Some EXPORT_SYMBOL() on this file don't match the name of functions
that precedes them.
Signed-off-by: NJasmin Jessich <jasmin@anw.at>
Signed-off-by: NMauro Carvalho Chehab <mchehab@s-opensource.com>

- "dont" -> "don't"
Signed-off-by: NJasmin Jessich <jasmin@anw.at>
Signed-off-by: NMauro Carvalho Chehab <mchehab@s-opensource.com>

Fixed most of:
  WARNING: line over 80 characters
The remaining lines are printk strings, which should not be split and
lines where I thing they should stay as they are.
Signed-off-by: NJasmin Jessich <jasmin@anw.at>
Signed-off-by: NMauro Carvalho Chehab <mchehab@s-opensource.com>

- Changed all C++ style comments ("// ..") to C style ones ("/* .. */").
Signed-off-by: NJasmin Jessich <jasmin@anw.at>
Signed-off-by: NMauro Carvalho Chehab <mchehab@s-opensource.com>

- The STATUSREG_TXERR definition is not used and it has style
  problems, too.  Removing it seems to solve both issues.
Signed-off-by: NJasmin Jessich <jasmin@anw.at>
Signed-off-by: NMauro Carvalho Chehab <mchehab@s-opensource.com>

Fixed all:
  WARNING: braces {} are not necessary for single statement blocks
Signed-off-by: NJasmin Jessich <jasmin@anw.at>
Signed-off-by: NMauro Carvalho Chehab <mchehab@s-opensource.com>

Fixed all:
  WARNING: Missing a blank line after declarations
Signed-off-by: NJasmin Jessich <jasmin@anw.at>
Signed-off-by: NMauro Carvalho Chehab <mchehab@s-opensource.com>

Used a helper variable "struct dvb_ca_slot *sl" instead of
"ca->slot_info[slot]". This reduces the line length and simplifies
code reading.

Fixed also "-strict" checks in this patch:
- Comparison to NULL written as "!<var>".
Signed-off-by: NJasmin Jessich <jasmin@anw.at>
Signed-off-by: NMauro Carvalho Chehab <mchehab@s-opensource.com>

Fixed all:
  ERROR: do not use assignment in if condition

Fixed also "-strict" checks in this patch:
- Changed "if (ret != 0)" to "if (ret)".
- Camel case variables have been converted to kernel_case.
- Comparison to NULL written as "!<var>".
- No space is necessary after a cast.
Signed-off-by: NJasmin Jessich <jasmin@anw.at>
Signed-off-by: NMauro Carvalho Chehab <mchehab@s-opensource.com>

Fixed all:
  WARNING: Block comments use * on subsequent lines
Added also the missing opening empty comment line.
Signed-off-by: NJasmin Jessich <jasmin@anw.at>
Signed-off-by: NMauro Carvalho Chehab <mchehab@s-opensource.com>

Fixed all:
  WARNING: msleep < 20ms can sleep for up to 20ms
by using usleep_range.
Signed-off-by: NJasmin Jessich <jasmin@anw.at>
Signed-off-by: NMauro Carvalho Chehab <mchehab@s-opensource.com>

The CAM poll code for the budget-av is exactly the same on several
places. Extracting the code to a new function improves maintainability.
Signed-off-by: NJasmin Jessich <jasmin@anw.at>
Signed-off-by: NMauro Carvalho Chehab <mchehab@s-opensource.com>

Refactored "dvb_ca_en50221_thread" by moving the state machine into the
new function "dvb_ca_en50221_thread_state_machine". This reduces the
thread function size and reduces the structural complexity and of course
gives us more space to meet the line length goal in the new function.
Signed-off-by: NJasmin Jessich <jasmin@anw.at>
Signed-off-by: NMauro Carvalho Chehab <mchehab@s-opensource.com>

Some lower level drivers may work better when sending blocks of data
instead byte per byte. For this we need new function pointers in the
dvb_ca_en50221 protocol structure (read_data, write_data) and the protocol
needs to execute them, if they are defined.
Block data transmission is done in all states except LINKINIT.

Original code change by Ralph Metzler, modified by Jasmin Jessich and
Daniel Scheller to match Kernel code style.
Signed-off-by: NRalph Metzler <rjkm@metzlerbros.de>
Signed-off-by: NDaniel Scheller <d.scheller@gmx.net>
Signed-off-by: NJasmin Jessich <jasmin@anw.at>
Signed-off-by: NMauro Carvalho Chehab <mchehab@s-opensource.com>

Some CAMs do a really slow initialization, which requires a longer timeout
for the first response.

Original code change by Ralph Metzler, modified by Jasmin Jessich to match
Kernel code style.
Signed-off-by: NRalph Metzler <rjkm@metzlerbros.de>
Signed-off-by: NJasmin Jessich <jasmin@anw.at>
Signed-off-by: NMauro Carvalho Chehab <mchehab@s-opensource.com>

In case of a linkinit failure change to state UNINITIALISED to re-init
the CAM.

Original code change by Ralph Metzler, modified by Jasmin Jessich to match
Kernel code style.
Signed-off-by: NRalph Metzler <rjkm@metzlerbros.de>
Signed-off-by: NJasmin Jessich <jasmin@anw.at>
Signed-off-by: NMauro Carvalho Chehab <mchehab@s-opensource.com>

Some EXPORT_SYMBOL() on this file don't match the name of functions
that preceeds them.

Also, some kernel-doc markups also have a wrong name. Fix it.
Signed-off-by: NJasmin Jessich <jasmin@anw.at>
Signed-off-by: NMauro Carvalho Chehab <mchehab@s-opensource.com>

Make checkpatch happier by fixing this warning:
  ERROR: "foo * bar" should be "foo *bar"
Signed-off-by: NJasmin Jessich <jasmin@anw.at>
Signed-off-by: NMauro Carvalho Chehab <mchehab@s-opensource.com>

It started with a sporadic message in syslog: "CAM tried to send a
buffer larger than the ecount size" This message is not the fault
itself, but a consecutive fault, after a read error from the CAM. This
happens only on several CAMs, several hardware, and of course sporadic.

It is a consecutive fault, if the last read from the CAM did fail. I
guess this will not happen on all CAMs, but at least it did on mine.
There was a write error to the CAM and during the re-initialization
procedure, the CAM finished the last read, although it got a RS.

The write error to the CAM happened because a race condition between HC
write, checking DA and FR.

This patch added an additional check for DA(RE), just after checking FR.
It is important to read the CAMs status register again, to give the CAM
the necessary time for a proper reaction to HC. Please note the
description within the source code (patch below).

[mchehab@s-opensource.com: make checkpatch happy]
Signed-off-by: NJasmin jessich <jasmin@anw.at>
Tested-by: NRalph Metzler <rjkm@metzlerbros.de>
Signed-off-by: NMauro Carvalho Chehab <mchehab@s-opensource.com>

sched/headers: Prepare to move signal wakeup & sigpending methods from <linux/sched.h> into <linux/sched/signal.h>

Fix up affected files that include this signal functionality via sched.h.
Acked-by: NLinus Torvalds <torvalds@linux-foundation.org>
Cc: Mike Galbraith <efault@gmx.de>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: linux-kernel@vger.kernel.org
Signed-off-by: NIngo Molnar <mingo@kernel.org>

Drop the FSF's postal address from the source code files that typically
contain mostly the license text. Of the 628 removed instances, 578 are
outdated.

The patch has been created with the following command without manual edits:

git grep -l "675 Mass Ave\|59 Temple Place\|51 Franklin St" -- \
	drivers/media/ include/media|while read i; do i=$i perl -e '
open(F,"< $ENV{i}");
$a=join("", <F>);
$a =~ s/[ \t]*\*\n.*You should.*\n.*along with.*\n.*(\n.*USA.*$)?\n//m
	&& $a =~ s/(^.*)Or, (point your browser to) /$1To obtain the license, $2\n$1/m;
close(F);
open(F, "> $ENV{i}");
print F $a;
close(F);'; done
Signed-off-by: NSakari Ailus <sakari.ailus@linux.intel.com>

Commit da677fe1 ("[media] dvb-core/en50221: use kref to manage
struct dvb_ca_private") moved the dvb_unregister_device() call to the
kref callback, but that left lots of stale device state visible to
userspace (e.g. in sysfs).  By using dvb_remove_device() and
dvb_free_device() instead of dvb_unregister_device(), we can avoid
that.
Signed-off-by: NMax Kellermann <max.kellermann@gmail.com>
Signed-off-by: NMauro Carvalho Chehab <mchehab@s-opensource.com>

The dvb-core directly calls printk() without using the modern
printk macros, or using the proper printk levels. Change it
to use pr_foo().
Signed-off-by: NMauro Carvalho Chehab <mchehab@s-opensource.com>

Don't free the object until the file handle has been closed.  Fixes
use-after-free bug which occurs when I disconnect my DVB-S received
while VDR is running.

This is a crash dump of such a use-after-free:

    general protection fault: 0000 [#1] SMP
    CPU: 0 PID: 2541 Comm: CI adapter on d Not tainted 4.7.0-rc1-hosting+ #49
    Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
    task: ffff880027d7ce00 ti: ffff88003d8f8000 task.ti: ffff88003d8f8000
    RIP: 0010:[<ffffffff812f3d1f>]  [<ffffffff812f3d1f>] dvb_ca_en50221_io_read_condition.isra.7+0x6f/0x150
    RSP: 0018:ffff88003d8fba98  EFLAGS: 00010206
    RAX: 0000000059534255 RBX: 000000753d470f90 RCX: ffff88003c74d181
    RDX: 00000001bea04ba9 RSI: ffff88003d8fbaf4 RDI: 3a3030a56d763fc0
    RBP: ffff88003d8fbae0 R08: ffff88003c74d180 R09: 0000000000000000
    R10: 0000000000000001 R11: 0000000000000000 R12: ffff88003c480e00
    R13: 00000000ffffffff R14: 0000000059534255 R15: 0000000000000000
    FS:  00007fb4209b4700(0000) GS:ffff88003fc00000(0000) knlGS:0000000000000000
    CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
    CR2: 00007f06445f4078 CR3: 000000003c55b000 CR4: 00000000000006b0
    Stack:
     ffff88003d8fbaf4 000000003c2170c0 0000000000004000 0000000000000000
     ffff88003c480e00 ffff88003d8fbc80 ffff88003c74d180 ffff88003d8fbb8c
     0000000000000000 ffff88003d8fbb10 ffffffff812f3e37 ffff88003d8fbb00
    Call Trace:
     [<ffffffff812f3e37>] dvb_ca_en50221_io_poll+0x37/0xa0
     [<ffffffff8113109b>] do_sys_poll+0x2db/0x520

This is a backtrace of the kernel attempting to lock a freed mutex:

    #0  0xffffffff81083d40 in rep_nop () at ./arch/x86/include/asm/processor.h:569
    #1  cpu_relax () at ./arch/x86/include/asm/processor.h:574
    #2  virt_spin_lock (lock=<optimized out>) at ./arch/x86/include/asm/qspinlock.h:57
    #3  native_queued_spin_lock_slowpath (lock=0xffff88003c480e90, val=761492029) at kernel/locking/qspinlock.c:304
    #4  0xffffffff810d1a06 in pv_queued_spin_lock_slowpath (val=<optimized out>, lock=<optimized out>) at ./arch/x86/include/asm/paravirt.h:669
    #5  queued_spin_lock_slowpath (val=<optimized out>, lock=<optimized out>) at ./arch/x86/include/asm/qspinlock.h:28
    #6  queued_spin_lock (lock=<optimized out>) at include/asm-generic/qspinlock.h:107
    #7  __mutex_lock_common (use_ww_ctx=<optimized out>, ww_ctx=<optimized out>, ip=<optimized out>, nest_lock=<optimized out>, subclass=<optimized out>,
        state=<optimized out>, lock=<optimized out>) at kernel/locking/mutex.c:526
    #8  mutex_lock_interruptible_nested (lock=0xffff88003c480e88, subclass=<optimized out>) at kernel/locking/mutex.c:647
    #9  0xffffffff812f49fe in dvb_ca_en50221_io_do_ioctl (file=<optimized out>, cmd=761492029, parg=0x1 <irq_stack_union+1>)
        at drivers/media/dvb-core/dvb_ca_en50221.c:1210
    #10 0xffffffff812ee660 in dvb_usercopy (file=<optimized out>, cmd=761492029, arg=<optimized out>, func=<optimized out>) at drivers/media/dvb-core/dvbdev.c:883
    #11 0xffffffff812f3410 in dvb_ca_en50221_io_ioctl (file=<optimized out>, cmd=<optimized out>, arg=<optimized out>) at drivers/media/dvb-core/dvb_ca_en50221.c:1284
    #12 0xffffffff8112eddd in vfs_ioctl (arg=<optimized out>, cmd=<optimized out>, filp=<optimized out>) at fs/ioctl.c:43
    #13 do_vfs_ioctl (filp=0xffff88003c480e90, fd=<optimized out>, cmd=<optimized out>, arg=<optimized out>) at fs/ioctl.c:674
    #14 0xffffffff8112f30c in SYSC_ioctl (arg=<optimized out>, cmd=<optimized out>, fd=<optimized out>) at fs/ioctl.c:689
    #15 SyS_ioctl (fd=6, cmd=2148298626, arg=140734533693696) at fs/ioctl.c:680
    #16 0xffffffff8103feb2 in entry_SYSCALL_64 () at arch/x86/entry/entry_64.S:207
Signed-off-by: NMax Kellermann <max@duempel.org>
Signed-off-by: NMauro Carvalho Chehab <mchehab@s-opensource.com>

Prepare for postponing the call until all file handles have been
closed.

[mchehab@osg.samsung.com: make checkpatch happy]
Signed-off-by: NMax Kellermann <max@duempel.org>
Signed-off-by: NMauro Carvalho Chehab <mchehab@osg.samsung.com>

The Media Controller New Generation redefines the types for both
interfaces and entities to be used on DVB. Make the needed
changes at the DVB core for all interfaces, entities and
data and interface links to appear in the graph.
Acked-by: NHans Verkuil <hans.verkuil@cisco.com>
Signed-off-by: NMauro Carvalho Chehab <mchehab@osg.samsung.com>

There are already some tags at dvb_ca_en50221.h, but using a
different format. Convert them, fix a few entries and add
to the device-drivers DocBook.
Signed-off-by: NMauro Carvalho Chehab <mchehab@osg.samsung.com>
Acked-by: NJonathan Corbet <corbet@lwn.net>

The functions "dvb_unregister_device" and "kfree" could still be called
by the dvb_ca_en50221_init() function in the case that a previous resource
allocation failed.

* Corresponding details could be improved by adjustments for jump targets.

* Let us delete also an unnecessary check for the variable "ca" there.
Signed-off-by: NMarkus Elfring <elfring@users.sourceforge.net>
Signed-off-by: NMauro Carvalho Chehab <mchehab@osg.samsung.com>

The dvb_unregister_device() function tests whether its argument is NULL
and then returns immediately. Thus the test around the call is not needed.

This issue was detected by using the Coccinelle software.
Signed-off-by: NMarkus Elfring <elfring@users.sourceforge.net>
Signed-off-by: NMauro Carvalho Chehab <mchehab@osg.samsung.com>

Prefix all DVB media controller entities with "dvb-" and use dash
instead of underline at the names.
Requested-by: NHans Verkuil <hans.verkuil@cisco.com>
Acked-by: NHans Verkuil <hans.verkuil@cisco.com>
Signed-off-by: NMauro Carvalho Chehab <mchehab@osg.samsung.com>

Make the dvb core CA support aware of the media controller and
register the corresponding devices.
Signed-off-by: NMauro Carvalho Chehab <mchehab@osg.samsung.com>

We recently pushed the locking down into this function, but there was
an error path where the unlock was missed.
Signed-off-by: NDan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: NMauro Carvalho Chehab <mchehab@redhat.com>

Since most dvb ioctls wrap their real work with dvb_usercopy, the static mutex
used in dvb_usercopy effectively is a global lock for dvb ioctls.
Unfortunately, frontend ioctls can be blocked by the frontend thread for
several seconds; this leads to unacceptable lock contention.  Mitigate that by
pushing the mutex from dvb_usercopy down to the individual, device specific
ioctls.
There are 10 such ioctl functions using dvb_usercopy, either calling it
directly, or via the trivial wrapper dvb_generic_ioctl. The following already
employ their own locking and look safe:
    • dvb_demux_ioctl           (as per dvb_demux_do_ioctl)
    • dvb_dvr_ioctl             (as per dvb_dvr_do_ioctl)
    • dvb_osd_ioctl             (as per single non-trivial callee)
    • fdtv_ca_ioctl             (as per callees)
    • dvb_frontend_ioctl
The following functions do not, and are thus changed to use a device specific
mutex:
    • dvb_net_ioctl             (as per dvb_net_do_ioctl)
    • dvb_ca_en50221_io_ioctl   (as per dvb_ca_en50221_io_do_ioctl)
    • dvb_video_ioctl
    • dvb_audio_ioctl
    • dvb_ca_ioctl
Signed-off-by: NNikolaus Schulz <schulz@macnetix.de>
Signed-off-by: NMichael Krufky <mkrufky@linuxtv.org>
Signed-off-by: NMauro Carvalho Chehab <mchehab@redhat.com>

just like the V4L2 core, move the DVB core to drivers/media, as the
intention is to get rid of both "video" and "dvb" directories.
Signed-off-by: NMauro Carvalho Chehab <mchehab@redhat.com>

As reported by Toralf:

the build failed with :
  CC [M]  drivers/media/dvb/dvb-core/dvb_ca_en50221.o
In file included from arch/x86/include/asm/uaccess.h:573:0,
                 from include/linux/poll.h:14,
                 from drivers/media/dvb/dvb-core/dvbdev.h:27,
                 from drivers/media/dvb/dvb-core/dvb_ca_en50221.h:27,
                 from drivers/media/dvb/dvb-core/dvb_ca_en50221.c:41:
In function "copy_from_user", inlined from "dvb_ca_en50221_io_write" at drivers/media/dvb/dvb-core/dvb_ca_en50221.c:1314:26: arch/x86/include/asm/uaccess_32.h:211:26: error: call to "copy_from_user_overflow" declared with attribute error: copy_from_user() buffer size is not provably correct
Reported-by: NToralf Foerster <toralf.foerster@gmx.de>
Signed-off-by: NMauro Carvalho Chehab <mchehab@redhat.com>

The big kernel lock has been removed from all these files at some point,
leaving only the #include.

Remove this too as a cleanup.
Signed-off-by: NArnd Bergmann <arnd@arndb.de>
Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>

The dvb core only uses the big kernel lock in the open
and ioctl functions, which means it can be replaced with
a dvb specific mutex. Fortunately, all the ioctl functions
go through dvb_usercopy, so we can move the serialization
in there.
Signed-off-by: NArnd Bergmann <arnd@arndb.de>
Signed-off-by: NMauro Carvalho Chehab <mchehab@redhat.com>

The dvb core only uses the big kernel lock in the open
and ioctl functions, which means it can be replaced with
a dvb specific mutex. Fortunately, all the ioctl functions
go through dvb_usercopy, so we can move the serialization
in there.
Signed-off-by: NArnd Bergmann <arnd@arndb.de>
Cc: Mauro Carvalho Chehab <mchehab@infradead.org>
Cc: linux-media@vger.kernel.org

All file_operations should get a .llseek operation so we can make
nonseekable_open the default for future file operations without a
.llseek pointer.

The three cases that we can automatically detect are no_llseek, seq_lseek
and default_llseek. For cases where we can we can automatically prove that
the file offset is always ignored, we use noop_llseek, which maintains
the current behavior of not returning an error from a seek.

New drivers should normally not use noop_llseek but instead use no_llseek
and call nonseekable_open at open time.  Existing drivers can be converted
to do the same when the maintainer knows for certain that no user code
relies on calling seek on the device file.

The generated code is often incorrectly indented and right now contains
comments that clarify for each added line why a specific variant was
chosen. In the version that gets submitted upstream, the comments will
be gone and I will manually fix the indentation, because there does not
seem to be a way to do that using coccinelle.

Some amount of new code is currently sitting in linux-next that should get
the same modifications, which I will do at the end of the merge window.

Many thanks to Julia Lawall for helping me learn to write a semantic
patch that does all this.

===== begin semantic patch =====
// This adds an llseek= method to all file operations,
// as a preparation for making no_llseek the default.
//
// The rules are
// - use no_llseek explicitly if we do nonseekable_open
// - use seq_lseek for sequential files
// - use default_llseek if we know we access f_pos
// - use noop_llseek if we know we don't access f_pos,
//   but we still want to allow users to call lseek
//
@ open1 exists @
identifier nested_open;
@@
nested_open(...)
{
<+...
nonseekable_open(...)
...+>
}

@ open exists@
identifier open_f;
identifier i, f;
identifier open1.nested_open;
@@
int open_f(struct inode *i, struct file *f)
{
<+...
(
nonseekable_open(...)
|
nested_open(...)
)
...+>
}

@ read disable optional_qualifier exists @
identifier read_f;
identifier f, p, s, off;
type ssize_t, size_t, loff_t;
expression E;
identifier func;
@@
ssize_t read_f(struct file *f, char *p, size_t s, loff_t *off)
{
<+...
(
   *off = E
|
   *off += E
|
   func(..., off, ...)
|
   E = *off
)
...+>
}

@ read_no_fpos disable optional_qualifier exists @
identifier read_f;
identifier f, p, s, off;
type ssize_t, size_t, loff_t;
@@
ssize_t read_f(struct file *f, char *p, size_t s, loff_t *off)
{
... when != off
}

@ write @
identifier write_f;
identifier f, p, s, off;
type ssize_t, size_t, loff_t;
expression E;
identifier func;
@@
ssize_t write_f(struct file *f, const char *p, size_t s, loff_t *off)
{
<+...
(
  *off = E
|
  *off += E
|
  func(..., off, ...)
|
  E = *off
)
...+>
}

@ write_no_fpos @
identifier write_f;
identifier f, p, s, off;
type ssize_t, size_t, loff_t;
@@
ssize_t write_f(struct file *f, const char *p, size_t s, loff_t *off)
{
... when != off
}

@ fops0 @
identifier fops;
@@
struct file_operations fops = {
 ...
};

@ has_llseek depends on fops0 @
identifier fops0.fops;
identifier llseek_f;
@@
struct file_operations fops = {
...
 .llseek = llseek_f,
...
};

@ has_read depends on fops0 @
identifier fops0.fops;
identifier read_f;
@@
struct file_operations fops = {
...
 .read = read_f,
...
};

@ has_write depends on fops0 @
identifier fops0.fops;
identifier write_f;
@@
struct file_operations fops = {
...
 .write = write_f,
...
};

@ has_open depends on fops0 @
identifier fops0.fops;
identifier open_f;
@@
struct file_operations fops = {
...
 .open = open_f,
...
};

// use no_llseek if we call nonseekable_open
////////////////////////////////////////////
@ nonseekable1 depends on !has_llseek && has_open @
identifier fops0.fops;
identifier nso ~= "nonseekable_open";
@@
struct file_operations fops = {
...  .open = nso, ...
+.llseek = no_llseek, /* nonseekable */
};

@ nonseekable2 depends on !has_llseek @
identifier fops0.fops;
identifier open.open_f;
@@
struct file_operations fops = {
...  .open = open_f, ...
+.llseek = no_llseek, /* open uses nonseekable */
};

// use seq_lseek for sequential files
/////////////////////////////////////
@ seq depends on !has_llseek @
identifier fops0.fops;
identifier sr ~= "seq_read";
@@
struct file_operations fops = {
...  .read = sr, ...
+.llseek = seq_lseek, /* we have seq_read */
};

// use default_llseek if there is a readdir
///////////////////////////////////////////
@ fops1 depends on !has_llseek && !nonseekable1 && !nonseekable2 && !seq @
identifier fops0.fops;
identifier readdir_e;
@@
// any other fop is used that changes pos
struct file_operations fops = {
... .readdir = readdir_e, ...
+.llseek = default_llseek, /* readdir is present */
};

// use default_llseek if at least one of read/write touches f_pos
/////////////////////////////////////////////////////////////////
@ fops2 depends on !fops1 && !has_llseek && !nonseekable1 && !nonseekable2 && !seq @
identifier fops0.fops;
identifier read.read_f;
@@
// read fops use offset
struct file_operations fops = {
... .read = read_f, ...
+.llseek = default_llseek, /* read accesses f_pos */
};

@ fops3 depends on !fops1 && !fops2 && !has_llseek && !nonseekable1 && !nonseekable2 && !seq @
identifier fops0.fops;
identifier write.write_f;
@@
// write fops use offset
struct file_operations fops = {
... .write = write_f, ...
+	.llseek = default_llseek, /* write accesses f_pos */
};

// Use noop_llseek if neither read nor write accesses f_pos
///////////////////////////////////////////////////////////

@ fops4 depends on !fops1 && !fops2 && !fops3 && !has_llseek && !nonseekable1 && !nonseekable2 && !seq @
identifier fops0.fops;
identifier read_no_fpos.read_f;
identifier write_no_fpos.write_f;
@@
// write fops use offset
struct file_operations fops = {
...
 .write = write_f,
 .read = read_f,
...
+.llseek = noop_llseek, /* read and write both use no f_pos */
};

@ depends on has_write && !has_read && !fops1 && !fops2 && !has_llseek && !nonseekable1 && !nonseekable2 && !seq @
identifier fops0.fops;
identifier write_no_fpos.write_f;
@@
struct file_operations fops = {
... .write = write_f, ...
+.llseek = noop_llseek, /* write uses no f_pos */
};

@ depends on has_read && !has_write && !fops1 && !fops2 && !has_llseek && !nonseekable1 && !nonseekable2 && !seq @
identifier fops0.fops;
identifier read_no_fpos.read_f;
@@
struct file_operations fops = {
... .read = read_f, ...
+.llseek = noop_llseek, /* read uses no f_pos */
};

@ depends on !has_read && !has_write && !fops1 && !fops2 && !has_llseek && !nonseekable1 && !nonseekable2 && !seq @
identifier fops0.fops;
@@
struct file_operations fops = {
...
+.llseek = noop_llseek, /* no read or write fn */
};
===== End semantic patch =====
Signed-off-by: NArnd Bergmann <arnd@arndb.de>
Cc: Julia Lawall <julia@diku.dk>
Cc: Christoph Hellwig <hch@infradead.org>

copy_to_user() returns the number of bytes remaining to be copied which
isn't the right thing to return here.  The comments say that these
functions in dvb_ca_en50221.c should return the number of bytes copied or
an error return.  I've changed it to return -EFAULT.
Signed-off-by: NDan Carpenter <error27@gmail.com>
Signed-off-by: NMauro Carvalho Chehab <mchehab@redhat.com>