dvb_ca_en50221.c (47935B)
1// SPDX-License-Identifier: GPL-2.0-or-later 2/* 3 * dvb_ca.c: generic DVB functions for EN50221 CAM interfaces 4 * 5 * Copyright (C) 2004 Andrew de Quincey 6 * 7 * Parts of this file were based on sources as follows: 8 * 9 * Copyright (C) 2003 Ralph Metzler <rjkm@metzlerbros.de> 10 * 11 * based on code: 12 * 13 * Copyright (C) 1999-2002 Ralph Metzler 14 * & Marcus Metzler for convergence integrated media GmbH 15 */ 16 17#define pr_fmt(fmt) "dvb_ca_en50221: " fmt 18 19#include <linux/errno.h> 20#include <linux/slab.h> 21#include <linux/list.h> 22#include <linux/module.h> 23#include <linux/nospec.h> 24#include <linux/vmalloc.h> 25#include <linux/delay.h> 26#include <linux/spinlock.h> 27#include <linux/sched/signal.h> 28#include <linux/kthread.h> 29 30#include <media/dvb_ca_en50221.h> 31#include <media/dvb_ringbuffer.h> 32 33static int dvb_ca_en50221_debug; 34 35module_param_named(cam_debug, dvb_ca_en50221_debug, int, 0644); 36MODULE_PARM_DESC(cam_debug, "enable verbose debug messages"); 37 38#define dprintk(fmt, arg...) do { \ 39 if (dvb_ca_en50221_debug) \ 40 printk(KERN_DEBUG pr_fmt("%s: " fmt), __func__, ##arg);\ 41} while (0) 42 43#define INIT_TIMEOUT_SECS 10 44 45#define HOST_LINK_BUF_SIZE 0x200 46 47#define RX_BUFFER_SIZE 65535 48 49#define MAX_RX_PACKETS_PER_ITERATION 10 50 51#define CTRLIF_DATA 0 52#define CTRLIF_COMMAND 1 53#define CTRLIF_STATUS 1 54#define CTRLIF_SIZE_LOW 2 55#define CTRLIF_SIZE_HIGH 3 56 57#define CMDREG_HC 1 /* Host control */ 58#define CMDREG_SW 2 /* Size write */ 59#define CMDREG_SR 4 /* Size read */ 60#define CMDREG_RS 8 /* Reset interface */ 61#define CMDREG_FRIE 0x40 /* Enable FR interrupt */ 62#define CMDREG_DAIE 0x80 /* Enable DA interrupt */ 63#define IRQEN (CMDREG_DAIE) 64 65#define STATUSREG_RE 1 /* read error */ 66#define STATUSREG_WE 2 /* write error */ 67#define STATUSREG_FR 0x40 /* module free */ 68#define STATUSREG_DA 0x80 /* data available */ 69 70#define DVB_CA_SLOTSTATE_NONE 0 71#define DVB_CA_SLOTSTATE_UNINITIALISED 1 72#define DVB_CA_SLOTSTATE_RUNNING 2 73#define DVB_CA_SLOTSTATE_INVALID 3 74#define DVB_CA_SLOTSTATE_WAITREADY 4 75#define DVB_CA_SLOTSTATE_VALIDATE 5 76#define DVB_CA_SLOTSTATE_WAITFR 6 77#define DVB_CA_SLOTSTATE_LINKINIT 7 78 79/* Information on a CA slot */ 80struct dvb_ca_slot { 81 /* current state of the CAM */ 82 int slot_state; 83 84 /* mutex used for serializing access to one CI slot */ 85 struct mutex slot_lock; 86 87 /* Number of CAMCHANGES that have occurred since last processing */ 88 atomic_t camchange_count; 89 90 /* Type of last CAMCHANGE */ 91 int camchange_type; 92 93 /* base address of CAM config */ 94 u32 config_base; 95 96 /* value to write into Config Control register */ 97 u8 config_option; 98 99 /* if 1, the CAM supports DA IRQs */ 100 u8 da_irq_supported:1; 101 102 /* size of the buffer to use when talking to the CAM */ 103 int link_buf_size; 104 105 /* buffer for incoming packets */ 106 struct dvb_ringbuffer rx_buffer; 107 108 /* timer used during various states of the slot */ 109 unsigned long timeout; 110}; 111 112/* Private CA-interface information */ 113struct dvb_ca_private { 114 struct kref refcount; 115 116 /* pointer back to the public data structure */ 117 struct dvb_ca_en50221 *pub; 118 119 /* the DVB device */ 120 struct dvb_device *dvbdev; 121 122 /* Flags describing the interface (DVB_CA_FLAG_*) */ 123 u32 flags; 124 125 /* number of slots supported by this CA interface */ 126 unsigned int slot_count; 127 128 /* information on each slot */ 129 struct dvb_ca_slot *slot_info; 130 131 /* wait queues for read() and write() operations */ 132 wait_queue_head_t wait_queue; 133 134 /* PID of the monitoring thread */ 135 struct task_struct *thread; 136 137 /* Flag indicating if the CA device is open */ 138 unsigned int open:1; 139 140 /* Flag indicating the thread should wake up now */ 141 unsigned int wakeup:1; 142 143 /* Delay the main thread should use */ 144 unsigned long delay; 145 146 /* 147 * Slot to start looking for data to read from in the next user-space 148 * read operation 149 */ 150 int next_read_slot; 151 152 /* mutex serializing ioctls */ 153 struct mutex ioctl_mutex; 154}; 155 156static void dvb_ca_private_free(struct dvb_ca_private *ca) 157{ 158 unsigned int i; 159 160 dvb_free_device(ca->dvbdev); 161 for (i = 0; i < ca->slot_count; i++) 162 vfree(ca->slot_info[i].rx_buffer.data); 163 164 kfree(ca->slot_info); 165 kfree(ca); 166} 167 168static void dvb_ca_private_release(struct kref *ref) 169{ 170 struct dvb_ca_private *ca; 171 172 ca = container_of(ref, struct dvb_ca_private, refcount); 173 dvb_ca_private_free(ca); 174} 175 176static void dvb_ca_private_get(struct dvb_ca_private *ca) 177{ 178 kref_get(&ca->refcount); 179} 180 181static void dvb_ca_private_put(struct dvb_ca_private *ca) 182{ 183 kref_put(&ca->refcount, dvb_ca_private_release); 184} 185 186static void dvb_ca_en50221_thread_wakeup(struct dvb_ca_private *ca); 187static int dvb_ca_en50221_read_data(struct dvb_ca_private *ca, int slot, 188 u8 *ebuf, int ecount); 189static int dvb_ca_en50221_write_data(struct dvb_ca_private *ca, int slot, 190 u8 *ebuf, int ecount); 191 192/** 193 * findstr - Safely find needle in haystack. 194 * 195 * @haystack: Buffer to look in. 196 * @hlen: Number of bytes in haystack. 197 * @needle: Buffer to find. 198 * @nlen: Number of bytes in needle. 199 * return: Pointer into haystack needle was found at, or NULL if not found. 200 */ 201static char *findstr(char *haystack, int hlen, char *needle, int nlen) 202{ 203 int i; 204 205 if (hlen < nlen) 206 return NULL; 207 208 for (i = 0; i <= hlen - nlen; i++) { 209 if (!strncmp(haystack + i, needle, nlen)) 210 return haystack + i; 211 } 212 213 return NULL; 214} 215 216/* ************************************************************************** */ 217/* EN50221 physical interface functions */ 218 219/* 220 * dvb_ca_en50221_check_camstatus - Check CAM status. 221 */ 222static int dvb_ca_en50221_check_camstatus(struct dvb_ca_private *ca, int slot) 223{ 224 struct dvb_ca_slot *sl = &ca->slot_info[slot]; 225 int slot_status; 226 int cam_present_now; 227 int cam_changed; 228 229 /* IRQ mode */ 230 if (ca->flags & DVB_CA_EN50221_FLAG_IRQ_CAMCHANGE) 231 return (atomic_read(&sl->camchange_count) != 0); 232 233 /* poll mode */ 234 slot_status = ca->pub->poll_slot_status(ca->pub, slot, ca->open); 235 236 cam_present_now = (slot_status & DVB_CA_EN50221_POLL_CAM_PRESENT) ? 1 : 0; 237 cam_changed = (slot_status & DVB_CA_EN50221_POLL_CAM_CHANGED) ? 1 : 0; 238 if (!cam_changed) { 239 int cam_present_old = (sl->slot_state != DVB_CA_SLOTSTATE_NONE); 240 241 cam_changed = (cam_present_now != cam_present_old); 242 } 243 244 if (cam_changed) { 245 if (!cam_present_now) 246 sl->camchange_type = DVB_CA_EN50221_CAMCHANGE_REMOVED; 247 else 248 sl->camchange_type = DVB_CA_EN50221_CAMCHANGE_INSERTED; 249 atomic_set(&sl->camchange_count, 1); 250 } else { 251 if ((sl->slot_state == DVB_CA_SLOTSTATE_WAITREADY) && 252 (slot_status & DVB_CA_EN50221_POLL_CAM_READY)) { 253 /* move to validate state if reset is completed */ 254 sl->slot_state = DVB_CA_SLOTSTATE_VALIDATE; 255 } 256 } 257 258 return cam_changed; 259} 260 261/** 262 * dvb_ca_en50221_wait_if_status - Wait for flags to become set on the STATUS 263 * register on a CAM interface, checking for errors and timeout. 264 * 265 * @ca: CA instance. 266 * @slot: Slot on interface. 267 * @waitfor: Flags to wait for. 268 * @timeout_hz: Timeout in milliseconds. 269 * 270 * return: 0 on success, nonzero on error. 271 */ 272static int dvb_ca_en50221_wait_if_status(struct dvb_ca_private *ca, int slot, 273 u8 waitfor, int timeout_hz) 274{ 275 unsigned long timeout; 276 unsigned long start; 277 278 dprintk("%s\n", __func__); 279 280 /* loop until timeout elapsed */ 281 start = jiffies; 282 timeout = jiffies + timeout_hz; 283 while (1) { 284 int res; 285 286 /* read the status and check for error */ 287 res = ca->pub->read_cam_control(ca->pub, slot, CTRLIF_STATUS); 288 if (res < 0) 289 return -EIO; 290 291 /* if we got the flags, it was successful! */ 292 if (res & waitfor) { 293 dprintk("%s succeeded timeout:%lu\n", 294 __func__, jiffies - start); 295 return 0; 296 } 297 298 /* check for timeout */ 299 if (time_after(jiffies, timeout)) 300 break; 301 302 /* wait for a bit */ 303 usleep_range(1000, 1100); 304 } 305 306 dprintk("%s failed timeout:%lu\n", __func__, jiffies - start); 307 308 /* if we get here, we've timed out */ 309 return -ETIMEDOUT; 310} 311 312/** 313 * dvb_ca_en50221_link_init - Initialise the link layer connection to a CAM. 314 * 315 * @ca: CA instance. 316 * @slot: Slot id. 317 * 318 * return: 0 on success, nonzero on failure. 319 */ 320static int dvb_ca_en50221_link_init(struct dvb_ca_private *ca, int slot) 321{ 322 struct dvb_ca_slot *sl = &ca->slot_info[slot]; 323 int ret; 324 int buf_size; 325 u8 buf[2]; 326 327 dprintk("%s\n", __func__); 328 329 /* we'll be determining these during this function */ 330 sl->da_irq_supported = 0; 331 332 /* 333 * set the host link buffer size temporarily. it will be overwritten 334 * with the real negotiated size later. 335 */ 336 sl->link_buf_size = 2; 337 338 /* read the buffer size from the CAM */ 339 ret = ca->pub->write_cam_control(ca->pub, slot, CTRLIF_COMMAND, 340 IRQEN | CMDREG_SR); 341 if (ret) 342 return ret; 343 ret = dvb_ca_en50221_wait_if_status(ca, slot, STATUSREG_DA, HZ); 344 if (ret) 345 return ret; 346 ret = dvb_ca_en50221_read_data(ca, slot, buf, 2); 347 if (ret != 2) 348 return -EIO; 349 ret = ca->pub->write_cam_control(ca->pub, slot, CTRLIF_COMMAND, IRQEN); 350 if (ret) 351 return ret; 352 353 /* 354 * store it, and choose the minimum of our buffer and the CAM's buffer 355 * size 356 */ 357 buf_size = (buf[0] << 8) | buf[1]; 358 if (buf_size > HOST_LINK_BUF_SIZE) 359 buf_size = HOST_LINK_BUF_SIZE; 360 sl->link_buf_size = buf_size; 361 buf[0] = buf_size >> 8; 362 buf[1] = buf_size & 0xff; 363 dprintk("Chosen link buffer size of %i\n", buf_size); 364 365 /* write the buffer size to the CAM */ 366 ret = ca->pub->write_cam_control(ca->pub, slot, CTRLIF_COMMAND, 367 IRQEN | CMDREG_SW); 368 if (ret) 369 return ret; 370 ret = dvb_ca_en50221_wait_if_status(ca, slot, STATUSREG_FR, HZ / 10); 371 if (ret) 372 return ret; 373 ret = dvb_ca_en50221_write_data(ca, slot, buf, 2); 374 if (ret != 2) 375 return -EIO; 376 ret = ca->pub->write_cam_control(ca->pub, slot, CTRLIF_COMMAND, IRQEN); 377 if (ret) 378 return ret; 379 380 /* success */ 381 return 0; 382} 383 384/** 385 * dvb_ca_en50221_read_tuple - Read a tuple from attribute memory. 386 * 387 * @ca: CA instance. 388 * @slot: Slot id. 389 * @address: Address to read from. Updated. 390 * @tuple_type: Tuple id byte. Updated. 391 * @tuple_length: Tuple length. Updated. 392 * @tuple: Dest buffer for tuple (must be 256 bytes). Updated. 393 * 394 * return: 0 on success, nonzero on error. 395 */ 396static int dvb_ca_en50221_read_tuple(struct dvb_ca_private *ca, int slot, 397 int *address, int *tuple_type, 398 int *tuple_length, u8 *tuple) 399{ 400 int i; 401 int _tuple_type; 402 int _tuple_length; 403 int _address = *address; 404 405 /* grab the next tuple length and type */ 406 _tuple_type = ca->pub->read_attribute_mem(ca->pub, slot, _address); 407 if (_tuple_type < 0) 408 return _tuple_type; 409 if (_tuple_type == 0xff) { 410 dprintk("END OF CHAIN TUPLE type:0x%x\n", _tuple_type); 411 *address += 2; 412 *tuple_type = _tuple_type; 413 *tuple_length = 0; 414 return 0; 415 } 416 _tuple_length = ca->pub->read_attribute_mem(ca->pub, slot, 417 _address + 2); 418 if (_tuple_length < 0) 419 return _tuple_length; 420 _address += 4; 421 422 dprintk("TUPLE type:0x%x length:%i\n", _tuple_type, _tuple_length); 423 424 /* read in the whole tuple */ 425 for (i = 0; i < _tuple_length; i++) { 426 tuple[i] = ca->pub->read_attribute_mem(ca->pub, slot, 427 _address + (i * 2)); 428 dprintk(" 0x%02x: 0x%02x %c\n", 429 i, tuple[i] & 0xff, 430 ((tuple[i] > 31) && (tuple[i] < 127)) ? tuple[i] : '.'); 431 } 432 _address += (_tuple_length * 2); 433 434 /* success */ 435 *tuple_type = _tuple_type; 436 *tuple_length = _tuple_length; 437 *address = _address; 438 return 0; 439} 440 441/** 442 * dvb_ca_en50221_parse_attributes - Parse attribute memory of a CAM module, 443 * extracting Config register, and checking it is a DVB CAM module. 444 * 445 * @ca: CA instance. 446 * @slot: Slot id. 447 * 448 * return: 0 on success, <0 on failure. 449 */ 450static int dvb_ca_en50221_parse_attributes(struct dvb_ca_private *ca, int slot) 451{ 452 struct dvb_ca_slot *sl; 453 int address = 0; 454 int tuple_length; 455 int tuple_type; 456 u8 tuple[257]; 457 char *dvb_str; 458 int rasz; 459 int status; 460 int got_cftableentry = 0; 461 int end_chain = 0; 462 int i; 463 u16 manfid = 0; 464 u16 devid = 0; 465 466 /* CISTPL_DEVICE_0A */ 467 status = dvb_ca_en50221_read_tuple(ca, slot, &address, &tuple_type, 468 &tuple_length, tuple); 469 if (status < 0) 470 return status; 471 if (tuple_type != 0x1D) 472 return -EINVAL; 473 474 /* CISTPL_DEVICE_0C */ 475 status = dvb_ca_en50221_read_tuple(ca, slot, &address, &tuple_type, 476 &tuple_length, tuple); 477 if (status < 0) 478 return status; 479 if (tuple_type != 0x1C) 480 return -EINVAL; 481 482 /* CISTPL_VERS_1 */ 483 status = dvb_ca_en50221_read_tuple(ca, slot, &address, &tuple_type, 484 &tuple_length, tuple); 485 if (status < 0) 486 return status; 487 if (tuple_type != 0x15) 488 return -EINVAL; 489 490 /* CISTPL_MANFID */ 491 status = dvb_ca_en50221_read_tuple(ca, slot, &address, &tuple_type, 492 &tuple_length, tuple); 493 if (status < 0) 494 return status; 495 if (tuple_type != 0x20) 496 return -EINVAL; 497 if (tuple_length != 4) 498 return -EINVAL; 499 manfid = (tuple[1] << 8) | tuple[0]; 500 devid = (tuple[3] << 8) | tuple[2]; 501 502 /* CISTPL_CONFIG */ 503 status = dvb_ca_en50221_read_tuple(ca, slot, &address, &tuple_type, 504 &tuple_length, tuple); 505 if (status < 0) 506 return status; 507 if (tuple_type != 0x1A) 508 return -EINVAL; 509 if (tuple_length < 3) 510 return -EINVAL; 511 512 /* extract the configbase */ 513 rasz = tuple[0] & 3; 514 if (tuple_length < (3 + rasz + 14)) 515 return -EINVAL; 516 sl = &ca->slot_info[slot]; 517 sl->config_base = 0; 518 for (i = 0; i < rasz + 1; i++) 519 sl->config_base |= (tuple[2 + i] << (8 * i)); 520 521 /* check it contains the correct DVB string */ 522 dvb_str = findstr((char *)tuple, tuple_length, "DVB_CI_V", 8); 523 if (!dvb_str) 524 return -EINVAL; 525 if (tuple_length < ((dvb_str - (char *)tuple) + 12)) 526 return -EINVAL; 527 528 /* is it a version we support? */ 529 if (strncmp(dvb_str + 8, "1.00", 4)) { 530 pr_err("dvb_ca adapter %d: Unsupported DVB CAM module version %c%c%c%c\n", 531 ca->dvbdev->adapter->num, dvb_str[8], dvb_str[9], 532 dvb_str[10], dvb_str[11]); 533 return -EINVAL; 534 } 535 536 /* process the CFTABLE_ENTRY tuples, and any after those */ 537 while ((!end_chain) && (address < 0x1000)) { 538 status = dvb_ca_en50221_read_tuple(ca, slot, &address, 539 &tuple_type, &tuple_length, 540 tuple); 541 if (status < 0) 542 return status; 543 switch (tuple_type) { 544 case 0x1B: /* CISTPL_CFTABLE_ENTRY */ 545 if (tuple_length < (2 + 11 + 17)) 546 break; 547 548 /* if we've already parsed one, just use it */ 549 if (got_cftableentry) 550 break; 551 552 /* get the config option */ 553 sl->config_option = tuple[0] & 0x3f; 554 555 /* OK, check it contains the correct strings */ 556 if (!findstr((char *)tuple, tuple_length, 557 "DVB_HOST", 8) || 558 !findstr((char *)tuple, tuple_length, 559 "DVB_CI_MODULE", 13)) 560 break; 561 562 got_cftableentry = 1; 563 break; 564 565 case 0x14: /* CISTPL_NO_LINK */ 566 break; 567 568 case 0xFF: /* CISTPL_END */ 569 end_chain = 1; 570 break; 571 572 default: /* Unknown tuple type - just skip this tuple */ 573 dprintk("dvb_ca: Skipping unknown tuple type:0x%x length:0x%x\n", 574 tuple_type, tuple_length); 575 break; 576 } 577 } 578 579 if ((address > 0x1000) || (!got_cftableentry)) 580 return -EINVAL; 581 582 dprintk("Valid DVB CAM detected MANID:%x DEVID:%x CONFIGBASE:0x%x CONFIGOPTION:0x%x\n", 583 manfid, devid, sl->config_base, sl->config_option); 584 585 /* success! */ 586 return 0; 587} 588 589/** 590 * dvb_ca_en50221_set_configoption - Set CAM's configoption correctly. 591 * 592 * @ca: CA instance. 593 * @slot: Slot containing the CAM. 594 */ 595static int dvb_ca_en50221_set_configoption(struct dvb_ca_private *ca, int slot) 596{ 597 struct dvb_ca_slot *sl = &ca->slot_info[slot]; 598 int configoption; 599 600 dprintk("%s\n", __func__); 601 602 /* set the config option */ 603 ca->pub->write_attribute_mem(ca->pub, slot, sl->config_base, 604 sl->config_option); 605 606 /* check it */ 607 configoption = ca->pub->read_attribute_mem(ca->pub, slot, 608 sl->config_base); 609 dprintk("Set configoption 0x%x, read configoption 0x%x\n", 610 sl->config_option, configoption & 0x3f); 611 612 /* fine! */ 613 return 0; 614} 615 616/** 617 * dvb_ca_en50221_read_data - This function talks to an EN50221 CAM control 618 * interface. It reads a buffer of data from the CAM. The data can either 619 * be stored in a supplied buffer, or automatically be added to the slot's 620 * rx_buffer. 621 * 622 * @ca: CA instance. 623 * @slot: Slot to read from. 624 * @ebuf: If non-NULL, the data will be written to this buffer. If NULL, 625 * the data will be added into the buffering system as a normal 626 * fragment. 627 * @ecount: Size of ebuf. Ignored if ebuf is NULL. 628 * 629 * return: Number of bytes read, or < 0 on error 630 */ 631static int dvb_ca_en50221_read_data(struct dvb_ca_private *ca, int slot, 632 u8 *ebuf, int ecount) 633{ 634 struct dvb_ca_slot *sl = &ca->slot_info[slot]; 635 int bytes_read; 636 int status; 637 u8 buf[HOST_LINK_BUF_SIZE]; 638 int i; 639 640 dprintk("%s\n", __func__); 641 642 /* check if we have space for a link buf in the rx_buffer */ 643 if (!ebuf) { 644 int buf_free; 645 646 if (!sl->rx_buffer.data) { 647 status = -EIO; 648 goto exit; 649 } 650 buf_free = dvb_ringbuffer_free(&sl->rx_buffer); 651 652 if (buf_free < (sl->link_buf_size + 653 DVB_RINGBUFFER_PKTHDRSIZE)) { 654 status = -EAGAIN; 655 goto exit; 656 } 657 } 658 659 if (ca->pub->read_data && 660 (sl->slot_state != DVB_CA_SLOTSTATE_LINKINIT)) { 661 if (!ebuf) 662 status = ca->pub->read_data(ca->pub, slot, buf, 663 sizeof(buf)); 664 else 665 status = ca->pub->read_data(ca->pub, slot, buf, ecount); 666 if (status < 0) 667 return status; 668 bytes_read = status; 669 if (status == 0) 670 goto exit; 671 } else { 672 /* check if there is data available */ 673 status = ca->pub->read_cam_control(ca->pub, slot, 674 CTRLIF_STATUS); 675 if (status < 0) 676 goto exit; 677 if (!(status & STATUSREG_DA)) { 678 /* no data */ 679 status = 0; 680 goto exit; 681 } 682 683 /* read the amount of data */ 684 status = ca->pub->read_cam_control(ca->pub, slot, 685 CTRLIF_SIZE_HIGH); 686 if (status < 0) 687 goto exit; 688 bytes_read = status << 8; 689 status = ca->pub->read_cam_control(ca->pub, slot, 690 CTRLIF_SIZE_LOW); 691 if (status < 0) 692 goto exit; 693 bytes_read |= status; 694 695 /* check it will fit */ 696 if (!ebuf) { 697 if (bytes_read > sl->link_buf_size) { 698 pr_err("dvb_ca adapter %d: CAM tried to send a buffer larger than the link buffer size (%i > %i)!\n", 699 ca->dvbdev->adapter->num, bytes_read, 700 sl->link_buf_size); 701 sl->slot_state = DVB_CA_SLOTSTATE_LINKINIT; 702 status = -EIO; 703 goto exit; 704 } 705 if (bytes_read < 2) { 706 pr_err("dvb_ca adapter %d: CAM sent a buffer that was less than 2 bytes!\n", 707 ca->dvbdev->adapter->num); 708 sl->slot_state = DVB_CA_SLOTSTATE_LINKINIT; 709 status = -EIO; 710 goto exit; 711 } 712 } else { 713 if (bytes_read > ecount) { 714 pr_err("dvb_ca adapter %d: CAM tried to send a buffer larger than the ecount size!\n", 715 ca->dvbdev->adapter->num); 716 status = -EIO; 717 goto exit; 718 } 719 } 720 721 /* fill the buffer */ 722 for (i = 0; i < bytes_read; i++) { 723 /* read byte and check */ 724 status = ca->pub->read_cam_control(ca->pub, slot, 725 CTRLIF_DATA); 726 if (status < 0) 727 goto exit; 728 729 /* OK, store it in the buffer */ 730 buf[i] = status; 731 } 732 733 /* check for read error (RE should now be 0) */ 734 status = ca->pub->read_cam_control(ca->pub, slot, 735 CTRLIF_STATUS); 736 if (status < 0) 737 goto exit; 738 if (status & STATUSREG_RE) { 739 sl->slot_state = DVB_CA_SLOTSTATE_LINKINIT; 740 status = -EIO; 741 goto exit; 742 } 743 } 744 745 /* 746 * OK, add it to the receive buffer, or copy into external buffer if 747 * supplied 748 */ 749 if (!ebuf) { 750 if (!sl->rx_buffer.data) { 751 status = -EIO; 752 goto exit; 753 } 754 dvb_ringbuffer_pkt_write(&sl->rx_buffer, buf, bytes_read); 755 } else { 756 memcpy(ebuf, buf, bytes_read); 757 } 758 759 dprintk("Received CA packet for slot %i connection id 0x%x last_frag:%i size:0x%x\n", slot, 760 buf[0], (buf[1] & 0x80) == 0, bytes_read); 761 762 /* wake up readers when a last_fragment is received */ 763 if ((buf[1] & 0x80) == 0x00) 764 wake_up_interruptible(&ca->wait_queue); 765 766 status = bytes_read; 767 768exit: 769 return status; 770} 771 772/** 773 * dvb_ca_en50221_write_data - This function talks to an EN50221 CAM control 774 * interface. It writes a buffer of data to a CAM. 775 * 776 * @ca: CA instance. 777 * @slot: Slot to write to. 778 * @buf: The data in this buffer is treated as a complete link-level packet to 779 * be written. 780 * @bytes_write: Size of ebuf. 781 * 782 * return: Number of bytes written, or < 0 on error. 783 */ 784static int dvb_ca_en50221_write_data(struct dvb_ca_private *ca, int slot, 785 u8 *buf, int bytes_write) 786{ 787 struct dvb_ca_slot *sl = &ca->slot_info[slot]; 788 int status; 789 int i; 790 791 dprintk("%s\n", __func__); 792 793 /* sanity check */ 794 if (bytes_write > sl->link_buf_size) 795 return -EINVAL; 796 797 if (ca->pub->write_data && 798 (sl->slot_state != DVB_CA_SLOTSTATE_LINKINIT)) 799 return ca->pub->write_data(ca->pub, slot, buf, bytes_write); 800 801 /* 802 * it is possible we are dealing with a single buffer implementation, 803 * thus if there is data available for read or if there is even a read 804 * already in progress, we do nothing but awake the kernel thread to 805 * process the data if necessary. 806 */ 807 status = ca->pub->read_cam_control(ca->pub, slot, CTRLIF_STATUS); 808 if (status < 0) 809 goto exitnowrite; 810 if (status & (STATUSREG_DA | STATUSREG_RE)) { 811 if (status & STATUSREG_DA) 812 dvb_ca_en50221_thread_wakeup(ca); 813 814 status = -EAGAIN; 815 goto exitnowrite; 816 } 817 818 /* OK, set HC bit */ 819 status = ca->pub->write_cam_control(ca->pub, slot, CTRLIF_COMMAND, 820 IRQEN | CMDREG_HC); 821 if (status) 822 goto exit; 823 824 /* check if interface is still free */ 825 status = ca->pub->read_cam_control(ca->pub, slot, CTRLIF_STATUS); 826 if (status < 0) 827 goto exit; 828 if (!(status & STATUSREG_FR)) { 829 /* it wasn't free => try again later */ 830 status = -EAGAIN; 831 goto exit; 832 } 833 834 /* 835 * It may need some time for the CAM to settle down, or there might 836 * be a race condition between the CAM, writing HC and our last 837 * check for DA. This happens, if the CAM asserts DA, just after 838 * checking DA before we are setting HC. In this case it might be 839 * a bug in the CAM to keep the FR bit, the lower layer/HW 840 * communication requires a longer timeout or the CAM needs more 841 * time internally. But this happens in reality! 842 * We need to read the status from the HW again and do the same 843 * we did for the previous check for DA 844 */ 845 status = ca->pub->read_cam_control(ca->pub, slot, CTRLIF_STATUS); 846 if (status < 0) 847 goto exit; 848 849 if (status & (STATUSREG_DA | STATUSREG_RE)) { 850 if (status & STATUSREG_DA) 851 dvb_ca_en50221_thread_wakeup(ca); 852 853 status = -EAGAIN; 854 goto exit; 855 } 856 857 /* send the amount of data */ 858 status = ca->pub->write_cam_control(ca->pub, slot, CTRLIF_SIZE_HIGH, 859 bytes_write >> 8); 860 if (status) 861 goto exit; 862 status = ca->pub->write_cam_control(ca->pub, slot, CTRLIF_SIZE_LOW, 863 bytes_write & 0xff); 864 if (status) 865 goto exit; 866 867 /* send the buffer */ 868 for (i = 0; i < bytes_write; i++) { 869 status = ca->pub->write_cam_control(ca->pub, slot, CTRLIF_DATA, 870 buf[i]); 871 if (status) 872 goto exit; 873 } 874 875 /* check for write error (WE should now be 0) */ 876 status = ca->pub->read_cam_control(ca->pub, slot, CTRLIF_STATUS); 877 if (status < 0) 878 goto exit; 879 if (status & STATUSREG_WE) { 880 sl->slot_state = DVB_CA_SLOTSTATE_LINKINIT; 881 status = -EIO; 882 goto exit; 883 } 884 status = bytes_write; 885 886 dprintk("Wrote CA packet for slot %i, connection id 0x%x last_frag:%i size:0x%x\n", slot, 887 buf[0], (buf[1] & 0x80) == 0, bytes_write); 888 889exit: 890 ca->pub->write_cam_control(ca->pub, slot, CTRLIF_COMMAND, IRQEN); 891 892exitnowrite: 893 return status; 894} 895 896/* ************************************************************************** */ 897/* EN50221 higher level functions */ 898 899/** 900 * dvb_ca_en50221_slot_shutdown - A CAM has been removed => shut it down. 901 * 902 * @ca: CA instance. 903 * @slot: Slot to shut down. 904 */ 905static int dvb_ca_en50221_slot_shutdown(struct dvb_ca_private *ca, int slot) 906{ 907 dprintk("%s\n", __func__); 908 909 ca->pub->slot_shutdown(ca->pub, slot); 910 ca->slot_info[slot].slot_state = DVB_CA_SLOTSTATE_NONE; 911 912 /* 913 * need to wake up all processes to check if they're now trying to 914 * write to a defunct CAM 915 */ 916 wake_up_interruptible(&ca->wait_queue); 917 918 dprintk("Slot %i shutdown\n", slot); 919 920 /* success */ 921 return 0; 922} 923 924/** 925 * dvb_ca_en50221_camchange_irq - A CAMCHANGE IRQ has occurred. 926 * 927 * @pubca: CA instance. 928 * @slot: Slot concerned. 929 * @change_type: One of the DVB_CA_CAMCHANGE_* values. 930 */ 931void dvb_ca_en50221_camchange_irq(struct dvb_ca_en50221 *pubca, int slot, 932 int change_type) 933{ 934 struct dvb_ca_private *ca = pubca->private; 935 struct dvb_ca_slot *sl = &ca->slot_info[slot]; 936 937 dprintk("CAMCHANGE IRQ slot:%i change_type:%i\n", slot, change_type); 938 939 switch (change_type) { 940 case DVB_CA_EN50221_CAMCHANGE_REMOVED: 941 case DVB_CA_EN50221_CAMCHANGE_INSERTED: 942 break; 943 944 default: 945 return; 946 } 947 948 sl->camchange_type = change_type; 949 atomic_inc(&sl->camchange_count); 950 dvb_ca_en50221_thread_wakeup(ca); 951} 952EXPORT_SYMBOL(dvb_ca_en50221_camchange_irq); 953 954/** 955 * dvb_ca_en50221_camready_irq - A CAMREADY IRQ has occurred. 956 * 957 * @pubca: CA instance. 958 * @slot: Slot concerned. 959 */ 960void dvb_ca_en50221_camready_irq(struct dvb_ca_en50221 *pubca, int slot) 961{ 962 struct dvb_ca_private *ca = pubca->private; 963 struct dvb_ca_slot *sl = &ca->slot_info[slot]; 964 965 dprintk("CAMREADY IRQ slot:%i\n", slot); 966 967 if (sl->slot_state == DVB_CA_SLOTSTATE_WAITREADY) { 968 sl->slot_state = DVB_CA_SLOTSTATE_VALIDATE; 969 dvb_ca_en50221_thread_wakeup(ca); 970 } 971} 972EXPORT_SYMBOL(dvb_ca_en50221_camready_irq); 973 974/** 975 * dvb_ca_en50221_frda_irq - An FR or DA IRQ has occurred. 976 * 977 * @pubca: CA instance. 978 * @slot: Slot concerned. 979 */ 980void dvb_ca_en50221_frda_irq(struct dvb_ca_en50221 *pubca, int slot) 981{ 982 struct dvb_ca_private *ca = pubca->private; 983 struct dvb_ca_slot *sl = &ca->slot_info[slot]; 984 int flags; 985 986 dprintk("FR/DA IRQ slot:%i\n", slot); 987 988 switch (sl->slot_state) { 989 case DVB_CA_SLOTSTATE_LINKINIT: 990 flags = ca->pub->read_cam_control(pubca, slot, CTRLIF_STATUS); 991 if (flags & STATUSREG_DA) { 992 dprintk("CAM supports DA IRQ\n"); 993 sl->da_irq_supported = 1; 994 } 995 break; 996 997 case DVB_CA_SLOTSTATE_RUNNING: 998 if (ca->open) 999 dvb_ca_en50221_thread_wakeup(ca); 1000 break; 1001 } 1002} 1003EXPORT_SYMBOL(dvb_ca_en50221_frda_irq); 1004 1005/* ************************************************************************** */ 1006/* EN50221 thread functions */ 1007 1008/** 1009 * dvb_ca_en50221_thread_wakeup - Wake up the DVB CA thread 1010 * 1011 * @ca: CA instance. 1012 */ 1013static void dvb_ca_en50221_thread_wakeup(struct dvb_ca_private *ca) 1014{ 1015 dprintk("%s\n", __func__); 1016 1017 ca->wakeup = 1; 1018 mb(); 1019 wake_up_process(ca->thread); 1020} 1021 1022/** 1023 * dvb_ca_en50221_thread_update_delay - Update the delay used by the thread. 1024 * 1025 * @ca: CA instance. 1026 */ 1027static void dvb_ca_en50221_thread_update_delay(struct dvb_ca_private *ca) 1028{ 1029 int delay; 1030 int curdelay = 100000000; 1031 int slot; 1032 1033 /* 1034 * Beware of too high polling frequency, because one polling 1035 * call might take several hundred milliseconds until timeout! 1036 */ 1037 for (slot = 0; slot < ca->slot_count; slot++) { 1038 struct dvb_ca_slot *sl = &ca->slot_info[slot]; 1039 1040 switch (sl->slot_state) { 1041 default: 1042 case DVB_CA_SLOTSTATE_NONE: 1043 delay = HZ * 60; /* 60s */ 1044 if (!(ca->flags & DVB_CA_EN50221_FLAG_IRQ_CAMCHANGE)) 1045 delay = HZ * 5; /* 5s */ 1046 break; 1047 case DVB_CA_SLOTSTATE_INVALID: 1048 delay = HZ * 60; /* 60s */ 1049 if (!(ca->flags & DVB_CA_EN50221_FLAG_IRQ_CAMCHANGE)) 1050 delay = HZ / 10; /* 100ms */ 1051 break; 1052 1053 case DVB_CA_SLOTSTATE_UNINITIALISED: 1054 case DVB_CA_SLOTSTATE_WAITREADY: 1055 case DVB_CA_SLOTSTATE_VALIDATE: 1056 case DVB_CA_SLOTSTATE_WAITFR: 1057 case DVB_CA_SLOTSTATE_LINKINIT: 1058 delay = HZ / 10; /* 100ms */ 1059 break; 1060 1061 case DVB_CA_SLOTSTATE_RUNNING: 1062 delay = HZ * 60; /* 60s */ 1063 if (!(ca->flags & DVB_CA_EN50221_FLAG_IRQ_CAMCHANGE)) 1064 delay = HZ / 10; /* 100ms */ 1065 if (ca->open) { 1066 if ((!sl->da_irq_supported) || 1067 (!(ca->flags & DVB_CA_EN50221_FLAG_IRQ_DA))) 1068 delay = HZ / 10; /* 100ms */ 1069 } 1070 break; 1071 } 1072 1073 if (delay < curdelay) 1074 curdelay = delay; 1075 } 1076 1077 ca->delay = curdelay; 1078} 1079 1080/** 1081 * dvb_ca_en50221_poll_cam_gone - Poll if the CAM is gone. 1082 * 1083 * @ca: CA instance. 1084 * @slot: Slot to process. 1085 * return:: 0 .. no change 1086 * 1 .. CAM state changed 1087 */ 1088 1089static int dvb_ca_en50221_poll_cam_gone(struct dvb_ca_private *ca, int slot) 1090{ 1091 int changed = 0; 1092 int status; 1093 1094 /* 1095 * we need this extra check for annoying interfaces like the 1096 * budget-av 1097 */ 1098 if ((!(ca->flags & DVB_CA_EN50221_FLAG_IRQ_CAMCHANGE)) && 1099 (ca->pub->poll_slot_status)) { 1100 status = ca->pub->poll_slot_status(ca->pub, slot, 0); 1101 if (!(status & 1102 DVB_CA_EN50221_POLL_CAM_PRESENT)) { 1103 ca->slot_info[slot].slot_state = DVB_CA_SLOTSTATE_NONE; 1104 dvb_ca_en50221_thread_update_delay(ca); 1105 changed = 1; 1106 } 1107 } 1108 return changed; 1109} 1110 1111/** 1112 * dvb_ca_en50221_thread_state_machine - Thread state machine for one CA slot 1113 * to perform the data transfer. 1114 * 1115 * @ca: CA instance. 1116 * @slot: Slot to process. 1117 */ 1118static void dvb_ca_en50221_thread_state_machine(struct dvb_ca_private *ca, 1119 int slot) 1120{ 1121 struct dvb_ca_slot *sl = &ca->slot_info[slot]; 1122 int flags; 1123 int pktcount; 1124 void *rxbuf; 1125 1126 mutex_lock(&sl->slot_lock); 1127 1128 /* check the cam status + deal with CAMCHANGEs */ 1129 while (dvb_ca_en50221_check_camstatus(ca, slot)) { 1130 /* clear down an old CI slot if necessary */ 1131 if (sl->slot_state != DVB_CA_SLOTSTATE_NONE) 1132 dvb_ca_en50221_slot_shutdown(ca, slot); 1133 1134 /* if a CAM is NOW present, initialise it */ 1135 if (sl->camchange_type == DVB_CA_EN50221_CAMCHANGE_INSERTED) 1136 sl->slot_state = DVB_CA_SLOTSTATE_UNINITIALISED; 1137 1138 /* we've handled one CAMCHANGE */ 1139 dvb_ca_en50221_thread_update_delay(ca); 1140 atomic_dec(&sl->camchange_count); 1141 } 1142 1143 /* CAM state machine */ 1144 switch (sl->slot_state) { 1145 case DVB_CA_SLOTSTATE_NONE: 1146 case DVB_CA_SLOTSTATE_INVALID: 1147 /* no action needed */ 1148 break; 1149 1150 case DVB_CA_SLOTSTATE_UNINITIALISED: 1151 sl->slot_state = DVB_CA_SLOTSTATE_WAITREADY; 1152 ca->pub->slot_reset(ca->pub, slot); 1153 sl->timeout = jiffies + (INIT_TIMEOUT_SECS * HZ); 1154 break; 1155 1156 case DVB_CA_SLOTSTATE_WAITREADY: 1157 if (time_after(jiffies, sl->timeout)) { 1158 pr_err("dvb_ca adaptor %d: PC card did not respond :(\n", 1159 ca->dvbdev->adapter->num); 1160 sl->slot_state = DVB_CA_SLOTSTATE_INVALID; 1161 dvb_ca_en50221_thread_update_delay(ca); 1162 break; 1163 } 1164 /* 1165 * no other action needed; will automatically change state when 1166 * ready 1167 */ 1168 break; 1169 1170 case DVB_CA_SLOTSTATE_VALIDATE: 1171 if (dvb_ca_en50221_parse_attributes(ca, slot) != 0) { 1172 if (dvb_ca_en50221_poll_cam_gone(ca, slot)) 1173 break; 1174 1175 pr_err("dvb_ca adapter %d: Invalid PC card inserted :(\n", 1176 ca->dvbdev->adapter->num); 1177 sl->slot_state = DVB_CA_SLOTSTATE_INVALID; 1178 dvb_ca_en50221_thread_update_delay(ca); 1179 break; 1180 } 1181 if (dvb_ca_en50221_set_configoption(ca, slot) != 0) { 1182 pr_err("dvb_ca adapter %d: Unable to initialise CAM :(\n", 1183 ca->dvbdev->adapter->num); 1184 sl->slot_state = DVB_CA_SLOTSTATE_INVALID; 1185 dvb_ca_en50221_thread_update_delay(ca); 1186 break; 1187 } 1188 if (ca->pub->write_cam_control(ca->pub, slot, 1189 CTRLIF_COMMAND, 1190 CMDREG_RS) != 0) { 1191 pr_err("dvb_ca adapter %d: Unable to reset CAM IF\n", 1192 ca->dvbdev->adapter->num); 1193 sl->slot_state = DVB_CA_SLOTSTATE_INVALID; 1194 dvb_ca_en50221_thread_update_delay(ca); 1195 break; 1196 } 1197 dprintk("DVB CAM validated successfully\n"); 1198 1199 sl->timeout = jiffies + (INIT_TIMEOUT_SECS * HZ); 1200 sl->slot_state = DVB_CA_SLOTSTATE_WAITFR; 1201 ca->wakeup = 1; 1202 break; 1203 1204 case DVB_CA_SLOTSTATE_WAITFR: 1205 if (time_after(jiffies, sl->timeout)) { 1206 pr_err("dvb_ca adapter %d: DVB CAM did not respond :(\n", 1207 ca->dvbdev->adapter->num); 1208 sl->slot_state = DVB_CA_SLOTSTATE_INVALID; 1209 dvb_ca_en50221_thread_update_delay(ca); 1210 break; 1211 } 1212 1213 flags = ca->pub->read_cam_control(ca->pub, slot, CTRLIF_STATUS); 1214 if (flags & STATUSREG_FR) { 1215 sl->slot_state = DVB_CA_SLOTSTATE_LINKINIT; 1216 ca->wakeup = 1; 1217 } 1218 break; 1219 1220 case DVB_CA_SLOTSTATE_LINKINIT: 1221 if (dvb_ca_en50221_link_init(ca, slot) != 0) { 1222 if (dvb_ca_en50221_poll_cam_gone(ca, slot)) 1223 break; 1224 1225 pr_err("dvb_ca adapter %d: DVB CAM link initialisation failed :(\n", 1226 ca->dvbdev->adapter->num); 1227 sl->slot_state = DVB_CA_SLOTSTATE_UNINITIALISED; 1228 dvb_ca_en50221_thread_update_delay(ca); 1229 break; 1230 } 1231 1232 if (!sl->rx_buffer.data) { 1233 rxbuf = vmalloc(RX_BUFFER_SIZE); 1234 if (!rxbuf) { 1235 pr_err("dvb_ca adapter %d: Unable to allocate CAM rx buffer :(\n", 1236 ca->dvbdev->adapter->num); 1237 sl->slot_state = DVB_CA_SLOTSTATE_INVALID; 1238 dvb_ca_en50221_thread_update_delay(ca); 1239 break; 1240 } 1241 dvb_ringbuffer_init(&sl->rx_buffer, rxbuf, 1242 RX_BUFFER_SIZE); 1243 } 1244 1245 ca->pub->slot_ts_enable(ca->pub, slot); 1246 sl->slot_state = DVB_CA_SLOTSTATE_RUNNING; 1247 dvb_ca_en50221_thread_update_delay(ca); 1248 pr_info("dvb_ca adapter %d: DVB CAM detected and initialised successfully\n", 1249 ca->dvbdev->adapter->num); 1250 break; 1251 1252 case DVB_CA_SLOTSTATE_RUNNING: 1253 if (!ca->open) 1254 break; 1255 1256 /* poll slots for data */ 1257 pktcount = 0; 1258 while (dvb_ca_en50221_read_data(ca, slot, NULL, 0) > 0) { 1259 if (!ca->open) 1260 break; 1261 1262 /* 1263 * if a CAMCHANGE occurred at some point, do not do any 1264 * more processing of this slot 1265 */ 1266 if (dvb_ca_en50221_check_camstatus(ca, slot)) { 1267 /* 1268 * we don't want to sleep on the next iteration 1269 * so we can handle the cam change 1270 */ 1271 ca->wakeup = 1; 1272 break; 1273 } 1274 1275 /* check if we've hit our limit this time */ 1276 if (++pktcount >= MAX_RX_PACKETS_PER_ITERATION) { 1277 /* 1278 * don't sleep; there is likely to be more data 1279 * to read 1280 */ 1281 ca->wakeup = 1; 1282 break; 1283 } 1284 } 1285 break; 1286 } 1287 1288 mutex_unlock(&sl->slot_lock); 1289} 1290 1291/* 1292 * Kernel thread which monitors CA slots for CAM changes, and performs data 1293 * transfers. 1294 */ 1295static int dvb_ca_en50221_thread(void *data) 1296{ 1297 struct dvb_ca_private *ca = data; 1298 int slot; 1299 1300 dprintk("%s\n", __func__); 1301 1302 /* choose the correct initial delay */ 1303 dvb_ca_en50221_thread_update_delay(ca); 1304 1305 /* main loop */ 1306 while (!kthread_should_stop()) { 1307 /* sleep for a bit */ 1308 if (!ca->wakeup) { 1309 set_current_state(TASK_INTERRUPTIBLE); 1310 schedule_timeout(ca->delay); 1311 if (kthread_should_stop()) 1312 return 0; 1313 } 1314 ca->wakeup = 0; 1315 1316 /* go through all the slots processing them */ 1317 for (slot = 0; slot < ca->slot_count; slot++) 1318 dvb_ca_en50221_thread_state_machine(ca, slot); 1319 } 1320 1321 return 0; 1322} 1323 1324/* ************************************************************************** */ 1325/* EN50221 IO interface functions */ 1326 1327/** 1328 * dvb_ca_en50221_io_do_ioctl - Real ioctl implementation. 1329 * 1330 * @file: File concerned. 1331 * @cmd: IOCTL command. 1332 * @parg: Associated argument. 1333 * 1334 * NOTE: CA_SEND_MSG/CA_GET_MSG ioctls have userspace buffers passed to them. 1335 * 1336 * return: 0 on success, <0 on error. 1337 */ 1338static int dvb_ca_en50221_io_do_ioctl(struct file *file, 1339 unsigned int cmd, void *parg) 1340{ 1341 struct dvb_device *dvbdev = file->private_data; 1342 struct dvb_ca_private *ca = dvbdev->priv; 1343 int err = 0; 1344 int slot; 1345 1346 dprintk("%s\n", __func__); 1347 1348 if (mutex_lock_interruptible(&ca->ioctl_mutex)) 1349 return -ERESTARTSYS; 1350 1351 switch (cmd) { 1352 case CA_RESET: 1353 for (slot = 0; slot < ca->slot_count; slot++) { 1354 struct dvb_ca_slot *sl = &ca->slot_info[slot]; 1355 1356 mutex_lock(&sl->slot_lock); 1357 if (sl->slot_state != DVB_CA_SLOTSTATE_NONE) { 1358 dvb_ca_en50221_slot_shutdown(ca, slot); 1359 if (ca->flags & DVB_CA_EN50221_FLAG_IRQ_CAMCHANGE) 1360 dvb_ca_en50221_camchange_irq(ca->pub, 1361 slot, 1362 DVB_CA_EN50221_CAMCHANGE_INSERTED); 1363 } 1364 mutex_unlock(&sl->slot_lock); 1365 } 1366 ca->next_read_slot = 0; 1367 dvb_ca_en50221_thread_wakeup(ca); 1368 break; 1369 1370 case CA_GET_CAP: { 1371 struct ca_caps *caps = parg; 1372 1373 caps->slot_num = ca->slot_count; 1374 caps->slot_type = CA_CI_LINK; 1375 caps->descr_num = 0; 1376 caps->descr_type = 0; 1377 break; 1378 } 1379 1380 case CA_GET_SLOT_INFO: { 1381 struct ca_slot_info *info = parg; 1382 struct dvb_ca_slot *sl; 1383 1384 slot = info->num; 1385 if ((slot >= ca->slot_count) || (slot < 0)) { 1386 err = -EINVAL; 1387 goto out_unlock; 1388 } 1389 slot = array_index_nospec(slot, ca->slot_count); 1390 1391 info->type = CA_CI_LINK; 1392 info->flags = 0; 1393 sl = &ca->slot_info[slot]; 1394 if ((sl->slot_state != DVB_CA_SLOTSTATE_NONE) && 1395 (sl->slot_state != DVB_CA_SLOTSTATE_INVALID)) { 1396 info->flags = CA_CI_MODULE_PRESENT; 1397 } 1398 if (sl->slot_state == DVB_CA_SLOTSTATE_RUNNING) 1399 info->flags |= CA_CI_MODULE_READY; 1400 break; 1401 } 1402 1403 default: 1404 err = -EINVAL; 1405 break; 1406 } 1407 1408out_unlock: 1409 mutex_unlock(&ca->ioctl_mutex); 1410 return err; 1411} 1412 1413/** 1414 * dvb_ca_en50221_io_ioctl - Wrapper for ioctl implementation. 1415 * 1416 * @file: File concerned. 1417 * @cmd: IOCTL command. 1418 * @arg: Associated argument. 1419 * 1420 * return: 0 on success, <0 on error. 1421 */ 1422static long dvb_ca_en50221_io_ioctl(struct file *file, 1423 unsigned int cmd, unsigned long arg) 1424{ 1425 return dvb_usercopy(file, cmd, arg, dvb_ca_en50221_io_do_ioctl); 1426} 1427 1428/** 1429 * dvb_ca_en50221_io_write - Implementation of write() syscall. 1430 * 1431 * @file: File structure. 1432 * @buf: Source buffer. 1433 * @count: Size of source buffer. 1434 * @ppos: Position in file (ignored). 1435 * 1436 * return: Number of bytes read, or <0 on error. 1437 */ 1438static ssize_t dvb_ca_en50221_io_write(struct file *file, 1439 const char __user *buf, size_t count, 1440 loff_t *ppos) 1441{ 1442 struct dvb_device *dvbdev = file->private_data; 1443 struct dvb_ca_private *ca = dvbdev->priv; 1444 struct dvb_ca_slot *sl; 1445 u8 slot, connection_id; 1446 int status; 1447 u8 fragbuf[HOST_LINK_BUF_SIZE]; 1448 int fragpos = 0; 1449 int fraglen; 1450 unsigned long timeout; 1451 int written; 1452 1453 dprintk("%s\n", __func__); 1454 1455 /* 1456 * Incoming packet has a 2 byte header. 1457 * hdr[0] = slot_id, hdr[1] = connection_id 1458 */ 1459 if (count < 2) 1460 return -EINVAL; 1461 1462 /* extract slot & connection id */ 1463 if (copy_from_user(&slot, buf, 1)) 1464 return -EFAULT; 1465 if (copy_from_user(&connection_id, buf + 1, 1)) 1466 return -EFAULT; 1467 buf += 2; 1468 count -= 2; 1469 1470 if (slot >= ca->slot_count) 1471 return -EINVAL; 1472 slot = array_index_nospec(slot, ca->slot_count); 1473 sl = &ca->slot_info[slot]; 1474 1475 /* check if the slot is actually running */ 1476 if (sl->slot_state != DVB_CA_SLOTSTATE_RUNNING) 1477 return -EINVAL; 1478 1479 /* fragment the packets & store in the buffer */ 1480 while (fragpos < count) { 1481 fraglen = sl->link_buf_size - 2; 1482 if (fraglen < 0) 1483 break; 1484 if (fraglen > HOST_LINK_BUF_SIZE - 2) 1485 fraglen = HOST_LINK_BUF_SIZE - 2; 1486 if ((count - fragpos) < fraglen) 1487 fraglen = count - fragpos; 1488 1489 fragbuf[0] = connection_id; 1490 fragbuf[1] = ((fragpos + fraglen) < count) ? 0x80 : 0x00; 1491 status = copy_from_user(fragbuf + 2, buf + fragpos, fraglen); 1492 if (status) { 1493 status = -EFAULT; 1494 goto exit; 1495 } 1496 1497 timeout = jiffies + HZ / 2; 1498 written = 0; 1499 while (!time_after(jiffies, timeout)) { 1500 /* 1501 * check the CAM hasn't been removed/reset in the 1502 * meantime 1503 */ 1504 if (sl->slot_state != DVB_CA_SLOTSTATE_RUNNING) { 1505 status = -EIO; 1506 goto exit; 1507 } 1508 1509 mutex_lock(&sl->slot_lock); 1510 status = dvb_ca_en50221_write_data(ca, slot, fragbuf, 1511 fraglen + 2); 1512 mutex_unlock(&sl->slot_lock); 1513 if (status == (fraglen + 2)) { 1514 written = 1; 1515 break; 1516 } 1517 if (status != -EAGAIN) 1518 goto exit; 1519 1520 usleep_range(1000, 1100); 1521 } 1522 if (!written) { 1523 status = -EIO; 1524 goto exit; 1525 } 1526 1527 fragpos += fraglen; 1528 } 1529 status = count + 2; 1530 1531exit: 1532 return status; 1533} 1534 1535/* 1536 * Condition for waking up in dvb_ca_en50221_io_read_condition 1537 */ 1538static int dvb_ca_en50221_io_read_condition(struct dvb_ca_private *ca, 1539 int *result, int *_slot) 1540{ 1541 int slot; 1542 int slot_count = 0; 1543 int idx; 1544 size_t fraglen; 1545 int connection_id = -1; 1546 int found = 0; 1547 u8 hdr[2]; 1548 1549 slot = ca->next_read_slot; 1550 while ((slot_count < ca->slot_count) && (!found)) { 1551 struct dvb_ca_slot *sl = &ca->slot_info[slot]; 1552 1553 if (sl->slot_state != DVB_CA_SLOTSTATE_RUNNING) 1554 goto nextslot; 1555 1556 if (!sl->rx_buffer.data) 1557 return 0; 1558 1559 idx = dvb_ringbuffer_pkt_next(&sl->rx_buffer, -1, &fraglen); 1560 while (idx != -1) { 1561 dvb_ringbuffer_pkt_read(&sl->rx_buffer, idx, 0, hdr, 2); 1562 if (connection_id == -1) 1563 connection_id = hdr[0]; 1564 if ((hdr[0] == connection_id) && 1565 ((hdr[1] & 0x80) == 0)) { 1566 *_slot = slot; 1567 found = 1; 1568 break; 1569 } 1570 1571 idx = dvb_ringbuffer_pkt_next(&sl->rx_buffer, idx, 1572 &fraglen); 1573 } 1574 1575nextslot: 1576 slot = (slot + 1) % ca->slot_count; 1577 slot_count++; 1578 } 1579 1580 ca->next_read_slot = slot; 1581 return found; 1582} 1583 1584/** 1585 * dvb_ca_en50221_io_read - Implementation of read() syscall. 1586 * 1587 * @file: File structure. 1588 * @buf: Destination buffer. 1589 * @count: Size of destination buffer. 1590 * @ppos: Position in file (ignored). 1591 * 1592 * return: Number of bytes read, or <0 on error. 1593 */ 1594static ssize_t dvb_ca_en50221_io_read(struct file *file, char __user *buf, 1595 size_t count, loff_t *ppos) 1596{ 1597 struct dvb_device *dvbdev = file->private_data; 1598 struct dvb_ca_private *ca = dvbdev->priv; 1599 struct dvb_ca_slot *sl; 1600 int status; 1601 int result = 0; 1602 u8 hdr[2]; 1603 int slot; 1604 int connection_id = -1; 1605 size_t idx, idx2; 1606 int last_fragment = 0; 1607 size_t fraglen; 1608 int pktlen; 1609 int dispose = 0; 1610 1611 dprintk("%s\n", __func__); 1612 1613 /* 1614 * Outgoing packet has a 2 byte header. 1615 * hdr[0] = slot_id, hdr[1] = connection_id 1616 */ 1617 if (count < 2) 1618 return -EINVAL; 1619 1620 /* wait for some data */ 1621 status = dvb_ca_en50221_io_read_condition(ca, &result, &slot); 1622 if (status == 0) { 1623 /* if we're in nonblocking mode, exit immediately */ 1624 if (file->f_flags & O_NONBLOCK) 1625 return -EWOULDBLOCK; 1626 1627 /* wait for some data */ 1628 status = wait_event_interruptible(ca->wait_queue, 1629 dvb_ca_en50221_io_read_condition 1630 (ca, &result, &slot)); 1631 } 1632 if ((status < 0) || (result < 0)) { 1633 if (result) 1634 return result; 1635 return status; 1636 } 1637 1638 sl = &ca->slot_info[slot]; 1639 idx = dvb_ringbuffer_pkt_next(&sl->rx_buffer, -1, &fraglen); 1640 pktlen = 2; 1641 do { 1642 if (idx == -1) { 1643 pr_err("dvb_ca adapter %d: BUG: read packet ended before last_fragment encountered\n", 1644 ca->dvbdev->adapter->num); 1645 status = -EIO; 1646 goto exit; 1647 } 1648 1649 dvb_ringbuffer_pkt_read(&sl->rx_buffer, idx, 0, hdr, 2); 1650 if (connection_id == -1) 1651 connection_id = hdr[0]; 1652 if (hdr[0] == connection_id) { 1653 if (pktlen < count) { 1654 if ((pktlen + fraglen - 2) > count) 1655 fraglen = count - pktlen; 1656 else 1657 fraglen -= 2; 1658 1659 status = 1660 dvb_ringbuffer_pkt_read_user(&sl->rx_buffer, 1661 idx, 2, 1662 buf + pktlen, 1663 fraglen); 1664 if (status < 0) 1665 goto exit; 1666 1667 pktlen += fraglen; 1668 } 1669 1670 if ((hdr[1] & 0x80) == 0) 1671 last_fragment = 1; 1672 dispose = 1; 1673 } 1674 1675 idx2 = dvb_ringbuffer_pkt_next(&sl->rx_buffer, idx, &fraglen); 1676 if (dispose) 1677 dvb_ringbuffer_pkt_dispose(&sl->rx_buffer, idx); 1678 idx = idx2; 1679 dispose = 0; 1680 } while (!last_fragment); 1681 1682 hdr[0] = slot; 1683 hdr[1] = connection_id; 1684 status = copy_to_user(buf, hdr, 2); 1685 if (status) { 1686 status = -EFAULT; 1687 goto exit; 1688 } 1689 status = pktlen; 1690 1691exit: 1692 return status; 1693} 1694 1695/** 1696 * dvb_ca_en50221_io_open - Implementation of file open syscall. 1697 * 1698 * @inode: Inode concerned. 1699 * @file: File concerned. 1700 * 1701 * return: 0 on success, <0 on failure. 1702 */ 1703static int dvb_ca_en50221_io_open(struct inode *inode, struct file *file) 1704{ 1705 struct dvb_device *dvbdev = file->private_data; 1706 struct dvb_ca_private *ca = dvbdev->priv; 1707 int err; 1708 int i; 1709 1710 dprintk("%s\n", __func__); 1711 1712 if (!try_module_get(ca->pub->owner)) 1713 return -EIO; 1714 1715 err = dvb_generic_open(inode, file); 1716 if (err < 0) { 1717 module_put(ca->pub->owner); 1718 return err; 1719 } 1720 1721 for (i = 0; i < ca->slot_count; i++) { 1722 struct dvb_ca_slot *sl = &ca->slot_info[i]; 1723 1724 if (sl->slot_state == DVB_CA_SLOTSTATE_RUNNING) { 1725 if (!sl->rx_buffer.data) { 1726 /* 1727 * it is safe to call this here without locks 1728 * because ca->open == 0. Data is not read in 1729 * this case 1730 */ 1731 dvb_ringbuffer_flush(&sl->rx_buffer); 1732 } 1733 } 1734 } 1735 1736 ca->open = 1; 1737 dvb_ca_en50221_thread_update_delay(ca); 1738 dvb_ca_en50221_thread_wakeup(ca); 1739 1740 dvb_ca_private_get(ca); 1741 1742 return 0; 1743} 1744 1745/** 1746 * dvb_ca_en50221_io_release - Implementation of file close syscall. 1747 * 1748 * @inode: Inode concerned. 1749 * @file: File concerned. 1750 * 1751 * return: 0 on success, <0 on failure. 1752 */ 1753static int dvb_ca_en50221_io_release(struct inode *inode, struct file *file) 1754{ 1755 struct dvb_device *dvbdev = file->private_data; 1756 struct dvb_ca_private *ca = dvbdev->priv; 1757 int err; 1758 1759 dprintk("%s\n", __func__); 1760 1761 /* mark the CA device as closed */ 1762 ca->open = 0; 1763 dvb_ca_en50221_thread_update_delay(ca); 1764 1765 err = dvb_generic_release(inode, file); 1766 1767 module_put(ca->pub->owner); 1768 1769 dvb_ca_private_put(ca); 1770 1771 return err; 1772} 1773 1774/** 1775 * dvb_ca_en50221_io_poll - Implementation of poll() syscall. 1776 * 1777 * @file: File concerned. 1778 * @wait: poll wait table. 1779 * 1780 * return: Standard poll mask. 1781 */ 1782static __poll_t dvb_ca_en50221_io_poll(struct file *file, poll_table *wait) 1783{ 1784 struct dvb_device *dvbdev = file->private_data; 1785 struct dvb_ca_private *ca = dvbdev->priv; 1786 __poll_t mask = 0; 1787 int slot; 1788 int result = 0; 1789 1790 dprintk("%s\n", __func__); 1791 1792 poll_wait(file, &ca->wait_queue, wait); 1793 1794 if (dvb_ca_en50221_io_read_condition(ca, &result, &slot) == 1) 1795 mask |= EPOLLIN; 1796 1797 /* if there is something, return now */ 1798 if (mask) 1799 return mask; 1800 1801 if (dvb_ca_en50221_io_read_condition(ca, &result, &slot) == 1) 1802 mask |= EPOLLIN; 1803 1804 return mask; 1805} 1806 1807static const struct file_operations dvb_ca_fops = { 1808 .owner = THIS_MODULE, 1809 .read = dvb_ca_en50221_io_read, 1810 .write = dvb_ca_en50221_io_write, 1811 .unlocked_ioctl = dvb_ca_en50221_io_ioctl, 1812 .open = dvb_ca_en50221_io_open, 1813 .release = dvb_ca_en50221_io_release, 1814 .poll = dvb_ca_en50221_io_poll, 1815 .llseek = noop_llseek, 1816}; 1817 1818static const struct dvb_device dvbdev_ca = { 1819 .priv = NULL, 1820 .users = 1, 1821 .readers = 1, 1822 .writers = 1, 1823#if defined(CONFIG_MEDIA_CONTROLLER_DVB) 1824 .name = "dvb-ca-en50221", 1825#endif 1826 .fops = &dvb_ca_fops, 1827}; 1828 1829/* ************************************************************************** */ 1830/* Initialisation/shutdown functions */ 1831 1832/** 1833 * dvb_ca_en50221_init - Initialise a new DVB CA EN50221 interface device. 1834 * 1835 * @dvb_adapter: DVB adapter to attach the new CA device to. 1836 * @pubca: The dvb_ca instance. 1837 * @flags: Flags describing the CA device (DVB_CA_FLAG_*). 1838 * @slot_count: Number of slots supported. 1839 * 1840 * return: 0 on success, nonzero on failure 1841 */ 1842int dvb_ca_en50221_init(struct dvb_adapter *dvb_adapter, 1843 struct dvb_ca_en50221 *pubca, int flags, int slot_count) 1844{ 1845 int ret; 1846 struct dvb_ca_private *ca = NULL; 1847 int i; 1848 1849 dprintk("%s\n", __func__); 1850 1851 if (slot_count < 1) 1852 return -EINVAL; 1853 1854 /* initialise the system data */ 1855 ca = kzalloc(sizeof(*ca), GFP_KERNEL); 1856 if (!ca) { 1857 ret = -ENOMEM; 1858 goto exit; 1859 } 1860 kref_init(&ca->refcount); 1861 ca->pub = pubca; 1862 ca->flags = flags; 1863 ca->slot_count = slot_count; 1864 ca->slot_info = kcalloc(slot_count, sizeof(struct dvb_ca_slot), 1865 GFP_KERNEL); 1866 if (!ca->slot_info) { 1867 ret = -ENOMEM; 1868 goto free_ca; 1869 } 1870 init_waitqueue_head(&ca->wait_queue); 1871 ca->open = 0; 1872 ca->wakeup = 0; 1873 ca->next_read_slot = 0; 1874 pubca->private = ca; 1875 1876 /* register the DVB device */ 1877 ret = dvb_register_device(dvb_adapter, &ca->dvbdev, &dvbdev_ca, ca, 1878 DVB_DEVICE_CA, 0); 1879 if (ret) 1880 goto free_slot_info; 1881 1882 /* now initialise each slot */ 1883 for (i = 0; i < slot_count; i++) { 1884 struct dvb_ca_slot *sl = &ca->slot_info[i]; 1885 1886 memset(sl, 0, sizeof(struct dvb_ca_slot)); 1887 sl->slot_state = DVB_CA_SLOTSTATE_NONE; 1888 atomic_set(&sl->camchange_count, 0); 1889 sl->camchange_type = DVB_CA_EN50221_CAMCHANGE_REMOVED; 1890 mutex_init(&sl->slot_lock); 1891 } 1892 1893 mutex_init(&ca->ioctl_mutex); 1894 1895 if (signal_pending(current)) { 1896 ret = -EINTR; 1897 goto unregister_device; 1898 } 1899 mb(); 1900 1901 /* create a kthread for monitoring this CA device */ 1902 ca->thread = kthread_run(dvb_ca_en50221_thread, ca, "kdvb-ca-%i:%i", 1903 ca->dvbdev->adapter->num, ca->dvbdev->id); 1904 if (IS_ERR(ca->thread)) { 1905 ret = PTR_ERR(ca->thread); 1906 pr_err("dvb_ca_init: failed to start kernel_thread (%d)\n", 1907 ret); 1908 goto unregister_device; 1909 } 1910 return 0; 1911 1912unregister_device: 1913 dvb_unregister_device(ca->dvbdev); 1914free_slot_info: 1915 kfree(ca->slot_info); 1916free_ca: 1917 kfree(ca); 1918exit: 1919 pubca->private = NULL; 1920 return ret; 1921} 1922EXPORT_SYMBOL(dvb_ca_en50221_init); 1923 1924/** 1925 * dvb_ca_en50221_release - Release a DVB CA EN50221 interface device. 1926 * 1927 * @pubca: The associated dvb_ca instance. 1928 */ 1929void dvb_ca_en50221_release(struct dvb_ca_en50221 *pubca) 1930{ 1931 struct dvb_ca_private *ca = pubca->private; 1932 int i; 1933 1934 dprintk("%s\n", __func__); 1935 1936 /* shutdown the thread if there was one */ 1937 kthread_stop(ca->thread); 1938 1939 for (i = 0; i < ca->slot_count; i++) 1940 dvb_ca_en50221_slot_shutdown(ca, i); 1941 1942 dvb_remove_device(ca->dvbdev); 1943 dvb_ca_private_put(ca); 1944 pubca->private = NULL; 1945} 1946EXPORT_SYMBOL(dvb_ca_en50221_release);