1 // SPDX-License-Identifier: GPL-2.0+ 2 /* 3 * drivers/usb/class/usbtmc.c - USB Test & Measurement class driver 4 * 5 * Copyright (C) 2007 Stefan Kopp, Gechingen, Germany 6 * Copyright (C) 2008 Novell, Inc. 7 * Copyright (C) 2008 Greg Kroah-Hartman <gregkh@suse.de> 8 * Copyright (C) 2018 IVI Foundation, Inc. 9 */ 10 11 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt 12 13 #include <linux/module.h> 14 #include <linux/kernel.h> 15 #include <linux/fs.h> 16 #include <linux/uaccess.h> 17 #include <linux/kref.h> 18 #include <linux/slab.h> 19 #include <linux/poll.h> 20 #include <linux/mutex.h> 21 #include <linux/usb.h> 22 #include <linux/compat.h> 23 #include <linux/usb/tmc.h> 24 25 /* Increment API VERSION when changing tmc.h with new flags or ioctls 26 * or when changing a significant behavior of the driver. 27 */ 28 #define USBTMC_API_VERSION (3) 29 30 #define USBTMC_HEADER_SIZE 12 31 #define USBTMC_MINOR_BASE 176 32 33 /* Minimum USB timeout (in milliseconds) */ 34 #define USBTMC_MIN_TIMEOUT 100 35 /* Default USB timeout (in milliseconds) */ 36 #define USBTMC_TIMEOUT 5000 37 38 /* Max number of urbs used in write transfers */ 39 #define MAX_URBS_IN_FLIGHT 16 40 /* I/O buffer size used in generic read/write functions */ 41 #define USBTMC_BUFSIZE (4096) 42 43 /* 44 * Maximum number of read cycles to empty bulk in endpoint during CLEAR and 45 * ABORT_BULK_IN requests. Ends the loop if (for whatever reason) a short 46 * packet is never read. 47 */ 48 #define USBTMC_MAX_READS_TO_CLEAR_BULK_IN 100 49 50 static const struct usb_device_id usbtmc_devices[] = { 51 { USB_INTERFACE_INFO(USB_CLASS_APP_SPEC, 3, 0), }, 52 { USB_INTERFACE_INFO(USB_CLASS_APP_SPEC, 3, 1), }, 53 { 0, } /* terminating entry */ 54 }; 55 MODULE_DEVICE_TABLE(usb, usbtmc_devices); 56 57 /* 58 * This structure is the capabilities for the device 59 * See section 4.2.1.8 of the USBTMC specification, 60 * and section 4.2.2 of the USBTMC usb488 subclass 61 * specification for details. 62 */ 63 struct usbtmc_dev_capabilities { 64 __u8 interface_capabilities; 65 __u8 device_capabilities; 66 __u8 usb488_interface_capabilities; 67 __u8 usb488_device_capabilities; 68 }; 69 70 /* This structure holds private data for each USBTMC device. One copy is 71 * allocated for each USBTMC device in the driver's probe function. 72 */ 73 struct usbtmc_device_data { 74 const struct usb_device_id *id; 75 struct usb_device *usb_dev; 76 struct usb_interface *intf; 77 struct list_head file_list; 78 79 unsigned int bulk_in; 80 unsigned int bulk_out; 81 82 u8 bTag; 83 u8 bTag_last_write; /* needed for abort */ 84 u8 bTag_last_read; /* needed for abort */ 85 86 /* packet size of IN bulk */ 87 u16 wMaxPacketSize; 88 89 /* data for interrupt in endpoint handling */ 90 u8 bNotify1; 91 u8 bNotify2; 92 u16 ifnum; 93 u8 iin_bTag; 94 u8 *iin_buffer; 95 atomic_t iin_data_valid; 96 unsigned int iin_ep; 97 int iin_ep_present; 98 int iin_interval; 99 struct urb *iin_urb; 100 u16 iin_wMaxPacketSize; 101 102 /* coalesced usb488_caps from usbtmc_dev_capabilities */ 103 __u8 usb488_caps; 104 105 bool zombie; /* fd of disconnected device */ 106 107 struct usbtmc_dev_capabilities capabilities; 108 struct kref kref; 109 struct mutex io_mutex; /* only one i/o function running at a time */ 110 wait_queue_head_t waitq; 111 struct fasync_struct *fasync; 112 spinlock_t dev_lock; /* lock for file_list */ 113 }; 114 #define to_usbtmc_data(d) container_of(d, struct usbtmc_device_data, kref) 115 116 /* 117 * This structure holds private data for each USBTMC file handle. 118 */ 119 struct usbtmc_file_data { 120 struct usbtmc_device_data *data; 121 struct list_head file_elem; 122 123 u32 timeout; 124 u8 srq_byte; 125 atomic_t srq_asserted; 126 atomic_t closing; 127 u8 bmTransferAttributes; /* member of DEV_DEP_MSG_IN */ 128 129 u8 eom_val; 130 u8 term_char; 131 bool term_char_enabled; 132 bool auto_abort; 133 134 spinlock_t err_lock; /* lock for errors */ 135 136 struct usb_anchor submitted; 137 138 /* data for generic_write */ 139 struct semaphore limit_write_sem; 140 u32 out_transfer_size; 141 int out_status; 142 143 /* data for generic_read */ 144 u32 in_transfer_size; 145 int in_status; 146 int in_urbs_used; 147 struct usb_anchor in_anchor; 148 wait_queue_head_t wait_bulk_in; 149 }; 150 151 /* Forward declarations */ 152 static struct usb_driver usbtmc_driver; 153 static void usbtmc_draw_down(struct usbtmc_file_data *file_data); 154 155 static void usbtmc_delete(struct kref *kref) 156 { 157 struct usbtmc_device_data *data = to_usbtmc_data(kref); 158 159 usb_put_dev(data->usb_dev); 160 kfree(data); 161 } 162 163 static int usbtmc_open(struct inode *inode, struct file *filp) 164 { 165 struct usb_interface *intf; 166 struct usbtmc_device_data *data; 167 struct usbtmc_file_data *file_data; 168 169 intf = usb_find_interface(&usbtmc_driver, iminor(inode)); 170 if (!intf) { 171 pr_err("can not find device for minor %d", iminor(inode)); 172 return -ENODEV; 173 } 174 175 file_data = kzalloc(sizeof(*file_data), GFP_KERNEL); 176 if (!file_data) 177 return -ENOMEM; 178 179 spin_lock_init(&file_data->err_lock); 180 sema_init(&file_data->limit_write_sem, MAX_URBS_IN_FLIGHT); 181 init_usb_anchor(&file_data->submitted); 182 init_usb_anchor(&file_data->in_anchor); 183 init_waitqueue_head(&file_data->wait_bulk_in); 184 185 data = usb_get_intfdata(intf); 186 /* Protect reference to data from file structure until release */ 187 kref_get(&data->kref); 188 189 mutex_lock(&data->io_mutex); 190 file_data->data = data; 191 192 atomic_set(&file_data->closing, 0); 193 194 file_data->timeout = USBTMC_TIMEOUT; 195 file_data->term_char = '\n'; 196 file_data->term_char_enabled = 0; 197 file_data->auto_abort = 0; 198 file_data->eom_val = 1; 199 200 INIT_LIST_HEAD(&file_data->file_elem); 201 spin_lock_irq(&data->dev_lock); 202 list_add_tail(&file_data->file_elem, &data->file_list); 203 spin_unlock_irq(&data->dev_lock); 204 mutex_unlock(&data->io_mutex); 205 206 /* Store pointer in file structure's private data field */ 207 filp->private_data = file_data; 208 209 return 0; 210 } 211 212 /* 213 * usbtmc_flush - called before file handle is closed 214 */ 215 static int usbtmc_flush(struct file *file, fl_owner_t id) 216 { 217 struct usbtmc_file_data *file_data; 218 struct usbtmc_device_data *data; 219 220 file_data = file->private_data; 221 if (file_data == NULL) 222 return -ENODEV; 223 224 atomic_set(&file_data->closing, 1); 225 data = file_data->data; 226 227 /* wait for io to stop */ 228 mutex_lock(&data->io_mutex); 229 230 usbtmc_draw_down(file_data); 231 232 spin_lock_irq(&file_data->err_lock); 233 file_data->in_status = 0; 234 file_data->in_transfer_size = 0; 235 file_data->in_urbs_used = 0; 236 file_data->out_status = 0; 237 file_data->out_transfer_size = 0; 238 spin_unlock_irq(&file_data->err_lock); 239 240 wake_up_interruptible_all(&data->waitq); 241 mutex_unlock(&data->io_mutex); 242 243 return 0; 244 } 245 246 static int usbtmc_release(struct inode *inode, struct file *file) 247 { 248 struct usbtmc_file_data *file_data = file->private_data; 249 250 /* prevent IO _AND_ usbtmc_interrupt */ 251 mutex_lock(&file_data->data->io_mutex); 252 spin_lock_irq(&file_data->data->dev_lock); 253 254 list_del(&file_data->file_elem); 255 256 spin_unlock_irq(&file_data->data->dev_lock); 257 mutex_unlock(&file_data->data->io_mutex); 258 259 kref_put(&file_data->data->kref, usbtmc_delete); 260 file_data->data = NULL; 261 kfree(file_data); 262 return 0; 263 } 264 265 static int usbtmc_ioctl_abort_bulk_in_tag(struct usbtmc_device_data *data, 266 u8 tag) 267 { 268 u8 *buffer; 269 struct device *dev; 270 int rv; 271 int n; 272 int actual; 273 274 dev = &data->intf->dev; 275 buffer = kmalloc(USBTMC_BUFSIZE, GFP_KERNEL); 276 if (!buffer) 277 return -ENOMEM; 278 279 rv = usb_control_msg(data->usb_dev, 280 usb_rcvctrlpipe(data->usb_dev, 0), 281 USBTMC_REQUEST_INITIATE_ABORT_BULK_IN, 282 USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_ENDPOINT, 283 tag, data->bulk_in, 284 buffer, 2, USB_CTRL_GET_TIMEOUT); 285 286 if (rv < 0) { 287 dev_err(dev, "usb_control_msg returned %d\n", rv); 288 goto exit; 289 } 290 291 dev_dbg(dev, "INITIATE_ABORT_BULK_IN returned %x with tag %02x\n", 292 buffer[0], buffer[1]); 293 294 if (buffer[0] == USBTMC_STATUS_FAILED) { 295 /* No transfer in progress and the Bulk-OUT FIFO is empty. */ 296 rv = 0; 297 goto exit; 298 } 299 300 if (buffer[0] == USBTMC_STATUS_TRANSFER_NOT_IN_PROGRESS) { 301 /* The device returns this status if either: 302 * - There is a transfer in progress, but the specified bTag 303 * does not match. 304 * - There is no transfer in progress, but the Bulk-OUT FIFO 305 * is not empty. 306 */ 307 rv = -ENOMSG; 308 goto exit; 309 } 310 311 if (buffer[0] != USBTMC_STATUS_SUCCESS) { 312 dev_err(dev, "INITIATE_ABORT_BULK_IN returned %x\n", 313 buffer[0]); 314 rv = -EPERM; 315 goto exit; 316 } 317 318 n = 0; 319 320 usbtmc_abort_bulk_in_status: 321 dev_dbg(dev, "Reading from bulk in EP\n"); 322 323 /* Data must be present. So use low timeout 300 ms */ 324 actual = 0; 325 rv = usb_bulk_msg(data->usb_dev, 326 usb_rcvbulkpipe(data->usb_dev, 327 data->bulk_in), 328 buffer, USBTMC_BUFSIZE, 329 &actual, 300); 330 331 print_hex_dump_debug("usbtmc ", DUMP_PREFIX_NONE, 16, 1, 332 buffer, actual, true); 333 334 n++; 335 336 if (rv < 0) { 337 dev_err(dev, "usb_bulk_msg returned %d\n", rv); 338 if (rv != -ETIMEDOUT) 339 goto exit; 340 } 341 342 if (actual == USBTMC_BUFSIZE) 343 goto usbtmc_abort_bulk_in_status; 344 345 if (n >= USBTMC_MAX_READS_TO_CLEAR_BULK_IN) { 346 dev_err(dev, "Couldn't clear device buffer within %d cycles\n", 347 USBTMC_MAX_READS_TO_CLEAR_BULK_IN); 348 rv = -EPERM; 349 goto exit; 350 } 351 352 rv = usb_control_msg(data->usb_dev, 353 usb_rcvctrlpipe(data->usb_dev, 0), 354 USBTMC_REQUEST_CHECK_ABORT_BULK_IN_STATUS, 355 USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_ENDPOINT, 356 0, data->bulk_in, buffer, 0x08, 357 USB_CTRL_GET_TIMEOUT); 358 359 if (rv < 0) { 360 dev_err(dev, "usb_control_msg returned %d\n", rv); 361 goto exit; 362 } 363 364 dev_dbg(dev, "CHECK_ABORT_BULK_IN returned %x\n", buffer[0]); 365 366 if (buffer[0] == USBTMC_STATUS_SUCCESS) { 367 rv = 0; 368 goto exit; 369 } 370 371 if (buffer[0] != USBTMC_STATUS_PENDING) { 372 dev_err(dev, "CHECK_ABORT_BULK_IN returned %x\n", buffer[0]); 373 rv = -EPERM; 374 goto exit; 375 } 376 377 if ((buffer[1] & 1) > 0) { 378 /* The device has 1 or more queued packets the Host can read */ 379 goto usbtmc_abort_bulk_in_status; 380 } 381 382 /* The Host must send CHECK_ABORT_BULK_IN_STATUS at a later time. */ 383 rv = -EAGAIN; 384 exit: 385 kfree(buffer); 386 return rv; 387 } 388 389 static int usbtmc_ioctl_abort_bulk_in(struct usbtmc_device_data *data) 390 { 391 return usbtmc_ioctl_abort_bulk_in_tag(data, data->bTag_last_read); 392 } 393 394 static int usbtmc_ioctl_abort_bulk_out_tag(struct usbtmc_device_data *data, 395 u8 tag) 396 { 397 struct device *dev; 398 u8 *buffer; 399 int rv; 400 int n; 401 402 dev = &data->intf->dev; 403 404 buffer = kmalloc(8, GFP_KERNEL); 405 if (!buffer) 406 return -ENOMEM; 407 408 rv = usb_control_msg(data->usb_dev, 409 usb_rcvctrlpipe(data->usb_dev, 0), 410 USBTMC_REQUEST_INITIATE_ABORT_BULK_OUT, 411 USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_ENDPOINT, 412 tag, data->bulk_out, 413 buffer, 2, USB_CTRL_GET_TIMEOUT); 414 415 if (rv < 0) { 416 dev_err(dev, "usb_control_msg returned %d\n", rv); 417 goto exit; 418 } 419 420 dev_dbg(dev, "INITIATE_ABORT_BULK_OUT returned %x\n", buffer[0]); 421 422 if (buffer[0] != USBTMC_STATUS_SUCCESS) { 423 dev_err(dev, "INITIATE_ABORT_BULK_OUT returned %x\n", 424 buffer[0]); 425 rv = -EPERM; 426 goto exit; 427 } 428 429 n = 0; 430 431 usbtmc_abort_bulk_out_check_status: 432 /* do not stress device with subsequent requests */ 433 msleep(50); 434 rv = usb_control_msg(data->usb_dev, 435 usb_rcvctrlpipe(data->usb_dev, 0), 436 USBTMC_REQUEST_CHECK_ABORT_BULK_OUT_STATUS, 437 USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_ENDPOINT, 438 0, data->bulk_out, buffer, 0x08, 439 USB_CTRL_GET_TIMEOUT); 440 n++; 441 if (rv < 0) { 442 dev_err(dev, "usb_control_msg returned %d\n", rv); 443 goto exit; 444 } 445 446 dev_dbg(dev, "CHECK_ABORT_BULK_OUT returned %x\n", buffer[0]); 447 448 if (buffer[0] == USBTMC_STATUS_SUCCESS) 449 goto usbtmc_abort_bulk_out_clear_halt; 450 451 if ((buffer[0] == USBTMC_STATUS_PENDING) && 452 (n < USBTMC_MAX_READS_TO_CLEAR_BULK_IN)) 453 goto usbtmc_abort_bulk_out_check_status; 454 455 rv = -EPERM; 456 goto exit; 457 458 usbtmc_abort_bulk_out_clear_halt: 459 rv = usb_clear_halt(data->usb_dev, 460 usb_sndbulkpipe(data->usb_dev, data->bulk_out)); 461 462 if (rv < 0) { 463 dev_err(dev, "usb_control_msg returned %d\n", rv); 464 goto exit; 465 } 466 rv = 0; 467 468 exit: 469 kfree(buffer); 470 return rv; 471 } 472 473 static int usbtmc_ioctl_abort_bulk_out(struct usbtmc_device_data *data) 474 { 475 return usbtmc_ioctl_abort_bulk_out_tag(data, data->bTag_last_write); 476 } 477 478 static int usbtmc_get_stb(struct usbtmc_file_data *file_data, __u8 *stb) 479 { 480 struct usbtmc_device_data *data = file_data->data; 481 struct device *dev = &data->intf->dev; 482 u8 *buffer; 483 u8 tag; 484 int rv; 485 long wait_rv; 486 unsigned long expire; 487 488 dev_dbg(dev, "Enter ioctl_read_stb iin_ep_present: %d\n", 489 data->iin_ep_present); 490 491 buffer = kmalloc(8, GFP_KERNEL); 492 if (!buffer) 493 return -ENOMEM; 494 495 atomic_set(&data->iin_data_valid, 0); 496 497 rv = usb_control_msg(data->usb_dev, 498 usb_rcvctrlpipe(data->usb_dev, 0), 499 USBTMC488_REQUEST_READ_STATUS_BYTE, 500 USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_INTERFACE, 501 data->iin_bTag, 502 data->ifnum, 503 buffer, 0x03, USB_CTRL_GET_TIMEOUT); 504 if (rv < 0) { 505 dev_err(dev, "stb usb_control_msg returned %d\n", rv); 506 goto exit; 507 } 508 509 if (buffer[0] != USBTMC_STATUS_SUCCESS) { 510 dev_err(dev, "control status returned %x\n", buffer[0]); 511 rv = -EIO; 512 goto exit; 513 } 514 515 if (data->iin_ep_present) { 516 expire = msecs_to_jiffies(file_data->timeout); 517 wait_rv = wait_event_interruptible_timeout( 518 data->waitq, 519 atomic_read(&data->iin_data_valid) != 0, 520 expire); 521 if (wait_rv < 0) { 522 dev_dbg(dev, "wait interrupted %ld\n", wait_rv); 523 rv = wait_rv; 524 goto exit; 525 } 526 527 if (wait_rv == 0) { 528 dev_dbg(dev, "wait timed out\n"); 529 rv = -ETIMEDOUT; 530 goto exit; 531 } 532 533 tag = data->bNotify1 & 0x7f; 534 if (tag != data->iin_bTag) { 535 dev_err(dev, "expected bTag %x got %x\n", 536 data->iin_bTag, tag); 537 } 538 539 *stb = data->bNotify2; 540 } else { 541 *stb = buffer[2]; 542 } 543 544 dev_dbg(dev, "stb:0x%02x received %d\n", (unsigned int)*stb, rv); 545 546 rv = 0; 547 548 exit: 549 /* bump interrupt bTag */ 550 data->iin_bTag += 1; 551 if (data->iin_bTag > 127) 552 /* 1 is for SRQ see USBTMC-USB488 subclass spec section 4.3.1 */ 553 data->iin_bTag = 2; 554 555 kfree(buffer); 556 return rv; 557 } 558 559 static int usbtmc488_ioctl_read_stb(struct usbtmc_file_data *file_data, 560 void __user *arg) 561 { 562 int srq_asserted = 0; 563 __u8 stb; 564 int rv; 565 566 rv = usbtmc_get_stb(file_data, &stb); 567 568 if (rv < 0) 569 return rv; 570 571 srq_asserted = atomic_xchg(&file_data->srq_asserted, srq_asserted); 572 if (srq_asserted) 573 stb |= 0x40; /* Set RQS bit */ 574 575 rv = put_user(stb, (__u8 __user *)arg); 576 577 return rv; 578 579 } 580 581 static int usbtmc_ioctl_get_srq_stb(struct usbtmc_file_data *file_data, 582 void __user *arg) 583 { 584 struct usbtmc_device_data *data = file_data->data; 585 struct device *dev = &data->intf->dev; 586 int srq_asserted = 0; 587 __u8 stb = 0; 588 int rv; 589 590 spin_lock_irq(&data->dev_lock); 591 srq_asserted = atomic_xchg(&file_data->srq_asserted, srq_asserted); 592 593 if (srq_asserted) { 594 stb = file_data->srq_byte; 595 spin_unlock_irq(&data->dev_lock); 596 rv = put_user(stb, (__u8 __user *)arg); 597 } else { 598 spin_unlock_irq(&data->dev_lock); 599 rv = -ENOMSG; 600 } 601 602 dev_dbg(dev, "stb:0x%02x with srq received %d\n", (unsigned int)stb, rv); 603 604 return rv; 605 } 606 607 static int usbtmc488_ioctl_wait_srq(struct usbtmc_file_data *file_data, 608 __u32 __user *arg) 609 { 610 struct usbtmc_device_data *data = file_data->data; 611 struct device *dev = &data->intf->dev; 612 u32 timeout; 613 unsigned long expire; 614 long wait_rv; 615 616 if (!data->iin_ep_present) { 617 dev_dbg(dev, "no interrupt endpoint present\n"); 618 return -EFAULT; 619 } 620 621 if (get_user(timeout, arg)) 622 return -EFAULT; 623 624 expire = msecs_to_jiffies(timeout); 625 626 mutex_unlock(&data->io_mutex); 627 628 wait_rv = wait_event_interruptible_timeout( 629 data->waitq, 630 atomic_read(&file_data->srq_asserted) != 0 || 631 atomic_read(&file_data->closing), 632 expire); 633 634 mutex_lock(&data->io_mutex); 635 636 /* Note! disconnect or close could be called in the meantime */ 637 if (atomic_read(&file_data->closing) || data->zombie) 638 return -ENODEV; 639 640 if (wait_rv < 0) { 641 dev_dbg(dev, "%s - wait interrupted %ld\n", __func__, wait_rv); 642 return wait_rv; 643 } 644 645 if (wait_rv == 0) { 646 dev_dbg(dev, "%s - wait timed out\n", __func__); 647 return -ETIMEDOUT; 648 } 649 650 dev_dbg(dev, "%s - srq asserted\n", __func__); 651 return 0; 652 } 653 654 static int usbtmc488_ioctl_simple(struct usbtmc_device_data *data, 655 void __user *arg, unsigned int cmd) 656 { 657 struct device *dev = &data->intf->dev; 658 __u8 val; 659 u8 *buffer; 660 u16 wValue; 661 int rv; 662 663 if (!(data->usb488_caps & USBTMC488_CAPABILITY_SIMPLE)) 664 return -EINVAL; 665 666 buffer = kmalloc(8, GFP_KERNEL); 667 if (!buffer) 668 return -ENOMEM; 669 670 if (cmd == USBTMC488_REQUEST_REN_CONTROL) { 671 rv = copy_from_user(&val, arg, sizeof(val)); 672 if (rv) { 673 rv = -EFAULT; 674 goto exit; 675 } 676 wValue = val ? 1 : 0; 677 } else { 678 wValue = 0; 679 } 680 681 rv = usb_control_msg(data->usb_dev, 682 usb_rcvctrlpipe(data->usb_dev, 0), 683 cmd, 684 USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_INTERFACE, 685 wValue, 686 data->ifnum, 687 buffer, 0x01, USB_CTRL_GET_TIMEOUT); 688 if (rv < 0) { 689 dev_err(dev, "simple usb_control_msg failed %d\n", rv); 690 goto exit; 691 } else if (rv != 1) { 692 dev_warn(dev, "simple usb_control_msg returned %d\n", rv); 693 rv = -EIO; 694 goto exit; 695 } 696 697 if (buffer[0] != USBTMC_STATUS_SUCCESS) { 698 dev_err(dev, "simple control status returned %x\n", buffer[0]); 699 rv = -EIO; 700 goto exit; 701 } 702 rv = 0; 703 704 exit: 705 kfree(buffer); 706 return rv; 707 } 708 709 /* 710 * Sends a TRIGGER Bulk-OUT command message 711 * See the USBTMC-USB488 specification, Table 2. 712 * 713 * Also updates bTag_last_write. 714 */ 715 static int usbtmc488_ioctl_trigger(struct usbtmc_file_data *file_data) 716 { 717 struct usbtmc_device_data *data = file_data->data; 718 int retval; 719 u8 *buffer; 720 int actual; 721 722 buffer = kzalloc(USBTMC_HEADER_SIZE, GFP_KERNEL); 723 if (!buffer) 724 return -ENOMEM; 725 726 buffer[0] = 128; 727 buffer[1] = data->bTag; 728 buffer[2] = ~data->bTag; 729 730 retval = usb_bulk_msg(data->usb_dev, 731 usb_sndbulkpipe(data->usb_dev, 732 data->bulk_out), 733 buffer, USBTMC_HEADER_SIZE, 734 &actual, file_data->timeout); 735 736 /* Store bTag (in case we need to abort) */ 737 data->bTag_last_write = data->bTag; 738 739 /* Increment bTag -- and increment again if zero */ 740 data->bTag++; 741 if (!data->bTag) 742 data->bTag++; 743 744 kfree(buffer); 745 if (retval < 0) { 746 dev_err(&data->intf->dev, "%s returned %d\n", 747 __func__, retval); 748 return retval; 749 } 750 751 return 0; 752 } 753 754 static struct urb *usbtmc_create_urb(void) 755 { 756 const size_t bufsize = USBTMC_BUFSIZE; 757 u8 *dmabuf = NULL; 758 struct urb *urb = usb_alloc_urb(0, GFP_KERNEL); 759 760 if (!urb) 761 return NULL; 762 763 dmabuf = kzalloc(bufsize, GFP_KERNEL); 764 if (!dmabuf) { 765 usb_free_urb(urb); 766 return NULL; 767 } 768 769 urb->transfer_buffer = dmabuf; 770 urb->transfer_buffer_length = bufsize; 771 urb->transfer_flags |= URB_FREE_BUFFER; 772 return urb; 773 } 774 775 static void usbtmc_read_bulk_cb(struct urb *urb) 776 { 777 struct usbtmc_file_data *file_data = urb->context; 778 int status = urb->status; 779 unsigned long flags; 780 781 /* sync/async unlink faults aren't errors */ 782 if (status) { 783 if (!(/* status == -ENOENT || */ 784 status == -ECONNRESET || 785 status == -EREMOTEIO || /* Short packet */ 786 status == -ESHUTDOWN)) 787 dev_err(&file_data->data->intf->dev, 788 "%s - nonzero read bulk status received: %d\n", 789 __func__, status); 790 791 spin_lock_irqsave(&file_data->err_lock, flags); 792 if (!file_data->in_status) 793 file_data->in_status = status; 794 spin_unlock_irqrestore(&file_data->err_lock, flags); 795 } 796 797 spin_lock_irqsave(&file_data->err_lock, flags); 798 file_data->in_transfer_size += urb->actual_length; 799 dev_dbg(&file_data->data->intf->dev, 800 "%s - total size: %u current: %d status: %d\n", 801 __func__, file_data->in_transfer_size, 802 urb->actual_length, status); 803 spin_unlock_irqrestore(&file_data->err_lock, flags); 804 usb_anchor_urb(urb, &file_data->in_anchor); 805 806 wake_up_interruptible(&file_data->wait_bulk_in); 807 wake_up_interruptible(&file_data->data->waitq); 808 } 809 810 static inline bool usbtmc_do_transfer(struct usbtmc_file_data *file_data) 811 { 812 bool data_or_error; 813 814 spin_lock_irq(&file_data->err_lock); 815 data_or_error = !usb_anchor_empty(&file_data->in_anchor) 816 || file_data->in_status; 817 spin_unlock_irq(&file_data->err_lock); 818 dev_dbg(&file_data->data->intf->dev, "%s: returns %d\n", __func__, 819 data_or_error); 820 return data_or_error; 821 } 822 823 static ssize_t usbtmc_generic_read(struct usbtmc_file_data *file_data, 824 void __user *user_buffer, 825 u32 transfer_size, 826 u32 *transferred, 827 u32 flags) 828 { 829 struct usbtmc_device_data *data = file_data->data; 830 struct device *dev = &data->intf->dev; 831 u32 done = 0; 832 u32 remaining; 833 const u32 bufsize = USBTMC_BUFSIZE; 834 int retval = 0; 835 u32 max_transfer_size; 836 unsigned long expire; 837 int bufcount = 1; 838 int again = 0; 839 long wait_rv; 840 841 /* mutex already locked */ 842 843 *transferred = done; 844 845 max_transfer_size = transfer_size; 846 847 if (flags & USBTMC_FLAG_IGNORE_TRAILER) { 848 /* The device may send extra alignment bytes (up to 849 * wMaxPacketSize – 1) to avoid sending a zero-length 850 * packet 851 */ 852 remaining = transfer_size; 853 if ((max_transfer_size % data->wMaxPacketSize) == 0) 854 max_transfer_size += (data->wMaxPacketSize - 1); 855 } else { 856 /* round down to bufsize to avoid truncated data left */ 857 if (max_transfer_size > bufsize) { 858 max_transfer_size = 859 roundup(max_transfer_size + 1 - bufsize, 860 bufsize); 861 } 862 remaining = max_transfer_size; 863 } 864 865 spin_lock_irq(&file_data->err_lock); 866 867 if (file_data->in_status) { 868 /* return the very first error */ 869 retval = file_data->in_status; 870 spin_unlock_irq(&file_data->err_lock); 871 goto error; 872 } 873 874 if (flags & USBTMC_FLAG_ASYNC) { 875 if (usb_anchor_empty(&file_data->in_anchor)) 876 again = 1; 877 878 if (file_data->in_urbs_used == 0) { 879 file_data->in_transfer_size = 0; 880 file_data->in_status = 0; 881 } 882 } else { 883 file_data->in_transfer_size = 0; 884 file_data->in_status = 0; 885 } 886 887 if (max_transfer_size == 0) { 888 bufcount = 0; 889 } else { 890 bufcount = roundup(max_transfer_size, bufsize) / bufsize; 891 if (bufcount > file_data->in_urbs_used) 892 bufcount -= file_data->in_urbs_used; 893 else 894 bufcount = 0; 895 896 if (bufcount + file_data->in_urbs_used > MAX_URBS_IN_FLIGHT) { 897 bufcount = MAX_URBS_IN_FLIGHT - 898 file_data->in_urbs_used; 899 } 900 } 901 spin_unlock_irq(&file_data->err_lock); 902 903 dev_dbg(dev, "%s: requested=%u flags=0x%X size=%u bufs=%d used=%d\n", 904 __func__, transfer_size, flags, 905 max_transfer_size, bufcount, file_data->in_urbs_used); 906 907 while (bufcount > 0) { 908 u8 *dmabuf = NULL; 909 struct urb *urb = usbtmc_create_urb(); 910 911 if (!urb) { 912 retval = -ENOMEM; 913 goto error; 914 } 915 916 dmabuf = urb->transfer_buffer; 917 918 usb_fill_bulk_urb(urb, data->usb_dev, 919 usb_rcvbulkpipe(data->usb_dev, data->bulk_in), 920 dmabuf, bufsize, 921 usbtmc_read_bulk_cb, file_data); 922 923 usb_anchor_urb(urb, &file_data->submitted); 924 retval = usb_submit_urb(urb, GFP_KERNEL); 925 /* urb is anchored. We can release our reference. */ 926 usb_free_urb(urb); 927 if (unlikely(retval)) { 928 usb_unanchor_urb(urb); 929 goto error; 930 } 931 file_data->in_urbs_used++; 932 bufcount--; 933 } 934 935 if (again) { 936 dev_dbg(dev, "%s: ret=again\n", __func__); 937 return -EAGAIN; 938 } 939 940 if (user_buffer == NULL) 941 return -EINVAL; 942 943 expire = msecs_to_jiffies(file_data->timeout); 944 945 while (max_transfer_size > 0) { 946 u32 this_part; 947 struct urb *urb = NULL; 948 949 if (!(flags & USBTMC_FLAG_ASYNC)) { 950 dev_dbg(dev, "%s: before wait time %lu\n", 951 __func__, expire); 952 wait_rv = wait_event_interruptible_timeout( 953 file_data->wait_bulk_in, 954 usbtmc_do_transfer(file_data), 955 expire); 956 957 dev_dbg(dev, "%s: wait returned %ld\n", 958 __func__, wait_rv); 959 960 if (wait_rv < 0) { 961 retval = wait_rv; 962 goto error; 963 } 964 965 if (wait_rv == 0) { 966 retval = -ETIMEDOUT; 967 goto error; 968 } 969 970 } 971 972 urb = usb_get_from_anchor(&file_data->in_anchor); 973 if (!urb) { 974 if (!(flags & USBTMC_FLAG_ASYNC)) { 975 /* synchronous case: must not happen */ 976 retval = -EFAULT; 977 goto error; 978 } 979 980 /* asynchronous case: ready, do not block or wait */ 981 *transferred = done; 982 dev_dbg(dev, "%s: (async) done=%u ret=0\n", 983 __func__, done); 984 return 0; 985 } 986 987 file_data->in_urbs_used--; 988 989 if (max_transfer_size > urb->actual_length) 990 max_transfer_size -= urb->actual_length; 991 else 992 max_transfer_size = 0; 993 994 if (remaining > urb->actual_length) 995 this_part = urb->actual_length; 996 else 997 this_part = remaining; 998 999 print_hex_dump_debug("usbtmc ", DUMP_PREFIX_NONE, 16, 1, 1000 urb->transfer_buffer, urb->actual_length, true); 1001 1002 if (copy_to_user(user_buffer + done, 1003 urb->transfer_buffer, this_part)) { 1004 usb_free_urb(urb); 1005 retval = -EFAULT; 1006 goto error; 1007 } 1008 1009 remaining -= this_part; 1010 done += this_part; 1011 1012 spin_lock_irq(&file_data->err_lock); 1013 if (urb->status) { 1014 /* return the very first error */ 1015 retval = file_data->in_status; 1016 spin_unlock_irq(&file_data->err_lock); 1017 usb_free_urb(urb); 1018 goto error; 1019 } 1020 spin_unlock_irq(&file_data->err_lock); 1021 1022 if (urb->actual_length < bufsize) { 1023 /* short packet or ZLP received => ready */ 1024 usb_free_urb(urb); 1025 retval = 1; 1026 break; 1027 } 1028 1029 if (!(flags & USBTMC_FLAG_ASYNC) && 1030 max_transfer_size > (bufsize * file_data->in_urbs_used)) { 1031 /* resubmit, since other buffers still not enough */ 1032 usb_anchor_urb(urb, &file_data->submitted); 1033 retval = usb_submit_urb(urb, GFP_KERNEL); 1034 if (unlikely(retval)) { 1035 usb_unanchor_urb(urb); 1036 usb_free_urb(urb); 1037 goto error; 1038 } 1039 file_data->in_urbs_used++; 1040 } 1041 usb_free_urb(urb); 1042 retval = 0; 1043 } 1044 1045 error: 1046 *transferred = done; 1047 1048 dev_dbg(dev, "%s: before kill\n", __func__); 1049 /* Attention: killing urbs can take long time (2 ms) */ 1050 usb_kill_anchored_urbs(&file_data->submitted); 1051 dev_dbg(dev, "%s: after kill\n", __func__); 1052 usb_scuttle_anchored_urbs(&file_data->in_anchor); 1053 file_data->in_urbs_used = 0; 1054 file_data->in_status = 0; /* no spinlock needed here */ 1055 dev_dbg(dev, "%s: done=%u ret=%d\n", __func__, done, retval); 1056 1057 return retval; 1058 } 1059 1060 static ssize_t usbtmc_ioctl_generic_read(struct usbtmc_file_data *file_data, 1061 void __user *arg) 1062 { 1063 struct usbtmc_message msg; 1064 ssize_t retval = 0; 1065 1066 /* mutex already locked */ 1067 1068 if (copy_from_user(&msg, arg, sizeof(struct usbtmc_message))) 1069 return -EFAULT; 1070 1071 retval = usbtmc_generic_read(file_data, msg.message, 1072 msg.transfer_size, &msg.transferred, 1073 msg.flags); 1074 1075 if (put_user(msg.transferred, 1076 &((struct usbtmc_message __user *)arg)->transferred)) 1077 return -EFAULT; 1078 1079 return retval; 1080 } 1081 1082 static void usbtmc_write_bulk_cb(struct urb *urb) 1083 { 1084 struct usbtmc_file_data *file_data = urb->context; 1085 int wakeup = 0; 1086 unsigned long flags; 1087 1088 spin_lock_irqsave(&file_data->err_lock, flags); 1089 file_data->out_transfer_size += urb->actual_length; 1090 1091 /* sync/async unlink faults aren't errors */ 1092 if (urb->status) { 1093 if (!(urb->status == -ENOENT || 1094 urb->status == -ECONNRESET || 1095 urb->status == -ESHUTDOWN)) 1096 dev_err(&file_data->data->intf->dev, 1097 "%s - nonzero write bulk status received: %d\n", 1098 __func__, urb->status); 1099 1100 if (!file_data->out_status) { 1101 file_data->out_status = urb->status; 1102 wakeup = 1; 1103 } 1104 } 1105 spin_unlock_irqrestore(&file_data->err_lock, flags); 1106 1107 dev_dbg(&file_data->data->intf->dev, 1108 "%s - write bulk total size: %u\n", 1109 __func__, file_data->out_transfer_size); 1110 1111 up(&file_data->limit_write_sem); 1112 if (usb_anchor_empty(&file_data->submitted) || wakeup) 1113 wake_up_interruptible(&file_data->data->waitq); 1114 } 1115 1116 static ssize_t usbtmc_generic_write(struct usbtmc_file_data *file_data, 1117 const void __user *user_buffer, 1118 u32 transfer_size, 1119 u32 *transferred, 1120 u32 flags) 1121 { 1122 struct usbtmc_device_data *data = file_data->data; 1123 struct device *dev; 1124 u32 done = 0; 1125 u32 remaining; 1126 unsigned long expire; 1127 const u32 bufsize = USBTMC_BUFSIZE; 1128 struct urb *urb = NULL; 1129 int retval = 0; 1130 u32 timeout; 1131 1132 *transferred = 0; 1133 1134 /* Get pointer to private data structure */ 1135 dev = &data->intf->dev; 1136 1137 dev_dbg(dev, "%s: size=%u flags=0x%X sema=%u\n", 1138 __func__, transfer_size, flags, 1139 file_data->limit_write_sem.count); 1140 1141 if (flags & USBTMC_FLAG_APPEND) { 1142 spin_lock_irq(&file_data->err_lock); 1143 retval = file_data->out_status; 1144 spin_unlock_irq(&file_data->err_lock); 1145 if (retval < 0) 1146 return retval; 1147 } else { 1148 spin_lock_irq(&file_data->err_lock); 1149 file_data->out_transfer_size = 0; 1150 file_data->out_status = 0; 1151 spin_unlock_irq(&file_data->err_lock); 1152 } 1153 1154 remaining = transfer_size; 1155 if (remaining > INT_MAX) 1156 remaining = INT_MAX; 1157 1158 timeout = file_data->timeout; 1159 expire = msecs_to_jiffies(timeout); 1160 1161 while (remaining > 0) { 1162 u32 this_part, aligned; 1163 u8 *buffer = NULL; 1164 1165 if (flags & USBTMC_FLAG_ASYNC) { 1166 if (down_trylock(&file_data->limit_write_sem)) { 1167 retval = (done)?(0):(-EAGAIN); 1168 goto exit; 1169 } 1170 } else { 1171 retval = down_timeout(&file_data->limit_write_sem, 1172 expire); 1173 if (retval < 0) { 1174 retval = -ETIMEDOUT; 1175 goto error; 1176 } 1177 } 1178 1179 spin_lock_irq(&file_data->err_lock); 1180 retval = file_data->out_status; 1181 spin_unlock_irq(&file_data->err_lock); 1182 if (retval < 0) { 1183 up(&file_data->limit_write_sem); 1184 goto error; 1185 } 1186 1187 /* prepare next urb to send */ 1188 urb = usbtmc_create_urb(); 1189 if (!urb) { 1190 retval = -ENOMEM; 1191 up(&file_data->limit_write_sem); 1192 goto error; 1193 } 1194 buffer = urb->transfer_buffer; 1195 1196 if (remaining > bufsize) 1197 this_part = bufsize; 1198 else 1199 this_part = remaining; 1200 1201 if (copy_from_user(buffer, user_buffer + done, this_part)) { 1202 retval = -EFAULT; 1203 up(&file_data->limit_write_sem); 1204 goto error; 1205 } 1206 1207 print_hex_dump_debug("usbtmc ", DUMP_PREFIX_NONE, 1208 16, 1, buffer, this_part, true); 1209 1210 /* fill bulk with 32 bit alignment to meet USBTMC specification 1211 * (size + 3 & ~3) rounds up and simplifies user code 1212 */ 1213 aligned = (this_part + 3) & ~3; 1214 dev_dbg(dev, "write(size:%u align:%u done:%u)\n", 1215 (unsigned int)this_part, 1216 (unsigned int)aligned, 1217 (unsigned int)done); 1218 1219 usb_fill_bulk_urb(urb, data->usb_dev, 1220 usb_sndbulkpipe(data->usb_dev, data->bulk_out), 1221 urb->transfer_buffer, aligned, 1222 usbtmc_write_bulk_cb, file_data); 1223 1224 usb_anchor_urb(urb, &file_data->submitted); 1225 retval = usb_submit_urb(urb, GFP_KERNEL); 1226 if (unlikely(retval)) { 1227 usb_unanchor_urb(urb); 1228 up(&file_data->limit_write_sem); 1229 goto error; 1230 } 1231 1232 usb_free_urb(urb); 1233 urb = NULL; /* urb will be finally released by usb driver */ 1234 1235 remaining -= this_part; 1236 done += this_part; 1237 } 1238 1239 /* All urbs are on the fly */ 1240 if (!(flags & USBTMC_FLAG_ASYNC)) { 1241 if (!usb_wait_anchor_empty_timeout(&file_data->submitted, 1242 timeout)) { 1243 retval = -ETIMEDOUT; 1244 goto error; 1245 } 1246 } 1247 1248 retval = 0; 1249 goto exit; 1250 1251 error: 1252 usb_kill_anchored_urbs(&file_data->submitted); 1253 exit: 1254 usb_free_urb(urb); 1255 1256 spin_lock_irq(&file_data->err_lock); 1257 if (!(flags & USBTMC_FLAG_ASYNC)) 1258 done = file_data->out_transfer_size; 1259 if (!retval && file_data->out_status) 1260 retval = file_data->out_status; 1261 spin_unlock_irq(&file_data->err_lock); 1262 1263 *transferred = done; 1264 1265 dev_dbg(dev, "%s: done=%u, retval=%d, urbstat=%d\n", 1266 __func__, done, retval, file_data->out_status); 1267 1268 return retval; 1269 } 1270 1271 static ssize_t usbtmc_ioctl_generic_write(struct usbtmc_file_data *file_data, 1272 void __user *arg) 1273 { 1274 struct usbtmc_message msg; 1275 ssize_t retval = 0; 1276 1277 /* mutex already locked */ 1278 1279 if (copy_from_user(&msg, arg, sizeof(struct usbtmc_message))) 1280 return -EFAULT; 1281 1282 retval = usbtmc_generic_write(file_data, msg.message, 1283 msg.transfer_size, &msg.transferred, 1284 msg.flags); 1285 1286 if (put_user(msg.transferred, 1287 &((struct usbtmc_message __user *)arg)->transferred)) 1288 return -EFAULT; 1289 1290 return retval; 1291 } 1292 1293 /* 1294 * Get the generic write result 1295 */ 1296 static ssize_t usbtmc_ioctl_write_result(struct usbtmc_file_data *file_data, 1297 void __user *arg) 1298 { 1299 u32 transferred; 1300 int retval; 1301 1302 spin_lock_irq(&file_data->err_lock); 1303 transferred = file_data->out_transfer_size; 1304 retval = file_data->out_status; 1305 spin_unlock_irq(&file_data->err_lock); 1306 1307 if (put_user(transferred, (__u32 __user *)arg)) 1308 return -EFAULT; 1309 1310 return retval; 1311 } 1312 1313 /* 1314 * Sends a REQUEST_DEV_DEP_MSG_IN message on the Bulk-OUT endpoint. 1315 * @transfer_size: number of bytes to request from the device. 1316 * 1317 * See the USBTMC specification, Table 4. 1318 * 1319 * Also updates bTag_last_write. 1320 */ 1321 static int send_request_dev_dep_msg_in(struct usbtmc_file_data *file_data, 1322 u32 transfer_size) 1323 { 1324 struct usbtmc_device_data *data = file_data->data; 1325 int retval; 1326 u8 *buffer; 1327 int actual; 1328 1329 buffer = kmalloc(USBTMC_HEADER_SIZE, GFP_KERNEL); 1330 if (!buffer) 1331 return -ENOMEM; 1332 /* Setup IO buffer for REQUEST_DEV_DEP_MSG_IN message 1333 * Refer to class specs for details 1334 */ 1335 buffer[0] = 2; 1336 buffer[1] = data->bTag; 1337 buffer[2] = ~data->bTag; 1338 buffer[3] = 0; /* Reserved */ 1339 buffer[4] = transfer_size >> 0; 1340 buffer[5] = transfer_size >> 8; 1341 buffer[6] = transfer_size >> 16; 1342 buffer[7] = transfer_size >> 24; 1343 buffer[8] = file_data->term_char_enabled * 2; 1344 /* Use term character? */ 1345 buffer[9] = file_data->term_char; 1346 buffer[10] = 0; /* Reserved */ 1347 buffer[11] = 0; /* Reserved */ 1348 1349 /* Send bulk URB */ 1350 retval = usb_bulk_msg(data->usb_dev, 1351 usb_sndbulkpipe(data->usb_dev, 1352 data->bulk_out), 1353 buffer, USBTMC_HEADER_SIZE, 1354 &actual, file_data->timeout); 1355 1356 /* Store bTag (in case we need to abort) */ 1357 data->bTag_last_write = data->bTag; 1358 1359 /* Increment bTag -- and increment again if zero */ 1360 data->bTag++; 1361 if (!data->bTag) 1362 data->bTag++; 1363 1364 kfree(buffer); 1365 if (retval < 0) 1366 dev_err(&data->intf->dev, "%s returned %d\n", 1367 __func__, retval); 1368 1369 return retval; 1370 } 1371 1372 static ssize_t usbtmc_read(struct file *filp, char __user *buf, 1373 size_t count, loff_t *f_pos) 1374 { 1375 struct usbtmc_file_data *file_data; 1376 struct usbtmc_device_data *data; 1377 struct device *dev; 1378 const u32 bufsize = USBTMC_BUFSIZE; 1379 u32 n_characters; 1380 u8 *buffer; 1381 int actual; 1382 u32 done = 0; 1383 u32 remaining; 1384 int retval; 1385 1386 /* Get pointer to private data structure */ 1387 file_data = filp->private_data; 1388 data = file_data->data; 1389 dev = &data->intf->dev; 1390 1391 buffer = kmalloc(bufsize, GFP_KERNEL); 1392 if (!buffer) 1393 return -ENOMEM; 1394 1395 retval = mutex_lock_interruptible(&data->io_mutex); 1396 if (retval < 0) 1397 goto exit_nolock; 1398 1399 if (data->zombie) { 1400 retval = -ENODEV; 1401 goto exit; 1402 } 1403 1404 if (count > INT_MAX) 1405 count = INT_MAX; 1406 1407 dev_dbg(dev, "%s(count:%zu)\n", __func__, count); 1408 1409 retval = send_request_dev_dep_msg_in(file_data, count); 1410 1411 if (retval < 0) { 1412 if (file_data->auto_abort) 1413 usbtmc_ioctl_abort_bulk_out(data); 1414 goto exit; 1415 } 1416 1417 /* Loop until we have fetched everything we requested */ 1418 remaining = count; 1419 actual = 0; 1420 1421 /* Send bulk URB */ 1422 retval = usb_bulk_msg(data->usb_dev, 1423 usb_rcvbulkpipe(data->usb_dev, 1424 data->bulk_in), 1425 buffer, bufsize, &actual, 1426 file_data->timeout); 1427 1428 dev_dbg(dev, "%s: bulk_msg retval(%u), actual(%d)\n", 1429 __func__, retval, actual); 1430 1431 /* Store bTag (in case we need to abort) */ 1432 data->bTag_last_read = data->bTag; 1433 1434 if (retval < 0) { 1435 if (file_data->auto_abort) 1436 usbtmc_ioctl_abort_bulk_in(data); 1437 goto exit; 1438 } 1439 1440 /* Sanity checks for the header */ 1441 if (actual < USBTMC_HEADER_SIZE) { 1442 dev_err(dev, "Device sent too small first packet: %u < %u\n", 1443 actual, USBTMC_HEADER_SIZE); 1444 if (file_data->auto_abort) 1445 usbtmc_ioctl_abort_bulk_in(data); 1446 goto exit; 1447 } 1448 1449 if (buffer[0] != 2) { 1450 dev_err(dev, "Device sent reply with wrong MsgID: %u != 2\n", 1451 buffer[0]); 1452 if (file_data->auto_abort) 1453 usbtmc_ioctl_abort_bulk_in(data); 1454 goto exit; 1455 } 1456 1457 if (buffer[1] != data->bTag_last_write) { 1458 dev_err(dev, "Device sent reply with wrong bTag: %u != %u\n", 1459 buffer[1], data->bTag_last_write); 1460 if (file_data->auto_abort) 1461 usbtmc_ioctl_abort_bulk_in(data); 1462 goto exit; 1463 } 1464 1465 /* How many characters did the instrument send? */ 1466 n_characters = buffer[4] + 1467 (buffer[5] << 8) + 1468 (buffer[6] << 16) + 1469 (buffer[7] << 24); 1470 1471 file_data->bmTransferAttributes = buffer[8]; 1472 1473 dev_dbg(dev, "Bulk-IN header: N_characters(%u), bTransAttr(%u)\n", 1474 n_characters, buffer[8]); 1475 1476 if (n_characters > remaining) { 1477 dev_err(dev, "Device wants to return more data than requested: %u > %zu\n", 1478 n_characters, count); 1479 if (file_data->auto_abort) 1480 usbtmc_ioctl_abort_bulk_in(data); 1481 goto exit; 1482 } 1483 1484 print_hex_dump_debug("usbtmc ", DUMP_PREFIX_NONE, 1485 16, 1, buffer, actual, true); 1486 1487 remaining = n_characters; 1488 1489 /* Remove the USBTMC header */ 1490 actual -= USBTMC_HEADER_SIZE; 1491 1492 /* Remove padding if it exists */ 1493 if (actual > remaining) 1494 actual = remaining; 1495 1496 remaining -= actual; 1497 1498 /* Copy buffer to user space */ 1499 if (copy_to_user(buf, &buffer[USBTMC_HEADER_SIZE], actual)) { 1500 /* There must have been an addressing problem */ 1501 retval = -EFAULT; 1502 goto exit; 1503 } 1504 1505 if ((actual + USBTMC_HEADER_SIZE) == bufsize) { 1506 retval = usbtmc_generic_read(file_data, buf + actual, 1507 remaining, 1508 &done, 1509 USBTMC_FLAG_IGNORE_TRAILER); 1510 if (retval < 0) 1511 goto exit; 1512 } 1513 done += actual; 1514 1515 /* Update file position value */ 1516 *f_pos = *f_pos + done; 1517 retval = done; 1518 1519 exit: 1520 mutex_unlock(&data->io_mutex); 1521 exit_nolock: 1522 kfree(buffer); 1523 return retval; 1524 } 1525 1526 static ssize_t usbtmc_write(struct file *filp, const char __user *buf, 1527 size_t count, loff_t *f_pos) 1528 { 1529 struct usbtmc_file_data *file_data; 1530 struct usbtmc_device_data *data; 1531 struct urb *urb = NULL; 1532 ssize_t retval = 0; 1533 u8 *buffer; 1534 u32 remaining, done; 1535 u32 transfersize, aligned, buflen; 1536 1537 file_data = filp->private_data; 1538 data = file_data->data; 1539 1540 mutex_lock(&data->io_mutex); 1541 1542 if (data->zombie) { 1543 retval = -ENODEV; 1544 goto exit; 1545 } 1546 1547 done = 0; 1548 1549 spin_lock_irq(&file_data->err_lock); 1550 file_data->out_transfer_size = 0; 1551 file_data->out_status = 0; 1552 spin_unlock_irq(&file_data->err_lock); 1553 1554 if (!count) 1555 goto exit; 1556 1557 if (down_trylock(&file_data->limit_write_sem)) { 1558 /* previous calls were async */ 1559 retval = -EBUSY; 1560 goto exit; 1561 } 1562 1563 urb = usbtmc_create_urb(); 1564 if (!urb) { 1565 retval = -ENOMEM; 1566 up(&file_data->limit_write_sem); 1567 goto exit; 1568 } 1569 1570 buffer = urb->transfer_buffer; 1571 buflen = urb->transfer_buffer_length; 1572 1573 if (count > INT_MAX) { 1574 transfersize = INT_MAX; 1575 buffer[8] = 0; 1576 } else { 1577 transfersize = count; 1578 buffer[8] = file_data->eom_val; 1579 } 1580 1581 /* Setup IO buffer for DEV_DEP_MSG_OUT message */ 1582 buffer[0] = 1; 1583 buffer[1] = data->bTag; 1584 buffer[2] = ~data->bTag; 1585 buffer[3] = 0; /* Reserved */ 1586 buffer[4] = transfersize >> 0; 1587 buffer[5] = transfersize >> 8; 1588 buffer[6] = transfersize >> 16; 1589 buffer[7] = transfersize >> 24; 1590 /* buffer[8] is set above... */ 1591 buffer[9] = 0; /* Reserved */ 1592 buffer[10] = 0; /* Reserved */ 1593 buffer[11] = 0; /* Reserved */ 1594 1595 remaining = transfersize; 1596 1597 if (transfersize + USBTMC_HEADER_SIZE > buflen) { 1598 transfersize = buflen - USBTMC_HEADER_SIZE; 1599 aligned = buflen; 1600 } else { 1601 aligned = (transfersize + (USBTMC_HEADER_SIZE + 3)) & ~3; 1602 } 1603 1604 if (copy_from_user(&buffer[USBTMC_HEADER_SIZE], buf, transfersize)) { 1605 retval = -EFAULT; 1606 up(&file_data->limit_write_sem); 1607 goto exit; 1608 } 1609 1610 dev_dbg(&data->intf->dev, "%s(size:%u align:%u)\n", __func__, 1611 (unsigned int)transfersize, (unsigned int)aligned); 1612 1613 print_hex_dump_debug("usbtmc ", DUMP_PREFIX_NONE, 1614 16, 1, buffer, aligned, true); 1615 1616 usb_fill_bulk_urb(urb, data->usb_dev, 1617 usb_sndbulkpipe(data->usb_dev, data->bulk_out), 1618 urb->transfer_buffer, aligned, 1619 usbtmc_write_bulk_cb, file_data); 1620 1621 usb_anchor_urb(urb, &file_data->submitted); 1622 retval = usb_submit_urb(urb, GFP_KERNEL); 1623 if (unlikely(retval)) { 1624 usb_unanchor_urb(urb); 1625 up(&file_data->limit_write_sem); 1626 goto exit; 1627 } 1628 1629 remaining -= transfersize; 1630 1631 data->bTag_last_write = data->bTag; 1632 data->bTag++; 1633 1634 if (!data->bTag) 1635 data->bTag++; 1636 1637 /* call generic_write even when remaining = 0 */ 1638 retval = usbtmc_generic_write(file_data, buf + transfersize, remaining, 1639 &done, USBTMC_FLAG_APPEND); 1640 /* truncate alignment bytes */ 1641 if (done > remaining) 1642 done = remaining; 1643 1644 /*add size of first urb*/ 1645 done += transfersize; 1646 1647 if (retval < 0) { 1648 usb_kill_anchored_urbs(&file_data->submitted); 1649 1650 dev_err(&data->intf->dev, 1651 "Unable to send data, error %d\n", (int)retval); 1652 if (file_data->auto_abort) 1653 usbtmc_ioctl_abort_bulk_out(data); 1654 goto exit; 1655 } 1656 1657 retval = done; 1658 exit: 1659 usb_free_urb(urb); 1660 mutex_unlock(&data->io_mutex); 1661 return retval; 1662 } 1663 1664 static int usbtmc_ioctl_clear(struct usbtmc_device_data *data) 1665 { 1666 struct device *dev; 1667 u8 *buffer; 1668 int rv; 1669 int n; 1670 int actual = 0; 1671 1672 dev = &data->intf->dev; 1673 1674 dev_dbg(dev, "Sending INITIATE_CLEAR request\n"); 1675 1676 buffer = kmalloc(USBTMC_BUFSIZE, GFP_KERNEL); 1677 if (!buffer) 1678 return -ENOMEM; 1679 1680 rv = usb_control_msg(data->usb_dev, 1681 usb_rcvctrlpipe(data->usb_dev, 0), 1682 USBTMC_REQUEST_INITIATE_CLEAR, 1683 USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_INTERFACE, 1684 0, 0, buffer, 1, USB_CTRL_GET_TIMEOUT); 1685 if (rv < 0) { 1686 dev_err(dev, "usb_control_msg returned %d\n", rv); 1687 goto exit; 1688 } 1689 1690 dev_dbg(dev, "INITIATE_CLEAR returned %x\n", buffer[0]); 1691 1692 if (buffer[0] != USBTMC_STATUS_SUCCESS) { 1693 dev_err(dev, "INITIATE_CLEAR returned %x\n", buffer[0]); 1694 rv = -EPERM; 1695 goto exit; 1696 } 1697 1698 n = 0; 1699 1700 usbtmc_clear_check_status: 1701 1702 dev_dbg(dev, "Sending CHECK_CLEAR_STATUS request\n"); 1703 1704 rv = usb_control_msg(data->usb_dev, 1705 usb_rcvctrlpipe(data->usb_dev, 0), 1706 USBTMC_REQUEST_CHECK_CLEAR_STATUS, 1707 USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_INTERFACE, 1708 0, 0, buffer, 2, USB_CTRL_GET_TIMEOUT); 1709 if (rv < 0) { 1710 dev_err(dev, "usb_control_msg returned %d\n", rv); 1711 goto exit; 1712 } 1713 1714 dev_dbg(dev, "CHECK_CLEAR_STATUS returned %x\n", buffer[0]); 1715 1716 if (buffer[0] == USBTMC_STATUS_SUCCESS) 1717 goto usbtmc_clear_bulk_out_halt; 1718 1719 if (buffer[0] != USBTMC_STATUS_PENDING) { 1720 dev_err(dev, "CHECK_CLEAR_STATUS returned %x\n", buffer[0]); 1721 rv = -EPERM; 1722 goto exit; 1723 } 1724 1725 if ((buffer[1] & 1) != 0) { 1726 do { 1727 dev_dbg(dev, "Reading from bulk in EP\n"); 1728 1729 actual = 0; 1730 rv = usb_bulk_msg(data->usb_dev, 1731 usb_rcvbulkpipe(data->usb_dev, 1732 data->bulk_in), 1733 buffer, USBTMC_BUFSIZE, 1734 &actual, USB_CTRL_GET_TIMEOUT); 1735 1736 print_hex_dump_debug("usbtmc ", DUMP_PREFIX_NONE, 1737 16, 1, buffer, actual, true); 1738 1739 n++; 1740 1741 if (rv < 0) { 1742 dev_err(dev, "usb_control_msg returned %d\n", 1743 rv); 1744 goto exit; 1745 } 1746 } while ((actual == USBTMC_BUFSIZE) && 1747 (n < USBTMC_MAX_READS_TO_CLEAR_BULK_IN)); 1748 } else { 1749 /* do not stress device with subsequent requests */ 1750 msleep(50); 1751 n++; 1752 } 1753 1754 if (n >= USBTMC_MAX_READS_TO_CLEAR_BULK_IN) { 1755 dev_err(dev, "Couldn't clear device buffer within %d cycles\n", 1756 USBTMC_MAX_READS_TO_CLEAR_BULK_IN); 1757 rv = -EPERM; 1758 goto exit; 1759 } 1760 1761 goto usbtmc_clear_check_status; 1762 1763 usbtmc_clear_bulk_out_halt: 1764 1765 rv = usb_clear_halt(data->usb_dev, 1766 usb_sndbulkpipe(data->usb_dev, data->bulk_out)); 1767 if (rv < 0) { 1768 dev_err(dev, "usb_clear_halt returned %d\n", rv); 1769 goto exit; 1770 } 1771 rv = 0; 1772 1773 exit: 1774 kfree(buffer); 1775 return rv; 1776 } 1777 1778 static int usbtmc_ioctl_clear_out_halt(struct usbtmc_device_data *data) 1779 { 1780 int rv; 1781 1782 rv = usb_clear_halt(data->usb_dev, 1783 usb_sndbulkpipe(data->usb_dev, data->bulk_out)); 1784 1785 if (rv < 0) 1786 dev_err(&data->usb_dev->dev, "%s returned %d\n", __func__, rv); 1787 return rv; 1788 } 1789 1790 static int usbtmc_ioctl_clear_in_halt(struct usbtmc_device_data *data) 1791 { 1792 int rv; 1793 1794 rv = usb_clear_halt(data->usb_dev, 1795 usb_rcvbulkpipe(data->usb_dev, data->bulk_in)); 1796 1797 if (rv < 0) 1798 dev_err(&data->usb_dev->dev, "%s returned %d\n", __func__, rv); 1799 return rv; 1800 } 1801 1802 static int usbtmc_ioctl_cancel_io(struct usbtmc_file_data *file_data) 1803 { 1804 spin_lock_irq(&file_data->err_lock); 1805 file_data->in_status = -ECANCELED; 1806 file_data->out_status = -ECANCELED; 1807 spin_unlock_irq(&file_data->err_lock); 1808 usb_kill_anchored_urbs(&file_data->submitted); 1809 return 0; 1810 } 1811 1812 static int usbtmc_ioctl_cleanup_io(struct usbtmc_file_data *file_data) 1813 { 1814 usb_kill_anchored_urbs(&file_data->submitted); 1815 usb_scuttle_anchored_urbs(&file_data->in_anchor); 1816 spin_lock_irq(&file_data->err_lock); 1817 file_data->in_status = 0; 1818 file_data->in_transfer_size = 0; 1819 file_data->out_status = 0; 1820 file_data->out_transfer_size = 0; 1821 spin_unlock_irq(&file_data->err_lock); 1822 1823 file_data->in_urbs_used = 0; 1824 return 0; 1825 } 1826 1827 static int get_capabilities(struct usbtmc_device_data *data) 1828 { 1829 struct device *dev = &data->usb_dev->dev; 1830 char *buffer; 1831 int rv = 0; 1832 1833 buffer = kmalloc(0x18, GFP_KERNEL); 1834 if (!buffer) 1835 return -ENOMEM; 1836 1837 rv = usb_control_msg(data->usb_dev, usb_rcvctrlpipe(data->usb_dev, 0), 1838 USBTMC_REQUEST_GET_CAPABILITIES, 1839 USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_INTERFACE, 1840 0, 0, buffer, 0x18, USB_CTRL_GET_TIMEOUT); 1841 if (rv < 0) { 1842 dev_err(dev, "usb_control_msg returned %d\n", rv); 1843 goto err_out; 1844 } 1845 1846 dev_dbg(dev, "GET_CAPABILITIES returned %x\n", buffer[0]); 1847 if (buffer[0] != USBTMC_STATUS_SUCCESS) { 1848 dev_err(dev, "GET_CAPABILITIES returned %x\n", buffer[0]); 1849 rv = -EPERM; 1850 goto err_out; 1851 } 1852 dev_dbg(dev, "Interface capabilities are %x\n", buffer[4]); 1853 dev_dbg(dev, "Device capabilities are %x\n", buffer[5]); 1854 dev_dbg(dev, "USB488 interface capabilities are %x\n", buffer[14]); 1855 dev_dbg(dev, "USB488 device capabilities are %x\n", buffer[15]); 1856 1857 data->capabilities.interface_capabilities = buffer[4]; 1858 data->capabilities.device_capabilities = buffer[5]; 1859 data->capabilities.usb488_interface_capabilities = buffer[14]; 1860 data->capabilities.usb488_device_capabilities = buffer[15]; 1861 data->usb488_caps = (buffer[14] & 0x07) | ((buffer[15] & 0x0f) << 4); 1862 rv = 0; 1863 1864 err_out: 1865 kfree(buffer); 1866 return rv; 1867 } 1868 1869 #define capability_attribute(name) \ 1870 static ssize_t name##_show(struct device *dev, \ 1871 struct device_attribute *attr, char *buf) \ 1872 { \ 1873 struct usb_interface *intf = to_usb_interface(dev); \ 1874 struct usbtmc_device_data *data = usb_get_intfdata(intf); \ 1875 \ 1876 return sprintf(buf, "%d\n", data->capabilities.name); \ 1877 } \ 1878 static DEVICE_ATTR_RO(name) 1879 1880 capability_attribute(interface_capabilities); 1881 capability_attribute(device_capabilities); 1882 capability_attribute(usb488_interface_capabilities); 1883 capability_attribute(usb488_device_capabilities); 1884 1885 static struct attribute *usbtmc_attrs[] = { 1886 &dev_attr_interface_capabilities.attr, 1887 &dev_attr_device_capabilities.attr, 1888 &dev_attr_usb488_interface_capabilities.attr, 1889 &dev_attr_usb488_device_capabilities.attr, 1890 NULL, 1891 }; 1892 ATTRIBUTE_GROUPS(usbtmc); 1893 1894 static int usbtmc_ioctl_indicator_pulse(struct usbtmc_device_data *data) 1895 { 1896 struct device *dev; 1897 u8 *buffer; 1898 int rv; 1899 1900 dev = &data->intf->dev; 1901 1902 buffer = kmalloc(2, GFP_KERNEL); 1903 if (!buffer) 1904 return -ENOMEM; 1905 1906 rv = usb_control_msg(data->usb_dev, 1907 usb_rcvctrlpipe(data->usb_dev, 0), 1908 USBTMC_REQUEST_INDICATOR_PULSE, 1909 USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_INTERFACE, 1910 0, 0, buffer, 0x01, USB_CTRL_GET_TIMEOUT); 1911 1912 if (rv < 0) { 1913 dev_err(dev, "usb_control_msg returned %d\n", rv); 1914 goto exit; 1915 } 1916 1917 dev_dbg(dev, "INDICATOR_PULSE returned %x\n", buffer[0]); 1918 1919 if (buffer[0] != USBTMC_STATUS_SUCCESS) { 1920 dev_err(dev, "INDICATOR_PULSE returned %x\n", buffer[0]); 1921 rv = -EPERM; 1922 goto exit; 1923 } 1924 rv = 0; 1925 1926 exit: 1927 kfree(buffer); 1928 return rv; 1929 } 1930 1931 static int usbtmc_ioctl_request(struct usbtmc_device_data *data, 1932 void __user *arg) 1933 { 1934 struct device *dev = &data->intf->dev; 1935 struct usbtmc_ctrlrequest request; 1936 u8 *buffer = NULL; 1937 int rv; 1938 unsigned int is_in, pipe; 1939 unsigned long res; 1940 1941 res = copy_from_user(&request, arg, sizeof(struct usbtmc_ctrlrequest)); 1942 if (res) 1943 return -EFAULT; 1944 1945 if (request.req.wLength > USBTMC_BUFSIZE) 1946 return -EMSGSIZE; 1947 if (request.req.wLength == 0) /* Length-0 requests are never IN */ 1948 request.req.bRequestType &= ~USB_DIR_IN; 1949 1950 is_in = request.req.bRequestType & USB_DIR_IN; 1951 1952 if (request.req.wLength) { 1953 buffer = kmalloc(request.req.wLength, GFP_KERNEL); 1954 if (!buffer) 1955 return -ENOMEM; 1956 1957 if (!is_in) { 1958 /* Send control data to device */ 1959 res = copy_from_user(buffer, request.data, 1960 request.req.wLength); 1961 if (res) { 1962 rv = -EFAULT; 1963 goto exit; 1964 } 1965 } 1966 } 1967 1968 if (is_in) 1969 pipe = usb_rcvctrlpipe(data->usb_dev, 0); 1970 else 1971 pipe = usb_sndctrlpipe(data->usb_dev, 0); 1972 rv = usb_control_msg(data->usb_dev, 1973 pipe, 1974 request.req.bRequest, 1975 request.req.bRequestType, 1976 request.req.wValue, 1977 request.req.wIndex, 1978 buffer, request.req.wLength, USB_CTRL_GET_TIMEOUT); 1979 1980 if (rv < 0) { 1981 dev_err(dev, "%s failed %d\n", __func__, rv); 1982 goto exit; 1983 } 1984 1985 if (rv && is_in) { 1986 /* Read control data from device */ 1987 res = copy_to_user(request.data, buffer, rv); 1988 if (res) 1989 rv = -EFAULT; 1990 } 1991 1992 exit: 1993 kfree(buffer); 1994 return rv; 1995 } 1996 1997 /* 1998 * Get the usb timeout value 1999 */ 2000 static int usbtmc_ioctl_get_timeout(struct usbtmc_file_data *file_data, 2001 void __user *arg) 2002 { 2003 u32 timeout; 2004 2005 timeout = file_data->timeout; 2006 2007 return put_user(timeout, (__u32 __user *)arg); 2008 } 2009 2010 /* 2011 * Set the usb timeout value 2012 */ 2013 static int usbtmc_ioctl_set_timeout(struct usbtmc_file_data *file_data, 2014 void __user *arg) 2015 { 2016 u32 timeout; 2017 2018 if (get_user(timeout, (__u32 __user *)arg)) 2019 return -EFAULT; 2020 2021 /* Note that timeout = 0 means 2022 * MAX_SCHEDULE_TIMEOUT in usb_control_msg 2023 */ 2024 if (timeout < USBTMC_MIN_TIMEOUT) 2025 return -EINVAL; 2026 2027 file_data->timeout = timeout; 2028 2029 return 0; 2030 } 2031 2032 /* 2033 * enables/disables sending EOM on write 2034 */ 2035 static int usbtmc_ioctl_eom_enable(struct usbtmc_file_data *file_data, 2036 void __user *arg) 2037 { 2038 u8 eom_enable; 2039 2040 if (copy_from_user(&eom_enable, arg, sizeof(eom_enable))) 2041 return -EFAULT; 2042 2043 if (eom_enable > 1) 2044 return -EINVAL; 2045 2046 file_data->eom_val = eom_enable; 2047 2048 return 0; 2049 } 2050 2051 /* 2052 * Configure termination character for read() 2053 */ 2054 static int usbtmc_ioctl_config_termc(struct usbtmc_file_data *file_data, 2055 void __user *arg) 2056 { 2057 struct usbtmc_termchar termc; 2058 2059 if (copy_from_user(&termc, arg, sizeof(termc))) 2060 return -EFAULT; 2061 2062 if ((termc.term_char_enabled > 1) || 2063 (termc.term_char_enabled && 2064 !(file_data->data->capabilities.device_capabilities & 1))) 2065 return -EINVAL; 2066 2067 file_data->term_char = termc.term_char; 2068 file_data->term_char_enabled = termc.term_char_enabled; 2069 2070 return 0; 2071 } 2072 2073 static long usbtmc_ioctl(struct file *file, unsigned int cmd, unsigned long arg) 2074 { 2075 struct usbtmc_file_data *file_data; 2076 struct usbtmc_device_data *data; 2077 int retval = -EBADRQC; 2078 __u8 tmp_byte; 2079 2080 file_data = file->private_data; 2081 data = file_data->data; 2082 2083 mutex_lock(&data->io_mutex); 2084 if (data->zombie) { 2085 retval = -ENODEV; 2086 goto skip_io_on_zombie; 2087 } 2088 2089 switch (cmd) { 2090 case USBTMC_IOCTL_CLEAR_OUT_HALT: 2091 retval = usbtmc_ioctl_clear_out_halt(data); 2092 break; 2093 2094 case USBTMC_IOCTL_CLEAR_IN_HALT: 2095 retval = usbtmc_ioctl_clear_in_halt(data); 2096 break; 2097 2098 case USBTMC_IOCTL_INDICATOR_PULSE: 2099 retval = usbtmc_ioctl_indicator_pulse(data); 2100 break; 2101 2102 case USBTMC_IOCTL_CLEAR: 2103 retval = usbtmc_ioctl_clear(data); 2104 break; 2105 2106 case USBTMC_IOCTL_ABORT_BULK_OUT: 2107 retval = usbtmc_ioctl_abort_bulk_out(data); 2108 break; 2109 2110 case USBTMC_IOCTL_ABORT_BULK_IN: 2111 retval = usbtmc_ioctl_abort_bulk_in(data); 2112 break; 2113 2114 case USBTMC_IOCTL_CTRL_REQUEST: 2115 retval = usbtmc_ioctl_request(data, (void __user *)arg); 2116 break; 2117 2118 case USBTMC_IOCTL_GET_TIMEOUT: 2119 retval = usbtmc_ioctl_get_timeout(file_data, 2120 (void __user *)arg); 2121 break; 2122 2123 case USBTMC_IOCTL_SET_TIMEOUT: 2124 retval = usbtmc_ioctl_set_timeout(file_data, 2125 (void __user *)arg); 2126 break; 2127 2128 case USBTMC_IOCTL_EOM_ENABLE: 2129 retval = usbtmc_ioctl_eom_enable(file_data, 2130 (void __user *)arg); 2131 break; 2132 2133 case USBTMC_IOCTL_CONFIG_TERMCHAR: 2134 retval = usbtmc_ioctl_config_termc(file_data, 2135 (void __user *)arg); 2136 break; 2137 2138 case USBTMC_IOCTL_WRITE: 2139 retval = usbtmc_ioctl_generic_write(file_data, 2140 (void __user *)arg); 2141 break; 2142 2143 case USBTMC_IOCTL_READ: 2144 retval = usbtmc_ioctl_generic_read(file_data, 2145 (void __user *)arg); 2146 break; 2147 2148 case USBTMC_IOCTL_WRITE_RESULT: 2149 retval = usbtmc_ioctl_write_result(file_data, 2150 (void __user *)arg); 2151 break; 2152 2153 case USBTMC_IOCTL_API_VERSION: 2154 retval = put_user(USBTMC_API_VERSION, 2155 (__u32 __user *)arg); 2156 break; 2157 2158 case USBTMC488_IOCTL_GET_CAPS: 2159 retval = put_user(data->usb488_caps, 2160 (unsigned char __user *)arg); 2161 break; 2162 2163 case USBTMC488_IOCTL_READ_STB: 2164 retval = usbtmc488_ioctl_read_stb(file_data, 2165 (void __user *)arg); 2166 break; 2167 2168 case USBTMC488_IOCTL_REN_CONTROL: 2169 retval = usbtmc488_ioctl_simple(data, (void __user *)arg, 2170 USBTMC488_REQUEST_REN_CONTROL); 2171 break; 2172 2173 case USBTMC488_IOCTL_GOTO_LOCAL: 2174 retval = usbtmc488_ioctl_simple(data, (void __user *)arg, 2175 USBTMC488_REQUEST_GOTO_LOCAL); 2176 break; 2177 2178 case USBTMC488_IOCTL_LOCAL_LOCKOUT: 2179 retval = usbtmc488_ioctl_simple(data, (void __user *)arg, 2180 USBTMC488_REQUEST_LOCAL_LOCKOUT); 2181 break; 2182 2183 case USBTMC488_IOCTL_TRIGGER: 2184 retval = usbtmc488_ioctl_trigger(file_data); 2185 break; 2186 2187 case USBTMC488_IOCTL_WAIT_SRQ: 2188 retval = usbtmc488_ioctl_wait_srq(file_data, 2189 (__u32 __user *)arg); 2190 break; 2191 2192 case USBTMC_IOCTL_MSG_IN_ATTR: 2193 retval = put_user(file_data->bmTransferAttributes, 2194 (__u8 __user *)arg); 2195 break; 2196 2197 case USBTMC_IOCTL_AUTO_ABORT: 2198 retval = get_user(tmp_byte, (unsigned char __user *)arg); 2199 if (retval == 0) 2200 file_data->auto_abort = !!tmp_byte; 2201 break; 2202 2203 case USBTMC_IOCTL_GET_STB: 2204 retval = usbtmc_get_stb(file_data, &tmp_byte); 2205 if (!retval) 2206 retval = put_user(tmp_byte, (__u8 __user *)arg); 2207 break; 2208 2209 case USBTMC_IOCTL_GET_SRQ_STB: 2210 retval = usbtmc_ioctl_get_srq_stb(file_data, 2211 (void __user *)arg); 2212 break; 2213 2214 case USBTMC_IOCTL_CANCEL_IO: 2215 retval = usbtmc_ioctl_cancel_io(file_data); 2216 break; 2217 2218 case USBTMC_IOCTL_CLEANUP_IO: 2219 retval = usbtmc_ioctl_cleanup_io(file_data); 2220 break; 2221 } 2222 2223 skip_io_on_zombie: 2224 mutex_unlock(&data->io_mutex); 2225 return retval; 2226 } 2227 2228 static int usbtmc_fasync(int fd, struct file *file, int on) 2229 { 2230 struct usbtmc_file_data *file_data = file->private_data; 2231 2232 return fasync_helper(fd, file, on, &file_data->data->fasync); 2233 } 2234 2235 static __poll_t usbtmc_poll(struct file *file, poll_table *wait) 2236 { 2237 struct usbtmc_file_data *file_data = file->private_data; 2238 struct usbtmc_device_data *data = file_data->data; 2239 __poll_t mask; 2240 2241 mutex_lock(&data->io_mutex); 2242 2243 if (data->zombie) { 2244 mask = EPOLLHUP | EPOLLERR; 2245 goto no_poll; 2246 } 2247 2248 poll_wait(file, &data->waitq, wait); 2249 2250 /* Note that EPOLLPRI is now assigned to SRQ, and 2251 * EPOLLIN|EPOLLRDNORM to normal read data. 2252 */ 2253 mask = 0; 2254 if (atomic_read(&file_data->srq_asserted)) 2255 mask |= EPOLLPRI; 2256 2257 /* Note that the anchor submitted includes all urbs for BULK IN 2258 * and OUT. So EPOLLOUT is signaled when BULK OUT is empty and 2259 * all BULK IN urbs are completed and moved to in_anchor. 2260 */ 2261 if (usb_anchor_empty(&file_data->submitted)) 2262 mask |= (EPOLLOUT | EPOLLWRNORM); 2263 if (!usb_anchor_empty(&file_data->in_anchor)) 2264 mask |= (EPOLLIN | EPOLLRDNORM); 2265 2266 spin_lock_irq(&file_data->err_lock); 2267 if (file_data->in_status || file_data->out_status) 2268 mask |= EPOLLERR; 2269 spin_unlock_irq(&file_data->err_lock); 2270 2271 dev_dbg(&data->intf->dev, "poll mask = %x\n", mask); 2272 2273 no_poll: 2274 mutex_unlock(&data->io_mutex); 2275 return mask; 2276 } 2277 2278 static const struct file_operations fops = { 2279 .owner = THIS_MODULE, 2280 .read = usbtmc_read, 2281 .write = usbtmc_write, 2282 .open = usbtmc_open, 2283 .release = usbtmc_release, 2284 .flush = usbtmc_flush, 2285 .unlocked_ioctl = usbtmc_ioctl, 2286 .compat_ioctl = compat_ptr_ioctl, 2287 .fasync = usbtmc_fasync, 2288 .poll = usbtmc_poll, 2289 .llseek = default_llseek, 2290 }; 2291 2292 static struct usb_class_driver usbtmc_class = { 2293 .name = "usbtmc%d", 2294 .fops = &fops, 2295 .minor_base = USBTMC_MINOR_BASE, 2296 }; 2297 2298 static void usbtmc_interrupt(struct urb *urb) 2299 { 2300 struct usbtmc_device_data *data = urb->context; 2301 struct device *dev = &data->intf->dev; 2302 int status = urb->status; 2303 int rv; 2304 2305 dev_dbg(&data->intf->dev, "int status: %d len %d\n", 2306 status, urb->actual_length); 2307 2308 switch (status) { 2309 case 0: /* SUCCESS */ 2310 /* check for valid STB notification */ 2311 if (data->iin_buffer[0] > 0x81) { 2312 data->bNotify1 = data->iin_buffer[0]; 2313 data->bNotify2 = data->iin_buffer[1]; 2314 atomic_set(&data->iin_data_valid, 1); 2315 wake_up_interruptible(&data->waitq); 2316 goto exit; 2317 } 2318 /* check for SRQ notification */ 2319 if (data->iin_buffer[0] == 0x81) { 2320 unsigned long flags; 2321 struct list_head *elem; 2322 2323 if (data->fasync) 2324 kill_fasync(&data->fasync, 2325 SIGIO, POLL_PRI); 2326 2327 spin_lock_irqsave(&data->dev_lock, flags); 2328 list_for_each(elem, &data->file_list) { 2329 struct usbtmc_file_data *file_data; 2330 2331 file_data = list_entry(elem, 2332 struct usbtmc_file_data, 2333 file_elem); 2334 file_data->srq_byte = data->iin_buffer[1]; 2335 atomic_set(&file_data->srq_asserted, 1); 2336 } 2337 spin_unlock_irqrestore(&data->dev_lock, flags); 2338 2339 dev_dbg(dev, "srq received bTag %x stb %x\n", 2340 (unsigned int)data->iin_buffer[0], 2341 (unsigned int)data->iin_buffer[1]); 2342 wake_up_interruptible_all(&data->waitq); 2343 goto exit; 2344 } 2345 dev_warn(dev, "invalid notification: %x\n", 2346 data->iin_buffer[0]); 2347 break; 2348 case -EOVERFLOW: 2349 dev_err(dev, "overflow with length %d, actual length is %d\n", 2350 data->iin_wMaxPacketSize, urb->actual_length); 2351 fallthrough; 2352 default: 2353 /* urb terminated, clean up */ 2354 dev_dbg(dev, "urb terminated, status: %d\n", status); 2355 return; 2356 } 2357 exit: 2358 rv = usb_submit_urb(urb, GFP_ATOMIC); 2359 if (rv) 2360 dev_err(dev, "usb_submit_urb failed: %d\n", rv); 2361 } 2362 2363 static void usbtmc_free_int(struct usbtmc_device_data *data) 2364 { 2365 if (!data->iin_ep_present || !data->iin_urb) 2366 return; 2367 usb_kill_urb(data->iin_urb); 2368 kfree(data->iin_buffer); 2369 data->iin_buffer = NULL; 2370 usb_free_urb(data->iin_urb); 2371 data->iin_urb = NULL; 2372 kref_put(&data->kref, usbtmc_delete); 2373 } 2374 2375 static int usbtmc_probe(struct usb_interface *intf, 2376 const struct usb_device_id *id) 2377 { 2378 struct usbtmc_device_data *data; 2379 struct usb_host_interface *iface_desc; 2380 struct usb_endpoint_descriptor *bulk_in, *bulk_out, *int_in; 2381 int retcode; 2382 2383 dev_dbg(&intf->dev, "%s called\n", __func__); 2384 2385 data = kzalloc(sizeof(*data), GFP_KERNEL); 2386 if (!data) 2387 return -ENOMEM; 2388 2389 data->intf = intf; 2390 data->id = id; 2391 data->usb_dev = usb_get_dev(interface_to_usbdev(intf)); 2392 usb_set_intfdata(intf, data); 2393 kref_init(&data->kref); 2394 mutex_init(&data->io_mutex); 2395 init_waitqueue_head(&data->waitq); 2396 atomic_set(&data->iin_data_valid, 0); 2397 INIT_LIST_HEAD(&data->file_list); 2398 spin_lock_init(&data->dev_lock); 2399 2400 data->zombie = 0; 2401 2402 /* Initialize USBTMC bTag and other fields */ 2403 data->bTag = 1; 2404 /* 2 <= bTag <= 127 USBTMC-USB488 subclass specification 4.3.1 */ 2405 data->iin_bTag = 2; 2406 2407 /* USBTMC devices have only one setting, so use that */ 2408 iface_desc = data->intf->cur_altsetting; 2409 data->ifnum = iface_desc->desc.bInterfaceNumber; 2410 2411 /* Find bulk endpoints */ 2412 retcode = usb_find_common_endpoints(iface_desc, 2413 &bulk_in, &bulk_out, NULL, NULL); 2414 if (retcode) { 2415 dev_err(&intf->dev, "bulk endpoints not found\n"); 2416 goto err_put; 2417 } 2418 2419 retcode = -EINVAL; 2420 data->bulk_in = bulk_in->bEndpointAddress; 2421 data->wMaxPacketSize = usb_endpoint_maxp(bulk_in); 2422 if (!data->wMaxPacketSize) 2423 goto err_put; 2424 dev_dbg(&intf->dev, "Found bulk in endpoint at %u\n", data->bulk_in); 2425 2426 data->bulk_out = bulk_out->bEndpointAddress; 2427 dev_dbg(&intf->dev, "Found Bulk out endpoint at %u\n", data->bulk_out); 2428 2429 /* Find int endpoint */ 2430 retcode = usb_find_int_in_endpoint(iface_desc, &int_in); 2431 if (!retcode) { 2432 data->iin_ep_present = 1; 2433 data->iin_ep = int_in->bEndpointAddress; 2434 data->iin_wMaxPacketSize = usb_endpoint_maxp(int_in); 2435 data->iin_interval = int_in->bInterval; 2436 dev_dbg(&intf->dev, "Found Int in endpoint at %u\n", 2437 data->iin_ep); 2438 } 2439 2440 retcode = get_capabilities(data); 2441 if (retcode) 2442 dev_err(&intf->dev, "can't read capabilities\n"); 2443 2444 if (data->iin_ep_present) { 2445 /* allocate int urb */ 2446 data->iin_urb = usb_alloc_urb(0, GFP_KERNEL); 2447 if (!data->iin_urb) { 2448 retcode = -ENOMEM; 2449 goto error_register; 2450 } 2451 2452 /* Protect interrupt in endpoint data until iin_urb is freed */ 2453 kref_get(&data->kref); 2454 2455 /* allocate buffer for interrupt in */ 2456 data->iin_buffer = kmalloc(data->iin_wMaxPacketSize, 2457 GFP_KERNEL); 2458 if (!data->iin_buffer) { 2459 retcode = -ENOMEM; 2460 goto error_register; 2461 } 2462 2463 /* fill interrupt urb */ 2464 usb_fill_int_urb(data->iin_urb, data->usb_dev, 2465 usb_rcvintpipe(data->usb_dev, data->iin_ep), 2466 data->iin_buffer, data->iin_wMaxPacketSize, 2467 usbtmc_interrupt, 2468 data, data->iin_interval); 2469 2470 retcode = usb_submit_urb(data->iin_urb, GFP_KERNEL); 2471 if (retcode) { 2472 dev_err(&intf->dev, "Failed to submit iin_urb\n"); 2473 goto error_register; 2474 } 2475 } 2476 2477 retcode = usb_register_dev(intf, &usbtmc_class); 2478 if (retcode) { 2479 dev_err(&intf->dev, "Not able to get a minor (base %u, slice default): %d\n", 2480 USBTMC_MINOR_BASE, 2481 retcode); 2482 goto error_register; 2483 } 2484 dev_dbg(&intf->dev, "Using minor number %d\n", intf->minor); 2485 2486 return 0; 2487 2488 error_register: 2489 usbtmc_free_int(data); 2490 err_put: 2491 kref_put(&data->kref, usbtmc_delete); 2492 return retcode; 2493 } 2494 2495 static void usbtmc_disconnect(struct usb_interface *intf) 2496 { 2497 struct usbtmc_device_data *data = usb_get_intfdata(intf); 2498 struct list_head *elem; 2499 2500 usb_deregister_dev(intf, &usbtmc_class); 2501 mutex_lock(&data->io_mutex); 2502 data->zombie = 1; 2503 wake_up_interruptible_all(&data->waitq); 2504 list_for_each(elem, &data->file_list) { 2505 struct usbtmc_file_data *file_data; 2506 2507 file_data = list_entry(elem, 2508 struct usbtmc_file_data, 2509 file_elem); 2510 usb_kill_anchored_urbs(&file_data->submitted); 2511 usb_scuttle_anchored_urbs(&file_data->in_anchor); 2512 } 2513 mutex_unlock(&data->io_mutex); 2514 usbtmc_free_int(data); 2515 kref_put(&data->kref, usbtmc_delete); 2516 } 2517 2518 static void usbtmc_draw_down(struct usbtmc_file_data *file_data) 2519 { 2520 int time; 2521 2522 time = usb_wait_anchor_empty_timeout(&file_data->submitted, 1000); 2523 if (!time) 2524 usb_kill_anchored_urbs(&file_data->submitted); 2525 usb_scuttle_anchored_urbs(&file_data->in_anchor); 2526 } 2527 2528 static int usbtmc_suspend(struct usb_interface *intf, pm_message_t message) 2529 { 2530 struct usbtmc_device_data *data = usb_get_intfdata(intf); 2531 struct list_head *elem; 2532 2533 if (!data) 2534 return 0; 2535 2536 mutex_lock(&data->io_mutex); 2537 list_for_each(elem, &data->file_list) { 2538 struct usbtmc_file_data *file_data; 2539 2540 file_data = list_entry(elem, 2541 struct usbtmc_file_data, 2542 file_elem); 2543 usbtmc_draw_down(file_data); 2544 } 2545 2546 if (data->iin_ep_present && data->iin_urb) 2547 usb_kill_urb(data->iin_urb); 2548 2549 mutex_unlock(&data->io_mutex); 2550 return 0; 2551 } 2552 2553 static int usbtmc_resume(struct usb_interface *intf) 2554 { 2555 struct usbtmc_device_data *data = usb_get_intfdata(intf); 2556 int retcode = 0; 2557 2558 if (data->iin_ep_present && data->iin_urb) 2559 retcode = usb_submit_urb(data->iin_urb, GFP_KERNEL); 2560 if (retcode) 2561 dev_err(&intf->dev, "Failed to submit iin_urb\n"); 2562 2563 return retcode; 2564 } 2565 2566 static int usbtmc_pre_reset(struct usb_interface *intf) 2567 { 2568 struct usbtmc_device_data *data = usb_get_intfdata(intf); 2569 struct list_head *elem; 2570 2571 if (!data) 2572 return 0; 2573 2574 mutex_lock(&data->io_mutex); 2575 2576 list_for_each(elem, &data->file_list) { 2577 struct usbtmc_file_data *file_data; 2578 2579 file_data = list_entry(elem, 2580 struct usbtmc_file_data, 2581 file_elem); 2582 usbtmc_ioctl_cancel_io(file_data); 2583 } 2584 2585 return 0; 2586 } 2587 2588 static int usbtmc_post_reset(struct usb_interface *intf) 2589 { 2590 struct usbtmc_device_data *data = usb_get_intfdata(intf); 2591 2592 mutex_unlock(&data->io_mutex); 2593 2594 return 0; 2595 } 2596 2597 static struct usb_driver usbtmc_driver = { 2598 .name = "usbtmc", 2599 .id_table = usbtmc_devices, 2600 .probe = usbtmc_probe, 2601 .disconnect = usbtmc_disconnect, 2602 .suspend = usbtmc_suspend, 2603 .resume = usbtmc_resume, 2604 .pre_reset = usbtmc_pre_reset, 2605 .post_reset = usbtmc_post_reset, 2606 .dev_groups = usbtmc_groups, 2607 }; 2608 2609 module_usb_driver(usbtmc_driver); 2610 2611 MODULE_DESCRIPTION("USB Test & Measurement class driver"); 2612 MODULE_LICENSE("GPL"); 2613