1 /*
2 comedi/comedi_fops.c
3 comedi kernel module
4
5 COMEDI - Linux Control and Measurement Device Interface
6 Copyright (C) 1997-2000 David A. Schleef <ds@schleef.org>
7
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 2 of the License, or
11 (at your option) any later version.
12
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
17 */
18
19 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
20
21 #include "comedi_compat32.h"
22
23 #include <linux/module.h>
24 #include <linux/errno.h>
25 #include <linux/kernel.h>
26 #include <linux/sched.h>
27 #include <linux/fcntl.h>
28 #include <linux/delay.h>
29 #include <linux/mm.h>
30 #include <linux/slab.h>
31 #include <linux/kmod.h>
32 #include <linux/poll.h>
33 #include <linux/init.h>
34 #include <linux/device.h>
35 #include <linux/vmalloc.h>
36 #include <linux/fs.h>
37 #include "comedidev.h"
38 #include <linux/cdev.h>
39 #include <linux/stat.h>
40
41 #include <linux/io.h>
42 #include <linux/uaccess.h>
43
44 #include "comedi_internal.h"
45
46 #define COMEDI_NUM_MINORS 0x100
47 #define COMEDI_NUM_SUBDEVICE_MINORS \
48 (COMEDI_NUM_MINORS - COMEDI_NUM_BOARD_MINORS)
49
50 static int comedi_num_legacy_minors;
51 module_param(comedi_num_legacy_minors, int, S_IRUGO);
52 MODULE_PARM_DESC(comedi_num_legacy_minors,
53 "number of comedi minor devices to reserve for non-auto-configured devices (default 0)"
54 );
55
56 unsigned int comedi_default_buf_size_kb = CONFIG_COMEDI_DEFAULT_BUF_SIZE_KB;
57 module_param(comedi_default_buf_size_kb, uint, S_IRUGO | S_IWUSR);
58 MODULE_PARM_DESC(comedi_default_buf_size_kb,
59 "default asynchronous buffer size in KiB (default "
60 __MODULE_STRING(CONFIG_COMEDI_DEFAULT_BUF_SIZE_KB) ")");
61
62 unsigned int comedi_default_buf_maxsize_kb
63 = CONFIG_COMEDI_DEFAULT_BUF_MAXSIZE_KB;
64 module_param(comedi_default_buf_maxsize_kb, uint, S_IRUGO | S_IWUSR);
65 MODULE_PARM_DESC(comedi_default_buf_maxsize_kb,
66 "default maximum size of asynchronous buffer in KiB (default "
67 __MODULE_STRING(CONFIG_COMEDI_DEFAULT_BUF_MAXSIZE_KB) ")");
68
69 static DEFINE_MUTEX(comedi_board_minor_table_lock);
70 static struct comedi_device
71 *comedi_board_minor_table[COMEDI_NUM_BOARD_MINORS];
72
73 static DEFINE_MUTEX(comedi_subdevice_minor_table_lock);
74 /* Note: indexed by minor - COMEDI_NUM_BOARD_MINORS. */
75 static struct comedi_subdevice
76 *comedi_subdevice_minor_table[COMEDI_NUM_SUBDEVICE_MINORS];
77
78 static struct class *comedi_class;
79 static struct cdev comedi_cdev;
80
comedi_device_init(struct comedi_device * dev)81 static void comedi_device_init(struct comedi_device *dev)
82 {
83 kref_init(&dev->refcount);
84 spin_lock_init(&dev->spinlock);
85 mutex_init(&dev->mutex);
86 init_rwsem(&dev->attach_lock);
87 dev->minor = -1;
88 }
89
comedi_dev_kref_release(struct kref * kref)90 static void comedi_dev_kref_release(struct kref *kref)
91 {
92 struct comedi_device *dev =
93 container_of(kref, struct comedi_device, refcount);
94
95 mutex_destroy(&dev->mutex);
96 put_device(dev->class_dev);
97 kfree(dev);
98 }
99
comedi_dev_put(struct comedi_device * dev)100 int comedi_dev_put(struct comedi_device *dev)
101 {
102 if (dev)
103 return kref_put(&dev->refcount, comedi_dev_kref_release);
104 return 1;
105 }
106 EXPORT_SYMBOL_GPL(comedi_dev_put);
107
comedi_dev_get(struct comedi_device * dev)108 static struct comedi_device *comedi_dev_get(struct comedi_device *dev)
109 {
110 if (dev)
111 kref_get(&dev->refcount);
112 return dev;
113 }
114
comedi_device_cleanup(struct comedi_device * dev)115 static void comedi_device_cleanup(struct comedi_device *dev)
116 {
117 struct module *driver_module = NULL;
118
119 if (dev == NULL)
120 return;
121 mutex_lock(&dev->mutex);
122 if (dev->attached)
123 driver_module = dev->driver->module;
124 comedi_device_detach(dev);
125 if (driver_module && dev->use_count)
126 module_put(driver_module);
127 mutex_unlock(&dev->mutex);
128 }
129
comedi_clear_board_dev(struct comedi_device * dev)130 static bool comedi_clear_board_dev(struct comedi_device *dev)
131 {
132 unsigned int i = dev->minor;
133 bool cleared = false;
134
135 mutex_lock(&comedi_board_minor_table_lock);
136 if (dev == comedi_board_minor_table[i]) {
137 comedi_board_minor_table[i] = NULL;
138 cleared = true;
139 }
140 mutex_unlock(&comedi_board_minor_table_lock);
141 return cleared;
142 }
143
comedi_clear_board_minor(unsigned minor)144 static struct comedi_device *comedi_clear_board_minor(unsigned minor)
145 {
146 struct comedi_device *dev;
147
148 mutex_lock(&comedi_board_minor_table_lock);
149 dev = comedi_board_minor_table[minor];
150 comedi_board_minor_table[minor] = NULL;
151 mutex_unlock(&comedi_board_minor_table_lock);
152 return dev;
153 }
154
comedi_free_board_dev(struct comedi_device * dev)155 static void comedi_free_board_dev(struct comedi_device *dev)
156 {
157 if (dev) {
158 comedi_device_cleanup(dev);
159 if (dev->class_dev) {
160 device_destroy(comedi_class,
161 MKDEV(COMEDI_MAJOR, dev->minor));
162 }
163 comedi_dev_put(dev);
164 }
165 }
166
167 static struct comedi_subdevice
comedi_subdevice_from_minor(const struct comedi_device * dev,unsigned minor)168 *comedi_subdevice_from_minor(const struct comedi_device *dev, unsigned minor)
169 {
170 struct comedi_subdevice *s;
171 unsigned int i = minor - COMEDI_NUM_BOARD_MINORS;
172
173 BUG_ON(i >= COMEDI_NUM_SUBDEVICE_MINORS);
174 mutex_lock(&comedi_subdevice_minor_table_lock);
175 s = comedi_subdevice_minor_table[i];
176 if (s && s->device != dev)
177 s = NULL;
178 mutex_unlock(&comedi_subdevice_minor_table_lock);
179 return s;
180 }
181
comedi_dev_get_from_board_minor(unsigned minor)182 static struct comedi_device *comedi_dev_get_from_board_minor(unsigned minor)
183 {
184 struct comedi_device *dev;
185
186 BUG_ON(minor >= COMEDI_NUM_BOARD_MINORS);
187 mutex_lock(&comedi_board_minor_table_lock);
188 dev = comedi_dev_get(comedi_board_minor_table[minor]);
189 mutex_unlock(&comedi_board_minor_table_lock);
190 return dev;
191 }
192
comedi_dev_get_from_subdevice_minor(unsigned minor)193 static struct comedi_device *comedi_dev_get_from_subdevice_minor(unsigned minor)
194 {
195 struct comedi_device *dev;
196 struct comedi_subdevice *s;
197 unsigned int i = minor - COMEDI_NUM_BOARD_MINORS;
198
199 BUG_ON(i >= COMEDI_NUM_SUBDEVICE_MINORS);
200 mutex_lock(&comedi_subdevice_minor_table_lock);
201 s = comedi_subdevice_minor_table[i];
202 dev = comedi_dev_get(s ? s->device : NULL);
203 mutex_unlock(&comedi_subdevice_minor_table_lock);
204 return dev;
205 }
206
comedi_dev_get_from_minor(unsigned minor)207 struct comedi_device *comedi_dev_get_from_minor(unsigned minor)
208 {
209 if (minor < COMEDI_NUM_BOARD_MINORS)
210 return comedi_dev_get_from_board_minor(minor);
211
212 return comedi_dev_get_from_subdevice_minor(minor);
213 }
214 EXPORT_SYMBOL_GPL(comedi_dev_get_from_minor);
215
216 static struct comedi_subdevice *
comedi_read_subdevice(const struct comedi_device * dev,unsigned int minor)217 comedi_read_subdevice(const struct comedi_device *dev, unsigned int minor)
218 {
219 struct comedi_subdevice *s;
220
221 if (minor >= COMEDI_NUM_BOARD_MINORS) {
222 s = comedi_subdevice_from_minor(dev, minor);
223 if (s == NULL || (s->subdev_flags & SDF_CMD_READ))
224 return s;
225 }
226 return dev->read_subdev;
227 }
228
229 static struct comedi_subdevice *
comedi_write_subdevice(const struct comedi_device * dev,unsigned int minor)230 comedi_write_subdevice(const struct comedi_device *dev, unsigned int minor)
231 {
232 struct comedi_subdevice *s;
233
234 if (minor >= COMEDI_NUM_BOARD_MINORS) {
235 s = comedi_subdevice_from_minor(dev, minor);
236 if (s == NULL || (s->subdev_flags & SDF_CMD_WRITE))
237 return s;
238 }
239 return dev->write_subdev;
240 }
241
resize_async_buffer(struct comedi_device * dev,struct comedi_subdevice * s,unsigned new_size)242 static int resize_async_buffer(struct comedi_device *dev,
243 struct comedi_subdevice *s, unsigned new_size)
244 {
245 struct comedi_async *async = s->async;
246 int retval;
247
248 if (new_size > async->max_bufsize)
249 return -EPERM;
250
251 if (s->busy) {
252 dev_dbg(dev->class_dev,
253 "subdevice is busy, cannot resize buffer\n");
254 return -EBUSY;
255 }
256 if (comedi_buf_is_mmapped(s)) {
257 dev_dbg(dev->class_dev,
258 "subdevice is mmapped, cannot resize buffer\n");
259 return -EBUSY;
260 }
261
262 /* make sure buffer is an integral number of pages
263 * (we round up) */
264 new_size = (new_size + PAGE_SIZE - 1) & PAGE_MASK;
265
266 retval = comedi_buf_alloc(dev, s, new_size);
267 if (retval < 0)
268 return retval;
269
270 if (s->buf_change) {
271 retval = s->buf_change(dev, s);
272 if (retval < 0)
273 return retval;
274 }
275
276 dev_dbg(dev->class_dev, "subd %d buffer resized to %i bytes\n",
277 s->index, async->prealloc_bufsz);
278 return 0;
279 }
280
281 /* sysfs attribute files */
282
max_read_buffer_kb_show(struct device * csdev,struct device_attribute * attr,char * buf)283 static ssize_t max_read_buffer_kb_show(struct device *csdev,
284 struct device_attribute *attr, char *buf)
285 {
286 unsigned int minor = MINOR(csdev->devt);
287 struct comedi_device *dev;
288 struct comedi_subdevice *s;
289 unsigned int size = 0;
290
291 dev = comedi_dev_get_from_minor(minor);
292 if (!dev)
293 return -ENODEV;
294
295 mutex_lock(&dev->mutex);
296 s = comedi_read_subdevice(dev, minor);
297 if (s && (s->subdev_flags & SDF_CMD_READ) && s->async)
298 size = s->async->max_bufsize / 1024;
299 mutex_unlock(&dev->mutex);
300
301 comedi_dev_put(dev);
302 return snprintf(buf, PAGE_SIZE, "%u\n", size);
303 }
304
max_read_buffer_kb_store(struct device * csdev,struct device_attribute * attr,const char * buf,size_t count)305 static ssize_t max_read_buffer_kb_store(struct device *csdev,
306 struct device_attribute *attr,
307 const char *buf, size_t count)
308 {
309 unsigned int minor = MINOR(csdev->devt);
310 struct comedi_device *dev;
311 struct comedi_subdevice *s;
312 unsigned int size;
313 int err;
314
315 err = kstrtouint(buf, 10, &size);
316 if (err)
317 return err;
318 if (size > (UINT_MAX / 1024))
319 return -EINVAL;
320 size *= 1024;
321
322 dev = comedi_dev_get_from_minor(minor);
323 if (!dev)
324 return -ENODEV;
325
326 mutex_lock(&dev->mutex);
327 s = comedi_read_subdevice(dev, minor);
328 if (s && (s->subdev_flags & SDF_CMD_READ) && s->async)
329 s->async->max_bufsize = size;
330 else
331 err = -EINVAL;
332 mutex_unlock(&dev->mutex);
333
334 comedi_dev_put(dev);
335 return err ? err : count;
336 }
337 static DEVICE_ATTR_RW(max_read_buffer_kb);
338
read_buffer_kb_show(struct device * csdev,struct device_attribute * attr,char * buf)339 static ssize_t read_buffer_kb_show(struct device *csdev,
340 struct device_attribute *attr, char *buf)
341 {
342 unsigned int minor = MINOR(csdev->devt);
343 struct comedi_device *dev;
344 struct comedi_subdevice *s;
345 unsigned int size = 0;
346
347 dev = comedi_dev_get_from_minor(minor);
348 if (!dev)
349 return -ENODEV;
350
351 mutex_lock(&dev->mutex);
352 s = comedi_read_subdevice(dev, minor);
353 if (s && (s->subdev_flags & SDF_CMD_READ) && s->async)
354 size = s->async->prealloc_bufsz / 1024;
355 mutex_unlock(&dev->mutex);
356
357 comedi_dev_put(dev);
358 return snprintf(buf, PAGE_SIZE, "%u\n", size);
359 }
360
read_buffer_kb_store(struct device * csdev,struct device_attribute * attr,const char * buf,size_t count)361 static ssize_t read_buffer_kb_store(struct device *csdev,
362 struct device_attribute *attr,
363 const char *buf, size_t count)
364 {
365 unsigned int minor = MINOR(csdev->devt);
366 struct comedi_device *dev;
367 struct comedi_subdevice *s;
368 unsigned int size;
369 int err;
370
371 err = kstrtouint(buf, 10, &size);
372 if (err)
373 return err;
374 if (size > (UINT_MAX / 1024))
375 return -EINVAL;
376 size *= 1024;
377
378 dev = comedi_dev_get_from_minor(minor);
379 if (!dev)
380 return -ENODEV;
381
382 mutex_lock(&dev->mutex);
383 s = comedi_read_subdevice(dev, minor);
384 if (s && (s->subdev_flags & SDF_CMD_READ) && s->async)
385 err = resize_async_buffer(dev, s, size);
386 else
387 err = -EINVAL;
388 mutex_unlock(&dev->mutex);
389
390 comedi_dev_put(dev);
391 return err ? err : count;
392 }
393 static DEVICE_ATTR_RW(read_buffer_kb);
394
max_write_buffer_kb_show(struct device * csdev,struct device_attribute * attr,char * buf)395 static ssize_t max_write_buffer_kb_show(struct device *csdev,
396 struct device_attribute *attr,
397 char *buf)
398 {
399 unsigned int minor = MINOR(csdev->devt);
400 struct comedi_device *dev;
401 struct comedi_subdevice *s;
402 unsigned int size = 0;
403
404 dev = comedi_dev_get_from_minor(minor);
405 if (!dev)
406 return -ENODEV;
407
408 mutex_lock(&dev->mutex);
409 s = comedi_write_subdevice(dev, minor);
410 if (s && (s->subdev_flags & SDF_CMD_WRITE) && s->async)
411 size = s->async->max_bufsize / 1024;
412 mutex_unlock(&dev->mutex);
413
414 comedi_dev_put(dev);
415 return snprintf(buf, PAGE_SIZE, "%u\n", size);
416 }
417
max_write_buffer_kb_store(struct device * csdev,struct device_attribute * attr,const char * buf,size_t count)418 static ssize_t max_write_buffer_kb_store(struct device *csdev,
419 struct device_attribute *attr,
420 const char *buf, size_t count)
421 {
422 unsigned int minor = MINOR(csdev->devt);
423 struct comedi_device *dev;
424 struct comedi_subdevice *s;
425 unsigned int size;
426 int err;
427
428 err = kstrtouint(buf, 10, &size);
429 if (err)
430 return err;
431 if (size > (UINT_MAX / 1024))
432 return -EINVAL;
433 size *= 1024;
434
435 dev = comedi_dev_get_from_minor(minor);
436 if (!dev)
437 return -ENODEV;
438
439 mutex_lock(&dev->mutex);
440 s = comedi_write_subdevice(dev, minor);
441 if (s && (s->subdev_flags & SDF_CMD_WRITE) && s->async)
442 s->async->max_bufsize = size;
443 else
444 err = -EINVAL;
445 mutex_unlock(&dev->mutex);
446
447 comedi_dev_put(dev);
448 return err ? err : count;
449 }
450 static DEVICE_ATTR_RW(max_write_buffer_kb);
451
write_buffer_kb_show(struct device * csdev,struct device_attribute * attr,char * buf)452 static ssize_t write_buffer_kb_show(struct device *csdev,
453 struct device_attribute *attr, char *buf)
454 {
455 unsigned int minor = MINOR(csdev->devt);
456 struct comedi_device *dev;
457 struct comedi_subdevice *s;
458 unsigned int size = 0;
459
460 dev = comedi_dev_get_from_minor(minor);
461 if (!dev)
462 return -ENODEV;
463
464 mutex_lock(&dev->mutex);
465 s = comedi_write_subdevice(dev, minor);
466 if (s && (s->subdev_flags & SDF_CMD_WRITE) && s->async)
467 size = s->async->prealloc_bufsz / 1024;
468 mutex_unlock(&dev->mutex);
469
470 comedi_dev_put(dev);
471 return snprintf(buf, PAGE_SIZE, "%u\n", size);
472 }
473
write_buffer_kb_store(struct device * csdev,struct device_attribute * attr,const char * buf,size_t count)474 static ssize_t write_buffer_kb_store(struct device *csdev,
475 struct device_attribute *attr,
476 const char *buf, size_t count)
477 {
478 unsigned int minor = MINOR(csdev->devt);
479 struct comedi_device *dev;
480 struct comedi_subdevice *s;
481 unsigned int size;
482 int err;
483
484 err = kstrtouint(buf, 10, &size);
485 if (err)
486 return err;
487 if (size > (UINT_MAX / 1024))
488 return -EINVAL;
489 size *= 1024;
490
491 dev = comedi_dev_get_from_minor(minor);
492 if (!dev)
493 return -ENODEV;
494
495 mutex_lock(&dev->mutex);
496 s = comedi_write_subdevice(dev, minor);
497 if (s && (s->subdev_flags & SDF_CMD_WRITE) && s->async)
498 err = resize_async_buffer(dev, s, size);
499 else
500 err = -EINVAL;
501 mutex_unlock(&dev->mutex);
502
503 comedi_dev_put(dev);
504 return err ? err : count;
505 }
506 static DEVICE_ATTR_RW(write_buffer_kb);
507
508 static struct attribute *comedi_dev_attrs[] = {
509 &dev_attr_max_read_buffer_kb.attr,
510 &dev_attr_read_buffer_kb.attr,
511 &dev_attr_max_write_buffer_kb.attr,
512 &dev_attr_write_buffer_kb.attr,
513 NULL,
514 };
515 ATTRIBUTE_GROUPS(comedi_dev);
516
comedi_set_subdevice_runflags(struct comedi_subdevice * s,unsigned mask,unsigned bits)517 static void comedi_set_subdevice_runflags(struct comedi_subdevice *s,
518 unsigned mask, unsigned bits)
519 {
520 unsigned long flags;
521
522 spin_lock_irqsave(&s->spin_lock, flags);
523 s->runflags &= ~mask;
524 s->runflags |= (bits & mask);
525 spin_unlock_irqrestore(&s->spin_lock, flags);
526 }
527
comedi_get_subdevice_runflags(struct comedi_subdevice * s)528 static unsigned comedi_get_subdevice_runflags(struct comedi_subdevice *s)
529 {
530 unsigned long flags;
531 unsigned runflags;
532
533 spin_lock_irqsave(&s->spin_lock, flags);
534 runflags = s->runflags;
535 spin_unlock_irqrestore(&s->spin_lock, flags);
536 return runflags;
537 }
538
comedi_is_subdevice_running(struct comedi_subdevice * s)539 bool comedi_is_subdevice_running(struct comedi_subdevice *s)
540 {
541 unsigned runflags = comedi_get_subdevice_runflags(s);
542
543 return (runflags & SRF_RUNNING) ? true : false;
544 }
545 EXPORT_SYMBOL_GPL(comedi_is_subdevice_running);
546
comedi_is_subdevice_in_error(struct comedi_subdevice * s)547 static bool comedi_is_subdevice_in_error(struct comedi_subdevice *s)
548 {
549 unsigned runflags = comedi_get_subdevice_runflags(s);
550
551 return (runflags & SRF_ERROR) ? true : false;
552 }
553
comedi_is_subdevice_idle(struct comedi_subdevice * s)554 static bool comedi_is_subdevice_idle(struct comedi_subdevice *s)
555 {
556 unsigned runflags = comedi_get_subdevice_runflags(s);
557
558 return (runflags & (SRF_ERROR | SRF_RUNNING)) ? false : true;
559 }
560
561 /**
562 * comedi_alloc_spriv() - Allocate memory for the subdevice private data.
563 * @s: comedi_subdevice struct
564 * @size: size of the memory to allocate
565 *
566 * This also sets the subdevice runflags to allow the core to automatically
567 * free the private data during the detach.
568 */
comedi_alloc_spriv(struct comedi_subdevice * s,size_t size)569 void *comedi_alloc_spriv(struct comedi_subdevice *s, size_t size)
570 {
571 s->private = kzalloc(size, GFP_KERNEL);
572 if (s->private)
573 s->runflags |= SRF_FREE_SPRIV;
574 return s->private;
575 }
576 EXPORT_SYMBOL_GPL(comedi_alloc_spriv);
577
578 /*
579 This function restores a subdevice to an idle state.
580 */
do_become_nonbusy(struct comedi_device * dev,struct comedi_subdevice * s)581 static void do_become_nonbusy(struct comedi_device *dev,
582 struct comedi_subdevice *s)
583 {
584 struct comedi_async *async = s->async;
585
586 comedi_set_subdevice_runflags(s, SRF_RUNNING, 0);
587 if (async) {
588 comedi_buf_reset(s);
589 async->inttrig = NULL;
590 kfree(async->cmd.chanlist);
591 async->cmd.chanlist = NULL;
592 s->busy = NULL;
593 wake_up_interruptible_all(&s->async->wait_head);
594 } else {
595 dev_err(dev->class_dev,
596 "BUG: (?) do_become_nonbusy called with async=NULL\n");
597 s->busy = NULL;
598 }
599 }
600
do_cancel(struct comedi_device * dev,struct comedi_subdevice * s)601 static int do_cancel(struct comedi_device *dev, struct comedi_subdevice *s)
602 {
603 int ret = 0;
604
605 if (comedi_is_subdevice_running(s) && s->cancel)
606 ret = s->cancel(dev, s);
607
608 do_become_nonbusy(dev, s);
609
610 return ret;
611 }
612
comedi_device_cancel_all(struct comedi_device * dev)613 void comedi_device_cancel_all(struct comedi_device *dev)
614 {
615 struct comedi_subdevice *s;
616 int i;
617
618 if (!dev->attached)
619 return;
620
621 for (i = 0; i < dev->n_subdevices; i++) {
622 s = &dev->subdevices[i];
623 if (s->async)
624 do_cancel(dev, s);
625 }
626 }
627
is_device_busy(struct comedi_device * dev)628 static int is_device_busy(struct comedi_device *dev)
629 {
630 struct comedi_subdevice *s;
631 int i;
632
633 if (!dev->attached)
634 return 0;
635
636 for (i = 0; i < dev->n_subdevices; i++) {
637 s = &dev->subdevices[i];
638 if (s->busy)
639 return 1;
640 if (s->async && comedi_buf_is_mmapped(s))
641 return 1;
642 }
643
644 return 0;
645 }
646
647 /*
648 COMEDI_DEVCONFIG
649 device config ioctl
650
651 arg:
652 pointer to devconfig structure
653
654 reads:
655 devconfig structure at arg
656
657 writes:
658 none
659 */
do_devconfig_ioctl(struct comedi_device * dev,struct comedi_devconfig __user * arg)660 static int do_devconfig_ioctl(struct comedi_device *dev,
661 struct comedi_devconfig __user *arg)
662 {
663 struct comedi_devconfig it;
664
665 if (!capable(CAP_SYS_ADMIN))
666 return -EPERM;
667
668 if (arg == NULL) {
669 if (is_device_busy(dev))
670 return -EBUSY;
671 if (dev->attached) {
672 struct module *driver_module = dev->driver->module;
673
674 comedi_device_detach(dev);
675 module_put(driver_module);
676 }
677 return 0;
678 }
679
680 if (copy_from_user(&it, arg, sizeof(it)))
681 return -EFAULT;
682
683 it.board_name[COMEDI_NAMELEN - 1] = 0;
684
685 if (it.options[COMEDI_DEVCONF_AUX_DATA_LENGTH]) {
686 dev_warn(dev->class_dev,
687 "comedi_config --init_data is deprecated\n");
688 return -EINVAL;
689 }
690
691 if (dev->minor >= comedi_num_legacy_minors)
692 /* don't re-use dynamically allocated comedi devices */
693 return -EBUSY;
694
695 /* This increments the driver module count on success. */
696 return comedi_device_attach(dev, &it);
697 }
698
699 /*
700 COMEDI_BUFCONFIG
701 buffer configuration ioctl
702
703 arg:
704 pointer to bufconfig structure
705
706 reads:
707 bufconfig at arg
708
709 writes:
710 modified bufconfig at arg
711
712 */
do_bufconfig_ioctl(struct comedi_device * dev,struct comedi_bufconfig __user * arg)713 static int do_bufconfig_ioctl(struct comedi_device *dev,
714 struct comedi_bufconfig __user *arg)
715 {
716 struct comedi_bufconfig bc;
717 struct comedi_async *async;
718 struct comedi_subdevice *s;
719 int retval = 0;
720
721 if (copy_from_user(&bc, arg, sizeof(bc)))
722 return -EFAULT;
723
724 if (bc.subdevice >= dev->n_subdevices)
725 return -EINVAL;
726
727 s = &dev->subdevices[bc.subdevice];
728 async = s->async;
729
730 if (!async) {
731 dev_dbg(dev->class_dev,
732 "subdevice does not have async capability\n");
733 bc.size = 0;
734 bc.maximum_size = 0;
735 goto copyback;
736 }
737
738 if (bc.maximum_size) {
739 if (!capable(CAP_SYS_ADMIN))
740 return -EPERM;
741
742 async->max_bufsize = bc.maximum_size;
743 }
744
745 if (bc.size) {
746 retval = resize_async_buffer(dev, s, bc.size);
747 if (retval < 0)
748 return retval;
749 }
750
751 bc.size = async->prealloc_bufsz;
752 bc.maximum_size = async->max_bufsize;
753
754 copyback:
755 if (copy_to_user(arg, &bc, sizeof(bc)))
756 return -EFAULT;
757
758 return 0;
759 }
760
761 /*
762 COMEDI_DEVINFO
763 device info ioctl
764
765 arg:
766 pointer to devinfo structure
767
768 reads:
769 none
770
771 writes:
772 devinfo structure
773
774 */
do_devinfo_ioctl(struct comedi_device * dev,struct comedi_devinfo __user * arg,struct file * file)775 static int do_devinfo_ioctl(struct comedi_device *dev,
776 struct comedi_devinfo __user *arg,
777 struct file *file)
778 {
779 const unsigned minor = iminor(file_inode(file));
780 struct comedi_subdevice *s;
781 struct comedi_devinfo devinfo;
782
783 memset(&devinfo, 0, sizeof(devinfo));
784
785 /* fill devinfo structure */
786 devinfo.version_code = COMEDI_VERSION_CODE;
787 devinfo.n_subdevs = dev->n_subdevices;
788 strlcpy(devinfo.driver_name, dev->driver->driver_name, COMEDI_NAMELEN);
789 strlcpy(devinfo.board_name, dev->board_name, COMEDI_NAMELEN);
790
791 s = comedi_read_subdevice(dev, minor);
792 if (s)
793 devinfo.read_subdevice = s->index;
794 else
795 devinfo.read_subdevice = -1;
796
797 s = comedi_write_subdevice(dev, minor);
798 if (s)
799 devinfo.write_subdevice = s->index;
800 else
801 devinfo.write_subdevice = -1;
802
803 if (copy_to_user(arg, &devinfo, sizeof(devinfo)))
804 return -EFAULT;
805
806 return 0;
807 }
808
809 /*
810 COMEDI_SUBDINFO
811 subdevice info ioctl
812
813 arg:
814 pointer to array of subdevice info structures
815
816 reads:
817 none
818
819 writes:
820 array of subdevice info structures at arg
821
822 */
do_subdinfo_ioctl(struct comedi_device * dev,struct comedi_subdinfo __user * arg,void * file)823 static int do_subdinfo_ioctl(struct comedi_device *dev,
824 struct comedi_subdinfo __user *arg, void *file)
825 {
826 int ret, i;
827 struct comedi_subdinfo *tmp, *us;
828 struct comedi_subdevice *s;
829
830 tmp = kcalloc(dev->n_subdevices, sizeof(*tmp), GFP_KERNEL);
831 if (!tmp)
832 return -ENOMEM;
833
834 /* fill subdinfo structs */
835 for (i = 0; i < dev->n_subdevices; i++) {
836 s = &dev->subdevices[i];
837 us = tmp + i;
838
839 us->type = s->type;
840 us->n_chan = s->n_chan;
841 us->subd_flags = s->subdev_flags;
842 if (comedi_is_subdevice_running(s))
843 us->subd_flags |= SDF_RUNNING;
844 #define TIMER_nanosec 5 /* backwards compatibility */
845 us->timer_type = TIMER_nanosec;
846 us->len_chanlist = s->len_chanlist;
847 us->maxdata = s->maxdata;
848 if (s->range_table) {
849 us->range_type =
850 (i << 24) | (0 << 16) | (s->range_table->length);
851 } else {
852 us->range_type = 0; /* XXX */
853 }
854
855 if (s->busy)
856 us->subd_flags |= SDF_BUSY;
857 if (s->busy == file)
858 us->subd_flags |= SDF_BUSY_OWNER;
859 if (s->lock)
860 us->subd_flags |= SDF_LOCKED;
861 if (s->lock == file)
862 us->subd_flags |= SDF_LOCK_OWNER;
863 if (!s->maxdata && s->maxdata_list)
864 us->subd_flags |= SDF_MAXDATA;
865 if (s->range_table_list)
866 us->subd_flags |= SDF_RANGETYPE;
867 if (s->do_cmd)
868 us->subd_flags |= SDF_CMD;
869
870 if (s->insn_bits != &insn_inval)
871 us->insn_bits_support = COMEDI_SUPPORTED;
872 else
873 us->insn_bits_support = COMEDI_UNSUPPORTED;
874 }
875
876 ret = copy_to_user(arg, tmp, dev->n_subdevices * sizeof(*tmp));
877
878 kfree(tmp);
879
880 return ret ? -EFAULT : 0;
881 }
882
883 /*
884 COMEDI_CHANINFO
885 subdevice info ioctl
886
887 arg:
888 pointer to chaninfo structure
889
890 reads:
891 chaninfo structure at arg
892
893 writes:
894 arrays at elements of chaninfo structure
895
896 */
do_chaninfo_ioctl(struct comedi_device * dev,struct comedi_chaninfo __user * arg)897 static int do_chaninfo_ioctl(struct comedi_device *dev,
898 struct comedi_chaninfo __user *arg)
899 {
900 struct comedi_subdevice *s;
901 struct comedi_chaninfo it;
902
903 if (copy_from_user(&it, arg, sizeof(it)))
904 return -EFAULT;
905
906 if (it.subdev >= dev->n_subdevices)
907 return -EINVAL;
908 s = &dev->subdevices[it.subdev];
909
910 if (it.maxdata_list) {
911 if (s->maxdata || !s->maxdata_list)
912 return -EINVAL;
913 if (copy_to_user(it.maxdata_list, s->maxdata_list,
914 s->n_chan * sizeof(unsigned int)))
915 return -EFAULT;
916 }
917
918 if (it.flaglist)
919 return -EINVAL; /* flaglist not supported */
920
921 if (it.rangelist) {
922 int i;
923
924 if (!s->range_table_list)
925 return -EINVAL;
926 for (i = 0; i < s->n_chan; i++) {
927 int x;
928
929 x = (dev->minor << 28) | (it.subdev << 24) | (i << 16) |
930 (s->range_table_list[i]->length);
931 if (put_user(x, it.rangelist + i))
932 return -EFAULT;
933 }
934 #if 0
935 if (copy_to_user(it.rangelist, s->range_type_list,
936 s->n_chan * sizeof(unsigned int)))
937 return -EFAULT;
938 #endif
939 }
940
941 return 0;
942 }
943
944 /*
945 COMEDI_BUFINFO
946 buffer information ioctl
947
948 arg:
949 pointer to bufinfo structure
950
951 reads:
952 bufinfo at arg
953
954 writes:
955 modified bufinfo at arg
956
957 */
do_bufinfo_ioctl(struct comedi_device * dev,struct comedi_bufinfo __user * arg,void * file)958 static int do_bufinfo_ioctl(struct comedi_device *dev,
959 struct comedi_bufinfo __user *arg, void *file)
960 {
961 struct comedi_bufinfo bi;
962 struct comedi_subdevice *s;
963 struct comedi_async *async;
964
965 if (copy_from_user(&bi, arg, sizeof(bi)))
966 return -EFAULT;
967
968 if (bi.subdevice >= dev->n_subdevices)
969 return -EINVAL;
970
971 s = &dev->subdevices[bi.subdevice];
972
973 async = s->async;
974
975 if (!async) {
976 dev_dbg(dev->class_dev,
977 "subdevice does not have async capability\n");
978 bi.buf_write_ptr = 0;
979 bi.buf_read_ptr = 0;
980 bi.buf_write_count = 0;
981 bi.buf_read_count = 0;
982 bi.bytes_read = 0;
983 bi.bytes_written = 0;
984 goto copyback;
985 }
986 if (!s->busy) {
987 bi.bytes_read = 0;
988 bi.bytes_written = 0;
989 goto copyback_position;
990 }
991 if (s->busy != file)
992 return -EACCES;
993
994 if (bi.bytes_read && (s->subdev_flags & SDF_CMD_READ)) {
995 bi.bytes_read = comedi_buf_read_alloc(s, bi.bytes_read);
996 comedi_buf_read_free(s, bi.bytes_read);
997
998 if (comedi_is_subdevice_idle(s) &&
999 comedi_buf_n_bytes_ready(s) == 0) {
1000 do_become_nonbusy(dev, s);
1001 }
1002 }
1003
1004 if (bi.bytes_written && (s->subdev_flags & SDF_CMD_WRITE)) {
1005 bi.bytes_written =
1006 comedi_buf_write_alloc(s, bi.bytes_written);
1007 comedi_buf_write_free(s, bi.bytes_written);
1008 }
1009
1010 copyback_position:
1011 bi.buf_write_count = async->buf_write_count;
1012 bi.buf_write_ptr = async->buf_write_ptr;
1013 bi.buf_read_count = async->buf_read_count;
1014 bi.buf_read_ptr = async->buf_read_ptr;
1015
1016 copyback:
1017 if (copy_to_user(arg, &bi, sizeof(bi)))
1018 return -EFAULT;
1019
1020 return 0;
1021 }
1022
check_insn_config_length(struct comedi_insn * insn,unsigned int * data)1023 static int check_insn_config_length(struct comedi_insn *insn,
1024 unsigned int *data)
1025 {
1026 if (insn->n < 1)
1027 return -EINVAL;
1028
1029 switch (data[0]) {
1030 case INSN_CONFIG_DIO_OUTPUT:
1031 case INSN_CONFIG_DIO_INPUT:
1032 case INSN_CONFIG_DISARM:
1033 case INSN_CONFIG_RESET:
1034 if (insn->n == 1)
1035 return 0;
1036 break;
1037 case INSN_CONFIG_ARM:
1038 case INSN_CONFIG_DIO_QUERY:
1039 case INSN_CONFIG_BLOCK_SIZE:
1040 case INSN_CONFIG_FILTER:
1041 case INSN_CONFIG_SERIAL_CLOCK:
1042 case INSN_CONFIG_BIDIRECTIONAL_DATA:
1043 case INSN_CONFIG_ALT_SOURCE:
1044 case INSN_CONFIG_SET_COUNTER_MODE:
1045 case INSN_CONFIG_8254_READ_STATUS:
1046 case INSN_CONFIG_SET_ROUTING:
1047 case INSN_CONFIG_GET_ROUTING:
1048 case INSN_CONFIG_GET_PWM_STATUS:
1049 case INSN_CONFIG_PWM_SET_PERIOD:
1050 case INSN_CONFIG_PWM_GET_PERIOD:
1051 if (insn->n == 2)
1052 return 0;
1053 break;
1054 case INSN_CONFIG_SET_GATE_SRC:
1055 case INSN_CONFIG_GET_GATE_SRC:
1056 case INSN_CONFIG_SET_CLOCK_SRC:
1057 case INSN_CONFIG_GET_CLOCK_SRC:
1058 case INSN_CONFIG_SET_OTHER_SRC:
1059 case INSN_CONFIG_GET_COUNTER_STATUS:
1060 case INSN_CONFIG_PWM_SET_H_BRIDGE:
1061 case INSN_CONFIG_PWM_GET_H_BRIDGE:
1062 case INSN_CONFIG_GET_HARDWARE_BUFFER_SIZE:
1063 if (insn->n == 3)
1064 return 0;
1065 break;
1066 case INSN_CONFIG_PWM_OUTPUT:
1067 case INSN_CONFIG_ANALOG_TRIG:
1068 if (insn->n == 5)
1069 return 0;
1070 break;
1071 case INSN_CONFIG_DIGITAL_TRIG:
1072 if (insn->n == 6)
1073 return 0;
1074 break;
1075 /* by default we allow the insn since we don't have checks for
1076 * all possible cases yet */
1077 default:
1078 pr_warn("No check for data length of config insn id %i is implemented\n",
1079 data[0]);
1080 pr_warn("Add a check to %s in %s\n", __func__, __FILE__);
1081 pr_warn("Assuming n=%i is correct\n", insn->n);
1082 return 0;
1083 }
1084 return -EINVAL;
1085 }
1086
parse_insn(struct comedi_device * dev,struct comedi_insn * insn,unsigned int * data,void * file)1087 static int parse_insn(struct comedi_device *dev, struct comedi_insn *insn,
1088 unsigned int *data, void *file)
1089 {
1090 struct comedi_subdevice *s;
1091 int ret = 0;
1092 int i;
1093
1094 if (insn->insn & INSN_MASK_SPECIAL) {
1095 /* a non-subdevice instruction */
1096
1097 switch (insn->insn) {
1098 case INSN_GTOD:
1099 {
1100 struct timeval tv;
1101
1102 if (insn->n != 2) {
1103 ret = -EINVAL;
1104 break;
1105 }
1106
1107 do_gettimeofday(&tv);
1108 data[0] = tv.tv_sec;
1109 data[1] = tv.tv_usec;
1110 ret = 2;
1111
1112 break;
1113 }
1114 case INSN_WAIT:
1115 if (insn->n != 1 || data[0] >= 100000) {
1116 ret = -EINVAL;
1117 break;
1118 }
1119 udelay(data[0] / 1000);
1120 ret = 1;
1121 break;
1122 case INSN_INTTRIG:
1123 if (insn->n != 1) {
1124 ret = -EINVAL;
1125 break;
1126 }
1127 if (insn->subdev >= dev->n_subdevices) {
1128 dev_dbg(dev->class_dev,
1129 "%d not usable subdevice\n",
1130 insn->subdev);
1131 ret = -EINVAL;
1132 break;
1133 }
1134 s = &dev->subdevices[insn->subdev];
1135 if (!s->async) {
1136 dev_dbg(dev->class_dev, "no async\n");
1137 ret = -EINVAL;
1138 break;
1139 }
1140 if (!s->async->inttrig) {
1141 dev_dbg(dev->class_dev, "no inttrig\n");
1142 ret = -EAGAIN;
1143 break;
1144 }
1145 ret = s->async->inttrig(dev, s, data[0]);
1146 if (ret >= 0)
1147 ret = 1;
1148 break;
1149 default:
1150 dev_dbg(dev->class_dev, "invalid insn\n");
1151 ret = -EINVAL;
1152 break;
1153 }
1154 } else {
1155 /* a subdevice instruction */
1156 unsigned int maxdata;
1157
1158 if (insn->subdev >= dev->n_subdevices) {
1159 dev_dbg(dev->class_dev, "subdevice %d out of range\n",
1160 insn->subdev);
1161 ret = -EINVAL;
1162 goto out;
1163 }
1164 s = &dev->subdevices[insn->subdev];
1165
1166 if (s->type == COMEDI_SUBD_UNUSED) {
1167 dev_dbg(dev->class_dev, "%d not usable subdevice\n",
1168 insn->subdev);
1169 ret = -EIO;
1170 goto out;
1171 }
1172
1173 /* are we locked? (ioctl lock) */
1174 if (s->lock && s->lock != file) {
1175 dev_dbg(dev->class_dev, "device locked\n");
1176 ret = -EACCES;
1177 goto out;
1178 }
1179
1180 ret = comedi_check_chanlist(s, 1, &insn->chanspec);
1181 if (ret < 0) {
1182 ret = -EINVAL;
1183 dev_dbg(dev->class_dev, "bad chanspec\n");
1184 goto out;
1185 }
1186
1187 if (s->busy) {
1188 ret = -EBUSY;
1189 goto out;
1190 }
1191 /* This looks arbitrary. It is. */
1192 s->busy = &parse_insn;
1193 switch (insn->insn) {
1194 case INSN_READ:
1195 ret = s->insn_read(dev, s, insn, data);
1196 if (ret == -ETIMEDOUT) {
1197 dev_dbg(dev->class_dev,
1198 "subdevice %d read instruction timed out\n",
1199 s->index);
1200 }
1201 break;
1202 case INSN_WRITE:
1203 maxdata = s->maxdata_list
1204 ? s->maxdata_list[CR_CHAN(insn->chanspec)]
1205 : s->maxdata;
1206 for (i = 0; i < insn->n; ++i) {
1207 if (data[i] > maxdata) {
1208 ret = -EINVAL;
1209 dev_dbg(dev->class_dev,
1210 "bad data value(s)\n");
1211 break;
1212 }
1213 }
1214 if (ret == 0) {
1215 ret = s->insn_write(dev, s, insn, data);
1216 if (ret == -ETIMEDOUT) {
1217 dev_dbg(dev->class_dev,
1218 "subdevice %d write instruction timed out\n",
1219 s->index);
1220 }
1221 }
1222 break;
1223 case INSN_BITS:
1224 if (insn->n != 2) {
1225 ret = -EINVAL;
1226 } else {
1227 /* Most drivers ignore the base channel in
1228 * insn->chanspec. Fix this here if
1229 * the subdevice has <= 32 channels. */
1230 unsigned int orig_mask = data[0];
1231 unsigned int shift = 0;
1232
1233 if (s->n_chan <= 32) {
1234 shift = CR_CHAN(insn->chanspec);
1235 if (shift > 0) {
1236 insn->chanspec = 0;
1237 data[0] <<= shift;
1238 data[1] <<= shift;
1239 }
1240 }
1241 ret = s->insn_bits(dev, s, insn, data);
1242 data[0] = orig_mask;
1243 if (shift > 0)
1244 data[1] >>= shift;
1245 }
1246 break;
1247 case INSN_CONFIG:
1248 ret = check_insn_config_length(insn, data);
1249 if (ret)
1250 break;
1251 ret = s->insn_config(dev, s, insn, data);
1252 break;
1253 default:
1254 ret = -EINVAL;
1255 break;
1256 }
1257
1258 s->busy = NULL;
1259 }
1260
1261 out:
1262 return ret;
1263 }
1264
1265 /*
1266 * COMEDI_INSNLIST
1267 * synchronous instructions
1268 *
1269 * arg:
1270 * pointer to sync cmd structure
1271 *
1272 * reads:
1273 * sync cmd struct at arg
1274 * instruction list
1275 * data (for writes)
1276 *
1277 * writes:
1278 * data (for reads)
1279 */
1280 /* arbitrary limits */
1281 #define MAX_SAMPLES 256
do_insnlist_ioctl(struct comedi_device * dev,struct comedi_insnlist __user * arg,void * file)1282 static int do_insnlist_ioctl(struct comedi_device *dev,
1283 struct comedi_insnlist __user *arg, void *file)
1284 {
1285 struct comedi_insnlist insnlist;
1286 struct comedi_insn *insns = NULL;
1287 unsigned int *data = NULL;
1288 int i = 0;
1289 int ret = 0;
1290
1291 if (copy_from_user(&insnlist, arg, sizeof(insnlist)))
1292 return -EFAULT;
1293
1294 data = kmalloc_array(MAX_SAMPLES, sizeof(unsigned int), GFP_KERNEL);
1295 if (!data) {
1296 ret = -ENOMEM;
1297 goto error;
1298 }
1299
1300 insns = kcalloc(insnlist.n_insns, sizeof(*insns), GFP_KERNEL);
1301 if (!insns) {
1302 ret = -ENOMEM;
1303 goto error;
1304 }
1305
1306 if (copy_from_user(insns, insnlist.insns,
1307 sizeof(*insns) * insnlist.n_insns)) {
1308 dev_dbg(dev->class_dev, "copy_from_user failed\n");
1309 ret = -EFAULT;
1310 goto error;
1311 }
1312
1313 for (i = 0; i < insnlist.n_insns; i++) {
1314 if (insns[i].n > MAX_SAMPLES) {
1315 dev_dbg(dev->class_dev,
1316 "number of samples too large\n");
1317 ret = -EINVAL;
1318 goto error;
1319 }
1320 if (insns[i].insn & INSN_MASK_WRITE) {
1321 if (copy_from_user(data, insns[i].data,
1322 insns[i].n * sizeof(unsigned int))) {
1323 dev_dbg(dev->class_dev,
1324 "copy_from_user failed\n");
1325 ret = -EFAULT;
1326 goto error;
1327 }
1328 }
1329 ret = parse_insn(dev, insns + i, data, file);
1330 if (ret < 0)
1331 goto error;
1332 if (insns[i].insn & INSN_MASK_READ) {
1333 if (copy_to_user(insns[i].data, data,
1334 insns[i].n * sizeof(unsigned int))) {
1335 dev_dbg(dev->class_dev,
1336 "copy_to_user failed\n");
1337 ret = -EFAULT;
1338 goto error;
1339 }
1340 }
1341 if (need_resched())
1342 schedule();
1343 }
1344
1345 error:
1346 kfree(insns);
1347 kfree(data);
1348
1349 if (ret < 0)
1350 return ret;
1351 return i;
1352 }
1353
1354 /*
1355 * COMEDI_INSN
1356 * synchronous instructions
1357 *
1358 * arg:
1359 * pointer to insn
1360 *
1361 * reads:
1362 * struct comedi_insn struct at arg
1363 * data (for writes)
1364 *
1365 * writes:
1366 * data (for reads)
1367 */
do_insn_ioctl(struct comedi_device * dev,struct comedi_insn __user * arg,void * file)1368 static int do_insn_ioctl(struct comedi_device *dev,
1369 struct comedi_insn __user *arg, void *file)
1370 {
1371 struct comedi_insn insn;
1372 unsigned int *data = NULL;
1373 int ret = 0;
1374
1375 data = kmalloc_array(MAX_SAMPLES, sizeof(unsigned int), GFP_KERNEL);
1376 if (!data) {
1377 ret = -ENOMEM;
1378 goto error;
1379 }
1380
1381 if (copy_from_user(&insn, arg, sizeof(insn))) {
1382 ret = -EFAULT;
1383 goto error;
1384 }
1385
1386 /* This is where the behavior of insn and insnlist deviate. */
1387 if (insn.n > MAX_SAMPLES)
1388 insn.n = MAX_SAMPLES;
1389 if (insn.insn & INSN_MASK_WRITE) {
1390 if (copy_from_user(data,
1391 insn.data,
1392 insn.n * sizeof(unsigned int))) {
1393 ret = -EFAULT;
1394 goto error;
1395 }
1396 }
1397 ret = parse_insn(dev, &insn, data, file);
1398 if (ret < 0)
1399 goto error;
1400 if (insn.insn & INSN_MASK_READ) {
1401 if (copy_to_user(insn.data,
1402 data,
1403 insn.n * sizeof(unsigned int))) {
1404 ret = -EFAULT;
1405 goto error;
1406 }
1407 }
1408 ret = insn.n;
1409
1410 error:
1411 kfree(data);
1412
1413 return ret;
1414 }
1415
__comedi_get_user_cmd(struct comedi_device * dev,struct comedi_cmd __user * arg,struct comedi_cmd * cmd)1416 static int __comedi_get_user_cmd(struct comedi_device *dev,
1417 struct comedi_cmd __user *arg,
1418 struct comedi_cmd *cmd)
1419 {
1420 struct comedi_subdevice *s;
1421
1422 if (copy_from_user(cmd, arg, sizeof(*cmd))) {
1423 dev_dbg(dev->class_dev, "bad cmd address\n");
1424 return -EFAULT;
1425 }
1426
1427 if (cmd->subdev >= dev->n_subdevices) {
1428 dev_dbg(dev->class_dev, "%d no such subdevice\n", cmd->subdev);
1429 return -ENODEV;
1430 }
1431
1432 s = &dev->subdevices[cmd->subdev];
1433
1434 if (s->type == COMEDI_SUBD_UNUSED) {
1435 dev_dbg(dev->class_dev, "%d not valid subdevice\n",
1436 cmd->subdev);
1437 return -EIO;
1438 }
1439
1440 if (!s->do_cmd || !s->do_cmdtest || !s->async) {
1441 dev_dbg(dev->class_dev,
1442 "subdevice %d does not support commands\n",
1443 cmd->subdev);
1444 return -EIO;
1445 }
1446
1447 /* make sure channel/gain list isn't too long */
1448 if (cmd->chanlist_len > s->len_chanlist) {
1449 dev_dbg(dev->class_dev, "channel/gain list too long %d > %d\n",
1450 cmd->chanlist_len, s->len_chanlist);
1451 return -EINVAL;
1452 }
1453
1454 return 0;
1455 }
1456
__comedi_get_user_chanlist(struct comedi_device * dev,struct comedi_subdevice * s,unsigned int __user * user_chanlist,struct comedi_cmd * cmd)1457 static int __comedi_get_user_chanlist(struct comedi_device *dev,
1458 struct comedi_subdevice *s,
1459 unsigned int __user *user_chanlist,
1460 struct comedi_cmd *cmd)
1461 {
1462 unsigned int *chanlist;
1463 int ret;
1464
1465 cmd->chanlist = NULL;
1466 chanlist = memdup_user(user_chanlist,
1467 cmd->chanlist_len * sizeof(unsigned int));
1468 if (IS_ERR(chanlist))
1469 return PTR_ERR(chanlist);
1470
1471 /* make sure each element in channel/gain list is valid */
1472 ret = comedi_check_chanlist(s, cmd->chanlist_len, chanlist);
1473 if (ret < 0) {
1474 kfree(chanlist);
1475 return ret;
1476 }
1477
1478 cmd->chanlist = chanlist;
1479
1480 return 0;
1481 }
1482
do_cmd_ioctl(struct comedi_device * dev,struct comedi_cmd __user * arg,void * file)1483 static int do_cmd_ioctl(struct comedi_device *dev,
1484 struct comedi_cmd __user *arg, void *file)
1485 {
1486 struct comedi_cmd cmd;
1487 struct comedi_subdevice *s;
1488 struct comedi_async *async;
1489 unsigned int __user *user_chanlist;
1490 int ret;
1491
1492 /* get the user's cmd and do some simple validation */
1493 ret = __comedi_get_user_cmd(dev, arg, &cmd);
1494 if (ret)
1495 return ret;
1496
1497 /* save user's chanlist pointer so it can be restored later */
1498 user_chanlist = (unsigned int __user *)cmd.chanlist;
1499
1500 s = &dev->subdevices[cmd.subdev];
1501 async = s->async;
1502
1503 /* are we locked? (ioctl lock) */
1504 if (s->lock && s->lock != file) {
1505 dev_dbg(dev->class_dev, "subdevice locked\n");
1506 return -EACCES;
1507 }
1508
1509 /* are we busy? */
1510 if (s->busy) {
1511 dev_dbg(dev->class_dev, "subdevice busy\n");
1512 return -EBUSY;
1513 }
1514
1515 /* make sure channel/gain list isn't too short */
1516 if (cmd.chanlist_len < 1) {
1517 dev_dbg(dev->class_dev, "channel/gain list too short %u < 1\n",
1518 cmd.chanlist_len);
1519 return -EINVAL;
1520 }
1521
1522 async->cmd = cmd;
1523 async->cmd.data = NULL;
1524
1525 /* load channel/gain list */
1526 ret = __comedi_get_user_chanlist(dev, s, user_chanlist, &async->cmd);
1527 if (ret)
1528 goto cleanup;
1529
1530 ret = s->do_cmdtest(dev, s, &async->cmd);
1531
1532 if (async->cmd.flags & CMDF_BOGUS || ret) {
1533 dev_dbg(dev->class_dev, "test returned %d\n", ret);
1534 cmd = async->cmd;
1535 /* restore chanlist pointer before copying back */
1536 cmd.chanlist = (unsigned int __force *)user_chanlist;
1537 cmd.data = NULL;
1538 if (copy_to_user(arg, &cmd, sizeof(cmd))) {
1539 dev_dbg(dev->class_dev, "fault writing cmd\n");
1540 ret = -EFAULT;
1541 goto cleanup;
1542 }
1543 ret = -EAGAIN;
1544 goto cleanup;
1545 }
1546
1547 if (!async->prealloc_bufsz) {
1548 ret = -ENOMEM;
1549 dev_dbg(dev->class_dev, "no buffer (?)\n");
1550 goto cleanup;
1551 }
1552
1553 comedi_buf_reset(s);
1554
1555 async->cb_mask =
1556 COMEDI_CB_EOA | COMEDI_CB_BLOCK | COMEDI_CB_ERROR |
1557 COMEDI_CB_OVERFLOW;
1558 if (async->cmd.flags & CMDF_WAKE_EOS)
1559 async->cb_mask |= COMEDI_CB_EOS;
1560
1561 comedi_set_subdevice_runflags(s, SRF_ERROR | SRF_RUNNING, SRF_RUNNING);
1562
1563 /* set s->busy _after_ setting SRF_RUNNING flag to avoid race with
1564 * comedi_read() or comedi_write() */
1565 s->busy = file;
1566 ret = s->do_cmd(dev, s);
1567 if (ret == 0)
1568 return 0;
1569
1570 cleanup:
1571 do_become_nonbusy(dev, s);
1572
1573 return ret;
1574 }
1575
1576 /*
1577 COMEDI_CMDTEST
1578 command testing ioctl
1579
1580 arg:
1581 pointer to cmd structure
1582
1583 reads:
1584 cmd structure at arg
1585 channel/range list
1586
1587 writes:
1588 modified cmd structure at arg
1589
1590 */
do_cmdtest_ioctl(struct comedi_device * dev,struct comedi_cmd __user * arg,void * file)1591 static int do_cmdtest_ioctl(struct comedi_device *dev,
1592 struct comedi_cmd __user *arg, void *file)
1593 {
1594 struct comedi_cmd cmd;
1595 struct comedi_subdevice *s;
1596 unsigned int __user *user_chanlist;
1597 int ret;
1598
1599 /* get the user's cmd and do some simple validation */
1600 ret = __comedi_get_user_cmd(dev, arg, &cmd);
1601 if (ret)
1602 return ret;
1603
1604 /* save user's chanlist pointer so it can be restored later */
1605 user_chanlist = (unsigned int __user *)cmd.chanlist;
1606
1607 s = &dev->subdevices[cmd.subdev];
1608
1609 /* user_chanlist can be NULL for COMEDI_CMDTEST ioctl */
1610 if (user_chanlist) {
1611 /* load channel/gain list */
1612 ret = __comedi_get_user_chanlist(dev, s, user_chanlist, &cmd);
1613 if (ret)
1614 return ret;
1615 }
1616
1617 ret = s->do_cmdtest(dev, s, &cmd);
1618
1619 kfree(cmd.chanlist); /* free kernel copy of user chanlist */
1620
1621 /* restore chanlist pointer before copying back */
1622 cmd.chanlist = (unsigned int __force *)user_chanlist;
1623
1624 if (copy_to_user(arg, &cmd, sizeof(cmd))) {
1625 dev_dbg(dev->class_dev, "bad cmd address\n");
1626 ret = -EFAULT;
1627 }
1628
1629 return ret;
1630 }
1631
1632 /*
1633 COMEDI_LOCK
1634 lock subdevice
1635
1636 arg:
1637 subdevice number
1638
1639 reads:
1640 none
1641
1642 writes:
1643 none
1644
1645 */
1646
do_lock_ioctl(struct comedi_device * dev,unsigned long arg,void * file)1647 static int do_lock_ioctl(struct comedi_device *dev, unsigned long arg,
1648 void *file)
1649 {
1650 int ret = 0;
1651 unsigned long flags;
1652 struct comedi_subdevice *s;
1653
1654 if (arg >= dev->n_subdevices)
1655 return -EINVAL;
1656 s = &dev->subdevices[arg];
1657
1658 spin_lock_irqsave(&s->spin_lock, flags);
1659 if (s->busy || s->lock)
1660 ret = -EBUSY;
1661 else
1662 s->lock = file;
1663 spin_unlock_irqrestore(&s->spin_lock, flags);
1664
1665 return ret;
1666 }
1667
1668 /*
1669 COMEDI_UNLOCK
1670 unlock subdevice
1671
1672 arg:
1673 subdevice number
1674
1675 reads:
1676 none
1677
1678 writes:
1679 none
1680
1681 This function isn't protected by the semaphore, since
1682 we already own the lock.
1683 */
do_unlock_ioctl(struct comedi_device * dev,unsigned long arg,void * file)1684 static int do_unlock_ioctl(struct comedi_device *dev, unsigned long arg,
1685 void *file)
1686 {
1687 struct comedi_subdevice *s;
1688
1689 if (arg >= dev->n_subdevices)
1690 return -EINVAL;
1691 s = &dev->subdevices[arg];
1692
1693 if (s->busy)
1694 return -EBUSY;
1695
1696 if (s->lock && s->lock != file)
1697 return -EACCES;
1698
1699 if (s->lock == file)
1700 s->lock = NULL;
1701
1702 return 0;
1703 }
1704
1705 /*
1706 COMEDI_CANCEL
1707 cancel acquisition ioctl
1708
1709 arg:
1710 subdevice number
1711
1712 reads:
1713 nothing
1714
1715 writes:
1716 nothing
1717
1718 */
do_cancel_ioctl(struct comedi_device * dev,unsigned long arg,void * file)1719 static int do_cancel_ioctl(struct comedi_device *dev, unsigned long arg,
1720 void *file)
1721 {
1722 struct comedi_subdevice *s;
1723 int ret;
1724
1725 if (arg >= dev->n_subdevices)
1726 return -EINVAL;
1727 s = &dev->subdevices[arg];
1728 if (s->async == NULL)
1729 return -EINVAL;
1730
1731 if (!s->busy)
1732 return 0;
1733
1734 if (s->busy != file)
1735 return -EBUSY;
1736
1737 ret = do_cancel(dev, s);
1738
1739 return ret;
1740 }
1741
1742 /*
1743 COMEDI_POLL ioctl
1744 instructs driver to synchronize buffers
1745
1746 arg:
1747 subdevice number
1748
1749 reads:
1750 nothing
1751
1752 writes:
1753 nothing
1754
1755 */
do_poll_ioctl(struct comedi_device * dev,unsigned long arg,void * file)1756 static int do_poll_ioctl(struct comedi_device *dev, unsigned long arg,
1757 void *file)
1758 {
1759 struct comedi_subdevice *s;
1760
1761 if (arg >= dev->n_subdevices)
1762 return -EINVAL;
1763 s = &dev->subdevices[arg];
1764
1765 if (!s->busy)
1766 return 0;
1767
1768 if (s->busy != file)
1769 return -EBUSY;
1770
1771 if (s->poll)
1772 return s->poll(dev, s);
1773
1774 return -EINVAL;
1775 }
1776
comedi_unlocked_ioctl(struct file * file,unsigned int cmd,unsigned long arg)1777 static long comedi_unlocked_ioctl(struct file *file, unsigned int cmd,
1778 unsigned long arg)
1779 {
1780 const unsigned minor = iminor(file_inode(file));
1781 struct comedi_device *dev = file->private_data;
1782 int rc;
1783
1784 mutex_lock(&dev->mutex);
1785
1786 /* Device config is special, because it must work on
1787 * an unconfigured device. */
1788 if (cmd == COMEDI_DEVCONFIG) {
1789 if (minor >= COMEDI_NUM_BOARD_MINORS) {
1790 /* Device config not appropriate on non-board minors. */
1791 rc = -ENOTTY;
1792 goto done;
1793 }
1794 rc = do_devconfig_ioctl(dev,
1795 (struct comedi_devconfig __user *)arg);
1796 if (rc == 0) {
1797 if (arg == 0 &&
1798 dev->minor >= comedi_num_legacy_minors) {
1799 /* Successfully unconfigured a dynamically
1800 * allocated device. Try and remove it. */
1801 if (comedi_clear_board_dev(dev)) {
1802 mutex_unlock(&dev->mutex);
1803 comedi_free_board_dev(dev);
1804 return rc;
1805 }
1806 }
1807 }
1808 goto done;
1809 }
1810
1811 if (!dev->attached) {
1812 dev_dbg(dev->class_dev, "no driver attached\n");
1813 rc = -ENODEV;
1814 goto done;
1815 }
1816
1817 switch (cmd) {
1818 case COMEDI_BUFCONFIG:
1819 rc = do_bufconfig_ioctl(dev,
1820 (struct comedi_bufconfig __user *)arg);
1821 break;
1822 case COMEDI_DEVINFO:
1823 rc = do_devinfo_ioctl(dev, (struct comedi_devinfo __user *)arg,
1824 file);
1825 break;
1826 case COMEDI_SUBDINFO:
1827 rc = do_subdinfo_ioctl(dev,
1828 (struct comedi_subdinfo __user *)arg,
1829 file);
1830 break;
1831 case COMEDI_CHANINFO:
1832 rc = do_chaninfo_ioctl(dev, (void __user *)arg);
1833 break;
1834 case COMEDI_RANGEINFO:
1835 rc = do_rangeinfo_ioctl(dev, (void __user *)arg);
1836 break;
1837 case COMEDI_BUFINFO:
1838 rc = do_bufinfo_ioctl(dev,
1839 (struct comedi_bufinfo __user *)arg,
1840 file);
1841 break;
1842 case COMEDI_LOCK:
1843 rc = do_lock_ioctl(dev, arg, file);
1844 break;
1845 case COMEDI_UNLOCK:
1846 rc = do_unlock_ioctl(dev, arg, file);
1847 break;
1848 case COMEDI_CANCEL:
1849 rc = do_cancel_ioctl(dev, arg, file);
1850 break;
1851 case COMEDI_CMD:
1852 rc = do_cmd_ioctl(dev, (struct comedi_cmd __user *)arg, file);
1853 break;
1854 case COMEDI_CMDTEST:
1855 rc = do_cmdtest_ioctl(dev, (struct comedi_cmd __user *)arg,
1856 file);
1857 break;
1858 case COMEDI_INSNLIST:
1859 rc = do_insnlist_ioctl(dev,
1860 (struct comedi_insnlist __user *)arg,
1861 file);
1862 break;
1863 case COMEDI_INSN:
1864 rc = do_insn_ioctl(dev, (struct comedi_insn __user *)arg,
1865 file);
1866 break;
1867 case COMEDI_POLL:
1868 rc = do_poll_ioctl(dev, arg, file);
1869 break;
1870 default:
1871 rc = -ENOTTY;
1872 break;
1873 }
1874
1875 done:
1876 mutex_unlock(&dev->mutex);
1877 return rc;
1878 }
1879
comedi_vm_open(struct vm_area_struct * area)1880 static void comedi_vm_open(struct vm_area_struct *area)
1881 {
1882 struct comedi_buf_map *bm;
1883
1884 bm = area->vm_private_data;
1885 comedi_buf_map_get(bm);
1886 }
1887
comedi_vm_close(struct vm_area_struct * area)1888 static void comedi_vm_close(struct vm_area_struct *area)
1889 {
1890 struct comedi_buf_map *bm;
1891
1892 bm = area->vm_private_data;
1893 comedi_buf_map_put(bm);
1894 }
1895
1896 static struct vm_operations_struct comedi_vm_ops = {
1897 .open = comedi_vm_open,
1898 .close = comedi_vm_close,
1899 };
1900
comedi_mmap(struct file * file,struct vm_area_struct * vma)1901 static int comedi_mmap(struct file *file, struct vm_area_struct *vma)
1902 {
1903 const unsigned minor = iminor(file_inode(file));
1904 struct comedi_device *dev = file->private_data;
1905 struct comedi_subdevice *s;
1906 struct comedi_async *async;
1907 struct comedi_buf_map *bm = NULL;
1908 unsigned long start = vma->vm_start;
1909 unsigned long size;
1910 int n_pages;
1911 int i;
1912 int retval;
1913
1914 /*
1915 * 'trylock' avoids circular dependency with current->mm->mmap_sem
1916 * and down-reading &dev->attach_lock should normally succeed without
1917 * contention unless the device is in the process of being attached
1918 * or detached.
1919 */
1920 if (!down_read_trylock(&dev->attach_lock))
1921 return -EAGAIN;
1922
1923 if (!dev->attached) {
1924 dev_dbg(dev->class_dev, "no driver attached\n");
1925 retval = -ENODEV;
1926 goto done;
1927 }
1928
1929 if (vma->vm_flags & VM_WRITE)
1930 s = comedi_write_subdevice(dev, minor);
1931 else
1932 s = comedi_read_subdevice(dev, minor);
1933 if (!s) {
1934 retval = -EINVAL;
1935 goto done;
1936 }
1937
1938 async = s->async;
1939 if (!async) {
1940 retval = -EINVAL;
1941 goto done;
1942 }
1943
1944 if (vma->vm_pgoff != 0) {
1945 dev_dbg(dev->class_dev, "mmap() offset must be 0.\n");
1946 retval = -EINVAL;
1947 goto done;
1948 }
1949
1950 size = vma->vm_end - vma->vm_start;
1951 if (size > async->prealloc_bufsz) {
1952 retval = -EFAULT;
1953 goto done;
1954 }
1955 if (size & (~PAGE_MASK)) {
1956 retval = -EFAULT;
1957 goto done;
1958 }
1959
1960 n_pages = size >> PAGE_SHIFT;
1961
1962 /* get reference to current buf map (if any) */
1963 bm = comedi_buf_map_from_subdev_get(s);
1964 if (!bm || n_pages > bm->n_pages) {
1965 retval = -EINVAL;
1966 goto done;
1967 }
1968 for (i = 0; i < n_pages; ++i) {
1969 struct comedi_buf_page *buf = &bm->page_list[i];
1970
1971 if (remap_pfn_range(vma, start,
1972 page_to_pfn(virt_to_page(buf->virt_addr)),
1973 PAGE_SIZE, PAGE_SHARED)) {
1974 retval = -EAGAIN;
1975 goto done;
1976 }
1977 start += PAGE_SIZE;
1978 }
1979
1980 vma->vm_ops = &comedi_vm_ops;
1981 vma->vm_private_data = bm;
1982
1983 vma->vm_ops->open(vma);
1984
1985 retval = 0;
1986 done:
1987 up_read(&dev->attach_lock);
1988 comedi_buf_map_put(bm); /* put reference to buf map - okay if NULL */
1989 return retval;
1990 }
1991
comedi_poll(struct file * file,poll_table * wait)1992 static unsigned int comedi_poll(struct file *file, poll_table *wait)
1993 {
1994 unsigned int mask = 0;
1995 const unsigned minor = iminor(file_inode(file));
1996 struct comedi_device *dev = file->private_data;
1997 struct comedi_subdevice *s;
1998
1999 mutex_lock(&dev->mutex);
2000
2001 if (!dev->attached) {
2002 dev_dbg(dev->class_dev, "no driver attached\n");
2003 goto done;
2004 }
2005
2006 s = comedi_read_subdevice(dev, minor);
2007 if (s && s->async) {
2008 poll_wait(file, &s->async->wait_head, wait);
2009 if (!s->busy || !comedi_is_subdevice_running(s) ||
2010 comedi_buf_read_n_available(s) > 0)
2011 mask |= POLLIN | POLLRDNORM;
2012 }
2013
2014 s = comedi_write_subdevice(dev, minor);
2015 if (s && s->async) {
2016 unsigned int bps = bytes_per_sample(s);
2017
2018 poll_wait(file, &s->async->wait_head, wait);
2019 comedi_buf_write_alloc(s, s->async->prealloc_bufsz);
2020 if (!s->busy || !comedi_is_subdevice_running(s) ||
2021 comedi_buf_write_n_allocated(s) >= bps)
2022 mask |= POLLOUT | POLLWRNORM;
2023 }
2024
2025 done:
2026 mutex_unlock(&dev->mutex);
2027 return mask;
2028 }
2029
comedi_write(struct file * file,const char __user * buf,size_t nbytes,loff_t * offset)2030 static ssize_t comedi_write(struct file *file, const char __user *buf,
2031 size_t nbytes, loff_t *offset)
2032 {
2033 struct comedi_subdevice *s;
2034 struct comedi_async *async;
2035 int n, m, count = 0, retval = 0;
2036 DECLARE_WAITQUEUE(wait, current);
2037 const unsigned minor = iminor(file_inode(file));
2038 struct comedi_device *dev = file->private_data;
2039 bool on_wait_queue = false;
2040 bool attach_locked;
2041 unsigned int old_detach_count;
2042
2043 /* Protect against device detachment during operation. */
2044 down_read(&dev->attach_lock);
2045 attach_locked = true;
2046 old_detach_count = dev->detach_count;
2047
2048 if (!dev->attached) {
2049 dev_dbg(dev->class_dev, "no driver attached\n");
2050 retval = -ENODEV;
2051 goto out;
2052 }
2053
2054 s = comedi_write_subdevice(dev, minor);
2055 if (!s || !s->async) {
2056 retval = -EIO;
2057 goto out;
2058 }
2059
2060 async = s->async;
2061
2062 if (!s->busy || !nbytes)
2063 goto out;
2064 if (s->busy != file) {
2065 retval = -EACCES;
2066 goto out;
2067 }
2068
2069 add_wait_queue(&async->wait_head, &wait);
2070 on_wait_queue = true;
2071 while (nbytes > 0 && !retval) {
2072 set_current_state(TASK_INTERRUPTIBLE);
2073
2074 if (!comedi_is_subdevice_running(s)) {
2075 if (count == 0) {
2076 struct comedi_subdevice *new_s;
2077
2078 if (comedi_is_subdevice_in_error(s))
2079 retval = -EPIPE;
2080 else
2081 retval = 0;
2082 /*
2083 * To avoid deadlock, cannot acquire dev->mutex
2084 * while dev->attach_lock is held. Need to
2085 * remove task from the async wait queue before
2086 * releasing dev->attach_lock, as it might not
2087 * be valid afterwards.
2088 */
2089 remove_wait_queue(&async->wait_head, &wait);
2090 on_wait_queue = false;
2091 up_read(&dev->attach_lock);
2092 attach_locked = false;
2093 mutex_lock(&dev->mutex);
2094 /*
2095 * Become non-busy unless things have changed
2096 * behind our back. Checking dev->detach_count
2097 * is unchanged ought to be sufficient (unless
2098 * there have been 2**32 detaches in the
2099 * meantime!), but check the subdevice pointer
2100 * as well just in case.
2101 */
2102 new_s = comedi_write_subdevice(dev, minor);
2103 if (dev->attached &&
2104 old_detach_count == dev->detach_count &&
2105 s == new_s && new_s->async == async)
2106 do_become_nonbusy(dev, s);
2107 mutex_unlock(&dev->mutex);
2108 }
2109 break;
2110 }
2111
2112 n = nbytes;
2113
2114 m = n;
2115 if (async->buf_write_ptr + m > async->prealloc_bufsz)
2116 m = async->prealloc_bufsz - async->buf_write_ptr;
2117 comedi_buf_write_alloc(s, async->prealloc_bufsz);
2118 if (m > comedi_buf_write_n_allocated(s))
2119 m = comedi_buf_write_n_allocated(s);
2120 if (m < n)
2121 n = m;
2122
2123 if (n == 0) {
2124 if (file->f_flags & O_NONBLOCK) {
2125 retval = -EAGAIN;
2126 break;
2127 }
2128 schedule();
2129 if (signal_pending(current)) {
2130 retval = -ERESTARTSYS;
2131 break;
2132 }
2133 if (!s->busy)
2134 break;
2135 if (s->busy != file) {
2136 retval = -EACCES;
2137 break;
2138 }
2139 continue;
2140 }
2141
2142 m = copy_from_user(async->prealloc_buf + async->buf_write_ptr,
2143 buf, n);
2144 if (m) {
2145 n -= m;
2146 retval = -EFAULT;
2147 }
2148 comedi_buf_write_free(s, n);
2149
2150 count += n;
2151 nbytes -= n;
2152
2153 buf += n;
2154 break; /* makes device work like a pipe */
2155 }
2156 out:
2157 if (on_wait_queue)
2158 remove_wait_queue(&async->wait_head, &wait);
2159 set_current_state(TASK_RUNNING);
2160 if (attach_locked)
2161 up_read(&dev->attach_lock);
2162
2163 return count ? count : retval;
2164 }
2165
comedi_read(struct file * file,char __user * buf,size_t nbytes,loff_t * offset)2166 static ssize_t comedi_read(struct file *file, char __user *buf, size_t nbytes,
2167 loff_t *offset)
2168 {
2169 struct comedi_subdevice *s;
2170 struct comedi_async *async;
2171 int n, m, count = 0, retval = 0;
2172 DECLARE_WAITQUEUE(wait, current);
2173 const unsigned minor = iminor(file_inode(file));
2174 struct comedi_device *dev = file->private_data;
2175 unsigned int old_detach_count;
2176 bool become_nonbusy = false;
2177 bool attach_locked;
2178
2179 /* Protect against device detachment during operation. */
2180 down_read(&dev->attach_lock);
2181 attach_locked = true;
2182 old_detach_count = dev->detach_count;
2183
2184 if (!dev->attached) {
2185 dev_dbg(dev->class_dev, "no driver attached\n");
2186 retval = -ENODEV;
2187 goto out;
2188 }
2189
2190 s = comedi_read_subdevice(dev, minor);
2191 if (!s || !s->async) {
2192 retval = -EIO;
2193 goto out;
2194 }
2195
2196 async = s->async;
2197 if (!s->busy || !nbytes)
2198 goto out;
2199 if (s->busy != file) {
2200 retval = -EACCES;
2201 goto out;
2202 }
2203
2204 add_wait_queue(&async->wait_head, &wait);
2205 while (nbytes > 0 && !retval) {
2206 set_current_state(TASK_INTERRUPTIBLE);
2207
2208 n = nbytes;
2209
2210 m = comedi_buf_read_n_available(s);
2211 if (async->buf_read_ptr + m > async->prealloc_bufsz)
2212 m = async->prealloc_bufsz - async->buf_read_ptr;
2213 if (m < n)
2214 n = m;
2215
2216 if (n == 0) {
2217 if (!comedi_is_subdevice_running(s)) {
2218 if (comedi_is_subdevice_in_error(s))
2219 retval = -EPIPE;
2220 else
2221 retval = 0;
2222 become_nonbusy = true;
2223 break;
2224 }
2225 if (file->f_flags & O_NONBLOCK) {
2226 retval = -EAGAIN;
2227 break;
2228 }
2229 schedule();
2230 if (signal_pending(current)) {
2231 retval = -ERESTARTSYS;
2232 break;
2233 }
2234 if (!s->busy) {
2235 retval = 0;
2236 break;
2237 }
2238 if (s->busy != file) {
2239 retval = -EACCES;
2240 break;
2241 }
2242 continue;
2243 }
2244 m = copy_to_user(buf, async->prealloc_buf +
2245 async->buf_read_ptr, n);
2246 if (m) {
2247 n -= m;
2248 retval = -EFAULT;
2249 }
2250
2251 comedi_buf_read_alloc(s, n);
2252 comedi_buf_read_free(s, n);
2253
2254 count += n;
2255 nbytes -= n;
2256
2257 buf += n;
2258 break; /* makes device work like a pipe */
2259 }
2260 remove_wait_queue(&async->wait_head, &wait);
2261 set_current_state(TASK_RUNNING);
2262 if (become_nonbusy || comedi_is_subdevice_idle(s)) {
2263 struct comedi_subdevice *new_s;
2264
2265 /*
2266 * To avoid deadlock, cannot acquire dev->mutex
2267 * while dev->attach_lock is held.
2268 */
2269 up_read(&dev->attach_lock);
2270 attach_locked = false;
2271 mutex_lock(&dev->mutex);
2272 /*
2273 * Check device hasn't become detached behind our back.
2274 * Checking dev->detach_count is unchanged ought to be
2275 * sufficient (unless there have been 2**32 detaches in the
2276 * meantime!), but check the subdevice pointer as well just in
2277 * case.
2278 */
2279 new_s = comedi_read_subdevice(dev, minor);
2280 if (dev->attached && old_detach_count == dev->detach_count &&
2281 s == new_s && new_s->async == async) {
2282 if (become_nonbusy || comedi_buf_n_bytes_ready(s) == 0)
2283 do_become_nonbusy(dev, s);
2284 }
2285 mutex_unlock(&dev->mutex);
2286 }
2287 out:
2288 if (attach_locked)
2289 up_read(&dev->attach_lock);
2290
2291 return count ? count : retval;
2292 }
2293
comedi_open(struct inode * inode,struct file * file)2294 static int comedi_open(struct inode *inode, struct file *file)
2295 {
2296 const unsigned minor = iminor(inode);
2297 struct comedi_device *dev = comedi_dev_get_from_minor(minor);
2298 int rc;
2299
2300 if (!dev) {
2301 pr_debug("invalid minor number\n");
2302 return -ENODEV;
2303 }
2304
2305 mutex_lock(&dev->mutex);
2306 if (!dev->attached && !capable(CAP_NET_ADMIN)) {
2307 dev_dbg(dev->class_dev, "not attached and not CAP_NET_ADMIN\n");
2308 rc = -ENODEV;
2309 goto out;
2310 }
2311 if (dev->attached && dev->use_count == 0) {
2312 if (!try_module_get(dev->driver->module)) {
2313 rc = -ENOSYS;
2314 goto out;
2315 }
2316 if (dev->open) {
2317 rc = dev->open(dev);
2318 if (rc < 0) {
2319 module_put(dev->driver->module);
2320 goto out;
2321 }
2322 }
2323 }
2324
2325 dev->use_count++;
2326 file->private_data = dev;
2327 rc = 0;
2328
2329 out:
2330 mutex_unlock(&dev->mutex);
2331 if (rc)
2332 comedi_dev_put(dev);
2333 return rc;
2334 }
2335
comedi_fasync(int fd,struct file * file,int on)2336 static int comedi_fasync(int fd, struct file *file, int on)
2337 {
2338 struct comedi_device *dev = file->private_data;
2339
2340 return fasync_helper(fd, file, on, &dev->async_queue);
2341 }
2342
comedi_close(struct inode * inode,struct file * file)2343 static int comedi_close(struct inode *inode, struct file *file)
2344 {
2345 struct comedi_device *dev = file->private_data;
2346 struct comedi_subdevice *s = NULL;
2347 int i;
2348
2349 mutex_lock(&dev->mutex);
2350
2351 if (dev->subdevices) {
2352 for (i = 0; i < dev->n_subdevices; i++) {
2353 s = &dev->subdevices[i];
2354
2355 if (s->busy == file)
2356 do_cancel(dev, s);
2357 if (s->lock == file)
2358 s->lock = NULL;
2359 }
2360 }
2361 if (dev->attached && dev->use_count == 1) {
2362 if (dev->close)
2363 dev->close(dev);
2364 module_put(dev->driver->module);
2365 }
2366
2367 dev->use_count--;
2368
2369 mutex_unlock(&dev->mutex);
2370 comedi_dev_put(dev);
2371
2372 return 0;
2373 }
2374
2375 static const struct file_operations comedi_fops = {
2376 .owner = THIS_MODULE,
2377 .unlocked_ioctl = comedi_unlocked_ioctl,
2378 .compat_ioctl = comedi_compat_ioctl,
2379 .open = comedi_open,
2380 .release = comedi_close,
2381 .read = comedi_read,
2382 .write = comedi_write,
2383 .mmap = comedi_mmap,
2384 .poll = comedi_poll,
2385 .fasync = comedi_fasync,
2386 .llseek = noop_llseek,
2387 };
2388
comedi_event(struct comedi_device * dev,struct comedi_subdevice * s)2389 void comedi_event(struct comedi_device *dev, struct comedi_subdevice *s)
2390 {
2391 struct comedi_async *async = s->async;
2392 unsigned runflags = 0;
2393 unsigned runflags_mask = 0;
2394
2395 if (!comedi_is_subdevice_running(s))
2396 return;
2397
2398 if (s->
2399 async->events & (COMEDI_CB_EOA | COMEDI_CB_ERROR |
2400 COMEDI_CB_OVERFLOW)) {
2401 runflags_mask |= SRF_RUNNING;
2402 }
2403 /* remember if an error event has occurred, so an error
2404 * can be returned the next time the user does a read() */
2405 if (s->async->events & (COMEDI_CB_ERROR | COMEDI_CB_OVERFLOW)) {
2406 runflags_mask |= SRF_ERROR;
2407 runflags |= SRF_ERROR;
2408 }
2409 if (runflags_mask) {
2410 /*sets SRF_ERROR and SRF_RUNNING together atomically */
2411 comedi_set_subdevice_runflags(s, runflags_mask, runflags);
2412 }
2413
2414 if (async->cb_mask & s->async->events) {
2415 wake_up_interruptible(&async->wait_head);
2416 if (s->subdev_flags & SDF_CMD_READ)
2417 kill_fasync(&dev->async_queue, SIGIO, POLL_IN);
2418 if (s->subdev_flags & SDF_CMD_WRITE)
2419 kill_fasync(&dev->async_queue, SIGIO, POLL_OUT);
2420 }
2421 s->async->events = 0;
2422 }
2423 EXPORT_SYMBOL_GPL(comedi_event);
2424
2425 /* Note: the ->mutex is pre-locked on successful return */
comedi_alloc_board_minor(struct device * hardware_device)2426 struct comedi_device *comedi_alloc_board_minor(struct device *hardware_device)
2427 {
2428 struct comedi_device *dev;
2429 struct device *csdev;
2430 unsigned i;
2431
2432 dev = kzalloc(sizeof(*dev), GFP_KERNEL);
2433 if (dev == NULL)
2434 return ERR_PTR(-ENOMEM);
2435 comedi_device_init(dev);
2436 comedi_set_hw_dev(dev, hardware_device);
2437 mutex_lock(&dev->mutex);
2438 mutex_lock(&comedi_board_minor_table_lock);
2439 for (i = hardware_device ? comedi_num_legacy_minors : 0;
2440 i < COMEDI_NUM_BOARD_MINORS; ++i) {
2441 if (comedi_board_minor_table[i] == NULL) {
2442 comedi_board_minor_table[i] = dev;
2443 break;
2444 }
2445 }
2446 mutex_unlock(&comedi_board_minor_table_lock);
2447 if (i == COMEDI_NUM_BOARD_MINORS) {
2448 mutex_unlock(&dev->mutex);
2449 comedi_device_cleanup(dev);
2450 comedi_dev_put(dev);
2451 pr_err("ran out of minor numbers for board device files\n");
2452 return ERR_PTR(-EBUSY);
2453 }
2454 dev->minor = i;
2455 csdev = device_create(comedi_class, hardware_device,
2456 MKDEV(COMEDI_MAJOR, i), NULL, "comedi%i", i);
2457 if (!IS_ERR(csdev))
2458 dev->class_dev = get_device(csdev);
2459
2460 /* Note: dev->mutex needs to be unlocked by the caller. */
2461 return dev;
2462 }
2463
comedi_free_board_minor(unsigned minor)2464 static void comedi_free_board_minor(unsigned minor)
2465 {
2466 BUG_ON(minor >= COMEDI_NUM_BOARD_MINORS);
2467 comedi_free_board_dev(comedi_clear_board_minor(minor));
2468 }
2469
comedi_release_hardware_device(struct device * hardware_device)2470 void comedi_release_hardware_device(struct device *hardware_device)
2471 {
2472 int minor;
2473 struct comedi_device *dev;
2474
2475 for (minor = comedi_num_legacy_minors; minor < COMEDI_NUM_BOARD_MINORS;
2476 minor++) {
2477 mutex_lock(&comedi_board_minor_table_lock);
2478 dev = comedi_board_minor_table[minor];
2479 if (dev && dev->hw_dev == hardware_device) {
2480 comedi_board_minor_table[minor] = NULL;
2481 mutex_unlock(&comedi_board_minor_table_lock);
2482 comedi_free_board_dev(dev);
2483 break;
2484 }
2485 mutex_unlock(&comedi_board_minor_table_lock);
2486 }
2487 }
2488
comedi_alloc_subdevice_minor(struct comedi_subdevice * s)2489 int comedi_alloc_subdevice_minor(struct comedi_subdevice *s)
2490 {
2491 struct comedi_device *dev = s->device;
2492 struct device *csdev;
2493 unsigned i;
2494
2495 mutex_lock(&comedi_subdevice_minor_table_lock);
2496 for (i = 0; i < COMEDI_NUM_SUBDEVICE_MINORS; ++i) {
2497 if (comedi_subdevice_minor_table[i] == NULL) {
2498 comedi_subdevice_minor_table[i] = s;
2499 break;
2500 }
2501 }
2502 mutex_unlock(&comedi_subdevice_minor_table_lock);
2503 if (i == COMEDI_NUM_SUBDEVICE_MINORS) {
2504 pr_err("ran out of minor numbers for subdevice files\n");
2505 return -EBUSY;
2506 }
2507 i += COMEDI_NUM_BOARD_MINORS;
2508 s->minor = i;
2509 csdev = device_create(comedi_class, dev->class_dev,
2510 MKDEV(COMEDI_MAJOR, i), NULL, "comedi%i_subd%i",
2511 dev->minor, s->index);
2512 if (!IS_ERR(csdev))
2513 s->class_dev = csdev;
2514
2515 return 0;
2516 }
2517
comedi_free_subdevice_minor(struct comedi_subdevice * s)2518 void comedi_free_subdevice_minor(struct comedi_subdevice *s)
2519 {
2520 unsigned int i;
2521
2522 if (s == NULL)
2523 return;
2524 if (s->minor < 0)
2525 return;
2526
2527 BUG_ON(s->minor >= COMEDI_NUM_MINORS);
2528 BUG_ON(s->minor < COMEDI_NUM_BOARD_MINORS);
2529
2530 i = s->minor - COMEDI_NUM_BOARD_MINORS;
2531 mutex_lock(&comedi_subdevice_minor_table_lock);
2532 if (s == comedi_subdevice_minor_table[i])
2533 comedi_subdevice_minor_table[i] = NULL;
2534 mutex_unlock(&comedi_subdevice_minor_table_lock);
2535 if (s->class_dev) {
2536 device_destroy(comedi_class, MKDEV(COMEDI_MAJOR, s->minor));
2537 s->class_dev = NULL;
2538 }
2539 }
2540
comedi_cleanup_board_minors(void)2541 static void comedi_cleanup_board_minors(void)
2542 {
2543 unsigned i;
2544
2545 for (i = 0; i < COMEDI_NUM_BOARD_MINORS; i++)
2546 comedi_free_board_minor(i);
2547 }
2548
comedi_init(void)2549 static int __init comedi_init(void)
2550 {
2551 int i;
2552 int retval;
2553
2554 pr_info("version " COMEDI_RELEASE " - http://www.comedi.org\n");
2555
2556 if (comedi_num_legacy_minors < 0 ||
2557 comedi_num_legacy_minors > COMEDI_NUM_BOARD_MINORS) {
2558 pr_err("invalid value for module parameter \"comedi_num_legacy_minors\". Valid values are 0 through %i.\n",
2559 COMEDI_NUM_BOARD_MINORS);
2560 return -EINVAL;
2561 }
2562
2563 retval = register_chrdev_region(MKDEV(COMEDI_MAJOR, 0),
2564 COMEDI_NUM_MINORS, "comedi");
2565 if (retval)
2566 return -EIO;
2567 cdev_init(&comedi_cdev, &comedi_fops);
2568 comedi_cdev.owner = THIS_MODULE;
2569
2570 retval = kobject_set_name(&comedi_cdev.kobj, "comedi");
2571 if (retval) {
2572 unregister_chrdev_region(MKDEV(COMEDI_MAJOR, 0),
2573 COMEDI_NUM_MINORS);
2574 return retval;
2575 }
2576
2577 if (cdev_add(&comedi_cdev, MKDEV(COMEDI_MAJOR, 0), COMEDI_NUM_MINORS)) {
2578 unregister_chrdev_region(MKDEV(COMEDI_MAJOR, 0),
2579 COMEDI_NUM_MINORS);
2580 return -EIO;
2581 }
2582 comedi_class = class_create(THIS_MODULE, "comedi");
2583 if (IS_ERR(comedi_class)) {
2584 pr_err("failed to create class\n");
2585 cdev_del(&comedi_cdev);
2586 unregister_chrdev_region(MKDEV(COMEDI_MAJOR, 0),
2587 COMEDI_NUM_MINORS);
2588 return PTR_ERR(comedi_class);
2589 }
2590
2591 comedi_class->dev_groups = comedi_dev_groups;
2592
2593 /* create devices files for legacy/manual use */
2594 for (i = 0; i < comedi_num_legacy_minors; i++) {
2595 struct comedi_device *dev;
2596
2597 dev = comedi_alloc_board_minor(NULL);
2598 if (IS_ERR(dev)) {
2599 comedi_cleanup_board_minors();
2600 class_destroy(comedi_class);
2601 cdev_del(&comedi_cdev);
2602 unregister_chrdev_region(MKDEV(COMEDI_MAJOR, 0),
2603 COMEDI_NUM_MINORS);
2604 return PTR_ERR(dev);
2605 }
2606 /* comedi_alloc_board_minor() locked the mutex */
2607 mutex_unlock(&dev->mutex);
2608 }
2609
2610 /* XXX requires /proc interface */
2611 comedi_proc_init();
2612
2613 return 0;
2614 }
2615 module_init(comedi_init);
2616
comedi_cleanup(void)2617 static void __exit comedi_cleanup(void)
2618 {
2619 int i;
2620
2621 comedi_cleanup_board_minors();
2622 for (i = 0; i < COMEDI_NUM_BOARD_MINORS; ++i)
2623 BUG_ON(comedi_board_minor_table[i]);
2624 for (i = 0; i < COMEDI_NUM_SUBDEVICE_MINORS; ++i)
2625 BUG_ON(comedi_subdevice_minor_table[i]);
2626
2627 class_destroy(comedi_class);
2628 cdev_del(&comedi_cdev);
2629 unregister_chrdev_region(MKDEV(COMEDI_MAJOR, 0), COMEDI_NUM_MINORS);
2630
2631 comedi_proc_cleanup();
2632 }
2633 module_exit(comedi_cleanup);
2634
2635 MODULE_AUTHOR("http://www.comedi.org");
2636 MODULE_DESCRIPTION("Comedi core module");
2637 MODULE_LICENSE("GPL");
2638