xref: /openbmc/linux/drivers/usb/class/usbtmc.c (revision ce932d0c5589e9766e089c22c66890dfc48fbd94)
1 /**
2  * drivers/usb/class/usbtmc.c - USB Test & Measurement class driver
3  *
4  * Copyright (C) 2007 Stefan Kopp, Gechingen, Germany
5  * Copyright (C) 2008 Novell, Inc.
6  * Copyright (C) 2008 Greg Kroah-Hartman <gregkh@suse.de>
7  *
8  * This program is free software; you can redistribute it and/or
9  * modify it under the terms of the GNU General Public License
10  * as published by the Free Software Foundation; either version 2
11  * of the License, or (at your option) any later version.
12  *
13  * This program is distributed in the hope that it will be useful,
14  * but WITHOUT ANY WARRANTY; without even the implied warranty of
15  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
16  * GNU General Public License for more details.
17  *
18  * The GNU General Public License is available at
19  * http://www.gnu.org/copyleft/gpl.html.
20  */
21 
22 #include <linux/init.h>
23 #include <linux/module.h>
24 #include <linux/kernel.h>
25 #include <linux/fs.h>
26 #include <linux/uaccess.h>
27 #include <linux/kref.h>
28 #include <linux/slab.h>
29 #include <linux/mutex.h>
30 #include <linux/usb.h>
31 #include <linux/usb/tmc.h>
32 
33 
34 #define USBTMC_MINOR_BASE	176
35 
36 /*
37  * Size of driver internal IO buffer. Must be multiple of 4 and at least as
38  * large as wMaxPacketSize (which is usually 512 bytes).
39  */
40 #define USBTMC_SIZE_IOBUFFER	2048
41 
42 /* Default USB timeout (in milliseconds) */
43 #define USBTMC_TIMEOUT		5000
44 
45 /*
46  * Maximum number of read cycles to empty bulk in endpoint during CLEAR and
47  * ABORT_BULK_IN requests. Ends the loop if (for whatever reason) a short
48  * packet is never read.
49  */
50 #define USBTMC_MAX_READS_TO_CLEAR_BULK_IN	100
51 
52 static const struct usb_device_id usbtmc_devices[] = {
53 	{ USB_INTERFACE_INFO(USB_CLASS_APP_SPEC, 3, 0), },
54 	{ USB_INTERFACE_INFO(USB_CLASS_APP_SPEC, 3, 1), },
55 	{ 0, } /* terminating entry */
56 };
57 MODULE_DEVICE_TABLE(usb, usbtmc_devices);
58 
59 /*
60  * This structure is the capabilities for the device
61  * See section 4.2.1.8 of the USBTMC specification,
62  * and section 4.2.2 of the USBTMC usb488 subclass
63  * specification for details.
64  */
65 struct usbtmc_dev_capabilities {
66 	__u8 interface_capabilities;
67 	__u8 device_capabilities;
68 	__u8 usb488_interface_capabilities;
69 	__u8 usb488_device_capabilities;
70 };
71 
72 /* This structure holds private data for each USBTMC device. One copy is
73  * allocated for each USBTMC device in the driver's probe function.
74  */
75 struct usbtmc_device_data {
76 	const struct usb_device_id *id;
77 	struct usb_device *usb_dev;
78 	struct usb_interface *intf;
79 
80 	unsigned int bulk_in;
81 	unsigned int bulk_out;
82 
83 	u8 bTag;
84 	u8 bTag_last_write;	/* needed for abort */
85 	u8 bTag_last_read;	/* needed for abort */
86 
87 	/* attributes from the USB TMC spec for this device */
88 	u8 TermChar;
89 	bool TermCharEnabled;
90 	bool auto_abort;
91 
92 	bool zombie; /* fd of disconnected device */
93 
94 	struct usbtmc_dev_capabilities	capabilities;
95 	struct kref kref;
96 	struct mutex io_mutex;	/* only one i/o function running at a time */
97 };
98 #define to_usbtmc_data(d) container_of(d, struct usbtmc_device_data, kref)
99 
100 /* Forward declarations */
101 static struct usb_driver usbtmc_driver;
102 
103 static void usbtmc_delete(struct kref *kref)
104 {
105 	struct usbtmc_device_data *data = to_usbtmc_data(kref);
106 
107 	usb_put_dev(data->usb_dev);
108 	kfree(data);
109 }
110 
111 static int usbtmc_open(struct inode *inode, struct file *filp)
112 {
113 	struct usb_interface *intf;
114 	struct usbtmc_device_data *data;
115 	int retval = 0;
116 
117 	intf = usb_find_interface(&usbtmc_driver, iminor(inode));
118 	if (!intf) {
119 		printk(KERN_ERR KBUILD_MODNAME
120 		       ": can not find device for minor %d", iminor(inode));
121 		retval = -ENODEV;
122 		goto exit;
123 	}
124 
125 	data = usb_get_intfdata(intf);
126 	kref_get(&data->kref);
127 
128 	/* Store pointer in file structure's private data field */
129 	filp->private_data = data;
130 
131 exit:
132 	return retval;
133 }
134 
135 static int usbtmc_release(struct inode *inode, struct file *file)
136 {
137 	struct usbtmc_device_data *data = file->private_data;
138 
139 	kref_put(&data->kref, usbtmc_delete);
140 	return 0;
141 }
142 
143 static int usbtmc_ioctl_abort_bulk_in(struct usbtmc_device_data *data)
144 {
145 	u8 *buffer;
146 	struct device *dev;
147 	int rv;
148 	int n;
149 	int actual;
150 	struct usb_host_interface *current_setting;
151 	int max_size;
152 
153 	dev = &data->intf->dev;
154 	buffer = kmalloc(USBTMC_SIZE_IOBUFFER, GFP_KERNEL);
155 	if (!buffer)
156 		return -ENOMEM;
157 
158 	rv = usb_control_msg(data->usb_dev,
159 			     usb_rcvctrlpipe(data->usb_dev, 0),
160 			     USBTMC_REQUEST_INITIATE_ABORT_BULK_IN,
161 			     USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_ENDPOINT,
162 			     data->bTag_last_read, data->bulk_in,
163 			     buffer, 2, USBTMC_TIMEOUT);
164 
165 	if (rv < 0) {
166 		dev_err(dev, "usb_control_msg returned %d\n", rv);
167 		goto exit;
168 	}
169 
170 	dev_dbg(dev, "INITIATE_ABORT_BULK_IN returned %x\n", buffer[0]);
171 
172 	if (buffer[0] == USBTMC_STATUS_FAILED) {
173 		rv = 0;
174 		goto exit;
175 	}
176 
177 	if (buffer[0] != USBTMC_STATUS_SUCCESS) {
178 		dev_err(dev, "INITIATE_ABORT_BULK_IN returned %x\n",
179 			buffer[0]);
180 		rv = -EPERM;
181 		goto exit;
182 	}
183 
184 	max_size = 0;
185 	current_setting = data->intf->cur_altsetting;
186 	for (n = 0; n < current_setting->desc.bNumEndpoints; n++)
187 		if (current_setting->endpoint[n].desc.bEndpointAddress ==
188 			data->bulk_in)
189 			max_size = usb_endpoint_maxp(&current_setting->endpoint[n].desc);
190 
191 	if (max_size == 0) {
192 		dev_err(dev, "Couldn't get wMaxPacketSize\n");
193 		rv = -EPERM;
194 		goto exit;
195 	}
196 
197 	dev_dbg(&data->intf->dev, "wMaxPacketSize is %d\n", max_size);
198 
199 	n = 0;
200 
201 	do {
202 		dev_dbg(dev, "Reading from bulk in EP\n");
203 
204 		rv = usb_bulk_msg(data->usb_dev,
205 				  usb_rcvbulkpipe(data->usb_dev,
206 						  data->bulk_in),
207 				  buffer, USBTMC_SIZE_IOBUFFER,
208 				  &actual, USBTMC_TIMEOUT);
209 
210 		n++;
211 
212 		if (rv < 0) {
213 			dev_err(dev, "usb_bulk_msg returned %d\n", rv);
214 			goto exit;
215 		}
216 	} while ((actual == max_size) &&
217 		 (n < USBTMC_MAX_READS_TO_CLEAR_BULK_IN));
218 
219 	if (actual == max_size) {
220 		dev_err(dev, "Couldn't clear device buffer within %d cycles\n",
221 			USBTMC_MAX_READS_TO_CLEAR_BULK_IN);
222 		rv = -EPERM;
223 		goto exit;
224 	}
225 
226 	n = 0;
227 
228 usbtmc_abort_bulk_in_status:
229 	rv = usb_control_msg(data->usb_dev,
230 			     usb_rcvctrlpipe(data->usb_dev, 0),
231 			     USBTMC_REQUEST_CHECK_ABORT_BULK_IN_STATUS,
232 			     USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_ENDPOINT,
233 			     0, data->bulk_in, buffer, 0x08,
234 			     USBTMC_TIMEOUT);
235 
236 	if (rv < 0) {
237 		dev_err(dev, "usb_control_msg returned %d\n", rv);
238 		goto exit;
239 	}
240 
241 	dev_dbg(dev, "INITIATE_ABORT_BULK_IN returned %x\n", buffer[0]);
242 
243 	if (buffer[0] == USBTMC_STATUS_SUCCESS) {
244 		rv = 0;
245 		goto exit;
246 	}
247 
248 	if (buffer[0] != USBTMC_STATUS_PENDING) {
249 		dev_err(dev, "INITIATE_ABORT_BULK_IN returned %x\n", buffer[0]);
250 		rv = -EPERM;
251 		goto exit;
252 	}
253 
254 	if (buffer[1] == 1)
255 		do {
256 			dev_dbg(dev, "Reading from bulk in EP\n");
257 
258 			rv = usb_bulk_msg(data->usb_dev,
259 					  usb_rcvbulkpipe(data->usb_dev,
260 							  data->bulk_in),
261 					  buffer, USBTMC_SIZE_IOBUFFER,
262 					  &actual, USBTMC_TIMEOUT);
263 
264 			n++;
265 
266 			if (rv < 0) {
267 				dev_err(dev, "usb_bulk_msg returned %d\n", rv);
268 				goto exit;
269 			}
270 		} while ((actual == max_size) &&
271 			 (n < USBTMC_MAX_READS_TO_CLEAR_BULK_IN));
272 
273 	if (actual == max_size) {
274 		dev_err(dev, "Couldn't clear device buffer within %d cycles\n",
275 			USBTMC_MAX_READS_TO_CLEAR_BULK_IN);
276 		rv = -EPERM;
277 		goto exit;
278 	}
279 
280 	goto usbtmc_abort_bulk_in_status;
281 
282 exit:
283 	kfree(buffer);
284 	return rv;
285 
286 }
287 
288 static int usbtmc_ioctl_abort_bulk_out(struct usbtmc_device_data *data)
289 {
290 	struct device *dev;
291 	u8 *buffer;
292 	int rv;
293 	int n;
294 
295 	dev = &data->intf->dev;
296 
297 	buffer = kmalloc(8, GFP_KERNEL);
298 	if (!buffer)
299 		return -ENOMEM;
300 
301 	rv = usb_control_msg(data->usb_dev,
302 			     usb_rcvctrlpipe(data->usb_dev, 0),
303 			     USBTMC_REQUEST_INITIATE_ABORT_BULK_OUT,
304 			     USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_ENDPOINT,
305 			     data->bTag_last_write, data->bulk_out,
306 			     buffer, 2, USBTMC_TIMEOUT);
307 
308 	if (rv < 0) {
309 		dev_err(dev, "usb_control_msg returned %d\n", rv);
310 		goto exit;
311 	}
312 
313 	dev_dbg(dev, "INITIATE_ABORT_BULK_OUT returned %x\n", buffer[0]);
314 
315 	if (buffer[0] != USBTMC_STATUS_SUCCESS) {
316 		dev_err(dev, "INITIATE_ABORT_BULK_OUT returned %x\n",
317 			buffer[0]);
318 		rv = -EPERM;
319 		goto exit;
320 	}
321 
322 	n = 0;
323 
324 usbtmc_abort_bulk_out_check_status:
325 	rv = usb_control_msg(data->usb_dev,
326 			     usb_rcvctrlpipe(data->usb_dev, 0),
327 			     USBTMC_REQUEST_CHECK_ABORT_BULK_OUT_STATUS,
328 			     USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_ENDPOINT,
329 			     0, data->bulk_out, buffer, 0x08,
330 			     USBTMC_TIMEOUT);
331 	n++;
332 	if (rv < 0) {
333 		dev_err(dev, "usb_control_msg returned %d\n", rv);
334 		goto exit;
335 	}
336 
337 	dev_dbg(dev, "CHECK_ABORT_BULK_OUT returned %x\n", buffer[0]);
338 
339 	if (buffer[0] == USBTMC_STATUS_SUCCESS)
340 		goto usbtmc_abort_bulk_out_clear_halt;
341 
342 	if ((buffer[0] == USBTMC_STATUS_PENDING) &&
343 	    (n < USBTMC_MAX_READS_TO_CLEAR_BULK_IN))
344 		goto usbtmc_abort_bulk_out_check_status;
345 
346 	rv = -EPERM;
347 	goto exit;
348 
349 usbtmc_abort_bulk_out_clear_halt:
350 	rv = usb_clear_halt(data->usb_dev,
351 			    usb_sndbulkpipe(data->usb_dev, data->bulk_out));
352 
353 	if (rv < 0) {
354 		dev_err(dev, "usb_control_msg returned %d\n", rv);
355 		goto exit;
356 	}
357 	rv = 0;
358 
359 exit:
360 	kfree(buffer);
361 	return rv;
362 }
363 
364 static ssize_t usbtmc_read(struct file *filp, char __user *buf,
365 			   size_t count, loff_t *f_pos)
366 {
367 	struct usbtmc_device_data *data;
368 	struct device *dev;
369 	u32 n_characters;
370 	u8 *buffer;
371 	int actual;
372 	size_t done;
373 	size_t remaining;
374 	int retval;
375 	size_t this_part;
376 
377 	/* Get pointer to private data structure */
378 	data = filp->private_data;
379 	dev = &data->intf->dev;
380 
381 	buffer = kmalloc(USBTMC_SIZE_IOBUFFER, GFP_KERNEL);
382 	if (!buffer)
383 		return -ENOMEM;
384 
385 	mutex_lock(&data->io_mutex);
386 	if (data->zombie) {
387 		retval = -ENODEV;
388 		goto exit;
389 	}
390 
391 	remaining = count;
392 	done = 0;
393 
394 	while (remaining > 0) {
395 		if (remaining > USBTMC_SIZE_IOBUFFER - 12 - 3)
396 			this_part = USBTMC_SIZE_IOBUFFER - 12 - 3;
397 		else
398 			this_part = remaining;
399 
400 		/* Setup IO buffer for DEV_DEP_MSG_IN message
401 		 * Refer to class specs for details
402 		 */
403 		buffer[0] = 2;
404 		buffer[1] = data->bTag;
405 		buffer[2] = ~(data->bTag);
406 		buffer[3] = 0; /* Reserved */
407 		buffer[4] = (this_part) & 255;
408 		buffer[5] = ((this_part) >> 8) & 255;
409 		buffer[6] = ((this_part) >> 16) & 255;
410 		buffer[7] = ((this_part) >> 24) & 255;
411 		buffer[8] = data->TermCharEnabled * 2;
412 		/* Use term character? */
413 		buffer[9] = data->TermChar;
414 		buffer[10] = 0; /* Reserved */
415 		buffer[11] = 0; /* Reserved */
416 
417 		/* Send bulk URB */
418 		retval = usb_bulk_msg(data->usb_dev,
419 				      usb_sndbulkpipe(data->usb_dev,
420 						      data->bulk_out),
421 				      buffer, 12, &actual, USBTMC_TIMEOUT);
422 
423 		/* Store bTag (in case we need to abort) */
424 		data->bTag_last_write = data->bTag;
425 
426 		/* Increment bTag -- and increment again if zero */
427 		data->bTag++;
428 		if (!data->bTag)
429 			(data->bTag)++;
430 
431 		if (retval < 0) {
432 			dev_err(dev, "usb_bulk_msg returned %d\n", retval);
433 			if (data->auto_abort)
434 				usbtmc_ioctl_abort_bulk_out(data);
435 			goto exit;
436 		}
437 
438 		/* Send bulk URB */
439 		retval = usb_bulk_msg(data->usb_dev,
440 				      usb_rcvbulkpipe(data->usb_dev,
441 						      data->bulk_in),
442 				      buffer, USBTMC_SIZE_IOBUFFER, &actual,
443 				      USBTMC_TIMEOUT);
444 
445 		/* Store bTag (in case we need to abort) */
446 		data->bTag_last_read = data->bTag;
447 
448 		if (retval < 0) {
449 			dev_err(dev, "Unable to read data, error %d\n", retval);
450 			if (data->auto_abort)
451 				usbtmc_ioctl_abort_bulk_in(data);
452 			goto exit;
453 		}
454 
455 		/* How many characters did the instrument send? */
456 		n_characters = buffer[4] +
457 			       (buffer[5] << 8) +
458 			       (buffer[6] << 16) +
459 			       (buffer[7] << 24);
460 
461 		/* Ensure the instrument doesn't lie about it */
462 		if(n_characters > actual - 12) {
463 			dev_err(dev, "Device lies about message size: %u > %d\n", n_characters, actual - 12);
464 			n_characters = actual - 12;
465 		}
466 
467 		/* Ensure the instrument doesn't send more back than requested */
468 		if(n_characters > this_part) {
469 			dev_err(dev, "Device returns more than requested: %zu > %zu\n", done + n_characters, done + this_part);
470 			n_characters = this_part;
471 		}
472 
473 		/* Bound amount of data received by amount of data requested */
474 		if (n_characters > this_part)
475 			n_characters = this_part;
476 
477 		/* Copy buffer to user space */
478 		if (copy_to_user(buf + done, &buffer[12], n_characters)) {
479 			/* There must have been an addressing problem */
480 			retval = -EFAULT;
481 			goto exit;
482 		}
483 
484 		done += n_characters;
485 		/* Terminate if end-of-message bit received from device */
486 		if ((buffer[8] &  0x01) && (actual >= n_characters + 12))
487 			remaining = 0;
488 		else
489 			remaining -= n_characters;
490 	}
491 
492 	/* Update file position value */
493 	*f_pos = *f_pos + done;
494 	retval = done;
495 
496 exit:
497 	mutex_unlock(&data->io_mutex);
498 	kfree(buffer);
499 	return retval;
500 }
501 
502 static ssize_t usbtmc_write(struct file *filp, const char __user *buf,
503 			    size_t count, loff_t *f_pos)
504 {
505 	struct usbtmc_device_data *data;
506 	u8 *buffer;
507 	int retval;
508 	int actual;
509 	unsigned long int n_bytes;
510 	int remaining;
511 	int done;
512 	int this_part;
513 
514 	data = filp->private_data;
515 
516 	buffer = kmalloc(USBTMC_SIZE_IOBUFFER, GFP_KERNEL);
517 	if (!buffer)
518 		return -ENOMEM;
519 
520 	mutex_lock(&data->io_mutex);
521 	if (data->zombie) {
522 		retval = -ENODEV;
523 		goto exit;
524 	}
525 
526 	remaining = count;
527 	done = 0;
528 
529 	while (remaining > 0) {
530 		if (remaining > USBTMC_SIZE_IOBUFFER - 12) {
531 			this_part = USBTMC_SIZE_IOBUFFER - 12;
532 			buffer[8] = 0;
533 		} else {
534 			this_part = remaining;
535 			buffer[8] = 1;
536 		}
537 
538 		/* Setup IO buffer for DEV_DEP_MSG_OUT message */
539 		buffer[0] = 1;
540 		buffer[1] = data->bTag;
541 		buffer[2] = ~(data->bTag);
542 		buffer[3] = 0; /* Reserved */
543 		buffer[4] = this_part & 255;
544 		buffer[5] = (this_part >> 8) & 255;
545 		buffer[6] = (this_part >> 16) & 255;
546 		buffer[7] = (this_part >> 24) & 255;
547 		/* buffer[8] is set above... */
548 		buffer[9] = 0; /* Reserved */
549 		buffer[10] = 0; /* Reserved */
550 		buffer[11] = 0; /* Reserved */
551 
552 		if (copy_from_user(&buffer[12], buf + done, this_part)) {
553 			retval = -EFAULT;
554 			goto exit;
555 		}
556 
557 		n_bytes = roundup(12 + this_part, 4);
558 		memset(buffer + 12 + this_part, 0, n_bytes - (12 + this_part));
559 
560 		do {
561 			retval = usb_bulk_msg(data->usb_dev,
562 					      usb_sndbulkpipe(data->usb_dev,
563 							      data->bulk_out),
564 					      buffer, n_bytes,
565 					      &actual, USBTMC_TIMEOUT);
566 			if (retval != 0)
567 				break;
568 			n_bytes -= actual;
569 		} while (n_bytes);
570 
571 		data->bTag_last_write = data->bTag;
572 		data->bTag++;
573 
574 		if (!data->bTag)
575 			data->bTag++;
576 
577 		if (retval < 0) {
578 			dev_err(&data->intf->dev,
579 				"Unable to send data, error %d\n", retval);
580 			if (data->auto_abort)
581 				usbtmc_ioctl_abort_bulk_out(data);
582 			goto exit;
583 		}
584 
585 		remaining -= this_part;
586 		done += this_part;
587 	}
588 
589 	retval = count;
590 exit:
591 	mutex_unlock(&data->io_mutex);
592 	kfree(buffer);
593 	return retval;
594 }
595 
596 static int usbtmc_ioctl_clear(struct usbtmc_device_data *data)
597 {
598 	struct usb_host_interface *current_setting;
599 	struct usb_endpoint_descriptor *desc;
600 	struct device *dev;
601 	u8 *buffer;
602 	int rv;
603 	int n;
604 	int actual;
605 	int max_size;
606 
607 	dev = &data->intf->dev;
608 
609 	dev_dbg(dev, "Sending INITIATE_CLEAR request\n");
610 
611 	buffer = kmalloc(USBTMC_SIZE_IOBUFFER, GFP_KERNEL);
612 	if (!buffer)
613 		return -ENOMEM;
614 
615 	rv = usb_control_msg(data->usb_dev,
616 			     usb_rcvctrlpipe(data->usb_dev, 0),
617 			     USBTMC_REQUEST_INITIATE_CLEAR,
618 			     USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_INTERFACE,
619 			     0, 0, buffer, 1, USBTMC_TIMEOUT);
620 	if (rv < 0) {
621 		dev_err(dev, "usb_control_msg returned %d\n", rv);
622 		goto exit;
623 	}
624 
625 	dev_dbg(dev, "INITIATE_CLEAR returned %x\n", buffer[0]);
626 
627 	if (buffer[0] != USBTMC_STATUS_SUCCESS) {
628 		dev_err(dev, "INITIATE_CLEAR returned %x\n", buffer[0]);
629 		rv = -EPERM;
630 		goto exit;
631 	}
632 
633 	max_size = 0;
634 	current_setting = data->intf->cur_altsetting;
635 	for (n = 0; n < current_setting->desc.bNumEndpoints; n++) {
636 		desc = &current_setting->endpoint[n].desc;
637 		if (desc->bEndpointAddress == data->bulk_in)
638 			max_size = usb_endpoint_maxp(desc);
639 	}
640 
641 	if (max_size == 0) {
642 		dev_err(dev, "Couldn't get wMaxPacketSize\n");
643 		rv = -EPERM;
644 		goto exit;
645 	}
646 
647 	dev_dbg(dev, "wMaxPacketSize is %d\n", max_size);
648 
649 	n = 0;
650 
651 usbtmc_clear_check_status:
652 
653 	dev_dbg(dev, "Sending CHECK_CLEAR_STATUS request\n");
654 
655 	rv = usb_control_msg(data->usb_dev,
656 			     usb_rcvctrlpipe(data->usb_dev, 0),
657 			     USBTMC_REQUEST_CHECK_CLEAR_STATUS,
658 			     USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_INTERFACE,
659 			     0, 0, buffer, 2, USBTMC_TIMEOUT);
660 	if (rv < 0) {
661 		dev_err(dev, "usb_control_msg returned %d\n", rv);
662 		goto exit;
663 	}
664 
665 	dev_dbg(dev, "CHECK_CLEAR_STATUS returned %x\n", buffer[0]);
666 
667 	if (buffer[0] == USBTMC_STATUS_SUCCESS)
668 		goto usbtmc_clear_bulk_out_halt;
669 
670 	if (buffer[0] != USBTMC_STATUS_PENDING) {
671 		dev_err(dev, "CHECK_CLEAR_STATUS returned %x\n", buffer[0]);
672 		rv = -EPERM;
673 		goto exit;
674 	}
675 
676 	if (buffer[1] == 1)
677 		do {
678 			dev_dbg(dev, "Reading from bulk in EP\n");
679 
680 			rv = usb_bulk_msg(data->usb_dev,
681 					  usb_rcvbulkpipe(data->usb_dev,
682 							  data->bulk_in),
683 					  buffer, USBTMC_SIZE_IOBUFFER,
684 					  &actual, USBTMC_TIMEOUT);
685 			n++;
686 
687 			if (rv < 0) {
688 				dev_err(dev, "usb_control_msg returned %d\n",
689 					rv);
690 				goto exit;
691 			}
692 		} while ((actual == max_size) &&
693 			  (n < USBTMC_MAX_READS_TO_CLEAR_BULK_IN));
694 
695 	if (actual == max_size) {
696 		dev_err(dev, "Couldn't clear device buffer within %d cycles\n",
697 			USBTMC_MAX_READS_TO_CLEAR_BULK_IN);
698 		rv = -EPERM;
699 		goto exit;
700 	}
701 
702 	goto usbtmc_clear_check_status;
703 
704 usbtmc_clear_bulk_out_halt:
705 
706 	rv = usb_clear_halt(data->usb_dev,
707 			    usb_sndbulkpipe(data->usb_dev, data->bulk_out));
708 	if (rv < 0) {
709 		dev_err(dev, "usb_control_msg returned %d\n", rv);
710 		goto exit;
711 	}
712 	rv = 0;
713 
714 exit:
715 	kfree(buffer);
716 	return rv;
717 }
718 
719 static int usbtmc_ioctl_clear_out_halt(struct usbtmc_device_data *data)
720 {
721 	u8 *buffer;
722 	int rv;
723 
724 	buffer = kmalloc(2, GFP_KERNEL);
725 	if (!buffer)
726 		return -ENOMEM;
727 
728 	rv = usb_clear_halt(data->usb_dev,
729 			    usb_sndbulkpipe(data->usb_dev, data->bulk_out));
730 
731 	if (rv < 0) {
732 		dev_err(&data->usb_dev->dev, "usb_control_msg returned %d\n",
733 			rv);
734 		goto exit;
735 	}
736 	rv = 0;
737 
738 exit:
739 	kfree(buffer);
740 	return rv;
741 }
742 
743 static int usbtmc_ioctl_clear_in_halt(struct usbtmc_device_data *data)
744 {
745 	u8 *buffer;
746 	int rv;
747 
748 	buffer = kmalloc(2, GFP_KERNEL);
749 	if (!buffer)
750 		return -ENOMEM;
751 
752 	rv = usb_clear_halt(data->usb_dev,
753 			    usb_rcvbulkpipe(data->usb_dev, data->bulk_in));
754 
755 	if (rv < 0) {
756 		dev_err(&data->usb_dev->dev, "usb_control_msg returned %d\n",
757 			rv);
758 		goto exit;
759 	}
760 	rv = 0;
761 
762 exit:
763 	kfree(buffer);
764 	return rv;
765 }
766 
767 static int get_capabilities(struct usbtmc_device_data *data)
768 {
769 	struct device *dev = &data->usb_dev->dev;
770 	char *buffer;
771 	int rv = 0;
772 
773 	buffer = kmalloc(0x18, GFP_KERNEL);
774 	if (!buffer)
775 		return -ENOMEM;
776 
777 	rv = usb_control_msg(data->usb_dev, usb_rcvctrlpipe(data->usb_dev, 0),
778 			     USBTMC_REQUEST_GET_CAPABILITIES,
779 			     USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_INTERFACE,
780 			     0, 0, buffer, 0x18, USBTMC_TIMEOUT);
781 	if (rv < 0) {
782 		dev_err(dev, "usb_control_msg returned %d\n", rv);
783 		goto err_out;
784 	}
785 
786 	dev_dbg(dev, "GET_CAPABILITIES returned %x\n", buffer[0]);
787 	if (buffer[0] != USBTMC_STATUS_SUCCESS) {
788 		dev_err(dev, "GET_CAPABILITIES returned %x\n", buffer[0]);
789 		rv = -EPERM;
790 		goto err_out;
791 	}
792 	dev_dbg(dev, "Interface capabilities are %x\n", buffer[4]);
793 	dev_dbg(dev, "Device capabilities are %x\n", buffer[5]);
794 	dev_dbg(dev, "USB488 interface capabilities are %x\n", buffer[14]);
795 	dev_dbg(dev, "USB488 device capabilities are %x\n", buffer[15]);
796 
797 	data->capabilities.interface_capabilities = buffer[4];
798 	data->capabilities.device_capabilities = buffer[5];
799 	data->capabilities.usb488_interface_capabilities = buffer[14];
800 	data->capabilities.usb488_device_capabilities = buffer[15];
801 	rv = 0;
802 
803 err_out:
804 	kfree(buffer);
805 	return rv;
806 }
807 
808 #define capability_attribute(name)					\
809 static ssize_t show_##name(struct device *dev,				\
810 			   struct device_attribute *attr, char *buf)	\
811 {									\
812 	struct usb_interface *intf = to_usb_interface(dev);		\
813 	struct usbtmc_device_data *data = usb_get_intfdata(intf);	\
814 									\
815 	return sprintf(buf, "%d\n", data->capabilities.name);		\
816 }									\
817 static DEVICE_ATTR(name, S_IRUGO, show_##name, NULL)
818 
819 capability_attribute(interface_capabilities);
820 capability_attribute(device_capabilities);
821 capability_attribute(usb488_interface_capabilities);
822 capability_attribute(usb488_device_capabilities);
823 
824 static struct attribute *capability_attrs[] = {
825 	&dev_attr_interface_capabilities.attr,
826 	&dev_attr_device_capabilities.attr,
827 	&dev_attr_usb488_interface_capabilities.attr,
828 	&dev_attr_usb488_device_capabilities.attr,
829 	NULL,
830 };
831 
832 static struct attribute_group capability_attr_grp = {
833 	.attrs = capability_attrs,
834 };
835 
836 static ssize_t show_TermChar(struct device *dev,
837 			     struct device_attribute *attr, char *buf)
838 {
839 	struct usb_interface *intf = to_usb_interface(dev);
840 	struct usbtmc_device_data *data = usb_get_intfdata(intf);
841 
842 	return sprintf(buf, "%c\n", data->TermChar);
843 }
844 
845 static ssize_t store_TermChar(struct device *dev,
846 			      struct device_attribute *attr,
847 			      const char *buf, size_t count)
848 {
849 	struct usb_interface *intf = to_usb_interface(dev);
850 	struct usbtmc_device_data *data = usb_get_intfdata(intf);
851 
852 	if (count < 1)
853 		return -EINVAL;
854 	data->TermChar = buf[0];
855 	return count;
856 }
857 static DEVICE_ATTR(TermChar, S_IRUGO, show_TermChar, store_TermChar);
858 
859 #define data_attribute(name)						\
860 static ssize_t show_##name(struct device *dev,				\
861 			   struct device_attribute *attr, char *buf)	\
862 {									\
863 	struct usb_interface *intf = to_usb_interface(dev);		\
864 	struct usbtmc_device_data *data = usb_get_intfdata(intf);	\
865 									\
866 	return sprintf(buf, "%d\n", data->name);			\
867 }									\
868 static ssize_t store_##name(struct device *dev,				\
869 			    struct device_attribute *attr,		\
870 			    const char *buf, size_t count)		\
871 {									\
872 	struct usb_interface *intf = to_usb_interface(dev);		\
873 	struct usbtmc_device_data *data = usb_get_intfdata(intf);	\
874 	ssize_t result;							\
875 	unsigned val;							\
876 									\
877 	result = sscanf(buf, "%u\n", &val);				\
878 	if (result != 1)						\
879 		result = -EINVAL;					\
880 	data->name = val;						\
881 	if (result < 0)							\
882 		return result;						\
883 	else								\
884 		return count;						\
885 }									\
886 static DEVICE_ATTR(name, S_IRUGO, show_##name, store_##name)
887 
888 data_attribute(TermCharEnabled);
889 data_attribute(auto_abort);
890 
891 static struct attribute *data_attrs[] = {
892 	&dev_attr_TermChar.attr,
893 	&dev_attr_TermCharEnabled.attr,
894 	&dev_attr_auto_abort.attr,
895 	NULL,
896 };
897 
898 static struct attribute_group data_attr_grp = {
899 	.attrs = data_attrs,
900 };
901 
902 static int usbtmc_ioctl_indicator_pulse(struct usbtmc_device_data *data)
903 {
904 	struct device *dev;
905 	u8 *buffer;
906 	int rv;
907 
908 	dev = &data->intf->dev;
909 
910 	buffer = kmalloc(2, GFP_KERNEL);
911 	if (!buffer)
912 		return -ENOMEM;
913 
914 	rv = usb_control_msg(data->usb_dev,
915 			     usb_rcvctrlpipe(data->usb_dev, 0),
916 			     USBTMC_REQUEST_INDICATOR_PULSE,
917 			     USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_INTERFACE,
918 			     0, 0, buffer, 0x01, USBTMC_TIMEOUT);
919 
920 	if (rv < 0) {
921 		dev_err(dev, "usb_control_msg returned %d\n", rv);
922 		goto exit;
923 	}
924 
925 	dev_dbg(dev, "INDICATOR_PULSE returned %x\n", buffer[0]);
926 
927 	if (buffer[0] != USBTMC_STATUS_SUCCESS) {
928 		dev_err(dev, "INDICATOR_PULSE returned %x\n", buffer[0]);
929 		rv = -EPERM;
930 		goto exit;
931 	}
932 	rv = 0;
933 
934 exit:
935 	kfree(buffer);
936 	return rv;
937 }
938 
939 static long usbtmc_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
940 {
941 	struct usbtmc_device_data *data;
942 	int retval = -EBADRQC;
943 
944 	data = file->private_data;
945 	mutex_lock(&data->io_mutex);
946 	if (data->zombie) {
947 		retval = -ENODEV;
948 		goto skip_io_on_zombie;
949 	}
950 
951 	switch (cmd) {
952 	case USBTMC_IOCTL_CLEAR_OUT_HALT:
953 		retval = usbtmc_ioctl_clear_out_halt(data);
954 		break;
955 
956 	case USBTMC_IOCTL_CLEAR_IN_HALT:
957 		retval = usbtmc_ioctl_clear_in_halt(data);
958 		break;
959 
960 	case USBTMC_IOCTL_INDICATOR_PULSE:
961 		retval = usbtmc_ioctl_indicator_pulse(data);
962 		break;
963 
964 	case USBTMC_IOCTL_CLEAR:
965 		retval = usbtmc_ioctl_clear(data);
966 		break;
967 
968 	case USBTMC_IOCTL_ABORT_BULK_OUT:
969 		retval = usbtmc_ioctl_abort_bulk_out(data);
970 		break;
971 
972 	case USBTMC_IOCTL_ABORT_BULK_IN:
973 		retval = usbtmc_ioctl_abort_bulk_in(data);
974 		break;
975 	}
976 
977 skip_io_on_zombie:
978 	mutex_unlock(&data->io_mutex);
979 	return retval;
980 }
981 
982 static const struct file_operations fops = {
983 	.owner		= THIS_MODULE,
984 	.read		= usbtmc_read,
985 	.write		= usbtmc_write,
986 	.open		= usbtmc_open,
987 	.release	= usbtmc_release,
988 	.unlocked_ioctl	= usbtmc_ioctl,
989 	.llseek		= default_llseek,
990 };
991 
992 static struct usb_class_driver usbtmc_class = {
993 	.name =		"usbtmc%d",
994 	.fops =		&fops,
995 	.minor_base =	USBTMC_MINOR_BASE,
996 };
997 
998 
999 static int usbtmc_probe(struct usb_interface *intf,
1000 			const struct usb_device_id *id)
1001 {
1002 	struct usbtmc_device_data *data;
1003 	struct usb_host_interface *iface_desc;
1004 	struct usb_endpoint_descriptor *endpoint;
1005 	int n;
1006 	int retcode;
1007 
1008 	dev_dbg(&intf->dev, "%s called\n", __func__);
1009 
1010 	data = kmalloc(sizeof(struct usbtmc_device_data), GFP_KERNEL);
1011 	if (!data) {
1012 		dev_err(&intf->dev, "Unable to allocate kernel memory\n");
1013 		return -ENOMEM;
1014 	}
1015 
1016 	data->intf = intf;
1017 	data->id = id;
1018 	data->usb_dev = usb_get_dev(interface_to_usbdev(intf));
1019 	usb_set_intfdata(intf, data);
1020 	kref_init(&data->kref);
1021 	mutex_init(&data->io_mutex);
1022 	data->zombie = 0;
1023 
1024 	/* Initialize USBTMC bTag and other fields */
1025 	data->bTag	= 1;
1026 	data->TermCharEnabled = 0;
1027 	data->TermChar = '\n';
1028 
1029 	/* USBTMC devices have only one setting, so use that */
1030 	iface_desc = data->intf->cur_altsetting;
1031 
1032 	/* Find bulk in endpoint */
1033 	for (n = 0; n < iface_desc->desc.bNumEndpoints; n++) {
1034 		endpoint = &iface_desc->endpoint[n].desc;
1035 
1036 		if (usb_endpoint_is_bulk_in(endpoint)) {
1037 			data->bulk_in = endpoint->bEndpointAddress;
1038 			dev_dbg(&intf->dev, "Found bulk in endpoint at %u\n",
1039 				data->bulk_in);
1040 			break;
1041 		}
1042 	}
1043 
1044 	/* Find bulk out endpoint */
1045 	for (n = 0; n < iface_desc->desc.bNumEndpoints; n++) {
1046 		endpoint = &iface_desc->endpoint[n].desc;
1047 
1048 		if (usb_endpoint_is_bulk_out(endpoint)) {
1049 			data->bulk_out = endpoint->bEndpointAddress;
1050 			dev_dbg(&intf->dev, "Found Bulk out endpoint at %u\n",
1051 				data->bulk_out);
1052 			break;
1053 		}
1054 	}
1055 
1056 	retcode = get_capabilities(data);
1057 	if (retcode)
1058 		dev_err(&intf->dev, "can't read capabilities\n");
1059 	else
1060 		retcode = sysfs_create_group(&intf->dev.kobj,
1061 					     &capability_attr_grp);
1062 
1063 	retcode = sysfs_create_group(&intf->dev.kobj, &data_attr_grp);
1064 
1065 	retcode = usb_register_dev(intf, &usbtmc_class);
1066 	if (retcode) {
1067 		dev_err(&intf->dev, "Not able to get a minor"
1068 			" (base %u, slice default): %d\n", USBTMC_MINOR_BASE,
1069 			retcode);
1070 		goto error_register;
1071 	}
1072 	dev_dbg(&intf->dev, "Using minor number %d\n", intf->minor);
1073 
1074 	return 0;
1075 
1076 error_register:
1077 	sysfs_remove_group(&intf->dev.kobj, &capability_attr_grp);
1078 	sysfs_remove_group(&intf->dev.kobj, &data_attr_grp);
1079 	kref_put(&data->kref, usbtmc_delete);
1080 	return retcode;
1081 }
1082 
1083 static void usbtmc_disconnect(struct usb_interface *intf)
1084 {
1085 	struct usbtmc_device_data *data;
1086 
1087 	dev_dbg(&intf->dev, "usbtmc_disconnect called\n");
1088 
1089 	data = usb_get_intfdata(intf);
1090 	usb_deregister_dev(intf, &usbtmc_class);
1091 	sysfs_remove_group(&intf->dev.kobj, &capability_attr_grp);
1092 	sysfs_remove_group(&intf->dev.kobj, &data_attr_grp);
1093 	mutex_lock(&data->io_mutex);
1094 	data->zombie = 1;
1095 	mutex_unlock(&data->io_mutex);
1096 	kref_put(&data->kref, usbtmc_delete);
1097 }
1098 
1099 static int usbtmc_suspend(struct usb_interface *intf, pm_message_t message)
1100 {
1101 	/* this driver does not have pending URBs */
1102 	return 0;
1103 }
1104 
1105 static int usbtmc_resume(struct usb_interface *intf)
1106 {
1107 	return 0;
1108 }
1109 
1110 static struct usb_driver usbtmc_driver = {
1111 	.name		= "usbtmc",
1112 	.id_table	= usbtmc_devices,
1113 	.probe		= usbtmc_probe,
1114 	.disconnect	= usbtmc_disconnect,
1115 	.suspend	= usbtmc_suspend,
1116 	.resume		= usbtmc_resume,
1117 };
1118 
1119 module_usb_driver(usbtmc_driver);
1120 
1121 MODULE_LICENSE("GPL");
1122