1#include <linux/usb.h>
2#include <linux/usb/ch9.h>
3#include <linux/usb/hcd.h>
4#include <linux/usb/quirks.h>
5#include <linux/module.h>
6#include <linux/slab.h>
7#include <linux/device.h>
8#include <asm/byteorder.h>
9#include "usb.h"
10
11
12#define USB_MAXALTSETTING 128
13
14#define USB_MAXCONFIG 8
15
16
17static inline const char *plural(int n)
18{
19 return (n == 1 ? "" : "s");
20}
21
22static int find_next_descriptor(unsigned char *buffer, int size,
23 int dt1, int dt2, int *num_skipped)
24{
25 struct usb_descriptor_header *h;
26 int n = 0;
27 unsigned char *buffer0 = buffer;
28
29
30 while (size > 0) {
31 h = (struct usb_descriptor_header *) buffer;
32 if (h->bDescriptorType == dt1 || h->bDescriptorType == dt2)
33 break;
34 buffer += h->bLength;
35 size -= h->bLength;
36 ++n;
37 }
38
39
40
41 if (num_skipped)
42 *num_skipped = n;
43 return buffer - buffer0;
44}
45
46static void usb_parse_ssp_isoc_endpoint_companion(struct device *ddev,
47 int cfgno, int inum, int asnum, struct usb_host_endpoint *ep,
48 unsigned char *buffer, int size)
49{
50 struct usb_ssp_isoc_ep_comp_descriptor *desc;
51
52
53
54
55
56 desc = (struct usb_ssp_isoc_ep_comp_descriptor *) buffer;
57 if (desc->bDescriptorType != USB_DT_SSP_ISOC_ENDPOINT_COMP ||
58 size < USB_DT_SSP_ISOC_EP_COMP_SIZE) {
59 dev_warn(ddev, "Invalid SuperSpeedPlus isoc endpoint companion"
60 "for config %d interface %d altsetting %d ep %d.\n",
61 cfgno, inum, asnum, ep->desc.bEndpointAddress);
62 return;
63 }
64 memcpy(&ep->ssp_isoc_ep_comp, desc, USB_DT_SSP_ISOC_EP_COMP_SIZE);
65}
66
67static void usb_parse_ss_endpoint_companion(struct device *ddev, int cfgno,
68 int inum, int asnum, struct usb_host_endpoint *ep,
69 unsigned char *buffer, int size)
70{
71 struct usb_ss_ep_comp_descriptor *desc;
72 int max_tx;
73
74
75
76
77 desc = (struct usb_ss_ep_comp_descriptor *) buffer;
78
79 if (desc->bDescriptorType != USB_DT_SS_ENDPOINT_COMP ||
80 size < USB_DT_SS_EP_COMP_SIZE) {
81 dev_warn(ddev, "No SuperSpeed endpoint companion for config %d "
82 " interface %d altsetting %d ep %d: "
83 "using minimum values\n",
84 cfgno, inum, asnum, ep->desc.bEndpointAddress);
85
86
87
88
89
90
91
92
93 ep->ss_ep_comp.bLength = USB_DT_SS_EP_COMP_SIZE;
94 ep->ss_ep_comp.bDescriptorType = USB_DT_SS_ENDPOINT_COMP;
95 if (usb_endpoint_xfer_isoc(&ep->desc) ||
96 usb_endpoint_xfer_int(&ep->desc))
97 ep->ss_ep_comp.wBytesPerInterval =
98 ep->desc.wMaxPacketSize;
99 return;
100 }
101 buffer += desc->bLength;
102 size -= desc->bLength;
103 memcpy(&ep->ss_ep_comp, desc, USB_DT_SS_EP_COMP_SIZE);
104
105
106 if (usb_endpoint_xfer_control(&ep->desc) && desc->bMaxBurst != 0) {
107 dev_warn(ddev, "Control endpoint with bMaxBurst = %d in "
108 "config %d interface %d altsetting %d ep %d: "
109 "setting to zero\n", desc->bMaxBurst,
110 cfgno, inum, asnum, ep->desc.bEndpointAddress);
111 ep->ss_ep_comp.bMaxBurst = 0;
112 } else if (desc->bMaxBurst > 15) {
113 dev_warn(ddev, "Endpoint with bMaxBurst = %d in "
114 "config %d interface %d altsetting %d ep %d: "
115 "setting to 15\n", desc->bMaxBurst,
116 cfgno, inum, asnum, ep->desc.bEndpointAddress);
117 ep->ss_ep_comp.bMaxBurst = 15;
118 }
119
120 if ((usb_endpoint_xfer_control(&ep->desc) ||
121 usb_endpoint_xfer_int(&ep->desc)) &&
122 desc->bmAttributes != 0) {
123 dev_warn(ddev, "%s endpoint with bmAttributes = %d in "
124 "config %d interface %d altsetting %d ep %d: "
125 "setting to zero\n",
126 usb_endpoint_xfer_control(&ep->desc) ? "Control" : "Bulk",
127 desc->bmAttributes,
128 cfgno, inum, asnum, ep->desc.bEndpointAddress);
129 ep->ss_ep_comp.bmAttributes = 0;
130 } else if (usb_endpoint_xfer_bulk(&ep->desc) &&
131 desc->bmAttributes > 16) {
132 dev_warn(ddev, "Bulk endpoint with more than 65536 streams in "
133 "config %d interface %d altsetting %d ep %d: "
134 "setting to max\n",
135 cfgno, inum, asnum, ep->desc.bEndpointAddress);
136 ep->ss_ep_comp.bmAttributes = 16;
137 } else if (usb_endpoint_xfer_isoc(&ep->desc) &&
138 !USB_SS_SSP_ISOC_COMP(desc->bmAttributes) &&
139 USB_SS_MULT(desc->bmAttributes) > 3) {
140 dev_warn(ddev, "Isoc endpoint has Mult of %d in "
141 "config %d interface %d altsetting %d ep %d: "
142 "setting to 3\n",
143 USB_SS_MULT(desc->bmAttributes),
144 cfgno, inum, asnum, ep->desc.bEndpointAddress);
145 ep->ss_ep_comp.bmAttributes = 2;
146 }
147
148 if (usb_endpoint_xfer_isoc(&ep->desc))
149 max_tx = (desc->bMaxBurst + 1) *
150 (USB_SS_MULT(desc->bmAttributes)) *
151 usb_endpoint_maxp(&ep->desc);
152 else if (usb_endpoint_xfer_int(&ep->desc))
153 max_tx = usb_endpoint_maxp(&ep->desc) *
154 (desc->bMaxBurst + 1);
155 else
156 max_tx = 999999;
157 if (le16_to_cpu(desc->wBytesPerInterval) > max_tx) {
158 dev_warn(ddev, "%s endpoint with wBytesPerInterval of %d in "
159 "config %d interface %d altsetting %d ep %d: "
160 "setting to %d\n",
161 usb_endpoint_xfer_isoc(&ep->desc) ? "Isoc" : "Int",
162 le16_to_cpu(desc->wBytesPerInterval),
163 cfgno, inum, asnum, ep->desc.bEndpointAddress,
164 max_tx);
165 ep->ss_ep_comp.wBytesPerInterval = cpu_to_le16(max_tx);
166 }
167
168 if (usb_endpoint_xfer_isoc(&ep->desc) &&
169 USB_SS_SSP_ISOC_COMP(desc->bmAttributes))
170 usb_parse_ssp_isoc_endpoint_companion(ddev, cfgno, inum, asnum,
171 ep, buffer, size);
172}
173
174static const unsigned short low_speed_maxpacket_maxes[4] = {
175 [USB_ENDPOINT_XFER_CONTROL] = 8,
176 [USB_ENDPOINT_XFER_ISOC] = 0,
177 [USB_ENDPOINT_XFER_BULK] = 0,
178 [USB_ENDPOINT_XFER_INT] = 8,
179};
180static const unsigned short full_speed_maxpacket_maxes[4] = {
181 [USB_ENDPOINT_XFER_CONTROL] = 64,
182 [USB_ENDPOINT_XFER_ISOC] = 1023,
183 [USB_ENDPOINT_XFER_BULK] = 64,
184 [USB_ENDPOINT_XFER_INT] = 64,
185};
186static const unsigned short high_speed_maxpacket_maxes[4] = {
187 [USB_ENDPOINT_XFER_CONTROL] = 64,
188 [USB_ENDPOINT_XFER_ISOC] = 1024,
189 [USB_ENDPOINT_XFER_BULK] = 512,
190 [USB_ENDPOINT_XFER_INT] = 1024,
191};
192static const unsigned short super_speed_maxpacket_maxes[4] = {
193 [USB_ENDPOINT_XFER_CONTROL] = 512,
194 [USB_ENDPOINT_XFER_ISOC] = 1024,
195 [USB_ENDPOINT_XFER_BULK] = 1024,
196 [USB_ENDPOINT_XFER_INT] = 1024,
197};
198
199static int usb_parse_endpoint(struct device *ddev, int cfgno, int inum,
200 int asnum, struct usb_host_interface *ifp, int num_ep,
201 unsigned char *buffer, int size)
202{
203 unsigned char *buffer0 = buffer;
204 struct usb_endpoint_descriptor *d;
205 struct usb_host_endpoint *endpoint;
206 int n, i, j, retval;
207 unsigned int maxp;
208 const unsigned short *maxpacket_maxes;
209
210 d = (struct usb_endpoint_descriptor *) buffer;
211 buffer += d->bLength;
212 size -= d->bLength;
213
214 if (d->bLength >= USB_DT_ENDPOINT_AUDIO_SIZE)
215 n = USB_DT_ENDPOINT_AUDIO_SIZE;
216 else if (d->bLength >= USB_DT_ENDPOINT_SIZE)
217 n = USB_DT_ENDPOINT_SIZE;
218 else {
219 dev_warn(ddev, "config %d interface %d altsetting %d has an "
220 "invalid endpoint descriptor of length %d, skipping\n",
221 cfgno, inum, asnum, d->bLength);
222 goto skip_to_next_endpoint_or_interface_descriptor;
223 }
224
225 i = d->bEndpointAddress & ~USB_ENDPOINT_DIR_MASK;
226 if (i >= 16 || i == 0) {
227 dev_warn(ddev, "config %d interface %d altsetting %d has an "
228 "invalid endpoint with address 0x%X, skipping\n",
229 cfgno, inum, asnum, d->bEndpointAddress);
230 goto skip_to_next_endpoint_or_interface_descriptor;
231 }
232
233
234 if (ifp->desc.bNumEndpoints >= num_ep)
235 goto skip_to_next_endpoint_or_interface_descriptor;
236
237 endpoint = &ifp->endpoint[ifp->desc.bNumEndpoints];
238 ++ifp->desc.bNumEndpoints;
239
240 memcpy(&endpoint->desc, d, n);
241 INIT_LIST_HEAD(&endpoint->urb_list);
242
243
244
245
246
247 i = 0;
248 j = 255;
249 if (usb_endpoint_xfer_int(d)) {
250 i = 1;
251 switch (to_usb_device(ddev)->speed) {
252 case USB_SPEED_SUPER_PLUS:
253 case USB_SPEED_SUPER:
254 case USB_SPEED_HIGH:
255
256
257
258
259
260
261 n = fls(d->bInterval*8);
262 if (n == 0)
263 n = 7;
264 j = 16;
265
266
267
268
269
270
271 if (to_usb_device(ddev)->quirks &
272 USB_QUIRK_LINEAR_UFRAME_INTR_BINTERVAL) {
273 n = clamp(fls(d->bInterval), i, j);
274 i = j = n;
275 }
276 break;
277 default:
278
279
280
281
282
283 n = 10;
284 break;
285 }
286 } else if (usb_endpoint_xfer_isoc(d)) {
287 i = 1;
288 j = 16;
289 switch (to_usb_device(ddev)->speed) {
290 case USB_SPEED_HIGH:
291 n = 7;
292 break;
293 default:
294 n = 4;
295 break;
296 }
297 }
298 if (d->bInterval < i || d->bInterval > j) {
299 dev_warn(ddev, "config %d interface %d altsetting %d "
300 "endpoint 0x%X has an invalid bInterval %d, "
301 "changing to %d\n",
302 cfgno, inum, asnum,
303 d->bEndpointAddress, d->bInterval, n);
304 endpoint->desc.bInterval = n;
305 }
306
307
308
309
310
311 if (to_usb_device(ddev)->speed == USB_SPEED_LOW &&
312 usb_endpoint_xfer_bulk(d)) {
313 dev_warn(ddev, "config %d interface %d altsetting %d "
314 "endpoint 0x%X is Bulk; changing to Interrupt\n",
315 cfgno, inum, asnum, d->bEndpointAddress);
316 endpoint->desc.bmAttributes = USB_ENDPOINT_XFER_INT;
317 endpoint->desc.bInterval = 1;
318 if (usb_endpoint_maxp(&endpoint->desc) > 8)
319 endpoint->desc.wMaxPacketSize = cpu_to_le16(8);
320 }
321
322
323 maxp = usb_endpoint_maxp(&endpoint->desc);
324
325
326 i = 0;
327 switch (to_usb_device(ddev)->speed) {
328 case USB_SPEED_LOW:
329 maxpacket_maxes = low_speed_maxpacket_maxes;
330 break;
331 case USB_SPEED_FULL:
332 maxpacket_maxes = full_speed_maxpacket_maxes;
333 break;
334 case USB_SPEED_HIGH:
335
336 if (usb_endpoint_xfer_int(d) || usb_endpoint_xfer_isoc(d)) {
337 i = maxp & (BIT(12) | BIT(11));
338 maxp &= ~i;
339 }
340
341 default:
342 maxpacket_maxes = high_speed_maxpacket_maxes;
343 break;
344 case USB_SPEED_SUPER:
345 case USB_SPEED_SUPER_PLUS:
346 maxpacket_maxes = super_speed_maxpacket_maxes;
347 break;
348 }
349 j = maxpacket_maxes[usb_endpoint_type(&endpoint->desc)];
350
351 if (maxp > j) {
352 dev_warn(ddev, "config %d interface %d altsetting %d endpoint 0x%X has invalid maxpacket %d, setting to %d\n",
353 cfgno, inum, asnum, d->bEndpointAddress, maxp, j);
354 maxp = j;
355 endpoint->desc.wMaxPacketSize = cpu_to_le16(i | maxp);
356 }
357
358
359
360
361
362
363 if (to_usb_device(ddev)->speed == USB_SPEED_HIGH
364 && usb_endpoint_xfer_bulk(d)) {
365 if (maxp != 512)
366 dev_warn(ddev, "config %d interface %d altsetting %d "
367 "bulk endpoint 0x%X has invalid maxpacket %d\n",
368 cfgno, inum, asnum, d->bEndpointAddress,
369 maxp);
370 }
371
372
373 if (to_usb_device(ddev)->speed >= USB_SPEED_SUPER)
374 usb_parse_ss_endpoint_companion(ddev, cfgno,
375 inum, asnum, endpoint, buffer, size);
376
377
378
379 endpoint->extra = buffer;
380 i = find_next_descriptor(buffer, size, USB_DT_ENDPOINT,
381 USB_DT_INTERFACE, &n);
382 endpoint->extralen = i;
383 retval = buffer - buffer0 + i;
384 if (n > 0)
385 dev_dbg(ddev, "skipped %d descriptor%s after %s\n",
386 n, plural(n), "endpoint");
387 return retval;
388
389skip_to_next_endpoint_or_interface_descriptor:
390 i = find_next_descriptor(buffer, size, USB_DT_ENDPOINT,
391 USB_DT_INTERFACE, NULL);
392 return buffer - buffer0 + i;
393}
394
395void usb_release_interface_cache(struct kref *ref)
396{
397 struct usb_interface_cache *intfc = ref_to_usb_interface_cache(ref);
398 int j;
399
400 for (j = 0; j < intfc->num_altsetting; j++) {
401 struct usb_host_interface *alt = &intfc->altsetting[j];
402
403 kfree(alt->endpoint);
404 kfree(alt->string);
405 }
406 kfree(intfc);
407}
408
409static int usb_parse_interface(struct device *ddev, int cfgno,
410 struct usb_host_config *config, unsigned char *buffer, int size,
411 u8 inums[], u8 nalts[])
412{
413 unsigned char *buffer0 = buffer;
414 struct usb_interface_descriptor *d;
415 int inum, asnum;
416 struct usb_interface_cache *intfc;
417 struct usb_host_interface *alt;
418 int i, n;
419 int len, retval;
420 int num_ep, num_ep_orig;
421
422 d = (struct usb_interface_descriptor *) buffer;
423 buffer += d->bLength;
424 size -= d->bLength;
425
426 if (d->bLength < USB_DT_INTERFACE_SIZE)
427 goto skip_to_next_interface_descriptor;
428
429
430 intfc = NULL;
431 inum = d->bInterfaceNumber;
432 for (i = 0; i < config->desc.bNumInterfaces; ++i) {
433 if (inums[i] == inum) {
434 intfc = config->intf_cache[i];
435 break;
436 }
437 }
438 if (!intfc || intfc->num_altsetting >= nalts[i])
439 goto skip_to_next_interface_descriptor;
440
441
442 asnum = d->bAlternateSetting;
443 for ((i = 0, alt = &intfc->altsetting[0]);
444 i < intfc->num_altsetting;
445 (++i, ++alt)) {
446 if (alt->desc.bAlternateSetting == asnum) {
447 dev_warn(ddev, "Duplicate descriptor for config %d "
448 "interface %d altsetting %d, skipping\n",
449 cfgno, inum, asnum);
450 goto skip_to_next_interface_descriptor;
451 }
452 }
453
454 ++intfc->num_altsetting;
455 memcpy(&alt->desc, d, USB_DT_INTERFACE_SIZE);
456
457
458
459 alt->extra = buffer;
460 i = find_next_descriptor(buffer, size, USB_DT_ENDPOINT,
461 USB_DT_INTERFACE, &n);
462 alt->extralen = i;
463 if (n > 0)
464 dev_dbg(ddev, "skipped %d descriptor%s after %s\n",
465 n, plural(n), "interface");
466 buffer += i;
467 size -= i;
468
469
470 num_ep = num_ep_orig = alt->desc.bNumEndpoints;
471 alt->desc.bNumEndpoints = 0;
472 if (num_ep > USB_MAXENDPOINTS) {
473 dev_warn(ddev, "too many endpoints for config %d interface %d "
474 "altsetting %d: %d, using maximum allowed: %d\n",
475 cfgno, inum, asnum, num_ep, USB_MAXENDPOINTS);
476 num_ep = USB_MAXENDPOINTS;
477 }
478
479 if (num_ep > 0) {
480
481 len = sizeof(struct usb_host_endpoint) * num_ep;
482 alt->endpoint = kzalloc(len, GFP_KERNEL);
483 if (!alt->endpoint)
484 return -ENOMEM;
485 }
486
487
488 n = 0;
489 while (size > 0) {
490 if (((struct usb_descriptor_header *) buffer)->bDescriptorType
491 == USB_DT_INTERFACE)
492 break;
493 retval = usb_parse_endpoint(ddev, cfgno, inum, asnum, alt,
494 num_ep, buffer, size);
495 if (retval < 0)
496 return retval;
497 ++n;
498
499 buffer += retval;
500 size -= retval;
501 }
502
503 if (n != num_ep_orig)
504 dev_warn(ddev, "config %d interface %d altsetting %d has %d "
505 "endpoint descriptor%s, different from the interface "
506 "descriptor's value: %d\n",
507 cfgno, inum, asnum, n, plural(n), num_ep_orig);
508 return buffer - buffer0;
509
510skip_to_next_interface_descriptor:
511 i = find_next_descriptor(buffer, size, USB_DT_INTERFACE,
512 USB_DT_INTERFACE, NULL);
513 return buffer - buffer0 + i;
514}
515
516static int usb_parse_configuration(struct usb_device *dev, int cfgidx,
517 struct usb_host_config *config, unsigned char *buffer, int size)
518{
519 struct device *ddev = &dev->dev;
520 unsigned char *buffer0 = buffer;
521 int cfgno;
522 int nintf, nintf_orig;
523 int i, j, n;
524 struct usb_interface_cache *intfc;
525 unsigned char *buffer2;
526 int size2;
527 struct usb_descriptor_header *header;
528 int len, retval;
529 u8 inums[USB_MAXINTERFACES], nalts[USB_MAXINTERFACES];
530 unsigned iad_num = 0;
531
532 memcpy(&config->desc, buffer, USB_DT_CONFIG_SIZE);
533 if (config->desc.bDescriptorType != USB_DT_CONFIG ||
534 config->desc.bLength < USB_DT_CONFIG_SIZE ||
535 config->desc.bLength > size) {
536 dev_err(ddev, "invalid descriptor for config index %d: "
537 "type = 0x%X, length = %d\n", cfgidx,
538 config->desc.bDescriptorType, config->desc.bLength);
539 return -EINVAL;
540 }
541 cfgno = config->desc.bConfigurationValue;
542
543 buffer += config->desc.bLength;
544 size -= config->desc.bLength;
545
546 nintf = nintf_orig = config->desc.bNumInterfaces;
547 if (nintf > USB_MAXINTERFACES) {
548 dev_warn(ddev, "config %d has too many interfaces: %d, "
549 "using maximum allowed: %d\n",
550 cfgno, nintf, USB_MAXINTERFACES);
551 nintf = USB_MAXINTERFACES;
552 }
553
554
555
556 n = 0;
557 for ((buffer2 = buffer, size2 = size);
558 size2 > 0;
559 (buffer2 += header->bLength, size2 -= header->bLength)) {
560
561 if (size2 < sizeof(struct usb_descriptor_header)) {
562 dev_warn(ddev, "config %d descriptor has %d excess "
563 "byte%s, ignoring\n",
564 cfgno, size2, plural(size2));
565 break;
566 }
567
568 header = (struct usb_descriptor_header *) buffer2;
569 if ((header->bLength > size2) || (header->bLength < 2)) {
570 dev_warn(ddev, "config %d has an invalid descriptor "
571 "of length %d, skipping remainder of the config\n",
572 cfgno, header->bLength);
573 break;
574 }
575
576 if (header->bDescriptorType == USB_DT_INTERFACE) {
577 struct usb_interface_descriptor *d;
578 int inum;
579
580 d = (struct usb_interface_descriptor *) header;
581 if (d->bLength < USB_DT_INTERFACE_SIZE) {
582 dev_warn(ddev, "config %d has an invalid "
583 "interface descriptor of length %d, "
584 "skipping\n", cfgno, d->bLength);
585 continue;
586 }
587
588 inum = d->bInterfaceNumber;
589
590 if ((dev->quirks & USB_QUIRK_HONOR_BNUMINTERFACES) &&
591 n >= nintf_orig) {
592 dev_warn(ddev, "config %d has more interface "
593 "descriptors, than it declares in "
594 "bNumInterfaces, ignoring interface "
595 "number: %d\n", cfgno, inum);
596 continue;
597 }
598
599 if (inum >= nintf_orig)
600 dev_warn(ddev, "config %d has an invalid "
601 "interface number: %d but max is %d\n",
602 cfgno, inum, nintf_orig - 1);
603
604
605
606 for (i = 0; i < n; ++i) {
607 if (inums[i] == inum)
608 break;
609 }
610 if (i < n) {
611 if (nalts[i] < 255)
612 ++nalts[i];
613 } else if (n < USB_MAXINTERFACES) {
614 inums[n] = inum;
615 nalts[n] = 1;
616 ++n;
617 }
618
619 } else if (header->bDescriptorType ==
620 USB_DT_INTERFACE_ASSOCIATION) {
621 if (iad_num == USB_MAXIADS) {
622 dev_warn(ddev, "found more Interface "
623 "Association Descriptors "
624 "than allocated for in "
625 "configuration %d\n", cfgno);
626 } else {
627 config->intf_assoc[iad_num] =
628 (struct usb_interface_assoc_descriptor
629 *)header;
630 iad_num++;
631 }
632
633 } else if (header->bDescriptorType == USB_DT_DEVICE ||
634 header->bDescriptorType == USB_DT_CONFIG)
635 dev_warn(ddev, "config %d contains an unexpected "
636 "descriptor of type 0x%X, skipping\n",
637 cfgno, header->bDescriptorType);
638
639 }
640 size = buffer2 - buffer;
641 config->desc.wTotalLength = cpu_to_le16(buffer2 - buffer0);
642
643 if (n != nintf)
644 dev_warn(ddev, "config %d has %d interface%s, different from "
645 "the descriptor's value: %d\n",
646 cfgno, n, plural(n), nintf_orig);
647 else if (n == 0)
648 dev_warn(ddev, "config %d has no interfaces?\n", cfgno);
649 config->desc.bNumInterfaces = nintf = n;
650
651
652 for (i = 0; i < nintf; ++i) {
653 for (j = 0; j < nintf; ++j) {
654 if (inums[j] == i)
655 break;
656 }
657 if (j >= nintf)
658 dev_warn(ddev, "config %d has no interface number "
659 "%d\n", cfgno, i);
660 }
661
662
663 for (i = 0; i < nintf; ++i) {
664 j = nalts[i];
665 if (j > USB_MAXALTSETTING) {
666 dev_warn(ddev, "too many alternate settings for "
667 "config %d interface %d: %d, "
668 "using maximum allowed: %d\n",
669 cfgno, inums[i], j, USB_MAXALTSETTING);
670 nalts[i] = j = USB_MAXALTSETTING;
671 }
672
673 len = sizeof(*intfc) + sizeof(struct usb_host_interface) * j;
674 config->intf_cache[i] = intfc = kzalloc(len, GFP_KERNEL);
675 if (!intfc)
676 return -ENOMEM;
677 kref_init(&intfc->ref);
678 }
679
680
681
682
683
684 config->extra = buffer;
685 i = find_next_descriptor(buffer, size, USB_DT_INTERFACE,
686 USB_DT_INTERFACE, &n);
687 config->extralen = i;
688 if (n > 0)
689 dev_dbg(ddev, "skipped %d descriptor%s after %s\n",
690 n, plural(n), "configuration");
691 buffer += i;
692 size -= i;
693
694
695 while (size > 0) {
696 retval = usb_parse_interface(ddev, cfgno, config,
697 buffer, size, inums, nalts);
698 if (retval < 0)
699 return retval;
700
701 buffer += retval;
702 size -= retval;
703 }
704
705
706 for (i = 0; i < nintf; ++i) {
707 intfc = config->intf_cache[i];
708 for (j = 0; j < intfc->num_altsetting; ++j) {
709 for (n = 0; n < intfc->num_altsetting; ++n) {
710 if (intfc->altsetting[n].desc.
711 bAlternateSetting == j)
712 break;
713 }
714 if (n >= intfc->num_altsetting)
715 dev_warn(ddev, "config %d interface %d has no "
716 "altsetting %d\n", cfgno, inums[i], j);
717 }
718 }
719
720 return 0;
721}
722
723
724
725
726void usb_destroy_configuration(struct usb_device *dev)
727{
728 int c, i;
729
730 if (!dev->config)
731 return;
732
733 if (dev->rawdescriptors) {
734 for (i = 0; i < dev->descriptor.bNumConfigurations; i++)
735 kfree(dev->rawdescriptors[i]);
736
737 kfree(dev->rawdescriptors);
738 dev->rawdescriptors = NULL;
739 }
740
741 for (c = 0; c < dev->descriptor.bNumConfigurations; c++) {
742 struct usb_host_config *cf = &dev->config[c];
743
744 kfree(cf->string);
745 for (i = 0; i < cf->desc.bNumInterfaces; i++) {
746 if (cf->intf_cache[i])
747 kref_put(&cf->intf_cache[i]->ref,
748 usb_release_interface_cache);
749 }
750 }
751 kfree(dev->config);
752 dev->config = NULL;
753}
754
755
756
757
758
759
760
761
762int usb_get_configuration(struct usb_device *dev)
763{
764 struct device *ddev = &dev->dev;
765 int ncfg = dev->descriptor.bNumConfigurations;
766 int result = 0;
767 unsigned int cfgno, length;
768 unsigned char *bigbuffer;
769 struct usb_config_descriptor *desc;
770
771 cfgno = 0;
772 result = -ENOMEM;
773 if (ncfg > USB_MAXCONFIG) {
774 dev_warn(ddev, "too many configurations: %d, "
775 "using maximum allowed: %d\n", ncfg, USB_MAXCONFIG);
776 dev->descriptor.bNumConfigurations = ncfg = USB_MAXCONFIG;
777 }
778
779 if (ncfg < 1) {
780 dev_err(ddev, "no configurations\n");
781 return -EINVAL;
782 }
783
784 length = ncfg * sizeof(struct usb_host_config);
785 dev->config = kzalloc(length, GFP_KERNEL);
786 if (!dev->config)
787 goto err2;
788
789 length = ncfg * sizeof(char *);
790 dev->rawdescriptors = kzalloc(length, GFP_KERNEL);
791 if (!dev->rawdescriptors)
792 goto err2;
793
794 desc = kmalloc(USB_DT_CONFIG_SIZE, GFP_KERNEL);
795 if (!desc)
796 goto err2;
797
798 result = 0;
799 for (; cfgno < ncfg; cfgno++) {
800
801
802 result = usb_get_descriptor(dev, USB_DT_CONFIG, cfgno,
803 desc, USB_DT_CONFIG_SIZE);
804 if (result < 0) {
805 dev_err(ddev, "unable to read config index %d "
806 "descriptor/%s: %d\n", cfgno, "start", result);
807 if (result != -EPIPE)
808 goto err;
809 dev_err(ddev, "chopping to %d config(s)\n", cfgno);
810 dev->descriptor.bNumConfigurations = cfgno;
811 break;
812 } else if (result < 4) {
813 dev_err(ddev, "config index %d descriptor too short "
814 "(expected %i, got %i)\n", cfgno,
815 USB_DT_CONFIG_SIZE, result);
816 result = -EINVAL;
817 goto err;
818 }
819 length = max((int) le16_to_cpu(desc->wTotalLength),
820 USB_DT_CONFIG_SIZE);
821
822
823 bigbuffer = kmalloc(length, GFP_KERNEL);
824 if (!bigbuffer) {
825 result = -ENOMEM;
826 goto err;
827 }
828
829 if (dev->quirks & USB_QUIRK_DELAY_INIT)
830 msleep(100);
831
832 result = usb_get_descriptor(dev, USB_DT_CONFIG, cfgno,
833 bigbuffer, length);
834 if (result < 0) {
835 dev_err(ddev, "unable to read config index %d "
836 "descriptor/%s\n", cfgno, "all");
837 kfree(bigbuffer);
838 goto err;
839 }
840 if (result < length) {
841 dev_warn(ddev, "config index %d descriptor too short "
842 "(expected %i, got %i)\n", cfgno, length, result);
843 length = result;
844 }
845
846 dev->rawdescriptors[cfgno] = bigbuffer;
847
848 result = usb_parse_configuration(dev, cfgno,
849 &dev->config[cfgno], bigbuffer, length);
850 if (result < 0) {
851 ++cfgno;
852 goto err;
853 }
854 }
855 result = 0;
856
857err:
858 kfree(desc);
859 dev->descriptor.bNumConfigurations = cfgno;
860err2:
861 if (result == -ENOMEM)
862 dev_err(ddev, "out of memory\n");
863 return result;
864}
865
866void usb_release_bos_descriptor(struct usb_device *dev)
867{
868 if (dev->bos) {
869 kfree(dev->bos->desc);
870 kfree(dev->bos);
871 dev->bos = NULL;
872 }
873}
874
875
876int usb_get_bos_descriptor(struct usb_device *dev)
877{
878 struct device *ddev = &dev->dev;
879 struct usb_bos_descriptor *bos;
880 struct usb_dev_cap_header *cap;
881 unsigned char *buffer;
882 int length, total_len, num, i;
883 int ret;
884
885 bos = kzalloc(sizeof(struct usb_bos_descriptor), GFP_KERNEL);
886 if (!bos)
887 return -ENOMEM;
888
889
890 ret = usb_get_descriptor(dev, USB_DT_BOS, 0, bos, USB_DT_BOS_SIZE);
891 if (ret < USB_DT_BOS_SIZE) {
892 dev_err(ddev, "unable to get BOS descriptor\n");
893 if (ret >= 0)
894 ret = -ENOMSG;
895 kfree(bos);
896 return ret;
897 }
898
899 length = bos->bLength;
900 total_len = le16_to_cpu(bos->wTotalLength);
901 num = bos->bNumDeviceCaps;
902 kfree(bos);
903 if (total_len < length)
904 return -EINVAL;
905
906 dev->bos = kzalloc(sizeof(struct usb_host_bos), GFP_KERNEL);
907 if (!dev->bos)
908 return -ENOMEM;
909
910
911 buffer = kzalloc(total_len, GFP_KERNEL);
912 if (!buffer) {
913 ret = -ENOMEM;
914 goto err;
915 }
916 dev->bos->desc = (struct usb_bos_descriptor *)buffer;
917
918 ret = usb_get_descriptor(dev, USB_DT_BOS, 0, buffer, total_len);
919 if (ret < total_len) {
920 dev_err(ddev, "unable to get BOS descriptor set\n");
921 if (ret >= 0)
922 ret = -ENOMSG;
923 goto err;
924 }
925 total_len -= length;
926
927 for (i = 0; i < num; i++) {
928 buffer += length;
929 cap = (struct usb_dev_cap_header *)buffer;
930 length = cap->bLength;
931
932 if (total_len < length)
933 break;
934 total_len -= length;
935
936 if (cap->bDescriptorType != USB_DT_DEVICE_CAPABILITY) {
937 dev_warn(ddev, "descriptor type invalid, skip\n");
938 continue;
939 }
940
941 switch (cap->bDevCapabilityType) {
942 case USB_CAP_TYPE_WIRELESS_USB:
943
944 break;
945 case USB_CAP_TYPE_EXT:
946 dev->bos->ext_cap =
947 (struct usb_ext_cap_descriptor *)buffer;
948 break;
949 case USB_SS_CAP_TYPE:
950 dev->bos->ss_cap =
951 (struct usb_ss_cap_descriptor *)buffer;
952 break;
953 case USB_SSP_CAP_TYPE:
954 dev->bos->ssp_cap =
955 (struct usb_ssp_cap_descriptor *)buffer;
956 break;
957 case CONTAINER_ID_TYPE:
958 dev->bos->ss_id =
959 (struct usb_ss_container_id_descriptor *)buffer;
960 break;
961 case USB_PTM_CAP_TYPE:
962 dev->bos->ptm_cap =
963 (struct usb_ptm_cap_descriptor *)buffer;
964 default:
965 break;
966 }
967 }
968
969 return 0;
970
971err:
972 usb_release_bos_descriptor(dev);
973 return ret;
974}
975
