Context Navigation

source: mainline/kernel/generic/src/ipc/irq.c@ 1ad52de

Visit:

lfn serial ticket/834-toolchain-update topic/msim-upgrade topic/simplify-dev-export

Last change on this file since 1ad52de was 78ffb70, checked in by Jakub Jermar <jakub@…>, 15 years ago
ipc_irq_register() and ipc_irq_unregister() should check for out-of-limit INRs passed from userspace.
Property mode set to `100644`
File size: 14.0 KB

Line
1	/*
2	* Copyright (c) 2006 Ondrej Palkovsky
3	* Copyright (c) 2006 Jakub Jermar
4	* All rights reserved.
5	*
6	* Redistribution and use in source and binary forms, with or without
7	* modification, are permitted provided that the following conditions
8	* are met:
9	*
10	* - Redistributions of source code must retain the above copyright
11	* notice, this list of conditions and the following disclaimer.
12	* - Redistributions in binary form must reproduce the above copyright
13	* notice, this list of conditions and the following disclaimer in the
14	* documentation and/or other materials provided with the distribution.
15	* - The name of the author may not be used to endorse or promote products
16	* derived from this software without specific prior written permission.
17	*
18	* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
19	* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
20	* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
21	* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
22	* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
23	* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
24	* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
25	* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
26	* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
27	* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28	*/
29
30	/** @addtogroup genericipc
31	* @{
32	*/
33
34	/**
35	* @file
36	* @brief IRQ notification framework.
37	*
38	* This framework allows applications to register to receive a notification
39	* when interrupt is detected. The application may provide a simple 'top-half'
40	* handler as part of its registration, which can perform simple operations
41	* (read/write port/memory, add information to notification ipc message).
42	*
43	* The structure of a notification message is as follows:
44	* - IMETHOD: interface and method as registered by the SYS_IPC_REGISTER_IRQ
45	* syscall
46	* - ARG1: payload modified by a 'top-half' handler
47	* - ARG2: payload modified by a 'top-half' handler
48	* - ARG3: payload modified by a 'top-half' handler
49	* - ARG4: payload modified by a 'top-half' handler
50	* - ARG5: payload modified by a 'top-half' handler
51	* - in_phone_hash: interrupt counter (may be needed to assure correct order
52	* in multithreaded drivers)
53	*
54	* Note on synchronization for ipc_irq_register(), ipc_irq_unregister(),
55	* ipc_irq_cleanup() and IRQ handlers:
56	*
57	* By always taking all of the uspace IRQ hash table lock, IRQ structure lock
58	* and answerbox lock, we can rule out race conditions between the
59	* registration functions and also the cleanup function. Thus the observer can
60	* either see the IRQ structure present in both the hash table and the
61	* answerbox list or absent in both. Views in which the IRQ structure would be
62	* linked in the hash table but not in the answerbox list, or vice versa, are
63	* not possible.
64	*
65	* By always taking the hash table lock and the IRQ structure lock, we can
66	* rule out a scenario in which we would free up an IRQ structure, which is
67	* still referenced by, for example, an IRQ handler. The locking scheme forces
68	* us to lock the IRQ structure only after any progressing IRQs on that
69	* structure are finished. Because we hold the hash table lock, we prevent new
70	* IRQs from taking new references to the IRQ structure.
71	*
72	*/
73
74	#include <arch.h>
75	#include <mm/slab.h>
76	#include <errno.h>
77	#include <ddi/irq.h>
78	#include <ipc/ipc.h>
79	#include <ipc/irq.h>
80	#include <syscall/copy.h>
81	#include <console/console.h>
82	#include <print.h>
83
84	/** Free the top-half pseudocode.
85	*
86	* @param code Pointer to the top-half pseudocode.
87	*
88	*/
89	static void code_free(irq_code_t *code)
90	{
91	if (code) {
92	free(code->cmds);
93	free(code);
94	}
95	}
96
97	/** Copy the top-half pseudocode from userspace into the kernel.
98	*
99	* @param ucode Userspace address of the top-half pseudocode.
100	*
101	* @return Kernel address of the copied pseudocode.
102	*
103	*/
104	static irq_code_t code_from_uspace(irq_code_t ucode)
105	{
106	irq_code_t code = malloc(sizeof(code), 0);
107	int rc = copy_from_uspace(code, ucode, sizeof(*code));
108	if (rc != 0) {
109	free(code);
110	return NULL;
111	}
112
113	if (code->cmdcount > IRQ_MAX_PROG_SIZE) {
114	free(code);
115	return NULL;
116	}
117
118	irq_cmd_t *ucmds = code->cmds;
119	code->cmds = malloc(sizeof(code->cmds[0]) * code->cmdcount, 0);
120	rc = copy_from_uspace(code->cmds, ucmds,
121	sizeof(code->cmds[0]) * code->cmdcount);
122	if (rc != 0) {
123	free(code->cmds);
124	free(code);
125	return NULL;
126	}
127
128	return code;
129	}
130
131	/** Register an answerbox as a receiving end for IRQ notifications.
132	*
133	* @param box Receiving answerbox.
134	* @param inr IRQ number.
135	* @param devno Device number.
136	* @param imethod Interface and method to be associated with the
137	* notification.
138	* @param ucode Uspace pointer to top-half pseudocode.
139	* @return EOK on success or a negative error code.
140	*
141	*/
142	int ipc_irq_register(answerbox_t *box, inr_t inr, devno_t devno,
143	sysarg_t imethod, irq_code_t *ucode)
144	{
145	sysarg_t key[] = {
146	(sysarg_t) inr,
147	(sysarg_t) devno
148	};
149
150	if ((inr < 0) \|\| (inr > last_inr))
151	return ELIMIT;
152
153	irq_code_t *code;
154	if (ucode) {
155	code = code_from_uspace(ucode);
156	if (!code)
157	return EBADMEM;
158	} else
159	code = NULL;
160
161	/*
162	* Allocate and populate the IRQ structure.
163	*/
164	irq_t *irq = malloc(sizeof(irq_t), 0);
165
166	irq_initialize(irq);
167	irq->devno = devno;
168	irq->inr = inr;
169	irq->claim = ipc_irq_top_half_claim;
170	irq->handler = ipc_irq_top_half_handler;
171	irq->notif_cfg.notify = true;
172	irq->notif_cfg.answerbox = box;
173	irq->notif_cfg.imethod = imethod;
174	irq->notif_cfg.code = code;
175	irq->notif_cfg.counter = 0;
176
177	/*
178	* Enlist the IRQ structure in the uspace IRQ hash table and the
179	* answerbox's list.
180	*/
181	irq_spinlock_lock(&irq_uspace_hash_table_lock, true);
182
183	link_t *hlp = hash_table_find(&irq_uspace_hash_table, key);
184	if (hlp) {
185	irq_t *hirq = hash_table_get_instance(hlp, irq_t, link);
186
187	/* hirq is locked */
188	irq_spinlock_unlock(&hirq->lock, false);
189	code_free(code);
190	irq_spinlock_unlock(&irq_uspace_hash_table_lock, true);
191
192	free(irq);
193	return EEXISTS;
194	}
195
196	/* Locking is not really necessary, but paranoid */
197	irq_spinlock_lock(&irq->lock, false);
198	irq_spinlock_lock(&box->irq_lock, false);
199
200	hash_table_insert(&irq_uspace_hash_table, key, &irq->link);
201	list_append(&irq->notif_cfg.link, &box->irq_head);
202
203	irq_spinlock_unlock(&box->irq_lock, false);
204	irq_spinlock_unlock(&irq->lock, false);
205	irq_spinlock_unlock(&irq_uspace_hash_table_lock, true);
206
207	return EOK;
208	}
209
210	/** Unregister task from IRQ notification.
211	*
212	* @param box Answerbox associated with the notification.
213	* @param inr IRQ number.
214	* @param devno Device number.
215	* @return EOK on success or a negative error code.
216	*/
217	int ipc_irq_unregister(answerbox_t *box, inr_t inr, devno_t devno)
218	{
219	sysarg_t key[] = {
220	(sysarg_t) inr,
221	(sysarg_t) devno
222	};
223
224	if ((inr < 0) \|\| (inr > last_inr))
225	return ELIMIT;
226
227	irq_spinlock_lock(&irq_uspace_hash_table_lock, true);
228	link_t *lnk = hash_table_find(&irq_uspace_hash_table, key);
229	if (!lnk) {
230	irq_spinlock_unlock(&irq_uspace_hash_table_lock, true);
231	return ENOENT;
232	}
233
234	irq_t *irq = hash_table_get_instance(lnk, irq_t, link);
235
236	/* irq is locked */
237	irq_spinlock_lock(&box->irq_lock, false);
238
239	ASSERT(irq->notif_cfg.answerbox == box);
240
241	/* Free up the pseudo code and associated structures. */
242	code_free(irq->notif_cfg.code);
243
244	/* Remove the IRQ from the answerbox's list. */
245	list_remove(&irq->notif_cfg.link);
246
247	/*
248	* We need to drop the IRQ lock now because hash_table_remove() will try
249	* to reacquire it. That basically violates the natural locking order,
250	* but a deadlock in hash_table_remove() is prevented by the fact that
251	* we already held the IRQ lock and didn't drop the hash table lock in
252	* the meantime.
253	*/
254	irq_spinlock_unlock(&irq->lock, false);
255
256	/* Remove the IRQ from the uspace IRQ hash table. */
257	hash_table_remove(&irq_uspace_hash_table, key, 2);
258
259	irq_spinlock_unlock(&box->irq_lock, false);
260	irq_spinlock_unlock(&irq_uspace_hash_table_lock, true);
261
262	/* Free up the IRQ structure. */
263	free(irq);
264
265	return EOK;
266	}
267
268	/** Disconnect all IRQ notifications from an answerbox.
269	*
270	* This function is effective because the answerbox contains
271	* list of all irq_t structures that are registered to
272	* send notifications to it.
273	*
274	* @param box Answerbox for which we want to carry out the cleanup.
275	*
276	*/
277	void ipc_irq_cleanup(answerbox_t *box)
278	{
279	loop:
280	irq_spinlock_lock(&irq_uspace_hash_table_lock, true);
281	irq_spinlock_lock(&box->irq_lock, false);
282
283	while (box->irq_head.next != &box->irq_head) {
284	DEADLOCK_PROBE_INIT(p_irqlock);
285
286	irq_t *irq = list_get_instance(box->irq_head.next, irq_t,
287	notif_cfg.link);
288
289	if (!irq_spinlock_trylock(&irq->lock)) {
290	/*
291	* Avoid deadlock by trying again.
292	*/
293	irq_spinlock_unlock(&box->irq_lock, false);
294	irq_spinlock_unlock(&irq_uspace_hash_table_lock, true);
295	DEADLOCK_PROBE(p_irqlock, DEADLOCK_THRESHOLD);
296	goto loop;
297	}
298
299	sysarg_t key[2];
300	key[0] = irq->inr;
301	key[1] = irq->devno;
302
303	ASSERT(irq->notif_cfg.answerbox == box);
304
305	/* Unlist from the answerbox. */
306	list_remove(&irq->notif_cfg.link);
307
308	/* Free up the pseudo code and associated structures. */
309	code_free(irq->notif_cfg.code);
310
311	/*
312	* We need to drop the IRQ lock now because hash_table_remove()
313	* will try to reacquire it. That basically violates the natural
314	* locking order, but a deadlock in hash_table_remove() is
315	* prevented by the fact that we already held the IRQ lock and
316	* didn't drop the hash table lock in the meantime.
317	*/
318	irq_spinlock_unlock(&irq->lock, false);
319
320	/* Remove from the hash table. */
321	hash_table_remove(&irq_uspace_hash_table, key, 2);
322
323	free(irq);
324	}
325
326	irq_spinlock_unlock(&box->irq_lock, false);
327	irq_spinlock_unlock(&irq_uspace_hash_table_lock, true);
328	}
329
330	/** Add a call to the proper answerbox queue.
331	*
332	* Assume irq->lock is locked and interrupts disabled.
333	*
334	* @param irq IRQ structure referencing the target answerbox.
335	* @param call IRQ notification call.
336	*
337	*/
338	static void send_call(irq_t irq, call_t call)
339	{
340	irq_spinlock_lock(&irq->notif_cfg.answerbox->irq_lock, false);
341	list_append(&call->link, &irq->notif_cfg.answerbox->irq_notifs);
342	irq_spinlock_unlock(&irq->notif_cfg.answerbox->irq_lock, false);
343
344	waitq_wakeup(&irq->notif_cfg.answerbox->wq, WAKEUP_FIRST);
345	}
346
347	/** Apply the top-half pseudo code to find out whether to accept the IRQ or not.
348	*
349	* @param irq IRQ structure.
350	*
351	* @return IRQ_ACCEPT if the interrupt is accepted by the
352	* pseudocode, IRQ_DECLINE otherwise.
353	*
354	*/
355	irq_ownership_t ipc_irq_top_half_claim(irq_t *irq)
356	{
357	irq_code_t *code = irq->notif_cfg.code;
358	uint32_t *scratch = irq->notif_cfg.scratch;
359
360	if (!irq->notif_cfg.notify)
361	return IRQ_DECLINE;
362
363	if (!code)
364	return IRQ_DECLINE;
365
366	size_t i;
367	for (i = 0; i < code->cmdcount; i++) {
368	uint32_t dstval;
369	uintptr_t srcarg = code->cmds[i].srcarg;
370	uintptr_t dstarg = code->cmds[i].dstarg;
371
372	if (srcarg >= IPC_CALL_LEN)
373	break;
374
375	if (dstarg >= IPC_CALL_LEN)
376	break;
377
378	switch (code->cmds[i].cmd) {
379	case CMD_PIO_READ_8:
380	dstval = pio_read_8((ioport8_t *) code->cmds[i].addr);
381	if (dstarg)
382	scratch[dstarg] = dstval;
383	break;
384	case CMD_PIO_READ_16:
385	dstval = pio_read_16((ioport16_t *) code->cmds[i].addr);
386	if (dstarg)
387	scratch[dstarg] = dstval;
388	break;
389	case CMD_PIO_READ_32:
390	dstval = pio_read_32((ioport32_t *) code->cmds[i].addr);
391	if (dstarg)
392	scratch[dstarg] = dstval;
393	break;
394	case CMD_PIO_WRITE_8:
395	pio_write_8((ioport8_t *) code->cmds[i].addr,
396	(uint8_t) code->cmds[i].value);
397	break;
398	case CMD_PIO_WRITE_16:
399	pio_write_16((ioport16_t *) code->cmds[i].addr,
400	(uint16_t) code->cmds[i].value);
401	break;
402	case CMD_PIO_WRITE_32:
403	pio_write_32((ioport32_t *) code->cmds[i].addr,
404	(uint32_t) code->cmds[i].value);
405	break;
406	case CMD_BTEST:
407	if ((srcarg) && (dstarg)) {
408	dstval = scratch[srcarg] & code->cmds[i].value;
409	scratch[dstarg] = dstval;
410	}
411	break;
412	case CMD_PREDICATE:
413	if ((srcarg) && (!scratch[srcarg])) {
414	i += code->cmds[i].value;
415	continue;
416	}
417	break;
418	case CMD_ACCEPT:
419	return IRQ_ACCEPT;
420	case CMD_DECLINE:
421	default:
422	return IRQ_DECLINE;
423	}
424	}
425
426	return IRQ_DECLINE;
427	}
428
429	/* IRQ top-half handler.
430	*
431	* We expect interrupts to be disabled and the irq->lock already held.
432	*
433	* @param irq IRQ structure.
434	*
435	*/
436	void ipc_irq_top_half_handler(irq_t *irq)
437	{
438	ASSERT(irq);
439
440	ASSERT(interrupts_disabled());
441	ASSERT(irq_spinlock_locked(&irq->lock));
442
443	if (irq->notif_cfg.answerbox) {
444	call_t *call = ipc_call_alloc(FRAME_ATOMIC);
445	if (!call)
446	return;
447
448	call->flags \|= IPC_CALL_NOTIF;
449	/* Put a counter to the message */
450	call->priv = ++irq->notif_cfg.counter;
451
452	/* Set up args */
453	IPC_SET_IMETHOD(call->data, irq->notif_cfg.imethod);
454	IPC_SET_ARG1(call->data, irq->notif_cfg.scratch[1]);
455	IPC_SET_ARG2(call->data, irq->notif_cfg.scratch[2]);
456	IPC_SET_ARG3(call->data, irq->notif_cfg.scratch[3]);
457	IPC_SET_ARG4(call->data, irq->notif_cfg.scratch[4]);
458	IPC_SET_ARG5(call->data, irq->notif_cfg.scratch[5]);
459
460	send_call(irq, call);
461	}
462	}
463
464	/** Send notification message.
465	*
466	* @param irq IRQ structure.
467	* @param a1 Driver-specific payload argument.
468	* @param a2 Driver-specific payload argument.
469	* @param a3 Driver-specific payload argument.
470	* @param a4 Driver-specific payload argument.
471	* @param a5 Driver-specific payload argument.
472	*
473	*/
474	void ipc_irq_send_msg(irq_t *irq, sysarg_t a1, sysarg_t a2, sysarg_t a3,
475	sysarg_t a4, sysarg_t a5)
476	{
477	irq_spinlock_lock(&irq->lock, true);
478
479	if (irq->notif_cfg.answerbox) {
480	call_t *call = ipc_call_alloc(FRAME_ATOMIC);
481	if (!call) {
482	irq_spinlock_unlock(&irq->lock, true);
483	return;
484	}
485
486	call->flags \|= IPC_CALL_NOTIF;
487	/* Put a counter to the message */
488	call->priv = ++irq->notif_cfg.counter;
489
490	IPC_SET_IMETHOD(call->data, irq->notif_cfg.imethod);
491	IPC_SET_ARG1(call->data, a1);
492	IPC_SET_ARG2(call->data, a2);
493	IPC_SET_ARG3(call->data, a3);
494	IPC_SET_ARG4(call->data, a4);
495	IPC_SET_ARG5(call->data, a5);
496
497	send_call(irq, call);
498	}
499
500	irq_spinlock_unlock(&irq->lock, true);
501	}
502
503	/** @}
504	*/

Note: See TracBrowser for help on using the repository browser.

Download in other formats: