1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3 * Routines for driver control interface
4 * Copyright (c) by Jaroslav Kysela <perex@perex.cz>
5 */
6
7 #include <linux/threads.h>
8 #include <linux/interrupt.h>
9 #include <linux/module.h>
10 #include <linux/slab.h>
11 #include <linux/vmalloc.h>
12 #include <linux/time.h>
13 #include <linux/mm.h>
14 #include <linux/math64.h>
15 #include <linux/sched/signal.h>
16 #include <sound/core.h>
17 #include <sound/minors.h>
18 #include <sound/info.h>
19 #include <sound/control.h>
20
21 /* max number of user-defined controls */
22 #define MAX_USER_CONTROLS 32
23 #define MAX_CONTROL_COUNT 1028
24
25 struct snd_kctl_ioctl {
26 struct list_head list; /* list of all ioctls */
27 snd_kctl_ioctl_func_t fioctl;
28 };
29
30 static DECLARE_RWSEM(snd_ioctl_rwsem);
31 static LIST_HEAD(snd_control_ioctls);
32 #ifdef CONFIG_COMPAT
33 static LIST_HEAD(snd_control_compat_ioctls);
34 #endif
35
snd_ctl_open(struct inode * inode,struct file * file)36 static int snd_ctl_open(struct inode *inode, struct file *file)
37 {
38 unsigned long flags;
39 struct snd_card *card;
40 struct snd_ctl_file *ctl;
41 int i, err;
42
43 err = stream_open(inode, file);
44 if (err < 0)
45 return err;
46
47 card = snd_lookup_minor_data(iminor(inode), SNDRV_DEVICE_TYPE_CONTROL);
48 if (!card) {
49 err = -ENODEV;
50 goto __error1;
51 }
52 err = snd_card_file_add(card, file);
53 if (err < 0) {
54 err = -ENODEV;
55 goto __error1;
56 }
57 if (!try_module_get(card->module)) {
58 err = -EFAULT;
59 goto __error2;
60 }
61 ctl = kzalloc(sizeof(*ctl), GFP_KERNEL);
62 if (ctl == NULL) {
63 err = -ENOMEM;
64 goto __error;
65 }
66 INIT_LIST_HEAD(&ctl->events);
67 init_waitqueue_head(&ctl->change_sleep);
68 spin_lock_init(&ctl->read_lock);
69 ctl->card = card;
70 for (i = 0; i < SND_CTL_SUBDEV_ITEMS; i++)
71 ctl->preferred_subdevice[i] = -1;
72 ctl->pid = get_pid(task_pid(current));
73 file->private_data = ctl;
74 write_lock_irqsave(&card->ctl_files_rwlock, flags);
75 list_add_tail(&ctl->list, &card->ctl_files);
76 write_unlock_irqrestore(&card->ctl_files_rwlock, flags);
77 snd_card_unref(card);
78 return 0;
79
80 __error:
81 module_put(card->module);
82 __error2:
83 snd_card_file_remove(card, file);
84 __error1:
85 if (card)
86 snd_card_unref(card);
87 return err;
88 }
89
snd_ctl_empty_read_queue(struct snd_ctl_file * ctl)90 static void snd_ctl_empty_read_queue(struct snd_ctl_file * ctl)
91 {
92 unsigned long flags;
93 struct snd_kctl_event *cread;
94
95 spin_lock_irqsave(&ctl->read_lock, flags);
96 while (!list_empty(&ctl->events)) {
97 cread = snd_kctl_event(ctl->events.next);
98 list_del(&cread->list);
99 kfree(cread);
100 }
101 spin_unlock_irqrestore(&ctl->read_lock, flags);
102 }
103
snd_ctl_release(struct inode * inode,struct file * file)104 static int snd_ctl_release(struct inode *inode, struct file *file)
105 {
106 unsigned long flags;
107 struct snd_card *card;
108 struct snd_ctl_file *ctl;
109 struct snd_kcontrol *control;
110 unsigned int idx;
111
112 ctl = file->private_data;
113 file->private_data = NULL;
114 card = ctl->card;
115 write_lock_irqsave(&card->ctl_files_rwlock, flags);
116 list_del(&ctl->list);
117 write_unlock_irqrestore(&card->ctl_files_rwlock, flags);
118 down_write(&card->controls_rwsem);
119 list_for_each_entry(control, &card->controls, list)
120 for (idx = 0; idx < control->count; idx++)
121 if (control->vd[idx].owner == ctl)
122 control->vd[idx].owner = NULL;
123 up_write(&card->controls_rwsem);
124 snd_ctl_empty_read_queue(ctl);
125 put_pid(ctl->pid);
126 kfree(ctl);
127 module_put(card->module);
128 snd_card_file_remove(card, file);
129 return 0;
130 }
131
132 /**
133 * snd_ctl_notify - Send notification to user-space for a control change
134 * @card: the card to send notification
135 * @mask: the event mask, SNDRV_CTL_EVENT_*
136 * @id: the ctl element id to send notification
137 *
138 * This function adds an event record with the given id and mask, appends
139 * to the list and wakes up the user-space for notification. This can be
140 * called in the atomic context.
141 */
snd_ctl_notify(struct snd_card * card,unsigned int mask,struct snd_ctl_elem_id * id)142 void snd_ctl_notify(struct snd_card *card, unsigned int mask,
143 struct snd_ctl_elem_id *id)
144 {
145 unsigned long flags;
146 struct snd_ctl_file *ctl;
147 struct snd_kctl_event *ev;
148
149 if (snd_BUG_ON(!card || !id))
150 return;
151 if (card->shutdown)
152 return;
153 read_lock_irqsave(&card->ctl_files_rwlock, flags);
154 #if IS_ENABLED(CONFIG_SND_MIXER_OSS)
155 card->mixer_oss_change_count++;
156 #endif
157 list_for_each_entry(ctl, &card->ctl_files, list) {
158 if (!ctl->subscribed)
159 continue;
160 spin_lock(&ctl->read_lock);
161 list_for_each_entry(ev, &ctl->events, list) {
162 if (ev->id.numid == id->numid) {
163 ev->mask |= mask;
164 goto _found;
165 }
166 }
167 ev = kzalloc(sizeof(*ev), GFP_ATOMIC);
168 if (ev) {
169 ev->id = *id;
170 ev->mask = mask;
171 list_add_tail(&ev->list, &ctl->events);
172 } else {
173 dev_err(card->dev, "No memory available to allocate event\n");
174 }
175 _found:
176 wake_up(&ctl->change_sleep);
177 spin_unlock(&ctl->read_lock);
178 kill_fasync(&ctl->fasync, SIGIO, POLL_IN);
179 }
180 read_unlock_irqrestore(&card->ctl_files_rwlock, flags);
181 }
182 EXPORT_SYMBOL(snd_ctl_notify);
183
184 /**
185 * snd_ctl_new - create a new control instance with some elements
186 * @kctl: the pointer to store new control instance
187 * @count: the number of elements in this control
188 * @access: the default access flags for elements in this control
189 * @file: given when locking these elements
190 *
191 * Allocates a memory object for a new control instance. The instance has
192 * elements as many as the given number (@count). Each element has given
193 * access permissions (@access). Each element is locked when @file is given.
194 *
195 * Return: 0 on success, error code on failure
196 */
snd_ctl_new(struct snd_kcontrol ** kctl,unsigned int count,unsigned int access,struct snd_ctl_file * file)197 static int snd_ctl_new(struct snd_kcontrol **kctl, unsigned int count,
198 unsigned int access, struct snd_ctl_file *file)
199 {
200 unsigned int idx;
201
202 if (count == 0 || count > MAX_CONTROL_COUNT)
203 return -EINVAL;
204
205 *kctl = kzalloc(struct_size(*kctl, vd, count), GFP_KERNEL);
206 if (!*kctl)
207 return -ENOMEM;
208
209 for (idx = 0; idx < count; idx++) {
210 (*kctl)->vd[idx].access = access;
211 (*kctl)->vd[idx].owner = file;
212 }
213 (*kctl)->count = count;
214
215 return 0;
216 }
217
218 /**
219 * snd_ctl_new1 - create a control instance from the template
220 * @ncontrol: the initialization record
221 * @private_data: the private data to set
222 *
223 * Allocates a new struct snd_kcontrol instance and initialize from the given
224 * template. When the access field of ncontrol is 0, it's assumed as
225 * READWRITE access. When the count field is 0, it's assumes as one.
226 *
227 * Return: The pointer of the newly generated instance, or %NULL on failure.
228 */
snd_ctl_new1(const struct snd_kcontrol_new * ncontrol,void * private_data)229 struct snd_kcontrol *snd_ctl_new1(const struct snd_kcontrol_new *ncontrol,
230 void *private_data)
231 {
232 struct snd_kcontrol *kctl;
233 unsigned int count;
234 unsigned int access;
235 int err;
236
237 if (snd_BUG_ON(!ncontrol || !ncontrol->info))
238 return NULL;
239
240 count = ncontrol->count;
241 if (count == 0)
242 count = 1;
243
244 access = ncontrol->access;
245 if (access == 0)
246 access = SNDRV_CTL_ELEM_ACCESS_READWRITE;
247 access &= (SNDRV_CTL_ELEM_ACCESS_READWRITE |
248 SNDRV_CTL_ELEM_ACCESS_VOLATILE |
249 SNDRV_CTL_ELEM_ACCESS_INACTIVE |
250 SNDRV_CTL_ELEM_ACCESS_TLV_READWRITE |
251 SNDRV_CTL_ELEM_ACCESS_TLV_COMMAND |
252 SNDRV_CTL_ELEM_ACCESS_TLV_CALLBACK |
253 SNDRV_CTL_ELEM_ACCESS_SKIP_CHECK);
254
255 err = snd_ctl_new(&kctl, count, access, NULL);
256 if (err < 0)
257 return NULL;
258
259 /* The 'numid' member is decided when calling snd_ctl_add(). */
260 kctl->id.iface = ncontrol->iface;
261 kctl->id.device = ncontrol->device;
262 kctl->id.subdevice = ncontrol->subdevice;
263 if (ncontrol->name) {
264 strlcpy(kctl->id.name, ncontrol->name, sizeof(kctl->id.name));
265 if (strcmp(ncontrol->name, kctl->id.name) != 0)
266 pr_warn("ALSA: Control name '%s' truncated to '%s'\n",
267 ncontrol->name, kctl->id.name);
268 }
269 kctl->id.index = ncontrol->index;
270
271 kctl->info = ncontrol->info;
272 kctl->get = ncontrol->get;
273 kctl->put = ncontrol->put;
274 kctl->tlv.p = ncontrol->tlv.p;
275
276 kctl->private_value = ncontrol->private_value;
277 kctl->private_data = private_data;
278
279 return kctl;
280 }
281 EXPORT_SYMBOL(snd_ctl_new1);
282
283 /**
284 * snd_ctl_free_one - release the control instance
285 * @kcontrol: the control instance
286 *
287 * Releases the control instance created via snd_ctl_new()
288 * or snd_ctl_new1().
289 * Don't call this after the control was added to the card.
290 */
snd_ctl_free_one(struct snd_kcontrol * kcontrol)291 void snd_ctl_free_one(struct snd_kcontrol *kcontrol)
292 {
293 if (kcontrol) {
294 if (kcontrol->private_free)
295 kcontrol->private_free(kcontrol);
296 kfree(kcontrol);
297 }
298 }
299 EXPORT_SYMBOL(snd_ctl_free_one);
300
snd_ctl_remove_numid_conflict(struct snd_card * card,unsigned int count)301 static bool snd_ctl_remove_numid_conflict(struct snd_card *card,
302 unsigned int count)
303 {
304 struct snd_kcontrol *kctl;
305
306 /* Make sure that the ids assigned to the control do not wrap around */
307 if (card->last_numid >= UINT_MAX - count)
308 card->last_numid = 0;
309
310 list_for_each_entry(kctl, &card->controls, list) {
311 if (kctl->id.numid < card->last_numid + 1 + count &&
312 kctl->id.numid + kctl->count > card->last_numid + 1) {
313 card->last_numid = kctl->id.numid + kctl->count - 1;
314 return true;
315 }
316 }
317 return false;
318 }
319
snd_ctl_find_hole(struct snd_card * card,unsigned int count)320 static int snd_ctl_find_hole(struct snd_card *card, unsigned int count)
321 {
322 unsigned int iter = 100000;
323
324 while (snd_ctl_remove_numid_conflict(card, count)) {
325 if (--iter == 0) {
326 /* this situation is very unlikely */
327 dev_err(card->dev, "unable to allocate new control numid\n");
328 return -ENOMEM;
329 }
330 }
331 return 0;
332 }
333
334 enum snd_ctl_add_mode {
335 CTL_ADD_EXCLUSIVE, CTL_REPLACE, CTL_ADD_ON_REPLACE,
336 };
337
338 /* add/replace a new kcontrol object; call with card->controls_rwsem locked */
__snd_ctl_add_replace(struct snd_card * card,struct snd_kcontrol * kcontrol,enum snd_ctl_add_mode mode)339 static int __snd_ctl_add_replace(struct snd_card *card,
340 struct snd_kcontrol *kcontrol,
341 enum snd_ctl_add_mode mode)
342 {
343 struct snd_ctl_elem_id id;
344 unsigned int idx;
345 unsigned int count;
346 struct snd_kcontrol *old;
347 int err;
348
349 id = kcontrol->id;
350 if (id.index > UINT_MAX - kcontrol->count)
351 return -EINVAL;
352
353 old = snd_ctl_find_id(card, &id);
354 if (!old) {
355 if (mode == CTL_REPLACE)
356 return -EINVAL;
357 } else {
358 if (mode == CTL_ADD_EXCLUSIVE) {
359 dev_err(card->dev,
360 "control %i:%i:%i:%s:%i is already present\n",
361 id.iface, id.device, id.subdevice, id.name,
362 id.index);
363 return -EBUSY;
364 }
365
366 err = snd_ctl_remove(card, old);
367 if (err < 0)
368 return err;
369 }
370
371 if (snd_ctl_find_hole(card, kcontrol->count) < 0)
372 return -ENOMEM;
373
374 list_add_tail(&kcontrol->list, &card->controls);
375 card->controls_count += kcontrol->count;
376 kcontrol->id.numid = card->last_numid + 1;
377 card->last_numid += kcontrol->count;
378
379 id = kcontrol->id;
380 count = kcontrol->count;
381 for (idx = 0; idx < count; idx++, id.index++, id.numid++)
382 snd_ctl_notify(card, SNDRV_CTL_EVENT_MASK_ADD, &id);
383
384 return 0;
385 }
386
snd_ctl_add_replace(struct snd_card * card,struct snd_kcontrol * kcontrol,enum snd_ctl_add_mode mode)387 static int snd_ctl_add_replace(struct snd_card *card,
388 struct snd_kcontrol *kcontrol,
389 enum snd_ctl_add_mode mode)
390 {
391 int err = -EINVAL;
392
393 if (! kcontrol)
394 return err;
395 if (snd_BUG_ON(!card || !kcontrol->info))
396 goto error;
397
398 down_write(&card->controls_rwsem);
399 err = __snd_ctl_add_replace(card, kcontrol, mode);
400 up_write(&card->controls_rwsem);
401 if (err < 0)
402 goto error;
403 return 0;
404
405 error:
406 snd_ctl_free_one(kcontrol);
407 return err;
408 }
409
410 /**
411 * snd_ctl_add - add the control instance to the card
412 * @card: the card instance
413 * @kcontrol: the control instance to add
414 *
415 * Adds the control instance created via snd_ctl_new() or
416 * snd_ctl_new1() to the given card. Assigns also an unique
417 * numid used for fast search.
418 *
419 * It frees automatically the control which cannot be added.
420 *
421 * Return: Zero if successful, or a negative error code on failure.
422 *
423 */
snd_ctl_add(struct snd_card * card,struct snd_kcontrol * kcontrol)424 int snd_ctl_add(struct snd_card *card, struct snd_kcontrol *kcontrol)
425 {
426 return snd_ctl_add_replace(card, kcontrol, CTL_ADD_EXCLUSIVE);
427 }
428 EXPORT_SYMBOL(snd_ctl_add);
429
430 /**
431 * snd_ctl_replace - replace the control instance of the card
432 * @card: the card instance
433 * @kcontrol: the control instance to replace
434 * @add_on_replace: add the control if not already added
435 *
436 * Replaces the given control. If the given control does not exist
437 * and the add_on_replace flag is set, the control is added. If the
438 * control exists, it is destroyed first.
439 *
440 * It frees automatically the control which cannot be added or replaced.
441 *
442 * Return: Zero if successful, or a negative error code on failure.
443 */
snd_ctl_replace(struct snd_card * card,struct snd_kcontrol * kcontrol,bool add_on_replace)444 int snd_ctl_replace(struct snd_card *card, struct snd_kcontrol *kcontrol,
445 bool add_on_replace)
446 {
447 return snd_ctl_add_replace(card, kcontrol,
448 add_on_replace ? CTL_ADD_ON_REPLACE : CTL_REPLACE);
449 }
450 EXPORT_SYMBOL(snd_ctl_replace);
451
452 /**
453 * snd_ctl_remove - remove the control from the card and release it
454 * @card: the card instance
455 * @kcontrol: the control instance to remove
456 *
457 * Removes the control from the card and then releases the instance.
458 * You don't need to call snd_ctl_free_one(). You must be in
459 * the write lock - down_write(&card->controls_rwsem).
460 *
461 * Return: 0 if successful, or a negative error code on failure.
462 */
snd_ctl_remove(struct snd_card * card,struct snd_kcontrol * kcontrol)463 int snd_ctl_remove(struct snd_card *card, struct snd_kcontrol *kcontrol)
464 {
465 struct snd_ctl_elem_id id;
466 unsigned int idx;
467
468 if (snd_BUG_ON(!card || !kcontrol))
469 return -EINVAL;
470 list_del(&kcontrol->list);
471 card->controls_count -= kcontrol->count;
472 id = kcontrol->id;
473 for (idx = 0; idx < kcontrol->count; idx++, id.index++, id.numid++)
474 snd_ctl_notify(card, SNDRV_CTL_EVENT_MASK_REMOVE, &id);
475 snd_ctl_free_one(kcontrol);
476 return 0;
477 }
478 EXPORT_SYMBOL(snd_ctl_remove);
479
480 /**
481 * snd_ctl_remove_id - remove the control of the given id and release it
482 * @card: the card instance
483 * @id: the control id to remove
484 *
485 * Finds the control instance with the given id, removes it from the
486 * card list and releases it.
487 *
488 * Return: 0 if successful, or a negative error code on failure.
489 */
snd_ctl_remove_id(struct snd_card * card,struct snd_ctl_elem_id * id)490 int snd_ctl_remove_id(struct snd_card *card, struct snd_ctl_elem_id *id)
491 {
492 struct snd_kcontrol *kctl;
493 int ret;
494
495 down_write(&card->controls_rwsem);
496 kctl = snd_ctl_find_id(card, id);
497 if (kctl == NULL) {
498 up_write(&card->controls_rwsem);
499 return -ENOENT;
500 }
501 ret = snd_ctl_remove(card, kctl);
502 up_write(&card->controls_rwsem);
503 return ret;
504 }
505 EXPORT_SYMBOL(snd_ctl_remove_id);
506
507 /**
508 * snd_ctl_remove_user_ctl - remove and release the unlocked user control
509 * @file: active control handle
510 * @id: the control id to remove
511 *
512 * Finds the control instance with the given id, removes it from the
513 * card list and releases it.
514 *
515 * Return: 0 if successful, or a negative error code on failure.
516 */
snd_ctl_remove_user_ctl(struct snd_ctl_file * file,struct snd_ctl_elem_id * id)517 static int snd_ctl_remove_user_ctl(struct snd_ctl_file * file,
518 struct snd_ctl_elem_id *id)
519 {
520 struct snd_card *card = file->card;
521 struct snd_kcontrol *kctl;
522 int idx, ret;
523
524 down_write(&card->controls_rwsem);
525 kctl = snd_ctl_find_id(card, id);
526 if (kctl == NULL) {
527 ret = -ENOENT;
528 goto error;
529 }
530 if (!(kctl->vd[0].access & SNDRV_CTL_ELEM_ACCESS_USER)) {
531 ret = -EINVAL;
532 goto error;
533 }
534 for (idx = 0; idx < kctl->count; idx++)
535 if (kctl->vd[idx].owner != NULL && kctl->vd[idx].owner != file) {
536 ret = -EBUSY;
537 goto error;
538 }
539 ret = snd_ctl_remove(card, kctl);
540 if (ret < 0)
541 goto error;
542 card->user_ctl_count--;
543 error:
544 up_write(&card->controls_rwsem);
545 return ret;
546 }
547
548 /**
549 * snd_ctl_activate_id - activate/inactivate the control of the given id
550 * @card: the card instance
551 * @id: the control id to activate/inactivate
552 * @active: non-zero to activate
553 *
554 * Finds the control instance with the given id, and activate or
555 * inactivate the control together with notification, if changed.
556 * The given ID data is filled with full information.
557 *
558 * Return: 0 if unchanged, 1 if changed, or a negative error code on failure.
559 */
snd_ctl_activate_id(struct snd_card * card,struct snd_ctl_elem_id * id,int active)560 int snd_ctl_activate_id(struct snd_card *card, struct snd_ctl_elem_id *id,
561 int active)
562 {
563 struct snd_kcontrol *kctl;
564 struct snd_kcontrol_volatile *vd;
565 unsigned int index_offset;
566 int ret;
567
568 down_write(&card->controls_rwsem);
569 kctl = snd_ctl_find_id(card, id);
570 if (kctl == NULL) {
571 ret = -ENOENT;
572 goto unlock;
573 }
574 index_offset = snd_ctl_get_ioff(kctl, id);
575 vd = &kctl->vd[index_offset];
576 ret = 0;
577 if (active) {
578 if (!(vd->access & SNDRV_CTL_ELEM_ACCESS_INACTIVE))
579 goto unlock;
580 vd->access &= ~SNDRV_CTL_ELEM_ACCESS_INACTIVE;
581 } else {
582 if (vd->access & SNDRV_CTL_ELEM_ACCESS_INACTIVE)
583 goto unlock;
584 vd->access |= SNDRV_CTL_ELEM_ACCESS_INACTIVE;
585 }
586 snd_ctl_build_ioff(id, kctl, index_offset);
587 ret = 1;
588 unlock:
589 up_write(&card->controls_rwsem);
590 if (ret > 0)
591 snd_ctl_notify(card, SNDRV_CTL_EVENT_MASK_INFO, id);
592 return ret;
593 }
594 EXPORT_SYMBOL_GPL(snd_ctl_activate_id);
595
596 /**
597 * snd_ctl_rename_id - replace the id of a control on the card
598 * @card: the card instance
599 * @src_id: the old id
600 * @dst_id: the new id
601 *
602 * Finds the control with the old id from the card, and replaces the
603 * id with the new one.
604 *
605 * Return: Zero if successful, or a negative error code on failure.
606 */
snd_ctl_rename_id(struct snd_card * card,struct snd_ctl_elem_id * src_id,struct snd_ctl_elem_id * dst_id)607 int snd_ctl_rename_id(struct snd_card *card, struct snd_ctl_elem_id *src_id,
608 struct snd_ctl_elem_id *dst_id)
609 {
610 struct snd_kcontrol *kctl;
611
612 down_write(&card->controls_rwsem);
613 kctl = snd_ctl_find_id(card, src_id);
614 if (kctl == NULL) {
615 up_write(&card->controls_rwsem);
616 return -ENOENT;
617 }
618 kctl->id = *dst_id;
619 kctl->id.numid = card->last_numid + 1;
620 card->last_numid += kctl->count;
621 up_write(&card->controls_rwsem);
622 return 0;
623 }
624 EXPORT_SYMBOL(snd_ctl_rename_id);
625
626 /**
627 * snd_ctl_find_numid - find the control instance with the given number-id
628 * @card: the card instance
629 * @numid: the number-id to search
630 *
631 * Finds the control instance with the given number-id from the card.
632 *
633 * The caller must down card->controls_rwsem before calling this function
634 * (if the race condition can happen).
635 *
636 * Return: The pointer of the instance if found, or %NULL if not.
637 *
638 */
snd_ctl_find_numid(struct snd_card * card,unsigned int numid)639 struct snd_kcontrol *snd_ctl_find_numid(struct snd_card *card, unsigned int numid)
640 {
641 struct snd_kcontrol *kctl;
642
643 if (snd_BUG_ON(!card || !numid))
644 return NULL;
645 list_for_each_entry(kctl, &card->controls, list) {
646 if (kctl->id.numid <= numid && kctl->id.numid + kctl->count > numid)
647 return kctl;
648 }
649 return NULL;
650 }
651 EXPORT_SYMBOL(snd_ctl_find_numid);
652
653 /**
654 * snd_ctl_find_id - find the control instance with the given id
655 * @card: the card instance
656 * @id: the id to search
657 *
658 * Finds the control instance with the given id from the card.
659 *
660 * The caller must down card->controls_rwsem before calling this function
661 * (if the race condition can happen).
662 *
663 * Return: The pointer of the instance if found, or %NULL if not.
664 *
665 */
snd_ctl_find_id(struct snd_card * card,struct snd_ctl_elem_id * id)666 struct snd_kcontrol *snd_ctl_find_id(struct snd_card *card,
667 struct snd_ctl_elem_id *id)
668 {
669 struct snd_kcontrol *kctl;
670
671 if (snd_BUG_ON(!card || !id))
672 return NULL;
673 if (id->numid != 0)
674 return snd_ctl_find_numid(card, id->numid);
675 list_for_each_entry(kctl, &card->controls, list) {
676 if (kctl->id.iface != id->iface)
677 continue;
678 if (kctl->id.device != id->device)
679 continue;
680 if (kctl->id.subdevice != id->subdevice)
681 continue;
682 if (strncmp(kctl->id.name, id->name, sizeof(kctl->id.name)))
683 continue;
684 if (kctl->id.index > id->index)
685 continue;
686 if (kctl->id.index + kctl->count <= id->index)
687 continue;
688 return kctl;
689 }
690 return NULL;
691 }
692 EXPORT_SYMBOL(snd_ctl_find_id);
693
snd_ctl_card_info(struct snd_card * card,struct snd_ctl_file * ctl,unsigned int cmd,void __user * arg)694 static int snd_ctl_card_info(struct snd_card *card, struct snd_ctl_file * ctl,
695 unsigned int cmd, void __user *arg)
696 {
697 struct snd_ctl_card_info *info;
698
699 info = kzalloc(sizeof(*info), GFP_KERNEL);
700 if (! info)
701 return -ENOMEM;
702 down_read(&snd_ioctl_rwsem);
703 info->card = card->number;
704 strlcpy(info->id, card->id, sizeof(info->id));
705 strlcpy(info->driver, card->driver, sizeof(info->driver));
706 strlcpy(info->name, card->shortname, sizeof(info->name));
707 strlcpy(info->longname, card->longname, sizeof(info->longname));
708 strlcpy(info->mixername, card->mixername, sizeof(info->mixername));
709 strlcpy(info->components, card->components, sizeof(info->components));
710 up_read(&snd_ioctl_rwsem);
711 if (copy_to_user(arg, info, sizeof(struct snd_ctl_card_info))) {
712 kfree(info);
713 return -EFAULT;
714 }
715 kfree(info);
716 return 0;
717 }
718
snd_ctl_elem_list(struct snd_card * card,struct snd_ctl_elem_list * list)719 static int snd_ctl_elem_list(struct snd_card *card,
720 struct snd_ctl_elem_list *list)
721 {
722 struct snd_kcontrol *kctl;
723 struct snd_ctl_elem_id id;
724 unsigned int offset, space, jidx;
725 int err = 0;
726
727 offset = list->offset;
728 space = list->space;
729
730 down_read(&card->controls_rwsem);
731 list->count = card->controls_count;
732 list->used = 0;
733 if (space > 0) {
734 list_for_each_entry(kctl, &card->controls, list) {
735 if (offset >= kctl->count) {
736 offset -= kctl->count;
737 continue;
738 }
739 for (jidx = offset; jidx < kctl->count; jidx++) {
740 snd_ctl_build_ioff(&id, kctl, jidx);
741 if (copy_to_user(list->pids + list->used, &id,
742 sizeof(id))) {
743 err = -EFAULT;
744 goto out;
745 }
746 list->used++;
747 if (!--space)
748 goto out;
749 }
750 offset = 0;
751 }
752 }
753 out:
754 up_read(&card->controls_rwsem);
755 return err;
756 }
757
snd_ctl_elem_list_user(struct snd_card * card,struct snd_ctl_elem_list __user * _list)758 static int snd_ctl_elem_list_user(struct snd_card *card,
759 struct snd_ctl_elem_list __user *_list)
760 {
761 struct snd_ctl_elem_list list;
762 int err;
763
764 if (copy_from_user(&list, _list, sizeof(list)))
765 return -EFAULT;
766 err = snd_ctl_elem_list(card, &list);
767 if (err)
768 return err;
769 if (copy_to_user(_list, &list, sizeof(list)))
770 return -EFAULT;
771
772 return 0;
773 }
774
775 /* Check whether the given kctl info is valid */
snd_ctl_check_elem_info(struct snd_card * card,const struct snd_ctl_elem_info * info)776 static int snd_ctl_check_elem_info(struct snd_card *card,
777 const struct snd_ctl_elem_info *info)
778 {
779 static const unsigned int max_value_counts[] = {
780 [SNDRV_CTL_ELEM_TYPE_BOOLEAN] = 128,
781 [SNDRV_CTL_ELEM_TYPE_INTEGER] = 128,
782 [SNDRV_CTL_ELEM_TYPE_ENUMERATED] = 128,
783 [SNDRV_CTL_ELEM_TYPE_BYTES] = 512,
784 [SNDRV_CTL_ELEM_TYPE_IEC958] = 1,
785 [SNDRV_CTL_ELEM_TYPE_INTEGER64] = 64,
786 };
787
788 if (info->type < SNDRV_CTL_ELEM_TYPE_BOOLEAN ||
789 info->type > SNDRV_CTL_ELEM_TYPE_INTEGER64) {
790 if (card)
791 dev_err(card->dev,
792 "control %i:%i:%i:%s:%i: invalid type %d\n",
793 info->id.iface, info->id.device,
794 info->id.subdevice, info->id.name,
795 info->id.index, info->type);
796 return -EINVAL;
797 }
798 if (info->type == SNDRV_CTL_ELEM_TYPE_ENUMERATED &&
799 info->value.enumerated.items == 0) {
800 if (card)
801 dev_err(card->dev,
802 "control %i:%i:%i:%s:%i: zero enum items\n",
803 info->id.iface, info->id.device,
804 info->id.subdevice, info->id.name,
805 info->id.index);
806 return -EINVAL;
807 }
808 if (info->count > max_value_counts[info->type]) {
809 if (card)
810 dev_err(card->dev,
811 "control %i:%i:%i:%s:%i: invalid count %d\n",
812 info->id.iface, info->id.device,
813 info->id.subdevice, info->id.name,
814 info->id.index, info->count);
815 return -EINVAL;
816 }
817
818 return 0;
819 }
820
821 /* The capacity of struct snd_ctl_elem_value.value.*/
822 static const unsigned int value_sizes[] = {
823 [SNDRV_CTL_ELEM_TYPE_BOOLEAN] = sizeof(long),
824 [SNDRV_CTL_ELEM_TYPE_INTEGER] = sizeof(long),
825 [SNDRV_CTL_ELEM_TYPE_ENUMERATED] = sizeof(unsigned int),
826 [SNDRV_CTL_ELEM_TYPE_BYTES] = sizeof(unsigned char),
827 [SNDRV_CTL_ELEM_TYPE_IEC958] = sizeof(struct snd_aes_iec958),
828 [SNDRV_CTL_ELEM_TYPE_INTEGER64] = sizeof(long long),
829 };
830
831 #ifdef CONFIG_SND_CTL_VALIDATION
832 /* fill the remaining snd_ctl_elem_value data with the given pattern */
fill_remaining_elem_value(struct snd_ctl_elem_value * control,struct snd_ctl_elem_info * info,u32 pattern)833 static void fill_remaining_elem_value(struct snd_ctl_elem_value *control,
834 struct snd_ctl_elem_info *info,
835 u32 pattern)
836 {
837 size_t offset = value_sizes[info->type] * info->count;
838
839 offset = (offset + sizeof(u32) - 1) / sizeof(u32);
840 memset32((u32 *)control->value.bytes.data + offset, pattern,
841 sizeof(control->value) / sizeof(u32) - offset);
842 }
843
844 /* check whether the given integer ctl value is valid */
sanity_check_int_value(struct snd_card * card,const struct snd_ctl_elem_value * control,const struct snd_ctl_elem_info * info,int i)845 static int sanity_check_int_value(struct snd_card *card,
846 const struct snd_ctl_elem_value *control,
847 const struct snd_ctl_elem_info *info,
848 int i)
849 {
850 long long lval, lmin, lmax, lstep;
851 u64 rem;
852
853 switch (info->type) {
854 default:
855 case SNDRV_CTL_ELEM_TYPE_BOOLEAN:
856 lval = control->value.integer.value[i];
857 lmin = 0;
858 lmax = 1;
859 lstep = 0;
860 break;
861 case SNDRV_CTL_ELEM_TYPE_INTEGER:
862 lval = control->value.integer.value[i];
863 lmin = info->value.integer.min;
864 lmax = info->value.integer.max;
865 lstep = info->value.integer.step;
866 break;
867 case SNDRV_CTL_ELEM_TYPE_INTEGER64:
868 lval = control->value.integer64.value[i];
869 lmin = info->value.integer64.min;
870 lmax = info->value.integer64.max;
871 lstep = info->value.integer64.step;
872 break;
873 case SNDRV_CTL_ELEM_TYPE_ENUMERATED:
874 lval = control->value.enumerated.item[i];
875 lmin = 0;
876 lmax = info->value.enumerated.items - 1;
877 lstep = 0;
878 break;
879 }
880
881 if (lval < lmin || lval > lmax) {
882 dev_err(card->dev,
883 "control %i:%i:%i:%s:%i: value out of range %lld (%lld/%lld) at count %i\n",
884 control->id.iface, control->id.device,
885 control->id.subdevice, control->id.name,
886 control->id.index, lval, lmin, lmax, i);
887 return -EINVAL;
888 }
889 if (lstep) {
890 div64_u64_rem(lval, lstep, &rem);
891 if (rem) {
892 dev_err(card->dev,
893 "control %i:%i:%i:%s:%i: unaligned value %lld (step %lld) at count %i\n",
894 control->id.iface, control->id.device,
895 control->id.subdevice, control->id.name,
896 control->id.index, lval, lstep, i);
897 return -EINVAL;
898 }
899 }
900
901 return 0;
902 }
903
904 /* perform sanity checks to the given snd_ctl_elem_value object */
sanity_check_elem_value(struct snd_card * card,const struct snd_ctl_elem_value * control,const struct snd_ctl_elem_info * info,u32 pattern)905 static int sanity_check_elem_value(struct snd_card *card,
906 const struct snd_ctl_elem_value *control,
907 const struct snd_ctl_elem_info *info,
908 u32 pattern)
909 {
910 size_t offset;
911 int i, ret = 0;
912 u32 *p;
913
914 switch (info->type) {
915 case SNDRV_CTL_ELEM_TYPE_BOOLEAN:
916 case SNDRV_CTL_ELEM_TYPE_INTEGER:
917 case SNDRV_CTL_ELEM_TYPE_INTEGER64:
918 case SNDRV_CTL_ELEM_TYPE_ENUMERATED:
919 for (i = 0; i < info->count; i++) {
920 ret = sanity_check_int_value(card, control, info, i);
921 if (ret < 0)
922 return ret;
923 }
924 break;
925 default:
926 break;
927 }
928
929 /* check whether the remaining area kept untouched */
930 offset = value_sizes[info->type] * info->count;
931 offset = (offset + sizeof(u32) - 1) / sizeof(u32);
932 p = (u32 *)control->value.bytes.data + offset;
933 for (; offset < sizeof(control->value) / sizeof(u32); offset++, p++) {
934 if (*p != pattern) {
935 ret = -EINVAL;
936 break;
937 }
938 *p = 0; /* clear the checked area */
939 }
940
941 return ret;
942 }
943 #else
fill_remaining_elem_value(struct snd_ctl_elem_value * control,struct snd_ctl_elem_info * info,u32 pattern)944 static inline void fill_remaining_elem_value(struct snd_ctl_elem_value *control,
945 struct snd_ctl_elem_info *info,
946 u32 pattern)
947 {
948 }
949
sanity_check_elem_value(struct snd_card * card,struct snd_ctl_elem_value * control,struct snd_ctl_elem_info * info,u32 pattern)950 static inline int sanity_check_elem_value(struct snd_card *card,
951 struct snd_ctl_elem_value *control,
952 struct snd_ctl_elem_info *info,
953 u32 pattern)
954 {
955 return 0;
956 }
957 #endif
958
__snd_ctl_elem_info(struct snd_card * card,struct snd_kcontrol * kctl,struct snd_ctl_elem_info * info,struct snd_ctl_file * ctl)959 static int __snd_ctl_elem_info(struct snd_card *card,
960 struct snd_kcontrol *kctl,
961 struct snd_ctl_elem_info *info,
962 struct snd_ctl_file *ctl)
963 {
964 struct snd_kcontrol_volatile *vd;
965 unsigned int index_offset;
966 int result;
967
968 #ifdef CONFIG_SND_DEBUG
969 info->access = 0;
970 #endif
971 result = kctl->info(kctl, info);
972 if (result >= 0) {
973 snd_BUG_ON(info->access);
974 index_offset = snd_ctl_get_ioff(kctl, &info->id);
975 vd = &kctl->vd[index_offset];
976 snd_ctl_build_ioff(&info->id, kctl, index_offset);
977 info->access = vd->access;
978 if (vd->owner) {
979 info->access |= SNDRV_CTL_ELEM_ACCESS_LOCK;
980 if (vd->owner == ctl)
981 info->access |= SNDRV_CTL_ELEM_ACCESS_OWNER;
982 info->owner = pid_vnr(vd->owner->pid);
983 } else {
984 info->owner = -1;
985 }
986 if (!snd_ctl_skip_validation(info) &&
987 snd_ctl_check_elem_info(card, info) < 0)
988 result = -EINVAL;
989 }
990 return result;
991 }
992
snd_ctl_elem_info(struct snd_ctl_file * ctl,struct snd_ctl_elem_info * info)993 static int snd_ctl_elem_info(struct snd_ctl_file *ctl,
994 struct snd_ctl_elem_info *info)
995 {
996 struct snd_card *card = ctl->card;
997 struct snd_kcontrol *kctl;
998 int result;
999
1000 down_read(&card->controls_rwsem);
1001 kctl = snd_ctl_find_id(card, &info->id);
1002 if (kctl == NULL)
1003 result = -ENOENT;
1004 else
1005 result = __snd_ctl_elem_info(card, kctl, info, ctl);
1006 up_read(&card->controls_rwsem);
1007 return result;
1008 }
1009
snd_ctl_elem_info_user(struct snd_ctl_file * ctl,struct snd_ctl_elem_info __user * _info)1010 static int snd_ctl_elem_info_user(struct snd_ctl_file *ctl,
1011 struct snd_ctl_elem_info __user *_info)
1012 {
1013 struct snd_ctl_elem_info info;
1014 int result;
1015
1016 if (copy_from_user(&info, _info, sizeof(info)))
1017 return -EFAULT;
1018 result = snd_power_wait(ctl->card, SNDRV_CTL_POWER_D0);
1019 if (result < 0)
1020 return result;
1021 result = snd_ctl_elem_info(ctl, &info);
1022 if (result < 0)
1023 return result;
1024 /* drop internal access flags */
1025 info.access &= ~SNDRV_CTL_ELEM_ACCESS_SKIP_CHECK;
1026 if (copy_to_user(_info, &info, sizeof(info)))
1027 return -EFAULT;
1028 return result;
1029 }
1030
snd_ctl_elem_read(struct snd_card * card,struct snd_ctl_elem_value * control)1031 static int snd_ctl_elem_read(struct snd_card *card,
1032 struct snd_ctl_elem_value *control)
1033 {
1034 struct snd_kcontrol *kctl;
1035 struct snd_kcontrol_volatile *vd;
1036 unsigned int index_offset;
1037 struct snd_ctl_elem_info info;
1038 const u32 pattern = 0xdeadbeef;
1039 int ret;
1040
1041 kctl = snd_ctl_find_id(card, &control->id);
1042 if (kctl == NULL)
1043 return -ENOENT;
1044
1045 index_offset = snd_ctl_get_ioff(kctl, &control->id);
1046 vd = &kctl->vd[index_offset];
1047 if (!(vd->access & SNDRV_CTL_ELEM_ACCESS_READ) || kctl->get == NULL)
1048 return -EPERM;
1049
1050 snd_ctl_build_ioff(&control->id, kctl, index_offset);
1051
1052 #ifdef CONFIG_SND_CTL_VALIDATION
1053 /* info is needed only for validation */
1054 memset(&info, 0, sizeof(info));
1055 info.id = control->id;
1056 ret = __snd_ctl_elem_info(card, kctl, &info, NULL);
1057 if (ret < 0)
1058 return ret;
1059 #endif
1060
1061 if (!snd_ctl_skip_validation(&info))
1062 fill_remaining_elem_value(control, &info, pattern);
1063 ret = kctl->get(kctl, control);
1064 if (ret < 0)
1065 return ret;
1066 if (!snd_ctl_skip_validation(&info) &&
1067 sanity_check_elem_value(card, control, &info, pattern) < 0) {
1068 dev_err(card->dev,
1069 "control %i:%i:%i:%s:%i: access overflow\n",
1070 control->id.iface, control->id.device,
1071 control->id.subdevice, control->id.name,
1072 control->id.index);
1073 return -EINVAL;
1074 }
1075 return ret;
1076 }
1077
snd_ctl_elem_read_user(struct snd_card * card,struct snd_ctl_elem_value __user * _control)1078 static int snd_ctl_elem_read_user(struct snd_card *card,
1079 struct snd_ctl_elem_value __user *_control)
1080 {
1081 struct snd_ctl_elem_value *control;
1082 int result;
1083
1084 control = memdup_user(_control, sizeof(*control));
1085 if (IS_ERR(control))
1086 return PTR_ERR(control);
1087
1088 result = snd_power_wait(card, SNDRV_CTL_POWER_D0);
1089 if (result < 0)
1090 goto error;
1091
1092 down_read(&card->controls_rwsem);
1093 result = snd_ctl_elem_read(card, control);
1094 up_read(&card->controls_rwsem);
1095 if (result < 0)
1096 goto error;
1097
1098 if (copy_to_user(_control, control, sizeof(*control)))
1099 result = -EFAULT;
1100 error:
1101 kfree(control);
1102 return result;
1103 }
1104
snd_ctl_elem_write(struct snd_card * card,struct snd_ctl_file * file,struct snd_ctl_elem_value * control)1105 static int snd_ctl_elem_write(struct snd_card *card, struct snd_ctl_file *file,
1106 struct snd_ctl_elem_value *control)
1107 {
1108 struct snd_kcontrol *kctl;
1109 struct snd_kcontrol_volatile *vd;
1110 unsigned int index_offset;
1111 int result;
1112
1113 kctl = snd_ctl_find_id(card, &control->id);
1114 if (kctl == NULL)
1115 return -ENOENT;
1116
1117 index_offset = snd_ctl_get_ioff(kctl, &control->id);
1118 vd = &kctl->vd[index_offset];
1119 if (!(vd->access & SNDRV_CTL_ELEM_ACCESS_WRITE) || kctl->put == NULL ||
1120 (file && vd->owner && vd->owner != file)) {
1121 return -EPERM;
1122 }
1123
1124 snd_ctl_build_ioff(&control->id, kctl, index_offset);
1125 result = kctl->put(kctl, control);
1126 if (result < 0)
1127 return result;
1128
1129 if (result > 0) {
1130 struct snd_ctl_elem_id id = control->id;
1131 snd_ctl_notify(card, SNDRV_CTL_EVENT_MASK_VALUE, &id);
1132 }
1133
1134 return 0;
1135 }
1136
snd_ctl_elem_write_user(struct snd_ctl_file * file,struct snd_ctl_elem_value __user * _control)1137 static int snd_ctl_elem_write_user(struct snd_ctl_file *file,
1138 struct snd_ctl_elem_value __user *_control)
1139 {
1140 struct snd_ctl_elem_value *control;
1141 struct snd_card *card;
1142 int result;
1143
1144 control = memdup_user(_control, sizeof(*control));
1145 if (IS_ERR(control))
1146 return PTR_ERR(control);
1147
1148 card = file->card;
1149 result = snd_power_wait(card, SNDRV_CTL_POWER_D0);
1150 if (result < 0)
1151 goto error;
1152
1153 down_write(&card->controls_rwsem);
1154 result = snd_ctl_elem_write(card, file, control);
1155 up_write(&card->controls_rwsem);
1156 if (result < 0)
1157 goto error;
1158
1159 if (copy_to_user(_control, control, sizeof(*control)))
1160 result = -EFAULT;
1161 error:
1162 kfree(control);
1163 return result;
1164 }
1165
snd_ctl_elem_lock(struct snd_ctl_file * file,struct snd_ctl_elem_id __user * _id)1166 static int snd_ctl_elem_lock(struct snd_ctl_file *file,
1167 struct snd_ctl_elem_id __user *_id)
1168 {
1169 struct snd_card *card = file->card;
1170 struct snd_ctl_elem_id id;
1171 struct snd_kcontrol *kctl;
1172 struct snd_kcontrol_volatile *vd;
1173 int result;
1174
1175 if (copy_from_user(&id, _id, sizeof(id)))
1176 return -EFAULT;
1177 down_write(&card->controls_rwsem);
1178 kctl = snd_ctl_find_id(card, &id);
1179 if (kctl == NULL) {
1180 result = -ENOENT;
1181 } else {
1182 vd = &kctl->vd[snd_ctl_get_ioff(kctl, &id)];
1183 if (vd->owner != NULL)
1184 result = -EBUSY;
1185 else {
1186 vd->owner = file;
1187 result = 0;
1188 }
1189 }
1190 up_write(&card->controls_rwsem);
1191 return result;
1192 }
1193
snd_ctl_elem_unlock(struct snd_ctl_file * file,struct snd_ctl_elem_id __user * _id)1194 static int snd_ctl_elem_unlock(struct snd_ctl_file *file,
1195 struct snd_ctl_elem_id __user *_id)
1196 {
1197 struct snd_card *card = file->card;
1198 struct snd_ctl_elem_id id;
1199 struct snd_kcontrol *kctl;
1200 struct snd_kcontrol_volatile *vd;
1201 int result;
1202
1203 if (copy_from_user(&id, _id, sizeof(id)))
1204 return -EFAULT;
1205 down_write(&card->controls_rwsem);
1206 kctl = snd_ctl_find_id(card, &id);
1207 if (kctl == NULL) {
1208 result = -ENOENT;
1209 } else {
1210 vd = &kctl->vd[snd_ctl_get_ioff(kctl, &id)];
1211 if (vd->owner == NULL)
1212 result = -EINVAL;
1213 else if (vd->owner != file)
1214 result = -EPERM;
1215 else {
1216 vd->owner = NULL;
1217 result = 0;
1218 }
1219 }
1220 up_write(&card->controls_rwsem);
1221 return result;
1222 }
1223
1224 struct user_element {
1225 struct snd_ctl_elem_info info;
1226 struct snd_card *card;
1227 char *elem_data; /* element data */
1228 unsigned long elem_data_size; /* size of element data in bytes */
1229 void *tlv_data; /* TLV data */
1230 unsigned long tlv_data_size; /* TLV data size */
1231 void *priv_data; /* private data (like strings for enumerated type) */
1232 };
1233
snd_ctl_elem_user_info(struct snd_kcontrol * kcontrol,struct snd_ctl_elem_info * uinfo)1234 static int snd_ctl_elem_user_info(struct snd_kcontrol *kcontrol,
1235 struct snd_ctl_elem_info *uinfo)
1236 {
1237 struct user_element *ue = kcontrol->private_data;
1238 unsigned int offset;
1239
1240 offset = snd_ctl_get_ioff(kcontrol, &uinfo->id);
1241 *uinfo = ue->info;
1242 snd_ctl_build_ioff(&uinfo->id, kcontrol, offset);
1243
1244 return 0;
1245 }
1246
snd_ctl_elem_user_enum_info(struct snd_kcontrol * kcontrol,struct snd_ctl_elem_info * uinfo)1247 static int snd_ctl_elem_user_enum_info(struct snd_kcontrol *kcontrol,
1248 struct snd_ctl_elem_info *uinfo)
1249 {
1250 struct user_element *ue = kcontrol->private_data;
1251 const char *names;
1252 unsigned int item;
1253 unsigned int offset;
1254
1255 item = uinfo->value.enumerated.item;
1256
1257 offset = snd_ctl_get_ioff(kcontrol, &uinfo->id);
1258 *uinfo = ue->info;
1259 snd_ctl_build_ioff(&uinfo->id, kcontrol, offset);
1260
1261 item = min(item, uinfo->value.enumerated.items - 1);
1262 uinfo->value.enumerated.item = item;
1263
1264 names = ue->priv_data;
1265 for (; item > 0; --item)
1266 names += strlen(names) + 1;
1267 strcpy(uinfo->value.enumerated.name, names);
1268
1269 return 0;
1270 }
1271
snd_ctl_elem_user_get(struct snd_kcontrol * kcontrol,struct snd_ctl_elem_value * ucontrol)1272 static int snd_ctl_elem_user_get(struct snd_kcontrol *kcontrol,
1273 struct snd_ctl_elem_value *ucontrol)
1274 {
1275 struct user_element *ue = kcontrol->private_data;
1276 unsigned int size = ue->elem_data_size;
1277 char *src = ue->elem_data +
1278 snd_ctl_get_ioff(kcontrol, &ucontrol->id) * size;
1279
1280 memcpy(&ucontrol->value, src, size);
1281 return 0;
1282 }
1283
snd_ctl_elem_user_put(struct snd_kcontrol * kcontrol,struct snd_ctl_elem_value * ucontrol)1284 static int snd_ctl_elem_user_put(struct snd_kcontrol *kcontrol,
1285 struct snd_ctl_elem_value *ucontrol)
1286 {
1287 int change;
1288 struct user_element *ue = kcontrol->private_data;
1289 unsigned int size = ue->elem_data_size;
1290 char *dst = ue->elem_data +
1291 snd_ctl_get_ioff(kcontrol, &ucontrol->id) * size;
1292
1293 change = memcmp(&ucontrol->value, dst, size) != 0;
1294 if (change)
1295 memcpy(dst, &ucontrol->value, size);
1296 return change;
1297 }
1298
replace_user_tlv(struct snd_kcontrol * kctl,unsigned int __user * buf,unsigned int size)1299 static int replace_user_tlv(struct snd_kcontrol *kctl, unsigned int __user *buf,
1300 unsigned int size)
1301 {
1302 struct user_element *ue = kctl->private_data;
1303 unsigned int *container;
1304 struct snd_ctl_elem_id id;
1305 unsigned int mask = 0;
1306 int i;
1307 int change;
1308
1309 if (size > 1024 * 128) /* sane value */
1310 return -EINVAL;
1311
1312 container = vmemdup_user(buf, size);
1313 if (IS_ERR(container))
1314 return PTR_ERR(container);
1315
1316 change = ue->tlv_data_size != size;
1317 if (!change)
1318 change = memcmp(ue->tlv_data, container, size) != 0;
1319 if (!change) {
1320 kvfree(container);
1321 return 0;
1322 }
1323
1324 if (ue->tlv_data == NULL) {
1325 /* Now TLV data is available. */
1326 for (i = 0; i < kctl->count; ++i)
1327 kctl->vd[i].access |= SNDRV_CTL_ELEM_ACCESS_TLV_READ;
1328 mask = SNDRV_CTL_EVENT_MASK_INFO;
1329 }
1330
1331 kvfree(ue->tlv_data);
1332 ue->tlv_data = container;
1333 ue->tlv_data_size = size;
1334
1335 mask |= SNDRV_CTL_EVENT_MASK_TLV;
1336 for (i = 0; i < kctl->count; ++i) {
1337 snd_ctl_build_ioff(&id, kctl, i);
1338 snd_ctl_notify(ue->card, mask, &id);
1339 }
1340
1341 return change;
1342 }
1343
read_user_tlv(struct snd_kcontrol * kctl,unsigned int __user * buf,unsigned int size)1344 static int read_user_tlv(struct snd_kcontrol *kctl, unsigned int __user *buf,
1345 unsigned int size)
1346 {
1347 struct user_element *ue = kctl->private_data;
1348
1349 if (ue->tlv_data_size == 0 || ue->tlv_data == NULL)
1350 return -ENXIO;
1351
1352 if (size < ue->tlv_data_size)
1353 return -ENOSPC;
1354
1355 if (copy_to_user(buf, ue->tlv_data, ue->tlv_data_size))
1356 return -EFAULT;
1357
1358 return 0;
1359 }
1360
snd_ctl_elem_user_tlv(struct snd_kcontrol * kctl,int op_flag,unsigned int size,unsigned int __user * buf)1361 static int snd_ctl_elem_user_tlv(struct snd_kcontrol *kctl, int op_flag,
1362 unsigned int size, unsigned int __user *buf)
1363 {
1364 if (op_flag == SNDRV_CTL_TLV_OP_WRITE)
1365 return replace_user_tlv(kctl, buf, size);
1366 else
1367 return read_user_tlv(kctl, buf, size);
1368 }
1369
snd_ctl_elem_init_enum_names(struct user_element * ue)1370 static int snd_ctl_elem_init_enum_names(struct user_element *ue)
1371 {
1372 char *names, *p;
1373 size_t buf_len, name_len;
1374 unsigned int i;
1375 const uintptr_t user_ptrval = ue->info.value.enumerated.names_ptr;
1376
1377 if (ue->info.value.enumerated.names_length > 64 * 1024)
1378 return -EINVAL;
1379
1380 names = vmemdup_user((const void __user *)user_ptrval,
1381 ue->info.value.enumerated.names_length);
1382 if (IS_ERR(names))
1383 return PTR_ERR(names);
1384
1385 /* check that there are enough valid names */
1386 buf_len = ue->info.value.enumerated.names_length;
1387 p = names;
1388 for (i = 0; i < ue->info.value.enumerated.items; ++i) {
1389 name_len = strnlen(p, buf_len);
1390 if (name_len == 0 || name_len >= 64 || name_len == buf_len) {
1391 kvfree(names);
1392 return -EINVAL;
1393 }
1394 p += name_len + 1;
1395 buf_len -= name_len + 1;
1396 }
1397
1398 ue->priv_data = names;
1399 ue->info.value.enumerated.names_ptr = 0;
1400
1401 return 0;
1402 }
1403
snd_ctl_elem_user_free(struct snd_kcontrol * kcontrol)1404 static void snd_ctl_elem_user_free(struct snd_kcontrol *kcontrol)
1405 {
1406 struct user_element *ue = kcontrol->private_data;
1407
1408 kvfree(ue->tlv_data);
1409 kvfree(ue->priv_data);
1410 kfree(ue);
1411 }
1412
snd_ctl_elem_add(struct snd_ctl_file * file,struct snd_ctl_elem_info * info,int replace)1413 static int snd_ctl_elem_add(struct snd_ctl_file *file,
1414 struct snd_ctl_elem_info *info, int replace)
1415 {
1416 struct snd_card *card = file->card;
1417 struct snd_kcontrol *kctl;
1418 unsigned int count;
1419 unsigned int access;
1420 long private_size;
1421 struct user_element *ue;
1422 unsigned int offset;
1423 int err;
1424
1425 if (!*info->id.name)
1426 return -EINVAL;
1427 if (strnlen(info->id.name, sizeof(info->id.name)) >= sizeof(info->id.name))
1428 return -EINVAL;
1429
1430 /* Delete a control to replace them if needed. */
1431 if (replace) {
1432 info->id.numid = 0;
1433 err = snd_ctl_remove_user_ctl(file, &info->id);
1434 if (err)
1435 return err;
1436 }
1437
1438 /*
1439 * The number of userspace controls are counted control by control,
1440 * not element by element.
1441 */
1442 if (card->user_ctl_count + 1 > MAX_USER_CONTROLS)
1443 return -ENOMEM;
1444
1445 /* Check the number of elements for this userspace control. */
1446 count = info->owner;
1447 if (count == 0)
1448 count = 1;
1449
1450 /* Arrange access permissions if needed. */
1451 access = info->access;
1452 if (access == 0)
1453 access = SNDRV_CTL_ELEM_ACCESS_READWRITE;
1454 access &= (SNDRV_CTL_ELEM_ACCESS_READWRITE |
1455 SNDRV_CTL_ELEM_ACCESS_INACTIVE |
1456 SNDRV_CTL_ELEM_ACCESS_TLV_WRITE);
1457
1458 /* In initial state, nothing is available as TLV container. */
1459 if (access & SNDRV_CTL_ELEM_ACCESS_TLV_WRITE)
1460 access |= SNDRV_CTL_ELEM_ACCESS_TLV_CALLBACK;
1461 access |= SNDRV_CTL_ELEM_ACCESS_USER;
1462
1463 /*
1464 * Check information and calculate the size of data specific to
1465 * this userspace control.
1466 */
1467 /* pass NULL to card for suppressing error messages */
1468 err = snd_ctl_check_elem_info(NULL, info);
1469 if (err < 0)
1470 return err;
1471 /* user-space control doesn't allow zero-size data */
1472 if (info->count < 1)
1473 return -EINVAL;
1474 private_size = value_sizes[info->type] * info->count;
1475
1476 /*
1477 * Keep memory object for this userspace control. After passing this
1478 * code block, the instance should be freed by snd_ctl_free_one().
1479 *
1480 * Note that these elements in this control are locked.
1481 */
1482 err = snd_ctl_new(&kctl, count, access, file);
1483 if (err < 0)
1484 return err;
1485 memcpy(&kctl->id, &info->id, sizeof(kctl->id));
1486 kctl->private_data = kzalloc(sizeof(struct user_element) + private_size * count,
1487 GFP_KERNEL);
1488 if (kctl->private_data == NULL) {
1489 kfree(kctl);
1490 return -ENOMEM;
1491 }
1492 kctl->private_free = snd_ctl_elem_user_free;
1493
1494 /* Set private data for this userspace control. */
1495 ue = (struct user_element *)kctl->private_data;
1496 ue->card = card;
1497 ue->info = *info;
1498 ue->info.access = 0;
1499 ue->elem_data = (char *)ue + sizeof(*ue);
1500 ue->elem_data_size = private_size;
1501 if (ue->info.type == SNDRV_CTL_ELEM_TYPE_ENUMERATED) {
1502 err = snd_ctl_elem_init_enum_names(ue);
1503 if (err < 0) {
1504 snd_ctl_free_one(kctl);
1505 return err;
1506 }
1507 }
1508
1509 /* Set callback functions. */
1510 if (info->type == SNDRV_CTL_ELEM_TYPE_ENUMERATED)
1511 kctl->info = snd_ctl_elem_user_enum_info;
1512 else
1513 kctl->info = snd_ctl_elem_user_info;
1514 if (access & SNDRV_CTL_ELEM_ACCESS_READ)
1515 kctl->get = snd_ctl_elem_user_get;
1516 if (access & SNDRV_CTL_ELEM_ACCESS_WRITE)
1517 kctl->put = snd_ctl_elem_user_put;
1518 if (access & SNDRV_CTL_ELEM_ACCESS_TLV_WRITE)
1519 kctl->tlv.c = snd_ctl_elem_user_tlv;
1520
1521 /* This function manage to free the instance on failure. */
1522 down_write(&card->controls_rwsem);
1523 err = __snd_ctl_add_replace(card, kctl, CTL_ADD_EXCLUSIVE);
1524 if (err < 0) {
1525 snd_ctl_free_one(kctl);
1526 goto unlock;
1527 }
1528 offset = snd_ctl_get_ioff(kctl, &info->id);
1529 snd_ctl_build_ioff(&info->id, kctl, offset);
1530 /*
1531 * Here we cannot fill any field for the number of elements added by
1532 * this operation because there're no specific fields. The usage of
1533 * 'owner' field for this purpose may cause any bugs to userspace
1534 * applications because the field originally means PID of a process
1535 * which locks the element.
1536 */
1537
1538 card->user_ctl_count++;
1539
1540 unlock:
1541 up_write(&card->controls_rwsem);
1542 return err;
1543 }
1544
snd_ctl_elem_add_user(struct snd_ctl_file * file,struct snd_ctl_elem_info __user * _info,int replace)1545 static int snd_ctl_elem_add_user(struct snd_ctl_file *file,
1546 struct snd_ctl_elem_info __user *_info, int replace)
1547 {
1548 struct snd_ctl_elem_info info;
1549 int err;
1550
1551 if (copy_from_user(&info, _info, sizeof(info)))
1552 return -EFAULT;
1553 err = snd_ctl_elem_add(file, &info, replace);
1554 if (err < 0)
1555 return err;
1556 if (copy_to_user(_info, &info, sizeof(info))) {
1557 snd_ctl_remove_user_ctl(file, &info.id);
1558 return -EFAULT;
1559 }
1560
1561 return 0;
1562 }
1563
snd_ctl_elem_remove(struct snd_ctl_file * file,struct snd_ctl_elem_id __user * _id)1564 static int snd_ctl_elem_remove(struct snd_ctl_file *file,
1565 struct snd_ctl_elem_id __user *_id)
1566 {
1567 struct snd_ctl_elem_id id;
1568
1569 if (copy_from_user(&id, _id, sizeof(id)))
1570 return -EFAULT;
1571 return snd_ctl_remove_user_ctl(file, &id);
1572 }
1573
snd_ctl_subscribe_events(struct snd_ctl_file * file,int __user * ptr)1574 static int snd_ctl_subscribe_events(struct snd_ctl_file *file, int __user *ptr)
1575 {
1576 int subscribe;
1577 if (get_user(subscribe, ptr))
1578 return -EFAULT;
1579 if (subscribe < 0) {
1580 subscribe = file->subscribed;
1581 if (put_user(subscribe, ptr))
1582 return -EFAULT;
1583 return 0;
1584 }
1585 if (subscribe) {
1586 file->subscribed = 1;
1587 return 0;
1588 } else if (file->subscribed) {
1589 snd_ctl_empty_read_queue(file);
1590 file->subscribed = 0;
1591 }
1592 return 0;
1593 }
1594
call_tlv_handler(struct snd_ctl_file * file,int op_flag,struct snd_kcontrol * kctl,struct snd_ctl_elem_id * id,unsigned int __user * buf,unsigned int size)1595 static int call_tlv_handler(struct snd_ctl_file *file, int op_flag,
1596 struct snd_kcontrol *kctl,
1597 struct snd_ctl_elem_id *id,
1598 unsigned int __user *buf, unsigned int size)
1599 {
1600 static const struct {
1601 int op;
1602 int perm;
1603 } pairs[] = {
1604 {SNDRV_CTL_TLV_OP_READ, SNDRV_CTL_ELEM_ACCESS_TLV_READ},
1605 {SNDRV_CTL_TLV_OP_WRITE, SNDRV_CTL_ELEM_ACCESS_TLV_WRITE},
1606 {SNDRV_CTL_TLV_OP_CMD, SNDRV_CTL_ELEM_ACCESS_TLV_COMMAND},
1607 };
1608 struct snd_kcontrol_volatile *vd = &kctl->vd[snd_ctl_get_ioff(kctl, id)];
1609 int i;
1610
1611 /* Check support of the request for this element. */
1612 for (i = 0; i < ARRAY_SIZE(pairs); ++i) {
1613 if (op_flag == pairs[i].op && (vd->access & pairs[i].perm))
1614 break;
1615 }
1616 if (i == ARRAY_SIZE(pairs))
1617 return -ENXIO;
1618
1619 if (kctl->tlv.c == NULL)
1620 return -ENXIO;
1621
1622 /* Write and command operations are not allowed for locked element. */
1623 if (op_flag != SNDRV_CTL_TLV_OP_READ &&
1624 vd->owner != NULL && vd->owner != file)
1625 return -EPERM;
1626
1627 return kctl->tlv.c(kctl, op_flag, size, buf);
1628 }
1629
read_tlv_buf(struct snd_kcontrol * kctl,struct snd_ctl_elem_id * id,unsigned int __user * buf,unsigned int size)1630 static int read_tlv_buf(struct snd_kcontrol *kctl, struct snd_ctl_elem_id *id,
1631 unsigned int __user *buf, unsigned int size)
1632 {
1633 struct snd_kcontrol_volatile *vd = &kctl->vd[snd_ctl_get_ioff(kctl, id)];
1634 unsigned int len;
1635
1636 if (!(vd->access & SNDRV_CTL_ELEM_ACCESS_TLV_READ))
1637 return -ENXIO;
1638
1639 if (kctl->tlv.p == NULL)
1640 return -ENXIO;
1641
1642 len = sizeof(unsigned int) * 2 + kctl->tlv.p[1];
1643 if (size < len)
1644 return -ENOMEM;
1645
1646 if (copy_to_user(buf, kctl->tlv.p, len))
1647 return -EFAULT;
1648
1649 return 0;
1650 }
1651
snd_ctl_tlv_ioctl(struct snd_ctl_file * file,struct snd_ctl_tlv __user * buf,int op_flag)1652 static int snd_ctl_tlv_ioctl(struct snd_ctl_file *file,
1653 struct snd_ctl_tlv __user *buf,
1654 int op_flag)
1655 {
1656 struct snd_ctl_tlv header;
1657 unsigned int __user *container;
1658 unsigned int container_size;
1659 struct snd_kcontrol *kctl;
1660 struct snd_ctl_elem_id id;
1661 struct snd_kcontrol_volatile *vd;
1662
1663 if (copy_from_user(&header, buf, sizeof(header)))
1664 return -EFAULT;
1665
1666 /* In design of control core, numerical ID starts at 1. */
1667 if (header.numid == 0)
1668 return -EINVAL;
1669
1670 /* At least, container should include type and length fields. */
1671 if (header.length < sizeof(unsigned int) * 2)
1672 return -EINVAL;
1673 container_size = header.length;
1674 container = buf->tlv;
1675
1676 kctl = snd_ctl_find_numid(file->card, header.numid);
1677 if (kctl == NULL)
1678 return -ENOENT;
1679
1680 /* Calculate index of the element in this set. */
1681 id = kctl->id;
1682 snd_ctl_build_ioff(&id, kctl, header.numid - id.numid);
1683 vd = &kctl->vd[snd_ctl_get_ioff(kctl, &id)];
1684
1685 if (vd->access & SNDRV_CTL_ELEM_ACCESS_TLV_CALLBACK) {
1686 return call_tlv_handler(file, op_flag, kctl, &id, container,
1687 container_size);
1688 } else {
1689 if (op_flag == SNDRV_CTL_TLV_OP_READ) {
1690 return read_tlv_buf(kctl, &id, container,
1691 container_size);
1692 }
1693 }
1694
1695 /* Not supported. */
1696 return -ENXIO;
1697 }
1698
snd_ctl_ioctl(struct file * file,unsigned int cmd,unsigned long arg)1699 static long snd_ctl_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
1700 {
1701 struct snd_ctl_file *ctl;
1702 struct snd_card *card;
1703 struct snd_kctl_ioctl *p;
1704 void __user *argp = (void __user *)arg;
1705 int __user *ip = argp;
1706 int err;
1707
1708 ctl = file->private_data;
1709 card = ctl->card;
1710 if (snd_BUG_ON(!card))
1711 return -ENXIO;
1712 switch (cmd) {
1713 case SNDRV_CTL_IOCTL_PVERSION:
1714 return put_user(SNDRV_CTL_VERSION, ip) ? -EFAULT : 0;
1715 case SNDRV_CTL_IOCTL_CARD_INFO:
1716 return snd_ctl_card_info(card, ctl, cmd, argp);
1717 case SNDRV_CTL_IOCTL_ELEM_LIST:
1718 return snd_ctl_elem_list_user(card, argp);
1719 case SNDRV_CTL_IOCTL_ELEM_INFO:
1720 return snd_ctl_elem_info_user(ctl, argp);
1721 case SNDRV_CTL_IOCTL_ELEM_READ:
1722 return snd_ctl_elem_read_user(card, argp);
1723 case SNDRV_CTL_IOCTL_ELEM_WRITE:
1724 return snd_ctl_elem_write_user(ctl, argp);
1725 case SNDRV_CTL_IOCTL_ELEM_LOCK:
1726 return snd_ctl_elem_lock(ctl, argp);
1727 case SNDRV_CTL_IOCTL_ELEM_UNLOCK:
1728 return snd_ctl_elem_unlock(ctl, argp);
1729 case SNDRV_CTL_IOCTL_ELEM_ADD:
1730 return snd_ctl_elem_add_user(ctl, argp, 0);
1731 case SNDRV_CTL_IOCTL_ELEM_REPLACE:
1732 return snd_ctl_elem_add_user(ctl, argp, 1);
1733 case SNDRV_CTL_IOCTL_ELEM_REMOVE:
1734 return snd_ctl_elem_remove(ctl, argp);
1735 case SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS:
1736 return snd_ctl_subscribe_events(ctl, ip);
1737 case SNDRV_CTL_IOCTL_TLV_READ:
1738 down_read(&ctl->card->controls_rwsem);
1739 err = snd_ctl_tlv_ioctl(ctl, argp, SNDRV_CTL_TLV_OP_READ);
1740 up_read(&ctl->card->controls_rwsem);
1741 return err;
1742 case SNDRV_CTL_IOCTL_TLV_WRITE:
1743 down_write(&ctl->card->controls_rwsem);
1744 err = snd_ctl_tlv_ioctl(ctl, argp, SNDRV_CTL_TLV_OP_WRITE);
1745 up_write(&ctl->card->controls_rwsem);
1746 return err;
1747 case SNDRV_CTL_IOCTL_TLV_COMMAND:
1748 down_write(&ctl->card->controls_rwsem);
1749 err = snd_ctl_tlv_ioctl(ctl, argp, SNDRV_CTL_TLV_OP_CMD);
1750 up_write(&ctl->card->controls_rwsem);
1751 return err;
1752 case SNDRV_CTL_IOCTL_POWER:
1753 return -ENOPROTOOPT;
1754 case SNDRV_CTL_IOCTL_POWER_STATE:
1755 #ifdef CONFIG_PM
1756 return put_user(card->power_state, ip) ? -EFAULT : 0;
1757 #else
1758 return put_user(SNDRV_CTL_POWER_D0, ip) ? -EFAULT : 0;
1759 #endif
1760 }
1761 down_read(&snd_ioctl_rwsem);
1762 list_for_each_entry(p, &snd_control_ioctls, list) {
1763 err = p->fioctl(card, ctl, cmd, arg);
1764 if (err != -ENOIOCTLCMD) {
1765 up_read(&snd_ioctl_rwsem);
1766 return err;
1767 }
1768 }
1769 up_read(&snd_ioctl_rwsem);
1770 dev_dbg(card->dev, "unknown ioctl = 0x%x\n", cmd);
1771 return -ENOTTY;
1772 }
1773
snd_ctl_read(struct file * file,char __user * buffer,size_t count,loff_t * offset)1774 static ssize_t snd_ctl_read(struct file *file, char __user *buffer,
1775 size_t count, loff_t * offset)
1776 {
1777 struct snd_ctl_file *ctl;
1778 int err = 0;
1779 ssize_t result = 0;
1780
1781 ctl = file->private_data;
1782 if (snd_BUG_ON(!ctl || !ctl->card))
1783 return -ENXIO;
1784 if (!ctl->subscribed)
1785 return -EBADFD;
1786 if (count < sizeof(struct snd_ctl_event))
1787 return -EINVAL;
1788 spin_lock_irq(&ctl->read_lock);
1789 while (count >= sizeof(struct snd_ctl_event)) {
1790 struct snd_ctl_event ev;
1791 struct snd_kctl_event *kev;
1792 while (list_empty(&ctl->events)) {
1793 wait_queue_entry_t wait;
1794 if ((file->f_flags & O_NONBLOCK) != 0 || result > 0) {
1795 err = -EAGAIN;
1796 goto __end_lock;
1797 }
1798 init_waitqueue_entry(&wait, current);
1799 add_wait_queue(&ctl->change_sleep, &wait);
1800 set_current_state(TASK_INTERRUPTIBLE);
1801 spin_unlock_irq(&ctl->read_lock);
1802 schedule();
1803 remove_wait_queue(&ctl->change_sleep, &wait);
1804 if (ctl->card->shutdown)
1805 return -ENODEV;
1806 if (signal_pending(current))
1807 return -ERESTARTSYS;
1808 spin_lock_irq(&ctl->read_lock);
1809 }
1810 kev = snd_kctl_event(ctl->events.next);
1811 ev.type = SNDRV_CTL_EVENT_ELEM;
1812 ev.data.elem.mask = kev->mask;
1813 ev.data.elem.id = kev->id;
1814 list_del(&kev->list);
1815 spin_unlock_irq(&ctl->read_lock);
1816 kfree(kev);
1817 if (copy_to_user(buffer, &ev, sizeof(struct snd_ctl_event))) {
1818 err = -EFAULT;
1819 goto __end;
1820 }
1821 spin_lock_irq(&ctl->read_lock);
1822 buffer += sizeof(struct snd_ctl_event);
1823 count -= sizeof(struct snd_ctl_event);
1824 result += sizeof(struct snd_ctl_event);
1825 }
1826 __end_lock:
1827 spin_unlock_irq(&ctl->read_lock);
1828 __end:
1829 return result > 0 ? result : err;
1830 }
1831
snd_ctl_poll(struct file * file,poll_table * wait)1832 static __poll_t snd_ctl_poll(struct file *file, poll_table * wait)
1833 {
1834 __poll_t mask;
1835 struct snd_ctl_file *ctl;
1836
1837 ctl = file->private_data;
1838 if (!ctl->subscribed)
1839 return 0;
1840 poll_wait(file, &ctl->change_sleep, wait);
1841
1842 mask = 0;
1843 if (!list_empty(&ctl->events))
1844 mask |= EPOLLIN | EPOLLRDNORM;
1845
1846 return mask;
1847 }
1848
1849 /*
1850 * register the device-specific control-ioctls.
1851 * called from each device manager like pcm.c, hwdep.c, etc.
1852 */
_snd_ctl_register_ioctl(snd_kctl_ioctl_func_t fcn,struct list_head * lists)1853 static int _snd_ctl_register_ioctl(snd_kctl_ioctl_func_t fcn, struct list_head *lists)
1854 {
1855 struct snd_kctl_ioctl *pn;
1856
1857 pn = kzalloc(sizeof(struct snd_kctl_ioctl), GFP_KERNEL);
1858 if (pn == NULL)
1859 return -ENOMEM;
1860 pn->fioctl = fcn;
1861 down_write(&snd_ioctl_rwsem);
1862 list_add_tail(&pn->list, lists);
1863 up_write(&snd_ioctl_rwsem);
1864 return 0;
1865 }
1866
1867 /**
1868 * snd_ctl_register_ioctl - register the device-specific control-ioctls
1869 * @fcn: ioctl callback function
1870 *
1871 * called from each device manager like pcm.c, hwdep.c, etc.
1872 */
snd_ctl_register_ioctl(snd_kctl_ioctl_func_t fcn)1873 int snd_ctl_register_ioctl(snd_kctl_ioctl_func_t fcn)
1874 {
1875 return _snd_ctl_register_ioctl(fcn, &snd_control_ioctls);
1876 }
1877 EXPORT_SYMBOL(snd_ctl_register_ioctl);
1878
1879 #ifdef CONFIG_COMPAT
1880 /**
1881 * snd_ctl_register_ioctl_compat - register the device-specific 32bit compat
1882 * control-ioctls
1883 * @fcn: ioctl callback function
1884 */
snd_ctl_register_ioctl_compat(snd_kctl_ioctl_func_t fcn)1885 int snd_ctl_register_ioctl_compat(snd_kctl_ioctl_func_t fcn)
1886 {
1887 return _snd_ctl_register_ioctl(fcn, &snd_control_compat_ioctls);
1888 }
1889 EXPORT_SYMBOL(snd_ctl_register_ioctl_compat);
1890 #endif
1891
1892 /*
1893 * de-register the device-specific control-ioctls.
1894 */
_snd_ctl_unregister_ioctl(snd_kctl_ioctl_func_t fcn,struct list_head * lists)1895 static int _snd_ctl_unregister_ioctl(snd_kctl_ioctl_func_t fcn,
1896 struct list_head *lists)
1897 {
1898 struct snd_kctl_ioctl *p;
1899
1900 if (snd_BUG_ON(!fcn))
1901 return -EINVAL;
1902 down_write(&snd_ioctl_rwsem);
1903 list_for_each_entry(p, lists, list) {
1904 if (p->fioctl == fcn) {
1905 list_del(&p->list);
1906 up_write(&snd_ioctl_rwsem);
1907 kfree(p);
1908 return 0;
1909 }
1910 }
1911 up_write(&snd_ioctl_rwsem);
1912 snd_BUG();
1913 return -EINVAL;
1914 }
1915
1916 /**
1917 * snd_ctl_unregister_ioctl - de-register the device-specific control-ioctls
1918 * @fcn: ioctl callback function to unregister
1919 */
snd_ctl_unregister_ioctl(snd_kctl_ioctl_func_t fcn)1920 int snd_ctl_unregister_ioctl(snd_kctl_ioctl_func_t fcn)
1921 {
1922 return _snd_ctl_unregister_ioctl(fcn, &snd_control_ioctls);
1923 }
1924 EXPORT_SYMBOL(snd_ctl_unregister_ioctl);
1925
1926 #ifdef CONFIG_COMPAT
1927 /**
1928 * snd_ctl_unregister_ioctl_compat - de-register the device-specific compat
1929 * 32bit control-ioctls
1930 * @fcn: ioctl callback function to unregister
1931 */
snd_ctl_unregister_ioctl_compat(snd_kctl_ioctl_func_t fcn)1932 int snd_ctl_unregister_ioctl_compat(snd_kctl_ioctl_func_t fcn)
1933 {
1934 return _snd_ctl_unregister_ioctl(fcn, &snd_control_compat_ioctls);
1935 }
1936 EXPORT_SYMBOL(snd_ctl_unregister_ioctl_compat);
1937 #endif
1938
snd_ctl_fasync(int fd,struct file * file,int on)1939 static int snd_ctl_fasync(int fd, struct file * file, int on)
1940 {
1941 struct snd_ctl_file *ctl;
1942
1943 ctl = file->private_data;
1944 return fasync_helper(fd, file, on, &ctl->fasync);
1945 }
1946
1947 /* return the preferred subdevice number if already assigned;
1948 * otherwise return -1
1949 */
snd_ctl_get_preferred_subdevice(struct snd_card * card,int type)1950 int snd_ctl_get_preferred_subdevice(struct snd_card *card, int type)
1951 {
1952 struct snd_ctl_file *kctl;
1953 int subdevice = -1;
1954 unsigned long flags;
1955
1956 read_lock_irqsave(&card->ctl_files_rwlock, flags);
1957 list_for_each_entry(kctl, &card->ctl_files, list) {
1958 if (kctl->pid == task_pid(current)) {
1959 subdevice = kctl->preferred_subdevice[type];
1960 if (subdevice != -1)
1961 break;
1962 }
1963 }
1964 read_unlock_irqrestore(&card->ctl_files_rwlock, flags);
1965 return subdevice;
1966 }
1967 EXPORT_SYMBOL_GPL(snd_ctl_get_preferred_subdevice);
1968
1969 /*
1970 * ioctl32 compat
1971 */
1972 #ifdef CONFIG_COMPAT
1973 #include "control_compat.c"
1974 #else
1975 #define snd_ctl_ioctl_compat NULL
1976 #endif
1977
1978 /*
1979 * INIT PART
1980 */
1981
1982 static const struct file_operations snd_ctl_f_ops =
1983 {
1984 .owner = THIS_MODULE,
1985 .read = snd_ctl_read,
1986 .open = snd_ctl_open,
1987 .release = snd_ctl_release,
1988 .llseek = no_llseek,
1989 .poll = snd_ctl_poll,
1990 .unlocked_ioctl = snd_ctl_ioctl,
1991 .compat_ioctl = snd_ctl_ioctl_compat,
1992 .fasync = snd_ctl_fasync,
1993 };
1994
1995 /*
1996 * registration of the control device
1997 */
snd_ctl_dev_register(struct snd_device * device)1998 static int snd_ctl_dev_register(struct snd_device *device)
1999 {
2000 struct snd_card *card = device->device_data;
2001
2002 return snd_register_device(SNDRV_DEVICE_TYPE_CONTROL, card, -1,
2003 &snd_ctl_f_ops, card, &card->ctl_dev);
2004 }
2005
2006 /*
2007 * disconnection of the control device
2008 */
snd_ctl_dev_disconnect(struct snd_device * device)2009 static int snd_ctl_dev_disconnect(struct snd_device *device)
2010 {
2011 struct snd_card *card = device->device_data;
2012 struct snd_ctl_file *ctl;
2013 unsigned long flags;
2014
2015 read_lock_irqsave(&card->ctl_files_rwlock, flags);
2016 list_for_each_entry(ctl, &card->ctl_files, list) {
2017 wake_up(&ctl->change_sleep);
2018 kill_fasync(&ctl->fasync, SIGIO, POLL_ERR);
2019 }
2020 read_unlock_irqrestore(&card->ctl_files_rwlock, flags);
2021
2022 return snd_unregister_device(&card->ctl_dev);
2023 }
2024
2025 /*
2026 * free all controls
2027 */
snd_ctl_dev_free(struct snd_device * device)2028 static int snd_ctl_dev_free(struct snd_device *device)
2029 {
2030 struct snd_card *card = device->device_data;
2031 struct snd_kcontrol *control;
2032
2033 down_write(&card->controls_rwsem);
2034 while (!list_empty(&card->controls)) {
2035 control = snd_kcontrol(card->controls.next);
2036 snd_ctl_remove(card, control);
2037 }
2038 up_write(&card->controls_rwsem);
2039 put_device(&card->ctl_dev);
2040 return 0;
2041 }
2042
2043 /*
2044 * create control core:
2045 * called from init.c
2046 */
snd_ctl_create(struct snd_card * card)2047 int snd_ctl_create(struct snd_card *card)
2048 {
2049 static const struct snd_device_ops ops = {
2050 .dev_free = snd_ctl_dev_free,
2051 .dev_register = snd_ctl_dev_register,
2052 .dev_disconnect = snd_ctl_dev_disconnect,
2053 };
2054 int err;
2055
2056 if (snd_BUG_ON(!card))
2057 return -ENXIO;
2058 if (snd_BUG_ON(card->number < 0 || card->number >= SNDRV_CARDS))
2059 return -ENXIO;
2060
2061 snd_device_initialize(&card->ctl_dev, card);
2062 dev_set_name(&card->ctl_dev, "controlC%d", card->number);
2063
2064 err = snd_device_new(card, SNDRV_DEV_CONTROL, card, &ops);
2065 if (err < 0)
2066 put_device(&card->ctl_dev);
2067 return err;
2068 }
2069
2070 /*
2071 * Frequently used control callbacks/helpers
2072 */
2073
2074 /**
2075 * snd_ctl_boolean_mono_info - Helper function for a standard boolean info
2076 * callback with a mono channel
2077 * @kcontrol: the kcontrol instance
2078 * @uinfo: info to store
2079 *
2080 * This is a function that can be used as info callback for a standard
2081 * boolean control with a single mono channel.
2082 */
snd_ctl_boolean_mono_info(struct snd_kcontrol * kcontrol,struct snd_ctl_elem_info * uinfo)2083 int snd_ctl_boolean_mono_info(struct snd_kcontrol *kcontrol,
2084 struct snd_ctl_elem_info *uinfo)
2085 {
2086 uinfo->type = SNDRV_CTL_ELEM_TYPE_BOOLEAN;
2087 uinfo->count = 1;
2088 uinfo->value.integer.min = 0;
2089 uinfo->value.integer.max = 1;
2090 return 0;
2091 }
2092 EXPORT_SYMBOL(snd_ctl_boolean_mono_info);
2093
2094 /**
2095 * snd_ctl_boolean_stereo_info - Helper function for a standard boolean info
2096 * callback with stereo two channels
2097 * @kcontrol: the kcontrol instance
2098 * @uinfo: info to store
2099 *
2100 * This is a function that can be used as info callback for a standard
2101 * boolean control with stereo two channels.
2102 */
snd_ctl_boolean_stereo_info(struct snd_kcontrol * kcontrol,struct snd_ctl_elem_info * uinfo)2103 int snd_ctl_boolean_stereo_info(struct snd_kcontrol *kcontrol,
2104 struct snd_ctl_elem_info *uinfo)
2105 {
2106 uinfo->type = SNDRV_CTL_ELEM_TYPE_BOOLEAN;
2107 uinfo->count = 2;
2108 uinfo->value.integer.min = 0;
2109 uinfo->value.integer.max = 1;
2110 return 0;
2111 }
2112 EXPORT_SYMBOL(snd_ctl_boolean_stereo_info);
2113
2114 /**
2115 * snd_ctl_enum_info - fills the info structure for an enumerated control
2116 * @info: the structure to be filled
2117 * @channels: the number of the control's channels; often one
2118 * @items: the number of control values; also the size of @names
2119 * @names: an array containing the names of all control values
2120 *
2121 * Sets all required fields in @info to their appropriate values.
2122 * If the control's accessibility is not the default (readable and writable),
2123 * the caller has to fill @info->access.
2124 *
2125 * Return: Zero.
2126 */
snd_ctl_enum_info(struct snd_ctl_elem_info * info,unsigned int channels,unsigned int items,const char * const names[])2127 int snd_ctl_enum_info(struct snd_ctl_elem_info *info, unsigned int channels,
2128 unsigned int items, const char *const names[])
2129 {
2130 info->type = SNDRV_CTL_ELEM_TYPE_ENUMERATED;
2131 info->count = channels;
2132 info->value.enumerated.items = items;
2133 if (!items)
2134 return 0;
2135 if (info->value.enumerated.item >= items)
2136 info->value.enumerated.item = items - 1;
2137 WARN(strlen(names[info->value.enumerated.item]) >= sizeof(info->value.enumerated.name),
2138 "ALSA: too long item name '%s'\n",
2139 names[info->value.enumerated.item]);
2140 strlcpy(info->value.enumerated.name,
2141 names[info->value.enumerated.item],
2142 sizeof(info->value.enumerated.name));
2143 return 0;
2144 }
2145 EXPORT_SYMBOL(snd_ctl_enum_info);
2146