Loading...
1/*
2 * cdc-wdm.c
3 *
4 * This driver supports USB CDC WCM Device Management.
5 *
6 * Copyright (c) 2007-2009 Oliver Neukum
7 *
8 * Some code taken from cdc-acm.c
9 *
10 * Released under the GPLv2.
11 *
12 * Many thanks to Carl Nordbeck
13 */
14#include <linux/kernel.h>
15#include <linux/errno.h>
16#include <linux/ioctl.h>
17#include <linux/slab.h>
18#include <linux/module.h>
19#include <linux/mutex.h>
20#include <linux/uaccess.h>
21#include <linux/bitops.h>
22#include <linux/poll.h>
23#include <linux/usb.h>
24#include <linux/usb/cdc.h>
25#include <asm/byteorder.h>
26#include <asm/unaligned.h>
27#include <linux/usb/cdc-wdm.h>
28
29/*
30 * Version Information
31 */
32#define DRIVER_VERSION "v0.03"
33#define DRIVER_AUTHOR "Oliver Neukum"
34#define DRIVER_DESC "USB Abstract Control Model driver for USB WCM Device Management"
35
36static const struct usb_device_id wdm_ids[] = {
37 {
38 .match_flags = USB_DEVICE_ID_MATCH_INT_CLASS |
39 USB_DEVICE_ID_MATCH_INT_SUBCLASS,
40 .bInterfaceClass = USB_CLASS_COMM,
41 .bInterfaceSubClass = USB_CDC_SUBCLASS_DMM
42 },
43 { }
44};
45
46MODULE_DEVICE_TABLE (usb, wdm_ids);
47
48#define WDM_MINOR_BASE 176
49
50
51#define WDM_IN_USE 1
52#define WDM_DISCONNECTING 2
53#define WDM_RESULT 3
54#define WDM_READ 4
55#define WDM_INT_STALL 5
56#define WDM_POLL_RUNNING 6
57#define WDM_RESPONDING 7
58#define WDM_SUSPENDING 8
59#define WDM_RESETTING 9
60#define WDM_OVERFLOW 10
61
62#define WDM_MAX 16
63
64/* CDC-WMC r1.1 requires wMaxCommand to be "at least 256 decimal (0x100)" */
65#define WDM_DEFAULT_BUFSIZE 256
66
67static DEFINE_MUTEX(wdm_mutex);
68static DEFINE_SPINLOCK(wdm_device_list_lock);
69static LIST_HEAD(wdm_device_list);
70
71/* --- method tables --- */
72
73struct wdm_device {
74 u8 *inbuf; /* buffer for response */
75 u8 *outbuf; /* buffer for command */
76 u8 *sbuf; /* buffer for status */
77 u8 *ubuf; /* buffer for copy to user space */
78
79 struct urb *command;
80 struct urb *response;
81 struct urb *validity;
82 struct usb_interface *intf;
83 struct usb_ctrlrequest *orq;
84 struct usb_ctrlrequest *irq;
85 spinlock_t iuspin;
86
87 unsigned long flags;
88 u16 bufsize;
89 u16 wMaxCommand;
90 u16 wMaxPacketSize;
91 __le16 inum;
92 int reslength;
93 int length;
94 int read;
95 int count;
96 dma_addr_t shandle;
97 dma_addr_t ihandle;
98 struct mutex wlock;
99 struct mutex rlock;
100 wait_queue_head_t wait;
101 struct work_struct rxwork;
102 int werr;
103 int rerr;
104 int resp_count;
105
106 struct list_head device_list;
107 int (*manage_power)(struct usb_interface *, int);
108};
109
110static struct usb_driver wdm_driver;
111
112/* return intfdata if we own the interface, else look up intf in the list */
113static struct wdm_device *wdm_find_device(struct usb_interface *intf)
114{
115 struct wdm_device *desc;
116
117 spin_lock(&wdm_device_list_lock);
118 list_for_each_entry(desc, &wdm_device_list, device_list)
119 if (desc->intf == intf)
120 goto found;
121 desc = NULL;
122found:
123 spin_unlock(&wdm_device_list_lock);
124
125 return desc;
126}
127
128static struct wdm_device *wdm_find_device_by_minor(int minor)
129{
130 struct wdm_device *desc;
131
132 spin_lock(&wdm_device_list_lock);
133 list_for_each_entry(desc, &wdm_device_list, device_list)
134 if (desc->intf->minor == minor)
135 goto found;
136 desc = NULL;
137found:
138 spin_unlock(&wdm_device_list_lock);
139
140 return desc;
141}
142
143/* --- callbacks --- */
144static void wdm_out_callback(struct urb *urb)
145{
146 struct wdm_device *desc;
147 desc = urb->context;
148 spin_lock(&desc->iuspin);
149 desc->werr = urb->status;
150 spin_unlock(&desc->iuspin);
151 kfree(desc->outbuf);
152 desc->outbuf = NULL;
153 clear_bit(WDM_IN_USE, &desc->flags);
154 wake_up(&desc->wait);
155}
156
157static void wdm_in_callback(struct urb *urb)
158{
159 struct wdm_device *desc = urb->context;
160 int status = urb->status;
161 int length = urb->actual_length;
162
163 spin_lock(&desc->iuspin);
164 clear_bit(WDM_RESPONDING, &desc->flags);
165
166 if (status) {
167 switch (status) {
168 case -ENOENT:
169 dev_dbg(&desc->intf->dev,
170 "nonzero urb status received: -ENOENT");
171 goto skip_error;
172 case -ECONNRESET:
173 dev_dbg(&desc->intf->dev,
174 "nonzero urb status received: -ECONNRESET");
175 goto skip_error;
176 case -ESHUTDOWN:
177 dev_dbg(&desc->intf->dev,
178 "nonzero urb status received: -ESHUTDOWN");
179 goto skip_error;
180 case -EPIPE:
181 dev_err(&desc->intf->dev,
182 "nonzero urb status received: -EPIPE\n");
183 break;
184 default:
185 dev_err(&desc->intf->dev,
186 "Unexpected error %d\n", status);
187 break;
188 }
189 }
190
191 desc->rerr = status;
192 if (length + desc->length > desc->wMaxCommand) {
193 /* The buffer would overflow */
194 set_bit(WDM_OVERFLOW, &desc->flags);
195 } else {
196 /* we may already be in overflow */
197 if (!test_bit(WDM_OVERFLOW, &desc->flags)) {
198 memmove(desc->ubuf + desc->length, desc->inbuf, length);
199 desc->length += length;
200 desc->reslength = length;
201 }
202 }
203skip_error:
204 wake_up(&desc->wait);
205
206 set_bit(WDM_READ, &desc->flags);
207 spin_unlock(&desc->iuspin);
208}
209
210static void wdm_int_callback(struct urb *urb)
211{
212 int rv = 0;
213 int responding;
214 int status = urb->status;
215 struct wdm_device *desc;
216 struct usb_cdc_notification *dr;
217
218 desc = urb->context;
219 dr = (struct usb_cdc_notification *)desc->sbuf;
220
221 if (status) {
222 switch (status) {
223 case -ESHUTDOWN:
224 case -ENOENT:
225 case -ECONNRESET:
226 return; /* unplug */
227 case -EPIPE:
228 set_bit(WDM_INT_STALL, &desc->flags);
229 dev_err(&desc->intf->dev, "Stall on int endpoint\n");
230 goto sw; /* halt is cleared in work */
231 default:
232 dev_err(&desc->intf->dev,
233 "nonzero urb status received: %d\n", status);
234 break;
235 }
236 }
237
238 if (urb->actual_length < sizeof(struct usb_cdc_notification)) {
239 dev_err(&desc->intf->dev, "wdm_int_callback - %d bytes\n",
240 urb->actual_length);
241 goto exit;
242 }
243
244 switch (dr->bNotificationType) {
245 case USB_CDC_NOTIFY_RESPONSE_AVAILABLE:
246 dev_dbg(&desc->intf->dev,
247 "NOTIFY_RESPONSE_AVAILABLE received: index %d len %d",
248 dr->wIndex, dr->wLength);
249 break;
250
251 case USB_CDC_NOTIFY_NETWORK_CONNECTION:
252
253 dev_dbg(&desc->intf->dev,
254 "NOTIFY_NETWORK_CONNECTION %s network",
255 dr->wValue ? "connected to" : "disconnected from");
256 goto exit;
257 case USB_CDC_NOTIFY_SPEED_CHANGE:
258 dev_dbg(&desc->intf->dev, "SPEED_CHANGE received (len %u)",
259 urb->actual_length);
260 goto exit;
261 default:
262 clear_bit(WDM_POLL_RUNNING, &desc->flags);
263 dev_err(&desc->intf->dev,
264 "unknown notification %d received: index %d len %d\n",
265 dr->bNotificationType, dr->wIndex, dr->wLength);
266 goto exit;
267 }
268
269 spin_lock(&desc->iuspin);
270 responding = test_and_set_bit(WDM_RESPONDING, &desc->flags);
271 if (!desc->resp_count++ && !responding
272 && !test_bit(WDM_DISCONNECTING, &desc->flags)
273 && !test_bit(WDM_SUSPENDING, &desc->flags)) {
274 rv = usb_submit_urb(desc->response, GFP_ATOMIC);
275 dev_dbg(&desc->intf->dev, "%s: usb_submit_urb %d",
276 __func__, rv);
277 }
278 spin_unlock(&desc->iuspin);
279 if (rv < 0) {
280 clear_bit(WDM_RESPONDING, &desc->flags);
281 if (rv == -EPERM)
282 return;
283 if (rv == -ENOMEM) {
284sw:
285 rv = schedule_work(&desc->rxwork);
286 if (rv)
287 dev_err(&desc->intf->dev,
288 "Cannot schedule work\n");
289 }
290 }
291exit:
292 rv = usb_submit_urb(urb, GFP_ATOMIC);
293 if (rv)
294 dev_err(&desc->intf->dev,
295 "%s - usb_submit_urb failed with result %d\n",
296 __func__, rv);
297
298}
299
300static void kill_urbs(struct wdm_device *desc)
301{
302 /* the order here is essential */
303 usb_kill_urb(desc->command);
304 usb_kill_urb(desc->validity);
305 usb_kill_urb(desc->response);
306}
307
308static void free_urbs(struct wdm_device *desc)
309{
310 usb_free_urb(desc->validity);
311 usb_free_urb(desc->response);
312 usb_free_urb(desc->command);
313}
314
315static void cleanup(struct wdm_device *desc)
316{
317 kfree(desc->sbuf);
318 kfree(desc->inbuf);
319 kfree(desc->orq);
320 kfree(desc->irq);
321 kfree(desc->ubuf);
322 free_urbs(desc);
323 kfree(desc);
324}
325
326static ssize_t wdm_write
327(struct file *file, const char __user *buffer, size_t count, loff_t *ppos)
328{
329 u8 *buf;
330 int rv = -EMSGSIZE, r, we;
331 struct wdm_device *desc = file->private_data;
332 struct usb_ctrlrequest *req;
333
334 if (count > desc->wMaxCommand)
335 count = desc->wMaxCommand;
336
337 spin_lock_irq(&desc->iuspin);
338 we = desc->werr;
339 desc->werr = 0;
340 spin_unlock_irq(&desc->iuspin);
341 if (we < 0)
342 return -EIO;
343
344 buf = kmalloc(count, GFP_KERNEL);
345 if (!buf) {
346 rv = -ENOMEM;
347 goto outnl;
348 }
349
350 r = copy_from_user(buf, buffer, count);
351 if (r > 0) {
352 kfree(buf);
353 rv = -EFAULT;
354 goto outnl;
355 }
356
357 /* concurrent writes and disconnect */
358 r = mutex_lock_interruptible(&desc->wlock);
359 rv = -ERESTARTSYS;
360 if (r) {
361 kfree(buf);
362 goto outnl;
363 }
364
365 if (test_bit(WDM_DISCONNECTING, &desc->flags)) {
366 kfree(buf);
367 rv = -ENODEV;
368 goto outnp;
369 }
370
371 r = usb_autopm_get_interface(desc->intf);
372 if (r < 0) {
373 kfree(buf);
374 rv = usb_translate_errors(r);
375 goto outnp;
376 }
377
378 if (!(file->f_flags & O_NONBLOCK))
379 r = wait_event_interruptible(desc->wait, !test_bit(WDM_IN_USE,
380 &desc->flags));
381 else
382 if (test_bit(WDM_IN_USE, &desc->flags))
383 r = -EAGAIN;
384
385 if (test_bit(WDM_RESETTING, &desc->flags))
386 r = -EIO;
387
388 if (r < 0) {
389 kfree(buf);
390 rv = r;
391 goto out;
392 }
393
394 req = desc->orq;
395 usb_fill_control_urb(
396 desc->command,
397 interface_to_usbdev(desc->intf),
398 /* using common endpoint 0 */
399 usb_sndctrlpipe(interface_to_usbdev(desc->intf), 0),
400 (unsigned char *)req,
401 buf,
402 count,
403 wdm_out_callback,
404 desc
405 );
406
407 req->bRequestType = (USB_DIR_OUT | USB_TYPE_CLASS |
408 USB_RECIP_INTERFACE);
409 req->bRequest = USB_CDC_SEND_ENCAPSULATED_COMMAND;
410 req->wValue = 0;
411 req->wIndex = desc->inum;
412 req->wLength = cpu_to_le16(count);
413 set_bit(WDM_IN_USE, &desc->flags);
414 desc->outbuf = buf;
415
416 rv = usb_submit_urb(desc->command, GFP_KERNEL);
417 if (rv < 0) {
418 kfree(buf);
419 desc->outbuf = NULL;
420 clear_bit(WDM_IN_USE, &desc->flags);
421 dev_err(&desc->intf->dev, "Tx URB error: %d\n", rv);
422 rv = usb_translate_errors(rv);
423 } else {
424 dev_dbg(&desc->intf->dev, "Tx URB has been submitted index=%d",
425 req->wIndex);
426 }
427out:
428 usb_autopm_put_interface(desc->intf);
429outnp:
430 mutex_unlock(&desc->wlock);
431outnl:
432 return rv < 0 ? rv : count;
433}
434
435/*
436 * clear WDM_READ flag and possibly submit the read urb if resp_count
437 * is non-zero.
438 *
439 * Called with desc->iuspin locked
440 */
441static int clear_wdm_read_flag(struct wdm_device *desc)
442{
443 int rv = 0;
444
445 clear_bit(WDM_READ, &desc->flags);
446
447 /* submit read urb only if the device is waiting for it */
448 if (!desc->resp_count || !--desc->resp_count)
449 goto out;
450
451 set_bit(WDM_RESPONDING, &desc->flags);
452 spin_unlock_irq(&desc->iuspin);
453 rv = usb_submit_urb(desc->response, GFP_KERNEL);
454 spin_lock_irq(&desc->iuspin);
455 if (rv) {
456 dev_err(&desc->intf->dev,
457 "usb_submit_urb failed with result %d\n", rv);
458
459 /* make sure the next notification trigger a submit */
460 clear_bit(WDM_RESPONDING, &desc->flags);
461 desc->resp_count = 0;
462 }
463out:
464 return rv;
465}
466
467static ssize_t wdm_read
468(struct file *file, char __user *buffer, size_t count, loff_t *ppos)
469{
470 int rv, cntr;
471 int i = 0;
472 struct wdm_device *desc = file->private_data;
473
474
475 rv = mutex_lock_interruptible(&desc->rlock); /*concurrent reads */
476 if (rv < 0)
477 return -ERESTARTSYS;
478
479 cntr = ACCESS_ONCE(desc->length);
480 if (cntr == 0) {
481 desc->read = 0;
482retry:
483 if (test_bit(WDM_DISCONNECTING, &desc->flags)) {
484 rv = -ENODEV;
485 goto err;
486 }
487 if (test_bit(WDM_OVERFLOW, &desc->flags)) {
488 clear_bit(WDM_OVERFLOW, &desc->flags);
489 rv = -ENOBUFS;
490 goto err;
491 }
492 i++;
493 if (file->f_flags & O_NONBLOCK) {
494 if (!test_bit(WDM_READ, &desc->flags)) {
495 rv = cntr ? cntr : -EAGAIN;
496 goto err;
497 }
498 rv = 0;
499 } else {
500 rv = wait_event_interruptible(desc->wait,
501 test_bit(WDM_READ, &desc->flags));
502 }
503
504 /* may have happened while we slept */
505 if (test_bit(WDM_DISCONNECTING, &desc->flags)) {
506 rv = -ENODEV;
507 goto err;
508 }
509 if (test_bit(WDM_RESETTING, &desc->flags)) {
510 rv = -EIO;
511 goto err;
512 }
513 usb_mark_last_busy(interface_to_usbdev(desc->intf));
514 if (rv < 0) {
515 rv = -ERESTARTSYS;
516 goto err;
517 }
518
519 spin_lock_irq(&desc->iuspin);
520
521 if (desc->rerr) { /* read completed, error happened */
522 desc->rerr = 0;
523 spin_unlock_irq(&desc->iuspin);
524 rv = -EIO;
525 goto err;
526 }
527 /*
528 * recheck whether we've lost the race
529 * against the completion handler
530 */
531 if (!test_bit(WDM_READ, &desc->flags)) { /* lost race */
532 spin_unlock_irq(&desc->iuspin);
533 goto retry;
534 }
535
536 if (!desc->reslength) { /* zero length read */
537 dev_dbg(&desc->intf->dev, "%s: zero length - clearing WDM_READ\n", __func__);
538 rv = clear_wdm_read_flag(desc);
539 spin_unlock_irq(&desc->iuspin);
540 if (rv < 0)
541 goto err;
542 goto retry;
543 }
544 cntr = desc->length;
545 spin_unlock_irq(&desc->iuspin);
546 }
547
548 if (cntr > count)
549 cntr = count;
550 rv = copy_to_user(buffer, desc->ubuf, cntr);
551 if (rv > 0) {
552 rv = -EFAULT;
553 goto err;
554 }
555
556 spin_lock_irq(&desc->iuspin);
557
558 for (i = 0; i < desc->length - cntr; i++)
559 desc->ubuf[i] = desc->ubuf[i + cntr];
560
561 desc->length -= cntr;
562 /* in case we had outstanding data */
563 if (!desc->length)
564 clear_wdm_read_flag(desc);
565 spin_unlock_irq(&desc->iuspin);
566 rv = cntr;
567
568err:
569 mutex_unlock(&desc->rlock);
570 return rv;
571}
572
573static int wdm_flush(struct file *file, fl_owner_t id)
574{
575 struct wdm_device *desc = file->private_data;
576
577 wait_event(desc->wait, !test_bit(WDM_IN_USE, &desc->flags));
578
579 /* cannot dereference desc->intf if WDM_DISCONNECTING */
580 if (desc->werr < 0 && !test_bit(WDM_DISCONNECTING, &desc->flags))
581 dev_err(&desc->intf->dev, "Error in flush path: %d\n",
582 desc->werr);
583
584 return usb_translate_errors(desc->werr);
585}
586
587static unsigned int wdm_poll(struct file *file, struct poll_table_struct *wait)
588{
589 struct wdm_device *desc = file->private_data;
590 unsigned long flags;
591 unsigned int mask = 0;
592
593 spin_lock_irqsave(&desc->iuspin, flags);
594 if (test_bit(WDM_DISCONNECTING, &desc->flags)) {
595 mask = POLLHUP | POLLERR;
596 spin_unlock_irqrestore(&desc->iuspin, flags);
597 goto desc_out;
598 }
599 if (test_bit(WDM_READ, &desc->flags))
600 mask = POLLIN | POLLRDNORM;
601 if (desc->rerr || desc->werr)
602 mask |= POLLERR;
603 if (!test_bit(WDM_IN_USE, &desc->flags))
604 mask |= POLLOUT | POLLWRNORM;
605 spin_unlock_irqrestore(&desc->iuspin, flags);
606
607 poll_wait(file, &desc->wait, wait);
608
609desc_out:
610 return mask;
611}
612
613static int wdm_open(struct inode *inode, struct file *file)
614{
615 int minor = iminor(inode);
616 int rv = -ENODEV;
617 struct usb_interface *intf;
618 struct wdm_device *desc;
619
620 mutex_lock(&wdm_mutex);
621 desc = wdm_find_device_by_minor(minor);
622 if (!desc)
623 goto out;
624
625 intf = desc->intf;
626 if (test_bit(WDM_DISCONNECTING, &desc->flags))
627 goto out;
628 file->private_data = desc;
629
630 rv = usb_autopm_get_interface(desc->intf);
631 if (rv < 0) {
632 dev_err(&desc->intf->dev, "Error autopm - %d\n", rv);
633 goto out;
634 }
635
636 /* using write lock to protect desc->count */
637 mutex_lock(&desc->wlock);
638 if (!desc->count++) {
639 desc->werr = 0;
640 desc->rerr = 0;
641 rv = usb_submit_urb(desc->validity, GFP_KERNEL);
642 if (rv < 0) {
643 desc->count--;
644 dev_err(&desc->intf->dev,
645 "Error submitting int urb - %d\n", rv);
646 rv = usb_translate_errors(rv);
647 }
648 } else {
649 rv = 0;
650 }
651 mutex_unlock(&desc->wlock);
652 if (desc->count == 1)
653 desc->manage_power(intf, 1);
654 usb_autopm_put_interface(desc->intf);
655out:
656 mutex_unlock(&wdm_mutex);
657 return rv;
658}
659
660static int wdm_release(struct inode *inode, struct file *file)
661{
662 struct wdm_device *desc = file->private_data;
663
664 mutex_lock(&wdm_mutex);
665
666 /* using write lock to protect desc->count */
667 mutex_lock(&desc->wlock);
668 desc->count--;
669 mutex_unlock(&desc->wlock);
670
671 if (!desc->count) {
672 if (!test_bit(WDM_DISCONNECTING, &desc->flags)) {
673 dev_dbg(&desc->intf->dev, "wdm_release: cleanup");
674 kill_urbs(desc);
675 spin_lock_irq(&desc->iuspin);
676 desc->resp_count = 0;
677 spin_unlock_irq(&desc->iuspin);
678 desc->manage_power(desc->intf, 0);
679 } else {
680 /* must avoid dev_printk here as desc->intf is invalid */
681 pr_debug(KBUILD_MODNAME " %s: device gone - cleaning up\n", __func__);
682 cleanup(desc);
683 }
684 }
685 mutex_unlock(&wdm_mutex);
686 return 0;
687}
688
689static long wdm_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
690{
691 struct wdm_device *desc = file->private_data;
692 int rv = 0;
693
694 switch (cmd) {
695 case IOCTL_WDM_MAX_COMMAND:
696 if (copy_to_user((void __user *)arg, &desc->wMaxCommand, sizeof(desc->wMaxCommand)))
697 rv = -EFAULT;
698 break;
699 default:
700 rv = -ENOTTY;
701 }
702 return rv;
703}
704
705static const struct file_operations wdm_fops = {
706 .owner = THIS_MODULE,
707 .read = wdm_read,
708 .write = wdm_write,
709 .open = wdm_open,
710 .flush = wdm_flush,
711 .release = wdm_release,
712 .poll = wdm_poll,
713 .unlocked_ioctl = wdm_ioctl,
714 .compat_ioctl = wdm_ioctl,
715 .llseek = noop_llseek,
716};
717
718static struct usb_class_driver wdm_class = {
719 .name = "cdc-wdm%d",
720 .fops = &wdm_fops,
721 .minor_base = WDM_MINOR_BASE,
722};
723
724/* --- error handling --- */
725static void wdm_rxwork(struct work_struct *work)
726{
727 struct wdm_device *desc = container_of(work, struct wdm_device, rxwork);
728 unsigned long flags;
729 int rv = 0;
730 int responding;
731
732 spin_lock_irqsave(&desc->iuspin, flags);
733 if (test_bit(WDM_DISCONNECTING, &desc->flags)) {
734 spin_unlock_irqrestore(&desc->iuspin, flags);
735 } else {
736 responding = test_and_set_bit(WDM_RESPONDING, &desc->flags);
737 spin_unlock_irqrestore(&desc->iuspin, flags);
738 if (!responding)
739 rv = usb_submit_urb(desc->response, GFP_KERNEL);
740 if (rv < 0 && rv != -EPERM) {
741 spin_lock_irqsave(&desc->iuspin, flags);
742 clear_bit(WDM_RESPONDING, &desc->flags);
743 if (!test_bit(WDM_DISCONNECTING, &desc->flags))
744 schedule_work(&desc->rxwork);
745 spin_unlock_irqrestore(&desc->iuspin, flags);
746 }
747 }
748}
749
750/* --- hotplug --- */
751
752static int wdm_create(struct usb_interface *intf, struct usb_endpoint_descriptor *ep,
753 u16 bufsize, int (*manage_power)(struct usb_interface *, int))
754{
755 int rv = -ENOMEM;
756 struct wdm_device *desc;
757
758 desc = kzalloc(sizeof(struct wdm_device), GFP_KERNEL);
759 if (!desc)
760 goto out;
761 INIT_LIST_HEAD(&desc->device_list);
762 mutex_init(&desc->rlock);
763 mutex_init(&desc->wlock);
764 spin_lock_init(&desc->iuspin);
765 init_waitqueue_head(&desc->wait);
766 desc->wMaxCommand = bufsize;
767 /* this will be expanded and needed in hardware endianness */
768 desc->inum = cpu_to_le16((u16)intf->cur_altsetting->desc.bInterfaceNumber);
769 desc->intf = intf;
770 INIT_WORK(&desc->rxwork, wdm_rxwork);
771
772 rv = -EINVAL;
773 if (!usb_endpoint_is_int_in(ep))
774 goto err;
775
776 desc->wMaxPacketSize = usb_endpoint_maxp(ep);
777
778 desc->orq = kmalloc(sizeof(struct usb_ctrlrequest), GFP_KERNEL);
779 if (!desc->orq)
780 goto err;
781 desc->irq = kmalloc(sizeof(struct usb_ctrlrequest), GFP_KERNEL);
782 if (!desc->irq)
783 goto err;
784
785 desc->validity = usb_alloc_urb(0, GFP_KERNEL);
786 if (!desc->validity)
787 goto err;
788
789 desc->response = usb_alloc_urb(0, GFP_KERNEL);
790 if (!desc->response)
791 goto err;
792
793 desc->command = usb_alloc_urb(0, GFP_KERNEL);
794 if (!desc->command)
795 goto err;
796
797 desc->ubuf = kmalloc(desc->wMaxCommand, GFP_KERNEL);
798 if (!desc->ubuf)
799 goto err;
800
801 desc->sbuf = kmalloc(desc->wMaxPacketSize, GFP_KERNEL);
802 if (!desc->sbuf)
803 goto err;
804
805 desc->inbuf = kmalloc(desc->wMaxCommand, GFP_KERNEL);
806 if (!desc->inbuf)
807 goto err;
808
809 usb_fill_int_urb(
810 desc->validity,
811 interface_to_usbdev(intf),
812 usb_rcvintpipe(interface_to_usbdev(intf), ep->bEndpointAddress),
813 desc->sbuf,
814 desc->wMaxPacketSize,
815 wdm_int_callback,
816 desc,
817 ep->bInterval
818 );
819
820 desc->irq->bRequestType = (USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_INTERFACE);
821 desc->irq->bRequest = USB_CDC_GET_ENCAPSULATED_RESPONSE;
822 desc->irq->wValue = 0;
823 desc->irq->wIndex = desc->inum;
824 desc->irq->wLength = cpu_to_le16(desc->wMaxCommand);
825
826 usb_fill_control_urb(
827 desc->response,
828 interface_to_usbdev(intf),
829 /* using common endpoint 0 */
830 usb_rcvctrlpipe(interface_to_usbdev(desc->intf), 0),
831 (unsigned char *)desc->irq,
832 desc->inbuf,
833 desc->wMaxCommand,
834 wdm_in_callback,
835 desc
836 );
837
838 desc->manage_power = manage_power;
839
840 spin_lock(&wdm_device_list_lock);
841 list_add(&desc->device_list, &wdm_device_list);
842 spin_unlock(&wdm_device_list_lock);
843
844 rv = usb_register_dev(intf, &wdm_class);
845 if (rv < 0)
846 goto err;
847 else
848 dev_info(&intf->dev, "%s: USB WDM device\n", dev_name(intf->usb_dev));
849out:
850 return rv;
851err:
852 spin_lock(&wdm_device_list_lock);
853 list_del(&desc->device_list);
854 spin_unlock(&wdm_device_list_lock);
855 cleanup(desc);
856 return rv;
857}
858
859static int wdm_manage_power(struct usb_interface *intf, int on)
860{
861 /* need autopm_get/put here to ensure the usbcore sees the new value */
862 int rv = usb_autopm_get_interface(intf);
863
864 intf->needs_remote_wakeup = on;
865 if (!rv)
866 usb_autopm_put_interface(intf);
867 return 0;
868}
869
870static int wdm_probe(struct usb_interface *intf, const struct usb_device_id *id)
871{
872 int rv = -EINVAL;
873 struct usb_host_interface *iface;
874 struct usb_endpoint_descriptor *ep;
875 struct usb_cdc_dmm_desc *dmhd;
876 u8 *buffer = intf->altsetting->extra;
877 int buflen = intf->altsetting->extralen;
878 u16 maxcom = WDM_DEFAULT_BUFSIZE;
879
880 if (!buffer)
881 goto err;
882 while (buflen > 2) {
883 if (buffer[1] != USB_DT_CS_INTERFACE) {
884 dev_err(&intf->dev, "skipping garbage\n");
885 goto next_desc;
886 }
887
888 switch (buffer[2]) {
889 case USB_CDC_HEADER_TYPE:
890 break;
891 case USB_CDC_DMM_TYPE:
892 dmhd = (struct usb_cdc_dmm_desc *)buffer;
893 maxcom = le16_to_cpu(dmhd->wMaxCommand);
894 dev_dbg(&intf->dev,
895 "Finding maximum buffer length: %d", maxcom);
896 break;
897 default:
898 dev_err(&intf->dev,
899 "Ignoring extra header, type %d, length %d\n",
900 buffer[2], buffer[0]);
901 break;
902 }
903next_desc:
904 buflen -= buffer[0];
905 buffer += buffer[0];
906 }
907
908 iface = intf->cur_altsetting;
909 if (iface->desc.bNumEndpoints != 1)
910 goto err;
911 ep = &iface->endpoint[0].desc;
912
913 rv = wdm_create(intf, ep, maxcom, &wdm_manage_power);
914
915err:
916 return rv;
917}
918
919/**
920 * usb_cdc_wdm_register - register a WDM subdriver
921 * @intf: usb interface the subdriver will associate with
922 * @ep: interrupt endpoint to monitor for notifications
923 * @bufsize: maximum message size to support for read/write
924 *
925 * Create WDM usb class character device and associate it with intf
926 * without binding, allowing another driver to manage the interface.
927 *
928 * The subdriver will manage the given interrupt endpoint exclusively
929 * and will issue control requests referring to the given intf. It
930 * will otherwise avoid interferring, and in particular not do
931 * usb_set_intfdata/usb_get_intfdata on intf.
932 *
933 * The return value is a pointer to the subdriver's struct usb_driver.
934 * The registering driver is responsible for calling this subdriver's
935 * disconnect, suspend, resume, pre_reset and post_reset methods from
936 * its own.
937 */
938struct usb_driver *usb_cdc_wdm_register(struct usb_interface *intf,
939 struct usb_endpoint_descriptor *ep,
940 int bufsize,
941 int (*manage_power)(struct usb_interface *, int))
942{
943 int rv = -EINVAL;
944
945 rv = wdm_create(intf, ep, bufsize, manage_power);
946 if (rv < 0)
947 goto err;
948
949 return &wdm_driver;
950err:
951 return ERR_PTR(rv);
952}
953EXPORT_SYMBOL(usb_cdc_wdm_register);
954
955static void wdm_disconnect(struct usb_interface *intf)
956{
957 struct wdm_device *desc;
958 unsigned long flags;
959
960 usb_deregister_dev(intf, &wdm_class);
961 desc = wdm_find_device(intf);
962 mutex_lock(&wdm_mutex);
963
964 /* the spinlock makes sure no new urbs are generated in the callbacks */
965 spin_lock_irqsave(&desc->iuspin, flags);
966 set_bit(WDM_DISCONNECTING, &desc->flags);
967 set_bit(WDM_READ, &desc->flags);
968 /* to terminate pending flushes */
969 clear_bit(WDM_IN_USE, &desc->flags);
970 spin_unlock_irqrestore(&desc->iuspin, flags);
971 wake_up_all(&desc->wait);
972 mutex_lock(&desc->rlock);
973 mutex_lock(&desc->wlock);
974 kill_urbs(desc);
975 cancel_work_sync(&desc->rxwork);
976 mutex_unlock(&desc->wlock);
977 mutex_unlock(&desc->rlock);
978
979 /* the desc->intf pointer used as list key is now invalid */
980 spin_lock(&wdm_device_list_lock);
981 list_del(&desc->device_list);
982 spin_unlock(&wdm_device_list_lock);
983
984 if (!desc->count)
985 cleanup(desc);
986 else
987 dev_dbg(&intf->dev, "%s: %d open files - postponing cleanup\n", __func__, desc->count);
988 mutex_unlock(&wdm_mutex);
989}
990
991#ifdef CONFIG_PM
992static int wdm_suspend(struct usb_interface *intf, pm_message_t message)
993{
994 struct wdm_device *desc = wdm_find_device(intf);
995 int rv = 0;
996
997 dev_dbg(&desc->intf->dev, "wdm%d_suspend\n", intf->minor);
998
999 /* if this is an autosuspend the caller does the locking */
1000 if (!PMSG_IS_AUTO(message)) {
1001 mutex_lock(&desc->rlock);
1002 mutex_lock(&desc->wlock);
1003 }
1004 spin_lock_irq(&desc->iuspin);
1005
1006 if (PMSG_IS_AUTO(message) &&
1007 (test_bit(WDM_IN_USE, &desc->flags)
1008 || test_bit(WDM_RESPONDING, &desc->flags))) {
1009 spin_unlock_irq(&desc->iuspin);
1010 rv = -EBUSY;
1011 } else {
1012
1013 set_bit(WDM_SUSPENDING, &desc->flags);
1014 spin_unlock_irq(&desc->iuspin);
1015 /* callback submits work - order is essential */
1016 kill_urbs(desc);
1017 cancel_work_sync(&desc->rxwork);
1018 }
1019 if (!PMSG_IS_AUTO(message)) {
1020 mutex_unlock(&desc->wlock);
1021 mutex_unlock(&desc->rlock);
1022 }
1023
1024 return rv;
1025}
1026#endif
1027
1028static int recover_from_urb_loss(struct wdm_device *desc)
1029{
1030 int rv = 0;
1031
1032 if (desc->count) {
1033 rv = usb_submit_urb(desc->validity, GFP_NOIO);
1034 if (rv < 0)
1035 dev_err(&desc->intf->dev,
1036 "Error resume submitting int urb - %d\n", rv);
1037 }
1038 return rv;
1039}
1040
1041#ifdef CONFIG_PM
1042static int wdm_resume(struct usb_interface *intf)
1043{
1044 struct wdm_device *desc = wdm_find_device(intf);
1045 int rv;
1046
1047 dev_dbg(&desc->intf->dev, "wdm%d_resume\n", intf->minor);
1048
1049 clear_bit(WDM_SUSPENDING, &desc->flags);
1050 rv = recover_from_urb_loss(desc);
1051
1052 return rv;
1053}
1054#endif
1055
1056static int wdm_pre_reset(struct usb_interface *intf)
1057{
1058 struct wdm_device *desc = wdm_find_device(intf);
1059
1060 /*
1061 * we notify everybody using poll of
1062 * an exceptional situation
1063 * must be done before recovery lest a spontaneous
1064 * message from the device is lost
1065 */
1066 spin_lock_irq(&desc->iuspin);
1067 set_bit(WDM_RESETTING, &desc->flags); /* inform read/write */
1068 set_bit(WDM_READ, &desc->flags); /* unblock read */
1069 clear_bit(WDM_IN_USE, &desc->flags); /* unblock write */
1070 desc->rerr = -EINTR;
1071 spin_unlock_irq(&desc->iuspin);
1072 wake_up_all(&desc->wait);
1073 mutex_lock(&desc->rlock);
1074 mutex_lock(&desc->wlock);
1075 kill_urbs(desc);
1076 cancel_work_sync(&desc->rxwork);
1077 return 0;
1078}
1079
1080static int wdm_post_reset(struct usb_interface *intf)
1081{
1082 struct wdm_device *desc = wdm_find_device(intf);
1083 int rv;
1084
1085 clear_bit(WDM_OVERFLOW, &desc->flags);
1086 clear_bit(WDM_RESETTING, &desc->flags);
1087 rv = recover_from_urb_loss(desc);
1088 mutex_unlock(&desc->wlock);
1089 mutex_unlock(&desc->rlock);
1090 return 0;
1091}
1092
1093static struct usb_driver wdm_driver = {
1094 .name = "cdc_wdm",
1095 .probe = wdm_probe,
1096 .disconnect = wdm_disconnect,
1097#ifdef CONFIG_PM
1098 .suspend = wdm_suspend,
1099 .resume = wdm_resume,
1100 .reset_resume = wdm_resume,
1101#endif
1102 .pre_reset = wdm_pre_reset,
1103 .post_reset = wdm_post_reset,
1104 .id_table = wdm_ids,
1105 .supports_autosuspend = 1,
1106 .disable_hub_initiated_lpm = 1,
1107};
1108
1109module_usb_driver(wdm_driver);
1110
1111MODULE_AUTHOR(DRIVER_AUTHOR);
1112MODULE_DESCRIPTION(DRIVER_DESC);
1113MODULE_LICENSE("GPL");
1/*
2 * cdc-wdm.c
3 *
4 * This driver supports USB CDC WCM Device Management.
5 *
6 * Copyright (c) 2007-2009 Oliver Neukum
7 *
8 * Some code taken from cdc-acm.c
9 *
10 * Released under the GPLv2.
11 *
12 * Many thanks to Carl Nordbeck
13 */
14#include <linux/kernel.h>
15#include <linux/errno.h>
16#include <linux/ioctl.h>
17#include <linux/slab.h>
18#include <linux/module.h>
19#include <linux/mutex.h>
20#include <linux/uaccess.h>
21#include <linux/bitops.h>
22#include <linux/poll.h>
23#include <linux/usb.h>
24#include <linux/usb/cdc.h>
25#include <asm/byteorder.h>
26#include <asm/unaligned.h>
27#include <linux/usb/cdc-wdm.h>
28
29/*
30 * Version Information
31 */
32#define DRIVER_VERSION "v0.03"
33#define DRIVER_AUTHOR "Oliver Neukum"
34#define DRIVER_DESC "USB Abstract Control Model driver for USB WCM Device Management"
35
36static const struct usb_device_id wdm_ids[] = {
37 {
38 .match_flags = USB_DEVICE_ID_MATCH_INT_CLASS |
39 USB_DEVICE_ID_MATCH_INT_SUBCLASS,
40 .bInterfaceClass = USB_CLASS_COMM,
41 .bInterfaceSubClass = USB_CDC_SUBCLASS_DMM
42 },
43 { }
44};
45
46MODULE_DEVICE_TABLE (usb, wdm_ids);
47
48#define WDM_MINOR_BASE 176
49
50
51#define WDM_IN_USE 1
52#define WDM_DISCONNECTING 2
53#define WDM_RESULT 3
54#define WDM_READ 4
55#define WDM_INT_STALL 5
56#define WDM_POLL_RUNNING 6
57#define WDM_RESPONDING 7
58#define WDM_SUSPENDING 8
59#define WDM_RESETTING 9
60#define WDM_OVERFLOW 10
61#define WDM_DRAIN_ON_OPEN 11
62
63#define WDM_MAX 16
64
65/* CDC-WMC r1.1 requires wMaxCommand to be "at least 256 decimal (0x100)" */
66#define WDM_DEFAULT_BUFSIZE 256
67
68static DEFINE_MUTEX(wdm_mutex);
69static DEFINE_SPINLOCK(wdm_device_list_lock);
70static LIST_HEAD(wdm_device_list);
71
72/* --- method tables --- */
73
74struct wdm_device {
75 u8 *inbuf; /* buffer for response */
76 u8 *outbuf; /* buffer for command */
77 u8 *sbuf; /* buffer for status */
78 u8 *ubuf; /* buffer for copy to user space */
79
80 struct urb *command;
81 struct urb *response;
82 struct urb *validity;
83 struct usb_interface *intf;
84 struct usb_ctrlrequest *orq;
85 struct usb_ctrlrequest *irq;
86 spinlock_t iuspin;
87
88 unsigned long flags;
89 u16 bufsize;
90 u16 wMaxCommand;
91 u16 wMaxPacketSize;
92 __le16 inum;
93 int reslength;
94 int length;
95 int read;
96 int count;
97 dma_addr_t shandle;
98 dma_addr_t ihandle;
99 struct mutex wlock;
100 struct mutex rlock;
101 wait_queue_head_t wait;
102 struct work_struct rxwork;
103 int werr;
104 int rerr;
105 int resp_count;
106
107 struct list_head device_list;
108 int (*manage_power)(struct usb_interface *, int);
109};
110
111static struct usb_driver wdm_driver;
112
113/* return intfdata if we own the interface, else look up intf in the list */
114static struct wdm_device *wdm_find_device(struct usb_interface *intf)
115{
116 struct wdm_device *desc;
117
118 spin_lock(&wdm_device_list_lock);
119 list_for_each_entry(desc, &wdm_device_list, device_list)
120 if (desc->intf == intf)
121 goto found;
122 desc = NULL;
123found:
124 spin_unlock(&wdm_device_list_lock);
125
126 return desc;
127}
128
129static struct wdm_device *wdm_find_device_by_minor(int minor)
130{
131 struct wdm_device *desc;
132
133 spin_lock(&wdm_device_list_lock);
134 list_for_each_entry(desc, &wdm_device_list, device_list)
135 if (desc->intf->minor == minor)
136 goto found;
137 desc = NULL;
138found:
139 spin_unlock(&wdm_device_list_lock);
140
141 return desc;
142}
143
144/* --- callbacks --- */
145static void wdm_out_callback(struct urb *urb)
146{
147 struct wdm_device *desc;
148 desc = urb->context;
149 spin_lock(&desc->iuspin);
150 desc->werr = urb->status;
151 spin_unlock(&desc->iuspin);
152 kfree(desc->outbuf);
153 desc->outbuf = NULL;
154 clear_bit(WDM_IN_USE, &desc->flags);
155 wake_up(&desc->wait);
156}
157
158/* forward declaration */
159static int service_outstanding_interrupt(struct wdm_device *desc);
160
161static void wdm_in_callback(struct urb *urb)
162{
163 struct wdm_device *desc = urb->context;
164 int status = urb->status;
165 int length = urb->actual_length;
166
167 spin_lock(&desc->iuspin);
168 clear_bit(WDM_RESPONDING, &desc->flags);
169
170 if (status) {
171 switch (status) {
172 case -ENOENT:
173 dev_dbg(&desc->intf->dev,
174 "nonzero urb status received: -ENOENT\n");
175 goto skip_error;
176 case -ECONNRESET:
177 dev_dbg(&desc->intf->dev,
178 "nonzero urb status received: -ECONNRESET\n");
179 goto skip_error;
180 case -ESHUTDOWN:
181 dev_dbg(&desc->intf->dev,
182 "nonzero urb status received: -ESHUTDOWN\n");
183 goto skip_error;
184 case -EPIPE:
185 dev_dbg(&desc->intf->dev,
186 "nonzero urb status received: -EPIPE\n");
187 break;
188 default:
189 dev_err(&desc->intf->dev,
190 "Unexpected error %d\n", status);
191 break;
192 }
193 }
194
195 /*
196 * only set a new error if there is no previous error.
197 * Errors are only cleared during read/open
198 */
199 if (desc->rerr == 0)
200 desc->rerr = status;
201
202 if (length + desc->length > desc->wMaxCommand) {
203 /* The buffer would overflow */
204 set_bit(WDM_OVERFLOW, &desc->flags);
205 } else {
206 /* we may already be in overflow */
207 if (!test_bit(WDM_OVERFLOW, &desc->flags)) {
208 memmove(desc->ubuf + desc->length, desc->inbuf, length);
209 desc->length += length;
210 desc->reslength = length;
211 }
212 }
213
214 /*
215 * Handling devices with the WDM_DRAIN_ON_OPEN flag set:
216 * If desc->resp_count is unset, then the urb was submitted
217 * without a prior notification. If the device returned any
218 * data, then this implies that it had messages queued without
219 * notifying us. Continue reading until that queue is flushed.
220 */
221 if (!desc->resp_count) {
222 if (!length) {
223 /* do not propagate the expected -EPIPE */
224 desc->rerr = 0;
225 goto unlock;
226 }
227 dev_dbg(&desc->intf->dev, "got %d bytes without notification\n", length);
228 set_bit(WDM_RESPONDING, &desc->flags);
229 usb_submit_urb(desc->response, GFP_ATOMIC);
230 }
231
232skip_error:
233 set_bit(WDM_READ, &desc->flags);
234 wake_up(&desc->wait);
235
236 if (desc->rerr) {
237 /*
238 * Since there was an error, userspace may decide to not read
239 * any data after poll'ing.
240 * We should respond to further attempts from the device to send
241 * data, so that we can get unstuck.
242 */
243 service_outstanding_interrupt(desc);
244 }
245
246unlock:
247 spin_unlock(&desc->iuspin);
248}
249
250static void wdm_int_callback(struct urb *urb)
251{
252 int rv = 0;
253 int responding;
254 int status = urb->status;
255 struct wdm_device *desc;
256 struct usb_cdc_notification *dr;
257
258 desc = urb->context;
259 dr = (struct usb_cdc_notification *)desc->sbuf;
260
261 if (status) {
262 switch (status) {
263 case -ESHUTDOWN:
264 case -ENOENT:
265 case -ECONNRESET:
266 return; /* unplug */
267 case -EPIPE:
268 set_bit(WDM_INT_STALL, &desc->flags);
269 dev_err(&desc->intf->dev, "Stall on int endpoint\n");
270 goto sw; /* halt is cleared in work */
271 default:
272 dev_err(&desc->intf->dev,
273 "nonzero urb status received: %d\n", status);
274 break;
275 }
276 }
277
278 if (urb->actual_length < sizeof(struct usb_cdc_notification)) {
279 dev_err(&desc->intf->dev, "wdm_int_callback - %d bytes\n",
280 urb->actual_length);
281 goto exit;
282 }
283
284 switch (dr->bNotificationType) {
285 case USB_CDC_NOTIFY_RESPONSE_AVAILABLE:
286 dev_dbg(&desc->intf->dev,
287 "NOTIFY_RESPONSE_AVAILABLE received: index %d len %d\n",
288 le16_to_cpu(dr->wIndex), le16_to_cpu(dr->wLength));
289 break;
290
291 case USB_CDC_NOTIFY_NETWORK_CONNECTION:
292
293 dev_dbg(&desc->intf->dev,
294 "NOTIFY_NETWORK_CONNECTION %s network\n",
295 dr->wValue ? "connected to" : "disconnected from");
296 goto exit;
297 case USB_CDC_NOTIFY_SPEED_CHANGE:
298 dev_dbg(&desc->intf->dev, "SPEED_CHANGE received (len %u)\n",
299 urb->actual_length);
300 goto exit;
301 default:
302 clear_bit(WDM_POLL_RUNNING, &desc->flags);
303 dev_err(&desc->intf->dev,
304 "unknown notification %d received: index %d len %d\n",
305 dr->bNotificationType,
306 le16_to_cpu(dr->wIndex),
307 le16_to_cpu(dr->wLength));
308 goto exit;
309 }
310
311 spin_lock(&desc->iuspin);
312 responding = test_and_set_bit(WDM_RESPONDING, &desc->flags);
313 if (!desc->resp_count++ && !responding
314 && !test_bit(WDM_DISCONNECTING, &desc->flags)
315 && !test_bit(WDM_SUSPENDING, &desc->flags)) {
316 rv = usb_submit_urb(desc->response, GFP_ATOMIC);
317 dev_dbg(&desc->intf->dev, "submit response URB %d\n", rv);
318 }
319 spin_unlock(&desc->iuspin);
320 if (rv < 0) {
321 clear_bit(WDM_RESPONDING, &desc->flags);
322 if (rv == -EPERM)
323 return;
324 if (rv == -ENOMEM) {
325sw:
326 rv = schedule_work(&desc->rxwork);
327 if (rv)
328 dev_err(&desc->intf->dev,
329 "Cannot schedule work\n");
330 }
331 }
332exit:
333 rv = usb_submit_urb(urb, GFP_ATOMIC);
334 if (rv)
335 dev_err(&desc->intf->dev,
336 "%s - usb_submit_urb failed with result %d\n",
337 __func__, rv);
338
339}
340
341static void kill_urbs(struct wdm_device *desc)
342{
343 /* the order here is essential */
344 usb_kill_urb(desc->command);
345 usb_kill_urb(desc->validity);
346 usb_kill_urb(desc->response);
347}
348
349static void free_urbs(struct wdm_device *desc)
350{
351 usb_free_urb(desc->validity);
352 usb_free_urb(desc->response);
353 usb_free_urb(desc->command);
354}
355
356static void cleanup(struct wdm_device *desc)
357{
358 kfree(desc->sbuf);
359 kfree(desc->inbuf);
360 kfree(desc->orq);
361 kfree(desc->irq);
362 kfree(desc->ubuf);
363 free_urbs(desc);
364 kfree(desc);
365}
366
367static ssize_t wdm_write
368(struct file *file, const char __user *buffer, size_t count, loff_t *ppos)
369{
370 u8 *buf;
371 int rv = -EMSGSIZE, r, we;
372 struct wdm_device *desc = file->private_data;
373 struct usb_ctrlrequest *req;
374
375 if (count > desc->wMaxCommand)
376 count = desc->wMaxCommand;
377
378 spin_lock_irq(&desc->iuspin);
379 we = desc->werr;
380 desc->werr = 0;
381 spin_unlock_irq(&desc->iuspin);
382 if (we < 0)
383 return usb_translate_errors(we);
384
385 buf = kmalloc(count, GFP_KERNEL);
386 if (!buf) {
387 rv = -ENOMEM;
388 goto outnl;
389 }
390
391 r = copy_from_user(buf, buffer, count);
392 if (r > 0) {
393 rv = -EFAULT;
394 goto out_free_mem;
395 }
396
397 /* concurrent writes and disconnect */
398 r = mutex_lock_interruptible(&desc->wlock);
399 rv = -ERESTARTSYS;
400 if (r)
401 goto out_free_mem;
402
403 if (test_bit(WDM_DISCONNECTING, &desc->flags)) {
404 rv = -ENODEV;
405 goto out_free_mem_lock;
406 }
407
408 r = usb_autopm_get_interface(desc->intf);
409 if (r < 0) {
410 rv = usb_translate_errors(r);
411 goto out_free_mem_lock;
412 }
413
414 if (!(file->f_flags & O_NONBLOCK))
415 r = wait_event_interruptible(desc->wait, !test_bit(WDM_IN_USE,
416 &desc->flags));
417 else
418 if (test_bit(WDM_IN_USE, &desc->flags))
419 r = -EAGAIN;
420
421 if (test_bit(WDM_RESETTING, &desc->flags))
422 r = -EIO;
423
424 if (r < 0) {
425 rv = r;
426 goto out_free_mem_pm;
427 }
428
429 req = desc->orq;
430 usb_fill_control_urb(
431 desc->command,
432 interface_to_usbdev(desc->intf),
433 /* using common endpoint 0 */
434 usb_sndctrlpipe(interface_to_usbdev(desc->intf), 0),
435 (unsigned char *)req,
436 buf,
437 count,
438 wdm_out_callback,
439 desc
440 );
441
442 req->bRequestType = (USB_DIR_OUT | USB_TYPE_CLASS |
443 USB_RECIP_INTERFACE);
444 req->bRequest = USB_CDC_SEND_ENCAPSULATED_COMMAND;
445 req->wValue = 0;
446 req->wIndex = desc->inum; /* already converted */
447 req->wLength = cpu_to_le16(count);
448 set_bit(WDM_IN_USE, &desc->flags);
449 desc->outbuf = buf;
450
451 rv = usb_submit_urb(desc->command, GFP_KERNEL);
452 if (rv < 0) {
453 desc->outbuf = NULL;
454 clear_bit(WDM_IN_USE, &desc->flags);
455 dev_err(&desc->intf->dev, "Tx URB error: %d\n", rv);
456 rv = usb_translate_errors(rv);
457 goto out_free_mem_pm;
458 } else {
459 dev_dbg(&desc->intf->dev, "Tx URB has been submitted index=%d\n",
460 le16_to_cpu(req->wIndex));
461 }
462
463 usb_autopm_put_interface(desc->intf);
464 mutex_unlock(&desc->wlock);
465outnl:
466 return rv < 0 ? rv : count;
467
468out_free_mem_pm:
469 usb_autopm_put_interface(desc->intf);
470out_free_mem_lock:
471 mutex_unlock(&desc->wlock);
472out_free_mem:
473 kfree(buf);
474 return rv;
475}
476
477/*
478 * Submit the read urb if resp_count is non-zero.
479 *
480 * Called with desc->iuspin locked
481 */
482static int service_outstanding_interrupt(struct wdm_device *desc)
483{
484 int rv = 0;
485
486 /* submit read urb only if the device is waiting for it */
487 if (!desc->resp_count || !--desc->resp_count)
488 goto out;
489
490 set_bit(WDM_RESPONDING, &desc->flags);
491 spin_unlock_irq(&desc->iuspin);
492 rv = usb_submit_urb(desc->response, GFP_KERNEL);
493 spin_lock_irq(&desc->iuspin);
494 if (rv) {
495 dev_err(&desc->intf->dev,
496 "usb_submit_urb failed with result %d\n", rv);
497
498 /* make sure the next notification trigger a submit */
499 clear_bit(WDM_RESPONDING, &desc->flags);
500 desc->resp_count = 0;
501 }
502out:
503 return rv;
504}
505
506static ssize_t wdm_read
507(struct file *file, char __user *buffer, size_t count, loff_t *ppos)
508{
509 int rv, cntr;
510 int i = 0;
511 struct wdm_device *desc = file->private_data;
512
513
514 rv = mutex_lock_interruptible(&desc->rlock); /*concurrent reads */
515 if (rv < 0)
516 return -ERESTARTSYS;
517
518 cntr = ACCESS_ONCE(desc->length);
519 if (cntr == 0) {
520 desc->read = 0;
521retry:
522 if (test_bit(WDM_DISCONNECTING, &desc->flags)) {
523 rv = -ENODEV;
524 goto err;
525 }
526 if (test_bit(WDM_OVERFLOW, &desc->flags)) {
527 clear_bit(WDM_OVERFLOW, &desc->flags);
528 rv = -ENOBUFS;
529 goto err;
530 }
531 i++;
532 if (file->f_flags & O_NONBLOCK) {
533 if (!test_bit(WDM_READ, &desc->flags)) {
534 rv = cntr ? cntr : -EAGAIN;
535 goto err;
536 }
537 rv = 0;
538 } else {
539 rv = wait_event_interruptible(desc->wait,
540 test_bit(WDM_READ, &desc->flags));
541 }
542
543 /* may have happened while we slept */
544 if (test_bit(WDM_DISCONNECTING, &desc->flags)) {
545 rv = -ENODEV;
546 goto err;
547 }
548 if (test_bit(WDM_RESETTING, &desc->flags)) {
549 rv = -EIO;
550 goto err;
551 }
552 usb_mark_last_busy(interface_to_usbdev(desc->intf));
553 if (rv < 0) {
554 rv = -ERESTARTSYS;
555 goto err;
556 }
557
558 spin_lock_irq(&desc->iuspin);
559
560 if (desc->rerr) { /* read completed, error happened */
561 rv = usb_translate_errors(desc->rerr);
562 desc->rerr = 0;
563 spin_unlock_irq(&desc->iuspin);
564 goto err;
565 }
566 /*
567 * recheck whether we've lost the race
568 * against the completion handler
569 */
570 if (!test_bit(WDM_READ, &desc->flags)) { /* lost race */
571 spin_unlock_irq(&desc->iuspin);
572 goto retry;
573 }
574
575 if (!desc->reslength) { /* zero length read */
576 dev_dbg(&desc->intf->dev, "zero length - clearing WDM_READ\n");
577 clear_bit(WDM_READ, &desc->flags);
578 rv = service_outstanding_interrupt(desc);
579 spin_unlock_irq(&desc->iuspin);
580 if (rv < 0)
581 goto err;
582 goto retry;
583 }
584 cntr = desc->length;
585 spin_unlock_irq(&desc->iuspin);
586 }
587
588 if (cntr > count)
589 cntr = count;
590 rv = copy_to_user(buffer, desc->ubuf, cntr);
591 if (rv > 0) {
592 rv = -EFAULT;
593 goto err;
594 }
595
596 spin_lock_irq(&desc->iuspin);
597
598 for (i = 0; i < desc->length - cntr; i++)
599 desc->ubuf[i] = desc->ubuf[i + cntr];
600
601 desc->length -= cntr;
602 /* in case we had outstanding data */
603 if (!desc->length) {
604 clear_bit(WDM_READ, &desc->flags);
605 service_outstanding_interrupt(desc);
606 }
607 spin_unlock_irq(&desc->iuspin);
608 rv = cntr;
609
610err:
611 mutex_unlock(&desc->rlock);
612 return rv;
613}
614
615static int wdm_flush(struct file *file, fl_owner_t id)
616{
617 struct wdm_device *desc = file->private_data;
618
619 wait_event(desc->wait, !test_bit(WDM_IN_USE, &desc->flags));
620
621 /* cannot dereference desc->intf if WDM_DISCONNECTING */
622 if (desc->werr < 0 && !test_bit(WDM_DISCONNECTING, &desc->flags))
623 dev_err(&desc->intf->dev, "Error in flush path: %d\n",
624 desc->werr);
625
626 return usb_translate_errors(desc->werr);
627}
628
629static unsigned int wdm_poll(struct file *file, struct poll_table_struct *wait)
630{
631 struct wdm_device *desc = file->private_data;
632 unsigned long flags;
633 unsigned int mask = 0;
634
635 spin_lock_irqsave(&desc->iuspin, flags);
636 if (test_bit(WDM_DISCONNECTING, &desc->flags)) {
637 mask = POLLHUP | POLLERR;
638 spin_unlock_irqrestore(&desc->iuspin, flags);
639 goto desc_out;
640 }
641 if (test_bit(WDM_READ, &desc->flags))
642 mask = POLLIN | POLLRDNORM;
643 if (desc->rerr || desc->werr)
644 mask |= POLLERR;
645 if (!test_bit(WDM_IN_USE, &desc->flags))
646 mask |= POLLOUT | POLLWRNORM;
647 spin_unlock_irqrestore(&desc->iuspin, flags);
648
649 poll_wait(file, &desc->wait, wait);
650
651desc_out:
652 return mask;
653}
654
655static int wdm_open(struct inode *inode, struct file *file)
656{
657 int minor = iminor(inode);
658 int rv = -ENODEV;
659 struct usb_interface *intf;
660 struct wdm_device *desc;
661
662 mutex_lock(&wdm_mutex);
663 desc = wdm_find_device_by_minor(minor);
664 if (!desc)
665 goto out;
666
667 intf = desc->intf;
668 if (test_bit(WDM_DISCONNECTING, &desc->flags))
669 goto out;
670 file->private_data = desc;
671
672 rv = usb_autopm_get_interface(desc->intf);
673 if (rv < 0) {
674 dev_err(&desc->intf->dev, "Error autopm - %d\n", rv);
675 goto out;
676 }
677
678 /* using write lock to protect desc->count */
679 mutex_lock(&desc->wlock);
680 if (!desc->count++) {
681 desc->werr = 0;
682 desc->rerr = 0;
683 rv = usb_submit_urb(desc->validity, GFP_KERNEL);
684 if (rv < 0) {
685 desc->count--;
686 dev_err(&desc->intf->dev,
687 "Error submitting int urb - %d\n", rv);
688 rv = usb_translate_errors(rv);
689 } else if (test_bit(WDM_DRAIN_ON_OPEN, &desc->flags)) {
690 /*
691 * Some devices keep pending messages queued
692 * without resending notifications. We must
693 * flush the message queue before we can
694 * assume a one-to-one relationship between
695 * notifications and messages in the queue
696 */
697 dev_dbg(&desc->intf->dev, "draining queued data\n");
698 set_bit(WDM_RESPONDING, &desc->flags);
699 rv = usb_submit_urb(desc->response, GFP_KERNEL);
700 }
701 } else {
702 rv = 0;
703 }
704 mutex_unlock(&desc->wlock);
705 if (desc->count == 1)
706 desc->manage_power(intf, 1);
707 usb_autopm_put_interface(desc->intf);
708out:
709 mutex_unlock(&wdm_mutex);
710 return rv;
711}
712
713static int wdm_release(struct inode *inode, struct file *file)
714{
715 struct wdm_device *desc = file->private_data;
716
717 mutex_lock(&wdm_mutex);
718
719 /* using write lock to protect desc->count */
720 mutex_lock(&desc->wlock);
721 desc->count--;
722 mutex_unlock(&desc->wlock);
723
724 if (!desc->count) {
725 if (!test_bit(WDM_DISCONNECTING, &desc->flags)) {
726 dev_dbg(&desc->intf->dev, "wdm_release: cleanup\n");
727 kill_urbs(desc);
728 spin_lock_irq(&desc->iuspin);
729 desc->resp_count = 0;
730 spin_unlock_irq(&desc->iuspin);
731 desc->manage_power(desc->intf, 0);
732 } else {
733 /* must avoid dev_printk here as desc->intf is invalid */
734 pr_debug(KBUILD_MODNAME " %s: device gone - cleaning up\n", __func__);
735 cleanup(desc);
736 }
737 }
738 mutex_unlock(&wdm_mutex);
739 return 0;
740}
741
742static long wdm_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
743{
744 struct wdm_device *desc = file->private_data;
745 int rv = 0;
746
747 switch (cmd) {
748 case IOCTL_WDM_MAX_COMMAND:
749 if (copy_to_user((void __user *)arg, &desc->wMaxCommand, sizeof(desc->wMaxCommand)))
750 rv = -EFAULT;
751 break;
752 default:
753 rv = -ENOTTY;
754 }
755 return rv;
756}
757
758static const struct file_operations wdm_fops = {
759 .owner = THIS_MODULE,
760 .read = wdm_read,
761 .write = wdm_write,
762 .open = wdm_open,
763 .flush = wdm_flush,
764 .release = wdm_release,
765 .poll = wdm_poll,
766 .unlocked_ioctl = wdm_ioctl,
767 .compat_ioctl = wdm_ioctl,
768 .llseek = noop_llseek,
769};
770
771static struct usb_class_driver wdm_class = {
772 .name = "cdc-wdm%d",
773 .fops = &wdm_fops,
774 .minor_base = WDM_MINOR_BASE,
775};
776
777/* --- error handling --- */
778static void wdm_rxwork(struct work_struct *work)
779{
780 struct wdm_device *desc = container_of(work, struct wdm_device, rxwork);
781 unsigned long flags;
782 int rv = 0;
783 int responding;
784
785 spin_lock_irqsave(&desc->iuspin, flags);
786 if (test_bit(WDM_DISCONNECTING, &desc->flags)) {
787 spin_unlock_irqrestore(&desc->iuspin, flags);
788 } else {
789 responding = test_and_set_bit(WDM_RESPONDING, &desc->flags);
790 spin_unlock_irqrestore(&desc->iuspin, flags);
791 if (!responding)
792 rv = usb_submit_urb(desc->response, GFP_KERNEL);
793 if (rv < 0 && rv != -EPERM) {
794 spin_lock_irqsave(&desc->iuspin, flags);
795 clear_bit(WDM_RESPONDING, &desc->flags);
796 if (!test_bit(WDM_DISCONNECTING, &desc->flags))
797 schedule_work(&desc->rxwork);
798 spin_unlock_irqrestore(&desc->iuspin, flags);
799 }
800 }
801}
802
803/* --- hotplug --- */
804
805static int wdm_create(struct usb_interface *intf, struct usb_endpoint_descriptor *ep,
806 u16 bufsize, int (*manage_power)(struct usb_interface *, int),
807 bool drain_on_open)
808{
809 int rv = -ENOMEM;
810 struct wdm_device *desc;
811
812 desc = kzalloc(sizeof(struct wdm_device), GFP_KERNEL);
813 if (!desc)
814 goto out;
815 INIT_LIST_HEAD(&desc->device_list);
816 mutex_init(&desc->rlock);
817 mutex_init(&desc->wlock);
818 spin_lock_init(&desc->iuspin);
819 init_waitqueue_head(&desc->wait);
820 desc->wMaxCommand = bufsize;
821 /* this will be expanded and needed in hardware endianness */
822 desc->inum = cpu_to_le16((u16)intf->cur_altsetting->desc.bInterfaceNumber);
823 desc->intf = intf;
824 INIT_WORK(&desc->rxwork, wdm_rxwork);
825
826 rv = -EINVAL;
827 if (!usb_endpoint_is_int_in(ep))
828 goto err;
829
830 desc->wMaxPacketSize = usb_endpoint_maxp(ep);
831
832 desc->orq = kmalloc(sizeof(struct usb_ctrlrequest), GFP_KERNEL);
833 if (!desc->orq)
834 goto err;
835 desc->irq = kmalloc(sizeof(struct usb_ctrlrequest), GFP_KERNEL);
836 if (!desc->irq)
837 goto err;
838
839 desc->validity = usb_alloc_urb(0, GFP_KERNEL);
840 if (!desc->validity)
841 goto err;
842
843 desc->response = usb_alloc_urb(0, GFP_KERNEL);
844 if (!desc->response)
845 goto err;
846
847 desc->command = usb_alloc_urb(0, GFP_KERNEL);
848 if (!desc->command)
849 goto err;
850
851 desc->ubuf = kmalloc(desc->wMaxCommand, GFP_KERNEL);
852 if (!desc->ubuf)
853 goto err;
854
855 desc->sbuf = kmalloc(desc->wMaxPacketSize, GFP_KERNEL);
856 if (!desc->sbuf)
857 goto err;
858
859 desc->inbuf = kmalloc(desc->wMaxCommand, GFP_KERNEL);
860 if (!desc->inbuf)
861 goto err;
862
863 usb_fill_int_urb(
864 desc->validity,
865 interface_to_usbdev(intf),
866 usb_rcvintpipe(interface_to_usbdev(intf), ep->bEndpointAddress),
867 desc->sbuf,
868 desc->wMaxPacketSize,
869 wdm_int_callback,
870 desc,
871 ep->bInterval
872 );
873
874 desc->irq->bRequestType = (USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_INTERFACE);
875 desc->irq->bRequest = USB_CDC_GET_ENCAPSULATED_RESPONSE;
876 desc->irq->wValue = 0;
877 desc->irq->wIndex = desc->inum; /* already converted */
878 desc->irq->wLength = cpu_to_le16(desc->wMaxCommand);
879
880 usb_fill_control_urb(
881 desc->response,
882 interface_to_usbdev(intf),
883 /* using common endpoint 0 */
884 usb_rcvctrlpipe(interface_to_usbdev(desc->intf), 0),
885 (unsigned char *)desc->irq,
886 desc->inbuf,
887 desc->wMaxCommand,
888 wdm_in_callback,
889 desc
890 );
891
892 desc->manage_power = manage_power;
893
894 /*
895 * "drain_on_open" enables a hack to work around a firmware
896 * issue observed on network functions, in particular MBIM
897 * functions.
898 *
899 * Quoting section 7 of the CDC-WMC r1.1 specification:
900 *
901 * "The firmware shall interpret GetEncapsulatedResponse as a
902 * request to read response bytes. The firmware shall send
903 * the next wLength bytes from the response. The firmware
904 * shall allow the host to retrieve data using any number of
905 * GetEncapsulatedResponse requests. The firmware shall
906 * return a zero- length reply if there are no data bytes
907 * available.
908 *
909 * The firmware shall send ResponseAvailable notifications
910 * periodically, using any appropriate algorithm, to inform
911 * the host that there is data available in the reply
912 * buffer. The firmware is allowed to send ResponseAvailable
913 * notifications even if there is no data available, but
914 * this will obviously reduce overall performance."
915 *
916 * These requirements, although they make equally sense, are
917 * often not implemented by network functions. Some firmwares
918 * will queue data indefinitely, without ever resending a
919 * notification. The result is that the driver and firmware
920 * loses "syncronization" if the driver ever fails to respond
921 * to a single notification, something which easily can happen
922 * on release(). When this happens, the driver will appear to
923 * never receive notifications for the most current data. Each
924 * notification will only cause a single read, which returns
925 * the oldest data in the firmware's queue.
926 *
927 * The "drain_on_open" hack resolves the situation by draining
928 * data from the firmware until none is returned, without a
929 * prior notification.
930 *
931 * This will inevitably race with the firmware, risking that
932 * we read data from the device before handling the associated
933 * notification. To make things worse, some of the devices
934 * needing the hack do not implement the "return zero if no
935 * data is available" requirement either. Instead they return
936 * an error on the subsequent read in this case. This means
937 * that "winning" the race can cause an unexpected EIO to
938 * userspace.
939 *
940 * "winning" the race is more likely on resume() than on
941 * open(), and the unexpected error is more harmful in the
942 * middle of an open session. The hack is therefore only
943 * applied on open(), and not on resume() where it logically
944 * would be equally necessary. So we define open() as the only
945 * driver <-> device "syncronization point". Should we happen
946 * to lose a notification after open(), then syncronization
947 * will be lost until release()
948 *
949 * The hack should not be enabled for CDC WDM devices
950 * conforming to the CDC-WMC r1.1 specification. This is
951 * ensured by setting drain_on_open to false in wdm_probe().
952 */
953 if (drain_on_open)
954 set_bit(WDM_DRAIN_ON_OPEN, &desc->flags);
955
956 spin_lock(&wdm_device_list_lock);
957 list_add(&desc->device_list, &wdm_device_list);
958 spin_unlock(&wdm_device_list_lock);
959
960 rv = usb_register_dev(intf, &wdm_class);
961 if (rv < 0)
962 goto err;
963 else
964 dev_info(&intf->dev, "%s: USB WDM device\n", dev_name(intf->usb_dev));
965out:
966 return rv;
967err:
968 spin_lock(&wdm_device_list_lock);
969 list_del(&desc->device_list);
970 spin_unlock(&wdm_device_list_lock);
971 cleanup(desc);
972 return rv;
973}
974
975static int wdm_manage_power(struct usb_interface *intf, int on)
976{
977 /* need autopm_get/put here to ensure the usbcore sees the new value */
978 int rv = usb_autopm_get_interface(intf);
979
980 intf->needs_remote_wakeup = on;
981 if (!rv)
982 usb_autopm_put_interface(intf);
983 return 0;
984}
985
986static int wdm_probe(struct usb_interface *intf, const struct usb_device_id *id)
987{
988 int rv = -EINVAL;
989 struct usb_host_interface *iface;
990 struct usb_endpoint_descriptor *ep;
991 struct usb_cdc_parsed_header hdr;
992 u8 *buffer = intf->altsetting->extra;
993 int buflen = intf->altsetting->extralen;
994 u16 maxcom = WDM_DEFAULT_BUFSIZE;
995
996 if (!buffer)
997 goto err;
998
999 cdc_parse_cdc_header(&hdr, intf, buffer, buflen);
1000
1001 if (hdr.usb_cdc_dmm_desc)
1002 maxcom = le16_to_cpu(hdr.usb_cdc_dmm_desc->wMaxCommand);
1003
1004 iface = intf->cur_altsetting;
1005 if (iface->desc.bNumEndpoints != 1)
1006 goto err;
1007 ep = &iface->endpoint[0].desc;
1008
1009 rv = wdm_create(intf, ep, maxcom, &wdm_manage_power, false);
1010
1011err:
1012 return rv;
1013}
1014
1015/**
1016 * usb_cdc_wdm_register - register a WDM subdriver
1017 * @intf: usb interface the subdriver will associate with
1018 * @ep: interrupt endpoint to monitor for notifications
1019 * @bufsize: maximum message size to support for read/write
1020 *
1021 * Create WDM usb class character device and associate it with intf
1022 * without binding, allowing another driver to manage the interface.
1023 *
1024 * The subdriver will manage the given interrupt endpoint exclusively
1025 * and will issue control requests referring to the given intf. It
1026 * will otherwise avoid interferring, and in particular not do
1027 * usb_set_intfdata/usb_get_intfdata on intf.
1028 *
1029 * The return value is a pointer to the subdriver's struct usb_driver.
1030 * The registering driver is responsible for calling this subdriver's
1031 * disconnect, suspend, resume, pre_reset and post_reset methods from
1032 * its own.
1033 */
1034struct usb_driver *usb_cdc_wdm_register(struct usb_interface *intf,
1035 struct usb_endpoint_descriptor *ep,
1036 int bufsize,
1037 int (*manage_power)(struct usb_interface *, int))
1038{
1039 int rv = -EINVAL;
1040
1041 rv = wdm_create(intf, ep, bufsize, manage_power, true);
1042 if (rv < 0)
1043 goto err;
1044
1045 return &wdm_driver;
1046err:
1047 return ERR_PTR(rv);
1048}
1049EXPORT_SYMBOL(usb_cdc_wdm_register);
1050
1051static void wdm_disconnect(struct usb_interface *intf)
1052{
1053 struct wdm_device *desc;
1054 unsigned long flags;
1055
1056 usb_deregister_dev(intf, &wdm_class);
1057 desc = wdm_find_device(intf);
1058 mutex_lock(&wdm_mutex);
1059
1060 /* the spinlock makes sure no new urbs are generated in the callbacks */
1061 spin_lock_irqsave(&desc->iuspin, flags);
1062 set_bit(WDM_DISCONNECTING, &desc->flags);
1063 set_bit(WDM_READ, &desc->flags);
1064 /* to terminate pending flushes */
1065 clear_bit(WDM_IN_USE, &desc->flags);
1066 spin_unlock_irqrestore(&desc->iuspin, flags);
1067 wake_up_all(&desc->wait);
1068 mutex_lock(&desc->rlock);
1069 mutex_lock(&desc->wlock);
1070 kill_urbs(desc);
1071 cancel_work_sync(&desc->rxwork);
1072 mutex_unlock(&desc->wlock);
1073 mutex_unlock(&desc->rlock);
1074
1075 /* the desc->intf pointer used as list key is now invalid */
1076 spin_lock(&wdm_device_list_lock);
1077 list_del(&desc->device_list);
1078 spin_unlock(&wdm_device_list_lock);
1079
1080 if (!desc->count)
1081 cleanup(desc);
1082 else
1083 dev_dbg(&intf->dev, "%d open files - postponing cleanup\n", desc->count);
1084 mutex_unlock(&wdm_mutex);
1085}
1086
1087#ifdef CONFIG_PM
1088static int wdm_suspend(struct usb_interface *intf, pm_message_t message)
1089{
1090 struct wdm_device *desc = wdm_find_device(intf);
1091 int rv = 0;
1092
1093 dev_dbg(&desc->intf->dev, "wdm%d_suspend\n", intf->minor);
1094
1095 /* if this is an autosuspend the caller does the locking */
1096 if (!PMSG_IS_AUTO(message)) {
1097 mutex_lock(&desc->rlock);
1098 mutex_lock(&desc->wlock);
1099 }
1100 spin_lock_irq(&desc->iuspin);
1101
1102 if (PMSG_IS_AUTO(message) &&
1103 (test_bit(WDM_IN_USE, &desc->flags)
1104 || test_bit(WDM_RESPONDING, &desc->flags))) {
1105 spin_unlock_irq(&desc->iuspin);
1106 rv = -EBUSY;
1107 } else {
1108
1109 set_bit(WDM_SUSPENDING, &desc->flags);
1110 spin_unlock_irq(&desc->iuspin);
1111 /* callback submits work - order is essential */
1112 kill_urbs(desc);
1113 cancel_work_sync(&desc->rxwork);
1114 }
1115 if (!PMSG_IS_AUTO(message)) {
1116 mutex_unlock(&desc->wlock);
1117 mutex_unlock(&desc->rlock);
1118 }
1119
1120 return rv;
1121}
1122#endif
1123
1124static int recover_from_urb_loss(struct wdm_device *desc)
1125{
1126 int rv = 0;
1127
1128 if (desc->count) {
1129 rv = usb_submit_urb(desc->validity, GFP_NOIO);
1130 if (rv < 0)
1131 dev_err(&desc->intf->dev,
1132 "Error resume submitting int urb - %d\n", rv);
1133 }
1134 return rv;
1135}
1136
1137#ifdef CONFIG_PM
1138static int wdm_resume(struct usb_interface *intf)
1139{
1140 struct wdm_device *desc = wdm_find_device(intf);
1141 int rv;
1142
1143 dev_dbg(&desc->intf->dev, "wdm%d_resume\n", intf->minor);
1144
1145 clear_bit(WDM_SUSPENDING, &desc->flags);
1146 rv = recover_from_urb_loss(desc);
1147
1148 return rv;
1149}
1150#endif
1151
1152static int wdm_pre_reset(struct usb_interface *intf)
1153{
1154 struct wdm_device *desc = wdm_find_device(intf);
1155
1156 /*
1157 * we notify everybody using poll of
1158 * an exceptional situation
1159 * must be done before recovery lest a spontaneous
1160 * message from the device is lost
1161 */
1162 spin_lock_irq(&desc->iuspin);
1163 set_bit(WDM_RESETTING, &desc->flags); /* inform read/write */
1164 set_bit(WDM_READ, &desc->flags); /* unblock read */
1165 clear_bit(WDM_IN_USE, &desc->flags); /* unblock write */
1166 desc->rerr = -EINTR;
1167 spin_unlock_irq(&desc->iuspin);
1168 wake_up_all(&desc->wait);
1169 mutex_lock(&desc->rlock);
1170 mutex_lock(&desc->wlock);
1171 kill_urbs(desc);
1172 cancel_work_sync(&desc->rxwork);
1173 return 0;
1174}
1175
1176static int wdm_post_reset(struct usb_interface *intf)
1177{
1178 struct wdm_device *desc = wdm_find_device(intf);
1179 int rv;
1180
1181 clear_bit(WDM_OVERFLOW, &desc->flags);
1182 clear_bit(WDM_RESETTING, &desc->flags);
1183 rv = recover_from_urb_loss(desc);
1184 mutex_unlock(&desc->wlock);
1185 mutex_unlock(&desc->rlock);
1186 return 0;
1187}
1188
1189static struct usb_driver wdm_driver = {
1190 .name = "cdc_wdm",
1191 .probe = wdm_probe,
1192 .disconnect = wdm_disconnect,
1193#ifdef CONFIG_PM
1194 .suspend = wdm_suspend,
1195 .resume = wdm_resume,
1196 .reset_resume = wdm_resume,
1197#endif
1198 .pre_reset = wdm_pre_reset,
1199 .post_reset = wdm_post_reset,
1200 .id_table = wdm_ids,
1201 .supports_autosuspend = 1,
1202 .disable_hub_initiated_lpm = 1,
1203};
1204
1205module_usb_driver(wdm_driver);
1206
1207MODULE_AUTHOR(DRIVER_AUTHOR);
1208MODULE_DESCRIPTION(DRIVER_DESC);
1209MODULE_LICENSE("GPL");