1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3 * Core IEEE1394 transaction logic
4 *
5 * Copyright (C) 2004-2006 Kristian Hoegsberg <krh@bitplanet.net>
6 */
7
8 #include <linux/bug.h>
9 #include <linux/completion.h>
10 #include <linux/device.h>
11 #include <linux/errno.h>
12 #include <linux/firewire.h>
13 #include <linux/firewire-constants.h>
14 #include <linux/fs.h>
15 #include <linux/init.h>
16 #include <linux/jiffies.h>
17 #include <linux/kernel.h>
18 #include <linux/list.h>
19 #include <linux/module.h>
20 #include <linux/rculist.h>
21 #include <linux/slab.h>
22 #include <linux/spinlock.h>
23 #include <linux/string.h>
24 #include <linux/timer.h>
25 #include <linux/types.h>
26 #include <linux/workqueue.h>
27
28 #include <asm/byteorder.h>
29
30 #include "core.h"
31 #include "packet-header-definitions.h"
32 #include "phy-packet-definitions.h"
33 #include <trace/events/firewire.h>
34
35 #define HEADER_DESTINATION_IS_BROADCAST(header) \
36 ((async_header_get_destination(header) & 0x3f) == 0x3f)
37
38 /* returns 0 if the split timeout handler is already running */
try_cancel_split_timeout(struct fw_transaction * t)39 static int try_cancel_split_timeout(struct fw_transaction *t)
40 {
41 if (t->is_split_transaction)
42 return timer_delete(&t->split_timeout_timer);
43 else
44 return 1;
45 }
46
47 // card->transactions.lock must be acquired in advance.
remove_transaction_entry(struct fw_card * card,struct fw_transaction * entry)48 static void remove_transaction_entry(struct fw_card *card, struct fw_transaction *entry)
49 {
50 list_del_init(&entry->link);
51 card->transactions.tlabel_mask &= ~(1ULL << entry->tlabel);
52 }
53
54 // Must be called without holding card->transactions.lock.
fw_cancel_pending_transactions(struct fw_card * card)55 void fw_cancel_pending_transactions(struct fw_card *card)
56 {
57 struct fw_transaction *t, *tmp;
58 LIST_HEAD(pending_list);
59
60 // NOTE: This can be without irqsave when we can guarantee that __fw_send_request() for
61 // local destination never runs in any type of IRQ context.
62 scoped_guard(spinlock_irqsave, &card->transactions.lock) {
63 list_for_each_entry_safe(t, tmp, &card->transactions.list, link) {
64 if (try_cancel_split_timeout(t))
65 list_move(&t->link, &pending_list);
66 }
67 }
68
69 list_for_each_entry_safe(t, tmp, &pending_list, link) {
70 list_del(&t->link);
71
72 if (!t->with_tstamp) {
73 t->callback.without_tstamp(card, RCODE_CANCELLED, NULL, 0,
74 t->callback_data);
75 } else {
76 t->callback.with_tstamp(card, RCODE_CANCELLED, t->packet.timestamp, 0,
77 NULL, 0, t->callback_data);
78 }
79 }
80 }
81
82 // card->transactions.lock must be acquired in advance.
83 #define find_and_pop_transaction_entry(card, condition) \
84 ({ \
85 struct fw_transaction *iter, *t = NULL; \
86 list_for_each_entry(iter, &card->transactions.list, link) { \
87 if (condition) { \
88 t = iter; \
89 break; \
90 } \
91 } \
92 if (t && try_cancel_split_timeout(t)) \
93 remove_transaction_entry(card, t); \
94 t; \
95 })
96
close_transaction(struct fw_transaction * transaction,struct fw_card * card,int rcode,u32 response_tstamp)97 static int close_transaction(struct fw_transaction *transaction, struct fw_card *card, int rcode,
98 u32 response_tstamp)
99 {
100 struct fw_transaction *t;
101
102 // NOTE: This can be without irqsave when we can guarantee that __fw_send_request() for
103 // local destination never runs in any type of IRQ context.
104 scoped_guard(spinlock_irqsave, &card->transactions.lock) {
105 t = find_and_pop_transaction_entry(card, iter == transaction);
106 if (!t)
107 return -ENOENT;
108 }
109
110 if (!t->with_tstamp) {
111 t->callback.without_tstamp(card, rcode, NULL, 0, t->callback_data);
112 } else {
113 t->callback.with_tstamp(card, rcode, t->packet.timestamp, response_tstamp, NULL, 0,
114 t->callback_data);
115 }
116
117 return 0;
118 }
119
120 /*
121 * Only valid for transactions that are potentially pending (ie have
122 * been sent).
123 */
fw_cancel_transaction(struct fw_card * card,struct fw_transaction * transaction)124 int fw_cancel_transaction(struct fw_card *card,
125 struct fw_transaction *transaction)
126 {
127 u32 tstamp;
128
129 /*
130 * Cancel the packet transmission if it's still queued. That
131 * will call the packet transmission callback which cancels
132 * the transaction.
133 */
134
135 if (card->driver->cancel_packet(card, &transaction->packet) == 0)
136 return 0;
137
138 /*
139 * If the request packet has already been sent, we need to see
140 * if the transaction is still pending and remove it in that case.
141 */
142
143 if (transaction->packet.ack == 0) {
144 // The timestamp is reused since it was just read now.
145 tstamp = transaction->packet.timestamp;
146 } else {
147 u32 curr_cycle_time = 0;
148
149 (void)fw_card_read_cycle_time(card, &curr_cycle_time);
150 tstamp = cycle_time_to_ohci_tstamp(curr_cycle_time);
151 }
152
153 return close_transaction(transaction, card, RCODE_CANCELLED, tstamp);
154 }
155 EXPORT_SYMBOL(fw_cancel_transaction);
156
split_transaction_timeout_callback(struct timer_list * timer)157 static void split_transaction_timeout_callback(struct timer_list *timer)
158 {
159 struct fw_transaction *t = timer_container_of(t, timer, split_timeout_timer);
160 struct fw_card *card = t->card;
161
162 scoped_guard(spinlock_irqsave, &card->transactions.lock) {
163 if (list_empty(&t->link))
164 return;
165 remove_transaction_entry(card, t);
166 }
167
168 if (!t->with_tstamp) {
169 t->callback.without_tstamp(card, RCODE_CANCELLED, NULL, 0, t->callback_data);
170 } else {
171 t->callback.with_tstamp(card, RCODE_CANCELLED, t->packet.timestamp,
172 t->split_timeout_cycle, NULL, 0, t->callback_data);
173 }
174 }
175
176 // card->transactions.lock should be acquired in advance for the linked list.
start_split_transaction_timeout(struct fw_transaction * t,unsigned int delta)177 static void start_split_transaction_timeout(struct fw_transaction *t, unsigned int delta)
178 {
179 if (list_empty(&t->link) || WARN_ON(t->is_split_transaction))
180 return;
181
182 t->is_split_transaction = true;
183
184 mod_timer(&t->split_timeout_timer, jiffies + delta);
185 }
186
187 static u32 compute_split_timeout_timestamp(struct fw_card *card, u32 request_timestamp);
188
transmit_complete_callback(struct fw_packet * packet,struct fw_card * card,int status)189 static void transmit_complete_callback(struct fw_packet *packet,
190 struct fw_card *card, int status)
191 {
192 struct fw_transaction *t =
193 container_of(packet, struct fw_transaction, packet);
194
195 trace_async_request_outbound_complete((uintptr_t)t, card->index, packet->generation,
196 packet->speed, status, packet->timestamp);
197
198 switch (status) {
199 case ACK_COMPLETE:
200 close_transaction(t, card, RCODE_COMPLETE, packet->timestamp);
201 break;
202 case ACK_PENDING:
203 {
204 unsigned int delta;
205
206 // NOTE: This can be without irqsave when we can guarantee that __fw_send_request() for
207 // local destination never runs in any type of IRQ context.
208 scoped_guard(spinlock_irqsave, &card->split_timeout.lock) {
209 t->split_timeout_cycle =
210 compute_split_timeout_timestamp(card, packet->timestamp) & 0xffff;
211 delta = card->split_timeout.jiffies;
212 }
213
214 // NOTE: This can be without irqsave when we can guarantee that __fw_send_request() for
215 // local destination never runs in any type of IRQ context.
216 scoped_guard(spinlock_irqsave, &card->transactions.lock)
217 start_split_transaction_timeout(t, delta);
218 break;
219 }
220 case ACK_BUSY_X:
221 case ACK_BUSY_A:
222 case ACK_BUSY_B:
223 close_transaction(t, card, RCODE_BUSY, packet->timestamp);
224 break;
225 case ACK_DATA_ERROR:
226 close_transaction(t, card, RCODE_DATA_ERROR, packet->timestamp);
227 break;
228 case ACK_TYPE_ERROR:
229 close_transaction(t, card, RCODE_TYPE_ERROR, packet->timestamp);
230 break;
231 default:
232 /*
233 * In this case the ack is really a juju specific
234 * rcode, so just forward that to the callback.
235 */
236 close_transaction(t, card, status, packet->timestamp);
237 break;
238 }
239 }
240
fw_fill_request(struct fw_packet * packet,int tcode,int tlabel,int destination_id,int source_id,int generation,int speed,unsigned long long offset,void * payload,size_t length)241 static void fw_fill_request(struct fw_packet *packet, int tcode, int tlabel,
242 int destination_id, int source_id, int generation, int speed,
243 unsigned long long offset, void *payload, size_t length)
244 {
245 int ext_tcode;
246
247 if (tcode == TCODE_STREAM_DATA) {
248 // The value of destination_id argument should include tag, channel, and sy fields
249 // as isochronous packet header has.
250 packet->header[0] = destination_id;
251 isoc_header_set_data_length(packet->header, length);
252 isoc_header_set_tcode(packet->header, TCODE_STREAM_DATA);
253 packet->header_length = 4;
254 packet->payload = payload;
255 packet->payload_length = length;
256
257 goto common;
258 }
259
260 if (tcode > 0x10) {
261 ext_tcode = tcode & ~0x10;
262 tcode = TCODE_LOCK_REQUEST;
263 } else
264 ext_tcode = 0;
265
266 async_header_set_retry(packet->header, RETRY_X);
267 async_header_set_tlabel(packet->header, tlabel);
268 async_header_set_tcode(packet->header, tcode);
269 async_header_set_destination(packet->header, destination_id);
270 async_header_set_source(packet->header, source_id);
271 async_header_set_offset(packet->header, offset);
272
273 switch (tcode) {
274 case TCODE_WRITE_QUADLET_REQUEST:
275 async_header_set_quadlet_data(packet->header, *(u32 *)payload);
276 packet->header_length = 16;
277 packet->payload_length = 0;
278 break;
279
280 case TCODE_LOCK_REQUEST:
281 case TCODE_WRITE_BLOCK_REQUEST:
282 async_header_set_data_length(packet->header, length);
283 async_header_set_extended_tcode(packet->header, ext_tcode);
284 packet->header_length = 16;
285 packet->payload = payload;
286 packet->payload_length = length;
287 break;
288
289 case TCODE_READ_QUADLET_REQUEST:
290 packet->header_length = 12;
291 packet->payload_length = 0;
292 break;
293
294 case TCODE_READ_BLOCK_REQUEST:
295 async_header_set_data_length(packet->header, length);
296 async_header_set_extended_tcode(packet->header, ext_tcode);
297 packet->header_length = 16;
298 packet->payload_length = 0;
299 break;
300
301 default:
302 WARN(1, "wrong tcode %d\n", tcode);
303 }
304 common:
305 packet->speed = speed;
306 packet->generation = generation;
307 packet->ack = 0;
308 packet->payload_mapped = false;
309 }
310
allocate_tlabel(struct fw_card * card)311 static int allocate_tlabel(struct fw_card *card)
312 __must_hold(&card->transactions.lock)
313 {
314 int tlabel;
315
316 lockdep_assert_held(&card->transactions.lock);
317
318 tlabel = card->transactions.current_tlabel;
319 while (card->transactions.tlabel_mask & (1ULL << tlabel)) {
320 tlabel = (tlabel + 1) & 0x3f;
321 if (tlabel == card->transactions.current_tlabel)
322 return -EBUSY;
323 }
324
325 card->transactions.current_tlabel = (tlabel + 1) & 0x3f;
326 card->transactions.tlabel_mask |= 1ULL << tlabel;
327
328 return tlabel;
329 }
330
331 /**
332 * __fw_send_request() - submit a request packet for transmission to generate callback for response
333 * subaction with or without time stamp.
334 * @card: interface to send the request at
335 * @t: transaction instance to which the request belongs
336 * @tcode: transaction code
337 * @destination_id: destination node ID, consisting of bus_ID and phy_ID
338 * @generation: bus generation in which request and response are valid
339 * @speed: transmission speed
340 * @offset: 48bit wide offset into destination's address space
341 * @payload: data payload for the request subaction
342 * @length: length of the payload, in bytes
343 * @callback: union of two functions whether to receive time stamp or not for response
344 * subaction.
345 * @with_tstamp: Whether to receive time stamp or not for response subaction.
346 * @callback_data: data to be passed to the transaction completion callback
347 *
348 * Submit a request packet into the asynchronous request transmission queue.
349 * Can be called from atomic context. If you prefer a blocking API, use
350 * fw_run_transaction() in a context that can sleep.
351 *
352 * In case of lock requests, specify one of the firewire-core specific %TCODE_
353 * constants instead of %TCODE_LOCK_REQUEST in @tcode.
354 *
355 * Make sure that the value in @destination_id is not older than the one in
356 * @generation. Otherwise the request is in danger to be sent to a wrong node.
357 *
358 * In case of asynchronous stream packets i.e. %TCODE_STREAM_DATA, the caller
359 * needs to synthesize @destination_id with fw_stream_packet_destination_id().
360 * It will contain tag, channel, and sy data instead of a node ID then.
361 *
362 * The payload buffer at @data is going to be DMA-mapped except in case of
363 * @length <= 8 or of local (loopback) requests. Hence make sure that the
364 * buffer complies with the restrictions of the streaming DMA mapping API.
365 * @payload must not be freed before the @callback is called.
366 *
367 * In case of request types without payload, @data is NULL and @length is 0.
368 *
369 * After the transaction is completed successfully or unsuccessfully, the
370 * @callback will be called. Among its parameters is the response code which
371 * is either one of the rcodes per IEEE 1394 or, in case of internal errors,
372 * the firewire-core specific %RCODE_SEND_ERROR. The other firewire-core
373 * specific rcodes (%RCODE_CANCELLED, %RCODE_BUSY, %RCODE_GENERATION,
374 * %RCODE_NO_ACK) denote transaction timeout, busy responder, stale request
375 * generation, or missing ACK respectively.
376 *
377 * Note some timing corner cases: fw_send_request() may complete much earlier
378 * than when the request packet actually hits the wire. On the other hand,
379 * transaction completion and hence execution of @callback may happen even
380 * before fw_send_request() returns.
381 */
__fw_send_request(struct fw_card * card,struct fw_transaction * t,int tcode,int destination_id,int generation,int speed,unsigned long long offset,void * payload,size_t length,union fw_transaction_callback callback,bool with_tstamp,void * callback_data)382 void __fw_send_request(struct fw_card *card, struct fw_transaction *t, int tcode,
383 int destination_id, int generation, int speed, unsigned long long offset,
384 void *payload, size_t length, union fw_transaction_callback callback,
385 bool with_tstamp, void *callback_data)
386 {
387 int tlabel;
388
389 /*
390 * Allocate tlabel from the bitmap and put the transaction on
391 * the list while holding the card spinlock.
392 */
393
394 // NOTE: This can be without irqsave when we can guarantee that __fw_send_request() for
395 // local destination never runs in any type of IRQ context.
396 scoped_guard(spinlock_irqsave, &card->transactions.lock)
397 tlabel = allocate_tlabel(card);
398 if (tlabel < 0) {
399 if (!with_tstamp) {
400 callback.without_tstamp(card, RCODE_SEND_ERROR, NULL, 0, callback_data);
401 } else {
402 // Timestamping on behalf of hardware.
403 u32 curr_cycle_time = 0;
404 u32 tstamp;
405
406 (void)fw_card_read_cycle_time(card, &curr_cycle_time);
407 tstamp = cycle_time_to_ohci_tstamp(curr_cycle_time);
408
409 callback.with_tstamp(card, RCODE_SEND_ERROR, tstamp, tstamp, NULL, 0,
410 callback_data);
411 }
412 return;
413 }
414
415 t->node_id = destination_id;
416 t->tlabel = tlabel;
417 t->card = card;
418 t->is_split_transaction = false;
419 timer_setup(&t->split_timeout_timer, split_transaction_timeout_callback, 0);
420 t->callback = callback;
421 t->with_tstamp = with_tstamp;
422 t->callback_data = callback_data;
423 t->packet.callback = transmit_complete_callback;
424
425 // NOTE: This can be without irqsave when we can guarantee that __fw_send_request() for
426 // local destination never runs in any type of IRQ context.
427 scoped_guard(spinlock_irqsave, &card->lock) {
428 // The node_id field of fw_card can be updated when handling SelfIDComplete.
429 fw_fill_request(&t->packet, tcode, t->tlabel, destination_id, card->node_id,
430 generation, speed, offset, payload, length);
431 }
432
433 // NOTE: This can be without irqsave when we can guarantee that __fw_send_request() for
434 // local destination never runs in any type of IRQ context.
435 scoped_guard(spinlock_irqsave, &card->transactions.lock)
436 list_add_tail(&t->link, &card->transactions.list);
437
438 // Safe with no lock, since the index field of fw_card is immutable once assigned.
439 trace_async_request_outbound_initiate((uintptr_t)t, card->index, generation, speed,
440 t->packet.header, payload,
441 tcode_is_read_request(tcode) ? 0 : length / 4);
442
443 card->driver->send_request(card, &t->packet);
444 }
445 EXPORT_SYMBOL_GPL(__fw_send_request);
446
447 struct transaction_callback_data {
448 struct completion done;
449 void *payload;
450 int rcode;
451 };
452
transaction_callback(struct fw_card * card,int rcode,void * payload,size_t length,void * data)453 static void transaction_callback(struct fw_card *card, int rcode,
454 void *payload, size_t length, void *data)
455 {
456 struct transaction_callback_data *d = data;
457
458 if (rcode == RCODE_COMPLETE)
459 memcpy(d->payload, payload, length);
460 d->rcode = rcode;
461 complete(&d->done);
462 }
463
464 /**
465 * fw_run_transaction() - send request and sleep until transaction is completed
466 * @card: card interface for this request
467 * @tcode: transaction code
468 * @destination_id: destination node ID, consisting of bus_ID and phy_ID
469 * @generation: bus generation in which request and response are valid
470 * @speed: transmission speed
471 * @offset: 48bit wide offset into destination's address space
472 * @payload: data payload for the request subaction
473 * @length: length of the payload, in bytes
474 *
475 * Returns the RCODE. See fw_send_request() for parameter documentation.
476 * Unlike fw_send_request(), @data points to the payload of the request or/and
477 * to the payload of the response. DMA mapping restrictions apply to outbound
478 * request payloads of >= 8 bytes but not to inbound response payloads.
479 */
fw_run_transaction(struct fw_card * card,int tcode,int destination_id,int generation,int speed,unsigned long long offset,void * payload,size_t length)480 int fw_run_transaction(struct fw_card *card, int tcode, int destination_id,
481 int generation, int speed, unsigned long long offset,
482 void *payload, size_t length)
483 {
484 struct transaction_callback_data d;
485 struct fw_transaction t;
486
487 timer_setup_on_stack(&t.split_timeout_timer, NULL, 0);
488 init_completion(&d.done);
489 d.payload = payload;
490 fw_send_request(card, &t, tcode, destination_id, generation, speed,
491 offset, payload, length, transaction_callback, &d);
492 wait_for_completion(&d.done);
493 timer_destroy_on_stack(&t.split_timeout_timer);
494
495 return d.rcode;
496 }
497 EXPORT_SYMBOL(fw_run_transaction);
498
499 static DEFINE_MUTEX(phy_config_mutex);
500 static DECLARE_COMPLETION(phy_config_done);
501
transmit_phy_packet_callback(struct fw_packet * packet,struct fw_card * card,int status)502 static void transmit_phy_packet_callback(struct fw_packet *packet,
503 struct fw_card *card, int status)
504 {
505 trace_async_phy_outbound_complete((uintptr_t)packet, card->index, packet->generation, status,
506 packet->timestamp);
507 complete(&phy_config_done);
508 }
509
510 static struct fw_packet phy_config_packet = {
511 .header_length = 12,
512 .payload_length = 0,
513 .speed = SCODE_100,
514 .callback = transmit_phy_packet_callback,
515 };
516
fw_send_phy_config(struct fw_card * card,int node_id,int generation,int gap_count)517 void fw_send_phy_config(struct fw_card *card,
518 int node_id, int generation, int gap_count)
519 {
520 long timeout = msecs_to_jiffies(100);
521 u32 data = 0;
522
523 phy_packet_set_packet_identifier(&data, PHY_PACKET_PACKET_IDENTIFIER_PHY_CONFIG);
524
525 if (node_id != FW_PHY_CONFIG_NO_NODE_ID) {
526 phy_packet_phy_config_set_root_id(&data, node_id);
527 phy_packet_phy_config_set_force_root_node(&data, true);
528 }
529
530 if (gap_count == FW_PHY_CONFIG_CURRENT_GAP_COUNT) {
531 gap_count = card->driver->read_phy_reg(card, 1);
532 if (gap_count < 0)
533 return;
534
535 gap_count &= 63;
536 if (gap_count == 63)
537 return;
538 }
539 phy_packet_phy_config_set_gap_count(&data, gap_count);
540 phy_packet_phy_config_set_gap_count_optimization(&data, true);
541
542 guard(mutex)(&phy_config_mutex);
543
544 async_header_set_tcode(phy_config_packet.header, TCODE_LINK_INTERNAL);
545 phy_config_packet.header[1] = data;
546 phy_config_packet.header[2] = ~data;
547 phy_config_packet.generation = generation;
548 reinit_completion(&phy_config_done);
549
550 trace_async_phy_outbound_initiate((uintptr_t)&phy_config_packet, card->index,
551 phy_config_packet.generation, phy_config_packet.header[1],
552 phy_config_packet.header[2]);
553
554 card->driver->send_request(card, &phy_config_packet);
555 wait_for_completion_timeout(&phy_config_done, timeout);
556 }
557
lookup_overlapping_address_handler(struct list_head * list,unsigned long long offset,size_t length)558 static struct fw_address_handler *lookup_overlapping_address_handler(
559 struct list_head *list, unsigned long long offset, size_t length)
560 {
561 struct fw_address_handler *handler;
562
563 list_for_each_entry_rcu(handler, list, link) {
564 if (handler->offset < offset + length &&
565 offset < handler->offset + handler->length)
566 return handler;
567 }
568
569 return NULL;
570 }
571
is_enclosing_handler(struct fw_address_handler * handler,unsigned long long offset,size_t length)572 static bool is_enclosing_handler(struct fw_address_handler *handler,
573 unsigned long long offset, size_t length)
574 {
575 return handler->offset <= offset &&
576 offset + length <= handler->offset + handler->length;
577 }
578
lookup_enclosing_address_handler(struct list_head * list,unsigned long long offset,size_t length)579 static struct fw_address_handler *lookup_enclosing_address_handler(
580 struct list_head *list, unsigned long long offset, size_t length)
581 {
582 struct fw_address_handler *handler;
583
584 list_for_each_entry_rcu(handler, list, link) {
585 if (is_enclosing_handler(handler, offset, length))
586 return handler;
587 }
588
589 return NULL;
590 }
591
592 static DEFINE_SPINLOCK(address_handler_list_lock);
593 static LIST_HEAD(address_handler_list);
594
595 const struct fw_address_region fw_high_memory_region =
596 { .start = FW_MAX_PHYSICAL_RANGE, .end = 0xffffe0000000ULL, };
597 EXPORT_SYMBOL(fw_high_memory_region);
598
599 static const struct fw_address_region low_memory_region =
600 { .start = 0x000000000000ULL, .end = FW_MAX_PHYSICAL_RANGE, };
601
602 #if 0
603 const struct fw_address_region fw_private_region =
604 { .start = 0xffffe0000000ULL, .end = 0xfffff0000000ULL, };
605 const struct fw_address_region fw_csr_region =
606 { .start = CSR_REGISTER_BASE,
607 .end = CSR_REGISTER_BASE | CSR_CONFIG_ROM_END, };
608 const struct fw_address_region fw_unit_space_region =
609 { .start = 0xfffff0000900ULL, .end = 0x1000000000000ULL, };
610 #endif /* 0 */
611
complete_address_handler(struct kref * kref)612 static void complete_address_handler(struct kref *kref)
613 {
614 struct fw_address_handler *handler = container_of(kref, struct fw_address_handler, kref);
615
616 complete(&handler->done);
617 }
618
get_address_handler(struct fw_address_handler * handler)619 static void get_address_handler(struct fw_address_handler *handler)
620 {
621 kref_get(&handler->kref);
622 }
623
put_address_handler(struct fw_address_handler * handler)624 static int put_address_handler(struct fw_address_handler *handler)
625 {
626 return kref_put(&handler->kref, complete_address_handler);
627 }
628
629 /**
630 * fw_core_add_address_handler() - register for incoming requests
631 * @handler: callback
632 * @region: region in the IEEE 1212 node space address range
633 *
634 * region->start, ->end, and handler->length have to be quadlet-aligned.
635 *
636 * When a request is received that falls within the specified address range, the specified callback
637 * is invoked. The parameters passed to the callback give the details of the particular request.
638 * The callback is invoked in the workqueue context in most cases. However, if the request is
639 * initiated by the local node, the callback is invoked in the initiator's context.
640 *
641 * To be called in process context.
642 * Return value: 0 on success, non-zero otherwise.
643 *
644 * The start offset of the handler's address region is determined by
645 * fw_core_add_address_handler() and is returned in handler->offset.
646 *
647 * Address allocations are exclusive, except for the FCP registers.
648 */
fw_core_add_address_handler(struct fw_address_handler * handler,const struct fw_address_region * region)649 int fw_core_add_address_handler(struct fw_address_handler *handler,
650 const struct fw_address_region *region)
651 {
652 struct fw_address_handler *other;
653 int ret = -EBUSY;
654
655 if (region->start & 0xffff000000000003ULL ||
656 region->start >= region->end ||
657 region->end > 0x0001000000000000ULL ||
658 handler->length & 3 ||
659 handler->length == 0)
660 return -EINVAL;
661
662 guard(spinlock)(&address_handler_list_lock);
663
664 handler->offset = region->start;
665 while (handler->offset + handler->length <= region->end) {
666 if (is_in_fcp_region(handler->offset, handler->length))
667 other = NULL;
668 else
669 other = lookup_overlapping_address_handler
670 (&address_handler_list,
671 handler->offset, handler->length);
672 if (other != NULL) {
673 handler->offset += other->length;
674 } else {
675 init_completion(&handler->done);
676 kref_init(&handler->kref);
677 list_add_tail_rcu(&handler->link, &address_handler_list);
678 ret = 0;
679 break;
680 }
681 }
682
683 return ret;
684 }
685 EXPORT_SYMBOL(fw_core_add_address_handler);
686
687 /**
688 * fw_core_remove_address_handler() - unregister an address handler
689 * @handler: callback
690 *
691 * To be called in process context.
692 *
693 * When fw_core_remove_address_handler() returns, @handler->callback() is
694 * guaranteed to not run on any CPU anymore.
695 */
fw_core_remove_address_handler(struct fw_address_handler * handler)696 void fw_core_remove_address_handler(struct fw_address_handler *handler)
697 {
698 scoped_guard(spinlock, &address_handler_list_lock)
699 list_del_rcu(&handler->link);
700
701 synchronize_rcu();
702
703 if (!put_address_handler(handler))
704 wait_for_completion(&handler->done);
705 }
706 EXPORT_SYMBOL(fw_core_remove_address_handler);
707
708 struct fw_request {
709 struct kref kref;
710 struct fw_packet response;
711 u32 request_header[ASYNC_HEADER_QUADLET_COUNT];
712 int ack;
713 u32 timestamp;
714 u32 length;
715 u32 data[];
716 };
717
fw_request_get(struct fw_request * request)718 void fw_request_get(struct fw_request *request)
719 {
720 kref_get(&request->kref);
721 }
722
release_request(struct kref * kref)723 static void release_request(struct kref *kref)
724 {
725 struct fw_request *request = container_of(kref, struct fw_request, kref);
726
727 kfree(request);
728 }
729
fw_request_put(struct fw_request * request)730 void fw_request_put(struct fw_request *request)
731 {
732 kref_put(&request->kref, release_request);
733 }
734
free_response_callback(struct fw_packet * packet,struct fw_card * card,int status)735 static void free_response_callback(struct fw_packet *packet,
736 struct fw_card *card, int status)
737 {
738 struct fw_request *request = container_of(packet, struct fw_request, response);
739
740 trace_async_response_outbound_complete((uintptr_t)request, card->index, packet->generation,
741 packet->speed, status, packet->timestamp);
742
743 // Decrease the reference count since not at in-flight.
744 fw_request_put(request);
745
746 // Decrease the reference count to release the object.
747 fw_request_put(request);
748 }
749
fw_get_response_length(struct fw_request * r)750 int fw_get_response_length(struct fw_request *r)
751 {
752 int tcode, ext_tcode, data_length;
753
754 tcode = async_header_get_tcode(r->request_header);
755
756 switch (tcode) {
757 case TCODE_WRITE_QUADLET_REQUEST:
758 case TCODE_WRITE_BLOCK_REQUEST:
759 return 0;
760
761 case TCODE_READ_QUADLET_REQUEST:
762 return 4;
763
764 case TCODE_READ_BLOCK_REQUEST:
765 data_length = async_header_get_data_length(r->request_header);
766 return data_length;
767
768 case TCODE_LOCK_REQUEST:
769 ext_tcode = async_header_get_extended_tcode(r->request_header);
770 data_length = async_header_get_data_length(r->request_header);
771 switch (ext_tcode) {
772 case EXTCODE_FETCH_ADD:
773 case EXTCODE_LITTLE_ADD:
774 return data_length;
775 default:
776 return data_length / 2;
777 }
778
779 default:
780 WARN(1, "wrong tcode %d\n", tcode);
781 return 0;
782 }
783 }
784
fw_fill_response(struct fw_packet * response,u32 * request_header,int rcode,void * payload,size_t length)785 void fw_fill_response(struct fw_packet *response, u32 *request_header,
786 int rcode, void *payload, size_t length)
787 {
788 int tcode, tlabel, extended_tcode, source, destination;
789
790 tcode = async_header_get_tcode(request_header);
791 tlabel = async_header_get_tlabel(request_header);
792 source = async_header_get_destination(request_header); // Exchange.
793 destination = async_header_get_source(request_header); // Exchange.
794 extended_tcode = async_header_get_extended_tcode(request_header);
795
796 async_header_set_retry(response->header, RETRY_1);
797 async_header_set_tlabel(response->header, tlabel);
798 async_header_set_destination(response->header, destination);
799 async_header_set_source(response->header, source);
800 async_header_set_rcode(response->header, rcode);
801 response->header[2] = 0; // The field is reserved.
802
803 switch (tcode) {
804 case TCODE_WRITE_QUADLET_REQUEST:
805 case TCODE_WRITE_BLOCK_REQUEST:
806 async_header_set_tcode(response->header, TCODE_WRITE_RESPONSE);
807 response->header_length = 12;
808 response->payload_length = 0;
809 break;
810
811 case TCODE_READ_QUADLET_REQUEST:
812 async_header_set_tcode(response->header, TCODE_READ_QUADLET_RESPONSE);
813 if (payload != NULL)
814 async_header_set_quadlet_data(response->header, *(u32 *)payload);
815 else
816 async_header_set_quadlet_data(response->header, 0);
817 response->header_length = 16;
818 response->payload_length = 0;
819 break;
820
821 case TCODE_READ_BLOCK_REQUEST:
822 case TCODE_LOCK_REQUEST:
823 async_header_set_tcode(response->header, tcode + 2);
824 async_header_set_data_length(response->header, length);
825 async_header_set_extended_tcode(response->header, extended_tcode);
826 response->header_length = 16;
827 response->payload = payload;
828 response->payload_length = length;
829 break;
830
831 default:
832 WARN(1, "wrong tcode %d\n", tcode);
833 }
834
835 response->payload_mapped = false;
836 }
837 EXPORT_SYMBOL(fw_fill_response);
838
compute_split_timeout_timestamp(struct fw_card * card,u32 request_timestamp)839 static u32 compute_split_timeout_timestamp(struct fw_card *card,
840 u32 request_timestamp)
841 __must_hold(&card->split_timeout.lock)
842 {
843 unsigned int cycles;
844 u32 timestamp;
845
846 lockdep_assert_held(&card->split_timeout.lock);
847
848 cycles = card->split_timeout.cycles;
849 cycles += request_timestamp & 0x1fff;
850
851 timestamp = request_timestamp & ~0x1fff;
852 timestamp += (cycles / 8000) << 13;
853 timestamp |= cycles % 8000;
854
855 return timestamp;
856 }
857
allocate_request(struct fw_card * card,struct fw_packet * p)858 static struct fw_request *allocate_request(struct fw_card *card,
859 struct fw_packet *p)
860 {
861 struct fw_request *request;
862 u32 *data, length;
863 int request_tcode;
864
865 request_tcode = async_header_get_tcode(p->header);
866 switch (request_tcode) {
867 case TCODE_WRITE_QUADLET_REQUEST:
868 data = &p->header[3];
869 length = 4;
870 break;
871
872 case TCODE_WRITE_BLOCK_REQUEST:
873 case TCODE_LOCK_REQUEST:
874 data = p->payload;
875 length = async_header_get_data_length(p->header);
876 break;
877
878 case TCODE_READ_QUADLET_REQUEST:
879 data = NULL;
880 length = 4;
881 break;
882
883 case TCODE_READ_BLOCK_REQUEST:
884 data = NULL;
885 length = async_header_get_data_length(p->header);
886 break;
887
888 default:
889 fw_notice(card, "ERROR - corrupt request received - %08x %08x %08x\n",
890 p->header[0], p->header[1], p->header[2]);
891 return NULL;
892 }
893
894 request = kmalloc(sizeof(*request) + length, GFP_ATOMIC);
895 if (request == NULL)
896 return NULL;
897 kref_init(&request->kref);
898
899 // NOTE: This can be without irqsave when we can guarantee that __fw_send_request() for
900 // local destination never runs in any type of IRQ context.
901 scoped_guard(spinlock_irqsave, &card->split_timeout.lock)
902 request->response.timestamp = compute_split_timeout_timestamp(card, p->timestamp);
903
904 request->response.speed = p->speed;
905 request->response.generation = p->generation;
906 request->response.ack = 0;
907 request->response.callback = free_response_callback;
908 request->ack = p->ack;
909 request->timestamp = p->timestamp;
910 request->length = length;
911 if (data)
912 memcpy(request->data, data, length);
913
914 memcpy(request->request_header, p->header, sizeof(p->header));
915
916 return request;
917 }
918
919 /**
920 * fw_send_response: - send response packet for asynchronous transaction.
921 * @card: interface to send the response at.
922 * @request: firewire request data for the transaction.
923 * @rcode: response code to send.
924 *
925 * Submit a response packet into the asynchronous response transmission queue. The @request
926 * is going to be released when the transmission successfully finishes later.
927 */
fw_send_response(struct fw_card * card,struct fw_request * request,int rcode)928 void fw_send_response(struct fw_card *card,
929 struct fw_request *request, int rcode)
930 {
931 u32 *data = NULL;
932 unsigned int data_length = 0;
933
934 /* unified transaction or broadcast transaction: don't respond */
935 if (request->ack != ACK_PENDING ||
936 HEADER_DESTINATION_IS_BROADCAST(request->request_header)) {
937 fw_request_put(request);
938 return;
939 }
940
941 if (rcode == RCODE_COMPLETE) {
942 data = request->data;
943 data_length = fw_get_response_length(request);
944 }
945
946 fw_fill_response(&request->response, request->request_header, rcode, data, data_length);
947
948 // Increase the reference count so that the object is kept during in-flight.
949 fw_request_get(request);
950
951 trace_async_response_outbound_initiate((uintptr_t)request, card->index,
952 request->response.generation, request->response.speed,
953 request->response.header, data,
954 data ? data_length / 4 : 0);
955
956 card->driver->send_response(card, &request->response);
957 }
958 EXPORT_SYMBOL(fw_send_response);
959
960 /**
961 * fw_get_request_speed() - returns speed at which the @request was received
962 * @request: firewire request data
963 */
fw_get_request_speed(struct fw_request * request)964 int fw_get_request_speed(struct fw_request *request)
965 {
966 return request->response.speed;
967 }
968 EXPORT_SYMBOL(fw_get_request_speed);
969
970 /**
971 * fw_request_get_timestamp: Get timestamp of the request.
972 * @request: The opaque pointer to request structure.
973 *
974 * Get timestamp when 1394 OHCI controller receives the asynchronous request subaction. The
975 * timestamp consists of the low order 3 bits of second field and the full 13 bits of count
976 * field of isochronous cycle time register.
977 *
978 * Returns: timestamp of the request.
979 */
fw_request_get_timestamp(const struct fw_request * request)980 u32 fw_request_get_timestamp(const struct fw_request *request)
981 {
982 return request->timestamp;
983 }
984 EXPORT_SYMBOL_GPL(fw_request_get_timestamp);
985
handle_exclusive_region_request(struct fw_card * card,struct fw_packet * p,struct fw_request * request,unsigned long long offset)986 static void handle_exclusive_region_request(struct fw_card *card,
987 struct fw_packet *p,
988 struct fw_request *request,
989 unsigned long long offset)
990 {
991 struct fw_address_handler *handler;
992 int tcode, destination, source;
993
994 destination = async_header_get_destination(p->header);
995 source = async_header_get_source(p->header);
996 tcode = async_header_get_tcode(p->header);
997 if (tcode == TCODE_LOCK_REQUEST)
998 tcode = 0x10 + async_header_get_extended_tcode(p->header);
999
1000 scoped_guard(rcu) {
1001 handler = lookup_enclosing_address_handler(&address_handler_list, offset,
1002 request->length);
1003 if (handler)
1004 get_address_handler(handler);
1005 }
1006
1007 if (!handler) {
1008 fw_send_response(card, request, RCODE_ADDRESS_ERROR);
1009 return;
1010 }
1011
1012 // Outside the RCU read-side critical section. Without spinlock. With reference count.
1013 handler->address_callback(card, request, tcode, destination, source, p->generation, offset,
1014 request->data, request->length, handler->callback_data);
1015 put_address_handler(handler);
1016 }
1017
1018 // To use kmalloc allocator efficiently, this should be power of two.
1019 #define BUFFER_ON_KERNEL_STACK_SIZE 4
1020
handle_fcp_region_request(struct fw_card * card,struct fw_packet * p,struct fw_request * request,unsigned long long offset)1021 static void handle_fcp_region_request(struct fw_card *card,
1022 struct fw_packet *p,
1023 struct fw_request *request,
1024 unsigned long long offset)
1025 {
1026 struct fw_address_handler *buffer_on_kernel_stack[BUFFER_ON_KERNEL_STACK_SIZE];
1027 struct fw_address_handler *handler, **handlers;
1028 int tcode, destination, source, i, count, buffer_size;
1029
1030 if ((offset != (CSR_REGISTER_BASE | CSR_FCP_COMMAND) &&
1031 offset != (CSR_REGISTER_BASE | CSR_FCP_RESPONSE)) ||
1032 request->length > 0x200) {
1033 fw_send_response(card, request, RCODE_ADDRESS_ERROR);
1034
1035 return;
1036 }
1037
1038 tcode = async_header_get_tcode(p->header);
1039 destination = async_header_get_destination(p->header);
1040 source = async_header_get_source(p->header);
1041
1042 if (tcode != TCODE_WRITE_QUADLET_REQUEST &&
1043 tcode != TCODE_WRITE_BLOCK_REQUEST) {
1044 fw_send_response(card, request, RCODE_TYPE_ERROR);
1045
1046 return;
1047 }
1048
1049 count = 0;
1050 handlers = buffer_on_kernel_stack;
1051 buffer_size = ARRAY_SIZE(buffer_on_kernel_stack);
1052 scoped_guard(rcu) {
1053 list_for_each_entry_rcu(handler, &address_handler_list, link) {
1054 if (is_enclosing_handler(handler, offset, request->length)) {
1055 if (count >= buffer_size) {
1056 int next_size = buffer_size * 2;
1057 struct fw_address_handler **buffer_on_kernel_heap;
1058
1059 if (handlers == buffer_on_kernel_stack)
1060 buffer_on_kernel_heap = NULL;
1061 else
1062 buffer_on_kernel_heap = handlers;
1063
1064 buffer_on_kernel_heap =
1065 krealloc_array(buffer_on_kernel_heap, next_size,
1066 sizeof(*buffer_on_kernel_heap), GFP_ATOMIC);
1067 // FCP is used for purposes unrelated to significant system
1068 // resources (e.g. storage or networking), so allocation
1069 // failures are not considered so critical.
1070 if (!buffer_on_kernel_heap)
1071 break;
1072
1073 if (handlers == buffer_on_kernel_stack) {
1074 memcpy(buffer_on_kernel_heap, buffer_on_kernel_stack,
1075 sizeof(buffer_on_kernel_stack));
1076 }
1077
1078 handlers = buffer_on_kernel_heap;
1079 buffer_size = next_size;
1080 }
1081 get_address_handler(handler);
1082 handlers[count++] = handler;
1083 }
1084 }
1085 }
1086
1087 for (i = 0; i < count; ++i) {
1088 handler = handlers[i];
1089 handler->address_callback(card, request, tcode, destination, source,
1090 p->generation, offset, request->data,
1091 request->length, handler->callback_data);
1092 put_address_handler(handler);
1093 }
1094
1095 if (handlers != buffer_on_kernel_stack)
1096 kfree(handlers);
1097
1098 fw_send_response(card, request, RCODE_COMPLETE);
1099 }
1100
fw_core_handle_request(struct fw_card * card,struct fw_packet * p)1101 void fw_core_handle_request(struct fw_card *card, struct fw_packet *p)
1102 {
1103 struct fw_request *request;
1104 unsigned long long offset;
1105 unsigned int tcode;
1106
1107 if (p->ack != ACK_PENDING && p->ack != ACK_COMPLETE)
1108 return;
1109
1110 tcode = async_header_get_tcode(p->header);
1111 if (tcode_is_link_internal(tcode)) {
1112 trace_async_phy_inbound((uintptr_t)p, card->index, p->generation, p->ack, p->timestamp,
1113 p->header[1], p->header[2]);
1114 fw_cdev_handle_phy_packet(card, p);
1115 return;
1116 }
1117
1118 request = allocate_request(card, p);
1119 if (request == NULL) {
1120 /* FIXME: send statically allocated busy packet. */
1121 return;
1122 }
1123
1124 trace_async_request_inbound((uintptr_t)request, card->index, p->generation, p->speed,
1125 p->ack, p->timestamp, p->header, request->data,
1126 tcode_is_read_request(tcode) ? 0 : request->length / 4);
1127
1128 offset = async_header_get_offset(p->header);
1129
1130 if (!is_in_fcp_region(offset, request->length))
1131 handle_exclusive_region_request(card, p, request, offset);
1132 else
1133 handle_fcp_region_request(card, p, request, offset);
1134
1135 }
1136 EXPORT_SYMBOL(fw_core_handle_request);
1137
fw_core_handle_response(struct fw_card * card,struct fw_packet * p)1138 void fw_core_handle_response(struct fw_card *card, struct fw_packet *p)
1139 {
1140 struct fw_transaction *t = NULL;
1141 u32 *data;
1142 size_t data_length;
1143 int tcode, tlabel, source, rcode;
1144
1145 tcode = async_header_get_tcode(p->header);
1146 tlabel = async_header_get_tlabel(p->header);
1147 source = async_header_get_source(p->header);
1148 rcode = async_header_get_rcode(p->header);
1149
1150 // FIXME: sanity check packet, is length correct, does tcodes
1151 // and addresses match to the transaction request queried later.
1152 //
1153 // For the tracepoints event, let us decode the header here against the concern.
1154
1155 switch (tcode) {
1156 case TCODE_READ_QUADLET_RESPONSE:
1157 data = (u32 *) &p->header[3];
1158 data_length = 4;
1159 break;
1160
1161 case TCODE_WRITE_RESPONSE:
1162 data = NULL;
1163 data_length = 0;
1164 break;
1165
1166 case TCODE_READ_BLOCK_RESPONSE:
1167 case TCODE_LOCK_RESPONSE:
1168 data = p->payload;
1169 data_length = async_header_get_data_length(p->header);
1170 break;
1171
1172 default:
1173 /* Should never happen, this is just to shut up gcc. */
1174 data = NULL;
1175 data_length = 0;
1176 break;
1177 }
1178
1179 // NOTE: This can be without irqsave when we can guarantee that __fw_send_request() for
1180 // local destination never runs in any type of IRQ context.
1181 scoped_guard(spinlock_irqsave, &card->transactions.lock) {
1182 t = find_and_pop_transaction_entry(card,
1183 iter->node_id == source && iter->tlabel == tlabel);
1184 }
1185
1186 trace_async_response_inbound((uintptr_t)t, card->index, p->generation, p->speed, p->ack,
1187 p->timestamp, p->header, data, data_length / 4);
1188
1189 if (!t) {
1190 fw_notice(card, "unsolicited response (source %x, tlabel %x)\n",
1191 source, tlabel);
1192 return;
1193 }
1194
1195 /*
1196 * The response handler may be executed while the request handler
1197 * is still pending. Cancel the request handler.
1198 */
1199 card->driver->cancel_packet(card, &t->packet);
1200
1201 if (!t->with_tstamp) {
1202 t->callback.without_tstamp(card, rcode, data, data_length, t->callback_data);
1203 } else {
1204 t->callback.with_tstamp(card, rcode, t->packet.timestamp, p->timestamp, data,
1205 data_length, t->callback_data);
1206 }
1207 }
1208 EXPORT_SYMBOL(fw_core_handle_response);
1209
1210 /**
1211 * fw_rcode_string - convert a firewire result code to an error description
1212 * @rcode: the result code
1213 */
fw_rcode_string(int rcode)1214 const char *fw_rcode_string(int rcode)
1215 {
1216 static const char *const names[] = {
1217 [RCODE_COMPLETE] = "no error",
1218 [RCODE_CONFLICT_ERROR] = "conflict error",
1219 [RCODE_DATA_ERROR] = "data error",
1220 [RCODE_TYPE_ERROR] = "type error",
1221 [RCODE_ADDRESS_ERROR] = "address error",
1222 [RCODE_SEND_ERROR] = "send error",
1223 [RCODE_CANCELLED] = "timeout",
1224 [RCODE_BUSY] = "busy",
1225 [RCODE_GENERATION] = "bus reset",
1226 [RCODE_NO_ACK] = "no ack",
1227 };
1228
1229 if ((unsigned int)rcode < ARRAY_SIZE(names) && names[rcode])
1230 return names[rcode];
1231 else
1232 return "unknown";
1233 }
1234 EXPORT_SYMBOL(fw_rcode_string);
1235
1236 static const struct fw_address_region topology_map_region =
1237 { .start = CSR_REGISTER_BASE | CSR_TOPOLOGY_MAP,
1238 .end = CSR_REGISTER_BASE | CSR_TOPOLOGY_MAP_END, };
1239
handle_topology_map(struct fw_card * card,struct fw_request * request,int tcode,int destination,int source,int generation,unsigned long long offset,void * payload,size_t length,void * callback_data)1240 static void handle_topology_map(struct fw_card *card, struct fw_request *request,
1241 int tcode, int destination, int source, int generation,
1242 unsigned long long offset, void *payload, size_t length,
1243 void *callback_data)
1244 {
1245 int start;
1246
1247 if (!tcode_is_read_request(tcode)) {
1248 fw_send_response(card, request, RCODE_TYPE_ERROR);
1249 return;
1250 }
1251
1252 if ((offset & 3) > 0 || (length & 3) > 0) {
1253 fw_send_response(card, request, RCODE_ADDRESS_ERROR);
1254 return;
1255 }
1256
1257 start = (offset - topology_map_region.start) / 4;
1258
1259 // NOTE: This can be without irqsave when we can guarantee that fw_send_request() for local
1260 // destination never runs in any type of IRQ context.
1261 scoped_guard(spinlock_irqsave, &card->topology_map.lock)
1262 memcpy(payload, &card->topology_map.buffer[start], length);
1263
1264 fw_send_response(card, request, RCODE_COMPLETE);
1265 }
1266
1267 static struct fw_address_handler topology_map = {
1268 .length = 0x400,
1269 .address_callback = handle_topology_map,
1270 };
1271
1272 static const struct fw_address_region registers_region =
1273 { .start = CSR_REGISTER_BASE,
1274 .end = CSR_REGISTER_BASE | CSR_CONFIG_ROM, };
1275
update_split_timeout(struct fw_card * card)1276 static void update_split_timeout(struct fw_card *card)
1277 __must_hold(&card->split_timeout.lock)
1278 {
1279 unsigned int cycles;
1280
1281 cycles = card->split_timeout.hi * 8000 + (card->split_timeout.lo >> 19);
1282
1283 /* minimum per IEEE 1394, maximum which doesn't overflow OHCI */
1284 cycles = clamp(cycles, 800u, 3u * 8000u);
1285
1286 card->split_timeout.cycles = cycles;
1287 card->split_timeout.jiffies = isoc_cycles_to_jiffies(cycles);
1288 }
1289
handle_registers(struct fw_card * card,struct fw_request * request,int tcode,int destination,int source,int generation,unsigned long long offset,void * payload,size_t length,void * callback_data)1290 static void handle_registers(struct fw_card *card, struct fw_request *request,
1291 int tcode, int destination, int source, int generation,
1292 unsigned long long offset, void *payload, size_t length,
1293 void *callback_data)
1294 {
1295 int reg = offset & ~CSR_REGISTER_BASE;
1296 __be32 *data = payload;
1297 int rcode = RCODE_COMPLETE;
1298
1299 switch (reg) {
1300 case CSR_PRIORITY_BUDGET:
1301 if (!card->priority_budget_implemented) {
1302 rcode = RCODE_ADDRESS_ERROR;
1303 break;
1304 }
1305 fallthrough;
1306
1307 case CSR_NODE_IDS:
1308 /*
1309 * per IEEE 1394-2008 8.3.22.3, not IEEE 1394.1-2004 3.2.8
1310 * and 9.6, but interoperable with IEEE 1394.1-2004 bridges
1311 */
1312 fallthrough;
1313
1314 case CSR_STATE_CLEAR:
1315 case CSR_STATE_SET:
1316 case CSR_CYCLE_TIME:
1317 case CSR_BUS_TIME:
1318 case CSR_BUSY_TIMEOUT:
1319 if (tcode == TCODE_READ_QUADLET_REQUEST)
1320 *data = cpu_to_be32(card->driver->read_csr(card, reg));
1321 else if (tcode == TCODE_WRITE_QUADLET_REQUEST)
1322 card->driver->write_csr(card, reg, be32_to_cpu(*data));
1323 else
1324 rcode = RCODE_TYPE_ERROR;
1325 break;
1326
1327 case CSR_RESET_START:
1328 if (tcode == TCODE_WRITE_QUADLET_REQUEST)
1329 card->driver->write_csr(card, CSR_STATE_CLEAR,
1330 CSR_STATE_BIT_ABDICATE);
1331 else
1332 rcode = RCODE_TYPE_ERROR;
1333 break;
1334
1335 case CSR_SPLIT_TIMEOUT_HI:
1336 if (tcode == TCODE_READ_QUADLET_REQUEST) {
1337 *data = cpu_to_be32(card->split_timeout.hi);
1338 } else if (tcode == TCODE_WRITE_QUADLET_REQUEST) {
1339 // NOTE: This can be without irqsave when we can guarantee that
1340 // __fw_send_request() for local destination never runs in any type of IRQ
1341 // context.
1342 scoped_guard(spinlock_irqsave, &card->split_timeout.lock) {
1343 card->split_timeout.hi = be32_to_cpu(*data) & 7;
1344 update_split_timeout(card);
1345 }
1346 } else {
1347 rcode = RCODE_TYPE_ERROR;
1348 }
1349 break;
1350
1351 case CSR_SPLIT_TIMEOUT_LO:
1352 if (tcode == TCODE_READ_QUADLET_REQUEST) {
1353 *data = cpu_to_be32(card->split_timeout.lo);
1354 } else if (tcode == TCODE_WRITE_QUADLET_REQUEST) {
1355 // NOTE: This can be without irqsave when we can guarantee that
1356 // __fw_send_request() for local destination never runs in any type of IRQ
1357 // context.
1358 scoped_guard(spinlock_irqsave, &card->split_timeout.lock) {
1359 card->split_timeout.lo = be32_to_cpu(*data) & 0xfff80000;
1360 update_split_timeout(card);
1361 }
1362 } else {
1363 rcode = RCODE_TYPE_ERROR;
1364 }
1365 break;
1366
1367 case CSR_MAINT_UTILITY:
1368 if (tcode == TCODE_READ_QUADLET_REQUEST)
1369 *data = card->maint_utility_register;
1370 else if (tcode == TCODE_WRITE_QUADLET_REQUEST)
1371 card->maint_utility_register = *data;
1372 else
1373 rcode = RCODE_TYPE_ERROR;
1374 break;
1375
1376 case CSR_BROADCAST_CHANNEL:
1377 if (tcode == TCODE_READ_QUADLET_REQUEST)
1378 *data = cpu_to_be32(card->broadcast_channel);
1379 else if (tcode == TCODE_WRITE_QUADLET_REQUEST)
1380 card->broadcast_channel =
1381 (be32_to_cpu(*data) & BROADCAST_CHANNEL_VALID) |
1382 BROADCAST_CHANNEL_INITIAL;
1383 else
1384 rcode = RCODE_TYPE_ERROR;
1385 break;
1386
1387 case CSR_BUS_MANAGER_ID:
1388 case CSR_BANDWIDTH_AVAILABLE:
1389 case CSR_CHANNELS_AVAILABLE_HI:
1390 case CSR_CHANNELS_AVAILABLE_LO:
1391 /*
1392 * FIXME: these are handled by the OHCI hardware and
1393 * the stack never sees these request. If we add
1394 * support for a new type of controller that doesn't
1395 * handle this in hardware we need to deal with these
1396 * transactions.
1397 */
1398 BUG();
1399 break;
1400
1401 default:
1402 rcode = RCODE_ADDRESS_ERROR;
1403 break;
1404 }
1405
1406 fw_send_response(card, request, rcode);
1407 }
1408
1409 static struct fw_address_handler registers = {
1410 .length = 0x400,
1411 .address_callback = handle_registers,
1412 };
1413
handle_low_memory(struct fw_card * card,struct fw_request * request,int tcode,int destination,int source,int generation,unsigned long long offset,void * payload,size_t length,void * callback_data)1414 static void handle_low_memory(struct fw_card *card, struct fw_request *request,
1415 int tcode, int destination, int source, int generation,
1416 unsigned long long offset, void *payload, size_t length,
1417 void *callback_data)
1418 {
1419 /*
1420 * This catches requests not handled by the physical DMA unit,
1421 * i.e., wrong transaction types or unauthorized source nodes.
1422 */
1423 fw_send_response(card, request, RCODE_TYPE_ERROR);
1424 }
1425
1426 static struct fw_address_handler low_memory = {
1427 .length = FW_MAX_PHYSICAL_RANGE,
1428 .address_callback = handle_low_memory,
1429 };
1430
1431 MODULE_AUTHOR("Kristian Hoegsberg <krh@bitplanet.net>");
1432 MODULE_DESCRIPTION("Core IEEE1394 transaction logic");
1433 MODULE_LICENSE("GPL");
1434
1435 static const u32 vendor_textual_descriptor[] = {
1436 /* textual descriptor leaf () */
1437 0x00060000,
1438 0x00000000,
1439 0x00000000,
1440 0x4c696e75, /* L i n u */
1441 0x78204669, /* x F i */
1442 0x72657769, /* r e w i */
1443 0x72650000, /* r e */
1444 };
1445
1446 static const u32 model_textual_descriptor[] = {
1447 /* model descriptor leaf () */
1448 0x00030000,
1449 0x00000000,
1450 0x00000000,
1451 0x4a756a75, /* J u j u */
1452 };
1453
1454 static struct fw_descriptor vendor_id_descriptor = {
1455 .length = ARRAY_SIZE(vendor_textual_descriptor),
1456 .immediate = 0x03001f11,
1457 .key = 0x81000000,
1458 .data = vendor_textual_descriptor,
1459 };
1460
1461 static struct fw_descriptor model_id_descriptor = {
1462 .length = ARRAY_SIZE(model_textual_descriptor),
1463 .immediate = 0x17023901,
1464 .key = 0x81000000,
1465 .data = model_textual_descriptor,
1466 };
1467
fw_core_init(void)1468 static int __init fw_core_init(void)
1469 {
1470 int ret;
1471
1472 fw_workqueue = alloc_workqueue("firewire", WQ_MEM_RECLAIM | WQ_UNBOUND,
1473 0);
1474 if (!fw_workqueue)
1475 return -ENOMEM;
1476
1477 ret = bus_register(&fw_bus_type);
1478 if (ret < 0) {
1479 destroy_workqueue(fw_workqueue);
1480 return ret;
1481 }
1482
1483 fw_cdev_major = register_chrdev(0, "firewire", &fw_device_ops);
1484 if (fw_cdev_major < 0) {
1485 bus_unregister(&fw_bus_type);
1486 destroy_workqueue(fw_workqueue);
1487 return fw_cdev_major;
1488 }
1489
1490 fw_core_add_address_handler(&topology_map, &topology_map_region);
1491 fw_core_add_address_handler(®isters, ®isters_region);
1492 fw_core_add_address_handler(&low_memory, &low_memory_region);
1493 fw_core_add_descriptor(&vendor_id_descriptor);
1494 fw_core_add_descriptor(&model_id_descriptor);
1495
1496 return 0;
1497 }
1498
fw_core_cleanup(void)1499 static void __exit fw_core_cleanup(void)
1500 {
1501 unregister_chrdev(fw_cdev_major, "firewire");
1502 bus_unregister(&fw_bus_type);
1503 destroy_workqueue(fw_workqueue);
1504 xa_destroy(&fw_device_xa);
1505 }
1506
1507 module_init(fw_core_init);
1508 module_exit(fw_core_cleanup);
1509