LXR linux/drivers/usb/class/cdc-wdm.c

   1/*
   2 * cdc-wdm.c
   3 *
   4 * This driver supports USB CDC WCM Device Management.
   5 *
   6 * Copyright (c) 2007-2009 Oliver Neukum
   7 *
   8 * Some code taken from cdc-acm.c
   9 *
  10 * Released under the GPLv2.
  11 *
  12 * Many thanks to Carl Nordbeck
  13 */
  14#include <linux/kernel.h>
  15#include <linux/errno.h>
  16#include <linux/ioctl.h>
  17#include <linux/slab.h>
  18#include <linux/module.h>
  19#include <linux/mutex.h>
  20#include <linux/uaccess.h>
  21#include <linux/bitops.h>
  22#include <linux/poll.h>
  23#include <linux/usb.h>
  24#include <linux/usb/cdc.h>
  25#include <asm/byteorder.h>
  26#include <asm/unaligned.h>
  27#include <linux/usb/cdc-wdm.h>
  28
  29#define DRIVER_AUTHOR "Oliver Neukum"
  30#define DRIVER_DESC "USB Abstract Control Model driver for USB WCM Device Management"
  31
  32static const struct usb_device_id wdm_ids[] = {
  33        {
  34                .match_flags = USB_DEVICE_ID_MATCH_INT_CLASS |
  35                                 USB_DEVICE_ID_MATCH_INT_SUBCLASS,
  36                .bInterfaceClass = USB_CLASS_COMM,
  37                .bInterfaceSubClass = USB_CDC_SUBCLASS_DMM
  38        },
  39        { }
  40};
  41
  42MODULE_DEVICE_TABLE (usb, wdm_ids);
  43
  44#define WDM_MINOR_BASE  176
  45
  46
  47#define WDM_IN_USE              1
  48#define WDM_DISCONNECTING       2
  49#define WDM_RESULT              3
  50#define WDM_READ                4
  51#define WDM_INT_STALL           5
  52#define WDM_POLL_RUNNING        6
  53#define WDM_RESPONDING          7
  54#define WDM_SUSPENDING          8
  55#define WDM_RESETTING           9
  56#define WDM_OVERFLOW            10
  57
  58#define WDM_MAX                 16
  59
  60/* CDC-WMC r1.1 requires wMaxCommand to be "at least 256 decimal (0x100)" */
  61#define WDM_DEFAULT_BUFSIZE     256
  62
  63static DEFINE_MUTEX(wdm_mutex);
  64static DEFINE_SPINLOCK(wdm_device_list_lock);
  65static LIST_HEAD(wdm_device_list);
  66
  67/* --- method tables --- */
  68
  69struct wdm_device {
  70        u8                      *inbuf; /* buffer for response */
  71        u8                      *outbuf; /* buffer for command */
  72        u8                      *sbuf; /* buffer for status */
  73        u8                      *ubuf; /* buffer for copy to user space */
  74
  75        struct urb              *command;
  76        struct urb              *response;
  77        struct urb              *validity;
  78        struct usb_interface    *intf;
  79        struct usb_ctrlrequest  *orq;
  80        struct usb_ctrlrequest  *irq;
  81        spinlock_t              iuspin;
  82
  83        unsigned long           flags;
  84        u16                     bufsize;
  85        u16                     wMaxCommand;
  86        u16                     wMaxPacketSize;
  87        __le16                  inum;
  88        int                     reslength;
  89        int                     length;
  90        int                     read;
  91        int                     count;
  92        dma_addr_t              shandle;
  93        dma_addr_t              ihandle;
  94        struct mutex            wlock;
  95        struct mutex            rlock;
  96        wait_queue_head_t       wait;
  97        struct work_struct      rxwork;
  98        int                     werr;
  99        int                     rerr;
 100        int                     resp_count;
 101
 102        struct list_head        device_list;
 103        int                     (*manage_power)(struct usb_interface *, int);
 104};
 105
 106static struct usb_driver wdm_driver;
 107
 108/* return intfdata if we own the interface, else look up intf in the list */
 109static struct wdm_device *wdm_find_device(struct usb_interface *intf)
 110{
 111        struct wdm_device *desc;
 112
 113        spin_lock(&wdm_device_list_lock);
 114        list_for_each_entry(desc, &wdm_device_list, device_list)
 115                if (desc->intf == intf)
 116                        goto found;
 117        desc = NULL;
 118found:
 119        spin_unlock(&wdm_device_list_lock);
 120
 121        return desc;
 122}
 123
 124static struct wdm_device *wdm_find_device_by_minor(int minor)
 125{
 126        struct wdm_device *desc;
 127
 128        spin_lock(&wdm_device_list_lock);
 129        list_for_each_entry(desc, &wdm_device_list, device_list)
 130                if (desc->intf->minor == minor)
 131                        goto found;
 132        desc = NULL;
 133found:
 134        spin_unlock(&wdm_device_list_lock);
 135
 136        return desc;
 137}
 138
 139/* --- callbacks --- */
 140static void wdm_out_callback(struct urb *urb)
 141{
 142        struct wdm_device *desc;
 143        desc = urb->context;
 144        spin_lock(&desc->iuspin);
 145        desc->werr = urb->status;
 146        spin_unlock(&desc->iuspin);
 147        kfree(desc->outbuf);
 148        desc->outbuf = NULL;
 149        clear_bit(WDM_IN_USE, &desc->flags);
 150        wake_up(&desc->wait);
 151}
 152
 153/* forward declaration */
 154static int service_outstanding_interrupt(struct wdm_device *desc);
 155
 156static void wdm_in_callback(struct urb *urb)
 157{
 158        struct wdm_device *desc = urb->context;
 159        int status = urb->status;
 160        int length = urb->actual_length;
 161
 162        spin_lock(&desc->iuspin);
 163        clear_bit(WDM_RESPONDING, &desc->flags);
 164
 165        if (status) {
 166                switch (status) {
 167                case -ENOENT:
 168                        dev_dbg(&desc->intf->dev,
 169                                "nonzero urb status received: -ENOENT\n");
 170                        goto skip_error;
 171                case -ECONNRESET:
 172                        dev_dbg(&desc->intf->dev,
 173                                "nonzero urb status received: -ECONNRESET\n");
 174                        goto skip_error;
 175                case -ESHUTDOWN:
 176                        dev_dbg(&desc->intf->dev,
 177                                "nonzero urb status received: -ESHUTDOWN\n");
 178                        goto skip_error;
 179                case -EPIPE:
 180                        dev_err(&desc->intf->dev,
 181                                "nonzero urb status received: -EPIPE\n");
 182                        break;
 183                default:
 184                        dev_err(&desc->intf->dev,
 185                                "Unexpected error %d\n", status);
 186                        break;
 187                }
 188        }
 189
 190        /*
 191         * only set a new error if there is no previous error.
 192         * Errors are only cleared during read/open
 193         * Avoid propagating -EPIPE (stall) to userspace since it is
 194         * better handled as an empty read
 195         */
 196        if (desc->rerr == 0 && status != -EPIPE)
 197                desc->rerr = status;
 198
 199        if (length + desc->length > desc->wMaxCommand) {
 200                /* The buffer would overflow */
 201                set_bit(WDM_OVERFLOW, &desc->flags);
 202        } else {
 203                /* we may already be in overflow */
 204                if (!test_bit(WDM_OVERFLOW, &desc->flags)) {
 205                        memmove(desc->ubuf + desc->length, desc->inbuf, length);
 206                        desc->length += length;
 207                        desc->reslength = length;
 208                }
 209        }
 210skip_error:
 211        set_bit(WDM_READ, &desc->flags);
 212        wake_up(&desc->wait);
 213
 214        if (desc->rerr) {
 215                /*
 216                 * Since there was an error, userspace may decide to not read
 217                 * any data after poll'ing.
 218                 * We should respond to further attempts from the device to send
 219                 * data, so that we can get unstuck.
 220                 */
 221                service_outstanding_interrupt(desc);
 222        }
 223
 224        spin_unlock(&desc->iuspin);
 225}
 226
 227static void wdm_int_callback(struct urb *urb)
 228{
 229        int rv = 0;
 230        int responding;
 231        int status = urb->status;
 232        struct wdm_device *desc;
 233        struct usb_cdc_notification *dr;
 234
 235        desc = urb->context;
 236        dr = (struct usb_cdc_notification *)desc->sbuf;
 237
 238        if (status) {
 239                switch (status) {
 240                case -ESHUTDOWN:
 241                case -ENOENT:
 242                case -ECONNRESET:
 243                        return; /* unplug */
 244                case -EPIPE:
 245                        set_bit(WDM_INT_STALL, &desc->flags);
 246                        dev_err(&desc->intf->dev, "Stall on int endpoint\n");
 247                        goto sw; /* halt is cleared in work */
 248                default:
 249                        dev_err(&desc->intf->dev,
 250                                "nonzero urb status received: %d\n", status);
 251                        break;
 252                }
 253        }
 254
 255        if (urb->actual_length < sizeof(struct usb_cdc_notification)) {
 256                dev_err(&desc->intf->dev, "wdm_int_callback - %d bytes\n",
 257                        urb->actual_length);
 258                goto exit;
 259        }
 260
 261        switch (dr->bNotificationType) {
 262        case USB_CDC_NOTIFY_RESPONSE_AVAILABLE:
 263                dev_dbg(&desc->intf->dev,
 264                        "NOTIFY_RESPONSE_AVAILABLE received: index %d len %d\n",
 265                        le16_to_cpu(dr->wIndex), le16_to_cpu(dr->wLength));
 266                break;
 267
 268        case USB_CDC_NOTIFY_NETWORK_CONNECTION:
 269
 270                dev_dbg(&desc->intf->dev,
 271                        "NOTIFY_NETWORK_CONNECTION %s network\n",
 272                        dr->wValue ? "connected to" : "disconnected from");
 273                goto exit;
 274        case USB_CDC_NOTIFY_SPEED_CHANGE:
 275                dev_dbg(&desc->intf->dev, "SPEED_CHANGE received (len %u)\n",
 276                        urb->actual_length);
 277                goto exit;
 278        default:
 279                clear_bit(WDM_POLL_RUNNING, &desc->flags);
 280                dev_err(&desc->intf->dev,
 281                        "unknown notification %d received: index %d len %d\n",
 282                        dr->bNotificationType,
 283                        le16_to_cpu(dr->wIndex),
 284                        le16_to_cpu(dr->wLength));
 285                goto exit;
 286        }
 287
 288        spin_lock(&desc->iuspin);
 289        responding = test_and_set_bit(WDM_RESPONDING, &desc->flags);
 290        if (!desc->resp_count++ && !responding
 291                && !test_bit(WDM_DISCONNECTING, &desc->flags)
 292                && !test_bit(WDM_SUSPENDING, &desc->flags)) {
 293                rv = usb_submit_urb(desc->response, GFP_ATOMIC);
 294                dev_dbg(&desc->intf->dev, "submit response URB %d\n", rv);
 295        }
 296        spin_unlock(&desc->iuspin);
 297        if (rv < 0) {
 298                clear_bit(WDM_RESPONDING, &desc->flags);
 299                if (rv == -EPERM)
 300                        return;
 301                if (rv == -ENOMEM) {
 302sw:
 303                        rv = schedule_work(&desc->rxwork);
 304                        if (rv)
 305                                dev_err(&desc->intf->dev,
 306                                        "Cannot schedule work\n");
 307                }
 308        }
 309exit:
 310        rv = usb_submit_urb(urb, GFP_ATOMIC);
 311        if (rv)
 312                dev_err(&desc->intf->dev,
 313                        "%s - usb_submit_urb failed with result %d\n",
 314                        __func__, rv);
 315
 316}
 317
 318static void kill_urbs(struct wdm_device *desc)
 319{
 320        /* the order here is essential */
 321        usb_kill_urb(desc->command);
 322        usb_kill_urb(desc->validity);
 323        usb_kill_urb(desc->response);
 324}
 325
 326static void free_urbs(struct wdm_device *desc)
 327{
 328        usb_free_urb(desc->validity);
 329        usb_free_urb(desc->response);
 330        usb_free_urb(desc->command);
 331}
 332
 333static void cleanup(struct wdm_device *desc)
 334{
 335        kfree(desc->sbuf);
 336        kfree(desc->inbuf);
 337        kfree(desc->orq);
 338        kfree(desc->irq);
 339        kfree(desc->ubuf);
 340        free_urbs(desc);
 341        kfree(desc);
 342}
 343
 344static ssize_t wdm_write
 345(struct file *file, const char __user *buffer, size_t count, loff_t *ppos)
 346{
 347        u8 *buf;
 348        int rv = -EMSGSIZE, r, we;
 349        struct wdm_device *desc = file->private_data;
 350        struct usb_ctrlrequest *req;
 351
 352        if (count > desc->wMaxCommand)
 353                count = desc->wMaxCommand;
 354
 355        spin_lock_irq(&desc->iuspin);
 356        we = desc->werr;
 357        desc->werr = 0;
 358        spin_unlock_irq(&desc->iuspin);
 359        if (we < 0)
 360                return usb_translate_errors(we);
 361
 362        buf = memdup_user(buffer, count);
 363        if (IS_ERR(buf))
 364                return PTR_ERR(buf);
 365
 366        /* concurrent writes and disconnect */
 367        r = mutex_lock_interruptible(&desc->wlock);
 368        rv = -ERESTARTSYS;
 369        if (r)
 370                goto out_free_mem;
 371
 372        if (test_bit(WDM_DISCONNECTING, &desc->flags)) {
 373                rv = -ENODEV;
 374                goto out_free_mem_lock;
 375        }
 376
 377        r = usb_autopm_get_interface(desc->intf);
 378        if (r < 0) {
 379                rv = usb_translate_errors(r);
 380                goto out_free_mem_lock;
 381        }
 382
 383        if (!(file->f_flags & O_NONBLOCK))
 384                r = wait_event_interruptible(desc->wait, !test_bit(WDM_IN_USE,
 385                                                                &desc->flags));
 386        else
 387                if (test_bit(WDM_IN_USE, &desc->flags))
 388                        r = -EAGAIN;
 389
 390        if (test_bit(WDM_RESETTING, &desc->flags))
 391                r = -EIO;
 392
 393        if (r < 0) {
 394                rv = r;
 395                goto out_free_mem_pm;
 396        }
 397
 398        req = desc->orq;
 399        usb_fill_control_urb(
 400                desc->command,
 401                interface_to_usbdev(desc->intf),
 402                /* using common endpoint 0 */
 403                usb_sndctrlpipe(interface_to_usbdev(desc->intf), 0),
 404                (unsigned char *)req,
 405                buf,
 406                count,
 407                wdm_out_callback,
 408                desc
 409        );
 410
 411        req->bRequestType = (USB_DIR_OUT | USB_TYPE_CLASS |
 412                             USB_RECIP_INTERFACE);
 413        req->bRequest = USB_CDC_SEND_ENCAPSULATED_COMMAND;
 414        req->wValue = 0;
 415        req->wIndex = desc->inum; /* already converted */
 416        req->wLength = cpu_to_le16(count);
 417        set_bit(WDM_IN_USE, &desc->flags);
 418        desc->outbuf = buf;
 419
 420        rv = usb_submit_urb(desc->command, GFP_KERNEL);
 421        if (rv < 0) {
 422                desc->outbuf = NULL;
 423                clear_bit(WDM_IN_USE, &desc->flags);
 424                dev_err(&desc->intf->dev, "Tx URB error: %d\n", rv);
 425                rv = usb_translate_errors(rv);
 426                goto out_free_mem_pm;
 427        } else {
 428                dev_dbg(&desc->intf->dev, "Tx URB has been submitted index=%d\n",
 429                        le16_to_cpu(req->wIndex));
 430        }
 431
 432        usb_autopm_put_interface(desc->intf);
 433        mutex_unlock(&desc->wlock);
 434        return count;
 435
 436out_free_mem_pm:
 437        usb_autopm_put_interface(desc->intf);
 438out_free_mem_lock:
 439        mutex_unlock(&desc->wlock);
 440out_free_mem:
 441        kfree(buf);
 442        return rv;
 443}
 444
 445/*
 446 * Submit the read urb if resp_count is non-zero.
 447 *
 448 * Called with desc->iuspin locked
 449 */
 450static int service_outstanding_interrupt(struct wdm_device *desc)
 451{
 452        int rv = 0;
 453
 454        /* submit read urb only if the device is waiting for it */
 455        if (!desc->resp_count || !--desc->resp_count)
 456                goto out;
 457
 458        set_bit(WDM_RESPONDING, &desc->flags);
 459        spin_unlock_irq(&desc->iuspin);
 460        rv = usb_submit_urb(desc->response, GFP_KERNEL);
 461        spin_lock_irq(&desc->iuspin);
 462        if (rv) {
 463                dev_err(&desc->intf->dev,
 464                        "usb_submit_urb failed with result %d\n", rv);
 465
 466                /* make sure the next notification trigger a submit */
 467                clear_bit(WDM_RESPONDING, &desc->flags);
 468                desc->resp_count = 0;
 469        }
 470out:
 471        return rv;
 472}
 473
 474static ssize_t wdm_read
 475(struct file *file, char __user *buffer, size_t count, loff_t *ppos)
 476{
 477        int rv, cntr;
 478        int i = 0;
 479        struct wdm_device *desc = file->private_data;
 480
 481
 482        rv = mutex_lock_interruptible(&desc->rlock); /*concurrent reads */
 483        if (rv < 0)
 484                return -ERESTARTSYS;
 485
 486        cntr = ACCESS_ONCE(desc->length);
 487        if (cntr == 0) {
 488                desc->read = 0;
 489retry:
 490                if (test_bit(WDM_DISCONNECTING, &desc->flags)) {
 491                        rv = -ENODEV;
 492                        goto err;
 493                }
 494                if (test_bit(WDM_OVERFLOW, &desc->flags)) {
 495                        clear_bit(WDM_OVERFLOW, &desc->flags);
 496                        rv = -ENOBUFS;
 497                        goto err;
 498                }
 499                i++;
 500                if (file->f_flags & O_NONBLOCK) {
 501                        if (!test_bit(WDM_READ, &desc->flags)) {
 502                                rv = -EAGAIN;
 503                                goto err;
 504                        }
 505                        rv = 0;
 506                } else {
 507                        rv = wait_event_interruptible(desc->wait,
 508                                test_bit(WDM_READ, &desc->flags));
 509                }
 510
 511                /* may have happened while we slept */
 512                if (test_bit(WDM_DISCONNECTING, &desc->flags)) {
 513                        rv = -ENODEV;
 514                        goto err;
 515                }
 516                if (test_bit(WDM_RESETTING, &desc->flags)) {
 517                        rv = -EIO;
 518                        goto err;
 519                }
 520                usb_mark_last_busy(interface_to_usbdev(desc->intf));
 521                if (rv < 0) {
 522                        rv = -ERESTARTSYS;
 523                        goto err;
 524                }
 525
 526                spin_lock_irq(&desc->iuspin);
 527
 528                if (desc->rerr) { /* read completed, error happened */
 529                        rv = usb_translate_errors(desc->rerr);
 530                        desc->rerr = 0;
 531                        spin_unlock_irq(&desc->iuspin);
 532                        goto err;
 533                }
 534                /*
 535                 * recheck whether we've lost the race
 536                 * against the completion handler
 537                 */
 538                if (!test_bit(WDM_READ, &desc->flags)) { /* lost race */
 539                        spin_unlock_irq(&desc->iuspin);
 540                        goto retry;
 541                }
 542
 543                if (!desc->reslength) { /* zero length read */
 544                        dev_dbg(&desc->intf->dev, "zero length - clearing WDM_READ\n");
 545                        clear_bit(WDM_READ, &desc->flags);
 546                        rv = service_outstanding_interrupt(desc);
 547                        spin_unlock_irq(&desc->iuspin);
 548                        if (rv < 0)
 549                                goto err;
 550                        goto retry;
 551                }
 552                cntr = desc->length;
 553                spin_unlock_irq(&desc->iuspin);
 554        }
 555
 556        if (cntr > count)
 557                cntr = count;
 558        rv = copy_to_user(buffer, desc->ubuf, cntr);
 559        if (rv > 0) {
 560                rv = -EFAULT;
 561                goto err;
 562        }
 563
 564        spin_lock_irq(&desc->iuspin);
 565
 566        for (i = 0; i < desc->length - cntr; i++)
 567                desc->ubuf[i] = desc->ubuf[i + cntr];
 568
 569        desc->length -= cntr;
 570        /* in case we had outstanding data */
 571        if (!desc->length) {
 572                clear_bit(WDM_READ, &desc->flags);
 573                service_outstanding_interrupt(desc);
 574        }
 575        spin_unlock_irq(&desc->iuspin);
 576        rv = cntr;
 577
 578err:
 579        mutex_unlock(&desc->rlock);
 580        return rv;
 581}
 582
 583static int wdm_flush(struct file *file, fl_owner_t id)
 584{
 585        struct wdm_device *desc = file->private_data;
 586
 587        wait_event(desc->wait, !test_bit(WDM_IN_USE, &desc->flags));
 588
 589        /* cannot dereference desc->intf if WDM_DISCONNECTING */
 590        if (desc->werr < 0 && !test_bit(WDM_DISCONNECTING, &desc->flags))
 591                dev_err(&desc->intf->dev, "Error in flush path: %d\n",
 592                        desc->werr);
 593
 594        return usb_translate_errors(desc->werr);
 595}
 596
 597static unsigned int wdm_poll(struct file *file, struct poll_table_struct *wait)
 598{
 599        struct wdm_device *desc = file->private_data;
 600        unsigned long flags;
 601        unsigned int mask = 0;
 602
 603        spin_lock_irqsave(&desc->iuspin, flags);
 604        if (test_bit(WDM_DISCONNECTING, &desc->flags)) {
 605                mask = POLLHUP | POLLERR;
 606                spin_unlock_irqrestore(&desc->iuspin, flags);
 607                goto desc_out;
 608        }
 609        if (test_bit(WDM_READ, &desc->flags))
 610                mask = POLLIN | POLLRDNORM;
 611        if (desc->rerr || desc->werr)
 612                mask |= POLLERR;
 613        if (!test_bit(WDM_IN_USE, &desc->flags))
 614                mask |= POLLOUT | POLLWRNORM;
 615        spin_unlock_irqrestore(&desc->iuspin, flags);
 616
 617        poll_wait(file, &desc->wait, wait);
 618
 619desc_out:
 620        return mask;
 621}
 622
 623static int wdm_open(struct inode *inode, struct file *file)
 624{
 625        int minor = iminor(inode);
 626        int rv = -ENODEV;
 627        struct usb_interface *intf;
 628        struct wdm_device *desc;
 629
 630        mutex_lock(&wdm_mutex);
 631        desc = wdm_find_device_by_minor(minor);
 632        if (!desc)
 633                goto out;
 634
 635        intf = desc->intf;
 636        if (test_bit(WDM_DISCONNECTING, &desc->flags))
 637                goto out;
 638        file->private_data = desc;
 639
 640        rv = usb_autopm_get_interface(desc->intf);
 641        if (rv < 0) {
 642                dev_err(&desc->intf->dev, "Error autopm - %d\n", rv);
 643                goto out;
 644        }
 645
 646        /* using write lock to protect desc->count */
 647        mutex_lock(&desc->wlock);
 648        if (!desc->count++) {
 649                desc->werr = 0;
 650                desc->rerr = 0;
 651                rv = usb_submit_urb(desc->validity, GFP_KERNEL);
 652                if (rv < 0) {
 653                        desc->count--;
 654                        dev_err(&desc->intf->dev,
 655                                "Error submitting int urb - %d\n", rv);
 656                        rv = usb_translate_errors(rv);
 657                }
 658        } else {
 659                rv = 0;
 660        }
 661        mutex_unlock(&desc->wlock);
 662        if (desc->count == 1)
 663                desc->manage_power(intf, 1);
 664        usb_autopm_put_interface(desc->intf);
 665out:
 666        mutex_unlock(&wdm_mutex);
 667        return rv;
 668}
 669
 670static int wdm_release(struct inode *inode, struct file *file)
 671{
 672        struct wdm_device *desc = file->private_data;
 673
 674        mutex_lock(&wdm_mutex);
 675
 676        /* using write lock to protect desc->count */
 677        mutex_lock(&desc->wlock);
 678        desc->count--;
 679        mutex_unlock(&desc->wlock);
 680
 681        if (!desc->count) {
 682                if (!test_bit(WDM_DISCONNECTING, &desc->flags)) {
 683                        dev_dbg(&desc->intf->dev, "wdm_release: cleanup\n");
 684                        kill_urbs(desc);
 685                        spin_lock_irq(&desc->iuspin);
 686                        desc->resp_count = 0;
 687                        spin_unlock_irq(&desc->iuspin);
 688                        desc->manage_power(desc->intf, 0);
 689                } else {
 690                        /* must avoid dev_printk here as desc->intf is invalid */
 691                        pr_debug(KBUILD_MODNAME " %s: device gone - cleaning up\n", __func__);
 692                        cleanup(desc);
 693                }
 694        }
 695        mutex_unlock(&wdm_mutex);
 696        return 0;
 697}
 698
 699static long wdm_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
 700{
 701        struct wdm_device *desc = file->private_data;
 702        int rv = 0;
 703
 704        switch (cmd) {
 705        case IOCTL_WDM_MAX_COMMAND:
 706                if (copy_to_user((void __user *)arg, &desc->wMaxCommand, sizeof(desc->wMaxCommand)))
 707                        rv = -EFAULT;
 708                break;
 709        default:
 710                rv = -ENOTTY;
 711        }
 712        return rv;
 713}
 714
 715static const struct file_operations wdm_fops = {
 716        .owner =        THIS_MODULE,
 717        .read =         wdm_read,
 718        .write =        wdm_write,
 719        .open =         wdm_open,
 720        .flush =        wdm_flush,
 721        .release =      wdm_release,
 722        .poll =         wdm_poll,
 723        .unlocked_ioctl = wdm_ioctl,
 724        .compat_ioctl = wdm_ioctl,
 725        .llseek =       noop_llseek,
 726};
 727
 728static struct usb_class_driver wdm_class = {
 729        .name =         "cdc-wdm%d",
 730        .fops =         &wdm_fops,
 731        .minor_base =   WDM_MINOR_BASE,
 732};
 733
 734/* --- error handling --- */
 735static void wdm_rxwork(struct work_struct *work)
 736{
 737        struct wdm_device *desc = container_of(work, struct wdm_device, rxwork);
 738        unsigned long flags;
 739        int rv = 0;
 740        int responding;
 741
 742        spin_lock_irqsave(&desc->iuspin, flags);
 743        if (test_bit(WDM_DISCONNECTING, &desc->flags)) {
 744                spin_unlock_irqrestore(&desc->iuspin, flags);
 745        } else {
 746                responding = test_and_set_bit(WDM_RESPONDING, &desc->flags);
 747                spin_unlock_irqrestore(&desc->iuspin, flags);
 748                if (!responding)
 749                        rv = usb_submit_urb(desc->response, GFP_KERNEL);
 750                if (rv < 0 && rv != -EPERM) {
 751                        spin_lock_irqsave(&desc->iuspin, flags);
 752                        clear_bit(WDM_RESPONDING, &desc->flags);
 753                        if (!test_bit(WDM_DISCONNECTING, &desc->flags))
 754                                schedule_work(&desc->rxwork);
 755                        spin_unlock_irqrestore(&desc->iuspin, flags);
 756                }
 757        }
 758}
 759
 760/* --- hotplug --- */
 761
 762static int wdm_create(struct usb_interface *intf, struct usb_endpoint_descriptor *ep,
 763                u16 bufsize, int (*manage_power)(struct usb_interface *, int))
 764{
 765        int rv = -ENOMEM;
 766        struct wdm_device *desc;
 767
 768        desc = kzalloc(sizeof(struct wdm_device), GFP_KERNEL);
 769        if (!desc)
 770                goto out;
 771        INIT_LIST_HEAD(&desc->device_list);
 772        mutex_init(&desc->rlock);
 773        mutex_init(&desc->wlock);
 774        spin_lock_init(&desc->iuspin);
 775        init_waitqueue_head(&desc->wait);
 776        desc->wMaxCommand = bufsize;
 777        /* this will be expanded and needed in hardware endianness */
 778        desc->inum = cpu_to_le16((u16)intf->cur_altsetting->desc.bInterfaceNumber);
 779        desc->intf = intf;
 780        INIT_WORK(&desc->rxwork, wdm_rxwork);
 781
 782        rv = -EINVAL;
 783        if (!usb_endpoint_is_int_in(ep))
 784                goto err;
 785
 786        desc->wMaxPacketSize = usb_endpoint_maxp(ep);
 787
 788        desc->orq = kmalloc(sizeof(struct usb_ctrlrequest), GFP_KERNEL);
 789        if (!desc->orq)
 790                goto err;
 791        desc->irq = kmalloc(sizeof(struct usb_ctrlrequest), GFP_KERNEL);
 792        if (!desc->irq)
 793                goto err;
 794
 795        desc->validity = usb_alloc_urb(0, GFP_KERNEL);
 796        if (!desc->validity)
 797                goto err;
 798
 799        desc->response = usb_alloc_urb(0, GFP_KERNEL);
 800        if (!desc->response)
 801                goto err;
 802
 803        desc->command = usb_alloc_urb(0, GFP_KERNEL);
 804        if (!desc->command)
 805                goto err;
 806
 807        desc->ubuf = kmalloc(desc->wMaxCommand, GFP_KERNEL);
 808        if (!desc->ubuf)
 809                goto err;
 810
 811        desc->sbuf = kmalloc(desc->wMaxPacketSize, GFP_KERNEL);
 812        if (!desc->sbuf)
 813                goto err;
 814
 815        desc->inbuf = kmalloc(desc->wMaxCommand, GFP_KERNEL);
 816        if (!desc->inbuf)
 817                goto err;
 818
 819        usb_fill_int_urb(
 820                desc->validity,
 821                interface_to_usbdev(intf),
 822                usb_rcvintpipe(interface_to_usbdev(intf), ep->bEndpointAddress),
 823                desc->sbuf,
 824                desc->wMaxPacketSize,
 825                wdm_int_callback,
 826                desc,
 827                ep->bInterval
 828        );
 829
 830        desc->irq->bRequestType = (USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_INTERFACE);
 831        desc->irq->bRequest = USB_CDC_GET_ENCAPSULATED_RESPONSE;
 832        desc->irq->wValue = 0;
 833        desc->irq->wIndex = desc->inum; /* already converted */
 834        desc->irq->wLength = cpu_to_le16(desc->wMaxCommand);
 835
 836        usb_fill_control_urb(
 837                desc->response,
 838                interface_to_usbdev(intf),
 839                /* using common endpoint 0 */
 840                usb_rcvctrlpipe(interface_to_usbdev(desc->intf), 0),
 841                (unsigned char *)desc->irq,
 842                desc->inbuf,
 843                desc->wMaxCommand,
 844                wdm_in_callback,
 845                desc
 846        );
 847
 848        desc->manage_power = manage_power;
 849
 850        spin_lock(&wdm_device_list_lock);
 851        list_add(&desc->device_list, &wdm_device_list);
 852        spin_unlock(&wdm_device_list_lock);
 853
 854        rv = usb_register_dev(intf, &wdm_class);
 855        if (rv < 0)
 856                goto err;
 857        else
 858                dev_info(&intf->dev, "%s: USB WDM device\n", dev_name(intf->usb_dev));
 859out:
 860        return rv;
 861err:
 862        spin_lock(&wdm_device_list_lock);
 863        list_del(&desc->device_list);
 864        spin_unlock(&wdm_device_list_lock);
 865        cleanup(desc);
 866        return rv;
 867}
 868
 869static int wdm_manage_power(struct usb_interface *intf, int on)
 870{
 871        /* need autopm_get/put here to ensure the usbcore sees the new value */
 872        int rv = usb_autopm_get_interface(intf);
 873
 874        intf->needs_remote_wakeup = on;
 875        if (!rv)
 876                usb_autopm_put_interface(intf);
 877        return 0;
 878}
 879
 880static int wdm_probe(struct usb_interface *intf, const struct usb_device_id *id)
 881{
 882        int rv = -EINVAL;
 883        struct usb_host_interface *iface;
 884        struct usb_endpoint_descriptor *ep;
 885        struct usb_cdc_parsed_header hdr;
 886        u8 *buffer = intf->altsetting->extra;
 887        int buflen = intf->altsetting->extralen;
 888        u16 maxcom = WDM_DEFAULT_BUFSIZE;
 889
 890        if (!buffer)
 891                goto err;
 892
 893        cdc_parse_cdc_header(&hdr, intf, buffer, buflen);
 894
 895        if (hdr.usb_cdc_dmm_desc)
 896                maxcom = le16_to_cpu(hdr.usb_cdc_dmm_desc->wMaxCommand);
 897
 898        iface = intf->cur_altsetting;
 899        if (iface->desc.bNumEndpoints != 1)
 900                goto err;
 901        ep = &iface->endpoint[0].desc;
 902
 903        rv = wdm_create(intf, ep, maxcom, &wdm_manage_power);
 904
 905err:
 906        return rv;
 907}
 908
 909/**
 910 * usb_cdc_wdm_register - register a WDM subdriver
 911 * @intf: usb interface the subdriver will associate with
 912 * @ep: interrupt endpoint to monitor for notifications
 913 * @bufsize: maximum message size to support for read/write
 914 *
 915 * Create WDM usb class character device and associate it with intf
 916 * without binding, allowing another driver to manage the interface.
 917 *
 918 * The subdriver will manage the given interrupt endpoint exclusively
 919 * and will issue control requests referring to the given intf. It
 920 * will otherwise avoid interferring, and in particular not do
 921 * usb_set_intfdata/usb_get_intfdata on intf.
 922 *
 923 * The return value is a pointer to the subdriver's struct usb_driver.
 924 * The registering driver is responsible for calling this subdriver's
 925 * disconnect, suspend, resume, pre_reset and post_reset methods from
 926 * its own.
 927 */
 928struct usb_driver *usb_cdc_wdm_register(struct usb_interface *intf,
 929                                        struct usb_endpoint_descriptor *ep,
 930                                        int bufsize,
 931                                        int (*manage_power)(struct usb_interface *, int))
 932{
 933        int rv = -EINVAL;
 934
 935        rv = wdm_create(intf, ep, bufsize, manage_power);
 936        if (rv < 0)
 937                goto err;
 938
 939        return &wdm_driver;
 940err:
 941        return ERR_PTR(rv);
 942}
 943EXPORT_SYMBOL(usb_cdc_wdm_register);
 944
 945static void wdm_disconnect(struct usb_interface *intf)
 946{
 947        struct wdm_device *desc;
 948        unsigned long flags;
 949
 950        usb_deregister_dev(intf, &wdm_class);
 951        desc = wdm_find_device(intf);
 952        mutex_lock(&wdm_mutex);
 953
 954        /* the spinlock makes sure no new urbs are generated in the callbacks */
 955        spin_lock_irqsave(&desc->iuspin, flags);
 956        set_bit(WDM_DISCONNECTING, &desc->flags);
 957        set_bit(WDM_READ, &desc->flags);
 958        /* to terminate pending flushes */
 959        clear_bit(WDM_IN_USE, &desc->flags);
 960        spin_unlock_irqrestore(&desc->iuspin, flags);
 961        wake_up_all(&desc->wait);
 962        mutex_lock(&desc->rlock);
 963        mutex_lock(&desc->wlock);
 964        kill_urbs(desc);
 965        cancel_work_sync(&desc->rxwork);
 966        mutex_unlock(&desc->wlock);
 967        mutex_unlock(&desc->rlock);
 968
 969        /* the desc->intf pointer used as list key is now invalid */
 970        spin_lock(&wdm_device_list_lock);
 971        list_del(&desc->device_list);
 972        spin_unlock(&wdm_device_list_lock);
 973
 974        if (!desc->count)
 975                cleanup(desc);
 976        else
 977                dev_dbg(&intf->dev, "%d open files - postponing cleanup\n", desc->count);
 978        mutex_unlock(&wdm_mutex);
 979}
 980
 981#ifdef CONFIG_PM
 982static int wdm_suspend(struct usb_interface *intf, pm_message_t message)
 983{
 984        struct wdm_device *desc = wdm_find_device(intf);
 985        int rv = 0;
 986
 987        dev_dbg(&desc->intf->dev, "wdm%d_suspend\n", intf->minor);
 988
 989        /* if this is an autosuspend the caller does the locking */
 990        if (!PMSG_IS_AUTO(message)) {
 991                mutex_lock(&desc->rlock);
 992                mutex_lock(&desc->wlock);
 993        }
 994        spin_lock_irq(&desc->iuspin);
 995
 996        if (PMSG_IS_AUTO(message) &&
 997                        (test_bit(WDM_IN_USE, &desc->flags)
 998                        || test_bit(WDM_RESPONDING, &desc->flags))) {
 999                spin_unlock_irq(&desc->iuspin);
1000                rv = -EBUSY;

1001        } else {
1002
1003                set_bit(WDM_SUSPENDING, &desc->flags);
1004                spin_unlock_irq(&desc->iuspin);
1005                /* callback submits work - order is essential */
1006                kill_urbs(desc);
1007                cancel_work_sync(&desc->rxwork);
1008        }
1009        if (!PMSG_IS_AUTO(message)) {
1010                mutex_unlock(&desc->wlock);
1011                mutex_unlock(&desc->rlock);
1012        }
1013
1014        return rv;
1015}
1016#endif
1017
1018static int recover_from_urb_loss(struct wdm_device *desc)
1019{
1020        int rv = 0;
1021
1022        if (desc->count) {
1023                rv = usb_submit_urb(desc->validity, GFP_NOIO);
1024                if (rv < 0)
1025                        dev_err(&desc->intf->dev,
1026                                "Error resume submitting int urb - %d\n", rv);
1027        }
1028        return rv;
1029}
1030
1031#ifdef CONFIG_PM
1032static int wdm_resume(struct usb_interface *intf)
1033{
1034        struct wdm_device *desc = wdm_find_device(intf);
1035        int rv;
1036
1037        dev_dbg(&desc->intf->dev, "wdm%d_resume\n", intf->minor);
1038
1039        clear_bit(WDM_SUSPENDING, &desc->flags);
1040        rv = recover_from_urb_loss(desc);
1041
1042        return rv;
1043}
1044#endif
1045
1046static int wdm_pre_reset(struct usb_interface *intf)
1047{
1048        struct wdm_device *desc = wdm_find_device(intf);
1049
1050        /*
1051         * we notify everybody using poll of
1052         * an exceptional situation
1053         * must be done before recovery lest a spontaneous
1054         * message from the device is lost
1055         */
1056        spin_lock_irq(&desc->iuspin);
1057        set_bit(WDM_RESETTING, &desc->flags);   /* inform read/write */
1058        set_bit(WDM_READ, &desc->flags);        /* unblock read */
1059        clear_bit(WDM_IN_USE, &desc->flags);    /* unblock write */
1060        desc->rerr = -EINTR;
1061        spin_unlock_irq(&desc->iuspin);
1062        wake_up_all(&desc->wait);
1063        mutex_lock(&desc->rlock);
1064        mutex_lock(&desc->wlock);
1065        kill_urbs(desc);
1066        cancel_work_sync(&desc->rxwork);
1067        return 0;
1068}
1069
1070static int wdm_post_reset(struct usb_interface *intf)
1071{
1072        struct wdm_device *desc = wdm_find_device(intf);
1073        int rv;
1074
1075        clear_bit(WDM_OVERFLOW, &desc->flags);
1076        clear_bit(WDM_RESETTING, &desc->flags);
1077        rv = recover_from_urb_loss(desc);
1078        mutex_unlock(&desc->wlock);
1079        mutex_unlock(&desc->rlock);
1080        return 0;
1081}
1082
1083static struct usb_driver wdm_driver = {
1084        .name =         "cdc_wdm",
1085        .probe =        wdm_probe,
1086        .disconnect =   wdm_disconnect,
1087#ifdef CONFIG_PM
1088        .suspend =      wdm_suspend,
1089        .resume =       wdm_resume,
1090        .reset_resume = wdm_resume,
1091#endif
1092        .pre_reset =    wdm_pre_reset,
1093        .post_reset =   wdm_post_reset,
1094        .id_table =     wdm_ids,
1095        .supports_autosuspend = 1,
1096        .disable_hub_initiated_lpm = 1,
1097};
1098
1099module_usb_driver(wdm_driver);
1100
1101MODULE_AUTHOR(DRIVER_AUTHOR);
1102MODULE_DESCRIPTION(DRIVER_DESC);
1103MODULE_LICENSE("GPL");
1104