1 // SPDX-License-Identifier: GPL-2.0 2 /* 3 * cdc-wdm.c 4 * 5 * This driver supports USB CDC WCM Device Management. 6 * 7 * Copyright (c) 2007-2009 Oliver Neukum 8 * 9 * Some code taken from cdc-acm.c 10 * 11 * Released under the GPLv2. 12 * 13 * Many thanks to Carl Nordbeck 14 */ 15 #include <linux/kernel.h> 16 #include <linux/errno.h> 17 #include <linux/ioctl.h> 18 #include <linux/slab.h> 19 #include <linux/module.h> 20 #include <linux/mutex.h> 21 #include <linux/uaccess.h> 22 #include <linux/bitops.h> 23 #include <linux/poll.h> 24 #include <linux/usb.h> 25 #include <linux/usb/cdc.h> 26 #include <asm/byteorder.h> 27 #include <asm/unaligned.h> 28 #include <linux/usb/cdc-wdm.h> 29 30 #define DRIVER_AUTHOR "Oliver Neukum" 31 #define DRIVER_DESC "USB Abstract Control Model driver for USB WCM Device Management" 32 33 static const struct usb_device_id wdm_ids[] = { 34 { 35 .match_flags = USB_DEVICE_ID_MATCH_INT_CLASS | 36 USB_DEVICE_ID_MATCH_INT_SUBCLASS, 37 .bInterfaceClass = USB_CLASS_COMM, 38 .bInterfaceSubClass = USB_CDC_SUBCLASS_DMM 39 }, 40 { } 41 }; 42 43 MODULE_DEVICE_TABLE (usb, wdm_ids); 44 45 #define WDM_MINOR_BASE 176 46 47 48 #define WDM_IN_USE 1 49 #define WDM_DISCONNECTING 2 50 #define WDM_RESULT 3 51 #define WDM_READ 4 52 #define WDM_INT_STALL 5 53 #define WDM_POLL_RUNNING 6 54 #define WDM_RESPONDING 7 55 #define WDM_SUSPENDING 8 56 #define WDM_RESETTING 9 57 #define WDM_OVERFLOW 10 58 59 #define WDM_MAX 16 60 61 /* CDC-WMC r1.1 requires wMaxCommand to be "at least 256 decimal (0x100)" */ 62 #define WDM_DEFAULT_BUFSIZE 256 63 64 static DEFINE_MUTEX(wdm_mutex); 65 static DEFINE_SPINLOCK(wdm_device_list_lock); 66 static LIST_HEAD(wdm_device_list); 67 68 /* --- method tables --- */ 69 70 struct wdm_device { 71 u8 *inbuf; /* buffer for response */ 72 u8 *outbuf; /* buffer for command */ 73 u8 *sbuf; /* buffer for status */ 74 u8 *ubuf; /* buffer for copy to user space */ 75 76 struct urb *command; 77 struct urb *response; 78 struct urb *validity; 79 struct usb_interface *intf; 80 struct usb_ctrlrequest *orq; 81 struct usb_ctrlrequest *irq; 82 spinlock_t iuspin; 83 84 unsigned long flags; 85 u16 bufsize; 86 u16 wMaxCommand; 87 u16 wMaxPacketSize; 88 __le16 inum; 89 int reslength; 90 int length; 91 int read; 92 int count; 93 dma_addr_t shandle; 94 dma_addr_t ihandle; 95 struct mutex wlock; 96 struct mutex rlock; 97 wait_queue_head_t wait; 98 struct work_struct rxwork; 99 struct work_struct service_outs_intr; 100 int werr; 101 int rerr; 102 int resp_count; 103 104 struct list_head device_list; 105 int (*manage_power)(struct usb_interface *, int); 106 }; 107 108 static struct usb_driver wdm_driver; 109 110 /* return intfdata if we own the interface, else look up intf in the list */ 111 static struct wdm_device *wdm_find_device(struct usb_interface *intf) 112 { 113 struct wdm_device *desc; 114 115 spin_lock(&wdm_device_list_lock); 116 list_for_each_entry(desc, &wdm_device_list, device_list) 117 if (desc->intf == intf) 118 goto found; 119 desc = NULL; 120 found: 121 spin_unlock(&wdm_device_list_lock); 122 123 return desc; 124 } 125 126 static struct wdm_device *wdm_find_device_by_minor(int minor) 127 { 128 struct wdm_device *desc; 129 130 spin_lock(&wdm_device_list_lock); 131 list_for_each_entry(desc, &wdm_device_list, device_list) 132 if (desc->intf->minor == minor) 133 goto found; 134 desc = NULL; 135 found: 136 spin_unlock(&wdm_device_list_lock); 137 138 return desc; 139 } 140 141 /* --- callbacks --- */ 142 static void wdm_out_callback(struct urb *urb) 143 { 144 struct wdm_device *desc; 145 unsigned long flags; 146 147 desc = urb->context; 148 spin_lock_irqsave(&desc->iuspin, flags); 149 desc->werr = urb->status; 150 spin_unlock_irqrestore(&desc->iuspin, flags); 151 kfree(desc->outbuf); 152 desc->outbuf = NULL; 153 clear_bit(WDM_IN_USE, &desc->flags); 154 wake_up(&desc->wait); 155 } 156 157 static void wdm_in_callback(struct urb *urb) 158 { 159 unsigned long flags; 160 struct wdm_device *desc = urb->context; 161 int status = urb->status; 162 int length = urb->actual_length; 163 164 spin_lock_irqsave(&desc->iuspin, flags); 165 clear_bit(WDM_RESPONDING, &desc->flags); 166 167 if (status) { 168 switch (status) { 169 case -ENOENT: 170 dev_dbg(&desc->intf->dev, 171 "nonzero urb status received: -ENOENT\n"); 172 goto skip_error; 173 case -ECONNRESET: 174 dev_dbg(&desc->intf->dev, 175 "nonzero urb status received: -ECONNRESET\n"); 176 goto skip_error; 177 case -ESHUTDOWN: 178 dev_dbg(&desc->intf->dev, 179 "nonzero urb status received: -ESHUTDOWN\n"); 180 goto skip_error; 181 case -EPIPE: 182 dev_err(&desc->intf->dev, 183 "nonzero urb status received: -EPIPE\n"); 184 break; 185 default: 186 dev_err(&desc->intf->dev, 187 "Unexpected error %d\n", status); 188 break; 189 } 190 } 191 192 /* 193 * only set a new error if there is no previous error. 194 * Errors are only cleared during read/open 195 * Avoid propagating -EPIPE (stall) to userspace since it is 196 * better handled as an empty read 197 */ 198 if (desc->rerr == 0 && status != -EPIPE) 199 desc->rerr = status; 200 201 if (length + desc->length > desc->wMaxCommand) { 202 /* The buffer would overflow */ 203 set_bit(WDM_OVERFLOW, &desc->flags); 204 } else { 205 /* we may already be in overflow */ 206 if (!test_bit(WDM_OVERFLOW, &desc->flags)) { 207 memmove(desc->ubuf + desc->length, desc->inbuf, length); 208 desc->length += length; 209 desc->reslength = length; 210 } 211 } 212 skip_error: 213 214 if (desc->rerr) { 215 /* 216 * Since there was an error, userspace may decide to not read 217 * any data after poll'ing. 218 * We should respond to further attempts from the device to send 219 * data, so that we can get unstuck. 220 */ 221 schedule_work(&desc->service_outs_intr); 222 } else { 223 set_bit(WDM_READ, &desc->flags); 224 wake_up(&desc->wait); 225 } 226 spin_unlock_irqrestore(&desc->iuspin, flags); 227 } 228 229 static void wdm_int_callback(struct urb *urb) 230 { 231 unsigned long flags; 232 int rv = 0; 233 int responding; 234 int status = urb->status; 235 struct wdm_device *desc; 236 struct usb_cdc_notification *dr; 237 238 desc = urb->context; 239 dr = (struct usb_cdc_notification *)desc->sbuf; 240 241 if (status) { 242 switch (status) { 243 case -ESHUTDOWN: 244 case -ENOENT: 245 case -ECONNRESET: 246 return; /* unplug */ 247 case -EPIPE: 248 set_bit(WDM_INT_STALL, &desc->flags); 249 dev_err(&desc->intf->dev, "Stall on int endpoint\n"); 250 goto sw; /* halt is cleared in work */ 251 default: 252 dev_err(&desc->intf->dev, 253 "nonzero urb status received: %d\n", status); 254 break; 255 } 256 } 257 258 if (urb->actual_length < sizeof(struct usb_cdc_notification)) { 259 dev_err(&desc->intf->dev, "wdm_int_callback - %d bytes\n", 260 urb->actual_length); 261 goto exit; 262 } 263 264 switch (dr->bNotificationType) { 265 case USB_CDC_NOTIFY_RESPONSE_AVAILABLE: 266 dev_dbg(&desc->intf->dev, 267 "NOTIFY_RESPONSE_AVAILABLE received: index %d len %d\n", 268 le16_to_cpu(dr->wIndex), le16_to_cpu(dr->wLength)); 269 break; 270 271 case USB_CDC_NOTIFY_NETWORK_CONNECTION: 272 273 dev_dbg(&desc->intf->dev, 274 "NOTIFY_NETWORK_CONNECTION %s network\n", 275 dr->wValue ? "connected to" : "disconnected from"); 276 goto exit; 277 case USB_CDC_NOTIFY_SPEED_CHANGE: 278 dev_dbg(&desc->intf->dev, "SPEED_CHANGE received (len %u)\n", 279 urb->actual_length); 280 goto exit; 281 default: 282 clear_bit(WDM_POLL_RUNNING, &desc->flags); 283 dev_err(&desc->intf->dev, 284 "unknown notification %d received: index %d len %d\n", 285 dr->bNotificationType, 286 le16_to_cpu(dr->wIndex), 287 le16_to_cpu(dr->wLength)); 288 goto exit; 289 } 290 291 spin_lock_irqsave(&desc->iuspin, flags); 292 responding = test_and_set_bit(WDM_RESPONDING, &desc->flags); 293 if (!desc->resp_count++ && !responding 294 && !test_bit(WDM_DISCONNECTING, &desc->flags) 295 && !test_bit(WDM_SUSPENDING, &desc->flags)) { 296 rv = usb_submit_urb(desc->response, GFP_ATOMIC); 297 dev_dbg(&desc->intf->dev, "submit response URB %d\n", rv); 298 } 299 spin_unlock_irqrestore(&desc->iuspin, flags); 300 if (rv < 0) { 301 clear_bit(WDM_RESPONDING, &desc->flags); 302 if (rv == -EPERM) 303 return; 304 if (rv == -ENOMEM) { 305 sw: 306 rv = schedule_work(&desc->rxwork); 307 if (rv) 308 dev_err(&desc->intf->dev, 309 "Cannot schedule work\n"); 310 } 311 } 312 exit: 313 rv = usb_submit_urb(urb, GFP_ATOMIC); 314 if (rv) 315 dev_err(&desc->intf->dev, 316 "%s - usb_submit_urb failed with result %d\n", 317 __func__, rv); 318 319 } 320 321 static void kill_urbs(struct wdm_device *desc) 322 { 323 /* the order here is essential */ 324 usb_kill_urb(desc->command); 325 usb_kill_urb(desc->validity); 326 usb_kill_urb(desc->response); 327 } 328 329 static void free_urbs(struct wdm_device *desc) 330 { 331 usb_free_urb(desc->validity); 332 usb_free_urb(desc->response); 333 usb_free_urb(desc->command); 334 } 335 336 static void cleanup(struct wdm_device *desc) 337 { 338 kfree(desc->sbuf); 339 kfree(desc->inbuf); 340 kfree(desc->orq); 341 kfree(desc->irq); 342 kfree(desc->ubuf); 343 free_urbs(desc); 344 kfree(desc); 345 } 346 347 static ssize_t wdm_write 348 (struct file *file, const char __user *buffer, size_t count, loff_t *ppos) 349 { 350 u8 *buf; 351 int rv = -EMSGSIZE, r, we; 352 struct wdm_device *desc = file->private_data; 353 struct usb_ctrlrequest *req; 354 355 if (count > desc->wMaxCommand) 356 count = desc->wMaxCommand; 357 358 spin_lock_irq(&desc->iuspin); 359 we = desc->werr; 360 desc->werr = 0; 361 spin_unlock_irq(&desc->iuspin); 362 if (we < 0) 363 return usb_translate_errors(we); 364 365 buf = memdup_user(buffer, count); 366 if (IS_ERR(buf)) 367 return PTR_ERR(buf); 368 369 /* concurrent writes and disconnect */ 370 r = mutex_lock_interruptible(&desc->wlock); 371 rv = -ERESTARTSYS; 372 if (r) 373 goto out_free_mem; 374 375 if (test_bit(WDM_DISCONNECTING, &desc->flags)) { 376 rv = -ENODEV; 377 goto out_free_mem_lock; 378 } 379 380 r = usb_autopm_get_interface(desc->intf); 381 if (r < 0) { 382 rv = usb_translate_errors(r); 383 goto out_free_mem_lock; 384 } 385 386 if (!(file->f_flags & O_NONBLOCK)) 387 r = wait_event_interruptible(desc->wait, !test_bit(WDM_IN_USE, 388 &desc->flags)); 389 else 390 if (test_bit(WDM_IN_USE, &desc->flags)) 391 r = -EAGAIN; 392 393 if (test_bit(WDM_RESETTING, &desc->flags)) 394 r = -EIO; 395 396 if (r < 0) { 397 rv = r; 398 goto out_free_mem_pm; 399 } 400 401 req = desc->orq; 402 usb_fill_control_urb( 403 desc->command, 404 interface_to_usbdev(desc->intf), 405 /* using common endpoint 0 */ 406 usb_sndctrlpipe(interface_to_usbdev(desc->intf), 0), 407 (unsigned char *)req, 408 buf, 409 count, 410 wdm_out_callback, 411 desc 412 ); 413 414 req->bRequestType = (USB_DIR_OUT | USB_TYPE_CLASS | 415 USB_RECIP_INTERFACE); 416 req->bRequest = USB_CDC_SEND_ENCAPSULATED_COMMAND; 417 req->wValue = 0; 418 req->wIndex = desc->inum; /* already converted */ 419 req->wLength = cpu_to_le16(count); 420 set_bit(WDM_IN_USE, &desc->flags); 421 desc->outbuf = buf; 422 423 rv = usb_submit_urb(desc->command, GFP_KERNEL); 424 if (rv < 0) { 425 desc->outbuf = NULL; 426 clear_bit(WDM_IN_USE, &desc->flags); 427 dev_err(&desc->intf->dev, "Tx URB error: %d\n", rv); 428 rv = usb_translate_errors(rv); 429 goto out_free_mem_pm; 430 } else { 431 dev_dbg(&desc->intf->dev, "Tx URB has been submitted index=%d\n", 432 le16_to_cpu(req->wIndex)); 433 } 434 435 usb_autopm_put_interface(desc->intf); 436 mutex_unlock(&desc->wlock); 437 return count; 438 439 out_free_mem_pm: 440 usb_autopm_put_interface(desc->intf); 441 out_free_mem_lock: 442 mutex_unlock(&desc->wlock); 443 out_free_mem: 444 kfree(buf); 445 return rv; 446 } 447 448 /* 449 * Submit the read urb if resp_count is non-zero. 450 * 451 * Called with desc->iuspin locked 452 */ 453 static int service_outstanding_interrupt(struct wdm_device *desc) 454 { 455 int rv = 0; 456 457 /* submit read urb only if the device is waiting for it */ 458 if (!desc->resp_count || !--desc->resp_count) 459 goto out; 460 461 set_bit(WDM_RESPONDING, &desc->flags); 462 spin_unlock_irq(&desc->iuspin); 463 rv = usb_submit_urb(desc->response, GFP_KERNEL); 464 spin_lock_irq(&desc->iuspin); 465 if (rv) { 466 dev_err(&desc->intf->dev, 467 "usb_submit_urb failed with result %d\n", rv); 468 469 /* make sure the next notification trigger a submit */ 470 clear_bit(WDM_RESPONDING, &desc->flags); 471 desc->resp_count = 0; 472 } 473 out: 474 return rv; 475 } 476 477 static ssize_t wdm_read 478 (struct file *file, char __user *buffer, size_t count, loff_t *ppos) 479 { 480 int rv, cntr; 481 int i = 0; 482 struct wdm_device *desc = file->private_data; 483 484 485 rv = mutex_lock_interruptible(&desc->rlock); /*concurrent reads */ 486 if (rv < 0) 487 return -ERESTARTSYS; 488 489 cntr = READ_ONCE(desc->length); 490 if (cntr == 0) { 491 desc->read = 0; 492 retry: 493 if (test_bit(WDM_DISCONNECTING, &desc->flags)) { 494 rv = -ENODEV; 495 goto err; 496 } 497 if (test_bit(WDM_OVERFLOW, &desc->flags)) { 498 clear_bit(WDM_OVERFLOW, &desc->flags); 499 rv = -ENOBUFS; 500 goto err; 501 } 502 i++; 503 if (file->f_flags & O_NONBLOCK) { 504 if (!test_bit(WDM_READ, &desc->flags)) { 505 rv = -EAGAIN; 506 goto err; 507 } 508 rv = 0; 509 } else { 510 rv = wait_event_interruptible(desc->wait, 511 test_bit(WDM_READ, &desc->flags)); 512 } 513 514 /* may have happened while we slept */ 515 if (test_bit(WDM_DISCONNECTING, &desc->flags)) { 516 rv = -ENODEV; 517 goto err; 518 } 519 if (test_bit(WDM_RESETTING, &desc->flags)) { 520 rv = -EIO; 521 goto err; 522 } 523 usb_mark_last_busy(interface_to_usbdev(desc->intf)); 524 if (rv < 0) { 525 rv = -ERESTARTSYS; 526 goto err; 527 } 528 529 spin_lock_irq(&desc->iuspin); 530 531 if (desc->rerr) { /* read completed, error happened */ 532 rv = usb_translate_errors(desc->rerr); 533 desc->rerr = 0; 534 spin_unlock_irq(&desc->iuspin); 535 goto err; 536 } 537 /* 538 * recheck whether we've lost the race 539 * against the completion handler 540 */ 541 if (!test_bit(WDM_READ, &desc->flags)) { /* lost race */ 542 spin_unlock_irq(&desc->iuspin); 543 goto retry; 544 } 545 546 if (!desc->reslength) { /* zero length read */ 547 dev_dbg(&desc->intf->dev, "zero length - clearing WDM_READ\n"); 548 clear_bit(WDM_READ, &desc->flags); 549 rv = service_outstanding_interrupt(desc); 550 spin_unlock_irq(&desc->iuspin); 551 if (rv < 0) 552 goto err; 553 goto retry; 554 } 555 cntr = desc->length; 556 spin_unlock_irq(&desc->iuspin); 557 } 558 559 if (cntr > count) 560 cntr = count; 561 rv = copy_to_user(buffer, desc->ubuf, cntr); 562 if (rv > 0) { 563 rv = -EFAULT; 564 goto err; 565 } 566 567 spin_lock_irq(&desc->iuspin); 568 569 for (i = 0; i < desc->length - cntr; i++) 570 desc->ubuf[i] = desc->ubuf[i + cntr]; 571 572 desc->length -= cntr; 573 /* in case we had outstanding data */ 574 if (!desc->length) { 575 clear_bit(WDM_READ, &desc->flags); 576 service_outstanding_interrupt(desc); 577 } 578 spin_unlock_irq(&desc->iuspin); 579 rv = cntr; 580 581 err: 582 mutex_unlock(&desc->rlock); 583 return rv; 584 } 585 586 static int wdm_flush(struct file *file, fl_owner_t id) 587 { 588 struct wdm_device *desc = file->private_data; 589 590 wait_event(desc->wait, !test_bit(WDM_IN_USE, &desc->flags)); 591 592 /* cannot dereference desc->intf if WDM_DISCONNECTING */ 593 if (desc->werr < 0 && !test_bit(WDM_DISCONNECTING, &desc->flags)) 594 dev_err(&desc->intf->dev, "Error in flush path: %d\n", 595 desc->werr); 596 597 return usb_translate_errors(desc->werr); 598 } 599 600 static __poll_t wdm_poll(struct file *file, struct poll_table_struct *wait) 601 { 602 struct wdm_device *desc = file->private_data; 603 unsigned long flags; 604 __poll_t mask = 0; 605 606 spin_lock_irqsave(&desc->iuspin, flags); 607 if (test_bit(WDM_DISCONNECTING, &desc->flags)) { 608 mask = EPOLLHUP | EPOLLERR; 609 spin_unlock_irqrestore(&desc->iuspin, flags); 610 goto desc_out; 611 } 612 if (test_bit(WDM_READ, &desc->flags)) 613 mask = EPOLLIN | EPOLLRDNORM; 614 if (desc->rerr || desc->werr) 615 mask |= EPOLLERR; 616 if (!test_bit(WDM_IN_USE, &desc->flags)) 617 mask |= EPOLLOUT | EPOLLWRNORM; 618 spin_unlock_irqrestore(&desc->iuspin, flags); 619 620 poll_wait(file, &desc->wait, wait); 621 622 desc_out: 623 return mask; 624 } 625 626 static int wdm_open(struct inode *inode, struct file *file) 627 { 628 int minor = iminor(inode); 629 int rv = -ENODEV; 630 struct usb_interface *intf; 631 struct wdm_device *desc; 632 633 mutex_lock(&wdm_mutex); 634 desc = wdm_find_device_by_minor(minor); 635 if (!desc) 636 goto out; 637 638 intf = desc->intf; 639 if (test_bit(WDM_DISCONNECTING, &desc->flags)) 640 goto out; 641 file->private_data = desc; 642 643 rv = usb_autopm_get_interface(desc->intf); 644 if (rv < 0) { 645 dev_err(&desc->intf->dev, "Error autopm - %d\n", rv); 646 goto out; 647 } 648 649 /* using write lock to protect desc->count */ 650 mutex_lock(&desc->wlock); 651 if (!desc->count++) { 652 desc->werr = 0; 653 desc->rerr = 0; 654 rv = usb_submit_urb(desc->validity, GFP_KERNEL); 655 if (rv < 0) { 656 desc->count--; 657 dev_err(&desc->intf->dev, 658 "Error submitting int urb - %d\n", rv); 659 rv = usb_translate_errors(rv); 660 } 661 } else { 662 rv = 0; 663 } 664 mutex_unlock(&desc->wlock); 665 if (desc->count == 1) 666 desc->manage_power(intf, 1); 667 usb_autopm_put_interface(desc->intf); 668 out: 669 mutex_unlock(&wdm_mutex); 670 return rv; 671 } 672 673 static int wdm_release(struct inode *inode, struct file *file) 674 { 675 struct wdm_device *desc = file->private_data; 676 677 mutex_lock(&wdm_mutex); 678 679 /* using write lock to protect desc->count */ 680 mutex_lock(&desc->wlock); 681 desc->count--; 682 mutex_unlock(&desc->wlock); 683 684 if (!desc->count) { 685 if (!test_bit(WDM_DISCONNECTING, &desc->flags)) { 686 dev_dbg(&desc->intf->dev, "wdm_release: cleanup\n"); 687 kill_urbs(desc); 688 spin_lock_irq(&desc->iuspin); 689 desc->resp_count = 0; 690 spin_unlock_irq(&desc->iuspin); 691 desc->manage_power(desc->intf, 0); 692 } else { 693 /* must avoid dev_printk here as desc->intf is invalid */ 694 pr_debug(KBUILD_MODNAME " %s: device gone - cleaning up\n", __func__); 695 cleanup(desc); 696 } 697 } 698 mutex_unlock(&wdm_mutex); 699 return 0; 700 } 701 702 static long wdm_ioctl(struct file *file, unsigned int cmd, unsigned long arg) 703 { 704 struct wdm_device *desc = file->private_data; 705 int rv = 0; 706 707 switch (cmd) { 708 case IOCTL_WDM_MAX_COMMAND: 709 if (copy_to_user((void __user *)arg, &desc->wMaxCommand, sizeof(desc->wMaxCommand))) 710 rv = -EFAULT; 711 break; 712 default: 713 rv = -ENOTTY; 714 } 715 return rv; 716 } 717 718 static const struct file_operations wdm_fops = { 719 .owner = THIS_MODULE, 720 .read = wdm_read, 721 .write = wdm_write, 722 .open = wdm_open, 723 .flush = wdm_flush, 724 .release = wdm_release, 725 .poll = wdm_poll, 726 .unlocked_ioctl = wdm_ioctl, 727 .compat_ioctl = wdm_ioctl, 728 .llseek = noop_llseek, 729 }; 730 731 static struct usb_class_driver wdm_class = { 732 .name = "cdc-wdm%d", 733 .fops = &wdm_fops, 734 .minor_base = WDM_MINOR_BASE, 735 }; 736 737 /* --- error handling --- */ 738 static void wdm_rxwork(struct work_struct *work) 739 { 740 struct wdm_device *desc = container_of(work, struct wdm_device, rxwork); 741 unsigned long flags; 742 int rv = 0; 743 int responding; 744 745 spin_lock_irqsave(&desc->iuspin, flags); 746 if (test_bit(WDM_DISCONNECTING, &desc->flags)) { 747 spin_unlock_irqrestore(&desc->iuspin, flags); 748 } else { 749 responding = test_and_set_bit(WDM_RESPONDING, &desc->flags); 750 spin_unlock_irqrestore(&desc->iuspin, flags); 751 if (!responding) 752 rv = usb_submit_urb(desc->response, GFP_KERNEL); 753 if (rv < 0 && rv != -EPERM) { 754 spin_lock_irqsave(&desc->iuspin, flags); 755 clear_bit(WDM_RESPONDING, &desc->flags); 756 if (!test_bit(WDM_DISCONNECTING, &desc->flags)) 757 schedule_work(&desc->rxwork); 758 spin_unlock_irqrestore(&desc->iuspin, flags); 759 } 760 } 761 } 762 763 static void service_interrupt_work(struct work_struct *work) 764 { 765 struct wdm_device *desc; 766 767 desc = container_of(work, struct wdm_device, service_outs_intr); 768 769 spin_lock_irq(&desc->iuspin); 770 service_outstanding_interrupt(desc); 771 if (!desc->resp_count) { 772 set_bit(WDM_READ, &desc->flags); 773 wake_up(&desc->wait); 774 } 775 spin_unlock_irq(&desc->iuspin); 776 } 777 778 /* --- hotplug --- */ 779 780 static int wdm_create(struct usb_interface *intf, struct usb_endpoint_descriptor *ep, 781 u16 bufsize, int (*manage_power)(struct usb_interface *, int)) 782 { 783 int rv = -ENOMEM; 784 struct wdm_device *desc; 785 786 desc = kzalloc(sizeof(struct wdm_device), GFP_KERNEL); 787 if (!desc) 788 goto out; 789 INIT_LIST_HEAD(&desc->device_list); 790 mutex_init(&desc->rlock); 791 mutex_init(&desc->wlock); 792 spin_lock_init(&desc->iuspin); 793 init_waitqueue_head(&desc->wait); 794 desc->wMaxCommand = bufsize; 795 /* this will be expanded and needed in hardware endianness */ 796 desc->inum = cpu_to_le16((u16)intf->cur_altsetting->desc.bInterfaceNumber); 797 desc->intf = intf; 798 INIT_WORK(&desc->rxwork, wdm_rxwork); 799 INIT_WORK(&desc->service_outs_intr, service_interrupt_work); 800 801 rv = -EINVAL; 802 if (!usb_endpoint_is_int_in(ep)) 803 goto err; 804 805 desc->wMaxPacketSize = usb_endpoint_maxp(ep); 806 807 desc->orq = kmalloc(sizeof(struct usb_ctrlrequest), GFP_KERNEL); 808 if (!desc->orq) 809 goto err; 810 desc->irq = kmalloc(sizeof(struct usb_ctrlrequest), GFP_KERNEL); 811 if (!desc->irq) 812 goto err; 813 814 desc->validity = usb_alloc_urb(0, GFP_KERNEL); 815 if (!desc->validity) 816 goto err; 817 818 desc->response = usb_alloc_urb(0, GFP_KERNEL); 819 if (!desc->response) 820 goto err; 821 822 desc->command = usb_alloc_urb(0, GFP_KERNEL); 823 if (!desc->command) 824 goto err; 825 826 desc->ubuf = kmalloc(desc->wMaxCommand, GFP_KERNEL); 827 if (!desc->ubuf) 828 goto err; 829 830 desc->sbuf = kmalloc(desc->wMaxPacketSize, GFP_KERNEL); 831 if (!desc->sbuf) 832 goto err; 833 834 desc->inbuf = kmalloc(desc->wMaxCommand, GFP_KERNEL); 835 if (!desc->inbuf) 836 goto err; 837 838 usb_fill_int_urb( 839 desc->validity, 840 interface_to_usbdev(intf), 841 usb_rcvintpipe(interface_to_usbdev(intf), ep->bEndpointAddress), 842 desc->sbuf, 843 desc->wMaxPacketSize, 844 wdm_int_callback, 845 desc, 846 ep->bInterval 847 ); 848 849 desc->irq->bRequestType = (USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_INTERFACE); 850 desc->irq->bRequest = USB_CDC_GET_ENCAPSULATED_RESPONSE; 851 desc->irq->wValue = 0; 852 desc->irq->wIndex = desc->inum; /* already converted */ 853 desc->irq->wLength = cpu_to_le16(desc->wMaxCommand); 854 855 usb_fill_control_urb( 856 desc->response, 857 interface_to_usbdev(intf), 858 /* using common endpoint 0 */ 859 usb_rcvctrlpipe(interface_to_usbdev(desc->intf), 0), 860 (unsigned char *)desc->irq, 861 desc->inbuf, 862 desc->wMaxCommand, 863 wdm_in_callback, 864 desc 865 ); 866 867 desc->manage_power = manage_power; 868 869 spin_lock(&wdm_device_list_lock); 870 list_add(&desc->device_list, &wdm_device_list); 871 spin_unlock(&wdm_device_list_lock); 872 873 rv = usb_register_dev(intf, &wdm_class); 874 if (rv < 0) 875 goto err; 876 else 877 dev_info(&intf->dev, "%s: USB WDM device\n", dev_name(intf->usb_dev)); 878 out: 879 return rv; 880 err: 881 spin_lock(&wdm_device_list_lock); 882 list_del(&desc->device_list); 883 spin_unlock(&wdm_device_list_lock); 884 cleanup(desc); 885 return rv; 886 } 887 888 static int wdm_manage_power(struct usb_interface *intf, int on) 889 { 890 /* need autopm_get/put here to ensure the usbcore sees the new value */ 891 int rv = usb_autopm_get_interface(intf); 892 893 intf->needs_remote_wakeup = on; 894 if (!rv) 895 usb_autopm_put_interface(intf); 896 return 0; 897 } 898 899 static int wdm_probe(struct usb_interface *intf, const struct usb_device_id *id) 900 { 901 int rv = -EINVAL; 902 struct usb_host_interface *iface; 903 struct usb_endpoint_descriptor *ep; 904 struct usb_cdc_parsed_header hdr; 905 u8 *buffer = intf->altsetting->extra; 906 int buflen = intf->altsetting->extralen; 907 u16 maxcom = WDM_DEFAULT_BUFSIZE; 908 909 if (!buffer) 910 goto err; 911 912 cdc_parse_cdc_header(&hdr, intf, buffer, buflen); 913 914 if (hdr.usb_cdc_dmm_desc) 915 maxcom = le16_to_cpu(hdr.usb_cdc_dmm_desc->wMaxCommand); 916 917 iface = intf->cur_altsetting; 918 if (iface->desc.bNumEndpoints != 1) 919 goto err; 920 ep = &iface->endpoint[0].desc; 921 922 rv = wdm_create(intf, ep, maxcom, &wdm_manage_power); 923 924 err: 925 return rv; 926 } 927 928 /** 929 * usb_cdc_wdm_register - register a WDM subdriver 930 * @intf: usb interface the subdriver will associate with 931 * @ep: interrupt endpoint to monitor for notifications 932 * @bufsize: maximum message size to support for read/write 933 * 934 * Create WDM usb class character device and associate it with intf 935 * without binding, allowing another driver to manage the interface. 936 * 937 * The subdriver will manage the given interrupt endpoint exclusively 938 * and will issue control requests referring to the given intf. It 939 * will otherwise avoid interferring, and in particular not do 940 * usb_set_intfdata/usb_get_intfdata on intf. 941 * 942 * The return value is a pointer to the subdriver's struct usb_driver. 943 * The registering driver is responsible for calling this subdriver's 944 * disconnect, suspend, resume, pre_reset and post_reset methods from 945 * its own. 946 */ 947 struct usb_driver *usb_cdc_wdm_register(struct usb_interface *intf, 948 struct usb_endpoint_descriptor *ep, 949 int bufsize, 950 int (*manage_power)(struct usb_interface *, int)) 951 { 952 int rv; 953 954 rv = wdm_create(intf, ep, bufsize, manage_power); 955 if (rv < 0) 956 goto err; 957 958 return &wdm_driver; 959 err: 960 return ERR_PTR(rv); 961 } 962 EXPORT_SYMBOL(usb_cdc_wdm_register); 963 964 static void wdm_disconnect(struct usb_interface *intf) 965 { 966 struct wdm_device *desc; 967 unsigned long flags; 968 969 usb_deregister_dev(intf, &wdm_class); 970 desc = wdm_find_device(intf); 971 mutex_lock(&wdm_mutex); 972 973 /* the spinlock makes sure no new urbs are generated in the callbacks */ 974 spin_lock_irqsave(&desc->iuspin, flags); 975 set_bit(WDM_DISCONNECTING, &desc->flags); 976 set_bit(WDM_READ, &desc->flags); 977 /* to terminate pending flushes */ 978 clear_bit(WDM_IN_USE, &desc->flags); 979 spin_unlock_irqrestore(&desc->iuspin, flags); 980 wake_up_all(&desc->wait); 981 mutex_lock(&desc->rlock); 982 mutex_lock(&desc->wlock); 983 kill_urbs(desc); 984 cancel_work_sync(&desc->rxwork); 985 cancel_work_sync(&desc->service_outs_intr); 986 mutex_unlock(&desc->wlock); 987 mutex_unlock(&desc->rlock); 988 989 /* the desc->intf pointer used as list key is now invalid */ 990 spin_lock(&wdm_device_list_lock); 991 list_del(&desc->device_list); 992 spin_unlock(&wdm_device_list_lock); 993 994 if (!desc->count) 995 cleanup(desc); 996 else 997 dev_dbg(&intf->dev, "%d open files - postponing cleanup\n", desc->count); 998 mutex_unlock(&wdm_mutex); 999 } 1000 1001 #ifdef CONFIG_PM 1002 static int wdm_suspend(struct usb_interface *intf, pm_message_t message) 1003 { 1004 struct wdm_device *desc = wdm_find_device(intf); 1005 int rv = 0; 1006 1007 dev_dbg(&desc->intf->dev, "wdm%d_suspend\n", intf->minor); 1008 1009 /* if this is an autosuspend the caller does the locking */ 1010 if (!PMSG_IS_AUTO(message)) { 1011 mutex_lock(&desc->rlock); 1012 mutex_lock(&desc->wlock); 1013 } 1014 spin_lock_irq(&desc->iuspin); 1015 1016 if (PMSG_IS_AUTO(message) && 1017 (test_bit(WDM_IN_USE, &desc->flags) 1018 || test_bit(WDM_RESPONDING, &desc->flags))) { 1019 spin_unlock_irq(&desc->iuspin); 1020 rv = -EBUSY; 1021 } else { 1022 1023 set_bit(WDM_SUSPENDING, &desc->flags); 1024 spin_unlock_irq(&desc->iuspin); 1025 /* callback submits work - order is essential */ 1026 kill_urbs(desc); 1027 cancel_work_sync(&desc->rxwork); 1028 cancel_work_sync(&desc->service_outs_intr); 1029 } 1030 if (!PMSG_IS_AUTO(message)) { 1031 mutex_unlock(&desc->wlock); 1032 mutex_unlock(&desc->rlock); 1033 } 1034 1035 return rv; 1036 } 1037 #endif 1038 1039 static int recover_from_urb_loss(struct wdm_device *desc) 1040 { 1041 int rv = 0; 1042 1043 if (desc->count) { 1044 rv = usb_submit_urb(desc->validity, GFP_NOIO); 1045 if (rv < 0) 1046 dev_err(&desc->intf->dev, 1047 "Error resume submitting int urb - %d\n", rv); 1048 } 1049 return rv; 1050 } 1051 1052 #ifdef CONFIG_PM 1053 static int wdm_resume(struct usb_interface *intf) 1054 { 1055 struct wdm_device *desc = wdm_find_device(intf); 1056 int rv; 1057 1058 dev_dbg(&desc->intf->dev, "wdm%d_resume\n", intf->minor); 1059 1060 clear_bit(WDM_SUSPENDING, &desc->flags); 1061 rv = recover_from_urb_loss(desc); 1062 1063 return rv; 1064 } 1065 #endif 1066 1067 static int wdm_pre_reset(struct usb_interface *intf) 1068 { 1069 struct wdm_device *desc = wdm_find_device(intf); 1070 1071 /* 1072 * we notify everybody using poll of 1073 * an exceptional situation 1074 * must be done before recovery lest a spontaneous 1075 * message from the device is lost 1076 */ 1077 spin_lock_irq(&desc->iuspin); 1078 set_bit(WDM_RESETTING, &desc->flags); /* inform read/write */ 1079 set_bit(WDM_READ, &desc->flags); /* unblock read */ 1080 clear_bit(WDM_IN_USE, &desc->flags); /* unblock write */ 1081 desc->rerr = -EINTR; 1082 spin_unlock_irq(&desc->iuspin); 1083 wake_up_all(&desc->wait); 1084 mutex_lock(&desc->rlock); 1085 mutex_lock(&desc->wlock); 1086 kill_urbs(desc); 1087 cancel_work_sync(&desc->rxwork); 1088 cancel_work_sync(&desc->service_outs_intr); 1089 return 0; 1090 } 1091 1092 static int wdm_post_reset(struct usb_interface *intf) 1093 { 1094 struct wdm_device *desc = wdm_find_device(intf); 1095 int rv; 1096 1097 clear_bit(WDM_OVERFLOW, &desc->flags); 1098 clear_bit(WDM_RESETTING, &desc->flags); 1099 rv = recover_from_urb_loss(desc); 1100 mutex_unlock(&desc->wlock); 1101 mutex_unlock(&desc->rlock); 1102 return rv; 1103 } 1104 1105 static struct usb_driver wdm_driver = { 1106 .name = "cdc_wdm", 1107 .probe = wdm_probe, 1108 .disconnect = wdm_disconnect, 1109 #ifdef CONFIG_PM 1110 .suspend = wdm_suspend, 1111 .resume = wdm_resume, 1112 .reset_resume = wdm_resume, 1113 #endif 1114 .pre_reset = wdm_pre_reset, 1115 .post_reset = wdm_post_reset, 1116 .id_table = wdm_ids, 1117 .supports_autosuspend = 1, 1118 .disable_hub_initiated_lpm = 1, 1119 }; 1120 1121 module_usb_driver(wdm_driver); 1122 1123 MODULE_AUTHOR(DRIVER_AUTHOR); 1124 MODULE_DESCRIPTION(DRIVER_DESC); 1125 MODULE_LICENSE("GPL"); 1126