projects / GitHub / moto-9609 / android_kernel_motorola_exynos9610.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
fix rebase0430 build error
[GitHub/moto-9609/android_kernel_motorola_exynos9610.git] / drivers / mtd / mtdchar.c
1 /*
2 * Copyright © 1999-2010 David Woodhouse <dwmw2@infradead.org>
3 *
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License as published by
6 * the Free Software Foundation; either version 2 of the License, or
7 * (at your option) any later version.
8 *
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
13 *
14 * You should have received a copy of the GNU General Public License
15 * along with this program; if not, write to the Free Software
16 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
17 *
18 */
19
20 #include <linux/device.h>
21 #include <linux/fs.h>
22 #include <linux/mm.h>
23 #include <linux/err.h>
24 #include <linux/init.h>
25 #include <linux/kernel.h>
26 #include <linux/module.h>
27 #include <linux/slab.h>
28 #include <linux/sched.h>
29 #include <linux/mutex.h>
30 #include <linux/backing-dev.h>
31 #include <linux/compat.h>
32 #include <linux/mount.h>
33 #include <linux/blkpg.h>
34 #include <linux/magic.h>
35 #include <linux/major.h>
36 #include <linux/mtd/mtd.h>
37 #include <linux/mtd/partitions.h>
38 #include <linux/mtd/map.h>
39
40 #include <linux/uaccess.h>
41
42 #include "mtdcore.h"
43
44 static DEFINE_MUTEX(mtd_mutex);
45
46 /*
47 * Data structure to hold the pointer to the mtd device as well
48 * as mode information of various use cases.
49 */
50 struct mtd_file_info {
51 struct mtd_info *mtd;
52 enum mtd_file_modes mode;
53 };
54
55 static loff_t mtdchar_lseek(struct file *file, loff_t offset, int orig)
56 {
57 struct mtd_file_info *mfi = file->private_data;
58 return fixed_size_llseek(file, offset, orig, mfi->mtd->size);
59 }
60
61 static int mtdchar_open(struct inode *inode, struct file *file)
62 {
63 int minor = iminor(inode);
64 int devnum = minor >> 1;
65 int ret = 0;
66 struct mtd_info *mtd;
67 struct mtd_file_info *mfi;
68
69 pr_debug("MTD_open\n");
70
71 /* You can't open the RO devices RW */
72 if ((file->f_mode & FMODE_WRITE) && (minor & 1))
73 return -EACCES;
74
75 mutex_lock(&mtd_mutex);
76 mtd = get_mtd_device(NULL, devnum);
77
78 if (IS_ERR(mtd)) {
79 ret = PTR_ERR(mtd);
80 goto out;
81 }
82
83 if (mtd->type == MTD_ABSENT) {
84 ret = -ENODEV;
85 goto out1;
86 }
87
88 /* You can't open it RW if it's not a writeable device */
89 if ((file->f_mode & FMODE_WRITE) && !(mtd->flags & MTD_WRITEABLE)) {
90 ret = -EACCES;
91 goto out1;
92 }
93
94 mfi = kzalloc(sizeof(*mfi), GFP_KERNEL);
95 if (!mfi) {
96 ret = -ENOMEM;
97 goto out1;
98 }
99 mfi->mtd = mtd;
100 file->private_data = mfi;
101 mutex_unlock(&mtd_mutex);
102 return 0;
103
104 out1:
105 put_mtd_device(mtd);
106 out:
107 mutex_unlock(&mtd_mutex);
108 return ret;
109 } /* mtdchar_open */
110
111 /*====================================================================*/
112
113 static int mtdchar_close(struct inode *inode, struct file *file)
114 {
115 struct mtd_file_info *mfi = file->private_data;
116 struct mtd_info *mtd = mfi->mtd;
117
118 pr_debug("MTD_close\n");
119
120 /* Only sync if opened RW */
121 if ((file->f_mode & FMODE_WRITE))
122 mtd_sync(mtd);
123
124 put_mtd_device(mtd);
125 file->private_data = NULL;
126 kfree(mfi);
127
128 return 0;
129 } /* mtdchar_close */
130
131 /* Back in June 2001, dwmw2 wrote:
132 *
133 * FIXME: This _really_ needs to die. In 2.5, we should lock the
134 * userspace buffer down and use it directly with readv/writev.
135 *
136 * The implementation below, using mtd_kmalloc_up_to, mitigates
137 * allocation failures when the system is under low-memory situations
138 * or if memory is highly fragmented at the cost of reducing the
139 * performance of the requested transfer due to a smaller buffer size.
140 *
141 * A more complex but more memory-efficient implementation based on
142 * get_user_pages and iovecs to cover extents of those pages is a
143 * longer-term goal, as intimated by dwmw2 above. However, for the
144 * write case, this requires yet more complex head and tail transfer
145 * handling when those head and tail offsets and sizes are such that
146 * alignment requirements are not met in the NAND subdriver.
147 */
148
149 static ssize_t mtdchar_read(struct file *file, char __user *buf, size_t count,
150 loff_t *ppos)
151 {
152 struct mtd_file_info *mfi = file->private_data;
153 struct mtd_info *mtd = mfi->mtd;
154 size_t retlen;
155 size_t total_retlen=0;
156 int ret=0;
157 int len;
158 size_t size = count;
159 char *kbuf;
160
161 pr_debug("MTD_read\n");
162
163 if (*ppos + count > mtd->size) {
164 if (*ppos < mtd->size)
165 count = mtd->size - *ppos;
166 else
167 count = 0;
168 }
169
170 if (!count)
171 return 0;
172
173 kbuf = mtd_kmalloc_up_to(mtd, &size);
174 if (!kbuf)
175 return -ENOMEM;
176
177 while (count) {
178 len = min_t(size_t, count, size);
179
180 switch (mfi->mode) {
181 case MTD_FILE_MODE_OTP_FACTORY:
182 ret = mtd_read_fact_prot_reg(mtd, *ppos, len,
183 &retlen, kbuf);
184 break;
185 case MTD_FILE_MODE_OTP_USER:
186 ret = mtd_read_user_prot_reg(mtd, *ppos, len,
187 &retlen, kbuf);
188 break;
189 case MTD_FILE_MODE_RAW:
190 {
191 struct mtd_oob_ops ops;
192
193 ops.mode = MTD_OPS_RAW;
194 ops.datbuf = kbuf;
195 ops.oobbuf = NULL;
196 ops.len = len;
197
198 ret = mtd_read_oob(mtd, *ppos, &ops);
199 retlen = ops.retlen;
200 break;
201 }
202 default:
203 ret = mtd_read(mtd, *ppos, len, &retlen, kbuf);
204 }
205 /* Nand returns -EBADMSG on ECC errors, but it returns
206 * the data. For our userspace tools it is important
207 * to dump areas with ECC errors!
208 * For kernel internal usage it also might return -EUCLEAN
209 * to signal the caller that a bitflip has occurred and has
210 * been corrected by the ECC algorithm.
211 * Userspace software which accesses NAND this way
212 * must be aware of the fact that it deals with NAND
213 */
214 if (!ret || mtd_is_bitflip_or_eccerr(ret)) {
215 *ppos += retlen;
216 if (copy_to_user(buf, kbuf, retlen)) {
217 kfree(kbuf);
218 return -EFAULT;
219 }
220 else
221 total_retlen += retlen;
222
223 count -= retlen;
224 buf += retlen;
225 if (retlen == 0)
226 count = 0;
227 }
228 else {
229 kfree(kbuf);
230 return ret;
231 }
232
233 }
234
235 kfree(kbuf);
236 return total_retlen;
237 } /* mtdchar_read */
238
239 static ssize_t mtdchar_write(struct file *file, const char __user *buf, size_t count,
240 loff_t *ppos)
241 {
242 struct mtd_file_info *mfi = file->private_data;
243 struct mtd_info *mtd = mfi->mtd;
244 size_t size = count;
245 char *kbuf;
246 size_t retlen;
247 size_t total_retlen=0;
248 int ret=0;
249 int len;
250
251 pr_debug("MTD_write\n");
252
253 if (*ppos >= mtd->size)
254 return -ENOSPC;
255
256 if (*ppos + count > mtd->size)
257 count = mtd->size - *ppos;
258
259 if (!count)
260 return 0;
261
262 kbuf = mtd_kmalloc_up_to(mtd, &size);
263 if (!kbuf)
264 return -ENOMEM;
265
266 while (count) {
267 len = min_t(size_t, count, size);
268
269 if (copy_from_user(kbuf, buf, len)) {
270 kfree(kbuf);
271 return -EFAULT;
272 }
273
274 switch (mfi->mode) {
275 case MTD_FILE_MODE_OTP_FACTORY:
276 ret = -EROFS;
277 break;
278 case MTD_FILE_MODE_OTP_USER:
279 ret = mtd_write_user_prot_reg(mtd, *ppos, len,
280 &retlen, kbuf);
281 break;
282
283 case MTD_FILE_MODE_RAW:
284 {
285 struct mtd_oob_ops ops;
286
287 ops.mode = MTD_OPS_RAW;
288 ops.datbuf = kbuf;
289 ops.oobbuf = NULL;
290 ops.ooboffs = 0;
291 ops.len = len;
292
293 ret = mtd_write_oob(mtd, *ppos, &ops);
294 retlen = ops.retlen;
295 break;
296 }
297
298 default:
299 ret = mtd_write(mtd, *ppos, len, &retlen, kbuf);
300 }
301
302 /*
303 * Return -ENOSPC only if no data could be written at all.
304 * Otherwise just return the number of bytes that actually
305 * have been written.
306 */
307 if ((ret == -ENOSPC) && (total_retlen))
308 break;
309
310 if (!ret) {
311 *ppos += retlen;
312 total_retlen += retlen;
313 count -= retlen;
314 buf += retlen;
315 }
316 else {
317 kfree(kbuf);
318 return ret;
319 }
320 }
321
322 kfree(kbuf);
323 return total_retlen;
324 } /* mtdchar_write */
325
326 /*======================================================================
327
328 IOCTL calls for getting device parameters.
329
330 ======================================================================*/
331 static void mtdchar_erase_callback (struct erase_info *instr)
332 {
333 wake_up((wait_queue_head_t *)instr->priv);
334 }
335
336 static int otp_select_filemode(struct mtd_file_info *mfi, int mode)
337 {
338 struct mtd_info *mtd = mfi->mtd;
339 size_t retlen;
340
341 switch (mode) {
342 case MTD_OTP_FACTORY:
343 if (mtd_read_fact_prot_reg(mtd, -1, 0, &retlen, NULL) ==
344 -EOPNOTSUPP)
345 return -EOPNOTSUPP;
346
347 mfi->mode = MTD_FILE_MODE_OTP_FACTORY;
348 break;
349 case MTD_OTP_USER:
350 if (mtd_read_user_prot_reg(mtd, -1, 0, &retlen, NULL) ==
351 -EOPNOTSUPP)
352 return -EOPNOTSUPP;
353
354 mfi->mode = MTD_FILE_MODE_OTP_USER;
355 break;
356 case MTD_OTP_OFF:
357 mfi->mode = MTD_FILE_MODE_NORMAL;
358 break;
359 default:
360 return -EINVAL;
361 }
362
363 return 0;
364 }
365
366 static int mtdchar_writeoob(struct file *file, struct mtd_info *mtd,
367 uint64_t start, uint32_t length, void __user *ptr,
368 uint32_t __user *retp)
369 {
370 struct mtd_file_info *mfi = file->private_data;
371 struct mtd_oob_ops ops;
372 uint32_t retlen;
373 int ret = 0;
374
375 if (!(file->f_mode & FMODE_WRITE))
376 return -EPERM;
377
378 if (length > 4096)
379 return -EINVAL;
380
381 if (!mtd->_write_oob)
382 ret = -EOPNOTSUPP;
383 else
384 ret = access_ok(VERIFY_READ, ptr, length) ? 0 : -EFAULT;
385
386 if (ret)
387 return ret;
388
389 ops.ooblen = length;
390 ops.ooboffs = start & (mtd->writesize - 1);
391 ops.datbuf = NULL;
392 ops.mode = (mfi->mode == MTD_FILE_MODE_RAW) ? MTD_OPS_RAW :
393 MTD_OPS_PLACE_OOB;
394
395 if (ops.ooboffs && ops.ooblen > (mtd->oobsize - ops.ooboffs))
396 return -EINVAL;
397
398 ops.oobbuf = memdup_user(ptr, length);
399 if (IS_ERR(ops.oobbuf))
400 return PTR_ERR(ops.oobbuf);
401
402 start &= ~((uint64_t)mtd->writesize - 1);
403 ret = mtd_write_oob(mtd, start, &ops);
404
405 if (ops.oobretlen > 0xFFFFFFFFU)
406 ret = -EOVERFLOW;
407 retlen = ops.oobretlen;
408 if (copy_to_user(retp, &retlen, sizeof(length)))
409 ret = -EFAULT;
410
411 kfree(ops.oobbuf);
412 return ret;
413 }
414
415 static int mtdchar_readoob(struct file *file, struct mtd_info *mtd,
416 uint64_t start, uint32_t length, void __user *ptr,
417 uint32_t __user *retp)
418 {
419 struct mtd_file_info *mfi = file->private_data;
420 struct mtd_oob_ops ops;
421 int ret = 0;
422
423 if (length > 4096)
424 return -EINVAL;
425
426 if (!access_ok(VERIFY_WRITE, ptr, length))
427 return -EFAULT;
428
429 ops.ooblen = length;
430 ops.ooboffs = start & (mtd->writesize - 1);
431 ops.datbuf = NULL;
432 ops.mode = (mfi->mode == MTD_FILE_MODE_RAW) ? MTD_OPS_RAW :
433 MTD_OPS_PLACE_OOB;
434
435 if (ops.ooboffs && ops.ooblen > (mtd->oobsize - ops.ooboffs))
436 return -EINVAL;
437
438 ops.oobbuf = kmalloc(length, GFP_KERNEL);
439 if (!ops.oobbuf)
440 return -ENOMEM;
441
442 start &= ~((uint64_t)mtd->writesize - 1);
443 ret = mtd_read_oob(mtd, start, &ops);
444
445 if (put_user(ops.oobretlen, retp))
446 ret = -EFAULT;
447 else if (ops.oobretlen && copy_to_user(ptr, ops.oobbuf,
448 ops.oobretlen))
449 ret = -EFAULT;
450
451 kfree(ops.oobbuf);
452
453 /*
454 * NAND returns -EBADMSG on ECC errors, but it returns the OOB
455 * data. For our userspace tools it is important to dump areas
456 * with ECC errors!
457 * For kernel internal usage it also might return -EUCLEAN
458 * to signal the caller that a bitflip has occurred and has
459 * been corrected by the ECC algorithm.
460 *
461 * Note: currently the standard NAND function, nand_read_oob_std,
462 * does not calculate ECC for the OOB area, so do not rely on
463 * this behavior unless you have replaced it with your own.
464 */
465 if (mtd_is_bitflip_or_eccerr(ret))
466 return 0;
467
468 return ret;
469 }
470
471 /*
472 * Copies (and truncates, if necessary) OOB layout information to the
473 * deprecated layout struct, nand_ecclayout_user. This is necessary only to
474 * support the deprecated API ioctl ECCGETLAYOUT while allowing all new
475 * functionality to use mtd_ooblayout_ops flexibly (i.e. mtd_ooblayout_ops
476 * can describe any kind of OOB layout with almost zero overhead from a
477 * memory usage point of view).
478 */
479 static int shrink_ecclayout(struct mtd_info *mtd,
480 struct nand_ecclayout_user *to)
481 {
482 struct mtd_oob_region oobregion;
483 int i, section = 0, ret;
484
485 if (!mtd || !to)
486 return -EINVAL;
487
488 memset(to, 0, sizeof(*to));
489
490 to->eccbytes = 0;
491 for (i = 0; i < MTD_MAX_ECCPOS_ENTRIES;) {
492 u32 eccpos;
493
494 ret = mtd_ooblayout_ecc(mtd, section++, &oobregion);
495 if (ret < 0) {
496 if (ret != -ERANGE)
497 return ret;
498
499 break;
500 }
501
502 eccpos = oobregion.offset;
503 for (; i < MTD_MAX_ECCPOS_ENTRIES &&
504 eccpos < oobregion.offset + oobregion.length; i++) {
505 to->eccpos[i] = eccpos++;
506 to->eccbytes++;
507 }
508 }
509
510 for (i = 0; i < MTD_MAX_OOBFREE_ENTRIES; i++) {
511 ret = mtd_ooblayout_free(mtd, i, &oobregion);
512 if (ret < 0) {
513 if (ret != -ERANGE)
514 return ret;
515
516 break;
517 }
518
519 to->oobfree[i].offset = oobregion.offset;
520 to->oobfree[i].length = oobregion.length;
521 to->oobavail += to->oobfree[i].length;
522 }
523
524 return 0;
525 }
526
527 static int get_oobinfo(struct mtd_info *mtd, struct nand_oobinfo *to)
528 {
529 struct mtd_oob_region oobregion;
530 int i, section = 0, ret;
531
532 if (!mtd || !to)
533 return -EINVAL;
534
535 memset(to, 0, sizeof(*to));
536
537 to->eccbytes = 0;
538 for (i = 0; i < ARRAY_SIZE(to->eccpos);) {
539 u32 eccpos;
540
541 ret = mtd_ooblayout_ecc(mtd, section++, &oobregion);
542 if (ret < 0) {
543 if (ret != -ERANGE)
544 return ret;
545
546 break;
547 }
548
549 if (oobregion.length + i > ARRAY_SIZE(to->eccpos))
550 return -EINVAL;
551
552 eccpos = oobregion.offset;
553 for (; eccpos < oobregion.offset + oobregion.length; i++) {
554 to->eccpos[i] = eccpos++;
555 to->eccbytes++;
556 }
557 }
558
559 for (i = 0; i < 8; i++) {
560 ret = mtd_ooblayout_free(mtd, i, &oobregion);
561 if (ret < 0) {
562 if (ret != -ERANGE)
563 return ret;
564
565 break;
566 }
567
568 to->oobfree[i][0] = oobregion.offset;
569 to->oobfree[i][1] = oobregion.length;
570 }
571
572 to->useecc = MTD_NANDECC_AUTOPLACE;
573
574 return 0;
575 }
576
577 static int mtdchar_blkpg_ioctl(struct mtd_info *mtd,
578 struct blkpg_ioctl_arg *arg)
579 {
580 struct blkpg_partition p;
581
582 if (!capable(CAP_SYS_ADMIN))
583 return -EPERM;
584
585 if (copy_from_user(&p, arg->data, sizeof(p)))
586 return -EFAULT;
587
588 switch (arg->op) {
589 case BLKPG_ADD_PARTITION:
590
591 /* Only master mtd device must be used to add partitions */
592 if (mtd_is_partition(mtd))
593 return -EINVAL;
594
595 /* Sanitize user input */
596 p.devname[BLKPG_DEVNAMELTH - 1] = '\0';
597
598 return mtd_add_partition(mtd, p.devname, p.start, p.length);
599
600 case BLKPG_DEL_PARTITION:
601
602 if (p.pno < 0)
603 return -EINVAL;
604
605 return mtd_del_partition(mtd, p.pno);
606
607 default:
608 return -EINVAL;
609 }
610 }
611
612 static int mtdchar_write_ioctl(struct mtd_info *mtd,
613 struct mtd_write_req __user *argp)
614 {
615 struct mtd_write_req req;
616 struct mtd_oob_ops ops;
617 const void __user *usr_data, *usr_oob;
618 int ret;
619
620 if (copy_from_user(&req, argp, sizeof(req)))
621 return -EFAULT;
622
623 usr_data = (const void __user *)(uintptr_t)req.usr_data;
624 usr_oob = (const void __user *)(uintptr_t)req.usr_oob;
625 if (!access_ok(VERIFY_READ, usr_data, req.len) ||
626 !access_ok(VERIFY_READ, usr_oob, req.ooblen))
627 return -EFAULT;
628
629 if (!mtd->_write_oob)
630 return -EOPNOTSUPP;
631
632 ops.mode = req.mode;
633 ops.len = (size_t)req.len;
634 ops.ooblen = (size_t)req.ooblen;
635 ops.ooboffs = 0;
636
637 if (usr_data) {
638 ops.datbuf = memdup_user(usr_data, ops.len);
639 if (IS_ERR(ops.datbuf))
640 return PTR_ERR(ops.datbuf);
641 } else {
642 ops.datbuf = NULL;
643 }
644
645 if (usr_oob) {
646 ops.oobbuf = memdup_user(usr_oob, ops.ooblen);
647 if (IS_ERR(ops.oobbuf)) {
648 kfree(ops.datbuf);
649 return PTR_ERR(ops.oobbuf);
650 }
651 } else {
652 ops.oobbuf = NULL;
653 }
654
655 ret = mtd_write_oob(mtd, (loff_t)req.start, &ops);
656
657 kfree(ops.datbuf);
658 kfree(ops.oobbuf);
659
660 return ret;
661 }
662
663 static int mtdchar_ioctl(struct file *file, u_int cmd, u_long arg)
664 {
665 struct mtd_file_info *mfi = file->private_data;
666 struct mtd_info *mtd = mfi->mtd;
667 void __user *argp = (void __user *)arg;
668 int ret = 0;
669 u_long size;
670 struct mtd_info_user info;
671
672 pr_debug("MTD_ioctl\n");
673
674 size = (cmd & IOCSIZE_MASK) >> IOCSIZE_SHIFT;
675 if (cmd & IOC_IN) {
676 if (!access_ok(VERIFY_READ, argp, size))
677 return -EFAULT;
678 }
679 if (cmd & IOC_OUT) {
680 if (!access_ok(VERIFY_WRITE, argp, size))
681 return -EFAULT;
682 }
683
684 switch (cmd) {
685 case MEMGETREGIONCOUNT:
686 if (copy_to_user(argp, &(mtd->numeraseregions), sizeof(int)))
687 return -EFAULT;
688 break;
689
690 case MEMGETREGIONINFO:
691 {
692 uint32_t ur_idx;
693 struct mtd_erase_region_info *kr;
694 struct region_info_user __user *ur = argp;
695
696 if (get_user(ur_idx, &(ur->regionindex)))
697 return -EFAULT;
698
699 if (ur_idx >= mtd->numeraseregions)
700 return -EINVAL;
701
702 kr = &(mtd->eraseregions[ur_idx]);
703
704 if (put_user(kr->offset, &(ur->offset))
705 || put_user(kr->erasesize, &(ur->erasesize))
706 || put_user(kr->numblocks, &(ur->numblocks)))
707 return -EFAULT;
708
709 break;
710 }
711
712 case MEMGETINFO:
713 memset(&info, 0, sizeof(info));
714 info.type = mtd->type;
715 info.flags = mtd->flags;
716 info.size = mtd->size;
717 info.erasesize = mtd->erasesize;
718 info.writesize = mtd->writesize;
719 info.oobsize = mtd->oobsize;
720 /* The below field is obsolete */
721 info.padding = 0;
722 if (copy_to_user(argp, &info, sizeof(struct mtd_info_user)))
723 return -EFAULT;
724 break;
725
726 case MEMERASE:
727 case MEMERASE64:
728 {
729 struct erase_info *erase;
730
731 if(!(file->f_mode & FMODE_WRITE))
732 return -EPERM;
733
734 erase=kzalloc(sizeof(struct erase_info),GFP_KERNEL);
735 if (!erase)
736 ret = -ENOMEM;
737 else {
738 wait_queue_head_t waitq;
739 DECLARE_WAITQUEUE(wait, current);
740
741 init_waitqueue_head(&waitq);
742
743 if (cmd == MEMERASE64) {
744 struct erase_info_user64 einfo64;
745
746 if (copy_from_user(&einfo64, argp,
747 sizeof(struct erase_info_user64))) {
748 kfree(erase);
749 return -EFAULT;
750 }
751 erase->addr = einfo64.start;
752 erase->len = einfo64.length;
753 } else {
754 struct erase_info_user einfo32;
755
756 if (copy_from_user(&einfo32, argp,
757 sizeof(struct erase_info_user))) {
758 kfree(erase);
759 return -EFAULT;
760 }
761 erase->addr = einfo32.start;
762 erase->len = einfo32.length;
763 }
764 erase->mtd = mtd;
765 erase->callback = mtdchar_erase_callback;
766 erase->priv = (unsigned long)&waitq;
767
768 /*
769 FIXME: Allow INTERRUPTIBLE. Which means
770 not having the wait_queue head on the stack.
771
772 If the wq_head is on the stack, and we
773 leave because we got interrupted, then the
774 wq_head is no longer there when the
775 callback routine tries to wake us up.
776 */
777 ret = mtd_erase(mtd, erase);
778 if (!ret) {
779 set_current_state(TASK_UNINTERRUPTIBLE);
780 add_wait_queue(&waitq, &wait);
781 if (erase->state != MTD_ERASE_DONE &&
782 erase->state != MTD_ERASE_FAILED)
783 schedule();
784 remove_wait_queue(&waitq, &wait);
785 set_current_state(TASK_RUNNING);
786
787 ret = (erase->state == MTD_ERASE_FAILED)?-EIO:0;
788 }
789 kfree(erase);
790 }
791 break;
792 }
793
794 case MEMWRITEOOB:
795 {
796 struct mtd_oob_buf buf;
797 struct mtd_oob_buf __user *buf_user = argp;
798
799 /* NOTE: writes return length to buf_user->length */
800 if (copy_from_user(&buf, argp, sizeof(buf)))
801 ret = -EFAULT;
802 else
803 ret = mtdchar_writeoob(file, mtd, buf.start, buf.length,
804 buf.ptr, &buf_user->length);
805 break;
806 }
807
808 case MEMREADOOB:
809 {
810 struct mtd_oob_buf buf;
811 struct mtd_oob_buf __user *buf_user = argp;
812
813 /* NOTE: writes return length to buf_user->start */
814 if (copy_from_user(&buf, argp, sizeof(buf)))
815 ret = -EFAULT;
816 else
817 ret = mtdchar_readoob(file, mtd, buf.start, buf.length,
818 buf.ptr, &buf_user->start);
819 break;
820 }
821
822 case MEMWRITEOOB64:
823 {
824 struct mtd_oob_buf64 buf;
825 struct mtd_oob_buf64 __user *buf_user = argp;
826
827 if (copy_from_user(&buf, argp, sizeof(buf)))
828 ret = -EFAULT;
829 else
830 ret = mtdchar_writeoob(file, mtd, buf.start, buf.length,
831 (void __user *)(uintptr_t)buf.usr_ptr,
832 &buf_user->length);
833 break;
834 }
835
836 case MEMREADOOB64:
837 {
838 struct mtd_oob_buf64 buf;
839 struct mtd_oob_buf64 __user *buf_user = argp;
840
841 if (copy_from_user(&buf, argp, sizeof(buf)))
842 ret = -EFAULT;
843 else
844 ret = mtdchar_readoob(file, mtd, buf.start, buf.length,
845 (void __user *)(uintptr_t)buf.usr_ptr,
846 &buf_user->length);
847 break;
848 }
849
850 case MEMWRITE:
851 {
852 ret = mtdchar_write_ioctl(mtd,
853 (struct mtd_write_req __user *)arg);
854 break;
855 }
856
857 case MEMLOCK:
858 {
859 struct erase_info_user einfo;
860
861 if (copy_from_user(&einfo, argp, sizeof(einfo)))
862 return -EFAULT;
863
864 ret = mtd_lock(mtd, einfo.start, einfo.length);
865 break;
866 }
867
868 case MEMUNLOCK:
869 {
870 struct erase_info_user einfo;
871
872 if (copy_from_user(&einfo, argp, sizeof(einfo)))
873 return -EFAULT;
874
875 ret = mtd_unlock(mtd, einfo.start, einfo.length);
876 break;
877 }
878
879 case MEMISLOCKED:
880 {
881 struct erase_info_user einfo;
882
883 if (copy_from_user(&einfo, argp, sizeof(einfo)))
884 return -EFAULT;
885
886 ret = mtd_is_locked(mtd, einfo.start, einfo.length);
887 break;
888 }
889
890 /* Legacy interface */
891 case MEMGETOOBSEL:
892 {
893 struct nand_oobinfo oi;
894
895 if (!mtd->ooblayout)
896 return -EOPNOTSUPP;
897
898 ret = get_oobinfo(mtd, &oi);
899 if (ret)
900 return ret;
901
902 if (copy_to_user(argp, &oi, sizeof(struct nand_oobinfo)))
903 return -EFAULT;
904 break;
905 }
906
907 case MEMGETBADBLOCK:
908 {
909 loff_t offs;
910
911 if (copy_from_user(&offs, argp, sizeof(loff_t)))
912 return -EFAULT;
913 return mtd_block_isbad(mtd, offs);
914 break;
915 }
916
917 case MEMSETBADBLOCK:
918 {
919 loff_t offs;
920
921 if (copy_from_user(&offs, argp, sizeof(loff_t)))
922 return -EFAULT;
923 return mtd_block_markbad(mtd, offs);
924 break;
925 }
926
927 case OTPSELECT:
928 {
929 int mode;
930 if (copy_from_user(&mode, argp, sizeof(int)))
931 return -EFAULT;
932
933 mfi->mode = MTD_FILE_MODE_NORMAL;
934
935 ret = otp_select_filemode(mfi, mode);
936
937 file->f_pos = 0;
938 break;
939 }
940
941 case OTPGETREGIONCOUNT:
942 case OTPGETREGIONINFO:
943 {
944 struct otp_info *buf = kmalloc(4096, GFP_KERNEL);
945 size_t retlen;
946 if (!buf)
947 return -ENOMEM;
948 switch (mfi->mode) {
949 case MTD_FILE_MODE_OTP_FACTORY:
950 ret = mtd_get_fact_prot_info(mtd, 4096, &retlen, buf);
951 break;
952 case MTD_FILE_MODE_OTP_USER:
953 ret = mtd_get_user_prot_info(mtd, 4096, &retlen, buf);
954 break;
955 default:
956 ret = -EINVAL;
957 break;
958 }
959 if (!ret) {
960 if (cmd == OTPGETREGIONCOUNT) {
961 int nbr = retlen / sizeof(struct otp_info);
962 ret = copy_to_user(argp, &nbr, sizeof(int));
963 } else
964 ret = copy_to_user(argp, buf, retlen);
965 if (ret)
966 ret = -EFAULT;
967 }
968 kfree(buf);
969 break;
970 }
971
972 case OTPLOCK:
973 {
974 struct otp_info oinfo;
975
976 if (mfi->mode != MTD_FILE_MODE_OTP_USER)
977 return -EINVAL;
978 if (copy_from_user(&oinfo, argp, sizeof(oinfo)))
979 return -EFAULT;
980 ret = mtd_lock_user_prot_reg(mtd, oinfo.start, oinfo.length);
981 break;
982 }
983
984 /* This ioctl is being deprecated - it truncates the ECC layout */
985 case ECCGETLAYOUT:
986 {
987 struct nand_ecclayout_user *usrlay;
988
989 if (!mtd->ooblayout)
990 return -EOPNOTSUPP;
991
992 usrlay = kmalloc(sizeof(*usrlay), GFP_KERNEL);
993 if (!usrlay)
994 return -ENOMEM;
995
996 shrink_ecclayout(mtd, usrlay);
997
998 if (copy_to_user(argp, usrlay, sizeof(*usrlay)))
999 ret = -EFAULT;
1000 kfree(usrlay);
1001 break;
1002 }
1003
1004 case ECCGETSTATS:
1005 {
1006 if (copy_to_user(argp, &mtd->ecc_stats,
1007 sizeof(struct mtd_ecc_stats)))
1008 return -EFAULT;
1009 break;
1010 }
1011
1012 case MTDFILEMODE:
1013 {
1014 mfi->mode = 0;
1015
1016 switch(arg) {
1017 case MTD_FILE_MODE_OTP_FACTORY:
1018 case MTD_FILE_MODE_OTP_USER:
1019 ret = otp_select_filemode(mfi, arg);
1020 break;
1021
1022 case MTD_FILE_MODE_RAW:
1023 if (!mtd_has_oob(mtd))
1024 return -EOPNOTSUPP;
1025 mfi->mode = arg;
1026
1027 case MTD_FILE_MODE_NORMAL:
1028 break;
1029 default:
1030 ret = -EINVAL;
1031 }
1032 file->f_pos = 0;
1033 break;
1034 }
1035
1036 case BLKPG:
1037 {
1038 struct blkpg_ioctl_arg __user *blk_arg = argp;
1039 struct blkpg_ioctl_arg a;
1040
1041 if (copy_from_user(&a, blk_arg, sizeof(a)))
1042 ret = -EFAULT;
1043 else
1044 ret = mtdchar_blkpg_ioctl(mtd, &a);
1045 break;
1046 }
1047
1048 case BLKRRPART:
1049 {
1050 /* No reread partition feature. Just return ok */
1051 ret = 0;
1052 break;
1053 }
1054
1055 default:
1056 ret = -ENOTTY;
1057 }
1058
1059 return ret;
1060 } /* memory_ioctl */
1061
1062 static long mtdchar_unlocked_ioctl(struct file *file, u_int cmd, u_long arg)
1063 {
1064 int ret;
1065
1066 mutex_lock(&mtd_mutex);
1067 ret = mtdchar_ioctl(file, cmd, arg);
1068 mutex_unlock(&mtd_mutex);
1069
1070 return ret;
1071 }
1072
1073 #ifdef CONFIG_COMPAT
1074
1075 struct mtd_oob_buf32 {
1076 u_int32_t start;
1077 u_int32_t length;
1078 compat_caddr_t ptr; /* unsigned char* */
1079 };
1080
1081 #define MEMWRITEOOB32 _IOWR('M', 3, struct mtd_oob_buf32)
1082 #define MEMREADOOB32 _IOWR('M', 4, struct mtd_oob_buf32)
1083
1084 static long mtdchar_compat_ioctl(struct file *file, unsigned int cmd,
1085 unsigned long arg)
1086 {
1087 struct mtd_file_info *mfi = file->private_data;
1088 struct mtd_info *mtd = mfi->mtd;
1089 void __user *argp = compat_ptr(arg);
1090 int ret = 0;
1091
1092 mutex_lock(&mtd_mutex);
1093
1094 switch (cmd) {
1095 case MEMWRITEOOB32:
1096 {
1097 struct mtd_oob_buf32 buf;
1098 struct mtd_oob_buf32 __user *buf_user = argp;
1099
1100 if (copy_from_user(&buf, argp, sizeof(buf)))
1101 ret = -EFAULT;
1102 else
1103 ret = mtdchar_writeoob(file, mtd, buf.start,
1104 buf.length, compat_ptr(buf.ptr),
1105 &buf_user->length);
1106 break;
1107 }
1108
1109 case MEMREADOOB32:
1110 {
1111 struct mtd_oob_buf32 buf;
1112 struct mtd_oob_buf32 __user *buf_user = argp;
1113
1114 /* NOTE: writes return length to buf->start */
1115 if (copy_from_user(&buf, argp, sizeof(buf)))
1116 ret = -EFAULT;
1117 else
1118 ret = mtdchar_readoob(file, mtd, buf.start,
1119 buf.length, compat_ptr(buf.ptr),
1120 &buf_user->start);
1121 break;
1122 }
1123
1124 case BLKPG:
1125 {
1126 /* Convert from blkpg_compat_ioctl_arg to blkpg_ioctl_arg */
1127 struct blkpg_compat_ioctl_arg __user *uarg = argp;
1128 struct blkpg_compat_ioctl_arg compat_arg;
1129 struct blkpg_ioctl_arg a;
1130
1131 if (copy_from_user(&compat_arg, uarg, sizeof(compat_arg))) {
1132 ret = -EFAULT;
1133 break;
1134 }
1135
1136 memset(&a, 0, sizeof(a));
1137 a.op = compat_arg.op;
1138 a.flags = compat_arg.flags;
1139 a.datalen = compat_arg.datalen;
1140 a.data = compat_ptr(compat_arg.data);
1141
1142 ret = mtdchar_blkpg_ioctl(mtd, &a);
1143 break;
1144 }
1145
1146 default:
1147 ret = mtdchar_ioctl(file, cmd, (unsigned long)argp);
1148 }
1149
1150 mutex_unlock(&mtd_mutex);
1151
1152 return ret;
1153 }
1154
1155 #endif /* CONFIG_COMPAT */
1156
1157 /*
1158 * try to determine where a shared mapping can be made
1159 * - only supported for NOMMU at the moment (MMU can't doesn't copy private
1160 * mappings)
1161 */
1162 #ifndef CONFIG_MMU
1163 static unsigned long mtdchar_get_unmapped_area(struct file *file,
1164 unsigned long addr,
1165 unsigned long len,
1166 unsigned long pgoff,
1167 unsigned long flags)
1168 {
1169 struct mtd_file_info *mfi = file->private_data;
1170 struct mtd_info *mtd = mfi->mtd;
1171 unsigned long offset;
1172 int ret;
1173
1174 if (addr != 0)
1175 return (unsigned long) -EINVAL;
1176
1177 if (len > mtd->size || pgoff >= (mtd->size >> PAGE_SHIFT))
1178 return (unsigned long) -EINVAL;
1179
1180 offset = pgoff << PAGE_SHIFT;
1181 if (offset > mtd->size - len)
1182 return (unsigned long) -EINVAL;
1183
1184 ret = mtd_get_unmapped_area(mtd, len, offset, flags);
1185 return ret == -EOPNOTSUPP ? -ENODEV : ret;
1186 }
1187
1188 static unsigned mtdchar_mmap_capabilities(struct file *file)
1189 {
1190 struct mtd_file_info *mfi = file->private_data;
1191
1192 return mtd_mmap_capabilities(mfi->mtd);
1193 }
1194 #endif
1195
1196 /*
1197 * set up a mapping for shared memory segments
1198 */
1199 static int mtdchar_mmap(struct file *file, struct vm_area_struct *vma)
1200 {
1201 #ifdef CONFIG_MMU
1202 struct mtd_file_info *mfi = file->private_data;
1203 struct mtd_info *mtd = mfi->mtd;
1204 struct map_info *map = mtd->priv;
1205
1206 /* This is broken because it assumes the MTD device is map-based
1207 and that mtd->priv is a valid struct map_info. It should be
1208 replaced with something that uses the mtd_get_unmapped_area()
1209 operation properly. */
1210 if (0 /*mtd->type == MTD_RAM || mtd->type == MTD_ROM*/) {
1211 #ifdef pgprot_noncached
1212 if (file->f_flags & O_DSYNC || map->phys >= __pa(high_memory))
1213 vma->vm_page_prot = pgprot_noncached(vma->vm_page_prot);
1214 #endif
1215 return vm_iomap_memory(vma, map->phys, map->size);
1216 }
1217 return -ENODEV;
1218 #else
1219 return vma->vm_flags & VM_SHARED ? 0 : -EACCES;
1220 #endif
1221 }
1222
1223 static const struct file_operations mtd_fops = {
1224 .owner = THIS_MODULE,
1225 .llseek = mtdchar_lseek,
1226 .read = mtdchar_read,
1227 .write = mtdchar_write,
1228 .unlocked_ioctl = mtdchar_unlocked_ioctl,
1229 #ifdef CONFIG_COMPAT
1230 .compat_ioctl = mtdchar_compat_ioctl,
1231 #endif
1232 .open = mtdchar_open,
1233 .release = mtdchar_close,
1234 .mmap = mtdchar_mmap,
1235 #ifndef CONFIG_MMU
1236 .get_unmapped_area = mtdchar_get_unmapped_area,
1237 .mmap_capabilities = mtdchar_mmap_capabilities,
1238 #endif
1239 };
1240
1241 int __init init_mtdchar(void)
1242 {
1243 int ret;
1244
1245 ret = __register_chrdev(MTD_CHAR_MAJOR, 0, 1 << MINORBITS,
1246 "mtd", &mtd_fops);
1247 if (ret < 0) {
1248 pr_err("Can't allocate major number %d for MTD\n",
1249 MTD_CHAR_MAJOR);
1250 return ret;
1251 }
1252
1253 return ret;
1254 }
1255
1256 void __exit cleanup_mtdchar(void)
1257 {
1258 __unregister_chrdev(MTD_CHAR_MAJOR, 0, 1 << MINORBITS, "mtd");
1259 }
1260
1261 MODULE_ALIAS_CHARDEV_MAJOR(MTD_CHAR_MAJOR);