WebSVN - shark - Blame - Rev 846 - /shark/trunk/drivers/usb/core/unused/devio.c

Rev	Author	Line No.	Line
846	giacomo	1	/*****************************************************************************/
		2
		3	/*
		4	* devio.c -- User space communication with USB devices.
		5	*
		6	* Copyright (C) 1999-2000 Thomas Sailer (sailer@ife.ee.ethz.ch)
		7	*
		8	* This program is free software; you can redistribute it and/or modify
		9	* it under the terms of the GNU General Public License as published by
		10	* the Free Software Foundation; either version 2 of the License, or
		11	* (at your option) any later version.
		12	*
		13	* This program is distributed in the hope that it will be useful,
		14	* but WITHOUT ANY WARRANTY; without even the implied warranty of
		15	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
		16	* GNU General Public License for more details.
		17	*
		18	* You should have received a copy of the GNU General Public License
		19	* along with this program; if not, write to the Free Software
		20	* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
		21	*
		22	* $Id: devio.c,v 1.1 2004-09-13 15:04:47 giacomo Exp $
		23	*
		24	* This file implements the usbdevfs/x/y files, where
		25	* x is the bus number and y the device number.
		26	*
		27	* It allows user space programs/"drivers" to communicate directly
		28	* with USB devices without intervening kernel driver.
		29	*
		30	* Revision history
		31	* 22.12.1999 0.1 Initial release (split from proc_usb.c)
		32	* 04.01.2000 0.2 Turned into its own filesystem
		33	*/
		34
		35	/*****************************************************************************/
		36
		37	#include <linux/fs.h>
		38	#include <linux/mm.h>
		39	#include <linux/slab.h>
		40	#include <linux/smp_lock.h>
		41	#include <linux/signal.h>
		42	#include <linux/poll.h>
		43	#include <linux/module.h>
		44	#include <linux/usb.h>
		45	#include <linux/usbdevice_fs.h>
		46	#include <asm/uaccess.h>
		47	#include <asm/byteorder.h>
		48
		49	#include "hcd.h" /* for usbcore internals */
		50	#include "usb.h"
		51
		52	struct async {
		53	struct list_head asynclist;
		54	struct dev_state *ps;
		55	struct task_struct *task;
		56	unsigned int signr;
		57	unsigned int intf;
		58	void __user *userbuffer;
		59	void __user *userurb;
		60	struct urb *urb;
		61	};
		62
		63	static loff_t usbdev_lseek(struct file *file, loff_t offset, int orig)
		64	{
		65	loff_t ret;
		66
		67	lock_kernel();
		68
		69	switch (orig) {
		70	case 0:
		71	file->f_pos = offset;
		72	ret = file->f_pos;
		73	break;
		74	case 1:
		75	file->f_pos += offset;
		76	ret = file->f_pos;
		77	break;
		78	case 2:
		79	default:
		80	ret = -EINVAL;
		81	}
		82
		83	unlock_kernel();
		84	return ret;
		85	}
		86
		87	static ssize_t usbdev_read(struct file file, char __user buf, size_t nbytes, loff_t *ppos)
		88	{
		89	struct dev_state ps = (struct dev_state )file->private_data;
		90	ssize_t ret = 0;
		91	unsigned len;
		92	loff_t pos;
		93	int i;
		94
		95	pos = *ppos;
		96	down_read(&ps->devsem);
		97	if (!ps->dev) {
		98	ret = -ENODEV;
		99	goto err;
		100	} else if (pos < 0) {
		101	ret = -EINVAL;
		102	goto err;
		103	}
		104
		105	if (pos < sizeof(struct usb_device_descriptor)) {
		106	len = sizeof(struct usb_device_descriptor) - pos;
		107	if (len > nbytes)
		108	len = nbytes;
		109	if (copy_to_user(buf, ((char *)&ps->dev->descriptor) + pos, len)) {
		110	ret = -EFAULT;
		111	goto err;
		112	}
		113
		114	*ppos += len;
		115	buf += len;
		116	nbytes -= len;
		117	ret += len;
		118	}
		119
		120	pos = sizeof(struct usb_device_descriptor);
		121	for (i = 0; nbytes && i < ps->dev->descriptor.bNumConfigurations; i++) {
		122	struct usb_config_descriptor *config =
		123	(struct usb_config_descriptor *)ps->dev->rawdescriptors[i];
		124	unsigned int length = le16_to_cpu(config->wTotalLength);
		125
		126	if (*ppos < pos + length) {
		127	len = length - (*ppos - pos);
		128	if (len > nbytes)
		129	len = nbytes;
		130
		131	if (copy_to_user(buf,
		132	ps->dev->rawdescriptors[i] + (*ppos - pos), len)) {
		133	ret = -EFAULT;
		134	goto err;
		135	}
		136
		137	*ppos += len;
		138	buf += len;
		139	nbytes -= len;
		140	ret += len;
		141	}
		142
		143	pos += length;
		144	}
		145
		146	err:
		147	up_read(&ps->devsem);
		148	return ret;
		149	}
		150
		151	extern inline unsigned int ld2(unsigned int x)
		152	{
		153	unsigned int r = 0;
		154
		155	if (x >= 0x10000) {
		156	x >>= 16;
		157	r += 16;
		158	}
		159	if (x >= 0x100) {
		160	x >>= 8;
		161	r += 8;
		162	}
		163	if (x >= 0x10) {
		164	x >>= 4;
		165	r += 4;
		166	}
		167	if (x >= 4) {
		168	x >>= 2;
		169	r += 2;
		170	}
		171	if (x >= 2)
		172	r++;
		173	return r;
		174	}
		175
		176	/*
		177	* async list handling
		178	*/
		179
		180	static struct async *alloc_async(unsigned int numisoframes)
		181	{
		182	unsigned int assize = sizeof(struct async) + numisoframes * sizeof(struct usb_iso_packet_descriptor);
		183	struct async *as = kmalloc(assize, GFP_KERNEL);
		184	if (!as)
		185	return NULL;
		186	memset(as, 0, assize);
		187	as->urb = usb_alloc_urb(numisoframes, GFP_KERNEL);
		188	if (!as->urb) {
		189	kfree(as);
		190	return NULL;
		191	}
		192	return as;
		193	}
		194
		195	static void free_async(struct async *as)
		196	{
		197	if (as->urb->transfer_buffer)
		198	kfree(as->urb->transfer_buffer);
		199	if (as->urb->setup_packet)
		200	kfree(as->urb->setup_packet);
		201	usb_free_urb(as->urb);
		202	kfree(as);
		203	}
		204
		205	extern __inline__ void async_newpending(struct async *as)
		206	{
		207	struct dev_state *ps = as->ps;
		208	unsigned long flags;
		209
		210	spin_lock_irqsave(&ps->lock, flags);
		211	list_add_tail(&as->asynclist, &ps->async_pending);
		212	spin_unlock_irqrestore(&ps->lock, flags);
		213	}
		214
		215	extern __inline__ void async_removepending(struct async *as)
		216	{
		217	struct dev_state *ps = as->ps;
		218	unsigned long flags;
		219
		220	spin_lock_irqsave(&ps->lock, flags);
		221	list_del_init(&as->asynclist);
		222	spin_unlock_irqrestore(&ps->lock, flags);
		223	}
		224
		225	extern __inline__ struct async async_getcompleted(struct dev_state ps)
		226	{
		227	unsigned long flags;
		228	struct async *as = NULL;
		229
		230	spin_lock_irqsave(&ps->lock, flags);
		231	if (!list_empty(&ps->async_completed)) {
		232	as = list_entry(ps->async_completed.next, struct async, asynclist);
		233	list_del_init(&as->asynclist);
		234	}
		235	spin_unlock_irqrestore(&ps->lock, flags);
		236	return as;
		237	}
		238
		239	extern __inline__ struct async async_getpending(struct dev_state ps, void __user *userurb)
		240	{
		241	unsigned long flags;
		242	struct async *as;
		243
		244	spin_lock_irqsave(&ps->lock, flags);
		245	list_for_each_entry(as, &ps->async_pending, asynclist)
		246	if (as->userurb == userurb) {
		247	list_del_init(&as->asynclist);
		248	spin_unlock_irqrestore(&ps->lock, flags);
		249	return as;
		250	}
		251	spin_unlock_irqrestore(&ps->lock, flags);
		252	return NULL;
		253	}
		254
		255	static void async_completed(struct urb urb, struct pt_regs regs)
		256	{
		257	struct async as = (struct async )urb->context;
		258	struct dev_state *ps = as->ps;
		259	struct siginfo sinfo;
		260
		261	spin_lock(&ps->lock);
		262	list_move_tail(&as->asynclist, &ps->async_completed);
		263	spin_unlock(&ps->lock);
		264	if (as->signr) {
		265	sinfo.si_signo = as->signr;
		266	sinfo.si_errno = as->urb->status;
		267	sinfo.si_code = SI_ASYNCIO;
		268	sinfo.si_addr = (void *)as->userurb;
		269	send_sig_info(as->signr, &sinfo, as->task);
		270	}
		271	wake_up(&ps->wait);
		272	}
		273
		274	static void destroy_async (struct dev_state ps, struct list_head list)
		275	{
		276	struct async *as;
		277	unsigned long flags;
		278
		279	spin_lock_irqsave(&ps->lock, flags);
		280	while (!list_empty(list)) {
		281	as = list_entry(list->next, struct async, asynclist);
		282	list_del_init(&as->asynclist);
		283	spin_unlock_irqrestore(&ps->lock, flags);
		284	/* usb_unlink_urb calls the completion handler with status == -ENOENT */
		285	usb_unlink_urb(as->urb);
		286	spin_lock_irqsave(&ps->lock, flags);
		287	}
		288	spin_unlock_irqrestore(&ps->lock, flags);
		289	while ((as = async_getcompleted(ps)))
		290	free_async(as);
		291	}
		292
		293	static void destroy_async_on_interface (struct dev_state *ps, unsigned int intf)
		294	{
		295	struct list_head p, q, hitlist;
		296	unsigned long flags;
		297
		298	INIT_LIST_HEAD(&hitlist);
		299	spin_lock_irqsave(&ps->lock, flags);
		300	list_for_each_safe(p, q, &ps->async_pending)
		301	if (intf == list_entry(p, struct async, asynclist)->intf)
		302	list_move_tail(p, &hitlist);
		303	spin_unlock_irqrestore(&ps->lock, flags);
		304	destroy_async(ps, &hitlist);
		305	}
		306
		307	extern __inline__ void destroy_all_async(struct dev_state *ps)
		308	{
		309	destroy_async(ps, &ps->async_pending);
		310	}
		311
		312	/*
		313	* interface claims are made only at the request of user level code,
		314	* which can also release them (explicitly or by closing files).
		315	* they're also undone when devices disconnect.
		316	*/
		317
		318	static int driver_probe (struct usb_interface *intf,
		319	const struct usb_device_id *id)
		320	{
		321	return -ENODEV;
		322	}
		323
		324	static void driver_disconnect(struct usb_interface *intf)
		325	{
		326	struct dev_state *ps = usb_get_intfdata (intf);
		327
		328	if (!ps)
		329	return;
		330
		331	/* this waits till synchronous requests complete */
		332	down_write (&ps->devsem);
		333
		334	/* prevent new I/O requests */
		335	ps->dev = 0;
		336	ps->ifclaimed = 0;
		337	usb_set_intfdata (intf, NULL);
		338
		339	/* force async requests to complete */
		340	destroy_all_async (ps);
		341
		342	up_write (&ps->devsem);
		343	}
		344
		345	struct usb_driver usbdevfs_driver = {
		346	.owner = THIS_MODULE,
		347	.name = "usbfs",
		348	.probe = driver_probe,
		349	.disconnect = driver_disconnect,
		350	};
		351
		352	static int claimintf(struct dev_state *ps, unsigned int intf)
		353	{
		354	struct usb_device *dev = ps->dev;
		355	struct usb_interface *iface;
		356	int err;
		357
		358	if (intf >= 8*sizeof(ps->ifclaimed) \|\| !dev
		359	\|\| intf >= dev->actconfig->desc.bNumInterfaces)
		360	return -EINVAL;
		361	/* already claimed */
		362	if (test_bit(intf, &ps->ifclaimed))
		363	return 0;
		364	iface = dev->actconfig->interface[intf];
		365	err = -EBUSY;
		366	lock_kernel();
		367	if (!usb_interface_claimed(iface)) {
		368	usb_driver_claim_interface(&usbdevfs_driver, iface, ps);
		369	set_bit(intf, &ps->ifclaimed);
		370	err = 0;
		371	}
		372	unlock_kernel();
		373	return err;
		374	}
		375
		376	static int releaseintf(struct dev_state *ps, unsigned int intf)
		377	{
		378	struct usb_device *dev;
		379	struct usb_interface *iface;
		380	int err;
		381
		382	if (intf >= 8*sizeof(ps->ifclaimed))
		383	return -EINVAL;
		384	err = -EINVAL;
		385	dev = ps->dev;
		386	down(&dev->serialize);
		387	if (test_and_clear_bit(intf, &ps->ifclaimed)) {
		388	iface = dev->actconfig->interface[intf];
		389	usb_driver_release_interface(&usbdevfs_driver, iface);
		390	err = 0;
		391	}
		392	up(&dev->serialize);
		393	return err;
		394	}
		395
		396	static int checkintf(struct dev_state *ps, unsigned int intf)
		397	{
		398	if (intf >= 8*sizeof(ps->ifclaimed))
		399	return -EINVAL;
		400	if (test_bit(intf, &ps->ifclaimed))
		401	return 0;
		402	/* if not yet claimed, claim it for the driver */
		403	printk(KERN_WARNING "usbfs: process %d (%s) did not claim interface %u before use\n",
		404	current->pid, current->comm, intf);
		405	return claimintf(ps, intf);
		406	}
		407
		408	static int findintfep(struct usb_device *dev, unsigned int ep)
		409	{
		410	unsigned int i, j, e;
		411	struct usb_interface *iface;
		412	struct usb_host_interface *alts;
		413	struct usb_endpoint_descriptor *endpt;
		414
		415	if (ep & ~(USB_DIR_IN\|0xf))
		416	return -EINVAL;
		417	for (i = 0; i < dev->actconfig->desc.bNumInterfaces; i++) {
		418	iface = dev->actconfig->interface[i];
		419	for (j = 0; j < iface->num_altsetting; j++) {
		420	alts = &iface->altsetting[j];
		421	for (e = 0; e < alts->desc.bNumEndpoints; e++) {
		422	endpt = &alts->endpoint[e].desc;
		423	if (endpt->bEndpointAddress == ep)
		424	return i;
		425	}
		426	}
		427	}
		428	return -ENOENT;
		429	}
		430
		431	static int findintfif(struct usb_device *dev, unsigned int ifn)
		432	{
		433	unsigned int i, j;
		434	struct usb_interface *iface;
		435	struct usb_host_interface *alts;
		436
		437	if (ifn & ~0xff)
		438	return -EINVAL;
		439	for (i = 0; i < dev->actconfig->desc.bNumInterfaces; i++) {
		440	iface = dev->actconfig->interface[i];
		441	for (j = 0; j < iface->num_altsetting; j++) {
		442	alts = &iface->altsetting[j];
		443	if (alts->desc.bInterfaceNumber == ifn)
		444	return i;
		445	}
		446	}
		447	return -ENOENT;
		448	}
		449
		450	static int check_ctrlrecip(struct dev_state *ps, unsigned int requesttype, unsigned int index)
		451	{
		452	int ret;
		453
		454	if (USB_TYPE_VENDOR == (USB_TYPE_MASK & requesttype))
		455	return 0;
		456
		457	switch (requesttype & USB_RECIP_MASK) {
		458	case USB_RECIP_ENDPOINT:
		459	if ((ret = findintfep(ps->dev, index & 0xff)) < 0)
		460	return ret;
		461	if ((ret = checkintf(ps, ret)))
		462	return ret;
		463	break;
		464
		465	case USB_RECIP_INTERFACE:
		466	if ((ret = findintfif(ps->dev, index & 0xff)) < 0)
		467	return ret;
		468	if ((ret = checkintf(ps, ret)))
		469	return ret;
		470	break;
		471	}
		472	return 0;
		473	}
		474
		475	/*
		476	* file operations
		477	*/
		478	static int usbdev_open(struct inode inode, struct file file)
		479	{
		480	struct usb_device *dev;
		481	struct dev_state *ps;
		482	int ret;
		483
		484	/*
		485	* no locking necessary here, as both sys_open (actually filp_open)
		486	* and the hub thread have the kernel lock
		487	* (still acquire the kernel lock for safety)
		488	*/
		489	ret = -ENOMEM;
		490	if (!(ps = kmalloc(sizeof(struct dev_state), GFP_KERNEL)))
		491	goto out_nolock;
		492
		493	lock_kernel();
		494	ret = -ENOENT;
		495	dev = inode->u.generic_ip;
		496	if (!dev) {
		497	kfree(ps);
		498	goto out;
		499	}
		500	ret = 0;
		501	ps->dev = dev;
		502	ps->file = file;
		503	spin_lock_init(&ps->lock);
		504	INIT_LIST_HEAD(&ps->async_pending);
		505	INIT_LIST_HEAD(&ps->async_completed);
		506	init_waitqueue_head(&ps->wait);
		507	init_rwsem(&ps->devsem);
		508	ps->discsignr = 0;
		509	ps->disctask = current;
		510	ps->disccontext = NULL;
		511	ps->ifclaimed = 0;
		512	wmb();
		513	list_add_tail(&ps->list, &dev->filelist);
		514	file->private_data = ps;
		515	out:
		516	unlock_kernel();
		517	out_nolock:
		518	return ret;
		519	}
		520
		521	static int usbdev_release(struct inode inode, struct file file)
		522	{
		523	struct dev_state ps = (struct dev_state )file->private_data;
		524	unsigned int i;
		525
		526	lock_kernel();
		527	list_del_init(&ps->list);
		528
		529	if (ps->dev) {
		530	for (i = 0; ps->ifclaimed && i < 8*sizeof(ps->ifclaimed); i++)
		531	if (test_bit(i, &ps->ifclaimed))
		532	releaseintf(ps, i);
		533	}
		534	unlock_kernel();
		535	destroy_all_async(ps);
		536	kfree(ps);
		537	return 0;
		538	}
		539
		540	static int proc_control(struct dev_state ps, void __user arg)
		541	{
		542	struct usb_device *dev = ps->dev;
		543	struct usbdevfs_ctrltransfer ctrl;
		544	unsigned int tmo;
		545	unsigned char *tbuf;
		546	int i, ret;
		547
		548	if (copy_from_user(&ctrl, arg, sizeof(ctrl)))
		549	return -EFAULT;
		550	if ((ret = check_ctrlrecip(ps, ctrl.bRequestType, ctrl.wIndex)))
		551	return ret;
		552	if (ctrl.wLength > PAGE_SIZE)
		553	return -EINVAL;
		554	if (!(tbuf = (unsigned char *)__get_free_page(GFP_KERNEL)))
		555	return -ENOMEM;
		556	tmo = (ctrl.timeout * HZ + 999) / 1000;
		557	if (ctrl.bRequestType & 0x80) {
		558	if (ctrl.wLength && !access_ok(VERIFY_WRITE, ctrl.data, ctrl.wLength)) {
		559	free_page((unsigned long)tbuf);
		560	return -EINVAL;
		561	}
		562	i = usb_control_msg(dev, usb_rcvctrlpipe(dev, 0), ctrl.bRequest, ctrl.bRequestType,
		563	ctrl.wValue, ctrl.wIndex, tbuf, ctrl.wLength, tmo);
		564	if ((i > 0) && ctrl.wLength) {
		565	if (copy_to_user(ctrl.data, tbuf, ctrl.wLength)) {
		566	free_page((unsigned long)tbuf);
		567	return -EFAULT;
		568	}
		569	}
		570	} else {
		571	if (ctrl.wLength) {
		572	if (copy_from_user(tbuf, ctrl.data, ctrl.wLength)) {
		573	free_page((unsigned long)tbuf);
		574	return -EFAULT;
		575	}
		576	}
		577	i = usb_control_msg(dev, usb_sndctrlpipe(dev, 0), ctrl.bRequest, ctrl.bRequestType,
		578	ctrl.wValue, ctrl.wIndex, tbuf, ctrl.wLength, tmo);
		579	}
		580	free_page((unsigned long)tbuf);
		581	if (i<0) {
		582	printk(KERN_DEBUG "usbfs: USBDEVFS_CONTROL failed "
		583	"cmd %s dev %d rqt %u rq %u len %u ret %d\n",
		584	current->comm,
		585	dev->devnum, ctrl.bRequestType, ctrl.bRequest, ctrl.wLength, i);
		586	}
		587	return i;
		588	}
		589
		590	static int proc_bulk(struct dev_state ps, void __user arg)
		591	{
		592	struct usb_device *dev = ps->dev;
		593	struct usbdevfs_bulktransfer bulk;
		594	unsigned int tmo, len1, pipe;
		595	int len2;
		596	unsigned char *tbuf;
		597	int i, ret;
		598
		599	if (copy_from_user(&bulk, arg, sizeof(bulk)))
		600	return -EFAULT;
		601	if ((ret = findintfep(ps->dev, bulk.ep)) < 0)
		602	return ret;
		603	if ((ret = checkintf(ps, ret)))
		604	return ret;
		605	if (bulk.ep & USB_DIR_IN)
		606	pipe = usb_rcvbulkpipe(dev, bulk.ep & 0x7f);
		607	else
		608	pipe = usb_sndbulkpipe(dev, bulk.ep & 0x7f);
		609	if (!usb_maxpacket(dev, pipe, !(bulk.ep & USB_DIR_IN)))
		610	return -EINVAL;
		611	len1 = bulk.len;
		612	if (!(tbuf = kmalloc(len1, GFP_KERNEL)))
		613	return -ENOMEM;
		614	tmo = (bulk.timeout * HZ + 999) / 1000;
		615	if (bulk.ep & 0x80) {
		616	if (len1 && !access_ok(VERIFY_WRITE, bulk.data, len1)) {
		617	kfree(tbuf);
		618	return -EINVAL;
		619	}
		620	i = usb_bulk_msg(dev, pipe, tbuf, len1, &len2, tmo);
		621	if (!i && len2) {
		622	if (copy_to_user(bulk.data, tbuf, len2)) {
		623	kfree(tbuf);
		624	return -EFAULT;
		625	}
		626	}
		627	} else {
		628	if (len1) {
		629	if (copy_from_user(tbuf, bulk.data, len1)) {
		630	kfree(tbuf);
		631	return -EFAULT;
		632	}
		633	}
		634	i = usb_bulk_msg(dev, pipe, tbuf, len1, &len2, tmo);
		635	}
		636	kfree(tbuf);
		637	if (i < 0) {
		638	printk(KERN_WARNING "usbfs: USBDEVFS_BULK failed dev %d ep 0x%x len %u ret %d\n",
		639	dev->devnum, bulk.ep, bulk.len, i);
		640	return i;
		641	}
		642	return len2;
		643	}
		644
		645	static int proc_resetep(struct dev_state ps, void __user arg)
		646	{
		647	unsigned int ep;
		648	int ret;
		649
		650	if (get_user(ep, (unsigned int __user *)arg))
		651	return -EFAULT;
		652	if ((ret = findintfep(ps->dev, ep)) < 0)
		653	return ret;
		654	if ((ret = checkintf(ps, ret)))
		655	return ret;
		656	usb_settoggle(ps->dev, ep & 0xf, !(ep & USB_DIR_IN), 0);
		657	return 0;
		658	}
		659
		660	static int proc_clearhalt(struct dev_state ps, void __user arg)
		661	{
		662	unsigned int ep;
		663	int pipe;
		664	int ret;
		665
		666	if (get_user(ep, (unsigned int __user *)arg))
		667	return -EFAULT;
		668	if ((ret = findintfep(ps->dev, ep)) < 0)
		669	return ret;
		670	if ((ret = checkintf(ps, ret)))
		671	return ret;
		672	if (ep & USB_DIR_IN)
		673	pipe = usb_rcvbulkpipe(ps->dev, ep & 0x7f);
		674	else
		675	pipe = usb_sndbulkpipe(ps->dev, ep & 0x7f);
		676
		677	return usb_clear_halt(ps->dev, pipe);
		678	}
		679
		680
		681	static int proc_getdriver(struct dev_state ps, void __user arg)
		682	{
		683	struct usbdevfs_getdriver gd;
		684	struct usb_interface *interface;
		685	int ret;
		686
		687	if (copy_from_user(&gd, arg, sizeof(gd)))
		688	return -EFAULT;
		689	if ((ret = findintfif(ps->dev, gd.interface)) < 0)
		690	return ret;
		691	interface = usb_ifnum_to_if(ps->dev, gd.interface);
		692	if (!interface)
		693	return -EINVAL;
		694	if (!interface->driver)
		695	return -ENODATA;
		696	strcpy(gd.driver, interface->driver->name);
		697	if (copy_to_user(arg, &gd, sizeof(gd)))
		698	return -EFAULT;
		699	return 0;
		700	}
		701
		702	static int proc_connectinfo(struct dev_state ps, void __user arg)
		703	{
		704	struct usbdevfs_connectinfo ci;
		705
		706	ci.devnum = ps->dev->devnum;
		707	ci.slow = ps->dev->speed == USB_SPEED_LOW;
		708	if (copy_to_user(arg, &ci, sizeof(ci)))
		709	return -EFAULT;
		710	return 0;
		711	}
		712
		713	static int proc_resetdevice(struct dev_state *ps)
		714	{
		715	int i, ret;
		716
		717	ret = usb_reset_device(ps->dev);
		718	if (ret < 0)
		719	return ret;
		720
		721	for (i = 0; i < ps->dev->actconfig->desc.bNumInterfaces; i++) {
		722	struct usb_interface *intf = ps->dev->actconfig->interface[i];
		723
		724	/* Don't simulate interfaces we've claimed */
		725	if (test_bit(i, &ps->ifclaimed))
		726	continue;
		727
		728	err ("%s - this function is broken", __FUNCTION__);
		729	if (intf->driver && ps->dev) {
		730	usb_probe_interface (&intf->dev);
		731	}
		732	}
		733
		734	return 0;
		735	}
		736
		737	static int proc_setintf(struct dev_state ps, void __user arg)
		738	{
		739	struct usbdevfs_setinterface setintf;
		740	struct usb_interface *interface;
		741	int ret;
		742
		743	if (copy_from_user(&setintf, arg, sizeof(setintf)))
		744	return -EFAULT;
		745	if ((ret = findintfif(ps->dev, setintf.interface)) < 0)
		746	return ret;
		747	interface = usb_ifnum_to_if(ps->dev, setintf.interface);
		748	if (!interface)
		749	return -EINVAL;
		750	if (interface->driver) {
		751	if ((ret = checkintf(ps, ret)))
		752	return ret;
		753	}
		754	if (usb_set_interface(ps->dev, setintf.interface, setintf.altsetting))
		755	return -EINVAL;
		756	return 0;
		757	}
		758
		759	static int proc_setconfig(struct dev_state ps, void __user arg)
		760	{
		761	unsigned int u;
		762
		763	if (get_user(u, (unsigned int __user *)arg))
		764	return -EFAULT;
		765	return usb_set_configuration(ps->dev, u);
		766	}
		767
		768	static int proc_submiturb(struct dev_state ps, void __user arg)
		769	{
		770	struct usbdevfs_urb uurb;
		771	struct usbdevfs_iso_packet_desc *isopkt = NULL;
		772	struct usb_endpoint_descriptor *ep_desc;
		773	struct async *as;
		774	struct usb_ctrlrequest *dr = NULL;
		775	unsigned int u, totlen, isofrmlen;
		776	int ret, interval = 0, intf = -1;
		777
		778	if (copy_from_user(&uurb, arg, sizeof(uurb)))
		779	return -EFAULT;
		780	if (uurb.flags & ~(USBDEVFS_URB_ISO_ASAP\|USBDEVFS_URB_SHORT_NOT_OK\|
		781	URB_NO_FSBR\|URB_ZERO_PACKET))
		782	return -EINVAL;
		783	if (!uurb.buffer)
		784	return -EINVAL;
		785	if (uurb.signr != 0 && (uurb.signr < SIGRTMIN \|\| uurb.signr > SIGRTMAX))
		786	return -EINVAL;
		787	if (!(uurb.type == USBDEVFS_URB_TYPE_CONTROL && (uurb.endpoint & ~USB_ENDPOINT_DIR_MASK) == 0)) {
		788	if ((intf = findintfep(ps->dev, uurb.endpoint)) < 0)
		789	return intf;
		790	if ((ret = checkintf(ps, intf)))
		791	return ret;
		792	}
		793	switch(uurb.type) {
		794	case USBDEVFS_URB_TYPE_CONTROL:
		795	if ((uurb.endpoint & ~USB_ENDPOINT_DIR_MASK) != 0) {
		796	if (!(ep_desc = usb_epnum_to_ep_desc(ps->dev, uurb.endpoint)))
		797	return -ENOENT;
		798	if ((ep_desc->bmAttributes & USB_ENDPOINT_XFERTYPE_MASK) != USB_ENDPOINT_XFER_CONTROL)
		799	return -EINVAL;
		800	}
		801	/* min 8 byte setup packet, max arbitrary */
		802	if (uurb.buffer_length < 8 \|\| uurb.buffer_length > PAGE_SIZE)
		803	return -EINVAL;
		804	if (!(dr = kmalloc(sizeof(struct usb_ctrlrequest), GFP_KERNEL)))
		805	return -ENOMEM;
		806	if (copy_from_user(dr, uurb.buffer, 8)) {
		807	kfree(dr);
		808	return -EFAULT;
		809	}
		810	if (uurb.buffer_length < (le16_to_cpup(&dr->wLength) + 8)) {
		811	kfree(dr);
		812	return -EINVAL;
		813	}
		814	if ((ret = check_ctrlrecip(ps, dr->bRequestType, le16_to_cpup(&dr->wIndex)))) {
		815	kfree(dr);
		816	return ret;
		817	}
		818	uurb.endpoint = (uurb.endpoint & ~USB_ENDPOINT_DIR_MASK) \| (dr->bRequestType & USB_ENDPOINT_DIR_MASK);
		819	uurb.number_of_packets = 0;
		820	uurb.buffer_length = le16_to_cpup(&dr->wLength);
		821	uurb.buffer += 8;
		822	if (!access_ok((uurb.endpoint & USB_DIR_IN) ? VERIFY_WRITE : VERIFY_READ, uurb.buffer, uurb.buffer_length)) {
		823	kfree(dr);
		824	return -EFAULT;
		825	}
		826	break;
		827
		828	case USBDEVFS_URB_TYPE_BULK:
		829	uurb.number_of_packets = 0;
		830	if (uurb.buffer_length > 16384)
		831	return -EINVAL;
		832	if (!access_ok((uurb.endpoint & USB_DIR_IN) ? VERIFY_WRITE : VERIFY_READ, uurb.buffer, uurb.buffer_length))
		833	return -EFAULT;
		834	break;
		835
		836	case USBDEVFS_URB_TYPE_ISO:
		837	/* arbitrary limit */
		838	if (uurb.number_of_packets < 1 \|\| uurb.number_of_packets > 128)
		839	return -EINVAL;
		840	isofrmlen = sizeof(struct usbdevfs_iso_packet_desc) * uurb.number_of_packets;
		841	if (!(isopkt = kmalloc(isofrmlen, GFP_KERNEL)))
		842	return -ENOMEM;
		843	if (copy_from_user(isopkt, &((struct usbdevfs_urb *)arg)->iso_frame_desc, isofrmlen)) {
		844	kfree(isopkt);
		845	return -EFAULT;
		846	}
		847	for (totlen = u = 0; u < uurb.number_of_packets; u++) {
		848	if (isopkt[u].length > 1023) {
		849	kfree(isopkt);
		850	return -EINVAL;
		851	}
		852	totlen += isopkt[u].length;
		853	}
		854	if (totlen > 32768) {
		855	kfree(isopkt);
		856	return -EINVAL;
		857	}
		858	uurb.buffer_length = totlen;
		859	break;
		860
		861	case USBDEVFS_URB_TYPE_INTERRUPT:
		862	uurb.number_of_packets = 0;
		863	if (!(ep_desc = usb_epnum_to_ep_desc(ps->dev, uurb.endpoint)))
		864	return -ENOENT;
		865	interval = ep_desc->bInterval;
		866	if (uurb.buffer_length > 16384)
		867	return -EINVAL;
		868	if (!access_ok((uurb.endpoint & USB_DIR_IN) ? VERIFY_WRITE : VERIFY_READ, uurb.buffer, uurb.buffer_length))
		869	return -EFAULT;
		870	break;
		871
		872	default:
		873	return -EINVAL;
		874	}
		875	if (!(as = alloc_async(uurb.number_of_packets))) {
		876	if (isopkt)
		877	kfree(isopkt);
		878	if (dr)
		879	kfree(dr);
		880	return -ENOMEM;
		881	}
		882	if (!(as->urb->transfer_buffer = kmalloc(uurb.buffer_length, GFP_KERNEL))) {
		883	if (isopkt)
		884	kfree(isopkt);
		885	if (dr)
		886	kfree(dr);
		887	free_async(as);
		888	return -ENOMEM;
		889	}
		890	as->urb->dev = ps->dev;
		891	as->urb->pipe = (uurb.type << 30) \| __create_pipe(ps->dev, uurb.endpoint & 0xf) \| (uurb.endpoint & USB_DIR_IN);
		892	as->urb->transfer_flags = uurb.flags;
		893	as->urb->transfer_buffer_length = uurb.buffer_length;
		894	as->urb->setup_packet = (unsigned char*)dr;
		895	as->urb->start_frame = uurb.start_frame;
		896	as->urb->number_of_packets = uurb.number_of_packets;
		897	as->urb->interval = interval;
		898	as->urb->context = as;
		899	as->urb->complete = async_completed;
		900	for (totlen = u = 0; u < uurb.number_of_packets; u++) {
		901	as->urb->iso_frame_desc[u].offset = totlen;
		902	as->urb->iso_frame_desc[u].length = isopkt[u].length;
		903	totlen += isopkt[u].length;
		904	}
		905	if (isopkt)
		906	kfree(isopkt);
		907	as->ps = ps;
		908	as->userurb = arg;
		909	if (uurb.endpoint & USB_DIR_IN)
		910	as->userbuffer = uurb.buffer;
		911	else
		912	as->userbuffer = NULL;
		913	as->signr = uurb.signr;
		914	as->intf = intf;
		915	as->task = current;
		916	if (!(uurb.endpoint & USB_DIR_IN)) {
		917	if (copy_from_user(as->urb->transfer_buffer, uurb.buffer, as->urb->transfer_buffer_length)) {
		918	free_async(as);
		919	return -EFAULT;
		920	}
		921	}
		922	async_newpending(as);
		923	if ((ret = usb_submit_urb(as->urb, GFP_KERNEL))) {
		924	printk(KERN_DEBUG "usbfs: usb_submit_urb returned %d\n", ret);
		925	async_removepending(as);
		926	free_async(as);
		927	return ret;
		928	}
		929	return 0;
		930	}
		931
		932	static int proc_unlinkurb(struct dev_state ps, void __user arg)
		933	{
		934	struct async *as;
		935
		936	as = async_getpending(ps, arg);
		937	if (!as)
		938	return -EINVAL;
		939	usb_unlink_urb(as->urb);
		940	return 0;
		941	}
		942
		943	static int processcompl(struct async *as)
		944	{
		945	struct urb *urb = as->urb;
		946	unsigned int i;
		947
		948	if (as->userbuffer)
		949	if (copy_to_user(as->userbuffer, urb->transfer_buffer, urb->transfer_buffer_length))
		950	return -EFAULT;
		951	if (put_user(urb->status,
		952	&((struct usbdevfs_urb *)as->userurb)->status))
		953	return -EFAULT;
		954	if (put_user(urb->actual_length,
		955	&((struct usbdevfs_urb *)as->userurb)->actual_length))
		956	return -EFAULT;
		957	if (put_user(urb->error_count,
		958	&((struct usbdevfs_urb *)as->userurb)->error_count))
		959	return -EFAULT;
		960
		961	if (!(usb_pipeisoc(urb->pipe)))
		962	return 0;
		963	for (i = 0; i < urb->number_of_packets; i++) {
		964	if (put_user(urb->iso_frame_desc[i].actual_length,
		965	&((struct usbdevfs_urb *)as->userurb)->iso_frame_desc[i].actual_length))
		966	return -EFAULT;
		967	if (put_user(urb->iso_frame_desc[i].status,
		968	&((struct usbdevfs_urb *)as->userurb)->iso_frame_desc[i].status))
		969	return -EFAULT;
		970	}
		971	return 0;
		972	}
		973
		974	static int proc_reapurb(struct dev_state ps, void __user arg)
		975	{
		976	DECLARE_WAITQUEUE(wait, current);
		977	struct async *as = NULL;
		978	void __user *addr;
		979	int ret;
		980
		981	add_wait_queue(&ps->wait, &wait);
		982	while (ps->dev) {
		983	__set_current_state(TASK_INTERRUPTIBLE);
		984	if ((as = async_getcompleted(ps)))
		985	break;
		986	if (signal_pending(current))
		987	break;
		988	up_read(&ps->devsem);
		989	schedule();
		990	down_read(&ps->devsem);
		991	}
		992	remove_wait_queue(&ps->wait, &wait);
		993	set_current_state(TASK_RUNNING);
		994	if (as) {
		995	ret = processcompl(as);
		996	addr = as->userurb;
		997	free_async(as);
		998	if (ret)
		999	return ret;
		1000	if (put_user(addr, (void **)arg))
		1001	return -EFAULT;
		1002	return 0;
		1003	}
		1004	if (signal_pending(current))
		1005	return -EINTR;
		1006	return -EIO;
		1007	}
		1008
		1009	static int proc_reapurbnonblock(struct dev_state ps, void __user arg)
		1010	{
		1011	struct async *as;
		1012	void __user *addr;
		1013	int ret;
		1014
		1015	if (!(as = async_getcompleted(ps)))
		1016	return -EAGAIN;
		1017	ret = processcompl(as);
		1018	addr = as->userurb;
		1019	free_async(as);
		1020	if (ret)
		1021	return ret;
		1022	if (put_user(addr, (void **)arg))
		1023	return -EFAULT;
		1024	return 0;
		1025	}
		1026
		1027	static int proc_disconnectsignal(struct dev_state ps, void __user arg)
		1028	{
		1029	struct usbdevfs_disconnectsignal ds;
		1030
		1031	if (copy_from_user(&ds, arg, sizeof(ds)))
		1032	return -EFAULT;
		1033	if (ds.signr != 0 && (ds.signr < SIGRTMIN \|\| ds.signr > SIGRTMAX))
		1034	return -EINVAL;
		1035	ps->discsignr = ds.signr;
		1036	ps->disccontext = ds.context;
		1037	return 0;
		1038	}
		1039
		1040	static int proc_claiminterface(struct dev_state ps, void __user arg)
		1041	{
		1042	unsigned int intf;
		1043	int ret;
		1044
		1045	if (get_user(intf, (unsigned int __user *)arg))
		1046	return -EFAULT;
		1047	if ((ret = findintfif(ps->dev, intf)) < 0)
		1048	return ret;
		1049	return claimintf(ps, ret);
		1050	}
		1051
		1052	static int proc_releaseinterface(struct dev_state ps, void __user arg)
		1053	{
		1054	unsigned int intf;
		1055	int ret;
		1056
		1057	if (get_user(intf, (unsigned int __user *)arg))
		1058	return -EFAULT;
		1059	if ((ret = findintfif(ps->dev, intf)) < 0)
		1060	return ret;
		1061	if ((ret = releaseintf(ps, intf)) < 0)
		1062	return ret;
		1063	destroy_async_on_interface (ps, intf);
		1064	return 0;
		1065	}
		1066
		1067	static int proc_ioctl (struct dev_state ps, void __user arg)
		1068	{
		1069	struct usbdevfs_ioctl ctrl;
		1070	int size;
		1071	void *buf = 0;
		1072	int retval = 0;
		1073	struct usb_interface *ifp = 0;
		1074	struct usb_driver *driver = 0;
		1075
		1076	/* get input parameters and alloc buffer */
		1077	if (copy_from_user(&ctrl, arg, sizeof (ctrl)))
		1078	return -EFAULT;
		1079	if ((size = _IOC_SIZE (ctrl.ioctl_code)) > 0) {
		1080	if ((buf = kmalloc (size, GFP_KERNEL)) == 0)
		1081	return -ENOMEM;
		1082	if ((_IOC_DIR(ctrl.ioctl_code) & _IOC_WRITE)) {
		1083	if (copy_from_user (buf, ctrl.data, size)) {
		1084	kfree (buf);
		1085	return -EFAULT;
		1086	}
		1087	} else {
		1088	memset (buf, 0, size);
		1089	}
		1090	}
		1091
		1092	if (!ps->dev)
		1093	retval = -ENODEV;
		1094	else if (!(ifp = usb_ifnum_to_if (ps->dev, ctrl.ifno)))
		1095	retval = -EINVAL;
		1096	else switch (ctrl.ioctl_code) {
		1097
		1098	/* disconnect kernel driver from interface, leaving it unbound. */
		1099	/* maybe unbound - you get no guarantee it stays unbound */
		1100	case USBDEVFS_DISCONNECT:
		1101	/* this function is misdesigned - retained for compatibility */
		1102	lock_kernel();
		1103	driver = ifp->driver;
		1104	if (driver) {
		1105	dbg ("disconnect '%s' from dev %d interface %d",
		1106	driver->name, ps->dev->devnum, ctrl.ifno);
		1107	usb_unbind_interface(&ifp->dev);
		1108	} else
		1109	retval = -ENODATA;
		1110	unlock_kernel();
		1111	break;
		1112
		1113	/* let kernel drivers try to (re)bind to the interface */
		1114	case USBDEVFS_CONNECT:
		1115	lock_kernel();
		1116	retval = usb_probe_interface (&ifp->dev);
		1117	unlock_kernel();
		1118	break;
		1119
		1120	/* talk directly to the interface's driver */
		1121	default:
		1122	/* BKL used here to protect against changing the binding
		1123	* of this driver to this device, as well as unloading its
		1124	* driver module.
		1125	*/
		1126	lock_kernel ();
		1127	driver = ifp->driver;
		1128	if (driver == 0 \|\| driver->ioctl == 0) {
		1129	unlock_kernel();
		1130	retval = -ENOSYS;
		1131	} else {
		1132	if (!try_module_get (driver->owner)) {
		1133	unlock_kernel();
		1134	retval = -ENOSYS;
		1135	break;
		1136	}
		1137	unlock_kernel ();
		1138	retval = driver->ioctl (ifp, ctrl.ioctl_code, buf);
		1139	if (retval == -ENOIOCTLCMD)
		1140	retval = -ENOTTY;
		1141	module_put (driver->owner);
		1142	}
		1143	}
		1144
		1145	/* cleanup and return */
		1146	if (retval >= 0
		1147	&& (_IOC_DIR (ctrl.ioctl_code) & _IOC_READ) != 0
		1148	&& size > 0
		1149	&& copy_to_user (ctrl.data, buf, size) != 0)
		1150	retval = -EFAULT;
		1151	if (buf != 0)
		1152	kfree (buf);
		1153	return retval;
		1154	}
		1155
		1156	/*
		1157	* NOTE: All requests here that have interface numbers as parameters
		1158	* are assuming that somehow the configuration has been prevented from
		1159	* changing. But there's no mechanism to ensure that...
		1160	*/
		1161	static int usbdev_ioctl(struct inode inode, struct file file, unsigned int cmd, unsigned long arg)
		1162	{
		1163	struct dev_state ps = (struct dev_state )file->private_data;
		1164	int ret = -ENOTTY;
		1165
		1166	if (!(file->f_mode & FMODE_WRITE))
		1167	return -EPERM;
		1168	down_read(&ps->devsem);
		1169	if (!ps->dev) {
		1170	up_read(&ps->devsem);
		1171	return -ENODEV;
		1172	}
		1173	switch (cmd) {
		1174	case USBDEVFS_CONTROL:
		1175	ret = proc_control(ps, (void __user *)arg);
		1176	if (ret >= 0)
		1177	inode->i_mtime = CURRENT_TIME;
		1178	break;
		1179
		1180	case USBDEVFS_BULK:
		1181	ret = proc_bulk(ps, (void __user *)arg);
		1182	if (ret >= 0)
		1183	inode->i_mtime = CURRENT_TIME;
		1184	break;
		1185
		1186	case USBDEVFS_RESETEP:
		1187	ret = proc_resetep(ps, (void __user *)arg);
		1188	if (ret >= 0)
		1189	inode->i_mtime = CURRENT_TIME;
		1190	break;
		1191
		1192	case USBDEVFS_RESET:
		1193	ret = proc_resetdevice(ps);
		1194	break;
		1195
		1196	case USBDEVFS_CLEAR_HALT:
		1197	ret = proc_clearhalt(ps, (void __user *)arg);
		1198	if (ret >= 0)
		1199	inode->i_mtime = CURRENT_TIME;
		1200	break;
		1201
		1202	case USBDEVFS_GETDRIVER:
		1203	ret = proc_getdriver(ps, (void __user *)arg);
		1204	break;
		1205
		1206	case USBDEVFS_CONNECTINFO:
		1207	ret = proc_connectinfo(ps, (void __user *)arg);
		1208	break;
		1209
		1210	case USBDEVFS_SETINTERFACE:
		1211	ret = proc_setintf(ps, (void __user *)arg);
		1212	break;
		1213
		1214	case USBDEVFS_SETCONFIGURATION:
		1215	ret = proc_setconfig(ps, (void __user *)arg);
		1216	break;
		1217
		1218	case USBDEVFS_SUBMITURB:
		1219	ret = proc_submiturb(ps, (void __user *)arg);
		1220	if (ret >= 0)
		1221	inode->i_mtime = CURRENT_TIME;
		1222	break;
		1223
		1224	case USBDEVFS_DISCARDURB:
		1225	ret = proc_unlinkurb(ps, (void __user *)arg);
		1226	break;
		1227
		1228	case USBDEVFS_REAPURB:
		1229	ret = proc_reapurb(ps, (void __user *)arg);
		1230	break;
		1231
		1232	case USBDEVFS_REAPURBNDELAY:
		1233	ret = proc_reapurbnonblock(ps, (void __user *)arg);
		1234	break;
		1235
		1236	case USBDEVFS_DISCSIGNAL:
		1237	ret = proc_disconnectsignal(ps, (void __user *)arg);
		1238	break;
		1239
		1240	case USBDEVFS_CLAIMINTERFACE:
		1241	ret = proc_claiminterface(ps, (void __user *)arg);
		1242	break;
		1243
		1244	case USBDEVFS_RELEASEINTERFACE:
		1245	ret = proc_releaseinterface(ps, (void __user *)arg);
		1246	break;
		1247
		1248	case USBDEVFS_IOCTL:
		1249	ret = proc_ioctl(ps, (void __user *) arg);
		1250	break;
		1251	}
		1252	up_read(&ps->devsem);
		1253	if (ret >= 0)
		1254	inode->i_atime = CURRENT_TIME;
		1255	return ret;
		1256	}
		1257
		1258	/* No kernel lock - fine */
		1259	static unsigned int usbdev_poll(struct file file, struct poll_table_struct wait)
		1260	{
		1261	struct dev_state ps = (struct dev_state )file->private_data;
		1262	unsigned int mask = 0;
		1263
		1264	poll_wait(file, &ps->wait, wait);
		1265	if (file->f_mode & FMODE_WRITE && !list_empty(&ps->async_completed))
		1266	mask \|= POLLOUT \| POLLWRNORM;
		1267	if (!ps->dev)
		1268	mask \|= POLLERR \| POLLHUP;
		1269	return mask;
		1270	}
		1271
		1272	struct file_operations usbdevfs_device_file_operations = {
		1273	.llseek = usbdev_lseek,
		1274	.read = usbdev_read,
		1275	.poll = usbdev_poll,
		1276	.ioctl = usbdev_ioctl,
		1277	.open = usbdev_open,
		1278	.release = usbdev_release,
		1279	};

Subversion Repositories shark

(root)/shark/trunk/drivers/usb/core/unused/devio.c - Rev 846