1 // SPDX-License-Identifier: GPL-2.0-only 2 /* 3 * cistpl.c -- 16-bit PCMCIA Card Information Structure parser 4 * 5 * The initial developer of the original code is David A. Hinds 6 * <dahinds@users.sourceforge.net>. Portions created by David A. Hinds 7 * are Copyright (C) 1999 David A. Hinds. All Rights Reserved. 8 * 9 * (C) 1999 David A. Hinds 10 */ 11 12 #include <linux/module.h> 13 #include <linux/moduleparam.h> 14 #include <linux/kernel.h> 15 #include <linux/string.h> 16 #include <linux/major.h> 17 #include <linux/errno.h> 18 #include <linux/timer.h> 19 #include <linux/slab.h> 20 #include <linux/mm.h> 21 #include <linux/pci.h> 22 #include <linux/ioport.h> 23 #include <linux/io.h> 24 #include <asm/byteorder.h> 25 #include <asm/unaligned.h> 26 27 #include <pcmcia/ss.h> 28 #include <pcmcia/cisreg.h> 29 #include <pcmcia/cistpl.h> 30 #include "cs_internal.h" 31 32 static const u_char mantissa[] = { 33 10, 12, 13, 15, 20, 25, 30, 35, 34 40, 45, 50, 55, 60, 70, 80, 90 35 }; 36 37 static const u_int exponent[] = { 38 1, 10, 100, 1000, 10000, 100000, 1000000, 10000000 39 }; 40 41 /* Convert an extended speed byte to a time in nanoseconds */ 42 #define SPEED_CVT(v) \ 43 (mantissa[(((v)>>3)&15)-1] * exponent[(v)&7] / 10) 44 /* Convert a power byte to a current in 0.1 microamps */ 45 #define POWER_CVT(v) \ 46 (mantissa[((v)>>3)&15] * exponent[(v)&7] / 10) 47 #define POWER_SCALE(v) (exponent[(v)&7]) 48 49 /* Upper limit on reasonable # of tuples */ 50 #define MAX_TUPLES 200 51 52 /* Bits in IRQInfo1 field */ 53 #define IRQ_INFO2_VALID 0x10 54 55 /* 16-bit CIS? */ 56 static int cis_width; 57 module_param(cis_width, int, 0444); 58 59 void release_cis_mem(struct pcmcia_socket *s) 60 { 61 mutex_lock(&s->ops_mutex); 62 if (s->cis_mem.flags & MAP_ACTIVE) { 63 s->cis_mem.flags &= ~MAP_ACTIVE; 64 s->ops->set_mem_map(s, &s->cis_mem); 65 if (s->cis_mem.res) { 66 release_resource(s->cis_mem.res); 67 kfree(s->cis_mem.res); 68 s->cis_mem.res = NULL; 69 } 70 iounmap(s->cis_virt); 71 s->cis_virt = NULL; 72 } 73 mutex_unlock(&s->ops_mutex); 74 } 75 76 /** 77 * set_cis_map() - map the card memory at "card_offset" into virtual space. 78 * 79 * If flags & MAP_ATTRIB, map the attribute space, otherwise 80 * map the memory space. 81 * 82 * Must be called with ops_mutex held. 83 */ 84 static void __iomem *set_cis_map(struct pcmcia_socket *s, 85 unsigned int card_offset, unsigned int flags) 86 { 87 pccard_mem_map *mem = &s->cis_mem; 88 int ret; 89 90 if (!(s->features & SS_CAP_STATIC_MAP) && (mem->res == NULL)) { 91 mem->res = pcmcia_find_mem_region(0, s->map_size, 92 s->map_size, 0, s); 93 if (mem->res == NULL) { 94 dev_notice(&s->dev, "cs: unable to map card memory!\n"); 95 return NULL; 96 } 97 s->cis_virt = NULL; 98 } 99 100 if (!(s->features & SS_CAP_STATIC_MAP) && (!s->cis_virt)) 101 s->cis_virt = ioremap(mem->res->start, s->map_size); 102 103 mem->card_start = card_offset; 104 mem->flags = flags; 105 106 ret = s->ops->set_mem_map(s, mem); 107 if (ret) { 108 iounmap(s->cis_virt); 109 s->cis_virt = NULL; 110 return NULL; 111 } 112 113 if (s->features & SS_CAP_STATIC_MAP) { 114 if (s->cis_virt) 115 iounmap(s->cis_virt); 116 s->cis_virt = ioremap(mem->static_start, s->map_size); 117 } 118 119 return s->cis_virt; 120 } 121 122 123 /* Bits in attr field */ 124 #define IS_ATTR 1 125 #define IS_INDIRECT 8 126 127 /** 128 * pcmcia_read_cis_mem() - low-level function to read CIS memory 129 * 130 * must be called with ops_mutex held 131 */ 132 int pcmcia_read_cis_mem(struct pcmcia_socket *s, int attr, u_int addr, 133 u_int len, void *ptr) 134 { 135 void __iomem *sys, *end; 136 unsigned char *buf = ptr; 137 138 dev_dbg(&s->dev, "pcmcia_read_cis_mem(%d, %#x, %u)\n", attr, addr, len); 139 140 if (attr & IS_INDIRECT) { 141 /* Indirect accesses use a bunch of special registers at fixed 142 locations in common memory */ 143 u_char flags = ICTRL0_COMMON|ICTRL0_AUTOINC|ICTRL0_BYTEGRAN; 144 if (attr & IS_ATTR) { 145 addr *= 2; 146 flags = ICTRL0_AUTOINC; 147 } 148 149 sys = set_cis_map(s, 0, MAP_ACTIVE | 150 ((cis_width) ? MAP_16BIT : 0)); 151 if (!sys) { 152 dev_dbg(&s->dev, "could not map memory\n"); 153 memset(ptr, 0xff, len); 154 return -1; 155 } 156 157 writeb(flags, sys+CISREG_ICTRL0); 158 writeb(addr & 0xff, sys+CISREG_IADDR0); 159 writeb((addr>>8) & 0xff, sys+CISREG_IADDR1); 160 writeb((addr>>16) & 0xff, sys+CISREG_IADDR2); 161 writeb((addr>>24) & 0xff, sys+CISREG_IADDR3); 162 for ( ; len > 0; len--, buf++) 163 *buf = readb(sys+CISREG_IDATA0); 164 } else { 165 u_int inc = 1, card_offset, flags; 166 167 if (addr > CISTPL_MAX_CIS_SIZE) { 168 dev_dbg(&s->dev, 169 "attempt to read CIS mem at addr %#x", addr); 170 memset(ptr, 0xff, len); 171 return -1; 172 } 173 174 flags = MAP_ACTIVE | ((cis_width) ? MAP_16BIT : 0); 175 if (attr) { 176 flags |= MAP_ATTRIB; 177 inc++; 178 addr *= 2; 179 } 180 181 card_offset = addr & ~(s->map_size-1); 182 while (len) { 183 sys = set_cis_map(s, card_offset, flags); 184 if (!sys) { 185 dev_dbg(&s->dev, "could not map memory\n"); 186 memset(ptr, 0xff, len); 187 return -1; 188 } 189 end = sys + s->map_size; 190 sys = sys + (addr & (s->map_size-1)); 191 for ( ; len > 0; len--, buf++, sys += inc) { 192 if (sys == end) 193 break; 194 *buf = readb(sys); 195 } 196 card_offset += s->map_size; 197 addr = 0; 198 } 199 } 200 dev_dbg(&s->dev, " %#2.2x %#2.2x %#2.2x %#2.2x ...\n", 201 *(u_char *)(ptr+0), *(u_char *)(ptr+1), 202 *(u_char *)(ptr+2), *(u_char *)(ptr+3)); 203 return 0; 204 } 205 206 207 /** 208 * pcmcia_write_cis_mem() - low-level function to write CIS memory 209 * 210 * Probably only useful for writing one-byte registers. Must be called 211 * with ops_mutex held. 212 */ 213 int pcmcia_write_cis_mem(struct pcmcia_socket *s, int attr, u_int addr, 214 u_int len, void *ptr) 215 { 216 void __iomem *sys, *end; 217 unsigned char *buf = ptr; 218 219 dev_dbg(&s->dev, 220 "pcmcia_write_cis_mem(%d, %#x, %u)\n", attr, addr, len); 221 222 if (attr & IS_INDIRECT) { 223 /* Indirect accesses use a bunch of special registers at fixed 224 locations in common memory */ 225 u_char flags = ICTRL0_COMMON|ICTRL0_AUTOINC|ICTRL0_BYTEGRAN; 226 if (attr & IS_ATTR) { 227 addr *= 2; 228 flags = ICTRL0_AUTOINC; 229 } 230 231 sys = set_cis_map(s, 0, MAP_ACTIVE | 232 ((cis_width) ? MAP_16BIT : 0)); 233 if (!sys) { 234 dev_dbg(&s->dev, "could not map memory\n"); 235 return -EINVAL; 236 } 237 238 writeb(flags, sys+CISREG_ICTRL0); 239 writeb(addr & 0xff, sys+CISREG_IADDR0); 240 writeb((addr>>8) & 0xff, sys+CISREG_IADDR1); 241 writeb((addr>>16) & 0xff, sys+CISREG_IADDR2); 242 writeb((addr>>24) & 0xff, sys+CISREG_IADDR3); 243 for ( ; len > 0; len--, buf++) 244 writeb(*buf, sys+CISREG_IDATA0); 245 } else { 246 u_int inc = 1, card_offset, flags; 247 248 flags = MAP_ACTIVE | ((cis_width) ? MAP_16BIT : 0); 249 if (attr & IS_ATTR) { 250 flags |= MAP_ATTRIB; 251 inc++; 252 addr *= 2; 253 } 254 255 card_offset = addr & ~(s->map_size-1); 256 while (len) { 257 sys = set_cis_map(s, card_offset, flags); 258 if (!sys) { 259 dev_dbg(&s->dev, "could not map memory\n"); 260 return -EINVAL; 261 } 262 263 end = sys + s->map_size; 264 sys = sys + (addr & (s->map_size-1)); 265 for ( ; len > 0; len--, buf++, sys += inc) { 266 if (sys == end) 267 break; 268 writeb(*buf, sys); 269 } 270 card_offset += s->map_size; 271 addr = 0; 272 } 273 } 274 return 0; 275 } 276 277 278 /** 279 * read_cis_cache() - read CIS memory or its associated cache 280 * 281 * This is a wrapper around read_cis_mem, with the same interface, 282 * but which caches information, for cards whose CIS may not be 283 * readable all the time. 284 */ 285 static int read_cis_cache(struct pcmcia_socket *s, int attr, u_int addr, 286 size_t len, void *ptr) 287 { 288 struct cis_cache_entry *cis; 289 int ret = 0; 290 291 if (s->state & SOCKET_CARDBUS) 292 return -EINVAL; 293 294 mutex_lock(&s->ops_mutex); 295 if (s->fake_cis) { 296 if (s->fake_cis_len >= addr+len) 297 memcpy(ptr, s->fake_cis+addr, len); 298 else { 299 memset(ptr, 0xff, len); 300 ret = -EINVAL; 301 } 302 mutex_unlock(&s->ops_mutex); 303 return ret; 304 } 305 306 list_for_each_entry(cis, &s->cis_cache, node) { 307 if (cis->addr == addr && cis->len == len && cis->attr == attr) { 308 memcpy(ptr, cis->cache, len); 309 mutex_unlock(&s->ops_mutex); 310 return 0; 311 } 312 } 313 314 ret = pcmcia_read_cis_mem(s, attr, addr, len, ptr); 315 316 if (ret == 0) { 317 /* Copy data into the cache */ 318 cis = kmalloc(sizeof(struct cis_cache_entry) + len, GFP_KERNEL); 319 if (cis) { 320 cis->addr = addr; 321 cis->len = len; 322 cis->attr = attr; 323 memcpy(cis->cache, ptr, len); 324 list_add(&cis->node, &s->cis_cache); 325 } 326 } 327 mutex_unlock(&s->ops_mutex); 328 329 return ret; 330 } 331 332 static void 333 remove_cis_cache(struct pcmcia_socket *s, int attr, u_int addr, u_int len) 334 { 335 struct cis_cache_entry *cis; 336 337 mutex_lock(&s->ops_mutex); 338 list_for_each_entry(cis, &s->cis_cache, node) 339 if (cis->addr == addr && cis->len == len && cis->attr == attr) { 340 list_del(&cis->node); 341 kfree(cis); 342 break; 343 } 344 mutex_unlock(&s->ops_mutex); 345 } 346 347 /** 348 * destroy_cis_cache() - destroy the CIS cache 349 * @s: pcmcia_socket for which CIS cache shall be destroyed 350 * 351 * This destroys the CIS cache but keeps any fake CIS alive. Must be 352 * called with ops_mutex held. 353 */ 354 void destroy_cis_cache(struct pcmcia_socket *s) 355 { 356 struct list_head *l, *n; 357 struct cis_cache_entry *cis; 358 359 list_for_each_safe(l, n, &s->cis_cache) { 360 cis = list_entry(l, struct cis_cache_entry, node); 361 list_del(&cis->node); 362 kfree(cis); 363 } 364 } 365 366 /** 367 * verify_cis_cache() - does the CIS match what is in the CIS cache? 368 */ 369 int verify_cis_cache(struct pcmcia_socket *s) 370 { 371 struct cis_cache_entry *cis; 372 char *buf; 373 int ret; 374 375 if (s->state & SOCKET_CARDBUS) 376 return -EINVAL; 377 378 buf = kmalloc(256, GFP_KERNEL); 379 if (buf == NULL) { 380 dev_warn(&s->dev, "no memory for verifying CIS\n"); 381 return -ENOMEM; 382 } 383 mutex_lock(&s->ops_mutex); 384 list_for_each_entry(cis, &s->cis_cache, node) { 385 int len = cis->len; 386 387 if (len > 256) 388 len = 256; 389 390 ret = pcmcia_read_cis_mem(s, cis->attr, cis->addr, len, buf); 391 if (ret || memcmp(buf, cis->cache, len) != 0) { 392 kfree(buf); 393 mutex_unlock(&s->ops_mutex); 394 return -1; 395 } 396 } 397 kfree(buf); 398 mutex_unlock(&s->ops_mutex); 399 return 0; 400 } 401 402 /** 403 * pcmcia_replace_cis() - use a replacement CIS instead of the card's CIS 404 * 405 * For really bad cards, we provide a facility for uploading a 406 * replacement CIS. 407 */ 408 int pcmcia_replace_cis(struct pcmcia_socket *s, 409 const u8 *data, const size_t len) 410 { 411 if (len > CISTPL_MAX_CIS_SIZE) { 412 dev_warn(&s->dev, "replacement CIS too big\n"); 413 return -EINVAL; 414 } 415 mutex_lock(&s->ops_mutex); 416 kfree(s->fake_cis); 417 s->fake_cis = kmalloc(len, GFP_KERNEL); 418 if (s->fake_cis == NULL) { 419 dev_warn(&s->dev, "no memory to replace CIS\n"); 420 mutex_unlock(&s->ops_mutex); 421 return -ENOMEM; 422 } 423 s->fake_cis_len = len; 424 memcpy(s->fake_cis, data, len); 425 dev_info(&s->dev, "Using replacement CIS\n"); 426 mutex_unlock(&s->ops_mutex); 427 return 0; 428 } 429 430 /* The high-level CIS tuple services */ 431 432 struct tuple_flags { 433 u_int link_space:4; 434 u_int has_link:1; 435 u_int mfc_fn:3; 436 u_int space:4; 437 }; 438 439 #define LINK_SPACE(f) (((struct tuple_flags *)(&(f)))->link_space) 440 #define HAS_LINK(f) (((struct tuple_flags *)(&(f)))->has_link) 441 #define MFC_FN(f) (((struct tuple_flags *)(&(f)))->mfc_fn) 442 #define SPACE(f) (((struct tuple_flags *)(&(f)))->space) 443 444 int pccard_get_first_tuple(struct pcmcia_socket *s, unsigned int function, 445 tuple_t *tuple) 446 { 447 if (!s) 448 return -EINVAL; 449 450 if (!(s->state & SOCKET_PRESENT) || (s->state & SOCKET_CARDBUS)) 451 return -ENODEV; 452 tuple->TupleLink = tuple->Flags = 0; 453 454 /* Assume presence of a LONGLINK_C to address 0 */ 455 tuple->CISOffset = tuple->LinkOffset = 0; 456 SPACE(tuple->Flags) = HAS_LINK(tuple->Flags) = 1; 457 458 if ((s->functions > 1) && !(tuple->Attributes & TUPLE_RETURN_COMMON)) { 459 cisdata_t req = tuple->DesiredTuple; 460 tuple->DesiredTuple = CISTPL_LONGLINK_MFC; 461 if (pccard_get_next_tuple(s, function, tuple) == 0) { 462 tuple->DesiredTuple = CISTPL_LINKTARGET; 463 if (pccard_get_next_tuple(s, function, tuple) != 0) 464 return -ENOSPC; 465 } else 466 tuple->CISOffset = tuple->TupleLink = 0; 467 tuple->DesiredTuple = req; 468 } 469 return pccard_get_next_tuple(s, function, tuple); 470 } 471 472 static int follow_link(struct pcmcia_socket *s, tuple_t *tuple) 473 { 474 u_char link[5]; 475 u_int ofs; 476 int ret; 477 478 if (MFC_FN(tuple->Flags)) { 479 /* Get indirect link from the MFC tuple */ 480 ret = read_cis_cache(s, LINK_SPACE(tuple->Flags), 481 tuple->LinkOffset, 5, link); 482 if (ret) 483 return -1; 484 ofs = get_unaligned_le32(link + 1); 485 SPACE(tuple->Flags) = (link[0] == CISTPL_MFC_ATTR); 486 /* Move to the next indirect link */ 487 tuple->LinkOffset += 5; 488 MFC_FN(tuple->Flags)--; 489 } else if (HAS_LINK(tuple->Flags)) { 490 ofs = tuple->LinkOffset; 491 SPACE(tuple->Flags) = LINK_SPACE(tuple->Flags); 492 HAS_LINK(tuple->Flags) = 0; 493 } else 494 return -1; 495 496 if (SPACE(tuple->Flags)) { 497 /* This is ugly, but a common CIS error is to code the long 498 link offset incorrectly, so we check the right spot... */ 499 ret = read_cis_cache(s, SPACE(tuple->Flags), ofs, 5, link); 500 if (ret) 501 return -1; 502 if ((link[0] == CISTPL_LINKTARGET) && (link[1] >= 3) && 503 (strncmp(link+2, "CIS", 3) == 0)) 504 return ofs; 505 remove_cis_cache(s, SPACE(tuple->Flags), ofs, 5); 506 /* Then, we try the wrong spot... */ 507 ofs = ofs >> 1; 508 } 509 ret = read_cis_cache(s, SPACE(tuple->Flags), ofs, 5, link); 510 if (ret) 511 return -1; 512 if ((link[0] == CISTPL_LINKTARGET) && (link[1] >= 3) && 513 (strncmp(link+2, "CIS", 3) == 0)) 514 return ofs; 515 remove_cis_cache(s, SPACE(tuple->Flags), ofs, 5); 516 return -1; 517 } 518 519 int pccard_get_next_tuple(struct pcmcia_socket *s, unsigned int function, 520 tuple_t *tuple) 521 { 522 u_char link[2], tmp; 523 int ofs, i, attr; 524 int ret; 525 526 if (!s) 527 return -EINVAL; 528 if (!(s->state & SOCKET_PRESENT) || (s->state & SOCKET_CARDBUS)) 529 return -ENODEV; 530 531 link[1] = tuple->TupleLink; 532 ofs = tuple->CISOffset + tuple->TupleLink; 533 attr = SPACE(tuple->Flags); 534 535 for (i = 0; i < MAX_TUPLES; i++) { 536 if (link[1] == 0xff) 537 link[0] = CISTPL_END; 538 else { 539 ret = read_cis_cache(s, attr, ofs, 2, link); 540 if (ret) 541 return -1; 542 if (link[0] == CISTPL_NULL) { 543 ofs++; 544 continue; 545 } 546 } 547 548 /* End of chain? Follow long link if possible */ 549 if (link[0] == CISTPL_END) { 550 ofs = follow_link(s, tuple); 551 if (ofs < 0) 552 return -ENOSPC; 553 attr = SPACE(tuple->Flags); 554 ret = read_cis_cache(s, attr, ofs, 2, link); 555 if (ret) 556 return -1; 557 } 558 559 /* Is this a link tuple? Make a note of it */ 560 if ((link[0] == CISTPL_LONGLINK_A) || 561 (link[0] == CISTPL_LONGLINK_C) || 562 (link[0] == CISTPL_LONGLINK_MFC) || 563 (link[0] == CISTPL_LINKTARGET) || 564 (link[0] == CISTPL_INDIRECT) || 565 (link[0] == CISTPL_NO_LINK)) { 566 switch (link[0]) { 567 case CISTPL_LONGLINK_A: 568 HAS_LINK(tuple->Flags) = 1; 569 LINK_SPACE(tuple->Flags) = attr | IS_ATTR; 570 ret = read_cis_cache(s, attr, ofs+2, 4, 571 &tuple->LinkOffset); 572 if (ret) 573 return -1; 574 break; 575 case CISTPL_LONGLINK_C: 576 HAS_LINK(tuple->Flags) = 1; 577 LINK_SPACE(tuple->Flags) = attr & ~IS_ATTR; 578 ret = read_cis_cache(s, attr, ofs+2, 4, 579 &tuple->LinkOffset); 580 if (ret) 581 return -1; 582 break; 583 case CISTPL_INDIRECT: 584 HAS_LINK(tuple->Flags) = 1; 585 LINK_SPACE(tuple->Flags) = IS_ATTR | 586 IS_INDIRECT; 587 tuple->LinkOffset = 0; 588 break; 589 case CISTPL_LONGLINK_MFC: 590 tuple->LinkOffset = ofs + 3; 591 LINK_SPACE(tuple->Flags) = attr; 592 if (function == BIND_FN_ALL) { 593 /* Follow all the MFC links */ 594 ret = read_cis_cache(s, attr, ofs+2, 595 1, &tmp); 596 if (ret) 597 return -1; 598 MFC_FN(tuple->Flags) = tmp; 599 } else { 600 /* Follow exactly one of the links */ 601 MFC_FN(tuple->Flags) = 1; 602 tuple->LinkOffset += function * 5; 603 } 604 break; 605 case CISTPL_NO_LINK: 606 HAS_LINK(tuple->Flags) = 0; 607 break; 608 } 609 if ((tuple->Attributes & TUPLE_RETURN_LINK) && 610 (tuple->DesiredTuple == RETURN_FIRST_TUPLE)) 611 break; 612 } else 613 if (tuple->DesiredTuple == RETURN_FIRST_TUPLE) 614 break; 615 616 if (link[0] == tuple->DesiredTuple) 617 break; 618 ofs += link[1] + 2; 619 } 620 if (i == MAX_TUPLES) { 621 dev_dbg(&s->dev, "cs: overrun in pcmcia_get_next_tuple\n"); 622 return -ENOSPC; 623 } 624 625 tuple->TupleCode = link[0]; 626 tuple->TupleLink = link[1]; 627 tuple->CISOffset = ofs + 2; 628 return 0; 629 } 630 631 int pccard_get_tuple_data(struct pcmcia_socket *s, tuple_t *tuple) 632 { 633 u_int len; 634 int ret; 635 636 if (!s) 637 return -EINVAL; 638 639 if (tuple->TupleLink < tuple->TupleOffset) 640 return -ENOSPC; 641 len = tuple->TupleLink - tuple->TupleOffset; 642 tuple->TupleDataLen = tuple->TupleLink; 643 if (len == 0) 644 return 0; 645 ret = read_cis_cache(s, SPACE(tuple->Flags), 646 tuple->CISOffset + tuple->TupleOffset, 647 min(len, (u_int) tuple->TupleDataMax), 648 tuple->TupleData); 649 if (ret) 650 return -1; 651 return 0; 652 } 653 654 655 /* Parsing routines for individual tuples */ 656 657 static int parse_device(tuple_t *tuple, cistpl_device_t *device) 658 { 659 int i; 660 u_char scale; 661 u_char *p, *q; 662 663 p = (u_char *)tuple->TupleData; 664 q = p + tuple->TupleDataLen; 665 666 device->ndev = 0; 667 for (i = 0; i < CISTPL_MAX_DEVICES; i++) { 668 669 if (*p == 0xff) 670 break; 671 device->dev[i].type = (*p >> 4); 672 device->dev[i].wp = (*p & 0x08) ? 1 : 0; 673 switch (*p & 0x07) { 674 case 0: 675 device->dev[i].speed = 0; 676 break; 677 case 1: 678 device->dev[i].speed = 250; 679 break; 680 case 2: 681 device->dev[i].speed = 200; 682 break; 683 case 3: 684 device->dev[i].speed = 150; 685 break; 686 case 4: 687 device->dev[i].speed = 100; 688 break; 689 case 7: 690 if (++p == q) 691 return -EINVAL; 692 device->dev[i].speed = SPEED_CVT(*p); 693 while (*p & 0x80) 694 if (++p == q) 695 return -EINVAL; 696 break; 697 default: 698 return -EINVAL; 699 } 700 701 if (++p == q) 702 return -EINVAL; 703 if (*p == 0xff) 704 break; 705 scale = *p & 7; 706 if (scale == 7) 707 return -EINVAL; 708 device->dev[i].size = ((*p >> 3) + 1) * (512 << (scale*2)); 709 device->ndev++; 710 if (++p == q) 711 break; 712 } 713 714 return 0; 715 } 716 717 718 static int parse_checksum(tuple_t *tuple, cistpl_checksum_t *csum) 719 { 720 u_char *p; 721 if (tuple->TupleDataLen < 5) 722 return -EINVAL; 723 p = (u_char *) tuple->TupleData; 724 csum->addr = tuple->CISOffset + get_unaligned_le16(p) - 2; 725 csum->len = get_unaligned_le16(p + 2); 726 csum->sum = *(p + 4); 727 return 0; 728 } 729 730 731 static int parse_longlink(tuple_t *tuple, cistpl_longlink_t *link) 732 { 733 if (tuple->TupleDataLen < 4) 734 return -EINVAL; 735 link->addr = get_unaligned_le32(tuple->TupleData); 736 return 0; 737 } 738 739 740 static int parse_longlink_mfc(tuple_t *tuple, cistpl_longlink_mfc_t *link) 741 { 742 u_char *p; 743 int i; 744 745 p = (u_char *)tuple->TupleData; 746 747 link->nfn = *p; p++; 748 if (tuple->TupleDataLen <= link->nfn*5) 749 return -EINVAL; 750 for (i = 0; i < link->nfn; i++) { 751 link->fn[i].space = *p; p++; 752 link->fn[i].addr = get_unaligned_le32(p); 753 p += 4; 754 } 755 return 0; 756 } 757 758 759 static int parse_strings(u_char *p, u_char *q, int max, 760 char *s, u_char *ofs, u_char *found) 761 { 762 int i, j, ns; 763 764 if (p == q) 765 return -EINVAL; 766 ns = 0; j = 0; 767 for (i = 0; i < max; i++) { 768 if (*p == 0xff) 769 break; 770 ofs[i] = j; 771 ns++; 772 for (;;) { 773 s[j++] = (*p == 0xff) ? '\0' : *p; 774 if ((*p == '\0') || (*p == 0xff)) 775 break; 776 if (++p == q) 777 return -EINVAL; 778 } 779 if ((*p == 0xff) || (++p == q)) 780 break; 781 } 782 if (found) { 783 *found = ns; 784 return 0; 785 } 786 787 return (ns == max) ? 0 : -EINVAL; 788 } 789 790 791 static int parse_vers_1(tuple_t *tuple, cistpl_vers_1_t *vers_1) 792 { 793 u_char *p, *q; 794 795 p = (u_char *)tuple->TupleData; 796 q = p + tuple->TupleDataLen; 797 798 vers_1->major = *p; p++; 799 vers_1->minor = *p; p++; 800 if (p >= q) 801 return -EINVAL; 802 803 return parse_strings(p, q, CISTPL_VERS_1_MAX_PROD_STRINGS, 804 vers_1->str, vers_1->ofs, &vers_1->ns); 805 } 806 807 808 static int parse_altstr(tuple_t *tuple, cistpl_altstr_t *altstr) 809 { 810 u_char *p, *q; 811 812 p = (u_char *)tuple->TupleData; 813 q = p + tuple->TupleDataLen; 814 815 return parse_strings(p, q, CISTPL_MAX_ALTSTR_STRINGS, 816 altstr->str, altstr->ofs, &altstr->ns); 817 } 818 819 820 static int parse_jedec(tuple_t *tuple, cistpl_jedec_t *jedec) 821 { 822 u_char *p, *q; 823 int nid; 824 825 p = (u_char *)tuple->TupleData; 826 q = p + tuple->TupleDataLen; 827 828 for (nid = 0; nid < CISTPL_MAX_DEVICES; nid++) { 829 if (p > q-2) 830 break; 831 jedec->id[nid].mfr = p[0]; 832 jedec->id[nid].info = p[1]; 833 p += 2; 834 } 835 jedec->nid = nid; 836 return 0; 837 } 838 839 840 static int parse_manfid(tuple_t *tuple, cistpl_manfid_t *m) 841 { 842 if (tuple->TupleDataLen < 4) 843 return -EINVAL; 844 m->manf = get_unaligned_le16(tuple->TupleData); 845 m->card = get_unaligned_le16(tuple->TupleData + 2); 846 return 0; 847 } 848 849 850 static int parse_funcid(tuple_t *tuple, cistpl_funcid_t *f) 851 { 852 u_char *p; 853 if (tuple->TupleDataLen < 2) 854 return -EINVAL; 855 p = (u_char *)tuple->TupleData; 856 f->func = p[0]; 857 f->sysinit = p[1]; 858 return 0; 859 } 860 861 862 static int parse_funce(tuple_t *tuple, cistpl_funce_t *f) 863 { 864 u_char *p; 865 int i; 866 if (tuple->TupleDataLen < 1) 867 return -EINVAL; 868 p = (u_char *)tuple->TupleData; 869 f->type = p[0]; 870 for (i = 1; i < tuple->TupleDataLen; i++) 871 f->data[i-1] = p[i]; 872 return 0; 873 } 874 875 876 static int parse_config(tuple_t *tuple, cistpl_config_t *config) 877 { 878 int rasz, rmsz, i; 879 u_char *p; 880 881 p = (u_char *)tuple->TupleData; 882 rasz = *p & 0x03; 883 rmsz = (*p & 0x3c) >> 2; 884 if (tuple->TupleDataLen < rasz+rmsz+4) 885 return -EINVAL; 886 config->last_idx = *(++p); 887 p++; 888 config->base = 0; 889 for (i = 0; i <= rasz; i++) 890 config->base += p[i] << (8*i); 891 p += rasz+1; 892 for (i = 0; i < 4; i++) 893 config->rmask[i] = 0; 894 for (i = 0; i <= rmsz; i++) 895 config->rmask[i>>2] += p[i] << (8*(i%4)); 896 config->subtuples = tuple->TupleDataLen - (rasz+rmsz+4); 897 return 0; 898 } 899 900 /* The following routines are all used to parse the nightmarish 901 * config table entries. 902 */ 903 904 static u_char *parse_power(u_char *p, u_char *q, cistpl_power_t *pwr) 905 { 906 int i; 907 u_int scale; 908 909 if (p == q) 910 return NULL; 911 pwr->present = *p; 912 pwr->flags = 0; 913 p++; 914 for (i = 0; i < 7; i++) 915 if (pwr->present & (1<<i)) { 916 if (p == q) 917 return NULL; 918 pwr->param[i] = POWER_CVT(*p); 919 scale = POWER_SCALE(*p); 920 while (*p & 0x80) { 921 if (++p == q) 922 return NULL; 923 if ((*p & 0x7f) < 100) 924 pwr->param[i] += 925 (*p & 0x7f) * scale / 100; 926 else if (*p == 0x7d) 927 pwr->flags |= CISTPL_POWER_HIGHZ_OK; 928 else if (*p == 0x7e) 929 pwr->param[i] = 0; 930 else if (*p == 0x7f) 931 pwr->flags |= CISTPL_POWER_HIGHZ_REQ; 932 else 933 return NULL; 934 } 935 p++; 936 } 937 return p; 938 } 939 940 941 static u_char *parse_timing(u_char *p, u_char *q, cistpl_timing_t *timing) 942 { 943 u_char scale; 944 945 if (p == q) 946 return NULL; 947 scale = *p; 948 if ((scale & 3) != 3) { 949 if (++p == q) 950 return NULL; 951 timing->wait = SPEED_CVT(*p); 952 timing->waitscale = exponent[scale & 3]; 953 } else 954 timing->wait = 0; 955 scale >>= 2; 956 if ((scale & 7) != 7) { 957 if (++p == q) 958 return NULL; 959 timing->ready = SPEED_CVT(*p); 960 timing->rdyscale = exponent[scale & 7]; 961 } else 962 timing->ready = 0; 963 scale >>= 3; 964 if (scale != 7) { 965 if (++p == q) 966 return NULL; 967 timing->reserved = SPEED_CVT(*p); 968 timing->rsvscale = exponent[scale]; 969 } else 970 timing->reserved = 0; 971 p++; 972 return p; 973 } 974 975 976 static u_char *parse_io(u_char *p, u_char *q, cistpl_io_t *io) 977 { 978 int i, j, bsz, lsz; 979 980 if (p == q) 981 return NULL; 982 io->flags = *p; 983 984 if (!(*p & 0x80)) { 985 io->nwin = 1; 986 io->win[0].base = 0; 987 io->win[0].len = (1 << (io->flags & CISTPL_IO_LINES_MASK)); 988 return p+1; 989 } 990 991 if (++p == q) 992 return NULL; 993 io->nwin = (*p & 0x0f) + 1; 994 bsz = (*p & 0x30) >> 4; 995 if (bsz == 3) 996 bsz++; 997 lsz = (*p & 0xc0) >> 6; 998 if (lsz == 3) 999 lsz++; 1000 p++; 1001 1002 for (i = 0; i < io->nwin; i++) { 1003 io->win[i].base = 0; 1004 io->win[i].len = 1; 1005 for (j = 0; j < bsz; j++, p++) { 1006 if (p == q) 1007 return NULL; 1008 io->win[i].base += *p << (j*8); 1009 } 1010 for (j = 0; j < lsz; j++, p++) { 1011 if (p == q) 1012 return NULL; 1013 io->win[i].len += *p << (j*8); 1014 } 1015 } 1016 return p; 1017 } 1018 1019 1020 static u_char *parse_mem(u_char *p, u_char *q, cistpl_mem_t *mem) 1021 { 1022 int i, j, asz, lsz, has_ha; 1023 u_int len, ca, ha; 1024 1025 if (p == q) 1026 return NULL; 1027 1028 mem->nwin = (*p & 0x07) + 1; 1029 lsz = (*p & 0x18) >> 3; 1030 asz = (*p & 0x60) >> 5; 1031 has_ha = (*p & 0x80); 1032 if (++p == q) 1033 return NULL; 1034 1035 for (i = 0; i < mem->nwin; i++) { 1036 len = ca = ha = 0; 1037 for (j = 0; j < lsz; j++, p++) { 1038 if (p == q) 1039 return NULL; 1040 len += *p << (j*8); 1041 } 1042 for (j = 0; j < asz; j++, p++) { 1043 if (p == q) 1044 return NULL; 1045 ca += *p << (j*8); 1046 } 1047 if (has_ha) 1048 for (j = 0; j < asz; j++, p++) { 1049 if (p == q) 1050 return NULL; 1051 ha += *p << (j*8); 1052 } 1053 mem->win[i].len = len << 8; 1054 mem->win[i].card_addr = ca << 8; 1055 mem->win[i].host_addr = ha << 8; 1056 } 1057 return p; 1058 } 1059 1060 1061 static u_char *parse_irq(u_char *p, u_char *q, cistpl_irq_t *irq) 1062 { 1063 if (p == q) 1064 return NULL; 1065 irq->IRQInfo1 = *p; p++; 1066 if (irq->IRQInfo1 & IRQ_INFO2_VALID) { 1067 if (p+2 > q) 1068 return NULL; 1069 irq->IRQInfo2 = (p[1]<<8) + p[0]; 1070 p += 2; 1071 } 1072 return p; 1073 } 1074 1075 1076 static int parse_cftable_entry(tuple_t *tuple, 1077 cistpl_cftable_entry_t *entry) 1078 { 1079 u_char *p, *q, features; 1080 1081 p = tuple->TupleData; 1082 q = p + tuple->TupleDataLen; 1083 entry->index = *p & 0x3f; 1084 entry->flags = 0; 1085 if (*p & 0x40) 1086 entry->flags |= CISTPL_CFTABLE_DEFAULT; 1087 if (*p & 0x80) { 1088 if (++p == q) 1089 return -EINVAL; 1090 if (*p & 0x10) 1091 entry->flags |= CISTPL_CFTABLE_BVDS; 1092 if (*p & 0x20) 1093 entry->flags |= CISTPL_CFTABLE_WP; 1094 if (*p & 0x40) 1095 entry->flags |= CISTPL_CFTABLE_RDYBSY; 1096 if (*p & 0x80) 1097 entry->flags |= CISTPL_CFTABLE_MWAIT; 1098 entry->interface = *p & 0x0f; 1099 } else 1100 entry->interface = 0; 1101 1102 /* Process optional features */ 1103 if (++p == q) 1104 return -EINVAL; 1105 features = *p; p++; 1106 1107 /* Power options */ 1108 if ((features & 3) > 0) { 1109 p = parse_power(p, q, &entry->vcc); 1110 if (p == NULL) 1111 return -EINVAL; 1112 } else 1113 entry->vcc.present = 0; 1114 if ((features & 3) > 1) { 1115 p = parse_power(p, q, &entry->vpp1); 1116 if (p == NULL) 1117 return -EINVAL; 1118 } else 1119 entry->vpp1.present = 0; 1120 if ((features & 3) > 2) { 1121 p = parse_power(p, q, &entry->vpp2); 1122 if (p == NULL) 1123 return -EINVAL; 1124 } else 1125 entry->vpp2.present = 0; 1126 1127 /* Timing options */ 1128 if (features & 0x04) { 1129 p = parse_timing(p, q, &entry->timing); 1130 if (p == NULL) 1131 return -EINVAL; 1132 } else { 1133 entry->timing.wait = 0; 1134 entry->timing.ready = 0; 1135 entry->timing.reserved = 0; 1136 } 1137 1138 /* I/O window options */ 1139 if (features & 0x08) { 1140 p = parse_io(p, q, &entry->io); 1141 if (p == NULL) 1142 return -EINVAL; 1143 } else 1144 entry->io.nwin = 0; 1145 1146 /* Interrupt options */ 1147 if (features & 0x10) { 1148 p = parse_irq(p, q, &entry->irq); 1149 if (p == NULL) 1150 return -EINVAL; 1151 } else 1152 entry->irq.IRQInfo1 = 0; 1153 1154 switch (features & 0x60) { 1155 case 0x00: 1156 entry->mem.nwin = 0; 1157 break; 1158 case 0x20: 1159 entry->mem.nwin = 1; 1160 entry->mem.win[0].len = get_unaligned_le16(p) << 8; 1161 entry->mem.win[0].card_addr = 0; 1162 entry->mem.win[0].host_addr = 0; 1163 p += 2; 1164 if (p > q) 1165 return -EINVAL; 1166 break; 1167 case 0x40: 1168 entry->mem.nwin = 1; 1169 entry->mem.win[0].len = get_unaligned_le16(p) << 8; 1170 entry->mem.win[0].card_addr = get_unaligned_le16(p + 2) << 8; 1171 entry->mem.win[0].host_addr = 0; 1172 p += 4; 1173 if (p > q) 1174 return -EINVAL; 1175 break; 1176 case 0x60: 1177 p = parse_mem(p, q, &entry->mem); 1178 if (p == NULL) 1179 return -EINVAL; 1180 break; 1181 } 1182 1183 /* Misc features */ 1184 if (features & 0x80) { 1185 if (p == q) 1186 return -EINVAL; 1187 entry->flags |= (*p << 8); 1188 while (*p & 0x80) 1189 if (++p == q) 1190 return -EINVAL; 1191 p++; 1192 } 1193 1194 entry->subtuples = q-p; 1195 1196 return 0; 1197 } 1198 1199 1200 static int parse_device_geo(tuple_t *tuple, cistpl_device_geo_t *geo) 1201 { 1202 u_char *p, *q; 1203 int n; 1204 1205 p = (u_char *)tuple->TupleData; 1206 q = p + tuple->TupleDataLen; 1207 1208 for (n = 0; n < CISTPL_MAX_DEVICES; n++) { 1209 if (p > q-6) 1210 break; 1211 geo->geo[n].buswidth = p[0]; 1212 geo->geo[n].erase_block = 1 << (p[1]-1); 1213 geo->geo[n].read_block = 1 << (p[2]-1); 1214 geo->geo[n].write_block = 1 << (p[3]-1); 1215 geo->geo[n].partition = 1 << (p[4]-1); 1216 geo->geo[n].interleave = 1 << (p[5]-1); 1217 p += 6; 1218 } 1219 geo->ngeo = n; 1220 return 0; 1221 } 1222 1223 1224 static int parse_vers_2(tuple_t *tuple, cistpl_vers_2_t *v2) 1225 { 1226 u_char *p, *q; 1227 1228 if (tuple->TupleDataLen < 10) 1229 return -EINVAL; 1230 1231 p = tuple->TupleData; 1232 q = p + tuple->TupleDataLen; 1233 1234 v2->vers = p[0]; 1235 v2->comply = p[1]; 1236 v2->dindex = get_unaligned_le16(p + 2); 1237 v2->vspec8 = p[6]; 1238 v2->vspec9 = p[7]; 1239 v2->nhdr = p[8]; 1240 p += 9; 1241 return parse_strings(p, q, 2, v2->str, &v2->vendor, NULL); 1242 } 1243 1244 1245 static int parse_org(tuple_t *tuple, cistpl_org_t *org) 1246 { 1247 u_char *p, *q; 1248 int i; 1249 1250 p = tuple->TupleData; 1251 q = p + tuple->TupleDataLen; 1252 if (p == q) 1253 return -EINVAL; 1254 org->data_org = *p; 1255 if (++p == q) 1256 return -EINVAL; 1257 for (i = 0; i < 30; i++) { 1258 org->desc[i] = *p; 1259 if (*p == '\0') 1260 break; 1261 if (++p == q) 1262 return -EINVAL; 1263 } 1264 return 0; 1265 } 1266 1267 1268 static int parse_format(tuple_t *tuple, cistpl_format_t *fmt) 1269 { 1270 u_char *p; 1271 1272 if (tuple->TupleDataLen < 10) 1273 return -EINVAL; 1274 1275 p = tuple->TupleData; 1276 1277 fmt->type = p[0]; 1278 fmt->edc = p[1]; 1279 fmt->offset = get_unaligned_le32(p + 2); 1280 fmt->length = get_unaligned_le32(p + 6); 1281 1282 return 0; 1283 } 1284 1285 1286 int pcmcia_parse_tuple(tuple_t *tuple, cisparse_t *parse) 1287 { 1288 int ret = 0; 1289 1290 if (tuple->TupleDataLen > tuple->TupleDataMax) 1291 return -EINVAL; 1292 switch (tuple->TupleCode) { 1293 case CISTPL_DEVICE: 1294 case CISTPL_DEVICE_A: 1295 ret = parse_device(tuple, &parse->device); 1296 break; 1297 case CISTPL_CHECKSUM: 1298 ret = parse_checksum(tuple, &parse->checksum); 1299 break; 1300 case CISTPL_LONGLINK_A: 1301 case CISTPL_LONGLINK_C: 1302 ret = parse_longlink(tuple, &parse->longlink); 1303 break; 1304 case CISTPL_LONGLINK_MFC: 1305 ret = parse_longlink_mfc(tuple, &parse->longlink_mfc); 1306 break; 1307 case CISTPL_VERS_1: 1308 ret = parse_vers_1(tuple, &parse->version_1); 1309 break; 1310 case CISTPL_ALTSTR: 1311 ret = parse_altstr(tuple, &parse->altstr); 1312 break; 1313 case CISTPL_JEDEC_A: 1314 case CISTPL_JEDEC_C: 1315 ret = parse_jedec(tuple, &parse->jedec); 1316 break; 1317 case CISTPL_MANFID: 1318 ret = parse_manfid(tuple, &parse->manfid); 1319 break; 1320 case CISTPL_FUNCID: 1321 ret = parse_funcid(tuple, &parse->funcid); 1322 break; 1323 case CISTPL_FUNCE: 1324 ret = parse_funce(tuple, &parse->funce); 1325 break; 1326 case CISTPL_CONFIG: 1327 ret = parse_config(tuple, &parse->config); 1328 break; 1329 case CISTPL_CFTABLE_ENTRY: 1330 ret = parse_cftable_entry(tuple, &parse->cftable_entry); 1331 break; 1332 case CISTPL_DEVICE_GEO: 1333 case CISTPL_DEVICE_GEO_A: 1334 ret = parse_device_geo(tuple, &parse->device_geo); 1335 break; 1336 case CISTPL_VERS_2: 1337 ret = parse_vers_2(tuple, &parse->vers_2); 1338 break; 1339 case CISTPL_ORG: 1340 ret = parse_org(tuple, &parse->org); 1341 break; 1342 case CISTPL_FORMAT: 1343 case CISTPL_FORMAT_A: 1344 ret = parse_format(tuple, &parse->format); 1345 break; 1346 case CISTPL_NO_LINK: 1347 case CISTPL_LINKTARGET: 1348 ret = 0; 1349 break; 1350 default: 1351 ret = -EINVAL; 1352 break; 1353 } 1354 if (ret) 1355 pr_debug("parse_tuple failed %d\n", ret); 1356 return ret; 1357 } 1358 EXPORT_SYMBOL(pcmcia_parse_tuple); 1359 1360 1361 /** 1362 * pccard_validate_cis() - check whether card has a sensible CIS 1363 * @s: the struct pcmcia_socket we are to check 1364 * @info: returns the number of tuples in the (valid) CIS, or 0 1365 * 1366 * This tries to determine if a card has a sensible CIS. In @info, it 1367 * returns the number of tuples in the CIS, or 0 if the CIS looks bad. The 1368 * checks include making sure several critical tuples are present and 1369 * valid; seeing if the total number of tuples is reasonable; and 1370 * looking for tuples that use reserved codes. 1371 * 1372 * The function returns 0 on success. 1373 */ 1374 int pccard_validate_cis(struct pcmcia_socket *s, unsigned int *info) 1375 { 1376 tuple_t *tuple; 1377 cisparse_t *p; 1378 unsigned int count = 0; 1379 int ret, reserved, dev_ok = 0, ident_ok = 0; 1380 1381 if (!s) 1382 return -EINVAL; 1383 1384 if (s->functions || !(s->state & SOCKET_PRESENT)) { 1385 WARN_ON(1); 1386 return -EINVAL; 1387 } 1388 1389 /* We do not want to validate the CIS cache... */ 1390 mutex_lock(&s->ops_mutex); 1391 destroy_cis_cache(s); 1392 mutex_unlock(&s->ops_mutex); 1393 1394 tuple = kmalloc(sizeof(*tuple), GFP_KERNEL); 1395 if (tuple == NULL) { 1396 dev_warn(&s->dev, "no memory to validate CIS\n"); 1397 return -ENOMEM; 1398 } 1399 p = kmalloc(sizeof(*p), GFP_KERNEL); 1400 if (p == NULL) { 1401 kfree(tuple); 1402 dev_warn(&s->dev, "no memory to validate CIS\n"); 1403 return -ENOMEM; 1404 } 1405 1406 count = reserved = 0; 1407 tuple->DesiredTuple = RETURN_FIRST_TUPLE; 1408 tuple->Attributes = TUPLE_RETURN_COMMON; 1409 ret = pccard_get_first_tuple(s, BIND_FN_ALL, tuple); 1410 if (ret != 0) 1411 goto done; 1412 1413 /* First tuple should be DEVICE; we should really have either that 1414 or a CFTABLE_ENTRY of some sort */ 1415 if ((tuple->TupleCode == CISTPL_DEVICE) || 1416 (!pccard_read_tuple(s, BIND_FN_ALL, CISTPL_CFTABLE_ENTRY, p)) || 1417 (!pccard_read_tuple(s, BIND_FN_ALL, CISTPL_CFTABLE_ENTRY_CB, p))) 1418 dev_ok++; 1419 1420 /* All cards should have a MANFID tuple, and/or a VERS_1 or VERS_2 1421 tuple, for card identification. Certain old D-Link and Linksys 1422 cards have only a broken VERS_2 tuple; hence the bogus test. */ 1423 if ((pccard_read_tuple(s, BIND_FN_ALL, CISTPL_MANFID, p) == 0) || 1424 (pccard_read_tuple(s, BIND_FN_ALL, CISTPL_VERS_1, p) == 0) || 1425 (pccard_read_tuple(s, BIND_FN_ALL, CISTPL_VERS_2, p) != -ENOSPC)) 1426 ident_ok++; 1427 1428 if (!dev_ok && !ident_ok) 1429 goto done; 1430 1431 for (count = 1; count < MAX_TUPLES; count++) { 1432 ret = pccard_get_next_tuple(s, BIND_FN_ALL, tuple); 1433 if (ret != 0) 1434 break; 1435 if (((tuple->TupleCode > 0x23) && (tuple->TupleCode < 0x40)) || 1436 ((tuple->TupleCode > 0x47) && (tuple->TupleCode < 0x80)) || 1437 ((tuple->TupleCode > 0x90) && (tuple->TupleCode < 0xff))) 1438 reserved++; 1439 } 1440 if ((count == MAX_TUPLES) || (reserved > 5) || 1441 ((!dev_ok || !ident_ok) && (count > 10))) 1442 count = 0; 1443 1444 ret = 0; 1445 1446 done: 1447 /* invalidate CIS cache on failure */ 1448 if (!dev_ok || !ident_ok || !count) { 1449 mutex_lock(&s->ops_mutex); 1450 destroy_cis_cache(s); 1451 mutex_unlock(&s->ops_mutex); 1452 /* We differentiate between dev_ok, ident_ok and count 1453 failures to allow for an override for anonymous cards 1454 in ds.c */ 1455 if (!dev_ok || !ident_ok) 1456 ret = -EIO; 1457 else 1458 ret = -EFAULT; 1459 } 1460 1461 if (info) 1462 *info = count; 1463 kfree(tuple); 1464 kfree(p); 1465 return ret; 1466 } 1467 1468 1469 #define to_socket(_dev) container_of(_dev, struct pcmcia_socket, dev) 1470 1471 static ssize_t pccard_extract_cis(struct pcmcia_socket *s, char *buf, 1472 loff_t off, size_t count) 1473 { 1474 tuple_t tuple; 1475 int status, i; 1476 loff_t pointer = 0; 1477 ssize_t ret = 0; 1478 u_char *tuplebuffer; 1479 u_char *tempbuffer; 1480 1481 tuplebuffer = kmalloc_array(256, sizeof(u_char), GFP_KERNEL); 1482 if (!tuplebuffer) 1483 return -ENOMEM; 1484 1485 tempbuffer = kmalloc_array(258, sizeof(u_char), GFP_KERNEL); 1486 if (!tempbuffer) { 1487 ret = -ENOMEM; 1488 goto free_tuple; 1489 } 1490 1491 memset(&tuple, 0, sizeof(tuple_t)); 1492 1493 tuple.Attributes = TUPLE_RETURN_LINK | TUPLE_RETURN_COMMON; 1494 tuple.DesiredTuple = RETURN_FIRST_TUPLE; 1495 tuple.TupleOffset = 0; 1496 1497 status = pccard_get_first_tuple(s, BIND_FN_ALL, &tuple); 1498 while (!status) { 1499 tuple.TupleData = tuplebuffer; 1500 tuple.TupleDataMax = 255; 1501 memset(tuplebuffer, 0, sizeof(u_char) * 255); 1502 1503 status = pccard_get_tuple_data(s, &tuple); 1504 if (status) 1505 break; 1506 1507 if (off < (pointer + 2 + tuple.TupleDataLen)) { 1508 tempbuffer[0] = tuple.TupleCode & 0xff; 1509 tempbuffer[1] = tuple.TupleLink & 0xff; 1510 for (i = 0; i < tuple.TupleDataLen; i++) 1511 tempbuffer[i + 2] = tuplebuffer[i] & 0xff; 1512 1513 for (i = 0; i < (2 + tuple.TupleDataLen); i++) { 1514 if (((i + pointer) >= off) && 1515 (i + pointer) < (off + count)) { 1516 buf[ret] = tempbuffer[i]; 1517 ret++; 1518 } 1519 } 1520 } 1521 1522 pointer += 2 + tuple.TupleDataLen; 1523 1524 if (pointer >= (off + count)) 1525 break; 1526 1527 if (tuple.TupleCode == CISTPL_END) 1528 break; 1529 status = pccard_get_next_tuple(s, BIND_FN_ALL, &tuple); 1530 } 1531 1532 kfree(tempbuffer); 1533 free_tuple: 1534 kfree(tuplebuffer); 1535 1536 return ret; 1537 } 1538 1539 1540 static ssize_t pccard_show_cis(struct file *filp, struct kobject *kobj, 1541 struct bin_attribute *bin_attr, 1542 char *buf, loff_t off, size_t count) 1543 { 1544 unsigned int size = 0x200; 1545 1546 if (off >= size) 1547 count = 0; 1548 else { 1549 struct pcmcia_socket *s; 1550 unsigned int chains = 1; 1551 1552 if (off + count > size) 1553 count = size - off; 1554 1555 s = to_socket(container_of(kobj, struct device, kobj)); 1556 1557 if (!(s->state & SOCKET_PRESENT)) 1558 return -ENODEV; 1559 if (!s->functions && pccard_validate_cis(s, &chains)) 1560 return -EIO; 1561 if (!chains) 1562 return -ENODATA; 1563 1564 count = pccard_extract_cis(s, buf, off, count); 1565 } 1566 1567 return count; 1568 } 1569 1570 1571 static ssize_t pccard_store_cis(struct file *filp, struct kobject *kobj, 1572 struct bin_attribute *bin_attr, 1573 char *buf, loff_t off, size_t count) 1574 { 1575 struct pcmcia_socket *s; 1576 int error; 1577 1578 s = to_socket(container_of(kobj, struct device, kobj)); 1579 1580 if (off) 1581 return -EINVAL; 1582 1583 if (count >= CISTPL_MAX_CIS_SIZE) 1584 return -EINVAL; 1585 1586 if (!(s->state & SOCKET_PRESENT)) 1587 return -ENODEV; 1588 1589 error = pcmcia_replace_cis(s, buf, count); 1590 if (error) 1591 return -EIO; 1592 1593 pcmcia_parse_uevents(s, PCMCIA_UEVENT_REQUERY); 1594 1595 return count; 1596 } 1597 1598 1599 const struct bin_attribute pccard_cis_attr = { 1600 .attr = { .name = "cis", .mode = S_IRUGO | S_IWUSR }, 1601 .size = 0x200, 1602 .read = pccard_show_cis, 1603 .write = pccard_store_cis, 1604 }; 1605