1 /*
2 * f_ncm.c -- USB CDC Network (NCM) link function driver
3 *
4 * Copyright (C) 2010 Nokia Corporation
5 * Contact: Yauheni Kaliuta <yauheni.kaliuta@nokia.com>
6 *
7 * The driver borrows from f_ecm.c which is:
8 *
9 * Copyright (C) 2003-2005,2008 David Brownell
10 * Copyright (C) 2008 Nokia Corporation
11 *
12 * This program is free software; you can redistribute it and/or modify
13 * it under the terms of the GNU General Public License as published by
14 * the Free Software Foundation; either version 2 of the License, or
15 * (at your option) any later version.
16 */
17
18 #include <linux/kernel.h>
19 #include <linux/module.h>
20 #include <linux/device.h>
21 #include <linux/etherdevice.h>
22 #include <linux/crc32.h>
23
24 #include <linux/usb/cdc.h>
25
26 #include "u_ether.h"
27 #include "u_ether_configfs.h"
28 #include "u_ncm.h"
29
30 /*
31 * This function is a "CDC Network Control Model" (CDC NCM) Ethernet link.
32 * NCM is intended to be used with high-speed network attachments.
33 *
34 * Note that NCM requires the use of "alternate settings" for its data
35 * interface. This means that the set_alt() method has real work to do,
36 * and also means that a get_alt() method is required.
37 */
38
39 /* to trigger crc/non-crc ndp signature */
40
41 #define NCM_NDP_HDR_CRC_MASK 0x01000000
42 #define NCM_NDP_HDR_CRC 0x01000000
43 #define NCM_NDP_HDR_NOCRC 0x00000000
44
45 enum ncm_notify_state {
46 NCM_NOTIFY_NONE, /* don't notify */
47 NCM_NOTIFY_CONNECT, /* issue CONNECT next */
48 NCM_NOTIFY_SPEED, /* issue SPEED_CHANGE next */
49 };
50
51 struct f_ncm {
52 struct gether port;
53 u8 ctrl_id, data_id;
54
55 char ethaddr[14];
56
57 struct usb_ep *notify;
58 struct usb_request *notify_req;
59 u8 notify_state;
60 atomic_t notify_count;
61 bool is_open;
62
63 const struct ndp_parser_opts *parser_opts;
64 bool is_crc;
65 u32 ndp_sign;
66
67 /*
68 * for notification, it is accessed from both
69 * callback and ethernet open/close
70 */
71 spinlock_t lock;
72
73 struct net_device *netdev;
74
75 /* For multi-frame NDP TX */
76 struct sk_buff *skb_tx_data;
77 struct sk_buff *skb_tx_ndp;
78 u16 ndp_dgram_count;
79 bool timer_force_tx;
80 struct tasklet_struct tx_tasklet;
81 struct hrtimer task_timer;
82
83 bool timer_stopping;
84 };
85
func_to_ncm(struct usb_function * f)86 static inline struct f_ncm *func_to_ncm(struct usb_function *f)
87 {
88 return container_of(f, struct f_ncm, port.func);
89 }
90
91 /* peak (theoretical) bulk transfer rate in bits-per-second */
ncm_bitrate(struct usb_gadget * g)92 static inline unsigned ncm_bitrate(struct usb_gadget *g)
93 {
94 if (gadget_is_dualspeed(g) && g->speed == USB_SPEED_HIGH)
95 return 13 * 512 * 8 * 1000 * 8;
96 else
97 return 19 * 64 * 1 * 1000 * 8;
98 }
99
100 /*-------------------------------------------------------------------------*/
101
102 /*
103 * We cannot group frames so use just the minimal size which ok to put
104 * one max-size ethernet frame.
105 * If the host can group frames, allow it to do that, 16K is selected,
106 * because it's used by default by the current linux host driver
107 */
108 #define NTB_DEFAULT_IN_SIZE 16384
109 #define NTB_OUT_SIZE 16384
110
111 /* Allocation for storing the NDP, 32 should suffice for a
112 * 16k packet. This allows a maximum of 32 * 507 Byte packets to
113 * be transmitted in a single 16kB skb, though when sending full size
114 * packets this limit will be plenty.
115 * Smaller packets are not likely to be trying to maximize the
116 * throughput and will be mstly sending smaller infrequent frames.
117 */
118 #define TX_MAX_NUM_DPE 32
119
120 /* Delay for the transmit to wait before sending an unfilled NTB frame. */
121 #define TX_TIMEOUT_NSECS 300000
122
123 #define FORMATS_SUPPORTED (USB_CDC_NCM_NTB16_SUPPORTED | \
124 USB_CDC_NCM_NTB32_SUPPORTED)
125
126 static struct usb_cdc_ncm_ntb_parameters ntb_parameters = {
127 .wLength = cpu_to_le16(sizeof(ntb_parameters)),
128 .bmNtbFormatsSupported = cpu_to_le16(FORMATS_SUPPORTED),
129 .dwNtbInMaxSize = cpu_to_le32(NTB_DEFAULT_IN_SIZE),
130 .wNdpInDivisor = cpu_to_le16(4),
131 .wNdpInPayloadRemainder = cpu_to_le16(0),
132 .wNdpInAlignment = cpu_to_le16(4),
133
134 .dwNtbOutMaxSize = cpu_to_le32(NTB_OUT_SIZE),
135 .wNdpOutDivisor = cpu_to_le16(4),
136 .wNdpOutPayloadRemainder = cpu_to_le16(0),
137 .wNdpOutAlignment = cpu_to_le16(4),
138 };
139
140 /*
141 * Use wMaxPacketSize big enough to fit CDC_NOTIFY_SPEED_CHANGE in one
142 * packet, to simplify cancellation; and a big transfer interval, to
143 * waste less bandwidth.
144 */
145
146 #define NCM_STATUS_INTERVAL_MS 32
147 #define NCM_STATUS_BYTECOUNT 16 /* 8 byte header + data */
148
149 static struct usb_interface_assoc_descriptor ncm_iad_desc = {
150 .bLength = sizeof ncm_iad_desc,
151 .bDescriptorType = USB_DT_INTERFACE_ASSOCIATION,
152
153 /* .bFirstInterface = DYNAMIC, */
154 .bInterfaceCount = 2, /* control + data */
155 .bFunctionClass = USB_CLASS_COMM,
156 .bFunctionSubClass = USB_CDC_SUBCLASS_NCM,
157 .bFunctionProtocol = USB_CDC_PROTO_NONE,
158 /* .iFunction = DYNAMIC */
159 };
160
161 /* interface descriptor: */
162
163 static struct usb_interface_descriptor ncm_control_intf = {
164 .bLength = sizeof ncm_control_intf,
165 .bDescriptorType = USB_DT_INTERFACE,
166
167 /* .bInterfaceNumber = DYNAMIC */
168 .bNumEndpoints = 1,
169 .bInterfaceClass = USB_CLASS_COMM,
170 .bInterfaceSubClass = USB_CDC_SUBCLASS_NCM,
171 .bInterfaceProtocol = USB_CDC_PROTO_NONE,
172 /* .iInterface = DYNAMIC */
173 };
174
175 static struct usb_cdc_header_desc ncm_header_desc = {
176 .bLength = sizeof ncm_header_desc,
177 .bDescriptorType = USB_DT_CS_INTERFACE,
178 .bDescriptorSubType = USB_CDC_HEADER_TYPE,
179
180 .bcdCDC = cpu_to_le16(0x0110),
181 };
182
183 static struct usb_cdc_union_desc ncm_union_desc = {
184 .bLength = sizeof(ncm_union_desc),
185 .bDescriptorType = USB_DT_CS_INTERFACE,
186 .bDescriptorSubType = USB_CDC_UNION_TYPE,
187 /* .bMasterInterface0 = DYNAMIC */
188 /* .bSlaveInterface0 = DYNAMIC */
189 };
190
191 static struct usb_cdc_ether_desc ecm_desc = {
192 .bLength = sizeof ecm_desc,
193 .bDescriptorType = USB_DT_CS_INTERFACE,
194 .bDescriptorSubType = USB_CDC_ETHERNET_TYPE,
195
196 /* this descriptor actually adds value, surprise! */
197 /* .iMACAddress = DYNAMIC */
198 .bmEthernetStatistics = cpu_to_le32(0), /* no statistics */
199 .wMaxSegmentSize = cpu_to_le16(ETH_FRAME_LEN),
200 .wNumberMCFilters = cpu_to_le16(0),
201 .bNumberPowerFilters = 0,
202 };
203
204 #define NCAPS (USB_CDC_NCM_NCAP_ETH_FILTER | USB_CDC_NCM_NCAP_CRC_MODE)
205
206 static struct usb_cdc_ncm_desc ncm_desc = {
207 .bLength = sizeof ncm_desc,
208 .bDescriptorType = USB_DT_CS_INTERFACE,
209 .bDescriptorSubType = USB_CDC_NCM_TYPE,
210
211 .bcdNcmVersion = cpu_to_le16(0x0100),
212 /* can process SetEthernetPacketFilter */
213 .bmNetworkCapabilities = NCAPS,
214 };
215
216 /* the default data interface has no endpoints ... */
217
218 static struct usb_interface_descriptor ncm_data_nop_intf = {
219 .bLength = sizeof ncm_data_nop_intf,
220 .bDescriptorType = USB_DT_INTERFACE,
221
222 .bInterfaceNumber = 1,
223 .bAlternateSetting = 0,
224 .bNumEndpoints = 0,
225 .bInterfaceClass = USB_CLASS_CDC_DATA,
226 .bInterfaceSubClass = 0,
227 .bInterfaceProtocol = USB_CDC_NCM_PROTO_NTB,
228 /* .iInterface = DYNAMIC */
229 };
230
231 /* ... but the "real" data interface has two bulk endpoints */
232
233 static struct usb_interface_descriptor ncm_data_intf = {
234 .bLength = sizeof ncm_data_intf,
235 .bDescriptorType = USB_DT_INTERFACE,
236
237 .bInterfaceNumber = 1,
238 .bAlternateSetting = 1,
239 .bNumEndpoints = 2,
240 .bInterfaceClass = USB_CLASS_CDC_DATA,
241 .bInterfaceSubClass = 0,
242 .bInterfaceProtocol = USB_CDC_NCM_PROTO_NTB,
243 /* .iInterface = DYNAMIC */
244 };
245
246 /* full speed support: */
247
248 static struct usb_endpoint_descriptor fs_ncm_notify_desc = {
249 .bLength = USB_DT_ENDPOINT_SIZE,
250 .bDescriptorType = USB_DT_ENDPOINT,
251
252 .bEndpointAddress = USB_DIR_IN,
253 .bmAttributes = USB_ENDPOINT_XFER_INT,
254 .wMaxPacketSize = cpu_to_le16(NCM_STATUS_BYTECOUNT),
255 .bInterval = NCM_STATUS_INTERVAL_MS,
256 };
257
258 static struct usb_endpoint_descriptor fs_ncm_in_desc = {
259 .bLength = USB_DT_ENDPOINT_SIZE,
260 .bDescriptorType = USB_DT_ENDPOINT,
261
262 .bEndpointAddress = USB_DIR_IN,
263 .bmAttributes = USB_ENDPOINT_XFER_BULK,
264 };
265
266 static struct usb_endpoint_descriptor fs_ncm_out_desc = {
267 .bLength = USB_DT_ENDPOINT_SIZE,
268 .bDescriptorType = USB_DT_ENDPOINT,
269
270 .bEndpointAddress = USB_DIR_OUT,
271 .bmAttributes = USB_ENDPOINT_XFER_BULK,
272 };
273
274 static struct usb_descriptor_header *ncm_fs_function[] = {
275 (struct usb_descriptor_header *) &ncm_iad_desc,
276 /* CDC NCM control descriptors */
277 (struct usb_descriptor_header *) &ncm_control_intf,
278 (struct usb_descriptor_header *) &ncm_header_desc,
279 (struct usb_descriptor_header *) &ncm_union_desc,
280 (struct usb_descriptor_header *) &ecm_desc,
281 (struct usb_descriptor_header *) &ncm_desc,
282 (struct usb_descriptor_header *) &fs_ncm_notify_desc,
283 /* data interface, altsettings 0 and 1 */
284 (struct usb_descriptor_header *) &ncm_data_nop_intf,
285 (struct usb_descriptor_header *) &ncm_data_intf,
286 (struct usb_descriptor_header *) &fs_ncm_in_desc,
287 (struct usb_descriptor_header *) &fs_ncm_out_desc,
288 NULL,
289 };
290
291 /* high speed support: */
292
293 static struct usb_endpoint_descriptor hs_ncm_notify_desc = {
294 .bLength = USB_DT_ENDPOINT_SIZE,
295 .bDescriptorType = USB_DT_ENDPOINT,
296
297 .bEndpointAddress = USB_DIR_IN,
298 .bmAttributes = USB_ENDPOINT_XFER_INT,
299 .wMaxPacketSize = cpu_to_le16(NCM_STATUS_BYTECOUNT),
300 .bInterval = USB_MS_TO_HS_INTERVAL(NCM_STATUS_INTERVAL_MS),
301 };
302 static struct usb_endpoint_descriptor hs_ncm_in_desc = {
303 .bLength = USB_DT_ENDPOINT_SIZE,
304 .bDescriptorType = USB_DT_ENDPOINT,
305
306 .bEndpointAddress = USB_DIR_IN,
307 .bmAttributes = USB_ENDPOINT_XFER_BULK,
308 .wMaxPacketSize = cpu_to_le16(512),
309 };
310
311 static struct usb_endpoint_descriptor hs_ncm_out_desc = {
312 .bLength = USB_DT_ENDPOINT_SIZE,
313 .bDescriptorType = USB_DT_ENDPOINT,
314
315 .bEndpointAddress = USB_DIR_OUT,
316 .bmAttributes = USB_ENDPOINT_XFER_BULK,
317 .wMaxPacketSize = cpu_to_le16(512),
318 };
319
320 static struct usb_descriptor_header *ncm_hs_function[] = {
321 (struct usb_descriptor_header *) &ncm_iad_desc,
322 /* CDC NCM control descriptors */
323 (struct usb_descriptor_header *) &ncm_control_intf,
324 (struct usb_descriptor_header *) &ncm_header_desc,
325 (struct usb_descriptor_header *) &ncm_union_desc,
326 (struct usb_descriptor_header *) &ecm_desc,
327 (struct usb_descriptor_header *) &ncm_desc,
328 (struct usb_descriptor_header *) &hs_ncm_notify_desc,
329 /* data interface, altsettings 0 and 1 */
330 (struct usb_descriptor_header *) &ncm_data_nop_intf,
331 (struct usb_descriptor_header *) &ncm_data_intf,
332 (struct usb_descriptor_header *) &hs_ncm_in_desc,
333 (struct usb_descriptor_header *) &hs_ncm_out_desc,
334 NULL,
335 };
336
337 /* string descriptors: */
338
339 #define STRING_CTRL_IDX 0
340 #define STRING_MAC_IDX 1
341 #define STRING_DATA_IDX 2
342 #define STRING_IAD_IDX 3
343
344 static struct usb_string ncm_string_defs[] = {
345 [STRING_CTRL_IDX].s = "CDC Network Control Model (NCM)",
346 [STRING_MAC_IDX].s = "",
347 [STRING_DATA_IDX].s = "CDC Network Data",
348 [STRING_IAD_IDX].s = "CDC NCM",
349 { } /* end of list */
350 };
351
352 static struct usb_gadget_strings ncm_string_table = {
353 .language = 0x0409, /* en-us */
354 .strings = ncm_string_defs,
355 };
356
357 static struct usb_gadget_strings *ncm_strings[] = {
358 &ncm_string_table,
359 NULL,
360 };
361
362 /*
363 * Here are options for NCM Datagram Pointer table (NDP) parser.
364 * There are 2 different formats: NDP16 and NDP32 in the spec (ch. 3),
365 * in NDP16 offsets and sizes fields are 1 16bit word wide,
366 * in NDP32 -- 2 16bit words wide. Also signatures are different.
367 * To make the parser code the same, put the differences in the structure,
368 * and switch pointers to the structures when the format is changed.
369 */
370
371 struct ndp_parser_opts {
372 u32 nth_sign;
373 u32 ndp_sign;
374 unsigned nth_size;
375 unsigned ndp_size;
376 unsigned dpe_size;
377 unsigned ndplen_align;
378 /* sizes in u16 units */
379 unsigned dgram_item_len; /* index or length */
380 unsigned block_length;
381 unsigned ndp_index;
382 unsigned reserved1;
383 unsigned reserved2;
384 unsigned next_ndp_index;
385 };
386
387 #define INIT_NDP16_OPTS { \
388 .nth_sign = USB_CDC_NCM_NTH16_SIGN, \
389 .ndp_sign = USB_CDC_NCM_NDP16_NOCRC_SIGN, \
390 .nth_size = sizeof(struct usb_cdc_ncm_nth16), \
391 .ndp_size = sizeof(struct usb_cdc_ncm_ndp16), \
392 .dpe_size = sizeof(struct usb_cdc_ncm_dpe16), \
393 .ndplen_align = 4, \
394 .dgram_item_len = 1, \
395 .block_length = 1, \
396 .ndp_index = 1, \
397 .reserved1 = 0, \
398 .reserved2 = 0, \
399 .next_ndp_index = 1, \
400 }
401
402
403 #define INIT_NDP32_OPTS { \
404 .nth_sign = USB_CDC_NCM_NTH32_SIGN, \
405 .ndp_sign = USB_CDC_NCM_NDP32_NOCRC_SIGN, \
406 .nth_size = sizeof(struct usb_cdc_ncm_nth32), \
407 .ndp_size = sizeof(struct usb_cdc_ncm_ndp32), \
408 .dpe_size = sizeof(struct usb_cdc_ncm_dpe32), \
409 .ndplen_align = 8, \
410 .dgram_item_len = 2, \
411 .block_length = 2, \
412 .ndp_index = 2, \
413 .reserved1 = 1, \
414 .reserved2 = 2, \
415 .next_ndp_index = 2, \
416 }
417
418 static const struct ndp_parser_opts ndp16_opts = INIT_NDP16_OPTS;
419 static const struct ndp_parser_opts ndp32_opts = INIT_NDP32_OPTS;
420
put_ncm(__le16 ** p,unsigned size,unsigned val)421 static inline void put_ncm(__le16 **p, unsigned size, unsigned val)
422 {
423 switch (size) {
424 case 1:
425 put_unaligned_le16((u16)val, *p);
426 break;
427 case 2:
428 put_unaligned_le32((u32)val, *p);
429
430 break;
431 default:
432 BUG();
433 }
434
435 *p += size;
436 }
437
get_ncm(__le16 ** p,unsigned size)438 static inline unsigned get_ncm(__le16 **p, unsigned size)
439 {
440 unsigned tmp;
441
442 switch (size) {
443 case 1:
444 tmp = get_unaligned_le16(*p);
445 break;
446 case 2:
447 tmp = get_unaligned_le32(*p);
448 break;
449 default:
450 BUG();
451 }
452
453 *p += size;
454 return tmp;
455 }
456
457 /*-------------------------------------------------------------------------*/
458
ncm_reset_values(struct f_ncm * ncm)459 static inline void ncm_reset_values(struct f_ncm *ncm)
460 {
461 ncm->parser_opts = &ndp16_opts;
462 ncm->is_crc = false;
463 ncm->port.cdc_filter = DEFAULT_FILTER;
464
465 /* doesn't make sense for ncm, fixed size used */
466 ncm->port.header_len = 0;
467
468 ncm->port.fixed_out_len = le32_to_cpu(ntb_parameters.dwNtbOutMaxSize);
469 ncm->port.fixed_in_len = NTB_DEFAULT_IN_SIZE;
470 }
471
472 /*
473 * Context: ncm->lock held
474 */
ncm_do_notify(struct f_ncm * ncm)475 static void ncm_do_notify(struct f_ncm *ncm)
476 {
477 struct usb_request *req = ncm->notify_req;
478 struct usb_cdc_notification *event;
479 struct usb_composite_dev *cdev = ncm->port.func.config->cdev;
480 __le32 *data;
481 int status;
482
483 /* notification already in flight? */
484 if (atomic_read(&ncm->notify_count))
485 return;
486
487 event = req->buf;
488 switch (ncm->notify_state) {
489 case NCM_NOTIFY_NONE:
490 return;
491
492 case NCM_NOTIFY_CONNECT:
493 event->bNotificationType = USB_CDC_NOTIFY_NETWORK_CONNECTION;
494 if (ncm->is_open)
495 event->wValue = cpu_to_le16(1);
496 else
497 event->wValue = cpu_to_le16(0);
498 event->wLength = 0;
499 req->length = sizeof *event;
500
501 DBG(cdev, "notify connect %s\n",
502 ncm->is_open ? "true" : "false");
503 ncm->notify_state = NCM_NOTIFY_NONE;
504 break;
505
506 case NCM_NOTIFY_SPEED:
507 event->bNotificationType = USB_CDC_NOTIFY_SPEED_CHANGE;
508 event->wValue = cpu_to_le16(0);
509 event->wLength = cpu_to_le16(8);
510 req->length = NCM_STATUS_BYTECOUNT;
511
512 /* SPEED_CHANGE data is up/down speeds in bits/sec */
513 data = req->buf + sizeof *event;
514 data[0] = cpu_to_le32(ncm_bitrate(cdev->gadget));
515 data[1] = data[0];
516
517 DBG(cdev, "notify speed %u\n", ncm_bitrate(cdev->gadget));
518 ncm->notify_state = NCM_NOTIFY_CONNECT;
519 break;
520 }
521 event->bmRequestType = 0xA1;
522 event->wIndex = cpu_to_le16(ncm->ctrl_id);
523
524 atomic_inc(&ncm->notify_count);
525
526 /*
527 * In double buffering if there is a space in FIFO,
528 * completion callback can be called right after the call,
529 * so unlocking
530 */
531 spin_unlock(&ncm->lock);
532 status = usb_ep_queue(ncm->notify, req, GFP_ATOMIC);
533 spin_lock(&ncm->lock);
534 if (status < 0) {
535 atomic_dec(&ncm->notify_count);
536 DBG(cdev, "notify --> %d\n", status);
537 }
538 }
539
540 /*
541 * Context: ncm->lock held
542 */
ncm_notify(struct f_ncm * ncm)543 static void ncm_notify(struct f_ncm *ncm)
544 {
545 /*
546 * NOTE on most versions of Linux, host side cdc-ethernet
547 * won't listen for notifications until its netdevice opens.
548 * The first notification then sits in the FIFO for a long
549 * time, and the second one is queued.
550 *
551 * If ncm_notify() is called before the second (CONNECT)
552 * notification is sent, then it will reset to send the SPEED
553 * notificaion again (and again, and again), but it's not a problem
554 */
555 ncm->notify_state = NCM_NOTIFY_SPEED;
556 ncm_do_notify(ncm);
557 }
558
ncm_notify_complete(struct usb_ep * ep,struct usb_request * req)559 static void ncm_notify_complete(struct usb_ep *ep, struct usb_request *req)
560 {
561 struct f_ncm *ncm = req->context;
562 struct usb_composite_dev *cdev = ncm->port.func.config->cdev;
563 struct usb_cdc_notification *event = req->buf;
564
565 spin_lock(&ncm->lock);
566 switch (req->status) {
567 case 0:
568 VDBG(cdev, "Notification %02x sent\n",
569 event->bNotificationType);
570 atomic_dec(&ncm->notify_count);
571 break;
572 case -ECONNRESET:
573 case -ESHUTDOWN:
574 atomic_set(&ncm->notify_count, 0);
575 ncm->notify_state = NCM_NOTIFY_NONE;
576 break;
577 default:
578 DBG(cdev, "event %02x --> %d\n",
579 event->bNotificationType, req->status);
580 atomic_dec(&ncm->notify_count);
581 break;
582 }
583 ncm_do_notify(ncm);
584 spin_unlock(&ncm->lock);
585 }
586
ncm_ep0out_complete(struct usb_ep * ep,struct usb_request * req)587 static void ncm_ep0out_complete(struct usb_ep *ep, struct usb_request *req)
588 {
589 /* now for SET_NTB_INPUT_SIZE only */
590 unsigned in_size;
591 struct usb_function *f = req->context;
592 struct f_ncm *ncm = func_to_ncm(f);
593 struct usb_composite_dev *cdev = f->config->cdev;
594
595 req->context = NULL;
596 if (req->status || req->actual != req->length) {
597 DBG(cdev, "Bad control-OUT transfer\n");
598 goto invalid;
599 }
600
601 in_size = get_unaligned_le32(req->buf);
602 if (in_size < USB_CDC_NCM_NTB_MIN_IN_SIZE ||
603 in_size > le32_to_cpu(ntb_parameters.dwNtbInMaxSize)) {
604 DBG(cdev, "Got wrong INPUT SIZE (%d) from host\n", in_size);
605 goto invalid;
606 }
607
608 ncm->port.fixed_in_len = in_size;
609 VDBG(cdev, "Set NTB INPUT SIZE %d\n", in_size);
610 return;
611
612 invalid:
613 usb_ep_set_halt(ep);
614 return;
615 }
616
ncm_setup(struct usb_function * f,const struct usb_ctrlrequest * ctrl)617 static int ncm_setup(struct usb_function *f, const struct usb_ctrlrequest *ctrl)
618 {
619 struct f_ncm *ncm = func_to_ncm(f);
620 struct usb_composite_dev *cdev = f->config->cdev;
621 struct usb_request *req = cdev->req;
622 int value = -EOPNOTSUPP;
623 u16 w_index = le16_to_cpu(ctrl->wIndex);
624 u16 w_value = le16_to_cpu(ctrl->wValue);
625 u16 w_length = le16_to_cpu(ctrl->wLength);
626
627 /*
628 * composite driver infrastructure handles everything except
629 * CDC class messages; interface activation uses set_alt().
630 */
631 switch ((ctrl->bRequestType << 8) | ctrl->bRequest) {
632 case ((USB_DIR_OUT | USB_TYPE_CLASS | USB_RECIP_INTERFACE) << 8)
633 | USB_CDC_SET_ETHERNET_PACKET_FILTER:
634 /*
635 * see 6.2.30: no data, wIndex = interface,
636 * wValue = packet filter bitmap
637 */
638 if (w_length != 0 || w_index != ncm->ctrl_id)
639 goto invalid;
640 DBG(cdev, "packet filter %02x\n", w_value);
641 /*
642 * REVISIT locking of cdc_filter. This assumes the UDC
643 * driver won't have a concurrent packet TX irq running on
644 * another CPU; or that if it does, this write is atomic...
645 */
646 ncm->port.cdc_filter = w_value;
647 value = 0;
648 break;
649 /*
650 * and optionally:
651 * case USB_CDC_SEND_ENCAPSULATED_COMMAND:
652 * case USB_CDC_GET_ENCAPSULATED_RESPONSE:
653 * case USB_CDC_SET_ETHERNET_MULTICAST_FILTERS:
654 * case USB_CDC_SET_ETHERNET_PM_PATTERN_FILTER:
655 * case USB_CDC_GET_ETHERNET_PM_PATTERN_FILTER:
656 * case USB_CDC_GET_ETHERNET_STATISTIC:
657 */
658
659 case ((USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_INTERFACE) << 8)
660 | USB_CDC_GET_NTB_PARAMETERS:
661
662 if (w_length == 0 || w_value != 0 || w_index != ncm->ctrl_id)
663 goto invalid;
664 value = w_length > sizeof ntb_parameters ?
665 sizeof ntb_parameters : w_length;
666 memcpy(req->buf, &ntb_parameters, value);
667 VDBG(cdev, "Host asked NTB parameters\n");
668 break;
669
670 case ((USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_INTERFACE) << 8)
671 | USB_CDC_GET_NTB_INPUT_SIZE:
672
673 if (w_length < 4 || w_value != 0 || w_index != ncm->ctrl_id)
674 goto invalid;
675 put_unaligned_le32(ncm->port.fixed_in_len, req->buf);
676 value = 4;
677 VDBG(cdev, "Host asked INPUT SIZE, sending %d\n",
678 ncm->port.fixed_in_len);
679 break;
680
681 case ((USB_DIR_OUT | USB_TYPE_CLASS | USB_RECIP_INTERFACE) << 8)
682 | USB_CDC_SET_NTB_INPUT_SIZE:
683 {
684 if (w_length != 4 || w_value != 0 || w_index != ncm->ctrl_id)
685 goto invalid;
686 req->complete = ncm_ep0out_complete;
687 req->length = w_length;
688 req->context = f;
689
690 value = req->length;
691 break;
692 }
693
694 case ((USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_INTERFACE) << 8)
695 | USB_CDC_GET_NTB_FORMAT:
696 {
697 uint16_t format;
698
699 if (w_length < 2 || w_value != 0 || w_index != ncm->ctrl_id)
700 goto invalid;
701 format = (ncm->parser_opts == &ndp16_opts) ? 0x0000 : 0x0001;
702 put_unaligned_le16(format, req->buf);
703 value = 2;
704 VDBG(cdev, "Host asked NTB FORMAT, sending %d\n", format);
705 break;
706 }
707
708 case ((USB_DIR_OUT | USB_TYPE_CLASS | USB_RECIP_INTERFACE) << 8)
709 | USB_CDC_SET_NTB_FORMAT:
710 {
711 if (w_length != 0 || w_index != ncm->ctrl_id)
712 goto invalid;
713 switch (w_value) {
714 case 0x0000:
715 ncm->parser_opts = &ndp16_opts;
716 DBG(cdev, "NCM16 selected\n");
717 break;
718 case 0x0001:
719 ncm->parser_opts = &ndp32_opts;
720 DBG(cdev, "NCM32 selected\n");
721 break;
722 default:
723 goto invalid;
724 }
725 value = 0;
726 break;
727 }
728 case ((USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_INTERFACE) << 8)
729 | USB_CDC_GET_CRC_MODE:
730 {
731 uint16_t is_crc;
732
733 if (w_length < 2 || w_value != 0 || w_index != ncm->ctrl_id)
734 goto invalid;
735 is_crc = ncm->is_crc ? 0x0001 : 0x0000;
736 put_unaligned_le16(is_crc, req->buf);
737 value = 2;
738 VDBG(cdev, "Host asked CRC MODE, sending %d\n", is_crc);
739 break;
740 }
741
742 case ((USB_DIR_OUT | USB_TYPE_CLASS | USB_RECIP_INTERFACE) << 8)
743 | USB_CDC_SET_CRC_MODE:
744 {
745 int ndp_hdr_crc = 0;
746
747 if (w_length != 0 || w_index != ncm->ctrl_id)
748 goto invalid;
749 switch (w_value) {
750 case 0x0000:
751 ncm->is_crc = false;
752 ndp_hdr_crc = NCM_NDP_HDR_NOCRC;
753 DBG(cdev, "non-CRC mode selected\n");
754 break;
755 case 0x0001:
756 ncm->is_crc = true;
757 ndp_hdr_crc = NCM_NDP_HDR_CRC;
758 DBG(cdev, "CRC mode selected\n");
759 break;
760 default:
761 goto invalid;
762 }
763 ncm->ndp_sign = ncm->parser_opts->ndp_sign | ndp_hdr_crc;
764 value = 0;
765 break;
766 }
767
768 /* and disabled in ncm descriptor: */
769 /* case USB_CDC_GET_NET_ADDRESS: */
770 /* case USB_CDC_SET_NET_ADDRESS: */
771 /* case USB_CDC_GET_MAX_DATAGRAM_SIZE: */
772 /* case USB_CDC_SET_MAX_DATAGRAM_SIZE: */
773
774 default:
775 invalid:
776 DBG(cdev, "invalid control req%02x.%02x v%04x i%04x l%d\n",
777 ctrl->bRequestType, ctrl->bRequest,
778 w_value, w_index, w_length);
779 }
780
781 /* respond with data transfer or status phase? */
782 if (value >= 0) {
783 DBG(cdev, "ncm req%02x.%02x v%04x i%04x l%d\n",
784 ctrl->bRequestType, ctrl->bRequest,
785 w_value, w_index, w_length);
786 req->zero = 0;
787 req->length = value;
788 value = usb_ep_queue(cdev->gadget->ep0, req, GFP_ATOMIC);
789 if (value < 0)
790 ERROR(cdev, "ncm req %02x.%02x response err %d\n",
791 ctrl->bRequestType, ctrl->bRequest,
792 value);
793 }
794
795 /* device either stalls (value < 0) or reports success */
796 return value;
797 }
798
799
ncm_set_alt(struct usb_function * f,unsigned intf,unsigned alt)800 static int ncm_set_alt(struct usb_function *f, unsigned intf, unsigned alt)
801 {
802 struct f_ncm *ncm = func_to_ncm(f);
803 struct usb_composite_dev *cdev = f->config->cdev;
804
805 /* Control interface has only altsetting 0 */
806 if (intf == ncm->ctrl_id) {
807 if (alt != 0)
808 goto fail;
809
810 DBG(cdev, "reset ncm control %d\n", intf);
811 usb_ep_disable(ncm->notify);
812
813 if (!(ncm->notify->desc)) {
814 DBG(cdev, "init ncm ctrl %d\n", intf);
815 if (config_ep_by_speed(cdev->gadget, f, ncm->notify))
816 goto fail;
817 }
818 usb_ep_enable(ncm->notify);
819
820 /* Data interface has two altsettings, 0 and 1 */
821 } else if (intf == ncm->data_id) {
822 if (alt > 1)
823 goto fail;
824
825 if (ncm->port.in_ep->enabled) {
826 DBG(cdev, "reset ncm\n");
827 ncm->timer_stopping = true;
828 ncm->netdev = NULL;
829 gether_disconnect(&ncm->port);
830 ncm_reset_values(ncm);
831 }
832
833 /*
834 * CDC Network only sends data in non-default altsettings.
835 * Changing altsettings resets filters, statistics, etc.
836 */
837 if (alt == 1) {
838 struct net_device *net;
839
840 if (!ncm->port.in_ep->desc ||
841 !ncm->port.out_ep->desc) {
842 DBG(cdev, "init ncm\n");
843 if (config_ep_by_speed(cdev->gadget, f,
844 ncm->port.in_ep) ||
845 config_ep_by_speed(cdev->gadget, f,
846 ncm->port.out_ep)) {
847 ncm->port.in_ep->desc = NULL;
848 ncm->port.out_ep->desc = NULL;
849 goto fail;
850 }
851 }
852
853 /* TODO */
854 /* Enable zlps by default for NCM conformance;
855 * override for musb_hdrc (avoids txdma ovhead)
856 */
857 ncm->port.is_zlp_ok =
858 gadget_is_zlp_supported(cdev->gadget);
859 ncm->port.cdc_filter = DEFAULT_FILTER;
860 DBG(cdev, "activate ncm\n");
861 net = gether_connect(&ncm->port);
862 if (IS_ERR(net))
863 return PTR_ERR(net);
864 ncm->netdev = net;
865 ncm->timer_stopping = false;
866 }
867
868 spin_lock(&ncm->lock);
869 ncm_notify(ncm);
870 spin_unlock(&ncm->lock);
871 } else
872 goto fail;
873
874 return 0;
875 fail:
876 return -EINVAL;
877 }
878
879 /*
880 * Because the data interface supports multiple altsettings,
881 * this NCM function *MUST* implement a get_alt() method.
882 */
ncm_get_alt(struct usb_function * f,unsigned intf)883 static int ncm_get_alt(struct usb_function *f, unsigned intf)
884 {
885 struct f_ncm *ncm = func_to_ncm(f);
886
887 if (intf == ncm->ctrl_id)
888 return 0;
889 return ncm->port.in_ep->enabled ? 1 : 0;
890 }
891
package_for_tx(struct f_ncm * ncm)892 static struct sk_buff *package_for_tx(struct f_ncm *ncm)
893 {
894 __le16 *ntb_iter;
895 struct sk_buff *skb2 = NULL;
896 unsigned ndp_pad;
897 unsigned ndp_index;
898 unsigned new_len;
899
900 const struct ndp_parser_opts *opts = ncm->parser_opts;
901 const int ndp_align = le16_to_cpu(ntb_parameters.wNdpInAlignment);
902 const int dgram_idx_len = 2 * 2 * opts->dgram_item_len;
903
904 /* Stop the timer */
905 hrtimer_try_to_cancel(&ncm->task_timer);
906
907 ndp_pad = ALIGN(ncm->skb_tx_data->len, ndp_align) -
908 ncm->skb_tx_data->len;
909 ndp_index = ncm->skb_tx_data->len + ndp_pad;
910 new_len = ndp_index + dgram_idx_len + ncm->skb_tx_ndp->len;
911
912 /* Set the final BlockLength and wNdpIndex */
913 ntb_iter = (void *) ncm->skb_tx_data->data;
914 /* Increment pointer to BlockLength */
915 ntb_iter += 2 + 1 + 1;
916 put_ncm(&ntb_iter, opts->block_length, new_len);
917 put_ncm(&ntb_iter, opts->ndp_index, ndp_index);
918
919 /* Set the final NDP wLength */
920 new_len = opts->ndp_size +
921 (ncm->ndp_dgram_count * dgram_idx_len);
922 ncm->ndp_dgram_count = 0;
923 /* Increment from start to wLength */
924 ntb_iter = (void *) ncm->skb_tx_ndp->data;
925 ntb_iter += 2;
926 put_unaligned_le16(new_len, ntb_iter);
927
928 /* Merge the skbs */
929 swap(skb2, ncm->skb_tx_data);
930 if (ncm->skb_tx_data) {
931 dev_kfree_skb_any(ncm->skb_tx_data);
932 ncm->skb_tx_data = NULL;
933 }
934
935 /* Insert NDP alignment. */
936 ntb_iter = (void *) skb_put(skb2, ndp_pad);
937 memset(ntb_iter, 0, ndp_pad);
938
939 /* Copy NTB across. */
940 ntb_iter = (void *) skb_put(skb2, ncm->skb_tx_ndp->len);
941 memcpy(ntb_iter, ncm->skb_tx_ndp->data, ncm->skb_tx_ndp->len);
942 dev_kfree_skb_any(ncm->skb_tx_ndp);
943 ncm->skb_tx_ndp = NULL;
944
945 /* Insert zero'd datagram. */
946 ntb_iter = (void *) skb_put(skb2, dgram_idx_len);
947 memset(ntb_iter, 0, dgram_idx_len);
948
949 return skb2;
950 }
951
ncm_wrap_ntb(struct gether * port,struct sk_buff * skb)952 static struct sk_buff *ncm_wrap_ntb(struct gether *port,
953 struct sk_buff *skb)
954 {
955 struct f_ncm *ncm = func_to_ncm(&port->func);
956 struct sk_buff *skb2 = NULL;
957 int ncb_len = 0;
958 __le16 *ntb_data;
959 __le16 *ntb_ndp;
960 int dgram_pad;
961
962 unsigned max_size = ncm->port.fixed_in_len;
963 const struct ndp_parser_opts *opts = ncm->parser_opts;
964 const int ndp_align = le16_to_cpu(ntb_parameters.wNdpInAlignment);
965 const int div = le16_to_cpu(ntb_parameters.wNdpInDivisor);
966 const int rem = le16_to_cpu(ntb_parameters.wNdpInPayloadRemainder);
967 const int dgram_idx_len = 2 * 2 * opts->dgram_item_len;
968
969 if (!skb && !ncm->skb_tx_data)
970 return NULL;
971
972 if (skb) {
973 /* Add the CRC if required up front */
974 if (ncm->is_crc) {
975 uint32_t crc;
976 __le16 *crc_pos;
977
978 crc = ~crc32_le(~0,
979 skb->data,
980 skb->len);
981 crc_pos = (void *) skb_put(skb, sizeof(uint32_t));
982 put_unaligned_le32(crc, crc_pos);
983 }
984
985 /* If the new skb is too big for the current NCM NTB then
986 * set the current stored skb to be sent now and clear it
987 * ready for new data.
988 * NOTE: Assume maximum align for speed of calculation.
989 */
990 if (ncm->skb_tx_data
991 && (ncm->ndp_dgram_count >= TX_MAX_NUM_DPE
992 || (ncm->skb_tx_data->len +
993 div + rem + skb->len +
994 ncm->skb_tx_ndp->len + ndp_align + (2 * dgram_idx_len))
995 > max_size)) {
996 skb2 = package_for_tx(ncm);
997 if (!skb2)
998 goto err;
999 }
1000
1001 if (!ncm->skb_tx_data) {
1002 ncb_len = opts->nth_size;
1003 dgram_pad = ALIGN(ncb_len, div) + rem - ncb_len;
1004 ncb_len += dgram_pad;
1005
1006 /* Create a new skb for the NTH and datagrams. */
1007 ncm->skb_tx_data = alloc_skb(max_size, GFP_ATOMIC);
1008 if (!ncm->skb_tx_data)
1009 goto err;
1010
1011 ntb_data = (void *) skb_put(ncm->skb_tx_data, ncb_len);
1012 memset(ntb_data, 0, ncb_len);
1013 /* dwSignature */
1014 put_unaligned_le32(opts->nth_sign, ntb_data);
1015 ntb_data += 2;
1016 /* wHeaderLength */
1017 put_unaligned_le16(opts->nth_size, ntb_data++);
1018
1019 /* Allocate an skb for storing the NDP,
1020 * TX_MAX_NUM_DPE should easily suffice for a
1021 * 16k packet.
1022 */
1023 ncm->skb_tx_ndp = alloc_skb((int)(opts->ndp_size
1024 + opts->dpe_size
1025 * TX_MAX_NUM_DPE),
1026 GFP_ATOMIC);
1027 if (!ncm->skb_tx_ndp)
1028 goto err;
1029 ntb_ndp = (void *) skb_put(ncm->skb_tx_ndp,
1030 opts->ndp_size);
1031 memset(ntb_ndp, 0, ncb_len);
1032 /* dwSignature */
1033 put_unaligned_le32(ncm->ndp_sign, ntb_ndp);
1034 ntb_ndp += 2;
1035
1036 /* There is always a zeroed entry */
1037 ncm->ndp_dgram_count = 1;
1038
1039 /* Note: we skip opts->next_ndp_index */
1040 }
1041
1042 /* Delay the timer. */
1043 hrtimer_start(&ncm->task_timer,
1044 ktime_set(0, TX_TIMEOUT_NSECS),
1045 HRTIMER_MODE_REL);
1046
1047 /* Add the datagram position entries */
1048 ntb_ndp = (void *) skb_put(ncm->skb_tx_ndp, dgram_idx_len);
1049 memset(ntb_ndp, 0, dgram_idx_len);
1050
1051 ncb_len = ncm->skb_tx_data->len;
1052 dgram_pad = ALIGN(ncb_len, div) + rem - ncb_len;
1053 ncb_len += dgram_pad;
1054
1055 /* (d)wDatagramIndex */
1056 put_ncm(&ntb_ndp, opts->dgram_item_len, ncb_len);
1057 /* (d)wDatagramLength */
1058 put_ncm(&ntb_ndp, opts->dgram_item_len, skb->len);
1059 ncm->ndp_dgram_count++;
1060
1061 /* Add the new data to the skb */
1062 ntb_data = (void *) skb_put(ncm->skb_tx_data, dgram_pad);
1063 memset(ntb_data, 0, dgram_pad);
1064 ntb_data = (void *) skb_put(ncm->skb_tx_data, skb->len);
1065 memcpy(ntb_data, skb->data, skb->len);
1066 dev_kfree_skb_any(skb);
1067 skb = NULL;
1068
1069 } else if (ncm->skb_tx_data && ncm->timer_force_tx) {
1070 /* If the tx was requested because of a timeout then send */
1071 skb2 = package_for_tx(ncm);
1072 if (!skb2)
1073 goto err;
1074 }
1075
1076 return skb2;
1077
1078 err:
1079 ncm->netdev->stats.tx_dropped++;
1080
1081 if (skb)
1082 dev_kfree_skb_any(skb);
1083 if (ncm->skb_tx_data)
1084 dev_kfree_skb_any(ncm->skb_tx_data);
1085 if (ncm->skb_tx_ndp)
1086 dev_kfree_skb_any(ncm->skb_tx_ndp);
1087
1088 return NULL;
1089 }
1090
1091 /*
1092 * This transmits the NTB if there are frames waiting.
1093 */
ncm_tx_tasklet(unsigned long data)1094 static void ncm_tx_tasklet(unsigned long data)
1095 {
1096 struct f_ncm *ncm = (void *)data;
1097
1098 if (ncm->timer_stopping)
1099 return;
1100
1101 /* Only send if data is available. */
1102 if (ncm->skb_tx_data) {
1103 ncm->timer_force_tx = true;
1104
1105 /* XXX This allowance of a NULL skb argument to ndo_start_xmit
1106 * XXX is not sane. The gadget layer should be redesigned so
1107 * XXX that the dev->wrap() invocations to build SKBs is transparent
1108 * XXX and performed in some way outside of the ndo_start_xmit
1109 * XXX interface.
1110 */
1111 ncm->netdev->netdev_ops->ndo_start_xmit(NULL, ncm->netdev);
1112
1113 ncm->timer_force_tx = false;
1114 }
1115 }
1116
1117 /*
1118 * The transmit should only be run if no skb data has been sent
1119 * for a certain duration.
1120 */
ncm_tx_timeout(struct hrtimer * data)1121 static enum hrtimer_restart ncm_tx_timeout(struct hrtimer *data)
1122 {
1123 struct f_ncm *ncm = container_of(data, struct f_ncm, task_timer);
1124 tasklet_schedule(&ncm->tx_tasklet);
1125 return HRTIMER_NORESTART;
1126 }
1127
ncm_unwrap_ntb(struct gether * port,struct sk_buff * skb,struct sk_buff_head * list)1128 static int ncm_unwrap_ntb(struct gether *port,
1129 struct sk_buff *skb,
1130 struct sk_buff_head *list)
1131 {
1132 struct f_ncm *ncm = func_to_ncm(&port->func);
1133 __le16 *tmp = (void *) skb->data;
1134 unsigned index, index2;
1135 int ndp_index;
1136 unsigned dg_len, dg_len2;
1137 unsigned ndp_len;
1138 struct sk_buff *skb2;
1139 int ret = -EINVAL;
1140 unsigned max_size = le32_to_cpu(ntb_parameters.dwNtbOutMaxSize);
1141 const struct ndp_parser_opts *opts = ncm->parser_opts;
1142 unsigned crc_len = ncm->is_crc ? sizeof(uint32_t) : 0;
1143 int dgram_counter;
1144
1145 /* dwSignature */
1146 if (get_unaligned_le32(tmp) != opts->nth_sign) {
1147 INFO(port->func.config->cdev, "Wrong NTH SIGN, skblen %d\n",
1148 skb->len);
1149 print_hex_dump(KERN_INFO, "HEAD:", DUMP_PREFIX_ADDRESS, 32, 1,
1150 skb->data, 32, false);
1151
1152 goto err;
1153 }
1154 tmp += 2;
1155 /* wHeaderLength */
1156 if (get_unaligned_le16(tmp++) != opts->nth_size) {
1157 INFO(port->func.config->cdev, "Wrong NTB headersize\n");
1158 goto err;
1159 }
1160 tmp++; /* skip wSequence */
1161
1162 /* (d)wBlockLength */
1163 if (get_ncm(&tmp, opts->block_length) > max_size) {
1164 INFO(port->func.config->cdev, "OUT size exceeded\n");
1165 goto err;
1166 }
1167
1168 ndp_index = get_ncm(&tmp, opts->ndp_index);
1169
1170 /* Run through all the NDP's in the NTB */
1171 do {
1172 /* NCM 3.2 */
1173 if (((ndp_index % 4) != 0) &&
1174 (ndp_index < opts->nth_size)) {
1175 INFO(port->func.config->cdev, "Bad index: %#X\n",
1176 ndp_index);
1177 goto err;
1178 }
1179
1180 /* walk through NDP */
1181 tmp = (void *)(skb->data + ndp_index);
1182 if (get_unaligned_le32(tmp) != ncm->ndp_sign) {
1183 INFO(port->func.config->cdev, "Wrong NDP SIGN\n");
1184 goto err;
1185 }
1186 tmp += 2;
1187
1188 ndp_len = get_unaligned_le16(tmp++);
1189 /*
1190 * NCM 3.3.1
1191 * entry is 2 items
1192 * item size is 16/32 bits, opts->dgram_item_len * 2 bytes
1193 * minimal: struct usb_cdc_ncm_ndpX + normal entry + zero entry
1194 * Each entry is a dgram index and a dgram length.
1195 */
1196 if ((ndp_len < opts->ndp_size
1197 + 2 * 2 * (opts->dgram_item_len * 2))
1198 || (ndp_len % opts->ndplen_align != 0)) {
1199 INFO(port->func.config->cdev, "Bad NDP length: %#X\n",
1200 ndp_len);
1201 goto err;
1202 }
1203 tmp += opts->reserved1;
1204 /* Check for another NDP (d)wNextNdpIndex */
1205 ndp_index = get_ncm(&tmp, opts->next_ndp_index);
1206 tmp += opts->reserved2;
1207
1208 ndp_len -= opts->ndp_size;
1209 index2 = get_ncm(&tmp, opts->dgram_item_len);
1210 dg_len2 = get_ncm(&tmp, opts->dgram_item_len);
1211 dgram_counter = 0;
1212
1213 do {
1214 index = index2;
1215 dg_len = dg_len2;
1216 if (dg_len < 14 + crc_len) { /* ethernet hdr + crc */
1217 INFO(port->func.config->cdev,
1218 "Bad dgram length: %#X\n", dg_len);
1219 goto err;
1220 }
1221 if (ncm->is_crc) {
1222 uint32_t crc, crc2;
1223
1224 crc = get_unaligned_le32(skb->data +
1225 index + dg_len -
1226 crc_len);
1227 crc2 = ~crc32_le(~0,
1228 skb->data + index,
1229 dg_len - crc_len);
1230 if (crc != crc2) {
1231 INFO(port->func.config->cdev,
1232 "Bad CRC\n");
1233 goto err;
1234 }
1235 }
1236
1237 index2 = get_ncm(&tmp, opts->dgram_item_len);
1238 dg_len2 = get_ncm(&tmp, opts->dgram_item_len);
1239
1240 /*
1241 * Copy the data into a new skb.
1242 * This ensures the truesize is correct
1243 */
1244 skb2 = netdev_alloc_skb_ip_align(ncm->netdev,
1245 dg_len - crc_len);
1246 if (skb2 == NULL)
1247 goto err;
1248 memcpy(skb_put(skb2, dg_len - crc_len),
1249 skb->data + index, dg_len - crc_len);
1250
1251 skb_queue_tail(list, skb2);
1252
1253 ndp_len -= 2 * (opts->dgram_item_len * 2);
1254
1255 dgram_counter++;
1256
1257 if (index2 == 0 || dg_len2 == 0)
1258 break;
1259 } while (ndp_len > 2 * (opts->dgram_item_len * 2));
1260 } while (ndp_index);
1261
1262 dev_kfree_skb_any(skb);
1263
1264 VDBG(port->func.config->cdev,
1265 "Parsed NTB with %d frames\n", dgram_counter);
1266 return 0;
1267 err:
1268 skb_queue_purge(list);
1269 dev_kfree_skb_any(skb);
1270 return ret;
1271 }
1272
ncm_disable(struct usb_function * f)1273 static void ncm_disable(struct usb_function *f)
1274 {
1275 struct f_ncm *ncm = func_to_ncm(f);
1276 struct usb_composite_dev *cdev = f->config->cdev;
1277
1278 DBG(cdev, "ncm deactivated\n");
1279
1280 if (ncm->port.in_ep->enabled) {
1281 ncm->timer_stopping = true;
1282 ncm->netdev = NULL;
1283 gether_disconnect(&ncm->port);
1284 }
1285
1286 if (ncm->notify->enabled) {
1287 usb_ep_disable(ncm->notify);
1288 ncm->notify->desc = NULL;
1289 }
1290 }
1291
1292 /*-------------------------------------------------------------------------*/
1293
1294 /*
1295 * Callbacks let us notify the host about connect/disconnect when the
1296 * net device is opened or closed.
1297 *
1298 * For testing, note that link states on this side include both opened
1299 * and closed variants of:
1300 *
1301 * - disconnected/unconfigured
1302 * - configured but inactive (data alt 0)
1303 * - configured and active (data alt 1)
1304 *
1305 * Each needs to be tested with unplug, rmmod, SET_CONFIGURATION, and
1306 * SET_INTERFACE (altsetting). Remember also that "configured" doesn't
1307 * imply the host is actually polling the notification endpoint, and
1308 * likewise that "active" doesn't imply it's actually using the data
1309 * endpoints for traffic.
1310 */
1311
ncm_open(struct gether * geth)1312 static void ncm_open(struct gether *geth)
1313 {
1314 struct f_ncm *ncm = func_to_ncm(&geth->func);
1315
1316 DBG(ncm->port.func.config->cdev, "%s\n", __func__);
1317
1318 spin_lock(&ncm->lock);
1319 ncm->is_open = true;
1320 ncm_notify(ncm);
1321 spin_unlock(&ncm->lock);
1322 }
1323
ncm_close(struct gether * geth)1324 static void ncm_close(struct gether *geth)
1325 {
1326 struct f_ncm *ncm = func_to_ncm(&geth->func);
1327
1328 DBG(ncm->port.func.config->cdev, "%s\n", __func__);
1329
1330 spin_lock(&ncm->lock);
1331 ncm->is_open = false;
1332 ncm_notify(ncm);
1333 spin_unlock(&ncm->lock);
1334 }
1335
1336 /*-------------------------------------------------------------------------*/
1337
1338 /* ethernet function driver setup/binding */
1339
ncm_bind(struct usb_configuration * c,struct usb_function * f)1340 static int ncm_bind(struct usb_configuration *c, struct usb_function *f)
1341 {
1342 struct usb_composite_dev *cdev = c->cdev;
1343 struct f_ncm *ncm = func_to_ncm(f);
1344 struct usb_string *us;
1345 int status;
1346 struct usb_ep *ep;
1347 struct f_ncm_opts *ncm_opts;
1348
1349 if (!can_support_ecm(cdev->gadget))
1350 return -EINVAL;
1351
1352 ncm_opts = container_of(f->fi, struct f_ncm_opts, func_inst);
1353 /*
1354 * in drivers/usb/gadget/configfs.c:configfs_composite_bind()
1355 * configurations are bound in sequence with list_for_each_entry,
1356 * in each configuration its functions are bound in sequence
1357 * with list_for_each_entry, so we assume no race condition
1358 * with regard to ncm_opts->bound access
1359 */
1360 if (!ncm_opts->bound) {
1361 mutex_lock(&ncm_opts->lock);
1362 gether_set_gadget(ncm_opts->net, cdev->gadget);
1363 status = gether_register_netdev(ncm_opts->net);
1364 mutex_unlock(&ncm_opts->lock);
1365 if (status)
1366 return status;
1367 ncm_opts->bound = true;
1368 }
1369 us = usb_gstrings_attach(cdev, ncm_strings,
1370 ARRAY_SIZE(ncm_string_defs));
1371 if (IS_ERR(us))
1372 return PTR_ERR(us);
1373 ncm_control_intf.iInterface = us[STRING_CTRL_IDX].id;
1374 ncm_data_nop_intf.iInterface = us[STRING_DATA_IDX].id;
1375 ncm_data_intf.iInterface = us[STRING_DATA_IDX].id;
1376 ecm_desc.iMACAddress = us[STRING_MAC_IDX].id;
1377 ncm_iad_desc.iFunction = us[STRING_IAD_IDX].id;
1378
1379 /* allocate instance-specific interface IDs */
1380 status = usb_interface_id(c, f);
1381 if (status < 0)
1382 goto fail;
1383 ncm->ctrl_id = status;
1384 ncm_iad_desc.bFirstInterface = status;
1385
1386 ncm_control_intf.bInterfaceNumber = status;
1387 ncm_union_desc.bMasterInterface0 = status;
1388
1389 status = usb_interface_id(c, f);
1390 if (status < 0)
1391 goto fail;
1392 ncm->data_id = status;
1393
1394 ncm_data_nop_intf.bInterfaceNumber = status;
1395 ncm_data_intf.bInterfaceNumber = status;
1396 ncm_union_desc.bSlaveInterface0 = status;
1397
1398 status = -ENODEV;
1399
1400 /* allocate instance-specific endpoints */
1401 ep = usb_ep_autoconfig(cdev->gadget, &fs_ncm_in_desc);
1402 if (!ep)
1403 goto fail;
1404 ncm->port.in_ep = ep;
1405
1406 ep = usb_ep_autoconfig(cdev->gadget, &fs_ncm_out_desc);
1407 if (!ep)
1408 goto fail;
1409 ncm->port.out_ep = ep;
1410
1411 ep = usb_ep_autoconfig(cdev->gadget, &fs_ncm_notify_desc);
1412 if (!ep)
1413 goto fail;
1414 ncm->notify = ep;
1415
1416 status = -ENOMEM;
1417
1418 /* allocate notification request and buffer */
1419 ncm->notify_req = usb_ep_alloc_request(ep, GFP_KERNEL);
1420 if (!ncm->notify_req)
1421 goto fail;
1422 ncm->notify_req->buf = kmalloc(NCM_STATUS_BYTECOUNT, GFP_KERNEL);
1423 if (!ncm->notify_req->buf)
1424 goto fail;
1425 ncm->notify_req->context = ncm;
1426 ncm->notify_req->complete = ncm_notify_complete;
1427
1428 /*
1429 * support all relevant hardware speeds... we expect that when
1430 * hardware is dual speed, all bulk-capable endpoints work at
1431 * both speeds
1432 */
1433 hs_ncm_in_desc.bEndpointAddress = fs_ncm_in_desc.bEndpointAddress;
1434 hs_ncm_out_desc.bEndpointAddress = fs_ncm_out_desc.bEndpointAddress;
1435 hs_ncm_notify_desc.bEndpointAddress =
1436 fs_ncm_notify_desc.bEndpointAddress;
1437
1438 status = usb_assign_descriptors(f, ncm_fs_function, ncm_hs_function,
1439 NULL);
1440 if (status)
1441 goto fail;
1442
1443 /*
1444 * NOTE: all that is done without knowing or caring about
1445 * the network link ... which is unavailable to this code
1446 * until we're activated via set_alt().
1447 */
1448
1449 ncm->port.open = ncm_open;
1450 ncm->port.close = ncm_close;
1451
1452 tasklet_init(&ncm->tx_tasklet, ncm_tx_tasklet, (unsigned long) ncm);
1453 hrtimer_init(&ncm->task_timer, CLOCK_MONOTONIC, HRTIMER_MODE_REL);
1454 ncm->task_timer.function = ncm_tx_timeout;
1455
1456 DBG(cdev, "CDC Network: %s speed IN/%s OUT/%s NOTIFY/%s\n",
1457 gadget_is_dualspeed(c->cdev->gadget) ? "dual" : "full",
1458 ncm->port.in_ep->name, ncm->port.out_ep->name,
1459 ncm->notify->name);
1460 return 0;
1461
1462 fail:
1463 if (ncm->notify_req) {
1464 kfree(ncm->notify_req->buf);
1465 usb_ep_free_request(ncm->notify, ncm->notify_req);
1466 }
1467
1468 ERROR(cdev, "%s: can't bind, err %d\n", f->name, status);
1469
1470 return status;
1471 }
1472
to_f_ncm_opts(struct config_item * item)1473 static inline struct f_ncm_opts *to_f_ncm_opts(struct config_item *item)
1474 {
1475 return container_of(to_config_group(item), struct f_ncm_opts,
1476 func_inst.group);
1477 }
1478
1479 /* f_ncm_item_ops */
1480 USB_ETHERNET_CONFIGFS_ITEM(ncm);
1481
1482 /* f_ncm_opts_dev_addr */
1483 USB_ETHERNET_CONFIGFS_ITEM_ATTR_DEV_ADDR(ncm);
1484
1485 /* f_ncm_opts_host_addr */
1486 USB_ETHERNET_CONFIGFS_ITEM_ATTR_HOST_ADDR(ncm);
1487
1488 /* f_ncm_opts_qmult */
1489 USB_ETHERNET_CONFIGFS_ITEM_ATTR_QMULT(ncm);
1490
1491 /* f_ncm_opts_ifname */
1492 USB_ETHERNET_CONFIGFS_ITEM_ATTR_IFNAME(ncm);
1493
1494 static struct configfs_attribute *ncm_attrs[] = {
1495 &ncm_opts_attr_dev_addr,
1496 &ncm_opts_attr_host_addr,
1497 &ncm_opts_attr_qmult,
1498 &ncm_opts_attr_ifname,
1499 NULL,
1500 };
1501
1502 static struct config_item_type ncm_func_type = {
1503 .ct_item_ops = &ncm_item_ops,
1504 .ct_attrs = ncm_attrs,
1505 .ct_owner = THIS_MODULE,
1506 };
1507
ncm_free_inst(struct usb_function_instance * f)1508 static void ncm_free_inst(struct usb_function_instance *f)
1509 {
1510 struct f_ncm_opts *opts;
1511
1512 opts = container_of(f, struct f_ncm_opts, func_inst);
1513 if (opts->bound)
1514 gether_cleanup(netdev_priv(opts->net));
1515 else
1516 free_netdev(opts->net);
1517 kfree(opts);
1518 }
1519
ncm_alloc_inst(void)1520 static struct usb_function_instance *ncm_alloc_inst(void)
1521 {
1522 struct f_ncm_opts *opts;
1523
1524 opts = kzalloc(sizeof(*opts), GFP_KERNEL);
1525 if (!opts)
1526 return ERR_PTR(-ENOMEM);
1527 mutex_init(&opts->lock);
1528 opts->func_inst.free_func_inst = ncm_free_inst;
1529 opts->net = gether_setup_default();
1530 if (IS_ERR(opts->net)) {
1531 struct net_device *net = opts->net;
1532 kfree(opts);
1533 return ERR_CAST(net);
1534 }
1535
1536 config_group_init_type_name(&opts->func_inst.group, "", &ncm_func_type);
1537
1538 return &opts->func_inst;
1539 }
1540
ncm_free(struct usb_function * f)1541 static void ncm_free(struct usb_function *f)
1542 {
1543 struct f_ncm *ncm;
1544 struct f_ncm_opts *opts;
1545
1546 ncm = func_to_ncm(f);
1547 opts = container_of(f->fi, struct f_ncm_opts, func_inst);
1548 kfree(ncm);
1549 mutex_lock(&opts->lock);
1550 opts->refcnt--;
1551 mutex_unlock(&opts->lock);
1552 }
1553
ncm_unbind(struct usb_configuration * c,struct usb_function * f)1554 static void ncm_unbind(struct usb_configuration *c, struct usb_function *f)
1555 {
1556 struct f_ncm *ncm = func_to_ncm(f);
1557
1558 DBG(c->cdev, "ncm unbind\n");
1559
1560 hrtimer_cancel(&ncm->task_timer);
1561 tasklet_kill(&ncm->tx_tasklet);
1562
1563 ncm_string_defs[0].id = 0;
1564 usb_free_all_descriptors(f);
1565
1566 if (atomic_read(&ncm->notify_count)) {
1567 usb_ep_dequeue(ncm->notify, ncm->notify_req);
1568 atomic_set(&ncm->notify_count, 0);
1569 }
1570
1571 kfree(ncm->notify_req->buf);
1572 usb_ep_free_request(ncm->notify, ncm->notify_req);
1573 }
1574
ncm_alloc(struct usb_function_instance * fi)1575 static struct usb_function *ncm_alloc(struct usb_function_instance *fi)
1576 {
1577 struct f_ncm *ncm;
1578 struct f_ncm_opts *opts;
1579 int status;
1580
1581 /* allocate and initialize one new instance */
1582 ncm = kzalloc(sizeof(*ncm), GFP_KERNEL);
1583 if (!ncm)
1584 return ERR_PTR(-ENOMEM);
1585
1586 opts = container_of(fi, struct f_ncm_opts, func_inst);
1587 mutex_lock(&opts->lock);
1588 opts->refcnt++;
1589
1590 /* export host's Ethernet address in CDC format */
1591 status = gether_get_host_addr_cdc(opts->net, ncm->ethaddr,
1592 sizeof(ncm->ethaddr));
1593 if (status < 12) { /* strlen("01234567890a") */
1594 kfree(ncm);
1595 mutex_unlock(&opts->lock);
1596 return ERR_PTR(-EINVAL);
1597 }
1598 ncm_string_defs[STRING_MAC_IDX].s = ncm->ethaddr;
1599
1600 spin_lock_init(&ncm->lock);
1601 ncm_reset_values(ncm);
1602 ncm->port.ioport = netdev_priv(opts->net);
1603 mutex_unlock(&opts->lock);
1604 ncm->port.is_fixed = true;
1605 ncm->port.supports_multi_frame = true;
1606
1607 ncm->port.func.name = "cdc_network";
1608 /* descriptors are per-instance copies */
1609 ncm->port.func.bind = ncm_bind;
1610 ncm->port.func.unbind = ncm_unbind;
1611 ncm->port.func.set_alt = ncm_set_alt;
1612 ncm->port.func.get_alt = ncm_get_alt;
1613 ncm->port.func.setup = ncm_setup;
1614 ncm->port.func.disable = ncm_disable;
1615 ncm->port.func.free_func = ncm_free;
1616
1617 ncm->port.wrap = ncm_wrap_ntb;
1618 ncm->port.unwrap = ncm_unwrap_ntb;
1619
1620 return &ncm->port.func;
1621 }
1622
1623 DECLARE_USB_FUNCTION_INIT(ncm, ncm_alloc_inst, ncm_alloc);
1624 MODULE_LICENSE("GPL");
1625 MODULE_AUTHOR("Yauheni Kaliuta");
1626