1 /*
2 * Routines for driver control interface
3 * Copyright (c) by Jaroslav Kysela <perex@perex.cz>
4 *
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 2 of the License, or
9 * (at your option) any later version.
10 *
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, write to the Free Software
18 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
19 *
20 */
21
22 #include <linux/threads.h>
23 #include <linux/interrupt.h>
24 #include <linux/module.h>
25 #include <linux/slab.h>
26 #include <linux/vmalloc.h>
27 #include <linux/time.h>
28 #include <sound/core.h>
29 #include <sound/minors.h>
30 #include <sound/info.h>
31 #include <sound/control.h>
32
33 /* max number of user-defined controls */
34 #define MAX_USER_CONTROLS 32
35 #define MAX_CONTROL_COUNT 1028
36
37 struct snd_kctl_ioctl {
38 struct list_head list; /* list of all ioctls */
39 snd_kctl_ioctl_func_t fioctl;
40 };
41
42 static DECLARE_RWSEM(snd_ioctl_rwsem);
43 static LIST_HEAD(snd_control_ioctls);
44 #ifdef CONFIG_COMPAT
45 static LIST_HEAD(snd_control_compat_ioctls);
46 #endif
47
snd_ctl_open(struct inode * inode,struct file * file)48 static int snd_ctl_open(struct inode *inode, struct file *file)
49 {
50 unsigned long flags;
51 struct snd_card *card;
52 struct snd_ctl_file *ctl;
53 int err;
54
55 err = nonseekable_open(inode, file);
56 if (err < 0)
57 return err;
58
59 card = snd_lookup_minor_data(iminor(inode), SNDRV_DEVICE_TYPE_CONTROL);
60 if (!card) {
61 err = -ENODEV;
62 goto __error1;
63 }
64 err = snd_card_file_add(card, file);
65 if (err < 0) {
66 err = -ENODEV;
67 goto __error1;
68 }
69 if (!try_module_get(card->module)) {
70 err = -EFAULT;
71 goto __error2;
72 }
73 ctl = kzalloc(sizeof(*ctl), GFP_KERNEL);
74 if (ctl == NULL) {
75 err = -ENOMEM;
76 goto __error;
77 }
78 INIT_LIST_HEAD(&ctl->events);
79 init_waitqueue_head(&ctl->change_sleep);
80 spin_lock_init(&ctl->read_lock);
81 ctl->card = card;
82 ctl->prefer_pcm_subdevice = -1;
83 ctl->prefer_rawmidi_subdevice = -1;
84 ctl->pid = get_pid(task_pid(current));
85 file->private_data = ctl;
86 write_lock_irqsave(&card->ctl_files_rwlock, flags);
87 list_add_tail(&ctl->list, &card->ctl_files);
88 write_unlock_irqrestore(&card->ctl_files_rwlock, flags);
89 snd_card_unref(card);
90 return 0;
91
92 __error:
93 module_put(card->module);
94 __error2:
95 snd_card_file_remove(card, file);
96 __error1:
97 if (card)
98 snd_card_unref(card);
99 return err;
100 }
101
snd_ctl_empty_read_queue(struct snd_ctl_file * ctl)102 static void snd_ctl_empty_read_queue(struct snd_ctl_file * ctl)
103 {
104 unsigned long flags;
105 struct snd_kctl_event *cread;
106
107 spin_lock_irqsave(&ctl->read_lock, flags);
108 while (!list_empty(&ctl->events)) {
109 cread = snd_kctl_event(ctl->events.next);
110 list_del(&cread->list);
111 kfree(cread);
112 }
113 spin_unlock_irqrestore(&ctl->read_lock, flags);
114 }
115
snd_ctl_release(struct inode * inode,struct file * file)116 static int snd_ctl_release(struct inode *inode, struct file *file)
117 {
118 unsigned long flags;
119 struct snd_card *card;
120 struct snd_ctl_file *ctl;
121 struct snd_kcontrol *control;
122 unsigned int idx;
123
124 ctl = file->private_data;
125 file->private_data = NULL;
126 card = ctl->card;
127 write_lock_irqsave(&card->ctl_files_rwlock, flags);
128 list_del(&ctl->list);
129 write_unlock_irqrestore(&card->ctl_files_rwlock, flags);
130 down_write(&card->controls_rwsem);
131 list_for_each_entry(control, &card->controls, list)
132 for (idx = 0; idx < control->count; idx++)
133 if (control->vd[idx].owner == ctl)
134 control->vd[idx].owner = NULL;
135 up_write(&card->controls_rwsem);
136 snd_ctl_empty_read_queue(ctl);
137 put_pid(ctl->pid);
138 kfree(ctl);
139 module_put(card->module);
140 snd_card_file_remove(card, file);
141 return 0;
142 }
143
snd_ctl_notify(struct snd_card * card,unsigned int mask,struct snd_ctl_elem_id * id)144 void snd_ctl_notify(struct snd_card *card, unsigned int mask,
145 struct snd_ctl_elem_id *id)
146 {
147 unsigned long flags;
148 struct snd_ctl_file *ctl;
149 struct snd_kctl_event *ev;
150
151 if (snd_BUG_ON(!card || !id))
152 return;
153 read_lock(&card->ctl_files_rwlock);
154 #if defined(CONFIG_SND_MIXER_OSS) || defined(CONFIG_SND_MIXER_OSS_MODULE)
155 card->mixer_oss_change_count++;
156 #endif
157 list_for_each_entry(ctl, &card->ctl_files, list) {
158 if (!ctl->subscribed)
159 continue;
160 spin_lock_irqsave(&ctl->read_lock, flags);
161 list_for_each_entry(ev, &ctl->events, list) {
162 if (ev->id.numid == id->numid) {
163 ev->mask |= mask;
164 goto _found;
165 }
166 }
167 ev = kzalloc(sizeof(*ev), GFP_ATOMIC);
168 if (ev) {
169 ev->id = *id;
170 ev->mask = mask;
171 list_add_tail(&ev->list, &ctl->events);
172 } else {
173 snd_printk(KERN_ERR "No memory available to allocate event\n");
174 }
175 _found:
176 wake_up(&ctl->change_sleep);
177 spin_unlock_irqrestore(&ctl->read_lock, flags);
178 kill_fasync(&ctl->fasync, SIGIO, POLL_IN);
179 }
180 read_unlock(&card->ctl_files_rwlock);
181 }
182
183 EXPORT_SYMBOL(snd_ctl_notify);
184
185 /**
186 * snd_ctl_new - create a control instance from the template
187 * @control: the control template
188 * @access: the default control access
189 *
190 * Allocates a new struct snd_kcontrol instance and copies the given template
191 * to the new instance. It does not copy volatile data (access).
192 *
193 * Returns the pointer of the new instance, or NULL on failure.
194 */
snd_ctl_new(struct snd_kcontrol * control,unsigned int access)195 static struct snd_kcontrol *snd_ctl_new(struct snd_kcontrol *control,
196 unsigned int access)
197 {
198 struct snd_kcontrol *kctl;
199 unsigned int idx;
200
201 if (snd_BUG_ON(!control || !control->count))
202 return NULL;
203
204 if (control->count > MAX_CONTROL_COUNT)
205 return NULL;
206
207 kctl = kzalloc(sizeof(*kctl) + sizeof(struct snd_kcontrol_volatile) * control->count, GFP_KERNEL);
208 if (kctl == NULL) {
209 snd_printk(KERN_ERR "Cannot allocate control instance\n");
210 return NULL;
211 }
212 *kctl = *control;
213 for (idx = 0; idx < kctl->count; idx++)
214 kctl->vd[idx].access = access;
215 return kctl;
216 }
217
218 /**
219 * snd_ctl_new1 - create a control instance from the template
220 * @ncontrol: the initialization record
221 * @private_data: the private data to set
222 *
223 * Allocates a new struct snd_kcontrol instance and initialize from the given
224 * template. When the access field of ncontrol is 0, it's assumed as
225 * READWRITE access. When the count field is 0, it's assumes as one.
226 *
227 * Returns the pointer of the newly generated instance, or NULL on failure.
228 */
snd_ctl_new1(const struct snd_kcontrol_new * ncontrol,void * private_data)229 struct snd_kcontrol *snd_ctl_new1(const struct snd_kcontrol_new *ncontrol,
230 void *private_data)
231 {
232 struct snd_kcontrol kctl;
233 unsigned int access;
234
235 if (snd_BUG_ON(!ncontrol || !ncontrol->info))
236 return NULL;
237 memset(&kctl, 0, sizeof(kctl));
238 kctl.id.iface = ncontrol->iface;
239 kctl.id.device = ncontrol->device;
240 kctl.id.subdevice = ncontrol->subdevice;
241 if (ncontrol->name) {
242 strlcpy(kctl.id.name, ncontrol->name, sizeof(kctl.id.name));
243 if (strcmp(ncontrol->name, kctl.id.name) != 0)
244 snd_printk(KERN_WARNING
245 "Control name '%s' truncated to '%s'\n",
246 ncontrol->name, kctl.id.name);
247 }
248 kctl.id.index = ncontrol->index;
249 kctl.count = ncontrol->count ? ncontrol->count : 1;
250 access = ncontrol->access == 0 ? SNDRV_CTL_ELEM_ACCESS_READWRITE :
251 (ncontrol->access & (SNDRV_CTL_ELEM_ACCESS_READWRITE|
252 SNDRV_CTL_ELEM_ACCESS_INACTIVE|
253 SNDRV_CTL_ELEM_ACCESS_TLV_READWRITE|
254 SNDRV_CTL_ELEM_ACCESS_TLV_COMMAND|
255 SNDRV_CTL_ELEM_ACCESS_TLV_CALLBACK));
256 kctl.info = ncontrol->info;
257 kctl.get = ncontrol->get;
258 kctl.put = ncontrol->put;
259 kctl.tlv.p = ncontrol->tlv.p;
260 kctl.private_value = ncontrol->private_value;
261 kctl.private_data = private_data;
262 return snd_ctl_new(&kctl, access);
263 }
264
265 EXPORT_SYMBOL(snd_ctl_new1);
266
267 /**
268 * snd_ctl_free_one - release the control instance
269 * @kcontrol: the control instance
270 *
271 * Releases the control instance created via snd_ctl_new()
272 * or snd_ctl_new1().
273 * Don't call this after the control was added to the card.
274 */
snd_ctl_free_one(struct snd_kcontrol * kcontrol)275 void snd_ctl_free_one(struct snd_kcontrol *kcontrol)
276 {
277 if (kcontrol) {
278 if (kcontrol->private_free)
279 kcontrol->private_free(kcontrol);
280 kfree(kcontrol);
281 }
282 }
283
284 EXPORT_SYMBOL(snd_ctl_free_one);
285
snd_ctl_remove_numid_conflict(struct snd_card * card,unsigned int count)286 static bool snd_ctl_remove_numid_conflict(struct snd_card *card,
287 unsigned int count)
288 {
289 struct snd_kcontrol *kctl;
290
291 /* Make sure that the ids assigned to the control do not wrap around */
292 if (card->last_numid >= UINT_MAX - count)
293 card->last_numid = 0;
294
295 list_for_each_entry(kctl, &card->controls, list) {
296 if (kctl->id.numid < card->last_numid + 1 + count &&
297 kctl->id.numid + kctl->count > card->last_numid + 1) {
298 card->last_numid = kctl->id.numid + kctl->count - 1;
299 return true;
300 }
301 }
302 return false;
303 }
304
snd_ctl_find_hole(struct snd_card * card,unsigned int count)305 static int snd_ctl_find_hole(struct snd_card *card, unsigned int count)
306 {
307 unsigned int iter = 100000;
308
309 while (snd_ctl_remove_numid_conflict(card, count)) {
310 if (--iter == 0) {
311 /* this situation is very unlikely */
312 snd_printk(KERN_ERR "unable to allocate new control numid\n");
313 return -ENOMEM;
314 }
315 }
316 return 0;
317 }
318
319 /**
320 * snd_ctl_add - add the control instance to the card
321 * @card: the card instance
322 * @kcontrol: the control instance to add
323 *
324 * Adds the control instance created via snd_ctl_new() or
325 * snd_ctl_new1() to the given card. Assigns also an unique
326 * numid used for fast search.
327 *
328 * Returns zero if successful, or a negative error code on failure.
329 *
330 * It frees automatically the control which cannot be added.
331 */
snd_ctl_add(struct snd_card * card,struct snd_kcontrol * kcontrol)332 int snd_ctl_add(struct snd_card *card, struct snd_kcontrol *kcontrol)
333 {
334 struct snd_ctl_elem_id id;
335 unsigned int idx;
336 unsigned int count;
337 int err = -EINVAL;
338
339 if (! kcontrol)
340 return err;
341 if (snd_BUG_ON(!card || !kcontrol->info))
342 goto error;
343 id = kcontrol->id;
344 if (id.index > UINT_MAX - kcontrol->count)
345 goto error;
346
347 down_write(&card->controls_rwsem);
348 if (snd_ctl_find_id(card, &id)) {
349 up_write(&card->controls_rwsem);
350 snd_printd(KERN_ERR "control %i:%i:%i:%s:%i is already present\n",
351 id.iface,
352 id.device,
353 id.subdevice,
354 id.name,
355 id.index);
356 err = -EBUSY;
357 goto error;
358 }
359 if (snd_ctl_find_hole(card, kcontrol->count) < 0) {
360 up_write(&card->controls_rwsem);
361 err = -ENOMEM;
362 goto error;
363 }
364 list_add_tail(&kcontrol->list, &card->controls);
365 card->controls_count += kcontrol->count;
366 kcontrol->id.numid = card->last_numid + 1;
367 card->last_numid += kcontrol->count;
368 count = kcontrol->count;
369 up_write(&card->controls_rwsem);
370 for (idx = 0; idx < count; idx++, id.index++, id.numid++)
371 snd_ctl_notify(card, SNDRV_CTL_EVENT_MASK_ADD, &id);
372 return 0;
373
374 error:
375 snd_ctl_free_one(kcontrol);
376 return err;
377 }
378
379 EXPORT_SYMBOL(snd_ctl_add);
380
381 /**
382 * snd_ctl_replace - replace the control instance of the card
383 * @card: the card instance
384 * @kcontrol: the control instance to replace
385 * @add_on_replace: add the control if not already added
386 *
387 * Replaces the given control. If the given control does not exist
388 * and the add_on_replace flag is set, the control is added. If the
389 * control exists, it is destroyed first.
390 *
391 * Returns zero if successful, or a negative error code on failure.
392 *
393 * It frees automatically the control which cannot be added or replaced.
394 */
snd_ctl_replace(struct snd_card * card,struct snd_kcontrol * kcontrol,bool add_on_replace)395 int snd_ctl_replace(struct snd_card *card, struct snd_kcontrol *kcontrol,
396 bool add_on_replace)
397 {
398 struct snd_ctl_elem_id id;
399 unsigned int count;
400 unsigned int idx;
401 struct snd_kcontrol *old;
402 int ret;
403
404 if (!kcontrol)
405 return -EINVAL;
406 if (snd_BUG_ON(!card || !kcontrol->info)) {
407 ret = -EINVAL;
408 goto error;
409 }
410 id = kcontrol->id;
411 down_write(&card->controls_rwsem);
412 old = snd_ctl_find_id(card, &id);
413 if (!old) {
414 if (add_on_replace)
415 goto add;
416 up_write(&card->controls_rwsem);
417 ret = -EINVAL;
418 goto error;
419 }
420 ret = snd_ctl_remove(card, old);
421 if (ret < 0) {
422 up_write(&card->controls_rwsem);
423 goto error;
424 }
425 add:
426 if (snd_ctl_find_hole(card, kcontrol->count) < 0) {
427 up_write(&card->controls_rwsem);
428 ret = -ENOMEM;
429 goto error;
430 }
431 list_add_tail(&kcontrol->list, &card->controls);
432 card->controls_count += kcontrol->count;
433 kcontrol->id.numid = card->last_numid + 1;
434 card->last_numid += kcontrol->count;
435 count = kcontrol->count;
436 up_write(&card->controls_rwsem);
437 for (idx = 0; idx < count; idx++, id.index++, id.numid++)
438 snd_ctl_notify(card, SNDRV_CTL_EVENT_MASK_ADD, &id);
439 return 0;
440
441 error:
442 snd_ctl_free_one(kcontrol);
443 return ret;
444 }
445 EXPORT_SYMBOL(snd_ctl_replace);
446
447 /**
448 * snd_ctl_remove - remove the control from the card and release it
449 * @card: the card instance
450 * @kcontrol: the control instance to remove
451 *
452 * Removes the control from the card and then releases the instance.
453 * You don't need to call snd_ctl_free_one(). You must be in
454 * the write lock - down_write(&card->controls_rwsem).
455 *
456 * Returns 0 if successful, or a negative error code on failure.
457 */
snd_ctl_remove(struct snd_card * card,struct snd_kcontrol * kcontrol)458 int snd_ctl_remove(struct snd_card *card, struct snd_kcontrol *kcontrol)
459 {
460 struct snd_ctl_elem_id id;
461 unsigned int idx;
462
463 if (snd_BUG_ON(!card || !kcontrol))
464 return -EINVAL;
465 list_del(&kcontrol->list);
466 card->controls_count -= kcontrol->count;
467 id = kcontrol->id;
468 for (idx = 0; idx < kcontrol->count; idx++, id.index++, id.numid++)
469 snd_ctl_notify(card, SNDRV_CTL_EVENT_MASK_REMOVE, &id);
470 snd_ctl_free_one(kcontrol);
471 return 0;
472 }
473
474 EXPORT_SYMBOL(snd_ctl_remove);
475
476 /**
477 * snd_ctl_remove_id - remove the control of the given id and release it
478 * @card: the card instance
479 * @id: the control id to remove
480 *
481 * Finds the control instance with the given id, removes it from the
482 * card list and releases it.
483 *
484 * Returns 0 if successful, or a negative error code on failure.
485 */
snd_ctl_remove_id(struct snd_card * card,struct snd_ctl_elem_id * id)486 int snd_ctl_remove_id(struct snd_card *card, struct snd_ctl_elem_id *id)
487 {
488 struct snd_kcontrol *kctl;
489 int ret;
490
491 down_write(&card->controls_rwsem);
492 kctl = snd_ctl_find_id(card, id);
493 if (kctl == NULL) {
494 up_write(&card->controls_rwsem);
495 return -ENOENT;
496 }
497 ret = snd_ctl_remove(card, kctl);
498 up_write(&card->controls_rwsem);
499 return ret;
500 }
501
502 EXPORT_SYMBOL(snd_ctl_remove_id);
503
504 /**
505 * snd_ctl_remove_user_ctl - remove and release the unlocked user control
506 * @file: active control handle
507 * @id: the control id to remove
508 *
509 * Finds the control instance with the given id, removes it from the
510 * card list and releases it.
511 *
512 * Returns 0 if successful, or a negative error code on failure.
513 */
snd_ctl_remove_user_ctl(struct snd_ctl_file * file,struct snd_ctl_elem_id * id)514 static int snd_ctl_remove_user_ctl(struct snd_ctl_file * file,
515 struct snd_ctl_elem_id *id)
516 {
517 struct snd_card *card = file->card;
518 struct snd_kcontrol *kctl;
519 int idx, ret;
520
521 down_write(&card->controls_rwsem);
522 kctl = snd_ctl_find_id(card, id);
523 if (kctl == NULL) {
524 ret = -ENOENT;
525 goto error;
526 }
527 if (!(kctl->vd[0].access & SNDRV_CTL_ELEM_ACCESS_USER)) {
528 ret = -EINVAL;
529 goto error;
530 }
531 for (idx = 0; idx < kctl->count; idx++)
532 if (kctl->vd[idx].owner != NULL && kctl->vd[idx].owner != file) {
533 ret = -EBUSY;
534 goto error;
535 }
536 ret = snd_ctl_remove(card, kctl);
537 if (ret < 0)
538 goto error;
539 card->user_ctl_count--;
540 error:
541 up_write(&card->controls_rwsem);
542 return ret;
543 }
544
545 /**
546 * snd_ctl_activate_id - activate/inactivate the control of the given id
547 * @card: the card instance
548 * @id: the control id to activate/inactivate
549 * @active: non-zero to activate
550 *
551 * Finds the control instance with the given id, and activate or
552 * inactivate the control together with notification, if changed.
553 *
554 * Returns 0 if unchanged, 1 if changed, or a negative error code on failure.
555 */
snd_ctl_activate_id(struct snd_card * card,struct snd_ctl_elem_id * id,int active)556 int snd_ctl_activate_id(struct snd_card *card, struct snd_ctl_elem_id *id,
557 int active)
558 {
559 struct snd_kcontrol *kctl;
560 struct snd_kcontrol_volatile *vd;
561 unsigned int index_offset;
562 int ret;
563
564 down_write(&card->controls_rwsem);
565 kctl = snd_ctl_find_id(card, id);
566 if (kctl == NULL) {
567 ret = -ENOENT;
568 goto unlock;
569 }
570 index_offset = snd_ctl_get_ioff(kctl, &kctl->id);
571 vd = &kctl->vd[index_offset];
572 ret = 0;
573 if (active) {
574 if (!(vd->access & SNDRV_CTL_ELEM_ACCESS_INACTIVE))
575 goto unlock;
576 vd->access &= ~SNDRV_CTL_ELEM_ACCESS_INACTIVE;
577 } else {
578 if (vd->access & SNDRV_CTL_ELEM_ACCESS_INACTIVE)
579 goto unlock;
580 vd->access |= SNDRV_CTL_ELEM_ACCESS_INACTIVE;
581 }
582 ret = 1;
583 unlock:
584 up_write(&card->controls_rwsem);
585 if (ret > 0)
586 snd_ctl_notify(card, SNDRV_CTL_EVENT_MASK_INFO, id);
587 return ret;
588 }
589 EXPORT_SYMBOL_GPL(snd_ctl_activate_id);
590
591 /**
592 * snd_ctl_rename_id - replace the id of a control on the card
593 * @card: the card instance
594 * @src_id: the old id
595 * @dst_id: the new id
596 *
597 * Finds the control with the old id from the card, and replaces the
598 * id with the new one.
599 *
600 * Returns zero if successful, or a negative error code on failure.
601 */
snd_ctl_rename_id(struct snd_card * card,struct snd_ctl_elem_id * src_id,struct snd_ctl_elem_id * dst_id)602 int snd_ctl_rename_id(struct snd_card *card, struct snd_ctl_elem_id *src_id,
603 struct snd_ctl_elem_id *dst_id)
604 {
605 struct snd_kcontrol *kctl;
606
607 down_write(&card->controls_rwsem);
608 kctl = snd_ctl_find_id(card, src_id);
609 if (kctl == NULL) {
610 up_write(&card->controls_rwsem);
611 return -ENOENT;
612 }
613 kctl->id = *dst_id;
614 kctl->id.numid = card->last_numid + 1;
615 card->last_numid += kctl->count;
616 up_write(&card->controls_rwsem);
617 return 0;
618 }
619
620 EXPORT_SYMBOL(snd_ctl_rename_id);
621
622 /**
623 * snd_ctl_find_numid - find the control instance with the given number-id
624 * @card: the card instance
625 * @numid: the number-id to search
626 *
627 * Finds the control instance with the given number-id from the card.
628 *
629 * Returns the pointer of the instance if found, or NULL if not.
630 *
631 * The caller must down card->controls_rwsem before calling this function
632 * (if the race condition can happen).
633 */
snd_ctl_find_numid(struct snd_card * card,unsigned int numid)634 struct snd_kcontrol *snd_ctl_find_numid(struct snd_card *card, unsigned int numid)
635 {
636 struct snd_kcontrol *kctl;
637
638 if (snd_BUG_ON(!card || !numid))
639 return NULL;
640 list_for_each_entry(kctl, &card->controls, list) {
641 if (kctl->id.numid <= numid && kctl->id.numid + kctl->count > numid)
642 return kctl;
643 }
644 return NULL;
645 }
646
647 EXPORT_SYMBOL(snd_ctl_find_numid);
648
649 /**
650 * snd_ctl_find_id - find the control instance with the given id
651 * @card: the card instance
652 * @id: the id to search
653 *
654 * Finds the control instance with the given id from the card.
655 *
656 * Returns the pointer of the instance if found, or NULL if not.
657 *
658 * The caller must down card->controls_rwsem before calling this function
659 * (if the race condition can happen).
660 */
snd_ctl_find_id(struct snd_card * card,struct snd_ctl_elem_id * id)661 struct snd_kcontrol *snd_ctl_find_id(struct snd_card *card,
662 struct snd_ctl_elem_id *id)
663 {
664 struct snd_kcontrol *kctl;
665
666 if (snd_BUG_ON(!card || !id))
667 return NULL;
668 if (id->numid != 0)
669 return snd_ctl_find_numid(card, id->numid);
670 list_for_each_entry(kctl, &card->controls, list) {
671 if (kctl->id.iface != id->iface)
672 continue;
673 if (kctl->id.device != id->device)
674 continue;
675 if (kctl->id.subdevice != id->subdevice)
676 continue;
677 if (strncmp(kctl->id.name, id->name, sizeof(kctl->id.name)))
678 continue;
679 if (kctl->id.index > id->index)
680 continue;
681 if (kctl->id.index + kctl->count <= id->index)
682 continue;
683 return kctl;
684 }
685 return NULL;
686 }
687
688 EXPORT_SYMBOL(snd_ctl_find_id);
689
snd_ctl_card_info(struct snd_card * card,struct snd_ctl_file * ctl,unsigned int cmd,void __user * arg)690 static int snd_ctl_card_info(struct snd_card *card, struct snd_ctl_file * ctl,
691 unsigned int cmd, void __user *arg)
692 {
693 struct snd_ctl_card_info *info;
694
695 info = kzalloc(sizeof(*info), GFP_KERNEL);
696 if (! info)
697 return -ENOMEM;
698 down_read(&snd_ioctl_rwsem);
699 info->card = card->number;
700 strlcpy(info->id, card->id, sizeof(info->id));
701 strlcpy(info->driver, card->driver, sizeof(info->driver));
702 strlcpy(info->name, card->shortname, sizeof(info->name));
703 strlcpy(info->longname, card->longname, sizeof(info->longname));
704 strlcpy(info->mixername, card->mixername, sizeof(info->mixername));
705 strlcpy(info->components, card->components, sizeof(info->components));
706 up_read(&snd_ioctl_rwsem);
707 if (copy_to_user(arg, info, sizeof(struct snd_ctl_card_info))) {
708 kfree(info);
709 return -EFAULT;
710 }
711 kfree(info);
712 return 0;
713 }
714
snd_ctl_elem_list(struct snd_card * card,struct snd_ctl_elem_list __user * _list)715 static int snd_ctl_elem_list(struct snd_card *card,
716 struct snd_ctl_elem_list __user *_list)
717 {
718 struct list_head *plist;
719 struct snd_ctl_elem_list list;
720 struct snd_kcontrol *kctl;
721 struct snd_ctl_elem_id *dst, *id;
722 unsigned int offset, space, jidx;
723
724 if (copy_from_user(&list, _list, sizeof(list)))
725 return -EFAULT;
726 offset = list.offset;
727 space = list.space;
728 /* try limit maximum space */
729 if (space > 16384)
730 return -ENOMEM;
731 if (space > 0) {
732 /* allocate temporary buffer for atomic operation */
733 dst = vmalloc(space * sizeof(struct snd_ctl_elem_id));
734 if (dst == NULL)
735 return -ENOMEM;
736 down_read(&card->controls_rwsem);
737 list.count = card->controls_count;
738 plist = card->controls.next;
739 while (plist != &card->controls) {
740 if (offset == 0)
741 break;
742 kctl = snd_kcontrol(plist);
743 if (offset < kctl->count)
744 break;
745 offset -= kctl->count;
746 plist = plist->next;
747 }
748 list.used = 0;
749 id = dst;
750 while (space > 0 && plist != &card->controls) {
751 kctl = snd_kcontrol(plist);
752 for (jidx = offset; space > 0 && jidx < kctl->count; jidx++) {
753 snd_ctl_build_ioff(id, kctl, jidx);
754 id++;
755 space--;
756 list.used++;
757 }
758 plist = plist->next;
759 offset = 0;
760 }
761 up_read(&card->controls_rwsem);
762 if (list.used > 0 &&
763 copy_to_user(list.pids, dst,
764 list.used * sizeof(struct snd_ctl_elem_id))) {
765 vfree(dst);
766 return -EFAULT;
767 }
768 vfree(dst);
769 } else {
770 down_read(&card->controls_rwsem);
771 list.count = card->controls_count;
772 up_read(&card->controls_rwsem);
773 }
774 if (copy_to_user(_list, &list, sizeof(list)))
775 return -EFAULT;
776 return 0;
777 }
778
snd_ctl_elem_info(struct snd_ctl_file * ctl,struct snd_ctl_elem_info * info)779 static int snd_ctl_elem_info(struct snd_ctl_file *ctl,
780 struct snd_ctl_elem_info *info)
781 {
782 struct snd_card *card = ctl->card;
783 struct snd_kcontrol *kctl;
784 struct snd_kcontrol_volatile *vd;
785 unsigned int index_offset;
786 int result;
787
788 down_read(&card->controls_rwsem);
789 kctl = snd_ctl_find_id(card, &info->id);
790 if (kctl == NULL) {
791 up_read(&card->controls_rwsem);
792 return -ENOENT;
793 }
794 #ifdef CONFIG_SND_DEBUG
795 info->access = 0;
796 #endif
797 result = kctl->info(kctl, info);
798 if (result >= 0) {
799 snd_BUG_ON(info->access);
800 index_offset = snd_ctl_get_ioff(kctl, &info->id);
801 vd = &kctl->vd[index_offset];
802 snd_ctl_build_ioff(&info->id, kctl, index_offset);
803 info->access = vd->access;
804 if (vd->owner) {
805 info->access |= SNDRV_CTL_ELEM_ACCESS_LOCK;
806 if (vd->owner == ctl)
807 info->access |= SNDRV_CTL_ELEM_ACCESS_OWNER;
808 info->owner = pid_vnr(vd->owner->pid);
809 } else {
810 info->owner = -1;
811 }
812 }
813 up_read(&card->controls_rwsem);
814 return result;
815 }
816
snd_ctl_elem_info_user(struct snd_ctl_file * ctl,struct snd_ctl_elem_info __user * _info)817 static int snd_ctl_elem_info_user(struct snd_ctl_file *ctl,
818 struct snd_ctl_elem_info __user *_info)
819 {
820 struct snd_ctl_elem_info info;
821 int result;
822
823 if (copy_from_user(&info, _info, sizeof(info)))
824 return -EFAULT;
825 snd_power_lock(ctl->card);
826 result = snd_power_wait(ctl->card, SNDRV_CTL_POWER_D0);
827 if (result >= 0)
828 result = snd_ctl_elem_info(ctl, &info);
829 snd_power_unlock(ctl->card);
830 if (result >= 0)
831 if (copy_to_user(_info, &info, sizeof(info)))
832 return -EFAULT;
833 return result;
834 }
835
snd_ctl_elem_read(struct snd_card * card,struct snd_ctl_elem_value * control)836 static int snd_ctl_elem_read(struct snd_card *card,
837 struct snd_ctl_elem_value *control)
838 {
839 struct snd_kcontrol *kctl;
840 struct snd_kcontrol_volatile *vd;
841 unsigned int index_offset;
842 int result;
843
844 down_read(&card->controls_rwsem);
845 kctl = snd_ctl_find_id(card, &control->id);
846 if (kctl == NULL) {
847 result = -ENOENT;
848 } else {
849 index_offset = snd_ctl_get_ioff(kctl, &control->id);
850 vd = &kctl->vd[index_offset];
851 if ((vd->access & SNDRV_CTL_ELEM_ACCESS_READ) &&
852 kctl->get != NULL) {
853 snd_ctl_build_ioff(&control->id, kctl, index_offset);
854 result = kctl->get(kctl, control);
855 } else
856 result = -EPERM;
857 }
858 up_read(&card->controls_rwsem);
859 return result;
860 }
861
snd_ctl_elem_read_user(struct snd_card * card,struct snd_ctl_elem_value __user * _control)862 static int snd_ctl_elem_read_user(struct snd_card *card,
863 struct snd_ctl_elem_value __user *_control)
864 {
865 struct snd_ctl_elem_value *control;
866 int result;
867
868 control = memdup_user(_control, sizeof(*control));
869 if (IS_ERR(control))
870 return PTR_ERR(control);
871
872 snd_power_lock(card);
873 result = snd_power_wait(card, SNDRV_CTL_POWER_D0);
874 if (result >= 0)
875 result = snd_ctl_elem_read(card, control);
876 snd_power_unlock(card);
877 if (result >= 0)
878 if (copy_to_user(_control, control, sizeof(*control)))
879 result = -EFAULT;
880 kfree(control);
881 return result;
882 }
883
snd_ctl_elem_write(struct snd_card * card,struct snd_ctl_file * file,struct snd_ctl_elem_value * control)884 static int snd_ctl_elem_write(struct snd_card *card, struct snd_ctl_file *file,
885 struct snd_ctl_elem_value *control)
886 {
887 struct snd_kcontrol *kctl;
888 struct snd_kcontrol_volatile *vd;
889 unsigned int index_offset;
890 int result;
891
892 down_read(&card->controls_rwsem);
893 kctl = snd_ctl_find_id(card, &control->id);
894 if (kctl == NULL) {
895 result = -ENOENT;
896 } else {
897 index_offset = snd_ctl_get_ioff(kctl, &control->id);
898 vd = &kctl->vd[index_offset];
899 if (!(vd->access & SNDRV_CTL_ELEM_ACCESS_WRITE) ||
900 kctl->put == NULL ||
901 (file && vd->owner && vd->owner != file)) {
902 result = -EPERM;
903 } else {
904 snd_ctl_build_ioff(&control->id, kctl, index_offset);
905 result = kctl->put(kctl, control);
906 }
907 if (result > 0) {
908 struct snd_ctl_elem_id id = control->id;
909 up_read(&card->controls_rwsem);
910 snd_ctl_notify(card, SNDRV_CTL_EVENT_MASK_VALUE, &id);
911 return 0;
912 }
913 }
914 up_read(&card->controls_rwsem);
915 return result;
916 }
917
snd_ctl_elem_write_user(struct snd_ctl_file * file,struct snd_ctl_elem_value __user * _control)918 static int snd_ctl_elem_write_user(struct snd_ctl_file *file,
919 struct snd_ctl_elem_value __user *_control)
920 {
921 struct snd_ctl_elem_value *control;
922 struct snd_card *card;
923 int result;
924
925 control = memdup_user(_control, sizeof(*control));
926 if (IS_ERR(control))
927 return PTR_ERR(control);
928
929 card = file->card;
930 snd_power_lock(card);
931 result = snd_power_wait(card, SNDRV_CTL_POWER_D0);
932 if (result >= 0)
933 result = snd_ctl_elem_write(card, file, control);
934 snd_power_unlock(card);
935 if (result >= 0)
936 if (copy_to_user(_control, control, sizeof(*control)))
937 result = -EFAULT;
938 kfree(control);
939 return result;
940 }
941
snd_ctl_elem_lock(struct snd_ctl_file * file,struct snd_ctl_elem_id __user * _id)942 static int snd_ctl_elem_lock(struct snd_ctl_file *file,
943 struct snd_ctl_elem_id __user *_id)
944 {
945 struct snd_card *card = file->card;
946 struct snd_ctl_elem_id id;
947 struct snd_kcontrol *kctl;
948 struct snd_kcontrol_volatile *vd;
949 int result;
950
951 if (copy_from_user(&id, _id, sizeof(id)))
952 return -EFAULT;
953 down_write(&card->controls_rwsem);
954 kctl = snd_ctl_find_id(card, &id);
955 if (kctl == NULL) {
956 result = -ENOENT;
957 } else {
958 vd = &kctl->vd[snd_ctl_get_ioff(kctl, &id)];
959 if (vd->owner != NULL)
960 result = -EBUSY;
961 else {
962 vd->owner = file;
963 result = 0;
964 }
965 }
966 up_write(&card->controls_rwsem);
967 return result;
968 }
969
snd_ctl_elem_unlock(struct snd_ctl_file * file,struct snd_ctl_elem_id __user * _id)970 static int snd_ctl_elem_unlock(struct snd_ctl_file *file,
971 struct snd_ctl_elem_id __user *_id)
972 {
973 struct snd_card *card = file->card;
974 struct snd_ctl_elem_id id;
975 struct snd_kcontrol *kctl;
976 struct snd_kcontrol_volatile *vd;
977 int result;
978
979 if (copy_from_user(&id, _id, sizeof(id)))
980 return -EFAULT;
981 down_write(&card->controls_rwsem);
982 kctl = snd_ctl_find_id(card, &id);
983 if (kctl == NULL) {
984 result = -ENOENT;
985 } else {
986 vd = &kctl->vd[snd_ctl_get_ioff(kctl, &id)];
987 if (vd->owner == NULL)
988 result = -EINVAL;
989 else if (vd->owner != file)
990 result = -EPERM;
991 else {
992 vd->owner = NULL;
993 result = 0;
994 }
995 }
996 up_write(&card->controls_rwsem);
997 return result;
998 }
999
1000 struct user_element {
1001 struct snd_ctl_elem_info info;
1002 struct snd_card *card;
1003 void *elem_data; /* element data */
1004 unsigned long elem_data_size; /* size of element data in bytes */
1005 void *tlv_data; /* TLV data */
1006 unsigned long tlv_data_size; /* TLV data size */
1007 void *priv_data; /* private data (like strings for enumerated type) */
1008 };
1009
snd_ctl_elem_user_info(struct snd_kcontrol * kcontrol,struct snd_ctl_elem_info * uinfo)1010 static int snd_ctl_elem_user_info(struct snd_kcontrol *kcontrol,
1011 struct snd_ctl_elem_info *uinfo)
1012 {
1013 struct user_element *ue = kcontrol->private_data;
1014
1015 *uinfo = ue->info;
1016 return 0;
1017 }
1018
snd_ctl_elem_user_enum_info(struct snd_kcontrol * kcontrol,struct snd_ctl_elem_info * uinfo)1019 static int snd_ctl_elem_user_enum_info(struct snd_kcontrol *kcontrol,
1020 struct snd_ctl_elem_info *uinfo)
1021 {
1022 struct user_element *ue = kcontrol->private_data;
1023 const char *names;
1024 unsigned int item;
1025
1026 item = uinfo->value.enumerated.item;
1027
1028 *uinfo = ue->info;
1029
1030 item = min(item, uinfo->value.enumerated.items - 1);
1031 uinfo->value.enumerated.item = item;
1032
1033 names = ue->priv_data;
1034 for (; item > 0; --item)
1035 names += strlen(names) + 1;
1036 strcpy(uinfo->value.enumerated.name, names);
1037
1038 return 0;
1039 }
1040
snd_ctl_elem_user_get(struct snd_kcontrol * kcontrol,struct snd_ctl_elem_value * ucontrol)1041 static int snd_ctl_elem_user_get(struct snd_kcontrol *kcontrol,
1042 struct snd_ctl_elem_value *ucontrol)
1043 {
1044 struct user_element *ue = kcontrol->private_data;
1045
1046 mutex_lock(&ue->card->user_ctl_lock);
1047 memcpy(&ucontrol->value, ue->elem_data, ue->elem_data_size);
1048 mutex_unlock(&ue->card->user_ctl_lock);
1049 return 0;
1050 }
1051
snd_ctl_elem_user_put(struct snd_kcontrol * kcontrol,struct snd_ctl_elem_value * ucontrol)1052 static int snd_ctl_elem_user_put(struct snd_kcontrol *kcontrol,
1053 struct snd_ctl_elem_value *ucontrol)
1054 {
1055 int change;
1056 struct user_element *ue = kcontrol->private_data;
1057
1058 mutex_lock(&ue->card->user_ctl_lock);
1059 change = memcmp(&ucontrol->value, ue->elem_data, ue->elem_data_size) != 0;
1060 if (change)
1061 memcpy(ue->elem_data, &ucontrol->value, ue->elem_data_size);
1062 mutex_unlock(&ue->card->user_ctl_lock);
1063 return change;
1064 }
1065
snd_ctl_elem_user_tlv(struct snd_kcontrol * kcontrol,int op_flag,unsigned int size,unsigned int __user * tlv)1066 static int snd_ctl_elem_user_tlv(struct snd_kcontrol *kcontrol,
1067 int op_flag,
1068 unsigned int size,
1069 unsigned int __user *tlv)
1070 {
1071 struct user_element *ue = kcontrol->private_data;
1072 int change = 0;
1073 void *new_data;
1074
1075 if (op_flag > 0) {
1076 if (size > 1024 * 128) /* sane value */
1077 return -EINVAL;
1078
1079 new_data = memdup_user(tlv, size);
1080 if (IS_ERR(new_data))
1081 return PTR_ERR(new_data);
1082 mutex_lock(&ue->card->user_ctl_lock);
1083 change = ue->tlv_data_size != size;
1084 if (!change)
1085 change = memcmp(ue->tlv_data, new_data, size);
1086 kfree(ue->tlv_data);
1087 ue->tlv_data = new_data;
1088 ue->tlv_data_size = size;
1089 mutex_unlock(&ue->card->user_ctl_lock);
1090 } else {
1091 int ret = 0;
1092
1093 mutex_lock(&ue->card->user_ctl_lock);
1094 if (!ue->tlv_data_size || !ue->tlv_data) {
1095 ret = -ENXIO;
1096 goto err_unlock;
1097 }
1098 if (size < ue->tlv_data_size) {
1099 ret = -ENOSPC;
1100 goto err_unlock;
1101 }
1102 if (copy_to_user(tlv, ue->tlv_data, ue->tlv_data_size))
1103 ret = -EFAULT;
1104 err_unlock:
1105 mutex_unlock(&ue->card->user_ctl_lock);
1106 if (ret)
1107 return ret;
1108 }
1109 return change;
1110 }
1111
snd_ctl_elem_init_enum_names(struct user_element * ue)1112 static int snd_ctl_elem_init_enum_names(struct user_element *ue)
1113 {
1114 char *names, *p;
1115 size_t buf_len, name_len;
1116 unsigned int i;
1117 const uintptr_t user_ptrval = ue->info.value.enumerated.names_ptr;
1118
1119 if (ue->info.value.enumerated.names_length > 64 * 1024)
1120 return -EINVAL;
1121
1122 names = memdup_user((const void __user *)user_ptrval,
1123 ue->info.value.enumerated.names_length);
1124 if (IS_ERR(names))
1125 return PTR_ERR(names);
1126
1127 /* check that there are enough valid names */
1128 buf_len = ue->info.value.enumerated.names_length;
1129 p = names;
1130 for (i = 0; i < ue->info.value.enumerated.items; ++i) {
1131 name_len = strnlen(p, buf_len);
1132 if (name_len == 0 || name_len >= 64 || name_len == buf_len) {
1133 kfree(names);
1134 return -EINVAL;
1135 }
1136 p += name_len + 1;
1137 buf_len -= name_len + 1;
1138 }
1139
1140 ue->priv_data = names;
1141 ue->info.value.enumerated.names_ptr = 0;
1142
1143 return 0;
1144 }
1145
snd_ctl_elem_user_free(struct snd_kcontrol * kcontrol)1146 static void snd_ctl_elem_user_free(struct snd_kcontrol *kcontrol)
1147 {
1148 struct user_element *ue = kcontrol->private_data;
1149
1150 kfree(ue->tlv_data);
1151 kfree(ue->priv_data);
1152 kfree(ue);
1153 }
1154
snd_ctl_elem_add(struct snd_ctl_file * file,struct snd_ctl_elem_info * info,int replace)1155 static int snd_ctl_elem_add(struct snd_ctl_file *file,
1156 struct snd_ctl_elem_info *info, int replace)
1157 {
1158 struct snd_card *card = file->card;
1159 struct snd_kcontrol kctl, *_kctl;
1160 unsigned int access;
1161 long private_size;
1162 struct user_element *ue;
1163 int idx, err;
1164
1165 if (info->count < 1)
1166 return -EINVAL;
1167 access = info->access == 0 ? SNDRV_CTL_ELEM_ACCESS_READWRITE :
1168 (info->access & (SNDRV_CTL_ELEM_ACCESS_READWRITE|
1169 SNDRV_CTL_ELEM_ACCESS_INACTIVE|
1170 SNDRV_CTL_ELEM_ACCESS_TLV_READWRITE));
1171 info->id.numid = 0;
1172 memset(&kctl, 0, sizeof(kctl));
1173
1174 if (replace) {
1175 err = snd_ctl_remove_user_ctl(file, &info->id);
1176 if (err)
1177 return err;
1178 }
1179
1180 if (card->user_ctl_count >= MAX_USER_CONTROLS)
1181 return -ENOMEM;
1182
1183 memcpy(&kctl.id, &info->id, sizeof(info->id));
1184 kctl.count = info->owner ? info->owner : 1;
1185 access |= SNDRV_CTL_ELEM_ACCESS_USER;
1186 if (info->type == SNDRV_CTL_ELEM_TYPE_ENUMERATED)
1187 kctl.info = snd_ctl_elem_user_enum_info;
1188 else
1189 kctl.info = snd_ctl_elem_user_info;
1190 if (access & SNDRV_CTL_ELEM_ACCESS_READ)
1191 kctl.get = snd_ctl_elem_user_get;
1192 if (access & SNDRV_CTL_ELEM_ACCESS_WRITE)
1193 kctl.put = snd_ctl_elem_user_put;
1194 if (access & SNDRV_CTL_ELEM_ACCESS_TLV_READWRITE) {
1195 kctl.tlv.c = snd_ctl_elem_user_tlv;
1196 access |= SNDRV_CTL_ELEM_ACCESS_TLV_CALLBACK;
1197 }
1198 switch (info->type) {
1199 case SNDRV_CTL_ELEM_TYPE_BOOLEAN:
1200 case SNDRV_CTL_ELEM_TYPE_INTEGER:
1201 private_size = sizeof(long);
1202 if (info->count > 128)
1203 return -EINVAL;
1204 break;
1205 case SNDRV_CTL_ELEM_TYPE_INTEGER64:
1206 private_size = sizeof(long long);
1207 if (info->count > 64)
1208 return -EINVAL;
1209 break;
1210 case SNDRV_CTL_ELEM_TYPE_ENUMERATED:
1211 private_size = sizeof(unsigned int);
1212 if (info->count > 128 || info->value.enumerated.items == 0)
1213 return -EINVAL;
1214 break;
1215 case SNDRV_CTL_ELEM_TYPE_BYTES:
1216 private_size = sizeof(unsigned char);
1217 if (info->count > 512)
1218 return -EINVAL;
1219 break;
1220 case SNDRV_CTL_ELEM_TYPE_IEC958:
1221 private_size = sizeof(struct snd_aes_iec958);
1222 if (info->count != 1)
1223 return -EINVAL;
1224 break;
1225 default:
1226 return -EINVAL;
1227 }
1228 private_size *= info->count;
1229 ue = kzalloc(sizeof(struct user_element) + private_size, GFP_KERNEL);
1230 if (ue == NULL)
1231 return -ENOMEM;
1232 ue->card = card;
1233 ue->info = *info;
1234 ue->info.access = 0;
1235 ue->elem_data = (char *)ue + sizeof(*ue);
1236 ue->elem_data_size = private_size;
1237 if (ue->info.type == SNDRV_CTL_ELEM_TYPE_ENUMERATED) {
1238 err = snd_ctl_elem_init_enum_names(ue);
1239 if (err < 0) {
1240 kfree(ue);
1241 return err;
1242 }
1243 }
1244 kctl.private_free = snd_ctl_elem_user_free;
1245 _kctl = snd_ctl_new(&kctl, access);
1246 if (_kctl == NULL) {
1247 kfree(ue->priv_data);
1248 kfree(ue);
1249 return -ENOMEM;
1250 }
1251 _kctl->private_data = ue;
1252 for (idx = 0; idx < _kctl->count; idx++)
1253 _kctl->vd[idx].owner = file;
1254 err = snd_ctl_add(card, _kctl);
1255 if (err < 0)
1256 return err;
1257
1258 down_write(&card->controls_rwsem);
1259 card->user_ctl_count++;
1260 up_write(&card->controls_rwsem);
1261
1262 return 0;
1263 }
1264
snd_ctl_elem_add_user(struct snd_ctl_file * file,struct snd_ctl_elem_info __user * _info,int replace)1265 static int snd_ctl_elem_add_user(struct snd_ctl_file *file,
1266 struct snd_ctl_elem_info __user *_info, int replace)
1267 {
1268 struct snd_ctl_elem_info info;
1269 if (copy_from_user(&info, _info, sizeof(info)))
1270 return -EFAULT;
1271 return snd_ctl_elem_add(file, &info, replace);
1272 }
1273
snd_ctl_elem_remove(struct snd_ctl_file * file,struct snd_ctl_elem_id __user * _id)1274 static int snd_ctl_elem_remove(struct snd_ctl_file *file,
1275 struct snd_ctl_elem_id __user *_id)
1276 {
1277 struct snd_ctl_elem_id id;
1278
1279 if (copy_from_user(&id, _id, sizeof(id)))
1280 return -EFAULT;
1281 return snd_ctl_remove_user_ctl(file, &id);
1282 }
1283
snd_ctl_subscribe_events(struct snd_ctl_file * file,int __user * ptr)1284 static int snd_ctl_subscribe_events(struct snd_ctl_file *file, int __user *ptr)
1285 {
1286 int subscribe;
1287 if (get_user(subscribe, ptr))
1288 return -EFAULT;
1289 if (subscribe < 0) {
1290 subscribe = file->subscribed;
1291 if (put_user(subscribe, ptr))
1292 return -EFAULT;
1293 return 0;
1294 }
1295 if (subscribe) {
1296 file->subscribed = 1;
1297 return 0;
1298 } else if (file->subscribed) {
1299 snd_ctl_empty_read_queue(file);
1300 file->subscribed = 0;
1301 }
1302 return 0;
1303 }
1304
snd_ctl_tlv_ioctl(struct snd_ctl_file * file,struct snd_ctl_tlv __user * _tlv,int op_flag)1305 static int snd_ctl_tlv_ioctl(struct snd_ctl_file *file,
1306 struct snd_ctl_tlv __user *_tlv,
1307 int op_flag)
1308 {
1309 struct snd_card *card = file->card;
1310 struct snd_ctl_tlv tlv;
1311 struct snd_kcontrol *kctl;
1312 struct snd_kcontrol_volatile *vd;
1313 unsigned int len;
1314 int err = 0;
1315
1316 if (copy_from_user(&tlv, _tlv, sizeof(tlv)))
1317 return -EFAULT;
1318 if (tlv.length < sizeof(unsigned int) * 2)
1319 return -EINVAL;
1320 down_read(&card->controls_rwsem);
1321 kctl = snd_ctl_find_numid(card, tlv.numid);
1322 if (kctl == NULL) {
1323 err = -ENOENT;
1324 goto __kctl_end;
1325 }
1326 if (kctl->tlv.p == NULL) {
1327 err = -ENXIO;
1328 goto __kctl_end;
1329 }
1330 vd = &kctl->vd[tlv.numid - kctl->id.numid];
1331 if ((op_flag == 0 && (vd->access & SNDRV_CTL_ELEM_ACCESS_TLV_READ) == 0) ||
1332 (op_flag > 0 && (vd->access & SNDRV_CTL_ELEM_ACCESS_TLV_WRITE) == 0) ||
1333 (op_flag < 0 && (vd->access & SNDRV_CTL_ELEM_ACCESS_TLV_COMMAND) == 0)) {
1334 err = -ENXIO;
1335 goto __kctl_end;
1336 }
1337 if (vd->access & SNDRV_CTL_ELEM_ACCESS_TLV_CALLBACK) {
1338 if (vd->owner != NULL && vd->owner != file) {
1339 err = -EPERM;
1340 goto __kctl_end;
1341 }
1342 err = kctl->tlv.c(kctl, op_flag, tlv.length, _tlv->tlv);
1343 if (err > 0) {
1344 struct snd_ctl_elem_id id = kctl->id;
1345 up_read(&card->controls_rwsem);
1346 snd_ctl_notify(card, SNDRV_CTL_EVENT_MASK_TLV, &id);
1347 return 0;
1348 }
1349 } else {
1350 if (op_flag) {
1351 err = -ENXIO;
1352 goto __kctl_end;
1353 }
1354 len = kctl->tlv.p[1] + 2 * sizeof(unsigned int);
1355 if (tlv.length < len) {
1356 err = -ENOMEM;
1357 goto __kctl_end;
1358 }
1359 if (copy_to_user(_tlv->tlv, kctl->tlv.p, len))
1360 err = -EFAULT;
1361 }
1362 __kctl_end:
1363 up_read(&card->controls_rwsem);
1364 return err;
1365 }
1366
snd_ctl_ioctl(struct file * file,unsigned int cmd,unsigned long arg)1367 static long snd_ctl_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
1368 {
1369 struct snd_ctl_file *ctl;
1370 struct snd_card *card;
1371 struct snd_kctl_ioctl *p;
1372 void __user *argp = (void __user *)arg;
1373 int __user *ip = argp;
1374 int err;
1375
1376 ctl = file->private_data;
1377 card = ctl->card;
1378 if (snd_BUG_ON(!card))
1379 return -ENXIO;
1380 switch (cmd) {
1381 case SNDRV_CTL_IOCTL_PVERSION:
1382 return put_user(SNDRV_CTL_VERSION, ip) ? -EFAULT : 0;
1383 case SNDRV_CTL_IOCTL_CARD_INFO:
1384 return snd_ctl_card_info(card, ctl, cmd, argp);
1385 case SNDRV_CTL_IOCTL_ELEM_LIST:
1386 return snd_ctl_elem_list(card, argp);
1387 case SNDRV_CTL_IOCTL_ELEM_INFO:
1388 return snd_ctl_elem_info_user(ctl, argp);
1389 case SNDRV_CTL_IOCTL_ELEM_READ:
1390 return snd_ctl_elem_read_user(card, argp);
1391 case SNDRV_CTL_IOCTL_ELEM_WRITE:
1392 return snd_ctl_elem_write_user(ctl, argp);
1393 case SNDRV_CTL_IOCTL_ELEM_LOCK:
1394 return snd_ctl_elem_lock(ctl, argp);
1395 case SNDRV_CTL_IOCTL_ELEM_UNLOCK:
1396 return snd_ctl_elem_unlock(ctl, argp);
1397 case SNDRV_CTL_IOCTL_ELEM_ADD:
1398 return snd_ctl_elem_add_user(ctl, argp, 0);
1399 case SNDRV_CTL_IOCTL_ELEM_REPLACE:
1400 return snd_ctl_elem_add_user(ctl, argp, 1);
1401 case SNDRV_CTL_IOCTL_ELEM_REMOVE:
1402 return snd_ctl_elem_remove(ctl, argp);
1403 case SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS:
1404 return snd_ctl_subscribe_events(ctl, ip);
1405 case SNDRV_CTL_IOCTL_TLV_READ:
1406 return snd_ctl_tlv_ioctl(ctl, argp, 0);
1407 case SNDRV_CTL_IOCTL_TLV_WRITE:
1408 return snd_ctl_tlv_ioctl(ctl, argp, 1);
1409 case SNDRV_CTL_IOCTL_TLV_COMMAND:
1410 return snd_ctl_tlv_ioctl(ctl, argp, -1);
1411 case SNDRV_CTL_IOCTL_POWER:
1412 return -ENOPROTOOPT;
1413 case SNDRV_CTL_IOCTL_POWER_STATE:
1414 #ifdef CONFIG_PM
1415 return put_user(card->power_state, ip) ? -EFAULT : 0;
1416 #else
1417 return put_user(SNDRV_CTL_POWER_D0, ip) ? -EFAULT : 0;
1418 #endif
1419 }
1420 down_read(&snd_ioctl_rwsem);
1421 list_for_each_entry(p, &snd_control_ioctls, list) {
1422 err = p->fioctl(card, ctl, cmd, arg);
1423 if (err != -ENOIOCTLCMD) {
1424 up_read(&snd_ioctl_rwsem);
1425 return err;
1426 }
1427 }
1428 up_read(&snd_ioctl_rwsem);
1429 snd_printdd("unknown ioctl = 0x%x\n", cmd);
1430 return -ENOTTY;
1431 }
1432
snd_ctl_read(struct file * file,char __user * buffer,size_t count,loff_t * offset)1433 static ssize_t snd_ctl_read(struct file *file, char __user *buffer,
1434 size_t count, loff_t * offset)
1435 {
1436 struct snd_ctl_file *ctl;
1437 int err = 0;
1438 ssize_t result = 0;
1439
1440 ctl = file->private_data;
1441 if (snd_BUG_ON(!ctl || !ctl->card))
1442 return -ENXIO;
1443 if (!ctl->subscribed)
1444 return -EBADFD;
1445 if (count < sizeof(struct snd_ctl_event))
1446 return -EINVAL;
1447 spin_lock_irq(&ctl->read_lock);
1448 while (count >= sizeof(struct snd_ctl_event)) {
1449 struct snd_ctl_event ev;
1450 struct snd_kctl_event *kev;
1451 while (list_empty(&ctl->events)) {
1452 wait_queue_t wait;
1453 if ((file->f_flags & O_NONBLOCK) != 0 || result > 0) {
1454 err = -EAGAIN;
1455 goto __end_lock;
1456 }
1457 init_waitqueue_entry(&wait, current);
1458 add_wait_queue(&ctl->change_sleep, &wait);
1459 set_current_state(TASK_INTERRUPTIBLE);
1460 spin_unlock_irq(&ctl->read_lock);
1461 schedule();
1462 remove_wait_queue(&ctl->change_sleep, &wait);
1463 if (ctl->card->shutdown)
1464 return -ENODEV;
1465 if (signal_pending(current))
1466 return -ERESTARTSYS;
1467 spin_lock_irq(&ctl->read_lock);
1468 }
1469 kev = snd_kctl_event(ctl->events.next);
1470 ev.type = SNDRV_CTL_EVENT_ELEM;
1471 ev.data.elem.mask = kev->mask;
1472 ev.data.elem.id = kev->id;
1473 list_del(&kev->list);
1474 spin_unlock_irq(&ctl->read_lock);
1475 kfree(kev);
1476 if (copy_to_user(buffer, &ev, sizeof(struct snd_ctl_event))) {
1477 err = -EFAULT;
1478 goto __end;
1479 }
1480 spin_lock_irq(&ctl->read_lock);
1481 buffer += sizeof(struct snd_ctl_event);
1482 count -= sizeof(struct snd_ctl_event);
1483 result += sizeof(struct snd_ctl_event);
1484 }
1485 __end_lock:
1486 spin_unlock_irq(&ctl->read_lock);
1487 __end:
1488 return result > 0 ? result : err;
1489 }
1490
snd_ctl_poll(struct file * file,poll_table * wait)1491 static unsigned int snd_ctl_poll(struct file *file, poll_table * wait)
1492 {
1493 unsigned int mask;
1494 struct snd_ctl_file *ctl;
1495
1496 ctl = file->private_data;
1497 if (!ctl->subscribed)
1498 return 0;
1499 poll_wait(file, &ctl->change_sleep, wait);
1500
1501 mask = 0;
1502 if (!list_empty(&ctl->events))
1503 mask |= POLLIN | POLLRDNORM;
1504
1505 return mask;
1506 }
1507
1508 /*
1509 * register the device-specific control-ioctls.
1510 * called from each device manager like pcm.c, hwdep.c, etc.
1511 */
_snd_ctl_register_ioctl(snd_kctl_ioctl_func_t fcn,struct list_head * lists)1512 static int _snd_ctl_register_ioctl(snd_kctl_ioctl_func_t fcn, struct list_head *lists)
1513 {
1514 struct snd_kctl_ioctl *pn;
1515
1516 pn = kzalloc(sizeof(struct snd_kctl_ioctl), GFP_KERNEL);
1517 if (pn == NULL)
1518 return -ENOMEM;
1519 pn->fioctl = fcn;
1520 down_write(&snd_ioctl_rwsem);
1521 list_add_tail(&pn->list, lists);
1522 up_write(&snd_ioctl_rwsem);
1523 return 0;
1524 }
1525
snd_ctl_register_ioctl(snd_kctl_ioctl_func_t fcn)1526 int snd_ctl_register_ioctl(snd_kctl_ioctl_func_t fcn)
1527 {
1528 return _snd_ctl_register_ioctl(fcn, &snd_control_ioctls);
1529 }
1530
1531 EXPORT_SYMBOL(snd_ctl_register_ioctl);
1532
1533 #ifdef CONFIG_COMPAT
snd_ctl_register_ioctl_compat(snd_kctl_ioctl_func_t fcn)1534 int snd_ctl_register_ioctl_compat(snd_kctl_ioctl_func_t fcn)
1535 {
1536 return _snd_ctl_register_ioctl(fcn, &snd_control_compat_ioctls);
1537 }
1538
1539 EXPORT_SYMBOL(snd_ctl_register_ioctl_compat);
1540 #endif
1541
1542 /*
1543 * de-register the device-specific control-ioctls.
1544 */
_snd_ctl_unregister_ioctl(snd_kctl_ioctl_func_t fcn,struct list_head * lists)1545 static int _snd_ctl_unregister_ioctl(snd_kctl_ioctl_func_t fcn,
1546 struct list_head *lists)
1547 {
1548 struct snd_kctl_ioctl *p;
1549
1550 if (snd_BUG_ON(!fcn))
1551 return -EINVAL;
1552 down_write(&snd_ioctl_rwsem);
1553 list_for_each_entry(p, lists, list) {
1554 if (p->fioctl == fcn) {
1555 list_del(&p->list);
1556 up_write(&snd_ioctl_rwsem);
1557 kfree(p);
1558 return 0;
1559 }
1560 }
1561 up_write(&snd_ioctl_rwsem);
1562 snd_BUG();
1563 return -EINVAL;
1564 }
1565
snd_ctl_unregister_ioctl(snd_kctl_ioctl_func_t fcn)1566 int snd_ctl_unregister_ioctl(snd_kctl_ioctl_func_t fcn)
1567 {
1568 return _snd_ctl_unregister_ioctl(fcn, &snd_control_ioctls);
1569 }
1570
1571 EXPORT_SYMBOL(snd_ctl_unregister_ioctl);
1572
1573 #ifdef CONFIG_COMPAT
snd_ctl_unregister_ioctl_compat(snd_kctl_ioctl_func_t fcn)1574 int snd_ctl_unregister_ioctl_compat(snd_kctl_ioctl_func_t fcn)
1575 {
1576 return _snd_ctl_unregister_ioctl(fcn, &snd_control_compat_ioctls);
1577 }
1578
1579 EXPORT_SYMBOL(snd_ctl_unregister_ioctl_compat);
1580 #endif
1581
snd_ctl_fasync(int fd,struct file * file,int on)1582 static int snd_ctl_fasync(int fd, struct file * file, int on)
1583 {
1584 struct snd_ctl_file *ctl;
1585
1586 ctl = file->private_data;
1587 return fasync_helper(fd, file, on, &ctl->fasync);
1588 }
1589
1590 /*
1591 * ioctl32 compat
1592 */
1593 #ifdef CONFIG_COMPAT
1594 #include "control_compat.c"
1595 #else
1596 #define snd_ctl_ioctl_compat NULL
1597 #endif
1598
1599 /*
1600 * INIT PART
1601 */
1602
1603 static const struct file_operations snd_ctl_f_ops =
1604 {
1605 .owner = THIS_MODULE,
1606 .read = snd_ctl_read,
1607 .open = snd_ctl_open,
1608 .release = snd_ctl_release,
1609 .llseek = no_llseek,
1610 .poll = snd_ctl_poll,
1611 .unlocked_ioctl = snd_ctl_ioctl,
1612 .compat_ioctl = snd_ctl_ioctl_compat,
1613 .fasync = snd_ctl_fasync,
1614 };
1615
1616 /*
1617 * registration of the control device
1618 */
snd_ctl_dev_register(struct snd_device * device)1619 static int snd_ctl_dev_register(struct snd_device *device)
1620 {
1621 struct snd_card *card = device->device_data;
1622 int err, cardnum;
1623 char name[16];
1624
1625 if (snd_BUG_ON(!card))
1626 return -ENXIO;
1627 cardnum = card->number;
1628 if (snd_BUG_ON(cardnum < 0 || cardnum >= SNDRV_CARDS))
1629 return -ENXIO;
1630 sprintf(name, "controlC%i", cardnum);
1631 if ((err = snd_register_device(SNDRV_DEVICE_TYPE_CONTROL, card, -1,
1632 &snd_ctl_f_ops, card, name)) < 0)
1633 return err;
1634 return 0;
1635 }
1636
1637 /*
1638 * disconnection of the control device
1639 */
snd_ctl_dev_disconnect(struct snd_device * device)1640 static int snd_ctl_dev_disconnect(struct snd_device *device)
1641 {
1642 struct snd_card *card = device->device_data;
1643 struct snd_ctl_file *ctl;
1644 int err, cardnum;
1645
1646 if (snd_BUG_ON(!card))
1647 return -ENXIO;
1648 cardnum = card->number;
1649 if (snd_BUG_ON(cardnum < 0 || cardnum >= SNDRV_CARDS))
1650 return -ENXIO;
1651
1652 read_lock(&card->ctl_files_rwlock);
1653 list_for_each_entry(ctl, &card->ctl_files, list) {
1654 wake_up(&ctl->change_sleep);
1655 kill_fasync(&ctl->fasync, SIGIO, POLL_ERR);
1656 }
1657 read_unlock(&card->ctl_files_rwlock);
1658
1659 if ((err = snd_unregister_device(SNDRV_DEVICE_TYPE_CONTROL,
1660 card, -1)) < 0)
1661 return err;
1662 return 0;
1663 }
1664
1665 /*
1666 * free all controls
1667 */
snd_ctl_dev_free(struct snd_device * device)1668 static int snd_ctl_dev_free(struct snd_device *device)
1669 {
1670 struct snd_card *card = device->device_data;
1671 struct snd_kcontrol *control;
1672
1673 down_write(&card->controls_rwsem);
1674 while (!list_empty(&card->controls)) {
1675 control = snd_kcontrol(card->controls.next);
1676 snd_ctl_remove(card, control);
1677 }
1678 up_write(&card->controls_rwsem);
1679 return 0;
1680 }
1681
1682 /*
1683 * create control core:
1684 * called from init.c
1685 */
snd_ctl_create(struct snd_card * card)1686 int snd_ctl_create(struct snd_card *card)
1687 {
1688 static struct snd_device_ops ops = {
1689 .dev_free = snd_ctl_dev_free,
1690 .dev_register = snd_ctl_dev_register,
1691 .dev_disconnect = snd_ctl_dev_disconnect,
1692 };
1693
1694 if (snd_BUG_ON(!card))
1695 return -ENXIO;
1696 return snd_device_new(card, SNDRV_DEV_CONTROL, card, &ops);
1697 }
1698
1699 /*
1700 * Frequently used control callbacks/helpers
1701 */
snd_ctl_boolean_mono_info(struct snd_kcontrol * kcontrol,struct snd_ctl_elem_info * uinfo)1702 int snd_ctl_boolean_mono_info(struct snd_kcontrol *kcontrol,
1703 struct snd_ctl_elem_info *uinfo)
1704 {
1705 uinfo->type = SNDRV_CTL_ELEM_TYPE_BOOLEAN;
1706 uinfo->count = 1;
1707 uinfo->value.integer.min = 0;
1708 uinfo->value.integer.max = 1;
1709 return 0;
1710 }
1711
1712 EXPORT_SYMBOL(snd_ctl_boolean_mono_info);
1713
snd_ctl_boolean_stereo_info(struct snd_kcontrol * kcontrol,struct snd_ctl_elem_info * uinfo)1714 int snd_ctl_boolean_stereo_info(struct snd_kcontrol *kcontrol,
1715 struct snd_ctl_elem_info *uinfo)
1716 {
1717 uinfo->type = SNDRV_CTL_ELEM_TYPE_BOOLEAN;
1718 uinfo->count = 2;
1719 uinfo->value.integer.min = 0;
1720 uinfo->value.integer.max = 1;
1721 return 0;
1722 }
1723
1724 EXPORT_SYMBOL(snd_ctl_boolean_stereo_info);
1725
1726 /**
1727 * snd_ctl_enum_info - fills the info structure for an enumerated control
1728 * @info: the structure to be filled
1729 * @channels: the number of the control's channels; often one
1730 * @items: the number of control values; also the size of @names
1731 * @names: an array containing the names of all control values
1732 *
1733 * Sets all required fields in @info to their appropriate values.
1734 * If the control's accessibility is not the default (readable and writable),
1735 * the caller has to fill @info->access.
1736 */
snd_ctl_enum_info(struct snd_ctl_elem_info * info,unsigned int channels,unsigned int items,const char * const names[])1737 int snd_ctl_enum_info(struct snd_ctl_elem_info *info, unsigned int channels,
1738 unsigned int items, const char *const names[])
1739 {
1740 info->type = SNDRV_CTL_ELEM_TYPE_ENUMERATED;
1741 info->count = channels;
1742 info->value.enumerated.items = items;
1743 if (info->value.enumerated.item >= items)
1744 info->value.enumerated.item = items - 1;
1745 strlcpy(info->value.enumerated.name,
1746 names[info->value.enumerated.item],
1747 sizeof(info->value.enumerated.name));
1748 return 0;
1749 }
1750 EXPORT_SYMBOL(snd_ctl_enum_info);
1751