1 /*
2 * HID support for Linux
3 *
4 * Copyright (c) 1999 Andreas Gal
5 * Copyright (c) 2000-2005 Vojtech Pavlik <vojtech@suse.cz>
6 * Copyright (c) 2005 Michael Haboustak <mike-@cinci.rr.com> for Concept2, Inc
7 * Copyright (c) 2006-2012 Jiri Kosina
8 */
9
10 /*
11 * This program is free software; you can redistribute it and/or modify it
12 * under the terms of the GNU General Public License as published by the Free
13 * Software Foundation; either version 2 of the License, or (at your option)
14 * any later version.
15 */
16
17 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
18
19 #include <linux/module.h>
20 #include <linux/slab.h>
21 #include <linux/init.h>
22 #include <linux/kernel.h>
23 #include <linux/list.h>
24 #include <linux/mm.h>
25 #include <linux/spinlock.h>
26 #include <asm/unaligned.h>
27 #include <asm/byteorder.h>
28 #include <linux/input.h>
29 #include <linux/wait.h>
30 #include <linux/vmalloc.h>
31 #include <linux/sched.h>
32 #include <linux/semaphore.h>
33
34 #include <linux/hid.h>
35 #include <linux/hiddev.h>
36 #include <linux/hid-debug.h>
37 #include <linux/hidraw.h>
38
39 #include "hid-ids.h"
40
41 /*
42 * Version Information
43 */
44
45 #define DRIVER_DESC "HID core driver"
46
47 int hid_debug = 0;
48 module_param_named(debug, hid_debug, int, 0600);
49 MODULE_PARM_DESC(debug, "toggle HID debugging messages");
50 EXPORT_SYMBOL_GPL(hid_debug);
51
52 static int hid_ignore_special_drivers = 0;
53 module_param_named(ignore_special_drivers, hid_ignore_special_drivers, int, 0600);
54 MODULE_PARM_DESC(ignore_special_drivers, "Ignore any special drivers and handle all devices by generic driver");
55
56 /*
57 * Register a new report for a device.
58 */
59
hid_register_report(struct hid_device * device,unsigned int type,unsigned int id,unsigned int application)60 struct hid_report *hid_register_report(struct hid_device *device,
61 unsigned int type, unsigned int id,
62 unsigned int application)
63 {
64 struct hid_report_enum *report_enum = device->report_enum + type;
65 struct hid_report *report;
66
67 if (id >= HID_MAX_IDS)
68 return NULL;
69 if (report_enum->report_id_hash[id])
70 return report_enum->report_id_hash[id];
71
72 report = kzalloc(sizeof(struct hid_report), GFP_KERNEL);
73 if (!report)
74 return NULL;
75
76 if (id != 0)
77 report_enum->numbered = 1;
78
79 report->id = id;
80 report->type = type;
81 report->size = 0;
82 report->device = device;
83 report->application = application;
84 report_enum->report_id_hash[id] = report;
85
86 list_add_tail(&report->list, &report_enum->report_list);
87
88 return report;
89 }
90 EXPORT_SYMBOL_GPL(hid_register_report);
91
92 /*
93 * Register a new field for this report.
94 */
95
hid_register_field(struct hid_report * report,unsigned usages)96 static struct hid_field *hid_register_field(struct hid_report *report, unsigned usages)
97 {
98 struct hid_field *field;
99
100 if (report->maxfield == HID_MAX_FIELDS) {
101 hid_err(report->device, "too many fields in report\n");
102 return NULL;
103 }
104
105 field = kzalloc((sizeof(struct hid_field) +
106 usages * sizeof(struct hid_usage) +
107 usages * sizeof(unsigned)), GFP_KERNEL);
108 if (!field)
109 return NULL;
110
111 field->index = report->maxfield++;
112 report->field[field->index] = field;
113 field->usage = (struct hid_usage *)(field + 1);
114 field->value = (s32 *)(field->usage + usages);
115 field->report = report;
116
117 return field;
118 }
119
120 /*
121 * Open a collection. The type/usage is pushed on the stack.
122 */
123
open_collection(struct hid_parser * parser,unsigned type)124 static int open_collection(struct hid_parser *parser, unsigned type)
125 {
126 struct hid_collection *collection;
127 unsigned usage;
128
129 usage = parser->local.usage[0];
130
131 if (parser->collection_stack_ptr == parser->collection_stack_size) {
132 unsigned int *collection_stack;
133 unsigned int new_size = parser->collection_stack_size +
134 HID_COLLECTION_STACK_SIZE;
135
136 collection_stack = krealloc(parser->collection_stack,
137 new_size * sizeof(unsigned int),
138 GFP_KERNEL);
139 if (!collection_stack)
140 return -ENOMEM;
141
142 parser->collection_stack = collection_stack;
143 parser->collection_stack_size = new_size;
144 }
145
146 if (parser->device->maxcollection == parser->device->collection_size) {
147 collection = kmalloc(
148 array3_size(sizeof(struct hid_collection),
149 parser->device->collection_size,
150 2),
151 GFP_KERNEL);
152 if (collection == NULL) {
153 hid_err(parser->device, "failed to reallocate collection array\n");
154 return -ENOMEM;
155 }
156 memcpy(collection, parser->device->collection,
157 sizeof(struct hid_collection) *
158 parser->device->collection_size);
159 memset(collection + parser->device->collection_size, 0,
160 sizeof(struct hid_collection) *
161 parser->device->collection_size);
162 kfree(parser->device->collection);
163 parser->device->collection = collection;
164 parser->device->collection_size *= 2;
165 }
166
167 parser->collection_stack[parser->collection_stack_ptr++] =
168 parser->device->maxcollection;
169
170 collection = parser->device->collection +
171 parser->device->maxcollection++;
172 collection->type = type;
173 collection->usage = usage;
174 collection->level = parser->collection_stack_ptr - 1;
175
176 if (type == HID_COLLECTION_APPLICATION)
177 parser->device->maxapplication++;
178
179 return 0;
180 }
181
182 /*
183 * Close a collection.
184 */
185
close_collection(struct hid_parser * parser)186 static int close_collection(struct hid_parser *parser)
187 {
188 if (!parser->collection_stack_ptr) {
189 hid_err(parser->device, "collection stack underflow\n");
190 return -EINVAL;
191 }
192 parser->collection_stack_ptr--;
193 return 0;
194 }
195
196 /*
197 * Climb up the stack, search for the specified collection type
198 * and return the usage.
199 */
200
hid_lookup_collection(struct hid_parser * parser,unsigned type)201 static unsigned hid_lookup_collection(struct hid_parser *parser, unsigned type)
202 {
203 struct hid_collection *collection = parser->device->collection;
204 int n;
205
206 for (n = parser->collection_stack_ptr - 1; n >= 0; n--) {
207 unsigned index = parser->collection_stack[n];
208 if (collection[index].type == type)
209 return collection[index].usage;
210 }
211 return 0; /* we know nothing about this usage type */
212 }
213
214 /*
215 * Concatenate usage which defines 16 bits or less with the
216 * currently defined usage page to form a 32 bit usage
217 */
218
complete_usage(struct hid_parser * parser,unsigned int index)219 static void complete_usage(struct hid_parser *parser, unsigned int index)
220 {
221 parser->local.usage[index] &= 0xFFFF;
222 parser->local.usage[index] |=
223 (parser->global.usage_page & 0xFFFF) << 16;
224 }
225
226 /*
227 * Add a usage to the temporary parser table.
228 */
229
hid_add_usage(struct hid_parser * parser,unsigned usage,u8 size)230 static int hid_add_usage(struct hid_parser *parser, unsigned usage, u8 size)
231 {
232 if (parser->local.usage_index >= HID_MAX_USAGES) {
233 hid_err(parser->device, "usage index exceeded\n");
234 return -1;
235 }
236 parser->local.usage[parser->local.usage_index] = usage;
237
238 /*
239 * If Usage item only includes usage id, concatenate it with
240 * currently defined usage page
241 */
242 if (size <= 2)
243 complete_usage(parser, parser->local.usage_index);
244
245 parser->local.usage_size[parser->local.usage_index] = size;
246 parser->local.collection_index[parser->local.usage_index] =
247 parser->collection_stack_ptr ?
248 parser->collection_stack[parser->collection_stack_ptr - 1] : 0;
249 parser->local.usage_index++;
250 return 0;
251 }
252
253 /*
254 * Register a new field for this report.
255 */
256
hid_add_field(struct hid_parser * parser,unsigned report_type,unsigned flags)257 static int hid_add_field(struct hid_parser *parser, unsigned report_type, unsigned flags)
258 {
259 struct hid_report *report;
260 struct hid_field *field;
261 unsigned int max_buffer_size = HID_MAX_BUFFER_SIZE;
262 unsigned int usages;
263 unsigned int offset;
264 unsigned int i;
265 unsigned int application;
266
267 application = hid_lookup_collection(parser, HID_COLLECTION_APPLICATION);
268
269 report = hid_register_report(parser->device, report_type,
270 parser->global.report_id, application);
271 if (!report) {
272 hid_err(parser->device, "hid_register_report failed\n");
273 return -1;
274 }
275
276 /* Handle both signed and unsigned cases properly */
277 if ((parser->global.logical_minimum < 0 &&
278 parser->global.logical_maximum <
279 parser->global.logical_minimum) ||
280 (parser->global.logical_minimum >= 0 &&
281 (__u32)parser->global.logical_maximum <
282 (__u32)parser->global.logical_minimum)) {
283 dbg_hid("logical range invalid 0x%x 0x%x\n",
284 parser->global.logical_minimum,
285 parser->global.logical_maximum);
286 return -1;
287 }
288
289 offset = report->size;
290 report->size += parser->global.report_size * parser->global.report_count;
291
292 if (parser->device->ll_driver->max_buffer_size)
293 max_buffer_size = parser->device->ll_driver->max_buffer_size;
294
295 /* Total size check: Allow for possible report index byte */
296 if (report->size > (max_buffer_size - 1) << 3) {
297 hid_err(parser->device, "report is too long\n");
298 return -1;
299 }
300
301 if (!parser->local.usage_index) /* Ignore padding fields */
302 return 0;
303
304 usages = max_t(unsigned, parser->local.usage_index,
305 parser->global.report_count);
306
307 field = hid_register_field(report, usages);
308 if (!field)
309 return 0;
310
311 field->physical = hid_lookup_collection(parser, HID_COLLECTION_PHYSICAL);
312 field->logical = hid_lookup_collection(parser, HID_COLLECTION_LOGICAL);
313 field->application = application;
314
315 for (i = 0; i < usages; i++) {
316 unsigned j = i;
317 /* Duplicate the last usage we parsed if we have excess values */
318 if (i >= parser->local.usage_index)
319 j = parser->local.usage_index - 1;
320 field->usage[i].hid = parser->local.usage[j];
321 field->usage[i].collection_index =
322 parser->local.collection_index[j];
323 field->usage[i].usage_index = i;
324 }
325
326 field->maxusage = usages;
327 field->flags = flags;
328 field->report_offset = offset;
329 field->report_type = report_type;
330 field->report_size = parser->global.report_size;
331 field->report_count = parser->global.report_count;
332 field->logical_minimum = parser->global.logical_minimum;
333 field->logical_maximum = parser->global.logical_maximum;
334 field->physical_minimum = parser->global.physical_minimum;
335 field->physical_maximum = parser->global.physical_maximum;
336 field->unit_exponent = parser->global.unit_exponent;
337 field->unit = parser->global.unit;
338
339 return 0;
340 }
341
342 /*
343 * Read data value from item.
344 */
345
item_udata(struct hid_item * item)346 static u32 item_udata(struct hid_item *item)
347 {
348 switch (item->size) {
349 case 1: return item->data.u8;
350 case 2: return item->data.u16;
351 case 4: return item->data.u32;
352 }
353 return 0;
354 }
355
item_sdata(struct hid_item * item)356 static s32 item_sdata(struct hid_item *item)
357 {
358 switch (item->size) {
359 case 1: return item->data.s8;
360 case 2: return item->data.s16;
361 case 4: return item->data.s32;
362 }
363 return 0;
364 }
365
366 /*
367 * Process a global item.
368 */
369
hid_parser_global(struct hid_parser * parser,struct hid_item * item)370 static int hid_parser_global(struct hid_parser *parser, struct hid_item *item)
371 {
372 __s32 raw_value;
373 switch (item->tag) {
374 case HID_GLOBAL_ITEM_TAG_PUSH:
375
376 if (parser->global_stack_ptr == HID_GLOBAL_STACK_SIZE) {
377 hid_err(parser->device, "global environment stack overflow\n");
378 return -1;
379 }
380
381 memcpy(parser->global_stack + parser->global_stack_ptr++,
382 &parser->global, sizeof(struct hid_global));
383 return 0;
384
385 case HID_GLOBAL_ITEM_TAG_POP:
386
387 if (!parser->global_stack_ptr) {
388 hid_err(parser->device, "global environment stack underflow\n");
389 return -1;
390 }
391
392 memcpy(&parser->global, parser->global_stack +
393 --parser->global_stack_ptr, sizeof(struct hid_global));
394 return 0;
395
396 case HID_GLOBAL_ITEM_TAG_USAGE_PAGE:
397 parser->global.usage_page = item_udata(item);
398 return 0;
399
400 case HID_GLOBAL_ITEM_TAG_LOGICAL_MINIMUM:
401 parser->global.logical_minimum = item_sdata(item);
402 return 0;
403
404 case HID_GLOBAL_ITEM_TAG_LOGICAL_MAXIMUM:
405 if (parser->global.logical_minimum < 0)
406 parser->global.logical_maximum = item_sdata(item);
407 else
408 parser->global.logical_maximum = item_udata(item);
409 return 0;
410
411 case HID_GLOBAL_ITEM_TAG_PHYSICAL_MINIMUM:
412 parser->global.physical_minimum = item_sdata(item);
413 return 0;
414
415 case HID_GLOBAL_ITEM_TAG_PHYSICAL_MAXIMUM:
416 if (parser->global.physical_minimum < 0)
417 parser->global.physical_maximum = item_sdata(item);
418 else
419 parser->global.physical_maximum = item_udata(item);
420 return 0;
421
422 case HID_GLOBAL_ITEM_TAG_UNIT_EXPONENT:
423 /* Many devices provide unit exponent as a two's complement
424 * nibble due to the common misunderstanding of HID
425 * specification 1.11, 6.2.2.7 Global Items. Attempt to handle
426 * both this and the standard encoding. */
427 raw_value = item_sdata(item);
428 if (!(raw_value & 0xfffffff0))
429 parser->global.unit_exponent = hid_snto32(raw_value, 4);
430 else
431 parser->global.unit_exponent = raw_value;
432 return 0;
433
434 case HID_GLOBAL_ITEM_TAG_UNIT:
435 parser->global.unit = item_udata(item);
436 return 0;
437
438 case HID_GLOBAL_ITEM_TAG_REPORT_SIZE:
439 parser->global.report_size = item_udata(item);
440 if (parser->global.report_size > 128) {
441 hid_err(parser->device, "invalid report_size %d\n",
442 parser->global.report_size);
443 return -1;
444 }
445 return 0;
446
447 case HID_GLOBAL_ITEM_TAG_REPORT_COUNT:
448 parser->global.report_count = item_udata(item);
449 if (parser->global.report_count > HID_MAX_USAGES) {
450 hid_err(parser->device, "invalid report_count %d\n",
451 parser->global.report_count);
452 return -1;
453 }
454 return 0;
455
456 case HID_GLOBAL_ITEM_TAG_REPORT_ID:
457 parser->global.report_id = item_udata(item);
458 if (parser->global.report_id == 0 ||
459 parser->global.report_id >= HID_MAX_IDS) {
460 hid_err(parser->device, "report_id %u is invalid\n",
461 parser->global.report_id);
462 return -1;
463 }
464 return 0;
465
466 default:
467 hid_err(parser->device, "unknown global tag 0x%x\n", item->tag);
468 return -1;
469 }
470 }
471
472 /*
473 * Process a local item.
474 */
475
hid_parser_local(struct hid_parser * parser,struct hid_item * item)476 static int hid_parser_local(struct hid_parser *parser, struct hid_item *item)
477 {
478 __u32 data;
479 unsigned n;
480 __u32 count;
481
482 data = item_udata(item);
483
484 switch (item->tag) {
485 case HID_LOCAL_ITEM_TAG_DELIMITER:
486
487 if (data) {
488 /*
489 * We treat items before the first delimiter
490 * as global to all usage sets (branch 0).
491 * In the moment we process only these global
492 * items and the first delimiter set.
493 */
494 if (parser->local.delimiter_depth != 0) {
495 hid_err(parser->device, "nested delimiters\n");
496 return -1;
497 }
498 parser->local.delimiter_depth++;
499 parser->local.delimiter_branch++;
500 } else {
501 if (parser->local.delimiter_depth < 1) {
502 hid_err(parser->device, "bogus close delimiter\n");
503 return -1;
504 }
505 parser->local.delimiter_depth--;
506 }
507 return 0;
508
509 case HID_LOCAL_ITEM_TAG_USAGE:
510
511 if (parser->local.delimiter_branch > 1) {
512 dbg_hid("alternative usage ignored\n");
513 return 0;
514 }
515
516 return hid_add_usage(parser, data, item->size);
517
518 case HID_LOCAL_ITEM_TAG_USAGE_MINIMUM:
519
520 if (parser->local.delimiter_branch > 1) {
521 dbg_hid("alternative usage ignored\n");
522 return 0;
523 }
524
525 parser->local.usage_minimum = data;
526 return 0;
527
528 case HID_LOCAL_ITEM_TAG_USAGE_MAXIMUM:
529
530 if (parser->local.delimiter_branch > 1) {
531 dbg_hid("alternative usage ignored\n");
532 return 0;
533 }
534
535 count = data - parser->local.usage_minimum;
536 if (count + parser->local.usage_index >= HID_MAX_USAGES) {
537 /*
538 * We do not warn if the name is not set, we are
539 * actually pre-scanning the device.
540 */
541 if (dev_name(&parser->device->dev))
542 hid_warn(parser->device,
543 "ignoring exceeding usage max\n");
544 data = HID_MAX_USAGES - parser->local.usage_index +
545 parser->local.usage_minimum - 1;
546 if (data <= 0) {
547 hid_err(parser->device,
548 "no more usage index available\n");
549 return -1;
550 }
551 }
552
553 for (n = parser->local.usage_minimum; n <= data; n++)
554 if (hid_add_usage(parser, n, item->size)) {
555 dbg_hid("hid_add_usage failed\n");
556 return -1;
557 }
558 return 0;
559
560 default:
561
562 dbg_hid("unknown local item tag 0x%x\n", item->tag);
563 return 0;
564 }
565 return 0;
566 }
567
568 /*
569 * Concatenate Usage Pages into Usages where relevant:
570 * As per specification, 6.2.2.8: "When the parser encounters a main item it
571 * concatenates the last declared Usage Page with a Usage to form a complete
572 * usage value."
573 */
574
hid_concatenate_last_usage_page(struct hid_parser * parser)575 static void hid_concatenate_last_usage_page(struct hid_parser *parser)
576 {
577 int i;
578 unsigned int usage_page;
579 unsigned int current_page;
580
581 if (!parser->local.usage_index)
582 return;
583
584 usage_page = parser->global.usage_page;
585
586 /*
587 * Concatenate usage page again only if last declared Usage Page
588 * has not been already used in previous usages concatenation
589 */
590 for (i = parser->local.usage_index - 1; i >= 0; i--) {
591 if (parser->local.usage_size[i] > 2)
592 /* Ignore extended usages */
593 continue;
594
595 current_page = parser->local.usage[i] >> 16;
596 if (current_page == usage_page)
597 break;
598
599 complete_usage(parser, i);
600 }
601 }
602
603 /*
604 * Process a main item.
605 */
606
hid_parser_main(struct hid_parser * parser,struct hid_item * item)607 static int hid_parser_main(struct hid_parser *parser, struct hid_item *item)
608 {
609 __u32 data;
610 int ret;
611
612 hid_concatenate_last_usage_page(parser);
613
614 data = item_udata(item);
615
616 switch (item->tag) {
617 case HID_MAIN_ITEM_TAG_BEGIN_COLLECTION:
618 ret = open_collection(parser, data & 0xff);
619 break;
620 case HID_MAIN_ITEM_TAG_END_COLLECTION:
621 ret = close_collection(parser);
622 break;
623 case HID_MAIN_ITEM_TAG_INPUT:
624 ret = hid_add_field(parser, HID_INPUT_REPORT, data);
625 break;
626 case HID_MAIN_ITEM_TAG_OUTPUT:
627 ret = hid_add_field(parser, HID_OUTPUT_REPORT, data);
628 break;
629 case HID_MAIN_ITEM_TAG_FEATURE:
630 ret = hid_add_field(parser, HID_FEATURE_REPORT, data);
631 break;
632 default:
633 hid_warn(parser->device, "unknown main item tag 0x%x\n", item->tag);
634 ret = 0;
635 }
636
637 memset(&parser->local, 0, sizeof(parser->local)); /* Reset the local parser environment */
638
639 return ret;
640 }
641
642 /*
643 * Process a reserved item.
644 */
645
hid_parser_reserved(struct hid_parser * parser,struct hid_item * item)646 static int hid_parser_reserved(struct hid_parser *parser, struct hid_item *item)
647 {
648 dbg_hid("reserved item type, tag 0x%x\n", item->tag);
649 return 0;
650 }
651
652 /*
653 * Free a report and all registered fields. The field->usage and
654 * field->value table's are allocated behind the field, so we need
655 * only to free(field) itself.
656 */
657
hid_free_report(struct hid_report * report)658 static void hid_free_report(struct hid_report *report)
659 {
660 unsigned n;
661
662 for (n = 0; n < report->maxfield; n++)
663 kfree(report->field[n]);
664 kfree(report);
665 }
666
667 /*
668 * Close report. This function returns the device
669 * state to the point prior to hid_open_report().
670 */
hid_close_report(struct hid_device * device)671 static void hid_close_report(struct hid_device *device)
672 {
673 unsigned i, j;
674
675 for (i = 0; i < HID_REPORT_TYPES; i++) {
676 struct hid_report_enum *report_enum = device->report_enum + i;
677
678 for (j = 0; j < HID_MAX_IDS; j++) {
679 struct hid_report *report = report_enum->report_id_hash[j];
680 if (report)
681 hid_free_report(report);
682 }
683 memset(report_enum, 0, sizeof(*report_enum));
684 INIT_LIST_HEAD(&report_enum->report_list);
685 }
686
687 kfree(device->rdesc);
688 device->rdesc = NULL;
689 device->rsize = 0;
690
691 kfree(device->collection);
692 device->collection = NULL;
693 device->collection_size = 0;
694 device->maxcollection = 0;
695 device->maxapplication = 0;
696
697 device->status &= ~HID_STAT_PARSED;
698 }
699
700 /*
701 * Free a device structure, all reports, and all fields.
702 */
703
hid_device_release(struct device * dev)704 static void hid_device_release(struct device *dev)
705 {
706 struct hid_device *hid = to_hid_device(dev);
707
708 hid_close_report(hid);
709 kfree(hid->dev_rdesc);
710 kfree(hid);
711 }
712
713 /*
714 * Fetch a report description item from the data stream. We support long
715 * items, though they are not used yet.
716 */
717
fetch_item(__u8 * start,__u8 * end,struct hid_item * item)718 static u8 *fetch_item(__u8 *start, __u8 *end, struct hid_item *item)
719 {
720 u8 b;
721
722 if ((end - start) <= 0)
723 return NULL;
724
725 b = *start++;
726
727 item->type = (b >> 2) & 3;
728 item->tag = (b >> 4) & 15;
729
730 if (item->tag == HID_ITEM_TAG_LONG) {
731
732 item->format = HID_ITEM_FORMAT_LONG;
733
734 if ((end - start) < 2)
735 return NULL;
736
737 item->size = *start++;
738 item->tag = *start++;
739
740 if ((end - start) < item->size)
741 return NULL;
742
743 item->data.longdata = start;
744 start += item->size;
745 return start;
746 }
747
748 item->format = HID_ITEM_FORMAT_SHORT;
749 item->size = b & 3;
750
751 switch (item->size) {
752 case 0:
753 return start;
754
755 case 1:
756 if ((end - start) < 1)
757 return NULL;
758 item->data.u8 = *start++;
759 return start;
760
761 case 2:
762 if ((end - start) < 2)
763 return NULL;
764 item->data.u16 = get_unaligned_le16(start);
765 start = (__u8 *)((__le16 *)start + 1);
766 return start;
767
768 case 3:
769 item->size++;
770 if ((end - start) < 4)
771 return NULL;
772 item->data.u32 = get_unaligned_le32(start);
773 start = (__u8 *)((__le32 *)start + 1);
774 return start;
775 }
776
777 return NULL;
778 }
779
hid_scan_input_usage(struct hid_parser * parser,u32 usage)780 static void hid_scan_input_usage(struct hid_parser *parser, u32 usage)
781 {
782 struct hid_device *hid = parser->device;
783
784 if (usage == HID_DG_CONTACTID)
785 hid->group = HID_GROUP_MULTITOUCH;
786 }
787
hid_scan_feature_usage(struct hid_parser * parser,u32 usage)788 static void hid_scan_feature_usage(struct hid_parser *parser, u32 usage)
789 {
790 if (usage == 0xff0000c5 && parser->global.report_count == 256 &&
791 parser->global.report_size == 8)
792 parser->scan_flags |= HID_SCAN_FLAG_MT_WIN_8;
793
794 if (usage == 0xff0000c6 && parser->global.report_count == 1 &&
795 parser->global.report_size == 8)
796 parser->scan_flags |= HID_SCAN_FLAG_MT_WIN_8;
797 }
798
hid_scan_collection(struct hid_parser * parser,unsigned type)799 static void hid_scan_collection(struct hid_parser *parser, unsigned type)
800 {
801 struct hid_device *hid = parser->device;
802 int i;
803
804 if (((parser->global.usage_page << 16) == HID_UP_SENSOR) &&
805 type == HID_COLLECTION_PHYSICAL)
806 hid->group = HID_GROUP_SENSOR_HUB;
807
808 if (hid->vendor == USB_VENDOR_ID_MICROSOFT &&
809 hid->product == USB_DEVICE_ID_MS_POWER_COVER &&
810 hid->group == HID_GROUP_MULTITOUCH)
811 hid->group = HID_GROUP_GENERIC;
812
813 if ((parser->global.usage_page << 16) == HID_UP_GENDESK)
814 for (i = 0; i < parser->local.usage_index; i++)
815 if (parser->local.usage[i] == HID_GD_POINTER)
816 parser->scan_flags |= HID_SCAN_FLAG_GD_POINTER;
817
818 if ((parser->global.usage_page << 16) >= HID_UP_MSVENDOR)
819 parser->scan_flags |= HID_SCAN_FLAG_VENDOR_SPECIFIC;
820 }
821
hid_scan_main(struct hid_parser * parser,struct hid_item * item)822 static int hid_scan_main(struct hid_parser *parser, struct hid_item *item)
823 {
824 __u32 data;
825 int i;
826
827 hid_concatenate_last_usage_page(parser);
828
829 data = item_udata(item);
830
831 switch (item->tag) {
832 case HID_MAIN_ITEM_TAG_BEGIN_COLLECTION:
833 hid_scan_collection(parser, data & 0xff);
834 break;
835 case HID_MAIN_ITEM_TAG_END_COLLECTION:
836 break;
837 case HID_MAIN_ITEM_TAG_INPUT:
838 /* ignore constant inputs, they will be ignored by hid-input */
839 if (data & HID_MAIN_ITEM_CONSTANT)
840 break;
841 for (i = 0; i < parser->local.usage_index; i++)
842 hid_scan_input_usage(parser, parser->local.usage[i]);
843 break;
844 case HID_MAIN_ITEM_TAG_OUTPUT:
845 break;
846 case HID_MAIN_ITEM_TAG_FEATURE:
847 for (i = 0; i < parser->local.usage_index; i++)
848 hid_scan_feature_usage(parser, parser->local.usage[i]);
849 break;
850 }
851
852 /* Reset the local parser environment */
853 memset(&parser->local, 0, sizeof(parser->local));
854
855 return 0;
856 }
857
858 /*
859 * Scan a report descriptor before the device is added to the bus.
860 * Sets device groups and other properties that determine what driver
861 * to load.
862 */
hid_scan_report(struct hid_device * hid)863 static int hid_scan_report(struct hid_device *hid)
864 {
865 struct hid_parser *parser;
866 struct hid_item item;
867 __u8 *start = hid->dev_rdesc;
868 __u8 *end = start + hid->dev_rsize;
869 static int (*dispatch_type[])(struct hid_parser *parser,
870 struct hid_item *item) = {
871 hid_scan_main,
872 hid_parser_global,
873 hid_parser_local,
874 hid_parser_reserved
875 };
876
877 parser = vzalloc(sizeof(struct hid_parser));
878 if (!parser)
879 return -ENOMEM;
880
881 parser->device = hid;
882 hid->group = HID_GROUP_GENERIC;
883
884 /*
885 * The parsing is simpler than the one in hid_open_report() as we should
886 * be robust against hid errors. Those errors will be raised by
887 * hid_open_report() anyway.
888 */
889 while ((start = fetch_item(start, end, &item)) != NULL)
890 dispatch_type[item.type](parser, &item);
891
892 /*
893 * Handle special flags set during scanning.
894 */
895 if ((parser->scan_flags & HID_SCAN_FLAG_MT_WIN_8) &&
896 (hid->group == HID_GROUP_MULTITOUCH))
897 hid->group = HID_GROUP_MULTITOUCH_WIN_8;
898
899 /*
900 * Vendor specific handlings
901 */
902 switch (hid->vendor) {
903 case USB_VENDOR_ID_WACOM:
904 hid->group = HID_GROUP_WACOM;
905 break;
906 case USB_VENDOR_ID_SYNAPTICS:
907 if (hid->group == HID_GROUP_GENERIC)
908 if ((parser->scan_flags & HID_SCAN_FLAG_VENDOR_SPECIFIC)
909 && (parser->scan_flags & HID_SCAN_FLAG_GD_POINTER))
910 /*
911 * hid-rmi should take care of them,
912 * not hid-generic
913 */
914 hid->group = HID_GROUP_RMI;
915 break;
916 }
917
918 kfree(parser->collection_stack);
919 vfree(parser);
920 return 0;
921 }
922
923 /**
924 * hid_parse_report - parse device report
925 *
926 * @device: hid device
927 * @start: report start
928 * @size: report size
929 *
930 * Allocate the device report as read by the bus driver. This function should
931 * only be called from parse() in ll drivers.
932 */
hid_parse_report(struct hid_device * hid,__u8 * start,unsigned size)933 int hid_parse_report(struct hid_device *hid, __u8 *start, unsigned size)
934 {
935 hid->dev_rdesc = kmemdup(start, size, GFP_KERNEL);
936 if (!hid->dev_rdesc)
937 return -ENOMEM;
938 hid->dev_rsize = size;
939 return 0;
940 }
941 EXPORT_SYMBOL_GPL(hid_parse_report);
942
943 static const char * const hid_report_names[] = {
944 "HID_INPUT_REPORT",
945 "HID_OUTPUT_REPORT",
946 "HID_FEATURE_REPORT",
947 };
948 /**
949 * hid_validate_values - validate existing device report's value indexes
950 *
951 * @device: hid device
952 * @type: which report type to examine
953 * @id: which report ID to examine (0 for first)
954 * @field_index: which report field to examine
955 * @report_counts: expected number of values
956 *
957 * Validate the number of values in a given field of a given report, after
958 * parsing.
959 */
hid_validate_values(struct hid_device * hid,unsigned int type,unsigned int id,unsigned int field_index,unsigned int report_counts)960 struct hid_report *hid_validate_values(struct hid_device *hid,
961 unsigned int type, unsigned int id,
962 unsigned int field_index,
963 unsigned int report_counts)
964 {
965 struct hid_report *report;
966
967 if (type > HID_FEATURE_REPORT) {
968 hid_err(hid, "invalid HID report type %u\n", type);
969 return NULL;
970 }
971
972 if (id >= HID_MAX_IDS) {
973 hid_err(hid, "invalid HID report id %u\n", id);
974 return NULL;
975 }
976
977 /*
978 * Explicitly not using hid_get_report() here since it depends on
979 * ->numbered being checked, which may not always be the case when
980 * drivers go to access report values.
981 */
982 if (id == 0) {
983 /*
984 * Validating on id 0 means we should examine the first
985 * report in the list.
986 */
987 report = list_first_entry_or_null(
988 &hid->report_enum[type].report_list,
989 struct hid_report, list);
990 } else {
991 report = hid->report_enum[type].report_id_hash[id];
992 }
993 if (!report) {
994 hid_err(hid, "missing %s %u\n", hid_report_names[type], id);
995 return NULL;
996 }
997 if (report->maxfield <= field_index) {
998 hid_err(hid, "not enough fields in %s %u\n",
999 hid_report_names[type], id);
1000 return NULL;
1001 }
1002 if (report->field[field_index]->report_count < report_counts) {
1003 hid_err(hid, "not enough values in %s %u field %u\n",
1004 hid_report_names[type], id, field_index);
1005 return NULL;
1006 }
1007 return report;
1008 }
1009 EXPORT_SYMBOL_GPL(hid_validate_values);
1010
1011 /**
1012 * hid_open_report - open a driver-specific device report
1013 *
1014 * @device: hid device
1015 *
1016 * Parse a report description into a hid_device structure. Reports are
1017 * enumerated, fields are attached to these reports.
1018 * 0 returned on success, otherwise nonzero error value.
1019 *
1020 * This function (or the equivalent hid_parse() macro) should only be
1021 * called from probe() in drivers, before starting the device.
1022 */
hid_open_report(struct hid_device * device)1023 int hid_open_report(struct hid_device *device)
1024 {
1025 struct hid_parser *parser;
1026 struct hid_item item;
1027 unsigned int size;
1028 __u8 *start;
1029 __u8 *buf;
1030 __u8 *end;
1031 __u8 *next;
1032 int ret;
1033 static int (*dispatch_type[])(struct hid_parser *parser,
1034 struct hid_item *item) = {
1035 hid_parser_main,
1036 hid_parser_global,
1037 hid_parser_local,
1038 hid_parser_reserved
1039 };
1040
1041 if (WARN_ON(device->status & HID_STAT_PARSED))
1042 return -EBUSY;
1043
1044 start = device->dev_rdesc;
1045 if (WARN_ON(!start))
1046 return -ENODEV;
1047 size = device->dev_rsize;
1048
1049 buf = kmemdup(start, size, GFP_KERNEL);
1050 if (buf == NULL)
1051 return -ENOMEM;
1052
1053 if (device->driver->report_fixup)
1054 start = device->driver->report_fixup(device, buf, &size);
1055 else
1056 start = buf;
1057
1058 start = kmemdup(start, size, GFP_KERNEL);
1059 kfree(buf);
1060 if (start == NULL)
1061 return -ENOMEM;
1062
1063 device->rdesc = start;
1064 device->rsize = size;
1065
1066 parser = vzalloc(sizeof(struct hid_parser));
1067 if (!parser) {
1068 ret = -ENOMEM;
1069 goto alloc_err;
1070 }
1071
1072 parser->device = device;
1073
1074 end = start + size;
1075
1076 device->collection = kcalloc(HID_DEFAULT_NUM_COLLECTIONS,
1077 sizeof(struct hid_collection), GFP_KERNEL);
1078 if (!device->collection) {
1079 ret = -ENOMEM;
1080 goto err;
1081 }
1082 device->collection_size = HID_DEFAULT_NUM_COLLECTIONS;
1083
1084 ret = -EINVAL;
1085 while ((next = fetch_item(start, end, &item)) != NULL) {
1086 start = next;
1087
1088 if (item.format != HID_ITEM_FORMAT_SHORT) {
1089 hid_err(device, "unexpected long global item\n");
1090 goto err;
1091 }
1092
1093 if (dispatch_type[item.type](parser, &item)) {
1094 hid_err(device, "item %u %u %u %u parsing failed\n",
1095 item.format, (unsigned)item.size,
1096 (unsigned)item.type, (unsigned)item.tag);
1097 goto err;
1098 }
1099
1100 if (start == end) {
1101 if (parser->collection_stack_ptr) {
1102 hid_err(device, "unbalanced collection at end of report description\n");
1103 goto err;
1104 }
1105 if (parser->local.delimiter_depth) {
1106 hid_err(device, "unbalanced delimiter at end of report description\n");
1107 goto err;
1108 }
1109 kfree(parser->collection_stack);
1110 vfree(parser);
1111 device->status |= HID_STAT_PARSED;
1112 return 0;
1113 }
1114 }
1115
1116 hid_err(device, "item fetching failed at offset %u/%u\n",
1117 size - (unsigned int)(end - start), size);
1118 err:
1119 kfree(parser->collection_stack);
1120 alloc_err:
1121 vfree(parser);
1122 hid_close_report(device);
1123 return ret;
1124 }
1125 EXPORT_SYMBOL_GPL(hid_open_report);
1126
1127 /*
1128 * Convert a signed n-bit integer to signed 32-bit integer. Common
1129 * cases are done through the compiler, the screwed things has to be
1130 * done by hand.
1131 */
1132
snto32(__u32 value,unsigned n)1133 static s32 snto32(__u32 value, unsigned n)
1134 {
1135 if (!value || !n)
1136 return 0;
1137
1138 if (n > 32)
1139 n = 32;
1140
1141 switch (n) {
1142 case 8: return ((__s8)value);
1143 case 16: return ((__s16)value);
1144 case 32: return ((__s32)value);
1145 }
1146 return value & (1 << (n - 1)) ? value | (~0U << n) : value;
1147 }
1148
hid_snto32(__u32 value,unsigned n)1149 s32 hid_snto32(__u32 value, unsigned n)
1150 {
1151 return snto32(value, n);
1152 }
1153 EXPORT_SYMBOL_GPL(hid_snto32);
1154
1155 /*
1156 * Convert a signed 32-bit integer to a signed n-bit integer.
1157 */
1158
s32ton(__s32 value,unsigned n)1159 static u32 s32ton(__s32 value, unsigned n)
1160 {
1161 s32 a = value >> (n - 1);
1162 if (a && a != -1)
1163 return value < 0 ? 1 << (n - 1) : (1 << (n - 1)) - 1;
1164 return value & ((1 << n) - 1);
1165 }
1166
1167 /*
1168 * Extract/implement a data field from/to a little endian report (bit array).
1169 *
1170 * Code sort-of follows HID spec:
1171 * http://www.usb.org/developers/hidpage/HID1_11.pdf
1172 *
1173 * While the USB HID spec allows unlimited length bit fields in "report
1174 * descriptors", most devices never use more than 16 bits.
1175 * One model of UPS is claimed to report "LINEV" as a 32-bit field.
1176 * Search linux-kernel and linux-usb-devel archives for "hid-core extract".
1177 */
1178
__extract(u8 * report,unsigned offset,int n)1179 static u32 __extract(u8 *report, unsigned offset, int n)
1180 {
1181 unsigned int idx = offset / 8;
1182 unsigned int bit_nr = 0;
1183 unsigned int bit_shift = offset % 8;
1184 int bits_to_copy = 8 - bit_shift;
1185 u32 value = 0;
1186 u32 mask = n < 32 ? (1U << n) - 1 : ~0U;
1187
1188 while (n > 0) {
1189 value |= ((u32)report[idx] >> bit_shift) << bit_nr;
1190 n -= bits_to_copy;
1191 bit_nr += bits_to_copy;
1192 bits_to_copy = 8;
1193 bit_shift = 0;
1194 idx++;
1195 }
1196
1197 return value & mask;
1198 }
1199
hid_field_extract(const struct hid_device * hid,u8 * report,unsigned offset,unsigned n)1200 u32 hid_field_extract(const struct hid_device *hid, u8 *report,
1201 unsigned offset, unsigned n)
1202 {
1203 if (n > 32) {
1204 hid_warn(hid, "hid_field_extract() called with n (%d) > 32! (%s)\n",
1205 n, current->comm);
1206 n = 32;
1207 }
1208
1209 return __extract(report, offset, n);
1210 }
1211 EXPORT_SYMBOL_GPL(hid_field_extract);
1212
1213 /*
1214 * "implement" : set bits in a little endian bit stream.
1215 * Same concepts as "extract" (see comments above).
1216 * The data mangled in the bit stream remains in little endian
1217 * order the whole time. It make more sense to talk about
1218 * endianness of register values by considering a register
1219 * a "cached" copy of the little endian bit stream.
1220 */
1221
__implement(u8 * report,unsigned offset,int n,u32 value)1222 static void __implement(u8 *report, unsigned offset, int n, u32 value)
1223 {
1224 unsigned int idx = offset / 8;
1225 unsigned int bit_shift = offset % 8;
1226 int bits_to_set = 8 - bit_shift;
1227
1228 while (n - bits_to_set >= 0) {
1229 report[idx] &= ~(0xff << bit_shift);
1230 report[idx] |= value << bit_shift;
1231 value >>= bits_to_set;
1232 n -= bits_to_set;
1233 bits_to_set = 8;
1234 bit_shift = 0;
1235 idx++;
1236 }
1237
1238 /* last nibble */
1239 if (n) {
1240 u8 bit_mask = ((1U << n) - 1);
1241 report[idx] &= ~(bit_mask << bit_shift);
1242 report[idx] |= value << bit_shift;
1243 }
1244 }
1245
implement(const struct hid_device * hid,u8 * report,unsigned offset,unsigned n,u32 value)1246 static void implement(const struct hid_device *hid, u8 *report,
1247 unsigned offset, unsigned n, u32 value)
1248 {
1249 if (unlikely(n > 32)) {
1250 hid_warn(hid, "%s() called with n (%d) > 32! (%s)\n",
1251 __func__, n, current->comm);
1252 n = 32;
1253 } else if (n < 32) {
1254 u32 m = (1U << n) - 1;
1255
1256 if (unlikely(value > m)) {
1257 hid_warn(hid,
1258 "%s() called with too large value %d (n: %d)! (%s)\n",
1259 __func__, value, n, current->comm);
1260 WARN_ON(1);
1261 value &= m;
1262 }
1263 }
1264
1265 __implement(report, offset, n, value);
1266 }
1267
1268 /*
1269 * Search an array for a value.
1270 */
1271
search(__s32 * array,__s32 value,unsigned n)1272 static int search(__s32 *array, __s32 value, unsigned n)
1273 {
1274 while (n--) {
1275 if (*array++ == value)
1276 return 0;
1277 }
1278 return -1;
1279 }
1280
1281 /**
1282 * hid_match_report - check if driver's raw_event should be called
1283 *
1284 * @hid: hid device
1285 * @report_type: type to match against
1286 *
1287 * compare hid->driver->report_table->report_type to report->type
1288 */
hid_match_report(struct hid_device * hid,struct hid_report * report)1289 static int hid_match_report(struct hid_device *hid, struct hid_report *report)
1290 {
1291 const struct hid_report_id *id = hid->driver->report_table;
1292
1293 if (!id) /* NULL means all */
1294 return 1;
1295
1296 for (; id->report_type != HID_TERMINATOR; id++)
1297 if (id->report_type == HID_ANY_ID ||
1298 id->report_type == report->type)
1299 return 1;
1300 return 0;
1301 }
1302
1303 /**
1304 * hid_match_usage - check if driver's event should be called
1305 *
1306 * @hid: hid device
1307 * @usage: usage to match against
1308 *
1309 * compare hid->driver->usage_table->usage_{type,code} to
1310 * usage->usage_{type,code}
1311 */
hid_match_usage(struct hid_device * hid,struct hid_usage * usage)1312 static int hid_match_usage(struct hid_device *hid, struct hid_usage *usage)
1313 {
1314 const struct hid_usage_id *id = hid->driver->usage_table;
1315
1316 if (!id) /* NULL means all */
1317 return 1;
1318
1319 for (; id->usage_type != HID_ANY_ID - 1; id++)
1320 if ((id->usage_hid == HID_ANY_ID ||
1321 id->usage_hid == usage->hid) &&
1322 (id->usage_type == HID_ANY_ID ||
1323 id->usage_type == usage->type) &&
1324 (id->usage_code == HID_ANY_ID ||
1325 id->usage_code == usage->code))
1326 return 1;
1327 return 0;
1328 }
1329
hid_process_event(struct hid_device * hid,struct hid_field * field,struct hid_usage * usage,__s32 value,int interrupt)1330 static void hid_process_event(struct hid_device *hid, struct hid_field *field,
1331 struct hid_usage *usage, __s32 value, int interrupt)
1332 {
1333 struct hid_driver *hdrv = hid->driver;
1334 int ret;
1335
1336 if (!list_empty(&hid->debug_list))
1337 hid_dump_input(hid, usage, value);
1338
1339 if (hdrv && hdrv->event && hid_match_usage(hid, usage)) {
1340 ret = hdrv->event(hid, field, usage, value);
1341 if (ret != 0) {
1342 if (ret < 0)
1343 hid_err(hid, "%s's event failed with %d\n",
1344 hdrv->name, ret);
1345 return;
1346 }
1347 }
1348
1349 if (hid->claimed & HID_CLAIMED_INPUT)
1350 hidinput_hid_event(hid, field, usage, value);
1351 if (hid->claimed & HID_CLAIMED_HIDDEV && interrupt && hid->hiddev_hid_event)
1352 hid->hiddev_hid_event(hid, field, usage, value);
1353 }
1354
1355 /*
1356 * Analyse a received field, and fetch the data from it. The field
1357 * content is stored for next report processing (we do differential
1358 * reporting to the layer).
1359 */
1360
hid_input_field(struct hid_device * hid,struct hid_field * field,__u8 * data,int interrupt)1361 static void hid_input_field(struct hid_device *hid, struct hid_field *field,
1362 __u8 *data, int interrupt)
1363 {
1364 unsigned n;
1365 unsigned count = field->report_count;
1366 unsigned offset = field->report_offset;
1367 unsigned size = field->report_size;
1368 __s32 min = field->logical_minimum;
1369 __s32 max = field->logical_maximum;
1370 __s32 *value;
1371
1372 value = kmalloc_array(count, sizeof(__s32), GFP_ATOMIC);
1373 if (!value)
1374 return;
1375
1376 for (n = 0; n < count; n++) {
1377
1378 value[n] = min < 0 ?
1379 snto32(hid_field_extract(hid, data, offset + n * size,
1380 size), size) :
1381 hid_field_extract(hid, data, offset + n * size, size);
1382
1383 /* Ignore report if ErrorRollOver */
1384 if (!(field->flags & HID_MAIN_ITEM_VARIABLE) &&
1385 value[n] >= min && value[n] <= max &&
1386 value[n] - min < field->maxusage &&
1387 field->usage[value[n] - min].hid == HID_UP_KEYBOARD + 1)
1388 goto exit;
1389 }
1390
1391 for (n = 0; n < count; n++) {
1392
1393 if (HID_MAIN_ITEM_VARIABLE & field->flags) {
1394 hid_process_event(hid, field, &field->usage[n], value[n], interrupt);
1395 continue;
1396 }
1397
1398 if (field->value[n] >= min && field->value[n] <= max
1399 && field->value[n] - min < field->maxusage
1400 && field->usage[field->value[n] - min].hid
1401 && search(value, field->value[n], count))
1402 hid_process_event(hid, field, &field->usage[field->value[n] - min], 0, interrupt);
1403
1404 if (value[n] >= min && value[n] <= max
1405 && value[n] - min < field->maxusage
1406 && field->usage[value[n] - min].hid
1407 && search(field->value, value[n], count))
1408 hid_process_event(hid, field, &field->usage[value[n] - min], 1, interrupt);
1409 }
1410
1411 memcpy(field->value, value, count * sizeof(__s32));
1412 exit:
1413 kfree(value);
1414 }
1415
1416 /*
1417 * Output the field into the report.
1418 */
1419
hid_output_field(const struct hid_device * hid,struct hid_field * field,__u8 * data)1420 static void hid_output_field(const struct hid_device *hid,
1421 struct hid_field *field, __u8 *data)
1422 {
1423 unsigned count = field->report_count;
1424 unsigned offset = field->report_offset;
1425 unsigned size = field->report_size;
1426 unsigned n;
1427
1428 for (n = 0; n < count; n++) {
1429 if (field->logical_minimum < 0) /* signed values */
1430 implement(hid, data, offset + n * size, size,
1431 s32ton(field->value[n], size));
1432 else /* unsigned values */
1433 implement(hid, data, offset + n * size, size,
1434 field->value[n]);
1435 }
1436 }
1437
1438 /*
1439 * Compute the size of a report.
1440 */
hid_compute_report_size(struct hid_report * report)1441 static size_t hid_compute_report_size(struct hid_report *report)
1442 {
1443 if (report->size)
1444 return ((report->size - 1) >> 3) + 1;
1445
1446 return 0;
1447 }
1448
1449 /*
1450 * Create a report. 'data' has to be allocated using
1451 * hid_alloc_report_buf() so that it has proper size.
1452 */
1453
hid_output_report(struct hid_report * report,__u8 * data)1454 void hid_output_report(struct hid_report *report, __u8 *data)
1455 {
1456 unsigned n;
1457
1458 if (report->id > 0)
1459 *data++ = report->id;
1460
1461 memset(data, 0, hid_compute_report_size(report));
1462 for (n = 0; n < report->maxfield; n++)
1463 hid_output_field(report->device, report->field[n], data);
1464 }
1465 EXPORT_SYMBOL_GPL(hid_output_report);
1466
1467 /*
1468 * Allocator for buffer that is going to be passed to hid_output_report()
1469 */
hid_alloc_report_buf(struct hid_report * report,gfp_t flags)1470 u8 *hid_alloc_report_buf(struct hid_report *report, gfp_t flags)
1471 {
1472 /*
1473 * 7 extra bytes are necessary to achieve proper functionality
1474 * of implement() working on 8 byte chunks
1475 */
1476
1477 u32 len = hid_report_len(report) + 7;
1478
1479 return kmalloc(len, flags);
1480 }
1481 EXPORT_SYMBOL_GPL(hid_alloc_report_buf);
1482
1483 /*
1484 * Set a field value. The report this field belongs to has to be
1485 * created and transferred to the device, to set this value in the
1486 * device.
1487 */
1488
hid_set_field(struct hid_field * field,unsigned offset,__s32 value)1489 int hid_set_field(struct hid_field *field, unsigned offset, __s32 value)
1490 {
1491 unsigned size;
1492
1493 if (!field)
1494 return -1;
1495
1496 size = field->report_size;
1497
1498 hid_dump_input(field->report->device, field->usage + offset, value);
1499
1500 if (offset >= field->report_count) {
1501 hid_err(field->report->device, "offset (%d) exceeds report_count (%d)\n",
1502 offset, field->report_count);
1503 return -1;
1504 }
1505 if (field->logical_minimum < 0) {
1506 if (value != snto32(s32ton(value, size), size)) {
1507 hid_err(field->report->device, "value %d is out of range\n", value);
1508 return -1;
1509 }
1510 }
1511 field->value[offset] = value;
1512 return 0;
1513 }
1514 EXPORT_SYMBOL_GPL(hid_set_field);
1515
hid_get_report(struct hid_report_enum * report_enum,const u8 * data)1516 static struct hid_report *hid_get_report(struct hid_report_enum *report_enum,
1517 const u8 *data)
1518 {
1519 struct hid_report *report;
1520 unsigned int n = 0; /* Normally report number is 0 */
1521
1522 /* Device uses numbered reports, data[0] is report number */
1523 if (report_enum->numbered)
1524 n = *data;
1525
1526 report = report_enum->report_id_hash[n];
1527 if (report == NULL)
1528 dbg_hid("undefined report_id %u received\n", n);
1529
1530 return report;
1531 }
1532
1533 /*
1534 * Implement a generic .request() callback, using .raw_request()
1535 * DO NOT USE in hid drivers directly, but through hid_hw_request instead.
1536 */
__hid_request(struct hid_device * hid,struct hid_report * report,int reqtype)1537 void __hid_request(struct hid_device *hid, struct hid_report *report,
1538 int reqtype)
1539 {
1540 char *buf;
1541 int ret;
1542 u32 len;
1543
1544 buf = hid_alloc_report_buf(report, GFP_KERNEL);
1545 if (!buf)
1546 return;
1547
1548 len = hid_report_len(report);
1549
1550 if (reqtype == HID_REQ_SET_REPORT)
1551 hid_output_report(report, buf);
1552
1553 ret = hid->ll_driver->raw_request(hid, report->id, buf, len,
1554 report->type, reqtype);
1555 if (ret < 0) {
1556 dbg_hid("unable to complete request: %d\n", ret);
1557 goto out;
1558 }
1559
1560 if (reqtype == HID_REQ_GET_REPORT)
1561 hid_input_report(hid, report->type, buf, ret, 0);
1562
1563 out:
1564 kfree(buf);
1565 }
1566 EXPORT_SYMBOL_GPL(__hid_request);
1567
hid_report_raw_event(struct hid_device * hid,int type,u8 * data,u32 size,int interrupt)1568 int hid_report_raw_event(struct hid_device *hid, int type, u8 *data, u32 size,
1569 int interrupt)
1570 {
1571 struct hid_report_enum *report_enum = hid->report_enum + type;
1572 struct hid_report *report;
1573 struct hid_driver *hdrv;
1574 int max_buffer_size = HID_MAX_BUFFER_SIZE;
1575 unsigned int a;
1576 u32 rsize, csize = size;
1577 u8 *cdata = data;
1578 int ret = 0;
1579
1580 report = hid_get_report(report_enum, data);
1581 if (!report)
1582 goto out;
1583
1584 if (report_enum->numbered) {
1585 cdata++;
1586 csize--;
1587 }
1588
1589 rsize = hid_compute_report_size(report);
1590
1591 if (hid->ll_driver->max_buffer_size)
1592 max_buffer_size = hid->ll_driver->max_buffer_size;
1593
1594 if (report_enum->numbered && rsize >= max_buffer_size)
1595 rsize = max_buffer_size - 1;
1596 else if (rsize > max_buffer_size)
1597 rsize = max_buffer_size;
1598
1599 if (csize < rsize) {
1600 dbg_hid("report %d is too short, (%d < %d)\n", report->id,
1601 csize, rsize);
1602 memset(cdata + csize, 0, rsize - csize);
1603 }
1604
1605 if ((hid->claimed & HID_CLAIMED_HIDDEV) && hid->hiddev_report_event)
1606 hid->hiddev_report_event(hid, report);
1607 if (hid->claimed & HID_CLAIMED_HIDRAW) {
1608 ret = hidraw_report_event(hid, data, size);
1609 if (ret)
1610 goto out;
1611 }
1612
1613 if (hid->claimed != HID_CLAIMED_HIDRAW && report->maxfield) {
1614 for (a = 0; a < report->maxfield; a++)
1615 hid_input_field(hid, report->field[a], cdata, interrupt);
1616 hdrv = hid->driver;
1617 if (hdrv && hdrv->report)
1618 hdrv->report(hid, report);
1619 }
1620
1621 if (hid->claimed & HID_CLAIMED_INPUT)
1622 hidinput_report_event(hid, report);
1623 out:
1624 return ret;
1625 }
1626 EXPORT_SYMBOL_GPL(hid_report_raw_event);
1627
1628 /**
1629 * hid_input_report - report data from lower layer (usb, bt...)
1630 *
1631 * @hid: hid device
1632 * @type: HID report type (HID_*_REPORT)
1633 * @data: report contents
1634 * @size: size of data parameter
1635 * @interrupt: distinguish between interrupt and control transfers
1636 *
1637 * This is data entry for lower layers.
1638 */
hid_input_report(struct hid_device * hid,int type,u8 * data,u32 size,int interrupt)1639 int hid_input_report(struct hid_device *hid, int type, u8 *data, u32 size, int interrupt)
1640 {
1641 struct hid_report_enum *report_enum;
1642 struct hid_driver *hdrv;
1643 struct hid_report *report;
1644 int ret = 0;
1645
1646 if (!hid)
1647 return -ENODEV;
1648
1649 if (down_trylock(&hid->driver_input_lock))
1650 return -EBUSY;
1651
1652 if (!hid->driver) {
1653 ret = -ENODEV;
1654 goto unlock;
1655 }
1656 report_enum = hid->report_enum + type;
1657 hdrv = hid->driver;
1658
1659 if (!size) {
1660 dbg_hid("empty report\n");
1661 ret = -1;
1662 goto unlock;
1663 }
1664
1665 /* Avoid unnecessary overhead if debugfs is disabled */
1666 if (!list_empty(&hid->debug_list))
1667 hid_dump_report(hid, type, data, size);
1668
1669 report = hid_get_report(report_enum, data);
1670
1671 if (!report) {
1672 ret = -1;
1673 goto unlock;
1674 }
1675
1676 if (hdrv && hdrv->raw_event && hid_match_report(hid, report)) {
1677 ret = hdrv->raw_event(hid, report, data, size);
1678 if (ret < 0)
1679 goto unlock;
1680 }
1681
1682 ret = hid_report_raw_event(hid, type, data, size, interrupt);
1683
1684 unlock:
1685 up(&hid->driver_input_lock);
1686 return ret;
1687 }
1688 EXPORT_SYMBOL_GPL(hid_input_report);
1689
hid_match_one_id(const struct hid_device * hdev,const struct hid_device_id * id)1690 bool hid_match_one_id(const struct hid_device *hdev,
1691 const struct hid_device_id *id)
1692 {
1693 return (id->bus == HID_BUS_ANY || id->bus == hdev->bus) &&
1694 (id->group == HID_GROUP_ANY || id->group == hdev->group) &&
1695 (id->vendor == HID_ANY_ID || id->vendor == hdev->vendor) &&
1696 (id->product == HID_ANY_ID || id->product == hdev->product);
1697 }
1698
hid_match_id(const struct hid_device * hdev,const struct hid_device_id * id)1699 const struct hid_device_id *hid_match_id(const struct hid_device *hdev,
1700 const struct hid_device_id *id)
1701 {
1702 for (; id->bus; id++)
1703 if (hid_match_one_id(hdev, id))
1704 return id;
1705
1706 return NULL;
1707 }
1708
1709 static const struct hid_device_id hid_hiddev_list[] = {
1710 { HID_USB_DEVICE(USB_VENDOR_ID_MGE, USB_DEVICE_ID_MGE_UPS) },
1711 { HID_USB_DEVICE(USB_VENDOR_ID_MGE, USB_DEVICE_ID_MGE_UPS1) },
1712 { }
1713 };
1714
hid_hiddev(struct hid_device * hdev)1715 static bool hid_hiddev(struct hid_device *hdev)
1716 {
1717 return !!hid_match_id(hdev, hid_hiddev_list);
1718 }
1719
1720
1721 static ssize_t
read_report_descriptor(struct file * filp,struct kobject * kobj,struct bin_attribute * attr,char * buf,loff_t off,size_t count)1722 read_report_descriptor(struct file *filp, struct kobject *kobj,
1723 struct bin_attribute *attr,
1724 char *buf, loff_t off, size_t count)
1725 {
1726 struct device *dev = kobj_to_dev(kobj);
1727 struct hid_device *hdev = to_hid_device(dev);
1728
1729 if (off >= hdev->rsize)
1730 return 0;
1731
1732 if (off + count > hdev->rsize)
1733 count = hdev->rsize - off;
1734
1735 memcpy(buf, hdev->rdesc + off, count);
1736
1737 return count;
1738 }
1739
1740 static ssize_t
show_country(struct device * dev,struct device_attribute * attr,char * buf)1741 show_country(struct device *dev, struct device_attribute *attr,
1742 char *buf)
1743 {
1744 struct hid_device *hdev = to_hid_device(dev);
1745
1746 return sprintf(buf, "%02x\n", hdev->country & 0xff);
1747 }
1748
1749 static struct bin_attribute dev_bin_attr_report_desc = {
1750 .attr = { .name = "report_descriptor", .mode = 0444 },
1751 .read = read_report_descriptor,
1752 .size = HID_MAX_DESCRIPTOR_SIZE,
1753 };
1754
1755 static const struct device_attribute dev_attr_country = {
1756 .attr = { .name = "country", .mode = 0444 },
1757 .show = show_country,
1758 };
1759
hid_connect(struct hid_device * hdev,unsigned int connect_mask)1760 int hid_connect(struct hid_device *hdev, unsigned int connect_mask)
1761 {
1762 static const char *types[] = { "Device", "Pointer", "Mouse", "Device",
1763 "Joystick", "Gamepad", "Keyboard", "Keypad",
1764 "Multi-Axis Controller"
1765 };
1766 const char *type, *bus;
1767 char buf[64] = "";
1768 unsigned int i;
1769 int len;
1770 int ret;
1771
1772 if (hdev->quirks & HID_QUIRK_HIDDEV_FORCE)
1773 connect_mask |= (HID_CONNECT_HIDDEV_FORCE | HID_CONNECT_HIDDEV);
1774 if (hdev->quirks & HID_QUIRK_HIDINPUT_FORCE)
1775 connect_mask |= HID_CONNECT_HIDINPUT_FORCE;
1776 if (hdev->bus != BUS_USB)
1777 connect_mask &= ~HID_CONNECT_HIDDEV;
1778 if (hid_hiddev(hdev))
1779 connect_mask |= HID_CONNECT_HIDDEV_FORCE;
1780
1781 if ((connect_mask & HID_CONNECT_HIDINPUT) && !hidinput_connect(hdev,
1782 connect_mask & HID_CONNECT_HIDINPUT_FORCE))
1783 hdev->claimed |= HID_CLAIMED_INPUT;
1784
1785 if ((connect_mask & HID_CONNECT_HIDDEV) && hdev->hiddev_connect &&
1786 !hdev->hiddev_connect(hdev,
1787 connect_mask & HID_CONNECT_HIDDEV_FORCE))
1788 hdev->claimed |= HID_CLAIMED_HIDDEV;
1789 if ((connect_mask & HID_CONNECT_HIDRAW) && !hidraw_connect(hdev))
1790 hdev->claimed |= HID_CLAIMED_HIDRAW;
1791
1792 if (connect_mask & HID_CONNECT_DRIVER)
1793 hdev->claimed |= HID_CLAIMED_DRIVER;
1794
1795 /* Drivers with the ->raw_event callback set are not required to connect
1796 * to any other listener. */
1797 if (!hdev->claimed && !hdev->driver->raw_event) {
1798 hid_err(hdev, "device has no listeners, quitting\n");
1799 return -ENODEV;
1800 }
1801
1802 if ((hdev->claimed & HID_CLAIMED_INPUT) &&
1803 (connect_mask & HID_CONNECT_FF) && hdev->ff_init)
1804 hdev->ff_init(hdev);
1805
1806 len = 0;
1807 if (hdev->claimed & HID_CLAIMED_INPUT)
1808 len += sprintf(buf + len, "input");
1809 if (hdev->claimed & HID_CLAIMED_HIDDEV)
1810 len += sprintf(buf + len, "%shiddev%d", len ? "," : "",
1811 ((struct hiddev *)hdev->hiddev)->minor);
1812 if (hdev->claimed & HID_CLAIMED_HIDRAW)
1813 len += sprintf(buf + len, "%shidraw%d", len ? "," : "",
1814 ((struct hidraw *)hdev->hidraw)->minor);
1815
1816 type = "Device";
1817 for (i = 0; i < hdev->maxcollection; i++) {
1818 struct hid_collection *col = &hdev->collection[i];
1819 if (col->type == HID_COLLECTION_APPLICATION &&
1820 (col->usage & HID_USAGE_PAGE) == HID_UP_GENDESK &&
1821 (col->usage & 0xffff) < ARRAY_SIZE(types)) {
1822 type = types[col->usage & 0xffff];
1823 break;
1824 }
1825 }
1826
1827 switch (hdev->bus) {
1828 case BUS_USB:
1829 bus = "USB";
1830 break;
1831 case BUS_BLUETOOTH:
1832 bus = "BLUETOOTH";
1833 break;
1834 case BUS_I2C:
1835 bus = "I2C";
1836 break;
1837 case BUS_VIRTUAL:
1838 bus = "VIRTUAL";
1839 break;
1840 default:
1841 bus = "<UNKNOWN>";
1842 }
1843
1844 ret = device_create_file(&hdev->dev, &dev_attr_country);
1845 if (ret)
1846 hid_warn(hdev,
1847 "can't create sysfs country code attribute err: %d\n", ret);
1848
1849 hid_info(hdev, "%s: %s HID v%x.%02x %s [%s] on %s\n",
1850 buf, bus, hdev->version >> 8, hdev->version & 0xff,
1851 type, hdev->name, hdev->phys);
1852
1853 return 0;
1854 }
1855 EXPORT_SYMBOL_GPL(hid_connect);
1856
hid_disconnect(struct hid_device * hdev)1857 void hid_disconnect(struct hid_device *hdev)
1858 {
1859 device_remove_file(&hdev->dev, &dev_attr_country);
1860 if (hdev->claimed & HID_CLAIMED_INPUT)
1861 hidinput_disconnect(hdev);
1862 if (hdev->claimed & HID_CLAIMED_HIDDEV)
1863 hdev->hiddev_disconnect(hdev);
1864 if (hdev->claimed & HID_CLAIMED_HIDRAW)
1865 hidraw_disconnect(hdev);
1866 hdev->claimed = 0;
1867 }
1868 EXPORT_SYMBOL_GPL(hid_disconnect);
1869
1870 /**
1871 * hid_hw_start - start underlying HW
1872 * @hdev: hid device
1873 * @connect_mask: which outputs to connect, see HID_CONNECT_*
1874 *
1875 * Call this in probe function *after* hid_parse. This will setup HW
1876 * buffers and start the device (if not defeirred to device open).
1877 * hid_hw_stop must be called if this was successful.
1878 */
hid_hw_start(struct hid_device * hdev,unsigned int connect_mask)1879 int hid_hw_start(struct hid_device *hdev, unsigned int connect_mask)
1880 {
1881 int error;
1882
1883 error = hdev->ll_driver->start(hdev);
1884 if (error)
1885 return error;
1886
1887 if (connect_mask) {
1888 error = hid_connect(hdev, connect_mask);
1889 if (error) {
1890 hdev->ll_driver->stop(hdev);
1891 return error;
1892 }
1893 }
1894
1895 return 0;
1896 }
1897 EXPORT_SYMBOL_GPL(hid_hw_start);
1898
1899 /**
1900 * hid_hw_stop - stop underlying HW
1901 * @hdev: hid device
1902 *
1903 * This is usually called from remove function or from probe when something
1904 * failed and hid_hw_start was called already.
1905 */
hid_hw_stop(struct hid_device * hdev)1906 void hid_hw_stop(struct hid_device *hdev)
1907 {
1908 hid_disconnect(hdev);
1909 hdev->ll_driver->stop(hdev);
1910 }
1911 EXPORT_SYMBOL_GPL(hid_hw_stop);
1912
1913 /**
1914 * hid_hw_open - signal underlying HW to start delivering events
1915 * @hdev: hid device
1916 *
1917 * Tell underlying HW to start delivering events from the device.
1918 * This function should be called sometime after successful call
1919 * to hid_hw_start().
1920 */
hid_hw_open(struct hid_device * hdev)1921 int hid_hw_open(struct hid_device *hdev)
1922 {
1923 int ret;
1924
1925 ret = mutex_lock_killable(&hdev->ll_open_lock);
1926 if (ret)
1927 return ret;
1928
1929 if (!hdev->ll_open_count++) {
1930 ret = hdev->ll_driver->open(hdev);
1931 if (ret)
1932 hdev->ll_open_count--;
1933 }
1934
1935 mutex_unlock(&hdev->ll_open_lock);
1936 return ret;
1937 }
1938 EXPORT_SYMBOL_GPL(hid_hw_open);
1939
1940 /**
1941 * hid_hw_close - signal underlaying HW to stop delivering events
1942 *
1943 * @hdev: hid device
1944 *
1945 * This function indicates that we are not interested in the events
1946 * from this device anymore. Delivery of events may or may not stop,
1947 * depending on the number of users still outstanding.
1948 */
hid_hw_close(struct hid_device * hdev)1949 void hid_hw_close(struct hid_device *hdev)
1950 {
1951 mutex_lock(&hdev->ll_open_lock);
1952 if (!--hdev->ll_open_count)
1953 hdev->ll_driver->close(hdev);
1954 mutex_unlock(&hdev->ll_open_lock);
1955 }
1956 EXPORT_SYMBOL_GPL(hid_hw_close);
1957
1958 struct hid_dynid {
1959 struct list_head list;
1960 struct hid_device_id id;
1961 };
1962
1963 /**
1964 * store_new_id - add a new HID device ID to this driver and re-probe devices
1965 * @driver: target device driver
1966 * @buf: buffer for scanning device ID data
1967 * @count: input size
1968 *
1969 * Adds a new dynamic hid device ID to this driver,
1970 * and causes the driver to probe for all devices again.
1971 */
new_id_store(struct device_driver * drv,const char * buf,size_t count)1972 static ssize_t new_id_store(struct device_driver *drv, const char *buf,
1973 size_t count)
1974 {
1975 struct hid_driver *hdrv = to_hid_driver(drv);
1976 struct hid_dynid *dynid;
1977 __u32 bus, vendor, product;
1978 unsigned long driver_data = 0;
1979 int ret;
1980
1981 ret = sscanf(buf, "%x %x %x %lx",
1982 &bus, &vendor, &product, &driver_data);
1983 if (ret < 3)
1984 return -EINVAL;
1985
1986 dynid = kzalloc(sizeof(*dynid), GFP_KERNEL);
1987 if (!dynid)
1988 return -ENOMEM;
1989
1990 dynid->id.bus = bus;
1991 dynid->id.group = HID_GROUP_ANY;
1992 dynid->id.vendor = vendor;
1993 dynid->id.product = product;
1994 dynid->id.driver_data = driver_data;
1995
1996 spin_lock(&hdrv->dyn_lock);
1997 list_add_tail(&dynid->list, &hdrv->dyn_list);
1998 spin_unlock(&hdrv->dyn_lock);
1999
2000 ret = driver_attach(&hdrv->driver);
2001
2002 return ret ? : count;
2003 }
2004 static DRIVER_ATTR_WO(new_id);
2005
2006 static struct attribute *hid_drv_attrs[] = {
2007 &driver_attr_new_id.attr,
2008 NULL,
2009 };
2010 ATTRIBUTE_GROUPS(hid_drv);
2011
hid_free_dynids(struct hid_driver * hdrv)2012 static void hid_free_dynids(struct hid_driver *hdrv)
2013 {
2014 struct hid_dynid *dynid, *n;
2015
2016 spin_lock(&hdrv->dyn_lock);
2017 list_for_each_entry_safe(dynid, n, &hdrv->dyn_list, list) {
2018 list_del(&dynid->list);
2019 kfree(dynid);
2020 }
2021 spin_unlock(&hdrv->dyn_lock);
2022 }
2023
hid_match_device(struct hid_device * hdev,struct hid_driver * hdrv)2024 const struct hid_device_id *hid_match_device(struct hid_device *hdev,
2025 struct hid_driver *hdrv)
2026 {
2027 struct hid_dynid *dynid;
2028
2029 spin_lock(&hdrv->dyn_lock);
2030 list_for_each_entry(dynid, &hdrv->dyn_list, list) {
2031 if (hid_match_one_id(hdev, &dynid->id)) {
2032 spin_unlock(&hdrv->dyn_lock);
2033 return &dynid->id;
2034 }
2035 }
2036 spin_unlock(&hdrv->dyn_lock);
2037
2038 return hid_match_id(hdev, hdrv->id_table);
2039 }
2040 EXPORT_SYMBOL_GPL(hid_match_device);
2041
hid_bus_match(struct device * dev,struct device_driver * drv)2042 static int hid_bus_match(struct device *dev, struct device_driver *drv)
2043 {
2044 struct hid_driver *hdrv = to_hid_driver(drv);
2045 struct hid_device *hdev = to_hid_device(dev);
2046
2047 return hid_match_device(hdev, hdrv) != NULL;
2048 }
2049
2050 /**
2051 * hid_compare_device_paths - check if both devices share the same path
2052 * @hdev_a: hid device
2053 * @hdev_b: hid device
2054 * @separator: char to use as separator
2055 *
2056 * Check if two devices share the same path up to the last occurrence of
2057 * the separator char. Both paths must exist (i.e., zero-length paths
2058 * don't match).
2059 */
hid_compare_device_paths(struct hid_device * hdev_a,struct hid_device * hdev_b,char separator)2060 bool hid_compare_device_paths(struct hid_device *hdev_a,
2061 struct hid_device *hdev_b, char separator)
2062 {
2063 int n1 = strrchr(hdev_a->phys, separator) - hdev_a->phys;
2064 int n2 = strrchr(hdev_b->phys, separator) - hdev_b->phys;
2065
2066 if (n1 != n2 || n1 <= 0 || n2 <= 0)
2067 return false;
2068
2069 return !strncmp(hdev_a->phys, hdev_b->phys, n1);
2070 }
2071 EXPORT_SYMBOL_GPL(hid_compare_device_paths);
2072
hid_device_probe(struct device * dev)2073 static int hid_device_probe(struct device *dev)
2074 {
2075 struct hid_driver *hdrv = to_hid_driver(dev->driver);
2076 struct hid_device *hdev = to_hid_device(dev);
2077 const struct hid_device_id *id;
2078 int ret = 0;
2079
2080 if (down_interruptible(&hdev->driver_input_lock)) {
2081 ret = -EINTR;
2082 goto end;
2083 }
2084 hdev->io_started = false;
2085
2086 clear_bit(ffs(HID_STAT_REPROBED), &hdev->status);
2087
2088 if (!hdev->driver) {
2089 id = hid_match_device(hdev, hdrv);
2090 if (id == NULL) {
2091 ret = -ENODEV;
2092 goto unlock;
2093 }
2094
2095 if (hdrv->match) {
2096 if (!hdrv->match(hdev, hid_ignore_special_drivers)) {
2097 ret = -ENODEV;
2098 goto unlock;
2099 }
2100 } else {
2101 /*
2102 * hid-generic implements .match(), so if
2103 * hid_ignore_special_drivers is set, we can safely
2104 * return.
2105 */
2106 if (hid_ignore_special_drivers) {
2107 ret = -ENODEV;
2108 goto unlock;
2109 }
2110 }
2111
2112 /* reset the quirks that has been previously set */
2113 hdev->quirks = hid_lookup_quirk(hdev);
2114 hdev->driver = hdrv;
2115 if (hdrv->probe) {
2116 ret = hdrv->probe(hdev, id);
2117 } else { /* default probe */
2118 ret = hid_open_report(hdev);
2119 if (!ret)
2120 ret = hid_hw_start(hdev, HID_CONNECT_DEFAULT);
2121 }
2122 if (ret) {
2123 hid_close_report(hdev);
2124 hdev->driver = NULL;
2125 }
2126 }
2127 unlock:
2128 if (!hdev->io_started)
2129 up(&hdev->driver_input_lock);
2130 end:
2131 return ret;
2132 }
2133
hid_device_remove(struct device * dev)2134 static int hid_device_remove(struct device *dev)
2135 {
2136 struct hid_device *hdev = to_hid_device(dev);
2137 struct hid_driver *hdrv;
2138
2139 down(&hdev->driver_input_lock);
2140 hdev->io_started = false;
2141
2142 hdrv = hdev->driver;
2143 if (hdrv) {
2144 if (hdrv->remove)
2145 hdrv->remove(hdev);
2146 else /* default remove */
2147 hid_hw_stop(hdev);
2148 hid_close_report(hdev);
2149 hdev->driver = NULL;
2150 }
2151
2152 if (!hdev->io_started)
2153 up(&hdev->driver_input_lock);
2154
2155 return 0;
2156 }
2157
modalias_show(struct device * dev,struct device_attribute * a,char * buf)2158 static ssize_t modalias_show(struct device *dev, struct device_attribute *a,
2159 char *buf)
2160 {
2161 struct hid_device *hdev = container_of(dev, struct hid_device, dev);
2162
2163 return scnprintf(buf, PAGE_SIZE, "hid:b%04Xg%04Xv%08Xp%08X\n",
2164 hdev->bus, hdev->group, hdev->vendor, hdev->product);
2165 }
2166 static DEVICE_ATTR_RO(modalias);
2167
2168 static struct attribute *hid_dev_attrs[] = {
2169 &dev_attr_modalias.attr,
2170 NULL,
2171 };
2172 static struct bin_attribute *hid_dev_bin_attrs[] = {
2173 &dev_bin_attr_report_desc,
2174 NULL
2175 };
2176 static const struct attribute_group hid_dev_group = {
2177 .attrs = hid_dev_attrs,
2178 .bin_attrs = hid_dev_bin_attrs,
2179 };
2180 __ATTRIBUTE_GROUPS(hid_dev);
2181
hid_uevent(struct device * dev,struct kobj_uevent_env * env)2182 static int hid_uevent(struct device *dev, struct kobj_uevent_env *env)
2183 {
2184 struct hid_device *hdev = to_hid_device(dev);
2185
2186 if (add_uevent_var(env, "HID_ID=%04X:%08X:%08X",
2187 hdev->bus, hdev->vendor, hdev->product))
2188 return -ENOMEM;
2189
2190 if (add_uevent_var(env, "HID_NAME=%s", hdev->name))
2191 return -ENOMEM;
2192
2193 if (add_uevent_var(env, "HID_PHYS=%s", hdev->phys))
2194 return -ENOMEM;
2195
2196 if (add_uevent_var(env, "HID_UNIQ=%s", hdev->uniq))
2197 return -ENOMEM;
2198
2199 if (add_uevent_var(env, "MODALIAS=hid:b%04Xg%04Xv%08Xp%08X",
2200 hdev->bus, hdev->group, hdev->vendor, hdev->product))
2201 return -ENOMEM;
2202
2203 return 0;
2204 }
2205
2206 struct bus_type hid_bus_type = {
2207 .name = "hid",
2208 .dev_groups = hid_dev_groups,
2209 .drv_groups = hid_drv_groups,
2210 .match = hid_bus_match,
2211 .probe = hid_device_probe,
2212 .remove = hid_device_remove,
2213 .uevent = hid_uevent,
2214 };
2215 EXPORT_SYMBOL(hid_bus_type);
2216
hid_add_device(struct hid_device * hdev)2217 int hid_add_device(struct hid_device *hdev)
2218 {
2219 static atomic_t id = ATOMIC_INIT(0);
2220 int ret;
2221
2222 if (WARN_ON(hdev->status & HID_STAT_ADDED))
2223 return -EBUSY;
2224
2225 hdev->quirks = hid_lookup_quirk(hdev);
2226
2227 /* we need to kill them here, otherwise they will stay allocated to
2228 * wait for coming driver */
2229 if (hid_ignore(hdev))
2230 return -ENODEV;
2231
2232 /*
2233 * Check for the mandatory transport channel.
2234 */
2235 if (!hdev->ll_driver->raw_request) {
2236 hid_err(hdev, "transport driver missing .raw_request()\n");
2237 return -EINVAL;
2238 }
2239
2240 /*
2241 * Read the device report descriptor once and use as template
2242 * for the driver-specific modifications.
2243 */
2244 ret = hdev->ll_driver->parse(hdev);
2245 if (ret)
2246 return ret;
2247 if (!hdev->dev_rdesc)
2248 return -ENODEV;
2249
2250 /*
2251 * Scan generic devices for group information
2252 */
2253 if (hid_ignore_special_drivers) {
2254 hdev->group = HID_GROUP_GENERIC;
2255 } else if (!hdev->group &&
2256 !(hdev->quirks & HID_QUIRK_HAVE_SPECIAL_DRIVER)) {
2257 ret = hid_scan_report(hdev);
2258 if (ret)
2259 hid_warn(hdev, "bad device descriptor (%d)\n", ret);
2260 }
2261
2262 /* XXX hack, any other cleaner solution after the driver core
2263 * is converted to allow more than 20 bytes as the device name? */
2264 dev_set_name(&hdev->dev, "%04X:%04X:%04X.%04X", hdev->bus,
2265 hdev->vendor, hdev->product, atomic_inc_return(&id));
2266
2267 hid_debug_register(hdev, dev_name(&hdev->dev));
2268 ret = device_add(&hdev->dev);
2269 if (!ret)
2270 hdev->status |= HID_STAT_ADDED;
2271 else
2272 hid_debug_unregister(hdev);
2273
2274 return ret;
2275 }
2276 EXPORT_SYMBOL_GPL(hid_add_device);
2277
2278 /**
2279 * hid_allocate_device - allocate new hid device descriptor
2280 *
2281 * Allocate and initialize hid device, so that hid_destroy_device might be
2282 * used to free it.
2283 *
2284 * New hid_device pointer is returned on success, otherwise ERR_PTR encoded
2285 * error value.
2286 */
hid_allocate_device(void)2287 struct hid_device *hid_allocate_device(void)
2288 {
2289 struct hid_device *hdev;
2290 int ret = -ENOMEM;
2291
2292 hdev = kzalloc(sizeof(*hdev), GFP_KERNEL);
2293 if (hdev == NULL)
2294 return ERR_PTR(ret);
2295
2296 device_initialize(&hdev->dev);
2297 hdev->dev.release = hid_device_release;
2298 hdev->dev.bus = &hid_bus_type;
2299 device_enable_async_suspend(&hdev->dev);
2300
2301 hid_close_report(hdev);
2302
2303 init_waitqueue_head(&hdev->debug_wait);
2304 INIT_LIST_HEAD(&hdev->debug_list);
2305 spin_lock_init(&hdev->debug_list_lock);
2306 sema_init(&hdev->driver_input_lock, 1);
2307 mutex_init(&hdev->ll_open_lock);
2308
2309 return hdev;
2310 }
2311 EXPORT_SYMBOL_GPL(hid_allocate_device);
2312
hid_remove_device(struct hid_device * hdev)2313 static void hid_remove_device(struct hid_device *hdev)
2314 {
2315 if (hdev->status & HID_STAT_ADDED) {
2316 device_del(&hdev->dev);
2317 hid_debug_unregister(hdev);
2318 hdev->status &= ~HID_STAT_ADDED;
2319 }
2320 kfree(hdev->dev_rdesc);
2321 hdev->dev_rdesc = NULL;
2322 hdev->dev_rsize = 0;
2323 }
2324
2325 /**
2326 * hid_destroy_device - free previously allocated device
2327 *
2328 * @hdev: hid device
2329 *
2330 * If you allocate hid_device through hid_allocate_device, you should ever
2331 * free by this function.
2332 */
hid_destroy_device(struct hid_device * hdev)2333 void hid_destroy_device(struct hid_device *hdev)
2334 {
2335 hid_remove_device(hdev);
2336 put_device(&hdev->dev);
2337 }
2338 EXPORT_SYMBOL_GPL(hid_destroy_device);
2339
2340
__hid_bus_reprobe_drivers(struct device * dev,void * data)2341 static int __hid_bus_reprobe_drivers(struct device *dev, void *data)
2342 {
2343 struct hid_driver *hdrv = data;
2344 struct hid_device *hdev = to_hid_device(dev);
2345
2346 if (hdev->driver == hdrv &&
2347 !hdrv->match(hdev, hid_ignore_special_drivers) &&
2348 !test_and_set_bit(ffs(HID_STAT_REPROBED), &hdev->status))
2349 return device_reprobe(dev);
2350
2351 return 0;
2352 }
2353
__hid_bus_driver_added(struct device_driver * drv,void * data)2354 static int __hid_bus_driver_added(struct device_driver *drv, void *data)
2355 {
2356 struct hid_driver *hdrv = to_hid_driver(drv);
2357
2358 if (hdrv->match) {
2359 bus_for_each_dev(&hid_bus_type, NULL, hdrv,
2360 __hid_bus_reprobe_drivers);
2361 }
2362
2363 return 0;
2364 }
2365
__bus_removed_driver(struct device_driver * drv,void * data)2366 static int __bus_removed_driver(struct device_driver *drv, void *data)
2367 {
2368 return bus_rescan_devices(&hid_bus_type);
2369 }
2370
__hid_register_driver(struct hid_driver * hdrv,struct module * owner,const char * mod_name)2371 int __hid_register_driver(struct hid_driver *hdrv, struct module *owner,
2372 const char *mod_name)
2373 {
2374 int ret;
2375
2376 hdrv->driver.name = hdrv->name;
2377 hdrv->driver.bus = &hid_bus_type;
2378 hdrv->driver.owner = owner;
2379 hdrv->driver.mod_name = mod_name;
2380
2381 INIT_LIST_HEAD(&hdrv->dyn_list);
2382 spin_lock_init(&hdrv->dyn_lock);
2383
2384 ret = driver_register(&hdrv->driver);
2385
2386 if (ret == 0)
2387 bus_for_each_drv(&hid_bus_type, NULL, NULL,
2388 __hid_bus_driver_added);
2389
2390 return ret;
2391 }
2392 EXPORT_SYMBOL_GPL(__hid_register_driver);
2393
hid_unregister_driver(struct hid_driver * hdrv)2394 void hid_unregister_driver(struct hid_driver *hdrv)
2395 {
2396 driver_unregister(&hdrv->driver);
2397 hid_free_dynids(hdrv);
2398
2399 bus_for_each_drv(&hid_bus_type, NULL, hdrv, __bus_removed_driver);
2400 }
2401 EXPORT_SYMBOL_GPL(hid_unregister_driver);
2402
hid_check_keys_pressed(struct hid_device * hid)2403 int hid_check_keys_pressed(struct hid_device *hid)
2404 {
2405 struct hid_input *hidinput;
2406 int i;
2407
2408 if (!(hid->claimed & HID_CLAIMED_INPUT))
2409 return 0;
2410
2411 list_for_each_entry(hidinput, &hid->inputs, list) {
2412 for (i = 0; i < BITS_TO_LONGS(KEY_MAX); i++)
2413 if (hidinput->input->key[i])
2414 return 1;
2415 }
2416
2417 return 0;
2418 }
2419
2420 EXPORT_SYMBOL_GPL(hid_check_keys_pressed);
2421
hid_init(void)2422 static int __init hid_init(void)
2423 {
2424 int ret;
2425
2426 if (hid_debug)
2427 pr_warn("hid_debug is now used solely for parser and driver debugging.\n"
2428 "debugfs is now used for inspecting the device (report descriptor, reports)\n");
2429
2430 ret = bus_register(&hid_bus_type);
2431 if (ret) {
2432 pr_err("can't register hid bus\n");
2433 goto err;
2434 }
2435
2436 ret = hidraw_init();
2437 if (ret)
2438 goto err_bus;
2439
2440 hid_debug_init();
2441
2442 return 0;
2443 err_bus:
2444 bus_unregister(&hid_bus_type);
2445 err:
2446 return ret;
2447 }
2448
hid_exit(void)2449 static void __exit hid_exit(void)
2450 {
2451 hid_debug_exit();
2452 hidraw_exit();
2453 bus_unregister(&hid_bus_type);
2454 hid_quirks_exit(HID_BUS_ANY);
2455 }
2456
2457 module_init(hid_init);
2458 module_exit(hid_exit);
2459
2460 MODULE_AUTHOR("Andreas Gal");
2461 MODULE_AUTHOR("Vojtech Pavlik");
2462 MODULE_AUTHOR("Jiri Kosina");
2463 MODULE_LICENSE("GPL");
2464