xref: /openbmc/linux/drivers/usb/usbip/stub_tx.c (revision bbecb07f) 
1 // SPDX-License-Identifier: GPL-2.0+
2 /*
3  * Copyright (C) 2003-2008 Takahiro Hirofuchi
4  */
5 
6 #include <linux/kthread.h>
7 #include <linux/socket.h>
8 
9 #include "usbip_common.h"
10 #include "stub.h"
11 
12 static void stub_free_priv_and_urb(struct stub_priv *priv)
13 {
14 	struct urb *urb = priv->urb;
15 
16 	kfree(urb->setup_packet);
17 	urb->setup_packet = NULL;
18 
19 	kfree(urb->transfer_buffer);
20 	urb->transfer_buffer = NULL;
21 
22 	list_del(&priv->list);
23 	kmem_cache_free(stub_priv_cache, priv);
24 	usb_free_urb(urb);
25 }
26 
27 /* be in spin_lock_irqsave(&sdev->priv_lock, flags) */
28 void stub_enqueue_ret_unlink(struct stub_device *sdev, __u32 seqnum,
29 			     __u32 status)
30 {
31 	struct stub_unlink *unlink;
32 
33 	unlink = kzalloc(sizeof(struct stub_unlink), GFP_ATOMIC);
34 	if (!unlink) {
35 		usbip_event_add(&sdev->ud, VDEV_EVENT_ERROR_MALLOC);
36 		return;
37 	}
38 
39 	unlink->seqnum = seqnum;
40 	unlink->status = status;
41 
42 	list_add_tail(&unlink->list, &sdev->unlink_tx);
43 }
44 
45 /**
46  * stub_complete - completion handler of a usbip urb
47  * @urb: pointer to the urb completed
48  *
49  * When a urb has completed, the USB core driver calls this function mostly in
50  * the interrupt context. To return the result of a urb, the completed urb is
51  * linked to the pending list of returning.
52  *
53  */
54 void stub_complete(struct urb *urb)
55 {
56 	struct stub_priv *priv = (struct stub_priv *) urb->context;
57 	struct stub_device *sdev = priv->sdev;
58 	unsigned long flags;
59 
60 	usbip_dbg_stub_tx("complete! status %d\n", urb->status);
61 
62 	switch (urb->status) {
63 	case 0:
64 		/* OK */
65 		break;
66 	case -ENOENT:
67 		dev_info(&urb->dev->dev,
68 			 "stopped by a call to usb_kill_urb() because of cleaning up a virtual connection\n");
69 		return;
70 	case -ECONNRESET:
71 		dev_info(&urb->dev->dev,
72 			 "unlinked by a call to usb_unlink_urb()\n");
73 		break;
74 	case -EPIPE:
75 		dev_info(&urb->dev->dev, "endpoint %d is stalled\n",
76 			 usb_pipeendpoint(urb->pipe));
77 		break;
78 	case -ESHUTDOWN:
79 		dev_info(&urb->dev->dev, "device removed?\n");
80 		break;
81 	default:
82 		dev_info(&urb->dev->dev,
83 			 "urb completion with non-zero status %d\n",
84 			 urb->status);
85 		break;
86 	}
87 
88 	/* link a urb to the queue of tx. */
89 	spin_lock_irqsave(&sdev->priv_lock, flags);
90 	if (sdev->ud.tcp_socket == NULL) {
91 		usbip_dbg_stub_tx("ignore urb for closed connection %p", urb);
92 		/* It will be freed in stub_device_cleanup_urbs(). */
93 	} else if (priv->unlinking) {
94 		stub_enqueue_ret_unlink(sdev, priv->seqnum, urb->status);
95 		stub_free_priv_and_urb(priv);
96 	} else {
97 		list_move_tail(&priv->list, &sdev->priv_tx);
98 	}
99 	spin_unlock_irqrestore(&sdev->priv_lock, flags);
100 
101 	/* wake up tx_thread */
102 	wake_up(&sdev->tx_waitq);
103 }
104 
105 static inline void setup_base_pdu(struct usbip_header_basic *base,
106 				  __u32 command, __u32 seqnum)
107 {
108 	base->command	= command;
109 	base->seqnum	= seqnum;
110 	base->devid	= 0;
111 	base->ep	= 0;
112 	base->direction = 0;
113 }
114 
115 static void setup_ret_submit_pdu(struct usbip_header *rpdu, struct urb *urb)
116 {
117 	struct stub_priv *priv = (struct stub_priv *) urb->context;
118 
119 	setup_base_pdu(&rpdu->base, USBIP_RET_SUBMIT, priv->seqnum);
120 	usbip_pack_pdu(rpdu, urb, USBIP_RET_SUBMIT, 1);
121 }
122 
123 static void setup_ret_unlink_pdu(struct usbip_header *rpdu,
124 				 struct stub_unlink *unlink)
125 {
126 	setup_base_pdu(&rpdu->base, USBIP_RET_UNLINK, unlink->seqnum);
127 	rpdu->u.ret_unlink.status = unlink->status;
128 }
129 
130 static struct stub_priv *dequeue_from_priv_tx(struct stub_device *sdev)
131 {
132 	unsigned long flags;
133 	struct stub_priv *priv, *tmp;
134 
135 	spin_lock_irqsave(&sdev->priv_lock, flags);
136 
137 	list_for_each_entry_safe(priv, tmp, &sdev->priv_tx, list) {
138 		list_move_tail(&priv->list, &sdev->priv_free);
139 		spin_unlock_irqrestore(&sdev->priv_lock, flags);
140 		return priv;
141 	}
142 
143 	spin_unlock_irqrestore(&sdev->priv_lock, flags);
144 
145 	return NULL;
146 }
147 
148 static int stub_send_ret_submit(struct stub_device *sdev)
149 {
150 	unsigned long flags;
151 	struct stub_priv *priv, *tmp;
152 
153 	struct msghdr msg;
154 	size_t txsize;
155 
156 	size_t total_size = 0;
157 
158 	while ((priv = dequeue_from_priv_tx(sdev)) != NULL) {
159 		int ret;
160 		struct urb *urb = priv->urb;
161 		struct usbip_header pdu_header;
162 		struct usbip_iso_packet_descriptor *iso_buffer = NULL;
163 		struct kvec *iov = NULL;
164 		int iovnum = 0;
165 
166 		txsize = 0;
167 		memset(&pdu_header, 0, sizeof(pdu_header));
168 		memset(&msg, 0, sizeof(msg));
169 
170 		if (usb_pipetype(urb->pipe) == PIPE_ISOCHRONOUS)
171 			iovnum = 2 + urb->number_of_packets;
172 		else
173 			iovnum = 2;
174 
175 		iov = kcalloc(iovnum, sizeof(struct kvec), GFP_KERNEL);
176 
177 		if (!iov) {
178 			usbip_event_add(&sdev->ud, SDEV_EVENT_ERROR_MALLOC);
179 			return -1;
180 		}
181 
182 		iovnum = 0;
183 
184 		/* 1. setup usbip_header */
185 		setup_ret_submit_pdu(&pdu_header, urb);
186 		usbip_dbg_stub_tx("setup txdata seqnum: %d urb: %p\n",
187 				  pdu_header.base.seqnum, urb);
188 		usbip_header_correct_endian(&pdu_header, 1);
189 
190 		iov[iovnum].iov_base = &pdu_header;
191 		iov[iovnum].iov_len  = sizeof(pdu_header);
192 		iovnum++;
193 		txsize += sizeof(pdu_header);
194 
195 		/* 2. setup transfer buffer */
196 		if (usb_pipein(urb->pipe) &&
197 		    usb_pipetype(urb->pipe) != PIPE_ISOCHRONOUS &&
198 		    urb->actual_length > 0) {
199 			iov[iovnum].iov_base = urb->transfer_buffer;
200 			iov[iovnum].iov_len  = urb->actual_length;
201 			iovnum++;
202 			txsize += urb->actual_length;
203 		} else if (usb_pipein(urb->pipe) &&
204 			   usb_pipetype(urb->pipe) == PIPE_ISOCHRONOUS) {
205 			/*
206 			 * For isochronous packets: actual length is the sum of
207 			 * the actual length of the individual, packets, but as
208 			 * the packet offsets are not changed there will be
209 			 * padding between the packets. To optimally use the
210 			 * bandwidth the padding is not transmitted.
211 			 */
212 
213 			int i;
214 
215 			for (i = 0; i < urb->number_of_packets; i++) {
216 				iov[iovnum].iov_base = urb->transfer_buffer +
217 					urb->iso_frame_desc[i].offset;
218 				iov[iovnum].iov_len =
219 					urb->iso_frame_desc[i].actual_length;
220 				iovnum++;
221 				txsize += urb->iso_frame_desc[i].actual_length;
222 			}
223 
224 			if (txsize != sizeof(pdu_header) + urb->actual_length) {
225 				dev_err(&sdev->udev->dev,
226 					"actual length of urb %d does not match iso packet sizes %zu\n",
227 					urb->actual_length,
228 					txsize-sizeof(pdu_header));
229 				kfree(iov);
230 				usbip_event_add(&sdev->ud,
231 						SDEV_EVENT_ERROR_TCP);
232 			   return -1;
233 			}
234 		}
235 
236 		/* 3. setup iso_packet_descriptor */
237 		if (usb_pipetype(urb->pipe) == PIPE_ISOCHRONOUS) {
238 			ssize_t len = 0;
239 
240 			iso_buffer = usbip_alloc_iso_desc_pdu(urb, &len);
241 			if (!iso_buffer) {
242 				usbip_event_add(&sdev->ud,
243 						SDEV_EVENT_ERROR_MALLOC);
244 				kfree(iov);
245 				return -1;
246 			}
247 
248 			iov[iovnum].iov_base = iso_buffer;
249 			iov[iovnum].iov_len  = len;
250 			txsize += len;
251 			iovnum++;
252 		}
253 
254 		ret = kernel_sendmsg(sdev->ud.tcp_socket, &msg,
255 						iov,  iovnum, txsize);
256 		if (ret != txsize) {
257 			dev_err(&sdev->udev->dev,
258 				"sendmsg failed!, retval %d for %zd\n",
259 				ret, txsize);
260 			kfree(iov);
261 			kfree(iso_buffer);
262 			usbip_event_add(&sdev->ud, SDEV_EVENT_ERROR_TCP);
263 			return -1;
264 		}
265 
266 		kfree(iov);
267 		kfree(iso_buffer);
268 
269 		total_size += txsize;
270 	}
271 
272 	spin_lock_irqsave(&sdev->priv_lock, flags);
273 	list_for_each_entry_safe(priv, tmp, &sdev->priv_free, list) {
274 		stub_free_priv_and_urb(priv);
275 	}
276 	spin_unlock_irqrestore(&sdev->priv_lock, flags);
277 
278 	return total_size;
279 }
280 
281 static struct stub_unlink *dequeue_from_unlink_tx(struct stub_device *sdev)
282 {
283 	unsigned long flags;
284 	struct stub_unlink *unlink, *tmp;
285 
286 	spin_lock_irqsave(&sdev->priv_lock, flags);
287 
288 	list_for_each_entry_safe(unlink, tmp, &sdev->unlink_tx, list) {
289 		list_move_tail(&unlink->list, &sdev->unlink_free);
290 		spin_unlock_irqrestore(&sdev->priv_lock, flags);
291 		return unlink;
292 	}
293 
294 	spin_unlock_irqrestore(&sdev->priv_lock, flags);
295 
296 	return NULL;
297 }
298 
299 static int stub_send_ret_unlink(struct stub_device *sdev)
300 {
301 	unsigned long flags;
302 	struct stub_unlink *unlink, *tmp;
303 
304 	struct msghdr msg;
305 	struct kvec iov[1];
306 	size_t txsize;
307 
308 	size_t total_size = 0;
309 
310 	while ((unlink = dequeue_from_unlink_tx(sdev)) != NULL) {
311 		int ret;
312 		struct usbip_header pdu_header;
313 
314 		txsize = 0;
315 		memset(&pdu_header, 0, sizeof(pdu_header));
316 		memset(&msg, 0, sizeof(msg));
317 		memset(&iov, 0, sizeof(iov));
318 
319 		usbip_dbg_stub_tx("setup ret unlink %lu\n", unlink->seqnum);
320 
321 		/* 1. setup usbip_header */
322 		setup_ret_unlink_pdu(&pdu_header, unlink);
323 		usbip_header_correct_endian(&pdu_header, 1);
324 
325 		iov[0].iov_base = &pdu_header;
326 		iov[0].iov_len  = sizeof(pdu_header);
327 		txsize += sizeof(pdu_header);
328 
329 		ret = kernel_sendmsg(sdev->ud.tcp_socket, &msg, iov,
330 				     1, txsize);
331 		if (ret != txsize) {
332 			dev_err(&sdev->udev->dev,
333 				"sendmsg failed!, retval %d for %zd\n",
334 				ret, txsize);
335 			usbip_event_add(&sdev->ud, SDEV_EVENT_ERROR_TCP);
336 			return -1;
337 		}
338 
339 		usbip_dbg_stub_tx("send txdata\n");
340 		total_size += txsize;
341 	}
342 
343 	spin_lock_irqsave(&sdev->priv_lock, flags);
344 
345 	list_for_each_entry_safe(unlink, tmp, &sdev->unlink_free, list) {
346 		list_del(&unlink->list);
347 		kfree(unlink);
348 	}
349 
350 	spin_unlock_irqrestore(&sdev->priv_lock, flags);
351 
352 	return total_size;
353 }
354 
355 int stub_tx_loop(void *data)
356 {
357 	struct usbip_device *ud = data;
358 	struct stub_device *sdev = container_of(ud, struct stub_device, ud);
359 
360 	while (!kthread_should_stop()) {
361 		if (usbip_event_happened(ud))
362 			break;
363 
364 		/*
365 		 * send_ret_submit comes earlier than send_ret_unlink.  stub_rx
366 		 * looks at only priv_init queue. If the completion of a URB is
367 		 * earlier than the receive of CMD_UNLINK, priv is moved to
368 		 * priv_tx queue and stub_rx does not find the target priv. In
369 		 * this case, vhci_rx receives the result of the submit request
370 		 * and then receives the result of the unlink request. The
371 		 * result of the submit is given back to the usbcore as the
372 		 * completion of the unlink request. The request of the
373 		 * unlink is ignored. This is ok because a driver who calls
374 		 * usb_unlink_urb() understands the unlink was too late by
375 		 * getting the status of the given-backed URB which has the
376 		 * status of usb_submit_urb().
377 		 */
378 		if (stub_send_ret_submit(sdev) < 0)
379 			break;
380 
381 		if (stub_send_ret_unlink(sdev) < 0)
382 			break;
383 
384 		wait_event_interruptible(sdev->tx_waitq,
385 					 (!list_empty(&sdev->priv_tx) ||
386 					  !list_empty(&sdev->unlink_tx) ||
387 					  kthread_should_stop()));
388 	}
389 
390 	return 0;
391 }
392