xref: /openbmc/linux/drivers/macintosh/adb.c (revision 2e7c04aec86758e0adfcad4a24c86593b45807a3)
1 // SPDX-License-Identifier: GPL-2.0
2 /*
3  * Device driver for the Apple Desktop Bus
4  * and the /dev/adb device on macintoshes.
5  *
6  * Copyright (C) 1996 Paul Mackerras.
7  *
8  * Modified to declare controllers as structures, added
9  * client notification of bus reset and handles PowerBook
10  * sleep, by Benjamin Herrenschmidt.
11  *
12  * To do:
13  *
14  * - /sys/bus/adb to list the devices and infos
15  * - more /dev/adb to allow userland to receive the
16  *   flow of auto-polling datas from a given device.
17  * - move bus probe to a kernel thread
18  */
19 
20 #include <linux/types.h>
21 #include <linux/errno.h>
22 #include <linux/kernel.h>
23 #include <linux/slab.h>
24 #include <linux/module.h>
25 #include <linux/fs.h>
26 #include <linux/mm.h>
27 #include <linux/sched/signal.h>
28 #include <linux/adb.h>
29 #include <linux/cuda.h>
30 #include <linux/pmu.h>
31 #include <linux/notifier.h>
32 #include <linux/wait.h>
33 #include <linux/init.h>
34 #include <linux/delay.h>
35 #include <linux/spinlock.h>
36 #include <linux/completion.h>
37 #include <linux/device.h>
38 #include <linux/kthread.h>
39 #include <linux/platform_device.h>
40 #include <linux/mutex.h>
41 
42 #include <linux/uaccess.h>
43 #ifdef CONFIG_PPC
44 #include <asm/prom.h>
45 #include <asm/machdep.h>
46 #endif
47 
48 
49 EXPORT_SYMBOL(adb_client_list);
50 
51 extern struct adb_driver via_macii_driver;
52 extern struct adb_driver via_cuda_driver;
53 extern struct adb_driver adb_iop_driver;
54 extern struct adb_driver via_pmu_driver;
55 extern struct adb_driver macio_adb_driver;
56 
57 static DEFINE_MUTEX(adb_mutex);
58 static struct adb_driver *adb_driver_list[] = {
59 #ifdef CONFIG_ADB_MACII
60 	&via_macii_driver,
61 #endif
62 #ifdef CONFIG_ADB_CUDA
63 	&via_cuda_driver,
64 #endif
65 #ifdef CONFIG_ADB_IOP
66 	&adb_iop_driver,
67 #endif
68 #ifdef CONFIG_ADB_PMU
69 	&via_pmu_driver,
70 #endif
71 #ifdef CONFIG_ADB_MACIO
72 	&macio_adb_driver,
73 #endif
74 	NULL
75 };
76 
77 static struct class *adb_dev_class;
78 
79 static struct adb_driver *adb_controller;
80 BLOCKING_NOTIFIER_HEAD(adb_client_list);
81 static int adb_got_sleep;
82 static int adb_inited;
83 static DEFINE_SEMAPHORE(adb_probe_mutex);
84 static int sleepy_trackpad;
85 static int autopoll_devs;
86 int __adb_probe_sync;
87 
88 static int adb_scan_bus(void);
89 static int do_adb_reset_bus(void);
90 static void adbdev_init(void);
91 static int try_handler_change(int, int);
92 
93 static struct adb_handler {
94 	void (*handler)(unsigned char *, int, int);
95 	int original_address;
96 	int handler_id;
97 	int busy;
98 } adb_handler[16];
99 
100 /*
101  * The adb_handler_mutex mutex protects all accesses to the original_address
102  * and handler_id fields of adb_handler[i] for all i, and changes to the
103  * handler field.
104  * Accesses to the handler field are protected by the adb_handler_lock
105  * rwlock.  It is held across all calls to any handler, so that by the
106  * time adb_unregister returns, we know that the old handler isn't being
107  * called.
108  */
109 static DEFINE_MUTEX(adb_handler_mutex);
110 static DEFINE_RWLOCK(adb_handler_lock);
111 
112 #if 0
113 static void printADBreply(struct adb_request *req)
114 {
115         int i;
116 
117         printk("adb reply (%d)", req->reply_len);
118         for(i = 0; i < req->reply_len; i++)
119                 printk(" %x", req->reply[i]);
120         printk("\n");
121 
122 }
123 #endif
124 
125 static int adb_scan_bus(void)
126 {
127 	int i, highFree=0, noMovement;
128 	int devmask = 0;
129 	struct adb_request req;
130 
131 	/* assumes adb_handler[] is all zeroes at this point */
132 	for (i = 1; i < 16; i++) {
133 		/* see if there is anything at address i */
134 		adb_request(&req, NULL, ADBREQ_SYNC | ADBREQ_REPLY, 1,
135                             (i << 4) | 0xf);
136 		if (req.reply_len > 1)
137 			/* one or more devices at this address */
138 			adb_handler[i].original_address = i;
139 		else if (i > highFree)
140 			highFree = i;
141 	}
142 
143 	/* Note we reset noMovement to 0 each time we move a device */
144 	for (noMovement = 1; noMovement < 2 && highFree > 0; noMovement++) {
145 		for (i = 1; i < 16; i++) {
146 			if (adb_handler[i].original_address == 0)
147 				continue;
148 			/*
149 			 * Send a "talk register 3" command to address i
150 			 * to provoke a collision if there is more than
151 			 * one device at this address.
152 			 */
153 			adb_request(&req, NULL, ADBREQ_SYNC | ADBREQ_REPLY, 1,
154 				    (i << 4) | 0xf);
155 			/*
156 			 * Move the device(s) which didn't detect a
157 			 * collision to address `highFree'.  Hopefully
158 			 * this only moves one device.
159 			 */
160 			adb_request(&req, NULL, ADBREQ_SYNC, 3,
161 				    (i<< 4) | 0xb, (highFree | 0x60), 0xfe);
162 			/*
163 			 * See if anybody actually moved. This is suggested
164 			 * by HW TechNote 01:
165 			 *
166 			 * http://developer.apple.com/technotes/hw/hw_01.html
167 			 */
168 			adb_request(&req, NULL, ADBREQ_SYNC | ADBREQ_REPLY, 1,
169 				    (highFree << 4) | 0xf);
170 			if (req.reply_len <= 1) continue;
171 			/*
172 			 * Test whether there are any device(s) left
173 			 * at address i.
174 			 */
175 			adb_request(&req, NULL, ADBREQ_SYNC | ADBREQ_REPLY, 1,
176 				    (i << 4) | 0xf);
177 			if (req.reply_len > 1) {
178 				/*
179 				 * There are still one or more devices
180 				 * left at address i.  Register the one(s)
181 				 * we moved to `highFree', and find a new
182 				 * value for highFree.
183 				 */
184 				adb_handler[highFree].original_address =
185 					adb_handler[i].original_address;
186 				while (highFree > 0 &&
187 				       adb_handler[highFree].original_address)
188 					highFree--;
189 				if (highFree <= 0)
190 					break;
191 
192 				noMovement = 0;
193 			} else {
194 				/*
195 				 * No devices left at address i; move the
196 				 * one(s) we moved to `highFree' back to i.
197 				 */
198 				adb_request(&req, NULL, ADBREQ_SYNC, 3,
199 					    (highFree << 4) | 0xb,
200 					    (i | 0x60), 0xfe);
201 			}
202 		}
203 	}
204 
205 	/* Now fill in the handler_id field of the adb_handler entries. */
206 	pr_debug("adb devices:\n");
207 	for (i = 1; i < 16; i++) {
208 		if (adb_handler[i].original_address == 0)
209 			continue;
210 		adb_request(&req, NULL, ADBREQ_SYNC | ADBREQ_REPLY, 1,
211 			    (i << 4) | 0xf);
212 		adb_handler[i].handler_id = req.reply[2];
213 		pr_debug(" [%d]: %d %x\n", i, adb_handler[i].original_address,
214 			 adb_handler[i].handler_id);
215 		devmask |= 1 << i;
216 	}
217 	return devmask;
218 }
219 
220 /*
221  * This kernel task handles ADB probing. It dies once probing is
222  * completed.
223  */
224 static int
225 adb_probe_task(void *x)
226 {
227 	pr_debug("adb: starting probe task...\n");
228 	do_adb_reset_bus();
229 	pr_debug("adb: finished probe task...\n");
230 
231 	up(&adb_probe_mutex);
232 
233 	return 0;
234 }
235 
236 static void
237 __adb_probe_task(struct work_struct *bullshit)
238 {
239 	kthread_run(adb_probe_task, NULL, "kadbprobe");
240 }
241 
242 static DECLARE_WORK(adb_reset_work, __adb_probe_task);
243 
244 int
245 adb_reset_bus(void)
246 {
247 	if (__adb_probe_sync) {
248 		do_adb_reset_bus();
249 		return 0;
250 	}
251 
252 	down(&adb_probe_mutex);
253 	schedule_work(&adb_reset_work);
254 	return 0;
255 }
256 
257 #ifdef CONFIG_PM
258 /*
259  * notify clients before sleep
260  */
261 static int __adb_suspend(struct platform_device *dev, pm_message_t state)
262 {
263 	adb_got_sleep = 1;
264 	/* We need to get a lock on the probe thread */
265 	down(&adb_probe_mutex);
266 	/* Stop autopoll */
267 	if (adb_controller->autopoll)
268 		adb_controller->autopoll(0);
269 	blocking_notifier_call_chain(&adb_client_list, ADB_MSG_POWERDOWN, NULL);
270 
271 	return 0;
272 }
273 
274 static int adb_suspend(struct device *dev)
275 {
276 	return __adb_suspend(to_platform_device(dev), PMSG_SUSPEND);
277 }
278 
279 static int adb_freeze(struct device *dev)
280 {
281 	return __adb_suspend(to_platform_device(dev), PMSG_FREEZE);
282 }
283 
284 static int adb_poweroff(struct device *dev)
285 {
286 	return __adb_suspend(to_platform_device(dev), PMSG_HIBERNATE);
287 }
288 
289 /*
290  * reset bus after sleep
291  */
292 static int __adb_resume(struct platform_device *dev)
293 {
294 	adb_got_sleep = 0;
295 	up(&adb_probe_mutex);
296 	adb_reset_bus();
297 
298 	return 0;
299 }
300 
301 static int adb_resume(struct device *dev)
302 {
303 	return __adb_resume(to_platform_device(dev));
304 }
305 #endif /* CONFIG_PM */
306 
307 static int __init adb_init(void)
308 {
309 	struct adb_driver *driver;
310 	int i;
311 
312 #ifdef CONFIG_PPC32
313 	if (!machine_is(chrp) && !machine_is(powermac))
314 		return 0;
315 #endif
316 #ifdef CONFIG_MAC
317 	if (!MACH_IS_MAC)
318 		return 0;
319 #endif
320 
321 	/* xmon may do early-init */
322 	if (adb_inited)
323 		return 0;
324 	adb_inited = 1;
325 
326 	adb_controller = NULL;
327 
328 	i = 0;
329 	while ((driver = adb_driver_list[i++]) != NULL) {
330 		if (!driver->probe()) {
331 			adb_controller = driver;
332 			break;
333 		}
334 	}
335 	if (adb_controller != NULL && adb_controller->init &&
336 	    adb_controller->init())
337 		adb_controller = NULL;
338 	if (adb_controller == NULL) {
339 		pr_warn("Warning: no ADB interface detected\n");
340 	} else {
341 #ifdef CONFIG_PPC
342 		if (of_machine_is_compatible("AAPL,PowerBook1998") ||
343 			of_machine_is_compatible("PowerBook1,1"))
344 			sleepy_trackpad = 1;
345 #endif /* CONFIG_PPC */
346 
347 		adbdev_init();
348 		adb_reset_bus();
349 	}
350 	return 0;
351 }
352 
353 device_initcall(adb_init);
354 
355 static int
356 do_adb_reset_bus(void)
357 {
358 	int ret;
359 
360 	if (adb_controller == NULL)
361 		return -ENXIO;
362 
363 	if (adb_controller->autopoll)
364 		adb_controller->autopoll(0);
365 
366 	blocking_notifier_call_chain(&adb_client_list,
367 		ADB_MSG_PRE_RESET, NULL);
368 
369 	if (sleepy_trackpad) {
370 		/* Let the trackpad settle down */
371 		msleep(500);
372 	}
373 
374 	mutex_lock(&adb_handler_mutex);
375 	write_lock_irq(&adb_handler_lock);
376 	memset(adb_handler, 0, sizeof(adb_handler));
377 	write_unlock_irq(&adb_handler_lock);
378 
379 	/* That one is still a bit synchronous, oh well... */
380 	if (adb_controller->reset_bus)
381 		ret = adb_controller->reset_bus();
382 	else
383 		ret = 0;
384 
385 	if (sleepy_trackpad) {
386 		/* Let the trackpad settle down */
387 		msleep(1500);
388 	}
389 
390 	if (!ret) {
391 		autopoll_devs = adb_scan_bus();
392 		if (adb_controller->autopoll)
393 			adb_controller->autopoll(autopoll_devs);
394 	}
395 	mutex_unlock(&adb_handler_mutex);
396 
397 	blocking_notifier_call_chain(&adb_client_list,
398 		ADB_MSG_POST_RESET, NULL);
399 
400 	return ret;
401 }
402 
403 void
404 adb_poll(void)
405 {
406 	if ((adb_controller == NULL)||(adb_controller->poll == NULL))
407 		return;
408 	adb_controller->poll();
409 }
410 EXPORT_SYMBOL(adb_poll);
411 
412 static void adb_sync_req_done(struct adb_request *req)
413 {
414 	struct completion *comp = req->arg;
415 
416 	complete(comp);
417 }
418 
419 int
420 adb_request(struct adb_request *req, void (*done)(struct adb_request *),
421 	    int flags, int nbytes, ...)
422 {
423 	va_list list;
424 	int i;
425 	int rc;
426 	struct completion comp;
427 
428 	if ((adb_controller == NULL) || (adb_controller->send_request == NULL))
429 		return -ENXIO;
430 	if (nbytes < 1)
431 		return -EINVAL;
432 
433 	req->nbytes = nbytes+1;
434 	req->done = done;
435 	req->reply_expected = flags & ADBREQ_REPLY;
436 	req->data[0] = ADB_PACKET;
437 	va_start(list, nbytes);
438 	for (i = 0; i < nbytes; ++i)
439 		req->data[i+1] = va_arg(list, int);
440 	va_end(list);
441 
442 	if (flags & ADBREQ_NOSEND)
443 		return 0;
444 
445 	/* Synchronous requests block using an on-stack completion */
446 	if (flags & ADBREQ_SYNC) {
447 		WARN_ON(done);
448 		req->done = adb_sync_req_done;
449 		req->arg = &comp;
450 		init_completion(&comp);
451 	}
452 
453 	rc = adb_controller->send_request(req, 0);
454 
455 	if ((flags & ADBREQ_SYNC) && !rc && !req->complete)
456 		wait_for_completion(&comp);
457 
458 	return rc;
459 }
460 EXPORT_SYMBOL(adb_request);
461 
462  /* Ultimately this should return the number of devices with
463     the given default id.
464     And it does it now ! Note: changed behaviour: This function
465     will now register if default_id _and_ handler_id both match
466     but handler_id can be left to 0 to match with default_id only.
467     When handler_id is set, this function will try to adjust
468     the handler_id id it doesn't match. */
469 int
470 adb_register(int default_id, int handler_id, struct adb_ids *ids,
471 	     void (*handler)(unsigned char *, int, int))
472 {
473 	int i;
474 
475 	mutex_lock(&adb_handler_mutex);
476 	ids->nids = 0;
477 	for (i = 1; i < 16; i++) {
478 		if ((adb_handler[i].original_address == default_id) &&
479 		    (!handler_id || (handler_id == adb_handler[i].handler_id) ||
480 		    try_handler_change(i, handler_id))) {
481 			if (adb_handler[i].handler != 0) {
482 				pr_err("Two handlers for ADB device %d\n",
483 				       default_id);
484 				continue;
485 			}
486 			write_lock_irq(&adb_handler_lock);
487 			adb_handler[i].handler = handler;
488 			write_unlock_irq(&adb_handler_lock);
489 			ids->id[ids->nids++] = i;
490 		}
491 	}
492 	mutex_unlock(&adb_handler_mutex);
493 	return ids->nids;
494 }
495 EXPORT_SYMBOL(adb_register);
496 
497 int
498 adb_unregister(int index)
499 {
500 	int ret = -ENODEV;
501 
502 	mutex_lock(&adb_handler_mutex);
503 	write_lock_irq(&adb_handler_lock);
504 	if (adb_handler[index].handler) {
505 		while(adb_handler[index].busy) {
506 			write_unlock_irq(&adb_handler_lock);
507 			yield();
508 			write_lock_irq(&adb_handler_lock);
509 		}
510 		ret = 0;
511 		adb_handler[index].handler = NULL;
512 	}
513 	write_unlock_irq(&adb_handler_lock);
514 	mutex_unlock(&adb_handler_mutex);
515 	return ret;
516 }
517 EXPORT_SYMBOL(adb_unregister);
518 
519 void
520 adb_input(unsigned char *buf, int nb, int autopoll)
521 {
522 	int i, id;
523 	static int dump_adb_input;
524 	unsigned long flags;
525 
526 	void (*handler)(unsigned char *, int, int);
527 
528 	/* We skip keystrokes and mouse moves when the sleep process
529 	 * has been started. We stop autopoll, but this is another security
530 	 */
531 	if (adb_got_sleep)
532 		return;
533 
534 	id = buf[0] >> 4;
535 	if (dump_adb_input) {
536 		pr_info("adb packet: ");
537 		for (i = 0; i < nb; ++i)
538 			pr_cont(" %x", buf[i]);
539 		pr_cont(", id = %d\n", id);
540 	}
541 	write_lock_irqsave(&adb_handler_lock, flags);
542 	handler = adb_handler[id].handler;
543 	if (handler != NULL)
544 		adb_handler[id].busy = 1;
545 	write_unlock_irqrestore(&adb_handler_lock, flags);
546 	if (handler != NULL) {
547 		(*handler)(buf, nb, autopoll);
548 		wmb();
549 		adb_handler[id].busy = 0;
550 	}
551 
552 }
553 
554 /* Try to change handler to new_id. Will return 1 if successful. */
555 static int try_handler_change(int address, int new_id)
556 {
557 	struct adb_request req;
558 
559 	if (adb_handler[address].handler_id == new_id)
560 	    return 1;
561 	adb_request(&req, NULL, ADBREQ_SYNC, 3,
562 	    ADB_WRITEREG(address, 3), address | 0x20, new_id);
563 	adb_request(&req, NULL, ADBREQ_SYNC | ADBREQ_REPLY, 1,
564 	    ADB_READREG(address, 3));
565 	if (req.reply_len < 2)
566 	    return 0;
567 	if (req.reply[2] != new_id)
568 	    return 0;
569 	adb_handler[address].handler_id = req.reply[2];
570 
571 	return 1;
572 }
573 
574 int
575 adb_try_handler_change(int address, int new_id)
576 {
577 	int ret;
578 
579 	mutex_lock(&adb_handler_mutex);
580 	ret = try_handler_change(address, new_id);
581 	mutex_unlock(&adb_handler_mutex);
582 	return ret;
583 }
584 EXPORT_SYMBOL(adb_try_handler_change);
585 
586 int
587 adb_get_infos(int address, int *original_address, int *handler_id)
588 {
589 	mutex_lock(&adb_handler_mutex);
590 	*original_address = adb_handler[address].original_address;
591 	*handler_id = adb_handler[address].handler_id;
592 	mutex_unlock(&adb_handler_mutex);
593 
594 	return (*original_address != 0);
595 }
596 
597 
598 /*
599  * /dev/adb device driver.
600  */
601 
602 #define ADB_MAJOR	56	/* major number for /dev/adb */
603 
604 struct adbdev_state {
605 	spinlock_t	lock;
606 	atomic_t	n_pending;
607 	struct adb_request *completed;
608   	wait_queue_head_t wait_queue;
609 	int		inuse;
610 };
611 
612 static void adb_write_done(struct adb_request *req)
613 {
614 	struct adbdev_state *state = (struct adbdev_state *) req->arg;
615 	unsigned long flags;
616 
617 	if (!req->complete) {
618 		req->reply_len = 0;
619 		req->complete = 1;
620 	}
621 	spin_lock_irqsave(&state->lock, flags);
622 	atomic_dec(&state->n_pending);
623 	if (!state->inuse) {
624 		kfree(req);
625 		if (atomic_read(&state->n_pending) == 0) {
626 			spin_unlock_irqrestore(&state->lock, flags);
627 			kfree(state);
628 			return;
629 		}
630 	} else {
631 		struct adb_request **ap = &state->completed;
632 		while (*ap != NULL)
633 			ap = &(*ap)->next;
634 		req->next = NULL;
635 		*ap = req;
636 		wake_up_interruptible(&state->wait_queue);
637 	}
638 	spin_unlock_irqrestore(&state->lock, flags);
639 }
640 
641 static int
642 do_adb_query(struct adb_request *req)
643 {
644 	int	ret = -EINVAL;
645 
646 	switch(req->data[1]) {
647 	case ADB_QUERY_GETDEVINFO:
648 		if (req->nbytes < 3)
649 			break;
650 		mutex_lock(&adb_handler_mutex);
651 		req->reply[0] = adb_handler[req->data[2]].original_address;
652 		req->reply[1] = adb_handler[req->data[2]].handler_id;
653 		mutex_unlock(&adb_handler_mutex);
654 		req->complete = 1;
655 		req->reply_len = 2;
656 		adb_write_done(req);
657 		ret = 0;
658 		break;
659 	}
660 	return ret;
661 }
662 
663 static int adb_open(struct inode *inode, struct file *file)
664 {
665 	struct adbdev_state *state;
666 	int ret = 0;
667 
668 	mutex_lock(&adb_mutex);
669 	if (iminor(inode) > 0 || adb_controller == NULL) {
670 		ret = -ENXIO;
671 		goto out;
672 	}
673 	state = kmalloc(sizeof(struct adbdev_state), GFP_KERNEL);
674 	if (state == 0) {
675 		ret = -ENOMEM;
676 		goto out;
677 	}
678 	file->private_data = state;
679 	spin_lock_init(&state->lock);
680 	atomic_set(&state->n_pending, 0);
681 	state->completed = NULL;
682 	init_waitqueue_head(&state->wait_queue);
683 	state->inuse = 1;
684 
685 out:
686 	mutex_unlock(&adb_mutex);
687 	return ret;
688 }
689 
690 static int adb_release(struct inode *inode, struct file *file)
691 {
692 	struct adbdev_state *state = file->private_data;
693 	unsigned long flags;
694 
695 	mutex_lock(&adb_mutex);
696 	if (state) {
697 		file->private_data = NULL;
698 		spin_lock_irqsave(&state->lock, flags);
699 		if (atomic_read(&state->n_pending) == 0
700 		    && state->completed == NULL) {
701 			spin_unlock_irqrestore(&state->lock, flags);
702 			kfree(state);
703 		} else {
704 			state->inuse = 0;
705 			spin_unlock_irqrestore(&state->lock, flags);
706 		}
707 	}
708 	mutex_unlock(&adb_mutex);
709 	return 0;
710 }
711 
712 static ssize_t adb_read(struct file *file, char __user *buf,
713 			size_t count, loff_t *ppos)
714 {
715 	int ret = 0;
716 	struct adbdev_state *state = file->private_data;
717 	struct adb_request *req;
718 	DECLARE_WAITQUEUE(wait, current);
719 	unsigned long flags;
720 
721 	if (count < 2)
722 		return -EINVAL;
723 	if (count > sizeof(req->reply))
724 		count = sizeof(req->reply);
725 
726 	req = NULL;
727 	spin_lock_irqsave(&state->lock, flags);
728 	add_wait_queue(&state->wait_queue, &wait);
729 	set_current_state(TASK_INTERRUPTIBLE);
730 
731 	for (;;) {
732 		req = state->completed;
733 		if (req != NULL)
734 			state->completed = req->next;
735 		else if (atomic_read(&state->n_pending) == 0)
736 			ret = -EIO;
737 		if (req != NULL || ret != 0)
738 			break;
739 
740 		if (file->f_flags & O_NONBLOCK) {
741 			ret = -EAGAIN;
742 			break;
743 		}
744 		if (signal_pending(current)) {
745 			ret = -ERESTARTSYS;
746 			break;
747 		}
748 		spin_unlock_irqrestore(&state->lock, flags);
749 		schedule();
750 		spin_lock_irqsave(&state->lock, flags);
751 	}
752 
753 	set_current_state(TASK_RUNNING);
754 	remove_wait_queue(&state->wait_queue, &wait);
755 	spin_unlock_irqrestore(&state->lock, flags);
756 
757 	if (ret)
758 		return ret;
759 
760 	ret = req->reply_len;
761 	if (ret > count)
762 		ret = count;
763 	if (ret > 0 && copy_to_user(buf, req->reply, ret))
764 		ret = -EFAULT;
765 
766 	kfree(req);
767 	return ret;
768 }
769 
770 static ssize_t adb_write(struct file *file, const char __user *buf,
771 			 size_t count, loff_t *ppos)
772 {
773 	int ret/*, i*/;
774 	struct adbdev_state *state = file->private_data;
775 	struct adb_request *req;
776 
777 	if (count < 2 || count > sizeof(req->data))
778 		return -EINVAL;
779 	if (adb_controller == NULL)
780 		return -ENXIO;
781 
782 	req = kmalloc(sizeof(struct adb_request),
783 					     GFP_KERNEL);
784 	if (req == NULL)
785 		return -ENOMEM;
786 
787 	req->nbytes = count;
788 	req->done = adb_write_done;
789 	req->arg = (void *) state;
790 	req->complete = 0;
791 
792 	ret = -EFAULT;
793 	if (copy_from_user(req->data, buf, count))
794 		goto out;
795 
796 	atomic_inc(&state->n_pending);
797 
798 	/* If a probe is in progress or we are sleeping, wait for it to complete */
799 	down(&adb_probe_mutex);
800 
801 	/* Queries are special requests sent to the ADB driver itself */
802 	if (req->data[0] == ADB_QUERY) {
803 		if (count > 1)
804 			ret = do_adb_query(req);
805 		else
806 			ret = -EINVAL;
807 		up(&adb_probe_mutex);
808 	}
809 	/* Special case for ADB_BUSRESET request, all others are sent to
810 	   the controller */
811 	else if ((req->data[0] == ADB_PACKET) && (count > 1)
812 		&& (req->data[1] == ADB_BUSRESET)) {
813 		ret = do_adb_reset_bus();
814 		up(&adb_probe_mutex);
815 		atomic_dec(&state->n_pending);
816 		if (ret == 0)
817 			ret = count;
818 		goto out;
819 	} else {
820 		req->reply_expected = ((req->data[1] & 0xc) == 0xc);
821 		if (adb_controller && adb_controller->send_request)
822 			ret = adb_controller->send_request(req, 0);
823 		else
824 			ret = -ENXIO;
825 		up(&adb_probe_mutex);
826 	}
827 
828 	if (ret != 0) {
829 		atomic_dec(&state->n_pending);
830 		goto out;
831 	}
832 	return count;
833 
834 out:
835 	kfree(req);
836 	return ret;
837 }
838 
839 static const struct file_operations adb_fops = {
840 	.owner		= THIS_MODULE,
841 	.llseek		= no_llseek,
842 	.read		= adb_read,
843 	.write		= adb_write,
844 	.open		= adb_open,
845 	.release	= adb_release,
846 };
847 
848 #ifdef CONFIG_PM
849 static const struct dev_pm_ops adb_dev_pm_ops = {
850 	.suspend = adb_suspend,
851 	.resume = adb_resume,
852 	/* Hibernate hooks */
853 	.freeze = adb_freeze,
854 	.thaw = adb_resume,
855 	.poweroff = adb_poweroff,
856 	.restore = adb_resume,
857 };
858 #endif
859 
860 static struct platform_driver adb_pfdrv = {
861 	.driver = {
862 		.name = "adb",
863 #ifdef CONFIG_PM
864 		.pm = &adb_dev_pm_ops,
865 #endif
866 	},
867 };
868 
869 static struct platform_device adb_pfdev = {
870 	.name = "adb",
871 };
872 
873 static int __init
874 adb_dummy_probe(struct platform_device *dev)
875 {
876 	if (dev == &adb_pfdev)
877 		return 0;
878 	return -ENODEV;
879 }
880 
881 static void __init
882 adbdev_init(void)
883 {
884 	if (register_chrdev(ADB_MAJOR, "adb", &adb_fops)) {
885 		pr_err("adb: unable to get major %d\n", ADB_MAJOR);
886 		return;
887 	}
888 
889 	adb_dev_class = class_create(THIS_MODULE, "adb");
890 	if (IS_ERR(adb_dev_class))
891 		return;
892 	device_create(adb_dev_class, NULL, MKDEV(ADB_MAJOR, 0), NULL, "adb");
893 
894 	platform_device_register(&adb_pfdev);
895 	platform_driver_probe(&adb_pfdrv, adb_dummy_probe);
896 }
897