Avoid reading past buffer when calling GETACL
[zen-stable.git] / drivers / net / can / sja1000 / sja1000.c
blob192b0d118df46d4136c5bd5bab872f35d51bcbc7
1 /*
2 * sja1000.c - Philips SJA1000 network device driver
4 * Copyright (c) 2003 Matthias Brukner, Trajet Gmbh, Rebenring 33,
5 * 38106 Braunschweig, GERMANY
7 * Copyright (c) 2002-2007 Volkswagen Group Electronic Research
8 * All rights reserved.
10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted provided that the following conditions
12 * are met:
13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer.
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in the
17 * documentation and/or other materials provided with the distribution.
18 * 3. Neither the name of Volkswagen nor the names of its contributors
19 * may be used to endorse or promote products derived from this software
20 * without specific prior written permission.
22 * Alternatively, provided that this notice is retained in full, this
23 * software may be distributed under the terms of the GNU General
24 * Public License ("GPL") version 2, in which case the provisions of the
25 * GPL apply INSTEAD OF those given above.
27 * The provided data structures and external interfaces from this code
28 * are not restricted to be used by modules with a GPL compatible license.
30 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
31 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
32 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
33 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
34 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
35 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
36 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
37 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
38 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
39 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
40 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH
41 * DAMAGE.
45 #include <linux/module.h>
46 #include <linux/init.h>
47 #include <linux/kernel.h>
48 #include <linux/sched.h>
49 #include <linux/types.h>
50 #include <linux/fcntl.h>
51 #include <linux/interrupt.h>
52 #include <linux/ptrace.h>
53 #include <linux/string.h>
54 #include <linux/errno.h>
55 #include <linux/netdevice.h>
56 #include <linux/if_arp.h>
57 #include <linux/if_ether.h>
58 #include <linux/skbuff.h>
59 #include <linux/delay.h>
61 #include <linux/can/dev.h>
62 #include <linux/can/error.h>
64 #include "sja1000.h"
66 #define DRV_NAME "sja1000"
68 MODULE_AUTHOR("Oliver Hartkopp <oliver.hartkopp@volkswagen.de>");
69 MODULE_LICENSE("Dual BSD/GPL");
70 MODULE_DESCRIPTION(DRV_NAME "CAN netdevice driver");
72 static struct can_bittiming_const sja1000_bittiming_const = {
73 .name = DRV_NAME,
74 .tseg1_min = 1,
75 .tseg1_max = 16,
76 .tseg2_min = 1,
77 .tseg2_max = 8,
78 .sjw_max = 4,
79 .brp_min = 1,
80 .brp_max = 64,
81 .brp_inc = 1,
84 static void sja1000_write_cmdreg(struct sja1000_priv *priv, u8 val)
86 unsigned long flags;
89 * The command register needs some locking and time to settle
90 * the write_reg() operation - especially on SMP systems.
92 spin_lock_irqsave(&priv->cmdreg_lock, flags);
93 priv->write_reg(priv, REG_CMR, val);
94 priv->read_reg(priv, REG_SR);
95 spin_unlock_irqrestore(&priv->cmdreg_lock, flags);
98 static int sja1000_is_absent(struct sja1000_priv *priv)
100 return (priv->read_reg(priv, REG_MOD) == 0xFF);
103 static int sja1000_probe_chip(struct net_device *dev)
105 struct sja1000_priv *priv = netdev_priv(dev);
107 if (priv->reg_base && sja1000_is_absent(priv)) {
108 printk(KERN_INFO "%s: probing @0x%lX failed\n",
109 DRV_NAME, dev->base_addr);
110 return 0;
112 return -1;
115 static void set_reset_mode(struct net_device *dev)
117 struct sja1000_priv *priv = netdev_priv(dev);
118 unsigned char status = priv->read_reg(priv, REG_MOD);
119 int i;
121 /* disable interrupts */
122 priv->write_reg(priv, REG_IER, IRQ_OFF);
124 for (i = 0; i < 100; i++) {
125 /* check reset bit */
126 if (status & MOD_RM) {
127 priv->can.state = CAN_STATE_STOPPED;
128 return;
131 priv->write_reg(priv, REG_MOD, MOD_RM); /* reset chip */
132 udelay(10);
133 status = priv->read_reg(priv, REG_MOD);
136 dev_err(dev->dev.parent, "setting SJA1000 into reset mode failed!\n");
139 static void set_normal_mode(struct net_device *dev)
141 struct sja1000_priv *priv = netdev_priv(dev);
142 unsigned char status = priv->read_reg(priv, REG_MOD);
143 int i;
145 for (i = 0; i < 100; i++) {
146 /* check reset bit */
147 if ((status & MOD_RM) == 0) {
148 priv->can.state = CAN_STATE_ERROR_ACTIVE;
149 /* enable interrupts */
150 if (priv->can.ctrlmode & CAN_CTRLMODE_BERR_REPORTING)
151 priv->write_reg(priv, REG_IER, IRQ_ALL);
152 else
153 priv->write_reg(priv, REG_IER,
154 IRQ_ALL & ~IRQ_BEI);
155 return;
158 /* set chip to normal mode */
159 priv->write_reg(priv, REG_MOD, 0x00);
160 udelay(10);
161 status = priv->read_reg(priv, REG_MOD);
164 dev_err(dev->dev.parent, "setting SJA1000 into normal mode failed!\n");
167 static void sja1000_start(struct net_device *dev)
169 struct sja1000_priv *priv = netdev_priv(dev);
171 /* leave reset mode */
172 if (priv->can.state != CAN_STATE_STOPPED)
173 set_reset_mode(dev);
175 /* Clear error counters and error code capture */
176 priv->write_reg(priv, REG_TXERR, 0x0);
177 priv->write_reg(priv, REG_RXERR, 0x0);
178 priv->read_reg(priv, REG_ECC);
180 /* leave reset mode */
181 set_normal_mode(dev);
184 static int sja1000_set_mode(struct net_device *dev, enum can_mode mode)
186 struct sja1000_priv *priv = netdev_priv(dev);
188 if (!priv->open_time)
189 return -EINVAL;
191 switch (mode) {
192 case CAN_MODE_START:
193 sja1000_start(dev);
194 if (netif_queue_stopped(dev))
195 netif_wake_queue(dev);
196 break;
198 default:
199 return -EOPNOTSUPP;
202 return 0;
205 static int sja1000_set_bittiming(struct net_device *dev)
207 struct sja1000_priv *priv = netdev_priv(dev);
208 struct can_bittiming *bt = &priv->can.bittiming;
209 u8 btr0, btr1;
211 btr0 = ((bt->brp - 1) & 0x3f) | (((bt->sjw - 1) & 0x3) << 6);
212 btr1 = ((bt->prop_seg + bt->phase_seg1 - 1) & 0xf) |
213 (((bt->phase_seg2 - 1) & 0x7) << 4);
214 if (priv->can.ctrlmode & CAN_CTRLMODE_3_SAMPLES)
215 btr1 |= 0x80;
217 dev_info(dev->dev.parent,
218 "setting BTR0=0x%02x BTR1=0x%02x\n", btr0, btr1);
220 priv->write_reg(priv, REG_BTR0, btr0);
221 priv->write_reg(priv, REG_BTR1, btr1);
223 return 0;
226 static int sja1000_get_berr_counter(const struct net_device *dev,
227 struct can_berr_counter *bec)
229 struct sja1000_priv *priv = netdev_priv(dev);
231 bec->txerr = priv->read_reg(priv, REG_TXERR);
232 bec->rxerr = priv->read_reg(priv, REG_RXERR);
234 return 0;
238 * initialize SJA1000 chip:
239 * - reset chip
240 * - set output mode
241 * - set baudrate
242 * - enable interrupts
243 * - start operating mode
245 static void chipset_init(struct net_device *dev)
247 struct sja1000_priv *priv = netdev_priv(dev);
249 /* set clock divider and output control register */
250 priv->write_reg(priv, REG_CDR, priv->cdr | CDR_PELICAN);
252 /* set acceptance filter (accept all) */
253 priv->write_reg(priv, REG_ACCC0, 0x00);
254 priv->write_reg(priv, REG_ACCC1, 0x00);
255 priv->write_reg(priv, REG_ACCC2, 0x00);
256 priv->write_reg(priv, REG_ACCC3, 0x00);
258 priv->write_reg(priv, REG_ACCM0, 0xFF);
259 priv->write_reg(priv, REG_ACCM1, 0xFF);
260 priv->write_reg(priv, REG_ACCM2, 0xFF);
261 priv->write_reg(priv, REG_ACCM3, 0xFF);
263 priv->write_reg(priv, REG_OCR, priv->ocr | OCR_MODE_NORMAL);
267 * transmit a CAN message
268 * message layout in the sk_buff should be like this:
269 * xx xx xx xx ff ll 00 11 22 33 44 55 66 77
270 * [ can-id ] [flags] [len] [can data (up to 8 bytes]
272 static netdev_tx_t sja1000_start_xmit(struct sk_buff *skb,
273 struct net_device *dev)
275 struct sja1000_priv *priv = netdev_priv(dev);
276 struct can_frame *cf = (struct can_frame *)skb->data;
277 uint8_t fi;
278 uint8_t dlc;
279 canid_t id;
280 uint8_t dreg;
281 int i;
283 if (can_dropped_invalid_skb(dev, skb))
284 return NETDEV_TX_OK;
286 netif_stop_queue(dev);
288 fi = dlc = cf->can_dlc;
289 id = cf->can_id;
291 if (id & CAN_RTR_FLAG)
292 fi |= FI_RTR;
294 if (id & CAN_EFF_FLAG) {
295 fi |= FI_FF;
296 dreg = EFF_BUF;
297 priv->write_reg(priv, REG_FI, fi);
298 priv->write_reg(priv, REG_ID1, (id & 0x1fe00000) >> (5 + 16));
299 priv->write_reg(priv, REG_ID2, (id & 0x001fe000) >> (5 + 8));
300 priv->write_reg(priv, REG_ID3, (id & 0x00001fe0) >> 5);
301 priv->write_reg(priv, REG_ID4, (id & 0x0000001f) << 3);
302 } else {
303 dreg = SFF_BUF;
304 priv->write_reg(priv, REG_FI, fi);
305 priv->write_reg(priv, REG_ID1, (id & 0x000007f8) >> 3);
306 priv->write_reg(priv, REG_ID2, (id & 0x00000007) << 5);
309 for (i = 0; i < dlc; i++)
310 priv->write_reg(priv, dreg++, cf->data[i]);
312 can_put_echo_skb(skb, dev, 0);
314 sja1000_write_cmdreg(priv, CMD_TR);
316 return NETDEV_TX_OK;
319 static void sja1000_rx(struct net_device *dev)
321 struct sja1000_priv *priv = netdev_priv(dev);
322 struct net_device_stats *stats = &dev->stats;
323 struct can_frame *cf;
324 struct sk_buff *skb;
325 uint8_t fi;
326 uint8_t dreg;
327 canid_t id;
328 int i;
330 /* create zero'ed CAN frame buffer */
331 skb = alloc_can_skb(dev, &cf);
332 if (skb == NULL)
333 return;
335 fi = priv->read_reg(priv, REG_FI);
337 if (fi & FI_FF) {
338 /* extended frame format (EFF) */
339 dreg = EFF_BUF;
340 id = (priv->read_reg(priv, REG_ID1) << (5 + 16))
341 | (priv->read_reg(priv, REG_ID2) << (5 + 8))
342 | (priv->read_reg(priv, REG_ID3) << 5)
343 | (priv->read_reg(priv, REG_ID4) >> 3);
344 id |= CAN_EFF_FLAG;
345 } else {
346 /* standard frame format (SFF) */
347 dreg = SFF_BUF;
348 id = (priv->read_reg(priv, REG_ID1) << 3)
349 | (priv->read_reg(priv, REG_ID2) >> 5);
352 cf->can_dlc = get_can_dlc(fi & 0x0F);
353 if (fi & FI_RTR) {
354 id |= CAN_RTR_FLAG;
355 } else {
356 for (i = 0; i < cf->can_dlc; i++)
357 cf->data[i] = priv->read_reg(priv, dreg++);
360 cf->can_id = id;
362 /* release receive buffer */
363 sja1000_write_cmdreg(priv, CMD_RRB);
365 netif_rx(skb);
367 stats->rx_packets++;
368 stats->rx_bytes += cf->can_dlc;
371 static int sja1000_err(struct net_device *dev, uint8_t isrc, uint8_t status)
373 struct sja1000_priv *priv = netdev_priv(dev);
374 struct net_device_stats *stats = &dev->stats;
375 struct can_frame *cf;
376 struct sk_buff *skb;
377 enum can_state state = priv->can.state;
378 uint8_t ecc, alc;
380 skb = alloc_can_err_skb(dev, &cf);
381 if (skb == NULL)
382 return -ENOMEM;
384 if (isrc & IRQ_DOI) {
385 /* data overrun interrupt */
386 dev_dbg(dev->dev.parent, "data overrun interrupt\n");
387 cf->can_id |= CAN_ERR_CRTL;
388 cf->data[1] = CAN_ERR_CRTL_RX_OVERFLOW;
389 stats->rx_over_errors++;
390 stats->rx_errors++;
391 sja1000_write_cmdreg(priv, CMD_CDO); /* clear bit */
394 if (isrc & IRQ_EI) {
395 /* error warning interrupt */
396 dev_dbg(dev->dev.parent, "error warning interrupt\n");
398 if (status & SR_BS) {
399 state = CAN_STATE_BUS_OFF;
400 cf->can_id |= CAN_ERR_BUSOFF;
401 can_bus_off(dev);
402 } else if (status & SR_ES) {
403 state = CAN_STATE_ERROR_WARNING;
404 } else
405 state = CAN_STATE_ERROR_ACTIVE;
407 if (isrc & IRQ_BEI) {
408 /* bus error interrupt */
409 priv->can.can_stats.bus_error++;
410 stats->rx_errors++;
412 ecc = priv->read_reg(priv, REG_ECC);
414 cf->can_id |= CAN_ERR_PROT | CAN_ERR_BUSERROR;
416 switch (ecc & ECC_MASK) {
417 case ECC_BIT:
418 cf->data[2] |= CAN_ERR_PROT_BIT;
419 break;
420 case ECC_FORM:
421 cf->data[2] |= CAN_ERR_PROT_FORM;
422 break;
423 case ECC_STUFF:
424 cf->data[2] |= CAN_ERR_PROT_STUFF;
425 break;
426 default:
427 cf->data[2] |= CAN_ERR_PROT_UNSPEC;
428 cf->data[3] = ecc & ECC_SEG;
429 break;
431 /* Error occurred during transmission? */
432 if ((ecc & ECC_DIR) == 0)
433 cf->data[2] |= CAN_ERR_PROT_TX;
435 if (isrc & IRQ_EPI) {
436 /* error passive interrupt */
437 dev_dbg(dev->dev.parent, "error passive interrupt\n");
438 if (status & SR_ES)
439 state = CAN_STATE_ERROR_PASSIVE;
440 else
441 state = CAN_STATE_ERROR_ACTIVE;
443 if (isrc & IRQ_ALI) {
444 /* arbitration lost interrupt */
445 dev_dbg(dev->dev.parent, "arbitration lost interrupt\n");
446 alc = priv->read_reg(priv, REG_ALC);
447 priv->can.can_stats.arbitration_lost++;
448 stats->tx_errors++;
449 cf->can_id |= CAN_ERR_LOSTARB;
450 cf->data[0] = alc & 0x1f;
453 if (state != priv->can.state && (state == CAN_STATE_ERROR_WARNING ||
454 state == CAN_STATE_ERROR_PASSIVE)) {
455 uint8_t rxerr = priv->read_reg(priv, REG_RXERR);
456 uint8_t txerr = priv->read_reg(priv, REG_TXERR);
457 cf->can_id |= CAN_ERR_CRTL;
458 if (state == CAN_STATE_ERROR_WARNING) {
459 priv->can.can_stats.error_warning++;
460 cf->data[1] = (txerr > rxerr) ?
461 CAN_ERR_CRTL_TX_WARNING :
462 CAN_ERR_CRTL_RX_WARNING;
463 } else {
464 priv->can.can_stats.error_passive++;
465 cf->data[1] = (txerr > rxerr) ?
466 CAN_ERR_CRTL_TX_PASSIVE :
467 CAN_ERR_CRTL_RX_PASSIVE;
469 cf->data[6] = txerr;
470 cf->data[7] = rxerr;
473 priv->can.state = state;
475 netif_rx(skb);
477 stats->rx_packets++;
478 stats->rx_bytes += cf->can_dlc;
480 return 0;
483 irqreturn_t sja1000_interrupt(int irq, void *dev_id)
485 struct net_device *dev = (struct net_device *)dev_id;
486 struct sja1000_priv *priv = netdev_priv(dev);
487 struct net_device_stats *stats = &dev->stats;
488 uint8_t isrc, status;
489 int n = 0;
491 /* Shared interrupts and IRQ off? */
492 if (priv->read_reg(priv, REG_IER) == IRQ_OFF)
493 return IRQ_NONE;
495 if (priv->pre_irq)
496 priv->pre_irq(priv);
498 while ((isrc = priv->read_reg(priv, REG_IR)) && (n < SJA1000_MAX_IRQ)) {
499 n++;
500 status = priv->read_reg(priv, REG_SR);
501 /* check for absent controller due to hw unplug */
502 if (status == 0xFF && sja1000_is_absent(priv))
503 return IRQ_NONE;
505 if (isrc & IRQ_WUI)
506 dev_warn(dev->dev.parent, "wakeup interrupt\n");
508 if (isrc & IRQ_TI) {
509 /* transmission complete interrupt */
510 stats->tx_bytes += priv->read_reg(priv, REG_FI) & 0xf;
511 stats->tx_packets++;
512 can_get_echo_skb(dev, 0);
513 netif_wake_queue(dev);
515 if (isrc & IRQ_RI) {
516 /* receive interrupt */
517 while (status & SR_RBS) {
518 sja1000_rx(dev);
519 status = priv->read_reg(priv, REG_SR);
520 /* check for absent controller */
521 if (status == 0xFF && sja1000_is_absent(priv))
522 return IRQ_NONE;
525 if (isrc & (IRQ_DOI | IRQ_EI | IRQ_BEI | IRQ_EPI | IRQ_ALI)) {
526 /* error interrupt */
527 if (sja1000_err(dev, isrc, status))
528 break;
532 if (priv->post_irq)
533 priv->post_irq(priv);
535 if (n >= SJA1000_MAX_IRQ)
536 dev_dbg(dev->dev.parent, "%d messages handled in ISR", n);
538 return (n) ? IRQ_HANDLED : IRQ_NONE;
540 EXPORT_SYMBOL_GPL(sja1000_interrupt);
542 static int sja1000_open(struct net_device *dev)
544 struct sja1000_priv *priv = netdev_priv(dev);
545 int err;
547 /* set chip into reset mode */
548 set_reset_mode(dev);
550 /* common open */
551 err = open_candev(dev);
552 if (err)
553 return err;
555 /* register interrupt handler, if not done by the device driver */
556 if (!(priv->flags & SJA1000_CUSTOM_IRQ_HANDLER)) {
557 err = request_irq(dev->irq, sja1000_interrupt, priv->irq_flags,
558 dev->name, (void *)dev);
559 if (err) {
560 close_candev(dev);
561 return -EAGAIN;
565 /* init and start chi */
566 sja1000_start(dev);
567 priv->open_time = jiffies;
569 netif_start_queue(dev);
571 return 0;
574 static int sja1000_close(struct net_device *dev)
576 struct sja1000_priv *priv = netdev_priv(dev);
578 netif_stop_queue(dev);
579 set_reset_mode(dev);
581 if (!(priv->flags & SJA1000_CUSTOM_IRQ_HANDLER))
582 free_irq(dev->irq, (void *)dev);
584 close_candev(dev);
586 priv->open_time = 0;
588 return 0;
591 struct net_device *alloc_sja1000dev(int sizeof_priv)
593 struct net_device *dev;
594 struct sja1000_priv *priv;
596 dev = alloc_candev(sizeof(struct sja1000_priv) + sizeof_priv,
597 SJA1000_ECHO_SKB_MAX);
598 if (!dev)
599 return NULL;
601 priv = netdev_priv(dev);
603 priv->dev = dev;
604 priv->can.bittiming_const = &sja1000_bittiming_const;
605 priv->can.do_set_bittiming = sja1000_set_bittiming;
606 priv->can.do_set_mode = sja1000_set_mode;
607 priv->can.do_get_berr_counter = sja1000_get_berr_counter;
608 priv->can.ctrlmode_supported = CAN_CTRLMODE_3_SAMPLES |
609 CAN_CTRLMODE_BERR_REPORTING;
611 spin_lock_init(&priv->cmdreg_lock);
613 if (sizeof_priv)
614 priv->priv = (void *)priv + sizeof(struct sja1000_priv);
616 return dev;
618 EXPORT_SYMBOL_GPL(alloc_sja1000dev);
620 void free_sja1000dev(struct net_device *dev)
622 free_candev(dev);
624 EXPORT_SYMBOL_GPL(free_sja1000dev);
626 static const struct net_device_ops sja1000_netdev_ops = {
627 .ndo_open = sja1000_open,
628 .ndo_stop = sja1000_close,
629 .ndo_start_xmit = sja1000_start_xmit,
632 int register_sja1000dev(struct net_device *dev)
634 if (!sja1000_probe_chip(dev))
635 return -ENODEV;
637 dev->flags |= IFF_ECHO; /* we support local echo */
638 dev->netdev_ops = &sja1000_netdev_ops;
640 set_reset_mode(dev);
641 chipset_init(dev);
643 return register_candev(dev);
645 EXPORT_SYMBOL_GPL(register_sja1000dev);
647 void unregister_sja1000dev(struct net_device *dev)
649 set_reset_mode(dev);
650 unregister_candev(dev);
652 EXPORT_SYMBOL_GPL(unregister_sja1000dev);
654 static __init int sja1000_init(void)
656 printk(KERN_INFO "%s CAN netdevice driver\n", DRV_NAME);
658 return 0;
661 module_init(sja1000_init);
663 static __exit void sja1000_exit(void)
665 printk(KERN_INFO "%s: driver removed\n", DRV_NAME);
668 module_exit(sja1000_exit);