1 // SPDX-License-Identifier: GPL-2.0+ 2 /* 3 * drivers/usb/class/usbtmc.c - USB Test & Measurement class driver 4 * 5 * Copyright (C) 2007 Stefan Kopp, Gechingen, Germany 6 * Copyright (C) 2008 Novell, Inc. 7 * Copyright (C) 2008 Greg Kroah-Hartman <gregkh@suse.de> 8 * Copyright (C) 2018 IVI Foundation, Inc. 9 */ 10 11 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt 12 13 #include <linux/module.h> 14 #include <linux/kernel.h> 15 #include <linux/fs.h> 16 #include <linux/uaccess.h> 17 #include <linux/kref.h> 18 #include <linux/slab.h> 19 #include <linux/poll.h> 20 #include <linux/mutex.h> 21 #include <linux/usb.h> 22 #include <linux/compat.h> 23 #include <linux/usb/tmc.h> 24 25 /* Increment API VERSION when changing tmc.h with new flags or ioctls 26 * or when changing a significant behavior of the driver. 27 */ 28 #define USBTMC_API_VERSION (3) 29 30 #define USBTMC_HEADER_SIZE 12 31 #define USBTMC_MINOR_BASE 176 32 33 /* Minimum USB timeout (in milliseconds) */ 34 #define USBTMC_MIN_TIMEOUT 100 35 /* Default USB timeout (in milliseconds) */ 36 #define USBTMC_TIMEOUT 5000 37 38 /* Max number of urbs used in write transfers */ 39 #define MAX_URBS_IN_FLIGHT 16 40 /* I/O buffer size used in generic read/write functions */ 41 #define USBTMC_BUFSIZE (4096) 42 43 /* 44 * Maximum number of read cycles to empty bulk in endpoint during CLEAR and 45 * ABORT_BULK_IN requests. Ends the loop if (for whatever reason) a short 46 * packet is never read. 47 */ 48 #define USBTMC_MAX_READS_TO_CLEAR_BULK_IN 100 49 50 static const struct usb_device_id usbtmc_devices[] = { 51 { USB_INTERFACE_INFO(USB_CLASS_APP_SPEC, 3, 0), }, 52 { USB_INTERFACE_INFO(USB_CLASS_APP_SPEC, 3, 1), }, 53 { 0, } /* terminating entry */ 54 }; 55 MODULE_DEVICE_TABLE(usb, usbtmc_devices); 56 57 /* 58 * This structure is the capabilities for the device 59 * See section 4.2.1.8 of the USBTMC specification, 60 * and section 4.2.2 of the USBTMC usb488 subclass 61 * specification for details. 62 */ 63 struct usbtmc_dev_capabilities { 64 __u8 interface_capabilities; 65 __u8 device_capabilities; 66 __u8 usb488_interface_capabilities; 67 __u8 usb488_device_capabilities; 68 }; 69 70 /* This structure holds private data for each USBTMC device. One copy is 71 * allocated for each USBTMC device in the driver's probe function. 72 */ 73 struct usbtmc_device_data { 74 const struct usb_device_id *id; 75 struct usb_device *usb_dev; 76 struct usb_interface *intf; 77 struct list_head file_list; 78 79 unsigned int bulk_in; 80 unsigned int bulk_out; 81 82 u8 bTag; 83 u8 bTag_last_write; /* needed for abort */ 84 u8 bTag_last_read; /* needed for abort */ 85 86 /* packet size of IN bulk */ 87 u16 wMaxPacketSize; 88 89 /* data for interrupt in endpoint handling */ 90 u8 bNotify1; 91 u8 bNotify2; 92 u16 ifnum; 93 u8 iin_bTag; 94 u8 *iin_buffer; 95 atomic_t iin_data_valid; 96 unsigned int iin_ep; 97 int iin_ep_present; 98 int iin_interval; 99 struct urb *iin_urb; 100 u16 iin_wMaxPacketSize; 101 102 /* coalesced usb488_caps from usbtmc_dev_capabilities */ 103 __u8 usb488_caps; 104 105 bool zombie; /* fd of disconnected device */ 106 107 struct usbtmc_dev_capabilities capabilities; 108 struct kref kref; 109 struct mutex io_mutex; /* only one i/o function running at a time */ 110 wait_queue_head_t waitq; 111 struct fasync_struct *fasync; 112 spinlock_t dev_lock; /* lock for file_list */ 113 }; 114 #define to_usbtmc_data(d) container_of(d, struct usbtmc_device_data, kref) 115 116 /* 117 * This structure holds private data for each USBTMC file handle. 118 */ 119 struct usbtmc_file_data { 120 struct usbtmc_device_data *data; 121 struct list_head file_elem; 122 123 u32 timeout; 124 u8 srq_byte; 125 atomic_t srq_asserted; 126 atomic_t closing; 127 u8 bmTransferAttributes; /* member of DEV_DEP_MSG_IN */ 128 129 u8 eom_val; 130 u8 term_char; 131 bool term_char_enabled; 132 bool auto_abort; 133 134 spinlock_t err_lock; /* lock for errors */ 135 136 struct usb_anchor submitted; 137 138 /* data for generic_write */ 139 struct semaphore limit_write_sem; 140 u32 out_transfer_size; 141 int out_status; 142 143 /* data for generic_read */ 144 u32 in_transfer_size; 145 int in_status; 146 int in_urbs_used; 147 struct usb_anchor in_anchor; 148 wait_queue_head_t wait_bulk_in; 149 }; 150 151 /* Forward declarations */ 152 static struct usb_driver usbtmc_driver; 153 static void usbtmc_draw_down(struct usbtmc_file_data *file_data); 154 155 static void usbtmc_delete(struct kref *kref) 156 { 157 struct usbtmc_device_data *data = to_usbtmc_data(kref); 158 159 usb_put_dev(data->usb_dev); 160 kfree(data); 161 } 162 163 static int usbtmc_open(struct inode *inode, struct file *filp) 164 { 165 struct usb_interface *intf; 166 struct usbtmc_device_data *data; 167 struct usbtmc_file_data *file_data; 168 169 intf = usb_find_interface(&usbtmc_driver, iminor(inode)); 170 if (!intf) { 171 pr_err("can not find device for minor %d", iminor(inode)); 172 return -ENODEV; 173 } 174 175 file_data = kzalloc_obj(*file_data); 176 if (!file_data) 177 return -ENOMEM; 178 179 spin_lock_init(&file_data->err_lock); 180 sema_init(&file_data->limit_write_sem, MAX_URBS_IN_FLIGHT); 181 init_usb_anchor(&file_data->submitted); 182 init_usb_anchor(&file_data->in_anchor); 183 init_waitqueue_head(&file_data->wait_bulk_in); 184 185 data = usb_get_intfdata(intf); 186 /* Protect reference to data from file structure until release */ 187 kref_get(&data->kref); 188 189 mutex_lock(&data->io_mutex); 190 file_data->data = data; 191 192 atomic_set(&file_data->closing, 0); 193 194 file_data->timeout = USBTMC_TIMEOUT; 195 file_data->term_char = '\n'; 196 file_data->term_char_enabled = 0; 197 file_data->auto_abort = 0; 198 file_data->eom_val = 1; 199 200 INIT_LIST_HEAD(&file_data->file_elem); 201 spin_lock_irq(&data->dev_lock); 202 list_add_tail(&file_data->file_elem, &data->file_list); 203 spin_unlock_irq(&data->dev_lock); 204 mutex_unlock(&data->io_mutex); 205 206 /* Store pointer in file structure's private data field */ 207 filp->private_data = file_data; 208 209 return 0; 210 } 211 212 /* 213 * usbtmc_flush - called before file handle is closed 214 */ 215 static int usbtmc_flush(struct file *file, fl_owner_t id) 216 { 217 struct usbtmc_file_data *file_data; 218 struct usbtmc_device_data *data; 219 220 file_data = file->private_data; 221 if (file_data == NULL) 222 return -ENODEV; 223 224 atomic_set(&file_data->closing, 1); 225 data = file_data->data; 226 227 /* wait for io to stop */ 228 mutex_lock(&data->io_mutex); 229 230 usbtmc_draw_down(file_data); 231 232 spin_lock_irq(&file_data->err_lock); 233 file_data->in_status = 0; 234 file_data->in_transfer_size = 0; 235 file_data->in_urbs_used = 0; 236 file_data->out_status = 0; 237 file_data->out_transfer_size = 0; 238 spin_unlock_irq(&file_data->err_lock); 239 240 wake_up_interruptible_all(&data->waitq); 241 mutex_unlock(&data->io_mutex); 242 243 return 0; 244 } 245 246 static int usbtmc_release(struct inode *inode, struct file *file) 247 { 248 struct usbtmc_file_data *file_data = file->private_data; 249 250 /* prevent IO _AND_ usbtmc_interrupt */ 251 mutex_lock(&file_data->data->io_mutex); 252 spin_lock_irq(&file_data->data->dev_lock); 253 254 list_del(&file_data->file_elem); 255 256 spin_unlock_irq(&file_data->data->dev_lock); 257 258 /* flush anchored URBs */ 259 usbtmc_draw_down(file_data); 260 mutex_unlock(&file_data->data->io_mutex); 261 262 kref_put(&file_data->data->kref, usbtmc_delete); 263 file_data->data = NULL; 264 kfree(file_data); 265 return 0; 266 } 267 268 static int usbtmc_ioctl_abort_bulk_in_tag(struct usbtmc_device_data *data, 269 u8 tag) 270 { 271 u8 *buffer; 272 struct device *dev; 273 int rv; 274 int n; 275 int actual; 276 277 dev = &data->intf->dev; 278 buffer = kmalloc(USBTMC_BUFSIZE, GFP_KERNEL); 279 if (!buffer) 280 return -ENOMEM; 281 282 rv = usb_control_msg(data->usb_dev, 283 usb_rcvctrlpipe(data->usb_dev, 0), 284 USBTMC_REQUEST_INITIATE_ABORT_BULK_IN, 285 USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_ENDPOINT, 286 tag, data->bulk_in, 287 buffer, 2, USB_CTRL_GET_TIMEOUT); 288 289 if (rv < 0) { 290 dev_err(dev, "usb_control_msg returned %d\n", rv); 291 goto exit; 292 } 293 294 dev_dbg(dev, "INITIATE_ABORT_BULK_IN returned %x with tag %02x\n", 295 buffer[0], buffer[1]); 296 297 if (buffer[0] == USBTMC_STATUS_FAILED) { 298 /* No transfer in progress and the Bulk-OUT FIFO is empty. */ 299 rv = 0; 300 goto exit; 301 } 302 303 if (buffer[0] == USBTMC_STATUS_TRANSFER_NOT_IN_PROGRESS) { 304 /* The device returns this status if either: 305 * - There is a transfer in progress, but the specified bTag 306 * does not match. 307 * - There is no transfer in progress, but the Bulk-OUT FIFO 308 * is not empty. 309 */ 310 rv = -ENOMSG; 311 goto exit; 312 } 313 314 if (buffer[0] != USBTMC_STATUS_SUCCESS) { 315 dev_err(dev, "INITIATE_ABORT_BULK_IN returned %x\n", 316 buffer[0]); 317 rv = -EPERM; 318 goto exit; 319 } 320 321 n = 0; 322 323 usbtmc_abort_bulk_in_status: 324 dev_dbg(dev, "Reading from bulk in EP\n"); 325 326 /* Data must be present. So use low timeout 300 ms */ 327 actual = 0; 328 rv = usb_bulk_msg(data->usb_dev, 329 usb_rcvbulkpipe(data->usb_dev, 330 data->bulk_in), 331 buffer, USBTMC_BUFSIZE, 332 &actual, 300); 333 334 print_hex_dump_debug("usbtmc ", DUMP_PREFIX_NONE, 16, 1, 335 buffer, actual, true); 336 337 n++; 338 339 if (rv < 0) { 340 dev_err(dev, "usb_bulk_msg returned %d\n", rv); 341 if (rv != -ETIMEDOUT) 342 goto exit; 343 } 344 345 if (actual == USBTMC_BUFSIZE) 346 goto usbtmc_abort_bulk_in_status; 347 348 if (n >= USBTMC_MAX_READS_TO_CLEAR_BULK_IN) { 349 dev_err(dev, "Couldn't clear device buffer within %d cycles\n", 350 USBTMC_MAX_READS_TO_CLEAR_BULK_IN); 351 rv = -EPERM; 352 goto exit; 353 } 354 355 rv = usb_control_msg(data->usb_dev, 356 usb_rcvctrlpipe(data->usb_dev, 0), 357 USBTMC_REQUEST_CHECK_ABORT_BULK_IN_STATUS, 358 USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_ENDPOINT, 359 0, data->bulk_in, buffer, 0x08, 360 USB_CTRL_GET_TIMEOUT); 361 362 if (rv < 0) { 363 dev_err(dev, "usb_control_msg returned %d\n", rv); 364 goto exit; 365 } 366 367 dev_dbg(dev, "CHECK_ABORT_BULK_IN returned %x\n", buffer[0]); 368 369 if (buffer[0] == USBTMC_STATUS_SUCCESS) { 370 rv = 0; 371 goto exit; 372 } 373 374 if (buffer[0] != USBTMC_STATUS_PENDING) { 375 dev_err(dev, "CHECK_ABORT_BULK_IN returned %x\n", buffer[0]); 376 rv = -EPERM; 377 goto exit; 378 } 379 380 if ((buffer[1] & 1) > 0) { 381 /* The device has 1 or more queued packets the Host can read */ 382 goto usbtmc_abort_bulk_in_status; 383 } 384 385 /* The Host must send CHECK_ABORT_BULK_IN_STATUS at a later time. */ 386 rv = -EAGAIN; 387 exit: 388 kfree(buffer); 389 return rv; 390 } 391 392 static int usbtmc_ioctl_abort_bulk_in(struct usbtmc_device_data *data) 393 { 394 return usbtmc_ioctl_abort_bulk_in_tag(data, data->bTag_last_read); 395 } 396 397 static int usbtmc_ioctl_abort_bulk_out_tag(struct usbtmc_device_data *data, 398 u8 tag) 399 { 400 struct device *dev; 401 u8 *buffer; 402 int rv; 403 int n; 404 405 dev = &data->intf->dev; 406 407 buffer = kmalloc(8, GFP_KERNEL); 408 if (!buffer) 409 return -ENOMEM; 410 411 rv = usb_control_msg(data->usb_dev, 412 usb_rcvctrlpipe(data->usb_dev, 0), 413 USBTMC_REQUEST_INITIATE_ABORT_BULK_OUT, 414 USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_ENDPOINT, 415 tag, data->bulk_out, 416 buffer, 2, USB_CTRL_GET_TIMEOUT); 417 418 if (rv < 0) { 419 dev_err(dev, "usb_control_msg returned %d\n", rv); 420 goto exit; 421 } 422 423 dev_dbg(dev, "INITIATE_ABORT_BULK_OUT returned %x\n", buffer[0]); 424 425 if (buffer[0] != USBTMC_STATUS_SUCCESS) { 426 dev_err(dev, "INITIATE_ABORT_BULK_OUT returned %x\n", 427 buffer[0]); 428 rv = -EPERM; 429 goto exit; 430 } 431 432 n = 0; 433 434 usbtmc_abort_bulk_out_check_status: 435 /* do not stress device with subsequent requests */ 436 msleep(50); 437 rv = usb_control_msg(data->usb_dev, 438 usb_rcvctrlpipe(data->usb_dev, 0), 439 USBTMC_REQUEST_CHECK_ABORT_BULK_OUT_STATUS, 440 USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_ENDPOINT, 441 0, data->bulk_out, buffer, 0x08, 442 USB_CTRL_GET_TIMEOUT); 443 n++; 444 if (rv < 0) { 445 dev_err(dev, "usb_control_msg returned %d\n", rv); 446 goto exit; 447 } 448 449 dev_dbg(dev, "CHECK_ABORT_BULK_OUT returned %x\n", buffer[0]); 450 451 if (buffer[0] == USBTMC_STATUS_SUCCESS) 452 goto usbtmc_abort_bulk_out_clear_halt; 453 454 if ((buffer[0] == USBTMC_STATUS_PENDING) && 455 (n < USBTMC_MAX_READS_TO_CLEAR_BULK_IN)) 456 goto usbtmc_abort_bulk_out_check_status; 457 458 rv = -EPERM; 459 goto exit; 460 461 usbtmc_abort_bulk_out_clear_halt: 462 rv = usb_clear_halt(data->usb_dev, 463 usb_sndbulkpipe(data->usb_dev, data->bulk_out)); 464 465 if (rv < 0) { 466 dev_err(dev, "usb_control_msg returned %d\n", rv); 467 goto exit; 468 } 469 rv = 0; 470 471 exit: 472 kfree(buffer); 473 return rv; 474 } 475 476 static int usbtmc_ioctl_abort_bulk_out(struct usbtmc_device_data *data) 477 { 478 return usbtmc_ioctl_abort_bulk_out_tag(data, data->bTag_last_write); 479 } 480 481 static int usbtmc_get_stb(struct usbtmc_file_data *file_data, __u8 *stb) 482 { 483 struct usbtmc_device_data *data = file_data->data; 484 struct device *dev = &data->intf->dev; 485 u8 *buffer; 486 u8 tag; 487 int rv; 488 long wait_rv; 489 unsigned long expire; 490 491 dev_dbg(dev, "Enter ioctl_read_stb iin_ep_present: %d\n", 492 data->iin_ep_present); 493 494 buffer = kmalloc(8, GFP_KERNEL); 495 if (!buffer) 496 return -ENOMEM; 497 498 atomic_set(&data->iin_data_valid, 0); 499 500 rv = usb_control_msg(data->usb_dev, 501 usb_rcvctrlpipe(data->usb_dev, 0), 502 USBTMC488_REQUEST_READ_STATUS_BYTE, 503 USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_INTERFACE, 504 data->iin_bTag, 505 data->ifnum, 506 buffer, 0x03, USB_CTRL_GET_TIMEOUT); 507 if (rv < 0) { 508 dev_err(dev, "stb usb_control_msg returned %d\n", rv); 509 goto exit; 510 } 511 512 if (buffer[0] != USBTMC_STATUS_SUCCESS) { 513 dev_err(dev, "control status returned %x\n", buffer[0]); 514 rv = -EIO; 515 goto exit; 516 } 517 518 if (data->iin_ep_present) { 519 expire = msecs_to_jiffies(file_data->timeout); 520 wait_rv = wait_event_interruptible_timeout( 521 data->waitq, 522 atomic_read(&data->iin_data_valid) != 0, 523 expire); 524 if (wait_rv < 0) { 525 dev_dbg(dev, "wait interrupted %ld\n", wait_rv); 526 rv = wait_rv; 527 goto exit; 528 } 529 530 if (wait_rv == 0) { 531 dev_dbg(dev, "wait timed out\n"); 532 rv = -ETIMEDOUT; 533 goto exit; 534 } 535 536 tag = data->bNotify1 & 0x7f; 537 if (tag != data->iin_bTag) { 538 dev_err(dev, "expected bTag %x got %x\n", 539 data->iin_bTag, tag); 540 } 541 542 *stb = data->bNotify2; 543 } else { 544 *stb = buffer[2]; 545 } 546 547 dev_dbg(dev, "stb:0x%02x received %d\n", (unsigned int)*stb, rv); 548 549 rv = 0; 550 551 exit: 552 /* bump interrupt bTag */ 553 data->iin_bTag += 1; 554 if (data->iin_bTag > 127) 555 /* 1 is for SRQ see USBTMC-USB488 subclass spec section 4.3.1 */ 556 data->iin_bTag = 2; 557 558 kfree(buffer); 559 return rv; 560 } 561 562 static int usbtmc488_ioctl_read_stb(struct usbtmc_file_data *file_data, 563 void __user *arg) 564 { 565 int srq_asserted = 0; 566 __u8 stb; 567 int rv; 568 569 rv = usbtmc_get_stb(file_data, &stb); 570 571 if (rv < 0) 572 return rv; 573 574 srq_asserted = atomic_xchg(&file_data->srq_asserted, srq_asserted); 575 if (srq_asserted) 576 stb |= 0x40; /* Set RQS bit */ 577 578 rv = put_user(stb, (__u8 __user *)arg); 579 580 return rv; 581 582 } 583 584 static int usbtmc_ioctl_get_srq_stb(struct usbtmc_file_data *file_data, 585 void __user *arg) 586 { 587 struct usbtmc_device_data *data = file_data->data; 588 struct device *dev = &data->intf->dev; 589 int srq_asserted = 0; 590 __u8 stb = 0; 591 int rv; 592 593 spin_lock_irq(&data->dev_lock); 594 srq_asserted = atomic_xchg(&file_data->srq_asserted, srq_asserted); 595 596 if (srq_asserted) { 597 stb = file_data->srq_byte; 598 spin_unlock_irq(&data->dev_lock); 599 rv = put_user(stb, (__u8 __user *)arg); 600 } else { 601 spin_unlock_irq(&data->dev_lock); 602 rv = -ENOMSG; 603 } 604 605 dev_dbg(dev, "stb:0x%02x with srq received %d\n", (unsigned int)stb, rv); 606 607 return rv; 608 } 609 610 static int usbtmc488_ioctl_wait_srq(struct usbtmc_file_data *file_data, 611 __u32 __user *arg) 612 { 613 struct usbtmc_device_data *data = file_data->data; 614 struct device *dev = &data->intf->dev; 615 u32 timeout; 616 unsigned long expire; 617 long wait_rv; 618 619 if (!data->iin_ep_present) { 620 dev_dbg(dev, "no interrupt endpoint present\n"); 621 return -EFAULT; 622 } 623 624 if (get_user(timeout, arg)) 625 return -EFAULT; 626 627 expire = msecs_to_jiffies(timeout); 628 629 mutex_unlock(&data->io_mutex); 630 631 wait_rv = wait_event_interruptible_timeout( 632 data->waitq, 633 atomic_read(&file_data->srq_asserted) != 0 || 634 atomic_read(&file_data->closing), 635 expire); 636 637 mutex_lock(&data->io_mutex); 638 639 /* Note! disconnect or close could be called in the meantime */ 640 if (atomic_read(&file_data->closing) || data->zombie) 641 return -ENODEV; 642 643 if (wait_rv < 0) { 644 dev_dbg(dev, "%s - wait interrupted %ld\n", __func__, wait_rv); 645 return wait_rv; 646 } 647 648 if (wait_rv == 0) { 649 dev_dbg(dev, "%s - wait timed out\n", __func__); 650 return -ETIMEDOUT; 651 } 652 653 dev_dbg(dev, "%s - srq asserted\n", __func__); 654 return 0; 655 } 656 657 static int usbtmc488_ioctl_simple(struct usbtmc_device_data *data, 658 void __user *arg, unsigned int cmd) 659 { 660 struct device *dev = &data->intf->dev; 661 __u8 val; 662 u8 *buffer; 663 u16 wValue; 664 int rv; 665 666 if (!(data->usb488_caps & USBTMC488_CAPABILITY_SIMPLE)) 667 return -EINVAL; 668 669 buffer = kmalloc(8, GFP_KERNEL); 670 if (!buffer) 671 return -ENOMEM; 672 673 if (cmd == USBTMC488_REQUEST_REN_CONTROL) { 674 rv = copy_from_user(&val, arg, sizeof(val)); 675 if (rv) { 676 rv = -EFAULT; 677 goto exit; 678 } 679 wValue = val ? 1 : 0; 680 } else { 681 wValue = 0; 682 } 683 684 rv = usb_control_msg(data->usb_dev, 685 usb_rcvctrlpipe(data->usb_dev, 0), 686 cmd, 687 USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_INTERFACE, 688 wValue, 689 data->ifnum, 690 buffer, 0x01, USB_CTRL_GET_TIMEOUT); 691 if (rv < 0) { 692 dev_err(dev, "simple usb_control_msg failed %d\n", rv); 693 goto exit; 694 } else if (rv != 1) { 695 dev_warn(dev, "simple usb_control_msg returned %d\n", rv); 696 rv = -EIO; 697 goto exit; 698 } 699 700 if (buffer[0] != USBTMC_STATUS_SUCCESS) { 701 dev_err(dev, "simple control status returned %x\n", buffer[0]); 702 rv = -EIO; 703 goto exit; 704 } 705 rv = 0; 706 707 exit: 708 kfree(buffer); 709 return rv; 710 } 711 712 /* 713 * Sends a TRIGGER Bulk-OUT command message 714 * See the USBTMC-USB488 specification, Table 2. 715 * 716 * Also updates bTag_last_write. 717 */ 718 static int usbtmc488_ioctl_trigger(struct usbtmc_file_data *file_data) 719 { 720 struct usbtmc_device_data *data = file_data->data; 721 int retval; 722 u8 *buffer; 723 int actual; 724 725 buffer = kzalloc(USBTMC_HEADER_SIZE, GFP_KERNEL); 726 if (!buffer) 727 return -ENOMEM; 728 729 buffer[0] = 128; 730 buffer[1] = data->bTag; 731 buffer[2] = ~data->bTag; 732 733 retval = usb_bulk_msg_killable(data->usb_dev, 734 usb_sndbulkpipe(data->usb_dev, 735 data->bulk_out), 736 buffer, USBTMC_HEADER_SIZE, 737 &actual, file_data->timeout); 738 739 /* Store bTag (in case we need to abort) */ 740 data->bTag_last_write = data->bTag; 741 742 /* Increment bTag -- and increment again if zero */ 743 data->bTag++; 744 if (!data->bTag) 745 data->bTag++; 746 747 kfree(buffer); 748 if (retval < 0) { 749 dev_err(&data->intf->dev, "%s returned %d\n", 750 __func__, retval); 751 return retval; 752 } 753 754 return 0; 755 } 756 757 static struct urb *usbtmc_create_urb(void) 758 { 759 const size_t bufsize = USBTMC_BUFSIZE; 760 u8 *dmabuf = NULL; 761 struct urb *urb = usb_alloc_urb(0, GFP_KERNEL); 762 763 if (!urb) 764 return NULL; 765 766 dmabuf = kzalloc(bufsize, GFP_KERNEL); 767 if (!dmabuf) { 768 usb_free_urb(urb); 769 return NULL; 770 } 771 772 urb->transfer_buffer = dmabuf; 773 urb->transfer_buffer_length = bufsize; 774 urb->transfer_flags |= URB_FREE_BUFFER; 775 return urb; 776 } 777 778 static void usbtmc_read_bulk_cb(struct urb *urb) 779 { 780 struct usbtmc_file_data *file_data = urb->context; 781 int status = urb->status; 782 unsigned long flags; 783 784 /* sync/async unlink faults aren't errors */ 785 if (status) { 786 if (!(/* status == -ENOENT || */ 787 status == -ECONNRESET || 788 status == -EREMOTEIO || /* Short packet */ 789 status == -ESHUTDOWN)) 790 dev_err(&file_data->data->intf->dev, 791 "%s - nonzero read bulk status received: %d\n", 792 __func__, status); 793 794 spin_lock_irqsave(&file_data->err_lock, flags); 795 if (!file_data->in_status) 796 file_data->in_status = status; 797 spin_unlock_irqrestore(&file_data->err_lock, flags); 798 } 799 800 spin_lock_irqsave(&file_data->err_lock, flags); 801 file_data->in_transfer_size += urb->actual_length; 802 dev_dbg(&file_data->data->intf->dev, 803 "%s - total size: %u current: %d status: %d\n", 804 __func__, file_data->in_transfer_size, 805 urb->actual_length, status); 806 spin_unlock_irqrestore(&file_data->err_lock, flags); 807 usb_anchor_urb(urb, &file_data->in_anchor); 808 809 wake_up_interruptible(&file_data->wait_bulk_in); 810 wake_up_interruptible(&file_data->data->waitq); 811 } 812 813 static inline bool usbtmc_do_transfer(struct usbtmc_file_data *file_data) 814 { 815 bool data_or_error; 816 817 spin_lock_irq(&file_data->err_lock); 818 data_or_error = !usb_anchor_empty(&file_data->in_anchor) 819 || file_data->in_status; 820 spin_unlock_irq(&file_data->err_lock); 821 dev_dbg(&file_data->data->intf->dev, "%s: returns %d\n", __func__, 822 data_or_error); 823 return data_or_error; 824 } 825 826 static ssize_t usbtmc_generic_read(struct usbtmc_file_data *file_data, 827 void __user *user_buffer, 828 u32 transfer_size, 829 u32 *transferred, 830 u32 flags) 831 { 832 struct usbtmc_device_data *data = file_data->data; 833 struct device *dev = &data->intf->dev; 834 u32 done = 0; 835 u32 remaining; 836 const u32 bufsize = USBTMC_BUFSIZE; 837 int retval = 0; 838 u32 max_transfer_size; 839 unsigned long expire; 840 int bufcount = 1; 841 int again = 0; 842 long wait_rv; 843 844 /* mutex already locked */ 845 846 *transferred = done; 847 848 max_transfer_size = transfer_size; 849 850 if (flags & USBTMC_FLAG_IGNORE_TRAILER) { 851 /* The device may send extra alignment bytes (up to 852 * wMaxPacketSize – 1) to avoid sending a zero-length 853 * packet 854 */ 855 remaining = transfer_size; 856 if ((max_transfer_size % data->wMaxPacketSize) == 0) 857 max_transfer_size += (data->wMaxPacketSize - 1); 858 } else { 859 /* round down to bufsize to avoid truncated data left */ 860 if (max_transfer_size > bufsize) { 861 max_transfer_size = 862 roundup(max_transfer_size + 1 - bufsize, 863 bufsize); 864 } 865 remaining = max_transfer_size; 866 } 867 868 spin_lock_irq(&file_data->err_lock); 869 870 if (file_data->in_status) { 871 /* return the very first error */ 872 retval = file_data->in_status; 873 spin_unlock_irq(&file_data->err_lock); 874 goto error; 875 } 876 877 if (flags & USBTMC_FLAG_ASYNC) { 878 if (usb_anchor_empty(&file_data->in_anchor)) 879 again = 1; 880 881 if (file_data->in_urbs_used == 0) { 882 file_data->in_transfer_size = 0; 883 file_data->in_status = 0; 884 } 885 } else { 886 file_data->in_transfer_size = 0; 887 file_data->in_status = 0; 888 } 889 890 if (max_transfer_size == 0) { 891 bufcount = 0; 892 } else { 893 bufcount = roundup(max_transfer_size, bufsize) / bufsize; 894 if (bufcount > file_data->in_urbs_used) 895 bufcount -= file_data->in_urbs_used; 896 else 897 bufcount = 0; 898 899 if (bufcount + file_data->in_urbs_used > MAX_URBS_IN_FLIGHT) { 900 bufcount = MAX_URBS_IN_FLIGHT - 901 file_data->in_urbs_used; 902 } 903 } 904 spin_unlock_irq(&file_data->err_lock); 905 906 dev_dbg(dev, "%s: requested=%u flags=0x%X size=%u bufs=%d used=%d\n", 907 __func__, transfer_size, flags, 908 max_transfer_size, bufcount, file_data->in_urbs_used); 909 910 while (bufcount > 0) { 911 u8 *dmabuf = NULL; 912 struct urb *urb = usbtmc_create_urb(); 913 914 if (!urb) { 915 retval = -ENOMEM; 916 goto error; 917 } 918 919 dmabuf = urb->transfer_buffer; 920 921 usb_fill_bulk_urb(urb, data->usb_dev, 922 usb_rcvbulkpipe(data->usb_dev, data->bulk_in), 923 dmabuf, bufsize, 924 usbtmc_read_bulk_cb, file_data); 925 926 usb_anchor_urb(urb, &file_data->submitted); 927 retval = usb_submit_urb(urb, GFP_KERNEL); 928 /* urb is anchored. We can release our reference. */ 929 usb_free_urb(urb); 930 if (unlikely(retval)) { 931 usb_unanchor_urb(urb); 932 goto error; 933 } 934 file_data->in_urbs_used++; 935 bufcount--; 936 } 937 938 if (again) { 939 dev_dbg(dev, "%s: ret=again\n", __func__); 940 return -EAGAIN; 941 } 942 943 if (user_buffer == NULL) 944 return -EINVAL; 945 946 expire = msecs_to_jiffies(file_data->timeout); 947 948 while (max_transfer_size > 0) { 949 u32 this_part; 950 struct urb *urb = NULL; 951 952 if (!(flags & USBTMC_FLAG_ASYNC)) { 953 dev_dbg(dev, "%s: before wait time %lu\n", 954 __func__, expire); 955 wait_rv = wait_event_interruptible_timeout( 956 file_data->wait_bulk_in, 957 usbtmc_do_transfer(file_data), 958 expire); 959 960 dev_dbg(dev, "%s: wait returned %ld\n", 961 __func__, wait_rv); 962 963 if (wait_rv < 0) { 964 retval = wait_rv; 965 goto error; 966 } 967 968 if (wait_rv == 0) { 969 retval = -ETIMEDOUT; 970 goto error; 971 } 972 973 } 974 975 urb = usb_get_from_anchor(&file_data->in_anchor); 976 if (!urb) { 977 if (!(flags & USBTMC_FLAG_ASYNC)) { 978 /* synchronous case: must not happen */ 979 retval = -EFAULT; 980 goto error; 981 } 982 983 /* asynchronous case: ready, do not block or wait */ 984 *transferred = done; 985 dev_dbg(dev, "%s: (async) done=%u ret=0\n", 986 __func__, done); 987 return 0; 988 } 989 990 file_data->in_urbs_used--; 991 992 if (max_transfer_size > urb->actual_length) 993 max_transfer_size -= urb->actual_length; 994 else 995 max_transfer_size = 0; 996 997 if (remaining > urb->actual_length) 998 this_part = urb->actual_length; 999 else 1000 this_part = remaining; 1001 1002 print_hex_dump_debug("usbtmc ", DUMP_PREFIX_NONE, 16, 1, 1003 urb->transfer_buffer, urb->actual_length, true); 1004 1005 if (copy_to_user(user_buffer + done, 1006 urb->transfer_buffer, this_part)) { 1007 usb_free_urb(urb); 1008 retval = -EFAULT; 1009 goto error; 1010 } 1011 1012 remaining -= this_part; 1013 done += this_part; 1014 1015 spin_lock_irq(&file_data->err_lock); 1016 if (urb->status) { 1017 /* return the very first error */ 1018 retval = file_data->in_status; 1019 spin_unlock_irq(&file_data->err_lock); 1020 usb_free_urb(urb); 1021 goto error; 1022 } 1023 spin_unlock_irq(&file_data->err_lock); 1024 1025 if (urb->actual_length < bufsize) { 1026 /* short packet or ZLP received => ready */ 1027 usb_free_urb(urb); 1028 retval = 1; 1029 break; 1030 } 1031 1032 if (!(flags & USBTMC_FLAG_ASYNC) && 1033 max_transfer_size > (bufsize * file_data->in_urbs_used)) { 1034 /* resubmit, since other buffers still not enough */ 1035 usb_anchor_urb(urb, &file_data->submitted); 1036 retval = usb_submit_urb(urb, GFP_KERNEL); 1037 if (unlikely(retval)) { 1038 usb_unanchor_urb(urb); 1039 usb_free_urb(urb); 1040 goto error; 1041 } 1042 file_data->in_urbs_used++; 1043 } 1044 usb_free_urb(urb); 1045 retval = 0; 1046 } 1047 1048 error: 1049 *transferred = done; 1050 1051 dev_dbg(dev, "%s: before kill\n", __func__); 1052 /* Attention: killing urbs can take long time (2 ms) */ 1053 usb_kill_anchored_urbs(&file_data->submitted); 1054 dev_dbg(dev, "%s: after kill\n", __func__); 1055 usb_scuttle_anchored_urbs(&file_data->in_anchor); 1056 file_data->in_urbs_used = 0; 1057 file_data->in_status = 0; /* no spinlock needed here */ 1058 dev_dbg(dev, "%s: done=%u ret=%d\n", __func__, done, retval); 1059 1060 return retval; 1061 } 1062 1063 static ssize_t usbtmc_ioctl_generic_read(struct usbtmc_file_data *file_data, 1064 void __user *arg) 1065 { 1066 struct usbtmc_message msg; 1067 ssize_t retval = 0; 1068 1069 /* mutex already locked */ 1070 1071 if (copy_from_user(&msg, arg, sizeof(struct usbtmc_message))) 1072 return -EFAULT; 1073 1074 retval = usbtmc_generic_read(file_data, msg.message, 1075 msg.transfer_size, &msg.transferred, 1076 msg.flags); 1077 1078 if (put_user(msg.transferred, 1079 &((struct usbtmc_message __user *)arg)->transferred)) 1080 return -EFAULT; 1081 1082 return retval; 1083 } 1084 1085 static void usbtmc_write_bulk_cb(struct urb *urb) 1086 { 1087 struct usbtmc_file_data *file_data = urb->context; 1088 int wakeup = 0; 1089 unsigned long flags; 1090 1091 spin_lock_irqsave(&file_data->err_lock, flags); 1092 file_data->out_transfer_size += urb->actual_length; 1093 1094 /* sync/async unlink faults aren't errors */ 1095 if (urb->status) { 1096 if (!(urb->status == -ENOENT || 1097 urb->status == -ECONNRESET || 1098 urb->status == -ESHUTDOWN)) 1099 dev_err(&file_data->data->intf->dev, 1100 "%s - nonzero write bulk status received: %d\n", 1101 __func__, urb->status); 1102 1103 if (!file_data->out_status) { 1104 file_data->out_status = urb->status; 1105 wakeup = 1; 1106 } 1107 } 1108 spin_unlock_irqrestore(&file_data->err_lock, flags); 1109 1110 dev_dbg(&file_data->data->intf->dev, 1111 "%s - write bulk total size: %u\n", 1112 __func__, file_data->out_transfer_size); 1113 1114 up(&file_data->limit_write_sem); 1115 if (usb_anchor_empty(&file_data->submitted) || wakeup) 1116 wake_up_interruptible(&file_data->data->waitq); 1117 } 1118 1119 static ssize_t usbtmc_generic_write(struct usbtmc_file_data *file_data, 1120 const void __user *user_buffer, 1121 u32 transfer_size, 1122 u32 *transferred, 1123 u32 flags) 1124 { 1125 struct usbtmc_device_data *data = file_data->data; 1126 struct device *dev; 1127 u32 done = 0; 1128 u32 remaining; 1129 unsigned long expire; 1130 const u32 bufsize = USBTMC_BUFSIZE; 1131 struct urb *urb = NULL; 1132 int retval = 0; 1133 u32 timeout; 1134 1135 *transferred = 0; 1136 1137 /* Get pointer to private data structure */ 1138 dev = &data->intf->dev; 1139 1140 dev_dbg(dev, "%s: size=%u flags=0x%X sema=%u\n", 1141 __func__, transfer_size, flags, 1142 file_data->limit_write_sem.count); 1143 1144 if (flags & USBTMC_FLAG_APPEND) { 1145 spin_lock_irq(&file_data->err_lock); 1146 retval = file_data->out_status; 1147 spin_unlock_irq(&file_data->err_lock); 1148 if (retval < 0) 1149 return retval; 1150 } else { 1151 spin_lock_irq(&file_data->err_lock); 1152 file_data->out_transfer_size = 0; 1153 file_data->out_status = 0; 1154 spin_unlock_irq(&file_data->err_lock); 1155 } 1156 1157 remaining = transfer_size; 1158 if (remaining > INT_MAX) 1159 remaining = INT_MAX; 1160 1161 timeout = file_data->timeout; 1162 expire = msecs_to_jiffies(timeout); 1163 1164 while (remaining > 0) { 1165 u32 this_part, aligned; 1166 u8 *buffer = NULL; 1167 1168 if (flags & USBTMC_FLAG_ASYNC) { 1169 if (down_trylock(&file_data->limit_write_sem)) { 1170 retval = (done)?(0):(-EAGAIN); 1171 goto exit; 1172 } 1173 } else { 1174 retval = down_timeout(&file_data->limit_write_sem, 1175 expire); 1176 if (retval < 0) { 1177 retval = -ETIMEDOUT; 1178 goto error; 1179 } 1180 } 1181 1182 spin_lock_irq(&file_data->err_lock); 1183 retval = file_data->out_status; 1184 spin_unlock_irq(&file_data->err_lock); 1185 if (retval < 0) { 1186 up(&file_data->limit_write_sem); 1187 goto error; 1188 } 1189 1190 /* prepare next urb to send */ 1191 urb = usbtmc_create_urb(); 1192 if (!urb) { 1193 retval = -ENOMEM; 1194 up(&file_data->limit_write_sem); 1195 goto error; 1196 } 1197 buffer = urb->transfer_buffer; 1198 1199 if (remaining > bufsize) 1200 this_part = bufsize; 1201 else 1202 this_part = remaining; 1203 1204 if (copy_from_user(buffer, user_buffer + done, this_part)) { 1205 retval = -EFAULT; 1206 up(&file_data->limit_write_sem); 1207 goto error; 1208 } 1209 1210 print_hex_dump_debug("usbtmc ", DUMP_PREFIX_NONE, 1211 16, 1, buffer, this_part, true); 1212 1213 /* fill bulk with 32 bit alignment to meet USBTMC specification 1214 * (size + 3 & ~3) rounds up and simplifies user code 1215 */ 1216 aligned = (this_part + 3) & ~3; 1217 dev_dbg(dev, "write(size:%u align:%u done:%u)\n", 1218 (unsigned int)this_part, 1219 (unsigned int)aligned, 1220 (unsigned int)done); 1221 1222 usb_fill_bulk_urb(urb, data->usb_dev, 1223 usb_sndbulkpipe(data->usb_dev, data->bulk_out), 1224 urb->transfer_buffer, aligned, 1225 usbtmc_write_bulk_cb, file_data); 1226 1227 usb_anchor_urb(urb, &file_data->submitted); 1228 retval = usb_submit_urb(urb, GFP_KERNEL); 1229 if (unlikely(retval)) { 1230 usb_unanchor_urb(urb); 1231 up(&file_data->limit_write_sem); 1232 goto error; 1233 } 1234 1235 usb_free_urb(urb); 1236 urb = NULL; /* urb will be finally released by usb driver */ 1237 1238 remaining -= this_part; 1239 done += this_part; 1240 } 1241 1242 /* All urbs are on the fly */ 1243 if (!(flags & USBTMC_FLAG_ASYNC)) { 1244 if (!usb_wait_anchor_empty_timeout(&file_data->submitted, 1245 timeout)) { 1246 retval = -ETIMEDOUT; 1247 goto error; 1248 } 1249 } 1250 1251 retval = 0; 1252 goto exit; 1253 1254 error: 1255 usb_kill_anchored_urbs(&file_data->submitted); 1256 exit: 1257 usb_free_urb(urb); 1258 1259 spin_lock_irq(&file_data->err_lock); 1260 if (!(flags & USBTMC_FLAG_ASYNC)) 1261 done = file_data->out_transfer_size; 1262 if (!retval && file_data->out_status) 1263 retval = file_data->out_status; 1264 spin_unlock_irq(&file_data->err_lock); 1265 1266 *transferred = done; 1267 1268 dev_dbg(dev, "%s: done=%u, retval=%d, urbstat=%d\n", 1269 __func__, done, retval, file_data->out_status); 1270 1271 return retval; 1272 } 1273 1274 static ssize_t usbtmc_ioctl_generic_write(struct usbtmc_file_data *file_data, 1275 void __user *arg) 1276 { 1277 struct usbtmc_message msg; 1278 ssize_t retval = 0; 1279 1280 /* mutex already locked */ 1281 1282 if (copy_from_user(&msg, arg, sizeof(struct usbtmc_message))) 1283 return -EFAULT; 1284 1285 retval = usbtmc_generic_write(file_data, msg.message, 1286 msg.transfer_size, &msg.transferred, 1287 msg.flags); 1288 1289 if (put_user(msg.transferred, 1290 &((struct usbtmc_message __user *)arg)->transferred)) 1291 return -EFAULT; 1292 1293 return retval; 1294 } 1295 1296 /* 1297 * Get the generic write result 1298 */ 1299 static ssize_t usbtmc_ioctl_write_result(struct usbtmc_file_data *file_data, 1300 void __user *arg) 1301 { 1302 u32 transferred; 1303 int retval; 1304 1305 spin_lock_irq(&file_data->err_lock); 1306 transferred = file_data->out_transfer_size; 1307 retval = file_data->out_status; 1308 spin_unlock_irq(&file_data->err_lock); 1309 1310 if (put_user(transferred, (__u32 __user *)arg)) 1311 return -EFAULT; 1312 1313 return retval; 1314 } 1315 1316 /* 1317 * Sends a REQUEST_DEV_DEP_MSG_IN message on the Bulk-OUT endpoint. 1318 * @transfer_size: number of bytes to request from the device. 1319 * 1320 * See the USBTMC specification, Table 4. 1321 * 1322 * Also updates bTag_last_write. 1323 */ 1324 static int send_request_dev_dep_msg_in(struct usbtmc_file_data *file_data, 1325 u32 transfer_size) 1326 { 1327 struct usbtmc_device_data *data = file_data->data; 1328 int retval; 1329 u8 *buffer; 1330 int actual; 1331 1332 buffer = kmalloc(USBTMC_HEADER_SIZE, GFP_KERNEL); 1333 if (!buffer) 1334 return -ENOMEM; 1335 /* Setup IO buffer for REQUEST_DEV_DEP_MSG_IN message 1336 * Refer to class specs for details 1337 */ 1338 buffer[0] = 2; 1339 buffer[1] = data->bTag; 1340 buffer[2] = ~data->bTag; 1341 buffer[3] = 0; /* Reserved */ 1342 buffer[4] = transfer_size >> 0; 1343 buffer[5] = transfer_size >> 8; 1344 buffer[6] = transfer_size >> 16; 1345 buffer[7] = transfer_size >> 24; 1346 buffer[8] = file_data->term_char_enabled * 2; 1347 /* Use term character? */ 1348 buffer[9] = file_data->term_char; 1349 buffer[10] = 0; /* Reserved */ 1350 buffer[11] = 0; /* Reserved */ 1351 1352 /* Send bulk URB */ 1353 retval = usb_bulk_msg_killable(data->usb_dev, 1354 usb_sndbulkpipe(data->usb_dev, 1355 data->bulk_out), 1356 buffer, USBTMC_HEADER_SIZE, 1357 &actual, file_data->timeout); 1358 1359 /* Store bTag (in case we need to abort) */ 1360 data->bTag_last_write = data->bTag; 1361 1362 /* Increment bTag -- and increment again if zero */ 1363 data->bTag++; 1364 if (!data->bTag) 1365 data->bTag++; 1366 1367 kfree(buffer); 1368 if (retval < 0) 1369 dev_err(&data->intf->dev, "%s returned %d\n", 1370 __func__, retval); 1371 1372 return retval; 1373 } 1374 1375 static ssize_t usbtmc_read(struct file *filp, char __user *buf, 1376 size_t count, loff_t *f_pos) 1377 { 1378 struct usbtmc_file_data *file_data; 1379 struct usbtmc_device_data *data; 1380 struct device *dev; 1381 const u32 bufsize = USBTMC_BUFSIZE; 1382 u32 n_characters; 1383 u8 *buffer; 1384 int actual; 1385 u32 done = 0; 1386 u32 remaining; 1387 int retval; 1388 1389 /* Get pointer to private data structure */ 1390 file_data = filp->private_data; 1391 data = file_data->data; 1392 dev = &data->intf->dev; 1393 1394 buffer = kmalloc(bufsize, GFP_KERNEL); 1395 if (!buffer) 1396 return -ENOMEM; 1397 1398 retval = mutex_lock_interruptible(&data->io_mutex); 1399 if (retval < 0) 1400 goto exit_nolock; 1401 1402 if (data->zombie) { 1403 retval = -ENODEV; 1404 goto exit; 1405 } 1406 1407 if (count > INT_MAX) 1408 count = INT_MAX; 1409 1410 dev_dbg(dev, "%s(count:%zu)\n", __func__, count); 1411 1412 retval = send_request_dev_dep_msg_in(file_data, count); 1413 1414 if (retval < 0) { 1415 if (file_data->auto_abort) 1416 usbtmc_ioctl_abort_bulk_out(data); 1417 goto exit; 1418 } 1419 1420 /* Loop until we have fetched everything we requested */ 1421 remaining = count; 1422 actual = 0; 1423 1424 /* Send bulk URB */ 1425 retval = usb_bulk_msg_killable(data->usb_dev, 1426 usb_rcvbulkpipe(data->usb_dev, 1427 data->bulk_in), 1428 buffer, bufsize, &actual, 1429 file_data->timeout); 1430 1431 dev_dbg(dev, "%s: bulk_msg retval(%u), actual(%d)\n", 1432 __func__, retval, actual); 1433 1434 /* Store bTag (in case we need to abort) */ 1435 data->bTag_last_read = data->bTag; 1436 1437 if (retval < 0) { 1438 if (file_data->auto_abort) 1439 usbtmc_ioctl_abort_bulk_in(data); 1440 goto exit; 1441 } 1442 1443 /* Sanity checks for the header */ 1444 if (actual < USBTMC_HEADER_SIZE) { 1445 dev_err(dev, "Device sent too small first packet: %u < %u\n", 1446 actual, USBTMC_HEADER_SIZE); 1447 if (file_data->auto_abort) 1448 usbtmc_ioctl_abort_bulk_in(data); 1449 goto exit; 1450 } 1451 1452 if (buffer[0] != 2) { 1453 dev_err(dev, "Device sent reply with wrong MsgID: %u != 2\n", 1454 buffer[0]); 1455 if (file_data->auto_abort) 1456 usbtmc_ioctl_abort_bulk_in(data); 1457 goto exit; 1458 } 1459 1460 if (buffer[1] != data->bTag_last_write) { 1461 dev_err(dev, "Device sent reply with wrong bTag: %u != %u\n", 1462 buffer[1], data->bTag_last_write); 1463 if (file_data->auto_abort) 1464 usbtmc_ioctl_abort_bulk_in(data); 1465 goto exit; 1466 } 1467 1468 /* How many characters did the instrument send? */ 1469 n_characters = buffer[4] + 1470 (buffer[5] << 8) + 1471 (buffer[6] << 16) + 1472 (buffer[7] << 24); 1473 1474 file_data->bmTransferAttributes = buffer[8]; 1475 1476 dev_dbg(dev, "Bulk-IN header: N_characters(%u), bTransAttr(%u)\n", 1477 n_characters, buffer[8]); 1478 1479 if (n_characters > remaining) { 1480 dev_err(dev, "Device wants to return more data than requested: %u > %zu\n", 1481 n_characters, count); 1482 if (file_data->auto_abort) 1483 usbtmc_ioctl_abort_bulk_in(data); 1484 goto exit; 1485 } 1486 1487 print_hex_dump_debug("usbtmc ", DUMP_PREFIX_NONE, 1488 16, 1, buffer, actual, true); 1489 1490 remaining = n_characters; 1491 1492 /* Remove the USBTMC header */ 1493 actual -= USBTMC_HEADER_SIZE; 1494 1495 /* Remove padding if it exists */ 1496 if (actual > remaining) 1497 actual = remaining; 1498 1499 remaining -= actual; 1500 1501 /* Copy buffer to user space */ 1502 if (copy_to_user(buf, &buffer[USBTMC_HEADER_SIZE], actual)) { 1503 /* There must have been an addressing problem */ 1504 retval = -EFAULT; 1505 goto exit; 1506 } 1507 1508 if ((actual + USBTMC_HEADER_SIZE) == bufsize) { 1509 retval = usbtmc_generic_read(file_data, buf + actual, 1510 remaining, 1511 &done, 1512 USBTMC_FLAG_IGNORE_TRAILER); 1513 if (retval < 0) 1514 goto exit; 1515 } 1516 done += actual; 1517 1518 /* Update file position value */ 1519 *f_pos = *f_pos + done; 1520 retval = done; 1521 1522 exit: 1523 mutex_unlock(&data->io_mutex); 1524 exit_nolock: 1525 kfree(buffer); 1526 return retval; 1527 } 1528 1529 static ssize_t usbtmc_write(struct file *filp, const char __user *buf, 1530 size_t count, loff_t *f_pos) 1531 { 1532 struct usbtmc_file_data *file_data; 1533 struct usbtmc_device_data *data; 1534 struct urb *urb = NULL; 1535 ssize_t retval = 0; 1536 u8 *buffer; 1537 u32 remaining, done; 1538 u32 transfersize, aligned, buflen; 1539 1540 file_data = filp->private_data; 1541 data = file_data->data; 1542 1543 mutex_lock(&data->io_mutex); 1544 1545 if (data->zombie) { 1546 retval = -ENODEV; 1547 goto exit; 1548 } 1549 1550 done = 0; 1551 1552 spin_lock_irq(&file_data->err_lock); 1553 file_data->out_transfer_size = 0; 1554 file_data->out_status = 0; 1555 spin_unlock_irq(&file_data->err_lock); 1556 1557 if (!count) 1558 goto exit; 1559 1560 if (down_trylock(&file_data->limit_write_sem)) { 1561 /* previous calls were async */ 1562 retval = -EBUSY; 1563 goto exit; 1564 } 1565 1566 urb = usbtmc_create_urb(); 1567 if (!urb) { 1568 retval = -ENOMEM; 1569 up(&file_data->limit_write_sem); 1570 goto exit; 1571 } 1572 1573 buffer = urb->transfer_buffer; 1574 buflen = urb->transfer_buffer_length; 1575 1576 if (count > INT_MAX) { 1577 transfersize = INT_MAX; 1578 buffer[8] = 0; 1579 } else { 1580 transfersize = count; 1581 buffer[8] = file_data->eom_val; 1582 } 1583 1584 /* Setup IO buffer for DEV_DEP_MSG_OUT message */ 1585 buffer[0] = 1; 1586 buffer[1] = data->bTag; 1587 buffer[2] = ~data->bTag; 1588 buffer[3] = 0; /* Reserved */ 1589 buffer[4] = transfersize >> 0; 1590 buffer[5] = transfersize >> 8; 1591 buffer[6] = transfersize >> 16; 1592 buffer[7] = transfersize >> 24; 1593 /* buffer[8] is set above... */ 1594 buffer[9] = 0; /* Reserved */ 1595 buffer[10] = 0; /* Reserved */ 1596 buffer[11] = 0; /* Reserved */ 1597 1598 remaining = transfersize; 1599 1600 if (transfersize + USBTMC_HEADER_SIZE > buflen) { 1601 transfersize = buflen - USBTMC_HEADER_SIZE; 1602 aligned = buflen; 1603 } else { 1604 aligned = (transfersize + (USBTMC_HEADER_SIZE + 3)) & ~3; 1605 } 1606 1607 if (copy_from_user(&buffer[USBTMC_HEADER_SIZE], buf, transfersize)) { 1608 retval = -EFAULT; 1609 up(&file_data->limit_write_sem); 1610 goto exit; 1611 } 1612 1613 dev_dbg(&data->intf->dev, "%s(size:%u align:%u)\n", __func__, 1614 (unsigned int)transfersize, (unsigned int)aligned); 1615 1616 print_hex_dump_debug("usbtmc ", DUMP_PREFIX_NONE, 1617 16, 1, buffer, aligned, true); 1618 1619 usb_fill_bulk_urb(urb, data->usb_dev, 1620 usb_sndbulkpipe(data->usb_dev, data->bulk_out), 1621 urb->transfer_buffer, aligned, 1622 usbtmc_write_bulk_cb, file_data); 1623 1624 usb_anchor_urb(urb, &file_data->submitted); 1625 retval = usb_submit_urb(urb, GFP_KERNEL); 1626 if (unlikely(retval)) { 1627 usb_unanchor_urb(urb); 1628 up(&file_data->limit_write_sem); 1629 goto exit; 1630 } 1631 1632 remaining -= transfersize; 1633 1634 data->bTag_last_write = data->bTag; 1635 data->bTag++; 1636 1637 if (!data->bTag) 1638 data->bTag++; 1639 1640 /* call generic_write even when remaining = 0 */ 1641 retval = usbtmc_generic_write(file_data, buf + transfersize, remaining, 1642 &done, USBTMC_FLAG_APPEND); 1643 /* truncate alignment bytes */ 1644 if (done > remaining) 1645 done = remaining; 1646 1647 /*add size of first urb*/ 1648 done += transfersize; 1649 1650 if (retval < 0) { 1651 usb_kill_anchored_urbs(&file_data->submitted); 1652 1653 dev_err(&data->intf->dev, 1654 "Unable to send data, error %d\n", (int)retval); 1655 if (file_data->auto_abort) 1656 usbtmc_ioctl_abort_bulk_out(data); 1657 goto exit; 1658 } 1659 1660 retval = done; 1661 exit: 1662 usb_free_urb(urb); 1663 mutex_unlock(&data->io_mutex); 1664 return retval; 1665 } 1666 1667 static int usbtmc_ioctl_clear(struct usbtmc_device_data *data) 1668 { 1669 struct device *dev; 1670 u8 *buffer; 1671 int rv; 1672 int n; 1673 int actual = 0; 1674 1675 dev = &data->intf->dev; 1676 1677 dev_dbg(dev, "Sending INITIATE_CLEAR request\n"); 1678 1679 buffer = kmalloc(USBTMC_BUFSIZE, GFP_KERNEL); 1680 if (!buffer) 1681 return -ENOMEM; 1682 1683 rv = usb_control_msg(data->usb_dev, 1684 usb_rcvctrlpipe(data->usb_dev, 0), 1685 USBTMC_REQUEST_INITIATE_CLEAR, 1686 USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_INTERFACE, 1687 0, 0, buffer, 1, USB_CTRL_GET_TIMEOUT); 1688 if (rv < 0) { 1689 dev_err(dev, "usb_control_msg returned %d\n", rv); 1690 goto exit; 1691 } 1692 1693 dev_dbg(dev, "INITIATE_CLEAR returned %x\n", buffer[0]); 1694 1695 if (buffer[0] != USBTMC_STATUS_SUCCESS) { 1696 dev_err(dev, "INITIATE_CLEAR returned %x\n", buffer[0]); 1697 rv = -EPERM; 1698 goto exit; 1699 } 1700 1701 n = 0; 1702 1703 usbtmc_clear_check_status: 1704 1705 dev_dbg(dev, "Sending CHECK_CLEAR_STATUS request\n"); 1706 1707 rv = usb_control_msg(data->usb_dev, 1708 usb_rcvctrlpipe(data->usb_dev, 0), 1709 USBTMC_REQUEST_CHECK_CLEAR_STATUS, 1710 USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_INTERFACE, 1711 0, 0, buffer, 2, USB_CTRL_GET_TIMEOUT); 1712 if (rv < 0) { 1713 dev_err(dev, "usb_control_msg returned %d\n", rv); 1714 goto exit; 1715 } 1716 1717 dev_dbg(dev, "CHECK_CLEAR_STATUS returned %x\n", buffer[0]); 1718 1719 if (buffer[0] == USBTMC_STATUS_SUCCESS) 1720 goto usbtmc_clear_bulk_out_halt; 1721 1722 if (buffer[0] != USBTMC_STATUS_PENDING) { 1723 dev_err(dev, "CHECK_CLEAR_STATUS returned %x\n", buffer[0]); 1724 rv = -EPERM; 1725 goto exit; 1726 } 1727 1728 if ((buffer[1] & 1) != 0) { 1729 do { 1730 dev_dbg(dev, "Reading from bulk in EP\n"); 1731 1732 actual = 0; 1733 rv = usb_bulk_msg(data->usb_dev, 1734 usb_rcvbulkpipe(data->usb_dev, 1735 data->bulk_in), 1736 buffer, USBTMC_BUFSIZE, 1737 &actual, USB_CTRL_GET_TIMEOUT); 1738 1739 print_hex_dump_debug("usbtmc ", DUMP_PREFIX_NONE, 1740 16, 1, buffer, actual, true); 1741 1742 n++; 1743 1744 if (rv < 0) { 1745 dev_err(dev, "usb_control_msg returned %d\n", 1746 rv); 1747 goto exit; 1748 } 1749 } while ((actual == USBTMC_BUFSIZE) && 1750 (n < USBTMC_MAX_READS_TO_CLEAR_BULK_IN)); 1751 } else { 1752 /* do not stress device with subsequent requests */ 1753 msleep(50); 1754 n++; 1755 } 1756 1757 if (n >= USBTMC_MAX_READS_TO_CLEAR_BULK_IN) { 1758 dev_err(dev, "Couldn't clear device buffer within %d cycles\n", 1759 USBTMC_MAX_READS_TO_CLEAR_BULK_IN); 1760 rv = -EPERM; 1761 goto exit; 1762 } 1763 1764 goto usbtmc_clear_check_status; 1765 1766 usbtmc_clear_bulk_out_halt: 1767 1768 rv = usb_clear_halt(data->usb_dev, 1769 usb_sndbulkpipe(data->usb_dev, data->bulk_out)); 1770 if (rv < 0) { 1771 dev_err(dev, "usb_clear_halt returned %d\n", rv); 1772 goto exit; 1773 } 1774 rv = 0; 1775 1776 exit: 1777 kfree(buffer); 1778 return rv; 1779 } 1780 1781 static int usbtmc_ioctl_clear_out_halt(struct usbtmc_device_data *data) 1782 { 1783 int rv; 1784 1785 rv = usb_clear_halt(data->usb_dev, 1786 usb_sndbulkpipe(data->usb_dev, data->bulk_out)); 1787 1788 if (rv < 0) 1789 dev_err(&data->usb_dev->dev, "%s returned %d\n", __func__, rv); 1790 return rv; 1791 } 1792 1793 static int usbtmc_ioctl_clear_in_halt(struct usbtmc_device_data *data) 1794 { 1795 int rv; 1796 1797 rv = usb_clear_halt(data->usb_dev, 1798 usb_rcvbulkpipe(data->usb_dev, data->bulk_in)); 1799 1800 if (rv < 0) 1801 dev_err(&data->usb_dev->dev, "%s returned %d\n", __func__, rv); 1802 return rv; 1803 } 1804 1805 static int usbtmc_ioctl_cancel_io(struct usbtmc_file_data *file_data) 1806 { 1807 spin_lock_irq(&file_data->err_lock); 1808 file_data->in_status = -ECANCELED; 1809 file_data->out_status = -ECANCELED; 1810 spin_unlock_irq(&file_data->err_lock); 1811 usb_kill_anchored_urbs(&file_data->submitted); 1812 return 0; 1813 } 1814 1815 static int usbtmc_ioctl_cleanup_io(struct usbtmc_file_data *file_data) 1816 { 1817 usb_kill_anchored_urbs(&file_data->submitted); 1818 usb_scuttle_anchored_urbs(&file_data->in_anchor); 1819 spin_lock_irq(&file_data->err_lock); 1820 file_data->in_status = 0; 1821 file_data->in_transfer_size = 0; 1822 file_data->out_status = 0; 1823 file_data->out_transfer_size = 0; 1824 spin_unlock_irq(&file_data->err_lock); 1825 1826 file_data->in_urbs_used = 0; 1827 return 0; 1828 } 1829 1830 static int get_capabilities(struct usbtmc_device_data *data) 1831 { 1832 struct device *dev = &data->usb_dev->dev; 1833 char *buffer; 1834 int rv = 0; 1835 1836 buffer = kmalloc(0x18, GFP_KERNEL); 1837 if (!buffer) 1838 return -ENOMEM; 1839 1840 rv = usb_control_msg(data->usb_dev, usb_rcvctrlpipe(data->usb_dev, 0), 1841 USBTMC_REQUEST_GET_CAPABILITIES, 1842 USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_INTERFACE, 1843 0, 0, buffer, 0x18, USB_CTRL_GET_TIMEOUT); 1844 if (rv < 0) { 1845 dev_err(dev, "usb_control_msg returned %d\n", rv); 1846 goto err_out; 1847 } 1848 1849 dev_dbg(dev, "GET_CAPABILITIES returned %x\n", buffer[0]); 1850 if (buffer[0] != USBTMC_STATUS_SUCCESS) { 1851 dev_err(dev, "GET_CAPABILITIES returned %x\n", buffer[0]); 1852 rv = -EPERM; 1853 goto err_out; 1854 } 1855 dev_dbg(dev, "Interface capabilities are %x\n", buffer[4]); 1856 dev_dbg(dev, "Device capabilities are %x\n", buffer[5]); 1857 dev_dbg(dev, "USB488 interface capabilities are %x\n", buffer[14]); 1858 dev_dbg(dev, "USB488 device capabilities are %x\n", buffer[15]); 1859 1860 data->capabilities.interface_capabilities = buffer[4]; 1861 data->capabilities.device_capabilities = buffer[5]; 1862 data->capabilities.usb488_interface_capabilities = buffer[14]; 1863 data->capabilities.usb488_device_capabilities = buffer[15]; 1864 data->usb488_caps = (buffer[14] & 0x07) | ((buffer[15] & 0x0f) << 4); 1865 rv = 0; 1866 1867 err_out: 1868 kfree(buffer); 1869 return rv; 1870 } 1871 1872 #define capability_attribute(name) \ 1873 static ssize_t name##_show(struct device *dev, \ 1874 struct device_attribute *attr, char *buf) \ 1875 { \ 1876 struct usb_interface *intf = to_usb_interface(dev); \ 1877 struct usbtmc_device_data *data = usb_get_intfdata(intf); \ 1878 \ 1879 return sprintf(buf, "%d\n", data->capabilities.name); \ 1880 } \ 1881 static DEVICE_ATTR_RO(name) 1882 1883 capability_attribute(interface_capabilities); 1884 capability_attribute(device_capabilities); 1885 capability_attribute(usb488_interface_capabilities); 1886 capability_attribute(usb488_device_capabilities); 1887 1888 static struct attribute *usbtmc_attrs[] = { 1889 &dev_attr_interface_capabilities.attr, 1890 &dev_attr_device_capabilities.attr, 1891 &dev_attr_usb488_interface_capabilities.attr, 1892 &dev_attr_usb488_device_capabilities.attr, 1893 NULL, 1894 }; 1895 ATTRIBUTE_GROUPS(usbtmc); 1896 1897 static int usbtmc_ioctl_indicator_pulse(struct usbtmc_device_data *data) 1898 { 1899 struct device *dev; 1900 u8 *buffer; 1901 int rv; 1902 1903 dev = &data->intf->dev; 1904 1905 buffer = kmalloc(2, GFP_KERNEL); 1906 if (!buffer) 1907 return -ENOMEM; 1908 1909 rv = usb_control_msg(data->usb_dev, 1910 usb_rcvctrlpipe(data->usb_dev, 0), 1911 USBTMC_REQUEST_INDICATOR_PULSE, 1912 USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_INTERFACE, 1913 0, 0, buffer, 0x01, USB_CTRL_GET_TIMEOUT); 1914 1915 if (rv < 0) { 1916 dev_err(dev, "usb_control_msg returned %d\n", rv); 1917 goto exit; 1918 } 1919 1920 dev_dbg(dev, "INDICATOR_PULSE returned %x\n", buffer[0]); 1921 1922 if (buffer[0] != USBTMC_STATUS_SUCCESS) { 1923 dev_err(dev, "INDICATOR_PULSE returned %x\n", buffer[0]); 1924 rv = -EPERM; 1925 goto exit; 1926 } 1927 rv = 0; 1928 1929 exit: 1930 kfree(buffer); 1931 return rv; 1932 } 1933 1934 static int usbtmc_ioctl_request(struct usbtmc_device_data *data, 1935 void __user *arg) 1936 { 1937 struct device *dev = &data->intf->dev; 1938 struct usbtmc_ctrlrequest request; 1939 u8 *buffer = NULL; 1940 int rv; 1941 unsigned int is_in, pipe; 1942 1943 if (copy_from_user(&request, arg, sizeof(struct usbtmc_ctrlrequest))) 1944 return -EFAULT; 1945 1946 if (request.req.wLength > USBTMC_BUFSIZE) 1947 return -EMSGSIZE; 1948 if (request.req.wLength == 0) /* Length-0 requests are never IN */ 1949 request.req.bRequestType &= ~USB_DIR_IN; 1950 1951 is_in = request.req.bRequestType & USB_DIR_IN; 1952 1953 if (request.req.wLength) { 1954 buffer = kmalloc(request.req.wLength, GFP_KERNEL); 1955 if (!buffer) 1956 return -ENOMEM; 1957 1958 if (!is_in) { 1959 /* Send control data to device */ 1960 if (copy_from_user(buffer, request.data, 1961 request.req.wLength)) { 1962 rv = -EFAULT; 1963 goto exit; 1964 } 1965 } 1966 } 1967 1968 if (is_in) 1969 pipe = usb_rcvctrlpipe(data->usb_dev, 0); 1970 else 1971 pipe = usb_sndctrlpipe(data->usb_dev, 0); 1972 rv = usb_control_msg(data->usb_dev, 1973 pipe, 1974 request.req.bRequest, 1975 request.req.bRequestType, 1976 request.req.wValue, 1977 request.req.wIndex, 1978 buffer, request.req.wLength, USB_CTRL_GET_TIMEOUT); 1979 1980 if (rv < 0) { 1981 dev_err(dev, "%s failed %d\n", __func__, rv); 1982 goto exit; 1983 } 1984 1985 if (rv && is_in) { 1986 /* Read control data from device */ 1987 if (copy_to_user(request.data, buffer, rv)) 1988 rv = -EFAULT; 1989 } 1990 1991 exit: 1992 kfree(buffer); 1993 return rv; 1994 } 1995 1996 /* 1997 * Get the usb timeout value 1998 */ 1999 static int usbtmc_ioctl_get_timeout(struct usbtmc_file_data *file_data, 2000 void __user *arg) 2001 { 2002 u32 timeout; 2003 2004 timeout = file_data->timeout; 2005 2006 return put_user(timeout, (__u32 __user *)arg); 2007 } 2008 2009 /* 2010 * Set the usb timeout value 2011 */ 2012 static int usbtmc_ioctl_set_timeout(struct usbtmc_file_data *file_data, 2013 void __user *arg) 2014 { 2015 u32 timeout; 2016 2017 if (get_user(timeout, (__u32 __user *)arg)) 2018 return -EFAULT; 2019 2020 /* Note that timeout = 0 means 2021 * MAX_SCHEDULE_TIMEOUT in usb_control_msg 2022 */ 2023 if (timeout < USBTMC_MIN_TIMEOUT) 2024 return -EINVAL; 2025 2026 file_data->timeout = timeout; 2027 2028 return 0; 2029 } 2030 2031 /* 2032 * enables/disables sending EOM on write 2033 */ 2034 static int usbtmc_ioctl_eom_enable(struct usbtmc_file_data *file_data, 2035 void __user *arg) 2036 { 2037 u8 eom_enable; 2038 2039 if (copy_from_user(&eom_enable, arg, sizeof(eom_enable))) 2040 return -EFAULT; 2041 2042 if (eom_enable > 1) 2043 return -EINVAL; 2044 2045 file_data->eom_val = eom_enable; 2046 2047 return 0; 2048 } 2049 2050 /* 2051 * Configure termination character for read() 2052 */ 2053 static int usbtmc_ioctl_config_termc(struct usbtmc_file_data *file_data, 2054 void __user *arg) 2055 { 2056 struct usbtmc_termchar termc; 2057 2058 if (copy_from_user(&termc, arg, sizeof(termc))) 2059 return -EFAULT; 2060 2061 if ((termc.term_char_enabled > 1) || 2062 (termc.term_char_enabled && 2063 !(file_data->data->capabilities.device_capabilities & 1))) 2064 return -EINVAL; 2065 2066 file_data->term_char = termc.term_char; 2067 file_data->term_char_enabled = termc.term_char_enabled; 2068 2069 return 0; 2070 } 2071 2072 static long usbtmc_ioctl(struct file *file, unsigned int cmd, unsigned long arg) 2073 { 2074 struct usbtmc_file_data *file_data; 2075 struct usbtmc_device_data *data; 2076 int retval = -EBADRQC; 2077 __u8 tmp_byte; 2078 2079 file_data = file->private_data; 2080 data = file_data->data; 2081 2082 mutex_lock(&data->io_mutex); 2083 if (data->zombie) { 2084 retval = -ENODEV; 2085 goto skip_io_on_zombie; 2086 } 2087 2088 switch (cmd) { 2089 case USBTMC_IOCTL_CLEAR_OUT_HALT: 2090 retval = usbtmc_ioctl_clear_out_halt(data); 2091 break; 2092 2093 case USBTMC_IOCTL_CLEAR_IN_HALT: 2094 retval = usbtmc_ioctl_clear_in_halt(data); 2095 break; 2096 2097 case USBTMC_IOCTL_INDICATOR_PULSE: 2098 retval = usbtmc_ioctl_indicator_pulse(data); 2099 break; 2100 2101 case USBTMC_IOCTL_CLEAR: 2102 retval = usbtmc_ioctl_clear(data); 2103 break; 2104 2105 case USBTMC_IOCTL_ABORT_BULK_OUT: 2106 retval = usbtmc_ioctl_abort_bulk_out(data); 2107 break; 2108 2109 case USBTMC_IOCTL_ABORT_BULK_IN: 2110 retval = usbtmc_ioctl_abort_bulk_in(data); 2111 break; 2112 2113 case USBTMC_IOCTL_CTRL_REQUEST: 2114 retval = usbtmc_ioctl_request(data, (void __user *)arg); 2115 break; 2116 2117 case USBTMC_IOCTL_GET_TIMEOUT: 2118 retval = usbtmc_ioctl_get_timeout(file_data, 2119 (void __user *)arg); 2120 break; 2121 2122 case USBTMC_IOCTL_SET_TIMEOUT: 2123 retval = usbtmc_ioctl_set_timeout(file_data, 2124 (void __user *)arg); 2125 break; 2126 2127 case USBTMC_IOCTL_EOM_ENABLE: 2128 retval = usbtmc_ioctl_eom_enable(file_data, 2129 (void __user *)arg); 2130 break; 2131 2132 case USBTMC_IOCTL_CONFIG_TERMCHAR: 2133 retval = usbtmc_ioctl_config_termc(file_data, 2134 (void __user *)arg); 2135 break; 2136 2137 case USBTMC_IOCTL_WRITE: 2138 retval = usbtmc_ioctl_generic_write(file_data, 2139 (void __user *)arg); 2140 break; 2141 2142 case USBTMC_IOCTL_READ: 2143 retval = usbtmc_ioctl_generic_read(file_data, 2144 (void __user *)arg); 2145 break; 2146 2147 case USBTMC_IOCTL_WRITE_RESULT: 2148 retval = usbtmc_ioctl_write_result(file_data, 2149 (void __user *)arg); 2150 break; 2151 2152 case USBTMC_IOCTL_API_VERSION: 2153 retval = put_user(USBTMC_API_VERSION, 2154 (__u32 __user *)arg); 2155 break; 2156 2157 case USBTMC488_IOCTL_GET_CAPS: 2158 retval = put_user(data->usb488_caps, 2159 (unsigned char __user *)arg); 2160 break; 2161 2162 case USBTMC488_IOCTL_READ_STB: 2163 retval = usbtmc488_ioctl_read_stb(file_data, 2164 (void __user *)arg); 2165 break; 2166 2167 case USBTMC488_IOCTL_REN_CONTROL: 2168 retval = usbtmc488_ioctl_simple(data, (void __user *)arg, 2169 USBTMC488_REQUEST_REN_CONTROL); 2170 break; 2171 2172 case USBTMC488_IOCTL_GOTO_LOCAL: 2173 retval = usbtmc488_ioctl_simple(data, (void __user *)arg, 2174 USBTMC488_REQUEST_GOTO_LOCAL); 2175 break; 2176 2177 case USBTMC488_IOCTL_LOCAL_LOCKOUT: 2178 retval = usbtmc488_ioctl_simple(data, (void __user *)arg, 2179 USBTMC488_REQUEST_LOCAL_LOCKOUT); 2180 break; 2181 2182 case USBTMC488_IOCTL_TRIGGER: 2183 retval = usbtmc488_ioctl_trigger(file_data); 2184 break; 2185 2186 case USBTMC488_IOCTL_WAIT_SRQ: 2187 retval = usbtmc488_ioctl_wait_srq(file_data, 2188 (__u32 __user *)arg); 2189 break; 2190 2191 case USBTMC_IOCTL_MSG_IN_ATTR: 2192 retval = put_user(file_data->bmTransferAttributes, 2193 (__u8 __user *)arg); 2194 break; 2195 2196 case USBTMC_IOCTL_AUTO_ABORT: 2197 retval = get_user(tmp_byte, (unsigned char __user *)arg); 2198 if (retval == 0) 2199 file_data->auto_abort = !!tmp_byte; 2200 break; 2201 2202 case USBTMC_IOCTL_GET_STB: 2203 retval = usbtmc_get_stb(file_data, &tmp_byte); 2204 if (!retval) 2205 retval = put_user(tmp_byte, (__u8 __user *)arg); 2206 break; 2207 2208 case USBTMC_IOCTL_GET_SRQ_STB: 2209 retval = usbtmc_ioctl_get_srq_stb(file_data, 2210 (void __user *)arg); 2211 break; 2212 2213 case USBTMC_IOCTL_CANCEL_IO: 2214 retval = usbtmc_ioctl_cancel_io(file_data); 2215 break; 2216 2217 case USBTMC_IOCTL_CLEANUP_IO: 2218 retval = usbtmc_ioctl_cleanup_io(file_data); 2219 break; 2220 } 2221 2222 skip_io_on_zombie: 2223 mutex_unlock(&data->io_mutex); 2224 return retval; 2225 } 2226 2227 static int usbtmc_fasync(int fd, struct file *file, int on) 2228 { 2229 struct usbtmc_file_data *file_data = file->private_data; 2230 2231 return fasync_helper(fd, file, on, &file_data->data->fasync); 2232 } 2233 2234 static __poll_t usbtmc_poll(struct file *file, poll_table *wait) 2235 { 2236 struct usbtmc_file_data *file_data = file->private_data; 2237 struct usbtmc_device_data *data = file_data->data; 2238 __poll_t mask; 2239 2240 mutex_lock(&data->io_mutex); 2241 2242 if (data->zombie) { 2243 mask = EPOLLHUP | EPOLLERR; 2244 goto no_poll; 2245 } 2246 2247 poll_wait(file, &data->waitq, wait); 2248 2249 /* Note that EPOLLPRI is now assigned to SRQ, and 2250 * EPOLLIN|EPOLLRDNORM to normal read data. 2251 */ 2252 mask = 0; 2253 if (atomic_read(&file_data->srq_asserted)) 2254 mask |= EPOLLPRI; 2255 2256 /* Note that the anchor submitted includes all urbs for BULK IN 2257 * and OUT. So EPOLLOUT is signaled when BULK OUT is empty and 2258 * all BULK IN urbs are completed and moved to in_anchor. 2259 */ 2260 if (usb_anchor_empty(&file_data->submitted)) 2261 mask |= (EPOLLOUT | EPOLLWRNORM); 2262 if (!usb_anchor_empty(&file_data->in_anchor)) 2263 mask |= (EPOLLIN | EPOLLRDNORM); 2264 2265 spin_lock_irq(&file_data->err_lock); 2266 if (file_data->in_status || file_data->out_status) 2267 mask |= EPOLLERR; 2268 spin_unlock_irq(&file_data->err_lock); 2269 2270 dev_dbg(&data->intf->dev, "poll mask = %x\n", mask); 2271 2272 no_poll: 2273 mutex_unlock(&data->io_mutex); 2274 return mask; 2275 } 2276 2277 static const struct file_operations fops = { 2278 .owner = THIS_MODULE, 2279 .read = usbtmc_read, 2280 .write = usbtmc_write, 2281 .open = usbtmc_open, 2282 .release = usbtmc_release, 2283 .flush = usbtmc_flush, 2284 .unlocked_ioctl = usbtmc_ioctl, 2285 .compat_ioctl = compat_ptr_ioctl, 2286 .fasync = usbtmc_fasync, 2287 .poll = usbtmc_poll, 2288 .llseek = default_llseek, 2289 }; 2290 2291 static struct usb_class_driver usbtmc_class = { 2292 .name = "usbtmc%d", 2293 .fops = &fops, 2294 .minor_base = USBTMC_MINOR_BASE, 2295 }; 2296 2297 static void usbtmc_interrupt(struct urb *urb) 2298 { 2299 struct usbtmc_device_data *data = urb->context; 2300 struct device *dev = &data->intf->dev; 2301 int status = urb->status; 2302 int rv; 2303 2304 dev_dbg(&data->intf->dev, "int status: %d len %d\n", 2305 status, urb->actual_length); 2306 2307 switch (status) { 2308 case 0: /* SUCCESS */ 2309 /* check for valid STB notification */ 2310 if (data->iin_buffer[0] > 0x81) { 2311 data->bNotify1 = data->iin_buffer[0]; 2312 data->bNotify2 = data->iin_buffer[1]; 2313 atomic_set(&data->iin_data_valid, 1); 2314 wake_up_interruptible(&data->waitq); 2315 goto exit; 2316 } 2317 /* check for SRQ notification */ 2318 if (data->iin_buffer[0] == 0x81) { 2319 unsigned long flags; 2320 struct list_head *elem; 2321 2322 if (data->fasync) 2323 kill_fasync(&data->fasync, 2324 SIGIO, POLL_PRI); 2325 2326 spin_lock_irqsave(&data->dev_lock, flags); 2327 list_for_each(elem, &data->file_list) { 2328 struct usbtmc_file_data *file_data; 2329 2330 file_data = list_entry(elem, 2331 struct usbtmc_file_data, 2332 file_elem); 2333 file_data->srq_byte = data->iin_buffer[1]; 2334 atomic_set(&file_data->srq_asserted, 1); 2335 } 2336 spin_unlock_irqrestore(&data->dev_lock, flags); 2337 2338 dev_dbg(dev, "srq received bTag %x stb %x\n", 2339 (unsigned int)data->iin_buffer[0], 2340 (unsigned int)data->iin_buffer[1]); 2341 wake_up_interruptible_all(&data->waitq); 2342 goto exit; 2343 } 2344 dev_warn(dev, "invalid notification: %x\n", 2345 data->iin_buffer[0]); 2346 break; 2347 case -EOVERFLOW: 2348 dev_err(dev, "overflow with length %d, actual length is %d\n", 2349 data->iin_wMaxPacketSize, urb->actual_length); 2350 fallthrough; 2351 default: 2352 /* urb terminated, clean up */ 2353 dev_dbg(dev, "urb terminated, status: %d\n", status); 2354 return; 2355 } 2356 exit: 2357 rv = usb_submit_urb(urb, GFP_ATOMIC); 2358 if (rv) 2359 dev_err(dev, "usb_submit_urb failed: %d\n", rv); 2360 } 2361 2362 static void usbtmc_free_int(struct usbtmc_device_data *data) 2363 { 2364 if (!data->iin_ep_present || !data->iin_urb) 2365 return; 2366 usb_kill_urb(data->iin_urb); 2367 kfree(data->iin_buffer); 2368 data->iin_buffer = NULL; 2369 usb_free_urb(data->iin_urb); 2370 data->iin_urb = NULL; 2371 kref_put(&data->kref, usbtmc_delete); 2372 } 2373 2374 static int usbtmc_probe(struct usb_interface *intf, 2375 const struct usb_device_id *id) 2376 { 2377 struct usbtmc_device_data *data; 2378 struct usb_host_interface *iface_desc; 2379 struct usb_endpoint_descriptor *bulk_in, *bulk_out, *int_in; 2380 int retcode; 2381 2382 dev_dbg(&intf->dev, "%s called\n", __func__); 2383 2384 data = kzalloc_obj(*data); 2385 if (!data) 2386 return -ENOMEM; 2387 2388 data->intf = intf; 2389 data->id = id; 2390 data->usb_dev = usb_get_dev(interface_to_usbdev(intf)); 2391 usb_set_intfdata(intf, data); 2392 kref_init(&data->kref); 2393 mutex_init(&data->io_mutex); 2394 init_waitqueue_head(&data->waitq); 2395 atomic_set(&data->iin_data_valid, 0); 2396 INIT_LIST_HEAD(&data->file_list); 2397 spin_lock_init(&data->dev_lock); 2398 2399 data->zombie = 0; 2400 2401 /* Initialize USBTMC bTag and other fields */ 2402 data->bTag = 1; 2403 /* 2 <= bTag <= 127 USBTMC-USB488 subclass specification 4.3.1 */ 2404 data->iin_bTag = 2; 2405 2406 /* USBTMC devices have only one setting, so use that */ 2407 iface_desc = data->intf->cur_altsetting; 2408 data->ifnum = iface_desc->desc.bInterfaceNumber; 2409 2410 /* Find bulk endpoints */ 2411 retcode = usb_find_common_endpoints(iface_desc, 2412 &bulk_in, &bulk_out, NULL, NULL); 2413 if (retcode) { 2414 dev_err(&intf->dev, "bulk endpoints not found\n"); 2415 goto err_put; 2416 } 2417 2418 retcode = -EINVAL; 2419 data->bulk_in = bulk_in->bEndpointAddress; 2420 data->wMaxPacketSize = usb_endpoint_maxp(bulk_in); 2421 if (!data->wMaxPacketSize) 2422 goto err_put; 2423 dev_dbg(&intf->dev, "Found bulk in endpoint at %u\n", data->bulk_in); 2424 2425 data->bulk_out = bulk_out->bEndpointAddress; 2426 dev_dbg(&intf->dev, "Found Bulk out endpoint at %u\n", data->bulk_out); 2427 2428 /* Find int endpoint */ 2429 retcode = usb_find_int_in_endpoint(iface_desc, &int_in); 2430 if (!retcode) { 2431 data->iin_ep_present = 1; 2432 data->iin_ep = int_in->bEndpointAddress; 2433 data->iin_wMaxPacketSize = usb_endpoint_maxp(int_in); 2434 data->iin_interval = int_in->bInterval; 2435 dev_dbg(&intf->dev, "Found Int in endpoint at %u\n", 2436 data->iin_ep); 2437 } 2438 2439 retcode = get_capabilities(data); 2440 if (retcode) 2441 dev_err(&intf->dev, "can't read capabilities\n"); 2442 2443 if (data->iin_ep_present) { 2444 /* allocate int urb */ 2445 data->iin_urb = usb_alloc_urb(0, GFP_KERNEL); 2446 if (!data->iin_urb) { 2447 retcode = -ENOMEM; 2448 goto error_register; 2449 } 2450 2451 /* Protect interrupt in endpoint data until iin_urb is freed */ 2452 kref_get(&data->kref); 2453 2454 /* allocate buffer for interrupt in */ 2455 data->iin_buffer = kmalloc(data->iin_wMaxPacketSize, 2456 GFP_KERNEL); 2457 if (!data->iin_buffer) { 2458 retcode = -ENOMEM; 2459 goto error_register; 2460 } 2461 2462 /* fill interrupt urb */ 2463 usb_fill_int_urb(data->iin_urb, data->usb_dev, 2464 usb_rcvintpipe(data->usb_dev, data->iin_ep), 2465 data->iin_buffer, data->iin_wMaxPacketSize, 2466 usbtmc_interrupt, 2467 data, data->iin_interval); 2468 2469 retcode = usb_submit_urb(data->iin_urb, GFP_KERNEL); 2470 if (retcode) { 2471 dev_err(&intf->dev, "Failed to submit iin_urb\n"); 2472 goto error_register; 2473 } 2474 } 2475 2476 retcode = usb_register_dev(intf, &usbtmc_class); 2477 if (retcode) { 2478 dev_err(&intf->dev, "Not able to get a minor (base %u, slice default): %d\n", 2479 USBTMC_MINOR_BASE, 2480 retcode); 2481 goto error_register; 2482 } 2483 dev_dbg(&intf->dev, "Using minor number %d\n", intf->minor); 2484 2485 return 0; 2486 2487 error_register: 2488 usbtmc_free_int(data); 2489 err_put: 2490 kref_put(&data->kref, usbtmc_delete); 2491 return retcode; 2492 } 2493 2494 static void usbtmc_disconnect(struct usb_interface *intf) 2495 { 2496 struct usbtmc_device_data *data = usb_get_intfdata(intf); 2497 struct list_head *elem; 2498 2499 usb_deregister_dev(intf, &usbtmc_class); 2500 mutex_lock(&data->io_mutex); 2501 data->zombie = 1; 2502 wake_up_interruptible_all(&data->waitq); 2503 list_for_each(elem, &data->file_list) { 2504 struct usbtmc_file_data *file_data; 2505 2506 file_data = list_entry(elem, 2507 struct usbtmc_file_data, 2508 file_elem); 2509 usb_kill_anchored_urbs(&file_data->submitted); 2510 usb_scuttle_anchored_urbs(&file_data->in_anchor); 2511 } 2512 mutex_unlock(&data->io_mutex); 2513 usbtmc_free_int(data); 2514 kref_put(&data->kref, usbtmc_delete); 2515 } 2516 2517 static void usbtmc_draw_down(struct usbtmc_file_data *file_data) 2518 { 2519 int time; 2520 2521 time = usb_wait_anchor_empty_timeout(&file_data->submitted, 1000); 2522 if (!time) 2523 usb_kill_anchored_urbs(&file_data->submitted); 2524 usb_scuttle_anchored_urbs(&file_data->in_anchor); 2525 } 2526 2527 static int usbtmc_suspend(struct usb_interface *intf, pm_message_t message) 2528 { 2529 struct usbtmc_device_data *data = usb_get_intfdata(intf); 2530 struct list_head *elem; 2531 2532 if (!data) 2533 return 0; 2534 2535 mutex_lock(&data->io_mutex); 2536 list_for_each(elem, &data->file_list) { 2537 struct usbtmc_file_data *file_data; 2538 2539 file_data = list_entry(elem, 2540 struct usbtmc_file_data, 2541 file_elem); 2542 usbtmc_draw_down(file_data); 2543 } 2544 2545 if (data->iin_ep_present && data->iin_urb) 2546 usb_kill_urb(data->iin_urb); 2547 2548 mutex_unlock(&data->io_mutex); 2549 return 0; 2550 } 2551 2552 static int usbtmc_resume(struct usb_interface *intf) 2553 { 2554 struct usbtmc_device_data *data = usb_get_intfdata(intf); 2555 int retcode = 0; 2556 2557 if (data->iin_ep_present && data->iin_urb) 2558 retcode = usb_submit_urb(data->iin_urb, GFP_KERNEL); 2559 if (retcode) 2560 dev_err(&intf->dev, "Failed to submit iin_urb\n"); 2561 2562 return retcode; 2563 } 2564 2565 static int usbtmc_pre_reset(struct usb_interface *intf) 2566 { 2567 struct usbtmc_device_data *data = usb_get_intfdata(intf); 2568 struct list_head *elem; 2569 2570 if (!data) 2571 return 0; 2572 2573 mutex_lock(&data->io_mutex); 2574 2575 list_for_each(elem, &data->file_list) { 2576 struct usbtmc_file_data *file_data; 2577 2578 file_data = list_entry(elem, 2579 struct usbtmc_file_data, 2580 file_elem); 2581 usbtmc_ioctl_cancel_io(file_data); 2582 } 2583 2584 return 0; 2585 } 2586 2587 static int usbtmc_post_reset(struct usb_interface *intf) 2588 { 2589 struct usbtmc_device_data *data = usb_get_intfdata(intf); 2590 2591 mutex_unlock(&data->io_mutex); 2592 2593 return 0; 2594 } 2595 2596 static struct usb_driver usbtmc_driver = { 2597 .name = "usbtmc", 2598 .id_table = usbtmc_devices, 2599 .probe = usbtmc_probe, 2600 .disconnect = usbtmc_disconnect, 2601 .suspend = usbtmc_suspend, 2602 .resume = usbtmc_resume, 2603 .pre_reset = usbtmc_pre_reset, 2604 .post_reset = usbtmc_post_reset, 2605 .dev_groups = usbtmc_groups, 2606 }; 2607 2608 module_usb_driver(usbtmc_driver); 2609 2610 MODULE_DESCRIPTION("USB Test & Measurement class driver"); 2611 MODULE_LICENSE("GPL"); 2612