xref: /linux/drivers/usb/mon/mon_text.c (revision a8fe58cec351c25e09c393bf46117c0c47b5a17c)
1 /*
2  * The USB Monitor, inspired by Dave Harding's USBMon.
3  *
4  * This is a text format reader.
5  */
6 
7 #include <linux/kernel.h>
8 #include <linux/list.h>
9 #include <linux/usb.h>
10 #include <linux/slab.h>
11 #include <linux/time.h>
12 #include <linux/ktime.h>
13 #include <linux/export.h>
14 #include <linux/mutex.h>
15 #include <linux/debugfs.h>
16 #include <linux/scatterlist.h>
17 #include <asm/uaccess.h>
18 
19 #include "usb_mon.h"
20 
21 /*
22  * No, we do not want arbitrarily long data strings.
23  * Use the binary interface if you want to capture bulk data!
24  */
25 #define DATA_MAX  32
26 
27 /*
28  * Defined by USB 2.0 clause 9.3, table 9.2.
29  */
30 #define SETUP_MAX  8
31 
32 /*
33  * This limit exists to prevent OOMs when the user process stops reading.
34  * If usbmon were available to unprivileged processes, it might be open
35  * to a local DoS. But we have to keep to root in order to prevent
36  * password sniffing from HID devices.
37  */
38 #define EVENT_MAX  (4*PAGE_SIZE / sizeof(struct mon_event_text))
39 
40 /*
41  * Potentially unlimited number; we limit it for similar allocations.
42  * The usbfs limits this to 128, but we're not quite as generous.
43  */
44 #define ISODESC_MAX   5
45 
46 #define PRINTF_DFL  250   /* with 5 ISOs segs */
47 
48 struct mon_iso_desc {
49 	int status;
50 	unsigned int offset;
51 	unsigned int length;	/* Unsigned here, signed in URB. Historic. */
52 };
53 
54 struct mon_event_text {
55 	struct list_head e_link;
56 	int type;		/* submit, complete, etc. */
57 	unsigned long id;	/* From pointer, most of the time */
58 	unsigned int tstamp;
59 	int busnum;
60 	char devnum;
61 	char epnum;
62 	char is_in;
63 	char xfertype;
64 	int length;		/* Depends on type: xfer length or act length */
65 	int status;
66 	int interval;
67 	int start_frame;
68 	int error_count;
69 	char setup_flag;
70 	char data_flag;
71 	int numdesc;		/* Full number */
72 	struct mon_iso_desc isodesc[ISODESC_MAX];
73 	unsigned char setup[SETUP_MAX];
74 	unsigned char data[DATA_MAX];
75 };
76 
77 #define SLAB_NAME_SZ  30
78 struct mon_reader_text {
79 	struct kmem_cache *e_slab;
80 	int nevents;
81 	struct list_head e_list;
82 	struct mon_reader r;	/* In C, parent class can be placed anywhere */
83 
84 	wait_queue_head_t wait;
85 	int printf_size;
86 	char *printf_buf;
87 	struct mutex printf_lock;
88 
89 	char slab_name[SLAB_NAME_SZ];
90 };
91 
92 static struct dentry *mon_dir;		/* Usually /sys/kernel/debug/usbmon */
93 
94 static void mon_text_ctor(void *);
95 
96 struct mon_text_ptr {
97 	int cnt, limit;
98 	char *pbuf;
99 };
100 
101 static struct mon_event_text *
102     mon_text_read_wait(struct mon_reader_text *rp, struct file *file);
103 static void mon_text_read_head_t(struct mon_reader_text *rp,
104 	struct mon_text_ptr *p, const struct mon_event_text *ep);
105 static void mon_text_read_head_u(struct mon_reader_text *rp,
106 	struct mon_text_ptr *p, const struct mon_event_text *ep);
107 static void mon_text_read_statset(struct mon_reader_text *rp,
108 	struct mon_text_ptr *p, const struct mon_event_text *ep);
109 static void mon_text_read_intstat(struct mon_reader_text *rp,
110 	struct mon_text_ptr *p, const struct mon_event_text *ep);
111 static void mon_text_read_isostat(struct mon_reader_text *rp,
112 	struct mon_text_ptr *p, const struct mon_event_text *ep);
113 static void mon_text_read_isodesc(struct mon_reader_text *rp,
114 	struct mon_text_ptr *p, const struct mon_event_text *ep);
115 static void mon_text_read_data(struct mon_reader_text *rp,
116     struct mon_text_ptr *p, const struct mon_event_text *ep);
117 
118 /*
119  * mon_text_submit
120  * mon_text_complete
121  *
122  * May be called from an interrupt.
123  *
124  * This is called with the whole mon_bus locked, so no additional lock.
125  */
126 
127 static inline char mon_text_get_setup(struct mon_event_text *ep,
128     struct urb *urb, char ev_type, struct mon_bus *mbus)
129 {
130 
131 	if (ep->xfertype != USB_ENDPOINT_XFER_CONTROL || ev_type != 'S')
132 		return '-';
133 
134 	if (urb->setup_packet == NULL)
135 		return 'Z';	/* '0' would be not as pretty. */
136 
137 	memcpy(ep->setup, urb->setup_packet, SETUP_MAX);
138 	return 0;
139 }
140 
141 static inline char mon_text_get_data(struct mon_event_text *ep, struct urb *urb,
142     int len, char ev_type, struct mon_bus *mbus)
143 {
144 	void *src;
145 
146 	if (len <= 0)
147 		return 'L';
148 	if (len >= DATA_MAX)
149 		len = DATA_MAX;
150 
151 	if (ep->is_in) {
152 		if (ev_type != 'C')
153 			return '<';
154 	} else {
155 		if (ev_type != 'S')
156 			return '>';
157 	}
158 
159 	if (urb->num_sgs == 0) {
160 		src = urb->transfer_buffer;
161 		if (src == NULL)
162 			return 'Z';	/* '0' would be not as pretty. */
163 	} else {
164 		struct scatterlist *sg = urb->sg;
165 
166 		if (PageHighMem(sg_page(sg)))
167 			return 'D';
168 
169 		/* For the text interface we copy only the first sg buffer */
170 		len = min_t(int, sg->length, len);
171 		src = sg_virt(sg);
172 	}
173 
174 	memcpy(ep->data, src, len);
175 	return 0;
176 }
177 
178 static inline unsigned int mon_get_timestamp(void)
179 {
180 	struct timespec64 now;
181 	unsigned int stamp;
182 
183 	ktime_get_ts64(&now);
184 	stamp = now.tv_sec & 0xFFF;  /* 2^32 = 4294967296. Limit to 4096s. */
185 	stamp = stamp * USEC_PER_SEC + now.tv_nsec / NSEC_PER_USEC;
186 	return stamp;
187 }
188 
189 static void mon_text_event(struct mon_reader_text *rp, struct urb *urb,
190     char ev_type, int status)
191 {
192 	struct mon_event_text *ep;
193 	unsigned int stamp;
194 	struct usb_iso_packet_descriptor *fp;
195 	struct mon_iso_desc *dp;
196 	int i, ndesc;
197 
198 	stamp = mon_get_timestamp();
199 
200 	if (rp->nevents >= EVENT_MAX ||
201 	    (ep = kmem_cache_alloc(rp->e_slab, GFP_ATOMIC)) == NULL) {
202 		rp->r.m_bus->cnt_text_lost++;
203 		return;
204 	}
205 
206 	ep->type = ev_type;
207 	ep->id = (unsigned long) urb;
208 	ep->busnum = urb->dev->bus->busnum;
209 	ep->devnum = urb->dev->devnum;
210 	ep->epnum = usb_endpoint_num(&urb->ep->desc);
211 	ep->xfertype = usb_endpoint_type(&urb->ep->desc);
212 	ep->is_in = usb_urb_dir_in(urb);
213 	ep->tstamp = stamp;
214 	ep->length = (ev_type == 'S') ?
215 	    urb->transfer_buffer_length : urb->actual_length;
216 	/* Collecting status makes debugging sense for submits, too */
217 	ep->status = status;
218 
219 	if (ep->xfertype == USB_ENDPOINT_XFER_INT) {
220 		ep->interval = urb->interval;
221 	} else if (ep->xfertype == USB_ENDPOINT_XFER_ISOC) {
222 		ep->interval = urb->interval;
223 		ep->start_frame = urb->start_frame;
224 		ep->error_count = urb->error_count;
225 	}
226 	ep->numdesc = urb->number_of_packets;
227 	if (ep->xfertype == USB_ENDPOINT_XFER_ISOC &&
228 			urb->number_of_packets > 0) {
229 		if ((ndesc = urb->number_of_packets) > ISODESC_MAX)
230 			ndesc = ISODESC_MAX;
231 		fp = urb->iso_frame_desc;
232 		dp = ep->isodesc;
233 		for (i = 0; i < ndesc; i++) {
234 			dp->status = fp->status;
235 			dp->offset = fp->offset;
236 			dp->length = (ev_type == 'S') ?
237 			    fp->length : fp->actual_length;
238 			fp++;
239 			dp++;
240 		}
241 		/* Wasteful, but simple to understand: ISO 'C' is sparse. */
242 		if (ev_type == 'C')
243 			ep->length = urb->transfer_buffer_length;
244 	}
245 
246 	ep->setup_flag = mon_text_get_setup(ep, urb, ev_type, rp->r.m_bus);
247 	ep->data_flag = mon_text_get_data(ep, urb, ep->length, ev_type,
248 			rp->r.m_bus);
249 
250 	rp->nevents++;
251 	list_add_tail(&ep->e_link, &rp->e_list);
252 	wake_up(&rp->wait);
253 }
254 
255 static void mon_text_submit(void *data, struct urb *urb)
256 {
257 	struct mon_reader_text *rp = data;
258 	mon_text_event(rp, urb, 'S', -EINPROGRESS);
259 }
260 
261 static void mon_text_complete(void *data, struct urb *urb, int status)
262 {
263 	struct mon_reader_text *rp = data;
264 	mon_text_event(rp, urb, 'C', status);
265 }
266 
267 static void mon_text_error(void *data, struct urb *urb, int error)
268 {
269 	struct mon_reader_text *rp = data;
270 	struct mon_event_text *ep;
271 
272 	if (rp->nevents >= EVENT_MAX ||
273 	    (ep = kmem_cache_alloc(rp->e_slab, GFP_ATOMIC)) == NULL) {
274 		rp->r.m_bus->cnt_text_lost++;
275 		return;
276 	}
277 
278 	ep->type = 'E';
279 	ep->id = (unsigned long) urb;
280 	ep->busnum = urb->dev->bus->busnum;
281 	ep->devnum = urb->dev->devnum;
282 	ep->epnum = usb_endpoint_num(&urb->ep->desc);
283 	ep->xfertype = usb_endpoint_type(&urb->ep->desc);
284 	ep->is_in = usb_urb_dir_in(urb);
285 	ep->tstamp = mon_get_timestamp();
286 	ep->length = 0;
287 	ep->status = error;
288 
289 	ep->setup_flag = '-';
290 	ep->data_flag = 'E';
291 
292 	rp->nevents++;
293 	list_add_tail(&ep->e_link, &rp->e_list);
294 	wake_up(&rp->wait);
295 }
296 
297 /*
298  * Fetch next event from the circular buffer.
299  */
300 static struct mon_event_text *mon_text_fetch(struct mon_reader_text *rp,
301     struct mon_bus *mbus)
302 {
303 	struct list_head *p;
304 	unsigned long flags;
305 
306 	spin_lock_irqsave(&mbus->lock, flags);
307 	if (list_empty(&rp->e_list)) {
308 		spin_unlock_irqrestore(&mbus->lock, flags);
309 		return NULL;
310 	}
311 	p = rp->e_list.next;
312 	list_del(p);
313 	--rp->nevents;
314 	spin_unlock_irqrestore(&mbus->lock, flags);
315 	return list_entry(p, struct mon_event_text, e_link);
316 }
317 
318 /*
319  */
320 static int mon_text_open(struct inode *inode, struct file *file)
321 {
322 	struct mon_bus *mbus;
323 	struct mon_reader_text *rp;
324 	int rc;
325 
326 	mutex_lock(&mon_lock);
327 	mbus = inode->i_private;
328 
329 	rp = kzalloc(sizeof(struct mon_reader_text), GFP_KERNEL);
330 	if (rp == NULL) {
331 		rc = -ENOMEM;
332 		goto err_alloc;
333 	}
334 	INIT_LIST_HEAD(&rp->e_list);
335 	init_waitqueue_head(&rp->wait);
336 	mutex_init(&rp->printf_lock);
337 
338 	rp->printf_size = PRINTF_DFL;
339 	rp->printf_buf = kmalloc(rp->printf_size, GFP_KERNEL);
340 	if (rp->printf_buf == NULL) {
341 		rc = -ENOMEM;
342 		goto err_alloc_pr;
343 	}
344 
345 	rp->r.m_bus = mbus;
346 	rp->r.r_data = rp;
347 	rp->r.rnf_submit = mon_text_submit;
348 	rp->r.rnf_error = mon_text_error;
349 	rp->r.rnf_complete = mon_text_complete;
350 
351 	snprintf(rp->slab_name, SLAB_NAME_SZ, "mon_text_%p", rp);
352 	rp->e_slab = kmem_cache_create(rp->slab_name,
353 	    sizeof(struct mon_event_text), sizeof(long), 0,
354 	    mon_text_ctor);
355 	if (rp->e_slab == NULL) {
356 		rc = -ENOMEM;
357 		goto err_slab;
358 	}
359 
360 	mon_reader_add(mbus, &rp->r);
361 
362 	file->private_data = rp;
363 	mutex_unlock(&mon_lock);
364 	return 0;
365 
366 // err_busy:
367 //	kmem_cache_destroy(rp->e_slab);
368 err_slab:
369 	kfree(rp->printf_buf);
370 err_alloc_pr:
371 	kfree(rp);
372 err_alloc:
373 	mutex_unlock(&mon_lock);
374 	return rc;
375 }
376 
377 /*
378  * For simplicity, we read one record in one system call and throw out
379  * what does not fit. This means that the following does not work:
380  *   dd if=/dbg/usbmon/0t bs=10
381  * Also, we do not allow seeks and do not bother advancing the offset.
382  */
383 static ssize_t mon_text_read_t(struct file *file, char __user *buf,
384 				size_t nbytes, loff_t *ppos)
385 {
386 	struct mon_reader_text *rp = file->private_data;
387 	struct mon_event_text *ep;
388 	struct mon_text_ptr ptr;
389 
390 	ep = mon_text_read_wait(rp, file);
391 	if (IS_ERR(ep))
392 		return PTR_ERR(ep);
393 	mutex_lock(&rp->printf_lock);
394 	ptr.cnt = 0;
395 	ptr.pbuf = rp->printf_buf;
396 	ptr.limit = rp->printf_size;
397 
398 	mon_text_read_head_t(rp, &ptr, ep);
399 	mon_text_read_statset(rp, &ptr, ep);
400 	ptr.cnt += snprintf(ptr.pbuf + ptr.cnt, ptr.limit - ptr.cnt,
401 	    " %d", ep->length);
402 	mon_text_read_data(rp, &ptr, ep);
403 
404 	if (copy_to_user(buf, rp->printf_buf, ptr.cnt))
405 		ptr.cnt = -EFAULT;
406 	mutex_unlock(&rp->printf_lock);
407 	kmem_cache_free(rp->e_slab, ep);
408 	return ptr.cnt;
409 }
410 
411 static ssize_t mon_text_read_u(struct file *file, char __user *buf,
412 				size_t nbytes, loff_t *ppos)
413 {
414 	struct mon_reader_text *rp = file->private_data;
415 	struct mon_event_text *ep;
416 	struct mon_text_ptr ptr;
417 
418 	ep = mon_text_read_wait(rp, file);
419 	if (IS_ERR(ep))
420 		return PTR_ERR(ep);
421 	mutex_lock(&rp->printf_lock);
422 	ptr.cnt = 0;
423 	ptr.pbuf = rp->printf_buf;
424 	ptr.limit = rp->printf_size;
425 
426 	mon_text_read_head_u(rp, &ptr, ep);
427 	if (ep->type == 'E') {
428 		mon_text_read_statset(rp, &ptr, ep);
429 	} else if (ep->xfertype == USB_ENDPOINT_XFER_ISOC) {
430 		mon_text_read_isostat(rp, &ptr, ep);
431 		mon_text_read_isodesc(rp, &ptr, ep);
432 	} else if (ep->xfertype == USB_ENDPOINT_XFER_INT) {
433 		mon_text_read_intstat(rp, &ptr, ep);
434 	} else {
435 		mon_text_read_statset(rp, &ptr, ep);
436 	}
437 	ptr.cnt += snprintf(ptr.pbuf + ptr.cnt, ptr.limit - ptr.cnt,
438 	    " %d", ep->length);
439 	mon_text_read_data(rp, &ptr, ep);
440 
441 	if (copy_to_user(buf, rp->printf_buf, ptr.cnt))
442 		ptr.cnt = -EFAULT;
443 	mutex_unlock(&rp->printf_lock);
444 	kmem_cache_free(rp->e_slab, ep);
445 	return ptr.cnt;
446 }
447 
448 static struct mon_event_text *mon_text_read_wait(struct mon_reader_text *rp,
449     struct file *file)
450 {
451 	struct mon_bus *mbus = rp->r.m_bus;
452 	DECLARE_WAITQUEUE(waita, current);
453 	struct mon_event_text *ep;
454 
455 	add_wait_queue(&rp->wait, &waita);
456 	set_current_state(TASK_INTERRUPTIBLE);
457 	while ((ep = mon_text_fetch(rp, mbus)) == NULL) {
458 		if (file->f_flags & O_NONBLOCK) {
459 			set_current_state(TASK_RUNNING);
460 			remove_wait_queue(&rp->wait, &waita);
461 			return ERR_PTR(-EWOULDBLOCK);
462 		}
463 		/*
464 		 * We do not count nwaiters, because ->release is supposed
465 		 * to be called when all openers are gone only.
466 		 */
467 		schedule();
468 		if (signal_pending(current)) {
469 			remove_wait_queue(&rp->wait, &waita);
470 			return ERR_PTR(-EINTR);
471 		}
472 		set_current_state(TASK_INTERRUPTIBLE);
473 	}
474 	set_current_state(TASK_RUNNING);
475 	remove_wait_queue(&rp->wait, &waita);
476 	return ep;
477 }
478 
479 static void mon_text_read_head_t(struct mon_reader_text *rp,
480 	struct mon_text_ptr *p, const struct mon_event_text *ep)
481 {
482 	char udir, utype;
483 
484 	udir = (ep->is_in ? 'i' : 'o');
485 	switch (ep->xfertype) {
486 	case USB_ENDPOINT_XFER_ISOC:	utype = 'Z'; break;
487 	case USB_ENDPOINT_XFER_INT:	utype = 'I'; break;
488 	case USB_ENDPOINT_XFER_CONTROL:	utype = 'C'; break;
489 	default: /* PIPE_BULK */  utype = 'B';
490 	}
491 	p->cnt += snprintf(p->pbuf + p->cnt, p->limit - p->cnt,
492 	    "%lx %u %c %c%c:%03u:%02u",
493 	    ep->id, ep->tstamp, ep->type,
494 	    utype, udir, ep->devnum, ep->epnum);
495 }
496 
497 static void mon_text_read_head_u(struct mon_reader_text *rp,
498 	struct mon_text_ptr *p, const struct mon_event_text *ep)
499 {
500 	char udir, utype;
501 
502 	udir = (ep->is_in ? 'i' : 'o');
503 	switch (ep->xfertype) {
504 	case USB_ENDPOINT_XFER_ISOC:	utype = 'Z'; break;
505 	case USB_ENDPOINT_XFER_INT:	utype = 'I'; break;
506 	case USB_ENDPOINT_XFER_CONTROL:	utype = 'C'; break;
507 	default: /* PIPE_BULK */  utype = 'B';
508 	}
509 	p->cnt += snprintf(p->pbuf + p->cnt, p->limit - p->cnt,
510 	    "%lx %u %c %c%c:%d:%03u:%u",
511 	    ep->id, ep->tstamp, ep->type,
512 	    utype, udir, ep->busnum, ep->devnum, ep->epnum);
513 }
514 
515 static void mon_text_read_statset(struct mon_reader_text *rp,
516 	struct mon_text_ptr *p, const struct mon_event_text *ep)
517 {
518 
519 	if (ep->setup_flag == 0) {   /* Setup packet is present and captured */
520 		p->cnt += snprintf(p->pbuf + p->cnt, p->limit - p->cnt,
521 		    " s %02x %02x %04x %04x %04x",
522 		    ep->setup[0],
523 		    ep->setup[1],
524 		    (ep->setup[3] << 8) | ep->setup[2],
525 		    (ep->setup[5] << 8) | ep->setup[4],
526 		    (ep->setup[7] << 8) | ep->setup[6]);
527 	} else if (ep->setup_flag != '-') { /* Unable to capture setup packet */
528 		p->cnt += snprintf(p->pbuf + p->cnt, p->limit - p->cnt,
529 		    " %c __ __ ____ ____ ____", ep->setup_flag);
530 	} else {                     /* No setup for this kind of URB */
531 		p->cnt += snprintf(p->pbuf + p->cnt, p->limit - p->cnt,
532 		    " %d", ep->status);
533 	}
534 }
535 
536 static void mon_text_read_intstat(struct mon_reader_text *rp,
537 	struct mon_text_ptr *p, const struct mon_event_text *ep)
538 {
539 	p->cnt += snprintf(p->pbuf + p->cnt, p->limit - p->cnt,
540 	    " %d:%d", ep->status, ep->interval);
541 }
542 
543 static void mon_text_read_isostat(struct mon_reader_text *rp,
544 	struct mon_text_ptr *p, const struct mon_event_text *ep)
545 {
546 	if (ep->type == 'S') {
547 		p->cnt += snprintf(p->pbuf + p->cnt, p->limit - p->cnt,
548 		    " %d:%d:%d", ep->status, ep->interval, ep->start_frame);
549 	} else {
550 		p->cnt += snprintf(p->pbuf + p->cnt, p->limit - p->cnt,
551 		    " %d:%d:%d:%d",
552 		    ep->status, ep->interval, ep->start_frame, ep->error_count);
553 	}
554 }
555 
556 static void mon_text_read_isodesc(struct mon_reader_text *rp,
557 	struct mon_text_ptr *p, const struct mon_event_text *ep)
558 {
559 	int ndesc;	/* Display this many */
560 	int i;
561 	const struct mon_iso_desc *dp;
562 
563 	p->cnt += snprintf(p->pbuf + p->cnt, p->limit - p->cnt,
564 	    " %d", ep->numdesc);
565 	ndesc = ep->numdesc;
566 	if (ndesc > ISODESC_MAX)
567 		ndesc = ISODESC_MAX;
568 	if (ndesc < 0)
569 		ndesc = 0;
570 	dp = ep->isodesc;
571 	for (i = 0; i < ndesc; i++) {
572 		p->cnt += snprintf(p->pbuf + p->cnt, p->limit - p->cnt,
573 		    " %d:%u:%u", dp->status, dp->offset, dp->length);
574 		dp++;
575 	}
576 }
577 
578 static void mon_text_read_data(struct mon_reader_text *rp,
579     struct mon_text_ptr *p, const struct mon_event_text *ep)
580 {
581 	int data_len, i;
582 
583 	if ((data_len = ep->length) > 0) {
584 		if (ep->data_flag == 0) {
585 			p->cnt += snprintf(p->pbuf + p->cnt, p->limit - p->cnt,
586 			    " =");
587 			if (data_len >= DATA_MAX)
588 				data_len = DATA_MAX;
589 			for (i = 0; i < data_len; i++) {
590 				if (i % 4 == 0) {
591 					p->cnt += snprintf(p->pbuf + p->cnt,
592 					    p->limit - p->cnt,
593 					    " ");
594 				}
595 				p->cnt += snprintf(p->pbuf + p->cnt,
596 				    p->limit - p->cnt,
597 				    "%02x", ep->data[i]);
598 			}
599 			p->cnt += snprintf(p->pbuf + p->cnt, p->limit - p->cnt,
600 			    "\n");
601 		} else {
602 			p->cnt += snprintf(p->pbuf + p->cnt, p->limit - p->cnt,
603 			    " %c\n", ep->data_flag);
604 		}
605 	} else {
606 		p->cnt += snprintf(p->pbuf + p->cnt, p->limit - p->cnt, "\n");
607 	}
608 }
609 
610 static int mon_text_release(struct inode *inode, struct file *file)
611 {
612 	struct mon_reader_text *rp = file->private_data;
613 	struct mon_bus *mbus;
614 	/* unsigned long flags; */
615 	struct list_head *p;
616 	struct mon_event_text *ep;
617 
618 	mutex_lock(&mon_lock);
619 	mbus = inode->i_private;
620 
621 	if (mbus->nreaders <= 0) {
622 		printk(KERN_ERR TAG ": consistency error on close\n");
623 		mutex_unlock(&mon_lock);
624 		return 0;
625 	}
626 	mon_reader_del(mbus, &rp->r);
627 
628 	/*
629 	 * In theory, e_list is protected by mbus->lock. However,
630 	 * after mon_reader_del has finished, the following is the case:
631 	 *  - we are not on reader list anymore, so new events won't be added;
632 	 *  - whole mbus may be dropped if it was orphaned.
633 	 * So, we better not touch mbus.
634 	 */
635 	/* spin_lock_irqsave(&mbus->lock, flags); */
636 	while (!list_empty(&rp->e_list)) {
637 		p = rp->e_list.next;
638 		ep = list_entry(p, struct mon_event_text, e_link);
639 		list_del(p);
640 		--rp->nevents;
641 		kmem_cache_free(rp->e_slab, ep);
642 	}
643 	/* spin_unlock_irqrestore(&mbus->lock, flags); */
644 
645 	kmem_cache_destroy(rp->e_slab);
646 	kfree(rp->printf_buf);
647 	kfree(rp);
648 
649 	mutex_unlock(&mon_lock);
650 	return 0;
651 }
652 
653 static const struct file_operations mon_fops_text_t = {
654 	.owner =	THIS_MODULE,
655 	.open =		mon_text_open,
656 	.llseek =	no_llseek,
657 	.read =		mon_text_read_t,
658 	.release =	mon_text_release,
659 };
660 
661 static const struct file_operations mon_fops_text_u = {
662 	.owner =	THIS_MODULE,
663 	.open =		mon_text_open,
664 	.llseek =	no_llseek,
665 	.read =		mon_text_read_u,
666 	.release =	mon_text_release,
667 };
668 
669 int mon_text_add(struct mon_bus *mbus, const struct usb_bus *ubus)
670 {
671 	struct dentry *d;
672 	enum { NAMESZ = 10 };
673 	char name[NAMESZ];
674 	int busnum = ubus? ubus->busnum: 0;
675 	int rc;
676 
677 	if (mon_dir == NULL)
678 		return 0;
679 
680 	if (ubus != NULL) {
681 		rc = snprintf(name, NAMESZ, "%dt", busnum);
682 		if (rc <= 0 || rc >= NAMESZ)
683 			goto err_print_t;
684 		d = debugfs_create_file(name, 0600, mon_dir, mbus,
685 							     &mon_fops_text_t);
686 		if (d == NULL)
687 			goto err_create_t;
688 		mbus->dent_t = d;
689 	}
690 
691 	rc = snprintf(name, NAMESZ, "%du", busnum);
692 	if (rc <= 0 || rc >= NAMESZ)
693 		goto err_print_u;
694 	d = debugfs_create_file(name, 0600, mon_dir, mbus, &mon_fops_text_u);
695 	if (d == NULL)
696 		goto err_create_u;
697 	mbus->dent_u = d;
698 
699 	rc = snprintf(name, NAMESZ, "%ds", busnum);
700 	if (rc <= 0 || rc >= NAMESZ)
701 		goto err_print_s;
702 	d = debugfs_create_file(name, 0600, mon_dir, mbus, &mon_fops_stat);
703 	if (d == NULL)
704 		goto err_create_s;
705 	mbus->dent_s = d;
706 
707 	return 1;
708 
709 err_create_s:
710 err_print_s:
711 	debugfs_remove(mbus->dent_u);
712 	mbus->dent_u = NULL;
713 err_create_u:
714 err_print_u:
715 	if (ubus != NULL) {
716 		debugfs_remove(mbus->dent_t);
717 		mbus->dent_t = NULL;
718 	}
719 err_create_t:
720 err_print_t:
721 	return 0;
722 }
723 
724 void mon_text_del(struct mon_bus *mbus)
725 {
726 	debugfs_remove(mbus->dent_u);
727 	if (mbus->dent_t != NULL)
728 		debugfs_remove(mbus->dent_t);
729 	debugfs_remove(mbus->dent_s);
730 }
731 
732 /*
733  * Slab interface: constructor.
734  */
735 static void mon_text_ctor(void *mem)
736 {
737 	/*
738 	 * Nothing to initialize. No, really!
739 	 * So, we fill it with garbage to emulate a reused object.
740 	 */
741 	memset(mem, 0xe5, sizeof(struct mon_event_text));
742 }
743 
744 int __init mon_text_init(void)
745 {
746 	struct dentry *mondir;
747 
748 	mondir = debugfs_create_dir("usbmon", usb_debug_root);
749 	if (IS_ERR(mondir)) {
750 		/* debugfs not available, but we can use usbmon without it */
751 		return 0;
752 	}
753 	if (mondir == NULL) {
754 		printk(KERN_NOTICE TAG ": unable to create usbmon directory\n");
755 		return -ENOMEM;
756 	}
757 	mon_dir = mondir;
758 	return 0;
759 }
760 
761 void mon_text_exit(void)
762 {
763 	debugfs_remove(mon_dir);
764 }
765