aboutsummaryrefslogtreecommitdiffstats
path: root/drivers/usb
diff options
context:
space:
mode:
authorMichal Nazarewicz <m.nazarewicz@samsung.com>2010-05-05 06:53:14 -0400
committerGreg Kroah-Hartman <gregkh@suse.de>2010-05-20 16:21:43 -0400
commitddf8abd2599491cbad959c700b90ba72a5dce8d0 (patch)
treed04cf8348f36c4a65af77190658ba87a4480cd50 /drivers/usb
parent28824b18ac4705e876a282a15ea0de8fc957551f (diff)
USB: f_fs: the FunctionFS driver
The FunctionFS is a USB composite function that can be used with the composite framework to create an USB gadget. >From kernel point of view it is just a composite function with some unique behaviour. It may be added to an USB configuration only after the user space driver has registered by writing descriptors and strings (the user space program has to provide the same information that kernel level composite functions provide when they are added to the configuration). >From user space point of view it is a file system which when mounted provide an "ep0" file. User space driver need to write descriptors and strings to that file. It does not need to worry about endpoints, interfaces or strings numbers but simply provide descriptors such as if the function was the only one (endpoints and strings numbers starting from one and interface numbers starting from core). The FunctionFS changes numbers of those as needed also handling situation when numbers differ in different configurations. When descriptors and strings are written "ep#" files appear (one for each declared endpoint) which handle communication on a single endpoint. Again, FunctionFS takes care of the real numbers and changing of the configuration (which means that "ep1" file may be really mapped to (say) endpoint 3 (and when configuration changes to (say) endpoint 2)). "ep0" is used for receiving events and handling setup requests. When all files are closed the function disables itself. Signed-off-by: Michal Nazarewicz <m.nazarewicz@samsung.com> Cc: Kyungmin Park <kyungmin.park@samsung.com> Cc: Marek Szyprowski <m.szyprowski@samsung.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Diffstat (limited to 'drivers/usb')
-rw-r--r--drivers/usb/gadget/f_fs.c2441
1 files changed, 2441 insertions, 0 deletions
diff --git a/drivers/usb/gadget/f_fs.c b/drivers/usb/gadget/f_fs.c
new file mode 100644
index 000000000000..af89ca672c60
--- /dev/null
+++ b/drivers/usb/gadget/f_fs.c
@@ -0,0 +1,2441 @@
1/*
2 * f_fs.c -- user mode filesystem api for usb composite funtcion controllers
3 *
4 * Copyright (C) 2010 Samsung Electronics
5 * Author: Michal Nazarewicz <m.nazarewicz@samsung.com>
6 *
7 * Based on inode.c (GadgetFS):
8 * Copyright (C) 2003-2004 David Brownell
9 * Copyright (C) 2003 Agilent Technologies
10 *
11 * This program is free software; you can redistribute it and/or modify
12 * it under the terms of the GNU General Public License as published by
13 * the Free Software Foundation; either version 2 of the License, or
14 * (at your option) any later version.
15 *
16 * This program is distributed in the hope that it will be useful,
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 * GNU General Public License for more details.
20 *
21 * You should have received a copy of the GNU General Public License
22 * along with this program; if not, write to the Free Software
23 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
24 */
25
26
27/* #define DEBUG */
28/* #define VERBOSE_DEBUG */
29
30#include <linux/blkdev.h>
31#include <asm/unaligned.h>
32#include <linux/smp_lock.h>
33
34#include <linux/usb/composite.h>
35#include <linux/usb/functionfs.h>
36
37
38#define FUNCTIONFS_MAGIC 0xa647361 /* Chosen by a honest dice roll ;) */
39
40
41/* Debuging *****************************************************************/
42
43#define ffs_printk(level, fmt, args...) printk(level "f_fs: " fmt "\n", ## args)
44
45#define FERR(...) ffs_printk(KERN_ERR, __VA_ARGS__)
46#define FINFO(...) ffs_printk(KERN_INFO, __VA_ARGS__)
47
48#ifdef DEBUG
49# define FDBG(...) ffs_printk(KERN_DEBUG, __VA_ARGS__)
50#else
51# define FDBG(...) do { } while (0)
52#endif /* DEBUG */
53
54#ifdef VERBOSE_DEBUG
55# define FVDBG FDBG
56#else
57# define FVDBG(...) do { } while (0)
58#endif /* VERBOSE_DEBUG */
59
60#define ENTER() FVDBG("%s()", __func__)
61
62#ifdef VERBOSE_DEBUG
63# define ffs_dump_mem(prefix, ptr, len) \
64 print_hex_dump_bytes("f_fs" prefix ": ", DUMP_PREFIX_NONE, ptr, len)
65#else
66# define ffs_dump_mem(prefix, ptr, len) do { } while (0)
67#endif
68
69
70/* The data structure and setup file ****************************************/
71
72enum ffs_state {
73 /* Waiting for descriptors and strings. */
74 /* In this state no open(2), read(2) or write(2) on epfiles
75 * may succeed (which should not be the problem as there
76 * should be no such files opened in the firts place). */
77 FFS_READ_DESCRIPTORS,
78 FFS_READ_STRINGS,
79
80 /* We've got descriptors and strings. We are or have called
81 * functionfs_ready_callback(). functionfs_bind() may have
82 * been called but we don't know. */
83 /* This is the only state in which operations on epfiles may
84 * succeed. */
85 FFS_ACTIVE,
86
87 /* All endpoints have been closed. This state is also set if
88 * we encounter an unrecoverable error. The only
89 * unrecoverable error is situation when after reading strings
90 * from user space we fail to initialise EP files or
91 * functionfs_ready_callback() returns with error (<0). */
92 /* In this state no open(2), read(2) or write(2) (both on ep0
93 * as well as epfile) may succeed (at this point epfiles are
94 * unlinked and all closed so this is not a problem; ep0 is
95 * also closed but ep0 file exists and so open(2) on ep0 must
96 * fail). */
97 FFS_CLOSING
98};
99
100
101enum ffs_setup_state {
102 /* There is no setup request pending. */
103 FFS_NO_SETUP,
104 /* User has read events and there was a setup request event
105 * there. The next read/write on ep0 will handle the
106 * request. */
107 FFS_SETUP_PENDING,
108 /* There was event pending but before user space handled it
109 * some other event was introduced which canceled existing
110 * setup. If this state is set read/write on ep0 return
111 * -EIDRM. This state is only set when adding event. */
112 FFS_SETUP_CANCELED
113};
114
115
116
117struct ffs_epfile;
118struct ffs_function;
119
120struct ffs_data {
121 struct usb_gadget *gadget;
122
123 /* Protect access read/write operations, only one read/write
124 * at a time. As a consequence protects ep0req and company.
125 * While setup request is being processed (queued) this is
126 * held. */
127 struct mutex mutex;
128
129 /* Protect access to enpoint related structures (basically
130 * usb_ep_queue(), usb_ep_dequeue(), etc. calls) except for
131 * endpint zero. */
132 spinlock_t eps_lock;
133
134 /* XXX REVISIT do we need our own request? Since we are not
135 * handling setup requests immidiatelly user space may be so
136 * slow that another setup will be sent to the gadget but this
137 * time not to us but another function and then there could be
138 * a race. Is taht the case? Or maybe we can use cdev->req
139 * after all, maybe we just need some spinlock for that? */
140 struct usb_request *ep0req; /* P: mutex */
141 struct completion ep0req_completion; /* P: mutex */
142 int ep0req_status; /* P: mutex */
143
144 /* reference counter */
145 atomic_t ref;
146 /* how many files are opened (EP0 and others) */
147 atomic_t opened;
148
149 /* EP0 state */
150 enum ffs_state state;
151
152 /*
153 * Possible transations:
154 * + FFS_NO_SETUP -> FFS_SETUP_PENDING -- P: ev.waitq.lock
155 * happens only in ep0 read which is P: mutex
156 * + FFS_SETUP_PENDING -> FFS_NO_SETUP -- P: ev.waitq.lock
157 * happens only in ep0 i/o which is P: mutex
158 * + FFS_SETUP_PENDING -> FFS_SETUP_CANCELED -- P: ev.waitq.lock
159 * + FFS_SETUP_CANCELED -> FFS_NO_SETUP -- cmpxchg
160 */
161 enum ffs_setup_state setup_state;
162
163#define FFS_SETUP_STATE(ffs) \
164 ((enum ffs_setup_state)cmpxchg(&(ffs)->setup_state, \
165 FFS_SETUP_CANCELED, FFS_NO_SETUP))
166
167 /* Events & such. */
168 struct {
169 u8 types[4];
170 unsigned short count;
171 /* XXX REVISIT need to update it in some places, or do we? */
172 unsigned short can_stall;
173 struct usb_ctrlrequest setup;
174
175 wait_queue_head_t waitq;
176 } ev; /* the whole structure, P: ev.waitq.lock */
177
178 /* Flags */
179 unsigned long flags;
180#define FFS_FL_CALL_CLOSED_CALLBACK 0
181#define FFS_FL_BOUND 1
182
183 /* Active function */
184 struct ffs_function *func;
185
186 /* Device name, write once when file system is mounted.
187 * Intendet for user to read if she wants. */
188 const char *dev_name;
189 /* Private data for our user (ie. gadget). Managed by
190 * user. */
191 void *private_data;
192
193 /* filled by __ffs_data_got_descs() */
194 /* real descriptors are 16 bytes after raw_descs (so you need
195 * to skip 16 bytes (ie. ffs->raw_descs + 16) to get to the
196 * first full speed descriptor). raw_descs_length and
197 * raw_fs_descs_length do not have those 16 bytes added. */
198 const void *raw_descs;
199 unsigned raw_descs_length;
200 unsigned raw_fs_descs_length;
201 unsigned fs_descs_count;
202 unsigned hs_descs_count;
203
204 unsigned short strings_count;
205 unsigned short interfaces_count;
206 unsigned short eps_count;
207 unsigned short _pad1;
208
209 /* filled by __ffs_data_got_strings() */
210 /* ids in stringtabs are set in functionfs_bind() */
211 const void *raw_strings;
212 struct usb_gadget_strings **stringtabs;
213
214 /* File system's super block, write once when file system is mounted. */
215 struct super_block *sb;
216
217 /* File permissions, written once when fs is mounted*/
218 struct ffs_file_perms {
219 umode_t mode;
220 uid_t uid;
221 gid_t gid;
222 } file_perms;
223
224 /* The endpoint files, filled by ffs_epfiles_create(),
225 * destroyed by ffs_epfiles_destroy(). */
226 struct ffs_epfile *epfiles;
227};
228
229/* Reference counter handling */
230static void ffs_data_get(struct ffs_data *ffs);
231static void ffs_data_put(struct ffs_data *ffs);
232/* Creates new ffs_data object. */
233static struct ffs_data *__must_check ffs_data_new(void) __attribute__((malloc));
234
235/* Opened counter handling. */
236static void ffs_data_opened(struct ffs_data *ffs);
237static void ffs_data_closed(struct ffs_data *ffs);
238
239/* Called with ffs->mutex held; take over ownerrship of data. */
240static int __must_check
241__ffs_data_got_descs(struct ffs_data *ffs, char *data, size_t len);
242static int __must_check
243__ffs_data_got_strings(struct ffs_data *ffs, char *data, size_t len);
244
245
246/* The function structure ***************************************************/
247
248struct ffs_ep;
249
250struct ffs_function {
251 struct usb_configuration *conf;
252 struct usb_gadget *gadget;
253 struct ffs_data *ffs;
254
255 struct ffs_ep *eps;
256 u8 eps_revmap[16];
257 short *interfaces_nums;
258
259 struct usb_function function;
260};
261
262
263static struct ffs_function *ffs_func_from_usb(struct usb_function *f)
264{
265 return container_of(f, struct ffs_function, function);
266}
267
268static void ffs_func_free(struct ffs_function *func);
269
270
271static void ffs_func_eps_disable(struct ffs_function *func);
272static int __must_check ffs_func_eps_enable(struct ffs_function *func);
273
274
275static int ffs_func_bind(struct usb_configuration *,
276 struct usb_function *);
277static void ffs_func_unbind(struct usb_configuration *,
278 struct usb_function *);
279static int ffs_func_set_alt(struct usb_function *, unsigned, unsigned);
280static void ffs_func_disable(struct usb_function *);
281static int ffs_func_setup(struct usb_function *,
282 const struct usb_ctrlrequest *);
283static void ffs_func_suspend(struct usb_function *);
284static void ffs_func_resume(struct usb_function *);
285
286
287static int ffs_func_revmap_ep(struct ffs_function *func, u8 num);
288static int ffs_func_revmap_intf(struct ffs_function *func, u8 intf);
289
290
291
292/* The endpoints structures *************************************************/
293
294struct ffs_ep {
295 struct usb_ep *ep; /* P: ffs->eps_lock */
296 struct usb_request *req; /* P: epfile->mutex */
297
298 /* [0]: full speed, [1]: high speed */
299 struct usb_endpoint_descriptor *descs[2];
300
301 u8 num;
302
303 int status; /* P: epfile->mutex */
304};
305
306struct ffs_epfile {
307 /* Protects ep->ep and ep->req. */
308 struct mutex mutex;
309 wait_queue_head_t wait;
310
311 struct ffs_data *ffs;
312 struct ffs_ep *ep; /* P: ffs->eps_lock */
313
314 struct dentry *dentry;
315
316 char name[5];
317
318 unsigned char in; /* P: ffs->eps_lock */
319 unsigned char isoc; /* P: ffs->eps_lock */
320
321 unsigned char _pad;
322};
323
324
325static int __must_check ffs_epfiles_create(struct ffs_data *ffs);
326static void ffs_epfiles_destroy(struct ffs_epfile *epfiles, unsigned count);
327
328static struct inode *__must_check
329ffs_sb_create_file(struct super_block *sb, const char *name, void *data,
330 const struct file_operations *fops,
331 struct dentry **dentry_p);
332
333
334/* Misc helper functions ****************************************************/
335
336static int ffs_mutex_lock(struct mutex *mutex, unsigned nonblock)
337 __attribute__((warn_unused_result, nonnull));
338static char *ffs_prepare_buffer(const char * __user buf, size_t len)
339 __attribute__((warn_unused_result, nonnull));
340
341
342/* Control file aka ep0 *****************************************************/
343
344static void ffs_ep0_complete(struct usb_ep *ep, struct usb_request *req)
345{
346 struct ffs_data *ffs = req->context;
347
348 complete_all(&ffs->ep0req_completion);
349}
350
351
352static int __ffs_ep0_queue_wait(struct ffs_data *ffs, char *data, size_t len)
353{
354 struct usb_request *req = ffs->ep0req;
355 int ret;
356
357 req->zero = len < le16_to_cpu(ffs->ev.setup.wLength);
358
359 spin_unlock_irq(&ffs->ev.waitq.lock);
360
361 req->buf = data;
362 req->length = len;
363
364 INIT_COMPLETION(ffs->ep0req_completion);
365
366 ret = usb_ep_queue(ffs->gadget->ep0, req, GFP_ATOMIC);
367 if (unlikely(ret < 0))
368 return ret;
369
370 ret = wait_for_completion_interruptible(&ffs->ep0req_completion);
371 if (unlikely(ret)) {
372 usb_ep_dequeue(ffs->gadget->ep0, req);
373 return -EINTR;
374 }
375
376 ffs->setup_state = FFS_NO_SETUP;
377 return ffs->ep0req_status;
378}
379
380static int __ffs_ep0_stall(struct ffs_data *ffs)
381{
382 if (ffs->ev.can_stall) {
383 FVDBG("ep0 stall\n");
384 usb_ep_set_halt(ffs->gadget->ep0);
385 ffs->setup_state = FFS_NO_SETUP;
386 return -EL2HLT;
387 } else {
388 FDBG("bogus ep0 stall!\n");
389 return -ESRCH;
390 }
391}
392
393
394static ssize_t ffs_ep0_write(struct file *file, const char __user *buf,
395 size_t len, loff_t *ptr)
396{
397 struct ffs_data *ffs = file->private_data;
398 ssize_t ret;
399 char *data;
400
401 ENTER();
402
403 /* Fast check if setup was canceled */
404 if (FFS_SETUP_STATE(ffs) == FFS_SETUP_CANCELED)
405 return -EIDRM;
406
407 /* Acquire mutex */
408 ret = ffs_mutex_lock(&ffs->mutex, file->f_flags & O_NONBLOCK);
409 if (unlikely(ret < 0))
410 return ret;
411
412
413 /* Check state */
414 switch (ffs->state) {
415 case FFS_READ_DESCRIPTORS:
416 case FFS_READ_STRINGS:
417 /* Copy data */
418 if (unlikely(len < 16)) {
419 ret = -EINVAL;
420 break;
421 }
422
423 data = ffs_prepare_buffer(buf, len);
424 if (unlikely(IS_ERR(data))) {
425 ret = PTR_ERR(data);
426 break;
427 }
428
429 /* Handle data */
430 if (ffs->state == FFS_READ_DESCRIPTORS) {
431 FINFO("read descriptors");
432 ret = __ffs_data_got_descs(ffs, data, len);
433 if (unlikely(ret < 0))
434 break;
435
436 ffs->state = FFS_READ_STRINGS;
437 ret = len;
438 } else {
439 FINFO("read strings");
440 ret = __ffs_data_got_strings(ffs, data, len);
441 if (unlikely(ret < 0))
442 break;
443
444 ret = ffs_epfiles_create(ffs);
445 if (unlikely(ret)) {
446 ffs->state = FFS_CLOSING;
447 break;
448 }
449
450 ffs->state = FFS_ACTIVE;
451 mutex_unlock(&ffs->mutex);
452
453 ret = functionfs_ready_callback(ffs);
454 if (unlikely(ret < 0)) {
455 ffs->state = FFS_CLOSING;
456 return ret;
457 }
458
459 set_bit(FFS_FL_CALL_CLOSED_CALLBACK, &ffs->flags);
460 return len;
461 }
462 break;
463
464
465 case FFS_ACTIVE:
466 data = NULL;
467 /* We're called from user space, we can use _irq
468 * rather then _irqsave */
469 spin_lock_irq(&ffs->ev.waitq.lock);
470 switch (FFS_SETUP_STATE(ffs)) {
471 case FFS_SETUP_CANCELED:
472 ret = -EIDRM;
473 goto done_spin;
474
475 case FFS_NO_SETUP:
476 ret = -ESRCH;
477 goto done_spin;
478
479 case FFS_SETUP_PENDING:
480 break;
481 }
482
483 /* FFS_SETUP_PENDING */
484 if (!(ffs->ev.setup.bRequestType & USB_DIR_IN)) {
485 spin_unlock_irq(&ffs->ev.waitq.lock);
486 ret = __ffs_ep0_stall(ffs);
487 break;
488 }
489
490 /* FFS_SETUP_PENDING and not stall */
491 len = min(len, (size_t)le16_to_cpu(ffs->ev.setup.wLength));
492
493 spin_unlock_irq(&ffs->ev.waitq.lock);
494
495 data = ffs_prepare_buffer(buf, len);
496 if (unlikely(IS_ERR(data))) {
497 ret = PTR_ERR(data);
498 break;
499 }
500
501 spin_lock_irq(&ffs->ev.waitq.lock);
502
503 /* We are guaranteed to be still in FFS_ACTIVE state
504 * but the state of setup could have changed from
505 * FFS_SETUP_PENDING to FFS_SETUP_CANCELED so we need
506 * to check for that. If that happened we copied data
507 * from user space in vain but it's unlikely. */
508 /* For sure we are not in FFS_NO_SETUP since this is
509 * the only place FFS_SETUP_PENDING -> FFS_NO_SETUP
510 * transition can be performed and it's protected by
511 * mutex. */
512
513 if (FFS_SETUP_STATE(ffs) == FFS_SETUP_CANCELED) {
514 ret = -EIDRM;
515done_spin:
516 spin_unlock_irq(&ffs->ev.waitq.lock);
517 } else {
518 /* unlocks spinlock */
519 ret = __ffs_ep0_queue_wait(ffs, data, len);
520 }
521 kfree(data);
522 break;
523
524
525 default:
526 ret = -EBADFD;
527 break;
528 }
529
530
531 mutex_unlock(&ffs->mutex);
532 return ret;
533}
534
535
536
537static ssize_t __ffs_ep0_read_events(struct ffs_data *ffs, char __user *buf,
538 size_t n)
539{
540 /* We are holding ffs->ev.waitq.lock and ffs->mutex and we need
541 * to release them. */
542
543 struct usb_functionfs_event events[n];
544 unsigned i = 0;
545
546 memset(events, 0, sizeof events);
547
548 do {
549 events[i].type = ffs->ev.types[i];
550 if (events[i].type == FUNCTIONFS_SETUP) {
551 events[i].u.setup = ffs->ev.setup;
552 ffs->setup_state = FFS_SETUP_PENDING;
553 }
554 } while (++i < n);
555
556 if (n < ffs->ev.count) {
557 ffs->ev.count -= n;
558 memmove(ffs->ev.types, ffs->ev.types + n,
559 ffs->ev.count * sizeof *ffs->ev.types);
560 } else {
561 ffs->ev.count = 0;
562 }
563
564 spin_unlock_irq(&ffs->ev.waitq.lock);
565 mutex_unlock(&ffs->mutex);
566
567 return unlikely(__copy_to_user(buf, events, sizeof events))
568 ? -EFAULT : sizeof events;
569}
570
571
572static ssize_t ffs_ep0_read(struct file *file, char __user *buf,
573 size_t len, loff_t *ptr)
574{
575 struct ffs_data *ffs = file->private_data;
576 char *data = NULL;
577 size_t n;
578 int ret;
579
580 ENTER();
581
582 /* Fast check if setup was canceled */
583 if (FFS_SETUP_STATE(ffs) == FFS_SETUP_CANCELED)
584 return -EIDRM;
585
586 /* Acquire mutex */
587 ret = ffs_mutex_lock(&ffs->mutex, file->f_flags & O_NONBLOCK);
588 if (unlikely(ret < 0))
589 return ret;
590
591
592 /* Check state */
593 if (ffs->state != FFS_ACTIVE) {
594 ret = -EBADFD;
595 goto done_mutex;
596 }
597
598
599 /* We're called from user space, we can use _irq rather then
600 * _irqsave */
601 spin_lock_irq(&ffs->ev.waitq.lock);
602
603 switch (FFS_SETUP_STATE(ffs)) {
604 case FFS_SETUP_CANCELED:
605 ret = -EIDRM;
606 break;
607
608 case FFS_NO_SETUP:
609 n = len / sizeof(struct usb_functionfs_event);
610 if (unlikely(!n)) {
611 ret = -EINVAL;
612 break;
613 }
614
615 if ((file->f_flags & O_NONBLOCK) && !ffs->ev.count) {
616 ret = -EAGAIN;
617 break;
618 }
619
620 if (unlikely(wait_event_interruptible_exclusive_locked_irq(ffs->ev.waitq, ffs->ev.count))) {
621 ret = -EINTR;
622 break;
623 }
624
625 return __ffs_ep0_read_events(ffs, buf,
626 min(n, (size_t)ffs->ev.count));
627
628
629 case FFS_SETUP_PENDING:
630 if (ffs->ev.setup.bRequestType & USB_DIR_IN) {
631 spin_unlock_irq(&ffs->ev.waitq.lock);
632 ret = __ffs_ep0_stall(ffs);
633 goto done_mutex;
634 }
635
636 len = min(len, (size_t)le16_to_cpu(ffs->ev.setup.wLength));
637
638 spin_unlock_irq(&ffs->ev.waitq.lock);
639
640 if (likely(len)) {
641 data = kmalloc(len, GFP_KERNEL);
642 if (unlikely(!data)) {
643 ret = -ENOMEM;
644 goto done_mutex;
645 }
646 }
647
648 spin_lock_irq(&ffs->ev.waitq.lock);
649
650 /* See ffs_ep0_write() */
651 if (FFS_SETUP_STATE(ffs) == FFS_SETUP_CANCELED) {
652 ret = -EIDRM;
653 break;
654 }
655
656 /* unlocks spinlock */
657 ret = __ffs_ep0_queue_wait(ffs, data, len);
658 if (likely(ret > 0) && unlikely(__copy_to_user(buf, data, len)))
659 ret = -EFAULT;
660 goto done_mutex;
661
662 default:
663 ret = -EBADFD;
664 break;
665 }
666
667 spin_unlock_irq(&ffs->ev.waitq.lock);
668done_mutex:
669 mutex_unlock(&ffs->mutex);
670 kfree(data);
671 return ret;
672}
673
674
675
676static int ffs_ep0_open(struct inode *inode, struct file *file)
677{
678 struct ffs_data *ffs = inode->i_private;
679
680 ENTER();
681
682 if (unlikely(ffs->state == FFS_CLOSING))
683 return -EBUSY;
684
685 file->private_data = ffs;
686 ffs_data_opened(ffs);
687
688 return 0;
689}
690
691
692static int ffs_ep0_release(struct inode *inode, struct file *file)
693{
694 struct ffs_data *ffs = file->private_data;
695
696 ENTER();
697
698 ffs_data_closed(ffs);
699
700 return 0;
701}
702
703
704static long ffs_ep0_ioctl(struct file *file, unsigned code, unsigned long value)
705{
706 struct ffs_data *ffs = file->private_data;
707 struct usb_gadget *gadget = ffs->gadget;
708 long ret;
709
710 ENTER();
711
712 if (code == FUNCTIONFS_INTERFACE_REVMAP) {
713 struct ffs_function *func = ffs->func;
714 ret = func ? ffs_func_revmap_intf(func, value) : -ENODEV;
715 } else if (gadget->ops->ioctl) {
716 lock_kernel();
717 ret = gadget->ops->ioctl(gadget, code, value);
718 unlock_kernel();
719 } else {
720 ret = -ENOTTY;
721 }
722
723 return ret;
724}
725
726
727static const struct file_operations ffs_ep0_operations = {
728 .owner = THIS_MODULE,
729 .llseek = no_llseek,
730
731 .open = ffs_ep0_open,
732 .write = ffs_ep0_write,
733 .read = ffs_ep0_read,
734 .release = ffs_ep0_release,
735 .unlocked_ioctl = ffs_ep0_ioctl,
736};
737
738
739/* "Normal" endpoints operations ********************************************/
740
741
742static void ffs_epfile_io_complete(struct usb_ep *_ep, struct usb_request *req)
743{
744 ENTER();
745 if (likely(req->context)) {
746 struct ffs_ep *ep = _ep->driver_data;
747 ep->status = req->status ? req->status : req->actual;
748 complete(req->context);
749 }
750}
751
752
753static ssize_t ffs_epfile_io(struct file *file,
754 char __user *buf, size_t len, int read)
755{
756 struct ffs_epfile *epfile = file->private_data;
757 struct ffs_ep *ep;
758 char *data = NULL;
759 ssize_t ret;
760 int halt;
761
762 goto first_try;
763 do {
764 spin_unlock_irq(&epfile->ffs->eps_lock);
765 mutex_unlock(&epfile->mutex);
766
767first_try:
768 /* Are we still active? */
769 if (WARN_ON(epfile->ffs->state != FFS_ACTIVE)) {
770 ret = -ENODEV;
771 goto error;
772 }
773
774 /* Wait for endpoint to be enabled */
775 ep = epfile->ep;
776 if (!ep) {
777 if (file->f_flags & O_NONBLOCK) {
778 ret = -EAGAIN;
779 goto error;
780 }
781
782 if (unlikely(wait_event_interruptible
783 (epfile->wait, (ep = epfile->ep)))) {
784 ret = -EINTR;
785 goto error;
786 }
787 }
788
789 /* Do we halt? */
790 halt = !read == !epfile->in;
791 if (halt && epfile->isoc) {
792 ret = -EINVAL;
793 goto error;
794 }
795
796 /* Allocate & copy */
797 if (!halt && !data) {
798 data = kzalloc(len, GFP_KERNEL);
799 if (unlikely(!data))
800 return -ENOMEM;
801
802 if (!read &&
803 unlikely(__copy_from_user(data, buf, len))) {
804 ret = -EFAULT;
805 goto error;
806 }
807 }
808
809 /* We will be using request */
810 ret = ffs_mutex_lock(&epfile->mutex,
811 file->f_flags & O_NONBLOCK);
812 if (unlikely(ret))
813 goto error;
814
815 /* We're called from user space, we can use _irq rather then
816 * _irqsave */
817 spin_lock_irq(&epfile->ffs->eps_lock);
818
819 /* While we were acquiring mutex endpoint got disabled
820 * or changed? */
821 } while (unlikely(epfile->ep != ep));
822
823 /* Halt */
824 if (unlikely(halt)) {
825 if (likely(epfile->ep == ep) && !WARN_ON(!ep->ep))
826 usb_ep_set_halt(ep->ep);
827 spin_unlock_irq(&epfile->ffs->eps_lock);
828 ret = -EBADMSG;
829 } else {
830 /* Fire the request */
831 DECLARE_COMPLETION_ONSTACK(done);
832
833 struct usb_request *req = ep->req;
834 req->context = &done;
835 req->complete = ffs_epfile_io_complete;
836 req->buf = data;
837 req->length = len;
838
839 ret = usb_ep_queue(ep->ep, req, GFP_ATOMIC);
840
841 spin_unlock_irq(&epfile->ffs->eps_lock);
842
843 if (unlikely(ret < 0)) {
844 /* nop */
845 } else if (unlikely(wait_for_completion_interruptible(&done))) {
846 ret = -EINTR;
847 usb_ep_dequeue(ep->ep, req);
848 } else {
849 ret = ep->status;
850 if (read && ret > 0 &&
851 unlikely(copy_to_user(buf, data, ret)))
852 ret = -EFAULT;
853 }
854 }
855
856 mutex_unlock(&epfile->mutex);
857error:
858 kfree(data);
859 return ret;
860}
861
862
863static ssize_t
864ffs_epfile_write(struct file *file, const char __user *buf, size_t len,
865 loff_t *ptr)
866{
867 ENTER();
868
869 return ffs_epfile_io(file, (char __user *)buf, len, 0);
870}
871
872static ssize_t
873ffs_epfile_read(struct file *file, char __user *buf, size_t len, loff_t *ptr)
874{
875 ENTER();
876
877 return ffs_epfile_io(file, buf, len, 1);
878}
879
880static int
881ffs_epfile_open(struct inode *inode, struct file *file)
882{
883 struct ffs_epfile *epfile = inode->i_private;
884
885 ENTER();
886
887 if (WARN_ON(epfile->ffs->state != FFS_ACTIVE))
888 return -ENODEV;
889
890 file->private_data = epfile;
891 ffs_data_opened(epfile->ffs);
892
893 return 0;
894}
895
896static int
897ffs_epfile_release(struct inode *inode, struct file *file)
898{
899 struct ffs_epfile *epfile = inode->i_private;
900
901 ENTER();
902
903 ffs_data_closed(epfile->ffs);
904
905 return 0;
906}
907
908
909static long ffs_epfile_ioctl(struct file *file, unsigned code,
910 unsigned long value)
911{
912 struct ffs_epfile *epfile = file->private_data;
913 int ret;
914
915 ENTER();
916
917 if (WARN_ON(epfile->ffs->state != FFS_ACTIVE))
918 return -ENODEV;
919
920 spin_lock_irq(&epfile->ffs->eps_lock);
921 if (likely(epfile->ep)) {
922 switch (code) {
923 case FUNCTIONFS_FIFO_STATUS:
924 ret = usb_ep_fifo_status(epfile->ep->ep);
925 break;
926 case FUNCTIONFS_FIFO_FLUSH:
927 usb_ep_fifo_flush(epfile->ep->ep);
928 ret = 0;
929 break;
930 case FUNCTIONFS_CLEAR_HALT:
931 ret = usb_ep_clear_halt(epfile->ep->ep);
932 break;
933 case FUNCTIONFS_ENDPOINT_REVMAP:
934 ret = epfile->ep->num;
935 break;
936 default:
937 ret = -ENOTTY;
938 }
939 } else {
940 ret = -ENODEV;
941 }
942 spin_unlock_irq(&epfile->ffs->eps_lock);
943
944 return ret;
945}
946
947
948static const struct file_operations ffs_epfile_operations = {
949 .owner = THIS_MODULE,
950 .llseek = no_llseek,
951
952 .open = ffs_epfile_open,
953 .write = ffs_epfile_write,
954 .read = ffs_epfile_read,
955 .release = ffs_epfile_release,
956 .unlocked_ioctl = ffs_epfile_ioctl,
957};
958
959
960
961/* File system and super block operations ***********************************/
962
963/*
964 * Mounting the filesystem creates a controller file, used first for
965 * function configuration then later for event monitoring.
966 */
967
968
969static struct inode *__must_check
970ffs_sb_make_inode(struct super_block *sb, void *data,
971 const struct file_operations *fops,
972 const struct inode_operations *iops,
973 struct ffs_file_perms *perms)
974{
975 struct inode *inode;
976
977 ENTER();
978
979 inode = new_inode(sb);
980
981 if (likely(inode)) {
982 struct timespec current_time = CURRENT_TIME;
983
984 inode->i_mode = perms->mode;
985 inode->i_uid = perms->uid;
986 inode->i_gid = perms->gid;
987 inode->i_atime = current_time;
988 inode->i_mtime = current_time;
989 inode->i_ctime = current_time;
990 inode->i_private = data;
991 if (fops)
992 inode->i_fop = fops;
993 if (iops)
994 inode->i_op = iops;
995 }
996
997 return inode;
998}
999
1000
1001/* Create "regular" file */
1002
1003static struct inode *ffs_sb_create_file(struct super_block *sb,
1004 const char *name, void *data,
1005 const struct file_operations *fops,
1006 struct dentry **dentry_p)
1007{
1008 struct ffs_data *ffs = sb->s_fs_info;
1009 struct dentry *dentry;
1010 struct inode *inode;
1011
1012 ENTER();
1013
1014 dentry = d_alloc_name(sb->s_root, name);
1015 if (unlikely(!dentry))
1016 return NULL;
1017
1018 inode = ffs_sb_make_inode(sb, data, fops, NULL, &ffs->file_perms);
1019 if (unlikely(!inode)) {
1020 dput(dentry);
1021 return NULL;
1022 }
1023
1024 d_add(dentry, inode);
1025 if (dentry_p)
1026 *dentry_p = dentry;
1027
1028 return inode;
1029}
1030
1031
1032/* Super block */
1033
1034static const struct super_operations ffs_sb_operations = {
1035 .statfs = simple_statfs,
1036 .drop_inode = generic_delete_inode,
1037};
1038
1039struct ffs_sb_fill_data {
1040 struct ffs_file_perms perms;
1041 umode_t root_mode;
1042 const char *dev_name;
1043};
1044
1045static int ffs_sb_fill(struct super_block *sb, void *_data, int silent)
1046{
1047 struct ffs_sb_fill_data *data = _data;
1048 struct inode *inode;
1049 struct dentry *d;
1050 struct ffs_data *ffs;
1051
1052 ENTER();
1053
1054 /* Initialize data */
1055 ffs = ffs_data_new();
1056 if (unlikely(!ffs))
1057 goto enomem0;
1058
1059 ffs->sb = sb;
1060 ffs->dev_name = data->dev_name;
1061 ffs->file_perms = data->perms;
1062
1063 sb->s_fs_info = ffs;
1064 sb->s_blocksize = PAGE_CACHE_SIZE;
1065 sb->s_blocksize_bits = PAGE_CACHE_SHIFT;
1066 sb->s_magic = FUNCTIONFS_MAGIC;
1067 sb->s_op = &ffs_sb_operations;
1068 sb->s_time_gran = 1;
1069
1070 /* Root inode */
1071 data->perms.mode = data->root_mode;
1072 inode = ffs_sb_make_inode(sb, NULL,
1073 &simple_dir_operations,
1074 &simple_dir_inode_operations,
1075 &data->perms);
1076 if (unlikely(!inode))
1077 goto enomem1;
1078 d = d_alloc_root(inode);
1079 if (unlikely(!d))
1080 goto enomem2;
1081 sb->s_root = d;
1082
1083 /* EP0 file */
1084 if (unlikely(!ffs_sb_create_file(sb, "ep0", ffs,
1085 &ffs_ep0_operations, NULL)))
1086 goto enomem3;
1087
1088 return 0;
1089
1090enomem3:
1091 dput(d);
1092enomem2:
1093 iput(inode);
1094enomem1:
1095 ffs_data_put(ffs);
1096enomem0:
1097 return -ENOMEM;
1098}
1099
1100
1101static int ffs_fs_parse_opts(struct ffs_sb_fill_data *data, char *opts)
1102{
1103 ENTER();
1104
1105 if (!opts || !*opts)
1106 return 0;
1107
1108 for (;;) {
1109 char *end, *eq, *comma;
1110 unsigned long value;
1111
1112 /* Option limit */
1113 comma = strchr(opts, ',');
1114 if (comma)
1115 *comma = 0;
1116
1117 /* Value limit */
1118 eq = strchr(opts, '=');
1119 if (unlikely(!eq)) {
1120 FERR("'=' missing in %s", opts);
1121 return -EINVAL;
1122 }
1123 *eq = 0;
1124
1125 /* Parse value */
1126 value = simple_strtoul(eq + 1, &end, 0);
1127 if (unlikely(*end != ',' && *end != 0)) {
1128 FERR("%s: invalid value: %s", opts, eq + 1);
1129 return -EINVAL;
1130 }
1131
1132 /* Interpret option */
1133 switch (eq - opts) {
1134 case 5:
1135 if (!memcmp(opts, "rmode", 5))
1136 data->root_mode = (value & 0555) | S_IFDIR;
1137 else if (!memcmp(opts, "fmode", 5))
1138 data->perms.mode = (value & 0666) | S_IFREG;
1139 else
1140 goto invalid;
1141 break;
1142
1143 case 4:
1144 if (!memcmp(opts, "mode", 4)) {
1145 data->root_mode = (value & 0555) | S_IFDIR;
1146 data->perms.mode = (value & 0666) | S_IFREG;
1147 } else {
1148 goto invalid;
1149 }
1150 break;
1151
1152 case 3:
1153 if (!memcmp(opts, "uid", 3))
1154 data->perms.uid = value;
1155 else if (!memcmp(opts, "gid", 3))
1156 data->perms.gid = value;
1157 else
1158 goto invalid;
1159 break;
1160
1161 default:
1162invalid:
1163 FERR("%s: invalid option", opts);
1164 return -EINVAL;
1165 }
1166
1167 /* Next iteration */
1168 if (!comma)
1169 break;
1170 opts = comma + 1;
1171 }
1172
1173 return 0;
1174}
1175
1176
1177/* "mount -t functionfs dev_name /dev/function" ends up here */
1178
1179static int
1180ffs_fs_get_sb(struct file_system_type *t, int flags,
1181 const char *dev_name, void *opts, struct vfsmount *mnt)
1182{
1183 struct ffs_sb_fill_data data = {
1184 .perms = {
1185 .mode = S_IFREG | 0600,
1186 .uid = 0,
1187 .gid = 0
1188 },
1189 .root_mode = S_IFDIR | 0500,
1190 };
1191 int ret;
1192
1193 ENTER();
1194
1195 ret = functionfs_check_dev_callback(dev_name);
1196 if (unlikely(ret < 0))
1197 return ret;
1198
1199 ret = ffs_fs_parse_opts(&data, opts);
1200 if (unlikely(ret < 0))
1201 return ret;
1202
1203 data.dev_name = dev_name;
1204 return get_sb_single(t, flags, &data, ffs_sb_fill, mnt);
1205}
1206
1207static void
1208ffs_fs_kill_sb(struct super_block *sb)
1209{
1210 void *ptr;
1211
1212 ENTER();
1213
1214 kill_litter_super(sb);
1215 ptr = xchg(&sb->s_fs_info, NULL);
1216 if (ptr)
1217 ffs_data_put(ptr);
1218}
1219
1220static struct file_system_type ffs_fs_type = {
1221 .owner = THIS_MODULE,
1222 .name = "functionfs",
1223 .get_sb = ffs_fs_get_sb,
1224 .kill_sb = ffs_fs_kill_sb,
1225};
1226
1227
1228
1229/* Driver's main init/cleanup functions *************************************/
1230
1231
1232static int functionfs_init(void)
1233{
1234 int ret;
1235
1236 ENTER();
1237
1238 ret = register_filesystem(&ffs_fs_type);
1239 if (likely(!ret))
1240 FINFO("file system registered");
1241 else
1242 FERR("failed registering file system (%d)", ret);
1243
1244 return ret;
1245}
1246
1247static void functionfs_cleanup(void)
1248{
1249 ENTER();
1250
1251 FINFO("unloading");
1252 unregister_filesystem(&ffs_fs_type);
1253}
1254
1255
1256
1257/* ffs_data and ffs_function construction and destruction code **************/
1258
1259static void ffs_data_clear(struct ffs_data *ffs);
1260static void ffs_data_reset(struct ffs_data *ffs);
1261
1262
1263static void ffs_data_get(struct ffs_data *ffs)
1264{
1265 ENTER();
1266
1267 atomic_inc(&ffs->ref);
1268}
1269
1270static void ffs_data_opened(struct ffs_data *ffs)
1271{
1272 ENTER();
1273
1274 atomic_inc(&ffs->ref);
1275 atomic_inc(&ffs->opened);
1276}
1277
1278static void ffs_data_put(struct ffs_data *ffs)
1279{
1280 ENTER();
1281
1282 if (unlikely(atomic_dec_and_test(&ffs->ref))) {
1283 FINFO("%s(): freeing", __func__);
1284 ffs_data_clear(ffs);
1285 BUG_ON(mutex_is_locked(&ffs->mutex) ||
1286 spin_is_locked(&ffs->ev.waitq.lock) ||
1287 waitqueue_active(&ffs->ev.waitq) ||
1288 waitqueue_active(&ffs->ep0req_completion.wait));
1289 kfree(ffs);
1290 }
1291}
1292
1293
1294
1295static void ffs_data_closed(struct ffs_data *ffs)
1296{
1297 ENTER();
1298
1299 if (atomic_dec_and_test(&ffs->opened)) {
1300 ffs->state = FFS_CLOSING;
1301 ffs_data_reset(ffs);
1302 }
1303
1304 ffs_data_put(ffs);
1305}
1306
1307
1308static struct ffs_data *ffs_data_new(void)
1309{
1310 struct ffs_data *ffs = kzalloc(sizeof *ffs, GFP_KERNEL);
1311 if (unlikely(!ffs))
1312 return 0;
1313
1314 ENTER();
1315
1316 atomic_set(&ffs->ref, 1);
1317 atomic_set(&ffs->opened, 0);
1318 ffs->state = FFS_READ_DESCRIPTORS;
1319 mutex_init(&ffs->mutex);
1320 spin_lock_init(&ffs->eps_lock);
1321 init_waitqueue_head(&ffs->ev.waitq);
1322 init_completion(&ffs->ep0req_completion);
1323
1324 /* XXX REVISIT need to update it in some places, or do we? */
1325 ffs->ev.can_stall = 1;
1326
1327 return ffs;
1328}
1329
1330
1331static void ffs_data_clear(struct ffs_data *ffs)
1332{
1333 ENTER();
1334
1335 if (test_and_clear_bit(FFS_FL_CALL_CLOSED_CALLBACK, &ffs->flags))
1336 functionfs_closed_callback(ffs);
1337
1338 BUG_ON(ffs->gadget);
1339
1340 if (ffs->epfiles)
1341 ffs_epfiles_destroy(ffs->epfiles, ffs->eps_count);
1342
1343 kfree(ffs->raw_descs);
1344 kfree(ffs->raw_strings);
1345 kfree(ffs->stringtabs);
1346}
1347
1348
1349static void ffs_data_reset(struct ffs_data *ffs)
1350{
1351 ENTER();
1352
1353 ffs_data_clear(ffs);
1354
1355 ffs->epfiles = NULL;
1356 ffs->raw_descs = NULL;
1357 ffs->raw_strings = NULL;
1358 ffs->stringtabs = NULL;
1359
1360 ffs->raw_descs_length = 0;
1361 ffs->raw_fs_descs_length = 0;
1362 ffs->fs_descs_count = 0;
1363 ffs->hs_descs_count = 0;
1364
1365 ffs->strings_count = 0;
1366 ffs->interfaces_count = 0;
1367 ffs->eps_count = 0;
1368
1369 ffs->ev.count = 0;
1370
1371 ffs->state = FFS_READ_DESCRIPTORS;
1372 ffs->setup_state = FFS_NO_SETUP;
1373 ffs->flags = 0;
1374}
1375
1376
1377static int functionfs_bind(struct ffs_data *ffs, struct usb_composite_dev *cdev)
1378{
1379 unsigned i, count;
1380
1381 ENTER();
1382
1383 if (WARN_ON(ffs->state != FFS_ACTIVE
1384 || test_and_set_bit(FFS_FL_BOUND, &ffs->flags)))
1385 return -EBADFD;
1386
1387 ffs_data_get(ffs);
1388
1389 ffs->ep0req = usb_ep_alloc_request(cdev->gadget->ep0, GFP_KERNEL);
1390 if (unlikely(!ffs->ep0req))
1391 return -ENOMEM;
1392 ffs->ep0req->complete = ffs_ep0_complete;
1393 ffs->ep0req->context = ffs;
1394
1395 /* Get strings identifiers */
1396 for (count = ffs->strings_count, i = 0; i < count; ++i) {
1397 struct usb_gadget_strings **lang;
1398
1399 int id = usb_string_id(cdev);
1400 if (unlikely(id < 0)) {
1401 usb_ep_free_request(cdev->gadget->ep0, ffs->ep0req);
1402 ffs->ep0req = NULL;
1403 return id;
1404 }
1405
1406 lang = ffs->stringtabs;
1407 do {
1408 (*lang)->strings[i].id = id;
1409 ++lang;
1410 } while (*lang);
1411 }
1412
1413 ffs->gadget = cdev->gadget;
1414 return 0;
1415}
1416
1417
1418static void functionfs_unbind(struct ffs_data *ffs)
1419{
1420 ENTER();
1421
1422 if (!WARN_ON(!ffs->gadget)) {
1423 usb_ep_free_request(ffs->gadget->ep0, ffs->ep0req);
1424 ffs->ep0req = NULL;
1425 ffs->gadget = NULL;
1426 ffs_data_put(ffs);
1427 }
1428}
1429
1430
1431static int ffs_epfiles_create(struct ffs_data *ffs)
1432{
1433 struct ffs_epfile *epfile, *epfiles;
1434 unsigned i, count;
1435
1436 ENTER();
1437
1438 count = ffs->eps_count;
1439 epfiles = kzalloc(count * sizeof *epfiles, GFP_KERNEL);
1440 if (!epfiles)
1441 return -ENOMEM;
1442
1443 epfile = epfiles;
1444 for (i = 1; i <= count; ++i, ++epfile) {
1445 epfile->ffs = ffs;
1446 mutex_init(&epfile->mutex);
1447 init_waitqueue_head(&epfile->wait);
1448 sprintf(epfiles->name, "ep%u", i);
1449 if (!unlikely(ffs_sb_create_file(ffs->sb, epfiles->name, epfile,
1450 &ffs_epfile_operations,
1451 &epfile->dentry))) {
1452 ffs_epfiles_destroy(epfiles, i - 1);
1453 return -ENOMEM;
1454 }
1455 }
1456
1457 ffs->epfiles = epfiles;
1458 return 0;
1459}
1460
1461
1462static void ffs_epfiles_destroy(struct ffs_epfile *epfiles, unsigned count)
1463{
1464 struct ffs_epfile *epfile = epfiles;
1465
1466 ENTER();
1467
1468 for (; count; --count, ++epfile) {
1469 BUG_ON(mutex_is_locked(&epfile->mutex) ||
1470 waitqueue_active(&epfile->wait));
1471 if (epfile->dentry) {
1472 d_delete(epfile->dentry);
1473 dput(epfile->dentry);
1474 epfile->dentry = NULL;
1475 }
1476 }
1477
1478 kfree(epfiles);
1479}
1480
1481
1482static int functionfs_add(struct usb_composite_dev *cdev,
1483 struct usb_configuration *c,
1484 struct ffs_data *ffs)
1485{
1486 struct ffs_function *func;
1487 int ret;
1488
1489 ENTER();
1490
1491 func = kzalloc(sizeof *func, GFP_KERNEL);
1492 if (unlikely(!func))
1493 return -ENOMEM;
1494
1495 func->function.name = "Function FS Gadget";
1496 func->function.strings = ffs->stringtabs;
1497
1498 func->function.bind = ffs_func_bind;
1499 func->function.unbind = ffs_func_unbind;
1500 func->function.set_alt = ffs_func_set_alt;
1501 /*func->function.get_alt = ffs_func_get_alt;*/
1502 func->function.disable = ffs_func_disable;
1503 func->function.setup = ffs_func_setup;
1504 func->function.suspend = ffs_func_suspend;
1505 func->function.resume = ffs_func_resume;
1506
1507 func->conf = c;
1508 func->gadget = cdev->gadget;
1509 func->ffs = ffs;
1510 ffs_data_get(ffs);
1511
1512 ret = usb_add_function(c, &func->function);
1513 if (unlikely(ret))
1514 ffs_func_free(func);
1515
1516 return ret;
1517}
1518
1519static void ffs_func_free(struct ffs_function *func)
1520{
1521 ENTER();
1522
1523 ffs_data_put(func->ffs);
1524
1525 kfree(func->eps);
1526 /* eps and interfaces_nums are allocated in the same chunk so
1527 * only one free is required. Descriptors are also allocated
1528 * in the same chunk. */
1529
1530 kfree(func);
1531}
1532
1533
1534static void ffs_func_eps_disable(struct ffs_function *func)
1535{
1536 struct ffs_ep *ep = func->eps;
1537 struct ffs_epfile *epfile = func->ffs->epfiles;
1538 unsigned count = func->ffs->eps_count;
1539 unsigned long flags;
1540
1541 spin_lock_irqsave(&func->ffs->eps_lock, flags);
1542 do {
1543 /* pending requests get nuked */
1544 if (likely(ep->ep))
1545 usb_ep_disable(ep->ep);
1546 epfile->ep = NULL;
1547
1548 ++ep;
1549 ++epfile;
1550 } while (--count);
1551 spin_unlock_irqrestore(&func->ffs->eps_lock, flags);
1552}
1553
1554static int ffs_func_eps_enable(struct ffs_function *func)
1555{
1556 struct ffs_data *ffs = func->ffs;
1557 struct ffs_ep *ep = func->eps;
1558 struct ffs_epfile *epfile = ffs->epfiles;
1559 unsigned count = ffs->eps_count;
1560 unsigned long flags;
1561 int ret = 0;
1562
1563 spin_lock_irqsave(&func->ffs->eps_lock, flags);
1564 do {
1565 struct usb_endpoint_descriptor *ds;
1566 ds = ep->descs[ep->descs[1] ? 1 : 0];
1567
1568 ep->ep->driver_data = ep;
1569 ret = usb_ep_enable(ep->ep, ds);
1570 if (likely(!ret)) {
1571 epfile->ep = ep;
1572 epfile->in = usb_endpoint_dir_in(ds);
1573 epfile->isoc = usb_endpoint_xfer_isoc(ds);
1574 } else {
1575 break;
1576 }
1577
1578 wake_up(&epfile->wait);
1579
1580 ++ep;
1581 ++epfile;
1582 } while (--count);
1583 spin_unlock_irqrestore(&func->ffs->eps_lock, flags);
1584
1585 return ret;
1586}
1587
1588
1589/* Parsing and building descriptors and strings *****************************/
1590
1591
1592/* This validates if data pointed by data is a valid USB descriptor as
1593 * well as record how many interfaces, endpoints and strings are
1594 * required by given configuration. Returns address afther the
1595 * descriptor or NULL if data is invalid. */
1596
1597enum ffs_entity_type {
1598 FFS_DESCRIPTOR, FFS_INTERFACE, FFS_STRING, FFS_ENDPOINT
1599};
1600
1601typedef int (*ffs_entity_callback)(enum ffs_entity_type entity,
1602 u8 *valuep,
1603 struct usb_descriptor_header *desc,
1604 void *priv);
1605
1606static int __must_check ffs_do_desc(char *data, unsigned len,
1607 ffs_entity_callback entity, void *priv)
1608{
1609 struct usb_descriptor_header *_ds = (void *)data;
1610 u8 length;
1611 int ret;
1612
1613 ENTER();
1614
1615 /* At least two bytes are required: length and type */
1616 if (len < 2) {
1617 FVDBG("descriptor too short");
1618 return -EINVAL;
1619 }
1620
1621 /* If we have at least as many bytes as the descriptor takes? */
1622 length = _ds->bLength;
1623 if (len < length) {
1624 FVDBG("descriptor longer then available data");
1625 return -EINVAL;
1626 }
1627
1628#define __entity_check_INTERFACE(val) 1
1629#define __entity_check_STRING(val) (val)
1630#define __entity_check_ENDPOINT(val) ((val) & USB_ENDPOINT_NUMBER_MASK)
1631#define __entity(type, val) do { \
1632 FVDBG("entity " #type "(%02x)", (val)); \
1633 if (unlikely(!__entity_check_ ##type(val))) { \
1634 FVDBG("invalid entity's value"); \
1635 return -EINVAL; \
1636 } \
1637 ret = entity(FFS_ ##type, &val, _ds, priv); \
1638 if (unlikely(ret < 0)) { \
1639 FDBG("entity " #type "(%02x); ret = %d", \
1640 (val), ret); \
1641 return ret; \
1642 } \
1643 } while (0)
1644
1645 /* Parse descriptor depending on type. */
1646 switch (_ds->bDescriptorType) {
1647 case USB_DT_DEVICE:
1648 case USB_DT_CONFIG:
1649 case USB_DT_STRING:
1650 case USB_DT_DEVICE_QUALIFIER:
1651 /* function can't have any of those */
1652 FVDBG("descriptor reserved for gadget: %d", _ds->bDescriptorType);
1653 return -EINVAL;
1654
1655 case USB_DT_INTERFACE: {
1656 struct usb_interface_descriptor *ds = (void *)_ds;
1657 FVDBG("interface descriptor");
1658 if (length != sizeof *ds)
1659 goto inv_length;
1660
1661 __entity(INTERFACE, ds->bInterfaceNumber);
1662 if (ds->iInterface)
1663 __entity(STRING, ds->iInterface);
1664 }
1665 break;
1666
1667 case USB_DT_ENDPOINT: {
1668 struct usb_endpoint_descriptor *ds = (void *)_ds;
1669 FVDBG("endpoint descriptor");
1670 if (length != USB_DT_ENDPOINT_SIZE &&
1671 length != USB_DT_ENDPOINT_AUDIO_SIZE)
1672 goto inv_length;
1673 __entity(ENDPOINT, ds->bEndpointAddress);
1674 }
1675 break;
1676
1677 case USB_DT_OTG:
1678 if (length != sizeof(struct usb_otg_descriptor))
1679 goto inv_length;
1680 break;
1681
1682 case USB_DT_INTERFACE_ASSOCIATION: {
1683 struct usb_interface_assoc_descriptor *ds = (void *)_ds;
1684 FVDBG("interface association descriptor");
1685 if (length != sizeof *ds)
1686 goto inv_length;
1687 if (ds->iFunction)
1688 __entity(STRING, ds->iFunction);
1689 }
1690 break;
1691
1692 case USB_DT_OTHER_SPEED_CONFIG:
1693 case USB_DT_INTERFACE_POWER:
1694 case USB_DT_DEBUG:
1695 case USB_DT_SECURITY:
1696 case USB_DT_CS_RADIO_CONTROL:
1697 /* TODO */
1698 FVDBG("unimplemented descriptor: %d", _ds->bDescriptorType);
1699 return -EINVAL;
1700
1701 default:
1702 /* We should never be here */
1703 FVDBG("unknown descriptor: %d", _ds->bDescriptorType);
1704 return -EINVAL;
1705
1706 inv_length:
1707 FVDBG("invalid length: %d (descriptor %d)",
1708 _ds->bLength, _ds->bDescriptorType);
1709 return -EINVAL;
1710 }
1711
1712#undef __entity
1713#undef __entity_check_DESCRIPTOR
1714#undef __entity_check_INTERFACE
1715#undef __entity_check_STRING
1716#undef __entity_check_ENDPOINT
1717
1718 return length;
1719}
1720
1721
1722static int __must_check ffs_do_descs(unsigned count, char *data, unsigned len,
1723 ffs_entity_callback entity, void *priv)
1724{
1725 const unsigned _len = len;
1726 unsigned long num = 0;
1727
1728 ENTER();
1729
1730 for (;;) {
1731 int ret;
1732
1733 if (num == count)
1734 data = NULL;
1735
1736 /* Record "descriptor" entitny */
1737 ret = entity(FFS_DESCRIPTOR, (u8 *)num, (void *)data, priv);
1738 if (unlikely(ret < 0)) {
1739 FDBG("entity DESCRIPTOR(%02lx); ret = %d", num, ret);
1740 return ret;
1741 }
1742
1743 if (!data)
1744 return _len - len;
1745
1746 ret = ffs_do_desc(data, len, entity, priv);
1747 if (unlikely(ret < 0)) {
1748 FDBG("%s returns %d", __func__, ret);
1749 return ret;
1750 }
1751
1752 len -= ret;
1753 data += ret;
1754 ++num;
1755 }
1756}
1757
1758
1759static int __ffs_data_do_entity(enum ffs_entity_type type,
1760 u8 *valuep, struct usb_descriptor_header *desc,
1761 void *priv)
1762{
1763 struct ffs_data *ffs = priv;
1764
1765 ENTER();
1766
1767 switch (type) {
1768 case FFS_DESCRIPTOR:
1769 break;
1770
1771 case FFS_INTERFACE:
1772 /* Interfaces are indexed from zero so if we
1773 * encountered interface "n" then there are at least
1774 * "n+1" interfaces. */
1775 if (*valuep >= ffs->interfaces_count)
1776 ffs->interfaces_count = *valuep + 1;
1777 break;
1778
1779 case FFS_STRING:
1780 /* Strings are indexed from 1 (0 is magic ;) reserved
1781 * for languages list or some such) */
1782 if (*valuep > ffs->strings_count)
1783 ffs->strings_count = *valuep;
1784 break;
1785
1786 case FFS_ENDPOINT:
1787 /* Endpoints are indexed from 1 as well. */
1788 if ((*valuep & USB_ENDPOINT_NUMBER_MASK) > ffs->eps_count)
1789 ffs->eps_count = (*valuep & USB_ENDPOINT_NUMBER_MASK);
1790 break;
1791 }
1792
1793 return 0;
1794}
1795
1796
1797static int __ffs_data_got_descs(struct ffs_data *ffs,
1798 char *const _data, size_t len)
1799{
1800 unsigned fs_count, hs_count;
1801 int fs_len, ret = -EINVAL;
1802 char *data = _data;
1803
1804 ENTER();
1805
1806 if (unlikely(get_unaligned_le32(data) != FUNCTIONFS_DESCRIPTORS_MAGIC ||
1807 get_unaligned_le32(data + 4) != len))
1808 goto error;
1809 fs_count = get_unaligned_le32(data + 8);
1810 hs_count = get_unaligned_le32(data + 12);
1811
1812 if (!fs_count && !hs_count)
1813 goto einval;
1814
1815 data += 16;
1816 len -= 16;
1817
1818 if (likely(fs_count)) {
1819 fs_len = ffs_do_descs(fs_count, data, len,
1820 __ffs_data_do_entity, ffs);
1821 if (unlikely(fs_len < 0)) {
1822 ret = fs_len;
1823 goto error;
1824 }
1825
1826 data += fs_len;
1827 len -= fs_len;
1828 } else {
1829 fs_len = 0;
1830 }
1831
1832 if (likely(hs_count)) {
1833 ret = ffs_do_descs(hs_count, data, len,
1834 __ffs_data_do_entity, ffs);
1835 if (unlikely(ret < 0))
1836 goto error;
1837 } else {
1838 ret = 0;
1839 }
1840
1841 if (unlikely(len != ret))
1842 goto einval;
1843
1844 ffs->raw_fs_descs_length = fs_len;
1845 ffs->raw_descs_length = fs_len + ret;
1846 ffs->raw_descs = _data;
1847 ffs->fs_descs_count = fs_count;
1848 ffs->hs_descs_count = hs_count;
1849
1850 return 0;
1851
1852einval:
1853 ret = -EINVAL;
1854error:
1855 kfree(_data);
1856 return ret;
1857}
1858
1859
1860
1861static int __ffs_data_got_strings(struct ffs_data *ffs,
1862 char *const _data, size_t len)
1863{
1864 u32 str_count, needed_count, lang_count;
1865 struct usb_gadget_strings **stringtabs, *t;
1866 struct usb_string *strings, *s;
1867 const char *data = _data;
1868
1869 ENTER();
1870
1871 if (unlikely(get_unaligned_le32(data) != FUNCTIONFS_STRINGS_MAGIC ||
1872 get_unaligned_le32(data + 4) != len))
1873 goto error;
1874 str_count = get_unaligned_le32(data + 8);
1875 lang_count = get_unaligned_le32(data + 12);
1876
1877 /* if one is zero the other must be zero */
1878 if (unlikely(!str_count != !lang_count))
1879 goto error;
1880
1881 /* Do we have at least as many strings as descriptors need? */
1882 needed_count = ffs->strings_count;
1883 if (unlikely(str_count < needed_count))
1884 goto error;
1885
1886 /* If we don't need any strings just return and free all
1887 * memory */
1888 if (!needed_count) {
1889 kfree(_data);
1890 return 0;
1891 }
1892
1893 /* Allocate */
1894 {
1895 /* Allocate everything in one chunk so there's less
1896 * maintanance. */
1897 struct {
1898 struct usb_gadget_strings *stringtabs[lang_count + 1];
1899 struct usb_gadget_strings stringtab[lang_count];
1900 struct usb_string strings[lang_count*(needed_count+1)];
1901 } *d;
1902 unsigned i = 0;
1903
1904 d = kmalloc(sizeof *d, GFP_KERNEL);
1905 if (unlikely(!d)) {
1906 kfree(_data);
1907 return -ENOMEM;
1908 }
1909
1910 stringtabs = d->stringtabs;
1911 t = d->stringtab;
1912 i = lang_count;
1913 do {
1914 *stringtabs++ = t++;
1915 } while (--i);
1916 *stringtabs = NULL;
1917
1918 stringtabs = d->stringtabs;
1919 t = d->stringtab;
1920 s = d->strings;
1921 strings = s;
1922 }
1923
1924 /* For each language */
1925 data += 16;
1926 len -= 16;
1927
1928 do { /* lang_count > 0 so we can use do-while */
1929 unsigned needed = needed_count;
1930
1931 if (unlikely(len < 3))
1932 goto error_free;
1933 t->language = get_unaligned_le16(data);
1934 t->strings = s;
1935 ++t;
1936
1937 data += 2;
1938 len -= 2;
1939
1940 /* For each string */
1941 do { /* str_count > 0 so we can use do-while */
1942 size_t length = strnlen(data, len);
1943
1944 if (unlikely(length == len))
1945 goto error_free;
1946
1947 /* user may provide more strings then we need,
1948 * if that's the case we simply ingore the
1949 * rest */
1950 if (likely(needed)) {
1951 /* s->id will be set while adding
1952 * function to configuration so for
1953 * now just leave garbage here. */
1954 s->s = data;
1955 --needed;
1956 ++s;
1957 }
1958
1959 data += length + 1;
1960 len -= length + 1;
1961 } while (--str_count);
1962
1963 s->id = 0; /* terminator */
1964 s->s = NULL;
1965 ++s;
1966
1967 } while (--lang_count);
1968
1969 /* Some garbage left? */
1970 if (unlikely(len))
1971 goto error_free;
1972
1973 /* Done! */
1974 ffs->stringtabs = stringtabs;
1975 ffs->raw_strings = _data;
1976
1977 return 0;
1978
1979error_free:
1980 kfree(stringtabs);
1981error:
1982 kfree(_data);
1983 return -EINVAL;
1984}
1985
1986
1987
1988
1989/* Events handling and management *******************************************/
1990
1991static void __ffs_event_add(struct ffs_data *ffs,
1992 enum usb_functionfs_event_type type)
1993{
1994 enum usb_functionfs_event_type rem_type1, rem_type2 = type;
1995 int neg = 0;
1996
1997 /* Abort any unhandled setup */
1998 /* We do not need to worry about some cmpxchg() changing value
1999 * of ffs->setup_state without holding the lock because when
2000 * state is FFS_SETUP_PENDING cmpxchg() in several places in
2001 * the source does nothing. */
2002 if (ffs->setup_state == FFS_SETUP_PENDING)
2003 ffs->setup_state = FFS_SETUP_CANCELED;
2004
2005 switch (type) {
2006 case FUNCTIONFS_RESUME:
2007 rem_type2 = FUNCTIONFS_SUSPEND;
2008 /* FALL THGOUTH */
2009 case FUNCTIONFS_SUSPEND:
2010 case FUNCTIONFS_SETUP:
2011 rem_type1 = type;
2012 /* discard all similar events */
2013 break;
2014
2015 case FUNCTIONFS_BIND:
2016 case FUNCTIONFS_UNBIND:
2017 case FUNCTIONFS_DISABLE:
2018 case FUNCTIONFS_ENABLE:
2019 /* discard everything other then power management. */
2020 rem_type1 = FUNCTIONFS_SUSPEND;
2021 rem_type2 = FUNCTIONFS_RESUME;
2022 neg = 1;
2023 break;
2024
2025 default:
2026 BUG();
2027 }
2028
2029 {
2030 u8 *ev = ffs->ev.types, *out = ev;
2031 unsigned n = ffs->ev.count;
2032 for (; n; --n, ++ev)
2033 if ((*ev == rem_type1 || *ev == rem_type2) == neg)
2034 *out++ = *ev;
2035 else
2036 FVDBG("purging event %d", *ev);
2037 ffs->ev.count = out - ffs->ev.types;
2038 }
2039
2040 FVDBG("adding event %d", type);
2041 ffs->ev.types[ffs->ev.count++] = type;
2042 wake_up_locked(&ffs->ev.waitq);
2043}
2044
2045static void ffs_event_add(struct ffs_data *ffs,
2046 enum usb_functionfs_event_type type)
2047{
2048 unsigned long flags;
2049 spin_lock_irqsave(&ffs->ev.waitq.lock, flags);
2050 __ffs_event_add(ffs, type);
2051 spin_unlock_irqrestore(&ffs->ev.waitq.lock, flags);
2052}
2053
2054
2055/* Bind/unbind USB function hooks *******************************************/
2056
2057static int __ffs_func_bind_do_descs(enum ffs_entity_type type, u8 *valuep,
2058 struct usb_descriptor_header *desc,
2059 void *priv)
2060{
2061 struct usb_endpoint_descriptor *ds = (void *)desc;
2062 struct ffs_function *func = priv;
2063 struct ffs_ep *ffs_ep;
2064
2065 /* If hs_descriptors is not NULL then we are reading hs
2066 * descriptors now */
2067 const int isHS = func->function.hs_descriptors != NULL;
2068 unsigned idx;
2069
2070 if (type != FFS_DESCRIPTOR)
2071 return 0;
2072
2073 if (isHS)
2074 func->function.hs_descriptors[(long)valuep] = desc;
2075 else
2076 func->function.descriptors[(long)valuep] = desc;
2077
2078 if (!desc || desc->bDescriptorType != USB_DT_ENDPOINT)
2079 return 0;
2080
2081 idx = (ds->bEndpointAddress & USB_ENDPOINT_NUMBER_MASK) - 1;
2082 ffs_ep = func->eps + idx;
2083
2084 if (unlikely(ffs_ep->descs[isHS])) {
2085 FVDBG("two %sspeed descriptors for EP %d",
2086 isHS ? "high" : "full",
2087 ds->bEndpointAddress & USB_ENDPOINT_NUMBER_MASK);
2088 return -EINVAL;
2089 }
2090 ffs_ep->descs[isHS] = ds;
2091
2092 ffs_dump_mem(": Original ep desc", ds, ds->bLength);
2093 if (ffs_ep->ep) {
2094 ds->bEndpointAddress = ffs_ep->descs[0]->bEndpointAddress;
2095 if (!ds->wMaxPacketSize)
2096 ds->wMaxPacketSize = ffs_ep->descs[0]->wMaxPacketSize;
2097 } else {
2098 struct usb_request *req;
2099 struct usb_ep *ep;
2100
2101 FVDBG("autoconfig");
2102 ep = usb_ep_autoconfig(func->gadget, ds);
2103 if (unlikely(!ep))
2104 return -ENOTSUPP;
2105 ep->driver_data = func->eps + idx;;
2106
2107 req = usb_ep_alloc_request(ep, GFP_KERNEL);
2108 if (unlikely(!req))
2109 return -ENOMEM;
2110
2111 ffs_ep->ep = ep;
2112 ffs_ep->req = req;
2113 func->eps_revmap[ds->bEndpointAddress &
2114 USB_ENDPOINT_NUMBER_MASK] = idx + 1;
2115 }
2116 ffs_dump_mem(": Rewritten ep desc", ds, ds->bLength);
2117
2118 return 0;
2119}
2120
2121
2122static int __ffs_func_bind_do_nums(enum ffs_entity_type type, u8 *valuep,
2123 struct usb_descriptor_header *desc,
2124 void *priv)
2125{
2126 struct ffs_function *func = priv;
2127 unsigned idx;
2128 u8 newValue;
2129
2130 switch (type) {
2131 default:
2132 case FFS_DESCRIPTOR:
2133 /* Handled in previous pass by __ffs_func_bind_do_descs() */
2134 return 0;
2135
2136 case FFS_INTERFACE:
2137 idx = *valuep;
2138 if (func->interfaces_nums[idx] < 0) {
2139 int id = usb_interface_id(func->conf, &func->function);
2140 if (unlikely(id < 0))
2141 return id;
2142 func->interfaces_nums[idx] = id;
2143 }
2144 newValue = func->interfaces_nums[idx];
2145 break;
2146
2147 case FFS_STRING:
2148 /* String' IDs are allocated when fsf_data is bound to cdev */
2149 newValue = func->ffs->stringtabs[0]->strings[*valuep - 1].id;
2150 break;
2151
2152 case FFS_ENDPOINT:
2153 /* USB_DT_ENDPOINT are handled in
2154 * __ffs_func_bind_do_descs(). */
2155 if (desc->bDescriptorType == USB_DT_ENDPOINT)
2156 return 0;
2157
2158 idx = (*valuep & USB_ENDPOINT_NUMBER_MASK) - 1;
2159 if (unlikely(!func->eps[idx].ep))
2160 return -EINVAL;
2161
2162 {
2163 struct usb_endpoint_descriptor **descs;
2164 descs = func->eps[idx].descs;
2165 newValue = descs[descs[0] ? 0 : 1]->bEndpointAddress;
2166 }
2167 break;
2168 }
2169
2170 FVDBG("%02x -> %02x", *valuep, newValue);
2171 *valuep = newValue;
2172 return 0;
2173}
2174
2175static int ffs_func_bind(struct usb_configuration *c,
2176 struct usb_function *f)
2177{
2178 struct ffs_function *func = ffs_func_from_usb(f);
2179 struct ffs_data *ffs = func->ffs;
2180
2181 const int full = !!func->ffs->fs_descs_count;
2182 const int high = gadget_is_dualspeed(func->gadget) &&
2183 func->ffs->hs_descs_count;
2184
2185 int ret;
2186
2187 /* Make it a single chunk, less management later on */
2188 struct {
2189 struct ffs_ep eps[ffs->eps_count];
2190 struct usb_descriptor_header
2191 *fs_descs[full ? ffs->fs_descs_count + 1 : 0];
2192 struct usb_descriptor_header
2193 *hs_descs[high ? ffs->hs_descs_count + 1 : 0];
2194 short inums[ffs->interfaces_count];
2195 char raw_descs[high ? ffs->raw_descs_length
2196 : ffs->raw_fs_descs_length];
2197 } *data;
2198
2199 ENTER();
2200
2201 /* Only high speed but not supported by gadget? */
2202 if (unlikely(!(full | high)))
2203 return -ENOTSUPP;
2204
2205 /* Allocate */
2206 data = kmalloc(sizeof *data, GFP_KERNEL);
2207 if (unlikely(!data))
2208 return -ENOMEM;
2209
2210 /* Zero */
2211 memset(data->eps, 0, sizeof data->eps);
2212 memcpy(data->raw_descs, ffs->raw_descs + 16, sizeof data->raw_descs);
2213 memset(data->inums, 0xff, sizeof data->inums);
2214 for (ret = ffs->eps_count; ret; --ret)
2215 data->eps[ret].num = -1;
2216
2217 /* Save pointers */
2218 func->eps = data->eps;
2219 func->interfaces_nums = data->inums;
2220
2221 /* Go throught all the endpoint descriptors and allocate
2222 * endpoints first, so that later we can rewrite the endpoint
2223 * numbers without worying that it may be described later on. */
2224 if (likely(full)) {
2225 func->function.descriptors = data->fs_descs;
2226 ret = ffs_do_descs(ffs->fs_descs_count,
2227 data->raw_descs,
2228 sizeof data->raw_descs,
2229 __ffs_func_bind_do_descs, func);
2230 if (unlikely(ret < 0))
2231 goto error;
2232 } else {
2233 ret = 0;
2234 }
2235
2236 if (likely(high)) {
2237 func->function.hs_descriptors = data->hs_descs;
2238 ret = ffs_do_descs(ffs->hs_descs_count,
2239 data->raw_descs + ret,
2240 (sizeof data->raw_descs) - ret,
2241 __ffs_func_bind_do_descs, func);
2242 }
2243
2244 /* Now handle interface numbers allocation and interface and
2245 * enpoint numbers rewritting. We can do that in one go
2246 * now. */
2247 ret = ffs_do_descs(ffs->fs_descs_count +
2248 (high ? ffs->hs_descs_count : 0),
2249 data->raw_descs, sizeof data->raw_descs,
2250 __ffs_func_bind_do_nums, func);
2251 if (unlikely(ret < 0))
2252 goto error;
2253
2254 /* And we're done */
2255 ffs_event_add(ffs, FUNCTIONFS_BIND);
2256 return 0;
2257
2258error:
2259 /* XXX Do we need to release all claimed endpoints here? */
2260 return ret;
2261}
2262
2263
2264/* Other USB function hooks *************************************************/
2265
2266static void ffs_func_unbind(struct usb_configuration *c,
2267 struct usb_function *f)
2268{
2269 struct ffs_function *func = ffs_func_from_usb(f);
2270 struct ffs_data *ffs = func->ffs;
2271
2272 ENTER();
2273
2274 if (ffs->func == func) {
2275 ffs_func_eps_disable(func);
2276 ffs->func = NULL;
2277 }
2278
2279 ffs_event_add(ffs, FUNCTIONFS_UNBIND);
2280
2281 ffs_func_free(func);
2282}
2283
2284
2285static int ffs_func_set_alt(struct usb_function *f,
2286 unsigned interface, unsigned alt)
2287{
2288 struct ffs_function *func = ffs_func_from_usb(f);
2289 struct ffs_data *ffs = func->ffs;
2290 int ret = 0, intf;
2291
2292 if (alt != (unsigned)-1) {
2293 intf = ffs_func_revmap_intf(func, interface);
2294 if (unlikely(intf < 0))
2295 return intf;
2296 }
2297
2298 if (ffs->func)
2299 ffs_func_eps_disable(ffs->func);
2300
2301 if (ffs->state != FFS_ACTIVE)
2302 return -ENODEV;
2303
2304 if (alt == (unsigned)-1) {
2305 ffs->func = NULL;
2306 ffs_event_add(ffs, FUNCTIONFS_DISABLE);
2307 return 0;
2308 }
2309
2310 ffs->func = func;
2311 ret = ffs_func_eps_enable(func);
2312 if (likely(ret >= 0))
2313 ffs_event_add(ffs, FUNCTIONFS_ENABLE);
2314 return ret;
2315}
2316
2317static void ffs_func_disable(struct usb_function *f)
2318{
2319 ffs_func_set_alt(f, 0, (unsigned)-1);
2320}
2321
2322static int ffs_func_setup(struct usb_function *f,
2323 const struct usb_ctrlrequest *creq)
2324{
2325 struct ffs_function *func = ffs_func_from_usb(f);
2326 struct ffs_data *ffs = func->ffs;
2327 unsigned long flags;
2328 int ret;
2329
2330 ENTER();
2331
2332 FVDBG("creq->bRequestType = %02x", creq->bRequestType);
2333 FVDBG("creq->bRequest = %02x", creq->bRequest);
2334 FVDBG("creq->wValue = %04x", le16_to_cpu(creq->wValue));
2335 FVDBG("creq->wIndex = %04x", le16_to_cpu(creq->wIndex));
2336 FVDBG("creq->wLength = %04x", le16_to_cpu(creq->wLength));
2337
2338 /* Most requests directed to interface go throught here
2339 * (notable exceptions are set/get interface) so we need to
2340 * handle them. All other either handled by composite or
2341 * passed to usb_configuration->setup() (if one is set). No
2342 * matter, we will handle requests directed to endpoint here
2343 * as well (as it's straightforward) but what to do with any
2344 * other request? */
2345
2346 if (ffs->state != FFS_ACTIVE)
2347 return -ENODEV;
2348
2349 switch (creq->bRequestType & USB_RECIP_MASK) {
2350 case USB_RECIP_INTERFACE:
2351 ret = ffs_func_revmap_intf(func, le16_to_cpu(creq->wIndex));
2352 if (unlikely(ret < 0))
2353 return ret;
2354 break;
2355
2356 case USB_RECIP_ENDPOINT:
2357 ret = ffs_func_revmap_ep(func, le16_to_cpu(creq->wIndex));
2358 if (unlikely(ret < 0))
2359 return ret;
2360 break;
2361
2362 default:
2363 return -EOPNOTSUPP;
2364 }
2365
2366 spin_lock_irqsave(&ffs->ev.waitq.lock, flags);
2367 ffs->ev.setup = *creq;
2368 ffs->ev.setup.wIndex = cpu_to_le16(ret);
2369 __ffs_event_add(ffs, FUNCTIONFS_SETUP);
2370 spin_unlock_irqrestore(&ffs->ev.waitq.lock, flags);
2371
2372 return 0;
2373}
2374
2375static void ffs_func_suspend(struct usb_function *f)
2376{
2377 ENTER();
2378 ffs_event_add(ffs_func_from_usb(f)->ffs, FUNCTIONFS_SUSPEND);
2379}
2380
2381static void ffs_func_resume(struct usb_function *f)
2382{
2383 ENTER();
2384 ffs_event_add(ffs_func_from_usb(f)->ffs, FUNCTIONFS_RESUME);
2385}
2386
2387
2388
2389/* Enpoint and interface numbers reverse mapping ****************************/
2390
2391static int ffs_func_revmap_ep(struct ffs_function *func, u8 num)
2392{
2393 num = func->eps_revmap[num & USB_ENDPOINT_NUMBER_MASK];
2394 return num ? num : -EDOM;
2395}
2396
2397static int ffs_func_revmap_intf(struct ffs_function *func, u8 intf)
2398{
2399 short *nums = func->interfaces_nums;
2400 unsigned count = func->ffs->interfaces_count;
2401
2402 for (; count; --count, ++nums) {
2403 if (*nums >= 0 && *nums == intf)
2404 return nums - func->interfaces_nums;
2405 }
2406
2407 return -EDOM;
2408}
2409
2410
2411/* Misc helper functions ****************************************************/
2412
2413static int ffs_mutex_lock(struct mutex *mutex, unsigned nonblock)
2414{
2415 return nonblock
2416 ? likely(mutex_trylock(mutex)) ? 0 : -EAGAIN
2417 : mutex_lock_interruptible(mutex);
2418}
2419
2420
2421static char *ffs_prepare_buffer(const char * __user buf, size_t len)
2422{
2423 char *data;
2424
2425 if (unlikely(!len))
2426 return NULL;
2427
2428 data = kmalloc(len, GFP_KERNEL);
2429 if (unlikely(!data))
2430 return ERR_PTR(-ENOMEM);
2431
2432 if (unlikely(__copy_from_user(data, buf, len))) {
2433 kfree(data);
2434 return ERR_PTR(-EFAULT);
2435 }
2436
2437 FVDBG("Buffer from user space:");
2438 ffs_dump_mem("", data, len);
2439
2440 return data;
2441}
generated by cgit v1.2.2 (git 2.25.0) at 2025-01-03 00:45:28 -0500