1 /* 2 * Device driver for the Apple Desktop Bus 3 * and the /dev/adb device on macintoshes. 4 * 5 * Copyright (C) 1996 Paul Mackerras. 6 * 7 * Modified to declare controllers as structures, added 8 * client notification of bus reset and handles PowerBook 9 * sleep, by Benjamin Herrenschmidt. 10 * 11 * To do: 12 * 13 * - /sys/bus/adb to list the devices and infos 14 * - more /dev/adb to allow userland to receive the 15 * flow of auto-polling datas from a given device. 16 * - move bus probe to a kernel thread 17 */ 18 19 #include <linux/types.h> 20 #include <linux/errno.h> 21 #include <linux/kernel.h> 22 #include <linux/slab.h> 23 #include <linux/module.h> 24 #include <linux/fs.h> 25 #include <linux/mm.h> 26 #include <linux/sched.h> 27 #include <linux/smp_lock.h> 28 #include <linux/adb.h> 29 #include <linux/cuda.h> 30 #include <linux/pmu.h> 31 #include <linux/notifier.h> 32 #include <linux/wait.h> 33 #include <linux/init.h> 34 #include <linux/delay.h> 35 #include <linux/spinlock.h> 36 #include <linux/completion.h> 37 #include <linux/device.h> 38 39 #include <asm/uaccess.h> 40 #include <asm/semaphore.h> 41 #ifdef CONFIG_PPC 42 #include <asm/prom.h> 43 #include <asm/machdep.h> 44 #endif 45 46 47 EXPORT_SYMBOL(adb_controller); 48 EXPORT_SYMBOL(adb_client_list); 49 50 extern struct adb_driver via_macii_driver; 51 extern struct adb_driver via_maciisi_driver; 52 extern struct adb_driver via_cuda_driver; 53 extern struct adb_driver adb_iop_driver; 54 extern struct adb_driver via_pmu_driver; 55 extern struct adb_driver macio_adb_driver; 56 57 static struct adb_driver *adb_driver_list[] = { 58 #ifdef CONFIG_ADB_MACII 59 &via_macii_driver, 60 #endif 61 #ifdef CONFIG_ADB_MACIISI 62 &via_maciisi_driver, 63 #endif 64 #ifdef CONFIG_ADB_CUDA 65 &via_cuda_driver, 66 #endif 67 #ifdef CONFIG_ADB_IOP 68 &adb_iop_driver, 69 #endif 70 #if defined(CONFIG_ADB_PMU) || defined(CONFIG_ADB_PMU68K) 71 &via_pmu_driver, 72 #endif 73 #ifdef CONFIG_ADB_MACIO 74 &macio_adb_driver, 75 #endif 76 NULL 77 }; 78 79 static struct class *adb_dev_class; 80 81 struct adb_driver *adb_controller; 82 BLOCKING_NOTIFIER_HEAD(adb_client_list); 83 static int adb_got_sleep; 84 static int adb_inited; 85 static pid_t adb_probe_task_pid; 86 static DECLARE_MUTEX(adb_probe_mutex); 87 static struct completion adb_probe_task_comp; 88 static int sleepy_trackpad; 89 static int autopoll_devs; 90 int __adb_probe_sync; 91 92 #ifdef CONFIG_PM 93 static void adb_notify_sleep(struct pmu_sleep_notifier *self, int when); 94 static struct pmu_sleep_notifier adb_sleep_notifier = { 95 adb_notify_sleep, 96 SLEEP_LEVEL_ADB, 97 }; 98 #endif 99 100 static int adb_scan_bus(void); 101 static int do_adb_reset_bus(void); 102 static void adbdev_init(void); 103 static int try_handler_change(int, int); 104 105 static struct adb_handler { 106 void (*handler)(unsigned char *, int, int); 107 int original_address; 108 int handler_id; 109 int busy; 110 } adb_handler[16]; 111 112 /* 113 * The adb_handler_sem mutex protects all accesses to the original_address 114 * and handler_id fields of adb_handler[i] for all i, and changes to the 115 * handler field. 116 * Accesses to the handler field are protected by the adb_handler_lock 117 * rwlock. It is held across all calls to any handler, so that by the 118 * time adb_unregister returns, we know that the old handler isn't being 119 * called. 120 */ 121 static DECLARE_MUTEX(adb_handler_sem); 122 static DEFINE_RWLOCK(adb_handler_lock); 123 124 #if 0 125 static void printADBreply(struct adb_request *req) 126 { 127 int i; 128 129 printk("adb reply (%d)", req->reply_len); 130 for(i = 0; i < req->reply_len; i++) 131 printk(" %x", req->reply[i]); 132 printk("\n"); 133 134 } 135 #endif 136 137 138 static __inline__ void adb_wait_ms(unsigned int ms) 139 { 140 if (current->pid && adb_probe_task_pid && 141 adb_probe_task_pid == current->pid) 142 msleep(ms); 143 else 144 mdelay(ms); 145 } 146 147 static int adb_scan_bus(void) 148 { 149 int i, highFree=0, noMovement; 150 int devmask = 0; 151 struct adb_request req; 152 153 /* assumes adb_handler[] is all zeroes at this point */ 154 for (i = 1; i < 16; i++) { 155 /* see if there is anything at address i */ 156 adb_request(&req, NULL, ADBREQ_SYNC | ADBREQ_REPLY, 1, 157 (i << 4) | 0xf); 158 if (req.reply_len > 1) 159 /* one or more devices at this address */ 160 adb_handler[i].original_address = i; 161 else if (i > highFree) 162 highFree = i; 163 } 164 165 /* Note we reset noMovement to 0 each time we move a device */ 166 for (noMovement = 1; noMovement < 2 && highFree > 0; noMovement++) { 167 for (i = 1; i < 16; i++) { 168 if (adb_handler[i].original_address == 0) 169 continue; 170 /* 171 * Send a "talk register 3" command to address i 172 * to provoke a collision if there is more than 173 * one device at this address. 174 */ 175 adb_request(&req, NULL, ADBREQ_SYNC | ADBREQ_REPLY, 1, 176 (i << 4) | 0xf); 177 /* 178 * Move the device(s) which didn't detect a 179 * collision to address `highFree'. Hopefully 180 * this only moves one device. 181 */ 182 adb_request(&req, NULL, ADBREQ_SYNC, 3, 183 (i<< 4) | 0xb, (highFree | 0x60), 0xfe); 184 /* 185 * See if anybody actually moved. This is suggested 186 * by HW TechNote 01: 187 * 188 * http://developer.apple.com/technotes/hw/hw_01.html 189 */ 190 adb_request(&req, NULL, ADBREQ_SYNC | ADBREQ_REPLY, 1, 191 (highFree << 4) | 0xf); 192 if (req.reply_len <= 1) continue; 193 /* 194 * Test whether there are any device(s) left 195 * at address i. 196 */ 197 adb_request(&req, NULL, ADBREQ_SYNC | ADBREQ_REPLY, 1, 198 (i << 4) | 0xf); 199 if (req.reply_len > 1) { 200 /* 201 * There are still one or more devices 202 * left at address i. Register the one(s) 203 * we moved to `highFree', and find a new 204 * value for highFree. 205 */ 206 adb_handler[highFree].original_address = 207 adb_handler[i].original_address; 208 while (highFree > 0 && 209 adb_handler[highFree].original_address) 210 highFree--; 211 if (highFree <= 0) 212 break; 213 214 noMovement = 0; 215 } 216 else { 217 /* 218 * No devices left at address i; move the 219 * one(s) we moved to `highFree' back to i. 220 */ 221 adb_request(&req, NULL, ADBREQ_SYNC, 3, 222 (highFree << 4) | 0xb, 223 (i | 0x60), 0xfe); 224 } 225 } 226 } 227 228 /* Now fill in the handler_id field of the adb_handler entries. */ 229 printk(KERN_DEBUG "adb devices:"); 230 for (i = 1; i < 16; i++) { 231 if (adb_handler[i].original_address == 0) 232 continue; 233 adb_request(&req, NULL, ADBREQ_SYNC | ADBREQ_REPLY, 1, 234 (i << 4) | 0xf); 235 adb_handler[i].handler_id = req.reply[2]; 236 printk(" [%d]: %d %x", i, adb_handler[i].original_address, 237 adb_handler[i].handler_id); 238 devmask |= 1 << i; 239 } 240 printk("\n"); 241 return devmask; 242 } 243 244 /* 245 * This kernel task handles ADB probing. It dies once probing is 246 * completed. 247 */ 248 static int 249 adb_probe_task(void *x) 250 { 251 sigset_t blocked; 252 253 strcpy(current->comm, "kadbprobe"); 254 255 sigfillset(&blocked); 256 sigprocmask(SIG_BLOCK, &blocked, NULL); 257 flush_signals(current); 258 259 printk(KERN_INFO "adb: starting probe task...\n"); 260 do_adb_reset_bus(); 261 printk(KERN_INFO "adb: finished probe task...\n"); 262 263 adb_probe_task_pid = 0; 264 up(&adb_probe_mutex); 265 266 return 0; 267 } 268 269 static void 270 __adb_probe_task(struct work_struct *bullshit) 271 { 272 adb_probe_task_pid = kernel_thread(adb_probe_task, NULL, SIGCHLD | CLONE_KERNEL); 273 } 274 275 static DECLARE_WORK(adb_reset_work, __adb_probe_task); 276 277 int 278 adb_reset_bus(void) 279 { 280 if (__adb_probe_sync) { 281 do_adb_reset_bus(); 282 return 0; 283 } 284 285 down(&adb_probe_mutex); 286 schedule_work(&adb_reset_work); 287 return 0; 288 } 289 290 int __init adb_init(void) 291 { 292 struct adb_driver *driver; 293 int i; 294 295 #ifdef CONFIG_PPC32 296 if (!machine_is(chrp) && !machine_is(powermac)) 297 return 0; 298 #endif 299 #ifdef CONFIG_MAC 300 if (!MACH_IS_MAC) 301 return 0; 302 #endif 303 304 /* xmon may do early-init */ 305 if (adb_inited) 306 return 0; 307 adb_inited = 1; 308 309 adb_controller = NULL; 310 311 i = 0; 312 while ((driver = adb_driver_list[i++]) != NULL) { 313 if (!driver->probe()) { 314 adb_controller = driver; 315 break; 316 } 317 } 318 if ((adb_controller == NULL) || adb_controller->init()) { 319 printk(KERN_WARNING "Warning: no ADB interface detected\n"); 320 adb_controller = NULL; 321 } else { 322 #ifdef CONFIG_PM 323 pmu_register_sleep_notifier(&adb_sleep_notifier); 324 #endif /* CONFIG_PM */ 325 #ifdef CONFIG_PPC 326 if (machine_is_compatible("AAPL,PowerBook1998") || 327 machine_is_compatible("PowerBook1,1")) 328 sleepy_trackpad = 1; 329 #endif /* CONFIG_PPC */ 330 init_completion(&adb_probe_task_comp); 331 adbdev_init(); 332 adb_reset_bus(); 333 } 334 return 0; 335 } 336 337 __initcall(adb_init); 338 339 #ifdef CONFIG_PM 340 /* 341 * notify clients before sleep and reset bus afterwards 342 */ 343 void 344 adb_notify_sleep(struct pmu_sleep_notifier *self, int when) 345 { 346 switch (when) { 347 case PBOOK_SLEEP_REQUEST: 348 adb_got_sleep = 1; 349 /* We need to get a lock on the probe thread */ 350 down(&adb_probe_mutex); 351 /* Stop autopoll */ 352 if (adb_controller->autopoll) 353 adb_controller->autopoll(0); 354 blocking_notifier_call_chain(&adb_client_list, 355 ADB_MSG_POWERDOWN, NULL); 356 break; 357 case PBOOK_WAKE: 358 adb_got_sleep = 0; 359 up(&adb_probe_mutex); 360 adb_reset_bus(); 361 break; 362 } 363 } 364 #endif /* CONFIG_PM */ 365 366 static int 367 do_adb_reset_bus(void) 368 { 369 int ret; 370 371 if (adb_controller == NULL) 372 return -ENXIO; 373 374 if (adb_controller->autopoll) 375 adb_controller->autopoll(0); 376 377 blocking_notifier_call_chain(&adb_client_list, 378 ADB_MSG_PRE_RESET, NULL); 379 380 if (sleepy_trackpad) { 381 /* Let the trackpad settle down */ 382 adb_wait_ms(500); 383 } 384 385 down(&adb_handler_sem); 386 write_lock_irq(&adb_handler_lock); 387 memset(adb_handler, 0, sizeof(adb_handler)); 388 write_unlock_irq(&adb_handler_lock); 389 390 /* That one is still a bit synchronous, oh well... */ 391 if (adb_controller->reset_bus) 392 ret = adb_controller->reset_bus(); 393 else 394 ret = 0; 395 396 if (sleepy_trackpad) { 397 /* Let the trackpad settle down */ 398 adb_wait_ms(1500); 399 } 400 401 if (!ret) { 402 autopoll_devs = adb_scan_bus(); 403 if (adb_controller->autopoll) 404 adb_controller->autopoll(autopoll_devs); 405 } 406 up(&adb_handler_sem); 407 408 blocking_notifier_call_chain(&adb_client_list, 409 ADB_MSG_POST_RESET, NULL); 410 411 return ret; 412 } 413 414 void 415 adb_poll(void) 416 { 417 if ((adb_controller == NULL)||(adb_controller->poll == NULL)) 418 return; 419 adb_controller->poll(); 420 } 421 422 static void 423 adb_probe_wakeup(struct adb_request *req) 424 { 425 complete(&adb_probe_task_comp); 426 } 427 428 /* Static request used during probe */ 429 static struct adb_request adb_sreq; 430 static unsigned long adb_sreq_lock; // Use semaphore ! */ 431 432 int 433 adb_request(struct adb_request *req, void (*done)(struct adb_request *), 434 int flags, int nbytes, ...) 435 { 436 va_list list; 437 int i, use_sreq; 438 int rc; 439 440 if ((adb_controller == NULL) || (adb_controller->send_request == NULL)) 441 return -ENXIO; 442 if (nbytes < 1) 443 return -EINVAL; 444 if (req == NULL && (flags & ADBREQ_NOSEND)) 445 return -EINVAL; 446 447 if (req == NULL) { 448 if (test_and_set_bit(0,&adb_sreq_lock)) { 449 printk("adb.c: Warning: contention on static request !\n"); 450 return -EPERM; 451 } 452 req = &adb_sreq; 453 flags |= ADBREQ_SYNC; 454 use_sreq = 1; 455 } else 456 use_sreq = 0; 457 req->nbytes = nbytes+1; 458 req->done = done; 459 req->reply_expected = flags & ADBREQ_REPLY; 460 req->data[0] = ADB_PACKET; 461 va_start(list, nbytes); 462 for (i = 0; i < nbytes; ++i) 463 req->data[i+1] = va_arg(list, int); 464 va_end(list); 465 466 if (flags & ADBREQ_NOSEND) 467 return 0; 468 469 /* Synchronous requests send from the probe thread cause it to 470 * block. Beware that the "done" callback will be overriden ! 471 */ 472 if ((flags & ADBREQ_SYNC) && 473 (current->pid && adb_probe_task_pid && 474 adb_probe_task_pid == current->pid)) { 475 req->done = adb_probe_wakeup; 476 rc = adb_controller->send_request(req, 0); 477 if (rc || req->complete) 478 goto bail; 479 wait_for_completion(&adb_probe_task_comp); 480 rc = 0; 481 goto bail; 482 } 483 484 rc = adb_controller->send_request(req, flags & ADBREQ_SYNC); 485 bail: 486 if (use_sreq) 487 clear_bit(0, &adb_sreq_lock); 488 489 return rc; 490 } 491 492 /* Ultimately this should return the number of devices with 493 the given default id. 494 And it does it now ! Note: changed behaviour: This function 495 will now register if default_id _and_ handler_id both match 496 but handler_id can be left to 0 to match with default_id only. 497 When handler_id is set, this function will try to adjust 498 the handler_id id it doesn't match. */ 499 int 500 adb_register(int default_id, int handler_id, struct adb_ids *ids, 501 void (*handler)(unsigned char *, int, int)) 502 { 503 int i; 504 505 down(&adb_handler_sem); 506 ids->nids = 0; 507 for (i = 1; i < 16; i++) { 508 if ((adb_handler[i].original_address == default_id) && 509 (!handler_id || (handler_id == adb_handler[i].handler_id) || 510 try_handler_change(i, handler_id))) { 511 if (adb_handler[i].handler != 0) { 512 printk(KERN_ERR 513 "Two handlers for ADB device %d\n", 514 default_id); 515 continue; 516 } 517 write_lock_irq(&adb_handler_lock); 518 adb_handler[i].handler = handler; 519 write_unlock_irq(&adb_handler_lock); 520 ids->id[ids->nids++] = i; 521 } 522 } 523 up(&adb_handler_sem); 524 return ids->nids; 525 } 526 527 int 528 adb_unregister(int index) 529 { 530 int ret = -ENODEV; 531 532 down(&adb_handler_sem); 533 write_lock_irq(&adb_handler_lock); 534 if (adb_handler[index].handler) { 535 while(adb_handler[index].busy) { 536 write_unlock_irq(&adb_handler_lock); 537 yield(); 538 write_lock_irq(&adb_handler_lock); 539 } 540 ret = 0; 541 adb_handler[index].handler = NULL; 542 } 543 write_unlock_irq(&adb_handler_lock); 544 up(&adb_handler_sem); 545 return ret; 546 } 547 548 void 549 adb_input(unsigned char *buf, int nb, int autopoll) 550 { 551 int i, id; 552 static int dump_adb_input = 0; 553 unsigned long flags; 554 555 void (*handler)(unsigned char *, int, int); 556 557 /* We skip keystrokes and mouse moves when the sleep process 558 * has been started. We stop autopoll, but this is another security 559 */ 560 if (adb_got_sleep) 561 return; 562 563 id = buf[0] >> 4; 564 if (dump_adb_input) { 565 printk(KERN_INFO "adb packet: "); 566 for (i = 0; i < nb; ++i) 567 printk(" %x", buf[i]); 568 printk(", id = %d\n", id); 569 } 570 write_lock_irqsave(&adb_handler_lock, flags); 571 handler = adb_handler[id].handler; 572 if (handler != NULL) 573 adb_handler[id].busy = 1; 574 write_unlock_irqrestore(&adb_handler_lock, flags); 575 if (handler != NULL) { 576 (*handler)(buf, nb, autopoll); 577 wmb(); 578 adb_handler[id].busy = 0; 579 } 580 581 } 582 583 /* Try to change handler to new_id. Will return 1 if successful. */ 584 static int try_handler_change(int address, int new_id) 585 { 586 struct adb_request req; 587 588 if (adb_handler[address].handler_id == new_id) 589 return 1; 590 adb_request(&req, NULL, ADBREQ_SYNC, 3, 591 ADB_WRITEREG(address, 3), address | 0x20, new_id); 592 adb_request(&req, NULL, ADBREQ_SYNC | ADBREQ_REPLY, 1, 593 ADB_READREG(address, 3)); 594 if (req.reply_len < 2) 595 return 0; 596 if (req.reply[2] != new_id) 597 return 0; 598 adb_handler[address].handler_id = req.reply[2]; 599 600 return 1; 601 } 602 603 int 604 adb_try_handler_change(int address, int new_id) 605 { 606 int ret; 607 608 down(&adb_handler_sem); 609 ret = try_handler_change(address, new_id); 610 up(&adb_handler_sem); 611 return ret; 612 } 613 614 int 615 adb_get_infos(int address, int *original_address, int *handler_id) 616 { 617 down(&adb_handler_sem); 618 *original_address = adb_handler[address].original_address; 619 *handler_id = adb_handler[address].handler_id; 620 up(&adb_handler_sem); 621 622 return (*original_address != 0); 623 } 624 625 626 /* 627 * /dev/adb device driver. 628 */ 629 630 #define ADB_MAJOR 56 /* major number for /dev/adb */ 631 632 struct adbdev_state { 633 spinlock_t lock; 634 atomic_t n_pending; 635 struct adb_request *completed; 636 wait_queue_head_t wait_queue; 637 int inuse; 638 }; 639 640 static void adb_write_done(struct adb_request *req) 641 { 642 struct adbdev_state *state = (struct adbdev_state *) req->arg; 643 unsigned long flags; 644 645 if (!req->complete) { 646 req->reply_len = 0; 647 req->complete = 1; 648 } 649 spin_lock_irqsave(&state->lock, flags); 650 atomic_dec(&state->n_pending); 651 if (!state->inuse) { 652 kfree(req); 653 if (atomic_read(&state->n_pending) == 0) { 654 spin_unlock_irqrestore(&state->lock, flags); 655 kfree(state); 656 return; 657 } 658 } else { 659 struct adb_request **ap = &state->completed; 660 while (*ap != NULL) 661 ap = &(*ap)->next; 662 req->next = NULL; 663 *ap = req; 664 wake_up_interruptible(&state->wait_queue); 665 } 666 spin_unlock_irqrestore(&state->lock, flags); 667 } 668 669 static int 670 do_adb_query(struct adb_request *req) 671 { 672 int ret = -EINVAL; 673 674 switch(req->data[1]) 675 { 676 case ADB_QUERY_GETDEVINFO: 677 if (req->nbytes < 3) 678 break; 679 down(&adb_handler_sem); 680 req->reply[0] = adb_handler[req->data[2]].original_address; 681 req->reply[1] = adb_handler[req->data[2]].handler_id; 682 up(&adb_handler_sem); 683 req->complete = 1; 684 req->reply_len = 2; 685 adb_write_done(req); 686 ret = 0; 687 break; 688 } 689 return ret; 690 } 691 692 static int adb_open(struct inode *inode, struct file *file) 693 { 694 struct adbdev_state *state; 695 696 if (iminor(inode) > 0 || adb_controller == NULL) 697 return -ENXIO; 698 state = kmalloc(sizeof(struct adbdev_state), GFP_KERNEL); 699 if (state == 0) 700 return -ENOMEM; 701 file->private_data = state; 702 spin_lock_init(&state->lock); 703 atomic_set(&state->n_pending, 0); 704 state->completed = NULL; 705 init_waitqueue_head(&state->wait_queue); 706 state->inuse = 1; 707 708 return 0; 709 } 710 711 static int adb_release(struct inode *inode, struct file *file) 712 { 713 struct adbdev_state *state = file->private_data; 714 unsigned long flags; 715 716 lock_kernel(); 717 if (state) { 718 file->private_data = NULL; 719 spin_lock_irqsave(&state->lock, flags); 720 if (atomic_read(&state->n_pending) == 0 721 && state->completed == NULL) { 722 spin_unlock_irqrestore(&state->lock, flags); 723 kfree(state); 724 } else { 725 state->inuse = 0; 726 spin_unlock_irqrestore(&state->lock, flags); 727 } 728 } 729 unlock_kernel(); 730 return 0; 731 } 732 733 static ssize_t adb_read(struct file *file, char __user *buf, 734 size_t count, loff_t *ppos) 735 { 736 int ret = 0; 737 struct adbdev_state *state = file->private_data; 738 struct adb_request *req; 739 wait_queue_t wait = __WAITQUEUE_INITIALIZER(wait,current); 740 unsigned long flags; 741 742 if (count < 2) 743 return -EINVAL; 744 if (count > sizeof(req->reply)) 745 count = sizeof(req->reply); 746 if (!access_ok(VERIFY_WRITE, buf, count)) 747 return -EFAULT; 748 749 req = NULL; 750 spin_lock_irqsave(&state->lock, flags); 751 add_wait_queue(&state->wait_queue, &wait); 752 current->state = TASK_INTERRUPTIBLE; 753 754 for (;;) { 755 req = state->completed; 756 if (req != NULL) 757 state->completed = req->next; 758 else if (atomic_read(&state->n_pending) == 0) 759 ret = -EIO; 760 if (req != NULL || ret != 0) 761 break; 762 763 if (file->f_flags & O_NONBLOCK) { 764 ret = -EAGAIN; 765 break; 766 } 767 if (signal_pending(current)) { 768 ret = -ERESTARTSYS; 769 break; 770 } 771 spin_unlock_irqrestore(&state->lock, flags); 772 schedule(); 773 spin_lock_irqsave(&state->lock, flags); 774 } 775 776 current->state = TASK_RUNNING; 777 remove_wait_queue(&state->wait_queue, &wait); 778 spin_unlock_irqrestore(&state->lock, flags); 779 780 if (ret) 781 return ret; 782 783 ret = req->reply_len; 784 if (ret > count) 785 ret = count; 786 if (ret > 0 && copy_to_user(buf, req->reply, ret)) 787 ret = -EFAULT; 788 789 kfree(req); 790 return ret; 791 } 792 793 static ssize_t adb_write(struct file *file, const char __user *buf, 794 size_t count, loff_t *ppos) 795 { 796 int ret/*, i*/; 797 struct adbdev_state *state = file->private_data; 798 struct adb_request *req; 799 800 if (count < 2 || count > sizeof(req->data)) 801 return -EINVAL; 802 if (adb_controller == NULL) 803 return -ENXIO; 804 if (!access_ok(VERIFY_READ, buf, count)) 805 return -EFAULT; 806 807 req = kmalloc(sizeof(struct adb_request), 808 GFP_KERNEL); 809 if (req == NULL) 810 return -ENOMEM; 811 812 req->nbytes = count; 813 req->done = adb_write_done; 814 req->arg = (void *) state; 815 req->complete = 0; 816 817 ret = -EFAULT; 818 if (copy_from_user(req->data, buf, count)) 819 goto out; 820 821 atomic_inc(&state->n_pending); 822 823 /* If a probe is in progress or we are sleeping, wait for it to complete */ 824 down(&adb_probe_mutex); 825 826 /* Queries are special requests sent to the ADB driver itself */ 827 if (req->data[0] == ADB_QUERY) { 828 if (count > 1) 829 ret = do_adb_query(req); 830 else 831 ret = -EINVAL; 832 up(&adb_probe_mutex); 833 } 834 /* Special case for ADB_BUSRESET request, all others are sent to 835 the controller */ 836 else if ((req->data[0] == ADB_PACKET)&&(count > 1) 837 &&(req->data[1] == ADB_BUSRESET)) { 838 ret = do_adb_reset_bus(); 839 up(&adb_probe_mutex); 840 atomic_dec(&state->n_pending); 841 if (ret == 0) 842 ret = count; 843 goto out; 844 } else { 845 req->reply_expected = ((req->data[1] & 0xc) == 0xc); 846 if (adb_controller && adb_controller->send_request) 847 ret = adb_controller->send_request(req, 0); 848 else 849 ret = -ENXIO; 850 up(&adb_probe_mutex); 851 } 852 853 if (ret != 0) { 854 atomic_dec(&state->n_pending); 855 goto out; 856 } 857 return count; 858 859 out: 860 kfree(req); 861 return ret; 862 } 863 864 static const struct file_operations adb_fops = { 865 .owner = THIS_MODULE, 866 .llseek = no_llseek, 867 .read = adb_read, 868 .write = adb_write, 869 .open = adb_open, 870 .release = adb_release, 871 }; 872 873 static void 874 adbdev_init(void) 875 { 876 if (register_chrdev(ADB_MAJOR, "adb", &adb_fops)) { 877 printk(KERN_ERR "adb: unable to get major %d\n", ADB_MAJOR); 878 return; 879 } 880 881 adb_dev_class = class_create(THIS_MODULE, "adb"); 882 if (IS_ERR(adb_dev_class)) 883 return; 884 class_device_create(adb_dev_class, NULL, MKDEV(ADB_MAJOR, 0), NULL, "adb"); 885 } 886