Staging: HTC Dream: add smd code
authorBrian Swetland <swetland@google.com>
Fri, 17 Jul 2009 11:08:15 +0000 (13:08 +0200)
committerGreg Kroah-Hartman <gregkh@suse.de>
Tue, 15 Sep 2009 19:01:42 +0000 (12:01 -0700)
Infrastructure to support the Qualcomm "shared memory driver"
interface, used to communicate with the baseband processor on MSM7k
SoCs.  The smd core provides low level facilities to interact with the
shared memory comms region, and a "virtual serial channel" interface
that higher level transports (AT command channel, rmnet virtual
ethernet, qmi network management protocol, and oncrpc, for example)
are routed over.

Signed-off-by: Pavel Machek <pavel@ucw.cz>
Cc: Brian Swetland <swetland@google.com>
Cc: Iliyan Malchev <ibm@android.com>
Cc: San Mehat <san@android.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
drivers/staging/dream/smd/smd.c [new file with mode: 0644]
drivers/staging/dream/smd/smd_private.h [new file with mode: 0644]
drivers/staging/dream/smd/smd_qmi.c [new file with mode: 0644]
drivers/staging/dream/smd/smd_tty.c [new file with mode: 0644]

diff --git a/drivers/staging/dream/smd/smd.c b/drivers/staging/dream/smd/smd.c
new file mode 100644 (file)
index 0000000..8f35be7
--- /dev/null
@@ -0,0 +1,1330 @@
+/* arch/arm/mach-msm/smd.c
+ *
+ * Copyright (C) 2007 Google, Inc.
+ * Author: Brian Swetland <swetland@google.com>
+ *
+ * This software is licensed under the terms of the GNU General Public
+ * License version 2, as published by the Free Software Foundation, and
+ * may be copied, distributed, and modified under those terms.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ */
+
+#include <linux/platform_device.h>
+#include <linux/module.h>
+#include <linux/fs.h>
+#include <linux/cdev.h>
+#include <linux/device.h>
+#include <linux/wait.h>
+#include <linux/interrupt.h>
+#include <linux/irq.h>
+#include <linux/list.h>
+#include <linux/slab.h>
+#include <linux/debugfs.h>
+#include <linux/delay.h>
+#include <linux/io.h>
+
+#include <mach/msm_smd.h>
+#include <mach/msm_iomap.h>
+#include <mach/system.h>
+
+#include "smd_private.h"
+#include "../../../../arch/arm/mach-msm/proc_comm.h"
+
+void (*msm_hw_reset_hook)(void);
+
+#define MODULE_NAME "msm_smd"
+
+enum {
+       MSM_SMD_DEBUG = 1U << 0,
+       MSM_SMSM_DEBUG = 1U << 0,
+};
+
+static int msm_smd_debug_mask;
+
+module_param_named(debug_mask, msm_smd_debug_mask,
+                  int, S_IRUGO | S_IWUSR | S_IWGRP);
+
+void *smem_find(unsigned id, unsigned size);
+static void smd_diag(void);
+
+static unsigned last_heap_free = 0xffffffff;
+
+#define MSM_A2M_INT(n) (MSM_CSR_BASE + 0x400 + (n) * 4)
+
+static inline void notify_other_smsm(void)
+{
+       writel(1, MSM_A2M_INT(5));
+}
+
+static inline void notify_other_smd(void)
+{
+       writel(1, MSM_A2M_INT(0));
+}
+
+static void smd_diag(void)
+{
+       char *x;
+
+       x = smem_find(ID_DIAG_ERR_MSG, SZ_DIAG_ERR_MSG);
+       if (x != 0) {
+               x[SZ_DIAG_ERR_MSG - 1] = 0;
+               pr_info("smem: DIAG '%s'\n", x);
+       }
+}
+
+/* call when SMSM_RESET flag is set in the A9's smsm_state */
+static void handle_modem_crash(void)
+{
+       pr_err("ARM9 has CRASHED\n");
+       smd_diag();
+
+       /* hard reboot if possible */
+       if (msm_hw_reset_hook)
+               msm_hw_reset_hook();
+
+       /* in this case the modem or watchdog should reboot us */
+       for (;;)
+               ;
+}
+
+extern int (*msm_check_for_modem_crash)(void);
+
+static int check_for_modem_crash(void)
+{
+       struct smsm_shared *smsm;
+
+       smsm = smem_find(ID_SHARED_STATE, 2 * sizeof(struct smsm_shared));
+
+       /* if the modem's not ready yet, we have to hope for the best */
+       if (!smsm)
+               return 0;
+
+       if (smsm[1].state & SMSM_RESET) {
+               handle_modem_crash();
+               return -1;
+       } else {
+               return 0;
+       }
+}
+
+#define SMD_SS_CLOSED            0x00000000
+#define SMD_SS_OPENING           0x00000001
+#define SMD_SS_OPENED            0x00000002
+#define SMD_SS_FLUSHING          0x00000003
+#define SMD_SS_CLOSING           0x00000004
+#define SMD_SS_RESET             0x00000005
+#define SMD_SS_RESET_OPENING     0x00000006
+
+#define SMD_BUF_SIZE 8192
+#define SMD_CHANNELS 64
+
+#define SMD_HEADER_SIZE 20
+
+
+/* the spinlock is used to synchronize between the
+** irq handler and code that mutates the channel
+** list or fiddles with channel state
+*/
+static DEFINE_SPINLOCK(smd_lock);
+static DEFINE_SPINLOCK(smem_lock);
+
+/* the mutex is used during open() and close()
+** operations to avoid races while creating or
+** destroying smd_channel structures
+*/
+static DEFINE_MUTEX(smd_creation_mutex);
+
+static int smd_initialized;
+
+struct smd_alloc_elm {
+       char name[20];
+       uint32_t cid;
+       uint32_t ctype;
+       uint32_t ref_count;
+};
+
+struct smd_half_channel {
+       unsigned state;
+       unsigned char fDSR;
+       unsigned char fCTS;
+       unsigned char fCD;
+       unsigned char fRI;
+       unsigned char fHEAD;
+       unsigned char fTAIL;
+       unsigned char fSTATE;
+       unsigned char fUNUSED;
+       unsigned tail;
+       unsigned head;
+       unsigned char data[SMD_BUF_SIZE];
+};
+
+struct smd_shared {
+       struct smd_half_channel ch0;
+       struct smd_half_channel ch1;
+};
+
+struct smd_channel {
+       volatile struct smd_half_channel *send;
+       volatile struct smd_half_channel *recv;
+       struct list_head ch_list;
+
+       unsigned current_packet;
+       unsigned n;
+       void *priv;
+       void (*notify)(void *priv, unsigned flags);
+
+       int (*read)(smd_channel_t *ch, void *data, int len);
+       int (*write)(smd_channel_t *ch, const void *data, int len);
+       int (*read_avail)(smd_channel_t *ch);
+       int (*write_avail)(smd_channel_t *ch);
+
+       void (*update_state)(smd_channel_t *ch);
+       unsigned last_state;
+
+       char name[32];
+       struct platform_device pdev;
+};
+
+static LIST_HEAD(smd_ch_closed_list);
+static LIST_HEAD(smd_ch_list);
+
+static unsigned char smd_ch_allocated[64];
+static struct work_struct probe_work;
+
+static void smd_alloc_channel(const char *name, uint32_t cid, uint32_t type);
+
+static void smd_channel_probe_worker(struct work_struct *work)
+{
+       struct smd_alloc_elm *shared;
+       unsigned n;
+
+       shared = smem_find(ID_CH_ALLOC_TBL, sizeof(*shared) * 64);
+
+       for (n = 0; n < 64; n++) {
+               if (smd_ch_allocated[n])
+                       continue;
+               if (!shared[n].ref_count)
+                       continue;
+               if (!shared[n].name[0])
+                       continue;
+               smd_alloc_channel(shared[n].name,
+                                 shared[n].cid,
+                                 shared[n].ctype);
+               smd_ch_allocated[n] = 1;
+       }
+}
+
+static char *chstate(unsigned n)
+{
+       switch (n) {
+       case SMD_SS_CLOSED:
+               return "CLOSED";
+       case SMD_SS_OPENING:
+               return "OPENING";
+       case SMD_SS_OPENED:
+               return "OPENED";
+       case SMD_SS_FLUSHING:
+               return "FLUSHING";
+       case SMD_SS_CLOSING:
+               return "CLOSING";
+       case SMD_SS_RESET:
+               return "RESET";
+       case SMD_SS_RESET_OPENING:
+               return "ROPENING";
+       default:
+               return "UNKNOWN";
+       }
+}
+
+/* how many bytes are available for reading */
+static int smd_stream_read_avail(struct smd_channel *ch)
+{
+       return (ch->recv->head - ch->recv->tail) & (SMD_BUF_SIZE - 1);
+}
+
+/* how many bytes we are free to write */
+static int smd_stream_write_avail(struct smd_channel *ch)
+{
+       return (SMD_BUF_SIZE - 1) -
+               ((ch->send->head - ch->send->tail) & (SMD_BUF_SIZE - 1));
+}
+
+static int smd_packet_read_avail(struct smd_channel *ch)
+{
+       if (ch->current_packet) {
+               int n = smd_stream_read_avail(ch);
+               if (n > ch->current_packet)
+                       n = ch->current_packet;
+               return n;
+       } else {
+               return 0;
+       }
+}
+
+static int smd_packet_write_avail(struct smd_channel *ch)
+{
+       int n = smd_stream_write_avail(ch);
+       return n > SMD_HEADER_SIZE ? n - SMD_HEADER_SIZE : 0;
+}
+
+static int ch_is_open(struct smd_channel *ch)
+{
+       return (ch->recv->state == SMD_SS_OPENED) &&
+               (ch->send->state == SMD_SS_OPENED);
+}
+
+/* provide a pointer and length to readable data in the fifo */
+static unsigned ch_read_buffer(struct smd_channel *ch, void **ptr)
+{
+       unsigned head = ch->recv->head;
+       unsigned tail = ch->recv->tail;
+       *ptr = (void *) (ch->recv->data + tail);
+
+       if (tail <= head)
+               return head - tail;
+       else
+               return SMD_BUF_SIZE - tail;
+}
+
+/* advance the fifo read pointer after data from ch_read_buffer is consumed */
+static void ch_read_done(struct smd_channel *ch, unsigned count)
+{
+       BUG_ON(count > smd_stream_read_avail(ch));
+       ch->recv->tail = (ch->recv->tail + count) & (SMD_BUF_SIZE - 1);
+       ch->recv->fTAIL = 1;
+}
+
+/* basic read interface to ch_read_{buffer,done} used
+** by smd_*_read() and update_packet_state()
+** will read-and-discard if the _data pointer is null
+*/
+static int ch_read(struct smd_channel *ch, void *_data, int len)
+{
+       void *ptr;
+       unsigned n;
+       unsigned char *data = _data;
+       int orig_len = len;
+
+       while (len > 0) {
+               n = ch_read_buffer(ch, &ptr);
+               if (n == 0)
+                       break;
+
+               if (n > len)
+                       n = len;
+               if (_data)
+                       memcpy(data, ptr, n);
+
+               data += n;
+               len -= n;
+               ch_read_done(ch, n);
+       }
+
+       return orig_len - len;
+}
+
+static void update_stream_state(struct smd_channel *ch)
+{
+       /* streams have no special state requiring updating */
+}
+
+static void update_packet_state(struct smd_channel *ch)
+{
+       unsigned hdr[5];
+       int r;
+
+       /* can't do anything if we're in the middle of a packet */
+       if (ch->current_packet != 0)
+               return;
+
+       /* don't bother unless we can get the full header */
+       if (smd_stream_read_avail(ch) < SMD_HEADER_SIZE)
+               return;
+
+       r = ch_read(ch, hdr, SMD_HEADER_SIZE);
+       BUG_ON(r != SMD_HEADER_SIZE);
+
+       ch->current_packet = hdr[0];
+}
+
+/* provide a pointer and length to next free space in the fifo */
+static unsigned ch_write_buffer(struct smd_channel *ch, void **ptr)
+{
+       unsigned head = ch->send->head;
+       unsigned tail = ch->send->tail;
+       *ptr = (void *) (ch->send->data + head);
+
+       if (head < tail) {
+               return tail - head - 1;
+       } else {
+               if (tail == 0)
+                       return SMD_BUF_SIZE - head - 1;
+               else
+                       return SMD_BUF_SIZE - head;
+       }
+}
+
+/* advace the fifo write pointer after freespace
+ * from ch_write_buffer is filled
+ */
+static void ch_write_done(struct smd_channel *ch, unsigned count)
+{
+       BUG_ON(count > smd_stream_write_avail(ch));
+       ch->send->head = (ch->send->head + count) & (SMD_BUF_SIZE - 1);
+       ch->send->fHEAD = 1;
+}
+
+static void hc_set_state(volatile struct smd_half_channel *hc, unsigned n)
+{
+       if (n == SMD_SS_OPENED) {
+               hc->fDSR = 1;
+               hc->fCTS = 1;
+               hc->fCD = 1;
+       } else {
+               hc->fDSR = 0;
+               hc->fCTS = 0;
+               hc->fCD = 0;
+       }
+       hc->state = n;
+       hc->fSTATE = 1;
+       notify_other_smd();
+}
+
+static void do_smd_probe(void)
+{
+       struct smem_shared *shared = (void *) MSM_SHARED_RAM_BASE;
+       if (shared->heap_info.free_offset != last_heap_free) {
+               last_heap_free = shared->heap_info.free_offset;
+               schedule_work(&probe_work);
+       }
+}
+
+static void smd_state_change(struct smd_channel *ch,
+                            unsigned last, unsigned next)
+{
+       ch->last_state = next;
+
+       pr_info("SMD: ch %d %s -> %s\n", ch->n,
+               chstate(last), chstate(next));
+
+       switch (next) {
+       case SMD_SS_OPENING:
+               ch->recv->tail = 0;
+       case SMD_SS_OPENED:
+               if (ch->send->state != SMD_SS_OPENED)
+                       hc_set_state(ch->send, SMD_SS_OPENED);
+               ch->notify(ch->priv, SMD_EVENT_OPEN);
+               break;
+       case SMD_SS_FLUSHING:
+       case SMD_SS_RESET:
+               /* we should force them to close? */
+       default:
+               ch->notify(ch->priv, SMD_EVENT_CLOSE);
+       }
+}
+
+static irqreturn_t smd_irq_handler(int irq, void *data)
+{
+       unsigned long flags;
+       struct smd_channel *ch;
+       int do_notify = 0;
+       unsigned ch_flags;
+       unsigned tmp;
+
+       spin_lock_irqsave(&smd_lock, flags);
+       list_for_each_entry(ch, &smd_ch_list, ch_list) {
+               ch_flags = 0;
+               if (ch_is_open(ch)) {
+                       if (ch->recv->fHEAD) {
+                               ch->recv->fHEAD = 0;
+                               ch_flags |= 1;
+                               do_notify |= 1;
+                       }
+                       if (ch->recv->fTAIL) {
+                               ch->recv->fTAIL = 0;
+                               ch_flags |= 2;
+                               do_notify |= 1;
+                       }
+                       if (ch->recv->fSTATE) {
+                               ch->recv->fSTATE = 0;
+                               ch_flags |= 4;
+                               do_notify |= 1;
+                       }
+               }
+               tmp = ch->recv->state;
+               if (tmp != ch->last_state)
+                       smd_state_change(ch, ch->last_state, tmp);
+               if (ch_flags) {
+                       ch->update_state(ch);
+                       ch->notify(ch->priv, SMD_EVENT_DATA);
+               }
+       }
+       if (do_notify)
+               notify_other_smd();
+       spin_unlock_irqrestore(&smd_lock, flags);
+       do_smd_probe();
+       return IRQ_HANDLED;
+}
+
+static void smd_fake_irq_handler(unsigned long arg)
+{
+       smd_irq_handler(0, NULL);
+}
+
+static DECLARE_TASKLET(smd_fake_irq_tasklet, smd_fake_irq_handler, 0);
+
+void smd_sleep_exit(void)
+{
+       unsigned long flags;
+       struct smd_channel *ch;
+       unsigned tmp;
+       int need_int = 0;
+
+       spin_lock_irqsave(&smd_lock, flags);
+       list_for_each_entry(ch, &smd_ch_list, ch_list) {
+               if (ch_is_open(ch)) {
+                       if (ch->recv->fHEAD) {
+                               if (msm_smd_debug_mask & MSM_SMD_DEBUG)
+                                       pr_info("smd_sleep_exit ch %d fHEAD "
+                                               "%x %x %x\n",
+                                               ch->n, ch->recv->fHEAD,
+                                               ch->recv->head, ch->recv->tail);
+                               need_int = 1;
+                               break;
+                       }
+                       if (ch->recv->fTAIL) {
+                               if (msm_smd_debug_mask & MSM_SMD_DEBUG)
+                                       pr_info("smd_sleep_exit ch %d fTAIL "
+                                               "%x %x %x\n",
+                                               ch->n, ch->recv->fTAIL,
+                                               ch->send->head, ch->send->tail);
+                               need_int = 1;
+                               break;
+                       }
+                       if (ch->recv->fSTATE) {
+                               if (msm_smd_debug_mask & MSM_SMD_DEBUG)
+                                       pr_info("smd_sleep_exit ch %d fSTATE %x"
+                                               "\n", ch->n, ch->recv->fSTATE);
+                               need_int = 1;
+                               break;
+                       }
+                       tmp = ch->recv->state;
+                       if (tmp != ch->last_state) {
+                               if (msm_smd_debug_mask & MSM_SMD_DEBUG)
+                                       pr_info("smd_sleep_exit ch %d "
+                                               "state %x != %x\n",
+                                               ch->n, tmp, ch->last_state);
+                               need_int = 1;
+                               break;
+                       }
+               }
+       }
+       spin_unlock_irqrestore(&smd_lock, flags);
+       do_smd_probe();
+       if (need_int) {
+               if (msm_smd_debug_mask & MSM_SMD_DEBUG)
+                       pr_info("smd_sleep_exit need interrupt\n");
+               tasklet_schedule(&smd_fake_irq_tasklet);
+       }
+}
+
+
+void smd_kick(smd_channel_t *ch)
+{
+       unsigned long flags;
+       unsigned tmp;
+
+       spin_lock_irqsave(&smd_lock, flags);
+       ch->update_state(ch);
+       tmp = ch->recv->state;
+       if (tmp != ch->last_state) {
+               ch->last_state = tmp;
+               if (tmp == SMD_SS_OPENED)
+                       ch->notify(ch->priv, SMD_EVENT_OPEN);
+               else
+                       ch->notify(ch->priv, SMD_EVENT_CLOSE);
+       }
+       ch->notify(ch->priv, SMD_EVENT_DATA);
+       notify_other_smd();
+       spin_unlock_irqrestore(&smd_lock, flags);
+}
+
+static int smd_is_packet(int chn)
+{
+       if ((chn > 4) || (chn == 1))
+               return 1;
+       else
+               return 0;
+}
+
+static int smd_stream_write(smd_channel_t *ch, const void *_data, int len)
+{
+       void *ptr;
+       const unsigned char *buf = _data;
+       unsigned xfer;
+       int orig_len = len;
+
+       if (len < 0)
+               return -EINVAL;
+
+       while ((xfer = ch_write_buffer(ch, &ptr)) != 0) {
+               if (!ch_is_open(ch))
+                       break;
+               if (xfer > len)
+                       xfer = len;
+               memcpy(ptr, buf, xfer);
+               ch_write_done(ch, xfer);
+               len -= xfer;
+               buf += xfer;
+               if (len == 0)
+                       break;
+       }
+
+       notify_other_smd();
+
+       return orig_len - len;
+}
+
+static int smd_packet_write(smd_channel_t *ch, const void *_data, int len)
+{
+       unsigned hdr[5];
+
+       if (len < 0)
+               return -EINVAL;
+
+       if (smd_stream_write_avail(ch) < (len + SMD_HEADER_SIZE))
+               return -ENOMEM;
+
+       hdr[0] = len;
+       hdr[1] = hdr[2] = hdr[3] = hdr[4] = 0;
+
+       smd_stream_write(ch, hdr, sizeof(hdr));
+       smd_stream_write(ch, _data, len);
+
+       return len;
+}
+
+static int smd_stream_read(smd_channel_t *ch, void *data, int len)
+{
+       int r;
+
+       if (len < 0)
+               return -EINVAL;
+
+       r = ch_read(ch, data, len);
+       if (r > 0)
+               notify_other_smd();
+
+       return r;
+}
+
+static int smd_packet_read(smd_channel_t *ch, void *data, int len)
+{
+       unsigned long flags;
+       int r;
+
+       if (len < 0)
+               return -EINVAL;
+
+       if (len > ch->current_packet)
+               len = ch->current_packet;
+
+       r = ch_read(ch, data, len);
+       if (r > 0)
+               notify_other_smd();
+
+       spin_lock_irqsave(&smd_lock, flags);
+       ch->current_packet -= r;
+       update_packet_state(ch);
+       spin_unlock_irqrestore(&smd_lock, flags);
+
+       return r;
+}
+
+static void smd_alloc_channel(const char *name, uint32_t cid, uint32_t type)
+{
+       struct smd_channel *ch;
+       struct smd_shared *shared;
+
+       shared = smem_alloc(ID_SMD_CHANNELS + cid, sizeof(*shared));
+       if (!shared) {
+               pr_err("smd_alloc_channel() cid %d does not exist\n", cid);
+               return;
+       }
+
+       ch = kzalloc(sizeof(struct smd_channel), GFP_KERNEL);
+       if (ch == 0) {
+               pr_err("smd_alloc_channel() out of memory\n");
+               return;
+       }
+
+       ch->send = &shared->ch0;
+       ch->recv = &shared->ch1;
+       ch->n = cid;
+
+       if (smd_is_packet(cid)) {
+               ch->read = smd_packet_read;
+               ch->write = smd_packet_write;
+               ch->read_avail = smd_packet_read_avail;
+               ch->write_avail = smd_packet_write_avail;
+               ch->update_state = update_packet_state;
+       } else {
+               ch->read = smd_stream_read;
+               ch->write = smd_stream_write;
+               ch->read_avail = smd_stream_read_avail;
+               ch->write_avail = smd_stream_write_avail;
+               ch->update_state = update_stream_state;
+       }
+
+       memcpy(ch->name, "SMD_", 4);
+       memcpy(ch->name + 4, name, 20);
+       ch->name[23] = 0;
+       ch->pdev.name = ch->name;
+       ch->pdev.id = -1;
+
+       pr_info("smd_alloc_channel() '%s' cid=%d, shared=%p\n",
+               ch->name, ch->n, shared);
+
+       mutex_lock(&smd_creation_mutex);
+       list_add(&ch->ch_list, &smd_ch_closed_list);
+       mutex_unlock(&smd_creation_mutex);
+
+       platform_device_register(&ch->pdev);
+}
+
+static void do_nothing_notify(void *priv, unsigned flags)
+{
+}
+
+struct smd_channel *smd_get_channel(const char *name)
+{
+       struct smd_channel *ch;
+
+       mutex_lock(&smd_creation_mutex);
+       list_for_each_entry(ch, &smd_ch_closed_list, ch_list) {
+               if (!strcmp(name, ch->name)) {
+                       list_del(&ch->ch_list);
+                       mutex_unlock(&smd_creation_mutex);
+                       return ch;
+               }
+       }
+       mutex_unlock(&smd_creation_mutex);
+
+       return NULL;
+}
+
+int smd_open(const char *name, smd_channel_t **_ch,
+            void *priv, void (*notify)(void *, unsigned))
+{
+       struct smd_channel *ch;
+       unsigned long flags;
+
+       if (smd_initialized == 0) {
+               pr_info("smd_open() before smd_init()\n");
+               return -ENODEV;
+       }
+
+       ch = smd_get_channel(name);
+       if (!ch)
+               return -ENODEV;
+
+       if (notify == 0)
+               notify = do_nothing_notify;
+
+       ch->notify = notify;
+       ch->current_packet = 0;
+       ch->last_state = SMD_SS_CLOSED;
+       ch->priv = priv;
+
+       *_ch = ch;
+
+       spin_lock_irqsave(&smd_lock, flags);
+       list_add(&ch->ch_list, &smd_ch_list);
+
+       /* If the remote side is CLOSING, we need to get it to
+        * move to OPENING (which we'll do by moving from CLOSED to
+        * OPENING) and then get it to move from OPENING to
+        * OPENED (by doing the same state change ourselves).
+        *
+        * Otherwise, it should be OPENING and we can move directly
+        * to OPENED so that it will follow.
+        */
+       if (ch->recv->state == SMD_SS_CLOSING) {
+               ch->send->head = 0;
+               hc_set_state(ch->send, SMD_SS_OPENING);
+       } else {
+               hc_set_state(ch->send, SMD_SS_OPENED);
+       }
+       spin_unlock_irqrestore(&smd_lock, flags);
+       smd_kick(ch);
+
+       return 0;
+}
+
+int smd_close(smd_channel_t *ch)
+{
+       unsigned long flags;
+
+       pr_info("smd_close(%p)\n", ch);
+
+       if (ch == 0)
+               return -1;
+
+       spin_lock_irqsave(&smd_lock, flags);
+       ch->notify = do_nothing_notify;
+       list_del(&ch->ch_list);
+       hc_set_state(ch->send, SMD_SS_CLOSED);
+       spin_unlock_irqrestore(&smd_lock, flags);
+
+       mutex_lock(&smd_creation_mutex);
+       list_add(&ch->ch_list, &smd_ch_closed_list);
+       mutex_unlock(&smd_creation_mutex);
+
+       return 0;
+}
+
+int smd_read(smd_channel_t *ch, void *data, int len)
+{
+       return ch->read(ch, data, len);
+}
+
+int smd_write(smd_channel_t *ch, const void *data, int len)
+{
+       return ch->write(ch, data, len);
+}
+
+int smd_read_avail(smd_channel_t *ch)
+{
+       return ch->read_avail(ch);
+}
+
+int smd_write_avail(smd_channel_t *ch)
+{
+       return ch->write_avail(ch);
+}
+
+int smd_wait_until_readable(smd_channel_t *ch, int bytes)
+{
+       return -1;
+}
+
+int smd_wait_until_writable(smd_channel_t *ch, int bytes)
+{
+       return -1;
+}
+
+int smd_cur_packet_size(smd_channel_t *ch)
+{
+       return ch->current_packet;
+}
+
+
+/* ------------------------------------------------------------------------- */
+
+void *smem_alloc(unsigned id, unsigned size)
+{
+       return smem_find(id, size);
+}
+
+static void *_smem_find(unsigned id, unsigned *size)
+{
+       struct smem_shared *shared = (void *) MSM_SHARED_RAM_BASE;
+       struct smem_heap_entry *toc = shared->heap_toc;
+
+       if (id >= SMEM_NUM_ITEMS)
+               return 0;
+
+       if (toc[id].allocated) {
+               *size = toc[id].size;
+               return (void *) (MSM_SHARED_RAM_BASE + toc[id].offset);
+       }
+
+       return 0;
+}
+
+void *smem_find(unsigned id, unsigned size_in)
+{
+       unsigned size;
+       void *ptr;
+
+       ptr = _smem_find(id, &size);
+       if (!ptr)
+               return 0;
+
+       size_in = ALIGN(size_in, 8);
+       if (size_in != size) {
+               pr_err("smem_find(%d, %d): wrong size %d\n",
+                      id, size_in, size);
+               return 0;
+       }
+
+       return ptr;
+}
+
+static irqreturn_t smsm_irq_handler(int irq, void *data)
+{
+       unsigned long flags;
+       struct smsm_shared *smsm;
+
+       spin_lock_irqsave(&smem_lock, flags);
+       smsm = smem_alloc(ID_SHARED_STATE,
+                         2 * sizeof(struct smsm_shared));
+
+       if (smsm == 0) {
+               pr_info("<SM NO STATE>\n");
+       } else {
+               unsigned apps = smsm[0].state;
+               unsigned modm = smsm[1].state;
+
+               if (msm_smd_debug_mask & MSM_SMSM_DEBUG)
+                       pr_info("<SM %08x %08x>\n", apps, modm);
+               if (modm & SMSM_RESET) {
+                       handle_modem_crash();
+               } else {
+                       apps |= SMSM_INIT;
+                       if (modm & SMSM_SMDINIT)
+                               apps |= SMSM_SMDINIT;
+                       if (modm & SMSM_RPCINIT)
+                               apps |= SMSM_RPCINIT;
+               }
+
+               if (smsm[0].state != apps) {
+                       if (msm_smd_debug_mask & MSM_SMSM_DEBUG)
+                               pr_info("<SM %08x NOTIFY>\n", apps);
+                       smsm[0].state = apps;
+                       do_smd_probe();
+                       notify_other_smsm();
+               }
+       }
+       spin_unlock_irqrestore(&smem_lock, flags);
+       return IRQ_HANDLED;
+}
+
+int smsm_change_state(uint32_t clear_mask, uint32_t set_mask)
+{
+       unsigned long flags;
+       struct smsm_shared *smsm;
+
+       spin_lock_irqsave(&smem_lock, flags);
+
+       smsm = smem_alloc(ID_SHARED_STATE,
+                         2 * sizeof(struct smsm_shared));
+
+       if (smsm) {
+               if (smsm[1].state & SMSM_RESET)
+                       handle_modem_crash();
+               smsm[0].state = (smsm[0].state & ~clear_mask) | set_mask;
+               if (msm_smd_debug_mask & MSM_SMSM_DEBUG)
+                       pr_info("smsm_change_state %x\n",
+                              smsm[0].state);
+               notify_other_smsm();
+       }
+
+       spin_unlock_irqrestore(&smem_lock, flags);
+
+       if (smsm == NULL) {
+               pr_err("smsm_change_state <SM NO STATE>\n");
+               return -EIO;
+       }
+       return 0;
+}
+
+uint32_t smsm_get_state(void)
+{
+       unsigned long flags;
+       struct smsm_shared *smsm;
+       uint32_t rv;
+
+       spin_lock_irqsave(&smem_lock, flags);
+
+       smsm = smem_alloc(ID_SHARED_STATE,
+                         2 * sizeof(struct smsm_shared));
+
+       if (smsm)
+               rv = smsm[1].state;
+       else
+               rv = 0;
+
+       if (rv & SMSM_RESET)
+               handle_modem_crash();
+
+       spin_unlock_irqrestore(&smem_lock, flags);
+
+       if (smsm == NULL)
+               pr_err("smsm_get_state <SM NO STATE>\n");
+       return rv;
+}
+
+int smsm_set_sleep_duration(uint32_t delay)
+{
+       uint32_t *ptr;
+
+       ptr = smem_alloc(SMEM_SMSM_SLEEP_DELAY, sizeof(*ptr));
+       if (ptr == NULL) {
+               pr_err("smsm_set_sleep_duration <SM NO SLEEP_DELAY>\n");
+               return -EIO;
+       }
+       if (msm_smd_debug_mask & MSM_SMSM_DEBUG)
+               pr_info("smsm_set_sleep_duration %d -> %d\n",
+                      *ptr, delay);
+       *ptr = delay;
+       return 0;
+}
+
+int smsm_set_interrupt_info(struct smsm_interrupt_info *info)
+{
+       struct smsm_interrupt_info *ptr;
+
+       ptr = smem_alloc(SMEM_SMSM_INT_INFO, sizeof(*ptr));
+       if (ptr == NULL) {
+               pr_err("smsm_set_sleep_duration <SM NO INT_INFO>\n");
+               return -EIO;
+       }
+       if (msm_smd_debug_mask & MSM_SMSM_DEBUG)
+               pr_info("smsm_set_interrupt_info %x %x -> %x %x\n",
+                      ptr->aArm_en_mask, ptr->aArm_interrupts_pending,
+                      info->aArm_en_mask, info->aArm_interrupts_pending);
+       *ptr = *info;
+       return 0;
+}
+
+#define MAX_NUM_SLEEP_CLIENTS          64
+#define MAX_SLEEP_NAME_LEN             8
+
+#define NUM_GPIO_INT_REGISTERS         6
+#define GPIO_SMEM_NUM_GROUPS           2
+#define GPIO_SMEM_MAX_PC_INTERRUPTS    8
+
+struct tramp_gpio_save {
+       unsigned int enable;
+       unsigned int detect;
+       unsigned int polarity;
+};
+
+struct tramp_gpio_smem {
+       uint16_t num_fired[GPIO_SMEM_NUM_GROUPS];
+       uint16_t fired[GPIO_SMEM_NUM_GROUPS][GPIO_SMEM_MAX_PC_INTERRUPTS];
+       uint32_t enabled[NUM_GPIO_INT_REGISTERS];
+       uint32_t detection[NUM_GPIO_INT_REGISTERS];
+       uint32_t polarity[NUM_GPIO_INT_REGISTERS];
+};
+
+
+void smsm_print_sleep_info(void)
+{
+       unsigned long flags;
+       uint32_t *ptr;
+       struct tramp_gpio_smem *gpio;
+       struct smsm_interrupt_info *int_info;
+
+
+       spin_lock_irqsave(&smem_lock, flags);
+
+       ptr = smem_alloc(SMEM_SMSM_SLEEP_DELAY, sizeof(*ptr));
+       if (ptr)
+               pr_info("SMEM_SMSM_SLEEP_DELAY: %x\n", *ptr);
+
+       ptr = smem_alloc(SMEM_SMSM_LIMIT_SLEEP, sizeof(*ptr));
+       if (ptr)
+               pr_info("SMEM_SMSM_LIMIT_SLEEP: %x\n", *ptr);
+
+       ptr = smem_alloc(SMEM_SLEEP_POWER_COLLAPSE_DISABLED, sizeof(*ptr));
+       if (ptr)
+               pr_info("SMEM_SLEEP_POWER_COLLAPSE_DISABLED: %x\n", *ptr);
+
+       int_info = smem_alloc(SMEM_SMSM_INT_INFO, sizeof(*int_info));
+       if (int_info)
+               pr_info("SMEM_SMSM_INT_INFO %x %x %x\n",
+                       int_info->aArm_en_mask,
+                       int_info->aArm_interrupts_pending,
+                       int_info->aArm_wakeup_reason);
+
+       gpio = smem_alloc(SMEM_GPIO_INT, sizeof(*gpio));
+       if (gpio) {
+               int i;
+               for (i = 0; i < NUM_GPIO_INT_REGISTERS; i++)
+                       pr_info("SMEM_GPIO_INT: %d: e %x d %x p %x\n",
+                               i, gpio->enabled[i], gpio->detection[i],
+                               gpio->polarity[i]);
+
+               for (i = 0; i < GPIO_SMEM_NUM_GROUPS; i++)
+                       pr_info("SMEM_GPIO_INT: %d: f %d: %d %d...\n",
+                               i, gpio->num_fired[i], gpio->fired[i][0],
+                               gpio->fired[i][1]);
+       }
+
+       spin_unlock_irqrestore(&smem_lock, flags);
+}
+
+int smd_core_init(void)
+{
+       int r;
+       pr_info("smd_core_init()\n");
+
+       r = request_irq(INT_A9_M2A_0, smd_irq_handler,
+                       IRQF_TRIGGER_RISING, "smd_dev", 0);
+       if (r < 0)
+               return r;
+       r = enable_irq_wake(INT_A9_M2A_0);
+       if (r < 0)
+               pr_err("smd_core_init: enable_irq_wake failed for A9_M2A_0\n");
+
+       r = request_irq(INT_A9_M2A_5, smsm_irq_handler,
+                       IRQF_TRIGGER_RISING, "smsm_dev", 0);
+       if (r < 0) {
+               free_irq(INT_A9_M2A_0, 0);
+               return r;
+       }
+       r = enable_irq_wake(INT_A9_M2A_5);
+       if (r < 0)
+               pr_err("smd_core_init: enable_irq_wake failed for A9_M2A_5\n");
+
+       /* we may have missed a signal while booting -- fake
+        * an interrupt to make sure we process any existing
+        * state
+        */
+       smsm_irq_handler(0, 0);
+
+       pr_info("smd_core_init() done\n");
+
+       return 0;
+}
+
+#if defined(CONFIG_DEBUG_FS)
+
+static int dump_ch(char *buf, int max, int n,
+                 struct smd_half_channel *s,
+                 struct smd_half_channel *r)
+{
+       return scnprintf(
+               buf, max,
+               "ch%02d:"
+               " %8s(%04d/%04d) %c%c%c%c%c%c%c <->"
+               " %8s(%04d/%04d) %c%c%c%c%c%c%c\n", n,
+               chstate(s->state), s->tail, s->head,
+               s->fDSR ? 'D' : 'd',
+               s->fCTS ? 'C' : 'c',
+               s->fCD ? 'C' : 'c',
+               s->fRI ? 'I' : 'i',
+               s->fHEAD ? 'W' : 'w',
+               s->fTAIL ? 'R' : 'r',
+               s->fSTATE ? 'S' : 's',
+               chstate(r->state), r->tail, r->head,
+               r->fDSR ? 'D' : 'd',
+               r->fCTS ? 'R' : 'r',
+               r->fCD ? 'C' : 'c',
+               r->fRI ? 'I' : 'i',
+               r->fHEAD ? 'W' : 'w',
+               r->fTAIL ? 'R' : 'r',
+               r->fSTATE ? 'S' : 's'
+               );
+}
+
+static int debug_read_stat(char *buf, int max)
+{
+       struct smsm_shared *smsm;
+       char *msg;
+       int i = 0;
+
+       smsm = smem_find(ID_SHARED_STATE,
+                        2 * sizeof(struct smsm_shared));
+
+       msg = smem_find(ID_DIAG_ERR_MSG, SZ_DIAG_ERR_MSG);
+
+       if (smsm) {
+               if (smsm[1].state & SMSM_RESET)
+                       i += scnprintf(buf + i, max - i,
+                                      "smsm: ARM9 HAS CRASHED\n");
+               i += scnprintf(buf + i, max - i, "smsm: a9: %08x a11: %08x\n",
+                              smsm[0].state, smsm[1].state);
+       } else {
+               i += scnprintf(buf + i, max - i, "smsm: cannot find\n");
+       }
+       if (msg) {
+               msg[SZ_DIAG_ERR_MSG - 1] = 0;
+               i += scnprintf(buf + i, max - i, "diag: '%s'\n", msg);
+       }
+       return i;
+}
+
+static int debug_read_mem(char *buf, int max)
+{
+       unsigned n;
+       struct smem_shared *shared = (void *) MSM_SHARED_RAM_BASE;
+       struct smem_heap_entry *toc = shared->heap_toc;
+       int i = 0;
+
+       i += scnprintf(buf + i, max - i,
+                      "heap: init=%d free=%d remain=%d\n",
+                      shared->heap_info.initialized,
+                      shared->heap_info.free_offset,
+                      shared->heap_info.heap_remaining);
+
+       for (n = 0; n < SMEM_NUM_ITEMS; n++) {
+               if (toc[n].allocated == 0)
+                       continue;
+               i += scnprintf(buf + i, max - i,
+                              "%04d: offsed %08x size %08x\n",
+                              n, toc[n].offset, toc[n].size);
+       }
+       return i;
+}
+
+static int debug_read_ch(char *buf, int max)
+{
+       struct smd_shared *shared;
+       int n, i = 0;
+
+       for (n = 0; n < SMD_CHANNELS; n++) {
+               shared = smem_find(ID_SMD_CHANNELS + n,
+                                  sizeof(struct smd_shared));
+               if (shared == 0)
+                       continue;
+               i += dump_ch(buf + i, max - i, n, &shared->ch0, &shared->ch1);
+       }
+
+       return i;
+}
+
+static int debug_read_version(char *buf, int max)
+{
+       struct smem_shared *shared = (void *) MSM_SHARED_RAM_BASE;
+       unsigned version = shared->version[VERSION_MODEM];
+       return sprintf(buf, "%d.%d\n", version >> 16, version & 0xffff);
+}
+
+static int debug_read_build_id(char *buf, int max)
+{
+       unsigned size;
+       void *data;
+
+       data = _smem_find(SMEM_HW_SW_BUILD_ID, &size);
+       if (!data)
+               return 0;
+
+       if (size >= max)
+               size = max;
+       memcpy(buf, data, size);
+
+       return size;
+}
+
+static int debug_read_alloc_tbl(char *buf, int max)
+{
+       struct smd_alloc_elm *shared;
+       int n, i = 0;
+
+       shared = smem_find(ID_CH_ALLOC_TBL, sizeof(*shared) * 64);
+
+       for (n = 0; n < 64; n++) {
+               if (shared[n].ref_count == 0)
+                       continue;
+               i += scnprintf(buf + i, max - i,
+                              "%03d: %20s cid=%02d ctype=%d ref_count=%d\n",
+                              n, shared[n].name, shared[n].cid,
+                              shared[n].ctype, shared[n].ref_count);
+       }
+
+       return i;
+}
+
+static int debug_boom(char *buf, int max)
+{
+       unsigned ms = 5000;
+       msm_proc_comm(PCOM_RESET_MODEM, &ms, 0);
+       return 0;
+}
+
+#define DEBUG_BUFMAX 4096
+static char debug_buffer[DEBUG_BUFMAX];
+
+static ssize_t debug_read(struct file *file, char __user *buf,
+                         size_t count, loff_t *ppos)
+{
+       int (*fill)(char *buf, int max) = file->private_data;
+       int bsize = fill(debug_buffer, DEBUG_BUFMAX);
+       return simple_read_from_buffer(buf, count, ppos, debug_buffer, bsize);
+}
+
+static int debug_open(struct inode *inode, struct file *file)
+{
+       file->private_data = inode->i_private;
+       return 0;
+}
+
+static const struct file_operations debug_ops = {
+       .read = debug_read,
+       .open = debug_open,
+};
+
+static void debug_create(const char *name, mode_t mode,
+                        struct dentry *dent,
+                        int (*fill)(char *buf, int max))
+{
+       debugfs_create_file(name, mode, dent, fill, &debug_ops);
+}
+
+static void smd_debugfs_init(void)
+{
+       struct dentry *dent;
+
+       dent = debugfs_create_dir("smd", 0);
+       if (IS_ERR(dent))
+               return;
+
+       debug_create("ch", 0444, dent, debug_read_ch);
+       debug_create("stat", 0444, dent, debug_read_stat);
+       debug_create("mem", 0444, dent, debug_read_mem);
+       debug_create("version", 0444, dent, debug_read_version);
+       debug_create("tbl", 0444, dent, debug_read_alloc_tbl);
+       debug_create("build", 0444, dent, debug_read_build_id);
+       debug_create("boom", 0444, dent, debug_boom);
+}
+#else
+static void smd_debugfs_init(void) {}
+#endif
+
+static int __init msm_smd_probe(struct platform_device *pdev)
+{
+       pr_info("smd_init()\n");
+
+       INIT_WORK(&probe_work, smd_channel_probe_worker);
+
+       if (smd_core_init()) {
+               pr_err("smd_core_init() failed\n");
+               return -1;
+       }
+
+       do_smd_probe();
+
+       msm_check_for_modem_crash = check_for_modem_crash;
+
+       smd_debugfs_init();
+       smd_initialized = 1;
+
+       return 0;
+}
+
+static struct platform_driver msm_smd_driver = {
+       .probe = msm_smd_probe,
+       .driver = {
+               .name = MODULE_NAME,
+               .owner = THIS_MODULE,
+       },
+};
+
+static int __init msm_smd_init(void)
+{
+       return platform_driver_register(&msm_smd_driver);
+}
+
+module_init(msm_smd_init);
+
+MODULE_DESCRIPTION("MSM Shared Memory Core");
+MODULE_AUTHOR("Brian Swetland <swetland@google.com>");
+MODULE_LICENSE("GPL");
diff --git a/drivers/staging/dream/smd/smd_private.h b/drivers/staging/dream/smd/smd_private.h
new file mode 100644 (file)
index 0000000..c0eb3de
--- /dev/null
@@ -0,0 +1,171 @@
+/* arch/arm/mach-msm/smd_private.h
+ *
+ * Copyright (C) 2007 Google, Inc.
+ * Copyright (c) 2007 QUALCOMM Incorporated
+ *
+ * This software is licensed under the terms of the GNU General Public
+ * License version 2, as published by the Free Software Foundation, and
+ * may be copied, distributed, and modified under those terms.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ */
+#ifndef _ARCH_ARM_MACH_MSM_MSM_SMD_PRIVATE_H_
+#define _ARCH_ARM_MACH_MSM_MSM_SMD_PRIVATE_H_
+
+struct smem_heap_info
+{
+       unsigned initialized;
+       unsigned free_offset;
+       unsigned heap_remaining;
+       unsigned reserved;
+};
+
+struct smem_heap_entry
+{
+       unsigned allocated;
+       unsigned offset;
+       unsigned size;
+       unsigned reserved;
+};
+
+struct smem_proc_comm
+{
+       unsigned command;
+       unsigned status;
+       unsigned data1;
+       unsigned data2;
+};
+
+#define PC_APPS  0
+#define PC_MODEM 1
+
+#define VERSION_QDSP6     4
+#define VERSION_APPS_SBL  6
+#define VERSION_MODEM_SBL 7
+#define VERSION_APPS      8
+#define VERSION_MODEM     9
+
+struct smem_shared
+{
+       struct smem_proc_comm proc_comm[4];
+       unsigned version[32];
+       struct smem_heap_info heap_info;
+       struct smem_heap_entry heap_toc[128];
+};
+
+struct smsm_shared
+{
+       unsigned host;
+       unsigned state;
+};
+
+struct smsm_interrupt_info
+{
+       uint32_t aArm_en_mask;
+       uint32_t aArm_interrupts_pending;
+       uint32_t aArm_wakeup_reason;
+};
+
+#define SZ_DIAG_ERR_MSG 0xC8
+#define ID_DIAG_ERR_MSG SMEM_DIAG_ERR_MESSAGE
+#define ID_SMD_CHANNELS SMEM_SMD_BASE_ID
+#define ID_SHARED_STATE SMEM_SMSM_SHARED_STATE
+#define ID_CH_ALLOC_TBL SMEM_CHANNEL_ALLOC_TBL
+
+#define SMSM_INIT          0x000001
+#define SMSM_SMDINIT       0x000008
+#define SMSM_RPCINIT       0x000020
+#define SMSM_RESET         0x000040
+#define SMSM_RSA               0x0080
+#define SMSM_RUN           0x000100
+#define SMSM_PWRC              0x0200
+#define SMSM_TIMEWAIT          0x0400
+#define SMSM_TIMEINIT          0x0800
+#define SMSM_PWRC_EARLY_EXIT   0x1000
+#define SMSM_WFPI              0x2000
+#define SMSM_SLEEP             0x4000
+#define SMSM_SLEEPEXIT         0x8000
+#define SMSM_OEMSBL_RELEASE    0x10000
+#define SMSM_PWRC_SUSPEND      0x200000
+
+#define SMSM_WKUP_REASON_RPC   0x00000001
+#define SMSM_WKUP_REASON_INT   0x00000002
+#define SMSM_WKUP_REASON_GPIO  0x00000004
+#define SMSM_WKUP_REASON_TIMER 0x00000008
+#define SMSM_WKUP_REASON_ALARM 0x00000010
+#define SMSM_WKUP_REASON_RESET 0x00000020
+
+void *smem_alloc(unsigned id, unsigned size);
+int smsm_change_state(uint32_t clear_mask, uint32_t set_mask);
+uint32_t smsm_get_state(void);
+int smsm_set_sleep_duration(uint32_t delay);
+int smsm_set_interrupt_info(struct smsm_interrupt_info *info);
+void smsm_print_sleep_info(void);
+
+#define SMEM_NUM_SMD_CHANNELS        64
+
+typedef enum
+{
+       /* fixed items */
+       SMEM_PROC_COMM = 0,
+       SMEM_HEAP_INFO,
+       SMEM_ALLOCATION_TABLE,
+       SMEM_VERSION_INFO,
+       SMEM_HW_RESET_DETECT,
+       SMEM_AARM_WARM_BOOT,
+       SMEM_DIAG_ERR_MESSAGE,
+       SMEM_SPINLOCK_ARRAY,
+       SMEM_MEMORY_BARRIER_LOCATION,
+
+       /* dynamic items */
+       SMEM_AARM_PARTITION_TABLE,
+       SMEM_AARM_BAD_BLOCK_TABLE,
+       SMEM_RESERVE_BAD_BLOCKS,
+       SMEM_WM_UUID,
+       SMEM_CHANNEL_ALLOC_TBL,
+       SMEM_SMD_BASE_ID,
+       SMEM_SMEM_LOG_IDX = SMEM_SMD_BASE_ID + SMEM_NUM_SMD_CHANNELS,
+       SMEM_SMEM_LOG_EVENTS,
+       SMEM_SMEM_STATIC_LOG_IDX,
+       SMEM_SMEM_STATIC_LOG_EVENTS,
+       SMEM_SMEM_SLOW_CLOCK_SYNC,
+       SMEM_SMEM_SLOW_CLOCK_VALUE,
+       SMEM_BIO_LED_BUF,
+       SMEM_SMSM_SHARED_STATE,
+       SMEM_SMSM_INT_INFO,
+       SMEM_SMSM_SLEEP_DELAY,
+       SMEM_SMSM_LIMIT_SLEEP,
+       SMEM_SLEEP_POWER_COLLAPSE_DISABLED,
+       SMEM_KEYPAD_KEYS_PRESSED,
+       SMEM_KEYPAD_STATE_UPDATED,
+       SMEM_KEYPAD_STATE_IDX,
+       SMEM_GPIO_INT,
+       SMEM_MDDI_LCD_IDX,
+       SMEM_MDDI_HOST_DRIVER_STATE,
+       SMEM_MDDI_LCD_DISP_STATE,
+       SMEM_LCD_CUR_PANEL,
+       SMEM_MARM_BOOT_SEGMENT_INFO,
+       SMEM_AARM_BOOT_SEGMENT_INFO,
+       SMEM_SLEEP_STATIC,
+       SMEM_SCORPION_FREQUENCY,
+       SMEM_SMD_PROFILES,
+       SMEM_TSSC_BUSY,
+       SMEM_HS_SUSPEND_FILTER_INFO,
+       SMEM_BATT_INFO,
+       SMEM_APPS_BOOT_MODE,
+       SMEM_VERSION_FIRST,
+       SMEM_VERSION_LAST = SMEM_VERSION_FIRST + 24,
+       SMEM_OSS_RRCASN1_BUF1,
+       SMEM_OSS_RRCASN1_BUF2,
+       SMEM_ID_VENDOR0,
+       SMEM_ID_VENDOR1,
+       SMEM_ID_VENDOR2,
+       SMEM_HW_SW_BUILD_ID,
+       SMEM_NUM_ITEMS,
+} smem_mem_type;
+
+#endif
diff --git a/drivers/staging/dream/smd/smd_qmi.c b/drivers/staging/dream/smd/smd_qmi.c
new file mode 100644 (file)
index 0000000..d4e7d88
--- /dev/null
@@ -0,0 +1,860 @@
+/* arch/arm/mach-msm/smd_qmi.c
+ *
+ * QMI Control Driver -- Manages network data connections.
+ *
+ * Copyright (C) 2007 Google, Inc.
+ * Author: Brian Swetland <swetland@google.com>
+ *
+ * This software is licensed under the terms of the GNU General Public
+ * License version 2, as published by the Free Software Foundation, and
+ * may be copied, distributed, and modified under those terms.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ */
+
+#include <linux/module.h>
+#include <linux/fs.h>
+#include <linux/cdev.h>
+#include <linux/device.h>
+#include <linux/sched.h>
+#include <linux/wait.h>
+#include <linux/miscdevice.h>
+#include <linux/workqueue.h>
+#include <linux/wakelock.h>
+
+#include <asm/uaccess.h>
+#include <mach/msm_smd.h>
+
+#define QMI_CTL 0x00
+#define QMI_WDS 0x01
+#define QMI_DMS 0x02
+#define QMI_NAS 0x03
+
+#define QMI_RESULT_SUCCESS 0x0000
+#define QMI_RESULT_FAILURE 0x0001
+
+struct qmi_msg {
+       unsigned char service;
+       unsigned char client_id;
+       unsigned short txn_id;
+       unsigned short type;
+       unsigned short size;
+       unsigned char *tlv;
+};
+
+#define qmi_ctl_client_id 0
+
+#define STATE_OFFLINE    0
+#define STATE_QUERYING   1
+#define STATE_ONLINE     2
+
+struct qmi_ctxt {
+       struct miscdevice misc;
+
+       struct mutex lock;
+
+       unsigned char ctl_txn_id;
+       unsigned char wds_client_id;
+       unsigned short wds_txn_id;
+
+       unsigned wds_busy;
+       unsigned wds_handle;
+       unsigned state_dirty;
+       unsigned state;
+
+       unsigned char addr[4];
+       unsigned char mask[4];
+       unsigned char gateway[4];
+       unsigned char dns1[4];
+       unsigned char dns2[4];
+
+       smd_channel_t *ch;
+       const char *ch_name;
+       struct wake_lock wake_lock;
+
+       struct work_struct open_work;
+       struct work_struct read_work;
+};
+
+static struct qmi_ctxt *qmi_minor_to_ctxt(unsigned n);
+
+static void qmi_read_work(struct work_struct *ws);
+static void qmi_open_work(struct work_struct *work);
+
+void qmi_ctxt_init(struct qmi_ctxt *ctxt, unsigned n)
+{
+       mutex_init(&ctxt->lock);
+       INIT_WORK(&ctxt->read_work, qmi_read_work);
+       INIT_WORK(&ctxt->open_work, qmi_open_work);
+       wake_lock_init(&ctxt->wake_lock, WAKE_LOCK_SUSPEND, ctxt->misc.name);
+       ctxt->ctl_txn_id = 1;
+       ctxt->wds_txn_id = 1;
+       ctxt->wds_busy = 1;
+       ctxt->state = STATE_OFFLINE;
+
+}
+
+static struct workqueue_struct *qmi_wq;
+
+static int verbose = 0;
+
+/* anyone waiting for a state change waits here */
+static DECLARE_WAIT_QUEUE_HEAD(qmi_wait_queue);
+
+
+static void qmi_dump_msg(struct qmi_msg *msg, const char *prefix)
+{
+       unsigned sz, n;
+       unsigned char *x;
+
+       if (!verbose)
+               return;
+
+       printk(KERN_INFO
+              "qmi: %s: svc=%02x cid=%02x tid=%04x type=%04x size=%04x\n",
+              prefix, msg->service, msg->client_id,
+              msg->txn_id, msg->type, msg->size);
+
+       x = msg->tlv;
+       sz = msg->size;
+
+       while (sz >= 3) {
+               sz -= 3;
+
+               n = x[1] | (x[2] << 8);
+               if (n > sz)
+                       break;
+
+               printk(KERN_INFO "qmi: %s: tlv: %02x %04x { ",
+                      prefix, x[0], n);
+               x += 3;
+               sz -= n;
+               while (n-- > 0)
+                       printk("%02x ", *x++);
+               printk("}\n");
+       }
+}
+
+int qmi_add_tlv(struct qmi_msg *msg,
+               unsigned type, unsigned size, const void *data)
+{
+       unsigned char *x = msg->tlv + msg->size;
+
+       x[0] = type;
+       x[1] = size;
+       x[2] = size >> 8;
+
+       memcpy(x + 3, data, size);
+
+       msg->size += (size + 3);
+
+       return 0;
+}
+
+/* Extract a tagged item from a qmi message buffer,
+** taking care not to overrun the buffer.
+*/
+static int qmi_get_tlv(struct qmi_msg *msg,
+                      unsigned type, unsigned size, void *data)
+{
+       unsigned char *x = msg->tlv;
+       unsigned len = msg->size;
+       unsigned n;
+
+       while (len >= 3) {
+               len -= 3;
+
+               /* size of this item */
+               n = x[1] | (x[2] << 8);
+               if (n > len)
+                       break;
+
+               if (x[0] == type) {
+                       if (n != size)
+                               return -1;
+                       memcpy(data, x + 3, size);
+                       return 0;
+               }
+
+               x += (n + 3);
+               len -= n;
+       }
+
+       return -1;
+}
+
+static unsigned qmi_get_status(struct qmi_msg *msg, unsigned *error)
+{
+       unsigned short status[2];
+       if (qmi_get_tlv(msg, 0x02, sizeof(status), status)) {
+               *error = 0;
+               return QMI_RESULT_FAILURE;
+       } else {
+               *error = status[1];
+               return status[0];
+       }
+}
+
+/* 0x01 <qmux-header> <payload> */
+#define QMUX_HEADER    13
+
+/* should be >= HEADER + FOOTER */
+#define QMUX_OVERHEAD  16
+
+static int qmi_send(struct qmi_ctxt *ctxt, struct qmi_msg *msg)
+{
+       unsigned char *data;
+       unsigned hlen;
+       unsigned len;
+       int r;
+
+       qmi_dump_msg(msg, "send");
+
+       if (msg->service == QMI_CTL) {
+               hlen = QMUX_HEADER - 1;
+       } else {
+               hlen = QMUX_HEADER;
+       }
+
+       /* QMUX length is total header + total payload - IFC selector */
+       len = hlen + msg->size - 1;
+       if (len > 0xffff)
+               return -1;
+
+       data = msg->tlv - hlen;
+
+       /* prepend encap and qmux header */
+       *data++ = 0x01; /* ifc selector */
+
+       /* qmux header */
+       *data++ = len;
+       *data++ = len >> 8;
+       *data++ = 0x00; /* flags: client */
+       *data++ = msg->service;
+       *data++ = msg->client_id;
+
+       /* qmi header */
+       *data++ = 0x00; /* flags: send */
+       *data++ = msg->txn_id;
+       if (msg->service != QMI_CTL)
+               *data++ = msg->txn_id >> 8;
+
+       *data++ = msg->type;
+       *data++ = msg->type >> 8;
+       *data++ = msg->size;
+       *data++ = msg->size >> 8;
+
+       /* len + 1 takes the interface selector into account */
+       r = smd_write(ctxt->ch, msg->tlv - hlen, len + 1);
+
+       if (r != len) {
+               return -1;
+       } else {
+               return 0;
+       }
+}
+
+static void qmi_process_ctl_msg(struct qmi_ctxt *ctxt, struct qmi_msg *msg)
+{
+       unsigned err;
+       if (msg->type == 0x0022) {
+               unsigned char n[2];
+               if (qmi_get_status(msg, &err))
+                       return;
+               if (qmi_get_tlv(msg, 0x01, sizeof(n), n))
+                       return;
+               if (n[0] == QMI_WDS) {
+                       printk(KERN_INFO
+                              "qmi: ctl: wds use client_id 0x%02x\n", n[1]);
+                       ctxt->wds_client_id = n[1];
+                       ctxt->wds_busy = 0;
+               }
+       }
+}
+
+static int qmi_network_get_profile(struct qmi_ctxt *ctxt);
+
+static void swapaddr(unsigned char *src, unsigned char *dst)
+{
+       dst[0] = src[3];
+       dst[1] = src[2];
+       dst[2] = src[1];
+       dst[3] = src[0];
+}
+
+static unsigned char zero[4];
+static void qmi_read_runtime_profile(struct qmi_ctxt *ctxt, struct qmi_msg *msg)
+{
+       unsigned char tmp[4];
+       unsigned r;
+
+       r = qmi_get_tlv(msg, 0x1e, 4, tmp);
+       swapaddr(r ? zero : tmp, ctxt->addr);
+       r = qmi_get_tlv(msg, 0x21, 4, tmp);
+       swapaddr(r ? zero : tmp, ctxt->mask);
+       r = qmi_get_tlv(msg, 0x20, 4, tmp);
+       swapaddr(r ? zero : tmp, ctxt->gateway);
+       r = qmi_get_tlv(msg, 0x15, 4, tmp);
+       swapaddr(r ? zero : tmp, ctxt->dns1);
+       r = qmi_get_tlv(msg, 0x16, 4, tmp);
+       swapaddr(r ? zero : tmp, ctxt->dns2);
+}
+
+static void qmi_process_unicast_wds_msg(struct qmi_ctxt *ctxt,
+                                       struct qmi_msg *msg)
+{
+       unsigned err;
+       switch (msg->type) {
+       case 0x0021:
+               if (qmi_get_status(msg, &err)) {
+                       printk(KERN_ERR
+                              "qmi: wds: network stop failed (%04x)\n", err);
+               } else {
+                       printk(KERN_INFO
+                              "qmi: wds: network stopped\n");
+                       ctxt->state = STATE_OFFLINE;
+                       ctxt->state_dirty = 1;
+               }
+               break;
+       case 0x0020:
+               if (qmi_get_status(msg, &err)) {
+                       printk(KERN_ERR
+                              "qmi: wds: network start failed (%04x)\n", err);
+               } else if (qmi_get_tlv(msg, 0x01, sizeof(ctxt->wds_handle), &ctxt->wds_handle)) {
+                       printk(KERN_INFO
+                              "qmi: wds no handle?\n");
+               } else {
+                       printk(KERN_INFO
+                              "qmi: wds: got handle 0x%08x\n",
+                              ctxt->wds_handle);
+               }
+               break;
+       case 0x002D:
+               printk("qmi: got network profile\n");
+               if (ctxt->state == STATE_QUERYING) {
+                       qmi_read_runtime_profile(ctxt, msg);
+                       ctxt->state = STATE_ONLINE;
+                       ctxt->state_dirty = 1;
+               }
+               break;
+       default:
+               printk(KERN_ERR "qmi: unknown msg type 0x%04x\n", msg->type);
+       }
+       ctxt->wds_busy = 0;
+}
+
+static void qmi_process_broadcast_wds_msg(struct qmi_ctxt *ctxt,
+                                         struct qmi_msg *msg)
+{
+       if (msg->type == 0x0022) {
+               unsigned char n[2];
+               if (qmi_get_tlv(msg, 0x01, sizeof(n), n))
+                       return;
+               switch (n[0]) {
+               case 1:
+                       printk(KERN_INFO "qmi: wds: DISCONNECTED\n");
+                       ctxt->state = STATE_OFFLINE;
+                       ctxt->state_dirty = 1;
+                       break;
+               case 2:
+                       printk(KERN_INFO "qmi: wds: CONNECTED\n");
+                       ctxt->state = STATE_QUERYING;
+                       ctxt->state_dirty = 1;
+                       qmi_network_get_profile(ctxt);
+                       break;
+               case 3:
+                       printk(KERN_INFO "qmi: wds: SUSPENDED\n");
+                       ctxt->state = STATE_OFFLINE;
+                       ctxt->state_dirty = 1;
+               }
+       } else {
+               printk(KERN_ERR "qmi: unknown bcast msg type 0x%04x\n", msg->type);
+       }
+}
+
+static void qmi_process_wds_msg(struct qmi_ctxt *ctxt,
+                               struct qmi_msg *msg)
+{
+       printk("wds: %04x @ %02x\n", msg->type, msg->client_id);
+       if (msg->client_id == ctxt->wds_client_id) {
+               qmi_process_unicast_wds_msg(ctxt, msg);
+       } else if (msg->client_id == 0xff) {
+               qmi_process_broadcast_wds_msg(ctxt, msg);
+       } else {
+               printk(KERN_ERR
+                      "qmi_process_wds_msg client id 0x%02x unknown\n",
+                      msg->client_id);
+       }
+}
+
+static void qmi_process_qmux(struct qmi_ctxt *ctxt,
+                            unsigned char *buf, unsigned sz)
+{
+       struct qmi_msg msg;
+
+       /* require a full header */
+       if (sz < 5)
+               return;
+
+       /* require a size that matches the buffer size */
+       if (sz != (buf[0] | (buf[1] << 8)))
+               return;
+
+       /* only messages from a service (bit7=1) are allowed */
+       if (buf[2] != 0x80)
+               return;
+
+       msg.service = buf[3];
+       msg.client_id = buf[4];
+
+       /* annoyingly, CTL messages have a shorter TID */
+       if (buf[3] == 0) {
+               if (sz < 7)
+                       return;
+               msg.txn_id = buf[6];
+               buf += 7;
+               sz -= 7;
+       } else {
+               if (sz < 8)
+                       return;
+               msg.txn_id = buf[6] | (buf[7] << 8);
+               buf += 8;
+               sz -= 8;
+       }
+
+       /* no type and size!? */
+       if (sz < 4)
+               return;
+       sz -= 4;
+
+       msg.type = buf[0] | (buf[1] << 8);
+       msg.size = buf[2] | (buf[3] << 8);
+       msg.tlv = buf + 4;
+
+       if (sz != msg.size)
+               return;
+
+       qmi_dump_msg(&msg, "recv");
+
+       mutex_lock(&ctxt->lock);
+       switch (msg.service) {
+       case QMI_CTL:
+               qmi_process_ctl_msg(ctxt, &msg);
+               break;
+       case QMI_WDS:
+               qmi_process_wds_msg(ctxt, &msg);
+               break;
+       default:
+               printk(KERN_ERR "qmi: msg from unknown svc 0x%02x\n",
+                      msg.service);
+               break;
+       }
+       mutex_unlock(&ctxt->lock);
+
+       wake_up(&qmi_wait_queue);
+}
+
+#define QMI_MAX_PACKET (256 + QMUX_OVERHEAD)
+
+static void qmi_read_work(struct work_struct *ws)
+{
+       struct qmi_ctxt *ctxt = container_of(ws, struct qmi_ctxt, read_work);
+       struct smd_channel *ch = ctxt->ch;
+       unsigned char buf[QMI_MAX_PACKET];
+       int sz;
+
+       for (;;) {
+               sz = smd_cur_packet_size(ch);
+               if (sz == 0)
+                       break;
+               if (sz < smd_read_avail(ch))
+                       break;
+               if (sz > QMI_MAX_PACKET) {
+                       smd_read(ch, 0, sz);
+                       continue;
+               }
+               if (smd_read(ch, buf, sz) != sz) {
+                       printk(KERN_ERR "qmi: not enough data?!\n");
+                       continue;
+               }
+
+               /* interface selector must be 1 */
+               if (buf[0] != 0x01)
+                       continue;
+
+               qmi_process_qmux(ctxt, buf + 1, sz - 1);
+       }
+}
+
+static int qmi_request_wds_cid(struct qmi_ctxt *ctxt);
+
+static void qmi_open_work(struct work_struct *ws)
+{
+       struct qmi_ctxt *ctxt = container_of(ws, struct qmi_ctxt, open_work);
+       mutex_lock(&ctxt->lock);
+       qmi_request_wds_cid(ctxt);
+       mutex_unlock(&ctxt->lock);
+}
+
+static void qmi_notify(void *priv, unsigned event)
+{
+       struct qmi_ctxt *ctxt = priv;
+
+       switch (event) {
+       case SMD_EVENT_DATA: {
+               int sz;
+               sz = smd_cur_packet_size(ctxt->ch);
+               if ((sz > 0) && (sz <= smd_read_avail(ctxt->ch))) {
+                       wake_lock_timeout(&ctxt->wake_lock, HZ / 2);
+                       queue_work(qmi_wq, &ctxt->read_work);
+               }
+               break;
+       }
+       case SMD_EVENT_OPEN:
+               printk(KERN_INFO "qmi: smd opened\n");
+               queue_work(qmi_wq, &ctxt->open_work);
+               break;
+       case SMD_EVENT_CLOSE:
+               printk(KERN_INFO "qmi: smd closed\n");
+               break;
+       }
+}
+
+static int qmi_request_wds_cid(struct qmi_ctxt *ctxt)
+{
+       unsigned char data[64 + QMUX_OVERHEAD];
+       struct qmi_msg msg;
+       unsigned char n;
+
+       msg.service = QMI_CTL;
+       msg.client_id = qmi_ctl_client_id;
+       msg.txn_id = ctxt->ctl_txn_id;
+       msg.type = 0x0022;
+       msg.size = 0;
+       msg.tlv = data + QMUX_HEADER;
+
+       ctxt->ctl_txn_id += 2;
+
+       n = QMI_WDS;
+       qmi_add_tlv(&msg, 0x01, 0x01, &n);
+
+       return qmi_send(ctxt, &msg);
+}
+
+static int qmi_network_get_profile(struct qmi_ctxt *ctxt)
+{
+       unsigned char data[96 + QMUX_OVERHEAD];
+       struct qmi_msg msg;
+
+       msg.service = QMI_WDS;
+       msg.client_id = ctxt->wds_client_id;
+       msg.txn_id = ctxt->wds_txn_id;
+       msg.type = 0x002D;
+       msg.size = 0;
+       msg.tlv = data + QMUX_HEADER;
+
+       ctxt->wds_txn_id += 2;
+
+       return qmi_send(ctxt, &msg);
+}
+
+static int qmi_network_up(struct qmi_ctxt *ctxt, char *apn)
+{
+       unsigned char data[96 + QMUX_OVERHEAD];
+       struct qmi_msg msg;
+       char *auth_type;
+       char *user;
+       char *pass;
+
+       for (user = apn; *user; user++) {
+               if (*user == ' ') {
+                       *user++ = 0;
+                       break;
+               }
+       }
+       for (pass = user; *pass; pass++) {
+               if (*pass == ' ') {
+                       *pass++ = 0;
+                       break;
+               }
+       }
+
+       for (auth_type = pass; *auth_type; auth_type++) {
+               if (*auth_type == ' ') {
+                       *auth_type++ = 0;
+                       break;
+               }
+       }
+
+       msg.service = QMI_WDS;
+       msg.client_id = ctxt->wds_client_id;
+       msg.txn_id = ctxt->wds_txn_id;
+       msg.type = 0x0020;
+       msg.size = 0;
+       msg.tlv = data + QMUX_HEADER;
+
+       ctxt->wds_txn_id += 2;
+
+       qmi_add_tlv(&msg, 0x14, strlen(apn), apn);
+       if (*auth_type)
+               qmi_add_tlv(&msg, 0x16, strlen(auth_type), auth_type);
+       if (*user) {
+               if (!*auth_type) {
+                       unsigned char x;
+                       x = 3;
+                       qmi_add_tlv(&msg, 0x16, 1, &x);
+               }
+               qmi_add_tlv(&msg, 0x17, strlen(user), user);
+               if (*pass)
+                       qmi_add_tlv(&msg, 0x18, strlen(pass), pass);
+       }
+       return qmi_send(ctxt, &msg);
+}
+
+static int qmi_network_down(struct qmi_ctxt *ctxt)
+{
+       unsigned char data[16 + QMUX_OVERHEAD];
+       struct qmi_msg msg;
+
+       msg.service = QMI_WDS;
+       msg.client_id = ctxt->wds_client_id;
+       msg.txn_id = ctxt->wds_txn_id;
+       msg.type = 0x0021;
+       msg.size = 0;
+       msg.tlv = data + QMUX_HEADER;
+
+       ctxt->wds_txn_id += 2;
+
+       qmi_add_tlv(&msg, 0x01, sizeof(ctxt->wds_handle), &ctxt->wds_handle);
+
+       return qmi_send(ctxt, &msg);
+}
+
+static int qmi_print_state(struct qmi_ctxt *ctxt, char *buf, int max)
+{
+       int i;
+       char *statename;
+
+       if (ctxt->state == STATE_ONLINE) {
+               statename = "up";
+       } else if (ctxt->state == STATE_OFFLINE) {
+               statename = "down";
+       } else {
+               statename = "busy";
+       }
+
+       i = scnprintf(buf, max, "STATE=%s\n", statename);
+       i += scnprintf(buf + i, max - i, "CID=%d\n",ctxt->wds_client_id);
+
+       if (ctxt->state != STATE_ONLINE){
+               return i;
+       }
+
+       i += scnprintf(buf + i, max - i, "ADDR=%d.%d.%d.%d\n",
+               ctxt->addr[0], ctxt->addr[1], ctxt->addr[2], ctxt->addr[3]);
+       i += scnprintf(buf + i, max - i, "MASK=%d.%d.%d.%d\n",
+               ctxt->mask[0], ctxt->mask[1], ctxt->mask[2], ctxt->mask[3]);
+       i += scnprintf(buf + i, max - i, "GATEWAY=%d.%d.%d.%d\n",
+               ctxt->gateway[0], ctxt->gateway[1], ctxt->gateway[2],
+               ctxt->gateway[3]);
+       i += scnprintf(buf + i, max - i, "DNS1=%d.%d.%d.%d\n",
+               ctxt->dns1[0], ctxt->dns1[1], ctxt->dns1[2], ctxt->dns1[3]);
+       i += scnprintf(buf + i, max - i, "DNS2=%d.%d.%d.%d\n",
+               ctxt->dns2[0], ctxt->dns2[1], ctxt->dns2[2], ctxt->dns2[3]);
+
+       return i;
+}
+
+static ssize_t qmi_read(struct file *fp, char __user *buf,
+                       size_t count, loff_t *pos)
+{
+       struct qmi_ctxt *ctxt = fp->private_data;
+       char msg[256];
+       int len;
+       int r;
+
+       mutex_lock(&ctxt->lock);
+       for (;;) {
+               if (ctxt->state_dirty) {
+                       ctxt->state_dirty = 0;
+                       len = qmi_print_state(ctxt, msg, 256);
+                       break;
+               }
+               mutex_unlock(&ctxt->lock);
+               r = wait_event_interruptible(qmi_wait_queue, ctxt->state_dirty);
+               if (r < 0)
+                       return r;
+               mutex_lock(&ctxt->lock);
+       }
+       mutex_unlock(&ctxt->lock);
+
+       if (len > count)
+               len = count;
+
+       if (copy_to_user(buf, msg, len))
+               return -EFAULT;
+
+       return len;
+}
+
+
+static ssize_t qmi_write(struct file *fp, const char __user *buf,
+                        size_t count, loff_t *pos)
+{
+       struct qmi_ctxt *ctxt = fp->private_data;
+       unsigned char cmd[64];
+       int len;
+       int r;
+
+       if (count < 1)
+               return 0;
+
+       len = count > 63 ? 63 : count;
+
+       if (copy_from_user(cmd, buf, len))
+               return -EFAULT;
+
+       cmd[len] = 0;
+
+       /* lazy */
+       if (cmd[len-1] == '\n') {
+               cmd[len-1] = 0;
+               len--;
+       }
+
+       if (!strncmp(cmd, "verbose", 7)) {
+               verbose = 1;
+       } else if (!strncmp(cmd, "terse", 5)) {
+               verbose = 0;
+       } else if (!strncmp(cmd, "poll", 4)) {
+               ctxt->state_dirty = 1;
+               wake_up(&qmi_wait_queue);
+       } else if (!strncmp(cmd, "down", 4)) {
+retry_down:
+               mutex_lock(&ctxt->lock);
+               if (ctxt->wds_busy) {
+                       mutex_unlock(&ctxt->lock);
+                       r = wait_event_interruptible(qmi_wait_queue, !ctxt->wds_busy);
+                       if (r < 0)
+                               return r;
+                       goto retry_down;
+               }
+               ctxt->wds_busy = 1;
+               qmi_network_down(ctxt);
+               mutex_unlock(&ctxt->lock);
+       } else if (!strncmp(cmd, "up:", 3)) {
+retry_up:
+               mutex_lock(&ctxt->lock);
+               if (ctxt->wds_busy) {
+                       mutex_unlock(&ctxt->lock);
+                       r = wait_event_interruptible(qmi_wait_queue, !ctxt->wds_busy);
+                       if (r < 0)
+                               return r;
+                       goto retry_up;
+               }
+               ctxt->wds_busy = 1;
+               qmi_network_up(ctxt, cmd+3);
+               mutex_unlock(&ctxt->lock);
+       } else {
+               return -EINVAL;
+       }
+
+       return count;
+}
+
+static int qmi_open(struct inode *ip, struct file *fp)
+{
+       struct qmi_ctxt *ctxt = qmi_minor_to_ctxt(MINOR(ip->i_rdev));
+       int r = 0;
+
+       if (!ctxt) {
+               printk(KERN_ERR "unknown qmi misc %d\n", MINOR(ip->i_rdev));
+               return -ENODEV;
+       }
+
+       fp->private_data = ctxt;
+
+       mutex_lock(&ctxt->lock);
+       if (ctxt->ch == 0)
+               r = smd_open(ctxt->ch_name, &ctxt->ch, ctxt, qmi_notify);
+       if (r == 0)
+               wake_up(&qmi_wait_queue);
+       mutex_unlock(&ctxt->lock);
+
+       return r;
+}
+
+static int qmi_release(struct inode *ip, struct file *fp)
+{
+       return 0;
+}
+
+static struct file_operations qmi_fops = {
+       .owner = THIS_MODULE,
+       .read = qmi_read,
+       .write = qmi_write,
+       .open = qmi_open,
+       .release = qmi_release,
+};
+
+static struct qmi_ctxt qmi_device0 = {
+       .ch_name = "SMD_DATA5_CNTL",
+       .misc = {
+               .minor = MISC_DYNAMIC_MINOR,
+               .name = "qmi0",
+               .fops = &qmi_fops,
+       }
+};
+static struct qmi_ctxt qmi_device1 = {
+       .ch_name = "SMD_DATA6_CNTL",
+       .misc = {
+               .minor = MISC_DYNAMIC_MINOR,
+               .name = "qmi1",
+               .fops = &qmi_fops,
+       }
+};
+static struct qmi_ctxt qmi_device2 = {
+       .ch_name = "SMD_DATA7_CNTL",
+       .misc = {
+               .minor = MISC_DYNAMIC_MINOR,
+               .name = "qmi2",
+               .fops = &qmi_fops,
+       }
+};
+
+static struct qmi_ctxt *qmi_minor_to_ctxt(unsigned n)
+{
+       if (n == qmi_device0.misc.minor)
+               return &qmi_device0;
+       if (n == qmi_device1.misc.minor)
+               return &qmi_device1;
+       if (n == qmi_device2.misc.minor)
+               return &qmi_device2;
+       return 0;
+}
+
+static int __init qmi_init(void)
+{
+       int ret;
+
+       qmi_wq = create_singlethread_workqueue("qmi");
+       if (qmi_wq == 0)
+               return -ENOMEM;
+
+       qmi_ctxt_init(&qmi_device0, 0);
+       qmi_ctxt_init(&qmi_device1, 1);
+       qmi_ctxt_init(&qmi_device2, 2);
+
+       ret = misc_register(&qmi_device0.misc);
+       if (ret == 0)
+               ret = misc_register(&qmi_device1.misc);
+       if (ret == 0)
+               ret = misc_register(&qmi_device2.misc);
+       return ret;
+}
+
+module_init(qmi_init);
diff --git a/drivers/staging/dream/smd/smd_tty.c b/drivers/staging/dream/smd/smd_tty.c
new file mode 100644 (file)
index 0000000..2edd9d1
--- /dev/null
@@ -0,0 +1,213 @@
+/* arch/arm/mach-msm/smd_tty.c
+ *
+ * Copyright (C) 2007 Google, Inc.
+ * Author: Brian Swetland <swetland@google.com>
+ *
+ * This software is licensed under the terms of the GNU General Public
+ * License version 2, as published by the Free Software Foundation, and
+ * may be copied, distributed, and modified under those terms.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ */
+
+#include <linux/module.h>
+#include <linux/fs.h>
+#include <linux/cdev.h>
+#include <linux/device.h>
+#include <linux/wait.h>
+#include <linux/wakelock.h>
+
+#include <linux/tty.h>
+#include <linux/tty_driver.h>
+#include <linux/tty_flip.h>
+
+#include <mach/msm_smd.h>
+
+#define MAX_SMD_TTYS 32
+
+static DEFINE_MUTEX(smd_tty_lock);
+
+struct smd_tty_info {
+       smd_channel_t *ch;
+       struct tty_struct *tty;
+       struct wake_lock wake_lock;
+       int open_count;
+};
+
+static struct smd_tty_info smd_tty[MAX_SMD_TTYS];
+
+
+static void smd_tty_notify(void *priv, unsigned event)
+{
+       unsigned char *ptr;
+       int avail;
+       struct smd_tty_info *info = priv;
+       struct tty_struct *tty = info->tty;
+
+       if (!tty)
+               return;
+
+       if (event != SMD_EVENT_DATA)
+               return;
+
+       for (;;) {
+               if (test_bit(TTY_THROTTLED, &tty->flags)) break;
+               avail = smd_read_avail(info->ch);
+               if (avail == 0) break;
+
+               avail = tty_prepare_flip_string(tty, &ptr, avail);
+
+               if (smd_read(info->ch, ptr, avail) != avail) {
+                       /* shouldn't be possible since we're in interrupt
+                       ** context here and nobody else could 'steal' our
+                       ** characters.
+                       */
+                       printk(KERN_ERR "OOPS - smd_tty_buffer mismatch?!");
+               }
+
+               wake_lock_timeout(&info->wake_lock, HZ / 2);
+               tty_flip_buffer_push(tty);
+       }
+
+       /* XXX only when writable and necessary */
+       tty_wakeup(tty);
+}
+
+static int smd_tty_open(struct tty_struct *tty, struct file *f)
+{
+       int res = 0;
+       int n = tty->index;
+       struct smd_tty_info *info;
+       const char *name;
+
+       if (n == 0) {
+               name = "SMD_DS";
+       } else if (n == 27) {
+               name = "SMD_GPSNMEA";
+       } else {
+               return -ENODEV;
+       }
+
+       info = smd_tty + n;
+
+       mutex_lock(&smd_tty_lock);
+       wake_lock_init(&info->wake_lock, WAKE_LOCK_SUSPEND, name);
+       tty->driver_data = info;
+
+       if (info->open_count++ == 0) {
+               info->tty = tty;
+               if (info->ch) {
+                       smd_kick(info->ch);
+               } else {
+                       res = smd_open(name, &info->ch, info, smd_tty_notify);
+               }
+       }
+       mutex_unlock(&smd_tty_lock);
+
+       return res;
+}
+
+static void smd_tty_close(struct tty_struct *tty, struct file *f)
+{
+       struct smd_tty_info *info = tty->driver_data;
+
+       if (info == 0)
+               return;
+
+       mutex_lock(&smd_tty_lock);
+       if (--info->open_count == 0) {
+               info->tty = 0;
+               tty->driver_data = 0;
+               wake_lock_destroy(&info->wake_lock);
+               if (info->ch) {
+                       smd_close(info->ch);
+                       info->ch = 0;
+               }
+       }
+       mutex_unlock(&smd_tty_lock);
+}
+
+static int smd_tty_write(struct tty_struct *tty, const unsigned char *buf, int len)
+{
+       struct smd_tty_info *info = tty->driver_data;
+       int avail;
+
+       /* if we're writing to a packet channel we will
+       ** never be able to write more data than there
+       ** is currently space for
+       */
+       avail = smd_write_avail(info->ch);
+       if (len > avail)
+               len = avail;
+
+       return smd_write(info->ch, buf, len);
+}
+
+static int smd_tty_write_room(struct tty_struct *tty)
+{
+       struct smd_tty_info *info = tty->driver_data;
+       return smd_write_avail(info->ch);
+}
+
+static int smd_tty_chars_in_buffer(struct tty_struct *tty)
+{
+       struct smd_tty_info *info = tty->driver_data;
+       return smd_read_avail(info->ch);
+}
+
+static void smd_tty_unthrottle(struct tty_struct *tty)
+{
+       struct smd_tty_info *info = tty->driver_data;
+       smd_kick(info->ch);
+}
+
+static struct tty_operations smd_tty_ops = {
+       .open = smd_tty_open,
+       .close = smd_tty_close,
+       .write = smd_tty_write,
+       .write_room = smd_tty_write_room,
+       .chars_in_buffer = smd_tty_chars_in_buffer,
+       .unthrottle = smd_tty_unthrottle,
+};
+
+static struct tty_driver *smd_tty_driver;
+
+static int __init smd_tty_init(void)
+{
+       int ret;
+
+       smd_tty_driver = alloc_tty_driver(MAX_SMD_TTYS);
+       if (smd_tty_driver == 0)
+               return -ENOMEM;
+
+       smd_tty_driver->owner = THIS_MODULE;
+       smd_tty_driver->driver_name = "smd_tty_driver";
+       smd_tty_driver->name = "smd";
+       smd_tty_driver->major = 0;
+       smd_tty_driver->minor_start = 0;
+       smd_tty_driver->type = TTY_DRIVER_TYPE_SERIAL;
+       smd_tty_driver->subtype = SERIAL_TYPE_NORMAL;
+       smd_tty_driver->init_termios = tty_std_termios;
+       smd_tty_driver->init_termios.c_iflag = 0;
+       smd_tty_driver->init_termios.c_oflag = 0;
+       smd_tty_driver->init_termios.c_cflag = B38400 | CS8 | CREAD;
+       smd_tty_driver->init_termios.c_lflag = 0;
+       smd_tty_driver->flags = TTY_DRIVER_RESET_TERMIOS |
+               TTY_DRIVER_REAL_RAW | TTY_DRIVER_DYNAMIC_DEV;
+       tty_set_operations(smd_tty_driver, &smd_tty_ops);
+
+       ret = tty_register_driver(smd_tty_driver);
+       if (ret) return ret;
+
+       /* this should be dynamic */
+       tty_register_device(smd_tty_driver, 0, 0);
+       tty_register_device(smd_tty_driver, 27, 0);
+
+       return 0;
+}
+
+module_init(smd_tty_init);