1 /*
2 * HID support for Linux
3 *
4 * Copyright (c) 1999 Andreas Gal
5 * Copyright (c) 2000-2005 Vojtech Pavlik <vojtech@suse.cz>
6 * Copyright (c) 2005 Michael Haboustak <mike-@cinci.rr.com> for Concept2, Inc
7 * Copyright (c) 2006-2012 Jiri Kosina
8 */
9
10 /*
11 * This program is free software; you can redistribute it and/or modify it
12 * under the terms of the GNU General Public License as published by the Free
13 * Software Foundation; either version 2 of the License, or (at your option)
14 * any later version.
15 */
16
17 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
18
19 #include <linux/module.h>
20 #include <linux/slab.h>
21 #include <linux/init.h>
22 #include <linux/kernel.h>
23 #include <linux/list.h>
24 #include <linux/mm.h>
25 #include <linux/spinlock.h>
26 #include <asm/unaligned.h>
27 #include <asm/byteorder.h>
28 #include <linux/input.h>
29 #include <linux/wait.h>
30 #include <linux/vmalloc.h>
31 #include <linux/sched.h>
32 #include <linux/semaphore.h>
33
34 #include <linux/hid.h>
35 #include <linux/hiddev.h>
36 #include <linux/hid-debug.h>
37 #include <linux/hidraw.h>
38
39 #include "hid-ids.h"
40
41 /*
42 * Version Information
43 */
44
45 #define DRIVER_DESC "HID core driver"
46
47 int hid_debug = 0;
48 module_param_named(debug, hid_debug, int, 0600);
49 MODULE_PARM_DESC(debug, "toggle HID debugging messages");
50 EXPORT_SYMBOL_GPL(hid_debug);
51
52 static int hid_ignore_special_drivers = 0;
53 module_param_named(ignore_special_drivers, hid_ignore_special_drivers, int, 0600);
54 MODULE_PARM_DESC(ignore_special_drivers, "Ignore any special drivers and handle all devices by generic driver");
55
56 /*
57 * Register a new report for a device.
58 */
59
hid_register_report(struct hid_device * device,unsigned int type,unsigned int id,unsigned int application)60 struct hid_report *hid_register_report(struct hid_device *device,
61 unsigned int type, unsigned int id,
62 unsigned int application)
63 {
64 struct hid_report_enum *report_enum = device->report_enum + type;
65 struct hid_report *report;
66
67 if (id >= HID_MAX_IDS)
68 return NULL;
69 if (report_enum->report_id_hash[id])
70 return report_enum->report_id_hash[id];
71
72 report = kzalloc(sizeof(struct hid_report), GFP_KERNEL);
73 if (!report)
74 return NULL;
75
76 if (id != 0)
77 report_enum->numbered = 1;
78
79 report->id = id;
80 report->type = type;
81 report->size = 0;
82 report->device = device;
83 report->application = application;
84 report_enum->report_id_hash[id] = report;
85
86 list_add_tail(&report->list, &report_enum->report_list);
87
88 return report;
89 }
90 EXPORT_SYMBOL_GPL(hid_register_report);
91
92 /*
93 * Register a new field for this report.
94 */
95
hid_register_field(struct hid_report * report,unsigned usages,unsigned values)96 static struct hid_field *hid_register_field(struct hid_report *report, unsigned usages, unsigned values)
97 {
98 struct hid_field *field;
99
100 if (report->maxfield == HID_MAX_FIELDS) {
101 hid_err(report->device, "too many fields in report\n");
102 return NULL;
103 }
104
105 field = kzalloc((sizeof(struct hid_field) +
106 usages * sizeof(struct hid_usage) +
107 values * sizeof(unsigned)), GFP_KERNEL);
108 if (!field)
109 return NULL;
110
111 field->index = report->maxfield++;
112 report->field[field->index] = field;
113 field->usage = (struct hid_usage *)(field + 1);
114 field->value = (s32 *)(field->usage + usages);
115 field->report = report;
116
117 return field;
118 }
119
120 /*
121 * Open a collection. The type/usage is pushed on the stack.
122 */
123
open_collection(struct hid_parser * parser,unsigned type)124 static int open_collection(struct hid_parser *parser, unsigned type)
125 {
126 struct hid_collection *collection;
127 unsigned usage;
128
129 usage = parser->local.usage[0];
130
131 if (parser->collection_stack_ptr == parser->collection_stack_size) {
132 unsigned int *collection_stack;
133 unsigned int new_size = parser->collection_stack_size +
134 HID_COLLECTION_STACK_SIZE;
135
136 collection_stack = krealloc(parser->collection_stack,
137 new_size * sizeof(unsigned int),
138 GFP_KERNEL);
139 if (!collection_stack)
140 return -ENOMEM;
141
142 parser->collection_stack = collection_stack;
143 parser->collection_stack_size = new_size;
144 }
145
146 if (parser->device->maxcollection == parser->device->collection_size) {
147 collection = kmalloc(
148 array3_size(sizeof(struct hid_collection),
149 parser->device->collection_size,
150 2),
151 GFP_KERNEL);
152 if (collection == NULL) {
153 hid_err(parser->device, "failed to reallocate collection array\n");
154 return -ENOMEM;
155 }
156 memcpy(collection, parser->device->collection,
157 sizeof(struct hid_collection) *
158 parser->device->collection_size);
159 memset(collection + parser->device->collection_size, 0,
160 sizeof(struct hid_collection) *
161 parser->device->collection_size);
162 kfree(parser->device->collection);
163 parser->device->collection = collection;
164 parser->device->collection_size *= 2;
165 }
166
167 parser->collection_stack[parser->collection_stack_ptr++] =
168 parser->device->maxcollection;
169
170 collection = parser->device->collection +
171 parser->device->maxcollection++;
172 collection->type = type;
173 collection->usage = usage;
174 collection->level = parser->collection_stack_ptr - 1;
175
176 if (type == HID_COLLECTION_APPLICATION)
177 parser->device->maxapplication++;
178
179 return 0;
180 }
181
182 /*
183 * Close a collection.
184 */
185
close_collection(struct hid_parser * parser)186 static int close_collection(struct hid_parser *parser)
187 {
188 if (!parser->collection_stack_ptr) {
189 hid_err(parser->device, "collection stack underflow\n");
190 return -EINVAL;
191 }
192 parser->collection_stack_ptr--;
193 return 0;
194 }
195
196 /*
197 * Climb up the stack, search for the specified collection type
198 * and return the usage.
199 */
200
hid_lookup_collection(struct hid_parser * parser,unsigned type)201 static unsigned hid_lookup_collection(struct hid_parser *parser, unsigned type)
202 {
203 struct hid_collection *collection = parser->device->collection;
204 int n;
205
206 for (n = parser->collection_stack_ptr - 1; n >= 0; n--) {
207 unsigned index = parser->collection_stack[n];
208 if (collection[index].type == type)
209 return collection[index].usage;
210 }
211 return 0; /* we know nothing about this usage type */
212 }
213
214 /*
215 * Add a usage to the temporary parser table.
216 */
217
hid_add_usage(struct hid_parser * parser,unsigned usage)218 static int hid_add_usage(struct hid_parser *parser, unsigned usage)
219 {
220 if (parser->local.usage_index >= HID_MAX_USAGES) {
221 hid_err(parser->device, "usage index exceeded\n");
222 return -1;
223 }
224 parser->local.usage[parser->local.usage_index] = usage;
225 parser->local.collection_index[parser->local.usage_index] =
226 parser->collection_stack_ptr ?
227 parser->collection_stack[parser->collection_stack_ptr - 1] : 0;
228 parser->local.usage_index++;
229 return 0;
230 }
231
232 /*
233 * Register a new field for this report.
234 */
235
hid_add_field(struct hid_parser * parser,unsigned report_type,unsigned flags)236 static int hid_add_field(struct hid_parser *parser, unsigned report_type, unsigned flags)
237 {
238 struct hid_report *report;
239 struct hid_field *field;
240 unsigned int usages;
241 unsigned int offset;
242 unsigned int i;
243 unsigned int application;
244
245 application = hid_lookup_collection(parser, HID_COLLECTION_APPLICATION);
246
247 report = hid_register_report(parser->device, report_type,
248 parser->global.report_id, application);
249 if (!report) {
250 hid_err(parser->device, "hid_register_report failed\n");
251 return -1;
252 }
253
254 /* Handle both signed and unsigned cases properly */
255 if ((parser->global.logical_minimum < 0 &&
256 parser->global.logical_maximum <
257 parser->global.logical_minimum) ||
258 (parser->global.logical_minimum >= 0 &&
259 (__u32)parser->global.logical_maximum <
260 (__u32)parser->global.logical_minimum)) {
261 dbg_hid("logical range invalid 0x%x 0x%x\n",
262 parser->global.logical_minimum,
263 parser->global.logical_maximum);
264 return -1;
265 }
266
267 offset = report->size;
268 report->size += parser->global.report_size * parser->global.report_count;
269
270 if (!parser->local.usage_index) /* Ignore padding fields */
271 return 0;
272
273 usages = max_t(unsigned, parser->local.usage_index,
274 parser->global.report_count);
275
276 field = hid_register_field(report, usages, parser->global.report_count);
277 if (!field)
278 return 0;
279
280 field->physical = hid_lookup_collection(parser, HID_COLLECTION_PHYSICAL);
281 field->logical = hid_lookup_collection(parser, HID_COLLECTION_LOGICAL);
282 field->application = application;
283
284 for (i = 0; i < usages; i++) {
285 unsigned j = i;
286 /* Duplicate the last usage we parsed if we have excess values */
287 if (i >= parser->local.usage_index)
288 j = parser->local.usage_index - 1;
289 field->usage[i].hid = parser->local.usage[j];
290 field->usage[i].collection_index =
291 parser->local.collection_index[j];
292 field->usage[i].usage_index = i;
293 }
294
295 field->maxusage = usages;
296 field->flags = flags;
297 field->report_offset = offset;
298 field->report_type = report_type;
299 field->report_size = parser->global.report_size;
300 field->report_count = parser->global.report_count;
301 field->logical_minimum = parser->global.logical_minimum;
302 field->logical_maximum = parser->global.logical_maximum;
303 field->physical_minimum = parser->global.physical_minimum;
304 field->physical_maximum = parser->global.physical_maximum;
305 field->unit_exponent = parser->global.unit_exponent;
306 field->unit = parser->global.unit;
307
308 return 0;
309 }
310
311 /*
312 * Read data value from item.
313 */
314
item_udata(struct hid_item * item)315 static u32 item_udata(struct hid_item *item)
316 {
317 switch (item->size) {
318 case 1: return item->data.u8;
319 case 2: return item->data.u16;
320 case 4: return item->data.u32;
321 }
322 return 0;
323 }
324
item_sdata(struct hid_item * item)325 static s32 item_sdata(struct hid_item *item)
326 {
327 switch (item->size) {
328 case 1: return item->data.s8;
329 case 2: return item->data.s16;
330 case 4: return item->data.s32;
331 }
332 return 0;
333 }
334
335 /*
336 * Process a global item.
337 */
338
hid_parser_global(struct hid_parser * parser,struct hid_item * item)339 static int hid_parser_global(struct hid_parser *parser, struct hid_item *item)
340 {
341 __s32 raw_value;
342 switch (item->tag) {
343 case HID_GLOBAL_ITEM_TAG_PUSH:
344
345 if (parser->global_stack_ptr == HID_GLOBAL_STACK_SIZE) {
346 hid_err(parser->device, "global environment stack overflow\n");
347 return -1;
348 }
349
350 memcpy(parser->global_stack + parser->global_stack_ptr++,
351 &parser->global, sizeof(struct hid_global));
352 return 0;
353
354 case HID_GLOBAL_ITEM_TAG_POP:
355
356 if (!parser->global_stack_ptr) {
357 hid_err(parser->device, "global environment stack underflow\n");
358 return -1;
359 }
360
361 memcpy(&parser->global, parser->global_stack +
362 --parser->global_stack_ptr, sizeof(struct hid_global));
363 return 0;
364
365 case HID_GLOBAL_ITEM_TAG_USAGE_PAGE:
366 parser->global.usage_page = item_udata(item);
367 return 0;
368
369 case HID_GLOBAL_ITEM_TAG_LOGICAL_MINIMUM:
370 parser->global.logical_minimum = item_sdata(item);
371 return 0;
372
373 case HID_GLOBAL_ITEM_TAG_LOGICAL_MAXIMUM:
374 if (parser->global.logical_minimum < 0)
375 parser->global.logical_maximum = item_sdata(item);
376 else
377 parser->global.logical_maximum = item_udata(item);
378 return 0;
379
380 case HID_GLOBAL_ITEM_TAG_PHYSICAL_MINIMUM:
381 parser->global.physical_minimum = item_sdata(item);
382 return 0;
383
384 case HID_GLOBAL_ITEM_TAG_PHYSICAL_MAXIMUM:
385 if (parser->global.physical_minimum < 0)
386 parser->global.physical_maximum = item_sdata(item);
387 else
388 parser->global.physical_maximum = item_udata(item);
389 return 0;
390
391 case HID_GLOBAL_ITEM_TAG_UNIT_EXPONENT:
392 /* Many devices provide unit exponent as a two's complement
393 * nibble due to the common misunderstanding of HID
394 * specification 1.11, 6.2.2.7 Global Items. Attempt to handle
395 * both this and the standard encoding. */
396 raw_value = item_sdata(item);
397 if (!(raw_value & 0xfffffff0))
398 parser->global.unit_exponent = hid_snto32(raw_value, 4);
399 else
400 parser->global.unit_exponent = raw_value;
401 return 0;
402
403 case HID_GLOBAL_ITEM_TAG_UNIT:
404 parser->global.unit = item_udata(item);
405 return 0;
406
407 case HID_GLOBAL_ITEM_TAG_REPORT_SIZE:
408 parser->global.report_size = item_udata(item);
409 if (parser->global.report_size > 128) {
410 hid_err(parser->device, "invalid report_size %d\n",
411 parser->global.report_size);
412 return -1;
413 }
414 return 0;
415
416 case HID_GLOBAL_ITEM_TAG_REPORT_COUNT:
417 parser->global.report_count = item_udata(item);
418 if (parser->global.report_count > HID_MAX_USAGES) {
419 hid_err(parser->device, "invalid report_count %d\n",
420 parser->global.report_count);
421 return -1;
422 }
423 return 0;
424
425 case HID_GLOBAL_ITEM_TAG_REPORT_ID:
426 parser->global.report_id = item_udata(item);
427 if (parser->global.report_id == 0 ||
428 parser->global.report_id >= HID_MAX_IDS) {
429 hid_err(parser->device, "report_id %u is invalid\n",
430 parser->global.report_id);
431 return -1;
432 }
433 return 0;
434
435 default:
436 hid_err(parser->device, "unknown global tag 0x%x\n", item->tag);
437 return -1;
438 }
439 }
440
441 /*
442 * Process a local item.
443 */
444
hid_parser_local(struct hid_parser * parser,struct hid_item * item)445 static int hid_parser_local(struct hid_parser *parser, struct hid_item *item)
446 {
447 __u32 data;
448 unsigned n;
449 __u32 count;
450
451 data = item_udata(item);
452
453 switch (item->tag) {
454 case HID_LOCAL_ITEM_TAG_DELIMITER:
455
456 if (data) {
457 /*
458 * We treat items before the first delimiter
459 * as global to all usage sets (branch 0).
460 * In the moment we process only these global
461 * items and the first delimiter set.
462 */
463 if (parser->local.delimiter_depth != 0) {
464 hid_err(parser->device, "nested delimiters\n");
465 return -1;
466 }
467 parser->local.delimiter_depth++;
468 parser->local.delimiter_branch++;
469 } else {
470 if (parser->local.delimiter_depth < 1) {
471 hid_err(parser->device, "bogus close delimiter\n");
472 return -1;
473 }
474 parser->local.delimiter_depth--;
475 }
476 return 0;
477
478 case HID_LOCAL_ITEM_TAG_USAGE:
479
480 if (parser->local.delimiter_branch > 1) {
481 dbg_hid("alternative usage ignored\n");
482 return 0;
483 }
484
485 if (item->size <= 2)
486 data = (parser->global.usage_page << 16) + data;
487
488 return hid_add_usage(parser, data);
489
490 case HID_LOCAL_ITEM_TAG_USAGE_MINIMUM:
491
492 if (parser->local.delimiter_branch > 1) {
493 dbg_hid("alternative usage ignored\n");
494 return 0;
495 }
496
497 if (item->size <= 2)
498 data = (parser->global.usage_page << 16) + data;
499
500 parser->local.usage_minimum = data;
501 return 0;
502
503 case HID_LOCAL_ITEM_TAG_USAGE_MAXIMUM:
504
505 if (parser->local.delimiter_branch > 1) {
506 dbg_hid("alternative usage ignored\n");
507 return 0;
508 }
509
510 if (item->size <= 2)
511 data = (parser->global.usage_page << 16) + data;
512
513 count = data - parser->local.usage_minimum;
514 if (count + parser->local.usage_index >= HID_MAX_USAGES) {
515 /*
516 * We do not warn if the name is not set, we are
517 * actually pre-scanning the device.
518 */
519 if (dev_name(&parser->device->dev))
520 hid_warn(parser->device,
521 "ignoring exceeding usage max\n");
522 data = HID_MAX_USAGES - parser->local.usage_index +
523 parser->local.usage_minimum - 1;
524 if (data <= 0) {
525 hid_err(parser->device,
526 "no more usage index available\n");
527 return -1;
528 }
529 }
530
531 for (n = parser->local.usage_minimum; n <= data; n++)
532 if (hid_add_usage(parser, n)) {
533 dbg_hid("hid_add_usage failed\n");
534 return -1;
535 }
536 return 0;
537
538 default:
539
540 dbg_hid("unknown local item tag 0x%x\n", item->tag);
541 return 0;
542 }
543 return 0;
544 }
545
546 /*
547 * Process a main item.
548 */
549
hid_parser_main(struct hid_parser * parser,struct hid_item * item)550 static int hid_parser_main(struct hid_parser *parser, struct hid_item *item)
551 {
552 __u32 data;
553 int ret;
554
555 data = item_udata(item);
556
557 switch (item->tag) {
558 case HID_MAIN_ITEM_TAG_BEGIN_COLLECTION:
559 ret = open_collection(parser, data & 0xff);
560 break;
561 case HID_MAIN_ITEM_TAG_END_COLLECTION:
562 ret = close_collection(parser);
563 break;
564 case HID_MAIN_ITEM_TAG_INPUT:
565 ret = hid_add_field(parser, HID_INPUT_REPORT, data);
566 break;
567 case HID_MAIN_ITEM_TAG_OUTPUT:
568 ret = hid_add_field(parser, HID_OUTPUT_REPORT, data);
569 break;
570 case HID_MAIN_ITEM_TAG_FEATURE:
571 ret = hid_add_field(parser, HID_FEATURE_REPORT, data);
572 break;
573 default:
574 hid_warn(parser->device, "unknown main item tag 0x%x\n", item->tag);
575 ret = 0;
576 }
577
578 memset(&parser->local, 0, sizeof(parser->local)); /* Reset the local parser environment */
579
580 return ret;
581 }
582
583 /*
584 * Process a reserved item.
585 */
586
hid_parser_reserved(struct hid_parser * parser,struct hid_item * item)587 static int hid_parser_reserved(struct hid_parser *parser, struct hid_item *item)
588 {
589 dbg_hid("reserved item type, tag 0x%x\n", item->tag);
590 return 0;
591 }
592
593 /*
594 * Free a report and all registered fields. The field->usage and
595 * field->value table's are allocated behind the field, so we need
596 * only to free(field) itself.
597 */
598
hid_free_report(struct hid_report * report)599 static void hid_free_report(struct hid_report *report)
600 {
601 unsigned n;
602
603 for (n = 0; n < report->maxfield; n++)
604 kfree(report->field[n]);
605 kfree(report);
606 }
607
608 /*
609 * Close report. This function returns the device
610 * state to the point prior to hid_open_report().
611 */
hid_close_report(struct hid_device * device)612 static void hid_close_report(struct hid_device *device)
613 {
614 unsigned i, j;
615
616 for (i = 0; i < HID_REPORT_TYPES; i++) {
617 struct hid_report_enum *report_enum = device->report_enum + i;
618
619 for (j = 0; j < HID_MAX_IDS; j++) {
620 struct hid_report *report = report_enum->report_id_hash[j];
621 if (report)
622 hid_free_report(report);
623 }
624 memset(report_enum, 0, sizeof(*report_enum));
625 INIT_LIST_HEAD(&report_enum->report_list);
626 }
627
628 kfree(device->rdesc);
629 device->rdesc = NULL;
630 device->rsize = 0;
631
632 kfree(device->collection);
633 device->collection = NULL;
634 device->collection_size = 0;
635 device->maxcollection = 0;
636 device->maxapplication = 0;
637
638 device->status &= ~HID_STAT_PARSED;
639 }
640
641 /*
642 * Free a device structure, all reports, and all fields.
643 */
644
hid_device_release(struct device * dev)645 static void hid_device_release(struct device *dev)
646 {
647 struct hid_device *hid = to_hid_device(dev);
648
649 hid_close_report(hid);
650 kfree(hid->dev_rdesc);
651 kfree(hid);
652 }
653
654 /*
655 * Fetch a report description item from the data stream. We support long
656 * items, though they are not used yet.
657 */
658
fetch_item(__u8 * start,__u8 * end,struct hid_item * item)659 static u8 *fetch_item(__u8 *start, __u8 *end, struct hid_item *item)
660 {
661 u8 b;
662
663 if ((end - start) <= 0)
664 return NULL;
665
666 b = *start++;
667
668 item->type = (b >> 2) & 3;
669 item->tag = (b >> 4) & 15;
670
671 if (item->tag == HID_ITEM_TAG_LONG) {
672
673 item->format = HID_ITEM_FORMAT_LONG;
674
675 if ((end - start) < 2)
676 return NULL;
677
678 item->size = *start++;
679 item->tag = *start++;
680
681 if ((end - start) < item->size)
682 return NULL;
683
684 item->data.longdata = start;
685 start += item->size;
686 return start;
687 }
688
689 item->format = HID_ITEM_FORMAT_SHORT;
690 item->size = b & 3;
691
692 switch (item->size) {
693 case 0:
694 return start;
695
696 case 1:
697 if ((end - start) < 1)
698 return NULL;
699 item->data.u8 = *start++;
700 return start;
701
702 case 2:
703 if ((end - start) < 2)
704 return NULL;
705 item->data.u16 = get_unaligned_le16(start);
706 start = (__u8 *)((__le16 *)start + 1);
707 return start;
708
709 case 3:
710 item->size++;
711 if ((end - start) < 4)
712 return NULL;
713 item->data.u32 = get_unaligned_le32(start);
714 start = (__u8 *)((__le32 *)start + 1);
715 return start;
716 }
717
718 return NULL;
719 }
720
hid_scan_input_usage(struct hid_parser * parser,u32 usage)721 static void hid_scan_input_usage(struct hid_parser *parser, u32 usage)
722 {
723 struct hid_device *hid = parser->device;
724
725 if (usage == HID_DG_CONTACTID)
726 hid->group = HID_GROUP_MULTITOUCH;
727 }
728
hid_scan_feature_usage(struct hid_parser * parser,u32 usage)729 static void hid_scan_feature_usage(struct hid_parser *parser, u32 usage)
730 {
731 if (usage == 0xff0000c5 && parser->global.report_count == 256 &&
732 parser->global.report_size == 8)
733 parser->scan_flags |= HID_SCAN_FLAG_MT_WIN_8;
734 }
735
hid_scan_collection(struct hid_parser * parser,unsigned type)736 static void hid_scan_collection(struct hid_parser *parser, unsigned type)
737 {
738 struct hid_device *hid = parser->device;
739 int i;
740
741 if (((parser->global.usage_page << 16) == HID_UP_SENSOR) &&
742 type == HID_COLLECTION_PHYSICAL)
743 hid->group = HID_GROUP_SENSOR_HUB;
744
745 if (hid->vendor == USB_VENDOR_ID_MICROSOFT &&
746 hid->product == USB_DEVICE_ID_MS_POWER_COVER &&
747 hid->group == HID_GROUP_MULTITOUCH)
748 hid->group = HID_GROUP_GENERIC;
749
750 if ((parser->global.usage_page << 16) == HID_UP_GENDESK)
751 for (i = 0; i < parser->local.usage_index; i++)
752 if (parser->local.usage[i] == HID_GD_POINTER)
753 parser->scan_flags |= HID_SCAN_FLAG_GD_POINTER;
754
755 if ((parser->global.usage_page << 16) >= HID_UP_MSVENDOR)
756 parser->scan_flags |= HID_SCAN_FLAG_VENDOR_SPECIFIC;
757 }
758
hid_scan_main(struct hid_parser * parser,struct hid_item * item)759 static int hid_scan_main(struct hid_parser *parser, struct hid_item *item)
760 {
761 __u32 data;
762 int i;
763
764 data = item_udata(item);
765
766 switch (item->tag) {
767 case HID_MAIN_ITEM_TAG_BEGIN_COLLECTION:
768 hid_scan_collection(parser, data & 0xff);
769 break;
770 case HID_MAIN_ITEM_TAG_END_COLLECTION:
771 break;
772 case HID_MAIN_ITEM_TAG_INPUT:
773 /* ignore constant inputs, they will be ignored by hid-input */
774 if (data & HID_MAIN_ITEM_CONSTANT)
775 break;
776 for (i = 0; i < parser->local.usage_index; i++)
777 hid_scan_input_usage(parser, parser->local.usage[i]);
778 break;
779 case HID_MAIN_ITEM_TAG_OUTPUT:
780 break;
781 case HID_MAIN_ITEM_TAG_FEATURE:
782 for (i = 0; i < parser->local.usage_index; i++)
783 hid_scan_feature_usage(parser, parser->local.usage[i]);
784 break;
785 }
786
787 /* Reset the local parser environment */
788 memset(&parser->local, 0, sizeof(parser->local));
789
790 return 0;
791 }
792
793 /*
794 * Scan a report descriptor before the device is added to the bus.
795 * Sets device groups and other properties that determine what driver
796 * to load.
797 */
hid_scan_report(struct hid_device * hid)798 static int hid_scan_report(struct hid_device *hid)
799 {
800 struct hid_parser *parser;
801 struct hid_item item;
802 __u8 *start = hid->dev_rdesc;
803 __u8 *end = start + hid->dev_rsize;
804 static int (*dispatch_type[])(struct hid_parser *parser,
805 struct hid_item *item) = {
806 hid_scan_main,
807 hid_parser_global,
808 hid_parser_local,
809 hid_parser_reserved
810 };
811
812 parser = vzalloc(sizeof(struct hid_parser));
813 if (!parser)
814 return -ENOMEM;
815
816 parser->device = hid;
817 hid->group = HID_GROUP_GENERIC;
818
819 /*
820 * The parsing is simpler than the one in hid_open_report() as we should
821 * be robust against hid errors. Those errors will be raised by
822 * hid_open_report() anyway.
823 */
824 while ((start = fetch_item(start, end, &item)) != NULL)
825 dispatch_type[item.type](parser, &item);
826
827 /*
828 * Handle special flags set during scanning.
829 */
830 if ((parser->scan_flags & HID_SCAN_FLAG_MT_WIN_8) &&
831 (hid->group == HID_GROUP_MULTITOUCH))
832 hid->group = HID_GROUP_MULTITOUCH_WIN_8;
833
834 /*
835 * Vendor specific handlings
836 */
837 switch (hid->vendor) {
838 case USB_VENDOR_ID_WACOM:
839 hid->group = HID_GROUP_WACOM;
840 break;
841 case USB_VENDOR_ID_SYNAPTICS:
842 if (hid->group == HID_GROUP_GENERIC)
843 if ((parser->scan_flags & HID_SCAN_FLAG_VENDOR_SPECIFIC)
844 && (parser->scan_flags & HID_SCAN_FLAG_GD_POINTER))
845 /*
846 * hid-rmi should take care of them,
847 * not hid-generic
848 */
849 hid->group = HID_GROUP_RMI;
850 break;
851 }
852
853 kfree(parser->collection_stack);
854 vfree(parser);
855 return 0;
856 }
857
858 /**
859 * hid_parse_report - parse device report
860 *
861 * @device: hid device
862 * @start: report start
863 * @size: report size
864 *
865 * Allocate the device report as read by the bus driver. This function should
866 * only be called from parse() in ll drivers.
867 */
hid_parse_report(struct hid_device * hid,__u8 * start,unsigned size)868 int hid_parse_report(struct hid_device *hid, __u8 *start, unsigned size)
869 {
870 hid->dev_rdesc = kmemdup(start, size, GFP_KERNEL);
871 if (!hid->dev_rdesc)
872 return -ENOMEM;
873 hid->dev_rsize = size;
874 return 0;
875 }
876 EXPORT_SYMBOL_GPL(hid_parse_report);
877
878 static const char * const hid_report_names[] = {
879 "HID_INPUT_REPORT",
880 "HID_OUTPUT_REPORT",
881 "HID_FEATURE_REPORT",
882 };
883 /**
884 * hid_validate_values - validate existing device report's value indexes
885 *
886 * @device: hid device
887 * @type: which report type to examine
888 * @id: which report ID to examine (0 for first)
889 * @field_index: which report field to examine
890 * @report_counts: expected number of values
891 *
892 * Validate the number of values in a given field of a given report, after
893 * parsing.
894 */
hid_validate_values(struct hid_device * hid,unsigned int type,unsigned int id,unsigned int field_index,unsigned int report_counts)895 struct hid_report *hid_validate_values(struct hid_device *hid,
896 unsigned int type, unsigned int id,
897 unsigned int field_index,
898 unsigned int report_counts)
899 {
900 struct hid_report *report;
901
902 if (type > HID_FEATURE_REPORT) {
903 hid_err(hid, "invalid HID report type %u\n", type);
904 return NULL;
905 }
906
907 if (id >= HID_MAX_IDS) {
908 hid_err(hid, "invalid HID report id %u\n", id);
909 return NULL;
910 }
911
912 /*
913 * Explicitly not using hid_get_report() here since it depends on
914 * ->numbered being checked, which may not always be the case when
915 * drivers go to access report values.
916 */
917 if (id == 0) {
918 /*
919 * Validating on id 0 means we should examine the first
920 * report in the list.
921 */
922 report = list_entry(
923 hid->report_enum[type].report_list.next,
924 struct hid_report, list);
925 } else {
926 report = hid->report_enum[type].report_id_hash[id];
927 }
928 if (!report) {
929 hid_err(hid, "missing %s %u\n", hid_report_names[type], id);
930 return NULL;
931 }
932 if (report->maxfield <= field_index) {
933 hid_err(hid, "not enough fields in %s %u\n",
934 hid_report_names[type], id);
935 return NULL;
936 }
937 if (report->field[field_index]->report_count < report_counts) {
938 hid_err(hid, "not enough values in %s %u field %u\n",
939 hid_report_names[type], id, field_index);
940 return NULL;
941 }
942 return report;
943 }
944 EXPORT_SYMBOL_GPL(hid_validate_values);
945
946 /**
947 * hid_open_report - open a driver-specific device report
948 *
949 * @device: hid device
950 *
951 * Parse a report description into a hid_device structure. Reports are
952 * enumerated, fields are attached to these reports.
953 * 0 returned on success, otherwise nonzero error value.
954 *
955 * This function (or the equivalent hid_parse() macro) should only be
956 * called from probe() in drivers, before starting the device.
957 */
hid_open_report(struct hid_device * device)958 int hid_open_report(struct hid_device *device)
959 {
960 struct hid_parser *parser;
961 struct hid_item item;
962 unsigned int size;
963 __u8 *start;
964 __u8 *buf;
965 __u8 *end;
966 int ret;
967 static int (*dispatch_type[])(struct hid_parser *parser,
968 struct hid_item *item) = {
969 hid_parser_main,
970 hid_parser_global,
971 hid_parser_local,
972 hid_parser_reserved
973 };
974
975 if (WARN_ON(device->status & HID_STAT_PARSED))
976 return -EBUSY;
977
978 start = device->dev_rdesc;
979 if (WARN_ON(!start))
980 return -ENODEV;
981 size = device->dev_rsize;
982
983 buf = kmemdup(start, size, GFP_KERNEL);
984 if (buf == NULL)
985 return -ENOMEM;
986
987 if (device->driver->report_fixup)
988 start = device->driver->report_fixup(device, buf, &size);
989 else
990 start = buf;
991
992 start = kmemdup(start, size, GFP_KERNEL);
993 kfree(buf);
994 if (start == NULL)
995 return -ENOMEM;
996
997 device->rdesc = start;
998 device->rsize = size;
999
1000 parser = vzalloc(sizeof(struct hid_parser));
1001 if (!parser) {
1002 ret = -ENOMEM;
1003 goto alloc_err;
1004 }
1005
1006 parser->device = device;
1007
1008 end = start + size;
1009
1010 device->collection = kcalloc(HID_DEFAULT_NUM_COLLECTIONS,
1011 sizeof(struct hid_collection), GFP_KERNEL);
1012 if (!device->collection) {
1013 ret = -ENOMEM;
1014 goto err;
1015 }
1016 device->collection_size = HID_DEFAULT_NUM_COLLECTIONS;
1017
1018 ret = -EINVAL;
1019 while ((start = fetch_item(start, end, &item)) != NULL) {
1020
1021 if (item.format != HID_ITEM_FORMAT_SHORT) {
1022 hid_err(device, "unexpected long global item\n");
1023 goto err;
1024 }
1025
1026 if (dispatch_type[item.type](parser, &item)) {
1027 hid_err(device, "item %u %u %u %u parsing failed\n",
1028 item.format, (unsigned)item.size,
1029 (unsigned)item.type, (unsigned)item.tag);
1030 goto err;
1031 }
1032
1033 if (start == end) {
1034 if (parser->collection_stack_ptr) {
1035 hid_err(device, "unbalanced collection at end of report description\n");
1036 goto err;
1037 }
1038 if (parser->local.delimiter_depth) {
1039 hid_err(device, "unbalanced delimiter at end of report description\n");
1040 goto err;
1041 }
1042 kfree(parser->collection_stack);
1043 vfree(parser);
1044 device->status |= HID_STAT_PARSED;
1045 return 0;
1046 }
1047 }
1048
1049 hid_err(device, "item fetching failed at offset %d\n", (int)(end - start));
1050 err:
1051 kfree(parser->collection_stack);
1052 alloc_err:
1053 vfree(parser);
1054 hid_close_report(device);
1055 return ret;
1056 }
1057 EXPORT_SYMBOL_GPL(hid_open_report);
1058
1059 /*
1060 * Convert a signed n-bit integer to signed 32-bit integer. Common
1061 * cases are done through the compiler, the screwed things has to be
1062 * done by hand.
1063 */
1064
snto32(__u32 value,unsigned n)1065 static s32 snto32(__u32 value, unsigned n)
1066 {
1067 switch (n) {
1068 case 8: return ((__s8)value);
1069 case 16: return ((__s16)value);
1070 case 32: return ((__s32)value);
1071 }
1072 return value & (1 << (n - 1)) ? value | (~0U << n) : value;
1073 }
1074
hid_snto32(__u32 value,unsigned n)1075 s32 hid_snto32(__u32 value, unsigned n)
1076 {
1077 return snto32(value, n);
1078 }
1079 EXPORT_SYMBOL_GPL(hid_snto32);
1080
1081 /*
1082 * Convert a signed 32-bit integer to a signed n-bit integer.
1083 */
1084
s32ton(__s32 value,unsigned n)1085 static u32 s32ton(__s32 value, unsigned n)
1086 {
1087 s32 a = value >> (n - 1);
1088 if (a && a != -1)
1089 return value < 0 ? 1 << (n - 1) : (1 << (n - 1)) - 1;
1090 return value & ((1 << n) - 1);
1091 }
1092
1093 /*
1094 * Extract/implement a data field from/to a little endian report (bit array).
1095 *
1096 * Code sort-of follows HID spec:
1097 * http://www.usb.org/developers/hidpage/HID1_11.pdf
1098 *
1099 * While the USB HID spec allows unlimited length bit fields in "report
1100 * descriptors", most devices never use more than 16 bits.
1101 * One model of UPS is claimed to report "LINEV" as a 32-bit field.
1102 * Search linux-kernel and linux-usb-devel archives for "hid-core extract".
1103 */
1104
__extract(u8 * report,unsigned offset,int n)1105 static u32 __extract(u8 *report, unsigned offset, int n)
1106 {
1107 unsigned int idx = offset / 8;
1108 unsigned int bit_nr = 0;
1109 unsigned int bit_shift = offset % 8;
1110 int bits_to_copy = 8 - bit_shift;
1111 u32 value = 0;
1112 u32 mask = n < 32 ? (1U << n) - 1 : ~0U;
1113
1114 while (n > 0) {
1115 value |= ((u32)report[idx] >> bit_shift) << bit_nr;
1116 n -= bits_to_copy;
1117 bit_nr += bits_to_copy;
1118 bits_to_copy = 8;
1119 bit_shift = 0;
1120 idx++;
1121 }
1122
1123 return value & mask;
1124 }
1125
hid_field_extract(const struct hid_device * hid,u8 * report,unsigned offset,unsigned n)1126 u32 hid_field_extract(const struct hid_device *hid, u8 *report,
1127 unsigned offset, unsigned n)
1128 {
1129 if (n > 32) {
1130 hid_warn(hid, "hid_field_extract() called with n (%d) > 32! (%s)\n",
1131 n, current->comm);
1132 n = 32;
1133 }
1134
1135 return __extract(report, offset, n);
1136 }
1137 EXPORT_SYMBOL_GPL(hid_field_extract);
1138
1139 /*
1140 * "implement" : set bits in a little endian bit stream.
1141 * Same concepts as "extract" (see comments above).
1142 * The data mangled in the bit stream remains in little endian
1143 * order the whole time. It make more sense to talk about
1144 * endianness of register values by considering a register
1145 * a "cached" copy of the little endian bit stream.
1146 */
1147
__implement(u8 * report,unsigned offset,int n,u32 value)1148 static void __implement(u8 *report, unsigned offset, int n, u32 value)
1149 {
1150 unsigned int idx = offset / 8;
1151 unsigned int bit_shift = offset % 8;
1152 int bits_to_set = 8 - bit_shift;
1153
1154 while (n - bits_to_set >= 0) {
1155 report[idx] &= ~(0xff << bit_shift);
1156 report[idx] |= value << bit_shift;
1157 value >>= bits_to_set;
1158 n -= bits_to_set;
1159 bits_to_set = 8;
1160 bit_shift = 0;
1161 idx++;
1162 }
1163
1164 /* last nibble */
1165 if (n) {
1166 u8 bit_mask = ((1U << n) - 1);
1167 report[idx] &= ~(bit_mask << bit_shift);
1168 report[idx] |= value << bit_shift;
1169 }
1170 }
1171
implement(const struct hid_device * hid,u8 * report,unsigned offset,unsigned n,u32 value)1172 static void implement(const struct hid_device *hid, u8 *report,
1173 unsigned offset, unsigned n, u32 value)
1174 {
1175 if (unlikely(n > 32)) {
1176 hid_warn(hid, "%s() called with n (%d) > 32! (%s)\n",
1177 __func__, n, current->comm);
1178 n = 32;
1179 } else if (n < 32) {
1180 u32 m = (1U << n) - 1;
1181
1182 if (unlikely(value > m)) {
1183 hid_warn(hid,
1184 "%s() called with too large value %d (n: %d)! (%s)\n",
1185 __func__, value, n, current->comm);
1186 WARN_ON(1);
1187 value &= m;
1188 }
1189 }
1190
1191 __implement(report, offset, n, value);
1192 }
1193
1194 /*
1195 * Search an array for a value.
1196 */
1197
search(__s32 * array,__s32 value,unsigned n)1198 static int search(__s32 *array, __s32 value, unsigned n)
1199 {
1200 while (n--) {
1201 if (*array++ == value)
1202 return 0;
1203 }
1204 return -1;
1205 }
1206
1207 /**
1208 * hid_match_report - check if driver's raw_event should be called
1209 *
1210 * @hid: hid device
1211 * @report_type: type to match against
1212 *
1213 * compare hid->driver->report_table->report_type to report->type
1214 */
hid_match_report(struct hid_device * hid,struct hid_report * report)1215 static int hid_match_report(struct hid_device *hid, struct hid_report *report)
1216 {
1217 const struct hid_report_id *id = hid->driver->report_table;
1218
1219 if (!id) /* NULL means all */
1220 return 1;
1221
1222 for (; id->report_type != HID_TERMINATOR; id++)
1223 if (id->report_type == HID_ANY_ID ||
1224 id->report_type == report->type)
1225 return 1;
1226 return 0;
1227 }
1228
1229 /**
1230 * hid_match_usage - check if driver's event should be called
1231 *
1232 * @hid: hid device
1233 * @usage: usage to match against
1234 *
1235 * compare hid->driver->usage_table->usage_{type,code} to
1236 * usage->usage_{type,code}
1237 */
hid_match_usage(struct hid_device * hid,struct hid_usage * usage)1238 static int hid_match_usage(struct hid_device *hid, struct hid_usage *usage)
1239 {
1240 const struct hid_usage_id *id = hid->driver->usage_table;
1241
1242 if (!id) /* NULL means all */
1243 return 1;
1244
1245 for (; id->usage_type != HID_ANY_ID - 1; id++)
1246 if ((id->usage_hid == HID_ANY_ID ||
1247 id->usage_hid == usage->hid) &&
1248 (id->usage_type == HID_ANY_ID ||
1249 id->usage_type == usage->type) &&
1250 (id->usage_code == HID_ANY_ID ||
1251 id->usage_code == usage->code))
1252 return 1;
1253 return 0;
1254 }
1255
hid_process_event(struct hid_device * hid,struct hid_field * field,struct hid_usage * usage,__s32 value,int interrupt)1256 static void hid_process_event(struct hid_device *hid, struct hid_field *field,
1257 struct hid_usage *usage, __s32 value, int interrupt)
1258 {
1259 struct hid_driver *hdrv = hid->driver;
1260 int ret;
1261
1262 if (!list_empty(&hid->debug_list))
1263 hid_dump_input(hid, usage, value);
1264
1265 if (hdrv && hdrv->event && hid_match_usage(hid, usage)) {
1266 ret = hdrv->event(hid, field, usage, value);
1267 if (ret != 0) {
1268 if (ret < 0)
1269 hid_err(hid, "%s's event failed with %d\n",
1270 hdrv->name, ret);
1271 return;
1272 }
1273 }
1274
1275 if (hid->claimed & HID_CLAIMED_INPUT)
1276 hidinput_hid_event(hid, field, usage, value);
1277 if (hid->claimed & HID_CLAIMED_HIDDEV && interrupt && hid->hiddev_hid_event)
1278 hid->hiddev_hid_event(hid, field, usage, value);
1279 }
1280
1281 /*
1282 * Analyse a received field, and fetch the data from it. The field
1283 * content is stored for next report processing (we do differential
1284 * reporting to the layer).
1285 */
1286
hid_input_field(struct hid_device * hid,struct hid_field * field,__u8 * data,int interrupt)1287 static void hid_input_field(struct hid_device *hid, struct hid_field *field,
1288 __u8 *data, int interrupt)
1289 {
1290 unsigned n;
1291 unsigned count = field->report_count;
1292 unsigned offset = field->report_offset;
1293 unsigned size = field->report_size;
1294 __s32 min = field->logical_minimum;
1295 __s32 max = field->logical_maximum;
1296 __s32 *value;
1297
1298 value = kmalloc_array(count, sizeof(__s32), GFP_ATOMIC);
1299 if (!value)
1300 return;
1301
1302 for (n = 0; n < count; n++) {
1303
1304 value[n] = min < 0 ?
1305 snto32(hid_field_extract(hid, data, offset + n * size,
1306 size), size) :
1307 hid_field_extract(hid, data, offset + n * size, size);
1308
1309 /* Ignore report if ErrorRollOver */
1310 if (!(field->flags & HID_MAIN_ITEM_VARIABLE) &&
1311 value[n] >= min && value[n] <= max &&
1312 value[n] - min < field->maxusage &&
1313 field->usage[value[n] - min].hid == HID_UP_KEYBOARD + 1)
1314 goto exit;
1315 }
1316
1317 for (n = 0; n < count; n++) {
1318
1319 if (HID_MAIN_ITEM_VARIABLE & field->flags) {
1320 hid_process_event(hid, field, &field->usage[n], value[n], interrupt);
1321 continue;
1322 }
1323
1324 if (field->value[n] >= min && field->value[n] <= max
1325 && field->value[n] - min < field->maxusage
1326 && field->usage[field->value[n] - min].hid
1327 && search(value, field->value[n], count))
1328 hid_process_event(hid, field, &field->usage[field->value[n] - min], 0, interrupt);
1329
1330 if (value[n] >= min && value[n] <= max
1331 && value[n] - min < field->maxusage
1332 && field->usage[value[n] - min].hid
1333 && search(field->value, value[n], count))
1334 hid_process_event(hid, field, &field->usage[value[n] - min], 1, interrupt);
1335 }
1336
1337 memcpy(field->value, value, count * sizeof(__s32));
1338 exit:
1339 kfree(value);
1340 }
1341
1342 /*
1343 * Output the field into the report.
1344 */
1345
hid_output_field(const struct hid_device * hid,struct hid_field * field,__u8 * data)1346 static void hid_output_field(const struct hid_device *hid,
1347 struct hid_field *field, __u8 *data)
1348 {
1349 unsigned count = field->report_count;
1350 unsigned offset = field->report_offset;
1351 unsigned size = field->report_size;
1352 unsigned n;
1353
1354 for (n = 0; n < count; n++) {
1355 if (field->logical_minimum < 0) /* signed values */
1356 implement(hid, data, offset + n * size, size,
1357 s32ton(field->value[n], size));
1358 else /* unsigned values */
1359 implement(hid, data, offset + n * size, size,
1360 field->value[n]);
1361 }
1362 }
1363
1364 /*
1365 * Create a report. 'data' has to be allocated using
1366 * hid_alloc_report_buf() so that it has proper size.
1367 */
1368
hid_output_report(struct hid_report * report,__u8 * data)1369 void hid_output_report(struct hid_report *report, __u8 *data)
1370 {
1371 unsigned n;
1372
1373 if (report->id > 0)
1374 *data++ = report->id;
1375
1376 memset(data, 0, ((report->size - 1) >> 3) + 1);
1377 for (n = 0; n < report->maxfield; n++)
1378 hid_output_field(report->device, report->field[n], data);
1379 }
1380 EXPORT_SYMBOL_GPL(hid_output_report);
1381
1382 /*
1383 * Allocator for buffer that is going to be passed to hid_output_report()
1384 */
hid_alloc_report_buf(struct hid_report * report,gfp_t flags)1385 u8 *hid_alloc_report_buf(struct hid_report *report, gfp_t flags)
1386 {
1387 /*
1388 * 7 extra bytes are necessary to achieve proper functionality
1389 * of implement() working on 8 byte chunks
1390 */
1391
1392 u32 len = hid_report_len(report) + 7;
1393
1394 return kmalloc(len, flags);
1395 }
1396 EXPORT_SYMBOL_GPL(hid_alloc_report_buf);
1397
1398 /*
1399 * Set a field value. The report this field belongs to has to be
1400 * created and transferred to the device, to set this value in the
1401 * device.
1402 */
1403
hid_set_field(struct hid_field * field,unsigned offset,__s32 value)1404 int hid_set_field(struct hid_field *field, unsigned offset, __s32 value)
1405 {
1406 unsigned size;
1407
1408 if (!field)
1409 return -1;
1410
1411 size = field->report_size;
1412
1413 hid_dump_input(field->report->device, field->usage + offset, value);
1414
1415 if (offset >= field->report_count) {
1416 hid_err(field->report->device, "offset (%d) exceeds report_count (%d)\n",
1417 offset, field->report_count);
1418 return -1;
1419 }
1420 if (field->logical_minimum < 0) {
1421 if (value != snto32(s32ton(value, size), size)) {
1422 hid_err(field->report->device, "value %d is out of range\n", value);
1423 return -1;
1424 }
1425 }
1426 field->value[offset] = value;
1427 return 0;
1428 }
1429 EXPORT_SYMBOL_GPL(hid_set_field);
1430
hid_get_report(struct hid_report_enum * report_enum,const u8 * data)1431 static struct hid_report *hid_get_report(struct hid_report_enum *report_enum,
1432 const u8 *data)
1433 {
1434 struct hid_report *report;
1435 unsigned int n = 0; /* Normally report number is 0 */
1436
1437 /* Device uses numbered reports, data[0] is report number */
1438 if (report_enum->numbered)
1439 n = *data;
1440
1441 report = report_enum->report_id_hash[n];
1442 if (report == NULL)
1443 dbg_hid("undefined report_id %u received\n", n);
1444
1445 return report;
1446 }
1447
1448 /*
1449 * Implement a generic .request() callback, using .raw_request()
1450 * DO NOT USE in hid drivers directly, but through hid_hw_request instead.
1451 */
__hid_request(struct hid_device * hid,struct hid_report * report,int reqtype)1452 void __hid_request(struct hid_device *hid, struct hid_report *report,
1453 int reqtype)
1454 {
1455 char *buf;
1456 int ret;
1457 u32 len;
1458
1459 buf = hid_alloc_report_buf(report, GFP_KERNEL);
1460 if (!buf)
1461 return;
1462
1463 len = hid_report_len(report);
1464
1465 if (reqtype == HID_REQ_SET_REPORT)
1466 hid_output_report(report, buf);
1467
1468 ret = hid->ll_driver->raw_request(hid, report->id, buf, len,
1469 report->type, reqtype);
1470 if (ret < 0) {
1471 dbg_hid("unable to complete request: %d\n", ret);
1472 goto out;
1473 }
1474
1475 if (reqtype == HID_REQ_GET_REPORT)
1476 hid_input_report(hid, report->type, buf, ret, 0);
1477
1478 out:
1479 kfree(buf);
1480 }
1481 EXPORT_SYMBOL_GPL(__hid_request);
1482
hid_report_raw_event(struct hid_device * hid,int type,u8 * data,u32 size,int interrupt)1483 int hid_report_raw_event(struct hid_device *hid, int type, u8 *data, u32 size,
1484 int interrupt)
1485 {
1486 struct hid_report_enum *report_enum = hid->report_enum + type;
1487 struct hid_report *report;
1488 struct hid_driver *hdrv;
1489 unsigned int a;
1490 u32 rsize, csize = size;
1491 u8 *cdata = data;
1492 int ret = 0;
1493
1494 report = hid_get_report(report_enum, data);
1495 if (!report)
1496 goto out;
1497
1498 if (report_enum->numbered) {
1499 cdata++;
1500 csize--;
1501 }
1502
1503 rsize = ((report->size - 1) >> 3) + 1;
1504
1505 if (rsize > HID_MAX_BUFFER_SIZE)
1506 rsize = HID_MAX_BUFFER_SIZE;
1507
1508 if (csize < rsize) {
1509 dbg_hid("report %d is too short, (%d < %d)\n", report->id,
1510 csize, rsize);
1511 memset(cdata + csize, 0, rsize - csize);
1512 }
1513
1514 if ((hid->claimed & HID_CLAIMED_HIDDEV) && hid->hiddev_report_event)
1515 hid->hiddev_report_event(hid, report);
1516 if (hid->claimed & HID_CLAIMED_HIDRAW) {
1517 ret = hidraw_report_event(hid, data, size);
1518 if (ret)
1519 goto out;
1520 }
1521
1522 if (hid->claimed != HID_CLAIMED_HIDRAW && report->maxfield) {
1523 for (a = 0; a < report->maxfield; a++)
1524 hid_input_field(hid, report->field[a], cdata, interrupt);
1525 hdrv = hid->driver;
1526 if (hdrv && hdrv->report)
1527 hdrv->report(hid, report);
1528 }
1529
1530 if (hid->claimed & HID_CLAIMED_INPUT)
1531 hidinput_report_event(hid, report);
1532 out:
1533 return ret;
1534 }
1535 EXPORT_SYMBOL_GPL(hid_report_raw_event);
1536
1537 /**
1538 * hid_input_report - report data from lower layer (usb, bt...)
1539 *
1540 * @hid: hid device
1541 * @type: HID report type (HID_*_REPORT)
1542 * @data: report contents
1543 * @size: size of data parameter
1544 * @interrupt: distinguish between interrupt and control transfers
1545 *
1546 * This is data entry for lower layers.
1547 */
hid_input_report(struct hid_device * hid,int type,u8 * data,u32 size,int interrupt)1548 int hid_input_report(struct hid_device *hid, int type, u8 *data, u32 size, int interrupt)
1549 {
1550 struct hid_report_enum *report_enum;
1551 struct hid_driver *hdrv;
1552 struct hid_report *report;
1553 int ret = 0;
1554
1555 if (!hid)
1556 return -ENODEV;
1557
1558 if (down_trylock(&hid->driver_input_lock))
1559 return -EBUSY;
1560
1561 if (!hid->driver) {
1562 ret = -ENODEV;
1563 goto unlock;
1564 }
1565 report_enum = hid->report_enum + type;
1566 hdrv = hid->driver;
1567
1568 if (!size) {
1569 dbg_hid("empty report\n");
1570 ret = -1;
1571 goto unlock;
1572 }
1573
1574 /* Avoid unnecessary overhead if debugfs is disabled */
1575 if (!list_empty(&hid->debug_list))
1576 hid_dump_report(hid, type, data, size);
1577
1578 report = hid_get_report(report_enum, data);
1579
1580 if (!report) {
1581 ret = -1;
1582 goto unlock;
1583 }
1584
1585 if (hdrv && hdrv->raw_event && hid_match_report(hid, report)) {
1586 ret = hdrv->raw_event(hid, report, data, size);
1587 if (ret < 0)
1588 goto unlock;
1589 }
1590
1591 ret = hid_report_raw_event(hid, type, data, size, interrupt);
1592
1593 unlock:
1594 up(&hid->driver_input_lock);
1595 return ret;
1596 }
1597 EXPORT_SYMBOL_GPL(hid_input_report);
1598
hid_match_one_id(const struct hid_device * hdev,const struct hid_device_id * id)1599 bool hid_match_one_id(const struct hid_device *hdev,
1600 const struct hid_device_id *id)
1601 {
1602 return (id->bus == HID_BUS_ANY || id->bus == hdev->bus) &&
1603 (id->group == HID_GROUP_ANY || id->group == hdev->group) &&
1604 (id->vendor == HID_ANY_ID || id->vendor == hdev->vendor) &&
1605 (id->product == HID_ANY_ID || id->product == hdev->product);
1606 }
1607
hid_match_id(const struct hid_device * hdev,const struct hid_device_id * id)1608 const struct hid_device_id *hid_match_id(const struct hid_device *hdev,
1609 const struct hid_device_id *id)
1610 {
1611 for (; id->bus; id++)
1612 if (hid_match_one_id(hdev, id))
1613 return id;
1614
1615 return NULL;
1616 }
1617
1618 static const struct hid_device_id hid_hiddev_list[] = {
1619 { HID_USB_DEVICE(USB_VENDOR_ID_MGE, USB_DEVICE_ID_MGE_UPS) },
1620 { HID_USB_DEVICE(USB_VENDOR_ID_MGE, USB_DEVICE_ID_MGE_UPS1) },
1621 { }
1622 };
1623
hid_hiddev(struct hid_device * hdev)1624 static bool hid_hiddev(struct hid_device *hdev)
1625 {
1626 return !!hid_match_id(hdev, hid_hiddev_list);
1627 }
1628
1629
1630 static ssize_t
read_report_descriptor(struct file * filp,struct kobject * kobj,struct bin_attribute * attr,char * buf,loff_t off,size_t count)1631 read_report_descriptor(struct file *filp, struct kobject *kobj,
1632 struct bin_attribute *attr,
1633 char *buf, loff_t off, size_t count)
1634 {
1635 struct device *dev = kobj_to_dev(kobj);
1636 struct hid_device *hdev = to_hid_device(dev);
1637
1638 if (off >= hdev->rsize)
1639 return 0;
1640
1641 if (off + count > hdev->rsize)
1642 count = hdev->rsize - off;
1643
1644 memcpy(buf, hdev->rdesc + off, count);
1645
1646 return count;
1647 }
1648
1649 static ssize_t
show_country(struct device * dev,struct device_attribute * attr,char * buf)1650 show_country(struct device *dev, struct device_attribute *attr,
1651 char *buf)
1652 {
1653 struct hid_device *hdev = to_hid_device(dev);
1654
1655 return sprintf(buf, "%02x\n", hdev->country & 0xff);
1656 }
1657
1658 static struct bin_attribute dev_bin_attr_report_desc = {
1659 .attr = { .name = "report_descriptor", .mode = 0444 },
1660 .read = read_report_descriptor,
1661 .size = HID_MAX_DESCRIPTOR_SIZE,
1662 };
1663
1664 static const struct device_attribute dev_attr_country = {
1665 .attr = { .name = "country", .mode = 0444 },
1666 .show = show_country,
1667 };
1668
hid_connect(struct hid_device * hdev,unsigned int connect_mask)1669 int hid_connect(struct hid_device *hdev, unsigned int connect_mask)
1670 {
1671 static const char *types[] = { "Device", "Pointer", "Mouse", "Device",
1672 "Joystick", "Gamepad", "Keyboard", "Keypad",
1673 "Multi-Axis Controller"
1674 };
1675 const char *type, *bus;
1676 char buf[64] = "";
1677 unsigned int i;
1678 int len;
1679 int ret;
1680
1681 if (hdev->quirks & HID_QUIRK_HIDDEV_FORCE)
1682 connect_mask |= (HID_CONNECT_HIDDEV_FORCE | HID_CONNECT_HIDDEV);
1683 if (hdev->quirks & HID_QUIRK_HIDINPUT_FORCE)
1684 connect_mask |= HID_CONNECT_HIDINPUT_FORCE;
1685 if (hdev->bus != BUS_USB)
1686 connect_mask &= ~HID_CONNECT_HIDDEV;
1687 if (hid_hiddev(hdev))
1688 connect_mask |= HID_CONNECT_HIDDEV_FORCE;
1689
1690 if ((connect_mask & HID_CONNECT_HIDINPUT) && !hidinput_connect(hdev,
1691 connect_mask & HID_CONNECT_HIDINPUT_FORCE))
1692 hdev->claimed |= HID_CLAIMED_INPUT;
1693
1694 if ((connect_mask & HID_CONNECT_HIDDEV) && hdev->hiddev_connect &&
1695 !hdev->hiddev_connect(hdev,
1696 connect_mask & HID_CONNECT_HIDDEV_FORCE))
1697 hdev->claimed |= HID_CLAIMED_HIDDEV;
1698 if ((connect_mask & HID_CONNECT_HIDRAW) && !hidraw_connect(hdev))
1699 hdev->claimed |= HID_CLAIMED_HIDRAW;
1700
1701 if (connect_mask & HID_CONNECT_DRIVER)
1702 hdev->claimed |= HID_CLAIMED_DRIVER;
1703
1704 /* Drivers with the ->raw_event callback set are not required to connect
1705 * to any other listener. */
1706 if (!hdev->claimed && !hdev->driver->raw_event) {
1707 hid_err(hdev, "device has no listeners, quitting\n");
1708 return -ENODEV;
1709 }
1710
1711 if ((hdev->claimed & HID_CLAIMED_INPUT) &&
1712 (connect_mask & HID_CONNECT_FF) && hdev->ff_init)
1713 hdev->ff_init(hdev);
1714
1715 len = 0;
1716 if (hdev->claimed & HID_CLAIMED_INPUT)
1717 len += sprintf(buf + len, "input");
1718 if (hdev->claimed & HID_CLAIMED_HIDDEV)
1719 len += sprintf(buf + len, "%shiddev%d", len ? "," : "",
1720 ((struct hiddev *)hdev->hiddev)->minor);
1721 if (hdev->claimed & HID_CLAIMED_HIDRAW)
1722 len += sprintf(buf + len, "%shidraw%d", len ? "," : "",
1723 ((struct hidraw *)hdev->hidraw)->minor);
1724
1725 type = "Device";
1726 for (i = 0; i < hdev->maxcollection; i++) {
1727 struct hid_collection *col = &hdev->collection[i];
1728 if (col->type == HID_COLLECTION_APPLICATION &&
1729 (col->usage & HID_USAGE_PAGE) == HID_UP_GENDESK &&
1730 (col->usage & 0xffff) < ARRAY_SIZE(types)) {
1731 type = types[col->usage & 0xffff];
1732 break;
1733 }
1734 }
1735
1736 switch (hdev->bus) {
1737 case BUS_USB:
1738 bus = "USB";
1739 break;
1740 case BUS_BLUETOOTH:
1741 bus = "BLUETOOTH";
1742 break;
1743 case BUS_I2C:
1744 bus = "I2C";
1745 break;
1746 default:
1747 bus = "<UNKNOWN>";
1748 }
1749
1750 ret = device_create_file(&hdev->dev, &dev_attr_country);
1751 if (ret)
1752 hid_warn(hdev,
1753 "can't create sysfs country code attribute err: %d\n", ret);
1754
1755 hid_info(hdev, "%s: %s HID v%x.%02x %s [%s] on %s\n",
1756 buf, bus, hdev->version >> 8, hdev->version & 0xff,
1757 type, hdev->name, hdev->phys);
1758
1759 return 0;
1760 }
1761 EXPORT_SYMBOL_GPL(hid_connect);
1762
hid_disconnect(struct hid_device * hdev)1763 void hid_disconnect(struct hid_device *hdev)
1764 {
1765 device_remove_file(&hdev->dev, &dev_attr_country);
1766 if (hdev->claimed & HID_CLAIMED_INPUT)
1767 hidinput_disconnect(hdev);
1768 if (hdev->claimed & HID_CLAIMED_HIDDEV)
1769 hdev->hiddev_disconnect(hdev);
1770 if (hdev->claimed & HID_CLAIMED_HIDRAW)
1771 hidraw_disconnect(hdev);
1772 hdev->claimed = 0;
1773 }
1774 EXPORT_SYMBOL_GPL(hid_disconnect);
1775
1776 /**
1777 * hid_hw_start - start underlying HW
1778 * @hdev: hid device
1779 * @connect_mask: which outputs to connect, see HID_CONNECT_*
1780 *
1781 * Call this in probe function *after* hid_parse. This will setup HW
1782 * buffers and start the device (if not defeirred to device open).
1783 * hid_hw_stop must be called if this was successful.
1784 */
hid_hw_start(struct hid_device * hdev,unsigned int connect_mask)1785 int hid_hw_start(struct hid_device *hdev, unsigned int connect_mask)
1786 {
1787 int error;
1788
1789 error = hdev->ll_driver->start(hdev);
1790 if (error)
1791 return error;
1792
1793 if (connect_mask) {
1794 error = hid_connect(hdev, connect_mask);
1795 if (error) {
1796 hdev->ll_driver->stop(hdev);
1797 return error;
1798 }
1799 }
1800
1801 return 0;
1802 }
1803 EXPORT_SYMBOL_GPL(hid_hw_start);
1804
1805 /**
1806 * hid_hw_stop - stop underlying HW
1807 * @hdev: hid device
1808 *
1809 * This is usually called from remove function or from probe when something
1810 * failed and hid_hw_start was called already.
1811 */
hid_hw_stop(struct hid_device * hdev)1812 void hid_hw_stop(struct hid_device *hdev)
1813 {
1814 hid_disconnect(hdev);
1815 hdev->ll_driver->stop(hdev);
1816 }
1817 EXPORT_SYMBOL_GPL(hid_hw_stop);
1818
1819 /**
1820 * hid_hw_open - signal underlying HW to start delivering events
1821 * @hdev: hid device
1822 *
1823 * Tell underlying HW to start delivering events from the device.
1824 * This function should be called sometime after successful call
1825 * to hid_hw_start().
1826 */
hid_hw_open(struct hid_device * hdev)1827 int hid_hw_open(struct hid_device *hdev)
1828 {
1829 int ret;
1830
1831 ret = mutex_lock_killable(&hdev->ll_open_lock);
1832 if (ret)
1833 return ret;
1834
1835 if (!hdev->ll_open_count++) {
1836 ret = hdev->ll_driver->open(hdev);
1837 if (ret)
1838 hdev->ll_open_count--;
1839 }
1840
1841 mutex_unlock(&hdev->ll_open_lock);
1842 return ret;
1843 }
1844 EXPORT_SYMBOL_GPL(hid_hw_open);
1845
1846 /**
1847 * hid_hw_close - signal underlaying HW to stop delivering events
1848 *
1849 * @hdev: hid device
1850 *
1851 * This function indicates that we are not interested in the events
1852 * from this device anymore. Delivery of events may or may not stop,
1853 * depending on the number of users still outstanding.
1854 */
hid_hw_close(struct hid_device * hdev)1855 void hid_hw_close(struct hid_device *hdev)
1856 {
1857 mutex_lock(&hdev->ll_open_lock);
1858 if (!--hdev->ll_open_count)
1859 hdev->ll_driver->close(hdev);
1860 mutex_unlock(&hdev->ll_open_lock);
1861 }
1862 EXPORT_SYMBOL_GPL(hid_hw_close);
1863
1864 struct hid_dynid {
1865 struct list_head list;
1866 struct hid_device_id id;
1867 };
1868
1869 /**
1870 * store_new_id - add a new HID device ID to this driver and re-probe devices
1871 * @driver: target device driver
1872 * @buf: buffer for scanning device ID data
1873 * @count: input size
1874 *
1875 * Adds a new dynamic hid device ID to this driver,
1876 * and causes the driver to probe for all devices again.
1877 */
new_id_store(struct device_driver * drv,const char * buf,size_t count)1878 static ssize_t new_id_store(struct device_driver *drv, const char *buf,
1879 size_t count)
1880 {
1881 struct hid_driver *hdrv = to_hid_driver(drv);
1882 struct hid_dynid *dynid;
1883 __u32 bus, vendor, product;
1884 unsigned long driver_data = 0;
1885 int ret;
1886
1887 ret = sscanf(buf, "%x %x %x %lx",
1888 &bus, &vendor, &product, &driver_data);
1889 if (ret < 3)
1890 return -EINVAL;
1891
1892 dynid = kzalloc(sizeof(*dynid), GFP_KERNEL);
1893 if (!dynid)
1894 return -ENOMEM;
1895
1896 dynid->id.bus = bus;
1897 dynid->id.group = HID_GROUP_ANY;
1898 dynid->id.vendor = vendor;
1899 dynid->id.product = product;
1900 dynid->id.driver_data = driver_data;
1901
1902 spin_lock(&hdrv->dyn_lock);
1903 list_add_tail(&dynid->list, &hdrv->dyn_list);
1904 spin_unlock(&hdrv->dyn_lock);
1905
1906 ret = driver_attach(&hdrv->driver);
1907
1908 return ret ? : count;
1909 }
1910 static DRIVER_ATTR_WO(new_id);
1911
1912 static struct attribute *hid_drv_attrs[] = {
1913 &driver_attr_new_id.attr,
1914 NULL,
1915 };
1916 ATTRIBUTE_GROUPS(hid_drv);
1917
hid_free_dynids(struct hid_driver * hdrv)1918 static void hid_free_dynids(struct hid_driver *hdrv)
1919 {
1920 struct hid_dynid *dynid, *n;
1921
1922 spin_lock(&hdrv->dyn_lock);
1923 list_for_each_entry_safe(dynid, n, &hdrv->dyn_list, list) {
1924 list_del(&dynid->list);
1925 kfree(dynid);
1926 }
1927 spin_unlock(&hdrv->dyn_lock);
1928 }
1929
hid_match_device(struct hid_device * hdev,struct hid_driver * hdrv)1930 const struct hid_device_id *hid_match_device(struct hid_device *hdev,
1931 struct hid_driver *hdrv)
1932 {
1933 struct hid_dynid *dynid;
1934
1935 spin_lock(&hdrv->dyn_lock);
1936 list_for_each_entry(dynid, &hdrv->dyn_list, list) {
1937 if (hid_match_one_id(hdev, &dynid->id)) {
1938 spin_unlock(&hdrv->dyn_lock);
1939 return &dynid->id;
1940 }
1941 }
1942 spin_unlock(&hdrv->dyn_lock);
1943
1944 return hid_match_id(hdev, hdrv->id_table);
1945 }
1946 EXPORT_SYMBOL_GPL(hid_match_device);
1947
hid_bus_match(struct device * dev,struct device_driver * drv)1948 static int hid_bus_match(struct device *dev, struct device_driver *drv)
1949 {
1950 struct hid_driver *hdrv = to_hid_driver(drv);
1951 struct hid_device *hdev = to_hid_device(dev);
1952
1953 return hid_match_device(hdev, hdrv) != NULL;
1954 }
1955
1956 /**
1957 * hid_compare_device_paths - check if both devices share the same path
1958 * @hdev_a: hid device
1959 * @hdev_b: hid device
1960 * @separator: char to use as separator
1961 *
1962 * Check if two devices share the same path up to the last occurrence of
1963 * the separator char. Both paths must exist (i.e., zero-length paths
1964 * don't match).
1965 */
hid_compare_device_paths(struct hid_device * hdev_a,struct hid_device * hdev_b,char separator)1966 bool hid_compare_device_paths(struct hid_device *hdev_a,
1967 struct hid_device *hdev_b, char separator)
1968 {
1969 int n1 = strrchr(hdev_a->phys, separator) - hdev_a->phys;
1970 int n2 = strrchr(hdev_b->phys, separator) - hdev_b->phys;
1971
1972 if (n1 != n2 || n1 <= 0 || n2 <= 0)
1973 return false;
1974
1975 return !strncmp(hdev_a->phys, hdev_b->phys, n1);
1976 }
1977 EXPORT_SYMBOL_GPL(hid_compare_device_paths);
1978
hid_device_probe(struct device * dev)1979 static int hid_device_probe(struct device *dev)
1980 {
1981 struct hid_driver *hdrv = to_hid_driver(dev->driver);
1982 struct hid_device *hdev = to_hid_device(dev);
1983 const struct hid_device_id *id;
1984 int ret = 0;
1985
1986 if (down_interruptible(&hdev->driver_input_lock)) {
1987 ret = -EINTR;
1988 goto end;
1989 }
1990 hdev->io_started = false;
1991
1992 clear_bit(ffs(HID_STAT_REPROBED), &hdev->status);
1993
1994 if (!hdev->driver) {
1995 id = hid_match_device(hdev, hdrv);
1996 if (id == NULL) {
1997 ret = -ENODEV;
1998 goto unlock;
1999 }
2000
2001 if (hdrv->match) {
2002 if (!hdrv->match(hdev, hid_ignore_special_drivers)) {
2003 ret = -ENODEV;
2004 goto unlock;
2005 }
2006 } else {
2007 /*
2008 * hid-generic implements .match(), so if
2009 * hid_ignore_special_drivers is set, we can safely
2010 * return.
2011 */
2012 if (hid_ignore_special_drivers) {
2013 ret = -ENODEV;
2014 goto unlock;
2015 }
2016 }
2017
2018 /* reset the quirks that has been previously set */
2019 hdev->quirks = hid_lookup_quirk(hdev);
2020 hdev->driver = hdrv;
2021 if (hdrv->probe) {
2022 ret = hdrv->probe(hdev, id);
2023 } else { /* default probe */
2024 ret = hid_open_report(hdev);
2025 if (!ret)
2026 ret = hid_hw_start(hdev, HID_CONNECT_DEFAULT);
2027 }
2028 if (ret) {
2029 hid_close_report(hdev);
2030 hdev->driver = NULL;
2031 }
2032 }
2033 unlock:
2034 if (!hdev->io_started)
2035 up(&hdev->driver_input_lock);
2036 end:
2037 return ret;
2038 }
2039
hid_device_remove(struct device * dev)2040 static int hid_device_remove(struct device *dev)
2041 {
2042 struct hid_device *hdev = to_hid_device(dev);
2043 struct hid_driver *hdrv;
2044 int ret = 0;
2045
2046 if (down_interruptible(&hdev->driver_input_lock)) {
2047 ret = -EINTR;
2048 goto end;
2049 }
2050 hdev->io_started = false;
2051
2052 hdrv = hdev->driver;
2053 if (hdrv) {
2054 if (hdrv->remove)
2055 hdrv->remove(hdev);
2056 else /* default remove */
2057 hid_hw_stop(hdev);
2058 hid_close_report(hdev);
2059 hdev->driver = NULL;
2060 }
2061
2062 if (!hdev->io_started)
2063 up(&hdev->driver_input_lock);
2064 end:
2065 return ret;
2066 }
2067
modalias_show(struct device * dev,struct device_attribute * a,char * buf)2068 static ssize_t modalias_show(struct device *dev, struct device_attribute *a,
2069 char *buf)
2070 {
2071 struct hid_device *hdev = container_of(dev, struct hid_device, dev);
2072
2073 return scnprintf(buf, PAGE_SIZE, "hid:b%04Xg%04Xv%08Xp%08X\n",
2074 hdev->bus, hdev->group, hdev->vendor, hdev->product);
2075 }
2076 static DEVICE_ATTR_RO(modalias);
2077
2078 static struct attribute *hid_dev_attrs[] = {
2079 &dev_attr_modalias.attr,
2080 NULL,
2081 };
2082 static struct bin_attribute *hid_dev_bin_attrs[] = {
2083 &dev_bin_attr_report_desc,
2084 NULL
2085 };
2086 static const struct attribute_group hid_dev_group = {
2087 .attrs = hid_dev_attrs,
2088 .bin_attrs = hid_dev_bin_attrs,
2089 };
2090 __ATTRIBUTE_GROUPS(hid_dev);
2091
hid_uevent(struct device * dev,struct kobj_uevent_env * env)2092 static int hid_uevent(struct device *dev, struct kobj_uevent_env *env)
2093 {
2094 struct hid_device *hdev = to_hid_device(dev);
2095
2096 if (add_uevent_var(env, "HID_ID=%04X:%08X:%08X",
2097 hdev->bus, hdev->vendor, hdev->product))
2098 return -ENOMEM;
2099
2100 if (add_uevent_var(env, "HID_NAME=%s", hdev->name))
2101 return -ENOMEM;
2102
2103 if (add_uevent_var(env, "HID_PHYS=%s", hdev->phys))
2104 return -ENOMEM;
2105
2106 if (add_uevent_var(env, "HID_UNIQ=%s", hdev->uniq))
2107 return -ENOMEM;
2108
2109 if (add_uevent_var(env, "MODALIAS=hid:b%04Xg%04Xv%08Xp%08X",
2110 hdev->bus, hdev->group, hdev->vendor, hdev->product))
2111 return -ENOMEM;
2112
2113 return 0;
2114 }
2115
2116 struct bus_type hid_bus_type = {
2117 .name = "hid",
2118 .dev_groups = hid_dev_groups,
2119 .drv_groups = hid_drv_groups,
2120 .match = hid_bus_match,
2121 .probe = hid_device_probe,
2122 .remove = hid_device_remove,
2123 .uevent = hid_uevent,
2124 };
2125 EXPORT_SYMBOL(hid_bus_type);
2126
hid_add_device(struct hid_device * hdev)2127 int hid_add_device(struct hid_device *hdev)
2128 {
2129 static atomic_t id = ATOMIC_INIT(0);
2130 int ret;
2131
2132 if (WARN_ON(hdev->status & HID_STAT_ADDED))
2133 return -EBUSY;
2134
2135 hdev->quirks = hid_lookup_quirk(hdev);
2136
2137 /* we need to kill them here, otherwise they will stay allocated to
2138 * wait for coming driver */
2139 if (hid_ignore(hdev))
2140 return -ENODEV;
2141
2142 /*
2143 * Check for the mandatory transport channel.
2144 */
2145 if (!hdev->ll_driver->raw_request) {
2146 hid_err(hdev, "transport driver missing .raw_request()\n");
2147 return -EINVAL;
2148 }
2149
2150 /*
2151 * Read the device report descriptor once and use as template
2152 * for the driver-specific modifications.
2153 */
2154 ret = hdev->ll_driver->parse(hdev);
2155 if (ret)
2156 return ret;
2157 if (!hdev->dev_rdesc)
2158 return -ENODEV;
2159
2160 /*
2161 * Scan generic devices for group information
2162 */
2163 if (hid_ignore_special_drivers) {
2164 hdev->group = HID_GROUP_GENERIC;
2165 } else if (!hdev->group &&
2166 !(hdev->quirks & HID_QUIRK_HAVE_SPECIAL_DRIVER)) {
2167 ret = hid_scan_report(hdev);
2168 if (ret)
2169 hid_warn(hdev, "bad device descriptor (%d)\n", ret);
2170 }
2171
2172 /* XXX hack, any other cleaner solution after the driver core
2173 * is converted to allow more than 20 bytes as the device name? */
2174 dev_set_name(&hdev->dev, "%04X:%04X:%04X.%04X", hdev->bus,
2175 hdev->vendor, hdev->product, atomic_inc_return(&id));
2176
2177 hid_debug_register(hdev, dev_name(&hdev->dev));
2178 ret = device_add(&hdev->dev);
2179 if (!ret)
2180 hdev->status |= HID_STAT_ADDED;
2181 else
2182 hid_debug_unregister(hdev);
2183
2184 return ret;
2185 }
2186 EXPORT_SYMBOL_GPL(hid_add_device);
2187
2188 /**
2189 * hid_allocate_device - allocate new hid device descriptor
2190 *
2191 * Allocate and initialize hid device, so that hid_destroy_device might be
2192 * used to free it.
2193 *
2194 * New hid_device pointer is returned on success, otherwise ERR_PTR encoded
2195 * error value.
2196 */
hid_allocate_device(void)2197 struct hid_device *hid_allocate_device(void)
2198 {
2199 struct hid_device *hdev;
2200 int ret = -ENOMEM;
2201
2202 hdev = kzalloc(sizeof(*hdev), GFP_KERNEL);
2203 if (hdev == NULL)
2204 return ERR_PTR(ret);
2205
2206 device_initialize(&hdev->dev);
2207 hdev->dev.release = hid_device_release;
2208 hdev->dev.bus = &hid_bus_type;
2209 device_enable_async_suspend(&hdev->dev);
2210
2211 hid_close_report(hdev);
2212
2213 init_waitqueue_head(&hdev->debug_wait);
2214 INIT_LIST_HEAD(&hdev->debug_list);
2215 spin_lock_init(&hdev->debug_list_lock);
2216 sema_init(&hdev->driver_input_lock, 1);
2217 mutex_init(&hdev->ll_open_lock);
2218
2219 return hdev;
2220 }
2221 EXPORT_SYMBOL_GPL(hid_allocate_device);
2222
hid_remove_device(struct hid_device * hdev)2223 static void hid_remove_device(struct hid_device *hdev)
2224 {
2225 if (hdev->status & HID_STAT_ADDED) {
2226 device_del(&hdev->dev);
2227 hid_debug_unregister(hdev);
2228 hdev->status &= ~HID_STAT_ADDED;
2229 }
2230 kfree(hdev->dev_rdesc);
2231 hdev->dev_rdesc = NULL;
2232 hdev->dev_rsize = 0;
2233 }
2234
2235 /**
2236 * hid_destroy_device - free previously allocated device
2237 *
2238 * @hdev: hid device
2239 *
2240 * If you allocate hid_device through hid_allocate_device, you should ever
2241 * free by this function.
2242 */
hid_destroy_device(struct hid_device * hdev)2243 void hid_destroy_device(struct hid_device *hdev)
2244 {
2245 hid_remove_device(hdev);
2246 put_device(&hdev->dev);
2247 }
2248 EXPORT_SYMBOL_GPL(hid_destroy_device);
2249
2250
__hid_bus_reprobe_drivers(struct device * dev,void * data)2251 static int __hid_bus_reprobe_drivers(struct device *dev, void *data)
2252 {
2253 struct hid_driver *hdrv = data;
2254 struct hid_device *hdev = to_hid_device(dev);
2255
2256 if (hdev->driver == hdrv &&
2257 !hdrv->match(hdev, hid_ignore_special_drivers) &&
2258 !test_and_set_bit(ffs(HID_STAT_REPROBED), &hdev->status))
2259 return device_reprobe(dev);
2260
2261 return 0;
2262 }
2263
__hid_bus_driver_added(struct device_driver * drv,void * data)2264 static int __hid_bus_driver_added(struct device_driver *drv, void *data)
2265 {
2266 struct hid_driver *hdrv = to_hid_driver(drv);
2267
2268 if (hdrv->match) {
2269 bus_for_each_dev(&hid_bus_type, NULL, hdrv,
2270 __hid_bus_reprobe_drivers);
2271 }
2272
2273 return 0;
2274 }
2275
__bus_removed_driver(struct device_driver * drv,void * data)2276 static int __bus_removed_driver(struct device_driver *drv, void *data)
2277 {
2278 return bus_rescan_devices(&hid_bus_type);
2279 }
2280
__hid_register_driver(struct hid_driver * hdrv,struct module * owner,const char * mod_name)2281 int __hid_register_driver(struct hid_driver *hdrv, struct module *owner,
2282 const char *mod_name)
2283 {
2284 int ret;
2285
2286 hdrv->driver.name = hdrv->name;
2287 hdrv->driver.bus = &hid_bus_type;
2288 hdrv->driver.owner = owner;
2289 hdrv->driver.mod_name = mod_name;
2290
2291 INIT_LIST_HEAD(&hdrv->dyn_list);
2292 spin_lock_init(&hdrv->dyn_lock);
2293
2294 ret = driver_register(&hdrv->driver);
2295
2296 if (ret == 0)
2297 bus_for_each_drv(&hid_bus_type, NULL, NULL,
2298 __hid_bus_driver_added);
2299
2300 return ret;
2301 }
2302 EXPORT_SYMBOL_GPL(__hid_register_driver);
2303
hid_unregister_driver(struct hid_driver * hdrv)2304 void hid_unregister_driver(struct hid_driver *hdrv)
2305 {
2306 driver_unregister(&hdrv->driver);
2307 hid_free_dynids(hdrv);
2308
2309 bus_for_each_drv(&hid_bus_type, NULL, hdrv, __bus_removed_driver);
2310 }
2311 EXPORT_SYMBOL_GPL(hid_unregister_driver);
2312
hid_check_keys_pressed(struct hid_device * hid)2313 int hid_check_keys_pressed(struct hid_device *hid)
2314 {
2315 struct hid_input *hidinput;
2316 int i;
2317
2318 if (!(hid->claimed & HID_CLAIMED_INPUT))
2319 return 0;
2320
2321 list_for_each_entry(hidinput, &hid->inputs, list) {
2322 for (i = 0; i < BITS_TO_LONGS(KEY_MAX); i++)
2323 if (hidinput->input->key[i])
2324 return 1;
2325 }
2326
2327 return 0;
2328 }
2329
2330 EXPORT_SYMBOL_GPL(hid_check_keys_pressed);
2331
hid_init(void)2332 static int __init hid_init(void)
2333 {
2334 int ret;
2335
2336 if (hid_debug)
2337 pr_warn("hid_debug is now used solely for parser and driver debugging.\n"
2338 "debugfs is now used for inspecting the device (report descriptor, reports)\n");
2339
2340 ret = bus_register(&hid_bus_type);
2341 if (ret) {
2342 pr_err("can't register hid bus\n");
2343 goto err;
2344 }
2345
2346 ret = hidraw_init();
2347 if (ret)
2348 goto err_bus;
2349
2350 hid_debug_init();
2351
2352 return 0;
2353 err_bus:
2354 bus_unregister(&hid_bus_type);
2355 err:
2356 return ret;
2357 }
2358
hid_exit(void)2359 static void __exit hid_exit(void)
2360 {
2361 hid_debug_exit();
2362 hidraw_exit();
2363 bus_unregister(&hid_bus_type);
2364 hid_quirks_exit(HID_BUS_ANY);
2365 }
2366
2367 module_init(hid_init);
2368 module_exit(hid_exit);
2369
2370 MODULE_AUTHOR("Andreas Gal");
2371 MODULE_AUTHOR("Vojtech Pavlik");
2372 MODULE_AUTHOR("Jiri Kosina");
2373 MODULE_LICENSE("GPL");
2374
