1 // SPDX-License-Identifier: GPL-2.0+
2 /*
3 * drivers/usb/class/usbtmc.c - USB Test & Measurement class driver
4 *
5 * Copyright (C) 2007 Stefan Kopp, Gechingen, Germany
6 * Copyright (C) 2008 Novell, Inc.
7 * Copyright (C) 2008 Greg Kroah-Hartman <gregkh@suse.de>
8 * Copyright (C) 2018 IVI Foundation, Inc.
9 */
10
11 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
12
13 #include <linux/module.h>
14 #include <linux/kernel.h>
15 #include <linux/fs.h>
16 #include <linux/uaccess.h>
17 #include <linux/kref.h>
18 #include <linux/slab.h>
19 #include <linux/poll.h>
20 #include <linux/mutex.h>
21 #include <linux/usb.h>
22 #include <linux/compat.h>
23 #include <linux/usb/tmc.h>
24
25 /* Increment API VERSION when changing tmc.h with new flags or ioctls
26 * or when changing a significant behavior of the driver.
27 */
28 #define USBTMC_API_VERSION (3)
29
30 #define USBTMC_HEADER_SIZE 12
31 #define USBTMC_MINOR_BASE 176
32
33 /* Minimum USB timeout (in milliseconds) */
34 #define USBTMC_MIN_TIMEOUT 100
35 /* Default USB timeout (in milliseconds) */
36 #define USBTMC_TIMEOUT 5000
37
38 /* Max number of urbs used in write transfers */
39 #define MAX_URBS_IN_FLIGHT 16
40 /* I/O buffer size used in generic read/write functions */
41 #define USBTMC_BUFSIZE (4096)
42
43 /*
44 * Maximum number of read cycles to empty bulk in endpoint during CLEAR and
45 * ABORT_BULK_IN requests. Ends the loop if (for whatever reason) a short
46 * packet is never read.
47 */
48 #define USBTMC_MAX_READS_TO_CLEAR_BULK_IN 100
49
50 static const struct usb_device_id usbtmc_devices[] = {
51 { USB_INTERFACE_INFO(USB_CLASS_APP_SPEC, 3, 0), },
52 { USB_INTERFACE_INFO(USB_CLASS_APP_SPEC, 3, 1), },
53 { 0, } /* terminating entry */
54 };
55 MODULE_DEVICE_TABLE(usb, usbtmc_devices);
56
57 /*
58 * This structure is the capabilities for the device
59 * See section 4.2.1.8 of the USBTMC specification,
60 * and section 4.2.2 of the USBTMC usb488 subclass
61 * specification for details.
62 */
63 struct usbtmc_dev_capabilities {
64 __u8 interface_capabilities;
65 __u8 device_capabilities;
66 __u8 usb488_interface_capabilities;
67 __u8 usb488_device_capabilities;
68 };
69
70 /* This structure holds private data for each USBTMC device. One copy is
71 * allocated for each USBTMC device in the driver's probe function.
72 */
73 struct usbtmc_device_data {
74 const struct usb_device_id *id;
75 struct usb_device *usb_dev;
76 struct usb_interface *intf;
77 struct list_head file_list;
78
79 unsigned int bulk_in;
80 unsigned int bulk_out;
81
82 u8 bTag;
83 u8 bTag_last_write; /* needed for abort */
84 u8 bTag_last_read; /* needed for abort */
85
86 /* packet size of IN bulk */
87 u16 wMaxPacketSize;
88
89 /* data for interrupt in endpoint handling */
90 u8 bNotify1;
91 u8 bNotify2;
92 u16 ifnum;
93 u8 iin_bTag;
94 u8 *iin_buffer;
95 atomic_t iin_data_valid;
96 unsigned int iin_ep;
97 int iin_ep_present;
98 int iin_interval;
99 struct urb *iin_urb;
100 u16 iin_wMaxPacketSize;
101
102 /* coalesced usb488_caps from usbtmc_dev_capabilities */
103 __u8 usb488_caps;
104
105 bool zombie; /* fd of disconnected device */
106
107 struct usbtmc_dev_capabilities capabilities;
108 struct kref kref;
109 struct mutex io_mutex; /* only one i/o function running at a time */
110 wait_queue_head_t waitq;
111 struct fasync_struct *fasync;
112 spinlock_t dev_lock; /* lock for file_list */
113 };
114 #define to_usbtmc_data(d) container_of(d, struct usbtmc_device_data, kref)
115
116 /*
117 * This structure holds private data for each USBTMC file handle.
118 */
119 struct usbtmc_file_data {
120 struct usbtmc_device_data *data;
121 struct list_head file_elem;
122
123 u32 timeout;
124 u8 srq_byte;
125 atomic_t srq_asserted;
126 atomic_t closing;
127 u8 bmTransferAttributes; /* member of DEV_DEP_MSG_IN */
128
129 u8 eom_val;
130 u8 term_char;
131 bool term_char_enabled;
132 bool auto_abort;
133
134 spinlock_t err_lock; /* lock for errors */
135
136 struct usb_anchor submitted;
137
138 /* data for generic_write */
139 struct semaphore limit_write_sem;
140 u32 out_transfer_size;
141 int out_status;
142
143 /* data for generic_read */
144 u32 in_transfer_size;
145 int in_status;
146 int in_urbs_used;
147 struct usb_anchor in_anchor;
148 wait_queue_head_t wait_bulk_in;
149 };
150
151 /* Forward declarations */
152 static struct usb_driver usbtmc_driver;
153 static void usbtmc_draw_down(struct usbtmc_file_data *file_data);
154
usbtmc_delete(struct kref * kref)155 static void usbtmc_delete(struct kref *kref)
156 {
157 struct usbtmc_device_data *data = to_usbtmc_data(kref);
158
159 usb_put_dev(data->usb_dev);
160 kfree(data);
161 }
162
usbtmc_open(struct inode * inode,struct file * filp)163 static int usbtmc_open(struct inode *inode, struct file *filp)
164 {
165 struct usb_interface *intf;
166 struct usbtmc_device_data *data;
167 struct usbtmc_file_data *file_data;
168
169 intf = usb_find_interface(&usbtmc_driver, iminor(inode));
170 if (!intf) {
171 pr_err("can not find device for minor %d", iminor(inode));
172 return -ENODEV;
173 }
174
175 file_data = kzalloc(sizeof(*file_data), GFP_KERNEL);
176 if (!file_data)
177 return -ENOMEM;
178
179 spin_lock_init(&file_data->err_lock);
180 sema_init(&file_data->limit_write_sem, MAX_URBS_IN_FLIGHT);
181 init_usb_anchor(&file_data->submitted);
182 init_usb_anchor(&file_data->in_anchor);
183 init_waitqueue_head(&file_data->wait_bulk_in);
184
185 data = usb_get_intfdata(intf);
186 /* Protect reference to data from file structure until release */
187 kref_get(&data->kref);
188
189 mutex_lock(&data->io_mutex);
190 file_data->data = data;
191
192 atomic_set(&file_data->closing, 0);
193
194 file_data->timeout = USBTMC_TIMEOUT;
195 file_data->term_char = '\n';
196 file_data->term_char_enabled = 0;
197 file_data->auto_abort = 0;
198 file_data->eom_val = 1;
199
200 INIT_LIST_HEAD(&file_data->file_elem);
201 spin_lock_irq(&data->dev_lock);
202 list_add_tail(&file_data->file_elem, &data->file_list);
203 spin_unlock_irq(&data->dev_lock);
204 mutex_unlock(&data->io_mutex);
205
206 /* Store pointer in file structure's private data field */
207 filp->private_data = file_data;
208
209 return 0;
210 }
211
212 /*
213 * usbtmc_flush - called before file handle is closed
214 */
usbtmc_flush(struct file * file,fl_owner_t id)215 static int usbtmc_flush(struct file *file, fl_owner_t id)
216 {
217 struct usbtmc_file_data *file_data;
218 struct usbtmc_device_data *data;
219
220 file_data = file->private_data;
221 if (file_data == NULL)
222 return -ENODEV;
223
224 atomic_set(&file_data->closing, 1);
225 data = file_data->data;
226
227 /* wait for io to stop */
228 mutex_lock(&data->io_mutex);
229
230 usbtmc_draw_down(file_data);
231
232 spin_lock_irq(&file_data->err_lock);
233 file_data->in_status = 0;
234 file_data->in_transfer_size = 0;
235 file_data->in_urbs_used = 0;
236 file_data->out_status = 0;
237 file_data->out_transfer_size = 0;
238 spin_unlock_irq(&file_data->err_lock);
239
240 wake_up_interruptible_all(&data->waitq);
241 mutex_unlock(&data->io_mutex);
242
243 return 0;
244 }
245
usbtmc_release(struct inode * inode,struct file * file)246 static int usbtmc_release(struct inode *inode, struct file *file)
247 {
248 struct usbtmc_file_data *file_data = file->private_data;
249
250 /* prevent IO _AND_ usbtmc_interrupt */
251 mutex_lock(&file_data->data->io_mutex);
252 spin_lock_irq(&file_data->data->dev_lock);
253
254 list_del(&file_data->file_elem);
255
256 spin_unlock_irq(&file_data->data->dev_lock);
257 mutex_unlock(&file_data->data->io_mutex);
258
259 kref_put(&file_data->data->kref, usbtmc_delete);
260 file_data->data = NULL;
261 kfree(file_data);
262 return 0;
263 }
264
usbtmc_ioctl_abort_bulk_in_tag(struct usbtmc_device_data * data,u8 tag)265 static int usbtmc_ioctl_abort_bulk_in_tag(struct usbtmc_device_data *data,
266 u8 tag)
267 {
268 u8 *buffer;
269 struct device *dev;
270 int rv;
271 int n;
272 int actual;
273
274 dev = &data->intf->dev;
275 buffer = kmalloc(USBTMC_BUFSIZE, GFP_KERNEL);
276 if (!buffer)
277 return -ENOMEM;
278
279 rv = usb_control_msg(data->usb_dev,
280 usb_rcvctrlpipe(data->usb_dev, 0),
281 USBTMC_REQUEST_INITIATE_ABORT_BULK_IN,
282 USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_ENDPOINT,
283 tag, data->bulk_in,
284 buffer, 2, USB_CTRL_GET_TIMEOUT);
285
286 if (rv < 0) {
287 dev_err(dev, "usb_control_msg returned %d\n", rv);
288 goto exit;
289 }
290
291 dev_dbg(dev, "INITIATE_ABORT_BULK_IN returned %x with tag %02x\n",
292 buffer[0], buffer[1]);
293
294 if (buffer[0] == USBTMC_STATUS_FAILED) {
295 /* No transfer in progress and the Bulk-OUT FIFO is empty. */
296 rv = 0;
297 goto exit;
298 }
299
300 if (buffer[0] == USBTMC_STATUS_TRANSFER_NOT_IN_PROGRESS) {
301 /* The device returns this status if either:
302 * - There is a transfer in progress, but the specified bTag
303 * does not match.
304 * - There is no transfer in progress, but the Bulk-OUT FIFO
305 * is not empty.
306 */
307 rv = -ENOMSG;
308 goto exit;
309 }
310
311 if (buffer[0] != USBTMC_STATUS_SUCCESS) {
312 dev_err(dev, "INITIATE_ABORT_BULK_IN returned %x\n",
313 buffer[0]);
314 rv = -EPERM;
315 goto exit;
316 }
317
318 n = 0;
319
320 usbtmc_abort_bulk_in_status:
321 dev_dbg(dev, "Reading from bulk in EP\n");
322
323 /* Data must be present. So use low timeout 300 ms */
324 actual = 0;
325 rv = usb_bulk_msg(data->usb_dev,
326 usb_rcvbulkpipe(data->usb_dev,
327 data->bulk_in),
328 buffer, USBTMC_BUFSIZE,
329 &actual, 300);
330
331 print_hex_dump_debug("usbtmc ", DUMP_PREFIX_NONE, 16, 1,
332 buffer, actual, true);
333
334 n++;
335
336 if (rv < 0) {
337 dev_err(dev, "usb_bulk_msg returned %d\n", rv);
338 if (rv != -ETIMEDOUT)
339 goto exit;
340 }
341
342 if (actual == USBTMC_BUFSIZE)
343 goto usbtmc_abort_bulk_in_status;
344
345 if (n >= USBTMC_MAX_READS_TO_CLEAR_BULK_IN) {
346 dev_err(dev, "Couldn't clear device buffer within %d cycles\n",
347 USBTMC_MAX_READS_TO_CLEAR_BULK_IN);
348 rv = -EPERM;
349 goto exit;
350 }
351
352 rv = usb_control_msg(data->usb_dev,
353 usb_rcvctrlpipe(data->usb_dev, 0),
354 USBTMC_REQUEST_CHECK_ABORT_BULK_IN_STATUS,
355 USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_ENDPOINT,
356 0, data->bulk_in, buffer, 0x08,
357 USB_CTRL_GET_TIMEOUT);
358
359 if (rv < 0) {
360 dev_err(dev, "usb_control_msg returned %d\n", rv);
361 goto exit;
362 }
363
364 dev_dbg(dev, "CHECK_ABORT_BULK_IN returned %x\n", buffer[0]);
365
366 if (buffer[0] == USBTMC_STATUS_SUCCESS) {
367 rv = 0;
368 goto exit;
369 }
370
371 if (buffer[0] != USBTMC_STATUS_PENDING) {
372 dev_err(dev, "CHECK_ABORT_BULK_IN returned %x\n", buffer[0]);
373 rv = -EPERM;
374 goto exit;
375 }
376
377 if ((buffer[1] & 1) > 0) {
378 /* The device has 1 or more queued packets the Host can read */
379 goto usbtmc_abort_bulk_in_status;
380 }
381
382 /* The Host must send CHECK_ABORT_BULK_IN_STATUS at a later time. */
383 rv = -EAGAIN;
384 exit:
385 kfree(buffer);
386 return rv;
387 }
388
usbtmc_ioctl_abort_bulk_in(struct usbtmc_device_data * data)389 static int usbtmc_ioctl_abort_bulk_in(struct usbtmc_device_data *data)
390 {
391 return usbtmc_ioctl_abort_bulk_in_tag(data, data->bTag_last_read);
392 }
393
usbtmc_ioctl_abort_bulk_out_tag(struct usbtmc_device_data * data,u8 tag)394 static int usbtmc_ioctl_abort_bulk_out_tag(struct usbtmc_device_data *data,
395 u8 tag)
396 {
397 struct device *dev;
398 u8 *buffer;
399 int rv;
400 int n;
401
402 dev = &data->intf->dev;
403
404 buffer = kmalloc(8, GFP_KERNEL);
405 if (!buffer)
406 return -ENOMEM;
407
408 rv = usb_control_msg(data->usb_dev,
409 usb_rcvctrlpipe(data->usb_dev, 0),
410 USBTMC_REQUEST_INITIATE_ABORT_BULK_OUT,
411 USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_ENDPOINT,
412 tag, data->bulk_out,
413 buffer, 2, USB_CTRL_GET_TIMEOUT);
414
415 if (rv < 0) {
416 dev_err(dev, "usb_control_msg returned %d\n", rv);
417 goto exit;
418 }
419
420 dev_dbg(dev, "INITIATE_ABORT_BULK_OUT returned %x\n", buffer[0]);
421
422 if (buffer[0] != USBTMC_STATUS_SUCCESS) {
423 dev_err(dev, "INITIATE_ABORT_BULK_OUT returned %x\n",
424 buffer[0]);
425 rv = -EPERM;
426 goto exit;
427 }
428
429 n = 0;
430
431 usbtmc_abort_bulk_out_check_status:
432 /* do not stress device with subsequent requests */
433 msleep(50);
434 rv = usb_control_msg(data->usb_dev,
435 usb_rcvctrlpipe(data->usb_dev, 0),
436 USBTMC_REQUEST_CHECK_ABORT_BULK_OUT_STATUS,
437 USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_ENDPOINT,
438 0, data->bulk_out, buffer, 0x08,
439 USB_CTRL_GET_TIMEOUT);
440 n++;
441 if (rv < 0) {
442 dev_err(dev, "usb_control_msg returned %d\n", rv);
443 goto exit;
444 }
445
446 dev_dbg(dev, "CHECK_ABORT_BULK_OUT returned %x\n", buffer[0]);
447
448 if (buffer[0] == USBTMC_STATUS_SUCCESS)
449 goto usbtmc_abort_bulk_out_clear_halt;
450
451 if ((buffer[0] == USBTMC_STATUS_PENDING) &&
452 (n < USBTMC_MAX_READS_TO_CLEAR_BULK_IN))
453 goto usbtmc_abort_bulk_out_check_status;
454
455 rv = -EPERM;
456 goto exit;
457
458 usbtmc_abort_bulk_out_clear_halt:
459 rv = usb_clear_halt(data->usb_dev,
460 usb_sndbulkpipe(data->usb_dev, data->bulk_out));
461
462 if (rv < 0) {
463 dev_err(dev, "usb_control_msg returned %d\n", rv);
464 goto exit;
465 }
466 rv = 0;
467
468 exit:
469 kfree(buffer);
470 return rv;
471 }
472
usbtmc_ioctl_abort_bulk_out(struct usbtmc_device_data * data)473 static int usbtmc_ioctl_abort_bulk_out(struct usbtmc_device_data *data)
474 {
475 return usbtmc_ioctl_abort_bulk_out_tag(data, data->bTag_last_write);
476 }
477
usbtmc_get_stb(struct usbtmc_file_data * file_data,__u8 * stb)478 static int usbtmc_get_stb(struct usbtmc_file_data *file_data, __u8 *stb)
479 {
480 struct usbtmc_device_data *data = file_data->data;
481 struct device *dev = &data->intf->dev;
482 u8 *buffer;
483 u8 tag;
484 int rv;
485 long wait_rv;
486
487 dev_dbg(dev, "Enter ioctl_read_stb iin_ep_present: %d\n",
488 data->iin_ep_present);
489
490 buffer = kmalloc(8, GFP_KERNEL);
491 if (!buffer)
492 return -ENOMEM;
493
494 atomic_set(&data->iin_data_valid, 0);
495
496 rv = usb_control_msg(data->usb_dev,
497 usb_rcvctrlpipe(data->usb_dev, 0),
498 USBTMC488_REQUEST_READ_STATUS_BYTE,
499 USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_INTERFACE,
500 data->iin_bTag,
501 data->ifnum,
502 buffer, 0x03, USB_CTRL_GET_TIMEOUT);
503 if (rv < 0) {
504 dev_err(dev, "stb usb_control_msg returned %d\n", rv);
505 goto exit;
506 }
507
508 if (buffer[0] != USBTMC_STATUS_SUCCESS) {
509 dev_err(dev, "control status returned %x\n", buffer[0]);
510 rv = -EIO;
511 goto exit;
512 }
513
514 if (data->iin_ep_present) {
515 wait_rv = wait_event_interruptible_timeout(
516 data->waitq,
517 atomic_read(&data->iin_data_valid) != 0,
518 file_data->timeout);
519 if (wait_rv < 0) {
520 dev_dbg(dev, "wait interrupted %ld\n", wait_rv);
521 rv = wait_rv;
522 goto exit;
523 }
524
525 if (wait_rv == 0) {
526 dev_dbg(dev, "wait timed out\n");
527 rv = -ETIMEDOUT;
528 goto exit;
529 }
530
531 tag = data->bNotify1 & 0x7f;
532 if (tag != data->iin_bTag) {
533 dev_err(dev, "expected bTag %x got %x\n",
534 data->iin_bTag, tag);
535 }
536
537 *stb = data->bNotify2;
538 } else {
539 *stb = buffer[2];
540 }
541
542 dev_dbg(dev, "stb:0x%02x received %d\n", (unsigned int)*stb, rv);
543
544 rv = 0;
545
546 exit:
547 /* bump interrupt bTag */
548 data->iin_bTag += 1;
549 if (data->iin_bTag > 127)
550 /* 1 is for SRQ see USBTMC-USB488 subclass spec section 4.3.1 */
551 data->iin_bTag = 2;
552
553 kfree(buffer);
554 return rv;
555 }
556
usbtmc488_ioctl_read_stb(struct usbtmc_file_data * file_data,void __user * arg)557 static int usbtmc488_ioctl_read_stb(struct usbtmc_file_data *file_data,
558 void __user *arg)
559 {
560 int srq_asserted = 0;
561 __u8 stb;
562 int rv;
563
564 rv = usbtmc_get_stb(file_data, &stb);
565
566 if (rv > 0) {
567 srq_asserted = atomic_xchg(&file_data->srq_asserted,
568 srq_asserted);
569 if (srq_asserted)
570 stb |= 0x40; /* Set RQS bit */
571
572 rv = put_user(stb, (__u8 __user *)arg);
573 }
574 return rv;
575
576 }
577
usbtmc_ioctl_get_srq_stb(struct usbtmc_file_data * file_data,void __user * arg)578 static int usbtmc_ioctl_get_srq_stb(struct usbtmc_file_data *file_data,
579 void __user *arg)
580 {
581 struct usbtmc_device_data *data = file_data->data;
582 struct device *dev = &data->intf->dev;
583 int srq_asserted = 0;
584 __u8 stb = 0;
585 int rv;
586
587 spin_lock_irq(&data->dev_lock);
588 srq_asserted = atomic_xchg(&file_data->srq_asserted, srq_asserted);
589
590 if (srq_asserted) {
591 stb = file_data->srq_byte;
592 spin_unlock_irq(&data->dev_lock);
593 rv = put_user(stb, (__u8 __user *)arg);
594 } else {
595 spin_unlock_irq(&data->dev_lock);
596 rv = -ENOMSG;
597 }
598
599 dev_dbg(dev, "stb:0x%02x with srq received %d\n", (unsigned int)stb, rv);
600
601 return rv;
602 }
603
usbtmc488_ioctl_wait_srq(struct usbtmc_file_data * file_data,__u32 __user * arg)604 static int usbtmc488_ioctl_wait_srq(struct usbtmc_file_data *file_data,
605 __u32 __user *arg)
606 {
607 struct usbtmc_device_data *data = file_data->data;
608 struct device *dev = &data->intf->dev;
609 u32 timeout;
610 unsigned long expire;
611 long wait_rv;
612
613 if (!data->iin_ep_present) {
614 dev_dbg(dev, "no interrupt endpoint present\n");
615 return -EFAULT;
616 }
617
618 if (get_user(timeout, arg))
619 return -EFAULT;
620
621 expire = msecs_to_jiffies(timeout);
622
623 mutex_unlock(&data->io_mutex);
624
625 wait_rv = wait_event_interruptible_timeout(
626 data->waitq,
627 atomic_read(&file_data->srq_asserted) != 0 ||
628 atomic_read(&file_data->closing),
629 expire);
630
631 mutex_lock(&data->io_mutex);
632
633 /* Note! disconnect or close could be called in the meantime */
634 if (atomic_read(&file_data->closing) || data->zombie)
635 return -ENODEV;
636
637 if (wait_rv < 0) {
638 dev_dbg(dev, "%s - wait interrupted %ld\n", __func__, wait_rv);
639 return wait_rv;
640 }
641
642 if (wait_rv == 0) {
643 dev_dbg(dev, "%s - wait timed out\n", __func__);
644 return -ETIMEDOUT;
645 }
646
647 dev_dbg(dev, "%s - srq asserted\n", __func__);
648 return 0;
649 }
650
usbtmc488_ioctl_simple(struct usbtmc_device_data * data,void __user * arg,unsigned int cmd)651 static int usbtmc488_ioctl_simple(struct usbtmc_device_data *data,
652 void __user *arg, unsigned int cmd)
653 {
654 struct device *dev = &data->intf->dev;
655 __u8 val;
656 u8 *buffer;
657 u16 wValue;
658 int rv;
659
660 if (!(data->usb488_caps & USBTMC488_CAPABILITY_SIMPLE))
661 return -EINVAL;
662
663 buffer = kmalloc(8, GFP_KERNEL);
664 if (!buffer)
665 return -ENOMEM;
666
667 if (cmd == USBTMC488_REQUEST_REN_CONTROL) {
668 rv = copy_from_user(&val, arg, sizeof(val));
669 if (rv) {
670 rv = -EFAULT;
671 goto exit;
672 }
673 wValue = val ? 1 : 0;
674 } else {
675 wValue = 0;
676 }
677
678 rv = usb_control_msg(data->usb_dev,
679 usb_rcvctrlpipe(data->usb_dev, 0),
680 cmd,
681 USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_INTERFACE,
682 wValue,
683 data->ifnum,
684 buffer, 0x01, USB_CTRL_GET_TIMEOUT);
685 if (rv < 0) {
686 dev_err(dev, "simple usb_control_msg failed %d\n", rv);
687 goto exit;
688 } else if (rv != 1) {
689 dev_warn(dev, "simple usb_control_msg returned %d\n", rv);
690 rv = -EIO;
691 goto exit;
692 }
693
694 if (buffer[0] != USBTMC_STATUS_SUCCESS) {
695 dev_err(dev, "simple control status returned %x\n", buffer[0]);
696 rv = -EIO;
697 goto exit;
698 }
699 rv = 0;
700
701 exit:
702 kfree(buffer);
703 return rv;
704 }
705
706 /*
707 * Sends a TRIGGER Bulk-OUT command message
708 * See the USBTMC-USB488 specification, Table 2.
709 *
710 * Also updates bTag_last_write.
711 */
usbtmc488_ioctl_trigger(struct usbtmc_file_data * file_data)712 static int usbtmc488_ioctl_trigger(struct usbtmc_file_data *file_data)
713 {
714 struct usbtmc_device_data *data = file_data->data;
715 int retval;
716 u8 *buffer;
717 int actual;
718
719 buffer = kzalloc(USBTMC_HEADER_SIZE, GFP_KERNEL);
720 if (!buffer)
721 return -ENOMEM;
722
723 buffer[0] = 128;
724 buffer[1] = data->bTag;
725 buffer[2] = ~data->bTag;
726
727 retval = usb_bulk_msg(data->usb_dev,
728 usb_sndbulkpipe(data->usb_dev,
729 data->bulk_out),
730 buffer, USBTMC_HEADER_SIZE,
731 &actual, file_data->timeout);
732
733 /* Store bTag (in case we need to abort) */
734 data->bTag_last_write = data->bTag;
735
736 /* Increment bTag -- and increment again if zero */
737 data->bTag++;
738 if (!data->bTag)
739 data->bTag++;
740
741 kfree(buffer);
742 if (retval < 0) {
743 dev_err(&data->intf->dev, "%s returned %d\n",
744 __func__, retval);
745 return retval;
746 }
747
748 return 0;
749 }
750
usbtmc_create_urb(void)751 static struct urb *usbtmc_create_urb(void)
752 {
753 const size_t bufsize = USBTMC_BUFSIZE;
754 u8 *dmabuf = NULL;
755 struct urb *urb = usb_alloc_urb(0, GFP_KERNEL);
756
757 if (!urb)
758 return NULL;
759
760 dmabuf = kzalloc(bufsize, GFP_KERNEL);
761 if (!dmabuf) {
762 usb_free_urb(urb);
763 return NULL;
764 }
765
766 urb->transfer_buffer = dmabuf;
767 urb->transfer_buffer_length = bufsize;
768 urb->transfer_flags |= URB_FREE_BUFFER;
769 return urb;
770 }
771
usbtmc_read_bulk_cb(struct urb * urb)772 static void usbtmc_read_bulk_cb(struct urb *urb)
773 {
774 struct usbtmc_file_data *file_data = urb->context;
775 int status = urb->status;
776 unsigned long flags;
777
778 /* sync/async unlink faults aren't errors */
779 if (status) {
780 if (!(/* status == -ENOENT || */
781 status == -ECONNRESET ||
782 status == -EREMOTEIO || /* Short packet */
783 status == -ESHUTDOWN))
784 dev_err(&file_data->data->intf->dev,
785 "%s - nonzero read bulk status received: %d\n",
786 __func__, status);
787
788 spin_lock_irqsave(&file_data->err_lock, flags);
789 if (!file_data->in_status)
790 file_data->in_status = status;
791 spin_unlock_irqrestore(&file_data->err_lock, flags);
792 }
793
794 spin_lock_irqsave(&file_data->err_lock, flags);
795 file_data->in_transfer_size += urb->actual_length;
796 dev_dbg(&file_data->data->intf->dev,
797 "%s - total size: %u current: %d status: %d\n",
798 __func__, file_data->in_transfer_size,
799 urb->actual_length, status);
800 spin_unlock_irqrestore(&file_data->err_lock, flags);
801 usb_anchor_urb(urb, &file_data->in_anchor);
802
803 wake_up_interruptible(&file_data->wait_bulk_in);
804 wake_up_interruptible(&file_data->data->waitq);
805 }
806
usbtmc_do_transfer(struct usbtmc_file_data * file_data)807 static inline bool usbtmc_do_transfer(struct usbtmc_file_data *file_data)
808 {
809 bool data_or_error;
810
811 spin_lock_irq(&file_data->err_lock);
812 data_or_error = !usb_anchor_empty(&file_data->in_anchor)
813 || file_data->in_status;
814 spin_unlock_irq(&file_data->err_lock);
815 dev_dbg(&file_data->data->intf->dev, "%s: returns %d\n", __func__,
816 data_or_error);
817 return data_or_error;
818 }
819
usbtmc_generic_read(struct usbtmc_file_data * file_data,void __user * user_buffer,u32 transfer_size,u32 * transferred,u32 flags)820 static ssize_t usbtmc_generic_read(struct usbtmc_file_data *file_data,
821 void __user *user_buffer,
822 u32 transfer_size,
823 u32 *transferred,
824 u32 flags)
825 {
826 struct usbtmc_device_data *data = file_data->data;
827 struct device *dev = &data->intf->dev;
828 u32 done = 0;
829 u32 remaining;
830 const u32 bufsize = USBTMC_BUFSIZE;
831 int retval = 0;
832 u32 max_transfer_size;
833 unsigned long expire;
834 int bufcount = 1;
835 int again = 0;
836 long wait_rv;
837
838 /* mutex already locked */
839
840 *transferred = done;
841
842 max_transfer_size = transfer_size;
843
844 if (flags & USBTMC_FLAG_IGNORE_TRAILER) {
845 /* The device may send extra alignment bytes (up to
846 * wMaxPacketSize – 1) to avoid sending a zero-length
847 * packet
848 */
849 remaining = transfer_size;
850 if ((max_transfer_size % data->wMaxPacketSize) == 0)
851 max_transfer_size += (data->wMaxPacketSize - 1);
852 } else {
853 /* round down to bufsize to avoid truncated data left */
854 if (max_transfer_size > bufsize) {
855 max_transfer_size =
856 roundup(max_transfer_size + 1 - bufsize,
857 bufsize);
858 }
859 remaining = max_transfer_size;
860 }
861
862 spin_lock_irq(&file_data->err_lock);
863
864 if (file_data->in_status) {
865 /* return the very first error */
866 retval = file_data->in_status;
867 spin_unlock_irq(&file_data->err_lock);
868 goto error;
869 }
870
871 if (flags & USBTMC_FLAG_ASYNC) {
872 if (usb_anchor_empty(&file_data->in_anchor))
873 again = 1;
874
875 if (file_data->in_urbs_used == 0) {
876 file_data->in_transfer_size = 0;
877 file_data->in_status = 0;
878 }
879 } else {
880 file_data->in_transfer_size = 0;
881 file_data->in_status = 0;
882 }
883
884 if (max_transfer_size == 0) {
885 bufcount = 0;
886 } else {
887 bufcount = roundup(max_transfer_size, bufsize) / bufsize;
888 if (bufcount > file_data->in_urbs_used)
889 bufcount -= file_data->in_urbs_used;
890 else
891 bufcount = 0;
892
893 if (bufcount + file_data->in_urbs_used > MAX_URBS_IN_FLIGHT) {
894 bufcount = MAX_URBS_IN_FLIGHT -
895 file_data->in_urbs_used;
896 }
897 }
898 spin_unlock_irq(&file_data->err_lock);
899
900 dev_dbg(dev, "%s: requested=%u flags=0x%X size=%u bufs=%d used=%d\n",
901 __func__, transfer_size, flags,
902 max_transfer_size, bufcount, file_data->in_urbs_used);
903
904 while (bufcount > 0) {
905 u8 *dmabuf = NULL;
906 struct urb *urb = usbtmc_create_urb();
907
908 if (!urb) {
909 retval = -ENOMEM;
910 goto error;
911 }
912
913 dmabuf = urb->transfer_buffer;
914
915 usb_fill_bulk_urb(urb, data->usb_dev,
916 usb_rcvbulkpipe(data->usb_dev, data->bulk_in),
917 dmabuf, bufsize,
918 usbtmc_read_bulk_cb, file_data);
919
920 usb_anchor_urb(urb, &file_data->submitted);
921 retval = usb_submit_urb(urb, GFP_KERNEL);
922 /* urb is anchored. We can release our reference. */
923 usb_free_urb(urb);
924 if (unlikely(retval)) {
925 usb_unanchor_urb(urb);
926 goto error;
927 }
928 file_data->in_urbs_used++;
929 bufcount--;
930 }
931
932 if (again) {
933 dev_dbg(dev, "%s: ret=again\n", __func__);
934 return -EAGAIN;
935 }
936
937 if (user_buffer == NULL)
938 return -EINVAL;
939
940 expire = msecs_to_jiffies(file_data->timeout);
941
942 while (max_transfer_size > 0) {
943 u32 this_part;
944 struct urb *urb = NULL;
945
946 if (!(flags & USBTMC_FLAG_ASYNC)) {
947 dev_dbg(dev, "%s: before wait time %lu\n",
948 __func__, expire);
949 wait_rv = wait_event_interruptible_timeout(
950 file_data->wait_bulk_in,
951 usbtmc_do_transfer(file_data),
952 expire);
953
954 dev_dbg(dev, "%s: wait returned %ld\n",
955 __func__, wait_rv);
956
957 if (wait_rv < 0) {
958 retval = wait_rv;
959 goto error;
960 }
961
962 if (wait_rv == 0) {
963 retval = -ETIMEDOUT;
964 goto error;
965 }
966
967 }
968
969 urb = usb_get_from_anchor(&file_data->in_anchor);
970 if (!urb) {
971 if (!(flags & USBTMC_FLAG_ASYNC)) {
972 /* synchronous case: must not happen */
973 retval = -EFAULT;
974 goto error;
975 }
976
977 /* asynchronous case: ready, do not block or wait */
978 *transferred = done;
979 dev_dbg(dev, "%s: (async) done=%u ret=0\n",
980 __func__, done);
981 return 0;
982 }
983
984 file_data->in_urbs_used--;
985
986 if (max_transfer_size > urb->actual_length)
987 max_transfer_size -= urb->actual_length;
988 else
989 max_transfer_size = 0;
990
991 if (remaining > urb->actual_length)
992 this_part = urb->actual_length;
993 else
994 this_part = remaining;
995
996 print_hex_dump_debug("usbtmc ", DUMP_PREFIX_NONE, 16, 1,
997 urb->transfer_buffer, urb->actual_length, true);
998
999 if (copy_to_user(user_buffer + done,
1000 urb->transfer_buffer, this_part)) {
1001 usb_free_urb(urb);
1002 retval = -EFAULT;
1003 goto error;
1004 }
1005
1006 remaining -= this_part;
1007 done += this_part;
1008
1009 spin_lock_irq(&file_data->err_lock);
1010 if (urb->status) {
1011 /* return the very first error */
1012 retval = file_data->in_status;
1013 spin_unlock_irq(&file_data->err_lock);
1014 usb_free_urb(urb);
1015 goto error;
1016 }
1017 spin_unlock_irq(&file_data->err_lock);
1018
1019 if (urb->actual_length < bufsize) {
1020 /* short packet or ZLP received => ready */
1021 usb_free_urb(urb);
1022 retval = 1;
1023 break;
1024 }
1025
1026 if (!(flags & USBTMC_FLAG_ASYNC) &&
1027 max_transfer_size > (bufsize * file_data->in_urbs_used)) {
1028 /* resubmit, since other buffers still not enough */
1029 usb_anchor_urb(urb, &file_data->submitted);
1030 retval = usb_submit_urb(urb, GFP_KERNEL);
1031 if (unlikely(retval)) {
1032 usb_unanchor_urb(urb);
1033 usb_free_urb(urb);
1034 goto error;
1035 }
1036 file_data->in_urbs_used++;
1037 }
1038 usb_free_urb(urb);
1039 retval = 0;
1040 }
1041
1042 error:
1043 *transferred = done;
1044
1045 dev_dbg(dev, "%s: before kill\n", __func__);
1046 /* Attention: killing urbs can take long time (2 ms) */
1047 usb_kill_anchored_urbs(&file_data->submitted);
1048 dev_dbg(dev, "%s: after kill\n", __func__);
1049 usb_scuttle_anchored_urbs(&file_data->in_anchor);
1050 file_data->in_urbs_used = 0;
1051 file_data->in_status = 0; /* no spinlock needed here */
1052 dev_dbg(dev, "%s: done=%u ret=%d\n", __func__, done, retval);
1053
1054 return retval;
1055 }
1056
usbtmc_ioctl_generic_read(struct usbtmc_file_data * file_data,void __user * arg)1057 static ssize_t usbtmc_ioctl_generic_read(struct usbtmc_file_data *file_data,
1058 void __user *arg)
1059 {
1060 struct usbtmc_message msg;
1061 ssize_t retval = 0;
1062
1063 /* mutex already locked */
1064
1065 if (copy_from_user(&msg, arg, sizeof(struct usbtmc_message)))
1066 return -EFAULT;
1067
1068 retval = usbtmc_generic_read(file_data, msg.message,
1069 msg.transfer_size, &msg.transferred,
1070 msg.flags);
1071
1072 if (put_user(msg.transferred,
1073 &((struct usbtmc_message __user *)arg)->transferred))
1074 return -EFAULT;
1075
1076 return retval;
1077 }
1078
usbtmc_write_bulk_cb(struct urb * urb)1079 static void usbtmc_write_bulk_cb(struct urb *urb)
1080 {
1081 struct usbtmc_file_data *file_data = urb->context;
1082 int wakeup = 0;
1083 unsigned long flags;
1084
1085 spin_lock_irqsave(&file_data->err_lock, flags);
1086 file_data->out_transfer_size += urb->actual_length;
1087
1088 /* sync/async unlink faults aren't errors */
1089 if (urb->status) {
1090 if (!(urb->status == -ENOENT ||
1091 urb->status == -ECONNRESET ||
1092 urb->status == -ESHUTDOWN))
1093 dev_err(&file_data->data->intf->dev,
1094 "%s - nonzero write bulk status received: %d\n",
1095 __func__, urb->status);
1096
1097 if (!file_data->out_status) {
1098 file_data->out_status = urb->status;
1099 wakeup = 1;
1100 }
1101 }
1102 spin_unlock_irqrestore(&file_data->err_lock, flags);
1103
1104 dev_dbg(&file_data->data->intf->dev,
1105 "%s - write bulk total size: %u\n",
1106 __func__, file_data->out_transfer_size);
1107
1108 up(&file_data->limit_write_sem);
1109 if (usb_anchor_empty(&file_data->submitted) || wakeup)
1110 wake_up_interruptible(&file_data->data->waitq);
1111 }
1112
usbtmc_generic_write(struct usbtmc_file_data * file_data,const void __user * user_buffer,u32 transfer_size,u32 * transferred,u32 flags)1113 static ssize_t usbtmc_generic_write(struct usbtmc_file_data *file_data,
1114 const void __user *user_buffer,
1115 u32 transfer_size,
1116 u32 *transferred,
1117 u32 flags)
1118 {
1119 struct usbtmc_device_data *data = file_data->data;
1120 struct device *dev;
1121 u32 done = 0;
1122 u32 remaining;
1123 unsigned long expire;
1124 const u32 bufsize = USBTMC_BUFSIZE;
1125 struct urb *urb = NULL;
1126 int retval = 0;
1127 u32 timeout;
1128
1129 *transferred = 0;
1130
1131 /* Get pointer to private data structure */
1132 dev = &data->intf->dev;
1133
1134 dev_dbg(dev, "%s: size=%u flags=0x%X sema=%u\n",
1135 __func__, transfer_size, flags,
1136 file_data->limit_write_sem.count);
1137
1138 if (flags & USBTMC_FLAG_APPEND) {
1139 spin_lock_irq(&file_data->err_lock);
1140 retval = file_data->out_status;
1141 spin_unlock_irq(&file_data->err_lock);
1142 if (retval < 0)
1143 return retval;
1144 } else {
1145 spin_lock_irq(&file_data->err_lock);
1146 file_data->out_transfer_size = 0;
1147 file_data->out_status = 0;
1148 spin_unlock_irq(&file_data->err_lock);
1149 }
1150
1151 remaining = transfer_size;
1152 if (remaining > INT_MAX)
1153 remaining = INT_MAX;
1154
1155 timeout = file_data->timeout;
1156 expire = msecs_to_jiffies(timeout);
1157
1158 while (remaining > 0) {
1159 u32 this_part, aligned;
1160 u8 *buffer = NULL;
1161
1162 if (flags & USBTMC_FLAG_ASYNC) {
1163 if (down_trylock(&file_data->limit_write_sem)) {
1164 retval = (done)?(0):(-EAGAIN);
1165 goto exit;
1166 }
1167 } else {
1168 retval = down_timeout(&file_data->limit_write_sem,
1169 expire);
1170 if (retval < 0) {
1171 retval = -ETIMEDOUT;
1172 goto error;
1173 }
1174 }
1175
1176 spin_lock_irq(&file_data->err_lock);
1177 retval = file_data->out_status;
1178 spin_unlock_irq(&file_data->err_lock);
1179 if (retval < 0) {
1180 up(&file_data->limit_write_sem);
1181 goto error;
1182 }
1183
1184 /* prepare next urb to send */
1185 urb = usbtmc_create_urb();
1186 if (!urb) {
1187 retval = -ENOMEM;
1188 up(&file_data->limit_write_sem);
1189 goto error;
1190 }
1191 buffer = urb->transfer_buffer;
1192
1193 if (remaining > bufsize)
1194 this_part = bufsize;
1195 else
1196 this_part = remaining;
1197
1198 if (copy_from_user(buffer, user_buffer + done, this_part)) {
1199 retval = -EFAULT;
1200 up(&file_data->limit_write_sem);
1201 goto error;
1202 }
1203
1204 print_hex_dump_debug("usbtmc ", DUMP_PREFIX_NONE,
1205 16, 1, buffer, this_part, true);
1206
1207 /* fill bulk with 32 bit alignment to meet USBTMC specification
1208 * (size + 3 & ~3) rounds up and simplifies user code
1209 */
1210 aligned = (this_part + 3) & ~3;
1211 dev_dbg(dev, "write(size:%u align:%u done:%u)\n",
1212 (unsigned int)this_part,
1213 (unsigned int)aligned,
1214 (unsigned int)done);
1215
1216 usb_fill_bulk_urb(urb, data->usb_dev,
1217 usb_sndbulkpipe(data->usb_dev, data->bulk_out),
1218 urb->transfer_buffer, aligned,
1219 usbtmc_write_bulk_cb, file_data);
1220
1221 usb_anchor_urb(urb, &file_data->submitted);
1222 retval = usb_submit_urb(urb, GFP_KERNEL);
1223 if (unlikely(retval)) {
1224 usb_unanchor_urb(urb);
1225 up(&file_data->limit_write_sem);
1226 goto error;
1227 }
1228
1229 usb_free_urb(urb);
1230 urb = NULL; /* urb will be finally released by usb driver */
1231
1232 remaining -= this_part;
1233 done += this_part;
1234 }
1235
1236 /* All urbs are on the fly */
1237 if (!(flags & USBTMC_FLAG_ASYNC)) {
1238 if (!usb_wait_anchor_empty_timeout(&file_data->submitted,
1239 timeout)) {
1240 retval = -ETIMEDOUT;
1241 goto error;
1242 }
1243 }
1244
1245 retval = 0;
1246 goto exit;
1247
1248 error:
1249 usb_kill_anchored_urbs(&file_data->submitted);
1250 exit:
1251 usb_free_urb(urb);
1252
1253 spin_lock_irq(&file_data->err_lock);
1254 if (!(flags & USBTMC_FLAG_ASYNC))
1255 done = file_data->out_transfer_size;
1256 if (!retval && file_data->out_status)
1257 retval = file_data->out_status;
1258 spin_unlock_irq(&file_data->err_lock);
1259
1260 *transferred = done;
1261
1262 dev_dbg(dev, "%s: done=%u, retval=%d, urbstat=%d\n",
1263 __func__, done, retval, file_data->out_status);
1264
1265 return retval;
1266 }
1267
usbtmc_ioctl_generic_write(struct usbtmc_file_data * file_data,void __user * arg)1268 static ssize_t usbtmc_ioctl_generic_write(struct usbtmc_file_data *file_data,
1269 void __user *arg)
1270 {
1271 struct usbtmc_message msg;
1272 ssize_t retval = 0;
1273
1274 /* mutex already locked */
1275
1276 if (copy_from_user(&msg, arg, sizeof(struct usbtmc_message)))
1277 return -EFAULT;
1278
1279 retval = usbtmc_generic_write(file_data, msg.message,
1280 msg.transfer_size, &msg.transferred,
1281 msg.flags);
1282
1283 if (put_user(msg.transferred,
1284 &((struct usbtmc_message __user *)arg)->transferred))
1285 return -EFAULT;
1286
1287 return retval;
1288 }
1289
1290 /*
1291 * Get the generic write result
1292 */
usbtmc_ioctl_write_result(struct usbtmc_file_data * file_data,void __user * arg)1293 static ssize_t usbtmc_ioctl_write_result(struct usbtmc_file_data *file_data,
1294 void __user *arg)
1295 {
1296 u32 transferred;
1297 int retval;
1298
1299 spin_lock_irq(&file_data->err_lock);
1300 transferred = file_data->out_transfer_size;
1301 retval = file_data->out_status;
1302 spin_unlock_irq(&file_data->err_lock);
1303
1304 if (put_user(transferred, (__u32 __user *)arg))
1305 return -EFAULT;
1306
1307 return retval;
1308 }
1309
1310 /*
1311 * Sends a REQUEST_DEV_DEP_MSG_IN message on the Bulk-OUT endpoint.
1312 * @transfer_size: number of bytes to request from the device.
1313 *
1314 * See the USBTMC specification, Table 4.
1315 *
1316 * Also updates bTag_last_write.
1317 */
send_request_dev_dep_msg_in(struct usbtmc_file_data * file_data,u32 transfer_size)1318 static int send_request_dev_dep_msg_in(struct usbtmc_file_data *file_data,
1319 u32 transfer_size)
1320 {
1321 struct usbtmc_device_data *data = file_data->data;
1322 int retval;
1323 u8 *buffer;
1324 int actual;
1325
1326 buffer = kmalloc(USBTMC_HEADER_SIZE, GFP_KERNEL);
1327 if (!buffer)
1328 return -ENOMEM;
1329 /* Setup IO buffer for REQUEST_DEV_DEP_MSG_IN message
1330 * Refer to class specs for details
1331 */
1332 buffer[0] = 2;
1333 buffer[1] = data->bTag;
1334 buffer[2] = ~data->bTag;
1335 buffer[3] = 0; /* Reserved */
1336 buffer[4] = transfer_size >> 0;
1337 buffer[5] = transfer_size >> 8;
1338 buffer[6] = transfer_size >> 16;
1339 buffer[7] = transfer_size >> 24;
1340 buffer[8] = file_data->term_char_enabled * 2;
1341 /* Use term character? */
1342 buffer[9] = file_data->term_char;
1343 buffer[10] = 0; /* Reserved */
1344 buffer[11] = 0; /* Reserved */
1345
1346 /* Send bulk URB */
1347 retval = usb_bulk_msg(data->usb_dev,
1348 usb_sndbulkpipe(data->usb_dev,
1349 data->bulk_out),
1350 buffer, USBTMC_HEADER_SIZE,
1351 &actual, file_data->timeout);
1352
1353 /* Store bTag (in case we need to abort) */
1354 data->bTag_last_write = data->bTag;
1355
1356 /* Increment bTag -- and increment again if zero */
1357 data->bTag++;
1358 if (!data->bTag)
1359 data->bTag++;
1360
1361 kfree(buffer);
1362 if (retval < 0)
1363 dev_err(&data->intf->dev, "%s returned %d\n",
1364 __func__, retval);
1365
1366 return retval;
1367 }
1368
usbtmc_read(struct file * filp,char __user * buf,size_t count,loff_t * f_pos)1369 static ssize_t usbtmc_read(struct file *filp, char __user *buf,
1370 size_t count, loff_t *f_pos)
1371 {
1372 struct usbtmc_file_data *file_data;
1373 struct usbtmc_device_data *data;
1374 struct device *dev;
1375 const u32 bufsize = USBTMC_BUFSIZE;
1376 u32 n_characters;
1377 u8 *buffer;
1378 int actual;
1379 u32 done = 0;
1380 u32 remaining;
1381 int retval;
1382
1383 /* Get pointer to private data structure */
1384 file_data = filp->private_data;
1385 data = file_data->data;
1386 dev = &data->intf->dev;
1387
1388 buffer = kmalloc(bufsize, GFP_KERNEL);
1389 if (!buffer)
1390 return -ENOMEM;
1391
1392 retval = mutex_lock_interruptible(&data->io_mutex);
1393 if (retval < 0)
1394 goto exit_nolock;
1395
1396 if (data->zombie) {
1397 retval = -ENODEV;
1398 goto exit;
1399 }
1400
1401 if (count > INT_MAX)
1402 count = INT_MAX;
1403
1404 dev_dbg(dev, "%s(count:%zu)\n", __func__, count);
1405
1406 retval = send_request_dev_dep_msg_in(file_data, count);
1407
1408 if (retval < 0) {
1409 if (file_data->auto_abort)
1410 usbtmc_ioctl_abort_bulk_out(data);
1411 goto exit;
1412 }
1413
1414 /* Loop until we have fetched everything we requested */
1415 remaining = count;
1416 actual = 0;
1417
1418 /* Send bulk URB */
1419 retval = usb_bulk_msg(data->usb_dev,
1420 usb_rcvbulkpipe(data->usb_dev,
1421 data->bulk_in),
1422 buffer, bufsize, &actual,
1423 file_data->timeout);
1424
1425 dev_dbg(dev, "%s: bulk_msg retval(%u), actual(%d)\n",
1426 __func__, retval, actual);
1427
1428 /* Store bTag (in case we need to abort) */
1429 data->bTag_last_read = data->bTag;
1430
1431 if (retval < 0) {
1432 if (file_data->auto_abort)
1433 usbtmc_ioctl_abort_bulk_in(data);
1434 goto exit;
1435 }
1436
1437 /* Sanity checks for the header */
1438 if (actual < USBTMC_HEADER_SIZE) {
1439 dev_err(dev, "Device sent too small first packet: %u < %u\n",
1440 actual, USBTMC_HEADER_SIZE);
1441 if (file_data->auto_abort)
1442 usbtmc_ioctl_abort_bulk_in(data);
1443 goto exit;
1444 }
1445
1446 if (buffer[0] != 2) {
1447 dev_err(dev, "Device sent reply with wrong MsgID: %u != 2\n",
1448 buffer[0]);
1449 if (file_data->auto_abort)
1450 usbtmc_ioctl_abort_bulk_in(data);
1451 goto exit;
1452 }
1453
1454 if (buffer[1] != data->bTag_last_write) {
1455 dev_err(dev, "Device sent reply with wrong bTag: %u != %u\n",
1456 buffer[1], data->bTag_last_write);
1457 if (file_data->auto_abort)
1458 usbtmc_ioctl_abort_bulk_in(data);
1459 goto exit;
1460 }
1461
1462 /* How many characters did the instrument send? */
1463 n_characters = buffer[4] +
1464 (buffer[5] << 8) +
1465 (buffer[6] << 16) +
1466 (buffer[7] << 24);
1467
1468 file_data->bmTransferAttributes = buffer[8];
1469
1470 dev_dbg(dev, "Bulk-IN header: N_characters(%u), bTransAttr(%u)\n",
1471 n_characters, buffer[8]);
1472
1473 if (n_characters > remaining) {
1474 dev_err(dev, "Device wants to return more data than requested: %u > %zu\n",
1475 n_characters, count);
1476 if (file_data->auto_abort)
1477 usbtmc_ioctl_abort_bulk_in(data);
1478 goto exit;
1479 }
1480
1481 print_hex_dump_debug("usbtmc ", DUMP_PREFIX_NONE,
1482 16, 1, buffer, actual, true);
1483
1484 remaining = n_characters;
1485
1486 /* Remove the USBTMC header */
1487 actual -= USBTMC_HEADER_SIZE;
1488
1489 /* Remove padding if it exists */
1490 if (actual > remaining)
1491 actual = remaining;
1492
1493 remaining -= actual;
1494
1495 /* Copy buffer to user space */
1496 if (copy_to_user(buf, &buffer[USBTMC_HEADER_SIZE], actual)) {
1497 /* There must have been an addressing problem */
1498 retval = -EFAULT;
1499 goto exit;
1500 }
1501
1502 if ((actual + USBTMC_HEADER_SIZE) == bufsize) {
1503 retval = usbtmc_generic_read(file_data, buf + actual,
1504 remaining,
1505 &done,
1506 USBTMC_FLAG_IGNORE_TRAILER);
1507 if (retval < 0)
1508 goto exit;
1509 }
1510 done += actual;
1511
1512 /* Update file position value */
1513 *f_pos = *f_pos + done;
1514 retval = done;
1515
1516 exit:
1517 mutex_unlock(&data->io_mutex);
1518 exit_nolock:
1519 kfree(buffer);
1520 return retval;
1521 }
1522
usbtmc_write(struct file * filp,const char __user * buf,size_t count,loff_t * f_pos)1523 static ssize_t usbtmc_write(struct file *filp, const char __user *buf,
1524 size_t count, loff_t *f_pos)
1525 {
1526 struct usbtmc_file_data *file_data;
1527 struct usbtmc_device_data *data;
1528 struct urb *urb = NULL;
1529 ssize_t retval = 0;
1530 u8 *buffer;
1531 u32 remaining, done;
1532 u32 transfersize, aligned, buflen;
1533
1534 file_data = filp->private_data;
1535 data = file_data->data;
1536
1537 mutex_lock(&data->io_mutex);
1538
1539 if (data->zombie) {
1540 retval = -ENODEV;
1541 goto exit;
1542 }
1543
1544 done = 0;
1545
1546 spin_lock_irq(&file_data->err_lock);
1547 file_data->out_transfer_size = 0;
1548 file_data->out_status = 0;
1549 spin_unlock_irq(&file_data->err_lock);
1550
1551 if (!count)
1552 goto exit;
1553
1554 if (down_trylock(&file_data->limit_write_sem)) {
1555 /* previous calls were async */
1556 retval = -EBUSY;
1557 goto exit;
1558 }
1559
1560 urb = usbtmc_create_urb();
1561 if (!urb) {
1562 retval = -ENOMEM;
1563 up(&file_data->limit_write_sem);
1564 goto exit;
1565 }
1566
1567 buffer = urb->transfer_buffer;
1568 buflen = urb->transfer_buffer_length;
1569
1570 if (count > INT_MAX) {
1571 transfersize = INT_MAX;
1572 buffer[8] = 0;
1573 } else {
1574 transfersize = count;
1575 buffer[8] = file_data->eom_val;
1576 }
1577
1578 /* Setup IO buffer for DEV_DEP_MSG_OUT message */
1579 buffer[0] = 1;
1580 buffer[1] = data->bTag;
1581 buffer[2] = ~data->bTag;
1582 buffer[3] = 0; /* Reserved */
1583 buffer[4] = transfersize >> 0;
1584 buffer[5] = transfersize >> 8;
1585 buffer[6] = transfersize >> 16;
1586 buffer[7] = transfersize >> 24;
1587 /* buffer[8] is set above... */
1588 buffer[9] = 0; /* Reserved */
1589 buffer[10] = 0; /* Reserved */
1590 buffer[11] = 0; /* Reserved */
1591
1592 remaining = transfersize;
1593
1594 if (transfersize + USBTMC_HEADER_SIZE > buflen) {
1595 transfersize = buflen - USBTMC_HEADER_SIZE;
1596 aligned = buflen;
1597 } else {
1598 aligned = (transfersize + (USBTMC_HEADER_SIZE + 3)) & ~3;
1599 }
1600
1601 if (copy_from_user(&buffer[USBTMC_HEADER_SIZE], buf, transfersize)) {
1602 retval = -EFAULT;
1603 up(&file_data->limit_write_sem);
1604 goto exit;
1605 }
1606
1607 dev_dbg(&data->intf->dev, "%s(size:%u align:%u)\n", __func__,
1608 (unsigned int)transfersize, (unsigned int)aligned);
1609
1610 print_hex_dump_debug("usbtmc ", DUMP_PREFIX_NONE,
1611 16, 1, buffer, aligned, true);
1612
1613 usb_fill_bulk_urb(urb, data->usb_dev,
1614 usb_sndbulkpipe(data->usb_dev, data->bulk_out),
1615 urb->transfer_buffer, aligned,
1616 usbtmc_write_bulk_cb, file_data);
1617
1618 usb_anchor_urb(urb, &file_data->submitted);
1619 retval = usb_submit_urb(urb, GFP_KERNEL);
1620 if (unlikely(retval)) {
1621 usb_unanchor_urb(urb);
1622 up(&file_data->limit_write_sem);
1623 goto exit;
1624 }
1625
1626 remaining -= transfersize;
1627
1628 data->bTag_last_write = data->bTag;
1629 data->bTag++;
1630
1631 if (!data->bTag)
1632 data->bTag++;
1633
1634 /* call generic_write even when remaining = 0 */
1635 retval = usbtmc_generic_write(file_data, buf + transfersize, remaining,
1636 &done, USBTMC_FLAG_APPEND);
1637 /* truncate alignment bytes */
1638 if (done > remaining)
1639 done = remaining;
1640
1641 /*add size of first urb*/
1642 done += transfersize;
1643
1644 if (retval < 0) {
1645 usb_kill_anchored_urbs(&file_data->submitted);
1646
1647 dev_err(&data->intf->dev,
1648 "Unable to send data, error %d\n", (int)retval);
1649 if (file_data->auto_abort)
1650 usbtmc_ioctl_abort_bulk_out(data);
1651 goto exit;
1652 }
1653
1654 retval = done;
1655 exit:
1656 usb_free_urb(urb);
1657 mutex_unlock(&data->io_mutex);
1658 return retval;
1659 }
1660
usbtmc_ioctl_clear(struct usbtmc_device_data * data)1661 static int usbtmc_ioctl_clear(struct usbtmc_device_data *data)
1662 {
1663 struct device *dev;
1664 u8 *buffer;
1665 int rv;
1666 int n;
1667 int actual = 0;
1668
1669 dev = &data->intf->dev;
1670
1671 dev_dbg(dev, "Sending INITIATE_CLEAR request\n");
1672
1673 buffer = kmalloc(USBTMC_BUFSIZE, GFP_KERNEL);
1674 if (!buffer)
1675 return -ENOMEM;
1676
1677 rv = usb_control_msg(data->usb_dev,
1678 usb_rcvctrlpipe(data->usb_dev, 0),
1679 USBTMC_REQUEST_INITIATE_CLEAR,
1680 USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_INTERFACE,
1681 0, 0, buffer, 1, USB_CTRL_GET_TIMEOUT);
1682 if (rv < 0) {
1683 dev_err(dev, "usb_control_msg returned %d\n", rv);
1684 goto exit;
1685 }
1686
1687 dev_dbg(dev, "INITIATE_CLEAR returned %x\n", buffer[0]);
1688
1689 if (buffer[0] != USBTMC_STATUS_SUCCESS) {
1690 dev_err(dev, "INITIATE_CLEAR returned %x\n", buffer[0]);
1691 rv = -EPERM;
1692 goto exit;
1693 }
1694
1695 n = 0;
1696
1697 usbtmc_clear_check_status:
1698
1699 dev_dbg(dev, "Sending CHECK_CLEAR_STATUS request\n");
1700
1701 rv = usb_control_msg(data->usb_dev,
1702 usb_rcvctrlpipe(data->usb_dev, 0),
1703 USBTMC_REQUEST_CHECK_CLEAR_STATUS,
1704 USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_INTERFACE,
1705 0, 0, buffer, 2, USB_CTRL_GET_TIMEOUT);
1706 if (rv < 0) {
1707 dev_err(dev, "usb_control_msg returned %d\n", rv);
1708 goto exit;
1709 }
1710
1711 dev_dbg(dev, "CHECK_CLEAR_STATUS returned %x\n", buffer[0]);
1712
1713 if (buffer[0] == USBTMC_STATUS_SUCCESS)
1714 goto usbtmc_clear_bulk_out_halt;
1715
1716 if (buffer[0] != USBTMC_STATUS_PENDING) {
1717 dev_err(dev, "CHECK_CLEAR_STATUS returned %x\n", buffer[0]);
1718 rv = -EPERM;
1719 goto exit;
1720 }
1721
1722 if ((buffer[1] & 1) != 0) {
1723 do {
1724 dev_dbg(dev, "Reading from bulk in EP\n");
1725
1726 actual = 0;
1727 rv = usb_bulk_msg(data->usb_dev,
1728 usb_rcvbulkpipe(data->usb_dev,
1729 data->bulk_in),
1730 buffer, USBTMC_BUFSIZE,
1731 &actual, USB_CTRL_GET_TIMEOUT);
1732
1733 print_hex_dump_debug("usbtmc ", DUMP_PREFIX_NONE,
1734 16, 1, buffer, actual, true);
1735
1736 n++;
1737
1738 if (rv < 0) {
1739 dev_err(dev, "usb_control_msg returned %d\n",
1740 rv);
1741 goto exit;
1742 }
1743 } while ((actual == USBTMC_BUFSIZE) &&
1744 (n < USBTMC_MAX_READS_TO_CLEAR_BULK_IN));
1745 } else {
1746 /* do not stress device with subsequent requests */
1747 msleep(50);
1748 n++;
1749 }
1750
1751 if (n >= USBTMC_MAX_READS_TO_CLEAR_BULK_IN) {
1752 dev_err(dev, "Couldn't clear device buffer within %d cycles\n",
1753 USBTMC_MAX_READS_TO_CLEAR_BULK_IN);
1754 rv = -EPERM;
1755 goto exit;
1756 }
1757
1758 goto usbtmc_clear_check_status;
1759
1760 usbtmc_clear_bulk_out_halt:
1761
1762 rv = usb_clear_halt(data->usb_dev,
1763 usb_sndbulkpipe(data->usb_dev, data->bulk_out));
1764 if (rv < 0) {
1765 dev_err(dev, "usb_clear_halt returned %d\n", rv);
1766 goto exit;
1767 }
1768 rv = 0;
1769
1770 exit:
1771 kfree(buffer);
1772 return rv;
1773 }
1774
usbtmc_ioctl_clear_out_halt(struct usbtmc_device_data * data)1775 static int usbtmc_ioctl_clear_out_halt(struct usbtmc_device_data *data)
1776 {
1777 int rv;
1778
1779 rv = usb_clear_halt(data->usb_dev,
1780 usb_sndbulkpipe(data->usb_dev, data->bulk_out));
1781
1782 if (rv < 0)
1783 dev_err(&data->usb_dev->dev, "%s returned %d\n", __func__, rv);
1784 return rv;
1785 }
1786
usbtmc_ioctl_clear_in_halt(struct usbtmc_device_data * data)1787 static int usbtmc_ioctl_clear_in_halt(struct usbtmc_device_data *data)
1788 {
1789 int rv;
1790
1791 rv = usb_clear_halt(data->usb_dev,
1792 usb_rcvbulkpipe(data->usb_dev, data->bulk_in));
1793
1794 if (rv < 0)
1795 dev_err(&data->usb_dev->dev, "%s returned %d\n", __func__, rv);
1796 return rv;
1797 }
1798
usbtmc_ioctl_cancel_io(struct usbtmc_file_data * file_data)1799 static int usbtmc_ioctl_cancel_io(struct usbtmc_file_data *file_data)
1800 {
1801 spin_lock_irq(&file_data->err_lock);
1802 file_data->in_status = -ECANCELED;
1803 file_data->out_status = -ECANCELED;
1804 spin_unlock_irq(&file_data->err_lock);
1805 usb_kill_anchored_urbs(&file_data->submitted);
1806 return 0;
1807 }
1808
usbtmc_ioctl_cleanup_io(struct usbtmc_file_data * file_data)1809 static int usbtmc_ioctl_cleanup_io(struct usbtmc_file_data *file_data)
1810 {
1811 usb_kill_anchored_urbs(&file_data->submitted);
1812 usb_scuttle_anchored_urbs(&file_data->in_anchor);
1813 spin_lock_irq(&file_data->err_lock);
1814 file_data->in_status = 0;
1815 file_data->in_transfer_size = 0;
1816 file_data->out_status = 0;
1817 file_data->out_transfer_size = 0;
1818 spin_unlock_irq(&file_data->err_lock);
1819
1820 file_data->in_urbs_used = 0;
1821 return 0;
1822 }
1823
get_capabilities(struct usbtmc_device_data * data)1824 static int get_capabilities(struct usbtmc_device_data *data)
1825 {
1826 struct device *dev = &data->usb_dev->dev;
1827 char *buffer;
1828 int rv = 0;
1829
1830 buffer = kmalloc(0x18, GFP_KERNEL);
1831 if (!buffer)
1832 return -ENOMEM;
1833
1834 rv = usb_control_msg(data->usb_dev, usb_rcvctrlpipe(data->usb_dev, 0),
1835 USBTMC_REQUEST_GET_CAPABILITIES,
1836 USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_INTERFACE,
1837 0, 0, buffer, 0x18, USB_CTRL_GET_TIMEOUT);
1838 if (rv < 0) {
1839 dev_err(dev, "usb_control_msg returned %d\n", rv);
1840 goto err_out;
1841 }
1842
1843 dev_dbg(dev, "GET_CAPABILITIES returned %x\n", buffer[0]);
1844 if (buffer[0] != USBTMC_STATUS_SUCCESS) {
1845 dev_err(dev, "GET_CAPABILITIES returned %x\n", buffer[0]);
1846 rv = -EPERM;
1847 goto err_out;
1848 }
1849 dev_dbg(dev, "Interface capabilities are %x\n", buffer[4]);
1850 dev_dbg(dev, "Device capabilities are %x\n", buffer[5]);
1851 dev_dbg(dev, "USB488 interface capabilities are %x\n", buffer[14]);
1852 dev_dbg(dev, "USB488 device capabilities are %x\n", buffer[15]);
1853
1854 data->capabilities.interface_capabilities = buffer[4];
1855 data->capabilities.device_capabilities = buffer[5];
1856 data->capabilities.usb488_interface_capabilities = buffer[14];
1857 data->capabilities.usb488_device_capabilities = buffer[15];
1858 data->usb488_caps = (buffer[14] & 0x07) | ((buffer[15] & 0x0f) << 4);
1859 rv = 0;
1860
1861 err_out:
1862 kfree(buffer);
1863 return rv;
1864 }
1865
1866 #define capability_attribute(name) \
1867 static ssize_t name##_show(struct device *dev, \
1868 struct device_attribute *attr, char *buf) \
1869 { \
1870 struct usb_interface *intf = to_usb_interface(dev); \
1871 struct usbtmc_device_data *data = usb_get_intfdata(intf); \
1872 \
1873 return sprintf(buf, "%d\n", data->capabilities.name); \
1874 } \
1875 static DEVICE_ATTR_RO(name)
1876
1877 capability_attribute(interface_capabilities);
1878 capability_attribute(device_capabilities);
1879 capability_attribute(usb488_interface_capabilities);
1880 capability_attribute(usb488_device_capabilities);
1881
1882 static struct attribute *usbtmc_attrs[] = {
1883 &dev_attr_interface_capabilities.attr,
1884 &dev_attr_device_capabilities.attr,
1885 &dev_attr_usb488_interface_capabilities.attr,
1886 &dev_attr_usb488_device_capabilities.attr,
1887 NULL,
1888 };
1889 ATTRIBUTE_GROUPS(usbtmc);
1890
usbtmc_ioctl_indicator_pulse(struct usbtmc_device_data * data)1891 static int usbtmc_ioctl_indicator_pulse(struct usbtmc_device_data *data)
1892 {
1893 struct device *dev;
1894 u8 *buffer;
1895 int rv;
1896
1897 dev = &data->intf->dev;
1898
1899 buffer = kmalloc(2, GFP_KERNEL);
1900 if (!buffer)
1901 return -ENOMEM;
1902
1903 rv = usb_control_msg(data->usb_dev,
1904 usb_rcvctrlpipe(data->usb_dev, 0),
1905 USBTMC_REQUEST_INDICATOR_PULSE,
1906 USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_INTERFACE,
1907 0, 0, buffer, 0x01, USB_CTRL_GET_TIMEOUT);
1908
1909 if (rv < 0) {
1910 dev_err(dev, "usb_control_msg returned %d\n", rv);
1911 goto exit;
1912 }
1913
1914 dev_dbg(dev, "INDICATOR_PULSE returned %x\n", buffer[0]);
1915
1916 if (buffer[0] != USBTMC_STATUS_SUCCESS) {
1917 dev_err(dev, "INDICATOR_PULSE returned %x\n", buffer[0]);
1918 rv = -EPERM;
1919 goto exit;
1920 }
1921 rv = 0;
1922
1923 exit:
1924 kfree(buffer);
1925 return rv;
1926 }
1927
usbtmc_ioctl_request(struct usbtmc_device_data * data,void __user * arg)1928 static int usbtmc_ioctl_request(struct usbtmc_device_data *data,
1929 void __user *arg)
1930 {
1931 struct device *dev = &data->intf->dev;
1932 struct usbtmc_ctrlrequest request;
1933 u8 *buffer = NULL;
1934 int rv;
1935 unsigned int is_in, pipe;
1936 unsigned long res;
1937
1938 res = copy_from_user(&request, arg, sizeof(struct usbtmc_ctrlrequest));
1939 if (res)
1940 return -EFAULT;
1941
1942 if (request.req.wLength > USBTMC_BUFSIZE)
1943 return -EMSGSIZE;
1944 if (request.req.wLength == 0) /* Length-0 requests are never IN */
1945 request.req.bRequestType &= ~USB_DIR_IN;
1946
1947 is_in = request.req.bRequestType & USB_DIR_IN;
1948
1949 if (request.req.wLength) {
1950 buffer = kmalloc(request.req.wLength, GFP_KERNEL);
1951 if (!buffer)
1952 return -ENOMEM;
1953
1954 if (!is_in) {
1955 /* Send control data to device */
1956 res = copy_from_user(buffer, request.data,
1957 request.req.wLength);
1958 if (res) {
1959 rv = -EFAULT;
1960 goto exit;
1961 }
1962 }
1963 }
1964
1965 if (is_in)
1966 pipe = usb_rcvctrlpipe(data->usb_dev, 0);
1967 else
1968 pipe = usb_sndctrlpipe(data->usb_dev, 0);
1969 rv = usb_control_msg(data->usb_dev,
1970 pipe,
1971 request.req.bRequest,
1972 request.req.bRequestType,
1973 request.req.wValue,
1974 request.req.wIndex,
1975 buffer, request.req.wLength, USB_CTRL_GET_TIMEOUT);
1976
1977 if (rv < 0) {
1978 dev_err(dev, "%s failed %d\n", __func__, rv);
1979 goto exit;
1980 }
1981
1982 if (rv && is_in) {
1983 /* Read control data from device */
1984 res = copy_to_user(request.data, buffer, rv);
1985 if (res)
1986 rv = -EFAULT;
1987 }
1988
1989 exit:
1990 kfree(buffer);
1991 return rv;
1992 }
1993
1994 /*
1995 * Get the usb timeout value
1996 */
usbtmc_ioctl_get_timeout(struct usbtmc_file_data * file_data,void __user * arg)1997 static int usbtmc_ioctl_get_timeout(struct usbtmc_file_data *file_data,
1998 void __user *arg)
1999 {
2000 u32 timeout;
2001
2002 timeout = file_data->timeout;
2003
2004 return put_user(timeout, (__u32 __user *)arg);
2005 }
2006
2007 /*
2008 * Set the usb timeout value
2009 */
usbtmc_ioctl_set_timeout(struct usbtmc_file_data * file_data,void __user * arg)2010 static int usbtmc_ioctl_set_timeout(struct usbtmc_file_data *file_data,
2011 void __user *arg)
2012 {
2013 u32 timeout;
2014
2015 if (get_user(timeout, (__u32 __user *)arg))
2016 return -EFAULT;
2017
2018 /* Note that timeout = 0 means
2019 * MAX_SCHEDULE_TIMEOUT in usb_control_msg
2020 */
2021 if (timeout < USBTMC_MIN_TIMEOUT)
2022 return -EINVAL;
2023
2024 file_data->timeout = timeout;
2025
2026 return 0;
2027 }
2028
2029 /*
2030 * enables/disables sending EOM on write
2031 */
usbtmc_ioctl_eom_enable(struct usbtmc_file_data * file_data,void __user * arg)2032 static int usbtmc_ioctl_eom_enable(struct usbtmc_file_data *file_data,
2033 void __user *arg)
2034 {
2035 u8 eom_enable;
2036
2037 if (copy_from_user(&eom_enable, arg, sizeof(eom_enable)))
2038 return -EFAULT;
2039
2040 if (eom_enable > 1)
2041 return -EINVAL;
2042
2043 file_data->eom_val = eom_enable;
2044
2045 return 0;
2046 }
2047
2048 /*
2049 * Configure termination character for read()
2050 */
usbtmc_ioctl_config_termc(struct usbtmc_file_data * file_data,void __user * arg)2051 static int usbtmc_ioctl_config_termc(struct usbtmc_file_data *file_data,
2052 void __user *arg)
2053 {
2054 struct usbtmc_termchar termc;
2055
2056 if (copy_from_user(&termc, arg, sizeof(termc)))
2057 return -EFAULT;
2058
2059 if ((termc.term_char_enabled > 1) ||
2060 (termc.term_char_enabled &&
2061 !(file_data->data->capabilities.device_capabilities & 1)))
2062 return -EINVAL;
2063
2064 file_data->term_char = termc.term_char;
2065 file_data->term_char_enabled = termc.term_char_enabled;
2066
2067 return 0;
2068 }
2069
usbtmc_ioctl(struct file * file,unsigned int cmd,unsigned long arg)2070 static long usbtmc_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
2071 {
2072 struct usbtmc_file_data *file_data;
2073 struct usbtmc_device_data *data;
2074 int retval = -EBADRQC;
2075 __u8 tmp_byte;
2076
2077 file_data = file->private_data;
2078 data = file_data->data;
2079
2080 mutex_lock(&data->io_mutex);
2081 if (data->zombie) {
2082 retval = -ENODEV;
2083 goto skip_io_on_zombie;
2084 }
2085
2086 switch (cmd) {
2087 case USBTMC_IOCTL_CLEAR_OUT_HALT:
2088 retval = usbtmc_ioctl_clear_out_halt(data);
2089 break;
2090
2091 case USBTMC_IOCTL_CLEAR_IN_HALT:
2092 retval = usbtmc_ioctl_clear_in_halt(data);
2093 break;
2094
2095 case USBTMC_IOCTL_INDICATOR_PULSE:
2096 retval = usbtmc_ioctl_indicator_pulse(data);
2097 break;
2098
2099 case USBTMC_IOCTL_CLEAR:
2100 retval = usbtmc_ioctl_clear(data);
2101 break;
2102
2103 case USBTMC_IOCTL_ABORT_BULK_OUT:
2104 retval = usbtmc_ioctl_abort_bulk_out(data);
2105 break;
2106
2107 case USBTMC_IOCTL_ABORT_BULK_IN:
2108 retval = usbtmc_ioctl_abort_bulk_in(data);
2109 break;
2110
2111 case USBTMC_IOCTL_CTRL_REQUEST:
2112 retval = usbtmc_ioctl_request(data, (void __user *)arg);
2113 break;
2114
2115 case USBTMC_IOCTL_GET_TIMEOUT:
2116 retval = usbtmc_ioctl_get_timeout(file_data,
2117 (void __user *)arg);
2118 break;
2119
2120 case USBTMC_IOCTL_SET_TIMEOUT:
2121 retval = usbtmc_ioctl_set_timeout(file_data,
2122 (void __user *)arg);
2123 break;
2124
2125 case USBTMC_IOCTL_EOM_ENABLE:
2126 retval = usbtmc_ioctl_eom_enable(file_data,
2127 (void __user *)arg);
2128 break;
2129
2130 case USBTMC_IOCTL_CONFIG_TERMCHAR:
2131 retval = usbtmc_ioctl_config_termc(file_data,
2132 (void __user *)arg);
2133 break;
2134
2135 case USBTMC_IOCTL_WRITE:
2136 retval = usbtmc_ioctl_generic_write(file_data,
2137 (void __user *)arg);
2138 break;
2139
2140 case USBTMC_IOCTL_READ:
2141 retval = usbtmc_ioctl_generic_read(file_data,
2142 (void __user *)arg);
2143 break;
2144
2145 case USBTMC_IOCTL_WRITE_RESULT:
2146 retval = usbtmc_ioctl_write_result(file_data,
2147 (void __user *)arg);
2148 break;
2149
2150 case USBTMC_IOCTL_API_VERSION:
2151 retval = put_user(USBTMC_API_VERSION,
2152 (__u32 __user *)arg);
2153 break;
2154
2155 case USBTMC488_IOCTL_GET_CAPS:
2156 retval = put_user(data->usb488_caps,
2157 (unsigned char __user *)arg);
2158 break;
2159
2160 case USBTMC488_IOCTL_READ_STB:
2161 retval = usbtmc488_ioctl_read_stb(file_data,
2162 (void __user *)arg);
2163 break;
2164
2165 case USBTMC488_IOCTL_REN_CONTROL:
2166 retval = usbtmc488_ioctl_simple(data, (void __user *)arg,
2167 USBTMC488_REQUEST_REN_CONTROL);
2168 break;
2169
2170 case USBTMC488_IOCTL_GOTO_LOCAL:
2171 retval = usbtmc488_ioctl_simple(data, (void __user *)arg,
2172 USBTMC488_REQUEST_GOTO_LOCAL);
2173 break;
2174
2175 case USBTMC488_IOCTL_LOCAL_LOCKOUT:
2176 retval = usbtmc488_ioctl_simple(data, (void __user *)arg,
2177 USBTMC488_REQUEST_LOCAL_LOCKOUT);
2178 break;
2179
2180 case USBTMC488_IOCTL_TRIGGER:
2181 retval = usbtmc488_ioctl_trigger(file_data);
2182 break;
2183
2184 case USBTMC488_IOCTL_WAIT_SRQ:
2185 retval = usbtmc488_ioctl_wait_srq(file_data,
2186 (__u32 __user *)arg);
2187 break;
2188
2189 case USBTMC_IOCTL_MSG_IN_ATTR:
2190 retval = put_user(file_data->bmTransferAttributes,
2191 (__u8 __user *)arg);
2192 break;
2193
2194 case USBTMC_IOCTL_AUTO_ABORT:
2195 retval = get_user(tmp_byte, (unsigned char __user *)arg);
2196 if (retval == 0)
2197 file_data->auto_abort = !!tmp_byte;
2198 break;
2199
2200 case USBTMC_IOCTL_GET_STB:
2201 retval = usbtmc_get_stb(file_data, &tmp_byte);
2202 if (retval > 0)
2203 retval = put_user(tmp_byte, (__u8 __user *)arg);
2204 break;
2205
2206 case USBTMC_IOCTL_GET_SRQ_STB:
2207 retval = usbtmc_ioctl_get_srq_stb(file_data,
2208 (void __user *)arg);
2209 break;
2210
2211 case USBTMC_IOCTL_CANCEL_IO:
2212 retval = usbtmc_ioctl_cancel_io(file_data);
2213 break;
2214
2215 case USBTMC_IOCTL_CLEANUP_IO:
2216 retval = usbtmc_ioctl_cleanup_io(file_data);
2217 break;
2218 }
2219
2220 skip_io_on_zombie:
2221 mutex_unlock(&data->io_mutex);
2222 return retval;
2223 }
2224
usbtmc_fasync(int fd,struct file * file,int on)2225 static int usbtmc_fasync(int fd, struct file *file, int on)
2226 {
2227 struct usbtmc_file_data *file_data = file->private_data;
2228
2229 return fasync_helper(fd, file, on, &file_data->data->fasync);
2230 }
2231
usbtmc_poll(struct file * file,poll_table * wait)2232 static __poll_t usbtmc_poll(struct file *file, poll_table *wait)
2233 {
2234 struct usbtmc_file_data *file_data = file->private_data;
2235 struct usbtmc_device_data *data = file_data->data;
2236 __poll_t mask;
2237
2238 mutex_lock(&data->io_mutex);
2239
2240 if (data->zombie) {
2241 mask = EPOLLHUP | EPOLLERR;
2242 goto no_poll;
2243 }
2244
2245 poll_wait(file, &data->waitq, wait);
2246
2247 /* Note that EPOLLPRI is now assigned to SRQ, and
2248 * EPOLLIN|EPOLLRDNORM to normal read data.
2249 */
2250 mask = 0;
2251 if (atomic_read(&file_data->srq_asserted))
2252 mask |= EPOLLPRI;
2253
2254 /* Note that the anchor submitted includes all urbs for BULK IN
2255 * and OUT. So EPOLLOUT is signaled when BULK OUT is empty and
2256 * all BULK IN urbs are completed and moved to in_anchor.
2257 */
2258 if (usb_anchor_empty(&file_data->submitted))
2259 mask |= (EPOLLOUT | EPOLLWRNORM);
2260 if (!usb_anchor_empty(&file_data->in_anchor))
2261 mask |= (EPOLLIN | EPOLLRDNORM);
2262
2263 spin_lock_irq(&file_data->err_lock);
2264 if (file_data->in_status || file_data->out_status)
2265 mask |= EPOLLERR;
2266 spin_unlock_irq(&file_data->err_lock);
2267
2268 dev_dbg(&data->intf->dev, "poll mask = %x\n", mask);
2269
2270 no_poll:
2271 mutex_unlock(&data->io_mutex);
2272 return mask;
2273 }
2274
2275 static const struct file_operations fops = {
2276 .owner = THIS_MODULE,
2277 .read = usbtmc_read,
2278 .write = usbtmc_write,
2279 .open = usbtmc_open,
2280 .release = usbtmc_release,
2281 .flush = usbtmc_flush,
2282 .unlocked_ioctl = usbtmc_ioctl,
2283 .compat_ioctl = compat_ptr_ioctl,
2284 .fasync = usbtmc_fasync,
2285 .poll = usbtmc_poll,
2286 .llseek = default_llseek,
2287 };
2288
2289 static struct usb_class_driver usbtmc_class = {
2290 .name = "usbtmc%d",
2291 .fops = &fops,
2292 .minor_base = USBTMC_MINOR_BASE,
2293 };
2294
usbtmc_interrupt(struct urb * urb)2295 static void usbtmc_interrupt(struct urb *urb)
2296 {
2297 struct usbtmc_device_data *data = urb->context;
2298 struct device *dev = &data->intf->dev;
2299 int status = urb->status;
2300 int rv;
2301
2302 dev_dbg(&data->intf->dev, "int status: %d len %d\n",
2303 status, urb->actual_length);
2304
2305 switch (status) {
2306 case 0: /* SUCCESS */
2307 /* check for valid STB notification */
2308 if (data->iin_buffer[0] > 0x81) {
2309 data->bNotify1 = data->iin_buffer[0];
2310 data->bNotify2 = data->iin_buffer[1];
2311 atomic_set(&data->iin_data_valid, 1);
2312 wake_up_interruptible(&data->waitq);
2313 goto exit;
2314 }
2315 /* check for SRQ notification */
2316 if (data->iin_buffer[0] == 0x81) {
2317 unsigned long flags;
2318 struct list_head *elem;
2319
2320 if (data->fasync)
2321 kill_fasync(&data->fasync,
2322 SIGIO, POLL_PRI);
2323
2324 spin_lock_irqsave(&data->dev_lock, flags);
2325 list_for_each(elem, &data->file_list) {
2326 struct usbtmc_file_data *file_data;
2327
2328 file_data = list_entry(elem,
2329 struct usbtmc_file_data,
2330 file_elem);
2331 file_data->srq_byte = data->iin_buffer[1];
2332 atomic_set(&file_data->srq_asserted, 1);
2333 }
2334 spin_unlock_irqrestore(&data->dev_lock, flags);
2335
2336 dev_dbg(dev, "srq received bTag %x stb %x\n",
2337 (unsigned int)data->iin_buffer[0],
2338 (unsigned int)data->iin_buffer[1]);
2339 wake_up_interruptible_all(&data->waitq);
2340 goto exit;
2341 }
2342 dev_warn(dev, "invalid notification: %x\n",
2343 data->iin_buffer[0]);
2344 break;
2345 case -EOVERFLOW:
2346 dev_err(dev, "overflow with length %d, actual length is %d\n",
2347 data->iin_wMaxPacketSize, urb->actual_length);
2348 fallthrough;
2349 default:
2350 /* urb terminated, clean up */
2351 dev_dbg(dev, "urb terminated, status: %d\n", status);
2352 return;
2353 }
2354 exit:
2355 rv = usb_submit_urb(urb, GFP_ATOMIC);
2356 if (rv)
2357 dev_err(dev, "usb_submit_urb failed: %d\n", rv);
2358 }
2359
usbtmc_free_int(struct usbtmc_device_data * data)2360 static void usbtmc_free_int(struct usbtmc_device_data *data)
2361 {
2362 if (!data->iin_ep_present || !data->iin_urb)
2363 return;
2364 usb_kill_urb(data->iin_urb);
2365 kfree(data->iin_buffer);
2366 data->iin_buffer = NULL;
2367 usb_free_urb(data->iin_urb);
2368 data->iin_urb = NULL;
2369 kref_put(&data->kref, usbtmc_delete);
2370 }
2371
usbtmc_probe(struct usb_interface * intf,const struct usb_device_id * id)2372 static int usbtmc_probe(struct usb_interface *intf,
2373 const struct usb_device_id *id)
2374 {
2375 struct usbtmc_device_data *data;
2376 struct usb_host_interface *iface_desc;
2377 struct usb_endpoint_descriptor *bulk_in, *bulk_out, *int_in;
2378 int retcode;
2379
2380 dev_dbg(&intf->dev, "%s called\n", __func__);
2381
2382 data = kzalloc(sizeof(*data), GFP_KERNEL);
2383 if (!data)
2384 return -ENOMEM;
2385
2386 data->intf = intf;
2387 data->id = id;
2388 data->usb_dev = usb_get_dev(interface_to_usbdev(intf));
2389 usb_set_intfdata(intf, data);
2390 kref_init(&data->kref);
2391 mutex_init(&data->io_mutex);
2392 init_waitqueue_head(&data->waitq);
2393 atomic_set(&data->iin_data_valid, 0);
2394 INIT_LIST_HEAD(&data->file_list);
2395 spin_lock_init(&data->dev_lock);
2396
2397 data->zombie = 0;
2398
2399 /* Initialize USBTMC bTag and other fields */
2400 data->bTag = 1;
2401 /* 2 <= bTag <= 127 USBTMC-USB488 subclass specification 4.3.1 */
2402 data->iin_bTag = 2;
2403
2404 /* USBTMC devices have only one setting, so use that */
2405 iface_desc = data->intf->cur_altsetting;
2406 data->ifnum = iface_desc->desc.bInterfaceNumber;
2407
2408 /* Find bulk endpoints */
2409 retcode = usb_find_common_endpoints(iface_desc,
2410 &bulk_in, &bulk_out, NULL, NULL);
2411 if (retcode) {
2412 dev_err(&intf->dev, "bulk endpoints not found\n");
2413 goto err_put;
2414 }
2415
2416 retcode = -EINVAL;
2417 data->bulk_in = bulk_in->bEndpointAddress;
2418 data->wMaxPacketSize = usb_endpoint_maxp(bulk_in);
2419 if (!data->wMaxPacketSize)
2420 goto err_put;
2421 dev_dbg(&intf->dev, "Found bulk in endpoint at %u\n", data->bulk_in);
2422
2423 data->bulk_out = bulk_out->bEndpointAddress;
2424 dev_dbg(&intf->dev, "Found Bulk out endpoint at %u\n", data->bulk_out);
2425
2426 /* Find int endpoint */
2427 retcode = usb_find_int_in_endpoint(iface_desc, &int_in);
2428 if (!retcode) {
2429 data->iin_ep_present = 1;
2430 data->iin_ep = int_in->bEndpointAddress;
2431 data->iin_wMaxPacketSize = usb_endpoint_maxp(int_in);
2432 data->iin_interval = int_in->bInterval;
2433 dev_dbg(&intf->dev, "Found Int in endpoint at %u\n",
2434 data->iin_ep);
2435 }
2436
2437 retcode = get_capabilities(data);
2438 if (retcode)
2439 dev_err(&intf->dev, "can't read capabilities\n");
2440
2441 if (data->iin_ep_present) {
2442 /* allocate int urb */
2443 data->iin_urb = usb_alloc_urb(0, GFP_KERNEL);
2444 if (!data->iin_urb) {
2445 retcode = -ENOMEM;
2446 goto error_register;
2447 }
2448
2449 /* Protect interrupt in endpoint data until iin_urb is freed */
2450 kref_get(&data->kref);
2451
2452 /* allocate buffer for interrupt in */
2453 data->iin_buffer = kmalloc(data->iin_wMaxPacketSize,
2454 GFP_KERNEL);
2455 if (!data->iin_buffer) {
2456 retcode = -ENOMEM;
2457 goto error_register;
2458 }
2459
2460 /* fill interrupt urb */
2461 usb_fill_int_urb(data->iin_urb, data->usb_dev,
2462 usb_rcvintpipe(data->usb_dev, data->iin_ep),
2463 data->iin_buffer, data->iin_wMaxPacketSize,
2464 usbtmc_interrupt,
2465 data, data->iin_interval);
2466
2467 retcode = usb_submit_urb(data->iin_urb, GFP_KERNEL);
2468 if (retcode) {
2469 dev_err(&intf->dev, "Failed to submit iin_urb\n");
2470 goto error_register;
2471 }
2472 }
2473
2474 retcode = usb_register_dev(intf, &usbtmc_class);
2475 if (retcode) {
2476 dev_err(&intf->dev, "Not able to get a minor (base %u, slice default): %d\n",
2477 USBTMC_MINOR_BASE,
2478 retcode);
2479 goto error_register;
2480 }
2481 dev_dbg(&intf->dev, "Using minor number %d\n", intf->minor);
2482
2483 return 0;
2484
2485 error_register:
2486 usbtmc_free_int(data);
2487 err_put:
2488 kref_put(&data->kref, usbtmc_delete);
2489 return retcode;
2490 }
2491
usbtmc_disconnect(struct usb_interface * intf)2492 static void usbtmc_disconnect(struct usb_interface *intf)
2493 {
2494 struct usbtmc_device_data *data = usb_get_intfdata(intf);
2495 struct list_head *elem;
2496
2497 usb_deregister_dev(intf, &usbtmc_class);
2498 mutex_lock(&data->io_mutex);
2499 data->zombie = 1;
2500 wake_up_interruptible_all(&data->waitq);
2501 list_for_each(elem, &data->file_list) {
2502 struct usbtmc_file_data *file_data;
2503
2504 file_data = list_entry(elem,
2505 struct usbtmc_file_data,
2506 file_elem);
2507 usb_kill_anchored_urbs(&file_data->submitted);
2508 usb_scuttle_anchored_urbs(&file_data->in_anchor);
2509 }
2510 mutex_unlock(&data->io_mutex);
2511 usbtmc_free_int(data);
2512 kref_put(&data->kref, usbtmc_delete);
2513 }
2514
usbtmc_draw_down(struct usbtmc_file_data * file_data)2515 static void usbtmc_draw_down(struct usbtmc_file_data *file_data)
2516 {
2517 int time;
2518
2519 time = usb_wait_anchor_empty_timeout(&file_data->submitted, 1000);
2520 if (!time)
2521 usb_kill_anchored_urbs(&file_data->submitted);
2522 usb_scuttle_anchored_urbs(&file_data->in_anchor);
2523 }
2524
usbtmc_suspend(struct usb_interface * intf,pm_message_t message)2525 static int usbtmc_suspend(struct usb_interface *intf, pm_message_t message)
2526 {
2527 struct usbtmc_device_data *data = usb_get_intfdata(intf);
2528 struct list_head *elem;
2529
2530 if (!data)
2531 return 0;
2532
2533 mutex_lock(&data->io_mutex);
2534 list_for_each(elem, &data->file_list) {
2535 struct usbtmc_file_data *file_data;
2536
2537 file_data = list_entry(elem,
2538 struct usbtmc_file_data,
2539 file_elem);
2540 usbtmc_draw_down(file_data);
2541 }
2542
2543 if (data->iin_ep_present && data->iin_urb)
2544 usb_kill_urb(data->iin_urb);
2545
2546 mutex_unlock(&data->io_mutex);
2547 return 0;
2548 }
2549
usbtmc_resume(struct usb_interface * intf)2550 static int usbtmc_resume(struct usb_interface *intf)
2551 {
2552 struct usbtmc_device_data *data = usb_get_intfdata(intf);
2553 int retcode = 0;
2554
2555 if (data->iin_ep_present && data->iin_urb)
2556 retcode = usb_submit_urb(data->iin_urb, GFP_KERNEL);
2557 if (retcode)
2558 dev_err(&intf->dev, "Failed to submit iin_urb\n");
2559
2560 return retcode;
2561 }
2562
usbtmc_pre_reset(struct usb_interface * intf)2563 static int usbtmc_pre_reset(struct usb_interface *intf)
2564 {
2565 struct usbtmc_device_data *data = usb_get_intfdata(intf);
2566 struct list_head *elem;
2567
2568 if (!data)
2569 return 0;
2570
2571 mutex_lock(&data->io_mutex);
2572
2573 list_for_each(elem, &data->file_list) {
2574 struct usbtmc_file_data *file_data;
2575
2576 file_data = list_entry(elem,
2577 struct usbtmc_file_data,
2578 file_elem);
2579 usbtmc_ioctl_cancel_io(file_data);
2580 }
2581
2582 return 0;
2583 }
2584
usbtmc_post_reset(struct usb_interface * intf)2585 static int usbtmc_post_reset(struct usb_interface *intf)
2586 {
2587 struct usbtmc_device_data *data = usb_get_intfdata(intf);
2588
2589 mutex_unlock(&data->io_mutex);
2590
2591 return 0;
2592 }
2593
2594 static struct usb_driver usbtmc_driver = {
2595 .name = "usbtmc",
2596 .id_table = usbtmc_devices,
2597 .probe = usbtmc_probe,
2598 .disconnect = usbtmc_disconnect,
2599 .suspend = usbtmc_suspend,
2600 .resume = usbtmc_resume,
2601 .pre_reset = usbtmc_pre_reset,
2602 .post_reset = usbtmc_post_reset,
2603 .dev_groups = usbtmc_groups,
2604 };
2605
2606 module_usb_driver(usbtmc_driver);
2607
2608 MODULE_DESCRIPTION("USB Test & Measurement class driver");
2609 MODULE_LICENSE("GPL");
2610