xref: /freebsd/sys/dev/usb/usb_dev.c (revision ce3adf4362fcca6a43e500b2531f0038adbfbd21)
1 /* $FreeBSD$ */
2 /*-
3  * Copyright (c) 2006-2008 Hans Petter Selasky. All rights reserved.
4  *
5  * Redistribution and use in source and binary forms, with or without
6  * modification, are permitted provided that the following conditions
7  * are met:
8  * 1. Redistributions of source code must retain the above copyright
9  *    notice, this list of conditions and the following disclaimer.
10  * 2. Redistributions in binary form must reproduce the above copyright
11  *    notice, this list of conditions and the following disclaimer in the
12  *    documentation and/or other materials provided with the distribution.
13  *
14  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
15  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
16  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
17  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
18  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
19  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
20  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
21  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
22  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
23  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
24  * SUCH DAMAGE.
25  *
26  *
27  * usb_dev.c - An abstraction layer for creating devices under /dev/...
28  */
29 
30 #ifdef USB_GLOBAL_INCLUDE_FILE
31 #include USB_GLOBAL_INCLUDE_FILE
32 #else
33 #include <sys/stdint.h>
34 #include <sys/stddef.h>
35 #include <sys/param.h>
36 #include <sys/queue.h>
37 #include <sys/types.h>
38 #include <sys/systm.h>
39 #include <sys/kernel.h>
40 #include <sys/bus.h>
41 #include <sys/module.h>
42 #include <sys/lock.h>
43 #include <sys/mutex.h>
44 #include <sys/condvar.h>
45 #include <sys/sysctl.h>
46 #include <sys/sx.h>
47 #include <sys/unistd.h>
48 #include <sys/callout.h>
49 #include <sys/malloc.h>
50 #include <sys/priv.h>
51 #include <sys/vnode.h>
52 #include <sys/conf.h>
53 #include <sys/fcntl.h>
54 
55 #include <dev/usb/usb.h>
56 #include <dev/usb/usb_ioctl.h>
57 #include <dev/usb/usbdi.h>
58 #include <dev/usb/usbdi_util.h>
59 
60 #define	USB_DEBUG_VAR usb_fifo_debug
61 
62 #include <dev/usb/usb_core.h>
63 #include <dev/usb/usb_dev.h>
64 #include <dev/usb/usb_mbuf.h>
65 #include <dev/usb/usb_process.h>
66 #include <dev/usb/usb_device.h>
67 #include <dev/usb/usb_debug.h>
68 #include <dev/usb/usb_busdma.h>
69 #include <dev/usb/usb_generic.h>
70 #include <dev/usb/usb_dynamic.h>
71 #include <dev/usb/usb_util.h>
72 
73 #include <dev/usb/usb_controller.h>
74 #include <dev/usb/usb_bus.h>
75 
76 #include <sys/filio.h>
77 #include <sys/ttycom.h>
78 #include <sys/syscallsubr.h>
79 
80 #include <machine/stdarg.h>
81 #endif			/* USB_GLOBAL_INCLUDE_FILE */
82 
83 #if USB_HAVE_UGEN
84 
85 #ifdef USB_DEBUG
86 static int usb_fifo_debug = 0;
87 
88 static SYSCTL_NODE(_hw_usb, OID_AUTO, dev, CTLFLAG_RW, 0, "USB device");
89 SYSCTL_INT(_hw_usb_dev, OID_AUTO, debug, CTLFLAG_RW | CTLFLAG_TUN,
90     &usb_fifo_debug, 0, "Debug Level");
91 TUNABLE_INT("hw.usb.dev.debug", &usb_fifo_debug);
92 #endif
93 
94 #if ((__FreeBSD_version >= 700001) || (__FreeBSD_version == 0) || \
95      ((__FreeBSD_version >= 600034) && (__FreeBSD_version < 700000)))
96 #define	USB_UCRED struct ucred *ucred,
97 #else
98 #define	USB_UCRED
99 #endif
100 
101 /* prototypes */
102 
103 static int	usb_fifo_open(struct usb_cdev_privdata *,
104 		    struct usb_fifo *, int);
105 static void	usb_fifo_close(struct usb_fifo *, int);
106 static void	usb_dev_init(void *);
107 static void	usb_dev_init_post(void *);
108 static void	usb_dev_uninit(void *);
109 static int	usb_fifo_uiomove(struct usb_fifo *, void *, int,
110 		    struct uio *);
111 static void	usb_fifo_check_methods(struct usb_fifo_methods *);
112 static struct	usb_fifo *usb_fifo_alloc(void);
113 static struct	usb_endpoint *usb_dev_get_ep(struct usb_device *, uint8_t,
114 		    uint8_t);
115 static void	usb_loc_fill(struct usb_fs_privdata *,
116 		    struct usb_cdev_privdata *);
117 static void	usb_close(void *);
118 static usb_error_t usb_ref_device(struct usb_cdev_privdata *, struct usb_cdev_refdata *, int);
119 static usb_error_t usb_usb_ref_device(struct usb_cdev_privdata *, struct usb_cdev_refdata *);
120 static void	usb_unref_device(struct usb_cdev_privdata *, struct usb_cdev_refdata *);
121 
122 static d_open_t usb_open;
123 static d_ioctl_t usb_ioctl;
124 static d_read_t usb_read;
125 static d_write_t usb_write;
126 static d_poll_t usb_poll;
127 
128 static d_ioctl_t usb_static_ioctl;
129 
130 static usb_fifo_open_t usb_fifo_dummy_open;
131 static usb_fifo_close_t usb_fifo_dummy_close;
132 static usb_fifo_ioctl_t usb_fifo_dummy_ioctl;
133 static usb_fifo_cmd_t usb_fifo_dummy_cmd;
134 
135 /* character device structure used for devices (/dev/ugenX.Y and /dev/uXXX) */
136 struct cdevsw usb_devsw = {
137 	.d_version = D_VERSION,
138 	.d_open = usb_open,
139 	.d_ioctl = usb_ioctl,
140 	.d_name = "usbdev",
141 	.d_flags = D_TRACKCLOSE,
142 	.d_read = usb_read,
143 	.d_write = usb_write,
144 	.d_poll = usb_poll
145 };
146 
147 static struct cdev* usb_dev = NULL;
148 
149 /* character device structure used for /dev/usb */
150 static struct cdevsw usb_static_devsw = {
151 	.d_version = D_VERSION,
152 	.d_ioctl = usb_static_ioctl,
153 	.d_name = "usb"
154 };
155 
156 static TAILQ_HEAD(, usb_symlink) usb_sym_head;
157 static struct sx usb_sym_lock;
158 
159 struct mtx usb_ref_lock;
160 
161 /*------------------------------------------------------------------------*
162  *	usb_loc_fill
163  *
164  * This is used to fill out a usb_cdev_privdata structure based on the
165  * device's address as contained in usb_fs_privdata.
166  *------------------------------------------------------------------------*/
167 static void
168 usb_loc_fill(struct usb_fs_privdata* pd, struct usb_cdev_privdata *cpd)
169 {
170 	cpd->bus_index = pd->bus_index;
171 	cpd->dev_index = pd->dev_index;
172 	cpd->ep_addr = pd->ep_addr;
173 	cpd->fifo_index = pd->fifo_index;
174 }
175 
176 /*------------------------------------------------------------------------*
177  *	usb_ref_device
178  *
179  * This function is used to atomically refer an USB device by its
180  * device location. If this function returns success the USB device
181  * will not dissappear until the USB device is unreferenced.
182  *
183  * Return values:
184  *  0: Success, refcount incremented on the given USB device.
185  *  Else: Failure.
186  *------------------------------------------------------------------------*/
187 static usb_error_t
188 usb_ref_device(struct usb_cdev_privdata *cpd,
189     struct usb_cdev_refdata *crd, int need_uref)
190 {
191 	struct usb_fifo **ppf;
192 	struct usb_fifo *f;
193 
194 	DPRINTFN(2, "cpd=%p need uref=%d\n", cpd, need_uref);
195 
196 	/* clear all refs */
197 	memset(crd, 0, sizeof(*crd));
198 
199 	mtx_lock(&usb_ref_lock);
200 	cpd->bus = devclass_get_softc(usb_devclass_ptr, cpd->bus_index);
201 	if (cpd->bus == NULL) {
202 		DPRINTFN(2, "no bus at %u\n", cpd->bus_index);
203 		goto error;
204 	}
205 	cpd->udev = cpd->bus->devices[cpd->dev_index];
206 	if (cpd->udev == NULL) {
207 		DPRINTFN(2, "no device at %u\n", cpd->dev_index);
208 		goto error;
209 	}
210 	if (cpd->udev->refcount == USB_DEV_REF_MAX) {
211 		DPRINTFN(2, "no dev ref\n");
212 		goto error;
213 	}
214 	if (need_uref) {
215 		DPRINTFN(2, "ref udev - needed\n");
216 		cpd->udev->refcount++;
217 
218 		mtx_unlock(&usb_ref_lock);
219 
220 		/*
221 		 * We need to grab the enumeration SX-lock before
222 		 * grabbing the FIFO refs to avoid deadlock at detach!
223 		 */
224 		crd->do_unlock = usbd_enum_lock(cpd->udev);
225 
226 		mtx_lock(&usb_ref_lock);
227 
228 		/*
229 		 * Set "is_uref" after grabbing the default SX lock
230 		 */
231 		crd->is_uref = 1;
232 	}
233 
234 	/* check if we are doing an open */
235 	if (cpd->fflags == 0) {
236 		/* use zero defaults */
237 	} else {
238 		/* check for write */
239 		if (cpd->fflags & FWRITE) {
240 			ppf = cpd->udev->fifo;
241 			f = ppf[cpd->fifo_index + USB_FIFO_TX];
242 			crd->txfifo = f;
243 			crd->is_write = 1;	/* ref */
244 			if (f == NULL || f->refcount == USB_FIFO_REF_MAX)
245 				goto error;
246 			if (f->curr_cpd != cpd)
247 				goto error;
248 			/* check if USB-FS is active */
249 			if (f->fs_ep_max != 0) {
250 				crd->is_usbfs = 1;
251 			}
252 		}
253 
254 		/* check for read */
255 		if (cpd->fflags & FREAD) {
256 			ppf = cpd->udev->fifo;
257 			f = ppf[cpd->fifo_index + USB_FIFO_RX];
258 			crd->rxfifo = f;
259 			crd->is_read = 1;	/* ref */
260 			if (f == NULL || f->refcount == USB_FIFO_REF_MAX)
261 				goto error;
262 			if (f->curr_cpd != cpd)
263 				goto error;
264 			/* check if USB-FS is active */
265 			if (f->fs_ep_max != 0) {
266 				crd->is_usbfs = 1;
267 			}
268 		}
269 	}
270 
271 	/* when everything is OK we increment the refcounts */
272 	if (crd->is_write) {
273 		DPRINTFN(2, "ref write\n");
274 		crd->txfifo->refcount++;
275 	}
276 	if (crd->is_read) {
277 		DPRINTFN(2, "ref read\n");
278 		crd->rxfifo->refcount++;
279 	}
280 	mtx_unlock(&usb_ref_lock);
281 
282 	return (0);
283 
284 error:
285 	if (crd->do_unlock)
286 		usbd_enum_unlock(cpd->udev);
287 
288 	if (crd->is_uref) {
289 		if (--(cpd->udev->refcount) == 0) {
290 			cv_signal(&cpd->udev->ref_cv);
291 		}
292 	}
293 	mtx_unlock(&usb_ref_lock);
294 	DPRINTFN(2, "fail\n");
295 	return (USB_ERR_INVAL);
296 }
297 
298 /*------------------------------------------------------------------------*
299  *	usb_usb_ref_device
300  *
301  * This function is used to upgrade an USB reference to include the
302  * USB device reference on a USB location.
303  *
304  * Return values:
305  *  0: Success, refcount incremented on the given USB device.
306  *  Else: Failure.
307  *------------------------------------------------------------------------*/
308 static usb_error_t
309 usb_usb_ref_device(struct usb_cdev_privdata *cpd,
310     struct usb_cdev_refdata *crd)
311 {
312 	/*
313 	 * Check if we already got an USB reference on this location:
314 	 */
315 	if (crd->is_uref)
316 		return (0);		/* success */
317 
318 	/*
319 	 * To avoid deadlock at detach we need to drop the FIFO ref
320 	 * and re-acquire a new ref!
321 	 */
322 	usb_unref_device(cpd, crd);
323 
324 	return (usb_ref_device(cpd, crd, 1 /* need uref */));
325 }
326 
327 /*------------------------------------------------------------------------*
328  *	usb_unref_device
329  *
330  * This function will release the reference count by one unit for the
331  * given USB device.
332  *------------------------------------------------------------------------*/
333 static void
334 usb_unref_device(struct usb_cdev_privdata *cpd,
335     struct usb_cdev_refdata *crd)
336 {
337 
338 	DPRINTFN(2, "cpd=%p is_uref=%d\n", cpd, crd->is_uref);
339 
340 	if (crd->do_unlock)
341 		usbd_enum_unlock(cpd->udev);
342 
343 	mtx_lock(&usb_ref_lock);
344 	if (crd->is_read) {
345 		if (--(crd->rxfifo->refcount) == 0) {
346 			cv_signal(&crd->rxfifo->cv_drain);
347 		}
348 		crd->is_read = 0;
349 	}
350 	if (crd->is_write) {
351 		if (--(crd->txfifo->refcount) == 0) {
352 			cv_signal(&crd->txfifo->cv_drain);
353 		}
354 		crd->is_write = 0;
355 	}
356 	if (crd->is_uref) {
357 		if (--(cpd->udev->refcount) == 0) {
358 			cv_signal(&cpd->udev->ref_cv);
359 		}
360 		crd->is_uref = 0;
361 	}
362 	mtx_unlock(&usb_ref_lock);
363 }
364 
365 static struct usb_fifo *
366 usb_fifo_alloc(void)
367 {
368 	struct usb_fifo *f;
369 
370 	f = malloc(sizeof(*f), M_USBDEV, M_WAITOK | M_ZERO);
371 	if (f) {
372 		cv_init(&f->cv_io, "FIFO-IO");
373 		cv_init(&f->cv_drain, "FIFO-DRAIN");
374 		f->refcount = 1;
375 	}
376 	return (f);
377 }
378 
379 /*------------------------------------------------------------------------*
380  *	usb_fifo_create
381  *------------------------------------------------------------------------*/
382 static int
383 usb_fifo_create(struct usb_cdev_privdata *cpd,
384     struct usb_cdev_refdata *crd)
385 {
386 	struct usb_device *udev = cpd->udev;
387 	struct usb_fifo *f;
388 	struct usb_endpoint *ep;
389 	uint8_t n;
390 	uint8_t is_tx;
391 	uint8_t is_rx;
392 	uint8_t no_null;
393 	uint8_t is_busy;
394 	int e = cpd->ep_addr;
395 
396 	is_tx = (cpd->fflags & FWRITE) ? 1 : 0;
397 	is_rx = (cpd->fflags & FREAD) ? 1 : 0;
398 	no_null = 1;
399 	is_busy = 0;
400 
401 	/* Preallocated FIFO */
402 	if (e < 0) {
403 		DPRINTFN(5, "Preallocated FIFO\n");
404 		if (is_tx) {
405 			f = udev->fifo[cpd->fifo_index + USB_FIFO_TX];
406 			if (f == NULL)
407 				return (EINVAL);
408 			crd->txfifo = f;
409 		}
410 		if (is_rx) {
411 			f = udev->fifo[cpd->fifo_index + USB_FIFO_RX];
412 			if (f == NULL)
413 				return (EINVAL);
414 			crd->rxfifo = f;
415 		}
416 		return (0);
417 	}
418 
419 	KASSERT(e >= 0 && e <= 15, ("endpoint %d out of range", e));
420 
421 	/* search for a free FIFO slot */
422 	DPRINTFN(5, "Endpoint device, searching for 0x%02x\n", e);
423 	for (n = 0;; n += 2) {
424 
425 		if (n == USB_FIFO_MAX) {
426 			if (no_null) {
427 				no_null = 0;
428 				n = 0;
429 			} else {
430 				/* end of FIFOs reached */
431 				DPRINTFN(5, "out of FIFOs\n");
432 				return (ENOMEM);
433 			}
434 		}
435 		/* Check for TX FIFO */
436 		if (is_tx) {
437 			f = udev->fifo[n + USB_FIFO_TX];
438 			if (f != NULL) {
439 				if (f->dev_ep_index != e) {
440 					/* wrong endpoint index */
441 					continue;
442 				}
443 				if (f->curr_cpd != NULL) {
444 					/* FIFO is opened */
445 					is_busy = 1;
446 					continue;
447 				}
448 			} else if (no_null) {
449 				continue;
450 			}
451 		}
452 		/* Check for RX FIFO */
453 		if (is_rx) {
454 			f = udev->fifo[n + USB_FIFO_RX];
455 			if (f != NULL) {
456 				if (f->dev_ep_index != e) {
457 					/* wrong endpoint index */
458 					continue;
459 				}
460 				if (f->curr_cpd != NULL) {
461 					/* FIFO is opened */
462 					is_busy = 1;
463 					continue;
464 				}
465 			} else if (no_null) {
466 				continue;
467 			}
468 		}
469 		break;
470 	}
471 
472 	if (no_null == 0) {
473 		if (e >= (USB_EP_MAX / 2)) {
474 			/* we don't create any endpoints in this range */
475 			DPRINTFN(5, "ep out of range\n");
476 			return (is_busy ? EBUSY : EINVAL);
477 		}
478 	}
479 
480 	if ((e != 0) && is_busy) {
481 		/*
482 		 * Only the default control endpoint is allowed to be
483 		 * opened multiple times!
484 		 */
485 		DPRINTFN(5, "busy\n");
486 		return (EBUSY);
487 	}
488 
489 	/* Check TX FIFO */
490 	if (is_tx &&
491 	    (udev->fifo[n + USB_FIFO_TX] == NULL)) {
492 		ep = usb_dev_get_ep(udev, e, USB_FIFO_TX);
493 		DPRINTFN(5, "dev_get_endpoint(%d, 0x%x)\n", e, USB_FIFO_TX);
494 		if (ep == NULL) {
495 			DPRINTFN(5, "dev_get_endpoint returned NULL\n");
496 			return (EINVAL);
497 		}
498 		f = usb_fifo_alloc();
499 		if (f == NULL) {
500 			DPRINTFN(5, "could not alloc tx fifo\n");
501 			return (ENOMEM);
502 		}
503 		/* update some fields */
504 		f->fifo_index = n + USB_FIFO_TX;
505 		f->dev_ep_index = e;
506 		f->priv_mtx = &udev->device_mtx;
507 		f->priv_sc0 = ep;
508 		f->methods = &usb_ugen_methods;
509 		f->iface_index = ep->iface_index;
510 		f->udev = udev;
511 		mtx_lock(&usb_ref_lock);
512 		udev->fifo[n + USB_FIFO_TX] = f;
513 		mtx_unlock(&usb_ref_lock);
514 	}
515 	/* Check RX FIFO */
516 	if (is_rx &&
517 	    (udev->fifo[n + USB_FIFO_RX] == NULL)) {
518 
519 		ep = usb_dev_get_ep(udev, e, USB_FIFO_RX);
520 		DPRINTFN(5, "dev_get_endpoint(%d, 0x%x)\n", e, USB_FIFO_RX);
521 		if (ep == NULL) {
522 			DPRINTFN(5, "dev_get_endpoint returned NULL\n");
523 			return (EINVAL);
524 		}
525 		f = usb_fifo_alloc();
526 		if (f == NULL) {
527 			DPRINTFN(5, "could not alloc rx fifo\n");
528 			return (ENOMEM);
529 		}
530 		/* update some fields */
531 		f->fifo_index = n + USB_FIFO_RX;
532 		f->dev_ep_index = e;
533 		f->priv_mtx = &udev->device_mtx;
534 		f->priv_sc0 = ep;
535 		f->methods = &usb_ugen_methods;
536 		f->iface_index = ep->iface_index;
537 		f->udev = udev;
538 		mtx_lock(&usb_ref_lock);
539 		udev->fifo[n + USB_FIFO_RX] = f;
540 		mtx_unlock(&usb_ref_lock);
541 	}
542 	if (is_tx) {
543 		crd->txfifo = udev->fifo[n + USB_FIFO_TX];
544 	}
545 	if (is_rx) {
546 		crd->rxfifo = udev->fifo[n + USB_FIFO_RX];
547 	}
548 	/* fill out fifo index */
549 	DPRINTFN(5, "fifo index = %d\n", n);
550 	cpd->fifo_index = n;
551 
552 	/* complete */
553 
554 	return (0);
555 }
556 
557 void
558 usb_fifo_free(struct usb_fifo *f)
559 {
560 	uint8_t n;
561 
562 	if (f == NULL) {
563 		/* be NULL safe */
564 		return;
565 	}
566 	/* destroy symlink devices, if any */
567 	for (n = 0; n != 2; n++) {
568 		if (f->symlink[n]) {
569 			usb_free_symlink(f->symlink[n]);
570 			f->symlink[n] = NULL;
571 		}
572 	}
573 	mtx_lock(&usb_ref_lock);
574 
575 	/* delink ourselves to stop calls from userland */
576 	if ((f->fifo_index < USB_FIFO_MAX) &&
577 	    (f->udev != NULL) &&
578 	    (f->udev->fifo[f->fifo_index] == f)) {
579 		f->udev->fifo[f->fifo_index] = NULL;
580 	} else {
581 		DPRINTFN(0, "USB FIFO %p has not been linked\n", f);
582 	}
583 
584 	/* decrease refcount */
585 	f->refcount--;
586 	/* prevent any write flush */
587 	f->flag_iserror = 1;
588 	/* need to wait until all callers have exited */
589 	while (f->refcount != 0) {
590 		mtx_unlock(&usb_ref_lock);	/* avoid LOR */
591 		mtx_lock(f->priv_mtx);
592 		/* get I/O thread out of any sleep state */
593 		if (f->flag_sleeping) {
594 			f->flag_sleeping = 0;
595 			cv_broadcast(&f->cv_io);
596 		}
597 		mtx_unlock(f->priv_mtx);
598 		mtx_lock(&usb_ref_lock);
599 
600 		/* wait for sync */
601 		cv_wait(&f->cv_drain, &usb_ref_lock);
602 	}
603 	mtx_unlock(&usb_ref_lock);
604 
605 	/* take care of closing the device here, if any */
606 	usb_fifo_close(f, 0);
607 
608 	cv_destroy(&f->cv_io);
609 	cv_destroy(&f->cv_drain);
610 
611 	free(f, M_USBDEV);
612 }
613 
614 static struct usb_endpoint *
615 usb_dev_get_ep(struct usb_device *udev, uint8_t ep_index, uint8_t dir)
616 {
617 	struct usb_endpoint *ep;
618 	uint8_t ep_dir;
619 
620 	if (ep_index == 0) {
621 		ep = &udev->ctrl_ep;
622 	} else {
623 		if (dir == USB_FIFO_RX) {
624 			if (udev->flags.usb_mode == USB_MODE_HOST) {
625 				ep_dir = UE_DIR_IN;
626 			} else {
627 				ep_dir = UE_DIR_OUT;
628 			}
629 		} else {
630 			if (udev->flags.usb_mode == USB_MODE_HOST) {
631 				ep_dir = UE_DIR_OUT;
632 			} else {
633 				ep_dir = UE_DIR_IN;
634 			}
635 		}
636 		ep = usbd_get_ep_by_addr(udev, ep_index | ep_dir);
637 	}
638 
639 	if (ep == NULL) {
640 		/* if the endpoint does not exist then return */
641 		return (NULL);
642 	}
643 	if (ep->edesc == NULL) {
644 		/* invalid endpoint */
645 		return (NULL);
646 	}
647 	return (ep);			/* success */
648 }
649 
650 /*------------------------------------------------------------------------*
651  *	usb_fifo_open
652  *
653  * Returns:
654  * 0: Success
655  * Else: Failure
656  *------------------------------------------------------------------------*/
657 static int
658 usb_fifo_open(struct usb_cdev_privdata *cpd,
659     struct usb_fifo *f, int fflags)
660 {
661 	int err;
662 
663 	if (f == NULL) {
664 		/* no FIFO there */
665 		DPRINTFN(2, "no FIFO\n");
666 		return (ENXIO);
667 	}
668 	/* remove FWRITE and FREAD flags */
669 	fflags &= ~(FWRITE | FREAD);
670 
671 	/* set correct file flags */
672 	if ((f->fifo_index & 1) == USB_FIFO_TX) {
673 		fflags |= FWRITE;
674 	} else {
675 		fflags |= FREAD;
676 	}
677 
678 	/* check if we are already opened */
679 	/* we don't need any locks when checking this variable */
680 	if (f->curr_cpd != NULL) {
681 		err = EBUSY;
682 		goto done;
683 	}
684 
685 	/* reset short flag before open */
686 	f->flag_short = 0;
687 
688 	/* call open method */
689 	err = (f->methods->f_open) (f, fflags);
690 	if (err) {
691 		goto done;
692 	}
693 	mtx_lock(f->priv_mtx);
694 
695 	/* reset sleep flag */
696 	f->flag_sleeping = 0;
697 
698 	/* reset error flag */
699 	f->flag_iserror = 0;
700 
701 	/* reset complete flag */
702 	f->flag_iscomplete = 0;
703 
704 	/* reset select flag */
705 	f->flag_isselect = 0;
706 
707 	/* reset flushing flag */
708 	f->flag_flushing = 0;
709 
710 	/* reset ASYNC proc flag */
711 	f->async_p = NULL;
712 
713 	mtx_lock(&usb_ref_lock);
714 	/* flag the fifo as opened to prevent others */
715 	f->curr_cpd = cpd;
716 	mtx_unlock(&usb_ref_lock);
717 
718 	/* reset queue */
719 	usb_fifo_reset(f);
720 
721 	mtx_unlock(f->priv_mtx);
722 done:
723 	return (err);
724 }
725 
726 /*------------------------------------------------------------------------*
727  *	usb_fifo_reset
728  *------------------------------------------------------------------------*/
729 void
730 usb_fifo_reset(struct usb_fifo *f)
731 {
732 	struct usb_mbuf *m;
733 
734 	if (f == NULL) {
735 		return;
736 	}
737 	while (1) {
738 		USB_IF_DEQUEUE(&f->used_q, m);
739 		if (m) {
740 			USB_IF_ENQUEUE(&f->free_q, m);
741 		} else {
742 			break;
743 		}
744 	}
745 	/* reset have fragment flag */
746 	f->flag_have_fragment = 0;
747 }
748 
749 /*------------------------------------------------------------------------*
750  *	usb_fifo_close
751  *------------------------------------------------------------------------*/
752 static void
753 usb_fifo_close(struct usb_fifo *f, int fflags)
754 {
755 	int err;
756 
757 	/* check if we are not opened */
758 	if (f->curr_cpd == NULL) {
759 		/* nothing to do - already closed */
760 		return;
761 	}
762 	mtx_lock(f->priv_mtx);
763 
764 	/* clear current cdev private data pointer */
765 	f->curr_cpd = NULL;
766 
767 	/* check if we are selected */
768 	if (f->flag_isselect) {
769 		selwakeup(&f->selinfo);
770 		f->flag_isselect = 0;
771 	}
772 	/* check if a thread wants SIGIO */
773 	if (f->async_p != NULL) {
774 		PROC_LOCK(f->async_p);
775 		kern_psignal(f->async_p, SIGIO);
776 		PROC_UNLOCK(f->async_p);
777 		f->async_p = NULL;
778 	}
779 	/* remove FWRITE and FREAD flags */
780 	fflags &= ~(FWRITE | FREAD);
781 
782 	/* flush written data, if any */
783 	if ((f->fifo_index & 1) == USB_FIFO_TX) {
784 
785 		if (!f->flag_iserror) {
786 
787 			/* set flushing flag */
788 			f->flag_flushing = 1;
789 
790 			/* get the last packet in */
791 			if (f->flag_have_fragment) {
792 				struct usb_mbuf *m;
793 				f->flag_have_fragment = 0;
794 				USB_IF_DEQUEUE(&f->free_q, m);
795 				if (m) {
796 					USB_IF_ENQUEUE(&f->used_q, m);
797 				}
798 			}
799 
800 			/* start write transfer, if not already started */
801 			(f->methods->f_start_write) (f);
802 
803 			/* check if flushed already */
804 			while (f->flag_flushing &&
805 			    (!f->flag_iserror)) {
806 				/* wait until all data has been written */
807 				f->flag_sleeping = 1;
808 				err = cv_wait_sig(&f->cv_io, f->priv_mtx);
809 				if (err) {
810 					DPRINTF("signal received\n");
811 					break;
812 				}
813 			}
814 		}
815 		fflags |= FWRITE;
816 
817 		/* stop write transfer, if not already stopped */
818 		(f->methods->f_stop_write) (f);
819 	} else {
820 		fflags |= FREAD;
821 
822 		/* stop write transfer, if not already stopped */
823 		(f->methods->f_stop_read) (f);
824 	}
825 
826 	/* check if we are sleeping */
827 	if (f->flag_sleeping) {
828 		DPRINTFN(2, "Sleeping at close!\n");
829 	}
830 	mtx_unlock(f->priv_mtx);
831 
832 	/* call close method */
833 	(f->methods->f_close) (f, fflags);
834 
835 	DPRINTF("closed\n");
836 }
837 
838 /*------------------------------------------------------------------------*
839  *	usb_open - cdev callback
840  *------------------------------------------------------------------------*/
841 static int
842 usb_open(struct cdev *dev, int fflags, int devtype, struct thread *td)
843 {
844 	struct usb_fs_privdata* pd = (struct usb_fs_privdata*)dev->si_drv1;
845 	struct usb_cdev_refdata refs;
846 	struct usb_cdev_privdata *cpd;
847 	int err, ep;
848 
849 	DPRINTFN(2, "%s fflags=0x%08x\n", devtoname(dev), fflags);
850 
851 	KASSERT(fflags & (FREAD|FWRITE), ("invalid open flags"));
852 	if (((fflags & FREAD) && !(pd->mode & FREAD)) ||
853 	    ((fflags & FWRITE) && !(pd->mode & FWRITE))) {
854 		DPRINTFN(2, "access mode not supported\n");
855 		return (EPERM);
856 	}
857 
858 	cpd = malloc(sizeof(*cpd), M_USBDEV, M_WAITOK | M_ZERO);
859 	ep = cpd->ep_addr = pd->ep_addr;
860 
861 	usb_loc_fill(pd, cpd);
862 	err = usb_ref_device(cpd, &refs, 1);
863 	if (err) {
864 		DPRINTFN(2, "cannot ref device\n");
865 		free(cpd, M_USBDEV);
866 		return (ENXIO);
867 	}
868 	cpd->fflags = fflags;	/* access mode for open lifetime */
869 
870 	/* create FIFOs, if any */
871 	err = usb_fifo_create(cpd, &refs);
872 	/* check for error */
873 	if (err) {
874 		DPRINTFN(2, "cannot create fifo\n");
875 		usb_unref_device(cpd, &refs);
876 		free(cpd, M_USBDEV);
877 		return (err);
878 	}
879 	if (fflags & FREAD) {
880 		err = usb_fifo_open(cpd, refs.rxfifo, fflags);
881 		if (err) {
882 			DPRINTFN(2, "read open failed\n");
883 			usb_unref_device(cpd, &refs);
884 			free(cpd, M_USBDEV);
885 			return (err);
886 		}
887 	}
888 	if (fflags & FWRITE) {
889 		err = usb_fifo_open(cpd, refs.txfifo, fflags);
890 		if (err) {
891 			DPRINTFN(2, "write open failed\n");
892 			if (fflags & FREAD) {
893 				usb_fifo_close(refs.rxfifo, fflags);
894 			}
895 			usb_unref_device(cpd, &refs);
896 			free(cpd, M_USBDEV);
897 			return (err);
898 		}
899 	}
900 	usb_unref_device(cpd, &refs);
901 	devfs_set_cdevpriv(cpd, usb_close);
902 
903 	return (0);
904 }
905 
906 /*------------------------------------------------------------------------*
907  *	usb_close - cdev callback
908  *------------------------------------------------------------------------*/
909 static void
910 usb_close(void *arg)
911 {
912 	struct usb_cdev_refdata refs;
913 	struct usb_cdev_privdata *cpd = arg;
914 	int err;
915 
916 	DPRINTFN(2, "cpd=%p\n", cpd);
917 
918 	err = usb_ref_device(cpd, &refs, 0);
919 	if (err)
920 		goto done;
921 
922 	/*
923 	 * If this function is not called directly from the root HUB
924 	 * thread, there is usually a need to lock the enumeration
925 	 * lock. Check this.
926 	 */
927 	if (!usbd_enum_is_locked(cpd->udev)) {
928 
929 		DPRINTFN(2, "Locking enumeration\n");
930 
931 		/* reference device */
932 		err = usb_usb_ref_device(cpd, &refs);
933 		if (err)
934 			goto done;
935 	}
936 	if (cpd->fflags & FREAD) {
937 		usb_fifo_close(refs.rxfifo, cpd->fflags);
938 	}
939 	if (cpd->fflags & FWRITE) {
940 		usb_fifo_close(refs.txfifo, cpd->fflags);
941 	}
942 	usb_unref_device(cpd, &refs);
943 done:
944 	free(cpd, M_USBDEV);
945 }
946 
947 static void
948 usb_dev_init(void *arg)
949 {
950 	mtx_init(&usb_ref_lock, "USB ref mutex", NULL, MTX_DEF);
951 	sx_init(&usb_sym_lock, "USB sym mutex");
952 	TAILQ_INIT(&usb_sym_head);
953 
954 	/* check the UGEN methods */
955 	usb_fifo_check_methods(&usb_ugen_methods);
956 }
957 
958 SYSINIT(usb_dev_init, SI_SUB_KLD, SI_ORDER_FIRST, usb_dev_init, NULL);
959 
960 static void
961 usb_dev_init_post(void *arg)
962 {
963 	/*
964 	 * Create /dev/usb - this is needed for usbconfig(8), which
965 	 * needs a well-known device name to access.
966 	 */
967 	usb_dev = make_dev(&usb_static_devsw, 0, UID_ROOT, GID_OPERATOR,
968 	    0644, USB_DEVICE_NAME);
969 	if (usb_dev == NULL) {
970 		DPRINTFN(0, "Could not create usb bus device\n");
971 	}
972 }
973 
974 SYSINIT(usb_dev_init_post, SI_SUB_KICK_SCHEDULER, SI_ORDER_FIRST, usb_dev_init_post, NULL);
975 
976 static void
977 usb_dev_uninit(void *arg)
978 {
979 	if (usb_dev != NULL) {
980 		destroy_dev(usb_dev);
981 		usb_dev = NULL;
982 	}
983 	mtx_destroy(&usb_ref_lock);
984 	sx_destroy(&usb_sym_lock);
985 }
986 
987 SYSUNINIT(usb_dev_uninit, SI_SUB_KICK_SCHEDULER, SI_ORDER_ANY, usb_dev_uninit, NULL);
988 
989 static int
990 usb_ioctl_f_sub(struct usb_fifo *f, u_long cmd, void *addr,
991     struct thread *td)
992 {
993 	int error = 0;
994 
995 	switch (cmd) {
996 	case FIODTYPE:
997 		*(int *)addr = 0;	/* character device */
998 		break;
999 
1000 	case FIONBIO:
1001 		/* handled by upper FS layer */
1002 		break;
1003 
1004 	case FIOASYNC:
1005 		if (*(int *)addr) {
1006 			if (f->async_p != NULL) {
1007 				error = EBUSY;
1008 				break;
1009 			}
1010 			f->async_p = USB_TD_GET_PROC(td);
1011 		} else {
1012 			f->async_p = NULL;
1013 		}
1014 		break;
1015 
1016 		/* XXX this is not the most general solution */
1017 	case TIOCSPGRP:
1018 		if (f->async_p == NULL) {
1019 			error = EINVAL;
1020 			break;
1021 		}
1022 		if (*(int *)addr != USB_PROC_GET_GID(f->async_p)) {
1023 			error = EPERM;
1024 			break;
1025 		}
1026 		break;
1027 	default:
1028 		return (ENOIOCTL);
1029 	}
1030 	DPRINTFN(3, "cmd 0x%lx = %d\n", cmd, error);
1031 	return (error);
1032 }
1033 
1034 /*------------------------------------------------------------------------*
1035  *	usb_ioctl - cdev callback
1036  *------------------------------------------------------------------------*/
1037 static int
1038 usb_ioctl(struct cdev *dev, u_long cmd, caddr_t addr, int fflag, struct thread* td)
1039 {
1040 	struct usb_cdev_refdata refs;
1041 	struct usb_cdev_privdata* cpd;
1042 	struct usb_fifo *f;
1043 	int fflags;
1044 	int err;
1045 
1046 	DPRINTFN(2, "cmd=0x%lx\n", cmd);
1047 
1048 	err = devfs_get_cdevpriv((void **)&cpd);
1049 	if (err != 0)
1050 		return (err);
1051 
1052 	/*
1053 	 * Performance optimisation: We try to check for IOCTL's that
1054 	 * don't need the USB reference first. Then we grab the USB
1055 	 * reference if we need it!
1056 	 */
1057 	err = usb_ref_device(cpd, &refs, 0 /* no uref */ );
1058 	if (err)
1059 		return (ENXIO);
1060 
1061 	fflags = cpd->fflags;
1062 
1063 	f = NULL;			/* set default value */
1064 	err = ENOIOCTL;			/* set default value */
1065 
1066 	if (fflags & FWRITE) {
1067 		f = refs.txfifo;
1068 		err = usb_ioctl_f_sub(f, cmd, addr, td);
1069 	}
1070 	if (fflags & FREAD) {
1071 		f = refs.rxfifo;
1072 		err = usb_ioctl_f_sub(f, cmd, addr, td);
1073 	}
1074 	KASSERT(f != NULL, ("fifo not found"));
1075 	if (err != ENOIOCTL)
1076 		goto done;
1077 
1078 	err = (f->methods->f_ioctl) (f, cmd, addr, fflags);
1079 
1080 	DPRINTFN(2, "f_ioctl cmd 0x%lx = %d\n", cmd, err);
1081 
1082 	if (err != ENOIOCTL)
1083 		goto done;
1084 
1085 	if (usb_usb_ref_device(cpd, &refs)) {
1086 		err = ENXIO;
1087 		goto done;
1088 	}
1089 
1090 	err = (f->methods->f_ioctl_post) (f, cmd, addr, fflags);
1091 
1092 	DPRINTFN(2, "f_ioctl_post cmd 0x%lx = %d\n", cmd, err);
1093 
1094 	if (err == ENOIOCTL)
1095 		err = ENOTTY;
1096 
1097 	if (err)
1098 		goto done;
1099 
1100 	/* Wait for re-enumeration, if any */
1101 
1102 	while (f->udev->re_enumerate_wait != 0) {
1103 
1104 		usb_unref_device(cpd, &refs);
1105 
1106 		usb_pause_mtx(NULL, hz / 128);
1107 
1108 		if (usb_ref_device(cpd, &refs, 1 /* need uref */)) {
1109 			err = ENXIO;
1110 			goto done;
1111 		}
1112 	}
1113 
1114 done:
1115 	usb_unref_device(cpd, &refs);
1116 	return (err);
1117 }
1118 
1119 /* ARGSUSED */
1120 static int
1121 usb_poll(struct cdev* dev, int events, struct thread* td)
1122 {
1123 	struct usb_cdev_refdata refs;
1124 	struct usb_cdev_privdata* cpd;
1125 	struct usb_fifo *f;
1126 	struct usb_mbuf *m;
1127 	int fflags, revents;
1128 
1129 	if (devfs_get_cdevpriv((void **)&cpd) != 0 ||
1130 	    usb_ref_device(cpd, &refs, 0) != 0)
1131 		return (events &
1132 		    (POLLHUP|POLLIN|POLLRDNORM|POLLOUT|POLLWRNORM));
1133 
1134 	fflags = cpd->fflags;
1135 
1136 	/* Figure out who needs service */
1137 	revents = 0;
1138 	if ((events & (POLLOUT | POLLWRNORM)) &&
1139 	    (fflags & FWRITE)) {
1140 
1141 		f = refs.txfifo;
1142 
1143 		mtx_lock(f->priv_mtx);
1144 
1145 		if (!refs.is_usbfs) {
1146 			if (f->flag_iserror) {
1147 				/* we got an error */
1148 				m = (void *)1;
1149 			} else {
1150 				if (f->queue_data == NULL) {
1151 					/*
1152 					 * start write transfer, if not
1153 					 * already started
1154 					 */
1155 					(f->methods->f_start_write) (f);
1156 				}
1157 				/* check if any packets are available */
1158 				USB_IF_POLL(&f->free_q, m);
1159 			}
1160 		} else {
1161 			if (f->flag_iscomplete) {
1162 				m = (void *)1;
1163 			} else {
1164 				m = NULL;
1165 			}
1166 		}
1167 
1168 		if (m) {
1169 			revents |= events & (POLLOUT | POLLWRNORM);
1170 		} else {
1171 			f->flag_isselect = 1;
1172 			selrecord(td, &f->selinfo);
1173 		}
1174 
1175 		mtx_unlock(f->priv_mtx);
1176 	}
1177 	if ((events & (POLLIN | POLLRDNORM)) &&
1178 	    (fflags & FREAD)) {
1179 
1180 		f = refs.rxfifo;
1181 
1182 		mtx_lock(f->priv_mtx);
1183 
1184 		if (!refs.is_usbfs) {
1185 			if (f->flag_iserror) {
1186 				/* we have and error */
1187 				m = (void *)1;
1188 			} else {
1189 				if (f->queue_data == NULL) {
1190 					/*
1191 					 * start read transfer, if not
1192 					 * already started
1193 					 */
1194 					(f->methods->f_start_read) (f);
1195 				}
1196 				/* check if any packets are available */
1197 				USB_IF_POLL(&f->used_q, m);
1198 			}
1199 		} else {
1200 			if (f->flag_iscomplete) {
1201 				m = (void *)1;
1202 			} else {
1203 				m = NULL;
1204 			}
1205 		}
1206 
1207 		if (m) {
1208 			revents |= events & (POLLIN | POLLRDNORM);
1209 		} else {
1210 			f->flag_isselect = 1;
1211 			selrecord(td, &f->selinfo);
1212 
1213 			if (!refs.is_usbfs) {
1214 				/* start reading data */
1215 				(f->methods->f_start_read) (f);
1216 			}
1217 		}
1218 
1219 		mtx_unlock(f->priv_mtx);
1220 	}
1221 	usb_unref_device(cpd, &refs);
1222 	return (revents);
1223 }
1224 
1225 static int
1226 usb_read(struct cdev *dev, struct uio *uio, int ioflag)
1227 {
1228 	struct usb_cdev_refdata refs;
1229 	struct usb_cdev_privdata* cpd;
1230 	struct usb_fifo *f;
1231 	struct usb_mbuf *m;
1232 	int fflags;
1233 	int resid;
1234 	int io_len;
1235 	int err;
1236 	uint8_t tr_data = 0;
1237 
1238 	err = devfs_get_cdevpriv((void **)&cpd);
1239 	if (err != 0)
1240 		return (err);
1241 
1242 	err = usb_ref_device(cpd, &refs, 0 /* no uref */ );
1243 	if (err) {
1244 		return (ENXIO);
1245 	}
1246 	fflags = cpd->fflags;
1247 
1248 	f = refs.rxfifo;
1249 	if (f == NULL) {
1250 		/* should not happen */
1251 		usb_unref_device(cpd, &refs);
1252 		return (EPERM);
1253 	}
1254 
1255 	resid = uio->uio_resid;
1256 
1257 	mtx_lock(f->priv_mtx);
1258 
1259 	/* check for permanent read error */
1260 	if (f->flag_iserror) {
1261 		err = EIO;
1262 		goto done;
1263 	}
1264 	/* check if USB-FS interface is active */
1265 	if (refs.is_usbfs) {
1266 		/*
1267 		 * The queue is used for events that should be
1268 		 * retrieved using the "USB_FS_COMPLETE" ioctl.
1269 		 */
1270 		err = EINVAL;
1271 		goto done;
1272 	}
1273 	while (uio->uio_resid > 0) {
1274 
1275 		USB_IF_DEQUEUE(&f->used_q, m);
1276 
1277 		if (m == NULL) {
1278 
1279 			/* start read transfer, if not already started */
1280 
1281 			(f->methods->f_start_read) (f);
1282 
1283 			if (ioflag & IO_NDELAY) {
1284 				if (tr_data) {
1285 					/* return length before error */
1286 					break;
1287 				}
1288 				err = EWOULDBLOCK;
1289 				break;
1290 			}
1291 			DPRINTF("sleeping\n");
1292 
1293 			err = usb_fifo_wait(f);
1294 			if (err) {
1295 				break;
1296 			}
1297 			continue;
1298 		}
1299 		if (f->methods->f_filter_read) {
1300 			/*
1301 			 * Sometimes it is convenient to process data at the
1302 			 * expense of a userland process instead of a kernel
1303 			 * process.
1304 			 */
1305 			(f->methods->f_filter_read) (f, m);
1306 		}
1307 		tr_data = 1;
1308 
1309 		io_len = MIN(m->cur_data_len, uio->uio_resid);
1310 
1311 		DPRINTFN(2, "transfer %d bytes from %p\n",
1312 		    io_len, m->cur_data_ptr);
1313 
1314 		err = usb_fifo_uiomove(f,
1315 		    m->cur_data_ptr, io_len, uio);
1316 
1317 		m->cur_data_len -= io_len;
1318 		m->cur_data_ptr += io_len;
1319 
1320 		if (m->cur_data_len == 0) {
1321 
1322 			uint8_t last_packet;
1323 
1324 			last_packet = m->last_packet;
1325 
1326 			USB_IF_ENQUEUE(&f->free_q, m);
1327 
1328 			if (last_packet) {
1329 				/* keep framing */
1330 				break;
1331 			}
1332 		} else {
1333 			USB_IF_PREPEND(&f->used_q, m);
1334 		}
1335 
1336 		if (err) {
1337 			break;
1338 		}
1339 	}
1340 done:
1341 	mtx_unlock(f->priv_mtx);
1342 
1343 	usb_unref_device(cpd, &refs);
1344 
1345 	return (err);
1346 }
1347 
1348 static int
1349 usb_write(struct cdev *dev, struct uio *uio, int ioflag)
1350 {
1351 	struct usb_cdev_refdata refs;
1352 	struct usb_cdev_privdata* cpd;
1353 	struct usb_fifo *f;
1354 	struct usb_mbuf *m;
1355 	uint8_t *pdata;
1356 	int fflags;
1357 	int resid;
1358 	int io_len;
1359 	int err;
1360 	uint8_t tr_data = 0;
1361 
1362 	DPRINTFN(2, "\n");
1363 
1364 	err = devfs_get_cdevpriv((void **)&cpd);
1365 	if (err != 0)
1366 		return (err);
1367 
1368 	err = usb_ref_device(cpd, &refs, 0 /* no uref */ );
1369 	if (err) {
1370 		return (ENXIO);
1371 	}
1372 	fflags = cpd->fflags;
1373 
1374 	f = refs.txfifo;
1375 	if (f == NULL) {
1376 		/* should not happen */
1377 		usb_unref_device(cpd, &refs);
1378 		return (EPERM);
1379 	}
1380 	resid = uio->uio_resid;
1381 
1382 	mtx_lock(f->priv_mtx);
1383 
1384 	/* check for permanent write error */
1385 	if (f->flag_iserror) {
1386 		err = EIO;
1387 		goto done;
1388 	}
1389 	/* check if USB-FS interface is active */
1390 	if (refs.is_usbfs) {
1391 		/*
1392 		 * The queue is used for events that should be
1393 		 * retrieved using the "USB_FS_COMPLETE" ioctl.
1394 		 */
1395 		err = EINVAL;
1396 		goto done;
1397 	}
1398 	if (f->queue_data == NULL) {
1399 		/* start write transfer, if not already started */
1400 		(f->methods->f_start_write) (f);
1401 	}
1402 	/* we allow writing zero length data */
1403 	do {
1404 		USB_IF_DEQUEUE(&f->free_q, m);
1405 
1406 		if (m == NULL) {
1407 
1408 			if (ioflag & IO_NDELAY) {
1409 				if (tr_data) {
1410 					/* return length before error */
1411 					break;
1412 				}
1413 				err = EWOULDBLOCK;
1414 				break;
1415 			}
1416 			DPRINTF("sleeping\n");
1417 
1418 			err = usb_fifo_wait(f);
1419 			if (err) {
1420 				break;
1421 			}
1422 			continue;
1423 		}
1424 		tr_data = 1;
1425 
1426 		if (f->flag_have_fragment == 0) {
1427 			USB_MBUF_RESET(m);
1428 			io_len = m->cur_data_len;
1429 			pdata = m->cur_data_ptr;
1430 			if (io_len > uio->uio_resid)
1431 				io_len = uio->uio_resid;
1432 			m->cur_data_len = io_len;
1433 		} else {
1434 			io_len = m->max_data_len - m->cur_data_len;
1435 			pdata = m->cur_data_ptr + m->cur_data_len;
1436 			if (io_len > uio->uio_resid)
1437 				io_len = uio->uio_resid;
1438 			m->cur_data_len += io_len;
1439 		}
1440 
1441 		DPRINTFN(2, "transfer %d bytes to %p\n",
1442 		    io_len, pdata);
1443 
1444 		err = usb_fifo_uiomove(f, pdata, io_len, uio);
1445 
1446 		if (err) {
1447 			f->flag_have_fragment = 0;
1448 			USB_IF_ENQUEUE(&f->free_q, m);
1449 			break;
1450 		}
1451 
1452 		/* check if the buffer is ready to be transmitted */
1453 
1454 		if ((f->flag_write_defrag == 0) ||
1455 		    (m->cur_data_len == m->max_data_len)) {
1456 			f->flag_have_fragment = 0;
1457 
1458 			/*
1459 			 * Check for write filter:
1460 			 *
1461 			 * Sometimes it is convenient to process data
1462 			 * at the expense of a userland process
1463 			 * instead of a kernel process.
1464 			 */
1465 			if (f->methods->f_filter_write) {
1466 				(f->methods->f_filter_write) (f, m);
1467 			}
1468 
1469 			/* Put USB mbuf in the used queue */
1470 			USB_IF_ENQUEUE(&f->used_q, m);
1471 
1472 			/* Start writing data, if not already started */
1473 			(f->methods->f_start_write) (f);
1474 		} else {
1475 			/* Wait for more data or close */
1476 			f->flag_have_fragment = 1;
1477 			USB_IF_PREPEND(&f->free_q, m);
1478 		}
1479 
1480 	} while (uio->uio_resid > 0);
1481 done:
1482 	mtx_unlock(f->priv_mtx);
1483 
1484 	usb_unref_device(cpd, &refs);
1485 
1486 	return (err);
1487 }
1488 
1489 int
1490 usb_static_ioctl(struct cdev *dev, u_long cmd, caddr_t data, int fflag,
1491     struct thread *td)
1492 {
1493 	union {
1494 		struct usb_read_dir *urd;
1495 		void* data;
1496 	} u;
1497 	int err;
1498 
1499 	u.data = data;
1500 	switch (cmd) {
1501 		case USB_READ_DIR:
1502 			err = usb_read_symlink(u.urd->urd_data,
1503 			    u.urd->urd_startentry, u.urd->urd_maxlen);
1504 			break;
1505 		case USB_DEV_QUIRK_GET:
1506 		case USB_QUIRK_NAME_GET:
1507 		case USB_DEV_QUIRK_ADD:
1508 		case USB_DEV_QUIRK_REMOVE:
1509 			err = usb_quirk_ioctl_p(cmd, data, fflag, td);
1510 			break;
1511 		case USB_GET_TEMPLATE:
1512 			*(int *)data = usb_template;
1513 			err = 0;
1514 			break;
1515 		case USB_SET_TEMPLATE:
1516 			err = priv_check(curthread, PRIV_DRIVER);
1517 			if (err)
1518 				break;
1519 			usb_template = *(int *)data;
1520 			break;
1521 		default:
1522 			err = ENOTTY;
1523 			break;
1524 	}
1525 	return (err);
1526 }
1527 
1528 static int
1529 usb_fifo_uiomove(struct usb_fifo *f, void *cp,
1530     int n, struct uio *uio)
1531 {
1532 	int error;
1533 
1534 	mtx_unlock(f->priv_mtx);
1535 
1536 	/*
1537 	 * "uiomove()" can sleep so one needs to make a wrapper,
1538 	 * exiting the mutex and checking things:
1539 	 */
1540 	error = uiomove(cp, n, uio);
1541 
1542 	mtx_lock(f->priv_mtx);
1543 
1544 	return (error);
1545 }
1546 
1547 int
1548 usb_fifo_wait(struct usb_fifo *f)
1549 {
1550 	int err;
1551 
1552 	mtx_assert(f->priv_mtx, MA_OWNED);
1553 
1554 	if (f->flag_iserror) {
1555 		/* we are gone */
1556 		return (EIO);
1557 	}
1558 	f->flag_sleeping = 1;
1559 
1560 	err = cv_wait_sig(&f->cv_io, f->priv_mtx);
1561 
1562 	if (f->flag_iserror) {
1563 		/* we are gone */
1564 		err = EIO;
1565 	}
1566 	return (err);
1567 }
1568 
1569 void
1570 usb_fifo_signal(struct usb_fifo *f)
1571 {
1572 	if (f->flag_sleeping) {
1573 		f->flag_sleeping = 0;
1574 		cv_broadcast(&f->cv_io);
1575 	}
1576 }
1577 
1578 void
1579 usb_fifo_wakeup(struct usb_fifo *f)
1580 {
1581 	usb_fifo_signal(f);
1582 
1583 	if (f->flag_isselect) {
1584 		selwakeup(&f->selinfo);
1585 		f->flag_isselect = 0;
1586 	}
1587 	if (f->async_p != NULL) {
1588 		PROC_LOCK(f->async_p);
1589 		kern_psignal(f->async_p, SIGIO);
1590 		PROC_UNLOCK(f->async_p);
1591 	}
1592 }
1593 
1594 static int
1595 usb_fifo_dummy_open(struct usb_fifo *fifo, int fflags)
1596 {
1597 	return (0);
1598 }
1599 
1600 static void
1601 usb_fifo_dummy_close(struct usb_fifo *fifo, int fflags)
1602 {
1603 	return;
1604 }
1605 
1606 static int
1607 usb_fifo_dummy_ioctl(struct usb_fifo *fifo, u_long cmd, void *addr, int fflags)
1608 {
1609 	return (ENOIOCTL);
1610 }
1611 
1612 static void
1613 usb_fifo_dummy_cmd(struct usb_fifo *fifo)
1614 {
1615 	fifo->flag_flushing = 0;	/* not flushing */
1616 }
1617 
1618 static void
1619 usb_fifo_check_methods(struct usb_fifo_methods *pm)
1620 {
1621 	/* check that all callback functions are OK */
1622 
1623 	if (pm->f_open == NULL)
1624 		pm->f_open = &usb_fifo_dummy_open;
1625 
1626 	if (pm->f_close == NULL)
1627 		pm->f_close = &usb_fifo_dummy_close;
1628 
1629 	if (pm->f_ioctl == NULL)
1630 		pm->f_ioctl = &usb_fifo_dummy_ioctl;
1631 
1632 	if (pm->f_ioctl_post == NULL)
1633 		pm->f_ioctl_post = &usb_fifo_dummy_ioctl;
1634 
1635 	if (pm->f_start_read == NULL)
1636 		pm->f_start_read = &usb_fifo_dummy_cmd;
1637 
1638 	if (pm->f_stop_read == NULL)
1639 		pm->f_stop_read = &usb_fifo_dummy_cmd;
1640 
1641 	if (pm->f_start_write == NULL)
1642 		pm->f_start_write = &usb_fifo_dummy_cmd;
1643 
1644 	if (pm->f_stop_write == NULL)
1645 		pm->f_stop_write = &usb_fifo_dummy_cmd;
1646 }
1647 
1648 /*------------------------------------------------------------------------*
1649  *	usb_fifo_attach
1650  *
1651  * The following function will create a duplex FIFO.
1652  *
1653  * Return values:
1654  * 0: Success.
1655  * Else: Failure.
1656  *------------------------------------------------------------------------*/
1657 int
1658 usb_fifo_attach(struct usb_device *udev, void *priv_sc,
1659     struct mtx *priv_mtx, struct usb_fifo_methods *pm,
1660     struct usb_fifo_sc *f_sc, uint16_t unit, int16_t subunit,
1661     uint8_t iface_index, uid_t uid, gid_t gid, int mode)
1662 {
1663 	struct usb_fifo *f_tx;
1664 	struct usb_fifo *f_rx;
1665 	char devname[32];
1666 	uint8_t n;
1667 
1668 	f_sc->fp[USB_FIFO_TX] = NULL;
1669 	f_sc->fp[USB_FIFO_RX] = NULL;
1670 
1671 	if (pm == NULL)
1672 		return (EINVAL);
1673 
1674 	/* check the methods */
1675 	usb_fifo_check_methods(pm);
1676 
1677 	if (priv_mtx == NULL)
1678 		priv_mtx = &Giant;
1679 
1680 	/* search for a free FIFO slot */
1681 	for (n = 0;; n += 2) {
1682 
1683 		if (n == USB_FIFO_MAX) {
1684 			/* end of FIFOs reached */
1685 			return (ENOMEM);
1686 		}
1687 		/* Check for TX FIFO */
1688 		if (udev->fifo[n + USB_FIFO_TX] != NULL) {
1689 			continue;
1690 		}
1691 		/* Check for RX FIFO */
1692 		if (udev->fifo[n + USB_FIFO_RX] != NULL) {
1693 			continue;
1694 		}
1695 		break;
1696 	}
1697 
1698 	f_tx = usb_fifo_alloc();
1699 	f_rx = usb_fifo_alloc();
1700 
1701 	if ((f_tx == NULL) || (f_rx == NULL)) {
1702 		usb_fifo_free(f_tx);
1703 		usb_fifo_free(f_rx);
1704 		return (ENOMEM);
1705 	}
1706 	/* initialise FIFO structures */
1707 
1708 	f_tx->fifo_index = n + USB_FIFO_TX;
1709 	f_tx->dev_ep_index = -1;
1710 	f_tx->priv_mtx = priv_mtx;
1711 	f_tx->priv_sc0 = priv_sc;
1712 	f_tx->methods = pm;
1713 	f_tx->iface_index = iface_index;
1714 	f_tx->udev = udev;
1715 
1716 	f_rx->fifo_index = n + USB_FIFO_RX;
1717 	f_rx->dev_ep_index = -1;
1718 	f_rx->priv_mtx = priv_mtx;
1719 	f_rx->priv_sc0 = priv_sc;
1720 	f_rx->methods = pm;
1721 	f_rx->iface_index = iface_index;
1722 	f_rx->udev = udev;
1723 
1724 	f_sc->fp[USB_FIFO_TX] = f_tx;
1725 	f_sc->fp[USB_FIFO_RX] = f_rx;
1726 
1727 	mtx_lock(&usb_ref_lock);
1728 	udev->fifo[f_tx->fifo_index] = f_tx;
1729 	udev->fifo[f_rx->fifo_index] = f_rx;
1730 	mtx_unlock(&usb_ref_lock);
1731 
1732 	for (n = 0; n != 4; n++) {
1733 
1734 		if (pm->basename[n] == NULL) {
1735 			continue;
1736 		}
1737 		if (subunit < 0) {
1738 			if (snprintf(devname, sizeof(devname),
1739 			    "%s%u%s", pm->basename[n],
1740 			    unit, pm->postfix[n] ?
1741 			    pm->postfix[n] : "")) {
1742 				/* ignore */
1743 			}
1744 		} else {
1745 			if (snprintf(devname, sizeof(devname),
1746 			    "%s%u.%d%s", pm->basename[n],
1747 			    unit, subunit, pm->postfix[n] ?
1748 			    pm->postfix[n] : "")) {
1749 				/* ignore */
1750 			}
1751 		}
1752 
1753 		/*
1754 		 * Distribute the symbolic links into two FIFO structures:
1755 		 */
1756 		if (n & 1) {
1757 			f_rx->symlink[n / 2] =
1758 			    usb_alloc_symlink(devname);
1759 		} else {
1760 			f_tx->symlink[n / 2] =
1761 			    usb_alloc_symlink(devname);
1762 		}
1763 
1764 		/* Create the device */
1765 		f_sc->dev = usb_make_dev(udev, devname, -1,
1766 		    f_tx->fifo_index & f_rx->fifo_index,
1767 		    FREAD|FWRITE, uid, gid, mode);
1768 	}
1769 
1770 	DPRINTFN(2, "attached %p/%p\n", f_tx, f_rx);
1771 	return (0);
1772 }
1773 
1774 /*------------------------------------------------------------------------*
1775  *	usb_fifo_alloc_buffer
1776  *
1777  * Return values:
1778  * 0: Success
1779  * Else failure
1780  *------------------------------------------------------------------------*/
1781 int
1782 usb_fifo_alloc_buffer(struct usb_fifo *f, usb_size_t bufsize,
1783     uint16_t nbuf)
1784 {
1785 	usb_fifo_free_buffer(f);
1786 
1787 	/* allocate an endpoint */
1788 	f->free_q.ifq_maxlen = nbuf;
1789 	f->used_q.ifq_maxlen = nbuf;
1790 
1791 	f->queue_data = usb_alloc_mbufs(
1792 	    M_USBDEV, &f->free_q, bufsize, nbuf);
1793 
1794 	if ((f->queue_data == NULL) && bufsize && nbuf) {
1795 		return (ENOMEM);
1796 	}
1797 	return (0);			/* success */
1798 }
1799 
1800 /*------------------------------------------------------------------------*
1801  *	usb_fifo_free_buffer
1802  *
1803  * This function will free the buffers associated with a FIFO. This
1804  * function can be called multiple times in a row.
1805  *------------------------------------------------------------------------*/
1806 void
1807 usb_fifo_free_buffer(struct usb_fifo *f)
1808 {
1809 	if (f->queue_data) {
1810 		/* free old buffer */
1811 		free(f->queue_data, M_USBDEV);
1812 		f->queue_data = NULL;
1813 	}
1814 	/* reset queues */
1815 
1816 	memset(&f->free_q, 0, sizeof(f->free_q));
1817 	memset(&f->used_q, 0, sizeof(f->used_q));
1818 }
1819 
1820 void
1821 usb_fifo_detach(struct usb_fifo_sc *f_sc)
1822 {
1823 	if (f_sc == NULL) {
1824 		return;
1825 	}
1826 	usb_fifo_free(f_sc->fp[USB_FIFO_TX]);
1827 	usb_fifo_free(f_sc->fp[USB_FIFO_RX]);
1828 
1829 	f_sc->fp[USB_FIFO_TX] = NULL;
1830 	f_sc->fp[USB_FIFO_RX] = NULL;
1831 
1832 	usb_destroy_dev(f_sc->dev);
1833 
1834 	f_sc->dev = NULL;
1835 
1836 	DPRINTFN(2, "detached %p\n", f_sc);
1837 }
1838 
1839 usb_size_t
1840 usb_fifo_put_bytes_max(struct usb_fifo *f)
1841 {
1842 	struct usb_mbuf *m;
1843 	usb_size_t len;
1844 
1845 	USB_IF_POLL(&f->free_q, m);
1846 
1847 	if (m) {
1848 		len = m->max_data_len;
1849 	} else {
1850 		len = 0;
1851 	}
1852 	return (len);
1853 }
1854 
1855 /*------------------------------------------------------------------------*
1856  *	usb_fifo_put_data
1857  *
1858  * what:
1859  *  0 - normal operation
1860  *  1 - set last packet flag to enforce framing
1861  *------------------------------------------------------------------------*/
1862 void
1863 usb_fifo_put_data(struct usb_fifo *f, struct usb_page_cache *pc,
1864     usb_frlength_t offset, usb_frlength_t len, uint8_t what)
1865 {
1866 	struct usb_mbuf *m;
1867 	usb_frlength_t io_len;
1868 
1869 	while (len || (what == 1)) {
1870 
1871 		USB_IF_DEQUEUE(&f->free_q, m);
1872 
1873 		if (m) {
1874 			USB_MBUF_RESET(m);
1875 
1876 			io_len = MIN(len, m->cur_data_len);
1877 
1878 			usbd_copy_out(pc, offset, m->cur_data_ptr, io_len);
1879 
1880 			m->cur_data_len = io_len;
1881 			offset += io_len;
1882 			len -= io_len;
1883 
1884 			if ((len == 0) && (what == 1)) {
1885 				m->last_packet = 1;
1886 			}
1887 			USB_IF_ENQUEUE(&f->used_q, m);
1888 
1889 			usb_fifo_wakeup(f);
1890 
1891 			if ((len == 0) || (what == 1)) {
1892 				break;
1893 			}
1894 		} else {
1895 			break;
1896 		}
1897 	}
1898 }
1899 
1900 void
1901 usb_fifo_put_data_linear(struct usb_fifo *f, void *ptr,
1902     usb_size_t len, uint8_t what)
1903 {
1904 	struct usb_mbuf *m;
1905 	usb_size_t io_len;
1906 
1907 	while (len || (what == 1)) {
1908 
1909 		USB_IF_DEQUEUE(&f->free_q, m);
1910 
1911 		if (m) {
1912 			USB_MBUF_RESET(m);
1913 
1914 			io_len = MIN(len, m->cur_data_len);
1915 
1916 			memcpy(m->cur_data_ptr, ptr, io_len);
1917 
1918 			m->cur_data_len = io_len;
1919 			ptr = USB_ADD_BYTES(ptr, io_len);
1920 			len -= io_len;
1921 
1922 			if ((len == 0) && (what == 1)) {
1923 				m->last_packet = 1;
1924 			}
1925 			USB_IF_ENQUEUE(&f->used_q, m);
1926 
1927 			usb_fifo_wakeup(f);
1928 
1929 			if ((len == 0) || (what == 1)) {
1930 				break;
1931 			}
1932 		} else {
1933 			break;
1934 		}
1935 	}
1936 }
1937 
1938 uint8_t
1939 usb_fifo_put_data_buffer(struct usb_fifo *f, void *ptr, usb_size_t len)
1940 {
1941 	struct usb_mbuf *m;
1942 
1943 	USB_IF_DEQUEUE(&f->free_q, m);
1944 
1945 	if (m) {
1946 		m->cur_data_len = len;
1947 		m->cur_data_ptr = ptr;
1948 		USB_IF_ENQUEUE(&f->used_q, m);
1949 		usb_fifo_wakeup(f);
1950 		return (1);
1951 	}
1952 	return (0);
1953 }
1954 
1955 void
1956 usb_fifo_put_data_error(struct usb_fifo *f)
1957 {
1958 	f->flag_iserror = 1;
1959 	usb_fifo_wakeup(f);
1960 }
1961 
1962 /*------------------------------------------------------------------------*
1963  *	usb_fifo_get_data
1964  *
1965  * what:
1966  *  0 - normal operation
1967  *  1 - only get one "usb_mbuf"
1968  *
1969  * returns:
1970  *  0 - no more data
1971  *  1 - data in buffer
1972  *------------------------------------------------------------------------*/
1973 uint8_t
1974 usb_fifo_get_data(struct usb_fifo *f, struct usb_page_cache *pc,
1975     usb_frlength_t offset, usb_frlength_t len, usb_frlength_t *actlen,
1976     uint8_t what)
1977 {
1978 	struct usb_mbuf *m;
1979 	usb_frlength_t io_len;
1980 	uint8_t tr_data = 0;
1981 
1982 	actlen[0] = 0;
1983 
1984 	while (1) {
1985 
1986 		USB_IF_DEQUEUE(&f->used_q, m);
1987 
1988 		if (m) {
1989 
1990 			tr_data = 1;
1991 
1992 			io_len = MIN(len, m->cur_data_len);
1993 
1994 			usbd_copy_in(pc, offset, m->cur_data_ptr, io_len);
1995 
1996 			len -= io_len;
1997 			offset += io_len;
1998 			actlen[0] += io_len;
1999 			m->cur_data_ptr += io_len;
2000 			m->cur_data_len -= io_len;
2001 
2002 			if ((m->cur_data_len == 0) || (what == 1)) {
2003 				USB_IF_ENQUEUE(&f->free_q, m);
2004 
2005 				usb_fifo_wakeup(f);
2006 
2007 				if (what == 1) {
2008 					break;
2009 				}
2010 			} else {
2011 				USB_IF_PREPEND(&f->used_q, m);
2012 			}
2013 		} else {
2014 
2015 			if (tr_data) {
2016 				/* wait for data to be written out */
2017 				break;
2018 			}
2019 			if (f->flag_flushing) {
2020 				/* check if we should send a short packet */
2021 				if (f->flag_short != 0) {
2022 					f->flag_short = 0;
2023 					tr_data = 1;
2024 					break;
2025 				}
2026 				/* flushing complete */
2027 				f->flag_flushing = 0;
2028 				usb_fifo_wakeup(f);
2029 			}
2030 			break;
2031 		}
2032 		if (len == 0) {
2033 			break;
2034 		}
2035 	}
2036 	return (tr_data);
2037 }
2038 
2039 uint8_t
2040 usb_fifo_get_data_linear(struct usb_fifo *f, void *ptr,
2041     usb_size_t len, usb_size_t *actlen, uint8_t what)
2042 {
2043 	struct usb_mbuf *m;
2044 	usb_size_t io_len;
2045 	uint8_t tr_data = 0;
2046 
2047 	actlen[0] = 0;
2048 
2049 	while (1) {
2050 
2051 		USB_IF_DEQUEUE(&f->used_q, m);
2052 
2053 		if (m) {
2054 
2055 			tr_data = 1;
2056 
2057 			io_len = MIN(len, m->cur_data_len);
2058 
2059 			memcpy(ptr, m->cur_data_ptr, io_len);
2060 
2061 			len -= io_len;
2062 			ptr = USB_ADD_BYTES(ptr, io_len);
2063 			actlen[0] += io_len;
2064 			m->cur_data_ptr += io_len;
2065 			m->cur_data_len -= io_len;
2066 
2067 			if ((m->cur_data_len == 0) || (what == 1)) {
2068 				USB_IF_ENQUEUE(&f->free_q, m);
2069 
2070 				usb_fifo_wakeup(f);
2071 
2072 				if (what == 1) {
2073 					break;
2074 				}
2075 			} else {
2076 				USB_IF_PREPEND(&f->used_q, m);
2077 			}
2078 		} else {
2079 
2080 			if (tr_data) {
2081 				/* wait for data to be written out */
2082 				break;
2083 			}
2084 			if (f->flag_flushing) {
2085 				/* check if we should send a short packet */
2086 				if (f->flag_short != 0) {
2087 					f->flag_short = 0;
2088 					tr_data = 1;
2089 					break;
2090 				}
2091 				/* flushing complete */
2092 				f->flag_flushing = 0;
2093 				usb_fifo_wakeup(f);
2094 			}
2095 			break;
2096 		}
2097 		if (len == 0) {
2098 			break;
2099 		}
2100 	}
2101 	return (tr_data);
2102 }
2103 
2104 uint8_t
2105 usb_fifo_get_data_buffer(struct usb_fifo *f, void **pptr, usb_size_t *plen)
2106 {
2107 	struct usb_mbuf *m;
2108 
2109 	USB_IF_POLL(&f->used_q, m);
2110 
2111 	if (m) {
2112 		*plen = m->cur_data_len;
2113 		*pptr = m->cur_data_ptr;
2114 
2115 		return (1);
2116 	}
2117 	return (0);
2118 }
2119 
2120 void
2121 usb_fifo_get_data_error(struct usb_fifo *f)
2122 {
2123 	f->flag_iserror = 1;
2124 	usb_fifo_wakeup(f);
2125 }
2126 
2127 /*------------------------------------------------------------------------*
2128  *	usb_alloc_symlink
2129  *
2130  * Return values:
2131  * NULL: Failure
2132  * Else: Pointer to symlink entry
2133  *------------------------------------------------------------------------*/
2134 struct usb_symlink *
2135 usb_alloc_symlink(const char *target)
2136 {
2137 	struct usb_symlink *ps;
2138 
2139 	ps = malloc(sizeof(*ps), M_USBDEV, M_WAITOK);
2140 	if (ps == NULL) {
2141 		return (ps);
2142 	}
2143 	/* XXX no longer needed */
2144 	strlcpy(ps->src_path, target, sizeof(ps->src_path));
2145 	ps->src_len = strlen(ps->src_path);
2146 	strlcpy(ps->dst_path, target, sizeof(ps->dst_path));
2147 	ps->dst_len = strlen(ps->dst_path);
2148 
2149 	sx_xlock(&usb_sym_lock);
2150 	TAILQ_INSERT_TAIL(&usb_sym_head, ps, sym_entry);
2151 	sx_unlock(&usb_sym_lock);
2152 	return (ps);
2153 }
2154 
2155 /*------------------------------------------------------------------------*
2156  *	usb_free_symlink
2157  *------------------------------------------------------------------------*/
2158 void
2159 usb_free_symlink(struct usb_symlink *ps)
2160 {
2161 	if (ps == NULL) {
2162 		return;
2163 	}
2164 	sx_xlock(&usb_sym_lock);
2165 	TAILQ_REMOVE(&usb_sym_head, ps, sym_entry);
2166 	sx_unlock(&usb_sym_lock);
2167 
2168 	free(ps, M_USBDEV);
2169 }
2170 
2171 /*------------------------------------------------------------------------*
2172  *	usb_read_symlink
2173  *
2174  * Return value:
2175  * 0: Success
2176  * Else: Failure
2177  *------------------------------------------------------------------------*/
2178 int
2179 usb_read_symlink(uint8_t *user_ptr, uint32_t startentry, uint32_t user_len)
2180 {
2181 	struct usb_symlink *ps;
2182 	uint32_t temp;
2183 	uint32_t delta = 0;
2184 	uint8_t len;
2185 	int error = 0;
2186 
2187 	sx_xlock(&usb_sym_lock);
2188 
2189 	TAILQ_FOREACH(ps, &usb_sym_head, sym_entry) {
2190 
2191 		/*
2192 		 * Compute total length of source and destination symlink
2193 		 * strings pluss one length byte and two NUL bytes:
2194 		 */
2195 		temp = ps->src_len + ps->dst_len + 3;
2196 
2197 		if (temp > 255) {
2198 			/*
2199 			 * Skip entry because this length cannot fit
2200 			 * into one byte:
2201 			 */
2202 			continue;
2203 		}
2204 		if (startentry != 0) {
2205 			/* decrement read offset */
2206 			startentry--;
2207 			continue;
2208 		}
2209 		if (temp > user_len) {
2210 			/* out of buffer space */
2211 			break;
2212 		}
2213 		len = temp;
2214 
2215 		/* copy out total length */
2216 
2217 		error = copyout(&len,
2218 		    USB_ADD_BYTES(user_ptr, delta), 1);
2219 		if (error) {
2220 			break;
2221 		}
2222 		delta += 1;
2223 
2224 		/* copy out source string */
2225 
2226 		error = copyout(ps->src_path,
2227 		    USB_ADD_BYTES(user_ptr, delta), ps->src_len);
2228 		if (error) {
2229 			break;
2230 		}
2231 		len = 0;
2232 		delta += ps->src_len;
2233 		error = copyout(&len,
2234 		    USB_ADD_BYTES(user_ptr, delta), 1);
2235 		if (error) {
2236 			break;
2237 		}
2238 		delta += 1;
2239 
2240 		/* copy out destination string */
2241 
2242 		error = copyout(ps->dst_path,
2243 		    USB_ADD_BYTES(user_ptr, delta), ps->dst_len);
2244 		if (error) {
2245 			break;
2246 		}
2247 		len = 0;
2248 		delta += ps->dst_len;
2249 		error = copyout(&len,
2250 		    USB_ADD_BYTES(user_ptr, delta), 1);
2251 		if (error) {
2252 			break;
2253 		}
2254 		delta += 1;
2255 
2256 		user_len -= temp;
2257 	}
2258 
2259 	/* a zero length entry indicates the end */
2260 
2261 	if ((user_len != 0) && (error == 0)) {
2262 
2263 		len = 0;
2264 
2265 		error = copyout(&len,
2266 		    USB_ADD_BYTES(user_ptr, delta), 1);
2267 	}
2268 	sx_unlock(&usb_sym_lock);
2269 	return (error);
2270 }
2271 
2272 void
2273 usb_fifo_set_close_zlp(struct usb_fifo *f, uint8_t onoff)
2274 {
2275 	if (f == NULL)
2276 		return;
2277 
2278 	/* send a Zero Length Packet, ZLP, before close */
2279 	f->flag_short = onoff;
2280 }
2281 
2282 void
2283 usb_fifo_set_write_defrag(struct usb_fifo *f, uint8_t onoff)
2284 {
2285 	if (f == NULL)
2286 		return;
2287 
2288 	/* defrag written data */
2289 	f->flag_write_defrag = onoff;
2290 	/* reset defrag state */
2291 	f->flag_have_fragment = 0;
2292 }
2293 
2294 void *
2295 usb_fifo_softc(struct usb_fifo *f)
2296 {
2297 	return (f->priv_sc0);
2298 }
2299 #endif	/* USB_HAVE_UGEN */
2300