hid/usbhid/hid-core.c

0001 // SPDX-License-Identifier: GPL-2.0-or-later
0002 /*
0003  *  USB HID support for Linux
0004  *
0005  *  Copyright (c) 1999 Andreas Gal
0006  *  Copyright (c) 2000-2005 Vojtech Pavlik <vojtech@suse.cz>
0007  *  Copyright (c) 2005 Michael Haboustak <mike-@cinci.rr.com> for Concept2, Inc
0008  *  Copyright (c) 2007-2008 Oliver Neukum
0009  *  Copyright (c) 2006-2010 Jiri Kosina
0010  */
0011
0012 /*
0013  */
0014
0015 #include <linux/module.h>
0016 #include <linux/slab.h>
0017 #include <linux/init.h>
0018 #include <linux/kernel.h>
0019 #include <linux/list.h>
0020 #include <linux/mm.h>
0021 #include <linux/mutex.h>
0022 #include <linux/spinlock.h>
0023 #include <asm/unaligned.h>
0024 #include <asm/byteorder.h>
0025 #include <linux/input.h>
0026 #include <linux/wait.h>
0027 #include <linux/workqueue.h>
0028 #include <linux/string.h>
0029
0030 #include <linux/usb.h>
0031
0032 #include <linux/hid.h>
0033 #include <linux/hiddev.h>
0034 #include <linux/hid-debug.h>
0035 #include <linux/hidraw.h>
0036 #include "usbhid.h"
0037
0038 /*
0039  * Version Information
0040  */
0041
0042 #define DRIVER_DESC "USB HID core driver"
0043
0044 /*
0045  * Module parameters.
0046  */
0047
0048 static unsigned int hid_mousepoll_interval;
0049 module_param_named(mousepoll, hid_mousepoll_interval, uint, 0644);
0050 MODULE_PARM_DESC(mousepoll, "Polling interval of mice");
0051
0052 static unsigned int hid_jspoll_interval;
0053 module_param_named(jspoll, hid_jspoll_interval, uint, 0644);
0054 MODULE_PARM_DESC(jspoll, "Polling interval of joysticks");
0055
0056 static unsigned int hid_kbpoll_interval;
0057 module_param_named(kbpoll, hid_kbpoll_interval, uint, 0644);
0058 MODULE_PARM_DESC(kbpoll, "Polling interval of keyboards");
0059
0060 static unsigned int ignoreled;
0061 module_param_named(ignoreled, ignoreled, uint, 0644);
0062 MODULE_PARM_DESC(ignoreled, "Autosuspend with active leds");
0063
0064 /* Quirks specified at module load time */
0065 static char *quirks_param[MAX_USBHID_BOOT_QUIRKS];
0066 module_param_array_named(quirks, quirks_param, charp, NULL, 0444);
0067 MODULE_PARM_DESC(quirks, "Add/modify USB HID quirks by specifying "
0068         " quirks=vendorID:productID:quirks"
0069         " where vendorID, productID, and quirks are all in"
0070         " 0x-prefixed hex");
0071 /*
0072  * Input submission and I/O error handler.
0073  */
0074 static void hid_io_error(struct hid_device *hid);
0075 static int hid_submit_out(struct hid_device *hid);
0076 static int hid_submit_ctrl(struct hid_device *hid);
0077 static void hid_cancel_delayed_stuff(struct usbhid_device *usbhid);
0078
0079 /* Start up the input URB */
0080 static int hid_start_in(struct hid_device *hid)
0081 {
0082     unsigned long flags;
0083     int rc = 0;
0084     struct usbhid_device *usbhid = hid->driver_data;
0085
0086     spin_lock_irqsave(&usbhid->lock, flags);
0087     if (test_bit(HID_IN_POLLING, &usbhid->iofl) &&
0088         !test_bit(HID_DISCONNECTED, &usbhid->iofl) &&
0089         !test_bit(HID_SUSPENDED, &usbhid->iofl) &&
0090         !test_and_set_bit(HID_IN_RUNNING, &usbhid->iofl)) {
0091         rc = usb_submit_urb(usbhid->urbin, GFP_ATOMIC);
0092         if (rc != 0) {
0093             clear_bit(HID_IN_RUNNING, &usbhid->iofl);
0094             if (rc == -ENOSPC)
0095                 set_bit(HID_NO_BANDWIDTH, &usbhid->iofl);
0096         } else {
0097             clear_bit(HID_NO_BANDWIDTH, &usbhid->iofl);
0098         }
0099     }
0100     spin_unlock_irqrestore(&usbhid->lock, flags);
0101     return rc;
0102 }
0103
0104 /* I/O retry timer routine */
0105 static void hid_retry_timeout(struct timer_list *t)
0106 {
0107     struct usbhid_device *usbhid = from_timer(usbhid, t, io_retry);
0108     struct hid_device *hid = usbhid->hid;
0109
0110     dev_dbg(&usbhid->intf->dev, "retrying intr urb\n");
0111     if (hid_start_in(hid))
0112         hid_io_error(hid);
0113 }
0114
0115 /* Workqueue routine to reset the device or clear a halt */
0116 static void hid_reset(struct work_struct *work)
0117 {
0118     struct usbhid_device *usbhid =
0119         container_of(work, struct usbhid_device, reset_work);
0120     struct hid_device *hid = usbhid->hid;
0121     int rc;
0122
0123     if (test_bit(HID_CLEAR_HALT, &usbhid->iofl)) {
0124         dev_dbg(&usbhid->intf->dev, "clear halt\n");
0125         rc = usb_clear_halt(hid_to_usb_dev(hid), usbhid->urbin->pipe);
0126         clear_bit(HID_CLEAR_HALT, &usbhid->iofl);
0127         if (rc == 0) {
0128             hid_start_in(hid);
0129         } else {
0130             dev_dbg(&usbhid->intf->dev,
0131                     "clear-halt failed: %d\n", rc);
0132             set_bit(HID_RESET_PENDING, &usbhid->iofl);
0133         }
0134     }
0135
0136     if (test_bit(HID_RESET_PENDING, &usbhid->iofl)) {
0137         dev_dbg(&usbhid->intf->dev, "resetting device\n");
0138         usb_queue_reset_device(usbhid->intf);
0139     }
0140 }
0141
0142 /* Main I/O error handler */
0143 static void hid_io_error(struct hid_device *hid)
0144 {
0145     unsigned long flags;
0146     struct usbhid_device *usbhid = hid->driver_data;
0147
0148     spin_lock_irqsave(&usbhid->lock, flags);
0149
0150     /* Stop when disconnected */
0151     if (test_bit(HID_DISCONNECTED, &usbhid->iofl))
0152         goto done;
0153
0154     /* If it has been a while since the last error, we'll assume
0155      * this a brand new error and reset the retry timeout. */
0156     if (time_after(jiffies, usbhid->stop_retry + HZ/2))
0157         usbhid->retry_delay = 0;
0158
0159     /* When an error occurs, retry at increasing intervals */
0160     if (usbhid->retry_delay == 0) {
0161         usbhid->retry_delay = 13;   /* Then 26, 52, 104, 104, ... */
0162         usbhid->stop_retry = jiffies + msecs_to_jiffies(1000);
0163     } else if (usbhid->retry_delay < 100)
0164         usbhid->retry_delay *= 2;
0165
0166     if (time_after(jiffies, usbhid->stop_retry)) {
0167
0168         /* Retries failed, so do a port reset unless we lack bandwidth*/
0169         if (!test_bit(HID_NO_BANDWIDTH, &usbhid->iofl)
0170              && !test_and_set_bit(HID_RESET_PENDING, &usbhid->iofl)) {
0171
0172             schedule_work(&usbhid->reset_work);
0173             goto done;
0174         }
0175     }
0176
0177     mod_timer(&usbhid->io_retry,
0178             jiffies + msecs_to_jiffies(usbhid->retry_delay));
0179 done:
0180     spin_unlock_irqrestore(&usbhid->lock, flags);
0181 }
0182
0183 static void usbhid_mark_busy(struct usbhid_device *usbhid)
0184 {
0185     struct usb_interface *intf = usbhid->intf;
0186
0187     usb_mark_last_busy(interface_to_usbdev(intf));
0188 }
0189
0190 static int usbhid_restart_out_queue(struct usbhid_device *usbhid)
0191 {
0192     struct hid_device *hid = usb_get_intfdata(usbhid->intf);
0193     int kicked;
0194     int r;
0195
0196     if (!hid || test_bit(HID_RESET_PENDING, &usbhid->iofl) ||
0197             test_bit(HID_SUSPENDED, &usbhid->iofl))
0198         return 0;
0199
0200     if ((kicked = (usbhid->outhead != usbhid->outtail))) {
0201         hid_dbg(hid, "Kicking head %d tail %d", usbhid->outhead, usbhid->outtail);
0202
0203         /* Try to wake up from autosuspend... */
0204         r = usb_autopm_get_interface_async(usbhid->intf);
0205         if (r < 0)
0206             return r;
0207
0208         /*
0209          * If still suspended, don't submit.  Submission will
0210          * occur if/when resume drains the queue.
0211          */
0212         if (test_bit(HID_SUSPENDED, &usbhid->iofl)) {
0213             usb_autopm_put_interface_no_suspend(usbhid->intf);
0214             return r;
0215         }
0216
0217         /* Asynchronously flush queue. */
0218         set_bit(HID_OUT_RUNNING, &usbhid->iofl);
0219         if (hid_submit_out(hid)) {
0220             clear_bit(HID_OUT_RUNNING, &usbhid->iofl);
0221             usb_autopm_put_interface_async(usbhid->intf);
0222         }
0223         wake_up(&usbhid->wait);
0224     }
0225     return kicked;
0226 }
0227
0228 static int usbhid_restart_ctrl_queue(struct usbhid_device *usbhid)
0229 {
0230     struct hid_device *hid = usb_get_intfdata(usbhid->intf);
0231     int kicked;
0232     int r;
0233
0234     WARN_ON(hid == NULL);
0235     if (!hid || test_bit(HID_RESET_PENDING, &usbhid->iofl) ||
0236             test_bit(HID_SUSPENDED, &usbhid->iofl))
0237         return 0;
0238
0239     if ((kicked = (usbhid->ctrlhead != usbhid->ctrltail))) {
0240         hid_dbg(hid, "Kicking head %d tail %d", usbhid->ctrlhead, usbhid->ctrltail);
0241
0242         /* Try to wake up from autosuspend... */
0243         r = usb_autopm_get_interface_async(usbhid->intf);
0244         if (r < 0)
0245             return r;
0246
0247         /*
0248          * If still suspended, don't submit.  Submission will
0249          * occur if/when resume drains the queue.
0250          */
0251         if (test_bit(HID_SUSPENDED, &usbhid->iofl)) {
0252             usb_autopm_put_interface_no_suspend(usbhid->intf);
0253             return r;
0254         }
0255
0256         /* Asynchronously flush queue. */
0257         set_bit(HID_CTRL_RUNNING, &usbhid->iofl);
0258         if (hid_submit_ctrl(hid)) {
0259             clear_bit(HID_CTRL_RUNNING, &usbhid->iofl);
0260             usb_autopm_put_interface_async(usbhid->intf);
0261         }
0262         wake_up(&usbhid->wait);
0263     }
0264     return kicked;
0265 }
0266
0267 /*
0268  * Input interrupt completion handler.
0269  */
0270
0271 static void hid_irq_in(struct urb *urb)
0272 {
0273     struct hid_device   *hid = urb->context;
0274     struct usbhid_device    *usbhid = hid->driver_data;
0275     int         status;
0276
0277     switch (urb->status) {
0278     case 0:         /* success */
0279         usbhid->retry_delay = 0;
0280         if (!test_bit(HID_OPENED, &usbhid->iofl))
0281             break;
0282         usbhid_mark_busy(usbhid);
0283         if (!test_bit(HID_RESUME_RUNNING, &usbhid->iofl)) {
0284             hid_input_report(urb->context, HID_INPUT_REPORT,
0285                      urb->transfer_buffer,
0286                      urb->actual_length, 1);
0287             /*
0288              * autosuspend refused while keys are pressed
0289              * because most keyboards don't wake up when
0290              * a key is released
0291              */
0292             if (hid_check_keys_pressed(hid))
0293                 set_bit(HID_KEYS_PRESSED, &usbhid->iofl);
0294             else
0295                 clear_bit(HID_KEYS_PRESSED, &usbhid->iofl);
0296         }
0297         break;
0298     case -EPIPE:        /* stall */
0299         usbhid_mark_busy(usbhid);
0300         clear_bit(HID_IN_RUNNING, &usbhid->iofl);
0301         set_bit(HID_CLEAR_HALT, &usbhid->iofl);
0302         schedule_work(&usbhid->reset_work);
0303         return;
0304     case -ECONNRESET:   /* unlink */
0305     case -ENOENT:
0306     case -ESHUTDOWN:    /* unplug */
0307         clear_bit(HID_IN_RUNNING, &usbhid->iofl);
0308         return;
0309     case -EILSEQ:       /* protocol error or unplug */
0310     case -EPROTO:       /* protocol error or unplug */
0311     case -ETIME:        /* protocol error or unplug */
0312     case -ETIMEDOUT:    /* Should never happen, but... */
0313         usbhid_mark_busy(usbhid);
0314         clear_bit(HID_IN_RUNNING, &usbhid->iofl);
0315         hid_io_error(hid);
0316         return;
0317     default:        /* error */
0318         hid_warn(urb->dev, "input irq status %d received\n",
0319              urb->status);
0320     }
0321
0322     status = usb_submit_urb(urb, GFP_ATOMIC);
0323     if (status) {
0324         clear_bit(HID_IN_RUNNING, &usbhid->iofl);
0325         if (status != -EPERM) {
0326             hid_err(hid, "can't resubmit intr, %s-%s/input%d, status %d\n",
0327                 hid_to_usb_dev(hid)->bus->bus_name,
0328                 hid_to_usb_dev(hid)->devpath,
0329                 usbhid->ifnum, status);
0330             hid_io_error(hid);
0331         }
0332     }
0333 }
0334
0335 static int hid_submit_out(struct hid_device *hid)
0336 {
0337     struct hid_report *report;
0338     char *raw_report;
0339     struct usbhid_device *usbhid = hid->driver_data;
0340     int r;
0341
0342     report = usbhid->out[usbhid->outtail].report;
0343     raw_report = usbhid->out[usbhid->outtail].raw_report;
0344
0345     usbhid->urbout->transfer_buffer_length = hid_report_len(report);
0346     usbhid->urbout->dev = hid_to_usb_dev(hid);
0347     if (raw_report) {
0348         memcpy(usbhid->outbuf, raw_report,
0349                 usbhid->urbout->transfer_buffer_length);
0350         kfree(raw_report);
0351         usbhid->out[usbhid->outtail].raw_report = NULL;
0352     }
0353
0354     dbg_hid("submitting out urb\n");
0355
0356     r = usb_submit_urb(usbhid->urbout, GFP_ATOMIC);
0357     if (r < 0) {
0358         hid_err(hid, "usb_submit_urb(out) failed: %d\n", r);
0359         return r;
0360     }
0361     usbhid->last_out = jiffies;
0362     return 0;
0363 }
0364
0365 static int hid_submit_ctrl(struct hid_device *hid)
0366 {
0367     struct hid_report *report;
0368     unsigned char dir;
0369     char *raw_report;
0370     int len, r;
0371     struct usbhid_device *usbhid = hid->driver_data;
0372
0373     report = usbhid->ctrl[usbhid->ctrltail].report;
0374     raw_report = usbhid->ctrl[usbhid->ctrltail].raw_report;
0375     dir = usbhid->ctrl[usbhid->ctrltail].dir;
0376
0377     len = hid_report_len(report);
0378     if (dir == USB_DIR_OUT) {
0379         usbhid->urbctrl->pipe = usb_sndctrlpipe(hid_to_usb_dev(hid), 0);
0380         if (raw_report) {
0381             memcpy(usbhid->ctrlbuf, raw_report, len);
0382             kfree(raw_report);
0383             usbhid->ctrl[usbhid->ctrltail].raw_report = NULL;
0384         }
0385     } else {
0386         int maxpacket;
0387
0388         usbhid->urbctrl->pipe = usb_rcvctrlpipe(hid_to_usb_dev(hid), 0);
0389         maxpacket = usb_maxpacket(hid_to_usb_dev(hid),
0390                       usbhid->urbctrl->pipe);
0391         len += (len == 0);  /* Don't allow 0-length reports */
0392         len = round_up(len, maxpacket);
0393         if (len > usbhid->bufsize)
0394             len = usbhid->bufsize;
0395     }
0396     usbhid->urbctrl->transfer_buffer_length = len;
0397     usbhid->urbctrl->dev = hid_to_usb_dev(hid);
0398
0399     usbhid->cr->bRequestType = USB_TYPE_CLASS | USB_RECIP_INTERFACE | dir;
0400     usbhid->cr->bRequest = (dir == USB_DIR_OUT) ? HID_REQ_SET_REPORT :
0401                               HID_REQ_GET_REPORT;
0402     usbhid->cr->wValue = cpu_to_le16(((report->type + 1) << 8) |
0403                      report->id);
0404     usbhid->cr->wIndex = cpu_to_le16(usbhid->ifnum);
0405     usbhid->cr->wLength = cpu_to_le16(len);
0406
0407     dbg_hid("submitting ctrl urb: %s wValue=0x%04x wIndex=0x%04x wLength=%u\n",
0408         usbhid->cr->bRequest == HID_REQ_SET_REPORT ? "Set_Report" :
0409                                  "Get_Report",
0410         usbhid->cr->wValue, usbhid->cr->wIndex, usbhid->cr->wLength);
0411
0412     r = usb_submit_urb(usbhid->urbctrl, GFP_ATOMIC);
0413     if (r < 0) {
0414         hid_err(hid, "usb_submit_urb(ctrl) failed: %d\n", r);
0415         return r;
0416     }
0417     usbhid->last_ctrl = jiffies;
0418     return 0;
0419 }
0420
0421 /*
0422  * Output interrupt completion handler.
0423  */
0424
0425 static void hid_irq_out(struct urb *urb)
0426 {
0427     struct hid_device *hid = urb->context;
0428     struct usbhid_device *usbhid = hid->driver_data;
0429     unsigned long flags;
0430     int unplug = 0;
0431
0432     switch (urb->status) {
0433     case 0:         /* success */
0434         break;
0435     case -ESHUTDOWN:    /* unplug */
0436         unplug = 1;
0437         break;
0438     case -EILSEQ:       /* protocol error or unplug */
0439     case -EPROTO:       /* protocol error or unplug */
0440     case -ECONNRESET:   /* unlink */
0441     case -ENOENT:
0442         break;
0443     default:        /* error */
0444         hid_warn(urb->dev, "output irq status %d received\n",
0445              urb->status);
0446     }
0447
0448     spin_lock_irqsave(&usbhid->lock, flags);
0449
0450     if (unplug) {
0451         usbhid->outtail = usbhid->outhead;
0452     } else {
0453         usbhid->outtail = (usbhid->outtail + 1) & (HID_OUTPUT_FIFO_SIZE - 1);
0454
0455         if (usbhid->outhead != usbhid->outtail &&
0456                 hid_submit_out(hid) == 0) {
0457             /* Successfully submitted next urb in queue */
0458             spin_unlock_irqrestore(&usbhid->lock, flags);
0459             return;
0460         }
0461     }
0462
0463     clear_bit(HID_OUT_RUNNING, &usbhid->iofl);
0464     spin_unlock_irqrestore(&usbhid->lock, flags);
0465     usb_autopm_put_interface_async(usbhid->intf);
0466     wake_up(&usbhid->wait);
0467 }
0468
0469 /*
0470  * Control pipe completion handler.
0471  */
0472
0473 static void hid_ctrl(struct urb *urb)
0474 {
0475     struct hid_device *hid = urb->context;
0476     struct usbhid_device *usbhid = hid->driver_data;
0477     unsigned long flags;
0478     int unplug = 0, status = urb->status;
0479
0480     switch (status) {
0481     case 0:         /* success */
0482         if (usbhid->ctrl[usbhid->ctrltail].dir == USB_DIR_IN)
0483             hid_input_report(urb->context,
0484                 usbhid->ctrl[usbhid->ctrltail].report->type,
0485                 urb->transfer_buffer, urb->actual_length, 0);
0486         break;
0487     case -ESHUTDOWN:    /* unplug */
0488         unplug = 1;
0489         break;
0490     case -EILSEQ:       /* protocol error or unplug */
0491     case -EPROTO:       /* protocol error or unplug */
0492     case -ECONNRESET:   /* unlink */
0493     case -ENOENT:
0494     case -EPIPE:        /* report not available */
0495         break;
0496     default:        /* error */
0497         hid_warn(urb->dev, "ctrl urb status %d received\n", status);
0498     }
0499
0500     spin_lock_irqsave(&usbhid->lock, flags);
0501
0502     if (unplug) {
0503         usbhid->ctrltail = usbhid->ctrlhead;
0504     } else if (usbhid->ctrlhead != usbhid->ctrltail) {
0505         usbhid->ctrltail = (usbhid->ctrltail + 1) & (HID_CONTROL_FIFO_SIZE - 1);
0506
0507         if (usbhid->ctrlhead != usbhid->ctrltail &&
0508                 hid_submit_ctrl(hid) == 0) {
0509             /* Successfully submitted next urb in queue */
0510             spin_unlock_irqrestore(&usbhid->lock, flags);
0511             return;
0512         }
0513     }
0514
0515     clear_bit(HID_CTRL_RUNNING, &usbhid->iofl);
0516     spin_unlock_irqrestore(&usbhid->lock, flags);
0517     usb_autopm_put_interface_async(usbhid->intf);
0518     wake_up(&usbhid->wait);
0519 }
0520
0521 static void __usbhid_submit_report(struct hid_device *hid, struct hid_report *report,
0522                    unsigned char dir)
0523 {
0524     int head;
0525     struct usbhid_device *usbhid = hid->driver_data;
0526
0527     if (((hid->quirks & HID_QUIRK_NOGET) && dir == USB_DIR_IN) ||
0528         test_bit(HID_DISCONNECTED, &usbhid->iofl))
0529         return;
0530
0531     if (usbhid->urbout && dir == USB_DIR_OUT && report->type == HID_OUTPUT_REPORT) {
0532         if ((head = (usbhid->outhead + 1) & (HID_OUTPUT_FIFO_SIZE - 1)) == usbhid->outtail) {
0533             hid_warn(hid, "output queue full\n");
0534             return;
0535         }
0536
0537         usbhid->out[usbhid->outhead].raw_report = hid_alloc_report_buf(report, GFP_ATOMIC);
0538         if (!usbhid->out[usbhid->outhead].raw_report) {
0539             hid_warn(hid, "output queueing failed\n");
0540             return;
0541         }
0542         hid_output_report(report, usbhid->out[usbhid->outhead].raw_report);
0543         usbhid->out[usbhid->outhead].report = report;
0544         usbhid->outhead = head;
0545
0546         /* If the queue isn't running, restart it */
0547         if (!test_bit(HID_OUT_RUNNING, &usbhid->iofl)) {
0548             usbhid_restart_out_queue(usbhid);
0549
0550         /* Otherwise see if an earlier request has timed out */
0551         } else if (time_after(jiffies, usbhid->last_out + HZ * 5)) {
0552
0553             /* Prevent autosuspend following the unlink */
0554             usb_autopm_get_interface_no_resume(usbhid->intf);
0555
0556             /*
0557              * Prevent resubmission in case the URB completes
0558              * before we can unlink it.  We don't want to cancel
0559              * the wrong transfer!
0560              */
0561             usb_block_urb(usbhid->urbout);
0562
0563             /* Drop lock to avoid deadlock if the callback runs */
0564             spin_unlock(&usbhid->lock);
0565
0566             usb_unlink_urb(usbhid->urbout);
0567             spin_lock(&usbhid->lock);
0568             usb_unblock_urb(usbhid->urbout);
0569
0570             /* Unlink might have stopped the queue */
0571             if (!test_bit(HID_OUT_RUNNING, &usbhid->iofl))
0572                 usbhid_restart_out_queue(usbhid);
0573
0574             /* Now we can allow autosuspend again */
0575             usb_autopm_put_interface_async(usbhid->intf);
0576         }
0577         return;
0578     }
0579
0580     if ((head = (usbhid->ctrlhead + 1) & (HID_CONTROL_FIFO_SIZE - 1)) == usbhid->ctrltail) {
0581         hid_warn(hid, "control queue full\n");
0582         return;
0583     }
0584
0585     if (dir == USB_DIR_OUT) {
0586         usbhid->ctrl[usbhid->ctrlhead].raw_report = hid_alloc_report_buf(report, GFP_ATOMIC);
0587         if (!usbhid->ctrl[usbhid->ctrlhead].raw_report) {
0588             hid_warn(hid, "control queueing failed\n");
0589             return;
0590         }
0591         hid_output_report(report, usbhid->ctrl[usbhid->ctrlhead].raw_report);
0592     }
0593     usbhid->ctrl[usbhid->ctrlhead].report = report;
0594     usbhid->ctrl[usbhid->ctrlhead].dir = dir;
0595     usbhid->ctrlhead = head;
0596
0597     /* If the queue isn't running, restart it */
0598     if (!test_bit(HID_CTRL_RUNNING, &usbhid->iofl)) {
0599         usbhid_restart_ctrl_queue(usbhid);
0600
0601     /* Otherwise see if an earlier request has timed out */
0602     } else if (time_after(jiffies, usbhid->last_ctrl + HZ * 5)) {
0603
0604         /* Prevent autosuspend following the unlink */
0605         usb_autopm_get_interface_no_resume(usbhid->intf);
0606
0607         /*
0608          * Prevent resubmission in case the URB completes
0609          * before we can unlink it.  We don't want to cancel
0610          * the wrong transfer!
0611          */
0612         usb_block_urb(usbhid->urbctrl);
0613
0614         /* Drop lock to avoid deadlock if the callback runs */
0615         spin_unlock(&usbhid->lock);
0616
0617         usb_unlink_urb(usbhid->urbctrl);
0618         spin_lock(&usbhid->lock);
0619         usb_unblock_urb(usbhid->urbctrl);
0620
0621         /* Unlink might have stopped the queue */
0622         if (!test_bit(HID_CTRL_RUNNING, &usbhid->iofl))
0623             usbhid_restart_ctrl_queue(usbhid);
0624
0625         /* Now we can allow autosuspend again */
0626         usb_autopm_put_interface_async(usbhid->intf);
0627     }
0628 }
0629
0630 static void usbhid_submit_report(struct hid_device *hid, struct hid_report *report, unsigned char dir)
0631 {
0632     struct usbhid_device *usbhid = hid->driver_data;
0633     unsigned long flags;
0634
0635     spin_lock_irqsave(&usbhid->lock, flags);
0636     __usbhid_submit_report(hid, report, dir);
0637     spin_unlock_irqrestore(&usbhid->lock, flags);
0638 }
0639
0640 static int usbhid_wait_io(struct hid_device *hid)
0641 {
0642     struct usbhid_device *usbhid = hid->driver_data;
0643
0644     if (!wait_event_timeout(usbhid->wait,
0645                 (!test_bit(HID_CTRL_RUNNING, &usbhid->iofl) &&
0646                 !test_bit(HID_OUT_RUNNING, &usbhid->iofl)),
0647                     10*HZ)) {
0648         dbg_hid("timeout waiting for ctrl or out queue to clear\n");
0649         return -1;
0650     }
0651
0652     return 0;
0653 }
0654
0655 static int hid_set_idle(struct usb_device *dev, int ifnum, int report, int idle)
0656 {
0657     return usb_control_msg(dev, usb_sndctrlpipe(dev, 0),
0658         HID_REQ_SET_IDLE, USB_TYPE_CLASS | USB_RECIP_INTERFACE, (idle << 8) | report,
0659         ifnum, NULL, 0, USB_CTRL_SET_TIMEOUT);
0660 }
0661
0662 static int hid_get_class_descriptor(struct usb_device *dev, int ifnum,
0663         unsigned char type, void *buf, int size)
0664 {
0665     int result, retries = 4;
0666
0667     memset(buf, 0, size);
0668
0669     do {
0670         result = usb_control_msg(dev, usb_rcvctrlpipe(dev, 0),
0671                 USB_REQ_GET_DESCRIPTOR, USB_RECIP_INTERFACE | USB_DIR_IN,
0672                 (type << 8), ifnum, buf, size, USB_CTRL_GET_TIMEOUT);
0673         retries--;
0674     } while (result < size && retries);
0675     return result;
0676 }
0677
0678 static int usbhid_open(struct hid_device *hid)
0679 {
0680     struct usbhid_device *usbhid = hid->driver_data;
0681     int res;
0682
0683     mutex_lock(&usbhid->mutex);
0684
0685     set_bit(HID_OPENED, &usbhid->iofl);
0686
0687     if (hid->quirks & HID_QUIRK_ALWAYS_POLL) {
0688         res = 0;
0689         goto Done;
0690     }
0691
0692     res = usb_autopm_get_interface(usbhid->intf);
0693     /* the device must be awake to reliably request remote wakeup */
0694     if (res < 0) {
0695         clear_bit(HID_OPENED, &usbhid->iofl);
0696         res = -EIO;
0697         goto Done;
0698     }
0699
0700     usbhid->intf->needs_remote_wakeup = 1;
0701
0702     set_bit(HID_RESUME_RUNNING, &usbhid->iofl);
0703     set_bit(HID_IN_POLLING, &usbhid->iofl);
0704
0705     res = hid_start_in(hid);
0706     if (res) {
0707         if (res != -ENOSPC) {
0708             hid_io_error(hid);
0709             res = 0;
0710         } else {
0711             /* no use opening if resources are insufficient */
0712             res = -EBUSY;
0713             clear_bit(HID_OPENED, &usbhid->iofl);
0714             clear_bit(HID_IN_POLLING, &usbhid->iofl);
0715             usbhid->intf->needs_remote_wakeup = 0;
0716         }
0717     }
0718
0719     usb_autopm_put_interface(usbhid->intf);
0720
0721     /*
0722      * In case events are generated while nobody was listening,
0723      * some are released when the device is re-opened.
0724      * Wait 50 msec for the queue to empty before allowing events
0725      * to go through hid.
0726      */
0727     if (res == 0)
0728         msleep(50);
0729
0730     clear_bit(HID_RESUME_RUNNING, &usbhid->iofl);
0731
0732  Done:
0733     mutex_unlock(&usbhid->mutex);
0734     return res;
0735 }
0736
0737 static void usbhid_close(struct hid_device *hid)
0738 {
0739     struct usbhid_device *usbhid = hid->driver_data;
0740
0741     mutex_lock(&usbhid->mutex);
0742
0743     /*
0744      * Make sure we don't restart data acquisition due to
0745      * a resumption we no longer care about by avoiding racing
0746      * with hid_start_in().
0747      */
0748     spin_lock_irq(&usbhid->lock);
0749     clear_bit(HID_OPENED, &usbhid->iofl);
0750     if (!(hid->quirks & HID_QUIRK_ALWAYS_POLL))
0751         clear_bit(HID_IN_POLLING, &usbhid->iofl);
0752     spin_unlock_irq(&usbhid->lock);
0753
0754     if (!(hid->quirks & HID_QUIRK_ALWAYS_POLL)) {
0755         hid_cancel_delayed_stuff(usbhid);
0756         usb_kill_urb(usbhid->urbin);
0757         usbhid->intf->needs_remote_wakeup = 0;
0758     }
0759
0760     mutex_unlock(&usbhid->mutex);
0761 }
0762
0763 /*
0764  * Initialize all reports
0765  */
0766
0767 void usbhid_init_reports(struct hid_device *hid)
0768 {
0769     struct hid_report *report;
0770     struct usbhid_device *usbhid = hid->driver_data;
0771     struct hid_report_enum *report_enum;
0772     int err, ret;
0773
0774     report_enum = &hid->report_enum[HID_INPUT_REPORT];
0775     list_for_each_entry(report, &report_enum->report_list, list)
0776         usbhid_submit_report(hid, report, USB_DIR_IN);
0777
0778     report_enum = &hid->report_enum[HID_FEATURE_REPORT];
0779     list_for_each_entry(report, &report_enum->report_list, list)
0780         usbhid_submit_report(hid, report, USB_DIR_IN);
0781
0782     err = 0;
0783     ret = usbhid_wait_io(hid);
0784     while (ret) {
0785         err |= ret;
0786         if (test_bit(HID_CTRL_RUNNING, &usbhid->iofl))
0787             usb_kill_urb(usbhid->urbctrl);
0788         if (test_bit(HID_OUT_RUNNING, &usbhid->iofl))
0789             usb_kill_urb(usbhid->urbout);
0790         ret = usbhid_wait_io(hid);
0791     }
0792
0793     if (err)
0794         hid_warn(hid, "timeout initializing reports\n");
0795 }
0796
0797 /*
0798  * Reset LEDs which BIOS might have left on. For now, just NumLock (0x01).
0799  */
0800 static int hid_find_field_early(struct hid_device *hid, unsigned int page,
0801     unsigned int hid_code, struct hid_field **pfield)
0802 {
0803     struct hid_report *report;
0804     struct hid_field *field;
0805     struct hid_usage *usage;
0806     int i, j;
0807
0808     list_for_each_entry(report, &hid->report_enum[HID_OUTPUT_REPORT].report_list, list) {
0809         for (i = 0; i < report->maxfield; i++) {
0810             field = report->field[i];
0811             for (j = 0; j < field->maxusage; j++) {
0812                 usage = &field->usage[j];
0813                 if ((usage->hid & HID_USAGE_PAGE) == page &&
0814                     (usage->hid & 0xFFFF) == hid_code) {
0815                     *pfield = field;
0816                     return j;
0817                 }
0818             }
0819         }
0820     }
0821     return -1;
0822 }
0823
0824 static void usbhid_set_leds(struct hid_device *hid)
0825 {
0826     struct hid_field *field;
0827     int offset;
0828
0829     if ((offset = hid_find_field_early(hid, HID_UP_LED, 0x01, &field)) != -1) {
0830         hid_set_field(field, offset, 0);
0831         usbhid_submit_report(hid, field->report, USB_DIR_OUT);
0832     }
0833 }
0834
0835 /*
0836  * Traverse the supplied list of reports and find the longest
0837  */
0838 static void hid_find_max_report(struct hid_device *hid, unsigned int type,
0839         unsigned int *max)
0840 {
0841     struct hid_report *report;
0842     unsigned int size;
0843
0844     list_for_each_entry(report, &hid->report_enum[type].report_list, list) {
0845         size = ((report->size - 1) >> 3) + 1 + hid->report_enum[type].numbered;
0846         if (*max < size)
0847             *max = size;
0848     }
0849 }
0850
0851 static int hid_alloc_buffers(struct usb_device *dev, struct hid_device *hid)
0852 {
0853     struct usbhid_device *usbhid = hid->driver_data;
0854
0855     usbhid->inbuf = usb_alloc_coherent(dev, usbhid->bufsize, GFP_KERNEL,
0856             &usbhid->inbuf_dma);
0857     usbhid->outbuf = usb_alloc_coherent(dev, usbhid->bufsize, GFP_KERNEL,
0858             &usbhid->outbuf_dma);
0859     usbhid->cr = kmalloc(sizeof(*usbhid->cr), GFP_KERNEL);
0860     usbhid->ctrlbuf = usb_alloc_coherent(dev, usbhid->bufsize, GFP_KERNEL,
0861             &usbhid->ctrlbuf_dma);
0862     if (!usbhid->inbuf || !usbhid->outbuf || !usbhid->cr ||
0863             !usbhid->ctrlbuf)
0864         return -1;
0865
0866     return 0;
0867 }
0868
0869 static int usbhid_get_raw_report(struct hid_device *hid,
0870         unsigned char report_number, __u8 *buf, size_t count,
0871         unsigned char report_type)
0872 {
0873     struct usbhid_device *usbhid = hid->driver_data;
0874     struct usb_device *dev = hid_to_usb_dev(hid);
0875     struct usb_interface *intf = usbhid->intf;
0876     struct usb_host_interface *interface = intf->cur_altsetting;
0877     int skipped_report_id = 0;
0878     int ret;
0879
0880     /* Byte 0 is the report number. Report data starts at byte 1.*/
0881     buf[0] = report_number;
0882     if (report_number == 0x0) {
0883         /* Offset the return buffer by 1, so that the report ID
0884            will remain in byte 0. */
0885         buf++;
0886         count--;
0887         skipped_report_id = 1;
0888     }
0889     ret = usb_control_msg(dev, usb_rcvctrlpipe(dev, 0),
0890         HID_REQ_GET_REPORT,
0891         USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_INTERFACE,
0892         ((report_type + 1) << 8) | report_number,
0893         interface->desc.bInterfaceNumber, buf, count,
0894         USB_CTRL_SET_TIMEOUT);
0895
0896     /* count also the report id */
0897     if (ret > 0 && skipped_report_id)
0898         ret++;
0899
0900     return ret;
0901 }
0902
0903 static int usbhid_set_raw_report(struct hid_device *hid, unsigned int reportnum,
0904                  __u8 *buf, size_t count, unsigned char rtype)
0905 {
0906     struct usbhid_device *usbhid = hid->driver_data;
0907     struct usb_device *dev = hid_to_usb_dev(hid);
0908     struct usb_interface *intf = usbhid->intf;
0909     struct usb_host_interface *interface = intf->cur_altsetting;
0910     int ret, skipped_report_id = 0;
0911
0912     /* Byte 0 is the report number. Report data starts at byte 1.*/
0913     if ((rtype == HID_OUTPUT_REPORT) &&
0914         (hid->quirks & HID_QUIRK_SKIP_OUTPUT_REPORT_ID))
0915         buf[0] = 0;
0916     else
0917         buf[0] = reportnum;
0918
0919     if (buf[0] == 0x0) {
0920         /* Don't send the Report ID */
0921         buf++;
0922         count--;
0923         skipped_report_id = 1;
0924     }
0925
0926     ret = usb_control_msg(dev, usb_sndctrlpipe(dev, 0),
0927             HID_REQ_SET_REPORT,
0928             USB_DIR_OUT | USB_TYPE_CLASS | USB_RECIP_INTERFACE,
0929             ((rtype + 1) << 8) | reportnum,
0930             interface->desc.bInterfaceNumber, buf, count,
0931             USB_CTRL_SET_TIMEOUT);
0932     /* count also the report id, if this was a numbered report. */
0933     if (ret > 0 && skipped_report_id)
0934         ret++;
0935
0936     return ret;
0937 }
0938
0939 static int usbhid_output_report(struct hid_device *hid, __u8 *buf, size_t count)
0940 {
0941     struct usbhid_device *usbhid = hid->driver_data;
0942     struct usb_device *dev = hid_to_usb_dev(hid);
0943     int actual_length, skipped_report_id = 0, ret;
0944
0945     if (!usbhid->urbout)
0946         return -ENOSYS;
0947
0948     if (buf[0] == 0x0) {
0949         /* Don't send the Report ID */
0950         buf++;
0951         count--;
0952         skipped_report_id = 1;
0953     }
0954
0955     ret = usb_interrupt_msg(dev, usbhid->urbout->pipe,
0956                 buf, count, &actual_length,
0957                 USB_CTRL_SET_TIMEOUT);
0958     /* return the number of bytes transferred */
0959     if (ret == 0) {
0960         ret = actual_length;
0961         /* count also the report id */
0962         if (skipped_report_id)
0963             ret++;
0964     }
0965
0966     return ret;
0967 }
0968
0969 static void hid_free_buffers(struct usb_device *dev, struct hid_device *hid)
0970 {
0971     struct usbhid_device *usbhid = hid->driver_data;
0972
0973     usb_free_coherent(dev, usbhid->bufsize, usbhid->inbuf, usbhid->inbuf_dma);
0974     usb_free_coherent(dev, usbhid->bufsize, usbhid->outbuf, usbhid->outbuf_dma);
0975     kfree(usbhid->cr);
0976     usb_free_coherent(dev, usbhid->bufsize, usbhid->ctrlbuf, usbhid->ctrlbuf_dma);
0977 }
0978
0979 static int usbhid_parse(struct hid_device *hid)
0980 {
0981     struct usb_interface *intf = to_usb_interface(hid->dev.parent);
0982     struct usb_host_interface *interface = intf->cur_altsetting;
0983     struct usb_device *dev = interface_to_usbdev (intf);
0984     struct hid_descriptor *hdesc;
0985     u32 quirks = 0;
0986     unsigned int rsize = 0;
0987     char *rdesc;
0988     int ret, n;
0989     int num_descriptors;
0990     size_t offset = offsetof(struct hid_descriptor, desc);
0991
0992     quirks = hid_lookup_quirk(hid);
0993
0994     if (quirks & HID_QUIRK_IGNORE)
0995         return -ENODEV;
0996
0997     /* Many keyboards and mice don't like to be polled for reports,
0998      * so we will always set the HID_QUIRK_NOGET flag for them. */
0999     if (interface->desc.bInterfaceSubClass == USB_INTERFACE_SUBCLASS_BOOT) {
1000         if (interface->desc.bInterfaceProtocol == USB_INTERFACE_PROTOCOL_KEYBOARD ||
1001             interface->desc.bInterfaceProtocol == USB_INTERFACE_PROTOCOL_MOUSE)
1002                 quirks |= HID_QUIRK_NOGET;
1003     }
1004
1005     if (usb_get_extra_descriptor(interface, HID_DT_HID, &hdesc) &&
1006         (!interface->desc.bNumEndpoints ||
1007          usb_get_extra_descriptor(&interface->endpoint[0], HID_DT_HID, &hdesc))) {
1008         dbg_hid("class descriptor not present\n");
1009         return -ENODEV;
1010     }
1011
1012     if (hdesc->bLength < sizeof(struct hid_descriptor)) {
1013         dbg_hid("hid descriptor is too short\n");
1014         return -EINVAL;
1015     }
1016
1017     hid->version = le16_to_cpu(hdesc->bcdHID);
1018     hid->country = hdesc->bCountryCode;
1019
1020     num_descriptors = min_t(int, hdesc->bNumDescriptors,
1021            (hdesc->bLength - offset) / sizeof(struct hid_class_descriptor));
1022
1023     for (n = 0; n < num_descriptors; n++)
1024         if (hdesc->desc[n].bDescriptorType == HID_DT_REPORT)
1025             rsize = le16_to_cpu(hdesc->desc[n].wDescriptorLength);
1026
1027     if (!rsize || rsize > HID_MAX_DESCRIPTOR_SIZE) {
1028         dbg_hid("weird size of report descriptor (%u)\n", rsize);
1029         return -EINVAL;
1030     }
1031
1032     rdesc = kmalloc(rsize, GFP_KERNEL);
1033     if (!rdesc)
1034         return -ENOMEM;
1035
1036     hid_set_idle(dev, interface->desc.bInterfaceNumber, 0, 0);
1037
1038     ret = hid_get_class_descriptor(dev, interface->desc.bInterfaceNumber,
1039             HID_DT_REPORT, rdesc, rsize);
1040     if (ret < 0) {
1041         dbg_hid("reading report descriptor failed\n");
1042         kfree(rdesc);
1043         goto err;
1044     }
1045
1046     ret = hid_parse_report(hid, rdesc, rsize);
1047     kfree(rdesc);
1048     if (ret) {
1049         dbg_hid("parsing report descriptor failed\n");
1050         goto err;
1051     }
1052
1053     hid->quirks |= quirks;
1054
1055     return 0;
1056 err:
1057     return ret;
1058 }
1059
1060 static int usbhid_start(struct hid_device *hid)
1061 {
1062     struct usb_interface *intf = to_usb_interface(hid->dev.parent);
1063     struct usb_host_interface *interface = intf->cur_altsetting;
1064     struct usb_device *dev = interface_to_usbdev(intf);
1065     struct usbhid_device *usbhid = hid->driver_data;
1066     unsigned int n, insize = 0;
1067     int ret;
1068
1069     mutex_lock(&usbhid->mutex);
1070
1071     clear_bit(HID_DISCONNECTED, &usbhid->iofl);
1072
1073     usbhid->bufsize = HID_MIN_BUFFER_SIZE;
1074     hid_find_max_report(hid, HID_INPUT_REPORT, &usbhid->bufsize);
1075     hid_find_max_report(hid, HID_OUTPUT_REPORT, &usbhid->bufsize);
1076     hid_find_max_report(hid, HID_FEATURE_REPORT, &usbhid->bufsize);
1077
1078     if (usbhid->bufsize > HID_MAX_BUFFER_SIZE)
1079         usbhid->bufsize = HID_MAX_BUFFER_SIZE;
1080
1081     hid_find_max_report(hid, HID_INPUT_REPORT, &insize);
1082
1083     if (insize > HID_MAX_BUFFER_SIZE)
1084         insize = HID_MAX_BUFFER_SIZE;
1085
1086     if (hid_alloc_buffers(dev, hid)) {
1087         ret = -ENOMEM;
1088         goto fail;
1089     }
1090
1091     for (n = 0; n < interface->desc.bNumEndpoints; n++) {
1092         struct usb_endpoint_descriptor *endpoint;
1093         int pipe;
1094         int interval;
1095
1096         endpoint = &interface->endpoint[n].desc;
1097         if (!usb_endpoint_xfer_int(endpoint))
1098             continue;
1099
1100         interval = endpoint->bInterval;
1101
1102         /* Some vendors give fullspeed interval on highspeed devides */
1103         if (hid->quirks & HID_QUIRK_FULLSPEED_INTERVAL &&
1104             dev->speed == USB_SPEED_HIGH) {
1105             interval = fls(endpoint->bInterval*8);
1106             pr_info("%s: Fixing fullspeed to highspeed interval: %d -> %d\n",
1107                 hid->name, endpoint->bInterval, interval);
1108         }
1109
1110         /* Change the polling interval of mice, joysticks
1111          * and keyboards.
1112          */
1113         switch (hid->collection->usage) {
1114         case HID_GD_MOUSE:
1115             if (hid_mousepoll_interval > 0)
1116                 interval = hid_mousepoll_interval;
1117             break;
1118         case HID_GD_JOYSTICK:
1119             if (hid_jspoll_interval > 0)
1120                 interval = hid_jspoll_interval;
1121             break;
1122         case HID_GD_KEYBOARD:
1123             if (hid_kbpoll_interval > 0)
1124                 interval = hid_kbpoll_interval;
1125             break;
1126         }
1127
1128         ret = -ENOMEM;
1129         if (usb_endpoint_dir_in(endpoint)) {
1130             if (usbhid->urbin)
1131                 continue;
1132             if (!(usbhid->urbin = usb_alloc_urb(0, GFP_KERNEL)))
1133                 goto fail;
1134             pipe = usb_rcvintpipe(dev, endpoint->bEndpointAddress);
1135             usb_fill_int_urb(usbhid->urbin, dev, pipe, usbhid->inbuf, insize,
1136                      hid_irq_in, hid, interval);
1137             usbhid->urbin->transfer_dma = usbhid->inbuf_dma;
1138             usbhid->urbin->transfer_flags |= URB_NO_TRANSFER_DMA_MAP;
1139         } else {
1140             if (usbhid->urbout)
1141                 continue;
1142             if (!(usbhid->urbout = usb_alloc_urb(0, GFP_KERNEL)))
1143                 goto fail;
1144             pipe = usb_sndintpipe(dev, endpoint->bEndpointAddress);
1145             usb_fill_int_urb(usbhid->urbout, dev, pipe, usbhid->outbuf, 0,
1146                      hid_irq_out, hid, interval);
1147             usbhid->urbout->transfer_dma = usbhid->outbuf_dma;
1148             usbhid->urbout->transfer_flags |= URB_NO_TRANSFER_DMA_MAP;
1149         }
1150     }
1151
1152     usbhid->urbctrl = usb_alloc_urb(0, GFP_KERNEL);
1153     if (!usbhid->urbctrl) {
1154         ret = -ENOMEM;
1155         goto fail;
1156     }
1157
1158     usb_fill_control_urb(usbhid->urbctrl, dev, 0, (void *) usbhid->cr,
1159                  usbhid->ctrlbuf, 1, hid_ctrl, hid);
1160     usbhid->urbctrl->transfer_dma = usbhid->ctrlbuf_dma;
1161     usbhid->urbctrl->transfer_flags |= URB_NO_TRANSFER_DMA_MAP;
1162
1163     set_bit(HID_STARTED, &usbhid->iofl);
1164
1165     if (hid->quirks & HID_QUIRK_ALWAYS_POLL) {
1166         ret = usb_autopm_get_interface(usbhid->intf);
1167         if (ret)
1168             goto fail;
1169         set_bit(HID_IN_POLLING, &usbhid->iofl);
1170         usbhid->intf->needs_remote_wakeup = 1;
1171         ret = hid_start_in(hid);
1172         if (ret) {
1173             dev_err(&hid->dev,
1174                 "failed to start in urb: %d\n", ret);
1175         }
1176         usb_autopm_put_interface(usbhid->intf);
1177     }
1178
1179     /* Some keyboards don't work until their LEDs have been set.
1180      * Since BIOSes do set the LEDs, it must be safe for any device
1181      * that supports the keyboard boot protocol.
1182      * In addition, enable remote wakeup by default for all keyboard
1183      * devices supporting the boot protocol.
1184      */
1185     if (interface->desc.bInterfaceSubClass == USB_INTERFACE_SUBCLASS_BOOT &&
1186             interface->desc.bInterfaceProtocol ==
1187                 USB_INTERFACE_PROTOCOL_KEYBOARD) {
1188         usbhid_set_leds(hid);
1189         device_set_wakeup_enable(&dev->dev, 1);
1190     }
1191
1192     mutex_unlock(&usbhid->mutex);
1193     return 0;
1194
1195 fail:
1196     usb_free_urb(usbhid->urbin);
1197     usb_free_urb(usbhid->urbout);
1198     usb_free_urb(usbhid->urbctrl);
1199     usbhid->urbin = NULL;
1200     usbhid->urbout = NULL;
1201     usbhid->urbctrl = NULL;
1202     hid_free_buffers(dev, hid);
1203     mutex_unlock(&usbhid->mutex);
1204     return ret;
1205 }
1206
1207 static void usbhid_stop(struct hid_device *hid)
1208 {
1209     struct usbhid_device *usbhid = hid->driver_data;
1210
1211     if (WARN_ON(!usbhid))
1212         return;
1213
1214     if (hid->quirks & HID_QUIRK_ALWAYS_POLL) {
1215         clear_bit(HID_IN_POLLING, &usbhid->iofl);
1216         usbhid->intf->needs_remote_wakeup = 0;
1217     }
1218
1219     mutex_lock(&usbhid->mutex);
1220
1221     clear_bit(HID_STARTED, &usbhid->iofl);
1222
1223     spin_lock_irq(&usbhid->lock);   /* Sync with error and led handlers */
1224     set_bit(HID_DISCONNECTED, &usbhid->iofl);
1225     while (usbhid->ctrltail != usbhid->ctrlhead) {
1226         if (usbhid->ctrl[usbhid->ctrltail].dir == USB_DIR_OUT) {
1227             kfree(usbhid->ctrl[usbhid->ctrltail].raw_report);
1228             usbhid->ctrl[usbhid->ctrltail].raw_report = NULL;
1229         }
1230
1231         usbhid->ctrltail = (usbhid->ctrltail + 1) &
1232             (HID_CONTROL_FIFO_SIZE - 1);
1233     }
1234     spin_unlock_irq(&usbhid->lock);
1235
1236     usb_kill_urb(usbhid->urbin);
1237     usb_kill_urb(usbhid->urbout);
1238     usb_kill_urb(usbhid->urbctrl);
1239
1240     hid_cancel_delayed_stuff(usbhid);
1241
1242     hid->claimed = 0;
1243
1244     usb_free_urb(usbhid->urbin);
1245     usb_free_urb(usbhid->urbctrl);
1246     usb_free_urb(usbhid->urbout);
1247     usbhid->urbin = NULL; /* don't mess up next start */
1248     usbhid->urbctrl = NULL;
1249     usbhid->urbout = NULL;
1250
1251     hid_free_buffers(hid_to_usb_dev(hid), hid);
1252
1253     mutex_unlock(&usbhid->mutex);
1254 }
1255
1256 static int usbhid_power(struct hid_device *hid, int lvl)
1257 {
1258     struct usbhid_device *usbhid = hid->driver_data;
1259     int r = 0;
1260
1261     switch (lvl) {
1262     case PM_HINT_FULLON:
1263         r = usb_autopm_get_interface(usbhid->intf);
1264         break;
1265
1266     case PM_HINT_NORMAL:
1267         usb_autopm_put_interface(usbhid->intf);
1268         break;
1269     }
1270
1271     return r;
1272 }
1273
1274 static void usbhid_request(struct hid_device *hid, struct hid_report *rep, int reqtype)
1275 {
1276     switch (reqtype) {
1277     case HID_REQ_GET_REPORT:
1278         usbhid_submit_report(hid, rep, USB_DIR_IN);
1279         break;
1280     case HID_REQ_SET_REPORT:
1281         usbhid_submit_report(hid, rep, USB_DIR_OUT);
1282         break;
1283     }
1284 }
1285
1286 static int usbhid_raw_request(struct hid_device *hid, unsigned char reportnum,
1287                   __u8 *buf, size_t len, unsigned char rtype,
1288                   int reqtype)
1289 {
1290     switch (reqtype) {
1291     case HID_REQ_GET_REPORT:
1292         return usbhid_get_raw_report(hid, reportnum, buf, len, rtype);
1293     case HID_REQ_SET_REPORT:
1294         return usbhid_set_raw_report(hid, reportnum, buf, len, rtype);
1295     default:
1296         return -EIO;
1297     }
1298 }
1299
1300 static int usbhid_idle(struct hid_device *hid, int report, int idle,
1301         int reqtype)
1302 {
1303     struct usb_device *dev = hid_to_usb_dev(hid);
1304     struct usb_interface *intf = to_usb_interface(hid->dev.parent);
1305     struct usb_host_interface *interface = intf->cur_altsetting;
1306     int ifnum = interface->desc.bInterfaceNumber;
1307
1308     if (reqtype != HID_REQ_SET_IDLE)
1309         return -EINVAL;
1310
1311     return hid_set_idle(dev, ifnum, report, idle);
1312 }
1313
1314 static bool usbhid_may_wakeup(struct hid_device *hid)
1315 {
1316     struct usb_device *dev = hid_to_usb_dev(hid);
1317
1318     return device_may_wakeup(&dev->dev);
1319 }
1320
1321 struct hid_ll_driver usb_hid_driver = {
1322     .parse = usbhid_parse,
1323     .start = usbhid_start,
1324     .stop = usbhid_stop,
1325     .open = usbhid_open,
1326     .close = usbhid_close,
1327     .power = usbhid_power,
1328     .request = usbhid_request,
1329     .wait = usbhid_wait_io,
1330     .raw_request = usbhid_raw_request,
1331     .output_report = usbhid_output_report,
1332     .idle = usbhid_idle,
1333     .may_wakeup = usbhid_may_wakeup,
1334 };
1335 EXPORT_SYMBOL_GPL(usb_hid_driver);
1336
1337 static int usbhid_probe(struct usb_interface *intf, const struct usb_device_id *id)
1338 {
1339     struct usb_host_interface *interface = intf->cur_altsetting;
1340     struct usb_device *dev = interface_to_usbdev(intf);
1341     struct usbhid_device *usbhid;
1342     struct hid_device *hid;
1343     unsigned int n, has_in = 0;
1344     size_t len;
1345     int ret;
1346
1347     dbg_hid("HID probe called for ifnum %d\n",
1348             intf->altsetting->desc.bInterfaceNumber);
1349
1350     for (n = 0; n < interface->desc.bNumEndpoints; n++)
1351         if (usb_endpoint_is_int_in(&interface->endpoint[n].desc))
1352             has_in++;
1353     if (!has_in) {
1354         hid_err(intf, "couldn't find an input interrupt endpoint\n");
1355         return -ENODEV;
1356     }
1357
1358     hid = hid_allocate_device();
1359     if (IS_ERR(hid))
1360         return PTR_ERR(hid);
1361
1362     usb_set_intfdata(intf, hid);
1363     hid->ll_driver = &usb_hid_driver;
1364     hid->ff_init = hid_pidff_init;
1365 #ifdef CONFIG_USB_HIDDEV
1366     hid->hiddev_connect = hiddev_connect;
1367     hid->hiddev_disconnect = hiddev_disconnect;
1368     hid->hiddev_hid_event = hiddev_hid_event;
1369     hid->hiddev_report_event = hiddev_report_event;
1370 #endif
1371     hid->dev.parent = &intf->dev;
1372     hid->bus = BUS_USB;
1373     hid->vendor = le16_to_cpu(dev->descriptor.idVendor);
1374     hid->product = le16_to_cpu(dev->descriptor.idProduct);
1375     hid->version = le16_to_cpu(dev->descriptor.bcdDevice);
1376     hid->name[0] = 0;
1377     if (intf->cur_altsetting->desc.bInterfaceProtocol ==
1378             USB_INTERFACE_PROTOCOL_MOUSE)
1379         hid->type = HID_TYPE_USBMOUSE;
1380     else if (intf->cur_altsetting->desc.bInterfaceProtocol == 0)
1381         hid->type = HID_TYPE_USBNONE;
1382
1383     if (dev->manufacturer)
1384         strlcpy(hid->name, dev->manufacturer, sizeof(hid->name));
1385
1386     if (dev->product) {
1387         if (dev->manufacturer)
1388             strlcat(hid->name, " ", sizeof(hid->name));
1389         strlcat(hid->name, dev->product, sizeof(hid->name));
1390     }
1391
1392     if (!strlen(hid->name))
1393         snprintf(hid->name, sizeof(hid->name), "HID %04x:%04x",
1394              le16_to_cpu(dev->descriptor.idVendor),
1395              le16_to_cpu(dev->descriptor.idProduct));
1396
1397     usb_make_path(dev, hid->phys, sizeof(hid->phys));
1398     strlcat(hid->phys, "/input", sizeof(hid->phys));
1399     len = strlen(hid->phys);
1400     if (len < sizeof(hid->phys) - 1)
1401         snprintf(hid->phys + len, sizeof(hid->phys) - len,
1402              "%d", intf->altsetting[0].desc.bInterfaceNumber);
1403
1404     if (usb_string(dev, dev->descriptor.iSerialNumber, hid->uniq, 64) <= 0)
1405         hid->uniq[0] = 0;
1406
1407     usbhid = kzalloc(sizeof(*usbhid), GFP_KERNEL);
1408     if (usbhid == NULL) {
1409         ret = -ENOMEM;
1410         goto err;
1411     }
1412
1413     hid->driver_data = usbhid;
1414     usbhid->hid = hid;
1415     usbhid->intf = intf;
1416     usbhid->ifnum = interface->desc.bInterfaceNumber;
1417
1418     init_waitqueue_head(&usbhid->wait);
1419     INIT_WORK(&usbhid->reset_work, hid_reset);
1420     timer_setup(&usbhid->io_retry, hid_retry_timeout, 0);
1421     spin_lock_init(&usbhid->lock);
1422     mutex_init(&usbhid->mutex);
1423
1424     ret = hid_add_device(hid);
1425     if (ret) {
1426         if (ret != -ENODEV)
1427             hid_err(intf, "can't add hid device: %d\n", ret);
1428         goto err_free;
1429     }
1430
1431     return 0;
1432 err_free:
1433     kfree(usbhid);
1434 err:
1435     hid_destroy_device(hid);
1436     return ret;
1437 }
1438
1439 static void usbhid_disconnect(struct usb_interface *intf)
1440 {
1441     struct hid_device *hid = usb_get_intfdata(intf);
1442     struct usbhid_device *usbhid;
1443
1444     if (WARN_ON(!hid))
1445         return;
1446
1447     usbhid = hid->driver_data;
1448     spin_lock_irq(&usbhid->lock);   /* Sync with error and led handlers */
1449     set_bit(HID_DISCONNECTED, &usbhid->iofl);
1450     spin_unlock_irq(&usbhid->lock);
1451     hid_destroy_device(hid);
1452     kfree(usbhid);
1453 }
1454
1455 static void hid_cancel_delayed_stuff(struct usbhid_device *usbhid)
1456 {
1457     del_timer_sync(&usbhid->io_retry);
1458     cancel_work_sync(&usbhid->reset_work);
1459 }
1460
1461 static void hid_cease_io(struct usbhid_device *usbhid)
1462 {
1463     del_timer_sync(&usbhid->io_retry);
1464     usb_kill_urb(usbhid->urbin);
1465     usb_kill_urb(usbhid->urbctrl);
1466     usb_kill_urb(usbhid->urbout);
1467 }
1468
1469 static void hid_restart_io(struct hid_device *hid)
1470 {
1471     struct usbhid_device *usbhid = hid->driver_data;
1472     int clear_halt = test_bit(HID_CLEAR_HALT, &usbhid->iofl);
1473     int reset_pending = test_bit(HID_RESET_PENDING, &usbhid->iofl);
1474
1475     spin_lock_irq(&usbhid->lock);
1476     clear_bit(HID_SUSPENDED, &usbhid->iofl);
1477     usbhid_mark_busy(usbhid);
1478
1479     if (clear_halt || reset_pending)
1480         schedule_work(&usbhid->reset_work);
1481     usbhid->retry_delay = 0;
1482     spin_unlock_irq(&usbhid->lock);
1483
1484     if (reset_pending || !test_bit(HID_STARTED, &usbhid->iofl))
1485         return;
1486
1487     if (!clear_halt) {
1488         if (hid_start_in(hid) < 0)
1489             hid_io_error(hid);
1490     }
1491
1492     spin_lock_irq(&usbhid->lock);
1493     if (usbhid->urbout && !test_bit(HID_OUT_RUNNING, &usbhid->iofl))
1494         usbhid_restart_out_queue(usbhid);
1495     if (!test_bit(HID_CTRL_RUNNING, &usbhid->iofl))
1496         usbhid_restart_ctrl_queue(usbhid);
1497     spin_unlock_irq(&usbhid->lock);
1498 }
1499
1500 /* Treat USB reset pretty much the same as suspend/resume */
1501 static int hid_pre_reset(struct usb_interface *intf)
1502 {
1503     struct hid_device *hid = usb_get_intfdata(intf);
1504     struct usbhid_device *usbhid = hid->driver_data;
1505
1506     spin_lock_irq(&usbhid->lock);
1507     set_bit(HID_RESET_PENDING, &usbhid->iofl);
1508     spin_unlock_irq(&usbhid->lock);
1509     hid_cease_io(usbhid);
1510
1511     return 0;
1512 }
1513
1514 /* Same routine used for post_reset and reset_resume */
1515 static int hid_post_reset(struct usb_interface *intf)
1516 {
1517     struct usb_device *dev = interface_to_usbdev (intf);
1518     struct hid_device *hid = usb_get_intfdata(intf);
1519     struct usbhid_device *usbhid = hid->driver_data;
1520     struct usb_host_interface *interface = intf->cur_altsetting;
1521     int status;
1522     char *rdesc;
1523
1524     /* Fetch and examine the HID report descriptor. If this
1525      * has changed, then rebind. Since usbcore's check of the
1526      * configuration descriptors passed, we already know that
1527      * the size of the HID report descriptor has not changed.
1528      */
1529     rdesc = kmalloc(hid->dev_rsize, GFP_KERNEL);
1530     if (!rdesc)
1531         return -ENOMEM;
1532
1533     status = hid_get_class_descriptor(dev,
1534                 interface->desc.bInterfaceNumber,
1535                 HID_DT_REPORT, rdesc, hid->dev_rsize);
1536     if (status < 0) {
1537         dbg_hid("reading report descriptor failed (post_reset)\n");
1538         kfree(rdesc);
1539         return status;
1540     }
1541     status = memcmp(rdesc, hid->dev_rdesc, hid->dev_rsize);
1542     kfree(rdesc);
1543     if (status != 0) {
1544         dbg_hid("report descriptor changed\n");
1545         return -EPERM;
1546     }
1547
1548     /* No need to do another reset or clear a halted endpoint */
1549     spin_lock_irq(&usbhid->lock);
1550     clear_bit(HID_RESET_PENDING, &usbhid->iofl);
1551     clear_bit(HID_CLEAR_HALT, &usbhid->iofl);
1552     spin_unlock_irq(&usbhid->lock);
1553     hid_set_idle(dev, intf->cur_altsetting->desc.bInterfaceNumber, 0, 0);
1554
1555     hid_restart_io(hid);
1556
1557     return 0;
1558 }
1559
1560 #ifdef CONFIG_PM
1561 static int hid_resume_common(struct hid_device *hid, bool driver_suspended)
1562 {
1563     int status = 0;
1564
1565     hid_restart_io(hid);
1566     if (driver_suspended)
1567         status = hid_driver_resume(hid);
1568     return status;
1569 }
1570
1571 static int hid_suspend(struct usb_interface *intf, pm_message_t message)
1572 {
1573     struct hid_device *hid = usb_get_intfdata(intf);
1574     struct usbhid_device *usbhid = hid->driver_data;
1575     int status = 0;
1576     bool driver_suspended = false;
1577     unsigned int ledcount;
1578
1579     if (PMSG_IS_AUTO(message)) {
1580         ledcount = hidinput_count_leds(hid);
1581         spin_lock_irq(&usbhid->lock);   /* Sync with error handler */
1582         if (!test_bit(HID_RESET_PENDING, &usbhid->iofl)
1583             && !test_bit(HID_CLEAR_HALT, &usbhid->iofl)
1584             && !test_bit(HID_OUT_RUNNING, &usbhid->iofl)
1585             && !test_bit(HID_CTRL_RUNNING, &usbhid->iofl)
1586             && !test_bit(HID_KEYS_PRESSED, &usbhid->iofl)
1587             && (!ledcount || ignoreled))
1588         {
1589             set_bit(HID_SUSPENDED, &usbhid->iofl);
1590             spin_unlock_irq(&usbhid->lock);
1591             status = hid_driver_suspend(hid, message);
1592             if (status < 0)
1593                 goto failed;
1594             driver_suspended = true;
1595         } else {
1596             usbhid_mark_busy(usbhid);
1597             spin_unlock_irq(&usbhid->lock);
1598             return -EBUSY;
1599         }
1600
1601     } else {
1602         /* TODO: resume() might need to handle suspend failure */
1603         status = hid_driver_suspend(hid, message);
1604         driver_suspended = true;
1605         spin_lock_irq(&usbhid->lock);
1606         set_bit(HID_SUSPENDED, &usbhid->iofl);
1607         spin_unlock_irq(&usbhid->lock);
1608         if (usbhid_wait_io(hid) < 0)
1609             status = -EIO;
1610     }
1611
1612     hid_cancel_delayed_stuff(usbhid);
1613     hid_cease_io(usbhid);
1614
1615     if (PMSG_IS_AUTO(message) && test_bit(HID_KEYS_PRESSED, &usbhid->iofl)) {
1616         /* lost race against keypresses */
1617         status = -EBUSY;
1618         goto failed;
1619     }
1620     dev_dbg(&intf->dev, "suspend\n");
1621     return status;
1622
1623  failed:
1624     hid_resume_common(hid, driver_suspended);
1625     return status;
1626 }
1627
1628 static int hid_resume(struct usb_interface *intf)
1629 {
1630     struct hid_device *hid = usb_get_intfdata (intf);
1631     int status;
1632
1633     status = hid_resume_common(hid, true);
1634     dev_dbg(&intf->dev, "resume status %d\n", status);
1635     return 0;
1636 }
1637
1638 static int hid_reset_resume(struct usb_interface *intf)
1639 {
1640     struct hid_device *hid = usb_get_intfdata(intf);
1641     int status;
1642
1643     status = hid_post_reset(intf);
1644     if (status >= 0) {
1645         int ret = hid_driver_reset_resume(hid);
1646         if (ret < 0)
1647             status = ret;
1648     }
1649     return status;
1650 }
1651
1652 #endif /* CONFIG_PM */
1653
1654 static const struct usb_device_id hid_usb_ids[] = {
1655     { .match_flags = USB_DEVICE_ID_MATCH_INT_CLASS,
1656         .bInterfaceClass = USB_INTERFACE_CLASS_HID },
1657     { }                     /* Terminating entry */
1658 };
1659
1660 MODULE_DEVICE_TABLE (usb, hid_usb_ids);
1661
1662 static struct usb_driver hid_driver = {
1663     .name =     "usbhid",
1664     .probe =    usbhid_probe,
1665     .disconnect =   usbhid_disconnect,
1666 #ifdef CONFIG_PM
1667     .suspend =  hid_suspend,
1668     .resume =   hid_resume,
1669     .reset_resume = hid_reset_resume,
1670 #endif
1671     .pre_reset =    hid_pre_reset,
1672     .post_reset =   hid_post_reset,
1673     .id_table = hid_usb_ids,
1674     .supports_autosuspend = 1,
1675 };
1676
1677 struct usb_interface *usbhid_find_interface(int minor)
1678 {
1679     return usb_find_interface(&hid_driver, minor);
1680 }
1681
1682 static int __init hid_init(void)
1683 {
1684     int retval;
1685
1686     retval = hid_quirks_init(quirks_param, BUS_USB, MAX_USBHID_BOOT_QUIRKS);
1687     if (retval)
1688         goto usbhid_quirks_init_fail;
1689     retval = usb_register(&hid_driver);
1690     if (retval)
1691         goto usb_register_fail;
1692     pr_info(KBUILD_MODNAME ": " DRIVER_DESC "\n");
1693
1694     return 0;
1695 usb_register_fail:
1696     hid_quirks_exit(BUS_USB);
1697 usbhid_quirks_init_fail:
1698     return retval;
1699 }
1700
1701 static void __exit hid_exit(void)
1702 {
1703     usb_deregister(&hid_driver);
1704     hid_quirks_exit(BUS_USB);
1705 }
1706
1707 module_init(hid_init);
1708 module_exit(hid_exit);
1709
1710 MODULE_AUTHOR("Andreas Gal");
1711 MODULE_AUTHOR("Vojtech Pavlik");
1712 MODULE_AUTHOR("Jiri Kosina");
1713 MODULE_DESCRIPTION(DRIVER_DESC);
1714 MODULE_LICENSE("GPL");