1 /* 2 * Event char devices, giving access to raw input device events. 3 * 4 * Copyright (c) 1999-2002 Vojtech Pavlik 5 * 6 * This program is free software; you can redistribute it and/or modify it 7 * under the terms of the GNU General Public License version 2 as published by 8 * the Free Software Foundation. 9 */ 10 11 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt 12 13 #define EVDEV_MINOR_BASE 64 14 #define EVDEV_MINORS 32 15 #define EVDEV_MIN_BUFFER_SIZE 64U 16 #define EVDEV_BUF_PACKETS 8 17 18 #include <linux/poll.h> 19 #include <linux/sched.h> 20 #include <linux/slab.h> 21 #include <linux/module.h> 22 #include <linux/init.h> 23 #include <linux/input/mt.h> 24 #include <linux/major.h> 25 #include <linux/device.h> 26 #include "input-compat.h" 27 28 struct evdev { 29 int open; 30 int minor; 31 struct input_handle handle; 32 wait_queue_head_t wait; 33 struct evdev_client __rcu *grab; 34 struct list_head client_list; 35 spinlock_t client_lock; /* protects client_list */ 36 struct mutex mutex; 37 struct device dev; 38 bool exist; 39 }; 40 41 struct evdev_client { 42 unsigned int head; 43 unsigned int tail; 44 unsigned int packet_head; /* [future] position of the first element of next packet */ 45 spinlock_t buffer_lock; /* protects access to buffer, head and tail */ 46 struct fasync_struct *fasync; 47 struct evdev *evdev; 48 struct list_head node; 49 int clkid; 50 unsigned int bufsize; 51 struct input_event buffer[]; 52 }; 53 54 static struct evdev *evdev_table[EVDEV_MINORS]; 55 static DEFINE_MUTEX(evdev_table_mutex); 56 57 static void evdev_pass_event(struct evdev_client *client, 58 struct input_event *event, 59 ktime_t mono, ktime_t real) 60 { 61 event->time = ktime_to_timeval(client->clkid == CLOCK_MONOTONIC ? 62 mono : real); 63 64 /* Interrupts are disabled, just acquire the lock. */ 65 spin_lock(&client->buffer_lock); 66 67 client->buffer[client->head++] = *event; 68 client->head &= client->bufsize - 1; 69 70 if (unlikely(client->head == client->tail)) { 71 /* 72 * This effectively "drops" all unconsumed events, leaving 73 * EV_SYN/SYN_DROPPED plus the newest event in the queue. 74 */ 75 client->tail = (client->head - 2) & (client->bufsize - 1); 76 77 client->buffer[client->tail].time = event->time; 78 client->buffer[client->tail].type = EV_SYN; 79 client->buffer[client->tail].code = SYN_DROPPED; 80 client->buffer[client->tail].value = 0; 81 82 client->packet_head = client->tail; 83 } 84 85 if (event->type == EV_SYN && event->code == SYN_REPORT) { 86 client->packet_head = client->head; 87 kill_fasync(&client->fasync, SIGIO, POLL_IN); 88 } 89 90 spin_unlock(&client->buffer_lock); 91 } 92 93 /* 94 * Pass incoming event to all connected clients. 95 */ 96 static void evdev_event(struct input_handle *handle, 97 unsigned int type, unsigned int code, int value) 98 { 99 struct evdev *evdev = handle->private; 100 struct evdev_client *client; 101 struct input_event event; 102 ktime_t time_mono, time_real; 103 104 time_mono = ktime_get(); 105 time_real = ktime_sub(time_mono, ktime_get_monotonic_offset()); 106 107 event.type = type; 108 event.code = code; 109 event.value = value; 110 111 rcu_read_lock(); 112 113 client = rcu_dereference(evdev->grab); 114 115 if (client) 116 evdev_pass_event(client, &event, time_mono, time_real); 117 else 118 list_for_each_entry_rcu(client, &evdev->client_list, node) 119 evdev_pass_event(client, &event, time_mono, time_real); 120 121 rcu_read_unlock(); 122 123 if (type == EV_SYN && code == SYN_REPORT) 124 wake_up_interruptible(&evdev->wait); 125 } 126 127 static int evdev_fasync(int fd, struct file *file, int on) 128 { 129 struct evdev_client *client = file->private_data; 130 131 return fasync_helper(fd, file, on, &client->fasync); 132 } 133 134 static int evdev_flush(struct file *file, fl_owner_t id) 135 { 136 struct evdev_client *client = file->private_data; 137 struct evdev *evdev = client->evdev; 138 int retval; 139 140 retval = mutex_lock_interruptible(&evdev->mutex); 141 if (retval) 142 return retval; 143 144 if (!evdev->exist) 145 retval = -ENODEV; 146 else 147 retval = input_flush_device(&evdev->handle, file); 148 149 mutex_unlock(&evdev->mutex); 150 return retval; 151 } 152 153 static void evdev_free(struct device *dev) 154 { 155 struct evdev *evdev = container_of(dev, struct evdev, dev); 156 157 input_put_device(evdev->handle.dev); 158 kfree(evdev); 159 } 160 161 /* 162 * Grabs an event device (along with underlying input device). 163 * This function is called with evdev->mutex taken. 164 */ 165 static int evdev_grab(struct evdev *evdev, struct evdev_client *client) 166 { 167 int error; 168 169 if (evdev->grab) 170 return -EBUSY; 171 172 error = input_grab_device(&evdev->handle); 173 if (error) 174 return error; 175 176 rcu_assign_pointer(evdev->grab, client); 177 178 return 0; 179 } 180 181 static int evdev_ungrab(struct evdev *evdev, struct evdev_client *client) 182 { 183 if (evdev->grab != client) 184 return -EINVAL; 185 186 rcu_assign_pointer(evdev->grab, NULL); 187 synchronize_rcu(); 188 input_release_device(&evdev->handle); 189 190 return 0; 191 } 192 193 static void evdev_attach_client(struct evdev *evdev, 194 struct evdev_client *client) 195 { 196 spin_lock(&evdev->client_lock); 197 list_add_tail_rcu(&client->node, &evdev->client_list); 198 spin_unlock(&evdev->client_lock); 199 } 200 201 static void evdev_detach_client(struct evdev *evdev, 202 struct evdev_client *client) 203 { 204 spin_lock(&evdev->client_lock); 205 list_del_rcu(&client->node); 206 spin_unlock(&evdev->client_lock); 207 synchronize_rcu(); 208 } 209 210 static int evdev_open_device(struct evdev *evdev) 211 { 212 int retval; 213 214 retval = mutex_lock_interruptible(&evdev->mutex); 215 if (retval) 216 return retval; 217 218 if (!evdev->exist) 219 retval = -ENODEV; 220 else if (!evdev->open++) { 221 retval = input_open_device(&evdev->handle); 222 if (retval) 223 evdev->open--; 224 } 225 226 mutex_unlock(&evdev->mutex); 227 return retval; 228 } 229 230 static void evdev_close_device(struct evdev *evdev) 231 { 232 mutex_lock(&evdev->mutex); 233 234 if (evdev->exist && !--evdev->open) 235 input_close_device(&evdev->handle); 236 237 mutex_unlock(&evdev->mutex); 238 } 239 240 /* 241 * Wake up users waiting for IO so they can disconnect from 242 * dead device. 243 */ 244 static void evdev_hangup(struct evdev *evdev) 245 { 246 struct evdev_client *client; 247 248 spin_lock(&evdev->client_lock); 249 list_for_each_entry(client, &evdev->client_list, node) 250 kill_fasync(&client->fasync, SIGIO, POLL_HUP); 251 spin_unlock(&evdev->client_lock); 252 253 wake_up_interruptible(&evdev->wait); 254 } 255 256 static int evdev_release(struct inode *inode, struct file *file) 257 { 258 struct evdev_client *client = file->private_data; 259 struct evdev *evdev = client->evdev; 260 261 mutex_lock(&evdev->mutex); 262 if (evdev->grab == client) 263 evdev_ungrab(evdev, client); 264 mutex_unlock(&evdev->mutex); 265 266 evdev_detach_client(evdev, client); 267 kfree(client); 268 269 evdev_close_device(evdev); 270 put_device(&evdev->dev); 271 272 return 0; 273 } 274 275 static unsigned int evdev_compute_buffer_size(struct input_dev *dev) 276 { 277 unsigned int n_events = 278 max(dev->hint_events_per_packet * EVDEV_BUF_PACKETS, 279 EVDEV_MIN_BUFFER_SIZE); 280 281 return roundup_pow_of_two(n_events); 282 } 283 284 static int evdev_open(struct inode *inode, struct file *file) 285 { 286 struct evdev *evdev; 287 struct evdev_client *client; 288 int i = iminor(inode) - EVDEV_MINOR_BASE; 289 unsigned int bufsize; 290 int error; 291 292 if (i >= EVDEV_MINORS) 293 return -ENODEV; 294 295 error = mutex_lock_interruptible(&evdev_table_mutex); 296 if (error) 297 return error; 298 evdev = evdev_table[i]; 299 if (evdev) 300 get_device(&evdev->dev); 301 mutex_unlock(&evdev_table_mutex); 302 303 if (!evdev) 304 return -ENODEV; 305 306 bufsize = evdev_compute_buffer_size(evdev->handle.dev); 307 308 client = kzalloc(sizeof(struct evdev_client) + 309 bufsize * sizeof(struct input_event), 310 GFP_KERNEL); 311 if (!client) { 312 error = -ENOMEM; 313 goto err_put_evdev; 314 } 315 316 client->bufsize = bufsize; 317 spin_lock_init(&client->buffer_lock); 318 client->evdev = evdev; 319 evdev_attach_client(evdev, client); 320 321 error = evdev_open_device(evdev); 322 if (error) 323 goto err_free_client; 324 325 file->private_data = client; 326 nonseekable_open(inode, file); 327 328 return 0; 329 330 err_free_client: 331 evdev_detach_client(evdev, client); 332 kfree(client); 333 err_put_evdev: 334 put_device(&evdev->dev); 335 return error; 336 } 337 338 static ssize_t evdev_write(struct file *file, const char __user *buffer, 339 size_t count, loff_t *ppos) 340 { 341 struct evdev_client *client = file->private_data; 342 struct evdev *evdev = client->evdev; 343 struct input_event event; 344 int retval = 0; 345 346 if (count < input_event_size()) 347 return -EINVAL; 348 349 retval = mutex_lock_interruptible(&evdev->mutex); 350 if (retval) 351 return retval; 352 353 if (!evdev->exist) { 354 retval = -ENODEV; 355 goto out; 356 } 357 358 do { 359 if (input_event_from_user(buffer + retval, &event)) { 360 retval = -EFAULT; 361 goto out; 362 } 363 retval += input_event_size(); 364 365 input_inject_event(&evdev->handle, 366 event.type, event.code, event.value); 367 } while (retval + input_event_size() <= count); 368 369 out: 370 mutex_unlock(&evdev->mutex); 371 return retval; 372 } 373 374 static int evdev_fetch_next_event(struct evdev_client *client, 375 struct input_event *event) 376 { 377 int have_event; 378 379 spin_lock_irq(&client->buffer_lock); 380 381 have_event = client->packet_head != client->tail; 382 if (have_event) { 383 *event = client->buffer[client->tail++]; 384 client->tail &= client->bufsize - 1; 385 } 386 387 spin_unlock_irq(&client->buffer_lock); 388 389 return have_event; 390 } 391 392 static ssize_t evdev_read(struct file *file, char __user *buffer, 393 size_t count, loff_t *ppos) 394 { 395 struct evdev_client *client = file->private_data; 396 struct evdev *evdev = client->evdev; 397 struct input_event event; 398 int retval = 0; 399 400 if (count < input_event_size()) 401 return -EINVAL; 402 403 if (!(file->f_flags & O_NONBLOCK)) { 404 retval = wait_event_interruptible(evdev->wait, 405 client->packet_head != client->tail || 406 !evdev->exist); 407 if (retval) 408 return retval; 409 } 410 411 if (!evdev->exist) 412 return -ENODEV; 413 414 while (retval + input_event_size() <= count && 415 evdev_fetch_next_event(client, &event)) { 416 417 if (input_event_to_user(buffer + retval, &event)) 418 return -EFAULT; 419 420 retval += input_event_size(); 421 } 422 423 if (retval == 0 && (file->f_flags & O_NONBLOCK)) 424 return -EAGAIN; 425 426 return retval; 427 } 428 429 /* No kernel lock - fine */ 430 static unsigned int evdev_poll(struct file *file, poll_table *wait) 431 { 432 struct evdev_client *client = file->private_data; 433 struct evdev *evdev = client->evdev; 434 unsigned int mask; 435 436 poll_wait(file, &evdev->wait, wait); 437 438 mask = evdev->exist ? POLLOUT | POLLWRNORM : POLLHUP | POLLERR; 439 if (client->packet_head != client->tail) 440 mask |= POLLIN | POLLRDNORM; 441 442 return mask; 443 } 444 445 #ifdef CONFIG_COMPAT 446 447 #define BITS_PER_LONG_COMPAT (sizeof(compat_long_t) * 8) 448 #define BITS_TO_LONGS_COMPAT(x) ((((x) - 1) / BITS_PER_LONG_COMPAT) + 1) 449 450 #ifdef __BIG_ENDIAN 451 static int bits_to_user(unsigned long *bits, unsigned int maxbit, 452 unsigned int maxlen, void __user *p, int compat) 453 { 454 int len, i; 455 456 if (compat) { 457 len = BITS_TO_LONGS_COMPAT(maxbit) * sizeof(compat_long_t); 458 if (len > maxlen) 459 len = maxlen; 460 461 for (i = 0; i < len / sizeof(compat_long_t); i++) 462 if (copy_to_user((compat_long_t __user *) p + i, 463 (compat_long_t *) bits + 464 i + 1 - ((i % 2) << 1), 465 sizeof(compat_long_t))) 466 return -EFAULT; 467 } else { 468 len = BITS_TO_LONGS(maxbit) * sizeof(long); 469 if (len > maxlen) 470 len = maxlen; 471 472 if (copy_to_user(p, bits, len)) 473 return -EFAULT; 474 } 475 476 return len; 477 } 478 #else 479 static int bits_to_user(unsigned long *bits, unsigned int maxbit, 480 unsigned int maxlen, void __user *p, int compat) 481 { 482 int len = compat ? 483 BITS_TO_LONGS_COMPAT(maxbit) * sizeof(compat_long_t) : 484 BITS_TO_LONGS(maxbit) * sizeof(long); 485 486 if (len > maxlen) 487 len = maxlen; 488 489 return copy_to_user(p, bits, len) ? -EFAULT : len; 490 } 491 #endif /* __BIG_ENDIAN */ 492 493 #else 494 495 static int bits_to_user(unsigned long *bits, unsigned int maxbit, 496 unsigned int maxlen, void __user *p, int compat) 497 { 498 int len = BITS_TO_LONGS(maxbit) * sizeof(long); 499 500 if (len > maxlen) 501 len = maxlen; 502 503 return copy_to_user(p, bits, len) ? -EFAULT : len; 504 } 505 506 #endif /* CONFIG_COMPAT */ 507 508 static int str_to_user(const char *str, unsigned int maxlen, void __user *p) 509 { 510 int len; 511 512 if (!str) 513 return -ENOENT; 514 515 len = strlen(str) + 1; 516 if (len > maxlen) 517 len = maxlen; 518 519 return copy_to_user(p, str, len) ? -EFAULT : len; 520 } 521 522 #define OLD_KEY_MAX 0x1ff 523 static int handle_eviocgbit(struct input_dev *dev, 524 unsigned int type, unsigned int size, 525 void __user *p, int compat_mode) 526 { 527 static unsigned long keymax_warn_time; 528 unsigned long *bits; 529 int len; 530 531 switch (type) { 532 533 case 0: bits = dev->evbit; len = EV_MAX; break; 534 case EV_KEY: bits = dev->keybit; len = KEY_MAX; break; 535 case EV_REL: bits = dev->relbit; len = REL_MAX; break; 536 case EV_ABS: bits = dev->absbit; len = ABS_MAX; break; 537 case EV_MSC: bits = dev->mscbit; len = MSC_MAX; break; 538 case EV_LED: bits = dev->ledbit; len = LED_MAX; break; 539 case EV_SND: bits = dev->sndbit; len = SND_MAX; break; 540 case EV_FF: bits = dev->ffbit; len = FF_MAX; break; 541 case EV_SW: bits = dev->swbit; len = SW_MAX; break; 542 default: return -EINVAL; 543 } 544 545 /* 546 * Work around bugs in userspace programs that like to do 547 * EVIOCGBIT(EV_KEY, KEY_MAX) and not realize that 'len' 548 * should be in bytes, not in bits. 549 */ 550 if (type == EV_KEY && size == OLD_KEY_MAX) { 551 len = OLD_KEY_MAX; 552 if (printk_timed_ratelimit(&keymax_warn_time, 10 * 1000)) 553 pr_warning("(EVIOCGBIT): Suspicious buffer size %u, " 554 "limiting output to %zu bytes. See " 555 "http://userweb.kernel.org/~dtor/eviocgbit-bug.html\n", 556 OLD_KEY_MAX, 557 BITS_TO_LONGS(OLD_KEY_MAX) * sizeof(long)); 558 } 559 560 return bits_to_user(bits, len, size, p, compat_mode); 561 } 562 #undef OLD_KEY_MAX 563 564 static int evdev_handle_get_keycode(struct input_dev *dev, void __user *p) 565 { 566 struct input_keymap_entry ke = { 567 .len = sizeof(unsigned int), 568 .flags = 0, 569 }; 570 int __user *ip = (int __user *)p; 571 int error; 572 573 /* legacy case */ 574 if (copy_from_user(ke.scancode, p, sizeof(unsigned int))) 575 return -EFAULT; 576 577 error = input_get_keycode(dev, &ke); 578 if (error) 579 return error; 580 581 if (put_user(ke.keycode, ip + 1)) 582 return -EFAULT; 583 584 return 0; 585 } 586 587 static int evdev_handle_get_keycode_v2(struct input_dev *dev, void __user *p) 588 { 589 struct input_keymap_entry ke; 590 int error; 591 592 if (copy_from_user(&ke, p, sizeof(ke))) 593 return -EFAULT; 594 595 error = input_get_keycode(dev, &ke); 596 if (error) 597 return error; 598 599 if (copy_to_user(p, &ke, sizeof(ke))) 600 return -EFAULT; 601 602 return 0; 603 } 604 605 static int evdev_handle_set_keycode(struct input_dev *dev, void __user *p) 606 { 607 struct input_keymap_entry ke = { 608 .len = sizeof(unsigned int), 609 .flags = 0, 610 }; 611 int __user *ip = (int __user *)p; 612 613 if (copy_from_user(ke.scancode, p, sizeof(unsigned int))) 614 return -EFAULT; 615 616 if (get_user(ke.keycode, ip + 1)) 617 return -EFAULT; 618 619 return input_set_keycode(dev, &ke); 620 } 621 622 static int evdev_handle_set_keycode_v2(struct input_dev *dev, void __user *p) 623 { 624 struct input_keymap_entry ke; 625 626 if (copy_from_user(&ke, p, sizeof(ke))) 627 return -EFAULT; 628 629 if (ke.len > sizeof(ke.scancode)) 630 return -EINVAL; 631 632 return input_set_keycode(dev, &ke); 633 } 634 635 static int evdev_handle_mt_request(struct input_dev *dev, 636 unsigned int size, 637 int __user *ip) 638 { 639 const struct input_mt_slot *mt = dev->mt; 640 unsigned int code; 641 int max_slots; 642 int i; 643 644 if (get_user(code, &ip[0])) 645 return -EFAULT; 646 if (!input_is_mt_value(code)) 647 return -EINVAL; 648 649 max_slots = (size - sizeof(__u32)) / sizeof(__s32); 650 for (i = 0; i < dev->mtsize && i < max_slots; i++) 651 if (put_user(input_mt_get_value(&mt[i], code), &ip[1 + i])) 652 return -EFAULT; 653 654 return 0; 655 } 656 657 static long evdev_do_ioctl(struct file *file, unsigned int cmd, 658 void __user *p, int compat_mode) 659 { 660 struct evdev_client *client = file->private_data; 661 struct evdev *evdev = client->evdev; 662 struct input_dev *dev = evdev->handle.dev; 663 struct input_absinfo abs; 664 struct ff_effect effect; 665 int __user *ip = (int __user *)p; 666 unsigned int i, t, u, v; 667 unsigned int size; 668 int error; 669 670 /* First we check for fixed-length commands */ 671 switch (cmd) { 672 673 case EVIOCGVERSION: 674 return put_user(EV_VERSION, ip); 675 676 case EVIOCGID: 677 if (copy_to_user(p, &dev->id, sizeof(struct input_id))) 678 return -EFAULT; 679 return 0; 680 681 case EVIOCGREP: 682 if (!test_bit(EV_REP, dev->evbit)) 683 return -ENOSYS; 684 if (put_user(dev->rep[REP_DELAY], ip)) 685 return -EFAULT; 686 if (put_user(dev->rep[REP_PERIOD], ip + 1)) 687 return -EFAULT; 688 return 0; 689 690 case EVIOCSREP: 691 if (!test_bit(EV_REP, dev->evbit)) 692 return -ENOSYS; 693 if (get_user(u, ip)) 694 return -EFAULT; 695 if (get_user(v, ip + 1)) 696 return -EFAULT; 697 698 input_inject_event(&evdev->handle, EV_REP, REP_DELAY, u); 699 input_inject_event(&evdev->handle, EV_REP, REP_PERIOD, v); 700 701 return 0; 702 703 case EVIOCRMFF: 704 return input_ff_erase(dev, (int)(unsigned long) p, file); 705 706 case EVIOCGEFFECTS: 707 i = test_bit(EV_FF, dev->evbit) ? 708 dev->ff->max_effects : 0; 709 if (put_user(i, ip)) 710 return -EFAULT; 711 return 0; 712 713 case EVIOCGRAB: 714 if (p) 715 return evdev_grab(evdev, client); 716 else 717 return evdev_ungrab(evdev, client); 718 719 case EVIOCSCLOCKID: 720 if (copy_from_user(&i, p, sizeof(unsigned int))) 721 return -EFAULT; 722 if (i != CLOCK_MONOTONIC && i != CLOCK_REALTIME) 723 return -EINVAL; 724 client->clkid = i; 725 return 0; 726 727 case EVIOCGKEYCODE: 728 return evdev_handle_get_keycode(dev, p); 729 730 case EVIOCSKEYCODE: 731 return evdev_handle_set_keycode(dev, p); 732 733 case EVIOCGKEYCODE_V2: 734 return evdev_handle_get_keycode_v2(dev, p); 735 736 case EVIOCSKEYCODE_V2: 737 return evdev_handle_set_keycode_v2(dev, p); 738 } 739 740 size = _IOC_SIZE(cmd); 741 742 /* Now check variable-length commands */ 743 #define EVIOC_MASK_SIZE(nr) ((nr) & ~(_IOC_SIZEMASK << _IOC_SIZESHIFT)) 744 switch (EVIOC_MASK_SIZE(cmd)) { 745 746 case EVIOCGPROP(0): 747 return bits_to_user(dev->propbit, INPUT_PROP_MAX, 748 size, p, compat_mode); 749 750 case EVIOCGMTSLOTS(0): 751 return evdev_handle_mt_request(dev, size, ip); 752 753 case EVIOCGKEY(0): 754 return bits_to_user(dev->key, KEY_MAX, size, p, compat_mode); 755 756 case EVIOCGLED(0): 757 return bits_to_user(dev->led, LED_MAX, size, p, compat_mode); 758 759 case EVIOCGSND(0): 760 return bits_to_user(dev->snd, SND_MAX, size, p, compat_mode); 761 762 case EVIOCGSW(0): 763 return bits_to_user(dev->sw, SW_MAX, size, p, compat_mode); 764 765 case EVIOCGNAME(0): 766 return str_to_user(dev->name, size, p); 767 768 case EVIOCGPHYS(0): 769 return str_to_user(dev->phys, size, p); 770 771 case EVIOCGUNIQ(0): 772 return str_to_user(dev->uniq, size, p); 773 774 case EVIOC_MASK_SIZE(EVIOCSFF): 775 if (input_ff_effect_from_user(p, size, &effect)) 776 return -EFAULT; 777 778 error = input_ff_upload(dev, &effect, file); 779 780 if (put_user(effect.id, &(((struct ff_effect __user *)p)->id))) 781 return -EFAULT; 782 783 return error; 784 } 785 786 /* Multi-number variable-length handlers */ 787 if (_IOC_TYPE(cmd) != 'E') 788 return -EINVAL; 789 790 if (_IOC_DIR(cmd) == _IOC_READ) { 791 792 if ((_IOC_NR(cmd) & ~EV_MAX) == _IOC_NR(EVIOCGBIT(0, 0))) 793 return handle_eviocgbit(dev, 794 _IOC_NR(cmd) & EV_MAX, size, 795 p, compat_mode); 796 797 if ((_IOC_NR(cmd) & ~ABS_MAX) == _IOC_NR(EVIOCGABS(0))) { 798 799 if (!dev->absinfo) 800 return -EINVAL; 801 802 t = _IOC_NR(cmd) & ABS_MAX; 803 abs = dev->absinfo[t]; 804 805 if (copy_to_user(p, &abs, min_t(size_t, 806 size, sizeof(struct input_absinfo)))) 807 return -EFAULT; 808 809 return 0; 810 } 811 } 812 813 if (_IOC_DIR(cmd) == _IOC_WRITE) { 814 815 if ((_IOC_NR(cmd) & ~ABS_MAX) == _IOC_NR(EVIOCSABS(0))) { 816 817 if (!dev->absinfo) 818 return -EINVAL; 819 820 t = _IOC_NR(cmd) & ABS_MAX; 821 822 if (copy_from_user(&abs, p, min_t(size_t, 823 size, sizeof(struct input_absinfo)))) 824 return -EFAULT; 825 826 if (size < sizeof(struct input_absinfo)) 827 abs.resolution = 0; 828 829 /* We can't change number of reserved MT slots */ 830 if (t == ABS_MT_SLOT) 831 return -EINVAL; 832 833 /* 834 * Take event lock to ensure that we are not 835 * changing device parameters in the middle 836 * of event. 837 */ 838 spin_lock_irq(&dev->event_lock); 839 dev->absinfo[t] = abs; 840 spin_unlock_irq(&dev->event_lock); 841 842 return 0; 843 } 844 } 845 846 return -EINVAL; 847 } 848 849 static long evdev_ioctl_handler(struct file *file, unsigned int cmd, 850 void __user *p, int compat_mode) 851 { 852 struct evdev_client *client = file->private_data; 853 struct evdev *evdev = client->evdev; 854 int retval; 855 856 retval = mutex_lock_interruptible(&evdev->mutex); 857 if (retval) 858 return retval; 859 860 if (!evdev->exist) { 861 retval = -ENODEV; 862 goto out; 863 } 864 865 retval = evdev_do_ioctl(file, cmd, p, compat_mode); 866 867 out: 868 mutex_unlock(&evdev->mutex); 869 return retval; 870 } 871 872 static long evdev_ioctl(struct file *file, unsigned int cmd, unsigned long arg) 873 { 874 return evdev_ioctl_handler(file, cmd, (void __user *)arg, 0); 875 } 876 877 #ifdef CONFIG_COMPAT 878 static long evdev_ioctl_compat(struct file *file, 879 unsigned int cmd, unsigned long arg) 880 { 881 return evdev_ioctl_handler(file, cmd, compat_ptr(arg), 1); 882 } 883 #endif 884 885 static const struct file_operations evdev_fops = { 886 .owner = THIS_MODULE, 887 .read = evdev_read, 888 .write = evdev_write, 889 .poll = evdev_poll, 890 .open = evdev_open, 891 .release = evdev_release, 892 .unlocked_ioctl = evdev_ioctl, 893 #ifdef CONFIG_COMPAT 894 .compat_ioctl = evdev_ioctl_compat, 895 #endif 896 .fasync = evdev_fasync, 897 .flush = evdev_flush, 898 .llseek = no_llseek, 899 }; 900 901 static int evdev_install_chrdev(struct evdev *evdev) 902 { 903 /* 904 * No need to do any locking here as calls to connect and 905 * disconnect are serialized by the input core 906 */ 907 evdev_table[evdev->minor] = evdev; 908 return 0; 909 } 910 911 static void evdev_remove_chrdev(struct evdev *evdev) 912 { 913 /* 914 * Lock evdev table to prevent race with evdev_open() 915 */ 916 mutex_lock(&evdev_table_mutex); 917 evdev_table[evdev->minor] = NULL; 918 mutex_unlock(&evdev_table_mutex); 919 } 920 921 /* 922 * Mark device non-existent. This disables writes, ioctls and 923 * prevents new users from opening the device. Already posted 924 * blocking reads will stay, however new ones will fail. 925 */ 926 static void evdev_mark_dead(struct evdev *evdev) 927 { 928 mutex_lock(&evdev->mutex); 929 evdev->exist = false; 930 mutex_unlock(&evdev->mutex); 931 } 932 933 static void evdev_cleanup(struct evdev *evdev) 934 { 935 struct input_handle *handle = &evdev->handle; 936 937 evdev_mark_dead(evdev); 938 evdev_hangup(evdev); 939 evdev_remove_chrdev(evdev); 940 941 /* evdev is marked dead so no one else accesses evdev->open */ 942 if (evdev->open) { 943 input_flush_device(handle, NULL); 944 input_close_device(handle); 945 } 946 } 947 948 /* 949 * Create new evdev device. Note that input core serializes calls 950 * to connect and disconnect so we don't need to lock evdev_table here. 951 */ 952 static int evdev_connect(struct input_handler *handler, struct input_dev *dev, 953 const struct input_device_id *id) 954 { 955 struct evdev *evdev; 956 int minor; 957 int error; 958 959 for (minor = 0; minor < EVDEV_MINORS; minor++) 960 if (!evdev_table[minor]) 961 break; 962 963 if (minor == EVDEV_MINORS) { 964 pr_err("no more free evdev devices\n"); 965 return -ENFILE; 966 } 967 968 evdev = kzalloc(sizeof(struct evdev), GFP_KERNEL); 969 if (!evdev) 970 return -ENOMEM; 971 972 INIT_LIST_HEAD(&evdev->client_list); 973 spin_lock_init(&evdev->client_lock); 974 mutex_init(&evdev->mutex); 975 init_waitqueue_head(&evdev->wait); 976 977 dev_set_name(&evdev->dev, "event%d", minor); 978 evdev->exist = true; 979 evdev->minor = minor; 980 981 evdev->handle.dev = input_get_device(dev); 982 evdev->handle.name = dev_name(&evdev->dev); 983 evdev->handle.handler = handler; 984 evdev->handle.private = evdev; 985 986 evdev->dev.devt = MKDEV(INPUT_MAJOR, EVDEV_MINOR_BASE + minor); 987 evdev->dev.class = &input_class; 988 evdev->dev.parent = &dev->dev; 989 evdev->dev.release = evdev_free; 990 device_initialize(&evdev->dev); 991 992 error = input_register_handle(&evdev->handle); 993 if (error) 994 goto err_free_evdev; 995 996 error = evdev_install_chrdev(evdev); 997 if (error) 998 goto err_unregister_handle; 999 1000 error = device_add(&evdev->dev); 1001 if (error) 1002 goto err_cleanup_evdev; 1003 1004 return 0; 1005 1006 err_cleanup_evdev: 1007 evdev_cleanup(evdev); 1008 err_unregister_handle: 1009 input_unregister_handle(&evdev->handle); 1010 err_free_evdev: 1011 put_device(&evdev->dev); 1012 return error; 1013 } 1014 1015 static void evdev_disconnect(struct input_handle *handle) 1016 { 1017 struct evdev *evdev = handle->private; 1018 1019 device_del(&evdev->dev); 1020 evdev_cleanup(evdev); 1021 input_unregister_handle(handle); 1022 put_device(&evdev->dev); 1023 } 1024 1025 static const struct input_device_id evdev_ids[] = { 1026 { .driver_info = 1 }, /* Matches all devices */ 1027 { }, /* Terminating zero entry */ 1028 }; 1029 1030 MODULE_DEVICE_TABLE(input, evdev_ids); 1031 1032 static struct input_handler evdev_handler = { 1033 .event = evdev_event, 1034 .connect = evdev_connect, 1035 .disconnect = evdev_disconnect, 1036 .fops = &evdev_fops, 1037 .minor = EVDEV_MINOR_BASE, 1038 .name = "evdev", 1039 .id_table = evdev_ids, 1040 }; 1041 1042 static int __init evdev_init(void) 1043 { 1044 return input_register_handler(&evdev_handler); 1045 } 1046 1047 static void __exit evdev_exit(void) 1048 { 1049 input_unregister_handler(&evdev_handler); 1050 } 1051 1052 module_init(evdev_init); 1053 module_exit(evdev_exit); 1054 1055 MODULE_AUTHOR("Vojtech Pavlik <vojtech@ucw.cz>"); 1056 MODULE_DESCRIPTION("Input driver event char devices"); 1057 MODULE_LICENSE("GPL"); 1058