/drivers/usb/gadget/f_accessory.c

https://bitbucket.org/cyanogenmod/android_kernel_asus_tf300t · C · 1172 lines · 913 code · 184 blank · 75 comment · 126 complexity · b0b10d106818bfa34db0af990eb43306 MD5 · raw file

  1. /*
  2. * Gadget Function Driver for Android USB accessories
  3. *
  4. * Copyright (C) 2011 Google, Inc.
  5. * Author: Mike Lockwood <lockwood@android.com>
  6. *
  7. * This software is licensed under the terms of the GNU General Public
  8. * License version 2, as published by the Free Software Foundation, and
  9. * may be copied, distributed, and modified under those terms.
  10. *
  11. * This program is distributed in the hope that it will be useful,
  12. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  14. * GNU General Public License for more details.
  15. *
  16. */
  17. /* #define DEBUG */
  18. /* #define VERBOSE_DEBUG */
  19. #include <linux/module.h>
  20. #include <linux/init.h>
  21. #include <linux/poll.h>
  22. #include <linux/delay.h>
  23. #include <linux/wait.h>
  24. #include <linux/err.h>
  25. #include <linux/interrupt.h>
  26. #include <linux/kthread.h>
  27. #include <linux/freezer.h>
  28. #include <linux/types.h>
  29. #include <linux/file.h>
  30. #include <linux/device.h>
  31. #include <linux/miscdevice.h>
  32. #include <linux/hid.h>
  33. #include <linux/hiddev.h>
  34. #include <linux/usb.h>
  35. #include <linux/usb/ch9.h>
  36. #include <linux/usb/f_accessory.h>
  37. #define BULK_BUFFER_SIZE 16384
  38. #define ACC_STRING_SIZE 256
  39. #define PROTOCOL_VERSION 2
  40. /* String IDs */
  41. #define INTERFACE_STRING_INDEX 0
  42. /* number of tx and rx requests to allocate */
  43. #define TX_REQ_MAX 4
  44. #define RX_REQ_MAX 2
  45. struct acc_hid_dev {
  46. struct list_head list;
  47. struct hid_device *hid;
  48. struct acc_dev *dev;
  49. /* accessory defined ID */
  50. int id;
  51. /* HID report descriptor */
  52. u8 *report_desc;
  53. /* length of HID report descriptor */
  54. int report_desc_len;
  55. /* number of bytes of report_desc we have received so far */
  56. int report_desc_offset;
  57. };
  58. struct acc_dev {
  59. struct usb_function function;
  60. struct usb_composite_dev *cdev;
  61. spinlock_t lock;
  62. struct usb_ep *ep_in;
  63. struct usb_ep *ep_out;
  64. /* set to 1 when we connect */
  65. int online:1;
  66. /* Set to 1 when we disconnect.
  67. * Not cleared until our file is closed.
  68. */
  69. int disconnected:1;
  70. /* strings sent by the host */
  71. char manufacturer[ACC_STRING_SIZE];
  72. char model[ACC_STRING_SIZE];
  73. char description[ACC_STRING_SIZE];
  74. char version[ACC_STRING_SIZE];
  75. char uri[ACC_STRING_SIZE];
  76. char serial[ACC_STRING_SIZE];
  77. /* for acc_complete_set_string */
  78. int string_index;
  79. /* set to 1 if we have a pending start request */
  80. int start_requested;
  81. int audio_mode;
  82. /* synchronize access to our device file */
  83. atomic_t open_excl;
  84. struct list_head tx_idle;
  85. wait_queue_head_t read_wq;
  86. wait_queue_head_t write_wq;
  87. struct usb_request *rx_req[RX_REQ_MAX];
  88. int rx_done;
  89. /* delayed work for handling ACCESSORY_START */
  90. struct delayed_work start_work;
  91. /* worker for registering and unregistering hid devices */
  92. struct work_struct hid_work;
  93. /* list of active HID devices */
  94. struct list_head hid_list;
  95. /* list of new HID devices to register */
  96. struct list_head new_hid_list;
  97. /* list of dead HID devices to unregister */
  98. struct list_head dead_hid_list;
  99. };
  100. static struct usb_interface_descriptor acc_interface_desc = {
  101. .bLength = USB_DT_INTERFACE_SIZE,
  102. .bDescriptorType = USB_DT_INTERFACE,
  103. .bInterfaceNumber = 0,
  104. .bNumEndpoints = 2,
  105. .bInterfaceClass = USB_CLASS_VENDOR_SPEC,
  106. .bInterfaceSubClass = USB_SUBCLASS_VENDOR_SPEC,
  107. .bInterfaceProtocol = 0,
  108. };
  109. static struct usb_endpoint_descriptor acc_highspeed_in_desc = {
  110. .bLength = USB_DT_ENDPOINT_SIZE,
  111. .bDescriptorType = USB_DT_ENDPOINT,
  112. .bEndpointAddress = USB_DIR_IN,
  113. .bmAttributes = USB_ENDPOINT_XFER_BULK,
  114. .wMaxPacketSize = __constant_cpu_to_le16(512),
  115. };
  116. static struct usb_endpoint_descriptor acc_highspeed_out_desc = {
  117. .bLength = USB_DT_ENDPOINT_SIZE,
  118. .bDescriptorType = USB_DT_ENDPOINT,
  119. .bEndpointAddress = USB_DIR_OUT,
  120. .bmAttributes = USB_ENDPOINT_XFER_BULK,
  121. .wMaxPacketSize = __constant_cpu_to_le16(512),
  122. };
  123. static struct usb_endpoint_descriptor acc_fullspeed_in_desc = {
  124. .bLength = USB_DT_ENDPOINT_SIZE,
  125. .bDescriptorType = USB_DT_ENDPOINT,
  126. .bEndpointAddress = USB_DIR_IN,
  127. .bmAttributes = USB_ENDPOINT_XFER_BULK,
  128. };
  129. static struct usb_endpoint_descriptor acc_fullspeed_out_desc = {
  130. .bLength = USB_DT_ENDPOINT_SIZE,
  131. .bDescriptorType = USB_DT_ENDPOINT,
  132. .bEndpointAddress = USB_DIR_OUT,
  133. .bmAttributes = USB_ENDPOINT_XFER_BULK,
  134. };
  135. static struct usb_descriptor_header *fs_acc_descs[] = {
  136. (struct usb_descriptor_header *) &acc_interface_desc,
  137. (struct usb_descriptor_header *) &acc_fullspeed_in_desc,
  138. (struct usb_descriptor_header *) &acc_fullspeed_out_desc,
  139. NULL,
  140. };
  141. static struct usb_descriptor_header *hs_acc_descs[] = {
  142. (struct usb_descriptor_header *) &acc_interface_desc,
  143. (struct usb_descriptor_header *) &acc_highspeed_in_desc,
  144. (struct usb_descriptor_header *) &acc_highspeed_out_desc,
  145. NULL,
  146. };
  147. static struct usb_string acc_string_defs[] = {
  148. [INTERFACE_STRING_INDEX].s = "Android Accessory Interface",
  149. { }, /* end of list */
  150. };
  151. static struct usb_gadget_strings acc_string_table = {
  152. .language = 0x0409, /* en-US */
  153. .strings = acc_string_defs,
  154. };
  155. static struct usb_gadget_strings *acc_strings[] = {
  156. &acc_string_table,
  157. NULL,
  158. };
  159. /* temporary variable used between acc_open() and acc_gadget_bind() */
  160. static struct acc_dev *_acc_dev;
  161. static inline struct acc_dev *func_to_dev(struct usb_function *f)
  162. {
  163. return container_of(f, struct acc_dev, function);
  164. }
  165. static struct usb_request *acc_request_new(struct usb_ep *ep, int buffer_size)
  166. {
  167. struct usb_request *req = usb_ep_alloc_request(ep, GFP_KERNEL);
  168. if (!req)
  169. return NULL;
  170. /* now allocate buffers for the requests */
  171. req->buf = kmalloc(buffer_size, GFP_KERNEL);
  172. if (!req->buf) {
  173. usb_ep_free_request(ep, req);
  174. return NULL;
  175. }
  176. return req;
  177. }
  178. static void acc_request_free(struct usb_request *req, struct usb_ep *ep)
  179. {
  180. if (req) {
  181. kfree(req->buf);
  182. usb_ep_free_request(ep, req);
  183. }
  184. }
  185. /* add a request to the tail of a list */
  186. static void req_put(struct acc_dev *dev, struct list_head *head,
  187. struct usb_request *req)
  188. {
  189. unsigned long flags;
  190. spin_lock_irqsave(&dev->lock, flags);
  191. list_add_tail(&req->list, head);
  192. spin_unlock_irqrestore(&dev->lock, flags);
  193. }
  194. /* remove a request from the head of a list */
  195. static struct usb_request *req_get(struct acc_dev *dev, struct list_head *head)
  196. {
  197. unsigned long flags;
  198. struct usb_request *req;
  199. spin_lock_irqsave(&dev->lock, flags);
  200. if (list_empty(head)) {
  201. req = 0;
  202. } else {
  203. req = list_first_entry(head, struct usb_request, list);
  204. list_del(&req->list);
  205. }
  206. spin_unlock_irqrestore(&dev->lock, flags);
  207. return req;
  208. }
  209. static void acc_set_disconnected(struct acc_dev *dev)
  210. {
  211. dev->online = 0;
  212. dev->disconnected = 1;
  213. }
  214. static void acc_complete_in(struct usb_ep *ep, struct usb_request *req)
  215. {
  216. struct acc_dev *dev = _acc_dev;
  217. if (req->status != 0)
  218. acc_set_disconnected(dev);
  219. req_put(dev, &dev->tx_idle, req);
  220. wake_up(&dev->write_wq);
  221. }
  222. static void acc_complete_out(struct usb_ep *ep, struct usb_request *req)
  223. {
  224. struct acc_dev *dev = _acc_dev;
  225. dev->rx_done = 1;
  226. if (req->status != 0)
  227. acc_set_disconnected(dev);
  228. wake_up(&dev->read_wq);
  229. }
  230. static void acc_complete_set_string(struct usb_ep *ep, struct usb_request *req)
  231. {
  232. struct acc_dev *dev = ep->driver_data;
  233. char *string_dest = NULL;
  234. int length = req->actual;
  235. if (req->status != 0) {
  236. pr_err("acc_complete_set_string, err %d\n", req->status);
  237. return;
  238. }
  239. switch (dev->string_index) {
  240. case ACCESSORY_STRING_MANUFACTURER:
  241. string_dest = dev->manufacturer;
  242. break;
  243. case ACCESSORY_STRING_MODEL:
  244. string_dest = dev->model;
  245. break;
  246. case ACCESSORY_STRING_DESCRIPTION:
  247. string_dest = dev->description;
  248. break;
  249. case ACCESSORY_STRING_VERSION:
  250. string_dest = dev->version;
  251. break;
  252. case ACCESSORY_STRING_URI:
  253. string_dest = dev->uri;
  254. break;
  255. case ACCESSORY_STRING_SERIAL:
  256. string_dest = dev->serial;
  257. break;
  258. }
  259. if (string_dest) {
  260. unsigned long flags;
  261. if (length >= ACC_STRING_SIZE)
  262. length = ACC_STRING_SIZE - 1;
  263. spin_lock_irqsave(&dev->lock, flags);
  264. memcpy(string_dest, req->buf, length);
  265. /* ensure zero termination */
  266. string_dest[length] = 0;
  267. spin_unlock_irqrestore(&dev->lock, flags);
  268. } else {
  269. pr_err("unknown accessory string index %d\n",
  270. dev->string_index);
  271. }
  272. }
  273. static void acc_complete_set_hid_report_desc(struct usb_ep *ep,
  274. struct usb_request *req)
  275. {
  276. struct acc_hid_dev *hid = req->context;
  277. struct acc_dev *dev = hid->dev;
  278. int length = req->actual;
  279. if (req->status != 0) {
  280. pr_err("acc_complete_set_hid_report_desc, err %d\n",
  281. req->status);
  282. return;
  283. }
  284. memcpy(hid->report_desc + hid->report_desc_offset, req->buf, length);
  285. hid->report_desc_offset += length;
  286. if (hid->report_desc_offset == hid->report_desc_len) {
  287. /* After we have received the entire report descriptor
  288. * we schedule work to initialize the HID device
  289. */
  290. schedule_work(&dev->hid_work);
  291. }
  292. }
  293. static void acc_complete_send_hid_event(struct usb_ep *ep,
  294. struct usb_request *req)
  295. {
  296. struct acc_hid_dev *hid = req->context;
  297. int length = req->actual;
  298. if (req->status != 0) {
  299. pr_err("acc_complete_send_hid_event, err %d\n", req->status);
  300. return;
  301. }
  302. hid_report_raw_event(hid->hid, HID_INPUT_REPORT, req->buf, length, 1);
  303. }
  304. static int acc_hid_parse(struct hid_device *hid)
  305. {
  306. struct acc_hid_dev *hdev = hid->driver_data;
  307. hid_parse_report(hid, hdev->report_desc, hdev->report_desc_len);
  308. return 0;
  309. }
  310. static int acc_hid_start(struct hid_device *hid)
  311. {
  312. return 0;
  313. }
  314. static void acc_hid_stop(struct hid_device *hid)
  315. {
  316. }
  317. static int acc_hid_open(struct hid_device *hid)
  318. {
  319. return 0;
  320. }
  321. static void acc_hid_close(struct hid_device *hid)
  322. {
  323. }
  324. static struct hid_ll_driver acc_hid_ll_driver = {
  325. .parse = acc_hid_parse,
  326. .start = acc_hid_start,
  327. .stop = acc_hid_stop,
  328. .open = acc_hid_open,
  329. .close = acc_hid_close,
  330. };
  331. static struct acc_hid_dev *acc_hid_new(struct acc_dev *dev,
  332. int id, int desc_len)
  333. {
  334. struct acc_hid_dev *hdev;
  335. hdev = kzalloc(sizeof(*hdev), GFP_ATOMIC);
  336. if (!hdev)
  337. return NULL;
  338. hdev->report_desc = kzalloc(desc_len, GFP_ATOMIC);
  339. if (!hdev->report_desc) {
  340. kfree(hdev);
  341. return NULL;
  342. }
  343. hdev->dev = dev;
  344. hdev->id = id;
  345. hdev->report_desc_len = desc_len;
  346. return hdev;
  347. }
  348. static struct acc_hid_dev *acc_hid_get(struct list_head *list, int id)
  349. {
  350. struct acc_hid_dev *hid;
  351. list_for_each_entry(hid, list, list) {
  352. if (hid->id == id)
  353. return hid;
  354. }
  355. return NULL;
  356. }
  357. static int acc_register_hid(struct acc_dev *dev, int id, int desc_length)
  358. {
  359. struct acc_hid_dev *hid;
  360. unsigned long flags;
  361. /* report descriptor length must be > 0 */
  362. if (desc_length <= 0)
  363. return -EINVAL;
  364. spin_lock_irqsave(&dev->lock, flags);
  365. /* replace HID if one already exists with this ID */
  366. hid = acc_hid_get(&dev->hid_list, id);
  367. if (!hid)
  368. hid = acc_hid_get(&dev->new_hid_list, id);
  369. if (hid)
  370. list_move(&hid->list, &dev->dead_hid_list);
  371. hid = acc_hid_new(dev, id, desc_length);
  372. if (!hid) {
  373. spin_unlock_irqrestore(&dev->lock, flags);
  374. return -ENOMEM;
  375. }
  376. list_add(&hid->list, &dev->new_hid_list);
  377. spin_unlock_irqrestore(&dev->lock, flags);
  378. /* schedule work to register the HID device */
  379. schedule_work(&dev->hid_work);
  380. return 0;
  381. }
  382. static int acc_unregister_hid(struct acc_dev *dev, int id)
  383. {
  384. struct acc_hid_dev *hid;
  385. unsigned long flags;
  386. spin_lock_irqsave(&dev->lock, flags);
  387. hid = acc_hid_get(&dev->hid_list, id);
  388. if (!hid)
  389. hid = acc_hid_get(&dev->new_hid_list, id);
  390. if (!hid) {
  391. spin_unlock_irqrestore(&dev->lock, flags);
  392. return -EINVAL;
  393. }
  394. list_move(&hid->list, &dev->dead_hid_list);
  395. spin_unlock_irqrestore(&dev->lock, flags);
  396. schedule_work(&dev->hid_work);
  397. return 0;
  398. }
  399. static int create_bulk_endpoints(struct acc_dev *dev,
  400. struct usb_endpoint_descriptor *in_desc,
  401. struct usb_endpoint_descriptor *out_desc)
  402. {
  403. struct usb_composite_dev *cdev = dev->cdev;
  404. struct usb_request *req;
  405. struct usb_ep *ep;
  406. int i;
  407. DBG(cdev, "create_bulk_endpoints dev: %p\n", dev);
  408. ep = usb_ep_autoconfig(cdev->gadget, in_desc);
  409. if (!ep) {
  410. DBG(cdev, "usb_ep_autoconfig for ep_in failed\n");
  411. return -ENODEV;
  412. }
  413. DBG(cdev, "usb_ep_autoconfig for ep_in got %s\n", ep->name);
  414. ep->driver_data = dev; /* claim the endpoint */
  415. dev->ep_in = ep;
  416. ep = usb_ep_autoconfig(cdev->gadget, out_desc);
  417. if (!ep) {
  418. DBG(cdev, "usb_ep_autoconfig for ep_out failed\n");
  419. return -ENODEV;
  420. }
  421. DBG(cdev, "usb_ep_autoconfig for ep_out got %s\n", ep->name);
  422. ep->driver_data = dev; /* claim the endpoint */
  423. dev->ep_out = ep;
  424. ep = usb_ep_autoconfig(cdev->gadget, out_desc);
  425. if (!ep) {
  426. DBG(cdev, "usb_ep_autoconfig for ep_out failed\n");
  427. return -ENODEV;
  428. }
  429. DBG(cdev, "usb_ep_autoconfig for ep_out got %s\n", ep->name);
  430. ep->driver_data = dev; /* claim the endpoint */
  431. dev->ep_out = ep;
  432. /* now allocate requests for our endpoints */
  433. for (i = 0; i < TX_REQ_MAX; i++) {
  434. req = acc_request_new(dev->ep_in, BULK_BUFFER_SIZE);
  435. if (!req)
  436. goto fail;
  437. req->complete = acc_complete_in;
  438. req_put(dev, &dev->tx_idle, req);
  439. }
  440. for (i = 0; i < RX_REQ_MAX; i++) {
  441. req = acc_request_new(dev->ep_out, BULK_BUFFER_SIZE);
  442. if (!req)
  443. goto fail;
  444. req->complete = acc_complete_out;
  445. dev->rx_req[i] = req;
  446. }
  447. return 0;
  448. fail:
  449. pr_err("acc_bind() could not allocate requests\n");
  450. while ((req = req_get(dev, &dev->tx_idle)))
  451. acc_request_free(req, dev->ep_in);
  452. for (i = 0; i < RX_REQ_MAX; i++)
  453. acc_request_free(dev->rx_req[i], dev->ep_out);
  454. return -1;
  455. }
  456. static ssize_t acc_read(struct file *fp, char __user *buf,
  457. size_t count, loff_t *pos)
  458. {
  459. struct acc_dev *dev = fp->private_data;
  460. struct usb_request *req;
  461. int r = count, xfer;
  462. int ret = 0;
  463. pr_debug("acc_read(%d)\n", count);
  464. if (dev->disconnected)
  465. return -ENODEV;
  466. if (count > BULK_BUFFER_SIZE)
  467. count = BULK_BUFFER_SIZE;
  468. /* we will block until we're online */
  469. pr_debug("acc_read: waiting for online\n");
  470. ret = wait_event_interruptible(dev->read_wq, dev->online);
  471. if (ret < 0) {
  472. r = ret;
  473. goto done;
  474. }
  475. requeue_req:
  476. /* queue a request */
  477. req = dev->rx_req[0];
  478. req->length = count;
  479. dev->rx_done = 0;
  480. ret = usb_ep_queue(dev->ep_out, req, GFP_KERNEL);
  481. if (ret < 0) {
  482. r = -EIO;
  483. goto done;
  484. } else {
  485. pr_debug("rx %p queue\n", req);
  486. }
  487. /* wait for a request to complete */
  488. ret = wait_event_interruptible(dev->read_wq, dev->rx_done);
  489. if (ret < 0) {
  490. r = ret;
  491. usb_ep_dequeue(dev->ep_out, req);
  492. goto done;
  493. }
  494. if (dev->online) {
  495. /* If we got a 0-len packet, throw it back and try again. */
  496. if (req->actual == 0)
  497. goto requeue_req;
  498. pr_debug("rx %p %d\n", req, req->actual);
  499. xfer = (req->actual < count) ? req->actual : count;
  500. r = xfer;
  501. if (copy_to_user(buf, req->buf, xfer))
  502. r = -EFAULT;
  503. } else
  504. r = -EIO;
  505. done:
  506. pr_debug("acc_read returning %d\n", r);
  507. return r;
  508. }
  509. static ssize_t acc_write(struct file *fp, const char __user *buf,
  510. size_t count, loff_t *pos)
  511. {
  512. struct acc_dev *dev = fp->private_data;
  513. struct usb_request *req = 0;
  514. int r = count, xfer;
  515. int ret;
  516. pr_debug("acc_write(%d)\n", count);
  517. if (!dev->online || dev->disconnected)
  518. return -ENODEV;
  519. while (count > 0) {
  520. if (!dev->online) {
  521. pr_debug("acc_write dev->error\n");
  522. r = -EIO;
  523. break;
  524. }
  525. /* get an idle tx request to use */
  526. req = 0;
  527. ret = wait_event_interruptible(dev->write_wq,
  528. ((req = req_get(dev, &dev->tx_idle)) || !dev->online));
  529. if (!req) {
  530. r = ret;
  531. break;
  532. }
  533. if (count > BULK_BUFFER_SIZE)
  534. xfer = BULK_BUFFER_SIZE;
  535. else
  536. xfer = count;
  537. if (copy_from_user(req->buf, buf, xfer)) {
  538. r = -EFAULT;
  539. break;
  540. }
  541. req->length = xfer;
  542. ret = usb_ep_queue(dev->ep_in, req, GFP_KERNEL);
  543. if (ret < 0) {
  544. pr_debug("acc_write: xfer error %d\n", ret);
  545. r = -EIO;
  546. break;
  547. }
  548. buf += xfer;
  549. count -= xfer;
  550. /* zero this so we don't try to free it on error exit */
  551. req = 0;
  552. }
  553. if (req)
  554. req_put(dev, &dev->tx_idle, req);
  555. pr_debug("acc_write returning %d\n", r);
  556. return r;
  557. }
  558. static long acc_ioctl(struct file *fp, unsigned code, unsigned long value)
  559. {
  560. struct acc_dev *dev = fp->private_data;
  561. char *src = NULL;
  562. int ret;
  563. switch (code) {
  564. case ACCESSORY_GET_STRING_MANUFACTURER:
  565. src = dev->manufacturer;
  566. break;
  567. case ACCESSORY_GET_STRING_MODEL:
  568. src = dev->model;
  569. break;
  570. case ACCESSORY_GET_STRING_DESCRIPTION:
  571. src = dev->description;
  572. break;
  573. case ACCESSORY_GET_STRING_VERSION:
  574. src = dev->version;
  575. break;
  576. case ACCESSORY_GET_STRING_URI:
  577. src = dev->uri;
  578. break;
  579. case ACCESSORY_GET_STRING_SERIAL:
  580. src = dev->serial;
  581. break;
  582. case ACCESSORY_IS_START_REQUESTED:
  583. return dev->start_requested;
  584. case ACCESSORY_GET_AUDIO_MODE:
  585. return dev->audio_mode;
  586. }
  587. if (!src)
  588. return -EINVAL;
  589. ret = strlen(src) + 1;
  590. if (copy_to_user((void __user *)value, src, ret))
  591. ret = -EFAULT;
  592. return ret;
  593. }
  594. static int acc_open(struct inode *ip, struct file *fp)
  595. {
  596. printk(KERN_INFO "acc_open\n");
  597. if (atomic_xchg(&_acc_dev->open_excl, 1))
  598. return -EBUSY;
  599. _acc_dev->disconnected = 0;
  600. fp->private_data = _acc_dev;
  601. return 0;
  602. }
  603. static int acc_release(struct inode *ip, struct file *fp)
  604. {
  605. printk(KERN_INFO "acc_release\n");
  606. WARN_ON(!atomic_xchg(&_acc_dev->open_excl, 0));
  607. _acc_dev->disconnected = 0;
  608. return 0;
  609. }
  610. /* file operations for /dev/usb_accessory */
  611. static const struct file_operations acc_fops = {
  612. .owner = THIS_MODULE,
  613. .read = acc_read,
  614. .write = acc_write,
  615. .unlocked_ioctl = acc_ioctl,
  616. .open = acc_open,
  617. .release = acc_release,
  618. };
  619. static int acc_hid_probe(struct hid_device *hdev,
  620. const struct hid_device_id *id)
  621. {
  622. int ret;
  623. ret = hid_parse(hdev);
  624. if (ret)
  625. return ret;
  626. return hid_hw_start(hdev, HID_CONNECT_DEFAULT);
  627. }
  628. static struct miscdevice acc_device = {
  629. .minor = MISC_DYNAMIC_MINOR,
  630. .name = "usb_accessory",
  631. .fops = &acc_fops,
  632. };
  633. static const struct hid_device_id acc_hid_table[] = {
  634. { HID_USB_DEVICE(HID_ANY_ID, HID_ANY_ID) },
  635. { }
  636. };
  637. static struct hid_driver acc_hid_driver = {
  638. .name = "USB accessory",
  639. .id_table = acc_hid_table,
  640. .probe = acc_hid_probe,
  641. };
  642. static int acc_ctrlrequest(struct usb_composite_dev *cdev,
  643. const struct usb_ctrlrequest *ctrl)
  644. {
  645. struct acc_dev *dev = _acc_dev;
  646. int value = -EOPNOTSUPP;
  647. struct acc_hid_dev *hid;
  648. int offset;
  649. u8 b_requestType = ctrl->bRequestType;
  650. u8 b_request = ctrl->bRequest;
  651. u16 w_index = le16_to_cpu(ctrl->wIndex);
  652. u16 w_value = le16_to_cpu(ctrl->wValue);
  653. u16 w_length = le16_to_cpu(ctrl->wLength);
  654. unsigned long flags;
  655. /*
  656. printk(KERN_INFO "acc_ctrlrequest "
  657. "%02x.%02x v%04x i%04x l%u\n",
  658. b_requestType, b_request,
  659. w_value, w_index, w_length);
  660. */
  661. if (b_requestType == (USB_DIR_OUT | USB_TYPE_VENDOR)) {
  662. if (b_request == ACCESSORY_START) {
  663. dev->start_requested = 1;
  664. schedule_delayed_work(
  665. &dev->start_work, msecs_to_jiffies(10));
  666. value = 0;
  667. } else if (b_request == ACCESSORY_SEND_STRING) {
  668. dev->string_index = w_index;
  669. cdev->gadget->ep0->driver_data = dev;
  670. cdev->req->complete = acc_complete_set_string;
  671. value = w_length;
  672. } else if (b_request == ACCESSORY_SET_AUDIO_MODE &&
  673. w_index == 0 && w_length == 0) {
  674. dev->audio_mode = w_value;
  675. value = 0;
  676. } else if (b_request == ACCESSORY_REGISTER_HID) {
  677. value = acc_register_hid(dev, w_value, w_index);
  678. } else if (b_request == ACCESSORY_UNREGISTER_HID) {
  679. value = acc_unregister_hid(dev, w_value);
  680. } else if (b_request == ACCESSORY_SET_HID_REPORT_DESC) {
  681. spin_lock_irqsave(&dev->lock, flags);
  682. hid = acc_hid_get(&dev->new_hid_list, w_value);
  683. spin_unlock_irqrestore(&dev->lock, flags);
  684. if (!hid) {
  685. value = -EINVAL;
  686. goto err;
  687. }
  688. offset = w_index;
  689. if (offset != hid->report_desc_offset
  690. || offset + w_length > hid->report_desc_len) {
  691. value = -EINVAL;
  692. goto err;
  693. }
  694. cdev->req->context = hid;
  695. cdev->req->complete = acc_complete_set_hid_report_desc;
  696. value = w_length;
  697. } else if (b_request == ACCESSORY_SEND_HID_EVENT) {
  698. spin_lock_irqsave(&dev->lock, flags);
  699. hid = acc_hid_get(&dev->hid_list, w_value);
  700. spin_unlock_irqrestore(&dev->lock, flags);
  701. if (!hid) {
  702. value = -EINVAL;
  703. goto err;
  704. }
  705. cdev->req->context = hid;
  706. cdev->req->complete = acc_complete_send_hid_event;
  707. value = w_length;
  708. }
  709. } else if (b_requestType == (USB_DIR_IN | USB_TYPE_VENDOR)) {
  710. if (b_request == ACCESSORY_GET_PROTOCOL) {
  711. *((u16 *)cdev->req->buf) = PROTOCOL_VERSION;
  712. value = sizeof(u16);
  713. /* clear strings left over from a previous session */
  714. memset(dev->manufacturer, 0, sizeof(dev->manufacturer));
  715. memset(dev->model, 0, sizeof(dev->model));
  716. memset(dev->description, 0, sizeof(dev->description));
  717. memset(dev->version, 0, sizeof(dev->version));
  718. memset(dev->uri, 0, sizeof(dev->uri));
  719. memset(dev->serial, 0, sizeof(dev->serial));
  720. dev->start_requested = 0;
  721. dev->audio_mode = 0;
  722. }
  723. }
  724. if (value >= 0) {
  725. cdev->req->zero = 0;
  726. cdev->req->length = value;
  727. value = usb_ep_queue(cdev->gadget->ep0, cdev->req, GFP_ATOMIC);
  728. if (value < 0)
  729. ERROR(cdev, "%s setup response queue error\n",
  730. __func__);
  731. }
  732. err:
  733. if (value == -EOPNOTSUPP)
  734. VDBG(cdev,
  735. "unknown class-specific control req "
  736. "%02x.%02x v%04x i%04x l%u\n",
  737. ctrl->bRequestType, ctrl->bRequest,
  738. w_value, w_index, w_length);
  739. return value;
  740. }
  741. static int
  742. acc_function_bind(struct usb_configuration *c, struct usb_function *f)
  743. {
  744. struct usb_composite_dev *cdev = c->cdev;
  745. struct acc_dev *dev = func_to_dev(f);
  746. int id;
  747. int ret;
  748. DBG(cdev, "acc_function_bind dev: %p\n", dev);
  749. ret = hid_register_driver(&acc_hid_driver);
  750. if (ret)
  751. return ret;
  752. dev->start_requested = 0;
  753. /* allocate interface ID(s) */
  754. id = usb_interface_id(c, f);
  755. if (id < 0)
  756. return id;
  757. acc_interface_desc.bInterfaceNumber = id;
  758. /* allocate endpoints */
  759. ret = create_bulk_endpoints(dev, &acc_fullspeed_in_desc,
  760. &acc_fullspeed_out_desc);
  761. if (ret)
  762. return ret;
  763. /* support high speed hardware */
  764. if (gadget_is_dualspeed(c->cdev->gadget)) {
  765. acc_highspeed_in_desc.bEndpointAddress =
  766. acc_fullspeed_in_desc.bEndpointAddress;
  767. acc_highspeed_out_desc.bEndpointAddress =
  768. acc_fullspeed_out_desc.bEndpointAddress;
  769. }
  770. DBG(cdev, "%s speed %s: IN/%s, OUT/%s\n",
  771. gadget_is_dualspeed(c->cdev->gadget) ? "dual" : "full",
  772. f->name, dev->ep_in->name, dev->ep_out->name);
  773. return 0;
  774. }
  775. static void
  776. kill_all_hid_devices(struct acc_dev *dev)
  777. {
  778. struct acc_hid_dev *hid;
  779. struct list_head *entry, *temp;
  780. unsigned long flags;
  781. spin_lock_irqsave(&dev->lock, flags);
  782. list_for_each_safe(entry, temp, &dev->hid_list) {
  783. hid = list_entry(entry, struct acc_hid_dev, list);
  784. list_del(&hid->list);
  785. list_add(&hid->list, &dev->dead_hid_list);
  786. }
  787. list_for_each_safe(entry, temp, &dev->new_hid_list) {
  788. hid = list_entry(entry, struct acc_hid_dev, list);
  789. list_del(&hid->list);
  790. list_add(&hid->list, &dev->dead_hid_list);
  791. }
  792. spin_unlock_irqrestore(&dev->lock, flags);
  793. schedule_work(&dev->hid_work);
  794. }
  795. static void
  796. acc_hid_unbind(struct acc_dev *dev)
  797. {
  798. hid_unregister_driver(&acc_hid_driver);
  799. kill_all_hid_devices(dev);
  800. }
  801. static void
  802. acc_function_unbind(struct usb_configuration *c, struct usb_function *f)
  803. {
  804. struct acc_dev *dev = func_to_dev(f);
  805. struct usb_request *req;
  806. int i;
  807. while ((req = req_get(dev, &dev->tx_idle)))
  808. acc_request_free(req, dev->ep_in);
  809. for (i = 0; i < RX_REQ_MAX; i++)
  810. acc_request_free(dev->rx_req[i], dev->ep_out);
  811. acc_hid_unbind(dev);
  812. }
  813. static void acc_start_work(struct work_struct *data)
  814. {
  815. char *envp[2] = { "ACCESSORY=START", NULL };
  816. kobject_uevent_env(&acc_device.this_device->kobj, KOBJ_CHANGE, envp);
  817. }
  818. static int acc_hid_init(struct acc_hid_dev *hdev)
  819. {
  820. struct hid_device *hid;
  821. int ret;
  822. hid = hid_allocate_device();
  823. if (IS_ERR(hid))
  824. return PTR_ERR(hid);
  825. hid->ll_driver = &acc_hid_ll_driver;
  826. hid->dev.parent = acc_device.this_device;
  827. hid->bus = BUS_USB;
  828. hid->vendor = HID_ANY_ID;
  829. hid->product = HID_ANY_ID;
  830. hid->driver_data = hdev;
  831. ret = hid_add_device(hid);
  832. if (ret) {
  833. pr_err("can't add hid device: %d\n", ret);
  834. hid_destroy_device(hid);
  835. return ret;
  836. }
  837. hdev->hid = hid;
  838. return 0;
  839. }
  840. static void acc_hid_delete(struct acc_hid_dev *hid)
  841. {
  842. kfree(hid->report_desc);
  843. kfree(hid);
  844. }
  845. static void acc_hid_work(struct work_struct *data)
  846. {
  847. struct acc_dev *dev = _acc_dev;
  848. struct list_head *entry, *temp;
  849. struct acc_hid_dev *hid;
  850. struct list_head new_list, dead_list;
  851. unsigned long flags;
  852. INIT_LIST_HEAD(&new_list);
  853. spin_lock_irqsave(&dev->lock, flags);
  854. /* copy hids that are ready for initialization to new_list */
  855. list_for_each_safe(entry, temp, &dev->new_hid_list) {
  856. hid = list_entry(entry, struct acc_hid_dev, list);
  857. if (hid->report_desc_offset == hid->report_desc_len)
  858. list_move(&hid->list, &new_list);
  859. }
  860. if (list_empty(&dev->dead_hid_list)) {
  861. INIT_LIST_HEAD(&dead_list);
  862. } else {
  863. /* move all of dev->dead_hid_list to dead_list */
  864. dead_list.prev = dev->dead_hid_list.prev;
  865. dead_list.next = dev->dead_hid_list.next;
  866. dead_list.next->prev = &dead_list;
  867. dead_list.prev->next = &dead_list;
  868. INIT_LIST_HEAD(&dev->dead_hid_list);
  869. }
  870. spin_unlock_irqrestore(&dev->lock, flags);
  871. /* register new HID devices */
  872. list_for_each_safe(entry, temp, &new_list) {
  873. hid = list_entry(entry, struct acc_hid_dev, list);
  874. if (acc_hid_init(hid)) {
  875. pr_err("can't add HID device %p\n", hid);
  876. acc_hid_delete(hid);
  877. } else {
  878. spin_lock_irqsave(&dev->lock, flags);
  879. list_move(&hid->list, &dev->hid_list);
  880. spin_unlock_irqrestore(&dev->lock, flags);
  881. }
  882. }
  883. /* remove dead HID devices */
  884. list_for_each_safe(entry, temp, &dead_list) {
  885. hid = list_entry(entry, struct acc_hid_dev, list);
  886. list_del(&hid->list);
  887. if (hid->hid)
  888. hid_destroy_device(hid->hid);
  889. acc_hid_delete(hid);
  890. }
  891. }
  892. static int acc_function_set_alt(struct usb_function *f,
  893. unsigned intf, unsigned alt)
  894. {
  895. struct acc_dev *dev = func_to_dev(f);
  896. struct usb_composite_dev *cdev = f->config->cdev;
  897. int ret;
  898. DBG(cdev, "acc_function_set_alt intf: %d alt: %d\n", intf, alt);
  899. config_ep_by_speed(cdev->gadget, f, dev->ep_in);
  900. ret = usb_ep_enable(dev->ep_in);
  901. if (ret)
  902. return ret;
  903. config_ep_by_speed(cdev->gadget, f, dev->ep_out);
  904. ret = usb_ep_enable(dev->ep_out);
  905. if (ret) {
  906. usb_ep_disable(dev->ep_in);
  907. return ret;
  908. }
  909. dev->online = 1;
  910. /* readers may be blocked waiting for us to go online */
  911. wake_up(&dev->read_wq);
  912. return 0;
  913. }
  914. static void acc_function_disable(struct usb_function *f)
  915. {
  916. struct acc_dev *dev = func_to_dev(f);
  917. struct usb_composite_dev *cdev = dev->cdev;
  918. DBG(cdev, "acc_function_disable\n");
  919. acc_set_disconnected(dev);
  920. usb_ep_disable(dev->ep_in);
  921. usb_ep_disable(dev->ep_out);
  922. /* readers may be blocked waiting for us to go online */
  923. wake_up(&dev->read_wq);
  924. VDBG(cdev, "%s disabled\n", dev->function.name);
  925. }
  926. static int acc_bind_config(struct usb_configuration *c)
  927. {
  928. struct acc_dev *dev = _acc_dev;
  929. int ret;
  930. printk(KERN_INFO "acc_bind_config\n");
  931. /* allocate a string ID for our interface */
  932. if (acc_string_defs[INTERFACE_STRING_INDEX].id == 0) {
  933. ret = usb_string_id(c->cdev);
  934. if (ret < 0)
  935. return ret;
  936. acc_string_defs[INTERFACE_STRING_INDEX].id = ret;
  937. acc_interface_desc.iInterface = ret;
  938. }
  939. dev->cdev = c->cdev;
  940. dev->function.name = "accessory";
  941. dev->function.strings = acc_strings,
  942. dev->function.descriptors = fs_acc_descs;
  943. dev->function.hs_descriptors = hs_acc_descs;
  944. dev->function.bind = acc_function_bind;
  945. dev->function.unbind = acc_function_unbind;
  946. dev->function.set_alt = acc_function_set_alt;
  947. dev->function.disable = acc_function_disable;
  948. return usb_add_function(c, &dev->function);
  949. }
  950. static int acc_setup(void)
  951. {
  952. struct acc_dev *dev;
  953. int ret;
  954. dev = kzalloc(sizeof(*dev), GFP_KERNEL);
  955. if (!dev)
  956. return -ENOMEM;
  957. spin_lock_init(&dev->lock);
  958. init_waitqueue_head(&dev->read_wq);
  959. init_waitqueue_head(&dev->write_wq);
  960. atomic_set(&dev->open_excl, 0);
  961. INIT_LIST_HEAD(&dev->tx_idle);
  962. INIT_LIST_HEAD(&dev->hid_list);
  963. INIT_LIST_HEAD(&dev->new_hid_list);
  964. INIT_LIST_HEAD(&dev->dead_hid_list);
  965. INIT_DELAYED_WORK(&dev->start_work, acc_start_work);
  966. INIT_WORK(&dev->hid_work, acc_hid_work);
  967. /* _acc_dev must be set before calling usb_gadget_register_driver */
  968. _acc_dev = dev;
  969. ret = misc_register(&acc_device);
  970. if (ret)
  971. goto err;
  972. return 0;
  973. err:
  974. kfree(dev);
  975. pr_err("USB accessory gadget driver failed to initialize\n");
  976. return ret;
  977. }
  978. static void acc_disconnect(void)
  979. {
  980. /* unregister all HID devices if USB is disconnected */
  981. kill_all_hid_devices(_acc_dev);
  982. }
  983. static void acc_cleanup(void)
  984. {
  985. misc_deregister(&acc_device);
  986. kfree(_acc_dev);
  987. _acc_dev = NULL;
  988. }