1 // SPDX-License-Identifier: GPL-2.0-only 2 /* 3 * PS/2 driver library 4 * 5 * Copyright (c) 1999-2002 Vojtech Pavlik 6 * Copyright (c) 2004 Dmitry Torokhov 7 */ 8 9 10 #include <linux/delay.h> 11 #include <linux/module.h> 12 #include <linux/sched.h> 13 #include <linux/interrupt.h> 14 #include <linux/input.h> 15 #include <linux/kmsan-checks.h> 16 #include <linux/serio.h> 17 #include <linux/i8042.h> 18 #include <linux/libps2.h> 19 20 #define DRIVER_DESC "PS/2 driver library" 21 22 #define PS2_CMD_SETSCALE11 0x00e6 23 #define PS2_CMD_SETRES 0x10e8 24 #define PS2_CMD_EX_SETLEDS 0x20eb 25 #define PS2_CMD_SETLEDS 0x10ed 26 #define PS2_CMD_GETID 0x02f2 27 #define PS2_CMD_SETREP 0x10f3 /* Set repeat rate/set report rate */ 28 #define PS2_CMD_RESET_BAT 0x02ff 29 30 #define PS2_RET_BAT 0xaa 31 #define PS2_RET_ID 0x00 32 #define PS2_RET_ACK 0xfa 33 #define PS2_RET_NAK 0xfe 34 #define PS2_RET_ERR 0xfc 35 36 #define PS2_FLAG_ACK BIT(0) /* Waiting for ACK/NAK */ 37 #define PS2_FLAG_CMD BIT(1) /* Waiting for a command to finish */ 38 #define PS2_FLAG_CMD1 BIT(2) /* Waiting for the first byte of command response */ 39 #define PS2_FLAG_WAITID BIT(3) /* Command executing is GET ID */ 40 #define PS2_FLAG_NAK BIT(4) /* Last transmission was NAKed */ 41 #define PS2_FLAG_PASS_NOACK BIT(5) /* Pass non-ACK byte to receive handler */ 42 43 static int ps2_do_sendbyte(struct ps2dev *ps2dev, u8 byte, 44 unsigned int timeout, unsigned int max_attempts) 45 __releases(&ps2dev->serio->lock) __acquires(&ps2dev->serio->lock) 46 { 47 int attempt = 0; 48 int error; 49 50 lockdep_assert_held(&ps2dev->serio->lock); 51 52 do { 53 ps2dev->nak = 1; 54 ps2dev->flags |= PS2_FLAG_ACK; 55 56 serio_continue_rx(ps2dev->serio); 57 58 error = serio_write(ps2dev->serio, byte); 59 if (error) 60 dev_dbg(&ps2dev->serio->dev, 61 "failed to write %#02x: %d\n", byte, error); 62 else 63 wait_event_timeout(ps2dev->wait, 64 !(ps2dev->flags & PS2_FLAG_ACK), 65 msecs_to_jiffies(timeout)); 66 67 serio_pause_rx(ps2dev->serio); 68 } while (ps2dev->nak == PS2_RET_NAK && ++attempt < max_attempts); 69 70 ps2dev->flags &= ~PS2_FLAG_ACK; 71 72 if (!error) { 73 switch (ps2dev->nak) { 74 case 0: 75 break; 76 case PS2_RET_NAK: 77 error = -EAGAIN; 78 break; 79 case PS2_RET_ERR: 80 error = -EPROTO; 81 break; 82 default: 83 error = -EIO; 84 break; 85 } 86 } 87 88 if (error || attempt > 1) 89 dev_dbg(&ps2dev->serio->dev, 90 "%02x - %d (%x), attempt %d\n", 91 byte, error, ps2dev->nak, attempt); 92 93 return error; 94 } 95 96 /** 97 * ps2_sendbyte - sends a byte to the device and wait for acknowledgement 98 * @ps2dev: a PS/2 device to send the data to 99 * @byte: data to be sent to the device 100 * @timeout: timeout for sending the data and receiving an acknowledge 101 * 102 * The function doesn't handle retransmission, the caller is expected to handle 103 * it when needed. 104 * 105 * ps2_sendbyte() can only be called from a process context. 106 */ 107 int ps2_sendbyte(struct ps2dev *ps2dev, u8 byte, unsigned int timeout) 108 { 109 int retval; 110 111 guard(serio_pause_rx)(ps2dev->serio); 112 113 retval = ps2_do_sendbyte(ps2dev, byte, timeout, 1); 114 dev_dbg(&ps2dev->serio->dev, "%02x - %x\n", byte, ps2dev->nak); 115 116 return retval; 117 } 118 EXPORT_SYMBOL(ps2_sendbyte); 119 120 /** 121 * ps2_begin_command - mark beginning of execution of a complex command 122 * @ps2dev: a PS/2 device executing the command 123 * 124 * Serializes a complex/compound command. Once command is finished 125 * ps2_end_command() should be called. 126 */ 127 void ps2_begin_command(struct ps2dev *ps2dev) 128 { 129 struct mutex *m = ps2dev->serio->ps2_cmd_mutex ?: &ps2dev->cmd_mutex; 130 131 mutex_lock(m); 132 } 133 EXPORT_SYMBOL(ps2_begin_command); 134 135 /** 136 * ps2_end_command - mark end of execution of a complex command 137 * @ps2dev: a PS/2 device executing the command 138 */ 139 void ps2_end_command(struct ps2dev *ps2dev) 140 { 141 struct mutex *m = ps2dev->serio->ps2_cmd_mutex ?: &ps2dev->cmd_mutex; 142 143 mutex_unlock(m); 144 } 145 EXPORT_SYMBOL(ps2_end_command); 146 147 /** 148 * ps2_drain - waits for device to transmit requested number of bytes 149 * and discards them 150 * @ps2dev: the PS/2 device that should be drained 151 * @maxbytes: maximum number of bytes to be drained 152 * @timeout: time to drain the device 153 */ 154 void ps2_drain(struct ps2dev *ps2dev, size_t maxbytes, unsigned int timeout) 155 { 156 if (maxbytes > sizeof(ps2dev->cmdbuf)) { 157 WARN_ON(1); 158 maxbytes = sizeof(ps2dev->cmdbuf); 159 } 160 161 ps2_begin_command(ps2dev); 162 163 scoped_guard(serio_pause_rx, ps2dev->serio) { 164 ps2dev->flags = PS2_FLAG_CMD; 165 ps2dev->cmdcnt = maxbytes; 166 } 167 168 wait_event_timeout(ps2dev->wait, 169 !(ps2dev->flags & PS2_FLAG_CMD), 170 msecs_to_jiffies(timeout)); 171 172 ps2_end_command(ps2dev); 173 } 174 EXPORT_SYMBOL(ps2_drain); 175 176 /** 177 * ps2_is_keyboard_id - checks received ID byte against the list of 178 * known keyboard IDs 179 * @id_byte: data byte that should be checked 180 */ 181 bool ps2_is_keyboard_id(u8 id_byte) 182 { 183 static const u8 keyboard_ids[] = { 184 0xab, /* Regular keyboards */ 185 0xac, /* NCD Sun keyboard */ 186 0x2b, /* Trust keyboard, translated */ 187 0x5d, /* Trust keyboard */ 188 0x60, /* NMB SGI keyboard, translated */ 189 0x47, /* NMB SGI keyboard */ 190 }; 191 192 return memchr(keyboard_ids, id_byte, sizeof(keyboard_ids)) != NULL; 193 } 194 EXPORT_SYMBOL(ps2_is_keyboard_id); 195 196 /* 197 * ps2_adjust_timeout() is called after receiving 1st byte of command 198 * response and tries to reduce remaining timeout to speed up command 199 * completion. 200 */ 201 static int ps2_adjust_timeout(struct ps2dev *ps2dev, 202 unsigned int command, unsigned int timeout) 203 { 204 switch (command) { 205 case PS2_CMD_RESET_BAT: 206 /* 207 * Device has sent the first response byte after 208 * reset command, reset is thus done, so we can 209 * shorten the timeout. 210 * The next byte will come soon (keyboard) or not 211 * at all (mouse). 212 */ 213 if (timeout > msecs_to_jiffies(100)) 214 timeout = msecs_to_jiffies(100); 215 break; 216 217 case PS2_CMD_GETID: 218 /* 219 * Microsoft Natural Elite keyboard responds to 220 * the GET ID command as it were a mouse, with 221 * a single byte. Fail the command so atkbd will 222 * use alternative probe to detect it. 223 */ 224 if (ps2dev->cmdbuf[1] == 0xaa) { 225 scoped_guard(serio_pause_rx, ps2dev->serio) 226 ps2dev->flags = 0; 227 228 timeout = 0; 229 } 230 231 /* 232 * If device behind the port is not a keyboard there 233 * won't be 2nd byte of ID response. 234 */ 235 if (!ps2_is_keyboard_id(ps2dev->cmdbuf[1])) { 236 scoped_guard(serio_pause_rx, ps2dev->serio) 237 ps2dev->flags = ps2dev->cmdcnt = 0; 238 239 timeout = 0; 240 } 241 break; 242 243 default: 244 break; 245 } 246 247 return timeout; 248 } 249 250 /** 251 * __ps2_command - send a command to PS/2 device 252 * @ps2dev: the PS/2 device that should execute the command 253 * @param: a buffer containing parameters to be sent along with the command, 254 * or place where the results of the command execution will be deposited, 255 * or both 256 * @command: command word that encodes the command itself, as well as number of 257 * additional parameter bytes that should be sent to the device and expected 258 * length of the command response 259 * 260 * Not serialized. Callers should use ps2_begin_command() and ps2_end_command() 261 * to ensure proper serialization for complex commands. 262 */ 263 int __ps2_command(struct ps2dev *ps2dev, u8 *param, unsigned int command) 264 { 265 unsigned int timeout; 266 unsigned int send = (command >> 12) & 0xf; 267 unsigned int receive = (command >> 8) & 0xf; 268 int rc; 269 int i; 270 u8 send_param[16]; 271 272 if (receive > sizeof(ps2dev->cmdbuf)) { 273 WARN_ON(1); 274 return -EINVAL; 275 } 276 277 if (send && !param) { 278 WARN_ON(1); 279 return -EINVAL; 280 } 281 282 memcpy(send_param, param, send); 283 284 /* 285 * Not using guard notation because we need to break critical 286 * section below while waiting for the response. 287 */ 288 serio_pause_rx(ps2dev->serio); 289 290 ps2dev->cmdcnt = receive; 291 292 switch (command) { 293 case PS2_CMD_GETID: 294 /* 295 * Some mice do not ACK the "get ID" command, prepare to 296 * handle this. 297 */ 298 ps2dev->flags = PS2_FLAG_WAITID; 299 break; 300 301 case PS2_CMD_SETLEDS: 302 case PS2_CMD_EX_SETLEDS: 303 case PS2_CMD_SETREP: 304 ps2dev->flags = PS2_FLAG_PASS_NOACK; 305 break; 306 307 default: 308 ps2dev->flags = 0; 309 break; 310 } 311 312 if (receive) { 313 /* Indicate that we expect response to the command. */ 314 ps2dev->flags |= PS2_FLAG_CMD | PS2_FLAG_CMD1; 315 if (param) 316 for (i = 0; i < receive; i++) 317 ps2dev->cmdbuf[(receive - 1) - i] = param[i]; 318 } 319 320 /* 321 * Some devices (Synaptics) perform the reset before 322 * ACKing the reset command, and so it can take a long 323 * time before the ACK arrives. 324 */ 325 timeout = command == PS2_CMD_RESET_BAT ? 1000 : 200; 326 327 rc = ps2_do_sendbyte(ps2dev, command & 0xff, timeout, 2); 328 if (rc) 329 goto out_reset_flags; 330 331 /* Send command parameters, if any. */ 332 for (i = 0; i < send; i++) { 333 rc = ps2_do_sendbyte(ps2dev, param[i], 200, 2); 334 if (rc) 335 goto out_reset_flags; 336 } 337 338 serio_continue_rx(ps2dev->serio); 339 340 /* 341 * The reset command takes a long time to execute. 342 */ 343 timeout = msecs_to_jiffies(command == PS2_CMD_RESET_BAT ? 4000 : 500); 344 345 timeout = wait_event_timeout(ps2dev->wait, 346 !(ps2dev->flags & PS2_FLAG_CMD1), timeout); 347 348 if (ps2dev->cmdcnt && !(ps2dev->flags & PS2_FLAG_CMD1)) { 349 350 timeout = ps2_adjust_timeout(ps2dev, command, timeout); 351 wait_event_timeout(ps2dev->wait, 352 !(ps2dev->flags & PS2_FLAG_CMD), timeout); 353 } 354 355 serio_pause_rx(ps2dev->serio); 356 357 if (param) { 358 for (i = 0; i < receive; i++) 359 param[i] = ps2dev->cmdbuf[(receive - 1) - i]; 360 kmsan_unpoison_memory(param, receive); 361 } 362 363 if (ps2dev->cmdcnt && 364 (command != PS2_CMD_RESET_BAT || ps2dev->cmdcnt != 1)) { 365 rc = -EPROTO; 366 goto out_reset_flags; 367 } 368 369 rc = 0; 370 371 out_reset_flags: 372 ps2dev->flags = 0; 373 serio_continue_rx(ps2dev->serio); 374 375 dev_dbg(&ps2dev->serio->dev, 376 "%02x [%*ph] - %x/%08lx [%*ph]\n", 377 command & 0xff, send, send_param, 378 ps2dev->nak, ps2dev->flags, 379 receive, param ?: send_param); 380 381 /* 382 * ps_command() handles resends itself, so do not leak -EAGAIN 383 * to the callers. 384 */ 385 return rc != -EAGAIN ? rc : -EPROTO; 386 } 387 EXPORT_SYMBOL(__ps2_command); 388 389 /** 390 * ps2_command - send a command to PS/2 device 391 * @ps2dev: the PS/2 device that should execute the command 392 * @param: a buffer containing parameters to be sent along with the command, 393 * or place where the results of the command execution will be deposited, 394 * or both 395 * @command: command word that encodes the command itself, as well as number of 396 * additional parameter bytes that should be sent to the device and expected 397 * length of the command response 398 * 399 * Note: ps2_command() serializes the command execution so that only one 400 * command can be executed at a time for either individual port or the entire 401 * 8042 controller. 402 */ 403 int ps2_command(struct ps2dev *ps2dev, u8 *param, unsigned int command) 404 { 405 int rc; 406 407 ps2_begin_command(ps2dev); 408 rc = __ps2_command(ps2dev, param, command); 409 ps2_end_command(ps2dev); 410 411 return rc; 412 } 413 EXPORT_SYMBOL(ps2_command); 414 415 /** 416 * ps2_sliced_command - sends an extended PS/2 command to a mouse 417 * @ps2dev: the PS/2 device that should execute the command 418 * @command: command byte 419 * 420 * The command is sent using "sliced" syntax understood by advanced devices, 421 * such as Logitech or Synaptics touchpads. The command is encoded as: 422 * 0xE6 0xE8 rr 0xE8 ss 0xE8 tt 0xE8 uu where (rr*64)+(ss*16)+(tt*4)+uu 423 * is the command. 424 */ 425 int ps2_sliced_command(struct ps2dev *ps2dev, u8 command) 426 { 427 int i; 428 int retval; 429 430 ps2_begin_command(ps2dev); 431 432 retval = __ps2_command(ps2dev, NULL, PS2_CMD_SETSCALE11); 433 if (retval) 434 goto out; 435 436 for (i = 6; i >= 0; i -= 2) { 437 u8 d = (command >> i) & 3; 438 retval = __ps2_command(ps2dev, &d, PS2_CMD_SETRES); 439 if (retval) 440 break; 441 } 442 443 out: 444 dev_dbg(&ps2dev->serio->dev, "%02x - %d\n", command, retval); 445 ps2_end_command(ps2dev); 446 return retval; 447 } 448 EXPORT_SYMBOL(ps2_sliced_command); 449 450 /** 451 * ps2_init - initializes ps2dev structure 452 * @ps2dev: structure to be initialized 453 * @serio: serio port associated with the PS/2 device 454 * @pre_receive_handler: validation handler to check basic communication state 455 * @receive_handler: main protocol handler 456 * 457 * Prepares ps2dev structure for use in drivers for PS/2 devices. 458 */ 459 void ps2_init(struct ps2dev *ps2dev, struct serio *serio, 460 ps2_pre_receive_handler_t pre_receive_handler, 461 ps2_receive_handler_t receive_handler) 462 { 463 ps2dev->pre_receive_handler = pre_receive_handler; 464 ps2dev->receive_handler = receive_handler; 465 466 mutex_init(&ps2dev->cmd_mutex); 467 lockdep_set_subclass(&ps2dev->cmd_mutex, serio->depth); 468 init_waitqueue_head(&ps2dev->wait); 469 ps2dev->serio = serio; 470 serio_set_drvdata(serio, ps2dev); 471 } 472 EXPORT_SYMBOL(ps2_init); 473 474 /* 475 * ps2_handle_response() stores device's response to a command and notifies 476 * the process waiting for completion of the command. Note that there is a 477 * distinction between waiting for the first byte of the response, and 478 * waiting for subsequent bytes. It is done so that callers could shorten 479 * timeouts once first byte of response is received. 480 */ 481 static void ps2_handle_response(struct ps2dev *ps2dev, u8 data) 482 { 483 if (ps2dev->cmdcnt) 484 ps2dev->cmdbuf[--ps2dev->cmdcnt] = data; 485 486 if (ps2dev->flags & PS2_FLAG_CMD1) { 487 ps2dev->flags &= ~PS2_FLAG_CMD1; 488 if (ps2dev->cmdcnt) 489 wake_up(&ps2dev->wait); 490 } 491 492 if (!ps2dev->cmdcnt) { 493 ps2dev->flags &= ~PS2_FLAG_CMD; 494 wake_up(&ps2dev->wait); 495 } 496 } 497 498 /* 499 * ps2_handle_ack() processes ACK/NAK of a command from a PS/2 device, 500 * possibly applying workarounds for mice not acknowledging the "get ID" 501 * command. 502 */ 503 static void ps2_handle_ack(struct ps2dev *ps2dev, u8 data) 504 { 505 switch (data) { 506 case PS2_RET_ACK: 507 ps2dev->nak = 0; 508 break; 509 510 case PS2_RET_NAK: 511 ps2dev->flags |= PS2_FLAG_NAK; 512 ps2dev->nak = PS2_RET_NAK; 513 break; 514 515 case PS2_RET_ERR: 516 if (ps2dev->flags & PS2_FLAG_NAK) { 517 ps2dev->flags &= ~PS2_FLAG_NAK; 518 ps2dev->nak = PS2_RET_ERR; 519 break; 520 } 521 fallthrough; 522 523 /* 524 * Workaround for mice which don't ACK the Get ID command. 525 * These are valid mouse IDs that we recognize. 526 */ 527 case 0x00: 528 case 0x03: 529 case 0x04: 530 if (ps2dev->flags & PS2_FLAG_WAITID) { 531 ps2dev->nak = 0; 532 break; 533 } 534 fallthrough; 535 default: 536 /* 537 * Do not signal errors if we get unexpected reply while 538 * waiting for an ACK to the initial (first) command byte: 539 * the device might not be quiesced yet and continue 540 * delivering data. For certain commands (such as set leds and 541 * set repeat rate) that can be used during normal device 542 * operation, we even pass this data byte to the normal receive 543 * handler. 544 * Note that we reset PS2_FLAG_WAITID flag, so the workaround 545 * for mice not acknowledging the Get ID command only triggers 546 * on the 1st byte; if device spews data we really want to see 547 * a real ACK from it. 548 */ 549 dev_dbg(&ps2dev->serio->dev, "unexpected %#02x\n", data); 550 if (ps2dev->flags & PS2_FLAG_PASS_NOACK) 551 ps2dev->receive_handler(ps2dev, data); 552 ps2dev->flags &= ~(PS2_FLAG_WAITID | PS2_FLAG_PASS_NOACK); 553 return; 554 } 555 556 if (!ps2dev->nak) 557 ps2dev->flags &= ~PS2_FLAG_NAK; 558 559 ps2dev->flags &= ~PS2_FLAG_ACK; 560 561 if (!ps2dev->nak && data != PS2_RET_ACK) 562 ps2_handle_response(ps2dev, data); 563 else 564 wake_up(&ps2dev->wait); 565 } 566 567 /* 568 * Clears state of PS/2 device after communication error by resetting majority 569 * of flags and waking up waiters, if any. 570 */ 571 static void ps2_cleanup(struct ps2dev *ps2dev) 572 { 573 unsigned long old_flags = ps2dev->flags; 574 575 /* reset all flags except last nak */ 576 ps2dev->flags &= PS2_FLAG_NAK; 577 578 if (old_flags & PS2_FLAG_ACK) 579 ps2dev->nak = 1; 580 581 if (old_flags & (PS2_FLAG_ACK | PS2_FLAG_CMD)) 582 wake_up(&ps2dev->wait); 583 } 584 585 /** 586 * ps2_interrupt - common interrupt handler for PS/2 devices 587 * @serio: serio port for the device 588 * @data: a data byte received from the device 589 * @flags: flags such as %SERIO_PARITY or %SERIO_TIMEOUT indicating state of 590 * the data transfer 591 * 592 * ps2_interrupt() invokes pre-receive handler, optionally handles command 593 * acknowledgement and response from the device, and finally passes the data 594 * to the main protocol handler for future processing. 595 */ 596 irqreturn_t ps2_interrupt(struct serio *serio, u8 data, unsigned int flags) { 597 struct ps2dev *ps2dev = serio_get_drvdata(serio); 598 enum ps2_disposition rc; 599 600 rc = ps2dev->pre_receive_handler(ps2dev, data, flags); 601 switch (rc) { 602 case PS2_ERROR: 603 ps2_cleanup(ps2dev); 604 break; 605 606 case PS2_IGNORE: 607 break; 608 609 case PS2_PROCESS: 610 if (ps2dev->flags & PS2_FLAG_ACK) 611 ps2_handle_ack(ps2dev, data); 612 else if (ps2dev->flags & PS2_FLAG_CMD) 613 ps2_handle_response(ps2dev, data); 614 else 615 ps2dev->receive_handler(ps2dev, data); 616 break; 617 } 618 619 return IRQ_HANDLED; 620 } 621 EXPORT_SYMBOL(ps2_interrupt); 622 623 MODULE_AUTHOR("Dmitry Torokhov <dtor@mail.ru>"); 624 MODULE_DESCRIPTION("PS/2 driver library"); 625 MODULE_LICENSE("GPL"); 626