Loading...
1// SPDX-License-Identifier: GPL-2.0-or-later
2/*
3 * Copyright (c) 2003 Evgeniy Polyakov <zbr@ioremap.net>
4 */
5
6#include <linux/slab.h>
7#include <linux/skbuff.h>
8#include <linux/netlink.h>
9#include <linux/connector.h>
10
11#include "w1_internal.h"
12#include "w1_netlink.h"
13
14#if defined(CONFIG_W1_CON) && (defined(CONFIG_CONNECTOR) || (defined(CONFIG_CONNECTOR_MODULE) && defined(CONFIG_W1_MODULE)))
15
16/* Bundle together everything required to process a request in one memory
17 * allocation.
18 */
19struct w1_cb_block {
20 atomic_t refcnt;
21 u32 portid; /* Sending process port ID */
22 /* maximum value for first_cn->len */
23 u16 maxlen;
24 /* pointers to building up the reply message */
25 struct cn_msg *first_cn; /* fixed once the structure is populated */
26 struct cn_msg *cn; /* advances as cn_msg is appeneded */
27 struct w1_netlink_msg *msg; /* advances as w1_netlink_msg is appened */
28 struct w1_netlink_cmd *cmd; /* advances as cmds are appened */
29 struct w1_netlink_msg *cur_msg; /* currently message being processed */
30 /* copy of the original request follows */
31 struct cn_msg request_cn;
32 /* followed by variable length:
33 * cn_msg, data (w1_netlink_msg and w1_netlink_cmd)
34 * one or more struct w1_cb_node
35 * reply first_cn, data (w1_netlink_msg and w1_netlink_cmd)
36 */
37};
38struct w1_cb_node {
39 struct w1_async_cmd async;
40 /* pointers within w1_cb_block and cn data */
41 struct w1_cb_block *block;
42 struct w1_netlink_msg *msg;
43 struct w1_slave *sl;
44 struct w1_master *dev;
45};
46
47/**
48 * w1_reply_len() - calculate current reply length, compare to maxlen
49 * @block: block to calculate
50 *
51 * Calculates the current message length including possible multiple
52 * cn_msg and data, excludes the first sizeof(struct cn_msg). Direclty
53 * compariable to maxlen and usable to send the message.
54 */
55static u16 w1_reply_len(struct w1_cb_block *block)
56{
57 if (!block->cn)
58 return 0;
59 return (u8 *)block->cn - (u8 *)block->first_cn + block->cn->len;
60}
61
62static void w1_unref_block(struct w1_cb_block *block)
63{
64 if (atomic_sub_return(1, &block->refcnt) == 0) {
65 u16 len = w1_reply_len(block);
66 if (len) {
67 cn_netlink_send_mult(block->first_cn, len,
68 block->portid, 0,
69 GFP_KERNEL, NULL, NULL);
70 }
71 kfree(block);
72 }
73}
74
75/**
76 * w1_reply_make_space() - send message if needed to make space
77 * @block: block to make space on
78 * @space: how many bytes requested
79 *
80 * Verify there is enough room left for the caller to add "space" bytes to the
81 * message, if there isn't send the message and reset.
82 */
83static void w1_reply_make_space(struct w1_cb_block *block, u16 space)
84{
85 u16 len = w1_reply_len(block);
86 if (len + space >= block->maxlen) {
87 cn_netlink_send_mult(block->first_cn, len, block->portid,
88 0, GFP_KERNEL, NULL, NULL);
89 block->first_cn->len = 0;
90 block->cn = NULL;
91 block->msg = NULL;
92 block->cmd = NULL;
93 }
94}
95
96/* Early send when replies aren't bundled. */
97static void w1_netlink_check_send(struct w1_cb_block *block)
98{
99 if (!(block->request_cn.flags & W1_CN_BUNDLE) && block->cn)
100 w1_reply_make_space(block, block->maxlen);
101}
102
103/**
104 * w1_netlink_setup_msg() - prepare to write block->msg
105 * @block: block to operate on
106 * @ack: determines if cn can be reused
107 *
108 * block->cn will be setup with the correct ack, advancing if needed
109 * block->cn->len does not include space for block->msg
110 * block->msg advances but remains uninitialized
111 */
112static void w1_netlink_setup_msg(struct w1_cb_block *block, u32 ack)
113{
114 if (block->cn && block->cn->ack == ack) {
115 block->msg = (struct w1_netlink_msg *)(block->cn->data + block->cn->len);
116 } else {
117 /* advance or set to data */
118 if (block->cn)
119 block->cn = (struct cn_msg *)(block->cn->data +
120 block->cn->len);
121 else
122 block->cn = block->first_cn;
123
124 memcpy(block->cn, &block->request_cn, sizeof(*block->cn));
125 block->cn->len = 0;
126 block->cn->ack = ack;
127 block->msg = (struct w1_netlink_msg *)block->cn->data;
128 }
129}
130
131/* Append cmd to msg, include cmd->data as well. This is because
132 * any following data goes with the command and in the case of a read is
133 * the results.
134 */
135static void w1_netlink_queue_cmd(struct w1_cb_block *block,
136 struct w1_netlink_cmd *cmd)
137{
138 u32 space;
139 w1_reply_make_space(block, sizeof(struct cn_msg) +
140 sizeof(struct w1_netlink_msg) + sizeof(*cmd) + cmd->len);
141
142 /* There's a status message sent after each command, so no point
143 * in trying to bundle this cmd after an existing one, because
144 * there won't be one. Allocate and copy over a new cn_msg.
145 */
146 w1_netlink_setup_msg(block, block->request_cn.seq + 1);
147 memcpy(block->msg, block->cur_msg, sizeof(*block->msg));
148 block->cn->len += sizeof(*block->msg);
149 block->msg->len = 0;
150 block->cmd = (struct w1_netlink_cmd *)(block->msg->data);
151
152 space = sizeof(*cmd) + cmd->len;
153 if (block->cmd != cmd)
154 memcpy(block->cmd, cmd, space);
155 block->cn->len += space;
156 block->msg->len += space;
157}
158
159/* Append req_msg and req_cmd, no other commands and no data from req_cmd are
160 * copied.
161 */
162static void w1_netlink_queue_status(struct w1_cb_block *block,
163 struct w1_netlink_msg *req_msg, struct w1_netlink_cmd *req_cmd,
164 int error)
165{
166 u16 space = sizeof(struct cn_msg) + sizeof(*req_msg) + sizeof(*req_cmd);
167 w1_reply_make_space(block, space);
168 w1_netlink_setup_msg(block, block->request_cn.ack);
169
170 memcpy(block->msg, req_msg, sizeof(*req_msg));
171 block->cn->len += sizeof(*req_msg);
172 block->msg->len = 0;
173 block->msg->status = (u8)-error;
174 if (req_cmd) {
175 struct w1_netlink_cmd *cmd = (struct w1_netlink_cmd *)block->msg->data;
176 memcpy(cmd, req_cmd, sizeof(*cmd));
177 block->cn->len += sizeof(*cmd);
178 block->msg->len += sizeof(*cmd);
179 cmd->len = 0;
180 }
181 w1_netlink_check_send(block);
182}
183
184/**
185 * w1_netlink_send_error() - sends the error message now
186 * @cn: original cn_msg
187 * @msg: original w1_netlink_msg
188 * @portid: where to send it
189 * @error: error status
190 *
191 * Use when a block isn't available to queue the message to and cn, msg
192 * might not be contiguous.
193 */
194static void w1_netlink_send_error(struct cn_msg *cn, struct w1_netlink_msg *msg,
195 int portid, int error)
196{
197 struct {
198 struct cn_msg cn;
199 struct w1_netlink_msg msg;
200 } packet;
201 memcpy(&packet.cn, cn, sizeof(packet.cn));
202 memcpy(&packet.msg, msg, sizeof(packet.msg));
203 packet.cn.len = sizeof(packet.msg);
204 packet.msg.len = 0;
205 packet.msg.status = (u8)-error;
206 cn_netlink_send(&packet.cn, portid, 0, GFP_KERNEL);
207}
208
209/**
210 * w1_netlink_send() - sends w1 netlink notifications
211 * @dev: w1_master the even is associated with or for
212 * @msg: w1_netlink_msg message to be sent
213 *
214 * This are notifications generated from the kernel.
215 */
216void w1_netlink_send(struct w1_master *dev, struct w1_netlink_msg *msg)
217{
218 struct {
219 struct cn_msg cn;
220 struct w1_netlink_msg msg;
221 } packet;
222 memset(&packet, 0, sizeof(packet));
223
224 packet.cn.id.idx = CN_W1_IDX;
225 packet.cn.id.val = CN_W1_VAL;
226
227 packet.cn.seq = dev->seq++;
228 packet.cn.len = sizeof(*msg);
229
230 memcpy(&packet.msg, msg, sizeof(*msg));
231 packet.msg.len = 0;
232
233 cn_netlink_send(&packet.cn, 0, 0, GFP_KERNEL);
234}
235
236static void w1_send_slave(struct w1_master *dev, u64 rn)
237{
238 struct w1_cb_block *block = dev->priv;
239 struct w1_netlink_cmd *cache_cmd = block->cmd;
240 u64 *data;
241
242 w1_reply_make_space(block, sizeof(*data));
243
244 /* Add cmd back if the packet was sent */
245 if (!block->cmd) {
246 cache_cmd->len = 0;
247 w1_netlink_queue_cmd(block, cache_cmd);
248 }
249
250 data = (u64 *)(block->cmd->data + block->cmd->len);
251
252 *data = rn;
253 block->cn->len += sizeof(*data);
254 block->msg->len += sizeof(*data);
255 block->cmd->len += sizeof(*data);
256}
257
258static void w1_found_send_slave(struct w1_master *dev, u64 rn)
259{
260 /* update kernel slave list */
261 w1_slave_found(dev, rn);
262
263 w1_send_slave(dev, rn);
264}
265
266/* Get the current slave list, or search (with or without alarm) */
267static int w1_get_slaves(struct w1_master *dev, struct w1_netlink_cmd *req_cmd)
268{
269 struct w1_slave *sl;
270
271 req_cmd->len = 0;
272 w1_netlink_queue_cmd(dev->priv, req_cmd);
273
274 if (req_cmd->cmd == W1_CMD_LIST_SLAVES) {
275 u64 rn;
276 mutex_lock(&dev->list_mutex);
277 list_for_each_entry(sl, &dev->slist, w1_slave_entry) {
278 memcpy(&rn, &sl->reg_num, sizeof(rn));
279 w1_send_slave(dev, rn);
280 }
281 mutex_unlock(&dev->list_mutex);
282 } else {
283 w1_search_process_cb(dev, req_cmd->cmd == W1_CMD_ALARM_SEARCH ?
284 W1_ALARM_SEARCH : W1_SEARCH, w1_found_send_slave);
285 }
286
287 return 0;
288}
289
290static int w1_process_command_io(struct w1_master *dev,
291 struct w1_netlink_cmd *cmd)
292{
293 int err = 0;
294
295 switch (cmd->cmd) {
296 case W1_CMD_TOUCH:
297 w1_touch_block(dev, cmd->data, cmd->len);
298 w1_netlink_queue_cmd(dev->priv, cmd);
299 break;
300 case W1_CMD_READ:
301 w1_read_block(dev, cmd->data, cmd->len);
302 w1_netlink_queue_cmd(dev->priv, cmd);
303 break;
304 case W1_CMD_WRITE:
305 w1_write_block(dev, cmd->data, cmd->len);
306 break;
307 default:
308 err = -EINVAL;
309 break;
310 }
311
312 return err;
313}
314
315static int w1_process_command_addremove(struct w1_master *dev,
316 struct w1_netlink_cmd *cmd)
317{
318 struct w1_slave *sl;
319 int err = 0;
320 struct w1_reg_num *id;
321
322 if (cmd->len != sizeof(*id))
323 return -EINVAL;
324
325 id = (struct w1_reg_num *)cmd->data;
326
327 sl = w1_slave_search_device(dev, id);
328 switch (cmd->cmd) {
329 case W1_CMD_SLAVE_ADD:
330 if (sl)
331 err = -EINVAL;
332 else
333 err = w1_attach_slave_device(dev, id);
334 break;
335 case W1_CMD_SLAVE_REMOVE:
336 if (sl)
337 w1_slave_detach(sl);
338 else
339 err = -EINVAL;
340 break;
341 default:
342 err = -EINVAL;
343 break;
344 }
345
346 return err;
347}
348
349static int w1_process_command_master(struct w1_master *dev,
350 struct w1_netlink_cmd *req_cmd)
351{
352 int err = -EINVAL;
353
354 /* drop bus_mutex for search (does it's own locking), and add/remove
355 * which doesn't use the bus
356 */
357 switch (req_cmd->cmd) {
358 case W1_CMD_SEARCH:
359 case W1_CMD_ALARM_SEARCH:
360 case W1_CMD_LIST_SLAVES:
361 mutex_unlock(&dev->bus_mutex);
362 err = w1_get_slaves(dev, req_cmd);
363 mutex_lock(&dev->bus_mutex);
364 break;
365 case W1_CMD_READ:
366 case W1_CMD_WRITE:
367 case W1_CMD_TOUCH:
368 err = w1_process_command_io(dev, req_cmd);
369 break;
370 case W1_CMD_RESET:
371 err = w1_reset_bus(dev);
372 break;
373 case W1_CMD_SLAVE_ADD:
374 case W1_CMD_SLAVE_REMOVE:
375 mutex_unlock(&dev->bus_mutex);
376 mutex_lock(&dev->mutex);
377 err = w1_process_command_addremove(dev, req_cmd);
378 mutex_unlock(&dev->mutex);
379 mutex_lock(&dev->bus_mutex);
380 break;
381 default:
382 err = -EINVAL;
383 break;
384 }
385
386 return err;
387}
388
389static int w1_process_command_slave(struct w1_slave *sl,
390 struct w1_netlink_cmd *cmd)
391{
392 dev_dbg(&sl->master->dev, "%s: %02x.%012llx.%02x: cmd=%02x, len=%u.\n",
393 __func__, sl->reg_num.family, (unsigned long long)sl->reg_num.id,
394 sl->reg_num.crc, cmd->cmd, cmd->len);
395
396 return w1_process_command_io(sl->master, cmd);
397}
398
399static int w1_process_command_root(struct cn_msg *req_cn, u32 portid)
400{
401 struct w1_master *dev;
402 struct cn_msg *cn;
403 struct w1_netlink_msg *msg;
404 u32 *id;
405
406 cn = kmalloc(PAGE_SIZE, GFP_KERNEL);
407 if (!cn)
408 return -ENOMEM;
409
410 cn->id.idx = CN_W1_IDX;
411 cn->id.val = CN_W1_VAL;
412
413 cn->seq = req_cn->seq;
414 cn->ack = req_cn->seq + 1;
415 cn->len = sizeof(struct w1_netlink_msg);
416 msg = (struct w1_netlink_msg *)cn->data;
417
418 msg->type = W1_LIST_MASTERS;
419 msg->status = 0;
420 msg->len = 0;
421 id = (u32 *)msg->data;
422
423 mutex_lock(&w1_mlock);
424 list_for_each_entry(dev, &w1_masters, w1_master_entry) {
425 if (cn->len + sizeof(*id) > PAGE_SIZE - sizeof(struct cn_msg)) {
426 cn_netlink_send(cn, portid, 0, GFP_KERNEL);
427 cn->len = sizeof(struct w1_netlink_msg);
428 msg->len = 0;
429 id = (u32 *)msg->data;
430 }
431
432 *id = dev->id;
433 msg->len += sizeof(*id);
434 cn->len += sizeof(*id);
435 id++;
436 }
437 cn_netlink_send(cn, portid, 0, GFP_KERNEL);
438 mutex_unlock(&w1_mlock);
439
440 kfree(cn);
441 return 0;
442}
443
444static void w1_process_cb(struct w1_master *dev, struct w1_async_cmd *async_cmd)
445{
446 struct w1_cb_node *node = container_of(async_cmd, struct w1_cb_node,
447 async);
448 u16 mlen = node->msg->len;
449 u16 len;
450 int err = 0;
451 struct w1_slave *sl = node->sl;
452 struct w1_netlink_cmd *cmd = (struct w1_netlink_cmd *)node->msg->data;
453
454 mutex_lock(&dev->bus_mutex);
455 dev->priv = node->block;
456 if (sl && w1_reset_select_slave(sl))
457 err = -ENODEV;
458 node->block->cur_msg = node->msg;
459
460 while (mlen && !err) {
461 if (cmd->len + sizeof(struct w1_netlink_cmd) > mlen) {
462 err = -E2BIG;
463 break;
464 }
465
466 if (sl)
467 err = w1_process_command_slave(sl, cmd);
468 else
469 err = w1_process_command_master(dev, cmd);
470 w1_netlink_check_send(node->block);
471
472 w1_netlink_queue_status(node->block, node->msg, cmd, err);
473 err = 0;
474
475 len = sizeof(*cmd) + cmd->len;
476 cmd = (struct w1_netlink_cmd *)((u8 *)cmd + len);
477 mlen -= len;
478 }
479
480 if (!cmd || err)
481 w1_netlink_queue_status(node->block, node->msg, cmd, err);
482
483 /* ref taken in w1_search_slave or w1_search_master_id when building
484 * the block
485 */
486 if (sl)
487 w1_unref_slave(sl);
488 else
489 atomic_dec(&dev->refcnt);
490 dev->priv = NULL;
491 mutex_unlock(&dev->bus_mutex);
492
493 mutex_lock(&dev->list_mutex);
494 list_del(&async_cmd->async_entry);
495 mutex_unlock(&dev->list_mutex);
496
497 w1_unref_block(node->block);
498}
499
500static void w1_list_count_cmds(struct w1_netlink_msg *msg, int *cmd_count,
501 u16 *slave_len)
502{
503 struct w1_netlink_cmd *cmd = (struct w1_netlink_cmd *)msg->data;
504 u16 mlen = msg->len;
505 u16 len;
506 int slave_list = 0;
507 while (mlen) {
508 if (cmd->len + sizeof(struct w1_netlink_cmd) > mlen)
509 break;
510
511 switch (cmd->cmd) {
512 case W1_CMD_SEARCH:
513 case W1_CMD_ALARM_SEARCH:
514 case W1_CMD_LIST_SLAVES:
515 ++slave_list;
516 }
517 ++*cmd_count;
518 len = sizeof(*cmd) + cmd->len;
519 cmd = (struct w1_netlink_cmd *)((u8 *)cmd + len);
520 mlen -= len;
521 }
522
523 if (slave_list) {
524 struct w1_master *dev = w1_search_master_id(msg->id.mst.id);
525 if (dev) {
526 /* Bytes, and likely an overstimate, and if it isn't
527 * the results can still be split between packets.
528 */
529 *slave_len += sizeof(struct w1_reg_num) * slave_list *
530 (dev->slave_count + dev->max_slave_count);
531 /* search incremented it */
532 atomic_dec(&dev->refcnt);
533 }
534 }
535}
536
537static void w1_cn_callback(struct cn_msg *cn, struct netlink_skb_parms *nsp)
538{
539 struct w1_netlink_msg *msg = (struct w1_netlink_msg *)(cn + 1);
540 struct w1_slave *sl;
541 struct w1_master *dev;
542 u16 msg_len;
543 u16 slave_len = 0;
544 int err = 0;
545 struct w1_cb_block *block = NULL;
546 struct w1_cb_node *node = NULL;
547 int node_count = 0;
548 int cmd_count = 0;
549
550 /* If any unknown flag is set let the application know, that way
551 * applications can detect the absence of features in kernels that
552 * don't know about them. http://lwn.net/Articles/587527/
553 */
554 if (cn->flags & ~(W1_CN_BUNDLE)) {
555 w1_netlink_send_error(cn, msg, nsp->portid, -EINVAL);
556 return;
557 }
558
559 /* Count the number of master or slave commands there are to allocate
560 * space for one cb_node each.
561 */
562 msg_len = cn->len;
563 while (msg_len && !err) {
564 if (msg->len + sizeof(struct w1_netlink_msg) > msg_len) {
565 err = -E2BIG;
566 break;
567 }
568
569 /* count messages for nodes and allocate any additional space
570 * required for slave lists
571 */
572 if (msg->type == W1_MASTER_CMD || msg->type == W1_SLAVE_CMD) {
573 ++node_count;
574 w1_list_count_cmds(msg, &cmd_count, &slave_len);
575 }
576
577 msg_len -= sizeof(struct w1_netlink_msg) + msg->len;
578 msg = (struct w1_netlink_msg *)(((u8 *)msg) +
579 sizeof(struct w1_netlink_msg) + msg->len);
580 }
581 msg = (struct w1_netlink_msg *)(cn + 1);
582 if (node_count) {
583 int size;
584 int reply_size = sizeof(*cn) + cn->len + slave_len;
585 if (cn->flags & W1_CN_BUNDLE) {
586 /* bundling duplicats some of the messages */
587 reply_size += 2 * cmd_count * (sizeof(struct cn_msg) +
588 sizeof(struct w1_netlink_msg) +
589 sizeof(struct w1_netlink_cmd));
590 }
591 reply_size = min(CONNECTOR_MAX_MSG_SIZE, reply_size);
592
593 /* allocate space for the block, a copy of the original message,
594 * one node per cmd to point into the original message,
595 * space for replies which is the original message size plus
596 * space for any list slave data and status messages
597 * cn->len doesn't include itself which is part of the block
598 * */
599 size = /* block + original message */
600 sizeof(struct w1_cb_block) + sizeof(*cn) + cn->len +
601 /* space for nodes */
602 node_count * sizeof(struct w1_cb_node) +
603 /* replies */
604 sizeof(struct cn_msg) + reply_size;
605 block = kzalloc(size, GFP_KERNEL);
606 if (!block) {
607 /* if the system is already out of memory,
608 * (A) will this work, and (B) would it be better
609 * to not try?
610 */
611 w1_netlink_send_error(cn, msg, nsp->portid, -ENOMEM);
612 return;
613 }
614 atomic_set(&block->refcnt, 1);
615 block->portid = nsp->portid;
616 block->request_cn = *cn;
617 memcpy(block->request_cn.data, cn->data, cn->len);
618 node = (struct w1_cb_node *)(block->request_cn.data + cn->len);
619
620 /* Sneeky, when not bundling, reply_size is the allocated space
621 * required for the reply, cn_msg isn't part of maxlen so
622 * it should be reply_size - sizeof(struct cn_msg), however
623 * when checking if there is enough space, w1_reply_make_space
624 * is called with the full message size including cn_msg,
625 * because it isn't known at that time if an additional cn_msg
626 * will need to be allocated. So an extra cn_msg is added
627 * above in "size".
628 */
629 block->maxlen = reply_size;
630 block->first_cn = (struct cn_msg *)(node + node_count);
631 memset(block->first_cn, 0, sizeof(*block->first_cn));
632 }
633
634 msg_len = cn->len;
635 while (msg_len && !err) {
636
637 dev = NULL;
638 sl = NULL;
639
640 if (msg->len + sizeof(struct w1_netlink_msg) > msg_len) {
641 err = -E2BIG;
642 break;
643 }
644
645 /* execute on this thread, no need to process later */
646 if (msg->type == W1_LIST_MASTERS) {
647 err = w1_process_command_root(cn, nsp->portid);
648 goto out_cont;
649 }
650
651 /* All following message types require additional data,
652 * check here before references are taken.
653 */
654 if (!msg->len) {
655 err = -EPROTO;
656 goto out_cont;
657 }
658
659 /* both search calls take references */
660 if (msg->type == W1_MASTER_CMD) {
661 dev = w1_search_master_id(msg->id.mst.id);
662 } else if (msg->type == W1_SLAVE_CMD) {
663 sl = w1_search_slave((struct w1_reg_num *)msg->id.id);
664 if (sl)
665 dev = sl->master;
666 } else {
667 pr_notice("%s: cn: %x.%x, wrong type: %u, len: %u.\n",
668 __func__, cn->id.idx, cn->id.val,
669 msg->type, msg->len);
670 err = -EPROTO;
671 goto out_cont;
672 }
673
674 if (!dev) {
675 err = -ENODEV;
676 goto out_cont;
677 }
678
679 err = 0;
680
681 atomic_inc(&block->refcnt);
682 node->async.cb = w1_process_cb;
683 node->block = block;
684 node->msg = (struct w1_netlink_msg *)((u8 *)&block->request_cn +
685 (size_t)((u8 *)msg - (u8 *)cn));
686 node->sl = sl;
687 node->dev = dev;
688
689 mutex_lock(&dev->list_mutex);
690 list_add_tail(&node->async.async_entry, &dev->async_list);
691 wake_up_process(dev->thread);
692 mutex_unlock(&dev->list_mutex);
693 ++node;
694
695out_cont:
696 /* Can't queue because that modifies block and another
697 * thread could be processing the messages by now and
698 * there isn't a lock, send directly.
699 */
700 if (err)
701 w1_netlink_send_error(cn, msg, nsp->portid, err);
702 msg_len -= sizeof(struct w1_netlink_msg) + msg->len;
703 msg = (struct w1_netlink_msg *)(((u8 *)msg) +
704 sizeof(struct w1_netlink_msg) + msg->len);
705
706 /*
707 * Let's allow requests for nonexisting devices.
708 */
709 if (err == -ENODEV)
710 err = 0;
711 }
712 if (block)
713 w1_unref_block(block);
714}
715
716int w1_init_netlink(void)
717{
718 struct cb_id w1_id = {.idx = CN_W1_IDX, .val = CN_W1_VAL};
719
720 return cn_add_callback(&w1_id, "w1", &w1_cn_callback);
721}
722
723void w1_fini_netlink(void)
724{
725 struct cb_id w1_id = {.idx = CN_W1_IDX, .val = CN_W1_VAL};
726
727 cn_del_callback(&w1_id);
728}
729#else
730void w1_netlink_send(struct w1_master *dev, struct w1_netlink_msg *cn)
731{
732}
733
734int w1_init_netlink(void)
735{
736 return 0;
737}
738
739void w1_fini_netlink(void)
740{
741}
742#endif
1/*
2 * w1_netlink.c
3 *
4 * Copyright (c) 2003 Evgeniy Polyakov <zbr@ioremap.net>
5 *
6 *
7 * This program is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 2 of the License, or
10 * (at your option) any later version.
11 *
12 * This program is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License
18 * along with this program; if not, write to the Free Software
19 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
20 */
21
22#include <linux/slab.h>
23#include <linux/skbuff.h>
24#include <linux/netlink.h>
25#include <linux/connector.h>
26
27#include "w1.h"
28#include "w1_log.h"
29#include "w1_netlink.h"
30
31#if defined(CONFIG_W1_CON) && (defined(CONFIG_CONNECTOR) || (defined(CONFIG_CONNECTOR_MODULE) && defined(CONFIG_W1_MODULE)))
32void w1_netlink_send(struct w1_master *dev, struct w1_netlink_msg *msg)
33{
34 char buf[sizeof(struct cn_msg) + sizeof(struct w1_netlink_msg)];
35 struct cn_msg *m = (struct cn_msg *)buf;
36 struct w1_netlink_msg *w = (struct w1_netlink_msg *)(m+1);
37
38 memset(buf, 0, sizeof(buf));
39
40 m->id.idx = CN_W1_IDX;
41 m->id.val = CN_W1_VAL;
42
43 m->seq = dev->seq++;
44 m->len = sizeof(struct w1_netlink_msg);
45
46 memcpy(w, msg, sizeof(struct w1_netlink_msg));
47
48 cn_netlink_send(m, 0, GFP_KERNEL);
49}
50
51static void w1_send_slave(struct w1_master *dev, u64 rn)
52{
53 struct cn_msg *msg = dev->priv;
54 struct w1_netlink_msg *hdr = (struct w1_netlink_msg *)(msg + 1);
55 struct w1_netlink_cmd *cmd = (struct w1_netlink_cmd *)(hdr + 1);
56 int avail;
57
58 /* update kernel slave list */
59 w1_slave_found(dev, rn);
60
61 avail = dev->priv_size - cmd->len;
62
63 if (avail > 8) {
64 u64 *data = (void *)(cmd + 1) + cmd->len;
65
66 *data = rn;
67 cmd->len += 8;
68 hdr->len += 8;
69 msg->len += 8;
70 return;
71 }
72
73 msg->ack++;
74 cn_netlink_send(msg, 0, GFP_KERNEL);
75
76 msg->len = sizeof(struct w1_netlink_msg) + sizeof(struct w1_netlink_cmd);
77 hdr->len = sizeof(struct w1_netlink_cmd);
78 cmd->len = 0;
79}
80
81static int w1_process_search_command(struct w1_master *dev, struct cn_msg *msg,
82 unsigned int avail)
83{
84 struct w1_netlink_msg *hdr = (struct w1_netlink_msg *)(msg + 1);
85 struct w1_netlink_cmd *cmd = (struct w1_netlink_cmd *)(hdr + 1);
86 int search_type = (cmd->cmd == W1_CMD_ALARM_SEARCH)?W1_ALARM_SEARCH:W1_SEARCH;
87
88 dev->priv = msg;
89 dev->priv_size = avail;
90
91 w1_search_process_cb(dev, search_type, w1_send_slave);
92
93 msg->ack = 0;
94 cn_netlink_send(msg, 0, GFP_KERNEL);
95
96 dev->priv = NULL;
97 dev->priv_size = 0;
98
99 return 0;
100}
101
102static int w1_send_read_reply(struct cn_msg *msg, struct w1_netlink_msg *hdr,
103 struct w1_netlink_cmd *cmd)
104{
105 void *data;
106 struct w1_netlink_msg *h;
107 struct w1_netlink_cmd *c;
108 struct cn_msg *cm;
109 int err;
110
111 data = kzalloc(sizeof(struct cn_msg) +
112 sizeof(struct w1_netlink_msg) +
113 sizeof(struct w1_netlink_cmd) +
114 cmd->len, GFP_KERNEL);
115 if (!data)
116 return -ENOMEM;
117
118 cm = (struct cn_msg *)(data);
119 h = (struct w1_netlink_msg *)(cm + 1);
120 c = (struct w1_netlink_cmd *)(h + 1);
121
122 memcpy(cm, msg, sizeof(struct cn_msg));
123 memcpy(h, hdr, sizeof(struct w1_netlink_msg));
124 memcpy(c, cmd, sizeof(struct w1_netlink_cmd));
125
126 cm->ack = msg->seq+1;
127 cm->len = sizeof(struct w1_netlink_msg) +
128 sizeof(struct w1_netlink_cmd) + cmd->len;
129
130 h->len = sizeof(struct w1_netlink_cmd) + cmd->len;
131
132 memcpy(c->data, cmd->data, c->len);
133
134 err = cn_netlink_send(cm, 0, GFP_KERNEL);
135
136 kfree(data);
137
138 return err;
139}
140
141static int w1_process_command_io(struct w1_master *dev, struct cn_msg *msg,
142 struct w1_netlink_msg *hdr, struct w1_netlink_cmd *cmd)
143{
144 int err = 0;
145
146 switch (cmd->cmd) {
147 case W1_CMD_TOUCH:
148 w1_touch_block(dev, cmd->data, cmd->len);
149 w1_send_read_reply(msg, hdr, cmd);
150 break;
151 case W1_CMD_READ:
152 w1_read_block(dev, cmd->data, cmd->len);
153 w1_send_read_reply(msg, hdr, cmd);
154 break;
155 case W1_CMD_WRITE:
156 w1_write_block(dev, cmd->data, cmd->len);
157 break;
158 default:
159 err = -EINVAL;
160 break;
161 }
162
163 return err;
164}
165
166static int w1_process_command_master(struct w1_master *dev, struct cn_msg *req_msg,
167 struct w1_netlink_msg *req_hdr, struct w1_netlink_cmd *req_cmd)
168{
169 int err = -EINVAL;
170 struct cn_msg *msg;
171 struct w1_netlink_msg *hdr;
172 struct w1_netlink_cmd *cmd;
173
174 msg = kzalloc(PAGE_SIZE, GFP_KERNEL);
175 if (!msg)
176 return -ENOMEM;
177
178 msg->id = req_msg->id;
179 msg->seq = req_msg->seq;
180 msg->ack = 0;
181 msg->len = sizeof(struct w1_netlink_msg) + sizeof(struct w1_netlink_cmd);
182
183 hdr = (struct w1_netlink_msg *)(msg + 1);
184 cmd = (struct w1_netlink_cmd *)(hdr + 1);
185
186 hdr->type = W1_MASTER_CMD;
187 hdr->id = req_hdr->id;
188 hdr->len = sizeof(struct w1_netlink_cmd);
189
190 cmd->cmd = req_cmd->cmd;
191 cmd->len = 0;
192
193 switch (cmd->cmd) {
194 case W1_CMD_SEARCH:
195 case W1_CMD_ALARM_SEARCH:
196 err = w1_process_search_command(dev, msg,
197 PAGE_SIZE - msg->len - sizeof(struct cn_msg));
198 break;
199 case W1_CMD_READ:
200 case W1_CMD_WRITE:
201 case W1_CMD_TOUCH:
202 err = w1_process_command_io(dev, req_msg, req_hdr, req_cmd);
203 break;
204 case W1_CMD_RESET:
205 err = w1_reset_bus(dev);
206 break;
207 default:
208 err = -EINVAL;
209 break;
210 }
211
212 kfree(msg);
213 return err;
214}
215
216static int w1_process_command_slave(struct w1_slave *sl, struct cn_msg *msg,
217 struct w1_netlink_msg *hdr, struct w1_netlink_cmd *cmd)
218{
219 dev_dbg(&sl->master->dev, "%s: %02x.%012llx.%02x: cmd=%02x, len=%u.\n",
220 __func__, sl->reg_num.family, (unsigned long long)sl->reg_num.id,
221 sl->reg_num.crc, cmd->cmd, cmd->len);
222
223 return w1_process_command_io(sl->master, msg, hdr, cmd);
224}
225
226static int w1_process_command_root(struct cn_msg *msg, struct w1_netlink_msg *mcmd)
227{
228 struct w1_master *m;
229 struct cn_msg *cn;
230 struct w1_netlink_msg *w;
231 u32 *id;
232
233 if (mcmd->type != W1_LIST_MASTERS) {
234 printk(KERN_NOTICE "%s: msg: %x.%x, wrong type: %u, len: %u.\n",
235 __func__, msg->id.idx, msg->id.val, mcmd->type, mcmd->len);
236 return -EPROTO;
237 }
238
239 cn = kmalloc(PAGE_SIZE, GFP_KERNEL);
240 if (!cn)
241 return -ENOMEM;
242
243 cn->id.idx = CN_W1_IDX;
244 cn->id.val = CN_W1_VAL;
245
246 cn->seq = msg->seq;
247 cn->ack = 1;
248 cn->len = sizeof(struct w1_netlink_msg);
249 w = (struct w1_netlink_msg *)(cn + 1);
250
251 w->type = W1_LIST_MASTERS;
252 w->status = 0;
253 w->len = 0;
254 id = (u32 *)(w + 1);
255
256 mutex_lock(&w1_mlock);
257 list_for_each_entry(m, &w1_masters, w1_master_entry) {
258 if (cn->len + sizeof(*id) > PAGE_SIZE - sizeof(struct cn_msg)) {
259 cn_netlink_send(cn, 0, GFP_KERNEL);
260 cn->ack++;
261 cn->len = sizeof(struct w1_netlink_msg);
262 w->len = 0;
263 id = (u32 *)(w + 1);
264 }
265
266 *id = m->id;
267 w->len += sizeof(*id);
268 cn->len += sizeof(*id);
269 id++;
270 }
271 cn->ack = 0;
272 cn_netlink_send(cn, 0, GFP_KERNEL);
273 mutex_unlock(&w1_mlock);
274
275 kfree(cn);
276 return 0;
277}
278
279static int w1_netlink_send_error(struct cn_msg *rcmsg, struct w1_netlink_msg *rmsg,
280 struct w1_netlink_cmd *rcmd, int error)
281{
282 struct cn_msg *cmsg;
283 struct w1_netlink_msg *msg;
284 struct w1_netlink_cmd *cmd;
285
286 cmsg = kzalloc(sizeof(*msg) + sizeof(*cmd) + sizeof(*cmsg), GFP_KERNEL);
287 if (!cmsg)
288 return -ENOMEM;
289
290 msg = (struct w1_netlink_msg *)(cmsg + 1);
291 cmd = (struct w1_netlink_cmd *)(msg + 1);
292
293 memcpy(cmsg, rcmsg, sizeof(*cmsg));
294 cmsg->len = sizeof(*msg);
295
296 memcpy(msg, rmsg, sizeof(*msg));
297 msg->len = 0;
298 msg->status = (short)-error;
299
300 if (rcmd) {
301 memcpy(cmd, rcmd, sizeof(*cmd));
302 cmd->len = 0;
303 msg->len += sizeof(*cmd);
304 cmsg->len += sizeof(*cmd);
305 }
306
307 error = cn_netlink_send(cmsg, 0, GFP_KERNEL);
308 kfree(cmsg);
309
310 return error;
311}
312
313static void w1_cn_callback(struct cn_msg *msg, struct netlink_skb_parms *nsp)
314{
315 struct w1_netlink_msg *m = (struct w1_netlink_msg *)(msg + 1);
316 struct w1_netlink_cmd *cmd;
317 struct w1_slave *sl;
318 struct w1_master *dev;
319 int err = 0;
320
321 while (msg->len && !err) {
322 struct w1_reg_num id;
323 u16 mlen = m->len;
324 u8 *cmd_data = m->data;
325
326 dev = NULL;
327 sl = NULL;
328 cmd = NULL;
329
330 memcpy(&id, m->id.id, sizeof(id));
331#if 0
332 printk("%s: %02x.%012llx.%02x: type=%02x, len=%u.\n",
333 __func__, id.family, (unsigned long long)id.id, id.crc, m->type, m->len);
334#endif
335 if (m->len + sizeof(struct w1_netlink_msg) > msg->len) {
336 err = -E2BIG;
337 break;
338 }
339
340 if (m->type == W1_MASTER_CMD) {
341 dev = w1_search_master_id(m->id.mst.id);
342 } else if (m->type == W1_SLAVE_CMD) {
343 sl = w1_search_slave(&id);
344 if (sl)
345 dev = sl->master;
346 } else {
347 err = w1_process_command_root(msg, m);
348 goto out_cont;
349 }
350
351 if (!dev) {
352 err = -ENODEV;
353 goto out_cont;
354 }
355
356 err = 0;
357 if (!mlen)
358 goto out_cont;
359
360 mutex_lock(&dev->mutex);
361
362 if (sl && w1_reset_select_slave(sl)) {
363 err = -ENODEV;
364 goto out_up;
365 }
366
367 while (mlen) {
368 cmd = (struct w1_netlink_cmd *)cmd_data;
369
370 if (cmd->len + sizeof(struct w1_netlink_cmd) > mlen) {
371 err = -E2BIG;
372 break;
373 }
374
375 if (sl)
376 err = w1_process_command_slave(sl, msg, m, cmd);
377 else
378 err = w1_process_command_master(dev, msg, m, cmd);
379
380 w1_netlink_send_error(msg, m, cmd, err);
381 err = 0;
382
383 cmd_data += cmd->len + sizeof(struct w1_netlink_cmd);
384 mlen -= cmd->len + sizeof(struct w1_netlink_cmd);
385 }
386out_up:
387 atomic_dec(&dev->refcnt);
388 if (sl)
389 atomic_dec(&sl->refcnt);
390 mutex_unlock(&dev->mutex);
391out_cont:
392 if (!cmd || err)
393 w1_netlink_send_error(msg, m, cmd, err);
394 msg->len -= sizeof(struct w1_netlink_msg) + m->len;
395 m = (struct w1_netlink_msg *)(((u8 *)m) + sizeof(struct w1_netlink_msg) + m->len);
396
397 /*
398 * Let's allow requests for nonexisting devices.
399 */
400 if (err == -ENODEV)
401 err = 0;
402 }
403}
404
405int w1_init_netlink(void)
406{
407 struct cb_id w1_id = {.idx = CN_W1_IDX, .val = CN_W1_VAL};
408
409 return cn_add_callback(&w1_id, "w1", &w1_cn_callback);
410}
411
412void w1_fini_netlink(void)
413{
414 struct cb_id w1_id = {.idx = CN_W1_IDX, .val = CN_W1_VAL};
415
416 cn_del_callback(&w1_id);
417}
418#else
419void w1_netlink_send(struct w1_master *dev, struct w1_netlink_msg *msg)
420{
421}
422
423int w1_init_netlink(void)
424{
425 return 0;
426}
427
428void w1_fini_netlink(void)
429{
430}
431#endif