1 // SPDX-License-Identifier: GPL-2.0+ 2 /* 3 * Copyright (C) 2003-2008 Takahiro Hirofuchi 4 */ 5 6 #include <linux/device.h> 7 #include <linux/file.h> 8 #include <linux/kthread.h> 9 #include <linux/module.h> 10 11 #include "usbip_common.h" 12 #include "stub.h" 13 14 /* 15 * usbip_status shows the status of usbip-host as long as this driver is bound 16 * to the target device. 17 */ 18 static ssize_t usbip_status_show(struct device *dev, 19 struct device_attribute *attr, char *buf) 20 { 21 struct stub_device *sdev = dev_get_drvdata(dev); 22 int status; 23 24 if (!sdev) { 25 dev_err(dev, "sdev is null\n"); 26 return -ENODEV; 27 } 28 29 spin_lock_irq(&sdev->ud.lock); 30 status = sdev->ud.status; 31 spin_unlock_irq(&sdev->ud.lock); 32 33 return snprintf(buf, PAGE_SIZE, "%d\n", status); 34 } 35 static DEVICE_ATTR_RO(usbip_status); 36 37 /* 38 * usbip_sockfd gets a socket descriptor of an established TCP connection that 39 * is used to transfer usbip requests by kernel threads. -1 is a magic number 40 * by which usbip connection is finished. 41 */ 42 static ssize_t usbip_sockfd_store(struct device *dev, struct device_attribute *attr, 43 const char *buf, size_t count) 44 { 45 struct stub_device *sdev = dev_get_drvdata(dev); 46 int sockfd = 0; 47 struct socket *socket; 48 int rv; 49 50 if (!sdev) { 51 dev_err(dev, "sdev is null\n"); 52 return -ENODEV; 53 } 54 55 rv = sscanf(buf, "%d", &sockfd); 56 if (rv != 1) 57 return -EINVAL; 58 59 if (sockfd != -1) { 60 int err; 61 62 dev_info(dev, "stub up\n"); 63 64 spin_lock_irq(&sdev->ud.lock); 65 66 if (sdev->ud.status != SDEV_ST_AVAILABLE) { 67 dev_err(dev, "not ready\n"); 68 goto err; 69 } 70 71 socket = sockfd_lookup(sockfd, &err); 72 if (!socket) 73 goto err; 74 75 sdev->ud.tcp_socket = socket; 76 sdev->ud.sockfd = sockfd; 77 78 spin_unlock_irq(&sdev->ud.lock); 79 80 sdev->ud.tcp_rx = kthread_get_run(stub_rx_loop, &sdev->ud, 81 "stub_rx"); 82 sdev->ud.tcp_tx = kthread_get_run(stub_tx_loop, &sdev->ud, 83 "stub_tx"); 84 85 spin_lock_irq(&sdev->ud.lock); 86 sdev->ud.status = SDEV_ST_USED; 87 spin_unlock_irq(&sdev->ud.lock); 88 89 } else { 90 dev_info(dev, "stub down\n"); 91 92 spin_lock_irq(&sdev->ud.lock); 93 if (sdev->ud.status != SDEV_ST_USED) 94 goto err; 95 96 spin_unlock_irq(&sdev->ud.lock); 97 98 usbip_event_add(&sdev->ud, SDEV_EVENT_DOWN); 99 } 100 101 return count; 102 103 err: 104 spin_unlock_irq(&sdev->ud.lock); 105 return -EINVAL; 106 } 107 static DEVICE_ATTR_WO(usbip_sockfd); 108 109 static int stub_add_files(struct device *dev) 110 { 111 int err = 0; 112 113 err = device_create_file(dev, &dev_attr_usbip_status); 114 if (err) 115 goto err_status; 116 117 err = device_create_file(dev, &dev_attr_usbip_sockfd); 118 if (err) 119 goto err_sockfd; 120 121 err = device_create_file(dev, &dev_attr_usbip_debug); 122 if (err) 123 goto err_debug; 124 125 return 0; 126 127 err_debug: 128 device_remove_file(dev, &dev_attr_usbip_sockfd); 129 err_sockfd: 130 device_remove_file(dev, &dev_attr_usbip_status); 131 err_status: 132 return err; 133 } 134 135 static void stub_remove_files(struct device *dev) 136 { 137 device_remove_file(dev, &dev_attr_usbip_status); 138 device_remove_file(dev, &dev_attr_usbip_sockfd); 139 device_remove_file(dev, &dev_attr_usbip_debug); 140 } 141 142 static void stub_shutdown_connection(struct usbip_device *ud) 143 { 144 struct stub_device *sdev = container_of(ud, struct stub_device, ud); 145 146 /* 147 * When removing an exported device, kernel panic sometimes occurred 148 * and then EIP was sk_wait_data of stub_rx thread. Is this because 149 * sk_wait_data returned though stub_rx thread was already finished by 150 * step 1? 151 */ 152 if (ud->tcp_socket) { 153 dev_dbg(&sdev->udev->dev, "shutdown sockfd %d\n", ud->sockfd); 154 kernel_sock_shutdown(ud->tcp_socket, SHUT_RDWR); 155 } 156 157 /* 1. stop threads */ 158 if (ud->tcp_rx) { 159 kthread_stop_put(ud->tcp_rx); 160 ud->tcp_rx = NULL; 161 } 162 if (ud->tcp_tx) { 163 kthread_stop_put(ud->tcp_tx); 164 ud->tcp_tx = NULL; 165 } 166 167 /* 168 * 2. close the socket 169 * 170 * tcp_socket is freed after threads are killed so that usbip_xmit does 171 * not touch NULL socket. 172 */ 173 if (ud->tcp_socket) { 174 sockfd_put(ud->tcp_socket); 175 ud->tcp_socket = NULL; 176 ud->sockfd = -1; 177 } 178 179 /* 3. free used data */ 180 stub_device_cleanup_urbs(sdev); 181 182 /* 4. free stub_unlink */ 183 { 184 unsigned long flags; 185 struct stub_unlink *unlink, *tmp; 186 187 spin_lock_irqsave(&sdev->priv_lock, flags); 188 list_for_each_entry_safe(unlink, tmp, &sdev->unlink_tx, list) { 189 list_del(&unlink->list); 190 kfree(unlink); 191 } 192 list_for_each_entry_safe(unlink, tmp, &sdev->unlink_free, 193 list) { 194 list_del(&unlink->list); 195 kfree(unlink); 196 } 197 spin_unlock_irqrestore(&sdev->priv_lock, flags); 198 } 199 } 200 201 static void stub_device_reset(struct usbip_device *ud) 202 { 203 struct stub_device *sdev = container_of(ud, struct stub_device, ud); 204 struct usb_device *udev = sdev->udev; 205 int ret; 206 207 dev_dbg(&udev->dev, "device reset"); 208 209 ret = usb_lock_device_for_reset(udev, NULL); 210 if (ret < 0) { 211 dev_err(&udev->dev, "lock for reset\n"); 212 spin_lock_irq(&ud->lock); 213 ud->status = SDEV_ST_ERROR; 214 spin_unlock_irq(&ud->lock); 215 return; 216 } 217 218 /* try to reset the device */ 219 ret = usb_reset_device(udev); 220 usb_unlock_device(udev); 221 222 spin_lock_irq(&ud->lock); 223 if (ret) { 224 dev_err(&udev->dev, "device reset\n"); 225 ud->status = SDEV_ST_ERROR; 226 } else { 227 dev_info(&udev->dev, "device reset\n"); 228 ud->status = SDEV_ST_AVAILABLE; 229 } 230 spin_unlock_irq(&ud->lock); 231 } 232 233 static void stub_device_unusable(struct usbip_device *ud) 234 { 235 spin_lock_irq(&ud->lock); 236 ud->status = SDEV_ST_ERROR; 237 spin_unlock_irq(&ud->lock); 238 } 239 240 /** 241 * stub_device_alloc - allocate a new stub_device struct 242 * @udev: usb_device of a new device 243 * 244 * Allocates and initializes a new stub_device struct. 245 */ 246 static struct stub_device *stub_device_alloc(struct usb_device *udev) 247 { 248 struct stub_device *sdev; 249 int busnum = udev->bus->busnum; 250 int devnum = udev->devnum; 251 252 dev_dbg(&udev->dev, "allocating stub device"); 253 254 /* yes, it's a new device */ 255 sdev = kzalloc(sizeof(struct stub_device), GFP_KERNEL); 256 if (!sdev) 257 return NULL; 258 259 sdev->udev = usb_get_dev(udev); 260 261 /* 262 * devid is defined with devnum when this driver is first allocated. 263 * devnum may change later if a device is reset. However, devid never 264 * changes during a usbip connection. 265 */ 266 sdev->devid = (busnum << 16) | devnum; 267 sdev->ud.side = USBIP_STUB; 268 sdev->ud.status = SDEV_ST_AVAILABLE; 269 spin_lock_init(&sdev->ud.lock); 270 sdev->ud.tcp_socket = NULL; 271 sdev->ud.sockfd = -1; 272 273 INIT_LIST_HEAD(&sdev->priv_init); 274 INIT_LIST_HEAD(&sdev->priv_tx); 275 INIT_LIST_HEAD(&sdev->priv_free); 276 INIT_LIST_HEAD(&sdev->unlink_free); 277 INIT_LIST_HEAD(&sdev->unlink_tx); 278 spin_lock_init(&sdev->priv_lock); 279 280 init_waitqueue_head(&sdev->tx_waitq); 281 282 sdev->ud.eh_ops.shutdown = stub_shutdown_connection; 283 sdev->ud.eh_ops.reset = stub_device_reset; 284 sdev->ud.eh_ops.unusable = stub_device_unusable; 285 286 usbip_start_eh(&sdev->ud); 287 288 dev_dbg(&udev->dev, "register new device\n"); 289 290 return sdev; 291 } 292 293 static void stub_device_free(struct stub_device *sdev) 294 { 295 kfree(sdev); 296 } 297 298 static int stub_probe(struct usb_device *udev) 299 { 300 struct stub_device *sdev = NULL; 301 const char *udev_busid = dev_name(&udev->dev); 302 struct bus_id_priv *busid_priv; 303 int rc = 0; 304 char save_status; 305 306 dev_dbg(&udev->dev, "Enter probe\n"); 307 308 /* Not sure if this is our device. Allocate here to avoid 309 * calling alloc while holding busid_table lock. 310 */ 311 sdev = stub_device_alloc(udev); 312 if (!sdev) 313 return -ENOMEM; 314 315 /* check we should claim or not by busid_table */ 316 busid_priv = get_busid_priv(udev_busid); 317 if (!busid_priv || (busid_priv->status == STUB_BUSID_REMOV) || 318 (busid_priv->status == STUB_BUSID_OTHER)) { 319 dev_info(&udev->dev, 320 "%s is not in match_busid table... skip!\n", 321 udev_busid); 322 323 /* 324 * Return value should be ENODEV or ENOXIO to continue trying 325 * other matched drivers by the driver core. 326 * See driver_probe_device() in driver/base/dd.c 327 */ 328 rc = -ENODEV; 329 if (!busid_priv) 330 goto sdev_free; 331 332 goto call_put_busid_priv; 333 } 334 335 if (udev->descriptor.bDeviceClass == USB_CLASS_HUB) { 336 dev_dbg(&udev->dev, "%s is a usb hub device... skip!\n", 337 udev_busid); 338 rc = -ENODEV; 339 goto call_put_busid_priv; 340 } 341 342 if (!strcmp(udev->bus->bus_name, "vhci_hcd")) { 343 dev_dbg(&udev->dev, 344 "%s is attached on vhci_hcd... skip!\n", 345 udev_busid); 346 347 rc = -ENODEV; 348 goto call_put_busid_priv; 349 } 350 351 352 dev_info(&udev->dev, 353 "usbip-host: register new device (bus %u dev %u)\n", 354 udev->bus->busnum, udev->devnum); 355 356 busid_priv->shutdown_busid = 0; 357 358 /* set private data to usb_device */ 359 dev_set_drvdata(&udev->dev, sdev); 360 361 busid_priv->sdev = sdev; 362 busid_priv->udev = udev; 363 364 save_status = busid_priv->status; 365 busid_priv->status = STUB_BUSID_ALLOC; 366 367 /* release the busid_lock */ 368 put_busid_priv(busid_priv); 369 370 /* 371 * Claim this hub port. 372 * It doesn't matter what value we pass as owner 373 * (struct dev_state) as long as it is unique. 374 */ 375 rc = usb_hub_claim_port(udev->parent, udev->portnum, 376 (struct usb_dev_state *) udev); 377 if (rc) { 378 dev_dbg(&udev->dev, "unable to claim port\n"); 379 goto err_port; 380 } 381 382 rc = stub_add_files(&udev->dev); 383 if (rc) { 384 dev_err(&udev->dev, "stub_add_files for %s\n", udev_busid); 385 goto err_files; 386 } 387 388 return 0; 389 390 err_files: 391 usb_hub_release_port(udev->parent, udev->portnum, 392 (struct usb_dev_state *) udev); 393 err_port: 394 dev_set_drvdata(&udev->dev, NULL); 395 usb_put_dev(udev); 396 397 /* we already have busid_priv, just lock busid_lock */ 398 spin_lock(&busid_priv->busid_lock); 399 busid_priv->sdev = NULL; 400 busid_priv->status = save_status; 401 spin_unlock(&busid_priv->busid_lock); 402 /* lock is released - go to free */ 403 goto sdev_free; 404 405 call_put_busid_priv: 406 /* release the busid_lock */ 407 put_busid_priv(busid_priv); 408 409 sdev_free: 410 stub_device_free(sdev); 411 412 return rc; 413 } 414 415 static void shutdown_busid(struct bus_id_priv *busid_priv) 416 { 417 usbip_event_add(&busid_priv->sdev->ud, SDEV_EVENT_REMOVED); 418 419 /* wait for the stop of the event handler */ 420 usbip_stop_eh(&busid_priv->sdev->ud); 421 } 422 423 /* 424 * called in usb_disconnect() or usb_deregister() 425 * but only if actconfig(active configuration) exists 426 */ 427 static void stub_disconnect(struct usb_device *udev) 428 { 429 struct stub_device *sdev; 430 const char *udev_busid = dev_name(&udev->dev); 431 struct bus_id_priv *busid_priv; 432 int rc; 433 434 dev_dbg(&udev->dev, "Enter disconnect\n"); 435 436 busid_priv = get_busid_priv(udev_busid); 437 if (!busid_priv) { 438 BUG(); 439 return; 440 } 441 442 sdev = dev_get_drvdata(&udev->dev); 443 444 /* get stub_device */ 445 if (!sdev) { 446 dev_err(&udev->dev, "could not get device"); 447 /* release busid_lock */ 448 put_busid_priv(busid_priv); 449 return; 450 } 451 452 dev_set_drvdata(&udev->dev, NULL); 453 454 /* release busid_lock before call to remove device files */ 455 put_busid_priv(busid_priv); 456 457 /* 458 * NOTE: rx/tx threads are invoked for each usb_device. 459 */ 460 stub_remove_files(&udev->dev); 461 462 /* release port */ 463 rc = usb_hub_release_port(udev->parent, udev->portnum, 464 (struct usb_dev_state *) udev); 465 if (rc) { 466 dev_dbg(&udev->dev, "unable to release port\n"); 467 return; 468 } 469 470 /* If usb reset is called from event handler */ 471 if (usbip_in_eh(current)) 472 return; 473 474 /* we already have busid_priv, just lock busid_lock */ 475 spin_lock(&busid_priv->busid_lock); 476 if (!busid_priv->shutdown_busid) 477 busid_priv->shutdown_busid = 1; 478 /* release busid_lock */ 479 spin_unlock(&busid_priv->busid_lock); 480 481 /* shutdown the current connection */ 482 shutdown_busid(busid_priv); 483 484 usb_put_dev(sdev->udev); 485 486 /* we already have busid_priv, just lock busid_lock */ 487 spin_lock(&busid_priv->busid_lock); 488 /* free sdev */ 489 busid_priv->sdev = NULL; 490 stub_device_free(sdev); 491 492 if (busid_priv->status == STUB_BUSID_ALLOC) 493 busid_priv->status = STUB_BUSID_ADDED; 494 /* release busid_lock */ 495 spin_unlock(&busid_priv->busid_lock); 496 return; 497 } 498 499 #ifdef CONFIG_PM 500 501 /* These functions need usb_port_suspend and usb_port_resume, 502 * which reside in drivers/usb/core/usb.h. Skip for now. */ 503 504 static int stub_suspend(struct usb_device *udev, pm_message_t message) 505 { 506 dev_dbg(&udev->dev, "stub_suspend\n"); 507 508 return 0; 509 } 510 511 static int stub_resume(struct usb_device *udev, pm_message_t message) 512 { 513 dev_dbg(&udev->dev, "stub_resume\n"); 514 515 return 0; 516 } 517 518 #endif /* CONFIG_PM */ 519 520 struct usb_device_driver stub_driver = { 521 .name = "usbip-host", 522 .probe = stub_probe, 523 .disconnect = stub_disconnect, 524 #ifdef CONFIG_PM 525 .suspend = stub_suspend, 526 .resume = stub_resume, 527 #endif 528 .supports_autosuspend = 0, 529 }; 530