Loading...
1/*
2 * w1_netlink.c
3 *
4 * Copyright (c) 2003 Evgeniy Polyakov <zbr@ioremap.net>
5 *
6 *
7 * This program is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 2 of the License, or
10 * (at your option) any later version.
11 *
12 * This program is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License
18 * along with this program; if not, write to the Free Software
19 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
20 */
21
22#include <linux/slab.h>
23#include <linux/skbuff.h>
24#include <linux/netlink.h>
25#include <linux/connector.h>
26
27#include "w1.h"
28#include "w1_log.h"
29#include "w1_netlink.h"
30
31#if defined(CONFIG_W1_CON) && (defined(CONFIG_CONNECTOR) || (defined(CONFIG_CONNECTOR_MODULE) && defined(CONFIG_W1_MODULE)))
32
33#define MIN(a, b) (((a) < (b)) ? (a) : (b))
34
35/* Bundle together everything required to process a request in one memory
36 * allocation.
37 */
38struct w1_cb_block {
39 atomic_t refcnt;
40 u32 portid; /* Sending process port ID */
41 /* maximum value for first_cn->len */
42 u16 maxlen;
43 /* pointers to building up the reply message */
44 struct cn_msg *first_cn; /* fixed once the structure is populated */
45 struct cn_msg *cn; /* advances as cn_msg is appeneded */
46 struct w1_netlink_msg *msg; /* advances as w1_netlink_msg is appened */
47 struct w1_netlink_cmd *cmd; /* advances as cmds are appened */
48 struct w1_netlink_msg *cur_msg; /* currently message being processed */
49 /* copy of the original request follows */
50 struct cn_msg request_cn;
51 /* followed by variable length:
52 * cn_msg, data (w1_netlink_msg and w1_netlink_cmd)
53 * one or more struct w1_cb_node
54 * reply first_cn, data (w1_netlink_msg and w1_netlink_cmd)
55 */
56};
57struct w1_cb_node {
58 struct w1_async_cmd async;
59 /* pointers within w1_cb_block and cn data */
60 struct w1_cb_block *block;
61 struct w1_netlink_msg *msg;
62 struct w1_slave *sl;
63 struct w1_master *dev;
64};
65
66/**
67 * w1_reply_len() - calculate current reply length, compare to maxlen
68 * @block: block to calculate
69 *
70 * Calculates the current message length including possible multiple
71 * cn_msg and data, excludes the first sizeof(struct cn_msg). Direclty
72 * compariable to maxlen and usable to send the message.
73 */
74static u16 w1_reply_len(struct w1_cb_block *block)
75{
76 if (!block->cn)
77 return 0;
78 return (u8 *)block->cn - (u8 *)block->first_cn + block->cn->len;
79}
80
81static void w1_unref_block(struct w1_cb_block *block)
82{
83 if (atomic_sub_return(1, &block->refcnt) == 0) {
84 u16 len = w1_reply_len(block);
85 if (len) {
86 cn_netlink_send_mult(block->first_cn, len,
87 block->portid, 0, GFP_KERNEL);
88 }
89 kfree(block);
90 }
91}
92
93/**
94 * w1_reply_make_space() - send message if needed to make space
95 * @block: block to make space on
96 * @space: how many bytes requested
97 *
98 * Verify there is enough room left for the caller to add "space" bytes to the
99 * message, if there isn't send the message and reset.
100 */
101static void w1_reply_make_space(struct w1_cb_block *block, u16 space)
102{
103 u16 len = w1_reply_len(block);
104 if (len + space >= block->maxlen) {
105 cn_netlink_send_mult(block->first_cn, len, block->portid, 0, GFP_KERNEL);
106 block->first_cn->len = 0;
107 block->cn = NULL;
108 block->msg = NULL;
109 block->cmd = NULL;
110 }
111}
112
113/* Early send when replies aren't bundled. */
114static void w1_netlink_check_send(struct w1_cb_block *block)
115{
116 if (!(block->request_cn.flags & W1_CN_BUNDLE) && block->cn)
117 w1_reply_make_space(block, block->maxlen);
118}
119
120/**
121 * w1_netlink_setup_msg() - prepare to write block->msg
122 * @block: block to operate on
123 * @ack: determines if cn can be reused
124 *
125 * block->cn will be setup with the correct ack, advancing if needed
126 * block->cn->len does not include space for block->msg
127 * block->msg advances but remains uninitialized
128 */
129static void w1_netlink_setup_msg(struct w1_cb_block *block, u32 ack)
130{
131 if (block->cn && block->cn->ack == ack) {
132 block->msg = (struct w1_netlink_msg *)(block->cn->data + block->cn->len);
133 } else {
134 /* advance or set to data */
135 if (block->cn)
136 block->cn = (struct cn_msg *)(block->cn->data +
137 block->cn->len);
138 else
139 block->cn = block->first_cn;
140
141 memcpy(block->cn, &block->request_cn, sizeof(*block->cn));
142 block->cn->len = 0;
143 block->cn->ack = ack;
144 block->msg = (struct w1_netlink_msg *)block->cn->data;
145 }
146}
147
148/* Append cmd to msg, include cmd->data as well. This is because
149 * any following data goes with the command and in the case of a read is
150 * the results.
151 */
152static void w1_netlink_queue_cmd(struct w1_cb_block *block,
153 struct w1_netlink_cmd *cmd)
154{
155 u32 space;
156 w1_reply_make_space(block, sizeof(struct cn_msg) +
157 sizeof(struct w1_netlink_msg) + sizeof(*cmd) + cmd->len);
158
159 /* There's a status message sent after each command, so no point
160 * in trying to bundle this cmd after an existing one, because
161 * there won't be one. Allocate and copy over a new cn_msg.
162 */
163 w1_netlink_setup_msg(block, block->request_cn.seq + 1);
164 memcpy(block->msg, block->cur_msg, sizeof(*block->msg));
165 block->cn->len += sizeof(*block->msg);
166 block->msg->len = 0;
167 block->cmd = (struct w1_netlink_cmd *)(block->msg->data);
168
169 space = sizeof(*cmd) + cmd->len;
170 if (block->cmd != cmd)
171 memcpy(block->cmd, cmd, space);
172 block->cn->len += space;
173 block->msg->len += space;
174}
175
176/* Append req_msg and req_cmd, no other commands and no data from req_cmd are
177 * copied.
178 */
179static void w1_netlink_queue_status(struct w1_cb_block *block,
180 struct w1_netlink_msg *req_msg, struct w1_netlink_cmd *req_cmd,
181 int error)
182{
183 u16 space = sizeof(struct cn_msg) + sizeof(*req_msg) + sizeof(*req_cmd);
184 w1_reply_make_space(block, space);
185 w1_netlink_setup_msg(block, block->request_cn.ack);
186
187 memcpy(block->msg, req_msg, sizeof(*req_msg));
188 block->cn->len += sizeof(*req_msg);
189 block->msg->len = 0;
190 block->msg->status = (u8)-error;
191 if (req_cmd) {
192 struct w1_netlink_cmd *cmd = (struct w1_netlink_cmd *)block->msg->data;
193 memcpy(cmd, req_cmd, sizeof(*cmd));
194 block->cn->len += sizeof(*cmd);
195 block->msg->len += sizeof(*cmd);
196 cmd->len = 0;
197 }
198 w1_netlink_check_send(block);
199}
200
201/**
202 * w1_netlink_send_error() - sends the error message now
203 * @cn: original cn_msg
204 * @msg: original w1_netlink_msg
205 * @portid: where to send it
206 * @error: error status
207 *
208 * Use when a block isn't available to queue the message to and cn, msg
209 * might not be contiguous.
210 */
211static void w1_netlink_send_error(struct cn_msg *cn, struct w1_netlink_msg *msg,
212 int portid, int error)
213{
214 struct {
215 struct cn_msg cn;
216 struct w1_netlink_msg msg;
217 } packet;
218 memcpy(&packet.cn, cn, sizeof(packet.cn));
219 memcpy(&packet.msg, msg, sizeof(packet.msg));
220 packet.cn.len = sizeof(packet.msg);
221 packet.msg.len = 0;
222 packet.msg.status = (u8)-error;
223 cn_netlink_send(&packet.cn, portid, 0, GFP_KERNEL);
224}
225
226/**
227 * w1_netlink_send() - sends w1 netlink notifications
228 * @dev: w1_master the even is associated with or for
229 * @msg: w1_netlink_msg message to be sent
230 *
231 * This are notifications generated from the kernel.
232 */
233void w1_netlink_send(struct w1_master *dev, struct w1_netlink_msg *msg)
234{
235 struct {
236 struct cn_msg cn;
237 struct w1_netlink_msg msg;
238 } packet;
239 memset(&packet, 0, sizeof(packet));
240
241 packet.cn.id.idx = CN_W1_IDX;
242 packet.cn.id.val = CN_W1_VAL;
243
244 packet.cn.seq = dev->seq++;
245 packet.cn.len = sizeof(*msg);
246
247 memcpy(&packet.msg, msg, sizeof(*msg));
248 packet.msg.len = 0;
249
250 cn_netlink_send(&packet.cn, 0, 0, GFP_KERNEL);
251}
252
253static void w1_send_slave(struct w1_master *dev, u64 rn)
254{
255 struct w1_cb_block *block = dev->priv;
256 struct w1_netlink_cmd *cache_cmd = block->cmd;
257 u64 *data;
258
259 w1_reply_make_space(block, sizeof(*data));
260
261 /* Add cmd back if the packet was sent */
262 if (!block->cmd) {
263 cache_cmd->len = 0;
264 w1_netlink_queue_cmd(block, cache_cmd);
265 }
266
267 data = (u64 *)(block->cmd->data + block->cmd->len);
268
269 *data = rn;
270 block->cn->len += sizeof(*data);
271 block->msg->len += sizeof(*data);
272 block->cmd->len += sizeof(*data);
273}
274
275static void w1_found_send_slave(struct w1_master *dev, u64 rn)
276{
277 /* update kernel slave list */
278 w1_slave_found(dev, rn);
279
280 w1_send_slave(dev, rn);
281}
282
283/* Get the current slave list, or search (with or without alarm) */
284static int w1_get_slaves(struct w1_master *dev, struct w1_netlink_cmd *req_cmd)
285{
286 struct w1_slave *sl;
287
288 req_cmd->len = 0;
289 w1_netlink_queue_cmd(dev->priv, req_cmd);
290
291 if (req_cmd->cmd == W1_CMD_LIST_SLAVES) {
292 u64 rn;
293 mutex_lock(&dev->list_mutex);
294 list_for_each_entry(sl, &dev->slist, w1_slave_entry) {
295 memcpy(&rn, &sl->reg_num, sizeof(rn));
296 w1_send_slave(dev, rn);
297 }
298 mutex_unlock(&dev->list_mutex);
299 } else {
300 w1_search_process_cb(dev, req_cmd->cmd == W1_CMD_ALARM_SEARCH ?
301 W1_ALARM_SEARCH : W1_SEARCH, w1_found_send_slave);
302 }
303
304 return 0;
305}
306
307static int w1_process_command_io(struct w1_master *dev,
308 struct w1_netlink_cmd *cmd)
309{
310 int err = 0;
311
312 switch (cmd->cmd) {
313 case W1_CMD_TOUCH:
314 w1_touch_block(dev, cmd->data, cmd->len);
315 w1_netlink_queue_cmd(dev->priv, cmd);
316 break;
317 case W1_CMD_READ:
318 w1_read_block(dev, cmd->data, cmd->len);
319 w1_netlink_queue_cmd(dev->priv, cmd);
320 break;
321 case W1_CMD_WRITE:
322 w1_write_block(dev, cmd->data, cmd->len);
323 break;
324 default:
325 err = -EINVAL;
326 break;
327 }
328
329 return err;
330}
331
332static int w1_process_command_addremove(struct w1_master *dev,
333 struct w1_netlink_cmd *cmd)
334{
335 struct w1_slave *sl;
336 int err = 0;
337 struct w1_reg_num *id;
338
339 if (cmd->len != sizeof(*id))
340 return -EINVAL;
341
342 id = (struct w1_reg_num *)cmd->data;
343
344 sl = w1_slave_search_device(dev, id);
345 switch (cmd->cmd) {
346 case W1_CMD_SLAVE_ADD:
347 if (sl)
348 err = -EINVAL;
349 else
350 err = w1_attach_slave_device(dev, id);
351 break;
352 case W1_CMD_SLAVE_REMOVE:
353 if (sl)
354 w1_slave_detach(sl);
355 else
356 err = -EINVAL;
357 break;
358 default:
359 err = -EINVAL;
360 break;
361 }
362
363 return err;
364}
365
366static int w1_process_command_master(struct w1_master *dev,
367 struct w1_netlink_cmd *req_cmd)
368{
369 int err = -EINVAL;
370
371 /* drop bus_mutex for search (does it's own locking), and add/remove
372 * which doesn't use the bus
373 */
374 switch (req_cmd->cmd) {
375 case W1_CMD_SEARCH:
376 case W1_CMD_ALARM_SEARCH:
377 case W1_CMD_LIST_SLAVES:
378 mutex_unlock(&dev->bus_mutex);
379 err = w1_get_slaves(dev, req_cmd);
380 mutex_lock(&dev->bus_mutex);
381 break;
382 case W1_CMD_READ:
383 case W1_CMD_WRITE:
384 case W1_CMD_TOUCH:
385 err = w1_process_command_io(dev, req_cmd);
386 break;
387 case W1_CMD_RESET:
388 err = w1_reset_bus(dev);
389 break;
390 case W1_CMD_SLAVE_ADD:
391 case W1_CMD_SLAVE_REMOVE:
392 mutex_unlock(&dev->bus_mutex);
393 mutex_lock(&dev->mutex);
394 err = w1_process_command_addremove(dev, req_cmd);
395 mutex_unlock(&dev->mutex);
396 mutex_lock(&dev->bus_mutex);
397 break;
398 default:
399 err = -EINVAL;
400 break;
401 }
402
403 return err;
404}
405
406static int w1_process_command_slave(struct w1_slave *sl,
407 struct w1_netlink_cmd *cmd)
408{
409 dev_dbg(&sl->master->dev, "%s: %02x.%012llx.%02x: cmd=%02x, len=%u.\n",
410 __func__, sl->reg_num.family, (unsigned long long)sl->reg_num.id,
411 sl->reg_num.crc, cmd->cmd, cmd->len);
412
413 return w1_process_command_io(sl->master, cmd);
414}
415
416static int w1_process_command_root(struct cn_msg *req_cn, u32 portid)
417{
418 struct w1_master *dev;
419 struct cn_msg *cn;
420 struct w1_netlink_msg *msg;
421 u32 *id;
422
423 cn = kmalloc(PAGE_SIZE, GFP_KERNEL);
424 if (!cn)
425 return -ENOMEM;
426
427 cn->id.idx = CN_W1_IDX;
428 cn->id.val = CN_W1_VAL;
429
430 cn->seq = req_cn->seq;
431 cn->ack = req_cn->seq + 1;
432 cn->len = sizeof(struct w1_netlink_msg);
433 msg = (struct w1_netlink_msg *)cn->data;
434
435 msg->type = W1_LIST_MASTERS;
436 msg->status = 0;
437 msg->len = 0;
438 id = (u32 *)msg->data;
439
440 mutex_lock(&w1_mlock);
441 list_for_each_entry(dev, &w1_masters, w1_master_entry) {
442 if (cn->len + sizeof(*id) > PAGE_SIZE - sizeof(struct cn_msg)) {
443 cn_netlink_send(cn, portid, 0, GFP_KERNEL);
444 cn->len = sizeof(struct w1_netlink_msg);
445 msg->len = 0;
446 id = (u32 *)msg->data;
447 }
448
449 *id = dev->id;
450 msg->len += sizeof(*id);
451 cn->len += sizeof(*id);
452 id++;
453 }
454 cn_netlink_send(cn, portid, 0, GFP_KERNEL);
455 mutex_unlock(&w1_mlock);
456
457 kfree(cn);
458 return 0;
459}
460
461static void w1_process_cb(struct w1_master *dev, struct w1_async_cmd *async_cmd)
462{
463 struct w1_cb_node *node = container_of(async_cmd, struct w1_cb_node,
464 async);
465 u16 mlen = node->msg->len;
466 u16 len;
467 int err = 0;
468 struct w1_slave *sl = node->sl;
469 struct w1_netlink_cmd *cmd = (struct w1_netlink_cmd *)node->msg->data;
470
471 mutex_lock(&dev->bus_mutex);
472 dev->priv = node->block;
473 if (sl && w1_reset_select_slave(sl))
474 err = -ENODEV;
475 node->block->cur_msg = node->msg;
476
477 while (mlen && !err) {
478 if (cmd->len + sizeof(struct w1_netlink_cmd) > mlen) {
479 err = -E2BIG;
480 break;
481 }
482
483 if (sl)
484 err = w1_process_command_slave(sl, cmd);
485 else
486 err = w1_process_command_master(dev, cmd);
487 w1_netlink_check_send(node->block);
488
489 w1_netlink_queue_status(node->block, node->msg, cmd, err);
490 err = 0;
491
492 len = sizeof(*cmd) + cmd->len;
493 cmd = (struct w1_netlink_cmd *)((u8 *)cmd + len);
494 mlen -= len;
495 }
496
497 if (!cmd || err)
498 w1_netlink_queue_status(node->block, node->msg, cmd, err);
499
500 /* ref taken in w1_search_slave or w1_search_master_id when building
501 * the block
502 */
503 if (sl)
504 w1_unref_slave(sl);
505 else
506 atomic_dec(&dev->refcnt);
507 dev->priv = NULL;
508 mutex_unlock(&dev->bus_mutex);
509
510 mutex_lock(&dev->list_mutex);
511 list_del(&async_cmd->async_entry);
512 mutex_unlock(&dev->list_mutex);
513
514 w1_unref_block(node->block);
515}
516
517static void w1_list_count_cmds(struct w1_netlink_msg *msg, int *cmd_count,
518 u16 *slave_len)
519{
520 struct w1_netlink_cmd *cmd = (struct w1_netlink_cmd *)msg->data;
521 u16 mlen = msg->len;
522 u16 len;
523 int slave_list = 0;
524 while (mlen) {
525 if (cmd->len + sizeof(struct w1_netlink_cmd) > mlen)
526 break;
527
528 switch (cmd->cmd) {
529 case W1_CMD_SEARCH:
530 case W1_CMD_ALARM_SEARCH:
531 case W1_CMD_LIST_SLAVES:
532 ++slave_list;
533 }
534 ++*cmd_count;
535 len = sizeof(*cmd) + cmd->len;
536 cmd = (struct w1_netlink_cmd *)((u8 *)cmd + len);
537 mlen -= len;
538 }
539
540 if (slave_list) {
541 struct w1_master *dev = w1_search_master_id(msg->id.mst.id);
542 if (dev) {
543 /* Bytes, and likely an overstimate, and if it isn't
544 * the results can still be split between packets.
545 */
546 *slave_len += sizeof(struct w1_reg_num) * slave_list *
547 (dev->slave_count + dev->max_slave_count);
548 /* search incremented it */
549 atomic_dec(&dev->refcnt);
550 }
551 }
552}
553
554static void w1_cn_callback(struct cn_msg *cn, struct netlink_skb_parms *nsp)
555{
556 struct w1_netlink_msg *msg = (struct w1_netlink_msg *)(cn + 1);
557 struct w1_slave *sl;
558 struct w1_master *dev;
559 u16 msg_len;
560 u16 slave_len = 0;
561 int err = 0;
562 struct w1_cb_block *block = NULL;
563 struct w1_cb_node *node = NULL;
564 int node_count = 0;
565 int cmd_count = 0;
566
567 /* If any unknown flag is set let the application know, that way
568 * applications can detect the absence of features in kernels that
569 * don't know about them. http://lwn.net/Articles/587527/
570 */
571 if (cn->flags & ~(W1_CN_BUNDLE)) {
572 w1_netlink_send_error(cn, msg, nsp->portid, -EINVAL);
573 return;
574 }
575
576 /* Count the number of master or slave commands there are to allocate
577 * space for one cb_node each.
578 */
579 msg_len = cn->len;
580 while (msg_len && !err) {
581 if (msg->len + sizeof(struct w1_netlink_msg) > msg_len) {
582 err = -E2BIG;
583 break;
584 }
585
586 /* count messages for nodes and allocate any additional space
587 * required for slave lists
588 */
589 if (msg->type == W1_MASTER_CMD || msg->type == W1_SLAVE_CMD) {
590 ++node_count;
591 w1_list_count_cmds(msg, &cmd_count, &slave_len);
592 }
593
594 msg_len -= sizeof(struct w1_netlink_msg) + msg->len;
595 msg = (struct w1_netlink_msg *)(((u8 *)msg) +
596 sizeof(struct w1_netlink_msg) + msg->len);
597 }
598 msg = (struct w1_netlink_msg *)(cn + 1);
599 if (node_count) {
600 int size;
601 int reply_size = sizeof(*cn) + cn->len + slave_len;
602 if (cn->flags & W1_CN_BUNDLE) {
603 /* bundling duplicats some of the messages */
604 reply_size += 2 * cmd_count * (sizeof(struct cn_msg) +
605 sizeof(struct w1_netlink_msg) +
606 sizeof(struct w1_netlink_cmd));
607 }
608 reply_size = MIN(CONNECTOR_MAX_MSG_SIZE, reply_size);
609
610 /* allocate space for the block, a copy of the original message,
611 * one node per cmd to point into the original message,
612 * space for replies which is the original message size plus
613 * space for any list slave data and status messages
614 * cn->len doesn't include itself which is part of the block
615 * */
616 size = /* block + original message */
617 sizeof(struct w1_cb_block) + sizeof(*cn) + cn->len +
618 /* space for nodes */
619 node_count * sizeof(struct w1_cb_node) +
620 /* replies */
621 sizeof(struct cn_msg) + reply_size;
622 block = kzalloc(size, GFP_KERNEL);
623 if (!block) {
624 /* if the system is already out of memory,
625 * (A) will this work, and (B) would it be better
626 * to not try?
627 */
628 w1_netlink_send_error(cn, msg, nsp->portid, -ENOMEM);
629 return;
630 }
631 atomic_set(&block->refcnt, 1);
632 block->portid = nsp->portid;
633 memcpy(&block->request_cn, cn, sizeof(*cn) + cn->len);
634 node = (struct w1_cb_node *)(block->request_cn.data + cn->len);
635
636 /* Sneeky, when not bundling, reply_size is the allocated space
637 * required for the reply, cn_msg isn't part of maxlen so
638 * it should be reply_size - sizeof(struct cn_msg), however
639 * when checking if there is enough space, w1_reply_make_space
640 * is called with the full message size including cn_msg,
641 * because it isn't known at that time if an additional cn_msg
642 * will need to be allocated. So an extra cn_msg is added
643 * above in "size".
644 */
645 block->maxlen = reply_size;
646 block->first_cn = (struct cn_msg *)(node + node_count);
647 memset(block->first_cn, 0, sizeof(*block->first_cn));
648 }
649
650 msg_len = cn->len;
651 while (msg_len && !err) {
652
653 dev = NULL;
654 sl = NULL;
655
656 if (msg->len + sizeof(struct w1_netlink_msg) > msg_len) {
657 err = -E2BIG;
658 break;
659 }
660
661 /* execute on this thread, no need to process later */
662 if (msg->type == W1_LIST_MASTERS) {
663 err = w1_process_command_root(cn, nsp->portid);
664 goto out_cont;
665 }
666
667 /* All following message types require additional data,
668 * check here before references are taken.
669 */
670 if (!msg->len) {
671 err = -EPROTO;
672 goto out_cont;
673 }
674
675 /* both search calls take references */
676 if (msg->type == W1_MASTER_CMD) {
677 dev = w1_search_master_id(msg->id.mst.id);
678 } else if (msg->type == W1_SLAVE_CMD) {
679 sl = w1_search_slave((struct w1_reg_num *)msg->id.id);
680 if (sl)
681 dev = sl->master;
682 } else {
683 pr_notice("%s: cn: %x.%x, wrong type: %u, len: %u.\n",
684 __func__, cn->id.idx, cn->id.val,
685 msg->type, msg->len);
686 err = -EPROTO;
687 goto out_cont;
688 }
689
690 if (!dev) {
691 err = -ENODEV;
692 goto out_cont;
693 }
694
695 err = 0;
696
697 atomic_inc(&block->refcnt);
698 node->async.cb = w1_process_cb;
699 node->block = block;
700 node->msg = (struct w1_netlink_msg *)((u8 *)&block->request_cn +
701 (size_t)((u8 *)msg - (u8 *)cn));
702 node->sl = sl;
703 node->dev = dev;
704
705 mutex_lock(&dev->list_mutex);
706 list_add_tail(&node->async.async_entry, &dev->async_list);
707 wake_up_process(dev->thread);
708 mutex_unlock(&dev->list_mutex);
709 ++node;
710
711out_cont:
712 /* Can't queue because that modifies block and another
713 * thread could be processing the messages by now and
714 * there isn't a lock, send directly.
715 */
716 if (err)
717 w1_netlink_send_error(cn, msg, nsp->portid, err);
718 msg_len -= sizeof(struct w1_netlink_msg) + msg->len;
719 msg = (struct w1_netlink_msg *)(((u8 *)msg) +
720 sizeof(struct w1_netlink_msg) + msg->len);
721
722 /*
723 * Let's allow requests for nonexisting devices.
724 */
725 if (err == -ENODEV)
726 err = 0;
727 }
728 if (block)
729 w1_unref_block(block);
730}
731
732int w1_init_netlink(void)
733{
734 struct cb_id w1_id = {.idx = CN_W1_IDX, .val = CN_W1_VAL};
735
736 return cn_add_callback(&w1_id, "w1", &w1_cn_callback);
737}
738
739void w1_fini_netlink(void)
740{
741 struct cb_id w1_id = {.idx = CN_W1_IDX, .val = CN_W1_VAL};
742
743 cn_del_callback(&w1_id);
744}
745#else
746void w1_netlink_send(struct w1_master *dev, struct w1_netlink_msg *cn)
747{
748}
749
750int w1_init_netlink(void)
751{
752 return 0;
753}
754
755void w1_fini_netlink(void)
756{
757}
758#endif
1/*
2 * Copyright (c) 2003 Evgeniy Polyakov <zbr@ioremap.net>
3 *
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License as published by
6 * the Free Software Foundation; either version 2 of the License, or
7 * (at your option) any later version.
8 *
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
13 */
14
15#include <linux/slab.h>
16#include <linux/skbuff.h>
17#include <linux/netlink.h>
18#include <linux/connector.h>
19
20#include "w1_internal.h"
21#include "w1_netlink.h"
22
23#if defined(CONFIG_W1_CON) && (defined(CONFIG_CONNECTOR) || (defined(CONFIG_CONNECTOR_MODULE) && defined(CONFIG_W1_MODULE)))
24
25/* Bundle together everything required to process a request in one memory
26 * allocation.
27 */
28struct w1_cb_block {
29 atomic_t refcnt;
30 u32 portid; /* Sending process port ID */
31 /* maximum value for first_cn->len */
32 u16 maxlen;
33 /* pointers to building up the reply message */
34 struct cn_msg *first_cn; /* fixed once the structure is populated */
35 struct cn_msg *cn; /* advances as cn_msg is appeneded */
36 struct w1_netlink_msg *msg; /* advances as w1_netlink_msg is appened */
37 struct w1_netlink_cmd *cmd; /* advances as cmds are appened */
38 struct w1_netlink_msg *cur_msg; /* currently message being processed */
39 /* copy of the original request follows */
40 struct cn_msg request_cn;
41 /* followed by variable length:
42 * cn_msg, data (w1_netlink_msg and w1_netlink_cmd)
43 * one or more struct w1_cb_node
44 * reply first_cn, data (w1_netlink_msg and w1_netlink_cmd)
45 */
46};
47struct w1_cb_node {
48 struct w1_async_cmd async;
49 /* pointers within w1_cb_block and cn data */
50 struct w1_cb_block *block;
51 struct w1_netlink_msg *msg;
52 struct w1_slave *sl;
53 struct w1_master *dev;
54};
55
56/**
57 * w1_reply_len() - calculate current reply length, compare to maxlen
58 * @block: block to calculate
59 *
60 * Calculates the current message length including possible multiple
61 * cn_msg and data, excludes the first sizeof(struct cn_msg). Direclty
62 * compariable to maxlen and usable to send the message.
63 */
64static u16 w1_reply_len(struct w1_cb_block *block)
65{
66 if (!block->cn)
67 return 0;
68 return (u8 *)block->cn - (u8 *)block->first_cn + block->cn->len;
69}
70
71static void w1_unref_block(struct w1_cb_block *block)
72{
73 if (atomic_sub_return(1, &block->refcnt) == 0) {
74 u16 len = w1_reply_len(block);
75 if (len) {
76 cn_netlink_send_mult(block->first_cn, len,
77 block->portid, 0, GFP_KERNEL);
78 }
79 kfree(block);
80 }
81}
82
83/**
84 * w1_reply_make_space() - send message if needed to make space
85 * @block: block to make space on
86 * @space: how many bytes requested
87 *
88 * Verify there is enough room left for the caller to add "space" bytes to the
89 * message, if there isn't send the message and reset.
90 */
91static void w1_reply_make_space(struct w1_cb_block *block, u16 space)
92{
93 u16 len = w1_reply_len(block);
94 if (len + space >= block->maxlen) {
95 cn_netlink_send_mult(block->first_cn, len, block->portid, 0, GFP_KERNEL);
96 block->first_cn->len = 0;
97 block->cn = NULL;
98 block->msg = NULL;
99 block->cmd = NULL;
100 }
101}
102
103/* Early send when replies aren't bundled. */
104static void w1_netlink_check_send(struct w1_cb_block *block)
105{
106 if (!(block->request_cn.flags & W1_CN_BUNDLE) && block->cn)
107 w1_reply_make_space(block, block->maxlen);
108}
109
110/**
111 * w1_netlink_setup_msg() - prepare to write block->msg
112 * @block: block to operate on
113 * @ack: determines if cn can be reused
114 *
115 * block->cn will be setup with the correct ack, advancing if needed
116 * block->cn->len does not include space for block->msg
117 * block->msg advances but remains uninitialized
118 */
119static void w1_netlink_setup_msg(struct w1_cb_block *block, u32 ack)
120{
121 if (block->cn && block->cn->ack == ack) {
122 block->msg = (struct w1_netlink_msg *)(block->cn->data + block->cn->len);
123 } else {
124 /* advance or set to data */
125 if (block->cn)
126 block->cn = (struct cn_msg *)(block->cn->data +
127 block->cn->len);
128 else
129 block->cn = block->first_cn;
130
131 memcpy(block->cn, &block->request_cn, sizeof(*block->cn));
132 block->cn->len = 0;
133 block->cn->ack = ack;
134 block->msg = (struct w1_netlink_msg *)block->cn->data;
135 }
136}
137
138/* Append cmd to msg, include cmd->data as well. This is because
139 * any following data goes with the command and in the case of a read is
140 * the results.
141 */
142static void w1_netlink_queue_cmd(struct w1_cb_block *block,
143 struct w1_netlink_cmd *cmd)
144{
145 u32 space;
146 w1_reply_make_space(block, sizeof(struct cn_msg) +
147 sizeof(struct w1_netlink_msg) + sizeof(*cmd) + cmd->len);
148
149 /* There's a status message sent after each command, so no point
150 * in trying to bundle this cmd after an existing one, because
151 * there won't be one. Allocate and copy over a new cn_msg.
152 */
153 w1_netlink_setup_msg(block, block->request_cn.seq + 1);
154 memcpy(block->msg, block->cur_msg, sizeof(*block->msg));
155 block->cn->len += sizeof(*block->msg);
156 block->msg->len = 0;
157 block->cmd = (struct w1_netlink_cmd *)(block->msg->data);
158
159 space = sizeof(*cmd) + cmd->len;
160 if (block->cmd != cmd)
161 memcpy(block->cmd, cmd, space);
162 block->cn->len += space;
163 block->msg->len += space;
164}
165
166/* Append req_msg and req_cmd, no other commands and no data from req_cmd are
167 * copied.
168 */
169static void w1_netlink_queue_status(struct w1_cb_block *block,
170 struct w1_netlink_msg *req_msg, struct w1_netlink_cmd *req_cmd,
171 int error)
172{
173 u16 space = sizeof(struct cn_msg) + sizeof(*req_msg) + sizeof(*req_cmd);
174 w1_reply_make_space(block, space);
175 w1_netlink_setup_msg(block, block->request_cn.ack);
176
177 memcpy(block->msg, req_msg, sizeof(*req_msg));
178 block->cn->len += sizeof(*req_msg);
179 block->msg->len = 0;
180 block->msg->status = (u8)-error;
181 if (req_cmd) {
182 struct w1_netlink_cmd *cmd = (struct w1_netlink_cmd *)block->msg->data;
183 memcpy(cmd, req_cmd, sizeof(*cmd));
184 block->cn->len += sizeof(*cmd);
185 block->msg->len += sizeof(*cmd);
186 cmd->len = 0;
187 }
188 w1_netlink_check_send(block);
189}
190
191/**
192 * w1_netlink_send_error() - sends the error message now
193 * @cn: original cn_msg
194 * @msg: original w1_netlink_msg
195 * @portid: where to send it
196 * @error: error status
197 *
198 * Use when a block isn't available to queue the message to and cn, msg
199 * might not be contiguous.
200 */
201static void w1_netlink_send_error(struct cn_msg *cn, struct w1_netlink_msg *msg,
202 int portid, int error)
203{
204 struct {
205 struct cn_msg cn;
206 struct w1_netlink_msg msg;
207 } packet;
208 memcpy(&packet.cn, cn, sizeof(packet.cn));
209 memcpy(&packet.msg, msg, sizeof(packet.msg));
210 packet.cn.len = sizeof(packet.msg);
211 packet.msg.len = 0;
212 packet.msg.status = (u8)-error;
213 cn_netlink_send(&packet.cn, portid, 0, GFP_KERNEL);
214}
215
216/**
217 * w1_netlink_send() - sends w1 netlink notifications
218 * @dev: w1_master the even is associated with or for
219 * @msg: w1_netlink_msg message to be sent
220 *
221 * This are notifications generated from the kernel.
222 */
223void w1_netlink_send(struct w1_master *dev, struct w1_netlink_msg *msg)
224{
225 struct {
226 struct cn_msg cn;
227 struct w1_netlink_msg msg;
228 } packet;
229 memset(&packet, 0, sizeof(packet));
230
231 packet.cn.id.idx = CN_W1_IDX;
232 packet.cn.id.val = CN_W1_VAL;
233
234 packet.cn.seq = dev->seq++;
235 packet.cn.len = sizeof(*msg);
236
237 memcpy(&packet.msg, msg, sizeof(*msg));
238 packet.msg.len = 0;
239
240 cn_netlink_send(&packet.cn, 0, 0, GFP_KERNEL);
241}
242
243static void w1_send_slave(struct w1_master *dev, u64 rn)
244{
245 struct w1_cb_block *block = dev->priv;
246 struct w1_netlink_cmd *cache_cmd = block->cmd;
247 u64 *data;
248
249 w1_reply_make_space(block, sizeof(*data));
250
251 /* Add cmd back if the packet was sent */
252 if (!block->cmd) {
253 cache_cmd->len = 0;
254 w1_netlink_queue_cmd(block, cache_cmd);
255 }
256
257 data = (u64 *)(block->cmd->data + block->cmd->len);
258
259 *data = rn;
260 block->cn->len += sizeof(*data);
261 block->msg->len += sizeof(*data);
262 block->cmd->len += sizeof(*data);
263}
264
265static void w1_found_send_slave(struct w1_master *dev, u64 rn)
266{
267 /* update kernel slave list */
268 w1_slave_found(dev, rn);
269
270 w1_send_slave(dev, rn);
271}
272
273/* Get the current slave list, or search (with or without alarm) */
274static int w1_get_slaves(struct w1_master *dev, struct w1_netlink_cmd *req_cmd)
275{
276 struct w1_slave *sl;
277
278 req_cmd->len = 0;
279 w1_netlink_queue_cmd(dev->priv, req_cmd);
280
281 if (req_cmd->cmd == W1_CMD_LIST_SLAVES) {
282 u64 rn;
283 mutex_lock(&dev->list_mutex);
284 list_for_each_entry(sl, &dev->slist, w1_slave_entry) {
285 memcpy(&rn, &sl->reg_num, sizeof(rn));
286 w1_send_slave(dev, rn);
287 }
288 mutex_unlock(&dev->list_mutex);
289 } else {
290 w1_search_process_cb(dev, req_cmd->cmd == W1_CMD_ALARM_SEARCH ?
291 W1_ALARM_SEARCH : W1_SEARCH, w1_found_send_slave);
292 }
293
294 return 0;
295}
296
297static int w1_process_command_io(struct w1_master *dev,
298 struct w1_netlink_cmd *cmd)
299{
300 int err = 0;
301
302 switch (cmd->cmd) {
303 case W1_CMD_TOUCH:
304 w1_touch_block(dev, cmd->data, cmd->len);
305 w1_netlink_queue_cmd(dev->priv, cmd);
306 break;
307 case W1_CMD_READ:
308 w1_read_block(dev, cmd->data, cmd->len);
309 w1_netlink_queue_cmd(dev->priv, cmd);
310 break;
311 case W1_CMD_WRITE:
312 w1_write_block(dev, cmd->data, cmd->len);
313 break;
314 default:
315 err = -EINVAL;
316 break;
317 }
318
319 return err;
320}
321
322static int w1_process_command_addremove(struct w1_master *dev,
323 struct w1_netlink_cmd *cmd)
324{
325 struct w1_slave *sl;
326 int err = 0;
327 struct w1_reg_num *id;
328
329 if (cmd->len != sizeof(*id))
330 return -EINVAL;
331
332 id = (struct w1_reg_num *)cmd->data;
333
334 sl = w1_slave_search_device(dev, id);
335 switch (cmd->cmd) {
336 case W1_CMD_SLAVE_ADD:
337 if (sl)
338 err = -EINVAL;
339 else
340 err = w1_attach_slave_device(dev, id);
341 break;
342 case W1_CMD_SLAVE_REMOVE:
343 if (sl)
344 w1_slave_detach(sl);
345 else
346 err = -EINVAL;
347 break;
348 default:
349 err = -EINVAL;
350 break;
351 }
352
353 return err;
354}
355
356static int w1_process_command_master(struct w1_master *dev,
357 struct w1_netlink_cmd *req_cmd)
358{
359 int err = -EINVAL;
360
361 /* drop bus_mutex for search (does it's own locking), and add/remove
362 * which doesn't use the bus
363 */
364 switch (req_cmd->cmd) {
365 case W1_CMD_SEARCH:
366 case W1_CMD_ALARM_SEARCH:
367 case W1_CMD_LIST_SLAVES:
368 mutex_unlock(&dev->bus_mutex);
369 err = w1_get_slaves(dev, req_cmd);
370 mutex_lock(&dev->bus_mutex);
371 break;
372 case W1_CMD_READ:
373 case W1_CMD_WRITE:
374 case W1_CMD_TOUCH:
375 err = w1_process_command_io(dev, req_cmd);
376 break;
377 case W1_CMD_RESET:
378 err = w1_reset_bus(dev);
379 break;
380 case W1_CMD_SLAVE_ADD:
381 case W1_CMD_SLAVE_REMOVE:
382 mutex_unlock(&dev->bus_mutex);
383 mutex_lock(&dev->mutex);
384 err = w1_process_command_addremove(dev, req_cmd);
385 mutex_unlock(&dev->mutex);
386 mutex_lock(&dev->bus_mutex);
387 break;
388 default:
389 err = -EINVAL;
390 break;
391 }
392
393 return err;
394}
395
396static int w1_process_command_slave(struct w1_slave *sl,
397 struct w1_netlink_cmd *cmd)
398{
399 dev_dbg(&sl->master->dev, "%s: %02x.%012llx.%02x: cmd=%02x, len=%u.\n",
400 __func__, sl->reg_num.family, (unsigned long long)sl->reg_num.id,
401 sl->reg_num.crc, cmd->cmd, cmd->len);
402
403 return w1_process_command_io(sl->master, cmd);
404}
405
406static int w1_process_command_root(struct cn_msg *req_cn, u32 portid)
407{
408 struct w1_master *dev;
409 struct cn_msg *cn;
410 struct w1_netlink_msg *msg;
411 u32 *id;
412
413 cn = kmalloc(PAGE_SIZE, GFP_KERNEL);
414 if (!cn)
415 return -ENOMEM;
416
417 cn->id.idx = CN_W1_IDX;
418 cn->id.val = CN_W1_VAL;
419
420 cn->seq = req_cn->seq;
421 cn->ack = req_cn->seq + 1;
422 cn->len = sizeof(struct w1_netlink_msg);
423 msg = (struct w1_netlink_msg *)cn->data;
424
425 msg->type = W1_LIST_MASTERS;
426 msg->status = 0;
427 msg->len = 0;
428 id = (u32 *)msg->data;
429
430 mutex_lock(&w1_mlock);
431 list_for_each_entry(dev, &w1_masters, w1_master_entry) {
432 if (cn->len + sizeof(*id) > PAGE_SIZE - sizeof(struct cn_msg)) {
433 cn_netlink_send(cn, portid, 0, GFP_KERNEL);
434 cn->len = sizeof(struct w1_netlink_msg);
435 msg->len = 0;
436 id = (u32 *)msg->data;
437 }
438
439 *id = dev->id;
440 msg->len += sizeof(*id);
441 cn->len += sizeof(*id);
442 id++;
443 }
444 cn_netlink_send(cn, portid, 0, GFP_KERNEL);
445 mutex_unlock(&w1_mlock);
446
447 kfree(cn);
448 return 0;
449}
450
451static void w1_process_cb(struct w1_master *dev, struct w1_async_cmd *async_cmd)
452{
453 struct w1_cb_node *node = container_of(async_cmd, struct w1_cb_node,
454 async);
455 u16 mlen = node->msg->len;
456 u16 len;
457 int err = 0;
458 struct w1_slave *sl = node->sl;
459 struct w1_netlink_cmd *cmd = (struct w1_netlink_cmd *)node->msg->data;
460
461 mutex_lock(&dev->bus_mutex);
462 dev->priv = node->block;
463 if (sl && w1_reset_select_slave(sl))
464 err = -ENODEV;
465 node->block->cur_msg = node->msg;
466
467 while (mlen && !err) {
468 if (cmd->len + sizeof(struct w1_netlink_cmd) > mlen) {
469 err = -E2BIG;
470 break;
471 }
472
473 if (sl)
474 err = w1_process_command_slave(sl, cmd);
475 else
476 err = w1_process_command_master(dev, cmd);
477 w1_netlink_check_send(node->block);
478
479 w1_netlink_queue_status(node->block, node->msg, cmd, err);
480 err = 0;
481
482 len = sizeof(*cmd) + cmd->len;
483 cmd = (struct w1_netlink_cmd *)((u8 *)cmd + len);
484 mlen -= len;
485 }
486
487 if (!cmd || err)
488 w1_netlink_queue_status(node->block, node->msg, cmd, err);
489
490 /* ref taken in w1_search_slave or w1_search_master_id when building
491 * the block
492 */
493 if (sl)
494 w1_unref_slave(sl);
495 else
496 atomic_dec(&dev->refcnt);
497 dev->priv = NULL;
498 mutex_unlock(&dev->bus_mutex);
499
500 mutex_lock(&dev->list_mutex);
501 list_del(&async_cmd->async_entry);
502 mutex_unlock(&dev->list_mutex);
503
504 w1_unref_block(node->block);
505}
506
507static void w1_list_count_cmds(struct w1_netlink_msg *msg, int *cmd_count,
508 u16 *slave_len)
509{
510 struct w1_netlink_cmd *cmd = (struct w1_netlink_cmd *)msg->data;
511 u16 mlen = msg->len;
512 u16 len;
513 int slave_list = 0;
514 while (mlen) {
515 if (cmd->len + sizeof(struct w1_netlink_cmd) > mlen)
516 break;
517
518 switch (cmd->cmd) {
519 case W1_CMD_SEARCH:
520 case W1_CMD_ALARM_SEARCH:
521 case W1_CMD_LIST_SLAVES:
522 ++slave_list;
523 }
524 ++*cmd_count;
525 len = sizeof(*cmd) + cmd->len;
526 cmd = (struct w1_netlink_cmd *)((u8 *)cmd + len);
527 mlen -= len;
528 }
529
530 if (slave_list) {
531 struct w1_master *dev = w1_search_master_id(msg->id.mst.id);
532 if (dev) {
533 /* Bytes, and likely an overstimate, and if it isn't
534 * the results can still be split between packets.
535 */
536 *slave_len += sizeof(struct w1_reg_num) * slave_list *
537 (dev->slave_count + dev->max_slave_count);
538 /* search incremented it */
539 atomic_dec(&dev->refcnt);
540 }
541 }
542}
543
544static void w1_cn_callback(struct cn_msg *cn, struct netlink_skb_parms *nsp)
545{
546 struct w1_netlink_msg *msg = (struct w1_netlink_msg *)(cn + 1);
547 struct w1_slave *sl;
548 struct w1_master *dev;
549 u16 msg_len;
550 u16 slave_len = 0;
551 int err = 0;
552 struct w1_cb_block *block = NULL;
553 struct w1_cb_node *node = NULL;
554 int node_count = 0;
555 int cmd_count = 0;
556
557 /* If any unknown flag is set let the application know, that way
558 * applications can detect the absence of features in kernels that
559 * don't know about them. http://lwn.net/Articles/587527/
560 */
561 if (cn->flags & ~(W1_CN_BUNDLE)) {
562 w1_netlink_send_error(cn, msg, nsp->portid, -EINVAL);
563 return;
564 }
565
566 /* Count the number of master or slave commands there are to allocate
567 * space for one cb_node each.
568 */
569 msg_len = cn->len;
570 while (msg_len && !err) {
571 if (msg->len + sizeof(struct w1_netlink_msg) > msg_len) {
572 err = -E2BIG;
573 break;
574 }
575
576 /* count messages for nodes and allocate any additional space
577 * required for slave lists
578 */
579 if (msg->type == W1_MASTER_CMD || msg->type == W1_SLAVE_CMD) {
580 ++node_count;
581 w1_list_count_cmds(msg, &cmd_count, &slave_len);
582 }
583
584 msg_len -= sizeof(struct w1_netlink_msg) + msg->len;
585 msg = (struct w1_netlink_msg *)(((u8 *)msg) +
586 sizeof(struct w1_netlink_msg) + msg->len);
587 }
588 msg = (struct w1_netlink_msg *)(cn + 1);
589 if (node_count) {
590 int size;
591 int reply_size = sizeof(*cn) + cn->len + slave_len;
592 if (cn->flags & W1_CN_BUNDLE) {
593 /* bundling duplicats some of the messages */
594 reply_size += 2 * cmd_count * (sizeof(struct cn_msg) +
595 sizeof(struct w1_netlink_msg) +
596 sizeof(struct w1_netlink_cmd));
597 }
598 reply_size = min(CONNECTOR_MAX_MSG_SIZE, reply_size);
599
600 /* allocate space for the block, a copy of the original message,
601 * one node per cmd to point into the original message,
602 * space for replies which is the original message size plus
603 * space for any list slave data and status messages
604 * cn->len doesn't include itself which is part of the block
605 * */
606 size = /* block + original message */
607 sizeof(struct w1_cb_block) + sizeof(*cn) + cn->len +
608 /* space for nodes */
609 node_count * sizeof(struct w1_cb_node) +
610 /* replies */
611 sizeof(struct cn_msg) + reply_size;
612 block = kzalloc(size, GFP_KERNEL);
613 if (!block) {
614 /* if the system is already out of memory,
615 * (A) will this work, and (B) would it be better
616 * to not try?
617 */
618 w1_netlink_send_error(cn, msg, nsp->portid, -ENOMEM);
619 return;
620 }
621 atomic_set(&block->refcnt, 1);
622 block->portid = nsp->portid;
623 memcpy(&block->request_cn, cn, sizeof(*cn) + cn->len);
624 node = (struct w1_cb_node *)(block->request_cn.data + cn->len);
625
626 /* Sneeky, when not bundling, reply_size is the allocated space
627 * required for the reply, cn_msg isn't part of maxlen so
628 * it should be reply_size - sizeof(struct cn_msg), however
629 * when checking if there is enough space, w1_reply_make_space
630 * is called with the full message size including cn_msg,
631 * because it isn't known at that time if an additional cn_msg
632 * will need to be allocated. So an extra cn_msg is added
633 * above in "size".
634 */
635 block->maxlen = reply_size;
636 block->first_cn = (struct cn_msg *)(node + node_count);
637 memset(block->first_cn, 0, sizeof(*block->first_cn));
638 }
639
640 msg_len = cn->len;
641 while (msg_len && !err) {
642
643 dev = NULL;
644 sl = NULL;
645
646 if (msg->len + sizeof(struct w1_netlink_msg) > msg_len) {
647 err = -E2BIG;
648 break;
649 }
650
651 /* execute on this thread, no need to process later */
652 if (msg->type == W1_LIST_MASTERS) {
653 err = w1_process_command_root(cn, nsp->portid);
654 goto out_cont;
655 }
656
657 /* All following message types require additional data,
658 * check here before references are taken.
659 */
660 if (!msg->len) {
661 err = -EPROTO;
662 goto out_cont;
663 }
664
665 /* both search calls take references */
666 if (msg->type == W1_MASTER_CMD) {
667 dev = w1_search_master_id(msg->id.mst.id);
668 } else if (msg->type == W1_SLAVE_CMD) {
669 sl = w1_search_slave((struct w1_reg_num *)msg->id.id);
670 if (sl)
671 dev = sl->master;
672 } else {
673 pr_notice("%s: cn: %x.%x, wrong type: %u, len: %u.\n",
674 __func__, cn->id.idx, cn->id.val,
675 msg->type, msg->len);
676 err = -EPROTO;
677 goto out_cont;
678 }
679
680 if (!dev) {
681 err = -ENODEV;
682 goto out_cont;
683 }
684
685 err = 0;
686
687 atomic_inc(&block->refcnt);
688 node->async.cb = w1_process_cb;
689 node->block = block;
690 node->msg = (struct w1_netlink_msg *)((u8 *)&block->request_cn +
691 (size_t)((u8 *)msg - (u8 *)cn));
692 node->sl = sl;
693 node->dev = dev;
694
695 mutex_lock(&dev->list_mutex);
696 list_add_tail(&node->async.async_entry, &dev->async_list);
697 wake_up_process(dev->thread);
698 mutex_unlock(&dev->list_mutex);
699 ++node;
700
701out_cont:
702 /* Can't queue because that modifies block and another
703 * thread could be processing the messages by now and
704 * there isn't a lock, send directly.
705 */
706 if (err)
707 w1_netlink_send_error(cn, msg, nsp->portid, err);
708 msg_len -= sizeof(struct w1_netlink_msg) + msg->len;
709 msg = (struct w1_netlink_msg *)(((u8 *)msg) +
710 sizeof(struct w1_netlink_msg) + msg->len);
711
712 /*
713 * Let's allow requests for nonexisting devices.
714 */
715 if (err == -ENODEV)
716 err = 0;
717 }
718 if (block)
719 w1_unref_block(block);
720}
721
722int w1_init_netlink(void)
723{
724 struct cb_id w1_id = {.idx = CN_W1_IDX, .val = CN_W1_VAL};
725
726 return cn_add_callback(&w1_id, "w1", &w1_cn_callback);
727}
728
729void w1_fini_netlink(void)
730{
731 struct cb_id w1_id = {.idx = CN_W1_IDX, .val = CN_W1_VAL};
732
733 cn_del_callback(&w1_id);
734}
735#else
736void w1_netlink_send(struct w1_master *dev, struct w1_netlink_msg *cn)
737{
738}
739
740int w1_init_netlink(void)
741{
742 return 0;
743}
744
745void w1_fini_netlink(void)
746{
747}
748#endif