1 /*
2 * cdc-wdm.c
3 *
4 * This driver supports USB CDC WCM Device Management.
5 *
6 * Copyright (c) 2007-2009 Oliver Neukum
7 *
8 * Some code taken from cdc-acm.c
9 *
10 * Released under the GPLv2.
11 *
12 * Many thanks to Carl Nordbeck
13 */
14 #include <linux/kernel.h>
15 #include <linux/errno.h>
16 #include <linux/ioctl.h>
17 #include <linux/slab.h>
18 #include <linux/module.h>
19 #include <linux/mutex.h>
20 #include <linux/uaccess.h>
21 #include <linux/bitops.h>
22 #include <linux/poll.h>
23 #include <linux/usb.h>
24 #include <linux/usb/cdc.h>
25 #include <asm/byteorder.h>
26 #include <asm/unaligned.h>
27 #include <linux/usb/cdc-wdm.h>
28
29 #define DRIVER_AUTHOR "Oliver Neukum"
30 #define DRIVER_DESC "USB Abstract Control Model driver for USB WCM Device Management"
31
32 static const struct usb_device_id wdm_ids[] = {
33 {
34 .match_flags = USB_DEVICE_ID_MATCH_INT_CLASS |
35 USB_DEVICE_ID_MATCH_INT_SUBCLASS,
36 .bInterfaceClass = USB_CLASS_COMM,
37 .bInterfaceSubClass = USB_CDC_SUBCLASS_DMM
38 },
39 { }
40 };
41
42 MODULE_DEVICE_TABLE (usb, wdm_ids);
43
44 #define WDM_MINOR_BASE 176
45
46
47 #define WDM_IN_USE 1
48 #define WDM_DISCONNECTING 2
49 #define WDM_RESULT 3
50 #define WDM_READ 4
51 #define WDM_INT_STALL 5
52 #define WDM_POLL_RUNNING 6
53 #define WDM_RESPONDING 7
54 #define WDM_SUSPENDING 8
55 #define WDM_RESETTING 9
56 #define WDM_OVERFLOW 10
57
58 #define WDM_MAX 16
59
60 /* CDC-WMC r1.1 requires wMaxCommand to be "at least 256 decimal (0x100)" */
61 #define WDM_DEFAULT_BUFSIZE 256
62
63 static DEFINE_MUTEX(wdm_mutex);
64 static DEFINE_SPINLOCK(wdm_device_list_lock);
65 static LIST_HEAD(wdm_device_list);
66
67 /* --- method tables --- */
68
69 struct wdm_device {
70 u8 *inbuf; /* buffer for response */
71 u8 *outbuf; /* buffer for command */
72 u8 *sbuf; /* buffer for status */
73 u8 *ubuf; /* buffer for copy to user space */
74
75 struct urb *command;
76 struct urb *response;
77 struct urb *validity;
78 struct usb_interface *intf;
79 struct usb_ctrlrequest *orq;
80 struct usb_ctrlrequest *irq;
81 spinlock_t iuspin;
82
83 unsigned long flags;
84 u16 bufsize;
85 u16 wMaxCommand;
86 u16 wMaxPacketSize;
87 __le16 inum;
88 int reslength;
89 int length;
90 int read;
91 int count;
92 dma_addr_t shandle;
93 dma_addr_t ihandle;
94 struct mutex wlock;
95 struct mutex rlock;
96 wait_queue_head_t wait;
97 struct work_struct rxwork;
98 int werr;
99 int rerr;
100 int resp_count;
101
102 struct list_head device_list;
103 int (*manage_power)(struct usb_interface *, int);
104 };
105
106 static struct usb_driver wdm_driver;
107
108 /* return intfdata if we own the interface, else look up intf in the list */
wdm_find_device(struct usb_interface * intf)109 static struct wdm_device *wdm_find_device(struct usb_interface *intf)
110 {
111 struct wdm_device *desc;
112
113 spin_lock(&wdm_device_list_lock);
114 list_for_each_entry(desc, &wdm_device_list, device_list)
115 if (desc->intf == intf)
116 goto found;
117 desc = NULL;
118 found:
119 spin_unlock(&wdm_device_list_lock);
120
121 return desc;
122 }
123
wdm_find_device_by_minor(int minor)124 static struct wdm_device *wdm_find_device_by_minor(int minor)
125 {
126 struct wdm_device *desc;
127
128 spin_lock(&wdm_device_list_lock);
129 list_for_each_entry(desc, &wdm_device_list, device_list)
130 if (desc->intf->minor == minor)
131 goto found;
132 desc = NULL;
133 found:
134 spin_unlock(&wdm_device_list_lock);
135
136 return desc;
137 }
138
139 /* --- callbacks --- */
wdm_out_callback(struct urb * urb)140 static void wdm_out_callback(struct urb *urb)
141 {
142 struct wdm_device *desc;
143 desc = urb->context;
144 spin_lock(&desc->iuspin);
145 desc->werr = urb->status;
146 spin_unlock(&desc->iuspin);
147 kfree(desc->outbuf);
148 desc->outbuf = NULL;
149 clear_bit(WDM_IN_USE, &desc->flags);
150 wake_up(&desc->wait);
151 }
152
153 /* forward declaration */
154 static int service_outstanding_interrupt(struct wdm_device *desc);
155
wdm_in_callback(struct urb * urb)156 static void wdm_in_callback(struct urb *urb)
157 {
158 struct wdm_device *desc = urb->context;
159 int status = urb->status;
160 int length = urb->actual_length;
161
162 spin_lock(&desc->iuspin);
163 clear_bit(WDM_RESPONDING, &desc->flags);
164
165 if (status) {
166 switch (status) {
167 case -ENOENT:
168 dev_dbg(&desc->intf->dev,
169 "nonzero urb status received: -ENOENT\n");
170 goto skip_error;
171 case -ECONNRESET:
172 dev_dbg(&desc->intf->dev,
173 "nonzero urb status received: -ECONNRESET\n");
174 goto skip_error;
175 case -ESHUTDOWN:
176 dev_dbg(&desc->intf->dev,
177 "nonzero urb status received: -ESHUTDOWN\n");
178 goto skip_error;
179 case -EPIPE:
180 dev_err(&desc->intf->dev,
181 "nonzero urb status received: -EPIPE\n");
182 break;
183 default:
184 dev_err(&desc->intf->dev,
185 "Unexpected error %d\n", status);
186 break;
187 }
188 }
189
190 /*
191 * only set a new error if there is no previous error.
192 * Errors are only cleared during read/open
193 * Avoid propagating -EPIPE (stall) to userspace since it is
194 * better handled as an empty read
195 */
196 if (desc->rerr == 0 && status != -EPIPE)
197 desc->rerr = status;
198
199 if (length + desc->length > desc->wMaxCommand) {
200 /* The buffer would overflow */
201 set_bit(WDM_OVERFLOW, &desc->flags);
202 } else {
203 /* we may already be in overflow */
204 if (!test_bit(WDM_OVERFLOW, &desc->flags)) {
205 memmove(desc->ubuf + desc->length, desc->inbuf, length);
206 desc->length += length;
207 desc->reslength = length;
208 }
209 }
210 skip_error:
211 set_bit(WDM_READ, &desc->flags);
212 wake_up(&desc->wait);
213
214 if (desc->rerr) {
215 /*
216 * Since there was an error, userspace may decide to not read
217 * any data after poll'ing.
218 * We should respond to further attempts from the device to send
219 * data, so that we can get unstuck.
220 */
221 service_outstanding_interrupt(desc);
222 }
223
224 spin_unlock(&desc->iuspin);
225 }
226
wdm_int_callback(struct urb * urb)227 static void wdm_int_callback(struct urb *urb)
228 {
229 int rv = 0;
230 int responding;
231 int status = urb->status;
232 struct wdm_device *desc;
233 struct usb_cdc_notification *dr;
234
235 desc = urb->context;
236 dr = (struct usb_cdc_notification *)desc->sbuf;
237
238 if (status) {
239 switch (status) {
240 case -ESHUTDOWN:
241 case -ENOENT:
242 case -ECONNRESET:
243 return; /* unplug */
244 case -EPIPE:
245 set_bit(WDM_INT_STALL, &desc->flags);
246 dev_err(&desc->intf->dev, "Stall on int endpoint\n");
247 goto sw; /* halt is cleared in work */
248 default:
249 dev_err(&desc->intf->dev,
250 "nonzero urb status received: %d\n", status);
251 break;
252 }
253 }
254
255 if (urb->actual_length < sizeof(struct usb_cdc_notification)) {
256 dev_err(&desc->intf->dev, "wdm_int_callback - %d bytes\n",
257 urb->actual_length);
258 goto exit;
259 }
260
261 switch (dr->bNotificationType) {
262 case USB_CDC_NOTIFY_RESPONSE_AVAILABLE:
263 dev_dbg(&desc->intf->dev,
264 "NOTIFY_RESPONSE_AVAILABLE received: index %d len %d\n",
265 le16_to_cpu(dr->wIndex), le16_to_cpu(dr->wLength));
266 break;
267
268 case USB_CDC_NOTIFY_NETWORK_CONNECTION:
269
270 dev_dbg(&desc->intf->dev,
271 "NOTIFY_NETWORK_CONNECTION %s network\n",
272 dr->wValue ? "connected to" : "disconnected from");
273 goto exit;
274 case USB_CDC_NOTIFY_SPEED_CHANGE:
275 dev_dbg(&desc->intf->dev, "SPEED_CHANGE received (len %u)\n",
276 urb->actual_length);
277 goto exit;
278 default:
279 clear_bit(WDM_POLL_RUNNING, &desc->flags);
280 dev_err(&desc->intf->dev,
281 "unknown notification %d received: index %d len %d\n",
282 dr->bNotificationType,
283 le16_to_cpu(dr->wIndex),
284 le16_to_cpu(dr->wLength));
285 goto exit;
286 }
287
288 spin_lock(&desc->iuspin);
289 responding = test_and_set_bit(WDM_RESPONDING, &desc->flags);
290 if (!desc->resp_count++ && !responding
291 && !test_bit(WDM_DISCONNECTING, &desc->flags)
292 && !test_bit(WDM_SUSPENDING, &desc->flags)) {
293 rv = usb_submit_urb(desc->response, GFP_ATOMIC);
294 dev_dbg(&desc->intf->dev, "submit response URB %d\n", rv);
295 }
296 spin_unlock(&desc->iuspin);
297 if (rv < 0) {
298 clear_bit(WDM_RESPONDING, &desc->flags);
299 if (rv == -EPERM)
300 return;
301 if (rv == -ENOMEM) {
302 sw:
303 rv = schedule_work(&desc->rxwork);
304 if (rv)
305 dev_err(&desc->intf->dev,
306 "Cannot schedule work\n");
307 }
308 }
309 exit:
310 rv = usb_submit_urb(urb, GFP_ATOMIC);
311 if (rv)
312 dev_err(&desc->intf->dev,
313 "%s - usb_submit_urb failed with result %d\n",
314 __func__, rv);
315
316 }
317
kill_urbs(struct wdm_device * desc)318 static void kill_urbs(struct wdm_device *desc)
319 {
320 /* the order here is essential */
321 usb_kill_urb(desc->command);
322 usb_kill_urb(desc->validity);
323 usb_kill_urb(desc->response);
324 }
325
free_urbs(struct wdm_device * desc)326 static void free_urbs(struct wdm_device *desc)
327 {
328 usb_free_urb(desc->validity);
329 usb_free_urb(desc->response);
330 usb_free_urb(desc->command);
331 }
332
cleanup(struct wdm_device * desc)333 static void cleanup(struct wdm_device *desc)
334 {
335 kfree(desc->sbuf);
336 kfree(desc->inbuf);
337 kfree(desc->orq);
338 kfree(desc->irq);
339 kfree(desc->ubuf);
340 free_urbs(desc);
341 kfree(desc);
342 }
343
wdm_write(struct file * file,const char __user * buffer,size_t count,loff_t * ppos)344 static ssize_t wdm_write
345 (struct file *file, const char __user *buffer, size_t count, loff_t *ppos)
346 {
347 u8 *buf;
348 int rv = -EMSGSIZE, r, we;
349 struct wdm_device *desc = file->private_data;
350 struct usb_ctrlrequest *req;
351
352 if (count > desc->wMaxCommand)
353 count = desc->wMaxCommand;
354
355 spin_lock_irq(&desc->iuspin);
356 we = desc->werr;
357 desc->werr = 0;
358 spin_unlock_irq(&desc->iuspin);
359 if (we < 0)
360 return usb_translate_errors(we);
361
362 buf = memdup_user(buffer, count);
363 if (IS_ERR(buf))
364 return PTR_ERR(buf);
365
366 /* concurrent writes and disconnect */
367 r = mutex_lock_interruptible(&desc->wlock);
368 rv = -ERESTARTSYS;
369 if (r)
370 goto out_free_mem;
371
372 if (test_bit(WDM_DISCONNECTING, &desc->flags)) {
373 rv = -ENODEV;
374 goto out_free_mem_lock;
375 }
376
377 r = usb_autopm_get_interface(desc->intf);
378 if (r < 0) {
379 rv = usb_translate_errors(r);
380 goto out_free_mem_lock;
381 }
382
383 if (!(file->f_flags & O_NONBLOCK))
384 r = wait_event_interruptible(desc->wait, !test_bit(WDM_IN_USE,
385 &desc->flags));
386 else
387 if (test_bit(WDM_IN_USE, &desc->flags))
388 r = -EAGAIN;
389
390 if (test_bit(WDM_RESETTING, &desc->flags))
391 r = -EIO;
392
393 if (r < 0) {
394 rv = r;
395 goto out_free_mem_pm;
396 }
397
398 req = desc->orq;
399 usb_fill_control_urb(
400 desc->command,
401 interface_to_usbdev(desc->intf),
402 /* using common endpoint 0 */
403 usb_sndctrlpipe(interface_to_usbdev(desc->intf), 0),
404 (unsigned char *)req,
405 buf,
406 count,
407 wdm_out_callback,
408 desc
409 );
410
411 req->bRequestType = (USB_DIR_OUT | USB_TYPE_CLASS |
412 USB_RECIP_INTERFACE);
413 req->bRequest = USB_CDC_SEND_ENCAPSULATED_COMMAND;
414 req->wValue = 0;
415 req->wIndex = desc->inum; /* already converted */
416 req->wLength = cpu_to_le16(count);
417 set_bit(WDM_IN_USE, &desc->flags);
418 desc->outbuf = buf;
419
420 rv = usb_submit_urb(desc->command, GFP_KERNEL);
421 if (rv < 0) {
422 desc->outbuf = NULL;
423 clear_bit(WDM_IN_USE, &desc->flags);
424 dev_err(&desc->intf->dev, "Tx URB error: %d\n", rv);
425 rv = usb_translate_errors(rv);
426 goto out_free_mem_pm;
427 } else {
428 dev_dbg(&desc->intf->dev, "Tx URB has been submitted index=%d\n",
429 le16_to_cpu(req->wIndex));
430 }
431
432 usb_autopm_put_interface(desc->intf);
433 mutex_unlock(&desc->wlock);
434 return count;
435
436 out_free_mem_pm:
437 usb_autopm_put_interface(desc->intf);
438 out_free_mem_lock:
439 mutex_unlock(&desc->wlock);
440 out_free_mem:
441 kfree(buf);
442 return rv;
443 }
444
445 /*
446 * Submit the read urb if resp_count is non-zero.
447 *
448 * Called with desc->iuspin locked
449 */
service_outstanding_interrupt(struct wdm_device * desc)450 static int service_outstanding_interrupt(struct wdm_device *desc)
451 {
452 int rv = 0;
453
454 /* submit read urb only if the device is waiting for it */
455 if (!desc->resp_count || !--desc->resp_count)
456 goto out;
457
458 set_bit(WDM_RESPONDING, &desc->flags);
459 spin_unlock_irq(&desc->iuspin);
460 rv = usb_submit_urb(desc->response, GFP_KERNEL);
461 spin_lock_irq(&desc->iuspin);
462 if (rv) {
463 dev_err(&desc->intf->dev,
464 "usb_submit_urb failed with result %d\n", rv);
465
466 /* make sure the next notification trigger a submit */
467 clear_bit(WDM_RESPONDING, &desc->flags);
468 desc->resp_count = 0;
469 }
470 out:
471 return rv;
472 }
473
wdm_read(struct file * file,char __user * buffer,size_t count,loff_t * ppos)474 static ssize_t wdm_read
475 (struct file *file, char __user *buffer, size_t count, loff_t *ppos)
476 {
477 int rv, cntr;
478 int i = 0;
479 struct wdm_device *desc = file->private_data;
480
481
482 rv = mutex_lock_interruptible(&desc->rlock); /*concurrent reads */
483 if (rv < 0)
484 return -ERESTARTSYS;
485
486 cntr = ACCESS_ONCE(desc->length);
487 if (cntr == 0) {
488 desc->read = 0;
489 retry:
490 if (test_bit(WDM_DISCONNECTING, &desc->flags)) {
491 rv = -ENODEV;
492 goto err;
493 }
494 if (test_bit(WDM_OVERFLOW, &desc->flags)) {
495 clear_bit(WDM_OVERFLOW, &desc->flags);
496 rv = -ENOBUFS;
497 goto err;
498 }
499 i++;
500 if (file->f_flags & O_NONBLOCK) {
501 if (!test_bit(WDM_READ, &desc->flags)) {
502 rv = -EAGAIN;
503 goto err;
504 }
505 rv = 0;
506 } else {
507 rv = wait_event_interruptible(desc->wait,
508 test_bit(WDM_READ, &desc->flags));
509 }
510
511 /* may have happened while we slept */
512 if (test_bit(WDM_DISCONNECTING, &desc->flags)) {
513 rv = -ENODEV;
514 goto err;
515 }
516 if (test_bit(WDM_RESETTING, &desc->flags)) {
517 rv = -EIO;
518 goto err;
519 }
520 usb_mark_last_busy(interface_to_usbdev(desc->intf));
521 if (rv < 0) {
522 rv = -ERESTARTSYS;
523 goto err;
524 }
525
526 spin_lock_irq(&desc->iuspin);
527
528 if (desc->rerr) { /* read completed, error happened */
529 rv = usb_translate_errors(desc->rerr);
530 desc->rerr = 0;
531 spin_unlock_irq(&desc->iuspin);
532 goto err;
533 }
534 /*
535 * recheck whether we've lost the race
536 * against the completion handler
537 */
538 if (!test_bit(WDM_READ, &desc->flags)) { /* lost race */
539 spin_unlock_irq(&desc->iuspin);
540 goto retry;
541 }
542
543 if (!desc->reslength) { /* zero length read */
544 dev_dbg(&desc->intf->dev, "zero length - clearing WDM_READ\n");
545 clear_bit(WDM_READ, &desc->flags);
546 rv = service_outstanding_interrupt(desc);
547 spin_unlock_irq(&desc->iuspin);
548 if (rv < 0)
549 goto err;
550 goto retry;
551 }
552 cntr = desc->length;
553 spin_unlock_irq(&desc->iuspin);
554 }
555
556 if (cntr > count)
557 cntr = count;
558 rv = copy_to_user(buffer, desc->ubuf, cntr);
559 if (rv > 0) {
560 rv = -EFAULT;
561 goto err;
562 }
563
564 spin_lock_irq(&desc->iuspin);
565
566 for (i = 0; i < desc->length - cntr; i++)
567 desc->ubuf[i] = desc->ubuf[i + cntr];
568
569 desc->length -= cntr;
570 /* in case we had outstanding data */
571 if (!desc->length) {
572 clear_bit(WDM_READ, &desc->flags);
573 service_outstanding_interrupt(desc);
574 }
575 spin_unlock_irq(&desc->iuspin);
576 rv = cntr;
577
578 err:
579 mutex_unlock(&desc->rlock);
580 return rv;
581 }
582
wdm_flush(struct file * file,fl_owner_t id)583 static int wdm_flush(struct file *file, fl_owner_t id)
584 {
585 struct wdm_device *desc = file->private_data;
586
587 wait_event(desc->wait,
588 /*
589 * needs both flags. We cannot do with one
590 * because resetting it would cause a race
591 * with write() yet we need to signal
592 * a disconnect
593 */
594 !test_bit(WDM_IN_USE, &desc->flags) ||
595 test_bit(WDM_DISCONNECTING, &desc->flags));
596
597 /* cannot dereference desc->intf if WDM_DISCONNECTING */
598 if (test_bit(WDM_DISCONNECTING, &desc->flags))
599 return -ENODEV;
600 if (desc->werr < 0)
601 dev_err(&desc->intf->dev, "Error in flush path: %d\n",
602 desc->werr);
603
604 return usb_translate_errors(desc->werr);
605 }
606
wdm_poll(struct file * file,struct poll_table_struct * wait)607 static unsigned int wdm_poll(struct file *file, struct poll_table_struct *wait)
608 {
609 struct wdm_device *desc = file->private_data;
610 unsigned long flags;
611 unsigned int mask = 0;
612
613 spin_lock_irqsave(&desc->iuspin, flags);
614 if (test_bit(WDM_DISCONNECTING, &desc->flags)) {
615 mask = POLLHUP | POLLERR;
616 spin_unlock_irqrestore(&desc->iuspin, flags);
617 goto desc_out;
618 }
619 if (test_bit(WDM_READ, &desc->flags))
620 mask = POLLIN | POLLRDNORM;
621 if (desc->rerr || desc->werr)
622 mask |= POLLERR;
623 if (!test_bit(WDM_IN_USE, &desc->flags))
624 mask |= POLLOUT | POLLWRNORM;
625 spin_unlock_irqrestore(&desc->iuspin, flags);
626
627 poll_wait(file, &desc->wait, wait);
628
629 desc_out:
630 return mask;
631 }
632
wdm_open(struct inode * inode,struct file * file)633 static int wdm_open(struct inode *inode, struct file *file)
634 {
635 int minor = iminor(inode);
636 int rv = -ENODEV;
637 struct usb_interface *intf;
638 struct wdm_device *desc;
639
640 mutex_lock(&wdm_mutex);
641 desc = wdm_find_device_by_minor(minor);
642 if (!desc)
643 goto out;
644
645 intf = desc->intf;
646 if (test_bit(WDM_DISCONNECTING, &desc->flags))
647 goto out;
648 file->private_data = desc;
649
650 rv = usb_autopm_get_interface(desc->intf);
651 if (rv < 0) {
652 dev_err(&desc->intf->dev, "Error autopm - %d\n", rv);
653 goto out;
654 }
655
656 /* using write lock to protect desc->count */
657 mutex_lock(&desc->wlock);
658 if (!desc->count++) {
659 desc->werr = 0;
660 desc->rerr = 0;
661 rv = usb_submit_urb(desc->validity, GFP_KERNEL);
662 if (rv < 0) {
663 desc->count--;
664 dev_err(&desc->intf->dev,
665 "Error submitting int urb - %d\n", rv);
666 rv = usb_translate_errors(rv);
667 }
668 } else {
669 rv = 0;
670 }
671 mutex_unlock(&desc->wlock);
672 if (desc->count == 1)
673 desc->manage_power(intf, 1);
674 usb_autopm_put_interface(desc->intf);
675 out:
676 mutex_unlock(&wdm_mutex);
677 return rv;
678 }
679
wdm_release(struct inode * inode,struct file * file)680 static int wdm_release(struct inode *inode, struct file *file)
681 {
682 struct wdm_device *desc = file->private_data;
683
684 mutex_lock(&wdm_mutex);
685
686 /* using write lock to protect desc->count */
687 mutex_lock(&desc->wlock);
688 desc->count--;
689 mutex_unlock(&desc->wlock);
690
691 if (!desc->count) {
692 if (!test_bit(WDM_DISCONNECTING, &desc->flags)) {
693 dev_dbg(&desc->intf->dev, "wdm_release: cleanup\n");
694 kill_urbs(desc);
695 spin_lock_irq(&desc->iuspin);
696 desc->resp_count = 0;
697 spin_unlock_irq(&desc->iuspin);
698 desc->manage_power(desc->intf, 0);
699 } else {
700 /* must avoid dev_printk here as desc->intf is invalid */
701 pr_debug(KBUILD_MODNAME " %s: device gone - cleaning up\n", __func__);
702 cleanup(desc);
703 }
704 }
705 mutex_unlock(&wdm_mutex);
706 return 0;
707 }
708
wdm_ioctl(struct file * file,unsigned int cmd,unsigned long arg)709 static long wdm_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
710 {
711 struct wdm_device *desc = file->private_data;
712 int rv = 0;
713
714 switch (cmd) {
715 case IOCTL_WDM_MAX_COMMAND:
716 if (copy_to_user((void __user *)arg, &desc->wMaxCommand, sizeof(desc->wMaxCommand)))
717 rv = -EFAULT;
718 break;
719 default:
720 rv = -ENOTTY;
721 }
722 return rv;
723 }
724
725 static const struct file_operations wdm_fops = {
726 .owner = THIS_MODULE,
727 .read = wdm_read,
728 .write = wdm_write,
729 .open = wdm_open,
730 .flush = wdm_flush,
731 .release = wdm_release,
732 .poll = wdm_poll,
733 .unlocked_ioctl = wdm_ioctl,
734 .compat_ioctl = wdm_ioctl,
735 .llseek = noop_llseek,
736 };
737
738 static struct usb_class_driver wdm_class = {
739 .name = "cdc-wdm%d",
740 .fops = &wdm_fops,
741 .minor_base = WDM_MINOR_BASE,
742 };
743
744 /* --- error handling --- */
wdm_rxwork(struct work_struct * work)745 static void wdm_rxwork(struct work_struct *work)
746 {
747 struct wdm_device *desc = container_of(work, struct wdm_device, rxwork);
748 unsigned long flags;
749 int rv = 0;
750 int responding;
751
752 spin_lock_irqsave(&desc->iuspin, flags);
753 if (test_bit(WDM_DISCONNECTING, &desc->flags)) {
754 spin_unlock_irqrestore(&desc->iuspin, flags);
755 } else {
756 responding = test_and_set_bit(WDM_RESPONDING, &desc->flags);
757 spin_unlock_irqrestore(&desc->iuspin, flags);
758 if (!responding)
759 rv = usb_submit_urb(desc->response, GFP_KERNEL);
760 if (rv < 0 && rv != -EPERM) {
761 spin_lock_irqsave(&desc->iuspin, flags);
762 clear_bit(WDM_RESPONDING, &desc->flags);
763 if (!test_bit(WDM_DISCONNECTING, &desc->flags))
764 schedule_work(&desc->rxwork);
765 spin_unlock_irqrestore(&desc->iuspin, flags);
766 }
767 }
768 }
769
770 /* --- hotplug --- */
771
wdm_create(struct usb_interface * intf,struct usb_endpoint_descriptor * ep,u16 bufsize,int (* manage_power)(struct usb_interface *,int))772 static int wdm_create(struct usb_interface *intf, struct usb_endpoint_descriptor *ep,
773 u16 bufsize, int (*manage_power)(struct usb_interface *, int))
774 {
775 int rv = -ENOMEM;
776 struct wdm_device *desc;
777
778 desc = kzalloc(sizeof(struct wdm_device), GFP_KERNEL);
779 if (!desc)
780 goto out;
781 INIT_LIST_HEAD(&desc->device_list);
782 mutex_init(&desc->rlock);
783 mutex_init(&desc->wlock);
784 spin_lock_init(&desc->iuspin);
785 init_waitqueue_head(&desc->wait);
786 desc->wMaxCommand = bufsize;
787 /* this will be expanded and needed in hardware endianness */
788 desc->inum = cpu_to_le16((u16)intf->cur_altsetting->desc.bInterfaceNumber);
789 desc->intf = intf;
790 INIT_WORK(&desc->rxwork, wdm_rxwork);
791
792 rv = -EINVAL;
793 if (!usb_endpoint_is_int_in(ep))
794 goto err;
795
796 desc->wMaxPacketSize = usb_endpoint_maxp(ep);
797
798 desc->orq = kmalloc(sizeof(struct usb_ctrlrequest), GFP_KERNEL);
799 if (!desc->orq)
800 goto err;
801 desc->irq = kmalloc(sizeof(struct usb_ctrlrequest), GFP_KERNEL);
802 if (!desc->irq)
803 goto err;
804
805 desc->validity = usb_alloc_urb(0, GFP_KERNEL);
806 if (!desc->validity)
807 goto err;
808
809 desc->response = usb_alloc_urb(0, GFP_KERNEL);
810 if (!desc->response)
811 goto err;
812
813 desc->command = usb_alloc_urb(0, GFP_KERNEL);
814 if (!desc->command)
815 goto err;
816
817 desc->ubuf = kmalloc(desc->wMaxCommand, GFP_KERNEL);
818 if (!desc->ubuf)
819 goto err;
820
821 desc->sbuf = kmalloc(desc->wMaxPacketSize, GFP_KERNEL);
822 if (!desc->sbuf)
823 goto err;
824
825 desc->inbuf = kmalloc(desc->wMaxCommand, GFP_KERNEL);
826 if (!desc->inbuf)
827 goto err;
828
829 usb_fill_int_urb(
830 desc->validity,
831 interface_to_usbdev(intf),
832 usb_rcvintpipe(interface_to_usbdev(intf), ep->bEndpointAddress),
833 desc->sbuf,
834 desc->wMaxPacketSize,
835 wdm_int_callback,
836 desc,
837 ep->bInterval
838 );
839
840 desc->irq->bRequestType = (USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_INTERFACE);
841 desc->irq->bRequest = USB_CDC_GET_ENCAPSULATED_RESPONSE;
842 desc->irq->wValue = 0;
843 desc->irq->wIndex = desc->inum; /* already converted */
844 desc->irq->wLength = cpu_to_le16(desc->wMaxCommand);
845
846 usb_fill_control_urb(
847 desc->response,
848 interface_to_usbdev(intf),
849 /* using common endpoint 0 */
850 usb_rcvctrlpipe(interface_to_usbdev(desc->intf), 0),
851 (unsigned char *)desc->irq,
852 desc->inbuf,
853 desc->wMaxCommand,
854 wdm_in_callback,
855 desc
856 );
857
858 desc->manage_power = manage_power;
859
860 spin_lock(&wdm_device_list_lock);
861 list_add(&desc->device_list, &wdm_device_list);
862 spin_unlock(&wdm_device_list_lock);
863
864 rv = usb_register_dev(intf, &wdm_class);
865 if (rv < 0)
866 goto err;
867 else
868 dev_info(&intf->dev, "%s: USB WDM device\n", dev_name(intf->usb_dev));
869 out:
870 return rv;
871 err:
872 spin_lock(&wdm_device_list_lock);
873 list_del(&desc->device_list);
874 spin_unlock(&wdm_device_list_lock);
875 cleanup(desc);
876 return rv;
877 }
878
wdm_manage_power(struct usb_interface * intf,int on)879 static int wdm_manage_power(struct usb_interface *intf, int on)
880 {
881 /* need autopm_get/put here to ensure the usbcore sees the new value */
882 int rv = usb_autopm_get_interface(intf);
883
884 intf->needs_remote_wakeup = on;
885 if (!rv)
886 usb_autopm_put_interface(intf);
887 return 0;
888 }
889
wdm_probe(struct usb_interface * intf,const struct usb_device_id * id)890 static int wdm_probe(struct usb_interface *intf, const struct usb_device_id *id)
891 {
892 int rv = -EINVAL;
893 struct usb_host_interface *iface;
894 struct usb_endpoint_descriptor *ep;
895 struct usb_cdc_parsed_header hdr;
896 u8 *buffer = intf->altsetting->extra;
897 int buflen = intf->altsetting->extralen;
898 u16 maxcom = WDM_DEFAULT_BUFSIZE;
899
900 if (!buffer)
901 goto err;
902
903 cdc_parse_cdc_header(&hdr, intf, buffer, buflen);
904
905 if (hdr.usb_cdc_dmm_desc)
906 maxcom = le16_to_cpu(hdr.usb_cdc_dmm_desc->wMaxCommand);
907
908 iface = intf->cur_altsetting;
909 if (iface->desc.bNumEndpoints != 1)
910 goto err;
911 ep = &iface->endpoint[0].desc;
912
913 rv = wdm_create(intf, ep, maxcom, &wdm_manage_power);
914
915 err:
916 return rv;
917 }
918
919 /**
920 * usb_cdc_wdm_register - register a WDM subdriver
921 * @intf: usb interface the subdriver will associate with
922 * @ep: interrupt endpoint to monitor for notifications
923 * @bufsize: maximum message size to support for read/write
924 *
925 * Create WDM usb class character device and associate it with intf
926 * without binding, allowing another driver to manage the interface.
927 *
928 * The subdriver will manage the given interrupt endpoint exclusively
929 * and will issue control requests referring to the given intf. It
930 * will otherwise avoid interferring, and in particular not do
931 * usb_set_intfdata/usb_get_intfdata on intf.
932 *
933 * The return value is a pointer to the subdriver's struct usb_driver.
934 * The registering driver is responsible for calling this subdriver's
935 * disconnect, suspend, resume, pre_reset and post_reset methods from
936 * its own.
937 */
usb_cdc_wdm_register(struct usb_interface * intf,struct usb_endpoint_descriptor * ep,int bufsize,int (* manage_power)(struct usb_interface *,int))938 struct usb_driver *usb_cdc_wdm_register(struct usb_interface *intf,
939 struct usb_endpoint_descriptor *ep,
940 int bufsize,
941 int (*manage_power)(struct usb_interface *, int))
942 {
943 int rv = -EINVAL;
944
945 rv = wdm_create(intf, ep, bufsize, manage_power);
946 if (rv < 0)
947 goto err;
948
949 return &wdm_driver;
950 err:
951 return ERR_PTR(rv);
952 }
953 EXPORT_SYMBOL(usb_cdc_wdm_register);
954
wdm_disconnect(struct usb_interface * intf)955 static void wdm_disconnect(struct usb_interface *intf)
956 {
957 struct wdm_device *desc;
958 unsigned long flags;
959
960 usb_deregister_dev(intf, &wdm_class);
961 desc = wdm_find_device(intf);
962 mutex_lock(&wdm_mutex);
963
964 /* the spinlock makes sure no new urbs are generated in the callbacks */
965 spin_lock_irqsave(&desc->iuspin, flags);
966 set_bit(WDM_DISCONNECTING, &desc->flags);
967 set_bit(WDM_READ, &desc->flags);
968 spin_unlock_irqrestore(&desc->iuspin, flags);
969 wake_up_all(&desc->wait);
970 mutex_lock(&desc->rlock);
971 mutex_lock(&desc->wlock);
972 kill_urbs(desc);
973 cancel_work_sync(&desc->rxwork);
974 mutex_unlock(&desc->wlock);
975 mutex_unlock(&desc->rlock);
976
977 /* the desc->intf pointer used as list key is now invalid */
978 spin_lock(&wdm_device_list_lock);
979 list_del(&desc->device_list);
980 spin_unlock(&wdm_device_list_lock);
981
982 if (!desc->count)
983 cleanup(desc);
984 else
985 dev_dbg(&intf->dev, "%d open files - postponing cleanup\n", desc->count);
986 mutex_unlock(&wdm_mutex);
987 }
988
989 #ifdef CONFIG_PM
wdm_suspend(struct usb_interface * intf,pm_message_t message)990 static int wdm_suspend(struct usb_interface *intf, pm_message_t message)
991 {
992 struct wdm_device *desc = wdm_find_device(intf);
993 int rv = 0;
994
995 dev_dbg(&desc->intf->dev, "wdm%d_suspend\n", intf->minor);
996
997 /* if this is an autosuspend the caller does the locking */
998 if (!PMSG_IS_AUTO(message)) {
999 mutex_lock(&desc->rlock);
1000 mutex_lock(&desc->wlock);
1001 }
1002 spin_lock_irq(&desc->iuspin);
1003
1004 if (PMSG_IS_AUTO(message) &&
1005 (test_bit(WDM_IN_USE, &desc->flags)
1006 || test_bit(WDM_RESPONDING, &desc->flags))) {
1007 spin_unlock_irq(&desc->iuspin);
1008 rv = -EBUSY;
1009 } else {
1010
1011 set_bit(WDM_SUSPENDING, &desc->flags);
1012 spin_unlock_irq(&desc->iuspin);
1013 /* callback submits work - order is essential */
1014 kill_urbs(desc);
1015 cancel_work_sync(&desc->rxwork);
1016 }
1017 if (!PMSG_IS_AUTO(message)) {
1018 mutex_unlock(&desc->wlock);
1019 mutex_unlock(&desc->rlock);
1020 }
1021
1022 return rv;
1023 }
1024 #endif
1025
recover_from_urb_loss(struct wdm_device * desc)1026 static int recover_from_urb_loss(struct wdm_device *desc)
1027 {
1028 int rv = 0;
1029
1030 if (desc->count) {
1031 rv = usb_submit_urb(desc->validity, GFP_NOIO);
1032 if (rv < 0)
1033 dev_err(&desc->intf->dev,
1034 "Error resume submitting int urb - %d\n", rv);
1035 }
1036 return rv;
1037 }
1038
1039 #ifdef CONFIG_PM
wdm_resume(struct usb_interface * intf)1040 static int wdm_resume(struct usb_interface *intf)
1041 {
1042 struct wdm_device *desc = wdm_find_device(intf);
1043 int rv;
1044
1045 dev_dbg(&desc->intf->dev, "wdm%d_resume\n", intf->minor);
1046
1047 clear_bit(WDM_SUSPENDING, &desc->flags);
1048 rv = recover_from_urb_loss(desc);
1049
1050 return rv;
1051 }
1052 #endif
1053
wdm_pre_reset(struct usb_interface * intf)1054 static int wdm_pre_reset(struct usb_interface *intf)
1055 {
1056 struct wdm_device *desc = wdm_find_device(intf);
1057
1058 /*
1059 * we notify everybody using poll of
1060 * an exceptional situation
1061 * must be done before recovery lest a spontaneous
1062 * message from the device is lost
1063 */
1064 spin_lock_irq(&desc->iuspin);
1065 set_bit(WDM_RESETTING, &desc->flags); /* inform read/write */
1066 set_bit(WDM_READ, &desc->flags); /* unblock read */
1067 clear_bit(WDM_IN_USE, &desc->flags); /* unblock write */
1068 desc->rerr = -EINTR;
1069 spin_unlock_irq(&desc->iuspin);
1070 wake_up_all(&desc->wait);
1071 mutex_lock(&desc->rlock);
1072 mutex_lock(&desc->wlock);
1073 kill_urbs(desc);
1074 cancel_work_sync(&desc->rxwork);
1075 return 0;
1076 }
1077
wdm_post_reset(struct usb_interface * intf)1078 static int wdm_post_reset(struct usb_interface *intf)
1079 {
1080 struct wdm_device *desc = wdm_find_device(intf);
1081 int rv;
1082
1083 clear_bit(WDM_OVERFLOW, &desc->flags);
1084 clear_bit(WDM_RESETTING, &desc->flags);
1085 rv = recover_from_urb_loss(desc);
1086 mutex_unlock(&desc->wlock);
1087 mutex_unlock(&desc->rlock);
1088 return rv;
1089 }
1090
1091 static struct usb_driver wdm_driver = {
1092 .name = "cdc_wdm",
1093 .probe = wdm_probe,
1094 .disconnect = wdm_disconnect,
1095 #ifdef CONFIG_PM
1096 .suspend = wdm_suspend,
1097 .resume = wdm_resume,
1098 .reset_resume = wdm_resume,
1099 #endif
1100 .pre_reset = wdm_pre_reset,
1101 .post_reset = wdm_post_reset,
1102 .id_table = wdm_ids,
1103 .supports_autosuspend = 1,
1104 .disable_hub_initiated_lpm = 1,
1105 };
1106
1107 module_usb_driver(wdm_driver);
1108
1109 MODULE_AUTHOR(DRIVER_AUTHOR);
1110 MODULE_DESCRIPTION(DRIVER_DESC);
1111 MODULE_LICENSE("GPL");
1112