LXR linux/drivers/usb/class/cdc-wdm.c

   1/*
   2 * cdc-wdm.c
   3 *
   4 * This driver supports USB CDC WCM Device Management.
   5 *
   6 * Copyright (c) 2007-2009 Oliver Neukum
   7 *
   8 * Some code taken from cdc-acm.c
   9 *
  10 * Released under the GPLv2.
  11 *
  12 * Many thanks to Carl Nordbeck
  13 */
  14#include <linux/kernel.h>
  15#include <linux/errno.h>
  16#include <linux/ioctl.h>
  17#include <linux/slab.h>
  18#include <linux/module.h>
  19#include <linux/mutex.h>
  20#include <linux/uaccess.h>
  21#include <linux/bitops.h>
  22#include <linux/poll.h>
  23#include <linux/usb.h>
  24#include <linux/usb/cdc.h>
  25#include <asm/byteorder.h>
  26#include <asm/unaligned.h>
  27#include <linux/usb/cdc-wdm.h>
  28
  29/*
  30 * Version Information
  31 */
  32#define DRIVER_VERSION "v0.03"
  33#define DRIVER_AUTHOR "Oliver Neukum"
  34#define DRIVER_DESC "USB Abstract Control Model driver for USB WCM Device Management"
  35
  36static const struct usb_device_id wdm_ids[] = {
  37        {
  38                .match_flags = USB_DEVICE_ID_MATCH_INT_CLASS |
  39                                 USB_DEVICE_ID_MATCH_INT_SUBCLASS,
  40                .bInterfaceClass = USB_CLASS_COMM,
  41                .bInterfaceSubClass = USB_CDC_SUBCLASS_DMM
  42        },
  43        { }
  44};
  45
  46MODULE_DEVICE_TABLE (usb, wdm_ids);
  47
  48#define WDM_MINOR_BASE  176
  49
  50
  51#define WDM_IN_USE              1
  52#define WDM_DISCONNECTING       2
  53#define WDM_RESULT              3
  54#define WDM_READ                4
  55#define WDM_INT_STALL           5
  56#define WDM_POLL_RUNNING        6
  57#define WDM_RESPONDING          7
  58#define WDM_SUSPENDING          8
  59#define WDM_RESETTING           9
  60#define WDM_OVERFLOW            10
  61
  62#define WDM_MAX                 16
  63
  64/* CDC-WMC r1.1 requires wMaxCommand to be "at least 256 decimal (0x100)" */
  65#define WDM_DEFAULT_BUFSIZE     256
  66
  67static DEFINE_MUTEX(wdm_mutex);
  68static DEFINE_SPINLOCK(wdm_device_list_lock);
  69static LIST_HEAD(wdm_device_list);
  70
  71/* --- method tables --- */
  72
  73struct wdm_device {
  74        u8                      *inbuf; /* buffer for response */
  75        u8                      *outbuf; /* buffer for command */
  76        u8                      *sbuf; /* buffer for status */
  77        u8                      *ubuf; /* buffer for copy to user space */
  78
  79        struct urb              *command;
  80        struct urb              *response;
  81        struct urb              *validity;
  82        struct usb_interface    *intf;
  83        struct usb_ctrlrequest  *orq;
  84        struct usb_ctrlrequest  *irq;
  85        spinlock_t              iuspin;
  86
  87        unsigned long           flags;
  88        u16                     bufsize;
  89        u16                     wMaxCommand;
  90        u16                     wMaxPacketSize;
  91        __le16                  inum;
  92        int                     reslength;
  93        int                     length;
  94        int                     read;
  95        int                     count;
  96        dma_addr_t              shandle;
  97        dma_addr_t              ihandle;
  98        struct mutex            wlock;
  99        struct mutex            rlock;
 100        wait_queue_head_t       wait;
 101        struct work_struct      rxwork;
 102        int                     werr;
 103        int                     rerr;
 104        int                     resp_count;
 105
 106        struct list_head        device_list;
 107        int                     (*manage_power)(struct usb_interface *, int);
 108};
 109
 110static struct usb_driver wdm_driver;
 111
 112/* return intfdata if we own the interface, else look up intf in the list */
 113static struct wdm_device *wdm_find_device(struct usb_interface *intf)
 114{
 115        struct wdm_device *desc;
 116
 117        spin_lock(&wdm_device_list_lock);
 118        list_for_each_entry(desc, &wdm_device_list, device_list)
 119                if (desc->intf == intf)
 120                        goto found;
 121        desc = NULL;
 122found:
 123        spin_unlock(&wdm_device_list_lock);
 124
 125        return desc;
 126}
 127
 128static struct wdm_device *wdm_find_device_by_minor(int minor)
 129{
 130        struct wdm_device *desc;
 131
 132        spin_lock(&wdm_device_list_lock);
 133        list_for_each_entry(desc, &wdm_device_list, device_list)
 134                if (desc->intf->minor == minor)
 135                        goto found;
 136        desc = NULL;
 137found:
 138        spin_unlock(&wdm_device_list_lock);
 139
 140        return desc;
 141}
 142
 143/* --- callbacks --- */
 144static void wdm_out_callback(struct urb *urb)
 145{
 146        struct wdm_device *desc;
 147        desc = urb->context;
 148        spin_lock(&desc->iuspin);
 149        desc->werr = urb->status;
 150        spin_unlock(&desc->iuspin);
 151        kfree(desc->outbuf);
 152        desc->outbuf = NULL;
 153        clear_bit(WDM_IN_USE, &desc->flags);
 154        wake_up(&desc->wait);
 155}
 156
 157/* forward declaration */
 158static int service_outstanding_interrupt(struct wdm_device *desc);
 159
 160static void wdm_in_callback(struct urb *urb)
 161{
 162        struct wdm_device *desc = urb->context;
 163        int status = urb->status;
 164        int length = urb->actual_length;
 165
 166        spin_lock(&desc->iuspin);
 167        clear_bit(WDM_RESPONDING, &desc->flags);
 168
 169        if (status) {
 170                switch (status) {
 171                case -ENOENT:
 172                        dev_dbg(&desc->intf->dev,
 173                                "nonzero urb status received: -ENOENT\n");
 174                        goto skip_error;
 175                case -ECONNRESET:
 176                        dev_dbg(&desc->intf->dev,
 177                                "nonzero urb status received: -ECONNRESET\n");
 178                        goto skip_error;
 179                case -ESHUTDOWN:
 180                        dev_dbg(&desc->intf->dev,
 181                                "nonzero urb status received: -ESHUTDOWN\n");
 182                        goto skip_error;
 183                case -EPIPE:
 184                        dev_err(&desc->intf->dev,
 185                                "nonzero urb status received: -EPIPE\n");
 186                        break;
 187                default:
 188                        dev_err(&desc->intf->dev,
 189                                "Unexpected error %d\n", status);
 190                        break;
 191                }
 192        }
 193
 194        /*
 195         * only set a new error if there is no previous error.
 196         * Errors are only cleared during read/open
 197         */
 198        if (desc->rerr  == 0)
 199                desc->rerr = status;
 200
 201        if (length + desc->length > desc->wMaxCommand) {
 202                /* The buffer would overflow */
 203                set_bit(WDM_OVERFLOW, &desc->flags);
 204        } else {
 205                /* we may already be in overflow */
 206                if (!test_bit(WDM_OVERFLOW, &desc->flags)) {
 207                        memmove(desc->ubuf + desc->length, desc->inbuf, length);
 208                        desc->length += length;
 209                        desc->reslength = length;
 210                }
 211        }
 212skip_error:
 213        set_bit(WDM_READ, &desc->flags);
 214        wake_up(&desc->wait);
 215
 216        if (desc->rerr) {
 217                /*
 218                 * Since there was an error, userspace may decide to not read
 219                 * any data after poll'ing.
 220                 * We should respond to further attempts from the device to send
 221                 * data, so that we can get unstuck.
 222                 */
 223                service_outstanding_interrupt(desc);
 224        }
 225
 226        spin_unlock(&desc->iuspin);
 227}
 228
 229static void wdm_int_callback(struct urb *urb)
 230{
 231        int rv = 0;
 232        int responding;
 233        int status = urb->status;
 234        struct wdm_device *desc;
 235        struct usb_cdc_notification *dr;
 236
 237        desc = urb->context;
 238        dr = (struct usb_cdc_notification *)desc->sbuf;
 239
 240        if (status) {
 241                switch (status) {
 242                case -ESHUTDOWN:
 243                case -ENOENT:
 244                case -ECONNRESET:
 245                        return; /* unplug */
 246                case -EPIPE:
 247                        set_bit(WDM_INT_STALL, &desc->flags);
 248                        dev_err(&desc->intf->dev, "Stall on int endpoint\n");
 249                        goto sw; /* halt is cleared in work */
 250                default:
 251                        dev_err(&desc->intf->dev,
 252                                "nonzero urb status received: %d\n", status);
 253                        break;
 254                }
 255        }
 256
 257        if (urb->actual_length < sizeof(struct usb_cdc_notification)) {
 258                dev_err(&desc->intf->dev, "wdm_int_callback - %d bytes\n",
 259                        urb->actual_length);
 260                goto exit;
 261        }
 262
 263        switch (dr->bNotificationType) {
 264        case USB_CDC_NOTIFY_RESPONSE_AVAILABLE:
 265                dev_dbg(&desc->intf->dev,
 266                        "NOTIFY_RESPONSE_AVAILABLE received: index %d len %d\n",
 267                        le16_to_cpu(dr->wIndex), le16_to_cpu(dr->wLength));
 268                break;
 269
 270        case USB_CDC_NOTIFY_NETWORK_CONNECTION:
 271
 272                dev_dbg(&desc->intf->dev,
 273                        "NOTIFY_NETWORK_CONNECTION %s network\n",
 274                        dr->wValue ? "connected to" : "disconnected from");
 275                goto exit;
 276        case USB_CDC_NOTIFY_SPEED_CHANGE:
 277                dev_dbg(&desc->intf->dev, "SPEED_CHANGE received (len %u)\n",
 278                        urb->actual_length);
 279                goto exit;
 280        default:
 281                clear_bit(WDM_POLL_RUNNING, &desc->flags);
 282                dev_err(&desc->intf->dev,
 283                        "unknown notification %d received: index %d len %d\n",
 284                        dr->bNotificationType,
 285                        le16_to_cpu(dr->wIndex),
 286                        le16_to_cpu(dr->wLength));
 287                goto exit;
 288        }
 289
 290        spin_lock(&desc->iuspin);
 291        responding = test_and_set_bit(WDM_RESPONDING, &desc->flags);
 292        if (!desc->resp_count++ && !responding
 293                && !test_bit(WDM_DISCONNECTING, &desc->flags)
 294                && !test_bit(WDM_SUSPENDING, &desc->flags)) {
 295                rv = usb_submit_urb(desc->response, GFP_ATOMIC);
 296                dev_dbg(&desc->intf->dev, "submit response URB %d\n", rv);
 297        }
 298        spin_unlock(&desc->iuspin);
 299        if (rv < 0) {
 300                clear_bit(WDM_RESPONDING, &desc->flags);
 301                if (rv == -EPERM)
 302                        return;
 303                if (rv == -ENOMEM) {
 304sw:
 305                        rv = schedule_work(&desc->rxwork);
 306                        if (rv)
 307                                dev_err(&desc->intf->dev,
 308                                        "Cannot schedule work\n");
 309                }
 310        }
 311exit:
 312        rv = usb_submit_urb(urb, GFP_ATOMIC);
 313        if (rv)
 314                dev_err(&desc->intf->dev,
 315                        "%s - usb_submit_urb failed with result %d\n",
 316                        __func__, rv);
 317
 318}
 319
 320static void kill_urbs(struct wdm_device *desc)
 321{
 322        /* the order here is essential */
 323        usb_kill_urb(desc->command);
 324        usb_kill_urb(desc->validity);
 325        usb_kill_urb(desc->response);
 326}
 327
 328static void free_urbs(struct wdm_device *desc)
 329{
 330        usb_free_urb(desc->validity);
 331        usb_free_urb(desc->response);
 332        usb_free_urb(desc->command);
 333}
 334
 335static void cleanup(struct wdm_device *desc)
 336{
 337        kfree(desc->sbuf);
 338        kfree(desc->inbuf);
 339        kfree(desc->orq);
 340        kfree(desc->irq);
 341        kfree(desc->ubuf);
 342        free_urbs(desc);
 343        kfree(desc);
 344}
 345
 346static ssize_t wdm_write
 347(struct file *file, const char __user *buffer, size_t count, loff_t *ppos)
 348{
 349        u8 *buf;
 350        int rv = -EMSGSIZE, r, we;
 351        struct wdm_device *desc = file->private_data;
 352        struct usb_ctrlrequest *req;
 353
 354        if (count > desc->wMaxCommand)
 355                count = desc->wMaxCommand;
 356
 357        spin_lock_irq(&desc->iuspin);
 358        we = desc->werr;
 359        desc->werr = 0;
 360        spin_unlock_irq(&desc->iuspin);
 361        if (we < 0)
 362                return usb_translate_errors(we);
 363
 364        buf = memdup_user(buffer, count);
 365        if (IS_ERR(buf))
 366                return PTR_ERR(buf);
 367
 368        /* concurrent writes and disconnect */
 369        r = mutex_lock_interruptible(&desc->wlock);
 370        rv = -ERESTARTSYS;
 371        if (r)
 372                goto out_free_mem;
 373
 374        if (test_bit(WDM_DISCONNECTING, &desc->flags)) {
 375                rv = -ENODEV;
 376                goto out_free_mem_lock;
 377        }
 378
 379        r = usb_autopm_get_interface(desc->intf);
 380        if (r < 0) {
 381                rv = usb_translate_errors(r);
 382                goto out_free_mem_lock;
 383        }
 384
 385        if (!(file->f_flags & O_NONBLOCK))
 386                r = wait_event_interruptible(desc->wait, !test_bit(WDM_IN_USE,
 387                                                                &desc->flags));
 388        else
 389                if (test_bit(WDM_IN_USE, &desc->flags))
 390                        r = -EAGAIN;
 391
 392        if (test_bit(WDM_RESETTING, &desc->flags))
 393                r = -EIO;
 394
 395        if (r < 0) {
 396                rv = r;
 397                goto out_free_mem_pm;
 398        }
 399
 400        req = desc->orq;
 401        usb_fill_control_urb(
 402                desc->command,
 403                interface_to_usbdev(desc->intf),
 404                /* using common endpoint 0 */
 405                usb_sndctrlpipe(interface_to_usbdev(desc->intf), 0),
 406                (unsigned char *)req,
 407                buf,
 408                count,
 409                wdm_out_callback,
 410                desc
 411        );
 412
 413        req->bRequestType = (USB_DIR_OUT | USB_TYPE_CLASS |
 414                             USB_RECIP_INTERFACE);
 415        req->bRequest = USB_CDC_SEND_ENCAPSULATED_COMMAND;
 416        req->wValue = 0;
 417        req->wIndex = desc->inum; /* already converted */
 418        req->wLength = cpu_to_le16(count);
 419        set_bit(WDM_IN_USE, &desc->flags);
 420        desc->outbuf = buf;
 421
 422        rv = usb_submit_urb(desc->command, GFP_KERNEL);
 423        if (rv < 0) {
 424                desc->outbuf = NULL;
 425                clear_bit(WDM_IN_USE, &desc->flags);
 426                dev_err(&desc->intf->dev, "Tx URB error: %d\n", rv);
 427                rv = usb_translate_errors(rv);
 428                goto out_free_mem_pm;
 429        } else {
 430                dev_dbg(&desc->intf->dev, "Tx URB has been submitted index=%d\n",
 431                        le16_to_cpu(req->wIndex));
 432        }
 433
 434        usb_autopm_put_interface(desc->intf);
 435        mutex_unlock(&desc->wlock);
 436        return count;
 437
 438out_free_mem_pm:
 439        usb_autopm_put_interface(desc->intf);
 440out_free_mem_lock:
 441        mutex_unlock(&desc->wlock);
 442out_free_mem:
 443        kfree(buf);
 444        return rv;
 445}
 446
 447/*
 448 * Submit the read urb if resp_count is non-zero.
 449 *
 450 * Called with desc->iuspin locked
 451 */
 452static int service_outstanding_interrupt(struct wdm_device *desc)
 453{
 454        int rv = 0;
 455
 456        /* submit read urb only if the device is waiting for it */
 457        if (!desc->resp_count || !--desc->resp_count)
 458                goto out;
 459
 460        set_bit(WDM_RESPONDING, &desc->flags);
 461        spin_unlock_irq(&desc->iuspin);
 462        rv = usb_submit_urb(desc->response, GFP_KERNEL);
 463        spin_lock_irq(&desc->iuspin);
 464        if (rv) {
 465                dev_err(&desc->intf->dev,
 466                        "usb_submit_urb failed with result %d\n", rv);
 467
 468                /* make sure the next notification trigger a submit */
 469                clear_bit(WDM_RESPONDING, &desc->flags);
 470                desc->resp_count = 0;
 471        }
 472out:
 473        return rv;
 474}
 475
 476static ssize_t wdm_read
 477(struct file *file, char __user *buffer, size_t count, loff_t *ppos)
 478{
 479        int rv, cntr;
 480        int i = 0;
 481        struct wdm_device *desc = file->private_data;
 482
 483
 484        rv = mutex_lock_interruptible(&desc->rlock); /*concurrent reads */
 485        if (rv < 0)
 486                return -ERESTARTSYS;
 487
 488        cntr = ACCESS_ONCE(desc->length);
 489        if (cntr == 0) {
 490                desc->read = 0;
 491retry:
 492                if (test_bit(WDM_DISCONNECTING, &desc->flags)) {
 493                        rv = -ENODEV;
 494                        goto err;
 495                }
 496                if (test_bit(WDM_OVERFLOW, &desc->flags)) {
 497                        clear_bit(WDM_OVERFLOW, &desc->flags);
 498                        rv = -ENOBUFS;
 499                        goto err;
 500                }
 501                i++;
 502                if (file->f_flags & O_NONBLOCK) {
 503                        if (!test_bit(WDM_READ, &desc->flags)) {
 504                                rv = -EAGAIN;
 505                                goto err;
 506                        }
 507                        rv = 0;
 508                } else {
 509                        rv = wait_event_interruptible(desc->wait,
 510                                test_bit(WDM_READ, &desc->flags));
 511                }
 512
 513                /* may have happened while we slept */
 514                if (test_bit(WDM_DISCONNECTING, &desc->flags)) {
 515                        rv = -ENODEV;
 516                        goto err;
 517                }
 518                if (test_bit(WDM_RESETTING, &desc->flags)) {
 519                        rv = -EIO;
 520                        goto err;
 521                }
 522                usb_mark_last_busy(interface_to_usbdev(desc->intf));
 523                if (rv < 0) {
 524                        rv = -ERESTARTSYS;
 525                        goto err;
 526                }
 527
 528                spin_lock_irq(&desc->iuspin);
 529
 530                if (desc->rerr) { /* read completed, error happened */
 531                        rv = usb_translate_errors(desc->rerr);
 532                        desc->rerr = 0;
 533                        spin_unlock_irq(&desc->iuspin);
 534                        goto err;
 535                }
 536                /*
 537                 * recheck whether we've lost the race
 538                 * against the completion handler
 539                 */
 540                if (!test_bit(WDM_READ, &desc->flags)) { /* lost race */
 541                        spin_unlock_irq(&desc->iuspin);
 542                        goto retry;
 543                }
 544
 545                if (!desc->reslength) { /* zero length read */
 546                        dev_dbg(&desc->intf->dev, "zero length - clearing WDM_READ\n");
 547                        clear_bit(WDM_READ, &desc->flags);
 548                        rv = service_outstanding_interrupt(desc);
 549                        spin_unlock_irq(&desc->iuspin);
 550                        if (rv < 0)
 551                                goto err;
 552                        goto retry;
 553                }
 554                cntr = desc->length;
 555                spin_unlock_irq(&desc->iuspin);
 556        }
 557
 558        if (cntr > count)
 559                cntr = count;
 560        rv = copy_to_user(buffer, desc->ubuf, cntr);
 561        if (rv > 0) {
 562                rv = -EFAULT;
 563                goto err;
 564        }
 565
 566        spin_lock_irq(&desc->iuspin);
 567
 568        for (i = 0; i < desc->length - cntr; i++)
 569                desc->ubuf[i] = desc->ubuf[i + cntr];
 570
 571        desc->length -= cntr;
 572        /* in case we had outstanding data */
 573        if (!desc->length) {
 574                clear_bit(WDM_READ, &desc->flags);
 575                service_outstanding_interrupt(desc);
 576        }
 577        spin_unlock_irq(&desc->iuspin);
 578        rv = cntr;
 579
 580err:
 581        mutex_unlock(&desc->rlock);
 582        return rv;
 583}
 584
 585static int wdm_flush(struct file *file, fl_owner_t id)
 586{
 587        struct wdm_device *desc = file->private_data;
 588
 589        wait_event(desc->wait, !test_bit(WDM_IN_USE, &desc->flags));
 590
 591        /* cannot dereference desc->intf if WDM_DISCONNECTING */
 592        if (desc->werr < 0 && !test_bit(WDM_DISCONNECTING, &desc->flags))
 593                dev_err(&desc->intf->dev, "Error in flush path: %d\n",
 594                        desc->werr);
 595
 596        return usb_translate_errors(desc->werr);
 597}
 598
 599static unsigned int wdm_poll(struct file *file, struct poll_table_struct *wait)
 600{
 601        struct wdm_device *desc = file->private_data;
 602        unsigned long flags;
 603        unsigned int mask = 0;
 604
 605        spin_lock_irqsave(&desc->iuspin, flags);
 606        if (test_bit(WDM_DISCONNECTING, &desc->flags)) {
 607                mask = POLLHUP | POLLERR;
 608                spin_unlock_irqrestore(&desc->iuspin, flags);
 609                goto desc_out;
 610        }
 611        if (test_bit(WDM_READ, &desc->flags))
 612                mask = POLLIN | POLLRDNORM;
 613        if (desc->rerr || desc->werr)
 614                mask |= POLLERR;
 615        if (!test_bit(WDM_IN_USE, &desc->flags))
 616                mask |= POLLOUT | POLLWRNORM;
 617        spin_unlock_irqrestore(&desc->iuspin, flags);
 618
 619        poll_wait(file, &desc->wait, wait);
 620
 621desc_out:
 622        return mask;
 623}
 624
 625static int wdm_open(struct inode *inode, struct file *file)
 626{
 627        int minor = iminor(inode);
 628        int rv = -ENODEV;
 629        struct usb_interface *intf;
 630        struct wdm_device *desc;
 631
 632        mutex_lock(&wdm_mutex);
 633        desc = wdm_find_device_by_minor(minor);
 634        if (!desc)
 635                goto out;
 636
 637        intf = desc->intf;
 638        if (test_bit(WDM_DISCONNECTING, &desc->flags))
 639                goto out;
 640        file->private_data = desc;
 641
 642        rv = usb_autopm_get_interface(desc->intf);
 643        if (rv < 0) {
 644                dev_err(&desc->intf->dev, "Error autopm - %d\n", rv);
 645                goto out;
 646        }
 647
 648        /* using write lock to protect desc->count */
 649        mutex_lock(&desc->wlock);
 650        if (!desc->count++) {
 651                desc->werr = 0;
 652                desc->rerr = 0;
 653                rv = usb_submit_urb(desc->validity, GFP_KERNEL);
 654                if (rv < 0) {
 655                        desc->count--;
 656                        dev_err(&desc->intf->dev,
 657                                "Error submitting int urb - %d\n", rv);
 658                        rv = usb_translate_errors(rv);
 659                }
 660        } else {
 661                rv = 0;
 662        }
 663        mutex_unlock(&desc->wlock);
 664        if (desc->count == 1)
 665                desc->manage_power(intf, 1);
 666        usb_autopm_put_interface(desc->intf);
 667out:
 668        mutex_unlock(&wdm_mutex);
 669        return rv;
 670}
 671
 672static int wdm_release(struct inode *inode, struct file *file)
 673{
 674        struct wdm_device *desc = file->private_data;
 675
 676        mutex_lock(&wdm_mutex);
 677
 678        /* using write lock to protect desc->count */
 679        mutex_lock(&desc->wlock);
 680        desc->count--;
 681        mutex_unlock(&desc->wlock);
 682
 683        if (!desc->count) {
 684                if (!test_bit(WDM_DISCONNECTING, &desc->flags)) {
 685                        dev_dbg(&desc->intf->dev, "wdm_release: cleanup\n");
 686                        kill_urbs(desc);
 687                        spin_lock_irq(&desc->iuspin);
 688                        desc->resp_count = 0;
 689                        spin_unlock_irq(&desc->iuspin);
 690                        desc->manage_power(desc->intf, 0);
 691                } else {
 692                        /* must avoid dev_printk here as desc->intf is invalid */
 693                        pr_debug(KBUILD_MODNAME " %s: device gone - cleaning up\n", __func__);
 694                        cleanup(desc);
 695                }
 696        }
 697        mutex_unlock(&wdm_mutex);
 698        return 0;
 699}
 700
 701static long wdm_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
 702{
 703        struct wdm_device *desc = file->private_data;
 704        int rv = 0;
 705
 706        switch (cmd) {
 707        case IOCTL_WDM_MAX_COMMAND:
 708                if (copy_to_user((void __user *)arg, &desc->wMaxCommand, sizeof(desc->wMaxCommand)))
 709                        rv = -EFAULT;
 710                break;
 711        default:
 712                rv = -ENOTTY;
 713        }
 714        return rv;
 715}
 716
 717static const struct file_operations wdm_fops = {
 718        .owner =        THIS_MODULE,
 719        .read =         wdm_read,
 720        .write =        wdm_write,
 721        .open =         wdm_open,
 722        .flush =        wdm_flush,
 723        .release =      wdm_release,
 724        .poll =         wdm_poll,
 725        .unlocked_ioctl = wdm_ioctl,
 726        .compat_ioctl = wdm_ioctl,
 727        .llseek =       noop_llseek,
 728};
 729
 730static struct usb_class_driver wdm_class = {
 731        .name =         "cdc-wdm%d",
 732        .fops =         &wdm_fops,
 733        .minor_base =   WDM_MINOR_BASE,
 734};
 735
 736/* --- error handling --- */
 737static void wdm_rxwork(struct work_struct *work)
 738{
 739        struct wdm_device *desc = container_of(work, struct wdm_device, rxwork);
 740        unsigned long flags;
 741        int rv = 0;
 742        int responding;
 743
 744        spin_lock_irqsave(&desc->iuspin, flags);
 745        if (test_bit(WDM_DISCONNECTING, &desc->flags)) {
 746                spin_unlock_irqrestore(&desc->iuspin, flags);
 747        } else {
 748                responding = test_and_set_bit(WDM_RESPONDING, &desc->flags);
 749                spin_unlock_irqrestore(&desc->iuspin, flags);
 750                if (!responding)
 751                        rv = usb_submit_urb(desc->response, GFP_KERNEL);
 752                if (rv < 0 && rv != -EPERM) {
 753                        spin_lock_irqsave(&desc->iuspin, flags);
 754                        clear_bit(WDM_RESPONDING, &desc->flags);
 755                        if (!test_bit(WDM_DISCONNECTING, &desc->flags))
 756                                schedule_work(&desc->rxwork);
 757                        spin_unlock_irqrestore(&desc->iuspin, flags);
 758                }
 759        }
 760}
 761
 762/* --- hotplug --- */
 763
 764static int wdm_create(struct usb_interface *intf, struct usb_endpoint_descriptor *ep,
 765                u16 bufsize, int (*manage_power)(struct usb_interface *, int))
 766{
 767        int rv = -ENOMEM;
 768        struct wdm_device *desc;
 769
 770        desc = kzalloc(sizeof(struct wdm_device), GFP_KERNEL);
 771        if (!desc)
 772                goto out;
 773        INIT_LIST_HEAD(&desc->device_list);
 774        mutex_init(&desc->rlock);
 775        mutex_init(&desc->wlock);
 776        spin_lock_init(&desc->iuspin);
 777        init_waitqueue_head(&desc->wait);
 778        desc->wMaxCommand = bufsize;
 779        /* this will be expanded and needed in hardware endianness */
 780        desc->inum = cpu_to_le16((u16)intf->cur_altsetting->desc.bInterfaceNumber);
 781        desc->intf = intf;
 782        INIT_WORK(&desc->rxwork, wdm_rxwork);
 783
 784        rv = -EINVAL;
 785        if (!usb_endpoint_is_int_in(ep))
 786                goto err;
 787
 788        desc->wMaxPacketSize = usb_endpoint_maxp(ep);
 789
 790        desc->orq = kmalloc(sizeof(struct usb_ctrlrequest), GFP_KERNEL);
 791        if (!desc->orq)
 792                goto err;
 793        desc->irq = kmalloc(sizeof(struct usb_ctrlrequest), GFP_KERNEL);
 794        if (!desc->irq)
 795                goto err;
 796
 797        desc->validity = usb_alloc_urb(0, GFP_KERNEL);
 798        if (!desc->validity)
 799                goto err;
 800
 801        desc->response = usb_alloc_urb(0, GFP_KERNEL);
 802        if (!desc->response)
 803                goto err;
 804
 805        desc->command = usb_alloc_urb(0, GFP_KERNEL);
 806        if (!desc->command)
 807                goto err;
 808
 809        desc->ubuf = kmalloc(desc->wMaxCommand, GFP_KERNEL);
 810        if (!desc->ubuf)
 811                goto err;
 812
 813        desc->sbuf = kmalloc(desc->wMaxPacketSize, GFP_KERNEL);
 814        if (!desc->sbuf)
 815                goto err;
 816
 817        desc->inbuf = kmalloc(desc->wMaxCommand, GFP_KERNEL);
 818        if (!desc->inbuf)
 819                goto err;
 820
 821        usb_fill_int_urb(
 822                desc->validity,
 823                interface_to_usbdev(intf),
 824                usb_rcvintpipe(interface_to_usbdev(intf), ep->bEndpointAddress),
 825                desc->sbuf,
 826                desc->wMaxPacketSize,
 827                wdm_int_callback,
 828                desc,
 829                ep->bInterval
 830        );
 831
 832        desc->irq->bRequestType = (USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_INTERFACE);
 833        desc->irq->bRequest = USB_CDC_GET_ENCAPSULATED_RESPONSE;
 834        desc->irq->wValue = 0;
 835        desc->irq->wIndex = desc->inum; /* already converted */
 836        desc->irq->wLength = cpu_to_le16(desc->wMaxCommand);
 837
 838        usb_fill_control_urb(
 839                desc->response,
 840                interface_to_usbdev(intf),
 841                /* using common endpoint 0 */
 842                usb_rcvctrlpipe(interface_to_usbdev(desc->intf), 0),
 843                (unsigned char *)desc->irq,
 844                desc->inbuf,
 845                desc->wMaxCommand,
 846                wdm_in_callback,
 847                desc
 848        );
 849
 850        desc->manage_power = manage_power;
 851
 852        spin_lock(&wdm_device_list_lock);
 853        list_add(&desc->device_list, &wdm_device_list);
 854        spin_unlock(&wdm_device_list_lock);
 855
 856        rv = usb_register_dev(intf, &wdm_class);
 857        if (rv < 0)
 858                goto err;
 859        else
 860                dev_info(&intf->dev, "%s: USB WDM device\n", dev_name(intf->usb_dev));
 861out:
 862        return rv;
 863err:
 864        spin_lock(&wdm_device_list_lock);
 865        list_del(&desc->device_list);
 866        spin_unlock(&wdm_device_list_lock);
 867        cleanup(desc);
 868        return rv;
 869}
 870
 871static int wdm_manage_power(struct usb_interface *intf, int on)
 872{
 873        /* need autopm_get/put here to ensure the usbcore sees the new value */
 874        int rv = usb_autopm_get_interface(intf);
 875
 876        intf->needs_remote_wakeup = on;
 877        if (!rv)
 878                usb_autopm_put_interface(intf);
 879        return 0;
 880}
 881
 882static int wdm_probe(struct usb_interface *intf, const struct usb_device_id *id)
 883{
 884        int rv = -EINVAL;
 885        struct usb_host_interface *iface;
 886        struct usb_endpoint_descriptor *ep;
 887        struct usb_cdc_parsed_header hdr;
 888        u8 *buffer = intf->altsetting->extra;
 889        int buflen = intf->altsetting->extralen;
 890        u16 maxcom = WDM_DEFAULT_BUFSIZE;
 891
 892        if (!buffer)
 893                goto err;
 894
 895        cdc_parse_cdc_header(&hdr, intf, buffer, buflen);
 896
 897        if (hdr.usb_cdc_dmm_desc)
 898                maxcom = le16_to_cpu(hdr.usb_cdc_dmm_desc->wMaxCommand);
 899
 900        iface = intf->cur_altsetting;
 901        if (iface->desc.bNumEndpoints != 1)
 902                goto err;
 903        ep = &iface->endpoint[0].desc;
 904
 905        rv = wdm_create(intf, ep, maxcom, &wdm_manage_power);
 906
 907err:
 908        return rv;
 909}
 910
 911/**
 912 * usb_cdc_wdm_register - register a WDM subdriver
 913 * @intf: usb interface the subdriver will associate with
 914 * @ep: interrupt endpoint to monitor for notifications
 915 * @bufsize: maximum message size to support for read/write
 916 *
 917 * Create WDM usb class character device and associate it with intf
 918 * without binding, allowing another driver to manage the interface.
 919 *
 920 * The subdriver will manage the given interrupt endpoint exclusively
 921 * and will issue control requests referring to the given intf. It
 922 * will otherwise avoid interferring, and in particular not do
 923 * usb_set_intfdata/usb_get_intfdata on intf.
 924 *
 925 * The return value is a pointer to the subdriver's struct usb_driver.
 926 * The registering driver is responsible for calling this subdriver's
 927 * disconnect, suspend, resume, pre_reset and post_reset methods from
 928 * its own.
 929 */
 930struct usb_driver *usb_cdc_wdm_register(struct usb_interface *intf,
 931                                        struct usb_endpoint_descriptor *ep,
 932                                        int bufsize,
 933                                        int (*manage_power)(struct usb_interface *, int))
 934{
 935        int rv = -EINVAL;
 936
 937        rv = wdm_create(intf, ep, bufsize, manage_power);
 938        if (rv < 0)
 939                goto err;
 940
 941        return &wdm_driver;
 942err:
 943        return ERR_PTR(rv);
 944}
 945EXPORT_SYMBOL(usb_cdc_wdm_register);
 946
 947static void wdm_disconnect(struct usb_interface *intf)
 948{
 949        struct wdm_device *desc;
 950        unsigned long flags;
 951
 952        usb_deregister_dev(intf, &wdm_class);
 953        desc = wdm_find_device(intf);
 954        mutex_lock(&wdm_mutex);
 955
 956        /* the spinlock makes sure no new urbs are generated in the callbacks */
 957        spin_lock_irqsave(&desc->iuspin, flags);
 958        set_bit(WDM_DISCONNECTING, &desc->flags);
 959        set_bit(WDM_READ, &desc->flags);
 960        /* to terminate pending flushes */
 961        clear_bit(WDM_IN_USE, &desc->flags);
 962        spin_unlock_irqrestore(&desc->iuspin, flags);
 963        wake_up_all(&desc->wait);
 964        mutex_lock(&desc->rlock);
 965        mutex_lock(&desc->wlock);
 966        kill_urbs(desc);
 967        cancel_work_sync(&desc->rxwork);
 968        mutex_unlock(&desc->wlock);
 969        mutex_unlock(&desc->rlock);
 970
 971        /* the desc->intf pointer used as list key is now invalid */
 972        spin_lock(&wdm_device_list_lock);
 973        list_del(&desc->device_list);
 974        spin_unlock(&wdm_device_list_lock);
 975
 976        if (!desc->count)
 977                cleanup(desc);
 978        else
 979                dev_dbg(&intf->dev, "%d open files - postponing cleanup\n", desc->count);
 980        mutex_unlock(&wdm_mutex);
 981}
 982
 983#ifdef CONFIG_PM
 984static int wdm_suspend(struct usb_interface *intf, pm_message_t message)
 985{
 986        struct wdm_device *desc = wdm_find_device(intf);
 987        int rv = 0;
 988
 989        dev_dbg(&desc->intf->dev, "wdm%d_suspend\n", intf->minor);
 990
 991        /* if this is an autosuspend the caller does the locking */
 992        if (!PMSG_IS_AUTO(message)) {
 993                mutex_lock(&desc->rlock);
 994                mutex_lock(&desc->wlock);
 995        }
 996        spin_lock_irq(&desc->iuspin);
 997
 998        if (PMSG_IS_AUTO(message) &&
 999                        (test_bit(WDM_IN_USE, &desc->flags)
1000                        || test_bit(WDM_RESPONDING, &desc->flags))) {

1001                spin_unlock_irq(&desc->iuspin);
1002                rv = -EBUSY;
1003        } else {
1004
1005                set_bit(WDM_SUSPENDING, &desc->flags);
1006                spin_unlock_irq(&desc->iuspin);
1007                /* callback submits work - order is essential */
1008                kill_urbs(desc);
1009                cancel_work_sync(&desc->rxwork);
1010        }
1011        if (!PMSG_IS_AUTO(message)) {
1012                mutex_unlock(&desc->wlock);
1013                mutex_unlock(&desc->rlock);
1014        }
1015
1016        return rv;
1017}
1018#endif
1019
1020static int recover_from_urb_loss(struct wdm_device *desc)
1021{
1022        int rv = 0;
1023
1024        if (desc->count) {
1025                rv = usb_submit_urb(desc->validity, GFP_NOIO);
1026                if (rv < 0)
1027                        dev_err(&desc->intf->dev,
1028                                "Error resume submitting int urb - %d\n", rv);
1029        }
1030        return rv;
1031}
1032
1033#ifdef CONFIG_PM
1034static int wdm_resume(struct usb_interface *intf)
1035{
1036        struct wdm_device *desc = wdm_find_device(intf);
1037        int rv;
1038
1039        dev_dbg(&desc->intf->dev, "wdm%d_resume\n", intf->minor);
1040
1041        clear_bit(WDM_SUSPENDING, &desc->flags);
1042        rv = recover_from_urb_loss(desc);
1043
1044        return rv;
1045}
1046#endif
1047
1048static int wdm_pre_reset(struct usb_interface *intf)
1049{
1050        struct wdm_device *desc = wdm_find_device(intf);
1051
1052        /*
1053         * we notify everybody using poll of
1054         * an exceptional situation
1055         * must be done before recovery lest a spontaneous
1056         * message from the device is lost
1057         */
1058        spin_lock_irq(&desc->iuspin);
1059        set_bit(WDM_RESETTING, &desc->flags);   /* inform read/write */
1060        set_bit(WDM_READ, &desc->flags);        /* unblock read */
1061        clear_bit(WDM_IN_USE, &desc->flags);    /* unblock write */
1062        desc->rerr = -EINTR;
1063        spin_unlock_irq(&desc->iuspin);
1064        wake_up_all(&desc->wait);
1065        mutex_lock(&desc->rlock);
1066        mutex_lock(&desc->wlock);
1067        kill_urbs(desc);
1068        cancel_work_sync(&desc->rxwork);
1069        return 0;
1070}
1071
1072static int wdm_post_reset(struct usb_interface *intf)
1073{
1074        struct wdm_device *desc = wdm_find_device(intf);
1075        int rv;
1076
1077        clear_bit(WDM_OVERFLOW, &desc->flags);
1078        clear_bit(WDM_RESETTING, &desc->flags);
1079        rv = recover_from_urb_loss(desc);
1080        mutex_unlock(&desc->wlock);
1081        mutex_unlock(&desc->rlock);
1082        return 0;
1083}
1084
1085static struct usb_driver wdm_driver = {
1086        .name =         "cdc_wdm",
1087        .probe =        wdm_probe,
1088        .disconnect =   wdm_disconnect,
1089#ifdef CONFIG_PM
1090        .suspend =      wdm_suspend,
1091        .resume =       wdm_resume,
1092        .reset_resume = wdm_resume,
1093#endif
1094        .pre_reset =    wdm_pre_reset,
1095        .post_reset =   wdm_post_reset,
1096        .id_table =     wdm_ids,
1097        .supports_autosuspend = 1,
1098        .disable_hub_initiated_lpm = 1,
1099};
1100
1101module_usb_driver(wdm_driver);
1102
1103MODULE_AUTHOR(DRIVER_AUTHOR);
1104MODULE_DESCRIPTION(DRIVER_DESC);
1105MODULE_LICENSE("GPL");
1106