projects / linux-2.4.21-pre4.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
import of ftp.dlink.com/GPL/DSMG-600_reB/ppclinux.tar.gz
[linux-2.4.21-pre4.git] / drivers / usb / devio.c
1 /*****************************************************************************/
2
3 /*
4  *      devio.c  --  User space communication with USB devices.
5  *
6  *      Copyright (C) 1999-2000  Thomas Sailer (sailer@ife.ee.ethz.ch)
7  *
8  *      This program is free software; you can redistribute it and/or modify
9  *      it under the terms of the GNU General Public License as published by
10  *      the Free Software Foundation; either version 2 of the License, or
11  *      (at your option) any later version.
12  *
13  *      This program is distributed in the hope that it will be useful,
14  *      but WITHOUT ANY WARRANTY; without even the implied warranty of
15  *      MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
16  *      GNU General Public License for more details.
17  *
18  *      You should have received a copy of the GNU General Public License
19  *      along with this program; if not, write to the Free Software
20  *      Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
21  *
22  *  $Id: devio.c,v 1.1.1.1 2005/04/11 02:50:40 jack Exp $
23  *
24  *  This file implements the usbdevfs/x/y files, where
25  *  x is the bus number and y the device number.
26  *
27  *  It allows user space programs/"drivers" to communicate directly
28  *  with USB devices without intervening kernel driver.
29  *
30  *  Revision history
31  *    22.12.1999   0.1   Initial release (split from proc_usb.c)
32  *    04.01.2000   0.2   Turned into its own filesystem
33  */
34
35 /*****************************************************************************/
36
37 #include <linux/fs.h>
38 #include <linux/mm.h>
39 #include <linux/slab.h>
40 #include <linux/smp_lock.h>
41 #include <linux/signal.h>
42 #include <linux/poll.h>
43 #include <linux/usb.h>
44 #include <linux/usbdevice_fs.h>
45 #include <asm/uaccess.h>
46
47
48 struct async {
49         struct list_head asynclist;
50         struct dev_state *ps;
51         struct task_struct *task;
52         unsigned int signr;
53         unsigned int intf;
54         void *userbuffer;
55         void *userurb;
56         struct urb urb;
57 };
58
59 static loff_t usbdev_lseek(struct file *file, loff_t offset, int orig)
60 {
61         switch (orig) {
62         case 0:
63                 file->f_pos = offset;
64                 return file->f_pos;
65
66         case 1:
67                 file->f_pos += offset;
68                 return file->f_pos;
69
70         case 2:
71                 return -EINVAL;
72
73         default:
74                 return -EINVAL;
75         }
76 }
77
78 static ssize_t usbdev_read(struct file *file, char * buf, size_t nbytes, loff_t *ppos)
79 {
80         struct dev_state *ps = (struct dev_state *)file->private_data;
81         ssize_t ret = 0;
82         unsigned len;
83         loff_t pos, last;
84         int i;
85
86         pos = *ppos;
87         down_read(&ps->devsem);
88         if (!ps->dev) {
89                 ret = -ENODEV;
90                 goto err;
91         } else if (pos < 0) {
92                 ret = -EINVAL;
93                 goto err;
94         }
95
96         if (pos < sizeof(struct usb_device_descriptor)) {
97                 len = sizeof(struct usb_device_descriptor) - pos;
98                 if (len > nbytes)
99                         len = nbytes;
100                 if (copy_to_user(buf, ((char *)&ps->dev->descriptor) + pos, len)) {
101                         ret = -EFAULT;
102                         goto err;
103                 }
104
105                 pos += len;
106                 buf += len;
107                 nbytes -= len;
108                 ret += len;
109         }
110
111         last = sizeof(struct usb_device_descriptor);
112         for (i = 0; nbytes && i < ps->dev->descriptor.bNumConfigurations; i++) {
113                 struct usb_config_descriptor *config =
114                         (struct usb_config_descriptor *)ps->dev->rawdescriptors[i];
115                 unsigned int length = le16_to_cpu(config->wTotalLength);
116
117                 if (pos < last + length) {
118                         len = length - (pos - last);
119                         if (len > nbytes)
120                                 len = nbytes;
121
122                         if (copy_to_user(buf,
123                             ps->dev->rawdescriptors[i] + (pos - last), len)) {
124                                 ret = -EFAULT;
125                                 goto err;
126                         }
127
128                         pos += len;
129                         buf += len;
130                         nbytes -= len;
131                         ret += len;
132                 }
133
134                 last += length;
135         }
136         *ppos = pos;
137
138 err:
139         up_read(&ps->devsem);
140         return ret;
141 }
142
143 static inline unsigned int ld2(unsigned int x)
144 {
145         unsigned int r = 0;
146         
147         if (x >= 0x10000) {
148                 x >>= 16;
149                 r += 16;
150         }
151         if (x >= 0x100) {
152                 x >>= 8;
153                 r += 8;
154         }
155         if (x >= 0x10) {
156                 x >>= 4;
157                 r += 4;
158         }
159         if (x >= 4) {
160                 x >>= 2;
161                 r += 2;
162         }
163         if (x >= 2)
164                 r++;
165         return r;
166 }
167
168 /*
169  * async list handling
170  */
171
172 static struct async *alloc_async(unsigned int numisoframes)
173 {
174         unsigned int assize = sizeof(struct async) + numisoframes * sizeof(struct iso_packet_descriptor);
175         struct async *as = kmalloc(assize, GFP_KERNEL);
176         if (!as)
177                 return NULL;
178         memset(as, 0, assize);
179         as->urb.number_of_packets = numisoframes;
180         spin_lock_init(&as->urb.lock);
181         return as;
182 }
183
184 static void free_async(struct async *as)
185 {
186         if (as->urb.transfer_buffer)
187                 kfree(as->urb.transfer_buffer);
188         if (as->urb.setup_packet)
189                 kfree(as->urb.setup_packet);
190         kfree(as);
191 }
192
193 static inline void async_newpending(struct async *as)
194 {
195         struct dev_state *ps = as->ps;
196         unsigned long flags;
197         
198         spin_lock_irqsave(&ps->lock, flags);
199         list_add_tail(&as->asynclist, &ps->async_pending);
200         spin_unlock_irqrestore(&ps->lock, flags);
201 }
202
203 static inline void async_removepending(struct async *as)
204 {
205         struct dev_state *ps = as->ps;
206         unsigned long flags;
207         
208         spin_lock_irqsave(&ps->lock, flags);
209         list_del_init(&as->asynclist);
210         spin_unlock_irqrestore(&ps->lock, flags);
211 }
212
213 static inline struct async *async_getcompleted(struct dev_state *ps)
214 {
215         unsigned long flags;
216         struct async *as = NULL;
217
218         spin_lock_irqsave(&ps->lock, flags);
219         if (!list_empty(&ps->async_completed)) {
220                 as = list_entry(ps->async_completed.next, struct async, asynclist);
221                 list_del_init(&as->asynclist);
222         }
223         spin_unlock_irqrestore(&ps->lock, flags);
224         return as;
225 }
226
227 static inline struct async *async_getpending(struct dev_state *ps, void *userurb)
228 {
229         unsigned long flags;
230         struct async *as;
231
232         spin_lock_irqsave(&ps->lock, flags);
233         list_for_each_entry(as, &ps->async_pending, asynclist)
234                 if (as->userurb == userurb) {
235                         list_del_init(&as->asynclist);
236                         spin_unlock_irqrestore(&ps->lock, flags);
237                         return as;
238                 }
239         spin_unlock_irqrestore(&ps->lock, flags);
240         return NULL;
241 }
242
243 static void async_completed(struct urb *urb)
244 {
245         struct async *as = (struct async *)urb->context;
246         struct dev_state *ps = as->ps;
247         struct siginfo sinfo;
248
249         spin_lock(&ps->lock);
250         list_move_tail(&as->asynclist, &ps->async_completed);
251         spin_unlock(&ps->lock);
252         wake_up(&ps->wait);
253         if (as->signr) {
254                 sinfo.si_signo = as->signr;
255                 sinfo.si_errno = as->urb.status;
256                 sinfo.si_code = SI_ASYNCIO;
257                 sinfo.si_addr = as->userurb;
258                 send_sig_info(as->signr, &sinfo, as->task);
259         }
260 }
261
262 static void destroy_async (struct dev_state *ps, struct list_head *list)
263 {
264         struct async *as;
265         unsigned long flags;
266
267         spin_lock_irqsave(&ps->lock, flags);
268         while (!list_empty(list)) {
269                 as = list_entry(list->next, struct async, asynclist);
270                 list_del_init(&as->asynclist);
271                 spin_unlock_irqrestore(&ps->lock, flags);
272                 /* usb_unlink_urb calls the completion handler with status == USB_ST_URB_KILLED */
273                 usb_unlink_urb(&as->urb);
274                 spin_lock_irqsave(&ps->lock, flags);
275         }
276         spin_unlock_irqrestore(&ps->lock, flags);
277         while ((as = async_getcompleted(ps)))
278                 free_async(as);
279 }
280
281 static void destroy_async_on_interface (struct dev_state *ps, unsigned int intf)
282 {
283         struct list_head *p, *q, hitlist;
284         unsigned long flags;
285
286         INIT_LIST_HEAD(&hitlist);
287         spin_lock_irqsave(&ps->lock, flags);
288         list_for_each_safe(p, q, &ps->async_pending)
289                 if (intf == list_entry(p, struct async, asynclist)->intf)
290                         list_move_tail(p, &hitlist);
291         spin_unlock_irqrestore(&ps->lock, flags);
292         destroy_async(ps, &hitlist);
293 }
294
295 static inline void destroy_all_async(struct dev_state *ps)
296 {
297         destroy_async(ps, &ps->async_pending);
298 }
299
300 /*
301  * interface claims are made only at the request of user level code,
302  * which can also release them (explicitly or by closing files).
303  * they're also undone when devices disconnect.
304  */
305
306 static void *driver_probe(struct usb_device *dev, unsigned int intf,
307                           const struct usb_device_id *id)
308 {
309         return NULL;
310 }
311
312 static void driver_disconnect(struct usb_device *dev, void *context)
313 {
314         struct dev_state *ps = (struct dev_state *)context;
315
316         if (!ps)
317                 return;
318
319         /* this waits till synchronous requests complete */
320         down_write (&ps->devsem);
321
322         /* prevent new I/O requests */
323         ps->dev = 0;
324         ps->ifclaimed = 0;
325
326         /* force async requests to complete */
327         destroy_all_async (ps);
328
329         up_write (&ps->devsem);
330 }
331
332 struct usb_driver usbdevfs_driver = {
333         name:           "usbdevfs",
334         probe:          driver_probe,
335         disconnect:     driver_disconnect,
336 };
337
338 static int claimintf(struct dev_state *ps, unsigned int intf)
339 {
340         struct usb_device *dev = ps->dev;
341         struct usb_interface *iface;
342         int err;
343
344         if (intf >= 8*sizeof(ps->ifclaimed) || !dev || intf >= dev->actconfig->bNumInterfaces)
345                 return -EINVAL;
346         /* already claimed */
347         if (test_bit(intf, &ps->ifclaimed))
348                 return 0;
349         iface = &dev->actconfig->interface[intf];
350         err = -EBUSY;
351         lock_kernel();
352         if (!usb_interface_claimed(iface)) {
353                 usb_driver_claim_interface(&usbdevfs_driver, iface, ps);
354                 set_bit(intf, &ps->ifclaimed);
355                 err = 0;
356         }
357         unlock_kernel();
358         return err;
359 }
360
361 static int releaseintf(struct dev_state *ps, unsigned int intf)
362 {
363         struct usb_device *dev;
364         struct usb_interface *iface;
365         int err;
366
367         if (intf >= 8*sizeof(ps->ifclaimed))
368                 return -EINVAL;
369         err = -EINVAL;
370         lock_kernel();
371         dev = ps->dev;
372         if (dev && test_and_clear_bit(intf, &ps->ifclaimed)) {
373                 iface = &dev->actconfig->interface[intf];
374                 usb_driver_release_interface(&usbdevfs_driver, iface);
375                 err = 0;
376         }
377         unlock_kernel();
378         return err;
379 }
380
381 static int checkintf(struct dev_state *ps, unsigned int intf)
382 {
383         if (intf >= 8*sizeof(ps->ifclaimed))
384                 return -EINVAL;
385         if (test_bit(intf, &ps->ifclaimed))
386                 return 0;
387         /* if not yet claimed, claim it for the driver */
388         printk(KERN_WARNING "usbdevfs: process %d (%s) did not claim interface %u before use\n",
389                current->pid, current->comm, intf);
390         return claimintf(ps, intf);
391 }
392
393 static int findintfep(struct usb_device *dev, unsigned int ep)
394 {
395         unsigned int i, j, e;
396         struct usb_interface *iface;
397         struct usb_interface_descriptor *alts;
398         struct usb_endpoint_descriptor *endpt;
399
400         if (ep & ~(USB_DIR_IN|0xf))
401                 return -EINVAL;
402         for (i = 0; i < dev->actconfig->bNumInterfaces; i++) {
403                 iface = &dev->actconfig->interface[i];
404                 for (j = 0; j < iface->num_altsetting; j++) {
405                         alts = &iface->altsetting[j];
406                         for (e = 0; e < alts->bNumEndpoints; e++) {
407                                 endpt = &alts->endpoint[e];
408                                 if (endpt->bEndpointAddress == ep)
409                                         return i;
410                         }
411                 }
412         }
413         return -ENOENT; 
414 }
415
416 static int findintfif(struct usb_device *dev, unsigned int ifn)
417 {
418         unsigned int i, j;
419         struct usb_interface *iface;
420         struct usb_interface_descriptor *alts;
421
422         if (ifn & ~0xff)
423                 return -EINVAL;
424         for (i = 0; i < dev->actconfig->bNumInterfaces; i++) {
425                 iface = &dev->actconfig->interface[i];
426                 for (j = 0; j < iface->num_altsetting; j++) {
427                         alts = &iface->altsetting[j];
428                         if (alts->bInterfaceNumber == ifn)
429                                 return i;
430                 }
431         }
432         return -ENOENT; 
433 }
434
435 extern struct list_head usb_driver_list;
436
437 #if 0
438 static int finddriver(struct usb_driver **driver, char *name)
439 {
440         struct list_head *tmp;
441
442         tmp = usb_driver_list.next;
443         while (tmp != &usb_driver_list) {
444                 struct usb_driver *d = list_entry(tmp, struct usb_driver,
445                                                         driver_list);
446
447                 if (!strcmp(d->name, name)) {
448                         *driver = d;
449                         return 0;
450                 }
451
452                 tmp = tmp->next;
453         }
454
455         return -EINVAL;
456 }
457 #endif
458
459 static int check_ctrlrecip(struct dev_state *ps, unsigned int requesttype, unsigned int index)
460 {
461         int ret;
462
463         if (USB_TYPE_VENDOR == (USB_TYPE_MASK & requesttype))
464                 return 0;
465
466         switch (requesttype & USB_RECIP_MASK) {
467         case USB_RECIP_ENDPOINT:
468                 if ((ret = findintfep(ps->dev, index & 0xff)) < 0)
469                         return ret;
470                 if ((ret = checkintf(ps, ret)))
471                         return ret;
472                 break;
473
474         case USB_RECIP_INTERFACE:
475                 if ((ret = findintfif(ps->dev, index & 0xff)) < 0)
476                         return ret;
477                 if ((ret = checkintf(ps, ret)))
478                         return ret;
479                 break;
480         }
481         return 0;
482 }
483
484 /*
485  * file operations
486  */
487 static int usbdev_open(struct inode *inode, struct file *file)
488 {
489         struct usb_device *dev;
490         struct dev_state *ps;
491         int ret;
492
493         /* 
494          * no locking necessary here, as both sys_open (actually filp_open)
495          * and the hub thread have the kernel lock
496          * (still acquire the kernel lock for safety)
497          */
498         lock_kernel();
499         ret = -ENOENT;
500         if (ITYPE(inode->i_ino) != IDEVICE)
501                 goto out;
502         dev = inode->u.usbdev_i.p.dev;
503         if (!dev)
504                 goto out;
505         ret = -ENOMEM;
506         if (!(ps = kmalloc(sizeof(struct dev_state), GFP_KERNEL)))
507                 goto out;
508         ret = 0;
509         ps->dev = dev;
510         ps->file = file;
511         spin_lock_init(&ps->lock);
512         INIT_LIST_HEAD(&ps->async_pending);
513         INIT_LIST_HEAD(&ps->async_completed);
514         init_waitqueue_head(&ps->wait);
515         init_rwsem(&ps->devsem);
516         ps->discsignr = 0;
517         ps->disctask = current;
518         ps->disccontext = NULL;
519         ps->ifclaimed = 0;
520         wmb();
521         list_add_tail(&ps->list, &dev->filelist);
522         file->private_data = ps;
523  out:
524         unlock_kernel();
525         return ret;
526 }
527
528 static int usbdev_release(struct inode *inode, struct file *file)
529 {
530         struct dev_state *ps = (struct dev_state *)file->private_data;
531         unsigned int i;
532
533         lock_kernel();
534         list_del_init(&ps->list);
535         if (ps->dev) {
536                 for (i = 0; ps->ifclaimed && i < 8*sizeof(ps->ifclaimed); i++)
537                         if (test_bit(i, &ps->ifclaimed))
538                                 releaseintf(ps, i);
539         }
540         unlock_kernel();
541         destroy_all_async(ps);
542         kfree(ps);
543         return 0;
544 }
545
546 static int proc_control(struct dev_state *ps, void *arg)
547 {
548         struct usb_device *dev = ps->dev;
549         struct usbdevfs_ctrltransfer ctrl;
550         unsigned int tmo;
551         unsigned char *tbuf;
552         int i, ret;
553
554         if (copy_from_user(&ctrl, (void *)arg, sizeof(ctrl)))
555                 return -EFAULT;
556         if ((ret = check_ctrlrecip(ps, ctrl.requesttype, ctrl.index)))
557                 return ret;
558         if (ctrl.length > PAGE_SIZE)
559                 return -EINVAL;
560         if (!(tbuf = (unsigned char *)__get_free_page(GFP_KERNEL)))
561                 return -ENOMEM;
562         tmo = (ctrl.timeout * HZ + 999) / 1000;
563         if (ctrl.requesttype & 0x80) {
564                 if (ctrl.length && !access_ok(VERIFY_WRITE, ctrl.data, ctrl.length)) {
565                         free_page((unsigned long)tbuf);
566                         return -EINVAL;
567                 }
568                 i = usb_control_msg(dev, usb_rcvctrlpipe(dev, 0), ctrl.request, ctrl.requesttype,
569                                        ctrl.value, ctrl.index, tbuf, ctrl.length, tmo);
570                 if ((i > 0) && ctrl.length) {
571                         if (copy_to_user(ctrl.data, tbuf, ctrl.length)) {
572                                 free_page((unsigned long)tbuf);
573                                 return -EFAULT;
574                         }
575                 }
576         } else {
577                 if (ctrl.length) {
578                         if (copy_from_user(tbuf, ctrl.data, ctrl.length)) {
579                                 free_page((unsigned long)tbuf);
580                                 return -EFAULT;
581                         }
582                 }
583                 i = usb_control_msg(dev, usb_sndctrlpipe(dev, 0), ctrl.request, ctrl.requesttype,
584                                        ctrl.value, ctrl.index, tbuf, ctrl.length, tmo);
585         }
586         free_page((unsigned long)tbuf);
587         if (i<0) {
588                 printk(KERN_DEBUG "usbdevfs: USBDEVFS_CONTROL failed dev %d rqt %u rq %u len %u ret %d\n", 
589                        dev->devnum, ctrl.requesttype, ctrl.request, ctrl.length, i);
590         }
591         return i;
592 }
593
594 static int proc_bulk(struct dev_state *ps, void *arg)
595 {
596         struct usb_device *dev = ps->dev;
597         struct usbdevfs_bulktransfer bulk;
598         unsigned int tmo, len1, pipe;
599         int len2;
600         unsigned char *tbuf;
601         int i, ret;
602
603         if (copy_from_user(&bulk, (void *)arg, sizeof(bulk)))
604                 return -EFAULT;
605         if ((ret = findintfep(ps->dev, bulk.ep)) < 0)
606                 return ret;
607         if ((ret = checkintf(ps, ret)))
608                 return ret;
609         if (bulk.ep & USB_DIR_IN)
610                 pipe = usb_rcvbulkpipe(dev, bulk.ep & 0x7f);
611         else
612                 pipe = usb_sndbulkpipe(dev, bulk.ep & 0x7f);
613         if (!usb_maxpacket(dev, pipe, !(bulk.ep & USB_DIR_IN)))
614                 return -EINVAL;
615         len1 = bulk.len;
616         if (len1 > PAGE_SIZE)
617                 return -EINVAL;
618         if (!(tbuf = (unsigned char *)__get_free_page(GFP_KERNEL)))
619                 return -ENOMEM;
620         tmo = (bulk.timeout * HZ + 999) / 1000;
621         if (bulk.ep & 0x80) {
622                 if (len1 && !access_ok(VERIFY_WRITE, bulk.data, len1)) {
623                         free_page((unsigned long)tbuf);
624                         return -EINVAL;
625                 }
626                 i = usb_bulk_msg(dev, pipe, tbuf, len1, &len2, tmo);
627                 if (!i && len2) {
628                         if (copy_to_user(bulk.data, tbuf, len2)) {
629                                 free_page((unsigned long)tbuf);
630                                 return -EFAULT;
631                         }
632                 }
633         } else {
634                 if (len1) {
635                         if (copy_from_user(tbuf, bulk.data, len1)) {
636                                 free_page((unsigned long)tbuf);
637                                 return -EFAULT;
638                         }
639                 }
640                 i = usb_bulk_msg(dev, pipe, tbuf, len1, &len2, tmo);
641         }
642         free_page((unsigned long)tbuf);
643         if (i < 0) {
644                 printk(KERN_WARNING "usbdevfs: USBDEVFS_BULK failed dev %d ep 0x%x len %u ret %d\n", 
645                        dev->devnum, bulk.ep, bulk.len, i);
646                 return i;
647         }
648         return len2;
649 }
650
651 static int proc_resetep(struct dev_state *ps, void *arg)
652 {
653         unsigned int ep;
654         int ret;
655
656         if (get_user(ep, (unsigned int *)arg))
657                 return -EFAULT;
658         if ((ret = findintfep(ps->dev, ep)) < 0)
659                 return ret;
660         if ((ret = checkintf(ps, ret)))
661                 return ret;
662         usb_settoggle(ps->dev, ep & 0xf, !(ep & USB_DIR_IN), 0);
663         return 0;
664 }
665
666 static int proc_clearhalt(struct dev_state *ps, void *arg)
667 {
668         unsigned int ep;
669         int pipe;
670         int ret;
671
672         if (get_user(ep, (unsigned int *)arg))
673                 return -EFAULT;
674         if ((ret = findintfep(ps->dev, ep)) < 0)
675                 return ret;
676         if ((ret = checkintf(ps, ret)))
677                 return ret;
678         if (ep & USB_DIR_IN)
679                 pipe = usb_rcvbulkpipe(ps->dev, ep & 0x7f);
680         else
681                 pipe = usb_sndbulkpipe(ps->dev, ep & 0x7f);
682
683         return usb_clear_halt(ps->dev, pipe);
684 }
685                 
686
687 static int proc_getdriver(struct dev_state *ps, void *arg)
688 {
689         struct usbdevfs_getdriver gd;
690         struct usb_interface *interface;
691         int ret;
692
693         if (copy_from_user(&gd, arg, sizeof(gd)))
694                 return -EFAULT;
695         if ((ret = findintfif(ps->dev, gd.interface)) < 0)
696                 return ret;
697         interface = usb_ifnum_to_if(ps->dev, gd.interface);
698         if (!interface)
699                 return -EINVAL;
700         if (!interface->driver)
701                 return -ENODATA;
702         strcpy(gd.driver, interface->driver->name);
703         if (copy_to_user(arg, &gd, sizeof(gd)))
704                 return -EFAULT;
705         return 0;
706 }
707
708 static int proc_connectinfo(struct dev_state *ps, void *arg)
709 {
710         struct usbdevfs_connectinfo ci;
711
712         ci.devnum = ps->dev->devnum;
713         ci.slow = ps->dev->speed == USB_SPEED_LOW;
714         if (copy_to_user(arg, &ci, sizeof(ci)))
715                 return -EFAULT;
716         return 0;
717 }
718
719 static int proc_resetdevice(struct dev_state *ps)
720 {
721         int i, ret;
722
723         ret = usb_reset_device(ps->dev);
724         if (ret < 0)
725                 return ret;
726
727         for (i = 0; i < ps->dev->actconfig->bNumInterfaces; i++) {
728                 struct usb_interface *intf = &ps->dev->actconfig->interface[i];
729
730                 /* Don't simulate interfaces we've claimed */
731                 if (test_bit(i, &ps->ifclaimed))
732                         continue;
733
734                 if (intf->driver) {
735                         const struct usb_device_id *id;
736                         down(&intf->driver->serialize);
737                         intf->driver->disconnect(ps->dev, intf->private_data);
738                         id = usb_match_id(ps->dev,intf,intf->driver->id_table);
739                         intf->driver->probe(ps->dev, i, id);
740                         up(&intf->driver->serialize);
741                 }
742         }
743
744         return 0;
745 }
746
747 static int proc_setintf(struct dev_state *ps, void *arg)
748 {
749         struct usbdevfs_setinterface setintf;
750         struct usb_interface *interface;
751         int ret;
752
753         if (copy_from_user(&setintf, arg, sizeof(setintf)))
754                 return -EFAULT;
755         if ((ret = findintfif(ps->dev, setintf.interface)) < 0)
756                 return ret;
757         interface = usb_ifnum_to_if(ps->dev, setintf.interface);
758         if (!interface)
759                 return -EINVAL;
760         if (interface->driver) {
761                 if ((ret = checkintf(ps, ret)))
762                         return ret;
763         }
764         if (usb_set_interface(ps->dev, setintf.interface, setintf.altsetting))
765                 return -EINVAL;
766         return 0;
767 }
768
769 static int proc_setconfig(struct dev_state *ps, void *arg)
770 {
771         unsigned int u;
772
773         if (get_user(u, (unsigned int *)arg))
774                 return -EFAULT;
775         if (usb_set_configuration(ps->dev, u) < 0)
776                 return -EINVAL;
777         return 0;
778 }
779
780 static int proc_submiturb(struct dev_state *ps, void *arg)
781 {
782         struct usbdevfs_urb uurb;
783         struct usbdevfs_iso_packet_desc *isopkt = NULL;
784         struct usb_endpoint_descriptor *ep_desc;
785         struct async *as;
786         struct usb_ctrlrequest *dr = NULL;
787         unsigned int u, totlen, isofrmlen;
788         int ret;
789         int intf = -1;
790
791         if (copy_from_user(&uurb, arg, sizeof(uurb)))
792                 return -EFAULT;
793         if (uurb.flags & ~(USBDEVFS_URB_ISO_ASAP|USBDEVFS_URB_DISABLE_SPD|USBDEVFS_URB_QUEUE_BULK|
794                            USB_NO_FSBR|USB_ZERO_PACKET))
795                 return -EINVAL;
796         if (!uurb.buffer)
797                 return -EINVAL;
798         if (uurb.signr != 0 && (uurb.signr < SIGRTMIN || uurb.signr > SIGRTMAX))
799                 return -EINVAL;
800         if (!(uurb.type == USBDEVFS_URB_TYPE_CONTROL && (uurb.endpoint & ~USB_ENDPOINT_DIR_MASK) == 0)) {
801                 if ((intf = findintfep(ps->dev, uurb.endpoint)) < 0)
802                         return intf;
803                 if ((ret = checkintf(ps, intf)))
804                         return ret;
805         }
806         switch(uurb.type) {
807         case USBDEVFS_URB_TYPE_CONTROL:
808                 if ((uurb.endpoint & ~USB_ENDPOINT_DIR_MASK) != 0) {
809                         if (!(ep_desc = usb_epnum_to_ep_desc(ps->dev, uurb.endpoint)))
810                                 return -ENOENT;
811                         if ((ep_desc->bmAttributes & USB_ENDPOINT_XFERTYPE_MASK) != USB_ENDPOINT_XFER_CONTROL)
812                                 return -EINVAL;
813                 }
814                 /* min 8 byte setup packet, max arbitrary */
815                 if (uurb.buffer_length < 8 || uurb.buffer_length > PAGE_SIZE)
816                         return -EINVAL;
817                 if (!(dr = kmalloc(sizeof(struct usb_ctrlrequest), GFP_KERNEL)))
818                         return -ENOMEM;
819                 if (copy_from_user(dr, (unsigned char*)uurb.buffer, 8)) {
820                         kfree(dr);
821                         return -EFAULT;
822                 }
823                 if (uurb.buffer_length < (le16_to_cpup(&dr->wLength) + 8)) {
824                         kfree(dr);
825                         return -EINVAL;
826                 }
827                 if ((ret = check_ctrlrecip(ps, dr->bRequestType, le16_to_cpup(&dr->wIndex)))) {
828                         kfree(dr);
829                         return ret;
830                 }
831                 uurb.endpoint = (uurb.endpoint & ~USB_ENDPOINT_DIR_MASK) | (dr->bRequestType & USB_ENDPOINT_DIR_MASK);
832                 uurb.number_of_packets = 0;
833                 uurb.buffer_length = le16_to_cpup(&dr->wLength);
834                 uurb.buffer += 8;
835                 if (!access_ok((uurb.endpoint & USB_DIR_IN) ?  VERIFY_WRITE : VERIFY_READ, uurb.buffer, uurb.buffer_length)) {
836                         kfree(dr);
837                         return -EFAULT;
838                 }
839                 break;
840
841         case USBDEVFS_URB_TYPE_BULK:
842                 uurb.number_of_packets = 0;
843                 if (uurb.buffer_length > 16384)
844                         return -EINVAL;
845                 if (!access_ok((uurb.endpoint & USB_DIR_IN) ? VERIFY_WRITE : VERIFY_READ, uurb.buffer, uurb.buffer_length))
846                         return -EFAULT;
847                 break;
848
849         case USBDEVFS_URB_TYPE_ISO:
850                 /* arbitrary limit */
851                 if (uurb.number_of_packets < 1 || uurb.number_of_packets > 128)
852                         return -EINVAL;
853                 isofrmlen = sizeof(struct usbdevfs_iso_packet_desc) * uurb.number_of_packets;
854                 if (!(isopkt = kmalloc(isofrmlen, GFP_KERNEL)))
855                         return -ENOMEM;
856                 if (copy_from_user(isopkt, &((struct usbdevfs_urb *)arg)->iso_frame_desc, isofrmlen)) {
857                         kfree(isopkt);
858                         return -EFAULT;
859                 }
860                 for (totlen = u = 0; u < uurb.number_of_packets; u++) {
861                         if (isopkt[u].length > 1023) {
862                                 kfree(isopkt);
863                                 return -EINVAL;
864                         }
865                         totlen += isopkt[u].length;
866                 }
867                 if (totlen > 32768) {
868                         kfree(isopkt);
869                         return -EINVAL;
870                 }
871                 uurb.buffer_length = totlen;
872                 break;
873
874         case USBDEVFS_URB_TYPE_INTERRUPT:
875                 uurb.number_of_packets = 0;
876                 if (uurb.buffer_length > 16384)
877                         return -EINVAL;
878                 if (!access_ok((uurb.endpoint & USB_DIR_IN) ? VERIFY_WRITE : VERIFY_READ, uurb.buffer, uurb.buffer_length))
879                         return -EFAULT;   
880                 break;
881
882         default:
883                 return -EINVAL;
884         }
885         if (!(as = alloc_async(uurb.number_of_packets))) {
886                 if (isopkt)
887                         kfree(isopkt);
888                 if (dr)
889                         kfree(dr);
890                 return -ENOMEM;
891         }
892         if (!(as->urb.transfer_buffer = kmalloc(uurb.buffer_length, GFP_KERNEL))) {
893                 if (isopkt)
894                         kfree(isopkt);
895                 if (dr)
896                         kfree(dr);
897                 free_async(as);
898                 return -ENOMEM;
899         }
900         as->urb.next = NULL;
901         as->urb.dev = ps->dev;
902         as->urb.pipe = (uurb.type << 30) | __create_pipe(ps->dev, uurb.endpoint & 0xf) | (uurb.endpoint & USB_DIR_IN);
903         as->urb.transfer_flags = uurb.flags;
904         as->urb.transfer_buffer_length = uurb.buffer_length;
905         as->urb.setup_packet = (unsigned char*)dr;
906         as->urb.start_frame = uurb.start_frame;
907         as->urb.number_of_packets = uurb.number_of_packets;
908         as->urb.context = as;
909         as->urb.complete = async_completed;
910         for (totlen = u = 0; u < uurb.number_of_packets; u++) {
911                 as->urb.iso_frame_desc[u].offset = totlen;
912                 as->urb.iso_frame_desc[u].length = isopkt[u].length;
913                 totlen += isopkt[u].length;
914         }
915         if (isopkt)
916                 kfree(isopkt);
917         as->ps = ps;
918         as->userurb = arg;
919         if (uurb.endpoint & USB_DIR_IN)
920                 as->userbuffer = uurb.buffer;
921         else
922                 as->userbuffer = NULL;
923         as->signr = uurb.signr;
924         as->intf = intf;
925         as->task = current;
926         if (!(uurb.endpoint & USB_DIR_IN)) {
927                 if (copy_from_user(as->urb.transfer_buffer, uurb.buffer, as->urb.transfer_buffer_length)) {
928                         free_async(as);
929                         return -EFAULT;
930                 }
931         }
932         async_newpending(as);
933         if ((ret = usb_submit_urb(&as->urb))) {
934                 printk(KERN_DEBUG "usbdevfs: usb_submit_urb returned %d\n", ret);
935                 async_removepending(as);
936                 free_async(as);
937                 return ret;
938         }
939         return 0;
940 }
941
942 static int proc_unlinkurb(struct dev_state *ps, void *arg)
943 {
944         struct async *as;
945
946         as = async_getpending(ps, arg);
947         if (!as)
948                 return -EINVAL;
949         usb_unlink_urb(&as->urb);
950         return 0;
951 }
952
953 static int processcompl(struct async *as)
954 {
955         unsigned int i;
956
957         if (as->userbuffer)
958                 if (copy_to_user(as->userbuffer, as->urb.transfer_buffer, as->urb.transfer_buffer_length))
959                         return -EFAULT;
960         if (put_user(as->urb.status,
961                      &((struct usbdevfs_urb *)as->userurb)->status))
962                 return -EFAULT;
963         if (put_user(as->urb.actual_length,
964                      &((struct usbdevfs_urb *)as->userurb)->actual_length))
965                 return -EFAULT;
966         if (put_user(as->urb.error_count,
967                      &((struct usbdevfs_urb *)as->userurb)->error_count))
968                 return -EFAULT;
969
970         if (!(usb_pipeisoc(as->urb.pipe)))
971                 return 0;
972         for (i = 0; i < as->urb.number_of_packets; i++) {
973                 if (put_user(as->urb.iso_frame_desc[i].actual_length, 
974                              &((struct usbdevfs_urb *)as->userurb)->iso_frame_desc[i].actual_length))
975                         return -EFAULT;
976                 if (put_user(as->urb.iso_frame_desc[i].status, 
977                              &((struct usbdevfs_urb *)as->userurb)->iso_frame_desc[i].status))
978                         return -EFAULT;
979         }
980         return 0;
981 }
982
983 static int proc_reapurb(struct dev_state *ps, void *arg)
984 {
985         DECLARE_WAITQUEUE(wait, current);
986         struct async *as = NULL;
987         void *addr;
988         int ret;
989
990         add_wait_queue(&ps->wait, &wait);
991         while (ps->dev) {
992                 __set_current_state(TASK_INTERRUPTIBLE);
993                 if ((as = async_getcompleted(ps)))
994                         break;
995                 if (signal_pending(current))
996                         break;
997                 up_read(&ps->devsem);
998                 schedule();
999                 down_read(&ps->devsem);
1000         }
1001         remove_wait_queue(&ps->wait, &wait);
1002         set_current_state(TASK_RUNNING);
1003         if (as) {
1004                 ret = processcompl(as);
1005                 addr = as->userurb;
1006                 free_async(as);
1007                 if (ret)
1008                         return ret;
1009                 if (put_user(addr, (void **)arg))
1010                         return -EFAULT;
1011                 return 0;
1012         }
1013         if (signal_pending(current))
1014                 return -EINTR;
1015         return -EIO;
1016 }
1017
1018 static int proc_reapurbnonblock(struct dev_state *ps, void *arg)
1019 {
1020         struct async *as;
1021         void *addr;
1022         int ret;
1023
1024         if (!(as = async_getcompleted(ps)))
1025                 return -EAGAIN;
1026         ret = processcompl(as);
1027         addr = as->userurb;
1028         free_async(as);
1029         if (ret)
1030                 return ret;
1031         if (put_user(addr, (void **)arg))
1032                 return -EFAULT;
1033         return 0;
1034 }
1035
1036 static int proc_disconnectsignal(struct dev_state *ps, void *arg)
1037 {
1038         struct usbdevfs_disconnectsignal ds;
1039
1040         if (copy_from_user(&ds, arg, sizeof(ds)))
1041                 return -EFAULT;
1042         if (ds.signr != 0 && (ds.signr < SIGRTMIN || ds.signr > SIGRTMAX))
1043                 return -EINVAL;
1044         ps->discsignr = ds.signr;
1045         ps->disccontext = ds.context;
1046         return 0;
1047 }
1048
1049 static int proc_claiminterface(struct dev_state *ps, void *arg)
1050 {
1051         unsigned int intf;
1052         int ret;
1053
1054         if (get_user(intf, (unsigned int *)arg))
1055                 return -EFAULT;
1056         if ((ret = findintfif(ps->dev, intf)) < 0)
1057                 return ret;
1058         return claimintf(ps, ret);
1059 }
1060
1061 static int proc_releaseinterface(struct dev_state *ps, void *arg)
1062 {
1063         unsigned int intf;
1064         int ret;
1065
1066         if (get_user(intf, (unsigned int *)arg))
1067                 return -EFAULT;
1068         if ((ret = findintfif(ps->dev, intf)) < 0)
1069                 return ret;
1070         if ((ret = releaseintf(ps, intf)) < 0)
1071                 return ret;
1072         destroy_async_on_interface (ps, intf);
1073         return 0;
1074 }
1075
1076 static int proc_ioctl (struct dev_state *ps, void *arg)
1077 {
1078         struct usbdevfs_ioctl   ctrl;
1079         int                     size;
1080         void                    *buf = 0;
1081         int                     retval = 0;
1082        struct usb_interface    *ifp = 0;
1083        struct usb_driver       *driver = 0;
1084
1085         /* get input parameters and alloc buffer */
1086         if (copy_from_user(&ctrl, (void *) arg, sizeof (ctrl)))
1087                 return -EFAULT;
1088         if ((size = _IOC_SIZE (ctrl.ioctl_code)) > 0) {
1089                 if ((buf = kmalloc (size, GFP_KERNEL)) == 0)
1090                         return -ENOMEM;
1091                 if ((_IOC_DIR(ctrl.ioctl_code) & _IOC_WRITE)) {
1092                         if (copy_from_user (buf, ctrl.data, size)) {
1093                                 kfree (buf);
1094                                 return -EFAULT;
1095                         }
1096                 } else {
1097                         memset (buf, 0, size);
1098                 }
1099         }
1100
1101        if (!ps->dev)
1102                retval = -ENODEV;
1103        else if (!(ifp = usb_ifnum_to_if (ps->dev, ctrl.ifno)))
1104                retval = -EINVAL;
1105        else switch (ctrl.ioctl_code) {
1106
1107        /* disconnect kernel driver from interface, leaving it unbound.  */
1108        case USBDEVFS_DISCONNECT:
1109                driver = ifp->driver;
1110                if (driver) {
1111                        down (&driver->serialize);
1112                        dbg ("disconnect '%s' from dev %d interface %d",
1113                                driver->name, ps->dev->devnum, ctrl.ifno);
1114                        driver->disconnect (ps->dev, ifp->private_data);
1115                        usb_driver_release_interface (driver, ifp);
1116                        up (&driver->serialize);
1117                } else
1118                        retval = -ENODATA;
1119                break;
1120
1121        /* let kernel drivers try to (re)bind to the interface */
1122        case USBDEVFS_CONNECT:
1123                usb_find_interface_driver_for_ifnum (ps->dev, ctrl.ifno);
1124                break;
1125
1126        /* talk directly to the interface's driver */
1127        default:
1128                driver = ifp->driver;
1129                if (driver == 0 || driver->ioctl == 0)
1130                        retval = -ENOSYS;
1131                 else {
1132                         /* ifno might usefully be passed ... */
1133                        retval = driver->ioctl (ps->dev, ctrl.ioctl_code, buf);
1134                         /* size = min_t(int, size, retval)? */
1135                }
1136         }
1137
1138         /* cleanup and return */
1139         if (retval >= 0
1140                         && (_IOC_DIR (ctrl.ioctl_code) & _IOC_READ) != 0
1141                         && size > 0
1142                         && copy_to_user (ctrl.data, buf, size) != 0)
1143                 retval = -EFAULT;
1144         if (buf != 0)
1145                 kfree (buf);
1146         return retval;
1147 }
1148
1149 static int usbdev_ioctl(struct inode *inode, struct file *file, unsigned int cmd, unsigned long arg)
1150 {
1151         struct dev_state *ps = (struct dev_state *)file->private_data;
1152         int ret = -ENOIOCTLCMD;
1153
1154         if (!(file->f_mode & FMODE_WRITE))
1155                 return -EPERM;
1156         down_read(&ps->devsem);
1157         if (!ps->dev) {
1158                 up_read(&ps->devsem);
1159                 return -ENODEV;
1160         }
1161         switch (cmd) {
1162         case USBDEVFS_CONTROL:
1163                 ret = proc_control(ps, (void *)arg);
1164                 if (ret >= 0)
1165                         inode->i_mtime = CURRENT_TIME;
1166                 break;
1167
1168         case USBDEVFS_BULK:
1169                 ret = proc_bulk(ps, (void *)arg);
1170                 if (ret >= 0)
1171                         inode->i_mtime = CURRENT_TIME;
1172                 break;
1173
1174         case USBDEVFS_RESETEP:
1175                 ret = proc_resetep(ps, (void *)arg);
1176                 if (ret >= 0)
1177                         inode->i_mtime = CURRENT_TIME;
1178                 break;
1179
1180         case USBDEVFS_RESET:
1181                 ret = proc_resetdevice(ps);
1182                 break;
1183         
1184         case USBDEVFS_CLEAR_HALT:
1185                 ret = proc_clearhalt(ps, (void *)arg);
1186                 if (ret >= 0)
1187                         inode->i_mtime = CURRENT_TIME;
1188                 break;
1189
1190         case USBDEVFS_GETDRIVER:
1191                 ret = proc_getdriver(ps, (void *)arg);
1192                 break;
1193
1194         case USBDEVFS_CONNECTINFO:
1195                 ret = proc_connectinfo(ps, (void *)arg);
1196                 break;
1197
1198         case USBDEVFS_SETINTERFACE:
1199                 ret = proc_setintf(ps, (void *)arg);
1200                 break;
1201
1202         case USBDEVFS_SETCONFIGURATION:
1203                 ret = proc_setconfig(ps, (void *)arg);
1204                 break;
1205
1206         case USBDEVFS_SUBMITURB:
1207                 ret = proc_submiturb(ps, (void *)arg);
1208                 if (ret >= 0)
1209                         inode->i_mtime = CURRENT_TIME;
1210                 break;
1211
1212         case USBDEVFS_DISCARDURB:
1213                 ret = proc_unlinkurb(ps, (void *)arg);
1214                 break;
1215
1216         case USBDEVFS_REAPURB:
1217                 ret = proc_reapurb(ps, (void *)arg);
1218                 break;
1219
1220         case USBDEVFS_REAPURBNDELAY:
1221                 ret = proc_reapurbnonblock(ps, (void *)arg);
1222                 break;
1223
1224         case USBDEVFS_DISCSIGNAL:
1225                 ret = proc_disconnectsignal(ps, (void *)arg);
1226                 break;
1227
1228         case USBDEVFS_CLAIMINTERFACE:
1229                 ret = proc_claiminterface(ps, (void *)arg);
1230                 break;
1231
1232         case USBDEVFS_RELEASEINTERFACE:
1233                 ret = proc_releaseinterface(ps, (void *)arg);
1234                 break;
1235
1236         case USBDEVFS_IOCTL:
1237                 ret = proc_ioctl(ps, (void *) arg);
1238                 break;
1239         }
1240         up_read(&ps->devsem);
1241         if (ret >= 0)
1242                 inode->i_atime = CURRENT_TIME;
1243         return ret;
1244 }
1245
1246 /* No kernel lock - fine */
1247 static unsigned int usbdev_poll(struct file *file, struct poll_table_struct *wait)
1248 {
1249         struct dev_state *ps = (struct dev_state *)file->private_data;
1250         unsigned int mask = 0;
1251
1252         poll_wait(file, &ps->wait, wait);
1253         if (file->f_mode & FMODE_WRITE && !list_empty(&ps->async_completed))
1254                 mask |= POLLOUT | POLLWRNORM;
1255         if (!ps->dev)
1256                 mask |= POLLERR | POLLHUP;
1257         return mask;
1258 }
1259
1260 struct file_operations usbdevfs_device_file_operations = {
1261         llseek:         usbdev_lseek,
1262         read:           usbdev_read,
1263         poll:           usbdev_poll,
1264         ioctl:          usbdev_ioctl,
1265         open:           usbdev_open,
1266         release:        usbdev_release,
1267 };
D-Link DSM-G600 source code