1/* 2 * Copyright (c) 2010 QLogic Corporation. All rights reserved. 3 * Copyright (c) 2006, 2007, 2008, 2009 QLogic Corporation. All rights reserved. 4 * Copyright (c) 2003, 2004, 2005, 2006 PathScale, Inc. All rights reserved. 5 * 6 * This software is available to you under a choice of one of two 7 * licenses. You may choose to be licensed under the terms of the GNU 8 * General Public License (GPL) Version 2, available from the file 9 * COPYING in the main directory of this source tree, or the 10 * OpenIB.org BSD license below: 11 * 12 * Redistribution and use in source and binary forms, with or 13 * without modification, are permitted provided that the following 14 * conditions are met: 15 * 16 * - Redistributions of source code must retain the above 17 * copyright notice, this list of conditions and the following 18 * disclaimer. 19 * 20 * - Redistributions in binary form must reproduce the above 21 * copyright notice, this list of conditions and the following 22 * disclaimer in the documentation and/or other materials 23 * provided with the distribution. 24 * 25 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, 26 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF 27 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND 28 * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS 29 * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN 30 * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 31 * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 32 * SOFTWARE. 33 */ 34 35/* 36 * This file contains support for diagnostic functions. It is accessed by 37 * opening the qib_diag device, normally minor number 129. Diagnostic use 38 * of the QLogic_IB chip may render the chip or board unusable until the 39 * driver is unloaded, or in some cases, until the system is rebooted. 40 * 41 * Accesses to the chip through this interface are not similar to going 42 * through the /sys/bus/pci resource mmap interface. 43 */ 44 45#include <linux/io.h> 46#include <linux/pci.h> 47#include <linux/poll.h> 48#include <linux/vmalloc.h> 49#include <linux/fs.h> 50#include <linux/uaccess.h> 51 52#include "qib.h" 53#include "qib_common.h" 54 55/* 56 * Each client that opens the diag device must read then write 57 * offset 0, to prevent lossage from random cat or od. diag_state 58 * sequences this "handshake". 59 */ 60enum diag_state { UNUSED = 0, OPENED, INIT, READY }; 61 62/* State for an individual client. PID so children cannot abuse handshake */ 63static struct qib_diag_client { 64 struct qib_diag_client *next; 65 struct qib_devdata *dd; 66 pid_t pid; 67 enum diag_state state; 68} *client_pool; 69 70/* 71 * Get a client struct. Recycled if possible, else kmalloc. 72 * Must be called with qib_mutex held 73 */ 74static struct qib_diag_client *get_client(struct qib_devdata *dd) 75{ 76 struct qib_diag_client *dc; 77 78 dc = client_pool; 79 if (dc) 80 /* got from pool remove it and use */ 81 client_pool = dc->next; 82 else 83 /* None in pool, alloc and init */ 84 dc = kmalloc(sizeof *dc, GFP_KERNEL); 85 86 if (dc) { 87 dc->next = NULL; 88 dc->dd = dd; 89 dc->pid = current->pid; 90 dc->state = OPENED; 91 } 92 return dc; 93} 94 95/* 96 * Return to pool. Must be called with qib_mutex held 97 */ 98static void return_client(struct qib_diag_client *dc) 99{ 100 struct qib_devdata *dd = dc->dd; 101 struct qib_diag_client *tdc, *rdc; 102 103 rdc = NULL; 104 if (dc == dd->diag_client) { 105 dd->diag_client = dc->next; 106 rdc = dc; 107 } else { 108 tdc = dc->dd->diag_client; 109 while (tdc) { 110 if (dc == tdc->next) { 111 tdc->next = dc->next; 112 rdc = dc; 113 break; 114 } 115 tdc = tdc->next; 116 } 117 } 118 if (rdc) { 119 rdc->state = UNUSED; 120 rdc->dd = NULL; 121 rdc->pid = 0; 122 rdc->next = client_pool; 123 client_pool = rdc; 124 } 125} 126 127static int qib_diag_open(struct inode *in, struct file *fp); 128static int qib_diag_release(struct inode *in, struct file *fp); 129static ssize_t qib_diag_read(struct file *fp, char __user *data, 130 size_t count, loff_t *off); 131static ssize_t qib_diag_write(struct file *fp, const char __user *data, 132 size_t count, loff_t *off); 133 134static const struct file_operations diag_file_ops = { 135 .owner = THIS_MODULE, 136 .write = qib_diag_write, 137 .read = qib_diag_read, 138 .open = qib_diag_open, 139 .release = qib_diag_release 140}; 141 142static atomic_t diagpkt_count = ATOMIC_INIT(0); 143static struct cdev *diagpkt_cdev; 144static struct device *diagpkt_device; 145 146static ssize_t qib_diagpkt_write(struct file *fp, const char __user *data, 147 size_t count, loff_t *off); 148 149static const struct file_operations diagpkt_file_ops = { 150 .owner = THIS_MODULE, 151 .write = qib_diagpkt_write, 152}; 153 154int qib_diag_add(struct qib_devdata *dd) 155{ 156 char name[16]; 157 int ret = 0; 158 159 if (atomic_inc_return(&diagpkt_count) == 1) { 160 ret = qib_cdev_init(QIB_DIAGPKT_MINOR, "ipath_diagpkt", 161 &diagpkt_file_ops, &diagpkt_cdev, 162 &diagpkt_device); 163 if (ret) 164 goto done; 165 } 166 167 snprintf(name, sizeof(name), "ipath_diag%d", dd->unit); 168 ret = qib_cdev_init(QIB_DIAG_MINOR_BASE + dd->unit, name, 169 &diag_file_ops, &dd->diag_cdev, 170 &dd->diag_device); 171done: 172 return ret; 173} 174 175static void qib_unregister_observers(struct qib_devdata *dd); 176 177void qib_diag_remove(struct qib_devdata *dd) 178{ 179 struct qib_diag_client *dc; 180 181 if (atomic_dec_and_test(&diagpkt_count)) 182 qib_cdev_cleanup(&diagpkt_cdev, &diagpkt_device); 183 184 qib_cdev_cleanup(&dd->diag_cdev, &dd->diag_device); 185 186 /* 187 * Return all diag_clients of this device. There should be none, 188 * as we are "guaranteed" that no clients are still open 189 */ 190 while (dd->diag_client) 191 return_client(dd->diag_client); 192 193 /* Now clean up all unused client structs */ 194 while (client_pool) { 195 dc = client_pool; 196 client_pool = dc->next; 197 kfree(dc); 198 } 199 /* Clean up observer list */ 200 qib_unregister_observers(dd); 201} 202 203/* qib_remap_ioaddr32 - remap an offset into chip address space to __iomem * 204 * 205 * @dd: the qlogic_ib device 206 * @offs: the offset in chip-space 207 * @cntp: Pointer to max (byte) count for transfer starting at offset 208 * This returns a u32 __iomem * so it can be used for both 64 and 32-bit 209 * mapping. It is needed because with the use of PAT for control of 210 * write-combining, the logically contiguous address-space of the chip 211 * may be split into virtually non-contiguous spaces, with different 212 * attributes, which are them mapped to contiguous physical space 213 * based from the first BAR. 214 * 215 * The code below makes the same assumptions as were made in 216 * init_chip_wc_pat() (qib_init.c), copied here: 217 * Assumes chip address space looks like: 218 * - kregs + sregs + cregs + uregs (in any order) 219 * - piobufs (2K and 4K bufs in either order) 220 * or: 221 * - kregs + sregs + cregs (in any order) 222 * - piobufs (2K and 4K bufs in either order) 223 * - uregs 224 * 225 * If cntp is non-NULL, returns how many bytes from offset can be accessed 226 * Returns 0 if the offset is not mapped. 227 */ 228static u32 __iomem *qib_remap_ioaddr32(struct qib_devdata *dd, u32 offset, 229 u32 *cntp) 230{ 231 u32 kreglen; 232 u32 snd_bottom, snd_lim = 0; 233 u32 __iomem *krb32 = (u32 __iomem *)dd->kregbase; 234 u32 __iomem *map = NULL; 235 u32 cnt = 0; 236 u32 tot4k, offs4k; 237 238 /* First, simplest case, offset is within the first map. */ 239 kreglen = (dd->kregend - dd->kregbase) * sizeof(u64); 240 if (offset < kreglen) { 241 map = krb32 + (offset / sizeof(u32)); 242 cnt = kreglen - offset; 243 goto mapped; 244 } 245 246 /* 247 * Next check for user regs, the next most common case, 248 * and a cheap check because if they are not in the first map 249 * they are last in chip. 250 */ 251 if (dd->userbase) { 252 /* If user regs mapped, they are after send, so set limit. */ 253 u32 ulim = (dd->cfgctxts * dd->ureg_align) + dd->uregbase; 254 if (!dd->piovl15base) 255 snd_lim = dd->uregbase; 256 krb32 = (u32 __iomem *)dd->userbase; 257 if (offset >= dd->uregbase && offset < ulim) { 258 map = krb32 + (offset - dd->uregbase) / sizeof(u32); 259 cnt = ulim - offset; 260 goto mapped; 261 } 262 } 263 264 /* 265 * Lastly, check for offset within Send Buffers. 266 * This is gnarly because struct devdata is deliberately vague 267 * about things like 7322 VL15 buffers, and we are not in 268 * chip-specific code here, so should not make many assumptions. 269 * The one we _do_ make is that the only chip that has more sndbufs 270 * than we admit is the 7322, and it has userregs above that, so 271 * we know the snd_lim. 272 */ 273 /* Assume 2K buffers are first. */ 274 snd_bottom = dd->pio2k_bufbase; 275 if (snd_lim == 0) { 276 u32 tot2k = dd->piobcnt2k * ALIGN(dd->piosize2k, dd->palign); 277 snd_lim = snd_bottom + tot2k; 278 } 279 /* If 4k buffers exist, account for them by bumping 280 * appropriate limit. 281 */ 282 tot4k = dd->piobcnt4k * dd->align4k; 283 offs4k = dd->piobufbase >> 32; 284 if (dd->piobcnt4k) { 285 if (snd_bottom > offs4k) 286 snd_bottom = offs4k; 287 else { 288 /* 4k above 2k. Bump snd_lim, if needed*/ 289 if (!dd->userbase || dd->piovl15base) 290 snd_lim = offs4k + tot4k; 291 } 292 } 293 /* 294 * Judgement call: can we ignore the space between SendBuffs and 295 * UserRegs, where we would like to see vl15 buffs, but not more? 296 */ 297 if (offset >= snd_bottom && offset < snd_lim) { 298 offset -= snd_bottom; 299 map = (u32 __iomem *)dd->piobase + (offset / sizeof(u32)); 300 cnt = snd_lim - offset; 301 } 302 303 if (!map && offs4k && dd->piovl15base) { 304 snd_lim = offs4k + tot4k + 2 * dd->align4k; 305 if (offset >= (offs4k + tot4k) && offset < snd_lim) { 306 map = (u32 __iomem *)dd->piovl15base + 307 ((offset - (offs4k + tot4k)) / sizeof(u32)); 308 cnt = snd_lim - offset; 309 } 310 } 311 312mapped: 313 if (cntp) 314 *cntp = cnt; 315 return map; 316} 317 318/* 319 * qib_read_umem64 - read a 64-bit quantity from the chip into user space 320 * @dd: the qlogic_ib device 321 * @uaddr: the location to store the data in user memory 322 * @regoffs: the offset from BAR0 (_NOT_ full pointer, anymore) 323 * @count: number of bytes to copy (multiple of 32 bits) 324 * 325 * This function also localizes all chip memory accesses. 326 * The copy should be written such that we read full cacheline packets 327 * from the chip. This is usually used for a single qword 328 * 329 * NOTE: This assumes the chip address is 64-bit aligned. 330 */ 331static int qib_read_umem64(struct qib_devdata *dd, void __user *uaddr, 332 u32 regoffs, size_t count) 333{ 334 const u64 __iomem *reg_addr; 335 const u64 __iomem *reg_end; 336 u32 limit; 337 int ret; 338 339 reg_addr = (const u64 __iomem *)qib_remap_ioaddr32(dd, regoffs, &limit); 340 if (reg_addr == NULL || limit == 0 || !(dd->flags & QIB_PRESENT)) { 341 ret = -EINVAL; 342 goto bail; 343 } 344 if (count >= limit) 345 count = limit; 346 reg_end = reg_addr + (count / sizeof(u64)); 347 348 /* not very efficient, but it works for now */ 349 while (reg_addr < reg_end) { 350 u64 data = readq(reg_addr); 351 352 if (copy_to_user(uaddr, &data, sizeof(u64))) { 353 ret = -EFAULT; 354 goto bail; 355 } 356 reg_addr++; 357 uaddr += sizeof(u64); 358 } 359 ret = 0; 360bail: 361 return ret; 362} 363 364/* 365 * qib_write_umem64 - write a 64-bit quantity to the chip from user space 366 * @dd: the qlogic_ib device 367 * @regoffs: the offset from BAR0 (_NOT_ full pointer, anymore) 368 * @uaddr: the source of the data in user memory 369 * @count: the number of bytes to copy (multiple of 32 bits) 370 * 371 * This is usually used for a single qword 372 * NOTE: This assumes the chip address is 64-bit aligned. 373 */ 374 375static int qib_write_umem64(struct qib_devdata *dd, u32 regoffs, 376 const void __user *uaddr, size_t count) 377{ 378 u64 __iomem *reg_addr; 379 const u64 __iomem *reg_end; 380 u32 limit; 381 int ret; 382 383 reg_addr = (u64 __iomem *)qib_remap_ioaddr32(dd, regoffs, &limit); 384 if (reg_addr == NULL || limit == 0 || !(dd->flags & QIB_PRESENT)) { 385 ret = -EINVAL; 386 goto bail; 387 } 388 if (count >= limit) 389 count = limit; 390 reg_end = reg_addr + (count / sizeof(u64)); 391 392 /* not very efficient, but it works for now */ 393 while (reg_addr < reg_end) { 394 u64 data; 395 if (copy_from_user(&data, uaddr, sizeof(data))) { 396 ret = -EFAULT; 397 goto bail; 398 } 399 writeq(data, reg_addr); 400 401 reg_addr++; 402 uaddr += sizeof(u64); 403 } 404 ret = 0; 405bail: 406 return ret; 407} 408 409/* 410 * qib_read_umem32 - read a 32-bit quantity from the chip into user space 411 * @dd: the qlogic_ib device 412 * @uaddr: the location to store the data in user memory 413 * @regoffs: the offset from BAR0 (_NOT_ full pointer, anymore) 414 * @count: number of bytes to copy 415 * 416 * read 32 bit values, not 64 bit; for memories that only 417 * support 32 bit reads; usually a single dword. 418 */ 419static int qib_read_umem32(struct qib_devdata *dd, void __user *uaddr, 420 u32 regoffs, size_t count) 421{ 422 const u32 __iomem *reg_addr; 423 const u32 __iomem *reg_end; 424 u32 limit; 425 int ret; 426 427 reg_addr = qib_remap_ioaddr32(dd, regoffs, &limit); 428 if (reg_addr == NULL || limit == 0 || !(dd->flags & QIB_PRESENT)) { 429 ret = -EINVAL; 430 goto bail; 431 } 432 if (count >= limit) 433 count = limit; 434 reg_end = reg_addr + (count / sizeof(u32)); 435 436 /* not very efficient, but it works for now */ 437 while (reg_addr < reg_end) { 438 u32 data = readl(reg_addr); 439 440 if (copy_to_user(uaddr, &data, sizeof(data))) { 441 ret = -EFAULT; 442 goto bail; 443 } 444 445 reg_addr++; 446 uaddr += sizeof(u32); 447 448 } 449 ret = 0; 450bail: 451 return ret; 452} 453 454/* 455 * qib_write_umem32 - write a 32-bit quantity to the chip from user space 456 * @dd: the qlogic_ib device 457 * @regoffs: the offset from BAR0 (_NOT_ full pointer, anymore) 458 * @uaddr: the source of the data in user memory 459 * @count: number of bytes to copy 460 * 461 * write 32 bit values, not 64 bit; for memories that only 462 * support 32 bit write; usually a single dword. 463 */ 464 465static int qib_write_umem32(struct qib_devdata *dd, u32 regoffs, 466 const void __user *uaddr, size_t count) 467{ 468 u32 __iomem *reg_addr; 469 const u32 __iomem *reg_end; 470 u32 limit; 471 int ret; 472 473 reg_addr = qib_remap_ioaddr32(dd, regoffs, &limit); 474 if (reg_addr == NULL || limit == 0 || !(dd->flags & QIB_PRESENT)) { 475 ret = -EINVAL; 476 goto bail; 477 } 478 if (count >= limit) 479 count = limit; 480 reg_end = reg_addr + (count / sizeof(u32)); 481 482 while (reg_addr < reg_end) { 483 u32 data; 484 485 if (copy_from_user(&data, uaddr, sizeof(data))) { 486 ret = -EFAULT; 487 goto bail; 488 } 489 writel(data, reg_addr); 490 491 reg_addr++; 492 uaddr += sizeof(u32); 493 } 494 ret = 0; 495bail: 496 return ret; 497} 498 499static int qib_diag_open(struct inode *in, struct file *fp) 500{ 501 int unit = iminor(in) - QIB_DIAG_MINOR_BASE; 502 struct qib_devdata *dd; 503 struct qib_diag_client *dc; 504 int ret; 505 506 mutex_lock(&qib_mutex); 507 508 dd = qib_lookup(unit); 509 510 if (dd == NULL || !(dd->flags & QIB_PRESENT) || 511 !dd->kregbase) { 512 ret = -ENODEV; 513 goto bail; 514 } 515 516 dc = get_client(dd); 517 if (!dc) { 518 ret = -ENOMEM; 519 goto bail; 520 } 521 dc->next = dd->diag_client; 522 dd->diag_client = dc; 523 fp->private_data = dc; 524 ret = 0; 525bail: 526 mutex_unlock(&qib_mutex); 527 528 return ret; 529} 530 531/** 532 * qib_diagpkt_write - write an IB packet 533 * @fp: the diag data device file pointer 534 * @data: qib_diag_pkt structure saying where to get the packet 535 * @count: size of data to write 536 * @off: unused by this code 537 */ 538static ssize_t qib_diagpkt_write(struct file *fp, 539 const char __user *data, 540 size_t count, loff_t *off) 541{ 542 u32 __iomem *piobuf; 543 u32 plen, clen, pbufn; 544 struct qib_diag_xpkt dp; 545 u32 *tmpbuf = NULL; 546 struct qib_devdata *dd; 547 struct qib_pportdata *ppd; 548 ssize_t ret = 0; 549 550 if (count != sizeof(dp)) { 551 ret = -EINVAL; 552 goto bail; 553 } 554 if (copy_from_user(&dp, data, sizeof(dp))) { 555 ret = -EFAULT; 556 goto bail; 557 } 558 559 dd = qib_lookup(dp.unit); 560 if (!dd || !(dd->flags & QIB_PRESENT) || !dd->kregbase) { 561 ret = -ENODEV; 562 goto bail; 563 } 564 if (!(dd->flags & QIB_INITTED)) { 565 /* no hardware, freeze, etc. */ 566 ret = -ENODEV; 567 goto bail; 568 } 569 570 if (dp.version != _DIAG_XPKT_VERS) { 571 qib_dev_err(dd, "Invalid version %u for diagpkt_write\n", 572 dp.version); 573 ret = -EINVAL; 574 goto bail; 575 } 576 /* send count must be an exact number of dwords */ 577 if (dp.len & 3) { 578 ret = -EINVAL; 579 goto bail; 580 } 581 if (!dp.port || dp.port > dd->num_pports) { 582 ret = -EINVAL; 583 goto bail; 584 } 585 ppd = &dd->pport[dp.port - 1]; 586 587 /* need total length before first word written */ 588 /* +1 word is for the qword padding */ 589 plen = sizeof(u32) + dp.len; 590 clen = dp.len >> 2; 591 592 if ((plen + 4) > ppd->ibmaxlen) { 593 ret = -EINVAL; 594 goto bail; /* before writing pbc */ 595 } 596 tmpbuf = vmalloc(plen); 597 if (!tmpbuf) { 598 qib_devinfo(dd->pcidev, "Unable to allocate tmp buffer, " 599 "failing\n"); 600 ret = -ENOMEM; 601 goto bail; 602 } 603 604 if (copy_from_user(tmpbuf, 605 (const void __user *) (unsigned long) dp.data, 606 dp.len)) { 607 ret = -EFAULT; 608 goto bail; 609 } 610 611 plen >>= 2; /* in dwords */ 612 613 if (dp.pbc_wd == 0) 614 dp.pbc_wd = plen; 615 616 piobuf = dd->f_getsendbuf(ppd, dp.pbc_wd, &pbufn); 617 if (!piobuf) { 618 ret = -EBUSY; 619 goto bail; 620 } 621 /* disarm it just to be extra sure */ 622 dd->f_sendctrl(dd->pport, QIB_SENDCTRL_DISARM_BUF(pbufn)); 623 624 /* disable header check on pbufn for this packet */ 625 dd->f_txchk_change(dd, pbufn, 1, TXCHK_CHG_TYPE_DIS1, NULL); 626 627 writeq(dp.pbc_wd, piobuf); 628 /* 629 * Copy all but the trigger word, then flush, so it's written 630 * to chip before trigger word, then write trigger word, then 631 * flush again, so packet is sent. 632 */ 633 if (dd->flags & QIB_PIO_FLUSH_WC) { 634 qib_flush_wc(); 635 qib_pio_copy(piobuf + 2, tmpbuf, clen - 1); 636 qib_flush_wc(); 637 __raw_writel(tmpbuf[clen - 1], piobuf + clen + 1); 638 } else 639 qib_pio_copy(piobuf + 2, tmpbuf, clen); 640 641 if (dd->flags & QIB_USE_SPCL_TRIG) { 642 u32 spcl_off = (pbufn >= dd->piobcnt2k) ? 2047 : 1023; 643 644 qib_flush_wc(); 645 __raw_writel(0xaebecede, piobuf + spcl_off); 646 } 647 648 /* 649 * Ensure buffer is written to the chip, then re-enable 650 * header checks (if supported by chip). The txchk 651 * code will ensure seen by chip before returning. 652 */ 653 qib_flush_wc(); 654 qib_sendbuf_done(dd, pbufn); 655 dd->f_txchk_change(dd, pbufn, 1, TXCHK_CHG_TYPE_ENAB1, NULL); 656 657 ret = sizeof(dp); 658 659bail: 660 vfree(tmpbuf); 661 return ret; 662} 663 664static int qib_diag_release(struct inode *in, struct file *fp) 665{ 666 mutex_lock(&qib_mutex); 667 return_client(fp->private_data); 668 fp->private_data = NULL; 669 mutex_unlock(&qib_mutex); 670 return 0; 671} 672 673/* 674 * Chip-specific code calls to register its interest in 675 * a specific range. 676 */ 677struct diag_observer_list_elt { 678 struct diag_observer_list_elt *next; 679 const struct diag_observer *op; 680}; 681 682int qib_register_observer(struct qib_devdata *dd, 683 const struct diag_observer *op) 684{ 685 struct diag_observer_list_elt *olp; 686 int ret = -EINVAL; 687 688 if (!dd || !op) 689 goto bail; 690 ret = -ENOMEM; 691 olp = vmalloc(sizeof *olp); 692 if (!olp) { 693 printk(KERN_ERR QIB_DRV_NAME ": vmalloc for observer failed\n"); 694 goto bail; 695 } 696 if (olp) { 697 unsigned long flags; 698 699 spin_lock_irqsave(&dd->qib_diag_trans_lock, flags); 700 olp->op = op; 701 olp->next = dd->diag_observer_list; 702 dd->diag_observer_list = olp; 703 spin_unlock_irqrestore(&dd->qib_diag_trans_lock, flags); 704 ret = 0; 705 } 706bail: 707 return ret; 708} 709 710/* Remove all registered observers when device is closed */ 711static void qib_unregister_observers(struct qib_devdata *dd) 712{ 713 struct diag_observer_list_elt *olp; 714 unsigned long flags; 715 716 spin_lock_irqsave(&dd->qib_diag_trans_lock, flags); 717 olp = dd->diag_observer_list; 718 while (olp) { 719 /* Pop one observer, let go of lock */ 720 dd->diag_observer_list = olp->next; 721 spin_unlock_irqrestore(&dd->qib_diag_trans_lock, flags); 722 vfree(olp); 723 /* try again. */ 724 spin_lock_irqsave(&dd->qib_diag_trans_lock, flags); 725 olp = dd->diag_observer_list; 726 } 727 spin_unlock_irqrestore(&dd->qib_diag_trans_lock, flags); 728} 729 730/* 731 * Find the observer, if any, for the specified address. Initial implementation 732 * is simple stack of observers. This must be called with diag transaction 733 * lock held. 734 */ 735static const struct diag_observer *diag_get_observer(struct qib_devdata *dd, 736 u32 addr) 737{ 738 struct diag_observer_list_elt *olp; 739 const struct diag_observer *op = NULL; 740 741 olp = dd->diag_observer_list; 742 while (olp) { 743 op = olp->op; 744 if (addr >= op->bottom && addr <= op->top) 745 break; 746 olp = olp->next; 747 } 748 if (!olp) 749 op = NULL; 750 751 return op; 752} 753 754static ssize_t qib_diag_read(struct file *fp, char __user *data, 755 size_t count, loff_t *off) 756{ 757 struct qib_diag_client *dc = fp->private_data; 758 struct qib_devdata *dd = dc->dd; 759 void __iomem *kreg_base; 760 ssize_t ret; 761 762 if (dc->pid != current->pid) { 763 ret = -EPERM; 764 goto bail; 765 } 766 767 kreg_base = dd->kregbase; 768 769 if (count == 0) 770 ret = 0; 771 else if ((count % 4) || (*off % 4)) 772 /* address or length is not 32-bit aligned, hence invalid */ 773 ret = -EINVAL; 774 else if (dc->state < READY && (*off || count != 8)) 775 ret = -EINVAL; /* prevent cat /dev/qib_diag* */ 776 else { 777 unsigned long flags; 778 u64 data64 = 0; 779 int use_32; 780 const struct diag_observer *op; 781 782 use_32 = (count % 8) || (*off % 8); 783 ret = -1; 784 spin_lock_irqsave(&dd->qib_diag_trans_lock, flags); 785 /* 786 * Check for observer on this address range. 787 * we only support a single 32 or 64-bit read 788 * via observer, currently. 789 */ 790 op = diag_get_observer(dd, *off); 791 if (op) { 792 u32 offset = *off; 793 ret = op->hook(dd, op, offset, &data64, 0, use_32); 794 } 795 /* 796 * We need to release lock before any copy_to_user(), 797 * whether implicit in qib_read_umem* or explicit below. 798 */ 799 spin_unlock_irqrestore(&dd->qib_diag_trans_lock, flags); 800 if (!op) { 801 if (use_32) 802 /* 803 * Address or length is not 64-bit aligned; 804 * do 32-bit rd 805 */ 806 ret = qib_read_umem32(dd, data, (u32) *off, 807 count); 808 else 809 ret = qib_read_umem64(dd, data, (u32) *off, 810 count); 811 } else if (ret == count) { 812 /* Below finishes case where observer existed */ 813 ret = copy_to_user(data, &data64, use_32 ? 814 sizeof(u32) : sizeof(u64)); 815 if (ret) 816 ret = -EFAULT; 817 } 818 } 819 820 if (ret >= 0) { 821 *off += count; 822 ret = count; 823 if (dc->state == OPENED) 824 dc->state = INIT; 825 } 826bail: 827 return ret; 828} 829 830static ssize_t qib_diag_write(struct file *fp, const char __user *data, 831 size_t count, loff_t *off) 832{ 833 struct qib_diag_client *dc = fp->private_data; 834 struct qib_devdata *dd = dc->dd; 835 void __iomem *kreg_base; 836 ssize_t ret; 837 838 if (dc->pid != current->pid) { 839 ret = -EPERM; 840 goto bail; 841 } 842 843 kreg_base = dd->kregbase; 844 845 if (count == 0) 846 ret = 0; 847 else if ((count % 4) || (*off % 4)) 848 /* address or length is not 32-bit aligned, hence invalid */ 849 ret = -EINVAL; 850 else if (dc->state < READY && 851 ((*off || count != 8) || dc->state != INIT)) 852 /* No writes except second-step of init seq */ 853 ret = -EINVAL; /* before any other write allowed */ 854 else { 855 unsigned long flags; 856 const struct diag_observer *op = NULL; 857 int use_32 = (count % 8) || (*off % 8); 858 859 /* 860 * Check for observer on this address range. 861 * We only support a single 32 or 64-bit write 862 * via observer, currently. This helps, because 863 * we would otherwise have to jump through hoops 864 * to make "diag transaction" meaningful when we 865 * cannot do a copy_from_user while holding the lock. 866 */ 867 if (count == 4 || count == 8) { 868 u64 data64; 869 u32 offset = *off; 870 ret = copy_from_user(&data64, data, count); 871 if (ret) { 872 ret = -EFAULT; 873 goto bail; 874 } 875 spin_lock_irqsave(&dd->qib_diag_trans_lock, flags); 876 op = diag_get_observer(dd, *off); 877 if (op) 878 ret = op->hook(dd, op, offset, &data64, ~0Ull, 879 use_32); 880 spin_unlock_irqrestore(&dd->qib_diag_trans_lock, flags); 881 } 882 883 if (!op) { 884 if (use_32) 885 /* 886 * Address or length is not 64-bit aligned; 887 * do 32-bit write 888 */ 889 ret = qib_write_umem32(dd, (u32) *off, data, 890 count); 891 else 892 ret = qib_write_umem64(dd, (u32) *off, data, 893 count); 894 } 895 } 896 897 if (ret >= 0) { 898 *off += count; 899 ret = count; 900 if (dc->state == INIT) 901 dc->state = READY; /* all read/write OK now */ 902 } 903bail: 904 return ret; 905} 906