]> git.proxmox.com Git - mirror_ubuntu-artful-kernel.git/blame - drivers/usb/class/cdc-wdm.c
projects / mirror_ubuntu-artful-kernel.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
USB: cdc-wdm: sanitize error returns
[mirror_ubuntu-artful-kernel.git] / drivers / usb / class / cdc-wdm.c
CommitLineData
afba937e
ON		 1/*
2 * cdc-wdm.c
3 *
4 * This driver supports USB CDC WCM Device Management.
5 *
052fbc0d 6 * Copyright (c) 2007-2009 Oliver Neukum
afba937e
ON		 7 *
8 * Some code taken from cdc-acm.c
9 *
10 * Released under the GPLv2.
11 *
12 * Many thanks to Carl Nordbeck
13 */
14#include <linux/kernel.h>
15#include <linux/errno.h>
16#include <linux/slab.h>
17#include <linux/module.h>
afba937e
ON		 18#include <linux/mutex.h>
19#include <linux/uaccess.h>
20#include <linux/bitops.h>
21#include <linux/poll.h>
22#include <linux/usb.h>
23#include <linux/usb/cdc.h>
24#include <asm/byteorder.h>
25#include <asm/unaligned.h>
3cc36157 26#include <linux/usb/cdc-wdm.h>
afba937e
ON		 27
28/*
29 * Version Information
30 */
87d65e54 31#define DRIVER_VERSION "v0.03"
afba937e 32#define DRIVER_AUTHOR "Oliver Neukum"
87d65e54 33#define DRIVER_DESC "USB Abstract Control Model driver for USB WCM Device Management"
afba937e 34
fec67b45
BM		 35#define HUAWEI_VENDOR_ID 0x12D1
36
6ef4852b 37static const struct usb_device_id wdm_ids[] = {
afba937e
ON		 38 {
39 .match_flags = USB_DEVICE_ID_MATCH_INT_CLASS |
40 USB_DEVICE_ID_MATCH_INT_SUBCLASS,
41 .bInterfaceClass = USB_CLASS_COMM,
42 .bInterfaceSubClass = USB_CDC_SUBCLASS_DMM
43 },
fec67b45
BM		 44 {
45 /*
46 * Huawei E392, E398 and possibly other Qualcomm based modems
47 * embed the Qualcomm QMI protocol inside CDC on CDC ECM like
48 * control interfaces. Userspace access to this is required
49 * to configure the accompanying data interface
50 */
51 .match_flags = USB_DEVICE_ID_MATCH_VENDOR |
52 USB_DEVICE_ID_MATCH_INT_INFO,
53 .idVendor = HUAWEI_VENDOR_ID,
54 .bInterfaceClass = USB_CLASS_VENDOR_SPEC,
55 .bInterfaceSubClass = 1,
56 .bInterfaceProtocol = 9, /* NOTE: CDC ECM control interface! */
57 },
afba937e
ON		 58 { }
59};
60
aa5380b9
ON		 61MODULE_DEVICE_TABLE (usb, wdm_ids);
62
afba937e
ON		 63#define WDM_MINOR_BASE 176
64
65
66#define WDM_IN_USE 1
67#define WDM_DISCONNECTING 2
68#define WDM_RESULT 3
69#define WDM_READ 4
70#define WDM_INT_STALL 5
71#define WDM_POLL_RUNNING 6
922a5ead 72#define WDM_RESPONDING 7
beb1d35f 73#define WDM_SUSPENDING 8
88044202 74#define WDM_RESETTING 9
afba937e
ON		 75
76#define WDM_MAX 16
77
7e3054a0
BM		 78/* CDC-WMC r1.1 requires wMaxCommand to be "at least 256 decimal (0x100)" */
79#define WDM_DEFAULT_BUFSIZE 256
afba937e
ON		 80
81static DEFINE_MUTEX(wdm_mutex);
b0c13860
BM		 82static DEFINE_SPINLOCK(wdm_device_list_lock);
83static LIST_HEAD(wdm_device_list);
afba937e
ON		 84
85/* --- method tables --- */
86
87struct wdm_device {
88 u8 *inbuf; /* buffer for response */
89 u8 *outbuf; /* buffer for command */
90 u8 *sbuf; /* buffer for status */
91 u8 *ubuf; /* buffer for copy to user space */
92
93 struct urb *command;
94 struct urb *response;
95 struct urb *validity;
96 struct usb_interface *intf;
97 struct usb_ctrlrequest *orq;
98 struct usb_ctrlrequest *irq;
99 spinlock_t iuspin;
100
101 unsigned long flags;
102 u16 bufsize;
103 u16 wMaxCommand;
104 u16 wMaxPacketSize;
afba937e
ON		 105 __le16 inum;
106 int reslength;
107 int length;
108 int read;
109 int count;
110 dma_addr_t shandle;
111 dma_addr_t ihandle;
e8537bd2
BM		 112 struct mutex wlock;
113 struct mutex rlock;
afba937e
ON		 114 wait_queue_head_t wait;
115 struct work_struct rxwork;
116 int werr;
117 int rerr;
b0c13860
BM		 118
119 struct list_head device_list;
3cc36157 120 int (*manage_power)(struct usb_interface *, int);
afba937e
ON		 121};
122
123static struct usb_driver wdm_driver;
124
b0c13860
BM		 125/* return intfdata if we own the interface, else look up intf in the list */
126static struct wdm_device *wdm_find_device(struct usb_interface *intf)
127{
128 struct wdm_device *desc = NULL;
129
130 spin_lock(&wdm_device_list_lock);
131 list_for_each_entry(desc, &wdm_device_list, device_list)
132 if (desc->intf == intf)
133 break;
134 spin_unlock(&wdm_device_list_lock);
135
136 return desc;
137}
138
139static struct wdm_device *wdm_find_device_by_minor(int minor)
140{
141 struct wdm_device *desc = NULL;
142
143 spin_lock(&wdm_device_list_lock);
144 list_for_each_entry(desc, &wdm_device_list, device_list)
145 if (desc->intf->minor == minor)
146 break;
147 spin_unlock(&wdm_device_list_lock);
148
149 return desc;
150}
151
afba937e
ON		 152/* --- callbacks --- */
153static void wdm_out_callback(struct urb *urb)
154{
155 struct wdm_device *desc;
156 desc = urb->context;
157 spin_lock(&desc->iuspin);
158 desc->werr = urb->status;
159 spin_unlock(&desc->iuspin);
160 clear_bit(WDM_IN_USE, &desc->flags);
161 kfree(desc->outbuf);
162 wake_up(&desc->wait);
163}
164
165static void wdm_in_callback(struct urb *urb)
166{
167 struct wdm_device *desc = urb->context;
168 int status = urb->status;
169
170 spin_lock(&desc->iuspin);
922a5ead 171 clear_bit(WDM_RESPONDING, &desc->flags);
afba937e
ON		 172
173 if (status) {
174 switch (status) {
175 case -ENOENT:
176 dev_dbg(&desc->intf->dev,
177 "nonzero urb status received: -ENOENT");
922a5ead 178 goto skip_error;
afba937e
ON		 179 case -ECONNRESET:
180 dev_dbg(&desc->intf->dev,
181 "nonzero urb status received: -ECONNRESET");
922a5ead 182 goto skip_error;
afba937e
ON		 183 case -ESHUTDOWN:
184 dev_dbg(&desc->intf->dev,
185 "nonzero urb status received: -ESHUTDOWN");
922a5ead 186 goto skip_error;
afba937e 187 case -EPIPE:
9908a32e
GKH		 188 dev_err(&desc->intf->dev,
189 "nonzero urb status received: -EPIPE\n");
afba937e
ON		 190 break;
191 default:
9908a32e
GKH		 192 dev_err(&desc->intf->dev,
193 "Unexpected error %d\n", status);
afba937e
ON		 194 break;
195 }
196 }
197
198 desc->rerr = status;
199 desc->reslength = urb->actual_length;
200 memmove(desc->ubuf + desc->length, desc->inbuf, desc->reslength);
201 desc->length += desc->reslength;
922a5ead 202skip_error:
afba937e
ON		 203 wake_up(&desc->wait);
204
205 set_bit(WDM_READ, &desc->flags);
206 spin_unlock(&desc->iuspin);
207}
208
209static void wdm_int_callback(struct urb *urb)
210{
211 int rv = 0;
212 int status = urb->status;
213 struct wdm_device *desc;
afba937e
ON		 214 struct usb_cdc_notification *dr;
215
216 desc = urb->context;
afba937e
ON		 217 dr = (struct usb_cdc_notification *)desc->sbuf;
218
219 if (status) {
220 switch (status) {
221 case -ESHUTDOWN:
222 case -ENOENT:
223 case -ECONNRESET:
224 return; /* unplug */
225 case -EPIPE:
226 set_bit(WDM_INT_STALL, &desc->flags);
9908a32e 227 dev_err(&desc->intf->dev, "Stall on int endpoint\n");
afba937e
ON		 228 goto sw; /* halt is cleared in work */
229 default:
9908a32e
GKH		 230 dev_err(&desc->intf->dev,
231 "nonzero urb status received: %d\n", status);
afba937e
ON		 232 break;
233 }
234 }
235
236 if (urb->actual_length < sizeof(struct usb_cdc_notification)) {
9908a32e
GKH		 237 dev_err(&desc->intf->dev, "wdm_int_callback - %d bytes\n",
238 urb->actual_length);
afba937e
ON		 239 goto exit;
240 }
241
242 switch (dr->bNotificationType) {
243 case USB_CDC_NOTIFY_RESPONSE_AVAILABLE:
244 dev_dbg(&desc->intf->dev,
245 "NOTIFY_RESPONSE_AVAILABLE received: index %d len %d",
246 dr->wIndex, dr->wLength);
247 break;
248
249 case USB_CDC_NOTIFY_NETWORK_CONNECTION:
250
251 dev_dbg(&desc->intf->dev,
252 "NOTIFY_NETWORK_CONNECTION %s network",
253 dr->wValue ? "connected to" : "disconnected from");
254 goto exit;
255 default:
256 clear_bit(WDM_POLL_RUNNING, &desc->flags);
9908a32e
GKH		 257 dev_err(&desc->intf->dev,
258 "unknown notification %d received: index %d len %d\n",
afba937e
ON		 259 dr->bNotificationType, dr->wIndex, dr->wLength);
260 goto exit;
261 }
262
afba937e
ON		 263 spin_lock(&desc->iuspin);
264 clear_bit(WDM_READ, &desc->flags);
922a5ead 265 set_bit(WDM_RESPONDING, &desc->flags);
beb1d35f
ON		 266 if (!test_bit(WDM_DISCONNECTING, &desc->flags)
267 && !test_bit(WDM_SUSPENDING, &desc->flags)) {
afba937e
ON		 268 rv = usb_submit_urb(desc->response, GFP_ATOMIC);
269 dev_dbg(&desc->intf->dev, "%s: usb_submit_urb %d",
270 __func__, rv);
271 }
272 spin_unlock(&desc->iuspin);
273 if (rv < 0) {
922a5ead 274 clear_bit(WDM_RESPONDING, &desc->flags);
afba937e
ON		 275 if (rv == -EPERM)
276 return;
277 if (rv == -ENOMEM) {
278sw:
279 rv = schedule_work(&desc->rxwork);
280 if (rv)
9908a32e
GKH		 281 dev_err(&desc->intf->dev,
282 "Cannot schedule work\n");
afba937e
ON		 283 }
284 }
285exit:
286 rv = usb_submit_urb(urb, GFP_ATOMIC);
287 if (rv)
9908a32e
GKH		 288 dev_err(&desc->intf->dev,
289 "%s - usb_submit_urb failed with result %d\n",
290 __func__, rv);
afba937e
ON		 291
292}
293
294static void kill_urbs(struct wdm_device *desc)
295{
17d80d56 296 /* the order here is essential */
afba937e
ON		 297 usb_kill_urb(desc->command);
298 usb_kill_urb(desc->validity);
299 usb_kill_urb(desc->response);
300}
301
302static void free_urbs(struct wdm_device *desc)
303{
304 usb_free_urb(desc->validity);
305 usb_free_urb(desc->response);
306 usb_free_urb(desc->command);
307}
308
309static void cleanup(struct wdm_device *desc)
310{
b0c13860
BM		 311 spin_lock(&wdm_device_list_lock);
312 list_del(&desc->device_list);
313 spin_unlock(&wdm_device_list_lock);
8457d99c
BM		 314 kfree(desc->sbuf);
315 kfree(desc->inbuf);
afba937e
ON		 316 kfree(desc->orq);
317 kfree(desc->irq);
318 kfree(desc->ubuf);
319 free_urbs(desc);
320 kfree(desc);
321}
322
323static ssize_t wdm_write
324(struct file *file, const char __user *buffer, size_t count, loff_t *ppos)
325{
326 u8 *buf;
327 int rv = -EMSGSIZE, r, we;
328 struct wdm_device *desc = file->private_data;
329 struct usb_ctrlrequest *req;
330
331 if (count > desc->wMaxCommand)
332 count = desc->wMaxCommand;
333
334 spin_lock_irq(&desc->iuspin);
335 we = desc->werr;
336 desc->werr = 0;
337 spin_unlock_irq(&desc->iuspin);
338 if (we < 0)
339 return -EIO;
340
860e41a7
ON		 341 desc->outbuf = buf = kmalloc(count, GFP_KERNEL);
342 if (!buf) {
343 rv = -ENOMEM;
344 goto outnl;
345 }
346
347 r = copy_from_user(buf, buffer, count);
348 if (r > 0) {
349 kfree(buf);
350 rv = -EFAULT;
351 goto outnl;
352 }
353
354 /* concurrent writes and disconnect */
e8537bd2 355 r = mutex_lock_interruptible(&desc->wlock);
afba937e 356 rv = -ERESTARTSYS;
860e41a7
ON		 357 if (r) {
358 kfree(buf);
afba937e 359 goto outnl;
860e41a7
ON		 360 }
361
362 if (test_bit(WDM_DISCONNECTING, &desc->flags)) {
363 kfree(buf);
364 rv = -ENODEV;
365 goto outnp;
366 }
afba937e 367
17d80d56 368 r = usb_autopm_get_interface(desc->intf);
860e41a7
ON		 369 if (r < 0) {
370 kfree(buf);
17d80d56 371 goto outnp;
860e41a7 372 }
7f1dc313 373
0cdfb819 374 if (!(file->f_flags & O_NONBLOCK))
7f1dc313
ON		 375 r = wait_event_interruptible(desc->wait, !test_bit(WDM_IN_USE,
376 &desc->flags));
377 else
378 if (test_bit(WDM_IN_USE, &desc->flags))
379 r = -EAGAIN;
88044202
BM		 380
381 if (test_bit(WDM_RESETTING, &desc->flags))
382 r = -EIO;
383
860e41a7 384 if (r < 0) {
afba937e 385 kfree(buf);
afba937e
ON		 386 goto out;
387 }
388
389 req = desc->orq;
390 usb_fill_control_urb(
391 desc->command,
392 interface_to_usbdev(desc->intf),
393 /* using common endpoint 0 */
394 usb_sndctrlpipe(interface_to_usbdev(desc->intf), 0),
395 (unsigned char *)req,
396 buf,
397 count,
398 wdm_out_callback,
399 desc
400 );
401
402 req->bRequestType = (USB_DIR_OUT | USB_TYPE_CLASS |
403 USB_RECIP_INTERFACE);
404 req->bRequest = USB_CDC_SEND_ENCAPSULATED_COMMAND;
405 req->wValue = 0;
406 req->wIndex = desc->inum;
407 req->wLength = cpu_to_le16(count);
408 set_bit(WDM_IN_USE, &desc->flags);
409
410 rv = usb_submit_urb(desc->command, GFP_KERNEL);
411 if (rv < 0) {
412 kfree(buf);
413 clear_bit(WDM_IN_USE, &desc->flags);
9908a32e 414 dev_err(&desc->intf->dev, "Tx URB error: %d\n", rv);
afba937e
ON		 415 } else {
416 dev_dbg(&desc->intf->dev, "Tx URB has been submitted index=%d",
417 req->wIndex);
418 }
419out:
17d80d56
ON		 420 usb_autopm_put_interface(desc->intf);
421outnp:
e8537bd2 422 mutex_unlock(&desc->wlock);
afba937e
ON		 423outnl:
424 return rv < 0 ? rv : count;
425}
426
427static ssize_t wdm_read
428(struct file *file, char __user *buffer, size_t count, loff_t *ppos)
429{
711c68b3 430 int rv, cntr;
afba937e
ON		 431 int i = 0;
432 struct wdm_device *desc = file->private_data;
433
434
e8537bd2 435 rv = mutex_lock_interruptible(&desc->rlock); /*concurrent reads */
afba937e
ON		 436 if (rv < 0)
437 return -ERESTARTSYS;
438
711c68b3
BH		 439 cntr = ACCESS_ONCE(desc->length);
440 if (cntr == 0) {
afba937e
ON		 441 desc->read = 0;
442retry:
7f1dc313
ON		 443 if (test_bit(WDM_DISCONNECTING, &desc->flags)) {
444 rv = -ENODEV;
445 goto err;
446 }
afba937e 447 i++;
7f1dc313
ON		 448 if (file->f_flags & O_NONBLOCK) {
449 if (!test_bit(WDM_READ, &desc->flags)) {
450 rv = cntr ? cntr : -EAGAIN;
451 goto err;
452 }
453 rv = 0;
454 } else {
455 rv = wait_event_interruptible(desc->wait,
456 test_bit(WDM_READ, &desc->flags));
457 }
afba937e 458
7f1dc313 459 /* may have happened while we slept */
17d80d56
ON		 460 if (test_bit(WDM_DISCONNECTING, &desc->flags)) {
461 rv = -ENODEV;
462 goto err;
463 }
88044202
BM		 464 if (test_bit(WDM_RESETTING, &desc->flags)) {
465 rv = -EIO;
466 goto err;
467 }
17d80d56 468 usb_mark_last_busy(interface_to_usbdev(desc->intf));
afba937e
ON		 469 if (rv < 0) {
470 rv = -ERESTARTSYS;
471 goto err;
472 }
473
474 spin_lock_irq(&desc->iuspin);
475
476 if (desc->rerr) { /* read completed, error happened */
afba937e
ON		 477 desc->rerr = 0;
478 spin_unlock_irq(&desc->iuspin);
afba937e
ON		 479 rv = -EIO;
480 goto err;
481 }
482 /*
483 * recheck whether we've lost the race
484 * against the completion handler
485 */
486 if (!test_bit(WDM_READ, &desc->flags)) { /* lost race */
487 spin_unlock_irq(&desc->iuspin);
488 goto retry;
489 }
490 if (!desc->reslength) { /* zero length read */
491 spin_unlock_irq(&desc->iuspin);
492 goto retry;
493 }
711c68b3 494 cntr = desc->length;
afba937e
ON		 495 spin_unlock_irq(&desc->iuspin);
496 }
497
711c68b3
BH		 498 if (cntr > count)
499 cntr = count;
afba937e
ON		 500 rv = copy_to_user(buffer, desc->ubuf, cntr);
501 if (rv > 0) {
502 rv = -EFAULT;
503 goto err;
504 }
505
711c68b3
BH		 506 spin_lock_irq(&desc->iuspin);
507
afba937e
ON		 508 for (i = 0; i < desc->length - cntr; i++)
509 desc->ubuf[i] = desc->ubuf[i + cntr];
510
511 desc->length -= cntr;
87d65e54
ON		 512 /* in case we had outstanding data */
513 if (!desc->length)
514 clear_bit(WDM_READ, &desc->flags);
711c68b3
BH		 515
516 spin_unlock_irq(&desc->iuspin);
517
afba937e
ON		 518 rv = cntr;
519
520err:
e8537bd2 521 mutex_unlock(&desc->rlock);
afba937e
ON		 522 return rv;
523}
524
525static int wdm_flush(struct file *file, fl_owner_t id)
526{
527 struct wdm_device *desc = file->private_data;
528
529 wait_event(desc->wait, !test_bit(WDM_IN_USE, &desc->flags));
530 if (desc->werr < 0)
9908a32e
GKH		 531 dev_err(&desc->intf->dev, "Error in flush path: %d\n",
532 desc->werr);
afba937e 533
24a85bae 534 return usb_translate_errors(desc->werr);
afba937e
ON		 535}
536
537static unsigned int wdm_poll(struct file *file, struct poll_table_struct *wait)
538{
539 struct wdm_device *desc = file->private_data;
540 unsigned long flags;
541 unsigned int mask = 0;
542
543 spin_lock_irqsave(&desc->iuspin, flags);
544 if (test_bit(WDM_DISCONNECTING, &desc->flags)) {
545 mask = POLLERR;
546 spin_unlock_irqrestore(&desc->iuspin, flags);
547 goto desc_out;
548 }
549 if (test_bit(WDM_READ, &desc->flags))
550 mask = POLLIN | POLLRDNORM;
551 if (desc->rerr || desc->werr)
552 mask |= POLLERR;
553 if (!test_bit(WDM_IN_USE, &desc->flags))
554 mask |= POLLOUT | POLLWRNORM;
555 spin_unlock_irqrestore(&desc->iuspin, flags);
556
557 poll_wait(file, &desc->wait, wait);
558
559desc_out:
560 return mask;
561}
562
563static int wdm_open(struct inode *inode, struct file *file)
564{
565 int minor = iminor(inode);
566 int rv = -ENODEV;
567 struct usb_interface *intf;
568 struct wdm_device *desc;
569
570 mutex_lock(&wdm_mutex);
b0c13860
BM		 571 desc = wdm_find_device_by_minor(minor);
572 if (!desc)
afba937e
ON		 573 goto out;
574
b0c13860 575 intf = desc->intf;
afba937e
ON		 576 if (test_bit(WDM_DISCONNECTING, &desc->flags))
577 goto out;
afba937e
ON		 578 file->private_data = desc;
579
17d80d56 580 rv = usb_autopm_get_interface(desc->intf);
afba937e 581 if (rv < 0) {
9908a32e 582 dev_err(&desc->intf->dev, "Error autopm - %d\n", rv);
afba937e
ON		 583 goto out;
584 }
afba937e 585
e8537bd2
BM		 586 /* using write lock to protect desc->count */
587 mutex_lock(&desc->wlock);
17d80d56 588 if (!desc->count++) {
d771d8aa
ON		 589 desc->werr = 0;
590 desc->rerr = 0;
17d80d56
ON		 591 rv = usb_submit_urb(desc->validity, GFP_KERNEL);
592 if (rv < 0) {
593 desc->count--;
9908a32e
GKH		 594 dev_err(&desc->intf->dev,
595 "Error submitting int urb - %d\n", rv);
17d80d56
ON		 596 }
597 } else {
598 rv = 0;
599 }
e8537bd2 600 mutex_unlock(&desc->wlock);
3cc36157
BM		 601 if (desc->count == 1)
602 desc->manage_power(intf, 1);
17d80d56 603 usb_autopm_put_interface(desc->intf);
afba937e
ON		 604out:
605 mutex_unlock(&wdm_mutex);
606 return rv;
607}
608
609static int wdm_release(struct inode *inode, struct file *file)
610{
611 struct wdm_device *desc = file->private_data;
612
613 mutex_lock(&wdm_mutex);
e8537bd2
BM		 614
615 /* using write lock to protect desc->count */
616 mutex_lock(&desc->wlock);
afba937e 617 desc->count--;
e8537bd2 618 mutex_unlock(&desc->wlock);
17d80d56 619
afba937e
ON		 620 if (!desc->count) {
621 dev_dbg(&desc->intf->dev, "wdm_release: cleanup");
622 kill_urbs(desc);
17d80d56 623 if (!test_bit(WDM_DISCONNECTING, &desc->flags))
3cc36157 624 desc->manage_power(desc->intf, 0);
afba937e
ON		 625 }
626 mutex_unlock(&wdm_mutex);
627 return 0;
628}
629
630static const struct file_operations wdm_fops = {
631 .owner = THIS_MODULE,
632 .read = wdm_read,
633 .write = wdm_write,
634 .open = wdm_open,
635 .flush = wdm_flush,
636 .release = wdm_release,
6038f373
AB		 637 .poll = wdm_poll,
638 .llseek = noop_llseek,
afba937e
ON		 639};
640
641static struct usb_class_driver wdm_class = {
642 .name = "cdc-wdm%d",
643 .fops = &wdm_fops,
644 .minor_base = WDM_MINOR_BASE,
645};
646
647/* --- error handling --- */
648static void wdm_rxwork(struct work_struct *work)
649{
650 struct wdm_device *desc = container_of(work, struct wdm_device, rxwork);
651 unsigned long flags;
652 int rv;
653
654 spin_lock_irqsave(&desc->iuspin, flags);
655 if (test_bit(WDM_DISCONNECTING, &desc->flags)) {
656 spin_unlock_irqrestore(&desc->iuspin, flags);
657 } else {
658 spin_unlock_irqrestore(&desc->iuspin, flags);
659 rv = usb_submit_urb(desc->response, GFP_KERNEL);
660 if (rv < 0 && rv != -EPERM) {
661 spin_lock_irqsave(&desc->iuspin, flags);
662 if (!test_bit(WDM_DISCONNECTING, &desc->flags))
663 schedule_work(&desc->rxwork);
664 spin_unlock_irqrestore(&desc->iuspin, flags);
665 }
666 }
667}
668
669/* --- hotplug --- */
670
3cc36157
BM		 671static int wdm_create(struct usb_interface *intf, struct usb_endpoint_descriptor *ep,
672 u16 bufsize, int (*manage_power)(struct usb_interface *, int))
afba937e 673{
0dffb486 674 int rv = -ENOMEM;
afba937e 675 struct wdm_device *desc;
afba937e 676
afba937e
ON		 677 desc = kzalloc(sizeof(struct wdm_device), GFP_KERNEL);
678 if (!desc)
679 goto out;
b0c13860 680 INIT_LIST_HEAD(&desc->device_list);
e8537bd2
BM		 681 mutex_init(&desc->rlock);
682 mutex_init(&desc->wlock);
afba937e
ON		 683 spin_lock_init(&desc->iuspin);
684 init_waitqueue_head(&desc->wait);
0dffb486 685 desc->wMaxCommand = bufsize;
052fbc0d 686 /* this will be expanded and needed in hardware endianness */
afba937e
ON		 687 desc->inum = cpu_to_le16((u16)intf->cur_altsetting->desc.bInterfaceNumber);
688 desc->intf = intf;
689 INIT_WORK(&desc->rxwork, wdm_rxwork);
690
052fbc0d 691 rv = -EINVAL;
0dffb486 692 if (!usb_endpoint_is_int_in(ep))
afba937e 693 goto err;
afba937e 694
29cc8897 695 desc->wMaxPacketSize = usb_endpoint_maxp(ep);
afba937e
ON		 696
697 desc->orq = kmalloc(sizeof(struct usb_ctrlrequest), GFP_KERNEL);
698 if (!desc->orq)
699 goto err;
700 desc->irq = kmalloc(sizeof(struct usb_ctrlrequest), GFP_KERNEL);
701 if (!desc->irq)
702 goto err;
703
704 desc->validity = usb_alloc_urb(0, GFP_KERNEL);
705 if (!desc->validity)
706 goto err;
707
708 desc->response = usb_alloc_urb(0, GFP_KERNEL);
709 if (!desc->response)
710 goto err;
711
712 desc->command = usb_alloc_urb(0, GFP_KERNEL);
713 if (!desc->command)
714 goto err;
715
716 desc->ubuf = kmalloc(desc->wMaxCommand, GFP_KERNEL);
717 if (!desc->ubuf)
718 goto err;
719
8457d99c 720 desc->sbuf = kmalloc(desc->wMaxPacketSize, GFP_KERNEL);
afba937e
ON		 721 if (!desc->sbuf)
722 goto err;
723
8457d99c 724 desc->inbuf = kmalloc(desc->wMaxCommand, GFP_KERNEL);
afba937e 725 if (!desc->inbuf)
8457d99c 726 goto err;
afba937e
ON		 727
728 usb_fill_int_urb(
729 desc->validity,
730 interface_to_usbdev(intf),
731 usb_rcvintpipe(interface_to_usbdev(intf), ep->bEndpointAddress),
732 desc->sbuf,
733 desc->wMaxPacketSize,
734 wdm_int_callback,
735 desc,
736 ep->bInterval
737 );
afba937e 738
19b85b3b
BM		 739 desc->irq->bRequestType = (USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_INTERFACE);
740 desc->irq->bRequest = USB_CDC_GET_ENCAPSULATED_RESPONSE;
741 desc->irq->wValue = 0;
742 desc->irq->wIndex = desc->inum;
743 desc->irq->wLength = cpu_to_le16(desc->wMaxCommand);
744
745 usb_fill_control_urb(
746 desc->response,
8143a896 747 interface_to_usbdev(intf),
19b85b3b
BM		 748 /* using common endpoint 0 */
749 usb_rcvctrlpipe(interface_to_usbdev(desc->intf), 0),
750 (unsigned char *)desc->irq,
751 desc->inbuf,
752 desc->wMaxCommand,
753 wdm_in_callback,
754 desc
755 );
19b85b3b 756
3cc36157
BM		 757 desc->manage_power = manage_power;
758
b0c13860
BM		 759 spin_lock(&wdm_device_list_lock);
760 list_add(&desc->device_list, &wdm_device_list);
761 spin_unlock(&wdm_device_list_lock);
762
afba937e 763 rv = usb_register_dev(intf, &wdm_class);
afba937e 764 if (rv < 0)
b0c13860 765 goto err;
052fbc0d 766 else
820c629a 767 dev_info(&intf->dev, "%s: USB WDM device\n", dev_name(intf->usb_dev));
afba937e
ON		 768out:
769 return rv;
afba937e 770err:
0dffb486
BM		 771 cleanup(desc);
772 return rv;
773}
774
3cc36157
BM		 775static int wdm_manage_power(struct usb_interface *intf, int on)
776{
777 /* need autopm_get/put here to ensure the usbcore sees the new value */
778 int rv = usb_autopm_get_interface(intf);
779 if (rv < 0)
780 goto err;
781
782 intf->needs_remote_wakeup = on;
783 usb_autopm_put_interface(intf);
784err:
785 return rv;
786}
787
0dffb486
BM		 788static int wdm_probe(struct usb_interface *intf, const struct usb_device_id *id)
789{
790 int rv = -EINVAL;
791 struct usb_host_interface *iface;
792 struct usb_endpoint_descriptor *ep;
793 struct usb_cdc_dmm_desc *dmhd;
794 u8 *buffer = intf->altsetting->extra;
795 int buflen = intf->altsetting->extralen;
796 u16 maxcom = WDM_DEFAULT_BUFSIZE;
797
798 if (!buffer)
799 goto err;
800 while (buflen > 2) {
801 if (buffer[1] != USB_DT_CS_INTERFACE) {
802 dev_err(&intf->dev, "skipping garbage\n");
803 goto next_desc;
804 }
805
806 switch (buffer[2]) {
807 case USB_CDC_HEADER_TYPE:
808 break;
809 case USB_CDC_DMM_TYPE:
810 dmhd = (struct usb_cdc_dmm_desc *)buffer;
811 maxcom = le16_to_cpu(dmhd->wMaxCommand);
812 dev_dbg(&intf->dev,
813 "Finding maximum buffer length: %d", maxcom);
814 break;
815 default:
816 dev_err(&intf->dev,
817 "Ignoring extra header, type %d, length %d\n",
818 buffer[2], buffer[0]);
819 break;
820 }
821next_desc:
822 buflen -= buffer[0];
823 buffer += buffer[0];
824 }
825
826 iface = intf->cur_altsetting;
827 if (iface->desc.bNumEndpoints != 1)
828 goto err;
829 ep = &iface->endpoint[0].desc;
830
3cc36157 831 rv = wdm_create(intf, ep, maxcom, &wdm_manage_power);
0dffb486
BM		 832
833err:
afba937e
ON		 834 return rv;
835}
836
3cc36157
BM		 837/**
838 * usb_cdc_wdm_register - register a WDM subdriver
839 * @intf: usb interface the subdriver will associate with
840 * @ep: interrupt endpoint to monitor for notifications
841 * @bufsize: maximum message size to support for read/write
842 *
843 * Create WDM usb class character device and associate it with intf
844 * without binding, allowing another driver to manage the interface.
845 *
846 * The subdriver will manage the given interrupt endpoint exclusively
847 * and will issue control requests referring to the given intf. It
848 * will otherwise avoid interferring, and in particular not do
849 * usb_set_intfdata/usb_get_intfdata on intf.
850 *
851 * The return value is a pointer to the subdriver's struct usb_driver.
852 * The registering driver is responsible for calling this subdriver's
853 * disconnect, suspend, resume, pre_reset and post_reset methods from
854 * its own.
855 */
856struct usb_driver *usb_cdc_wdm_register(struct usb_interface *intf,
857 struct usb_endpoint_descriptor *ep,
858 int bufsize,
859 int (*manage_power)(struct usb_interface *, int))
860{
861 int rv = -EINVAL;
862
863 rv = wdm_create(intf, ep, bufsize, manage_power);
864 if (rv < 0)
865 goto err;
866
867 return &wdm_driver;
868err:
869 return ERR_PTR(rv);
870}
871EXPORT_SYMBOL(usb_cdc_wdm_register);
872
afba937e
ON		 873static void wdm_disconnect(struct usb_interface *intf)
874{
875 struct wdm_device *desc;
876 unsigned long flags;
877
878 usb_deregister_dev(intf, &wdm_class);
b0c13860 879 desc = wdm_find_device(intf);
afba937e 880 mutex_lock(&wdm_mutex);
afba937e
ON		 881
882 /* the spinlock makes sure no new urbs are generated in the callbacks */
883 spin_lock_irqsave(&desc->iuspin, flags);
884 set_bit(WDM_DISCONNECTING, &desc->flags);
885 set_bit(WDM_READ, &desc->flags);
17d80d56 886 /* to terminate pending flushes */
afba937e
ON		 887 clear_bit(WDM_IN_USE, &desc->flags);
888 spin_unlock_irqrestore(&desc->iuspin, flags);
62aaf24d 889 wake_up_all(&desc->wait);
e8537bd2
BM		 890 mutex_lock(&desc->rlock);
891 mutex_lock(&desc->wlock);
afba937e 892 kill_urbs(desc);
d93d16e9 893 cancel_work_sync(&desc->rxwork);
e8537bd2
BM		 894 mutex_unlock(&desc->wlock);
895 mutex_unlock(&desc->rlock);
afba937e
ON		 896 if (!desc->count)
897 cleanup(desc);
898 mutex_unlock(&wdm_mutex);
899}
900
d93d16e9 901#ifdef CONFIG_PM
17d80d56
ON		 902static int wdm_suspend(struct usb_interface *intf, pm_message_t message)
903{
b0c13860 904 struct wdm_device *desc = wdm_find_device(intf);
17d80d56
ON		 905 int rv = 0;
906
907 dev_dbg(&desc->intf->dev, "wdm%d_suspend\n", intf->minor);
908
d93d16e9 909 /* if this is an autosuspend the caller does the locking */
e8537bd2
BM		 910 if (!PMSG_IS_AUTO(message)) {
911 mutex_lock(&desc->rlock);
912 mutex_lock(&desc->wlock);
913 }
62e66854 914 spin_lock_irq(&desc->iuspin);
d93d16e9 915
5b1b0b81 916 if (PMSG_IS_AUTO(message) &&
922a5ead
ON		 917 (test_bit(WDM_IN_USE, &desc->flags)
918 || test_bit(WDM_RESPONDING, &desc->flags))) {
62e66854 919 spin_unlock_irq(&desc->iuspin);
17d80d56
ON		 920 rv = -EBUSY;
921 } else {
d93d16e9 922
beb1d35f 923 set_bit(WDM_SUSPENDING, &desc->flags);
62e66854 924 spin_unlock_irq(&desc->iuspin);
d93d16e9 925 /* callback submits work - order is essential */
17d80d56 926 kill_urbs(desc);
d93d16e9 927 cancel_work_sync(&desc->rxwork);
17d80d56 928 }
e8537bd2
BM		 929 if (!PMSG_IS_AUTO(message)) {
930 mutex_unlock(&desc->wlock);
931 mutex_unlock(&desc->rlock);
932 }
17d80d56
ON		 933
934 return rv;
935}
d93d16e9 936#endif
17d80d56
ON		 937
938static int recover_from_urb_loss(struct wdm_device *desc)
939{
940 int rv = 0;
941
942 if (desc->count) {
943 rv = usb_submit_urb(desc->validity, GFP_NOIO);
944 if (rv < 0)
9908a32e
GKH		 945 dev_err(&desc->intf->dev,
946 "Error resume submitting int urb - %d\n", rv);
17d80d56
ON		 947 }
948 return rv;
949}
d93d16e9
ON		 950
951#ifdef CONFIG_PM
17d80d56
ON		 952static int wdm_resume(struct usb_interface *intf)
953{
b0c13860 954 struct wdm_device *desc = wdm_find_device(intf);
17d80d56
ON		 955 int rv;
956
957 dev_dbg(&desc->intf->dev, "wdm%d_resume\n", intf->minor);
338124c1 958
beb1d35f 959 clear_bit(WDM_SUSPENDING, &desc->flags);
62e66854 960 rv = recover_from_urb_loss(desc);
338124c1 961
17d80d56
ON		 962 return rv;
963}
d93d16e9 964#endif
17d80d56
ON		 965
966static int wdm_pre_reset(struct usb_interface *intf)
967{
b0c13860 968 struct wdm_device *desc = wdm_find_device(intf);
17d80d56 969
d771d8aa
ON		 970 /*
971 * we notify everybody using poll of
972 * an exceptional situation
973 * must be done before recovery lest a spontaneous
974 * message from the device is lost
975 */
976 spin_lock_irq(&desc->iuspin);
88044202
BM		 977 set_bit(WDM_RESETTING, &desc->flags); /* inform read/write */
978 set_bit(WDM_READ, &desc->flags); /* unblock read */
979 clear_bit(WDM_IN_USE, &desc->flags); /* unblock write */
d771d8aa
ON		 980 desc->rerr = -EINTR;
981 spin_unlock_irq(&desc->iuspin);
982 wake_up_all(&desc->wait);
88044202
BM		 983 mutex_lock(&desc->rlock);
984 mutex_lock(&desc->wlock);
985 kill_urbs(desc);
986 cancel_work_sync(&desc->rxwork);
17d80d56
ON		 987 return 0;
988}
989
990static int wdm_post_reset(struct usb_interface *intf)
991{
b0c13860 992 struct wdm_device *desc = wdm_find_device(intf);
17d80d56
ON		 993 int rv;
994
88044202 995 clear_bit(WDM_RESETTING, &desc->flags);
17d80d56 996 rv = recover_from_urb_loss(desc);
e8537bd2
BM		 997 mutex_unlock(&desc->wlock);
998 mutex_unlock(&desc->rlock);
17d80d56
ON		 999 return 0;
1000}
1001
afba937e
ON		 1002static struct usb_driver wdm_driver = {
1003 .name = "cdc_wdm",
1004 .probe = wdm_probe,
1005 .disconnect = wdm_disconnect,
d93d16e9 1006#ifdef CONFIG_PM
17d80d56
ON		 1007 .suspend = wdm_suspend,
1008 .resume = wdm_resume,
1009 .reset_resume = wdm_resume,
d93d16e9 1010#endif
17d80d56
ON		 1011 .pre_reset = wdm_pre_reset,
1012 .post_reset = wdm_post_reset,
afba937e 1013 .id_table = wdm_ids,
17d80d56 1014 .supports_autosuspend = 1,
afba937e
ON		 1015};
1016
65db4305 1017module_usb_driver(wdm_driver);
afba937e
ON		 1018
1019MODULE_AUTHOR(DRIVER_AUTHOR);
87d65e54 1020MODULE_DESCRIPTION(DRIVER_DESC);
afba937e 1021MODULE_LICENSE("GPL");
Ubuntu Artful kernel mirror