1// SPDX-License-Identifier: GPL-2.0+ 2/* 3 * drivers/usb/class/usbtmc.c - USB Test & Measurement class driver 4 * 5 * Copyright (C) 2007 Stefan Kopp, Gechingen, Germany 6 * Copyright (C) 2008 Novell, Inc. 7 * Copyright (C) 2008 Greg Kroah-Hartman <gregkh@suse.de> 8 * Copyright (C) 2018 IVI Foundation, Inc. 9 */ 10 11#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt 12 13#include <linux/module.h> 14#include <linux/kernel.h> 15#include <linux/fs.h> 16#include <linux/uaccess.h> 17#include <linux/kref.h> 18#include <linux/slab.h> 19#include <linux/poll.h> 20#include <linux/mutex.h> 21#include <linux/usb.h> 22#include <linux/compat.h> 23#include <linux/usb/tmc.h> 24 25/* Increment API VERSION when changing tmc.h with new flags or ioctls 26 * or when changing a significant behavior of the driver. 27 */ 28#define USBTMC_API_VERSION (2) 29 30#define USBTMC_HEADER_SIZE 12 31#define USBTMC_MINOR_BASE 176 32 33/* Minimum USB timeout (in milliseconds) */ 34#define USBTMC_MIN_TIMEOUT 100 35/* Default USB timeout (in milliseconds) */ 36#define USBTMC_TIMEOUT 5000 37 38/* Max number of urbs used in write transfers */ 39#define MAX_URBS_IN_FLIGHT 16 40/* I/O buffer size used in generic read/write functions */ 41#define USBTMC_BUFSIZE (4096) 42 43/* 44 * Maximum number of read cycles to empty bulk in endpoint during CLEAR and 45 * ABORT_BULK_IN requests. Ends the loop if (for whatever reason) a short 46 * packet is never read. 47 */ 48#define USBTMC_MAX_READS_TO_CLEAR_BULK_IN 100 49 50static const struct usb_device_id usbtmc_devices[] = { 51 { USB_INTERFACE_INFO(USB_CLASS_APP_SPEC, 3, 0), }, 52 { USB_INTERFACE_INFO(USB_CLASS_APP_SPEC, 3, 1), }, 53 { 0, } /* terminating entry */ 54}; 55MODULE_DEVICE_TABLE(usb, usbtmc_devices); 56 57/* 58 * This structure is the capabilities for the device 59 * See section 4.2.1.8 of the USBTMC specification, 60 * and section 4.2.2 of the USBTMC usb488 subclass 61 * specification for details. 62 */ 63struct usbtmc_dev_capabilities { 64 __u8 interface_capabilities; 65 __u8 device_capabilities; 66 __u8 usb488_interface_capabilities; 67 __u8 usb488_device_capabilities; 68}; 69 70/* This structure holds private data for each USBTMC device. One copy is 71 * allocated for each USBTMC device in the driver's probe function. 72 */ 73struct usbtmc_device_data { 74 const struct usb_device_id *id; 75 struct usb_device *usb_dev; 76 struct usb_interface *intf; 77 struct list_head file_list; 78 79 unsigned int bulk_in; 80 unsigned int bulk_out; 81 82 u8 bTag; 83 u8 bTag_last_write; /* needed for abort */ 84 u8 bTag_last_read; /* needed for abort */ 85 86 /* packet size of IN bulk */ 87 u16 wMaxPacketSize; 88 89 /* data for interrupt in endpoint handling */ 90 u8 bNotify1; 91 u8 bNotify2; 92 u16 ifnum; 93 u8 iin_bTag; 94 u8 *iin_buffer; 95 atomic_t iin_data_valid; 96 unsigned int iin_ep; 97 int iin_ep_present; 98 int iin_interval; 99 struct urb *iin_urb; 100 u16 iin_wMaxPacketSize; 101 102 /* coalesced usb488_caps from usbtmc_dev_capabilities */ 103 __u8 usb488_caps; 104 105 bool zombie; /* fd of disconnected device */ 106 107 struct usbtmc_dev_capabilities capabilities; 108 struct kref kref; 109 struct mutex io_mutex; /* only one i/o function running at a time */ 110 wait_queue_head_t waitq; 111 struct fasync_struct *fasync; 112 spinlock_t dev_lock; /* lock for file_list */ 113}; 114#define to_usbtmc_data(d) container_of(d, struct usbtmc_device_data, kref) 115 116/* 117 * This structure holds private data for each USBTMC file handle. 118 */ 119struct usbtmc_file_data { 120 struct usbtmc_device_data *data; 121 struct list_head file_elem; 122 123 u32 timeout; 124 u8 srq_byte; 125 atomic_t srq_asserted; 126 atomic_t closing; 127 u8 bmTransferAttributes; /* member of DEV_DEP_MSG_IN */ 128 129 u8 eom_val; 130 u8 term_char; 131 bool term_char_enabled; 132 bool auto_abort; 133 134 spinlock_t err_lock; /* lock for errors */ 135 136 struct usb_anchor submitted; 137 138 /* data for generic_write */ 139 struct semaphore limit_write_sem; 140 u32 out_transfer_size; 141 int out_status; 142 143 /* data for generic_read */ 144 u32 in_transfer_size; 145 int in_status; 146 int in_urbs_used; 147 struct usb_anchor in_anchor; 148 wait_queue_head_t wait_bulk_in; 149}; 150 151/* Forward declarations */ 152static struct usb_driver usbtmc_driver; 153static void usbtmc_draw_down(struct usbtmc_file_data *file_data); 154 155static void usbtmc_delete(struct kref *kref) 156{ 157 struct usbtmc_device_data *data = to_usbtmc_data(kref); 158 159 usb_put_dev(data->usb_dev); 160 kfree(data); 161} 162 163static int usbtmc_open(struct inode *inode, struct file *filp) 164{ 165 struct usb_interface *intf; 166 struct usbtmc_device_data *data; 167 struct usbtmc_file_data *file_data; 168 169 intf = usb_find_interface(&usbtmc_driver, iminor(inode)); 170 if (!intf) { 171 pr_err("can not find device for minor %d", iminor(inode)); 172 return -ENODEV; 173 } 174 175 file_data = kzalloc(sizeof(*file_data), GFP_KERNEL); 176 if (!file_data) 177 return -ENOMEM; 178 179 spin_lock_init(&file_data->err_lock); 180 sema_init(&file_data->limit_write_sem, MAX_URBS_IN_FLIGHT); 181 init_usb_anchor(&file_data->submitted); 182 init_usb_anchor(&file_data->in_anchor); 183 init_waitqueue_head(&file_data->wait_bulk_in); 184 185 data = usb_get_intfdata(intf); 186 /* Protect reference to data from file structure until release */ 187 kref_get(&data->kref); 188 189 mutex_lock(&data->io_mutex); 190 file_data->data = data; 191 192 atomic_set(&file_data->closing, 0); 193 194 file_data->timeout = USBTMC_TIMEOUT; 195 file_data->term_char = '\n'; 196 file_data->term_char_enabled = 0; 197 file_data->auto_abort = 0; 198 file_data->eom_val = 1; 199 200 INIT_LIST_HEAD(&file_data->file_elem); 201 spin_lock_irq(&data->dev_lock); 202 list_add_tail(&file_data->file_elem, &data->file_list); 203 spin_unlock_irq(&data->dev_lock); 204 mutex_unlock(&data->io_mutex); 205 206 /* Store pointer in file structure's private data field */ 207 filp->private_data = file_data; 208 209 return 0; 210} 211 212/* 213 * usbtmc_flush - called before file handle is closed 214 */ 215static int usbtmc_flush(struct file *file, fl_owner_t id) 216{ 217 struct usbtmc_file_data *file_data; 218 struct usbtmc_device_data *data; 219 220 file_data = file->private_data; 221 if (file_data == NULL) 222 return -ENODEV; 223 224 atomic_set(&file_data->closing, 1); 225 data = file_data->data; 226 227 /* wait for io to stop */ 228 mutex_lock(&data->io_mutex); 229 230 usbtmc_draw_down(file_data); 231 232 spin_lock_irq(&file_data->err_lock); 233 file_data->in_status = 0; 234 file_data->in_transfer_size = 0; 235 file_data->in_urbs_used = 0; 236 file_data->out_status = 0; 237 file_data->out_transfer_size = 0; 238 spin_unlock_irq(&file_data->err_lock); 239 240 wake_up_interruptible_all(&data->waitq); 241 mutex_unlock(&data->io_mutex); 242 243 return 0; 244} 245 246static int usbtmc_release(struct inode *inode, struct file *file) 247{ 248 struct usbtmc_file_data *file_data = file->private_data; 249 250 /* prevent IO _AND_ usbtmc_interrupt */ 251 mutex_lock(&file_data->data->io_mutex); 252 spin_lock_irq(&file_data->data->dev_lock); 253 254 list_del(&file_data->file_elem); 255 256 spin_unlock_irq(&file_data->data->dev_lock); 257 mutex_unlock(&file_data->data->io_mutex); 258 259 kref_put(&file_data->data->kref, usbtmc_delete); 260 file_data->data = NULL; 261 kfree(file_data); 262 return 0; 263} 264 265static int usbtmc_ioctl_abort_bulk_in_tag(struct usbtmc_device_data *data, 266 u8 tag) 267{ 268 u8 *buffer; 269 struct device *dev; 270 int rv; 271 int n; 272 int actual; 273 274 dev = &data->intf->dev; 275 buffer = kmalloc(USBTMC_BUFSIZE, GFP_KERNEL); 276 if (!buffer) 277 return -ENOMEM; 278 279 rv = usb_control_msg(data->usb_dev, 280 usb_rcvctrlpipe(data->usb_dev, 0), 281 USBTMC_REQUEST_INITIATE_ABORT_BULK_IN, 282 USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_ENDPOINT, 283 tag, data->bulk_in, 284 buffer, 2, USB_CTRL_GET_TIMEOUT); 285 286 if (rv < 0) { 287 dev_err(dev, "usb_control_msg returned %d\n", rv); 288 goto exit; 289 } 290 291 dev_dbg(dev, "INITIATE_ABORT_BULK_IN returned %x with tag %02x\n", 292 buffer[0], buffer[1]); 293 294 if (buffer[0] == USBTMC_STATUS_FAILED) { 295 /* No transfer in progress and the Bulk-OUT FIFO is empty. */ 296 rv = 0; 297 goto exit; 298 } 299 300 if (buffer[0] == USBTMC_STATUS_TRANSFER_NOT_IN_PROGRESS) { 301 /* The device returns this status if either: 302 * - There is a transfer in progress, but the specified bTag 303 * does not match. 304 * - There is no transfer in progress, but the Bulk-OUT FIFO 305 * is not empty. 306 */ 307 rv = -ENOMSG; 308 goto exit; 309 } 310 311 if (buffer[0] != USBTMC_STATUS_SUCCESS) { 312 dev_err(dev, "INITIATE_ABORT_BULK_IN returned %x\n", 313 buffer[0]); 314 rv = -EPERM; 315 goto exit; 316 } 317 318 n = 0; 319 320usbtmc_abort_bulk_in_status: 321 dev_dbg(dev, "Reading from bulk in EP\n"); 322 323 /* Data must be present. So use low timeout 300 ms */ 324 actual = 0; 325 rv = usb_bulk_msg(data->usb_dev, 326 usb_rcvbulkpipe(data->usb_dev, 327 data->bulk_in), 328 buffer, USBTMC_BUFSIZE, 329 &actual, 300); 330 331 print_hex_dump_debug("usbtmc ", DUMP_PREFIX_NONE, 16, 1, 332 buffer, actual, true); 333 334 n++; 335 336 if (rv < 0) { 337 dev_err(dev, "usb_bulk_msg returned %d\n", rv); 338 if (rv != -ETIMEDOUT) 339 goto exit; 340 } 341 342 if (actual == USBTMC_BUFSIZE) 343 goto usbtmc_abort_bulk_in_status; 344 345 if (n >= USBTMC_MAX_READS_TO_CLEAR_BULK_IN) { 346 dev_err(dev, "Couldn't clear device buffer within %d cycles\n", 347 USBTMC_MAX_READS_TO_CLEAR_BULK_IN); 348 rv = -EPERM; 349 goto exit; 350 } 351 352 rv = usb_control_msg(data->usb_dev, 353 usb_rcvctrlpipe(data->usb_dev, 0), 354 USBTMC_REQUEST_CHECK_ABORT_BULK_IN_STATUS, 355 USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_ENDPOINT, 356 0, data->bulk_in, buffer, 0x08, 357 USB_CTRL_GET_TIMEOUT); 358 359 if (rv < 0) { 360 dev_err(dev, "usb_control_msg returned %d\n", rv); 361 goto exit; 362 } 363 364 dev_dbg(dev, "CHECK_ABORT_BULK_IN returned %x\n", buffer[0]); 365 366 if (buffer[0] == USBTMC_STATUS_SUCCESS) { 367 rv = 0; 368 goto exit; 369 } 370 371 if (buffer[0] != USBTMC_STATUS_PENDING) { 372 dev_err(dev, "CHECK_ABORT_BULK_IN returned %x\n", buffer[0]); 373 rv = -EPERM; 374 goto exit; 375 } 376 377 if ((buffer[1] & 1) > 0) { 378 /* The device has 1 or more queued packets the Host can read */ 379 goto usbtmc_abort_bulk_in_status; 380 } 381 382 /* The Host must send CHECK_ABORT_BULK_IN_STATUS at a later time. */ 383 rv = -EAGAIN; 384exit: 385 kfree(buffer); 386 return rv; 387} 388 389static int usbtmc_ioctl_abort_bulk_in(struct usbtmc_device_data *data) 390{ 391 return usbtmc_ioctl_abort_bulk_in_tag(data, data->bTag_last_read); 392} 393 394static int usbtmc_ioctl_abort_bulk_out_tag(struct usbtmc_device_data *data, 395 u8 tag) 396{ 397 struct device *dev; 398 u8 *buffer; 399 int rv; 400 int n; 401 402 dev = &data->intf->dev; 403 404 buffer = kmalloc(8, GFP_KERNEL); 405 if (!buffer) 406 return -ENOMEM; 407 408 rv = usb_control_msg(data->usb_dev, 409 usb_rcvctrlpipe(data->usb_dev, 0), 410 USBTMC_REQUEST_INITIATE_ABORT_BULK_OUT, 411 USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_ENDPOINT, 412 tag, data->bulk_out, 413 buffer, 2, USB_CTRL_GET_TIMEOUT); 414 415 if (rv < 0) { 416 dev_err(dev, "usb_control_msg returned %d\n", rv); 417 goto exit; 418 } 419 420 dev_dbg(dev, "INITIATE_ABORT_BULK_OUT returned %x\n", buffer[0]); 421 422 if (buffer[0] != USBTMC_STATUS_SUCCESS) { 423 dev_err(dev, "INITIATE_ABORT_BULK_OUT returned %x\n", 424 buffer[0]); 425 rv = -EPERM; 426 goto exit; 427 } 428 429 n = 0; 430 431usbtmc_abort_bulk_out_check_status: 432 /* do not stress device with subsequent requests */ 433 msleep(50); 434 rv = usb_control_msg(data->usb_dev, 435 usb_rcvctrlpipe(data->usb_dev, 0), 436 USBTMC_REQUEST_CHECK_ABORT_BULK_OUT_STATUS, 437 USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_ENDPOINT, 438 0, data->bulk_out, buffer, 0x08, 439 USB_CTRL_GET_TIMEOUT); 440 n++; 441 if (rv < 0) { 442 dev_err(dev, "usb_control_msg returned %d\n", rv); 443 goto exit; 444 } 445 446 dev_dbg(dev, "CHECK_ABORT_BULK_OUT returned %x\n", buffer[0]); 447 448 if (buffer[0] == USBTMC_STATUS_SUCCESS) 449 goto usbtmc_abort_bulk_out_clear_halt; 450 451 if ((buffer[0] == USBTMC_STATUS_PENDING) && 452 (n < USBTMC_MAX_READS_TO_CLEAR_BULK_IN)) 453 goto usbtmc_abort_bulk_out_check_status; 454 455 rv = -EPERM; 456 goto exit; 457 458usbtmc_abort_bulk_out_clear_halt: 459 rv = usb_clear_halt(data->usb_dev, 460 usb_sndbulkpipe(data->usb_dev, data->bulk_out)); 461 462 if (rv < 0) { 463 dev_err(dev, "usb_control_msg returned %d\n", rv); 464 goto exit; 465 } 466 rv = 0; 467 468exit: 469 kfree(buffer); 470 return rv; 471} 472 473static int usbtmc_ioctl_abort_bulk_out(struct usbtmc_device_data *data) 474{ 475 return usbtmc_ioctl_abort_bulk_out_tag(data, data->bTag_last_write); 476} 477 478static int usbtmc488_ioctl_read_stb(struct usbtmc_file_data *file_data, 479 void __user *arg) 480{ 481 struct usbtmc_device_data *data = file_data->data; 482 struct device *dev = &data->intf->dev; 483 int srq_asserted = 0; 484 u8 *buffer; 485 u8 tag; 486 __u8 stb; 487 int rv; 488 489 dev_dbg(dev, "Enter ioctl_read_stb iin_ep_present: %d\n", 490 data->iin_ep_present); 491 492 spin_lock_irq(&data->dev_lock); 493 srq_asserted = atomic_xchg(&file_data->srq_asserted, srq_asserted); 494 if (srq_asserted) { 495 /* a STB with SRQ is already received */ 496 stb = file_data->srq_byte; 497 spin_unlock_irq(&data->dev_lock); 498 rv = put_user(stb, (__u8 __user *)arg); 499 dev_dbg(dev, "stb:0x%02x with srq received %d\n", 500 (unsigned int)stb, rv); 501 return rv; 502 } 503 spin_unlock_irq(&data->dev_lock); 504 505 buffer = kmalloc(8, GFP_KERNEL); 506 if (!buffer) 507 return -ENOMEM; 508 509 atomic_set(&data->iin_data_valid, 0); 510 511 rv = usb_control_msg(data->usb_dev, 512 usb_rcvctrlpipe(data->usb_dev, 0), 513 USBTMC488_REQUEST_READ_STATUS_BYTE, 514 USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_INTERFACE, 515 data->iin_bTag, 516 data->ifnum, 517 buffer, 0x03, USB_CTRL_GET_TIMEOUT); 518 if (rv < 0) { 519 dev_err(dev, "stb usb_control_msg returned %d\n", rv); 520 goto exit; 521 } 522 523 if (buffer[0] != USBTMC_STATUS_SUCCESS) { 524 dev_err(dev, "control status returned %x\n", buffer[0]); 525 rv = -EIO; 526 goto exit; 527 } 528 529 if (data->iin_ep_present) { 530 rv = wait_event_interruptible_timeout( 531 data->waitq, 532 atomic_read(&data->iin_data_valid) != 0, 533 file_data->timeout); 534 if (rv < 0) { 535 dev_dbg(dev, "wait interrupted %d\n", rv); 536 goto exit; 537 } 538 539 if (rv == 0) { 540 dev_dbg(dev, "wait timed out\n"); 541 rv = -ETIMEDOUT; 542 goto exit; 543 } 544 545 tag = data->bNotify1 & 0x7f; 546 if (tag != data->iin_bTag) { 547 dev_err(dev, "expected bTag %x got %x\n", 548 data->iin_bTag, tag); 549 } 550 551 stb = data->bNotify2; 552 } else { 553 stb = buffer[2]; 554 } 555 556 rv = put_user(stb, (__u8 __user *)arg); 557 dev_dbg(dev, "stb:0x%02x received %d\n", (unsigned int)stb, rv); 558 559 exit: 560 /* bump interrupt bTag */ 561 data->iin_bTag += 1; 562 if (data->iin_bTag > 127) 563 /* 1 is for SRQ see USBTMC-USB488 subclass spec section 4.3.1 */ 564 data->iin_bTag = 2; 565 566 kfree(buffer); 567 return rv; 568} 569 570static int usbtmc488_ioctl_wait_srq(struct usbtmc_file_data *file_data, 571 __u32 __user *arg) 572{ 573 struct usbtmc_device_data *data = file_data->data; 574 struct device *dev = &data->intf->dev; 575 int rv; 576 u32 timeout; 577 unsigned long expire; 578 579 if (!data->iin_ep_present) { 580 dev_dbg(dev, "no interrupt endpoint present\n"); 581 return -EFAULT; 582 } 583 584 if (get_user(timeout, arg)) 585 return -EFAULT; 586 587 expire = msecs_to_jiffies(timeout); 588 589 mutex_unlock(&data->io_mutex); 590 591 rv = wait_event_interruptible_timeout( 592 data->waitq, 593 atomic_read(&file_data->srq_asserted) != 0 || 594 atomic_read(&file_data->closing), 595 expire); 596 597 mutex_lock(&data->io_mutex); 598 599 /* Note! disconnect or close could be called in the meantime */ 600 if (atomic_read(&file_data->closing) || data->zombie) 601 rv = -ENODEV; 602 603 if (rv < 0) { 604 /* dev can be invalid now! */ 605 pr_debug("%s - wait interrupted %d\n", __func__, rv); 606 return rv; 607 } 608 609 if (rv == 0) { 610 dev_dbg(dev, "%s - wait timed out\n", __func__); 611 return -ETIMEDOUT; 612 } 613 614 dev_dbg(dev, "%s - srq asserted\n", __func__); 615 return 0; 616} 617 618static int usbtmc488_ioctl_simple(struct usbtmc_device_data *data, 619 void __user *arg, unsigned int cmd) 620{ 621 struct device *dev = &data->intf->dev; 622 __u8 val; 623 u8 *buffer; 624 u16 wValue; 625 int rv; 626 627 if (!(data->usb488_caps & USBTMC488_CAPABILITY_SIMPLE)) 628 return -EINVAL; 629 630 buffer = kmalloc(8, GFP_KERNEL); 631 if (!buffer) 632 return -ENOMEM; 633 634 if (cmd == USBTMC488_REQUEST_REN_CONTROL) { 635 rv = copy_from_user(&val, arg, sizeof(val)); 636 if (rv) { 637 rv = -EFAULT; 638 goto exit; 639 } 640 wValue = val ? 1 : 0; 641 } else { 642 wValue = 0; 643 } 644 645 rv = usb_control_msg(data->usb_dev, 646 usb_rcvctrlpipe(data->usb_dev, 0), 647 cmd, 648 USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_INTERFACE, 649 wValue, 650 data->ifnum, 651 buffer, 0x01, USB_CTRL_GET_TIMEOUT); 652 if (rv < 0) { 653 dev_err(dev, "simple usb_control_msg failed %d\n", rv); 654 goto exit; 655 } else if (rv != 1) { 656 dev_warn(dev, "simple usb_control_msg returned %d\n", rv); 657 rv = -EIO; 658 goto exit; 659 } 660 661 if (buffer[0] != USBTMC_STATUS_SUCCESS) { 662 dev_err(dev, "simple control status returned %x\n", buffer[0]); 663 rv = -EIO; 664 goto exit; 665 } 666 rv = 0; 667 668 exit: 669 kfree(buffer); 670 return rv; 671} 672 673/* 674 * Sends a TRIGGER Bulk-OUT command message 675 * See the USBTMC-USB488 specification, Table 2. 676 * 677 * Also updates bTag_last_write. 678 */ 679static int usbtmc488_ioctl_trigger(struct usbtmc_file_data *file_data) 680{ 681 struct usbtmc_device_data *data = file_data->data; 682 int retval; 683 u8 *buffer; 684 int actual; 685 686 buffer = kzalloc(USBTMC_HEADER_SIZE, GFP_KERNEL); 687 if (!buffer) 688 return -ENOMEM; 689 690 buffer[0] = 128; 691 buffer[1] = data->bTag; 692 buffer[2] = ~data->bTag; 693 694 retval = usb_bulk_msg(data->usb_dev, 695 usb_sndbulkpipe(data->usb_dev, 696 data->bulk_out), 697 buffer, USBTMC_HEADER_SIZE, 698 &actual, file_data->timeout); 699 700 /* Store bTag (in case we need to abort) */ 701 data->bTag_last_write = data->bTag; 702 703 /* Increment bTag -- and increment again if zero */ 704 data->bTag++; 705 if (!data->bTag) 706 data->bTag++; 707 708 kfree(buffer); 709 if (retval < 0) { 710 dev_err(&data->intf->dev, "%s returned %d\n", 711 __func__, retval); 712 return retval; 713 } 714 715 return 0; 716} 717 718static struct urb *usbtmc_create_urb(void) 719{ 720 const size_t bufsize = USBTMC_BUFSIZE; 721 u8 *dmabuf = NULL; 722 struct urb *urb = usb_alloc_urb(0, GFP_KERNEL); 723 724 if (!urb) 725 return NULL; 726 727 dmabuf = kmalloc(bufsize, GFP_KERNEL); 728 if (!dmabuf) { 729 usb_free_urb(urb); 730 return NULL; 731 } 732 733 urb->transfer_buffer = dmabuf; 734 urb->transfer_buffer_length = bufsize; 735 urb->transfer_flags |= URB_FREE_BUFFER; 736 return urb; 737} 738 739static void usbtmc_read_bulk_cb(struct urb *urb) 740{ 741 struct usbtmc_file_data *file_data = urb->context; 742 int status = urb->status; 743 unsigned long flags; 744 745 /* sync/async unlink faults aren't errors */ 746 if (status) { 747 if (!(/* status == -ENOENT || */ 748 status == -ECONNRESET || 749 status == -EREMOTEIO || /* Short packet */ 750 status == -ESHUTDOWN)) 751 dev_err(&file_data->data->intf->dev, 752 "%s - nonzero read bulk status received: %d\n", 753 __func__, status); 754 755 spin_lock_irqsave(&file_data->err_lock, flags); 756 if (!file_data->in_status) 757 file_data->in_status = status; 758 spin_unlock_irqrestore(&file_data->err_lock, flags); 759 } 760 761 spin_lock_irqsave(&file_data->err_lock, flags); 762 file_data->in_transfer_size += urb->actual_length; 763 dev_dbg(&file_data->data->intf->dev, 764 "%s - total size: %u current: %d status: %d\n", 765 __func__, file_data->in_transfer_size, 766 urb->actual_length, status); 767 spin_unlock_irqrestore(&file_data->err_lock, flags); 768 usb_anchor_urb(urb, &file_data->in_anchor); 769 770 wake_up_interruptible(&file_data->wait_bulk_in); 771 wake_up_interruptible(&file_data->data->waitq); 772} 773 774static inline bool usbtmc_do_transfer(struct usbtmc_file_data *file_data) 775{ 776 bool data_or_error; 777 778 spin_lock_irq(&file_data->err_lock); 779 data_or_error = !usb_anchor_empty(&file_data->in_anchor) 780 || file_data->in_status; 781 spin_unlock_irq(&file_data->err_lock); 782 dev_dbg(&file_data->data->intf->dev, "%s: returns %d\n", __func__, 783 data_or_error); 784 return data_or_error; 785} 786 787static ssize_t usbtmc_generic_read(struct usbtmc_file_data *file_data, 788 void __user *user_buffer, 789 u32 transfer_size, 790 u32 *transferred, 791 u32 flags) 792{ 793 struct usbtmc_device_data *data = file_data->data; 794 struct device *dev = &data->intf->dev; 795 u32 done = 0; 796 u32 remaining; 797 const u32 bufsize = USBTMC_BUFSIZE; 798 int retval = 0; 799 u32 max_transfer_size; 800 unsigned long expire; 801 int bufcount = 1; 802 int again = 0; 803 804 /* mutex already locked */ 805 806 *transferred = done; 807 808 max_transfer_size = transfer_size; 809 810 if (flags & USBTMC_FLAG_IGNORE_TRAILER) { 811 /* The device may send extra alignment bytes (up to 812 * wMaxPacketSize – 1) to avoid sending a zero-length 813 * packet 814 */ 815 remaining = transfer_size; 816 if ((max_transfer_size % data->wMaxPacketSize) == 0) 817 max_transfer_size += (data->wMaxPacketSize - 1); 818 } else { 819 /* round down to bufsize to avoid truncated data left */ 820 if (max_transfer_size > bufsize) { 821 max_transfer_size = 822 roundup(max_transfer_size + 1 - bufsize, 823 bufsize); 824 } 825 remaining = max_transfer_size; 826 } 827 828 spin_lock_irq(&file_data->err_lock); 829 830 if (file_data->in_status) { 831 /* return the very first error */ 832 retval = file_data->in_status; 833 spin_unlock_irq(&file_data->err_lock); 834 goto error; 835 } 836 837 if (flags & USBTMC_FLAG_ASYNC) { 838 if (usb_anchor_empty(&file_data->in_anchor)) 839 again = 1; 840 841 if (file_data->in_urbs_used == 0) { 842 file_data->in_transfer_size = 0; 843 file_data->in_status = 0; 844 } 845 } else { 846 file_data->in_transfer_size = 0; 847 file_data->in_status = 0; 848 } 849 850 if (max_transfer_size == 0) { 851 bufcount = 0; 852 } else { 853 bufcount = roundup(max_transfer_size, bufsize) / bufsize; 854 if (bufcount > file_data->in_urbs_used) 855 bufcount -= file_data->in_urbs_used; 856 else 857 bufcount = 0; 858 859 if (bufcount + file_data->in_urbs_used > MAX_URBS_IN_FLIGHT) { 860 bufcount = MAX_URBS_IN_FLIGHT - 861 file_data->in_urbs_used; 862 } 863 } 864 spin_unlock_irq(&file_data->err_lock); 865 866 dev_dbg(dev, "%s: requested=%u flags=0x%X size=%u bufs=%d used=%d\n", 867 __func__, transfer_size, flags, 868 max_transfer_size, bufcount, file_data->in_urbs_used); 869 870 while (bufcount > 0) { 871 u8 *dmabuf = NULL; 872 struct urb *urb = usbtmc_create_urb(); 873 874 if (!urb) { 875 retval = -ENOMEM; 876 goto error; 877 } 878 879 dmabuf = urb->transfer_buffer; 880 881 usb_fill_bulk_urb(urb, data->usb_dev, 882 usb_rcvbulkpipe(data->usb_dev, data->bulk_in), 883 dmabuf, bufsize, 884 usbtmc_read_bulk_cb, file_data); 885 886 usb_anchor_urb(urb, &file_data->submitted); 887 retval = usb_submit_urb(urb, GFP_KERNEL); 888 /* urb is anchored. We can release our reference. */ 889 usb_free_urb(urb); 890 if (unlikely(retval)) { 891 usb_unanchor_urb(urb); 892 goto error; 893 } 894 file_data->in_urbs_used++; 895 bufcount--; 896 } 897 898 if (again) { 899 dev_dbg(dev, "%s: ret=again\n", __func__); 900 return -EAGAIN; 901 } 902 903 if (user_buffer == NULL) 904 return -EINVAL; 905 906 expire = msecs_to_jiffies(file_data->timeout); 907 908 while (max_transfer_size > 0) { 909 u32 this_part; 910 struct urb *urb = NULL; 911 912 if (!(flags & USBTMC_FLAG_ASYNC)) { 913 dev_dbg(dev, "%s: before wait time %lu\n", 914 __func__, expire); 915 retval = wait_event_interruptible_timeout( 916 file_data->wait_bulk_in, 917 usbtmc_do_transfer(file_data), 918 expire); 919 920 dev_dbg(dev, "%s: wait returned %d\n", 921 __func__, retval); 922 923 if (retval <= 0) { 924 if (retval == 0) 925 retval = -ETIMEDOUT; 926 goto error; 927 } 928 } 929 930 urb = usb_get_from_anchor(&file_data->in_anchor); 931 if (!urb) { 932 if (!(flags & USBTMC_FLAG_ASYNC)) { 933 /* synchronous case: must not happen */ 934 retval = -EFAULT; 935 goto error; 936 } 937 938 /* asynchronous case: ready, do not block or wait */ 939 *transferred = done; 940 dev_dbg(dev, "%s: (async) done=%u ret=0\n", 941 __func__, done); 942 return 0; 943 } 944 945 file_data->in_urbs_used--; 946 947 if (max_transfer_size > urb->actual_length) 948 max_transfer_size -= urb->actual_length; 949 else 950 max_transfer_size = 0; 951 952 if (remaining > urb->actual_length) 953 this_part = urb->actual_length; 954 else 955 this_part = remaining; 956 957 print_hex_dump_debug("usbtmc ", DUMP_PREFIX_NONE, 16, 1, 958 urb->transfer_buffer, urb->actual_length, true); 959 960 if (copy_to_user(user_buffer + done, 961 urb->transfer_buffer, this_part)) { 962 usb_free_urb(urb); 963 retval = -EFAULT; 964 goto error; 965 } 966 967 remaining -= this_part; 968 done += this_part; 969 970 spin_lock_irq(&file_data->err_lock); 971 if (urb->status) { 972 /* return the very first error */ 973 retval = file_data->in_status; 974 spin_unlock_irq(&file_data->err_lock); 975 usb_free_urb(urb); 976 goto error; 977 } 978 spin_unlock_irq(&file_data->err_lock); 979 980 if (urb->actual_length < bufsize) { 981 /* short packet or ZLP received => ready */ 982 usb_free_urb(urb); 983 retval = 1; 984 break; 985 } 986 987 if (!(flags & USBTMC_FLAG_ASYNC) && 988 max_transfer_size > (bufsize * file_data->in_urbs_used)) { 989 /* resubmit, since other buffers still not enough */ 990 usb_anchor_urb(urb, &file_data->submitted); 991 retval = usb_submit_urb(urb, GFP_KERNEL); 992 if (unlikely(retval)) { 993 usb_unanchor_urb(urb); 994 usb_free_urb(urb); 995 goto error; 996 } 997 file_data->in_urbs_used++; 998 } 999 usb_free_urb(urb); 1000 retval = 0; 1001 } 1002 1003error: 1004 *transferred = done; 1005 1006 dev_dbg(dev, "%s: before kill\n", __func__); 1007 /* Attention: killing urbs can take long time (2 ms) */ 1008 usb_kill_anchored_urbs(&file_data->submitted); 1009 dev_dbg(dev, "%s: after kill\n", __func__); 1010 usb_scuttle_anchored_urbs(&file_data->in_anchor); 1011 file_data->in_urbs_used = 0; 1012 file_data->in_status = 0; /* no spinlock needed here */ 1013 dev_dbg(dev, "%s: done=%u ret=%d\n", __func__, done, retval); 1014 1015 return retval; 1016} 1017 1018static ssize_t usbtmc_ioctl_generic_read(struct usbtmc_file_data *file_data, 1019 void __user *arg) 1020{ 1021 struct usbtmc_message msg; 1022 ssize_t retval = 0; 1023 1024 /* mutex already locked */ 1025 1026 if (copy_from_user(&msg, arg, sizeof(struct usbtmc_message))) 1027 return -EFAULT; 1028 1029 retval = usbtmc_generic_read(file_data, msg.message, 1030 msg.transfer_size, &msg.transferred, 1031 msg.flags); 1032 1033 if (put_user(msg.transferred, 1034 &((struct usbtmc_message __user *)arg)->transferred)) 1035 return -EFAULT; 1036 1037 return retval; 1038} 1039 1040static void usbtmc_write_bulk_cb(struct urb *urb) 1041{ 1042 struct usbtmc_file_data *file_data = urb->context; 1043 int wakeup = 0; 1044 unsigned long flags; 1045 1046 spin_lock_irqsave(&file_data->err_lock, flags); 1047 file_data->out_transfer_size += urb->actual_length; 1048 1049 /* sync/async unlink faults aren't errors */ 1050 if (urb->status) { 1051 if (!(urb->status == -ENOENT || 1052 urb->status == -ECONNRESET || 1053 urb->status == -ESHUTDOWN)) 1054 dev_err(&file_data->data->intf->dev, 1055 "%s - nonzero write bulk status received: %d\n", 1056 __func__, urb->status); 1057 1058 if (!file_data->out_status) { 1059 file_data->out_status = urb->status; 1060 wakeup = 1; 1061 } 1062 } 1063 spin_unlock_irqrestore(&file_data->err_lock, flags); 1064 1065 dev_dbg(&file_data->data->intf->dev, 1066 "%s - write bulk total size: %u\n", 1067 __func__, file_data->out_transfer_size); 1068 1069 up(&file_data->limit_write_sem); 1070 if (usb_anchor_empty(&file_data->submitted) || wakeup) 1071 wake_up_interruptible(&file_data->data->waitq); 1072} 1073 1074static ssize_t usbtmc_generic_write(struct usbtmc_file_data *file_data, 1075 const void __user *user_buffer, 1076 u32 transfer_size, 1077 u32 *transferred, 1078 u32 flags) 1079{ 1080 struct usbtmc_device_data *data = file_data->data; 1081 struct device *dev; 1082 u32 done = 0; 1083 u32 remaining; 1084 unsigned long expire; 1085 const u32 bufsize = USBTMC_BUFSIZE; 1086 struct urb *urb = NULL; 1087 int retval = 0; 1088 u32 timeout; 1089 1090 *transferred = 0; 1091 1092 /* Get pointer to private data structure */ 1093 dev = &data->intf->dev; 1094 1095 dev_dbg(dev, "%s: size=%u flags=0x%X sema=%u\n", 1096 __func__, transfer_size, flags, 1097 file_data->limit_write_sem.count); 1098 1099 if (flags & USBTMC_FLAG_APPEND) { 1100 spin_lock_irq(&file_data->err_lock); 1101 retval = file_data->out_status; 1102 spin_unlock_irq(&file_data->err_lock); 1103 if (retval < 0) 1104 return retval; 1105 } else { 1106 spin_lock_irq(&file_data->err_lock); 1107 file_data->out_transfer_size = 0; 1108 file_data->out_status = 0; 1109 spin_unlock_irq(&file_data->err_lock); 1110 } 1111 1112 remaining = transfer_size; 1113 if (remaining > INT_MAX) 1114 remaining = INT_MAX; 1115 1116 timeout = file_data->timeout; 1117 expire = msecs_to_jiffies(timeout); 1118 1119 while (remaining > 0) { 1120 u32 this_part, aligned; 1121 u8 *buffer = NULL; 1122 1123 if (flags & USBTMC_FLAG_ASYNC) { 1124 if (down_trylock(&file_data->limit_write_sem)) { 1125 retval = (done)?(0):(-EAGAIN); 1126 goto exit; 1127 } 1128 } else { 1129 retval = down_timeout(&file_data->limit_write_sem, 1130 expire); 1131 if (retval < 0) { 1132 retval = -ETIMEDOUT; 1133 goto error; 1134 } 1135 } 1136 1137 spin_lock_irq(&file_data->err_lock); 1138 retval = file_data->out_status; 1139 spin_unlock_irq(&file_data->err_lock); 1140 if (retval < 0) { 1141 up(&file_data->limit_write_sem); 1142 goto error; 1143 } 1144 1145 /* prepare next urb to send */ 1146 urb = usbtmc_create_urb(); 1147 if (!urb) { 1148 retval = -ENOMEM; 1149 up(&file_data->limit_write_sem); 1150 goto error; 1151 } 1152 buffer = urb->transfer_buffer; 1153 1154 if (remaining > bufsize) 1155 this_part = bufsize; 1156 else 1157 this_part = remaining; 1158 1159 if (copy_from_user(buffer, user_buffer + done, this_part)) { 1160 retval = -EFAULT; 1161 up(&file_data->limit_write_sem); 1162 goto error; 1163 } 1164 1165 print_hex_dump_debug("usbtmc ", DUMP_PREFIX_NONE, 1166 16, 1, buffer, this_part, true); 1167 1168 /* fill bulk with 32 bit alignment to meet USBTMC specification 1169 * (size + 3 & ~3) rounds up and simplifies user code 1170 */ 1171 aligned = (this_part + 3) & ~3; 1172 dev_dbg(dev, "write(size:%u align:%u done:%u)\n", 1173 (unsigned int)this_part, 1174 (unsigned int)aligned, 1175 (unsigned int)done); 1176 1177 usb_fill_bulk_urb(urb, data->usb_dev, 1178 usb_sndbulkpipe(data->usb_dev, data->bulk_out), 1179 urb->transfer_buffer, aligned, 1180 usbtmc_write_bulk_cb, file_data); 1181 1182 usb_anchor_urb(urb, &file_data->submitted); 1183 retval = usb_submit_urb(urb, GFP_KERNEL); 1184 if (unlikely(retval)) { 1185 usb_unanchor_urb(urb); 1186 up(&file_data->limit_write_sem); 1187 goto error; 1188 } 1189 1190 usb_free_urb(urb); 1191 urb = NULL; /* urb will be finally released by usb driver */ 1192 1193 remaining -= this_part; 1194 done += this_part; 1195 } 1196 1197 /* All urbs are on the fly */ 1198 if (!(flags & USBTMC_FLAG_ASYNC)) { 1199 if (!usb_wait_anchor_empty_timeout(&file_data->submitted, 1200 timeout)) { 1201 retval = -ETIMEDOUT; 1202 goto error; 1203 } 1204 } 1205 1206 retval = 0; 1207 goto exit; 1208 1209error: 1210 usb_kill_anchored_urbs(&file_data->submitted); 1211exit: 1212 usb_free_urb(urb); 1213 1214 spin_lock_irq(&file_data->err_lock); 1215 if (!(flags & USBTMC_FLAG_ASYNC)) 1216 done = file_data->out_transfer_size; 1217 if (!retval && file_data->out_status) 1218 retval = file_data->out_status; 1219 spin_unlock_irq(&file_data->err_lock); 1220 1221 *transferred = done; 1222 1223 dev_dbg(dev, "%s: done=%u, retval=%d, urbstat=%d\n", 1224 __func__, done, retval, file_data->out_status); 1225 1226 return retval; 1227} 1228 1229static ssize_t usbtmc_ioctl_generic_write(struct usbtmc_file_data *file_data, 1230 void __user *arg) 1231{ 1232 struct usbtmc_message msg; 1233 ssize_t retval = 0; 1234 1235 /* mutex already locked */ 1236 1237 if (copy_from_user(&msg, arg, sizeof(struct usbtmc_message))) 1238 return -EFAULT; 1239 1240 retval = usbtmc_generic_write(file_data, msg.message, 1241 msg.transfer_size, &msg.transferred, 1242 msg.flags); 1243 1244 if (put_user(msg.transferred, 1245 &((struct usbtmc_message __user *)arg)->transferred)) 1246 return -EFAULT; 1247 1248 return retval; 1249} 1250 1251/* 1252 * Get the generic write result 1253 */ 1254static ssize_t usbtmc_ioctl_write_result(struct usbtmc_file_data *file_data, 1255 void __user *arg) 1256{ 1257 u32 transferred; 1258 int retval; 1259 1260 spin_lock_irq(&file_data->err_lock); 1261 transferred = file_data->out_transfer_size; 1262 retval = file_data->out_status; 1263 spin_unlock_irq(&file_data->err_lock); 1264 1265 if (put_user(transferred, (__u32 __user *)arg)) 1266 return -EFAULT; 1267 1268 return retval; 1269} 1270 1271/* 1272 * Sends a REQUEST_DEV_DEP_MSG_IN message on the Bulk-OUT endpoint. 1273 * @transfer_size: number of bytes to request from the device. 1274 * 1275 * See the USBTMC specification, Table 4. 1276 * 1277 * Also updates bTag_last_write. 1278 */ 1279static int send_request_dev_dep_msg_in(struct usbtmc_file_data *file_data, 1280 u32 transfer_size) 1281{ 1282 struct usbtmc_device_data *data = file_data->data; 1283 int retval; 1284 u8 *buffer; 1285 int actual; 1286 1287 buffer = kmalloc(USBTMC_HEADER_SIZE, GFP_KERNEL); 1288 if (!buffer) 1289 return -ENOMEM; 1290 /* Setup IO buffer for REQUEST_DEV_DEP_MSG_IN message 1291 * Refer to class specs for details 1292 */ 1293 buffer[0] = 2; 1294 buffer[1] = data->bTag; 1295 buffer[2] = ~data->bTag; 1296 buffer[3] = 0; /* Reserved */ 1297 buffer[4] = transfer_size >> 0; 1298 buffer[5] = transfer_size >> 8; 1299 buffer[6] = transfer_size >> 16; 1300 buffer[7] = transfer_size >> 24; 1301 buffer[8] = file_data->term_char_enabled * 2; 1302 /* Use term character? */ 1303 buffer[9] = file_data->term_char; 1304 buffer[10] = 0; /* Reserved */ 1305 buffer[11] = 0; /* Reserved */ 1306 1307 /* Send bulk URB */ 1308 retval = usb_bulk_msg(data->usb_dev, 1309 usb_sndbulkpipe(data->usb_dev, 1310 data->bulk_out), 1311 buffer, USBTMC_HEADER_SIZE, 1312 &actual, file_data->timeout); 1313 1314 /* Store bTag (in case we need to abort) */ 1315 data->bTag_last_write = data->bTag; 1316 1317 /* Increment bTag -- and increment again if zero */ 1318 data->bTag++; 1319 if (!data->bTag) 1320 data->bTag++; 1321 1322 kfree(buffer); 1323 if (retval < 0) 1324 dev_err(&data->intf->dev, "%s returned %d\n", 1325 __func__, retval); 1326 1327 return retval; 1328} 1329 1330static ssize_t usbtmc_read(struct file *filp, char __user *buf, 1331 size_t count, loff_t *f_pos) 1332{ 1333 struct usbtmc_file_data *file_data; 1334 struct usbtmc_device_data *data; 1335 struct device *dev; 1336 const u32 bufsize = USBTMC_BUFSIZE; 1337 u32 n_characters; 1338 u8 *buffer; 1339 int actual; 1340 u32 done = 0; 1341 u32 remaining; 1342 int retval; 1343 1344 /* Get pointer to private data structure */ 1345 file_data = filp->private_data; 1346 data = file_data->data; 1347 dev = &data->intf->dev; 1348 1349 buffer = kmalloc(bufsize, GFP_KERNEL); 1350 if (!buffer) 1351 return -ENOMEM; 1352 1353 mutex_lock(&data->io_mutex); 1354 if (data->zombie) { 1355 retval = -ENODEV; 1356 goto exit; 1357 } 1358 1359 if (count > INT_MAX) 1360 count = INT_MAX; 1361 1362 dev_dbg(dev, "%s(count:%zu)\n", __func__, count); 1363 1364 retval = send_request_dev_dep_msg_in(file_data, count); 1365 1366 if (retval < 0) { 1367 if (file_data->auto_abort) 1368 usbtmc_ioctl_abort_bulk_out(data); 1369 goto exit; 1370 } 1371 1372 /* Loop until we have fetched everything we requested */ 1373 remaining = count; 1374 actual = 0; 1375 1376 /* Send bulk URB */ 1377 retval = usb_bulk_msg(data->usb_dev, 1378 usb_rcvbulkpipe(data->usb_dev, 1379 data->bulk_in), 1380 buffer, bufsize, &actual, 1381 file_data->timeout); 1382 1383 dev_dbg(dev, "%s: bulk_msg retval(%u), actual(%d)\n", 1384 __func__, retval, actual); 1385 1386 /* Store bTag (in case we need to abort) */ 1387 data->bTag_last_read = data->bTag; 1388 1389 if (retval < 0) { 1390 if (file_data->auto_abort) 1391 usbtmc_ioctl_abort_bulk_in(data); 1392 goto exit; 1393 } 1394 1395 /* Sanity checks for the header */ 1396 if (actual < USBTMC_HEADER_SIZE) { 1397 dev_err(dev, "Device sent too small first packet: %u < %u\n", 1398 actual, USBTMC_HEADER_SIZE); 1399 if (file_data->auto_abort) 1400 usbtmc_ioctl_abort_bulk_in(data); 1401 goto exit; 1402 } 1403 1404 if (buffer[0] != 2) { 1405 dev_err(dev, "Device sent reply with wrong MsgID: %u != 2\n", 1406 buffer[0]); 1407 if (file_data->auto_abort) 1408 usbtmc_ioctl_abort_bulk_in(data); 1409 goto exit; 1410 } 1411 1412 if (buffer[1] != data->bTag_last_write) { 1413 dev_err(dev, "Device sent reply with wrong bTag: %u != %u\n", 1414 buffer[1], data->bTag_last_write); 1415 if (file_data->auto_abort) 1416 usbtmc_ioctl_abort_bulk_in(data); 1417 goto exit; 1418 } 1419 1420 /* How many characters did the instrument send? */ 1421 n_characters = buffer[4] + 1422 (buffer[5] << 8) + 1423 (buffer[6] << 16) + 1424 (buffer[7] << 24); 1425 1426 file_data->bmTransferAttributes = buffer[8]; 1427 1428 dev_dbg(dev, "Bulk-IN header: N_characters(%u), bTransAttr(%u)\n", 1429 n_characters, buffer[8]); 1430 1431 if (n_characters > remaining) { 1432 dev_err(dev, "Device wants to return more data than requested: %u > %zu\n", 1433 n_characters, count); 1434 if (file_data->auto_abort) 1435 usbtmc_ioctl_abort_bulk_in(data); 1436 goto exit; 1437 } 1438 1439 print_hex_dump_debug("usbtmc ", DUMP_PREFIX_NONE, 1440 16, 1, buffer, actual, true); 1441 1442 remaining = n_characters; 1443 1444 /* Remove the USBTMC header */ 1445 actual -= USBTMC_HEADER_SIZE; 1446 1447 /* Remove padding if it exists */ 1448 if (actual > remaining) 1449 actual = remaining; 1450 1451 remaining -= actual; 1452 1453 /* Copy buffer to user space */ 1454 if (copy_to_user(buf, &buffer[USBTMC_HEADER_SIZE], actual)) { 1455 /* There must have been an addressing problem */ 1456 retval = -EFAULT; 1457 goto exit; 1458 } 1459 1460 if ((actual + USBTMC_HEADER_SIZE) == bufsize) { 1461 retval = usbtmc_generic_read(file_data, buf + actual, 1462 remaining, 1463 &done, 1464 USBTMC_FLAG_IGNORE_TRAILER); 1465 if (retval < 0) 1466 goto exit; 1467 } 1468 done += actual; 1469 1470 /* Update file position value */ 1471 *f_pos = *f_pos + done; 1472 retval = done; 1473 1474exit: 1475 mutex_unlock(&data->io_mutex); 1476 kfree(buffer); 1477 return retval; 1478} 1479 1480static ssize_t usbtmc_write(struct file *filp, const char __user *buf, 1481 size_t count, loff_t *f_pos) 1482{ 1483 struct usbtmc_file_data *file_data; 1484 struct usbtmc_device_data *data; 1485 struct urb *urb = NULL; 1486 ssize_t retval = 0; 1487 u8 *buffer; 1488 u32 remaining, done; 1489 u32 transfersize, aligned, buflen; 1490 1491 file_data = filp->private_data; 1492 data = file_data->data; 1493 1494 mutex_lock(&data->io_mutex); 1495 1496 if (data->zombie) { 1497 retval = -ENODEV; 1498 goto exit; 1499 } 1500 1501 done = 0; 1502 1503 spin_lock_irq(&file_data->err_lock); 1504 file_data->out_transfer_size = 0; 1505 file_data->out_status = 0; 1506 spin_unlock_irq(&file_data->err_lock); 1507 1508 if (!count) 1509 goto exit; 1510 1511 if (down_trylock(&file_data->limit_write_sem)) { 1512 /* previous calls were async */ 1513 retval = -EBUSY; 1514 goto exit; 1515 } 1516 1517 urb = usbtmc_create_urb(); 1518 if (!urb) { 1519 retval = -ENOMEM; 1520 up(&file_data->limit_write_sem); 1521 goto exit; 1522 } 1523 1524 buffer = urb->transfer_buffer; 1525 buflen = urb->transfer_buffer_length; 1526 1527 if (count > INT_MAX) { 1528 transfersize = INT_MAX; 1529 buffer[8] = 0; 1530 } else { 1531 transfersize = count; 1532 buffer[8] = file_data->eom_val; 1533 } 1534 1535 /* Setup IO buffer for DEV_DEP_MSG_OUT message */ 1536 buffer[0] = 1; 1537 buffer[1] = data->bTag; 1538 buffer[2] = ~data->bTag; 1539 buffer[3] = 0; /* Reserved */ 1540 buffer[4] = transfersize >> 0; 1541 buffer[5] = transfersize >> 8; 1542 buffer[6] = transfersize >> 16; 1543 buffer[7] = transfersize >> 24; 1544 /* buffer[8] is set above... */ 1545 buffer[9] = 0; /* Reserved */ 1546 buffer[10] = 0; /* Reserved */ 1547 buffer[11] = 0; /* Reserved */ 1548 1549 remaining = transfersize; 1550 1551 if (transfersize + USBTMC_HEADER_SIZE > buflen) { 1552 transfersize = buflen - USBTMC_HEADER_SIZE; 1553 aligned = buflen; 1554 } else { 1555 aligned = (transfersize + (USBTMC_HEADER_SIZE + 3)) & ~3; 1556 } 1557 1558 if (copy_from_user(&buffer[USBTMC_HEADER_SIZE], buf, transfersize)) { 1559 retval = -EFAULT; 1560 up(&file_data->limit_write_sem); 1561 goto exit; 1562 } 1563 1564 dev_dbg(&data->intf->dev, "%s(size:%u align:%u)\n", __func__, 1565 (unsigned int)transfersize, (unsigned int)aligned); 1566 1567 print_hex_dump_debug("usbtmc ", DUMP_PREFIX_NONE, 1568 16, 1, buffer, aligned, true); 1569 1570 usb_fill_bulk_urb(urb, data->usb_dev, 1571 usb_sndbulkpipe(data->usb_dev, data->bulk_out), 1572 urb->transfer_buffer, aligned, 1573 usbtmc_write_bulk_cb, file_data); 1574 1575 usb_anchor_urb(urb, &file_data->submitted); 1576 retval = usb_submit_urb(urb, GFP_KERNEL); 1577 if (unlikely(retval)) { 1578 usb_unanchor_urb(urb); 1579 up(&file_data->limit_write_sem); 1580 goto exit; 1581 } 1582 1583 remaining -= transfersize; 1584 1585 data->bTag_last_write = data->bTag; 1586 data->bTag++; 1587 1588 if (!data->bTag) 1589 data->bTag++; 1590 1591 /* call generic_write even when remaining = 0 */ 1592 retval = usbtmc_generic_write(file_data, buf + transfersize, remaining, 1593 &done, USBTMC_FLAG_APPEND); 1594 /* truncate alignment bytes */ 1595 if (done > remaining) 1596 done = remaining; 1597 1598 /*add size of first urb*/ 1599 done += transfersize; 1600 1601 if (retval < 0) { 1602 usb_kill_anchored_urbs(&file_data->submitted); 1603 1604 dev_err(&data->intf->dev, 1605 "Unable to send data, error %d\n", (int)retval); 1606 if (file_data->auto_abort) 1607 usbtmc_ioctl_abort_bulk_out(data); 1608 goto exit; 1609 } 1610 1611 retval = done; 1612exit: 1613 usb_free_urb(urb); 1614 mutex_unlock(&data->io_mutex); 1615 return retval; 1616} 1617 1618static int usbtmc_ioctl_clear(struct usbtmc_device_data *data) 1619{ 1620 struct device *dev; 1621 u8 *buffer; 1622 int rv; 1623 int n; 1624 int actual = 0; 1625 1626 dev = &data->intf->dev; 1627 1628 dev_dbg(dev, "Sending INITIATE_CLEAR request\n"); 1629 1630 buffer = kmalloc(USBTMC_BUFSIZE, GFP_KERNEL); 1631 if (!buffer) 1632 return -ENOMEM; 1633 1634 rv = usb_control_msg(data->usb_dev, 1635 usb_rcvctrlpipe(data->usb_dev, 0), 1636 USBTMC_REQUEST_INITIATE_CLEAR, 1637 USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_INTERFACE, 1638 0, 0, buffer, 1, USB_CTRL_GET_TIMEOUT); 1639 if (rv < 0) { 1640 dev_err(dev, "usb_control_msg returned %d\n", rv); 1641 goto exit; 1642 } 1643 1644 dev_dbg(dev, "INITIATE_CLEAR returned %x\n", buffer[0]); 1645 1646 if (buffer[0] != USBTMC_STATUS_SUCCESS) { 1647 dev_err(dev, "INITIATE_CLEAR returned %x\n", buffer[0]); 1648 rv = -EPERM; 1649 goto exit; 1650 } 1651 1652 n = 0; 1653 1654usbtmc_clear_check_status: 1655 1656 dev_dbg(dev, "Sending CHECK_CLEAR_STATUS request\n"); 1657 1658 rv = usb_control_msg(data->usb_dev, 1659 usb_rcvctrlpipe(data->usb_dev, 0), 1660 USBTMC_REQUEST_CHECK_CLEAR_STATUS, 1661 USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_INTERFACE, 1662 0, 0, buffer, 2, USB_CTRL_GET_TIMEOUT); 1663 if (rv < 0) { 1664 dev_err(dev, "usb_control_msg returned %d\n", rv); 1665 goto exit; 1666 } 1667 1668 dev_dbg(dev, "CHECK_CLEAR_STATUS returned %x\n", buffer[0]); 1669 1670 if (buffer[0] == USBTMC_STATUS_SUCCESS) 1671 goto usbtmc_clear_bulk_out_halt; 1672 1673 if (buffer[0] != USBTMC_STATUS_PENDING) { 1674 dev_err(dev, "CHECK_CLEAR_STATUS returned %x\n", buffer[0]); 1675 rv = -EPERM; 1676 goto exit; 1677 } 1678 1679 if ((buffer[1] & 1) != 0) { 1680 do { 1681 dev_dbg(dev, "Reading from bulk in EP\n"); 1682 1683 actual = 0; 1684 rv = usb_bulk_msg(data->usb_dev, 1685 usb_rcvbulkpipe(data->usb_dev, 1686 data->bulk_in), 1687 buffer, USBTMC_BUFSIZE, 1688 &actual, USB_CTRL_GET_TIMEOUT); 1689 1690 print_hex_dump_debug("usbtmc ", DUMP_PREFIX_NONE, 1691 16, 1, buffer, actual, true); 1692 1693 n++; 1694 1695 if (rv < 0) { 1696 dev_err(dev, "usb_control_msg returned %d\n", 1697 rv); 1698 goto exit; 1699 } 1700 } while ((actual == USBTMC_BUFSIZE) && 1701 (n < USBTMC_MAX_READS_TO_CLEAR_BULK_IN)); 1702 } else { 1703 /* do not stress device with subsequent requests */ 1704 msleep(50); 1705 n++; 1706 } 1707 1708 if (n >= USBTMC_MAX_READS_TO_CLEAR_BULK_IN) { 1709 dev_err(dev, "Couldn't clear device buffer within %d cycles\n", 1710 USBTMC_MAX_READS_TO_CLEAR_BULK_IN); 1711 rv = -EPERM; 1712 goto exit; 1713 } 1714 1715 goto usbtmc_clear_check_status; 1716 1717usbtmc_clear_bulk_out_halt: 1718 1719 rv = usb_clear_halt(data->usb_dev, 1720 usb_sndbulkpipe(data->usb_dev, data->bulk_out)); 1721 if (rv < 0) { 1722 dev_err(dev, "usb_clear_halt returned %d\n", rv); 1723 goto exit; 1724 } 1725 rv = 0; 1726 1727exit: 1728 kfree(buffer); 1729 return rv; 1730} 1731 1732static int usbtmc_ioctl_clear_out_halt(struct usbtmc_device_data *data) 1733{ 1734 int rv; 1735 1736 rv = usb_clear_halt(data->usb_dev, 1737 usb_sndbulkpipe(data->usb_dev, data->bulk_out)); 1738 1739 if (rv < 0) 1740 dev_err(&data->usb_dev->dev, "%s returned %d\n", __func__, rv); 1741 return rv; 1742} 1743 1744static int usbtmc_ioctl_clear_in_halt(struct usbtmc_device_data *data) 1745{ 1746 int rv; 1747 1748 rv = usb_clear_halt(data->usb_dev, 1749 usb_rcvbulkpipe(data->usb_dev, data->bulk_in)); 1750 1751 if (rv < 0) 1752 dev_err(&data->usb_dev->dev, "%s returned %d\n", __func__, rv); 1753 return rv; 1754} 1755 1756static int usbtmc_ioctl_cancel_io(struct usbtmc_file_data *file_data) 1757{ 1758 spin_lock_irq(&file_data->err_lock); 1759 file_data->in_status = -ECANCELED; 1760 file_data->out_status = -ECANCELED; 1761 spin_unlock_irq(&file_data->err_lock); 1762 usb_kill_anchored_urbs(&file_data->submitted); 1763 return 0; 1764} 1765 1766static int usbtmc_ioctl_cleanup_io(struct usbtmc_file_data *file_data) 1767{ 1768 usb_kill_anchored_urbs(&file_data->submitted); 1769 usb_scuttle_anchored_urbs(&file_data->in_anchor); 1770 spin_lock_irq(&file_data->err_lock); 1771 file_data->in_status = 0; 1772 file_data->in_transfer_size = 0; 1773 file_data->out_status = 0; 1774 file_data->out_transfer_size = 0; 1775 spin_unlock_irq(&file_data->err_lock); 1776 1777 file_data->in_urbs_used = 0; 1778 return 0; 1779} 1780 1781static int get_capabilities(struct usbtmc_device_data *data) 1782{ 1783 struct device *dev = &data->usb_dev->dev; 1784 char *buffer; 1785 int rv = 0; 1786 1787 buffer = kmalloc(0x18, GFP_KERNEL); 1788 if (!buffer) 1789 return -ENOMEM; 1790 1791 rv = usb_control_msg(data->usb_dev, usb_rcvctrlpipe(data->usb_dev, 0), 1792 USBTMC_REQUEST_GET_CAPABILITIES, 1793 USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_INTERFACE, 1794 0, 0, buffer, 0x18, USB_CTRL_GET_TIMEOUT); 1795 if (rv < 0) { 1796 dev_err(dev, "usb_control_msg returned %d\n", rv); 1797 goto err_out; 1798 } 1799 1800 dev_dbg(dev, "GET_CAPABILITIES returned %x\n", buffer[0]); 1801 if (buffer[0] != USBTMC_STATUS_SUCCESS) { 1802 dev_err(dev, "GET_CAPABILITIES returned %x\n", buffer[0]); 1803 rv = -EPERM; 1804 goto err_out; 1805 } 1806 dev_dbg(dev, "Interface capabilities are %x\n", buffer[4]); 1807 dev_dbg(dev, "Device capabilities are %x\n", buffer[5]); 1808 dev_dbg(dev, "USB488 interface capabilities are %x\n", buffer[14]); 1809 dev_dbg(dev, "USB488 device capabilities are %x\n", buffer[15]); 1810 1811 data->capabilities.interface_capabilities = buffer[4]; 1812 data->capabilities.device_capabilities = buffer[5]; 1813 data->capabilities.usb488_interface_capabilities = buffer[14]; 1814 data->capabilities.usb488_device_capabilities = buffer[15]; 1815 data->usb488_caps = (buffer[14] & 0x07) | ((buffer[15] & 0x0f) << 4); 1816 rv = 0; 1817 1818err_out: 1819 kfree(buffer); 1820 return rv; 1821} 1822 1823#define capability_attribute(name) \ 1824static ssize_t name##_show(struct device *dev, \ 1825 struct device_attribute *attr, char *buf) \ 1826{ \ 1827 struct usb_interface *intf = to_usb_interface(dev); \ 1828 struct usbtmc_device_data *data = usb_get_intfdata(intf); \ 1829 \ 1830 return sprintf(buf, "%d\n", data->capabilities.name); \ 1831} \ 1832static DEVICE_ATTR_RO(name) 1833 1834capability_attribute(interface_capabilities); 1835capability_attribute(device_capabilities); 1836capability_attribute(usb488_interface_capabilities); 1837capability_attribute(usb488_device_capabilities); 1838 1839static struct attribute *usbtmc_attrs[] = { 1840 &dev_attr_interface_capabilities.attr, 1841 &dev_attr_device_capabilities.attr, 1842 &dev_attr_usb488_interface_capabilities.attr, 1843 &dev_attr_usb488_device_capabilities.attr, 1844 NULL, 1845}; 1846ATTRIBUTE_GROUPS(usbtmc); 1847 1848static int usbtmc_ioctl_indicator_pulse(struct usbtmc_device_data *data) 1849{ 1850 struct device *dev; 1851 u8 *buffer; 1852 int rv; 1853 1854 dev = &data->intf->dev; 1855 1856 buffer = kmalloc(2, GFP_KERNEL); 1857 if (!buffer) 1858 return -ENOMEM; 1859 1860 rv = usb_control_msg(data->usb_dev, 1861 usb_rcvctrlpipe(data->usb_dev, 0), 1862 USBTMC_REQUEST_INDICATOR_PULSE, 1863 USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_INTERFACE, 1864 0, 0, buffer, 0x01, USB_CTRL_GET_TIMEOUT); 1865 1866 if (rv < 0) { 1867 dev_err(dev, "usb_control_msg returned %d\n", rv); 1868 goto exit; 1869 } 1870 1871 dev_dbg(dev, "INDICATOR_PULSE returned %x\n", buffer[0]); 1872 1873 if (buffer[0] != USBTMC_STATUS_SUCCESS) { 1874 dev_err(dev, "INDICATOR_PULSE returned %x\n", buffer[0]); 1875 rv = -EPERM; 1876 goto exit; 1877 } 1878 rv = 0; 1879 1880exit: 1881 kfree(buffer); 1882 return rv; 1883} 1884 1885static int usbtmc_ioctl_request(struct usbtmc_device_data *data, 1886 void __user *arg) 1887{ 1888 struct device *dev = &data->intf->dev; 1889 struct usbtmc_ctrlrequest request; 1890 u8 *buffer = NULL; 1891 int rv; 1892 unsigned int is_in, pipe; 1893 unsigned long res; 1894 1895 res = copy_from_user(&request, arg, sizeof(struct usbtmc_ctrlrequest)); 1896 if (res) 1897 return -EFAULT; 1898 1899 if (request.req.wLength > USBTMC_BUFSIZE) 1900 return -EMSGSIZE; 1901 if (request.req.wLength == 0) /* Length-0 requests are never IN */ 1902 request.req.bRequestType &= ~USB_DIR_IN; 1903 1904 is_in = request.req.bRequestType & USB_DIR_IN; 1905 1906 if (request.req.wLength) { 1907 buffer = kmalloc(request.req.wLength, GFP_KERNEL); 1908 if (!buffer) 1909 return -ENOMEM; 1910 1911 if (!is_in) { 1912 /* Send control data to device */ 1913 res = copy_from_user(buffer, request.data, 1914 request.req.wLength); 1915 if (res) { 1916 rv = -EFAULT; 1917 goto exit; 1918 } 1919 } 1920 } 1921 1922 if (is_in) 1923 pipe = usb_rcvctrlpipe(data->usb_dev, 0); 1924 else 1925 pipe = usb_sndctrlpipe(data->usb_dev, 0); 1926 rv = usb_control_msg(data->usb_dev, 1927 pipe, 1928 request.req.bRequest, 1929 request.req.bRequestType, 1930 request.req.wValue, 1931 request.req.wIndex, 1932 buffer, request.req.wLength, USB_CTRL_GET_TIMEOUT); 1933 1934 if (rv < 0) { 1935 dev_err(dev, "%s failed %d\n", __func__, rv); 1936 goto exit; 1937 } 1938 1939 if (rv && is_in) { 1940 /* Read control data from device */ 1941 res = copy_to_user(request.data, buffer, rv); 1942 if (res) 1943 rv = -EFAULT; 1944 } 1945 1946 exit: 1947 kfree(buffer); 1948 return rv; 1949} 1950 1951/* 1952 * Get the usb timeout value 1953 */ 1954static int usbtmc_ioctl_get_timeout(struct usbtmc_file_data *file_data, 1955 void __user *arg) 1956{ 1957 u32 timeout; 1958 1959 timeout = file_data->timeout; 1960 1961 return put_user(timeout, (__u32 __user *)arg); 1962} 1963 1964/* 1965 * Set the usb timeout value 1966 */ 1967static int usbtmc_ioctl_set_timeout(struct usbtmc_file_data *file_data, 1968 void __user *arg) 1969{ 1970 u32 timeout; 1971 1972 if (get_user(timeout, (__u32 __user *)arg)) 1973 return -EFAULT; 1974 1975 /* Note that timeout = 0 means 1976 * MAX_SCHEDULE_TIMEOUT in usb_control_msg 1977 */ 1978 if (timeout < USBTMC_MIN_TIMEOUT) 1979 return -EINVAL; 1980 1981 file_data->timeout = timeout; 1982 1983 return 0; 1984} 1985 1986/* 1987 * enables/disables sending EOM on write 1988 */ 1989static int usbtmc_ioctl_eom_enable(struct usbtmc_file_data *file_data, 1990 void __user *arg) 1991{ 1992 u8 eom_enable; 1993 1994 if (copy_from_user(&eom_enable, arg, sizeof(eom_enable))) 1995 return -EFAULT; 1996 1997 if (eom_enable > 1) 1998 return -EINVAL; 1999 2000 file_data->eom_val = eom_enable; 2001 2002 return 0; 2003} 2004 2005/* 2006 * Configure termination character for read() 2007 */ 2008static int usbtmc_ioctl_config_termc(struct usbtmc_file_data *file_data, 2009 void __user *arg) 2010{ 2011 struct usbtmc_termchar termc; 2012 2013 if (copy_from_user(&termc, arg, sizeof(termc))) 2014 return -EFAULT; 2015 2016 if ((termc.term_char_enabled > 1) || 2017 (termc.term_char_enabled && 2018 !(file_data->data->capabilities.device_capabilities & 1))) 2019 return -EINVAL; 2020 2021 file_data->term_char = termc.term_char; 2022 file_data->term_char_enabled = termc.term_char_enabled; 2023 2024 return 0; 2025} 2026 2027static long usbtmc_ioctl(struct file *file, unsigned int cmd, unsigned long arg) 2028{ 2029 struct usbtmc_file_data *file_data; 2030 struct usbtmc_device_data *data; 2031 int retval = -EBADRQC; 2032 __u8 tmp_byte; 2033 2034 file_data = file->private_data; 2035 data = file_data->data; 2036 2037 mutex_lock(&data->io_mutex); 2038 if (data->zombie) { 2039 retval = -ENODEV; 2040 goto skip_io_on_zombie; 2041 } 2042 2043 switch (cmd) { 2044 case USBTMC_IOCTL_CLEAR_OUT_HALT: 2045 retval = usbtmc_ioctl_clear_out_halt(data); 2046 break; 2047 2048 case USBTMC_IOCTL_CLEAR_IN_HALT: 2049 retval = usbtmc_ioctl_clear_in_halt(data); 2050 break; 2051 2052 case USBTMC_IOCTL_INDICATOR_PULSE: 2053 retval = usbtmc_ioctl_indicator_pulse(data); 2054 break; 2055 2056 case USBTMC_IOCTL_CLEAR: 2057 retval = usbtmc_ioctl_clear(data); 2058 break; 2059 2060 case USBTMC_IOCTL_ABORT_BULK_OUT: 2061 retval = usbtmc_ioctl_abort_bulk_out(data); 2062 break; 2063 2064 case USBTMC_IOCTL_ABORT_BULK_IN: 2065 retval = usbtmc_ioctl_abort_bulk_in(data); 2066 break; 2067 2068 case USBTMC_IOCTL_CTRL_REQUEST: 2069 retval = usbtmc_ioctl_request(data, (void __user *)arg); 2070 break; 2071 2072 case USBTMC_IOCTL_GET_TIMEOUT: 2073 retval = usbtmc_ioctl_get_timeout(file_data, 2074 (void __user *)arg); 2075 break; 2076 2077 case USBTMC_IOCTL_SET_TIMEOUT: 2078 retval = usbtmc_ioctl_set_timeout(file_data, 2079 (void __user *)arg); 2080 break; 2081 2082 case USBTMC_IOCTL_EOM_ENABLE: 2083 retval = usbtmc_ioctl_eom_enable(file_data, 2084 (void __user *)arg); 2085 break; 2086 2087 case USBTMC_IOCTL_CONFIG_TERMCHAR: 2088 retval = usbtmc_ioctl_config_termc(file_data, 2089 (void __user *)arg); 2090 break; 2091 2092 case USBTMC_IOCTL_WRITE: 2093 retval = usbtmc_ioctl_generic_write(file_data, 2094 (void __user *)arg); 2095 break; 2096 2097 case USBTMC_IOCTL_READ: 2098 retval = usbtmc_ioctl_generic_read(file_data, 2099 (void __user *)arg); 2100 break; 2101 2102 case USBTMC_IOCTL_WRITE_RESULT: 2103 retval = usbtmc_ioctl_write_result(file_data, 2104 (void __user *)arg); 2105 break; 2106 2107 case USBTMC_IOCTL_API_VERSION: 2108 retval = put_user(USBTMC_API_VERSION, 2109 (__u32 __user *)arg); 2110 break; 2111 2112 case USBTMC488_IOCTL_GET_CAPS: 2113 retval = put_user(data->usb488_caps, 2114 (unsigned char __user *)arg); 2115 break; 2116 2117 case USBTMC488_IOCTL_READ_STB: 2118 retval = usbtmc488_ioctl_read_stb(file_data, 2119 (void __user *)arg); 2120 break; 2121 2122 case USBTMC488_IOCTL_REN_CONTROL: 2123 retval = usbtmc488_ioctl_simple(data, (void __user *)arg, 2124 USBTMC488_REQUEST_REN_CONTROL); 2125 break; 2126 2127 case USBTMC488_IOCTL_GOTO_LOCAL: 2128 retval = usbtmc488_ioctl_simple(data, (void __user *)arg, 2129 USBTMC488_REQUEST_GOTO_LOCAL); 2130 break; 2131 2132 case USBTMC488_IOCTL_LOCAL_LOCKOUT: 2133 retval = usbtmc488_ioctl_simple(data, (void __user *)arg, 2134 USBTMC488_REQUEST_LOCAL_LOCKOUT); 2135 break; 2136 2137 case USBTMC488_IOCTL_TRIGGER: 2138 retval = usbtmc488_ioctl_trigger(file_data); 2139 break; 2140 2141 case USBTMC488_IOCTL_WAIT_SRQ: 2142 retval = usbtmc488_ioctl_wait_srq(file_data, 2143 (__u32 __user *)arg); 2144 break; 2145 2146 case USBTMC_IOCTL_MSG_IN_ATTR: 2147 retval = put_user(file_data->bmTransferAttributes, 2148 (__u8 __user *)arg); 2149 break; 2150 2151 case USBTMC_IOCTL_AUTO_ABORT: 2152 retval = get_user(tmp_byte, (unsigned char __user *)arg); 2153 if (retval == 0) 2154 file_data->auto_abort = !!tmp_byte; 2155 break; 2156 2157 case USBTMC_IOCTL_CANCEL_IO: 2158 retval = usbtmc_ioctl_cancel_io(file_data); 2159 break; 2160 2161 case USBTMC_IOCTL_CLEANUP_IO: 2162 retval = usbtmc_ioctl_cleanup_io(file_data); 2163 break; 2164 } 2165 2166skip_io_on_zombie: 2167 mutex_unlock(&data->io_mutex); 2168 return retval; 2169} 2170 2171static int usbtmc_fasync(int fd, struct file *file, int on) 2172{ 2173 struct usbtmc_file_data *file_data = file->private_data; 2174 2175 return fasync_helper(fd, file, on, &file_data->data->fasync); 2176} 2177 2178static __poll_t usbtmc_poll(struct file *file, poll_table *wait) 2179{ 2180 struct usbtmc_file_data *file_data = file->private_data; 2181 struct usbtmc_device_data *data = file_data->data; 2182 __poll_t mask; 2183 2184 mutex_lock(&data->io_mutex); 2185 2186 if (data->zombie) { 2187 mask = EPOLLHUP | EPOLLERR; 2188 goto no_poll; 2189 } 2190 2191 poll_wait(file, &data->waitq, wait); 2192 2193 /* Note that EPOLLPRI is now assigned to SRQ, and 2194 * EPOLLIN|EPOLLRDNORM to normal read data. 2195 */ 2196 mask = 0; 2197 if (atomic_read(&file_data->srq_asserted)) 2198 mask |= EPOLLPRI; 2199 2200 /* Note that the anchor submitted includes all urbs for BULK IN 2201 * and OUT. So EPOLLOUT is signaled when BULK OUT is empty and 2202 * all BULK IN urbs are completed and moved to in_anchor. 2203 */ 2204 if (usb_anchor_empty(&file_data->submitted)) 2205 mask |= (EPOLLOUT | EPOLLWRNORM); 2206 if (!usb_anchor_empty(&file_data->in_anchor)) 2207 mask |= (EPOLLIN | EPOLLRDNORM); 2208 2209 spin_lock_irq(&file_data->err_lock); 2210 if (file_data->in_status || file_data->out_status) 2211 mask |= EPOLLERR; 2212 spin_unlock_irq(&file_data->err_lock); 2213 2214 dev_dbg(&data->intf->dev, "poll mask = %x\n", mask); 2215 2216no_poll: 2217 mutex_unlock(&data->io_mutex); 2218 return mask; 2219} 2220 2221static const struct file_operations fops = { 2222 .owner = THIS_MODULE, 2223 .read = usbtmc_read, 2224 .write = usbtmc_write, 2225 .open = usbtmc_open, 2226 .release = usbtmc_release, 2227 .flush = usbtmc_flush, 2228 .unlocked_ioctl = usbtmc_ioctl, 2229 .compat_ioctl = compat_ptr_ioctl, 2230 .fasync = usbtmc_fasync, 2231 .poll = usbtmc_poll, 2232 .llseek = default_llseek, 2233}; 2234 2235static struct usb_class_driver usbtmc_class = { 2236 .name = "usbtmc%d", 2237 .fops = &fops, 2238 .minor_base = USBTMC_MINOR_BASE, 2239}; 2240 2241static void usbtmc_interrupt(struct urb *urb) 2242{ 2243 struct usbtmc_device_data *data = urb->context; 2244 struct device *dev = &data->intf->dev; 2245 int status = urb->status; 2246 int rv; 2247 2248 dev_dbg(&data->intf->dev, "int status: %d len %d\n", 2249 status, urb->actual_length); 2250 2251 switch (status) { 2252 case 0: /* SUCCESS */ 2253 /* check for valid STB notification */ 2254 if (data->iin_buffer[0] > 0x81) { 2255 data->bNotify1 = data->iin_buffer[0]; 2256 data->bNotify2 = data->iin_buffer[1]; 2257 atomic_set(&data->iin_data_valid, 1); 2258 wake_up_interruptible(&data->waitq); 2259 goto exit; 2260 } 2261 /* check for SRQ notification */ 2262 if (data->iin_buffer[0] == 0x81) { 2263 unsigned long flags; 2264 struct list_head *elem; 2265 2266 if (data->fasync) 2267 kill_fasync(&data->fasync, 2268 SIGIO, POLL_PRI); 2269 2270 spin_lock_irqsave(&data->dev_lock, flags); 2271 list_for_each(elem, &data->file_list) { 2272 struct usbtmc_file_data *file_data; 2273 2274 file_data = list_entry(elem, 2275 struct usbtmc_file_data, 2276 file_elem); 2277 file_data->srq_byte = data->iin_buffer[1]; 2278 atomic_set(&file_data->srq_asserted, 1); 2279 } 2280 spin_unlock_irqrestore(&data->dev_lock, flags); 2281 2282 dev_dbg(dev, "srq received bTag %x stb %x\n", 2283 (unsigned int)data->iin_buffer[0], 2284 (unsigned int)data->iin_buffer[1]); 2285 wake_up_interruptible_all(&data->waitq); 2286 goto exit; 2287 } 2288 dev_warn(dev, "invalid notification: %x\n", 2289 data->iin_buffer[0]); 2290 break; 2291 case -EOVERFLOW: 2292 dev_err(dev, "overflow with length %d, actual length is %d\n", 2293 data->iin_wMaxPacketSize, urb->actual_length); 2294 fallthrough; 2295 default: 2296 /* urb terminated, clean up */ 2297 dev_dbg(dev, "urb terminated, status: %d\n", status); 2298 return; 2299 } 2300exit: 2301 rv = usb_submit_urb(urb, GFP_ATOMIC); 2302 if (rv) 2303 dev_err(dev, "usb_submit_urb failed: %d\n", rv); 2304} 2305 2306static void usbtmc_free_int(struct usbtmc_device_data *data) 2307{ 2308 if (!data->iin_ep_present || !data->iin_urb) 2309 return; 2310 usb_kill_urb(data->iin_urb); 2311 kfree(data->iin_buffer); 2312 data->iin_buffer = NULL; 2313 usb_free_urb(data->iin_urb); 2314 data->iin_urb = NULL; 2315 kref_put(&data->kref, usbtmc_delete); 2316} 2317 2318static int usbtmc_probe(struct usb_interface *intf, 2319 const struct usb_device_id *id) 2320{ 2321 struct usbtmc_device_data *data; 2322 struct usb_host_interface *iface_desc; 2323 struct usb_endpoint_descriptor *bulk_in, *bulk_out, *int_in; 2324 int retcode; 2325 2326 dev_dbg(&intf->dev, "%s called\n", __func__); 2327 2328 data = kzalloc(sizeof(*data), GFP_KERNEL); 2329 if (!data) 2330 return -ENOMEM; 2331 2332 data->intf = intf; 2333 data->id = id; 2334 data->usb_dev = usb_get_dev(interface_to_usbdev(intf)); 2335 usb_set_intfdata(intf, data); 2336 kref_init(&data->kref); 2337 mutex_init(&data->io_mutex); 2338 init_waitqueue_head(&data->waitq); 2339 atomic_set(&data->iin_data_valid, 0); 2340 INIT_LIST_HEAD(&data->file_list); 2341 spin_lock_init(&data->dev_lock); 2342 2343 data->zombie = 0; 2344 2345 /* Initialize USBTMC bTag and other fields */ 2346 data->bTag = 1; 2347 /* 2 <= bTag <= 127 USBTMC-USB488 subclass specification 4.3.1 */ 2348 data->iin_bTag = 2; 2349 2350 /* USBTMC devices have only one setting, so use that */ 2351 iface_desc = data->intf->cur_altsetting; 2352 data->ifnum = iface_desc->desc.bInterfaceNumber; 2353 2354 /* Find bulk endpoints */ 2355 retcode = usb_find_common_endpoints(iface_desc, 2356 &bulk_in, &bulk_out, NULL, NULL); 2357 if (retcode) { 2358 dev_err(&intf->dev, "bulk endpoints not found\n"); 2359 goto err_put; 2360 } 2361 2362 retcode = -EINVAL; 2363 data->bulk_in = bulk_in->bEndpointAddress; 2364 data->wMaxPacketSize = usb_endpoint_maxp(bulk_in); 2365 if (!data->wMaxPacketSize) 2366 goto err_put; 2367 dev_dbg(&intf->dev, "Found bulk in endpoint at %u\n", data->bulk_in); 2368 2369 data->bulk_out = bulk_out->bEndpointAddress; 2370 dev_dbg(&intf->dev, "Found Bulk out endpoint at %u\n", data->bulk_out); 2371 2372 /* Find int endpoint */ 2373 retcode = usb_find_int_in_endpoint(iface_desc, &int_in); 2374 if (!retcode) { 2375 data->iin_ep_present = 1; 2376 data->iin_ep = int_in->bEndpointAddress; 2377 data->iin_wMaxPacketSize = usb_endpoint_maxp(int_in); 2378 data->iin_interval = int_in->bInterval; 2379 dev_dbg(&intf->dev, "Found Int in endpoint at %u\n", 2380 data->iin_ep); 2381 } 2382 2383 retcode = get_capabilities(data); 2384 if (retcode) 2385 dev_err(&intf->dev, "can't read capabilities\n"); 2386 2387 if (data->iin_ep_present) { 2388 /* allocate int urb */ 2389 data->iin_urb = usb_alloc_urb(0, GFP_KERNEL); 2390 if (!data->iin_urb) { 2391 retcode = -ENOMEM; 2392 goto error_register; 2393 } 2394 2395 /* Protect interrupt in endpoint data until iin_urb is freed */ 2396 kref_get(&data->kref); 2397 2398 /* allocate buffer for interrupt in */ 2399 data->iin_buffer = kmalloc(data->iin_wMaxPacketSize, 2400 GFP_KERNEL); 2401 if (!data->iin_buffer) { 2402 retcode = -ENOMEM; 2403 goto error_register; 2404 } 2405 2406 /* fill interrupt urb */ 2407 usb_fill_int_urb(data->iin_urb, data->usb_dev, 2408 usb_rcvintpipe(data->usb_dev, data->iin_ep), 2409 data->iin_buffer, data->iin_wMaxPacketSize, 2410 usbtmc_interrupt, 2411 data, data->iin_interval); 2412 2413 retcode = usb_submit_urb(data->iin_urb, GFP_KERNEL); 2414 if (retcode) { 2415 dev_err(&intf->dev, "Failed to submit iin_urb\n"); 2416 goto error_register; 2417 } 2418 } 2419 2420 retcode = usb_register_dev(intf, &usbtmc_class); 2421 if (retcode) { 2422 dev_err(&intf->dev, "Not able to get a minor (base %u, slice default): %d\n", 2423 USBTMC_MINOR_BASE, 2424 retcode); 2425 goto error_register; 2426 } 2427 dev_dbg(&intf->dev, "Using minor number %d\n", intf->minor); 2428 2429 return 0; 2430 2431error_register: 2432 usbtmc_free_int(data); 2433err_put: 2434 kref_put(&data->kref, usbtmc_delete); 2435 return retcode; 2436} 2437 2438static void usbtmc_disconnect(struct usb_interface *intf) 2439{ 2440 struct usbtmc_device_data *data = usb_get_intfdata(intf); 2441 struct list_head *elem; 2442 2443 usb_deregister_dev(intf, &usbtmc_class); 2444 mutex_lock(&data->io_mutex); 2445 data->zombie = 1; 2446 wake_up_interruptible_all(&data->waitq); 2447 list_for_each(elem, &data->file_list) { 2448 struct usbtmc_file_data *file_data; 2449 2450 file_data = list_entry(elem, 2451 struct usbtmc_file_data, 2452 file_elem); 2453 usb_kill_anchored_urbs(&file_data->submitted); 2454 usb_scuttle_anchored_urbs(&file_data->in_anchor); 2455 } 2456 mutex_unlock(&data->io_mutex); 2457 usbtmc_free_int(data); 2458 kref_put(&data->kref, usbtmc_delete); 2459} 2460 2461static void usbtmc_draw_down(struct usbtmc_file_data *file_data) 2462{ 2463 int time; 2464 2465 time = usb_wait_anchor_empty_timeout(&file_data->submitted, 1000); 2466 if (!time) 2467 usb_kill_anchored_urbs(&file_data->submitted); 2468 usb_scuttle_anchored_urbs(&file_data->in_anchor); 2469} 2470 2471static int usbtmc_suspend(struct usb_interface *intf, pm_message_t message) 2472{ 2473 struct usbtmc_device_data *data = usb_get_intfdata(intf); 2474 struct list_head *elem; 2475 2476 if (!data) 2477 return 0; 2478 2479 mutex_lock(&data->io_mutex); 2480 list_for_each(elem, &data->file_list) { 2481 struct usbtmc_file_data *file_data; 2482 2483 file_data = list_entry(elem, 2484 struct usbtmc_file_data, 2485 file_elem); 2486 usbtmc_draw_down(file_data); 2487 } 2488 2489 if (data->iin_ep_present && data->iin_urb) 2490 usb_kill_urb(data->iin_urb); 2491 2492 mutex_unlock(&data->io_mutex); 2493 return 0; 2494} 2495 2496static int usbtmc_resume(struct usb_interface *intf) 2497{ 2498 struct usbtmc_device_data *data = usb_get_intfdata(intf); 2499 int retcode = 0; 2500 2501 if (data->iin_ep_present && data->iin_urb) 2502 retcode = usb_submit_urb(data->iin_urb, GFP_KERNEL); 2503 if (retcode) 2504 dev_err(&intf->dev, "Failed to submit iin_urb\n"); 2505 2506 return retcode; 2507} 2508 2509static int usbtmc_pre_reset(struct usb_interface *intf) 2510{ 2511 struct usbtmc_device_data *data = usb_get_intfdata(intf); 2512 struct list_head *elem; 2513 2514 if (!data) 2515 return 0; 2516 2517 mutex_lock(&data->io_mutex); 2518 2519 list_for_each(elem, &data->file_list) { 2520 struct usbtmc_file_data *file_data; 2521 2522 file_data = list_entry(elem, 2523 struct usbtmc_file_data, 2524 file_elem); 2525 usbtmc_ioctl_cancel_io(file_data); 2526 } 2527 2528 return 0; 2529} 2530 2531static int usbtmc_post_reset(struct usb_interface *intf) 2532{ 2533 struct usbtmc_device_data *data = usb_get_intfdata(intf); 2534 2535 mutex_unlock(&data->io_mutex); 2536 2537 return 0; 2538} 2539 2540static struct usb_driver usbtmc_driver = { 2541 .name = "usbtmc", 2542 .id_table = usbtmc_devices, 2543 .probe = usbtmc_probe, 2544 .disconnect = usbtmc_disconnect, 2545 .suspend = usbtmc_suspend, 2546 .resume = usbtmc_resume, 2547 .pre_reset = usbtmc_pre_reset, 2548 .post_reset = usbtmc_post_reset, 2549 .dev_groups = usbtmc_groups, 2550}; 2551 2552module_usb_driver(usbtmc_driver); 2553 2554MODULE_LICENSE("GPL"); 2555