1 /* 2 * Copyright © 1999-2010 David Woodhouse <dwmw2@infradead.org> 3 * 4 * This program is free software; you can redistribute it and/or modify 5 * it under the terms of the GNU General Public License as published by 6 * the Free Software Foundation; either version 2 of the License, or 7 * (at your option) any later version. 8 * 9 * This program is distributed in the hope that it will be useful, 10 * but WITHOUT ANY WARRANTY; without even the implied warranty of 11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 * GNU General Public License for more details. 13 * 14 * You should have received a copy of the GNU General Public License 15 * along with this program; if not, write to the Free Software 16 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA 17 * 18 */ 19 20 #include <linux/device.h> 21 #include <linux/fs.h> 22 #include <linux/mm.h> 23 #include <linux/err.h> 24 #include <linux/init.h> 25 #include <linux/kernel.h> 26 #include <linux/module.h> 27 #include <linux/slab.h> 28 #include <linux/sched.h> 29 #include <linux/mutex.h> 30 #include <linux/backing-dev.h> 31 #include <linux/compat.h> 32 #include <linux/mount.h> 33 #include <linux/blkpg.h> 34 #include <linux/mtd/mtd.h> 35 #include <linux/mtd/partitions.h> 36 #include <linux/mtd/map.h> 37 38 #include <asm/uaccess.h> 39 40 #define MTD_INODE_FS_MAGIC 0x11307854 41 static DEFINE_MUTEX(mtd_mutex); 42 static struct vfsmount *mtd_inode_mnt __read_mostly; 43 44 /* 45 * Data structure to hold the pointer to the mtd device as well 46 * as mode information ofr various use cases. 47 */ 48 struct mtd_file_info { 49 struct mtd_info *mtd; 50 struct inode *ino; 51 enum mtd_file_modes mode; 52 }; 53 54 static loff_t mtd_lseek (struct file *file, loff_t offset, int orig) 55 { 56 struct mtd_file_info *mfi = file->private_data; 57 struct mtd_info *mtd = mfi->mtd; 58 59 switch (orig) { 60 case SEEK_SET: 61 break; 62 case SEEK_CUR: 63 offset += file->f_pos; 64 break; 65 case SEEK_END: 66 offset += mtd->size; 67 break; 68 default: 69 return -EINVAL; 70 } 71 72 if (offset >= 0 && offset <= mtd->size) 73 return file->f_pos = offset; 74 75 return -EINVAL; 76 } 77 78 79 80 static int mtd_open(struct inode *inode, struct file *file) 81 { 82 int minor = iminor(inode); 83 int devnum = minor >> 1; 84 int ret = 0; 85 struct mtd_info *mtd; 86 struct mtd_file_info *mfi; 87 struct inode *mtd_ino; 88 89 DEBUG(MTD_DEBUG_LEVEL0, "MTD_open\n"); 90 91 /* You can't open the RO devices RW */ 92 if ((file->f_mode & FMODE_WRITE) && (minor & 1)) 93 return -EACCES; 94 95 mutex_lock(&mtd_mutex); 96 mtd = get_mtd_device(NULL, devnum); 97 98 if (IS_ERR(mtd)) { 99 ret = PTR_ERR(mtd); 100 goto out; 101 } 102 103 if (mtd->type == MTD_ABSENT) { 104 put_mtd_device(mtd); 105 ret = -ENODEV; 106 goto out; 107 } 108 109 mtd_ino = iget_locked(mtd_inode_mnt->mnt_sb, devnum); 110 if (!mtd_ino) { 111 put_mtd_device(mtd); 112 ret = -ENOMEM; 113 goto out; 114 } 115 if (mtd_ino->i_state & I_NEW) { 116 mtd_ino->i_private = mtd; 117 mtd_ino->i_mode = S_IFCHR; 118 mtd_ino->i_data.backing_dev_info = mtd->backing_dev_info; 119 unlock_new_inode(mtd_ino); 120 } 121 file->f_mapping = mtd_ino->i_mapping; 122 123 /* You can't open it RW if it's not a writeable device */ 124 if ((file->f_mode & FMODE_WRITE) && !(mtd->flags & MTD_WRITEABLE)) { 125 iput(mtd_ino); 126 put_mtd_device(mtd); 127 ret = -EACCES; 128 goto out; 129 } 130 131 mfi = kzalloc(sizeof(*mfi), GFP_KERNEL); 132 if (!mfi) { 133 iput(mtd_ino); 134 put_mtd_device(mtd); 135 ret = -ENOMEM; 136 goto out; 137 } 138 mfi->ino = mtd_ino; 139 mfi->mtd = mtd; 140 file->private_data = mfi; 141 142 out: 143 mutex_unlock(&mtd_mutex); 144 return ret; 145 } /* mtd_open */ 146 147 /*====================================================================*/ 148 149 static int mtd_close(struct inode *inode, struct file *file) 150 { 151 struct mtd_file_info *mfi = file->private_data; 152 struct mtd_info *mtd = mfi->mtd; 153 154 DEBUG(MTD_DEBUG_LEVEL0, "MTD_close\n"); 155 156 /* Only sync if opened RW */ 157 if ((file->f_mode & FMODE_WRITE) && mtd->sync) 158 mtd->sync(mtd); 159 160 iput(mfi->ino); 161 162 put_mtd_device(mtd); 163 file->private_data = NULL; 164 kfree(mfi); 165 166 return 0; 167 } /* mtd_close */ 168 169 /* FIXME: This _really_ needs to die. In 2.5, we should lock the 170 userspace buffer down and use it directly with readv/writev. 171 */ 172 #define MAX_KMALLOC_SIZE 0x20000 173 174 static ssize_t mtd_read(struct file *file, char __user *buf, size_t count,loff_t *ppos) 175 { 176 struct mtd_file_info *mfi = file->private_data; 177 struct mtd_info *mtd = mfi->mtd; 178 size_t retlen=0; 179 size_t total_retlen=0; 180 int ret=0; 181 int len; 182 char *kbuf; 183 184 DEBUG(MTD_DEBUG_LEVEL0,"MTD_read\n"); 185 186 if (*ppos + count > mtd->size) 187 count = mtd->size - *ppos; 188 189 if (!count) 190 return 0; 191 192 /* FIXME: Use kiovec in 2.5 to lock down the user's buffers 193 and pass them directly to the MTD functions */ 194 195 if (count > MAX_KMALLOC_SIZE) 196 kbuf=kmalloc(MAX_KMALLOC_SIZE, GFP_KERNEL); 197 else 198 kbuf=kmalloc(count, GFP_KERNEL); 199 200 if (!kbuf) 201 return -ENOMEM; 202 203 while (count) { 204 205 if (count > MAX_KMALLOC_SIZE) 206 len = MAX_KMALLOC_SIZE; 207 else 208 len = count; 209 210 switch (mfi->mode) { 211 case MTD_MODE_OTP_FACTORY: 212 ret = mtd->read_fact_prot_reg(mtd, *ppos, len, &retlen, kbuf); 213 break; 214 case MTD_MODE_OTP_USER: 215 ret = mtd->read_user_prot_reg(mtd, *ppos, len, &retlen, kbuf); 216 break; 217 case MTD_MODE_RAW: 218 { 219 struct mtd_oob_ops ops; 220 221 ops.mode = MTD_OOB_RAW; 222 ops.datbuf = kbuf; 223 ops.oobbuf = NULL; 224 ops.len = len; 225 226 ret = mtd->read_oob(mtd, *ppos, &ops); 227 retlen = ops.retlen; 228 break; 229 } 230 default: 231 ret = mtd->read(mtd, *ppos, len, &retlen, kbuf); 232 } 233 /* Nand returns -EBADMSG on ecc errors, but it returns 234 * the data. For our userspace tools it is important 235 * to dump areas with ecc errors ! 236 * For kernel internal usage it also might return -EUCLEAN 237 * to signal the caller that a bitflip has occured and has 238 * been corrected by the ECC algorithm. 239 * Userspace software which accesses NAND this way 240 * must be aware of the fact that it deals with NAND 241 */ 242 if (!ret || (ret == -EUCLEAN) || (ret == -EBADMSG)) { 243 *ppos += retlen; 244 if (copy_to_user(buf, kbuf, retlen)) { 245 kfree(kbuf); 246 return -EFAULT; 247 } 248 else 249 total_retlen += retlen; 250 251 count -= retlen; 252 buf += retlen; 253 if (retlen == 0) 254 count = 0; 255 } 256 else { 257 kfree(kbuf); 258 return ret; 259 } 260 261 } 262 263 kfree(kbuf); 264 return total_retlen; 265 } /* mtd_read */ 266 267 static ssize_t mtd_write(struct file *file, const char __user *buf, size_t count,loff_t *ppos) 268 { 269 struct mtd_file_info *mfi = file->private_data; 270 struct mtd_info *mtd = mfi->mtd; 271 char *kbuf; 272 size_t retlen; 273 size_t total_retlen=0; 274 int ret=0; 275 int len; 276 277 DEBUG(MTD_DEBUG_LEVEL0,"MTD_write\n"); 278 279 if (*ppos == mtd->size) 280 return -ENOSPC; 281 282 if (*ppos + count > mtd->size) 283 count = mtd->size - *ppos; 284 285 if (!count) 286 return 0; 287 288 if (count > MAX_KMALLOC_SIZE) 289 kbuf=kmalloc(MAX_KMALLOC_SIZE, GFP_KERNEL); 290 else 291 kbuf=kmalloc(count, GFP_KERNEL); 292 293 if (!kbuf) 294 return -ENOMEM; 295 296 while (count) { 297 298 if (count > MAX_KMALLOC_SIZE) 299 len = MAX_KMALLOC_SIZE; 300 else 301 len = count; 302 303 if (copy_from_user(kbuf, buf, len)) { 304 kfree(kbuf); 305 return -EFAULT; 306 } 307 308 switch (mfi->mode) { 309 case MTD_MODE_OTP_FACTORY: 310 ret = -EROFS; 311 break; 312 case MTD_MODE_OTP_USER: 313 if (!mtd->write_user_prot_reg) { 314 ret = -EOPNOTSUPP; 315 break; 316 } 317 ret = mtd->write_user_prot_reg(mtd, *ppos, len, &retlen, kbuf); 318 break; 319 320 case MTD_MODE_RAW: 321 { 322 struct mtd_oob_ops ops; 323 324 ops.mode = MTD_OOB_RAW; 325 ops.datbuf = kbuf; 326 ops.oobbuf = NULL; 327 ops.len = len; 328 329 ret = mtd->write_oob(mtd, *ppos, &ops); 330 retlen = ops.retlen; 331 break; 332 } 333 334 default: 335 ret = (*(mtd->write))(mtd, *ppos, len, &retlen, kbuf); 336 } 337 if (!ret) { 338 *ppos += retlen; 339 total_retlen += retlen; 340 count -= retlen; 341 buf += retlen; 342 } 343 else { 344 kfree(kbuf); 345 return ret; 346 } 347 } 348 349 kfree(kbuf); 350 return total_retlen; 351 } /* mtd_write */ 352 353 /*====================================================================== 354 355 IOCTL calls for getting device parameters. 356 357 ======================================================================*/ 358 static void mtdchar_erase_callback (struct erase_info *instr) 359 { 360 wake_up((wait_queue_head_t *)instr->priv); 361 } 362 363 #ifdef CONFIG_HAVE_MTD_OTP 364 static int otp_select_filemode(struct mtd_file_info *mfi, int mode) 365 { 366 struct mtd_info *mtd = mfi->mtd; 367 int ret = 0; 368 369 switch (mode) { 370 case MTD_OTP_FACTORY: 371 if (!mtd->read_fact_prot_reg) 372 ret = -EOPNOTSUPP; 373 else 374 mfi->mode = MTD_MODE_OTP_FACTORY; 375 break; 376 case MTD_OTP_USER: 377 if (!mtd->read_fact_prot_reg) 378 ret = -EOPNOTSUPP; 379 else 380 mfi->mode = MTD_MODE_OTP_USER; 381 break; 382 default: 383 ret = -EINVAL; 384 case MTD_OTP_OFF: 385 break; 386 } 387 return ret; 388 } 389 #else 390 # define otp_select_filemode(f,m) -EOPNOTSUPP 391 #endif 392 393 static int mtd_do_writeoob(struct file *file, struct mtd_info *mtd, 394 uint64_t start, uint32_t length, void __user *ptr, 395 uint32_t __user *retp) 396 { 397 struct mtd_oob_ops ops; 398 uint32_t retlen; 399 int ret = 0; 400 401 if (!(file->f_mode & FMODE_WRITE)) 402 return -EPERM; 403 404 if (length > 4096) 405 return -EINVAL; 406 407 if (!mtd->write_oob) 408 ret = -EOPNOTSUPP; 409 else 410 ret = access_ok(VERIFY_READ, ptr, length) ? 0 : -EFAULT; 411 412 if (ret) 413 return ret; 414 415 ops.ooblen = length; 416 ops.ooboffs = start & (mtd->oobsize - 1); 417 ops.datbuf = NULL; 418 ops.mode = MTD_OOB_PLACE; 419 420 if (ops.ooboffs && ops.ooblen > (mtd->oobsize - ops.ooboffs)) 421 return -EINVAL; 422 423 ops.oobbuf = memdup_user(ptr, length); 424 if (IS_ERR(ops.oobbuf)) 425 return PTR_ERR(ops.oobbuf); 426 427 start &= ~((uint64_t)mtd->oobsize - 1); 428 ret = mtd->write_oob(mtd, start, &ops); 429 430 if (ops.oobretlen > 0xFFFFFFFFU) 431 ret = -EOVERFLOW; 432 retlen = ops.oobretlen; 433 if (copy_to_user(retp, &retlen, sizeof(length))) 434 ret = -EFAULT; 435 436 kfree(ops.oobbuf); 437 return ret; 438 } 439 440 static int mtd_do_readoob(struct mtd_info *mtd, uint64_t start, 441 uint32_t length, void __user *ptr, uint32_t __user *retp) 442 { 443 struct mtd_oob_ops ops; 444 int ret = 0; 445 446 if (length > 4096) 447 return -EINVAL; 448 449 if (!mtd->read_oob) 450 ret = -EOPNOTSUPP; 451 else 452 ret = access_ok(VERIFY_WRITE, ptr, 453 length) ? 0 : -EFAULT; 454 if (ret) 455 return ret; 456 457 ops.ooblen = length; 458 ops.ooboffs = start & (mtd->oobsize - 1); 459 ops.datbuf = NULL; 460 ops.mode = MTD_OOB_PLACE; 461 462 if (ops.ooboffs && ops.ooblen > (mtd->oobsize - ops.ooboffs)) 463 return -EINVAL; 464 465 ops.oobbuf = kmalloc(length, GFP_KERNEL); 466 if (!ops.oobbuf) 467 return -ENOMEM; 468 469 start &= ~((uint64_t)mtd->oobsize - 1); 470 ret = mtd->read_oob(mtd, start, &ops); 471 472 if (put_user(ops.oobretlen, retp)) 473 ret = -EFAULT; 474 else if (ops.oobretlen && copy_to_user(ptr, ops.oobbuf, 475 ops.oobretlen)) 476 ret = -EFAULT; 477 478 kfree(ops.oobbuf); 479 return ret; 480 } 481 482 /* 483 * Copies (and truncates, if necessary) data from the larger struct, 484 * nand_ecclayout, to the smaller, deprecated layout struct, 485 * nand_ecclayout_user. This is necessary only to suppport the deprecated 486 * API ioctl ECCGETLAYOUT while allowing all new functionality to use 487 * nand_ecclayout flexibly (i.e. the struct may change size in new 488 * releases without requiring major rewrites). 489 */ 490 static int shrink_ecclayout(const struct nand_ecclayout *from, 491 struct nand_ecclayout_user *to) 492 { 493 int i; 494 495 if (!from || !to) 496 return -EINVAL; 497 498 memset(to, 0, sizeof(*to)); 499 500 to->eccbytes = min((int)from->eccbytes, MTD_MAX_ECCPOS_ENTRIES); 501 for (i = 0; i < to->eccbytes; i++) 502 to->eccpos[i] = from->eccpos[i]; 503 504 for (i = 0; i < MTD_MAX_OOBFREE_ENTRIES; i++) { 505 if (from->oobfree[i].length == 0 && 506 from->oobfree[i].offset == 0) 507 break; 508 to->oobavail += from->oobfree[i].length; 509 to->oobfree[i] = from->oobfree[i]; 510 } 511 512 return 0; 513 } 514 515 #ifdef CONFIG_MTD_PARTITIONS 516 static int mtd_blkpg_ioctl(struct mtd_info *mtd, 517 struct blkpg_ioctl_arg __user *arg) 518 { 519 struct blkpg_ioctl_arg a; 520 struct blkpg_partition p; 521 522 if (!capable(CAP_SYS_ADMIN)) 523 return -EPERM; 524 525 /* Only master mtd device must be used to control partitions */ 526 if (!mtd_is_master(mtd)) 527 return -EINVAL; 528 529 if (copy_from_user(&a, arg, sizeof(struct blkpg_ioctl_arg))) 530 return -EFAULT; 531 532 if (copy_from_user(&p, a.data, sizeof(struct blkpg_partition))) 533 return -EFAULT; 534 535 switch (a.op) { 536 case BLKPG_ADD_PARTITION: 537 538 return mtd_add_partition(mtd, p.devname, p.start, p.length); 539 540 case BLKPG_DEL_PARTITION: 541 542 if (p.pno < 0) 543 return -EINVAL; 544 545 return mtd_del_partition(mtd, p.pno); 546 547 default: 548 return -EINVAL; 549 } 550 } 551 #endif 552 553 554 static int mtd_ioctl(struct file *file, u_int cmd, u_long arg) 555 { 556 struct mtd_file_info *mfi = file->private_data; 557 struct mtd_info *mtd = mfi->mtd; 558 void __user *argp = (void __user *)arg; 559 int ret = 0; 560 u_long size; 561 struct mtd_info_user info; 562 563 DEBUG(MTD_DEBUG_LEVEL0, "MTD_ioctl\n"); 564 565 size = (cmd & IOCSIZE_MASK) >> IOCSIZE_SHIFT; 566 if (cmd & IOC_IN) { 567 if (!access_ok(VERIFY_READ, argp, size)) 568 return -EFAULT; 569 } 570 if (cmd & IOC_OUT) { 571 if (!access_ok(VERIFY_WRITE, argp, size)) 572 return -EFAULT; 573 } 574 575 switch (cmd) { 576 case MEMGETREGIONCOUNT: 577 if (copy_to_user(argp, &(mtd->numeraseregions), sizeof(int))) 578 return -EFAULT; 579 break; 580 581 case MEMGETREGIONINFO: 582 { 583 uint32_t ur_idx; 584 struct mtd_erase_region_info *kr; 585 struct region_info_user __user *ur = argp; 586 587 if (get_user(ur_idx, &(ur->regionindex))) 588 return -EFAULT; 589 590 if (ur_idx >= mtd->numeraseregions) 591 return -EINVAL; 592 593 kr = &(mtd->eraseregions[ur_idx]); 594 595 if (put_user(kr->offset, &(ur->offset)) 596 || put_user(kr->erasesize, &(ur->erasesize)) 597 || put_user(kr->numblocks, &(ur->numblocks))) 598 return -EFAULT; 599 600 break; 601 } 602 603 case MEMGETINFO: 604 info.type = mtd->type; 605 info.flags = mtd->flags; 606 info.size = mtd->size; 607 info.erasesize = mtd->erasesize; 608 info.writesize = mtd->writesize; 609 info.oobsize = mtd->oobsize; 610 /* The below fields are obsolete */ 611 info.ecctype = -1; 612 info.eccsize = 0; 613 if (copy_to_user(argp, &info, sizeof(struct mtd_info_user))) 614 return -EFAULT; 615 break; 616 617 case MEMERASE: 618 case MEMERASE64: 619 { 620 struct erase_info *erase; 621 622 if(!(file->f_mode & FMODE_WRITE)) 623 return -EPERM; 624 625 erase=kzalloc(sizeof(struct erase_info),GFP_KERNEL); 626 if (!erase) 627 ret = -ENOMEM; 628 else { 629 wait_queue_head_t waitq; 630 DECLARE_WAITQUEUE(wait, current); 631 632 init_waitqueue_head(&waitq); 633 634 if (cmd == MEMERASE64) { 635 struct erase_info_user64 einfo64; 636 637 if (copy_from_user(&einfo64, argp, 638 sizeof(struct erase_info_user64))) { 639 kfree(erase); 640 return -EFAULT; 641 } 642 erase->addr = einfo64.start; 643 erase->len = einfo64.length; 644 } else { 645 struct erase_info_user einfo32; 646 647 if (copy_from_user(&einfo32, argp, 648 sizeof(struct erase_info_user))) { 649 kfree(erase); 650 return -EFAULT; 651 } 652 erase->addr = einfo32.start; 653 erase->len = einfo32.length; 654 } 655 erase->mtd = mtd; 656 erase->callback = mtdchar_erase_callback; 657 erase->priv = (unsigned long)&waitq; 658 659 /* 660 FIXME: Allow INTERRUPTIBLE. Which means 661 not having the wait_queue head on the stack. 662 663 If the wq_head is on the stack, and we 664 leave because we got interrupted, then the 665 wq_head is no longer there when the 666 callback routine tries to wake us up. 667 */ 668 ret = mtd->erase(mtd, erase); 669 if (!ret) { 670 set_current_state(TASK_UNINTERRUPTIBLE); 671 add_wait_queue(&waitq, &wait); 672 if (erase->state != MTD_ERASE_DONE && 673 erase->state != MTD_ERASE_FAILED) 674 schedule(); 675 remove_wait_queue(&waitq, &wait); 676 set_current_state(TASK_RUNNING); 677 678 ret = (erase->state == MTD_ERASE_FAILED)?-EIO:0; 679 } 680 kfree(erase); 681 } 682 break; 683 } 684 685 case MEMWRITEOOB: 686 { 687 struct mtd_oob_buf buf; 688 struct mtd_oob_buf __user *buf_user = argp; 689 690 /* NOTE: writes return length to buf_user->length */ 691 if (copy_from_user(&buf, argp, sizeof(buf))) 692 ret = -EFAULT; 693 else 694 ret = mtd_do_writeoob(file, mtd, buf.start, buf.length, 695 buf.ptr, &buf_user->length); 696 break; 697 } 698 699 case MEMREADOOB: 700 { 701 struct mtd_oob_buf buf; 702 struct mtd_oob_buf __user *buf_user = argp; 703 704 /* NOTE: writes return length to buf_user->start */ 705 if (copy_from_user(&buf, argp, sizeof(buf))) 706 ret = -EFAULT; 707 else 708 ret = mtd_do_readoob(mtd, buf.start, buf.length, 709 buf.ptr, &buf_user->start); 710 break; 711 } 712 713 case MEMWRITEOOB64: 714 { 715 struct mtd_oob_buf64 buf; 716 struct mtd_oob_buf64 __user *buf_user = argp; 717 718 if (copy_from_user(&buf, argp, sizeof(buf))) 719 ret = -EFAULT; 720 else 721 ret = mtd_do_writeoob(file, mtd, buf.start, buf.length, 722 (void __user *)(uintptr_t)buf.usr_ptr, 723 &buf_user->length); 724 break; 725 } 726 727 case MEMREADOOB64: 728 { 729 struct mtd_oob_buf64 buf; 730 struct mtd_oob_buf64 __user *buf_user = argp; 731 732 if (copy_from_user(&buf, argp, sizeof(buf))) 733 ret = -EFAULT; 734 else 735 ret = mtd_do_readoob(mtd, buf.start, buf.length, 736 (void __user *)(uintptr_t)buf.usr_ptr, 737 &buf_user->length); 738 break; 739 } 740 741 case MEMLOCK: 742 { 743 struct erase_info_user einfo; 744 745 if (copy_from_user(&einfo, argp, sizeof(einfo))) 746 return -EFAULT; 747 748 if (!mtd->lock) 749 ret = -EOPNOTSUPP; 750 else 751 ret = mtd->lock(mtd, einfo.start, einfo.length); 752 break; 753 } 754 755 case MEMUNLOCK: 756 { 757 struct erase_info_user einfo; 758 759 if (copy_from_user(&einfo, argp, sizeof(einfo))) 760 return -EFAULT; 761 762 if (!mtd->unlock) 763 ret = -EOPNOTSUPP; 764 else 765 ret = mtd->unlock(mtd, einfo.start, einfo.length); 766 break; 767 } 768 769 case MEMISLOCKED: 770 { 771 struct erase_info_user einfo; 772 773 if (copy_from_user(&einfo, argp, sizeof(einfo))) 774 return -EFAULT; 775 776 if (!mtd->is_locked) 777 ret = -EOPNOTSUPP; 778 else 779 ret = mtd->is_locked(mtd, einfo.start, einfo.length); 780 break; 781 } 782 783 /* Legacy interface */ 784 case MEMGETOOBSEL: 785 { 786 struct nand_oobinfo oi; 787 788 if (!mtd->ecclayout) 789 return -EOPNOTSUPP; 790 if (mtd->ecclayout->eccbytes > ARRAY_SIZE(oi.eccpos)) 791 return -EINVAL; 792 793 oi.useecc = MTD_NANDECC_AUTOPLACE; 794 memcpy(&oi.eccpos, mtd->ecclayout->eccpos, sizeof(oi.eccpos)); 795 memcpy(&oi.oobfree, mtd->ecclayout->oobfree, 796 sizeof(oi.oobfree)); 797 oi.eccbytes = mtd->ecclayout->eccbytes; 798 799 if (copy_to_user(argp, &oi, sizeof(struct nand_oobinfo))) 800 return -EFAULT; 801 break; 802 } 803 804 case MEMGETBADBLOCK: 805 { 806 loff_t offs; 807 808 if (copy_from_user(&offs, argp, sizeof(loff_t))) 809 return -EFAULT; 810 if (!mtd->block_isbad) 811 ret = -EOPNOTSUPP; 812 else 813 return mtd->block_isbad(mtd, offs); 814 break; 815 } 816 817 case MEMSETBADBLOCK: 818 { 819 loff_t offs; 820 821 if (copy_from_user(&offs, argp, sizeof(loff_t))) 822 return -EFAULT; 823 if (!mtd->block_markbad) 824 ret = -EOPNOTSUPP; 825 else 826 return mtd->block_markbad(mtd, offs); 827 break; 828 } 829 830 #ifdef CONFIG_HAVE_MTD_OTP 831 case OTPSELECT: 832 { 833 int mode; 834 if (copy_from_user(&mode, argp, sizeof(int))) 835 return -EFAULT; 836 837 mfi->mode = MTD_MODE_NORMAL; 838 839 ret = otp_select_filemode(mfi, mode); 840 841 file->f_pos = 0; 842 break; 843 } 844 845 case OTPGETREGIONCOUNT: 846 case OTPGETREGIONINFO: 847 { 848 struct otp_info *buf = kmalloc(4096, GFP_KERNEL); 849 if (!buf) 850 return -ENOMEM; 851 ret = -EOPNOTSUPP; 852 switch (mfi->mode) { 853 case MTD_MODE_OTP_FACTORY: 854 if (mtd->get_fact_prot_info) 855 ret = mtd->get_fact_prot_info(mtd, buf, 4096); 856 break; 857 case MTD_MODE_OTP_USER: 858 if (mtd->get_user_prot_info) 859 ret = mtd->get_user_prot_info(mtd, buf, 4096); 860 break; 861 default: 862 break; 863 } 864 if (ret >= 0) { 865 if (cmd == OTPGETREGIONCOUNT) { 866 int nbr = ret / sizeof(struct otp_info); 867 ret = copy_to_user(argp, &nbr, sizeof(int)); 868 } else 869 ret = copy_to_user(argp, buf, ret); 870 if (ret) 871 ret = -EFAULT; 872 } 873 kfree(buf); 874 break; 875 } 876 877 case OTPLOCK: 878 { 879 struct otp_info oinfo; 880 881 if (mfi->mode != MTD_MODE_OTP_USER) 882 return -EINVAL; 883 if (copy_from_user(&oinfo, argp, sizeof(oinfo))) 884 return -EFAULT; 885 if (!mtd->lock_user_prot_reg) 886 return -EOPNOTSUPP; 887 ret = mtd->lock_user_prot_reg(mtd, oinfo.start, oinfo.length); 888 break; 889 } 890 #endif 891 892 /* This ioctl is being deprecated - it truncates the ecc layout */ 893 case ECCGETLAYOUT: 894 { 895 struct nand_ecclayout_user *usrlay; 896 897 if (!mtd->ecclayout) 898 return -EOPNOTSUPP; 899 900 usrlay = kmalloc(sizeof(*usrlay), GFP_KERNEL); 901 if (!usrlay) 902 return -ENOMEM; 903 904 shrink_ecclayout(mtd->ecclayout, usrlay); 905 906 if (copy_to_user(argp, usrlay, sizeof(*usrlay))) 907 ret = -EFAULT; 908 kfree(usrlay); 909 break; 910 } 911 912 case ECCGETSTATS: 913 { 914 if (copy_to_user(argp, &mtd->ecc_stats, 915 sizeof(struct mtd_ecc_stats))) 916 return -EFAULT; 917 break; 918 } 919 920 case MTDFILEMODE: 921 { 922 mfi->mode = 0; 923 924 switch(arg) { 925 case MTD_MODE_OTP_FACTORY: 926 case MTD_MODE_OTP_USER: 927 ret = otp_select_filemode(mfi, arg); 928 break; 929 930 case MTD_MODE_RAW: 931 if (!mtd->read_oob || !mtd->write_oob) 932 return -EOPNOTSUPP; 933 mfi->mode = arg; 934 935 case MTD_MODE_NORMAL: 936 break; 937 default: 938 ret = -EINVAL; 939 } 940 file->f_pos = 0; 941 break; 942 } 943 944 #ifdef CONFIG_MTD_PARTITIONS 945 case BLKPG: 946 { 947 ret = mtd_blkpg_ioctl(mtd, 948 (struct blkpg_ioctl_arg __user *)arg); 949 break; 950 } 951 952 case BLKRRPART: 953 { 954 /* No reread partition feature. Just return ok */ 955 ret = 0; 956 break; 957 } 958 #endif 959 960 default: 961 ret = -ENOTTY; 962 } 963 964 return ret; 965 } /* memory_ioctl */ 966 967 static long mtd_unlocked_ioctl(struct file *file, u_int cmd, u_long arg) 968 { 969 int ret; 970 971 mutex_lock(&mtd_mutex); 972 ret = mtd_ioctl(file, cmd, arg); 973 mutex_unlock(&mtd_mutex); 974 975 return ret; 976 } 977 978 #ifdef CONFIG_COMPAT 979 980 struct mtd_oob_buf32 { 981 u_int32_t start; 982 u_int32_t length; 983 compat_caddr_t ptr; /* unsigned char* */ 984 }; 985 986 #define MEMWRITEOOB32 _IOWR('M', 3, struct mtd_oob_buf32) 987 #define MEMREADOOB32 _IOWR('M', 4, struct mtd_oob_buf32) 988 989 static long mtd_compat_ioctl(struct file *file, unsigned int cmd, 990 unsigned long arg) 991 { 992 struct mtd_file_info *mfi = file->private_data; 993 struct mtd_info *mtd = mfi->mtd; 994 void __user *argp = compat_ptr(arg); 995 int ret = 0; 996 997 mutex_lock(&mtd_mutex); 998 999 switch (cmd) { 1000 case MEMWRITEOOB32: 1001 { 1002 struct mtd_oob_buf32 buf; 1003 struct mtd_oob_buf32 __user *buf_user = argp; 1004 1005 if (copy_from_user(&buf, argp, sizeof(buf))) 1006 ret = -EFAULT; 1007 else 1008 ret = mtd_do_writeoob(file, mtd, buf.start, 1009 buf.length, compat_ptr(buf.ptr), 1010 &buf_user->length); 1011 break; 1012 } 1013 1014 case MEMREADOOB32: 1015 { 1016 struct mtd_oob_buf32 buf; 1017 struct mtd_oob_buf32 __user *buf_user = argp; 1018 1019 /* NOTE: writes return length to buf->start */ 1020 if (copy_from_user(&buf, argp, sizeof(buf))) 1021 ret = -EFAULT; 1022 else 1023 ret = mtd_do_readoob(mtd, buf.start, 1024 buf.length, compat_ptr(buf.ptr), 1025 &buf_user->start); 1026 break; 1027 } 1028 default: 1029 ret = mtd_ioctl(file, cmd, (unsigned long)argp); 1030 } 1031 1032 mutex_unlock(&mtd_mutex); 1033 1034 return ret; 1035 } 1036 1037 #endif /* CONFIG_COMPAT */ 1038 1039 /* 1040 * try to determine where a shared mapping can be made 1041 * - only supported for NOMMU at the moment (MMU can't doesn't copy private 1042 * mappings) 1043 */ 1044 #ifndef CONFIG_MMU 1045 static unsigned long mtd_get_unmapped_area(struct file *file, 1046 unsigned long addr, 1047 unsigned long len, 1048 unsigned long pgoff, 1049 unsigned long flags) 1050 { 1051 struct mtd_file_info *mfi = file->private_data; 1052 struct mtd_info *mtd = mfi->mtd; 1053 1054 if (mtd->get_unmapped_area) { 1055 unsigned long offset; 1056 1057 if (addr != 0) 1058 return (unsigned long) -EINVAL; 1059 1060 if (len > mtd->size || pgoff >= (mtd->size >> PAGE_SHIFT)) 1061 return (unsigned long) -EINVAL; 1062 1063 offset = pgoff << PAGE_SHIFT; 1064 if (offset > mtd->size - len) 1065 return (unsigned long) -EINVAL; 1066 1067 return mtd->get_unmapped_area(mtd, len, offset, flags); 1068 } 1069 1070 /* can't map directly */ 1071 return (unsigned long) -ENOSYS; 1072 } 1073 #endif 1074 1075 /* 1076 * set up a mapping for shared memory segments 1077 */ 1078 static int mtd_mmap(struct file *file, struct vm_area_struct *vma) 1079 { 1080 #ifdef CONFIG_MMU 1081 struct mtd_file_info *mfi = file->private_data; 1082 struct mtd_info *mtd = mfi->mtd; 1083 struct map_info *map = mtd->priv; 1084 unsigned long start; 1085 unsigned long off; 1086 u32 len; 1087 1088 if (mtd->type == MTD_RAM || mtd->type == MTD_ROM) { 1089 off = vma->vm_pgoff << PAGE_SHIFT; 1090 start = map->phys; 1091 len = PAGE_ALIGN((start & ~PAGE_MASK) + map->size); 1092 start &= PAGE_MASK; 1093 if ((vma->vm_end - vma->vm_start + off) > len) 1094 return -EINVAL; 1095 1096 off += start; 1097 vma->vm_pgoff = off >> PAGE_SHIFT; 1098 vma->vm_flags |= VM_IO | VM_RESERVED; 1099 1100 #ifdef pgprot_noncached 1101 if (file->f_flags & O_DSYNC || off >= __pa(high_memory)) 1102 vma->vm_page_prot = pgprot_noncached(vma->vm_page_prot); 1103 #endif 1104 if (io_remap_pfn_range(vma, vma->vm_start, off >> PAGE_SHIFT, 1105 vma->vm_end - vma->vm_start, 1106 vma->vm_page_prot)) 1107 return -EAGAIN; 1108 1109 return 0; 1110 } 1111 return -ENOSYS; 1112 #else 1113 return vma->vm_flags & VM_SHARED ? 0 : -ENOSYS; 1114 #endif 1115 } 1116 1117 static const struct file_operations mtd_fops = { 1118 .owner = THIS_MODULE, 1119 .llseek = mtd_lseek, 1120 .read = mtd_read, 1121 .write = mtd_write, 1122 .unlocked_ioctl = mtd_unlocked_ioctl, 1123 #ifdef CONFIG_COMPAT 1124 .compat_ioctl = mtd_compat_ioctl, 1125 #endif 1126 .open = mtd_open, 1127 .release = mtd_close, 1128 .mmap = mtd_mmap, 1129 #ifndef CONFIG_MMU 1130 .get_unmapped_area = mtd_get_unmapped_area, 1131 #endif 1132 }; 1133 1134 static struct dentry *mtd_inodefs_mount(struct file_system_type *fs_type, 1135 int flags, const char *dev_name, void *data) 1136 { 1137 return mount_pseudo(fs_type, "mtd_inode:", NULL, MTD_INODE_FS_MAGIC); 1138 } 1139 1140 static struct file_system_type mtd_inodefs_type = { 1141 .name = "mtd_inodefs", 1142 .mount = mtd_inodefs_mount, 1143 .kill_sb = kill_anon_super, 1144 }; 1145 1146 static void mtdchar_notify_add(struct mtd_info *mtd) 1147 { 1148 } 1149 1150 static void mtdchar_notify_remove(struct mtd_info *mtd) 1151 { 1152 struct inode *mtd_ino = ilookup(mtd_inode_mnt->mnt_sb, mtd->index); 1153 1154 if (mtd_ino) { 1155 /* Destroy the inode if it exists */ 1156 mtd_ino->i_nlink = 0; 1157 iput(mtd_ino); 1158 } 1159 } 1160 1161 static struct mtd_notifier mtdchar_notifier = { 1162 .add = mtdchar_notify_add, 1163 .remove = mtdchar_notify_remove, 1164 }; 1165 1166 static int __init init_mtdchar(void) 1167 { 1168 int ret; 1169 1170 ret = __register_chrdev(MTD_CHAR_MAJOR, 0, 1 << MINORBITS, 1171 "mtd", &mtd_fops); 1172 if (ret < 0) { 1173 pr_notice("Can't allocate major number %d for " 1174 "Memory Technology Devices.\n", MTD_CHAR_MAJOR); 1175 return ret; 1176 } 1177 1178 ret = register_filesystem(&mtd_inodefs_type); 1179 if (ret) { 1180 pr_notice("Can't register mtd_inodefs filesystem: %d\n", ret); 1181 goto err_unregister_chdev; 1182 } 1183 1184 mtd_inode_mnt = kern_mount(&mtd_inodefs_type); 1185 if (IS_ERR(mtd_inode_mnt)) { 1186 ret = PTR_ERR(mtd_inode_mnt); 1187 pr_notice("Error mounting mtd_inodefs filesystem: %d\n", ret); 1188 goto err_unregister_filesystem; 1189 } 1190 register_mtd_user(&mtdchar_notifier); 1191 1192 return ret; 1193 1194 err_unregister_filesystem: 1195 unregister_filesystem(&mtd_inodefs_type); 1196 err_unregister_chdev: 1197 __unregister_chrdev(MTD_CHAR_MAJOR, 0, 1 << MINORBITS, "mtd"); 1198 return ret; 1199 } 1200 1201 static void __exit cleanup_mtdchar(void) 1202 { 1203 unregister_mtd_user(&mtdchar_notifier); 1204 mntput(mtd_inode_mnt); 1205 unregister_filesystem(&mtd_inodefs_type); 1206 __unregister_chrdev(MTD_CHAR_MAJOR, 0, 1 << MINORBITS, "mtd"); 1207 } 1208 1209 module_init(init_mtdchar); 1210 module_exit(cleanup_mtdchar); 1211 1212 MODULE_ALIAS_CHARDEV_MAJOR(MTD_CHAR_MAJOR); 1213 1214 MODULE_LICENSE("GPL"); 1215 MODULE_AUTHOR("David Woodhouse <dwmw2@infradead.org>"); 1216 MODULE_DESCRIPTION("Direct character-device access to MTD devices"); 1217 MODULE_ALIAS_CHARDEV_MAJOR(MTD_CHAR_MAJOR); 1218