uhidev.c revision 1.79.2.1
1 /* $NetBSD: uhidev.c,v 1.79.2.1 2021/03/22 02:01:02 thorpej Exp $ */ 2 3 /* 4 * Copyright (c) 2001, 2012 The NetBSD Foundation, Inc. 5 * All rights reserved. 6 * 7 * This code is derived from software contributed to The NetBSD Foundation 8 * by Lennart Augustsson (lennart (at) augustsson.net) at 9 * Carlstedt Research & Technology and Matthew R. Green (mrg (at) eterna.com.au). 10 * 11 * Redistribution and use in source and binary forms, with or without 12 * modification, are permitted provided that the following conditions 13 * are met: 14 * 1. Redistributions of source code must retain the above copyright 15 * notice, this list of conditions and the following disclaimer. 16 * 2. Redistributions in binary form must reproduce the above copyright 17 * notice, this list of conditions and the following disclaimer in the 18 * documentation and/or other materials provided with the distribution. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 21 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 22 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 23 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 24 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 25 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 26 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 27 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 28 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 29 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 30 * POSSIBILITY OF SUCH DAMAGE. 31 */ 32 33 /* 34 * HID spec: http://www.usb.org/developers/devclass_docs/HID1_11.pdf 35 */ 36 37 #include <sys/cdefs.h> 38 __KERNEL_RCSID(0, "$NetBSD: uhidev.c,v 1.79.2.1 2021/03/22 02:01:02 thorpej Exp $"); 39 40 #ifdef _KERNEL_OPT 41 #include "opt_usb.h" 42 #endif 43 44 #include <sys/param.h> 45 #include <sys/types.h> 46 47 #include <sys/conf.h> 48 #include <sys/device.h> 49 #include <sys/ioctl.h> 50 #include <sys/kernel.h> 51 #include <sys/kmem.h> 52 #include <sys/lwp.h> 53 #include <sys/rndsource.h> 54 #include <sys/signalvar.h> 55 #include <sys/systm.h> 56 57 #include <dev/usb/usb.h> 58 #include <dev/usb/usbhid.h> 59 60 #include <dev/usb/usbdevs.h> 61 #include <dev/usb/usbdi.h> 62 #include <dev/usb/usbdi_util.h> 63 #include <dev/usb/usb_quirks.h> 64 65 #include <dev/usb/uhidev.h> 66 #include <dev/hid/hid.h> 67 68 /* Report descriptor for broken Wacom Graphire */ 69 #include <dev/usb/ugraphire_rdesc.h> 70 /* Report descriptor for game controllers in "XInput" mode */ 71 #include <dev/usb/xinput_rdesc.h> 72 /* Report descriptor for Xbox One controllers */ 73 #include <dev/usb/x1input_rdesc.h> 74 75 #include "locators.h" 76 77 #ifdef UHIDEV_DEBUG 78 #define DPRINTF(x) if (uhidevdebug) printf x 79 #define DPRINTFN(n,x) if (uhidevdebug>(n)) printf x 80 int uhidevdebug = 0; 81 #else 82 #define DPRINTF(x) 83 #define DPRINTFN(n,x) 84 #endif 85 86 Static void uhidev_intr(struct usbd_xfer *, void *, usbd_status); 87 88 Static int uhidev_maxrepid(void *, int); 89 Static int uhidevprint(void *, const char *); 90 91 static int uhidev_match(device_t, cfdata_t, void *); 92 static void uhidev_attach(device_t, device_t, void *); 93 static void uhidev_childdet(device_t, device_t); 94 static int uhidev_detach(device_t, int); 95 static int uhidev_activate(device_t, enum devact); 96 97 CFATTACH_DECL2_NEW(uhidev, sizeof(struct uhidev_softc), uhidev_match, 98 uhidev_attach, uhidev_detach, uhidev_activate, NULL, uhidev_childdet); 99 100 static int 101 uhidev_match(device_t parent, cfdata_t match, void *aux) 102 { 103 struct usbif_attach_arg *uiaa = aux; 104 105 /* Game controllers in "XInput" mode */ 106 if (USBIF_IS_XINPUT(uiaa)) 107 return UMATCH_IFACECLASS_IFACESUBCLASS_IFACEPROTO; 108 /* Xbox One controllers */ 109 if (USBIF_IS_X1INPUT(uiaa) && uiaa->uiaa_ifaceno == 0) 110 return UMATCH_IFACECLASS_IFACESUBCLASS_IFACEPROTO; 111 112 if (uiaa->uiaa_class != UICLASS_HID) 113 return UMATCH_NONE; 114 if (usbd_get_quirks(uiaa->uiaa_device)->uq_flags & UQ_HID_IGNORE) 115 return UMATCH_NONE; 116 return UMATCH_IFACECLASS_GENERIC; 117 } 118 119 static void 120 uhidev_attach(device_t parent, device_t self, void *aux) 121 { 122 struct uhidev_softc *sc = device_private(self); 123 struct usbif_attach_arg *uiaa = aux; 124 struct usbd_interface *iface = uiaa->uiaa_iface; 125 usb_interface_descriptor_t *id; 126 usb_endpoint_descriptor_t *ed; 127 struct uhidev_attach_arg uha; 128 device_t dev; 129 struct uhidev *csc; 130 int maxinpktsize, size, nrepid, repid, repsz; 131 int *repsizes; 132 int i; 133 void *desc; 134 const void *descptr; 135 usbd_status err; 136 char *devinfop; 137 int locs[UHIDBUSCF_NLOCS]; 138 139 sc->sc_dev = self; 140 sc->sc_udev = uiaa->uiaa_device; 141 sc->sc_iface = iface; 142 143 aprint_naive("\n"); 144 aprint_normal("\n"); 145 146 mutex_init(&sc->sc_lock, MUTEX_DEFAULT, IPL_SOFTUSB); 147 cv_init(&sc->sc_cv, "uhidev"); 148 sc->sc_writelock = NULL; 149 sc->sc_configlock = NULL; 150 151 id = usbd_get_interface_descriptor(iface); 152 153 devinfop = usbd_devinfo_alloc(uiaa->uiaa_device, 0); 154 aprint_normal_dev(self, "%s, iclass %d/%d\n", 155 devinfop, id->bInterfaceClass, id->bInterfaceSubClass); 156 usbd_devinfo_free(devinfop); 157 158 if (!pmf_device_register(self, NULL, NULL)) 159 aprint_error_dev(self, "couldn't establish power handler\n"); 160 161 if (uiaa->uiaa_vendor == USB_VENDOR_WACOM) { 162 if (uiaa->uiaa_product == USB_PRODUCT_WACOM_XD0912U) { 163 /* 164 * Wacom Intuos2 (XD-0912-U) requires longer idle time to 165 * initialize the device with 0x0202. 166 */ 167 DELAY(500000); 168 } 169 } 170 (void)usbd_set_idle(iface, 0, 0); 171 172 if ((usbd_get_quirks(sc->sc_udev)->uq_flags & UQ_NO_SET_PROTO) == 0) 173 (void)usbd_set_protocol(iface, 1); 174 175 maxinpktsize = 0; 176 sc->sc_iep_addr = sc->sc_oep_addr = -1; 177 for (i = 0; i < id->bNumEndpoints; i++) { 178 ed = usbd_interface2endpoint_descriptor(iface, i); 179 if (ed == NULL) { 180 aprint_error_dev(self, 181 "could not read endpoint descriptor\n"); 182 sc->sc_dying = 1; 183 return; 184 } 185 186 DPRINTFN(10,("uhidev_attach: bLength=%d bDescriptorType=%d " 187 "bEndpointAddress=%d-%s bmAttributes=%d wMaxPacketSize=%d" 188 " bInterval=%d\n", 189 ed->bLength, ed->bDescriptorType, 190 ed->bEndpointAddress & UE_ADDR, 191 UE_GET_DIR(ed->bEndpointAddress)==UE_DIR_IN? "in" : "out", 192 ed->bmAttributes & UE_XFERTYPE, 193 UGETW(ed->wMaxPacketSize), ed->bInterval)); 194 195 if (UE_GET_DIR(ed->bEndpointAddress) == UE_DIR_IN && 196 (ed->bmAttributes & UE_XFERTYPE) == UE_INTERRUPT) { 197 maxinpktsize = UGETW(ed->wMaxPacketSize); 198 sc->sc_iep_addr = ed->bEndpointAddress; 199 } else if (UE_GET_DIR(ed->bEndpointAddress) == UE_DIR_OUT && 200 (ed->bmAttributes & UE_XFERTYPE) == UE_INTERRUPT) { 201 sc->sc_oep_addr = ed->bEndpointAddress; 202 } else { 203 aprint_verbose_dev(self, "endpoint %d: ignored\n", i); 204 } 205 } 206 207 /* 208 * Check that we found an input interrupt endpoint. The output interrupt 209 * endpoint is optional 210 */ 211 if (sc->sc_iep_addr == -1) { 212 aprint_error_dev(self, "no input interrupt endpoint\n"); 213 sc->sc_dying = 1; 214 return; 215 } 216 217 /* XXX need to extend this */ 218 descptr = NULL; 219 if (uiaa->uiaa_vendor == USB_VENDOR_WACOM) { 220 static uByte reportbuf[3]; 221 222 /* The report descriptor for the Wacom Graphire is broken. */ 223 switch (uiaa->uiaa_product) { 224 case USB_PRODUCT_WACOM_GRAPHIRE3_4X5: 225 case USB_PRODUCT_WACOM_GRAPHIRE3_6X8: 226 case USB_PRODUCT_WACOM_GRAPHIRE4_4X5: /* The 6x8 too? */ 227 /* 228 * The Graphire3 needs 0x0202 to be written to 229 * feature report ID 2 before it'll start 230 * returning digitizer data. 231 */ 232 reportbuf[0] = 0x02; 233 reportbuf[1] = 0x02; 234 usbd_set_report(uiaa->uiaa_iface, UHID_FEATURE_REPORT, 2, 235 &reportbuf, 2); 236 237 size = sizeof(uhid_graphire3_4x5_report_descr); 238 descptr = uhid_graphire3_4x5_report_descr; 239 break; 240 case USB_PRODUCT_WACOM_GRAPHIRE: 241 case USB_PRODUCT_WACOM_GRAPHIRE2: 242 case USB_PRODUCT_WACOM_XD0912U: 243 case USB_PRODUCT_WACOM_CTH690K0: 244 reportbuf[0] = 0x02; 245 reportbuf[1] = 0x02; 246 usbd_set_report(uiaa->uiaa_iface, UHID_FEATURE_REPORT, 2, 247 &reportbuf, 2); 248 break; 249 default: 250 /* Keep descriptor */ 251 break; 252 } 253 } 254 if (USBIF_IS_XINPUT(uiaa)) { 255 size = sizeof(uhid_xinput_report_descr); 256 descptr = uhid_xinput_report_descr; 257 } 258 if (USBIF_IS_X1INPUT(uiaa)) { 259 sc->sc_flags |= UHIDEV_F_XB1; 260 size = sizeof(uhid_x1input_report_descr); 261 descptr = uhid_x1input_report_descr; 262 } 263 264 if (descptr) { 265 desc = kmem_alloc(size, KM_SLEEP); 266 err = USBD_NORMAL_COMPLETION; 267 memcpy(desc, descptr, size); 268 } else { 269 desc = NULL; 270 err = usbd_read_report_desc(uiaa->uiaa_iface, &desc, &size); 271 } 272 if (err) { 273 aprint_error_dev(self, "no report descriptor\n"); 274 sc->sc_dying = 1; 275 return; 276 } 277 278 if (uiaa->uiaa_vendor == USB_VENDOR_HOSIDEN && 279 uiaa->uiaa_product == USB_PRODUCT_HOSIDEN_PPP) { 280 static uByte reportbuf[] = { 1 }; 281 /* 282 * This device was sold by Konami with its ParaParaParadise 283 * game for PlayStation2. It needs to be "turned on" 284 * before it will send any reports. 285 */ 286 287 usbd_set_report(uiaa->uiaa_iface, UHID_FEATURE_REPORT, 0, 288 &reportbuf, sizeof(reportbuf)); 289 } 290 291 if (uiaa->uiaa_vendor == USB_VENDOR_LOGITECH && 292 uiaa->uiaa_product == USB_PRODUCT_LOGITECH_CBT44 && size == 0xb1) { 293 uint8_t *data = desc; 294 /* 295 * This device has a odd USAGE_MINIMUM value that would 296 * cause the multimedia keys to have their usage number 297 * shifted up one usage. Adjust so the usages are sane. 298 */ 299 300 if (data[0x56] == 0x19 && data[0x57] == 0x01 && 301 data[0x58] == 0x2a && data[0x59] == 0x8c) 302 data[0x57] = 0x00; 303 } 304 305 /* 306 * Enable the Six Axis and DualShock 3 controllers. 307 * See http://ps3.jim.sh/sixaxis/usb/ 308 */ 309 if (uiaa->uiaa_vendor == USB_VENDOR_SONY && 310 uiaa->uiaa_product == USB_PRODUCT_SONY_PS3CONTROLLER) { 311 usb_device_request_t req; 312 char data[17]; 313 int actlen; 314 315 req.bmRequestType = UT_READ_CLASS_INTERFACE; 316 req.bRequest = 1; 317 USETW(req.wValue, 0x3f2); 318 USETW(req.wIndex, 0); 319 USETW(req.wLength, sizeof(data)); 320 321 usbd_do_request_flags(sc->sc_udev, &req, data, 322 USBD_SHORT_XFER_OK, &actlen, USBD_DEFAULT_TIMEOUT); 323 } 324 325 sc->sc_repdesc = desc; 326 sc->sc_repdesc_size = size; 327 328 uha.uiaa = uiaa; 329 nrepid = uhidev_maxrepid(desc, size); 330 if (nrepid < 0) 331 return; 332 if (nrepid > 0) 333 aprint_normal_dev(self, "%d report ids\n", nrepid); 334 nrepid++; 335 repsizes = kmem_alloc(nrepid * sizeof(*repsizes), KM_SLEEP); 336 sc->sc_subdevs = kmem_zalloc(nrepid * sizeof(sc->sc_subdevs[0]), 337 KM_SLEEP); 338 339 /* Just request max packet size for the interrupt pipe */ 340 sc->sc_isize = maxinpktsize; 341 sc->sc_nrepid = nrepid; 342 343 usbd_add_drv_event(USB_EVENT_DRIVER_ATTACH, sc->sc_udev, sc->sc_dev); 344 345 for (repid = 0; repid < nrepid; repid++) { 346 repsz = hid_report_size(desc, size, hid_input, repid); 347 DPRINTF(("uhidev_match: repid=%d, repsz=%d\n", repid, repsz)); 348 repsizes[repid] = repsz; 349 } 350 351 DPRINTF(("uhidev_attach: isize=%d\n", sc->sc_isize)); 352 353 uha.parent = sc; 354 for (repid = 0; repid < nrepid; repid++) { 355 DPRINTF(("uhidev_match: try repid=%d\n", repid)); 356 if (hid_report_size(desc, size, hid_input, repid) == 0 && 357 hid_report_size(desc, size, hid_output, repid) == 0 && 358 hid_report_size(desc, size, hid_feature, repid) == 0) { 359 ; /* already NULL in sc->sc_subdevs[repid] */ 360 } else { 361 uha.reportid = repid; 362 locs[UHIDBUSCF_REPORTID] = repid; 363 364 dev = config_found(self, &uha, uhidevprint, 365 CFARG_SUBMATCH, config_stdsubmatch, 366 CFARG_IATTR, "uhidbus", 367 CFARG_LOCATORS, locs, 368 CFARG_EOL); 369 sc->sc_subdevs[repid] = dev; 370 if (dev != NULL) { 371 csc = device_private(dev); 372 csc->sc_in_rep_size = repsizes[repid]; 373 #ifdef DIAGNOSTIC 374 DPRINTF(("uhidev_match: repid=%d dev=%p\n", 375 repid, dev)); 376 if (csc->sc_intr == NULL) { 377 kmem_free(repsizes, 378 nrepid * sizeof(*repsizes)); 379 aprint_error_dev(self, 380 "sc_intr == NULL\n"); 381 return; 382 } 383 #endif 384 rnd_attach_source(&csc->rnd_source, 385 device_xname(dev), 386 RND_TYPE_TTY, 387 RND_FLAG_DEFAULT); 388 } 389 } 390 } 391 kmem_free(repsizes, nrepid * sizeof(*repsizes)); 392 393 return; 394 } 395 396 int 397 uhidev_maxrepid(void *buf, int len) 398 { 399 struct hid_data *d; 400 struct hid_item h; 401 int maxid; 402 403 maxid = -1; 404 h.report_ID = 0; 405 for (d = hid_start_parse(buf, len, hid_none); hid_get_item(d, &h); ) 406 if ((int)h.report_ID > maxid) 407 maxid = h.report_ID; 408 hid_end_parse(d); 409 return maxid; 410 } 411 412 int 413 uhidevprint(void *aux, const char *pnp) 414 { 415 struct uhidev_attach_arg *uha = aux; 416 417 if (pnp) 418 aprint_normal("uhid at %s", pnp); 419 if (uha->reportid != 0) 420 aprint_normal(" reportid %d", uha->reportid); 421 return UNCONF; 422 } 423 424 static int 425 uhidev_activate(device_t self, enum devact act) 426 { 427 struct uhidev_softc *sc = device_private(self); 428 429 switch (act) { 430 case DVACT_DEACTIVATE: 431 sc->sc_dying = 1; 432 return 0; 433 default: 434 return EOPNOTSUPP; 435 } 436 } 437 438 static void 439 uhidev_childdet(device_t self, device_t child) 440 { 441 int i; 442 struct uhidev_softc *sc = device_private(self); 443 444 for (i = 0; i < sc->sc_nrepid; i++) { 445 if (sc->sc_subdevs[i] == child) 446 break; 447 } 448 KASSERT(i < sc->sc_nrepid); 449 sc->sc_subdevs[i] = NULL; 450 } 451 452 static int 453 uhidev_detach(device_t self, int flags) 454 { 455 struct uhidev_softc *sc = device_private(self); 456 int i, rv; 457 struct uhidev *csc; 458 459 DPRINTF(("uhidev_detach: sc=%p flags=%d\n", sc, flags)); 460 461 /* Notify that we are going away. */ 462 mutex_enter(&sc->sc_lock); 463 sc->sc_dying = 1; 464 cv_broadcast(&sc->sc_cv); 465 mutex_exit(&sc->sc_lock); 466 467 /* 468 * Try to detach all our children. If anything fails, bail. 469 * Failure can happen if this is from drvctl -d; of course, if 470 * this is a USB device being yanked, flags will have 471 * DETACH_FORCE and the children will not have the option of 472 * refusing detachment. 473 */ 474 for (i = 0; i < sc->sc_nrepid; i++) { 475 if (sc->sc_subdevs[i] == NULL) 476 continue; 477 /* 478 * XXX rnd_detach_source should go in uhidev_childdet, 479 * but the struct krndsource lives in the child's 480 * softc, which is gone by the time of childdet. The 481 * parent uhidev_softc should be changed to allocate 482 * the struct krndsource, not the child. 483 */ 484 csc = device_private(sc->sc_subdevs[i]); 485 rnd_detach_source(&csc->rnd_source); 486 rv = config_detach(sc->sc_subdevs[i], flags); 487 if (rv) { 488 rnd_attach_source(&csc->rnd_source, 489 device_xname(sc->sc_dev), 490 RND_TYPE_TTY, RND_FLAG_DEFAULT); 491 mutex_enter(&sc->sc_lock); 492 sc->sc_dying = 0; 493 mutex_exit(&sc->sc_lock); 494 return rv; 495 } 496 } 497 498 KASSERTMSG(sc->sc_refcnt == 0, 499 "%s: %d refs remain", device_xname(sc->sc_dev), sc->sc_refcnt); 500 KASSERT(sc->sc_opipe == NULL); 501 KASSERT(sc->sc_ipipe == NULL); 502 KASSERT(sc->sc_ibuf == NULL); 503 504 if (sc->sc_repdesc != NULL) { 505 kmem_free(sc->sc_repdesc, sc->sc_repdesc_size); 506 sc->sc_repdesc = NULL; 507 } 508 if (sc->sc_subdevs != NULL) { 509 int nrepid = sc->sc_nrepid; 510 kmem_free(sc->sc_subdevs, nrepid * sizeof(sc->sc_subdevs[0])); 511 sc->sc_subdevs = NULL; 512 } 513 514 usbd_add_drv_event(USB_EVENT_DRIVER_DETACH, sc->sc_udev, sc->sc_dev); 515 516 pmf_device_deregister(self); 517 KASSERT(sc->sc_configlock == NULL); 518 KASSERT(sc->sc_writelock == NULL); 519 cv_destroy(&sc->sc_cv); 520 mutex_destroy(&sc->sc_lock); 521 522 return rv; 523 } 524 525 void 526 uhidev_intr(struct usbd_xfer *xfer, void *addr, usbd_status status) 527 { 528 struct uhidev_softc *sc = addr; 529 device_t cdev; 530 struct uhidev *scd; 531 u_char *p; 532 u_int rep; 533 uint32_t cc; 534 535 usbd_get_xfer_status(xfer, NULL, NULL, &cc, NULL); 536 537 #ifdef UHIDEV_DEBUG 538 if (uhidevdebug > 5) { 539 uint32_t i; 540 541 DPRINTF(("uhidev_intr: status=%d cc=%d\n", status, cc)); 542 DPRINTF(("uhidev_intr: data =")); 543 for (i = 0; i < cc; i++) 544 DPRINTF((" %02x", sc->sc_ibuf[i])); 545 DPRINTF(("\n")); 546 } 547 #endif 548 549 if (status == USBD_CANCELLED) 550 return; 551 552 if (status != USBD_NORMAL_COMPLETION) { 553 DPRINTF(("%s: interrupt status=%d\n", device_xname(sc->sc_dev), 554 status)); 555 usbd_clear_endpoint_stall_async(sc->sc_ipipe); 556 return; 557 } 558 559 p = sc->sc_ibuf; 560 if (sc->sc_nrepid != 1) 561 rep = *p++, cc--; 562 else 563 rep = 0; 564 if (rep >= sc->sc_nrepid) { 565 printf("uhidev_intr: bad repid %d\n", rep); 566 return; 567 } 568 cdev = sc->sc_subdevs[rep]; 569 if (!cdev) 570 return; 571 scd = device_private(cdev); 572 DPRINTFN(5,("uhidev_intr: rep=%d, scd=%p state=%#x\n", 573 rep, scd, scd ? scd->sc_state : 0)); 574 if (!(scd->sc_state & UHIDEV_OPEN)) 575 return; 576 #ifdef UHIDEV_DEBUG 577 if (scd->sc_in_rep_size != cc) { 578 DPRINTF(("%s: expected %d bytes, got %d\n", 579 device_xname(sc->sc_dev), scd->sc_in_rep_size, cc)); 580 } 581 #endif 582 if (cc == 0) { 583 DPRINTF(("%s: 0-length input ignored\n", 584 device_xname(sc->sc_dev))); 585 return; 586 } 587 rnd_add_uint32(&scd->rnd_source, (uintptr_t)(sc->sc_ibuf)); 588 scd->sc_intr(scd, p, cc); 589 } 590 591 void 592 uhidev_get_report_desc(struct uhidev_softc *sc, void **desc, int *size) 593 { 594 *desc = sc->sc_repdesc; 595 *size = sc->sc_repdesc_size; 596 } 597 598 static int 599 uhidev_config_enter(struct uhidev_softc *sc) 600 { 601 int error; 602 603 KASSERT(mutex_owned(&sc->sc_lock)); 604 605 for (;;) { 606 if (sc->sc_dying) 607 return ENXIO; 608 if (sc->sc_configlock == NULL) 609 break; 610 error = cv_wait_sig(&sc->sc_cv, &sc->sc_lock); 611 if (error) 612 return error; 613 } 614 615 sc->sc_configlock = curlwp; 616 return 0; 617 } 618 619 static void 620 uhidev_config_enter_nointr(struct uhidev_softc *sc) 621 { 622 623 KASSERT(mutex_owned(&sc->sc_lock)); 624 625 while (sc->sc_configlock) 626 cv_wait(&sc->sc_cv, &sc->sc_lock); 627 sc->sc_configlock = curlwp; 628 } 629 630 static void 631 uhidev_config_exit(struct uhidev_softc *sc) 632 { 633 634 KASSERT(mutex_owned(&sc->sc_lock)); 635 KASSERTMSG(sc->sc_configlock == curlwp, "%s: migrated from %p to %p", 636 device_xname(sc->sc_dev), curlwp, sc->sc_configlock); 637 638 sc->sc_configlock = NULL; 639 cv_broadcast(&sc->sc_cv); 640 } 641 642 /* 643 * uhidev_open_pipes(sc) 644 * 645 * Ensure the pipes of the softc are open. Caller must hold 646 * sc_lock, which may be released and reacquired. 647 */ 648 static int 649 uhidev_open_pipes(struct uhidev_softc *sc) 650 { 651 usbd_status err; 652 int error; 653 654 KASSERT(mutex_owned(&sc->sc_lock)); 655 656 /* If the device is dying, refuse. */ 657 if (sc->sc_dying) 658 return ENXIO; 659 660 /* 661 * If the pipes are already open, just increment the reference 662 * count, or fail if it would overflow. 663 */ 664 if (sc->sc_refcnt) { 665 if (sc->sc_refcnt == INT_MAX) 666 return EBUSY; 667 sc->sc_refcnt++; 668 return 0; 669 } 670 671 /* 672 * If there's no input data to prepare, don't bother with the 673 * pipes. We assume any device that does output also does 674 * input; if you have a device where this is wrong, then 675 * uhidev_write will fail gracefully (it checks sc->sc_opipe), 676 * and you can use that device to test the changes needed to 677 * open the output pipe here. 678 */ 679 if (sc->sc_isize == 0) 680 return 0; 681 682 /* 683 * Lock the configuration and release sc_lock we may sleep to 684 * allocate. If someone else got in first, we're done; 685 * otherwise open the pipes. 686 */ 687 error = uhidev_config_enter(sc); 688 if (error) 689 goto out; 690 if (sc->sc_refcnt) { 691 if (sc->sc_refcnt == INT_MAX) { 692 error = EBUSY; 693 } else { 694 sc->sc_refcnt++; 695 error = 0; 696 } 697 goto out0; 698 } 699 mutex_exit(&sc->sc_lock); 700 701 /* Allocate an input buffer. */ 702 sc->sc_ibuf = kmem_alloc(sc->sc_isize, KM_SLEEP); 703 704 /* Set up input interrupt pipe. */ 705 DPRINTF(("%s: isize=%d, ep=0x%02x\n", __func__, sc->sc_isize, 706 sc->sc_iep_addr)); 707 708 err = usbd_open_pipe_intr(sc->sc_iface, sc->sc_iep_addr, 709 USBD_SHORT_XFER_OK, &sc->sc_ipipe, sc, sc->sc_ibuf, 710 sc->sc_isize, uhidev_intr, USBD_DEFAULT_INTERVAL); 711 if (err != USBD_NORMAL_COMPLETION) { 712 DPRINTF(("uhidopen: usbd_open_pipe_intr failed, " 713 "error=%d\n", err)); 714 error = EIO; 715 goto out1; 716 } 717 718 /* 719 * Set up output interrupt pipe if an output interrupt endpoint 720 * exists. 721 */ 722 if (sc->sc_oep_addr != -1) { 723 DPRINTF(("uhidev_open: oep=0x%02x\n", sc->sc_oep_addr)); 724 725 err = usbd_open_pipe(sc->sc_iface, sc->sc_oep_addr, 726 0, &sc->sc_opipe); 727 728 if (err != USBD_NORMAL_COMPLETION) { 729 DPRINTF(("uhidev_open: usbd_open_pipe failed, " 730 "error=%d\n", err)); 731 error = EIO; 732 goto out2; 733 } 734 DPRINTF(("uhidev_open: sc->sc_opipe=%p\n", sc->sc_opipe)); 735 736 error = usbd_create_xfer(sc->sc_opipe, UHIDEV_OSIZE, 0, 0, 737 &sc->sc_oxfer); 738 if (error) { 739 DPRINTF(("uhidev_open: couldn't allocate an xfer\n")); 740 goto out3; 741 } 742 743 if (sc->sc_flags & UHIDEV_F_XB1) { 744 uint8_t init_data[] = { 0x05, 0x20 }; 745 int init_data_len = sizeof(init_data); 746 err = usbd_intr_transfer(sc->sc_oxfer, sc->sc_opipe, 0, 747 USBD_NO_TIMEOUT, init_data, &init_data_len); 748 if (err != USBD_NORMAL_COMPLETION) { 749 DPRINTF(("uhidev_open: xb1 init failed, " 750 "error=%d\n", err)); 751 error = EIO; 752 goto out4; 753 } 754 } 755 } 756 757 /* Success! */ 758 mutex_enter(&sc->sc_lock); 759 KASSERTMSG(sc->sc_refcnt == 0, "%d refs spuriously acquired", 760 sc->sc_refcnt); 761 sc->sc_refcnt++; 762 goto out0; 763 764 out4: if (sc->sc_oxfer) { 765 usbd_abort_pipe(sc->sc_opipe); 766 usbd_destroy_xfer(sc->sc_oxfer); 767 sc->sc_oxfer = NULL; 768 } 769 out3: if (sc->sc_opipe) { 770 usbd_close_pipe(sc->sc_opipe); 771 sc->sc_opipe = NULL; 772 } 773 out2: if (sc->sc_ipipe) { 774 usbd_abort_pipe(sc->sc_ipipe); 775 usbd_close_pipe(sc->sc_ipipe); 776 sc->sc_ipipe = NULL; 777 } 778 out1: kmem_free(sc->sc_ibuf, sc->sc_isize); 779 sc->sc_ibuf = NULL; 780 mutex_enter(&sc->sc_lock); 781 out0: KASSERT(mutex_owned(&sc->sc_lock)); 782 uhidev_config_exit(sc); 783 out: KASSERT(mutex_owned(&sc->sc_lock)); 784 return error; 785 } 786 787 static void 788 uhidev_close_pipes(struct uhidev_softc *sc) 789 { 790 791 KASSERT(mutex_owned(&sc->sc_lock)); 792 KASSERTMSG(sc->sc_refcnt > 0, "%s: refcnt fouled: %d", 793 device_xname(sc->sc_dev), sc->sc_refcnt); 794 795 /* If this isn't the last reference, just decrement. */ 796 if (sc->sc_refcnt > 1) { 797 sc->sc_refcnt--; 798 return; 799 } 800 801 /* 802 * Lock the configuration and release sc_lock so we may sleep 803 * to free memory. We're not waiting for anyone to allocate or 804 * free anything. 805 */ 806 uhidev_config_enter_nointr(sc); 807 808 /* 809 * If someone else acquired a reference while we were waiting 810 * for the config lock, nothing more for us to do. 811 */ 812 if (sc->sc_refcnt > 1) { 813 sc->sc_refcnt--; 814 uhidev_config_exit(sc); 815 return; 816 } 817 818 /* 819 * We're the last reference and committed to closing the pipes. 820 * Decrement the reference count before we release the lock -- 821 * access to the pipes is allowed as long as the reference 822 * count is positive, so this forces all new opens to wait 823 * until the config lock is released. 824 */ 825 KASSERTMSG(sc->sc_refcnt == 1, "%s: refcnt fouled: %d", 826 device_xname(sc->sc_dev), sc->sc_refcnt); 827 sc->sc_refcnt--; 828 mutex_exit(&sc->sc_lock); 829 830 if (sc->sc_oxfer) { 831 usbd_abort_pipe(sc->sc_opipe); 832 usbd_destroy_xfer(sc->sc_oxfer); 833 sc->sc_oxfer = NULL; 834 } 835 if (sc->sc_opipe) { 836 usbd_close_pipe(sc->sc_opipe); 837 sc->sc_opipe = NULL; 838 } 839 if (sc->sc_ipipe) { 840 usbd_abort_pipe(sc->sc_ipipe); 841 usbd_close_pipe(sc->sc_ipipe); 842 sc->sc_ipipe = NULL; 843 } 844 kmem_free(sc->sc_ibuf, sc->sc_isize); 845 sc->sc_ibuf = NULL; 846 847 mutex_enter(&sc->sc_lock); 848 uhidev_config_exit(sc); 849 KASSERTMSG(sc->sc_refcnt == 0, "%s: refcnt fouled: %d", 850 device_xname(sc->sc_dev), sc->sc_refcnt); 851 } 852 853 int 854 uhidev_open(struct uhidev *scd) 855 { 856 struct uhidev_softc *sc = scd->sc_parent; 857 int error; 858 859 mutex_enter(&sc->sc_lock); 860 861 DPRINTF(("uhidev_open(%s, report %d = %s): state=%x refcnt=%d\n", 862 device_xname(sc->sc_dev), 863 scd->sc_report_id, 864 device_xname(scd->sc_dev), 865 scd->sc_state, 866 sc->sc_refcnt)); 867 868 /* Mark the report id open. This is an exclusive lock. */ 869 if (scd->sc_state & UHIDEV_OPEN) { 870 error = EBUSY; 871 goto fail0; 872 } 873 scd->sc_state |= UHIDEV_OPEN; 874 875 /* Open the pipes which are shared by all report ids. */ 876 error = uhidev_open_pipes(sc); 877 if (error) 878 goto fail1; 879 880 mutex_exit(&sc->sc_lock); 881 882 /* Success! */ 883 return 0; 884 885 fail2: __unused 886 uhidev_close_pipes(sc); 887 fail1: KASSERTMSG(scd->sc_state & UHIDEV_OPEN, 888 "%s: report id %d: closed while opening", 889 device_xname(sc->sc_dev), scd->sc_report_id); 890 scd->sc_state &= ~UHIDEV_OPEN; 891 fail0: mutex_exit(&sc->sc_lock); 892 return error; 893 } 894 895 void 896 uhidev_stop(struct uhidev *scd) 897 { 898 struct uhidev_softc *sc = scd->sc_parent; 899 bool abort = false; 900 901 mutex_enter(&sc->sc_lock); 902 if (sc->sc_writereportid == scd->sc_report_id) 903 abort = true; 904 mutex_exit(&sc->sc_lock); 905 906 if (abort && sc->sc_opipe) 907 usbd_abort_pipe(sc->sc_opipe); 908 } 909 910 void 911 uhidev_close(struct uhidev *scd) 912 { 913 struct uhidev_softc *sc = scd->sc_parent; 914 915 mutex_enter(&sc->sc_lock); 916 917 DPRINTF(("uhidev_close(%s, report %d = %s): state=%x refcnt=%d\n", 918 device_xname(sc->sc_dev), 919 scd->sc_report_id, 920 device_xname(scd->sc_dev), 921 scd->sc_state, 922 sc->sc_refcnt)); 923 924 KASSERTMSG(scd->sc_state & UHIDEV_OPEN, 925 "%s: report id %d: unpaired close", 926 device_xname(sc->sc_dev), scd->sc_report_id); 927 uhidev_close_pipes(sc); 928 KASSERTMSG(scd->sc_state & UHIDEV_OPEN, 929 "%s: report id %d: closed while closing", 930 device_xname(sc->sc_dev), scd->sc_report_id); 931 scd->sc_state &= ~UHIDEV_OPEN; 932 933 mutex_exit(&sc->sc_lock); 934 } 935 936 usbd_status 937 uhidev_set_report(struct uhidev *scd, int type, void *data, int len) 938 { 939 char *buf; 940 usbd_status retstat; 941 942 if (scd->sc_report_id == 0) 943 return usbd_set_report(scd->sc_parent->sc_iface, type, 944 scd->sc_report_id, data, len); 945 946 buf = kmem_alloc(len + 1, KM_SLEEP); 947 buf[0] = scd->sc_report_id; 948 memcpy(buf+1, data, len); 949 950 retstat = usbd_set_report(scd->sc_parent->sc_iface, type, 951 scd->sc_report_id, buf, len + 1); 952 953 kmem_free(buf, len + 1); 954 955 return retstat; 956 } 957 958 usbd_status 959 uhidev_get_report(struct uhidev *scd, int type, void *data, int len) 960 { 961 return usbd_get_report(scd->sc_parent->sc_iface, type, 962 scd->sc_report_id, data, len); 963 } 964 965 usbd_status 966 uhidev_write(struct uhidev_softc *sc, void *data, int len) 967 { 968 usbd_status err; 969 970 DPRINTF(("uhidev_write: data=%p, len=%d\n", data, len)); 971 972 if (sc->sc_opipe == NULL) 973 return USBD_INVAL; 974 975 mutex_enter(&sc->sc_lock); 976 KASSERT(sc->sc_refcnt); 977 for (;;) { 978 if (sc->sc_dying) { 979 err = USBD_IOERROR; 980 goto out; 981 } 982 if (sc->sc_writelock == NULL) 983 break; 984 if (cv_wait_sig(&sc->sc_cv, &sc->sc_lock)) { 985 err = USBD_INTERRUPTED; 986 goto out; 987 } 988 } 989 sc->sc_writelock = curlwp; 990 mutex_exit(&sc->sc_lock); 991 992 #ifdef UHIDEV_DEBUG 993 if (uhidevdebug > 50) { 994 995 uint32_t i; 996 uint8_t *d = data; 997 998 DPRINTF(("uhidev_write: data =")); 999 for (i = 0; i < len; i++) 1000 DPRINTF((" %02x", d[i])); 1001 DPRINTF(("\n")); 1002 } 1003 #endif 1004 err = usbd_intr_transfer(sc->sc_oxfer, sc->sc_opipe, 0, 1005 USBD_NO_TIMEOUT, data, &len); 1006 1007 mutex_enter(&sc->sc_lock); 1008 KASSERT(sc->sc_refcnt); 1009 KASSERTMSG(sc->sc_writelock == curlwp, "%s: migrated from %p to %p", 1010 device_xname(sc->sc_dev), curlwp, sc->sc_writelock); 1011 sc->sc_writelock = NULL; 1012 cv_broadcast(&sc->sc_cv); 1013 out: mutex_exit(&sc->sc_lock); 1014 return err; 1015 } 1016
Indexes created Mon Sep 29 03:10:08 GMT 2025