bpf: Prevent memory disambiguation attack
[linux/fpc-iii.git] / drivers / usb / wusbcore / wusbhc.c
blobe5ba6140c1baf6291b672042c224c241750d4d04
1 // SPDX-License-Identifier: GPL-2.0
2 /*
3 * Wireless USB Host Controller
4 * sysfs glue, wusbcore module support and life cycle management
7 * Copyright (C) 2005-2006 Intel Corporation
8 * Inaky Perez-Gonzalez <inaky.perez-gonzalez@intel.com>
10 * Creation/destruction of wusbhc is split in two parts; that that
11 * doesn't require the HCD to be added (wusbhc_{create,destroy}) and
12 * the one that requires (phase B, wusbhc_b_{create,destroy}).
14 * This is so because usb_add_hcd() will start the HC, and thus, all
15 * the HC specific stuff has to be already initialized (like sysfs
16 * thingies).
18 #include <linux/device.h>
19 #include <linux/module.h>
20 #include "wusbhc.h"
22 /**
23 * Extract the wusbhc that corresponds to a USB Host Controller class device
25 * WARNING! Apply only if @dev is that of a
26 * wusbhc.usb_hcd.self->class_dev; otherwise, you loose.
28 static struct wusbhc *usbhc_dev_to_wusbhc(struct device *dev)
30 struct usb_bus *usb_bus = dev_get_drvdata(dev);
31 struct usb_hcd *usb_hcd = bus_to_hcd(usb_bus);
32 return usb_hcd_to_wusbhc(usb_hcd);
36 * Show & store the current WUSB trust timeout
38 * We don't do locking--it is an 'atomic' value.
40 * The units that we store/show are always MILLISECONDS. However, the
41 * value of trust_timeout is jiffies.
43 static ssize_t wusb_trust_timeout_show(struct device *dev,
44 struct device_attribute *attr,
45 char *buf)
47 struct wusbhc *wusbhc = usbhc_dev_to_wusbhc(dev);
49 return scnprintf(buf, PAGE_SIZE, "%u\n", wusbhc->trust_timeout);
52 static ssize_t wusb_trust_timeout_store(struct device *dev,
53 struct device_attribute *attr,
54 const char *buf, size_t size)
56 struct wusbhc *wusbhc = usbhc_dev_to_wusbhc(dev);
57 ssize_t result = -ENOSYS;
58 unsigned trust_timeout;
60 result = sscanf(buf, "%u", &trust_timeout);
61 if (result != 1) {
62 result = -EINVAL;
63 goto out;
65 wusbhc->trust_timeout = min_t(unsigned, trust_timeout, 500);
66 cancel_delayed_work(&wusbhc->keep_alive_timer);
67 flush_workqueue(wusbd);
68 queue_delayed_work(wusbd, &wusbhc->keep_alive_timer,
69 msecs_to_jiffies(wusbhc->trust_timeout / 2));
70 out:
71 return result < 0 ? result : size;
73 static DEVICE_ATTR_RW(wusb_trust_timeout);
76 * Show the current WUSB CHID.
78 static ssize_t wusb_chid_show(struct device *dev,
79 struct device_attribute *attr, char *buf)
81 struct wusbhc *wusbhc = usbhc_dev_to_wusbhc(dev);
82 const struct wusb_ckhdid *chid;
83 ssize_t result = 0;
85 if (wusbhc->wuie_host_info != NULL)
86 chid = &wusbhc->wuie_host_info->CHID;
87 else
88 chid = &wusb_ckhdid_zero;
90 result += ckhdid_printf(buf, PAGE_SIZE, chid);
91 result += sprintf(buf + result, "\n");
93 return result;
97 * Store a new CHID.
99 * - Write an all zeros CHID and it will stop the controller
100 * - Write a non-zero CHID and it will start it.
102 * See wusbhc_chid_set() for more info.
104 static ssize_t wusb_chid_store(struct device *dev,
105 struct device_attribute *attr,
106 const char *buf, size_t size)
108 struct wusbhc *wusbhc = usbhc_dev_to_wusbhc(dev);
109 struct wusb_ckhdid chid;
110 ssize_t result;
112 result = sscanf(buf,
113 "%02hhx %02hhx %02hhx %02hhx "
114 "%02hhx %02hhx %02hhx %02hhx "
115 "%02hhx %02hhx %02hhx %02hhx "
116 "%02hhx %02hhx %02hhx %02hhx\n",
117 &chid.data[0] , &chid.data[1] ,
118 &chid.data[2] , &chid.data[3] ,
119 &chid.data[4] , &chid.data[5] ,
120 &chid.data[6] , &chid.data[7] ,
121 &chid.data[8] , &chid.data[9] ,
122 &chid.data[10], &chid.data[11],
123 &chid.data[12], &chid.data[13],
124 &chid.data[14], &chid.data[15]);
125 if (result != 16) {
126 dev_err(dev, "Unrecognized CHID (need 16 8-bit hex digits): "
127 "%d\n", (int)result);
128 return -EINVAL;
130 result = wusbhc_chid_set(wusbhc, &chid);
131 return result < 0 ? result : size;
133 static DEVICE_ATTR_RW(wusb_chid);
136 static ssize_t wusb_phy_rate_show(struct device *dev,
137 struct device_attribute *attr,
138 char *buf)
140 struct wusbhc *wusbhc = usbhc_dev_to_wusbhc(dev);
142 return sprintf(buf, "%d\n", wusbhc->phy_rate);
145 static ssize_t wusb_phy_rate_store(struct device *dev,
146 struct device_attribute *attr,
147 const char *buf, size_t size)
149 struct wusbhc *wusbhc = usbhc_dev_to_wusbhc(dev);
150 uint8_t phy_rate;
151 ssize_t result;
153 result = sscanf(buf, "%hhu", &phy_rate);
154 if (result != 1)
155 return -EINVAL;
156 if (phy_rate >= UWB_PHY_RATE_INVALID)
157 return -EINVAL;
159 wusbhc->phy_rate = phy_rate;
160 return size;
162 static DEVICE_ATTR_RW(wusb_phy_rate);
164 static ssize_t wusb_dnts_show(struct device *dev,
165 struct device_attribute *attr,
166 char *buf)
168 struct wusbhc *wusbhc = usbhc_dev_to_wusbhc(dev);
170 return sprintf(buf, "num slots: %d\ninterval: %dms\n",
171 wusbhc->dnts_num_slots, wusbhc->dnts_interval);
174 static ssize_t wusb_dnts_store(struct device *dev,
175 struct device_attribute *attr,
176 const char *buf, size_t size)
178 struct wusbhc *wusbhc = usbhc_dev_to_wusbhc(dev);
179 uint8_t num_slots, interval;
180 ssize_t result;
182 result = sscanf(buf, "%hhu %hhu", &num_slots, &interval);
184 if (result != 2)
185 return -EINVAL;
187 wusbhc->dnts_num_slots = num_slots;
188 wusbhc->dnts_interval = interval;
190 return size;
192 static DEVICE_ATTR_RW(wusb_dnts);
194 static ssize_t wusb_retry_count_show(struct device *dev,
195 struct device_attribute *attr,
196 char *buf)
198 struct wusbhc *wusbhc = usbhc_dev_to_wusbhc(dev);
200 return sprintf(buf, "%d\n", wusbhc->retry_count);
203 static ssize_t wusb_retry_count_store(struct device *dev,
204 struct device_attribute *attr,
205 const char *buf, size_t size)
207 struct wusbhc *wusbhc = usbhc_dev_to_wusbhc(dev);
208 uint8_t retry_count;
209 ssize_t result;
211 result = sscanf(buf, "%hhu", &retry_count);
213 if (result != 1)
214 return -EINVAL;
216 wusbhc->retry_count = max_t(uint8_t, retry_count,
217 WUSB_RETRY_COUNT_MAX);
219 return size;
221 static DEVICE_ATTR_RW(wusb_retry_count);
223 /* Group all the WUSBHC attributes */
224 static struct attribute *wusbhc_attrs[] = {
225 &dev_attr_wusb_trust_timeout.attr,
226 &dev_attr_wusb_chid.attr,
227 &dev_attr_wusb_phy_rate.attr,
228 &dev_attr_wusb_dnts.attr,
229 &dev_attr_wusb_retry_count.attr,
230 NULL,
233 static const struct attribute_group wusbhc_attr_group = {
234 .name = NULL, /* we want them in the same directory */
235 .attrs = wusbhc_attrs,
239 * Create a wusbhc instance
241 * NOTEs:
243 * - assumes *wusbhc has been zeroed and wusbhc->usb_hcd has been
244 * initialized but not added.
246 * - fill out ports_max, mmcies_max and mmcie_{add,rm} before calling.
248 * - fill out wusbhc->uwb_rc and refcount it before calling
249 * - fill out the wusbhc->sec_modes array
251 int wusbhc_create(struct wusbhc *wusbhc)
253 int result = 0;
255 /* set defaults. These can be overwritten using sysfs attributes. */
256 wusbhc->trust_timeout = WUSB_TRUST_TIMEOUT_MS;
257 wusbhc->phy_rate = UWB_PHY_RATE_INVALID - 1;
258 wusbhc->dnts_num_slots = 4;
259 wusbhc->dnts_interval = 2;
260 wusbhc->retry_count = WUSB_RETRY_COUNT_INFINITE;
262 mutex_init(&wusbhc->mutex);
263 result = wusbhc_mmcie_create(wusbhc);
264 if (result < 0)
265 goto error_mmcie_create;
266 result = wusbhc_devconnect_create(wusbhc);
267 if (result < 0)
268 goto error_devconnect_create;
269 result = wusbhc_rh_create(wusbhc);
270 if (result < 0)
271 goto error_rh_create;
272 result = wusbhc_sec_create(wusbhc);
273 if (result < 0)
274 goto error_sec_create;
275 return 0;
277 error_sec_create:
278 wusbhc_rh_destroy(wusbhc);
279 error_rh_create:
280 wusbhc_devconnect_destroy(wusbhc);
281 error_devconnect_create:
282 wusbhc_mmcie_destroy(wusbhc);
283 error_mmcie_create:
284 return result;
286 EXPORT_SYMBOL_GPL(wusbhc_create);
288 static inline struct kobject *wusbhc_kobj(struct wusbhc *wusbhc)
290 return &wusbhc->usb_hcd.self.controller->kobj;
294 * Phase B of a wusbhc instance creation
296 * Creates fields that depend on wusbhc->usb_hcd having been
297 * added. This is where we create the sysfs files in
298 * /sys/class/usb_host/usb_hostX/.
300 * NOTE: Assumes wusbhc->usb_hcd has been already added by the upper
301 * layer (hwahc or whci)
303 int wusbhc_b_create(struct wusbhc *wusbhc)
305 int result = 0;
306 struct device *dev = wusbhc->usb_hcd.self.controller;
308 result = sysfs_create_group(wusbhc_kobj(wusbhc), &wusbhc_attr_group);
309 if (result < 0) {
310 dev_err(dev, "Cannot register WUSBHC attributes: %d\n",
311 result);
312 goto error_create_attr_group;
315 return 0;
316 error_create_attr_group:
317 return result;
319 EXPORT_SYMBOL_GPL(wusbhc_b_create);
321 void wusbhc_b_destroy(struct wusbhc *wusbhc)
323 wusbhc_pal_unregister(wusbhc);
324 sysfs_remove_group(wusbhc_kobj(wusbhc), &wusbhc_attr_group);
326 EXPORT_SYMBOL_GPL(wusbhc_b_destroy);
328 void wusbhc_destroy(struct wusbhc *wusbhc)
330 wusbhc_sec_destroy(wusbhc);
331 wusbhc_rh_destroy(wusbhc);
332 wusbhc_devconnect_destroy(wusbhc);
333 wusbhc_mmcie_destroy(wusbhc);
335 EXPORT_SYMBOL_GPL(wusbhc_destroy);
337 struct workqueue_struct *wusbd;
338 EXPORT_SYMBOL_GPL(wusbd);
341 * WUSB Cluster ID allocation map
343 * Each WUSB bus in a channel is identified with a Cluster Id in the
344 * unauth address pace (WUSB1.0[4.3]). We take the range 0xe0 to 0xff
345 * (that's space for 31 WUSB controllers, as 0xff can't be taken). We
346 * start taking from 0xff, 0xfe, 0xfd... (hence the += or -= 0xff).
348 * For each one we taken, we pin it in the bitap
350 #define CLUSTER_IDS 32
351 static DECLARE_BITMAP(wusb_cluster_id_table, CLUSTER_IDS);
352 static DEFINE_SPINLOCK(wusb_cluster_ids_lock);
355 * Get a WUSB Cluster ID
357 * Need to release with wusb_cluster_id_put() when done w/ it.
359 /* FIXME: coordinate with the choose_addres() from the USB stack */
360 /* we want to leave the top of the 128 range for cluster addresses and
361 * the bottom for device addresses (as we map them one on one with
362 * ports). */
363 u8 wusb_cluster_id_get(void)
365 u8 id;
366 spin_lock(&wusb_cluster_ids_lock);
367 id = find_first_zero_bit(wusb_cluster_id_table, CLUSTER_IDS);
368 if (id >= CLUSTER_IDS) {
369 id = 0;
370 goto out;
372 set_bit(id, wusb_cluster_id_table);
373 id = (u8) 0xff - id;
374 out:
375 spin_unlock(&wusb_cluster_ids_lock);
376 return id;
379 EXPORT_SYMBOL_GPL(wusb_cluster_id_get);
382 * Release a WUSB Cluster ID
384 * Obtained it with wusb_cluster_id_get()
386 void wusb_cluster_id_put(u8 id)
388 id = 0xff - id;
389 BUG_ON(id >= CLUSTER_IDS);
390 spin_lock(&wusb_cluster_ids_lock);
391 WARN_ON(!test_bit(id, wusb_cluster_id_table));
392 clear_bit(id, wusb_cluster_id_table);
393 spin_unlock(&wusb_cluster_ids_lock);
395 EXPORT_SYMBOL_GPL(wusb_cluster_id_put);
398 * wusbhc_giveback_urb - return an URB to the USB core
399 * @wusbhc: the host controller the URB is from.
400 * @urb: the URB.
401 * @status: the URB's status.
403 * Return an URB to the USB core doing some additional WUSB specific
404 * processing.
406 * - After a successful transfer, update the trust timeout timestamp
407 * for the WUSB device.
409 * - [WUSB] sections 4.13 and 7.5.1 specify the stop retransmission
410 * condition for the WCONNECTACK_IE is that the host has observed
411 * the associated device responding to a control transfer.
413 void wusbhc_giveback_urb(struct wusbhc *wusbhc, struct urb *urb, int status)
415 struct wusb_dev *wusb_dev = __wusb_dev_get_by_usb_dev(wusbhc,
416 urb->dev);
418 if (status == 0 && wusb_dev) {
419 wusb_dev->entry_ts = jiffies;
421 /* wusbhc_devconnect_acked() can't be called from
422 atomic context so defer it to a work queue. */
423 if (!list_empty(&wusb_dev->cack_node))
424 queue_work(wusbd, &wusb_dev->devconnect_acked_work);
425 else
426 wusb_dev_put(wusb_dev);
429 usb_hcd_giveback_urb(&wusbhc->usb_hcd, urb, status);
431 EXPORT_SYMBOL_GPL(wusbhc_giveback_urb);
434 * wusbhc_reset_all - reset the HC hardware
435 * @wusbhc: the host controller to reset.
437 * Request a full hardware reset of the chip. This will also reset
438 * the radio controller and any other PALs.
440 void wusbhc_reset_all(struct wusbhc *wusbhc)
442 if (wusbhc->uwb_rc)
443 uwb_rc_reset_all(wusbhc->uwb_rc);
445 EXPORT_SYMBOL_GPL(wusbhc_reset_all);
447 static struct notifier_block wusb_usb_notifier = {
448 .notifier_call = wusb_usb_ncb,
449 .priority = INT_MAX /* Need to be called first of all */
452 static int __init wusbcore_init(void)
454 int result;
455 result = wusb_crypto_init();
456 if (result < 0)
457 goto error_crypto_init;
458 /* WQ is singlethread because we need to serialize notifications */
459 wusbd = create_singlethread_workqueue("wusbd");
460 if (wusbd == NULL) {
461 result = -ENOMEM;
462 printk(KERN_ERR "WUSB-core: Cannot create wusbd workqueue\n");
463 goto error_wusbd_create;
465 usb_register_notify(&wusb_usb_notifier);
466 bitmap_zero(wusb_cluster_id_table, CLUSTER_IDS);
467 set_bit(0, wusb_cluster_id_table); /* reserve Cluster ID 0xff */
468 return 0;
470 error_wusbd_create:
471 wusb_crypto_exit();
472 error_crypto_init:
473 return result;
476 module_init(wusbcore_init);
478 static void __exit wusbcore_exit(void)
480 clear_bit(0, wusb_cluster_id_table);
481 if (!bitmap_empty(wusb_cluster_id_table, CLUSTER_IDS)) {
482 printk(KERN_ERR "BUG: WUSB Cluster IDs not released on exit: %*pb\n",
483 CLUSTER_IDS, wusb_cluster_id_table);
484 WARN_ON(1);
486 usb_unregister_notify(&wusb_usb_notifier);
487 destroy_workqueue(wusbd);
488 wusb_crypto_exit();
490 module_exit(wusbcore_exit);
492 MODULE_AUTHOR("Inaky Perez-Gonzalez <inaky.perez-gonzalez@intel.com>");
493 MODULE_DESCRIPTION("Wireless USB core");
494 MODULE_LICENSE("GPL");