projects / deliverable / linux.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
usb: gadget: FunctionFS: use consistent naming with regard to ffs_lock
[deliverable/linux.git] / drivers / usb / gadget / f_fs.c
1 /*
2 * f_fs.c -- user mode file system API for USB composite function controllers
3 *
4 * Copyright (C) 2010 Samsung Electronics
5 * Author: Michal Nazarewicz <mina86@mina86.com>
6 *
7 * Based on inode.c (GadgetFS) which was:
8 * Copyright (C) 2003-2004 David Brownell
9 * Copyright (C) 2003 Agilent Technologies
10 *
11 * This program is free software; you can redistribute it and/or modify
12 * it under the terms of the GNU General Public License as published by
13 * the Free Software Foundation; either version 2 of the License, or
14 * (at your option) any later version.
15 */
16
17
18 /* #define DEBUG */
19 /* #define VERBOSE_DEBUG */
20
21 #include <linux/blkdev.h>
22 #include <linux/pagemap.h>
23 #include <linux/export.h>
24 #include <linux/hid.h>
25 #include <linux/module.h>
26 #include <asm/unaligned.h>
27
28 #include <linux/usb/composite.h>
29 #include <linux/usb/functionfs.h>
30
31 #include "u_fs.h"
32 #include "configfs.h"
33
34 #define FUNCTIONFS_MAGIC 0xa647361 /* Chosen by a honest dice roll ;) */
35
36 /* Variable Length Array Macros **********************************************/
37 #define vla_group(groupname) size_t groupname##__next = 0
38 #define vla_group_size(groupname) groupname##__next
39
40 #define vla_item(groupname, type, name, n) \
41 size_t groupname##_##name##__offset = ({ \
42 size_t align_mask = __alignof__(type) - 1; \
43 size_t offset = (groupname##__next + align_mask) & ~align_mask;\
44 size_t size = (n) * sizeof(type); \
45 groupname##__next = offset + size; \
46 offset; \
47 })
48
49 #define vla_item_with_sz(groupname, type, name, n) \
50 size_t groupname##_##name##__sz = (n) * sizeof(type); \
51 size_t groupname##_##name##__offset = ({ \
52 size_t align_mask = __alignof__(type) - 1; \
53 size_t offset = (groupname##__next + align_mask) & ~align_mask;\
54 size_t size = groupname##_##name##__sz; \
55 groupname##__next = offset + size; \
56 offset; \
57 })
58
59 #define vla_ptr(ptr, groupname, name) \
60 ((void *) ((char *)ptr + groupname##_##name##__offset))
61
62 /* Reference counter handling */
63 static void ffs_data_get(struct ffs_data *ffs);
64 static void ffs_data_put(struct ffs_data *ffs);
65 /* Creates new ffs_data object. */
66 static struct ffs_data *__must_check ffs_data_new(void) __attribute__((malloc));
67
68 /* Opened counter handling. */
69 static void ffs_data_opened(struct ffs_data *ffs);
70 static void ffs_data_closed(struct ffs_data *ffs);
71
72 /* Called with ffs->mutex held; take over ownership of data. */
73 static int __must_check
74 __ffs_data_got_descs(struct ffs_data *ffs, char *data, size_t len);
75 static int __must_check
76 __ffs_data_got_strings(struct ffs_data *ffs, char *data, size_t len);
77
78
79 /* The function structure ***************************************************/
80
81 struct ffs_ep;
82
83 struct ffs_function {
84 struct usb_configuration *conf;
85 struct usb_gadget *gadget;
86 struct ffs_data *ffs;
87
88 struct ffs_ep *eps;
89 u8 eps_revmap[16];
90 short *interfaces_nums;
91
92 struct usb_function function;
93 };
94
95
96 static struct ffs_function *ffs_func_from_usb(struct usb_function *f)
97 {
98 return container_of(f, struct ffs_function, function);
99 }
100
101
102 static void ffs_func_eps_disable(struct ffs_function *func);
103 static int __must_check ffs_func_eps_enable(struct ffs_function *func);
104
105 static int ffs_func_bind(struct usb_configuration *,
106 struct usb_function *);
107 static int ffs_func_set_alt(struct usb_function *, unsigned, unsigned);
108 static void ffs_func_disable(struct usb_function *);
109 static int ffs_func_setup(struct usb_function *,
110 const struct usb_ctrlrequest *);
111 static void ffs_func_suspend(struct usb_function *);
112 static void ffs_func_resume(struct usb_function *);
113
114
115 static int ffs_func_revmap_ep(struct ffs_function *func, u8 num);
116 static int ffs_func_revmap_intf(struct ffs_function *func, u8 intf);
117
118
119 /* The endpoints structures *************************************************/
120
121 struct ffs_ep {
122 struct usb_ep *ep; /* P: ffs->eps_lock */
123 struct usb_request *req; /* P: epfile->mutex */
124
125 /* [0]: full speed, [1]: high speed */
126 struct usb_endpoint_descriptor *descs[2];
127
128 u8 num;
129
130 int status; /* P: epfile->mutex */
131 };
132
133 struct ffs_epfile {
134 /* Protects ep->ep and ep->req. */
135 struct mutex mutex;
136 wait_queue_head_t wait;
137
138 struct ffs_data *ffs;
139 struct ffs_ep *ep; /* P: ffs->eps_lock */
140
141 struct dentry *dentry;
142
143 char name[5];
144
145 unsigned char in; /* P: ffs->eps_lock */
146 unsigned char isoc; /* P: ffs->eps_lock */
147
148 unsigned char _pad;
149 };
150
151 static int __must_check ffs_epfiles_create(struct ffs_data *ffs);
152 static void ffs_epfiles_destroy(struct ffs_epfile *epfiles, unsigned count);
153
154 static struct inode *__must_check
155 ffs_sb_create_file(struct super_block *sb, const char *name, void *data,
156 const struct file_operations *fops,
157 struct dentry **dentry_p);
158
159 /* Devices management *******************************************************/
160
161 DEFINE_MUTEX(ffs_lock);
162 EXPORT_SYMBOL(ffs_lock);
163
164 static struct ffs_dev *_ffs_find_dev(const char *name);
165 static struct ffs_dev *_ffs_alloc_dev(void);
166 static int _ffs_name_dev(struct ffs_dev *dev, const char *name);
167 static void _ffs_free_dev(struct ffs_dev *dev);
168 static void *ffs_acquire_dev(const char *dev_name);
169 static void ffs_release_dev(struct ffs_data *ffs_data);
170 static int ffs_ready(struct ffs_data *ffs);
171 static void ffs_closed(struct ffs_data *ffs);
172
173 /* Misc helper functions ****************************************************/
174
175 static int ffs_mutex_lock(struct mutex *mutex, unsigned nonblock)
176 __attribute__((warn_unused_result, nonnull));
177 static char *ffs_prepare_buffer(const char __user *buf, size_t len)
178 __attribute__((warn_unused_result, nonnull));
179
180
181 /* Control file aka ep0 *****************************************************/
182
183 static void ffs_ep0_complete(struct usb_ep *ep, struct usb_request *req)
184 {
185 struct ffs_data *ffs = req->context;
186
187 complete_all(&ffs->ep0req_completion);
188 }
189
190 static int __ffs_ep0_queue_wait(struct ffs_data *ffs, char *data, size_t len)
191 {
192 struct usb_request *req = ffs->ep0req;
193 int ret;
194
195 req->zero = len < le16_to_cpu(ffs->ev.setup.wLength);
196
197 spin_unlock_irq(&ffs->ev.waitq.lock);
198
199 req->buf = data;
200 req->length = len;
201
202 /*
203 * UDC layer requires to provide a buffer even for ZLP, but should
204 * not use it at all. Let's provide some poisoned pointer to catch
205 * possible bug in the driver.
206 */
207 if (req->buf == NULL)
208 req->buf = (void *)0xDEADBABE;
209
210 reinit_completion(&ffs->ep0req_completion);
211
212 ret = usb_ep_queue(ffs->gadget->ep0, req, GFP_ATOMIC);
213 if (unlikely(ret < 0))
214 return ret;
215
216 ret = wait_for_completion_interruptible(&ffs->ep0req_completion);
217 if (unlikely(ret)) {
218 usb_ep_dequeue(ffs->gadget->ep0, req);
219 return -EINTR;
220 }
221
222 ffs->setup_state = FFS_NO_SETUP;
223 return ffs->ep0req_status;
224 }
225
226 static int __ffs_ep0_stall(struct ffs_data *ffs)
227 {
228 if (ffs->ev.can_stall) {
229 pr_vdebug("ep0 stall\n");
230 usb_ep_set_halt(ffs->gadget->ep0);
231 ffs->setup_state = FFS_NO_SETUP;
232 return -EL2HLT;
233 } else {
234 pr_debug("bogus ep0 stall!\n");
235 return -ESRCH;
236 }
237 }
238
239 static ssize_t ffs_ep0_write(struct file *file, const char __user *buf,
240 size_t len, loff_t *ptr)
241 {
242 struct ffs_data *ffs = file->private_data;
243 ssize_t ret;
244 char *data;
245
246 ENTER();
247
248 /* Fast check if setup was canceled */
249 if (FFS_SETUP_STATE(ffs) == FFS_SETUP_CANCELED)
250 return -EIDRM;
251
252 /* Acquire mutex */
253 ret = ffs_mutex_lock(&ffs->mutex, file->f_flags & O_NONBLOCK);
254 if (unlikely(ret < 0))
255 return ret;
256
257 /* Check state */
258 switch (ffs->state) {
259 case FFS_READ_DESCRIPTORS:
260 case FFS_READ_STRINGS:
261 /* Copy data */
262 if (unlikely(len < 16)) {
263 ret = -EINVAL;
264 break;
265 }
266
267 data = ffs_prepare_buffer(buf, len);
268 if (IS_ERR(data)) {
269 ret = PTR_ERR(data);
270 break;
271 }
272
273 /* Handle data */
274 if (ffs->state == FFS_READ_DESCRIPTORS) {
275 pr_info("read descriptors\n");
276 ret = __ffs_data_got_descs(ffs, data, len);
277 if (unlikely(ret < 0))
278 break;
279
280 ffs->state = FFS_READ_STRINGS;
281 ret = len;
282 } else {
283 pr_info("read strings\n");
284 ret = __ffs_data_got_strings(ffs, data, len);
285 if (unlikely(ret < 0))
286 break;
287
288 ret = ffs_epfiles_create(ffs);
289 if (unlikely(ret)) {
290 ffs->state = FFS_CLOSING;
291 break;
292 }
293
294 ffs->state = FFS_ACTIVE;
295 mutex_unlock(&ffs->mutex);
296
297 ret = ffs_ready(ffs);
298 if (unlikely(ret < 0)) {
299 ffs->state = FFS_CLOSING;
300 return ret;
301 }
302
303 set_bit(FFS_FL_CALL_CLOSED_CALLBACK, &ffs->flags);
304 return len;
305 }
306 break;
307
308 case FFS_ACTIVE:
309 data = NULL;
310 /*
311 * We're called from user space, we can use _irq
312 * rather then _irqsave
313 */
314 spin_lock_irq(&ffs->ev.waitq.lock);
315 switch (FFS_SETUP_STATE(ffs)) {
316 case FFS_SETUP_CANCELED:
317 ret = -EIDRM;
318 goto done_spin;
319
320 case FFS_NO_SETUP:
321 ret = -ESRCH;
322 goto done_spin;
323
324 case FFS_SETUP_PENDING:
325 break;
326 }
327
328 /* FFS_SETUP_PENDING */
329 if (!(ffs->ev.setup.bRequestType & USB_DIR_IN)) {
330 spin_unlock_irq(&ffs->ev.waitq.lock);
331 ret = __ffs_ep0_stall(ffs);
332 break;
333 }
334
335 /* FFS_SETUP_PENDING and not stall */
336 len = min(len, (size_t)le16_to_cpu(ffs->ev.setup.wLength));
337
338 spin_unlock_irq(&ffs->ev.waitq.lock);
339
340 data = ffs_prepare_buffer(buf, len);
341 if (IS_ERR(data)) {
342 ret = PTR_ERR(data);
343 break;
344 }
345
346 spin_lock_irq(&ffs->ev.waitq.lock);
347
348 /*
349 * We are guaranteed to be still in FFS_ACTIVE state
350 * but the state of setup could have changed from
351 * FFS_SETUP_PENDING to FFS_SETUP_CANCELED so we need
352 * to check for that. If that happened we copied data
353 * from user space in vain but it's unlikely.
354 *
355 * For sure we are not in FFS_NO_SETUP since this is
356 * the only place FFS_SETUP_PENDING -> FFS_NO_SETUP
357 * transition can be performed and it's protected by
358 * mutex.
359 */
360 if (FFS_SETUP_STATE(ffs) == FFS_SETUP_CANCELED) {
361 ret = -EIDRM;
362 done_spin:
363 spin_unlock_irq(&ffs->ev.waitq.lock);
364 } else {
365 /* unlocks spinlock */
366 ret = __ffs_ep0_queue_wait(ffs, data, len);
367 }
368 kfree(data);
369 break;
370
371 default:
372 ret = -EBADFD;
373 break;
374 }
375
376 mutex_unlock(&ffs->mutex);
377 return ret;
378 }
379
380 static ssize_t __ffs_ep0_read_events(struct ffs_data *ffs, char __user *buf,
381 size_t n)
382 {
383 /*
384 * We are holding ffs->ev.waitq.lock and ffs->mutex and we need
385 * to release them.
386 */
387 struct usb_functionfs_event events[n];
388 unsigned i = 0;
389
390 memset(events, 0, sizeof events);
391
392 do {
393 events[i].type = ffs->ev.types[i];
394 if (events[i].type == FUNCTIONFS_SETUP) {
395 events[i].u.setup = ffs->ev.setup;
396 ffs->setup_state = FFS_SETUP_PENDING;
397 }
398 } while (++i < n);
399
400 if (n < ffs->ev.count) {
401 ffs->ev.count -= n;
402 memmove(ffs->ev.types, ffs->ev.types + n,
403 ffs->ev.count * sizeof *ffs->ev.types);
404 } else {
405 ffs->ev.count = 0;
406 }
407
408 spin_unlock_irq(&ffs->ev.waitq.lock);
409 mutex_unlock(&ffs->mutex);
410
411 return unlikely(__copy_to_user(buf, events, sizeof events))
412 ? -EFAULT : sizeof events;
413 }
414
415 static ssize_t ffs_ep0_read(struct file *file, char __user *buf,
416 size_t len, loff_t *ptr)
417 {
418 struct ffs_data *ffs = file->private_data;
419 char *data = NULL;
420 size_t n;
421 int ret;
422
423 ENTER();
424
425 /* Fast check if setup was canceled */
426 if (FFS_SETUP_STATE(ffs) == FFS_SETUP_CANCELED)
427 return -EIDRM;
428
429 /* Acquire mutex */
430 ret = ffs_mutex_lock(&ffs->mutex, file->f_flags & O_NONBLOCK);
431 if (unlikely(ret < 0))
432 return ret;
433
434 /* Check state */
435 if (ffs->state != FFS_ACTIVE) {
436 ret = -EBADFD;
437 goto done_mutex;
438 }
439
440 /*
441 * We're called from user space, we can use _irq rather then
442 * _irqsave
443 */
444 spin_lock_irq(&ffs->ev.waitq.lock);
445
446 switch (FFS_SETUP_STATE(ffs)) {
447 case FFS_SETUP_CANCELED:
448 ret = -EIDRM;
449 break;
450
451 case FFS_NO_SETUP:
452 n = len / sizeof(struct usb_functionfs_event);
453 if (unlikely(!n)) {
454 ret = -EINVAL;
455 break;
456 }
457
458 if ((file->f_flags & O_NONBLOCK) && !ffs->ev.count) {
459 ret = -EAGAIN;
460 break;
461 }
462
463 if (wait_event_interruptible_exclusive_locked_irq(ffs->ev.waitq,
464 ffs->ev.count)) {
465 ret = -EINTR;
466 break;
467 }
468
469 return __ffs_ep0_read_events(ffs, buf,
470 min(n, (size_t)ffs->ev.count));
471
472 case FFS_SETUP_PENDING:
473 if (ffs->ev.setup.bRequestType & USB_DIR_IN) {
474 spin_unlock_irq(&ffs->ev.waitq.lock);
475 ret = __ffs_ep0_stall(ffs);
476 goto done_mutex;
477 }
478
479 len = min(len, (size_t)le16_to_cpu(ffs->ev.setup.wLength));
480
481 spin_unlock_irq(&ffs->ev.waitq.lock);
482
483 if (likely(len)) {
484 data = kmalloc(len, GFP_KERNEL);
485 if (unlikely(!data)) {
486 ret = -ENOMEM;
487 goto done_mutex;
488 }
489 }
490
491 spin_lock_irq(&ffs->ev.waitq.lock);
492
493 /* See ffs_ep0_write() */
494 if (FFS_SETUP_STATE(ffs) == FFS_SETUP_CANCELED) {
495 ret = -EIDRM;
496 break;
497 }
498
499 /* unlocks spinlock */
500 ret = __ffs_ep0_queue_wait(ffs, data, len);
501 if (likely(ret > 0) && unlikely(__copy_to_user(buf, data, len)))
502 ret = -EFAULT;
503 goto done_mutex;
504
505 default:
506 ret = -EBADFD;
507 break;
508 }
509
510 spin_unlock_irq(&ffs->ev.waitq.lock);
511 done_mutex:
512 mutex_unlock(&ffs->mutex);
513 kfree(data);
514 return ret;
515 }
516
517 static int ffs_ep0_open(struct inode *inode, struct file *file)
518 {
519 struct ffs_data *ffs = inode->i_private;
520
521 ENTER();
522
523 if (unlikely(ffs->state == FFS_CLOSING))
524 return -EBUSY;
525
526 file->private_data = ffs;
527 ffs_data_opened(ffs);
528
529 return 0;
530 }
531
532 static int ffs_ep0_release(struct inode *inode, struct file *file)
533 {
534 struct ffs_data *ffs = file->private_data;
535
536 ENTER();
537
538 ffs_data_closed(ffs);
539
540 return 0;
541 }
542
543 static long ffs_ep0_ioctl(struct file *file, unsigned code, unsigned long value)
544 {
545 struct ffs_data *ffs = file->private_data;
546 struct usb_gadget *gadget = ffs->gadget;
547 long ret;
548
549 ENTER();
550
551 if (code == FUNCTIONFS_INTERFACE_REVMAP) {
552 struct ffs_function *func = ffs->func;
553 ret = func ? ffs_func_revmap_intf(func, value) : -ENODEV;
554 } else if (gadget && gadget->ops->ioctl) {
555 ret = gadget->ops->ioctl(gadget, code, value);
556 } else {
557 ret = -ENOTTY;
558 }
559
560 return ret;
561 }
562
563 static const struct file_operations ffs_ep0_operations = {
564 .llseek = no_llseek,
565
566 .open = ffs_ep0_open,
567 .write = ffs_ep0_write,
568 .read = ffs_ep0_read,
569 .release = ffs_ep0_release,
570 .unlocked_ioctl = ffs_ep0_ioctl,
571 };
572
573
574 /* "Normal" endpoints operations ********************************************/
575
576 static void ffs_epfile_io_complete(struct usb_ep *_ep, struct usb_request *req)
577 {
578 ENTER();
579 if (likely(req->context)) {
580 struct ffs_ep *ep = _ep->driver_data;
581 ep->status = req->status ? req->status : req->actual;
582 complete(req->context);
583 }
584 }
585
586 static ssize_t ffs_epfile_io(struct file *file,
587 char __user *buf, size_t len, int read)
588 {
589 struct ffs_epfile *epfile = file->private_data;
590 struct usb_gadget *gadget = epfile->ffs->gadget;
591 struct ffs_ep *ep;
592 char *data = NULL;
593 ssize_t ret, data_len;
594 int halt;
595
596 /* Are we still active? */
597 if (WARN_ON(epfile->ffs->state != FFS_ACTIVE)) {
598 ret = -ENODEV;
599 goto error;
600 }
601
602 /* Wait for endpoint to be enabled */
603 ep = epfile->ep;
604 if (!ep) {
605 if (file->f_flags & O_NONBLOCK) {
606 ret = -EAGAIN;
607 goto error;
608 }
609
610 ret = wait_event_interruptible(epfile->wait, (ep = epfile->ep));
611 if (ret) {
612 ret = -EINTR;
613 goto error;
614 }
615 }
616
617 /* Do we halt? */
618 halt = !read == !epfile->in;
619 if (halt && epfile->isoc) {
620 ret = -EINVAL;
621 goto error;
622 }
623
624 /* Allocate & copy */
625 if (!halt) {
626 /*
627 * Controller may require buffer size to be aligned to
628 * maxpacketsize of an out endpoint.
629 */
630 data_len = read ? usb_ep_align_maybe(gadget, ep->ep, len) : len;
631
632 data = kmalloc(data_len, GFP_KERNEL);
633 if (unlikely(!data))
634 return -ENOMEM;
635
636 if (!read && unlikely(copy_from_user(data, buf, len))) {
637 ret = -EFAULT;
638 goto error;
639 }
640 }
641
642 /* We will be using request */
643 ret = ffs_mutex_lock(&epfile->mutex, file->f_flags & O_NONBLOCK);
644 if (unlikely(ret))
645 goto error;
646
647 spin_lock_irq(&epfile->ffs->eps_lock);
648
649 if (epfile->ep != ep) {
650 /* In the meantime, endpoint got disabled or changed. */
651 ret = -ESHUTDOWN;
652 spin_unlock_irq(&epfile->ffs->eps_lock);
653 } else if (halt) {
654 /* Halt */
655 if (likely(epfile->ep == ep) && !WARN_ON(!ep->ep))
656 usb_ep_set_halt(ep->ep);
657 spin_unlock_irq(&epfile->ffs->eps_lock);
658 ret = -EBADMSG;
659 } else {
660 /* Fire the request */
661 DECLARE_COMPLETION_ONSTACK(done);
662
663 struct usb_request *req = ep->req;
664 req->context = &done;
665 req->complete = ffs_epfile_io_complete;
666 req->buf = data;
667 req->length = data_len;
668
669 ret = usb_ep_queue(ep->ep, req, GFP_ATOMIC);
670
671 spin_unlock_irq(&epfile->ffs->eps_lock);
672
673 if (unlikely(ret < 0)) {
674 /* nop */
675 } else if (unlikely(wait_for_completion_interruptible(&done))) {
676 ret = -EINTR;
677 usb_ep_dequeue(ep->ep, req);
678 } else {
679 /*
680 * XXX We may end up silently droping data here.
681 * Since data_len (i.e. req->length) may be bigger
682 * than len (after being rounded up to maxpacketsize),
683 * we may end up with more data then user space has
684 * space for.
685 */
686 ret = ep->status;
687 if (read && ret > 0 &&
688 unlikely(copy_to_user(buf, data,
689 min_t(size_t, ret, len))))
690 ret = -EFAULT;
691 }
692 }
693
694 mutex_unlock(&epfile->mutex);
695 error:
696 kfree(data);
697 return ret;
698 }
699
700 static ssize_t
701 ffs_epfile_write(struct file *file, const char __user *buf, size_t len,
702 loff_t *ptr)
703 {
704 ENTER();
705
706 return ffs_epfile_io(file, (char __user *)buf, len, 0);
707 }
708
709 static ssize_t
710 ffs_epfile_read(struct file *file, char __user *buf, size_t len, loff_t *ptr)
711 {
712 ENTER();
713
714 return ffs_epfile_io(file, buf, len, 1);
715 }
716
717 static int
718 ffs_epfile_open(struct inode *inode, struct file *file)
719 {
720 struct ffs_epfile *epfile = inode->i_private;
721
722 ENTER();
723
724 if (WARN_ON(epfile->ffs->state != FFS_ACTIVE))
725 return -ENODEV;
726
727 file->private_data = epfile;
728 ffs_data_opened(epfile->ffs);
729
730 return 0;
731 }
732
733 static int
734 ffs_epfile_release(struct inode *inode, struct file *file)
735 {
736 struct ffs_epfile *epfile = inode->i_private;
737
738 ENTER();
739
740 ffs_data_closed(epfile->ffs);
741
742 return 0;
743 }
744
745 static long ffs_epfile_ioctl(struct file *file, unsigned code,
746 unsigned long value)
747 {
748 struct ffs_epfile *epfile = file->private_data;
749 int ret;
750
751 ENTER();
752
753 if (WARN_ON(epfile->ffs->state != FFS_ACTIVE))
754 return -ENODEV;
755
756 spin_lock_irq(&epfile->ffs->eps_lock);
757 if (likely(epfile->ep)) {
758 switch (code) {
759 case FUNCTIONFS_FIFO_STATUS:
760 ret = usb_ep_fifo_status(epfile->ep->ep);
761 break;
762 case FUNCTIONFS_FIFO_FLUSH:
763 usb_ep_fifo_flush(epfile->ep->ep);
764 ret = 0;
765 break;
766 case FUNCTIONFS_CLEAR_HALT:
767 ret = usb_ep_clear_halt(epfile->ep->ep);
768 break;
769 case FUNCTIONFS_ENDPOINT_REVMAP:
770 ret = epfile->ep->num;
771 break;
772 default:
773 ret = -ENOTTY;
774 }
775 } else {
776 ret = -ENODEV;
777 }
778 spin_unlock_irq(&epfile->ffs->eps_lock);
779
780 return ret;
781 }
782
783 static const struct file_operations ffs_epfile_operations = {
784 .llseek = no_llseek,
785
786 .open = ffs_epfile_open,
787 .write = ffs_epfile_write,
788 .read = ffs_epfile_read,
789 .release = ffs_epfile_release,
790 .unlocked_ioctl = ffs_epfile_ioctl,
791 };
792
793
794 /* File system and super block operations ***********************************/
795
796 /*
797 * Mounting the file system creates a controller file, used first for
798 * function configuration then later for event monitoring.
799 */
800
801 static struct inode *__must_check
802 ffs_sb_make_inode(struct super_block *sb, void *data,
803 const struct file_operations *fops,
804 const struct inode_operations *iops,
805 struct ffs_file_perms *perms)
806 {
807 struct inode *inode;
808
809 ENTER();
810
811 inode = new_inode(sb);
812
813 if (likely(inode)) {
814 struct timespec current_time = CURRENT_TIME;
815
816 inode->i_ino = get_next_ino();
817 inode->i_mode = perms->mode;
818 inode->i_uid = perms->uid;
819 inode->i_gid = perms->gid;
820 inode->i_atime = current_time;
821 inode->i_mtime = current_time;
822 inode->i_ctime = current_time;
823 inode->i_private = data;
824 if (fops)
825 inode->i_fop = fops;
826 if (iops)
827 inode->i_op = iops;
828 }
829
830 return inode;
831 }
832
833 /* Create "regular" file */
834 static struct inode *ffs_sb_create_file(struct super_block *sb,
835 const char *name, void *data,
836 const struct file_operations *fops,
837 struct dentry **dentry_p)
838 {
839 struct ffs_data *ffs = sb->s_fs_info;
840 struct dentry *dentry;
841 struct inode *inode;
842
843 ENTER();
844
845 dentry = d_alloc_name(sb->s_root, name);
846 if (unlikely(!dentry))
847 return NULL;
848
849 inode = ffs_sb_make_inode(sb, data, fops, NULL, &ffs->file_perms);
850 if (unlikely(!inode)) {
851 dput(dentry);
852 return NULL;
853 }
854
855 d_add(dentry, inode);
856 if (dentry_p)
857 *dentry_p = dentry;
858
859 return inode;
860 }
861
862 /* Super block */
863 static const struct super_operations ffs_sb_operations = {
864 .statfs = simple_statfs,
865 .drop_inode = generic_delete_inode,
866 };
867
868 struct ffs_sb_fill_data {
869 struct ffs_file_perms perms;
870 umode_t root_mode;
871 const char *dev_name;
872 struct ffs_data *ffs_data;
873 };
874
875 static int ffs_sb_fill(struct super_block *sb, void *_data, int silent)
876 {
877 struct ffs_sb_fill_data *data = _data;
878 struct inode *inode;
879 struct ffs_data *ffs = data->ffs_data;
880
881 ENTER();
882
883 ffs->sb = sb;
884 data->ffs_data = NULL;
885 sb->s_fs_info = ffs;
886 sb->s_blocksize = PAGE_CACHE_SIZE;
887 sb->s_blocksize_bits = PAGE_CACHE_SHIFT;
888 sb->s_magic = FUNCTIONFS_MAGIC;
889 sb->s_op = &ffs_sb_operations;
890 sb->s_time_gran = 1;
891
892 /* Root inode */
893 data->perms.mode = data->root_mode;
894 inode = ffs_sb_make_inode(sb, NULL,
895 &simple_dir_operations,
896 &simple_dir_inode_operations,
897 &data->perms);
898 sb->s_root = d_make_root(inode);
899 if (unlikely(!sb->s_root))
900 return -ENOMEM;
901
902 /* EP0 file */
903 if (unlikely(!ffs_sb_create_file(sb, "ep0", ffs,
904 &ffs_ep0_operations, NULL)))
905 return -ENOMEM;
906
907 return 0;
908 }
909
910 static int ffs_fs_parse_opts(struct ffs_sb_fill_data *data, char *opts)
911 {
912 ENTER();
913
914 if (!opts || !*opts)
915 return 0;
916
917 for (;;) {
918 unsigned long value;
919 char *eq, *comma;
920
921 /* Option limit */
922 comma = strchr(opts, ',');
923 if (comma)
924 *comma = 0;
925
926 /* Value limit */
927 eq = strchr(opts, '=');
928 if (unlikely(!eq)) {
929 pr_err("'=' missing in %s\n", opts);
930 return -EINVAL;
931 }
932 *eq = 0;
933
934 /* Parse value */
935 if (kstrtoul(eq + 1, 0, &value)) {
936 pr_err("%s: invalid value: %s\n", opts, eq + 1);
937 return -EINVAL;
938 }
939
940 /* Interpret option */
941 switch (eq - opts) {
942 case 5:
943 if (!memcmp(opts, "rmode", 5))
944 data->root_mode = (value & 0555) | S_IFDIR;
945 else if (!memcmp(opts, "fmode", 5))
946 data->perms.mode = (value & 0666) | S_IFREG;
947 else
948 goto invalid;
949 break;
950
951 case 4:
952 if (!memcmp(opts, "mode", 4)) {
953 data->root_mode = (value & 0555) | S_IFDIR;
954 data->perms.mode = (value & 0666) | S_IFREG;
955 } else {
956 goto invalid;
957 }
958 break;
959
960 case 3:
961 if (!memcmp(opts, "uid", 3)) {
962 data->perms.uid = make_kuid(current_user_ns(), value);
963 if (!uid_valid(data->perms.uid)) {
964 pr_err("%s: unmapped value: %lu\n", opts, value);
965 return -EINVAL;
966 }
967 } else if (!memcmp(opts, "gid", 3)) {
968 data->perms.gid = make_kgid(current_user_ns(), value);
969 if (!gid_valid(data->perms.gid)) {
970 pr_err("%s: unmapped value: %lu\n", opts, value);
971 return -EINVAL;
972 }
973 } else {
974 goto invalid;
975 }
976 break;
977
978 default:
979 invalid:
980 pr_err("%s: invalid option\n", opts);
981 return -EINVAL;
982 }
983
984 /* Next iteration */
985 if (!comma)
986 break;
987 opts = comma + 1;
988 }
989
990 return 0;
991 }
992
993 /* "mount -t functionfs dev_name /dev/function" ends up here */
994
995 static struct dentry *
996 ffs_fs_mount(struct file_system_type *t, int flags,
997 const char *dev_name, void *opts)
998 {
999 struct ffs_sb_fill_data data = {
1000 .perms = {
1001 .mode = S_IFREG | 0600,
1002 .uid = GLOBAL_ROOT_UID,
1003 .gid = GLOBAL_ROOT_GID,
1004 },
1005 .root_mode = S_IFDIR | 0500,
1006 };
1007 struct dentry *rv;
1008 int ret;
1009 void *ffs_dev;
1010 struct ffs_data *ffs;
1011
1012 ENTER();
1013
1014 ret = ffs_fs_parse_opts(&data, opts);
1015 if (unlikely(ret < 0))
1016 return ERR_PTR(ret);
1017
1018 ffs = ffs_data_new();
1019 if (unlikely(!ffs))
1020 return ERR_PTR(-ENOMEM);
1021 ffs->file_perms = data.perms;
1022
1023 ffs->dev_name = kstrdup(dev_name, GFP_KERNEL);
1024 if (unlikely(!ffs->dev_name)) {
1025 ffs_data_put(ffs);
1026 return ERR_PTR(-ENOMEM);
1027 }
1028
1029 ffs_dev = ffs_acquire_dev(dev_name);
1030 if (IS_ERR(ffs_dev)) {
1031 ffs_data_put(ffs);
1032 return ERR_CAST(ffs_dev);
1033 }
1034 ffs->private_data = ffs_dev;
1035 data.ffs_data = ffs;
1036
1037 rv = mount_nodev(t, flags, &data, ffs_sb_fill);
1038 if (IS_ERR(rv) && data.ffs_data) {
1039 ffs_release_dev(data.ffs_data);
1040 ffs_data_put(data.ffs_data);
1041 }
1042 return rv;
1043 }
1044
1045 static void
1046 ffs_fs_kill_sb(struct super_block *sb)
1047 {
1048 ENTER();
1049
1050 kill_litter_super(sb);
1051 if (sb->s_fs_info) {
1052 ffs_release_dev(sb->s_fs_info);
1053 ffs_data_put(sb->s_fs_info);
1054 }
1055 }
1056
1057 static struct file_system_type ffs_fs_type = {
1058 .owner = THIS_MODULE,
1059 .name = "functionfs",
1060 .mount = ffs_fs_mount,
1061 .kill_sb = ffs_fs_kill_sb,
1062 };
1063 MODULE_ALIAS_FS("functionfs");
1064
1065
1066 /* Driver's main init/cleanup functions *************************************/
1067
1068 static int functionfs_init(void)
1069 {
1070 int ret;
1071
1072 ENTER();
1073
1074 ret = register_filesystem(&ffs_fs_type);
1075 if (likely(!ret))
1076 pr_info("file system registered\n");
1077 else
1078 pr_err("failed registering file system (%d)\n", ret);
1079
1080 return ret;
1081 }
1082
1083 static void functionfs_cleanup(void)
1084 {
1085 ENTER();
1086
1087 pr_info("unloading\n");
1088 unregister_filesystem(&ffs_fs_type);
1089 }
1090
1091
1092 /* ffs_data and ffs_function construction and destruction code **************/
1093
1094 static void ffs_data_clear(struct ffs_data *ffs);
1095 static void ffs_data_reset(struct ffs_data *ffs);
1096
1097 static void ffs_data_get(struct ffs_data *ffs)
1098 {
1099 ENTER();
1100
1101 atomic_inc(&ffs->ref);
1102 }
1103
1104 static void ffs_data_opened(struct ffs_data *ffs)
1105 {
1106 ENTER();
1107
1108 atomic_inc(&ffs->ref);
1109 atomic_inc(&ffs->opened);
1110 }
1111
1112 static void ffs_data_put(struct ffs_data *ffs)
1113 {
1114 ENTER();
1115
1116 if (unlikely(atomic_dec_and_test(&ffs->ref))) {
1117 pr_info("%s(): freeing\n", __func__);
1118 ffs_data_clear(ffs);
1119 BUG_ON(waitqueue_active(&ffs->ev.waitq) ||
1120 waitqueue_active(&ffs->ep0req_completion.wait));
1121 kfree(ffs->dev_name);
1122 kfree(ffs);
1123 }
1124 }
1125
1126 static void ffs_data_closed(struct ffs_data *ffs)
1127 {
1128 ENTER();
1129
1130 if (atomic_dec_and_test(&ffs->opened)) {
1131 ffs->state = FFS_CLOSING;
1132 ffs_data_reset(ffs);
1133 }
1134
1135 ffs_data_put(ffs);
1136 }
1137
1138 static struct ffs_data *ffs_data_new(void)
1139 {
1140 struct ffs_data *ffs = kzalloc(sizeof *ffs, GFP_KERNEL);
1141 if (unlikely(!ffs))
1142 return NULL;
1143
1144 ENTER();
1145
1146 atomic_set(&ffs->ref, 1);
1147 atomic_set(&ffs->opened, 0);
1148 ffs->state = FFS_READ_DESCRIPTORS;
1149 mutex_init(&ffs->mutex);
1150 spin_lock_init(&ffs->eps_lock);
1151 init_waitqueue_head(&ffs->ev.waitq);
1152 init_completion(&ffs->ep0req_completion);
1153
1154 /* XXX REVISIT need to update it in some places, or do we? */
1155 ffs->ev.can_stall = 1;
1156
1157 return ffs;
1158 }
1159
1160 static void ffs_data_clear(struct ffs_data *ffs)
1161 {
1162 ENTER();
1163
1164 if (test_and_clear_bit(FFS_FL_CALL_CLOSED_CALLBACK, &ffs->flags))
1165 ffs_closed(ffs);
1166
1167 BUG_ON(ffs->gadget);
1168
1169 if (ffs->epfiles)
1170 ffs_epfiles_destroy(ffs->epfiles, ffs->eps_count);
1171
1172 kfree(ffs->raw_descs);
1173 kfree(ffs->raw_strings);
1174 kfree(ffs->stringtabs);
1175 }
1176
1177 static void ffs_data_reset(struct ffs_data *ffs)
1178 {
1179 ENTER();
1180
1181 ffs_data_clear(ffs);
1182
1183 ffs->epfiles = NULL;
1184 ffs->raw_descs = NULL;
1185 ffs->raw_strings = NULL;
1186 ffs->stringtabs = NULL;
1187
1188 ffs->raw_descs_length = 0;
1189 ffs->raw_fs_descs_length = 0;
1190 ffs->fs_descs_count = 0;
1191 ffs->hs_descs_count = 0;
1192
1193 ffs->strings_count = 0;
1194 ffs->interfaces_count = 0;
1195 ffs->eps_count = 0;
1196
1197 ffs->ev.count = 0;
1198
1199 ffs->state = FFS_READ_DESCRIPTORS;
1200 ffs->setup_state = FFS_NO_SETUP;
1201 ffs->flags = 0;
1202 }
1203
1204
1205 static int functionfs_bind(struct ffs_data *ffs, struct usb_composite_dev *cdev)
1206 {
1207 struct usb_gadget_strings **lang;
1208 int first_id;
1209
1210 ENTER();
1211
1212 if (WARN_ON(ffs->state != FFS_ACTIVE
1213 || test_and_set_bit(FFS_FL_BOUND, &ffs->flags)))
1214 return -EBADFD;
1215
1216 first_id = usb_string_ids_n(cdev, ffs->strings_count);
1217 if (unlikely(first_id < 0))
1218 return first_id;
1219
1220 ffs->ep0req = usb_ep_alloc_request(cdev->gadget->ep0, GFP_KERNEL);
1221 if (unlikely(!ffs->ep0req))
1222 return -ENOMEM;
1223 ffs->ep0req->complete = ffs_ep0_complete;
1224 ffs->ep0req->context = ffs;
1225
1226 lang = ffs->stringtabs;
1227 for (lang = ffs->stringtabs; *lang; ++lang) {
1228 struct usb_string *str = (*lang)->strings;
1229 int id = first_id;
1230 for (; str->s; ++id, ++str)
1231 str->id = id;
1232 }
1233
1234 ffs->gadget = cdev->gadget;
1235 ffs_data_get(ffs);
1236 return 0;
1237 }
1238
1239 static void functionfs_unbind(struct ffs_data *ffs)
1240 {
1241 ENTER();
1242
1243 if (!WARN_ON(!ffs->gadget)) {
1244 usb_ep_free_request(ffs->gadget->ep0, ffs->ep0req);
1245 ffs->ep0req = NULL;
1246 ffs->gadget = NULL;
1247 clear_bit(FFS_FL_BOUND, &ffs->flags);
1248 ffs_data_put(ffs);
1249 }
1250 }
1251
1252 static int ffs_epfiles_create(struct ffs_data *ffs)
1253 {
1254 struct ffs_epfile *epfile, *epfiles;
1255 unsigned i, count;
1256
1257 ENTER();
1258
1259 count = ffs->eps_count;
1260 epfiles = kcalloc(count, sizeof(*epfiles), GFP_KERNEL);
1261 if (!epfiles)
1262 return -ENOMEM;
1263
1264 epfile = epfiles;
1265 for (i = 1; i <= count; ++i, ++epfile) {
1266 epfile->ffs = ffs;
1267 mutex_init(&epfile->mutex);
1268 init_waitqueue_head(&epfile->wait);
1269 sprintf(epfiles->name, "ep%u", i);
1270 if (!unlikely(ffs_sb_create_file(ffs->sb, epfiles->name, epfile,
1271 &ffs_epfile_operations,
1272 &epfile->dentry))) {
1273 ffs_epfiles_destroy(epfiles, i - 1);
1274 return -ENOMEM;
1275 }
1276 }
1277
1278 ffs->epfiles = epfiles;
1279 return 0;
1280 }
1281
1282 static void ffs_epfiles_destroy(struct ffs_epfile *epfiles, unsigned count)
1283 {
1284 struct ffs_epfile *epfile = epfiles;
1285
1286 ENTER();
1287
1288 for (; count; --count, ++epfile) {
1289 BUG_ON(mutex_is_locked(&epfile->mutex) ||
1290 waitqueue_active(&epfile->wait));
1291 if (epfile->dentry) {
1292 d_delete(epfile->dentry);
1293 dput(epfile->dentry);
1294 epfile->dentry = NULL;
1295 }
1296 }
1297
1298 kfree(epfiles);
1299 }
1300
1301
1302 static void ffs_func_eps_disable(struct ffs_function *func)
1303 {
1304 struct ffs_ep *ep = func->eps;
1305 struct ffs_epfile *epfile = func->ffs->epfiles;
1306 unsigned count = func->ffs->eps_count;
1307 unsigned long flags;
1308
1309 spin_lock_irqsave(&func->ffs->eps_lock, flags);
1310 do {
1311 /* pending requests get nuked */
1312 if (likely(ep->ep))
1313 usb_ep_disable(ep->ep);
1314 epfile->ep = NULL;
1315
1316 ++ep;
1317 ++epfile;
1318 } while (--count);
1319 spin_unlock_irqrestore(&func->ffs->eps_lock, flags);
1320 }
1321
1322 static int ffs_func_eps_enable(struct ffs_function *func)
1323 {
1324 struct ffs_data *ffs = func->ffs;
1325 struct ffs_ep *ep = func->eps;
1326 struct ffs_epfile *epfile = ffs->epfiles;
1327 unsigned count = ffs->eps_count;
1328 unsigned long flags;
1329 int ret = 0;
1330
1331 spin_lock_irqsave(&func->ffs->eps_lock, flags);
1332 do {
1333 struct usb_endpoint_descriptor *ds;
1334 ds = ep->descs[ep->descs[1] ? 1 : 0];
1335
1336 ep->ep->driver_data = ep;
1337 ep->ep->desc = ds;
1338 ret = usb_ep_enable(ep->ep);
1339 if (likely(!ret)) {
1340 epfile->ep = ep;
1341 epfile->in = usb_endpoint_dir_in(ds);
1342 epfile->isoc = usb_endpoint_xfer_isoc(ds);
1343 } else {
1344 break;
1345 }
1346
1347 wake_up(&epfile->wait);
1348
1349 ++ep;
1350 ++epfile;
1351 } while (--count);
1352 spin_unlock_irqrestore(&func->ffs->eps_lock, flags);
1353
1354 return ret;
1355 }
1356
1357
1358 /* Parsing and building descriptors and strings *****************************/
1359
1360 /*
1361 * This validates if data pointed by data is a valid USB descriptor as
1362 * well as record how many interfaces, endpoints and strings are
1363 * required by given configuration. Returns address after the
1364 * descriptor or NULL if data is invalid.
1365 */
1366
1367 enum ffs_entity_type {
1368 FFS_DESCRIPTOR, FFS_INTERFACE, FFS_STRING, FFS_ENDPOINT
1369 };
1370
1371 typedef int (*ffs_entity_callback)(enum ffs_entity_type entity,
1372 u8 *valuep,
1373 struct usb_descriptor_header *desc,
1374 void *priv);
1375
1376 static int __must_check ffs_do_desc(char *data, unsigned len,
1377 ffs_entity_callback entity, void *priv)
1378 {
1379 struct usb_descriptor_header *_ds = (void *)data;
1380 u8 length;
1381 int ret;
1382
1383 ENTER();
1384
1385 /* At least two bytes are required: length and type */
1386 if (len < 2) {
1387 pr_vdebug("descriptor too short\n");
1388 return -EINVAL;
1389 }
1390
1391 /* If we have at least as many bytes as the descriptor takes? */
1392 length = _ds->bLength;
1393 if (len < length) {
1394 pr_vdebug("descriptor longer then available data\n");
1395 return -EINVAL;
1396 }
1397
1398 #define __entity_check_INTERFACE(val) 1
1399 #define __entity_check_STRING(val) (val)
1400 #define __entity_check_ENDPOINT(val) ((val) & USB_ENDPOINT_NUMBER_MASK)
1401 #define __entity(type, val) do { \
1402 pr_vdebug("entity " #type "(%02x)\n", (val)); \
1403 if (unlikely(!__entity_check_ ##type(val))) { \
1404 pr_vdebug("invalid entity's value\n"); \
1405 return -EINVAL; \
1406 } \
1407 ret = entity(FFS_ ##type, &val, _ds, priv); \
1408 if (unlikely(ret < 0)) { \
1409 pr_debug("entity " #type "(%02x); ret = %d\n", \
1410 (val), ret); \
1411 return ret; \
1412 } \
1413 } while (0)
1414
1415 /* Parse descriptor depending on type. */
1416 switch (_ds->bDescriptorType) {
1417 case USB_DT_DEVICE:
1418 case USB_DT_CONFIG:
1419 case USB_DT_STRING:
1420 case USB_DT_DEVICE_QUALIFIER:
1421 /* function can't have any of those */
1422 pr_vdebug("descriptor reserved for gadget: %d\n",
1423 _ds->bDescriptorType);
1424 return -EINVAL;
1425
1426 case USB_DT_INTERFACE: {
1427 struct usb_interface_descriptor *ds = (void *)_ds;
1428 pr_vdebug("interface descriptor\n");
1429 if (length != sizeof *ds)
1430 goto inv_length;
1431
1432 __entity(INTERFACE, ds->bInterfaceNumber);
1433 if (ds->iInterface)
1434 __entity(STRING, ds->iInterface);
1435 }
1436 break;
1437
1438 case USB_DT_ENDPOINT: {
1439 struct usb_endpoint_descriptor *ds = (void *)_ds;
1440 pr_vdebug("endpoint descriptor\n");
1441 if (length != USB_DT_ENDPOINT_SIZE &&
1442 length != USB_DT_ENDPOINT_AUDIO_SIZE)
1443 goto inv_length;
1444 __entity(ENDPOINT, ds->bEndpointAddress);
1445 }
1446 break;
1447
1448 case HID_DT_HID:
1449 pr_vdebug("hid descriptor\n");
1450 if (length != sizeof(struct hid_descriptor))
1451 goto inv_length;
1452 break;
1453
1454 case USB_DT_OTG:
1455 if (length != sizeof(struct usb_otg_descriptor))
1456 goto inv_length;
1457 break;
1458
1459 case USB_DT_INTERFACE_ASSOCIATION: {
1460 struct usb_interface_assoc_descriptor *ds = (void *)_ds;
1461 pr_vdebug("interface association descriptor\n");
1462 if (length != sizeof *ds)
1463 goto inv_length;
1464 if (ds->iFunction)
1465 __entity(STRING, ds->iFunction);
1466 }
1467 break;
1468
1469 case USB_DT_OTHER_SPEED_CONFIG:
1470 case USB_DT_INTERFACE_POWER:
1471 case USB_DT_DEBUG:
1472 case USB_DT_SECURITY:
1473 case USB_DT_CS_RADIO_CONTROL:
1474 /* TODO */
1475 pr_vdebug("unimplemented descriptor: %d\n", _ds->bDescriptorType);
1476 return -EINVAL;
1477
1478 default:
1479 /* We should never be here */
1480 pr_vdebug("unknown descriptor: %d\n", _ds->bDescriptorType);
1481 return -EINVAL;
1482
1483 inv_length:
1484 pr_vdebug("invalid length: %d (descriptor %d)\n",
1485 _ds->bLength, _ds->bDescriptorType);
1486 return -EINVAL;
1487 }
1488
1489 #undef __entity
1490 #undef __entity_check_DESCRIPTOR
1491 #undef __entity_check_INTERFACE
1492 #undef __entity_check_STRING
1493 #undef __entity_check_ENDPOINT
1494
1495 return length;
1496 }
1497
1498 static int __must_check ffs_do_descs(unsigned count, char *data, unsigned len,
1499 ffs_entity_callback entity, void *priv)
1500 {
1501 const unsigned _len = len;
1502 unsigned long num = 0;
1503
1504 ENTER();
1505
1506 for (;;) {
1507 int ret;
1508
1509 if (num == count)
1510 data = NULL;
1511
1512 /* Record "descriptor" entity */
1513 ret = entity(FFS_DESCRIPTOR, (u8 *)num, (void *)data, priv);
1514 if (unlikely(ret < 0)) {
1515 pr_debug("entity DESCRIPTOR(%02lx); ret = %d\n",
1516 num, ret);
1517 return ret;
1518 }
1519
1520 if (!data)
1521 return _len - len;
1522
1523 ret = ffs_do_desc(data, len, entity, priv);
1524 if (unlikely(ret < 0)) {
1525 pr_debug("%s returns %d\n", __func__, ret);
1526 return ret;
1527 }
1528
1529 len -= ret;
1530 data += ret;
1531 ++num;
1532 }
1533 }
1534
1535 static int __ffs_data_do_entity(enum ffs_entity_type type,
1536 u8 *valuep, struct usb_descriptor_header *desc,
1537 void *priv)
1538 {
1539 struct ffs_data *ffs = priv;
1540
1541 ENTER();
1542
1543 switch (type) {
1544 case FFS_DESCRIPTOR:
1545 break;
1546
1547 case FFS_INTERFACE:
1548 /*
1549 * Interfaces are indexed from zero so if we
1550 * encountered interface "n" then there are at least
1551 * "n+1" interfaces.
1552 */
1553 if (*valuep >= ffs->interfaces_count)
1554 ffs->interfaces_count = *valuep + 1;
1555 break;
1556
1557 case FFS_STRING:
1558 /*
1559 * Strings are indexed from 1 (0 is magic ;) reserved
1560 * for languages list or some such)
1561 */
1562 if (*valuep > ffs->strings_count)
1563 ffs->strings_count = *valuep;
1564 break;
1565
1566 case FFS_ENDPOINT:
1567 /* Endpoints are indexed from 1 as well. */
1568 if ((*valuep & USB_ENDPOINT_NUMBER_MASK) > ffs->eps_count)
1569 ffs->eps_count = (*valuep & USB_ENDPOINT_NUMBER_MASK);
1570 break;
1571 }
1572
1573 return 0;
1574 }
1575
1576 static int __ffs_data_got_descs(struct ffs_data *ffs,
1577 char *const _data, size_t len)
1578 {
1579 unsigned fs_count, hs_count;
1580 int fs_len, ret = -EINVAL;
1581 char *data = _data;
1582
1583 ENTER();
1584
1585 if (unlikely(get_unaligned_le32(data) != FUNCTIONFS_DESCRIPTORS_MAGIC ||
1586 get_unaligned_le32(data + 4) != len))
1587 goto error;
1588 fs_count = get_unaligned_le32(data + 8);
1589 hs_count = get_unaligned_le32(data + 12);
1590
1591 if (!fs_count && !hs_count)
1592 goto einval;
1593
1594 data += 16;
1595 len -= 16;
1596
1597 if (likely(fs_count)) {
1598 fs_len = ffs_do_descs(fs_count, data, len,
1599 __ffs_data_do_entity, ffs);
1600 if (unlikely(fs_len < 0)) {
1601 ret = fs_len;
1602 goto error;
1603 }
1604
1605 data += fs_len;
1606 len -= fs_len;
1607 } else {
1608 fs_len = 0;
1609 }
1610
1611 if (likely(hs_count)) {
1612 ret = ffs_do_descs(hs_count, data, len,
1613 __ffs_data_do_entity, ffs);
1614 if (unlikely(ret < 0))
1615 goto error;
1616 } else {
1617 ret = 0;
1618 }
1619
1620 if (unlikely(len != ret))
1621 goto einval;
1622
1623 ffs->raw_fs_descs_length = fs_len;
1624 ffs->raw_descs_length = fs_len + ret;
1625 ffs->raw_descs = _data;
1626 ffs->fs_descs_count = fs_count;
1627 ffs->hs_descs_count = hs_count;
1628
1629 return 0;
1630
1631 einval:
1632 ret = -EINVAL;
1633 error:
1634 kfree(_data);
1635 return ret;
1636 }
1637
1638 static int __ffs_data_got_strings(struct ffs_data *ffs,
1639 char *const _data, size_t len)
1640 {
1641 u32 str_count, needed_count, lang_count;
1642 struct usb_gadget_strings **stringtabs, *t;
1643 struct usb_string *strings, *s;
1644 const char *data = _data;
1645
1646 ENTER();
1647
1648 if (unlikely(get_unaligned_le32(data) != FUNCTIONFS_STRINGS_MAGIC ||
1649 get_unaligned_le32(data + 4) != len))
1650 goto error;
1651 str_count = get_unaligned_le32(data + 8);
1652 lang_count = get_unaligned_le32(data + 12);
1653
1654 /* if one is zero the other must be zero */
1655 if (unlikely(!str_count != !lang_count))
1656 goto error;
1657
1658 /* Do we have at least as many strings as descriptors need? */
1659 needed_count = ffs->strings_count;
1660 if (unlikely(str_count < needed_count))
1661 goto error;
1662
1663 /*
1664 * If we don't need any strings just return and free all
1665 * memory.
1666 */
1667 if (!needed_count) {
1668 kfree(_data);
1669 return 0;
1670 }
1671
1672 /* Allocate everything in one chunk so there's less maintenance. */
1673 {
1674 unsigned i = 0;
1675 vla_group(d);
1676 vla_item(d, struct usb_gadget_strings *, stringtabs,
1677 lang_count + 1);
1678 vla_item(d, struct usb_gadget_strings, stringtab, lang_count);
1679 vla_item(d, struct usb_string, strings,
1680 lang_count*(needed_count+1));
1681
1682 char *vlabuf = kmalloc(vla_group_size(d), GFP_KERNEL);
1683
1684 if (unlikely(!vlabuf)) {
1685 kfree(_data);
1686 return -ENOMEM;
1687 }
1688
1689 /* Initialize the VLA pointers */
1690 stringtabs = vla_ptr(vlabuf, d, stringtabs);
1691 t = vla_ptr(vlabuf, d, stringtab);
1692 i = lang_count;
1693 do {
1694 *stringtabs++ = t++;
1695 } while (--i);
1696 *stringtabs = NULL;
1697
1698 /* stringtabs = vlabuf = d_stringtabs for later kfree */
1699 stringtabs = vla_ptr(vlabuf, d, stringtabs);
1700 t = vla_ptr(vlabuf, d, stringtab);
1701 s = vla_ptr(vlabuf, d, strings);
1702 strings = s;
1703 }
1704
1705 /* For each language */
1706 data += 16;
1707 len -= 16;
1708
1709 do { /* lang_count > 0 so we can use do-while */
1710 unsigned needed = needed_count;
1711
1712 if (unlikely(len < 3))
1713 goto error_free;
1714 t->language = get_unaligned_le16(data);
1715 t->strings = s;
1716 ++t;
1717
1718 data += 2;
1719 len -= 2;
1720
1721 /* For each string */
1722 do { /* str_count > 0 so we can use do-while */
1723 size_t length = strnlen(data, len);
1724
1725 if (unlikely(length == len))
1726 goto error_free;
1727
1728 /*
1729 * User may provide more strings then we need,
1730 * if that's the case we simply ignore the
1731 * rest
1732 */
1733 if (likely(needed)) {
1734 /*
1735 * s->id will be set while adding
1736 * function to configuration so for
1737 * now just leave garbage here.
1738 */
1739 s->s = data;
1740 --needed;
1741 ++s;
1742 }
1743
1744 data += length + 1;
1745 len -= length + 1;
1746 } while (--str_count);
1747
1748 s->id = 0; /* terminator */
1749 s->s = NULL;
1750 ++s;
1751
1752 } while (--lang_count);
1753
1754 /* Some garbage left? */
1755 if (unlikely(len))
1756 goto error_free;
1757
1758 /* Done! */
1759 ffs->stringtabs = stringtabs;
1760 ffs->raw_strings = _data;
1761
1762 return 0;
1763
1764 error_free:
1765 kfree(stringtabs);
1766 error:
1767 kfree(_data);
1768 return -EINVAL;
1769 }
1770
1771
1772 /* Events handling and management *******************************************/
1773
1774 static void __ffs_event_add(struct ffs_data *ffs,
1775 enum usb_functionfs_event_type type)
1776 {
1777 enum usb_functionfs_event_type rem_type1, rem_type2 = type;
1778 int neg = 0;
1779
1780 /*
1781 * Abort any unhandled setup
1782 *
1783 * We do not need to worry about some cmpxchg() changing value
1784 * of ffs->setup_state without holding the lock because when
1785 * state is FFS_SETUP_PENDING cmpxchg() in several places in
1786 * the source does nothing.
1787 */
1788 if (ffs->setup_state == FFS_SETUP_PENDING)
1789 ffs->setup_state = FFS_SETUP_CANCELED;
1790
1791 switch (type) {
1792 case FUNCTIONFS_RESUME:
1793 rem_type2 = FUNCTIONFS_SUSPEND;
1794 /* FALL THROUGH */
1795 case FUNCTIONFS_SUSPEND:
1796 case FUNCTIONFS_SETUP:
1797 rem_type1 = type;
1798 /* Discard all similar events */
1799 break;
1800
1801 case FUNCTIONFS_BIND:
1802 case FUNCTIONFS_UNBIND:
1803 case FUNCTIONFS_DISABLE:
1804 case FUNCTIONFS_ENABLE:
1805 /* Discard everything other then power management. */
1806 rem_type1 = FUNCTIONFS_SUSPEND;
1807 rem_type2 = FUNCTIONFS_RESUME;
1808 neg = 1;
1809 break;
1810
1811 default:
1812 BUG();
1813 }
1814
1815 {
1816 u8 *ev = ffs->ev.types, *out = ev;
1817 unsigned n = ffs->ev.count;
1818 for (; n; --n, ++ev)
1819 if ((*ev == rem_type1 || *ev == rem_type2) == neg)
1820 *out++ = *ev;
1821 else
1822 pr_vdebug("purging event %d\n", *ev);
1823 ffs->ev.count = out - ffs->ev.types;
1824 }
1825
1826 pr_vdebug("adding event %d\n", type);
1827 ffs->ev.types[ffs->ev.count++] = type;
1828 wake_up_locked(&ffs->ev.waitq);
1829 }
1830
1831 static void ffs_event_add(struct ffs_data *ffs,
1832 enum usb_functionfs_event_type type)
1833 {
1834 unsigned long flags;
1835 spin_lock_irqsave(&ffs->ev.waitq.lock, flags);
1836 __ffs_event_add(ffs, type);
1837 spin_unlock_irqrestore(&ffs->ev.waitq.lock, flags);
1838 }
1839
1840
1841 /* Bind/unbind USB function hooks *******************************************/
1842
1843 static int __ffs_func_bind_do_descs(enum ffs_entity_type type, u8 *valuep,
1844 struct usb_descriptor_header *desc,
1845 void *priv)
1846 {
1847 struct usb_endpoint_descriptor *ds = (void *)desc;
1848 struct ffs_function *func = priv;
1849 struct ffs_ep *ffs_ep;
1850
1851 /*
1852 * If hs_descriptors is not NULL then we are reading hs
1853 * descriptors now
1854 */
1855 const int isHS = func->function.hs_descriptors != NULL;
1856 unsigned idx;
1857
1858 if (type != FFS_DESCRIPTOR)
1859 return 0;
1860
1861 if (isHS)
1862 func->function.hs_descriptors[(long)valuep] = desc;
1863 else
1864 func->function.fs_descriptors[(long)valuep] = desc;
1865
1866 if (!desc || desc->bDescriptorType != USB_DT_ENDPOINT)
1867 return 0;
1868
1869 idx = (ds->bEndpointAddress & USB_ENDPOINT_NUMBER_MASK) - 1;
1870 ffs_ep = func->eps + idx;
1871
1872 if (unlikely(ffs_ep->descs[isHS])) {
1873 pr_vdebug("two %sspeed descriptors for EP %d\n",
1874 isHS ? "high" : "full",
1875 ds->bEndpointAddress & USB_ENDPOINT_NUMBER_MASK);
1876 return -EINVAL;
1877 }
1878 ffs_ep->descs[isHS] = ds;
1879
1880 ffs_dump_mem(": Original ep desc", ds, ds->bLength);
1881 if (ffs_ep->ep) {
1882 ds->bEndpointAddress = ffs_ep->descs[0]->bEndpointAddress;
1883 if (!ds->wMaxPacketSize)
1884 ds->wMaxPacketSize = ffs_ep->descs[0]->wMaxPacketSize;
1885 } else {
1886 struct usb_request *req;
1887 struct usb_ep *ep;
1888
1889 pr_vdebug("autoconfig\n");
1890 ep = usb_ep_autoconfig(func->gadget, ds);
1891 if (unlikely(!ep))
1892 return -ENOTSUPP;
1893 ep->driver_data = func->eps + idx;
1894
1895 req = usb_ep_alloc_request(ep, GFP_KERNEL);
1896 if (unlikely(!req))
1897 return -ENOMEM;
1898
1899 ffs_ep->ep = ep;
1900 ffs_ep->req = req;
1901 func->eps_revmap[ds->bEndpointAddress &
1902 USB_ENDPOINT_NUMBER_MASK] = idx + 1;
1903 }
1904 ffs_dump_mem(": Rewritten ep desc", ds, ds->bLength);
1905
1906 return 0;
1907 }
1908
1909 static int __ffs_func_bind_do_nums(enum ffs_entity_type type, u8 *valuep,
1910 struct usb_descriptor_header *desc,
1911 void *priv)
1912 {
1913 struct ffs_function *func = priv;
1914 unsigned idx;
1915 u8 newValue;
1916
1917 switch (type) {
1918 default:
1919 case FFS_DESCRIPTOR:
1920 /* Handled in previous pass by __ffs_func_bind_do_descs() */
1921 return 0;
1922
1923 case FFS_INTERFACE:
1924 idx = *valuep;
1925 if (func->interfaces_nums[idx] < 0) {
1926 int id = usb_interface_id(func->conf, &func->function);
1927 if (unlikely(id < 0))
1928 return id;
1929 func->interfaces_nums[idx] = id;
1930 }
1931 newValue = func->interfaces_nums[idx];
1932 break;
1933
1934 case FFS_STRING:
1935 /* String' IDs are allocated when fsf_data is bound to cdev */
1936 newValue = func->ffs->stringtabs[0]->strings[*valuep - 1].id;
1937 break;
1938
1939 case FFS_ENDPOINT:
1940 /*
1941 * USB_DT_ENDPOINT are handled in
1942 * __ffs_func_bind_do_descs().
1943 */
1944 if (desc->bDescriptorType == USB_DT_ENDPOINT)
1945 return 0;
1946
1947 idx = (*valuep & USB_ENDPOINT_NUMBER_MASK) - 1;
1948 if (unlikely(!func->eps[idx].ep))
1949 return -EINVAL;
1950
1951 {
1952 struct usb_endpoint_descriptor **descs;
1953 descs = func->eps[idx].descs;
1954 newValue = descs[descs[0] ? 0 : 1]->bEndpointAddress;
1955 }
1956 break;
1957 }
1958
1959 pr_vdebug("%02x -> %02x\n", *valuep, newValue);
1960 *valuep = newValue;
1961 return 0;
1962 }
1963
1964 static inline struct f_fs_opts *ffs_do_functionfs_bind(struct usb_function *f,
1965 struct usb_configuration *c)
1966 {
1967 struct ffs_function *func = ffs_func_from_usb(f);
1968 struct f_fs_opts *ffs_opts =
1969 container_of(f->fi, struct f_fs_opts, func_inst);
1970 int ret;
1971
1972 ENTER();
1973
1974 /*
1975 * Legacy gadget triggers binding in functionfs_ready_callback,
1976 * which already uses locking; taking the same lock here would
1977 * cause a deadlock.
1978 *
1979 * Configfs-enabled gadgets however do need ffs_dev_lock.
1980 */
1981 if (!ffs_opts->no_configfs)
1982 ffs_dev_lock();
1983 ret = ffs_opts->dev->desc_ready ? 0 : -ENODEV;
1984 func->ffs = ffs_opts->dev->ffs_data;
1985 if (!ffs_opts->no_configfs)
1986 ffs_dev_unlock();
1987 if (ret)
1988 return ERR_PTR(ret);
1989
1990 func->conf = c;
1991 func->gadget = c->cdev->gadget;
1992
1993 ffs_data_get(func->ffs);
1994
1995 /*
1996 * in drivers/usb/gadget/configfs.c:configfs_composite_bind()
1997 * configurations are bound in sequence with list_for_each_entry,
1998 * in each configuration its functions are bound in sequence
1999 * with list_for_each_entry, so we assume no race condition
2000 * with regard to ffs_opts->bound access
2001 */
2002 if (!ffs_opts->refcnt) {
2003 ret = functionfs_bind(func->ffs, c->cdev);
2004 if (ret)
2005 return ERR_PTR(ret);
2006 }
2007 ffs_opts->refcnt++;
2008 func->function.strings = func->ffs->stringtabs;
2009
2010 return ffs_opts;
2011 }
2012
2013 static int _ffs_func_bind(struct usb_configuration *c,
2014 struct usb_function *f)
2015 {
2016 struct ffs_function *func = ffs_func_from_usb(f);
2017 struct ffs_data *ffs = func->ffs;
2018
2019 const int full = !!func->ffs->fs_descs_count;
2020 const int high = gadget_is_dualspeed(func->gadget) &&
2021 func->ffs->hs_descs_count;
2022
2023 int ret;
2024
2025 /* Make it a single chunk, less management later on */
2026 vla_group(d);
2027 vla_item_with_sz(d, struct ffs_ep, eps, ffs->eps_count);
2028 vla_item_with_sz(d, struct usb_descriptor_header *, fs_descs,
2029 full ? ffs->fs_descs_count + 1 : 0);
2030 vla_item_with_sz(d, struct usb_descriptor_header *, hs_descs,
2031 high ? ffs->hs_descs_count + 1 : 0);
2032 vla_item_with_sz(d, short, inums, ffs->interfaces_count);
2033 vla_item_with_sz(d, char, raw_descs,
2034 high ? ffs->raw_descs_length : ffs->raw_fs_descs_length);
2035 char *vlabuf;
2036
2037 ENTER();
2038
2039 /* Only high speed but not supported by gadget? */
2040 if (unlikely(!(full | high)))
2041 return -ENOTSUPP;
2042
2043 /* Allocate a single chunk, less management later on */
2044 vlabuf = kmalloc(vla_group_size(d), GFP_KERNEL);
2045 if (unlikely(!vlabuf))
2046 return -ENOMEM;
2047
2048 /* Zero */
2049 memset(vla_ptr(vlabuf, d, eps), 0, d_eps__sz);
2050 memcpy(vla_ptr(vlabuf, d, raw_descs), ffs->raw_descs + 16,
2051 d_raw_descs__sz);
2052 memset(vla_ptr(vlabuf, d, inums), 0xff, d_inums__sz);
2053 for (ret = ffs->eps_count; ret; --ret) {
2054 struct ffs_ep *ptr;
2055
2056 ptr = vla_ptr(vlabuf, d, eps);
2057 ptr[ret].num = -1;
2058 }
2059
2060 /* Save pointers
2061 * d_eps == vlabuf, func->eps used to kfree vlabuf later
2062 */
2063 func->eps = vla_ptr(vlabuf, d, eps);
2064 func->interfaces_nums = vla_ptr(vlabuf, d, inums);
2065
2066 /*
2067 * Go through all the endpoint descriptors and allocate
2068 * endpoints first, so that later we can rewrite the endpoint
2069 * numbers without worrying that it may be described later on.
2070 */
2071 if (likely(full)) {
2072 func->function.fs_descriptors = vla_ptr(vlabuf, d, fs_descs);
2073 ret = ffs_do_descs(ffs->fs_descs_count,
2074 vla_ptr(vlabuf, d, raw_descs),
2075 d_raw_descs__sz,
2076 __ffs_func_bind_do_descs, func);
2077 if (unlikely(ret < 0))
2078 goto error;
2079 } else {
2080 ret = 0;
2081 }
2082
2083 if (likely(high)) {
2084 func->function.hs_descriptors = vla_ptr(vlabuf, d, hs_descs);
2085 ret = ffs_do_descs(ffs->hs_descs_count,
2086 vla_ptr(vlabuf, d, raw_descs) + ret,
2087 d_raw_descs__sz - ret,
2088 __ffs_func_bind_do_descs, func);
2089 if (unlikely(ret < 0))
2090 goto error;
2091 }
2092
2093 /*
2094 * Now handle interface numbers allocation and interface and
2095 * endpoint numbers rewriting. We can do that in one go
2096 * now.
2097 */
2098 ret = ffs_do_descs(ffs->fs_descs_count +
2099 (high ? ffs->hs_descs_count : 0),
2100 vla_ptr(vlabuf, d, raw_descs), d_raw_descs__sz,
2101 __ffs_func_bind_do_nums, func);
2102 if (unlikely(ret < 0))
2103 goto error;
2104
2105 /* And we're done */
2106 ffs_event_add(ffs, FUNCTIONFS_BIND);
2107 return 0;
2108
2109 error:
2110 /* XXX Do we need to release all claimed endpoints here? */
2111 return ret;
2112 }
2113
2114 static int ffs_func_bind(struct usb_configuration *c,
2115 struct usb_function *f)
2116 {
2117 struct f_fs_opts *ffs_opts = ffs_do_functionfs_bind(f, c);
2118
2119 if (IS_ERR(ffs_opts))
2120 return PTR_ERR(ffs_opts);
2121
2122 return _ffs_func_bind(c, f);
2123 }
2124
2125
2126 /* Other USB function hooks *************************************************/
2127
2128 static int ffs_func_set_alt(struct usb_function *f,
2129 unsigned interface, unsigned alt)
2130 {
2131 struct ffs_function *func = ffs_func_from_usb(f);
2132 struct ffs_data *ffs = func->ffs;
2133 int ret = 0, intf;
2134
2135 if (alt != (unsigned)-1) {
2136 intf = ffs_func_revmap_intf(func, interface);
2137 if (unlikely(intf < 0))
2138 return intf;
2139 }
2140
2141 if (ffs->func)
2142 ffs_func_eps_disable(ffs->func);
2143
2144 if (ffs->state != FFS_ACTIVE)
2145 return -ENODEV;
2146
2147 if (alt == (unsigned)-1) {
2148 ffs->func = NULL;
2149 ffs_event_add(ffs, FUNCTIONFS_DISABLE);
2150 return 0;
2151 }
2152
2153 ffs->func = func;
2154 ret = ffs_func_eps_enable(func);
2155 if (likely(ret >= 0))
2156 ffs_event_add(ffs, FUNCTIONFS_ENABLE);
2157 return ret;
2158 }
2159
2160 static void ffs_func_disable(struct usb_function *f)
2161 {
2162 ffs_func_set_alt(f, 0, (unsigned)-1);
2163 }
2164
2165 static int ffs_func_setup(struct usb_function *f,
2166 const struct usb_ctrlrequest *creq)
2167 {
2168 struct ffs_function *func = ffs_func_from_usb(f);
2169 struct ffs_data *ffs = func->ffs;
2170 unsigned long flags;
2171 int ret;
2172
2173 ENTER();
2174
2175 pr_vdebug("creq->bRequestType = %02x\n", creq->bRequestType);
2176 pr_vdebug("creq->bRequest = %02x\n", creq->bRequest);
2177 pr_vdebug("creq->wValue = %04x\n", le16_to_cpu(creq->wValue));
2178 pr_vdebug("creq->wIndex = %04x\n", le16_to_cpu(creq->wIndex));
2179 pr_vdebug("creq->wLength = %04x\n", le16_to_cpu(creq->wLength));
2180
2181 /*
2182 * Most requests directed to interface go through here
2183 * (notable exceptions are set/get interface) so we need to
2184 * handle them. All other either handled by composite or
2185 * passed to usb_configuration->setup() (if one is set). No
2186 * matter, we will handle requests directed to endpoint here
2187 * as well (as it's straightforward) but what to do with any
2188 * other request?
2189 */
2190 if (ffs->state != FFS_ACTIVE)
2191 return -ENODEV;
2192
2193 switch (creq->bRequestType & USB_RECIP_MASK) {
2194 case USB_RECIP_INTERFACE:
2195 ret = ffs_func_revmap_intf(func, le16_to_cpu(creq->wIndex));
2196 if (unlikely(ret < 0))
2197 return ret;
2198 break;
2199
2200 case USB_RECIP_ENDPOINT:
2201 ret = ffs_func_revmap_ep(func, le16_to_cpu(creq->wIndex));
2202 if (unlikely(ret < 0))
2203 return ret;
2204 break;
2205
2206 default:
2207 return -EOPNOTSUPP;
2208 }
2209
2210 spin_lock_irqsave(&ffs->ev.waitq.lock, flags);
2211 ffs->ev.setup = *creq;
2212 ffs->ev.setup.wIndex = cpu_to_le16(ret);
2213 __ffs_event_add(ffs, FUNCTIONFS_SETUP);
2214 spin_unlock_irqrestore(&ffs->ev.waitq.lock, flags);
2215
2216 return 0;
2217 }
2218
2219 static void ffs_func_suspend(struct usb_function *f)
2220 {
2221 ENTER();
2222 ffs_event_add(ffs_func_from_usb(f)->ffs, FUNCTIONFS_SUSPEND);
2223 }
2224
2225 static void ffs_func_resume(struct usb_function *f)
2226 {
2227 ENTER();
2228 ffs_event_add(ffs_func_from_usb(f)->ffs, FUNCTIONFS_RESUME);
2229 }
2230
2231
2232 /* Endpoint and interface numbers reverse mapping ***************************/
2233
2234 static int ffs_func_revmap_ep(struct ffs_function *func, u8 num)
2235 {
2236 num = func->eps_revmap[num & USB_ENDPOINT_NUMBER_MASK];
2237 return num ? num : -EDOM;
2238 }
2239
2240 static int ffs_func_revmap_intf(struct ffs_function *func, u8 intf)
2241 {
2242 short *nums = func->interfaces_nums;
2243 unsigned count = func->ffs->interfaces_count;
2244
2245 for (; count; --count, ++nums) {
2246 if (*nums >= 0 && *nums == intf)
2247 return nums - func->interfaces_nums;
2248 }
2249
2250 return -EDOM;
2251 }
2252
2253
2254 /* Devices management *******************************************************/
2255
2256 static LIST_HEAD(ffs_devices);
2257
2258 static struct ffs_dev *_ffs_do_find_dev(const char *name)
2259 {
2260 struct ffs_dev *dev;
2261
2262 list_for_each_entry(dev, &ffs_devices, entry) {
2263 if (!dev->name || !name)
2264 continue;
2265 if (strcmp(dev->name, name) == 0)
2266 return dev;
2267 }
2268
2269 return NULL;
2270 }
2271
2272 /*
2273 * ffs_lock must be taken by the caller of this function
2274 */
2275 static struct ffs_dev *_ffs_get_single_dev(void)
2276 {
2277 struct ffs_dev *dev;
2278
2279 if (list_is_singular(&ffs_devices)) {
2280 dev = list_first_entry(&ffs_devices, struct ffs_dev, entry);
2281 if (dev->single)
2282 return dev;
2283 }
2284
2285 return NULL;
2286 }
2287
2288 /*
2289 * ffs_lock must be taken by the caller of this function
2290 */
2291 static struct ffs_dev *_ffs_find_dev(const char *name)
2292 {
2293 struct ffs_dev *dev;
2294
2295 dev = _ffs_get_single_dev();
2296 if (dev)
2297 return dev;
2298
2299 return _ffs_do_find_dev(name);
2300 }
2301
2302 /* Configfs support *********************************************************/
2303
2304 static inline struct f_fs_opts *to_ffs_opts(struct config_item *item)
2305 {
2306 return container_of(to_config_group(item), struct f_fs_opts,
2307 func_inst.group);
2308 }
2309
2310 static void ffs_attr_release(struct config_item *item)
2311 {
2312 struct f_fs_opts *opts = to_ffs_opts(item);
2313
2314 usb_put_function_instance(&opts->func_inst);
2315 }
2316
2317 static struct configfs_item_operations ffs_item_ops = {
2318 .release = ffs_attr_release,
2319 };
2320
2321 static struct config_item_type ffs_func_type = {
2322 .ct_item_ops = &ffs_item_ops,
2323 .ct_owner = THIS_MODULE,
2324 };
2325
2326
2327 /* Function registration interface ******************************************/
2328
2329 static void ffs_free_inst(struct usb_function_instance *f)
2330 {
2331 struct f_fs_opts *opts;
2332
2333 opts = to_f_fs_opts(f);
2334 ffs_dev_lock();
2335 _ffs_free_dev(opts->dev);
2336 ffs_dev_unlock();
2337 kfree(opts);
2338 }
2339
2340 #define MAX_INST_NAME_LEN 40
2341
2342 static int ffs_set_inst_name(struct usb_function_instance *fi, const char *name)
2343 {
2344 struct f_fs_opts *opts;
2345 char *ptr;
2346 const char *tmp;
2347 int name_len, ret;
2348
2349 name_len = strlen(name) + 1;
2350 if (name_len > MAX_INST_NAME_LEN)
2351 return -ENAMETOOLONG;
2352
2353 ptr = kstrndup(name, name_len, GFP_KERNEL);
2354 if (!ptr)
2355 return -ENOMEM;
2356
2357 opts = to_f_fs_opts(fi);
2358 tmp = NULL;
2359
2360 ffs_dev_lock();
2361
2362 tmp = opts->dev->name_allocated ? opts->dev->name : NULL;
2363 ret = _ffs_name_dev(opts->dev, ptr);
2364 if (ret) {
2365 kfree(ptr);
2366 ffs_dev_unlock();
2367 return ret;
2368 }
2369 opts->dev->name_allocated = true;
2370
2371 ffs_dev_unlock();
2372
2373 kfree(tmp);
2374
2375 return 0;
2376 }
2377
2378 static struct usb_function_instance *ffs_alloc_inst(void)
2379 {
2380 struct f_fs_opts *opts;
2381 struct ffs_dev *dev;
2382
2383 opts = kzalloc(sizeof(*opts), GFP_KERNEL);
2384 if (!opts)
2385 return ERR_PTR(-ENOMEM);
2386
2387 opts->func_inst.set_inst_name = ffs_set_inst_name;
2388 opts->func_inst.free_func_inst = ffs_free_inst;
2389 ffs_dev_lock();
2390 dev = _ffs_alloc_dev();
2391 ffs_dev_unlock();
2392 if (IS_ERR(dev)) {
2393 kfree(opts);
2394 return ERR_CAST(dev);
2395 }
2396 opts->dev = dev;
2397 dev->opts = opts;
2398
2399 config_group_init_type_name(&opts->func_inst.group, "",
2400 &ffs_func_type);
2401 return &opts->func_inst;
2402 }
2403
2404 static void ffs_free(struct usb_function *f)
2405 {
2406 kfree(ffs_func_from_usb(f));
2407 }
2408
2409 static void ffs_func_unbind(struct usb_configuration *c,
2410 struct usb_function *f)
2411 {
2412 struct ffs_function *func = ffs_func_from_usb(f);
2413 struct ffs_data *ffs = func->ffs;
2414 struct f_fs_opts *opts =
2415 container_of(f->fi, struct f_fs_opts, func_inst);
2416 struct ffs_ep *ep = func->eps;
2417 unsigned count = ffs->eps_count;
2418 unsigned long flags;
2419
2420 ENTER();
2421 if (ffs->func == func) {
2422 ffs_func_eps_disable(func);
2423 ffs->func = NULL;
2424 }
2425
2426 if (!--opts->refcnt)
2427 functionfs_unbind(ffs);
2428
2429 /* cleanup after autoconfig */
2430 spin_lock_irqsave(&func->ffs->eps_lock, flags);
2431 do {
2432 if (ep->ep && ep->req)
2433 usb_ep_free_request(ep->ep, ep->req);
2434 ep->req = NULL;
2435 ++ep;
2436 } while (--count);
2437 spin_unlock_irqrestore(&func->ffs->eps_lock, flags);
2438 kfree(func->eps);
2439 func->eps = NULL;
2440 /*
2441 * eps, descriptors and interfaces_nums are allocated in the
2442 * same chunk so only one free is required.
2443 */
2444 func->function.fs_descriptors = NULL;
2445 func->function.hs_descriptors = NULL;
2446 func->interfaces_nums = NULL;
2447
2448 ffs_event_add(ffs, FUNCTIONFS_UNBIND);
2449 }
2450
2451 static struct usb_function *ffs_alloc(struct usb_function_instance *fi)
2452 {
2453 struct ffs_function *func;
2454
2455 ENTER();
2456
2457 func = kzalloc(sizeof(*func), GFP_KERNEL);
2458 if (unlikely(!func))
2459 return ERR_PTR(-ENOMEM);
2460
2461 func->function.name = "Function FS Gadget";
2462
2463 func->function.bind = ffs_func_bind;
2464 func->function.unbind = ffs_func_unbind;
2465 func->function.set_alt = ffs_func_set_alt;
2466 func->function.disable = ffs_func_disable;
2467 func->function.setup = ffs_func_setup;
2468 func->function.suspend = ffs_func_suspend;
2469 func->function.resume = ffs_func_resume;
2470 func->function.free_func = ffs_free;
2471
2472 return &func->function;
2473 }
2474
2475 /*
2476 * ffs_lock must be taken by the caller of this function
2477 */
2478 static struct ffs_dev *_ffs_alloc_dev(void)
2479 {
2480 struct ffs_dev *dev;
2481 int ret;
2482
2483 if (_ffs_get_single_dev())
2484 return ERR_PTR(-EBUSY);
2485
2486 dev = kzalloc(sizeof(*dev), GFP_KERNEL);
2487 if (!dev)
2488 return ERR_PTR(-ENOMEM);
2489
2490 if (list_empty(&ffs_devices)) {
2491 ret = functionfs_init();
2492 if (ret) {
2493 kfree(dev);
2494 return ERR_PTR(ret);
2495 }
2496 }
2497
2498 list_add(&dev->entry, &ffs_devices);
2499
2500 return dev;
2501 }
2502
2503 /*
2504 * ffs_lock must be taken by the caller of this function
2505 * The caller is responsible for "name" being available whenever f_fs needs it
2506 */
2507 static int _ffs_name_dev(struct ffs_dev *dev, const char *name)
2508 {
2509 struct ffs_dev *existing;
2510
2511 existing = _ffs_do_find_dev(name);
2512 if (existing)
2513 return -EBUSY;
2514
2515 dev->name = name;
2516
2517 return 0;
2518 }
2519
2520 /*
2521 * The caller is responsible for "name" being available whenever f_fs needs it
2522 */
2523 int ffs_name_dev(struct ffs_dev *dev, const char *name)
2524 {
2525 int ret;
2526
2527 ffs_dev_lock();
2528 ret = _ffs_name_dev(dev, name);
2529 ffs_dev_unlock();
2530
2531 return ret;
2532 }
2533 EXPORT_SYMBOL(ffs_name_dev);
2534
2535 int ffs_single_dev(struct ffs_dev *dev)
2536 {
2537 int ret;
2538
2539 ret = 0;
2540 ffs_dev_lock();
2541
2542 if (!list_is_singular(&ffs_devices))
2543 ret = -EBUSY;
2544 else
2545 dev->single = true;
2546
2547 ffs_dev_unlock();
2548 return ret;
2549 }
2550 EXPORT_SYMBOL(ffs_single_dev);
2551
2552 /*
2553 * ffs_lock must be taken by the caller of this function
2554 */
2555 static void _ffs_free_dev(struct ffs_dev *dev)
2556 {
2557 list_del(&dev->entry);
2558 if (dev->name_allocated)
2559 kfree(dev->name);
2560 kfree(dev);
2561 if (list_empty(&ffs_devices))
2562 functionfs_cleanup();
2563 }
2564
2565 static void *ffs_acquire_dev(const char *dev_name)
2566 {
2567 struct ffs_dev *ffs_dev;
2568
2569 ENTER();
2570 ffs_dev_lock();
2571
2572 ffs_dev = _ffs_find_dev(dev_name);
2573 if (!ffs_dev)
2574 ffs_dev = ERR_PTR(-ENODEV);
2575 else if (ffs_dev->mounted)
2576 ffs_dev = ERR_PTR(-EBUSY);
2577 else if (ffs_dev->ffs_acquire_dev_callback &&
2578 ffs_dev->ffs_acquire_dev_callback(ffs_dev))
2579 ffs_dev = ERR_PTR(-ENODEV);
2580 else
2581 ffs_dev->mounted = true;
2582
2583 ffs_dev_unlock();
2584 return ffs_dev;
2585 }
2586
2587 static void ffs_release_dev(struct ffs_data *ffs_data)
2588 {
2589 struct ffs_dev *ffs_dev;
2590
2591 ENTER();
2592 ffs_dev_lock();
2593
2594 ffs_dev = ffs_data->private_data;
2595 if (ffs_dev) {
2596 ffs_dev->mounted = false;
2597
2598 if (ffs_dev->ffs_release_dev_callback)
2599 ffs_dev->ffs_release_dev_callback(ffs_dev);
2600 }
2601
2602 ffs_dev_unlock();
2603 }
2604
2605 static int ffs_ready(struct ffs_data *ffs)
2606 {
2607 struct ffs_dev *ffs_obj;
2608 int ret = 0;
2609
2610 ENTER();
2611 ffs_dev_lock();
2612
2613 ffs_obj = ffs->private_data;
2614 if (!ffs_obj) {
2615 ret = -EINVAL;
2616 goto done;
2617 }
2618 if (WARN_ON(ffs_obj->desc_ready)) {
2619 ret = -EBUSY;
2620 goto done;
2621 }
2622
2623 ffs_obj->desc_ready = true;
2624 ffs_obj->ffs_data = ffs;
2625
2626 if (ffs_obj->ffs_ready_callback)
2627 ret = ffs_obj->ffs_ready_callback(ffs);
2628
2629 done:
2630 ffs_dev_unlock();
2631 return ret;
2632 }
2633
2634 static void ffs_closed(struct ffs_data *ffs)
2635 {
2636 struct ffs_dev *ffs_obj;
2637
2638 ENTER();
2639 ffs_dev_lock();
2640
2641 ffs_obj = ffs->private_data;
2642 if (!ffs_obj)
2643 goto done;
2644
2645 ffs_obj->desc_ready = false;
2646
2647 if (ffs_obj->ffs_closed_callback)
2648 ffs_obj->ffs_closed_callback(ffs);
2649
2650 if (!ffs_obj->opts || ffs_obj->opts->no_configfs
2651 || !ffs_obj->opts->func_inst.group.cg_item.ci_parent)
2652 goto done;
2653
2654 unregister_gadget_item(ffs_obj->opts->
2655 func_inst.group.cg_item.ci_parent->ci_parent);
2656 done:
2657 ffs_dev_unlock();
2658 }
2659
2660 /* Misc helper functions ****************************************************/
2661
2662 static int ffs_mutex_lock(struct mutex *mutex, unsigned nonblock)
2663 {
2664 return nonblock
2665 ? likely(mutex_trylock(mutex)) ? 0 : -EAGAIN
2666 : mutex_lock_interruptible(mutex);
2667 }
2668
2669 static char *ffs_prepare_buffer(const char __user *buf, size_t len)
2670 {
2671 char *data;
2672
2673 if (unlikely(!len))
2674 return NULL;
2675
2676 data = kmalloc(len, GFP_KERNEL);
2677 if (unlikely(!data))
2678 return ERR_PTR(-ENOMEM);
2679
2680 if (unlikely(__copy_from_user(data, buf, len))) {
2681 kfree(data);
2682 return ERR_PTR(-EFAULT);
2683 }
2684
2685 pr_vdebug("Buffer from user space:\n");
2686 ffs_dump_mem("", data, len);
2687
2688 return data;
2689 }
2690
2691 DECLARE_USB_FUNCTION_INIT(ffs, ffs_alloc_inst, ffs_alloc);
2692 MODULE_LICENSE("GPL");
2693 MODULE_AUTHOR("Michal Nazarewicz");
Linux kernel - Deliverables
This page took 0.08859 seconds and 5 git commands to generate.