1 /*
2 * Copyright (C) 2003-2008 Takahiro Hirofuchi
3 *
4 * This is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License as published by
6 * the Free Software Foundation; either version 2 of the License, or
7 * (at your option) any later version.
8 *
9 * This is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
13 *
14 * You should have received a copy of the GNU General Public License
15 * along with this program; if not, write to the Free Software
16 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
17 * USA.
18 */
19
20 #include <linux/kthread.h>
21 #include <linux/socket.h>
22
23 #include "usbip_common.h"
24 #include "stub.h"
25
stub_free_priv_and_urb(struct stub_priv * priv)26 static void stub_free_priv_and_urb(struct stub_priv *priv)
27 {
28 struct urb *urb = priv->urb;
29
30 kfree(urb->setup_packet);
31 kfree(urb->transfer_buffer);
32 list_del(&priv->list);
33 kmem_cache_free(stub_priv_cache, priv);
34 usb_free_urb(urb);
35 }
36
37 /* be in spin_lock_irqsave(&sdev->priv_lock, flags) */
stub_enqueue_ret_unlink(struct stub_device * sdev,__u32 seqnum,__u32 status)38 void stub_enqueue_ret_unlink(struct stub_device *sdev, __u32 seqnum,
39 __u32 status)
40 {
41 struct stub_unlink *unlink;
42
43 unlink = kzalloc(sizeof(struct stub_unlink), GFP_ATOMIC);
44 if (!unlink) {
45 dev_err(&sdev->interface->dev, "alloc stub_unlink\n");
46 usbip_event_add(&sdev->ud, VDEV_EVENT_ERROR_MALLOC);
47 return;
48 }
49
50 unlink->seqnum = seqnum;
51 unlink->status = status;
52
53 list_add_tail(&unlink->list, &sdev->unlink_tx);
54 }
55
56 /**
57 * stub_complete - completion handler of a usbip urb
58 * @urb: pointer to the urb completed
59 *
60 * When a urb has completed, the USB core driver calls this function mostly in
61 * the interrupt context. To return the result of a urb, the completed urb is
62 * linked to the pending list of returning.
63 *
64 */
stub_complete(struct urb * urb)65 void stub_complete(struct urb *urb)
66 {
67 struct stub_priv *priv = (struct stub_priv *) urb->context;
68 struct stub_device *sdev = priv->sdev;
69 unsigned long flags;
70
71 usbip_dbg_stub_tx("complete! status %d\n", urb->status);
72
73 switch (urb->status) {
74 case 0:
75 /* OK */
76 break;
77 case -ENOENT:
78 dev_info(&urb->dev->dev, "stopped by a call to usb_kill_urb() "
79 "because of cleaning up a virtual connection\n");
80 return;
81 case -ECONNRESET:
82 dev_info(&urb->dev->dev, "unlinked by a call to "
83 "usb_unlink_urb()\n");
84 break;
85 case -EPIPE:
86 dev_info(&urb->dev->dev, "endpoint %d is stalled\n",
87 usb_pipeendpoint(urb->pipe));
88 break;
89 case -ESHUTDOWN:
90 dev_info(&urb->dev->dev, "device removed?\n");
91 break;
92 default:
93 dev_info(&urb->dev->dev, "urb completion with non-zero status "
94 "%d\n", urb->status);
95 break;
96 }
97
98 /* link a urb to the queue of tx. */
99 spin_lock_irqsave(&sdev->priv_lock, flags);
100 if (priv->unlinking) {
101 stub_enqueue_ret_unlink(sdev, priv->seqnum, urb->status);
102 stub_free_priv_and_urb(priv);
103 } else {
104 list_move_tail(&priv->list, &sdev->priv_tx);
105 }
106 spin_unlock_irqrestore(&sdev->priv_lock, flags);
107
108 /* wake up tx_thread */
109 wake_up(&sdev->tx_waitq);
110 }
111
setup_base_pdu(struct usbip_header_basic * base,__u32 command,__u32 seqnum)112 static inline void setup_base_pdu(struct usbip_header_basic *base,
113 __u32 command, __u32 seqnum)
114 {
115 base->command = command;
116 base->seqnum = seqnum;
117 base->devid = 0;
118 base->ep = 0;
119 base->direction = 0;
120 }
121
setup_ret_submit_pdu(struct usbip_header * rpdu,struct urb * urb)122 static void setup_ret_submit_pdu(struct usbip_header *rpdu, struct urb *urb)
123 {
124 struct stub_priv *priv = (struct stub_priv *) urb->context;
125
126 setup_base_pdu(&rpdu->base, USBIP_RET_SUBMIT, priv->seqnum);
127 usbip_pack_pdu(rpdu, urb, USBIP_RET_SUBMIT, 1);
128 }
129
setup_ret_unlink_pdu(struct usbip_header * rpdu,struct stub_unlink * unlink)130 static void setup_ret_unlink_pdu(struct usbip_header *rpdu,
131 struct stub_unlink *unlink)
132 {
133 setup_base_pdu(&rpdu->base, USBIP_RET_UNLINK, unlink->seqnum);
134 rpdu->u.ret_unlink.status = unlink->status;
135 }
136
dequeue_from_priv_tx(struct stub_device * sdev)137 static struct stub_priv *dequeue_from_priv_tx(struct stub_device *sdev)
138 {
139 unsigned long flags;
140 struct stub_priv *priv, *tmp;
141
142 spin_lock_irqsave(&sdev->priv_lock, flags);
143
144 list_for_each_entry_safe(priv, tmp, &sdev->priv_tx, list) {
145 list_move_tail(&priv->list, &sdev->priv_free);
146 spin_unlock_irqrestore(&sdev->priv_lock, flags);
147 return priv;
148 }
149
150 spin_unlock_irqrestore(&sdev->priv_lock, flags);
151
152 return NULL;
153 }
154
stub_send_ret_submit(struct stub_device * sdev)155 static int stub_send_ret_submit(struct stub_device *sdev)
156 {
157 unsigned long flags;
158 struct stub_priv *priv, *tmp;
159
160 struct msghdr msg;
161 size_t txsize;
162
163 size_t total_size = 0;
164
165 while ((priv = dequeue_from_priv_tx(sdev)) != NULL) {
166 int ret;
167 struct urb *urb = priv->urb;
168 struct usbip_header pdu_header;
169 void *iso_buffer = NULL;
170 struct kvec *iov = NULL;
171 int iovnum = 0;
172
173 txsize = 0;
174 memset(&pdu_header, 0, sizeof(pdu_header));
175 memset(&msg, 0, sizeof(msg));
176
177 if (usb_pipetype(urb->pipe) == PIPE_ISOCHRONOUS)
178 iovnum = 2 + urb->number_of_packets;
179 else
180 iovnum = 2;
181
182 iov = kzalloc(iovnum * sizeof(struct kvec), GFP_KERNEL);
183
184 if (!iov) {
185 usbip_event_add(&sdev->ud, SDEV_EVENT_ERROR_MALLOC);
186 return -1;
187 }
188
189 iovnum = 0;
190
191 /* 1. setup usbip_header */
192 setup_ret_submit_pdu(&pdu_header, urb);
193 usbip_dbg_stub_tx("setup txdata seqnum: %d urb: %p\n",
194 pdu_header.base.seqnum, urb);
195 /*usbip_dump_header(pdu_header);*/
196 usbip_header_correct_endian(&pdu_header, 1);
197
198 iov[iovnum].iov_base = &pdu_header;
199 iov[iovnum].iov_len = sizeof(pdu_header);
200 iovnum++;
201 txsize += sizeof(pdu_header);
202
203 /* 2. setup transfer buffer */
204 if (usb_pipein(urb->pipe) &&
205 usb_pipetype(urb->pipe) != PIPE_ISOCHRONOUS &&
206 urb->actual_length > 0) {
207 iov[iovnum].iov_base = urb->transfer_buffer;
208 iov[iovnum].iov_len = urb->actual_length;
209 iovnum++;
210 txsize += urb->actual_length;
211 } else if (usb_pipein(urb->pipe) &&
212 usb_pipetype(urb->pipe) == PIPE_ISOCHRONOUS) {
213 /*
214 * For isochronous packets: actual length is the sum of
215 * the actual length of the individual, packets, but as
216 * the packet offsets are not changed there will be
217 * padding between the packets. To optimally use the
218 * bandwidth the padding is not transmitted.
219 */
220
221 int i;
222 for (i = 0; i < urb->number_of_packets; i++) {
223 iov[iovnum].iov_base = urb->transfer_buffer +
224 urb->iso_frame_desc[i].offset;
225 iov[iovnum].iov_len =
226 urb->iso_frame_desc[i].actual_length;
227 iovnum++;
228 txsize += urb->iso_frame_desc[i].actual_length;
229 }
230
231 if (txsize != sizeof(pdu_header) + urb->actual_length) {
232 dev_err(&sdev->interface->dev,
233 "actual length of urb %d does not "
234 "match iso packet sizes %zu\n",
235 urb->actual_length,
236 txsize-sizeof(pdu_header));
237 kfree(iov);
238 usbip_event_add(&sdev->ud,
239 SDEV_EVENT_ERROR_TCP);
240 return -1;
241 }
242 }
243
244 /* 3. setup iso_packet_descriptor */
245 if (usb_pipetype(urb->pipe) == PIPE_ISOCHRONOUS) {
246 ssize_t len = 0;
247
248 iso_buffer = usbip_alloc_iso_desc_pdu(urb, &len);
249 if (!iso_buffer) {
250 usbip_event_add(&sdev->ud,
251 SDEV_EVENT_ERROR_MALLOC);
252 kfree(iov);
253 return -1;
254 }
255
256 iov[iovnum].iov_base = iso_buffer;
257 iov[iovnum].iov_len = len;
258 txsize += len;
259 iovnum++;
260 }
261
262 ret = kernel_sendmsg(sdev->ud.tcp_socket, &msg,
263 iov, iovnum, txsize);
264 if (ret != txsize) {
265 dev_err(&sdev->interface->dev,
266 "sendmsg failed!, retval %d for %zd\n",
267 ret, txsize);
268 kfree(iov);
269 kfree(iso_buffer);
270 usbip_event_add(&sdev->ud, SDEV_EVENT_ERROR_TCP);
271 return -1;
272 }
273
274 kfree(iov);
275 kfree(iso_buffer);
276
277 total_size += txsize;
278 }
279
280 spin_lock_irqsave(&sdev->priv_lock, flags);
281 list_for_each_entry_safe(priv, tmp, &sdev->priv_free, list) {
282 stub_free_priv_and_urb(priv);
283 }
284 spin_unlock_irqrestore(&sdev->priv_lock, flags);
285
286 return total_size;
287 }
288
dequeue_from_unlink_tx(struct stub_device * sdev)289 static struct stub_unlink *dequeue_from_unlink_tx(struct stub_device *sdev)
290 {
291 unsigned long flags;
292 struct stub_unlink *unlink, *tmp;
293
294 spin_lock_irqsave(&sdev->priv_lock, flags);
295
296 list_for_each_entry_safe(unlink, tmp, &sdev->unlink_tx, list) {
297 list_move_tail(&unlink->list, &sdev->unlink_free);
298 spin_unlock_irqrestore(&sdev->priv_lock, flags);
299 return unlink;
300 }
301
302 spin_unlock_irqrestore(&sdev->priv_lock, flags);
303
304 return NULL;
305 }
306
stub_send_ret_unlink(struct stub_device * sdev)307 static int stub_send_ret_unlink(struct stub_device *sdev)
308 {
309 unsigned long flags;
310 struct stub_unlink *unlink, *tmp;
311
312 struct msghdr msg;
313 struct kvec iov[1];
314 size_t txsize;
315
316 size_t total_size = 0;
317
318 while ((unlink = dequeue_from_unlink_tx(sdev)) != NULL) {
319 int ret;
320 struct usbip_header pdu_header;
321
322 txsize = 0;
323 memset(&pdu_header, 0, sizeof(pdu_header));
324 memset(&msg, 0, sizeof(msg));
325 memset(&iov, 0, sizeof(iov));
326
327 usbip_dbg_stub_tx("setup ret unlink %lu\n", unlink->seqnum);
328
329 /* 1. setup usbip_header */
330 setup_ret_unlink_pdu(&pdu_header, unlink);
331 usbip_header_correct_endian(&pdu_header, 1);
332
333 iov[0].iov_base = &pdu_header;
334 iov[0].iov_len = sizeof(pdu_header);
335 txsize += sizeof(pdu_header);
336
337 ret = kernel_sendmsg(sdev->ud.tcp_socket, &msg, iov,
338 1, txsize);
339 if (ret != txsize) {
340 dev_err(&sdev->interface->dev,
341 "sendmsg failed!, retval %d for %zd\n",
342 ret, txsize);
343 usbip_event_add(&sdev->ud, SDEV_EVENT_ERROR_TCP);
344 return -1;
345 }
346
347 usbip_dbg_stub_tx("send txdata\n");
348 total_size += txsize;
349 }
350
351 spin_lock_irqsave(&sdev->priv_lock, flags);
352
353 list_for_each_entry_safe(unlink, tmp, &sdev->unlink_free, list) {
354 list_del(&unlink->list);
355 kfree(unlink);
356 }
357
358 spin_unlock_irqrestore(&sdev->priv_lock, flags);
359
360 return total_size;
361 }
362
stub_tx_loop(void * data)363 int stub_tx_loop(void *data)
364 {
365 struct usbip_device *ud = data;
366 struct stub_device *sdev = container_of(ud, struct stub_device, ud);
367
368 while (!kthread_should_stop()) {
369 if (usbip_event_happened(ud))
370 break;
371
372 /*
373 * send_ret_submit comes earlier than send_ret_unlink. stub_rx
374 * looks at only priv_init queue. If the completion of a URB is
375 * earlier than the receive of CMD_UNLINK, priv is moved to
376 * priv_tx queue and stub_rx does not find the target priv. In
377 * this case, vhci_rx receives the result of the submit request
378 * and then receives the result of the unlink request. The
379 * result of the submit is given back to the usbcore as the
380 * completion of the unlink request. The request of the
381 * unlink is ignored. This is ok because a driver who calls
382 * usb_unlink_urb() understands the unlink was too late by
383 * getting the status of the given-backed URB which has the
384 * status of usb_submit_urb().
385 */
386 if (stub_send_ret_submit(sdev) < 0)
387 break;
388
389 if (stub_send_ret_unlink(sdev) < 0)
390 break;
391
392 wait_event_interruptible(sdev->tx_waitq,
393 (!list_empty(&sdev->priv_tx) ||
394 !list_empty(&sdev->unlink_tx) ||
395 kthread_should_stop()));
396 }
397
398 return 0;
399 }
400