1 // SPDX-License-Identifier: GPL-2.0-or-later 2 /* 3 * dvb_ca.c: generic DVB functions for EN50221 CAM interfaces 4 * 5 * Copyright (C) 2004 Andrew de Quincey 6 * 7 * Parts of this file were based on sources as follows: 8 * 9 * Copyright (C) 2003 Ralph Metzler <rjkm@metzlerbros.de> 10 * 11 * based on code: 12 * 13 * Copyright (C) 1999-2002 Ralph Metzler 14 * & Marcus Metzler for convergence integrated media GmbH 15 */ 16 17 #define pr_fmt(fmt) "dvb_ca_en50221: " fmt 18 19 #include <linux/errno.h> 20 #include <linux/slab.h> 21 #include <linux/list.h> 22 #include <linux/module.h> 23 #include <linux/nospec.h> 24 #include <linux/vmalloc.h> 25 #include <linux/delay.h> 26 #include <linux/spinlock.h> 27 #include <linux/sched/signal.h> 28 #include <linux/kthread.h> 29 30 #include <media/dvb_ca_en50221.h> 31 #include <media/dvb_ringbuffer.h> 32 33 static int dvb_ca_en50221_debug; 34 35 module_param_named(cam_debug, dvb_ca_en50221_debug, int, 0644); 36 MODULE_PARM_DESC(cam_debug, "enable verbose debug messages"); 37 38 #define dprintk(fmt, arg...) do { \ 39 if (dvb_ca_en50221_debug) \ 40 printk(KERN_DEBUG pr_fmt("%s: " fmt), __func__, ##arg);\ 41 } while (0) 42 43 #define INIT_TIMEOUT_SECS 10 44 45 #define HOST_LINK_BUF_SIZE 0x200 46 47 #define RX_BUFFER_SIZE 65535 48 49 #define MAX_RX_PACKETS_PER_ITERATION 10 50 51 #define CTRLIF_DATA 0 52 #define CTRLIF_COMMAND 1 53 #define CTRLIF_STATUS 1 54 #define CTRLIF_SIZE_LOW 2 55 #define CTRLIF_SIZE_HIGH 3 56 57 #define CMDREG_HC 1 /* Host control */ 58 #define CMDREG_SW 2 /* Size write */ 59 #define CMDREG_SR 4 /* Size read */ 60 #define CMDREG_RS 8 /* Reset interface */ 61 #define CMDREG_FRIE 0x40 /* Enable FR interrupt */ 62 #define CMDREG_DAIE 0x80 /* Enable DA interrupt */ 63 #define IRQEN (CMDREG_DAIE) 64 65 #define STATUSREG_RE 1 /* read error */ 66 #define STATUSREG_WE 2 /* write error */ 67 #define STATUSREG_FR 0x40 /* module free */ 68 #define STATUSREG_DA 0x80 /* data available */ 69 70 #define DVB_CA_SLOTSTATE_NONE 0 71 #define DVB_CA_SLOTSTATE_UNINITIALISED 1 72 #define DVB_CA_SLOTSTATE_RUNNING 2 73 #define DVB_CA_SLOTSTATE_INVALID 3 74 #define DVB_CA_SLOTSTATE_WAITREADY 4 75 #define DVB_CA_SLOTSTATE_VALIDATE 5 76 #define DVB_CA_SLOTSTATE_WAITFR 6 77 #define DVB_CA_SLOTSTATE_LINKINIT 7 78 79 /* Information on a CA slot */ 80 struct dvb_ca_slot { 81 /* current state of the CAM */ 82 int slot_state; 83 84 /* mutex used for serializing access to one CI slot */ 85 struct mutex slot_lock; 86 87 /* Number of CAMCHANGES that have occurred since last processing */ 88 atomic_t camchange_count; 89 90 /* Type of last CAMCHANGE */ 91 int camchange_type; 92 93 /* base address of CAM config */ 94 u32 config_base; 95 96 /* value to write into Config Control register */ 97 u8 config_option; 98 99 /* if 1, the CAM supports DA IRQs */ 100 u8 da_irq_supported:1; 101 102 /* size of the buffer to use when talking to the CAM */ 103 int link_buf_size; 104 105 /* buffer for incoming packets */ 106 struct dvb_ringbuffer rx_buffer; 107 108 /* timer used during various states of the slot */ 109 unsigned long timeout; 110 }; 111 112 /* Private CA-interface information */ 113 struct dvb_ca_private { 114 struct kref refcount; 115 116 /* pointer back to the public data structure */ 117 struct dvb_ca_en50221 *pub; 118 119 /* the DVB device */ 120 struct dvb_device *dvbdev; 121 122 /* Flags describing the interface (DVB_CA_FLAG_*) */ 123 u32 flags; 124 125 /* number of slots supported by this CA interface */ 126 unsigned int slot_count; 127 128 /* information on each slot */ 129 struct dvb_ca_slot *slot_info; 130 131 /* wait queues for read() and write() operations */ 132 wait_queue_head_t wait_queue; 133 134 /* PID of the monitoring thread */ 135 struct task_struct *thread; 136 137 /* Flag indicating if the CA device is open */ 138 unsigned int open:1; 139 140 /* Flag indicating the thread should wake up now */ 141 unsigned int wakeup:1; 142 143 /* Delay the main thread should use */ 144 unsigned long delay; 145 146 /* 147 * Slot to start looking for data to read from in the next user-space 148 * read operation 149 */ 150 int next_read_slot; 151 152 /* mutex serializing ioctls */ 153 struct mutex ioctl_mutex; 154 }; 155 156 static void dvb_ca_private_free(struct dvb_ca_private *ca) 157 { 158 unsigned int i; 159 160 dvb_free_device(ca->dvbdev); 161 for (i = 0; i < ca->slot_count; i++) 162 vfree(ca->slot_info[i].rx_buffer.data); 163 164 kfree(ca->slot_info); 165 kfree(ca); 166 } 167 168 static void dvb_ca_private_release(struct kref *ref) 169 { 170 struct dvb_ca_private *ca; 171 172 ca = container_of(ref, struct dvb_ca_private, refcount); 173 dvb_ca_private_free(ca); 174 } 175 176 static void dvb_ca_private_get(struct dvb_ca_private *ca) 177 { 178 kref_get(&ca->refcount); 179 } 180 181 static void dvb_ca_private_put(struct dvb_ca_private *ca) 182 { 183 kref_put(&ca->refcount, dvb_ca_private_release); 184 } 185 186 static void dvb_ca_en50221_thread_wakeup(struct dvb_ca_private *ca); 187 static int dvb_ca_en50221_read_data(struct dvb_ca_private *ca, int slot, 188 u8 *ebuf, int ecount); 189 static int dvb_ca_en50221_write_data(struct dvb_ca_private *ca, int slot, 190 u8 *ebuf, int ecount); 191 192 /** 193 * Safely find needle in haystack. 194 * 195 * @haystack: Buffer to look in. 196 * @hlen: Number of bytes in haystack. 197 * @needle: Buffer to find. 198 * @nlen: Number of bytes in needle. 199 * return: Pointer into haystack needle was found at, or NULL if not found. 200 */ 201 static char *findstr(char *haystack, int hlen, char *needle, int nlen) 202 { 203 int i; 204 205 if (hlen < nlen) 206 return NULL; 207 208 for (i = 0; i <= hlen - nlen; i++) { 209 if (!strncmp(haystack + i, needle, nlen)) 210 return haystack + i; 211 } 212 213 return NULL; 214 } 215 216 /* ************************************************************************** */ 217 /* EN50221 physical interface functions */ 218 219 /* 220 * dvb_ca_en50221_check_camstatus - Check CAM status. 221 */ 222 static int dvb_ca_en50221_check_camstatus(struct dvb_ca_private *ca, int slot) 223 { 224 struct dvb_ca_slot *sl = &ca->slot_info[slot]; 225 int slot_status; 226 int cam_present_now; 227 int cam_changed; 228 229 /* IRQ mode */ 230 if (ca->flags & DVB_CA_EN50221_FLAG_IRQ_CAMCHANGE) 231 return (atomic_read(&sl->camchange_count) != 0); 232 233 /* poll mode */ 234 slot_status = ca->pub->poll_slot_status(ca->pub, slot, ca->open); 235 236 cam_present_now = (slot_status & DVB_CA_EN50221_POLL_CAM_PRESENT) ? 1 : 0; 237 cam_changed = (slot_status & DVB_CA_EN50221_POLL_CAM_CHANGED) ? 1 : 0; 238 if (!cam_changed) { 239 int cam_present_old = (sl->slot_state != DVB_CA_SLOTSTATE_NONE); 240 241 cam_changed = (cam_present_now != cam_present_old); 242 } 243 244 if (cam_changed) { 245 if (!cam_present_now) 246 sl->camchange_type = DVB_CA_EN50221_CAMCHANGE_REMOVED; 247 else 248 sl->camchange_type = DVB_CA_EN50221_CAMCHANGE_INSERTED; 249 atomic_set(&sl->camchange_count, 1); 250 } else { 251 if ((sl->slot_state == DVB_CA_SLOTSTATE_WAITREADY) && 252 (slot_status & DVB_CA_EN50221_POLL_CAM_READY)) { 253 /* move to validate state if reset is completed */ 254 sl->slot_state = DVB_CA_SLOTSTATE_VALIDATE; 255 } 256 } 257 258 return cam_changed; 259 } 260 261 /** 262 * dvb_ca_en50221_wait_if_status - Wait for flags to become set on the STATUS 263 * register on a CAM interface, checking for errors and timeout. 264 * 265 * @ca: CA instance. 266 * @slot: Slot on interface. 267 * @waitfor: Flags to wait for. 268 * @timeout_hz: Timeout in milliseconds. 269 * 270 * return: 0 on success, nonzero on error. 271 */ 272 static int dvb_ca_en50221_wait_if_status(struct dvb_ca_private *ca, int slot, 273 u8 waitfor, int timeout_hz) 274 { 275 unsigned long timeout; 276 unsigned long start; 277 278 dprintk("%s\n", __func__); 279 280 /* loop until timeout elapsed */ 281 start = jiffies; 282 timeout = jiffies + timeout_hz; 283 while (1) { 284 int res; 285 286 /* read the status and check for error */ 287 res = ca->pub->read_cam_control(ca->pub, slot, CTRLIF_STATUS); 288 if (res < 0) 289 return -EIO; 290 291 /* if we got the flags, it was successful! */ 292 if (res & waitfor) { 293 dprintk("%s succeeded timeout:%lu\n", 294 __func__, jiffies - start); 295 return 0; 296 } 297 298 /* check for timeout */ 299 if (time_after(jiffies, timeout)) 300 break; 301 302 /* wait for a bit */ 303 usleep_range(1000, 1100); 304 } 305 306 dprintk("%s failed timeout:%lu\n", __func__, jiffies - start); 307 308 /* if we get here, we've timed out */ 309 return -ETIMEDOUT; 310 } 311 312 /** 313 * dvb_ca_en50221_link_init - Initialise the link layer connection to a CAM. 314 * 315 * @ca: CA instance. 316 * @slot: Slot id. 317 * 318 * return: 0 on success, nonzero on failure. 319 */ 320 static int dvb_ca_en50221_link_init(struct dvb_ca_private *ca, int slot) 321 { 322 struct dvb_ca_slot *sl = &ca->slot_info[slot]; 323 int ret; 324 int buf_size; 325 u8 buf[2]; 326 327 dprintk("%s\n", __func__); 328 329 /* we'll be determining these during this function */ 330 sl->da_irq_supported = 0; 331 332 /* 333 * set the host link buffer size temporarily. it will be overwritten 334 * with the real negotiated size later. 335 */ 336 sl->link_buf_size = 2; 337 338 /* read the buffer size from the CAM */ 339 ret = ca->pub->write_cam_control(ca->pub, slot, CTRLIF_COMMAND, 340 IRQEN | CMDREG_SR); 341 if (ret) 342 return ret; 343 ret = dvb_ca_en50221_wait_if_status(ca, slot, STATUSREG_DA, HZ); 344 if (ret) 345 return ret; 346 ret = dvb_ca_en50221_read_data(ca, slot, buf, 2); 347 if (ret != 2) 348 return -EIO; 349 ret = ca->pub->write_cam_control(ca->pub, slot, CTRLIF_COMMAND, IRQEN); 350 if (ret) 351 return ret; 352 353 /* 354 * store it, and choose the minimum of our buffer and the CAM's buffer 355 * size 356 */ 357 buf_size = (buf[0] << 8) | buf[1]; 358 if (buf_size > HOST_LINK_BUF_SIZE) 359 buf_size = HOST_LINK_BUF_SIZE; 360 sl->link_buf_size = buf_size; 361 buf[0] = buf_size >> 8; 362 buf[1] = buf_size & 0xff; 363 dprintk("Chosen link buffer size of %i\n", buf_size); 364 365 /* write the buffer size to the CAM */ 366 ret = ca->pub->write_cam_control(ca->pub, slot, CTRLIF_COMMAND, 367 IRQEN | CMDREG_SW); 368 if (ret) 369 return ret; 370 ret = dvb_ca_en50221_wait_if_status(ca, slot, STATUSREG_FR, HZ / 10); 371 if (ret) 372 return ret; 373 ret = dvb_ca_en50221_write_data(ca, slot, buf, 2); 374 if (ret != 2) 375 return -EIO; 376 ret = ca->pub->write_cam_control(ca->pub, slot, CTRLIF_COMMAND, IRQEN); 377 if (ret) 378 return ret; 379 380 /* success */ 381 return 0; 382 } 383 384 /** 385 * dvb_ca_en50221_read_tuple - Read a tuple from attribute memory. 386 * 387 * @ca: CA instance. 388 * @slot: Slot id. 389 * @address: Address to read from. Updated. 390 * @tuple_type: Tuple id byte. Updated. 391 * @tuple_length: Tuple length. Updated. 392 * @tuple: Dest buffer for tuple (must be 256 bytes). Updated. 393 * 394 * return: 0 on success, nonzero on error. 395 */ 396 static int dvb_ca_en50221_read_tuple(struct dvb_ca_private *ca, int slot, 397 int *address, int *tuple_type, 398 int *tuple_length, u8 *tuple) 399 { 400 int i; 401 int _tuple_type; 402 int _tuple_length; 403 int _address = *address; 404 405 /* grab the next tuple length and type */ 406 _tuple_type = ca->pub->read_attribute_mem(ca->pub, slot, _address); 407 if (_tuple_type < 0) 408 return _tuple_type; 409 if (_tuple_type == 0xff) { 410 dprintk("END OF CHAIN TUPLE type:0x%x\n", _tuple_type); 411 *address += 2; 412 *tuple_type = _tuple_type; 413 *tuple_length = 0; 414 return 0; 415 } 416 _tuple_length = ca->pub->read_attribute_mem(ca->pub, slot, 417 _address + 2); 418 if (_tuple_length < 0) 419 return _tuple_length; 420 _address += 4; 421 422 dprintk("TUPLE type:0x%x length:%i\n", _tuple_type, _tuple_length); 423 424 /* read in the whole tuple */ 425 for (i = 0; i < _tuple_length; i++) { 426 tuple[i] = ca->pub->read_attribute_mem(ca->pub, slot, 427 _address + (i * 2)); 428 dprintk(" 0x%02x: 0x%02x %c\n", 429 i, tuple[i] & 0xff, 430 ((tuple[i] > 31) && (tuple[i] < 127)) ? tuple[i] : '.'); 431 } 432 _address += (_tuple_length * 2); 433 434 /* success */ 435 *tuple_type = _tuple_type; 436 *tuple_length = _tuple_length; 437 *address = _address; 438 return 0; 439 } 440 441 /** 442 * dvb_ca_en50221_parse_attributes - Parse attribute memory of a CAM module, 443 * extracting Config register, and checking it is a DVB CAM module. 444 * 445 * @ca: CA instance. 446 * @slot: Slot id. 447 * 448 * return: 0 on success, <0 on failure. 449 */ 450 static int dvb_ca_en50221_parse_attributes(struct dvb_ca_private *ca, int slot) 451 { 452 struct dvb_ca_slot *sl; 453 int address = 0; 454 int tuple_length; 455 int tuple_type; 456 u8 tuple[257]; 457 char *dvb_str; 458 int rasz; 459 int status; 460 int got_cftableentry = 0; 461 int end_chain = 0; 462 int i; 463 u16 manfid = 0; 464 u16 devid = 0; 465 466 /* CISTPL_DEVICE_0A */ 467 status = dvb_ca_en50221_read_tuple(ca, slot, &address, &tuple_type, 468 &tuple_length, tuple); 469 if (status < 0) 470 return status; 471 if (tuple_type != 0x1D) 472 return -EINVAL; 473 474 /* CISTPL_DEVICE_0C */ 475 status = dvb_ca_en50221_read_tuple(ca, slot, &address, &tuple_type, 476 &tuple_length, tuple); 477 if (status < 0) 478 return status; 479 if (tuple_type != 0x1C) 480 return -EINVAL; 481 482 /* CISTPL_VERS_1 */ 483 status = dvb_ca_en50221_read_tuple(ca, slot, &address, &tuple_type, 484 &tuple_length, tuple); 485 if (status < 0) 486 return status; 487 if (tuple_type != 0x15) 488 return -EINVAL; 489 490 /* CISTPL_MANFID */ 491 status = dvb_ca_en50221_read_tuple(ca, slot, &address, &tuple_type, 492 &tuple_length, tuple); 493 if (status < 0) 494 return status; 495 if (tuple_type != 0x20) 496 return -EINVAL; 497 if (tuple_length != 4) 498 return -EINVAL; 499 manfid = (tuple[1] << 8) | tuple[0]; 500 devid = (tuple[3] << 8) | tuple[2]; 501 502 /* CISTPL_CONFIG */ 503 status = dvb_ca_en50221_read_tuple(ca, slot, &address, &tuple_type, 504 &tuple_length, tuple); 505 if (status < 0) 506 return status; 507 if (tuple_type != 0x1A) 508 return -EINVAL; 509 if (tuple_length < 3) 510 return -EINVAL; 511 512 /* extract the configbase */ 513 rasz = tuple[0] & 3; 514 if (tuple_length < (3 + rasz + 14)) 515 return -EINVAL; 516 sl = &ca->slot_info[slot]; 517 sl->config_base = 0; 518 for (i = 0; i < rasz + 1; i++) 519 sl->config_base |= (tuple[2 + i] << (8 * i)); 520 521 /* check it contains the correct DVB string */ 522 dvb_str = findstr((char *)tuple, tuple_length, "DVB_CI_V", 8); 523 if (!dvb_str) 524 return -EINVAL; 525 if (tuple_length < ((dvb_str - (char *)tuple) + 12)) 526 return -EINVAL; 527 528 /* is it a version we support? */ 529 if (strncmp(dvb_str + 8, "1.00", 4)) { 530 pr_err("dvb_ca adapter %d: Unsupported DVB CAM module version %c%c%c%c\n", 531 ca->dvbdev->adapter->num, dvb_str[8], dvb_str[9], 532 dvb_str[10], dvb_str[11]); 533 return -EINVAL; 534 } 535 536 /* process the CFTABLE_ENTRY tuples, and any after those */ 537 while ((!end_chain) && (address < 0x1000)) { 538 status = dvb_ca_en50221_read_tuple(ca, slot, &address, 539 &tuple_type, &tuple_length, 540 tuple); 541 if (status < 0) 542 return status; 543 switch (tuple_type) { 544 case 0x1B: /* CISTPL_CFTABLE_ENTRY */ 545 if (tuple_length < (2 + 11 + 17)) 546 break; 547 548 /* if we've already parsed one, just use it */ 549 if (got_cftableentry) 550 break; 551 552 /* get the config option */ 553 sl->config_option = tuple[0] & 0x3f; 554 555 /* OK, check it contains the correct strings */ 556 if (!findstr((char *)tuple, tuple_length, 557 "DVB_HOST", 8) || 558 !findstr((char *)tuple, tuple_length, 559 "DVB_CI_MODULE", 13)) 560 break; 561 562 got_cftableentry = 1; 563 break; 564 565 case 0x14: /* CISTPL_NO_LINK */ 566 break; 567 568 case 0xFF: /* CISTPL_END */ 569 end_chain = 1; 570 break; 571 572 default: /* Unknown tuple type - just skip this tuple */ 573 dprintk("dvb_ca: Skipping unknown tuple type:0x%x length:0x%x\n", 574 tuple_type, tuple_length); 575 break; 576 } 577 } 578 579 if ((address > 0x1000) || (!got_cftableentry)) 580 return -EINVAL; 581 582 dprintk("Valid DVB CAM detected MANID:%x DEVID:%x CONFIGBASE:0x%x CONFIGOPTION:0x%x\n", 583 manfid, devid, sl->config_base, sl->config_option); 584 585 /* success! */ 586 return 0; 587 } 588 589 /** 590 * dvb_ca_en50221_set_configoption - Set CAM's configoption correctly. 591 * 592 * @ca: CA instance. 593 * @slot: Slot containing the CAM. 594 */ 595 static int dvb_ca_en50221_set_configoption(struct dvb_ca_private *ca, int slot) 596 { 597 struct dvb_ca_slot *sl = &ca->slot_info[slot]; 598 int configoption; 599 600 dprintk("%s\n", __func__); 601 602 /* set the config option */ 603 ca->pub->write_attribute_mem(ca->pub, slot, sl->config_base, 604 sl->config_option); 605 606 /* check it */ 607 configoption = ca->pub->read_attribute_mem(ca->pub, slot, 608 sl->config_base); 609 dprintk("Set configoption 0x%x, read configoption 0x%x\n", 610 sl->config_option, configoption & 0x3f); 611 612 /* fine! */ 613 return 0; 614 } 615 616 /** 617 * dvb_ca_en50221_read_data - This function talks to an EN50221 CAM control 618 * interface. It reads a buffer of data from the CAM. The data can either 619 * be stored in a supplied buffer, or automatically be added to the slot's 620 * rx_buffer. 621 * 622 * @ca: CA instance. 623 * @slot: Slot to read from. 624 * @ebuf: If non-NULL, the data will be written to this buffer. If NULL, 625 * the data will be added into the buffering system as a normal 626 * fragment. 627 * @ecount: Size of ebuf. Ignored if ebuf is NULL. 628 * 629 * return: Number of bytes read, or < 0 on error 630 */ 631 static int dvb_ca_en50221_read_data(struct dvb_ca_private *ca, int slot, 632 u8 *ebuf, int ecount) 633 { 634 struct dvb_ca_slot *sl = &ca->slot_info[slot]; 635 int bytes_read; 636 int status; 637 u8 buf[HOST_LINK_BUF_SIZE]; 638 int i; 639 640 dprintk("%s\n", __func__); 641 642 /* check if we have space for a link buf in the rx_buffer */ 643 if (!ebuf) { 644 int buf_free; 645 646 if (!sl->rx_buffer.data) { 647 status = -EIO; 648 goto exit; 649 } 650 buf_free = dvb_ringbuffer_free(&sl->rx_buffer); 651 652 if (buf_free < (sl->link_buf_size + 653 DVB_RINGBUFFER_PKTHDRSIZE)) { 654 status = -EAGAIN; 655 goto exit; 656 } 657 } 658 659 if (ca->pub->read_data && 660 (sl->slot_state != DVB_CA_SLOTSTATE_LINKINIT)) { 661 if (!ebuf) 662 status = ca->pub->read_data(ca->pub, slot, buf, 663 sizeof(buf)); 664 else 665 status = ca->pub->read_data(ca->pub, slot, buf, ecount); 666 if (status < 0) 667 return status; 668 bytes_read = status; 669 if (status == 0) 670 goto exit; 671 } else { 672 /* check if there is data available */ 673 status = ca->pub->read_cam_control(ca->pub, slot, 674 CTRLIF_STATUS); 675 if (status < 0) 676 goto exit; 677 if (!(status & STATUSREG_DA)) { 678 /* no data */ 679 status = 0; 680 goto exit; 681 } 682 683 /* read the amount of data */ 684 status = ca->pub->read_cam_control(ca->pub, slot, 685 CTRLIF_SIZE_HIGH); 686 if (status < 0) 687 goto exit; 688 bytes_read = status << 8; 689 status = ca->pub->read_cam_control(ca->pub, slot, 690 CTRLIF_SIZE_LOW); 691 if (status < 0) 692 goto exit; 693 bytes_read |= status; 694 695 /* check it will fit */ 696 if (!ebuf) { 697 if (bytes_read > sl->link_buf_size) { 698 pr_err("dvb_ca adapter %d: CAM tried to send a buffer larger than the link buffer size (%i > %i)!\n", 699 ca->dvbdev->adapter->num, bytes_read, 700 sl->link_buf_size); 701 sl->slot_state = DVB_CA_SLOTSTATE_LINKINIT; 702 status = -EIO; 703 goto exit; 704 } 705 if (bytes_read < 2) { 706 pr_err("dvb_ca adapter %d: CAM sent a buffer that was less than 2 bytes!\n", 707 ca->dvbdev->adapter->num); 708 sl->slot_state = DVB_CA_SLOTSTATE_LINKINIT; 709 status = -EIO; 710 goto exit; 711 } 712 } else { 713 if (bytes_read > ecount) { 714 pr_err("dvb_ca adapter %d: CAM tried to send a buffer larger than the ecount size!\n", 715 ca->dvbdev->adapter->num); 716 status = -EIO; 717 goto exit; 718 } 719 } 720 721 /* fill the buffer */ 722 for (i = 0; i < bytes_read; i++) { 723 /* read byte and check */ 724 status = ca->pub->read_cam_control(ca->pub, slot, 725 CTRLIF_DATA); 726 if (status < 0) 727 goto exit; 728 729 /* OK, store it in the buffer */ 730 buf[i] = status; 731 } 732 733 /* check for read error (RE should now be 0) */ 734 status = ca->pub->read_cam_control(ca->pub, slot, 735 CTRLIF_STATUS); 736 if (status < 0) 737 goto exit; 738 if (status & STATUSREG_RE) { 739 sl->slot_state = DVB_CA_SLOTSTATE_LINKINIT; 740 status = -EIO; 741 goto exit; 742 } 743 } 744 745 /* 746 * OK, add it to the receive buffer, or copy into external buffer if 747 * supplied 748 */ 749 if (!ebuf) { 750 if (!sl->rx_buffer.data) { 751 status = -EIO; 752 goto exit; 753 } 754 dvb_ringbuffer_pkt_write(&sl->rx_buffer, buf, bytes_read); 755 } else { 756 memcpy(ebuf, buf, bytes_read); 757 } 758 759 dprintk("Received CA packet for slot %i connection id 0x%x last_frag:%i size:0x%x\n", slot, 760 buf[0], (buf[1] & 0x80) == 0, bytes_read); 761 762 /* wake up readers when a last_fragment is received */ 763 if ((buf[1] & 0x80) == 0x00) 764 wake_up_interruptible(&ca->wait_queue); 765 766 status = bytes_read; 767 768 exit: 769 return status; 770 } 771 772 /** 773 * dvb_ca_en50221_write_data - This function talks to an EN50221 CAM control 774 * interface. It writes a buffer of data to a CAM. 775 * 776 * @ca: CA instance. 777 * @slot: Slot to write to. 778 * @buf: The data in this buffer is treated as a complete link-level packet to 779 * be written. 780 * @bytes_write: Size of ebuf. 781 * 782 * return: Number of bytes written, or < 0 on error. 783 */ 784 static int dvb_ca_en50221_write_data(struct dvb_ca_private *ca, int slot, 785 u8 *buf, int bytes_write) 786 { 787 struct dvb_ca_slot *sl = &ca->slot_info[slot]; 788 int status; 789 int i; 790 791 dprintk("%s\n", __func__); 792 793 /* sanity check */ 794 if (bytes_write > sl->link_buf_size) 795 return -EINVAL; 796 797 if (ca->pub->write_data && 798 (sl->slot_state != DVB_CA_SLOTSTATE_LINKINIT)) 799 return ca->pub->write_data(ca->pub, slot, buf, bytes_write); 800 801 /* 802 * it is possible we are dealing with a single buffer implementation, 803 * thus if there is data available for read or if there is even a read 804 * already in progress, we do nothing but awake the kernel thread to 805 * process the data if necessary. 806 */ 807 status = ca->pub->read_cam_control(ca->pub, slot, CTRLIF_STATUS); 808 if (status < 0) 809 goto exitnowrite; 810 if (status & (STATUSREG_DA | STATUSREG_RE)) { 811 if (status & STATUSREG_DA) 812 dvb_ca_en50221_thread_wakeup(ca); 813 814 status = -EAGAIN; 815 goto exitnowrite; 816 } 817 818 /* OK, set HC bit */ 819 status = ca->pub->write_cam_control(ca->pub, slot, CTRLIF_COMMAND, 820 IRQEN | CMDREG_HC); 821 if (status) 822 goto exit; 823 824 /* check if interface is still free */ 825 status = ca->pub->read_cam_control(ca->pub, slot, CTRLIF_STATUS); 826 if (status < 0) 827 goto exit; 828 if (!(status & STATUSREG_FR)) { 829 /* it wasn't free => try again later */ 830 status = -EAGAIN; 831 goto exit; 832 } 833 834 /* 835 * It may need some time for the CAM to settle down, or there might 836 * be a race condition between the CAM, writing HC and our last 837 * check for DA. This happens, if the CAM asserts DA, just after 838 * checking DA before we are setting HC. In this case it might be 839 * a bug in the CAM to keep the FR bit, the lower layer/HW 840 * communication requires a longer timeout or the CAM needs more 841 * time internally. But this happens in reality! 842 * We need to read the status from the HW again and do the same 843 * we did for the previous check for DA 844 */ 845 status = ca->pub->read_cam_control(ca->pub, slot, CTRLIF_STATUS); 846 if (status < 0) 847 goto exit; 848 849 if (status & (STATUSREG_DA | STATUSREG_RE)) { 850 if (status & STATUSREG_DA) 851 dvb_ca_en50221_thread_wakeup(ca); 852 853 status = -EAGAIN; 854 goto exit; 855 } 856 857 /* send the amount of data */ 858 status = ca->pub->write_cam_control(ca->pub, slot, CTRLIF_SIZE_HIGH, 859 bytes_write >> 8); 860 if (status) 861 goto exit; 862 status = ca->pub->write_cam_control(ca->pub, slot, CTRLIF_SIZE_LOW, 863 bytes_write & 0xff); 864 if (status) 865 goto exit; 866 867 /* send the buffer */ 868 for (i = 0; i < bytes_write; i++) { 869 status = ca->pub->write_cam_control(ca->pub, slot, CTRLIF_DATA, 870 buf[i]); 871 if (status) 872 goto exit; 873 } 874 875 /* check for write error (WE should now be 0) */ 876 status = ca->pub->read_cam_control(ca->pub, slot, CTRLIF_STATUS); 877 if (status < 0) 878 goto exit; 879 if (status & STATUSREG_WE) { 880 sl->slot_state = DVB_CA_SLOTSTATE_LINKINIT; 881 status = -EIO; 882 goto exit; 883 } 884 status = bytes_write; 885 886 dprintk("Wrote CA packet for slot %i, connection id 0x%x last_frag:%i size:0x%x\n", slot, 887 buf[0], (buf[1] & 0x80) == 0, bytes_write); 888 889 exit: 890 ca->pub->write_cam_control(ca->pub, slot, CTRLIF_COMMAND, IRQEN); 891 892 exitnowrite: 893 return status; 894 } 895 896 /* ************************************************************************** */ 897 /* EN50221 higher level functions */ 898 899 /** 900 * dvb_ca_en50221_slot_shutdown - A CAM has been removed => shut it down. 901 * 902 * @ca: CA instance. 903 * @slot: Slot to shut down. 904 */ 905 static int dvb_ca_en50221_slot_shutdown(struct dvb_ca_private *ca, int slot) 906 { 907 dprintk("%s\n", __func__); 908 909 ca->pub->slot_shutdown(ca->pub, slot); 910 ca->slot_info[slot].slot_state = DVB_CA_SLOTSTATE_NONE; 911 912 /* 913 * need to wake up all processes to check if they're now trying to 914 * write to a defunct CAM 915 */ 916 wake_up_interruptible(&ca->wait_queue); 917 918 dprintk("Slot %i shutdown\n", slot); 919 920 /* success */ 921 return 0; 922 } 923 924 /** 925 * dvb_ca_en50221_camchange_irq - A CAMCHANGE IRQ has occurred. 926 * 927 * @pubca: CA instance. 928 * @slot: Slot concerned. 929 * @change_type: One of the DVB_CA_CAMCHANGE_* values. 930 */ 931 void dvb_ca_en50221_camchange_irq(struct dvb_ca_en50221 *pubca, int slot, 932 int change_type) 933 { 934 struct dvb_ca_private *ca = pubca->private; 935 struct dvb_ca_slot *sl = &ca->slot_info[slot]; 936 937 dprintk("CAMCHANGE IRQ slot:%i change_type:%i\n", slot, change_type); 938 939 switch (change_type) { 940 case DVB_CA_EN50221_CAMCHANGE_REMOVED: 941 case DVB_CA_EN50221_CAMCHANGE_INSERTED: 942 break; 943 944 default: 945 return; 946 } 947 948 sl->camchange_type = change_type; 949 atomic_inc(&sl->camchange_count); 950 dvb_ca_en50221_thread_wakeup(ca); 951 } 952 EXPORT_SYMBOL(dvb_ca_en50221_camchange_irq); 953 954 /** 955 * dvb_ca_en50221_camready_irq - A CAMREADY IRQ has occurred. 956 * 957 * @pubca: CA instance. 958 * @slot: Slot concerned. 959 */ 960 void dvb_ca_en50221_camready_irq(struct dvb_ca_en50221 *pubca, int slot) 961 { 962 struct dvb_ca_private *ca = pubca->private; 963 struct dvb_ca_slot *sl = &ca->slot_info[slot]; 964 965 dprintk("CAMREADY IRQ slot:%i\n", slot); 966 967 if (sl->slot_state == DVB_CA_SLOTSTATE_WAITREADY) { 968 sl->slot_state = DVB_CA_SLOTSTATE_VALIDATE; 969 dvb_ca_en50221_thread_wakeup(ca); 970 } 971 } 972 EXPORT_SYMBOL(dvb_ca_en50221_camready_irq); 973 974 /** 975 * dvb_ca_en50221_frda_irq - An FR or DA IRQ has occurred. 976 * 977 * @pubca: CA instance. 978 * @slot: Slot concerned. 979 */ 980 void dvb_ca_en50221_frda_irq(struct dvb_ca_en50221 *pubca, int slot) 981 { 982 struct dvb_ca_private *ca = pubca->private; 983 struct dvb_ca_slot *sl = &ca->slot_info[slot]; 984 int flags; 985 986 dprintk("FR/DA IRQ slot:%i\n", slot); 987 988 switch (sl->slot_state) { 989 case DVB_CA_SLOTSTATE_LINKINIT: 990 flags = ca->pub->read_cam_control(pubca, slot, CTRLIF_STATUS); 991 if (flags & STATUSREG_DA) { 992 dprintk("CAM supports DA IRQ\n"); 993 sl->da_irq_supported = 1; 994 } 995 break; 996 997 case DVB_CA_SLOTSTATE_RUNNING: 998 if (ca->open) 999 dvb_ca_en50221_thread_wakeup(ca); 1000 break; 1001 } 1002 } 1003 EXPORT_SYMBOL(dvb_ca_en50221_frda_irq); 1004 1005 /* ************************************************************************** */ 1006 /* EN50221 thread functions */ 1007 1008 /** 1009 * Wake up the DVB CA thread 1010 * 1011 * @ca: CA instance. 1012 */ 1013 static void dvb_ca_en50221_thread_wakeup(struct dvb_ca_private *ca) 1014 { 1015 dprintk("%s\n", __func__); 1016 1017 ca->wakeup = 1; 1018 mb(); 1019 wake_up_process(ca->thread); 1020 } 1021 1022 /** 1023 * Update the delay used by the thread. 1024 * 1025 * @ca: CA instance. 1026 */ 1027 static void dvb_ca_en50221_thread_update_delay(struct dvb_ca_private *ca) 1028 { 1029 int delay; 1030 int curdelay = 100000000; 1031 int slot; 1032 1033 /* 1034 * Beware of too high polling frequency, because one polling 1035 * call might take several hundred milliseconds until timeout! 1036 */ 1037 for (slot = 0; slot < ca->slot_count; slot++) { 1038 struct dvb_ca_slot *sl = &ca->slot_info[slot]; 1039 1040 switch (sl->slot_state) { 1041 default: 1042 case DVB_CA_SLOTSTATE_NONE: 1043 delay = HZ * 60; /* 60s */ 1044 if (!(ca->flags & DVB_CA_EN50221_FLAG_IRQ_CAMCHANGE)) 1045 delay = HZ * 5; /* 5s */ 1046 break; 1047 case DVB_CA_SLOTSTATE_INVALID: 1048 delay = HZ * 60; /* 60s */ 1049 if (!(ca->flags & DVB_CA_EN50221_FLAG_IRQ_CAMCHANGE)) 1050 delay = HZ / 10; /* 100ms */ 1051 break; 1052 1053 case DVB_CA_SLOTSTATE_UNINITIALISED: 1054 case DVB_CA_SLOTSTATE_WAITREADY: 1055 case DVB_CA_SLOTSTATE_VALIDATE: 1056 case DVB_CA_SLOTSTATE_WAITFR: 1057 case DVB_CA_SLOTSTATE_LINKINIT: 1058 delay = HZ / 10; /* 100ms */ 1059 break; 1060 1061 case DVB_CA_SLOTSTATE_RUNNING: 1062 delay = HZ * 60; /* 60s */ 1063 if (!(ca->flags & DVB_CA_EN50221_FLAG_IRQ_CAMCHANGE)) 1064 delay = HZ / 10; /* 100ms */ 1065 if (ca->open) { 1066 if ((!sl->da_irq_supported) || 1067 (!(ca->flags & DVB_CA_EN50221_FLAG_IRQ_DA))) 1068 delay = HZ / 10; /* 100ms */ 1069 } 1070 break; 1071 } 1072 1073 if (delay < curdelay) 1074 curdelay = delay; 1075 } 1076 1077 ca->delay = curdelay; 1078 } 1079 1080 /** 1081 * Poll if the CAM is gone. 1082 * 1083 * @ca: CA instance. 1084 * @slot: Slot to process. 1085 * return:: 0 .. no change 1086 * 1 .. CAM state changed 1087 */ 1088 1089 static int dvb_ca_en50221_poll_cam_gone(struct dvb_ca_private *ca, int slot) 1090 { 1091 int changed = 0; 1092 int status; 1093 1094 /* 1095 * we need this extra check for annoying interfaces like the 1096 * budget-av 1097 */ 1098 if ((!(ca->flags & DVB_CA_EN50221_FLAG_IRQ_CAMCHANGE)) && 1099 (ca->pub->poll_slot_status)) { 1100 status = ca->pub->poll_slot_status(ca->pub, slot, 0); 1101 if (!(status & 1102 DVB_CA_EN50221_POLL_CAM_PRESENT)) { 1103 ca->slot_info[slot].slot_state = DVB_CA_SLOTSTATE_NONE; 1104 dvb_ca_en50221_thread_update_delay(ca); 1105 changed = 1; 1106 } 1107 } 1108 return changed; 1109 } 1110 1111 /** 1112 * Thread state machine for one CA slot to perform the data transfer. 1113 * 1114 * @ca: CA instance. 1115 * @slot: Slot to process. 1116 */ 1117 static void dvb_ca_en50221_thread_state_machine(struct dvb_ca_private *ca, 1118 int slot) 1119 { 1120 struct dvb_ca_slot *sl = &ca->slot_info[slot]; 1121 int flags; 1122 int pktcount; 1123 void *rxbuf; 1124 1125 mutex_lock(&sl->slot_lock); 1126 1127 /* check the cam status + deal with CAMCHANGEs */ 1128 while (dvb_ca_en50221_check_camstatus(ca, slot)) { 1129 /* clear down an old CI slot if necessary */ 1130 if (sl->slot_state != DVB_CA_SLOTSTATE_NONE) 1131 dvb_ca_en50221_slot_shutdown(ca, slot); 1132 1133 /* if a CAM is NOW present, initialise it */ 1134 if (sl->camchange_type == DVB_CA_EN50221_CAMCHANGE_INSERTED) 1135 sl->slot_state = DVB_CA_SLOTSTATE_UNINITIALISED; 1136 1137 /* we've handled one CAMCHANGE */ 1138 dvb_ca_en50221_thread_update_delay(ca); 1139 atomic_dec(&sl->camchange_count); 1140 } 1141 1142 /* CAM state machine */ 1143 switch (sl->slot_state) { 1144 case DVB_CA_SLOTSTATE_NONE: 1145 case DVB_CA_SLOTSTATE_INVALID: 1146 /* no action needed */ 1147 break; 1148 1149 case DVB_CA_SLOTSTATE_UNINITIALISED: 1150 sl->slot_state = DVB_CA_SLOTSTATE_WAITREADY; 1151 ca->pub->slot_reset(ca->pub, slot); 1152 sl->timeout = jiffies + (INIT_TIMEOUT_SECS * HZ); 1153 break; 1154 1155 case DVB_CA_SLOTSTATE_WAITREADY: 1156 if (time_after(jiffies, sl->timeout)) { 1157 pr_err("dvb_ca adaptor %d: PC card did not respond :(\n", 1158 ca->dvbdev->adapter->num); 1159 sl->slot_state = DVB_CA_SLOTSTATE_INVALID; 1160 dvb_ca_en50221_thread_update_delay(ca); 1161 break; 1162 } 1163 /* 1164 * no other action needed; will automatically change state when 1165 * ready 1166 */ 1167 break; 1168 1169 case DVB_CA_SLOTSTATE_VALIDATE: 1170 if (dvb_ca_en50221_parse_attributes(ca, slot) != 0) { 1171 if (dvb_ca_en50221_poll_cam_gone(ca, slot)) 1172 break; 1173 1174 pr_err("dvb_ca adapter %d: Invalid PC card inserted :(\n", 1175 ca->dvbdev->adapter->num); 1176 sl->slot_state = DVB_CA_SLOTSTATE_INVALID; 1177 dvb_ca_en50221_thread_update_delay(ca); 1178 break; 1179 } 1180 if (dvb_ca_en50221_set_configoption(ca, slot) != 0) { 1181 pr_err("dvb_ca adapter %d: Unable to initialise CAM :(\n", 1182 ca->dvbdev->adapter->num); 1183 sl->slot_state = DVB_CA_SLOTSTATE_INVALID; 1184 dvb_ca_en50221_thread_update_delay(ca); 1185 break; 1186 } 1187 if (ca->pub->write_cam_control(ca->pub, slot, 1188 CTRLIF_COMMAND, 1189 CMDREG_RS) != 0) { 1190 pr_err("dvb_ca adapter %d: Unable to reset CAM IF\n", 1191 ca->dvbdev->adapter->num); 1192 sl->slot_state = DVB_CA_SLOTSTATE_INVALID; 1193 dvb_ca_en50221_thread_update_delay(ca); 1194 break; 1195 } 1196 dprintk("DVB CAM validated successfully\n"); 1197 1198 sl->timeout = jiffies + (INIT_TIMEOUT_SECS * HZ); 1199 sl->slot_state = DVB_CA_SLOTSTATE_WAITFR; 1200 ca->wakeup = 1; 1201 break; 1202 1203 case DVB_CA_SLOTSTATE_WAITFR: 1204 if (time_after(jiffies, sl->timeout)) { 1205 pr_err("dvb_ca adapter %d: DVB CAM did not respond :(\n", 1206 ca->dvbdev->adapter->num); 1207 sl->slot_state = DVB_CA_SLOTSTATE_INVALID; 1208 dvb_ca_en50221_thread_update_delay(ca); 1209 break; 1210 } 1211 1212 flags = ca->pub->read_cam_control(ca->pub, slot, CTRLIF_STATUS); 1213 if (flags & STATUSREG_FR) { 1214 sl->slot_state = DVB_CA_SLOTSTATE_LINKINIT; 1215 ca->wakeup = 1; 1216 } 1217 break; 1218 1219 case DVB_CA_SLOTSTATE_LINKINIT: 1220 if (dvb_ca_en50221_link_init(ca, slot) != 0) { 1221 if (dvb_ca_en50221_poll_cam_gone(ca, slot)) 1222 break; 1223 1224 pr_err("dvb_ca adapter %d: DVB CAM link initialisation failed :(\n", 1225 ca->dvbdev->adapter->num); 1226 sl->slot_state = DVB_CA_SLOTSTATE_UNINITIALISED; 1227 dvb_ca_en50221_thread_update_delay(ca); 1228 break; 1229 } 1230 1231 if (!sl->rx_buffer.data) { 1232 rxbuf = vmalloc(RX_BUFFER_SIZE); 1233 if (!rxbuf) { 1234 pr_err("dvb_ca adapter %d: Unable to allocate CAM rx buffer :(\n", 1235 ca->dvbdev->adapter->num); 1236 sl->slot_state = DVB_CA_SLOTSTATE_INVALID; 1237 dvb_ca_en50221_thread_update_delay(ca); 1238 break; 1239 } 1240 dvb_ringbuffer_init(&sl->rx_buffer, rxbuf, 1241 RX_BUFFER_SIZE); 1242 } 1243 1244 ca->pub->slot_ts_enable(ca->pub, slot); 1245 sl->slot_state = DVB_CA_SLOTSTATE_RUNNING; 1246 dvb_ca_en50221_thread_update_delay(ca); 1247 pr_info("dvb_ca adapter %d: DVB CAM detected and initialised successfully\n", 1248 ca->dvbdev->adapter->num); 1249 break; 1250 1251 case DVB_CA_SLOTSTATE_RUNNING: 1252 if (!ca->open) 1253 break; 1254 1255 /* poll slots for data */ 1256 pktcount = 0; 1257 while (dvb_ca_en50221_read_data(ca, slot, NULL, 0) > 0) { 1258 if (!ca->open) 1259 break; 1260 1261 /* 1262 * if a CAMCHANGE occurred at some point, do not do any 1263 * more processing of this slot 1264 */ 1265 if (dvb_ca_en50221_check_camstatus(ca, slot)) { 1266 /* 1267 * we don't want to sleep on the next iteration 1268 * so we can handle the cam change 1269 */ 1270 ca->wakeup = 1; 1271 break; 1272 } 1273 1274 /* check if we've hit our limit this time */ 1275 if (++pktcount >= MAX_RX_PACKETS_PER_ITERATION) { 1276 /* 1277 * don't sleep; there is likely to be more data 1278 * to read 1279 */ 1280 ca->wakeup = 1; 1281 break; 1282 } 1283 } 1284 break; 1285 } 1286 1287 mutex_unlock(&sl->slot_lock); 1288 } 1289 1290 /* 1291 * Kernel thread which monitors CA slots for CAM changes, and performs data 1292 * transfers. 1293 */ 1294 static int dvb_ca_en50221_thread(void *data) 1295 { 1296 struct dvb_ca_private *ca = data; 1297 int slot; 1298 1299 dprintk("%s\n", __func__); 1300 1301 /* choose the correct initial delay */ 1302 dvb_ca_en50221_thread_update_delay(ca); 1303 1304 /* main loop */ 1305 while (!kthread_should_stop()) { 1306 /* sleep for a bit */ 1307 if (!ca->wakeup) { 1308 set_current_state(TASK_INTERRUPTIBLE); 1309 schedule_timeout(ca->delay); 1310 if (kthread_should_stop()) 1311 return 0; 1312 } 1313 ca->wakeup = 0; 1314 1315 /* go through all the slots processing them */ 1316 for (slot = 0; slot < ca->slot_count; slot++) 1317 dvb_ca_en50221_thread_state_machine(ca, slot); 1318 } 1319 1320 return 0; 1321 } 1322 1323 /* ************************************************************************** */ 1324 /* EN50221 IO interface functions */ 1325 1326 /** 1327 * Real ioctl implementation. 1328 * NOTE: CA_SEND_MSG/CA_GET_MSG ioctls have userspace buffers passed to them. 1329 * 1330 * @file: File concerned. 1331 * @cmd: IOCTL command. 1332 * @parg: Associated argument. 1333 * 1334 * return: 0 on success, <0 on error. 1335 */ 1336 static int dvb_ca_en50221_io_do_ioctl(struct file *file, 1337 unsigned int cmd, void *parg) 1338 { 1339 struct dvb_device *dvbdev = file->private_data; 1340 struct dvb_ca_private *ca = dvbdev->priv; 1341 int err = 0; 1342 int slot; 1343 1344 dprintk("%s\n", __func__); 1345 1346 if (mutex_lock_interruptible(&ca->ioctl_mutex)) 1347 return -ERESTARTSYS; 1348 1349 switch (cmd) { 1350 case CA_RESET: 1351 for (slot = 0; slot < ca->slot_count; slot++) { 1352 struct dvb_ca_slot *sl = &ca->slot_info[slot]; 1353 1354 mutex_lock(&sl->slot_lock); 1355 if (sl->slot_state != DVB_CA_SLOTSTATE_NONE) { 1356 dvb_ca_en50221_slot_shutdown(ca, slot); 1357 if (ca->flags & DVB_CA_EN50221_FLAG_IRQ_CAMCHANGE) 1358 dvb_ca_en50221_camchange_irq(ca->pub, 1359 slot, 1360 DVB_CA_EN50221_CAMCHANGE_INSERTED); 1361 } 1362 mutex_unlock(&sl->slot_lock); 1363 } 1364 ca->next_read_slot = 0; 1365 dvb_ca_en50221_thread_wakeup(ca); 1366 break; 1367 1368 case CA_GET_CAP: { 1369 struct ca_caps *caps = parg; 1370 1371 caps->slot_num = ca->slot_count; 1372 caps->slot_type = CA_CI_LINK; 1373 caps->descr_num = 0; 1374 caps->descr_type = 0; 1375 break; 1376 } 1377 1378 case CA_GET_SLOT_INFO: { 1379 struct ca_slot_info *info = parg; 1380 struct dvb_ca_slot *sl; 1381 1382 slot = info->num; 1383 if ((slot >= ca->slot_count) || (slot < 0)) { 1384 err = -EINVAL; 1385 goto out_unlock; 1386 } 1387 1388 info->type = CA_CI_LINK; 1389 info->flags = 0; 1390 sl = &ca->slot_info[slot]; 1391 if ((sl->slot_state != DVB_CA_SLOTSTATE_NONE) && 1392 (sl->slot_state != DVB_CA_SLOTSTATE_INVALID)) { 1393 info->flags = CA_CI_MODULE_PRESENT; 1394 } 1395 if (sl->slot_state == DVB_CA_SLOTSTATE_RUNNING) 1396 info->flags |= CA_CI_MODULE_READY; 1397 break; 1398 } 1399 1400 default: 1401 err = -EINVAL; 1402 break; 1403 } 1404 1405 out_unlock: 1406 mutex_unlock(&ca->ioctl_mutex); 1407 return err; 1408 } 1409 1410 /** 1411 * Wrapper for ioctl implementation. 1412 * 1413 * @file: File concerned. 1414 * @cmd: IOCTL command. 1415 * @arg: Associated argument. 1416 * 1417 * return: 0 on success, <0 on error. 1418 */ 1419 static long dvb_ca_en50221_io_ioctl(struct file *file, 1420 unsigned int cmd, unsigned long arg) 1421 { 1422 return dvb_usercopy(file, cmd, arg, dvb_ca_en50221_io_do_ioctl); 1423 } 1424 1425 /** 1426 * Implementation of write() syscall. 1427 * 1428 * @file: File structure. 1429 * @buf: Source buffer. 1430 * @count: Size of source buffer. 1431 * @ppos: Position in file (ignored). 1432 * 1433 * return: Number of bytes read, or <0 on error. 1434 */ 1435 static ssize_t dvb_ca_en50221_io_write(struct file *file, 1436 const char __user *buf, size_t count, 1437 loff_t *ppos) 1438 { 1439 struct dvb_device *dvbdev = file->private_data; 1440 struct dvb_ca_private *ca = dvbdev->priv; 1441 struct dvb_ca_slot *sl; 1442 u8 slot, connection_id; 1443 int status; 1444 u8 fragbuf[HOST_LINK_BUF_SIZE]; 1445 int fragpos = 0; 1446 int fraglen; 1447 unsigned long timeout; 1448 int written; 1449 1450 dprintk("%s\n", __func__); 1451 1452 /* 1453 * Incoming packet has a 2 byte header. 1454 * hdr[0] = slot_id, hdr[1] = connection_id 1455 */ 1456 if (count < 2) 1457 return -EINVAL; 1458 1459 /* extract slot & connection id */ 1460 if (copy_from_user(&slot, buf, 1)) 1461 return -EFAULT; 1462 if (copy_from_user(&connection_id, buf + 1, 1)) 1463 return -EFAULT; 1464 buf += 2; 1465 count -= 2; 1466 1467 if (slot >= ca->slot_count) 1468 return -EINVAL; 1469 slot = array_index_nospec(slot, ca->slot_count); 1470 sl = &ca->slot_info[slot]; 1471 1472 /* check if the slot is actually running */ 1473 if (sl->slot_state != DVB_CA_SLOTSTATE_RUNNING) 1474 return -EINVAL; 1475 1476 /* fragment the packets & store in the buffer */ 1477 while (fragpos < count) { 1478 fraglen = sl->link_buf_size - 2; 1479 if (fraglen < 0) 1480 break; 1481 if (fraglen > HOST_LINK_BUF_SIZE - 2) 1482 fraglen = HOST_LINK_BUF_SIZE - 2; 1483 if ((count - fragpos) < fraglen) 1484 fraglen = count - fragpos; 1485 1486 fragbuf[0] = connection_id; 1487 fragbuf[1] = ((fragpos + fraglen) < count) ? 0x80 : 0x00; 1488 status = copy_from_user(fragbuf + 2, buf + fragpos, fraglen); 1489 if (status) { 1490 status = -EFAULT; 1491 goto exit; 1492 } 1493 1494 timeout = jiffies + HZ / 2; 1495 written = 0; 1496 while (!time_after(jiffies, timeout)) { 1497 /* 1498 * check the CAM hasn't been removed/reset in the 1499 * meantime 1500 */ 1501 if (sl->slot_state != DVB_CA_SLOTSTATE_RUNNING) { 1502 status = -EIO; 1503 goto exit; 1504 } 1505 1506 mutex_lock(&sl->slot_lock); 1507 status = dvb_ca_en50221_write_data(ca, slot, fragbuf, 1508 fraglen + 2); 1509 mutex_unlock(&sl->slot_lock); 1510 if (status == (fraglen + 2)) { 1511 written = 1; 1512 break; 1513 } 1514 if (status != -EAGAIN) 1515 goto exit; 1516 1517 usleep_range(1000, 1100); 1518 } 1519 if (!written) { 1520 status = -EIO; 1521 goto exit; 1522 } 1523 1524 fragpos += fraglen; 1525 } 1526 status = count + 2; 1527 1528 exit: 1529 return status; 1530 } 1531 1532 /* 1533 * Condition for waking up in dvb_ca_en50221_io_read_condition 1534 */ 1535 static int dvb_ca_en50221_io_read_condition(struct dvb_ca_private *ca, 1536 int *result, int *_slot) 1537 { 1538 int slot; 1539 int slot_count = 0; 1540 int idx; 1541 size_t fraglen; 1542 int connection_id = -1; 1543 int found = 0; 1544 u8 hdr[2]; 1545 1546 slot = ca->next_read_slot; 1547 while ((slot_count < ca->slot_count) && (!found)) { 1548 struct dvb_ca_slot *sl = &ca->slot_info[slot]; 1549 1550 if (sl->slot_state != DVB_CA_SLOTSTATE_RUNNING) 1551 goto nextslot; 1552 1553 if (!sl->rx_buffer.data) 1554 return 0; 1555 1556 idx = dvb_ringbuffer_pkt_next(&sl->rx_buffer, -1, &fraglen); 1557 while (idx != -1) { 1558 dvb_ringbuffer_pkt_read(&sl->rx_buffer, idx, 0, hdr, 2); 1559 if (connection_id == -1) 1560 connection_id = hdr[0]; 1561 if ((hdr[0] == connection_id) && 1562 ((hdr[1] & 0x80) == 0)) { 1563 *_slot = slot; 1564 found = 1; 1565 break; 1566 } 1567 1568 idx = dvb_ringbuffer_pkt_next(&sl->rx_buffer, idx, 1569 &fraglen); 1570 } 1571 1572 nextslot: 1573 slot = (slot + 1) % ca->slot_count; 1574 slot_count++; 1575 } 1576 1577 ca->next_read_slot = slot; 1578 return found; 1579 } 1580 1581 /** 1582 * Implementation of read() syscall. 1583 * 1584 * @file: File structure. 1585 * @buf: Destination buffer. 1586 * @count: Size of destination buffer. 1587 * @ppos: Position in file (ignored). 1588 * 1589 * return: Number of bytes read, or <0 on error. 1590 */ 1591 static ssize_t dvb_ca_en50221_io_read(struct file *file, char __user *buf, 1592 size_t count, loff_t *ppos) 1593 { 1594 struct dvb_device *dvbdev = file->private_data; 1595 struct dvb_ca_private *ca = dvbdev->priv; 1596 struct dvb_ca_slot *sl; 1597 int status; 1598 int result = 0; 1599 u8 hdr[2]; 1600 int slot; 1601 int connection_id = -1; 1602 size_t idx, idx2; 1603 int last_fragment = 0; 1604 size_t fraglen; 1605 int pktlen; 1606 int dispose = 0; 1607 1608 dprintk("%s\n", __func__); 1609 1610 /* 1611 * Outgoing packet has a 2 byte header. 1612 * hdr[0] = slot_id, hdr[1] = connection_id 1613 */ 1614 if (count < 2) 1615 return -EINVAL; 1616 1617 /* wait for some data */ 1618 status = dvb_ca_en50221_io_read_condition(ca, &result, &slot); 1619 if (status == 0) { 1620 /* if we're in nonblocking mode, exit immediately */ 1621 if (file->f_flags & O_NONBLOCK) 1622 return -EWOULDBLOCK; 1623 1624 /* wait for some data */ 1625 status = wait_event_interruptible(ca->wait_queue, 1626 dvb_ca_en50221_io_read_condition 1627 (ca, &result, &slot)); 1628 } 1629 if ((status < 0) || (result < 0)) { 1630 if (result) 1631 return result; 1632 return status; 1633 } 1634 1635 sl = &ca->slot_info[slot]; 1636 idx = dvb_ringbuffer_pkt_next(&sl->rx_buffer, -1, &fraglen); 1637 pktlen = 2; 1638 do { 1639 if (idx == -1) { 1640 pr_err("dvb_ca adapter %d: BUG: read packet ended before last_fragment encountered\n", 1641 ca->dvbdev->adapter->num); 1642 status = -EIO; 1643 goto exit; 1644 } 1645 1646 dvb_ringbuffer_pkt_read(&sl->rx_buffer, idx, 0, hdr, 2); 1647 if (connection_id == -1) 1648 connection_id = hdr[0]; 1649 if (hdr[0] == connection_id) { 1650 if (pktlen < count) { 1651 if ((pktlen + fraglen - 2) > count) 1652 fraglen = count - pktlen; 1653 else 1654 fraglen -= 2; 1655 1656 status = 1657 dvb_ringbuffer_pkt_read_user(&sl->rx_buffer, 1658 idx, 2, 1659 buf + pktlen, 1660 fraglen); 1661 if (status < 0) 1662 goto exit; 1663 1664 pktlen += fraglen; 1665 } 1666 1667 if ((hdr[1] & 0x80) == 0) 1668 last_fragment = 1; 1669 dispose = 1; 1670 } 1671 1672 idx2 = dvb_ringbuffer_pkt_next(&sl->rx_buffer, idx, &fraglen); 1673 if (dispose) 1674 dvb_ringbuffer_pkt_dispose(&sl->rx_buffer, idx); 1675 idx = idx2; 1676 dispose = 0; 1677 } while (!last_fragment); 1678 1679 hdr[0] = slot; 1680 hdr[1] = connection_id; 1681 status = copy_to_user(buf, hdr, 2); 1682 if (status) { 1683 status = -EFAULT; 1684 goto exit; 1685 } 1686 status = pktlen; 1687 1688 exit: 1689 return status; 1690 } 1691 1692 /** 1693 * Implementation of file open syscall. 1694 * 1695 * @inode: Inode concerned. 1696 * @file: File concerned. 1697 * 1698 * return: 0 on success, <0 on failure. 1699 */ 1700 static int dvb_ca_en50221_io_open(struct inode *inode, struct file *file) 1701 { 1702 struct dvb_device *dvbdev = file->private_data; 1703 struct dvb_ca_private *ca = dvbdev->priv; 1704 int err; 1705 int i; 1706 1707 dprintk("%s\n", __func__); 1708 1709 if (!try_module_get(ca->pub->owner)) 1710 return -EIO; 1711 1712 err = dvb_generic_open(inode, file); 1713 if (err < 0) { 1714 module_put(ca->pub->owner); 1715 return err; 1716 } 1717 1718 for (i = 0; i < ca->slot_count; i++) { 1719 struct dvb_ca_slot *sl = &ca->slot_info[i]; 1720 1721 if (sl->slot_state == DVB_CA_SLOTSTATE_RUNNING) { 1722 if (!sl->rx_buffer.data) { 1723 /* 1724 * it is safe to call this here without locks 1725 * because ca->open == 0. Data is not read in 1726 * this case 1727 */ 1728 dvb_ringbuffer_flush(&sl->rx_buffer); 1729 } 1730 } 1731 } 1732 1733 ca->open = 1; 1734 dvb_ca_en50221_thread_update_delay(ca); 1735 dvb_ca_en50221_thread_wakeup(ca); 1736 1737 dvb_ca_private_get(ca); 1738 1739 return 0; 1740 } 1741 1742 /** 1743 * Implementation of file close syscall. 1744 * 1745 * @inode: Inode concerned. 1746 * @file: File concerned. 1747 * 1748 * return: 0 on success, <0 on failure. 1749 */ 1750 static int dvb_ca_en50221_io_release(struct inode *inode, struct file *file) 1751 { 1752 struct dvb_device *dvbdev = file->private_data; 1753 struct dvb_ca_private *ca = dvbdev->priv; 1754 int err; 1755 1756 dprintk("%s\n", __func__); 1757 1758 /* mark the CA device as closed */ 1759 ca->open = 0; 1760 dvb_ca_en50221_thread_update_delay(ca); 1761 1762 err = dvb_generic_release(inode, file); 1763 1764 module_put(ca->pub->owner); 1765 1766 dvb_ca_private_put(ca); 1767 1768 return err; 1769 } 1770 1771 /** 1772 * Implementation of poll() syscall. 1773 * 1774 * @file: File concerned. 1775 * @wait: poll wait table. 1776 * 1777 * return: Standard poll mask. 1778 */ 1779 static __poll_t dvb_ca_en50221_io_poll(struct file *file, poll_table *wait) 1780 { 1781 struct dvb_device *dvbdev = file->private_data; 1782 struct dvb_ca_private *ca = dvbdev->priv; 1783 __poll_t mask = 0; 1784 int slot; 1785 int result = 0; 1786 1787 dprintk("%s\n", __func__); 1788 1789 poll_wait(file, &ca->wait_queue, wait); 1790 1791 if (dvb_ca_en50221_io_read_condition(ca, &result, &slot) == 1) 1792 mask |= EPOLLIN; 1793 1794 /* if there is something, return now */ 1795 if (mask) 1796 return mask; 1797 1798 if (dvb_ca_en50221_io_read_condition(ca, &result, &slot) == 1) 1799 mask |= EPOLLIN; 1800 1801 return mask; 1802 } 1803 1804 static const struct file_operations dvb_ca_fops = { 1805 .owner = THIS_MODULE, 1806 .read = dvb_ca_en50221_io_read, 1807 .write = dvb_ca_en50221_io_write, 1808 .unlocked_ioctl = dvb_ca_en50221_io_ioctl, 1809 .open = dvb_ca_en50221_io_open, 1810 .release = dvb_ca_en50221_io_release, 1811 .poll = dvb_ca_en50221_io_poll, 1812 .llseek = noop_llseek, 1813 }; 1814 1815 static const struct dvb_device dvbdev_ca = { 1816 .priv = NULL, 1817 .users = 1, 1818 .readers = 1, 1819 .writers = 1, 1820 #if defined(CONFIG_MEDIA_CONTROLLER_DVB) 1821 .name = "dvb-ca-en50221", 1822 #endif 1823 .fops = &dvb_ca_fops, 1824 }; 1825 1826 /* ************************************************************************** */ 1827 /* Initialisation/shutdown functions */ 1828 1829 /** 1830 * Initialise a new DVB CA EN50221 interface device. 1831 * 1832 * @dvb_adapter: DVB adapter to attach the new CA device to. 1833 * @pubca: The dvb_ca instance. 1834 * @flags: Flags describing the CA device (DVB_CA_FLAG_*). 1835 * @slot_count: Number of slots supported. 1836 * 1837 * return: 0 on success, nonzero on failure 1838 */ 1839 int dvb_ca_en50221_init(struct dvb_adapter *dvb_adapter, 1840 struct dvb_ca_en50221 *pubca, int flags, int slot_count) 1841 { 1842 int ret; 1843 struct dvb_ca_private *ca = NULL; 1844 int i; 1845 1846 dprintk("%s\n", __func__); 1847 1848 if (slot_count < 1) 1849 return -EINVAL; 1850 1851 /* initialise the system data */ 1852 ca = kzalloc(sizeof(*ca), GFP_KERNEL); 1853 if (!ca) { 1854 ret = -ENOMEM; 1855 goto exit; 1856 } 1857 kref_init(&ca->refcount); 1858 ca->pub = pubca; 1859 ca->flags = flags; 1860 ca->slot_count = slot_count; 1861 ca->slot_info = kcalloc(slot_count, sizeof(struct dvb_ca_slot), 1862 GFP_KERNEL); 1863 if (!ca->slot_info) { 1864 ret = -ENOMEM; 1865 goto free_ca; 1866 } 1867 init_waitqueue_head(&ca->wait_queue); 1868 ca->open = 0; 1869 ca->wakeup = 0; 1870 ca->next_read_slot = 0; 1871 pubca->private = ca; 1872 1873 /* register the DVB device */ 1874 ret = dvb_register_device(dvb_adapter, &ca->dvbdev, &dvbdev_ca, ca, 1875 DVB_DEVICE_CA, 0); 1876 if (ret) 1877 goto free_slot_info; 1878 1879 /* now initialise each slot */ 1880 for (i = 0; i < slot_count; i++) { 1881 struct dvb_ca_slot *sl = &ca->slot_info[i]; 1882 1883 memset(sl, 0, sizeof(struct dvb_ca_slot)); 1884 sl->slot_state = DVB_CA_SLOTSTATE_NONE; 1885 atomic_set(&sl->camchange_count, 0); 1886 sl->camchange_type = DVB_CA_EN50221_CAMCHANGE_REMOVED; 1887 mutex_init(&sl->slot_lock); 1888 } 1889 1890 mutex_init(&ca->ioctl_mutex); 1891 1892 if (signal_pending(current)) { 1893 ret = -EINTR; 1894 goto unregister_device; 1895 } 1896 mb(); 1897 1898 /* create a kthread for monitoring this CA device */ 1899 ca->thread = kthread_run(dvb_ca_en50221_thread, ca, "kdvb-ca-%i:%i", 1900 ca->dvbdev->adapter->num, ca->dvbdev->id); 1901 if (IS_ERR(ca->thread)) { 1902 ret = PTR_ERR(ca->thread); 1903 pr_err("dvb_ca_init: failed to start kernel_thread (%d)\n", 1904 ret); 1905 goto unregister_device; 1906 } 1907 return 0; 1908 1909 unregister_device: 1910 dvb_unregister_device(ca->dvbdev); 1911 free_slot_info: 1912 kfree(ca->slot_info); 1913 free_ca: 1914 kfree(ca); 1915 exit: 1916 pubca->private = NULL; 1917 return ret; 1918 } 1919 EXPORT_SYMBOL(dvb_ca_en50221_init); 1920 1921 /** 1922 * Release a DVB CA EN50221 interface device. 1923 * 1924 * @pubca: The associated dvb_ca instance. 1925 */ 1926 void dvb_ca_en50221_release(struct dvb_ca_en50221 *pubca) 1927 { 1928 struct dvb_ca_private *ca = pubca->private; 1929 int i; 1930 1931 dprintk("%s\n", __func__); 1932 1933 /* shutdown the thread if there was one */ 1934 kthread_stop(ca->thread); 1935 1936 for (i = 0; i < ca->slot_count; i++) 1937 dvb_ca_en50221_slot_shutdown(ca, i); 1938 1939 dvb_remove_device(ca->dvbdev); 1940 dvb_ca_private_put(ca); 1941 pubca->private = NULL; 1942 } 1943 EXPORT_SYMBOL(dvb_ca_en50221_release); 1944