1 // SPDX-License-Identifier: GPL-2.0
2 /*
3 * The USB Monitor, inspired by Dave Harding's USBMon.
4 *
5 * mon_main.c: Main file, module initiation and exit, registrations, etc.
6 *
7 * Copyright (C) 2005 Pete Zaitcev (zaitcev@redhat.com)
8 */
9
10 #include <linux/kernel.h>
11 #include <linux/module.h>
12 #include <linux/usb.h>
13 #include <linux/usb/hcd.h>
14 #include <linux/slab.h>
15 #include <linux/notifier.h>
16 #include <linux/mutex.h>
17
18 #include "usb_mon.h"
19
20
21 static void mon_stop(struct mon_bus *mbus);
22 static void mon_dissolve(struct mon_bus *mbus, struct usb_bus *ubus);
23 static void mon_bus_drop(struct kref *r);
24 static void mon_bus_init(struct usb_bus *ubus);
25
26 DEFINE_MUTEX(mon_lock);
27
28 struct mon_bus mon_bus0; /* Pseudo bus meaning "all buses" */
29 static LIST_HEAD(mon_buses); /* All buses we know: struct mon_bus */
30
31 /*
32 * Link a reader into the bus.
33 *
34 * This must be called with mon_lock taken because of mbus->ref.
35 */
mon_reader_add(struct mon_bus * mbus,struct mon_reader * r)36 void mon_reader_add(struct mon_bus *mbus, struct mon_reader *r)
37 {
38 unsigned long flags;
39 struct list_head *p;
40
41 spin_lock_irqsave(&mbus->lock, flags);
42 if (mbus->nreaders == 0) {
43 if (mbus == &mon_bus0) {
44 list_for_each (p, &mon_buses) {
45 struct mon_bus *m1;
46 m1 = list_entry(p, struct mon_bus, bus_link);
47 m1->u_bus->monitored = 1;
48 }
49 } else {
50 mbus->u_bus->monitored = 1;
51 }
52 }
53 mbus->nreaders++;
54 list_add_tail(&r->r_link, &mbus->r_list);
55 spin_unlock_irqrestore(&mbus->lock, flags);
56
57 kref_get(&mbus->ref);
58 }
59
60 /*
61 * Unlink reader from the bus.
62 *
63 * This is called with mon_lock taken, so we can decrement mbus->ref.
64 */
mon_reader_del(struct mon_bus * mbus,struct mon_reader * r)65 void mon_reader_del(struct mon_bus *mbus, struct mon_reader *r)
66 {
67 unsigned long flags;
68
69 spin_lock_irqsave(&mbus->lock, flags);
70 list_del(&r->r_link);
71 --mbus->nreaders;
72 if (mbus->nreaders == 0)
73 mon_stop(mbus);
74 spin_unlock_irqrestore(&mbus->lock, flags);
75
76 kref_put(&mbus->ref, mon_bus_drop);
77 }
78
79 /*
80 */
mon_bus_submit(struct mon_bus * mbus,struct urb * urb)81 static void mon_bus_submit(struct mon_bus *mbus, struct urb *urb)
82 {
83 unsigned long flags;
84 struct mon_reader *r;
85
86 spin_lock_irqsave(&mbus->lock, flags);
87 mbus->cnt_events++;
88 list_for_each_entry(r, &mbus->r_list, r_link)
89 r->rnf_submit(r->r_data, urb);
90 spin_unlock_irqrestore(&mbus->lock, flags);
91 }
92
mon_submit(struct usb_bus * ubus,struct urb * urb)93 static void mon_submit(struct usb_bus *ubus, struct urb *urb)
94 {
95 struct mon_bus *mbus;
96
97 mbus = ubus->mon_bus;
98 if (mbus != NULL)
99 mon_bus_submit(mbus, urb);
100 mon_bus_submit(&mon_bus0, urb);
101 }
102
103 /*
104 */
mon_bus_submit_error(struct mon_bus * mbus,struct urb * urb,int error)105 static void mon_bus_submit_error(struct mon_bus *mbus, struct urb *urb, int error)
106 {
107 unsigned long flags;
108 struct mon_reader *r;
109
110 spin_lock_irqsave(&mbus->lock, flags);
111 mbus->cnt_events++;
112 list_for_each_entry(r, &mbus->r_list, r_link)
113 r->rnf_error(r->r_data, urb, error);
114 spin_unlock_irqrestore(&mbus->lock, flags);
115 }
116
mon_submit_error(struct usb_bus * ubus,struct urb * urb,int error)117 static void mon_submit_error(struct usb_bus *ubus, struct urb *urb, int error)
118 {
119 struct mon_bus *mbus;
120
121 mbus = ubus->mon_bus;
122 if (mbus != NULL)
123 mon_bus_submit_error(mbus, urb, error);
124 mon_bus_submit_error(&mon_bus0, urb, error);
125 }
126
127 /*
128 */
mon_bus_complete(struct mon_bus * mbus,struct urb * urb,int status)129 static void mon_bus_complete(struct mon_bus *mbus, struct urb *urb, int status)
130 {
131 unsigned long flags;
132 struct mon_reader *r;
133
134 spin_lock_irqsave(&mbus->lock, flags);
135 mbus->cnt_events++;
136 list_for_each_entry(r, &mbus->r_list, r_link)
137 r->rnf_complete(r->r_data, urb, status);
138 spin_unlock_irqrestore(&mbus->lock, flags);
139 }
140
mon_complete(struct usb_bus * ubus,struct urb * urb,int status)141 static void mon_complete(struct usb_bus *ubus, struct urb *urb, int status)
142 {
143 struct mon_bus *mbus;
144
145 mbus = ubus->mon_bus;
146 if (mbus != NULL)
147 mon_bus_complete(mbus, urb, status);
148 mon_bus_complete(&mon_bus0, urb, status);
149 }
150
151 /* int (*unlink_urb) (struct urb *urb, int status); */
152
153 /*
154 * Stop monitoring.
155 */
mon_stop(struct mon_bus * mbus)156 static void mon_stop(struct mon_bus *mbus)
157 {
158 struct usb_bus *ubus;
159
160 if (mbus == &mon_bus0) {
161 list_for_each_entry(mbus, &mon_buses, bus_link) {
162 /*
163 * We do not change nreaders here, so rely on mon_lock.
164 */
165 if (mbus->nreaders == 0 && (ubus = mbus->u_bus) != NULL)
166 ubus->monitored = 0;
167 }
168 } else {
169 /*
170 * A stop can be called for a dissolved mon_bus in case of
171 * a reader staying across an rmmod foo_hcd, so test ->u_bus.
172 */
173 if (mon_bus0.nreaders == 0 && (ubus = mbus->u_bus) != NULL) {
174 ubus->monitored = 0;
175 mb();
176 }
177 }
178 }
179
180 /*
181 * Add a USB bus (usually by a modprobe foo-hcd)
182 *
183 * This does not return an error code because the core cannot care less
184 * if monitoring is not established.
185 */
mon_bus_add(struct usb_bus * ubus)186 static void mon_bus_add(struct usb_bus *ubus)
187 {
188 mon_bus_init(ubus);
189 mutex_lock(&mon_lock);
190 if (mon_bus0.nreaders != 0)
191 ubus->monitored = 1;
192 mutex_unlock(&mon_lock);
193 }
194
195 /*
196 * Remove a USB bus (either from rmmod foo-hcd or from a hot-remove event).
197 */
mon_bus_remove(struct usb_bus * ubus)198 static void mon_bus_remove(struct usb_bus *ubus)
199 {
200 struct mon_bus *mbus = ubus->mon_bus;
201
202 mutex_lock(&mon_lock);
203 list_del(&mbus->bus_link);
204 if (mbus->text_inited)
205 mon_text_del(mbus);
206 if (mbus->bin_inited)
207 mon_bin_del(mbus);
208
209 mon_dissolve(mbus, ubus);
210 kref_put(&mbus->ref, mon_bus_drop);
211 mutex_unlock(&mon_lock);
212 }
213
mon_notify(struct notifier_block * self,unsigned long action,void * dev)214 static int mon_notify(struct notifier_block *self, unsigned long action,
215 void *dev)
216 {
217 switch (action) {
218 case USB_BUS_ADD:
219 mon_bus_add(dev);
220 break;
221 case USB_BUS_REMOVE:
222 mon_bus_remove(dev);
223 }
224 return NOTIFY_OK;
225 }
226
227 static struct notifier_block mon_nb = {
228 .notifier_call = mon_notify,
229 };
230
231 /*
232 * Ops
233 */
234 static const struct usb_mon_operations mon_ops_0 = {
235 .urb_submit = mon_submit,
236 .urb_submit_error = mon_submit_error,
237 .urb_complete = mon_complete,
238 };
239
240 /*
241 * Tear usb_bus and mon_bus apart.
242 */
mon_dissolve(struct mon_bus * mbus,struct usb_bus * ubus)243 static void mon_dissolve(struct mon_bus *mbus, struct usb_bus *ubus)
244 {
245
246 if (ubus->monitored) {
247 ubus->monitored = 0;
248 mb();
249 }
250
251 ubus->mon_bus = NULL;
252 mbus->u_bus = NULL;
253 mb();
254
255 /* We want synchronize_irq() here, but that needs an argument. */
256 }
257
258 /*
259 */
mon_bus_drop(struct kref * r)260 static void mon_bus_drop(struct kref *r)
261 {
262 struct mon_bus *mbus = container_of(r, struct mon_bus, ref);
263 kfree(mbus);
264 }
265
266 /*
267 * Initialize a bus for us:
268 * - allocate mon_bus
269 * - refcount USB bus struct
270 * - link
271 */
mon_bus_init(struct usb_bus * ubus)272 static void mon_bus_init(struct usb_bus *ubus)
273 {
274 struct mon_bus *mbus;
275
276 mbus = kzalloc(sizeof(struct mon_bus), GFP_KERNEL);
277 if (mbus == NULL)
278 goto err_alloc;
279 kref_init(&mbus->ref);
280 spin_lock_init(&mbus->lock);
281 INIT_LIST_HEAD(&mbus->r_list);
282
283 /*
284 * We don't need to take a reference to ubus, because we receive
285 * a notification if the bus is about to be removed.
286 */
287 mbus->u_bus = ubus;
288 ubus->mon_bus = mbus;
289
290 mbus->text_inited = mon_text_add(mbus, ubus);
291 mbus->bin_inited = mon_bin_add(mbus, ubus);
292
293 mutex_lock(&mon_lock);
294 list_add_tail(&mbus->bus_link, &mon_buses);
295 mutex_unlock(&mon_lock);
296 return;
297
298 err_alloc:
299 return;
300 }
301
mon_bus0_init(void)302 static void mon_bus0_init(void)
303 {
304 struct mon_bus *mbus = &mon_bus0;
305
306 kref_init(&mbus->ref);
307 spin_lock_init(&mbus->lock);
308 INIT_LIST_HEAD(&mbus->r_list);
309
310 mbus->text_inited = mon_text_add(mbus, NULL);
311 mbus->bin_inited = mon_bin_add(mbus, NULL);
312 }
313
314 /*
315 * Search a USB bus by number. Notice that USB bus numbers start from one,
316 * which we may later use to identify "all" with zero.
317 *
318 * This function must be called with mon_lock held.
319 *
320 * This is obviously inefficient and may be revised in the future.
321 */
mon_bus_lookup(unsigned int num)322 struct mon_bus *mon_bus_lookup(unsigned int num)
323 {
324 struct mon_bus *mbus;
325
326 if (num == 0) {
327 return &mon_bus0;
328 }
329 list_for_each_entry(mbus, &mon_buses, bus_link) {
330 if (mbus->u_bus->busnum == num) {
331 return mbus;
332 }
333 }
334 return NULL;
335 }
336
mon_init(void)337 static int __init mon_init(void)
338 {
339 struct usb_bus *ubus;
340 int rc, id;
341
342 if ((rc = mon_text_init()) != 0)
343 goto err_text;
344 if ((rc = mon_bin_init()) != 0)
345 goto err_bin;
346
347 mon_bus0_init();
348
349 if (usb_mon_register(&mon_ops_0) != 0) {
350 printk(KERN_NOTICE TAG ": unable to register with the core\n");
351 rc = -ENODEV;
352 goto err_reg;
353 }
354 // MOD_INC_USE_COUNT(which_module?);
355
356 mutex_lock(&usb_bus_idr_lock);
357 idr_for_each_entry(&usb_bus_idr, ubus, id)
358 mon_bus_init(ubus);
359 usb_register_notify(&mon_nb);
360 mutex_unlock(&usb_bus_idr_lock);
361 return 0;
362
363 err_reg:
364 mon_bin_exit();
365 err_bin:
366 mon_text_exit();
367 err_text:
368 return rc;
369 }
370
mon_exit(void)371 static void __exit mon_exit(void)
372 {
373 struct mon_bus *mbus;
374 struct list_head *p;
375
376 usb_unregister_notify(&mon_nb);
377 usb_mon_deregister();
378
379 mutex_lock(&mon_lock);
380
381 while (!list_empty(&mon_buses)) {
382 p = mon_buses.next;
383 mbus = list_entry(p, struct mon_bus, bus_link);
384 list_del(p);
385
386 if (mbus->text_inited)
387 mon_text_del(mbus);
388 if (mbus->bin_inited)
389 mon_bin_del(mbus);
390
391 /*
392 * This never happens, because the open/close paths in
393 * file level maintain module use counters and so rmmod fails
394 * before reaching here. However, better be safe...
395 */
396 if (mbus->nreaders) {
397 printk(KERN_ERR TAG
398 ": Outstanding opens (%d) on usb%d, leaking...\n",
399 mbus->nreaders, mbus->u_bus->busnum);
400 kref_get(&mbus->ref); /* Force leak */
401 }
402
403 mon_dissolve(mbus, mbus->u_bus);
404 kref_put(&mbus->ref, mon_bus_drop);
405 }
406
407 mbus = &mon_bus0;
408 if (mbus->text_inited)
409 mon_text_del(mbus);
410 if (mbus->bin_inited)
411 mon_bin_del(mbus);
412
413 mutex_unlock(&mon_lock);
414
415 mon_text_exit();
416 mon_bin_exit();
417 }
418
419 module_init(mon_init);
420 module_exit(mon_exit);
421
422 MODULE_DESCRIPTION("USB Monitor");
423 MODULE_LICENSE("GPL");
424