1 // SPDX-License-Identifier: GPL-2.0+
2 /*
3 * Copyright (C) 2015 Karol Kosik <karo9@interia.eu>
4 * Copyright (C) 2015-2016 Samsung Electronics
5 * Igor Kotrasinski <i.kotrasinsk@samsung.com>
6 * Krzysztof Opasiak <k.opasiak@samsung.com>
7 */
8
9 #include <linux/device.h>
10 #include <linux/kernel.h>
11 #include <linux/list.h>
12 #include <linux/platform_device.h>
13 #include <linux/usb.h>
14 #include <linux/usb/gadget.h>
15 #include <linux/usb/hcd.h>
16 #include <linux/kthread.h>
17 #include <linux/file.h>
18 #include <linux/byteorder/generic.h>
19
20 #include "usbip_common.h"
21 #include "vudc.h"
22
23 #define VIRTUAL_ENDPOINTS (1 /* ep0 */ + 15 /* in eps */ + 15 /* out eps */)
24
25 /* urb-related structures alloc / free */
26
27
free_urb(struct urb * urb)28 static void free_urb(struct urb *urb)
29 {
30 if (!urb)
31 return;
32
33 kfree(urb->setup_packet);
34 urb->setup_packet = NULL;
35
36 kfree(urb->transfer_buffer);
37 urb->transfer_buffer = NULL;
38
39 usb_free_urb(urb);
40 }
41
alloc_urbp(void)42 struct urbp *alloc_urbp(void)
43 {
44 struct urbp *urb_p;
45
46 urb_p = kzalloc(sizeof(*urb_p), GFP_KERNEL);
47 if (!urb_p)
48 return urb_p;
49
50 urb_p->urb = NULL;
51 urb_p->ep = NULL;
52 INIT_LIST_HEAD(&urb_p->urb_entry);
53 return urb_p;
54 }
55
free_urbp(struct urbp * urb_p)56 static void free_urbp(struct urbp *urb_p)
57 {
58 kfree(urb_p);
59 }
60
free_urbp_and_urb(struct urbp * urb_p)61 void free_urbp_and_urb(struct urbp *urb_p)
62 {
63 if (!urb_p)
64 return;
65 free_urb(urb_p->urb);
66 free_urbp(urb_p);
67 }
68
69
70 /* utilities ; almost verbatim from dummy_hcd.c */
71
72 /* called with spinlock held */
nuke(struct vudc * udc,struct vep * ep)73 static void nuke(struct vudc *udc, struct vep *ep)
74 {
75 struct vrequest *req;
76
77 while (!list_empty(&ep->req_queue)) {
78 req = list_first_entry(&ep->req_queue, struct vrequest,
79 req_entry);
80 list_del_init(&req->req_entry);
81 req->req.status = -ESHUTDOWN;
82
83 spin_unlock(&udc->lock);
84 usb_gadget_giveback_request(&ep->ep, &req->req);
85 spin_lock(&udc->lock);
86 }
87 }
88
89 /* caller must hold lock */
stop_activity(struct vudc * udc)90 static void stop_activity(struct vudc *udc)
91 {
92 int i;
93 struct urbp *urb_p, *tmp;
94
95 udc->address = 0;
96
97 for (i = 0; i < VIRTUAL_ENDPOINTS; i++)
98 nuke(udc, &udc->ep[i]);
99
100 list_for_each_entry_safe(urb_p, tmp, &udc->urb_queue, urb_entry) {
101 list_del(&urb_p->urb_entry);
102 free_urbp_and_urb(urb_p);
103 }
104 }
105
vudc_find_endpoint(struct vudc * udc,u8 address)106 struct vep *vudc_find_endpoint(struct vudc *udc, u8 address)
107 {
108 int i;
109
110 if ((address & ~USB_DIR_IN) == 0)
111 return &udc->ep[0];
112
113 for (i = 1; i < VIRTUAL_ENDPOINTS; i++) {
114 struct vep *ep = &udc->ep[i];
115
116 if (!ep->desc)
117 continue;
118 if (ep->desc->bEndpointAddress == address)
119 return ep;
120 }
121 return NULL;
122 }
123
124 /* gadget ops */
125
vgadget_get_frame(struct usb_gadget * _gadget)126 static int vgadget_get_frame(struct usb_gadget *_gadget)
127 {
128 struct timespec64 now;
129 struct vudc *udc = usb_gadget_to_vudc(_gadget);
130
131 ktime_get_ts64(&now);
132 return ((now.tv_sec - udc->start_time.tv_sec) * 1000 +
133 (now.tv_nsec - udc->start_time.tv_nsec) / NSEC_PER_MSEC)
134 & 0x7FF;
135 }
136
vgadget_set_selfpowered(struct usb_gadget * _gadget,int value)137 static int vgadget_set_selfpowered(struct usb_gadget *_gadget, int value)
138 {
139 struct vudc *udc = usb_gadget_to_vudc(_gadget);
140
141 if (value)
142 udc->devstatus |= (1 << USB_DEVICE_SELF_POWERED);
143 else
144 udc->devstatus &= ~(1 << USB_DEVICE_SELF_POWERED);
145 return 0;
146 }
147
vgadget_pullup(struct usb_gadget * _gadget,int value)148 static int vgadget_pullup(struct usb_gadget *_gadget, int value)
149 {
150 struct vudc *udc = usb_gadget_to_vudc(_gadget);
151 unsigned long flags;
152 int ret;
153
154
155 spin_lock_irqsave(&udc->lock, flags);
156 value = !!value;
157 if (value == udc->pullup)
158 goto unlock;
159
160 udc->pullup = value;
161 if (value) {
162 udc->gadget.speed = min_t(u8, USB_SPEED_HIGH,
163 udc->driver->max_speed);
164 udc->ep[0].ep.maxpacket = 64;
165 /*
166 * This is the first place where we can ask our
167 * gadget driver for descriptors.
168 */
169 ret = get_gadget_descs(udc);
170 if (ret) {
171 dev_err(&udc->gadget.dev, "Unable go get desc: %d", ret);
172 goto unlock;
173 }
174
175 spin_unlock_irqrestore(&udc->lock, flags);
176 usbip_start_eh(&udc->ud);
177 } else {
178 /* Invalidate descriptors */
179 udc->desc_cached = 0;
180
181 spin_unlock_irqrestore(&udc->lock, flags);
182 usbip_event_add(&udc->ud, VUDC_EVENT_REMOVED);
183 usbip_stop_eh(&udc->ud); /* Wait for eh completion */
184 }
185
186 return 0;
187
188 unlock:
189 spin_unlock_irqrestore(&udc->lock, flags);
190 return 0;
191 }
192
vgadget_udc_start(struct usb_gadget * g,struct usb_gadget_driver * driver)193 static int vgadget_udc_start(struct usb_gadget *g,
194 struct usb_gadget_driver *driver)
195 {
196 struct vudc *udc = usb_gadget_to_vudc(g);
197 unsigned long flags;
198
199 spin_lock_irqsave(&udc->lock, flags);
200 udc->driver = driver;
201 udc->pullup = udc->connected = udc->desc_cached = 0;
202 spin_unlock_irqrestore(&udc->lock, flags);
203
204 return 0;
205 }
206
vgadget_udc_stop(struct usb_gadget * g)207 static int vgadget_udc_stop(struct usb_gadget *g)
208 {
209 struct vudc *udc = usb_gadget_to_vudc(g);
210 unsigned long flags;
211
212 spin_lock_irqsave(&udc->lock, flags);
213 udc->driver = NULL;
214 spin_unlock_irqrestore(&udc->lock, flags);
215 return 0;
216 }
217
218 static const struct usb_gadget_ops vgadget_ops = {
219 .get_frame = vgadget_get_frame,
220 .set_selfpowered = vgadget_set_selfpowered,
221 .pullup = vgadget_pullup,
222 .udc_start = vgadget_udc_start,
223 .udc_stop = vgadget_udc_stop,
224 };
225
226
227 /* endpoint ops */
228
vep_enable(struct usb_ep * _ep,const struct usb_endpoint_descriptor * desc)229 static int vep_enable(struct usb_ep *_ep,
230 const struct usb_endpoint_descriptor *desc)
231 {
232 struct vep *ep;
233 struct vudc *udc;
234 unsigned int maxp;
235 unsigned long flags;
236
237 ep = to_vep(_ep);
238 udc = ep_to_vudc(ep);
239
240 if (!_ep || !desc || ep->desc || _ep->caps.type_control
241 || desc->bDescriptorType != USB_DT_ENDPOINT)
242 return -EINVAL;
243
244 if (!udc->driver)
245 return -ESHUTDOWN;
246
247 spin_lock_irqsave(&udc->lock, flags);
248
249 maxp = usb_endpoint_maxp(desc);
250 _ep->maxpacket = maxp;
251 ep->desc = desc;
252 ep->type = usb_endpoint_type(desc);
253 ep->halted = ep->wedged = 0;
254
255 spin_unlock_irqrestore(&udc->lock, flags);
256
257 return 0;
258 }
259
vep_disable(struct usb_ep * _ep)260 static int vep_disable(struct usb_ep *_ep)
261 {
262 struct vep *ep;
263 struct vudc *udc;
264 unsigned long flags;
265
266 ep = to_vep(_ep);
267 udc = ep_to_vudc(ep);
268 if (!_ep || !ep->desc || _ep->caps.type_control)
269 return -EINVAL;
270
271 spin_lock_irqsave(&udc->lock, flags);
272 ep->desc = NULL;
273 nuke(udc, ep);
274 spin_unlock_irqrestore(&udc->lock, flags);
275
276 return 0;
277 }
278
vep_alloc_request(struct usb_ep * _ep,gfp_t mem_flags)279 static struct usb_request *vep_alloc_request(struct usb_ep *_ep,
280 gfp_t mem_flags)
281 {
282 struct vrequest *req;
283
284 if (!_ep)
285 return NULL;
286
287 req = kzalloc(sizeof(*req), mem_flags);
288 if (!req)
289 return NULL;
290
291 INIT_LIST_HEAD(&req->req_entry);
292
293 return &req->req;
294 }
295
vep_free_request(struct usb_ep * _ep,struct usb_request * _req)296 static void vep_free_request(struct usb_ep *_ep, struct usb_request *_req)
297 {
298 struct vrequest *req;
299
300 if (WARN_ON(!_ep || !_req))
301 return;
302
303 req = to_vrequest(_req);
304 kfree(req);
305 }
306
vep_queue(struct usb_ep * _ep,struct usb_request * _req,gfp_t mem_flags)307 static int vep_queue(struct usb_ep *_ep, struct usb_request *_req,
308 gfp_t mem_flags)
309 {
310 struct vep *ep;
311 struct vrequest *req;
312 struct vudc *udc;
313 unsigned long flags;
314
315 if (!_ep || !_req)
316 return -EINVAL;
317
318 ep = to_vep(_ep);
319 req = to_vrequest(_req);
320 udc = ep_to_vudc(ep);
321
322 spin_lock_irqsave(&udc->lock, flags);
323 _req->actual = 0;
324 _req->status = -EINPROGRESS;
325
326 list_add_tail(&req->req_entry, &ep->req_queue);
327 spin_unlock_irqrestore(&udc->lock, flags);
328
329 return 0;
330 }
331
vep_dequeue(struct usb_ep * _ep,struct usb_request * _req)332 static int vep_dequeue(struct usb_ep *_ep, struct usb_request *_req)
333 {
334 struct vep *ep;
335 struct vrequest *req;
336 struct vudc *udc;
337 struct vrequest *lst;
338 unsigned long flags;
339 int ret = -EINVAL;
340
341 if (!_ep || !_req)
342 return ret;
343
344 ep = to_vep(_ep);
345 req = to_vrequest(_req);
346 udc = req->udc;
347
348 if (!udc->driver)
349 return -ESHUTDOWN;
350
351 spin_lock_irqsave(&udc->lock, flags);
352 list_for_each_entry(lst, &ep->req_queue, req_entry) {
353 if (&lst->req == _req) {
354 list_del_init(&lst->req_entry);
355 _req->status = -ECONNRESET;
356 ret = 0;
357 break;
358 }
359 }
360 spin_unlock_irqrestore(&udc->lock, flags);
361
362 if (ret == 0)
363 usb_gadget_giveback_request(_ep, _req);
364
365 return ret;
366 }
367
368 static int
vep_set_halt_and_wedge(struct usb_ep * _ep,int value,int wedged)369 vep_set_halt_and_wedge(struct usb_ep *_ep, int value, int wedged)
370 {
371 struct vep *ep;
372 struct vudc *udc;
373 unsigned long flags;
374 int ret = 0;
375
376 ep = to_vep(_ep);
377 if (!_ep)
378 return -EINVAL;
379
380 udc = ep_to_vudc(ep);
381 if (!udc->driver)
382 return -ESHUTDOWN;
383
384 spin_lock_irqsave(&udc->lock, flags);
385 if (!value)
386 ep->halted = ep->wedged = 0;
387 else if (ep->desc && (ep->desc->bEndpointAddress & USB_DIR_IN) &&
388 !list_empty(&ep->req_queue))
389 ret = -EAGAIN;
390 else {
391 ep->halted = 1;
392 if (wedged)
393 ep->wedged = 1;
394 }
395
396 spin_unlock_irqrestore(&udc->lock, flags);
397 return ret;
398 }
399
400 static int
vep_set_halt(struct usb_ep * _ep,int value)401 vep_set_halt(struct usb_ep *_ep, int value)
402 {
403 return vep_set_halt_and_wedge(_ep, value, 0);
404 }
405
vep_set_wedge(struct usb_ep * _ep)406 static int vep_set_wedge(struct usb_ep *_ep)
407 {
408 return vep_set_halt_and_wedge(_ep, 1, 1);
409 }
410
411 static const struct usb_ep_ops vep_ops = {
412 .enable = vep_enable,
413 .disable = vep_disable,
414
415 .alloc_request = vep_alloc_request,
416 .free_request = vep_free_request,
417
418 .queue = vep_queue,
419 .dequeue = vep_dequeue,
420
421 .set_halt = vep_set_halt,
422 .set_wedge = vep_set_wedge,
423 };
424
425
426 /* shutdown / reset / error handlers */
427
vudc_shutdown(struct usbip_device * ud)428 static void vudc_shutdown(struct usbip_device *ud)
429 {
430 struct vudc *udc = container_of(ud, struct vudc, ud);
431 int call_disconnect = 0;
432 unsigned long flags;
433
434 dev_dbg(&udc->pdev->dev, "device shutdown");
435 if (ud->tcp_socket)
436 kernel_sock_shutdown(ud->tcp_socket, SHUT_RDWR);
437
438 if (ud->tcp_rx) {
439 kthread_stop_put(ud->tcp_rx);
440 ud->tcp_rx = NULL;
441 }
442 if (ud->tcp_tx) {
443 kthread_stop_put(ud->tcp_tx);
444 ud->tcp_tx = NULL;
445 }
446
447 if (ud->tcp_socket) {
448 sockfd_put(ud->tcp_socket);
449 ud->tcp_socket = NULL;
450 }
451
452 spin_lock_irqsave(&udc->lock, flags);
453 stop_activity(udc);
454 if (udc->connected && udc->driver->disconnect)
455 call_disconnect = 1;
456 udc->connected = 0;
457 spin_unlock_irqrestore(&udc->lock, flags);
458 if (call_disconnect)
459 udc->driver->disconnect(&udc->gadget);
460 }
461
vudc_device_reset(struct usbip_device * ud)462 static void vudc_device_reset(struct usbip_device *ud)
463 {
464 struct vudc *udc = container_of(ud, struct vudc, ud);
465 unsigned long flags;
466
467 dev_dbg(&udc->pdev->dev, "device reset");
468 spin_lock_irqsave(&udc->lock, flags);
469 stop_activity(udc);
470 spin_unlock_irqrestore(&udc->lock, flags);
471 if (udc->driver)
472 usb_gadget_udc_reset(&udc->gadget, udc->driver);
473 spin_lock_irqsave(&ud->lock, flags);
474 ud->status = SDEV_ST_AVAILABLE;
475 spin_unlock_irqrestore(&ud->lock, flags);
476 }
477
vudc_device_unusable(struct usbip_device * ud)478 static void vudc_device_unusable(struct usbip_device *ud)
479 {
480 unsigned long flags;
481
482 spin_lock_irqsave(&ud->lock, flags);
483 ud->status = SDEV_ST_ERROR;
484 spin_unlock_irqrestore(&ud->lock, flags);
485 }
486
487 /* device setup / cleanup */
488
alloc_vudc_device(int devid)489 struct vudc_device *alloc_vudc_device(int devid)
490 {
491 struct vudc_device *udc_dev = NULL;
492
493 udc_dev = kzalloc(sizeof(*udc_dev), GFP_KERNEL);
494 if (!udc_dev)
495 goto out;
496
497 INIT_LIST_HEAD(&udc_dev->dev_entry);
498
499 udc_dev->pdev = platform_device_alloc(GADGET_NAME, devid);
500 if (!udc_dev->pdev) {
501 kfree(udc_dev);
502 udc_dev = NULL;
503 }
504
505 out:
506 return udc_dev;
507 }
508
put_vudc_device(struct vudc_device * udc_dev)509 void put_vudc_device(struct vudc_device *udc_dev)
510 {
511 platform_device_put(udc_dev->pdev);
512 kfree(udc_dev);
513 }
514
init_vudc_hw(struct vudc * udc)515 static int init_vudc_hw(struct vudc *udc)
516 {
517 int i;
518 struct usbip_device *ud = &udc->ud;
519 struct vep *ep;
520
521 udc->ep = kcalloc(VIRTUAL_ENDPOINTS, sizeof(*udc->ep), GFP_KERNEL);
522 if (!udc->ep)
523 goto nomem_ep;
524
525 INIT_LIST_HEAD(&udc->gadget.ep_list);
526
527 /* create ep0 and 15 in, 15 out general purpose eps */
528 for (i = 0; i < VIRTUAL_ENDPOINTS; ++i) {
529 int is_out = i % 2;
530 int num = (i + 1) / 2;
531
532 ep = &udc->ep[i];
533
534 sprintf(ep->name, "ep%d%s", num,
535 i ? (is_out ? "out" : "in") : "");
536 ep->ep.name = ep->name;
537
538 ep->ep.ops = &vep_ops;
539
540 usb_ep_set_maxpacket_limit(&ep->ep, ~0);
541 ep->ep.max_streams = 16;
542 ep->gadget = &udc->gadget;
543 INIT_LIST_HEAD(&ep->req_queue);
544
545 if (i == 0) {
546 /* ep0 */
547 ep->ep.caps.type_control = true;
548 ep->ep.caps.dir_out = true;
549 ep->ep.caps.dir_in = true;
550
551 udc->gadget.ep0 = &ep->ep;
552 } else {
553 /* All other eps */
554 ep->ep.caps.type_iso = true;
555 ep->ep.caps.type_int = true;
556 ep->ep.caps.type_bulk = true;
557
558 if (is_out)
559 ep->ep.caps.dir_out = true;
560 else
561 ep->ep.caps.dir_in = true;
562
563 list_add_tail(&ep->ep.ep_list, &udc->gadget.ep_list);
564 }
565 }
566
567 spin_lock_init(&udc->lock);
568 spin_lock_init(&udc->lock_tx);
569 INIT_LIST_HEAD(&udc->urb_queue);
570 INIT_LIST_HEAD(&udc->tx_queue);
571 init_waitqueue_head(&udc->tx_waitq);
572
573 spin_lock_init(&ud->lock);
574 ud->status = SDEV_ST_AVAILABLE;
575 ud->side = USBIP_VUDC;
576
577 ud->eh_ops.shutdown = vudc_shutdown;
578 ud->eh_ops.reset = vudc_device_reset;
579 ud->eh_ops.unusable = vudc_device_unusable;
580
581 v_init_timer(udc);
582 return 0;
583
584 nomem_ep:
585 return -ENOMEM;
586 }
587
cleanup_vudc_hw(struct vudc * udc)588 static void cleanup_vudc_hw(struct vudc *udc)
589 {
590 kfree(udc->ep);
591 }
592
593 /* platform driver ops */
594
vudc_probe(struct platform_device * pdev)595 int vudc_probe(struct platform_device *pdev)
596 {
597 struct vudc *udc;
598 int ret = -ENOMEM;
599
600 udc = kzalloc(sizeof(*udc), GFP_KERNEL);
601 if (!udc)
602 goto out;
603
604 udc->gadget.name = GADGET_NAME;
605 udc->gadget.ops = &vgadget_ops;
606 udc->gadget.max_speed = USB_SPEED_HIGH;
607 udc->gadget.dev.parent = &pdev->dev;
608 udc->pdev = pdev;
609
610 ret = init_vudc_hw(udc);
611 if (ret)
612 goto err_init_vudc_hw;
613
614 ret = usb_add_gadget_udc(&pdev->dev, &udc->gadget);
615 if (ret < 0)
616 goto err_add_udc;
617
618 ret = sysfs_create_group(&pdev->dev.kobj, &vudc_attr_group);
619 if (ret) {
620 dev_err(&udc->pdev->dev, "create sysfs files\n");
621 goto err_sysfs;
622 }
623
624 platform_set_drvdata(pdev, udc);
625
626 return ret;
627
628 err_sysfs:
629 usb_del_gadget_udc(&udc->gadget);
630 err_add_udc:
631 cleanup_vudc_hw(udc);
632 err_init_vudc_hw:
633 kfree(udc);
634 out:
635 return ret;
636 }
637
vudc_remove(struct platform_device * pdev)638 int vudc_remove(struct platform_device *pdev)
639 {
640 struct vudc *udc = platform_get_drvdata(pdev);
641
642 sysfs_remove_group(&pdev->dev.kobj, &vudc_attr_group);
643 usb_del_gadget_udc(&udc->gadget);
644 cleanup_vudc_hw(udc);
645 kfree(udc);
646 return 0;
647 }
648
