OMAPDSS: VENC: fix NULL pointer dereference in DSS2 VENC sysfs debug attr on OMAP4
[zen-stable.git] / drivers / staging / usbip / stub_dev.c
blob03420e25d9c64ecd0512eb7029ca287e4c054f4c
1 /*
2 * Copyright (C) 2003-2008 Takahiro Hirofuchi
4 * This is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License as published by
6 * the Free Software Foundation; either version 2 of the License, or
7 * (at your option) any later version.
9 * This is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
14 * You should have received a copy of the GNU General Public License
15 * along with this program; if not, write to the Free Software
16 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
17 * USA.
20 #include <linux/device.h>
21 #include <linux/kthread.h>
22 #include <linux/module.h>
24 #include "usbip_common.h"
25 #include "stub.h"
28 * Define device IDs here if you want to explicitly limit exportable devices.
29 * In most cases, wildcard matching will be okay because driver binding can be
30 * changed dynamically by a userland program.
32 static struct usb_device_id stub_table[] = {
33 #if 0
34 /* just an example */
35 { USB_DEVICE(0x05ac, 0x0301) }, /* Mac 1 button mouse */
36 { USB_DEVICE(0x0430, 0x0009) }, /* Plat Home Keyboard */
37 { USB_DEVICE(0x059b, 0x0001) }, /* Iomega USB Zip 100 */
38 { USB_DEVICE(0x04b3, 0x4427) }, /* IBM USB CD-ROM */
39 { USB_DEVICE(0x05a9, 0xa511) }, /* LifeView USB cam */
40 { USB_DEVICE(0x55aa, 0x0201) }, /* Imation card reader */
41 { USB_DEVICE(0x046d, 0x0870) }, /* Qcam Express(QV-30) */
42 { USB_DEVICE(0x04bb, 0x0101) }, /* IO-DATA HD 120GB */
43 { USB_DEVICE(0x04bb, 0x0904) }, /* IO-DATA USB-ET/TX */
44 { USB_DEVICE(0x04bb, 0x0201) }, /* IO-DATA USB-ET/TX */
45 { USB_DEVICE(0x08bb, 0x2702) }, /* ONKYO USB Speaker */
46 { USB_DEVICE(0x046d, 0x08b2) }, /* Logicool Qcam 4000 Pro */
47 #endif
48 /* magic for wild card */
49 { .driver_info = 1 },
50 { 0, } /* Terminating entry */
52 MODULE_DEVICE_TABLE(usb, stub_table);
55 * usbip_status shows the status of usbip-host as long as this driver is bound
56 * to the target device.
58 static ssize_t show_status(struct device *dev, struct device_attribute *attr,
59 char *buf)
61 struct stub_device *sdev = dev_get_drvdata(dev);
62 int status;
64 if (!sdev) {
65 dev_err(dev, "sdev is null\n");
66 return -ENODEV;
69 spin_lock(&sdev->ud.lock);
70 status = sdev->ud.status;
71 spin_unlock(&sdev->ud.lock);
73 return snprintf(buf, PAGE_SIZE, "%d\n", status);
75 static DEVICE_ATTR(usbip_status, S_IRUGO, show_status, NULL);
78 * usbip_sockfd gets a socket descriptor of an established TCP connection that
79 * is used to transfer usbip requests by kernel threads. -1 is a magic number
80 * by which usbip connection is finished.
82 static ssize_t store_sockfd(struct device *dev, struct device_attribute *attr,
83 const char *buf, size_t count)
85 struct stub_device *sdev = dev_get_drvdata(dev);
86 int sockfd = 0;
87 struct socket *socket;
89 if (!sdev) {
90 dev_err(dev, "sdev is null\n");
91 return -ENODEV;
94 sscanf(buf, "%d", &sockfd);
96 if (sockfd != -1) {
97 dev_info(dev, "stub up\n");
99 spin_lock(&sdev->ud.lock);
101 if (sdev->ud.status != SDEV_ST_AVAILABLE) {
102 dev_err(dev, "not ready\n");
103 spin_unlock(&sdev->ud.lock);
104 return -EINVAL;
107 socket = sockfd_to_socket(sockfd);
108 if (!socket) {
109 spin_unlock(&sdev->ud.lock);
110 return -EINVAL;
112 sdev->ud.tcp_socket = socket;
114 spin_unlock(&sdev->ud.lock);
116 sdev->ud.tcp_rx = kthread_run(stub_rx_loop, &sdev->ud, "stub_rx");
117 sdev->ud.tcp_tx = kthread_run(stub_tx_loop, &sdev->ud, "stub_tx");
119 spin_lock(&sdev->ud.lock);
120 sdev->ud.status = SDEV_ST_USED;
121 spin_unlock(&sdev->ud.lock);
123 } else {
124 dev_info(dev, "stub down\n");
126 spin_lock(&sdev->ud.lock);
127 if (sdev->ud.status != SDEV_ST_USED) {
128 spin_unlock(&sdev->ud.lock);
129 return -EINVAL;
131 spin_unlock(&sdev->ud.lock);
133 usbip_event_add(&sdev->ud, SDEV_EVENT_DOWN);
136 return count;
138 static DEVICE_ATTR(usbip_sockfd, S_IWUSR, NULL, store_sockfd);
140 static int stub_add_files(struct device *dev)
142 int err = 0;
144 err = device_create_file(dev, &dev_attr_usbip_status);
145 if (err)
146 goto err_status;
148 err = device_create_file(dev, &dev_attr_usbip_sockfd);
149 if (err)
150 goto err_sockfd;
152 err = device_create_file(dev, &dev_attr_usbip_debug);
153 if (err)
154 goto err_debug;
156 return 0;
158 err_debug:
159 device_remove_file(dev, &dev_attr_usbip_sockfd);
160 err_sockfd:
161 device_remove_file(dev, &dev_attr_usbip_status);
162 err_status:
163 return err;
166 static void stub_remove_files(struct device *dev)
168 device_remove_file(dev, &dev_attr_usbip_status);
169 device_remove_file(dev, &dev_attr_usbip_sockfd);
170 device_remove_file(dev, &dev_attr_usbip_debug);
173 static void stub_shutdown_connection(struct usbip_device *ud)
175 struct stub_device *sdev = container_of(ud, struct stub_device, ud);
178 * When removing an exported device, kernel panic sometimes occurred
179 * and then EIP was sk_wait_data of stub_rx thread. Is this because
180 * sk_wait_data returned though stub_rx thread was already finished by
181 * step 1?
183 if (ud->tcp_socket) {
184 dev_dbg(&sdev->udev->dev, "shutdown tcp_socket %p\n",
185 ud->tcp_socket);
186 kernel_sock_shutdown(ud->tcp_socket, SHUT_RDWR);
189 /* 1. stop threads */
190 if (ud->tcp_rx && !task_is_dead(ud->tcp_rx))
191 kthread_stop(ud->tcp_rx);
192 if (ud->tcp_tx && !task_is_dead(ud->tcp_tx))
193 kthread_stop(ud->tcp_tx);
196 * 2. close the socket
198 * tcp_socket is freed after threads are killed so that usbip_xmit does
199 * not touch NULL socket.
201 if (ud->tcp_socket) {
202 sock_release(ud->tcp_socket);
203 ud->tcp_socket = NULL;
206 /* 3. free used data */
207 stub_device_cleanup_urbs(sdev);
209 /* 4. free stub_unlink */
211 unsigned long flags;
212 struct stub_unlink *unlink, *tmp;
214 spin_lock_irqsave(&sdev->priv_lock, flags);
215 list_for_each_entry_safe(unlink, tmp, &sdev->unlink_tx, list) {
216 list_del(&unlink->list);
217 kfree(unlink);
219 list_for_each_entry_safe(unlink, tmp, &sdev->unlink_free,
220 list) {
221 list_del(&unlink->list);
222 kfree(unlink);
224 spin_unlock_irqrestore(&sdev->priv_lock, flags);
228 static void stub_device_reset(struct usbip_device *ud)
230 struct stub_device *sdev = container_of(ud, struct stub_device, ud);
231 struct usb_device *udev = sdev->udev;
232 int ret;
234 dev_dbg(&udev->dev, "device reset");
236 ret = usb_lock_device_for_reset(udev, sdev->interface);
237 if (ret < 0) {
238 dev_err(&udev->dev, "lock for reset\n");
239 spin_lock(&ud->lock);
240 ud->status = SDEV_ST_ERROR;
241 spin_unlock(&ud->lock);
242 return;
245 /* try to reset the device */
246 ret = usb_reset_device(udev);
247 usb_unlock_device(udev);
249 spin_lock(&ud->lock);
250 if (ret) {
251 dev_err(&udev->dev, "device reset\n");
252 ud->status = SDEV_ST_ERROR;
253 } else {
254 dev_info(&udev->dev, "device reset\n");
255 ud->status = SDEV_ST_AVAILABLE;
257 spin_unlock(&ud->lock);
260 static void stub_device_unusable(struct usbip_device *ud)
262 spin_lock(&ud->lock);
263 ud->status = SDEV_ST_ERROR;
264 spin_unlock(&ud->lock);
268 * stub_device_alloc - allocate a new stub_device struct
269 * @interface: usb_interface of a new device
271 * Allocates and initializes a new stub_device struct.
273 static struct stub_device *stub_device_alloc(struct usb_device *udev,
274 struct usb_interface *interface)
276 struct stub_device *sdev;
277 int busnum = interface_to_busnum(interface);
278 int devnum = interface_to_devnum(interface);
280 dev_dbg(&interface->dev, "allocating stub device");
282 /* yes, it's a new device */
283 sdev = kzalloc(sizeof(struct stub_device), GFP_KERNEL);
284 if (!sdev) {
285 dev_err(&interface->dev, "no memory for stub_device\n");
286 return NULL;
289 sdev->interface = usb_get_intf(interface);
290 sdev->udev = usb_get_dev(udev);
293 * devid is defined with devnum when this driver is first allocated.
294 * devnum may change later if a device is reset. However, devid never
295 * changes during a usbip connection.
297 sdev->devid = (busnum << 16) | devnum;
298 sdev->ud.side = USBIP_STUB;
299 sdev->ud.status = SDEV_ST_AVAILABLE;
300 /* sdev->ud.lock = SPIN_LOCK_UNLOCKED; */
301 spin_lock_init(&sdev->ud.lock);
302 sdev->ud.tcp_socket = NULL;
304 INIT_LIST_HEAD(&sdev->priv_init);
305 INIT_LIST_HEAD(&sdev->priv_tx);
306 INIT_LIST_HEAD(&sdev->priv_free);
307 INIT_LIST_HEAD(&sdev->unlink_free);
308 INIT_LIST_HEAD(&sdev->unlink_tx);
309 /* sdev->priv_lock = SPIN_LOCK_UNLOCKED; */
310 spin_lock_init(&sdev->priv_lock);
312 init_waitqueue_head(&sdev->tx_waitq);
314 sdev->ud.eh_ops.shutdown = stub_shutdown_connection;
315 sdev->ud.eh_ops.reset = stub_device_reset;
316 sdev->ud.eh_ops.unusable = stub_device_unusable;
318 usbip_start_eh(&sdev->ud);
320 dev_dbg(&interface->dev, "register new interface\n");
322 return sdev;
325 static int stub_device_free(struct stub_device *sdev)
327 if (!sdev)
328 return -EINVAL;
330 kfree(sdev);
331 pr_debug("kfree udev ok\n");
333 return 0;
337 * If a usb device has multiple active interfaces, this driver is bound to all
338 * the active interfaces. However, usbip exports *a* usb device (i.e., not *an*
339 * active interface). Currently, a userland program must ensure that it
340 * looks at the usbip's sysfs entries of only the first active interface.
342 * TODO: use "struct usb_device_driver" to bind a usb device.
343 * However, it seems it is not fully supported in mainline kernel yet
344 * (2.6.19.2).
346 static int stub_probe(struct usb_interface *interface,
347 const struct usb_device_id *id)
349 struct usb_device *udev = interface_to_usbdev(interface);
350 struct stub_device *sdev = NULL;
351 const char *udev_busid = dev_name(interface->dev.parent);
352 int err = 0;
353 struct bus_id_priv *busid_priv;
355 dev_dbg(&interface->dev, "Enter\n");
357 /* check we should claim or not by busid_table */
358 busid_priv = get_busid_priv(udev_busid);
359 if (!busid_priv || (busid_priv->status == STUB_BUSID_REMOV) ||
360 (busid_priv->status == STUB_BUSID_OTHER)) {
361 dev_info(&interface->dev, "%s is not in match_busid table... "
362 "skip!\n", udev_busid);
365 * Return value should be ENODEV or ENOXIO to continue trying
366 * other matched drivers by the driver core.
367 * See driver_probe_device() in driver/base/dd.c
369 return -ENODEV;
372 if (udev->descriptor.bDeviceClass == USB_CLASS_HUB) {
373 dev_dbg(&udev->dev, "%s is a usb hub device... skip!\n",
374 udev_busid);
375 return -ENODEV;
378 if (!strcmp(udev->bus->bus_name, "vhci_hcd")) {
379 dev_dbg(&udev->dev, "%s is attached on vhci_hcd... skip!\n",
380 udev_busid);
381 return -ENODEV;
384 if (busid_priv->status == STUB_BUSID_ALLOC) {
385 sdev = busid_priv->sdev;
386 if (!sdev)
387 return -ENODEV;
389 busid_priv->interf_count++;
390 dev_info(&interface->dev, "usbip-host: register new interface "
391 "(bus %u dev %u ifn %u)\n",
392 udev->bus->busnum, udev->devnum,
393 interface->cur_altsetting->desc.bInterfaceNumber);
395 /* set private data to usb_interface */
396 usb_set_intfdata(interface, sdev);
398 err = stub_add_files(&interface->dev);
399 if (err) {
400 dev_err(&interface->dev, "stub_add_files for %s\n",
401 udev_busid);
402 usb_set_intfdata(interface, NULL);
403 busid_priv->interf_count--;
404 return err;
407 usb_get_intf(interface);
408 return 0;
411 /* ok, this is my device */
412 sdev = stub_device_alloc(udev, interface);
413 if (!sdev)
414 return -ENOMEM;
416 dev_info(&interface->dev, "usbip-host: register new device "
417 "(bus %u dev %u ifn %u)\n", udev->bus->busnum, udev->devnum,
418 interface->cur_altsetting->desc.bInterfaceNumber);
420 busid_priv->interf_count = 0;
421 busid_priv->shutdown_busid = 0;
423 /* set private data to usb_interface */
424 usb_set_intfdata(interface, sdev);
425 busid_priv->interf_count++;
426 busid_priv->sdev = sdev;
428 err = stub_add_files(&interface->dev);
429 if (err) {
430 dev_err(&interface->dev, "stub_add_files for %s\n", udev_busid);
431 usb_set_intfdata(interface, NULL);
432 usb_put_intf(interface);
434 busid_priv->interf_count = 0;
435 busid_priv->sdev = NULL;
436 stub_device_free(sdev);
437 return err;
439 busid_priv->status = STUB_BUSID_ALLOC;
441 return 0;
444 static void shutdown_busid(struct bus_id_priv *busid_priv)
446 if (busid_priv->sdev && !busid_priv->shutdown_busid) {
447 busid_priv->shutdown_busid = 1;
448 usbip_event_add(&busid_priv->sdev->ud, SDEV_EVENT_REMOVED);
450 /* 2. wait for the stop of the event handler */
451 usbip_stop_eh(&busid_priv->sdev->ud);
456 * called in usb_disconnect() or usb_deregister()
457 * but only if actconfig(active configuration) exists
459 static void stub_disconnect(struct usb_interface *interface)
461 struct stub_device *sdev;
462 const char *udev_busid = dev_name(interface->dev.parent);
463 struct bus_id_priv *busid_priv;
465 dev_dbg(&interface->dev, "Enter\n");
467 busid_priv = get_busid_priv(udev_busid);
468 if (!busid_priv) {
469 BUG();
470 return;
473 sdev = usb_get_intfdata(interface);
475 /* get stub_device */
476 if (!sdev) {
477 dev_err(&interface->dev, "could not get device");
478 /* BUG(); */
479 return;
482 usb_set_intfdata(interface, NULL);
485 * NOTE:
486 * rx/tx threads are invoked for each usb_device.
488 stub_remove_files(&interface->dev);
490 /*If usb reset called from event handler*/
491 if (busid_priv->sdev->ud.eh == current) {
492 busid_priv->interf_count--;
493 return;
496 if (busid_priv->interf_count > 1) {
497 busid_priv->interf_count--;
498 shutdown_busid(busid_priv);
499 usb_put_intf(interface);
500 return;
503 busid_priv->interf_count = 0;
505 /* 1. shutdown the current connection */
506 shutdown_busid(busid_priv);
508 usb_put_dev(sdev->udev);
509 usb_put_intf(interface);
511 /* 3. free sdev */
512 busid_priv->sdev = NULL;
513 stub_device_free(sdev);
515 if (busid_priv->status == STUB_BUSID_ALLOC) {
516 busid_priv->status = STUB_BUSID_ADDED;
517 } else {
518 busid_priv->status = STUB_BUSID_OTHER;
519 del_match_busid((char *)udev_busid);
524 * Presence of pre_reset and post_reset prevents the driver from being unbound
525 * when the device is being reset
528 int stub_pre_reset(struct usb_interface *interface)
530 dev_dbg(&interface->dev, "pre_reset\n");
531 return 0;
534 int stub_post_reset(struct usb_interface *interface)
536 dev_dbg(&interface->dev, "post_reset\n");
537 return 0;
540 struct usb_driver stub_driver = {
541 .name = "usbip-host",
542 .probe = stub_probe,
543 .disconnect = stub_disconnect,
544 .id_table = stub_table,
545 .pre_reset = stub_pre_reset,
546 .post_reset = stub_post_reset,