1 /*
2 * Copyright (C) 2003-2008 Takahiro Hirofuchi
3 *
4 * This is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License as published by
6 * the Free Software Foundation; either version 2 of the License, or
7 * (at your option) any later version.
8 *
9 * This is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
13 *
14 * You should have received a copy of the GNU General Public License
15 * along with this program; if not, write to the Free Software
16 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
17 * USA.
18 */
19
20 #include "usbip_common.h"
21 #include "stub.h"
22
23
stub_free_priv_and_urb(struct stub_priv * priv)24 static void stub_free_priv_and_urb(struct stub_priv *priv)
25 {
26 struct urb *urb = priv->urb;
27
28 kfree(urb->setup_packet);
29 kfree(urb->transfer_buffer);
30 list_del(&priv->list);
31 kmem_cache_free(stub_priv_cache, priv);
32 usb_free_urb(urb);
33 }
34
35 /* be in spin_lock_irqsave(&sdev->priv_lock, flags) */
stub_enqueue_ret_unlink(struct stub_device * sdev,__u32 seqnum,__u32 status)36 void stub_enqueue_ret_unlink(struct stub_device *sdev, __u32 seqnum,
37 __u32 status)
38 {
39 struct stub_unlink *unlink;
40
41 unlink = kzalloc(sizeof(struct stub_unlink), GFP_ATOMIC);
42 if (!unlink) {
43 dev_err(&sdev->interface->dev, "alloc stub_unlink\n");
44 usbip_event_add(&sdev->ud, VDEV_EVENT_ERROR_MALLOC);
45 return;
46 }
47
48 unlink->seqnum = seqnum;
49 unlink->status = status;
50
51 list_add_tail(&unlink->list, &sdev->unlink_tx);
52 }
53
54 /**
55 * stub_complete - completion handler of a usbip urb
56 * @urb: pointer to the urb completed
57 *
58 * When a urb has completed, the USB core driver calls this function mostly in
59 * the interrupt context. To return the result of a urb, the completed urb is
60 * linked to the pending list of returning.
61 *
62 */
stub_complete(struct urb * urb)63 void stub_complete(struct urb *urb)
64 {
65 struct stub_priv *priv = (struct stub_priv *) urb->context;
66 struct stub_device *sdev = priv->sdev;
67 unsigned long flags;
68
69 dbg_stub_tx("complete! status %d\n", urb->status);
70
71
72 switch (urb->status) {
73 case 0:
74 /* OK */
75 break;
76 case -ENOENT:
77 uinfo("stopped by a call of usb_kill_urb() because of"
78 "cleaning up a virtual connection\n");
79 return;
80 case -ECONNRESET:
81 uinfo("unlinked by a call of usb_unlink_urb()\n");
82 break;
83 case -EPIPE:
84 uinfo("endpoint %d is stalled\n", usb_pipeendpoint(urb->pipe));
85 break;
86 case -ESHUTDOWN:
87 uinfo("device removed?\n");
88 break;
89 default:
90 uinfo("urb completion with non-zero status %d\n", urb->status);
91 }
92
93 /* link a urb to the queue of tx. */
94 spin_lock_irqsave(&sdev->priv_lock, flags);
95
96 if (priv->unlinking) {
97 stub_enqueue_ret_unlink(sdev, priv->seqnum, urb->status);
98 stub_free_priv_and_urb(priv);
99 } else
100 list_move_tail(&priv->list, &sdev->priv_tx);
101
102
103 spin_unlock_irqrestore(&sdev->priv_lock, flags);
104
105 /* wake up tx_thread */
106 wake_up(&sdev->tx_waitq);
107 }
108
109
110 /*-------------------------------------------------------------------------*/
111 /* fill PDU */
112
setup_base_pdu(struct usbip_header_basic * base,__u32 command,__u32 seqnum)113 static inline void setup_base_pdu(struct usbip_header_basic *base,
114 __u32 command, __u32 seqnum)
115 {
116 base->command = command;
117 base->seqnum = seqnum;
118 base->devid = 0;
119 base->ep = 0;
120 base->direction = 0;
121 }
122
setup_ret_submit_pdu(struct usbip_header * rpdu,struct urb * urb)123 static void setup_ret_submit_pdu(struct usbip_header *rpdu, struct urb *urb)
124 {
125 struct stub_priv *priv = (struct stub_priv *) urb->context;
126
127 setup_base_pdu(&rpdu->base, USBIP_RET_SUBMIT, priv->seqnum);
128
129 usbip_pack_pdu(rpdu, urb, USBIP_RET_SUBMIT, 1);
130 }
131
setup_ret_unlink_pdu(struct usbip_header * rpdu,struct stub_unlink * unlink)132 static void setup_ret_unlink_pdu(struct usbip_header *rpdu,
133 struct stub_unlink *unlink)
134 {
135 setup_base_pdu(&rpdu->base, USBIP_RET_UNLINK, unlink->seqnum);
136
137 rpdu->u.ret_unlink.status = unlink->status;
138 }
139
140
141 /*-------------------------------------------------------------------------*/
142 /* send RET_SUBMIT */
143
dequeue_from_priv_tx(struct stub_device * sdev)144 static struct stub_priv *dequeue_from_priv_tx(struct stub_device *sdev)
145 {
146 unsigned long flags;
147 struct stub_priv *priv, *tmp;
148
149 spin_lock_irqsave(&sdev->priv_lock, flags);
150
151 list_for_each_entry_safe(priv, tmp, &sdev->priv_tx, list) {
152 list_move_tail(&priv->list, &sdev->priv_free);
153 spin_unlock_irqrestore(&sdev->priv_lock, flags);
154 return priv;
155 }
156
157 spin_unlock_irqrestore(&sdev->priv_lock, flags);
158
159 return NULL;
160 }
161
stub_send_ret_submit(struct stub_device * sdev)162 static int stub_send_ret_submit(struct stub_device *sdev)
163 {
164 unsigned long flags;
165 struct stub_priv *priv, *tmp;
166
167 struct msghdr msg;
168 struct kvec iov[3];
169 size_t txsize;
170
171 size_t total_size = 0;
172
173 while ((priv = dequeue_from_priv_tx(sdev)) != NULL) {
174 int ret;
175 struct urb *urb = priv->urb;
176 struct usbip_header pdu_header;
177 void *iso_buffer = NULL;
178
179 txsize = 0;
180 memset(&pdu_header, 0, sizeof(pdu_header));
181 memset(&msg, 0, sizeof(msg));
182 memset(&iov, 0, sizeof(iov));
183
184 dbg_stub_tx("setup txdata urb %p\n", urb);
185
186
187 /* 1. setup usbip_header */
188 setup_ret_submit_pdu(&pdu_header, urb);
189 usbip_header_correct_endian(&pdu_header, 1);
190
191 iov[0].iov_base = &pdu_header;
192 iov[0].iov_len = sizeof(pdu_header);
193 txsize += sizeof(pdu_header);
194
195 /* 2. setup transfer buffer */
196 if (usb_pipein(urb->pipe) && urb->actual_length > 0) {
197 iov[1].iov_base = urb->transfer_buffer;
198 iov[1].iov_len = urb->actual_length;
199 txsize += urb->actual_length;
200 }
201
202 /* 3. setup iso_packet_descriptor */
203 if (usb_pipetype(urb->pipe) == PIPE_ISOCHRONOUS) {
204 ssize_t len = 0;
205
206 iso_buffer = usbip_alloc_iso_desc_pdu(urb, &len);
207 if (!iso_buffer) {
208 usbip_event_add(&sdev->ud,
209 SDEV_EVENT_ERROR_MALLOC);
210 return -1;
211 }
212
213 iov[2].iov_base = iso_buffer;
214 iov[2].iov_len = len;
215 txsize += len;
216 }
217
218 ret = kernel_sendmsg(sdev->ud.tcp_socket, &msg, iov,
219 3, txsize);
220 if (ret != txsize) {
221 dev_err(&sdev->interface->dev,
222 "sendmsg failed!, retval %d for %zd\n",
223 ret, txsize);
224 kfree(iso_buffer);
225 usbip_event_add(&sdev->ud, SDEV_EVENT_ERROR_TCP);
226 return -1;
227 }
228
229 kfree(iso_buffer);
230 dbg_stub_tx("send txdata\n");
231
232 total_size += txsize;
233 }
234
235
236 spin_lock_irqsave(&sdev->priv_lock, flags);
237
238 list_for_each_entry_safe(priv, tmp, &sdev->priv_free, list) {
239 stub_free_priv_and_urb(priv);
240 }
241
242 spin_unlock_irqrestore(&sdev->priv_lock, flags);
243
244 return total_size;
245 }
246
247
248 /*-------------------------------------------------------------------------*/
249 /* send RET_UNLINK */
250
dequeue_from_unlink_tx(struct stub_device * sdev)251 static struct stub_unlink *dequeue_from_unlink_tx(struct stub_device *sdev)
252 {
253 unsigned long flags;
254 struct stub_unlink *unlink, *tmp;
255
256 spin_lock_irqsave(&sdev->priv_lock, flags);
257
258 list_for_each_entry_safe(unlink, tmp, &sdev->unlink_tx, list) {
259 list_move_tail(&unlink->list, &sdev->unlink_free);
260 spin_unlock_irqrestore(&sdev->priv_lock, flags);
261 return unlink;
262 }
263
264 spin_unlock_irqrestore(&sdev->priv_lock, flags);
265
266 return NULL;
267 }
268
269
stub_send_ret_unlink(struct stub_device * sdev)270 static int stub_send_ret_unlink(struct stub_device *sdev)
271 {
272 unsigned long flags;
273 struct stub_unlink *unlink, *tmp;
274
275 struct msghdr msg;
276 struct kvec iov[1];
277 size_t txsize;
278
279 size_t total_size = 0;
280
281 while ((unlink = dequeue_from_unlink_tx(sdev)) != NULL) {
282 int ret;
283 struct usbip_header pdu_header;
284
285 txsize = 0;
286 memset(&pdu_header, 0, sizeof(pdu_header));
287 memset(&msg, 0, sizeof(msg));
288 memset(&iov, 0, sizeof(iov));
289
290 dbg_stub_tx("setup ret unlink %lu\n", unlink->seqnum);
291
292 /* 1. setup usbip_header */
293 setup_ret_unlink_pdu(&pdu_header, unlink);
294 usbip_header_correct_endian(&pdu_header, 1);
295
296 iov[0].iov_base = &pdu_header;
297 iov[0].iov_len = sizeof(pdu_header);
298 txsize += sizeof(pdu_header);
299
300 ret = kernel_sendmsg(sdev->ud.tcp_socket, &msg, iov,
301 1, txsize);
302 if (ret != txsize) {
303 dev_err(&sdev->interface->dev,
304 "sendmsg failed!, retval %d for %zd\n",
305 ret, txsize);
306 usbip_event_add(&sdev->ud, SDEV_EVENT_ERROR_TCP);
307 return -1;
308 }
309
310
311 dbg_stub_tx("send txdata\n");
312
313 total_size += txsize;
314 }
315
316
317 spin_lock_irqsave(&sdev->priv_lock, flags);
318
319 list_for_each_entry_safe(unlink, tmp, &sdev->unlink_free, list) {
320 list_del(&unlink->list);
321 kfree(unlink);
322 }
323
324 spin_unlock_irqrestore(&sdev->priv_lock, flags);
325
326 return total_size;
327 }
328
329
330 /*-------------------------------------------------------------------------*/
331
stub_tx_loop(struct usbip_task * ut)332 void stub_tx_loop(struct usbip_task *ut)
333 {
334 struct usbip_device *ud = container_of(ut, struct usbip_device, tcp_tx);
335 struct stub_device *sdev = container_of(ud, struct stub_device, ud);
336
337 while (1) {
338 if (signal_pending(current)) {
339 dbg_stub_tx("signal catched\n");
340 break;
341 }
342
343 if (usbip_event_happend(ud))
344 break;
345
346 /*
347 * send_ret_submit comes earlier than send_ret_unlink. stub_rx
348 * looks at only priv_init queue. If the completion of a URB is
349 * earlier than the receive of CMD_UNLINK, priv is moved to
350 * priv_tx queue and stub_rx does not find the target priv. In
351 * this case, vhci_rx receives the result of the submit request
352 * and then receives the result of the unlink request. The
353 * result of the submit is given back to the usbcore as the
354 * completion of the unlink request. The request of the
355 * unlink is ignored. This is ok because a driver who calls
356 * usb_unlink_urb() understands the unlink was too late by
357 * getting the status of the given-backed URB which has the
358 * status of usb_submit_urb().
359 */
360 if (stub_send_ret_submit(sdev) < 0)
361 break;
362
363 if (stub_send_ret_unlink(sdev) < 0)
364 break;
365
366 wait_event_interruptible(sdev->tx_waitq,
367 (!list_empty(&sdev->priv_tx) ||
368 !list_empty(&sdev->unlink_tx)));
369 }
370 }
371