1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3 * HID support for Linux
4 *
5 * Copyright (c) 1999 Andreas Gal
6 * Copyright (c) 2000-2005 Vojtech Pavlik <vojtech@suse.cz>
7 * Copyright (c) 2005 Michael Haboustak <mike-@cinci.rr.com> for Concept2, Inc
8 * Copyright (c) 2006-2012 Jiri Kosina
9 */
10
11 /*
12 */
13
14 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
15
16 #include <linux/module.h>
17 #include <linux/slab.h>
18 #include <linux/init.h>
19 #include <linux/kernel.h>
20 #include <linux/list.h>
21 #include <linux/mm.h>
22 #include <linux/spinlock.h>
23 #include <asm/unaligned.h>
24 #include <asm/byteorder.h>
25 #include <linux/input.h>
26 #include <linux/wait.h>
27 #include <linux/vmalloc.h>
28 #include <linux/sched.h>
29 #include <linux/semaphore.h>
30
31 #include <linux/hid.h>
32 #include <linux/hiddev.h>
33 #include <linux/hid-debug.h>
34 #include <linux/hidraw.h>
35 #include <linux/uhid.h>
36
37 #include "hid-ids.h"
38
39 /*
40 * Version Information
41 */
42
43 #define DRIVER_DESC "HID core driver"
44
45 int hid_debug = 0;
46 module_param_named(debug, hid_debug, int, 0600);
47 MODULE_PARM_DESC(debug, "toggle HID debugging messages");
48 EXPORT_SYMBOL_GPL(hid_debug);
49
50 static int hid_ignore_special_drivers = 0;
51 module_param_named(ignore_special_drivers, hid_ignore_special_drivers, int, 0600);
52 MODULE_PARM_DESC(ignore_special_drivers, "Ignore any special drivers and handle all devices by generic driver");
53
54 /*
55 * Register a new report for a device.
56 */
57
hid_register_report(struct hid_device * device,enum hid_report_type type,unsigned int id,unsigned int application)58 struct hid_report *hid_register_report(struct hid_device *device,
59 enum hid_report_type type, unsigned int id,
60 unsigned int application)
61 {
62 struct hid_report_enum *report_enum = device->report_enum + type;
63 struct hid_report *report;
64
65 if (id >= HID_MAX_IDS)
66 return NULL;
67 if (report_enum->report_id_hash[id])
68 return report_enum->report_id_hash[id];
69
70 report = kzalloc(sizeof(struct hid_report), GFP_KERNEL);
71 if (!report)
72 return NULL;
73
74 if (id != 0)
75 report_enum->numbered = 1;
76
77 report->id = id;
78 report->type = type;
79 report->size = 0;
80 report->device = device;
81 report->application = application;
82 report_enum->report_id_hash[id] = report;
83
84 list_add_tail(&report->list, &report_enum->report_list);
85 INIT_LIST_HEAD(&report->field_entry_list);
86
87 return report;
88 }
89 EXPORT_SYMBOL_GPL(hid_register_report);
90
91 /*
92 * Register a new field for this report.
93 */
94
hid_register_field(struct hid_report * report,unsigned usages)95 static struct hid_field *hid_register_field(struct hid_report *report, unsigned usages)
96 {
97 struct hid_field *field;
98
99 if (report->maxfield == HID_MAX_FIELDS) {
100 hid_err(report->device, "too many fields in report\n");
101 return NULL;
102 }
103
104 field = kzalloc((sizeof(struct hid_field) +
105 usages * sizeof(struct hid_usage) +
106 3 * usages * sizeof(unsigned int)), GFP_KERNEL);
107 if (!field)
108 return NULL;
109
110 field->index = report->maxfield++;
111 report->field[field->index] = field;
112 field->usage = (struct hid_usage *)(field + 1);
113 field->value = (s32 *)(field->usage + usages);
114 field->new_value = (s32 *)(field->value + usages);
115 field->usages_priorities = (s32 *)(field->new_value + usages);
116 field->report = report;
117
118 return field;
119 }
120
121 /*
122 * Open a collection. The type/usage is pushed on the stack.
123 */
124
open_collection(struct hid_parser * parser,unsigned type)125 static int open_collection(struct hid_parser *parser, unsigned type)
126 {
127 struct hid_collection *collection;
128 unsigned usage;
129 int collection_index;
130
131 usage = parser->local.usage[0];
132
133 if (parser->collection_stack_ptr == parser->collection_stack_size) {
134 unsigned int *collection_stack;
135 unsigned int new_size = parser->collection_stack_size +
136 HID_COLLECTION_STACK_SIZE;
137
138 collection_stack = krealloc(parser->collection_stack,
139 new_size * sizeof(unsigned int),
140 GFP_KERNEL);
141 if (!collection_stack)
142 return -ENOMEM;
143
144 parser->collection_stack = collection_stack;
145 parser->collection_stack_size = new_size;
146 }
147
148 if (parser->device->maxcollection == parser->device->collection_size) {
149 collection = kmalloc(
150 array3_size(sizeof(struct hid_collection),
151 parser->device->collection_size,
152 2),
153 GFP_KERNEL);
154 if (collection == NULL) {
155 hid_err(parser->device, "failed to reallocate collection array\n");
156 return -ENOMEM;
157 }
158 memcpy(collection, parser->device->collection,
159 sizeof(struct hid_collection) *
160 parser->device->collection_size);
161 memset(collection + parser->device->collection_size, 0,
162 sizeof(struct hid_collection) *
163 parser->device->collection_size);
164 kfree(parser->device->collection);
165 parser->device->collection = collection;
166 parser->device->collection_size *= 2;
167 }
168
169 parser->collection_stack[parser->collection_stack_ptr++] =
170 parser->device->maxcollection;
171
172 collection_index = parser->device->maxcollection++;
173 collection = parser->device->collection + collection_index;
174 collection->type = type;
175 collection->usage = usage;
176 collection->level = parser->collection_stack_ptr - 1;
177 collection->parent_idx = (collection->level == 0) ? -1 :
178 parser->collection_stack[collection->level - 1];
179
180 if (type == HID_COLLECTION_APPLICATION)
181 parser->device->maxapplication++;
182
183 return 0;
184 }
185
186 /*
187 * Close a collection.
188 */
189
close_collection(struct hid_parser * parser)190 static int close_collection(struct hid_parser *parser)
191 {
192 if (!parser->collection_stack_ptr) {
193 hid_err(parser->device, "collection stack underflow\n");
194 return -EINVAL;
195 }
196 parser->collection_stack_ptr--;
197 return 0;
198 }
199
200 /*
201 * Climb up the stack, search for the specified collection type
202 * and return the usage.
203 */
204
hid_lookup_collection(struct hid_parser * parser,unsigned type)205 static unsigned hid_lookup_collection(struct hid_parser *parser, unsigned type)
206 {
207 struct hid_collection *collection = parser->device->collection;
208 int n;
209
210 for (n = parser->collection_stack_ptr - 1; n >= 0; n--) {
211 unsigned index = parser->collection_stack[n];
212 if (collection[index].type == type)
213 return collection[index].usage;
214 }
215 return 0; /* we know nothing about this usage type */
216 }
217
218 /*
219 * Concatenate usage which defines 16 bits or less with the
220 * currently defined usage page to form a 32 bit usage
221 */
222
complete_usage(struct hid_parser * parser,unsigned int index)223 static void complete_usage(struct hid_parser *parser, unsigned int index)
224 {
225 parser->local.usage[index] &= 0xFFFF;
226 parser->local.usage[index] |=
227 (parser->global.usage_page & 0xFFFF) << 16;
228 }
229
230 /*
231 * Add a usage to the temporary parser table.
232 */
233
hid_add_usage(struct hid_parser * parser,unsigned usage,u8 size)234 static int hid_add_usage(struct hid_parser *parser, unsigned usage, u8 size)
235 {
236 if (parser->local.usage_index >= HID_MAX_USAGES) {
237 hid_err(parser->device, "usage index exceeded\n");
238 return -1;
239 }
240 parser->local.usage[parser->local.usage_index] = usage;
241
242 /*
243 * If Usage item only includes usage id, concatenate it with
244 * currently defined usage page
245 */
246 if (size <= 2)
247 complete_usage(parser, parser->local.usage_index);
248
249 parser->local.usage_size[parser->local.usage_index] = size;
250 parser->local.collection_index[parser->local.usage_index] =
251 parser->collection_stack_ptr ?
252 parser->collection_stack[parser->collection_stack_ptr - 1] : 0;
253 parser->local.usage_index++;
254 return 0;
255 }
256
257 /*
258 * Register a new field for this report.
259 */
260
hid_add_field(struct hid_parser * parser,unsigned report_type,unsigned flags)261 static int hid_add_field(struct hid_parser *parser, unsigned report_type, unsigned flags)
262 {
263 struct hid_report *report;
264 struct hid_field *field;
265 unsigned int max_buffer_size = HID_MAX_BUFFER_SIZE;
266 unsigned int usages;
267 unsigned int offset;
268 unsigned int i;
269 unsigned int application;
270
271 application = hid_lookup_collection(parser, HID_COLLECTION_APPLICATION);
272
273 report = hid_register_report(parser->device, report_type,
274 parser->global.report_id, application);
275 if (!report) {
276 hid_err(parser->device, "hid_register_report failed\n");
277 return -1;
278 }
279
280 /* Handle both signed and unsigned cases properly */
281 if ((parser->global.logical_minimum < 0 &&
282 parser->global.logical_maximum <
283 parser->global.logical_minimum) ||
284 (parser->global.logical_minimum >= 0 &&
285 (__u32)parser->global.logical_maximum <
286 (__u32)parser->global.logical_minimum)) {
287 dbg_hid("logical range invalid 0x%x 0x%x\n",
288 parser->global.logical_minimum,
289 parser->global.logical_maximum);
290 return -1;
291 }
292
293 offset = report->size;
294 report->size += parser->global.report_size * parser->global.report_count;
295
296 if (IS_ENABLED(CONFIG_UHID) && parser->device->ll_driver == &uhid_hid_driver)
297 max_buffer_size = UHID_DATA_MAX;
298
299 /* Total size check: Allow for possible report index byte */
300 if (report->size > (max_buffer_size - 1) << 3) {
301 hid_err(parser->device, "report is too long\n");
302 return -1;
303 }
304
305 if (!parser->local.usage_index) /* Ignore padding fields */
306 return 0;
307
308 usages = max_t(unsigned, parser->local.usage_index,
309 parser->global.report_count);
310
311 field = hid_register_field(report, usages);
312 if (!field)
313 return 0;
314
315 field->physical = hid_lookup_collection(parser, HID_COLLECTION_PHYSICAL);
316 field->logical = hid_lookup_collection(parser, HID_COLLECTION_LOGICAL);
317 field->application = application;
318
319 for (i = 0; i < usages; i++) {
320 unsigned j = i;
321 /* Duplicate the last usage we parsed if we have excess values */
322 if (i >= parser->local.usage_index)
323 j = parser->local.usage_index - 1;
324 field->usage[i].hid = parser->local.usage[j];
325 field->usage[i].collection_index =
326 parser->local.collection_index[j];
327 field->usage[i].usage_index = i;
328 field->usage[i].resolution_multiplier = 1;
329 }
330
331 field->maxusage = usages;
332 field->flags = flags;
333 field->report_offset = offset;
334 field->report_type = report_type;
335 field->report_size = parser->global.report_size;
336 field->report_count = parser->global.report_count;
337 field->logical_minimum = parser->global.logical_minimum;
338 field->logical_maximum = parser->global.logical_maximum;
339 field->physical_minimum = parser->global.physical_minimum;
340 field->physical_maximum = parser->global.physical_maximum;
341 field->unit_exponent = parser->global.unit_exponent;
342 field->unit = parser->global.unit;
343
344 return 0;
345 }
346
347 /*
348 * Read data value from item.
349 */
350
item_udata(struct hid_item * item)351 static u32 item_udata(struct hid_item *item)
352 {
353 switch (item->size) {
354 case 1: return item->data.u8;
355 case 2: return item->data.u16;
356 case 4: return item->data.u32;
357 }
358 return 0;
359 }
360
item_sdata(struct hid_item * item)361 static s32 item_sdata(struct hid_item *item)
362 {
363 switch (item->size) {
364 case 1: return item->data.s8;
365 case 2: return item->data.s16;
366 case 4: return item->data.s32;
367 }
368 return 0;
369 }
370
371 /*
372 * Process a global item.
373 */
374
hid_parser_global(struct hid_parser * parser,struct hid_item * item)375 static int hid_parser_global(struct hid_parser *parser, struct hid_item *item)
376 {
377 __s32 raw_value;
378 switch (item->tag) {
379 case HID_GLOBAL_ITEM_TAG_PUSH:
380
381 if (parser->global_stack_ptr == HID_GLOBAL_STACK_SIZE) {
382 hid_err(parser->device, "global environment stack overflow\n");
383 return -1;
384 }
385
386 memcpy(parser->global_stack + parser->global_stack_ptr++,
387 &parser->global, sizeof(struct hid_global));
388 return 0;
389
390 case HID_GLOBAL_ITEM_TAG_POP:
391
392 if (!parser->global_stack_ptr) {
393 hid_err(parser->device, "global environment stack underflow\n");
394 return -1;
395 }
396
397 memcpy(&parser->global, parser->global_stack +
398 --parser->global_stack_ptr, sizeof(struct hid_global));
399 return 0;
400
401 case HID_GLOBAL_ITEM_TAG_USAGE_PAGE:
402 parser->global.usage_page = item_udata(item);
403 return 0;
404
405 case HID_GLOBAL_ITEM_TAG_LOGICAL_MINIMUM:
406 parser->global.logical_minimum = item_sdata(item);
407 return 0;
408
409 case HID_GLOBAL_ITEM_TAG_LOGICAL_MAXIMUM:
410 if (parser->global.logical_minimum < 0)
411 parser->global.logical_maximum = item_sdata(item);
412 else
413 parser->global.logical_maximum = item_udata(item);
414 return 0;
415
416 case HID_GLOBAL_ITEM_TAG_PHYSICAL_MINIMUM:
417 parser->global.physical_minimum = item_sdata(item);
418 return 0;
419
420 case HID_GLOBAL_ITEM_TAG_PHYSICAL_MAXIMUM:
421 if (parser->global.physical_minimum < 0)
422 parser->global.physical_maximum = item_sdata(item);
423 else
424 parser->global.physical_maximum = item_udata(item);
425 return 0;
426
427 case HID_GLOBAL_ITEM_TAG_UNIT_EXPONENT:
428 /* Many devices provide unit exponent as a two's complement
429 * nibble due to the common misunderstanding of HID
430 * specification 1.11, 6.2.2.7 Global Items. Attempt to handle
431 * both this and the standard encoding. */
432 raw_value = item_sdata(item);
433 if (!(raw_value & 0xfffffff0))
434 parser->global.unit_exponent = hid_snto32(raw_value, 4);
435 else
436 parser->global.unit_exponent = raw_value;
437 return 0;
438
439 case HID_GLOBAL_ITEM_TAG_UNIT:
440 parser->global.unit = item_udata(item);
441 return 0;
442
443 case HID_GLOBAL_ITEM_TAG_REPORT_SIZE:
444 parser->global.report_size = item_udata(item);
445 if (parser->global.report_size > 256) {
446 hid_err(parser->device, "invalid report_size %d\n",
447 parser->global.report_size);
448 return -1;
449 }
450 return 0;
451
452 case HID_GLOBAL_ITEM_TAG_REPORT_COUNT:
453 parser->global.report_count = item_udata(item);
454 if (parser->global.report_count > HID_MAX_USAGES) {
455 hid_err(parser->device, "invalid report_count %d\n",
456 parser->global.report_count);
457 return -1;
458 }
459 return 0;
460
461 case HID_GLOBAL_ITEM_TAG_REPORT_ID:
462 parser->global.report_id = item_udata(item);
463 if (parser->global.report_id == 0 ||
464 parser->global.report_id >= HID_MAX_IDS) {
465 hid_err(parser->device, "report_id %u is invalid\n",
466 parser->global.report_id);
467 return -1;
468 }
469 return 0;
470
471 default:
472 hid_err(parser->device, "unknown global tag 0x%x\n", item->tag);
473 return -1;
474 }
475 }
476
477 /*
478 * Process a local item.
479 */
480
hid_parser_local(struct hid_parser * parser,struct hid_item * item)481 static int hid_parser_local(struct hid_parser *parser, struct hid_item *item)
482 {
483 __u32 data;
484 unsigned n;
485 __u32 count;
486
487 data = item_udata(item);
488
489 switch (item->tag) {
490 case HID_LOCAL_ITEM_TAG_DELIMITER:
491
492 if (data) {
493 /*
494 * We treat items before the first delimiter
495 * as global to all usage sets (branch 0).
496 * In the moment we process only these global
497 * items and the first delimiter set.
498 */
499 if (parser->local.delimiter_depth != 0) {
500 hid_err(parser->device, "nested delimiters\n");
501 return -1;
502 }
503 parser->local.delimiter_depth++;
504 parser->local.delimiter_branch++;
505 } else {
506 if (parser->local.delimiter_depth < 1) {
507 hid_err(parser->device, "bogus close delimiter\n");
508 return -1;
509 }
510 parser->local.delimiter_depth--;
511 }
512 return 0;
513
514 case HID_LOCAL_ITEM_TAG_USAGE:
515
516 if (parser->local.delimiter_branch > 1) {
517 dbg_hid("alternative usage ignored\n");
518 return 0;
519 }
520
521 return hid_add_usage(parser, data, item->size);
522
523 case HID_LOCAL_ITEM_TAG_USAGE_MINIMUM:
524
525 if (parser->local.delimiter_branch > 1) {
526 dbg_hid("alternative usage ignored\n");
527 return 0;
528 }
529
530 parser->local.usage_minimum = data;
531 return 0;
532
533 case HID_LOCAL_ITEM_TAG_USAGE_MAXIMUM:
534
535 if (parser->local.delimiter_branch > 1) {
536 dbg_hid("alternative usage ignored\n");
537 return 0;
538 }
539
540 count = data - parser->local.usage_minimum;
541 if (count + parser->local.usage_index >= HID_MAX_USAGES) {
542 /*
543 * We do not warn if the name is not set, we are
544 * actually pre-scanning the device.
545 */
546 if (dev_name(&parser->device->dev))
547 hid_warn(parser->device,
548 "ignoring exceeding usage max\n");
549 data = HID_MAX_USAGES - parser->local.usage_index +
550 parser->local.usage_minimum - 1;
551 if (data <= 0) {
552 hid_err(parser->device,
553 "no more usage index available\n");
554 return -1;
555 }
556 }
557
558 for (n = parser->local.usage_minimum; n <= data; n++)
559 if (hid_add_usage(parser, n, item->size)) {
560 dbg_hid("hid_add_usage failed\n");
561 return -1;
562 }
563 return 0;
564
565 default:
566
567 dbg_hid("unknown local item tag 0x%x\n", item->tag);
568 return 0;
569 }
570 return 0;
571 }
572
573 /*
574 * Concatenate Usage Pages into Usages where relevant:
575 * As per specification, 6.2.2.8: "When the parser encounters a main item it
576 * concatenates the last declared Usage Page with a Usage to form a complete
577 * usage value."
578 */
579
hid_concatenate_last_usage_page(struct hid_parser * parser)580 static void hid_concatenate_last_usage_page(struct hid_parser *parser)
581 {
582 int i;
583 unsigned int usage_page;
584 unsigned int current_page;
585
586 if (!parser->local.usage_index)
587 return;
588
589 usage_page = parser->global.usage_page;
590
591 /*
592 * Concatenate usage page again only if last declared Usage Page
593 * has not been already used in previous usages concatenation
594 */
595 for (i = parser->local.usage_index - 1; i >= 0; i--) {
596 if (parser->local.usage_size[i] > 2)
597 /* Ignore extended usages */
598 continue;
599
600 current_page = parser->local.usage[i] >> 16;
601 if (current_page == usage_page)
602 break;
603
604 complete_usage(parser, i);
605 }
606 }
607
608 /*
609 * Process a main item.
610 */
611
hid_parser_main(struct hid_parser * parser,struct hid_item * item)612 static int hid_parser_main(struct hid_parser *parser, struct hid_item *item)
613 {
614 __u32 data;
615 int ret;
616
617 hid_concatenate_last_usage_page(parser);
618
619 data = item_udata(item);
620
621 switch (item->tag) {
622 case HID_MAIN_ITEM_TAG_BEGIN_COLLECTION:
623 ret = open_collection(parser, data & 0xff);
624 break;
625 case HID_MAIN_ITEM_TAG_END_COLLECTION:
626 ret = close_collection(parser);
627 break;
628 case HID_MAIN_ITEM_TAG_INPUT:
629 ret = hid_add_field(parser, HID_INPUT_REPORT, data);
630 break;
631 case HID_MAIN_ITEM_TAG_OUTPUT:
632 ret = hid_add_field(parser, HID_OUTPUT_REPORT, data);
633 break;
634 case HID_MAIN_ITEM_TAG_FEATURE:
635 ret = hid_add_field(parser, HID_FEATURE_REPORT, data);
636 break;
637 default:
638 hid_warn(parser->device, "unknown main item tag 0x%x\n", item->tag);
639 ret = 0;
640 }
641
642 memset(&parser->local, 0, sizeof(parser->local)); /* Reset the local parser environment */
643
644 return ret;
645 }
646
647 /*
648 * Process a reserved item.
649 */
650
hid_parser_reserved(struct hid_parser * parser,struct hid_item * item)651 static int hid_parser_reserved(struct hid_parser *parser, struct hid_item *item)
652 {
653 dbg_hid("reserved item type, tag 0x%x\n", item->tag);
654 return 0;
655 }
656
657 /*
658 * Free a report and all registered fields. The field->usage and
659 * field->value table's are allocated behind the field, so we need
660 * only to free(field) itself.
661 */
662
hid_free_report(struct hid_report * report)663 static void hid_free_report(struct hid_report *report)
664 {
665 unsigned n;
666
667 kfree(report->field_entries);
668
669 for (n = 0; n < report->maxfield; n++)
670 kfree(report->field[n]);
671 kfree(report);
672 }
673
674 /*
675 * Close report. This function returns the device
676 * state to the point prior to hid_open_report().
677 */
hid_close_report(struct hid_device * device)678 static void hid_close_report(struct hid_device *device)
679 {
680 unsigned i, j;
681
682 for (i = 0; i < HID_REPORT_TYPES; i++) {
683 struct hid_report_enum *report_enum = device->report_enum + i;
684
685 for (j = 0; j < HID_MAX_IDS; j++) {
686 struct hid_report *report = report_enum->report_id_hash[j];
687 if (report)
688 hid_free_report(report);
689 }
690 memset(report_enum, 0, sizeof(*report_enum));
691 INIT_LIST_HEAD(&report_enum->report_list);
692 }
693
694 kfree(device->rdesc);
695 device->rdesc = NULL;
696 device->rsize = 0;
697
698 kfree(device->collection);
699 device->collection = NULL;
700 device->collection_size = 0;
701 device->maxcollection = 0;
702 device->maxapplication = 0;
703
704 device->status &= ~HID_STAT_PARSED;
705 }
706
707 /*
708 * Free a device structure, all reports, and all fields.
709 */
710
hid_device_release(struct device * dev)711 static void hid_device_release(struct device *dev)
712 {
713 struct hid_device *hid = to_hid_device(dev);
714
715 hid_close_report(hid);
716 kfree(hid->dev_rdesc);
717 kfree(hid);
718 }
719
720 /*
721 * Fetch a report description item from the data stream. We support long
722 * items, though they are not used yet.
723 */
724
fetch_item(__u8 * start,__u8 * end,struct hid_item * item)725 static u8 *fetch_item(__u8 *start, __u8 *end, struct hid_item *item)
726 {
727 u8 b;
728
729 if ((end - start) <= 0)
730 return NULL;
731
732 b = *start++;
733
734 item->type = (b >> 2) & 3;
735 item->tag = (b >> 4) & 15;
736
737 if (item->tag == HID_ITEM_TAG_LONG) {
738
739 item->format = HID_ITEM_FORMAT_LONG;
740
741 if ((end - start) < 2)
742 return NULL;
743
744 item->size = *start++;
745 item->tag = *start++;
746
747 if ((end - start) < item->size)
748 return NULL;
749
750 item->data.longdata = start;
751 start += item->size;
752 return start;
753 }
754
755 item->format = HID_ITEM_FORMAT_SHORT;
756 item->size = b & 3;
757
758 switch (item->size) {
759 case 0:
760 return start;
761
762 case 1:
763 if ((end - start) < 1)
764 return NULL;
765 item->data.u8 = *start++;
766 return start;
767
768 case 2:
769 if ((end - start) < 2)
770 return NULL;
771 item->data.u16 = get_unaligned_le16(start);
772 start = (__u8 *)((__le16 *)start + 1);
773 return start;
774
775 case 3:
776 item->size++;
777 if ((end - start) < 4)
778 return NULL;
779 item->data.u32 = get_unaligned_le32(start);
780 start = (__u8 *)((__le32 *)start + 1);
781 return start;
782 }
783
784 return NULL;
785 }
786
hid_scan_input_usage(struct hid_parser * parser,u32 usage)787 static void hid_scan_input_usage(struct hid_parser *parser, u32 usage)
788 {
789 struct hid_device *hid = parser->device;
790
791 if (usage == HID_DG_CONTACTID)
792 hid->group = HID_GROUP_MULTITOUCH;
793 }
794
hid_scan_feature_usage(struct hid_parser * parser,u32 usage)795 static void hid_scan_feature_usage(struct hid_parser *parser, u32 usage)
796 {
797 if (usage == 0xff0000c5 && parser->global.report_count == 256 &&
798 parser->global.report_size == 8)
799 parser->scan_flags |= HID_SCAN_FLAG_MT_WIN_8;
800
801 if (usage == 0xff0000c6 && parser->global.report_count == 1 &&
802 parser->global.report_size == 8)
803 parser->scan_flags |= HID_SCAN_FLAG_MT_WIN_8;
804 }
805
hid_scan_collection(struct hid_parser * parser,unsigned type)806 static void hid_scan_collection(struct hid_parser *parser, unsigned type)
807 {
808 struct hid_device *hid = parser->device;
809 int i;
810
811 if (((parser->global.usage_page << 16) == HID_UP_SENSOR) &&
812 type == HID_COLLECTION_PHYSICAL)
813 hid->group = HID_GROUP_SENSOR_HUB;
814
815 if (hid->vendor == USB_VENDOR_ID_MICROSOFT &&
816 hid->product == USB_DEVICE_ID_MS_POWER_COVER &&
817 hid->group == HID_GROUP_MULTITOUCH)
818 hid->group = HID_GROUP_GENERIC;
819
820 if ((parser->global.usage_page << 16) == HID_UP_GENDESK)
821 for (i = 0; i < parser->local.usage_index; i++)
822 if (parser->local.usage[i] == HID_GD_POINTER)
823 parser->scan_flags |= HID_SCAN_FLAG_GD_POINTER;
824
825 if ((parser->global.usage_page << 16) >= HID_UP_MSVENDOR)
826 parser->scan_flags |= HID_SCAN_FLAG_VENDOR_SPECIFIC;
827
828 if ((parser->global.usage_page << 16) == HID_UP_GOOGLEVENDOR)
829 for (i = 0; i < parser->local.usage_index; i++)
830 if (parser->local.usage[i] ==
831 (HID_UP_GOOGLEVENDOR | 0x0001))
832 parser->device->group =
833 HID_GROUP_VIVALDI;
834 }
835
hid_scan_main(struct hid_parser * parser,struct hid_item * item)836 static int hid_scan_main(struct hid_parser *parser, struct hid_item *item)
837 {
838 __u32 data;
839 int i;
840
841 hid_concatenate_last_usage_page(parser);
842
843 data = item_udata(item);
844
845 switch (item->tag) {
846 case HID_MAIN_ITEM_TAG_BEGIN_COLLECTION:
847 hid_scan_collection(parser, data & 0xff);
848 break;
849 case HID_MAIN_ITEM_TAG_END_COLLECTION:
850 break;
851 case HID_MAIN_ITEM_TAG_INPUT:
852 /* ignore constant inputs, they will be ignored by hid-input */
853 if (data & HID_MAIN_ITEM_CONSTANT)
854 break;
855 for (i = 0; i < parser->local.usage_index; i++)
856 hid_scan_input_usage(parser, parser->local.usage[i]);
857 break;
858 case HID_MAIN_ITEM_TAG_OUTPUT:
859 break;
860 case HID_MAIN_ITEM_TAG_FEATURE:
861 for (i = 0; i < parser->local.usage_index; i++)
862 hid_scan_feature_usage(parser, parser->local.usage[i]);
863 break;
864 }
865
866 /* Reset the local parser environment */
867 memset(&parser->local, 0, sizeof(parser->local));
868
869 return 0;
870 }
871
872 /*
873 * Scan a report descriptor before the device is added to the bus.
874 * Sets device groups and other properties that determine what driver
875 * to load.
876 */
hid_scan_report(struct hid_device * hid)877 static int hid_scan_report(struct hid_device *hid)
878 {
879 struct hid_parser *parser;
880 struct hid_item item;
881 __u8 *start = hid->dev_rdesc;
882 __u8 *end = start + hid->dev_rsize;
883 static int (*dispatch_type[])(struct hid_parser *parser,
884 struct hid_item *item) = {
885 hid_scan_main,
886 hid_parser_global,
887 hid_parser_local,
888 hid_parser_reserved
889 };
890
891 parser = vzalloc(sizeof(struct hid_parser));
892 if (!parser)
893 return -ENOMEM;
894
895 parser->device = hid;
896 hid->group = HID_GROUP_GENERIC;
897
898 /*
899 * The parsing is simpler than the one in hid_open_report() as we should
900 * be robust against hid errors. Those errors will be raised by
901 * hid_open_report() anyway.
902 */
903 while ((start = fetch_item(start, end, &item)) != NULL)
904 dispatch_type[item.type](parser, &item);
905
906 /*
907 * Handle special flags set during scanning.
908 */
909 if ((parser->scan_flags & HID_SCAN_FLAG_MT_WIN_8) &&
910 (hid->group == HID_GROUP_MULTITOUCH))
911 hid->group = HID_GROUP_MULTITOUCH_WIN_8;
912
913 /*
914 * Vendor specific handlings
915 */
916 switch (hid->vendor) {
917 case USB_VENDOR_ID_WACOM:
918 hid->group = HID_GROUP_WACOM;
919 break;
920 case USB_VENDOR_ID_SYNAPTICS:
921 if (hid->group == HID_GROUP_GENERIC)
922 if ((parser->scan_flags & HID_SCAN_FLAG_VENDOR_SPECIFIC)
923 && (parser->scan_flags & HID_SCAN_FLAG_GD_POINTER))
924 /*
925 * hid-rmi should take care of them,
926 * not hid-generic
927 */
928 hid->group = HID_GROUP_RMI;
929 break;
930 }
931
932 kfree(parser->collection_stack);
933 vfree(parser);
934 return 0;
935 }
936
937 /**
938 * hid_parse_report - parse device report
939 *
940 * @hid: hid device
941 * @start: report start
942 * @size: report size
943 *
944 * Allocate the device report as read by the bus driver. This function should
945 * only be called from parse() in ll drivers.
946 */
hid_parse_report(struct hid_device * hid,__u8 * start,unsigned size)947 int hid_parse_report(struct hid_device *hid, __u8 *start, unsigned size)
948 {
949 hid->dev_rdesc = kmemdup(start, size, GFP_KERNEL);
950 if (!hid->dev_rdesc)
951 return -ENOMEM;
952 hid->dev_rsize = size;
953 return 0;
954 }
955 EXPORT_SYMBOL_GPL(hid_parse_report);
956
957 static const char * const hid_report_names[] = {
958 "HID_INPUT_REPORT",
959 "HID_OUTPUT_REPORT",
960 "HID_FEATURE_REPORT",
961 };
962 /**
963 * hid_validate_values - validate existing device report's value indexes
964 *
965 * @hid: hid device
966 * @type: which report type to examine
967 * @id: which report ID to examine (0 for first)
968 * @field_index: which report field to examine
969 * @report_counts: expected number of values
970 *
971 * Validate the number of values in a given field of a given report, after
972 * parsing.
973 */
hid_validate_values(struct hid_device * hid,enum hid_report_type type,unsigned int id,unsigned int field_index,unsigned int report_counts)974 struct hid_report *hid_validate_values(struct hid_device *hid,
975 enum hid_report_type type, unsigned int id,
976 unsigned int field_index,
977 unsigned int report_counts)
978 {
979 struct hid_report *report;
980
981 if (type > HID_FEATURE_REPORT) {
982 hid_err(hid, "invalid HID report type %u\n", type);
983 return NULL;
984 }
985
986 if (id >= HID_MAX_IDS) {
987 hid_err(hid, "invalid HID report id %u\n", id);
988 return NULL;
989 }
990
991 /*
992 * Explicitly not using hid_get_report() here since it depends on
993 * ->numbered being checked, which may not always be the case when
994 * drivers go to access report values.
995 */
996 if (id == 0) {
997 /*
998 * Validating on id 0 means we should examine the first
999 * report in the list.
1000 */
1001 report = list_first_entry_or_null(
1002 &hid->report_enum[type].report_list,
1003 struct hid_report, list);
1004 } else {
1005 report = hid->report_enum[type].report_id_hash[id];
1006 }
1007 if (!report) {
1008 hid_err(hid, "missing %s %u\n", hid_report_names[type], id);
1009 return NULL;
1010 }
1011 if (report->maxfield <= field_index) {
1012 hid_err(hid, "not enough fields in %s %u\n",
1013 hid_report_names[type], id);
1014 return NULL;
1015 }
1016 if (report->field[field_index]->report_count < report_counts) {
1017 hid_err(hid, "not enough values in %s %u field %u\n",
1018 hid_report_names[type], id, field_index);
1019 return NULL;
1020 }
1021 return report;
1022 }
1023 EXPORT_SYMBOL_GPL(hid_validate_values);
1024
hid_calculate_multiplier(struct hid_device * hid,struct hid_field * multiplier)1025 static int hid_calculate_multiplier(struct hid_device *hid,
1026 struct hid_field *multiplier)
1027 {
1028 int m;
1029 __s32 v = *multiplier->value;
1030 __s32 lmin = multiplier->logical_minimum;
1031 __s32 lmax = multiplier->logical_maximum;
1032 __s32 pmin = multiplier->physical_minimum;
1033 __s32 pmax = multiplier->physical_maximum;
1034
1035 /*
1036 * "Because OS implementations will generally divide the control's
1037 * reported count by the Effective Resolution Multiplier, designers
1038 * should take care not to establish a potential Effective
1039 * Resolution Multiplier of zero."
1040 * HID Usage Table, v1.12, Section 4.3.1, p31
1041 */
1042 if (lmax - lmin == 0)
1043 return 1;
1044 /*
1045 * Handling the unit exponent is left as an exercise to whoever
1046 * finds a device where that exponent is not 0.
1047 */
1048 m = ((v - lmin)/(lmax - lmin) * (pmax - pmin) + pmin);
1049 if (unlikely(multiplier->unit_exponent != 0)) {
1050 hid_warn(hid,
1051 "unsupported Resolution Multiplier unit exponent %d\n",
1052 multiplier->unit_exponent);
1053 }
1054
1055 /* There are no devices with an effective multiplier > 255 */
1056 if (unlikely(m == 0 || m > 255 || m < -255)) {
1057 hid_warn(hid, "unsupported Resolution Multiplier %d\n", m);
1058 m = 1;
1059 }
1060
1061 return m;
1062 }
1063
hid_apply_multiplier_to_field(struct hid_device * hid,struct hid_field * field,struct hid_collection * multiplier_collection,int effective_multiplier)1064 static void hid_apply_multiplier_to_field(struct hid_device *hid,
1065 struct hid_field *field,
1066 struct hid_collection *multiplier_collection,
1067 int effective_multiplier)
1068 {
1069 struct hid_collection *collection;
1070 struct hid_usage *usage;
1071 int i;
1072
1073 /*
1074 * If multiplier_collection is NULL, the multiplier applies
1075 * to all fields in the report.
1076 * Otherwise, it is the Logical Collection the multiplier applies to
1077 * but our field may be in a subcollection of that collection.
1078 */
1079 for (i = 0; i < field->maxusage; i++) {
1080 usage = &field->usage[i];
1081
1082 collection = &hid->collection[usage->collection_index];
1083 while (collection->parent_idx != -1 &&
1084 collection != multiplier_collection)
1085 collection = &hid->collection[collection->parent_idx];
1086
1087 if (collection->parent_idx != -1 ||
1088 multiplier_collection == NULL)
1089 usage->resolution_multiplier = effective_multiplier;
1090
1091 }
1092 }
1093
hid_apply_multiplier(struct hid_device * hid,struct hid_field * multiplier)1094 static void hid_apply_multiplier(struct hid_device *hid,
1095 struct hid_field *multiplier)
1096 {
1097 struct hid_report_enum *rep_enum;
1098 struct hid_report *rep;
1099 struct hid_field *field;
1100 struct hid_collection *multiplier_collection;
1101 int effective_multiplier;
1102 int i;
1103
1104 /*
1105 * "The Resolution Multiplier control must be contained in the same
1106 * Logical Collection as the control(s) to which it is to be applied.
1107 * If no Resolution Multiplier is defined, then the Resolution
1108 * Multiplier defaults to 1. If more than one control exists in a
1109 * Logical Collection, the Resolution Multiplier is associated with
1110 * all controls in the collection. If no Logical Collection is
1111 * defined, the Resolution Multiplier is associated with all
1112 * controls in the report."
1113 * HID Usage Table, v1.12, Section 4.3.1, p30
1114 *
1115 * Thus, search from the current collection upwards until we find a
1116 * logical collection. Then search all fields for that same parent
1117 * collection. Those are the fields the multiplier applies to.
1118 *
1119 * If we have more than one multiplier, it will overwrite the
1120 * applicable fields later.
1121 */
1122 multiplier_collection = &hid->collection[multiplier->usage->collection_index];
1123 while (multiplier_collection->parent_idx != -1 &&
1124 multiplier_collection->type != HID_COLLECTION_LOGICAL)
1125 multiplier_collection = &hid->collection[multiplier_collection->parent_idx];
1126
1127 effective_multiplier = hid_calculate_multiplier(hid, multiplier);
1128
1129 rep_enum = &hid->report_enum[HID_INPUT_REPORT];
1130 list_for_each_entry(rep, &rep_enum->report_list, list) {
1131 for (i = 0; i < rep->maxfield; i++) {
1132 field = rep->field[i];
1133 hid_apply_multiplier_to_field(hid, field,
1134 multiplier_collection,
1135 effective_multiplier);
1136 }
1137 }
1138 }
1139
1140 /*
1141 * hid_setup_resolution_multiplier - set up all resolution multipliers
1142 *
1143 * @device: hid device
1144 *
1145 * Search for all Resolution Multiplier Feature Reports and apply their
1146 * value to all matching Input items. This only updates the internal struct
1147 * fields.
1148 *
1149 * The Resolution Multiplier is applied by the hardware. If the multiplier
1150 * is anything other than 1, the hardware will send pre-multiplied events
1151 * so that the same physical interaction generates an accumulated
1152 * accumulated_value = value * * multiplier
1153 * This may be achieved by sending
1154 * - "value * multiplier" for each event, or
1155 * - "value" but "multiplier" times as frequently, or
1156 * - a combination of the above
1157 * The only guarantee is that the same physical interaction always generates
1158 * an accumulated 'value * multiplier'.
1159 *
1160 * This function must be called before any event processing and after
1161 * any SetRequest to the Resolution Multiplier.
1162 */
hid_setup_resolution_multiplier(struct hid_device * hid)1163 void hid_setup_resolution_multiplier(struct hid_device *hid)
1164 {
1165 struct hid_report_enum *rep_enum;
1166 struct hid_report *rep;
1167 struct hid_usage *usage;
1168 int i, j;
1169
1170 rep_enum = &hid->report_enum[HID_FEATURE_REPORT];
1171 list_for_each_entry(rep, &rep_enum->report_list, list) {
1172 for (i = 0; i < rep->maxfield; i++) {
1173 /* Ignore if report count is out of bounds. */
1174 if (rep->field[i]->report_count < 1)
1175 continue;
1176
1177 for (j = 0; j < rep->field[i]->maxusage; j++) {
1178 usage = &rep->field[i]->usage[j];
1179 if (usage->hid == HID_GD_RESOLUTION_MULTIPLIER)
1180 hid_apply_multiplier(hid,
1181 rep->field[i]);
1182 }
1183 }
1184 }
1185 }
1186 EXPORT_SYMBOL_GPL(hid_setup_resolution_multiplier);
1187
1188 /**
1189 * hid_open_report - open a driver-specific device report
1190 *
1191 * @device: hid device
1192 *
1193 * Parse a report description into a hid_device structure. Reports are
1194 * enumerated, fields are attached to these reports.
1195 * 0 returned on success, otherwise nonzero error value.
1196 *
1197 * This function (or the equivalent hid_parse() macro) should only be
1198 * called from probe() in drivers, before starting the device.
1199 */
hid_open_report(struct hid_device * device)1200 int hid_open_report(struct hid_device *device)
1201 {
1202 struct hid_parser *parser;
1203 struct hid_item item;
1204 unsigned int size;
1205 __u8 *start;
1206 __u8 *buf;
1207 __u8 *end;
1208 __u8 *next;
1209 int ret;
1210 int i;
1211 static int (*dispatch_type[])(struct hid_parser *parser,
1212 struct hid_item *item) = {
1213 hid_parser_main,
1214 hid_parser_global,
1215 hid_parser_local,
1216 hid_parser_reserved
1217 };
1218
1219 if (WARN_ON(device->status & HID_STAT_PARSED))
1220 return -EBUSY;
1221
1222 start = device->dev_rdesc;
1223 if (WARN_ON(!start))
1224 return -ENODEV;
1225 size = device->dev_rsize;
1226
1227 buf = kmemdup(start, size, GFP_KERNEL);
1228 if (buf == NULL)
1229 return -ENOMEM;
1230
1231 if (device->driver->report_fixup)
1232 start = device->driver->report_fixup(device, buf, &size);
1233 else
1234 start = buf;
1235
1236 start = kmemdup(start, size, GFP_KERNEL);
1237 kfree(buf);
1238 if (start == NULL)
1239 return -ENOMEM;
1240
1241 device->rdesc = start;
1242 device->rsize = size;
1243
1244 parser = vzalloc(sizeof(struct hid_parser));
1245 if (!parser) {
1246 ret = -ENOMEM;
1247 goto alloc_err;
1248 }
1249
1250 parser->device = device;
1251
1252 end = start + size;
1253
1254 device->collection = kcalloc(HID_DEFAULT_NUM_COLLECTIONS,
1255 sizeof(struct hid_collection), GFP_KERNEL);
1256 if (!device->collection) {
1257 ret = -ENOMEM;
1258 goto err;
1259 }
1260 device->collection_size = HID_DEFAULT_NUM_COLLECTIONS;
1261 for (i = 0; i < HID_DEFAULT_NUM_COLLECTIONS; i++)
1262 device->collection[i].parent_idx = -1;
1263
1264 ret = -EINVAL;
1265 while ((next = fetch_item(start, end, &item)) != NULL) {
1266 start = next;
1267
1268 if (item.format != HID_ITEM_FORMAT_SHORT) {
1269 hid_err(device, "unexpected long global item\n");
1270 goto err;
1271 }
1272
1273 if (dispatch_type[item.type](parser, &item)) {
1274 hid_err(device, "item %u %u %u %u parsing failed\n",
1275 item.format, (unsigned)item.size,
1276 (unsigned)item.type, (unsigned)item.tag);
1277 goto err;
1278 }
1279
1280 if (start == end) {
1281 if (parser->collection_stack_ptr) {
1282 hid_err(device, "unbalanced collection at end of report description\n");
1283 goto err;
1284 }
1285 if (parser->local.delimiter_depth) {
1286 hid_err(device, "unbalanced delimiter at end of report description\n");
1287 goto err;
1288 }
1289
1290 /*
1291 * fetch initial values in case the device's
1292 * default multiplier isn't the recommended 1
1293 */
1294 hid_setup_resolution_multiplier(device);
1295
1296 kfree(parser->collection_stack);
1297 vfree(parser);
1298 device->status |= HID_STAT_PARSED;
1299
1300 return 0;
1301 }
1302 }
1303
1304 hid_err(device, "item fetching failed at offset %u/%u\n",
1305 size - (unsigned int)(end - start), size);
1306 err:
1307 kfree(parser->collection_stack);
1308 alloc_err:
1309 vfree(parser);
1310 hid_close_report(device);
1311 return ret;
1312 }
1313 EXPORT_SYMBOL_GPL(hid_open_report);
1314
1315 /*
1316 * Convert a signed n-bit integer to signed 32-bit integer. Common
1317 * cases are done through the compiler, the screwed things has to be
1318 * done by hand.
1319 */
1320
snto32(__u32 value,unsigned n)1321 static s32 snto32(__u32 value, unsigned n)
1322 {
1323 if (!value || !n)
1324 return 0;
1325
1326 if (n > 32)
1327 n = 32;
1328
1329 switch (n) {
1330 case 8: return ((__s8)value);
1331 case 16: return ((__s16)value);
1332 case 32: return ((__s32)value);
1333 }
1334 return value & (1 << (n - 1)) ? value | (~0U << n) : value;
1335 }
1336
hid_snto32(__u32 value,unsigned n)1337 s32 hid_snto32(__u32 value, unsigned n)
1338 {
1339 return snto32(value, n);
1340 }
1341 EXPORT_SYMBOL_GPL(hid_snto32);
1342
1343 /*
1344 * Convert a signed 32-bit integer to a signed n-bit integer.
1345 */
1346
s32ton(__s32 value,unsigned n)1347 static u32 s32ton(__s32 value, unsigned n)
1348 {
1349 s32 a = value >> (n - 1);
1350 if (a && a != -1)
1351 return value < 0 ? 1 << (n - 1) : (1 << (n - 1)) - 1;
1352 return value & ((1 << n) - 1);
1353 }
1354
1355 /*
1356 * Extract/implement a data field from/to a little endian report (bit array).
1357 *
1358 * Code sort-of follows HID spec:
1359 * http://www.usb.org/developers/hidpage/HID1_11.pdf
1360 *
1361 * While the USB HID spec allows unlimited length bit fields in "report
1362 * descriptors", most devices never use more than 16 bits.
1363 * One model of UPS is claimed to report "LINEV" as a 32-bit field.
1364 * Search linux-kernel and linux-usb-devel archives for "hid-core extract".
1365 */
1366
__extract(u8 * report,unsigned offset,int n)1367 static u32 __extract(u8 *report, unsigned offset, int n)
1368 {
1369 unsigned int idx = offset / 8;
1370 unsigned int bit_nr = 0;
1371 unsigned int bit_shift = offset % 8;
1372 int bits_to_copy = 8 - bit_shift;
1373 u32 value = 0;
1374 u32 mask = n < 32 ? (1U << n) - 1 : ~0U;
1375
1376 while (n > 0) {
1377 value |= ((u32)report[idx] >> bit_shift) << bit_nr;
1378 n -= bits_to_copy;
1379 bit_nr += bits_to_copy;
1380 bits_to_copy = 8;
1381 bit_shift = 0;
1382 idx++;
1383 }
1384
1385 return value & mask;
1386 }
1387
hid_field_extract(const struct hid_device * hid,u8 * report,unsigned offset,unsigned n)1388 u32 hid_field_extract(const struct hid_device *hid, u8 *report,
1389 unsigned offset, unsigned n)
1390 {
1391 if (n > 32) {
1392 hid_warn_once(hid, "%s() called with n (%d) > 32! (%s)\n",
1393 __func__, n, current->comm);
1394 n = 32;
1395 }
1396
1397 return __extract(report, offset, n);
1398 }
1399 EXPORT_SYMBOL_GPL(hid_field_extract);
1400
1401 /*
1402 * "implement" : set bits in a little endian bit stream.
1403 * Same concepts as "extract" (see comments above).
1404 * The data mangled in the bit stream remains in little endian
1405 * order the whole time. It make more sense to talk about
1406 * endianness of register values by considering a register
1407 * a "cached" copy of the little endian bit stream.
1408 */
1409
__implement(u8 * report,unsigned offset,int n,u32 value)1410 static void __implement(u8 *report, unsigned offset, int n, u32 value)
1411 {
1412 unsigned int idx = offset / 8;
1413 unsigned int bit_shift = offset % 8;
1414 int bits_to_set = 8 - bit_shift;
1415
1416 while (n - bits_to_set >= 0) {
1417 report[idx] &= ~(0xff << bit_shift);
1418 report[idx] |= value << bit_shift;
1419 value >>= bits_to_set;
1420 n -= bits_to_set;
1421 bits_to_set = 8;
1422 bit_shift = 0;
1423 idx++;
1424 }
1425
1426 /* last nibble */
1427 if (n) {
1428 u8 bit_mask = ((1U << n) - 1);
1429 report[idx] &= ~(bit_mask << bit_shift);
1430 report[idx] |= value << bit_shift;
1431 }
1432 }
1433
implement(const struct hid_device * hid,u8 * report,unsigned offset,unsigned n,u32 value)1434 static void implement(const struct hid_device *hid, u8 *report,
1435 unsigned offset, unsigned n, u32 value)
1436 {
1437 if (unlikely(n > 32)) {
1438 hid_warn(hid, "%s() called with n (%d) > 32! (%s)\n",
1439 __func__, n, current->comm);
1440 n = 32;
1441 } else if (n < 32) {
1442 u32 m = (1U << n) - 1;
1443
1444 if (unlikely(value > m)) {
1445 hid_warn(hid,
1446 "%s() called with too large value %d (n: %d)! (%s)\n",
1447 __func__, value, n, current->comm);
1448 WARN_ON(1);
1449 value &= m;
1450 }
1451 }
1452
1453 __implement(report, offset, n, value);
1454 }
1455
1456 /*
1457 * Search an array for a value.
1458 */
1459
search(__s32 * array,__s32 value,unsigned n)1460 static int search(__s32 *array, __s32 value, unsigned n)
1461 {
1462 while (n--) {
1463 if (*array++ == value)
1464 return 0;
1465 }
1466 return -1;
1467 }
1468
1469 /**
1470 * hid_match_report - check if driver's raw_event should be called
1471 *
1472 * @hid: hid device
1473 * @report: hid report to match against
1474 *
1475 * compare hid->driver->report_table->report_type to report->type
1476 */
hid_match_report(struct hid_device * hid,struct hid_report * report)1477 static int hid_match_report(struct hid_device *hid, struct hid_report *report)
1478 {
1479 const struct hid_report_id *id = hid->driver->report_table;
1480
1481 if (!id) /* NULL means all */
1482 return 1;
1483
1484 for (; id->report_type != HID_TERMINATOR; id++)
1485 if (id->report_type == HID_ANY_ID ||
1486 id->report_type == report->type)
1487 return 1;
1488 return 0;
1489 }
1490
1491 /**
1492 * hid_match_usage - check if driver's event should be called
1493 *
1494 * @hid: hid device
1495 * @usage: usage to match against
1496 *
1497 * compare hid->driver->usage_table->usage_{type,code} to
1498 * usage->usage_{type,code}
1499 */
hid_match_usage(struct hid_device * hid,struct hid_usage * usage)1500 static int hid_match_usage(struct hid_device *hid, struct hid_usage *usage)
1501 {
1502 const struct hid_usage_id *id = hid->driver->usage_table;
1503
1504 if (!id) /* NULL means all */
1505 return 1;
1506
1507 for (; id->usage_type != HID_ANY_ID - 1; id++)
1508 if ((id->usage_hid == HID_ANY_ID ||
1509 id->usage_hid == usage->hid) &&
1510 (id->usage_type == HID_ANY_ID ||
1511 id->usage_type == usage->type) &&
1512 (id->usage_code == HID_ANY_ID ||
1513 id->usage_code == usage->code))
1514 return 1;
1515 return 0;
1516 }
1517
hid_process_event(struct hid_device * hid,struct hid_field * field,struct hid_usage * usage,__s32 value,int interrupt)1518 static void hid_process_event(struct hid_device *hid, struct hid_field *field,
1519 struct hid_usage *usage, __s32 value, int interrupt)
1520 {
1521 struct hid_driver *hdrv = hid->driver;
1522 int ret;
1523
1524 if (!list_empty(&hid->debug_list))
1525 hid_dump_input(hid, usage, value);
1526
1527 if (hdrv && hdrv->event && hid_match_usage(hid, usage)) {
1528 ret = hdrv->event(hid, field, usage, value);
1529 if (ret != 0) {
1530 if (ret < 0)
1531 hid_err(hid, "%s's event failed with %d\n",
1532 hdrv->name, ret);
1533 return;
1534 }
1535 }
1536
1537 if (hid->claimed & HID_CLAIMED_INPUT)
1538 hidinput_hid_event(hid, field, usage, value);
1539 if (hid->claimed & HID_CLAIMED_HIDDEV && interrupt && hid->hiddev_hid_event)
1540 hid->hiddev_hid_event(hid, field, usage, value);
1541 }
1542
1543 /*
1544 * Checks if the given value is valid within this field
1545 */
hid_array_value_is_valid(struct hid_field * field,__s32 value)1546 static inline int hid_array_value_is_valid(struct hid_field *field,
1547 __s32 value)
1548 {
1549 __s32 min = field->logical_minimum;
1550
1551 /*
1552 * Value needs to be between logical min and max, and
1553 * (value - min) is used as an index in the usage array.
1554 * This array is of size field->maxusage
1555 */
1556 return value >= min &&
1557 value <= field->logical_maximum &&
1558 value - min < field->maxusage;
1559 }
1560
1561 /*
1562 * Fetch the field from the data. The field content is stored for next
1563 * report processing (we do differential reporting to the layer).
1564 */
hid_input_fetch_field(struct hid_device * hid,struct hid_field * field,__u8 * data)1565 static void hid_input_fetch_field(struct hid_device *hid,
1566 struct hid_field *field,
1567 __u8 *data)
1568 {
1569 unsigned n;
1570 unsigned count = field->report_count;
1571 unsigned offset = field->report_offset;
1572 unsigned size = field->report_size;
1573 __s32 min = field->logical_minimum;
1574 __s32 *value;
1575
1576 value = field->new_value;
1577 memset(value, 0, count * sizeof(__s32));
1578 field->ignored = false;
1579
1580 for (n = 0; n < count; n++) {
1581
1582 value[n] = min < 0 ?
1583 snto32(hid_field_extract(hid, data, offset + n * size,
1584 size), size) :
1585 hid_field_extract(hid, data, offset + n * size, size);
1586
1587 /* Ignore report if ErrorRollOver */
1588 if (!(field->flags & HID_MAIN_ITEM_VARIABLE) &&
1589 hid_array_value_is_valid(field, value[n]) &&
1590 field->usage[value[n] - min].hid == HID_UP_KEYBOARD + 1) {
1591 field->ignored = true;
1592 return;
1593 }
1594 }
1595 }
1596
1597 /*
1598 * Process a received variable field.
1599 */
1600
hid_input_var_field(struct hid_device * hid,struct hid_field * field,int interrupt)1601 static void hid_input_var_field(struct hid_device *hid,
1602 struct hid_field *field,
1603 int interrupt)
1604 {
1605 unsigned int count = field->report_count;
1606 __s32 *value = field->new_value;
1607 unsigned int n;
1608
1609 for (n = 0; n < count; n++)
1610 hid_process_event(hid,
1611 field,
1612 &field->usage[n],
1613 value[n],
1614 interrupt);
1615
1616 memcpy(field->value, value, count * sizeof(__s32));
1617 }
1618
1619 /*
1620 * Process a received array field. The field content is stored for
1621 * next report processing (we do differential reporting to the layer).
1622 */
1623
hid_input_array_field(struct hid_device * hid,struct hid_field * field,int interrupt)1624 static void hid_input_array_field(struct hid_device *hid,
1625 struct hid_field *field,
1626 int interrupt)
1627 {
1628 unsigned int n;
1629 unsigned int count = field->report_count;
1630 __s32 min = field->logical_minimum;
1631 __s32 *value;
1632
1633 value = field->new_value;
1634
1635 /* ErrorRollOver */
1636 if (field->ignored)
1637 return;
1638
1639 for (n = 0; n < count; n++) {
1640 if (hid_array_value_is_valid(field, field->value[n]) &&
1641 search(value, field->value[n], count))
1642 hid_process_event(hid,
1643 field,
1644 &field->usage[field->value[n] - min],
1645 0,
1646 interrupt);
1647
1648 if (hid_array_value_is_valid(field, value[n]) &&
1649 search(field->value, value[n], count))
1650 hid_process_event(hid,
1651 field,
1652 &field->usage[value[n] - min],
1653 1,
1654 interrupt);
1655 }
1656
1657 memcpy(field->value, value, count * sizeof(__s32));
1658 }
1659
1660 /*
1661 * Analyse a received report, and fetch the data from it. The field
1662 * content is stored for next report processing (we do differential
1663 * reporting to the layer).
1664 */
hid_process_report(struct hid_device * hid,struct hid_report * report,__u8 * data,int interrupt)1665 static void hid_process_report(struct hid_device *hid,
1666 struct hid_report *report,
1667 __u8 *data,
1668 int interrupt)
1669 {
1670 unsigned int a;
1671 struct hid_field_entry *entry;
1672 struct hid_field *field;
1673
1674 /* first retrieve all incoming values in data */
1675 for (a = 0; a < report->maxfield; a++)
1676 hid_input_fetch_field(hid, report->field[a], data);
1677
1678 if (!list_empty(&report->field_entry_list)) {
1679 /* INPUT_REPORT, we have a priority list of fields */
1680 list_for_each_entry(entry,
1681 &report->field_entry_list,
1682 list) {
1683 field = entry->field;
1684
1685 if (field->flags & HID_MAIN_ITEM_VARIABLE)
1686 hid_process_event(hid,
1687 field,
1688 &field->usage[entry->index],
1689 field->new_value[entry->index],
1690 interrupt);
1691 else
1692 hid_input_array_field(hid, field, interrupt);
1693 }
1694
1695 /* we need to do the memcpy at the end for var items */
1696 for (a = 0; a < report->maxfield; a++) {
1697 field = report->field[a];
1698
1699 if (field->flags & HID_MAIN_ITEM_VARIABLE)
1700 memcpy(field->value, field->new_value,
1701 field->report_count * sizeof(__s32));
1702 }
1703 } else {
1704 /* FEATURE_REPORT, regular processing */
1705 for (a = 0; a < report->maxfield; a++) {
1706 field = report->field[a];
1707
1708 if (field->flags & HID_MAIN_ITEM_VARIABLE)
1709 hid_input_var_field(hid, field, interrupt);
1710 else
1711 hid_input_array_field(hid, field, interrupt);
1712 }
1713 }
1714 }
1715
1716 /*
1717 * Insert a given usage_index in a field in the list
1718 * of processed usages in the report.
1719 *
1720 * The elements of lower priority score are processed
1721 * first.
1722 */
__hid_insert_field_entry(struct hid_device * hid,struct hid_report * report,struct hid_field_entry * entry,struct hid_field * field,unsigned int usage_index)1723 static void __hid_insert_field_entry(struct hid_device *hid,
1724 struct hid_report *report,
1725 struct hid_field_entry *entry,
1726 struct hid_field *field,
1727 unsigned int usage_index)
1728 {
1729 struct hid_field_entry *next;
1730
1731 entry->field = field;
1732 entry->index = usage_index;
1733 entry->priority = field->usages_priorities[usage_index];
1734
1735 /* insert the element at the correct position */
1736 list_for_each_entry(next,
1737 &report->field_entry_list,
1738 list) {
1739 /*
1740 * the priority of our element is strictly higher
1741 * than the next one, insert it before
1742 */
1743 if (entry->priority > next->priority) {
1744 list_add_tail(&entry->list, &next->list);
1745 return;
1746 }
1747 }
1748
1749 /* lowest priority score: insert at the end */
1750 list_add_tail(&entry->list, &report->field_entry_list);
1751 }
1752
hid_report_process_ordering(struct hid_device * hid,struct hid_report * report)1753 static void hid_report_process_ordering(struct hid_device *hid,
1754 struct hid_report *report)
1755 {
1756 struct hid_field *field;
1757 struct hid_field_entry *entries;
1758 unsigned int a, u, usages;
1759 unsigned int count = 0;
1760
1761 /* count the number of individual fields in the report */
1762 for (a = 0; a < report->maxfield; a++) {
1763 field = report->field[a];
1764
1765 if (field->flags & HID_MAIN_ITEM_VARIABLE)
1766 count += field->report_count;
1767 else
1768 count++;
1769 }
1770
1771 /* allocate the memory to process the fields */
1772 entries = kcalloc(count, sizeof(*entries), GFP_KERNEL);
1773 if (!entries)
1774 return;
1775
1776 report->field_entries = entries;
1777
1778 /*
1779 * walk through all fields in the report and
1780 * store them by priority order in report->field_entry_list
1781 *
1782 * - Var elements are individualized (field + usage_index)
1783 * - Arrays are taken as one, we can not chose an order for them
1784 */
1785 usages = 0;
1786 for (a = 0; a < report->maxfield; a++) {
1787 field = report->field[a];
1788
1789 if (field->flags & HID_MAIN_ITEM_VARIABLE) {
1790 for (u = 0; u < field->report_count; u++) {
1791 __hid_insert_field_entry(hid, report,
1792 &entries[usages],
1793 field, u);
1794 usages++;
1795 }
1796 } else {
1797 __hid_insert_field_entry(hid, report, &entries[usages],
1798 field, 0);
1799 usages++;
1800 }
1801 }
1802 }
1803
hid_process_ordering(struct hid_device * hid)1804 static void hid_process_ordering(struct hid_device *hid)
1805 {
1806 struct hid_report *report;
1807 struct hid_report_enum *report_enum = &hid->report_enum[HID_INPUT_REPORT];
1808
1809 list_for_each_entry(report, &report_enum->report_list, list)
1810 hid_report_process_ordering(hid, report);
1811 }
1812
1813 /*
1814 * Output the field into the report.
1815 */
1816
hid_output_field(const struct hid_device * hid,struct hid_field * field,__u8 * data)1817 static void hid_output_field(const struct hid_device *hid,
1818 struct hid_field *field, __u8 *data)
1819 {
1820 unsigned count = field->report_count;
1821 unsigned offset = field->report_offset;
1822 unsigned size = field->report_size;
1823 unsigned n;
1824
1825 for (n = 0; n < count; n++) {
1826 if (field->logical_minimum < 0) /* signed values */
1827 implement(hid, data, offset + n * size, size,
1828 s32ton(field->value[n], size));
1829 else /* unsigned values */
1830 implement(hid, data, offset + n * size, size,
1831 field->value[n]);
1832 }
1833 }
1834
1835 /*
1836 * Compute the size of a report.
1837 */
hid_compute_report_size(struct hid_report * report)1838 static size_t hid_compute_report_size(struct hid_report *report)
1839 {
1840 if (report->size)
1841 return ((report->size - 1) >> 3) + 1;
1842
1843 return 0;
1844 }
1845
1846 /*
1847 * Create a report. 'data' has to be allocated using
1848 * hid_alloc_report_buf() so that it has proper size.
1849 */
1850
hid_output_report(struct hid_report * report,__u8 * data)1851 void hid_output_report(struct hid_report *report, __u8 *data)
1852 {
1853 unsigned n;
1854
1855 if (report->id > 0)
1856 *data++ = report->id;
1857
1858 memset(data, 0, hid_compute_report_size(report));
1859 for (n = 0; n < report->maxfield; n++)
1860 hid_output_field(report->device, report->field[n], data);
1861 }
1862 EXPORT_SYMBOL_GPL(hid_output_report);
1863
1864 /*
1865 * Allocator for buffer that is going to be passed to hid_output_report()
1866 */
hid_alloc_report_buf(struct hid_report * report,gfp_t flags)1867 u8 *hid_alloc_report_buf(struct hid_report *report, gfp_t flags)
1868 {
1869 /*
1870 * 7 extra bytes are necessary to achieve proper functionality
1871 * of implement() working on 8 byte chunks
1872 */
1873
1874 u32 len = hid_report_len(report) + 7;
1875
1876 return kmalloc(len, flags);
1877 }
1878 EXPORT_SYMBOL_GPL(hid_alloc_report_buf);
1879
1880 /*
1881 * Set a field value. The report this field belongs to has to be
1882 * created and transferred to the device, to set this value in the
1883 * device.
1884 */
1885
hid_set_field(struct hid_field * field,unsigned offset,__s32 value)1886 int hid_set_field(struct hid_field *field, unsigned offset, __s32 value)
1887 {
1888 unsigned size;
1889
1890 if (!field)
1891 return -1;
1892
1893 size = field->report_size;
1894
1895 hid_dump_input(field->report->device, field->usage + offset, value);
1896
1897 if (offset >= field->report_count) {
1898 hid_err(field->report->device, "offset (%d) exceeds report_count (%d)\n",
1899 offset, field->report_count);
1900 return -1;
1901 }
1902 if (field->logical_minimum < 0) {
1903 if (value != snto32(s32ton(value, size), size)) {
1904 hid_err(field->report->device, "value %d is out of range\n", value);
1905 return -1;
1906 }
1907 }
1908 field->value[offset] = value;
1909 return 0;
1910 }
1911 EXPORT_SYMBOL_GPL(hid_set_field);
1912
hid_get_report(struct hid_report_enum * report_enum,const u8 * data)1913 static struct hid_report *hid_get_report(struct hid_report_enum *report_enum,
1914 const u8 *data)
1915 {
1916 struct hid_report *report;
1917 unsigned int n = 0; /* Normally report number is 0 */
1918
1919 /* Device uses numbered reports, data[0] is report number */
1920 if (report_enum->numbered)
1921 n = *data;
1922
1923 report = report_enum->report_id_hash[n];
1924 if (report == NULL)
1925 dbg_hid("undefined report_id %u received\n", n);
1926
1927 return report;
1928 }
1929
1930 /*
1931 * Implement a generic .request() callback, using .raw_request()
1932 * DO NOT USE in hid drivers directly, but through hid_hw_request instead.
1933 */
__hid_request(struct hid_device * hid,struct hid_report * report,enum hid_class_request reqtype)1934 int __hid_request(struct hid_device *hid, struct hid_report *report,
1935 enum hid_class_request reqtype)
1936 {
1937 char *buf;
1938 int ret;
1939 u32 len;
1940
1941 buf = hid_alloc_report_buf(report, GFP_KERNEL);
1942 if (!buf)
1943 return -ENOMEM;
1944
1945 len = hid_report_len(report);
1946
1947 if (reqtype == HID_REQ_SET_REPORT)
1948 hid_output_report(report, buf);
1949
1950 ret = hid->ll_driver->raw_request(hid, report->id, buf, len,
1951 report->type, reqtype);
1952 if (ret < 0) {
1953 dbg_hid("unable to complete request: %d\n", ret);
1954 goto out;
1955 }
1956
1957 if (reqtype == HID_REQ_GET_REPORT)
1958 hid_input_report(hid, report->type, buf, ret, 0);
1959
1960 ret = 0;
1961
1962 out:
1963 kfree(buf);
1964 return ret;
1965 }
1966 EXPORT_SYMBOL_GPL(__hid_request);
1967
hid_report_raw_event(struct hid_device * hid,enum hid_report_type type,u8 * data,u32 size,int interrupt)1968 int hid_report_raw_event(struct hid_device *hid, enum hid_report_type type, u8 *data, u32 size,
1969 int interrupt)
1970 {
1971 struct hid_report_enum *report_enum = hid->report_enum + type;
1972 struct hid_report *report;
1973 struct hid_driver *hdrv;
1974 int max_buffer_size = HID_MAX_BUFFER_SIZE;
1975 u32 rsize, csize = size;
1976 u8 *cdata = data;
1977 int ret = 0;
1978
1979 report = hid_get_report(report_enum, data);
1980 if (!report)
1981 goto out;
1982
1983 if (report_enum->numbered) {
1984 cdata++;
1985 csize--;
1986 }
1987
1988 rsize = hid_compute_report_size(report);
1989
1990 if (IS_ENABLED(CONFIG_UHID) && hid->ll_driver == &uhid_hid_driver)
1991 max_buffer_size = UHID_DATA_MAX;
1992
1993 if (report_enum->numbered && rsize >= max_buffer_size)
1994 rsize = max_buffer_size - 1;
1995 else if (rsize > max_buffer_size)
1996 rsize = max_buffer_size;
1997
1998 if (csize < rsize) {
1999 dbg_hid("report %d is too short, (%d < %d)\n", report->id,
2000 csize, rsize);
2001 memset(cdata + csize, 0, rsize - csize);
2002 }
2003
2004 if ((hid->claimed & HID_CLAIMED_HIDDEV) && hid->hiddev_report_event)
2005 hid->hiddev_report_event(hid, report);
2006 if (hid->claimed & HID_CLAIMED_HIDRAW) {
2007 ret = hidraw_report_event(hid, data, size);
2008 if (ret)
2009 goto out;
2010 }
2011
2012 if (hid->claimed != HID_CLAIMED_HIDRAW && report->maxfield) {
2013 hid_process_report(hid, report, cdata, interrupt);
2014 hdrv = hid->driver;
2015 if (hdrv && hdrv->report)
2016 hdrv->report(hid, report);
2017 }
2018
2019 if (hid->claimed & HID_CLAIMED_INPUT)
2020 hidinput_report_event(hid, report);
2021 out:
2022 return ret;
2023 }
2024 EXPORT_SYMBOL_GPL(hid_report_raw_event);
2025
2026 /**
2027 * hid_input_report - report data from lower layer (usb, bt...)
2028 *
2029 * @hid: hid device
2030 * @type: HID report type (HID_*_REPORT)
2031 * @data: report contents
2032 * @size: size of data parameter
2033 * @interrupt: distinguish between interrupt and control transfers
2034 *
2035 * This is data entry for lower layers.
2036 */
hid_input_report(struct hid_device * hid,enum hid_report_type type,u8 * data,u32 size,int interrupt)2037 int hid_input_report(struct hid_device *hid, enum hid_report_type type, u8 *data, u32 size,
2038 int interrupt)
2039 {
2040 struct hid_report_enum *report_enum;
2041 struct hid_driver *hdrv;
2042 struct hid_report *report;
2043 int ret = 0;
2044
2045 if (!hid)
2046 return -ENODEV;
2047
2048 if (down_trylock(&hid->driver_input_lock))
2049 return -EBUSY;
2050
2051 if (!hid->driver) {
2052 ret = -ENODEV;
2053 goto unlock;
2054 }
2055 report_enum = hid->report_enum + type;
2056 hdrv = hid->driver;
2057
2058 if (!size) {
2059 dbg_hid("empty report\n");
2060 ret = -1;
2061 goto unlock;
2062 }
2063
2064 /* Avoid unnecessary overhead if debugfs is disabled */
2065 if (!list_empty(&hid->debug_list))
2066 hid_dump_report(hid, type, data, size);
2067
2068 report = hid_get_report(report_enum, data);
2069
2070 if (!report) {
2071 ret = -1;
2072 goto unlock;
2073 }
2074
2075 if (hdrv && hdrv->raw_event && hid_match_report(hid, report)) {
2076 ret = hdrv->raw_event(hid, report, data, size);
2077 if (ret < 0)
2078 goto unlock;
2079 }
2080
2081 ret = hid_report_raw_event(hid, type, data, size, interrupt);
2082
2083 unlock:
2084 up(&hid->driver_input_lock);
2085 return ret;
2086 }
2087 EXPORT_SYMBOL_GPL(hid_input_report);
2088
hid_match_one_id(const struct hid_device * hdev,const struct hid_device_id * id)2089 bool hid_match_one_id(const struct hid_device *hdev,
2090 const struct hid_device_id *id)
2091 {
2092 return (id->bus == HID_BUS_ANY || id->bus == hdev->bus) &&
2093 (id->group == HID_GROUP_ANY || id->group == hdev->group) &&
2094 (id->vendor == HID_ANY_ID || id->vendor == hdev->vendor) &&
2095 (id->product == HID_ANY_ID || id->product == hdev->product);
2096 }
2097
hid_match_id(const struct hid_device * hdev,const struct hid_device_id * id)2098 const struct hid_device_id *hid_match_id(const struct hid_device *hdev,
2099 const struct hid_device_id *id)
2100 {
2101 for (; id->bus; id++)
2102 if (hid_match_one_id(hdev, id))
2103 return id;
2104
2105 return NULL;
2106 }
2107 EXPORT_SYMBOL_GPL(hid_match_id);
2108
2109 static const struct hid_device_id hid_hiddev_list[] = {
2110 { HID_USB_DEVICE(USB_VENDOR_ID_MGE, USB_DEVICE_ID_MGE_UPS) },
2111 { HID_USB_DEVICE(USB_VENDOR_ID_MGE, USB_DEVICE_ID_MGE_UPS1) },
2112 { }
2113 };
2114
hid_hiddev(struct hid_device * hdev)2115 static bool hid_hiddev(struct hid_device *hdev)
2116 {
2117 return !!hid_match_id(hdev, hid_hiddev_list);
2118 }
2119
2120
2121 static ssize_t
read_report_descriptor(struct file * filp,struct kobject * kobj,struct bin_attribute * attr,char * buf,loff_t off,size_t count)2122 read_report_descriptor(struct file *filp, struct kobject *kobj,
2123 struct bin_attribute *attr,
2124 char *buf, loff_t off, size_t count)
2125 {
2126 struct device *dev = kobj_to_dev(kobj);
2127 struct hid_device *hdev = to_hid_device(dev);
2128
2129 if (off >= hdev->rsize)
2130 return 0;
2131
2132 if (off + count > hdev->rsize)
2133 count = hdev->rsize - off;
2134
2135 memcpy(buf, hdev->rdesc + off, count);
2136
2137 return count;
2138 }
2139
2140 static ssize_t
show_country(struct device * dev,struct device_attribute * attr,char * buf)2141 show_country(struct device *dev, struct device_attribute *attr,
2142 char *buf)
2143 {
2144 struct hid_device *hdev = to_hid_device(dev);
2145
2146 return sprintf(buf, "%02x\n", hdev->country & 0xff);
2147 }
2148
2149 static struct bin_attribute dev_bin_attr_report_desc = {
2150 .attr = { .name = "report_descriptor", .mode = 0444 },
2151 .read = read_report_descriptor,
2152 .size = HID_MAX_DESCRIPTOR_SIZE,
2153 };
2154
2155 static const struct device_attribute dev_attr_country = {
2156 .attr = { .name = "country", .mode = 0444 },
2157 .show = show_country,
2158 };
2159
hid_connect(struct hid_device * hdev,unsigned int connect_mask)2160 int hid_connect(struct hid_device *hdev, unsigned int connect_mask)
2161 {
2162 static const char *types[] = { "Device", "Pointer", "Mouse", "Device",
2163 "Joystick", "Gamepad", "Keyboard", "Keypad",
2164 "Multi-Axis Controller"
2165 };
2166 const char *type, *bus;
2167 char buf[64] = "";
2168 unsigned int i;
2169 int len;
2170 int ret;
2171
2172 if (hdev->quirks & HID_QUIRK_HIDDEV_FORCE)
2173 connect_mask |= (HID_CONNECT_HIDDEV_FORCE | HID_CONNECT_HIDDEV);
2174 if (hdev->quirks & HID_QUIRK_HIDINPUT_FORCE)
2175 connect_mask |= HID_CONNECT_HIDINPUT_FORCE;
2176 if (hdev->bus != BUS_USB)
2177 connect_mask &= ~HID_CONNECT_HIDDEV;
2178 if (hid_hiddev(hdev))
2179 connect_mask |= HID_CONNECT_HIDDEV_FORCE;
2180
2181 if ((connect_mask & HID_CONNECT_HIDINPUT) && !hidinput_connect(hdev,
2182 connect_mask & HID_CONNECT_HIDINPUT_FORCE))
2183 hdev->claimed |= HID_CLAIMED_INPUT;
2184
2185 if ((connect_mask & HID_CONNECT_HIDDEV) && hdev->hiddev_connect &&
2186 !hdev->hiddev_connect(hdev,
2187 connect_mask & HID_CONNECT_HIDDEV_FORCE))
2188 hdev->claimed |= HID_CLAIMED_HIDDEV;
2189 if ((connect_mask & HID_CONNECT_HIDRAW) && !hidraw_connect(hdev))
2190 hdev->claimed |= HID_CLAIMED_HIDRAW;
2191
2192 if (connect_mask & HID_CONNECT_DRIVER)
2193 hdev->claimed |= HID_CLAIMED_DRIVER;
2194
2195 /* Drivers with the ->raw_event callback set are not required to connect
2196 * to any other listener. */
2197 if (!hdev->claimed && !hdev->driver->raw_event) {
2198 hid_err(hdev, "device has no listeners, quitting\n");
2199 return -ENODEV;
2200 }
2201
2202 hid_process_ordering(hdev);
2203
2204 if ((hdev->claimed & HID_CLAIMED_INPUT) &&
2205 (connect_mask & HID_CONNECT_FF) && hdev->ff_init)
2206 hdev->ff_init(hdev);
2207
2208 len = 0;
2209 if (hdev->claimed & HID_CLAIMED_INPUT)
2210 len += sprintf(buf + len, "input");
2211 if (hdev->claimed & HID_CLAIMED_HIDDEV)
2212 len += sprintf(buf + len, "%shiddev%d", len ? "," : "",
2213 ((struct hiddev *)hdev->hiddev)->minor);
2214 if (hdev->claimed & HID_CLAIMED_HIDRAW)
2215 len += sprintf(buf + len, "%shidraw%d", len ? "," : "",
2216 ((struct hidraw *)hdev->hidraw)->minor);
2217
2218 type = "Device";
2219 for (i = 0; i < hdev->maxcollection; i++) {
2220 struct hid_collection *col = &hdev->collection[i];
2221 if (col->type == HID_COLLECTION_APPLICATION &&
2222 (col->usage & HID_USAGE_PAGE) == HID_UP_GENDESK &&
2223 (col->usage & 0xffff) < ARRAY_SIZE(types)) {
2224 type = types[col->usage & 0xffff];
2225 break;
2226 }
2227 }
2228
2229 switch (hdev->bus) {
2230 case BUS_USB:
2231 bus = "USB";
2232 break;
2233 case BUS_BLUETOOTH:
2234 bus = "BLUETOOTH";
2235 break;
2236 case BUS_I2C:
2237 bus = "I2C";
2238 break;
2239 case BUS_VIRTUAL:
2240 bus = "VIRTUAL";
2241 break;
2242 case BUS_INTEL_ISHTP:
2243 case BUS_AMD_SFH:
2244 bus = "SENSOR HUB";
2245 break;
2246 default:
2247 bus = "<UNKNOWN>";
2248 }
2249
2250 ret = device_create_file(&hdev->dev, &dev_attr_country);
2251 if (ret)
2252 hid_warn(hdev,
2253 "can't create sysfs country code attribute err: %d\n", ret);
2254
2255 hid_info(hdev, "%s: %s HID v%x.%02x %s [%s] on %s\n",
2256 buf, bus, hdev->version >> 8, hdev->version & 0xff,
2257 type, hdev->name, hdev->phys);
2258
2259 return 0;
2260 }
2261 EXPORT_SYMBOL_GPL(hid_connect);
2262
hid_disconnect(struct hid_device * hdev)2263 void hid_disconnect(struct hid_device *hdev)
2264 {
2265 device_remove_file(&hdev->dev, &dev_attr_country);
2266 if (hdev->claimed & HID_CLAIMED_INPUT)
2267 hidinput_disconnect(hdev);
2268 if (hdev->claimed & HID_CLAIMED_HIDDEV)
2269 hdev->hiddev_disconnect(hdev);
2270 if (hdev->claimed & HID_CLAIMED_HIDRAW)
2271 hidraw_disconnect(hdev);
2272 hdev->claimed = 0;
2273 }
2274 EXPORT_SYMBOL_GPL(hid_disconnect);
2275
2276 /**
2277 * hid_hw_start - start underlying HW
2278 * @hdev: hid device
2279 * @connect_mask: which outputs to connect, see HID_CONNECT_*
2280 *
2281 * Call this in probe function *after* hid_parse. This will setup HW
2282 * buffers and start the device (if not defeirred to device open).
2283 * hid_hw_stop must be called if this was successful.
2284 */
hid_hw_start(struct hid_device * hdev,unsigned int connect_mask)2285 int hid_hw_start(struct hid_device *hdev, unsigned int connect_mask)
2286 {
2287 int error;
2288
2289 error = hdev->ll_driver->start(hdev);
2290 if (error)
2291 return error;
2292
2293 if (connect_mask) {
2294 error = hid_connect(hdev, connect_mask);
2295 if (error) {
2296 hdev->ll_driver->stop(hdev);
2297 return error;
2298 }
2299 }
2300
2301 return 0;
2302 }
2303 EXPORT_SYMBOL_GPL(hid_hw_start);
2304
2305 /**
2306 * hid_hw_stop - stop underlying HW
2307 * @hdev: hid device
2308 *
2309 * This is usually called from remove function or from probe when something
2310 * failed and hid_hw_start was called already.
2311 */
hid_hw_stop(struct hid_device * hdev)2312 void hid_hw_stop(struct hid_device *hdev)
2313 {
2314 hid_disconnect(hdev);
2315 hdev->ll_driver->stop(hdev);
2316 }
2317 EXPORT_SYMBOL_GPL(hid_hw_stop);
2318
2319 /**
2320 * hid_hw_open - signal underlying HW to start delivering events
2321 * @hdev: hid device
2322 *
2323 * Tell underlying HW to start delivering events from the device.
2324 * This function should be called sometime after successful call
2325 * to hid_hw_start().
2326 */
hid_hw_open(struct hid_device * hdev)2327 int hid_hw_open(struct hid_device *hdev)
2328 {
2329 int ret;
2330
2331 ret = mutex_lock_killable(&hdev->ll_open_lock);
2332 if (ret)
2333 return ret;
2334
2335 if (!hdev->ll_open_count++) {
2336 ret = hdev->ll_driver->open(hdev);
2337 if (ret)
2338 hdev->ll_open_count--;
2339 }
2340
2341 mutex_unlock(&hdev->ll_open_lock);
2342 return ret;
2343 }
2344 EXPORT_SYMBOL_GPL(hid_hw_open);
2345
2346 /**
2347 * hid_hw_close - signal underlaying HW to stop delivering events
2348 *
2349 * @hdev: hid device
2350 *
2351 * This function indicates that we are not interested in the events
2352 * from this device anymore. Delivery of events may or may not stop,
2353 * depending on the number of users still outstanding.
2354 */
hid_hw_close(struct hid_device * hdev)2355 void hid_hw_close(struct hid_device *hdev)
2356 {
2357 mutex_lock(&hdev->ll_open_lock);
2358 if (!--hdev->ll_open_count)
2359 hdev->ll_driver->close(hdev);
2360 mutex_unlock(&hdev->ll_open_lock);
2361 }
2362 EXPORT_SYMBOL_GPL(hid_hw_close);
2363
2364 /**
2365 * hid_hw_request - send report request to device
2366 *
2367 * @hdev: hid device
2368 * @report: report to send
2369 * @reqtype: hid request type
2370 */
hid_hw_request(struct hid_device * hdev,struct hid_report * report,enum hid_class_request reqtype)2371 void hid_hw_request(struct hid_device *hdev,
2372 struct hid_report *report, enum hid_class_request reqtype)
2373 {
2374 if (hdev->ll_driver->request)
2375 return hdev->ll_driver->request(hdev, report, reqtype);
2376
2377 __hid_request(hdev, report, reqtype);
2378 }
2379 EXPORT_SYMBOL_GPL(hid_hw_request);
2380
2381 /**
2382 * hid_hw_raw_request - send report request to device
2383 *
2384 * @hdev: hid device
2385 * @reportnum: report ID
2386 * @buf: in/out data to transfer
2387 * @len: length of buf
2388 * @rtype: HID report type
2389 * @reqtype: HID_REQ_GET_REPORT or HID_REQ_SET_REPORT
2390 *
2391 * Return: count of data transferred, negative if error
2392 *
2393 * Same behavior as hid_hw_request, but with raw buffers instead.
2394 */
hid_hw_raw_request(struct hid_device * hdev,unsigned char reportnum,__u8 * buf,size_t len,enum hid_report_type rtype,enum hid_class_request reqtype)2395 int hid_hw_raw_request(struct hid_device *hdev,
2396 unsigned char reportnum, __u8 *buf,
2397 size_t len, enum hid_report_type rtype, enum hid_class_request reqtype)
2398 {
2399 unsigned int max_buffer_size = HID_MAX_BUFFER_SIZE;
2400
2401 if (IS_ENABLED(CONFIG_UHID) && hdev->ll_driver == &uhid_hid_driver)
2402 max_buffer_size = UHID_DATA_MAX;
2403
2404 if (len < 1 || len > max_buffer_size || !buf)
2405 return -EINVAL;
2406
2407 return hdev->ll_driver->raw_request(hdev, reportnum, buf, len,
2408 rtype, reqtype);
2409 }
2410 EXPORT_SYMBOL_GPL(hid_hw_raw_request);
2411
2412 /**
2413 * hid_hw_output_report - send output report to device
2414 *
2415 * @hdev: hid device
2416 * @buf: raw data to transfer
2417 * @len: length of buf
2418 *
2419 * Return: count of data transferred, negative if error
2420 */
hid_hw_output_report(struct hid_device * hdev,__u8 * buf,size_t len)2421 int hid_hw_output_report(struct hid_device *hdev, __u8 *buf, size_t len)
2422 {
2423 unsigned int max_buffer_size = HID_MAX_BUFFER_SIZE;
2424
2425 if (IS_ENABLED(CONFIG_UHID) && hdev->ll_driver == &uhid_hid_driver)
2426 max_buffer_size = UHID_DATA_MAX;
2427
2428 if (len < 1 || len > max_buffer_size || !buf)
2429 return -EINVAL;
2430
2431 if (hdev->ll_driver->output_report)
2432 return hdev->ll_driver->output_report(hdev, buf, len);
2433
2434 return -ENOSYS;
2435 }
2436 EXPORT_SYMBOL_GPL(hid_hw_output_report);
2437
2438 #ifdef CONFIG_PM
hid_driver_suspend(struct hid_device * hdev,pm_message_t state)2439 int hid_driver_suspend(struct hid_device *hdev, pm_message_t state)
2440 {
2441 if (hdev->driver && hdev->driver->suspend)
2442 return hdev->driver->suspend(hdev, state);
2443
2444 return 0;
2445 }
2446 EXPORT_SYMBOL_GPL(hid_driver_suspend);
2447
hid_driver_reset_resume(struct hid_device * hdev)2448 int hid_driver_reset_resume(struct hid_device *hdev)
2449 {
2450 if (hdev->driver && hdev->driver->reset_resume)
2451 return hdev->driver->reset_resume(hdev);
2452
2453 return 0;
2454 }
2455 EXPORT_SYMBOL_GPL(hid_driver_reset_resume);
2456
hid_driver_resume(struct hid_device * hdev)2457 int hid_driver_resume(struct hid_device *hdev)
2458 {
2459 if (hdev->driver && hdev->driver->resume)
2460 return hdev->driver->resume(hdev);
2461
2462 return 0;
2463 }
2464 EXPORT_SYMBOL_GPL(hid_driver_resume);
2465 #endif /* CONFIG_PM */
2466
2467 struct hid_dynid {
2468 struct list_head list;
2469 struct hid_device_id id;
2470 };
2471
2472 /**
2473 * new_id_store - add a new HID device ID to this driver and re-probe devices
2474 * @drv: target device driver
2475 * @buf: buffer for scanning device ID data
2476 * @count: input size
2477 *
2478 * Adds a new dynamic hid device ID to this driver,
2479 * and causes the driver to probe for all devices again.
2480 */
new_id_store(struct device_driver * drv,const char * buf,size_t count)2481 static ssize_t new_id_store(struct device_driver *drv, const char *buf,
2482 size_t count)
2483 {
2484 struct hid_driver *hdrv = to_hid_driver(drv);
2485 struct hid_dynid *dynid;
2486 __u32 bus, vendor, product;
2487 unsigned long driver_data = 0;
2488 int ret;
2489
2490 ret = sscanf(buf, "%x %x %x %lx",
2491 &bus, &vendor, &product, &driver_data);
2492 if (ret < 3)
2493 return -EINVAL;
2494
2495 dynid = kzalloc(sizeof(*dynid), GFP_KERNEL);
2496 if (!dynid)
2497 return -ENOMEM;
2498
2499 dynid->id.bus = bus;
2500 dynid->id.group = HID_GROUP_ANY;
2501 dynid->id.vendor = vendor;
2502 dynid->id.product = product;
2503 dynid->id.driver_data = driver_data;
2504
2505 spin_lock(&hdrv->dyn_lock);
2506 list_add_tail(&dynid->list, &hdrv->dyn_list);
2507 spin_unlock(&hdrv->dyn_lock);
2508
2509 ret = driver_attach(&hdrv->driver);
2510
2511 return ret ? : count;
2512 }
2513 static DRIVER_ATTR_WO(new_id);
2514
2515 static struct attribute *hid_drv_attrs[] = {
2516 &driver_attr_new_id.attr,
2517 NULL,
2518 };
2519 ATTRIBUTE_GROUPS(hid_drv);
2520
hid_free_dynids(struct hid_driver * hdrv)2521 static void hid_free_dynids(struct hid_driver *hdrv)
2522 {
2523 struct hid_dynid *dynid, *n;
2524
2525 spin_lock(&hdrv->dyn_lock);
2526 list_for_each_entry_safe(dynid, n, &hdrv->dyn_list, list) {
2527 list_del(&dynid->list);
2528 kfree(dynid);
2529 }
2530 spin_unlock(&hdrv->dyn_lock);
2531 }
2532
hid_match_device(struct hid_device * hdev,struct hid_driver * hdrv)2533 const struct hid_device_id *hid_match_device(struct hid_device *hdev,
2534 struct hid_driver *hdrv)
2535 {
2536 struct hid_dynid *dynid;
2537
2538 spin_lock(&hdrv->dyn_lock);
2539 list_for_each_entry(dynid, &hdrv->dyn_list, list) {
2540 if (hid_match_one_id(hdev, &dynid->id)) {
2541 spin_unlock(&hdrv->dyn_lock);
2542 return &dynid->id;
2543 }
2544 }
2545 spin_unlock(&hdrv->dyn_lock);
2546
2547 return hid_match_id(hdev, hdrv->id_table);
2548 }
2549 EXPORT_SYMBOL_GPL(hid_match_device);
2550
hid_bus_match(struct device * dev,struct device_driver * drv)2551 static int hid_bus_match(struct device *dev, struct device_driver *drv)
2552 {
2553 struct hid_driver *hdrv = to_hid_driver(drv);
2554 struct hid_device *hdev = to_hid_device(dev);
2555
2556 return hid_match_device(hdev, hdrv) != NULL;
2557 }
2558
2559 /**
2560 * hid_compare_device_paths - check if both devices share the same path
2561 * @hdev_a: hid device
2562 * @hdev_b: hid device
2563 * @separator: char to use as separator
2564 *
2565 * Check if two devices share the same path up to the last occurrence of
2566 * the separator char. Both paths must exist (i.e., zero-length paths
2567 * don't match).
2568 */
hid_compare_device_paths(struct hid_device * hdev_a,struct hid_device * hdev_b,char separator)2569 bool hid_compare_device_paths(struct hid_device *hdev_a,
2570 struct hid_device *hdev_b, char separator)
2571 {
2572 int n1 = strrchr(hdev_a->phys, separator) - hdev_a->phys;
2573 int n2 = strrchr(hdev_b->phys, separator) - hdev_b->phys;
2574
2575 if (n1 != n2 || n1 <= 0 || n2 <= 0)
2576 return false;
2577
2578 return !strncmp(hdev_a->phys, hdev_b->phys, n1);
2579 }
2580 EXPORT_SYMBOL_GPL(hid_compare_device_paths);
2581
hid_device_probe(struct device * dev)2582 static int hid_device_probe(struct device *dev)
2583 {
2584 struct hid_driver *hdrv = to_hid_driver(dev->driver);
2585 struct hid_device *hdev = to_hid_device(dev);
2586 const struct hid_device_id *id;
2587 int ret = 0;
2588
2589 if (down_interruptible(&hdev->driver_input_lock)) {
2590 ret = -EINTR;
2591 goto end;
2592 }
2593 hdev->io_started = false;
2594
2595 clear_bit(ffs(HID_STAT_REPROBED), &hdev->status);
2596
2597 if (!hdev->driver) {
2598 id = hid_match_device(hdev, hdrv);
2599 if (id == NULL) {
2600 ret = -ENODEV;
2601 goto unlock;
2602 }
2603
2604 if (hdrv->match) {
2605 if (!hdrv->match(hdev, hid_ignore_special_drivers)) {
2606 ret = -ENODEV;
2607 goto unlock;
2608 }
2609 } else {
2610 /*
2611 * hid-generic implements .match(), so if
2612 * hid_ignore_special_drivers is set, we can safely
2613 * return.
2614 */
2615 if (hid_ignore_special_drivers) {
2616 ret = -ENODEV;
2617 goto unlock;
2618 }
2619 }
2620
2621 /* reset the quirks that has been previously set */
2622 hdev->quirks = hid_lookup_quirk(hdev);
2623 hdev->driver = hdrv;
2624 if (hdrv->probe) {
2625 ret = hdrv->probe(hdev, id);
2626 } else { /* default probe */
2627 ret = hid_open_report(hdev);
2628 if (!ret)
2629 ret = hid_hw_start(hdev, HID_CONNECT_DEFAULT);
2630 }
2631 if (ret) {
2632 hid_close_report(hdev);
2633 hdev->driver = NULL;
2634 }
2635 }
2636 unlock:
2637 if (!hdev->io_started)
2638 up(&hdev->driver_input_lock);
2639 end:
2640 return ret;
2641 }
2642
hid_device_remove(struct device * dev)2643 static void hid_device_remove(struct device *dev)
2644 {
2645 struct hid_device *hdev = to_hid_device(dev);
2646 struct hid_driver *hdrv;
2647
2648 down(&hdev->driver_input_lock);
2649 hdev->io_started = false;
2650
2651 hdrv = hdev->driver;
2652 if (hdrv) {
2653 if (hdrv->remove)
2654 hdrv->remove(hdev);
2655 else /* default remove */
2656 hid_hw_stop(hdev);
2657 hid_close_report(hdev);
2658 hdev->driver = NULL;
2659 }
2660
2661 if (!hdev->io_started)
2662 up(&hdev->driver_input_lock);
2663 }
2664
modalias_show(struct device * dev,struct device_attribute * a,char * buf)2665 static ssize_t modalias_show(struct device *dev, struct device_attribute *a,
2666 char *buf)
2667 {
2668 struct hid_device *hdev = container_of(dev, struct hid_device, dev);
2669
2670 return scnprintf(buf, PAGE_SIZE, "hid:b%04Xg%04Xv%08Xp%08X\n",
2671 hdev->bus, hdev->group, hdev->vendor, hdev->product);
2672 }
2673 static DEVICE_ATTR_RO(modalias);
2674
2675 static struct attribute *hid_dev_attrs[] = {
2676 &dev_attr_modalias.attr,
2677 NULL,
2678 };
2679 static struct bin_attribute *hid_dev_bin_attrs[] = {
2680 &dev_bin_attr_report_desc,
2681 NULL
2682 };
2683 static const struct attribute_group hid_dev_group = {
2684 .attrs = hid_dev_attrs,
2685 .bin_attrs = hid_dev_bin_attrs,
2686 };
2687 __ATTRIBUTE_GROUPS(hid_dev);
2688
hid_uevent(struct device * dev,struct kobj_uevent_env * env)2689 static int hid_uevent(struct device *dev, struct kobj_uevent_env *env)
2690 {
2691 struct hid_device *hdev = to_hid_device(dev);
2692
2693 if (add_uevent_var(env, "HID_ID=%04X:%08X:%08X",
2694 hdev->bus, hdev->vendor, hdev->product))
2695 return -ENOMEM;
2696
2697 if (add_uevent_var(env, "HID_NAME=%s", hdev->name))
2698 return -ENOMEM;
2699
2700 if (add_uevent_var(env, "HID_PHYS=%s", hdev->phys))
2701 return -ENOMEM;
2702
2703 if (add_uevent_var(env, "HID_UNIQ=%s", hdev->uniq))
2704 return -ENOMEM;
2705
2706 if (add_uevent_var(env, "MODALIAS=hid:b%04Xg%04Xv%08Xp%08X",
2707 hdev->bus, hdev->group, hdev->vendor, hdev->product))
2708 return -ENOMEM;
2709
2710 return 0;
2711 }
2712
2713 struct bus_type hid_bus_type = {
2714 .name = "hid",
2715 .dev_groups = hid_dev_groups,
2716 .drv_groups = hid_drv_groups,
2717 .match = hid_bus_match,
2718 .probe = hid_device_probe,
2719 .remove = hid_device_remove,
2720 .uevent = hid_uevent,
2721 };
2722 EXPORT_SYMBOL(hid_bus_type);
2723
hid_add_device(struct hid_device * hdev)2724 int hid_add_device(struct hid_device *hdev)
2725 {
2726 static atomic_t id = ATOMIC_INIT(0);
2727 int ret;
2728
2729 if (WARN_ON(hdev->status & HID_STAT_ADDED))
2730 return -EBUSY;
2731
2732 hdev->quirks = hid_lookup_quirk(hdev);
2733
2734 /* we need to kill them here, otherwise they will stay allocated to
2735 * wait for coming driver */
2736 if (hid_ignore(hdev))
2737 return -ENODEV;
2738
2739 /*
2740 * Check for the mandatory transport channel.
2741 */
2742 if (!hdev->ll_driver->raw_request) {
2743 hid_err(hdev, "transport driver missing .raw_request()\n");
2744 return -EINVAL;
2745 }
2746
2747 /*
2748 * Read the device report descriptor once and use as template
2749 * for the driver-specific modifications.
2750 */
2751 ret = hdev->ll_driver->parse(hdev);
2752 if (ret)
2753 return ret;
2754 if (!hdev->dev_rdesc)
2755 return -ENODEV;
2756
2757 /*
2758 * Scan generic devices for group information
2759 */
2760 if (hid_ignore_special_drivers) {
2761 hdev->group = HID_GROUP_GENERIC;
2762 } else if (!hdev->group &&
2763 !(hdev->quirks & HID_QUIRK_HAVE_SPECIAL_DRIVER)) {
2764 ret = hid_scan_report(hdev);
2765 if (ret)
2766 hid_warn(hdev, "bad device descriptor (%d)\n", ret);
2767 }
2768
2769 hdev->id = atomic_inc_return(&id);
2770
2771 /* XXX hack, any other cleaner solution after the driver core
2772 * is converted to allow more than 20 bytes as the device name? */
2773 dev_set_name(&hdev->dev, "%04X:%04X:%04X.%04X", hdev->bus,
2774 hdev->vendor, hdev->product, hdev->id);
2775
2776 hid_debug_register(hdev, dev_name(&hdev->dev));
2777 ret = device_add(&hdev->dev);
2778 if (!ret)
2779 hdev->status |= HID_STAT_ADDED;
2780 else
2781 hid_debug_unregister(hdev);
2782
2783 return ret;
2784 }
2785 EXPORT_SYMBOL_GPL(hid_add_device);
2786
2787 /**
2788 * hid_allocate_device - allocate new hid device descriptor
2789 *
2790 * Allocate and initialize hid device, so that hid_destroy_device might be
2791 * used to free it.
2792 *
2793 * New hid_device pointer is returned on success, otherwise ERR_PTR encoded
2794 * error value.
2795 */
hid_allocate_device(void)2796 struct hid_device *hid_allocate_device(void)
2797 {
2798 struct hid_device *hdev;
2799 int ret = -ENOMEM;
2800
2801 hdev = kzalloc(sizeof(*hdev), GFP_KERNEL);
2802 if (hdev == NULL)
2803 return ERR_PTR(ret);
2804
2805 device_initialize(&hdev->dev);
2806 hdev->dev.release = hid_device_release;
2807 hdev->dev.bus = &hid_bus_type;
2808 device_enable_async_suspend(&hdev->dev);
2809
2810 hid_close_report(hdev);
2811
2812 init_waitqueue_head(&hdev->debug_wait);
2813 INIT_LIST_HEAD(&hdev->debug_list);
2814 spin_lock_init(&hdev->debug_list_lock);
2815 sema_init(&hdev->driver_input_lock, 1);
2816 mutex_init(&hdev->ll_open_lock);
2817
2818 return hdev;
2819 }
2820 EXPORT_SYMBOL_GPL(hid_allocate_device);
2821
hid_remove_device(struct hid_device * hdev)2822 static void hid_remove_device(struct hid_device *hdev)
2823 {
2824 if (hdev->status & HID_STAT_ADDED) {
2825 device_del(&hdev->dev);
2826 hid_debug_unregister(hdev);
2827 hdev->status &= ~HID_STAT_ADDED;
2828 }
2829 kfree(hdev->dev_rdesc);
2830 hdev->dev_rdesc = NULL;
2831 hdev->dev_rsize = 0;
2832 }
2833
2834 /**
2835 * hid_destroy_device - free previously allocated device
2836 *
2837 * @hdev: hid device
2838 *
2839 * If you allocate hid_device through hid_allocate_device, you should ever
2840 * free by this function.
2841 */
hid_destroy_device(struct hid_device * hdev)2842 void hid_destroy_device(struct hid_device *hdev)
2843 {
2844 hid_remove_device(hdev);
2845 put_device(&hdev->dev);
2846 }
2847 EXPORT_SYMBOL_GPL(hid_destroy_device);
2848
2849
__hid_bus_reprobe_drivers(struct device * dev,void * data)2850 static int __hid_bus_reprobe_drivers(struct device *dev, void *data)
2851 {
2852 struct hid_driver *hdrv = data;
2853 struct hid_device *hdev = to_hid_device(dev);
2854
2855 if (hdev->driver == hdrv &&
2856 !hdrv->match(hdev, hid_ignore_special_drivers) &&
2857 !test_and_set_bit(ffs(HID_STAT_REPROBED), &hdev->status))
2858 return device_reprobe(dev);
2859
2860 return 0;
2861 }
2862
__hid_bus_driver_added(struct device_driver * drv,void * data)2863 static int __hid_bus_driver_added(struct device_driver *drv, void *data)
2864 {
2865 struct hid_driver *hdrv = to_hid_driver(drv);
2866
2867 if (hdrv->match) {
2868 bus_for_each_dev(&hid_bus_type, NULL, hdrv,
2869 __hid_bus_reprobe_drivers);
2870 }
2871
2872 return 0;
2873 }
2874
__bus_removed_driver(struct device_driver * drv,void * data)2875 static int __bus_removed_driver(struct device_driver *drv, void *data)
2876 {
2877 return bus_rescan_devices(&hid_bus_type);
2878 }
2879
__hid_register_driver(struct hid_driver * hdrv,struct module * owner,const char * mod_name)2880 int __hid_register_driver(struct hid_driver *hdrv, struct module *owner,
2881 const char *mod_name)
2882 {
2883 int ret;
2884
2885 hdrv->driver.name = hdrv->name;
2886 hdrv->driver.bus = &hid_bus_type;
2887 hdrv->driver.owner = owner;
2888 hdrv->driver.mod_name = mod_name;
2889
2890 INIT_LIST_HEAD(&hdrv->dyn_list);
2891 spin_lock_init(&hdrv->dyn_lock);
2892
2893 ret = driver_register(&hdrv->driver);
2894
2895 if (ret == 0)
2896 bus_for_each_drv(&hid_bus_type, NULL, NULL,
2897 __hid_bus_driver_added);
2898
2899 return ret;
2900 }
2901 EXPORT_SYMBOL_GPL(__hid_register_driver);
2902
hid_unregister_driver(struct hid_driver * hdrv)2903 void hid_unregister_driver(struct hid_driver *hdrv)
2904 {
2905 driver_unregister(&hdrv->driver);
2906 hid_free_dynids(hdrv);
2907
2908 bus_for_each_drv(&hid_bus_type, NULL, hdrv, __bus_removed_driver);
2909 }
2910 EXPORT_SYMBOL_GPL(hid_unregister_driver);
2911
hid_check_keys_pressed(struct hid_device * hid)2912 int hid_check_keys_pressed(struct hid_device *hid)
2913 {
2914 struct hid_input *hidinput;
2915 int i;
2916
2917 if (!(hid->claimed & HID_CLAIMED_INPUT))
2918 return 0;
2919
2920 list_for_each_entry(hidinput, &hid->inputs, list) {
2921 for (i = 0; i < BITS_TO_LONGS(KEY_MAX); i++)
2922 if (hidinput->input->key[i])
2923 return 1;
2924 }
2925
2926 return 0;
2927 }
2928 EXPORT_SYMBOL_GPL(hid_check_keys_pressed);
2929
hid_init(void)2930 static int __init hid_init(void)
2931 {
2932 int ret;
2933
2934 if (hid_debug)
2935 pr_warn("hid_debug is now used solely for parser and driver debugging.\n"
2936 "debugfs is now used for inspecting the device (report descriptor, reports)\n");
2937
2938 ret = bus_register(&hid_bus_type);
2939 if (ret) {
2940 pr_err("can't register hid bus\n");
2941 goto err;
2942 }
2943
2944 ret = hidraw_init();
2945 if (ret)
2946 goto err_bus;
2947
2948 hid_debug_init();
2949
2950 return 0;
2951 err_bus:
2952 bus_unregister(&hid_bus_type);
2953 err:
2954 return ret;
2955 }
2956
hid_exit(void)2957 static void __exit hid_exit(void)
2958 {
2959 hid_debug_exit();
2960 hidraw_exit();
2961 bus_unregister(&hid_bus_type);
2962 hid_quirks_exit(HID_BUS_ANY);
2963 }
2964
2965 module_init(hid_init);
2966 module_exit(hid_exit);
2967
2968 MODULE_AUTHOR("Andreas Gal");
2969 MODULE_AUTHOR("Vojtech Pavlik");
2970 MODULE_AUTHOR("Jiri Kosina");
2971 MODULE_LICENSE("GPL");
2972