xref: /openbmc/linux/drivers/usb/class/usbtmc.c (revision b34e08d5)
1 /**
2  * drivers/usb/class/usbtmc.c - USB Test & Measurement class driver
3  *
4  * Copyright (C) 2007 Stefan Kopp, Gechingen, Germany
5  * Copyright (C) 2008 Novell, Inc.
6  * Copyright (C) 2008 Greg Kroah-Hartman <gregkh@suse.de>
7  *
8  * This program is free software; you can redistribute it and/or
9  * modify it under the terms of the GNU General Public License
10  * as published by the Free Software Foundation; either version 2
11  * of the License, or (at your option) any later version.
12  *
13  * This program is distributed in the hope that it will be useful,
14  * but WITHOUT ANY WARRANTY; without even the implied warranty of
15  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
16  * GNU General Public License for more details.
17  *
18  * The GNU General Public License is available at
19  * http://www.gnu.org/copyleft/gpl.html.
20  */
21 
22 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
23 
24 #include <linux/module.h>
25 #include <linux/kernel.h>
26 #include <linux/fs.h>
27 #include <linux/uaccess.h>
28 #include <linux/kref.h>
29 #include <linux/slab.h>
30 #include <linux/mutex.h>
31 #include <linux/usb.h>
32 #include <linux/usb/tmc.h>
33 
34 
35 #define RIGOL			1
36 #define USBTMC_HEADER_SIZE	12
37 #define USBTMC_MINOR_BASE	176
38 
39 /*
40  * Size of driver internal IO buffer. Must be multiple of 4 and at least as
41  * large as wMaxPacketSize (which is usually 512 bytes).
42  */
43 #define USBTMC_SIZE_IOBUFFER	2048
44 
45 /* Default USB timeout (in milliseconds) */
46 #define USBTMC_TIMEOUT		5000
47 
48 /*
49  * Maximum number of read cycles to empty bulk in endpoint during CLEAR and
50  * ABORT_BULK_IN requests. Ends the loop if (for whatever reason) a short
51  * packet is never read.
52  */
53 #define USBTMC_MAX_READS_TO_CLEAR_BULK_IN	100
54 
55 static const struct usb_device_id usbtmc_devices[] = {
56 	{ USB_INTERFACE_INFO(USB_CLASS_APP_SPEC, 3, 0), },
57 	{ USB_INTERFACE_INFO(USB_CLASS_APP_SPEC, 3, 1), },
58 	{ 0, } /* terminating entry */
59 };
60 MODULE_DEVICE_TABLE(usb, usbtmc_devices);
61 
62 /*
63  * This structure is the capabilities for the device
64  * See section 4.2.1.8 of the USBTMC specification,
65  * and section 4.2.2 of the USBTMC usb488 subclass
66  * specification for details.
67  */
68 struct usbtmc_dev_capabilities {
69 	__u8 interface_capabilities;
70 	__u8 device_capabilities;
71 	__u8 usb488_interface_capabilities;
72 	__u8 usb488_device_capabilities;
73 };
74 
75 /* This structure holds private data for each USBTMC device. One copy is
76  * allocated for each USBTMC device in the driver's probe function.
77  */
78 struct usbtmc_device_data {
79 	const struct usb_device_id *id;
80 	struct usb_device *usb_dev;
81 	struct usb_interface *intf;
82 
83 	unsigned int bulk_in;
84 	unsigned int bulk_out;
85 
86 	u8 bTag;
87 	u8 bTag_last_write;	/* needed for abort */
88 	u8 bTag_last_read;	/* needed for abort */
89 
90 	u8 rigol_quirk;
91 
92 	/* attributes from the USB TMC spec for this device */
93 	u8 TermChar;
94 	bool TermCharEnabled;
95 	bool auto_abort;
96 
97 	bool zombie; /* fd of disconnected device */
98 
99 	struct usbtmc_dev_capabilities	capabilities;
100 	struct kref kref;
101 	struct mutex io_mutex;	/* only one i/o function running at a time */
102 };
103 #define to_usbtmc_data(d) container_of(d, struct usbtmc_device_data, kref)
104 
105 struct usbtmc_ID_rigol_quirk {
106 	__u16 idVendor;
107 	__u16 idProduct;
108 };
109 
110 static const struct usbtmc_ID_rigol_quirk usbtmc_id_quirk[] = {
111 	{ 0x1ab1, 0x0588 },
112 	{ 0, 0 }
113 };
114 
115 /* Forward declarations */
116 static struct usb_driver usbtmc_driver;
117 
118 static void usbtmc_delete(struct kref *kref)
119 {
120 	struct usbtmc_device_data *data = to_usbtmc_data(kref);
121 
122 	usb_put_dev(data->usb_dev);
123 }
124 
125 static int usbtmc_open(struct inode *inode, struct file *filp)
126 {
127 	struct usb_interface *intf;
128 	struct usbtmc_device_data *data;
129 	int retval = 0;
130 
131 	intf = usb_find_interface(&usbtmc_driver, iminor(inode));
132 	if (!intf) {
133 		pr_err("can not find device for minor %d", iminor(inode));
134 		return -ENODEV;
135 	}
136 
137 	data = usb_get_intfdata(intf);
138 	kref_get(&data->kref);
139 
140 	/* Store pointer in file structure's private data field */
141 	filp->private_data = data;
142 
143 	return retval;
144 }
145 
146 static int usbtmc_release(struct inode *inode, struct file *file)
147 {
148 	struct usbtmc_device_data *data = file->private_data;
149 
150 	kref_put(&data->kref, usbtmc_delete);
151 	return 0;
152 }
153 
154 static int usbtmc_ioctl_abort_bulk_in(struct usbtmc_device_data *data)
155 {
156 	u8 *buffer;
157 	struct device *dev;
158 	int rv;
159 	int n;
160 	int actual;
161 	struct usb_host_interface *current_setting;
162 	int max_size;
163 
164 	dev = &data->intf->dev;
165 	buffer = kmalloc(USBTMC_SIZE_IOBUFFER, GFP_KERNEL);
166 	if (!buffer)
167 		return -ENOMEM;
168 
169 	rv = usb_control_msg(data->usb_dev,
170 			     usb_rcvctrlpipe(data->usb_dev, 0),
171 			     USBTMC_REQUEST_INITIATE_ABORT_BULK_IN,
172 			     USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_ENDPOINT,
173 			     data->bTag_last_read, data->bulk_in,
174 			     buffer, 2, USBTMC_TIMEOUT);
175 
176 	if (rv < 0) {
177 		dev_err(dev, "usb_control_msg returned %d\n", rv);
178 		goto exit;
179 	}
180 
181 	dev_dbg(dev, "INITIATE_ABORT_BULK_IN returned %x\n", buffer[0]);
182 
183 	if (buffer[0] == USBTMC_STATUS_FAILED) {
184 		rv = 0;
185 		goto exit;
186 	}
187 
188 	if (buffer[0] != USBTMC_STATUS_SUCCESS) {
189 		dev_err(dev, "INITIATE_ABORT_BULK_IN returned %x\n",
190 			buffer[0]);
191 		rv = -EPERM;
192 		goto exit;
193 	}
194 
195 	max_size = 0;
196 	current_setting = data->intf->cur_altsetting;
197 	for (n = 0; n < current_setting->desc.bNumEndpoints; n++)
198 		if (current_setting->endpoint[n].desc.bEndpointAddress ==
199 			data->bulk_in)
200 			max_size = usb_endpoint_maxp(&current_setting->endpoint[n].desc);
201 
202 	if (max_size == 0) {
203 		dev_err(dev, "Couldn't get wMaxPacketSize\n");
204 		rv = -EPERM;
205 		goto exit;
206 	}
207 
208 	dev_dbg(&data->intf->dev, "wMaxPacketSize is %d\n", max_size);
209 
210 	n = 0;
211 
212 	do {
213 		dev_dbg(dev, "Reading from bulk in EP\n");
214 
215 		rv = usb_bulk_msg(data->usb_dev,
216 				  usb_rcvbulkpipe(data->usb_dev,
217 						  data->bulk_in),
218 				  buffer, USBTMC_SIZE_IOBUFFER,
219 				  &actual, USBTMC_TIMEOUT);
220 
221 		n++;
222 
223 		if (rv < 0) {
224 			dev_err(dev, "usb_bulk_msg returned %d\n", rv);
225 			goto exit;
226 		}
227 	} while ((actual == max_size) &&
228 		 (n < USBTMC_MAX_READS_TO_CLEAR_BULK_IN));
229 
230 	if (actual == max_size) {
231 		dev_err(dev, "Couldn't clear device buffer within %d cycles\n",
232 			USBTMC_MAX_READS_TO_CLEAR_BULK_IN);
233 		rv = -EPERM;
234 		goto exit;
235 	}
236 
237 	n = 0;
238 
239 usbtmc_abort_bulk_in_status:
240 	rv = usb_control_msg(data->usb_dev,
241 			     usb_rcvctrlpipe(data->usb_dev, 0),
242 			     USBTMC_REQUEST_CHECK_ABORT_BULK_IN_STATUS,
243 			     USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_ENDPOINT,
244 			     0, data->bulk_in, buffer, 0x08,
245 			     USBTMC_TIMEOUT);
246 
247 	if (rv < 0) {
248 		dev_err(dev, "usb_control_msg returned %d\n", rv);
249 		goto exit;
250 	}
251 
252 	dev_dbg(dev, "INITIATE_ABORT_BULK_IN returned %x\n", buffer[0]);
253 
254 	if (buffer[0] == USBTMC_STATUS_SUCCESS) {
255 		rv = 0;
256 		goto exit;
257 	}
258 
259 	if (buffer[0] != USBTMC_STATUS_PENDING) {
260 		dev_err(dev, "INITIATE_ABORT_BULK_IN returned %x\n", buffer[0]);
261 		rv = -EPERM;
262 		goto exit;
263 	}
264 
265 	if (buffer[1] == 1)
266 		do {
267 			dev_dbg(dev, "Reading from bulk in EP\n");
268 
269 			rv = usb_bulk_msg(data->usb_dev,
270 					  usb_rcvbulkpipe(data->usb_dev,
271 							  data->bulk_in),
272 					  buffer, USBTMC_SIZE_IOBUFFER,
273 					  &actual, USBTMC_TIMEOUT);
274 
275 			n++;
276 
277 			if (rv < 0) {
278 				dev_err(dev, "usb_bulk_msg returned %d\n", rv);
279 				goto exit;
280 			}
281 		} while ((actual == max_size) &&
282 			 (n < USBTMC_MAX_READS_TO_CLEAR_BULK_IN));
283 
284 	if (actual == max_size) {
285 		dev_err(dev, "Couldn't clear device buffer within %d cycles\n",
286 			USBTMC_MAX_READS_TO_CLEAR_BULK_IN);
287 		rv = -EPERM;
288 		goto exit;
289 	}
290 
291 	goto usbtmc_abort_bulk_in_status;
292 
293 exit:
294 	kfree(buffer);
295 	return rv;
296 
297 }
298 
299 static int usbtmc_ioctl_abort_bulk_out(struct usbtmc_device_data *data)
300 {
301 	struct device *dev;
302 	u8 *buffer;
303 	int rv;
304 	int n;
305 
306 	dev = &data->intf->dev;
307 
308 	buffer = kmalloc(8, GFP_KERNEL);
309 	if (!buffer)
310 		return -ENOMEM;
311 
312 	rv = usb_control_msg(data->usb_dev,
313 			     usb_rcvctrlpipe(data->usb_dev, 0),
314 			     USBTMC_REQUEST_INITIATE_ABORT_BULK_OUT,
315 			     USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_ENDPOINT,
316 			     data->bTag_last_write, data->bulk_out,
317 			     buffer, 2, USBTMC_TIMEOUT);
318 
319 	if (rv < 0) {
320 		dev_err(dev, "usb_control_msg returned %d\n", rv);
321 		goto exit;
322 	}
323 
324 	dev_dbg(dev, "INITIATE_ABORT_BULK_OUT returned %x\n", buffer[0]);
325 
326 	if (buffer[0] != USBTMC_STATUS_SUCCESS) {
327 		dev_err(dev, "INITIATE_ABORT_BULK_OUT returned %x\n",
328 			buffer[0]);
329 		rv = -EPERM;
330 		goto exit;
331 	}
332 
333 	n = 0;
334 
335 usbtmc_abort_bulk_out_check_status:
336 	rv = usb_control_msg(data->usb_dev,
337 			     usb_rcvctrlpipe(data->usb_dev, 0),
338 			     USBTMC_REQUEST_CHECK_ABORT_BULK_OUT_STATUS,
339 			     USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_ENDPOINT,
340 			     0, data->bulk_out, buffer, 0x08,
341 			     USBTMC_TIMEOUT);
342 	n++;
343 	if (rv < 0) {
344 		dev_err(dev, "usb_control_msg returned %d\n", rv);
345 		goto exit;
346 	}
347 
348 	dev_dbg(dev, "CHECK_ABORT_BULK_OUT returned %x\n", buffer[0]);
349 
350 	if (buffer[0] == USBTMC_STATUS_SUCCESS)
351 		goto usbtmc_abort_bulk_out_clear_halt;
352 
353 	if ((buffer[0] == USBTMC_STATUS_PENDING) &&
354 	    (n < USBTMC_MAX_READS_TO_CLEAR_BULK_IN))
355 		goto usbtmc_abort_bulk_out_check_status;
356 
357 	rv = -EPERM;
358 	goto exit;
359 
360 usbtmc_abort_bulk_out_clear_halt:
361 	rv = usb_clear_halt(data->usb_dev,
362 			    usb_sndbulkpipe(data->usb_dev, data->bulk_out));
363 
364 	if (rv < 0) {
365 		dev_err(dev, "usb_control_msg returned %d\n", rv);
366 		goto exit;
367 	}
368 	rv = 0;
369 
370 exit:
371 	kfree(buffer);
372 	return rv;
373 }
374 
375 /*
376  * Sends a REQUEST_DEV_DEP_MSG_IN message on the Bulk-IN endpoint.
377  * @transfer_size: number of bytes to request from the device.
378  *
379  * See the USBTMC specification, Table 4.
380  *
381  * Also updates bTag_last_write.
382  */
383 static int send_request_dev_dep_msg_in(struct usbtmc_device_data *data, size_t transfer_size)
384 {
385 	int retval;
386 	u8 buffer[USBTMC_HEADER_SIZE];
387 	int actual;
388 
389 	/* Setup IO buffer for REQUEST_DEV_DEP_MSG_IN message
390 	 * Refer to class specs for details
391 	 */
392 	buffer[0] = 2;
393 	buffer[1] = data->bTag;
394 	buffer[2] = ~data->bTag;
395 	buffer[3] = 0; /* Reserved */
396 	buffer[4] = transfer_size >> 0;
397 	buffer[5] = transfer_size >> 8;
398 	buffer[6] = transfer_size >> 16;
399 	buffer[7] = transfer_size >> 24;
400 	buffer[8] = data->TermCharEnabled * 2;
401 	/* Use term character? */
402 	buffer[9] = data->TermChar;
403 	buffer[10] = 0; /* Reserved */
404 	buffer[11] = 0; /* Reserved */
405 
406 	/* Send bulk URB */
407 	retval = usb_bulk_msg(data->usb_dev,
408 			      usb_sndbulkpipe(data->usb_dev,
409 					      data->bulk_out),
410 			      buffer, USBTMC_HEADER_SIZE, &actual, USBTMC_TIMEOUT);
411 
412 	/* Store bTag (in case we need to abort) */
413 	data->bTag_last_write = data->bTag;
414 
415 	/* Increment bTag -- and increment again if zero */
416 	data->bTag++;
417 	if (!data->bTag)
418 		data->bTag++;
419 
420 	if (retval < 0) {
421 		dev_err(&data->intf->dev, "usb_bulk_msg in send_request_dev_dep_msg_in() returned %d\n", retval);
422 		return retval;
423 	}
424 
425 	return 0;
426 }
427 
428 static ssize_t usbtmc_read(struct file *filp, char __user *buf,
429 			   size_t count, loff_t *f_pos)
430 {
431 	struct usbtmc_device_data *data;
432 	struct device *dev;
433 	u32 n_characters;
434 	u8 *buffer;
435 	int actual;
436 	size_t done;
437 	size_t remaining;
438 	int retval;
439 	size_t this_part;
440 
441 	/* Get pointer to private data structure */
442 	data = filp->private_data;
443 	dev = &data->intf->dev;
444 
445 	buffer = kmalloc(USBTMC_SIZE_IOBUFFER, GFP_KERNEL);
446 	if (!buffer)
447 		return -ENOMEM;
448 
449 	mutex_lock(&data->io_mutex);
450 	if (data->zombie) {
451 		retval = -ENODEV;
452 		goto exit;
453 	}
454 
455 	if (data->rigol_quirk) {
456 		dev_dbg(dev, "usb_bulk_msg_in: count(%zu)\n", count);
457 
458 		retval = send_request_dev_dep_msg_in(data, count);
459 
460 		if (retval < 0) {
461 			if (data->auto_abort)
462 				usbtmc_ioctl_abort_bulk_out(data);
463 			goto exit;
464 		}
465 	}
466 
467 	/* Loop until we have fetched everything we requested */
468 	remaining = count;
469 	this_part = remaining;
470 	done = 0;
471 
472 	while (remaining > 0) {
473 		if (!data->rigol_quirk) {
474 			dev_dbg(dev, "usb_bulk_msg_in: remaining(%zu), count(%zu)\n", remaining, count);
475 
476 			if (remaining > USBTMC_SIZE_IOBUFFER - USBTMC_HEADER_SIZE - 3)
477 				this_part = USBTMC_SIZE_IOBUFFER - USBTMC_HEADER_SIZE - 3;
478 			else
479 				this_part = remaining;
480 
481 			retval = send_request_dev_dep_msg_in(data, this_part);
482 			if (retval < 0) {
483 			dev_err(dev, "usb_bulk_msg returned %d\n", retval);
484 				if (data->auto_abort)
485 					usbtmc_ioctl_abort_bulk_out(data);
486 				goto exit;
487 			}
488 		}
489 
490 		/* Send bulk URB */
491 		retval = usb_bulk_msg(data->usb_dev,
492 				      usb_rcvbulkpipe(data->usb_dev,
493 						      data->bulk_in),
494 				      buffer, USBTMC_SIZE_IOBUFFER, &actual,
495 				      USBTMC_TIMEOUT);
496 
497 		dev_dbg(dev, "usb_bulk_msg: retval(%u), done(%zu), remaining(%zu), actual(%d)\n", retval, done, remaining, actual);
498 
499 		/* Store bTag (in case we need to abort) */
500 		data->bTag_last_read = data->bTag;
501 
502 		if (retval < 0) {
503 			dev_dbg(dev, "Unable to read data, error %d\n", retval);
504 			if (data->auto_abort)
505 				usbtmc_ioctl_abort_bulk_in(data);
506 			goto exit;
507 		}
508 
509 		/* Parse header in first packet */
510 		if ((done == 0) || !data->rigol_quirk) {
511 			/* Sanity checks for the header */
512 			if (actual < USBTMC_HEADER_SIZE) {
513 				dev_err(dev, "Device sent too small first packet: %u < %u\n", actual, USBTMC_HEADER_SIZE);
514 				if (data->auto_abort)
515 					usbtmc_ioctl_abort_bulk_in(data);
516 				goto exit;
517 			}
518 
519 			if (buffer[0] != 2) {
520 				dev_err(dev, "Device sent reply with wrong MsgID: %u != 2\n", buffer[0]);
521 				if (data->auto_abort)
522 					usbtmc_ioctl_abort_bulk_in(data);
523 				goto exit;
524 			}
525 
526 			if (buffer[1] != data->bTag_last_write) {
527 				dev_err(dev, "Device sent reply with wrong bTag: %u != %u\n", buffer[1], data->bTag_last_write);
528 				if (data->auto_abort)
529 					usbtmc_ioctl_abort_bulk_in(data);
530 				goto exit;
531 			}
532 
533 			/* How many characters did the instrument send? */
534 			n_characters = buffer[4] +
535 				       (buffer[5] << 8) +
536 				       (buffer[6] << 16) +
537 				       (buffer[7] << 24);
538 
539 			if (n_characters > this_part) {
540 				dev_err(dev, "Device wants to return more data than requested: %u > %zu\n", n_characters, count);
541 				if (data->auto_abort)
542 					usbtmc_ioctl_abort_bulk_in(data);
543 				goto exit;
544 			}
545 
546 			/* Remove the USBTMC header */
547 			actual -= USBTMC_HEADER_SIZE;
548 
549 			/* Check if the message is smaller than requested */
550 			if (data->rigol_quirk) {
551 				if (remaining > n_characters)
552 					remaining = n_characters;
553 				/* Remove padding if it exists */
554 				if (actual > remaining)
555 					actual = remaining;
556 			}
557 			else {
558 				if (this_part > n_characters)
559 					this_part = n_characters;
560 				/* Remove padding if it exists */
561 				if (actual > this_part)
562 					actual = this_part;
563 			}
564 
565 			dev_dbg(dev, "Bulk-IN header: N_characters(%u), bTransAttr(%u)\n", n_characters, buffer[8]);
566 
567 			remaining -= actual;
568 
569 			/* Terminate if end-of-message bit received from device */
570 			if ((buffer[8] & 0x01) && (actual >= n_characters))
571 				remaining = 0;
572 
573 			dev_dbg(dev, "Bulk-IN header: remaining(%zu), buf(%p), buffer(%p) done(%zu)\n", remaining,buf,buffer,done);
574 
575 
576 			/* Copy buffer to user space */
577 			if (copy_to_user(buf + done, &buffer[USBTMC_HEADER_SIZE], actual)) {
578 				/* There must have been an addressing problem */
579 				retval = -EFAULT;
580 				goto exit;
581 			}
582 			done += actual;
583 		}
584 		else  {
585 			if (actual > remaining)
586 				actual = remaining;
587 
588 			remaining -= actual;
589 
590 			dev_dbg(dev, "Bulk-IN header cont: actual(%u), done(%zu), remaining(%zu), buf(%p), buffer(%p)\n", actual, done, remaining,buf,buffer);
591 
592 			/* Copy buffer to user space */
593 			if (copy_to_user(buf + done, buffer, actual)) {
594 				/* There must have been an addressing problem */
595 				retval = -EFAULT;
596 				goto exit;
597 			}
598 			done += actual;
599 		}
600 	}
601 
602 	/* Update file position value */
603 	*f_pos = *f_pos + done;
604 	retval = done;
605 
606 exit:
607 	mutex_unlock(&data->io_mutex);
608 	kfree(buffer);
609 	return retval;
610 }
611 
612 static ssize_t usbtmc_write(struct file *filp, const char __user *buf,
613 			    size_t count, loff_t *f_pos)
614 {
615 	struct usbtmc_device_data *data;
616 	u8 *buffer;
617 	int retval;
618 	int actual;
619 	unsigned long int n_bytes;
620 	int remaining;
621 	int done;
622 	int this_part;
623 
624 	data = filp->private_data;
625 
626 	buffer = kmalloc(USBTMC_SIZE_IOBUFFER, GFP_KERNEL);
627 	if (!buffer)
628 		return -ENOMEM;
629 
630 	mutex_lock(&data->io_mutex);
631 	if (data->zombie) {
632 		retval = -ENODEV;
633 		goto exit;
634 	}
635 
636 	remaining = count;
637 	done = 0;
638 
639 	while (remaining > 0) {
640 		if (remaining > USBTMC_SIZE_IOBUFFER - USBTMC_HEADER_SIZE) {
641 			this_part = USBTMC_SIZE_IOBUFFER - USBTMC_HEADER_SIZE;
642 			buffer[8] = 0;
643 		} else {
644 			this_part = remaining;
645 			buffer[8] = 1;
646 		}
647 
648 		/* Setup IO buffer for DEV_DEP_MSG_OUT message */
649 		buffer[0] = 1;
650 		buffer[1] = data->bTag;
651 		buffer[2] = ~data->bTag;
652 		buffer[3] = 0; /* Reserved */
653 		buffer[4] = this_part >> 0;
654 		buffer[5] = this_part >> 8;
655 		buffer[6] = this_part >> 16;
656 		buffer[7] = this_part >> 24;
657 		/* buffer[8] is set above... */
658 		buffer[9] = 0; /* Reserved */
659 		buffer[10] = 0; /* Reserved */
660 		buffer[11] = 0; /* Reserved */
661 
662 		if (copy_from_user(&buffer[USBTMC_HEADER_SIZE], buf + done, this_part)) {
663 			retval = -EFAULT;
664 			goto exit;
665 		}
666 
667 		n_bytes = roundup(USBTMC_HEADER_SIZE + this_part, 4);
668 		memset(buffer + USBTMC_HEADER_SIZE + this_part, 0, n_bytes - (USBTMC_HEADER_SIZE + this_part));
669 
670 		do {
671 			retval = usb_bulk_msg(data->usb_dev,
672 					      usb_sndbulkpipe(data->usb_dev,
673 							      data->bulk_out),
674 					      buffer, n_bytes,
675 					      &actual, USBTMC_TIMEOUT);
676 			if (retval != 0)
677 				break;
678 			n_bytes -= actual;
679 		} while (n_bytes);
680 
681 		data->bTag_last_write = data->bTag;
682 		data->bTag++;
683 
684 		if (!data->bTag)
685 			data->bTag++;
686 
687 		if (retval < 0) {
688 			dev_err(&data->intf->dev,
689 				"Unable to send data, error %d\n", retval);
690 			if (data->auto_abort)
691 				usbtmc_ioctl_abort_bulk_out(data);
692 			goto exit;
693 		}
694 
695 		remaining -= this_part;
696 		done += this_part;
697 	}
698 
699 	retval = count;
700 exit:
701 	mutex_unlock(&data->io_mutex);
702 	kfree(buffer);
703 	return retval;
704 }
705 
706 static int usbtmc_ioctl_clear(struct usbtmc_device_data *data)
707 {
708 	struct usb_host_interface *current_setting;
709 	struct usb_endpoint_descriptor *desc;
710 	struct device *dev;
711 	u8 *buffer;
712 	int rv;
713 	int n;
714 	int actual;
715 	int max_size;
716 
717 	dev = &data->intf->dev;
718 
719 	dev_dbg(dev, "Sending INITIATE_CLEAR request\n");
720 
721 	buffer = kmalloc(USBTMC_SIZE_IOBUFFER, GFP_KERNEL);
722 	if (!buffer)
723 		return -ENOMEM;
724 
725 	rv = usb_control_msg(data->usb_dev,
726 			     usb_rcvctrlpipe(data->usb_dev, 0),
727 			     USBTMC_REQUEST_INITIATE_CLEAR,
728 			     USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_INTERFACE,
729 			     0, 0, buffer, 1, USBTMC_TIMEOUT);
730 	if (rv < 0) {
731 		dev_err(dev, "usb_control_msg returned %d\n", rv);
732 		goto exit;
733 	}
734 
735 	dev_dbg(dev, "INITIATE_CLEAR returned %x\n", buffer[0]);
736 
737 	if (buffer[0] != USBTMC_STATUS_SUCCESS) {
738 		dev_err(dev, "INITIATE_CLEAR returned %x\n", buffer[0]);
739 		rv = -EPERM;
740 		goto exit;
741 	}
742 
743 	max_size = 0;
744 	current_setting = data->intf->cur_altsetting;
745 	for (n = 0; n < current_setting->desc.bNumEndpoints; n++) {
746 		desc = &current_setting->endpoint[n].desc;
747 		if (desc->bEndpointAddress == data->bulk_in)
748 			max_size = usb_endpoint_maxp(desc);
749 	}
750 
751 	if (max_size == 0) {
752 		dev_err(dev, "Couldn't get wMaxPacketSize\n");
753 		rv = -EPERM;
754 		goto exit;
755 	}
756 
757 	dev_dbg(dev, "wMaxPacketSize is %d\n", max_size);
758 
759 	n = 0;
760 
761 usbtmc_clear_check_status:
762 
763 	dev_dbg(dev, "Sending CHECK_CLEAR_STATUS request\n");
764 
765 	rv = usb_control_msg(data->usb_dev,
766 			     usb_rcvctrlpipe(data->usb_dev, 0),
767 			     USBTMC_REQUEST_CHECK_CLEAR_STATUS,
768 			     USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_INTERFACE,
769 			     0, 0, buffer, 2, USBTMC_TIMEOUT);
770 	if (rv < 0) {
771 		dev_err(dev, "usb_control_msg returned %d\n", rv);
772 		goto exit;
773 	}
774 
775 	dev_dbg(dev, "CHECK_CLEAR_STATUS returned %x\n", buffer[0]);
776 
777 	if (buffer[0] == USBTMC_STATUS_SUCCESS)
778 		goto usbtmc_clear_bulk_out_halt;
779 
780 	if (buffer[0] != USBTMC_STATUS_PENDING) {
781 		dev_err(dev, "CHECK_CLEAR_STATUS returned %x\n", buffer[0]);
782 		rv = -EPERM;
783 		goto exit;
784 	}
785 
786 	if (buffer[1] == 1)
787 		do {
788 			dev_dbg(dev, "Reading from bulk in EP\n");
789 
790 			rv = usb_bulk_msg(data->usb_dev,
791 					  usb_rcvbulkpipe(data->usb_dev,
792 							  data->bulk_in),
793 					  buffer, USBTMC_SIZE_IOBUFFER,
794 					  &actual, USBTMC_TIMEOUT);
795 			n++;
796 
797 			if (rv < 0) {
798 				dev_err(dev, "usb_control_msg returned %d\n",
799 					rv);
800 				goto exit;
801 			}
802 		} while ((actual == max_size) &&
803 			  (n < USBTMC_MAX_READS_TO_CLEAR_BULK_IN));
804 
805 	if (actual == max_size) {
806 		dev_err(dev, "Couldn't clear device buffer within %d cycles\n",
807 			USBTMC_MAX_READS_TO_CLEAR_BULK_IN);
808 		rv = -EPERM;
809 		goto exit;
810 	}
811 
812 	goto usbtmc_clear_check_status;
813 
814 usbtmc_clear_bulk_out_halt:
815 
816 	rv = usb_clear_halt(data->usb_dev,
817 			    usb_sndbulkpipe(data->usb_dev, data->bulk_out));
818 	if (rv < 0) {
819 		dev_err(dev, "usb_control_msg returned %d\n", rv);
820 		goto exit;
821 	}
822 	rv = 0;
823 
824 exit:
825 	kfree(buffer);
826 	return rv;
827 }
828 
829 static int usbtmc_ioctl_clear_out_halt(struct usbtmc_device_data *data)
830 {
831 	int rv;
832 
833 	rv = usb_clear_halt(data->usb_dev,
834 			    usb_sndbulkpipe(data->usb_dev, data->bulk_out));
835 
836 	if (rv < 0) {
837 		dev_err(&data->usb_dev->dev, "usb_control_msg returned %d\n",
838 			rv);
839 		return rv;
840 	}
841 	return 0;
842 }
843 
844 static int usbtmc_ioctl_clear_in_halt(struct usbtmc_device_data *data)
845 {
846 	int rv;
847 
848 	rv = usb_clear_halt(data->usb_dev,
849 			    usb_rcvbulkpipe(data->usb_dev, data->bulk_in));
850 
851 	if (rv < 0) {
852 		dev_err(&data->usb_dev->dev, "usb_control_msg returned %d\n",
853 			rv);
854 		return rv;
855 	}
856 	return 0;
857 }
858 
859 static int get_capabilities(struct usbtmc_device_data *data)
860 {
861 	struct device *dev = &data->usb_dev->dev;
862 	char *buffer;
863 	int rv = 0;
864 
865 	buffer = kmalloc(0x18, GFP_KERNEL);
866 	if (!buffer)
867 		return -ENOMEM;
868 
869 	rv = usb_control_msg(data->usb_dev, usb_rcvctrlpipe(data->usb_dev, 0),
870 			     USBTMC_REQUEST_GET_CAPABILITIES,
871 			     USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_INTERFACE,
872 			     0, 0, buffer, 0x18, USBTMC_TIMEOUT);
873 	if (rv < 0) {
874 		dev_err(dev, "usb_control_msg returned %d\n", rv);
875 		goto err_out;
876 	}
877 
878 	dev_dbg(dev, "GET_CAPABILITIES returned %x\n", buffer[0]);
879 	if (buffer[0] != USBTMC_STATUS_SUCCESS) {
880 		dev_err(dev, "GET_CAPABILITIES returned %x\n", buffer[0]);
881 		rv = -EPERM;
882 		goto err_out;
883 	}
884 	dev_dbg(dev, "Interface capabilities are %x\n", buffer[4]);
885 	dev_dbg(dev, "Device capabilities are %x\n", buffer[5]);
886 	dev_dbg(dev, "USB488 interface capabilities are %x\n", buffer[14]);
887 	dev_dbg(dev, "USB488 device capabilities are %x\n", buffer[15]);
888 
889 	data->capabilities.interface_capabilities = buffer[4];
890 	data->capabilities.device_capabilities = buffer[5];
891 	data->capabilities.usb488_interface_capabilities = buffer[14];
892 	data->capabilities.usb488_device_capabilities = buffer[15];
893 	rv = 0;
894 
895 err_out:
896 	kfree(buffer);
897 	return rv;
898 }
899 
900 #define capability_attribute(name)					\
901 static ssize_t name##_show(struct device *dev,				\
902 			   struct device_attribute *attr, char *buf)	\
903 {									\
904 	struct usb_interface *intf = to_usb_interface(dev);		\
905 	struct usbtmc_device_data *data = usb_get_intfdata(intf);	\
906 									\
907 	return sprintf(buf, "%d\n", data->capabilities.name);		\
908 }									\
909 static DEVICE_ATTR_RO(name)
910 
911 capability_attribute(interface_capabilities);
912 capability_attribute(device_capabilities);
913 capability_attribute(usb488_interface_capabilities);
914 capability_attribute(usb488_device_capabilities);
915 
916 static struct attribute *capability_attrs[] = {
917 	&dev_attr_interface_capabilities.attr,
918 	&dev_attr_device_capabilities.attr,
919 	&dev_attr_usb488_interface_capabilities.attr,
920 	&dev_attr_usb488_device_capabilities.attr,
921 	NULL,
922 };
923 
924 static struct attribute_group capability_attr_grp = {
925 	.attrs = capability_attrs,
926 };
927 
928 static ssize_t TermChar_show(struct device *dev,
929 			     struct device_attribute *attr, char *buf)
930 {
931 	struct usb_interface *intf = to_usb_interface(dev);
932 	struct usbtmc_device_data *data = usb_get_intfdata(intf);
933 
934 	return sprintf(buf, "%c\n", data->TermChar);
935 }
936 
937 static ssize_t TermChar_store(struct device *dev,
938 			      struct device_attribute *attr,
939 			      const char *buf, size_t count)
940 {
941 	struct usb_interface *intf = to_usb_interface(dev);
942 	struct usbtmc_device_data *data = usb_get_intfdata(intf);
943 
944 	if (count < 1)
945 		return -EINVAL;
946 	data->TermChar = buf[0];
947 	return count;
948 }
949 static DEVICE_ATTR_RW(TermChar);
950 
951 #define data_attribute(name)						\
952 static ssize_t name##_show(struct device *dev,				\
953 			   struct device_attribute *attr, char *buf)	\
954 {									\
955 	struct usb_interface *intf = to_usb_interface(dev);		\
956 	struct usbtmc_device_data *data = usb_get_intfdata(intf);	\
957 									\
958 	return sprintf(buf, "%d\n", data->name);			\
959 }									\
960 static ssize_t name##_store(struct device *dev,				\
961 			    struct device_attribute *attr,		\
962 			    const char *buf, size_t count)		\
963 {									\
964 	struct usb_interface *intf = to_usb_interface(dev);		\
965 	struct usbtmc_device_data *data = usb_get_intfdata(intf);	\
966 	ssize_t result;							\
967 	unsigned val;							\
968 									\
969 	result = sscanf(buf, "%u\n", &val);				\
970 	if (result != 1)						\
971 		result = -EINVAL;					\
972 	data->name = val;						\
973 	if (result < 0)							\
974 		return result;						\
975 	else								\
976 		return count;						\
977 }									\
978 static DEVICE_ATTR_RW(name)
979 
980 data_attribute(TermCharEnabled);
981 data_attribute(auto_abort);
982 
983 static struct attribute *data_attrs[] = {
984 	&dev_attr_TermChar.attr,
985 	&dev_attr_TermCharEnabled.attr,
986 	&dev_attr_auto_abort.attr,
987 	NULL,
988 };
989 
990 static struct attribute_group data_attr_grp = {
991 	.attrs = data_attrs,
992 };
993 
994 static int usbtmc_ioctl_indicator_pulse(struct usbtmc_device_data *data)
995 {
996 	struct device *dev;
997 	u8 *buffer;
998 	int rv;
999 
1000 	dev = &data->intf->dev;
1001 
1002 	buffer = kmalloc(2, GFP_KERNEL);
1003 	if (!buffer)
1004 		return -ENOMEM;
1005 
1006 	rv = usb_control_msg(data->usb_dev,
1007 			     usb_rcvctrlpipe(data->usb_dev, 0),
1008 			     USBTMC_REQUEST_INDICATOR_PULSE,
1009 			     USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_INTERFACE,
1010 			     0, 0, buffer, 0x01, USBTMC_TIMEOUT);
1011 
1012 	if (rv < 0) {
1013 		dev_err(dev, "usb_control_msg returned %d\n", rv);
1014 		goto exit;
1015 	}
1016 
1017 	dev_dbg(dev, "INDICATOR_PULSE returned %x\n", buffer[0]);
1018 
1019 	if (buffer[0] != USBTMC_STATUS_SUCCESS) {
1020 		dev_err(dev, "INDICATOR_PULSE returned %x\n", buffer[0]);
1021 		rv = -EPERM;
1022 		goto exit;
1023 	}
1024 	rv = 0;
1025 
1026 exit:
1027 	kfree(buffer);
1028 	return rv;
1029 }
1030 
1031 static long usbtmc_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
1032 {
1033 	struct usbtmc_device_data *data;
1034 	int retval = -EBADRQC;
1035 
1036 	data = file->private_data;
1037 	mutex_lock(&data->io_mutex);
1038 	if (data->zombie) {
1039 		retval = -ENODEV;
1040 		goto skip_io_on_zombie;
1041 	}
1042 
1043 	switch (cmd) {
1044 	case USBTMC_IOCTL_CLEAR_OUT_HALT:
1045 		retval = usbtmc_ioctl_clear_out_halt(data);
1046 		break;
1047 
1048 	case USBTMC_IOCTL_CLEAR_IN_HALT:
1049 		retval = usbtmc_ioctl_clear_in_halt(data);
1050 		break;
1051 
1052 	case USBTMC_IOCTL_INDICATOR_PULSE:
1053 		retval = usbtmc_ioctl_indicator_pulse(data);
1054 		break;
1055 
1056 	case USBTMC_IOCTL_CLEAR:
1057 		retval = usbtmc_ioctl_clear(data);
1058 		break;
1059 
1060 	case USBTMC_IOCTL_ABORT_BULK_OUT:
1061 		retval = usbtmc_ioctl_abort_bulk_out(data);
1062 		break;
1063 
1064 	case USBTMC_IOCTL_ABORT_BULK_IN:
1065 		retval = usbtmc_ioctl_abort_bulk_in(data);
1066 		break;
1067 	}
1068 
1069 skip_io_on_zombie:
1070 	mutex_unlock(&data->io_mutex);
1071 	return retval;
1072 }
1073 
1074 static const struct file_operations fops = {
1075 	.owner		= THIS_MODULE,
1076 	.read		= usbtmc_read,
1077 	.write		= usbtmc_write,
1078 	.open		= usbtmc_open,
1079 	.release	= usbtmc_release,
1080 	.unlocked_ioctl	= usbtmc_ioctl,
1081 	.llseek		= default_llseek,
1082 };
1083 
1084 static struct usb_class_driver usbtmc_class = {
1085 	.name =		"usbtmc%d",
1086 	.fops =		&fops,
1087 	.minor_base =	USBTMC_MINOR_BASE,
1088 };
1089 
1090 
1091 static int usbtmc_probe(struct usb_interface *intf,
1092 			const struct usb_device_id *id)
1093 {
1094 	struct usbtmc_device_data *data;
1095 	struct usb_host_interface *iface_desc;
1096 	struct usb_endpoint_descriptor *endpoint;
1097 	int n;
1098 	int retcode;
1099 
1100 	dev_dbg(&intf->dev, "%s called\n", __func__);
1101 
1102 	data = devm_kzalloc(&intf->dev, sizeof(*data), GFP_KERNEL);
1103 	if (!data) {
1104 		dev_err(&intf->dev, "Unable to allocate kernel memory\n");
1105 		return -ENOMEM;
1106 	}
1107 
1108 	data->intf = intf;
1109 	data->id = id;
1110 	data->usb_dev = usb_get_dev(interface_to_usbdev(intf));
1111 	usb_set_intfdata(intf, data);
1112 	kref_init(&data->kref);
1113 	mutex_init(&data->io_mutex);
1114 	data->zombie = 0;
1115 
1116 	/* Determine if it is a Rigol or not */
1117 	data->rigol_quirk = 0;
1118 	dev_dbg(&intf->dev, "Trying to find if device Vendor 0x%04X Product 0x%04X has the RIGOL quirk\n",
1119 		le16_to_cpu(data->usb_dev->descriptor.idVendor),
1120 		le16_to_cpu(data->usb_dev->descriptor.idProduct));
1121 	for(n = 0; usbtmc_id_quirk[n].idVendor > 0; n++) {
1122 		if ((usbtmc_id_quirk[n].idVendor == le16_to_cpu(data->usb_dev->descriptor.idVendor)) &&
1123 		    (usbtmc_id_quirk[n].idProduct == le16_to_cpu(data->usb_dev->descriptor.idProduct))) {
1124 			dev_dbg(&intf->dev, "Setting this device as having the RIGOL quirk\n");
1125 			data->rigol_quirk = 1;
1126 			break;
1127 		}
1128 	}
1129 
1130 	/* Initialize USBTMC bTag and other fields */
1131 	data->bTag	= 1;
1132 	data->TermCharEnabled = 0;
1133 	data->TermChar = '\n';
1134 
1135 	/* USBTMC devices have only one setting, so use that */
1136 	iface_desc = data->intf->cur_altsetting;
1137 
1138 	/* Find bulk in endpoint */
1139 	for (n = 0; n < iface_desc->desc.bNumEndpoints; n++) {
1140 		endpoint = &iface_desc->endpoint[n].desc;
1141 
1142 		if (usb_endpoint_is_bulk_in(endpoint)) {
1143 			data->bulk_in = endpoint->bEndpointAddress;
1144 			dev_dbg(&intf->dev, "Found bulk in endpoint at %u\n",
1145 				data->bulk_in);
1146 			break;
1147 		}
1148 	}
1149 
1150 	/* Find bulk out endpoint */
1151 	for (n = 0; n < iface_desc->desc.bNumEndpoints; n++) {
1152 		endpoint = &iface_desc->endpoint[n].desc;
1153 
1154 		if (usb_endpoint_is_bulk_out(endpoint)) {
1155 			data->bulk_out = endpoint->bEndpointAddress;
1156 			dev_dbg(&intf->dev, "Found Bulk out endpoint at %u\n",
1157 				data->bulk_out);
1158 			break;
1159 		}
1160 	}
1161 
1162 	retcode = get_capabilities(data);
1163 	if (retcode)
1164 		dev_err(&intf->dev, "can't read capabilities\n");
1165 	else
1166 		retcode = sysfs_create_group(&intf->dev.kobj,
1167 					     &capability_attr_grp);
1168 
1169 	retcode = sysfs_create_group(&intf->dev.kobj, &data_attr_grp);
1170 
1171 	retcode = usb_register_dev(intf, &usbtmc_class);
1172 	if (retcode) {
1173 		dev_err(&intf->dev, "Not able to get a minor"
1174 			" (base %u, slice default): %d\n", USBTMC_MINOR_BASE,
1175 			retcode);
1176 		goto error_register;
1177 	}
1178 	dev_dbg(&intf->dev, "Using minor number %d\n", intf->minor);
1179 
1180 	return 0;
1181 
1182 error_register:
1183 	sysfs_remove_group(&intf->dev.kobj, &capability_attr_grp);
1184 	sysfs_remove_group(&intf->dev.kobj, &data_attr_grp);
1185 	kref_put(&data->kref, usbtmc_delete);
1186 	return retcode;
1187 }
1188 
1189 static void usbtmc_disconnect(struct usb_interface *intf)
1190 {
1191 	struct usbtmc_device_data *data;
1192 
1193 	dev_dbg(&intf->dev, "usbtmc_disconnect called\n");
1194 
1195 	data = usb_get_intfdata(intf);
1196 	usb_deregister_dev(intf, &usbtmc_class);
1197 	sysfs_remove_group(&intf->dev.kobj, &capability_attr_grp);
1198 	sysfs_remove_group(&intf->dev.kobj, &data_attr_grp);
1199 	mutex_lock(&data->io_mutex);
1200 	data->zombie = 1;
1201 	mutex_unlock(&data->io_mutex);
1202 	kref_put(&data->kref, usbtmc_delete);
1203 }
1204 
1205 static int usbtmc_suspend(struct usb_interface *intf, pm_message_t message)
1206 {
1207 	/* this driver does not have pending URBs */
1208 	return 0;
1209 }
1210 
1211 static int usbtmc_resume(struct usb_interface *intf)
1212 {
1213 	return 0;
1214 }
1215 
1216 static struct usb_driver usbtmc_driver = {
1217 	.name		= "usbtmc",
1218 	.id_table	= usbtmc_devices,
1219 	.probe		= usbtmc_probe,
1220 	.disconnect	= usbtmc_disconnect,
1221 	.suspend	= usbtmc_suspend,
1222 	.resume		= usbtmc_resume,
1223 };
1224 
1225 module_usb_driver(usbtmc_driver);
1226 
1227 MODULE_LICENSE("GPL");
1228