Loading...
1// SPDX-License-Identifier: GPL-2.0+
2/*
3 * drivers/usb/class/usbtmc.c - USB Test & Measurement class driver
4 *
5 * Copyright (C) 2007 Stefan Kopp, Gechingen, Germany
6 * Copyright (C) 2008 Novell, Inc.
7 * Copyright (C) 2008 Greg Kroah-Hartman <gregkh@suse.de>
8 * Copyright (C) 2018 IVI Foundation, Inc.
9 */
10
11#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
12
13#include <linux/module.h>
14#include <linux/kernel.h>
15#include <linux/fs.h>
16#include <linux/uaccess.h>
17#include <linux/kref.h>
18#include <linux/slab.h>
19#include <linux/poll.h>
20#include <linux/mutex.h>
21#include <linux/usb.h>
22#include <linux/compat.h>
23#include <linux/usb/tmc.h>
24
25/* Increment API VERSION when changing tmc.h with new flags or ioctls
26 * or when changing a significant behavior of the driver.
27 */
28#define USBTMC_API_VERSION (3)
29
30#define USBTMC_HEADER_SIZE 12
31#define USBTMC_MINOR_BASE 176
32
33/* Minimum USB timeout (in milliseconds) */
34#define USBTMC_MIN_TIMEOUT 100
35/* Default USB timeout (in milliseconds) */
36#define USBTMC_TIMEOUT 5000
37
38/* Max number of urbs used in write transfers */
39#define MAX_URBS_IN_FLIGHT 16
40/* I/O buffer size used in generic read/write functions */
41#define USBTMC_BUFSIZE (4096)
42
43/*
44 * Maximum number of read cycles to empty bulk in endpoint during CLEAR and
45 * ABORT_BULK_IN requests. Ends the loop if (for whatever reason) a short
46 * packet is never read.
47 */
48#define USBTMC_MAX_READS_TO_CLEAR_BULK_IN 100
49
50static const struct usb_device_id usbtmc_devices[] = {
51 { USB_INTERFACE_INFO(USB_CLASS_APP_SPEC, 3, 0), },
52 { USB_INTERFACE_INFO(USB_CLASS_APP_SPEC, 3, 1), },
53 { 0, } /* terminating entry */
54};
55MODULE_DEVICE_TABLE(usb, usbtmc_devices);
56
57/*
58 * This structure is the capabilities for the device
59 * See section 4.2.1.8 of the USBTMC specification,
60 * and section 4.2.2 of the USBTMC usb488 subclass
61 * specification for details.
62 */
63struct usbtmc_dev_capabilities {
64 __u8 interface_capabilities;
65 __u8 device_capabilities;
66 __u8 usb488_interface_capabilities;
67 __u8 usb488_device_capabilities;
68};
69
70/* This structure holds private data for each USBTMC device. One copy is
71 * allocated for each USBTMC device in the driver's probe function.
72 */
73struct usbtmc_device_data {
74 const struct usb_device_id *id;
75 struct usb_device *usb_dev;
76 struct usb_interface *intf;
77 struct list_head file_list;
78
79 unsigned int bulk_in;
80 unsigned int bulk_out;
81
82 u8 bTag;
83 u8 bTag_last_write; /* needed for abort */
84 u8 bTag_last_read; /* needed for abort */
85
86 /* packet size of IN bulk */
87 u16 wMaxPacketSize;
88
89 /* data for interrupt in endpoint handling */
90 u8 bNotify1;
91 u8 bNotify2;
92 u16 ifnum;
93 u8 iin_bTag;
94 u8 *iin_buffer;
95 atomic_t iin_data_valid;
96 unsigned int iin_ep;
97 int iin_ep_present;
98 int iin_interval;
99 struct urb *iin_urb;
100 u16 iin_wMaxPacketSize;
101
102 /* coalesced usb488_caps from usbtmc_dev_capabilities */
103 __u8 usb488_caps;
104
105 bool zombie; /* fd of disconnected device */
106
107 struct usbtmc_dev_capabilities capabilities;
108 struct kref kref;
109 struct mutex io_mutex; /* only one i/o function running at a time */
110 wait_queue_head_t waitq;
111 struct fasync_struct *fasync;
112 spinlock_t dev_lock; /* lock for file_list */
113};
114#define to_usbtmc_data(d) container_of(d, struct usbtmc_device_data, kref)
115
116/*
117 * This structure holds private data for each USBTMC file handle.
118 */
119struct usbtmc_file_data {
120 struct usbtmc_device_data *data;
121 struct list_head file_elem;
122
123 u32 timeout;
124 u8 srq_byte;
125 atomic_t srq_asserted;
126 atomic_t closing;
127 u8 bmTransferAttributes; /* member of DEV_DEP_MSG_IN */
128
129 u8 eom_val;
130 u8 term_char;
131 bool term_char_enabled;
132 bool auto_abort;
133
134 spinlock_t err_lock; /* lock for errors */
135
136 struct usb_anchor submitted;
137
138 /* data for generic_write */
139 struct semaphore limit_write_sem;
140 u32 out_transfer_size;
141 int out_status;
142
143 /* data for generic_read */
144 u32 in_transfer_size;
145 int in_status;
146 int in_urbs_used;
147 struct usb_anchor in_anchor;
148 wait_queue_head_t wait_bulk_in;
149};
150
151/* Forward declarations */
152static struct usb_driver usbtmc_driver;
153static void usbtmc_draw_down(struct usbtmc_file_data *file_data);
154
155static void usbtmc_delete(struct kref *kref)
156{
157 struct usbtmc_device_data *data = to_usbtmc_data(kref);
158
159 usb_put_dev(data->usb_dev);
160 kfree(data);
161}
162
163static int usbtmc_open(struct inode *inode, struct file *filp)
164{
165 struct usb_interface *intf;
166 struct usbtmc_device_data *data;
167 struct usbtmc_file_data *file_data;
168
169 intf = usb_find_interface(&usbtmc_driver, iminor(inode));
170 if (!intf) {
171 pr_err("can not find device for minor %d", iminor(inode));
172 return -ENODEV;
173 }
174
175 file_data = kzalloc(sizeof(*file_data), GFP_KERNEL);
176 if (!file_data)
177 return -ENOMEM;
178
179 spin_lock_init(&file_data->err_lock);
180 sema_init(&file_data->limit_write_sem, MAX_URBS_IN_FLIGHT);
181 init_usb_anchor(&file_data->submitted);
182 init_usb_anchor(&file_data->in_anchor);
183 init_waitqueue_head(&file_data->wait_bulk_in);
184
185 data = usb_get_intfdata(intf);
186 /* Protect reference to data from file structure until release */
187 kref_get(&data->kref);
188
189 mutex_lock(&data->io_mutex);
190 file_data->data = data;
191
192 atomic_set(&file_data->closing, 0);
193
194 file_data->timeout = USBTMC_TIMEOUT;
195 file_data->term_char = '\n';
196 file_data->term_char_enabled = 0;
197 file_data->auto_abort = 0;
198 file_data->eom_val = 1;
199
200 INIT_LIST_HEAD(&file_data->file_elem);
201 spin_lock_irq(&data->dev_lock);
202 list_add_tail(&file_data->file_elem, &data->file_list);
203 spin_unlock_irq(&data->dev_lock);
204 mutex_unlock(&data->io_mutex);
205
206 /* Store pointer in file structure's private data field */
207 filp->private_data = file_data;
208
209 return 0;
210}
211
212/*
213 * usbtmc_flush - called before file handle is closed
214 */
215static int usbtmc_flush(struct file *file, fl_owner_t id)
216{
217 struct usbtmc_file_data *file_data;
218 struct usbtmc_device_data *data;
219
220 file_data = file->private_data;
221 if (file_data == NULL)
222 return -ENODEV;
223
224 atomic_set(&file_data->closing, 1);
225 data = file_data->data;
226
227 /* wait for io to stop */
228 mutex_lock(&data->io_mutex);
229
230 usbtmc_draw_down(file_data);
231
232 spin_lock_irq(&file_data->err_lock);
233 file_data->in_status = 0;
234 file_data->in_transfer_size = 0;
235 file_data->in_urbs_used = 0;
236 file_data->out_status = 0;
237 file_data->out_transfer_size = 0;
238 spin_unlock_irq(&file_data->err_lock);
239
240 wake_up_interruptible_all(&data->waitq);
241 mutex_unlock(&data->io_mutex);
242
243 return 0;
244}
245
246static int usbtmc_release(struct inode *inode, struct file *file)
247{
248 struct usbtmc_file_data *file_data = file->private_data;
249
250 /* prevent IO _AND_ usbtmc_interrupt */
251 mutex_lock(&file_data->data->io_mutex);
252 spin_lock_irq(&file_data->data->dev_lock);
253
254 list_del(&file_data->file_elem);
255
256 spin_unlock_irq(&file_data->data->dev_lock);
257 mutex_unlock(&file_data->data->io_mutex);
258
259 kref_put(&file_data->data->kref, usbtmc_delete);
260 file_data->data = NULL;
261 kfree(file_data);
262 return 0;
263}
264
265static int usbtmc_ioctl_abort_bulk_in_tag(struct usbtmc_device_data *data,
266 u8 tag)
267{
268 u8 *buffer;
269 struct device *dev;
270 int rv;
271 int n;
272 int actual;
273
274 dev = &data->intf->dev;
275 buffer = kmalloc(USBTMC_BUFSIZE, GFP_KERNEL);
276 if (!buffer)
277 return -ENOMEM;
278
279 rv = usb_control_msg(data->usb_dev,
280 usb_rcvctrlpipe(data->usb_dev, 0),
281 USBTMC_REQUEST_INITIATE_ABORT_BULK_IN,
282 USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_ENDPOINT,
283 tag, data->bulk_in,
284 buffer, 2, USB_CTRL_GET_TIMEOUT);
285
286 if (rv < 0) {
287 dev_err(dev, "usb_control_msg returned %d\n", rv);
288 goto exit;
289 }
290
291 dev_dbg(dev, "INITIATE_ABORT_BULK_IN returned %x with tag %02x\n",
292 buffer[0], buffer[1]);
293
294 if (buffer[0] == USBTMC_STATUS_FAILED) {
295 /* No transfer in progress and the Bulk-OUT FIFO is empty. */
296 rv = 0;
297 goto exit;
298 }
299
300 if (buffer[0] == USBTMC_STATUS_TRANSFER_NOT_IN_PROGRESS) {
301 /* The device returns this status if either:
302 * - There is a transfer in progress, but the specified bTag
303 * does not match.
304 * - There is no transfer in progress, but the Bulk-OUT FIFO
305 * is not empty.
306 */
307 rv = -ENOMSG;
308 goto exit;
309 }
310
311 if (buffer[0] != USBTMC_STATUS_SUCCESS) {
312 dev_err(dev, "INITIATE_ABORT_BULK_IN returned %x\n",
313 buffer[0]);
314 rv = -EPERM;
315 goto exit;
316 }
317
318 n = 0;
319
320usbtmc_abort_bulk_in_status:
321 dev_dbg(dev, "Reading from bulk in EP\n");
322
323 /* Data must be present. So use low timeout 300 ms */
324 actual = 0;
325 rv = usb_bulk_msg(data->usb_dev,
326 usb_rcvbulkpipe(data->usb_dev,
327 data->bulk_in),
328 buffer, USBTMC_BUFSIZE,
329 &actual, 300);
330
331 print_hex_dump_debug("usbtmc ", DUMP_PREFIX_NONE, 16, 1,
332 buffer, actual, true);
333
334 n++;
335
336 if (rv < 0) {
337 dev_err(dev, "usb_bulk_msg returned %d\n", rv);
338 if (rv != -ETIMEDOUT)
339 goto exit;
340 }
341
342 if (actual == USBTMC_BUFSIZE)
343 goto usbtmc_abort_bulk_in_status;
344
345 if (n >= USBTMC_MAX_READS_TO_CLEAR_BULK_IN) {
346 dev_err(dev, "Couldn't clear device buffer within %d cycles\n",
347 USBTMC_MAX_READS_TO_CLEAR_BULK_IN);
348 rv = -EPERM;
349 goto exit;
350 }
351
352 rv = usb_control_msg(data->usb_dev,
353 usb_rcvctrlpipe(data->usb_dev, 0),
354 USBTMC_REQUEST_CHECK_ABORT_BULK_IN_STATUS,
355 USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_ENDPOINT,
356 0, data->bulk_in, buffer, 0x08,
357 USB_CTRL_GET_TIMEOUT);
358
359 if (rv < 0) {
360 dev_err(dev, "usb_control_msg returned %d\n", rv);
361 goto exit;
362 }
363
364 dev_dbg(dev, "CHECK_ABORT_BULK_IN returned %x\n", buffer[0]);
365
366 if (buffer[0] == USBTMC_STATUS_SUCCESS) {
367 rv = 0;
368 goto exit;
369 }
370
371 if (buffer[0] != USBTMC_STATUS_PENDING) {
372 dev_err(dev, "CHECK_ABORT_BULK_IN returned %x\n", buffer[0]);
373 rv = -EPERM;
374 goto exit;
375 }
376
377 if ((buffer[1] & 1) > 0) {
378 /* The device has 1 or more queued packets the Host can read */
379 goto usbtmc_abort_bulk_in_status;
380 }
381
382 /* The Host must send CHECK_ABORT_BULK_IN_STATUS at a later time. */
383 rv = -EAGAIN;
384exit:
385 kfree(buffer);
386 return rv;
387}
388
389static int usbtmc_ioctl_abort_bulk_in(struct usbtmc_device_data *data)
390{
391 return usbtmc_ioctl_abort_bulk_in_tag(data, data->bTag_last_read);
392}
393
394static int usbtmc_ioctl_abort_bulk_out_tag(struct usbtmc_device_data *data,
395 u8 tag)
396{
397 struct device *dev;
398 u8 *buffer;
399 int rv;
400 int n;
401
402 dev = &data->intf->dev;
403
404 buffer = kmalloc(8, GFP_KERNEL);
405 if (!buffer)
406 return -ENOMEM;
407
408 rv = usb_control_msg(data->usb_dev,
409 usb_rcvctrlpipe(data->usb_dev, 0),
410 USBTMC_REQUEST_INITIATE_ABORT_BULK_OUT,
411 USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_ENDPOINT,
412 tag, data->bulk_out,
413 buffer, 2, USB_CTRL_GET_TIMEOUT);
414
415 if (rv < 0) {
416 dev_err(dev, "usb_control_msg returned %d\n", rv);
417 goto exit;
418 }
419
420 dev_dbg(dev, "INITIATE_ABORT_BULK_OUT returned %x\n", buffer[0]);
421
422 if (buffer[0] != USBTMC_STATUS_SUCCESS) {
423 dev_err(dev, "INITIATE_ABORT_BULK_OUT returned %x\n",
424 buffer[0]);
425 rv = -EPERM;
426 goto exit;
427 }
428
429 n = 0;
430
431usbtmc_abort_bulk_out_check_status:
432 /* do not stress device with subsequent requests */
433 msleep(50);
434 rv = usb_control_msg(data->usb_dev,
435 usb_rcvctrlpipe(data->usb_dev, 0),
436 USBTMC_REQUEST_CHECK_ABORT_BULK_OUT_STATUS,
437 USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_ENDPOINT,
438 0, data->bulk_out, buffer, 0x08,
439 USB_CTRL_GET_TIMEOUT);
440 n++;
441 if (rv < 0) {
442 dev_err(dev, "usb_control_msg returned %d\n", rv);
443 goto exit;
444 }
445
446 dev_dbg(dev, "CHECK_ABORT_BULK_OUT returned %x\n", buffer[0]);
447
448 if (buffer[0] == USBTMC_STATUS_SUCCESS)
449 goto usbtmc_abort_bulk_out_clear_halt;
450
451 if ((buffer[0] == USBTMC_STATUS_PENDING) &&
452 (n < USBTMC_MAX_READS_TO_CLEAR_BULK_IN))
453 goto usbtmc_abort_bulk_out_check_status;
454
455 rv = -EPERM;
456 goto exit;
457
458usbtmc_abort_bulk_out_clear_halt:
459 rv = usb_clear_halt(data->usb_dev,
460 usb_sndbulkpipe(data->usb_dev, data->bulk_out));
461
462 if (rv < 0) {
463 dev_err(dev, "usb_control_msg returned %d\n", rv);
464 goto exit;
465 }
466 rv = 0;
467
468exit:
469 kfree(buffer);
470 return rv;
471}
472
473static int usbtmc_ioctl_abort_bulk_out(struct usbtmc_device_data *data)
474{
475 return usbtmc_ioctl_abort_bulk_out_tag(data, data->bTag_last_write);
476}
477
478static int usbtmc_get_stb(struct usbtmc_file_data *file_data, __u8 *stb)
479{
480 struct usbtmc_device_data *data = file_data->data;
481 struct device *dev = &data->intf->dev;
482 u8 *buffer;
483 u8 tag;
484 int rv;
485
486 dev_dbg(dev, "Enter ioctl_read_stb iin_ep_present: %d\n",
487 data->iin_ep_present);
488
489 buffer = kmalloc(8, GFP_KERNEL);
490 if (!buffer)
491 return -ENOMEM;
492
493 atomic_set(&data->iin_data_valid, 0);
494
495 rv = usb_control_msg(data->usb_dev,
496 usb_rcvctrlpipe(data->usb_dev, 0),
497 USBTMC488_REQUEST_READ_STATUS_BYTE,
498 USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_INTERFACE,
499 data->iin_bTag,
500 data->ifnum,
501 buffer, 0x03, USB_CTRL_GET_TIMEOUT);
502 if (rv < 0) {
503 dev_err(dev, "stb usb_control_msg returned %d\n", rv);
504 goto exit;
505 }
506
507 if (buffer[0] != USBTMC_STATUS_SUCCESS) {
508 dev_err(dev, "control status returned %x\n", buffer[0]);
509 rv = -EIO;
510 goto exit;
511 }
512
513 if (data->iin_ep_present) {
514 rv = wait_event_interruptible_timeout(
515 data->waitq,
516 atomic_read(&data->iin_data_valid) != 0,
517 file_data->timeout);
518 if (rv < 0) {
519 dev_dbg(dev, "wait interrupted %d\n", rv);
520 goto exit;
521 }
522
523 if (rv == 0) {
524 dev_dbg(dev, "wait timed out\n");
525 rv = -ETIMEDOUT;
526 goto exit;
527 }
528
529 tag = data->bNotify1 & 0x7f;
530 if (tag != data->iin_bTag) {
531 dev_err(dev, "expected bTag %x got %x\n",
532 data->iin_bTag, tag);
533 }
534
535 *stb = data->bNotify2;
536 } else {
537 *stb = buffer[2];
538 }
539
540 dev_dbg(dev, "stb:0x%02x received %d\n", (unsigned int)*stb, rv);
541
542 exit:
543 /* bump interrupt bTag */
544 data->iin_bTag += 1;
545 if (data->iin_bTag > 127)
546 /* 1 is for SRQ see USBTMC-USB488 subclass spec section 4.3.1 */
547 data->iin_bTag = 2;
548
549 kfree(buffer);
550 return rv;
551}
552
553static int usbtmc488_ioctl_read_stb(struct usbtmc_file_data *file_data,
554 void __user *arg)
555{
556 int srq_asserted = 0;
557 __u8 stb;
558 int rv;
559
560 rv = usbtmc_get_stb(file_data, &stb);
561
562 if (rv > 0) {
563 srq_asserted = atomic_xchg(&file_data->srq_asserted,
564 srq_asserted);
565 if (srq_asserted)
566 stb |= 0x40; /* Set RQS bit */
567
568 rv = put_user(stb, (__u8 __user *)arg);
569 }
570 return rv;
571
572}
573
574static int usbtmc_ioctl_get_srq_stb(struct usbtmc_file_data *file_data,
575 void __user *arg)
576{
577 struct usbtmc_device_data *data = file_data->data;
578 struct device *dev = &data->intf->dev;
579 int srq_asserted = 0;
580 __u8 stb = 0;
581 int rv;
582
583 spin_lock_irq(&data->dev_lock);
584 srq_asserted = atomic_xchg(&file_data->srq_asserted, srq_asserted);
585
586 if (srq_asserted) {
587 stb = file_data->srq_byte;
588 spin_unlock_irq(&data->dev_lock);
589 rv = put_user(stb, (__u8 __user *)arg);
590 } else {
591 spin_unlock_irq(&data->dev_lock);
592 rv = -ENOMSG;
593 }
594
595 dev_dbg(dev, "stb:0x%02x with srq received %d\n", (unsigned int)stb, rv);
596
597 return rv;
598}
599
600static int usbtmc488_ioctl_wait_srq(struct usbtmc_file_data *file_data,
601 __u32 __user *arg)
602{
603 struct usbtmc_device_data *data = file_data->data;
604 struct device *dev = &data->intf->dev;
605 int rv;
606 u32 timeout;
607 unsigned long expire;
608
609 if (!data->iin_ep_present) {
610 dev_dbg(dev, "no interrupt endpoint present\n");
611 return -EFAULT;
612 }
613
614 if (get_user(timeout, arg))
615 return -EFAULT;
616
617 expire = msecs_to_jiffies(timeout);
618
619 mutex_unlock(&data->io_mutex);
620
621 rv = wait_event_interruptible_timeout(
622 data->waitq,
623 atomic_read(&file_data->srq_asserted) != 0 ||
624 atomic_read(&file_data->closing),
625 expire);
626
627 mutex_lock(&data->io_mutex);
628
629 /* Note! disconnect or close could be called in the meantime */
630 if (atomic_read(&file_data->closing) || data->zombie)
631 rv = -ENODEV;
632
633 if (rv < 0) {
634 /* dev can be invalid now! */
635 pr_debug("%s - wait interrupted %d\n", __func__, rv);
636 return rv;
637 }
638
639 if (rv == 0) {
640 dev_dbg(dev, "%s - wait timed out\n", __func__);
641 return -ETIMEDOUT;
642 }
643
644 dev_dbg(dev, "%s - srq asserted\n", __func__);
645 return 0;
646}
647
648static int usbtmc488_ioctl_simple(struct usbtmc_device_data *data,
649 void __user *arg, unsigned int cmd)
650{
651 struct device *dev = &data->intf->dev;
652 __u8 val;
653 u8 *buffer;
654 u16 wValue;
655 int rv;
656
657 if (!(data->usb488_caps & USBTMC488_CAPABILITY_SIMPLE))
658 return -EINVAL;
659
660 buffer = kmalloc(8, GFP_KERNEL);
661 if (!buffer)
662 return -ENOMEM;
663
664 if (cmd == USBTMC488_REQUEST_REN_CONTROL) {
665 rv = copy_from_user(&val, arg, sizeof(val));
666 if (rv) {
667 rv = -EFAULT;
668 goto exit;
669 }
670 wValue = val ? 1 : 0;
671 } else {
672 wValue = 0;
673 }
674
675 rv = usb_control_msg(data->usb_dev,
676 usb_rcvctrlpipe(data->usb_dev, 0),
677 cmd,
678 USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_INTERFACE,
679 wValue,
680 data->ifnum,
681 buffer, 0x01, USB_CTRL_GET_TIMEOUT);
682 if (rv < 0) {
683 dev_err(dev, "simple usb_control_msg failed %d\n", rv);
684 goto exit;
685 } else if (rv != 1) {
686 dev_warn(dev, "simple usb_control_msg returned %d\n", rv);
687 rv = -EIO;
688 goto exit;
689 }
690
691 if (buffer[0] != USBTMC_STATUS_SUCCESS) {
692 dev_err(dev, "simple control status returned %x\n", buffer[0]);
693 rv = -EIO;
694 goto exit;
695 }
696 rv = 0;
697
698 exit:
699 kfree(buffer);
700 return rv;
701}
702
703/*
704 * Sends a TRIGGER Bulk-OUT command message
705 * See the USBTMC-USB488 specification, Table 2.
706 *
707 * Also updates bTag_last_write.
708 */
709static int usbtmc488_ioctl_trigger(struct usbtmc_file_data *file_data)
710{
711 struct usbtmc_device_data *data = file_data->data;
712 int retval;
713 u8 *buffer;
714 int actual;
715
716 buffer = kzalloc(USBTMC_HEADER_SIZE, GFP_KERNEL);
717 if (!buffer)
718 return -ENOMEM;
719
720 buffer[0] = 128;
721 buffer[1] = data->bTag;
722 buffer[2] = ~data->bTag;
723
724 retval = usb_bulk_msg(data->usb_dev,
725 usb_sndbulkpipe(data->usb_dev,
726 data->bulk_out),
727 buffer, USBTMC_HEADER_SIZE,
728 &actual, file_data->timeout);
729
730 /* Store bTag (in case we need to abort) */
731 data->bTag_last_write = data->bTag;
732
733 /* Increment bTag -- and increment again if zero */
734 data->bTag++;
735 if (!data->bTag)
736 data->bTag++;
737
738 kfree(buffer);
739 if (retval < 0) {
740 dev_err(&data->intf->dev, "%s returned %d\n",
741 __func__, retval);
742 return retval;
743 }
744
745 return 0;
746}
747
748static struct urb *usbtmc_create_urb(void)
749{
750 const size_t bufsize = USBTMC_BUFSIZE;
751 u8 *dmabuf = NULL;
752 struct urb *urb = usb_alloc_urb(0, GFP_KERNEL);
753
754 if (!urb)
755 return NULL;
756
757 dmabuf = kmalloc(bufsize, GFP_KERNEL);
758 if (!dmabuf) {
759 usb_free_urb(urb);
760 return NULL;
761 }
762
763 urb->transfer_buffer = dmabuf;
764 urb->transfer_buffer_length = bufsize;
765 urb->transfer_flags |= URB_FREE_BUFFER;
766 return urb;
767}
768
769static void usbtmc_read_bulk_cb(struct urb *urb)
770{
771 struct usbtmc_file_data *file_data = urb->context;
772 int status = urb->status;
773 unsigned long flags;
774
775 /* sync/async unlink faults aren't errors */
776 if (status) {
777 if (!(/* status == -ENOENT || */
778 status == -ECONNRESET ||
779 status == -EREMOTEIO || /* Short packet */
780 status == -ESHUTDOWN))
781 dev_err(&file_data->data->intf->dev,
782 "%s - nonzero read bulk status received: %d\n",
783 __func__, status);
784
785 spin_lock_irqsave(&file_data->err_lock, flags);
786 if (!file_data->in_status)
787 file_data->in_status = status;
788 spin_unlock_irqrestore(&file_data->err_lock, flags);
789 }
790
791 spin_lock_irqsave(&file_data->err_lock, flags);
792 file_data->in_transfer_size += urb->actual_length;
793 dev_dbg(&file_data->data->intf->dev,
794 "%s - total size: %u current: %d status: %d\n",
795 __func__, file_data->in_transfer_size,
796 urb->actual_length, status);
797 spin_unlock_irqrestore(&file_data->err_lock, flags);
798 usb_anchor_urb(urb, &file_data->in_anchor);
799
800 wake_up_interruptible(&file_data->wait_bulk_in);
801 wake_up_interruptible(&file_data->data->waitq);
802}
803
804static inline bool usbtmc_do_transfer(struct usbtmc_file_data *file_data)
805{
806 bool data_or_error;
807
808 spin_lock_irq(&file_data->err_lock);
809 data_or_error = !usb_anchor_empty(&file_data->in_anchor)
810 || file_data->in_status;
811 spin_unlock_irq(&file_data->err_lock);
812 dev_dbg(&file_data->data->intf->dev, "%s: returns %d\n", __func__,
813 data_or_error);
814 return data_or_error;
815}
816
817static ssize_t usbtmc_generic_read(struct usbtmc_file_data *file_data,
818 void __user *user_buffer,
819 u32 transfer_size,
820 u32 *transferred,
821 u32 flags)
822{
823 struct usbtmc_device_data *data = file_data->data;
824 struct device *dev = &data->intf->dev;
825 u32 done = 0;
826 u32 remaining;
827 const u32 bufsize = USBTMC_BUFSIZE;
828 int retval = 0;
829 u32 max_transfer_size;
830 unsigned long expire;
831 int bufcount = 1;
832 int again = 0;
833
834 /* mutex already locked */
835
836 *transferred = done;
837
838 max_transfer_size = transfer_size;
839
840 if (flags & USBTMC_FLAG_IGNORE_TRAILER) {
841 /* The device may send extra alignment bytes (up to
842 * wMaxPacketSize – 1) to avoid sending a zero-length
843 * packet
844 */
845 remaining = transfer_size;
846 if ((max_transfer_size % data->wMaxPacketSize) == 0)
847 max_transfer_size += (data->wMaxPacketSize - 1);
848 } else {
849 /* round down to bufsize to avoid truncated data left */
850 if (max_transfer_size > bufsize) {
851 max_transfer_size =
852 roundup(max_transfer_size + 1 - bufsize,
853 bufsize);
854 }
855 remaining = max_transfer_size;
856 }
857
858 spin_lock_irq(&file_data->err_lock);
859
860 if (file_data->in_status) {
861 /* return the very first error */
862 retval = file_data->in_status;
863 spin_unlock_irq(&file_data->err_lock);
864 goto error;
865 }
866
867 if (flags & USBTMC_FLAG_ASYNC) {
868 if (usb_anchor_empty(&file_data->in_anchor))
869 again = 1;
870
871 if (file_data->in_urbs_used == 0) {
872 file_data->in_transfer_size = 0;
873 file_data->in_status = 0;
874 }
875 } else {
876 file_data->in_transfer_size = 0;
877 file_data->in_status = 0;
878 }
879
880 if (max_transfer_size == 0) {
881 bufcount = 0;
882 } else {
883 bufcount = roundup(max_transfer_size, bufsize) / bufsize;
884 if (bufcount > file_data->in_urbs_used)
885 bufcount -= file_data->in_urbs_used;
886 else
887 bufcount = 0;
888
889 if (bufcount + file_data->in_urbs_used > MAX_URBS_IN_FLIGHT) {
890 bufcount = MAX_URBS_IN_FLIGHT -
891 file_data->in_urbs_used;
892 }
893 }
894 spin_unlock_irq(&file_data->err_lock);
895
896 dev_dbg(dev, "%s: requested=%u flags=0x%X size=%u bufs=%d used=%d\n",
897 __func__, transfer_size, flags,
898 max_transfer_size, bufcount, file_data->in_urbs_used);
899
900 while (bufcount > 0) {
901 u8 *dmabuf = NULL;
902 struct urb *urb = usbtmc_create_urb();
903
904 if (!urb) {
905 retval = -ENOMEM;
906 goto error;
907 }
908
909 dmabuf = urb->transfer_buffer;
910
911 usb_fill_bulk_urb(urb, data->usb_dev,
912 usb_rcvbulkpipe(data->usb_dev, data->bulk_in),
913 dmabuf, bufsize,
914 usbtmc_read_bulk_cb, file_data);
915
916 usb_anchor_urb(urb, &file_data->submitted);
917 retval = usb_submit_urb(urb, GFP_KERNEL);
918 /* urb is anchored. We can release our reference. */
919 usb_free_urb(urb);
920 if (unlikely(retval)) {
921 usb_unanchor_urb(urb);
922 goto error;
923 }
924 file_data->in_urbs_used++;
925 bufcount--;
926 }
927
928 if (again) {
929 dev_dbg(dev, "%s: ret=again\n", __func__);
930 return -EAGAIN;
931 }
932
933 if (user_buffer == NULL)
934 return -EINVAL;
935
936 expire = msecs_to_jiffies(file_data->timeout);
937
938 while (max_transfer_size > 0) {
939 u32 this_part;
940 struct urb *urb = NULL;
941
942 if (!(flags & USBTMC_FLAG_ASYNC)) {
943 dev_dbg(dev, "%s: before wait time %lu\n",
944 __func__, expire);
945 retval = wait_event_interruptible_timeout(
946 file_data->wait_bulk_in,
947 usbtmc_do_transfer(file_data),
948 expire);
949
950 dev_dbg(dev, "%s: wait returned %d\n",
951 __func__, retval);
952
953 if (retval <= 0) {
954 if (retval == 0)
955 retval = -ETIMEDOUT;
956 goto error;
957 }
958 }
959
960 urb = usb_get_from_anchor(&file_data->in_anchor);
961 if (!urb) {
962 if (!(flags & USBTMC_FLAG_ASYNC)) {
963 /* synchronous case: must not happen */
964 retval = -EFAULT;
965 goto error;
966 }
967
968 /* asynchronous case: ready, do not block or wait */
969 *transferred = done;
970 dev_dbg(dev, "%s: (async) done=%u ret=0\n",
971 __func__, done);
972 return 0;
973 }
974
975 file_data->in_urbs_used--;
976
977 if (max_transfer_size > urb->actual_length)
978 max_transfer_size -= urb->actual_length;
979 else
980 max_transfer_size = 0;
981
982 if (remaining > urb->actual_length)
983 this_part = urb->actual_length;
984 else
985 this_part = remaining;
986
987 print_hex_dump_debug("usbtmc ", DUMP_PREFIX_NONE, 16, 1,
988 urb->transfer_buffer, urb->actual_length, true);
989
990 if (copy_to_user(user_buffer + done,
991 urb->transfer_buffer, this_part)) {
992 usb_free_urb(urb);
993 retval = -EFAULT;
994 goto error;
995 }
996
997 remaining -= this_part;
998 done += this_part;
999
1000 spin_lock_irq(&file_data->err_lock);
1001 if (urb->status) {
1002 /* return the very first error */
1003 retval = file_data->in_status;
1004 spin_unlock_irq(&file_data->err_lock);
1005 usb_free_urb(urb);
1006 goto error;
1007 }
1008 spin_unlock_irq(&file_data->err_lock);
1009
1010 if (urb->actual_length < bufsize) {
1011 /* short packet or ZLP received => ready */
1012 usb_free_urb(urb);
1013 retval = 1;
1014 break;
1015 }
1016
1017 if (!(flags & USBTMC_FLAG_ASYNC) &&
1018 max_transfer_size > (bufsize * file_data->in_urbs_used)) {
1019 /* resubmit, since other buffers still not enough */
1020 usb_anchor_urb(urb, &file_data->submitted);
1021 retval = usb_submit_urb(urb, GFP_KERNEL);
1022 if (unlikely(retval)) {
1023 usb_unanchor_urb(urb);
1024 usb_free_urb(urb);
1025 goto error;
1026 }
1027 file_data->in_urbs_used++;
1028 }
1029 usb_free_urb(urb);
1030 retval = 0;
1031 }
1032
1033error:
1034 *transferred = done;
1035
1036 dev_dbg(dev, "%s: before kill\n", __func__);
1037 /* Attention: killing urbs can take long time (2 ms) */
1038 usb_kill_anchored_urbs(&file_data->submitted);
1039 dev_dbg(dev, "%s: after kill\n", __func__);
1040 usb_scuttle_anchored_urbs(&file_data->in_anchor);
1041 file_data->in_urbs_used = 0;
1042 file_data->in_status = 0; /* no spinlock needed here */
1043 dev_dbg(dev, "%s: done=%u ret=%d\n", __func__, done, retval);
1044
1045 return retval;
1046}
1047
1048static ssize_t usbtmc_ioctl_generic_read(struct usbtmc_file_data *file_data,
1049 void __user *arg)
1050{
1051 struct usbtmc_message msg;
1052 ssize_t retval = 0;
1053
1054 /* mutex already locked */
1055
1056 if (copy_from_user(&msg, arg, sizeof(struct usbtmc_message)))
1057 return -EFAULT;
1058
1059 retval = usbtmc_generic_read(file_data, msg.message,
1060 msg.transfer_size, &msg.transferred,
1061 msg.flags);
1062
1063 if (put_user(msg.transferred,
1064 &((struct usbtmc_message __user *)arg)->transferred))
1065 return -EFAULT;
1066
1067 return retval;
1068}
1069
1070static void usbtmc_write_bulk_cb(struct urb *urb)
1071{
1072 struct usbtmc_file_data *file_data = urb->context;
1073 int wakeup = 0;
1074 unsigned long flags;
1075
1076 spin_lock_irqsave(&file_data->err_lock, flags);
1077 file_data->out_transfer_size += urb->actual_length;
1078
1079 /* sync/async unlink faults aren't errors */
1080 if (urb->status) {
1081 if (!(urb->status == -ENOENT ||
1082 urb->status == -ECONNRESET ||
1083 urb->status == -ESHUTDOWN))
1084 dev_err(&file_data->data->intf->dev,
1085 "%s - nonzero write bulk status received: %d\n",
1086 __func__, urb->status);
1087
1088 if (!file_data->out_status) {
1089 file_data->out_status = urb->status;
1090 wakeup = 1;
1091 }
1092 }
1093 spin_unlock_irqrestore(&file_data->err_lock, flags);
1094
1095 dev_dbg(&file_data->data->intf->dev,
1096 "%s - write bulk total size: %u\n",
1097 __func__, file_data->out_transfer_size);
1098
1099 up(&file_data->limit_write_sem);
1100 if (usb_anchor_empty(&file_data->submitted) || wakeup)
1101 wake_up_interruptible(&file_data->data->waitq);
1102}
1103
1104static ssize_t usbtmc_generic_write(struct usbtmc_file_data *file_data,
1105 const void __user *user_buffer,
1106 u32 transfer_size,
1107 u32 *transferred,
1108 u32 flags)
1109{
1110 struct usbtmc_device_data *data = file_data->data;
1111 struct device *dev;
1112 u32 done = 0;
1113 u32 remaining;
1114 unsigned long expire;
1115 const u32 bufsize = USBTMC_BUFSIZE;
1116 struct urb *urb = NULL;
1117 int retval = 0;
1118 u32 timeout;
1119
1120 *transferred = 0;
1121
1122 /* Get pointer to private data structure */
1123 dev = &data->intf->dev;
1124
1125 dev_dbg(dev, "%s: size=%u flags=0x%X sema=%u\n",
1126 __func__, transfer_size, flags,
1127 file_data->limit_write_sem.count);
1128
1129 if (flags & USBTMC_FLAG_APPEND) {
1130 spin_lock_irq(&file_data->err_lock);
1131 retval = file_data->out_status;
1132 spin_unlock_irq(&file_data->err_lock);
1133 if (retval < 0)
1134 return retval;
1135 } else {
1136 spin_lock_irq(&file_data->err_lock);
1137 file_data->out_transfer_size = 0;
1138 file_data->out_status = 0;
1139 spin_unlock_irq(&file_data->err_lock);
1140 }
1141
1142 remaining = transfer_size;
1143 if (remaining > INT_MAX)
1144 remaining = INT_MAX;
1145
1146 timeout = file_data->timeout;
1147 expire = msecs_to_jiffies(timeout);
1148
1149 while (remaining > 0) {
1150 u32 this_part, aligned;
1151 u8 *buffer = NULL;
1152
1153 if (flags & USBTMC_FLAG_ASYNC) {
1154 if (down_trylock(&file_data->limit_write_sem)) {
1155 retval = (done)?(0):(-EAGAIN);
1156 goto exit;
1157 }
1158 } else {
1159 retval = down_timeout(&file_data->limit_write_sem,
1160 expire);
1161 if (retval < 0) {
1162 retval = -ETIMEDOUT;
1163 goto error;
1164 }
1165 }
1166
1167 spin_lock_irq(&file_data->err_lock);
1168 retval = file_data->out_status;
1169 spin_unlock_irq(&file_data->err_lock);
1170 if (retval < 0) {
1171 up(&file_data->limit_write_sem);
1172 goto error;
1173 }
1174
1175 /* prepare next urb to send */
1176 urb = usbtmc_create_urb();
1177 if (!urb) {
1178 retval = -ENOMEM;
1179 up(&file_data->limit_write_sem);
1180 goto error;
1181 }
1182 buffer = urb->transfer_buffer;
1183
1184 if (remaining > bufsize)
1185 this_part = bufsize;
1186 else
1187 this_part = remaining;
1188
1189 if (copy_from_user(buffer, user_buffer + done, this_part)) {
1190 retval = -EFAULT;
1191 up(&file_data->limit_write_sem);
1192 goto error;
1193 }
1194
1195 print_hex_dump_debug("usbtmc ", DUMP_PREFIX_NONE,
1196 16, 1, buffer, this_part, true);
1197
1198 /* fill bulk with 32 bit alignment to meet USBTMC specification
1199 * (size + 3 & ~3) rounds up and simplifies user code
1200 */
1201 aligned = (this_part + 3) & ~3;
1202 dev_dbg(dev, "write(size:%u align:%u done:%u)\n",
1203 (unsigned int)this_part,
1204 (unsigned int)aligned,
1205 (unsigned int)done);
1206
1207 usb_fill_bulk_urb(urb, data->usb_dev,
1208 usb_sndbulkpipe(data->usb_dev, data->bulk_out),
1209 urb->transfer_buffer, aligned,
1210 usbtmc_write_bulk_cb, file_data);
1211
1212 usb_anchor_urb(urb, &file_data->submitted);
1213 retval = usb_submit_urb(urb, GFP_KERNEL);
1214 if (unlikely(retval)) {
1215 usb_unanchor_urb(urb);
1216 up(&file_data->limit_write_sem);
1217 goto error;
1218 }
1219
1220 usb_free_urb(urb);
1221 urb = NULL; /* urb will be finally released by usb driver */
1222
1223 remaining -= this_part;
1224 done += this_part;
1225 }
1226
1227 /* All urbs are on the fly */
1228 if (!(flags & USBTMC_FLAG_ASYNC)) {
1229 if (!usb_wait_anchor_empty_timeout(&file_data->submitted,
1230 timeout)) {
1231 retval = -ETIMEDOUT;
1232 goto error;
1233 }
1234 }
1235
1236 retval = 0;
1237 goto exit;
1238
1239error:
1240 usb_kill_anchored_urbs(&file_data->submitted);
1241exit:
1242 usb_free_urb(urb);
1243
1244 spin_lock_irq(&file_data->err_lock);
1245 if (!(flags & USBTMC_FLAG_ASYNC))
1246 done = file_data->out_transfer_size;
1247 if (!retval && file_data->out_status)
1248 retval = file_data->out_status;
1249 spin_unlock_irq(&file_data->err_lock);
1250
1251 *transferred = done;
1252
1253 dev_dbg(dev, "%s: done=%u, retval=%d, urbstat=%d\n",
1254 __func__, done, retval, file_data->out_status);
1255
1256 return retval;
1257}
1258
1259static ssize_t usbtmc_ioctl_generic_write(struct usbtmc_file_data *file_data,
1260 void __user *arg)
1261{
1262 struct usbtmc_message msg;
1263 ssize_t retval = 0;
1264
1265 /* mutex already locked */
1266
1267 if (copy_from_user(&msg, arg, sizeof(struct usbtmc_message)))
1268 return -EFAULT;
1269
1270 retval = usbtmc_generic_write(file_data, msg.message,
1271 msg.transfer_size, &msg.transferred,
1272 msg.flags);
1273
1274 if (put_user(msg.transferred,
1275 &((struct usbtmc_message __user *)arg)->transferred))
1276 return -EFAULT;
1277
1278 return retval;
1279}
1280
1281/*
1282 * Get the generic write result
1283 */
1284static ssize_t usbtmc_ioctl_write_result(struct usbtmc_file_data *file_data,
1285 void __user *arg)
1286{
1287 u32 transferred;
1288 int retval;
1289
1290 spin_lock_irq(&file_data->err_lock);
1291 transferred = file_data->out_transfer_size;
1292 retval = file_data->out_status;
1293 spin_unlock_irq(&file_data->err_lock);
1294
1295 if (put_user(transferred, (__u32 __user *)arg))
1296 return -EFAULT;
1297
1298 return retval;
1299}
1300
1301/*
1302 * Sends a REQUEST_DEV_DEP_MSG_IN message on the Bulk-OUT endpoint.
1303 * @transfer_size: number of bytes to request from the device.
1304 *
1305 * See the USBTMC specification, Table 4.
1306 *
1307 * Also updates bTag_last_write.
1308 */
1309static int send_request_dev_dep_msg_in(struct usbtmc_file_data *file_data,
1310 u32 transfer_size)
1311{
1312 struct usbtmc_device_data *data = file_data->data;
1313 int retval;
1314 u8 *buffer;
1315 int actual;
1316
1317 buffer = kmalloc(USBTMC_HEADER_SIZE, GFP_KERNEL);
1318 if (!buffer)
1319 return -ENOMEM;
1320 /* Setup IO buffer for REQUEST_DEV_DEP_MSG_IN message
1321 * Refer to class specs for details
1322 */
1323 buffer[0] = 2;
1324 buffer[1] = data->bTag;
1325 buffer[2] = ~data->bTag;
1326 buffer[3] = 0; /* Reserved */
1327 buffer[4] = transfer_size >> 0;
1328 buffer[5] = transfer_size >> 8;
1329 buffer[6] = transfer_size >> 16;
1330 buffer[7] = transfer_size >> 24;
1331 buffer[8] = file_data->term_char_enabled * 2;
1332 /* Use term character? */
1333 buffer[9] = file_data->term_char;
1334 buffer[10] = 0; /* Reserved */
1335 buffer[11] = 0; /* Reserved */
1336
1337 /* Send bulk URB */
1338 retval = usb_bulk_msg(data->usb_dev,
1339 usb_sndbulkpipe(data->usb_dev,
1340 data->bulk_out),
1341 buffer, USBTMC_HEADER_SIZE,
1342 &actual, file_data->timeout);
1343
1344 /* Store bTag (in case we need to abort) */
1345 data->bTag_last_write = data->bTag;
1346
1347 /* Increment bTag -- and increment again if zero */
1348 data->bTag++;
1349 if (!data->bTag)
1350 data->bTag++;
1351
1352 kfree(buffer);
1353 if (retval < 0)
1354 dev_err(&data->intf->dev, "%s returned %d\n",
1355 __func__, retval);
1356
1357 return retval;
1358}
1359
1360static ssize_t usbtmc_read(struct file *filp, char __user *buf,
1361 size_t count, loff_t *f_pos)
1362{
1363 struct usbtmc_file_data *file_data;
1364 struct usbtmc_device_data *data;
1365 struct device *dev;
1366 const u32 bufsize = USBTMC_BUFSIZE;
1367 u32 n_characters;
1368 u8 *buffer;
1369 int actual;
1370 u32 done = 0;
1371 u32 remaining;
1372 int retval;
1373
1374 /* Get pointer to private data structure */
1375 file_data = filp->private_data;
1376 data = file_data->data;
1377 dev = &data->intf->dev;
1378
1379 buffer = kmalloc(bufsize, GFP_KERNEL);
1380 if (!buffer)
1381 return -ENOMEM;
1382
1383 mutex_lock(&data->io_mutex);
1384 if (data->zombie) {
1385 retval = -ENODEV;
1386 goto exit;
1387 }
1388
1389 if (count > INT_MAX)
1390 count = INT_MAX;
1391
1392 dev_dbg(dev, "%s(count:%zu)\n", __func__, count);
1393
1394 retval = send_request_dev_dep_msg_in(file_data, count);
1395
1396 if (retval < 0) {
1397 if (file_data->auto_abort)
1398 usbtmc_ioctl_abort_bulk_out(data);
1399 goto exit;
1400 }
1401
1402 /* Loop until we have fetched everything we requested */
1403 remaining = count;
1404 actual = 0;
1405
1406 /* Send bulk URB */
1407 retval = usb_bulk_msg(data->usb_dev,
1408 usb_rcvbulkpipe(data->usb_dev,
1409 data->bulk_in),
1410 buffer, bufsize, &actual,
1411 file_data->timeout);
1412
1413 dev_dbg(dev, "%s: bulk_msg retval(%u), actual(%d)\n",
1414 __func__, retval, actual);
1415
1416 /* Store bTag (in case we need to abort) */
1417 data->bTag_last_read = data->bTag;
1418
1419 if (retval < 0) {
1420 if (file_data->auto_abort)
1421 usbtmc_ioctl_abort_bulk_in(data);
1422 goto exit;
1423 }
1424
1425 /* Sanity checks for the header */
1426 if (actual < USBTMC_HEADER_SIZE) {
1427 dev_err(dev, "Device sent too small first packet: %u < %u\n",
1428 actual, USBTMC_HEADER_SIZE);
1429 if (file_data->auto_abort)
1430 usbtmc_ioctl_abort_bulk_in(data);
1431 goto exit;
1432 }
1433
1434 if (buffer[0] != 2) {
1435 dev_err(dev, "Device sent reply with wrong MsgID: %u != 2\n",
1436 buffer[0]);
1437 if (file_data->auto_abort)
1438 usbtmc_ioctl_abort_bulk_in(data);
1439 goto exit;
1440 }
1441
1442 if (buffer[1] != data->bTag_last_write) {
1443 dev_err(dev, "Device sent reply with wrong bTag: %u != %u\n",
1444 buffer[1], data->bTag_last_write);
1445 if (file_data->auto_abort)
1446 usbtmc_ioctl_abort_bulk_in(data);
1447 goto exit;
1448 }
1449
1450 /* How many characters did the instrument send? */
1451 n_characters = buffer[4] +
1452 (buffer[5] << 8) +
1453 (buffer[6] << 16) +
1454 (buffer[7] << 24);
1455
1456 file_data->bmTransferAttributes = buffer[8];
1457
1458 dev_dbg(dev, "Bulk-IN header: N_characters(%u), bTransAttr(%u)\n",
1459 n_characters, buffer[8]);
1460
1461 if (n_characters > remaining) {
1462 dev_err(dev, "Device wants to return more data than requested: %u > %zu\n",
1463 n_characters, count);
1464 if (file_data->auto_abort)
1465 usbtmc_ioctl_abort_bulk_in(data);
1466 goto exit;
1467 }
1468
1469 print_hex_dump_debug("usbtmc ", DUMP_PREFIX_NONE,
1470 16, 1, buffer, actual, true);
1471
1472 remaining = n_characters;
1473
1474 /* Remove the USBTMC header */
1475 actual -= USBTMC_HEADER_SIZE;
1476
1477 /* Remove padding if it exists */
1478 if (actual > remaining)
1479 actual = remaining;
1480
1481 remaining -= actual;
1482
1483 /* Copy buffer to user space */
1484 if (copy_to_user(buf, &buffer[USBTMC_HEADER_SIZE], actual)) {
1485 /* There must have been an addressing problem */
1486 retval = -EFAULT;
1487 goto exit;
1488 }
1489
1490 if ((actual + USBTMC_HEADER_SIZE) == bufsize) {
1491 retval = usbtmc_generic_read(file_data, buf + actual,
1492 remaining,
1493 &done,
1494 USBTMC_FLAG_IGNORE_TRAILER);
1495 if (retval < 0)
1496 goto exit;
1497 }
1498 done += actual;
1499
1500 /* Update file position value */
1501 *f_pos = *f_pos + done;
1502 retval = done;
1503
1504exit:
1505 mutex_unlock(&data->io_mutex);
1506 kfree(buffer);
1507 return retval;
1508}
1509
1510static ssize_t usbtmc_write(struct file *filp, const char __user *buf,
1511 size_t count, loff_t *f_pos)
1512{
1513 struct usbtmc_file_data *file_data;
1514 struct usbtmc_device_data *data;
1515 struct urb *urb = NULL;
1516 ssize_t retval = 0;
1517 u8 *buffer;
1518 u32 remaining, done;
1519 u32 transfersize, aligned, buflen;
1520
1521 file_data = filp->private_data;
1522 data = file_data->data;
1523
1524 mutex_lock(&data->io_mutex);
1525
1526 if (data->zombie) {
1527 retval = -ENODEV;
1528 goto exit;
1529 }
1530
1531 done = 0;
1532
1533 spin_lock_irq(&file_data->err_lock);
1534 file_data->out_transfer_size = 0;
1535 file_data->out_status = 0;
1536 spin_unlock_irq(&file_data->err_lock);
1537
1538 if (!count)
1539 goto exit;
1540
1541 if (down_trylock(&file_data->limit_write_sem)) {
1542 /* previous calls were async */
1543 retval = -EBUSY;
1544 goto exit;
1545 }
1546
1547 urb = usbtmc_create_urb();
1548 if (!urb) {
1549 retval = -ENOMEM;
1550 up(&file_data->limit_write_sem);
1551 goto exit;
1552 }
1553
1554 buffer = urb->transfer_buffer;
1555 buflen = urb->transfer_buffer_length;
1556
1557 if (count > INT_MAX) {
1558 transfersize = INT_MAX;
1559 buffer[8] = 0;
1560 } else {
1561 transfersize = count;
1562 buffer[8] = file_data->eom_val;
1563 }
1564
1565 /* Setup IO buffer for DEV_DEP_MSG_OUT message */
1566 buffer[0] = 1;
1567 buffer[1] = data->bTag;
1568 buffer[2] = ~data->bTag;
1569 buffer[3] = 0; /* Reserved */
1570 buffer[4] = transfersize >> 0;
1571 buffer[5] = transfersize >> 8;
1572 buffer[6] = transfersize >> 16;
1573 buffer[7] = transfersize >> 24;
1574 /* buffer[8] is set above... */
1575 buffer[9] = 0; /* Reserved */
1576 buffer[10] = 0; /* Reserved */
1577 buffer[11] = 0; /* Reserved */
1578
1579 remaining = transfersize;
1580
1581 if (transfersize + USBTMC_HEADER_SIZE > buflen) {
1582 transfersize = buflen - USBTMC_HEADER_SIZE;
1583 aligned = buflen;
1584 } else {
1585 aligned = (transfersize + (USBTMC_HEADER_SIZE + 3)) & ~3;
1586 }
1587
1588 if (copy_from_user(&buffer[USBTMC_HEADER_SIZE], buf, transfersize)) {
1589 retval = -EFAULT;
1590 up(&file_data->limit_write_sem);
1591 goto exit;
1592 }
1593
1594 dev_dbg(&data->intf->dev, "%s(size:%u align:%u)\n", __func__,
1595 (unsigned int)transfersize, (unsigned int)aligned);
1596
1597 print_hex_dump_debug("usbtmc ", DUMP_PREFIX_NONE,
1598 16, 1, buffer, aligned, true);
1599
1600 usb_fill_bulk_urb(urb, data->usb_dev,
1601 usb_sndbulkpipe(data->usb_dev, data->bulk_out),
1602 urb->transfer_buffer, aligned,
1603 usbtmc_write_bulk_cb, file_data);
1604
1605 usb_anchor_urb(urb, &file_data->submitted);
1606 retval = usb_submit_urb(urb, GFP_KERNEL);
1607 if (unlikely(retval)) {
1608 usb_unanchor_urb(urb);
1609 up(&file_data->limit_write_sem);
1610 goto exit;
1611 }
1612
1613 remaining -= transfersize;
1614
1615 data->bTag_last_write = data->bTag;
1616 data->bTag++;
1617
1618 if (!data->bTag)
1619 data->bTag++;
1620
1621 /* call generic_write even when remaining = 0 */
1622 retval = usbtmc_generic_write(file_data, buf + transfersize, remaining,
1623 &done, USBTMC_FLAG_APPEND);
1624 /* truncate alignment bytes */
1625 if (done > remaining)
1626 done = remaining;
1627
1628 /*add size of first urb*/
1629 done += transfersize;
1630
1631 if (retval < 0) {
1632 usb_kill_anchored_urbs(&file_data->submitted);
1633
1634 dev_err(&data->intf->dev,
1635 "Unable to send data, error %d\n", (int)retval);
1636 if (file_data->auto_abort)
1637 usbtmc_ioctl_abort_bulk_out(data);
1638 goto exit;
1639 }
1640
1641 retval = done;
1642exit:
1643 usb_free_urb(urb);
1644 mutex_unlock(&data->io_mutex);
1645 return retval;
1646}
1647
1648static int usbtmc_ioctl_clear(struct usbtmc_device_data *data)
1649{
1650 struct device *dev;
1651 u8 *buffer;
1652 int rv;
1653 int n;
1654 int actual = 0;
1655
1656 dev = &data->intf->dev;
1657
1658 dev_dbg(dev, "Sending INITIATE_CLEAR request\n");
1659
1660 buffer = kmalloc(USBTMC_BUFSIZE, GFP_KERNEL);
1661 if (!buffer)
1662 return -ENOMEM;
1663
1664 rv = usb_control_msg(data->usb_dev,
1665 usb_rcvctrlpipe(data->usb_dev, 0),
1666 USBTMC_REQUEST_INITIATE_CLEAR,
1667 USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_INTERFACE,
1668 0, 0, buffer, 1, USB_CTRL_GET_TIMEOUT);
1669 if (rv < 0) {
1670 dev_err(dev, "usb_control_msg returned %d\n", rv);
1671 goto exit;
1672 }
1673
1674 dev_dbg(dev, "INITIATE_CLEAR returned %x\n", buffer[0]);
1675
1676 if (buffer[0] != USBTMC_STATUS_SUCCESS) {
1677 dev_err(dev, "INITIATE_CLEAR returned %x\n", buffer[0]);
1678 rv = -EPERM;
1679 goto exit;
1680 }
1681
1682 n = 0;
1683
1684usbtmc_clear_check_status:
1685
1686 dev_dbg(dev, "Sending CHECK_CLEAR_STATUS request\n");
1687
1688 rv = usb_control_msg(data->usb_dev,
1689 usb_rcvctrlpipe(data->usb_dev, 0),
1690 USBTMC_REQUEST_CHECK_CLEAR_STATUS,
1691 USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_INTERFACE,
1692 0, 0, buffer, 2, USB_CTRL_GET_TIMEOUT);
1693 if (rv < 0) {
1694 dev_err(dev, "usb_control_msg returned %d\n", rv);
1695 goto exit;
1696 }
1697
1698 dev_dbg(dev, "CHECK_CLEAR_STATUS returned %x\n", buffer[0]);
1699
1700 if (buffer[0] == USBTMC_STATUS_SUCCESS)
1701 goto usbtmc_clear_bulk_out_halt;
1702
1703 if (buffer[0] != USBTMC_STATUS_PENDING) {
1704 dev_err(dev, "CHECK_CLEAR_STATUS returned %x\n", buffer[0]);
1705 rv = -EPERM;
1706 goto exit;
1707 }
1708
1709 if ((buffer[1] & 1) != 0) {
1710 do {
1711 dev_dbg(dev, "Reading from bulk in EP\n");
1712
1713 actual = 0;
1714 rv = usb_bulk_msg(data->usb_dev,
1715 usb_rcvbulkpipe(data->usb_dev,
1716 data->bulk_in),
1717 buffer, USBTMC_BUFSIZE,
1718 &actual, USB_CTRL_GET_TIMEOUT);
1719
1720 print_hex_dump_debug("usbtmc ", DUMP_PREFIX_NONE,
1721 16, 1, buffer, actual, true);
1722
1723 n++;
1724
1725 if (rv < 0) {
1726 dev_err(dev, "usb_control_msg returned %d\n",
1727 rv);
1728 goto exit;
1729 }
1730 } while ((actual == USBTMC_BUFSIZE) &&
1731 (n < USBTMC_MAX_READS_TO_CLEAR_BULK_IN));
1732 } else {
1733 /* do not stress device with subsequent requests */
1734 msleep(50);
1735 n++;
1736 }
1737
1738 if (n >= USBTMC_MAX_READS_TO_CLEAR_BULK_IN) {
1739 dev_err(dev, "Couldn't clear device buffer within %d cycles\n",
1740 USBTMC_MAX_READS_TO_CLEAR_BULK_IN);
1741 rv = -EPERM;
1742 goto exit;
1743 }
1744
1745 goto usbtmc_clear_check_status;
1746
1747usbtmc_clear_bulk_out_halt:
1748
1749 rv = usb_clear_halt(data->usb_dev,
1750 usb_sndbulkpipe(data->usb_dev, data->bulk_out));
1751 if (rv < 0) {
1752 dev_err(dev, "usb_clear_halt returned %d\n", rv);
1753 goto exit;
1754 }
1755 rv = 0;
1756
1757exit:
1758 kfree(buffer);
1759 return rv;
1760}
1761
1762static int usbtmc_ioctl_clear_out_halt(struct usbtmc_device_data *data)
1763{
1764 int rv;
1765
1766 rv = usb_clear_halt(data->usb_dev,
1767 usb_sndbulkpipe(data->usb_dev, data->bulk_out));
1768
1769 if (rv < 0)
1770 dev_err(&data->usb_dev->dev, "%s returned %d\n", __func__, rv);
1771 return rv;
1772}
1773
1774static int usbtmc_ioctl_clear_in_halt(struct usbtmc_device_data *data)
1775{
1776 int rv;
1777
1778 rv = usb_clear_halt(data->usb_dev,
1779 usb_rcvbulkpipe(data->usb_dev, data->bulk_in));
1780
1781 if (rv < 0)
1782 dev_err(&data->usb_dev->dev, "%s returned %d\n", __func__, rv);
1783 return rv;
1784}
1785
1786static int usbtmc_ioctl_cancel_io(struct usbtmc_file_data *file_data)
1787{
1788 spin_lock_irq(&file_data->err_lock);
1789 file_data->in_status = -ECANCELED;
1790 file_data->out_status = -ECANCELED;
1791 spin_unlock_irq(&file_data->err_lock);
1792 usb_kill_anchored_urbs(&file_data->submitted);
1793 return 0;
1794}
1795
1796static int usbtmc_ioctl_cleanup_io(struct usbtmc_file_data *file_data)
1797{
1798 usb_kill_anchored_urbs(&file_data->submitted);
1799 usb_scuttle_anchored_urbs(&file_data->in_anchor);
1800 spin_lock_irq(&file_data->err_lock);
1801 file_data->in_status = 0;
1802 file_data->in_transfer_size = 0;
1803 file_data->out_status = 0;
1804 file_data->out_transfer_size = 0;
1805 spin_unlock_irq(&file_data->err_lock);
1806
1807 file_data->in_urbs_used = 0;
1808 return 0;
1809}
1810
1811static int get_capabilities(struct usbtmc_device_data *data)
1812{
1813 struct device *dev = &data->usb_dev->dev;
1814 char *buffer;
1815 int rv = 0;
1816
1817 buffer = kmalloc(0x18, GFP_KERNEL);
1818 if (!buffer)
1819 return -ENOMEM;
1820
1821 rv = usb_control_msg(data->usb_dev, usb_rcvctrlpipe(data->usb_dev, 0),
1822 USBTMC_REQUEST_GET_CAPABILITIES,
1823 USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_INTERFACE,
1824 0, 0, buffer, 0x18, USB_CTRL_GET_TIMEOUT);
1825 if (rv < 0) {
1826 dev_err(dev, "usb_control_msg returned %d\n", rv);
1827 goto err_out;
1828 }
1829
1830 dev_dbg(dev, "GET_CAPABILITIES returned %x\n", buffer[0]);
1831 if (buffer[0] != USBTMC_STATUS_SUCCESS) {
1832 dev_err(dev, "GET_CAPABILITIES returned %x\n", buffer[0]);
1833 rv = -EPERM;
1834 goto err_out;
1835 }
1836 dev_dbg(dev, "Interface capabilities are %x\n", buffer[4]);
1837 dev_dbg(dev, "Device capabilities are %x\n", buffer[5]);
1838 dev_dbg(dev, "USB488 interface capabilities are %x\n", buffer[14]);
1839 dev_dbg(dev, "USB488 device capabilities are %x\n", buffer[15]);
1840
1841 data->capabilities.interface_capabilities = buffer[4];
1842 data->capabilities.device_capabilities = buffer[5];
1843 data->capabilities.usb488_interface_capabilities = buffer[14];
1844 data->capabilities.usb488_device_capabilities = buffer[15];
1845 data->usb488_caps = (buffer[14] & 0x07) | ((buffer[15] & 0x0f) << 4);
1846 rv = 0;
1847
1848err_out:
1849 kfree(buffer);
1850 return rv;
1851}
1852
1853#define capability_attribute(name) \
1854static ssize_t name##_show(struct device *dev, \
1855 struct device_attribute *attr, char *buf) \
1856{ \
1857 struct usb_interface *intf = to_usb_interface(dev); \
1858 struct usbtmc_device_data *data = usb_get_intfdata(intf); \
1859 \
1860 return sprintf(buf, "%d\n", data->capabilities.name); \
1861} \
1862static DEVICE_ATTR_RO(name)
1863
1864capability_attribute(interface_capabilities);
1865capability_attribute(device_capabilities);
1866capability_attribute(usb488_interface_capabilities);
1867capability_attribute(usb488_device_capabilities);
1868
1869static struct attribute *usbtmc_attrs[] = {
1870 &dev_attr_interface_capabilities.attr,
1871 &dev_attr_device_capabilities.attr,
1872 &dev_attr_usb488_interface_capabilities.attr,
1873 &dev_attr_usb488_device_capabilities.attr,
1874 NULL,
1875};
1876ATTRIBUTE_GROUPS(usbtmc);
1877
1878static int usbtmc_ioctl_indicator_pulse(struct usbtmc_device_data *data)
1879{
1880 struct device *dev;
1881 u8 *buffer;
1882 int rv;
1883
1884 dev = &data->intf->dev;
1885
1886 buffer = kmalloc(2, GFP_KERNEL);
1887 if (!buffer)
1888 return -ENOMEM;
1889
1890 rv = usb_control_msg(data->usb_dev,
1891 usb_rcvctrlpipe(data->usb_dev, 0),
1892 USBTMC_REQUEST_INDICATOR_PULSE,
1893 USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_INTERFACE,
1894 0, 0, buffer, 0x01, USB_CTRL_GET_TIMEOUT);
1895
1896 if (rv < 0) {
1897 dev_err(dev, "usb_control_msg returned %d\n", rv);
1898 goto exit;
1899 }
1900
1901 dev_dbg(dev, "INDICATOR_PULSE returned %x\n", buffer[0]);
1902
1903 if (buffer[0] != USBTMC_STATUS_SUCCESS) {
1904 dev_err(dev, "INDICATOR_PULSE returned %x\n", buffer[0]);
1905 rv = -EPERM;
1906 goto exit;
1907 }
1908 rv = 0;
1909
1910exit:
1911 kfree(buffer);
1912 return rv;
1913}
1914
1915static int usbtmc_ioctl_request(struct usbtmc_device_data *data,
1916 void __user *arg)
1917{
1918 struct device *dev = &data->intf->dev;
1919 struct usbtmc_ctrlrequest request;
1920 u8 *buffer = NULL;
1921 int rv;
1922 unsigned int is_in, pipe;
1923 unsigned long res;
1924
1925 res = copy_from_user(&request, arg, sizeof(struct usbtmc_ctrlrequest));
1926 if (res)
1927 return -EFAULT;
1928
1929 if (request.req.wLength > USBTMC_BUFSIZE)
1930 return -EMSGSIZE;
1931 if (request.req.wLength == 0) /* Length-0 requests are never IN */
1932 request.req.bRequestType &= ~USB_DIR_IN;
1933
1934 is_in = request.req.bRequestType & USB_DIR_IN;
1935
1936 if (request.req.wLength) {
1937 buffer = kmalloc(request.req.wLength, GFP_KERNEL);
1938 if (!buffer)
1939 return -ENOMEM;
1940
1941 if (!is_in) {
1942 /* Send control data to device */
1943 res = copy_from_user(buffer, request.data,
1944 request.req.wLength);
1945 if (res) {
1946 rv = -EFAULT;
1947 goto exit;
1948 }
1949 }
1950 }
1951
1952 if (is_in)
1953 pipe = usb_rcvctrlpipe(data->usb_dev, 0);
1954 else
1955 pipe = usb_sndctrlpipe(data->usb_dev, 0);
1956 rv = usb_control_msg(data->usb_dev,
1957 pipe,
1958 request.req.bRequest,
1959 request.req.bRequestType,
1960 request.req.wValue,
1961 request.req.wIndex,
1962 buffer, request.req.wLength, USB_CTRL_GET_TIMEOUT);
1963
1964 if (rv < 0) {
1965 dev_err(dev, "%s failed %d\n", __func__, rv);
1966 goto exit;
1967 }
1968
1969 if (rv && is_in) {
1970 /* Read control data from device */
1971 res = copy_to_user(request.data, buffer, rv);
1972 if (res)
1973 rv = -EFAULT;
1974 }
1975
1976 exit:
1977 kfree(buffer);
1978 return rv;
1979}
1980
1981/*
1982 * Get the usb timeout value
1983 */
1984static int usbtmc_ioctl_get_timeout(struct usbtmc_file_data *file_data,
1985 void __user *arg)
1986{
1987 u32 timeout;
1988
1989 timeout = file_data->timeout;
1990
1991 return put_user(timeout, (__u32 __user *)arg);
1992}
1993
1994/*
1995 * Set the usb timeout value
1996 */
1997static int usbtmc_ioctl_set_timeout(struct usbtmc_file_data *file_data,
1998 void __user *arg)
1999{
2000 u32 timeout;
2001
2002 if (get_user(timeout, (__u32 __user *)arg))
2003 return -EFAULT;
2004
2005 /* Note that timeout = 0 means
2006 * MAX_SCHEDULE_TIMEOUT in usb_control_msg
2007 */
2008 if (timeout < USBTMC_MIN_TIMEOUT)
2009 return -EINVAL;
2010
2011 file_data->timeout = timeout;
2012
2013 return 0;
2014}
2015
2016/*
2017 * enables/disables sending EOM on write
2018 */
2019static int usbtmc_ioctl_eom_enable(struct usbtmc_file_data *file_data,
2020 void __user *arg)
2021{
2022 u8 eom_enable;
2023
2024 if (copy_from_user(&eom_enable, arg, sizeof(eom_enable)))
2025 return -EFAULT;
2026
2027 if (eom_enable > 1)
2028 return -EINVAL;
2029
2030 file_data->eom_val = eom_enable;
2031
2032 return 0;
2033}
2034
2035/*
2036 * Configure termination character for read()
2037 */
2038static int usbtmc_ioctl_config_termc(struct usbtmc_file_data *file_data,
2039 void __user *arg)
2040{
2041 struct usbtmc_termchar termc;
2042
2043 if (copy_from_user(&termc, arg, sizeof(termc)))
2044 return -EFAULT;
2045
2046 if ((termc.term_char_enabled > 1) ||
2047 (termc.term_char_enabled &&
2048 !(file_data->data->capabilities.device_capabilities & 1)))
2049 return -EINVAL;
2050
2051 file_data->term_char = termc.term_char;
2052 file_data->term_char_enabled = termc.term_char_enabled;
2053
2054 return 0;
2055}
2056
2057static long usbtmc_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
2058{
2059 struct usbtmc_file_data *file_data;
2060 struct usbtmc_device_data *data;
2061 int retval = -EBADRQC;
2062 __u8 tmp_byte;
2063
2064 file_data = file->private_data;
2065 data = file_data->data;
2066
2067 mutex_lock(&data->io_mutex);
2068 if (data->zombie) {
2069 retval = -ENODEV;
2070 goto skip_io_on_zombie;
2071 }
2072
2073 switch (cmd) {
2074 case USBTMC_IOCTL_CLEAR_OUT_HALT:
2075 retval = usbtmc_ioctl_clear_out_halt(data);
2076 break;
2077
2078 case USBTMC_IOCTL_CLEAR_IN_HALT:
2079 retval = usbtmc_ioctl_clear_in_halt(data);
2080 break;
2081
2082 case USBTMC_IOCTL_INDICATOR_PULSE:
2083 retval = usbtmc_ioctl_indicator_pulse(data);
2084 break;
2085
2086 case USBTMC_IOCTL_CLEAR:
2087 retval = usbtmc_ioctl_clear(data);
2088 break;
2089
2090 case USBTMC_IOCTL_ABORT_BULK_OUT:
2091 retval = usbtmc_ioctl_abort_bulk_out(data);
2092 break;
2093
2094 case USBTMC_IOCTL_ABORT_BULK_IN:
2095 retval = usbtmc_ioctl_abort_bulk_in(data);
2096 break;
2097
2098 case USBTMC_IOCTL_CTRL_REQUEST:
2099 retval = usbtmc_ioctl_request(data, (void __user *)arg);
2100 break;
2101
2102 case USBTMC_IOCTL_GET_TIMEOUT:
2103 retval = usbtmc_ioctl_get_timeout(file_data,
2104 (void __user *)arg);
2105 break;
2106
2107 case USBTMC_IOCTL_SET_TIMEOUT:
2108 retval = usbtmc_ioctl_set_timeout(file_data,
2109 (void __user *)arg);
2110 break;
2111
2112 case USBTMC_IOCTL_EOM_ENABLE:
2113 retval = usbtmc_ioctl_eom_enable(file_data,
2114 (void __user *)arg);
2115 break;
2116
2117 case USBTMC_IOCTL_CONFIG_TERMCHAR:
2118 retval = usbtmc_ioctl_config_termc(file_data,
2119 (void __user *)arg);
2120 break;
2121
2122 case USBTMC_IOCTL_WRITE:
2123 retval = usbtmc_ioctl_generic_write(file_data,
2124 (void __user *)arg);
2125 break;
2126
2127 case USBTMC_IOCTL_READ:
2128 retval = usbtmc_ioctl_generic_read(file_data,
2129 (void __user *)arg);
2130 break;
2131
2132 case USBTMC_IOCTL_WRITE_RESULT:
2133 retval = usbtmc_ioctl_write_result(file_data,
2134 (void __user *)arg);
2135 break;
2136
2137 case USBTMC_IOCTL_API_VERSION:
2138 retval = put_user(USBTMC_API_VERSION,
2139 (__u32 __user *)arg);
2140 break;
2141
2142 case USBTMC488_IOCTL_GET_CAPS:
2143 retval = put_user(data->usb488_caps,
2144 (unsigned char __user *)arg);
2145 break;
2146
2147 case USBTMC488_IOCTL_READ_STB:
2148 retval = usbtmc488_ioctl_read_stb(file_data,
2149 (void __user *)arg);
2150 break;
2151
2152 case USBTMC488_IOCTL_REN_CONTROL:
2153 retval = usbtmc488_ioctl_simple(data, (void __user *)arg,
2154 USBTMC488_REQUEST_REN_CONTROL);
2155 break;
2156
2157 case USBTMC488_IOCTL_GOTO_LOCAL:
2158 retval = usbtmc488_ioctl_simple(data, (void __user *)arg,
2159 USBTMC488_REQUEST_GOTO_LOCAL);
2160 break;
2161
2162 case USBTMC488_IOCTL_LOCAL_LOCKOUT:
2163 retval = usbtmc488_ioctl_simple(data, (void __user *)arg,
2164 USBTMC488_REQUEST_LOCAL_LOCKOUT);
2165 break;
2166
2167 case USBTMC488_IOCTL_TRIGGER:
2168 retval = usbtmc488_ioctl_trigger(file_data);
2169 break;
2170
2171 case USBTMC488_IOCTL_WAIT_SRQ:
2172 retval = usbtmc488_ioctl_wait_srq(file_data,
2173 (__u32 __user *)arg);
2174 break;
2175
2176 case USBTMC_IOCTL_MSG_IN_ATTR:
2177 retval = put_user(file_data->bmTransferAttributes,
2178 (__u8 __user *)arg);
2179 break;
2180
2181 case USBTMC_IOCTL_AUTO_ABORT:
2182 retval = get_user(tmp_byte, (unsigned char __user *)arg);
2183 if (retval == 0)
2184 file_data->auto_abort = !!tmp_byte;
2185 break;
2186
2187 case USBTMC_IOCTL_GET_STB:
2188 retval = usbtmc_get_stb(file_data, &tmp_byte);
2189 if (retval > 0)
2190 retval = put_user(tmp_byte, (__u8 __user *)arg);
2191 break;
2192
2193 case USBTMC_IOCTL_GET_SRQ_STB:
2194 retval = usbtmc_ioctl_get_srq_stb(file_data,
2195 (void __user *)arg);
2196 break;
2197
2198 case USBTMC_IOCTL_CANCEL_IO:
2199 retval = usbtmc_ioctl_cancel_io(file_data);
2200 break;
2201
2202 case USBTMC_IOCTL_CLEANUP_IO:
2203 retval = usbtmc_ioctl_cleanup_io(file_data);
2204 break;
2205 }
2206
2207skip_io_on_zombie:
2208 mutex_unlock(&data->io_mutex);
2209 return retval;
2210}
2211
2212static int usbtmc_fasync(int fd, struct file *file, int on)
2213{
2214 struct usbtmc_file_data *file_data = file->private_data;
2215
2216 return fasync_helper(fd, file, on, &file_data->data->fasync);
2217}
2218
2219static __poll_t usbtmc_poll(struct file *file, poll_table *wait)
2220{
2221 struct usbtmc_file_data *file_data = file->private_data;
2222 struct usbtmc_device_data *data = file_data->data;
2223 __poll_t mask;
2224
2225 mutex_lock(&data->io_mutex);
2226
2227 if (data->zombie) {
2228 mask = EPOLLHUP | EPOLLERR;
2229 goto no_poll;
2230 }
2231
2232 poll_wait(file, &data->waitq, wait);
2233
2234 /* Note that EPOLLPRI is now assigned to SRQ, and
2235 * EPOLLIN|EPOLLRDNORM to normal read data.
2236 */
2237 mask = 0;
2238 if (atomic_read(&file_data->srq_asserted))
2239 mask |= EPOLLPRI;
2240
2241 /* Note that the anchor submitted includes all urbs for BULK IN
2242 * and OUT. So EPOLLOUT is signaled when BULK OUT is empty and
2243 * all BULK IN urbs are completed and moved to in_anchor.
2244 */
2245 if (usb_anchor_empty(&file_data->submitted))
2246 mask |= (EPOLLOUT | EPOLLWRNORM);
2247 if (!usb_anchor_empty(&file_data->in_anchor))
2248 mask |= (EPOLLIN | EPOLLRDNORM);
2249
2250 spin_lock_irq(&file_data->err_lock);
2251 if (file_data->in_status || file_data->out_status)
2252 mask |= EPOLLERR;
2253 spin_unlock_irq(&file_data->err_lock);
2254
2255 dev_dbg(&data->intf->dev, "poll mask = %x\n", mask);
2256
2257no_poll:
2258 mutex_unlock(&data->io_mutex);
2259 return mask;
2260}
2261
2262static const struct file_operations fops = {
2263 .owner = THIS_MODULE,
2264 .read = usbtmc_read,
2265 .write = usbtmc_write,
2266 .open = usbtmc_open,
2267 .release = usbtmc_release,
2268 .flush = usbtmc_flush,
2269 .unlocked_ioctl = usbtmc_ioctl,
2270 .compat_ioctl = compat_ptr_ioctl,
2271 .fasync = usbtmc_fasync,
2272 .poll = usbtmc_poll,
2273 .llseek = default_llseek,
2274};
2275
2276static struct usb_class_driver usbtmc_class = {
2277 .name = "usbtmc%d",
2278 .fops = &fops,
2279 .minor_base = USBTMC_MINOR_BASE,
2280};
2281
2282static void usbtmc_interrupt(struct urb *urb)
2283{
2284 struct usbtmc_device_data *data = urb->context;
2285 struct device *dev = &data->intf->dev;
2286 int status = urb->status;
2287 int rv;
2288
2289 dev_dbg(&data->intf->dev, "int status: %d len %d\n",
2290 status, urb->actual_length);
2291
2292 switch (status) {
2293 case 0: /* SUCCESS */
2294 /* check for valid STB notification */
2295 if (data->iin_buffer[0] > 0x81) {
2296 data->bNotify1 = data->iin_buffer[0];
2297 data->bNotify2 = data->iin_buffer[1];
2298 atomic_set(&data->iin_data_valid, 1);
2299 wake_up_interruptible(&data->waitq);
2300 goto exit;
2301 }
2302 /* check for SRQ notification */
2303 if (data->iin_buffer[0] == 0x81) {
2304 unsigned long flags;
2305 struct list_head *elem;
2306
2307 if (data->fasync)
2308 kill_fasync(&data->fasync,
2309 SIGIO, POLL_PRI);
2310
2311 spin_lock_irqsave(&data->dev_lock, flags);
2312 list_for_each(elem, &data->file_list) {
2313 struct usbtmc_file_data *file_data;
2314
2315 file_data = list_entry(elem,
2316 struct usbtmc_file_data,
2317 file_elem);
2318 file_data->srq_byte = data->iin_buffer[1];
2319 atomic_set(&file_data->srq_asserted, 1);
2320 }
2321 spin_unlock_irqrestore(&data->dev_lock, flags);
2322
2323 dev_dbg(dev, "srq received bTag %x stb %x\n",
2324 (unsigned int)data->iin_buffer[0],
2325 (unsigned int)data->iin_buffer[1]);
2326 wake_up_interruptible_all(&data->waitq);
2327 goto exit;
2328 }
2329 dev_warn(dev, "invalid notification: %x\n",
2330 data->iin_buffer[0]);
2331 break;
2332 case -EOVERFLOW:
2333 dev_err(dev, "overflow with length %d, actual length is %d\n",
2334 data->iin_wMaxPacketSize, urb->actual_length);
2335 fallthrough;
2336 default:
2337 /* urb terminated, clean up */
2338 dev_dbg(dev, "urb terminated, status: %d\n", status);
2339 return;
2340 }
2341exit:
2342 rv = usb_submit_urb(urb, GFP_ATOMIC);
2343 if (rv)
2344 dev_err(dev, "usb_submit_urb failed: %d\n", rv);
2345}
2346
2347static void usbtmc_free_int(struct usbtmc_device_data *data)
2348{
2349 if (!data->iin_ep_present || !data->iin_urb)
2350 return;
2351 usb_kill_urb(data->iin_urb);
2352 kfree(data->iin_buffer);
2353 data->iin_buffer = NULL;
2354 usb_free_urb(data->iin_urb);
2355 data->iin_urb = NULL;
2356 kref_put(&data->kref, usbtmc_delete);
2357}
2358
2359static int usbtmc_probe(struct usb_interface *intf,
2360 const struct usb_device_id *id)
2361{
2362 struct usbtmc_device_data *data;
2363 struct usb_host_interface *iface_desc;
2364 struct usb_endpoint_descriptor *bulk_in, *bulk_out, *int_in;
2365 int retcode;
2366
2367 dev_dbg(&intf->dev, "%s called\n", __func__);
2368
2369 data = kzalloc(sizeof(*data), GFP_KERNEL);
2370 if (!data)
2371 return -ENOMEM;
2372
2373 data->intf = intf;
2374 data->id = id;
2375 data->usb_dev = usb_get_dev(interface_to_usbdev(intf));
2376 usb_set_intfdata(intf, data);
2377 kref_init(&data->kref);
2378 mutex_init(&data->io_mutex);
2379 init_waitqueue_head(&data->waitq);
2380 atomic_set(&data->iin_data_valid, 0);
2381 INIT_LIST_HEAD(&data->file_list);
2382 spin_lock_init(&data->dev_lock);
2383
2384 data->zombie = 0;
2385
2386 /* Initialize USBTMC bTag and other fields */
2387 data->bTag = 1;
2388 /* 2 <= bTag <= 127 USBTMC-USB488 subclass specification 4.3.1 */
2389 data->iin_bTag = 2;
2390
2391 /* USBTMC devices have only one setting, so use that */
2392 iface_desc = data->intf->cur_altsetting;
2393 data->ifnum = iface_desc->desc.bInterfaceNumber;
2394
2395 /* Find bulk endpoints */
2396 retcode = usb_find_common_endpoints(iface_desc,
2397 &bulk_in, &bulk_out, NULL, NULL);
2398 if (retcode) {
2399 dev_err(&intf->dev, "bulk endpoints not found\n");
2400 goto err_put;
2401 }
2402
2403 retcode = -EINVAL;
2404 data->bulk_in = bulk_in->bEndpointAddress;
2405 data->wMaxPacketSize = usb_endpoint_maxp(bulk_in);
2406 if (!data->wMaxPacketSize)
2407 goto err_put;
2408 dev_dbg(&intf->dev, "Found bulk in endpoint at %u\n", data->bulk_in);
2409
2410 data->bulk_out = bulk_out->bEndpointAddress;
2411 dev_dbg(&intf->dev, "Found Bulk out endpoint at %u\n", data->bulk_out);
2412
2413 /* Find int endpoint */
2414 retcode = usb_find_int_in_endpoint(iface_desc, &int_in);
2415 if (!retcode) {
2416 data->iin_ep_present = 1;
2417 data->iin_ep = int_in->bEndpointAddress;
2418 data->iin_wMaxPacketSize = usb_endpoint_maxp(int_in);
2419 data->iin_interval = int_in->bInterval;
2420 dev_dbg(&intf->dev, "Found Int in endpoint at %u\n",
2421 data->iin_ep);
2422 }
2423
2424 retcode = get_capabilities(data);
2425 if (retcode)
2426 dev_err(&intf->dev, "can't read capabilities\n");
2427
2428 if (data->iin_ep_present) {
2429 /* allocate int urb */
2430 data->iin_urb = usb_alloc_urb(0, GFP_KERNEL);
2431 if (!data->iin_urb) {
2432 retcode = -ENOMEM;
2433 goto error_register;
2434 }
2435
2436 /* Protect interrupt in endpoint data until iin_urb is freed */
2437 kref_get(&data->kref);
2438
2439 /* allocate buffer for interrupt in */
2440 data->iin_buffer = kmalloc(data->iin_wMaxPacketSize,
2441 GFP_KERNEL);
2442 if (!data->iin_buffer) {
2443 retcode = -ENOMEM;
2444 goto error_register;
2445 }
2446
2447 /* fill interrupt urb */
2448 usb_fill_int_urb(data->iin_urb, data->usb_dev,
2449 usb_rcvintpipe(data->usb_dev, data->iin_ep),
2450 data->iin_buffer, data->iin_wMaxPacketSize,
2451 usbtmc_interrupt,
2452 data, data->iin_interval);
2453
2454 retcode = usb_submit_urb(data->iin_urb, GFP_KERNEL);
2455 if (retcode) {
2456 dev_err(&intf->dev, "Failed to submit iin_urb\n");
2457 goto error_register;
2458 }
2459 }
2460
2461 retcode = usb_register_dev(intf, &usbtmc_class);
2462 if (retcode) {
2463 dev_err(&intf->dev, "Not able to get a minor (base %u, slice default): %d\n",
2464 USBTMC_MINOR_BASE,
2465 retcode);
2466 goto error_register;
2467 }
2468 dev_dbg(&intf->dev, "Using minor number %d\n", intf->minor);
2469
2470 return 0;
2471
2472error_register:
2473 usbtmc_free_int(data);
2474err_put:
2475 kref_put(&data->kref, usbtmc_delete);
2476 return retcode;
2477}
2478
2479static void usbtmc_disconnect(struct usb_interface *intf)
2480{
2481 struct usbtmc_device_data *data = usb_get_intfdata(intf);
2482 struct list_head *elem;
2483
2484 usb_deregister_dev(intf, &usbtmc_class);
2485 mutex_lock(&data->io_mutex);
2486 data->zombie = 1;
2487 wake_up_interruptible_all(&data->waitq);
2488 list_for_each(elem, &data->file_list) {
2489 struct usbtmc_file_data *file_data;
2490
2491 file_data = list_entry(elem,
2492 struct usbtmc_file_data,
2493 file_elem);
2494 usb_kill_anchored_urbs(&file_data->submitted);
2495 usb_scuttle_anchored_urbs(&file_data->in_anchor);
2496 }
2497 mutex_unlock(&data->io_mutex);
2498 usbtmc_free_int(data);
2499 kref_put(&data->kref, usbtmc_delete);
2500}
2501
2502static void usbtmc_draw_down(struct usbtmc_file_data *file_data)
2503{
2504 int time;
2505
2506 time = usb_wait_anchor_empty_timeout(&file_data->submitted, 1000);
2507 if (!time)
2508 usb_kill_anchored_urbs(&file_data->submitted);
2509 usb_scuttle_anchored_urbs(&file_data->in_anchor);
2510}
2511
2512static int usbtmc_suspend(struct usb_interface *intf, pm_message_t message)
2513{
2514 struct usbtmc_device_data *data = usb_get_intfdata(intf);
2515 struct list_head *elem;
2516
2517 if (!data)
2518 return 0;
2519
2520 mutex_lock(&data->io_mutex);
2521 list_for_each(elem, &data->file_list) {
2522 struct usbtmc_file_data *file_data;
2523
2524 file_data = list_entry(elem,
2525 struct usbtmc_file_data,
2526 file_elem);
2527 usbtmc_draw_down(file_data);
2528 }
2529
2530 if (data->iin_ep_present && data->iin_urb)
2531 usb_kill_urb(data->iin_urb);
2532
2533 mutex_unlock(&data->io_mutex);
2534 return 0;
2535}
2536
2537static int usbtmc_resume(struct usb_interface *intf)
2538{
2539 struct usbtmc_device_data *data = usb_get_intfdata(intf);
2540 int retcode = 0;
2541
2542 if (data->iin_ep_present && data->iin_urb)
2543 retcode = usb_submit_urb(data->iin_urb, GFP_KERNEL);
2544 if (retcode)
2545 dev_err(&intf->dev, "Failed to submit iin_urb\n");
2546
2547 return retcode;
2548}
2549
2550static int usbtmc_pre_reset(struct usb_interface *intf)
2551{
2552 struct usbtmc_device_data *data = usb_get_intfdata(intf);
2553 struct list_head *elem;
2554
2555 if (!data)
2556 return 0;
2557
2558 mutex_lock(&data->io_mutex);
2559
2560 list_for_each(elem, &data->file_list) {
2561 struct usbtmc_file_data *file_data;
2562
2563 file_data = list_entry(elem,
2564 struct usbtmc_file_data,
2565 file_elem);
2566 usbtmc_ioctl_cancel_io(file_data);
2567 }
2568
2569 return 0;
2570}
2571
2572static int usbtmc_post_reset(struct usb_interface *intf)
2573{
2574 struct usbtmc_device_data *data = usb_get_intfdata(intf);
2575
2576 mutex_unlock(&data->io_mutex);
2577
2578 return 0;
2579}
2580
2581static struct usb_driver usbtmc_driver = {
2582 .name = "usbtmc",
2583 .id_table = usbtmc_devices,
2584 .probe = usbtmc_probe,
2585 .disconnect = usbtmc_disconnect,
2586 .suspend = usbtmc_suspend,
2587 .resume = usbtmc_resume,
2588 .pre_reset = usbtmc_pre_reset,
2589 .post_reset = usbtmc_post_reset,
2590 .dev_groups = usbtmc_groups,
2591};
2592
2593module_usb_driver(usbtmc_driver);
2594
2595MODULE_LICENSE("GPL");
1/**
2 * drivers/usb/class/usbtmc.c - USB Test & Measurement class driver
3 *
4 * Copyright (C) 2007 Stefan Kopp, Gechingen, Germany
5 * Copyright (C) 2008 Novell, Inc.
6 * Copyright (C) 2008 Greg Kroah-Hartman <gregkh@suse.de>
7 *
8 * This program is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU General Public License
10 * as published by the Free Software Foundation; either version 2
11 * of the License, or (at your option) any later version.
12 *
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
17 *
18 * The GNU General Public License is available at
19 * http://www.gnu.org/copyleft/gpl.html.
20 */
21
22#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
23
24#include <linux/module.h>
25#include <linux/kernel.h>
26#include <linux/fs.h>
27#include <linux/uaccess.h>
28#include <linux/kref.h>
29#include <linux/slab.h>
30#include <linux/poll.h>
31#include <linux/mutex.h>
32#include <linux/usb.h>
33#include <linux/usb/tmc.h>
34
35
36#define RIGOL 1
37#define USBTMC_HEADER_SIZE 12
38#define USBTMC_MINOR_BASE 176
39
40/*
41 * Size of driver internal IO buffer. Must be multiple of 4 and at least as
42 * large as wMaxPacketSize (which is usually 512 bytes).
43 */
44#define USBTMC_SIZE_IOBUFFER 2048
45
46/* Default USB timeout (in milliseconds) */
47#define USBTMC_TIMEOUT 5000
48
49/*
50 * Maximum number of read cycles to empty bulk in endpoint during CLEAR and
51 * ABORT_BULK_IN requests. Ends the loop if (for whatever reason) a short
52 * packet is never read.
53 */
54#define USBTMC_MAX_READS_TO_CLEAR_BULK_IN 100
55
56static const struct usb_device_id usbtmc_devices[] = {
57 { USB_INTERFACE_INFO(USB_CLASS_APP_SPEC, 3, 0), },
58 { USB_INTERFACE_INFO(USB_CLASS_APP_SPEC, 3, 1), },
59 { 0, } /* terminating entry */
60};
61MODULE_DEVICE_TABLE(usb, usbtmc_devices);
62
63/*
64 * This structure is the capabilities for the device
65 * See section 4.2.1.8 of the USBTMC specification,
66 * and section 4.2.2 of the USBTMC usb488 subclass
67 * specification for details.
68 */
69struct usbtmc_dev_capabilities {
70 __u8 interface_capabilities;
71 __u8 device_capabilities;
72 __u8 usb488_interface_capabilities;
73 __u8 usb488_device_capabilities;
74};
75
76/* This structure holds private data for each USBTMC device. One copy is
77 * allocated for each USBTMC device in the driver's probe function.
78 */
79struct usbtmc_device_data {
80 const struct usb_device_id *id;
81 struct usb_device *usb_dev;
82 struct usb_interface *intf;
83
84 unsigned int bulk_in;
85 unsigned int bulk_out;
86
87 u8 bTag;
88 u8 bTag_last_write; /* needed for abort */
89 u8 bTag_last_read; /* needed for abort */
90
91 /* data for interrupt in endpoint handling */
92 u8 bNotify1;
93 u8 bNotify2;
94 u16 ifnum;
95 u8 iin_bTag;
96 u8 *iin_buffer;
97 atomic_t iin_data_valid;
98 unsigned int iin_ep;
99 int iin_ep_present;
100 int iin_interval;
101 struct urb *iin_urb;
102 u16 iin_wMaxPacketSize;
103 atomic_t srq_asserted;
104
105 /* coalesced usb488_caps from usbtmc_dev_capabilities */
106 __u8 usb488_caps;
107
108 u8 rigol_quirk;
109
110 /* attributes from the USB TMC spec for this device */
111 u8 TermChar;
112 bool TermCharEnabled;
113 bool auto_abort;
114
115 bool zombie; /* fd of disconnected device */
116
117 struct usbtmc_dev_capabilities capabilities;
118 struct kref kref;
119 struct mutex io_mutex; /* only one i/o function running at a time */
120 wait_queue_head_t waitq;
121 struct fasync_struct *fasync;
122};
123#define to_usbtmc_data(d) container_of(d, struct usbtmc_device_data, kref)
124
125struct usbtmc_ID_rigol_quirk {
126 __u16 idVendor;
127 __u16 idProduct;
128};
129
130static const struct usbtmc_ID_rigol_quirk usbtmc_id_quirk[] = {
131 { 0x1ab1, 0x0588 },
132 { 0x1ab1, 0x04b0 },
133 { 0, 0 }
134};
135
136/* Forward declarations */
137static struct usb_driver usbtmc_driver;
138
139static void usbtmc_delete(struct kref *kref)
140{
141 struct usbtmc_device_data *data = to_usbtmc_data(kref);
142
143 usb_put_dev(data->usb_dev);
144}
145
146static int usbtmc_open(struct inode *inode, struct file *filp)
147{
148 struct usb_interface *intf;
149 struct usbtmc_device_data *data;
150 int retval = 0;
151
152 intf = usb_find_interface(&usbtmc_driver, iminor(inode));
153 if (!intf) {
154 pr_err("can not find device for minor %d", iminor(inode));
155 return -ENODEV;
156 }
157
158 data = usb_get_intfdata(intf);
159 kref_get(&data->kref);
160
161 /* Store pointer in file structure's private data field */
162 filp->private_data = data;
163
164 return retval;
165}
166
167static int usbtmc_release(struct inode *inode, struct file *file)
168{
169 struct usbtmc_device_data *data = file->private_data;
170
171 kref_put(&data->kref, usbtmc_delete);
172 return 0;
173}
174
175static int usbtmc_ioctl_abort_bulk_in(struct usbtmc_device_data *data)
176{
177 u8 *buffer;
178 struct device *dev;
179 int rv;
180 int n;
181 int actual;
182 struct usb_host_interface *current_setting;
183 int max_size;
184
185 dev = &data->intf->dev;
186 buffer = kmalloc(USBTMC_SIZE_IOBUFFER, GFP_KERNEL);
187 if (!buffer)
188 return -ENOMEM;
189
190 rv = usb_control_msg(data->usb_dev,
191 usb_rcvctrlpipe(data->usb_dev, 0),
192 USBTMC_REQUEST_INITIATE_ABORT_BULK_IN,
193 USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_ENDPOINT,
194 data->bTag_last_read, data->bulk_in,
195 buffer, 2, USBTMC_TIMEOUT);
196
197 if (rv < 0) {
198 dev_err(dev, "usb_control_msg returned %d\n", rv);
199 goto exit;
200 }
201
202 dev_dbg(dev, "INITIATE_ABORT_BULK_IN returned %x\n", buffer[0]);
203
204 if (buffer[0] == USBTMC_STATUS_FAILED) {
205 rv = 0;
206 goto exit;
207 }
208
209 if (buffer[0] != USBTMC_STATUS_SUCCESS) {
210 dev_err(dev, "INITIATE_ABORT_BULK_IN returned %x\n",
211 buffer[0]);
212 rv = -EPERM;
213 goto exit;
214 }
215
216 max_size = 0;
217 current_setting = data->intf->cur_altsetting;
218 for (n = 0; n < current_setting->desc.bNumEndpoints; n++)
219 if (current_setting->endpoint[n].desc.bEndpointAddress ==
220 data->bulk_in)
221 max_size = usb_endpoint_maxp(¤t_setting->endpoint[n].desc);
222
223 if (max_size == 0) {
224 dev_err(dev, "Couldn't get wMaxPacketSize\n");
225 rv = -EPERM;
226 goto exit;
227 }
228
229 dev_dbg(&data->intf->dev, "wMaxPacketSize is %d\n", max_size);
230
231 n = 0;
232
233 do {
234 dev_dbg(dev, "Reading from bulk in EP\n");
235
236 rv = usb_bulk_msg(data->usb_dev,
237 usb_rcvbulkpipe(data->usb_dev,
238 data->bulk_in),
239 buffer, USBTMC_SIZE_IOBUFFER,
240 &actual, USBTMC_TIMEOUT);
241
242 n++;
243
244 if (rv < 0) {
245 dev_err(dev, "usb_bulk_msg returned %d\n", rv);
246 goto exit;
247 }
248 } while ((actual == max_size) &&
249 (n < USBTMC_MAX_READS_TO_CLEAR_BULK_IN));
250
251 if (actual == max_size) {
252 dev_err(dev, "Couldn't clear device buffer within %d cycles\n",
253 USBTMC_MAX_READS_TO_CLEAR_BULK_IN);
254 rv = -EPERM;
255 goto exit;
256 }
257
258 n = 0;
259
260usbtmc_abort_bulk_in_status:
261 rv = usb_control_msg(data->usb_dev,
262 usb_rcvctrlpipe(data->usb_dev, 0),
263 USBTMC_REQUEST_CHECK_ABORT_BULK_IN_STATUS,
264 USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_ENDPOINT,
265 0, data->bulk_in, buffer, 0x08,
266 USBTMC_TIMEOUT);
267
268 if (rv < 0) {
269 dev_err(dev, "usb_control_msg returned %d\n", rv);
270 goto exit;
271 }
272
273 dev_dbg(dev, "INITIATE_ABORT_BULK_IN returned %x\n", buffer[0]);
274
275 if (buffer[0] == USBTMC_STATUS_SUCCESS) {
276 rv = 0;
277 goto exit;
278 }
279
280 if (buffer[0] != USBTMC_STATUS_PENDING) {
281 dev_err(dev, "INITIATE_ABORT_BULK_IN returned %x\n", buffer[0]);
282 rv = -EPERM;
283 goto exit;
284 }
285
286 if (buffer[1] == 1)
287 do {
288 dev_dbg(dev, "Reading from bulk in EP\n");
289
290 rv = usb_bulk_msg(data->usb_dev,
291 usb_rcvbulkpipe(data->usb_dev,
292 data->bulk_in),
293 buffer, USBTMC_SIZE_IOBUFFER,
294 &actual, USBTMC_TIMEOUT);
295
296 n++;
297
298 if (rv < 0) {
299 dev_err(dev, "usb_bulk_msg returned %d\n", rv);
300 goto exit;
301 }
302 } while ((actual == max_size) &&
303 (n < USBTMC_MAX_READS_TO_CLEAR_BULK_IN));
304
305 if (actual == max_size) {
306 dev_err(dev, "Couldn't clear device buffer within %d cycles\n",
307 USBTMC_MAX_READS_TO_CLEAR_BULK_IN);
308 rv = -EPERM;
309 goto exit;
310 }
311
312 goto usbtmc_abort_bulk_in_status;
313
314exit:
315 kfree(buffer);
316 return rv;
317
318}
319
320static int usbtmc_ioctl_abort_bulk_out(struct usbtmc_device_data *data)
321{
322 struct device *dev;
323 u8 *buffer;
324 int rv;
325 int n;
326
327 dev = &data->intf->dev;
328
329 buffer = kmalloc(8, GFP_KERNEL);
330 if (!buffer)
331 return -ENOMEM;
332
333 rv = usb_control_msg(data->usb_dev,
334 usb_rcvctrlpipe(data->usb_dev, 0),
335 USBTMC_REQUEST_INITIATE_ABORT_BULK_OUT,
336 USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_ENDPOINT,
337 data->bTag_last_write, data->bulk_out,
338 buffer, 2, USBTMC_TIMEOUT);
339
340 if (rv < 0) {
341 dev_err(dev, "usb_control_msg returned %d\n", rv);
342 goto exit;
343 }
344
345 dev_dbg(dev, "INITIATE_ABORT_BULK_OUT returned %x\n", buffer[0]);
346
347 if (buffer[0] != USBTMC_STATUS_SUCCESS) {
348 dev_err(dev, "INITIATE_ABORT_BULK_OUT returned %x\n",
349 buffer[0]);
350 rv = -EPERM;
351 goto exit;
352 }
353
354 n = 0;
355
356usbtmc_abort_bulk_out_check_status:
357 rv = usb_control_msg(data->usb_dev,
358 usb_rcvctrlpipe(data->usb_dev, 0),
359 USBTMC_REQUEST_CHECK_ABORT_BULK_OUT_STATUS,
360 USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_ENDPOINT,
361 0, data->bulk_out, buffer, 0x08,
362 USBTMC_TIMEOUT);
363 n++;
364 if (rv < 0) {
365 dev_err(dev, "usb_control_msg returned %d\n", rv);
366 goto exit;
367 }
368
369 dev_dbg(dev, "CHECK_ABORT_BULK_OUT returned %x\n", buffer[0]);
370
371 if (buffer[0] == USBTMC_STATUS_SUCCESS)
372 goto usbtmc_abort_bulk_out_clear_halt;
373
374 if ((buffer[0] == USBTMC_STATUS_PENDING) &&
375 (n < USBTMC_MAX_READS_TO_CLEAR_BULK_IN))
376 goto usbtmc_abort_bulk_out_check_status;
377
378 rv = -EPERM;
379 goto exit;
380
381usbtmc_abort_bulk_out_clear_halt:
382 rv = usb_clear_halt(data->usb_dev,
383 usb_sndbulkpipe(data->usb_dev, data->bulk_out));
384
385 if (rv < 0) {
386 dev_err(dev, "usb_control_msg returned %d\n", rv);
387 goto exit;
388 }
389 rv = 0;
390
391exit:
392 kfree(buffer);
393 return rv;
394}
395
396static int usbtmc488_ioctl_read_stb(struct usbtmc_device_data *data,
397 void __user *arg)
398{
399 struct device *dev = &data->intf->dev;
400 u8 *buffer;
401 u8 tag;
402 __u8 stb;
403 int rv;
404
405 dev_dbg(dev, "Enter ioctl_read_stb iin_ep_present: %d\n",
406 data->iin_ep_present);
407
408 buffer = kmalloc(8, GFP_KERNEL);
409 if (!buffer)
410 return -ENOMEM;
411
412 atomic_set(&data->iin_data_valid, 0);
413
414 /* must issue read_stb before using poll or select */
415 atomic_set(&data->srq_asserted, 0);
416
417 rv = usb_control_msg(data->usb_dev,
418 usb_rcvctrlpipe(data->usb_dev, 0),
419 USBTMC488_REQUEST_READ_STATUS_BYTE,
420 USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_INTERFACE,
421 data->iin_bTag,
422 data->ifnum,
423 buffer, 0x03, USBTMC_TIMEOUT);
424 if (rv < 0) {
425 dev_err(dev, "stb usb_control_msg returned %d\n", rv);
426 goto exit;
427 }
428
429 if (buffer[0] != USBTMC_STATUS_SUCCESS) {
430 dev_err(dev, "control status returned %x\n", buffer[0]);
431 rv = -EIO;
432 goto exit;
433 }
434
435 if (data->iin_ep_present) {
436 rv = wait_event_interruptible_timeout(
437 data->waitq,
438 atomic_read(&data->iin_data_valid) != 0,
439 USBTMC_TIMEOUT);
440 if (rv < 0) {
441 dev_dbg(dev, "wait interrupted %d\n", rv);
442 goto exit;
443 }
444
445 if (rv == 0) {
446 dev_dbg(dev, "wait timed out\n");
447 rv = -ETIME;
448 goto exit;
449 }
450
451 tag = data->bNotify1 & 0x7f;
452 if (tag != data->iin_bTag) {
453 dev_err(dev, "expected bTag %x got %x\n",
454 data->iin_bTag, tag);
455 }
456
457 stb = data->bNotify2;
458 } else {
459 stb = buffer[2];
460 }
461
462 rv = copy_to_user(arg, &stb, sizeof(stb));
463 if (rv)
464 rv = -EFAULT;
465
466 exit:
467 /* bump interrupt bTag */
468 data->iin_bTag += 1;
469 if (data->iin_bTag > 127)
470 /* 1 is for SRQ see USBTMC-USB488 subclass spec section 4.3.1 */
471 data->iin_bTag = 2;
472
473 kfree(buffer);
474 return rv;
475}
476
477static int usbtmc488_ioctl_simple(struct usbtmc_device_data *data,
478 void __user *arg, unsigned int cmd)
479{
480 struct device *dev = &data->intf->dev;
481 __u8 val;
482 u8 *buffer;
483 u16 wValue;
484 int rv;
485
486 if (!(data->usb488_caps & USBTMC488_CAPABILITY_SIMPLE))
487 return -EINVAL;
488
489 buffer = kmalloc(8, GFP_KERNEL);
490 if (!buffer)
491 return -ENOMEM;
492
493 if (cmd == USBTMC488_REQUEST_REN_CONTROL) {
494 rv = copy_from_user(&val, arg, sizeof(val));
495 if (rv) {
496 rv = -EFAULT;
497 goto exit;
498 }
499 wValue = val ? 1 : 0;
500 } else {
501 wValue = 0;
502 }
503
504 rv = usb_control_msg(data->usb_dev,
505 usb_rcvctrlpipe(data->usb_dev, 0),
506 cmd,
507 USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_INTERFACE,
508 wValue,
509 data->ifnum,
510 buffer, 0x01, USBTMC_TIMEOUT);
511 if (rv < 0) {
512 dev_err(dev, "simple usb_control_msg failed %d\n", rv);
513 goto exit;
514 } else if (rv != 1) {
515 dev_warn(dev, "simple usb_control_msg returned %d\n", rv);
516 rv = -EIO;
517 goto exit;
518 }
519
520 if (buffer[0] != USBTMC_STATUS_SUCCESS) {
521 dev_err(dev, "simple control status returned %x\n", buffer[0]);
522 rv = -EIO;
523 goto exit;
524 }
525 rv = 0;
526
527 exit:
528 kfree(buffer);
529 return rv;
530}
531
532/*
533 * Sends a REQUEST_DEV_DEP_MSG_IN message on the Bulk-IN endpoint.
534 * @transfer_size: number of bytes to request from the device.
535 *
536 * See the USBTMC specification, Table 4.
537 *
538 * Also updates bTag_last_write.
539 */
540static int send_request_dev_dep_msg_in(struct usbtmc_device_data *data, size_t transfer_size)
541{
542 int retval;
543 u8 *buffer;
544 int actual;
545
546 buffer = kmalloc(USBTMC_HEADER_SIZE, GFP_KERNEL);
547 if (!buffer)
548 return -ENOMEM;
549 /* Setup IO buffer for REQUEST_DEV_DEP_MSG_IN message
550 * Refer to class specs for details
551 */
552 buffer[0] = 2;
553 buffer[1] = data->bTag;
554 buffer[2] = ~data->bTag;
555 buffer[3] = 0; /* Reserved */
556 buffer[4] = transfer_size >> 0;
557 buffer[5] = transfer_size >> 8;
558 buffer[6] = transfer_size >> 16;
559 buffer[7] = transfer_size >> 24;
560 buffer[8] = data->TermCharEnabled * 2;
561 /* Use term character? */
562 buffer[9] = data->TermChar;
563 buffer[10] = 0; /* Reserved */
564 buffer[11] = 0; /* Reserved */
565
566 /* Send bulk URB */
567 retval = usb_bulk_msg(data->usb_dev,
568 usb_sndbulkpipe(data->usb_dev,
569 data->bulk_out),
570 buffer, USBTMC_HEADER_SIZE, &actual, USBTMC_TIMEOUT);
571
572 /* Store bTag (in case we need to abort) */
573 data->bTag_last_write = data->bTag;
574
575 /* Increment bTag -- and increment again if zero */
576 data->bTag++;
577 if (!data->bTag)
578 data->bTag++;
579
580 kfree(buffer);
581 if (retval < 0) {
582 dev_err(&data->intf->dev, "usb_bulk_msg in send_request_dev_dep_msg_in() returned %d\n", retval);
583 return retval;
584 }
585
586 return 0;
587}
588
589static ssize_t usbtmc_read(struct file *filp, char __user *buf,
590 size_t count, loff_t *f_pos)
591{
592 struct usbtmc_device_data *data;
593 struct device *dev;
594 u32 n_characters;
595 u8 *buffer;
596 int actual;
597 size_t done;
598 size_t remaining;
599 int retval;
600 size_t this_part;
601
602 /* Get pointer to private data structure */
603 data = filp->private_data;
604 dev = &data->intf->dev;
605
606 buffer = kmalloc(USBTMC_SIZE_IOBUFFER, GFP_KERNEL);
607 if (!buffer)
608 return -ENOMEM;
609
610 mutex_lock(&data->io_mutex);
611 if (data->zombie) {
612 retval = -ENODEV;
613 goto exit;
614 }
615
616 if (data->rigol_quirk) {
617 dev_dbg(dev, "usb_bulk_msg_in: count(%zu)\n", count);
618
619 retval = send_request_dev_dep_msg_in(data, count);
620
621 if (retval < 0) {
622 if (data->auto_abort)
623 usbtmc_ioctl_abort_bulk_out(data);
624 goto exit;
625 }
626 }
627
628 /* Loop until we have fetched everything we requested */
629 remaining = count;
630 this_part = remaining;
631 done = 0;
632
633 while (remaining > 0) {
634 if (!data->rigol_quirk) {
635 dev_dbg(dev, "usb_bulk_msg_in: remaining(%zu), count(%zu)\n", remaining, count);
636
637 if (remaining > USBTMC_SIZE_IOBUFFER - USBTMC_HEADER_SIZE - 3)
638 this_part = USBTMC_SIZE_IOBUFFER - USBTMC_HEADER_SIZE - 3;
639 else
640 this_part = remaining;
641
642 retval = send_request_dev_dep_msg_in(data, this_part);
643 if (retval < 0) {
644 dev_err(dev, "usb_bulk_msg returned %d\n", retval);
645 if (data->auto_abort)
646 usbtmc_ioctl_abort_bulk_out(data);
647 goto exit;
648 }
649 }
650
651 /* Send bulk URB */
652 retval = usb_bulk_msg(data->usb_dev,
653 usb_rcvbulkpipe(data->usb_dev,
654 data->bulk_in),
655 buffer, USBTMC_SIZE_IOBUFFER, &actual,
656 USBTMC_TIMEOUT);
657
658 dev_dbg(dev, "usb_bulk_msg: retval(%u), done(%zu), remaining(%zu), actual(%d)\n", retval, done, remaining, actual);
659
660 /* Store bTag (in case we need to abort) */
661 data->bTag_last_read = data->bTag;
662
663 if (retval < 0) {
664 dev_dbg(dev, "Unable to read data, error %d\n", retval);
665 if (data->auto_abort)
666 usbtmc_ioctl_abort_bulk_in(data);
667 goto exit;
668 }
669
670 /* Parse header in first packet */
671 if ((done == 0) || !data->rigol_quirk) {
672 /* Sanity checks for the header */
673 if (actual < USBTMC_HEADER_SIZE) {
674 dev_err(dev, "Device sent too small first packet: %u < %u\n", actual, USBTMC_HEADER_SIZE);
675 if (data->auto_abort)
676 usbtmc_ioctl_abort_bulk_in(data);
677 goto exit;
678 }
679
680 if (buffer[0] != 2) {
681 dev_err(dev, "Device sent reply with wrong MsgID: %u != 2\n", buffer[0]);
682 if (data->auto_abort)
683 usbtmc_ioctl_abort_bulk_in(data);
684 goto exit;
685 }
686
687 if (buffer[1] != data->bTag_last_write) {
688 dev_err(dev, "Device sent reply with wrong bTag: %u != %u\n", buffer[1], data->bTag_last_write);
689 if (data->auto_abort)
690 usbtmc_ioctl_abort_bulk_in(data);
691 goto exit;
692 }
693
694 /* How many characters did the instrument send? */
695 n_characters = buffer[4] +
696 (buffer[5] << 8) +
697 (buffer[6] << 16) +
698 (buffer[7] << 24);
699
700 if (n_characters > this_part) {
701 dev_err(dev, "Device wants to return more data than requested: %u > %zu\n", n_characters, count);
702 if (data->auto_abort)
703 usbtmc_ioctl_abort_bulk_in(data);
704 goto exit;
705 }
706
707 /* Remove the USBTMC header */
708 actual -= USBTMC_HEADER_SIZE;
709
710 /* Check if the message is smaller than requested */
711 if (data->rigol_quirk) {
712 if (remaining > n_characters)
713 remaining = n_characters;
714 /* Remove padding if it exists */
715 if (actual > remaining)
716 actual = remaining;
717 }
718 else {
719 if (this_part > n_characters)
720 this_part = n_characters;
721 /* Remove padding if it exists */
722 if (actual > this_part)
723 actual = this_part;
724 }
725
726 dev_dbg(dev, "Bulk-IN header: N_characters(%u), bTransAttr(%u)\n", n_characters, buffer[8]);
727
728 remaining -= actual;
729
730 /* Terminate if end-of-message bit received from device */
731 if ((buffer[8] & 0x01) && (actual >= n_characters))
732 remaining = 0;
733
734 dev_dbg(dev, "Bulk-IN header: remaining(%zu), buf(%p), buffer(%p) done(%zu)\n", remaining,buf,buffer,done);
735
736
737 /* Copy buffer to user space */
738 if (copy_to_user(buf + done, &buffer[USBTMC_HEADER_SIZE], actual)) {
739 /* There must have been an addressing problem */
740 retval = -EFAULT;
741 goto exit;
742 }
743 done += actual;
744 }
745 else {
746 if (actual > remaining)
747 actual = remaining;
748
749 remaining -= actual;
750
751 dev_dbg(dev, "Bulk-IN header cont: actual(%u), done(%zu), remaining(%zu), buf(%p), buffer(%p)\n", actual, done, remaining,buf,buffer);
752
753 /* Copy buffer to user space */
754 if (copy_to_user(buf + done, buffer, actual)) {
755 /* There must have been an addressing problem */
756 retval = -EFAULT;
757 goto exit;
758 }
759 done += actual;
760 }
761 }
762
763 /* Update file position value */
764 *f_pos = *f_pos + done;
765 retval = done;
766
767exit:
768 mutex_unlock(&data->io_mutex);
769 kfree(buffer);
770 return retval;
771}
772
773static ssize_t usbtmc_write(struct file *filp, const char __user *buf,
774 size_t count, loff_t *f_pos)
775{
776 struct usbtmc_device_data *data;
777 u8 *buffer;
778 int retval;
779 int actual;
780 unsigned long int n_bytes;
781 int remaining;
782 int done;
783 int this_part;
784
785 data = filp->private_data;
786
787 buffer = kmalloc(USBTMC_SIZE_IOBUFFER, GFP_KERNEL);
788 if (!buffer)
789 return -ENOMEM;
790
791 mutex_lock(&data->io_mutex);
792 if (data->zombie) {
793 retval = -ENODEV;
794 goto exit;
795 }
796
797 remaining = count;
798 done = 0;
799
800 while (remaining > 0) {
801 if (remaining > USBTMC_SIZE_IOBUFFER - USBTMC_HEADER_SIZE) {
802 this_part = USBTMC_SIZE_IOBUFFER - USBTMC_HEADER_SIZE;
803 buffer[8] = 0;
804 } else {
805 this_part = remaining;
806 buffer[8] = 1;
807 }
808
809 /* Setup IO buffer for DEV_DEP_MSG_OUT message */
810 buffer[0] = 1;
811 buffer[1] = data->bTag;
812 buffer[2] = ~data->bTag;
813 buffer[3] = 0; /* Reserved */
814 buffer[4] = this_part >> 0;
815 buffer[5] = this_part >> 8;
816 buffer[6] = this_part >> 16;
817 buffer[7] = this_part >> 24;
818 /* buffer[8] is set above... */
819 buffer[9] = 0; /* Reserved */
820 buffer[10] = 0; /* Reserved */
821 buffer[11] = 0; /* Reserved */
822
823 if (copy_from_user(&buffer[USBTMC_HEADER_SIZE], buf + done, this_part)) {
824 retval = -EFAULT;
825 goto exit;
826 }
827
828 n_bytes = roundup(USBTMC_HEADER_SIZE + this_part, 4);
829 memset(buffer + USBTMC_HEADER_SIZE + this_part, 0, n_bytes - (USBTMC_HEADER_SIZE + this_part));
830
831 do {
832 retval = usb_bulk_msg(data->usb_dev,
833 usb_sndbulkpipe(data->usb_dev,
834 data->bulk_out),
835 buffer, n_bytes,
836 &actual, USBTMC_TIMEOUT);
837 if (retval != 0)
838 break;
839 n_bytes -= actual;
840 } while (n_bytes);
841
842 data->bTag_last_write = data->bTag;
843 data->bTag++;
844
845 if (!data->bTag)
846 data->bTag++;
847
848 if (retval < 0) {
849 dev_err(&data->intf->dev,
850 "Unable to send data, error %d\n", retval);
851 if (data->auto_abort)
852 usbtmc_ioctl_abort_bulk_out(data);
853 goto exit;
854 }
855
856 remaining -= this_part;
857 done += this_part;
858 }
859
860 retval = count;
861exit:
862 mutex_unlock(&data->io_mutex);
863 kfree(buffer);
864 return retval;
865}
866
867static int usbtmc_ioctl_clear(struct usbtmc_device_data *data)
868{
869 struct usb_host_interface *current_setting;
870 struct usb_endpoint_descriptor *desc;
871 struct device *dev;
872 u8 *buffer;
873 int rv;
874 int n;
875 int actual = 0;
876 int max_size;
877
878 dev = &data->intf->dev;
879
880 dev_dbg(dev, "Sending INITIATE_CLEAR request\n");
881
882 buffer = kmalloc(USBTMC_SIZE_IOBUFFER, GFP_KERNEL);
883 if (!buffer)
884 return -ENOMEM;
885
886 rv = usb_control_msg(data->usb_dev,
887 usb_rcvctrlpipe(data->usb_dev, 0),
888 USBTMC_REQUEST_INITIATE_CLEAR,
889 USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_INTERFACE,
890 0, 0, buffer, 1, USBTMC_TIMEOUT);
891 if (rv < 0) {
892 dev_err(dev, "usb_control_msg returned %d\n", rv);
893 goto exit;
894 }
895
896 dev_dbg(dev, "INITIATE_CLEAR returned %x\n", buffer[0]);
897
898 if (buffer[0] != USBTMC_STATUS_SUCCESS) {
899 dev_err(dev, "INITIATE_CLEAR returned %x\n", buffer[0]);
900 rv = -EPERM;
901 goto exit;
902 }
903
904 max_size = 0;
905 current_setting = data->intf->cur_altsetting;
906 for (n = 0; n < current_setting->desc.bNumEndpoints; n++) {
907 desc = ¤t_setting->endpoint[n].desc;
908 if (desc->bEndpointAddress == data->bulk_in)
909 max_size = usb_endpoint_maxp(desc);
910 }
911
912 if (max_size == 0) {
913 dev_err(dev, "Couldn't get wMaxPacketSize\n");
914 rv = -EPERM;
915 goto exit;
916 }
917
918 dev_dbg(dev, "wMaxPacketSize is %d\n", max_size);
919
920 n = 0;
921
922usbtmc_clear_check_status:
923
924 dev_dbg(dev, "Sending CHECK_CLEAR_STATUS request\n");
925
926 rv = usb_control_msg(data->usb_dev,
927 usb_rcvctrlpipe(data->usb_dev, 0),
928 USBTMC_REQUEST_CHECK_CLEAR_STATUS,
929 USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_INTERFACE,
930 0, 0, buffer, 2, USBTMC_TIMEOUT);
931 if (rv < 0) {
932 dev_err(dev, "usb_control_msg returned %d\n", rv);
933 goto exit;
934 }
935
936 dev_dbg(dev, "CHECK_CLEAR_STATUS returned %x\n", buffer[0]);
937
938 if (buffer[0] == USBTMC_STATUS_SUCCESS)
939 goto usbtmc_clear_bulk_out_halt;
940
941 if (buffer[0] != USBTMC_STATUS_PENDING) {
942 dev_err(dev, "CHECK_CLEAR_STATUS returned %x\n", buffer[0]);
943 rv = -EPERM;
944 goto exit;
945 }
946
947 if (buffer[1] == 1)
948 do {
949 dev_dbg(dev, "Reading from bulk in EP\n");
950
951 rv = usb_bulk_msg(data->usb_dev,
952 usb_rcvbulkpipe(data->usb_dev,
953 data->bulk_in),
954 buffer, USBTMC_SIZE_IOBUFFER,
955 &actual, USBTMC_TIMEOUT);
956 n++;
957
958 if (rv < 0) {
959 dev_err(dev, "usb_control_msg returned %d\n",
960 rv);
961 goto exit;
962 }
963 } while ((actual == max_size) &&
964 (n < USBTMC_MAX_READS_TO_CLEAR_BULK_IN));
965
966 if (actual == max_size) {
967 dev_err(dev, "Couldn't clear device buffer within %d cycles\n",
968 USBTMC_MAX_READS_TO_CLEAR_BULK_IN);
969 rv = -EPERM;
970 goto exit;
971 }
972
973 goto usbtmc_clear_check_status;
974
975usbtmc_clear_bulk_out_halt:
976
977 rv = usb_clear_halt(data->usb_dev,
978 usb_sndbulkpipe(data->usb_dev, data->bulk_out));
979 if (rv < 0) {
980 dev_err(dev, "usb_control_msg returned %d\n", rv);
981 goto exit;
982 }
983 rv = 0;
984
985exit:
986 kfree(buffer);
987 return rv;
988}
989
990static int usbtmc_ioctl_clear_out_halt(struct usbtmc_device_data *data)
991{
992 int rv;
993
994 rv = usb_clear_halt(data->usb_dev,
995 usb_sndbulkpipe(data->usb_dev, data->bulk_out));
996
997 if (rv < 0) {
998 dev_err(&data->usb_dev->dev, "usb_control_msg returned %d\n",
999 rv);
1000 return rv;
1001 }
1002 return 0;
1003}
1004
1005static int usbtmc_ioctl_clear_in_halt(struct usbtmc_device_data *data)
1006{
1007 int rv;
1008
1009 rv = usb_clear_halt(data->usb_dev,
1010 usb_rcvbulkpipe(data->usb_dev, data->bulk_in));
1011
1012 if (rv < 0) {
1013 dev_err(&data->usb_dev->dev, "usb_control_msg returned %d\n",
1014 rv);
1015 return rv;
1016 }
1017 return 0;
1018}
1019
1020static int get_capabilities(struct usbtmc_device_data *data)
1021{
1022 struct device *dev = &data->usb_dev->dev;
1023 char *buffer;
1024 int rv = 0;
1025
1026 buffer = kmalloc(0x18, GFP_KERNEL);
1027 if (!buffer)
1028 return -ENOMEM;
1029
1030 rv = usb_control_msg(data->usb_dev, usb_rcvctrlpipe(data->usb_dev, 0),
1031 USBTMC_REQUEST_GET_CAPABILITIES,
1032 USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_INTERFACE,
1033 0, 0, buffer, 0x18, USBTMC_TIMEOUT);
1034 if (rv < 0) {
1035 dev_err(dev, "usb_control_msg returned %d\n", rv);
1036 goto err_out;
1037 }
1038
1039 dev_dbg(dev, "GET_CAPABILITIES returned %x\n", buffer[0]);
1040 if (buffer[0] != USBTMC_STATUS_SUCCESS) {
1041 dev_err(dev, "GET_CAPABILITIES returned %x\n", buffer[0]);
1042 rv = -EPERM;
1043 goto err_out;
1044 }
1045 dev_dbg(dev, "Interface capabilities are %x\n", buffer[4]);
1046 dev_dbg(dev, "Device capabilities are %x\n", buffer[5]);
1047 dev_dbg(dev, "USB488 interface capabilities are %x\n", buffer[14]);
1048 dev_dbg(dev, "USB488 device capabilities are %x\n", buffer[15]);
1049
1050 data->capabilities.interface_capabilities = buffer[4];
1051 data->capabilities.device_capabilities = buffer[5];
1052 data->capabilities.usb488_interface_capabilities = buffer[14];
1053 data->capabilities.usb488_device_capabilities = buffer[15];
1054 data->usb488_caps = (buffer[14] & 0x07) | ((buffer[15] & 0x0f) << 4);
1055 rv = 0;
1056
1057err_out:
1058 kfree(buffer);
1059 return rv;
1060}
1061
1062#define capability_attribute(name) \
1063static ssize_t name##_show(struct device *dev, \
1064 struct device_attribute *attr, char *buf) \
1065{ \
1066 struct usb_interface *intf = to_usb_interface(dev); \
1067 struct usbtmc_device_data *data = usb_get_intfdata(intf); \
1068 \
1069 return sprintf(buf, "%d\n", data->capabilities.name); \
1070} \
1071static DEVICE_ATTR_RO(name)
1072
1073capability_attribute(interface_capabilities);
1074capability_attribute(device_capabilities);
1075capability_attribute(usb488_interface_capabilities);
1076capability_attribute(usb488_device_capabilities);
1077
1078static struct attribute *capability_attrs[] = {
1079 &dev_attr_interface_capabilities.attr,
1080 &dev_attr_device_capabilities.attr,
1081 &dev_attr_usb488_interface_capabilities.attr,
1082 &dev_attr_usb488_device_capabilities.attr,
1083 NULL,
1084};
1085
1086static struct attribute_group capability_attr_grp = {
1087 .attrs = capability_attrs,
1088};
1089
1090static ssize_t TermChar_show(struct device *dev,
1091 struct device_attribute *attr, char *buf)
1092{
1093 struct usb_interface *intf = to_usb_interface(dev);
1094 struct usbtmc_device_data *data = usb_get_intfdata(intf);
1095
1096 return sprintf(buf, "%c\n", data->TermChar);
1097}
1098
1099static ssize_t TermChar_store(struct device *dev,
1100 struct device_attribute *attr,
1101 const char *buf, size_t count)
1102{
1103 struct usb_interface *intf = to_usb_interface(dev);
1104 struct usbtmc_device_data *data = usb_get_intfdata(intf);
1105
1106 if (count < 1)
1107 return -EINVAL;
1108 data->TermChar = buf[0];
1109 return count;
1110}
1111static DEVICE_ATTR_RW(TermChar);
1112
1113#define data_attribute(name) \
1114static ssize_t name##_show(struct device *dev, \
1115 struct device_attribute *attr, char *buf) \
1116{ \
1117 struct usb_interface *intf = to_usb_interface(dev); \
1118 struct usbtmc_device_data *data = usb_get_intfdata(intf); \
1119 \
1120 return sprintf(buf, "%d\n", data->name); \
1121} \
1122static ssize_t name##_store(struct device *dev, \
1123 struct device_attribute *attr, \
1124 const char *buf, size_t count) \
1125{ \
1126 struct usb_interface *intf = to_usb_interface(dev); \
1127 struct usbtmc_device_data *data = usb_get_intfdata(intf); \
1128 ssize_t result; \
1129 unsigned val; \
1130 \
1131 result = sscanf(buf, "%u\n", &val); \
1132 if (result != 1) \
1133 result = -EINVAL; \
1134 data->name = val; \
1135 if (result < 0) \
1136 return result; \
1137 else \
1138 return count; \
1139} \
1140static DEVICE_ATTR_RW(name)
1141
1142data_attribute(TermCharEnabled);
1143data_attribute(auto_abort);
1144
1145static struct attribute *data_attrs[] = {
1146 &dev_attr_TermChar.attr,
1147 &dev_attr_TermCharEnabled.attr,
1148 &dev_attr_auto_abort.attr,
1149 NULL,
1150};
1151
1152static struct attribute_group data_attr_grp = {
1153 .attrs = data_attrs,
1154};
1155
1156static int usbtmc_ioctl_indicator_pulse(struct usbtmc_device_data *data)
1157{
1158 struct device *dev;
1159 u8 *buffer;
1160 int rv;
1161
1162 dev = &data->intf->dev;
1163
1164 buffer = kmalloc(2, GFP_KERNEL);
1165 if (!buffer)
1166 return -ENOMEM;
1167
1168 rv = usb_control_msg(data->usb_dev,
1169 usb_rcvctrlpipe(data->usb_dev, 0),
1170 USBTMC_REQUEST_INDICATOR_PULSE,
1171 USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_INTERFACE,
1172 0, 0, buffer, 0x01, USBTMC_TIMEOUT);
1173
1174 if (rv < 0) {
1175 dev_err(dev, "usb_control_msg returned %d\n", rv);
1176 goto exit;
1177 }
1178
1179 dev_dbg(dev, "INDICATOR_PULSE returned %x\n", buffer[0]);
1180
1181 if (buffer[0] != USBTMC_STATUS_SUCCESS) {
1182 dev_err(dev, "INDICATOR_PULSE returned %x\n", buffer[0]);
1183 rv = -EPERM;
1184 goto exit;
1185 }
1186 rv = 0;
1187
1188exit:
1189 kfree(buffer);
1190 return rv;
1191}
1192
1193static long usbtmc_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
1194{
1195 struct usbtmc_device_data *data;
1196 int retval = -EBADRQC;
1197
1198 data = file->private_data;
1199 mutex_lock(&data->io_mutex);
1200 if (data->zombie) {
1201 retval = -ENODEV;
1202 goto skip_io_on_zombie;
1203 }
1204
1205 switch (cmd) {
1206 case USBTMC_IOCTL_CLEAR_OUT_HALT:
1207 retval = usbtmc_ioctl_clear_out_halt(data);
1208 break;
1209
1210 case USBTMC_IOCTL_CLEAR_IN_HALT:
1211 retval = usbtmc_ioctl_clear_in_halt(data);
1212 break;
1213
1214 case USBTMC_IOCTL_INDICATOR_PULSE:
1215 retval = usbtmc_ioctl_indicator_pulse(data);
1216 break;
1217
1218 case USBTMC_IOCTL_CLEAR:
1219 retval = usbtmc_ioctl_clear(data);
1220 break;
1221
1222 case USBTMC_IOCTL_ABORT_BULK_OUT:
1223 retval = usbtmc_ioctl_abort_bulk_out(data);
1224 break;
1225
1226 case USBTMC_IOCTL_ABORT_BULK_IN:
1227 retval = usbtmc_ioctl_abort_bulk_in(data);
1228 break;
1229
1230 case USBTMC488_IOCTL_GET_CAPS:
1231 retval = copy_to_user((void __user *)arg,
1232 &data->usb488_caps,
1233 sizeof(data->usb488_caps));
1234 if (retval)
1235 retval = -EFAULT;
1236 break;
1237
1238 case USBTMC488_IOCTL_READ_STB:
1239 retval = usbtmc488_ioctl_read_stb(data, (void __user *)arg);
1240 break;
1241
1242 case USBTMC488_IOCTL_REN_CONTROL:
1243 retval = usbtmc488_ioctl_simple(data, (void __user *)arg,
1244 USBTMC488_REQUEST_REN_CONTROL);
1245 break;
1246
1247 case USBTMC488_IOCTL_GOTO_LOCAL:
1248 retval = usbtmc488_ioctl_simple(data, (void __user *)arg,
1249 USBTMC488_REQUEST_GOTO_LOCAL);
1250 break;
1251
1252 case USBTMC488_IOCTL_LOCAL_LOCKOUT:
1253 retval = usbtmc488_ioctl_simple(data, (void __user *)arg,
1254 USBTMC488_REQUEST_LOCAL_LOCKOUT);
1255 break;
1256 }
1257
1258skip_io_on_zombie:
1259 mutex_unlock(&data->io_mutex);
1260 return retval;
1261}
1262
1263static int usbtmc_fasync(int fd, struct file *file, int on)
1264{
1265 struct usbtmc_device_data *data = file->private_data;
1266
1267 return fasync_helper(fd, file, on, &data->fasync);
1268}
1269
1270static unsigned int usbtmc_poll(struct file *file, poll_table *wait)
1271{
1272 struct usbtmc_device_data *data = file->private_data;
1273 unsigned int mask;
1274
1275 mutex_lock(&data->io_mutex);
1276
1277 if (data->zombie) {
1278 mask = POLLHUP | POLLERR;
1279 goto no_poll;
1280 }
1281
1282 poll_wait(file, &data->waitq, wait);
1283
1284 mask = (atomic_read(&data->srq_asserted)) ? POLLIN | POLLRDNORM : 0;
1285
1286no_poll:
1287 mutex_unlock(&data->io_mutex);
1288 return mask;
1289}
1290
1291static const struct file_operations fops = {
1292 .owner = THIS_MODULE,
1293 .read = usbtmc_read,
1294 .write = usbtmc_write,
1295 .open = usbtmc_open,
1296 .release = usbtmc_release,
1297 .unlocked_ioctl = usbtmc_ioctl,
1298 .fasync = usbtmc_fasync,
1299 .poll = usbtmc_poll,
1300 .llseek = default_llseek,
1301};
1302
1303static struct usb_class_driver usbtmc_class = {
1304 .name = "usbtmc%d",
1305 .fops = &fops,
1306 .minor_base = USBTMC_MINOR_BASE,
1307};
1308
1309static void usbtmc_interrupt(struct urb *urb)
1310{
1311 struct usbtmc_device_data *data = urb->context;
1312 struct device *dev = &data->intf->dev;
1313 int status = urb->status;
1314 int rv;
1315
1316 dev_dbg(&data->intf->dev, "int status: %d len %d\n",
1317 status, urb->actual_length);
1318
1319 switch (status) {
1320 case 0: /* SUCCESS */
1321 /* check for valid STB notification */
1322 if (data->iin_buffer[0] > 0x81) {
1323 data->bNotify1 = data->iin_buffer[0];
1324 data->bNotify2 = data->iin_buffer[1];
1325 atomic_set(&data->iin_data_valid, 1);
1326 wake_up_interruptible(&data->waitq);
1327 goto exit;
1328 }
1329 /* check for SRQ notification */
1330 if (data->iin_buffer[0] == 0x81) {
1331 if (data->fasync)
1332 kill_fasync(&data->fasync,
1333 SIGIO, POLL_IN);
1334
1335 atomic_set(&data->srq_asserted, 1);
1336 wake_up_interruptible(&data->waitq);
1337 goto exit;
1338 }
1339 dev_warn(dev, "invalid notification: %x\n", data->iin_buffer[0]);
1340 break;
1341 case -EOVERFLOW:
1342 dev_err(dev, "overflow with length %d, actual length is %d\n",
1343 data->iin_wMaxPacketSize, urb->actual_length);
1344 case -ECONNRESET:
1345 case -ENOENT:
1346 case -ESHUTDOWN:
1347 case -EILSEQ:
1348 case -ETIME:
1349 /* urb terminated, clean up */
1350 dev_dbg(dev, "urb terminated, status: %d\n", status);
1351 return;
1352 default:
1353 dev_err(dev, "unknown status received: %d\n", status);
1354 }
1355exit:
1356 rv = usb_submit_urb(urb, GFP_ATOMIC);
1357 if (rv)
1358 dev_err(dev, "usb_submit_urb failed: %d\n", rv);
1359}
1360
1361static void usbtmc_free_int(struct usbtmc_device_data *data)
1362{
1363 if (!data->iin_ep_present || !data->iin_urb)
1364 return;
1365 usb_kill_urb(data->iin_urb);
1366 kfree(data->iin_buffer);
1367 usb_free_urb(data->iin_urb);
1368 kref_put(&data->kref, usbtmc_delete);
1369}
1370
1371static int usbtmc_probe(struct usb_interface *intf,
1372 const struct usb_device_id *id)
1373{
1374 struct usbtmc_device_data *data;
1375 struct usb_host_interface *iface_desc;
1376 struct usb_endpoint_descriptor *endpoint;
1377 int n;
1378 int retcode;
1379
1380 dev_dbg(&intf->dev, "%s called\n", __func__);
1381
1382 data = devm_kzalloc(&intf->dev, sizeof(*data), GFP_KERNEL);
1383 if (!data)
1384 return -ENOMEM;
1385
1386 data->intf = intf;
1387 data->id = id;
1388 data->usb_dev = usb_get_dev(interface_to_usbdev(intf));
1389 usb_set_intfdata(intf, data);
1390 kref_init(&data->kref);
1391 mutex_init(&data->io_mutex);
1392 init_waitqueue_head(&data->waitq);
1393 atomic_set(&data->iin_data_valid, 0);
1394 atomic_set(&data->srq_asserted, 0);
1395 data->zombie = 0;
1396
1397 /* Determine if it is a Rigol or not */
1398 data->rigol_quirk = 0;
1399 dev_dbg(&intf->dev, "Trying to find if device Vendor 0x%04X Product 0x%04X has the RIGOL quirk\n",
1400 le16_to_cpu(data->usb_dev->descriptor.idVendor),
1401 le16_to_cpu(data->usb_dev->descriptor.idProduct));
1402 for(n = 0; usbtmc_id_quirk[n].idVendor > 0; n++) {
1403 if ((usbtmc_id_quirk[n].idVendor == le16_to_cpu(data->usb_dev->descriptor.idVendor)) &&
1404 (usbtmc_id_quirk[n].idProduct == le16_to_cpu(data->usb_dev->descriptor.idProduct))) {
1405 dev_dbg(&intf->dev, "Setting this device as having the RIGOL quirk\n");
1406 data->rigol_quirk = 1;
1407 break;
1408 }
1409 }
1410
1411 /* Initialize USBTMC bTag and other fields */
1412 data->bTag = 1;
1413 data->TermCharEnabled = 0;
1414 data->TermChar = '\n';
1415 /* 2 <= bTag <= 127 USBTMC-USB488 subclass specification 4.3.1 */
1416 data->iin_bTag = 2;
1417
1418 /* USBTMC devices have only one setting, so use that */
1419 iface_desc = data->intf->cur_altsetting;
1420 data->ifnum = iface_desc->desc.bInterfaceNumber;
1421
1422 /* Find bulk in endpoint */
1423 for (n = 0; n < iface_desc->desc.bNumEndpoints; n++) {
1424 endpoint = &iface_desc->endpoint[n].desc;
1425
1426 if (usb_endpoint_is_bulk_in(endpoint)) {
1427 data->bulk_in = endpoint->bEndpointAddress;
1428 dev_dbg(&intf->dev, "Found bulk in endpoint at %u\n",
1429 data->bulk_in);
1430 break;
1431 }
1432 }
1433
1434 /* Find bulk out endpoint */
1435 for (n = 0; n < iface_desc->desc.bNumEndpoints; n++) {
1436 endpoint = &iface_desc->endpoint[n].desc;
1437
1438 if (usb_endpoint_is_bulk_out(endpoint)) {
1439 data->bulk_out = endpoint->bEndpointAddress;
1440 dev_dbg(&intf->dev, "Found Bulk out endpoint at %u\n",
1441 data->bulk_out);
1442 break;
1443 }
1444 }
1445 /* Find int endpoint */
1446 for (n = 0; n < iface_desc->desc.bNumEndpoints; n++) {
1447 endpoint = &iface_desc->endpoint[n].desc;
1448
1449 if (usb_endpoint_is_int_in(endpoint)) {
1450 data->iin_ep_present = 1;
1451 data->iin_ep = endpoint->bEndpointAddress;
1452 data->iin_wMaxPacketSize = usb_endpoint_maxp(endpoint);
1453 data->iin_interval = endpoint->bInterval;
1454 dev_dbg(&intf->dev, "Found Int in endpoint at %u\n",
1455 data->iin_ep);
1456 break;
1457 }
1458 }
1459
1460 retcode = get_capabilities(data);
1461 if (retcode)
1462 dev_err(&intf->dev, "can't read capabilities\n");
1463 else
1464 retcode = sysfs_create_group(&intf->dev.kobj,
1465 &capability_attr_grp);
1466
1467 if (data->iin_ep_present) {
1468 /* allocate int urb */
1469 data->iin_urb = usb_alloc_urb(0, GFP_KERNEL);
1470 if (!data->iin_urb) {
1471 dev_err(&intf->dev, "Failed to allocate int urb\n");
1472 goto error_register;
1473 }
1474
1475 /* will reference data in int urb */
1476 kref_get(&data->kref);
1477
1478 /* allocate buffer for interrupt in */
1479 data->iin_buffer = kmalloc(data->iin_wMaxPacketSize,
1480 GFP_KERNEL);
1481 if (!data->iin_buffer) {
1482 dev_err(&intf->dev, "Failed to allocate int buf\n");
1483 goto error_register;
1484 }
1485
1486 /* fill interrupt urb */
1487 usb_fill_int_urb(data->iin_urb, data->usb_dev,
1488 usb_rcvintpipe(data->usb_dev, data->iin_ep),
1489 data->iin_buffer, data->iin_wMaxPacketSize,
1490 usbtmc_interrupt,
1491 data, data->iin_interval);
1492
1493 retcode = usb_submit_urb(data->iin_urb, GFP_KERNEL);
1494 if (retcode) {
1495 dev_err(&intf->dev, "Failed to submit iin_urb\n");
1496 goto error_register;
1497 }
1498 }
1499
1500 retcode = sysfs_create_group(&intf->dev.kobj, &data_attr_grp);
1501
1502 retcode = usb_register_dev(intf, &usbtmc_class);
1503 if (retcode) {
1504 dev_err(&intf->dev, "Not able to get a minor"
1505 " (base %u, slice default): %d\n", USBTMC_MINOR_BASE,
1506 retcode);
1507 goto error_register;
1508 }
1509 dev_dbg(&intf->dev, "Using minor number %d\n", intf->minor);
1510
1511 return 0;
1512
1513error_register:
1514 sysfs_remove_group(&intf->dev.kobj, &capability_attr_grp);
1515 sysfs_remove_group(&intf->dev.kobj, &data_attr_grp);
1516 usbtmc_free_int(data);
1517 kref_put(&data->kref, usbtmc_delete);
1518 return retcode;
1519}
1520
1521static void usbtmc_disconnect(struct usb_interface *intf)
1522{
1523 struct usbtmc_device_data *data;
1524
1525 dev_dbg(&intf->dev, "usbtmc_disconnect called\n");
1526
1527 data = usb_get_intfdata(intf);
1528 usb_deregister_dev(intf, &usbtmc_class);
1529 sysfs_remove_group(&intf->dev.kobj, &capability_attr_grp);
1530 sysfs_remove_group(&intf->dev.kobj, &data_attr_grp);
1531 mutex_lock(&data->io_mutex);
1532 data->zombie = 1;
1533 wake_up_all(&data->waitq);
1534 mutex_unlock(&data->io_mutex);
1535 usbtmc_free_int(data);
1536 kref_put(&data->kref, usbtmc_delete);
1537}
1538
1539static int usbtmc_suspend(struct usb_interface *intf, pm_message_t message)
1540{
1541 /* this driver does not have pending URBs */
1542 return 0;
1543}
1544
1545static int usbtmc_resume(struct usb_interface *intf)
1546{
1547 return 0;
1548}
1549
1550static struct usb_driver usbtmc_driver = {
1551 .name = "usbtmc",
1552 .id_table = usbtmc_devices,
1553 .probe = usbtmc_probe,
1554 .disconnect = usbtmc_disconnect,
1555 .suspend = usbtmc_suspend,
1556 .resume = usbtmc_resume,
1557};
1558
1559module_usb_driver(usbtmc_driver);
1560
1561MODULE_LICENSE("GPL");