1 // SPDX-License-Identifier: GPL-2.0 2 /* 3 * cdc-wdm.c 4 * 5 * This driver supports USB CDC WCM Device Management. 6 * 7 * Copyright (c) 2007-2009 Oliver Neukum 8 * 9 * Some code taken from cdc-acm.c 10 * 11 * Released under the GPLv2. 12 * 13 * Many thanks to Carl Nordbeck 14 */ 15 #include <linux/kernel.h> 16 #include <linux/errno.h> 17 #include <linux/ioctl.h> 18 #include <linux/slab.h> 19 #include <linux/module.h> 20 #include <linux/mutex.h> 21 #include <linux/uaccess.h> 22 #include <linux/bitops.h> 23 #include <linux/poll.h> 24 #include <linux/usb.h> 25 #include <linux/usb/cdc.h> 26 #include <asm/byteorder.h> 27 #include <asm/unaligned.h> 28 #include <linux/usb/cdc-wdm.h> 29 30 #define DRIVER_AUTHOR "Oliver Neukum" 31 #define DRIVER_DESC "USB Abstract Control Model driver for USB WCM Device Management" 32 33 static const struct usb_device_id wdm_ids[] = { 34 { 35 .match_flags = USB_DEVICE_ID_MATCH_INT_CLASS | 36 USB_DEVICE_ID_MATCH_INT_SUBCLASS, 37 .bInterfaceClass = USB_CLASS_COMM, 38 .bInterfaceSubClass = USB_CDC_SUBCLASS_DMM 39 }, 40 { } 41 }; 42 43 MODULE_DEVICE_TABLE (usb, wdm_ids); 44 45 #define WDM_MINOR_BASE 176 46 47 48 #define WDM_IN_USE 1 49 #define WDM_DISCONNECTING 2 50 #define WDM_RESULT 3 51 #define WDM_READ 4 52 #define WDM_INT_STALL 5 53 #define WDM_POLL_RUNNING 6 54 #define WDM_RESPONDING 7 55 #define WDM_SUSPENDING 8 56 #define WDM_RESETTING 9 57 #define WDM_OVERFLOW 10 58 59 #define WDM_MAX 16 60 61 /* CDC-WMC r1.1 requires wMaxCommand to be "at least 256 decimal (0x100)" */ 62 #define WDM_DEFAULT_BUFSIZE 256 63 64 static DEFINE_MUTEX(wdm_mutex); 65 static DEFINE_SPINLOCK(wdm_device_list_lock); 66 static LIST_HEAD(wdm_device_list); 67 68 /* --- method tables --- */ 69 70 struct wdm_device { 71 u8 *inbuf; /* buffer for response */ 72 u8 *outbuf; /* buffer for command */ 73 u8 *sbuf; /* buffer for status */ 74 u8 *ubuf; /* buffer for copy to user space */ 75 76 struct urb *command; 77 struct urb *response; 78 struct urb *validity; 79 struct usb_interface *intf; 80 struct usb_ctrlrequest *orq; 81 struct usb_ctrlrequest *irq; 82 spinlock_t iuspin; 83 84 unsigned long flags; 85 u16 bufsize; 86 u16 wMaxCommand; 87 u16 wMaxPacketSize; 88 __le16 inum; 89 int reslength; 90 int length; 91 int read; 92 int count; 93 dma_addr_t shandle; 94 dma_addr_t ihandle; 95 struct mutex wlock; 96 struct mutex rlock; 97 wait_queue_head_t wait; 98 struct work_struct rxwork; 99 struct work_struct service_outs_intr; 100 int werr; 101 int rerr; 102 int resp_count; 103 104 struct list_head device_list; 105 int (*manage_power)(struct usb_interface *, int); 106 }; 107 108 static struct usb_driver wdm_driver; 109 110 /* return intfdata if we own the interface, else look up intf in the list */ 111 static struct wdm_device *wdm_find_device(struct usb_interface *intf) 112 { 113 struct wdm_device *desc; 114 115 spin_lock(&wdm_device_list_lock); 116 list_for_each_entry(desc, &wdm_device_list, device_list) 117 if (desc->intf == intf) 118 goto found; 119 desc = NULL; 120 found: 121 spin_unlock(&wdm_device_list_lock); 122 123 return desc; 124 } 125 126 static struct wdm_device *wdm_find_device_by_minor(int minor) 127 { 128 struct wdm_device *desc; 129 130 spin_lock(&wdm_device_list_lock); 131 list_for_each_entry(desc, &wdm_device_list, device_list) 132 if (desc->intf->minor == minor) 133 goto found; 134 desc = NULL; 135 found: 136 spin_unlock(&wdm_device_list_lock); 137 138 return desc; 139 } 140 141 /* --- callbacks --- */ 142 static void wdm_out_callback(struct urb *urb) 143 { 144 struct wdm_device *desc; 145 unsigned long flags; 146 147 desc = urb->context; 148 spin_lock_irqsave(&desc->iuspin, flags); 149 desc->werr = urb->status; 150 spin_unlock_irqrestore(&desc->iuspin, flags); 151 kfree(desc->outbuf); 152 desc->outbuf = NULL; 153 clear_bit(WDM_IN_USE, &desc->flags); 154 wake_up(&desc->wait); 155 } 156 157 static void wdm_in_callback(struct urb *urb) 158 { 159 unsigned long flags; 160 struct wdm_device *desc = urb->context; 161 int status = urb->status; 162 int length = urb->actual_length; 163 164 spin_lock_irqsave(&desc->iuspin, flags); 165 clear_bit(WDM_RESPONDING, &desc->flags); 166 167 if (status) { 168 switch (status) { 169 case -ENOENT: 170 dev_dbg(&desc->intf->dev, 171 "nonzero urb status received: -ENOENT\n"); 172 goto skip_error; 173 case -ECONNRESET: 174 dev_dbg(&desc->intf->dev, 175 "nonzero urb status received: -ECONNRESET\n"); 176 goto skip_error; 177 case -ESHUTDOWN: 178 dev_dbg(&desc->intf->dev, 179 "nonzero urb status received: -ESHUTDOWN\n"); 180 goto skip_error; 181 case -EPIPE: 182 dev_err(&desc->intf->dev, 183 "nonzero urb status received: -EPIPE\n"); 184 break; 185 default: 186 dev_err(&desc->intf->dev, 187 "Unexpected error %d\n", status); 188 break; 189 } 190 } 191 192 /* 193 * only set a new error if there is no previous error. 194 * Errors are only cleared during read/open 195 * Avoid propagating -EPIPE (stall) to userspace since it is 196 * better handled as an empty read 197 */ 198 if (desc->rerr == 0 && status != -EPIPE) 199 desc->rerr = status; 200 201 if (length + desc->length > desc->wMaxCommand) { 202 /* The buffer would overflow */ 203 set_bit(WDM_OVERFLOW, &desc->flags); 204 } else { 205 /* we may already be in overflow */ 206 if (!test_bit(WDM_OVERFLOW, &desc->flags)) { 207 memmove(desc->ubuf + desc->length, desc->inbuf, length); 208 desc->length += length; 209 desc->reslength = length; 210 } 211 } 212 skip_error: 213 214 if (desc->rerr) { 215 /* 216 * Since there was an error, userspace may decide to not read 217 * any data after poll'ing. 218 * We should respond to further attempts from the device to send 219 * data, so that we can get unstuck. 220 */ 221 schedule_work(&desc->service_outs_intr); 222 } else { 223 set_bit(WDM_READ, &desc->flags); 224 wake_up(&desc->wait); 225 } 226 spin_unlock_irqrestore(&desc->iuspin, flags); 227 } 228 229 static void wdm_int_callback(struct urb *urb) 230 { 231 unsigned long flags; 232 int rv = 0; 233 int responding; 234 int status = urb->status; 235 struct wdm_device *desc; 236 struct usb_cdc_notification *dr; 237 238 desc = urb->context; 239 dr = (struct usb_cdc_notification *)desc->sbuf; 240 241 if (status) { 242 switch (status) { 243 case -ESHUTDOWN: 244 case -ENOENT: 245 case -ECONNRESET: 246 return; /* unplug */ 247 case -EPIPE: 248 set_bit(WDM_INT_STALL, &desc->flags); 249 dev_err(&desc->intf->dev, "Stall on int endpoint\n"); 250 goto sw; /* halt is cleared in work */ 251 default: 252 dev_err(&desc->intf->dev, 253 "nonzero urb status received: %d\n", status); 254 break; 255 } 256 } 257 258 if (urb->actual_length < sizeof(struct usb_cdc_notification)) { 259 dev_err(&desc->intf->dev, "wdm_int_callback - %d bytes\n", 260 urb->actual_length); 261 goto exit; 262 } 263 264 switch (dr->bNotificationType) { 265 case USB_CDC_NOTIFY_RESPONSE_AVAILABLE: 266 dev_dbg(&desc->intf->dev, 267 "NOTIFY_RESPONSE_AVAILABLE received: index %d len %d\n", 268 le16_to_cpu(dr->wIndex), le16_to_cpu(dr->wLength)); 269 break; 270 271 case USB_CDC_NOTIFY_NETWORK_CONNECTION: 272 273 dev_dbg(&desc->intf->dev, 274 "NOTIFY_NETWORK_CONNECTION %s network\n", 275 dr->wValue ? "connected to" : "disconnected from"); 276 goto exit; 277 case USB_CDC_NOTIFY_SPEED_CHANGE: 278 dev_dbg(&desc->intf->dev, "SPEED_CHANGE received (len %u)\n", 279 urb->actual_length); 280 goto exit; 281 default: 282 clear_bit(WDM_POLL_RUNNING, &desc->flags); 283 dev_err(&desc->intf->dev, 284 "unknown notification %d received: index %d len %d\n", 285 dr->bNotificationType, 286 le16_to_cpu(dr->wIndex), 287 le16_to_cpu(dr->wLength)); 288 goto exit; 289 } 290 291 spin_lock_irqsave(&desc->iuspin, flags); 292 responding = test_and_set_bit(WDM_RESPONDING, &desc->flags); 293 if (!desc->resp_count++ && !responding 294 && !test_bit(WDM_DISCONNECTING, &desc->flags) 295 && !test_bit(WDM_SUSPENDING, &desc->flags)) { 296 rv = usb_submit_urb(desc->response, GFP_ATOMIC); 297 dev_dbg(&desc->intf->dev, "submit response URB %d\n", rv); 298 } 299 spin_unlock_irqrestore(&desc->iuspin, flags); 300 if (rv < 0) { 301 clear_bit(WDM_RESPONDING, &desc->flags); 302 if (rv == -EPERM) 303 return; 304 if (rv == -ENOMEM) { 305 sw: 306 rv = schedule_work(&desc->rxwork); 307 if (rv) 308 dev_err(&desc->intf->dev, 309 "Cannot schedule work\n"); 310 } 311 } 312 exit: 313 rv = usb_submit_urb(urb, GFP_ATOMIC); 314 if (rv) 315 dev_err(&desc->intf->dev, 316 "%s - usb_submit_urb failed with result %d\n", 317 __func__, rv); 318 319 } 320 321 static void kill_urbs(struct wdm_device *desc) 322 { 323 /* the order here is essential */ 324 usb_kill_urb(desc->command); 325 usb_kill_urb(desc->validity); 326 usb_kill_urb(desc->response); 327 } 328 329 static void free_urbs(struct wdm_device *desc) 330 { 331 usb_free_urb(desc->validity); 332 usb_free_urb(desc->response); 333 usb_free_urb(desc->command); 334 } 335 336 static void cleanup(struct wdm_device *desc) 337 { 338 kfree(desc->sbuf); 339 kfree(desc->inbuf); 340 kfree(desc->orq); 341 kfree(desc->irq); 342 kfree(desc->ubuf); 343 free_urbs(desc); 344 kfree(desc); 345 } 346 347 static ssize_t wdm_write 348 (struct file *file, const char __user *buffer, size_t count, loff_t *ppos) 349 { 350 u8 *buf; 351 int rv = -EMSGSIZE, r, we; 352 struct wdm_device *desc = file->private_data; 353 struct usb_ctrlrequest *req; 354 355 if (count > desc->wMaxCommand) 356 count = desc->wMaxCommand; 357 358 spin_lock_irq(&desc->iuspin); 359 we = desc->werr; 360 desc->werr = 0; 361 spin_unlock_irq(&desc->iuspin); 362 if (we < 0) 363 return usb_translate_errors(we); 364 365 buf = memdup_user(buffer, count); 366 if (IS_ERR(buf)) 367 return PTR_ERR(buf); 368 369 /* concurrent writes and disconnect */ 370 r = mutex_lock_interruptible(&desc->wlock); 371 rv = -ERESTARTSYS; 372 if (r) 373 goto out_free_mem; 374 375 if (test_bit(WDM_DISCONNECTING, &desc->flags)) { 376 rv = -ENODEV; 377 goto out_free_mem_lock; 378 } 379 380 r = usb_autopm_get_interface(desc->intf); 381 if (r < 0) { 382 rv = usb_translate_errors(r); 383 goto out_free_mem_lock; 384 } 385 386 if (!(file->f_flags & O_NONBLOCK)) 387 r = wait_event_interruptible(desc->wait, !test_bit(WDM_IN_USE, 388 &desc->flags)); 389 else 390 if (test_bit(WDM_IN_USE, &desc->flags)) 391 r = -EAGAIN; 392 393 if (test_bit(WDM_RESETTING, &desc->flags)) 394 r = -EIO; 395 396 if (r < 0) { 397 rv = r; 398 goto out_free_mem_pm; 399 } 400 401 req = desc->orq; 402 usb_fill_control_urb( 403 desc->command, 404 interface_to_usbdev(desc->intf), 405 /* using common endpoint 0 */ 406 usb_sndctrlpipe(interface_to_usbdev(desc->intf), 0), 407 (unsigned char *)req, 408 buf, 409 count, 410 wdm_out_callback, 411 desc 412 ); 413 414 req->bRequestType = (USB_DIR_OUT | USB_TYPE_CLASS | 415 USB_RECIP_INTERFACE); 416 req->bRequest = USB_CDC_SEND_ENCAPSULATED_COMMAND; 417 req->wValue = 0; 418 req->wIndex = desc->inum; /* already converted */ 419 req->wLength = cpu_to_le16(count); 420 set_bit(WDM_IN_USE, &desc->flags); 421 desc->outbuf = buf; 422 423 rv = usb_submit_urb(desc->command, GFP_KERNEL); 424 if (rv < 0) { 425 desc->outbuf = NULL; 426 clear_bit(WDM_IN_USE, &desc->flags); 427 dev_err(&desc->intf->dev, "Tx URB error: %d\n", rv); 428 rv = usb_translate_errors(rv); 429 goto out_free_mem_pm; 430 } else { 431 dev_dbg(&desc->intf->dev, "Tx URB has been submitted index=%d\n", 432 le16_to_cpu(req->wIndex)); 433 } 434 435 usb_autopm_put_interface(desc->intf); 436 mutex_unlock(&desc->wlock); 437 return count; 438 439 out_free_mem_pm: 440 usb_autopm_put_interface(desc->intf); 441 out_free_mem_lock: 442 mutex_unlock(&desc->wlock); 443 out_free_mem: 444 kfree(buf); 445 return rv; 446 } 447 448 /* 449 * Submit the read urb if resp_count is non-zero. 450 * 451 * Called with desc->iuspin locked 452 */ 453 static int service_outstanding_interrupt(struct wdm_device *desc) 454 { 455 int rv = 0; 456 457 /* submit read urb only if the device is waiting for it */ 458 if (!desc->resp_count || !--desc->resp_count) 459 goto out; 460 461 set_bit(WDM_RESPONDING, &desc->flags); 462 spin_unlock_irq(&desc->iuspin); 463 rv = usb_submit_urb(desc->response, GFP_KERNEL); 464 spin_lock_irq(&desc->iuspin); 465 if (rv) { 466 dev_err(&desc->intf->dev, 467 "usb_submit_urb failed with result %d\n", rv); 468 469 /* make sure the next notification trigger a submit */ 470 clear_bit(WDM_RESPONDING, &desc->flags); 471 desc->resp_count = 0; 472 } 473 out: 474 return rv; 475 } 476 477 static ssize_t wdm_read 478 (struct file *file, char __user *buffer, size_t count, loff_t *ppos) 479 { 480 int rv, cntr; 481 int i = 0; 482 struct wdm_device *desc = file->private_data; 483 484 485 rv = mutex_lock_interruptible(&desc->rlock); /*concurrent reads */ 486 if (rv < 0) 487 return -ERESTARTSYS; 488 489 cntr = READ_ONCE(desc->length); 490 if (cntr == 0) { 491 desc->read = 0; 492 retry: 493 if (test_bit(WDM_DISCONNECTING, &desc->flags)) { 494 rv = -ENODEV; 495 goto err; 496 } 497 if (test_bit(WDM_OVERFLOW, &desc->flags)) { 498 clear_bit(WDM_OVERFLOW, &desc->flags); 499 rv = -ENOBUFS; 500 goto err; 501 } 502 i++; 503 if (file->f_flags & O_NONBLOCK) { 504 if (!test_bit(WDM_READ, &desc->flags)) { 505 rv = -EAGAIN; 506 goto err; 507 } 508 rv = 0; 509 } else { 510 rv = wait_event_interruptible(desc->wait, 511 test_bit(WDM_READ, &desc->flags)); 512 } 513 514 /* may have happened while we slept */ 515 if (test_bit(WDM_DISCONNECTING, &desc->flags)) { 516 rv = -ENODEV; 517 goto err; 518 } 519 if (test_bit(WDM_RESETTING, &desc->flags)) { 520 rv = -EIO; 521 goto err; 522 } 523 usb_mark_last_busy(interface_to_usbdev(desc->intf)); 524 if (rv < 0) { 525 rv = -ERESTARTSYS; 526 goto err; 527 } 528 529 spin_lock_irq(&desc->iuspin); 530 531 if (desc->rerr) { /* read completed, error happened */ 532 rv = usb_translate_errors(desc->rerr); 533 desc->rerr = 0; 534 spin_unlock_irq(&desc->iuspin); 535 goto err; 536 } 537 /* 538 * recheck whether we've lost the race 539 * against the completion handler 540 */ 541 if (!test_bit(WDM_READ, &desc->flags)) { /* lost race */ 542 spin_unlock_irq(&desc->iuspin); 543 goto retry; 544 } 545 546 if (!desc->reslength) { /* zero length read */ 547 dev_dbg(&desc->intf->dev, "zero length - clearing WDM_READ\n"); 548 clear_bit(WDM_READ, &desc->flags); 549 rv = service_outstanding_interrupt(desc); 550 spin_unlock_irq(&desc->iuspin); 551 if (rv < 0) 552 goto err; 553 goto retry; 554 } 555 cntr = desc->length; 556 spin_unlock_irq(&desc->iuspin); 557 } 558 559 if (cntr > count) 560 cntr = count; 561 rv = copy_to_user(buffer, desc->ubuf, cntr); 562 if (rv > 0) { 563 rv = -EFAULT; 564 goto err; 565 } 566 567 spin_lock_irq(&desc->iuspin); 568 569 for (i = 0; i < desc->length - cntr; i++) 570 desc->ubuf[i] = desc->ubuf[i + cntr]; 571 572 desc->length -= cntr; 573 /* in case we had outstanding data */ 574 if (!desc->length) { 575 clear_bit(WDM_READ, &desc->flags); 576 service_outstanding_interrupt(desc); 577 } 578 spin_unlock_irq(&desc->iuspin); 579 rv = cntr; 580 581 err: 582 mutex_unlock(&desc->rlock); 583 return rv; 584 } 585 586 static int wdm_flush(struct file *file, fl_owner_t id) 587 { 588 struct wdm_device *desc = file->private_data; 589 590 wait_event(desc->wait, 591 /* 592 * needs both flags. We cannot do with one 593 * because resetting it would cause a race 594 * with write() yet we need to signal 595 * a disconnect 596 */ 597 !test_bit(WDM_IN_USE, &desc->flags) || 598 test_bit(WDM_DISCONNECTING, &desc->flags)); 599 600 /* cannot dereference desc->intf if WDM_DISCONNECTING */ 601 if (test_bit(WDM_DISCONNECTING, &desc->flags)) 602 return -ENODEV; 603 if (desc->werr < 0) 604 dev_err(&desc->intf->dev, "Error in flush path: %d\n", 605 desc->werr); 606 607 return usb_translate_errors(desc->werr); 608 } 609 610 static __poll_t wdm_poll(struct file *file, struct poll_table_struct *wait) 611 { 612 struct wdm_device *desc = file->private_data; 613 unsigned long flags; 614 __poll_t mask = 0; 615 616 spin_lock_irqsave(&desc->iuspin, flags); 617 if (test_bit(WDM_DISCONNECTING, &desc->flags)) { 618 mask = EPOLLHUP | EPOLLERR; 619 spin_unlock_irqrestore(&desc->iuspin, flags); 620 goto desc_out; 621 } 622 if (test_bit(WDM_READ, &desc->flags)) 623 mask = EPOLLIN | EPOLLRDNORM; 624 if (desc->rerr || desc->werr) 625 mask |= EPOLLERR; 626 if (!test_bit(WDM_IN_USE, &desc->flags)) 627 mask |= EPOLLOUT | EPOLLWRNORM; 628 spin_unlock_irqrestore(&desc->iuspin, flags); 629 630 poll_wait(file, &desc->wait, wait); 631 632 desc_out: 633 return mask; 634 } 635 636 static int wdm_open(struct inode *inode, struct file *file) 637 { 638 int minor = iminor(inode); 639 int rv = -ENODEV; 640 struct usb_interface *intf; 641 struct wdm_device *desc; 642 643 mutex_lock(&wdm_mutex); 644 desc = wdm_find_device_by_minor(minor); 645 if (!desc) 646 goto out; 647 648 intf = desc->intf; 649 if (test_bit(WDM_DISCONNECTING, &desc->flags)) 650 goto out; 651 file->private_data = desc; 652 653 rv = usb_autopm_get_interface(desc->intf); 654 if (rv < 0) { 655 dev_err(&desc->intf->dev, "Error autopm - %d\n", rv); 656 goto out; 657 } 658 659 /* using write lock to protect desc->count */ 660 mutex_lock(&desc->wlock); 661 if (!desc->count++) { 662 desc->werr = 0; 663 desc->rerr = 0; 664 rv = usb_submit_urb(desc->validity, GFP_KERNEL); 665 if (rv < 0) { 666 desc->count--; 667 dev_err(&desc->intf->dev, 668 "Error submitting int urb - %d\n", rv); 669 rv = usb_translate_errors(rv); 670 } 671 } else { 672 rv = 0; 673 } 674 mutex_unlock(&desc->wlock); 675 if (desc->count == 1) 676 desc->manage_power(intf, 1); 677 usb_autopm_put_interface(desc->intf); 678 out: 679 mutex_unlock(&wdm_mutex); 680 return rv; 681 } 682 683 static int wdm_release(struct inode *inode, struct file *file) 684 { 685 struct wdm_device *desc = file->private_data; 686 687 mutex_lock(&wdm_mutex); 688 689 /* using write lock to protect desc->count */ 690 mutex_lock(&desc->wlock); 691 desc->count--; 692 mutex_unlock(&desc->wlock); 693 694 if (!desc->count) { 695 if (!test_bit(WDM_DISCONNECTING, &desc->flags)) { 696 dev_dbg(&desc->intf->dev, "wdm_release: cleanup\n"); 697 kill_urbs(desc); 698 spin_lock_irq(&desc->iuspin); 699 desc->resp_count = 0; 700 spin_unlock_irq(&desc->iuspin); 701 desc->manage_power(desc->intf, 0); 702 } else { 703 /* must avoid dev_printk here as desc->intf is invalid */ 704 pr_debug(KBUILD_MODNAME " %s: device gone - cleaning up\n", __func__); 705 cleanup(desc); 706 } 707 } 708 mutex_unlock(&wdm_mutex); 709 return 0; 710 } 711 712 static long wdm_ioctl(struct file *file, unsigned int cmd, unsigned long arg) 713 { 714 struct wdm_device *desc = file->private_data; 715 int rv = 0; 716 717 switch (cmd) { 718 case IOCTL_WDM_MAX_COMMAND: 719 if (copy_to_user((void __user *)arg, &desc->wMaxCommand, sizeof(desc->wMaxCommand))) 720 rv = -EFAULT; 721 break; 722 default: 723 rv = -ENOTTY; 724 } 725 return rv; 726 } 727 728 static const struct file_operations wdm_fops = { 729 .owner = THIS_MODULE, 730 .read = wdm_read, 731 .write = wdm_write, 732 .open = wdm_open, 733 .flush = wdm_flush, 734 .release = wdm_release, 735 .poll = wdm_poll, 736 .unlocked_ioctl = wdm_ioctl, 737 .compat_ioctl = compat_ptr_ioctl, 738 .llseek = noop_llseek, 739 }; 740 741 static struct usb_class_driver wdm_class = { 742 .name = "cdc-wdm%d", 743 .fops = &wdm_fops, 744 .minor_base = WDM_MINOR_BASE, 745 }; 746 747 /* --- error handling --- */ 748 static void wdm_rxwork(struct work_struct *work) 749 { 750 struct wdm_device *desc = container_of(work, struct wdm_device, rxwork); 751 unsigned long flags; 752 int rv = 0; 753 int responding; 754 755 spin_lock_irqsave(&desc->iuspin, flags); 756 if (test_bit(WDM_DISCONNECTING, &desc->flags)) { 757 spin_unlock_irqrestore(&desc->iuspin, flags); 758 } else { 759 responding = test_and_set_bit(WDM_RESPONDING, &desc->flags); 760 spin_unlock_irqrestore(&desc->iuspin, flags); 761 if (!responding) 762 rv = usb_submit_urb(desc->response, GFP_KERNEL); 763 if (rv < 0 && rv != -EPERM) { 764 spin_lock_irqsave(&desc->iuspin, flags); 765 clear_bit(WDM_RESPONDING, &desc->flags); 766 if (!test_bit(WDM_DISCONNECTING, &desc->flags)) 767 schedule_work(&desc->rxwork); 768 spin_unlock_irqrestore(&desc->iuspin, flags); 769 } 770 } 771 } 772 773 static void service_interrupt_work(struct work_struct *work) 774 { 775 struct wdm_device *desc; 776 777 desc = container_of(work, struct wdm_device, service_outs_intr); 778 779 spin_lock_irq(&desc->iuspin); 780 service_outstanding_interrupt(desc); 781 if (!desc->resp_count) { 782 set_bit(WDM_READ, &desc->flags); 783 wake_up(&desc->wait); 784 } 785 spin_unlock_irq(&desc->iuspin); 786 } 787 788 /* --- hotplug --- */ 789 790 static int wdm_create(struct usb_interface *intf, struct usb_endpoint_descriptor *ep, 791 u16 bufsize, int (*manage_power)(struct usb_interface *, int)) 792 { 793 int rv = -ENOMEM; 794 struct wdm_device *desc; 795 796 desc = kzalloc(sizeof(struct wdm_device), GFP_KERNEL); 797 if (!desc) 798 goto out; 799 INIT_LIST_HEAD(&desc->device_list); 800 mutex_init(&desc->rlock); 801 mutex_init(&desc->wlock); 802 spin_lock_init(&desc->iuspin); 803 init_waitqueue_head(&desc->wait); 804 desc->wMaxCommand = bufsize; 805 /* this will be expanded and needed in hardware endianness */ 806 desc->inum = cpu_to_le16((u16)intf->cur_altsetting->desc.bInterfaceNumber); 807 desc->intf = intf; 808 INIT_WORK(&desc->rxwork, wdm_rxwork); 809 INIT_WORK(&desc->service_outs_intr, service_interrupt_work); 810 811 rv = -EINVAL; 812 if (!usb_endpoint_is_int_in(ep)) 813 goto err; 814 815 desc->wMaxPacketSize = usb_endpoint_maxp(ep); 816 817 desc->orq = kmalloc(sizeof(struct usb_ctrlrequest), GFP_KERNEL); 818 if (!desc->orq) 819 goto err; 820 desc->irq = kmalloc(sizeof(struct usb_ctrlrequest), GFP_KERNEL); 821 if (!desc->irq) 822 goto err; 823 824 desc->validity = usb_alloc_urb(0, GFP_KERNEL); 825 if (!desc->validity) 826 goto err; 827 828 desc->response = usb_alloc_urb(0, GFP_KERNEL); 829 if (!desc->response) 830 goto err; 831 832 desc->command = usb_alloc_urb(0, GFP_KERNEL); 833 if (!desc->command) 834 goto err; 835 836 desc->ubuf = kmalloc(desc->wMaxCommand, GFP_KERNEL); 837 if (!desc->ubuf) 838 goto err; 839 840 desc->sbuf = kmalloc(desc->wMaxPacketSize, GFP_KERNEL); 841 if (!desc->sbuf) 842 goto err; 843 844 desc->inbuf = kmalloc(desc->wMaxCommand, GFP_KERNEL); 845 if (!desc->inbuf) 846 goto err; 847 848 usb_fill_int_urb( 849 desc->validity, 850 interface_to_usbdev(intf), 851 usb_rcvintpipe(interface_to_usbdev(intf), ep->bEndpointAddress), 852 desc->sbuf, 853 desc->wMaxPacketSize, 854 wdm_int_callback, 855 desc, 856 ep->bInterval 857 ); 858 859 desc->irq->bRequestType = (USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_INTERFACE); 860 desc->irq->bRequest = USB_CDC_GET_ENCAPSULATED_RESPONSE; 861 desc->irq->wValue = 0; 862 desc->irq->wIndex = desc->inum; /* already converted */ 863 desc->irq->wLength = cpu_to_le16(desc->wMaxCommand); 864 865 usb_fill_control_urb( 866 desc->response, 867 interface_to_usbdev(intf), 868 /* using common endpoint 0 */ 869 usb_rcvctrlpipe(interface_to_usbdev(desc->intf), 0), 870 (unsigned char *)desc->irq, 871 desc->inbuf, 872 desc->wMaxCommand, 873 wdm_in_callback, 874 desc 875 ); 876 877 desc->manage_power = manage_power; 878 879 spin_lock(&wdm_device_list_lock); 880 list_add(&desc->device_list, &wdm_device_list); 881 spin_unlock(&wdm_device_list_lock); 882 883 rv = usb_register_dev(intf, &wdm_class); 884 if (rv < 0) 885 goto err; 886 else 887 dev_info(&intf->dev, "%s: USB WDM device\n", dev_name(intf->usb_dev)); 888 out: 889 return rv; 890 err: 891 spin_lock(&wdm_device_list_lock); 892 list_del(&desc->device_list); 893 spin_unlock(&wdm_device_list_lock); 894 cleanup(desc); 895 return rv; 896 } 897 898 static int wdm_manage_power(struct usb_interface *intf, int on) 899 { 900 /* need autopm_get/put here to ensure the usbcore sees the new value */ 901 int rv = usb_autopm_get_interface(intf); 902 903 intf->needs_remote_wakeup = on; 904 if (!rv) 905 usb_autopm_put_interface(intf); 906 return 0; 907 } 908 909 static int wdm_probe(struct usb_interface *intf, const struct usb_device_id *id) 910 { 911 int rv = -EINVAL; 912 struct usb_host_interface *iface; 913 struct usb_endpoint_descriptor *ep; 914 struct usb_cdc_parsed_header hdr; 915 u8 *buffer = intf->altsetting->extra; 916 int buflen = intf->altsetting->extralen; 917 u16 maxcom = WDM_DEFAULT_BUFSIZE; 918 919 if (!buffer) 920 goto err; 921 922 cdc_parse_cdc_header(&hdr, intf, buffer, buflen); 923 924 if (hdr.usb_cdc_dmm_desc) 925 maxcom = le16_to_cpu(hdr.usb_cdc_dmm_desc->wMaxCommand); 926 927 iface = intf->cur_altsetting; 928 if (iface->desc.bNumEndpoints != 1) 929 goto err; 930 ep = &iface->endpoint[0].desc; 931 932 rv = wdm_create(intf, ep, maxcom, &wdm_manage_power); 933 934 err: 935 return rv; 936 } 937 938 /** 939 * usb_cdc_wdm_register - register a WDM subdriver 940 * @intf: usb interface the subdriver will associate with 941 * @ep: interrupt endpoint to monitor for notifications 942 * @bufsize: maximum message size to support for read/write 943 * @manage_power: call-back invoked during open and release to 944 * manage the device's power 945 * Create WDM usb class character device and associate it with intf 946 * without binding, allowing another driver to manage the interface. 947 * 948 * The subdriver will manage the given interrupt endpoint exclusively 949 * and will issue control requests referring to the given intf. It 950 * will otherwise avoid interferring, and in particular not do 951 * usb_set_intfdata/usb_get_intfdata on intf. 952 * 953 * The return value is a pointer to the subdriver's struct usb_driver. 954 * The registering driver is responsible for calling this subdriver's 955 * disconnect, suspend, resume, pre_reset and post_reset methods from 956 * its own. 957 */ 958 struct usb_driver *usb_cdc_wdm_register(struct usb_interface *intf, 959 struct usb_endpoint_descriptor *ep, 960 int bufsize, 961 int (*manage_power)(struct usb_interface *, int)) 962 { 963 int rv; 964 965 rv = wdm_create(intf, ep, bufsize, manage_power); 966 if (rv < 0) 967 goto err; 968 969 return &wdm_driver; 970 err: 971 return ERR_PTR(rv); 972 } 973 EXPORT_SYMBOL(usb_cdc_wdm_register); 974 975 static void wdm_disconnect(struct usb_interface *intf) 976 { 977 struct wdm_device *desc; 978 unsigned long flags; 979 980 usb_deregister_dev(intf, &wdm_class); 981 desc = wdm_find_device(intf); 982 mutex_lock(&wdm_mutex); 983 984 /* the spinlock makes sure no new urbs are generated in the callbacks */ 985 spin_lock_irqsave(&desc->iuspin, flags); 986 set_bit(WDM_DISCONNECTING, &desc->flags); 987 set_bit(WDM_READ, &desc->flags); 988 spin_unlock_irqrestore(&desc->iuspin, flags); 989 wake_up_all(&desc->wait); 990 mutex_lock(&desc->rlock); 991 mutex_lock(&desc->wlock); 992 kill_urbs(desc); 993 cancel_work_sync(&desc->rxwork); 994 cancel_work_sync(&desc->service_outs_intr); 995 mutex_unlock(&desc->wlock); 996 mutex_unlock(&desc->rlock); 997 998 /* the desc->intf pointer used as list key is now invalid */ 999 spin_lock(&wdm_device_list_lock); 1000 list_del(&desc->device_list); 1001 spin_unlock(&wdm_device_list_lock); 1002 1003 if (!desc->count) 1004 cleanup(desc); 1005 else 1006 dev_dbg(&intf->dev, "%d open files - postponing cleanup\n", desc->count); 1007 mutex_unlock(&wdm_mutex); 1008 } 1009 1010 #ifdef CONFIG_PM 1011 static int wdm_suspend(struct usb_interface *intf, pm_message_t message) 1012 { 1013 struct wdm_device *desc = wdm_find_device(intf); 1014 int rv = 0; 1015 1016 dev_dbg(&desc->intf->dev, "wdm%d_suspend\n", intf->minor); 1017 1018 /* if this is an autosuspend the caller does the locking */ 1019 if (!PMSG_IS_AUTO(message)) { 1020 mutex_lock(&desc->rlock); 1021 mutex_lock(&desc->wlock); 1022 } 1023 spin_lock_irq(&desc->iuspin); 1024 1025 if (PMSG_IS_AUTO(message) && 1026 (test_bit(WDM_IN_USE, &desc->flags) 1027 || test_bit(WDM_RESPONDING, &desc->flags))) { 1028 spin_unlock_irq(&desc->iuspin); 1029 rv = -EBUSY; 1030 } else { 1031 1032 set_bit(WDM_SUSPENDING, &desc->flags); 1033 spin_unlock_irq(&desc->iuspin); 1034 /* callback submits work - order is essential */ 1035 kill_urbs(desc); 1036 cancel_work_sync(&desc->rxwork); 1037 cancel_work_sync(&desc->service_outs_intr); 1038 } 1039 if (!PMSG_IS_AUTO(message)) { 1040 mutex_unlock(&desc->wlock); 1041 mutex_unlock(&desc->rlock); 1042 } 1043 1044 return rv; 1045 } 1046 #endif 1047 1048 static int recover_from_urb_loss(struct wdm_device *desc) 1049 { 1050 int rv = 0; 1051 1052 if (desc->count) { 1053 rv = usb_submit_urb(desc->validity, GFP_NOIO); 1054 if (rv < 0) 1055 dev_err(&desc->intf->dev, 1056 "Error resume submitting int urb - %d\n", rv); 1057 } 1058 return rv; 1059 } 1060 1061 #ifdef CONFIG_PM 1062 static int wdm_resume(struct usb_interface *intf) 1063 { 1064 struct wdm_device *desc = wdm_find_device(intf); 1065 int rv; 1066 1067 dev_dbg(&desc->intf->dev, "wdm%d_resume\n", intf->minor); 1068 1069 clear_bit(WDM_SUSPENDING, &desc->flags); 1070 rv = recover_from_urb_loss(desc); 1071 1072 return rv; 1073 } 1074 #endif 1075 1076 static int wdm_pre_reset(struct usb_interface *intf) 1077 { 1078 struct wdm_device *desc = wdm_find_device(intf); 1079 1080 /* 1081 * we notify everybody using poll of 1082 * an exceptional situation 1083 * must be done before recovery lest a spontaneous 1084 * message from the device is lost 1085 */ 1086 spin_lock_irq(&desc->iuspin); 1087 set_bit(WDM_RESETTING, &desc->flags); /* inform read/write */ 1088 set_bit(WDM_READ, &desc->flags); /* unblock read */ 1089 clear_bit(WDM_IN_USE, &desc->flags); /* unblock write */ 1090 desc->rerr = -EINTR; 1091 spin_unlock_irq(&desc->iuspin); 1092 wake_up_all(&desc->wait); 1093 mutex_lock(&desc->rlock); 1094 mutex_lock(&desc->wlock); 1095 kill_urbs(desc); 1096 cancel_work_sync(&desc->rxwork); 1097 cancel_work_sync(&desc->service_outs_intr); 1098 return 0; 1099 } 1100 1101 static int wdm_post_reset(struct usb_interface *intf) 1102 { 1103 struct wdm_device *desc = wdm_find_device(intf); 1104 int rv; 1105 1106 clear_bit(WDM_OVERFLOW, &desc->flags); 1107 clear_bit(WDM_RESETTING, &desc->flags); 1108 rv = recover_from_urb_loss(desc); 1109 mutex_unlock(&desc->wlock); 1110 mutex_unlock(&desc->rlock); 1111 return rv; 1112 } 1113 1114 static struct usb_driver wdm_driver = { 1115 .name = "cdc_wdm", 1116 .probe = wdm_probe, 1117 .disconnect = wdm_disconnect, 1118 #ifdef CONFIG_PM 1119 .suspend = wdm_suspend, 1120 .resume = wdm_resume, 1121 .reset_resume = wdm_resume, 1122 #endif 1123 .pre_reset = wdm_pre_reset, 1124 .post_reset = wdm_post_reset, 1125 .id_table = wdm_ids, 1126 .supports_autosuspend = 1, 1127 .disable_hub_initiated_lpm = 1, 1128 }; 1129 1130 module_usb_driver(wdm_driver); 1131 1132 MODULE_AUTHOR(DRIVER_AUTHOR); 1133 MODULE_DESCRIPTION(DRIVER_DESC); 1134 MODULE_LICENSE("GPL"); 1135