0001
0002
0003
0004
0005
0006
0007
0008 #include <net/sock.h>
0009 #include <linux/list.h>
0010 #include <linux/kthread.h>
0011
0012 #include "usbip_common.h"
0013 #include "vudc.h"
0014
0015 static int alloc_urb_from_cmd(struct urb **urbp,
0016 struct usbip_header *pdu, u8 type)
0017 {
0018 struct urb *urb;
0019
0020 if (type == USB_ENDPOINT_XFER_ISOC)
0021 urb = usb_alloc_urb(pdu->u.cmd_submit.number_of_packets,
0022 GFP_KERNEL);
0023 else
0024 urb = usb_alloc_urb(0, GFP_KERNEL);
0025
0026 if (!urb)
0027 goto err;
0028
0029 usbip_pack_pdu(pdu, urb, USBIP_CMD_SUBMIT, 0);
0030
0031 if (urb->transfer_buffer_length > 0) {
0032 urb->transfer_buffer = kzalloc(urb->transfer_buffer_length,
0033 GFP_KERNEL);
0034 if (!urb->transfer_buffer)
0035 goto free_urb;
0036 }
0037
0038 urb->setup_packet = kmemdup(&pdu->u.cmd_submit.setup, 8,
0039 GFP_KERNEL);
0040 if (!urb->setup_packet)
0041 goto free_buffer;
0042
0043
0044
0045
0046
0047 urb->pipe |= pdu->base.direction == USBIP_DIR_IN ?
0048 USB_DIR_IN : USB_DIR_OUT;
0049
0050 *urbp = urb;
0051 return 0;
0052
0053 free_buffer:
0054 kfree(urb->transfer_buffer);
0055 urb->transfer_buffer = NULL;
0056 free_urb:
0057 usb_free_urb(urb);
0058 err:
0059 return -ENOMEM;
0060 }
0061
0062 static int v_recv_cmd_unlink(struct vudc *udc,
0063 struct usbip_header *pdu)
0064 {
0065 unsigned long flags;
0066 struct urbp *urb_p;
0067
0068 spin_lock_irqsave(&udc->lock, flags);
0069 list_for_each_entry(urb_p, &udc->urb_queue, urb_entry) {
0070 if (urb_p->seqnum != pdu->u.cmd_unlink.seqnum)
0071 continue;
0072 urb_p->urb->unlinked = -ECONNRESET;
0073 urb_p->seqnum = pdu->base.seqnum;
0074 v_kick_timer(udc, jiffies);
0075 spin_unlock_irqrestore(&udc->lock, flags);
0076 return 0;
0077 }
0078
0079 spin_lock(&udc->lock_tx);
0080 v_enqueue_ret_unlink(udc, pdu->base.seqnum, 0);
0081 wake_up(&udc->tx_waitq);
0082 spin_unlock(&udc->lock_tx);
0083 spin_unlock_irqrestore(&udc->lock, flags);
0084
0085 return 0;
0086 }
0087
0088 static int v_recv_cmd_submit(struct vudc *udc,
0089 struct usbip_header *pdu)
0090 {
0091 int ret = 0;
0092 struct urbp *urb_p;
0093 u8 address;
0094 unsigned long flags;
0095
0096 urb_p = alloc_urbp();
0097 if (!urb_p) {
0098 usbip_event_add(&udc->ud, VUDC_EVENT_ERROR_MALLOC);
0099 return -ENOMEM;
0100 }
0101
0102
0103 address = pdu->base.ep;
0104 if (pdu->base.direction == USBIP_DIR_IN)
0105 address |= USB_DIR_IN;
0106
0107 spin_lock_irqsave(&udc->lock, flags);
0108 urb_p->ep = vudc_find_endpoint(udc, address);
0109 if (!urb_p->ep) {
0110
0111 dev_err(&udc->pdev->dev, "request to nonexistent endpoint");
0112 spin_unlock_irqrestore(&udc->lock, flags);
0113 usbip_event_add(&udc->ud, VUDC_EVENT_ERROR_TCP);
0114 ret = -EPIPE;
0115 goto free_urbp;
0116 }
0117 urb_p->type = urb_p->ep->type;
0118 spin_unlock_irqrestore(&udc->lock, flags);
0119
0120 urb_p->new = 1;
0121 urb_p->seqnum = pdu->base.seqnum;
0122
0123 if (urb_p->ep->type == USB_ENDPOINT_XFER_ISOC) {
0124
0125 unsigned int maxp, packets, bytes;
0126
0127 maxp = usb_endpoint_maxp(urb_p->ep->desc);
0128 maxp *= usb_endpoint_maxp_mult(urb_p->ep->desc);
0129 bytes = pdu->u.cmd_submit.transfer_buffer_length;
0130 packets = DIV_ROUND_UP(bytes, maxp);
0131
0132 if (pdu->u.cmd_submit.number_of_packets < 0 ||
0133 pdu->u.cmd_submit.number_of_packets > packets) {
0134 dev_err(&udc->gadget.dev,
0135 "CMD_SUBMIT: isoc invalid num packets %d\n",
0136 pdu->u.cmd_submit.number_of_packets);
0137 ret = -EMSGSIZE;
0138 goto free_urbp;
0139 }
0140 }
0141
0142 ret = alloc_urb_from_cmd(&urb_p->urb, pdu, urb_p->ep->type);
0143 if (ret) {
0144 usbip_event_add(&udc->ud, VUDC_EVENT_ERROR_MALLOC);
0145 ret = -ENOMEM;
0146 goto free_urbp;
0147 }
0148
0149 urb_p->urb->status = -EINPROGRESS;
0150
0151
0152 urb_p->urb->pipe &= ~(3 << 30);
0153 switch (urb_p->ep->type) {
0154 case USB_ENDPOINT_XFER_BULK:
0155 urb_p->urb->pipe |= (PIPE_BULK << 30);
0156 break;
0157 case USB_ENDPOINT_XFER_INT:
0158 urb_p->urb->pipe |= (PIPE_INTERRUPT << 30);
0159 break;
0160 case USB_ENDPOINT_XFER_CONTROL:
0161 urb_p->urb->pipe |= (PIPE_CONTROL << 30);
0162 break;
0163 case USB_ENDPOINT_XFER_ISOC:
0164 urb_p->urb->pipe |= (PIPE_ISOCHRONOUS << 30);
0165 break;
0166 }
0167 ret = usbip_recv_xbuff(&udc->ud, urb_p->urb);
0168 if (ret < 0)
0169 goto free_urbp;
0170
0171 ret = usbip_recv_iso(&udc->ud, urb_p->urb);
0172 if (ret < 0)
0173 goto free_urbp;
0174
0175 spin_lock_irqsave(&udc->lock, flags);
0176 v_kick_timer(udc, jiffies);
0177 list_add_tail(&urb_p->urb_entry, &udc->urb_queue);
0178 spin_unlock_irqrestore(&udc->lock, flags);
0179
0180 return 0;
0181
0182 free_urbp:
0183 free_urbp_and_urb(urb_p);
0184 return ret;
0185 }
0186
0187 static int v_rx_pdu(struct usbip_device *ud)
0188 {
0189 int ret;
0190 struct usbip_header pdu;
0191 struct vudc *udc = container_of(ud, struct vudc, ud);
0192
0193 memset(&pdu, 0, sizeof(pdu));
0194 ret = usbip_recv(ud->tcp_socket, &pdu, sizeof(pdu));
0195 if (ret != sizeof(pdu)) {
0196 usbip_event_add(ud, VUDC_EVENT_ERROR_TCP);
0197 if (ret >= 0)
0198 return -EPIPE;
0199 return ret;
0200 }
0201 usbip_header_correct_endian(&pdu, 0);
0202
0203 spin_lock_irq(&ud->lock);
0204 ret = (ud->status == SDEV_ST_USED);
0205 spin_unlock_irq(&ud->lock);
0206 if (!ret) {
0207 usbip_event_add(ud, VUDC_EVENT_ERROR_TCP);
0208 return -EBUSY;
0209 }
0210
0211 switch (pdu.base.command) {
0212 case USBIP_CMD_UNLINK:
0213 ret = v_recv_cmd_unlink(udc, &pdu);
0214 break;
0215 case USBIP_CMD_SUBMIT:
0216 ret = v_recv_cmd_submit(udc, &pdu);
0217 break;
0218 default:
0219 ret = -EPIPE;
0220 pr_err("rx: unknown command");
0221 break;
0222 }
0223 return ret;
0224 }
0225
0226 int v_rx_loop(void *data)
0227 {
0228 struct usbip_device *ud = data;
0229 int ret = 0;
0230
0231 while (!kthread_should_stop()) {
0232 if (usbip_event_happened(ud))
0233 break;
0234 ret = v_rx_pdu(ud);
0235 if (ret < 0) {
0236 pr_warn("v_rx exit with error %d", ret);
0237 break;
0238 }
0239 }
0240 return ret;
0241 }
