xref: /freebsd/sys/dev/usb/usb_dev.c (revision 2e1417489338b971e5fd599ff48b5f65df9e8d3b)
1 /* $FreeBSD$ */
2 /*-
3  * Copyright (c) 2006-2008 Hans Petter Selasky. All rights reserved.
4  *
5  * Redistribution and use in source and binary forms, with or without
6  * modification, are permitted provided that the following conditions
7  * are met:
8  * 1. Redistributions of source code must retain the above copyright
9  *    notice, this list of conditions and the following disclaimer.
10  * 2. Redistributions in binary form must reproduce the above copyright
11  *    notice, this list of conditions and the following disclaimer in the
12  *    documentation and/or other materials provided with the distribution.
13  *
14  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
15  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
16  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
17  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
18  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
19  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
20  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
21  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
22  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
23  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
24  * SUCH DAMAGE.
25  *
26  *
27  * usb_dev.c - An abstraction layer for creating devices under /dev/...
28  */
29 
30 #include <sys/stdint.h>
31 #include <sys/stddef.h>
32 #include <sys/param.h>
33 #include <sys/queue.h>
34 #include <sys/types.h>
35 #include <sys/systm.h>
36 #include <sys/kernel.h>
37 #include <sys/bus.h>
38 #include <sys/module.h>
39 #include <sys/lock.h>
40 #include <sys/mutex.h>
41 #include <sys/condvar.h>
42 #include <sys/sysctl.h>
43 #include <sys/sx.h>
44 #include <sys/unistd.h>
45 #include <sys/callout.h>
46 #include <sys/malloc.h>
47 #include <sys/priv.h>
48 #include <sys/vnode.h>
49 #include <sys/conf.h>
50 #include <sys/fcntl.h>
51 
52 #include <dev/usb/usb.h>
53 #include <dev/usb/usb_ioctl.h>
54 #include <dev/usb/usbdi.h>
55 #include <dev/usb/usbdi_util.h>
56 
57 #define	USB_DEBUG_VAR usb_fifo_debug
58 
59 #include <dev/usb/usb_core.h>
60 #include <dev/usb/usb_dev.h>
61 #include <dev/usb/usb_mbuf.h>
62 #include <dev/usb/usb_process.h>
63 #include <dev/usb/usb_device.h>
64 #include <dev/usb/usb_debug.h>
65 #include <dev/usb/usb_busdma.h>
66 #include <dev/usb/usb_generic.h>
67 #include <dev/usb/usb_dynamic.h>
68 #include <dev/usb/usb_util.h>
69 
70 #include <dev/usb/usb_controller.h>
71 #include <dev/usb/usb_bus.h>
72 
73 #include <sys/filio.h>
74 #include <sys/ttycom.h>
75 #include <sys/syscallsubr.h>
76 
77 #include <machine/stdarg.h>
78 
79 #if USB_HAVE_UGEN
80 
81 #ifdef USB_DEBUG
82 static int usb_fifo_debug = 0;
83 
84 static SYSCTL_NODE(_hw_usb, OID_AUTO, dev, CTLFLAG_RW, 0, "USB device");
85 SYSCTL_INT(_hw_usb_dev, OID_AUTO, debug, CTLFLAG_RW,
86     &usb_fifo_debug, 0, "Debug Level");
87 
88 TUNABLE_INT("hw.usb.dev.debug", &usb_fifo_debug);
89 #endif
90 
91 #if ((__FreeBSD_version >= 700001) || (__FreeBSD_version == 0) || \
92      ((__FreeBSD_version >= 600034) && (__FreeBSD_version < 700000)))
93 #define	USB_UCRED struct ucred *ucred,
94 #else
95 #define	USB_UCRED
96 #endif
97 
98 /* prototypes */
99 
100 static int	usb_fifo_open(struct usb_cdev_privdata *,
101 		    struct usb_fifo *, int);
102 static void	usb_fifo_close(struct usb_fifo *, int);
103 static void	usb_dev_init(void *);
104 static void	usb_dev_init_post(void *);
105 static void	usb_dev_uninit(void *);
106 static int	usb_fifo_uiomove(struct usb_fifo *, void *, int,
107 		    struct uio *);
108 static void	usb_fifo_check_methods(struct usb_fifo_methods *);
109 static struct	usb_fifo *usb_fifo_alloc(void);
110 static struct	usb_endpoint *usb_dev_get_ep(struct usb_device *, uint8_t,
111 		    uint8_t);
112 static void	usb_loc_fill(struct usb_fs_privdata *,
113 		    struct usb_cdev_privdata *);
114 static void	usb_close(void *);
115 static usb_error_t usb_ref_device(struct usb_cdev_privdata *, struct usb_cdev_refdata *, int);
116 static usb_error_t usb_usb_ref_device(struct usb_cdev_privdata *, struct usb_cdev_refdata *);
117 static void	usb_unref_device(struct usb_cdev_privdata *, struct usb_cdev_refdata *);
118 
119 static d_open_t usb_open;
120 static d_ioctl_t usb_ioctl;
121 static d_read_t usb_read;
122 static d_write_t usb_write;
123 static d_poll_t usb_poll;
124 
125 static d_ioctl_t usb_static_ioctl;
126 
127 static usb_fifo_open_t usb_fifo_dummy_open;
128 static usb_fifo_close_t usb_fifo_dummy_close;
129 static usb_fifo_ioctl_t usb_fifo_dummy_ioctl;
130 static usb_fifo_cmd_t usb_fifo_dummy_cmd;
131 
132 /* character device structure used for devices (/dev/ugenX.Y and /dev/uXXX) */
133 struct cdevsw usb_devsw = {
134 	.d_version = D_VERSION,
135 	.d_open = usb_open,
136 	.d_ioctl = usb_ioctl,
137 	.d_name = "usbdev",
138 	.d_flags = D_TRACKCLOSE,
139 	.d_read = usb_read,
140 	.d_write = usb_write,
141 	.d_poll = usb_poll
142 };
143 
144 static struct cdev* usb_dev = NULL;
145 
146 /* character device structure used for /dev/usb */
147 static struct cdevsw usb_static_devsw = {
148 	.d_version = D_VERSION,
149 	.d_ioctl = usb_static_ioctl,
150 	.d_name = "usb"
151 };
152 
153 static TAILQ_HEAD(, usb_symlink) usb_sym_head;
154 static struct sx usb_sym_lock;
155 
156 struct mtx usb_ref_lock;
157 
158 /*------------------------------------------------------------------------*
159  *	usb_loc_fill
160  *
161  * This is used to fill out a usb_cdev_privdata structure based on the
162  * device's address as contained in usb_fs_privdata.
163  *------------------------------------------------------------------------*/
164 static void
165 usb_loc_fill(struct usb_fs_privdata* pd, struct usb_cdev_privdata *cpd)
166 {
167 	cpd->bus_index = pd->bus_index;
168 	cpd->dev_index = pd->dev_index;
169 	cpd->ep_addr = pd->ep_addr;
170 	cpd->fifo_index = pd->fifo_index;
171 }
172 
173 /*------------------------------------------------------------------------*
174  *	usb_ref_device
175  *
176  * This function is used to atomically refer an USB device by its
177  * device location. If this function returns success the USB device
178  * will not dissappear until the USB device is unreferenced.
179  *
180  * Return values:
181  *  0: Success, refcount incremented on the given USB device.
182  *  Else: Failure.
183  *------------------------------------------------------------------------*/
184 static usb_error_t
185 usb_ref_device(struct usb_cdev_privdata *cpd,
186     struct usb_cdev_refdata *crd, int need_uref)
187 {
188 	struct usb_fifo **ppf;
189 	struct usb_fifo *f;
190 
191 	DPRINTFN(2, "cpd=%p need uref=%d\n", cpd, need_uref);
192 
193 	/* clear all refs */
194 	memset(crd, 0, sizeof(*crd));
195 
196 	mtx_lock(&usb_ref_lock);
197 	cpd->bus = devclass_get_softc(usb_devclass_ptr, cpd->bus_index);
198 	if (cpd->bus == NULL) {
199 		DPRINTFN(2, "no bus at %u\n", cpd->bus_index);
200 		goto error;
201 	}
202 	cpd->udev = cpd->bus->devices[cpd->dev_index];
203 	if (cpd->udev == NULL) {
204 		DPRINTFN(2, "no device at %u\n", cpd->dev_index);
205 		goto error;
206 	}
207 	if (cpd->udev->refcount == USB_DEV_REF_MAX) {
208 		DPRINTFN(2, "no dev ref\n");
209 		goto error;
210 	}
211 	if (need_uref) {
212 		DPRINTFN(2, "ref udev - needed\n");
213 		cpd->udev->refcount++;
214 
215 		mtx_unlock(&usb_ref_lock);
216 
217 		/*
218 		 * We need to grab the sx-lock before grabbing the
219 		 * FIFO refs to avoid deadlock at detach!
220 		 */
221 		usbd_enum_lock(cpd->udev);
222 
223 		mtx_lock(&usb_ref_lock);
224 
225 		/*
226 		 * Set "is_uref" after grabbing the default SX lock
227 		 */
228 		crd->is_uref = 1;
229 	}
230 
231 	/* check if we are doing an open */
232 	if (cpd->fflags == 0) {
233 		/* use zero defaults */
234 	} else {
235 		/* check for write */
236 		if (cpd->fflags & FWRITE) {
237 			ppf = cpd->udev->fifo;
238 			f = ppf[cpd->fifo_index + USB_FIFO_TX];
239 			crd->txfifo = f;
240 			crd->is_write = 1;	/* ref */
241 			if (f == NULL || f->refcount == USB_FIFO_REF_MAX)
242 				goto error;
243 			if (f->curr_cpd != cpd)
244 				goto error;
245 			/* check if USB-FS is active */
246 			if (f->fs_ep_max != 0) {
247 				crd->is_usbfs = 1;
248 			}
249 		}
250 
251 		/* check for read */
252 		if (cpd->fflags & FREAD) {
253 			ppf = cpd->udev->fifo;
254 			f = ppf[cpd->fifo_index + USB_FIFO_RX];
255 			crd->rxfifo = f;
256 			crd->is_read = 1;	/* ref */
257 			if (f == NULL || f->refcount == USB_FIFO_REF_MAX)
258 				goto error;
259 			if (f->curr_cpd != cpd)
260 				goto error;
261 			/* check if USB-FS is active */
262 			if (f->fs_ep_max != 0) {
263 				crd->is_usbfs = 1;
264 			}
265 		}
266 	}
267 
268 	/* when everything is OK we increment the refcounts */
269 	if (crd->is_write) {
270 		DPRINTFN(2, "ref write\n");
271 		crd->txfifo->refcount++;
272 	}
273 	if (crd->is_read) {
274 		DPRINTFN(2, "ref read\n");
275 		crd->rxfifo->refcount++;
276 	}
277 	mtx_unlock(&usb_ref_lock);
278 
279 	return (0);
280 
281 error:
282 	if (crd->is_uref) {
283 		usbd_enum_unlock(cpd->udev);
284 
285 		if (--(cpd->udev->refcount) == 0) {
286 			cv_signal(&cpd->udev->ref_cv);
287 		}
288 	}
289 	mtx_unlock(&usb_ref_lock);
290 	DPRINTFN(2, "fail\n");
291 	return (USB_ERR_INVAL);
292 }
293 
294 /*------------------------------------------------------------------------*
295  *	usb_usb_ref_device
296  *
297  * This function is used to upgrade an USB reference to include the
298  * USB device reference on a USB location.
299  *
300  * Return values:
301  *  0: Success, refcount incremented on the given USB device.
302  *  Else: Failure.
303  *------------------------------------------------------------------------*/
304 static usb_error_t
305 usb_usb_ref_device(struct usb_cdev_privdata *cpd,
306     struct usb_cdev_refdata *crd)
307 {
308 	/*
309 	 * Check if we already got an USB reference on this location:
310 	 */
311 	if (crd->is_uref)
312 		return (0);		/* success */
313 
314 	/*
315 	 * To avoid deadlock at detach we need to drop the FIFO ref
316 	 * and re-acquire a new ref!
317 	 */
318 	usb_unref_device(cpd, crd);
319 
320 	return (usb_ref_device(cpd, crd, 1 /* need uref */));
321 }
322 
323 /*------------------------------------------------------------------------*
324  *	usb_unref_device
325  *
326  * This function will release the reference count by one unit for the
327  * given USB device.
328  *------------------------------------------------------------------------*/
329 static void
330 usb_unref_device(struct usb_cdev_privdata *cpd,
331     struct usb_cdev_refdata *crd)
332 {
333 
334 	DPRINTFN(2, "cpd=%p is_uref=%d\n", cpd, crd->is_uref);
335 
336 	if (crd->is_uref)
337 		usbd_enum_unlock(cpd->udev);
338 
339 	mtx_lock(&usb_ref_lock);
340 	if (crd->is_read) {
341 		if (--(crd->rxfifo->refcount) == 0) {
342 			cv_signal(&crd->rxfifo->cv_drain);
343 		}
344 		crd->is_read = 0;
345 	}
346 	if (crd->is_write) {
347 		if (--(crd->txfifo->refcount) == 0) {
348 			cv_signal(&crd->txfifo->cv_drain);
349 		}
350 		crd->is_write = 0;
351 	}
352 	if (crd->is_uref) {
353 		if (--(cpd->udev->refcount) == 0) {
354 			cv_signal(&cpd->udev->ref_cv);
355 		}
356 		crd->is_uref = 0;
357 	}
358 	mtx_unlock(&usb_ref_lock);
359 }
360 
361 static struct usb_fifo *
362 usb_fifo_alloc(void)
363 {
364 	struct usb_fifo *f;
365 
366 	f = malloc(sizeof(*f), M_USBDEV, M_WAITOK | M_ZERO);
367 	if (f) {
368 		cv_init(&f->cv_io, "FIFO-IO");
369 		cv_init(&f->cv_drain, "FIFO-DRAIN");
370 		f->refcount = 1;
371 	}
372 	return (f);
373 }
374 
375 /*------------------------------------------------------------------------*
376  *	usb_fifo_create
377  *------------------------------------------------------------------------*/
378 static int
379 usb_fifo_create(struct usb_cdev_privdata *cpd,
380     struct usb_cdev_refdata *crd)
381 {
382 	struct usb_device *udev = cpd->udev;
383 	struct usb_fifo *f;
384 	struct usb_endpoint *ep;
385 	uint8_t n;
386 	uint8_t is_tx;
387 	uint8_t is_rx;
388 	uint8_t no_null;
389 	uint8_t is_busy;
390 	int e = cpd->ep_addr;
391 
392 	is_tx = (cpd->fflags & FWRITE) ? 1 : 0;
393 	is_rx = (cpd->fflags & FREAD) ? 1 : 0;
394 	no_null = 1;
395 	is_busy = 0;
396 
397 	/* Preallocated FIFO */
398 	if (e < 0) {
399 		DPRINTFN(5, "Preallocated FIFO\n");
400 		if (is_tx) {
401 			f = udev->fifo[cpd->fifo_index + USB_FIFO_TX];
402 			if (f == NULL)
403 				return (EINVAL);
404 			crd->txfifo = f;
405 		}
406 		if (is_rx) {
407 			f = udev->fifo[cpd->fifo_index + USB_FIFO_RX];
408 			if (f == NULL)
409 				return (EINVAL);
410 			crd->rxfifo = f;
411 		}
412 		return (0);
413 	}
414 
415 	KASSERT(e >= 0 && e <= 15, ("endpoint %d out of range", e));
416 
417 	/* search for a free FIFO slot */
418 	DPRINTFN(5, "Endpoint device, searching for 0x%02x\n", e);
419 	for (n = 0;; n += 2) {
420 
421 		if (n == USB_FIFO_MAX) {
422 			if (no_null) {
423 				no_null = 0;
424 				n = 0;
425 			} else {
426 				/* end of FIFOs reached */
427 				DPRINTFN(5, "out of FIFOs\n");
428 				return (ENOMEM);
429 			}
430 		}
431 		/* Check for TX FIFO */
432 		if (is_tx) {
433 			f = udev->fifo[n + USB_FIFO_TX];
434 			if (f != NULL) {
435 				if (f->dev_ep_index != e) {
436 					/* wrong endpoint index */
437 					continue;
438 				}
439 				if (f->curr_cpd != NULL) {
440 					/* FIFO is opened */
441 					is_busy = 1;
442 					continue;
443 				}
444 			} else if (no_null) {
445 				continue;
446 			}
447 		}
448 		/* Check for RX FIFO */
449 		if (is_rx) {
450 			f = udev->fifo[n + USB_FIFO_RX];
451 			if (f != NULL) {
452 				if (f->dev_ep_index != e) {
453 					/* wrong endpoint index */
454 					continue;
455 				}
456 				if (f->curr_cpd != NULL) {
457 					/* FIFO is opened */
458 					is_busy = 1;
459 					continue;
460 				}
461 			} else if (no_null) {
462 				continue;
463 			}
464 		}
465 		break;
466 	}
467 
468 	if (no_null == 0) {
469 		if (e >= (USB_EP_MAX / 2)) {
470 			/* we don't create any endpoints in this range */
471 			DPRINTFN(5, "ep out of range\n");
472 			return (is_busy ? EBUSY : EINVAL);
473 		}
474 	}
475 
476 	if ((e != 0) && is_busy) {
477 		/*
478 		 * Only the default control endpoint is allowed to be
479 		 * opened multiple times!
480 		 */
481 		DPRINTFN(5, "busy\n");
482 		return (EBUSY);
483 	}
484 
485 	/* Check TX FIFO */
486 	if (is_tx &&
487 	    (udev->fifo[n + USB_FIFO_TX] == NULL)) {
488 		ep = usb_dev_get_ep(udev, e, USB_FIFO_TX);
489 		DPRINTFN(5, "dev_get_endpoint(%d, 0x%x)\n", e, USB_FIFO_TX);
490 		if (ep == NULL) {
491 			DPRINTFN(5, "dev_get_endpoint returned NULL\n");
492 			return (EINVAL);
493 		}
494 		f = usb_fifo_alloc();
495 		if (f == NULL) {
496 			DPRINTFN(5, "could not alloc tx fifo\n");
497 			return (ENOMEM);
498 		}
499 		/* update some fields */
500 		f->fifo_index = n + USB_FIFO_TX;
501 		f->dev_ep_index = e;
502 		f->priv_mtx = &udev->device_mtx;
503 		f->priv_sc0 = ep;
504 		f->methods = &usb_ugen_methods;
505 		f->iface_index = ep->iface_index;
506 		f->udev = udev;
507 		mtx_lock(&usb_ref_lock);
508 		udev->fifo[n + USB_FIFO_TX] = f;
509 		mtx_unlock(&usb_ref_lock);
510 	}
511 	/* Check RX FIFO */
512 	if (is_rx &&
513 	    (udev->fifo[n + USB_FIFO_RX] == NULL)) {
514 
515 		ep = usb_dev_get_ep(udev, e, USB_FIFO_RX);
516 		DPRINTFN(5, "dev_get_endpoint(%d, 0x%x)\n", e, USB_FIFO_RX);
517 		if (ep == NULL) {
518 			DPRINTFN(5, "dev_get_endpoint returned NULL\n");
519 			return (EINVAL);
520 		}
521 		f = usb_fifo_alloc();
522 		if (f == NULL) {
523 			DPRINTFN(5, "could not alloc rx fifo\n");
524 			return (ENOMEM);
525 		}
526 		/* update some fields */
527 		f->fifo_index = n + USB_FIFO_RX;
528 		f->dev_ep_index = e;
529 		f->priv_mtx = &udev->device_mtx;
530 		f->priv_sc0 = ep;
531 		f->methods = &usb_ugen_methods;
532 		f->iface_index = ep->iface_index;
533 		f->udev = udev;
534 		mtx_lock(&usb_ref_lock);
535 		udev->fifo[n + USB_FIFO_RX] = f;
536 		mtx_unlock(&usb_ref_lock);
537 	}
538 	if (is_tx) {
539 		crd->txfifo = udev->fifo[n + USB_FIFO_TX];
540 	}
541 	if (is_rx) {
542 		crd->rxfifo = udev->fifo[n + USB_FIFO_RX];
543 	}
544 	/* fill out fifo index */
545 	DPRINTFN(5, "fifo index = %d\n", n);
546 	cpd->fifo_index = n;
547 
548 	/* complete */
549 
550 	return (0);
551 }
552 
553 void
554 usb_fifo_free(struct usb_fifo *f)
555 {
556 	uint8_t n;
557 
558 	if (f == NULL) {
559 		/* be NULL safe */
560 		return;
561 	}
562 	/* destroy symlink devices, if any */
563 	for (n = 0; n != 2; n++) {
564 		if (f->symlink[n]) {
565 			usb_free_symlink(f->symlink[n]);
566 			f->symlink[n] = NULL;
567 		}
568 	}
569 	mtx_lock(&usb_ref_lock);
570 
571 	/* delink ourselves to stop calls from userland */
572 	if ((f->fifo_index < USB_FIFO_MAX) &&
573 	    (f->udev != NULL) &&
574 	    (f->udev->fifo[f->fifo_index] == f)) {
575 		f->udev->fifo[f->fifo_index] = NULL;
576 	} else {
577 		DPRINTFN(0, "USB FIFO %p has not been linked\n", f);
578 	}
579 
580 	/* decrease refcount */
581 	f->refcount--;
582 	/* prevent any write flush */
583 	f->flag_iserror = 1;
584 	/* need to wait until all callers have exited */
585 	while (f->refcount != 0) {
586 		mtx_unlock(&usb_ref_lock);	/* avoid LOR */
587 		mtx_lock(f->priv_mtx);
588 		/* get I/O thread out of any sleep state */
589 		if (f->flag_sleeping) {
590 			f->flag_sleeping = 0;
591 			cv_broadcast(&f->cv_io);
592 		}
593 		mtx_unlock(f->priv_mtx);
594 		mtx_lock(&usb_ref_lock);
595 
596 		/* wait for sync */
597 		cv_wait(&f->cv_drain, &usb_ref_lock);
598 	}
599 	mtx_unlock(&usb_ref_lock);
600 
601 	/* take care of closing the device here, if any */
602 	usb_fifo_close(f, 0);
603 
604 	cv_destroy(&f->cv_io);
605 	cv_destroy(&f->cv_drain);
606 
607 	free(f, M_USBDEV);
608 }
609 
610 static struct usb_endpoint *
611 usb_dev_get_ep(struct usb_device *udev, uint8_t ep_index, uint8_t dir)
612 {
613 	struct usb_endpoint *ep;
614 	uint8_t ep_dir;
615 
616 	if (ep_index == 0) {
617 		ep = &udev->ctrl_ep;
618 	} else {
619 		if (dir == USB_FIFO_RX) {
620 			if (udev->flags.usb_mode == USB_MODE_HOST) {
621 				ep_dir = UE_DIR_IN;
622 			} else {
623 				ep_dir = UE_DIR_OUT;
624 			}
625 		} else {
626 			if (udev->flags.usb_mode == USB_MODE_HOST) {
627 				ep_dir = UE_DIR_OUT;
628 			} else {
629 				ep_dir = UE_DIR_IN;
630 			}
631 		}
632 		ep = usbd_get_ep_by_addr(udev, ep_index | ep_dir);
633 	}
634 
635 	if (ep == NULL) {
636 		/* if the endpoint does not exist then return */
637 		return (NULL);
638 	}
639 	if (ep->edesc == NULL) {
640 		/* invalid endpoint */
641 		return (NULL);
642 	}
643 	return (ep);			/* success */
644 }
645 
646 /*------------------------------------------------------------------------*
647  *	usb_fifo_open
648  *
649  * Returns:
650  * 0: Success
651  * Else: Failure
652  *------------------------------------------------------------------------*/
653 static int
654 usb_fifo_open(struct usb_cdev_privdata *cpd,
655     struct usb_fifo *f, int fflags)
656 {
657 	int err;
658 
659 	if (f == NULL) {
660 		/* no FIFO there */
661 		DPRINTFN(2, "no FIFO\n");
662 		return (ENXIO);
663 	}
664 	/* remove FWRITE and FREAD flags */
665 	fflags &= ~(FWRITE | FREAD);
666 
667 	/* set correct file flags */
668 	if ((f->fifo_index & 1) == USB_FIFO_TX) {
669 		fflags |= FWRITE;
670 	} else {
671 		fflags |= FREAD;
672 	}
673 
674 	/* check if we are already opened */
675 	/* we don't need any locks when checking this variable */
676 	if (f->curr_cpd != NULL) {
677 		err = EBUSY;
678 		goto done;
679 	}
680 
681 	/* reset short flag before open */
682 	f->flag_short = 0;
683 
684 	/* call open method */
685 	err = (f->methods->f_open) (f, fflags);
686 	if (err) {
687 		goto done;
688 	}
689 	mtx_lock(f->priv_mtx);
690 
691 	/* reset sleep flag */
692 	f->flag_sleeping = 0;
693 
694 	/* reset error flag */
695 	f->flag_iserror = 0;
696 
697 	/* reset complete flag */
698 	f->flag_iscomplete = 0;
699 
700 	/* reset select flag */
701 	f->flag_isselect = 0;
702 
703 	/* reset flushing flag */
704 	f->flag_flushing = 0;
705 
706 	/* reset ASYNC proc flag */
707 	f->async_p = NULL;
708 
709 	mtx_lock(&usb_ref_lock);
710 	/* flag the fifo as opened to prevent others */
711 	f->curr_cpd = cpd;
712 	mtx_unlock(&usb_ref_lock);
713 
714 	/* reset queue */
715 	usb_fifo_reset(f);
716 
717 	mtx_unlock(f->priv_mtx);
718 done:
719 	return (err);
720 }
721 
722 /*------------------------------------------------------------------------*
723  *	usb_fifo_reset
724  *------------------------------------------------------------------------*/
725 void
726 usb_fifo_reset(struct usb_fifo *f)
727 {
728 	struct usb_mbuf *m;
729 
730 	if (f == NULL) {
731 		return;
732 	}
733 	while (1) {
734 		USB_IF_DEQUEUE(&f->used_q, m);
735 		if (m) {
736 			USB_IF_ENQUEUE(&f->free_q, m);
737 		} else {
738 			break;
739 		}
740 	}
741 	/* reset have fragment flag */
742 	f->flag_have_fragment = 0;
743 }
744 
745 /*------------------------------------------------------------------------*
746  *	usb_fifo_close
747  *------------------------------------------------------------------------*/
748 static void
749 usb_fifo_close(struct usb_fifo *f, int fflags)
750 {
751 	int err;
752 
753 	/* check if we are not opened */
754 	if (f->curr_cpd == NULL) {
755 		/* nothing to do - already closed */
756 		return;
757 	}
758 	mtx_lock(f->priv_mtx);
759 
760 	/* clear current cdev private data pointer */
761 	f->curr_cpd = NULL;
762 
763 	/* check if we are selected */
764 	if (f->flag_isselect) {
765 		selwakeup(&f->selinfo);
766 		f->flag_isselect = 0;
767 	}
768 	/* check if a thread wants SIGIO */
769 	if (f->async_p != NULL) {
770 		PROC_LOCK(f->async_p);
771 		kern_psignal(f->async_p, SIGIO);
772 		PROC_UNLOCK(f->async_p);
773 		f->async_p = NULL;
774 	}
775 	/* remove FWRITE and FREAD flags */
776 	fflags &= ~(FWRITE | FREAD);
777 
778 	/* flush written data, if any */
779 	if ((f->fifo_index & 1) == USB_FIFO_TX) {
780 
781 		if (!f->flag_iserror) {
782 
783 			/* set flushing flag */
784 			f->flag_flushing = 1;
785 
786 			/* get the last packet in */
787 			if (f->flag_have_fragment) {
788 				struct usb_mbuf *m;
789 				f->flag_have_fragment = 0;
790 				USB_IF_DEQUEUE(&f->free_q, m);
791 				if (m) {
792 					USB_IF_ENQUEUE(&f->used_q, m);
793 				}
794 			}
795 
796 			/* start write transfer, if not already started */
797 			(f->methods->f_start_write) (f);
798 
799 			/* check if flushed already */
800 			while (f->flag_flushing &&
801 			    (!f->flag_iserror)) {
802 				/* wait until all data has been written */
803 				f->flag_sleeping = 1;
804 				err = cv_wait_sig(&f->cv_io, f->priv_mtx);
805 				if (err) {
806 					DPRINTF("signal received\n");
807 					break;
808 				}
809 			}
810 		}
811 		fflags |= FWRITE;
812 
813 		/* stop write transfer, if not already stopped */
814 		(f->methods->f_stop_write) (f);
815 	} else {
816 		fflags |= FREAD;
817 
818 		/* stop write transfer, if not already stopped */
819 		(f->methods->f_stop_read) (f);
820 	}
821 
822 	/* check if we are sleeping */
823 	if (f->flag_sleeping) {
824 		DPRINTFN(2, "Sleeping at close!\n");
825 	}
826 	mtx_unlock(f->priv_mtx);
827 
828 	/* call close method */
829 	(f->methods->f_close) (f, fflags);
830 
831 	DPRINTF("closed\n");
832 }
833 
834 /*------------------------------------------------------------------------*
835  *	usb_open - cdev callback
836  *------------------------------------------------------------------------*/
837 static int
838 usb_open(struct cdev *dev, int fflags, int devtype, struct thread *td)
839 {
840 	struct usb_fs_privdata* pd = (struct usb_fs_privdata*)dev->si_drv1;
841 	struct usb_cdev_refdata refs;
842 	struct usb_cdev_privdata *cpd;
843 	int err, ep;
844 
845 	DPRINTFN(2, "%s fflags=0x%08x\n", dev->si_name, fflags);
846 
847 	KASSERT(fflags & (FREAD|FWRITE), ("invalid open flags"));
848 	if (((fflags & FREAD) && !(pd->mode & FREAD)) ||
849 	    ((fflags & FWRITE) && !(pd->mode & FWRITE))) {
850 		DPRINTFN(2, "access mode not supported\n");
851 		return (EPERM);
852 	}
853 
854 	cpd = malloc(sizeof(*cpd), M_USBDEV, M_WAITOK | M_ZERO);
855 	ep = cpd->ep_addr = pd->ep_addr;
856 
857 	usb_loc_fill(pd, cpd);
858 	err = usb_ref_device(cpd, &refs, 1);
859 	if (err) {
860 		DPRINTFN(2, "cannot ref device\n");
861 		free(cpd, M_USBDEV);
862 		return (ENXIO);
863 	}
864 	cpd->fflags = fflags;	/* access mode for open lifetime */
865 
866 	/* create FIFOs, if any */
867 	err = usb_fifo_create(cpd, &refs);
868 	/* check for error */
869 	if (err) {
870 		DPRINTFN(2, "cannot create fifo\n");
871 		usb_unref_device(cpd, &refs);
872 		free(cpd, M_USBDEV);
873 		return (err);
874 	}
875 	if (fflags & FREAD) {
876 		err = usb_fifo_open(cpd, refs.rxfifo, fflags);
877 		if (err) {
878 			DPRINTFN(2, "read open failed\n");
879 			usb_unref_device(cpd, &refs);
880 			free(cpd, M_USBDEV);
881 			return (err);
882 		}
883 	}
884 	if (fflags & FWRITE) {
885 		err = usb_fifo_open(cpd, refs.txfifo, fflags);
886 		if (err) {
887 			DPRINTFN(2, "write open failed\n");
888 			if (fflags & FREAD) {
889 				usb_fifo_close(refs.rxfifo, fflags);
890 			}
891 			usb_unref_device(cpd, &refs);
892 			free(cpd, M_USBDEV);
893 			return (err);
894 		}
895 	}
896 	usb_unref_device(cpd, &refs);
897 	devfs_set_cdevpriv(cpd, usb_close);
898 
899 	return (0);
900 }
901 
902 /*------------------------------------------------------------------------*
903  *	usb_close - cdev callback
904  *------------------------------------------------------------------------*/
905 static void
906 usb_close(void *arg)
907 {
908 	struct usb_cdev_refdata refs;
909 	struct usb_cdev_privdata *cpd = arg;
910 	int err;
911 
912 	DPRINTFN(2, "cpd=%p\n", cpd);
913 
914 	err = usb_ref_device(cpd, &refs, 0);
915 	if (err)
916 		goto done;
917 
918 	/*
919 	 * If this function is not called directly from the root HUB
920 	 * thread, there is usually a need to lock the enumeration
921 	 * lock. Check this.
922 	 */
923 	if (!usbd_enum_is_locked(cpd->udev)) {
924 
925 		DPRINTFN(2, "Locking enumeration\n");
926 
927 		/* reference device */
928 		err = usb_usb_ref_device(cpd, &refs);
929 		if (err)
930 			goto done;
931 	}
932 	if (cpd->fflags & FREAD) {
933 		usb_fifo_close(refs.rxfifo, cpd->fflags);
934 	}
935 	if (cpd->fflags & FWRITE) {
936 		usb_fifo_close(refs.txfifo, cpd->fflags);
937 	}
938 	usb_unref_device(cpd, &refs);
939 done:
940 	free(cpd, M_USBDEV);
941 }
942 
943 static void
944 usb_dev_init(void *arg)
945 {
946 	mtx_init(&usb_ref_lock, "USB ref mutex", NULL, MTX_DEF);
947 	sx_init(&usb_sym_lock, "USB sym mutex");
948 	TAILQ_INIT(&usb_sym_head);
949 
950 	/* check the UGEN methods */
951 	usb_fifo_check_methods(&usb_ugen_methods);
952 }
953 
954 SYSINIT(usb_dev_init, SI_SUB_KLD, SI_ORDER_FIRST, usb_dev_init, NULL);
955 
956 static void
957 usb_dev_init_post(void *arg)
958 {
959 	/*
960 	 * Create /dev/usb - this is needed for usbconfig(8), which
961 	 * needs a well-known device name to access.
962 	 */
963 	usb_dev = make_dev(&usb_static_devsw, 0, UID_ROOT, GID_OPERATOR,
964 	    0644, USB_DEVICE_NAME);
965 	if (usb_dev == NULL) {
966 		DPRINTFN(0, "Could not create usb bus device\n");
967 	}
968 }
969 
970 SYSINIT(usb_dev_init_post, SI_SUB_KICK_SCHEDULER, SI_ORDER_FIRST, usb_dev_init_post, NULL);
971 
972 static void
973 usb_dev_uninit(void *arg)
974 {
975 	if (usb_dev != NULL) {
976 		destroy_dev(usb_dev);
977 		usb_dev = NULL;
978 	}
979 	mtx_destroy(&usb_ref_lock);
980 	sx_destroy(&usb_sym_lock);
981 }
982 
983 SYSUNINIT(usb_dev_uninit, SI_SUB_KICK_SCHEDULER, SI_ORDER_ANY, usb_dev_uninit, NULL);
984 
985 static int
986 usb_ioctl_f_sub(struct usb_fifo *f, u_long cmd, void *addr,
987     struct thread *td)
988 {
989 	int error = 0;
990 
991 	switch (cmd) {
992 	case FIODTYPE:
993 		*(int *)addr = 0;	/* character device */
994 		break;
995 
996 	case FIONBIO:
997 		/* handled by upper FS layer */
998 		break;
999 
1000 	case FIOASYNC:
1001 		if (*(int *)addr) {
1002 			if (f->async_p != NULL) {
1003 				error = EBUSY;
1004 				break;
1005 			}
1006 			f->async_p = USB_TD_GET_PROC(td);
1007 		} else {
1008 			f->async_p = NULL;
1009 		}
1010 		break;
1011 
1012 		/* XXX this is not the most general solution */
1013 	case TIOCSPGRP:
1014 		if (f->async_p == NULL) {
1015 			error = EINVAL;
1016 			break;
1017 		}
1018 		if (*(int *)addr != USB_PROC_GET_GID(f->async_p)) {
1019 			error = EPERM;
1020 			break;
1021 		}
1022 		break;
1023 	default:
1024 		return (ENOIOCTL);
1025 	}
1026 	DPRINTFN(3, "cmd 0x%lx = %d\n", cmd, error);
1027 	return (error);
1028 }
1029 
1030 /*------------------------------------------------------------------------*
1031  *	usb_ioctl - cdev callback
1032  *------------------------------------------------------------------------*/
1033 static int
1034 usb_ioctl(struct cdev *dev, u_long cmd, caddr_t addr, int fflag, struct thread* td)
1035 {
1036 	struct usb_cdev_refdata refs;
1037 	struct usb_cdev_privdata* cpd;
1038 	struct usb_fifo *f;
1039 	int fflags;
1040 	int err;
1041 
1042 	DPRINTFN(2, "cmd=0x%lx\n", cmd);
1043 
1044 	err = devfs_get_cdevpriv((void **)&cpd);
1045 	if (err != 0)
1046 		return (err);
1047 
1048 	/*
1049 	 * Performance optimisation: We try to check for IOCTL's that
1050 	 * don't need the USB reference first. Then we grab the USB
1051 	 * reference if we need it!
1052 	 */
1053 	err = usb_ref_device(cpd, &refs, 0 /* no uref */ );
1054 	if (err)
1055 		return (ENXIO);
1056 
1057 	fflags = cpd->fflags;
1058 
1059 	f = NULL;			/* set default value */
1060 	err = ENOIOCTL;			/* set default value */
1061 
1062 	if (fflags & FWRITE) {
1063 		f = refs.txfifo;
1064 		err = usb_ioctl_f_sub(f, cmd, addr, td);
1065 	}
1066 	if (fflags & FREAD) {
1067 		f = refs.rxfifo;
1068 		err = usb_ioctl_f_sub(f, cmd, addr, td);
1069 	}
1070 	KASSERT(f != NULL, ("fifo not found"));
1071 	if (err != ENOIOCTL)
1072 		goto done;
1073 
1074 	err = (f->methods->f_ioctl) (f, cmd, addr, fflags);
1075 
1076 	DPRINTFN(2, "f_ioctl cmd 0x%lx = %d\n", cmd, err);
1077 
1078 	if (err != ENOIOCTL)
1079 		goto done;
1080 
1081 	if (usb_usb_ref_device(cpd, &refs)) {
1082 		err = ENXIO;
1083 		goto done;
1084 	}
1085 
1086 	err = (f->methods->f_ioctl_post) (f, cmd, addr, fflags);
1087 
1088 	DPRINTFN(2, "f_ioctl_post cmd 0x%lx = %d\n", cmd, err);
1089 
1090 	if (err == ENOIOCTL)
1091 		err = ENOTTY;
1092 
1093 	if (err)
1094 		goto done;
1095 
1096 	/* Wait for re-enumeration, if any */
1097 
1098 	while (f->udev->re_enumerate_wait != 0) {
1099 
1100 		usb_unref_device(cpd, &refs);
1101 
1102 		usb_pause_mtx(NULL, hz / 128);
1103 
1104 		if (usb_ref_device(cpd, &refs, 1 /* need uref */)) {
1105 			err = ENXIO;
1106 			goto done;
1107 		}
1108 	}
1109 
1110 done:
1111 	usb_unref_device(cpd, &refs);
1112 	return (err);
1113 }
1114 
1115 /* ARGSUSED */
1116 static int
1117 usb_poll(struct cdev* dev, int events, struct thread* td)
1118 {
1119 	struct usb_cdev_refdata refs;
1120 	struct usb_cdev_privdata* cpd;
1121 	struct usb_fifo *f;
1122 	struct usb_mbuf *m;
1123 	int fflags, revents;
1124 
1125 	if (devfs_get_cdevpriv((void **)&cpd) != 0 ||
1126 	    usb_ref_device(cpd, &refs, 0) != 0)
1127 		return (events &
1128 		    (POLLHUP|POLLIN|POLLRDNORM|POLLOUT|POLLWRNORM));
1129 
1130 	fflags = cpd->fflags;
1131 
1132 	/* Figure out who needs service */
1133 	revents = 0;
1134 	if ((events & (POLLOUT | POLLWRNORM)) &&
1135 	    (fflags & FWRITE)) {
1136 
1137 		f = refs.txfifo;
1138 
1139 		mtx_lock(f->priv_mtx);
1140 
1141 		if (!refs.is_usbfs) {
1142 			if (f->flag_iserror) {
1143 				/* we got an error */
1144 				m = (void *)1;
1145 			} else {
1146 				if (f->queue_data == NULL) {
1147 					/*
1148 					 * start write transfer, if not
1149 					 * already started
1150 					 */
1151 					(f->methods->f_start_write) (f);
1152 				}
1153 				/* check if any packets are available */
1154 				USB_IF_POLL(&f->free_q, m);
1155 			}
1156 		} else {
1157 			if (f->flag_iscomplete) {
1158 				m = (void *)1;
1159 			} else {
1160 				m = NULL;
1161 			}
1162 		}
1163 
1164 		if (m) {
1165 			revents |= events & (POLLOUT | POLLWRNORM);
1166 		} else {
1167 			f->flag_isselect = 1;
1168 			selrecord(td, &f->selinfo);
1169 		}
1170 
1171 		mtx_unlock(f->priv_mtx);
1172 	}
1173 	if ((events & (POLLIN | POLLRDNORM)) &&
1174 	    (fflags & FREAD)) {
1175 
1176 		f = refs.rxfifo;
1177 
1178 		mtx_lock(f->priv_mtx);
1179 
1180 		if (!refs.is_usbfs) {
1181 			if (f->flag_iserror) {
1182 				/* we have and error */
1183 				m = (void *)1;
1184 			} else {
1185 				if (f->queue_data == NULL) {
1186 					/*
1187 					 * start read transfer, if not
1188 					 * already started
1189 					 */
1190 					(f->methods->f_start_read) (f);
1191 				}
1192 				/* check if any packets are available */
1193 				USB_IF_POLL(&f->used_q, m);
1194 			}
1195 		} else {
1196 			if (f->flag_iscomplete) {
1197 				m = (void *)1;
1198 			} else {
1199 				m = NULL;
1200 			}
1201 		}
1202 
1203 		if (m) {
1204 			revents |= events & (POLLIN | POLLRDNORM);
1205 		} else {
1206 			f->flag_isselect = 1;
1207 			selrecord(td, &f->selinfo);
1208 
1209 			if (!refs.is_usbfs) {
1210 				/* start reading data */
1211 				(f->methods->f_start_read) (f);
1212 			}
1213 		}
1214 
1215 		mtx_unlock(f->priv_mtx);
1216 	}
1217 	usb_unref_device(cpd, &refs);
1218 	return (revents);
1219 }
1220 
1221 static int
1222 usb_read(struct cdev *dev, struct uio *uio, int ioflag)
1223 {
1224 	struct usb_cdev_refdata refs;
1225 	struct usb_cdev_privdata* cpd;
1226 	struct usb_fifo *f;
1227 	struct usb_mbuf *m;
1228 	int fflags;
1229 	int resid;
1230 	int io_len;
1231 	int err;
1232 	uint8_t tr_data = 0;
1233 
1234 	err = devfs_get_cdevpriv((void **)&cpd);
1235 	if (err != 0)
1236 		return (err);
1237 
1238 	err = usb_ref_device(cpd, &refs, 0 /* no uref */ );
1239 	if (err) {
1240 		return (ENXIO);
1241 	}
1242 	fflags = cpd->fflags;
1243 
1244 	f = refs.rxfifo;
1245 	if (f == NULL) {
1246 		/* should not happen */
1247 		usb_unref_device(cpd, &refs);
1248 		return (EPERM);
1249 	}
1250 
1251 	resid = uio->uio_resid;
1252 
1253 	mtx_lock(f->priv_mtx);
1254 
1255 	/* check for permanent read error */
1256 	if (f->flag_iserror) {
1257 		err = EIO;
1258 		goto done;
1259 	}
1260 	/* check if USB-FS interface is active */
1261 	if (refs.is_usbfs) {
1262 		/*
1263 		 * The queue is used for events that should be
1264 		 * retrieved using the "USB_FS_COMPLETE" ioctl.
1265 		 */
1266 		err = EINVAL;
1267 		goto done;
1268 	}
1269 	while (uio->uio_resid > 0) {
1270 
1271 		USB_IF_DEQUEUE(&f->used_q, m);
1272 
1273 		if (m == NULL) {
1274 
1275 			/* start read transfer, if not already started */
1276 
1277 			(f->methods->f_start_read) (f);
1278 
1279 			if (ioflag & IO_NDELAY) {
1280 				if (tr_data) {
1281 					/* return length before error */
1282 					break;
1283 				}
1284 				err = EWOULDBLOCK;
1285 				break;
1286 			}
1287 			DPRINTF("sleeping\n");
1288 
1289 			err = usb_fifo_wait(f);
1290 			if (err) {
1291 				break;
1292 			}
1293 			continue;
1294 		}
1295 		if (f->methods->f_filter_read) {
1296 			/*
1297 			 * Sometimes it is convenient to process data at the
1298 			 * expense of a userland process instead of a kernel
1299 			 * process.
1300 			 */
1301 			(f->methods->f_filter_read) (f, m);
1302 		}
1303 		tr_data = 1;
1304 
1305 		io_len = MIN(m->cur_data_len, uio->uio_resid);
1306 
1307 		DPRINTFN(2, "transfer %d bytes from %p\n",
1308 		    io_len, m->cur_data_ptr);
1309 
1310 		err = usb_fifo_uiomove(f,
1311 		    m->cur_data_ptr, io_len, uio);
1312 
1313 		m->cur_data_len -= io_len;
1314 		m->cur_data_ptr += io_len;
1315 
1316 		if (m->cur_data_len == 0) {
1317 
1318 			uint8_t last_packet;
1319 
1320 			last_packet = m->last_packet;
1321 
1322 			USB_IF_ENQUEUE(&f->free_q, m);
1323 
1324 			if (last_packet) {
1325 				/* keep framing */
1326 				break;
1327 			}
1328 		} else {
1329 			USB_IF_PREPEND(&f->used_q, m);
1330 		}
1331 
1332 		if (err) {
1333 			break;
1334 		}
1335 	}
1336 done:
1337 	mtx_unlock(f->priv_mtx);
1338 
1339 	usb_unref_device(cpd, &refs);
1340 
1341 	return (err);
1342 }
1343 
1344 static int
1345 usb_write(struct cdev *dev, struct uio *uio, int ioflag)
1346 {
1347 	struct usb_cdev_refdata refs;
1348 	struct usb_cdev_privdata* cpd;
1349 	struct usb_fifo *f;
1350 	struct usb_mbuf *m;
1351 	uint8_t *pdata;
1352 	int fflags;
1353 	int resid;
1354 	int io_len;
1355 	int err;
1356 	uint8_t tr_data = 0;
1357 
1358 	DPRINTFN(2, "\n");
1359 
1360 	err = devfs_get_cdevpriv((void **)&cpd);
1361 	if (err != 0)
1362 		return (err);
1363 
1364 	err = usb_ref_device(cpd, &refs, 0 /* no uref */ );
1365 	if (err) {
1366 		return (ENXIO);
1367 	}
1368 	fflags = cpd->fflags;
1369 
1370 	f = refs.txfifo;
1371 	if (f == NULL) {
1372 		/* should not happen */
1373 		usb_unref_device(cpd, &refs);
1374 		return (EPERM);
1375 	}
1376 	resid = uio->uio_resid;
1377 
1378 	mtx_lock(f->priv_mtx);
1379 
1380 	/* check for permanent write error */
1381 	if (f->flag_iserror) {
1382 		err = EIO;
1383 		goto done;
1384 	}
1385 	/* check if USB-FS interface is active */
1386 	if (refs.is_usbfs) {
1387 		/*
1388 		 * The queue is used for events that should be
1389 		 * retrieved using the "USB_FS_COMPLETE" ioctl.
1390 		 */
1391 		err = EINVAL;
1392 		goto done;
1393 	}
1394 	if (f->queue_data == NULL) {
1395 		/* start write transfer, if not already started */
1396 		(f->methods->f_start_write) (f);
1397 	}
1398 	/* we allow writing zero length data */
1399 	do {
1400 		USB_IF_DEQUEUE(&f->free_q, m);
1401 
1402 		if (m == NULL) {
1403 
1404 			if (ioflag & IO_NDELAY) {
1405 				if (tr_data) {
1406 					/* return length before error */
1407 					break;
1408 				}
1409 				err = EWOULDBLOCK;
1410 				break;
1411 			}
1412 			DPRINTF("sleeping\n");
1413 
1414 			err = usb_fifo_wait(f);
1415 			if (err) {
1416 				break;
1417 			}
1418 			continue;
1419 		}
1420 		tr_data = 1;
1421 
1422 		if (f->flag_have_fragment == 0) {
1423 			USB_MBUF_RESET(m);
1424 			io_len = m->cur_data_len;
1425 			pdata = m->cur_data_ptr;
1426 			if (io_len > uio->uio_resid)
1427 				io_len = uio->uio_resid;
1428 			m->cur_data_len = io_len;
1429 		} else {
1430 			io_len = m->max_data_len - m->cur_data_len;
1431 			pdata = m->cur_data_ptr + m->cur_data_len;
1432 			if (io_len > uio->uio_resid)
1433 				io_len = uio->uio_resid;
1434 			m->cur_data_len += io_len;
1435 		}
1436 
1437 		DPRINTFN(2, "transfer %d bytes to %p\n",
1438 		    io_len, pdata);
1439 
1440 		err = usb_fifo_uiomove(f, pdata, io_len, uio);
1441 
1442 		if (err) {
1443 			f->flag_have_fragment = 0;
1444 			USB_IF_ENQUEUE(&f->free_q, m);
1445 			break;
1446 		}
1447 
1448 		/* check if the buffer is ready to be transmitted */
1449 
1450 		if ((f->flag_write_defrag == 0) ||
1451 		    (m->cur_data_len == m->max_data_len)) {
1452 			f->flag_have_fragment = 0;
1453 
1454 			/*
1455 			 * Check for write filter:
1456 			 *
1457 			 * Sometimes it is convenient to process data
1458 			 * at the expense of a userland process
1459 			 * instead of a kernel process.
1460 			 */
1461 			if (f->methods->f_filter_write) {
1462 				(f->methods->f_filter_write) (f, m);
1463 			}
1464 
1465 			/* Put USB mbuf in the used queue */
1466 			USB_IF_ENQUEUE(&f->used_q, m);
1467 
1468 			/* Start writing data, if not already started */
1469 			(f->methods->f_start_write) (f);
1470 		} else {
1471 			/* Wait for more data or close */
1472 			f->flag_have_fragment = 1;
1473 			USB_IF_PREPEND(&f->free_q, m);
1474 		}
1475 
1476 	} while (uio->uio_resid > 0);
1477 done:
1478 	mtx_unlock(f->priv_mtx);
1479 
1480 	usb_unref_device(cpd, &refs);
1481 
1482 	return (err);
1483 }
1484 
1485 int
1486 usb_static_ioctl(struct cdev *dev, u_long cmd, caddr_t data, int fflag,
1487     struct thread *td)
1488 {
1489 	union {
1490 		struct usb_read_dir *urd;
1491 		void* data;
1492 	} u;
1493 	int err;
1494 
1495 	u.data = data;
1496 	switch (cmd) {
1497 		case USB_READ_DIR:
1498 			err = usb_read_symlink(u.urd->urd_data,
1499 			    u.urd->urd_startentry, u.urd->urd_maxlen);
1500 			break;
1501 		case USB_DEV_QUIRK_GET:
1502 		case USB_QUIRK_NAME_GET:
1503 		case USB_DEV_QUIRK_ADD:
1504 		case USB_DEV_QUIRK_REMOVE:
1505 			err = usb_quirk_ioctl_p(cmd, data, fflag, td);
1506 			break;
1507 		case USB_GET_TEMPLATE:
1508 			*(int *)data = usb_template;
1509 			err = 0;
1510 			break;
1511 		case USB_SET_TEMPLATE:
1512 			err = priv_check(curthread, PRIV_DRIVER);
1513 			if (err)
1514 				break;
1515 			usb_template = *(int *)data;
1516 			break;
1517 		default:
1518 			err = ENOTTY;
1519 			break;
1520 	}
1521 	return (err);
1522 }
1523 
1524 static int
1525 usb_fifo_uiomove(struct usb_fifo *f, void *cp,
1526     int n, struct uio *uio)
1527 {
1528 	int error;
1529 
1530 	mtx_unlock(f->priv_mtx);
1531 
1532 	/*
1533 	 * "uiomove()" can sleep so one needs to make a wrapper,
1534 	 * exiting the mutex and checking things:
1535 	 */
1536 	error = uiomove(cp, n, uio);
1537 
1538 	mtx_lock(f->priv_mtx);
1539 
1540 	return (error);
1541 }
1542 
1543 int
1544 usb_fifo_wait(struct usb_fifo *f)
1545 {
1546 	int err;
1547 
1548 	mtx_assert(f->priv_mtx, MA_OWNED);
1549 
1550 	if (f->flag_iserror) {
1551 		/* we are gone */
1552 		return (EIO);
1553 	}
1554 	f->flag_sleeping = 1;
1555 
1556 	err = cv_wait_sig(&f->cv_io, f->priv_mtx);
1557 
1558 	if (f->flag_iserror) {
1559 		/* we are gone */
1560 		err = EIO;
1561 	}
1562 	return (err);
1563 }
1564 
1565 void
1566 usb_fifo_signal(struct usb_fifo *f)
1567 {
1568 	if (f->flag_sleeping) {
1569 		f->flag_sleeping = 0;
1570 		cv_broadcast(&f->cv_io);
1571 	}
1572 }
1573 
1574 void
1575 usb_fifo_wakeup(struct usb_fifo *f)
1576 {
1577 	usb_fifo_signal(f);
1578 
1579 	if (f->flag_isselect) {
1580 		selwakeup(&f->selinfo);
1581 		f->flag_isselect = 0;
1582 	}
1583 	if (f->async_p != NULL) {
1584 		PROC_LOCK(f->async_p);
1585 		kern_psignal(f->async_p, SIGIO);
1586 		PROC_UNLOCK(f->async_p);
1587 	}
1588 }
1589 
1590 static int
1591 usb_fifo_dummy_open(struct usb_fifo *fifo, int fflags)
1592 {
1593 	return (0);
1594 }
1595 
1596 static void
1597 usb_fifo_dummy_close(struct usb_fifo *fifo, int fflags)
1598 {
1599 	return;
1600 }
1601 
1602 static int
1603 usb_fifo_dummy_ioctl(struct usb_fifo *fifo, u_long cmd, void *addr, int fflags)
1604 {
1605 	return (ENOIOCTL);
1606 }
1607 
1608 static void
1609 usb_fifo_dummy_cmd(struct usb_fifo *fifo)
1610 {
1611 	fifo->flag_flushing = 0;	/* not flushing */
1612 }
1613 
1614 static void
1615 usb_fifo_check_methods(struct usb_fifo_methods *pm)
1616 {
1617 	/* check that all callback functions are OK */
1618 
1619 	if (pm->f_open == NULL)
1620 		pm->f_open = &usb_fifo_dummy_open;
1621 
1622 	if (pm->f_close == NULL)
1623 		pm->f_close = &usb_fifo_dummy_close;
1624 
1625 	if (pm->f_ioctl == NULL)
1626 		pm->f_ioctl = &usb_fifo_dummy_ioctl;
1627 
1628 	if (pm->f_ioctl_post == NULL)
1629 		pm->f_ioctl_post = &usb_fifo_dummy_ioctl;
1630 
1631 	if (pm->f_start_read == NULL)
1632 		pm->f_start_read = &usb_fifo_dummy_cmd;
1633 
1634 	if (pm->f_stop_read == NULL)
1635 		pm->f_stop_read = &usb_fifo_dummy_cmd;
1636 
1637 	if (pm->f_start_write == NULL)
1638 		pm->f_start_write = &usb_fifo_dummy_cmd;
1639 
1640 	if (pm->f_stop_write == NULL)
1641 		pm->f_stop_write = &usb_fifo_dummy_cmd;
1642 }
1643 
1644 /*------------------------------------------------------------------------*
1645  *	usb_fifo_attach
1646  *
1647  * The following function will create a duplex FIFO.
1648  *
1649  * Return values:
1650  * 0: Success.
1651  * Else: Failure.
1652  *------------------------------------------------------------------------*/
1653 int
1654 usb_fifo_attach(struct usb_device *udev, void *priv_sc,
1655     struct mtx *priv_mtx, struct usb_fifo_methods *pm,
1656     struct usb_fifo_sc *f_sc, uint16_t unit, uint16_t subunit,
1657     uint8_t iface_index, uid_t uid, gid_t gid, int mode)
1658 {
1659 	struct usb_fifo *f_tx;
1660 	struct usb_fifo *f_rx;
1661 	char devname[32];
1662 	uint8_t n;
1663 
1664 	f_sc->fp[USB_FIFO_TX] = NULL;
1665 	f_sc->fp[USB_FIFO_RX] = NULL;
1666 
1667 	if (pm == NULL)
1668 		return (EINVAL);
1669 
1670 	/* check the methods */
1671 	usb_fifo_check_methods(pm);
1672 
1673 	if (priv_mtx == NULL)
1674 		priv_mtx = &Giant;
1675 
1676 	/* search for a free FIFO slot */
1677 	for (n = 0;; n += 2) {
1678 
1679 		if (n == USB_FIFO_MAX) {
1680 			/* end of FIFOs reached */
1681 			return (ENOMEM);
1682 		}
1683 		/* Check for TX FIFO */
1684 		if (udev->fifo[n + USB_FIFO_TX] != NULL) {
1685 			continue;
1686 		}
1687 		/* Check for RX FIFO */
1688 		if (udev->fifo[n + USB_FIFO_RX] != NULL) {
1689 			continue;
1690 		}
1691 		break;
1692 	}
1693 
1694 	f_tx = usb_fifo_alloc();
1695 	f_rx = usb_fifo_alloc();
1696 
1697 	if ((f_tx == NULL) || (f_rx == NULL)) {
1698 		usb_fifo_free(f_tx);
1699 		usb_fifo_free(f_rx);
1700 		return (ENOMEM);
1701 	}
1702 	/* initialise FIFO structures */
1703 
1704 	f_tx->fifo_index = n + USB_FIFO_TX;
1705 	f_tx->dev_ep_index = -1;
1706 	f_tx->priv_mtx = priv_mtx;
1707 	f_tx->priv_sc0 = priv_sc;
1708 	f_tx->methods = pm;
1709 	f_tx->iface_index = iface_index;
1710 	f_tx->udev = udev;
1711 
1712 	f_rx->fifo_index = n + USB_FIFO_RX;
1713 	f_rx->dev_ep_index = -1;
1714 	f_rx->priv_mtx = priv_mtx;
1715 	f_rx->priv_sc0 = priv_sc;
1716 	f_rx->methods = pm;
1717 	f_rx->iface_index = iface_index;
1718 	f_rx->udev = udev;
1719 
1720 	f_sc->fp[USB_FIFO_TX] = f_tx;
1721 	f_sc->fp[USB_FIFO_RX] = f_rx;
1722 
1723 	mtx_lock(&usb_ref_lock);
1724 	udev->fifo[f_tx->fifo_index] = f_tx;
1725 	udev->fifo[f_rx->fifo_index] = f_rx;
1726 	mtx_unlock(&usb_ref_lock);
1727 
1728 	for (n = 0; n != 4; n++) {
1729 
1730 		if (pm->basename[n] == NULL) {
1731 			continue;
1732 		}
1733 		if (subunit == 0xFFFF) {
1734 			if (snprintf(devname, sizeof(devname),
1735 			    "%s%u%s", pm->basename[n],
1736 			    unit, pm->postfix[n] ?
1737 			    pm->postfix[n] : "")) {
1738 				/* ignore */
1739 			}
1740 		} else {
1741 			if (snprintf(devname, sizeof(devname),
1742 			    "%s%u.%u%s", pm->basename[n],
1743 			    unit, subunit, pm->postfix[n] ?
1744 			    pm->postfix[n] : "")) {
1745 				/* ignore */
1746 			}
1747 		}
1748 
1749 		/*
1750 		 * Distribute the symbolic links into two FIFO structures:
1751 		 */
1752 		if (n & 1) {
1753 			f_rx->symlink[n / 2] =
1754 			    usb_alloc_symlink(devname);
1755 		} else {
1756 			f_tx->symlink[n / 2] =
1757 			    usb_alloc_symlink(devname);
1758 		}
1759 
1760 		/* Create the device */
1761 		f_sc->dev = usb_make_dev(udev, devname, -1,
1762 		    f_tx->fifo_index & f_rx->fifo_index,
1763 		    FREAD|FWRITE, uid, gid, mode);
1764 	}
1765 
1766 	DPRINTFN(2, "attached %p/%p\n", f_tx, f_rx);
1767 	return (0);
1768 }
1769 
1770 /*------------------------------------------------------------------------*
1771  *	usb_fifo_alloc_buffer
1772  *
1773  * Return values:
1774  * 0: Success
1775  * Else failure
1776  *------------------------------------------------------------------------*/
1777 int
1778 usb_fifo_alloc_buffer(struct usb_fifo *f, usb_size_t bufsize,
1779     uint16_t nbuf)
1780 {
1781 	usb_fifo_free_buffer(f);
1782 
1783 	/* allocate an endpoint */
1784 	f->free_q.ifq_maxlen = nbuf;
1785 	f->used_q.ifq_maxlen = nbuf;
1786 
1787 	f->queue_data = usb_alloc_mbufs(
1788 	    M_USBDEV, &f->free_q, bufsize, nbuf);
1789 
1790 	if ((f->queue_data == NULL) && bufsize && nbuf) {
1791 		return (ENOMEM);
1792 	}
1793 	return (0);			/* success */
1794 }
1795 
1796 /*------------------------------------------------------------------------*
1797  *	usb_fifo_free_buffer
1798  *
1799  * This function will free the buffers associated with a FIFO. This
1800  * function can be called multiple times in a row.
1801  *------------------------------------------------------------------------*/
1802 void
1803 usb_fifo_free_buffer(struct usb_fifo *f)
1804 {
1805 	if (f->queue_data) {
1806 		/* free old buffer */
1807 		free(f->queue_data, M_USBDEV);
1808 		f->queue_data = NULL;
1809 	}
1810 	/* reset queues */
1811 
1812 	memset(&f->free_q, 0, sizeof(f->free_q));
1813 	memset(&f->used_q, 0, sizeof(f->used_q));
1814 }
1815 
1816 void
1817 usb_fifo_detach(struct usb_fifo_sc *f_sc)
1818 {
1819 	if (f_sc == NULL) {
1820 		return;
1821 	}
1822 	usb_fifo_free(f_sc->fp[USB_FIFO_TX]);
1823 	usb_fifo_free(f_sc->fp[USB_FIFO_RX]);
1824 
1825 	f_sc->fp[USB_FIFO_TX] = NULL;
1826 	f_sc->fp[USB_FIFO_RX] = NULL;
1827 
1828 	usb_destroy_dev(f_sc->dev);
1829 
1830 	f_sc->dev = NULL;
1831 
1832 	DPRINTFN(2, "detached %p\n", f_sc);
1833 }
1834 
1835 usb_size_t
1836 usb_fifo_put_bytes_max(struct usb_fifo *f)
1837 {
1838 	struct usb_mbuf *m;
1839 	usb_size_t len;
1840 
1841 	USB_IF_POLL(&f->free_q, m);
1842 
1843 	if (m) {
1844 		len = m->max_data_len;
1845 	} else {
1846 		len = 0;
1847 	}
1848 	return (len);
1849 }
1850 
1851 /*------------------------------------------------------------------------*
1852  *	usb_fifo_put_data
1853  *
1854  * what:
1855  *  0 - normal operation
1856  *  1 - set last packet flag to enforce framing
1857  *------------------------------------------------------------------------*/
1858 void
1859 usb_fifo_put_data(struct usb_fifo *f, struct usb_page_cache *pc,
1860     usb_frlength_t offset, usb_frlength_t len, uint8_t what)
1861 {
1862 	struct usb_mbuf *m;
1863 	usb_frlength_t io_len;
1864 
1865 	while (len || (what == 1)) {
1866 
1867 		USB_IF_DEQUEUE(&f->free_q, m);
1868 
1869 		if (m) {
1870 			USB_MBUF_RESET(m);
1871 
1872 			io_len = MIN(len, m->cur_data_len);
1873 
1874 			usbd_copy_out(pc, offset, m->cur_data_ptr, io_len);
1875 
1876 			m->cur_data_len = io_len;
1877 			offset += io_len;
1878 			len -= io_len;
1879 
1880 			if ((len == 0) && (what == 1)) {
1881 				m->last_packet = 1;
1882 			}
1883 			USB_IF_ENQUEUE(&f->used_q, m);
1884 
1885 			usb_fifo_wakeup(f);
1886 
1887 			if ((len == 0) || (what == 1)) {
1888 				break;
1889 			}
1890 		} else {
1891 			break;
1892 		}
1893 	}
1894 }
1895 
1896 void
1897 usb_fifo_put_data_linear(struct usb_fifo *f, void *ptr,
1898     usb_size_t len, uint8_t what)
1899 {
1900 	struct usb_mbuf *m;
1901 	usb_size_t io_len;
1902 
1903 	while (len || (what == 1)) {
1904 
1905 		USB_IF_DEQUEUE(&f->free_q, m);
1906 
1907 		if (m) {
1908 			USB_MBUF_RESET(m);
1909 
1910 			io_len = MIN(len, m->cur_data_len);
1911 
1912 			memcpy(m->cur_data_ptr, ptr, io_len);
1913 
1914 			m->cur_data_len = io_len;
1915 			ptr = USB_ADD_BYTES(ptr, io_len);
1916 			len -= io_len;
1917 
1918 			if ((len == 0) && (what == 1)) {
1919 				m->last_packet = 1;
1920 			}
1921 			USB_IF_ENQUEUE(&f->used_q, m);
1922 
1923 			usb_fifo_wakeup(f);
1924 
1925 			if ((len == 0) || (what == 1)) {
1926 				break;
1927 			}
1928 		} else {
1929 			break;
1930 		}
1931 	}
1932 }
1933 
1934 uint8_t
1935 usb_fifo_put_data_buffer(struct usb_fifo *f, void *ptr, usb_size_t len)
1936 {
1937 	struct usb_mbuf *m;
1938 
1939 	USB_IF_DEQUEUE(&f->free_q, m);
1940 
1941 	if (m) {
1942 		m->cur_data_len = len;
1943 		m->cur_data_ptr = ptr;
1944 		USB_IF_ENQUEUE(&f->used_q, m);
1945 		usb_fifo_wakeup(f);
1946 		return (1);
1947 	}
1948 	return (0);
1949 }
1950 
1951 void
1952 usb_fifo_put_data_error(struct usb_fifo *f)
1953 {
1954 	f->flag_iserror = 1;
1955 	usb_fifo_wakeup(f);
1956 }
1957 
1958 /*------------------------------------------------------------------------*
1959  *	usb_fifo_get_data
1960  *
1961  * what:
1962  *  0 - normal operation
1963  *  1 - only get one "usb_mbuf"
1964  *
1965  * returns:
1966  *  0 - no more data
1967  *  1 - data in buffer
1968  *------------------------------------------------------------------------*/
1969 uint8_t
1970 usb_fifo_get_data(struct usb_fifo *f, struct usb_page_cache *pc,
1971     usb_frlength_t offset, usb_frlength_t len, usb_frlength_t *actlen,
1972     uint8_t what)
1973 {
1974 	struct usb_mbuf *m;
1975 	usb_frlength_t io_len;
1976 	uint8_t tr_data = 0;
1977 
1978 	actlen[0] = 0;
1979 
1980 	while (1) {
1981 
1982 		USB_IF_DEQUEUE(&f->used_q, m);
1983 
1984 		if (m) {
1985 
1986 			tr_data = 1;
1987 
1988 			io_len = MIN(len, m->cur_data_len);
1989 
1990 			usbd_copy_in(pc, offset, m->cur_data_ptr, io_len);
1991 
1992 			len -= io_len;
1993 			offset += io_len;
1994 			actlen[0] += io_len;
1995 			m->cur_data_ptr += io_len;
1996 			m->cur_data_len -= io_len;
1997 
1998 			if ((m->cur_data_len == 0) || (what == 1)) {
1999 				USB_IF_ENQUEUE(&f->free_q, m);
2000 
2001 				usb_fifo_wakeup(f);
2002 
2003 				if (what == 1) {
2004 					break;
2005 				}
2006 			} else {
2007 				USB_IF_PREPEND(&f->used_q, m);
2008 			}
2009 		} else {
2010 
2011 			if (tr_data) {
2012 				/* wait for data to be written out */
2013 				break;
2014 			}
2015 			if (f->flag_flushing) {
2016 				/* check if we should send a short packet */
2017 				if (f->flag_short != 0) {
2018 					f->flag_short = 0;
2019 					tr_data = 1;
2020 					break;
2021 				}
2022 				/* flushing complete */
2023 				f->flag_flushing = 0;
2024 				usb_fifo_wakeup(f);
2025 			}
2026 			break;
2027 		}
2028 		if (len == 0) {
2029 			break;
2030 		}
2031 	}
2032 	return (tr_data);
2033 }
2034 
2035 uint8_t
2036 usb_fifo_get_data_linear(struct usb_fifo *f, void *ptr,
2037     usb_size_t len, usb_size_t *actlen, uint8_t what)
2038 {
2039 	struct usb_mbuf *m;
2040 	usb_size_t io_len;
2041 	uint8_t tr_data = 0;
2042 
2043 	actlen[0] = 0;
2044 
2045 	while (1) {
2046 
2047 		USB_IF_DEQUEUE(&f->used_q, m);
2048 
2049 		if (m) {
2050 
2051 			tr_data = 1;
2052 
2053 			io_len = MIN(len, m->cur_data_len);
2054 
2055 			memcpy(ptr, m->cur_data_ptr, io_len);
2056 
2057 			len -= io_len;
2058 			ptr = USB_ADD_BYTES(ptr, io_len);
2059 			actlen[0] += io_len;
2060 			m->cur_data_ptr += io_len;
2061 			m->cur_data_len -= io_len;
2062 
2063 			if ((m->cur_data_len == 0) || (what == 1)) {
2064 				USB_IF_ENQUEUE(&f->free_q, m);
2065 
2066 				usb_fifo_wakeup(f);
2067 
2068 				if (what == 1) {
2069 					break;
2070 				}
2071 			} else {
2072 				USB_IF_PREPEND(&f->used_q, m);
2073 			}
2074 		} else {
2075 
2076 			if (tr_data) {
2077 				/* wait for data to be written out */
2078 				break;
2079 			}
2080 			if (f->flag_flushing) {
2081 				/* check if we should send a short packet */
2082 				if (f->flag_short != 0) {
2083 					f->flag_short = 0;
2084 					tr_data = 1;
2085 					break;
2086 				}
2087 				/* flushing complete */
2088 				f->flag_flushing = 0;
2089 				usb_fifo_wakeup(f);
2090 			}
2091 			break;
2092 		}
2093 		if (len == 0) {
2094 			break;
2095 		}
2096 	}
2097 	return (tr_data);
2098 }
2099 
2100 uint8_t
2101 usb_fifo_get_data_buffer(struct usb_fifo *f, void **pptr, usb_size_t *plen)
2102 {
2103 	struct usb_mbuf *m;
2104 
2105 	USB_IF_POLL(&f->used_q, m);
2106 
2107 	if (m) {
2108 		*plen = m->cur_data_len;
2109 		*pptr = m->cur_data_ptr;
2110 
2111 		return (1);
2112 	}
2113 	return (0);
2114 }
2115 
2116 void
2117 usb_fifo_get_data_error(struct usb_fifo *f)
2118 {
2119 	f->flag_iserror = 1;
2120 	usb_fifo_wakeup(f);
2121 }
2122 
2123 /*------------------------------------------------------------------------*
2124  *	usb_alloc_symlink
2125  *
2126  * Return values:
2127  * NULL: Failure
2128  * Else: Pointer to symlink entry
2129  *------------------------------------------------------------------------*/
2130 struct usb_symlink *
2131 usb_alloc_symlink(const char *target)
2132 {
2133 	struct usb_symlink *ps;
2134 
2135 	ps = malloc(sizeof(*ps), M_USBDEV, M_WAITOK);
2136 	if (ps == NULL) {
2137 		return (ps);
2138 	}
2139 	/* XXX no longer needed */
2140 	strlcpy(ps->src_path, target, sizeof(ps->src_path));
2141 	ps->src_len = strlen(ps->src_path);
2142 	strlcpy(ps->dst_path, target, sizeof(ps->dst_path));
2143 	ps->dst_len = strlen(ps->dst_path);
2144 
2145 	sx_xlock(&usb_sym_lock);
2146 	TAILQ_INSERT_TAIL(&usb_sym_head, ps, sym_entry);
2147 	sx_unlock(&usb_sym_lock);
2148 	return (ps);
2149 }
2150 
2151 /*------------------------------------------------------------------------*
2152  *	usb_free_symlink
2153  *------------------------------------------------------------------------*/
2154 void
2155 usb_free_symlink(struct usb_symlink *ps)
2156 {
2157 	if (ps == NULL) {
2158 		return;
2159 	}
2160 	sx_xlock(&usb_sym_lock);
2161 	TAILQ_REMOVE(&usb_sym_head, ps, sym_entry);
2162 	sx_unlock(&usb_sym_lock);
2163 
2164 	free(ps, M_USBDEV);
2165 }
2166 
2167 /*------------------------------------------------------------------------*
2168  *	usb_read_symlink
2169  *
2170  * Return value:
2171  * 0: Success
2172  * Else: Failure
2173  *------------------------------------------------------------------------*/
2174 int
2175 usb_read_symlink(uint8_t *user_ptr, uint32_t startentry, uint32_t user_len)
2176 {
2177 	struct usb_symlink *ps;
2178 	uint32_t temp;
2179 	uint32_t delta = 0;
2180 	uint8_t len;
2181 	int error = 0;
2182 
2183 	sx_xlock(&usb_sym_lock);
2184 
2185 	TAILQ_FOREACH(ps, &usb_sym_head, sym_entry) {
2186 
2187 		/*
2188 		 * Compute total length of source and destination symlink
2189 		 * strings pluss one length byte and two NUL bytes:
2190 		 */
2191 		temp = ps->src_len + ps->dst_len + 3;
2192 
2193 		if (temp > 255) {
2194 			/*
2195 			 * Skip entry because this length cannot fit
2196 			 * into one byte:
2197 			 */
2198 			continue;
2199 		}
2200 		if (startentry != 0) {
2201 			/* decrement read offset */
2202 			startentry--;
2203 			continue;
2204 		}
2205 		if (temp > user_len) {
2206 			/* out of buffer space */
2207 			break;
2208 		}
2209 		len = temp;
2210 
2211 		/* copy out total length */
2212 
2213 		error = copyout(&len,
2214 		    USB_ADD_BYTES(user_ptr, delta), 1);
2215 		if (error) {
2216 			break;
2217 		}
2218 		delta += 1;
2219 
2220 		/* copy out source string */
2221 
2222 		error = copyout(ps->src_path,
2223 		    USB_ADD_BYTES(user_ptr, delta), ps->src_len);
2224 		if (error) {
2225 			break;
2226 		}
2227 		len = 0;
2228 		delta += ps->src_len;
2229 		error = copyout(&len,
2230 		    USB_ADD_BYTES(user_ptr, delta), 1);
2231 		if (error) {
2232 			break;
2233 		}
2234 		delta += 1;
2235 
2236 		/* copy out destination string */
2237 
2238 		error = copyout(ps->dst_path,
2239 		    USB_ADD_BYTES(user_ptr, delta), ps->dst_len);
2240 		if (error) {
2241 			break;
2242 		}
2243 		len = 0;
2244 		delta += ps->dst_len;
2245 		error = copyout(&len,
2246 		    USB_ADD_BYTES(user_ptr, delta), 1);
2247 		if (error) {
2248 			break;
2249 		}
2250 		delta += 1;
2251 
2252 		user_len -= temp;
2253 	}
2254 
2255 	/* a zero length entry indicates the end */
2256 
2257 	if ((user_len != 0) && (error == 0)) {
2258 
2259 		len = 0;
2260 
2261 		error = copyout(&len,
2262 		    USB_ADD_BYTES(user_ptr, delta), 1);
2263 	}
2264 	sx_unlock(&usb_sym_lock);
2265 	return (error);
2266 }
2267 
2268 void
2269 usb_fifo_set_close_zlp(struct usb_fifo *f, uint8_t onoff)
2270 {
2271 	if (f == NULL)
2272 		return;
2273 
2274 	/* send a Zero Length Packet, ZLP, before close */
2275 	f->flag_short = onoff;
2276 }
2277 
2278 void
2279 usb_fifo_set_write_defrag(struct usb_fifo *f, uint8_t onoff)
2280 {
2281 	if (f == NULL)
2282 		return;
2283 
2284 	/* defrag written data */
2285 	f->flag_write_defrag = onoff;
2286 	/* reset defrag state */
2287 	f->flag_have_fragment = 0;
2288 }
2289 
2290 void *
2291 usb_fifo_softc(struct usb_fifo *f)
2292 {
2293 	return (f->priv_sc0);
2294 }
2295 #endif	/* USB_HAVE_UGEN */
2296