1 // SPDX-License-Identifier: GPL-2.0+
2 /*
3 * Copyright (C) 2003-2008 Takahiro Hirofuchi
4 */
5
6 #include <linux/device.h>
7 #include <linux/file.h>
8 #include <linux/kthread.h>
9 #include <linux/module.h>
10
11 #include "usbip_common.h"
12 #include "stub.h"
13
14 /*
15 * usbip_status shows the status of usbip-host as long as this driver is bound
16 * to the target device.
17 */
usbip_status_show(struct device * dev,struct device_attribute * attr,char * buf)18 static ssize_t usbip_status_show(struct device *dev,
19 struct device_attribute *attr, char *buf)
20 {
21 struct stub_device *sdev = dev_get_drvdata(dev);
22 int status;
23
24 if (!sdev) {
25 dev_err(dev, "sdev is null\n");
26 return -ENODEV;
27 }
28
29 spin_lock_irq(&sdev->ud.lock);
30 status = sdev->ud.status;
31 spin_unlock_irq(&sdev->ud.lock);
32
33 return snprintf(buf, PAGE_SIZE, "%d\n", status);
34 }
35 static DEVICE_ATTR_RO(usbip_status);
36
37 /*
38 * usbip_sockfd gets a socket descriptor of an established TCP connection that
39 * is used to transfer usbip requests by kernel threads. -1 is a magic number
40 * by which usbip connection is finished.
41 */
usbip_sockfd_store(struct device * dev,struct device_attribute * attr,const char * buf,size_t count)42 static ssize_t usbip_sockfd_store(struct device *dev, struct device_attribute *attr,
43 const char *buf, size_t count)
44 {
45 struct stub_device *sdev = dev_get_drvdata(dev);
46 int sockfd = 0;
47 struct socket *socket;
48 int rv;
49 struct task_struct *tcp_rx = NULL;
50 struct task_struct *tcp_tx = NULL;
51
52 if (!sdev) {
53 dev_err(dev, "sdev is null\n");
54 return -ENODEV;
55 }
56
57 rv = sscanf(buf, "%d", &sockfd);
58 if (rv != 1)
59 return -EINVAL;
60
61 if (sockfd != -1) {
62 int err;
63
64 dev_info(dev, "stub up\n");
65
66 spin_lock_irq(&sdev->ud.lock);
67
68 if (sdev->ud.status != SDEV_ST_AVAILABLE) {
69 dev_err(dev, "not ready\n");
70 goto err;
71 }
72
73 socket = sockfd_lookup(sockfd, &err);
74 if (!socket)
75 goto err;
76
77 /* unlock and create threads and get tasks */
78 spin_unlock_irq(&sdev->ud.lock);
79 tcp_rx = kthread_create(stub_rx_loop, &sdev->ud, "stub_rx");
80 if (IS_ERR(tcp_rx)) {
81 sockfd_put(socket);
82 return -EINVAL;
83 }
84 tcp_tx = kthread_create(stub_tx_loop, &sdev->ud, "stub_tx");
85 if (IS_ERR(tcp_tx)) {
86 kthread_stop(tcp_rx);
87 sockfd_put(socket);
88 return -EINVAL;
89 }
90
91 /* get task structs now */
92 get_task_struct(tcp_rx);
93 get_task_struct(tcp_tx);
94
95 /* lock and update sdev->ud state */
96 spin_lock_irq(&sdev->ud.lock);
97 sdev->ud.tcp_socket = socket;
98 sdev->ud.sockfd = sockfd;
99 sdev->ud.tcp_rx = tcp_rx;
100 sdev->ud.tcp_tx = tcp_tx;
101 sdev->ud.status = SDEV_ST_USED;
102 spin_unlock_irq(&sdev->ud.lock);
103
104 wake_up_process(sdev->ud.tcp_rx);
105 wake_up_process(sdev->ud.tcp_tx);
106
107 } else {
108 dev_info(dev, "stub down\n");
109
110 spin_lock_irq(&sdev->ud.lock);
111 if (sdev->ud.status != SDEV_ST_USED)
112 goto err;
113
114 spin_unlock_irq(&sdev->ud.lock);
115
116 usbip_event_add(&sdev->ud, SDEV_EVENT_DOWN);
117 }
118
119 return count;
120
121 err:
122 spin_unlock_irq(&sdev->ud.lock);
123 return -EINVAL;
124 }
125 static DEVICE_ATTR_WO(usbip_sockfd);
126
stub_add_files(struct device * dev)127 static int stub_add_files(struct device *dev)
128 {
129 int err = 0;
130
131 err = device_create_file(dev, &dev_attr_usbip_status);
132 if (err)
133 goto err_status;
134
135 err = device_create_file(dev, &dev_attr_usbip_sockfd);
136 if (err)
137 goto err_sockfd;
138
139 err = device_create_file(dev, &dev_attr_usbip_debug);
140 if (err)
141 goto err_debug;
142
143 return 0;
144
145 err_debug:
146 device_remove_file(dev, &dev_attr_usbip_sockfd);
147 err_sockfd:
148 device_remove_file(dev, &dev_attr_usbip_status);
149 err_status:
150 return err;
151 }
152
stub_remove_files(struct device * dev)153 static void stub_remove_files(struct device *dev)
154 {
155 device_remove_file(dev, &dev_attr_usbip_status);
156 device_remove_file(dev, &dev_attr_usbip_sockfd);
157 device_remove_file(dev, &dev_attr_usbip_debug);
158 }
159
stub_shutdown_connection(struct usbip_device * ud)160 static void stub_shutdown_connection(struct usbip_device *ud)
161 {
162 struct stub_device *sdev = container_of(ud, struct stub_device, ud);
163
164 /*
165 * When removing an exported device, kernel panic sometimes occurred
166 * and then EIP was sk_wait_data of stub_rx thread. Is this because
167 * sk_wait_data returned though stub_rx thread was already finished by
168 * step 1?
169 */
170 if (ud->tcp_socket) {
171 dev_dbg(&sdev->udev->dev, "shutdown sockfd %d\n", ud->sockfd);
172 kernel_sock_shutdown(ud->tcp_socket, SHUT_RDWR);
173 }
174
175 /* 1. stop threads */
176 if (ud->tcp_rx) {
177 kthread_stop_put(ud->tcp_rx);
178 ud->tcp_rx = NULL;
179 }
180 if (ud->tcp_tx) {
181 kthread_stop_put(ud->tcp_tx);
182 ud->tcp_tx = NULL;
183 }
184
185 /*
186 * 2. close the socket
187 *
188 * tcp_socket is freed after threads are killed so that usbip_xmit does
189 * not touch NULL socket.
190 */
191 if (ud->tcp_socket) {
192 sockfd_put(ud->tcp_socket);
193 ud->tcp_socket = NULL;
194 ud->sockfd = -1;
195 }
196
197 /* 3. free used data */
198 stub_device_cleanup_urbs(sdev);
199
200 /* 4. free stub_unlink */
201 {
202 unsigned long flags;
203 struct stub_unlink *unlink, *tmp;
204
205 spin_lock_irqsave(&sdev->priv_lock, flags);
206 list_for_each_entry_safe(unlink, tmp, &sdev->unlink_tx, list) {
207 list_del(&unlink->list);
208 kfree(unlink);
209 }
210 list_for_each_entry_safe(unlink, tmp, &sdev->unlink_free,
211 list) {
212 list_del(&unlink->list);
213 kfree(unlink);
214 }
215 spin_unlock_irqrestore(&sdev->priv_lock, flags);
216 }
217 }
218
stub_device_reset(struct usbip_device * ud)219 static void stub_device_reset(struct usbip_device *ud)
220 {
221 struct stub_device *sdev = container_of(ud, struct stub_device, ud);
222 struct usb_device *udev = sdev->udev;
223 int ret;
224
225 dev_dbg(&udev->dev, "device reset");
226
227 ret = usb_lock_device_for_reset(udev, NULL);
228 if (ret < 0) {
229 dev_err(&udev->dev, "lock for reset\n");
230 spin_lock_irq(&ud->lock);
231 ud->status = SDEV_ST_ERROR;
232 spin_unlock_irq(&ud->lock);
233 return;
234 }
235
236 /* try to reset the device */
237 ret = usb_reset_device(udev);
238 usb_unlock_device(udev);
239
240 spin_lock_irq(&ud->lock);
241 if (ret) {
242 dev_err(&udev->dev, "device reset\n");
243 ud->status = SDEV_ST_ERROR;
244 } else {
245 dev_info(&udev->dev, "device reset\n");
246 ud->status = SDEV_ST_AVAILABLE;
247 }
248 spin_unlock_irq(&ud->lock);
249 }
250
stub_device_unusable(struct usbip_device * ud)251 static void stub_device_unusable(struct usbip_device *ud)
252 {
253 spin_lock_irq(&ud->lock);
254 ud->status = SDEV_ST_ERROR;
255 spin_unlock_irq(&ud->lock);
256 }
257
258 /**
259 * stub_device_alloc - allocate a new stub_device struct
260 * @udev: usb_device of a new device
261 *
262 * Allocates and initializes a new stub_device struct.
263 */
stub_device_alloc(struct usb_device * udev)264 static struct stub_device *stub_device_alloc(struct usb_device *udev)
265 {
266 struct stub_device *sdev;
267 int busnum = udev->bus->busnum;
268 int devnum = udev->devnum;
269
270 dev_dbg(&udev->dev, "allocating stub device");
271
272 /* yes, it's a new device */
273 sdev = kzalloc(sizeof(struct stub_device), GFP_KERNEL);
274 if (!sdev)
275 return NULL;
276
277 sdev->udev = usb_get_dev(udev);
278
279 /*
280 * devid is defined with devnum when this driver is first allocated.
281 * devnum may change later if a device is reset. However, devid never
282 * changes during a usbip connection.
283 */
284 sdev->devid = (busnum << 16) | devnum;
285 sdev->ud.side = USBIP_STUB;
286 sdev->ud.status = SDEV_ST_AVAILABLE;
287 spin_lock_init(&sdev->ud.lock);
288 sdev->ud.tcp_socket = NULL;
289 sdev->ud.sockfd = -1;
290
291 INIT_LIST_HEAD(&sdev->priv_init);
292 INIT_LIST_HEAD(&sdev->priv_tx);
293 INIT_LIST_HEAD(&sdev->priv_free);
294 INIT_LIST_HEAD(&sdev->unlink_free);
295 INIT_LIST_HEAD(&sdev->unlink_tx);
296 spin_lock_init(&sdev->priv_lock);
297
298 init_waitqueue_head(&sdev->tx_waitq);
299
300 sdev->ud.eh_ops.shutdown = stub_shutdown_connection;
301 sdev->ud.eh_ops.reset = stub_device_reset;
302 sdev->ud.eh_ops.unusable = stub_device_unusable;
303
304 usbip_start_eh(&sdev->ud);
305
306 dev_dbg(&udev->dev, "register new device\n");
307
308 return sdev;
309 }
310
stub_device_free(struct stub_device * sdev)311 static void stub_device_free(struct stub_device *sdev)
312 {
313 kfree(sdev);
314 }
315
stub_probe(struct usb_device * udev)316 static int stub_probe(struct usb_device *udev)
317 {
318 struct stub_device *sdev = NULL;
319 const char *udev_busid = dev_name(&udev->dev);
320 struct bus_id_priv *busid_priv;
321 int rc = 0;
322 char save_status;
323
324 dev_dbg(&udev->dev, "Enter probe\n");
325
326 /* Not sure if this is our device. Allocate here to avoid
327 * calling alloc while holding busid_table lock.
328 */
329 sdev = stub_device_alloc(udev);
330 if (!sdev)
331 return -ENOMEM;
332
333 /* check we should claim or not by busid_table */
334 busid_priv = get_busid_priv(udev_busid);
335 if (!busid_priv || (busid_priv->status == STUB_BUSID_REMOV) ||
336 (busid_priv->status == STUB_BUSID_OTHER)) {
337 dev_info(&udev->dev,
338 "%s is not in match_busid table... skip!\n",
339 udev_busid);
340
341 /*
342 * Return value should be ENODEV or ENOXIO to continue trying
343 * other matched drivers by the driver core.
344 * See driver_probe_device() in driver/base/dd.c
345 */
346 rc = -ENODEV;
347 if (!busid_priv)
348 goto sdev_free;
349
350 goto call_put_busid_priv;
351 }
352
353 if (udev->descriptor.bDeviceClass == USB_CLASS_HUB) {
354 dev_dbg(&udev->dev, "%s is a usb hub device... skip!\n",
355 udev_busid);
356 rc = -ENODEV;
357 goto call_put_busid_priv;
358 }
359
360 if (!strcmp(udev->bus->bus_name, "vhci_hcd")) {
361 dev_dbg(&udev->dev,
362 "%s is attached on vhci_hcd... skip!\n",
363 udev_busid);
364
365 rc = -ENODEV;
366 goto call_put_busid_priv;
367 }
368
369
370 dev_info(&udev->dev,
371 "usbip-host: register new device (bus %u dev %u)\n",
372 udev->bus->busnum, udev->devnum);
373
374 busid_priv->shutdown_busid = 0;
375
376 /* set private data to usb_device */
377 dev_set_drvdata(&udev->dev, sdev);
378
379 busid_priv->sdev = sdev;
380 busid_priv->udev = udev;
381
382 save_status = busid_priv->status;
383 busid_priv->status = STUB_BUSID_ALLOC;
384
385 /* release the busid_lock */
386 put_busid_priv(busid_priv);
387
388 /*
389 * Claim this hub port.
390 * It doesn't matter what value we pass as owner
391 * (struct dev_state) as long as it is unique.
392 */
393 rc = usb_hub_claim_port(udev->parent, udev->portnum,
394 (struct usb_dev_state *) udev);
395 if (rc) {
396 dev_dbg(&udev->dev, "unable to claim port\n");
397 goto err_port;
398 }
399
400 rc = stub_add_files(&udev->dev);
401 if (rc) {
402 dev_err(&udev->dev, "stub_add_files for %s\n", udev_busid);
403 goto err_files;
404 }
405
406 return 0;
407
408 err_files:
409 usb_hub_release_port(udev->parent, udev->portnum,
410 (struct usb_dev_state *) udev);
411 err_port:
412 dev_set_drvdata(&udev->dev, NULL);
413 usb_put_dev(udev);
414
415 /* we already have busid_priv, just lock busid_lock */
416 spin_lock(&busid_priv->busid_lock);
417 busid_priv->sdev = NULL;
418 busid_priv->status = save_status;
419 spin_unlock(&busid_priv->busid_lock);
420 /* lock is released - go to free */
421 goto sdev_free;
422
423 call_put_busid_priv:
424 /* release the busid_lock */
425 put_busid_priv(busid_priv);
426
427 sdev_free:
428 stub_device_free(sdev);
429
430 return rc;
431 }
432
shutdown_busid(struct bus_id_priv * busid_priv)433 static void shutdown_busid(struct bus_id_priv *busid_priv)
434 {
435 usbip_event_add(&busid_priv->sdev->ud, SDEV_EVENT_REMOVED);
436
437 /* wait for the stop of the event handler */
438 usbip_stop_eh(&busid_priv->sdev->ud);
439 }
440
441 /*
442 * called in usb_disconnect() or usb_deregister()
443 * but only if actconfig(active configuration) exists
444 */
stub_disconnect(struct usb_device * udev)445 static void stub_disconnect(struct usb_device *udev)
446 {
447 struct stub_device *sdev;
448 const char *udev_busid = dev_name(&udev->dev);
449 struct bus_id_priv *busid_priv;
450 int rc;
451
452 dev_dbg(&udev->dev, "Enter disconnect\n");
453
454 busid_priv = get_busid_priv(udev_busid);
455 if (!busid_priv) {
456 BUG();
457 return;
458 }
459
460 sdev = dev_get_drvdata(&udev->dev);
461
462 /* get stub_device */
463 if (!sdev) {
464 dev_err(&udev->dev, "could not get device");
465 /* release busid_lock */
466 put_busid_priv(busid_priv);
467 return;
468 }
469
470 dev_set_drvdata(&udev->dev, NULL);
471
472 /* release busid_lock before call to remove device files */
473 put_busid_priv(busid_priv);
474
475 /*
476 * NOTE: rx/tx threads are invoked for each usb_device.
477 */
478 stub_remove_files(&udev->dev);
479
480 /* release port */
481 rc = usb_hub_release_port(udev->parent, udev->portnum,
482 (struct usb_dev_state *) udev);
483 if (rc) {
484 dev_dbg(&udev->dev, "unable to release port\n");
485 return;
486 }
487
488 /* If usb reset is called from event handler */
489 if (usbip_in_eh(current))
490 return;
491
492 /* we already have busid_priv, just lock busid_lock */
493 spin_lock(&busid_priv->busid_lock);
494 if (!busid_priv->shutdown_busid)
495 busid_priv->shutdown_busid = 1;
496 /* release busid_lock */
497 spin_unlock(&busid_priv->busid_lock);
498
499 /* shutdown the current connection */
500 shutdown_busid(busid_priv);
501
502 usb_put_dev(sdev->udev);
503
504 /* we already have busid_priv, just lock busid_lock */
505 spin_lock(&busid_priv->busid_lock);
506 /* free sdev */
507 busid_priv->sdev = NULL;
508 stub_device_free(sdev);
509
510 if (busid_priv->status == STUB_BUSID_ALLOC)
511 busid_priv->status = STUB_BUSID_ADDED;
512 /* release busid_lock */
513 spin_unlock(&busid_priv->busid_lock);
514 return;
515 }
516
517 #ifdef CONFIG_PM
518
519 /* These functions need usb_port_suspend and usb_port_resume,
520 * which reside in drivers/usb/core/usb.h. Skip for now. */
521
stub_suspend(struct usb_device * udev,pm_message_t message)522 static int stub_suspend(struct usb_device *udev, pm_message_t message)
523 {
524 dev_dbg(&udev->dev, "stub_suspend\n");
525
526 return 0;
527 }
528
stub_resume(struct usb_device * udev,pm_message_t message)529 static int stub_resume(struct usb_device *udev, pm_message_t message)
530 {
531 dev_dbg(&udev->dev, "stub_resume\n");
532
533 return 0;
534 }
535
536 #endif /* CONFIG_PM */
537
538 struct usb_device_driver stub_driver = {
539 .name = "usbip-host",
540 .probe = stub_probe,
541 .disconnect = stub_disconnect,
542 #ifdef CONFIG_PM
543 .suspend = stub_suspend,
544 .resume = stub_resume,
545 #endif
546 .supports_autosuspend = 0,
547 };
548