xref: /openbmc/linux/drivers/usb/class/usbtmc.c (revision 711aab1d)
1 /**
2  * drivers/usb/class/usbtmc.c - USB Test & Measurement class driver
3  *
4  * Copyright (C) 2007 Stefan Kopp, Gechingen, Germany
5  * Copyright (C) 2008 Novell, Inc.
6  * Copyright (C) 2008 Greg Kroah-Hartman <gregkh@suse.de>
7  *
8  * This program is free software; you can redistribute it and/or
9  * modify it under the terms of the GNU General Public License
10  * as published by the Free Software Foundation; either version 2
11  * of the License, or (at your option) any later version.
12  *
13  * This program is distributed in the hope that it will be useful,
14  * but WITHOUT ANY WARRANTY; without even the implied warranty of
15  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
16  * GNU General Public License for more details.
17  *
18  * The GNU General Public License is available at
19  * http://www.gnu.org/copyleft/gpl.html.
20  */
21 
22 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
23 
24 #include <linux/module.h>
25 #include <linux/kernel.h>
26 #include <linux/fs.h>
27 #include <linux/uaccess.h>
28 #include <linux/kref.h>
29 #include <linux/slab.h>
30 #include <linux/poll.h>
31 #include <linux/mutex.h>
32 #include <linux/usb.h>
33 #include <linux/usb/tmc.h>
34 
35 
36 #define RIGOL			1
37 #define USBTMC_HEADER_SIZE	12
38 #define USBTMC_MINOR_BASE	176
39 
40 /*
41  * Size of driver internal IO buffer. Must be multiple of 4 and at least as
42  * large as wMaxPacketSize (which is usually 512 bytes).
43  */
44 #define USBTMC_SIZE_IOBUFFER	2048
45 
46 /* Default USB timeout (in milliseconds) */
47 #define USBTMC_TIMEOUT		5000
48 
49 /*
50  * Maximum number of read cycles to empty bulk in endpoint during CLEAR and
51  * ABORT_BULK_IN requests. Ends the loop if (for whatever reason) a short
52  * packet is never read.
53  */
54 #define USBTMC_MAX_READS_TO_CLEAR_BULK_IN	100
55 
56 static const struct usb_device_id usbtmc_devices[] = {
57 	{ USB_INTERFACE_INFO(USB_CLASS_APP_SPEC, 3, 0), },
58 	{ USB_INTERFACE_INFO(USB_CLASS_APP_SPEC, 3, 1), },
59 	{ 0, } /* terminating entry */
60 };
61 MODULE_DEVICE_TABLE(usb, usbtmc_devices);
62 
63 /*
64  * This structure is the capabilities for the device
65  * See section 4.2.1.8 of the USBTMC specification,
66  * and section 4.2.2 of the USBTMC usb488 subclass
67  * specification for details.
68  */
69 struct usbtmc_dev_capabilities {
70 	__u8 interface_capabilities;
71 	__u8 device_capabilities;
72 	__u8 usb488_interface_capabilities;
73 	__u8 usb488_device_capabilities;
74 };
75 
76 /* This structure holds private data for each USBTMC device. One copy is
77  * allocated for each USBTMC device in the driver's probe function.
78  */
79 struct usbtmc_device_data {
80 	const struct usb_device_id *id;
81 	struct usb_device *usb_dev;
82 	struct usb_interface *intf;
83 
84 	unsigned int bulk_in;
85 	unsigned int bulk_out;
86 
87 	u8 bTag;
88 	u8 bTag_last_write;	/* needed for abort */
89 	u8 bTag_last_read;	/* needed for abort */
90 
91 	/* data for interrupt in endpoint handling */
92 	u8             bNotify1;
93 	u8             bNotify2;
94 	u16            ifnum;
95 	u8             iin_bTag;
96 	u8            *iin_buffer;
97 	atomic_t       iin_data_valid;
98 	unsigned int   iin_ep;
99 	int            iin_ep_present;
100 	int            iin_interval;
101 	struct urb    *iin_urb;
102 	u16            iin_wMaxPacketSize;
103 	atomic_t       srq_asserted;
104 
105 	/* coalesced usb488_caps from usbtmc_dev_capabilities */
106 	__u8 usb488_caps;
107 
108 	u8 rigol_quirk;
109 
110 	/* attributes from the USB TMC spec for this device */
111 	u8 TermChar;
112 	bool TermCharEnabled;
113 	bool auto_abort;
114 
115 	bool zombie; /* fd of disconnected device */
116 
117 	struct usbtmc_dev_capabilities	capabilities;
118 	struct kref kref;
119 	struct mutex io_mutex;	/* only one i/o function running at a time */
120 	wait_queue_head_t waitq;
121 	struct fasync_struct *fasync;
122 };
123 #define to_usbtmc_data(d) container_of(d, struct usbtmc_device_data, kref)
124 
125 struct usbtmc_ID_rigol_quirk {
126 	__u16 idVendor;
127 	__u16 idProduct;
128 };
129 
130 static const struct usbtmc_ID_rigol_quirk usbtmc_id_quirk[] = {
131 	{ 0x1ab1, 0x0588 },
132 	{ 0x1ab1, 0x04b0 },
133 	{ 0, 0 }
134 };
135 
136 /* Forward declarations */
137 static struct usb_driver usbtmc_driver;
138 
139 static void usbtmc_delete(struct kref *kref)
140 {
141 	struct usbtmc_device_data *data = to_usbtmc_data(kref);
142 
143 	usb_put_dev(data->usb_dev);
144 	kfree(data);
145 }
146 
147 static int usbtmc_open(struct inode *inode, struct file *filp)
148 {
149 	struct usb_interface *intf;
150 	struct usbtmc_device_data *data;
151 	int retval = 0;
152 
153 	intf = usb_find_interface(&usbtmc_driver, iminor(inode));
154 	if (!intf) {
155 		pr_err("can not find device for minor %d", iminor(inode));
156 		return -ENODEV;
157 	}
158 
159 	data = usb_get_intfdata(intf);
160 	/* Protect reference to data from file structure until release */
161 	kref_get(&data->kref);
162 
163 	/* Store pointer in file structure's private data field */
164 	filp->private_data = data;
165 
166 	return retval;
167 }
168 
169 static int usbtmc_release(struct inode *inode, struct file *file)
170 {
171 	struct usbtmc_device_data *data = file->private_data;
172 
173 	kref_put(&data->kref, usbtmc_delete);
174 	return 0;
175 }
176 
177 static int usbtmc_ioctl_abort_bulk_in(struct usbtmc_device_data *data)
178 {
179 	u8 *buffer;
180 	struct device *dev;
181 	int rv;
182 	int n;
183 	int actual;
184 	struct usb_host_interface *current_setting;
185 	int max_size;
186 
187 	dev = &data->intf->dev;
188 	buffer = kmalloc(USBTMC_SIZE_IOBUFFER, GFP_KERNEL);
189 	if (!buffer)
190 		return -ENOMEM;
191 
192 	rv = usb_control_msg(data->usb_dev,
193 			     usb_rcvctrlpipe(data->usb_dev, 0),
194 			     USBTMC_REQUEST_INITIATE_ABORT_BULK_IN,
195 			     USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_ENDPOINT,
196 			     data->bTag_last_read, data->bulk_in,
197 			     buffer, 2, USBTMC_TIMEOUT);
198 
199 	if (rv < 0) {
200 		dev_err(dev, "usb_control_msg returned %d\n", rv);
201 		goto exit;
202 	}
203 
204 	dev_dbg(dev, "INITIATE_ABORT_BULK_IN returned %x\n", buffer[0]);
205 
206 	if (buffer[0] == USBTMC_STATUS_FAILED) {
207 		rv = 0;
208 		goto exit;
209 	}
210 
211 	if (buffer[0] != USBTMC_STATUS_SUCCESS) {
212 		dev_err(dev, "INITIATE_ABORT_BULK_IN returned %x\n",
213 			buffer[0]);
214 		rv = -EPERM;
215 		goto exit;
216 	}
217 
218 	max_size = 0;
219 	current_setting = data->intf->cur_altsetting;
220 	for (n = 0; n < current_setting->desc.bNumEndpoints; n++)
221 		if (current_setting->endpoint[n].desc.bEndpointAddress ==
222 			data->bulk_in)
223 			max_size = usb_endpoint_maxp(&current_setting->endpoint[n].desc);
224 
225 	if (max_size == 0) {
226 		dev_err(dev, "Couldn't get wMaxPacketSize\n");
227 		rv = -EPERM;
228 		goto exit;
229 	}
230 
231 	dev_dbg(&data->intf->dev, "wMaxPacketSize is %d\n", max_size);
232 
233 	n = 0;
234 
235 	do {
236 		dev_dbg(dev, "Reading from bulk in EP\n");
237 
238 		rv = usb_bulk_msg(data->usb_dev,
239 				  usb_rcvbulkpipe(data->usb_dev,
240 						  data->bulk_in),
241 				  buffer, USBTMC_SIZE_IOBUFFER,
242 				  &actual, USBTMC_TIMEOUT);
243 
244 		n++;
245 
246 		if (rv < 0) {
247 			dev_err(dev, "usb_bulk_msg returned %d\n", rv);
248 			goto exit;
249 		}
250 	} while ((actual == max_size) &&
251 		 (n < USBTMC_MAX_READS_TO_CLEAR_BULK_IN));
252 
253 	if (actual == max_size) {
254 		dev_err(dev, "Couldn't clear device buffer within %d cycles\n",
255 			USBTMC_MAX_READS_TO_CLEAR_BULK_IN);
256 		rv = -EPERM;
257 		goto exit;
258 	}
259 
260 	n = 0;
261 
262 usbtmc_abort_bulk_in_status:
263 	rv = usb_control_msg(data->usb_dev,
264 			     usb_rcvctrlpipe(data->usb_dev, 0),
265 			     USBTMC_REQUEST_CHECK_ABORT_BULK_IN_STATUS,
266 			     USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_ENDPOINT,
267 			     0, data->bulk_in, buffer, 0x08,
268 			     USBTMC_TIMEOUT);
269 
270 	if (rv < 0) {
271 		dev_err(dev, "usb_control_msg returned %d\n", rv);
272 		goto exit;
273 	}
274 
275 	dev_dbg(dev, "INITIATE_ABORT_BULK_IN returned %x\n", buffer[0]);
276 
277 	if (buffer[0] == USBTMC_STATUS_SUCCESS) {
278 		rv = 0;
279 		goto exit;
280 	}
281 
282 	if (buffer[0] != USBTMC_STATUS_PENDING) {
283 		dev_err(dev, "INITIATE_ABORT_BULK_IN returned %x\n", buffer[0]);
284 		rv = -EPERM;
285 		goto exit;
286 	}
287 
288 	if (buffer[1] == 1)
289 		do {
290 			dev_dbg(dev, "Reading from bulk in EP\n");
291 
292 			rv = usb_bulk_msg(data->usb_dev,
293 					  usb_rcvbulkpipe(data->usb_dev,
294 							  data->bulk_in),
295 					  buffer, USBTMC_SIZE_IOBUFFER,
296 					  &actual, USBTMC_TIMEOUT);
297 
298 			n++;
299 
300 			if (rv < 0) {
301 				dev_err(dev, "usb_bulk_msg returned %d\n", rv);
302 				goto exit;
303 			}
304 		} while ((actual == max_size) &&
305 			 (n < USBTMC_MAX_READS_TO_CLEAR_BULK_IN));
306 
307 	if (actual == max_size) {
308 		dev_err(dev, "Couldn't clear device buffer within %d cycles\n",
309 			USBTMC_MAX_READS_TO_CLEAR_BULK_IN);
310 		rv = -EPERM;
311 		goto exit;
312 	}
313 
314 	goto usbtmc_abort_bulk_in_status;
315 
316 exit:
317 	kfree(buffer);
318 	return rv;
319 
320 }
321 
322 static int usbtmc_ioctl_abort_bulk_out(struct usbtmc_device_data *data)
323 {
324 	struct device *dev;
325 	u8 *buffer;
326 	int rv;
327 	int n;
328 
329 	dev = &data->intf->dev;
330 
331 	buffer = kmalloc(8, GFP_KERNEL);
332 	if (!buffer)
333 		return -ENOMEM;
334 
335 	rv = usb_control_msg(data->usb_dev,
336 			     usb_rcvctrlpipe(data->usb_dev, 0),
337 			     USBTMC_REQUEST_INITIATE_ABORT_BULK_OUT,
338 			     USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_ENDPOINT,
339 			     data->bTag_last_write, data->bulk_out,
340 			     buffer, 2, USBTMC_TIMEOUT);
341 
342 	if (rv < 0) {
343 		dev_err(dev, "usb_control_msg returned %d\n", rv);
344 		goto exit;
345 	}
346 
347 	dev_dbg(dev, "INITIATE_ABORT_BULK_OUT returned %x\n", buffer[0]);
348 
349 	if (buffer[0] != USBTMC_STATUS_SUCCESS) {
350 		dev_err(dev, "INITIATE_ABORT_BULK_OUT returned %x\n",
351 			buffer[0]);
352 		rv = -EPERM;
353 		goto exit;
354 	}
355 
356 	n = 0;
357 
358 usbtmc_abort_bulk_out_check_status:
359 	rv = usb_control_msg(data->usb_dev,
360 			     usb_rcvctrlpipe(data->usb_dev, 0),
361 			     USBTMC_REQUEST_CHECK_ABORT_BULK_OUT_STATUS,
362 			     USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_ENDPOINT,
363 			     0, data->bulk_out, buffer, 0x08,
364 			     USBTMC_TIMEOUT);
365 	n++;
366 	if (rv < 0) {
367 		dev_err(dev, "usb_control_msg returned %d\n", rv);
368 		goto exit;
369 	}
370 
371 	dev_dbg(dev, "CHECK_ABORT_BULK_OUT returned %x\n", buffer[0]);
372 
373 	if (buffer[0] == USBTMC_STATUS_SUCCESS)
374 		goto usbtmc_abort_bulk_out_clear_halt;
375 
376 	if ((buffer[0] == USBTMC_STATUS_PENDING) &&
377 	    (n < USBTMC_MAX_READS_TO_CLEAR_BULK_IN))
378 		goto usbtmc_abort_bulk_out_check_status;
379 
380 	rv = -EPERM;
381 	goto exit;
382 
383 usbtmc_abort_bulk_out_clear_halt:
384 	rv = usb_clear_halt(data->usb_dev,
385 			    usb_sndbulkpipe(data->usb_dev, data->bulk_out));
386 
387 	if (rv < 0) {
388 		dev_err(dev, "usb_control_msg returned %d\n", rv);
389 		goto exit;
390 	}
391 	rv = 0;
392 
393 exit:
394 	kfree(buffer);
395 	return rv;
396 }
397 
398 static int usbtmc488_ioctl_read_stb(struct usbtmc_device_data *data,
399 				void __user *arg)
400 {
401 	struct device *dev = &data->intf->dev;
402 	u8 *buffer;
403 	u8 tag;
404 	__u8 stb;
405 	int rv;
406 
407 	dev_dbg(dev, "Enter ioctl_read_stb iin_ep_present: %d\n",
408 		data->iin_ep_present);
409 
410 	buffer = kmalloc(8, GFP_KERNEL);
411 	if (!buffer)
412 		return -ENOMEM;
413 
414 	atomic_set(&data->iin_data_valid, 0);
415 
416 	/* must issue read_stb before using poll or select */
417 	atomic_set(&data->srq_asserted, 0);
418 
419 	rv = usb_control_msg(data->usb_dev,
420 			usb_rcvctrlpipe(data->usb_dev, 0),
421 			USBTMC488_REQUEST_READ_STATUS_BYTE,
422 			USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_INTERFACE,
423 			data->iin_bTag,
424 			data->ifnum,
425 			buffer, 0x03, USBTMC_TIMEOUT);
426 	if (rv < 0) {
427 		dev_err(dev, "stb usb_control_msg returned %d\n", rv);
428 		goto exit;
429 	}
430 
431 	if (buffer[0] != USBTMC_STATUS_SUCCESS) {
432 		dev_err(dev, "control status returned %x\n", buffer[0]);
433 		rv = -EIO;
434 		goto exit;
435 	}
436 
437 	if (data->iin_ep_present) {
438 		rv = wait_event_interruptible_timeout(
439 			data->waitq,
440 			atomic_read(&data->iin_data_valid) != 0,
441 			USBTMC_TIMEOUT);
442 		if (rv < 0) {
443 			dev_dbg(dev, "wait interrupted %d\n", rv);
444 			goto exit;
445 		}
446 
447 		if (rv == 0) {
448 			dev_dbg(dev, "wait timed out\n");
449 			rv = -ETIME;
450 			goto exit;
451 		}
452 
453 		tag = data->bNotify1 & 0x7f;
454 		if (tag != data->iin_bTag) {
455 			dev_err(dev, "expected bTag %x got %x\n",
456 				data->iin_bTag, tag);
457 		}
458 
459 		stb = data->bNotify2;
460 	} else {
461 		stb = buffer[2];
462 	}
463 
464 	rv = copy_to_user(arg, &stb, sizeof(stb));
465 	if (rv)
466 		rv = -EFAULT;
467 
468  exit:
469 	/* bump interrupt bTag */
470 	data->iin_bTag += 1;
471 	if (data->iin_bTag > 127)
472 		/* 1 is for SRQ see USBTMC-USB488 subclass spec section 4.3.1 */
473 		data->iin_bTag = 2;
474 
475 	kfree(buffer);
476 	return rv;
477 }
478 
479 static int usbtmc488_ioctl_simple(struct usbtmc_device_data *data,
480 				void __user *arg, unsigned int cmd)
481 {
482 	struct device *dev = &data->intf->dev;
483 	__u8 val;
484 	u8 *buffer;
485 	u16 wValue;
486 	int rv;
487 
488 	if (!(data->usb488_caps & USBTMC488_CAPABILITY_SIMPLE))
489 		return -EINVAL;
490 
491 	buffer = kmalloc(8, GFP_KERNEL);
492 	if (!buffer)
493 		return -ENOMEM;
494 
495 	if (cmd == USBTMC488_REQUEST_REN_CONTROL) {
496 		rv = copy_from_user(&val, arg, sizeof(val));
497 		if (rv) {
498 			rv = -EFAULT;
499 			goto exit;
500 		}
501 		wValue = val ? 1 : 0;
502 	} else {
503 		wValue = 0;
504 	}
505 
506 	rv = usb_control_msg(data->usb_dev,
507 			usb_rcvctrlpipe(data->usb_dev, 0),
508 			cmd,
509 			USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_INTERFACE,
510 			wValue,
511 			data->ifnum,
512 			buffer, 0x01, USBTMC_TIMEOUT);
513 	if (rv < 0) {
514 		dev_err(dev, "simple usb_control_msg failed %d\n", rv);
515 		goto exit;
516 	} else if (rv != 1) {
517 		dev_warn(dev, "simple usb_control_msg returned %d\n", rv);
518 		rv = -EIO;
519 		goto exit;
520 	}
521 
522 	if (buffer[0] != USBTMC_STATUS_SUCCESS) {
523 		dev_err(dev, "simple control status returned %x\n", buffer[0]);
524 		rv = -EIO;
525 		goto exit;
526 	}
527 	rv = 0;
528 
529  exit:
530 	kfree(buffer);
531 	return rv;
532 }
533 
534 /*
535  * Sends a REQUEST_DEV_DEP_MSG_IN message on the Bulk-OUT endpoint.
536  * @transfer_size: number of bytes to request from the device.
537  *
538  * See the USBTMC specification, Table 4.
539  *
540  * Also updates bTag_last_write.
541  */
542 static int send_request_dev_dep_msg_in(struct usbtmc_device_data *data, size_t transfer_size)
543 {
544 	int retval;
545 	u8 *buffer;
546 	int actual;
547 
548 	buffer = kmalloc(USBTMC_HEADER_SIZE, GFP_KERNEL);
549 	if (!buffer)
550 		return -ENOMEM;
551 	/* Setup IO buffer for REQUEST_DEV_DEP_MSG_IN message
552 	 * Refer to class specs for details
553 	 */
554 	buffer[0] = 2;
555 	buffer[1] = data->bTag;
556 	buffer[2] = ~data->bTag;
557 	buffer[3] = 0; /* Reserved */
558 	buffer[4] = transfer_size >> 0;
559 	buffer[5] = transfer_size >> 8;
560 	buffer[6] = transfer_size >> 16;
561 	buffer[7] = transfer_size >> 24;
562 	buffer[8] = data->TermCharEnabled * 2;
563 	/* Use term character? */
564 	buffer[9] = data->TermChar;
565 	buffer[10] = 0; /* Reserved */
566 	buffer[11] = 0; /* Reserved */
567 
568 	/* Send bulk URB */
569 	retval = usb_bulk_msg(data->usb_dev,
570 			      usb_sndbulkpipe(data->usb_dev,
571 					      data->bulk_out),
572 			      buffer, USBTMC_HEADER_SIZE, &actual, USBTMC_TIMEOUT);
573 
574 	/* Store bTag (in case we need to abort) */
575 	data->bTag_last_write = data->bTag;
576 
577 	/* Increment bTag -- and increment again if zero */
578 	data->bTag++;
579 	if (!data->bTag)
580 		data->bTag++;
581 
582 	kfree(buffer);
583 	if (retval < 0) {
584 		dev_err(&data->intf->dev, "usb_bulk_msg in send_request_dev_dep_msg_in() returned %d\n", retval);
585 		return retval;
586 	}
587 
588 	return 0;
589 }
590 
591 static ssize_t usbtmc_read(struct file *filp, char __user *buf,
592 			   size_t count, loff_t *f_pos)
593 {
594 	struct usbtmc_device_data *data;
595 	struct device *dev;
596 	u32 n_characters;
597 	u8 *buffer;
598 	int actual;
599 	size_t done;
600 	size_t remaining;
601 	int retval;
602 	size_t this_part;
603 
604 	/* Get pointer to private data structure */
605 	data = filp->private_data;
606 	dev = &data->intf->dev;
607 
608 	buffer = kmalloc(USBTMC_SIZE_IOBUFFER, GFP_KERNEL);
609 	if (!buffer)
610 		return -ENOMEM;
611 
612 	mutex_lock(&data->io_mutex);
613 	if (data->zombie) {
614 		retval = -ENODEV;
615 		goto exit;
616 	}
617 
618 	if (data->rigol_quirk) {
619 		dev_dbg(dev, "usb_bulk_msg_in: count(%zu)\n", count);
620 
621 		retval = send_request_dev_dep_msg_in(data, count);
622 
623 		if (retval < 0) {
624 			if (data->auto_abort)
625 				usbtmc_ioctl_abort_bulk_out(data);
626 			goto exit;
627 		}
628 	}
629 
630 	/* Loop until we have fetched everything we requested */
631 	remaining = count;
632 	this_part = remaining;
633 	done = 0;
634 
635 	while (remaining > 0) {
636 		if (!data->rigol_quirk) {
637 			dev_dbg(dev, "usb_bulk_msg_in: remaining(%zu), count(%zu)\n", remaining, count);
638 
639 			if (remaining > USBTMC_SIZE_IOBUFFER - USBTMC_HEADER_SIZE - 3)
640 				this_part = USBTMC_SIZE_IOBUFFER - USBTMC_HEADER_SIZE - 3;
641 			else
642 				this_part = remaining;
643 
644 			retval = send_request_dev_dep_msg_in(data, this_part);
645 			if (retval < 0) {
646 			dev_err(dev, "usb_bulk_msg returned %d\n", retval);
647 				if (data->auto_abort)
648 					usbtmc_ioctl_abort_bulk_out(data);
649 				goto exit;
650 			}
651 		}
652 
653 		/* Send bulk URB */
654 		retval = usb_bulk_msg(data->usb_dev,
655 				      usb_rcvbulkpipe(data->usb_dev,
656 						      data->bulk_in),
657 				      buffer, USBTMC_SIZE_IOBUFFER, &actual,
658 				      USBTMC_TIMEOUT);
659 
660 		dev_dbg(dev, "usb_bulk_msg: retval(%u), done(%zu), remaining(%zu), actual(%d)\n", retval, done, remaining, actual);
661 
662 		/* Store bTag (in case we need to abort) */
663 		data->bTag_last_read = data->bTag;
664 
665 		if (retval < 0) {
666 			dev_dbg(dev, "Unable to read data, error %d\n", retval);
667 			if (data->auto_abort)
668 				usbtmc_ioctl_abort_bulk_in(data);
669 			goto exit;
670 		}
671 
672 		/* Parse header in first packet */
673 		if ((done == 0) || !data->rigol_quirk) {
674 			/* Sanity checks for the header */
675 			if (actual < USBTMC_HEADER_SIZE) {
676 				dev_err(dev, "Device sent too small first packet: %u < %u\n", actual, USBTMC_HEADER_SIZE);
677 				if (data->auto_abort)
678 					usbtmc_ioctl_abort_bulk_in(data);
679 				goto exit;
680 			}
681 
682 			if (buffer[0] != 2) {
683 				dev_err(dev, "Device sent reply with wrong MsgID: %u != 2\n", buffer[0]);
684 				if (data->auto_abort)
685 					usbtmc_ioctl_abort_bulk_in(data);
686 				goto exit;
687 			}
688 
689 			if (buffer[1] != data->bTag_last_write) {
690 				dev_err(dev, "Device sent reply with wrong bTag: %u != %u\n", buffer[1], data->bTag_last_write);
691 				if (data->auto_abort)
692 					usbtmc_ioctl_abort_bulk_in(data);
693 				goto exit;
694 			}
695 
696 			/* How many characters did the instrument send? */
697 			n_characters = buffer[4] +
698 				       (buffer[5] << 8) +
699 				       (buffer[6] << 16) +
700 				       (buffer[7] << 24);
701 
702 			if (n_characters > this_part) {
703 				dev_err(dev, "Device wants to return more data than requested: %u > %zu\n", n_characters, count);
704 				if (data->auto_abort)
705 					usbtmc_ioctl_abort_bulk_in(data);
706 				goto exit;
707 			}
708 
709 			/* Remove the USBTMC header */
710 			actual -= USBTMC_HEADER_SIZE;
711 
712 			/* Check if the message is smaller than requested */
713 			if (data->rigol_quirk) {
714 				if (remaining > n_characters)
715 					remaining = n_characters;
716 				/* Remove padding if it exists */
717 				if (actual > remaining)
718 					actual = remaining;
719 			}
720 			else {
721 				if (this_part > n_characters)
722 					this_part = n_characters;
723 				/* Remove padding if it exists */
724 				if (actual > this_part)
725 					actual = this_part;
726 			}
727 
728 			dev_dbg(dev, "Bulk-IN header: N_characters(%u), bTransAttr(%u)\n", n_characters, buffer[8]);
729 
730 			remaining -= actual;
731 
732 			/* Terminate if end-of-message bit received from device */
733 			if ((buffer[8] & 0x01) && (actual >= n_characters))
734 				remaining = 0;
735 
736 			dev_dbg(dev, "Bulk-IN header: remaining(%zu), buf(%p), buffer(%p) done(%zu)\n", remaining,buf,buffer,done);
737 
738 
739 			/* Copy buffer to user space */
740 			if (copy_to_user(buf + done, &buffer[USBTMC_HEADER_SIZE], actual)) {
741 				/* There must have been an addressing problem */
742 				retval = -EFAULT;
743 				goto exit;
744 			}
745 			done += actual;
746 		}
747 		else  {
748 			if (actual > remaining)
749 				actual = remaining;
750 
751 			remaining -= actual;
752 
753 			dev_dbg(dev, "Bulk-IN header cont: actual(%u), done(%zu), remaining(%zu), buf(%p), buffer(%p)\n", actual, done, remaining,buf,buffer);
754 
755 			/* Copy buffer to user space */
756 			if (copy_to_user(buf + done, buffer, actual)) {
757 				/* There must have been an addressing problem */
758 				retval = -EFAULT;
759 				goto exit;
760 			}
761 			done += actual;
762 		}
763 	}
764 
765 	/* Update file position value */
766 	*f_pos = *f_pos + done;
767 	retval = done;
768 
769 exit:
770 	mutex_unlock(&data->io_mutex);
771 	kfree(buffer);
772 	return retval;
773 }
774 
775 static ssize_t usbtmc_write(struct file *filp, const char __user *buf,
776 			    size_t count, loff_t *f_pos)
777 {
778 	struct usbtmc_device_data *data;
779 	u8 *buffer;
780 	int retval;
781 	int actual;
782 	unsigned long int n_bytes;
783 	int remaining;
784 	int done;
785 	int this_part;
786 
787 	data = filp->private_data;
788 
789 	buffer = kmalloc(USBTMC_SIZE_IOBUFFER, GFP_KERNEL);
790 	if (!buffer)
791 		return -ENOMEM;
792 
793 	mutex_lock(&data->io_mutex);
794 	if (data->zombie) {
795 		retval = -ENODEV;
796 		goto exit;
797 	}
798 
799 	remaining = count;
800 	done = 0;
801 
802 	while (remaining > 0) {
803 		if (remaining > USBTMC_SIZE_IOBUFFER - USBTMC_HEADER_SIZE) {
804 			this_part = USBTMC_SIZE_IOBUFFER - USBTMC_HEADER_SIZE;
805 			buffer[8] = 0;
806 		} else {
807 			this_part = remaining;
808 			buffer[8] = 1;
809 		}
810 
811 		/* Setup IO buffer for DEV_DEP_MSG_OUT message */
812 		buffer[0] = 1;
813 		buffer[1] = data->bTag;
814 		buffer[2] = ~data->bTag;
815 		buffer[3] = 0; /* Reserved */
816 		buffer[4] = this_part >> 0;
817 		buffer[5] = this_part >> 8;
818 		buffer[6] = this_part >> 16;
819 		buffer[7] = this_part >> 24;
820 		/* buffer[8] is set above... */
821 		buffer[9] = 0; /* Reserved */
822 		buffer[10] = 0; /* Reserved */
823 		buffer[11] = 0; /* Reserved */
824 
825 		if (copy_from_user(&buffer[USBTMC_HEADER_SIZE], buf + done, this_part)) {
826 			retval = -EFAULT;
827 			goto exit;
828 		}
829 
830 		n_bytes = roundup(USBTMC_HEADER_SIZE + this_part, 4);
831 		memset(buffer + USBTMC_HEADER_SIZE + this_part, 0, n_bytes - (USBTMC_HEADER_SIZE + this_part));
832 
833 		do {
834 			retval = usb_bulk_msg(data->usb_dev,
835 					      usb_sndbulkpipe(data->usb_dev,
836 							      data->bulk_out),
837 					      buffer, n_bytes,
838 					      &actual, USBTMC_TIMEOUT);
839 			if (retval != 0)
840 				break;
841 			n_bytes -= actual;
842 		} while (n_bytes);
843 
844 		data->bTag_last_write = data->bTag;
845 		data->bTag++;
846 
847 		if (!data->bTag)
848 			data->bTag++;
849 
850 		if (retval < 0) {
851 			dev_err(&data->intf->dev,
852 				"Unable to send data, error %d\n", retval);
853 			if (data->auto_abort)
854 				usbtmc_ioctl_abort_bulk_out(data);
855 			goto exit;
856 		}
857 
858 		remaining -= this_part;
859 		done += this_part;
860 	}
861 
862 	retval = count;
863 exit:
864 	mutex_unlock(&data->io_mutex);
865 	kfree(buffer);
866 	return retval;
867 }
868 
869 static int usbtmc_ioctl_clear(struct usbtmc_device_data *data)
870 {
871 	struct usb_host_interface *current_setting;
872 	struct usb_endpoint_descriptor *desc;
873 	struct device *dev;
874 	u8 *buffer;
875 	int rv;
876 	int n;
877 	int actual = 0;
878 	int max_size;
879 
880 	dev = &data->intf->dev;
881 
882 	dev_dbg(dev, "Sending INITIATE_CLEAR request\n");
883 
884 	buffer = kmalloc(USBTMC_SIZE_IOBUFFER, GFP_KERNEL);
885 	if (!buffer)
886 		return -ENOMEM;
887 
888 	rv = usb_control_msg(data->usb_dev,
889 			     usb_rcvctrlpipe(data->usb_dev, 0),
890 			     USBTMC_REQUEST_INITIATE_CLEAR,
891 			     USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_INTERFACE,
892 			     0, 0, buffer, 1, USBTMC_TIMEOUT);
893 	if (rv < 0) {
894 		dev_err(dev, "usb_control_msg returned %d\n", rv);
895 		goto exit;
896 	}
897 
898 	dev_dbg(dev, "INITIATE_CLEAR returned %x\n", buffer[0]);
899 
900 	if (buffer[0] != USBTMC_STATUS_SUCCESS) {
901 		dev_err(dev, "INITIATE_CLEAR returned %x\n", buffer[0]);
902 		rv = -EPERM;
903 		goto exit;
904 	}
905 
906 	max_size = 0;
907 	current_setting = data->intf->cur_altsetting;
908 	for (n = 0; n < current_setting->desc.bNumEndpoints; n++) {
909 		desc = &current_setting->endpoint[n].desc;
910 		if (desc->bEndpointAddress == data->bulk_in)
911 			max_size = usb_endpoint_maxp(desc);
912 	}
913 
914 	if (max_size == 0) {
915 		dev_err(dev, "Couldn't get wMaxPacketSize\n");
916 		rv = -EPERM;
917 		goto exit;
918 	}
919 
920 	dev_dbg(dev, "wMaxPacketSize is %d\n", max_size);
921 
922 	n = 0;
923 
924 usbtmc_clear_check_status:
925 
926 	dev_dbg(dev, "Sending CHECK_CLEAR_STATUS request\n");
927 
928 	rv = usb_control_msg(data->usb_dev,
929 			     usb_rcvctrlpipe(data->usb_dev, 0),
930 			     USBTMC_REQUEST_CHECK_CLEAR_STATUS,
931 			     USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_INTERFACE,
932 			     0, 0, buffer, 2, USBTMC_TIMEOUT);
933 	if (rv < 0) {
934 		dev_err(dev, "usb_control_msg returned %d\n", rv);
935 		goto exit;
936 	}
937 
938 	dev_dbg(dev, "CHECK_CLEAR_STATUS returned %x\n", buffer[0]);
939 
940 	if (buffer[0] == USBTMC_STATUS_SUCCESS)
941 		goto usbtmc_clear_bulk_out_halt;
942 
943 	if (buffer[0] != USBTMC_STATUS_PENDING) {
944 		dev_err(dev, "CHECK_CLEAR_STATUS returned %x\n", buffer[0]);
945 		rv = -EPERM;
946 		goto exit;
947 	}
948 
949 	if (buffer[1] == 1)
950 		do {
951 			dev_dbg(dev, "Reading from bulk in EP\n");
952 
953 			rv = usb_bulk_msg(data->usb_dev,
954 					  usb_rcvbulkpipe(data->usb_dev,
955 							  data->bulk_in),
956 					  buffer, USBTMC_SIZE_IOBUFFER,
957 					  &actual, USBTMC_TIMEOUT);
958 			n++;
959 
960 			if (rv < 0) {
961 				dev_err(dev, "usb_control_msg returned %d\n",
962 					rv);
963 				goto exit;
964 			}
965 		} while ((actual == max_size) &&
966 			  (n < USBTMC_MAX_READS_TO_CLEAR_BULK_IN));
967 
968 	if (actual == max_size) {
969 		dev_err(dev, "Couldn't clear device buffer within %d cycles\n",
970 			USBTMC_MAX_READS_TO_CLEAR_BULK_IN);
971 		rv = -EPERM;
972 		goto exit;
973 	}
974 
975 	goto usbtmc_clear_check_status;
976 
977 usbtmc_clear_bulk_out_halt:
978 
979 	rv = usb_clear_halt(data->usb_dev,
980 			    usb_sndbulkpipe(data->usb_dev, data->bulk_out));
981 	if (rv < 0) {
982 		dev_err(dev, "usb_control_msg returned %d\n", rv);
983 		goto exit;
984 	}
985 	rv = 0;
986 
987 exit:
988 	kfree(buffer);
989 	return rv;
990 }
991 
992 static int usbtmc_ioctl_clear_out_halt(struct usbtmc_device_data *data)
993 {
994 	int rv;
995 
996 	rv = usb_clear_halt(data->usb_dev,
997 			    usb_sndbulkpipe(data->usb_dev, data->bulk_out));
998 
999 	if (rv < 0) {
1000 		dev_err(&data->usb_dev->dev, "usb_control_msg returned %d\n",
1001 			rv);
1002 		return rv;
1003 	}
1004 	return 0;
1005 }
1006 
1007 static int usbtmc_ioctl_clear_in_halt(struct usbtmc_device_data *data)
1008 {
1009 	int rv;
1010 
1011 	rv = usb_clear_halt(data->usb_dev,
1012 			    usb_rcvbulkpipe(data->usb_dev, data->bulk_in));
1013 
1014 	if (rv < 0) {
1015 		dev_err(&data->usb_dev->dev, "usb_control_msg returned %d\n",
1016 			rv);
1017 		return rv;
1018 	}
1019 	return 0;
1020 }
1021 
1022 static int get_capabilities(struct usbtmc_device_data *data)
1023 {
1024 	struct device *dev = &data->usb_dev->dev;
1025 	char *buffer;
1026 	int rv = 0;
1027 
1028 	buffer = kmalloc(0x18, GFP_KERNEL);
1029 	if (!buffer)
1030 		return -ENOMEM;
1031 
1032 	rv = usb_control_msg(data->usb_dev, usb_rcvctrlpipe(data->usb_dev, 0),
1033 			     USBTMC_REQUEST_GET_CAPABILITIES,
1034 			     USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_INTERFACE,
1035 			     0, 0, buffer, 0x18, USBTMC_TIMEOUT);
1036 	if (rv < 0) {
1037 		dev_err(dev, "usb_control_msg returned %d\n", rv);
1038 		goto err_out;
1039 	}
1040 
1041 	dev_dbg(dev, "GET_CAPABILITIES returned %x\n", buffer[0]);
1042 	if (buffer[0] != USBTMC_STATUS_SUCCESS) {
1043 		dev_err(dev, "GET_CAPABILITIES returned %x\n", buffer[0]);
1044 		rv = -EPERM;
1045 		goto err_out;
1046 	}
1047 	dev_dbg(dev, "Interface capabilities are %x\n", buffer[4]);
1048 	dev_dbg(dev, "Device capabilities are %x\n", buffer[5]);
1049 	dev_dbg(dev, "USB488 interface capabilities are %x\n", buffer[14]);
1050 	dev_dbg(dev, "USB488 device capabilities are %x\n", buffer[15]);
1051 
1052 	data->capabilities.interface_capabilities = buffer[4];
1053 	data->capabilities.device_capabilities = buffer[5];
1054 	data->capabilities.usb488_interface_capabilities = buffer[14];
1055 	data->capabilities.usb488_device_capabilities = buffer[15];
1056 	data->usb488_caps = (buffer[14] & 0x07) | ((buffer[15] & 0x0f) << 4);
1057 	rv = 0;
1058 
1059 err_out:
1060 	kfree(buffer);
1061 	return rv;
1062 }
1063 
1064 #define capability_attribute(name)					\
1065 static ssize_t name##_show(struct device *dev,				\
1066 			   struct device_attribute *attr, char *buf)	\
1067 {									\
1068 	struct usb_interface *intf = to_usb_interface(dev);		\
1069 	struct usbtmc_device_data *data = usb_get_intfdata(intf);	\
1070 									\
1071 	return sprintf(buf, "%d\n", data->capabilities.name);		\
1072 }									\
1073 static DEVICE_ATTR_RO(name)
1074 
1075 capability_attribute(interface_capabilities);
1076 capability_attribute(device_capabilities);
1077 capability_attribute(usb488_interface_capabilities);
1078 capability_attribute(usb488_device_capabilities);
1079 
1080 static struct attribute *capability_attrs[] = {
1081 	&dev_attr_interface_capabilities.attr,
1082 	&dev_attr_device_capabilities.attr,
1083 	&dev_attr_usb488_interface_capabilities.attr,
1084 	&dev_attr_usb488_device_capabilities.attr,
1085 	NULL,
1086 };
1087 
1088 static const struct attribute_group capability_attr_grp = {
1089 	.attrs = capability_attrs,
1090 };
1091 
1092 static ssize_t TermChar_show(struct device *dev,
1093 			     struct device_attribute *attr, char *buf)
1094 {
1095 	struct usb_interface *intf = to_usb_interface(dev);
1096 	struct usbtmc_device_data *data = usb_get_intfdata(intf);
1097 
1098 	return sprintf(buf, "%c\n", data->TermChar);
1099 }
1100 
1101 static ssize_t TermChar_store(struct device *dev,
1102 			      struct device_attribute *attr,
1103 			      const char *buf, size_t count)
1104 {
1105 	struct usb_interface *intf = to_usb_interface(dev);
1106 	struct usbtmc_device_data *data = usb_get_intfdata(intf);
1107 
1108 	if (count < 1)
1109 		return -EINVAL;
1110 	data->TermChar = buf[0];
1111 	return count;
1112 }
1113 static DEVICE_ATTR_RW(TermChar);
1114 
1115 #define data_attribute(name)						\
1116 static ssize_t name##_show(struct device *dev,				\
1117 			   struct device_attribute *attr, char *buf)	\
1118 {									\
1119 	struct usb_interface *intf = to_usb_interface(dev);		\
1120 	struct usbtmc_device_data *data = usb_get_intfdata(intf);	\
1121 									\
1122 	return sprintf(buf, "%d\n", data->name);			\
1123 }									\
1124 static ssize_t name##_store(struct device *dev,				\
1125 			    struct device_attribute *attr,		\
1126 			    const char *buf, size_t count)		\
1127 {									\
1128 	struct usb_interface *intf = to_usb_interface(dev);		\
1129 	struct usbtmc_device_data *data = usb_get_intfdata(intf);	\
1130 	ssize_t result;							\
1131 	unsigned val;							\
1132 									\
1133 	result = sscanf(buf, "%u\n", &val);				\
1134 	if (result != 1)						\
1135 		result = -EINVAL;					\
1136 	data->name = val;						\
1137 	if (result < 0)							\
1138 		return result;						\
1139 	else								\
1140 		return count;						\
1141 }									\
1142 static DEVICE_ATTR_RW(name)
1143 
1144 data_attribute(TermCharEnabled);
1145 data_attribute(auto_abort);
1146 
1147 static struct attribute *data_attrs[] = {
1148 	&dev_attr_TermChar.attr,
1149 	&dev_attr_TermCharEnabled.attr,
1150 	&dev_attr_auto_abort.attr,
1151 	NULL,
1152 };
1153 
1154 static const struct attribute_group data_attr_grp = {
1155 	.attrs = data_attrs,
1156 };
1157 
1158 static int usbtmc_ioctl_indicator_pulse(struct usbtmc_device_data *data)
1159 {
1160 	struct device *dev;
1161 	u8 *buffer;
1162 	int rv;
1163 
1164 	dev = &data->intf->dev;
1165 
1166 	buffer = kmalloc(2, GFP_KERNEL);
1167 	if (!buffer)
1168 		return -ENOMEM;
1169 
1170 	rv = usb_control_msg(data->usb_dev,
1171 			     usb_rcvctrlpipe(data->usb_dev, 0),
1172 			     USBTMC_REQUEST_INDICATOR_PULSE,
1173 			     USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_INTERFACE,
1174 			     0, 0, buffer, 0x01, USBTMC_TIMEOUT);
1175 
1176 	if (rv < 0) {
1177 		dev_err(dev, "usb_control_msg returned %d\n", rv);
1178 		goto exit;
1179 	}
1180 
1181 	dev_dbg(dev, "INDICATOR_PULSE returned %x\n", buffer[0]);
1182 
1183 	if (buffer[0] != USBTMC_STATUS_SUCCESS) {
1184 		dev_err(dev, "INDICATOR_PULSE returned %x\n", buffer[0]);
1185 		rv = -EPERM;
1186 		goto exit;
1187 	}
1188 	rv = 0;
1189 
1190 exit:
1191 	kfree(buffer);
1192 	return rv;
1193 }
1194 
1195 static long usbtmc_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
1196 {
1197 	struct usbtmc_device_data *data;
1198 	int retval = -EBADRQC;
1199 
1200 	data = file->private_data;
1201 	mutex_lock(&data->io_mutex);
1202 	if (data->zombie) {
1203 		retval = -ENODEV;
1204 		goto skip_io_on_zombie;
1205 	}
1206 
1207 	switch (cmd) {
1208 	case USBTMC_IOCTL_CLEAR_OUT_HALT:
1209 		retval = usbtmc_ioctl_clear_out_halt(data);
1210 		break;
1211 
1212 	case USBTMC_IOCTL_CLEAR_IN_HALT:
1213 		retval = usbtmc_ioctl_clear_in_halt(data);
1214 		break;
1215 
1216 	case USBTMC_IOCTL_INDICATOR_PULSE:
1217 		retval = usbtmc_ioctl_indicator_pulse(data);
1218 		break;
1219 
1220 	case USBTMC_IOCTL_CLEAR:
1221 		retval = usbtmc_ioctl_clear(data);
1222 		break;
1223 
1224 	case USBTMC_IOCTL_ABORT_BULK_OUT:
1225 		retval = usbtmc_ioctl_abort_bulk_out(data);
1226 		break;
1227 
1228 	case USBTMC_IOCTL_ABORT_BULK_IN:
1229 		retval = usbtmc_ioctl_abort_bulk_in(data);
1230 		break;
1231 
1232 	case USBTMC488_IOCTL_GET_CAPS:
1233 		retval = copy_to_user((void __user *)arg,
1234 				&data->usb488_caps,
1235 				sizeof(data->usb488_caps));
1236 		if (retval)
1237 			retval = -EFAULT;
1238 		break;
1239 
1240 	case USBTMC488_IOCTL_READ_STB:
1241 		retval = usbtmc488_ioctl_read_stb(data, (void __user *)arg);
1242 		break;
1243 
1244 	case USBTMC488_IOCTL_REN_CONTROL:
1245 		retval = usbtmc488_ioctl_simple(data, (void __user *)arg,
1246 						USBTMC488_REQUEST_REN_CONTROL);
1247 		break;
1248 
1249 	case USBTMC488_IOCTL_GOTO_LOCAL:
1250 		retval = usbtmc488_ioctl_simple(data, (void __user *)arg,
1251 						USBTMC488_REQUEST_GOTO_LOCAL);
1252 		break;
1253 
1254 	case USBTMC488_IOCTL_LOCAL_LOCKOUT:
1255 		retval = usbtmc488_ioctl_simple(data, (void __user *)arg,
1256 						USBTMC488_REQUEST_LOCAL_LOCKOUT);
1257 		break;
1258 	}
1259 
1260 skip_io_on_zombie:
1261 	mutex_unlock(&data->io_mutex);
1262 	return retval;
1263 }
1264 
1265 static int usbtmc_fasync(int fd, struct file *file, int on)
1266 {
1267 	struct usbtmc_device_data *data = file->private_data;
1268 
1269 	return fasync_helper(fd, file, on, &data->fasync);
1270 }
1271 
1272 static unsigned int usbtmc_poll(struct file *file, poll_table *wait)
1273 {
1274 	struct usbtmc_device_data *data = file->private_data;
1275 	unsigned int mask;
1276 
1277 	mutex_lock(&data->io_mutex);
1278 
1279 	if (data->zombie) {
1280 		mask = POLLHUP | POLLERR;
1281 		goto no_poll;
1282 	}
1283 
1284 	poll_wait(file, &data->waitq, wait);
1285 
1286 	mask = (atomic_read(&data->srq_asserted)) ? POLLIN | POLLRDNORM : 0;
1287 
1288 no_poll:
1289 	mutex_unlock(&data->io_mutex);
1290 	return mask;
1291 }
1292 
1293 static const struct file_operations fops = {
1294 	.owner		= THIS_MODULE,
1295 	.read		= usbtmc_read,
1296 	.write		= usbtmc_write,
1297 	.open		= usbtmc_open,
1298 	.release	= usbtmc_release,
1299 	.unlocked_ioctl	= usbtmc_ioctl,
1300 	.fasync         = usbtmc_fasync,
1301 	.poll           = usbtmc_poll,
1302 	.llseek		= default_llseek,
1303 };
1304 
1305 static struct usb_class_driver usbtmc_class = {
1306 	.name =		"usbtmc%d",
1307 	.fops =		&fops,
1308 	.minor_base =	USBTMC_MINOR_BASE,
1309 };
1310 
1311 static void usbtmc_interrupt(struct urb *urb)
1312 {
1313 	struct usbtmc_device_data *data = urb->context;
1314 	struct device *dev = &data->intf->dev;
1315 	int status = urb->status;
1316 	int rv;
1317 
1318 	dev_dbg(&data->intf->dev, "int status: %d len %d\n",
1319 		status, urb->actual_length);
1320 
1321 	switch (status) {
1322 	case 0: /* SUCCESS */
1323 		/* check for valid STB notification */
1324 		if (data->iin_buffer[0] > 0x81) {
1325 			data->bNotify1 = data->iin_buffer[0];
1326 			data->bNotify2 = data->iin_buffer[1];
1327 			atomic_set(&data->iin_data_valid, 1);
1328 			wake_up_interruptible(&data->waitq);
1329 			goto exit;
1330 		}
1331 		/* check for SRQ notification */
1332 		if (data->iin_buffer[0] == 0x81) {
1333 			if (data->fasync)
1334 				kill_fasync(&data->fasync,
1335 					SIGIO, POLL_IN);
1336 
1337 			atomic_set(&data->srq_asserted, 1);
1338 			wake_up_interruptible(&data->waitq);
1339 			goto exit;
1340 		}
1341 		dev_warn(dev, "invalid notification: %x\n", data->iin_buffer[0]);
1342 		break;
1343 	case -EOVERFLOW:
1344 		dev_err(dev, "overflow with length %d, actual length is %d\n",
1345 			data->iin_wMaxPacketSize, urb->actual_length);
1346 	case -ECONNRESET:
1347 	case -ENOENT:
1348 	case -ESHUTDOWN:
1349 	case -EILSEQ:
1350 	case -ETIME:
1351 		/* urb terminated, clean up */
1352 		dev_dbg(dev, "urb terminated, status: %d\n", status);
1353 		return;
1354 	default:
1355 		dev_err(dev, "unknown status received: %d\n", status);
1356 	}
1357 exit:
1358 	rv = usb_submit_urb(urb, GFP_ATOMIC);
1359 	if (rv)
1360 		dev_err(dev, "usb_submit_urb failed: %d\n", rv);
1361 }
1362 
1363 static void usbtmc_free_int(struct usbtmc_device_data *data)
1364 {
1365 	if (!data->iin_ep_present || !data->iin_urb)
1366 		return;
1367 	usb_kill_urb(data->iin_urb);
1368 	kfree(data->iin_buffer);
1369 	usb_free_urb(data->iin_urb);
1370 	kref_put(&data->kref, usbtmc_delete);
1371 }
1372 
1373 static int usbtmc_probe(struct usb_interface *intf,
1374 			const struct usb_device_id *id)
1375 {
1376 	struct usbtmc_device_data *data;
1377 	struct usb_host_interface *iface_desc;
1378 	struct usb_endpoint_descriptor *bulk_in, *bulk_out, *int_in;
1379 	int n;
1380 	int retcode;
1381 
1382 	dev_dbg(&intf->dev, "%s called\n", __func__);
1383 
1384 	data = kzalloc(sizeof(*data), GFP_KERNEL);
1385 	if (!data)
1386 		return -ENOMEM;
1387 
1388 	data->intf = intf;
1389 	data->id = id;
1390 	data->usb_dev = usb_get_dev(interface_to_usbdev(intf));
1391 	usb_set_intfdata(intf, data);
1392 	kref_init(&data->kref);
1393 	mutex_init(&data->io_mutex);
1394 	init_waitqueue_head(&data->waitq);
1395 	atomic_set(&data->iin_data_valid, 0);
1396 	atomic_set(&data->srq_asserted, 0);
1397 	data->zombie = 0;
1398 
1399 	/* Determine if it is a Rigol or not */
1400 	data->rigol_quirk = 0;
1401 	dev_dbg(&intf->dev, "Trying to find if device Vendor 0x%04X Product 0x%04X has the RIGOL quirk\n",
1402 		le16_to_cpu(data->usb_dev->descriptor.idVendor),
1403 		le16_to_cpu(data->usb_dev->descriptor.idProduct));
1404 	for(n = 0; usbtmc_id_quirk[n].idVendor > 0; n++) {
1405 		if ((usbtmc_id_quirk[n].idVendor == le16_to_cpu(data->usb_dev->descriptor.idVendor)) &&
1406 		    (usbtmc_id_quirk[n].idProduct == le16_to_cpu(data->usb_dev->descriptor.idProduct))) {
1407 			dev_dbg(&intf->dev, "Setting this device as having the RIGOL quirk\n");
1408 			data->rigol_quirk = 1;
1409 			break;
1410 		}
1411 	}
1412 
1413 	/* Initialize USBTMC bTag and other fields */
1414 	data->bTag	= 1;
1415 	data->TermCharEnabled = 0;
1416 	data->TermChar = '\n';
1417 	/*  2 <= bTag <= 127   USBTMC-USB488 subclass specification 4.3.1 */
1418 	data->iin_bTag = 2;
1419 
1420 	/* USBTMC devices have only one setting, so use that */
1421 	iface_desc = data->intf->cur_altsetting;
1422 	data->ifnum = iface_desc->desc.bInterfaceNumber;
1423 
1424 	/* Find bulk endpoints */
1425 	retcode = usb_find_common_endpoints(iface_desc,
1426 			&bulk_in, &bulk_out, NULL, NULL);
1427 	if (retcode) {
1428 		dev_err(&intf->dev, "bulk endpoints not found\n");
1429 		goto err_put;
1430 	}
1431 
1432 	data->bulk_in = bulk_in->bEndpointAddress;
1433 	dev_dbg(&intf->dev, "Found bulk in endpoint at %u\n", data->bulk_in);
1434 
1435 	data->bulk_out = bulk_out->bEndpointAddress;
1436 	dev_dbg(&intf->dev, "Found Bulk out endpoint at %u\n", data->bulk_out);
1437 
1438 	/* Find int endpoint */
1439 	retcode = usb_find_int_in_endpoint(iface_desc, &int_in);
1440 	if (!retcode) {
1441 		data->iin_ep_present = 1;
1442 		data->iin_ep = int_in->bEndpointAddress;
1443 		data->iin_wMaxPacketSize = usb_endpoint_maxp(int_in);
1444 		data->iin_interval = int_in->bInterval;
1445 		dev_dbg(&intf->dev, "Found Int in endpoint at %u\n",
1446 				data->iin_ep);
1447 	}
1448 
1449 	retcode = get_capabilities(data);
1450 	if (retcode)
1451 		dev_err(&intf->dev, "can't read capabilities\n");
1452 	else
1453 		retcode = sysfs_create_group(&intf->dev.kobj,
1454 					     &capability_attr_grp);
1455 
1456 	if (data->iin_ep_present) {
1457 		/* allocate int urb */
1458 		data->iin_urb = usb_alloc_urb(0, GFP_KERNEL);
1459 		if (!data->iin_urb) {
1460 			retcode = -ENOMEM;
1461 			goto error_register;
1462 		}
1463 
1464 		/* Protect interrupt in endpoint data until iin_urb is freed */
1465 		kref_get(&data->kref);
1466 
1467 		/* allocate buffer for interrupt in */
1468 		data->iin_buffer = kmalloc(data->iin_wMaxPacketSize,
1469 					GFP_KERNEL);
1470 		if (!data->iin_buffer) {
1471 			retcode = -ENOMEM;
1472 			goto error_register;
1473 		}
1474 
1475 		/* fill interrupt urb */
1476 		usb_fill_int_urb(data->iin_urb, data->usb_dev,
1477 				usb_rcvintpipe(data->usb_dev, data->iin_ep),
1478 				data->iin_buffer, data->iin_wMaxPacketSize,
1479 				usbtmc_interrupt,
1480 				data, data->iin_interval);
1481 
1482 		retcode = usb_submit_urb(data->iin_urb, GFP_KERNEL);
1483 		if (retcode) {
1484 			dev_err(&intf->dev, "Failed to submit iin_urb\n");
1485 			goto error_register;
1486 		}
1487 	}
1488 
1489 	retcode = sysfs_create_group(&intf->dev.kobj, &data_attr_grp);
1490 
1491 	retcode = usb_register_dev(intf, &usbtmc_class);
1492 	if (retcode) {
1493 		dev_err(&intf->dev, "Not able to get a minor"
1494 			" (base %u, slice default): %d\n", USBTMC_MINOR_BASE,
1495 			retcode);
1496 		goto error_register;
1497 	}
1498 	dev_dbg(&intf->dev, "Using minor number %d\n", intf->minor);
1499 
1500 	return 0;
1501 
1502 error_register:
1503 	sysfs_remove_group(&intf->dev.kobj, &capability_attr_grp);
1504 	sysfs_remove_group(&intf->dev.kobj, &data_attr_grp);
1505 	usbtmc_free_int(data);
1506 err_put:
1507 	kref_put(&data->kref, usbtmc_delete);
1508 	return retcode;
1509 }
1510 
1511 static void usbtmc_disconnect(struct usb_interface *intf)
1512 {
1513 	struct usbtmc_device_data *data;
1514 
1515 	dev_dbg(&intf->dev, "usbtmc_disconnect called\n");
1516 
1517 	data = usb_get_intfdata(intf);
1518 	usb_deregister_dev(intf, &usbtmc_class);
1519 	sysfs_remove_group(&intf->dev.kobj, &capability_attr_grp);
1520 	sysfs_remove_group(&intf->dev.kobj, &data_attr_grp);
1521 	mutex_lock(&data->io_mutex);
1522 	data->zombie = 1;
1523 	wake_up_all(&data->waitq);
1524 	mutex_unlock(&data->io_mutex);
1525 	usbtmc_free_int(data);
1526 	kref_put(&data->kref, usbtmc_delete);
1527 }
1528 
1529 static int usbtmc_suspend(struct usb_interface *intf, pm_message_t message)
1530 {
1531 	/* this driver does not have pending URBs */
1532 	return 0;
1533 }
1534 
1535 static int usbtmc_resume(struct usb_interface *intf)
1536 {
1537 	return 0;
1538 }
1539 
1540 static struct usb_driver usbtmc_driver = {
1541 	.name		= "usbtmc",
1542 	.id_table	= usbtmc_devices,
1543 	.probe		= usbtmc_probe,
1544 	.disconnect	= usbtmc_disconnect,
1545 	.suspend	= usbtmc_suspend,
1546 	.resume		= usbtmc_resume,
1547 };
1548 
1549 module_usb_driver(usbtmc_driver);
1550 
1551 MODULE_LICENSE("GPL");
1552