1 /*
2 * f_rndis.c -- RNDIS link function driver
3 *
4 * Copyright (C) 2003-2005,2008 David Brownell
5 * Copyright (C) 2003-2004 Robert Schwebel, Benedikt Spranger
6 * Copyright (C) 2008 Nokia Corporation
7 * Copyright (C) 2009 Samsung Electronics
8 * Author: Michal Nazarewicz (mina86@mina86.com)
9 *
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
14 */
15
16 /* #define VERBOSE_DEBUG */
17
18 #include <linux/slab.h>
19 #include <linux/kernel.h>
20 #include <linux/device.h>
21 #include <linux/etherdevice.h>
22
23 #include <linux/atomic.h>
24
25 #include "u_ether.h"
26 #include "rndis.h"
27
28 /*
29 * This function is an RNDIS Ethernet port -- a Microsoft protocol that's
30 * been promoted instead of the standard CDC Ethernet. The published RNDIS
31 * spec is ambiguous, incomplete, and needlessly complex. Variants such as
32 * ActiveSync have even worse status in terms of specification.
33 *
34 * In short: it's a protocol controlled by (and for) Microsoft, not for an
35 * Open ecosystem or markets. Linux supports it *only* because Microsoft
36 * doesn't support the CDC Ethernet standard.
37 *
38 * The RNDIS data transfer model is complex, with multiple Ethernet packets
39 * per USB message, and out of band data. The control model is built around
40 * what's essentially an "RNDIS RPC" protocol. It's all wrapped in a CDC ACM
41 * (modem, not Ethernet) veneer, with those ACM descriptors being entirely
42 * useless (they're ignored). RNDIS expects to be the only function in its
43 * configuration, so it's no real help if you need composite devices; and
44 * it expects to be the first configuration too.
45 *
46 * There is a single technical advantage of RNDIS over CDC Ethernet, if you
47 * discount the fluff that its RPC can be made to deliver: it doesn't need
48 * a NOP altsetting for the data interface. That lets it work on some of the
49 * "so smart it's stupid" hardware which takes over configuration changes
50 * from the software, and adds restrictions like "no altsettings".
51 *
52 * Unfortunately MSFT's RNDIS drivers are buggy. They hang or oops, and
53 * have all sorts of contrary-to-specification oddities that can prevent
54 * them from working sanely. Since bugfixes (or accurate specs, letting
55 * Linux work around those bugs) are unlikely to ever come from MSFT, you
56 * may want to avoid using RNDIS on purely operational grounds.
57 *
58 * Omissions from the RNDIS 1.0 specification include:
59 *
60 * - Power management ... references data that's scattered around lots
61 * of other documentation, which is incorrect/incomplete there too.
62 *
63 * - There are various undocumented protocol requirements, like the need
64 * to send garbage in some control-OUT messages.
65 *
66 * - MS-Windows drivers sometimes emit undocumented requests.
67 */
68
69 static unsigned int rndis_dl_max_pkt_per_xfer = 3;
70 module_param(rndis_dl_max_pkt_per_xfer, uint, S_IRUGO | S_IWUSR);
71 MODULE_PARM_DESC(rndis_dl_max_pkt_per_xfer,
72 "Maximum packets per transfer for DL aggregation");
73
74 static unsigned int rndis_ul_max_pkt_per_xfer = 3;
75 module_param(rndis_ul_max_pkt_per_xfer, uint, S_IRUGO | S_IWUSR);
76 MODULE_PARM_DESC(rndis_ul_max_pkt_per_xfer,
77 "Maximum packets per transfer for UL aggregation");
78
79 struct f_rndis {
80 struct gether port;
81 u8 ctrl_id, data_id;
82 u8 ethaddr[ETH_ALEN];
83 u32 vendorID;
84 const char *manufacturer;
85 int config;
86
87 struct usb_ep *notify;
88 struct usb_request *notify_req;
89 atomic_t notify_count;
90 };
91
func_to_rndis(struct usb_function * f)92 static inline struct f_rndis *func_to_rndis(struct usb_function *f)
93 {
94 return container_of(f, struct f_rndis, port.func);
95 }
96
97 /* peak (theoretical) bulk transfer rate in bits-per-second */
bitrate(struct usb_gadget * g)98 static unsigned int bitrate(struct usb_gadget *g)
99 {
100 if (gadget_is_superspeed(g) && g->speed == USB_SPEED_SUPER)
101 return 13 * 1024 * 8 * 1000 * 8;
102 else if (gadget_is_dualspeed(g) && g->speed == USB_SPEED_HIGH)
103 return 13 * 512 * 8 * 1000 * 8;
104 else
105 return 19 * 64 * 1 * 1000 * 8;
106 }
107
108 /*-------------------------------------------------------------------------*/
109
110 /*
111 */
112
113 #define RNDIS_STATUS_INTERVAL_MS 32
114 #define STATUS_BYTECOUNT 8 /* 8 bytes data */
115
116
117 /* interface descriptor: */
118
119 static struct usb_interface_descriptor rndis_control_intf = {
120 .bLength = sizeof rndis_control_intf,
121 .bDescriptorType = USB_DT_INTERFACE,
122
123 /* .bInterfaceNumber = DYNAMIC */
124 /* status endpoint is optional; this could be patched later */
125 .bNumEndpoints = 1,
126 .bInterfaceClass = USB_CLASS_COMM,
127 .bInterfaceSubClass = USB_CDC_SUBCLASS_ACM,
128 .bInterfaceProtocol = USB_CDC_ACM_PROTO_VENDOR,
129 /* .iInterface = DYNAMIC */
130 };
131
132 static struct usb_cdc_header_desc header_desc = {
133 .bLength = sizeof header_desc,
134 .bDescriptorType = USB_DT_CS_INTERFACE,
135 .bDescriptorSubType = USB_CDC_HEADER_TYPE,
136
137 .bcdCDC = cpu_to_le16(0x0110),
138 };
139
140 static struct usb_cdc_call_mgmt_descriptor call_mgmt_descriptor = {
141 .bLength = sizeof call_mgmt_descriptor,
142 .bDescriptorType = USB_DT_CS_INTERFACE,
143 .bDescriptorSubType = USB_CDC_CALL_MANAGEMENT_TYPE,
144
145 .bmCapabilities = 0x00,
146 .bDataInterface = 0x01,
147 };
148
149 static struct usb_cdc_acm_descriptor rndis_acm_descriptor = {
150 .bLength = sizeof rndis_acm_descriptor,
151 .bDescriptorType = USB_DT_CS_INTERFACE,
152 .bDescriptorSubType = USB_CDC_ACM_TYPE,
153
154 .bmCapabilities = 0x00,
155 };
156
157 static struct usb_cdc_union_desc rndis_union_desc = {
158 .bLength = sizeof(rndis_union_desc),
159 .bDescriptorType = USB_DT_CS_INTERFACE,
160 .bDescriptorSubType = USB_CDC_UNION_TYPE,
161 /* .bMasterInterface0 = DYNAMIC */
162 /* .bSlaveInterface0 = DYNAMIC */
163 };
164
165 /* the data interface has two bulk endpoints */
166
167 static struct usb_interface_descriptor rndis_data_intf = {
168 .bLength = sizeof rndis_data_intf,
169 .bDescriptorType = USB_DT_INTERFACE,
170
171 /* .bInterfaceNumber = DYNAMIC */
172 .bNumEndpoints = 2,
173 .bInterfaceClass = USB_CLASS_CDC_DATA,
174 .bInterfaceSubClass = 0,
175 .bInterfaceProtocol = 0,
176 /* .iInterface = DYNAMIC */
177 };
178
179
180 static struct usb_interface_assoc_descriptor
181 rndis_iad_descriptor = {
182 .bLength = sizeof rndis_iad_descriptor,
183 .bDescriptorType = USB_DT_INTERFACE_ASSOCIATION,
184
185 .bFirstInterface = 0, /* XXX, hardcoded */
186 .bInterfaceCount = 2, // control + data
187 .bFunctionClass = USB_CLASS_COMM,
188 .bFunctionSubClass = USB_CDC_SUBCLASS_ETHERNET,
189 .bFunctionProtocol = USB_CDC_PROTO_NONE,
190 /* .iFunction = DYNAMIC */
191 };
192
193 /* full speed support: */
194
195 static struct usb_endpoint_descriptor fs_notify_desc = {
196 .bLength = USB_DT_ENDPOINT_SIZE,
197 .bDescriptorType = USB_DT_ENDPOINT,
198
199 .bEndpointAddress = USB_DIR_IN,
200 .bmAttributes = USB_ENDPOINT_XFER_INT,
201 .wMaxPacketSize = cpu_to_le16(STATUS_BYTECOUNT),
202 .bInterval = RNDIS_STATUS_INTERVAL_MS,
203 };
204
205 static struct usb_endpoint_descriptor fs_in_desc = {
206 .bLength = USB_DT_ENDPOINT_SIZE,
207 .bDescriptorType = USB_DT_ENDPOINT,
208
209 .bEndpointAddress = USB_DIR_IN,
210 .bmAttributes = USB_ENDPOINT_XFER_BULK,
211 };
212
213 static struct usb_endpoint_descriptor fs_out_desc = {
214 .bLength = USB_DT_ENDPOINT_SIZE,
215 .bDescriptorType = USB_DT_ENDPOINT,
216
217 .bEndpointAddress = USB_DIR_OUT,
218 .bmAttributes = USB_ENDPOINT_XFER_BULK,
219 };
220
221 static struct usb_descriptor_header *eth_fs_function[] = {
222 (struct usb_descriptor_header *) &rndis_iad_descriptor,
223
224 /* control interface matches ACM, not Ethernet */
225 (struct usb_descriptor_header *) &rndis_control_intf,
226 (struct usb_descriptor_header *) &header_desc,
227 (struct usb_descriptor_header *) &call_mgmt_descriptor,
228 (struct usb_descriptor_header *) &rndis_acm_descriptor,
229 (struct usb_descriptor_header *) &rndis_union_desc,
230 (struct usb_descriptor_header *) &fs_notify_desc,
231
232 /* data interface has no altsetting */
233 (struct usb_descriptor_header *) &rndis_data_intf,
234 (struct usb_descriptor_header *) &fs_in_desc,
235 (struct usb_descriptor_header *) &fs_out_desc,
236 NULL,
237 };
238
239 /* high speed support: */
240
241 static struct usb_endpoint_descriptor hs_notify_desc = {
242 .bLength = USB_DT_ENDPOINT_SIZE,
243 .bDescriptorType = USB_DT_ENDPOINT,
244
245 .bEndpointAddress = USB_DIR_IN,
246 .bmAttributes = USB_ENDPOINT_XFER_INT,
247 .wMaxPacketSize = cpu_to_le16(STATUS_BYTECOUNT),
248 .bInterval = USB_MS_TO_HS_INTERVAL(RNDIS_STATUS_INTERVAL_MS)
249 };
250
251 static struct usb_endpoint_descriptor hs_in_desc = {
252 .bLength = USB_DT_ENDPOINT_SIZE,
253 .bDescriptorType = USB_DT_ENDPOINT,
254
255 .bEndpointAddress = USB_DIR_IN,
256 .bmAttributes = USB_ENDPOINT_XFER_BULK,
257 .wMaxPacketSize = cpu_to_le16(512),
258 };
259
260 static struct usb_endpoint_descriptor hs_out_desc = {
261 .bLength = USB_DT_ENDPOINT_SIZE,
262 .bDescriptorType = USB_DT_ENDPOINT,
263
264 .bEndpointAddress = USB_DIR_OUT,
265 .bmAttributes = USB_ENDPOINT_XFER_BULK,
266 .wMaxPacketSize = cpu_to_le16(512),
267 };
268
269 static struct usb_descriptor_header *eth_hs_function[] = {
270 (struct usb_descriptor_header *) &rndis_iad_descriptor,
271
272 /* control interface matches ACM, not Ethernet */
273 (struct usb_descriptor_header *) &rndis_control_intf,
274 (struct usb_descriptor_header *) &header_desc,
275 (struct usb_descriptor_header *) &call_mgmt_descriptor,
276 (struct usb_descriptor_header *) &rndis_acm_descriptor,
277 (struct usb_descriptor_header *) &rndis_union_desc,
278 (struct usb_descriptor_header *) &hs_notify_desc,
279
280 /* data interface has no altsetting */
281 (struct usb_descriptor_header *) &rndis_data_intf,
282 (struct usb_descriptor_header *) &hs_in_desc,
283 (struct usb_descriptor_header *) &hs_out_desc,
284 NULL,
285 };
286
287 /* super speed support: */
288
289 static struct usb_endpoint_descriptor ss_notify_desc = {
290 .bLength = USB_DT_ENDPOINT_SIZE,
291 .bDescriptorType = USB_DT_ENDPOINT,
292
293 .bEndpointAddress = USB_DIR_IN,
294 .bmAttributes = USB_ENDPOINT_XFER_INT,
295 .wMaxPacketSize = cpu_to_le16(STATUS_BYTECOUNT),
296 .bInterval = USB_MS_TO_HS_INTERVAL(RNDIS_STATUS_INTERVAL_MS)
297 };
298
299 static struct usb_ss_ep_comp_descriptor ss_intr_comp_desc = {
300 .bLength = sizeof ss_intr_comp_desc,
301 .bDescriptorType = USB_DT_SS_ENDPOINT_COMP,
302
303 /* the following 3 values can be tweaked if necessary */
304 /* .bMaxBurst = 0, */
305 /* .bmAttributes = 0, */
306 .wBytesPerInterval = cpu_to_le16(STATUS_BYTECOUNT),
307 };
308
309 static struct usb_endpoint_descriptor ss_in_desc = {
310 .bLength = USB_DT_ENDPOINT_SIZE,
311 .bDescriptorType = USB_DT_ENDPOINT,
312
313 .bEndpointAddress = USB_DIR_IN,
314 .bmAttributes = USB_ENDPOINT_XFER_BULK,
315 .wMaxPacketSize = cpu_to_le16(1024),
316 };
317
318 static struct usb_endpoint_descriptor ss_out_desc = {
319 .bLength = USB_DT_ENDPOINT_SIZE,
320 .bDescriptorType = USB_DT_ENDPOINT,
321
322 .bEndpointAddress = USB_DIR_OUT,
323 .bmAttributes = USB_ENDPOINT_XFER_BULK,
324 .wMaxPacketSize = cpu_to_le16(1024),
325 };
326
327 static struct usb_ss_ep_comp_descriptor ss_bulk_comp_desc = {
328 .bLength = sizeof ss_bulk_comp_desc,
329 .bDescriptorType = USB_DT_SS_ENDPOINT_COMP,
330
331 /* the following 2 values can be tweaked if necessary */
332 /* .bMaxBurst = 0, */
333 /* .bmAttributes = 0, */
334 };
335
336 static struct usb_descriptor_header *eth_ss_function[] = {
337 (struct usb_descriptor_header *) &rndis_iad_descriptor,
338
339 /* control interface matches ACM, not Ethernet */
340 (struct usb_descriptor_header *) &rndis_control_intf,
341 (struct usb_descriptor_header *) &header_desc,
342 (struct usb_descriptor_header *) &call_mgmt_descriptor,
343 (struct usb_descriptor_header *) &rndis_acm_descriptor,
344 (struct usb_descriptor_header *) &rndis_union_desc,
345 (struct usb_descriptor_header *) &ss_notify_desc,
346 (struct usb_descriptor_header *) &ss_intr_comp_desc,
347
348 /* data interface has no altsetting */
349 (struct usb_descriptor_header *) &rndis_data_intf,
350 (struct usb_descriptor_header *) &ss_in_desc,
351 (struct usb_descriptor_header *) &ss_bulk_comp_desc,
352 (struct usb_descriptor_header *) &ss_out_desc,
353 (struct usb_descriptor_header *) &ss_bulk_comp_desc,
354 NULL,
355 };
356
357 /* string descriptors: */
358
359 static struct usb_string rndis_string_defs[] = {
360 [0].s = "RNDIS Communications Control",
361 [1].s = "RNDIS Ethernet Data",
362 [2].s = "RNDIS",
363 { } /* end of list */
364 };
365
366 static struct usb_gadget_strings rndis_string_table = {
367 .language = 0x0409, /* en-us */
368 .strings = rndis_string_defs,
369 };
370
371 static struct usb_gadget_strings *rndis_strings[] = {
372 &rndis_string_table,
373 NULL,
374 };
375
376 /*-------------------------------------------------------------------------*/
377
rndis_add_header(struct gether * port,struct sk_buff * skb)378 static struct sk_buff *rndis_add_header(struct gether *port,
379 struct sk_buff *skb)
380 {
381 struct sk_buff *skb2;
382
383 skb2 = skb_realloc_headroom(skb, sizeof(struct rndis_packet_msg_type));
384 if (skb2)
385 rndis_add_hdr(skb2);
386
387 dev_kfree_skb_any(skb);
388 return skb2;
389 }
390
rndis_response_available(void * _rndis)391 static void rndis_response_available(void *_rndis)
392 {
393 struct f_rndis *rndis = _rndis;
394 struct usb_request *req = rndis->notify_req;
395 struct usb_composite_dev *cdev = rndis->port.func.config->cdev;
396 __le32 *data = req->buf;
397 int status;
398
399 if (atomic_inc_return(&rndis->notify_count) != 1)
400 return;
401
402 /* Send RNDIS RESPONSE_AVAILABLE notification; a
403 * USB_CDC_NOTIFY_RESPONSE_AVAILABLE "should" work too
404 *
405 * This is the only notification defined by RNDIS.
406 */
407 data[0] = cpu_to_le32(1);
408 data[1] = cpu_to_le32(0);
409
410 status = usb_ep_queue(rndis->notify, req, GFP_ATOMIC);
411 if (status) {
412 atomic_dec(&rndis->notify_count);
413 DBG(cdev, "notify/0 --> %d\n", status);
414 }
415 }
416
rndis_response_complete(struct usb_ep * ep,struct usb_request * req)417 static void rndis_response_complete(struct usb_ep *ep, struct usb_request *req)
418 {
419 struct f_rndis *rndis = req->context;
420 struct usb_composite_dev *cdev = rndis->port.func.config->cdev;
421 int status = req->status;
422
423 /* after TX:
424 * - USB_CDC_GET_ENCAPSULATED_RESPONSE (ep0/control)
425 * - RNDIS_RESPONSE_AVAILABLE (status/irq)
426 */
427 switch (status) {
428 case -ECONNRESET:
429 case -ESHUTDOWN:
430 /* connection gone */
431 atomic_set(&rndis->notify_count, 0);
432 break;
433 default:
434 DBG(cdev, "RNDIS %s response error %d, %d/%d\n",
435 ep->name, status,
436 req->actual, req->length);
437 /* FALLTHROUGH */
438 case 0:
439 if (ep != rndis->notify)
440 break;
441
442 /* handle multiple pending RNDIS_RESPONSE_AVAILABLE
443 * notifications by resending until we're done
444 */
445 if (atomic_dec_and_test(&rndis->notify_count))
446 break;
447 status = usb_ep_queue(rndis->notify, req, GFP_ATOMIC);
448 if (status) {
449 atomic_dec(&rndis->notify_count);
450 DBG(cdev, "notify/1 --> %d\n", status);
451 }
452 break;
453 }
454 }
455
rndis_command_complete(struct usb_ep * ep,struct usb_request * req)456 static void rndis_command_complete(struct usb_ep *ep, struct usb_request *req)
457 {
458 struct f_rndis *rndis = req->context;
459 int status;
460 rndis_init_msg_type *buf;
461
462 /* received RNDIS command from USB_CDC_SEND_ENCAPSULATED_COMMAND */
463 // spin_lock(&dev->lock);
464 status = rndis_msg_parser(rndis->config, (u8 *) req->buf);
465 if (status < 0)
466 pr_err("RNDIS command error %d, %d/%d\n",
467 status, req->actual, req->length);
468
469 buf = (rndis_init_msg_type *)req->buf;
470
471 if (buf->MessageType == RNDIS_MSG_INIT) {
472 if (buf->MaxTransferSize > 2048)
473 rndis->port.multi_pkt_xfer = 1;
474 else
475 rndis->port.multi_pkt_xfer = 0;
476 pr_info("%s: MaxTransferSize: %d : Multi_pkt_txr: %s\n",
477 __func__, buf->MaxTransferSize,
478 rndis->port.multi_pkt_xfer ? "enabled" :
479 "disabled");
480 if (rndis_dl_max_pkt_per_xfer <= 1)
481 rndis->port.multi_pkt_xfer = 0;
482 }
483 // spin_unlock(&dev->lock);
484 }
485
486 static int
rndis_setup(struct usb_function * f,const struct usb_ctrlrequest * ctrl)487 rndis_setup(struct usb_function *f, const struct usb_ctrlrequest *ctrl)
488 {
489 struct f_rndis *rndis = func_to_rndis(f);
490 struct usb_composite_dev *cdev = f->config->cdev;
491 struct usb_request *req = cdev->req;
492 int value = -EOPNOTSUPP;
493 u16 w_index = le16_to_cpu(ctrl->wIndex);
494 u16 w_value = le16_to_cpu(ctrl->wValue);
495 u16 w_length = le16_to_cpu(ctrl->wLength);
496
497 /* composite driver infrastructure handles everything except
498 * CDC class messages; interface activation uses set_alt().
499 */
500 switch ((ctrl->bRequestType << 8) | ctrl->bRequest) {
501
502 /* RNDIS uses the CDC command encapsulation mechanism to implement
503 * an RPC scheme, with much getting/setting of attributes by OID.
504 */
505 case ((USB_DIR_OUT | USB_TYPE_CLASS | USB_RECIP_INTERFACE) << 8)
506 | USB_CDC_SEND_ENCAPSULATED_COMMAND:
507 if (w_value || w_index != rndis->ctrl_id)
508 goto invalid;
509 /* read the request; process it later */
510 value = w_length;
511 req->complete = rndis_command_complete;
512 req->context = rndis;
513 /* later, rndis_response_available() sends a notification */
514 break;
515
516 case ((USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_INTERFACE) << 8)
517 | USB_CDC_GET_ENCAPSULATED_RESPONSE:
518 if (w_value || w_index != rndis->ctrl_id)
519 goto invalid;
520 else {
521 u8 *buf;
522 u32 n;
523
524 /* return the result */
525 buf = rndis_get_next_response(rndis->config, &n);
526 if (buf) {
527 memcpy(req->buf, buf, n);
528 req->complete = rndis_response_complete;
529 req->context = rndis;
530 rndis_free_response(rndis->config, buf);
531 value = n;
532 }
533 /* else stalls ... spec says to avoid that */
534 }
535 break;
536
537 default:
538 invalid:
539 VDBG(cdev, "invalid control req%02x.%02x v%04x i%04x l%d\n",
540 ctrl->bRequestType, ctrl->bRequest,
541 w_value, w_index, w_length);
542 }
543
544 /* respond with data transfer or status phase? */
545 if (value >= 0) {
546 DBG(cdev, "rndis req%02x.%02x v%04x i%04x l%d\n",
547 ctrl->bRequestType, ctrl->bRequest,
548 w_value, w_index, w_length);
549 req->zero = (value < w_length);
550 req->length = value;
551 value = usb_ep_queue(cdev->gadget->ep0, req, GFP_ATOMIC);
552 if (value < 0)
553 ERROR(cdev, "rndis response on err %d\n", value);
554 }
555
556 /* device either stalls (value < 0) or reports success */
557 return value;
558 }
559
560
rndis_set_alt(struct usb_function * f,unsigned intf,unsigned alt)561 static int rndis_set_alt(struct usb_function *f, unsigned intf, unsigned alt)
562 {
563 struct f_rndis *rndis = func_to_rndis(f);
564 struct usb_composite_dev *cdev = f->config->cdev;
565
566 /* we know alt == 0 */
567
568 if (intf == rndis->ctrl_id) {
569 if (rndis->notify->driver_data) {
570 VDBG(cdev, "reset rndis control %d\n", intf);
571 usb_ep_disable(rndis->notify);
572 }
573 if (!rndis->notify->desc) {
574 VDBG(cdev, "init rndis ctrl %d\n", intf);
575 if (config_ep_by_speed(cdev->gadget, f, rndis->notify))
576 goto fail;
577 }
578 usb_ep_enable(rndis->notify);
579 rndis->notify->driver_data = rndis;
580
581 } else if (intf == rndis->data_id) {
582 struct net_device *net;
583
584 if (rndis->port.in_ep->driver_data) {
585 DBG(cdev, "reset rndis\n");
586 gether_disconnect(&rndis->port);
587 }
588
589 if (!rndis->port.in_ep->desc || !rndis->port.out_ep->desc) {
590 DBG(cdev, "init rndis\n");
591 if (config_ep_by_speed(cdev->gadget, f,
592 rndis->port.in_ep) ||
593 config_ep_by_speed(cdev->gadget, f,
594 rndis->port.out_ep)) {
595 rndis->port.in_ep->desc = NULL;
596 rndis->port.out_ep->desc = NULL;
597 goto fail;
598 }
599 }
600
601 /* Avoid ZLPs; they can be troublesome. */
602 rndis->port.is_zlp_ok = false;
603
604 /* RNDIS should be in the "RNDIS uninitialized" state,
605 * either never activated or after rndis_uninit().
606 *
607 * We don't want data to flow here until a nonzero packet
608 * filter is set, at which point it enters "RNDIS data
609 * initialized" state ... but we do want the endpoints
610 * to be activated. It's a strange little state.
611 *
612 * REVISIT the RNDIS gadget code has done this wrong for a
613 * very long time. We need another call to the link layer
614 * code -- gether_updown(...bool) maybe -- to do it right.
615 */
616 rndis->port.cdc_filter = 0;
617
618 DBG(cdev, "RNDIS RX/TX early activation ... \n");
619 net = gether_connect(&rndis->port);
620 if (IS_ERR(net))
621 return PTR_ERR(net);
622
623 rndis_set_param_dev(rndis->config, net,
624 &rndis->port.cdc_filter);
625 } else
626 goto fail;
627
628 return 0;
629 fail:
630 return -EINVAL;
631 }
632
rndis_disable(struct usb_function * f)633 static void rndis_disable(struct usb_function *f)
634 {
635 struct f_rndis *rndis = func_to_rndis(f);
636 struct usb_composite_dev *cdev = f->config->cdev;
637
638 if (!rndis->notify->driver_data)
639 return;
640
641 DBG(cdev, "rndis deactivated\n");
642
643 rndis_uninit(rndis->config);
644 gether_disconnect(&rndis->port);
645
646 usb_ep_disable(rndis->notify);
647 rndis->notify->driver_data = NULL;
648 }
649
650 /*-------------------------------------------------------------------------*/
651
652 /*
653 * This isn't quite the same mechanism as CDC Ethernet, since the
654 * notification scheme passes less data, but the same set of link
655 * states must be tested. A key difference is that altsettings are
656 * not used to tell whether the link should send packets or not.
657 */
658
rndis_open(struct gether * geth)659 static void rndis_open(struct gether *geth)
660 {
661 struct f_rndis *rndis = func_to_rndis(&geth->func);
662 struct usb_composite_dev *cdev = geth->func.config->cdev;
663
664 DBG(cdev, "%s\n", __func__);
665
666 rndis_set_param_medium(rndis->config, RNDIS_MEDIUM_802_3,
667 bitrate(cdev->gadget) / 100);
668 rndis_signal_connect(rndis->config);
669 }
670
rndis_close(struct gether * geth)671 static void rndis_close(struct gether *geth)
672 {
673 struct f_rndis *rndis = func_to_rndis(&geth->func);
674
675 DBG(geth->func.config->cdev, "%s\n", __func__);
676
677 rndis_set_param_medium(rndis->config, RNDIS_MEDIUM_802_3, 0);
678 rndis_signal_disconnect(rndis->config);
679 }
680
681 /*-------------------------------------------------------------------------*/
682
683 /* ethernet function driver setup/binding */
684
685 static int
rndis_bind(struct usb_configuration * c,struct usb_function * f)686 rndis_bind(struct usb_configuration *c, struct usb_function *f)
687 {
688 struct usb_composite_dev *cdev = c->cdev;
689 struct f_rndis *rndis = func_to_rndis(f);
690 int status;
691 struct usb_ep *ep;
692
693 /* allocate instance-specific interface IDs */
694 status = usb_interface_id(c, f);
695 if (status < 0)
696 goto fail;
697 rndis->ctrl_id = status;
698 rndis_iad_descriptor.bFirstInterface = status;
699
700 rndis_control_intf.bInterfaceNumber = status;
701 rndis_union_desc.bMasterInterface0 = status;
702
703 status = usb_interface_id(c, f);
704 if (status < 0)
705 goto fail;
706 rndis->data_id = status;
707
708 rndis_data_intf.bInterfaceNumber = status;
709 rndis_union_desc.bSlaveInterface0 = status;
710
711 status = -ENODEV;
712
713 /* allocate instance-specific endpoints */
714 ep = usb_ep_autoconfig(cdev->gadget, &fs_in_desc);
715 if (!ep)
716 goto fail;
717 rndis->port.in_ep = ep;
718 ep->driver_data = cdev; /* claim */
719
720 ep = usb_ep_autoconfig(cdev->gadget, &fs_out_desc);
721 if (!ep)
722 goto fail;
723 rndis->port.out_ep = ep;
724 ep->driver_data = cdev; /* claim */
725
726 /* NOTE: a status/notification endpoint is, strictly speaking,
727 * optional. We don't treat it that way though! It's simpler,
728 * and some newer profiles don't treat it as optional.
729 */
730 ep = usb_ep_autoconfig(cdev->gadget, &fs_notify_desc);
731 if (!ep)
732 goto fail;
733 rndis->notify = ep;
734 ep->driver_data = cdev; /* claim */
735
736 status = -ENOMEM;
737
738 /* allocate notification request and buffer */
739 rndis->notify_req = usb_ep_alloc_request(ep, GFP_KERNEL);
740 if (!rndis->notify_req)
741 goto fail;
742 rndis->notify_req->buf = kmalloc(STATUS_BYTECOUNT, GFP_KERNEL);
743 if (!rndis->notify_req->buf)
744 goto fail;
745 rndis->notify_req->length = STATUS_BYTECOUNT;
746 rndis->notify_req->context = rndis;
747 rndis->notify_req->complete = rndis_response_complete;
748
749 /* support all relevant hardware speeds... we expect that when
750 * hardware is dual speed, all bulk-capable endpoints work at
751 * both speeds
752 */
753 hs_in_desc.bEndpointAddress = fs_in_desc.bEndpointAddress;
754 hs_out_desc.bEndpointAddress = fs_out_desc.bEndpointAddress;
755 hs_notify_desc.bEndpointAddress = fs_notify_desc.bEndpointAddress;
756
757 ss_in_desc.bEndpointAddress = fs_in_desc.bEndpointAddress;
758 ss_out_desc.bEndpointAddress = fs_out_desc.bEndpointAddress;
759 ss_notify_desc.bEndpointAddress = fs_notify_desc.bEndpointAddress;
760
761 status = usb_assign_descriptors(f, eth_fs_function, eth_hs_function,
762 eth_ss_function);
763 if (status)
764 goto fail;
765
766 rndis->port.open = rndis_open;
767 rndis->port.close = rndis_close;
768
769 status = rndis_register(rndis_response_available, rndis);
770 if (status < 0)
771 goto fail;
772 rndis->config = status;
773
774 rndis_set_param_medium(rndis->config, RNDIS_MEDIUM_802_3, 0);
775 rndis_set_host_mac(rndis->config, rndis->ethaddr);
776 rndis_set_max_pkt_xfer(rndis->config, rndis_ul_max_pkt_per_xfer);
777
778 if (rndis->manufacturer && rndis->vendorID &&
779 rndis_set_param_vendor(rndis->config, rndis->vendorID,
780 rndis->manufacturer))
781 goto fail;
782
783 /* NOTE: all that is done without knowing or caring about
784 * the network link ... which is unavailable to this code
785 * until we're activated via set_alt().
786 */
787
788 DBG(cdev, "RNDIS: %s speed IN/%s OUT/%s NOTIFY/%s\n",
789 gadget_is_superspeed(c->cdev->gadget) ? "super" :
790 gadget_is_dualspeed(c->cdev->gadget) ? "dual" : "full",
791 rndis->port.in_ep->name, rndis->port.out_ep->name,
792 rndis->notify->name);
793 return 0;
794
795 fail:
796 usb_free_all_descriptors(f);
797
798 if (rndis->notify_req) {
799 kfree(rndis->notify_req->buf);
800 usb_ep_free_request(rndis->notify, rndis->notify_req);
801 }
802
803 /* we might as well release our claims on endpoints */
804 if (rndis->notify)
805 rndis->notify->driver_data = NULL;
806 if (rndis->port.out_ep)
807 rndis->port.out_ep->driver_data = NULL;
808 if (rndis->port.in_ep)
809 rndis->port.in_ep->driver_data = NULL;
810
811 ERROR(cdev, "%s: can't bind, err %d\n", f->name, status);
812
813 return status;
814 }
815
816 static void
rndis_unbind(struct usb_configuration * c,struct usb_function * f)817 rndis_unbind(struct usb_configuration *c, struct usb_function *f)
818 {
819 struct f_rndis *rndis = func_to_rndis(f);
820
821 rndis_deregister(rndis->config);
822 rndis_exit();
823
824 rndis_string_defs[0].id = 0;
825 usb_free_all_descriptors(f);
826
827 kfree(rndis->notify_req->buf);
828 usb_ep_free_request(rndis->notify, rndis->notify_req);
829
830 kfree(rndis);
831 }
832
833 /* Some controllers can't support RNDIS ... */
can_support_rndis(struct usb_configuration * c)834 static inline bool can_support_rndis(struct usb_configuration *c)
835 {
836 /* everything else is *presumably* fine */
837 return true;
838 }
839
840 int
rndis_bind_config_vendor(struct usb_configuration * c,u8 ethaddr[ETH_ALEN],u32 vendorID,const char * manufacturer,struct eth_dev * dev)841 rndis_bind_config_vendor(struct usb_configuration *c, u8 ethaddr[ETH_ALEN],
842 u32 vendorID, const char *manufacturer, struct eth_dev *dev)
843 {
844 struct f_rndis *rndis;
845 int status;
846
847 if (!can_support_rndis(c) || !ethaddr)
848 return -EINVAL;
849
850 /* setup RNDIS itself */
851 status = rndis_init();
852 if (status < 0)
853 return status;
854
855 if (rndis_string_defs[0].id == 0) {
856 status = usb_string_ids_tab(c->cdev, rndis_string_defs);
857 if (status)
858 return status;
859
860 rndis_control_intf.iInterface = rndis_string_defs[0].id;
861 rndis_data_intf.iInterface = rndis_string_defs[1].id;
862 rndis_iad_descriptor.iFunction = rndis_string_defs[2].id;
863 }
864
865 /* allocate and initialize one new instance */
866 status = -ENOMEM;
867 rndis = kzalloc(sizeof *rndis, GFP_KERNEL);
868 if (!rndis)
869 goto fail;
870
871 memcpy(rndis->ethaddr, ethaddr, ETH_ALEN);
872 rndis->vendorID = vendorID;
873 rndis->manufacturer = manufacturer;
874
875 rndis->port.ioport = dev;
876 /* RNDIS activates when the host changes this filter */
877 rndis->port.cdc_filter = 0;
878
879 /* RNDIS has special (and complex) framing */
880 rndis->port.header_len = sizeof(struct rndis_packet_msg_type);
881 rndis->port.wrap = rndis_add_header;
882 rndis->port.unwrap = rndis_rm_hdr;
883 rndis->port.ul_max_pkts_per_xfer = rndis_ul_max_pkt_per_xfer;
884 rndis->port.dl_max_pkts_per_xfer = rndis_dl_max_pkt_per_xfer;
885
886 rndis->port.func.name = "rndis";
887 rndis->port.func.strings = rndis_strings;
888 /* descriptors are per-instance copies */
889 rndis->port.func.bind = rndis_bind;
890 rndis->port.func.unbind = rndis_unbind;
891 rndis->port.func.set_alt = rndis_set_alt;
892 rndis->port.func.setup = rndis_setup;
893 rndis->port.func.disable = rndis_disable;
894
895 status = usb_add_function(c, &rndis->port.func);
896 if (status) {
897 kfree(rndis);
898 fail:
899 rndis_exit();
900 }
901 return status;
902 }
903