blob: e78a2c6af8d3b78ca8f2a656a25f22cea50b0ef4 [file] [log] [blame]
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001/*
Michal Nazarewicz5ab54cf2010-11-12 14:29:28 +01002 * f_fs.c -- user mode file system API for USB composite function controllers
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02003 *
4 * Copyright (C) 2010 Samsung Electronics
Michal Nazarewicz54b83602012-01-13 15:05:16 +01005 * Author: Michal Nazarewicz <mina86@mina86.com>
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02006 *
Michal Nazarewicz5ab54cf2010-11-12 14:29:28 +01007 * Based on inode.c (GadgetFS) which was:
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02008 * Copyright (C) 2003-2004 David Brownell
9 * Copyright (C) 2003 Agilent Technologies
10 *
11 * This program is free software; you can redistribute it and/or modify
12 * it under the terms of the GNU General Public License as published by
13 * the Free Software Foundation; either version 2 of the License, or
14 * (at your option) any later version.
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +020015 */
16
17
18/* #define DEBUG */
19/* #define VERBOSE_DEBUG */
20
21#include <linux/blkdev.h>
Randy Dunlapb0608692010-05-10 10:51:36 -070022#include <linux/pagemap.h>
Paul Gortmakerf940fcd2011-05-27 09:56:31 -040023#include <linux/export.h>
Koen Beel560f1182012-05-30 20:43:37 +020024#include <linux/hid.h>
Andrzej Pietrasiewicz5920cda2013-12-03 15:15:33 +010025#include <linux/module.h>
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +020026#include <asm/unaligned.h>
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +020027
28#include <linux/usb/composite.h>
29#include <linux/usb/functionfs.h>
30
Robert Baldyga2e4c7552014-02-10 10:42:44 +010031#include <linux/aio.h>
32#include <linux/mmu_context.h>
Robert Baldyga23de91e2014-02-10 10:42:43 +010033#include <linux/poll.h>
34
Andrzej Pietrasiewicze72c39c2013-12-03 15:15:31 +010035#include "u_fs.h"
Andrzej Pietrasiewicz74d48462014-05-08 14:06:21 +020036#include "u_f.h"
Andrzej Pietrasiewiczf0175ab2014-07-09 12:20:08 +020037#include "u_os_desc.h"
Andrzej Pietrasiewiczb6584992013-12-03 15:15:36 +010038#include "configfs.h"
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +020039
40#define FUNCTIONFS_MAGIC 0xa647361 /* Chosen by a honest dice roll ;) */
41
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +020042/* Reference counter handling */
43static void ffs_data_get(struct ffs_data *ffs);
44static void ffs_data_put(struct ffs_data *ffs);
45/* Creates new ffs_data object. */
46static struct ffs_data *__must_check ffs_data_new(void) __attribute__((malloc));
47
48/* Opened counter handling. */
49static void ffs_data_opened(struct ffs_data *ffs);
50static void ffs_data_closed(struct ffs_data *ffs);
51
Michal Nazarewicz5ab54cf2010-11-12 14:29:28 +010052/* Called with ffs->mutex held; take over ownership of data. */
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +020053static int __must_check
54__ffs_data_got_descs(struct ffs_data *ffs, char *data, size_t len);
55static int __must_check
56__ffs_data_got_strings(struct ffs_data *ffs, char *data, size_t len);
57
58
59/* The function structure ***************************************************/
60
61struct ffs_ep;
62
63struct ffs_function {
64 struct usb_configuration *conf;
65 struct usb_gadget *gadget;
66 struct ffs_data *ffs;
67
68 struct ffs_ep *eps;
69 u8 eps_revmap[16];
70 short *interfaces_nums;
71
72 struct usb_function function;
73};
74
75
76static struct ffs_function *ffs_func_from_usb(struct usb_function *f)
77{
78 return container_of(f, struct ffs_function, function);
79}
80
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +020081
Michal Nazarewicza7ecf052014-02-10 10:42:41 +010082static inline enum ffs_setup_state
83ffs_setup_state_clear_cancelled(struct ffs_data *ffs)
84{
85 return (enum ffs_setup_state)
86 cmpxchg(&ffs->setup_state, FFS_SETUP_CANCELLED, FFS_NO_SETUP);
87}
88
89
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +020090static void ffs_func_eps_disable(struct ffs_function *func);
91static int __must_check ffs_func_eps_enable(struct ffs_function *func);
92
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +020093static int ffs_func_bind(struct usb_configuration *,
94 struct usb_function *);
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +020095static int ffs_func_set_alt(struct usb_function *, unsigned, unsigned);
96static void ffs_func_disable(struct usb_function *);
97static int ffs_func_setup(struct usb_function *,
98 const struct usb_ctrlrequest *);
99static void ffs_func_suspend(struct usb_function *);
100static void ffs_func_resume(struct usb_function *);
101
102
103static int ffs_func_revmap_ep(struct ffs_function *func, u8 num);
104static int ffs_func_revmap_intf(struct ffs_function *func, u8 intf);
105
106
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +0200107/* The endpoints structures *************************************************/
108
109struct ffs_ep {
110 struct usb_ep *ep; /* P: ffs->eps_lock */
111 struct usb_request *req; /* P: epfile->mutex */
112
Manu Gautam8d4e8972014-02-28 16:50:22 +0530113 /* [0]: full speed, [1]: high speed, [2]: super speed */
114 struct usb_endpoint_descriptor *descs[3];
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +0200115
116 u8 num;
117
118 int status; /* P: epfile->mutex */
119};
120
121struct ffs_epfile {
122 /* Protects ep->ep and ep->req. */
123 struct mutex mutex;
124 wait_queue_head_t wait;
125
126 struct ffs_data *ffs;
127 struct ffs_ep *ep; /* P: ffs->eps_lock */
128
129 struct dentry *dentry;
130
131 char name[5];
132
133 unsigned char in; /* P: ffs->eps_lock */
134 unsigned char isoc; /* P: ffs->eps_lock */
135
136 unsigned char _pad;
137};
138
Robert Baldyga2e4c7552014-02-10 10:42:44 +0100139/* ffs_io_data structure ***************************************************/
140
141struct ffs_io_data {
142 bool aio;
143 bool read;
144
145 struct kiocb *kiocb;
146 const struct iovec *iovec;
147 unsigned long nr_segs;
148 char __user *buf;
149 size_t len;
150
151 struct mm_struct *mm;
152 struct work_struct work;
153
154 struct usb_ep *ep;
155 struct usb_request *req;
156};
157
Robert Baldyga6d5c1c72014-08-25 11:16:27 +0200158struct ffs_desc_helper {
159 struct ffs_data *ffs;
160 unsigned interfaces_count;
161 unsigned eps_count;
162};
163
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +0200164static int __must_check ffs_epfiles_create(struct ffs_data *ffs);
165static void ffs_epfiles_destroy(struct ffs_epfile *epfiles, unsigned count);
166
Al Viro1bb27ca2014-09-03 13:32:19 -0400167static struct dentry *
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +0200168ffs_sb_create_file(struct super_block *sb, const char *name, void *data,
Al Viro1bb27ca2014-09-03 13:32:19 -0400169 const struct file_operations *fops);
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +0200170
Andrzej Pietrasiewicz4b187fc2013-12-03 15:15:32 +0100171/* Devices management *******************************************************/
172
173DEFINE_MUTEX(ffs_lock);
Felipe Balbi0700faa2014-04-01 13:19:32 -0500174EXPORT_SYMBOL_GPL(ffs_lock);
Andrzej Pietrasiewicz4b187fc2013-12-03 15:15:32 +0100175
Andrzej Pietrasiewiczda13a772014-01-13 16:49:38 +0100176static struct ffs_dev *_ffs_find_dev(const char *name);
177static struct ffs_dev *_ffs_alloc_dev(void);
Andrzej Pietrasiewiczb6584992013-12-03 15:15:36 +0100178static int _ffs_name_dev(struct ffs_dev *dev, const char *name);
Andrzej Pietrasiewiczda13a772014-01-13 16:49:38 +0100179static void _ffs_free_dev(struct ffs_dev *dev);
Andrzej Pietrasiewicz4b187fc2013-12-03 15:15:32 +0100180static void *ffs_acquire_dev(const char *dev_name);
181static void ffs_release_dev(struct ffs_data *ffs_data);
182static int ffs_ready(struct ffs_data *ffs);
183static void ffs_closed(struct ffs_data *ffs);
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +0200184
185/* Misc helper functions ****************************************************/
186
187static int ffs_mutex_lock(struct mutex *mutex, unsigned nonblock)
188 __attribute__((warn_unused_result, nonnull));
Al Viro260ef312012-09-26 21:43:45 -0400189static char *ffs_prepare_buffer(const char __user *buf, size_t len)
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +0200190 __attribute__((warn_unused_result, nonnull));
191
192
193/* Control file aka ep0 *****************************************************/
194
195static void ffs_ep0_complete(struct usb_ep *ep, struct usb_request *req)
196{
197 struct ffs_data *ffs = req->context;
198
199 complete_all(&ffs->ep0req_completion);
200}
201
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +0200202static int __ffs_ep0_queue_wait(struct ffs_data *ffs, char *data, size_t len)
203{
204 struct usb_request *req = ffs->ep0req;
205 int ret;
206
207 req->zero = len < le16_to_cpu(ffs->ev.setup.wLength);
208
209 spin_unlock_irq(&ffs->ev.waitq.lock);
210
211 req->buf = data;
212 req->length = len;
213
Marek Szyprowskice1fd352011-01-28 13:55:36 +0100214 /*
215 * UDC layer requires to provide a buffer even for ZLP, but should
216 * not use it at all. Let's provide some poisoned pointer to catch
217 * possible bug in the driver.
218 */
219 if (req->buf == NULL)
220 req->buf = (void *)0xDEADBABE;
221
Wolfram Sang16735d02013-11-14 14:32:02 -0800222 reinit_completion(&ffs->ep0req_completion);
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +0200223
224 ret = usb_ep_queue(ffs->gadget->ep0, req, GFP_ATOMIC);
225 if (unlikely(ret < 0))
226 return ret;
227
228 ret = wait_for_completion_interruptible(&ffs->ep0req_completion);
229 if (unlikely(ret)) {
230 usb_ep_dequeue(ffs->gadget->ep0, req);
231 return -EINTR;
232 }
233
234 ffs->setup_state = FFS_NO_SETUP;
Robert Baldyga0a7b1f82014-02-10 10:42:42 +0100235 return req->status ? req->status : req->actual;
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +0200236}
237
238static int __ffs_ep0_stall(struct ffs_data *ffs)
239{
240 if (ffs->ev.can_stall) {
Michal Nazarewiczaa02f172010-11-17 17:09:47 +0100241 pr_vdebug("ep0 stall\n");
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +0200242 usb_ep_set_halt(ffs->gadget->ep0);
243 ffs->setup_state = FFS_NO_SETUP;
244 return -EL2HLT;
245 } else {
Michal Nazarewiczaa02f172010-11-17 17:09:47 +0100246 pr_debug("bogus ep0 stall!\n");
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +0200247 return -ESRCH;
248 }
249}
250
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +0200251static ssize_t ffs_ep0_write(struct file *file, const char __user *buf,
252 size_t len, loff_t *ptr)
253{
254 struct ffs_data *ffs = file->private_data;
255 ssize_t ret;
256 char *data;
257
258 ENTER();
259
260 /* Fast check if setup was canceled */
Michal Nazarewicza7ecf052014-02-10 10:42:41 +0100261 if (ffs_setup_state_clear_cancelled(ffs) == FFS_SETUP_CANCELLED)
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +0200262 return -EIDRM;
263
264 /* Acquire mutex */
265 ret = ffs_mutex_lock(&ffs->mutex, file->f_flags & O_NONBLOCK);
266 if (unlikely(ret < 0))
267 return ret;
268
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +0200269 /* Check state */
270 switch (ffs->state) {
271 case FFS_READ_DESCRIPTORS:
272 case FFS_READ_STRINGS:
273 /* Copy data */
274 if (unlikely(len < 16)) {
275 ret = -EINVAL;
276 break;
277 }
278
279 data = ffs_prepare_buffer(buf, len);
Tobias Klauser537baab2010-12-09 15:52:39 +0100280 if (IS_ERR(data)) {
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +0200281 ret = PTR_ERR(data);
282 break;
283 }
284
285 /* Handle data */
286 if (ffs->state == FFS_READ_DESCRIPTORS) {
Michal Nazarewiczaa02f172010-11-17 17:09:47 +0100287 pr_info("read descriptors\n");
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +0200288 ret = __ffs_data_got_descs(ffs, data, len);
289 if (unlikely(ret < 0))
290 break;
291
292 ffs->state = FFS_READ_STRINGS;
293 ret = len;
294 } else {
Michal Nazarewiczaa02f172010-11-17 17:09:47 +0100295 pr_info("read strings\n");
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +0200296 ret = __ffs_data_got_strings(ffs, data, len);
297 if (unlikely(ret < 0))
298 break;
299
300 ret = ffs_epfiles_create(ffs);
301 if (unlikely(ret)) {
302 ffs->state = FFS_CLOSING;
303 break;
304 }
305
306 ffs->state = FFS_ACTIVE;
307 mutex_unlock(&ffs->mutex);
308
Andrzej Pietrasiewicz4b187fc2013-12-03 15:15:32 +0100309 ret = ffs_ready(ffs);
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +0200310 if (unlikely(ret < 0)) {
311 ffs->state = FFS_CLOSING;
312 return ret;
313 }
314
315 set_bit(FFS_FL_CALL_CLOSED_CALLBACK, &ffs->flags);
316 return len;
317 }
318 break;
319
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +0200320 case FFS_ACTIVE:
321 data = NULL;
Michal Nazarewicz5ab54cf2010-11-12 14:29:28 +0100322 /*
323 * We're called from user space, we can use _irq
324 * rather then _irqsave
325 */
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +0200326 spin_lock_irq(&ffs->ev.waitq.lock);
Michal Nazarewicza7ecf052014-02-10 10:42:41 +0100327 switch (ffs_setup_state_clear_cancelled(ffs)) {
Michal Nazarewicze46318a2014-02-10 10:42:40 +0100328 case FFS_SETUP_CANCELLED:
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +0200329 ret = -EIDRM;
330 goto done_spin;
331
332 case FFS_NO_SETUP:
333 ret = -ESRCH;
334 goto done_spin;
335
336 case FFS_SETUP_PENDING:
337 break;
338 }
339
340 /* FFS_SETUP_PENDING */
341 if (!(ffs->ev.setup.bRequestType & USB_DIR_IN)) {
342 spin_unlock_irq(&ffs->ev.waitq.lock);
343 ret = __ffs_ep0_stall(ffs);
344 break;
345 }
346
347 /* FFS_SETUP_PENDING and not stall */
348 len = min(len, (size_t)le16_to_cpu(ffs->ev.setup.wLength));
349
350 spin_unlock_irq(&ffs->ev.waitq.lock);
351
352 data = ffs_prepare_buffer(buf, len);
Tobias Klauser537baab2010-12-09 15:52:39 +0100353 if (IS_ERR(data)) {
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +0200354 ret = PTR_ERR(data);
355 break;
356 }
357
358 spin_lock_irq(&ffs->ev.waitq.lock);
359
Michal Nazarewicz5ab54cf2010-11-12 14:29:28 +0100360 /*
361 * We are guaranteed to be still in FFS_ACTIVE state
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +0200362 * but the state of setup could have changed from
Michal Nazarewicze46318a2014-02-10 10:42:40 +0100363 * FFS_SETUP_PENDING to FFS_SETUP_CANCELLED so we need
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +0200364 * to check for that. If that happened we copied data
Michal Nazarewicz5ab54cf2010-11-12 14:29:28 +0100365 * from user space in vain but it's unlikely.
366 *
367 * For sure we are not in FFS_NO_SETUP since this is
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +0200368 * the only place FFS_SETUP_PENDING -> FFS_NO_SETUP
369 * transition can be performed and it's protected by
Michal Nazarewicz5ab54cf2010-11-12 14:29:28 +0100370 * mutex.
371 */
Michal Nazarewicza7ecf052014-02-10 10:42:41 +0100372 if (ffs_setup_state_clear_cancelled(ffs) ==
373 FFS_SETUP_CANCELLED) {
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +0200374 ret = -EIDRM;
375done_spin:
376 spin_unlock_irq(&ffs->ev.waitq.lock);
377 } else {
378 /* unlocks spinlock */
379 ret = __ffs_ep0_queue_wait(ffs, data, len);
380 }
381 kfree(data);
382 break;
383
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +0200384 default:
385 ret = -EBADFD;
386 break;
387 }
388
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +0200389 mutex_unlock(&ffs->mutex);
390 return ret;
391}
392
Michal Nazarewicz67913bb2014-09-10 17:50:24 +0200393/* Called with ffs->ev.waitq.lock and ffs->mutex held, both released on exit. */
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +0200394static ssize_t __ffs_ep0_read_events(struct ffs_data *ffs, char __user *buf,
395 size_t n)
396{
Michal Nazarewicz5ab54cf2010-11-12 14:29:28 +0100397 /*
Michal Nazarewicz67913bb2014-09-10 17:50:24 +0200398 * n cannot be bigger than ffs->ev.count, which cannot be bigger than
399 * size of ffs->ev.types array (which is four) so that's how much space
400 * we reserve.
Michal Nazarewicz5ab54cf2010-11-12 14:29:28 +0100401 */
Michal Nazarewicz67913bb2014-09-10 17:50:24 +0200402 struct usb_functionfs_event events[ARRAY_SIZE(ffs->ev.types)];
403 const size_t size = n * sizeof *events;
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +0200404 unsigned i = 0;
405
Michal Nazarewicz67913bb2014-09-10 17:50:24 +0200406 memset(events, 0, size);
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +0200407
408 do {
409 events[i].type = ffs->ev.types[i];
410 if (events[i].type == FUNCTIONFS_SETUP) {
411 events[i].u.setup = ffs->ev.setup;
412 ffs->setup_state = FFS_SETUP_PENDING;
413 }
414 } while (++i < n);
415
Michal Nazarewicz67913bb2014-09-10 17:50:24 +0200416 ffs->ev.count -= n;
417 if (ffs->ev.count)
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +0200418 memmove(ffs->ev.types, ffs->ev.types + n,
419 ffs->ev.count * sizeof *ffs->ev.types);
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +0200420
421 spin_unlock_irq(&ffs->ev.waitq.lock);
422 mutex_unlock(&ffs->mutex);
423
Michal Nazarewicz67913bb2014-09-10 17:50:24 +0200424 return unlikely(__copy_to_user(buf, events, size)) ? -EFAULT : size;
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +0200425}
426
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +0200427static ssize_t ffs_ep0_read(struct file *file, char __user *buf,
428 size_t len, loff_t *ptr)
429{
430 struct ffs_data *ffs = file->private_data;
431 char *data = NULL;
432 size_t n;
433 int ret;
434
435 ENTER();
436
437 /* Fast check if setup was canceled */
Michal Nazarewicza7ecf052014-02-10 10:42:41 +0100438 if (ffs_setup_state_clear_cancelled(ffs) == FFS_SETUP_CANCELLED)
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +0200439 return -EIDRM;
440
441 /* Acquire mutex */
442 ret = ffs_mutex_lock(&ffs->mutex, file->f_flags & O_NONBLOCK);
443 if (unlikely(ret < 0))
444 return ret;
445
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +0200446 /* Check state */
447 if (ffs->state != FFS_ACTIVE) {
448 ret = -EBADFD;
449 goto done_mutex;
450 }
451
Michal Nazarewicz5ab54cf2010-11-12 14:29:28 +0100452 /*
453 * We're called from user space, we can use _irq rather then
454 * _irqsave
455 */
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +0200456 spin_lock_irq(&ffs->ev.waitq.lock);
457
Michal Nazarewicza7ecf052014-02-10 10:42:41 +0100458 switch (ffs_setup_state_clear_cancelled(ffs)) {
Michal Nazarewicze46318a2014-02-10 10:42:40 +0100459 case FFS_SETUP_CANCELLED:
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +0200460 ret = -EIDRM;
461 break;
462
463 case FFS_NO_SETUP:
464 n = len / sizeof(struct usb_functionfs_event);
465 if (unlikely(!n)) {
466 ret = -EINVAL;
467 break;
468 }
469
470 if ((file->f_flags & O_NONBLOCK) && !ffs->ev.count) {
471 ret = -EAGAIN;
472 break;
473 }
474
Michal Nazarewicz5ab54cf2010-11-12 14:29:28 +0100475 if (wait_event_interruptible_exclusive_locked_irq(ffs->ev.waitq,
476 ffs->ev.count)) {
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +0200477 ret = -EINTR;
478 break;
479 }
480
481 return __ffs_ep0_read_events(ffs, buf,
482 min(n, (size_t)ffs->ev.count));
483
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +0200484 case FFS_SETUP_PENDING:
485 if (ffs->ev.setup.bRequestType & USB_DIR_IN) {
486 spin_unlock_irq(&ffs->ev.waitq.lock);
487 ret = __ffs_ep0_stall(ffs);
488 goto done_mutex;
489 }
490
491 len = min(len, (size_t)le16_to_cpu(ffs->ev.setup.wLength));
492
493 spin_unlock_irq(&ffs->ev.waitq.lock);
494
495 if (likely(len)) {
496 data = kmalloc(len, GFP_KERNEL);
497 if (unlikely(!data)) {
498 ret = -ENOMEM;
499 goto done_mutex;
500 }
501 }
502
503 spin_lock_irq(&ffs->ev.waitq.lock);
504
505 /* See ffs_ep0_write() */
Michal Nazarewicza7ecf052014-02-10 10:42:41 +0100506 if (ffs_setup_state_clear_cancelled(ffs) ==
507 FFS_SETUP_CANCELLED) {
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +0200508 ret = -EIDRM;
509 break;
510 }
511
512 /* unlocks spinlock */
513 ret = __ffs_ep0_queue_wait(ffs, data, len);
514 if (likely(ret > 0) && unlikely(__copy_to_user(buf, data, len)))
515 ret = -EFAULT;
516 goto done_mutex;
517
518 default:
519 ret = -EBADFD;
520 break;
521 }
522
523 spin_unlock_irq(&ffs->ev.waitq.lock);
524done_mutex:
525 mutex_unlock(&ffs->mutex);
526 kfree(data);
527 return ret;
528}
529
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +0200530static int ffs_ep0_open(struct inode *inode, struct file *file)
531{
532 struct ffs_data *ffs = inode->i_private;
533
534 ENTER();
535
536 if (unlikely(ffs->state == FFS_CLOSING))
537 return -EBUSY;
538
539 file->private_data = ffs;
540 ffs_data_opened(ffs);
541
542 return 0;
543}
544
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +0200545static int ffs_ep0_release(struct inode *inode, struct file *file)
546{
547 struct ffs_data *ffs = file->private_data;
548
549 ENTER();
550
551 ffs_data_closed(ffs);
552
553 return 0;
554}
555
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +0200556static long ffs_ep0_ioctl(struct file *file, unsigned code, unsigned long value)
557{
558 struct ffs_data *ffs = file->private_data;
559 struct usb_gadget *gadget = ffs->gadget;
560 long ret;
561
562 ENTER();
563
564 if (code == FUNCTIONFS_INTERFACE_REVMAP) {
565 struct ffs_function *func = ffs->func;
566 ret = func ? ffs_func_revmap_intf(func, value) : -ENODEV;
Andrzej Pietrasiewicz92b0abf2012-03-28 09:30:50 +0200567 } else if (gadget && gadget->ops->ioctl) {
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +0200568 ret = gadget->ops->ioctl(gadget, code, value);
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +0200569 } else {
570 ret = -ENOTTY;
571 }
572
573 return ret;
574}
575
Robert Baldyga23de91e2014-02-10 10:42:43 +0100576static unsigned int ffs_ep0_poll(struct file *file, poll_table *wait)
577{
578 struct ffs_data *ffs = file->private_data;
579 unsigned int mask = POLLWRNORM;
580 int ret;
581
582 poll_wait(file, &ffs->ev.waitq, wait);
583
584 ret = ffs_mutex_lock(&ffs->mutex, file->f_flags & O_NONBLOCK);
585 if (unlikely(ret < 0))
586 return mask;
587
588 switch (ffs->state) {
589 case FFS_READ_DESCRIPTORS:
590 case FFS_READ_STRINGS:
591 mask |= POLLOUT;
592 break;
593
594 case FFS_ACTIVE:
595 switch (ffs->setup_state) {
596 case FFS_NO_SETUP:
597 if (ffs->ev.count)
598 mask |= POLLIN;
599 break;
600
601 case FFS_SETUP_PENDING:
602 case FFS_SETUP_CANCELLED:
603 mask |= (POLLIN | POLLOUT);
604 break;
605 }
606 case FFS_CLOSING:
607 break;
Robert Baldyga18d6b32f2014-12-18 09:55:10 +0100608 case FFS_DEACTIVATED:
609 break;
Robert Baldyga23de91e2014-02-10 10:42:43 +0100610 }
611
612 mutex_unlock(&ffs->mutex);
613
614 return mask;
615}
616
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +0200617static const struct file_operations ffs_ep0_operations = {
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +0200618 .llseek = no_llseek,
619
620 .open = ffs_ep0_open,
621 .write = ffs_ep0_write,
622 .read = ffs_ep0_read,
623 .release = ffs_ep0_release,
624 .unlocked_ioctl = ffs_ep0_ioctl,
Robert Baldyga23de91e2014-02-10 10:42:43 +0100625 .poll = ffs_ep0_poll,
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +0200626};
627
628
629/* "Normal" endpoints operations ********************************************/
630
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +0200631static void ffs_epfile_io_complete(struct usb_ep *_ep, struct usb_request *req)
632{
633 ENTER();
634 if (likely(req->context)) {
635 struct ffs_ep *ep = _ep->driver_data;
636 ep->status = req->status ? req->status : req->actual;
637 complete(req->context);
638 }
639}
640
Robert Baldyga2e4c7552014-02-10 10:42:44 +0100641static void ffs_user_copy_worker(struct work_struct *work)
642{
643 struct ffs_io_data *io_data = container_of(work, struct ffs_io_data,
644 work);
645 int ret = io_data->req->status ? io_data->req->status :
646 io_data->req->actual;
647
648 if (io_data->read && ret > 0) {
649 int i;
650 size_t pos = 0;
David Cohenc0d31b32014-10-13 11:15:54 -0700651
652 /*
653 * Since req->length may be bigger than io_data->len (after
654 * being rounded up to maxpacketsize), we may end up with more
655 * data then user space has space for.
656 */
657 ret = min_t(int, ret, io_data->len);
658
Robert Baldyga2e4c7552014-02-10 10:42:44 +0100659 use_mm(io_data->mm);
660 for (i = 0; i < io_data->nr_segs; i++) {
David Cohenc0d31b32014-10-13 11:15:54 -0700661 size_t len = min_t(size_t, ret - pos,
662 io_data->iovec[i].iov_len);
663 if (!len)
664 break;
Robert Baldyga2e4c7552014-02-10 10:42:44 +0100665 if (unlikely(copy_to_user(io_data->iovec[i].iov_base,
David Cohenc0d31b32014-10-13 11:15:54 -0700666 &io_data->buf[pos], len))) {
Robert Baldyga2e4c7552014-02-10 10:42:44 +0100667 ret = -EFAULT;
668 break;
669 }
David Cohenc0d31b32014-10-13 11:15:54 -0700670 pos += len;
Robert Baldyga2e4c7552014-02-10 10:42:44 +0100671 }
672 unuse_mm(io_data->mm);
673 }
674
675 aio_complete(io_data->kiocb, ret, ret);
676
677 usb_ep_free_request(io_data->ep, io_data->req);
678
679 io_data->kiocb->private = NULL;
680 if (io_data->read)
681 kfree(io_data->iovec);
682 kfree(io_data->buf);
683 kfree(io_data);
684}
685
686static void ffs_epfile_async_io_complete(struct usb_ep *_ep,
687 struct usb_request *req)
688{
689 struct ffs_io_data *io_data = req->context;
690
691 ENTER();
692
693 INIT_WORK(&io_data->work, ffs_user_copy_worker);
694 schedule_work(&io_data->work);
695}
696
697static ssize_t ffs_epfile_io(struct file *file, struct ffs_io_data *io_data)
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +0200698{
699 struct ffs_epfile *epfile = file->private_data;
700 struct ffs_ep *ep;
701 char *data = NULL;
David Cohenc0d31b32014-10-13 11:15:54 -0700702 ssize_t ret, data_len = -EINVAL;
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +0200703 int halt;
704
Michal Nazarewicz7fa68032013-12-09 15:55:36 -0800705 /* Are we still active? */
706 if (WARN_ON(epfile->ffs->state != FFS_ACTIVE)) {
707 ret = -ENODEV;
708 goto error;
709 }
710
711 /* Wait for endpoint to be enabled */
712 ep = epfile->ep;
713 if (!ep) {
714 if (file->f_flags & O_NONBLOCK) {
715 ret = -EAGAIN;
716 goto error;
717 }
718
719 ret = wait_event_interruptible(epfile->wait, (ep = epfile->ep));
720 if (ret) {
721 ret = -EINTR;
722 goto error;
723 }
724 }
725
726 /* Do we halt? */
Robert Baldyga2e4c7552014-02-10 10:42:44 +0100727 halt = (!io_data->read == !epfile->in);
Michal Nazarewicz7fa68032013-12-09 15:55:36 -0800728 if (halt && epfile->isoc) {
729 ret = -EINVAL;
730 goto error;
731 }
732
733 /* Allocate & copy */
734 if (!halt) {
Michal Nazarewicz219580e2013-12-09 15:55:37 -0800735 /*
Andrzej Pietrasiewiczf0f42202014-01-20 08:33:50 +0100736 * if we _do_ wait above, the epfile->ffs->gadget might be NULL
737 * before the waiting completes, so do not assign to 'gadget' earlier
738 */
739 struct usb_gadget *gadget = epfile->ffs->gadget;
740
Chao Bi97839ca2014-04-14 11:19:53 +0800741 spin_lock_irq(&epfile->ffs->eps_lock);
742 /* In the meantime, endpoint got disabled or changed. */
743 if (epfile->ep != ep) {
744 spin_unlock_irq(&epfile->ffs->eps_lock);
745 return -ESHUTDOWN;
746 }
Andrzej Pietrasiewiczf0f42202014-01-20 08:33:50 +0100747 /*
Michal Nazarewicz219580e2013-12-09 15:55:37 -0800748 * Controller may require buffer size to be aligned to
749 * maxpacketsize of an out endpoint.
750 */
Robert Baldyga2e4c7552014-02-10 10:42:44 +0100751 data_len = io_data->read ?
752 usb_ep_align_maybe(gadget, ep->ep, io_data->len) :
753 io_data->len;
Chao Bi97839ca2014-04-14 11:19:53 +0800754 spin_unlock_irq(&epfile->ffs->eps_lock);
Michal Nazarewicz219580e2013-12-09 15:55:37 -0800755
756 data = kmalloc(data_len, GFP_KERNEL);
Michal Nazarewicz7fa68032013-12-09 15:55:36 -0800757 if (unlikely(!data))
758 return -ENOMEM;
Robert Baldyga2e4c7552014-02-10 10:42:44 +0100759 if (io_data->aio && !io_data->read) {
760 int i;
761 size_t pos = 0;
762 for (i = 0; i < io_data->nr_segs; i++) {
763 if (unlikely(copy_from_user(&data[pos],
764 io_data->iovec[i].iov_base,
765 io_data->iovec[i].iov_len))) {
766 ret = -EFAULT;
767 goto error;
768 }
769 pos += io_data->iovec[i].iov_len;
770 }
771 } else {
772 if (!io_data->read &&
773 unlikely(__copy_from_user(data, io_data->buf,
774 io_data->len))) {
775 ret = -EFAULT;
776 goto error;
777 }
Michal Nazarewicz7fa68032013-12-09 15:55:36 -0800778 }
779 }
780
781 /* We will be using request */
782 ret = ffs_mutex_lock(&epfile->mutex, file->f_flags & O_NONBLOCK);
783 if (unlikely(ret))
784 goto error;
785
786 spin_lock_irq(&epfile->ffs->eps_lock);
787
788 if (epfile->ep != ep) {
789 /* In the meantime, endpoint got disabled or changed. */
790 ret = -ESHUTDOWN;
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +0200791 spin_unlock_irq(&epfile->ffs->eps_lock);
Michal Nazarewicz7fa68032013-12-09 15:55:36 -0800792 } else if (halt) {
793 /* Halt */
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +0200794 if (likely(epfile->ep == ep) && !WARN_ON(!ep->ep))
795 usb_ep_set_halt(ep->ep);
796 spin_unlock_irq(&epfile->ffs->eps_lock);
797 ret = -EBADMSG;
798 } else {
799 /* Fire the request */
Robert Baldyga2e4c7552014-02-10 10:42:44 +0100800 struct usb_request *req;
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +0200801
David Cohenc0d31b32014-10-13 11:15:54 -0700802 /*
803 * Sanity Check: even though data_len can't be used
804 * uninitialized at the time I write this comment, some
805 * compilers complain about this situation.
806 * In order to keep the code clean from warnings, data_len is
807 * being initialized to -EINVAL during its declaration, which
808 * means we can't rely on compiler anymore to warn no future
809 * changes won't result in data_len being used uninitialized.
810 * For such reason, we're adding this redundant sanity check
811 * here.
812 */
813 if (unlikely(data_len == -EINVAL)) {
814 WARN(1, "%s: data_len == -EINVAL\n", __func__);
815 ret = -EINVAL;
816 goto error_lock;
817 }
818
Robert Baldyga2e4c7552014-02-10 10:42:44 +0100819 if (io_data->aio) {
820 req = usb_ep_alloc_request(ep->ep, GFP_KERNEL);
821 if (unlikely(!req))
Robert Baldyga48968f82014-03-10 09:33:37 +0100822 goto error_lock;
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +0200823
Robert Baldyga2e4c7552014-02-10 10:42:44 +0100824 req->buf = data;
David Cohenc0d31b32014-10-13 11:15:54 -0700825 req->length = data_len;
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +0200826
Robert Baldyga2e4c7552014-02-10 10:42:44 +0100827 io_data->buf = data;
828 io_data->ep = ep->ep;
829 io_data->req = req;
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +0200830
Robert Baldyga2e4c7552014-02-10 10:42:44 +0100831 req->context = io_data;
832 req->complete = ffs_epfile_async_io_complete;
833
834 ret = usb_ep_queue(ep->ep, req, GFP_ATOMIC);
835 if (unlikely(ret)) {
836 usb_ep_free_request(ep->ep, req);
Robert Baldyga48968f82014-03-10 09:33:37 +0100837 goto error_lock;
Robert Baldyga2e4c7552014-02-10 10:42:44 +0100838 }
839 ret = -EIOCBQUEUED;
840
841 spin_unlock_irq(&epfile->ffs->eps_lock);
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +0200842 } else {
Robert Baldyga2e4c7552014-02-10 10:42:44 +0100843 DECLARE_COMPLETION_ONSTACK(done);
844
845 req = ep->req;
846 req->buf = data;
David Cohenc0d31b32014-10-13 11:15:54 -0700847 req->length = data_len;
Robert Baldyga2e4c7552014-02-10 10:42:44 +0100848
849 req->context = &done;
850 req->complete = ffs_epfile_io_complete;
851
852 ret = usb_ep_queue(ep->ep, req, GFP_ATOMIC);
853
854 spin_unlock_irq(&epfile->ffs->eps_lock);
855
856 if (unlikely(ret < 0)) {
857 /* nop */
858 } else if (unlikely(
859 wait_for_completion_interruptible(&done))) {
860 ret = -EINTR;
861 usb_ep_dequeue(ep->ep, req);
862 } else {
Chuansheng Liucfe919b2014-03-04 15:34:57 +0800863 /*
864 * XXX We may end up silently droping data
865 * here. Since data_len (i.e. req->length) may
866 * be bigger than len (after being rounded up
867 * to maxpacketsize), we may end up with more
868 * data then user space has space for.
869 */
870 ret = ep->status;
871 if (io_data->read && ret > 0) {
872 ret = min_t(size_t, ret, io_data->len);
873
874 if (unlikely(copy_to_user(io_data->buf,
875 data, ret)))
876 ret = -EFAULT;
877 }
Robert Baldyga2e4c7552014-02-10 10:42:44 +0100878 }
879 kfree(data);
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +0200880 }
881 }
882
883 mutex_unlock(&epfile->mutex);
Robert Baldyga2e4c7552014-02-10 10:42:44 +0100884 return ret;
Robert Baldyga48968f82014-03-10 09:33:37 +0100885
886error_lock:
887 spin_unlock_irq(&epfile->ffs->eps_lock);
888 mutex_unlock(&epfile->mutex);
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +0200889error:
890 kfree(data);
891 return ret;
892}
893
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +0200894static ssize_t
895ffs_epfile_write(struct file *file, const char __user *buf, size_t len,
896 loff_t *ptr)
897{
Robert Baldyga2e4c7552014-02-10 10:42:44 +0100898 struct ffs_io_data io_data;
899
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +0200900 ENTER();
901
Robert Baldyga2e4c7552014-02-10 10:42:44 +0100902 io_data.aio = false;
903 io_data.read = false;
904 io_data.buf = (char * __user)buf;
905 io_data.len = len;
906
907 return ffs_epfile_io(file, &io_data);
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +0200908}
909
910static ssize_t
911ffs_epfile_read(struct file *file, char __user *buf, size_t len, loff_t *ptr)
912{
Robert Baldyga2e4c7552014-02-10 10:42:44 +0100913 struct ffs_io_data io_data;
914
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +0200915 ENTER();
916
Robert Baldyga2e4c7552014-02-10 10:42:44 +0100917 io_data.aio = false;
918 io_data.read = true;
919 io_data.buf = buf;
920 io_data.len = len;
921
922 return ffs_epfile_io(file, &io_data);
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +0200923}
924
925static int
926ffs_epfile_open(struct inode *inode, struct file *file)
927{
928 struct ffs_epfile *epfile = inode->i_private;
929
930 ENTER();
931
932 if (WARN_ON(epfile->ffs->state != FFS_ACTIVE))
933 return -ENODEV;
934
935 file->private_data = epfile;
936 ffs_data_opened(epfile->ffs);
937
938 return 0;
939}
940
Robert Baldyga2e4c7552014-02-10 10:42:44 +0100941static int ffs_aio_cancel(struct kiocb *kiocb)
942{
943 struct ffs_io_data *io_data = kiocb->private;
944 struct ffs_epfile *epfile = kiocb->ki_filp->private_data;
945 int value;
946
947 ENTER();
948
949 spin_lock_irq(&epfile->ffs->eps_lock);
950
951 if (likely(io_data && io_data->ep && io_data->req))
952 value = usb_ep_dequeue(io_data->ep, io_data->req);
953 else
954 value = -EINVAL;
955
956 spin_unlock_irq(&epfile->ffs->eps_lock);
957
958 return value;
959}
960
961static ssize_t ffs_epfile_aio_write(struct kiocb *kiocb,
962 const struct iovec *iovec,
963 unsigned long nr_segs, loff_t loff)
964{
965 struct ffs_io_data *io_data;
966
967 ENTER();
968
969 io_data = kmalloc(sizeof(*io_data), GFP_KERNEL);
970 if (unlikely(!io_data))
971 return -ENOMEM;
972
973 io_data->aio = true;
974 io_data->read = false;
975 io_data->kiocb = kiocb;
976 io_data->iovec = iovec;
977 io_data->nr_segs = nr_segs;
978 io_data->len = kiocb->ki_nbytes;
979 io_data->mm = current->mm;
980
981 kiocb->private = io_data;
982
983 kiocb_set_cancel_fn(kiocb, ffs_aio_cancel);
984
985 return ffs_epfile_io(kiocb->ki_filp, io_data);
986}
987
988static ssize_t ffs_epfile_aio_read(struct kiocb *kiocb,
989 const struct iovec *iovec,
990 unsigned long nr_segs, loff_t loff)
991{
992 struct ffs_io_data *io_data;
993 struct iovec *iovec_copy;
994
995 ENTER();
996
997 iovec_copy = kmalloc_array(nr_segs, sizeof(*iovec_copy), GFP_KERNEL);
998 if (unlikely(!iovec_copy))
999 return -ENOMEM;
1000
1001 memcpy(iovec_copy, iovec, sizeof(struct iovec)*nr_segs);
1002
1003 io_data = kmalloc(sizeof(*io_data), GFP_KERNEL);
1004 if (unlikely(!io_data)) {
1005 kfree(iovec_copy);
1006 return -ENOMEM;
1007 }
1008
1009 io_data->aio = true;
1010 io_data->read = true;
1011 io_data->kiocb = kiocb;
1012 io_data->iovec = iovec_copy;
1013 io_data->nr_segs = nr_segs;
1014 io_data->len = kiocb->ki_nbytes;
1015 io_data->mm = current->mm;
1016
1017 kiocb->private = io_data;
1018
1019 kiocb_set_cancel_fn(kiocb, ffs_aio_cancel);
1020
1021 return ffs_epfile_io(kiocb->ki_filp, io_data);
1022}
1023
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001024static int
1025ffs_epfile_release(struct inode *inode, struct file *file)
1026{
1027 struct ffs_epfile *epfile = inode->i_private;
1028
1029 ENTER();
1030
1031 ffs_data_closed(epfile->ffs);
1032
1033 return 0;
1034}
1035
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001036static long ffs_epfile_ioctl(struct file *file, unsigned code,
1037 unsigned long value)
1038{
1039 struct ffs_epfile *epfile = file->private_data;
1040 int ret;
1041
1042 ENTER();
1043
1044 if (WARN_ON(epfile->ffs->state != FFS_ACTIVE))
1045 return -ENODEV;
1046
1047 spin_lock_irq(&epfile->ffs->eps_lock);
1048 if (likely(epfile->ep)) {
1049 switch (code) {
1050 case FUNCTIONFS_FIFO_STATUS:
1051 ret = usb_ep_fifo_status(epfile->ep->ep);
1052 break;
1053 case FUNCTIONFS_FIFO_FLUSH:
1054 usb_ep_fifo_flush(epfile->ep->ep);
1055 ret = 0;
1056 break;
1057 case FUNCTIONFS_CLEAR_HALT:
1058 ret = usb_ep_clear_halt(epfile->ep->ep);
1059 break;
1060 case FUNCTIONFS_ENDPOINT_REVMAP:
1061 ret = epfile->ep->num;
1062 break;
Robert Baldygac559a352014-09-09 08:23:16 +02001063 case FUNCTIONFS_ENDPOINT_DESC:
1064 {
1065 int desc_idx;
1066 struct usb_endpoint_descriptor *desc;
1067
1068 switch (epfile->ffs->gadget->speed) {
1069 case USB_SPEED_SUPER:
1070 desc_idx = 2;
1071 break;
1072 case USB_SPEED_HIGH:
1073 desc_idx = 1;
1074 break;
1075 default:
1076 desc_idx = 0;
1077 }
1078 desc = epfile->ep->descs[desc_idx];
1079
1080 spin_unlock_irq(&epfile->ffs->eps_lock);
1081 ret = copy_to_user((void *)value, desc, sizeof(*desc));
1082 if (ret)
1083 ret = -EFAULT;
1084 return ret;
1085 }
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001086 default:
1087 ret = -ENOTTY;
1088 }
1089 } else {
1090 ret = -ENODEV;
1091 }
1092 spin_unlock_irq(&epfile->ffs->eps_lock);
1093
1094 return ret;
1095}
1096
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001097static const struct file_operations ffs_epfile_operations = {
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001098 .llseek = no_llseek,
1099
1100 .open = ffs_epfile_open,
1101 .write = ffs_epfile_write,
1102 .read = ffs_epfile_read,
Robert Baldyga2e4c7552014-02-10 10:42:44 +01001103 .aio_write = ffs_epfile_aio_write,
1104 .aio_read = ffs_epfile_aio_read,
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001105 .release = ffs_epfile_release,
1106 .unlocked_ioctl = ffs_epfile_ioctl,
1107};
1108
1109
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001110/* File system and super block operations ***********************************/
1111
1112/*
Michal Nazarewicz5ab54cf2010-11-12 14:29:28 +01001113 * Mounting the file system creates a controller file, used first for
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001114 * function configuration then later for event monitoring.
1115 */
1116
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001117static struct inode *__must_check
1118ffs_sb_make_inode(struct super_block *sb, void *data,
1119 const struct file_operations *fops,
1120 const struct inode_operations *iops,
1121 struct ffs_file_perms *perms)
1122{
1123 struct inode *inode;
1124
1125 ENTER();
1126
1127 inode = new_inode(sb);
1128
1129 if (likely(inode)) {
1130 struct timespec current_time = CURRENT_TIME;
1131
Al Viro12ba8d12010-10-27 04:19:36 +01001132 inode->i_ino = get_next_ino();
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001133 inode->i_mode = perms->mode;
1134 inode->i_uid = perms->uid;
1135 inode->i_gid = perms->gid;
1136 inode->i_atime = current_time;
1137 inode->i_mtime = current_time;
1138 inode->i_ctime = current_time;
1139 inode->i_private = data;
1140 if (fops)
1141 inode->i_fop = fops;
1142 if (iops)
1143 inode->i_op = iops;
1144 }
1145
1146 return inode;
1147}
1148
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001149/* Create "regular" file */
Al Viro1bb27ca2014-09-03 13:32:19 -04001150static struct dentry *ffs_sb_create_file(struct super_block *sb,
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001151 const char *name, void *data,
Al Viro1bb27ca2014-09-03 13:32:19 -04001152 const struct file_operations *fops)
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001153{
1154 struct ffs_data *ffs = sb->s_fs_info;
1155 struct dentry *dentry;
1156 struct inode *inode;
1157
1158 ENTER();
1159
1160 dentry = d_alloc_name(sb->s_root, name);
1161 if (unlikely(!dentry))
1162 return NULL;
1163
1164 inode = ffs_sb_make_inode(sb, data, fops, NULL, &ffs->file_perms);
1165 if (unlikely(!inode)) {
1166 dput(dentry);
1167 return NULL;
1168 }
1169
1170 d_add(dentry, inode);
Al Viro1bb27ca2014-09-03 13:32:19 -04001171 return dentry;
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001172}
1173
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001174/* Super block */
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001175static const struct super_operations ffs_sb_operations = {
1176 .statfs = simple_statfs,
1177 .drop_inode = generic_delete_inode,
1178};
1179
1180struct ffs_sb_fill_data {
1181 struct ffs_file_perms perms;
1182 umode_t root_mode;
1183 const char *dev_name;
Robert Baldyga18d6b32f2014-12-18 09:55:10 +01001184 bool no_disconnect;
Al Viro2606b282013-09-20 17:14:21 +01001185 struct ffs_data *ffs_data;
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001186};
1187
1188static int ffs_sb_fill(struct super_block *sb, void *_data, int silent)
1189{
1190 struct ffs_sb_fill_data *data = _data;
1191 struct inode *inode;
Al Viro2606b282013-09-20 17:14:21 +01001192 struct ffs_data *ffs = data->ffs_data;
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001193
1194 ENTER();
1195
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001196 ffs->sb = sb;
Al Viro2606b282013-09-20 17:14:21 +01001197 data->ffs_data = NULL;
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001198 sb->s_fs_info = ffs;
1199 sb->s_blocksize = PAGE_CACHE_SIZE;
1200 sb->s_blocksize_bits = PAGE_CACHE_SHIFT;
1201 sb->s_magic = FUNCTIONFS_MAGIC;
1202 sb->s_op = &ffs_sb_operations;
1203 sb->s_time_gran = 1;
1204
1205 /* Root inode */
1206 data->perms.mode = data->root_mode;
1207 inode = ffs_sb_make_inode(sb, NULL,
1208 &simple_dir_operations,
1209 &simple_dir_inode_operations,
1210 &data->perms);
Al Viro48fde702012-01-08 22:15:13 -05001211 sb->s_root = d_make_root(inode);
1212 if (unlikely(!sb->s_root))
Al Viro2606b282013-09-20 17:14:21 +01001213 return -ENOMEM;
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001214
1215 /* EP0 file */
1216 if (unlikely(!ffs_sb_create_file(sb, "ep0", ffs,
Al Viro1bb27ca2014-09-03 13:32:19 -04001217 &ffs_ep0_operations)))
Al Viro2606b282013-09-20 17:14:21 +01001218 return -ENOMEM;
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001219
1220 return 0;
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001221}
1222
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001223static int ffs_fs_parse_opts(struct ffs_sb_fill_data *data, char *opts)
1224{
1225 ENTER();
1226
1227 if (!opts || !*opts)
1228 return 0;
1229
1230 for (;;) {
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001231 unsigned long value;
Michal Nazarewiczafd2e182013-01-09 10:17:47 +01001232 char *eq, *comma;
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001233
1234 /* Option limit */
1235 comma = strchr(opts, ',');
1236 if (comma)
1237 *comma = 0;
1238
1239 /* Value limit */
1240 eq = strchr(opts, '=');
1241 if (unlikely(!eq)) {
Michal Nazarewiczaa02f172010-11-17 17:09:47 +01001242 pr_err("'=' missing in %s\n", opts);
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001243 return -EINVAL;
1244 }
1245 *eq = 0;
1246
1247 /* Parse value */
Michal Nazarewiczafd2e182013-01-09 10:17:47 +01001248 if (kstrtoul(eq + 1, 0, &value)) {
Michal Nazarewiczaa02f172010-11-17 17:09:47 +01001249 pr_err("%s: invalid value: %s\n", opts, eq + 1);
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001250 return -EINVAL;
1251 }
1252
1253 /* Interpret option */
1254 switch (eq - opts) {
Robert Baldyga18d6b32f2014-12-18 09:55:10 +01001255 case 13:
1256 if (!memcmp(opts, "no_disconnect", 13))
1257 data->no_disconnect = !!value;
1258 else
1259 goto invalid;
1260 break;
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001261 case 5:
1262 if (!memcmp(opts, "rmode", 5))
1263 data->root_mode = (value & 0555) | S_IFDIR;
1264 else if (!memcmp(opts, "fmode", 5))
1265 data->perms.mode = (value & 0666) | S_IFREG;
1266 else
1267 goto invalid;
1268 break;
1269
1270 case 4:
1271 if (!memcmp(opts, "mode", 4)) {
1272 data->root_mode = (value & 0555) | S_IFDIR;
1273 data->perms.mode = (value & 0666) | S_IFREG;
1274 } else {
1275 goto invalid;
1276 }
1277 break;
1278
1279 case 3:
Eric W. Biedermanb9b73f72012-06-14 01:19:23 -07001280 if (!memcmp(opts, "uid", 3)) {
1281 data->perms.uid = make_kuid(current_user_ns(), value);
1282 if (!uid_valid(data->perms.uid)) {
1283 pr_err("%s: unmapped value: %lu\n", opts, value);
1284 return -EINVAL;
1285 }
Benoit Gobyb8100752013-01-08 19:57:09 -08001286 } else if (!memcmp(opts, "gid", 3)) {
Eric W. Biedermanb9b73f72012-06-14 01:19:23 -07001287 data->perms.gid = make_kgid(current_user_ns(), value);
1288 if (!gid_valid(data->perms.gid)) {
1289 pr_err("%s: unmapped value: %lu\n", opts, value);
1290 return -EINVAL;
1291 }
Benoit Gobyb8100752013-01-08 19:57:09 -08001292 } else {
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001293 goto invalid;
Benoit Gobyb8100752013-01-08 19:57:09 -08001294 }
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001295 break;
1296
1297 default:
1298invalid:
Michal Nazarewiczaa02f172010-11-17 17:09:47 +01001299 pr_err("%s: invalid option\n", opts);
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001300 return -EINVAL;
1301 }
1302
1303 /* Next iteration */
1304 if (!comma)
1305 break;
1306 opts = comma + 1;
1307 }
1308
1309 return 0;
1310}
1311
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001312/* "mount -t functionfs dev_name /dev/function" ends up here */
1313
Al Virofc14f2f2010-07-25 01:48:30 +04001314static struct dentry *
1315ffs_fs_mount(struct file_system_type *t, int flags,
1316 const char *dev_name, void *opts)
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001317{
1318 struct ffs_sb_fill_data data = {
1319 .perms = {
1320 .mode = S_IFREG | 0600,
Eric W. Biedermanb9b73f72012-06-14 01:19:23 -07001321 .uid = GLOBAL_ROOT_UID,
1322 .gid = GLOBAL_ROOT_GID,
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001323 },
1324 .root_mode = S_IFDIR | 0500,
Robert Baldyga18d6b32f2014-12-18 09:55:10 +01001325 .no_disconnect = false,
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001326 };
Andrzej Pietrasiewicz581791f2012-05-14 15:51:52 +02001327 struct dentry *rv;
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001328 int ret;
Andrzej Pietrasiewicz581791f2012-05-14 15:51:52 +02001329 void *ffs_dev;
Al Viro2606b282013-09-20 17:14:21 +01001330 struct ffs_data *ffs;
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001331
1332 ENTER();
1333
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001334 ret = ffs_fs_parse_opts(&data, opts);
1335 if (unlikely(ret < 0))
Al Virofc14f2f2010-07-25 01:48:30 +04001336 return ERR_PTR(ret);
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001337
Al Viro2606b282013-09-20 17:14:21 +01001338 ffs = ffs_data_new();
1339 if (unlikely(!ffs))
1340 return ERR_PTR(-ENOMEM);
1341 ffs->file_perms = data.perms;
Robert Baldyga18d6b32f2014-12-18 09:55:10 +01001342 ffs->no_disconnect = data.no_disconnect;
Al Viro2606b282013-09-20 17:14:21 +01001343
1344 ffs->dev_name = kstrdup(dev_name, GFP_KERNEL);
1345 if (unlikely(!ffs->dev_name)) {
1346 ffs_data_put(ffs);
1347 return ERR_PTR(-ENOMEM);
1348 }
1349
Andrzej Pietrasiewicz4b187fc2013-12-03 15:15:32 +01001350 ffs_dev = ffs_acquire_dev(dev_name);
Al Viro2606b282013-09-20 17:14:21 +01001351 if (IS_ERR(ffs_dev)) {
1352 ffs_data_put(ffs);
1353 return ERR_CAST(ffs_dev);
1354 }
1355 ffs->private_data = ffs_dev;
1356 data.ffs_data = ffs;
Andrzej Pietrasiewicz581791f2012-05-14 15:51:52 +02001357
Andrzej Pietrasiewicz581791f2012-05-14 15:51:52 +02001358 rv = mount_nodev(t, flags, &data, ffs_sb_fill);
Al Viro2606b282013-09-20 17:14:21 +01001359 if (IS_ERR(rv) && data.ffs_data) {
Andrzej Pietrasiewicz4b187fc2013-12-03 15:15:32 +01001360 ffs_release_dev(data.ffs_data);
Al Viro2606b282013-09-20 17:14:21 +01001361 ffs_data_put(data.ffs_data);
1362 }
Andrzej Pietrasiewicz581791f2012-05-14 15:51:52 +02001363 return rv;
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001364}
1365
1366static void
1367ffs_fs_kill_sb(struct super_block *sb)
1368{
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001369 ENTER();
1370
1371 kill_litter_super(sb);
Andrzej Pietrasiewicz581791f2012-05-14 15:51:52 +02001372 if (sb->s_fs_info) {
Andrzej Pietrasiewicz4b187fc2013-12-03 15:15:32 +01001373 ffs_release_dev(sb->s_fs_info);
Robert Baldyga18d6b32f2014-12-18 09:55:10 +01001374 ffs_data_closed(sb->s_fs_info);
Al Viro5b5f9562012-01-08 15:38:27 -05001375 ffs_data_put(sb->s_fs_info);
Andrzej Pietrasiewicz581791f2012-05-14 15:51:52 +02001376 }
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001377}
1378
1379static struct file_system_type ffs_fs_type = {
1380 .owner = THIS_MODULE,
1381 .name = "functionfs",
Al Virofc14f2f2010-07-25 01:48:30 +04001382 .mount = ffs_fs_mount,
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001383 .kill_sb = ffs_fs_kill_sb,
1384};
Eric W. Biederman7f78e032013-03-02 19:39:14 -08001385MODULE_ALIAS_FS("functionfs");
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001386
1387
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001388/* Driver's main init/cleanup functions *************************************/
1389
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001390static int functionfs_init(void)
1391{
1392 int ret;
1393
1394 ENTER();
1395
1396 ret = register_filesystem(&ffs_fs_type);
1397 if (likely(!ret))
Michal Nazarewiczaa02f172010-11-17 17:09:47 +01001398 pr_info("file system registered\n");
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001399 else
Michal Nazarewiczaa02f172010-11-17 17:09:47 +01001400 pr_err("failed registering file system (%d)\n", ret);
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001401
1402 return ret;
1403}
1404
1405static void functionfs_cleanup(void)
1406{
1407 ENTER();
1408
Michal Nazarewiczaa02f172010-11-17 17:09:47 +01001409 pr_info("unloading\n");
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001410 unregister_filesystem(&ffs_fs_type);
1411}
1412
1413
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001414/* ffs_data and ffs_function construction and destruction code **************/
1415
1416static void ffs_data_clear(struct ffs_data *ffs);
1417static void ffs_data_reset(struct ffs_data *ffs);
1418
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001419static void ffs_data_get(struct ffs_data *ffs)
1420{
1421 ENTER();
1422
1423 atomic_inc(&ffs->ref);
1424}
1425
1426static void ffs_data_opened(struct ffs_data *ffs)
1427{
1428 ENTER();
1429
1430 atomic_inc(&ffs->ref);
Robert Baldyga18d6b32f2014-12-18 09:55:10 +01001431 if (atomic_add_return(1, &ffs->opened) == 1 &&
1432 ffs->state == FFS_DEACTIVATED) {
1433 ffs->state = FFS_CLOSING;
1434 ffs_data_reset(ffs);
1435 }
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001436}
1437
1438static void ffs_data_put(struct ffs_data *ffs)
1439{
1440 ENTER();
1441
1442 if (unlikely(atomic_dec_and_test(&ffs->ref))) {
Michal Nazarewiczaa02f172010-11-17 17:09:47 +01001443 pr_info("%s(): freeing\n", __func__);
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001444 ffs_data_clear(ffs);
Andi Kleen647d5582012-03-16 12:01:02 -07001445 BUG_ON(waitqueue_active(&ffs->ev.waitq) ||
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001446 waitqueue_active(&ffs->ep0req_completion.wait));
Andrzej Pietrasiewicz581791f2012-05-14 15:51:52 +02001447 kfree(ffs->dev_name);
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001448 kfree(ffs);
1449 }
1450}
1451
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001452static void ffs_data_closed(struct ffs_data *ffs)
1453{
1454 ENTER();
1455
1456 if (atomic_dec_and_test(&ffs->opened)) {
Robert Baldyga18d6b32f2014-12-18 09:55:10 +01001457 if (ffs->no_disconnect) {
1458 ffs->state = FFS_DEACTIVATED;
1459 if (ffs->epfiles) {
1460 ffs_epfiles_destroy(ffs->epfiles,
1461 ffs->eps_count);
1462 ffs->epfiles = NULL;
1463 }
1464 if (ffs->setup_state == FFS_SETUP_PENDING)
1465 __ffs_ep0_stall(ffs);
1466 } else {
1467 ffs->state = FFS_CLOSING;
1468 ffs_data_reset(ffs);
1469 }
1470 }
1471 if (atomic_read(&ffs->opened) < 0) {
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001472 ffs->state = FFS_CLOSING;
1473 ffs_data_reset(ffs);
1474 }
1475
1476 ffs_data_put(ffs);
1477}
1478
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001479static struct ffs_data *ffs_data_new(void)
1480{
1481 struct ffs_data *ffs = kzalloc(sizeof *ffs, GFP_KERNEL);
1482 if (unlikely(!ffs))
Felipe Balbif8800d42013-12-12 12:15:43 -06001483 return NULL;
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001484
1485 ENTER();
1486
1487 atomic_set(&ffs->ref, 1);
1488 atomic_set(&ffs->opened, 0);
1489 ffs->state = FFS_READ_DESCRIPTORS;
1490 mutex_init(&ffs->mutex);
1491 spin_lock_init(&ffs->eps_lock);
1492 init_waitqueue_head(&ffs->ev.waitq);
1493 init_completion(&ffs->ep0req_completion);
1494
1495 /* XXX REVISIT need to update it in some places, or do we? */
1496 ffs->ev.can_stall = 1;
1497
1498 return ffs;
1499}
1500
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001501static void ffs_data_clear(struct ffs_data *ffs)
1502{
1503 ENTER();
1504
1505 if (test_and_clear_bit(FFS_FL_CALL_CLOSED_CALLBACK, &ffs->flags))
Andrzej Pietrasiewicz4b187fc2013-12-03 15:15:32 +01001506 ffs_closed(ffs);
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001507
1508 BUG_ON(ffs->gadget);
1509
1510 if (ffs->epfiles)
1511 ffs_epfiles_destroy(ffs->epfiles, ffs->eps_count);
1512
Michal Nazarewiczac8dde12014-02-28 16:50:23 +05301513 kfree(ffs->raw_descs_data);
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001514 kfree(ffs->raw_strings);
1515 kfree(ffs->stringtabs);
1516}
1517
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001518static void ffs_data_reset(struct ffs_data *ffs)
1519{
1520 ENTER();
1521
1522 ffs_data_clear(ffs);
1523
1524 ffs->epfiles = NULL;
Michal Nazarewiczac8dde12014-02-28 16:50:23 +05301525 ffs->raw_descs_data = NULL;
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001526 ffs->raw_descs = NULL;
1527 ffs->raw_strings = NULL;
1528 ffs->stringtabs = NULL;
1529
1530 ffs->raw_descs_length = 0;
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001531 ffs->fs_descs_count = 0;
1532 ffs->hs_descs_count = 0;
Manu Gautam8d4e8972014-02-28 16:50:22 +05301533 ffs->ss_descs_count = 0;
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001534
1535 ffs->strings_count = 0;
1536 ffs->interfaces_count = 0;
1537 ffs->eps_count = 0;
1538
1539 ffs->ev.count = 0;
1540
1541 ffs->state = FFS_READ_DESCRIPTORS;
1542 ffs->setup_state = FFS_NO_SETUP;
1543 ffs->flags = 0;
1544}
1545
1546
1547static int functionfs_bind(struct ffs_data *ffs, struct usb_composite_dev *cdev)
1548{
Michal Nazarewiczfd7c9a02010-06-16 12:08:00 +02001549 struct usb_gadget_strings **lang;
1550 int first_id;
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001551
1552 ENTER();
1553
1554 if (WARN_ON(ffs->state != FFS_ACTIVE
1555 || test_and_set_bit(FFS_FL_BOUND, &ffs->flags)))
1556 return -EBADFD;
1557
Michal Nazarewiczfd7c9a02010-06-16 12:08:00 +02001558 first_id = usb_string_ids_n(cdev, ffs->strings_count);
1559 if (unlikely(first_id < 0))
1560 return first_id;
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001561
1562 ffs->ep0req = usb_ep_alloc_request(cdev->gadget->ep0, GFP_KERNEL);
1563 if (unlikely(!ffs->ep0req))
1564 return -ENOMEM;
1565 ffs->ep0req->complete = ffs_ep0_complete;
1566 ffs->ep0req->context = ffs;
1567
Michal Nazarewiczfd7c9a02010-06-16 12:08:00 +02001568 lang = ffs->stringtabs;
Michal Nazarewiczf0688c82014-06-17 17:47:41 +02001569 if (lang) {
1570 for (; *lang; ++lang) {
1571 struct usb_string *str = (*lang)->strings;
1572 int id = first_id;
1573 for (; str->s; ++id, ++str)
1574 str->id = id;
1575 }
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001576 }
1577
1578 ffs->gadget = cdev->gadget;
Michal Nazarewiczfd7c9a02010-06-16 12:08:00 +02001579 ffs_data_get(ffs);
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001580 return 0;
1581}
1582
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001583static void functionfs_unbind(struct ffs_data *ffs)
1584{
1585 ENTER();
1586
1587 if (!WARN_ON(!ffs->gadget)) {
1588 usb_ep_free_request(ffs->gadget->ep0, ffs->ep0req);
1589 ffs->ep0req = NULL;
1590 ffs->gadget = NULL;
Andrzej Pietrasiewicze2190a92012-03-12 12:55:41 +01001591 clear_bit(FFS_FL_BOUND, &ffs->flags);
Dan Carpenterdf498992013-08-23 11:16:15 +03001592 ffs_data_put(ffs);
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001593 }
1594}
1595
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001596static int ffs_epfiles_create(struct ffs_data *ffs)
1597{
1598 struct ffs_epfile *epfile, *epfiles;
1599 unsigned i, count;
1600
1601 ENTER();
1602
1603 count = ffs->eps_count;
Thomas Meyer9823a522011-11-29 22:08:00 +01001604 epfiles = kcalloc(count, sizeof(*epfiles), GFP_KERNEL);
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001605 if (!epfiles)
1606 return -ENOMEM;
1607
1608 epfile = epfiles;
1609 for (i = 1; i <= count; ++i, ++epfile) {
1610 epfile->ffs = ffs;
1611 mutex_init(&epfile->mutex);
1612 init_waitqueue_head(&epfile->wait);
Robert Baldyga1b0bf882014-09-09 08:23:17 +02001613 if (ffs->user_flags & FUNCTIONFS_VIRTUAL_ADDR)
1614 sprintf(epfiles->name, "ep%02x", ffs->eps_addrmap[i]);
1615 else
1616 sprintf(epfiles->name, "ep%u", i);
Al Viro1bb27ca2014-09-03 13:32:19 -04001617 epfile->dentry = ffs_sb_create_file(ffs->sb, epfiles->name,
1618 epfile,
1619 &ffs_epfile_operations);
1620 if (unlikely(!epfile->dentry)) {
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001621 ffs_epfiles_destroy(epfiles, i - 1);
1622 return -ENOMEM;
1623 }
1624 }
1625
1626 ffs->epfiles = epfiles;
1627 return 0;
1628}
1629
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001630static void ffs_epfiles_destroy(struct ffs_epfile *epfiles, unsigned count)
1631{
1632 struct ffs_epfile *epfile = epfiles;
1633
1634 ENTER();
1635
1636 for (; count; --count, ++epfile) {
1637 BUG_ON(mutex_is_locked(&epfile->mutex) ||
1638 waitqueue_active(&epfile->wait));
1639 if (epfile->dentry) {
1640 d_delete(epfile->dentry);
1641 dput(epfile->dentry);
1642 epfile->dentry = NULL;
1643 }
1644 }
1645
1646 kfree(epfiles);
1647}
1648
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001649static void ffs_func_eps_disable(struct ffs_function *func)
1650{
1651 struct ffs_ep *ep = func->eps;
1652 struct ffs_epfile *epfile = func->ffs->epfiles;
1653 unsigned count = func->ffs->eps_count;
1654 unsigned long flags;
1655
1656 spin_lock_irqsave(&func->ffs->eps_lock, flags);
1657 do {
1658 /* pending requests get nuked */
1659 if (likely(ep->ep))
1660 usb_ep_disable(ep->ep);
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001661 ++ep;
Robert Baldyga18d6b32f2014-12-18 09:55:10 +01001662
1663 if (epfile) {
1664 epfile->ep = NULL;
1665 ++epfile;
1666 }
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001667 } while (--count);
1668 spin_unlock_irqrestore(&func->ffs->eps_lock, flags);
1669}
1670
1671static int ffs_func_eps_enable(struct ffs_function *func)
1672{
1673 struct ffs_data *ffs = func->ffs;
1674 struct ffs_ep *ep = func->eps;
1675 struct ffs_epfile *epfile = ffs->epfiles;
1676 unsigned count = ffs->eps_count;
1677 unsigned long flags;
1678 int ret = 0;
1679
1680 spin_lock_irqsave(&func->ffs->eps_lock, flags);
1681 do {
1682 struct usb_endpoint_descriptor *ds;
Manu Gautam8d4e8972014-02-28 16:50:22 +05301683 int desc_idx;
1684
1685 if (ffs->gadget->speed == USB_SPEED_SUPER)
1686 desc_idx = 2;
1687 else if (ffs->gadget->speed == USB_SPEED_HIGH)
1688 desc_idx = 1;
1689 else
1690 desc_idx = 0;
1691
1692 /* fall-back to lower speed if desc missing for current speed */
1693 do {
1694 ds = ep->descs[desc_idx];
1695 } while (!ds && --desc_idx >= 0);
1696
1697 if (!ds) {
1698 ret = -EINVAL;
1699 break;
1700 }
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001701
1702 ep->ep->driver_data = ep;
Tatyana Brokhman72c973d2011-06-28 16:33:48 +03001703 ep->ep->desc = ds;
1704 ret = usb_ep_enable(ep->ep);
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001705 if (likely(!ret)) {
1706 epfile->ep = ep;
1707 epfile->in = usb_endpoint_dir_in(ds);
1708 epfile->isoc = usb_endpoint_xfer_isoc(ds);
1709 } else {
1710 break;
1711 }
1712
1713 wake_up(&epfile->wait);
1714
1715 ++ep;
1716 ++epfile;
1717 } while (--count);
1718 spin_unlock_irqrestore(&func->ffs->eps_lock, flags);
1719
1720 return ret;
1721}
1722
1723
1724/* Parsing and building descriptors and strings *****************************/
1725
Michal Nazarewicz5ab54cf2010-11-12 14:29:28 +01001726/*
1727 * This validates if data pointed by data is a valid USB descriptor as
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001728 * well as record how many interfaces, endpoints and strings are
Michal Nazarewicz5ab54cf2010-11-12 14:29:28 +01001729 * required by given configuration. Returns address after the
1730 * descriptor or NULL if data is invalid.
1731 */
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001732
1733enum ffs_entity_type {
1734 FFS_DESCRIPTOR, FFS_INTERFACE, FFS_STRING, FFS_ENDPOINT
1735};
1736
Andrzej Pietrasiewiczf0175ab2014-07-09 12:20:08 +02001737enum ffs_os_desc_type {
1738 FFS_OS_DESC, FFS_OS_DESC_EXT_COMPAT, FFS_OS_DESC_EXT_PROP
1739};
1740
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001741typedef int (*ffs_entity_callback)(enum ffs_entity_type entity,
1742 u8 *valuep,
1743 struct usb_descriptor_header *desc,
1744 void *priv);
1745
Andrzej Pietrasiewiczf0175ab2014-07-09 12:20:08 +02001746typedef int (*ffs_os_desc_callback)(enum ffs_os_desc_type entity,
1747 struct usb_os_desc_header *h, void *data,
1748 unsigned len, void *priv);
1749
Andrzej Pietrasiewiczf96cbd12014-07-09 12:20:06 +02001750static int __must_check ffs_do_single_desc(char *data, unsigned len,
1751 ffs_entity_callback entity,
1752 void *priv)
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001753{
1754 struct usb_descriptor_header *_ds = (void *)data;
1755 u8 length;
1756 int ret;
1757
1758 ENTER();
1759
1760 /* At least two bytes are required: length and type */
1761 if (len < 2) {
Michal Nazarewiczaa02f172010-11-17 17:09:47 +01001762 pr_vdebug("descriptor too short\n");
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001763 return -EINVAL;
1764 }
1765
1766 /* If we have at least as many bytes as the descriptor takes? */
1767 length = _ds->bLength;
1768 if (len < length) {
Michal Nazarewiczaa02f172010-11-17 17:09:47 +01001769 pr_vdebug("descriptor longer then available data\n");
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001770 return -EINVAL;
1771 }
1772
1773#define __entity_check_INTERFACE(val) 1
1774#define __entity_check_STRING(val) (val)
1775#define __entity_check_ENDPOINT(val) ((val) & USB_ENDPOINT_NUMBER_MASK)
1776#define __entity(type, val) do { \
Michal Nazarewiczaa02f172010-11-17 17:09:47 +01001777 pr_vdebug("entity " #type "(%02x)\n", (val)); \
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001778 if (unlikely(!__entity_check_ ##type(val))) { \
Michal Nazarewiczaa02f172010-11-17 17:09:47 +01001779 pr_vdebug("invalid entity's value\n"); \
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001780 return -EINVAL; \
1781 } \
1782 ret = entity(FFS_ ##type, &val, _ds, priv); \
1783 if (unlikely(ret < 0)) { \
Michal Nazarewiczaa02f172010-11-17 17:09:47 +01001784 pr_debug("entity " #type "(%02x); ret = %d\n", \
Michal Nazarewiczd8df0b62010-11-12 14:29:29 +01001785 (val), ret); \
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001786 return ret; \
1787 } \
1788 } while (0)
1789
1790 /* Parse descriptor depending on type. */
1791 switch (_ds->bDescriptorType) {
1792 case USB_DT_DEVICE:
1793 case USB_DT_CONFIG:
1794 case USB_DT_STRING:
1795 case USB_DT_DEVICE_QUALIFIER:
1796 /* function can't have any of those */
Michal Nazarewiczaa02f172010-11-17 17:09:47 +01001797 pr_vdebug("descriptor reserved for gadget: %d\n",
Michal Nazarewicz5ab54cf2010-11-12 14:29:28 +01001798 _ds->bDescriptorType);
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001799 return -EINVAL;
1800
1801 case USB_DT_INTERFACE: {
1802 struct usb_interface_descriptor *ds = (void *)_ds;
Michal Nazarewiczaa02f172010-11-17 17:09:47 +01001803 pr_vdebug("interface descriptor\n");
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001804 if (length != sizeof *ds)
1805 goto inv_length;
1806
1807 __entity(INTERFACE, ds->bInterfaceNumber);
1808 if (ds->iInterface)
1809 __entity(STRING, ds->iInterface);
1810 }
1811 break;
1812
1813 case USB_DT_ENDPOINT: {
1814 struct usb_endpoint_descriptor *ds = (void *)_ds;
Michal Nazarewiczaa02f172010-11-17 17:09:47 +01001815 pr_vdebug("endpoint descriptor\n");
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001816 if (length != USB_DT_ENDPOINT_SIZE &&
1817 length != USB_DT_ENDPOINT_AUDIO_SIZE)
1818 goto inv_length;
1819 __entity(ENDPOINT, ds->bEndpointAddress);
1820 }
1821 break;
1822
Koen Beel560f1182012-05-30 20:43:37 +02001823 case HID_DT_HID:
1824 pr_vdebug("hid descriptor\n");
1825 if (length != sizeof(struct hid_descriptor))
1826 goto inv_length;
1827 break;
1828
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001829 case USB_DT_OTG:
1830 if (length != sizeof(struct usb_otg_descriptor))
1831 goto inv_length;
1832 break;
1833
1834 case USB_DT_INTERFACE_ASSOCIATION: {
1835 struct usb_interface_assoc_descriptor *ds = (void *)_ds;
Michal Nazarewiczaa02f172010-11-17 17:09:47 +01001836 pr_vdebug("interface association descriptor\n");
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001837 if (length != sizeof *ds)
1838 goto inv_length;
1839 if (ds->iFunction)
1840 __entity(STRING, ds->iFunction);
1841 }
1842 break;
1843
Manu Gautam8d4e8972014-02-28 16:50:22 +05301844 case USB_DT_SS_ENDPOINT_COMP:
1845 pr_vdebug("EP SS companion descriptor\n");
1846 if (length != sizeof(struct usb_ss_ep_comp_descriptor))
1847 goto inv_length;
1848 break;
1849
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001850 case USB_DT_OTHER_SPEED_CONFIG:
1851 case USB_DT_INTERFACE_POWER:
1852 case USB_DT_DEBUG:
1853 case USB_DT_SECURITY:
1854 case USB_DT_CS_RADIO_CONTROL:
1855 /* TODO */
Michal Nazarewiczaa02f172010-11-17 17:09:47 +01001856 pr_vdebug("unimplemented descriptor: %d\n", _ds->bDescriptorType);
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001857 return -EINVAL;
1858
1859 default:
1860 /* We should never be here */
Michal Nazarewiczaa02f172010-11-17 17:09:47 +01001861 pr_vdebug("unknown descriptor: %d\n", _ds->bDescriptorType);
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001862 return -EINVAL;
1863
Michal Nazarewicz5ab54cf2010-11-12 14:29:28 +01001864inv_length:
Michal Nazarewiczaa02f172010-11-17 17:09:47 +01001865 pr_vdebug("invalid length: %d (descriptor %d)\n",
Michal Nazarewiczd8df0b62010-11-12 14:29:29 +01001866 _ds->bLength, _ds->bDescriptorType);
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001867 return -EINVAL;
1868 }
1869
1870#undef __entity
1871#undef __entity_check_DESCRIPTOR
1872#undef __entity_check_INTERFACE
1873#undef __entity_check_STRING
1874#undef __entity_check_ENDPOINT
1875
1876 return length;
1877}
1878
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001879static int __must_check ffs_do_descs(unsigned count, char *data, unsigned len,
1880 ffs_entity_callback entity, void *priv)
1881{
1882 const unsigned _len = len;
1883 unsigned long num = 0;
1884
1885 ENTER();
1886
1887 for (;;) {
1888 int ret;
1889
1890 if (num == count)
1891 data = NULL;
1892
Michal Nazarewicz5ab54cf2010-11-12 14:29:28 +01001893 /* Record "descriptor" entity */
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001894 ret = entity(FFS_DESCRIPTOR, (u8 *)num, (void *)data, priv);
1895 if (unlikely(ret < 0)) {
Michal Nazarewiczaa02f172010-11-17 17:09:47 +01001896 pr_debug("entity DESCRIPTOR(%02lx); ret = %d\n",
Michal Nazarewiczd8df0b62010-11-12 14:29:29 +01001897 num, ret);
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001898 return ret;
1899 }
1900
1901 if (!data)
1902 return _len - len;
1903
Andrzej Pietrasiewiczf96cbd12014-07-09 12:20:06 +02001904 ret = ffs_do_single_desc(data, len, entity, priv);
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001905 if (unlikely(ret < 0)) {
Michal Nazarewiczaa02f172010-11-17 17:09:47 +01001906 pr_debug("%s returns %d\n", __func__, ret);
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001907 return ret;
1908 }
1909
1910 len -= ret;
1911 data += ret;
1912 ++num;
1913 }
1914}
1915
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001916static int __ffs_data_do_entity(enum ffs_entity_type type,
1917 u8 *valuep, struct usb_descriptor_header *desc,
1918 void *priv)
1919{
Robert Baldyga6d5c1c72014-08-25 11:16:27 +02001920 struct ffs_desc_helper *helper = priv;
1921 struct usb_endpoint_descriptor *d;
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001922
1923 ENTER();
1924
1925 switch (type) {
1926 case FFS_DESCRIPTOR:
1927 break;
1928
1929 case FFS_INTERFACE:
Michal Nazarewicz5ab54cf2010-11-12 14:29:28 +01001930 /*
1931 * Interfaces are indexed from zero so if we
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001932 * encountered interface "n" then there are at least
Michal Nazarewicz5ab54cf2010-11-12 14:29:28 +01001933 * "n+1" interfaces.
1934 */
Robert Baldyga6d5c1c72014-08-25 11:16:27 +02001935 if (*valuep >= helper->interfaces_count)
1936 helper->interfaces_count = *valuep + 1;
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001937 break;
1938
1939 case FFS_STRING:
Michal Nazarewicz5ab54cf2010-11-12 14:29:28 +01001940 /*
1941 * Strings are indexed from 1 (0 is magic ;) reserved
1942 * for languages list or some such)
1943 */
Robert Baldyga6d5c1c72014-08-25 11:16:27 +02001944 if (*valuep > helper->ffs->strings_count)
1945 helper->ffs->strings_count = *valuep;
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001946 break;
1947
1948 case FFS_ENDPOINT:
Robert Baldyga6d5c1c72014-08-25 11:16:27 +02001949 d = (void *)desc;
1950 helper->eps_count++;
1951 if (helper->eps_count >= 15)
1952 return -EINVAL;
1953 /* Check if descriptors for any speed were already parsed */
1954 if (!helper->ffs->eps_count && !helper->ffs->interfaces_count)
1955 helper->ffs->eps_addrmap[helper->eps_count] =
1956 d->bEndpointAddress;
1957 else if (helper->ffs->eps_addrmap[helper->eps_count] !=
1958 d->bEndpointAddress)
1959 return -EINVAL;
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02001960 break;
1961 }
1962
1963 return 0;
1964}
1965
Andrzej Pietrasiewiczf0175ab2014-07-09 12:20:08 +02001966static int __ffs_do_os_desc_header(enum ffs_os_desc_type *next_type,
1967 struct usb_os_desc_header *desc)
1968{
1969 u16 bcd_version = le16_to_cpu(desc->bcdVersion);
1970 u16 w_index = le16_to_cpu(desc->wIndex);
1971
1972 if (bcd_version != 1) {
1973 pr_vdebug("unsupported os descriptors version: %d",
1974 bcd_version);
1975 return -EINVAL;
1976 }
1977 switch (w_index) {
1978 case 0x4:
1979 *next_type = FFS_OS_DESC_EXT_COMPAT;
1980 break;
1981 case 0x5:
1982 *next_type = FFS_OS_DESC_EXT_PROP;
1983 break;
1984 default:
1985 pr_vdebug("unsupported os descriptor type: %d", w_index);
1986 return -EINVAL;
1987 }
1988
1989 return sizeof(*desc);
1990}
1991
1992/*
1993 * Process all extended compatibility/extended property descriptors
1994 * of a feature descriptor
1995 */
1996static int __must_check ffs_do_single_os_desc(char *data, unsigned len,
1997 enum ffs_os_desc_type type,
1998 u16 feature_count,
1999 ffs_os_desc_callback entity,
2000 void *priv,
2001 struct usb_os_desc_header *h)
2002{
2003 int ret;
2004 const unsigned _len = len;
2005
2006 ENTER();
2007
2008 /* loop over all ext compat/ext prop descriptors */
2009 while (feature_count--) {
2010 ret = entity(type, h, data, len, priv);
2011 if (unlikely(ret < 0)) {
2012 pr_debug("bad OS descriptor, type: %d\n", type);
2013 return ret;
2014 }
2015 data += ret;
2016 len -= ret;
2017 }
2018 return _len - len;
2019}
2020
2021/* Process a number of complete Feature Descriptors (Ext Compat or Ext Prop) */
2022static int __must_check ffs_do_os_descs(unsigned count,
2023 char *data, unsigned len,
2024 ffs_os_desc_callback entity, void *priv)
2025{
2026 const unsigned _len = len;
2027 unsigned long num = 0;
2028
2029 ENTER();
2030
2031 for (num = 0; num < count; ++num) {
2032 int ret;
2033 enum ffs_os_desc_type type;
2034 u16 feature_count;
2035 struct usb_os_desc_header *desc = (void *)data;
2036
2037 if (len < sizeof(*desc))
2038 return -EINVAL;
2039
2040 /*
2041 * Record "descriptor" entity.
2042 * Process dwLength, bcdVersion, wIndex, get b/wCount.
2043 * Move the data pointer to the beginning of extended
2044 * compatibilities proper or extended properties proper
2045 * portions of the data
2046 */
2047 if (le32_to_cpu(desc->dwLength) > len)
2048 return -EINVAL;
2049
2050 ret = __ffs_do_os_desc_header(&type, desc);
2051 if (unlikely(ret < 0)) {
2052 pr_debug("entity OS_DESCRIPTOR(%02lx); ret = %d\n",
2053 num, ret);
2054 return ret;
2055 }
2056 /*
2057 * 16-bit hex "?? 00" Little Endian looks like 8-bit hex "??"
2058 */
2059 feature_count = le16_to_cpu(desc->wCount);
2060 if (type == FFS_OS_DESC_EXT_COMPAT &&
2061 (feature_count > 255 || desc->Reserved))
2062 return -EINVAL;
2063 len -= ret;
2064 data += ret;
2065
2066 /*
2067 * Process all function/property descriptors
2068 * of this Feature Descriptor
2069 */
2070 ret = ffs_do_single_os_desc(data, len, type,
2071 feature_count, entity, priv, desc);
2072 if (unlikely(ret < 0)) {
2073 pr_debug("%s returns %d\n", __func__, ret);
2074 return ret;
2075 }
2076
2077 len -= ret;
2078 data += ret;
2079 }
2080 return _len - len;
2081}
2082
2083/**
2084 * Validate contents of the buffer from userspace related to OS descriptors.
2085 */
2086static int __ffs_data_do_os_desc(enum ffs_os_desc_type type,
2087 struct usb_os_desc_header *h, void *data,
2088 unsigned len, void *priv)
2089{
2090 struct ffs_data *ffs = priv;
2091 u8 length;
2092
2093 ENTER();
2094
2095 switch (type) {
2096 case FFS_OS_DESC_EXT_COMPAT: {
2097 struct usb_ext_compat_desc *d = data;
2098 int i;
2099
2100 if (len < sizeof(*d) ||
2101 d->bFirstInterfaceNumber >= ffs->interfaces_count ||
2102 d->Reserved1)
2103 return -EINVAL;
2104 for (i = 0; i < ARRAY_SIZE(d->Reserved2); ++i)
2105 if (d->Reserved2[i])
2106 return -EINVAL;
2107
2108 length = sizeof(struct usb_ext_compat_desc);
2109 }
2110 break;
2111 case FFS_OS_DESC_EXT_PROP: {
2112 struct usb_ext_prop_desc *d = data;
2113 u32 type, pdl;
2114 u16 pnl;
2115
2116 if (len < sizeof(*d) || h->interface >= ffs->interfaces_count)
2117 return -EINVAL;
2118 length = le32_to_cpu(d->dwSize);
2119 type = le32_to_cpu(d->dwPropertyDataType);
2120 if (type < USB_EXT_PROP_UNICODE ||
2121 type > USB_EXT_PROP_UNICODE_MULTI) {
2122 pr_vdebug("unsupported os descriptor property type: %d",
2123 type);
2124 return -EINVAL;
2125 }
2126 pnl = le16_to_cpu(d->wPropertyNameLength);
2127 pdl = le32_to_cpu(*(u32 *)((u8 *)data + 10 + pnl));
2128 if (length != 14 + pnl + pdl) {
2129 pr_vdebug("invalid os descriptor length: %d pnl:%d pdl:%d (descriptor %d)\n",
2130 length, pnl, pdl, type);
2131 return -EINVAL;
2132 }
2133 ++ffs->ms_os_descs_ext_prop_count;
2134 /* property name reported to the host as "WCHAR"s */
2135 ffs->ms_os_descs_ext_prop_name_len += pnl * 2;
2136 ffs->ms_os_descs_ext_prop_data_len += pdl;
2137 }
2138 break;
2139 default:
2140 pr_vdebug("unknown descriptor: %d\n", type);
2141 return -EINVAL;
2142 }
2143 return length;
2144}
2145
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02002146static int __ffs_data_got_descs(struct ffs_data *ffs,
2147 char *const _data, size_t len)
2148{
Michal Nazarewiczac8dde12014-02-28 16:50:23 +05302149 char *data = _data, *raw_descs;
Andrzej Pietrasiewiczf0175ab2014-07-09 12:20:08 +02002150 unsigned os_descs_count = 0, counts[3], flags;
Michal Nazarewiczac8dde12014-02-28 16:50:23 +05302151 int ret = -EINVAL, i;
Robert Baldyga6d5c1c72014-08-25 11:16:27 +02002152 struct ffs_desc_helper helper;
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02002153
2154 ENTER();
2155
Michal Nazarewiczac8dde12014-02-28 16:50:23 +05302156 if (get_unaligned_le32(data + 4) != len)
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02002157 goto error;
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02002158
Michal Nazarewiczac8dde12014-02-28 16:50:23 +05302159 switch (get_unaligned_le32(data)) {
2160 case FUNCTIONFS_DESCRIPTORS_MAGIC:
2161 flags = FUNCTIONFS_HAS_FS_DESC | FUNCTIONFS_HAS_HS_DESC;
Manu Gautam8d4e8972014-02-28 16:50:22 +05302162 data += 8;
2163 len -= 8;
Michal Nazarewiczac8dde12014-02-28 16:50:23 +05302164 break;
2165 case FUNCTIONFS_DESCRIPTORS_MAGIC_V2:
2166 flags = get_unaligned_le32(data + 8);
Robert Baldyga1b0bf882014-09-09 08:23:17 +02002167 ffs->user_flags = flags;
Michal Nazarewiczac8dde12014-02-28 16:50:23 +05302168 if (flags & ~(FUNCTIONFS_HAS_FS_DESC |
2169 FUNCTIONFS_HAS_HS_DESC |
Andrzej Pietrasiewiczf0175ab2014-07-09 12:20:08 +02002170 FUNCTIONFS_HAS_SS_DESC |
Robert Baldyga1b0bf882014-09-09 08:23:17 +02002171 FUNCTIONFS_HAS_MS_OS_DESC |
2172 FUNCTIONFS_VIRTUAL_ADDR)) {
Michal Nazarewiczac8dde12014-02-28 16:50:23 +05302173 ret = -ENOSYS;
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02002174 goto error;
2175 }
Michal Nazarewiczac8dde12014-02-28 16:50:23 +05302176 data += 12;
2177 len -= 12;
2178 break;
2179 default:
2180 goto error;
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02002181 }
2182
Michal Nazarewiczac8dde12014-02-28 16:50:23 +05302183 /* Read fs_count, hs_count and ss_count (if present) */
2184 for (i = 0; i < 3; ++i) {
2185 if (!(flags & (1 << i))) {
2186 counts[i] = 0;
2187 } else if (len < 4) {
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02002188 goto error;
Michal Nazarewiczac8dde12014-02-28 16:50:23 +05302189 } else {
2190 counts[i] = get_unaligned_le32(data);
2191 data += 4;
2192 len -= 4;
2193 }
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02002194 }
Andrzej Pietrasiewiczf0175ab2014-07-09 12:20:08 +02002195 if (flags & (1 << i)) {
2196 os_descs_count = get_unaligned_le32(data);
2197 data += 4;
2198 len -= 4;
2199 };
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02002200
Michal Nazarewiczac8dde12014-02-28 16:50:23 +05302201 /* Read descriptors */
2202 raw_descs = data;
Robert Baldyga6d5c1c72014-08-25 11:16:27 +02002203 helper.ffs = ffs;
Michal Nazarewiczac8dde12014-02-28 16:50:23 +05302204 for (i = 0; i < 3; ++i) {
2205 if (!counts[i])
2206 continue;
Robert Baldyga6d5c1c72014-08-25 11:16:27 +02002207 helper.interfaces_count = 0;
2208 helper.eps_count = 0;
Michal Nazarewiczac8dde12014-02-28 16:50:23 +05302209 ret = ffs_do_descs(counts[i], data, len,
Robert Baldyga6d5c1c72014-08-25 11:16:27 +02002210 __ffs_data_do_entity, &helper);
Michal Nazarewiczac8dde12014-02-28 16:50:23 +05302211 if (ret < 0)
2212 goto error;
Robert Baldyga6d5c1c72014-08-25 11:16:27 +02002213 if (!ffs->eps_count && !ffs->interfaces_count) {
2214 ffs->eps_count = helper.eps_count;
2215 ffs->interfaces_count = helper.interfaces_count;
2216 } else {
2217 if (ffs->eps_count != helper.eps_count) {
2218 ret = -EINVAL;
2219 goto error;
2220 }
2221 if (ffs->interfaces_count != helper.interfaces_count) {
2222 ret = -EINVAL;
2223 goto error;
2224 }
2225 }
Michal Nazarewiczac8dde12014-02-28 16:50:23 +05302226 data += ret;
2227 len -= ret;
2228 }
Andrzej Pietrasiewiczf0175ab2014-07-09 12:20:08 +02002229 if (os_descs_count) {
2230 ret = ffs_do_os_descs(os_descs_count, data, len,
2231 __ffs_data_do_os_desc, ffs);
2232 if (ret < 0)
2233 goto error;
2234 data += ret;
2235 len -= ret;
2236 }
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02002237
Michal Nazarewiczac8dde12014-02-28 16:50:23 +05302238 if (raw_descs == data || len) {
2239 ret = -EINVAL;
2240 goto error;
2241 }
2242
2243 ffs->raw_descs_data = _data;
2244 ffs->raw_descs = raw_descs;
2245 ffs->raw_descs_length = data - raw_descs;
2246 ffs->fs_descs_count = counts[0];
2247 ffs->hs_descs_count = counts[1];
2248 ffs->ss_descs_count = counts[2];
Andrzej Pietrasiewiczf0175ab2014-07-09 12:20:08 +02002249 ffs->ms_os_descs_count = os_descs_count;
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02002250
2251 return 0;
2252
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02002253error:
2254 kfree(_data);
2255 return ret;
2256}
2257
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02002258static int __ffs_data_got_strings(struct ffs_data *ffs,
2259 char *const _data, size_t len)
2260{
2261 u32 str_count, needed_count, lang_count;
2262 struct usb_gadget_strings **stringtabs, *t;
2263 struct usb_string *strings, *s;
2264 const char *data = _data;
2265
2266 ENTER();
2267
2268 if (unlikely(get_unaligned_le32(data) != FUNCTIONFS_STRINGS_MAGIC ||
2269 get_unaligned_le32(data + 4) != len))
2270 goto error;
2271 str_count = get_unaligned_le32(data + 8);
2272 lang_count = get_unaligned_le32(data + 12);
2273
2274 /* if one is zero the other must be zero */
2275 if (unlikely(!str_count != !lang_count))
2276 goto error;
2277
2278 /* Do we have at least as many strings as descriptors need? */
2279 needed_count = ffs->strings_count;
2280 if (unlikely(str_count < needed_count))
2281 goto error;
2282
Michal Nazarewicz5ab54cf2010-11-12 14:29:28 +01002283 /*
2284 * If we don't need any strings just return and free all
2285 * memory.
2286 */
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02002287 if (!needed_count) {
2288 kfree(_data);
2289 return 0;
2290 }
2291
Michal Nazarewicz5ab54cf2010-11-12 14:29:28 +01002292 /* Allocate everything in one chunk so there's less maintenance. */
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02002293 {
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02002294 unsigned i = 0;
Andrzej Pietrasiewicze6f38622013-12-03 15:15:30 +01002295 vla_group(d);
2296 vla_item(d, struct usb_gadget_strings *, stringtabs,
2297 lang_count + 1);
2298 vla_item(d, struct usb_gadget_strings, stringtab, lang_count);
2299 vla_item(d, struct usb_string, strings,
2300 lang_count*(needed_count+1));
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02002301
Andrzej Pietrasiewicze6f38622013-12-03 15:15:30 +01002302 char *vlabuf = kmalloc(vla_group_size(d), GFP_KERNEL);
2303
2304 if (unlikely(!vlabuf)) {
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02002305 kfree(_data);
2306 return -ENOMEM;
2307 }
2308
Andrzej Pietrasiewicze6f38622013-12-03 15:15:30 +01002309 /* Initialize the VLA pointers */
2310 stringtabs = vla_ptr(vlabuf, d, stringtabs);
2311 t = vla_ptr(vlabuf, d, stringtab);
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02002312 i = lang_count;
2313 do {
2314 *stringtabs++ = t++;
2315 } while (--i);
2316 *stringtabs = NULL;
2317
Andrzej Pietrasiewicze6f38622013-12-03 15:15:30 +01002318 /* stringtabs = vlabuf = d_stringtabs for later kfree */
2319 stringtabs = vla_ptr(vlabuf, d, stringtabs);
2320 t = vla_ptr(vlabuf, d, stringtab);
2321 s = vla_ptr(vlabuf, d, strings);
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02002322 strings = s;
2323 }
2324
2325 /* For each language */
2326 data += 16;
2327 len -= 16;
2328
2329 do { /* lang_count > 0 so we can use do-while */
2330 unsigned needed = needed_count;
2331
2332 if (unlikely(len < 3))
2333 goto error_free;
2334 t->language = get_unaligned_le16(data);
2335 t->strings = s;
2336 ++t;
2337
2338 data += 2;
2339 len -= 2;
2340
2341 /* For each string */
2342 do { /* str_count > 0 so we can use do-while */
2343 size_t length = strnlen(data, len);
2344
2345 if (unlikely(length == len))
2346 goto error_free;
2347
Michal Nazarewicz5ab54cf2010-11-12 14:29:28 +01002348 /*
2349 * User may provide more strings then we need,
2350 * if that's the case we simply ignore the
2351 * rest
2352 */
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02002353 if (likely(needed)) {
Michal Nazarewicz5ab54cf2010-11-12 14:29:28 +01002354 /*
2355 * s->id will be set while adding
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02002356 * function to configuration so for
Michal Nazarewicz5ab54cf2010-11-12 14:29:28 +01002357 * now just leave garbage here.
2358 */
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02002359 s->s = data;
2360 --needed;
2361 ++s;
2362 }
2363
2364 data += length + 1;
2365 len -= length + 1;
2366 } while (--str_count);
2367
2368 s->id = 0; /* terminator */
2369 s->s = NULL;
2370 ++s;
2371
2372 } while (--lang_count);
2373
2374 /* Some garbage left? */
2375 if (unlikely(len))
2376 goto error_free;
2377
2378 /* Done! */
2379 ffs->stringtabs = stringtabs;
2380 ffs->raw_strings = _data;
2381
2382 return 0;
2383
2384error_free:
2385 kfree(stringtabs);
2386error:
2387 kfree(_data);
2388 return -EINVAL;
2389}
2390
2391
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02002392/* Events handling and management *******************************************/
2393
2394static void __ffs_event_add(struct ffs_data *ffs,
2395 enum usb_functionfs_event_type type)
2396{
2397 enum usb_functionfs_event_type rem_type1, rem_type2 = type;
2398 int neg = 0;
2399
Michal Nazarewicz5ab54cf2010-11-12 14:29:28 +01002400 /*
2401 * Abort any unhandled setup
2402 *
2403 * We do not need to worry about some cmpxchg() changing value
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02002404 * of ffs->setup_state without holding the lock because when
2405 * state is FFS_SETUP_PENDING cmpxchg() in several places in
Michal Nazarewicz5ab54cf2010-11-12 14:29:28 +01002406 * the source does nothing.
2407 */
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02002408 if (ffs->setup_state == FFS_SETUP_PENDING)
Michal Nazarewicze46318a2014-02-10 10:42:40 +01002409 ffs->setup_state = FFS_SETUP_CANCELLED;
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02002410
Michal Nazarewicz67913bb2014-09-10 17:50:24 +02002411 /*
2412 * Logic of this function guarantees that there are at most four pending
2413 * evens on ffs->ev.types queue. This is important because the queue
2414 * has space for four elements only and __ffs_ep0_read_events function
2415 * depends on that limit as well. If more event types are added, those
2416 * limits have to be revisited or guaranteed to still hold.
2417 */
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02002418 switch (type) {
2419 case FUNCTIONFS_RESUME:
2420 rem_type2 = FUNCTIONFS_SUSPEND;
Michal Nazarewicz5ab54cf2010-11-12 14:29:28 +01002421 /* FALL THROUGH */
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02002422 case FUNCTIONFS_SUSPEND:
2423 case FUNCTIONFS_SETUP:
2424 rem_type1 = type;
Michal Nazarewicz5ab54cf2010-11-12 14:29:28 +01002425 /* Discard all similar events */
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02002426 break;
2427
2428 case FUNCTIONFS_BIND:
2429 case FUNCTIONFS_UNBIND:
2430 case FUNCTIONFS_DISABLE:
2431 case FUNCTIONFS_ENABLE:
Michal Nazarewicz5ab54cf2010-11-12 14:29:28 +01002432 /* Discard everything other then power management. */
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02002433 rem_type1 = FUNCTIONFS_SUSPEND;
2434 rem_type2 = FUNCTIONFS_RESUME;
2435 neg = 1;
2436 break;
2437
2438 default:
Michal Nazarewiczfe00bcb2014-09-11 18:52:49 +02002439 WARN(1, "%d: unknown event, this should not happen\n", type);
2440 return;
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02002441 }
2442
2443 {
2444 u8 *ev = ffs->ev.types, *out = ev;
2445 unsigned n = ffs->ev.count;
2446 for (; n; --n, ++ev)
2447 if ((*ev == rem_type1 || *ev == rem_type2) == neg)
2448 *out++ = *ev;
2449 else
Michal Nazarewiczaa02f172010-11-17 17:09:47 +01002450 pr_vdebug("purging event %d\n", *ev);
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02002451 ffs->ev.count = out - ffs->ev.types;
2452 }
2453
Michal Nazarewiczaa02f172010-11-17 17:09:47 +01002454 pr_vdebug("adding event %d\n", type);
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02002455 ffs->ev.types[ffs->ev.count++] = type;
2456 wake_up_locked(&ffs->ev.waitq);
2457}
2458
2459static void ffs_event_add(struct ffs_data *ffs,
2460 enum usb_functionfs_event_type type)
2461{
2462 unsigned long flags;
2463 spin_lock_irqsave(&ffs->ev.waitq.lock, flags);
2464 __ffs_event_add(ffs, type);
2465 spin_unlock_irqrestore(&ffs->ev.waitq.lock, flags);
2466}
2467
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02002468/* Bind/unbind USB function hooks *******************************************/
2469
Robert Baldyga6d5c1c72014-08-25 11:16:27 +02002470static int ffs_ep_addr2idx(struct ffs_data *ffs, u8 endpoint_address)
2471{
2472 int i;
2473
2474 for (i = 1; i < ARRAY_SIZE(ffs->eps_addrmap); ++i)
2475 if (ffs->eps_addrmap[i] == endpoint_address)
2476 return i;
2477 return -ENOENT;
2478}
2479
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02002480static int __ffs_func_bind_do_descs(enum ffs_entity_type type, u8 *valuep,
2481 struct usb_descriptor_header *desc,
2482 void *priv)
2483{
2484 struct usb_endpoint_descriptor *ds = (void *)desc;
2485 struct ffs_function *func = priv;
2486 struct ffs_ep *ffs_ep;
Dan Carpenter85b06f52014-09-09 15:06:09 +03002487 unsigned ep_desc_id;
2488 int idx;
Manu Gautam8d4e8972014-02-28 16:50:22 +05302489 static const char *speed_names[] = { "full", "high", "super" };
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02002490
2491 if (type != FFS_DESCRIPTOR)
2492 return 0;
2493
Manu Gautam8d4e8972014-02-28 16:50:22 +05302494 /*
2495 * If ss_descriptors is not NULL, we are reading super speed
2496 * descriptors; if hs_descriptors is not NULL, we are reading high
2497 * speed descriptors; otherwise, we are reading full speed
2498 * descriptors.
2499 */
2500 if (func->function.ss_descriptors) {
2501 ep_desc_id = 2;
2502 func->function.ss_descriptors[(long)valuep] = desc;
2503 } else if (func->function.hs_descriptors) {
2504 ep_desc_id = 1;
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02002505 func->function.hs_descriptors[(long)valuep] = desc;
Manu Gautam8d4e8972014-02-28 16:50:22 +05302506 } else {
2507 ep_desc_id = 0;
Sebastian Andrzej Siewior10287ba2012-10-22 22:15:06 +02002508 func->function.fs_descriptors[(long)valuep] = desc;
Manu Gautam8d4e8972014-02-28 16:50:22 +05302509 }
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02002510
2511 if (!desc || desc->bDescriptorType != USB_DT_ENDPOINT)
2512 return 0;
2513
Robert Baldyga6d5c1c72014-08-25 11:16:27 +02002514 idx = ffs_ep_addr2idx(func->ffs, ds->bEndpointAddress) - 1;
2515 if (idx < 0)
2516 return idx;
2517
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02002518 ffs_ep = func->eps + idx;
2519
Manu Gautam8d4e8972014-02-28 16:50:22 +05302520 if (unlikely(ffs_ep->descs[ep_desc_id])) {
2521 pr_err("two %sspeed descriptors for EP %d\n",
2522 speed_names[ep_desc_id],
Michal Nazarewiczd8df0b62010-11-12 14:29:29 +01002523 ds->bEndpointAddress & USB_ENDPOINT_NUMBER_MASK);
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02002524 return -EINVAL;
2525 }
Manu Gautam8d4e8972014-02-28 16:50:22 +05302526 ffs_ep->descs[ep_desc_id] = ds;
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02002527
2528 ffs_dump_mem(": Original ep desc", ds, ds->bLength);
2529 if (ffs_ep->ep) {
2530 ds->bEndpointAddress = ffs_ep->descs[0]->bEndpointAddress;
2531 if (!ds->wMaxPacketSize)
2532 ds->wMaxPacketSize = ffs_ep->descs[0]->wMaxPacketSize;
2533 } else {
2534 struct usb_request *req;
2535 struct usb_ep *ep;
Robert Baldyga1b0bf882014-09-09 08:23:17 +02002536 u8 bEndpointAddress;
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02002537
Robert Baldyga1b0bf882014-09-09 08:23:17 +02002538 /*
2539 * We back up bEndpointAddress because autoconfig overwrites
2540 * it with physical endpoint address.
2541 */
2542 bEndpointAddress = ds->bEndpointAddress;
Michal Nazarewiczaa02f172010-11-17 17:09:47 +01002543 pr_vdebug("autoconfig\n");
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02002544 ep = usb_ep_autoconfig(func->gadget, ds);
2545 if (unlikely(!ep))
2546 return -ENOTSUPP;
Joe Perchescc7e60562010-11-14 19:04:49 -08002547 ep->driver_data = func->eps + idx;
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02002548
2549 req = usb_ep_alloc_request(ep, GFP_KERNEL);
2550 if (unlikely(!req))
2551 return -ENOMEM;
2552
2553 ffs_ep->ep = ep;
2554 ffs_ep->req = req;
2555 func->eps_revmap[ds->bEndpointAddress &
2556 USB_ENDPOINT_NUMBER_MASK] = idx + 1;
Robert Baldyga1b0bf882014-09-09 08:23:17 +02002557 /*
2558 * If we use virtual address mapping, we restore
2559 * original bEndpointAddress value.
2560 */
2561 if (func->ffs->user_flags & FUNCTIONFS_VIRTUAL_ADDR)
2562 ds->bEndpointAddress = bEndpointAddress;
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02002563 }
2564 ffs_dump_mem(": Rewritten ep desc", ds, ds->bLength);
2565
2566 return 0;
2567}
2568
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02002569static int __ffs_func_bind_do_nums(enum ffs_entity_type type, u8 *valuep,
2570 struct usb_descriptor_header *desc,
2571 void *priv)
2572{
2573 struct ffs_function *func = priv;
2574 unsigned idx;
2575 u8 newValue;
2576
2577 switch (type) {
2578 default:
2579 case FFS_DESCRIPTOR:
2580 /* Handled in previous pass by __ffs_func_bind_do_descs() */
2581 return 0;
2582
2583 case FFS_INTERFACE:
2584 idx = *valuep;
2585 if (func->interfaces_nums[idx] < 0) {
2586 int id = usb_interface_id(func->conf, &func->function);
2587 if (unlikely(id < 0))
2588 return id;
2589 func->interfaces_nums[idx] = id;
2590 }
2591 newValue = func->interfaces_nums[idx];
2592 break;
2593
2594 case FFS_STRING:
2595 /* String' IDs are allocated when fsf_data is bound to cdev */
2596 newValue = func->ffs->stringtabs[0]->strings[*valuep - 1].id;
2597 break;
2598
2599 case FFS_ENDPOINT:
Michal Nazarewicz5ab54cf2010-11-12 14:29:28 +01002600 /*
2601 * USB_DT_ENDPOINT are handled in
2602 * __ffs_func_bind_do_descs().
2603 */
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02002604 if (desc->bDescriptorType == USB_DT_ENDPOINT)
2605 return 0;
2606
2607 idx = (*valuep & USB_ENDPOINT_NUMBER_MASK) - 1;
2608 if (unlikely(!func->eps[idx].ep))
2609 return -EINVAL;
2610
2611 {
2612 struct usb_endpoint_descriptor **descs;
2613 descs = func->eps[idx].descs;
2614 newValue = descs[descs[0] ? 0 : 1]->bEndpointAddress;
2615 }
2616 break;
2617 }
2618
Michal Nazarewiczaa02f172010-11-17 17:09:47 +01002619 pr_vdebug("%02x -> %02x\n", *valuep, newValue);
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02002620 *valuep = newValue;
2621 return 0;
2622}
2623
Andrzej Pietrasiewiczf0175ab2014-07-09 12:20:08 +02002624static int __ffs_func_bind_do_os_desc(enum ffs_os_desc_type type,
2625 struct usb_os_desc_header *h, void *data,
2626 unsigned len, void *priv)
2627{
2628 struct ffs_function *func = priv;
2629 u8 length = 0;
2630
2631 switch (type) {
2632 case FFS_OS_DESC_EXT_COMPAT: {
2633 struct usb_ext_compat_desc *desc = data;
2634 struct usb_os_desc_table *t;
2635
2636 t = &func->function.os_desc_table[desc->bFirstInterfaceNumber];
2637 t->if_id = func->interfaces_nums[desc->bFirstInterfaceNumber];
2638 memcpy(t->os_desc->ext_compat_id, &desc->CompatibleID,
2639 ARRAY_SIZE(desc->CompatibleID) +
2640 ARRAY_SIZE(desc->SubCompatibleID));
2641 length = sizeof(*desc);
2642 }
2643 break;
2644 case FFS_OS_DESC_EXT_PROP: {
2645 struct usb_ext_prop_desc *desc = data;
2646 struct usb_os_desc_table *t;
2647 struct usb_os_desc_ext_prop *ext_prop;
2648 char *ext_prop_name;
2649 char *ext_prop_data;
2650
2651 t = &func->function.os_desc_table[h->interface];
2652 t->if_id = func->interfaces_nums[h->interface];
2653
2654 ext_prop = func->ffs->ms_os_descs_ext_prop_avail;
2655 func->ffs->ms_os_descs_ext_prop_avail += sizeof(*ext_prop);
2656
2657 ext_prop->type = le32_to_cpu(desc->dwPropertyDataType);
2658 ext_prop->name_len = le16_to_cpu(desc->wPropertyNameLength);
2659 ext_prop->data_len = le32_to_cpu(*(u32 *)
2660 usb_ext_prop_data_len_ptr(data, ext_prop->name_len));
2661 length = ext_prop->name_len + ext_prop->data_len + 14;
2662
2663 ext_prop_name = func->ffs->ms_os_descs_ext_prop_name_avail;
2664 func->ffs->ms_os_descs_ext_prop_name_avail +=
2665 ext_prop->name_len;
2666
2667 ext_prop_data = func->ffs->ms_os_descs_ext_prop_data_avail;
2668 func->ffs->ms_os_descs_ext_prop_data_avail +=
2669 ext_prop->data_len;
2670 memcpy(ext_prop_data,
2671 usb_ext_prop_data_ptr(data, ext_prop->name_len),
2672 ext_prop->data_len);
2673 /* unicode data reported to the host as "WCHAR"s */
2674 switch (ext_prop->type) {
2675 case USB_EXT_PROP_UNICODE:
2676 case USB_EXT_PROP_UNICODE_ENV:
2677 case USB_EXT_PROP_UNICODE_LINK:
2678 case USB_EXT_PROP_UNICODE_MULTI:
2679 ext_prop->data_len *= 2;
2680 break;
2681 }
2682 ext_prop->data = ext_prop_data;
2683
2684 memcpy(ext_prop_name, usb_ext_prop_name_ptr(data),
2685 ext_prop->name_len);
2686 /* property name reported to the host as "WCHAR"s */
2687 ext_prop->name_len *= 2;
2688 ext_prop->name = ext_prop_name;
2689
2690 t->os_desc->ext_prop_len +=
2691 ext_prop->name_len + ext_prop->data_len + 14;
2692 ++t->os_desc->ext_prop_count;
2693 list_add_tail(&ext_prop->entry, &t->os_desc->ext_prop);
2694 }
2695 break;
2696 default:
2697 pr_vdebug("unknown descriptor: %d\n", type);
2698 }
2699
2700 return length;
2701}
2702
Andrzej Pietrasiewicz5920cda2013-12-03 15:15:33 +01002703static inline struct f_fs_opts *ffs_do_functionfs_bind(struct usb_function *f,
2704 struct usb_configuration *c)
2705{
2706 struct ffs_function *func = ffs_func_from_usb(f);
2707 struct f_fs_opts *ffs_opts =
2708 container_of(f->fi, struct f_fs_opts, func_inst);
2709 int ret;
2710
2711 ENTER();
2712
2713 /*
2714 * Legacy gadget triggers binding in functionfs_ready_callback,
2715 * which already uses locking; taking the same lock here would
2716 * cause a deadlock.
2717 *
2718 * Configfs-enabled gadgets however do need ffs_dev_lock.
2719 */
2720 if (!ffs_opts->no_configfs)
2721 ffs_dev_lock();
2722 ret = ffs_opts->dev->desc_ready ? 0 : -ENODEV;
2723 func->ffs = ffs_opts->dev->ffs_data;
2724 if (!ffs_opts->no_configfs)
2725 ffs_dev_unlock();
2726 if (ret)
2727 return ERR_PTR(ret);
2728
2729 func->conf = c;
2730 func->gadget = c->cdev->gadget;
2731
Andrzej Pietrasiewicz5920cda2013-12-03 15:15:33 +01002732 /*
2733 * in drivers/usb/gadget/configfs.c:configfs_composite_bind()
2734 * configurations are bound in sequence with list_for_each_entry,
2735 * in each configuration its functions are bound in sequence
2736 * with list_for_each_entry, so we assume no race condition
2737 * with regard to ffs_opts->bound access
2738 */
2739 if (!ffs_opts->refcnt) {
2740 ret = functionfs_bind(func->ffs, c->cdev);
2741 if (ret)
2742 return ERR_PTR(ret);
2743 }
2744 ffs_opts->refcnt++;
2745 func->function.strings = func->ffs->stringtabs;
2746
2747 return ffs_opts;
2748}
Andrzej Pietrasiewicz5920cda2013-12-03 15:15:33 +01002749
2750static int _ffs_func_bind(struct usb_configuration *c,
2751 struct usb_function *f)
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02002752{
2753 struct ffs_function *func = ffs_func_from_usb(f);
2754 struct ffs_data *ffs = func->ffs;
2755
2756 const int full = !!func->ffs->fs_descs_count;
2757 const int high = gadget_is_dualspeed(func->gadget) &&
2758 func->ffs->hs_descs_count;
Manu Gautam8d4e8972014-02-28 16:50:22 +05302759 const int super = gadget_is_superspeed(func->gadget) &&
2760 func->ffs->ss_descs_count;
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02002761
Andrzej Pietrasiewiczf0175ab2014-07-09 12:20:08 +02002762 int fs_len, hs_len, ss_len, ret, i;
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02002763
2764 /* Make it a single chunk, less management later on */
Andrzej Pietrasiewicze6f38622013-12-03 15:15:30 +01002765 vla_group(d);
2766 vla_item_with_sz(d, struct ffs_ep, eps, ffs->eps_count);
2767 vla_item_with_sz(d, struct usb_descriptor_header *, fs_descs,
2768 full ? ffs->fs_descs_count + 1 : 0);
2769 vla_item_with_sz(d, struct usb_descriptor_header *, hs_descs,
2770 high ? ffs->hs_descs_count + 1 : 0);
Manu Gautam8d4e8972014-02-28 16:50:22 +05302771 vla_item_with_sz(d, struct usb_descriptor_header *, ss_descs,
2772 super ? ffs->ss_descs_count + 1 : 0);
Andrzej Pietrasiewicze6f38622013-12-03 15:15:30 +01002773 vla_item_with_sz(d, short, inums, ffs->interfaces_count);
Andrzej Pietrasiewiczf0175ab2014-07-09 12:20:08 +02002774 vla_item_with_sz(d, struct usb_os_desc_table, os_desc_table,
2775 c->cdev->use_os_string ? ffs->interfaces_count : 0);
2776 vla_item_with_sz(d, char[16], ext_compat,
2777 c->cdev->use_os_string ? ffs->interfaces_count : 0);
2778 vla_item_with_sz(d, struct usb_os_desc, os_desc,
2779 c->cdev->use_os_string ? ffs->interfaces_count : 0);
2780 vla_item_with_sz(d, struct usb_os_desc_ext_prop, ext_prop,
2781 ffs->ms_os_descs_ext_prop_count);
2782 vla_item_with_sz(d, char, ext_prop_name,
2783 ffs->ms_os_descs_ext_prop_name_len);
2784 vla_item_with_sz(d, char, ext_prop_data,
2785 ffs->ms_os_descs_ext_prop_data_len);
Michal Nazarewiczac8dde12014-02-28 16:50:23 +05302786 vla_item_with_sz(d, char, raw_descs, ffs->raw_descs_length);
Andrzej Pietrasiewicze6f38622013-12-03 15:15:30 +01002787 char *vlabuf;
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02002788
2789 ENTER();
2790
Manu Gautam8d4e8972014-02-28 16:50:22 +05302791 /* Has descriptors only for speeds gadget does not support */
2792 if (unlikely(!(full | high | super)))
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02002793 return -ENOTSUPP;
2794
Andrzej Pietrasiewicze6f38622013-12-03 15:15:30 +01002795 /* Allocate a single chunk, less management later on */
Andrzej Pietrasiewiczf0175ab2014-07-09 12:20:08 +02002796 vlabuf = kzalloc(vla_group_size(d), GFP_KERNEL);
Andrzej Pietrasiewicze6f38622013-12-03 15:15:30 +01002797 if (unlikely(!vlabuf))
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02002798 return -ENOMEM;
2799
Andrzej Pietrasiewiczf0175ab2014-07-09 12:20:08 +02002800 ffs->ms_os_descs_ext_prop_avail = vla_ptr(vlabuf, d, ext_prop);
2801 ffs->ms_os_descs_ext_prop_name_avail =
2802 vla_ptr(vlabuf, d, ext_prop_name);
2803 ffs->ms_os_descs_ext_prop_data_avail =
2804 vla_ptr(vlabuf, d, ext_prop_data);
2805
Michal Nazarewiczac8dde12014-02-28 16:50:23 +05302806 /* Copy descriptors */
2807 memcpy(vla_ptr(vlabuf, d, raw_descs), ffs->raw_descs,
2808 ffs->raw_descs_length);
Manu Gautam8d4e8972014-02-28 16:50:22 +05302809
Andrzej Pietrasiewicze6f38622013-12-03 15:15:30 +01002810 memset(vla_ptr(vlabuf, d, inums), 0xff, d_inums__sz);
2811 for (ret = ffs->eps_count; ret; --ret) {
2812 struct ffs_ep *ptr;
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02002813
Andrzej Pietrasiewicze6f38622013-12-03 15:15:30 +01002814 ptr = vla_ptr(vlabuf, d, eps);
2815 ptr[ret].num = -1;
2816 }
2817
2818 /* Save pointers
2819 * d_eps == vlabuf, func->eps used to kfree vlabuf later
2820 */
2821 func->eps = vla_ptr(vlabuf, d, eps);
2822 func->interfaces_nums = vla_ptr(vlabuf, d, inums);
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02002823
Michal Nazarewicz5ab54cf2010-11-12 14:29:28 +01002824 /*
2825 * Go through all the endpoint descriptors and allocate
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02002826 * endpoints first, so that later we can rewrite the endpoint
Michal Nazarewicz5ab54cf2010-11-12 14:29:28 +01002827 * numbers without worrying that it may be described later on.
2828 */
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02002829 if (likely(full)) {
Andrzej Pietrasiewicze6f38622013-12-03 15:15:30 +01002830 func->function.fs_descriptors = vla_ptr(vlabuf, d, fs_descs);
Manu Gautam8d4e8972014-02-28 16:50:22 +05302831 fs_len = ffs_do_descs(ffs->fs_descs_count,
2832 vla_ptr(vlabuf, d, raw_descs),
2833 d_raw_descs__sz,
2834 __ffs_func_bind_do_descs, func);
2835 if (unlikely(fs_len < 0)) {
2836 ret = fs_len;
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02002837 goto error;
Manu Gautam8d4e8972014-02-28 16:50:22 +05302838 }
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02002839 } else {
Manu Gautam8d4e8972014-02-28 16:50:22 +05302840 fs_len = 0;
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02002841 }
2842
2843 if (likely(high)) {
Andrzej Pietrasiewicze6f38622013-12-03 15:15:30 +01002844 func->function.hs_descriptors = vla_ptr(vlabuf, d, hs_descs);
Manu Gautam8d4e8972014-02-28 16:50:22 +05302845 hs_len = ffs_do_descs(ffs->hs_descs_count,
2846 vla_ptr(vlabuf, d, raw_descs) + fs_len,
2847 d_raw_descs__sz - fs_len,
2848 __ffs_func_bind_do_descs, func);
2849 if (unlikely(hs_len < 0)) {
2850 ret = hs_len;
2851 goto error;
2852 }
2853 } else {
2854 hs_len = 0;
2855 }
2856
2857 if (likely(super)) {
2858 func->function.ss_descriptors = vla_ptr(vlabuf, d, ss_descs);
Andrzej Pietrasiewiczf0175ab2014-07-09 12:20:08 +02002859 ss_len = ffs_do_descs(ffs->ss_descs_count,
Manu Gautam8d4e8972014-02-28 16:50:22 +05302860 vla_ptr(vlabuf, d, raw_descs) + fs_len + hs_len,
2861 d_raw_descs__sz - fs_len - hs_len,
2862 __ffs_func_bind_do_descs, func);
Andrzej Pietrasiewiczf0175ab2014-07-09 12:20:08 +02002863 if (unlikely(ss_len < 0)) {
2864 ret = ss_len;
Robert Baldyga88548942013-09-27 12:28:54 +02002865 goto error;
Andrzej Pietrasiewiczf0175ab2014-07-09 12:20:08 +02002866 }
2867 } else {
2868 ss_len = 0;
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02002869 }
2870
Michal Nazarewicz5ab54cf2010-11-12 14:29:28 +01002871 /*
2872 * Now handle interface numbers allocation and interface and
2873 * endpoint numbers rewriting. We can do that in one go
2874 * now.
2875 */
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02002876 ret = ffs_do_descs(ffs->fs_descs_count +
Manu Gautam8d4e8972014-02-28 16:50:22 +05302877 (high ? ffs->hs_descs_count : 0) +
2878 (super ? ffs->ss_descs_count : 0),
Andrzej Pietrasiewicze6f38622013-12-03 15:15:30 +01002879 vla_ptr(vlabuf, d, raw_descs), d_raw_descs__sz,
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02002880 __ffs_func_bind_do_nums, func);
2881 if (unlikely(ret < 0))
2882 goto error;
2883
Andrzej Pietrasiewiczf0175ab2014-07-09 12:20:08 +02002884 func->function.os_desc_table = vla_ptr(vlabuf, d, os_desc_table);
2885 if (c->cdev->use_os_string)
2886 for (i = 0; i < ffs->interfaces_count; ++i) {
2887 struct usb_os_desc *desc;
2888
2889 desc = func->function.os_desc_table[i].os_desc =
2890 vla_ptr(vlabuf, d, os_desc) +
2891 i * sizeof(struct usb_os_desc);
2892 desc->ext_compat_id =
2893 vla_ptr(vlabuf, d, ext_compat) + i * 16;
2894 INIT_LIST_HEAD(&desc->ext_prop);
2895 }
2896 ret = ffs_do_os_descs(ffs->ms_os_descs_count,
2897 vla_ptr(vlabuf, d, raw_descs) +
2898 fs_len + hs_len + ss_len,
2899 d_raw_descs__sz - fs_len - hs_len - ss_len,
2900 __ffs_func_bind_do_os_desc, func);
2901 if (unlikely(ret < 0))
2902 goto error;
2903 func->function.os_desc_n =
2904 c->cdev->use_os_string ? ffs->interfaces_count : 0;
2905
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02002906 /* And we're done */
2907 ffs_event_add(ffs, FUNCTIONFS_BIND);
2908 return 0;
2909
2910error:
2911 /* XXX Do we need to release all claimed endpoints here? */
2912 return ret;
2913}
2914
Andrzej Pietrasiewicz5920cda2013-12-03 15:15:33 +01002915static int ffs_func_bind(struct usb_configuration *c,
2916 struct usb_function *f)
2917{
Andrzej Pietrasiewicz5920cda2013-12-03 15:15:33 +01002918 struct f_fs_opts *ffs_opts = ffs_do_functionfs_bind(f, c);
2919
2920 if (IS_ERR(ffs_opts))
2921 return PTR_ERR(ffs_opts);
Andrzej Pietrasiewicz5920cda2013-12-03 15:15:33 +01002922
2923 return _ffs_func_bind(c, f);
2924}
2925
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02002926
2927/* Other USB function hooks *************************************************/
2928
Robert Baldyga18d6b32f2014-12-18 09:55:10 +01002929static void ffs_reset_work(struct work_struct *work)
2930{
2931 struct ffs_data *ffs = container_of(work,
2932 struct ffs_data, reset_work);
2933 ffs_data_reset(ffs);
2934}
2935
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02002936static int ffs_func_set_alt(struct usb_function *f,
2937 unsigned interface, unsigned alt)
2938{
2939 struct ffs_function *func = ffs_func_from_usb(f);
2940 struct ffs_data *ffs = func->ffs;
2941 int ret = 0, intf;
2942
2943 if (alt != (unsigned)-1) {
2944 intf = ffs_func_revmap_intf(func, interface);
2945 if (unlikely(intf < 0))
2946 return intf;
2947 }
2948
2949 if (ffs->func)
2950 ffs_func_eps_disable(ffs->func);
2951
Robert Baldyga18d6b32f2014-12-18 09:55:10 +01002952 if (ffs->state == FFS_DEACTIVATED) {
2953 ffs->state = FFS_CLOSING;
2954 INIT_WORK(&ffs->reset_work, ffs_reset_work);
2955 schedule_work(&ffs->reset_work);
2956 return -ENODEV;
2957 }
2958
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02002959 if (ffs->state != FFS_ACTIVE)
2960 return -ENODEV;
2961
2962 if (alt == (unsigned)-1) {
2963 ffs->func = NULL;
2964 ffs_event_add(ffs, FUNCTIONFS_DISABLE);
2965 return 0;
2966 }
2967
2968 ffs->func = func;
2969 ret = ffs_func_eps_enable(func);
2970 if (likely(ret >= 0))
2971 ffs_event_add(ffs, FUNCTIONFS_ENABLE);
2972 return ret;
2973}
2974
2975static void ffs_func_disable(struct usb_function *f)
2976{
2977 ffs_func_set_alt(f, 0, (unsigned)-1);
2978}
2979
2980static int ffs_func_setup(struct usb_function *f,
2981 const struct usb_ctrlrequest *creq)
2982{
2983 struct ffs_function *func = ffs_func_from_usb(f);
2984 struct ffs_data *ffs = func->ffs;
2985 unsigned long flags;
2986 int ret;
2987
2988 ENTER();
2989
Michal Nazarewiczaa02f172010-11-17 17:09:47 +01002990 pr_vdebug("creq->bRequestType = %02x\n", creq->bRequestType);
2991 pr_vdebug("creq->bRequest = %02x\n", creq->bRequest);
2992 pr_vdebug("creq->wValue = %04x\n", le16_to_cpu(creq->wValue));
2993 pr_vdebug("creq->wIndex = %04x\n", le16_to_cpu(creq->wIndex));
2994 pr_vdebug("creq->wLength = %04x\n", le16_to_cpu(creq->wLength));
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02002995
Michal Nazarewicz5ab54cf2010-11-12 14:29:28 +01002996 /*
2997 * Most requests directed to interface go through here
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02002998 * (notable exceptions are set/get interface) so we need to
2999 * handle them. All other either handled by composite or
3000 * passed to usb_configuration->setup() (if one is set). No
3001 * matter, we will handle requests directed to endpoint here
3002 * as well (as it's straightforward) but what to do with any
Michal Nazarewicz5ab54cf2010-11-12 14:29:28 +01003003 * other request?
3004 */
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02003005 if (ffs->state != FFS_ACTIVE)
3006 return -ENODEV;
3007
3008 switch (creq->bRequestType & USB_RECIP_MASK) {
3009 case USB_RECIP_INTERFACE:
3010 ret = ffs_func_revmap_intf(func, le16_to_cpu(creq->wIndex));
3011 if (unlikely(ret < 0))
3012 return ret;
3013 break;
3014
3015 case USB_RECIP_ENDPOINT:
3016 ret = ffs_func_revmap_ep(func, le16_to_cpu(creq->wIndex));
3017 if (unlikely(ret < 0))
3018 return ret;
Robert Baldyga1b0bf882014-09-09 08:23:17 +02003019 if (func->ffs->user_flags & FUNCTIONFS_VIRTUAL_ADDR)
3020 ret = func->ffs->eps_addrmap[ret];
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02003021 break;
3022
3023 default:
3024 return -EOPNOTSUPP;
3025 }
3026
3027 spin_lock_irqsave(&ffs->ev.waitq.lock, flags);
3028 ffs->ev.setup = *creq;
3029 ffs->ev.setup.wIndex = cpu_to_le16(ret);
3030 __ffs_event_add(ffs, FUNCTIONFS_SETUP);
3031 spin_unlock_irqrestore(&ffs->ev.waitq.lock, flags);
3032
3033 return 0;
3034}
3035
3036static void ffs_func_suspend(struct usb_function *f)
3037{
3038 ENTER();
3039 ffs_event_add(ffs_func_from_usb(f)->ffs, FUNCTIONFS_SUSPEND);
3040}
3041
3042static void ffs_func_resume(struct usb_function *f)
3043{
3044 ENTER();
3045 ffs_event_add(ffs_func_from_usb(f)->ffs, FUNCTIONFS_RESUME);
3046}
3047
3048
Michal Nazarewicz5ab54cf2010-11-12 14:29:28 +01003049/* Endpoint and interface numbers reverse mapping ***************************/
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02003050
3051static int ffs_func_revmap_ep(struct ffs_function *func, u8 num)
3052{
3053 num = func->eps_revmap[num & USB_ENDPOINT_NUMBER_MASK];
3054 return num ? num : -EDOM;
3055}
3056
3057static int ffs_func_revmap_intf(struct ffs_function *func, u8 intf)
3058{
3059 short *nums = func->interfaces_nums;
3060 unsigned count = func->ffs->interfaces_count;
3061
3062 for (; count; --count, ++nums) {
3063 if (*nums >= 0 && *nums == intf)
3064 return nums - func->interfaces_nums;
3065 }
3066
3067 return -EDOM;
3068}
3069
3070
Andrzej Pietrasiewicz4b187fc2013-12-03 15:15:32 +01003071/* Devices management *******************************************************/
3072
3073static LIST_HEAD(ffs_devices);
3074
Andrzej Pietrasiewiczda13a772014-01-13 16:49:38 +01003075static struct ffs_dev *_ffs_do_find_dev(const char *name)
Andrzej Pietrasiewicz4b187fc2013-12-03 15:15:32 +01003076{
3077 struct ffs_dev *dev;
3078
3079 list_for_each_entry(dev, &ffs_devices, entry) {
3080 if (!dev->name || !name)
3081 continue;
3082 if (strcmp(dev->name, name) == 0)
3083 return dev;
3084 }
Andrzej Pietrasiewiczb6584992013-12-03 15:15:36 +01003085
Andrzej Pietrasiewicz4b187fc2013-12-03 15:15:32 +01003086 return NULL;
3087}
3088
3089/*
3090 * ffs_lock must be taken by the caller of this function
3091 */
Andrzej Pietrasiewiczda13a772014-01-13 16:49:38 +01003092static struct ffs_dev *_ffs_get_single_dev(void)
Andrzej Pietrasiewicz4b187fc2013-12-03 15:15:32 +01003093{
3094 struct ffs_dev *dev;
3095
3096 if (list_is_singular(&ffs_devices)) {
3097 dev = list_first_entry(&ffs_devices, struct ffs_dev, entry);
3098 if (dev->single)
3099 return dev;
3100 }
3101
3102 return NULL;
3103}
3104
3105/*
3106 * ffs_lock must be taken by the caller of this function
3107 */
Andrzej Pietrasiewiczda13a772014-01-13 16:49:38 +01003108static struct ffs_dev *_ffs_find_dev(const char *name)
Andrzej Pietrasiewicz4b187fc2013-12-03 15:15:32 +01003109{
3110 struct ffs_dev *dev;
3111
Andrzej Pietrasiewiczda13a772014-01-13 16:49:38 +01003112 dev = _ffs_get_single_dev();
Andrzej Pietrasiewicz4b187fc2013-12-03 15:15:32 +01003113 if (dev)
3114 return dev;
3115
Andrzej Pietrasiewiczda13a772014-01-13 16:49:38 +01003116 return _ffs_do_find_dev(name);
Andrzej Pietrasiewicz4b187fc2013-12-03 15:15:32 +01003117}
3118
Andrzej Pietrasiewiczb6584992013-12-03 15:15:36 +01003119/* Configfs support *********************************************************/
3120
3121static inline struct f_fs_opts *to_ffs_opts(struct config_item *item)
3122{
3123 return container_of(to_config_group(item), struct f_fs_opts,
3124 func_inst.group);
3125}
3126
3127static void ffs_attr_release(struct config_item *item)
3128{
3129 struct f_fs_opts *opts = to_ffs_opts(item);
3130
3131 usb_put_function_instance(&opts->func_inst);
3132}
3133
3134static struct configfs_item_operations ffs_item_ops = {
3135 .release = ffs_attr_release,
3136};
3137
3138static struct config_item_type ffs_func_type = {
3139 .ct_item_ops = &ffs_item_ops,
3140 .ct_owner = THIS_MODULE,
3141};
3142
3143
Andrzej Pietrasiewicz5920cda2013-12-03 15:15:33 +01003144/* Function registration interface ******************************************/
3145
Andrzej Pietrasiewicz5920cda2013-12-03 15:15:33 +01003146static void ffs_free_inst(struct usb_function_instance *f)
3147{
3148 struct f_fs_opts *opts;
3149
3150 opts = to_f_fs_opts(f);
3151 ffs_dev_lock();
Andrzej Pietrasiewiczda13a772014-01-13 16:49:38 +01003152 _ffs_free_dev(opts->dev);
Andrzej Pietrasiewicz5920cda2013-12-03 15:15:33 +01003153 ffs_dev_unlock();
3154 kfree(opts);
3155}
3156
Andrzej Pietrasiewiczb6584992013-12-03 15:15:36 +01003157#define MAX_INST_NAME_LEN 40
3158
3159static int ffs_set_inst_name(struct usb_function_instance *fi, const char *name)
3160{
3161 struct f_fs_opts *opts;
3162 char *ptr;
3163 const char *tmp;
3164 int name_len, ret;
3165
3166 name_len = strlen(name) + 1;
3167 if (name_len > MAX_INST_NAME_LEN)
3168 return -ENAMETOOLONG;
3169
3170 ptr = kstrndup(name, name_len, GFP_KERNEL);
3171 if (!ptr)
3172 return -ENOMEM;
3173
3174 opts = to_f_fs_opts(fi);
3175 tmp = NULL;
3176
3177 ffs_dev_lock();
3178
3179 tmp = opts->dev->name_allocated ? opts->dev->name : NULL;
3180 ret = _ffs_name_dev(opts->dev, ptr);
3181 if (ret) {
3182 kfree(ptr);
3183 ffs_dev_unlock();
3184 return ret;
3185 }
3186 opts->dev->name_allocated = true;
3187
3188 ffs_dev_unlock();
3189
3190 kfree(tmp);
3191
3192 return 0;
3193}
3194
Andrzej Pietrasiewicz5920cda2013-12-03 15:15:33 +01003195static struct usb_function_instance *ffs_alloc_inst(void)
3196{
3197 struct f_fs_opts *opts;
3198 struct ffs_dev *dev;
3199
3200 opts = kzalloc(sizeof(*opts), GFP_KERNEL);
3201 if (!opts)
3202 return ERR_PTR(-ENOMEM);
3203
Andrzej Pietrasiewiczb6584992013-12-03 15:15:36 +01003204 opts->func_inst.set_inst_name = ffs_set_inst_name;
Andrzej Pietrasiewicz5920cda2013-12-03 15:15:33 +01003205 opts->func_inst.free_func_inst = ffs_free_inst;
3206 ffs_dev_lock();
Andrzej Pietrasiewiczda13a772014-01-13 16:49:38 +01003207 dev = _ffs_alloc_dev();
Andrzej Pietrasiewicz5920cda2013-12-03 15:15:33 +01003208 ffs_dev_unlock();
3209 if (IS_ERR(dev)) {
3210 kfree(opts);
3211 return ERR_CAST(dev);
3212 }
3213 opts->dev = dev;
Andrzej Pietrasiewiczb6584992013-12-03 15:15:36 +01003214 dev->opts = opts;
Andrzej Pietrasiewicz5920cda2013-12-03 15:15:33 +01003215
Andrzej Pietrasiewiczb6584992013-12-03 15:15:36 +01003216 config_group_init_type_name(&opts->func_inst.group, "",
3217 &ffs_func_type);
Andrzej Pietrasiewicz5920cda2013-12-03 15:15:33 +01003218 return &opts->func_inst;
3219}
3220
3221static void ffs_free(struct usb_function *f)
3222{
3223 kfree(ffs_func_from_usb(f));
3224}
3225
3226static void ffs_func_unbind(struct usb_configuration *c,
3227 struct usb_function *f)
3228{
3229 struct ffs_function *func = ffs_func_from_usb(f);
3230 struct ffs_data *ffs = func->ffs;
3231 struct f_fs_opts *opts =
3232 container_of(f->fi, struct f_fs_opts, func_inst);
3233 struct ffs_ep *ep = func->eps;
3234 unsigned count = ffs->eps_count;
3235 unsigned long flags;
3236
3237 ENTER();
3238 if (ffs->func == func) {
3239 ffs_func_eps_disable(func);
3240 ffs->func = NULL;
3241 }
3242
3243 if (!--opts->refcnt)
3244 functionfs_unbind(ffs);
3245
3246 /* cleanup after autoconfig */
3247 spin_lock_irqsave(&func->ffs->eps_lock, flags);
3248 do {
3249 if (ep->ep && ep->req)
3250 usb_ep_free_request(ep->ep, ep->req);
3251 ep->req = NULL;
3252 ++ep;
3253 } while (--count);
3254 spin_unlock_irqrestore(&func->ffs->eps_lock, flags);
3255 kfree(func->eps);
3256 func->eps = NULL;
3257 /*
3258 * eps, descriptors and interfaces_nums are allocated in the
3259 * same chunk so only one free is required.
3260 */
3261 func->function.fs_descriptors = NULL;
3262 func->function.hs_descriptors = NULL;
Manu Gautam8d4e8972014-02-28 16:50:22 +05303263 func->function.ss_descriptors = NULL;
Andrzej Pietrasiewicz5920cda2013-12-03 15:15:33 +01003264 func->interfaces_nums = NULL;
3265
3266 ffs_event_add(ffs, FUNCTIONFS_UNBIND);
3267}
3268
3269static struct usb_function *ffs_alloc(struct usb_function_instance *fi)
3270{
3271 struct ffs_function *func;
3272
3273 ENTER();
3274
3275 func = kzalloc(sizeof(*func), GFP_KERNEL);
3276 if (unlikely(!func))
3277 return ERR_PTR(-ENOMEM);
3278
3279 func->function.name = "Function FS Gadget";
3280
3281 func->function.bind = ffs_func_bind;
3282 func->function.unbind = ffs_func_unbind;
3283 func->function.set_alt = ffs_func_set_alt;
3284 func->function.disable = ffs_func_disable;
3285 func->function.setup = ffs_func_setup;
3286 func->function.suspend = ffs_func_suspend;
3287 func->function.resume = ffs_func_resume;
3288 func->function.free_func = ffs_free;
3289
3290 return &func->function;
3291}
3292
Andrzej Pietrasiewicz4b187fc2013-12-03 15:15:32 +01003293/*
3294 * ffs_lock must be taken by the caller of this function
3295 */
Andrzej Pietrasiewiczda13a772014-01-13 16:49:38 +01003296static struct ffs_dev *_ffs_alloc_dev(void)
Andrzej Pietrasiewicz4b187fc2013-12-03 15:15:32 +01003297{
3298 struct ffs_dev *dev;
3299 int ret;
3300
Andrzej Pietrasiewiczda13a772014-01-13 16:49:38 +01003301 if (_ffs_get_single_dev())
Andrzej Pietrasiewicz4b187fc2013-12-03 15:15:32 +01003302 return ERR_PTR(-EBUSY);
3303
3304 dev = kzalloc(sizeof(*dev), GFP_KERNEL);
3305 if (!dev)
3306 return ERR_PTR(-ENOMEM);
3307
3308 if (list_empty(&ffs_devices)) {
3309 ret = functionfs_init();
3310 if (ret) {
3311 kfree(dev);
3312 return ERR_PTR(ret);
3313 }
3314 }
3315
3316 list_add(&dev->entry, &ffs_devices);
3317
3318 return dev;
3319}
3320
3321/*
3322 * ffs_lock must be taken by the caller of this function
3323 * The caller is responsible for "name" being available whenever f_fs needs it
3324 */
3325static int _ffs_name_dev(struct ffs_dev *dev, const char *name)
3326{
3327 struct ffs_dev *existing;
3328
Andrzej Pietrasiewiczda13a772014-01-13 16:49:38 +01003329 existing = _ffs_do_find_dev(name);
Andrzej Pietrasiewicz4b187fc2013-12-03 15:15:32 +01003330 if (existing)
3331 return -EBUSY;
Andrzej Pietrasiewiczab13cb02014-01-13 16:49:36 +01003332
Andrzej Pietrasiewicz4b187fc2013-12-03 15:15:32 +01003333 dev->name = name;
3334
3335 return 0;
3336}
3337
3338/*
3339 * The caller is responsible for "name" being available whenever f_fs needs it
3340 */
3341int ffs_name_dev(struct ffs_dev *dev, const char *name)
3342{
3343 int ret;
3344
3345 ffs_dev_lock();
3346 ret = _ffs_name_dev(dev, name);
3347 ffs_dev_unlock();
3348
3349 return ret;
3350}
Felipe Balbi0700faa2014-04-01 13:19:32 -05003351EXPORT_SYMBOL_GPL(ffs_name_dev);
Andrzej Pietrasiewicz4b187fc2013-12-03 15:15:32 +01003352
3353int ffs_single_dev(struct ffs_dev *dev)
3354{
3355 int ret;
3356
3357 ret = 0;
3358 ffs_dev_lock();
3359
3360 if (!list_is_singular(&ffs_devices))
3361 ret = -EBUSY;
3362 else
3363 dev->single = true;
3364
3365 ffs_dev_unlock();
3366 return ret;
3367}
Felipe Balbi0700faa2014-04-01 13:19:32 -05003368EXPORT_SYMBOL_GPL(ffs_single_dev);
Andrzej Pietrasiewicz4b187fc2013-12-03 15:15:32 +01003369
3370/*
3371 * ffs_lock must be taken by the caller of this function
3372 */
Andrzej Pietrasiewiczda13a772014-01-13 16:49:38 +01003373static void _ffs_free_dev(struct ffs_dev *dev)
Andrzej Pietrasiewicz4b187fc2013-12-03 15:15:32 +01003374{
3375 list_del(&dev->entry);
Andrzej Pietrasiewiczb6584992013-12-03 15:15:36 +01003376 if (dev->name_allocated)
3377 kfree(dev->name);
Andrzej Pietrasiewicz4b187fc2013-12-03 15:15:32 +01003378 kfree(dev);
3379 if (list_empty(&ffs_devices))
3380 functionfs_cleanup();
3381}
3382
3383static void *ffs_acquire_dev(const char *dev_name)
3384{
3385 struct ffs_dev *ffs_dev;
3386
3387 ENTER();
3388 ffs_dev_lock();
3389
Andrzej Pietrasiewiczda13a772014-01-13 16:49:38 +01003390 ffs_dev = _ffs_find_dev(dev_name);
Andrzej Pietrasiewicz4b187fc2013-12-03 15:15:32 +01003391 if (!ffs_dev)
Krzysztof Opasiakd668b4f2014-05-21 14:05:35 +02003392 ffs_dev = ERR_PTR(-ENOENT);
Andrzej Pietrasiewicz4b187fc2013-12-03 15:15:32 +01003393 else if (ffs_dev->mounted)
3394 ffs_dev = ERR_PTR(-EBUSY);
Andrzej Pietrasiewicz5920cda2013-12-03 15:15:33 +01003395 else if (ffs_dev->ffs_acquire_dev_callback &&
3396 ffs_dev->ffs_acquire_dev_callback(ffs_dev))
Krzysztof Opasiakd668b4f2014-05-21 14:05:35 +02003397 ffs_dev = ERR_PTR(-ENOENT);
Andrzej Pietrasiewicz4b187fc2013-12-03 15:15:32 +01003398 else
3399 ffs_dev->mounted = true;
3400
3401 ffs_dev_unlock();
3402 return ffs_dev;
3403}
3404
3405static void ffs_release_dev(struct ffs_data *ffs_data)
3406{
3407 struct ffs_dev *ffs_dev;
3408
3409 ENTER();
3410 ffs_dev_lock();
3411
3412 ffs_dev = ffs_data->private_data;
Andrzej Pietrasiewiczea365922014-01-13 16:49:35 +01003413 if (ffs_dev) {
Andrzej Pietrasiewicz4b187fc2013-12-03 15:15:32 +01003414 ffs_dev->mounted = false;
Andrzej Pietrasiewiczea365922014-01-13 16:49:35 +01003415
3416 if (ffs_dev->ffs_release_dev_callback)
3417 ffs_dev->ffs_release_dev_callback(ffs_dev);
3418 }
Andrzej Pietrasiewicz4b187fc2013-12-03 15:15:32 +01003419
3420 ffs_dev_unlock();
3421}
3422
3423static int ffs_ready(struct ffs_data *ffs)
3424{
3425 struct ffs_dev *ffs_obj;
3426 int ret = 0;
3427
3428 ENTER();
3429 ffs_dev_lock();
3430
3431 ffs_obj = ffs->private_data;
3432 if (!ffs_obj) {
3433 ret = -EINVAL;
3434 goto done;
3435 }
3436 if (WARN_ON(ffs_obj->desc_ready)) {
3437 ret = -EBUSY;
3438 goto done;
3439 }
3440
3441 ffs_obj->desc_ready = true;
3442 ffs_obj->ffs_data = ffs;
3443
3444 if (ffs_obj->ffs_ready_callback)
3445 ret = ffs_obj->ffs_ready_callback(ffs);
3446
3447done:
3448 ffs_dev_unlock();
3449 return ret;
3450}
3451
3452static void ffs_closed(struct ffs_data *ffs)
3453{
3454 struct ffs_dev *ffs_obj;
3455
3456 ENTER();
3457 ffs_dev_lock();
3458
3459 ffs_obj = ffs->private_data;
3460 if (!ffs_obj)
3461 goto done;
3462
3463 ffs_obj->desc_ready = false;
3464
3465 if (ffs_obj->ffs_closed_callback)
3466 ffs_obj->ffs_closed_callback(ffs);
Andrzej Pietrasiewiczb6584992013-12-03 15:15:36 +01003467
3468 if (!ffs_obj->opts || ffs_obj->opts->no_configfs
3469 || !ffs_obj->opts->func_inst.group.cg_item.ci_parent)
3470 goto done;
3471
3472 unregister_gadget_item(ffs_obj->opts->
3473 func_inst.group.cg_item.ci_parent->ci_parent);
Andrzej Pietrasiewicz4b187fc2013-12-03 15:15:32 +01003474done:
3475 ffs_dev_unlock();
3476}
3477
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02003478/* Misc helper functions ****************************************************/
3479
3480static int ffs_mutex_lock(struct mutex *mutex, unsigned nonblock)
3481{
3482 return nonblock
3483 ? likely(mutex_trylock(mutex)) ? 0 : -EAGAIN
3484 : mutex_lock_interruptible(mutex);
3485}
3486
Al Viro260ef312012-09-26 21:43:45 -04003487static char *ffs_prepare_buffer(const char __user *buf, size_t len)
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02003488{
3489 char *data;
3490
3491 if (unlikely(!len))
3492 return NULL;
3493
3494 data = kmalloc(len, GFP_KERNEL);
3495 if (unlikely(!data))
3496 return ERR_PTR(-ENOMEM);
3497
3498 if (unlikely(__copy_from_user(data, buf, len))) {
3499 kfree(data);
3500 return ERR_PTR(-EFAULT);
3501 }
3502
Michal Nazarewiczaa02f172010-11-17 17:09:47 +01003503 pr_vdebug("Buffer from user space:\n");
Michal Nazarewiczddf8abd2010-05-05 12:53:14 +02003504 ffs_dump_mem("", data, len);
3505
3506 return data;
3507}
Andrzej Pietrasiewicz5920cda2013-12-03 15:15:33 +01003508
Andrzej Pietrasiewicz5920cda2013-12-03 15:15:33 +01003509DECLARE_USB_FUNCTION_INIT(ffs, ffs_alloc_inst, ffs_alloc);
3510MODULE_LICENSE("GPL");
3511MODULE_AUTHOR("Michal Nazarewicz");