Merge branch 'upstream' of git://git.infradead.org/users/pcmoore/audit
[firefly-linux-kernel-4.4.55.git] / drivers / macintosh / adb.c
1 /*
2  * Device driver for the Apple Desktop Bus
3  * and the /dev/adb device on macintoshes.
4  *
5  * Copyright (C) 1996 Paul Mackerras.
6  *
7  * Modified to declare controllers as structures, added
8  * client notification of bus reset and handles PowerBook
9  * sleep, by Benjamin Herrenschmidt.
10  *
11  * To do:
12  *
13  * - /sys/bus/adb to list the devices and infos
14  * - more /dev/adb to allow userland to receive the
15  *   flow of auto-polling datas from a given device.
16  * - move bus probe to a kernel thread
17  */
18
19 #include <linux/types.h>
20 #include <linux/errno.h>
21 #include <linux/kernel.h>
22 #include <linux/slab.h>
23 #include <linux/module.h>
24 #include <linux/fs.h>
25 #include <linux/mm.h>
26 #include <linux/sched.h>
27 #include <linux/adb.h>
28 #include <linux/cuda.h>
29 #include <linux/pmu.h>
30 #include <linux/notifier.h>
31 #include <linux/wait.h>
32 #include <linux/init.h>
33 #include <linux/delay.h>
34 #include <linux/spinlock.h>
35 #include <linux/completion.h>
36 #include <linux/device.h>
37 #include <linux/kthread.h>
38 #include <linux/platform_device.h>
39 #include <linux/mutex.h>
40
41 #include <linux/uaccess.h>
42 #ifdef CONFIG_PPC
43 #include <asm/prom.h>
44 #include <asm/machdep.h>
45 #endif
46
47
48 EXPORT_SYMBOL(adb_client_list);
49
50 extern struct adb_driver via_macii_driver;
51 extern struct adb_driver via_maciisi_driver;
52 extern struct adb_driver via_cuda_driver;
53 extern struct adb_driver adb_iop_driver;
54 extern struct adb_driver via_pmu_driver;
55 extern struct adb_driver macio_adb_driver;
56
57 static DEFINE_MUTEX(adb_mutex);
58 static struct adb_driver *adb_driver_list[] = {
59 #ifdef CONFIG_ADB_MACII
60         &via_macii_driver,
61 #endif
62 #ifdef CONFIG_ADB_MACIISI
63         &via_maciisi_driver,
64 #endif
65 #ifdef CONFIG_ADB_CUDA
66         &via_cuda_driver,
67 #endif
68 #ifdef CONFIG_ADB_IOP
69         &adb_iop_driver,
70 #endif
71 #if defined(CONFIG_ADB_PMU) || defined(CONFIG_ADB_PMU68K)
72         &via_pmu_driver,
73 #endif
74 #ifdef CONFIG_ADB_MACIO
75         &macio_adb_driver,
76 #endif
77         NULL
78 };
79
80 static struct class *adb_dev_class;
81
82 static struct adb_driver *adb_controller;
83 BLOCKING_NOTIFIER_HEAD(adb_client_list);
84 static int adb_got_sleep;
85 static int adb_inited;
86 static DEFINE_SEMAPHORE(adb_probe_mutex);
87 static int sleepy_trackpad;
88 static int autopoll_devs;
89 int __adb_probe_sync;
90
91 static int adb_scan_bus(void);
92 static int do_adb_reset_bus(void);
93 static void adbdev_init(void);
94 static int try_handler_change(int, int);
95
96 static struct adb_handler {
97         void (*handler)(unsigned char *, int, int);
98         int original_address;
99         int handler_id;
100         int busy;
101 } adb_handler[16];
102
103 /*
104  * The adb_handler_mutex mutex protects all accesses to the original_address
105  * and handler_id fields of adb_handler[i] for all i, and changes to the
106  * handler field.
107  * Accesses to the handler field are protected by the adb_handler_lock
108  * rwlock.  It is held across all calls to any handler, so that by the
109  * time adb_unregister returns, we know that the old handler isn't being
110  * called.
111  */
112 static DEFINE_MUTEX(adb_handler_mutex);
113 static DEFINE_RWLOCK(adb_handler_lock);
114
115 #if 0
116 static void printADBreply(struct adb_request *req)
117 {
118         int i;
119
120         printk("adb reply (%d)", req->reply_len);
121         for(i = 0; i < req->reply_len; i++)
122                 printk(" %x", req->reply[i]);
123         printk("\n");
124
125 }
126 #endif
127
128 static int adb_scan_bus(void)
129 {
130         int i, highFree=0, noMovement;
131         int devmask = 0;
132         struct adb_request req;
133         
134         /* assumes adb_handler[] is all zeroes at this point */
135         for (i = 1; i < 16; i++) {
136                 /* see if there is anything at address i */
137                 adb_request(&req, NULL, ADBREQ_SYNC | ADBREQ_REPLY, 1,
138                             (i << 4) | 0xf);
139                 if (req.reply_len > 1)
140                         /* one or more devices at this address */
141                         adb_handler[i].original_address = i;
142                 else if (i > highFree)
143                         highFree = i;
144         }
145
146         /* Note we reset noMovement to 0 each time we move a device */
147         for (noMovement = 1; noMovement < 2 && highFree > 0; noMovement++) {
148                 for (i = 1; i < 16; i++) {
149                         if (adb_handler[i].original_address == 0)
150                                 continue;
151                         /*
152                          * Send a "talk register 3" command to address i
153                          * to provoke a collision if there is more than
154                          * one device at this address.
155                          */
156                         adb_request(&req, NULL, ADBREQ_SYNC | ADBREQ_REPLY, 1,
157                                     (i << 4) | 0xf);
158                         /*
159                          * Move the device(s) which didn't detect a
160                          * collision to address `highFree'.  Hopefully
161                          * this only moves one device.
162                          */
163                         adb_request(&req, NULL, ADBREQ_SYNC, 3,
164                                     (i<< 4) | 0xb, (highFree | 0x60), 0xfe);
165                         /*
166                          * See if anybody actually moved. This is suggested
167                          * by HW TechNote 01:
168                          *
169                          * http://developer.apple.com/technotes/hw/hw_01.html
170                          */
171                         adb_request(&req, NULL, ADBREQ_SYNC | ADBREQ_REPLY, 1,
172                                     (highFree << 4) | 0xf);
173                         if (req.reply_len <= 1) continue;
174                         /*
175                          * Test whether there are any device(s) left
176                          * at address i.
177                          */
178                         adb_request(&req, NULL, ADBREQ_SYNC | ADBREQ_REPLY, 1,
179                                     (i << 4) | 0xf);
180                         if (req.reply_len > 1) {
181                                 /*
182                                  * There are still one or more devices
183                                  * left at address i.  Register the one(s)
184                                  * we moved to `highFree', and find a new
185                                  * value for highFree.
186                                  */
187                                 adb_handler[highFree].original_address =
188                                         adb_handler[i].original_address;
189                                 while (highFree > 0 &&
190                                        adb_handler[highFree].original_address)
191                                         highFree--;
192                                 if (highFree <= 0)
193                                         break;
194
195                                 noMovement = 0;
196                         } else {
197                                 /*
198                                  * No devices left at address i; move the
199                                  * one(s) we moved to `highFree' back to i.
200                                  */
201                                 adb_request(&req, NULL, ADBREQ_SYNC, 3,
202                                             (highFree << 4) | 0xb,
203                                             (i | 0x60), 0xfe);
204                         }
205                 }       
206         }
207
208         /* Now fill in the handler_id field of the adb_handler entries. */
209         printk(KERN_DEBUG "adb devices:");
210         for (i = 1; i < 16; i++) {
211                 if (adb_handler[i].original_address == 0)
212                         continue;
213                 adb_request(&req, NULL, ADBREQ_SYNC | ADBREQ_REPLY, 1,
214                             (i << 4) | 0xf);
215                 adb_handler[i].handler_id = req.reply[2];
216                 printk(" [%d]: %d %x", i, adb_handler[i].original_address,
217                        adb_handler[i].handler_id);
218                 devmask |= 1 << i;
219         }
220         printk("\n");
221         return devmask;
222 }
223
224 /*
225  * This kernel task handles ADB probing. It dies once probing is
226  * completed.
227  */
228 static int
229 adb_probe_task(void *x)
230 {
231         printk(KERN_INFO "adb: starting probe task...\n");
232         do_adb_reset_bus();
233         printk(KERN_INFO "adb: finished probe task...\n");
234
235         up(&adb_probe_mutex);
236
237         return 0;
238 }
239
240 static void
241 __adb_probe_task(struct work_struct *bullshit)
242 {
243         kthread_run(adb_probe_task, NULL, "kadbprobe");
244 }
245
246 static DECLARE_WORK(adb_reset_work, __adb_probe_task);
247
248 int
249 adb_reset_bus(void)
250 {
251         if (__adb_probe_sync) {
252                 do_adb_reset_bus();
253                 return 0;
254         }
255
256         down(&adb_probe_mutex);
257         schedule_work(&adb_reset_work);
258         return 0;
259 }
260
261 #ifdef CONFIG_PM
262 /*
263  * notify clients before sleep
264  */
265 static int __adb_suspend(struct platform_device *dev, pm_message_t state)
266 {
267         adb_got_sleep = 1;
268         /* We need to get a lock on the probe thread */
269         down(&adb_probe_mutex);
270         /* Stop autopoll */
271         if (adb_controller->autopoll)
272                 adb_controller->autopoll(0);
273         blocking_notifier_call_chain(&adb_client_list, ADB_MSG_POWERDOWN, NULL);
274
275         return 0;
276 }
277
278 static int adb_suspend(struct device *dev)
279 {
280         return __adb_suspend(to_platform_device(dev), PMSG_SUSPEND);
281 }
282
283 static int adb_freeze(struct device *dev)
284 {
285         return __adb_suspend(to_platform_device(dev), PMSG_FREEZE);
286 }
287
288 static int adb_poweroff(struct device *dev)
289 {
290         return __adb_suspend(to_platform_device(dev), PMSG_HIBERNATE);
291 }
292
293 /*
294  * reset bus after sleep
295  */
296 static int __adb_resume(struct platform_device *dev)
297 {
298         adb_got_sleep = 0;
299         up(&adb_probe_mutex);
300         adb_reset_bus();
301
302         return 0;
303 }
304
305 static int adb_resume(struct device *dev)
306 {
307         return __adb_resume(to_platform_device(dev));
308 }
309 #endif /* CONFIG_PM */
310
311 static int __init adb_init(void)
312 {
313         struct adb_driver *driver;
314         int i;
315
316 #ifdef CONFIG_PPC32
317         if (!machine_is(chrp) && !machine_is(powermac))
318                 return 0;
319 #endif
320 #ifdef CONFIG_MAC
321         if (!MACH_IS_MAC)
322                 return 0;
323 #endif
324
325         /* xmon may do early-init */
326         if (adb_inited)
327                 return 0;
328         adb_inited = 1;
329                 
330         adb_controller = NULL;
331
332         i = 0;
333         while ((driver = adb_driver_list[i++]) != NULL) {
334                 if (!driver->probe()) {
335                         adb_controller = driver;
336                         break;
337                 }
338         }
339         if (adb_controller != NULL && adb_controller->init &&
340             adb_controller->init())
341                 adb_controller = NULL;
342         if (adb_controller == NULL) {
343                 printk(KERN_WARNING "Warning: no ADB interface detected\n");
344         } else {
345 #ifdef CONFIG_PPC
346                 if (of_machine_is_compatible("AAPL,PowerBook1998") ||
347                         of_machine_is_compatible("PowerBook1,1"))
348                         sleepy_trackpad = 1;
349 #endif /* CONFIG_PPC */
350
351                 adbdev_init();
352                 adb_reset_bus();
353         }
354         return 0;
355 }
356
357 device_initcall(adb_init);
358
359 static int
360 do_adb_reset_bus(void)
361 {
362         int ret;
363         
364         if (adb_controller == NULL)
365                 return -ENXIO;
366                 
367         if (adb_controller->autopoll)
368                 adb_controller->autopoll(0);
369
370         blocking_notifier_call_chain(&adb_client_list,
371                 ADB_MSG_PRE_RESET, NULL);
372
373         if (sleepy_trackpad) {
374                 /* Let the trackpad settle down */
375                 msleep(500);
376         }
377
378         mutex_lock(&adb_handler_mutex);
379         write_lock_irq(&adb_handler_lock);
380         memset(adb_handler, 0, sizeof(adb_handler));
381         write_unlock_irq(&adb_handler_lock);
382
383         /* That one is still a bit synchronous, oh well... */
384         if (adb_controller->reset_bus)
385                 ret = adb_controller->reset_bus();
386         else
387                 ret = 0;
388
389         if (sleepy_trackpad) {
390                 /* Let the trackpad settle down */
391                 msleep(1500);
392         }
393
394         if (!ret) {
395                 autopoll_devs = adb_scan_bus();
396                 if (adb_controller->autopoll)
397                         adb_controller->autopoll(autopoll_devs);
398         }
399         mutex_unlock(&adb_handler_mutex);
400
401         blocking_notifier_call_chain(&adb_client_list,
402                 ADB_MSG_POST_RESET, NULL);
403         
404         return ret;
405 }
406
407 void
408 adb_poll(void)
409 {
410         if ((adb_controller == NULL)||(adb_controller->poll == NULL))
411                 return;
412         adb_controller->poll();
413 }
414 EXPORT_SYMBOL(adb_poll);
415
416 static void adb_sync_req_done(struct adb_request *req)
417 {
418         struct completion *comp = req->arg;
419
420         complete(comp);
421 }
422
423 int
424 adb_request(struct adb_request *req, void (*done)(struct adb_request *),
425             int flags, int nbytes, ...)
426 {
427         va_list list;
428         int i;
429         int rc;
430         struct completion comp;
431
432         if ((adb_controller == NULL) || (adb_controller->send_request == NULL))
433                 return -ENXIO;
434         if (nbytes < 1)
435                 return -EINVAL;
436
437         req->nbytes = nbytes+1;
438         req->done = done;
439         req->reply_expected = flags & ADBREQ_REPLY;
440         req->data[0] = ADB_PACKET;
441         va_start(list, nbytes);
442         for (i = 0; i < nbytes; ++i)
443                 req->data[i+1] = va_arg(list, int);
444         va_end(list);
445
446         if (flags & ADBREQ_NOSEND)
447                 return 0;
448
449         /* Synchronous requests block using an on-stack completion */
450         if (flags & ADBREQ_SYNC) {
451                 WARN_ON(done);
452                 req->done = adb_sync_req_done;
453                 req->arg = &comp;
454                 init_completion(&comp);
455         }
456
457         rc = adb_controller->send_request(req, 0);
458
459         if ((flags & ADBREQ_SYNC) && !rc && !req->complete)
460                 wait_for_completion(&comp);
461
462         return rc;
463 }
464 EXPORT_SYMBOL(adb_request);
465
466  /* Ultimately this should return the number of devices with
467     the given default id.
468     And it does it now ! Note: changed behaviour: This function
469     will now register if default_id _and_ handler_id both match
470     but handler_id can be left to 0 to match with default_id only.
471     When handler_id is set, this function will try to adjust
472     the handler_id id it doesn't match. */
473 int
474 adb_register(int default_id, int handler_id, struct adb_ids *ids,
475              void (*handler)(unsigned char *, int, int))
476 {
477         int i;
478
479         mutex_lock(&adb_handler_mutex);
480         ids->nids = 0;
481         for (i = 1; i < 16; i++) {
482                 if ((adb_handler[i].original_address == default_id) &&
483                     (!handler_id || (handler_id == adb_handler[i].handler_id) || 
484                     try_handler_change(i, handler_id))) {
485                         if (adb_handler[i].handler != 0) {
486                                 printk(KERN_ERR
487                                        "Two handlers for ADB device %d\n",
488                                        default_id);
489                                 continue;
490                         }
491                         write_lock_irq(&adb_handler_lock);
492                         adb_handler[i].handler = handler;
493                         write_unlock_irq(&adb_handler_lock);
494                         ids->id[ids->nids++] = i;
495                 }
496         }
497         mutex_unlock(&adb_handler_mutex);
498         return ids->nids;
499 }
500 EXPORT_SYMBOL(adb_register);
501
502 int
503 adb_unregister(int index)
504 {
505         int ret = -ENODEV;
506
507         mutex_lock(&adb_handler_mutex);
508         write_lock_irq(&adb_handler_lock);
509         if (adb_handler[index].handler) {
510                 while(adb_handler[index].busy) {
511                         write_unlock_irq(&adb_handler_lock);
512                         yield();
513                         write_lock_irq(&adb_handler_lock);
514                 }
515                 ret = 0;
516                 adb_handler[index].handler = NULL;
517         }
518         write_unlock_irq(&adb_handler_lock);
519         mutex_unlock(&adb_handler_mutex);
520         return ret;
521 }
522 EXPORT_SYMBOL(adb_unregister);
523
524 void
525 adb_input(unsigned char *buf, int nb, int autopoll)
526 {
527         int i, id;
528         static int dump_adb_input;
529         unsigned long flags;
530         
531         void (*handler)(unsigned char *, int, int);
532
533         /* We skip keystrokes and mouse moves when the sleep process
534          * has been started. We stop autopoll, but this is another security
535          */
536         if (adb_got_sleep)
537                 return;
538                 
539         id = buf[0] >> 4;
540         if (dump_adb_input) {
541                 printk(KERN_INFO "adb packet: ");
542                 for (i = 0; i < nb; ++i)
543                         printk(" %x", buf[i]);
544                 printk(", id = %d\n", id);
545         }
546         write_lock_irqsave(&adb_handler_lock, flags);
547         handler = adb_handler[id].handler;
548         if (handler != NULL)
549                 adb_handler[id].busy = 1;
550         write_unlock_irqrestore(&adb_handler_lock, flags);
551         if (handler != NULL) {
552                 (*handler)(buf, nb, autopoll);
553                 wmb();
554                 adb_handler[id].busy = 0;
555         }
556                 
557 }
558
559 /* Try to change handler to new_id. Will return 1 if successful. */
560 static int try_handler_change(int address, int new_id)
561 {
562         struct adb_request req;
563
564         if (adb_handler[address].handler_id == new_id)
565             return 1;
566         adb_request(&req, NULL, ADBREQ_SYNC, 3,
567             ADB_WRITEREG(address, 3), address | 0x20, new_id);
568         adb_request(&req, NULL, ADBREQ_SYNC | ADBREQ_REPLY, 1,
569             ADB_READREG(address, 3));
570         if (req.reply_len < 2)
571             return 0;
572         if (req.reply[2] != new_id)
573             return 0;
574         adb_handler[address].handler_id = req.reply[2];
575
576         return 1;
577 }
578
579 int
580 adb_try_handler_change(int address, int new_id)
581 {
582         int ret;
583
584         mutex_lock(&adb_handler_mutex);
585         ret = try_handler_change(address, new_id);
586         mutex_unlock(&adb_handler_mutex);
587         return ret;
588 }
589 EXPORT_SYMBOL(adb_try_handler_change);
590
591 int
592 adb_get_infos(int address, int *original_address, int *handler_id)
593 {
594         mutex_lock(&adb_handler_mutex);
595         *original_address = adb_handler[address].original_address;
596         *handler_id = adb_handler[address].handler_id;
597         mutex_unlock(&adb_handler_mutex);
598
599         return (*original_address != 0);
600 }
601
602
603 /*
604  * /dev/adb device driver.
605  */
606
607 #define ADB_MAJOR       56      /* major number for /dev/adb */
608
609 struct adbdev_state {
610         spinlock_t      lock;
611         atomic_t        n_pending;
612         struct adb_request *completed;
613         wait_queue_head_t wait_queue;
614         int             inuse;
615 };
616
617 static void adb_write_done(struct adb_request *req)
618 {
619         struct adbdev_state *state = (struct adbdev_state *) req->arg;
620         unsigned long flags;
621
622         if (!req->complete) {
623                 req->reply_len = 0;
624                 req->complete = 1;
625         }
626         spin_lock_irqsave(&state->lock, flags);
627         atomic_dec(&state->n_pending);
628         if (!state->inuse) {
629                 kfree(req);
630                 if (atomic_read(&state->n_pending) == 0) {
631                         spin_unlock_irqrestore(&state->lock, flags);
632                         kfree(state);
633                         return;
634                 }
635         } else {
636                 struct adb_request **ap = &state->completed;
637                 while (*ap != NULL)
638                         ap = &(*ap)->next;
639                 req->next = NULL;
640                 *ap = req;
641                 wake_up_interruptible(&state->wait_queue);
642         }
643         spin_unlock_irqrestore(&state->lock, flags);
644 }
645
646 static int
647 do_adb_query(struct adb_request *req)
648 {
649         int     ret = -EINVAL;
650
651         switch(req->data[1]) {
652         case ADB_QUERY_GETDEVINFO:
653                 if (req->nbytes < 3)
654                         break;
655                 mutex_lock(&adb_handler_mutex);
656                 req->reply[0] = adb_handler[req->data[2]].original_address;
657                 req->reply[1] = adb_handler[req->data[2]].handler_id;
658                 mutex_unlock(&adb_handler_mutex);
659                 req->complete = 1;
660                 req->reply_len = 2;
661                 adb_write_done(req);
662                 ret = 0;
663                 break;
664         }
665         return ret;
666 }
667
668 static int adb_open(struct inode *inode, struct file *file)
669 {
670         struct adbdev_state *state;
671         int ret = 0;
672
673         mutex_lock(&adb_mutex);
674         if (iminor(inode) > 0 || adb_controller == NULL) {
675                 ret = -ENXIO;
676                 goto out;
677         }
678         state = kmalloc(sizeof(struct adbdev_state), GFP_KERNEL);
679         if (state == 0) {
680                 ret = -ENOMEM;
681                 goto out;
682         }
683         file->private_data = state;
684         spin_lock_init(&state->lock);
685         atomic_set(&state->n_pending, 0);
686         state->completed = NULL;
687         init_waitqueue_head(&state->wait_queue);
688         state->inuse = 1;
689
690 out:
691         mutex_unlock(&adb_mutex);
692         return ret;
693 }
694
695 static int adb_release(struct inode *inode, struct file *file)
696 {
697         struct adbdev_state *state = file->private_data;
698         unsigned long flags;
699
700         mutex_lock(&adb_mutex);
701         if (state) {
702                 file->private_data = NULL;
703                 spin_lock_irqsave(&state->lock, flags);
704                 if (atomic_read(&state->n_pending) == 0
705                     && state->completed == NULL) {
706                         spin_unlock_irqrestore(&state->lock, flags);
707                         kfree(state);
708                 } else {
709                         state->inuse = 0;
710                         spin_unlock_irqrestore(&state->lock, flags);
711                 }
712         }
713         mutex_unlock(&adb_mutex);
714         return 0;
715 }
716
717 static ssize_t adb_read(struct file *file, char __user *buf,
718                         size_t count, loff_t *ppos)
719 {
720         int ret = 0;
721         struct adbdev_state *state = file->private_data;
722         struct adb_request *req;
723         DECLARE_WAITQUEUE(wait, current);
724         unsigned long flags;
725
726         if (count < 2)
727                 return -EINVAL;
728         if (count > sizeof(req->reply))
729                 count = sizeof(req->reply);
730         if (!access_ok(VERIFY_WRITE, buf, count))
731                 return -EFAULT;
732
733         req = NULL;
734         spin_lock_irqsave(&state->lock, flags);
735         add_wait_queue(&state->wait_queue, &wait);
736         set_current_state(TASK_INTERRUPTIBLE);
737
738         for (;;) {
739                 req = state->completed;
740                 if (req != NULL)
741                         state->completed = req->next;
742                 else if (atomic_read(&state->n_pending) == 0)
743                         ret = -EIO;
744                 if (req != NULL || ret != 0)
745                         break;
746                 
747                 if (file->f_flags & O_NONBLOCK) {
748                         ret = -EAGAIN;
749                         break;
750                 }
751                 if (signal_pending(current)) {
752                         ret = -ERESTARTSYS;
753                         break;
754                 }
755                 spin_unlock_irqrestore(&state->lock, flags);
756                 schedule();
757                 spin_lock_irqsave(&state->lock, flags);
758         }
759
760         set_current_state(TASK_RUNNING);
761         remove_wait_queue(&state->wait_queue, &wait);
762         spin_unlock_irqrestore(&state->lock, flags);
763         
764         if (ret)
765                 return ret;
766
767         ret = req->reply_len;
768         if (ret > count)
769                 ret = count;
770         if (ret > 0 && copy_to_user(buf, req->reply, ret))
771                 ret = -EFAULT;
772
773         kfree(req);
774         return ret;
775 }
776
777 static ssize_t adb_write(struct file *file, const char __user *buf,
778                          size_t count, loff_t *ppos)
779 {
780         int ret/*, i*/;
781         struct adbdev_state *state = file->private_data;
782         struct adb_request *req;
783
784         if (count < 2 || count > sizeof(req->data))
785                 return -EINVAL;
786         if (adb_controller == NULL)
787                 return -ENXIO;
788         if (!access_ok(VERIFY_READ, buf, count))
789                 return -EFAULT;
790
791         req = kmalloc(sizeof(struct adb_request),
792                                              GFP_KERNEL);
793         if (req == NULL)
794                 return -ENOMEM;
795
796         req->nbytes = count;
797         req->done = adb_write_done;
798         req->arg = (void *) state;
799         req->complete = 0;
800         
801         ret = -EFAULT;
802         if (copy_from_user(req->data, buf, count))
803                 goto out;
804
805         atomic_inc(&state->n_pending);
806
807         /* If a probe is in progress or we are sleeping, wait for it to complete */
808         down(&adb_probe_mutex);
809
810         /* Queries are special requests sent to the ADB driver itself */
811         if (req->data[0] == ADB_QUERY) {
812                 if (count > 1)
813                         ret = do_adb_query(req);
814                 else
815                         ret = -EINVAL;
816                 up(&adb_probe_mutex);
817         }
818         /* Special case for ADB_BUSRESET request, all others are sent to
819            the controller */
820         else if ((req->data[0] == ADB_PACKET) && (count > 1)
821                 && (req->data[1] == ADB_BUSRESET)) {
822                 ret = do_adb_reset_bus();
823                 up(&adb_probe_mutex);
824                 atomic_dec(&state->n_pending);
825                 if (ret == 0)
826                         ret = count;
827                 goto out;
828         } else {        
829                 req->reply_expected = ((req->data[1] & 0xc) == 0xc);
830                 if (adb_controller && adb_controller->send_request)
831                         ret = adb_controller->send_request(req, 0);
832                 else
833                         ret = -ENXIO;
834                 up(&adb_probe_mutex);
835         }
836
837         if (ret != 0) {
838                 atomic_dec(&state->n_pending);
839                 goto out;
840         }
841         return count;
842
843 out:
844         kfree(req);
845         return ret;
846 }
847
848 static const struct file_operations adb_fops = {
849         .owner          = THIS_MODULE,
850         .llseek         = no_llseek,
851         .read           = adb_read,
852         .write          = adb_write,
853         .open           = adb_open,
854         .release        = adb_release,
855 };
856
857 #ifdef CONFIG_PM
858 static const struct dev_pm_ops adb_dev_pm_ops = {
859         .suspend = adb_suspend,
860         .resume = adb_resume,
861         /* Hibernate hooks */
862         .freeze = adb_freeze,
863         .thaw = adb_resume,
864         .poweroff = adb_poweroff,
865         .restore = adb_resume,
866 };
867 #endif
868
869 static struct platform_driver adb_pfdrv = {
870         .driver = {
871                 .name = "adb",
872 #ifdef CONFIG_PM
873                 .pm = &adb_dev_pm_ops,
874 #endif
875         },
876 };
877
878 static struct platform_device adb_pfdev = {
879         .name = "adb",
880 };
881
882 static int __init
883 adb_dummy_probe(struct platform_device *dev)
884 {
885         if (dev == &adb_pfdev)
886                 return 0;
887         return -ENODEV;
888 }
889
890 static void __init
891 adbdev_init(void)
892 {
893         if (register_chrdev(ADB_MAJOR, "adb", &adb_fops)) {
894                 printk(KERN_ERR "adb: unable to get major %d\n", ADB_MAJOR);
895                 return;
896         }
897
898         adb_dev_class = class_create(THIS_MODULE, "adb");
899         if (IS_ERR(adb_dev_class))
900                 return;
901         device_create(adb_dev_class, NULL, MKDEV(ADB_MAJOR, 0), NULL, "adb");
902
903         platform_device_register(&adb_pfdev);
904         platform_driver_probe(&adb_pfdrv, adb_dummy_probe);
905 }