1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33#include <linux/miscdevice.h>
34#include <linux/smp_lock.h>
35#include <linux/compat.h>
36#include <linux/slab.h>
37
38#include <asm/uaccess.h>
39
40#include "core.h"
41
42#define SG_TABLESIZE 30
43
44static long i2o_cfg_ioctl(struct file *, unsigned int, unsigned long);
45
46static spinlock_t i2o_config_lock;
47
48#define MODINC(x,y) ((x) = ((x) + 1) % (y))
49
50struct sg_simple_element {
51 u32 flag_count;
52 u32 addr_bus;
53};
54
55struct i2o_cfg_info {
56 struct file *fp;
57 struct fasync_struct *fasync;
58 struct i2o_evt_info event_q[I2O_EVT_Q_LEN];
59 u16 q_in;
60 u16 q_out;
61 u16 q_len;
62 u16 q_lost;
63 ulong q_id;
64 struct i2o_cfg_info *next;
65};
66static struct i2o_cfg_info *open_files = NULL;
67static ulong i2o_cfg_info_id = 0;
68
69static int i2o_cfg_getiops(unsigned long arg)
70{
71 struct i2o_controller *c;
72 u8 __user *user_iop_table = (void __user *)arg;
73 u8 tmp[MAX_I2O_CONTROLLERS];
74 int ret = 0;
75
76 memset(tmp, 0, MAX_I2O_CONTROLLERS);
77
78 list_for_each_entry(c, &i2o_controllers, list)
79 tmp[c->unit] = 1;
80
81 if (copy_to_user(user_iop_table, tmp, MAX_I2O_CONTROLLERS))
82 ret = -EFAULT;
83
84 return ret;
85};
86
87static int i2o_cfg_gethrt(unsigned long arg)
88{
89 struct i2o_controller *c;
90 struct i2o_cmd_hrtlct __user *cmd = (struct i2o_cmd_hrtlct __user *)arg;
91 struct i2o_cmd_hrtlct kcmd;
92 i2o_hrt *hrt;
93 int len;
94 u32 reslen;
95 int ret = 0;
96
97 if (copy_from_user(&kcmd, cmd, sizeof(struct i2o_cmd_hrtlct)))
98 return -EFAULT;
99
100 if (get_user(reslen, kcmd.reslen) < 0)
101 return -EFAULT;
102
103 if (kcmd.resbuf == NULL)
104 return -EFAULT;
105
106 c = i2o_find_iop(kcmd.iop);
107 if (!c)
108 return -ENXIO;
109
110 hrt = (i2o_hrt *) c->hrt.virt;
111
112 len = 8 + ((hrt->entry_len * hrt->num_entries) << 2);
113
114
115 put_user(len, kcmd.reslen);
116 if (len > reslen)
117 ret = -ENOBUFS;
118 if (copy_to_user(kcmd.resbuf, (void *)hrt, len))
119 ret = -EFAULT;
120
121 return ret;
122};
123
124static int i2o_cfg_getlct(unsigned long arg)
125{
126 struct i2o_controller *c;
127 struct i2o_cmd_hrtlct __user *cmd = (struct i2o_cmd_hrtlct __user *)arg;
128 struct i2o_cmd_hrtlct kcmd;
129 i2o_lct *lct;
130 int len;
131 int ret = 0;
132 u32 reslen;
133
134 if (copy_from_user(&kcmd, cmd, sizeof(struct i2o_cmd_hrtlct)))
135 return -EFAULT;
136
137 if (get_user(reslen, kcmd.reslen) < 0)
138 return -EFAULT;
139
140 if (kcmd.resbuf == NULL)
141 return -EFAULT;
142
143 c = i2o_find_iop(kcmd.iop);
144 if (!c)
145 return -ENXIO;
146
147 lct = (i2o_lct *) c->lct;
148
149 len = (unsigned int)lct->table_size << 2;
150 put_user(len, kcmd.reslen);
151 if (len > reslen)
152 ret = -ENOBUFS;
153 else if (copy_to_user(kcmd.resbuf, lct, len))
154 ret = -EFAULT;
155
156 return ret;
157};
158
159static int i2o_cfg_parms(unsigned long arg, unsigned int type)
160{
161 int ret = 0;
162 struct i2o_controller *c;
163 struct i2o_device *dev;
164 struct i2o_cmd_psetget __user *cmd =
165 (struct i2o_cmd_psetget __user *)arg;
166 struct i2o_cmd_psetget kcmd;
167 u32 reslen;
168 u8 *ops;
169 u8 *res;
170 int len = 0;
171
172 u32 i2o_cmd = (type == I2OPARMGET ?
173 I2O_CMD_UTIL_PARAMS_GET : I2O_CMD_UTIL_PARAMS_SET);
174
175 if (copy_from_user(&kcmd, cmd, sizeof(struct i2o_cmd_psetget)))
176 return -EFAULT;
177
178 if (get_user(reslen, kcmd.reslen))
179 return -EFAULT;
180
181 c = i2o_find_iop(kcmd.iop);
182 if (!c)
183 return -ENXIO;
184
185 dev = i2o_iop_find_device(c, kcmd.tid);
186 if (!dev)
187 return -ENXIO;
188
189 ops = memdup_user(kcmd.opbuf, kcmd.oplen);
190 if (IS_ERR(ops))
191 return PTR_ERR(ops);
192
193
194
195
196
197 res = kmalloc(65536, GFP_KERNEL);
198 if (!res) {
199 kfree(ops);
200 return -ENOMEM;
201 }
202
203 len = i2o_parm_issue(dev, i2o_cmd, ops, kcmd.oplen, res, 65536);
204 kfree(ops);
205
206 if (len < 0) {
207 kfree(res);
208 return -EAGAIN;
209 }
210
211 put_user(len, kcmd.reslen);
212 if (len > reslen)
213 ret = -ENOBUFS;
214 else if (copy_to_user(kcmd.resbuf, res, len))
215 ret = -EFAULT;
216
217 kfree(res);
218
219 return ret;
220};
221
222static int i2o_cfg_swdl(unsigned long arg)
223{
224 struct i2o_sw_xfer kxfer;
225 struct i2o_sw_xfer __user *pxfer = (struct i2o_sw_xfer __user *)arg;
226 unsigned char maxfrag = 0, curfrag = 1;
227 struct i2o_dma buffer;
228 struct i2o_message *msg;
229 unsigned int status = 0, swlen = 0, fragsize = 8192;
230 struct i2o_controller *c;
231
232 if (copy_from_user(&kxfer, pxfer, sizeof(struct i2o_sw_xfer)))
233 return -EFAULT;
234
235 if (get_user(swlen, kxfer.swlen) < 0)
236 return -EFAULT;
237
238 if (get_user(maxfrag, kxfer.maxfrag) < 0)
239 return -EFAULT;
240
241 if (get_user(curfrag, kxfer.curfrag) < 0)
242 return -EFAULT;
243
244 if (curfrag == maxfrag)
245 fragsize = swlen - (maxfrag - 1) * 8192;
246
247 if (!kxfer.buf || !access_ok(VERIFY_READ, kxfer.buf, fragsize))
248 return -EFAULT;
249
250 c = i2o_find_iop(kxfer.iop);
251 if (!c)
252 return -ENXIO;
253
254 msg = i2o_msg_get_wait(c, I2O_TIMEOUT_MESSAGE_GET);
255 if (IS_ERR(msg))
256 return PTR_ERR(msg);
257
258 if (i2o_dma_alloc(&c->pdev->dev, &buffer, fragsize)) {
259 i2o_msg_nop(c, msg);
260 return -ENOMEM;
261 }
262
263 if (__copy_from_user(buffer.virt, kxfer.buf, fragsize)) {
264 i2o_msg_nop(c, msg);
265 i2o_dma_free(&c->pdev->dev, &buffer);
266 return -EFAULT;
267 }
268
269 msg->u.head[0] = cpu_to_le32(NINE_WORD_MSG_SIZE | SGL_OFFSET_7);
270 msg->u.head[1] =
271 cpu_to_le32(I2O_CMD_SW_DOWNLOAD << 24 | HOST_TID << 12 |
272 ADAPTER_TID);
273 msg->u.head[2] = cpu_to_le32(i2o_config_driver.context);
274 msg->u.head[3] = cpu_to_le32(0);
275 msg->body[0] =
276 cpu_to_le32((((u32) kxfer.flags) << 24) | (((u32) kxfer.
277 sw_type) << 16) |
278 (((u32) maxfrag) << 8) | (((u32) curfrag)));
279 msg->body[1] = cpu_to_le32(swlen);
280 msg->body[2] = cpu_to_le32(kxfer.sw_id);
281 msg->body[3] = cpu_to_le32(0xD0000000 | fragsize);
282 msg->body[4] = cpu_to_le32(buffer.phys);
283
284 osm_debug("swdl frag %d/%d (size %d)\n", curfrag, maxfrag, fragsize);
285 status = i2o_msg_post_wait_mem(c, msg, 60, &buffer);
286
287 if (status != -ETIMEDOUT)
288 i2o_dma_free(&c->pdev->dev, &buffer);
289
290 if (status != I2O_POST_WAIT_OK) {
291
292
293 osm_info("swdl failed, DetailedStatus = %d\n", status);
294 return status;
295 }
296
297 return 0;
298};
299
300static int i2o_cfg_swul(unsigned long arg)
301{
302 struct i2o_sw_xfer kxfer;
303 struct i2o_sw_xfer __user *pxfer = (struct i2o_sw_xfer __user *)arg;
304 unsigned char maxfrag = 0, curfrag = 1;
305 struct i2o_dma buffer;
306 struct i2o_message *msg;
307 unsigned int status = 0, swlen = 0, fragsize = 8192;
308 struct i2o_controller *c;
309 int ret = 0;
310
311 if (copy_from_user(&kxfer, pxfer, sizeof(struct i2o_sw_xfer)))
312 return -EFAULT;
313
314 if (get_user(swlen, kxfer.swlen) < 0)
315 return -EFAULT;
316
317 if (get_user(maxfrag, kxfer.maxfrag) < 0)
318 return -EFAULT;
319
320 if (get_user(curfrag, kxfer.curfrag) < 0)
321 return -EFAULT;
322
323 if (curfrag == maxfrag)
324 fragsize = swlen - (maxfrag - 1) * 8192;
325
326 if (!kxfer.buf)
327 return -EFAULT;
328
329 c = i2o_find_iop(kxfer.iop);
330 if (!c)
331 return -ENXIO;
332
333 msg = i2o_msg_get_wait(c, I2O_TIMEOUT_MESSAGE_GET);
334 if (IS_ERR(msg))
335 return PTR_ERR(msg);
336
337 if (i2o_dma_alloc(&c->pdev->dev, &buffer, fragsize)) {
338 i2o_msg_nop(c, msg);
339 return -ENOMEM;
340 }
341
342 msg->u.head[0] = cpu_to_le32(NINE_WORD_MSG_SIZE | SGL_OFFSET_7);
343 msg->u.head[1] =
344 cpu_to_le32(I2O_CMD_SW_UPLOAD << 24 | HOST_TID << 12 | ADAPTER_TID);
345 msg->u.head[2] = cpu_to_le32(i2o_config_driver.context);
346 msg->u.head[3] = cpu_to_le32(0);
347 msg->body[0] =
348 cpu_to_le32((u32) kxfer.flags << 24 | (u32) kxfer.
349 sw_type << 16 | (u32) maxfrag << 8 | (u32) curfrag);
350 msg->body[1] = cpu_to_le32(swlen);
351 msg->body[2] = cpu_to_le32(kxfer.sw_id);
352 msg->body[3] = cpu_to_le32(0xD0000000 | fragsize);
353 msg->body[4] = cpu_to_le32(buffer.phys);
354
355 osm_debug("swul frag %d/%d (size %d)\n", curfrag, maxfrag, fragsize);
356 status = i2o_msg_post_wait_mem(c, msg, 60, &buffer);
357
358 if (status != I2O_POST_WAIT_OK) {
359 if (status != -ETIMEDOUT)
360 i2o_dma_free(&c->pdev->dev, &buffer);
361
362 osm_info("swul failed, DetailedStatus = %d\n", status);
363 return status;
364 }
365
366 if (copy_to_user(kxfer.buf, buffer.virt, fragsize))
367 ret = -EFAULT;
368
369 i2o_dma_free(&c->pdev->dev, &buffer);
370
371 return ret;
372}
373
374static int i2o_cfg_swdel(unsigned long arg)
375{
376 struct i2o_controller *c;
377 struct i2o_sw_xfer kxfer;
378 struct i2o_sw_xfer __user *pxfer = (struct i2o_sw_xfer __user *)arg;
379 struct i2o_message *msg;
380 unsigned int swlen;
381 int token;
382
383 if (copy_from_user(&kxfer, pxfer, sizeof(struct i2o_sw_xfer)))
384 return -EFAULT;
385
386 if (get_user(swlen, kxfer.swlen) < 0)
387 return -EFAULT;
388
389 c = i2o_find_iop(kxfer.iop);
390 if (!c)
391 return -ENXIO;
392
393 msg = i2o_msg_get_wait(c, I2O_TIMEOUT_MESSAGE_GET);
394 if (IS_ERR(msg))
395 return PTR_ERR(msg);
396
397 msg->u.head[0] = cpu_to_le32(SEVEN_WORD_MSG_SIZE | SGL_OFFSET_0);
398 msg->u.head[1] =
399 cpu_to_le32(I2O_CMD_SW_REMOVE << 24 | HOST_TID << 12 | ADAPTER_TID);
400 msg->u.head[2] = cpu_to_le32(i2o_config_driver.context);
401 msg->u.head[3] = cpu_to_le32(0);
402 msg->body[0] =
403 cpu_to_le32((u32) kxfer.flags << 24 | (u32) kxfer.sw_type << 16);
404 msg->body[1] = cpu_to_le32(swlen);
405 msg->body[2] = cpu_to_le32(kxfer.sw_id);
406
407 token = i2o_msg_post_wait(c, msg, 10);
408
409 if (token != I2O_POST_WAIT_OK) {
410 osm_info("swdel failed, DetailedStatus = %d\n", token);
411 return -ETIMEDOUT;
412 }
413
414 return 0;
415};
416
417static int i2o_cfg_validate(unsigned long arg)
418{
419 int token;
420 int iop = (int)arg;
421 struct i2o_message *msg;
422 struct i2o_controller *c;
423
424 c = i2o_find_iop(iop);
425 if (!c)
426 return -ENXIO;
427
428 msg = i2o_msg_get_wait(c, I2O_TIMEOUT_MESSAGE_GET);
429 if (IS_ERR(msg))
430 return PTR_ERR(msg);
431
432 msg->u.head[0] = cpu_to_le32(FOUR_WORD_MSG_SIZE | SGL_OFFSET_0);
433 msg->u.head[1] =
434 cpu_to_le32(I2O_CMD_CONFIG_VALIDATE << 24 | HOST_TID << 12 | iop);
435 msg->u.head[2] = cpu_to_le32(i2o_config_driver.context);
436 msg->u.head[3] = cpu_to_le32(0);
437
438 token = i2o_msg_post_wait(c, msg, 10);
439
440 if (token != I2O_POST_WAIT_OK) {
441 osm_info("Can't validate configuration, ErrorStatus = %d\n",
442 token);
443 return -ETIMEDOUT;
444 }
445
446 return 0;
447};
448
449static int i2o_cfg_evt_reg(unsigned long arg, struct file *fp)
450{
451 struct i2o_message *msg;
452 struct i2o_evt_id __user *pdesc = (struct i2o_evt_id __user *)arg;
453 struct i2o_evt_id kdesc;
454 struct i2o_controller *c;
455 struct i2o_device *d;
456
457 if (copy_from_user(&kdesc, pdesc, sizeof(struct i2o_evt_id)))
458 return -EFAULT;
459
460
461 c = i2o_find_iop(kdesc.iop);
462 if (!c)
463 return -ENXIO;
464
465
466 d = i2o_iop_find_device(c, kdesc.tid);
467 if (!d)
468 return -ENODEV;
469
470 msg = i2o_msg_get_wait(c, I2O_TIMEOUT_MESSAGE_GET);
471 if (IS_ERR(msg))
472 return PTR_ERR(msg);
473
474 msg->u.head[0] = cpu_to_le32(FOUR_WORD_MSG_SIZE | SGL_OFFSET_0);
475 msg->u.head[1] =
476 cpu_to_le32(I2O_CMD_UTIL_EVT_REGISTER << 24 | HOST_TID << 12 |
477 kdesc.tid);
478 msg->u.head[2] = cpu_to_le32(i2o_config_driver.context);
479 msg->u.head[3] = cpu_to_le32(i2o_cntxt_list_add(c, fp->private_data));
480 msg->body[0] = cpu_to_le32(kdesc.evt_mask);
481
482 i2o_msg_post(c, msg);
483
484 return 0;
485}
486
487static int i2o_cfg_evt_get(unsigned long arg, struct file *fp)
488{
489 struct i2o_cfg_info *p = NULL;
490 struct i2o_evt_get __user *uget = (struct i2o_evt_get __user *)arg;
491 struct i2o_evt_get kget;
492 unsigned long flags;
493
494 for (p = open_files; p; p = p->next)
495 if (p->q_id == (ulong) fp->private_data)
496 break;
497
498 if (!p->q_len)
499 return -ENOENT;
500
501 memcpy(&kget.info, &p->event_q[p->q_out], sizeof(struct i2o_evt_info));
502 MODINC(p->q_out, I2O_EVT_Q_LEN);
503 spin_lock_irqsave(&i2o_config_lock, flags);
504 p->q_len--;
505 kget.pending = p->q_len;
506 kget.lost = p->q_lost;
507 spin_unlock_irqrestore(&i2o_config_lock, flags);
508
509 if (copy_to_user(uget, &kget, sizeof(struct i2o_evt_get)))
510 return -EFAULT;
511 return 0;
512}
513
514#ifdef CONFIG_COMPAT
515static int i2o_cfg_passthru32(struct file *file, unsigned cmnd,
516 unsigned long arg)
517{
518 struct i2o_cmd_passthru32 __user *cmd;
519 struct i2o_controller *c;
520 u32 __user *user_msg;
521 u32 *reply = NULL;
522 u32 __user *user_reply = NULL;
523 u32 size = 0;
524 u32 reply_size = 0;
525 u32 rcode = 0;
526 struct i2o_dma sg_list[SG_TABLESIZE];
527 u32 sg_offset = 0;
528 u32 sg_count = 0;
529 u32 i = 0;
530 u32 sg_index = 0;
531 i2o_status_block *sb;
532 struct i2o_message *msg;
533 unsigned int iop;
534
535 cmd = (struct i2o_cmd_passthru32 __user *)arg;
536
537 if (get_user(iop, &cmd->iop) || get_user(i, &cmd->msg))
538 return -EFAULT;
539
540 user_msg = compat_ptr(i);
541
542 c = i2o_find_iop(iop);
543 if (!c) {
544 osm_debug("controller %d not found\n", iop);
545 return -ENXIO;
546 }
547
548 sb = c->status_block.virt;
549
550 if (get_user(size, &user_msg[0])) {
551 osm_warn("unable to get size!\n");
552 return -EFAULT;
553 }
554 size = size >> 16;
555
556 if (size > sb->inbound_frame_size) {
557 osm_warn("size of message > inbound_frame_size");
558 return -EFAULT;
559 }
560
561 user_reply = &user_msg[size];
562
563 size <<= 2;
564
565 msg = i2o_msg_get_wait(c, I2O_TIMEOUT_MESSAGE_GET);
566 if (IS_ERR(msg))
567 return PTR_ERR(msg);
568
569 rcode = -EFAULT;
570
571 if (copy_from_user(msg, user_msg, size)) {
572 osm_warn("unable to copy user message\n");
573 goto out;
574 }
575 i2o_dump_message(msg);
576
577 if (get_user(reply_size, &user_reply[0]) < 0)
578 goto out;
579
580 reply_size >>= 16;
581 reply_size <<= 2;
582
583 rcode = -ENOMEM;
584 reply = kzalloc(reply_size, GFP_KERNEL);
585 if (!reply) {
586 printk(KERN_WARNING "%s: Could not allocate reply buffer\n",
587 c->name);
588 goto out;
589 }
590
591 sg_offset = (msg->u.head[0] >> 4) & 0x0f;
592
593 memset(sg_list, 0, sizeof(sg_list[0]) * SG_TABLESIZE);
594 if (sg_offset) {
595 struct sg_simple_element *sg;
596
597 if (sg_offset * 4 >= size) {
598 rcode = -EFAULT;
599 goto cleanup;
600 }
601
602 sg = (struct sg_simple_element *)((&msg->u.head[0]) +
603 sg_offset);
604 sg_count =
605 (size - sg_offset * 4) / sizeof(struct sg_simple_element);
606 if (sg_count > SG_TABLESIZE) {
607 printk(KERN_DEBUG "%s:IOCTL SG List too large (%u)\n",
608 c->name, sg_count);
609 rcode = -EINVAL;
610 goto cleanup;
611 }
612
613 for (i = 0; i < sg_count; i++) {
614 int sg_size;
615 struct i2o_dma *p;
616
617 if (!(sg[i].flag_count & 0x10000000
618 )) {
619 printk(KERN_DEBUG
620 "%s:Bad SG element %d - not simple (%x)\n",
621 c->name, i, sg[i].flag_count);
622 rcode = -EINVAL;
623 goto cleanup;
624 }
625 sg_size = sg[i].flag_count & 0xffffff;
626 p = &(sg_list[sg_index]);
627
628 if (i2o_dma_alloc(&c->pdev->dev, p, sg_size)) {
629 printk(KERN_DEBUG
630 "%s: Could not allocate SG buffer - size = %d buffer number %d of %d\n",
631 c->name, sg_size, i, sg_count);
632 rcode = -ENOMEM;
633 goto sg_list_cleanup;
634 }
635 sg_index++;
636
637 if (sg[i].
638 flag_count & 0x04000000 ) {
639
640 if (copy_from_user
641 (p->virt,
642 (void __user *)(unsigned long)sg[i].
643 addr_bus, sg_size)) {
644 printk(KERN_DEBUG
645 "%s: Could not copy SG buf %d FROM user\n",
646 c->name, i);
647 rcode = -EFAULT;
648 goto sg_list_cleanup;
649 }
650 }
651
652 sg[i].addr_bus = (u32) p->phys;
653 }
654 }
655
656 rcode = i2o_msg_post_wait(c, msg, 60);
657 msg = NULL;
658 if (rcode) {
659 reply[4] = ((u32) rcode) << 24;
660 goto sg_list_cleanup;
661 }
662
663 if (sg_offset) {
664 u32 rmsg[I2O_OUTBOUND_MSG_FRAME_SIZE];
665
666 u32 j;
667
668 struct sg_simple_element *sg;
669 int sg_size;
670
671
672 memset(&rmsg, 0, I2O_OUTBOUND_MSG_FRAME_SIZE * 4);
673
674 if (get_user(size, &user_msg[0])) {
675 rcode = -EFAULT;
676 goto sg_list_cleanup;
677 }
678 size = size >> 16;
679 size *= 4;
680
681 if (copy_from_user(rmsg, user_msg, size)) {
682 rcode = -EFAULT;
683 goto sg_list_cleanup;
684 }
685 sg_count =
686 (size - sg_offset * 4) / sizeof(struct sg_simple_element);
687
688
689 sg = (struct sg_simple_element *)(rmsg + sg_offset);
690 for (j = 0; j < sg_count; j++) {
691
692 if (!
693 (sg[j].
694 flag_count & 0x4000000 )) {
695 sg_size = sg[j].flag_count & 0xffffff;
696
697 if (copy_to_user
698 ((void __user *)(u64) sg[j].addr_bus,
699 sg_list[j].virt, sg_size)) {
700 printk(KERN_WARNING
701 "%s: Could not copy %p TO user %x\n",
702 c->name, sg_list[j].virt,
703 sg[j].addr_bus);
704 rcode = -EFAULT;
705 goto sg_list_cleanup;
706 }
707 }
708 }
709 }
710
711sg_list_cleanup:
712
713 if (reply_size) {
714
715 if (copy_from_user(reply + 2, user_msg + 2, sizeof(u32) * 2)) {
716 printk(KERN_WARNING
717 "%s: Could not copy message context FROM user\n",
718 c->name);
719 rcode = -EFAULT;
720 }
721 if (copy_to_user(user_reply, reply, reply_size)) {
722 printk(KERN_WARNING
723 "%s: Could not copy reply TO user\n", c->name);
724 rcode = -EFAULT;
725 }
726 }
727 for (i = 0; i < sg_index; i++)
728 i2o_dma_free(&c->pdev->dev, &sg_list[i]);
729
730cleanup:
731 kfree(reply);
732out:
733 if (msg)
734 i2o_msg_nop(c, msg);
735 return rcode;
736}
737
738static long i2o_cfg_compat_ioctl(struct file *file, unsigned cmd,
739 unsigned long arg)
740{
741 int ret;
742 lock_kernel();
743 switch (cmd) {
744 case I2OGETIOPS:
745 ret = i2o_cfg_ioctl(file, cmd, arg);
746 break;
747 case I2OPASSTHRU32:
748 ret = i2o_cfg_passthru32(file, cmd, arg);
749 break;
750 default:
751 ret = -ENOIOCTLCMD;
752 break;
753 }
754 unlock_kernel();
755 return ret;
756}
757
758#endif
759
760#ifdef CONFIG_I2O_EXT_ADAPTEC
761static int i2o_cfg_passthru(unsigned long arg)
762{
763 struct i2o_cmd_passthru __user *cmd =
764 (struct i2o_cmd_passthru __user *)arg;
765 struct i2o_controller *c;
766 u32 __user *user_msg;
767 u32 *reply = NULL;
768 u32 __user *user_reply = NULL;
769 u32 size = 0;
770 u32 reply_size = 0;
771 u32 rcode = 0;
772 struct i2o_dma sg_list[SG_TABLESIZE];
773 u32 sg_offset = 0;
774 u32 sg_count = 0;
775 int sg_index = 0;
776 u32 i = 0;
777 i2o_status_block *sb;
778 struct i2o_message *msg;
779 unsigned int iop;
780
781 if (get_user(iop, &cmd->iop) || get_user(user_msg, &cmd->msg))
782 return -EFAULT;
783
784 c = i2o_find_iop(iop);
785 if (!c) {
786 osm_warn("controller %d not found\n", iop);
787 return -ENXIO;
788 }
789
790 sb = c->status_block.virt;
791
792 if (get_user(size, &user_msg[0]))
793 return -EFAULT;
794 size = size >> 16;
795
796 if (size > sb->inbound_frame_size) {
797 osm_warn("size of message > inbound_frame_size");
798 return -EFAULT;
799 }
800
801 user_reply = &user_msg[size];
802
803 size <<= 2;
804
805 msg = i2o_msg_get_wait(c, I2O_TIMEOUT_MESSAGE_GET);
806 if (IS_ERR(msg))
807 return PTR_ERR(msg);
808
809 rcode = -EFAULT;
810
811 if (copy_from_user(msg, user_msg, size))
812 goto out;
813
814 if (get_user(reply_size, &user_reply[0]) < 0)
815 goto out;
816
817 reply_size >>= 16;
818 reply_size <<= 2;
819
820 reply = kzalloc(reply_size, GFP_KERNEL);
821 if (!reply) {
822 printk(KERN_WARNING "%s: Could not allocate reply buffer\n",
823 c->name);
824 rcode = -ENOMEM;
825 goto out;
826 }
827
828 sg_offset = (msg->u.head[0] >> 4) & 0x0f;
829
830 memset(sg_list, 0, sizeof(sg_list[0]) * SG_TABLESIZE);
831 if (sg_offset) {
832 struct sg_simple_element *sg;
833 struct i2o_dma *p;
834
835 if (sg_offset * 4 >= size) {
836 rcode = -EFAULT;
837 goto cleanup;
838 }
839
840 sg = (struct sg_simple_element *)((&msg->u.head[0]) +
841 sg_offset);
842 sg_count =
843 (size - sg_offset * 4) / sizeof(struct sg_simple_element);
844 if (sg_count > SG_TABLESIZE) {
845 printk(KERN_DEBUG "%s:IOCTL SG List too large (%u)\n",
846 c->name, sg_count);
847 rcode = -EINVAL;
848 goto cleanup;
849 }
850
851 for (i = 0; i < sg_count; i++) {
852 int sg_size;
853
854 if (!(sg[i].flag_count & 0x10000000
855 )) {
856 printk(KERN_DEBUG
857 "%s:Bad SG element %d - not simple (%x)\n",
858 c->name, i, sg[i].flag_count);
859 rcode = -EINVAL;
860 goto sg_list_cleanup;
861 }
862 sg_size = sg[i].flag_count & 0xffffff;
863 p = &(sg_list[sg_index]);
864 if (i2o_dma_alloc(&c->pdev->dev, p, sg_size)) {
865
866 printk(KERN_DEBUG
867 "%s: Could not allocate SG buffer - size = %d buffer number %d of %d\n",
868 c->name, sg_size, i, sg_count);
869 rcode = -ENOMEM;
870 goto sg_list_cleanup;
871 }
872 sg_index++;
873
874 if (sg[i].
875 flag_count & 0x04000000 ) {
876
877 if (copy_from_user
878 (p->virt, (void __user *)sg[i].addr_bus,
879 sg_size)) {
880 printk(KERN_DEBUG
881 "%s: Could not copy SG buf %d FROM user\n",
882 c->name, i);
883 rcode = -EFAULT;
884 goto sg_list_cleanup;
885 }
886 }
887 sg[i].addr_bus = p->phys;
888 }
889 }
890
891 rcode = i2o_msg_post_wait(c, msg, 60);
892 msg = NULL;
893 if (rcode) {
894 reply[4] = ((u32) rcode) << 24;
895 goto sg_list_cleanup;
896 }
897
898 if (sg_offset) {
899 u32 rmsg[I2O_OUTBOUND_MSG_FRAME_SIZE];
900
901 u32 j;
902
903 struct sg_simple_element *sg;
904 int sg_size;
905
906
907 memset(&rmsg, 0, I2O_OUTBOUND_MSG_FRAME_SIZE * 4);
908
909 if (get_user(size, &user_msg[0])) {
910 rcode = -EFAULT;
911 goto sg_list_cleanup;
912 }
913 size = size >> 16;
914 size *= 4;
915
916 if (copy_from_user(rmsg, user_msg, size)) {
917 rcode = -EFAULT;
918 goto sg_list_cleanup;
919 }
920 sg_count =
921 (size - sg_offset * 4) / sizeof(struct sg_simple_element);
922
923
924 sg = (struct sg_simple_element *)(rmsg + sg_offset);
925 for (j = 0; j < sg_count; j++) {
926
927 if (!
928 (sg[j].
929 flag_count & 0x4000000 )) {
930 sg_size = sg[j].flag_count & 0xffffff;
931
932 if (copy_to_user
933 ((void __user *)sg[j].addr_bus, sg_list[j].virt,
934 sg_size)) {
935 printk(KERN_WARNING
936 "%s: Could not copy %p TO user %x\n",
937 c->name, sg_list[j].virt,
938 sg[j].addr_bus);
939 rcode = -EFAULT;
940 goto sg_list_cleanup;
941 }
942 }
943 }
944 }
945
946sg_list_cleanup:
947
948 if (reply_size) {
949
950 if (copy_from_user(reply + 2, user_msg + 2, sizeof(u32) * 2)) {
951 printk(KERN_WARNING
952 "%s: Could not copy message context FROM user\n",
953 c->name);
954 rcode = -EFAULT;
955 }
956 if (copy_to_user(user_reply, reply, reply_size)) {
957 printk(KERN_WARNING
958 "%s: Could not copy reply TO user\n", c->name);
959 rcode = -EFAULT;
960 }
961 }
962
963 for (i = 0; i < sg_index; i++)
964 i2o_dma_free(&c->pdev->dev, &sg_list[i]);
965
966cleanup:
967 kfree(reply);
968out:
969 if (msg)
970 i2o_msg_nop(c, msg);
971 return rcode;
972}
973#endif
974
975
976
977
978static long i2o_cfg_ioctl(struct file *fp, unsigned int cmd, unsigned long arg)
979{
980 int ret;
981
982 lock_kernel();
983 switch (cmd) {
984 case I2OGETIOPS:
985 ret = i2o_cfg_getiops(arg);
986 break;
987
988 case I2OHRTGET:
989 ret = i2o_cfg_gethrt(arg);
990 break;
991
992 case I2OLCTGET:
993 ret = i2o_cfg_getlct(arg);
994 break;
995
996 case I2OPARMSET:
997 ret = i2o_cfg_parms(arg, I2OPARMSET);
998 break;
999
1000 case I2OPARMGET:
1001 ret = i2o_cfg_parms(arg, I2OPARMGET);
1002 break;
1003
1004 case I2OSWDL:
1005 ret = i2o_cfg_swdl(arg);
1006 break;
1007
1008 case I2OSWUL:
1009 ret = i2o_cfg_swul(arg);
1010 break;
1011
1012 case I2OSWDEL:
1013 ret = i2o_cfg_swdel(arg);
1014 break;
1015
1016 case I2OVALIDATE:
1017 ret = i2o_cfg_validate(arg);
1018 break;
1019
1020 case I2OEVTREG:
1021 ret = i2o_cfg_evt_reg(arg, fp);
1022 break;
1023
1024 case I2OEVTGET:
1025 ret = i2o_cfg_evt_get(arg, fp);
1026 break;
1027
1028#ifdef CONFIG_I2O_EXT_ADAPTEC
1029 case I2OPASSTHRU:
1030 ret = i2o_cfg_passthru(arg);
1031 break;
1032#endif
1033
1034 default:
1035 osm_debug("unknown ioctl called!\n");
1036 ret = -EINVAL;
1037 }
1038 unlock_kernel();
1039 return ret;
1040}
1041
1042static int cfg_open(struct inode *inode, struct file *file)
1043{
1044 struct i2o_cfg_info *tmp =
1045 (struct i2o_cfg_info *)kmalloc(sizeof(struct i2o_cfg_info),
1046 GFP_KERNEL);
1047 unsigned long flags;
1048
1049 if (!tmp)
1050 return -ENOMEM;
1051
1052 lock_kernel();
1053 file->private_data = (void *)(i2o_cfg_info_id++);
1054 tmp->fp = file;
1055 tmp->fasync = NULL;
1056 tmp->q_id = (ulong) file->private_data;
1057 tmp->q_len = 0;
1058 tmp->q_in = 0;
1059 tmp->q_out = 0;
1060 tmp->q_lost = 0;
1061 tmp->next = open_files;
1062
1063 spin_lock_irqsave(&i2o_config_lock, flags);
1064 open_files = tmp;
1065 spin_unlock_irqrestore(&i2o_config_lock, flags);
1066 unlock_kernel();
1067
1068 return 0;
1069}
1070
1071static int cfg_fasync(int fd, struct file *fp, int on)
1072{
1073 ulong id = (ulong) fp->private_data;
1074 struct i2o_cfg_info *p;
1075 int ret = -EBADF;
1076
1077 lock_kernel();
1078 for (p = open_files; p; p = p->next)
1079 if (p->q_id == id)
1080 break;
1081
1082 if (p)
1083 ret = fasync_helper(fd, fp, on, &p->fasync);
1084 unlock_kernel();
1085 return ret;
1086}
1087
1088static int cfg_release(struct inode *inode, struct file *file)
1089{
1090 ulong id = (ulong) file->private_data;
1091 struct i2o_cfg_info *p, **q;
1092 unsigned long flags;
1093
1094 lock_kernel();
1095 spin_lock_irqsave(&i2o_config_lock, flags);
1096 for (q = &open_files; (p = *q) != NULL; q = &p->next) {
1097 if (p->q_id == id) {
1098 *q = p->next;
1099 kfree(p);
1100 break;
1101 }
1102 }
1103 spin_unlock_irqrestore(&i2o_config_lock, flags);
1104 unlock_kernel();
1105
1106 return 0;
1107}
1108
1109static const struct file_operations config_fops = {
1110 .owner = THIS_MODULE,
1111 .llseek = no_llseek,
1112 .unlocked_ioctl = i2o_cfg_ioctl,
1113#ifdef CONFIG_COMPAT
1114 .compat_ioctl = i2o_cfg_compat_ioctl,
1115#endif
1116 .open = cfg_open,
1117 .release = cfg_release,
1118 .fasync = cfg_fasync,
1119};
1120
1121static struct miscdevice i2o_miscdev = {
1122 I2O_MINOR,
1123 "i2octl",
1124 &config_fops
1125};
1126
1127static int __init i2o_config_old_init(void)
1128{
1129 spin_lock_init(&i2o_config_lock);
1130
1131 if (misc_register(&i2o_miscdev) < 0) {
1132 osm_err("can't register device.\n");
1133 return -EBUSY;
1134 }
1135
1136 return 0;
1137}
1138
1139static void i2o_config_old_exit(void)
1140{
1141 misc_deregister(&i2o_miscdev);
1142}
1143
1144MODULE_AUTHOR("Red Hat Software");
1145
