xref: /freebsd/sys/dev/usb/usb_dev.c (revision ef9ffb8594eee294334ced627755bf5b46b48f9f)
1 /*-
2  * SPDX-License-Identifier: BSD-2-Clause
3  *
4  * Copyright (c) 2006-2023 Hans Petter Selasky
5  *
6  * Redistribution and use in source and binary forms, with or without
7  * modification, are permitted provided that the following conditions
8  * are met:
9  * 1. Redistributions of source code must retain the above copyright
10  *    notice, this list of conditions and the following disclaimer.
11  * 2. Redistributions in binary form must reproduce the above copyright
12  *    notice, this list of conditions and the following disclaimer in the
13  *    documentation and/or other materials provided with the distribution.
14  *
15  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
16  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
17  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
18  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
19  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
20  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
21  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
22  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
23  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
24  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
25  * SUCH DAMAGE.
26  *
27  *
28  * usb_dev.c - An abstraction layer for creating devices under /dev/...
29  */
30 
31 #ifdef USB_GLOBAL_INCLUDE_FILE
32 #include USB_GLOBAL_INCLUDE_FILE
33 #else
34 #ifdef COMPAT_FREEBSD32
35 #include <sys/abi_compat.h>
36 #endif
37 #include <sys/stdint.h>
38 #include <sys/stddef.h>
39 #include <sys/param.h>
40 #include <sys/queue.h>
41 #include <sys/types.h>
42 #include <sys/systm.h>
43 #include <sys/kernel.h>
44 #include <sys/bus.h>
45 #include <sys/module.h>
46 #include <sys/lock.h>
47 #include <sys/mutex.h>
48 #include <sys/condvar.h>
49 #include <sys/sysctl.h>
50 #include <sys/sx.h>
51 #include <sys/unistd.h>
52 #include <sys/callout.h>
53 #include <sys/malloc.h>
54 #include <sys/priv.h>
55 #include <sys/vnode.h>
56 #include <sys/conf.h>
57 #include <sys/fcntl.h>
58 
59 #include <dev/usb/usb.h>
60 #include <dev/usb/usb_ioctl.h>
61 #include <dev/usb/usbdi.h>
62 #include <dev/usb/usbdi_util.h>
63 
64 #define	USB_DEBUG_VAR usb_fifo_debug
65 
66 #include <dev/usb/usb_core.h>
67 #include <dev/usb/usb_dev.h>
68 #include <dev/usb/usb_mbuf.h>
69 #include <dev/usb/usb_process.h>
70 #include <dev/usb/usb_device.h>
71 #include <dev/usb/usb_debug.h>
72 #include <dev/usb/usb_busdma.h>
73 #include <dev/usb/usb_generic.h>
74 #include <dev/usb/usb_dynamic.h>
75 #include <dev/usb/usb_util.h>
76 
77 #include <dev/usb/usb_controller.h>
78 #include <dev/usb/usb_bus.h>
79 
80 #include <sys/filio.h>
81 #include <sys/ttycom.h>
82 #include <sys/syscallsubr.h>
83 
84 #include <machine/stdarg.h>
85 #endif			/* USB_GLOBAL_INCLUDE_FILE */
86 
87 #if USB_HAVE_UGEN
88 
89 #ifdef USB_DEBUG
90 static int usb_fifo_debug = 0;
91 
92 static SYSCTL_NODE(_hw_usb, OID_AUTO, dev, CTLFLAG_RW | CTLFLAG_MPSAFE, 0,
93     "USB device");
94 SYSCTL_INT(_hw_usb_dev, OID_AUTO, debug, CTLFLAG_RWTUN,
95     &usb_fifo_debug, 0, "Debug Level");
96 #endif
97 
98 #define	USB_UCRED struct ucred *ucred,
99 
100 /* prototypes */
101 
102 static int	usb_fifo_open(struct usb_cdev_privdata *,
103 		    struct usb_fifo *, int);
104 static void	usb_fifo_close(struct usb_fifo *, int);
105 static void	usb_dev_init(void *);
106 static void	usb_dev_init_post(void *);
107 static void	usb_dev_uninit(void *);
108 static int	usb_fifo_uiomove(struct usb_fifo *, void *, int,
109 		    struct uio *);
110 static void	usb_fifo_check_methods(struct usb_fifo_methods *);
111 static struct	usb_fifo *usb_fifo_alloc(struct mtx *);
112 static struct	usb_endpoint *usb_dev_get_ep(struct usb_device *, uint8_t,
113 		    uint8_t);
114 static void	usb_loc_fill(struct usb_fs_privdata *,
115 		    struct usb_cdev_privdata *);
116 static void	usb_close(void *);
117 static usb_error_t usb_ref_device(struct usb_cdev_privdata *, struct usb_cdev_refdata *, int);
118 static usb_error_t usb_usb_ref_device(struct usb_cdev_privdata *, struct usb_cdev_refdata *);
119 static void	usb_unref_device(struct usb_cdev_privdata *, struct usb_cdev_refdata *);
120 
121 static d_open_t usb_open;
122 static d_ioctl_t usb_ioctl;
123 static d_read_t usb_read;
124 static d_write_t usb_write;
125 static d_poll_t usb_poll;
126 static d_kqfilter_t usb_kqfilter;
127 
128 static d_ioctl_t usb_static_ioctl;
129 
130 static usb_fifo_open_t usb_fifo_dummy_open;
131 static usb_fifo_close_t usb_fifo_dummy_close;
132 static usb_fifo_ioctl_t usb_fifo_dummy_ioctl;
133 static usb_fifo_cmd_t usb_fifo_dummy_cmd;
134 
135 /* character device structure used for devices (/dev/ugenX.Y and /dev/uXXX) */
136 struct cdevsw usb_devsw = {
137 	.d_version = D_VERSION,
138 	.d_open = usb_open,
139 	.d_ioctl = usb_ioctl,
140 	.d_name = "usbdev",
141 	.d_flags = D_TRACKCLOSE,
142 	.d_read = usb_read,
143 	.d_write = usb_write,
144 	.d_poll = usb_poll,
145 	.d_kqfilter = usb_kqfilter,
146 };
147 
148 static struct cdev* usb_dev = NULL;
149 
150 /* character device structure used for /dev/usb */
151 static struct cdevsw usb_static_devsw = {
152 	.d_version = D_VERSION,
153 	.d_ioctl = usb_static_ioctl,
154 	.d_name = "usb"
155 };
156 
157 static TAILQ_HEAD(, usb_symlink) usb_sym_head;
158 static struct sx usb_sym_lock;
159 
160 struct mtx usb_ref_lock;
161 
162 /*------------------------------------------------------------------------*
163  *	usb_loc_fill
164  *
165  * This is used to fill out a usb_cdev_privdata structure based on the
166  * device's address as contained in usb_fs_privdata.
167  *------------------------------------------------------------------------*/
168 static void
usb_loc_fill(struct usb_fs_privdata * pd,struct usb_cdev_privdata * cpd)169 usb_loc_fill(struct usb_fs_privdata* pd, struct usb_cdev_privdata *cpd)
170 {
171 	cpd->bus_index = pd->bus_index;
172 	cpd->dev_index = pd->dev_index;
173 	cpd->ep_addr = pd->ep_addr;
174 	cpd->fifo_index = pd->fifo_index;
175 }
176 
177 /*------------------------------------------------------------------------*
178  *	usb_ref_device
179  *
180  * This function is used to atomically refer an USB device by its
181  * device location. If this function returns success the USB device
182  * will not disappear until the USB device is unreferenced.
183  *
184  * Return values:
185  *  0: Success, refcount incremented on the given USB device.
186  *  Else: Failure.
187  *------------------------------------------------------------------------*/
188 static usb_error_t
usb_ref_device(struct usb_cdev_privdata * cpd,struct usb_cdev_refdata * crd,int need_uref)189 usb_ref_device(struct usb_cdev_privdata *cpd,
190     struct usb_cdev_refdata *crd, int need_uref)
191 {
192 	struct usb_fifo **ppf;
193 	struct usb_fifo *f;
194 
195 	DPRINTFN(2, "cpd=%p need uref=%d\n", cpd, need_uref);
196 
197 	/* clear all refs */
198 	memset(crd, 0, sizeof(*crd));
199 
200 	mtx_lock(&usb_ref_lock);
201 	cpd->bus = devclass_get_softc(usb_devclass_ptr, cpd->bus_index);
202 	if (cpd->bus == NULL) {
203 		DPRINTFN(2, "no bus at %u\n", cpd->bus_index);
204 		goto error;
205 	}
206 	cpd->udev = cpd->bus->devices[cpd->dev_index];
207 	if (cpd->udev == NULL) {
208 		DPRINTFN(2, "no device at %u\n", cpd->dev_index);
209 		goto error;
210 	}
211 	if (cpd->udev->state == USB_STATE_DETACHED &&
212 	    (need_uref != 2)) {
213 		DPRINTFN(2, "device is detached\n");
214 		goto error;
215 	}
216 	if (need_uref) {
217 		DPRINTFN(2, "ref udev - needed\n");
218 
219 		if (cpd->udev->refcount == USB_DEV_REF_MAX) {
220 			DPRINTFN(2, "no dev ref\n");
221 			goto error;
222 		}
223 		cpd->udev->refcount++;
224 
225 		mtx_unlock(&usb_ref_lock);
226 
227 		/*
228 		 * We need to grab the enumeration SX-lock before
229 		 * grabbing the FIFO refs to avoid deadlock at detach!
230 		 */
231 		crd->do_unlock = usbd_enum_lock_sig(cpd->udev);
232 
233 		mtx_lock(&usb_ref_lock);
234 
235 		/*
236 		 * Set "is_uref" after grabbing the default SX lock
237 		 */
238 		crd->is_uref = 1;
239 
240 		/* check for signal */
241 		if (crd->do_unlock > 1) {
242 			crd->do_unlock = 0;
243 			goto error;
244 		}
245 	}
246 
247 	/* check if we are doing an open */
248 	if (cpd->fflags == 0) {
249 		/* use zero defaults */
250 	} else {
251 		/* check for write */
252 		if (cpd->fflags & FWRITE) {
253 			ppf = cpd->udev->fifo;
254 			f = ppf[cpd->fifo_index + USB_FIFO_TX];
255 			crd->txfifo = f;
256 			crd->is_write = 1;	/* ref */
257 			if (f == NULL || f->refcount == USB_FIFO_REF_MAX)
258 				goto error;
259 			if (f->curr_cpd != cpd)
260 				goto error;
261 			/* check if USB-FS is active */
262 			if (f->fs_ep_max != 0) {
263 				crd->is_usbfs = 1;
264 			}
265 		}
266 
267 		/* check for read */
268 		if (cpd->fflags & FREAD) {
269 			ppf = cpd->udev->fifo;
270 			f = ppf[cpd->fifo_index + USB_FIFO_RX];
271 			crd->rxfifo = f;
272 			crd->is_read = 1;	/* ref */
273 			if (f == NULL || f->refcount == USB_FIFO_REF_MAX)
274 				goto error;
275 			if (f->curr_cpd != cpd)
276 				goto error;
277 			/* check if USB-FS is active */
278 			if (f->fs_ep_max != 0) {
279 				crd->is_usbfs = 1;
280 			}
281 		}
282 	}
283 
284 	/* when everything is OK we increment the refcounts */
285 	if (crd->is_write) {
286 		DPRINTFN(2, "ref write\n");
287 		crd->txfifo->refcount++;
288 	}
289 	if (crd->is_read) {
290 		DPRINTFN(2, "ref read\n");
291 		crd->rxfifo->refcount++;
292 	}
293 	mtx_unlock(&usb_ref_lock);
294 
295 	return (0);
296 
297 error:
298 	if (crd->do_unlock)
299 		usbd_enum_unlock(cpd->udev);
300 
301 	if (crd->is_uref) {
302 		if (--(cpd->udev->refcount) == 0)
303 			cv_broadcast(&cpd->udev->ref_cv);
304 	}
305 	mtx_unlock(&usb_ref_lock);
306 	DPRINTFN(2, "fail\n");
307 
308 	/* clear all refs */
309 	memset(crd, 0, sizeof(*crd));
310 
311 	return (USB_ERR_INVAL);
312 }
313 
314 /*------------------------------------------------------------------------*
315  *	usb_usb_ref_device
316  *
317  * This function is used to upgrade an USB reference to include the
318  * USB device reference on a USB location.
319  *
320  * Return values:
321  *  0: Success, refcount incremented on the given USB device.
322  *  Else: Failure.
323  *------------------------------------------------------------------------*/
324 static usb_error_t
usb_usb_ref_device(struct usb_cdev_privdata * cpd,struct usb_cdev_refdata * crd)325 usb_usb_ref_device(struct usb_cdev_privdata *cpd,
326     struct usb_cdev_refdata *crd)
327 {
328 	/*
329 	 * Check if we already got an USB reference on this location:
330 	 */
331 	if (crd->is_uref)
332 		return (0);		/* success */
333 
334 	/*
335 	 * To avoid deadlock at detach we need to drop the FIFO ref
336 	 * and re-acquire a new ref!
337 	 */
338 	usb_unref_device(cpd, crd);
339 
340 	return (usb_ref_device(cpd, crd, 1 /* need uref */));
341 }
342 
343 /*------------------------------------------------------------------------*
344  *	usb_unref_device
345  *
346  * This function will release the reference count by one unit for the
347  * given USB device.
348  *------------------------------------------------------------------------*/
349 static void
usb_unref_device(struct usb_cdev_privdata * cpd,struct usb_cdev_refdata * crd)350 usb_unref_device(struct usb_cdev_privdata *cpd,
351     struct usb_cdev_refdata *crd)
352 {
353 
354 	DPRINTFN(2, "cpd=%p is_uref=%d\n", cpd, crd->is_uref);
355 
356 	if (crd->do_unlock)
357 		usbd_enum_unlock(cpd->udev);
358 
359 	mtx_lock(&usb_ref_lock);
360 	if (crd->is_read) {
361 		if (--(crd->rxfifo->refcount) == 0) {
362 			cv_signal(&crd->rxfifo->cv_drain);
363 		}
364 		crd->is_read = 0;
365 	}
366 	if (crd->is_write) {
367 		if (--(crd->txfifo->refcount) == 0) {
368 			cv_signal(&crd->txfifo->cv_drain);
369 		}
370 		crd->is_write = 0;
371 	}
372 	if (crd->is_uref) {
373 		crd->is_uref = 0;
374 		if (--(cpd->udev->refcount) == 0)
375 			cv_broadcast(&cpd->udev->ref_cv);
376 	}
377 	mtx_unlock(&usb_ref_lock);
378 }
379 
380 static struct usb_fifo *
usb_fifo_alloc(struct mtx * mtx)381 usb_fifo_alloc(struct mtx *mtx)
382 {
383 	struct usb_fifo *f;
384 
385 	f = malloc(sizeof(*f), M_USBDEV, M_WAITOK | M_ZERO);
386 	cv_init(&f->cv_io, "FIFO-IO");
387 	cv_init(&f->cv_drain, "FIFO-DRAIN");
388 	sx_init(&f->fs_fastpath_lock, "FIFO-FP");
389 	f->priv_mtx = mtx;
390 	f->refcount = 1;
391 	knlist_init_mtx(&f->selinfo.si_note, mtx);
392 	return (f);
393 }
394 
395 /*------------------------------------------------------------------------*
396  *	usb_fifo_create
397  *------------------------------------------------------------------------*/
398 static int
usb_fifo_create(struct usb_cdev_privdata * cpd,struct usb_cdev_refdata * crd)399 usb_fifo_create(struct usb_cdev_privdata *cpd,
400     struct usb_cdev_refdata *crd)
401 {
402 	struct usb_device *udev = cpd->udev;
403 	struct usb_fifo *f;
404 	struct usb_endpoint *ep;
405 	uint8_t n;
406 	uint8_t is_tx;
407 	uint8_t is_rx;
408 	uint8_t no_null;
409 	uint8_t is_busy;
410 	int e = cpd->ep_addr;
411 
412 	is_tx = (cpd->fflags & FWRITE) ? 1 : 0;
413 	is_rx = (cpd->fflags & FREAD) ? 1 : 0;
414 	no_null = 1;
415 	is_busy = 0;
416 
417 	/* Preallocated FIFO */
418 	if (e < 0) {
419 		DPRINTFN(5, "Preallocated FIFO\n");
420 		if (is_tx) {
421 			f = udev->fifo[cpd->fifo_index + USB_FIFO_TX];
422 			if (f == NULL)
423 				return (EINVAL);
424 			crd->txfifo = f;
425 		}
426 		if (is_rx) {
427 			f = udev->fifo[cpd->fifo_index + USB_FIFO_RX];
428 			if (f == NULL)
429 				return (EINVAL);
430 			crd->rxfifo = f;
431 		}
432 		return (0);
433 	}
434 
435 	KASSERT(e >= 0 && e <= 15, ("endpoint %d out of range", e));
436 
437 	/* search for a free FIFO slot */
438 	DPRINTFN(5, "Endpoint device, searching for 0x%02x\n", e);
439 	for (n = 0;; n += 2) {
440 		if (n == USB_FIFO_MAX) {
441 			if (no_null) {
442 				no_null = 0;
443 				n = 0;
444 			} else {
445 				/* end of FIFOs reached */
446 				DPRINTFN(5, "out of FIFOs\n");
447 				return (ENOMEM);
448 			}
449 		}
450 		/* Check for TX FIFO */
451 		if (is_tx) {
452 			f = udev->fifo[n + USB_FIFO_TX];
453 			if (f != NULL) {
454 				if (f->dev_ep_index != e) {
455 					/* wrong endpoint index */
456 					continue;
457 				}
458 				if (f->curr_cpd != NULL) {
459 					/* FIFO is opened */
460 					is_busy = 1;
461 					continue;
462 				}
463 			} else if (no_null) {
464 				continue;
465 			}
466 		}
467 		/* Check for RX FIFO */
468 		if (is_rx) {
469 			f = udev->fifo[n + USB_FIFO_RX];
470 			if (f != NULL) {
471 				if (f->dev_ep_index != e) {
472 					/* wrong endpoint index */
473 					continue;
474 				}
475 				if (f->curr_cpd != NULL) {
476 					/* FIFO is opened */
477 					is_busy = 1;
478 					continue;
479 				}
480 			} else if (no_null) {
481 				continue;
482 			}
483 		}
484 		break;
485 	}
486 
487 	if (no_null == 0) {
488 		if (e >= (USB_EP_MAX / 2)) {
489 			/* we don't create any endpoints in this range */
490 			DPRINTFN(5, "ep out of range\n");
491 			return (is_busy ? EBUSY : EINVAL);
492 		}
493 	}
494 
495 	if ((e != 0) && is_busy) {
496 		/*
497 		 * Only the default control endpoint is allowed to be
498 		 * opened multiple times!
499 		 */
500 		DPRINTFN(5, "busy\n");
501 		return (EBUSY);
502 	}
503 
504 	/* Check TX FIFO */
505 	if (is_tx &&
506 	    (udev->fifo[n + USB_FIFO_TX] == NULL)) {
507 		ep = usb_dev_get_ep(udev, e, USB_FIFO_TX);
508 		DPRINTFN(5, "dev_get_endpoint(%d, 0x%x)\n", e, USB_FIFO_TX);
509 		if (ep == NULL) {
510 			DPRINTFN(5, "dev_get_endpoint returned NULL\n");
511 			return (EINVAL);
512 		}
513 		f = usb_fifo_alloc(&udev->device_mtx);
514 		if (f == NULL) {
515 			DPRINTFN(5, "could not alloc tx fifo\n");
516 			return (ENOMEM);
517 		}
518 		/* update some fields */
519 		f->fifo_index = n + USB_FIFO_TX;
520 		f->dev_ep_index = e;
521 		f->priv_sc0 = ep;
522 		f->methods = &usb_ugen_methods;
523 		f->iface_index = ep->iface_index;
524 		f->udev = udev;
525 		mtx_lock(&usb_ref_lock);
526 		udev->fifo[n + USB_FIFO_TX] = f;
527 		mtx_unlock(&usb_ref_lock);
528 	}
529 	/* Check RX FIFO */
530 	if (is_rx &&
531 	    (udev->fifo[n + USB_FIFO_RX] == NULL)) {
532 		ep = usb_dev_get_ep(udev, e, USB_FIFO_RX);
533 		DPRINTFN(5, "dev_get_endpoint(%d, 0x%x)\n", e, USB_FIFO_RX);
534 		if (ep == NULL) {
535 			DPRINTFN(5, "dev_get_endpoint returned NULL\n");
536 			return (EINVAL);
537 		}
538 		f = usb_fifo_alloc(&udev->device_mtx);
539 		if (f == NULL) {
540 			DPRINTFN(5, "could not alloc rx fifo\n");
541 			return (ENOMEM);
542 		}
543 		/* update some fields */
544 		f->fifo_index = n + USB_FIFO_RX;
545 		f->dev_ep_index = e;
546 		f->priv_sc0 = ep;
547 		f->methods = &usb_ugen_methods;
548 		f->iface_index = ep->iface_index;
549 		f->udev = udev;
550 		mtx_lock(&usb_ref_lock);
551 		udev->fifo[n + USB_FIFO_RX] = f;
552 		mtx_unlock(&usb_ref_lock);
553 	}
554 	if (is_tx) {
555 		crd->txfifo = udev->fifo[n + USB_FIFO_TX];
556 	}
557 	if (is_rx) {
558 		crd->rxfifo = udev->fifo[n + USB_FIFO_RX];
559 	}
560 	/* fill out fifo index */
561 	DPRINTFN(5, "fifo index = %d\n", n);
562 	cpd->fifo_index = n;
563 
564 	/* complete */
565 
566 	return (0);
567 }
568 
569 void
usb_fifo_free(struct usb_fifo * f)570 usb_fifo_free(struct usb_fifo *f)
571 {
572 	uint8_t n;
573 
574 	if (f == NULL) {
575 		/* be NULL safe */
576 		return;
577 	}
578 	/* destroy symlink devices, if any */
579 	for (n = 0; n != 2; n++) {
580 		if (f->symlink[n]) {
581 			usb_free_symlink(f->symlink[n]);
582 			f->symlink[n] = NULL;
583 		}
584 	}
585 	mtx_lock(&usb_ref_lock);
586 
587 	/* delink ourselves to stop calls from userland */
588 	if ((f->fifo_index < USB_FIFO_MAX) &&
589 	    (f->udev != NULL) &&
590 	    (f->udev->fifo[f->fifo_index] == f)) {
591 		f->udev->fifo[f->fifo_index] = NULL;
592 	} else {
593 		DPRINTFN(0, "USB FIFO %p has not been linked\n", f);
594 	}
595 
596 	/* decrease refcount */
597 	f->refcount--;
598 	/* need to wait until all callers have exited */
599 	while (f->refcount != 0) {
600 		mtx_unlock(&usb_ref_lock);	/* avoid LOR */
601 		mtx_lock(f->priv_mtx);
602 		/* prevent write flush, if any */
603 		f->flag_iserror = 1;
604 		/* get I/O thread out of any sleep state */
605 		if (f->flag_sleeping) {
606 			f->flag_sleeping = 0;
607 			cv_broadcast(&f->cv_io);
608 		}
609 		mtx_unlock(f->priv_mtx);
610 		mtx_lock(&usb_ref_lock);
611 
612 		/*
613 		 * Check if the "f->refcount" variable reached zero
614 		 * during the unlocked time before entering wait:
615 		 */
616 		if (f->refcount == 0)
617 			break;
618 
619 		/* wait for sync */
620 		cv_wait(&f->cv_drain, &usb_ref_lock);
621 	}
622 	mtx_unlock(&usb_ref_lock);
623 
624 	/* take care of closing the device here, if any */
625 	usb_fifo_close(f, 0);
626 
627 	cv_destroy(&f->cv_io);
628 	cv_destroy(&f->cv_drain);
629 	sx_destroy(&f->fs_fastpath_lock);
630 
631 	knlist_clear(&f->selinfo.si_note, 0);
632 	seldrain(&f->selinfo);
633 	knlist_destroy(&f->selinfo.si_note);
634 
635 	free(f, M_USBDEV);
636 }
637 
638 static struct usb_endpoint *
usb_dev_get_ep(struct usb_device * udev,uint8_t ep_index,uint8_t dir)639 usb_dev_get_ep(struct usb_device *udev, uint8_t ep_index, uint8_t dir)
640 {
641 	struct usb_endpoint *ep;
642 	uint8_t ep_dir;
643 
644 	if (ep_index == 0) {
645 		ep = &udev->ctrl_ep;
646 	} else {
647 		if (dir == USB_FIFO_RX) {
648 			if (udev->flags.usb_mode == USB_MODE_HOST) {
649 				ep_dir = UE_DIR_IN;
650 			} else {
651 				ep_dir = UE_DIR_OUT;
652 			}
653 		} else {
654 			if (udev->flags.usb_mode == USB_MODE_HOST) {
655 				ep_dir = UE_DIR_OUT;
656 			} else {
657 				ep_dir = UE_DIR_IN;
658 			}
659 		}
660 		ep = usbd_get_ep_by_addr(udev, ep_index | ep_dir);
661 	}
662 
663 	if (ep == NULL) {
664 		/* if the endpoint does not exist then return */
665 		return (NULL);
666 	}
667 	if (ep->edesc == NULL) {
668 		/* invalid endpoint */
669 		return (NULL);
670 	}
671 	return (ep);			/* success */
672 }
673 
674 /*------------------------------------------------------------------------*
675  *	usb_fifo_open
676  *
677  * Returns:
678  * 0: Success
679  * Else: Failure
680  *------------------------------------------------------------------------*/
681 static int
usb_fifo_open(struct usb_cdev_privdata * cpd,struct usb_fifo * f,int fflags)682 usb_fifo_open(struct usb_cdev_privdata *cpd,
683     struct usb_fifo *f, int fflags)
684 {
685 	int err;
686 
687 	if (f == NULL) {
688 		/* no FIFO there */
689 		DPRINTFN(2, "no FIFO\n");
690 		return (ENXIO);
691 	}
692 	/* remove FWRITE and FREAD flags */
693 	fflags &= ~(FWRITE | FREAD);
694 
695 	/* set correct file flags */
696 	if ((f->fifo_index & 1) == USB_FIFO_TX) {
697 		fflags |= FWRITE;
698 	} else {
699 		fflags |= FREAD;
700 	}
701 
702 	/* check if we are already opened */
703 	/* we don't need any locks when checking this variable */
704 	if (f->curr_cpd != NULL) {
705 		err = EBUSY;
706 		goto done;
707 	}
708 
709 	/* reset short flag before open */
710 	f->flag_short = 0;
711 
712 	/* call open method */
713 	err = (f->methods->f_open) (f, fflags);
714 	if (err) {
715 		goto done;
716 	}
717 	mtx_lock(f->priv_mtx);
718 
719 	/* reset sleep flag */
720 	f->flag_sleeping = 0;
721 
722 	/* reset error flag */
723 	f->flag_iserror = 0;
724 
725 	/* reset complete flag */
726 	f->flag_iscomplete = 0;
727 
728 	/* reset select flag */
729 	f->flag_isselect = 0;
730 
731 	/* reset flushing flag */
732 	f->flag_flushing = 0;
733 
734 	/* reset ASYNC proc flag */
735 	f->async_p = NULL;
736 
737 	mtx_lock(&usb_ref_lock);
738 	/* flag the fifo as opened to prevent others */
739 	f->curr_cpd = cpd;
740 	mtx_unlock(&usb_ref_lock);
741 
742 	/* reset queue */
743 	usb_fifo_reset(f);
744 
745 	mtx_unlock(f->priv_mtx);
746 done:
747 	return (err);
748 }
749 
750 /*------------------------------------------------------------------------*
751  *	usb_fifo_reset
752  *------------------------------------------------------------------------*/
753 void
usb_fifo_reset(struct usb_fifo * f)754 usb_fifo_reset(struct usb_fifo *f)
755 {
756 	struct usb_mbuf *m;
757 
758 	if (f == NULL) {
759 		return;
760 	}
761 	while (1) {
762 		USB_IF_DEQUEUE(&f->used_q, m);
763 		if (m) {
764 			USB_IF_ENQUEUE(&f->free_q, m);
765 		} else {
766 			break;
767 		}
768 	}
769 	/* reset have fragment flag */
770 	f->flag_have_fragment = 0;
771 }
772 
773 /*------------------------------------------------------------------------*
774  *	usb_fifo_close
775  *------------------------------------------------------------------------*/
776 static void
usb_fifo_close(struct usb_fifo * f,int fflags)777 usb_fifo_close(struct usb_fifo *f, int fflags)
778 {
779 	int err;
780 
781 	/* check if we are not opened */
782 	if (f->curr_cpd == NULL) {
783 		/* nothing to do - already closed */
784 		return;
785 	}
786 	mtx_lock(f->priv_mtx);
787 
788 	/* clear current cdev private data pointer */
789 	mtx_lock(&usb_ref_lock);
790 	f->curr_cpd = NULL;
791 	mtx_unlock(&usb_ref_lock);
792 
793 	/* check if we are watched by kevent */
794 	KNOTE_LOCKED(&f->selinfo.si_note, 0);
795 
796 	/* check if we are selected */
797 	if (f->flag_isselect) {
798 		selwakeup(&f->selinfo);
799 		f->flag_isselect = 0;
800 	}
801 	/* check if a thread wants SIGIO */
802 	if (f->async_p != NULL) {
803 		PROC_LOCK(f->async_p);
804 		kern_psignal(f->async_p, SIGIO);
805 		PROC_UNLOCK(f->async_p);
806 		f->async_p = NULL;
807 	}
808 	/* remove FWRITE and FREAD flags */
809 	fflags &= ~(FWRITE | FREAD);
810 
811 	/* flush written data, if any */
812 	if ((f->fifo_index & 1) == USB_FIFO_TX) {
813 		if (!f->flag_iserror) {
814 			/* set flushing flag */
815 			f->flag_flushing = 1;
816 
817 			/* get the last packet in */
818 			if (f->flag_have_fragment) {
819 				struct usb_mbuf *m;
820 				f->flag_have_fragment = 0;
821 				USB_IF_DEQUEUE(&f->free_q, m);
822 				if (m) {
823 					USB_IF_ENQUEUE(&f->used_q, m);
824 				}
825 			}
826 
827 			/* start write transfer, if not already started */
828 			(f->methods->f_start_write) (f);
829 
830 			/* check if flushed already */
831 			while (f->flag_flushing &&
832 			    (!f->flag_iserror)) {
833 				/* wait until all data has been written */
834 				f->flag_sleeping = 1;
835 				err = cv_timedwait_sig(&f->cv_io, f->priv_mtx,
836 				    USB_MS_TO_TICKS(USB_DEFAULT_TIMEOUT));
837 				if (err) {
838 					DPRINTF("signal received\n");
839 					break;
840 				}
841 			}
842 		}
843 		fflags |= FWRITE;
844 
845 		/* stop write transfer, if not already stopped */
846 		(f->methods->f_stop_write) (f);
847 	} else {
848 		fflags |= FREAD;
849 
850 		/* stop write transfer, if not already stopped */
851 		(f->methods->f_stop_read) (f);
852 	}
853 
854 	/* check if we are sleeping */
855 	if (f->flag_sleeping) {
856 		DPRINTFN(2, "Sleeping at close!\n");
857 	}
858 	mtx_unlock(f->priv_mtx);
859 
860 	/* call close method */
861 	(f->methods->f_close) (f, fflags);
862 
863 	DPRINTF("closed\n");
864 }
865 
866 /*------------------------------------------------------------------------*
867  *	usb_open - cdev callback
868  *------------------------------------------------------------------------*/
869 static int
usb_open(struct cdev * dev,int fflags,int devtype,struct thread * td)870 usb_open(struct cdev *dev, int fflags, int devtype, struct thread *td)
871 {
872 	struct usb_fs_privdata* pd = (struct usb_fs_privdata*)dev->si_drv1;
873 	struct usb_cdev_refdata refs;
874 	struct usb_cdev_privdata *cpd;
875 	int err;
876 
877 	DPRINTFN(2, "%s fflags=0x%08x\n", devtoname(dev), fflags);
878 
879 	KASSERT(fflags & (FREAD|FWRITE), ("invalid open flags"));
880 	if (((fflags & FREAD) && !(pd->mode & FREAD)) ||
881 	    ((fflags & FWRITE) && !(pd->mode & FWRITE))) {
882 		DPRINTFN(2, "access mode not supported\n");
883 		return (EPERM);
884 	}
885 
886 	cpd = malloc(sizeof(*cpd), M_USBDEV, M_WAITOK | M_ZERO);
887 
888 	usb_loc_fill(pd, cpd);
889 	err = usb_ref_device(cpd, &refs, 1);
890 	if (err) {
891 		DPRINTFN(2, "cannot ref device\n");
892 		free(cpd, M_USBDEV);
893 		return (ENXIO);
894 	}
895 	cpd->fflags = fflags;	/* access mode for open lifetime */
896 
897 	/* create FIFOs, if any */
898 	err = usb_fifo_create(cpd, &refs);
899 	/* check for error */
900 	if (err) {
901 		DPRINTFN(2, "cannot create fifo\n");
902 		usb_unref_device(cpd, &refs);
903 		free(cpd, M_USBDEV);
904 		return (err);
905 	}
906 	if (fflags & FREAD) {
907 		err = usb_fifo_open(cpd, refs.rxfifo, fflags);
908 		if (err) {
909 			DPRINTFN(2, "read open failed\n");
910 			usb_unref_device(cpd, &refs);
911 			free(cpd, M_USBDEV);
912 			return (err);
913 		}
914 	}
915 	if (fflags & FWRITE) {
916 		err = usb_fifo_open(cpd, refs.txfifo, fflags);
917 		if (err) {
918 			DPRINTFN(2, "write open failed\n");
919 			if (fflags & FREAD) {
920 				usb_fifo_close(refs.rxfifo, fflags);
921 			}
922 			usb_unref_device(cpd, &refs);
923 			free(cpd, M_USBDEV);
924 			return (err);
925 		}
926 	}
927 	usb_unref_device(cpd, &refs);
928 	devfs_set_cdevpriv(cpd, usb_close);
929 
930 	return (0);
931 }
932 
933 /*------------------------------------------------------------------------*
934  *	usb_close - cdev callback
935  *------------------------------------------------------------------------*/
936 static void
usb_close(void * arg)937 usb_close(void *arg)
938 {
939 	struct usb_cdev_refdata refs;
940 	struct usb_cdev_privdata *cpd = arg;
941 	int err;
942 
943 	DPRINTFN(2, "cpd=%p\n", cpd);
944 
945 	err = usb_ref_device(cpd, &refs,
946 	    2 /* uref and allow detached state */);
947 	if (err) {
948 		DPRINTFN(2, "Cannot grab USB reference when "
949 		    "closing USB file handle\n");
950 		goto done;
951 	}
952 	if (cpd->fflags & FREAD) {
953 		usb_fifo_close(refs.rxfifo, cpd->fflags);
954 	}
955 	if (cpd->fflags & FWRITE) {
956 		usb_fifo_close(refs.txfifo, cpd->fflags);
957 	}
958 	usb_unref_device(cpd, &refs);
959 done:
960 	free(cpd, M_USBDEV);
961 }
962 
963 static void
usb_dev_init(void * arg)964 usb_dev_init(void *arg)
965 {
966 	mtx_init(&usb_ref_lock, "USB ref mutex", NULL, MTX_DEF);
967 	sx_init(&usb_sym_lock, "USB sym mutex");
968 	TAILQ_INIT(&usb_sym_head);
969 
970 	/* check the UGEN methods */
971 	usb_fifo_check_methods(&usb_ugen_methods);
972 }
973 
974 SYSINIT(usb_dev_init, SI_SUB_KLD, SI_ORDER_FIRST, usb_dev_init, NULL);
975 
976 static void
usb_dev_init_post(void * arg)977 usb_dev_init_post(void *arg)
978 {
979 	/*
980 	 * Create /dev/usb - this is needed for usbconfig(8), which
981 	 * needs a well-known device name to access.
982 	 */
983 	usb_dev = make_dev(&usb_static_devsw, 0, UID_ROOT, GID_OPERATOR,
984 	    0644, USB_DEVICE_NAME);
985 	if (usb_dev == NULL) {
986 		DPRINTFN(0, "Could not create usb bus device\n");
987 	}
988 }
989 
990 SYSINIT(usb_dev_init_post, SI_SUB_KICK_SCHEDULER, SI_ORDER_FIRST, usb_dev_init_post, NULL);
991 
992 static void
usb_dev_uninit(void * arg)993 usb_dev_uninit(void *arg)
994 {
995 	if (usb_dev != NULL) {
996 		destroy_dev(usb_dev);
997 		usb_dev = NULL;
998 	}
999 	mtx_destroy(&usb_ref_lock);
1000 	sx_destroy(&usb_sym_lock);
1001 }
1002 
1003 SYSUNINIT(usb_dev_uninit, SI_SUB_KICK_SCHEDULER, SI_ORDER_ANY, usb_dev_uninit, NULL);
1004 
1005 static int
usb_ioctl_f_sub(struct usb_fifo * f,u_long cmd,void * addr,struct thread * td)1006 usb_ioctl_f_sub(struct usb_fifo *f, u_long cmd, void *addr,
1007     struct thread *td)
1008 {
1009 	int error = 0;
1010 
1011 	switch (cmd) {
1012 	case FIODTYPE:
1013 		*(int *)addr = 0;	/* character device */
1014 		break;
1015 
1016 	case FIONBIO:
1017 		/* handled by upper FS layer */
1018 		break;
1019 
1020 	case FIOASYNC:
1021 		if (*(int *)addr) {
1022 			if (f->async_p != NULL) {
1023 				error = EBUSY;
1024 				break;
1025 			}
1026 			f->async_p = USB_TD_GET_PROC(td);
1027 		} else {
1028 			f->async_p = NULL;
1029 		}
1030 		break;
1031 
1032 		/* XXX this is not the most general solution */
1033 	case TIOCSPGRP:
1034 		if (f->async_p == NULL) {
1035 			error = EINVAL;
1036 			break;
1037 		}
1038 		if (*(int *)addr != USB_PROC_GET_GID(f->async_p)) {
1039 			error = EPERM;
1040 			break;
1041 		}
1042 		break;
1043 	default:
1044 		return (ENOIOCTL);
1045 	}
1046 	DPRINTFN(3, "cmd 0x%lx = %d\n", cmd, error);
1047 	return (error);
1048 }
1049 
1050 /*------------------------------------------------------------------------*
1051  *	usb_ioctl - cdev callback
1052  *------------------------------------------------------------------------*/
1053 static int
usb_ioctl(struct cdev * dev,u_long cmd,caddr_t addr,int fflag,struct thread * td)1054 usb_ioctl(struct cdev *dev, u_long cmd, caddr_t addr, int fflag, struct thread* td)
1055 {
1056 	struct usb_cdev_refdata refs;
1057 	struct usb_cdev_privdata* cpd;
1058 	struct usb_fifo *f;
1059 	int fflags;
1060 	int err;
1061 
1062 	DPRINTFN(2, "cmd=0x%lx\n", cmd);
1063 
1064 	err = devfs_get_cdevpriv((void **)&cpd);
1065 	if (err != 0)
1066 		return (err);
1067 
1068 	/*
1069 	 * Performance optimisation: We try to check for IOCTL's that
1070 	 * don't need the USB reference first. Then we grab the USB
1071 	 * reference if we need it!
1072 	 */
1073 	err = usb_ref_device(cpd, &refs, 0 /* no uref */ );
1074 	if (err)
1075 		return (ENXIO);
1076 
1077 	fflags = cpd->fflags;
1078 
1079 	f = NULL;			/* set default value */
1080 	err = ENOIOCTL;			/* set default value */
1081 
1082 	if (fflags & FWRITE) {
1083 		f = refs.txfifo;
1084 		err = usb_ioctl_f_sub(f, cmd, addr, td);
1085 	}
1086 	if (fflags & FREAD) {
1087 		f = refs.rxfifo;
1088 		err = usb_ioctl_f_sub(f, cmd, addr, td);
1089 	}
1090 	KASSERT(f != NULL, ("fifo not found"));
1091 	if (err != ENOIOCTL)
1092 		goto done;
1093 
1094 	err = (f->methods->f_ioctl) (f, cmd, addr, fflags);
1095 
1096 	DPRINTFN(2, "f_ioctl cmd 0x%lx = %d\n", cmd, err);
1097 
1098 	if (err != ENOIOCTL)
1099 		goto done;
1100 
1101 	if (usb_usb_ref_device(cpd, &refs)) {
1102 		/* we lost the reference */
1103 		return (ENXIO);
1104 	}
1105 
1106 	err = (f->methods->f_ioctl_post) (f, cmd, addr, fflags);
1107 
1108 	DPRINTFN(2, "f_ioctl_post cmd 0x%lx = %d\n", cmd, err);
1109 
1110 	if (err == ENOIOCTL)
1111 		err = ENOTTY;
1112 
1113 	if (err)
1114 		goto done;
1115 
1116 	/* Wait for re-enumeration, if any */
1117 
1118 	while (f->udev->re_enumerate_wait != USB_RE_ENUM_DONE) {
1119 		usb_unref_device(cpd, &refs);
1120 
1121 		usb_pause_mtx(NULL, hz / 128);
1122 
1123 		while (usb_ref_device(cpd, &refs, 1 /* need uref */)) {
1124 			if (usb_ref_device(cpd, &refs, 0)) {
1125 				/* device no longer exists */
1126 				return (ENXIO);
1127 			}
1128 			usb_unref_device(cpd, &refs);
1129 			usb_pause_mtx(NULL, hz / 128);
1130 		}
1131 	}
1132 
1133 done:
1134 	usb_unref_device(cpd, &refs);
1135 	return (err);
1136 }
1137 
1138 static void
usb_filter_detach(struct knote * kn)1139 usb_filter_detach(struct knote *kn)
1140 {
1141 	struct usb_fifo *f = kn->kn_hook;
1142 	knlist_remove(&f->selinfo.si_note, kn, 0);
1143 }
1144 
1145 static int
usb_filter_write(struct knote * kn,long hint)1146 usb_filter_write(struct knote *kn, long hint)
1147 {
1148 	struct usb_cdev_privdata* cpd;
1149 	struct usb_fifo *f;
1150 	struct usb_mbuf *m;
1151 
1152 	DPRINTFN(2, "\n");
1153 
1154 	f = kn->kn_hook;
1155 
1156 	USB_MTX_ASSERT(f->priv_mtx, MA_OWNED);
1157 
1158 	cpd = f->curr_cpd;
1159 	if (cpd == NULL) {
1160 		m = (void *)1;
1161 	} else if (f->fs_ep_max == 0) {
1162 		if (f->flag_iserror) {
1163 			/* we got an error */
1164 			m = (void *)1;
1165 		} else {
1166 			if (f->queue_data == NULL) {
1167 				/*
1168 				 * start write transfer, if not
1169 				 * already started
1170 				 */
1171 				(f->methods->f_start_write) (f);
1172 			}
1173 			/* check if any packets are available */
1174 			USB_IF_POLL(&f->free_q, m);
1175 		}
1176 	} else {
1177 		if (f->flag_iscomplete) {
1178 			m = (void *)1;
1179 		} else {
1180 			m = NULL;
1181 		}
1182 	}
1183 	return (m ? 1 : 0);
1184 }
1185 
1186 static int
usb_filter_read(struct knote * kn,long hint)1187 usb_filter_read(struct knote *kn, long hint)
1188 {
1189 	struct usb_cdev_privdata* cpd;
1190 	struct usb_fifo *f;
1191 	struct usb_mbuf *m;
1192 
1193 	DPRINTFN(2, "\n");
1194 
1195 	f = kn->kn_hook;
1196 
1197 	USB_MTX_ASSERT(f->priv_mtx, MA_OWNED);
1198 
1199 	cpd = f->curr_cpd;
1200 	if (cpd == NULL) {
1201 		m = (void *)1;
1202 	} else if (f->fs_ep_max == 0) {
1203 		if (f->flag_iserror) {
1204 			/* we have an error */
1205 			m = (void *)1;
1206 		} else {
1207 			if (f->queue_data == NULL) {
1208 				/*
1209 				 * start read transfer, if not
1210 				 * already started
1211 				 */
1212 				(f->methods->f_start_read) (f);
1213 			}
1214 			/* check if any packets are available */
1215 			USB_IF_POLL(&f->used_q, m);
1216 
1217 			/* start reading data, if any */
1218 			if (m == NULL)
1219 				(f->methods->f_start_read) (f);
1220 		}
1221 	} else {
1222 		if (f->flag_iscomplete) {
1223 			m = (void *)1;
1224 		} else {
1225 			m = NULL;
1226 		}
1227 	}
1228 	return (m ? 1 : 0);
1229 }
1230 
1231 static const struct filterops usb_filtops_write = {
1232 	.f_isfd = 1,
1233 	.f_detach = usb_filter_detach,
1234 	.f_event = usb_filter_write,
1235 };
1236 
1237 static const struct filterops usb_filtops_read = {
1238 	.f_isfd = 1,
1239 	.f_detach = usb_filter_detach,
1240 	.f_event = usb_filter_read,
1241 };
1242 
1243 /* ARGSUSED */
1244 static int
usb_kqfilter(struct cdev * dev,struct knote * kn)1245 usb_kqfilter(struct cdev* dev, struct knote *kn)
1246 {
1247 	struct usb_cdev_refdata refs;
1248 	struct usb_cdev_privdata* cpd;
1249 	struct usb_fifo *f;
1250 	int fflags;
1251 	int err = EINVAL;
1252 
1253 	DPRINTFN(2, "\n");
1254 
1255 	if (devfs_get_cdevpriv((void **)&cpd) != 0 ||
1256 	    usb_ref_device(cpd, &refs, 0) != 0)
1257 		return (ENXIO);
1258 
1259 	fflags = cpd->fflags;
1260 
1261 	/* Figure out who needs service */
1262 	switch (kn->kn_filter) {
1263 	case EVFILT_WRITE:
1264 		if (fflags & FWRITE) {
1265 			f = refs.txfifo;
1266 			kn->kn_fop = &usb_filtops_write;
1267 			err = 0;
1268 		}
1269 		break;
1270 	case EVFILT_READ:
1271 		if (fflags & FREAD) {
1272 			f = refs.rxfifo;
1273 			kn->kn_fop = &usb_filtops_read;
1274 			err = 0;
1275 		}
1276 		break;
1277 	default:
1278 		err = EOPNOTSUPP;
1279 		break;
1280 	}
1281 
1282 	if (err == 0) {
1283 		kn->kn_hook = f;
1284 		mtx_lock(f->priv_mtx);
1285 		knlist_add(&f->selinfo.si_note, kn, 1);
1286 		mtx_unlock(f->priv_mtx);
1287 	}
1288 
1289 	usb_unref_device(cpd, &refs);
1290 	return (err);
1291 }
1292 
1293 /* ARGSUSED */
1294 static int
usb_poll(struct cdev * dev,int events,struct thread * td)1295 usb_poll(struct cdev* dev, int events, struct thread* td)
1296 {
1297 	struct usb_cdev_refdata refs;
1298 	struct usb_cdev_privdata* cpd;
1299 	struct usb_fifo *f;
1300 	struct usb_mbuf *m;
1301 	int fflags, revents;
1302 
1303 	if (devfs_get_cdevpriv((void **)&cpd) != 0 ||
1304 	    usb_ref_device(cpd, &refs, 0) != 0)
1305 		return (events &
1306 		    (POLLHUP|POLLIN|POLLRDNORM|POLLOUT|POLLWRNORM));
1307 
1308 	fflags = cpd->fflags;
1309 
1310 	/* Figure out who needs service */
1311 	revents = 0;
1312 	if ((events & (POLLOUT | POLLWRNORM)) &&
1313 	    (fflags & FWRITE)) {
1314 		f = refs.txfifo;
1315 
1316 		mtx_lock(f->priv_mtx);
1317 
1318 		if (!refs.is_usbfs) {
1319 			if (f->flag_iserror) {
1320 				/* we got an error */
1321 				m = (void *)1;
1322 			} else {
1323 				if (f->queue_data == NULL) {
1324 					/*
1325 					 * start write transfer, if not
1326 					 * already started
1327 					 */
1328 					(f->methods->f_start_write) (f);
1329 				}
1330 				/* check if any packets are available */
1331 				USB_IF_POLL(&f->free_q, m);
1332 			}
1333 		} else {
1334 			if (f->flag_iscomplete) {
1335 				m = (void *)1;
1336 			} else {
1337 				m = NULL;
1338 			}
1339 		}
1340 
1341 		if (m) {
1342 			revents |= events & (POLLOUT | POLLWRNORM);
1343 		} else {
1344 			f->flag_isselect = 1;
1345 			selrecord(td, &f->selinfo);
1346 		}
1347 
1348 		mtx_unlock(f->priv_mtx);
1349 	}
1350 	if ((events & (POLLIN | POLLRDNORM)) &&
1351 	    (fflags & FREAD)) {
1352 		f = refs.rxfifo;
1353 
1354 		mtx_lock(f->priv_mtx);
1355 
1356 		if (!refs.is_usbfs) {
1357 			if (f->flag_iserror) {
1358 				/* we have an error */
1359 				m = (void *)1;
1360 			} else {
1361 				if (f->queue_data == NULL) {
1362 					/*
1363 					 * start read transfer, if not
1364 					 * already started
1365 					 */
1366 					(f->methods->f_start_read) (f);
1367 				}
1368 				/* check if any packets are available */
1369 				USB_IF_POLL(&f->used_q, m);
1370 			}
1371 		} else {
1372 			if (f->flag_iscomplete) {
1373 				m = (void *)1;
1374 			} else {
1375 				m = NULL;
1376 			}
1377 		}
1378 
1379 		if (m) {
1380 			revents |= events & (POLLIN | POLLRDNORM);
1381 		} else {
1382 			f->flag_isselect = 1;
1383 			selrecord(td, &f->selinfo);
1384 
1385 			if (!refs.is_usbfs) {
1386 				/* start reading data */
1387 				(f->methods->f_start_read) (f);
1388 			}
1389 		}
1390 
1391 		mtx_unlock(f->priv_mtx);
1392 	}
1393 	usb_unref_device(cpd, &refs);
1394 	return (revents);
1395 }
1396 
1397 static int
usb_read(struct cdev * dev,struct uio * uio,int ioflag)1398 usb_read(struct cdev *dev, struct uio *uio, int ioflag)
1399 {
1400 	struct usb_cdev_refdata refs;
1401 	struct usb_cdev_privdata* cpd;
1402 	struct usb_fifo *f;
1403 	struct usb_mbuf *m;
1404 	int io_len;
1405 	int err;
1406 	uint8_t tr_data = 0;
1407 
1408 	err = devfs_get_cdevpriv((void **)&cpd);
1409 	if (err != 0)
1410 		return (err);
1411 
1412 	err = usb_ref_device(cpd, &refs, 0 /* no uref */ );
1413 	if (err)
1414 		return (ENXIO);
1415 
1416 	f = refs.rxfifo;
1417 	if (f == NULL) {
1418 		/* should not happen */
1419 		usb_unref_device(cpd, &refs);
1420 		return (EPERM);
1421 	}
1422 
1423 	mtx_lock(f->priv_mtx);
1424 
1425 	/* check for permanent read error */
1426 	if (f->flag_iserror) {
1427 		err = EIO;
1428 		goto done;
1429 	}
1430 	/* check if USB-FS interface is active */
1431 	if (refs.is_usbfs) {
1432 		/*
1433 		 * The queue is used for events that should be
1434 		 * retrieved using the "USB_FS_COMPLETE" ioctl.
1435 		 */
1436 		err = EINVAL;
1437 		goto done;
1438 	}
1439 	while (uio->uio_resid > 0) {
1440 		USB_IF_DEQUEUE(&f->used_q, m);
1441 
1442 		if (m == NULL) {
1443 			/* start read transfer, if not already started */
1444 
1445 			(f->methods->f_start_read) (f);
1446 
1447 			if (ioflag & IO_NDELAY) {
1448 				if (tr_data) {
1449 					/* return length before error */
1450 					break;
1451 				}
1452 				err = EWOULDBLOCK;
1453 				break;
1454 			}
1455 			DPRINTF("sleeping\n");
1456 
1457 			err = usb_fifo_wait(f);
1458 			if (err) {
1459 				break;
1460 			}
1461 			continue;
1462 		}
1463 		if (f->methods->f_filter_read) {
1464 			/*
1465 			 * Sometimes it is convenient to process data at the
1466 			 * expense of a userland process instead of a kernel
1467 			 * process.
1468 			 */
1469 			(f->methods->f_filter_read) (f, m);
1470 		}
1471 		tr_data = 1;
1472 
1473 		io_len = MIN(m->cur_data_len, uio->uio_resid);
1474 
1475 		DPRINTFN(2, "transfer %d bytes from %p\n",
1476 		    io_len, m->cur_data_ptr);
1477 
1478 		err = usb_fifo_uiomove(f,
1479 		    m->cur_data_ptr, io_len, uio);
1480 
1481 		m->cur_data_len -= io_len;
1482 		m->cur_data_ptr += io_len;
1483 
1484 		if (m->cur_data_len == 0) {
1485 			uint8_t last_packet;
1486 
1487 			last_packet = m->last_packet;
1488 
1489 			USB_IF_ENQUEUE(&f->free_q, m);
1490 
1491 			if (last_packet) {
1492 				/* keep framing */
1493 				break;
1494 			}
1495 		} else {
1496 			USB_IF_PREPEND(&f->used_q, m);
1497 		}
1498 
1499 		if (err) {
1500 			break;
1501 		}
1502 	}
1503 done:
1504 	mtx_unlock(f->priv_mtx);
1505 
1506 	usb_unref_device(cpd, &refs);
1507 
1508 	return (err);
1509 }
1510 
1511 static int
usb_write(struct cdev * dev,struct uio * uio,int ioflag)1512 usb_write(struct cdev *dev, struct uio *uio, int ioflag)
1513 {
1514 	struct usb_cdev_refdata refs;
1515 	struct usb_cdev_privdata* cpd;
1516 	struct usb_fifo *f;
1517 	struct usb_mbuf *m;
1518 	uint8_t *pdata;
1519 	int io_len;
1520 	int err;
1521 	uint8_t tr_data = 0;
1522 
1523 	DPRINTFN(2, "\n");
1524 
1525 	err = devfs_get_cdevpriv((void **)&cpd);
1526 	if (err != 0)
1527 		return (err);
1528 
1529 	err = usb_ref_device(cpd, &refs, 0 /* no uref */ );
1530 	if (err)
1531 		return (ENXIO);
1532 
1533 	f = refs.txfifo;
1534 	if (f == NULL) {
1535 		/* should not happen */
1536 		usb_unref_device(cpd, &refs);
1537 		return (EPERM);
1538 	}
1539 
1540 	mtx_lock(f->priv_mtx);
1541 
1542 	/* check for permanent write error */
1543 	if (f->flag_iserror) {
1544 		err = EIO;
1545 		goto done;
1546 	}
1547 	/* check if USB-FS interface is active */
1548 	if (refs.is_usbfs) {
1549 		/*
1550 		 * The queue is used for events that should be
1551 		 * retrieved using the "USB_FS_COMPLETE" ioctl.
1552 		 */
1553 		err = EINVAL;
1554 		goto done;
1555 	}
1556 	if (f->queue_data == NULL) {
1557 		/* start write transfer, if not already started */
1558 		(f->methods->f_start_write) (f);
1559 	}
1560 	/* we allow writing zero length data */
1561 	do {
1562 		USB_IF_DEQUEUE(&f->free_q, m);
1563 
1564 		if (m == NULL) {
1565 			if (ioflag & IO_NDELAY) {
1566 				if (tr_data) {
1567 					/* return length before error */
1568 					break;
1569 				}
1570 				err = EWOULDBLOCK;
1571 				break;
1572 			}
1573 			DPRINTF("sleeping\n");
1574 
1575 			err = usb_fifo_wait(f);
1576 			if (err) {
1577 				break;
1578 			}
1579 			continue;
1580 		}
1581 		tr_data = 1;
1582 
1583 		if (f->flag_have_fragment == 0) {
1584 			USB_MBUF_RESET(m);
1585 			io_len = m->cur_data_len;
1586 			pdata = m->cur_data_ptr;
1587 			if (io_len > uio->uio_resid)
1588 				io_len = uio->uio_resid;
1589 			m->cur_data_len = io_len;
1590 		} else {
1591 			io_len = m->max_data_len - m->cur_data_len;
1592 			pdata = m->cur_data_ptr + m->cur_data_len;
1593 			if (io_len > uio->uio_resid)
1594 				io_len = uio->uio_resid;
1595 			m->cur_data_len += io_len;
1596 		}
1597 
1598 		DPRINTFN(2, "transfer %d bytes to %p\n",
1599 		    io_len, pdata);
1600 
1601 		err = usb_fifo_uiomove(f, pdata, io_len, uio);
1602 
1603 		if (err) {
1604 			f->flag_have_fragment = 0;
1605 			USB_IF_ENQUEUE(&f->free_q, m);
1606 			break;
1607 		}
1608 
1609 		/* check if the buffer is ready to be transmitted */
1610 
1611 		if ((f->flag_write_defrag == 0) ||
1612 		    (m->cur_data_len == m->max_data_len)) {
1613 			f->flag_have_fragment = 0;
1614 
1615 			/*
1616 			 * Check for write filter:
1617 			 *
1618 			 * Sometimes it is convenient to process data
1619 			 * at the expense of a userland process
1620 			 * instead of a kernel process.
1621 			 */
1622 			if (f->methods->f_filter_write) {
1623 				(f->methods->f_filter_write) (f, m);
1624 			}
1625 
1626 			/* Put USB mbuf in the used queue */
1627 			USB_IF_ENQUEUE(&f->used_q, m);
1628 
1629 			/* Start writing data, if not already started */
1630 			(f->methods->f_start_write) (f);
1631 		} else {
1632 			/* Wait for more data or close */
1633 			f->flag_have_fragment = 1;
1634 			USB_IF_PREPEND(&f->free_q, m);
1635 		}
1636 
1637 	} while (uio->uio_resid > 0);
1638 done:
1639 	mtx_unlock(f->priv_mtx);
1640 
1641 	usb_unref_device(cpd, &refs);
1642 
1643 	return (err);
1644 }
1645 
1646 int
usb_static_ioctl(struct cdev * dev,u_long cmd,caddr_t data,int fflag,struct thread * td)1647 usb_static_ioctl(struct cdev *dev, u_long cmd, caddr_t data, int fflag,
1648     struct thread *td)
1649 {
1650 	union {
1651 		struct usb_read_dir *urd;
1652 #ifdef COMPAT_FREEBSD32
1653 		struct usb_read_dir32 *urd32;
1654 #endif
1655 		void* data;
1656 	} u;
1657 	int err;
1658 
1659 	u.data = data;
1660 	switch (cmd) {
1661 		case USB_READ_DIR:
1662 			err = usb_read_symlink(u.urd->urd_data,
1663 			    u.urd->urd_startentry, u.urd->urd_maxlen);
1664 			break;
1665 #ifdef COMPAT_FREEBSD32
1666 		case USB_READ_DIR32:
1667 			err = usb_read_symlink(PTRIN(u.urd32->urd_data),
1668 			    u.urd32->urd_startentry, u.urd32->urd_maxlen);
1669 			break;
1670 #endif
1671 		case USB_DEV_QUIRK_GET:
1672 		case USB_QUIRK_NAME_GET:
1673 		case USB_DEV_QUIRK_ADD:
1674 		case USB_DEV_QUIRK_REMOVE:
1675 			err = usb_quirk_ioctl_p(cmd, data, fflag, td);
1676 			break;
1677 		case USB_GET_TEMPLATE:
1678 			*(int *)data = usb_template;
1679 			err = 0;
1680 			break;
1681 		case USB_SET_TEMPLATE:
1682 			err = priv_check(curthread, PRIV_DRIVER);
1683 			if (err)
1684 				break;
1685 			usb_template = *(int *)data;
1686 			break;
1687 		default:
1688 			err = ENOTTY;
1689 			break;
1690 	}
1691 	return (err);
1692 }
1693 
1694 static int
usb_fifo_uiomove(struct usb_fifo * f,void * cp,int n,struct uio * uio)1695 usb_fifo_uiomove(struct usb_fifo *f, void *cp,
1696     int n, struct uio *uio)
1697 {
1698 	int error;
1699 
1700 	mtx_unlock(f->priv_mtx);
1701 
1702 	/*
1703 	 * "uiomove()" can sleep so one needs to make a wrapper,
1704 	 * exiting the mutex and checking things:
1705 	 */
1706 	error = uiomove(cp, n, uio);
1707 
1708 	mtx_lock(f->priv_mtx);
1709 
1710 	return (error);
1711 }
1712 
1713 int
usb_fifo_wait(struct usb_fifo * f)1714 usb_fifo_wait(struct usb_fifo *f)
1715 {
1716 	int err;
1717 
1718 	USB_MTX_ASSERT(f->priv_mtx, MA_OWNED);
1719 
1720 	if (f->flag_iserror) {
1721 		/* we are gone */
1722 		return (EIO);
1723 	}
1724 	f->flag_sleeping = 1;
1725 
1726 	err = cv_wait_sig(&f->cv_io, f->priv_mtx);
1727 
1728 	if (f->flag_iserror) {
1729 		/* we are gone */
1730 		err = EIO;
1731 	}
1732 	return (err);
1733 }
1734 
1735 void
usb_fifo_signal(struct usb_fifo * f)1736 usb_fifo_signal(struct usb_fifo *f)
1737 {
1738 	if (f->flag_sleeping) {
1739 		f->flag_sleeping = 0;
1740 		cv_broadcast(&f->cv_io);
1741 	}
1742 }
1743 
1744 void
usb_fifo_wakeup(struct usb_fifo * f)1745 usb_fifo_wakeup(struct usb_fifo *f)
1746 {
1747 	usb_fifo_signal(f);
1748 
1749 	KNOTE_LOCKED(&f->selinfo.si_note, 0);
1750 
1751 	if (f->flag_isselect) {
1752 		selwakeup(&f->selinfo);
1753 		f->flag_isselect = 0;
1754 	}
1755 	if (f->async_p != NULL) {
1756 		PROC_LOCK(f->async_p);
1757 		kern_psignal(f->async_p, SIGIO);
1758 		PROC_UNLOCK(f->async_p);
1759 	}
1760 }
1761 
1762 static int
usb_fifo_dummy_open(struct usb_fifo * fifo,int fflags)1763 usb_fifo_dummy_open(struct usb_fifo *fifo, int fflags)
1764 {
1765 	return (0);
1766 }
1767 
1768 static void
usb_fifo_dummy_close(struct usb_fifo * fifo,int fflags)1769 usb_fifo_dummy_close(struct usb_fifo *fifo, int fflags)
1770 {
1771 	return;
1772 }
1773 
1774 static int
usb_fifo_dummy_ioctl(struct usb_fifo * fifo,u_long cmd,void * addr,int fflags)1775 usb_fifo_dummy_ioctl(struct usb_fifo *fifo, u_long cmd, void *addr, int fflags)
1776 {
1777 	return (ENOIOCTL);
1778 }
1779 
1780 static void
usb_fifo_dummy_cmd(struct usb_fifo * fifo)1781 usb_fifo_dummy_cmd(struct usb_fifo *fifo)
1782 {
1783 	fifo->flag_flushing = 0;	/* not flushing */
1784 }
1785 
1786 static void
usb_fifo_check_methods(struct usb_fifo_methods * pm)1787 usb_fifo_check_methods(struct usb_fifo_methods *pm)
1788 {
1789 	/* check that all callback functions are OK */
1790 
1791 	if (pm->f_open == NULL)
1792 		pm->f_open = &usb_fifo_dummy_open;
1793 
1794 	if (pm->f_close == NULL)
1795 		pm->f_close = &usb_fifo_dummy_close;
1796 
1797 	if (pm->f_ioctl == NULL)
1798 		pm->f_ioctl = &usb_fifo_dummy_ioctl;
1799 
1800 	if (pm->f_ioctl_post == NULL)
1801 		pm->f_ioctl_post = &usb_fifo_dummy_ioctl;
1802 
1803 	if (pm->f_start_read == NULL)
1804 		pm->f_start_read = &usb_fifo_dummy_cmd;
1805 
1806 	if (pm->f_stop_read == NULL)
1807 		pm->f_stop_read = &usb_fifo_dummy_cmd;
1808 
1809 	if (pm->f_start_write == NULL)
1810 		pm->f_start_write = &usb_fifo_dummy_cmd;
1811 
1812 	if (pm->f_stop_write == NULL)
1813 		pm->f_stop_write = &usb_fifo_dummy_cmd;
1814 }
1815 
1816 /*------------------------------------------------------------------------*
1817  *	usb_fifo_attach
1818  *
1819  * The following function will create a duplex FIFO.
1820  *
1821  * Return values:
1822  * 0: Success.
1823  * Else: Failure.
1824  *------------------------------------------------------------------------*/
1825 int
usb_fifo_attach(struct usb_device * udev,void * priv_sc,struct mtx * priv_mtx,struct usb_fifo_methods * pm,struct usb_fifo_sc * f_sc,uint16_t unit,int16_t subunit,uint8_t iface_index,uid_t uid,gid_t gid,int mode)1826 usb_fifo_attach(struct usb_device *udev, void *priv_sc,
1827     struct mtx *priv_mtx, struct usb_fifo_methods *pm,
1828     struct usb_fifo_sc *f_sc, uint16_t unit, int16_t subunit,
1829     uint8_t iface_index, uid_t uid, gid_t gid, int mode)
1830 {
1831 	struct usb_fifo *f_tx;
1832 	struct usb_fifo *f_rx;
1833 	char devname[32];
1834 	uint8_t n;
1835 
1836 	f_sc->fp[USB_FIFO_TX] = NULL;
1837 	f_sc->fp[USB_FIFO_RX] = NULL;
1838 
1839 	if (pm == NULL)
1840 		return (EINVAL);
1841 
1842 	/* check the methods */
1843 	usb_fifo_check_methods(pm);
1844 
1845 	if (priv_mtx == NULL)
1846 		priv_mtx = &Giant;
1847 
1848 	/* search for a free FIFO slot */
1849 	for (n = 0;; n += 2) {
1850 		if (n == USB_FIFO_MAX) {
1851 			/* end of FIFOs reached */
1852 			return (ENOMEM);
1853 		}
1854 		/* Check for TX FIFO */
1855 		if (udev->fifo[n + USB_FIFO_TX] != NULL) {
1856 			continue;
1857 		}
1858 		/* Check for RX FIFO */
1859 		if (udev->fifo[n + USB_FIFO_RX] != NULL) {
1860 			continue;
1861 		}
1862 		break;
1863 	}
1864 
1865 	f_tx = usb_fifo_alloc(priv_mtx);
1866 	f_rx = usb_fifo_alloc(priv_mtx);
1867 
1868 	if ((f_tx == NULL) || (f_rx == NULL)) {
1869 		usb_fifo_free(f_tx);
1870 		usb_fifo_free(f_rx);
1871 		return (ENOMEM);
1872 	}
1873 	/* initialise FIFO structures */
1874 
1875 	f_tx->fifo_index = n + USB_FIFO_TX;
1876 	f_tx->dev_ep_index = -1;
1877 	f_tx->priv_sc0 = priv_sc;
1878 	f_tx->methods = pm;
1879 	f_tx->iface_index = iface_index;
1880 	f_tx->udev = udev;
1881 
1882 	f_rx->fifo_index = n + USB_FIFO_RX;
1883 	f_rx->dev_ep_index = -1;
1884 	f_rx->priv_sc0 = priv_sc;
1885 	f_rx->methods = pm;
1886 	f_rx->iface_index = iface_index;
1887 	f_rx->udev = udev;
1888 
1889 	f_sc->fp[USB_FIFO_TX] = f_tx;
1890 	f_sc->fp[USB_FIFO_RX] = f_rx;
1891 
1892 	mtx_lock(&usb_ref_lock);
1893 	udev->fifo[f_tx->fifo_index] = f_tx;
1894 	udev->fifo[f_rx->fifo_index] = f_rx;
1895 	mtx_unlock(&usb_ref_lock);
1896 
1897 	for (n = 0; n != 4; n++) {
1898 		if (pm->basename[n] == NULL) {
1899 			continue;
1900 		}
1901 		if (subunit < 0) {
1902 			if (snprintf(devname, sizeof(devname),
1903 			    "%s%u%s", pm->basename[n],
1904 			    unit, pm->postfix[n] ?
1905 			    pm->postfix[n] : "")) {
1906 				/* ignore */
1907 			}
1908 		} else {
1909 			if (snprintf(devname, sizeof(devname),
1910 			    "%s%u.%d%s", pm->basename[n],
1911 			    unit, subunit, pm->postfix[n] ?
1912 			    pm->postfix[n] : "")) {
1913 				/* ignore */
1914 			}
1915 		}
1916 
1917 		/*
1918 		 * Distribute the symbolic links into two FIFO structures:
1919 		 */
1920 		if (n & 1) {
1921 			f_rx->symlink[n / 2] =
1922 			    usb_alloc_symlink(devname);
1923 		} else {
1924 			f_tx->symlink[n / 2] =
1925 			    usb_alloc_symlink(devname);
1926 		}
1927 
1928 		/* Create the device */
1929 		f_sc->dev = usb_make_dev(udev, devname, -1,
1930 		    f_tx->fifo_index & f_rx->fifo_index,
1931 		    FREAD|FWRITE, uid, gid, mode);
1932 	}
1933 
1934 	DPRINTFN(2, "attached %p/%p\n", f_tx, f_rx);
1935 	return (0);
1936 }
1937 
1938 /*------------------------------------------------------------------------*
1939  *	usb_fifo_alloc_buffer
1940  *
1941  * Return values:
1942  * 0: Success
1943  * Else failure
1944  *------------------------------------------------------------------------*/
1945 int
usb_fifo_alloc_buffer(struct usb_fifo * f,usb_size_t bufsize,uint16_t nbuf)1946 usb_fifo_alloc_buffer(struct usb_fifo *f, usb_size_t bufsize,
1947     uint16_t nbuf)
1948 {
1949 	struct usb_ifqueue temp_q = {};
1950 	void *queue_data;
1951 
1952 	usb_fifo_free_buffer(f);
1953 
1954 	temp_q.ifq_maxlen = nbuf;
1955 
1956 	queue_data = usb_alloc_mbufs(
1957 	    M_USBDEV, &temp_q, bufsize, nbuf);
1958 
1959 	if (queue_data == NULL && bufsize != 0 && nbuf != 0)
1960 		return (ENOMEM);
1961 
1962 	mtx_lock(f->priv_mtx);
1963 
1964 	/*
1965 	 * Setup queues and sizes under lock to avoid early use by
1966 	 * concurrent FIFO access:
1967 	 */
1968 	f->free_q = temp_q;
1969 	f->used_q.ifq_maxlen = nbuf;
1970 	f->queue_data = queue_data;
1971 	mtx_unlock(f->priv_mtx);
1972 
1973 	return (0);			/* success */
1974 }
1975 
1976 /*------------------------------------------------------------------------*
1977  *	usb_fifo_free_buffer
1978  *
1979  * This function will free the buffers associated with a FIFO. This
1980  * function can be called multiple times in a row.
1981  *------------------------------------------------------------------------*/
1982 void
usb_fifo_free_buffer(struct usb_fifo * f)1983 usb_fifo_free_buffer(struct usb_fifo *f)
1984 {
1985 	void *queue_data;
1986 
1987 	mtx_lock(f->priv_mtx);
1988 
1989 	/* Get and clear pointer to free, if any. */
1990 	queue_data = f->queue_data;
1991 	f->queue_data = NULL;
1992 
1993 	/*
1994 	 * Reset queues under lock to avoid use of freed buffers by
1995 	 * concurrent FIFO activity:
1996 	 */
1997 	memset(&f->free_q, 0, sizeof(f->free_q));
1998 	memset(&f->used_q, 0, sizeof(f->used_q));
1999 	mtx_unlock(f->priv_mtx);
2000 
2001 	/* Free old buffer, if any. */
2002 	free(queue_data, M_USBDEV);
2003 }
2004 
2005 void
usb_fifo_detach(struct usb_fifo_sc * f_sc)2006 usb_fifo_detach(struct usb_fifo_sc *f_sc)
2007 {
2008 	if (f_sc == NULL) {
2009 		return;
2010 	}
2011 	usb_fifo_free(f_sc->fp[USB_FIFO_TX]);
2012 	usb_fifo_free(f_sc->fp[USB_FIFO_RX]);
2013 
2014 	f_sc->fp[USB_FIFO_TX] = NULL;
2015 	f_sc->fp[USB_FIFO_RX] = NULL;
2016 
2017 	usb_destroy_dev(f_sc->dev);
2018 
2019 	f_sc->dev = NULL;
2020 
2021 	DPRINTFN(2, "detached %p\n", f_sc);
2022 }
2023 
2024 usb_size_t
usb_fifo_put_bytes_max(struct usb_fifo * f)2025 usb_fifo_put_bytes_max(struct usb_fifo *f)
2026 {
2027 	struct usb_mbuf *m;
2028 	usb_size_t len;
2029 
2030 	USB_IF_POLL(&f->free_q, m);
2031 
2032 	if (m) {
2033 		len = m->max_data_len;
2034 	} else {
2035 		len = 0;
2036 	}
2037 	return (len);
2038 }
2039 
2040 /*------------------------------------------------------------------------*
2041  *	usb_fifo_put_data
2042  *
2043  * what:
2044  *  0 - normal operation
2045  *  1 - set last packet flag to enforce framing
2046  *------------------------------------------------------------------------*/
2047 void
usb_fifo_put_data(struct usb_fifo * f,struct usb_page_cache * pc,usb_frlength_t offset,usb_frlength_t len,uint8_t what)2048 usb_fifo_put_data(struct usb_fifo *f, struct usb_page_cache *pc,
2049     usb_frlength_t offset, usb_frlength_t len, uint8_t what)
2050 {
2051 	struct usb_mbuf *m;
2052 	usb_frlength_t io_len;
2053 
2054 	while (len || (what == 1)) {
2055 		USB_IF_DEQUEUE(&f->free_q, m);
2056 
2057 		if (m) {
2058 			USB_MBUF_RESET(m);
2059 
2060 			io_len = MIN(len, m->cur_data_len);
2061 
2062 			usbd_copy_out(pc, offset, m->cur_data_ptr, io_len);
2063 
2064 			m->cur_data_len = io_len;
2065 			offset += io_len;
2066 			len -= io_len;
2067 
2068 			if ((len == 0) && (what == 1)) {
2069 				m->last_packet = 1;
2070 			}
2071 			USB_IF_ENQUEUE(&f->used_q, m);
2072 
2073 			usb_fifo_wakeup(f);
2074 
2075 			if ((len == 0) || (what == 1)) {
2076 				break;
2077 			}
2078 		} else {
2079 			break;
2080 		}
2081 	}
2082 }
2083 
2084 void
usb_fifo_put_data_linear(struct usb_fifo * f,void * ptr,usb_size_t len,uint8_t what)2085 usb_fifo_put_data_linear(struct usb_fifo *f, void *ptr,
2086     usb_size_t len, uint8_t what)
2087 {
2088 	struct usb_mbuf *m;
2089 	usb_size_t io_len;
2090 
2091 	while (len || (what == 1)) {
2092 		USB_IF_DEQUEUE(&f->free_q, m);
2093 
2094 		if (m) {
2095 			USB_MBUF_RESET(m);
2096 
2097 			io_len = MIN(len, m->cur_data_len);
2098 
2099 			memcpy(m->cur_data_ptr, ptr, io_len);
2100 
2101 			m->cur_data_len = io_len;
2102 			ptr = USB_ADD_BYTES(ptr, io_len);
2103 			len -= io_len;
2104 
2105 			if ((len == 0) && (what == 1)) {
2106 				m->last_packet = 1;
2107 			}
2108 			USB_IF_ENQUEUE(&f->used_q, m);
2109 
2110 			usb_fifo_wakeup(f);
2111 
2112 			if ((len == 0) || (what == 1)) {
2113 				break;
2114 			}
2115 		} else {
2116 			break;
2117 		}
2118 	}
2119 }
2120 
2121 uint8_t
usb_fifo_put_data_buffer(struct usb_fifo * f,void * ptr,usb_size_t len)2122 usb_fifo_put_data_buffer(struct usb_fifo *f, void *ptr, usb_size_t len)
2123 {
2124 	struct usb_mbuf *m;
2125 
2126 	USB_IF_DEQUEUE(&f->free_q, m);
2127 
2128 	if (m) {
2129 		m->cur_data_len = len;
2130 		m->cur_data_ptr = ptr;
2131 		USB_IF_ENQUEUE(&f->used_q, m);
2132 		usb_fifo_wakeup(f);
2133 		return (1);
2134 	}
2135 	return (0);
2136 }
2137 
2138 void
usb_fifo_put_data_error(struct usb_fifo * f)2139 usb_fifo_put_data_error(struct usb_fifo *f)
2140 {
2141 	f->flag_iserror = 1;
2142 	usb_fifo_wakeup(f);
2143 }
2144 
2145 /*------------------------------------------------------------------------*
2146  *	usb_fifo_get_data
2147  *
2148  * what:
2149  *  0 - normal operation
2150  *  1 - only get one "usb_mbuf"
2151  *
2152  * returns:
2153  *  0 - no more data
2154  *  1 - data in buffer
2155  *------------------------------------------------------------------------*/
2156 uint8_t
usb_fifo_get_data(struct usb_fifo * f,struct usb_page_cache * pc,usb_frlength_t offset,usb_frlength_t len,usb_frlength_t * actlen,uint8_t what)2157 usb_fifo_get_data(struct usb_fifo *f, struct usb_page_cache *pc,
2158     usb_frlength_t offset, usb_frlength_t len, usb_frlength_t *actlen,
2159     uint8_t what)
2160 {
2161 	struct usb_mbuf *m;
2162 	usb_frlength_t io_len;
2163 	uint8_t tr_data = 0;
2164 
2165 	actlen[0] = 0;
2166 
2167 	while (1) {
2168 		USB_IF_DEQUEUE(&f->used_q, m);
2169 
2170 		if (m) {
2171 			tr_data = 1;
2172 
2173 			io_len = MIN(len, m->cur_data_len);
2174 
2175 			usbd_copy_in(pc, offset, m->cur_data_ptr, io_len);
2176 
2177 			len -= io_len;
2178 			offset += io_len;
2179 			actlen[0] += io_len;
2180 			m->cur_data_ptr += io_len;
2181 			m->cur_data_len -= io_len;
2182 
2183 			if ((m->cur_data_len == 0) || (what == 1)) {
2184 				USB_IF_ENQUEUE(&f->free_q, m);
2185 
2186 				usb_fifo_wakeup(f);
2187 
2188 				if (what == 1) {
2189 					break;
2190 				}
2191 			} else {
2192 				USB_IF_PREPEND(&f->used_q, m);
2193 			}
2194 		} else {
2195 			if (tr_data) {
2196 				/* wait for data to be written out */
2197 				break;
2198 			}
2199 			if (f->flag_flushing) {
2200 				/* check if we should send a short packet */
2201 				if (f->flag_short != 0) {
2202 					f->flag_short = 0;
2203 					tr_data = 1;
2204 					break;
2205 				}
2206 				/* flushing complete */
2207 				f->flag_flushing = 0;
2208 				usb_fifo_wakeup(f);
2209 			}
2210 			break;
2211 		}
2212 		if (len == 0) {
2213 			break;
2214 		}
2215 	}
2216 	return (tr_data);
2217 }
2218 
2219 uint8_t
usb_fifo_get_data_linear(struct usb_fifo * f,void * ptr,usb_size_t len,usb_size_t * actlen,uint8_t what)2220 usb_fifo_get_data_linear(struct usb_fifo *f, void *ptr,
2221     usb_size_t len, usb_size_t *actlen, uint8_t what)
2222 {
2223 	struct usb_mbuf *m;
2224 	usb_size_t io_len;
2225 	uint8_t tr_data = 0;
2226 
2227 	actlen[0] = 0;
2228 
2229 	while (1) {
2230 		USB_IF_DEQUEUE(&f->used_q, m);
2231 
2232 		if (m) {
2233 			tr_data = 1;
2234 
2235 			io_len = MIN(len, m->cur_data_len);
2236 
2237 			memcpy(ptr, m->cur_data_ptr, io_len);
2238 
2239 			len -= io_len;
2240 			ptr = USB_ADD_BYTES(ptr, io_len);
2241 			actlen[0] += io_len;
2242 			m->cur_data_ptr += io_len;
2243 			m->cur_data_len -= io_len;
2244 
2245 			if ((m->cur_data_len == 0) || (what == 1)) {
2246 				USB_IF_ENQUEUE(&f->free_q, m);
2247 
2248 				usb_fifo_wakeup(f);
2249 
2250 				if (what == 1) {
2251 					break;
2252 				}
2253 			} else {
2254 				USB_IF_PREPEND(&f->used_q, m);
2255 			}
2256 		} else {
2257 			if (tr_data) {
2258 				/* wait for data to be written out */
2259 				break;
2260 			}
2261 			if (f->flag_flushing) {
2262 				/* check if we should send a short packet */
2263 				if (f->flag_short != 0) {
2264 					f->flag_short = 0;
2265 					tr_data = 1;
2266 					break;
2267 				}
2268 				/* flushing complete */
2269 				f->flag_flushing = 0;
2270 				usb_fifo_wakeup(f);
2271 			}
2272 			break;
2273 		}
2274 		if (len == 0) {
2275 			break;
2276 		}
2277 	}
2278 	return (tr_data);
2279 }
2280 
2281 uint8_t
usb_fifo_get_data_buffer(struct usb_fifo * f,void ** pptr,usb_size_t * plen)2282 usb_fifo_get_data_buffer(struct usb_fifo *f, void **pptr, usb_size_t *plen)
2283 {
2284 	struct usb_mbuf *m;
2285 
2286 	USB_IF_POLL(&f->used_q, m);
2287 
2288 	if (m) {
2289 		*plen = m->cur_data_len;
2290 		*pptr = m->cur_data_ptr;
2291 
2292 		return (1);
2293 	}
2294 	return (0);
2295 }
2296 
2297 void
usb_fifo_get_data_error(struct usb_fifo * f)2298 usb_fifo_get_data_error(struct usb_fifo *f)
2299 {
2300 	f->flag_iserror = 1;
2301 	usb_fifo_wakeup(f);
2302 }
2303 
2304 /*------------------------------------------------------------------------*
2305  *	usb_alloc_symlink
2306  *
2307  * Return values:
2308  * NULL: Failure
2309  * Else: Pointer to symlink entry
2310  *------------------------------------------------------------------------*/
2311 struct usb_symlink *
usb_alloc_symlink(const char * target)2312 usb_alloc_symlink(const char *target)
2313 {
2314 	struct usb_symlink *ps;
2315 
2316 	ps = malloc(sizeof(*ps), M_USBDEV, M_WAITOK);
2317 	/* XXX no longer needed */
2318 	strlcpy(ps->src_path, target, sizeof(ps->src_path));
2319 	ps->src_len = strlen(ps->src_path);
2320 	strlcpy(ps->dst_path, target, sizeof(ps->dst_path));
2321 	ps->dst_len = strlen(ps->dst_path);
2322 
2323 	sx_xlock(&usb_sym_lock);
2324 	TAILQ_INSERT_TAIL(&usb_sym_head, ps, sym_entry);
2325 	sx_unlock(&usb_sym_lock);
2326 	return (ps);
2327 }
2328 
2329 /*------------------------------------------------------------------------*
2330  *	usb_free_symlink
2331  *------------------------------------------------------------------------*/
2332 void
usb_free_symlink(struct usb_symlink * ps)2333 usb_free_symlink(struct usb_symlink *ps)
2334 {
2335 	if (ps == NULL) {
2336 		return;
2337 	}
2338 	sx_xlock(&usb_sym_lock);
2339 	TAILQ_REMOVE(&usb_sym_head, ps, sym_entry);
2340 	sx_unlock(&usb_sym_lock);
2341 
2342 	free(ps, M_USBDEV);
2343 }
2344 
2345 /*------------------------------------------------------------------------*
2346  *	usb_read_symlink
2347  *
2348  * Return value:
2349  * 0: Success
2350  * Else: Failure
2351  *------------------------------------------------------------------------*/
2352 int
usb_read_symlink(uint8_t * user_ptr,uint32_t startentry,uint32_t user_len)2353 usb_read_symlink(uint8_t *user_ptr, uint32_t startentry, uint32_t user_len)
2354 {
2355 	struct usb_symlink *ps;
2356 	uint32_t temp;
2357 	uint32_t delta = 0;
2358 	uint8_t len;
2359 	int error = 0;
2360 
2361 	sx_xlock(&usb_sym_lock);
2362 
2363 	TAILQ_FOREACH(ps, &usb_sym_head, sym_entry) {
2364 		/*
2365 		 * Compute total length of source and destination symlink
2366 		 * strings pluss one length byte and two NUL bytes:
2367 		 */
2368 		temp = ps->src_len + ps->dst_len + 3;
2369 
2370 		if (temp > 255) {
2371 			/*
2372 			 * Skip entry because this length cannot fit
2373 			 * into one byte:
2374 			 */
2375 			continue;
2376 		}
2377 		if (startentry != 0) {
2378 			/* decrement read offset */
2379 			startentry--;
2380 			continue;
2381 		}
2382 		if (temp > user_len) {
2383 			/* out of buffer space */
2384 			break;
2385 		}
2386 		len = temp;
2387 
2388 		/* copy out total length */
2389 
2390 		error = copyout(&len,
2391 		    USB_ADD_BYTES(user_ptr, delta), 1);
2392 		if (error) {
2393 			break;
2394 		}
2395 		delta += 1;
2396 
2397 		/* copy out source string */
2398 
2399 		error = copyout(ps->src_path,
2400 		    USB_ADD_BYTES(user_ptr, delta), ps->src_len);
2401 		if (error) {
2402 			break;
2403 		}
2404 		len = 0;
2405 		delta += ps->src_len;
2406 		error = copyout(&len,
2407 		    USB_ADD_BYTES(user_ptr, delta), 1);
2408 		if (error) {
2409 			break;
2410 		}
2411 		delta += 1;
2412 
2413 		/* copy out destination string */
2414 
2415 		error = copyout(ps->dst_path,
2416 		    USB_ADD_BYTES(user_ptr, delta), ps->dst_len);
2417 		if (error) {
2418 			break;
2419 		}
2420 		len = 0;
2421 		delta += ps->dst_len;
2422 		error = copyout(&len,
2423 		    USB_ADD_BYTES(user_ptr, delta), 1);
2424 		if (error) {
2425 			break;
2426 		}
2427 		delta += 1;
2428 
2429 		user_len -= temp;
2430 	}
2431 
2432 	/* a zero length entry indicates the end */
2433 
2434 	if ((user_len != 0) && (error == 0)) {
2435 		len = 0;
2436 
2437 		error = copyout(&len,
2438 		    USB_ADD_BYTES(user_ptr, delta), 1);
2439 	}
2440 	sx_unlock(&usb_sym_lock);
2441 	return (error);
2442 }
2443 
2444 void
usb_fifo_set_close_zlp(struct usb_fifo * f,uint8_t onoff)2445 usb_fifo_set_close_zlp(struct usb_fifo *f, uint8_t onoff)
2446 {
2447 	if (f == NULL)
2448 		return;
2449 
2450 	/* send a Zero Length Packet, ZLP, before close */
2451 	f->flag_short = onoff;
2452 }
2453 
2454 void
usb_fifo_set_write_defrag(struct usb_fifo * f,uint8_t onoff)2455 usb_fifo_set_write_defrag(struct usb_fifo *f, uint8_t onoff)
2456 {
2457 	if (f == NULL)
2458 		return;
2459 
2460 	/* defrag written data */
2461 	f->flag_write_defrag = onoff;
2462 	/* reset defrag state */
2463 	f->flag_have_fragment = 0;
2464 }
2465 
2466 void *
usb_fifo_softc(struct usb_fifo * f)2467 usb_fifo_softc(struct usb_fifo *f)
2468 {
2469 	return (f->priv_sc0);
2470 }
2471 #endif	/* USB_HAVE_UGEN */
2472