock, flags);
1730 } else {
1731 DBGMSG("arm_register failed errno: %d \n", retval);
1732 vfree(addr->addr_space_buffer);
1733 kfree(addr);
1734 return (-EALREADY);
1736 free_pending_request(req); /* immediate success or fail */
1737 return 0;
1740 static int arm_unregister(struct file_info *fi, struct pending_request *req)
1742 int found = 0;
1743 int retval = 0;
1744 struct list_head *entry;
1745 struct arm_addr *addr = NULL;
1746 struct host_info *hi;
1747 struct file_info *fi_hlp = NULL;
1748 struct arm_addr *arm_addr = NULL;
1749 int another_host;
1750 unsigned long flags;
1752 DBGMSG("arm_Unregister called addr(Offset): "
1753 "%8.8x %8.8x",
1754 (u32) ((req->req.address >> 32) & 0xFFFF),
1755 (u32) (req->req.address & 0xFFFFFFFF));
1756 spin_lock_irqsave(&host_info_lock, flags);
1757 /* get addr */
1758 entry = fi->addr_list.next;
1759 while (entry != &(fi->addr_list)) {
1760 addr = list_entry(entry, struct arm_addr, addr_list);
1761 if (addr->start == req->req.address) {
1762 found = 1;
1763 break;
1765 entry = entry->next;
1767 if (!found) {
1768 DBGMSG("arm_Unregister addr not found");
1769 spin_unlock_irqrestore(&host_info_lock, flags);
1770 return (-EINVAL);
1772 DBGMSG("arm_Unregister addr found");
1773 another_host = 0;
1774 /* another host with valid address-entry containing
1775 same addressrange */
1776 list_for_each_entry(hi, &host_info_list, list) {
1777 if (hi->host != fi->host) {
1778 list_for_each_entry(fi_hlp, &hi->file_info_list, list) {
1779 entry = fi_hlp->addr_list.next;
1780 while (entry != &(fi_hlp->addr_list)) {
1781 arm_addr = list_entry(entry,
1782 struct arm_addr,
1783 addr_list);
1784 if (arm_addr->start == addr->start) {
1785 DBGMSG("another host ownes "
1786 "same addressrange");
1787 another_host = 1;
1788 break;
1790 entry = entry->next;
1792 if (another_host) {
1793 break;
1798 if (another_host) {
1799 DBGMSG("delete entry from list -> success");
1800 list_del(&addr->addr_list);
1801 spin_unlock_irqrestore(&host_info_lock, flags);
1802 vfree(addr->addr_space_buffer);
1803 kfree(addr);
1804 free_pending_request(req); /* immediate success or fail */
1805 return 0;
1807 retval =
1808 hpsb_unregister_addrspace(&raw1394_highlevel, fi->host,
1809 addr->start);
1810 if (!retval) {
1811 printk(KERN_ERR "raw1394: arm_Unregister failed -> EINVAL\n");
1812 spin_unlock_irqrestore(&host_info_lock, flags);
1813 return (-EINVAL);
1815 DBGMSG("delete entry from list -> success");
1816 list_del(&addr->addr_list);
1817 spin_unlock_irqrestore(&host_info_lock, flags);
1818 vfree(addr->addr_space_buffer);
1819 kfree(addr);
1820 free_pending_request(req); /* immediate success or fail */
1821 return 0;
1824 /* Copy data from ARM buffer(s) to user buffer. */
1825 static int arm_get_buf(struct file_info *fi, struct pending_request *req)
1827 struct arm_addr *arm_addr = NULL;
1828 unsigned long flags;
1829 unsigned long offset;
1831 struct list_head *entry;
1833 DBGMSG("arm_get_buf "
1834 "addr(Offset): %04X %08X length: %u",
1835 (u32) ((req->req.address >> 32) & 0xFFFF),
1836 (u32) (req->req.address & 0xFFFFFFFF), (u32) req->req.length);
1838 spin_lock_irqsave(&host_info_lock, flags);
1839 entry = fi->addr_list.next;
1840 while (entry != &(fi->addr_list)) {
1841 arm_addr = list_entry(entry, struct arm_addr, addr_list);
1842 if ((arm_addr->start <= req->req.address) &&
1843 (arm_addr->end > req->req.address)) {
1844 if (req->req.address + req->req.length <= arm_addr->end) {
1845 offset = req->req.address - arm_addr->start;
1846 spin_unlock_irqrestore(&host_info_lock, flags);
1848 DBGMSG
1849 ("arm_get_buf copy_to_user( %08X, %p, %u )",
1850 (u32) req->req.recvb,
1851 arm_addr->addr_space_buffer + offset,
1852 (u32) req->req.length);
1853 if (copy_to_user
1854 (int2ptr(req->req.recvb),
1855 arm_addr->addr_space_buffer + offset,
1856 req->req.length))
1857 return (-EFAULT);
1859 /* We have to free the request, because we
1860 * queue no response, and therefore nobody
1861 * will free it. */
1862 free_pending_request(req);
1863 return 0;
1864 } else {
1865 DBGMSG("arm_get_buf request exceeded mapping");
1866 spin_unlock_irqrestore(&host_info_lock, flags);
1867 return (-EINVAL);
1870 entry = entry->next;
1872 spin_unlock_irqrestore(&host_info_lock, flags);
1873 return (-EINVAL);
1876 /* Copy data from user buffer to ARM buffer(s). */
1877 static int arm_set_buf(struct file_info *fi, struct pending_request *req)
1879 struct arm_addr *arm_addr = NULL;
1880 unsigned long flags;
1881 unsigned long offset;
1883 struct list_head *entry;
1885 DBGMSG("arm_set_buf "
1886 "addr(Offset): %04X %08X length: %u",
1887 (u32) ((req->req.address >> 32) & 0xFFFF),
1888 (u32) (req->req.address & 0xFFFFFFFF), (u32) req->req.length);
1890 spin_lock_irqsave(&host_info_lock, flags);
1891 entry = fi->addr_list.next;
1892 while (entry != &(fi->addr_list)) {
1893 arm_addr = list_entry(entry, struct arm_addr, addr_list);
1894 if ((arm_addr->start <= req->req.address) &&
1895 (arm_addr->end > req->req.address)) {
1896 if (req->req.address + req->req.length <= arm_addr->end) {
1897 offset = req->req.address - arm_addr->start;
1898 spin_unlock_irqrestore(&host_info_lock, flags);
1900 DBGMSG
1901 ("arm_set_buf copy_from_user( %p, %08X, %u )",
1902 arm_addr->addr_space_buffer + offset,
1903 (u32) req->req.sendb,
1904 (u32) req->req.length);
1905 if (copy_from_user
1906 (arm_addr->addr_space_buffer + offset,
1907 int2ptr(req->req.sendb),
1908 req->req.length))
1909 return (-EFAULT);
1911 /* We have to free the request, because we
1912 * queue no response, and therefore nobody
1913 * will free it. */
1914 free_pending_request(req);
1915 return 0;
1916 } else {
1917 DBGMSG("arm_set_buf request exceeded mapping");
1918 spin_unlock_irqrestore(&host_info_lock, flags);
1919 return (-EINVAL);
1922 entry = entry->next;
1924 spin_unlock_irqrestore(&host_info_lock, flags);
1925 return (-EINVAL);
1928 static int reset_notification(struct file_info *fi, struct pending_request *req)
1930 DBGMSG("reset_notification called - switch %s ",
1931 (req->req.misc == RAW1394_NOTIFY_OFF) ? "OFF" : "ON");
1932 if ((req->req.misc == RAW1394_NOTIFY_OFF) ||
1933 (req->req.misc == RAW1394_NOTIFY_ON)) {
1934 fi->notification = (u8) req->req.misc;
1935 free_pending_request(req); /* we have to free the request, because we queue no response, and therefore nobody will free it */
1936 return 0;
1938 /* error EINVAL (22) invalid argument */
1939 return (-EINVAL);
1942 static int write_phypacket(struct file_info *fi, struct pending_request *req)
1944 struct hpsb_packet *packet = NULL;
1945 int retval = 0;
1946 quadlet_t data;
1947 unsigned long flags;
1949 data = be32_to_cpu((u32) req->req.sendb);
1950 DBGMSG("write_phypacket called - quadlet 0x%8.8x ", data);
1951 packet = hpsb_make_phypacket(fi->host, data);
1952 if (!packet)
1953 return -ENOMEM;
1954 req->req.length = 0;
1955 req->packet = packet;
1956 hpsb_set_packet_complete_task(packet,
1957 (void (*)(void *))queue_complete_cb, req);
1958 spin_lock_irqsave(&fi->reqlists_lock, flags);
1959 list_add_tail(&req->list, &fi->req_pending);
1960 spin_unlock_irqrestore(&fi->reqlists_lock, flags);
1961 packet->generation = req->req.generation;
1962 retval = hpsb_send_packet(packet);
1963 DBGMSG("write_phypacket send_packet called => retval: %d ", retval);
1964 if (retval < 0) {
1965 req->req.error = RAW1394_ERROR_SEND_ERROR;
1966 req->req.length = 0;
1967 queue_complete_req(req);
1969 return 0;
1972 static int get_config_rom(struct file_info *fi, struct pending_request *req)
1974 int ret = 0;
1975 quadlet_t *data = kmalloc(req->req.length, GFP_KERNEL);
1976 int status;
1978 if (!data)
1979 return -ENOMEM;
1981 status =
1982 csr1212_read(fi->host->csr.rom, CSR1212_CONFIG_ROM_SPACE_OFFSET,
1983 data, req->req.length);
1984 if (copy_to_user(int2ptr(req->req.recvb), data, req->req.length))
1985 ret = -EFAULT;
1986 if (copy_to_user
1987 (int2ptr(req->req.tag), &fi->host->csr.rom->cache_head->len,
1988 sizeof(fi->host->csr.rom->cache_head->len)))
1989 ret = -EFAULT;
1990 if (copy_to_user(int2ptr(req->req.address), &fi->host->csr.generation,
1991 sizeof(fi->host->csr.generation)))
1992 ret = -EFAULT;
1993 if (copy_to_user(int2ptr(req->req.sendb), &status, sizeof(status)))
1994 ret = -EFAULT;
1995 kfree(data);
1996 if (ret >= 0) {
1997 free_pending_request(req); /* we have to free the request, because we queue no response, and therefore nobody will free it */
1999 return ret;
2002 static int update_config_rom(struct file_info *fi, struct pending_request *req)
2004 int ret = 0;
2005 quadlet_t *data = kmalloc(req->req.length, GFP_KERNEL);
2006 if (!data)
2007 return -ENOMEM;
2008 if (copy_from_user(data, int2ptr(req->req.sendb), req->req.length)) {
2009 ret = -EFAULT;
2010 } else {
2011 int status = hpsb_update_config_rom(fi->host,
2012 data, req->req.length,
2013 (unsigned char)req->req.
2014 misc);
2015 if (copy_to_user
2016 (int2ptr(req->req.recvb), &status, sizeof(status)))
2017 ret = -ENOMEM;
2019 kfree(data);
2020 if (ret >= 0) {
2021 free_pending_request(req); /* we have to free the request, because we queue no response, and therefore nobody will free it */
2022 fi->cfgrom_upd = 1;
2024 return ret;
2027 static int modify_config_rom(struct file_info *fi, struct pending_request *req)
2029 struct csr1212_keyval *kv;
2030 struct csr1212_csr_rom_cache *cache;
2031 struct csr1212_dentry *dentry;
2032 u32 dr;
2033 int ret = 0;
2035 if (req->req.misc == ~0) {
2036 if (req->req.length == 0)
2037 return -EINVAL;
2039 /* Find an unused slot */
2040 for (dr = 0;
2041 dr < RAW1394_MAX_USER_CSR_DIRS && fi->csr1212_dirs[dr];
2042 dr++) ;
2044 if (dr == RAW1394_MAX_USER_CSR_DIRS)
2045 return -ENOMEM;
2047 fi->csr1212_dirs[dr] =
2048 csr1212_new_directory(CSR1212_KV_ID_VENDOR);
2049 if (!fi->csr1212_dirs[dr])
2050 return -ENOMEM;
2051 } else {
2052 dr = req->req.misc;
2053 if (!fi->csr1212_dirs[dr])
2054 return -EINVAL;
2056 /* Delete old stuff */
2057 for (dentry =
2058 fi->csr1212_dirs[dr]->value.directory.dentries_head;
2059 dentry; dentry = dentry->next) {
2060 csr1212_detach_keyval_from_directory(fi->host->csr.rom->
2061 root_kv,
2062 dentry->kv);
2065 if (req->req.length == 0) {
2066 csr1212_release_keyval(fi->csr1212_dirs[dr]);
2067 fi->csr1212_dirs[dr] = NULL;
2069 hpsb_update_config_rom_image(fi->host);
2070 free_pending_request(req);
2071 return 0;
2075 cache = csr1212_rom_cache_malloc(0, req->req.length);
2076 if (!cache) {
2077 csr1212_release_keyval(fi->csr1212_dirs[dr]);
2078 fi->csr1212_dirs[dr] = NULL;
2079 return -ENOMEM;
2082 cache->filled_head = kmalloc(sizeof(*cache->filled_head), GFP_KERNEL);
2083 if (!cache->filled_head) {
2084 csr1212_release_keyval(fi->csr1212_dirs[dr]);
2085 fi->csr1212_dirs[dr] = NULL;
2086 CSR1212_FREE(cache);
2087 return -ENOMEM;
2089 cache->filled_tail = cache->filled_head;
2091 if (copy_from_user(cache->data, int2ptr(req->req.sendb),
2092 req->req.length)) {
2093 csr1212_release_keyval(fi->csr1212_dirs[dr]);
2094 fi->csr1212_dirs[dr] = NULL;
2095 ret = -EFAULT;
2096 } else {
2097 cache->len = req->req.length;
2098 cache->filled_head->offset_start = 0;
2099 cache->filled_head->offset_end = cache->size - 1;
2101 cache->layout_head = cache->layout_tail = fi->csr1212_dirs[dr];
2103 ret = CSR1212_SUCCESS;
2104 /* parse all the items */
2105 for (kv = cache->layout_head; ret == CSR1212_SUCCESS && kv;
2106 kv = kv->next) {
2107 ret = csr1212_parse_keyval(kv, cache);
2110 /* attach top level items to the root directory */
2111 for (dentry =
2112 fi->csr1212_dirs[dr]->value.directory.dentries_head;
2113 ret == CSR1212_SUCCESS && dentry; dentry = dentry->next) {
2114 ret =
2115 csr1212_attach_keyval_to_directory(fi->host->csr.
2116 rom->root_kv,
2117 dentry->kv);
2120 if (ret == CSR1212_SUCCESS) {
2121 ret = hpsb_update_config_rom_image(fi->host);
2123 if (ret >= 0 && copy_to_user(int2ptr(req->req.recvb),
2124 &dr, sizeof(dr))) {
2125 ret = -ENOMEM;
2129 kfree(cache->filled_head);
2130 CSR1212_FREE(cache);
2132 if (ret >= 0) {
2133 /* we have to free the request, because we queue no response,
2134 * and therefore nobody will free it */
2135 free_pending_request(req);
2136 return 0;
2137 } else {
2138 for (dentry =
2139 fi->csr1212_dirs[dr]->value.directory.dentries_head;
2140 dentry; dentry = dentry->next) {
2141 csr1212_detach_keyval_from_directory(fi->host->csr.rom->
2142 root_kv,
2143 dentry->kv);
2145 csr1212_release_keyval(fi->csr1212_dirs[dr]);
2146 fi->csr1212_dirs[dr] = NULL;
2147 return ret;
2151 static int state_connected(struct file_info *fi, struct pending_request *req)
2153 int node = req->req.address >> 48;
2155 req->req.error = RAW1394_ERROR_NONE;
2157 switch (req->req.type) {
2159 case RAW1394_REQ_ECHO:
2160 queue_complete_req(req);
2161 return 0;
2163 case RAW1394_REQ_ARM_REGISTER:
2164 return arm_register(fi, req);
2166 case RAW1394_REQ_ARM_UNREGISTER:
2167 return arm_unregister(fi, req);
2169 case RAW1394_REQ_ARM_SET_BUF:
2170 return arm_set_buf(fi, req);
2172 case RAW1394_REQ_ARM_GET_BUF:
2173 return arm_get_buf(fi, req);
2175 case RAW1394_REQ_RESET_NOTIFY:
2176 return reset_notification(fi, req);
2178 case RAW1394_REQ_ISO_SEND:
2179 case RAW1394_REQ_ISO_LISTEN:
2180 printk(KERN_DEBUG "raw1394: old iso ABI has been removed\n");
2181 req->req.error = RAW1394_ERROR_COMPAT;
2182 req->req.misc = RAW1394_KERNELAPI_VERSION;
2183 queue_complete_req(req);
2184 return 0;
2186 case RAW1394_REQ_FCP_LISTEN:
2187 handle_fcp_listen(fi, req);
2188 return 0;
2190 case RAW1394_REQ_RESET_BUS:
2191 if (req->req.misc == RAW1394_LONG_RESET) {
2192 DBGMSG("busreset called (type: LONG)");
2193 hpsb_reset_bus(fi->host, LONG_RESET);
2194 free_pending_request(req); /* we have to free the request, because we queue no response, and therefore nobody will free it */
2195 return 0;
2197 if (req->req.misc == RAW1394_SHORT_RESET) {
2198 DBGMSG("busreset called (type: SHORT)");
2199 hpsb_reset_bus(fi->host, SHORT_RESET);
2200 free_pending_request(req); /* we have to free the request, because we queue no response, and therefore nobody will free it */
2201 return 0;
2203 /* error EINVAL (22) invalid argument */
2204 return (-EINVAL);
2205 case RAW1394_REQ_GET_ROM:
2206 return get_config_rom(fi, req);
2208 case RAW1394_REQ_UPDATE_ROM:
2209 return update_config_rom(fi, req);
2211 case RAW1394_REQ_MODIFY_ROM:
2212 return modify_config_rom(fi, req);
2215 if (req->req.generation != get_hpsb_generation(fi->host)) {
2216 req->req.error = RAW1394_ERROR_GENERATION;
2217 req->req.generation = get_hpsb_generation(fi->host);
2218 req->req.length = 0;
2219 queue_complete_req(req);
2220 return 0;
2223 switch (req->req.type) {
2224 case RAW1394_REQ_PHYPACKET:
2225 return write_phypacket(fi, req);
2226 case RAW1394_REQ_ASYNC_SEND:
2227 return handle_async_send(fi, req);
2230 if (req->req.length == 0) {
2231 req->req.error = RAW1394_ERROR_INVALID_ARG;
2232 queue_complete_req(req);
2233 return 0;
2236 return handle_async_request(fi, req, node);
2239 static ssize_t raw1394_write(struct file *file, const char __user * buffer,
2240 size_t count, loff_t * offset_is_ignored)
2242 struct file_info *fi = (struct file_info *)file->private_data;
2243 struct pending_request *req;
2244 ssize_t retval = -EBADFD;
2246 #ifdef CONFIG_COMPAT
2247 if (count == sizeof(struct compat_raw1394_req) &&
2248 sizeof(struct compat_raw1394_req) !=
2249 sizeof(struct raw1394_request)) {
2250 buffer = raw1394_compat_write(buffer);
2251 if (IS_ERR(buffer))
2252 return PTR_ERR(buffer);
2253 } else
2254 #endif
2255 if (count != sizeof(struct raw1394_request)) {
2256 return -EINVAL;
2259 req = alloc_pending_request();
2260 if (req == NULL) {
2261 return -ENOMEM;
2263 req->file_info = fi;
2265 if (copy_from_user(&req->req, buffer, sizeof(struct raw1394_request))) {
2266 free_pending_request(req);
2267 return -EFAULT;
2270 switch (fi->state) {
2271 case opened:
2272 retval = state_opened(fi, req);
2273 break;
2275 case initialized:
2276 retval = state_initialized(fi, req);
2277 break;
2279 case connected:
2280 retval = state_connected(fi, req);
2281 break;
2284 if (retval < 0) {
2285 free_pending_request(req);
2286 } else {
2287 BUG_ON(retval);
2288 retval = count;
2291 return retval;
2294 /* rawiso operations */
2296 /* check if any RAW1394_REQ_RAWISO_ACTIVITY event is already in the
2297 * completion queue (reqlists_lock must be taken) */
2298 static inline int __rawiso_event_in_queue(struct file_info *fi)
2300 struct pending_request *req;
2302 list_for_each_entry(req, &fi->req_complete, list)
2303 if (req->req.type == RAW1394_REQ_RAWISO_ACTIVITY)
2304 return 1;
2306 return 0;
2309 /* put a RAWISO_ACTIVITY event in the queue, if one isn't there already */
2310 static void queue_rawiso_event(struct file_info *fi)
2312 unsigned long flags;
2314 spin_lock_irqsave(&fi->reqlists_lock, flags);
2316 /* only one ISO activity event may be in the queue */
2317 if (!__rawiso_event_in_queue(fi)) {
2318 struct pending_request *req =
2319 __alloc_pending_request(GFP_ATOMIC);
2321 if (req) {
2322 req->file_info = fi;
2323 req->req.type = RAW1394_REQ_RAWISO_ACTIVITY;
2324 req->req.generation = get_hpsb_generation(fi->host);
2325 __queue_complete_req(req);
2326 } else {
2327 /* on allocation failure, signal an overflow */
2328 if (fi->iso_handle) {
2329 atomic_inc(&fi->iso_handle->overflows);
2333 spin_unlock_irqrestore(&fi->reqlists_lock, flags);
2336 static void rawiso_activity_cb(struct hpsb_iso *iso)
2338 unsigned long flags;
2339 struct host_info *hi;
2340 struct file_info *fi;
2342 spin_lock_irqsave(&host_info_lock, flags);
2343 hi = find_host_info(iso->host);
2345 if (hi != NULL) {
2346 list_for_each_entry(fi, &hi->file_info_list, list) {
2347 if (fi->iso_handle == iso)
2348 queue_rawiso_event(fi);
2352 spin_unlock_irqrestore(&host_info_lock, flags);
2355 /* helper function - gather all the kernel iso status bits for returning to user-space */
2356 static void raw1394_iso_fill_status(struct hpsb_iso *iso,
2357 struct raw1394_iso_status *stat)
2359 stat->config.data_buf_size = iso->buf_size;
2360 stat->config.buf_packets = iso->buf_packets;
2361 stat->config.channel = iso->channel;
2362 stat->config.speed = iso->speed;
2363 stat->config.irq_interval = iso->irq_interval;
2364 stat->n_packets = hpsb_iso_n_ready(iso);
2365 stat->overflows = atomic_read(&iso->overflows);
2366 stat->xmit_cycle = iso->xmit_cycle;
2369 static int raw1394_iso_xmit_init(struct file_info *fi, void __user * uaddr)
2371 struct raw1394_iso_status stat;
2373 if (!fi->host)
2374 return -EINVAL;
2376 if (copy_from_user(&stat, uaddr, sizeof(stat)))
2377 return -EFAULT;
2379 fi->iso_handle = hpsb_iso_xmit_init(fi->host,
2380 stat.config.data_buf_size,
2381 stat.config.buf_packets,
2382 stat.config.channel,
2383 stat.config.speed,
2384 stat.config.irq_interval,
2385 rawiso_activity_cb);
2386 if (!fi->iso_handle)
2387 return -ENOMEM;
2389 fi->iso_state = RAW1394_ISO_XMIT;
2391 raw1394_iso_fill_status(fi->iso_handle, &stat);
2392 if (copy_to_user(uaddr, &stat, sizeof(stat)))
2393 return -EFAULT;
2395 /* queue an event to get things started */
2396 rawiso_activity_cb(fi->iso_handle);
2398 return 0;
2401 static int raw1394_iso_recv_init(struct file_info *fi, void __user * uaddr)
2403 struct raw1394_iso_status stat;
2405 if (!fi->host)
2406 return -EINVAL;
2408 if (copy_from_user(&stat, uaddr, sizeof(stat)))
2409 return -EFAULT;
2411 fi->iso_handle = hpsb_iso_recv_init(fi->host,
2412 stat.config.data_buf_size,
2413 stat.config.buf_packets,
2414 stat.config.channel,
2415 stat.config.dma_mode,
2416 stat.config.irq_interval,
2417 rawiso_activity_cb);
2418 if (!fi->iso_handle)
2419 return -ENOMEM;
2421 fi->iso_state = RAW1394_ISO_RECV;
2423 raw1394_iso_fill_status(fi->iso_handle, &stat);
2424 if (copy_to_user(uaddr, &stat, sizeof(stat)))
2425 return -EFAULT;
2426 return 0;
2429 static int raw1394_iso_get_status(struct file_info *fi, void __user * uaddr)
2431 struct raw1394_iso_status stat;
2432 struct hpsb_iso *iso = fi->iso_handle;
2434 raw1394_iso_fill_status(fi->iso_handle, &stat);
2435 if (copy_to_user(uaddr, &stat, sizeof(stat)))
2436 return -EFAULT;
2438 /* reset overflow counter */
2439 atomic_set(&iso->overflows, 0);
2441 return 0;
2444 /* copy N packet_infos out of the ringbuffer into user-supplied array */
2445 static int raw1394_iso_recv_packets(struct file_info *fi, void __user * uaddr)
2447 struct raw1394_iso_packets upackets;
2448 unsigned int packet = fi->iso_handle->first_packet;
2449 int i;
2451 if (copy_from_user(&upackets, uaddr, sizeof(upackets)))
2452 return -EFAULT;
2454 if (upackets.n_packets > hpsb_iso_n_ready(fi->iso_handle))
2455 return -EINVAL;
2457 /* ensure user-supplied buffer is accessible and big enough */
2458 if (!access_ok(VERIFY_WRITE, upackets.infos,
2459 upackets.n_packets *
2460 sizeof(struct raw1394_iso_packet_info)))
2461 return -EFAULT;
2463 /* copy the packet_infos out */
2464 for (i = 0; i < upackets.n_packets; i++) {
2465 if (__copy_to_user(&upackets.infos[i],
2466 &fi->iso_handle->infos[packet],
2467 sizeof(struct raw1394_iso_packet_info)))
2468 return -EFAULT;
2470 packet = (packet + 1) % fi->iso_handle->buf_packets;
2473 return 0;
2476 /* copy N packet_infos from user to ringbuffer, and queue them for transmission */
2477 static int raw1394_iso_send_packets(struct file_info *fi, void __user * uaddr)
2479 struct raw1394_iso_packets upackets;
2480 int i, rv;
2482 if (copy_from_user(&upackets, uaddr, sizeof(upackets)))
2483 return -EFAULT;
2485 if (upackets.n_packets >= fi->iso_handle->buf_packets)
2486 return -EINVAL;
2488 if (upackets.n_packets >= hpsb_iso_n_ready(fi->iso_handle))
2489 return -EAGAIN;
2491 /* ensure user-supplied buffer is accessible and big enough */
2492 if (!access_ok(VERIFY_READ, upackets.infos,
2493 upackets.n_packets *
2494 sizeof(struct raw1394_iso_packet_info)))
2495 return -EFAULT;
2497 /* copy the infos structs in and queue the packets */
2498 for (i = 0; i < upackets.n_packets; i++) {
2499 struct raw1394_iso_packet_info info;
2501 if (__copy_from_user(&info, &upackets.infos[i],
2502 sizeof(struct raw1394_iso_packet_info)))
2503 return -EFAULT;
2505 rv = hpsb_iso_xmit_queue_packet(fi->iso_handle, info.offset,
2506 info.len, info.tag, info.sy);
2507 if (rv)
2508 return rv;
2511 return 0;
2514 static void raw1394_iso_shutdown(struct file_info *fi)
2516 if (fi->iso_handle)
2517 hpsb_iso_shutdown(fi->iso_handle);
2519 fi->iso_handle = NULL;
2520 fi->iso_state = RAW1394_ISO_INACTIVE;
2523 static int raw1394_read_cycle_timer(struct file_info *fi, void __user * uaddr)
2525 struct raw1394_cycle_timer ct;
2526 int err;
2528 err = hpsb_read_cycle_timer(fi->host, &ct.cycle_timer, &ct.local_time);
2529 if (!err)
2530 if (copy_to_user(uaddr, &ct, sizeof(ct)))
2531 err = -EFAULT;
2532 return err;
2535 /* mmap the rawiso xmit/recv buffer */
2536 static int raw1394_mmap(struct file *file, struct vm_area_struct *vma)
2538 struct file_info *fi = file->private_data;
2540 if (fi->iso_state == RAW1394_ISO_INACTIVE)
2541 return -EINVAL;
2543 return dma_region_mmap(&fi->iso_handle->data_buf, file, vma);
2546 /* ioctl is only used for rawiso operations */
2547 static int raw1394_ioctl(struct inode *inode, struct file *file,
2548 unsigned int cmd, unsigned long arg)
2550 struct file_info *fi = file->private_data;
2551 void __user *argp = (void __user *)arg;
2553 switch (fi->iso_state) {
2554 case RAW1394_ISO_INACTIVE:
2555 switch (cmd) {
2556 case RAW1394_IOC_ISO_XMIT_INIT:
2557 return raw1394_iso_xmit_init(fi, argp);
2558 case RAW1394_IOC_ISO_RECV_INIT:
2559 return raw1394_iso_recv_init(fi, argp);
2560 default:
2561 break;
2563 break;
2564 case RAW1394_ISO_RECV:
2565 switch (cmd) {
2566 case RAW1394_IOC_ISO_RECV_START:{
2567 /* copy args from user-space */
2568 int args[3];
2569 if (copy_from_user
2570 (&args[0], argp, sizeof(args)))
2571 return -EFAULT;
2572 return hpsb_iso_recv_start(fi->iso_handle,
2573 args[0], args[1],
2574 args[2]);
2576 case RAW1394_IOC_ISO_XMIT_RECV_STOP:
2577 hpsb_iso_stop(fi->iso_handle);
2578 return 0;
2579 case RAW1394_IOC_ISO_RECV_LISTEN_CHANNEL:
2580 return hpsb_iso_recv_listen_channel(fi->iso_handle,
2581 arg);
2582 case RAW1394_IOC_ISO_RECV_UNLISTEN_CHANNEL:
2583 return hpsb_iso_recv_unlisten_channel(fi->iso_handle,
2584 arg);
2585 case RAW1394_IOC_ISO_RECV_SET_CHANNEL_MASK:{
2586 /* copy the u64 from user-space */
2587 u64 mask;
2588 if (copy_from_user(&mask, argp, sizeof(mask)))
2589 return -EFAULT;
2590 return hpsb_iso_recv_set_channel_mask(fi->
2591 iso_handle,
2592 mask);
2594 case RAW1394_IOC_ISO_GET_STATUS:
2595 return raw1394_iso_get_status(fi, argp);
2596 case RAW1394_IOC_ISO_RECV_PACKETS:
2597 return raw1394_iso_recv_packets(fi, argp);
2598 case RAW1394_IOC_ISO_RECV_RELEASE_PACKETS:
2599 return hpsb_iso_recv_release_packets(fi->iso_handle,
2600 arg);
2601 case RAW1394_IOC_ISO_RECV_FLUSH:
2602 return hpsb_iso_recv_flush(fi->iso_handle);
2603 case RAW1394_IOC_ISO_SHUTDOWN:
2604 raw1394_iso_shutdown(fi);
2605 return 0;
2606 case RAW1394_IOC_ISO_QUEUE_ACTIVITY:
2607 queue_rawiso_event(fi);
2608 return 0;
2610 break;
2611 case RAW1394_ISO_XMIT:
2612 switch (cmd) {
2613 case RAW1394_IOC_ISO_XMIT_START:{
2614 /* copy two ints from user-space */
2615 int args[2];
2616 if (copy_from_user
2617 (&args[0], argp, sizeof(args)))
2618 return -EFAULT;
2619 return hpsb_iso_xmit_start(fi->iso_handle,
2620 args[0], args[1]);
2622 case RAW1394_IOC_ISO_XMIT_SYNC:
2623 return hpsb_iso_xmit_sync(fi->iso_handle);
2624 case RAW1394_IOC_ISO_XMIT_RECV_STOP:
2625 hpsb_iso_stop(fi->iso_handle);
2626 return 0;
2627 case RAW1394_IOC_ISO_GET_STATUS:
2628 return raw1394_iso_get_status(fi, argp);
2629 case RAW1394_IOC_ISO_XMIT_PACKETS:
2630 return raw1394_iso_send_packets(fi, argp);
2631 case RAW1394_IOC_ISO_SHUTDOWN:
2632 raw1394_iso_shutdown(fi);
2633 return 0;
2634 case RAW1394_IOC_ISO_QUEUE_ACTIVITY:
2635 queue_rawiso_event(fi);
2636 return 0;
2638 break;
2639 default:
2640 break;
2643 /* state-independent commands */
2644 switch(cmd) {
2645 case RAW1394_IOC_GET_CYCLE_TIMER:
2646 return raw1394_read_cycle_timer(fi, argp);
2647 default:
2648 break;
2651 return -EINVAL;
2654 #ifdef CONFIG_COMPAT
2655 struct raw1394_iso_packets32 {
2656 __u32 n_packets;
2657 compat_uptr_t infos;
2658 } __attribute__((packed));
2660 struct raw1394_cycle_timer32 {
2661 __u32 cycle_timer;
2662 __u64 local_time;
2664 #if defined(CONFIG_X86_64) || defined(CONFIG_IA64)
2665 __attribute__((packed))
2666 #endif
2669 #define RAW1394_IOC_ISO_RECV_PACKETS32 \
2670 _IOW ('#', 0x25, struct raw1394_iso_packets32)
2671 #define RAW1394_IOC_ISO_XMIT_PACKETS32 \
2672 _IOW ('#', 0x27, struct raw1394_iso_packets32)
2673 #define RAW1394_IOC_GET_CYCLE_TIMER32 \
2674 _IOR ('#', 0x30, struct raw1394_cycle_timer32)
2676 static long raw1394_iso_xmit_recv_packets32(struct file *file, unsigned int cmd,
2677 struct raw1394_iso_packets32 __user *arg)
2679 compat_uptr_t infos32;
2680 void __user *infos;
2681 long err = -EFAULT;
2682 struct raw1394_iso_packets __user *dst = compat_alloc_user_space(sizeof(struct raw1394_iso_packets));
2684 if (!copy_in_user(&dst->n_packets, &arg->n_packets, sizeof arg->n_packets) &&
2685 !copy_from_user(&infos32, &arg->infos, sizeof infos32)) {
2686 infos = compat_ptr(infos32);
2687 if (!copy_to_user(&dst->infos, &infos, sizeof infos))
2688 err = raw1394_ioctl(NULL, file, cmd, (unsigned long)dst);
2690 return err;
2693 static long raw1394_read_cycle_timer32(struct file_info *fi, void __user * uaddr)
2695 struct raw1394_cycle_timer32 ct;
2696 int err;
2698 err = hpsb_read_cycle_timer(fi->host, &ct.cycle_timer, &ct.local_time);
2699 if (!err)
2700 if (copy_to_user(uaddr, &ct, sizeof(ct)))
2701 err = -EFAULT;
2702 return err;
2705 static long raw1394_compat_ioctl(struct file *file,
2706 unsigned int cmd, unsigned long arg)
2708 struct file_info *fi = file->private_data;
2709 void __user *argp = (void __user *)arg;
2710 long err;
2712 lock_kernel();
2713 switch (cmd) {
2714 /* These requests have same format as long as 'int' has same size. */
2715 case RAW1394_IOC_ISO_RECV_INIT:
2716 case RAW1394_IOC_ISO_RECV_START:
2717 case RAW1394_IOC_ISO_RECV_LISTEN_CHANNEL:
2718 case RAW1394_IOC_ISO_RECV_UNLISTEN_CHANNEL:
2719 case RAW1394_IOC_ISO_RECV_SET_CHANNEL_MASK:
2720 case RAW1394_IOC_ISO_RECV_RELEASE_PACKETS:
2721 case RAW1394_IOC_ISO_RECV_FLUSH:
2722 case RAW1394_IOC_ISO_XMIT_RECV_STOP:
2723 case RAW1394_IOC_ISO_XMIT_INIT:
2724 case RAW1394_IOC_ISO_XMIT_START:
2725 case RAW1394_IOC_ISO_XMIT_SYNC:
2726 case RAW1394_IOC_ISO_GET_STATUS:
2727 case RAW1394_IOC_ISO_SHUTDOWN:
2728 case RAW1394_IOC_ISO_QUEUE_ACTIVITY:
2729 err = raw1394_ioctl(NULL, file, cmd, arg);
2730 break;
2731 /* These request have different format. */
2732 case RAW1394_IOC_ISO_RECV_PACKETS32:
2733 err = raw1394_iso_xmit_recv_packets32(file, RAW1394_IOC_ISO_RECV_PACKETS, argp);
2734 break;
2735 case RAW1394_IOC_ISO_XMIT_PACKETS32:
2736 err = raw1394_iso_xmit_recv_packets32(file, RAW1394_IOC_ISO_XMIT_PACKETS, argp);
2737 break;
2738 case RAW1394_IOC_GET_CYCLE_TIMER32:
2739 err = raw1394_read_cycle_timer32(fi, argp);
2740 break;
2741 default:
2742 err = -EINVAL;
2743 break;
2745 unlock_kernel();
2747 return err;
2749 #endif
2751 static unsigned int raw1394_poll(struct file *file, poll_table * pt)
2753 struct file_info *fi = file->private_data;
2754 unsigned int mask = POLLOUT | POLLWRNORM;
2755 unsigned long flags;
2757 poll_wait(file, &fi->wait_complete, pt);
2759 spin_lock_irqsave(&fi->reqlists_lock, flags);
2760 if (!list_empty(&fi->req_complete)) {
2761 mask |= POLLIN | POLLRDNORM;
2763 spin_unlock_irqrestore(&fi->reqlists_lock, flags);
2765 return mask;
2768 static int raw1394_open(struct inode *inode, struct file *file)
2770 struct file_info *fi;
2772 fi = kzalloc(sizeof(*fi), GFP_KERNEL);
2773 if (!fi)
2774 return -ENOMEM;
2776 fi->notification = (u8) RAW1394_NOTIFY_ON; /* busreset notification */
2778 INIT_LIST_HEAD(&fi->list);
2779 fi->state = opened;
2780 INIT_LIST_HEAD(&fi->req_pending);
2781 INIT_LIST_HEAD(&fi->req_complete);
2782 spin_lock_init(&fi->reqlists_lock);
2783 init_waitqueue_head(&fi->wait_complete);
2784 INIT_LIST_HEAD(&fi->addr_list);
2786 file->private_data = fi;
2788 return 0;
2791 static int raw1394_release(struct inode *inode, struct file *file)
2793 struct file_info *fi = file->private_data;
2794 struct list_head *lh;
2795 struct pending_request *req;
2796 int i, fail;
2797 int retval = 0;
2798 struct list_head *entry;
2799 struct arm_addr *addr = NULL;
2800 struct host_info *hi;
2801 struct file_info *fi_hlp = NULL;
2802 struct arm_addr *arm_addr = NULL;
2803 int another_host;
2804 int csr_mod = 0;
2805 unsigned long flags;
2807 if (fi->iso_state != RAW1394_ISO_INACTIVE)
2808 raw1394_iso_shutdown(fi);
2810 spin_lock_irqsave(&host_info_lock, flags);
2812 fail = 0;
2813 /* set address-entries invalid */
2815 while (!list_empty(&fi->addr_list)) {
2816 another_host = 0;
2817 lh = fi->addr_list.next;
2818 addr = list_entry(lh, struct arm_addr, addr_list);
2819 /* another host with valid address-entry containing
2820 same addressrange? */
2821 list_for_each_entry(hi, &host_info_list, list) {
2822 if (hi->host != fi->host) {
2823 list_for_each_entry(fi_hlp, &hi->file_info_list,
2824 list) {
2825 entry = fi_hlp->addr_list.next;
2826 while (entry != &(fi_hlp->addr_list)) {
2827 arm_addr = list_entry(entry, struct
2828 arm_addr,
2829 addr_list);
2830 if (arm_addr->start ==
2831 addr->start) {
2832 DBGMSG
2833 ("raw1394_release: "
2834 "another host ownes "
2835 "same addressrange");
2836 another_host = 1;
2837 break;
2839 entry = entry->next;
2841 if (another_host) {
2842 break;
2847 if (!another_host) {
2848 DBGMSG("raw1394_release: call hpsb_arm_unregister");
2849 retval =
2850 hpsb_unregister_addrspace(&raw1394_highlevel,
2851 fi->host, addr->start);
2852 if (!retval) {
2853 ++fail;
2854 printk(KERN_ERR
2855 "raw1394_release arm_Unregister failed\n");
2858 DBGMSG("raw1394_release: delete addr_entry from list");
2859 list_del(&addr->addr_list);
2860 vfree(addr->addr_space_buffer);
2861 kfree(addr);
2862 } /* while */
2863 spin_unlock_irqrestore(&host_info_lock, flags);
2864 if (fail > 0) {
2865 printk(KERN_ERR "raw1394: during addr_list-release "
2866 "error(s) occurred \n");
2869 for (;;) {
2870 /* This locked section guarantees that neither
2871 * complete nor pending requests exist once i!=0 */
2872 spin_lock_irqsave(&fi->reqlists_lock, flags);
2873 while ((req = __next_complete_req(fi)))
2874 free_pending_request(req);
2876 i = list_empty(&fi->req_pending);
2877 spin_unlock_irqrestore(&fi->reqlists_lock, flags);
2879 if (i)
2880 break;
2882 * Sleep until more requests can be freed.
2884 * NB: We call the macro wait_event() with a condition argument
2885 * with side effect. This is only possible because the side
2886 * effect does not occur until the condition became true, and
2887 * wait_event() won't evaluate the condition again after that.
2889 wait_event(fi->wait_complete, (req = next_complete_req(fi)));
2890 free_pending_request(req);
2893 /* Remove any sub-trees left by user space programs */
2894 for (i = 0; i < RAW1394_MAX_USER_CSR_DIRS; i++) {
2895 struct csr1212_dentry *dentry;
2896 if (!fi->csr1212_dirs[i])
2897 continue;
2898 for (dentry =
2899 fi->csr1212_dirs[i]->value.directory.dentries_head; dentry;
2900 dentry = dentry->next) {
2901 csr1212_detach_keyval_from_directory(fi->host->csr.rom->
2902 root_kv,
2903 dentry->kv);
2905 csr1212_release_keyval(fi->csr1212_dirs[i]);
2906 fi->csr1212_dirs[i] = NULL;
2907 csr_mod = 1;
2910 if ((csr_mod || fi->cfgrom_upd)
2911 && hpsb_update_config_rom_image(fi->host) < 0)
2912 HPSB_ERR
2913 ("Failed to generate Configuration ROM image for host %d",
2914 fi->host->id);
2916 if (fi->state == connected) {
2917 spin_lock_irqsave(&host_info_lock, flags);
2918 list_del(&fi->list);
2919 spin_unlock_irqrestore(&host_info_lock, flags);
2921 put_device(&fi->host->device);
2924 spin_lock_irqsave(&host_info_lock, flags);
2925 if (fi->host)
2926 module_put(fi->host->driver->owner);
2927 spin_unlock_irqrestore(&host_info_lock, flags);
2929 kfree(fi);
2931 return 0;
2934 /*** HOTPLUG STUFF **********************************************************/
2936 * Export information about protocols/devices supported by this driver.
2938 static struct ieee1394_device_id raw1394_id_table[] = {
2940 .match_flags = IEEE1394_MATCH_SPECIFIER_ID | IEEE1394_MATCH_VERSION,
2941 .specifier_id = AVC_UNIT_SPEC_ID_ENTRY & 0xffffff,
2942 .version = AVC_SW_VERSION_ENTRY & 0xffffff},
2944 .match_flags = IEEE1394_MATCH_SPECIFIER_ID | IEEE1394_MATCH_VERSION,
2945 .specifier_id = CAMERA_UNIT_SPEC_ID_ENTRY & 0xffffff,
2946 .version = CAMERA_SW_VERSION_ENTRY & 0xffffff},
2948 .match_flags = IEEE1394_MATCH_SPECIFIER_ID | IEEE1394_MATCH_VERSION,
2949 .specifier_id = CAMERA_UNIT_SPEC_ID_ENTRY & 0xffffff,
2950 .version = (CAMERA_SW_VERSION_ENTRY + 1) & 0xffffff},
2952 .match_flags = IEEE1394_MATCH_SPECIFIER_ID | IEEE1394_MATCH_VERSION,
2953 .specifier_id = CAMERA_UNIT_SPEC_ID_ENTRY & 0xffffff,
2954 .version = (CAMERA_SW_VERSION_ENTRY + 2) & 0xffffff},
2958 MODULE_DEVICE_TABLE(ieee1394, raw1394_id_table);
2960 static struct hpsb_protocol_driver raw1394_driver = {
2961 .name = "raw1394",
2962 .id_table = raw1394_id_table,
2965 /******************************************************************************/
2967 static struct hpsb_highlevel raw1394_highlevel = {
2968 .name = RAW1394_DEVICE_NAME,
2969 .add_host = add_host,
2970 .remove_host = remove_host,
2971 .host_reset = host_reset,
2972 .fcp_request = fcp_request,
2975 static struct cdev raw1394_cdev;
2976 static const struct file_operations raw1394_fops = {
2977 .owner = THIS_MODULE,
2978 .read = raw1394_read,
2979 .write = raw1394_write,
2980 .mmap = raw1394_mmap,
2981 .ioctl = raw1394_ioctl,
2982 #ifdef CONFIG_COMPAT
2983 .compat_ioctl = raw1394_compat_ioctl,
2984 #endif
2985 .poll = raw1394_poll,
2986 .open = raw1394_open,
2987 .release = raw1394_release,
2990 static int __init init_raw1394(void)
2992 int ret = 0;
2994 hpsb_register_highlevel(&raw1394_highlevel);
2996 if (IS_ERR
2997 (device_create(
2998 hpsb_protocol_class, NULL,
2999 MKDEV(IEEE1394_MAJOR, IEEE1394_MINOR_BLOCK_RAW1394 * 16),
3000 RAW1394_DEVICE_NAME))) {
3001 ret = -EFAULT;
3002 goto out_unreg;
3005 cdev_init(&raw1394_cdev, &raw1394_fops);
3006 raw1394_cdev.owner = THIS_MODULE;
3007 kobject_set_name(&raw1394_cdev.kobj, RAW1394_DEVICE_NAME);
3008 ret = cdev_add(&raw1394_cdev, IEEE1394_RAW1394_DEV, 1);
3009 if (ret) {
3010 HPSB_ERR("raw1394 failed to register minor device block");
3011 goto out_dev;
3014 HPSB_INFO("raw1394: /dev/%s device initialized", RAW1394_DEVICE_NAME);
3016 ret = hpsb_register_protocol(&raw1394_driver);
3017 if (ret) {
3018 HPSB_ERR("raw1394: failed to register protocol");
3019 cdev_del(&raw1394_cdev);
3020 goto out_dev;
3023 goto out;
3025 out_dev:
3026 device_destroy(hpsb_protocol_class,
3027 MKDEV(IEEE1394_MAJOR,
3028 IEEE1394_MINOR_BLOCK_RAW1394 * 16));
3029 out_unreg:
3030 hpsb_unregister_highlevel(&raw1394_highlevel);
3031 out:
3032 return ret;
3035 static void __exit cleanup_raw1394(void)
3037 device_destroy(hpsb_protocol_class,
3038 MKDEV(IEEE1394_MAJOR,
3039 IEEE1394_MINOR_BLOCK_RAW1394 * 16));
3040 cdev_del(&raw1394_cdev);
3041 hpsb_unregister_highlevel(&raw1394_highlevel);
3042 hpsb_unregister_protocol(&raw1394_driver);
3045 module_init(init_raw1394);
3046 module_exit(cleanup_raw1394);
3047 MODULE_LICENSE("GPL");