1 // SPDX-License-Identifier: GPL-2.0 2 /* 3 * cdc-wdm.c 4 * 5 * This driver supports USB CDC WCM Device Management. 6 * 7 * Copyright (c) 2007-2009 Oliver Neukum 8 * 9 * Some code taken from cdc-acm.c 10 * 11 * Released under the GPLv2. 12 * 13 * Many thanks to Carl Nordbeck 14 */ 15 #include <linux/kernel.h> 16 #include <linux/errno.h> 17 #include <linux/ioctl.h> 18 #include <linux/slab.h> 19 #include <linux/module.h> 20 #include <linux/mutex.h> 21 #include <linux/uaccess.h> 22 #include <linux/bitops.h> 23 #include <linux/poll.h> 24 #include <linux/usb.h> 25 #include <linux/usb/cdc.h> 26 #include <asm/byteorder.h> 27 #include <asm/unaligned.h> 28 #include <linux/usb/cdc-wdm.h> 29 30 #define DRIVER_AUTHOR "Oliver Neukum" 31 #define DRIVER_DESC "USB Abstract Control Model driver for USB WCM Device Management" 32 33 static const struct usb_device_id wdm_ids[] = { 34 { 35 .match_flags = USB_DEVICE_ID_MATCH_INT_CLASS | 36 USB_DEVICE_ID_MATCH_INT_SUBCLASS, 37 .bInterfaceClass = USB_CLASS_COMM, 38 .bInterfaceSubClass = USB_CDC_SUBCLASS_DMM 39 }, 40 { } 41 }; 42 43 MODULE_DEVICE_TABLE (usb, wdm_ids); 44 45 #define WDM_MINOR_BASE 176 46 47 48 #define WDM_IN_USE 1 49 #define WDM_DISCONNECTING 2 50 #define WDM_RESULT 3 51 #define WDM_READ 4 52 #define WDM_INT_STALL 5 53 #define WDM_POLL_RUNNING 6 54 #define WDM_RESPONDING 7 55 #define WDM_SUSPENDING 8 56 #define WDM_RESETTING 9 57 #define WDM_OVERFLOW 10 58 59 #define WDM_MAX 16 60 61 /* CDC-WMC r1.1 requires wMaxCommand to be "at least 256 decimal (0x100)" */ 62 #define WDM_DEFAULT_BUFSIZE 256 63 64 static DEFINE_MUTEX(wdm_mutex); 65 static DEFINE_SPINLOCK(wdm_device_list_lock); 66 static LIST_HEAD(wdm_device_list); 67 68 /* --- method tables --- */ 69 70 struct wdm_device { 71 u8 *inbuf; /* buffer for response */ 72 u8 *outbuf; /* buffer for command */ 73 u8 *sbuf; /* buffer for status */ 74 u8 *ubuf; /* buffer for copy to user space */ 75 76 struct urb *command; 77 struct urb *response; 78 struct urb *validity; 79 struct usb_interface *intf; 80 struct usb_ctrlrequest *orq; 81 struct usb_ctrlrequest *irq; 82 spinlock_t iuspin; 83 84 unsigned long flags; 85 u16 bufsize; 86 u16 wMaxCommand; 87 u16 wMaxPacketSize; 88 __le16 inum; 89 int reslength; 90 int length; 91 int read; 92 int count; 93 dma_addr_t shandle; 94 dma_addr_t ihandle; 95 struct mutex wlock; 96 struct mutex rlock; 97 wait_queue_head_t wait; 98 struct work_struct rxwork; 99 int werr; 100 int rerr; 101 int resp_count; 102 103 struct list_head device_list; 104 int (*manage_power)(struct usb_interface *, int); 105 }; 106 107 static struct usb_driver wdm_driver; 108 109 /* return intfdata if we own the interface, else look up intf in the list */ 110 static struct wdm_device *wdm_find_device(struct usb_interface *intf) 111 { 112 struct wdm_device *desc; 113 114 spin_lock(&wdm_device_list_lock); 115 list_for_each_entry(desc, &wdm_device_list, device_list) 116 if (desc->intf == intf) 117 goto found; 118 desc = NULL; 119 found: 120 spin_unlock(&wdm_device_list_lock); 121 122 return desc; 123 } 124 125 static struct wdm_device *wdm_find_device_by_minor(int minor) 126 { 127 struct wdm_device *desc; 128 129 spin_lock(&wdm_device_list_lock); 130 list_for_each_entry(desc, &wdm_device_list, device_list) 131 if (desc->intf->minor == minor) 132 goto found; 133 desc = NULL; 134 found: 135 spin_unlock(&wdm_device_list_lock); 136 137 return desc; 138 } 139 140 /* --- callbacks --- */ 141 static void wdm_out_callback(struct urb *urb) 142 { 143 struct wdm_device *desc; 144 desc = urb->context; 145 spin_lock(&desc->iuspin); 146 desc->werr = urb->status; 147 spin_unlock(&desc->iuspin); 148 kfree(desc->outbuf); 149 desc->outbuf = NULL; 150 clear_bit(WDM_IN_USE, &desc->flags); 151 wake_up(&desc->wait); 152 } 153 154 /* forward declaration */ 155 static int service_outstanding_interrupt(struct wdm_device *desc); 156 157 static void wdm_in_callback(struct urb *urb) 158 { 159 struct wdm_device *desc = urb->context; 160 int status = urb->status; 161 int length = urb->actual_length; 162 163 spin_lock(&desc->iuspin); 164 clear_bit(WDM_RESPONDING, &desc->flags); 165 166 if (status) { 167 switch (status) { 168 case -ENOENT: 169 dev_dbg(&desc->intf->dev, 170 "nonzero urb status received: -ENOENT\n"); 171 goto skip_error; 172 case -ECONNRESET: 173 dev_dbg(&desc->intf->dev, 174 "nonzero urb status received: -ECONNRESET\n"); 175 goto skip_error; 176 case -ESHUTDOWN: 177 dev_dbg(&desc->intf->dev, 178 "nonzero urb status received: -ESHUTDOWN\n"); 179 goto skip_error; 180 case -EPIPE: 181 dev_err(&desc->intf->dev, 182 "nonzero urb status received: -EPIPE\n"); 183 break; 184 default: 185 dev_err(&desc->intf->dev, 186 "Unexpected error %d\n", status); 187 break; 188 } 189 } 190 191 /* 192 * only set a new error if there is no previous error. 193 * Errors are only cleared during read/open 194 * Avoid propagating -EPIPE (stall) to userspace since it is 195 * better handled as an empty read 196 */ 197 if (desc->rerr == 0 && status != -EPIPE) 198 desc->rerr = status; 199 200 if (length + desc->length > desc->wMaxCommand) { 201 /* The buffer would overflow */ 202 set_bit(WDM_OVERFLOW, &desc->flags); 203 } else { 204 /* we may already be in overflow */ 205 if (!test_bit(WDM_OVERFLOW, &desc->flags)) { 206 memmove(desc->ubuf + desc->length, desc->inbuf, length); 207 desc->length += length; 208 desc->reslength = length; 209 } 210 } 211 skip_error: 212 set_bit(WDM_READ, &desc->flags); 213 wake_up(&desc->wait); 214 215 if (desc->rerr) { 216 /* 217 * Since there was an error, userspace may decide to not read 218 * any data after poll'ing. 219 * We should respond to further attempts from the device to send 220 * data, so that we can get unstuck. 221 */ 222 service_outstanding_interrupt(desc); 223 } 224 225 spin_unlock(&desc->iuspin); 226 } 227 228 static void wdm_int_callback(struct urb *urb) 229 { 230 int rv = 0; 231 int responding; 232 int status = urb->status; 233 struct wdm_device *desc; 234 struct usb_cdc_notification *dr; 235 236 desc = urb->context; 237 dr = (struct usb_cdc_notification *)desc->sbuf; 238 239 if (status) { 240 switch (status) { 241 case -ESHUTDOWN: 242 case -ENOENT: 243 case -ECONNRESET: 244 return; /* unplug */ 245 case -EPIPE: 246 set_bit(WDM_INT_STALL, &desc->flags); 247 dev_err(&desc->intf->dev, "Stall on int endpoint\n"); 248 goto sw; /* halt is cleared in work */ 249 default: 250 dev_err(&desc->intf->dev, 251 "nonzero urb status received: %d\n", status); 252 break; 253 } 254 } 255 256 if (urb->actual_length < sizeof(struct usb_cdc_notification)) { 257 dev_err(&desc->intf->dev, "wdm_int_callback - %d bytes\n", 258 urb->actual_length); 259 goto exit; 260 } 261 262 switch (dr->bNotificationType) { 263 case USB_CDC_NOTIFY_RESPONSE_AVAILABLE: 264 dev_dbg(&desc->intf->dev, 265 "NOTIFY_RESPONSE_AVAILABLE received: index %d len %d\n", 266 le16_to_cpu(dr->wIndex), le16_to_cpu(dr->wLength)); 267 break; 268 269 case USB_CDC_NOTIFY_NETWORK_CONNECTION: 270 271 dev_dbg(&desc->intf->dev, 272 "NOTIFY_NETWORK_CONNECTION %s network\n", 273 dr->wValue ? "connected to" : "disconnected from"); 274 goto exit; 275 case USB_CDC_NOTIFY_SPEED_CHANGE: 276 dev_dbg(&desc->intf->dev, "SPEED_CHANGE received (len %u)\n", 277 urb->actual_length); 278 goto exit; 279 default: 280 clear_bit(WDM_POLL_RUNNING, &desc->flags); 281 dev_err(&desc->intf->dev, 282 "unknown notification %d received: index %d len %d\n", 283 dr->bNotificationType, 284 le16_to_cpu(dr->wIndex), 285 le16_to_cpu(dr->wLength)); 286 goto exit; 287 } 288 289 spin_lock(&desc->iuspin); 290 responding = test_and_set_bit(WDM_RESPONDING, &desc->flags); 291 if (!desc->resp_count++ && !responding 292 && !test_bit(WDM_DISCONNECTING, &desc->flags) 293 && !test_bit(WDM_SUSPENDING, &desc->flags)) { 294 rv = usb_submit_urb(desc->response, GFP_ATOMIC); 295 dev_dbg(&desc->intf->dev, "submit response URB %d\n", rv); 296 } 297 spin_unlock(&desc->iuspin); 298 if (rv < 0) { 299 clear_bit(WDM_RESPONDING, &desc->flags); 300 if (rv == -EPERM) 301 return; 302 if (rv == -ENOMEM) { 303 sw: 304 rv = schedule_work(&desc->rxwork); 305 if (rv) 306 dev_err(&desc->intf->dev, 307 "Cannot schedule work\n"); 308 } 309 } 310 exit: 311 rv = usb_submit_urb(urb, GFP_ATOMIC); 312 if (rv) 313 dev_err(&desc->intf->dev, 314 "%s - usb_submit_urb failed with result %d\n", 315 __func__, rv); 316 317 } 318 319 static void kill_urbs(struct wdm_device *desc) 320 { 321 /* the order here is essential */ 322 usb_kill_urb(desc->command); 323 usb_kill_urb(desc->validity); 324 usb_kill_urb(desc->response); 325 } 326 327 static void free_urbs(struct wdm_device *desc) 328 { 329 usb_free_urb(desc->validity); 330 usb_free_urb(desc->response); 331 usb_free_urb(desc->command); 332 } 333 334 static void cleanup(struct wdm_device *desc) 335 { 336 kfree(desc->sbuf); 337 kfree(desc->inbuf); 338 kfree(desc->orq); 339 kfree(desc->irq); 340 kfree(desc->ubuf); 341 free_urbs(desc); 342 kfree(desc); 343 } 344 345 static ssize_t wdm_write 346 (struct file *file, const char __user *buffer, size_t count, loff_t *ppos) 347 { 348 u8 *buf; 349 int rv = -EMSGSIZE, r, we; 350 struct wdm_device *desc = file->private_data; 351 struct usb_ctrlrequest *req; 352 353 if (count > desc->wMaxCommand) 354 count = desc->wMaxCommand; 355 356 spin_lock_irq(&desc->iuspin); 357 we = desc->werr; 358 desc->werr = 0; 359 spin_unlock_irq(&desc->iuspin); 360 if (we < 0) 361 return usb_translate_errors(we); 362 363 buf = memdup_user(buffer, count); 364 if (IS_ERR(buf)) 365 return PTR_ERR(buf); 366 367 /* concurrent writes and disconnect */ 368 r = mutex_lock_interruptible(&desc->wlock); 369 rv = -ERESTARTSYS; 370 if (r) 371 goto out_free_mem; 372 373 if (test_bit(WDM_DISCONNECTING, &desc->flags)) { 374 rv = -ENODEV; 375 goto out_free_mem_lock; 376 } 377 378 r = usb_autopm_get_interface(desc->intf); 379 if (r < 0) { 380 rv = usb_translate_errors(r); 381 goto out_free_mem_lock; 382 } 383 384 if (!(file->f_flags & O_NONBLOCK)) 385 r = wait_event_interruptible(desc->wait, !test_bit(WDM_IN_USE, 386 &desc->flags)); 387 else 388 if (test_bit(WDM_IN_USE, &desc->flags)) 389 r = -EAGAIN; 390 391 if (test_bit(WDM_RESETTING, &desc->flags)) 392 r = -EIO; 393 394 if (r < 0) { 395 rv = r; 396 goto out_free_mem_pm; 397 } 398 399 req = desc->orq; 400 usb_fill_control_urb( 401 desc->command, 402 interface_to_usbdev(desc->intf), 403 /* using common endpoint 0 */ 404 usb_sndctrlpipe(interface_to_usbdev(desc->intf), 0), 405 (unsigned char *)req, 406 buf, 407 count, 408 wdm_out_callback, 409 desc 410 ); 411 412 req->bRequestType = (USB_DIR_OUT | USB_TYPE_CLASS | 413 USB_RECIP_INTERFACE); 414 req->bRequest = USB_CDC_SEND_ENCAPSULATED_COMMAND; 415 req->wValue = 0; 416 req->wIndex = desc->inum; /* already converted */ 417 req->wLength = cpu_to_le16(count); 418 set_bit(WDM_IN_USE, &desc->flags); 419 desc->outbuf = buf; 420 421 rv = usb_submit_urb(desc->command, GFP_KERNEL); 422 if (rv < 0) { 423 desc->outbuf = NULL; 424 clear_bit(WDM_IN_USE, &desc->flags); 425 dev_err(&desc->intf->dev, "Tx URB error: %d\n", rv); 426 rv = usb_translate_errors(rv); 427 goto out_free_mem_pm; 428 } else { 429 dev_dbg(&desc->intf->dev, "Tx URB has been submitted index=%d\n", 430 le16_to_cpu(req->wIndex)); 431 } 432 433 usb_autopm_put_interface(desc->intf); 434 mutex_unlock(&desc->wlock); 435 return count; 436 437 out_free_mem_pm: 438 usb_autopm_put_interface(desc->intf); 439 out_free_mem_lock: 440 mutex_unlock(&desc->wlock); 441 out_free_mem: 442 kfree(buf); 443 return rv; 444 } 445 446 /* 447 * Submit the read urb if resp_count is non-zero. 448 * 449 * Called with desc->iuspin locked 450 */ 451 static int service_outstanding_interrupt(struct wdm_device *desc) 452 { 453 int rv = 0; 454 455 /* submit read urb only if the device is waiting for it */ 456 if (!desc->resp_count || !--desc->resp_count) 457 goto out; 458 459 set_bit(WDM_RESPONDING, &desc->flags); 460 spin_unlock_irq(&desc->iuspin); 461 rv = usb_submit_urb(desc->response, GFP_KERNEL); 462 spin_lock_irq(&desc->iuspin); 463 if (rv) { 464 dev_err(&desc->intf->dev, 465 "usb_submit_urb failed with result %d\n", rv); 466 467 /* make sure the next notification trigger a submit */ 468 clear_bit(WDM_RESPONDING, &desc->flags); 469 desc->resp_count = 0; 470 } 471 out: 472 return rv; 473 } 474 475 static ssize_t wdm_read 476 (struct file *file, char __user *buffer, size_t count, loff_t *ppos) 477 { 478 int rv, cntr; 479 int i = 0; 480 struct wdm_device *desc = file->private_data; 481 482 483 rv = mutex_lock_interruptible(&desc->rlock); /*concurrent reads */ 484 if (rv < 0) 485 return -ERESTARTSYS; 486 487 cntr = READ_ONCE(desc->length); 488 if (cntr == 0) { 489 desc->read = 0; 490 retry: 491 if (test_bit(WDM_DISCONNECTING, &desc->flags)) { 492 rv = -ENODEV; 493 goto err; 494 } 495 if (test_bit(WDM_OVERFLOW, &desc->flags)) { 496 clear_bit(WDM_OVERFLOW, &desc->flags); 497 rv = -ENOBUFS; 498 goto err; 499 } 500 i++; 501 if (file->f_flags & O_NONBLOCK) { 502 if (!test_bit(WDM_READ, &desc->flags)) { 503 rv = -EAGAIN; 504 goto err; 505 } 506 rv = 0; 507 } else { 508 rv = wait_event_interruptible(desc->wait, 509 test_bit(WDM_READ, &desc->flags)); 510 } 511 512 /* may have happened while we slept */ 513 if (test_bit(WDM_DISCONNECTING, &desc->flags)) { 514 rv = -ENODEV; 515 goto err; 516 } 517 if (test_bit(WDM_RESETTING, &desc->flags)) { 518 rv = -EIO; 519 goto err; 520 } 521 usb_mark_last_busy(interface_to_usbdev(desc->intf)); 522 if (rv < 0) { 523 rv = -ERESTARTSYS; 524 goto err; 525 } 526 527 spin_lock_irq(&desc->iuspin); 528 529 if (desc->rerr) { /* read completed, error happened */ 530 rv = usb_translate_errors(desc->rerr); 531 desc->rerr = 0; 532 spin_unlock_irq(&desc->iuspin); 533 goto err; 534 } 535 /* 536 * recheck whether we've lost the race 537 * against the completion handler 538 */ 539 if (!test_bit(WDM_READ, &desc->flags)) { /* lost race */ 540 spin_unlock_irq(&desc->iuspin); 541 goto retry; 542 } 543 544 if (!desc->reslength) { /* zero length read */ 545 dev_dbg(&desc->intf->dev, "zero length - clearing WDM_READ\n"); 546 clear_bit(WDM_READ, &desc->flags); 547 rv = service_outstanding_interrupt(desc); 548 spin_unlock_irq(&desc->iuspin); 549 if (rv < 0) 550 goto err; 551 goto retry; 552 } 553 cntr = desc->length; 554 spin_unlock_irq(&desc->iuspin); 555 } 556 557 if (cntr > count) 558 cntr = count; 559 rv = copy_to_user(buffer, desc->ubuf, cntr); 560 if (rv > 0) { 561 rv = -EFAULT; 562 goto err; 563 } 564 565 spin_lock_irq(&desc->iuspin); 566 567 for (i = 0; i < desc->length - cntr; i++) 568 desc->ubuf[i] = desc->ubuf[i + cntr]; 569 570 desc->length -= cntr; 571 /* in case we had outstanding data */ 572 if (!desc->length) { 573 clear_bit(WDM_READ, &desc->flags); 574 service_outstanding_interrupt(desc); 575 } 576 spin_unlock_irq(&desc->iuspin); 577 rv = cntr; 578 579 err: 580 mutex_unlock(&desc->rlock); 581 return rv; 582 } 583 584 static int wdm_flush(struct file *file, fl_owner_t id) 585 { 586 struct wdm_device *desc = file->private_data; 587 588 wait_event(desc->wait, !test_bit(WDM_IN_USE, &desc->flags)); 589 590 /* cannot dereference desc->intf if WDM_DISCONNECTING */ 591 if (desc->werr < 0 && !test_bit(WDM_DISCONNECTING, &desc->flags)) 592 dev_err(&desc->intf->dev, "Error in flush path: %d\n", 593 desc->werr); 594 595 return usb_translate_errors(desc->werr); 596 } 597 598 static unsigned int wdm_poll(struct file *file, struct poll_table_struct *wait) 599 { 600 struct wdm_device *desc = file->private_data; 601 unsigned long flags; 602 unsigned int mask = 0; 603 604 spin_lock_irqsave(&desc->iuspin, flags); 605 if (test_bit(WDM_DISCONNECTING, &desc->flags)) { 606 mask = POLLHUP | POLLERR; 607 spin_unlock_irqrestore(&desc->iuspin, flags); 608 goto desc_out; 609 } 610 if (test_bit(WDM_READ, &desc->flags)) 611 mask = POLLIN | POLLRDNORM; 612 if (desc->rerr || desc->werr) 613 mask |= POLLERR; 614 if (!test_bit(WDM_IN_USE, &desc->flags)) 615 mask |= POLLOUT | POLLWRNORM; 616 spin_unlock_irqrestore(&desc->iuspin, flags); 617 618 poll_wait(file, &desc->wait, wait); 619 620 desc_out: 621 return mask; 622 } 623 624 static int wdm_open(struct inode *inode, struct file *file) 625 { 626 int minor = iminor(inode); 627 int rv = -ENODEV; 628 struct usb_interface *intf; 629 struct wdm_device *desc; 630 631 mutex_lock(&wdm_mutex); 632 desc = wdm_find_device_by_minor(minor); 633 if (!desc) 634 goto out; 635 636 intf = desc->intf; 637 if (test_bit(WDM_DISCONNECTING, &desc->flags)) 638 goto out; 639 file->private_data = desc; 640 641 rv = usb_autopm_get_interface(desc->intf); 642 if (rv < 0) { 643 dev_err(&desc->intf->dev, "Error autopm - %d\n", rv); 644 goto out; 645 } 646 647 /* using write lock to protect desc->count */ 648 mutex_lock(&desc->wlock); 649 if (!desc->count++) { 650 desc->werr = 0; 651 desc->rerr = 0; 652 rv = usb_submit_urb(desc->validity, GFP_KERNEL); 653 if (rv < 0) { 654 desc->count--; 655 dev_err(&desc->intf->dev, 656 "Error submitting int urb - %d\n", rv); 657 rv = usb_translate_errors(rv); 658 } 659 } else { 660 rv = 0; 661 } 662 mutex_unlock(&desc->wlock); 663 if (desc->count == 1) 664 desc->manage_power(intf, 1); 665 usb_autopm_put_interface(desc->intf); 666 out: 667 mutex_unlock(&wdm_mutex); 668 return rv; 669 } 670 671 static int wdm_release(struct inode *inode, struct file *file) 672 { 673 struct wdm_device *desc = file->private_data; 674 675 mutex_lock(&wdm_mutex); 676 677 /* using write lock to protect desc->count */ 678 mutex_lock(&desc->wlock); 679 desc->count--; 680 mutex_unlock(&desc->wlock); 681 682 if (!desc->count) { 683 if (!test_bit(WDM_DISCONNECTING, &desc->flags)) { 684 dev_dbg(&desc->intf->dev, "wdm_release: cleanup\n"); 685 kill_urbs(desc); 686 spin_lock_irq(&desc->iuspin); 687 desc->resp_count = 0; 688 spin_unlock_irq(&desc->iuspin); 689 desc->manage_power(desc->intf, 0); 690 } else { 691 /* must avoid dev_printk here as desc->intf is invalid */ 692 pr_debug(KBUILD_MODNAME " %s: device gone - cleaning up\n", __func__); 693 cleanup(desc); 694 } 695 } 696 mutex_unlock(&wdm_mutex); 697 return 0; 698 } 699 700 static long wdm_ioctl(struct file *file, unsigned int cmd, unsigned long arg) 701 { 702 struct wdm_device *desc = file->private_data; 703 int rv = 0; 704 705 switch (cmd) { 706 case IOCTL_WDM_MAX_COMMAND: 707 if (copy_to_user((void __user *)arg, &desc->wMaxCommand, sizeof(desc->wMaxCommand))) 708 rv = -EFAULT; 709 break; 710 default: 711 rv = -ENOTTY; 712 } 713 return rv; 714 } 715 716 static const struct file_operations wdm_fops = { 717 .owner = THIS_MODULE, 718 .read = wdm_read, 719 .write = wdm_write, 720 .open = wdm_open, 721 .flush = wdm_flush, 722 .release = wdm_release, 723 .poll = wdm_poll, 724 .unlocked_ioctl = wdm_ioctl, 725 .compat_ioctl = wdm_ioctl, 726 .llseek = noop_llseek, 727 }; 728 729 static struct usb_class_driver wdm_class = { 730 .name = "cdc-wdm%d", 731 .fops = &wdm_fops, 732 .minor_base = WDM_MINOR_BASE, 733 }; 734 735 /* --- error handling --- */ 736 static void wdm_rxwork(struct work_struct *work) 737 { 738 struct wdm_device *desc = container_of(work, struct wdm_device, rxwork); 739 unsigned long flags; 740 int rv = 0; 741 int responding; 742 743 spin_lock_irqsave(&desc->iuspin, flags); 744 if (test_bit(WDM_DISCONNECTING, &desc->flags)) { 745 spin_unlock_irqrestore(&desc->iuspin, flags); 746 } else { 747 responding = test_and_set_bit(WDM_RESPONDING, &desc->flags); 748 spin_unlock_irqrestore(&desc->iuspin, flags); 749 if (!responding) 750 rv = usb_submit_urb(desc->response, GFP_KERNEL); 751 if (rv < 0 && rv != -EPERM) { 752 spin_lock_irqsave(&desc->iuspin, flags); 753 clear_bit(WDM_RESPONDING, &desc->flags); 754 if (!test_bit(WDM_DISCONNECTING, &desc->flags)) 755 schedule_work(&desc->rxwork); 756 spin_unlock_irqrestore(&desc->iuspin, flags); 757 } 758 } 759 } 760 761 /* --- hotplug --- */ 762 763 static int wdm_create(struct usb_interface *intf, struct usb_endpoint_descriptor *ep, 764 u16 bufsize, int (*manage_power)(struct usb_interface *, int)) 765 { 766 int rv = -ENOMEM; 767 struct wdm_device *desc; 768 769 desc = kzalloc(sizeof(struct wdm_device), GFP_KERNEL); 770 if (!desc) 771 goto out; 772 INIT_LIST_HEAD(&desc->device_list); 773 mutex_init(&desc->rlock); 774 mutex_init(&desc->wlock); 775 spin_lock_init(&desc->iuspin); 776 init_waitqueue_head(&desc->wait); 777 desc->wMaxCommand = bufsize; 778 /* this will be expanded and needed in hardware endianness */ 779 desc->inum = cpu_to_le16((u16)intf->cur_altsetting->desc.bInterfaceNumber); 780 desc->intf = intf; 781 INIT_WORK(&desc->rxwork, wdm_rxwork); 782 783 rv = -EINVAL; 784 if (!usb_endpoint_is_int_in(ep)) 785 goto err; 786 787 desc->wMaxPacketSize = usb_endpoint_maxp(ep); 788 789 desc->orq = kmalloc(sizeof(struct usb_ctrlrequest), GFP_KERNEL); 790 if (!desc->orq) 791 goto err; 792 desc->irq = kmalloc(sizeof(struct usb_ctrlrequest), GFP_KERNEL); 793 if (!desc->irq) 794 goto err; 795 796 desc->validity = usb_alloc_urb(0, GFP_KERNEL); 797 if (!desc->validity) 798 goto err; 799 800 desc->response = usb_alloc_urb(0, GFP_KERNEL); 801 if (!desc->response) 802 goto err; 803 804 desc->command = usb_alloc_urb(0, GFP_KERNEL); 805 if (!desc->command) 806 goto err; 807 808 desc->ubuf = kmalloc(desc->wMaxCommand, GFP_KERNEL); 809 if (!desc->ubuf) 810 goto err; 811 812 desc->sbuf = kmalloc(desc->wMaxPacketSize, GFP_KERNEL); 813 if (!desc->sbuf) 814 goto err; 815 816 desc->inbuf = kmalloc(desc->wMaxCommand, GFP_KERNEL); 817 if (!desc->inbuf) 818 goto err; 819 820 usb_fill_int_urb( 821 desc->validity, 822 interface_to_usbdev(intf), 823 usb_rcvintpipe(interface_to_usbdev(intf), ep->bEndpointAddress), 824 desc->sbuf, 825 desc->wMaxPacketSize, 826 wdm_int_callback, 827 desc, 828 ep->bInterval 829 ); 830 831 desc->irq->bRequestType = (USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_INTERFACE); 832 desc->irq->bRequest = USB_CDC_GET_ENCAPSULATED_RESPONSE; 833 desc->irq->wValue = 0; 834 desc->irq->wIndex = desc->inum; /* already converted */ 835 desc->irq->wLength = cpu_to_le16(desc->wMaxCommand); 836 837 usb_fill_control_urb( 838 desc->response, 839 interface_to_usbdev(intf), 840 /* using common endpoint 0 */ 841 usb_rcvctrlpipe(interface_to_usbdev(desc->intf), 0), 842 (unsigned char *)desc->irq, 843 desc->inbuf, 844 desc->wMaxCommand, 845 wdm_in_callback, 846 desc 847 ); 848 849 desc->manage_power = manage_power; 850 851 spin_lock(&wdm_device_list_lock); 852 list_add(&desc->device_list, &wdm_device_list); 853 spin_unlock(&wdm_device_list_lock); 854 855 rv = usb_register_dev(intf, &wdm_class); 856 if (rv < 0) 857 goto err; 858 else 859 dev_info(&intf->dev, "%s: USB WDM device\n", dev_name(intf->usb_dev)); 860 out: 861 return rv; 862 err: 863 spin_lock(&wdm_device_list_lock); 864 list_del(&desc->device_list); 865 spin_unlock(&wdm_device_list_lock); 866 cleanup(desc); 867 return rv; 868 } 869 870 static int wdm_manage_power(struct usb_interface *intf, int on) 871 { 872 /* need autopm_get/put here to ensure the usbcore sees the new value */ 873 int rv = usb_autopm_get_interface(intf); 874 875 intf->needs_remote_wakeup = on; 876 if (!rv) 877 usb_autopm_put_interface(intf); 878 return 0; 879 } 880 881 static int wdm_probe(struct usb_interface *intf, const struct usb_device_id *id) 882 { 883 int rv = -EINVAL; 884 struct usb_host_interface *iface; 885 struct usb_endpoint_descriptor *ep; 886 struct usb_cdc_parsed_header hdr; 887 u8 *buffer = intf->altsetting->extra; 888 int buflen = intf->altsetting->extralen; 889 u16 maxcom = WDM_DEFAULT_BUFSIZE; 890 891 if (!buffer) 892 goto err; 893 894 cdc_parse_cdc_header(&hdr, intf, buffer, buflen); 895 896 if (hdr.usb_cdc_dmm_desc) 897 maxcom = le16_to_cpu(hdr.usb_cdc_dmm_desc->wMaxCommand); 898 899 iface = intf->cur_altsetting; 900 if (iface->desc.bNumEndpoints != 1) 901 goto err; 902 ep = &iface->endpoint[0].desc; 903 904 rv = wdm_create(intf, ep, maxcom, &wdm_manage_power); 905 906 err: 907 return rv; 908 } 909 910 /** 911 * usb_cdc_wdm_register - register a WDM subdriver 912 * @intf: usb interface the subdriver will associate with 913 * @ep: interrupt endpoint to monitor for notifications 914 * @bufsize: maximum message size to support for read/write 915 * 916 * Create WDM usb class character device and associate it with intf 917 * without binding, allowing another driver to manage the interface. 918 * 919 * The subdriver will manage the given interrupt endpoint exclusively 920 * and will issue control requests referring to the given intf. It 921 * will otherwise avoid interferring, and in particular not do 922 * usb_set_intfdata/usb_get_intfdata on intf. 923 * 924 * The return value is a pointer to the subdriver's struct usb_driver. 925 * The registering driver is responsible for calling this subdriver's 926 * disconnect, suspend, resume, pre_reset and post_reset methods from 927 * its own. 928 */ 929 struct usb_driver *usb_cdc_wdm_register(struct usb_interface *intf, 930 struct usb_endpoint_descriptor *ep, 931 int bufsize, 932 int (*manage_power)(struct usb_interface *, int)) 933 { 934 int rv = -EINVAL; 935 936 rv = wdm_create(intf, ep, bufsize, manage_power); 937 if (rv < 0) 938 goto err; 939 940 return &wdm_driver; 941 err: 942 return ERR_PTR(rv); 943 } 944 EXPORT_SYMBOL(usb_cdc_wdm_register); 945 946 static void wdm_disconnect(struct usb_interface *intf) 947 { 948 struct wdm_device *desc; 949 unsigned long flags; 950 951 usb_deregister_dev(intf, &wdm_class); 952 desc = wdm_find_device(intf); 953 mutex_lock(&wdm_mutex); 954 955 /* the spinlock makes sure no new urbs are generated in the callbacks */ 956 spin_lock_irqsave(&desc->iuspin, flags); 957 set_bit(WDM_DISCONNECTING, &desc->flags); 958 set_bit(WDM_READ, &desc->flags); 959 /* to terminate pending flushes */ 960 clear_bit(WDM_IN_USE, &desc->flags); 961 spin_unlock_irqrestore(&desc->iuspin, flags); 962 wake_up_all(&desc->wait); 963 mutex_lock(&desc->rlock); 964 mutex_lock(&desc->wlock); 965 kill_urbs(desc); 966 cancel_work_sync(&desc->rxwork); 967 mutex_unlock(&desc->wlock); 968 mutex_unlock(&desc->rlock); 969 970 /* the desc->intf pointer used as list key is now invalid */ 971 spin_lock(&wdm_device_list_lock); 972 list_del(&desc->device_list); 973 spin_unlock(&wdm_device_list_lock); 974 975 if (!desc->count) 976 cleanup(desc); 977 else 978 dev_dbg(&intf->dev, "%d open files - postponing cleanup\n", desc->count); 979 mutex_unlock(&wdm_mutex); 980 } 981 982 #ifdef CONFIG_PM 983 static int wdm_suspend(struct usb_interface *intf, pm_message_t message) 984 { 985 struct wdm_device *desc = wdm_find_device(intf); 986 int rv = 0; 987 988 dev_dbg(&desc->intf->dev, "wdm%d_suspend\n", intf->minor); 989 990 /* if this is an autosuspend the caller does the locking */ 991 if (!PMSG_IS_AUTO(message)) { 992 mutex_lock(&desc->rlock); 993 mutex_lock(&desc->wlock); 994 } 995 spin_lock_irq(&desc->iuspin); 996 997 if (PMSG_IS_AUTO(message) && 998 (test_bit(WDM_IN_USE, &desc->flags) 999 || test_bit(WDM_RESPONDING, &desc->flags))) { 1000 spin_unlock_irq(&desc->iuspin); 1001 rv = -EBUSY; 1002 } else { 1003 1004 set_bit(WDM_SUSPENDING, &desc->flags); 1005 spin_unlock_irq(&desc->iuspin); 1006 /* callback submits work - order is essential */ 1007 kill_urbs(desc); 1008 cancel_work_sync(&desc->rxwork); 1009 } 1010 if (!PMSG_IS_AUTO(message)) { 1011 mutex_unlock(&desc->wlock); 1012 mutex_unlock(&desc->rlock); 1013 } 1014 1015 return rv; 1016 } 1017 #endif 1018 1019 static int recover_from_urb_loss(struct wdm_device *desc) 1020 { 1021 int rv = 0; 1022 1023 if (desc->count) { 1024 rv = usb_submit_urb(desc->validity, GFP_NOIO); 1025 if (rv < 0) 1026 dev_err(&desc->intf->dev, 1027 "Error resume submitting int urb - %d\n", rv); 1028 } 1029 return rv; 1030 } 1031 1032 #ifdef CONFIG_PM 1033 static int wdm_resume(struct usb_interface *intf) 1034 { 1035 struct wdm_device *desc = wdm_find_device(intf); 1036 int rv; 1037 1038 dev_dbg(&desc->intf->dev, "wdm%d_resume\n", intf->minor); 1039 1040 clear_bit(WDM_SUSPENDING, &desc->flags); 1041 rv = recover_from_urb_loss(desc); 1042 1043 return rv; 1044 } 1045 #endif 1046 1047 static int wdm_pre_reset(struct usb_interface *intf) 1048 { 1049 struct wdm_device *desc = wdm_find_device(intf); 1050 1051 /* 1052 * we notify everybody using poll of 1053 * an exceptional situation 1054 * must be done before recovery lest a spontaneous 1055 * message from the device is lost 1056 */ 1057 spin_lock_irq(&desc->iuspin); 1058 set_bit(WDM_RESETTING, &desc->flags); /* inform read/write */ 1059 set_bit(WDM_READ, &desc->flags); /* unblock read */ 1060 clear_bit(WDM_IN_USE, &desc->flags); /* unblock write */ 1061 desc->rerr = -EINTR; 1062 spin_unlock_irq(&desc->iuspin); 1063 wake_up_all(&desc->wait); 1064 mutex_lock(&desc->rlock); 1065 mutex_lock(&desc->wlock); 1066 kill_urbs(desc); 1067 cancel_work_sync(&desc->rxwork); 1068 return 0; 1069 } 1070 1071 static int wdm_post_reset(struct usb_interface *intf) 1072 { 1073 struct wdm_device *desc = wdm_find_device(intf); 1074 int rv; 1075 1076 clear_bit(WDM_OVERFLOW, &desc->flags); 1077 clear_bit(WDM_RESETTING, &desc->flags); 1078 rv = recover_from_urb_loss(desc); 1079 mutex_unlock(&desc->wlock); 1080 mutex_unlock(&desc->rlock); 1081 return 0; 1082 } 1083 1084 static struct usb_driver wdm_driver = { 1085 .name = "cdc_wdm", 1086 .probe = wdm_probe, 1087 .disconnect = wdm_disconnect, 1088 #ifdef CONFIG_PM 1089 .suspend = wdm_suspend, 1090 .resume = wdm_resume, 1091 .reset_resume = wdm_resume, 1092 #endif 1093 .pre_reset = wdm_pre_reset, 1094 .post_reset = wdm_post_reset, 1095 .id_table = wdm_ids, 1096 .supports_autosuspend = 1, 1097 .disable_hub_initiated_lpm = 1, 1098 }; 1099 1100 module_usb_driver(wdm_driver); 1101 1102 MODULE_AUTHOR(DRIVER_AUTHOR); 1103 MODULE_DESCRIPTION(DRIVER_DESC); 1104 MODULE_LICENSE("GPL"); 1105