1 // SPDX-License-Identifier: GPL-2.0+ 2 /* 3 * drivers/usb/class/usbtmc.c - USB Test & Measurement class driver 4 * 5 * Copyright (C) 2007 Stefan Kopp, Gechingen, Germany 6 * Copyright (C) 2008 Novell, Inc. 7 * Copyright (C) 2008 Greg Kroah-Hartman <gregkh@suse.de> 8 * Copyright (C) 2018 IVI Foundation, Inc. 9 */ 10 11 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt 12 13 #include <linux/module.h> 14 #include <linux/kernel.h> 15 #include <linux/fs.h> 16 #include <linux/uaccess.h> 17 #include <linux/kref.h> 18 #include <linux/slab.h> 19 #include <linux/poll.h> 20 #include <linux/mutex.h> 21 #include <linux/usb.h> 22 #include <linux/compat.h> 23 #include <linux/usb/tmc.h> 24 25 /* Increment API VERSION when changing tmc.h with new flags or ioctls 26 * or when changing a significant behavior of the driver. 27 */ 28 #define USBTMC_API_VERSION (3) 29 30 #define USBTMC_HEADER_SIZE 12 31 #define USBTMC_MINOR_BASE 176 32 33 /* Minimum USB timeout (in milliseconds) */ 34 #define USBTMC_MIN_TIMEOUT 100 35 /* Default USB timeout (in milliseconds) */ 36 #define USBTMC_TIMEOUT 5000 37 38 /* Max number of urbs used in write transfers */ 39 #define MAX_URBS_IN_FLIGHT 16 40 /* I/O buffer size used in generic read/write functions */ 41 #define USBTMC_BUFSIZE (4096) 42 43 /* 44 * Maximum number of read cycles to empty bulk in endpoint during CLEAR and 45 * ABORT_BULK_IN requests. Ends the loop if (for whatever reason) a short 46 * packet is never read. 47 */ 48 #define USBTMC_MAX_READS_TO_CLEAR_BULK_IN 100 49 50 static const struct usb_device_id usbtmc_devices[] = { 51 { USB_INTERFACE_INFO(USB_CLASS_APP_SPEC, 3, 0), }, 52 { USB_INTERFACE_INFO(USB_CLASS_APP_SPEC, 3, 1), }, 53 { 0, } /* terminating entry */ 54 }; 55 MODULE_DEVICE_TABLE(usb, usbtmc_devices); 56 57 /* 58 * This structure is the capabilities for the device 59 * See section 4.2.1.8 of the USBTMC specification, 60 * and section 4.2.2 of the USBTMC usb488 subclass 61 * specification for details. 62 */ 63 struct usbtmc_dev_capabilities { 64 __u8 interface_capabilities; 65 __u8 device_capabilities; 66 __u8 usb488_interface_capabilities; 67 __u8 usb488_device_capabilities; 68 }; 69 70 /* This structure holds private data for each USBTMC device. One copy is 71 * allocated for each USBTMC device in the driver's probe function. 72 */ 73 struct usbtmc_device_data { 74 const struct usb_device_id *id; 75 struct usb_device *usb_dev; 76 struct usb_interface *intf; 77 struct list_head file_list; 78 79 unsigned int bulk_in; 80 unsigned int bulk_out; 81 82 u8 bTag; 83 u8 bTag_last_write; /* needed for abort */ 84 u8 bTag_last_read; /* needed for abort */ 85 86 /* packet size of IN bulk */ 87 u16 wMaxPacketSize; 88 89 /* data for interrupt in endpoint handling */ 90 u8 bNotify1; 91 u8 bNotify2; 92 u16 ifnum; 93 u8 iin_bTag; 94 u8 *iin_buffer; 95 atomic_t iin_data_valid; 96 unsigned int iin_ep; 97 int iin_ep_present; 98 int iin_interval; 99 struct urb *iin_urb; 100 u16 iin_wMaxPacketSize; 101 102 /* coalesced usb488_caps from usbtmc_dev_capabilities */ 103 __u8 usb488_caps; 104 105 bool zombie; /* fd of disconnected device */ 106 107 struct usbtmc_dev_capabilities capabilities; 108 struct kref kref; 109 struct mutex io_mutex; /* only one i/o function running at a time */ 110 wait_queue_head_t waitq; 111 struct fasync_struct *fasync; 112 spinlock_t dev_lock; /* lock for file_list */ 113 }; 114 #define to_usbtmc_data(d) container_of(d, struct usbtmc_device_data, kref) 115 116 /* 117 * This structure holds private data for each USBTMC file handle. 118 */ 119 struct usbtmc_file_data { 120 struct usbtmc_device_data *data; 121 struct list_head file_elem; 122 123 u32 timeout; 124 u8 srq_byte; 125 atomic_t srq_asserted; 126 atomic_t closing; 127 u8 bmTransferAttributes; /* member of DEV_DEP_MSG_IN */ 128 129 u8 eom_val; 130 u8 term_char; 131 bool term_char_enabled; 132 bool auto_abort; 133 134 spinlock_t err_lock; /* lock for errors */ 135 136 struct usb_anchor submitted; 137 138 /* data for generic_write */ 139 struct semaphore limit_write_sem; 140 u32 out_transfer_size; 141 int out_status; 142 143 /* data for generic_read */ 144 u32 in_transfer_size; 145 int in_status; 146 int in_urbs_used; 147 struct usb_anchor in_anchor; 148 wait_queue_head_t wait_bulk_in; 149 }; 150 151 /* Forward declarations */ 152 static struct usb_driver usbtmc_driver; 153 static void usbtmc_draw_down(struct usbtmc_file_data *file_data); 154 155 static void usbtmc_delete(struct kref *kref) 156 { 157 struct usbtmc_device_data *data = to_usbtmc_data(kref); 158 159 usb_put_dev(data->usb_dev); 160 kfree(data); 161 } 162 163 static int usbtmc_open(struct inode *inode, struct file *filp) 164 { 165 struct usb_interface *intf; 166 struct usbtmc_device_data *data; 167 struct usbtmc_file_data *file_data; 168 169 intf = usb_find_interface(&usbtmc_driver, iminor(inode)); 170 if (!intf) { 171 pr_err("can not find device for minor %d", iminor(inode)); 172 return -ENODEV; 173 } 174 175 file_data = kzalloc(sizeof(*file_data), GFP_KERNEL); 176 if (!file_data) 177 return -ENOMEM; 178 179 spin_lock_init(&file_data->err_lock); 180 sema_init(&file_data->limit_write_sem, MAX_URBS_IN_FLIGHT); 181 init_usb_anchor(&file_data->submitted); 182 init_usb_anchor(&file_data->in_anchor); 183 init_waitqueue_head(&file_data->wait_bulk_in); 184 185 data = usb_get_intfdata(intf); 186 /* Protect reference to data from file structure until release */ 187 kref_get(&data->kref); 188 189 mutex_lock(&data->io_mutex); 190 file_data->data = data; 191 192 atomic_set(&file_data->closing, 0); 193 194 file_data->timeout = USBTMC_TIMEOUT; 195 file_data->term_char = '\n'; 196 file_data->term_char_enabled = 0; 197 file_data->auto_abort = 0; 198 file_data->eom_val = 1; 199 200 INIT_LIST_HEAD(&file_data->file_elem); 201 spin_lock_irq(&data->dev_lock); 202 list_add_tail(&file_data->file_elem, &data->file_list); 203 spin_unlock_irq(&data->dev_lock); 204 mutex_unlock(&data->io_mutex); 205 206 /* Store pointer in file structure's private data field */ 207 filp->private_data = file_data; 208 209 return 0; 210 } 211 212 /* 213 * usbtmc_flush - called before file handle is closed 214 */ 215 static int usbtmc_flush(struct file *file, fl_owner_t id) 216 { 217 struct usbtmc_file_data *file_data; 218 struct usbtmc_device_data *data; 219 220 file_data = file->private_data; 221 if (file_data == NULL) 222 return -ENODEV; 223 224 atomic_set(&file_data->closing, 1); 225 data = file_data->data; 226 227 /* wait for io to stop */ 228 mutex_lock(&data->io_mutex); 229 230 usbtmc_draw_down(file_data); 231 232 spin_lock_irq(&file_data->err_lock); 233 file_data->in_status = 0; 234 file_data->in_transfer_size = 0; 235 file_data->in_urbs_used = 0; 236 file_data->out_status = 0; 237 file_data->out_transfer_size = 0; 238 spin_unlock_irq(&file_data->err_lock); 239 240 wake_up_interruptible_all(&data->waitq); 241 mutex_unlock(&data->io_mutex); 242 243 return 0; 244 } 245 246 static int usbtmc_release(struct inode *inode, struct file *file) 247 { 248 struct usbtmc_file_data *file_data = file->private_data; 249 250 /* prevent IO _AND_ usbtmc_interrupt */ 251 mutex_lock(&file_data->data->io_mutex); 252 spin_lock_irq(&file_data->data->dev_lock); 253 254 list_del(&file_data->file_elem); 255 256 spin_unlock_irq(&file_data->data->dev_lock); 257 mutex_unlock(&file_data->data->io_mutex); 258 259 kref_put(&file_data->data->kref, usbtmc_delete); 260 file_data->data = NULL; 261 kfree(file_data); 262 return 0; 263 } 264 265 static int usbtmc_ioctl_abort_bulk_in_tag(struct usbtmc_device_data *data, 266 u8 tag) 267 { 268 u8 *buffer; 269 struct device *dev; 270 int rv; 271 int n; 272 int actual; 273 274 dev = &data->intf->dev; 275 buffer = kmalloc(USBTMC_BUFSIZE, GFP_KERNEL); 276 if (!buffer) 277 return -ENOMEM; 278 279 rv = usb_control_msg(data->usb_dev, 280 usb_rcvctrlpipe(data->usb_dev, 0), 281 USBTMC_REQUEST_INITIATE_ABORT_BULK_IN, 282 USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_ENDPOINT, 283 tag, data->bulk_in, 284 buffer, 2, USB_CTRL_GET_TIMEOUT); 285 286 if (rv < 0) { 287 dev_err(dev, "usb_control_msg returned %d\n", rv); 288 goto exit; 289 } 290 291 dev_dbg(dev, "INITIATE_ABORT_BULK_IN returned %x with tag %02x\n", 292 buffer[0], buffer[1]); 293 294 if (buffer[0] == USBTMC_STATUS_FAILED) { 295 /* No transfer in progress and the Bulk-OUT FIFO is empty. */ 296 rv = 0; 297 goto exit; 298 } 299 300 if (buffer[0] == USBTMC_STATUS_TRANSFER_NOT_IN_PROGRESS) { 301 /* The device returns this status if either: 302 * - There is a transfer in progress, but the specified bTag 303 * does not match. 304 * - There is no transfer in progress, but the Bulk-OUT FIFO 305 * is not empty. 306 */ 307 rv = -ENOMSG; 308 goto exit; 309 } 310 311 if (buffer[0] != USBTMC_STATUS_SUCCESS) { 312 dev_err(dev, "INITIATE_ABORT_BULK_IN returned %x\n", 313 buffer[0]); 314 rv = -EPERM; 315 goto exit; 316 } 317 318 n = 0; 319 320 usbtmc_abort_bulk_in_status: 321 dev_dbg(dev, "Reading from bulk in EP\n"); 322 323 /* Data must be present. So use low timeout 300 ms */ 324 actual = 0; 325 rv = usb_bulk_msg(data->usb_dev, 326 usb_rcvbulkpipe(data->usb_dev, 327 data->bulk_in), 328 buffer, USBTMC_BUFSIZE, 329 &actual, 300); 330 331 print_hex_dump_debug("usbtmc ", DUMP_PREFIX_NONE, 16, 1, 332 buffer, actual, true); 333 334 n++; 335 336 if (rv < 0) { 337 dev_err(dev, "usb_bulk_msg returned %d\n", rv); 338 if (rv != -ETIMEDOUT) 339 goto exit; 340 } 341 342 if (actual == USBTMC_BUFSIZE) 343 goto usbtmc_abort_bulk_in_status; 344 345 if (n >= USBTMC_MAX_READS_TO_CLEAR_BULK_IN) { 346 dev_err(dev, "Couldn't clear device buffer within %d cycles\n", 347 USBTMC_MAX_READS_TO_CLEAR_BULK_IN); 348 rv = -EPERM; 349 goto exit; 350 } 351 352 rv = usb_control_msg(data->usb_dev, 353 usb_rcvctrlpipe(data->usb_dev, 0), 354 USBTMC_REQUEST_CHECK_ABORT_BULK_IN_STATUS, 355 USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_ENDPOINT, 356 0, data->bulk_in, buffer, 0x08, 357 USB_CTRL_GET_TIMEOUT); 358 359 if (rv < 0) { 360 dev_err(dev, "usb_control_msg returned %d\n", rv); 361 goto exit; 362 } 363 364 dev_dbg(dev, "CHECK_ABORT_BULK_IN returned %x\n", buffer[0]); 365 366 if (buffer[0] == USBTMC_STATUS_SUCCESS) { 367 rv = 0; 368 goto exit; 369 } 370 371 if (buffer[0] != USBTMC_STATUS_PENDING) { 372 dev_err(dev, "CHECK_ABORT_BULK_IN returned %x\n", buffer[0]); 373 rv = -EPERM; 374 goto exit; 375 } 376 377 if ((buffer[1] & 1) > 0) { 378 /* The device has 1 or more queued packets the Host can read */ 379 goto usbtmc_abort_bulk_in_status; 380 } 381 382 /* The Host must send CHECK_ABORT_BULK_IN_STATUS at a later time. */ 383 rv = -EAGAIN; 384 exit: 385 kfree(buffer); 386 return rv; 387 } 388 389 static int usbtmc_ioctl_abort_bulk_in(struct usbtmc_device_data *data) 390 { 391 return usbtmc_ioctl_abort_bulk_in_tag(data, data->bTag_last_read); 392 } 393 394 static int usbtmc_ioctl_abort_bulk_out_tag(struct usbtmc_device_data *data, 395 u8 tag) 396 { 397 struct device *dev; 398 u8 *buffer; 399 int rv; 400 int n; 401 402 dev = &data->intf->dev; 403 404 buffer = kmalloc(8, GFP_KERNEL); 405 if (!buffer) 406 return -ENOMEM; 407 408 rv = usb_control_msg(data->usb_dev, 409 usb_rcvctrlpipe(data->usb_dev, 0), 410 USBTMC_REQUEST_INITIATE_ABORT_BULK_OUT, 411 USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_ENDPOINT, 412 tag, data->bulk_out, 413 buffer, 2, USB_CTRL_GET_TIMEOUT); 414 415 if (rv < 0) { 416 dev_err(dev, "usb_control_msg returned %d\n", rv); 417 goto exit; 418 } 419 420 dev_dbg(dev, "INITIATE_ABORT_BULK_OUT returned %x\n", buffer[0]); 421 422 if (buffer[0] != USBTMC_STATUS_SUCCESS) { 423 dev_err(dev, "INITIATE_ABORT_BULK_OUT returned %x\n", 424 buffer[0]); 425 rv = -EPERM; 426 goto exit; 427 } 428 429 n = 0; 430 431 usbtmc_abort_bulk_out_check_status: 432 /* do not stress device with subsequent requests */ 433 msleep(50); 434 rv = usb_control_msg(data->usb_dev, 435 usb_rcvctrlpipe(data->usb_dev, 0), 436 USBTMC_REQUEST_CHECK_ABORT_BULK_OUT_STATUS, 437 USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_ENDPOINT, 438 0, data->bulk_out, buffer, 0x08, 439 USB_CTRL_GET_TIMEOUT); 440 n++; 441 if (rv < 0) { 442 dev_err(dev, "usb_control_msg returned %d\n", rv); 443 goto exit; 444 } 445 446 dev_dbg(dev, "CHECK_ABORT_BULK_OUT returned %x\n", buffer[0]); 447 448 if (buffer[0] == USBTMC_STATUS_SUCCESS) 449 goto usbtmc_abort_bulk_out_clear_halt; 450 451 if ((buffer[0] == USBTMC_STATUS_PENDING) && 452 (n < USBTMC_MAX_READS_TO_CLEAR_BULK_IN)) 453 goto usbtmc_abort_bulk_out_check_status; 454 455 rv = -EPERM; 456 goto exit; 457 458 usbtmc_abort_bulk_out_clear_halt: 459 rv = usb_clear_halt(data->usb_dev, 460 usb_sndbulkpipe(data->usb_dev, data->bulk_out)); 461 462 if (rv < 0) { 463 dev_err(dev, "usb_control_msg returned %d\n", rv); 464 goto exit; 465 } 466 rv = 0; 467 468 exit: 469 kfree(buffer); 470 return rv; 471 } 472 473 static int usbtmc_ioctl_abort_bulk_out(struct usbtmc_device_data *data) 474 { 475 return usbtmc_ioctl_abort_bulk_out_tag(data, data->bTag_last_write); 476 } 477 478 static int usbtmc_get_stb(struct usbtmc_file_data *file_data, __u8 *stb) 479 { 480 struct usbtmc_device_data *data = file_data->data; 481 struct device *dev = &data->intf->dev; 482 u8 *buffer; 483 u8 tag; 484 int rv; 485 long wait_rv; 486 487 dev_dbg(dev, "Enter ioctl_read_stb iin_ep_present: %d\n", 488 data->iin_ep_present); 489 490 buffer = kmalloc(8, GFP_KERNEL); 491 if (!buffer) 492 return -ENOMEM; 493 494 atomic_set(&data->iin_data_valid, 0); 495 496 rv = usb_control_msg(data->usb_dev, 497 usb_rcvctrlpipe(data->usb_dev, 0), 498 USBTMC488_REQUEST_READ_STATUS_BYTE, 499 USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_INTERFACE, 500 data->iin_bTag, 501 data->ifnum, 502 buffer, 0x03, USB_CTRL_GET_TIMEOUT); 503 if (rv < 0) { 504 dev_err(dev, "stb usb_control_msg returned %d\n", rv); 505 goto exit; 506 } 507 508 if (buffer[0] != USBTMC_STATUS_SUCCESS) { 509 dev_err(dev, "control status returned %x\n", buffer[0]); 510 rv = -EIO; 511 goto exit; 512 } 513 514 if (data->iin_ep_present) { 515 wait_rv = wait_event_interruptible_timeout( 516 data->waitq, 517 atomic_read(&data->iin_data_valid) != 0, 518 file_data->timeout); 519 if (wait_rv < 0) { 520 dev_dbg(dev, "wait interrupted %ld\n", wait_rv); 521 rv = wait_rv; 522 goto exit; 523 } 524 525 if (wait_rv == 0) { 526 dev_dbg(dev, "wait timed out\n"); 527 rv = -ETIMEDOUT; 528 goto exit; 529 } 530 531 tag = data->bNotify1 & 0x7f; 532 if (tag != data->iin_bTag) { 533 dev_err(dev, "expected bTag %x got %x\n", 534 data->iin_bTag, tag); 535 } 536 537 *stb = data->bNotify2; 538 } else { 539 *stb = buffer[2]; 540 } 541 542 dev_dbg(dev, "stb:0x%02x received %d\n", (unsigned int)*stb, rv); 543 544 rv = 0; 545 546 exit: 547 /* bump interrupt bTag */ 548 data->iin_bTag += 1; 549 if (data->iin_bTag > 127) 550 /* 1 is for SRQ see USBTMC-USB488 subclass spec section 4.3.1 */ 551 data->iin_bTag = 2; 552 553 kfree(buffer); 554 return rv; 555 } 556 557 static int usbtmc488_ioctl_read_stb(struct usbtmc_file_data *file_data, 558 void __user *arg) 559 { 560 int srq_asserted = 0; 561 __u8 stb; 562 int rv; 563 564 rv = usbtmc_get_stb(file_data, &stb); 565 566 if (rv > 0) { 567 srq_asserted = atomic_xchg(&file_data->srq_asserted, 568 srq_asserted); 569 if (srq_asserted) 570 stb |= 0x40; /* Set RQS bit */ 571 572 rv = put_user(stb, (__u8 __user *)arg); 573 } 574 return rv; 575 576 } 577 578 static int usbtmc_ioctl_get_srq_stb(struct usbtmc_file_data *file_data, 579 void __user *arg) 580 { 581 struct usbtmc_device_data *data = file_data->data; 582 struct device *dev = &data->intf->dev; 583 int srq_asserted = 0; 584 __u8 stb = 0; 585 int rv; 586 587 spin_lock_irq(&data->dev_lock); 588 srq_asserted = atomic_xchg(&file_data->srq_asserted, srq_asserted); 589 590 if (srq_asserted) { 591 stb = file_data->srq_byte; 592 spin_unlock_irq(&data->dev_lock); 593 rv = put_user(stb, (__u8 __user *)arg); 594 } else { 595 spin_unlock_irq(&data->dev_lock); 596 rv = -ENOMSG; 597 } 598 599 dev_dbg(dev, "stb:0x%02x with srq received %d\n", (unsigned int)stb, rv); 600 601 return rv; 602 } 603 604 static int usbtmc488_ioctl_wait_srq(struct usbtmc_file_data *file_data, 605 __u32 __user *arg) 606 { 607 struct usbtmc_device_data *data = file_data->data; 608 struct device *dev = &data->intf->dev; 609 u32 timeout; 610 unsigned long expire; 611 long wait_rv; 612 613 if (!data->iin_ep_present) { 614 dev_dbg(dev, "no interrupt endpoint present\n"); 615 return -EFAULT; 616 } 617 618 if (get_user(timeout, arg)) 619 return -EFAULT; 620 621 expire = msecs_to_jiffies(timeout); 622 623 mutex_unlock(&data->io_mutex); 624 625 wait_rv = wait_event_interruptible_timeout( 626 data->waitq, 627 atomic_read(&file_data->srq_asserted) != 0 || 628 atomic_read(&file_data->closing), 629 expire); 630 631 mutex_lock(&data->io_mutex); 632 633 /* Note! disconnect or close could be called in the meantime */ 634 if (atomic_read(&file_data->closing) || data->zombie) 635 return -ENODEV; 636 637 if (wait_rv < 0) { 638 dev_dbg(dev, "%s - wait interrupted %ld\n", __func__, wait_rv); 639 return wait_rv; 640 } 641 642 if (wait_rv == 0) { 643 dev_dbg(dev, "%s - wait timed out\n", __func__); 644 return -ETIMEDOUT; 645 } 646 647 dev_dbg(dev, "%s - srq asserted\n", __func__); 648 return 0; 649 } 650 651 static int usbtmc488_ioctl_simple(struct usbtmc_device_data *data, 652 void __user *arg, unsigned int cmd) 653 { 654 struct device *dev = &data->intf->dev; 655 __u8 val; 656 u8 *buffer; 657 u16 wValue; 658 int rv; 659 660 if (!(data->usb488_caps & USBTMC488_CAPABILITY_SIMPLE)) 661 return -EINVAL; 662 663 buffer = kmalloc(8, GFP_KERNEL); 664 if (!buffer) 665 return -ENOMEM; 666 667 if (cmd == USBTMC488_REQUEST_REN_CONTROL) { 668 rv = copy_from_user(&val, arg, sizeof(val)); 669 if (rv) { 670 rv = -EFAULT; 671 goto exit; 672 } 673 wValue = val ? 1 : 0; 674 } else { 675 wValue = 0; 676 } 677 678 rv = usb_control_msg(data->usb_dev, 679 usb_rcvctrlpipe(data->usb_dev, 0), 680 cmd, 681 USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_INTERFACE, 682 wValue, 683 data->ifnum, 684 buffer, 0x01, USB_CTRL_GET_TIMEOUT); 685 if (rv < 0) { 686 dev_err(dev, "simple usb_control_msg failed %d\n", rv); 687 goto exit; 688 } else if (rv != 1) { 689 dev_warn(dev, "simple usb_control_msg returned %d\n", rv); 690 rv = -EIO; 691 goto exit; 692 } 693 694 if (buffer[0] != USBTMC_STATUS_SUCCESS) { 695 dev_err(dev, "simple control status returned %x\n", buffer[0]); 696 rv = -EIO; 697 goto exit; 698 } 699 rv = 0; 700 701 exit: 702 kfree(buffer); 703 return rv; 704 } 705 706 /* 707 * Sends a TRIGGER Bulk-OUT command message 708 * See the USBTMC-USB488 specification, Table 2. 709 * 710 * Also updates bTag_last_write. 711 */ 712 static int usbtmc488_ioctl_trigger(struct usbtmc_file_data *file_data) 713 { 714 struct usbtmc_device_data *data = file_data->data; 715 int retval; 716 u8 *buffer; 717 int actual; 718 719 buffer = kzalloc(USBTMC_HEADER_SIZE, GFP_KERNEL); 720 if (!buffer) 721 return -ENOMEM; 722 723 buffer[0] = 128; 724 buffer[1] = data->bTag; 725 buffer[2] = ~data->bTag; 726 727 retval = usb_bulk_msg(data->usb_dev, 728 usb_sndbulkpipe(data->usb_dev, 729 data->bulk_out), 730 buffer, USBTMC_HEADER_SIZE, 731 &actual, file_data->timeout); 732 733 /* Store bTag (in case we need to abort) */ 734 data->bTag_last_write = data->bTag; 735 736 /* Increment bTag -- and increment again if zero */ 737 data->bTag++; 738 if (!data->bTag) 739 data->bTag++; 740 741 kfree(buffer); 742 if (retval < 0) { 743 dev_err(&data->intf->dev, "%s returned %d\n", 744 __func__, retval); 745 return retval; 746 } 747 748 return 0; 749 } 750 751 static struct urb *usbtmc_create_urb(void) 752 { 753 const size_t bufsize = USBTMC_BUFSIZE; 754 u8 *dmabuf = NULL; 755 struct urb *urb = usb_alloc_urb(0, GFP_KERNEL); 756 757 if (!urb) 758 return NULL; 759 760 dmabuf = kzalloc(bufsize, GFP_KERNEL); 761 if (!dmabuf) { 762 usb_free_urb(urb); 763 return NULL; 764 } 765 766 urb->transfer_buffer = dmabuf; 767 urb->transfer_buffer_length = bufsize; 768 urb->transfer_flags |= URB_FREE_BUFFER; 769 return urb; 770 } 771 772 static void usbtmc_read_bulk_cb(struct urb *urb) 773 { 774 struct usbtmc_file_data *file_data = urb->context; 775 int status = urb->status; 776 unsigned long flags; 777 778 /* sync/async unlink faults aren't errors */ 779 if (status) { 780 if (!(/* status == -ENOENT || */ 781 status == -ECONNRESET || 782 status == -EREMOTEIO || /* Short packet */ 783 status == -ESHUTDOWN)) 784 dev_err(&file_data->data->intf->dev, 785 "%s - nonzero read bulk status received: %d\n", 786 __func__, status); 787 788 spin_lock_irqsave(&file_data->err_lock, flags); 789 if (!file_data->in_status) 790 file_data->in_status = status; 791 spin_unlock_irqrestore(&file_data->err_lock, flags); 792 } 793 794 spin_lock_irqsave(&file_data->err_lock, flags); 795 file_data->in_transfer_size += urb->actual_length; 796 dev_dbg(&file_data->data->intf->dev, 797 "%s - total size: %u current: %d status: %d\n", 798 __func__, file_data->in_transfer_size, 799 urb->actual_length, status); 800 spin_unlock_irqrestore(&file_data->err_lock, flags); 801 usb_anchor_urb(urb, &file_data->in_anchor); 802 803 wake_up_interruptible(&file_data->wait_bulk_in); 804 wake_up_interruptible(&file_data->data->waitq); 805 } 806 807 static inline bool usbtmc_do_transfer(struct usbtmc_file_data *file_data) 808 { 809 bool data_or_error; 810 811 spin_lock_irq(&file_data->err_lock); 812 data_or_error = !usb_anchor_empty(&file_data->in_anchor) 813 || file_data->in_status; 814 spin_unlock_irq(&file_data->err_lock); 815 dev_dbg(&file_data->data->intf->dev, "%s: returns %d\n", __func__, 816 data_or_error); 817 return data_or_error; 818 } 819 820 static ssize_t usbtmc_generic_read(struct usbtmc_file_data *file_data, 821 void __user *user_buffer, 822 u32 transfer_size, 823 u32 *transferred, 824 u32 flags) 825 { 826 struct usbtmc_device_data *data = file_data->data; 827 struct device *dev = &data->intf->dev; 828 u32 done = 0; 829 u32 remaining; 830 const u32 bufsize = USBTMC_BUFSIZE; 831 int retval = 0; 832 u32 max_transfer_size; 833 unsigned long expire; 834 int bufcount = 1; 835 int again = 0; 836 long wait_rv; 837 838 /* mutex already locked */ 839 840 *transferred = done; 841 842 max_transfer_size = transfer_size; 843 844 if (flags & USBTMC_FLAG_IGNORE_TRAILER) { 845 /* The device may send extra alignment bytes (up to 846 * wMaxPacketSize – 1) to avoid sending a zero-length 847 * packet 848 */ 849 remaining = transfer_size; 850 if ((max_transfer_size % data->wMaxPacketSize) == 0) 851 max_transfer_size += (data->wMaxPacketSize - 1); 852 } else { 853 /* round down to bufsize to avoid truncated data left */ 854 if (max_transfer_size > bufsize) { 855 max_transfer_size = 856 roundup(max_transfer_size + 1 - bufsize, 857 bufsize); 858 } 859 remaining = max_transfer_size; 860 } 861 862 spin_lock_irq(&file_data->err_lock); 863 864 if (file_data->in_status) { 865 /* return the very first error */ 866 retval = file_data->in_status; 867 spin_unlock_irq(&file_data->err_lock); 868 goto error; 869 } 870 871 if (flags & USBTMC_FLAG_ASYNC) { 872 if (usb_anchor_empty(&file_data->in_anchor)) 873 again = 1; 874 875 if (file_data->in_urbs_used == 0) { 876 file_data->in_transfer_size = 0; 877 file_data->in_status = 0; 878 } 879 } else { 880 file_data->in_transfer_size = 0; 881 file_data->in_status = 0; 882 } 883 884 if (max_transfer_size == 0) { 885 bufcount = 0; 886 } else { 887 bufcount = roundup(max_transfer_size, bufsize) / bufsize; 888 if (bufcount > file_data->in_urbs_used) 889 bufcount -= file_data->in_urbs_used; 890 else 891 bufcount = 0; 892 893 if (bufcount + file_data->in_urbs_used > MAX_URBS_IN_FLIGHT) { 894 bufcount = MAX_URBS_IN_FLIGHT - 895 file_data->in_urbs_used; 896 } 897 } 898 spin_unlock_irq(&file_data->err_lock); 899 900 dev_dbg(dev, "%s: requested=%u flags=0x%X size=%u bufs=%d used=%d\n", 901 __func__, transfer_size, flags, 902 max_transfer_size, bufcount, file_data->in_urbs_used); 903 904 while (bufcount > 0) { 905 u8 *dmabuf = NULL; 906 struct urb *urb = usbtmc_create_urb(); 907 908 if (!urb) { 909 retval = -ENOMEM; 910 goto error; 911 } 912 913 dmabuf = urb->transfer_buffer; 914 915 usb_fill_bulk_urb(urb, data->usb_dev, 916 usb_rcvbulkpipe(data->usb_dev, data->bulk_in), 917 dmabuf, bufsize, 918 usbtmc_read_bulk_cb, file_data); 919 920 usb_anchor_urb(urb, &file_data->submitted); 921 retval = usb_submit_urb(urb, GFP_KERNEL); 922 /* urb is anchored. We can release our reference. */ 923 usb_free_urb(urb); 924 if (unlikely(retval)) { 925 usb_unanchor_urb(urb); 926 goto error; 927 } 928 file_data->in_urbs_used++; 929 bufcount--; 930 } 931 932 if (again) { 933 dev_dbg(dev, "%s: ret=again\n", __func__); 934 return -EAGAIN; 935 } 936 937 if (user_buffer == NULL) 938 return -EINVAL; 939 940 expire = msecs_to_jiffies(file_data->timeout); 941 942 while (max_transfer_size > 0) { 943 u32 this_part; 944 struct urb *urb = NULL; 945 946 if (!(flags & USBTMC_FLAG_ASYNC)) { 947 dev_dbg(dev, "%s: before wait time %lu\n", 948 __func__, expire); 949 wait_rv = wait_event_interruptible_timeout( 950 file_data->wait_bulk_in, 951 usbtmc_do_transfer(file_data), 952 expire); 953 954 dev_dbg(dev, "%s: wait returned %ld\n", 955 __func__, wait_rv); 956 957 if (wait_rv < 0) { 958 retval = wait_rv; 959 goto error; 960 } 961 962 if (wait_rv == 0) { 963 retval = -ETIMEDOUT; 964 goto error; 965 } 966 967 } 968 969 urb = usb_get_from_anchor(&file_data->in_anchor); 970 if (!urb) { 971 if (!(flags & USBTMC_FLAG_ASYNC)) { 972 /* synchronous case: must not happen */ 973 retval = -EFAULT; 974 goto error; 975 } 976 977 /* asynchronous case: ready, do not block or wait */ 978 *transferred = done; 979 dev_dbg(dev, "%s: (async) done=%u ret=0\n", 980 __func__, done); 981 return 0; 982 } 983 984 file_data->in_urbs_used--; 985 986 if (max_transfer_size > urb->actual_length) 987 max_transfer_size -= urb->actual_length; 988 else 989 max_transfer_size = 0; 990 991 if (remaining > urb->actual_length) 992 this_part = urb->actual_length; 993 else 994 this_part = remaining; 995 996 print_hex_dump_debug("usbtmc ", DUMP_PREFIX_NONE, 16, 1, 997 urb->transfer_buffer, urb->actual_length, true); 998 999 if (copy_to_user(user_buffer + done, 1000 urb->transfer_buffer, this_part)) { 1001 usb_free_urb(urb); 1002 retval = -EFAULT; 1003 goto error; 1004 } 1005 1006 remaining -= this_part; 1007 done += this_part; 1008 1009 spin_lock_irq(&file_data->err_lock); 1010 if (urb->status) { 1011 /* return the very first error */ 1012 retval = file_data->in_status; 1013 spin_unlock_irq(&file_data->err_lock); 1014 usb_free_urb(urb); 1015 goto error; 1016 } 1017 spin_unlock_irq(&file_data->err_lock); 1018 1019 if (urb->actual_length < bufsize) { 1020 /* short packet or ZLP received => ready */ 1021 usb_free_urb(urb); 1022 retval = 1; 1023 break; 1024 } 1025 1026 if (!(flags & USBTMC_FLAG_ASYNC) && 1027 max_transfer_size > (bufsize * file_data->in_urbs_used)) { 1028 /* resubmit, since other buffers still not enough */ 1029 usb_anchor_urb(urb, &file_data->submitted); 1030 retval = usb_submit_urb(urb, GFP_KERNEL); 1031 if (unlikely(retval)) { 1032 usb_unanchor_urb(urb); 1033 usb_free_urb(urb); 1034 goto error; 1035 } 1036 file_data->in_urbs_used++; 1037 } 1038 usb_free_urb(urb); 1039 retval = 0; 1040 } 1041 1042 error: 1043 *transferred = done; 1044 1045 dev_dbg(dev, "%s: before kill\n", __func__); 1046 /* Attention: killing urbs can take long time (2 ms) */ 1047 usb_kill_anchored_urbs(&file_data->submitted); 1048 dev_dbg(dev, "%s: after kill\n", __func__); 1049 usb_scuttle_anchored_urbs(&file_data->in_anchor); 1050 file_data->in_urbs_used = 0; 1051 file_data->in_status = 0; /* no spinlock needed here */ 1052 dev_dbg(dev, "%s: done=%u ret=%d\n", __func__, done, retval); 1053 1054 return retval; 1055 } 1056 1057 static ssize_t usbtmc_ioctl_generic_read(struct usbtmc_file_data *file_data, 1058 void __user *arg) 1059 { 1060 struct usbtmc_message msg; 1061 ssize_t retval = 0; 1062 1063 /* mutex already locked */ 1064 1065 if (copy_from_user(&msg, arg, sizeof(struct usbtmc_message))) 1066 return -EFAULT; 1067 1068 retval = usbtmc_generic_read(file_data, msg.message, 1069 msg.transfer_size, &msg.transferred, 1070 msg.flags); 1071 1072 if (put_user(msg.transferred, 1073 &((struct usbtmc_message __user *)arg)->transferred)) 1074 return -EFAULT; 1075 1076 return retval; 1077 } 1078 1079 static void usbtmc_write_bulk_cb(struct urb *urb) 1080 { 1081 struct usbtmc_file_data *file_data = urb->context; 1082 int wakeup = 0; 1083 unsigned long flags; 1084 1085 spin_lock_irqsave(&file_data->err_lock, flags); 1086 file_data->out_transfer_size += urb->actual_length; 1087 1088 /* sync/async unlink faults aren't errors */ 1089 if (urb->status) { 1090 if (!(urb->status == -ENOENT || 1091 urb->status == -ECONNRESET || 1092 urb->status == -ESHUTDOWN)) 1093 dev_err(&file_data->data->intf->dev, 1094 "%s - nonzero write bulk status received: %d\n", 1095 __func__, urb->status); 1096 1097 if (!file_data->out_status) { 1098 file_data->out_status = urb->status; 1099 wakeup = 1; 1100 } 1101 } 1102 spin_unlock_irqrestore(&file_data->err_lock, flags); 1103 1104 dev_dbg(&file_data->data->intf->dev, 1105 "%s - write bulk total size: %u\n", 1106 __func__, file_data->out_transfer_size); 1107 1108 up(&file_data->limit_write_sem); 1109 if (usb_anchor_empty(&file_data->submitted) || wakeup) 1110 wake_up_interruptible(&file_data->data->waitq); 1111 } 1112 1113 static ssize_t usbtmc_generic_write(struct usbtmc_file_data *file_data, 1114 const void __user *user_buffer, 1115 u32 transfer_size, 1116 u32 *transferred, 1117 u32 flags) 1118 { 1119 struct usbtmc_device_data *data = file_data->data; 1120 struct device *dev; 1121 u32 done = 0; 1122 u32 remaining; 1123 unsigned long expire; 1124 const u32 bufsize = USBTMC_BUFSIZE; 1125 struct urb *urb = NULL; 1126 int retval = 0; 1127 u32 timeout; 1128 1129 *transferred = 0; 1130 1131 /* Get pointer to private data structure */ 1132 dev = &data->intf->dev; 1133 1134 dev_dbg(dev, "%s: size=%u flags=0x%X sema=%u\n", 1135 __func__, transfer_size, flags, 1136 file_data->limit_write_sem.count); 1137 1138 if (flags & USBTMC_FLAG_APPEND) { 1139 spin_lock_irq(&file_data->err_lock); 1140 retval = file_data->out_status; 1141 spin_unlock_irq(&file_data->err_lock); 1142 if (retval < 0) 1143 return retval; 1144 } else { 1145 spin_lock_irq(&file_data->err_lock); 1146 file_data->out_transfer_size = 0; 1147 file_data->out_status = 0; 1148 spin_unlock_irq(&file_data->err_lock); 1149 } 1150 1151 remaining = transfer_size; 1152 if (remaining > INT_MAX) 1153 remaining = INT_MAX; 1154 1155 timeout = file_data->timeout; 1156 expire = msecs_to_jiffies(timeout); 1157 1158 while (remaining > 0) { 1159 u32 this_part, aligned; 1160 u8 *buffer = NULL; 1161 1162 if (flags & USBTMC_FLAG_ASYNC) { 1163 if (down_trylock(&file_data->limit_write_sem)) { 1164 retval = (done)?(0):(-EAGAIN); 1165 goto exit; 1166 } 1167 } else { 1168 retval = down_timeout(&file_data->limit_write_sem, 1169 expire); 1170 if (retval < 0) { 1171 retval = -ETIMEDOUT; 1172 goto error; 1173 } 1174 } 1175 1176 spin_lock_irq(&file_data->err_lock); 1177 retval = file_data->out_status; 1178 spin_unlock_irq(&file_data->err_lock); 1179 if (retval < 0) { 1180 up(&file_data->limit_write_sem); 1181 goto error; 1182 } 1183 1184 /* prepare next urb to send */ 1185 urb = usbtmc_create_urb(); 1186 if (!urb) { 1187 retval = -ENOMEM; 1188 up(&file_data->limit_write_sem); 1189 goto error; 1190 } 1191 buffer = urb->transfer_buffer; 1192 1193 if (remaining > bufsize) 1194 this_part = bufsize; 1195 else 1196 this_part = remaining; 1197 1198 if (copy_from_user(buffer, user_buffer + done, this_part)) { 1199 retval = -EFAULT; 1200 up(&file_data->limit_write_sem); 1201 goto error; 1202 } 1203 1204 print_hex_dump_debug("usbtmc ", DUMP_PREFIX_NONE, 1205 16, 1, buffer, this_part, true); 1206 1207 /* fill bulk with 32 bit alignment to meet USBTMC specification 1208 * (size + 3 & ~3) rounds up and simplifies user code 1209 */ 1210 aligned = (this_part + 3) & ~3; 1211 dev_dbg(dev, "write(size:%u align:%u done:%u)\n", 1212 (unsigned int)this_part, 1213 (unsigned int)aligned, 1214 (unsigned int)done); 1215 1216 usb_fill_bulk_urb(urb, data->usb_dev, 1217 usb_sndbulkpipe(data->usb_dev, data->bulk_out), 1218 urb->transfer_buffer, aligned, 1219 usbtmc_write_bulk_cb, file_data); 1220 1221 usb_anchor_urb(urb, &file_data->submitted); 1222 retval = usb_submit_urb(urb, GFP_KERNEL); 1223 if (unlikely(retval)) { 1224 usb_unanchor_urb(urb); 1225 up(&file_data->limit_write_sem); 1226 goto error; 1227 } 1228 1229 usb_free_urb(urb); 1230 urb = NULL; /* urb will be finally released by usb driver */ 1231 1232 remaining -= this_part; 1233 done += this_part; 1234 } 1235 1236 /* All urbs are on the fly */ 1237 if (!(flags & USBTMC_FLAG_ASYNC)) { 1238 if (!usb_wait_anchor_empty_timeout(&file_data->submitted, 1239 timeout)) { 1240 retval = -ETIMEDOUT; 1241 goto error; 1242 } 1243 } 1244 1245 retval = 0; 1246 goto exit; 1247 1248 error: 1249 usb_kill_anchored_urbs(&file_data->submitted); 1250 exit: 1251 usb_free_urb(urb); 1252 1253 spin_lock_irq(&file_data->err_lock); 1254 if (!(flags & USBTMC_FLAG_ASYNC)) 1255 done = file_data->out_transfer_size; 1256 if (!retval && file_data->out_status) 1257 retval = file_data->out_status; 1258 spin_unlock_irq(&file_data->err_lock); 1259 1260 *transferred = done; 1261 1262 dev_dbg(dev, "%s: done=%u, retval=%d, urbstat=%d\n", 1263 __func__, done, retval, file_data->out_status); 1264 1265 return retval; 1266 } 1267 1268 static ssize_t usbtmc_ioctl_generic_write(struct usbtmc_file_data *file_data, 1269 void __user *arg) 1270 { 1271 struct usbtmc_message msg; 1272 ssize_t retval = 0; 1273 1274 /* mutex already locked */ 1275 1276 if (copy_from_user(&msg, arg, sizeof(struct usbtmc_message))) 1277 return -EFAULT; 1278 1279 retval = usbtmc_generic_write(file_data, msg.message, 1280 msg.transfer_size, &msg.transferred, 1281 msg.flags); 1282 1283 if (put_user(msg.transferred, 1284 &((struct usbtmc_message __user *)arg)->transferred)) 1285 return -EFAULT; 1286 1287 return retval; 1288 } 1289 1290 /* 1291 * Get the generic write result 1292 */ 1293 static ssize_t usbtmc_ioctl_write_result(struct usbtmc_file_data *file_data, 1294 void __user *arg) 1295 { 1296 u32 transferred; 1297 int retval; 1298 1299 spin_lock_irq(&file_data->err_lock); 1300 transferred = file_data->out_transfer_size; 1301 retval = file_data->out_status; 1302 spin_unlock_irq(&file_data->err_lock); 1303 1304 if (put_user(transferred, (__u32 __user *)arg)) 1305 return -EFAULT; 1306 1307 return retval; 1308 } 1309 1310 /* 1311 * Sends a REQUEST_DEV_DEP_MSG_IN message on the Bulk-OUT endpoint. 1312 * @transfer_size: number of bytes to request from the device. 1313 * 1314 * See the USBTMC specification, Table 4. 1315 * 1316 * Also updates bTag_last_write. 1317 */ 1318 static int send_request_dev_dep_msg_in(struct usbtmc_file_data *file_data, 1319 u32 transfer_size) 1320 { 1321 struct usbtmc_device_data *data = file_data->data; 1322 int retval; 1323 u8 *buffer; 1324 int actual; 1325 1326 buffer = kmalloc(USBTMC_HEADER_SIZE, GFP_KERNEL); 1327 if (!buffer) 1328 return -ENOMEM; 1329 /* Setup IO buffer for REQUEST_DEV_DEP_MSG_IN message 1330 * Refer to class specs for details 1331 */ 1332 buffer[0] = 2; 1333 buffer[1] = data->bTag; 1334 buffer[2] = ~data->bTag; 1335 buffer[3] = 0; /* Reserved */ 1336 buffer[4] = transfer_size >> 0; 1337 buffer[5] = transfer_size >> 8; 1338 buffer[6] = transfer_size >> 16; 1339 buffer[7] = transfer_size >> 24; 1340 buffer[8] = file_data->term_char_enabled * 2; 1341 /* Use term character? */ 1342 buffer[9] = file_data->term_char; 1343 buffer[10] = 0; /* Reserved */ 1344 buffer[11] = 0; /* Reserved */ 1345 1346 /* Send bulk URB */ 1347 retval = usb_bulk_msg(data->usb_dev, 1348 usb_sndbulkpipe(data->usb_dev, 1349 data->bulk_out), 1350 buffer, USBTMC_HEADER_SIZE, 1351 &actual, file_data->timeout); 1352 1353 /* Store bTag (in case we need to abort) */ 1354 data->bTag_last_write = data->bTag; 1355 1356 /* Increment bTag -- and increment again if zero */ 1357 data->bTag++; 1358 if (!data->bTag) 1359 data->bTag++; 1360 1361 kfree(buffer); 1362 if (retval < 0) 1363 dev_err(&data->intf->dev, "%s returned %d\n", 1364 __func__, retval); 1365 1366 return retval; 1367 } 1368 1369 static ssize_t usbtmc_read(struct file *filp, char __user *buf, 1370 size_t count, loff_t *f_pos) 1371 { 1372 struct usbtmc_file_data *file_data; 1373 struct usbtmc_device_data *data; 1374 struct device *dev; 1375 const u32 bufsize = USBTMC_BUFSIZE; 1376 u32 n_characters; 1377 u8 *buffer; 1378 int actual; 1379 u32 done = 0; 1380 u32 remaining; 1381 int retval; 1382 1383 /* Get pointer to private data structure */ 1384 file_data = filp->private_data; 1385 data = file_data->data; 1386 dev = &data->intf->dev; 1387 1388 buffer = kmalloc(bufsize, GFP_KERNEL); 1389 if (!buffer) 1390 return -ENOMEM; 1391 1392 retval = mutex_lock_interruptible(&data->io_mutex); 1393 if (retval < 0) 1394 goto exit_nolock; 1395 1396 if (data->zombie) { 1397 retval = -ENODEV; 1398 goto exit; 1399 } 1400 1401 if (count > INT_MAX) 1402 count = INT_MAX; 1403 1404 dev_dbg(dev, "%s(count:%zu)\n", __func__, count); 1405 1406 retval = send_request_dev_dep_msg_in(file_data, count); 1407 1408 if (retval < 0) { 1409 if (file_data->auto_abort) 1410 usbtmc_ioctl_abort_bulk_out(data); 1411 goto exit; 1412 } 1413 1414 /* Loop until we have fetched everything we requested */ 1415 remaining = count; 1416 actual = 0; 1417 1418 /* Send bulk URB */ 1419 retval = usb_bulk_msg(data->usb_dev, 1420 usb_rcvbulkpipe(data->usb_dev, 1421 data->bulk_in), 1422 buffer, bufsize, &actual, 1423 file_data->timeout); 1424 1425 dev_dbg(dev, "%s: bulk_msg retval(%u), actual(%d)\n", 1426 __func__, retval, actual); 1427 1428 /* Store bTag (in case we need to abort) */ 1429 data->bTag_last_read = data->bTag; 1430 1431 if (retval < 0) { 1432 if (file_data->auto_abort) 1433 usbtmc_ioctl_abort_bulk_in(data); 1434 goto exit; 1435 } 1436 1437 /* Sanity checks for the header */ 1438 if (actual < USBTMC_HEADER_SIZE) { 1439 dev_err(dev, "Device sent too small first packet: %u < %u\n", 1440 actual, USBTMC_HEADER_SIZE); 1441 if (file_data->auto_abort) 1442 usbtmc_ioctl_abort_bulk_in(data); 1443 goto exit; 1444 } 1445 1446 if (buffer[0] != 2) { 1447 dev_err(dev, "Device sent reply with wrong MsgID: %u != 2\n", 1448 buffer[0]); 1449 if (file_data->auto_abort) 1450 usbtmc_ioctl_abort_bulk_in(data); 1451 goto exit; 1452 } 1453 1454 if (buffer[1] != data->bTag_last_write) { 1455 dev_err(dev, "Device sent reply with wrong bTag: %u != %u\n", 1456 buffer[1], data->bTag_last_write); 1457 if (file_data->auto_abort) 1458 usbtmc_ioctl_abort_bulk_in(data); 1459 goto exit; 1460 } 1461 1462 /* How many characters did the instrument send? */ 1463 n_characters = buffer[4] + 1464 (buffer[5] << 8) + 1465 (buffer[6] << 16) + 1466 (buffer[7] << 24); 1467 1468 file_data->bmTransferAttributes = buffer[8]; 1469 1470 dev_dbg(dev, "Bulk-IN header: N_characters(%u), bTransAttr(%u)\n", 1471 n_characters, buffer[8]); 1472 1473 if (n_characters > remaining) { 1474 dev_err(dev, "Device wants to return more data than requested: %u > %zu\n", 1475 n_characters, count); 1476 if (file_data->auto_abort) 1477 usbtmc_ioctl_abort_bulk_in(data); 1478 goto exit; 1479 } 1480 1481 print_hex_dump_debug("usbtmc ", DUMP_PREFIX_NONE, 1482 16, 1, buffer, actual, true); 1483 1484 remaining = n_characters; 1485 1486 /* Remove the USBTMC header */ 1487 actual -= USBTMC_HEADER_SIZE; 1488 1489 /* Remove padding if it exists */ 1490 if (actual > remaining) 1491 actual = remaining; 1492 1493 remaining -= actual; 1494 1495 /* Copy buffer to user space */ 1496 if (copy_to_user(buf, &buffer[USBTMC_HEADER_SIZE], actual)) { 1497 /* There must have been an addressing problem */ 1498 retval = -EFAULT; 1499 goto exit; 1500 } 1501 1502 if ((actual + USBTMC_HEADER_SIZE) == bufsize) { 1503 retval = usbtmc_generic_read(file_data, buf + actual, 1504 remaining, 1505 &done, 1506 USBTMC_FLAG_IGNORE_TRAILER); 1507 if (retval < 0) 1508 goto exit; 1509 } 1510 done += actual; 1511 1512 /* Update file position value */ 1513 *f_pos = *f_pos + done; 1514 retval = done; 1515 1516 exit: 1517 mutex_unlock(&data->io_mutex); 1518 exit_nolock: 1519 kfree(buffer); 1520 return retval; 1521 } 1522 1523 static ssize_t usbtmc_write(struct file *filp, const char __user *buf, 1524 size_t count, loff_t *f_pos) 1525 { 1526 struct usbtmc_file_data *file_data; 1527 struct usbtmc_device_data *data; 1528 struct urb *urb = NULL; 1529 ssize_t retval = 0; 1530 u8 *buffer; 1531 u32 remaining, done; 1532 u32 transfersize, aligned, buflen; 1533 1534 file_data = filp->private_data; 1535 data = file_data->data; 1536 1537 mutex_lock(&data->io_mutex); 1538 1539 if (data->zombie) { 1540 retval = -ENODEV; 1541 goto exit; 1542 } 1543 1544 done = 0; 1545 1546 spin_lock_irq(&file_data->err_lock); 1547 file_data->out_transfer_size = 0; 1548 file_data->out_status = 0; 1549 spin_unlock_irq(&file_data->err_lock); 1550 1551 if (!count) 1552 goto exit; 1553 1554 if (down_trylock(&file_data->limit_write_sem)) { 1555 /* previous calls were async */ 1556 retval = -EBUSY; 1557 goto exit; 1558 } 1559 1560 urb = usbtmc_create_urb(); 1561 if (!urb) { 1562 retval = -ENOMEM; 1563 up(&file_data->limit_write_sem); 1564 goto exit; 1565 } 1566 1567 buffer = urb->transfer_buffer; 1568 buflen = urb->transfer_buffer_length; 1569 1570 if (count > INT_MAX) { 1571 transfersize = INT_MAX; 1572 buffer[8] = 0; 1573 } else { 1574 transfersize = count; 1575 buffer[8] = file_data->eom_val; 1576 } 1577 1578 /* Setup IO buffer for DEV_DEP_MSG_OUT message */ 1579 buffer[0] = 1; 1580 buffer[1] = data->bTag; 1581 buffer[2] = ~data->bTag; 1582 buffer[3] = 0; /* Reserved */ 1583 buffer[4] = transfersize >> 0; 1584 buffer[5] = transfersize >> 8; 1585 buffer[6] = transfersize >> 16; 1586 buffer[7] = transfersize >> 24; 1587 /* buffer[8] is set above... */ 1588 buffer[9] = 0; /* Reserved */ 1589 buffer[10] = 0; /* Reserved */ 1590 buffer[11] = 0; /* Reserved */ 1591 1592 remaining = transfersize; 1593 1594 if (transfersize + USBTMC_HEADER_SIZE > buflen) { 1595 transfersize = buflen - USBTMC_HEADER_SIZE; 1596 aligned = buflen; 1597 } else { 1598 aligned = (transfersize + (USBTMC_HEADER_SIZE + 3)) & ~3; 1599 } 1600 1601 if (copy_from_user(&buffer[USBTMC_HEADER_SIZE], buf, transfersize)) { 1602 retval = -EFAULT; 1603 up(&file_data->limit_write_sem); 1604 goto exit; 1605 } 1606 1607 dev_dbg(&data->intf->dev, "%s(size:%u align:%u)\n", __func__, 1608 (unsigned int)transfersize, (unsigned int)aligned); 1609 1610 print_hex_dump_debug("usbtmc ", DUMP_PREFIX_NONE, 1611 16, 1, buffer, aligned, true); 1612 1613 usb_fill_bulk_urb(urb, data->usb_dev, 1614 usb_sndbulkpipe(data->usb_dev, data->bulk_out), 1615 urb->transfer_buffer, aligned, 1616 usbtmc_write_bulk_cb, file_data); 1617 1618 usb_anchor_urb(urb, &file_data->submitted); 1619 retval = usb_submit_urb(urb, GFP_KERNEL); 1620 if (unlikely(retval)) { 1621 usb_unanchor_urb(urb); 1622 up(&file_data->limit_write_sem); 1623 goto exit; 1624 } 1625 1626 remaining -= transfersize; 1627 1628 data->bTag_last_write = data->bTag; 1629 data->bTag++; 1630 1631 if (!data->bTag) 1632 data->bTag++; 1633 1634 /* call generic_write even when remaining = 0 */ 1635 retval = usbtmc_generic_write(file_data, buf + transfersize, remaining, 1636 &done, USBTMC_FLAG_APPEND); 1637 /* truncate alignment bytes */ 1638 if (done > remaining) 1639 done = remaining; 1640 1641 /*add size of first urb*/ 1642 done += transfersize; 1643 1644 if (retval < 0) { 1645 usb_kill_anchored_urbs(&file_data->submitted); 1646 1647 dev_err(&data->intf->dev, 1648 "Unable to send data, error %d\n", (int)retval); 1649 if (file_data->auto_abort) 1650 usbtmc_ioctl_abort_bulk_out(data); 1651 goto exit; 1652 } 1653 1654 retval = done; 1655 exit: 1656 usb_free_urb(urb); 1657 mutex_unlock(&data->io_mutex); 1658 return retval; 1659 } 1660 1661 static int usbtmc_ioctl_clear(struct usbtmc_device_data *data) 1662 { 1663 struct device *dev; 1664 u8 *buffer; 1665 int rv; 1666 int n; 1667 int actual = 0; 1668 1669 dev = &data->intf->dev; 1670 1671 dev_dbg(dev, "Sending INITIATE_CLEAR request\n"); 1672 1673 buffer = kmalloc(USBTMC_BUFSIZE, GFP_KERNEL); 1674 if (!buffer) 1675 return -ENOMEM; 1676 1677 rv = usb_control_msg(data->usb_dev, 1678 usb_rcvctrlpipe(data->usb_dev, 0), 1679 USBTMC_REQUEST_INITIATE_CLEAR, 1680 USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_INTERFACE, 1681 0, 0, buffer, 1, USB_CTRL_GET_TIMEOUT); 1682 if (rv < 0) { 1683 dev_err(dev, "usb_control_msg returned %d\n", rv); 1684 goto exit; 1685 } 1686 1687 dev_dbg(dev, "INITIATE_CLEAR returned %x\n", buffer[0]); 1688 1689 if (buffer[0] != USBTMC_STATUS_SUCCESS) { 1690 dev_err(dev, "INITIATE_CLEAR returned %x\n", buffer[0]); 1691 rv = -EPERM; 1692 goto exit; 1693 } 1694 1695 n = 0; 1696 1697 usbtmc_clear_check_status: 1698 1699 dev_dbg(dev, "Sending CHECK_CLEAR_STATUS request\n"); 1700 1701 rv = usb_control_msg(data->usb_dev, 1702 usb_rcvctrlpipe(data->usb_dev, 0), 1703 USBTMC_REQUEST_CHECK_CLEAR_STATUS, 1704 USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_INTERFACE, 1705 0, 0, buffer, 2, USB_CTRL_GET_TIMEOUT); 1706 if (rv < 0) { 1707 dev_err(dev, "usb_control_msg returned %d\n", rv); 1708 goto exit; 1709 } 1710 1711 dev_dbg(dev, "CHECK_CLEAR_STATUS returned %x\n", buffer[0]); 1712 1713 if (buffer[0] == USBTMC_STATUS_SUCCESS) 1714 goto usbtmc_clear_bulk_out_halt; 1715 1716 if (buffer[0] != USBTMC_STATUS_PENDING) { 1717 dev_err(dev, "CHECK_CLEAR_STATUS returned %x\n", buffer[0]); 1718 rv = -EPERM; 1719 goto exit; 1720 } 1721 1722 if ((buffer[1] & 1) != 0) { 1723 do { 1724 dev_dbg(dev, "Reading from bulk in EP\n"); 1725 1726 actual = 0; 1727 rv = usb_bulk_msg(data->usb_dev, 1728 usb_rcvbulkpipe(data->usb_dev, 1729 data->bulk_in), 1730 buffer, USBTMC_BUFSIZE, 1731 &actual, USB_CTRL_GET_TIMEOUT); 1732 1733 print_hex_dump_debug("usbtmc ", DUMP_PREFIX_NONE, 1734 16, 1, buffer, actual, true); 1735 1736 n++; 1737 1738 if (rv < 0) { 1739 dev_err(dev, "usb_control_msg returned %d\n", 1740 rv); 1741 goto exit; 1742 } 1743 } while ((actual == USBTMC_BUFSIZE) && 1744 (n < USBTMC_MAX_READS_TO_CLEAR_BULK_IN)); 1745 } else { 1746 /* do not stress device with subsequent requests */ 1747 msleep(50); 1748 n++; 1749 } 1750 1751 if (n >= USBTMC_MAX_READS_TO_CLEAR_BULK_IN) { 1752 dev_err(dev, "Couldn't clear device buffer within %d cycles\n", 1753 USBTMC_MAX_READS_TO_CLEAR_BULK_IN); 1754 rv = -EPERM; 1755 goto exit; 1756 } 1757 1758 goto usbtmc_clear_check_status; 1759 1760 usbtmc_clear_bulk_out_halt: 1761 1762 rv = usb_clear_halt(data->usb_dev, 1763 usb_sndbulkpipe(data->usb_dev, data->bulk_out)); 1764 if (rv < 0) { 1765 dev_err(dev, "usb_clear_halt returned %d\n", rv); 1766 goto exit; 1767 } 1768 rv = 0; 1769 1770 exit: 1771 kfree(buffer); 1772 return rv; 1773 } 1774 1775 static int usbtmc_ioctl_clear_out_halt(struct usbtmc_device_data *data) 1776 { 1777 int rv; 1778 1779 rv = usb_clear_halt(data->usb_dev, 1780 usb_sndbulkpipe(data->usb_dev, data->bulk_out)); 1781 1782 if (rv < 0) 1783 dev_err(&data->usb_dev->dev, "%s returned %d\n", __func__, rv); 1784 return rv; 1785 } 1786 1787 static int usbtmc_ioctl_clear_in_halt(struct usbtmc_device_data *data) 1788 { 1789 int rv; 1790 1791 rv = usb_clear_halt(data->usb_dev, 1792 usb_rcvbulkpipe(data->usb_dev, data->bulk_in)); 1793 1794 if (rv < 0) 1795 dev_err(&data->usb_dev->dev, "%s returned %d\n", __func__, rv); 1796 return rv; 1797 } 1798 1799 static int usbtmc_ioctl_cancel_io(struct usbtmc_file_data *file_data) 1800 { 1801 spin_lock_irq(&file_data->err_lock); 1802 file_data->in_status = -ECANCELED; 1803 file_data->out_status = -ECANCELED; 1804 spin_unlock_irq(&file_data->err_lock); 1805 usb_kill_anchored_urbs(&file_data->submitted); 1806 return 0; 1807 } 1808 1809 static int usbtmc_ioctl_cleanup_io(struct usbtmc_file_data *file_data) 1810 { 1811 usb_kill_anchored_urbs(&file_data->submitted); 1812 usb_scuttle_anchored_urbs(&file_data->in_anchor); 1813 spin_lock_irq(&file_data->err_lock); 1814 file_data->in_status = 0; 1815 file_data->in_transfer_size = 0; 1816 file_data->out_status = 0; 1817 file_data->out_transfer_size = 0; 1818 spin_unlock_irq(&file_data->err_lock); 1819 1820 file_data->in_urbs_used = 0; 1821 return 0; 1822 } 1823 1824 static int get_capabilities(struct usbtmc_device_data *data) 1825 { 1826 struct device *dev = &data->usb_dev->dev; 1827 char *buffer; 1828 int rv = 0; 1829 1830 buffer = kmalloc(0x18, GFP_KERNEL); 1831 if (!buffer) 1832 return -ENOMEM; 1833 1834 rv = usb_control_msg(data->usb_dev, usb_rcvctrlpipe(data->usb_dev, 0), 1835 USBTMC_REQUEST_GET_CAPABILITIES, 1836 USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_INTERFACE, 1837 0, 0, buffer, 0x18, USB_CTRL_GET_TIMEOUT); 1838 if (rv < 0) { 1839 dev_err(dev, "usb_control_msg returned %d\n", rv); 1840 goto err_out; 1841 } 1842 1843 dev_dbg(dev, "GET_CAPABILITIES returned %x\n", buffer[0]); 1844 if (buffer[0] != USBTMC_STATUS_SUCCESS) { 1845 dev_err(dev, "GET_CAPABILITIES returned %x\n", buffer[0]); 1846 rv = -EPERM; 1847 goto err_out; 1848 } 1849 dev_dbg(dev, "Interface capabilities are %x\n", buffer[4]); 1850 dev_dbg(dev, "Device capabilities are %x\n", buffer[5]); 1851 dev_dbg(dev, "USB488 interface capabilities are %x\n", buffer[14]); 1852 dev_dbg(dev, "USB488 device capabilities are %x\n", buffer[15]); 1853 1854 data->capabilities.interface_capabilities = buffer[4]; 1855 data->capabilities.device_capabilities = buffer[5]; 1856 data->capabilities.usb488_interface_capabilities = buffer[14]; 1857 data->capabilities.usb488_device_capabilities = buffer[15]; 1858 data->usb488_caps = (buffer[14] & 0x07) | ((buffer[15] & 0x0f) << 4); 1859 rv = 0; 1860 1861 err_out: 1862 kfree(buffer); 1863 return rv; 1864 } 1865 1866 #define capability_attribute(name) \ 1867 static ssize_t name##_show(struct device *dev, \ 1868 struct device_attribute *attr, char *buf) \ 1869 { \ 1870 struct usb_interface *intf = to_usb_interface(dev); \ 1871 struct usbtmc_device_data *data = usb_get_intfdata(intf); \ 1872 \ 1873 return sprintf(buf, "%d\n", data->capabilities.name); \ 1874 } \ 1875 static DEVICE_ATTR_RO(name) 1876 1877 capability_attribute(interface_capabilities); 1878 capability_attribute(device_capabilities); 1879 capability_attribute(usb488_interface_capabilities); 1880 capability_attribute(usb488_device_capabilities); 1881 1882 static struct attribute *usbtmc_attrs[] = { 1883 &dev_attr_interface_capabilities.attr, 1884 &dev_attr_device_capabilities.attr, 1885 &dev_attr_usb488_interface_capabilities.attr, 1886 &dev_attr_usb488_device_capabilities.attr, 1887 NULL, 1888 }; 1889 ATTRIBUTE_GROUPS(usbtmc); 1890 1891 static int usbtmc_ioctl_indicator_pulse(struct usbtmc_device_data *data) 1892 { 1893 struct device *dev; 1894 u8 *buffer; 1895 int rv; 1896 1897 dev = &data->intf->dev; 1898 1899 buffer = kmalloc(2, GFP_KERNEL); 1900 if (!buffer) 1901 return -ENOMEM; 1902 1903 rv = usb_control_msg(data->usb_dev, 1904 usb_rcvctrlpipe(data->usb_dev, 0), 1905 USBTMC_REQUEST_INDICATOR_PULSE, 1906 USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_INTERFACE, 1907 0, 0, buffer, 0x01, USB_CTRL_GET_TIMEOUT); 1908 1909 if (rv < 0) { 1910 dev_err(dev, "usb_control_msg returned %d\n", rv); 1911 goto exit; 1912 } 1913 1914 dev_dbg(dev, "INDICATOR_PULSE returned %x\n", buffer[0]); 1915 1916 if (buffer[0] != USBTMC_STATUS_SUCCESS) { 1917 dev_err(dev, "INDICATOR_PULSE returned %x\n", buffer[0]); 1918 rv = -EPERM; 1919 goto exit; 1920 } 1921 rv = 0; 1922 1923 exit: 1924 kfree(buffer); 1925 return rv; 1926 } 1927 1928 static int usbtmc_ioctl_request(struct usbtmc_device_data *data, 1929 void __user *arg) 1930 { 1931 struct device *dev = &data->intf->dev; 1932 struct usbtmc_ctrlrequest request; 1933 u8 *buffer = NULL; 1934 int rv; 1935 unsigned int is_in, pipe; 1936 unsigned long res; 1937 1938 res = copy_from_user(&request, arg, sizeof(struct usbtmc_ctrlrequest)); 1939 if (res) 1940 return -EFAULT; 1941 1942 if (request.req.wLength > USBTMC_BUFSIZE) 1943 return -EMSGSIZE; 1944 if (request.req.wLength == 0) /* Length-0 requests are never IN */ 1945 request.req.bRequestType &= ~USB_DIR_IN; 1946 1947 is_in = request.req.bRequestType & USB_DIR_IN; 1948 1949 if (request.req.wLength) { 1950 buffer = kmalloc(request.req.wLength, GFP_KERNEL); 1951 if (!buffer) 1952 return -ENOMEM; 1953 1954 if (!is_in) { 1955 /* Send control data to device */ 1956 res = copy_from_user(buffer, request.data, 1957 request.req.wLength); 1958 if (res) { 1959 rv = -EFAULT; 1960 goto exit; 1961 } 1962 } 1963 } 1964 1965 if (is_in) 1966 pipe = usb_rcvctrlpipe(data->usb_dev, 0); 1967 else 1968 pipe = usb_sndctrlpipe(data->usb_dev, 0); 1969 rv = usb_control_msg(data->usb_dev, 1970 pipe, 1971 request.req.bRequest, 1972 request.req.bRequestType, 1973 request.req.wValue, 1974 request.req.wIndex, 1975 buffer, request.req.wLength, USB_CTRL_GET_TIMEOUT); 1976 1977 if (rv < 0) { 1978 dev_err(dev, "%s failed %d\n", __func__, rv); 1979 goto exit; 1980 } 1981 1982 if (rv && is_in) { 1983 /* Read control data from device */ 1984 res = copy_to_user(request.data, buffer, rv); 1985 if (res) 1986 rv = -EFAULT; 1987 } 1988 1989 exit: 1990 kfree(buffer); 1991 return rv; 1992 } 1993 1994 /* 1995 * Get the usb timeout value 1996 */ 1997 static int usbtmc_ioctl_get_timeout(struct usbtmc_file_data *file_data, 1998 void __user *arg) 1999 { 2000 u32 timeout; 2001 2002 timeout = file_data->timeout; 2003 2004 return put_user(timeout, (__u32 __user *)arg); 2005 } 2006 2007 /* 2008 * Set the usb timeout value 2009 */ 2010 static int usbtmc_ioctl_set_timeout(struct usbtmc_file_data *file_data, 2011 void __user *arg) 2012 { 2013 u32 timeout; 2014 2015 if (get_user(timeout, (__u32 __user *)arg)) 2016 return -EFAULT; 2017 2018 /* Note that timeout = 0 means 2019 * MAX_SCHEDULE_TIMEOUT in usb_control_msg 2020 */ 2021 if (timeout < USBTMC_MIN_TIMEOUT) 2022 return -EINVAL; 2023 2024 file_data->timeout = timeout; 2025 2026 return 0; 2027 } 2028 2029 /* 2030 * enables/disables sending EOM on write 2031 */ 2032 static int usbtmc_ioctl_eom_enable(struct usbtmc_file_data *file_data, 2033 void __user *arg) 2034 { 2035 u8 eom_enable; 2036 2037 if (copy_from_user(&eom_enable, arg, sizeof(eom_enable))) 2038 return -EFAULT; 2039 2040 if (eom_enable > 1) 2041 return -EINVAL; 2042 2043 file_data->eom_val = eom_enable; 2044 2045 return 0; 2046 } 2047 2048 /* 2049 * Configure termination character for read() 2050 */ 2051 static int usbtmc_ioctl_config_termc(struct usbtmc_file_data *file_data, 2052 void __user *arg) 2053 { 2054 struct usbtmc_termchar termc; 2055 2056 if (copy_from_user(&termc, arg, sizeof(termc))) 2057 return -EFAULT; 2058 2059 if ((termc.term_char_enabled > 1) || 2060 (termc.term_char_enabled && 2061 !(file_data->data->capabilities.device_capabilities & 1))) 2062 return -EINVAL; 2063 2064 file_data->term_char = termc.term_char; 2065 file_data->term_char_enabled = termc.term_char_enabled; 2066 2067 return 0; 2068 } 2069 2070 static long usbtmc_ioctl(struct file *file, unsigned int cmd, unsigned long arg) 2071 { 2072 struct usbtmc_file_data *file_data; 2073 struct usbtmc_device_data *data; 2074 int retval = -EBADRQC; 2075 __u8 tmp_byte; 2076 2077 file_data = file->private_data; 2078 data = file_data->data; 2079 2080 mutex_lock(&data->io_mutex); 2081 if (data->zombie) { 2082 retval = -ENODEV; 2083 goto skip_io_on_zombie; 2084 } 2085 2086 switch (cmd) { 2087 case USBTMC_IOCTL_CLEAR_OUT_HALT: 2088 retval = usbtmc_ioctl_clear_out_halt(data); 2089 break; 2090 2091 case USBTMC_IOCTL_CLEAR_IN_HALT: 2092 retval = usbtmc_ioctl_clear_in_halt(data); 2093 break; 2094 2095 case USBTMC_IOCTL_INDICATOR_PULSE: 2096 retval = usbtmc_ioctl_indicator_pulse(data); 2097 break; 2098 2099 case USBTMC_IOCTL_CLEAR: 2100 retval = usbtmc_ioctl_clear(data); 2101 break; 2102 2103 case USBTMC_IOCTL_ABORT_BULK_OUT: 2104 retval = usbtmc_ioctl_abort_bulk_out(data); 2105 break; 2106 2107 case USBTMC_IOCTL_ABORT_BULK_IN: 2108 retval = usbtmc_ioctl_abort_bulk_in(data); 2109 break; 2110 2111 case USBTMC_IOCTL_CTRL_REQUEST: 2112 retval = usbtmc_ioctl_request(data, (void __user *)arg); 2113 break; 2114 2115 case USBTMC_IOCTL_GET_TIMEOUT: 2116 retval = usbtmc_ioctl_get_timeout(file_data, 2117 (void __user *)arg); 2118 break; 2119 2120 case USBTMC_IOCTL_SET_TIMEOUT: 2121 retval = usbtmc_ioctl_set_timeout(file_data, 2122 (void __user *)arg); 2123 break; 2124 2125 case USBTMC_IOCTL_EOM_ENABLE: 2126 retval = usbtmc_ioctl_eom_enable(file_data, 2127 (void __user *)arg); 2128 break; 2129 2130 case USBTMC_IOCTL_CONFIG_TERMCHAR: 2131 retval = usbtmc_ioctl_config_termc(file_data, 2132 (void __user *)arg); 2133 break; 2134 2135 case USBTMC_IOCTL_WRITE: 2136 retval = usbtmc_ioctl_generic_write(file_data, 2137 (void __user *)arg); 2138 break; 2139 2140 case USBTMC_IOCTL_READ: 2141 retval = usbtmc_ioctl_generic_read(file_data, 2142 (void __user *)arg); 2143 break; 2144 2145 case USBTMC_IOCTL_WRITE_RESULT: 2146 retval = usbtmc_ioctl_write_result(file_data, 2147 (void __user *)arg); 2148 break; 2149 2150 case USBTMC_IOCTL_API_VERSION: 2151 retval = put_user(USBTMC_API_VERSION, 2152 (__u32 __user *)arg); 2153 break; 2154 2155 case USBTMC488_IOCTL_GET_CAPS: 2156 retval = put_user(data->usb488_caps, 2157 (unsigned char __user *)arg); 2158 break; 2159 2160 case USBTMC488_IOCTL_READ_STB: 2161 retval = usbtmc488_ioctl_read_stb(file_data, 2162 (void __user *)arg); 2163 break; 2164 2165 case USBTMC488_IOCTL_REN_CONTROL: 2166 retval = usbtmc488_ioctl_simple(data, (void __user *)arg, 2167 USBTMC488_REQUEST_REN_CONTROL); 2168 break; 2169 2170 case USBTMC488_IOCTL_GOTO_LOCAL: 2171 retval = usbtmc488_ioctl_simple(data, (void __user *)arg, 2172 USBTMC488_REQUEST_GOTO_LOCAL); 2173 break; 2174 2175 case USBTMC488_IOCTL_LOCAL_LOCKOUT: 2176 retval = usbtmc488_ioctl_simple(data, (void __user *)arg, 2177 USBTMC488_REQUEST_LOCAL_LOCKOUT); 2178 break; 2179 2180 case USBTMC488_IOCTL_TRIGGER: 2181 retval = usbtmc488_ioctl_trigger(file_data); 2182 break; 2183 2184 case USBTMC488_IOCTL_WAIT_SRQ: 2185 retval = usbtmc488_ioctl_wait_srq(file_data, 2186 (__u32 __user *)arg); 2187 break; 2188 2189 case USBTMC_IOCTL_MSG_IN_ATTR: 2190 retval = put_user(file_data->bmTransferAttributes, 2191 (__u8 __user *)arg); 2192 break; 2193 2194 case USBTMC_IOCTL_AUTO_ABORT: 2195 retval = get_user(tmp_byte, (unsigned char __user *)arg); 2196 if (retval == 0) 2197 file_data->auto_abort = !!tmp_byte; 2198 break; 2199 2200 case USBTMC_IOCTL_GET_STB: 2201 retval = usbtmc_get_stb(file_data, &tmp_byte); 2202 if (retval > 0) 2203 retval = put_user(tmp_byte, (__u8 __user *)arg); 2204 break; 2205 2206 case USBTMC_IOCTL_GET_SRQ_STB: 2207 retval = usbtmc_ioctl_get_srq_stb(file_data, 2208 (void __user *)arg); 2209 break; 2210 2211 case USBTMC_IOCTL_CANCEL_IO: 2212 retval = usbtmc_ioctl_cancel_io(file_data); 2213 break; 2214 2215 case USBTMC_IOCTL_CLEANUP_IO: 2216 retval = usbtmc_ioctl_cleanup_io(file_data); 2217 break; 2218 } 2219 2220 skip_io_on_zombie: 2221 mutex_unlock(&data->io_mutex); 2222 return retval; 2223 } 2224 2225 static int usbtmc_fasync(int fd, struct file *file, int on) 2226 { 2227 struct usbtmc_file_data *file_data = file->private_data; 2228 2229 return fasync_helper(fd, file, on, &file_data->data->fasync); 2230 } 2231 2232 static __poll_t usbtmc_poll(struct file *file, poll_table *wait) 2233 { 2234 struct usbtmc_file_data *file_data = file->private_data; 2235 struct usbtmc_device_data *data = file_data->data; 2236 __poll_t mask; 2237 2238 mutex_lock(&data->io_mutex); 2239 2240 if (data->zombie) { 2241 mask = EPOLLHUP | EPOLLERR; 2242 goto no_poll; 2243 } 2244 2245 poll_wait(file, &data->waitq, wait); 2246 2247 /* Note that EPOLLPRI is now assigned to SRQ, and 2248 * EPOLLIN|EPOLLRDNORM to normal read data. 2249 */ 2250 mask = 0; 2251 if (atomic_read(&file_data->srq_asserted)) 2252 mask |= EPOLLPRI; 2253 2254 /* Note that the anchor submitted includes all urbs for BULK IN 2255 * and OUT. So EPOLLOUT is signaled when BULK OUT is empty and 2256 * all BULK IN urbs are completed and moved to in_anchor. 2257 */ 2258 if (usb_anchor_empty(&file_data->submitted)) 2259 mask |= (EPOLLOUT | EPOLLWRNORM); 2260 if (!usb_anchor_empty(&file_data->in_anchor)) 2261 mask |= (EPOLLIN | EPOLLRDNORM); 2262 2263 spin_lock_irq(&file_data->err_lock); 2264 if (file_data->in_status || file_data->out_status) 2265 mask |= EPOLLERR; 2266 spin_unlock_irq(&file_data->err_lock); 2267 2268 dev_dbg(&data->intf->dev, "poll mask = %x\n", mask); 2269 2270 no_poll: 2271 mutex_unlock(&data->io_mutex); 2272 return mask; 2273 } 2274 2275 static const struct file_operations fops = { 2276 .owner = THIS_MODULE, 2277 .read = usbtmc_read, 2278 .write = usbtmc_write, 2279 .open = usbtmc_open, 2280 .release = usbtmc_release, 2281 .flush = usbtmc_flush, 2282 .unlocked_ioctl = usbtmc_ioctl, 2283 .compat_ioctl = compat_ptr_ioctl, 2284 .fasync = usbtmc_fasync, 2285 .poll = usbtmc_poll, 2286 .llseek = default_llseek, 2287 }; 2288 2289 static struct usb_class_driver usbtmc_class = { 2290 .name = "usbtmc%d", 2291 .fops = &fops, 2292 .minor_base = USBTMC_MINOR_BASE, 2293 }; 2294 2295 static void usbtmc_interrupt(struct urb *urb) 2296 { 2297 struct usbtmc_device_data *data = urb->context; 2298 struct device *dev = &data->intf->dev; 2299 int status = urb->status; 2300 int rv; 2301 2302 dev_dbg(&data->intf->dev, "int status: %d len %d\n", 2303 status, urb->actual_length); 2304 2305 switch (status) { 2306 case 0: /* SUCCESS */ 2307 /* check for valid STB notification */ 2308 if (data->iin_buffer[0] > 0x81) { 2309 data->bNotify1 = data->iin_buffer[0]; 2310 data->bNotify2 = data->iin_buffer[1]; 2311 atomic_set(&data->iin_data_valid, 1); 2312 wake_up_interruptible(&data->waitq); 2313 goto exit; 2314 } 2315 /* check for SRQ notification */ 2316 if (data->iin_buffer[0] == 0x81) { 2317 unsigned long flags; 2318 struct list_head *elem; 2319 2320 if (data->fasync) 2321 kill_fasync(&data->fasync, 2322 SIGIO, POLL_PRI); 2323 2324 spin_lock_irqsave(&data->dev_lock, flags); 2325 list_for_each(elem, &data->file_list) { 2326 struct usbtmc_file_data *file_data; 2327 2328 file_data = list_entry(elem, 2329 struct usbtmc_file_data, 2330 file_elem); 2331 file_data->srq_byte = data->iin_buffer[1]; 2332 atomic_set(&file_data->srq_asserted, 1); 2333 } 2334 spin_unlock_irqrestore(&data->dev_lock, flags); 2335 2336 dev_dbg(dev, "srq received bTag %x stb %x\n", 2337 (unsigned int)data->iin_buffer[0], 2338 (unsigned int)data->iin_buffer[1]); 2339 wake_up_interruptible_all(&data->waitq); 2340 goto exit; 2341 } 2342 dev_warn(dev, "invalid notification: %x\n", 2343 data->iin_buffer[0]); 2344 break; 2345 case -EOVERFLOW: 2346 dev_err(dev, "overflow with length %d, actual length is %d\n", 2347 data->iin_wMaxPacketSize, urb->actual_length); 2348 fallthrough; 2349 default: 2350 /* urb terminated, clean up */ 2351 dev_dbg(dev, "urb terminated, status: %d\n", status); 2352 return; 2353 } 2354 exit: 2355 rv = usb_submit_urb(urb, GFP_ATOMIC); 2356 if (rv) 2357 dev_err(dev, "usb_submit_urb failed: %d\n", rv); 2358 } 2359 2360 static void usbtmc_free_int(struct usbtmc_device_data *data) 2361 { 2362 if (!data->iin_ep_present || !data->iin_urb) 2363 return; 2364 usb_kill_urb(data->iin_urb); 2365 kfree(data->iin_buffer); 2366 data->iin_buffer = NULL; 2367 usb_free_urb(data->iin_urb); 2368 data->iin_urb = NULL; 2369 kref_put(&data->kref, usbtmc_delete); 2370 } 2371 2372 static int usbtmc_probe(struct usb_interface *intf, 2373 const struct usb_device_id *id) 2374 { 2375 struct usbtmc_device_data *data; 2376 struct usb_host_interface *iface_desc; 2377 struct usb_endpoint_descriptor *bulk_in, *bulk_out, *int_in; 2378 int retcode; 2379 2380 dev_dbg(&intf->dev, "%s called\n", __func__); 2381 2382 data = kzalloc(sizeof(*data), GFP_KERNEL); 2383 if (!data) 2384 return -ENOMEM; 2385 2386 data->intf = intf; 2387 data->id = id; 2388 data->usb_dev = usb_get_dev(interface_to_usbdev(intf)); 2389 usb_set_intfdata(intf, data); 2390 kref_init(&data->kref); 2391 mutex_init(&data->io_mutex); 2392 init_waitqueue_head(&data->waitq); 2393 atomic_set(&data->iin_data_valid, 0); 2394 INIT_LIST_HEAD(&data->file_list); 2395 spin_lock_init(&data->dev_lock); 2396 2397 data->zombie = 0; 2398 2399 /* Initialize USBTMC bTag and other fields */ 2400 data->bTag = 1; 2401 /* 2 <= bTag <= 127 USBTMC-USB488 subclass specification 4.3.1 */ 2402 data->iin_bTag = 2; 2403 2404 /* USBTMC devices have only one setting, so use that */ 2405 iface_desc = data->intf->cur_altsetting; 2406 data->ifnum = iface_desc->desc.bInterfaceNumber; 2407 2408 /* Find bulk endpoints */ 2409 retcode = usb_find_common_endpoints(iface_desc, 2410 &bulk_in, &bulk_out, NULL, NULL); 2411 if (retcode) { 2412 dev_err(&intf->dev, "bulk endpoints not found\n"); 2413 goto err_put; 2414 } 2415 2416 retcode = -EINVAL; 2417 data->bulk_in = bulk_in->bEndpointAddress; 2418 data->wMaxPacketSize = usb_endpoint_maxp(bulk_in); 2419 if (!data->wMaxPacketSize) 2420 goto err_put; 2421 dev_dbg(&intf->dev, "Found bulk in endpoint at %u\n", data->bulk_in); 2422 2423 data->bulk_out = bulk_out->bEndpointAddress; 2424 dev_dbg(&intf->dev, "Found Bulk out endpoint at %u\n", data->bulk_out); 2425 2426 /* Find int endpoint */ 2427 retcode = usb_find_int_in_endpoint(iface_desc, &int_in); 2428 if (!retcode) { 2429 data->iin_ep_present = 1; 2430 data->iin_ep = int_in->bEndpointAddress; 2431 data->iin_wMaxPacketSize = usb_endpoint_maxp(int_in); 2432 data->iin_interval = int_in->bInterval; 2433 dev_dbg(&intf->dev, "Found Int in endpoint at %u\n", 2434 data->iin_ep); 2435 } 2436 2437 retcode = get_capabilities(data); 2438 if (retcode) 2439 dev_err(&intf->dev, "can't read capabilities\n"); 2440 2441 if (data->iin_ep_present) { 2442 /* allocate int urb */ 2443 data->iin_urb = usb_alloc_urb(0, GFP_KERNEL); 2444 if (!data->iin_urb) { 2445 retcode = -ENOMEM; 2446 goto error_register; 2447 } 2448 2449 /* Protect interrupt in endpoint data until iin_urb is freed */ 2450 kref_get(&data->kref); 2451 2452 /* allocate buffer for interrupt in */ 2453 data->iin_buffer = kmalloc(data->iin_wMaxPacketSize, 2454 GFP_KERNEL); 2455 if (!data->iin_buffer) { 2456 retcode = -ENOMEM; 2457 goto error_register; 2458 } 2459 2460 /* fill interrupt urb */ 2461 usb_fill_int_urb(data->iin_urb, data->usb_dev, 2462 usb_rcvintpipe(data->usb_dev, data->iin_ep), 2463 data->iin_buffer, data->iin_wMaxPacketSize, 2464 usbtmc_interrupt, 2465 data, data->iin_interval); 2466 2467 retcode = usb_submit_urb(data->iin_urb, GFP_KERNEL); 2468 if (retcode) { 2469 dev_err(&intf->dev, "Failed to submit iin_urb\n"); 2470 goto error_register; 2471 } 2472 } 2473 2474 retcode = usb_register_dev(intf, &usbtmc_class); 2475 if (retcode) { 2476 dev_err(&intf->dev, "Not able to get a minor (base %u, slice default): %d\n", 2477 USBTMC_MINOR_BASE, 2478 retcode); 2479 goto error_register; 2480 } 2481 dev_dbg(&intf->dev, "Using minor number %d\n", intf->minor); 2482 2483 return 0; 2484 2485 error_register: 2486 usbtmc_free_int(data); 2487 err_put: 2488 kref_put(&data->kref, usbtmc_delete); 2489 return retcode; 2490 } 2491 2492 static void usbtmc_disconnect(struct usb_interface *intf) 2493 { 2494 struct usbtmc_device_data *data = usb_get_intfdata(intf); 2495 struct list_head *elem; 2496 2497 usb_deregister_dev(intf, &usbtmc_class); 2498 mutex_lock(&data->io_mutex); 2499 data->zombie = 1; 2500 wake_up_interruptible_all(&data->waitq); 2501 list_for_each(elem, &data->file_list) { 2502 struct usbtmc_file_data *file_data; 2503 2504 file_data = list_entry(elem, 2505 struct usbtmc_file_data, 2506 file_elem); 2507 usb_kill_anchored_urbs(&file_data->submitted); 2508 usb_scuttle_anchored_urbs(&file_data->in_anchor); 2509 } 2510 mutex_unlock(&data->io_mutex); 2511 usbtmc_free_int(data); 2512 kref_put(&data->kref, usbtmc_delete); 2513 } 2514 2515 static void usbtmc_draw_down(struct usbtmc_file_data *file_data) 2516 { 2517 int time; 2518 2519 time = usb_wait_anchor_empty_timeout(&file_data->submitted, 1000); 2520 if (!time) 2521 usb_kill_anchored_urbs(&file_data->submitted); 2522 usb_scuttle_anchored_urbs(&file_data->in_anchor); 2523 } 2524 2525 static int usbtmc_suspend(struct usb_interface *intf, pm_message_t message) 2526 { 2527 struct usbtmc_device_data *data = usb_get_intfdata(intf); 2528 struct list_head *elem; 2529 2530 if (!data) 2531 return 0; 2532 2533 mutex_lock(&data->io_mutex); 2534 list_for_each(elem, &data->file_list) { 2535 struct usbtmc_file_data *file_data; 2536 2537 file_data = list_entry(elem, 2538 struct usbtmc_file_data, 2539 file_elem); 2540 usbtmc_draw_down(file_data); 2541 } 2542 2543 if (data->iin_ep_present && data->iin_urb) 2544 usb_kill_urb(data->iin_urb); 2545 2546 mutex_unlock(&data->io_mutex); 2547 return 0; 2548 } 2549 2550 static int usbtmc_resume(struct usb_interface *intf) 2551 { 2552 struct usbtmc_device_data *data = usb_get_intfdata(intf); 2553 int retcode = 0; 2554 2555 if (data->iin_ep_present && data->iin_urb) 2556 retcode = usb_submit_urb(data->iin_urb, GFP_KERNEL); 2557 if (retcode) 2558 dev_err(&intf->dev, "Failed to submit iin_urb\n"); 2559 2560 return retcode; 2561 } 2562 2563 static int usbtmc_pre_reset(struct usb_interface *intf) 2564 { 2565 struct usbtmc_device_data *data = usb_get_intfdata(intf); 2566 struct list_head *elem; 2567 2568 if (!data) 2569 return 0; 2570 2571 mutex_lock(&data->io_mutex); 2572 2573 list_for_each(elem, &data->file_list) { 2574 struct usbtmc_file_data *file_data; 2575 2576 file_data = list_entry(elem, 2577 struct usbtmc_file_data, 2578 file_elem); 2579 usbtmc_ioctl_cancel_io(file_data); 2580 } 2581 2582 return 0; 2583 } 2584 2585 static int usbtmc_post_reset(struct usb_interface *intf) 2586 { 2587 struct usbtmc_device_data *data = usb_get_intfdata(intf); 2588 2589 mutex_unlock(&data->io_mutex); 2590 2591 return 0; 2592 } 2593 2594 static struct usb_driver usbtmc_driver = { 2595 .name = "usbtmc", 2596 .id_table = usbtmc_devices, 2597 .probe = usbtmc_probe, 2598 .disconnect = usbtmc_disconnect, 2599 .suspend = usbtmc_suspend, 2600 .resume = usbtmc_resume, 2601 .pre_reset = usbtmc_pre_reset, 2602 .post_reset = usbtmc_post_reset, 2603 .dev_groups = usbtmc_groups, 2604 }; 2605 2606 module_usb_driver(usbtmc_driver); 2607 2608 MODULE_DESCRIPTION("USB Test & Measurement class driver"); 2609 MODULE_LICENSE("GPL"); 2610