devconnect.c 31 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697989910010110210310410510610710810911011111211311411511611711811912012112212312412512612712812913013113213313413513613713813914014114214314414514614714814915015115215315415515615715815916016116216316416516616716816917017117217317417517617717817918018118218318418518618718818919019119219319419519619719819920020120220320420520620720820921021121221321421521621721821922022122222322422522622722822923023123223323423523623723823924024124224324424524624724824925025125225325425525625725825926026126226326426526626726826927027127227327427527627727827928028128228328428528628728828929029129229329429529629729829930030130230330430530630730830931031131231331431531631731831932032132232332432532632732832933033133233333433533633733833934034134234334434534634734834935035135235335435535635735835936036136236336436536636736836937037137237337437537637737837938038138238338438538638738838939039139239339439539639739839940040140240340440540640740840941041141241341441541641741841942042142242342442542642742842943043143243343443543643743843944044144244344444544644744844945045145245345445545645745845946046146246346446546646746846947047147247347447547647747847948048148248348448548648748848949049149249349449549649749849950050150250350450550650750850951051151251351451551651751851952052152252352452552652752852953053153253353453553653753853954054154254354454554654754854955055155255355455555655755855956056156256356456556656756856957057157257357457557657757857958058158258358458558658758858959059159259359459559659759859960060160260360460560660760860961061161261361461561661761861962062162262362462562662762862963063163263363463563663763863964064164264364464564664764864965065165265365465565665765865966066166266366466566666766866967067167267367467567667767867968068168268368468568668768868969069169269369469569669769869970070170270370470570670770870971071171271371471571671771871972072172272372472572672772872973073173273373473573673773873974074174274374474574674774874975075175275375475575675775875976076176276376476576676776876977077177277377477577677777877978078178278378478578678778878979079179279379479579679779879980080180280380480580680780880981081181281381481581681781881982082182282382482582682782882983083183283383483583683783883984084184284384484584684784884985085185285385485585685785885986086186286386486586686786886987087187287387487587687787887988088188288388488588688788888989089189289389489589689789889990090190290390490590690790890991091191291391491591691791891992092192292392492592692792892993093193293393493593693793893994094194294394494594694794894995095195295395495595695795895996096196296396496596696796896997097197297397497597697797897998098198298398498598698798898999099199299399499599699799899910001001100210031004100510061007100810091010101110121013101410151016101710181019102010211022102310241025102610271028102910301031103210331034103510361037103810391040104110421043104410451046104710481049105010511052105310541055105610571058105910601061106210631064106510661067106810691070107110721073107410751076107710781079108010811082108310841085
  1. // SPDX-License-Identifier: GPL-2.0
  2. /*
  3. * WUSB Wire Adapter: Control/Data Streaming Interface (WUSB[8])
  4. * Device Connect handling
  5. *
  6. * Copyright (C) 2006 Intel Corporation
  7. * Inaky Perez-Gonzalez <inaky.perez-gonzalez@intel.com>
  8. *
  9. * FIXME: docs
  10. * FIXME: this file needs to be broken up, it's grown too big
  11. *
  12. *
  13. * WUSB1.0[7.1, 7.5.1, ]
  14. *
  15. * WUSB device connection is kind of messy. Some background:
  16. *
  17. * When a device wants to connect it scans the UWB radio channels
  18. * looking for a WUSB Channel; a WUSB channel is defined by MMCs
  19. * (Micro Managed Commands or something like that) [see
  20. * Design-overview for more on this] .
  21. *
  22. * So, device scans the radio, finds MMCs and thus a host and checks
  23. * when the next DNTS is. It sends a Device Notification Connect
  24. * (DN_Connect); the host picks it up (through nep.c and notif.c, ends
  25. * up in wusb_devconnect_ack(), which creates a wusb_dev structure in
  26. * wusbhc->port[port_number].wusb_dev), assigns an unauth address
  27. * to the device (this means from 0x80 to 0xfe) and sends, in the MMC
  28. * a Connect Ack Information Element (ConnAck IE).
  29. *
  30. * So now the device now has a WUSB address. From now on, we use
  31. * that to talk to it in the RPipes.
  32. *
  33. * ASSUMPTIONS:
  34. *
  35. * - We use the the as device address the port number where it is
  36. * connected (port 0 doesn't exist). For unauth, it is 128 + that.
  37. *
  38. * ROADMAP:
  39. *
  40. * This file contains the logic for doing that--entry points:
  41. *
  42. * wusb_devconnect_ack() Ack a device until _acked() called.
  43. * Called by notif.c:wusb_handle_dn_connect()
  44. * when a DN_Connect is received.
  45. *
  46. * wusb_devconnect_acked() Ack done, release resources.
  47. *
  48. * wusb_handle_dn_alive() Called by notif.c:wusb_handle_dn()
  49. * for processing a DN_Alive pong from a device.
  50. *
  51. * wusb_handle_dn_disconnect()Called by notif.c:wusb_handle_dn() to
  52. * process a disconenct request from a
  53. * device.
  54. *
  55. * __wusb_dev_disable() Called by rh.c:wusbhc_rh_clear_port_feat() when
  56. * disabling a port.
  57. *
  58. * wusb_devconnect_create() Called when creating the host by
  59. * lc.c:wusbhc_create().
  60. *
  61. * wusb_devconnect_destroy() Cleanup called removing the host. Called
  62. * by lc.c:wusbhc_destroy().
  63. *
  64. * Each Wireless USB host maintains a list of DN_Connect requests
  65. * (actually we maintain a list of pending Connect Acks, the
  66. * wusbhc->ca_list).
  67. *
  68. * LIFE CYCLE OF port->wusb_dev
  69. *
  70. * Before the @wusbhc structure put()s the reference it owns for
  71. * port->wusb_dev [and clean the wusb_dev pointer], it needs to
  72. * lock @wusbhc->mutex.
  73. */
  74. #include <linux/jiffies.h>
  75. #include <linux/ctype.h>
  76. #include <linux/slab.h>
  77. #include <linux/workqueue.h>
  78. #include <linux/export.h>
  79. #include "wusbhc.h"
  80. static void wusbhc_devconnect_acked_work(struct work_struct *work);
  81. static void wusb_dev_free(struct wusb_dev *wusb_dev)
  82. {
  83. kfree(wusb_dev);
  84. }
  85. static struct wusb_dev *wusb_dev_alloc(struct wusbhc *wusbhc)
  86. {
  87. struct wusb_dev *wusb_dev;
  88. wusb_dev = kzalloc(sizeof(*wusb_dev), GFP_KERNEL);
  89. if (wusb_dev == NULL)
  90. goto err;
  91. wusb_dev->wusbhc = wusbhc;
  92. INIT_WORK(&wusb_dev->devconnect_acked_work, wusbhc_devconnect_acked_work);
  93. return wusb_dev;
  94. err:
  95. wusb_dev_free(wusb_dev);
  96. return NULL;
  97. }
  98. /*
  99. * Using the Connect-Ack list, fill out the @wusbhc Connect-Ack WUSB IE
  100. * properly so that it can be added to the MMC.
  101. *
  102. * We just get the @wusbhc->ca_list and fill out the first four ones or
  103. * less (per-spec WUSB1.0[7.5, before T7-38). If the ConnectAck WUSB
  104. * IE is not allocated, we alloc it.
  105. *
  106. * @wusbhc->mutex must be taken
  107. */
  108. static void wusbhc_fill_cack_ie(struct wusbhc *wusbhc)
  109. {
  110. unsigned cnt;
  111. struct wusb_dev *dev_itr;
  112. struct wuie_connect_ack *cack_ie;
  113. cack_ie = &wusbhc->cack_ie;
  114. cnt = 0;
  115. list_for_each_entry(dev_itr, &wusbhc->cack_list, cack_node) {
  116. cack_ie->blk[cnt].CDID = dev_itr->cdid;
  117. cack_ie->blk[cnt].bDeviceAddress = dev_itr->addr;
  118. if (++cnt >= WUIE_ELT_MAX)
  119. break;
  120. }
  121. cack_ie->hdr.bLength = sizeof(cack_ie->hdr)
  122. + cnt * sizeof(cack_ie->blk[0]);
  123. }
  124. /*
  125. * Register a new device that wants to connect
  126. *
  127. * A new device wants to connect, so we add it to the Connect-Ack
  128. * list. We give it an address in the unauthorized range (bit 8 set);
  129. * user space will have to drive authorization further on.
  130. *
  131. * @dev_addr: address to use for the device (which is also the port
  132. * number).
  133. *
  134. * @wusbhc->mutex must be taken
  135. */
  136. static struct wusb_dev *wusbhc_cack_add(struct wusbhc *wusbhc,
  137. struct wusb_dn_connect *dnc,
  138. const char *pr_cdid, u8 port_idx)
  139. {
  140. struct device *dev = wusbhc->dev;
  141. struct wusb_dev *wusb_dev;
  142. int new_connection = wusb_dn_connect_new_connection(dnc);
  143. u8 dev_addr;
  144. int result;
  145. /* Is it registered already? */
  146. list_for_each_entry(wusb_dev, &wusbhc->cack_list, cack_node)
  147. if (!memcmp(&wusb_dev->cdid, &dnc->CDID,
  148. sizeof(wusb_dev->cdid)))
  149. return wusb_dev;
  150. /* We don't have it, create an entry, register it */
  151. wusb_dev = wusb_dev_alloc(wusbhc);
  152. if (wusb_dev == NULL)
  153. return NULL;
  154. wusb_dev_init(wusb_dev);
  155. wusb_dev->cdid = dnc->CDID;
  156. wusb_dev->port_idx = port_idx;
  157. /*
  158. * Devices are always available within the cluster reservation
  159. * and since the hardware will take the intersection of the
  160. * per-device availability and the cluster reservation, the
  161. * per-device availability can simply be set to always
  162. * available.
  163. */
  164. bitmap_fill(wusb_dev->availability.bm, UWB_NUM_MAS);
  165. /* FIXME: handle reconnects instead of assuming connects are
  166. always new. */
  167. if (1 && new_connection == 0)
  168. new_connection = 1;
  169. if (new_connection) {
  170. dev_addr = (port_idx + 2) | WUSB_DEV_ADDR_UNAUTH;
  171. dev_info(dev, "Connecting new WUSB device to address %u, "
  172. "port %u\n", dev_addr, port_idx);
  173. result = wusb_set_dev_addr(wusbhc, wusb_dev, dev_addr);
  174. if (result < 0)
  175. return NULL;
  176. }
  177. wusb_dev->entry_ts = jiffies;
  178. list_add_tail(&wusb_dev->cack_node, &wusbhc->cack_list);
  179. wusbhc->cack_count++;
  180. wusbhc_fill_cack_ie(wusbhc);
  181. return wusb_dev;
  182. }
  183. /*
  184. * Remove a Connect-Ack context entry from the HCs view
  185. *
  186. * @wusbhc->mutex must be taken
  187. */
  188. static void wusbhc_cack_rm(struct wusbhc *wusbhc, struct wusb_dev *wusb_dev)
  189. {
  190. list_del_init(&wusb_dev->cack_node);
  191. wusbhc->cack_count--;
  192. wusbhc_fill_cack_ie(wusbhc);
  193. }
  194. /*
  195. * @wusbhc->mutex must be taken */
  196. static
  197. void wusbhc_devconnect_acked(struct wusbhc *wusbhc, struct wusb_dev *wusb_dev)
  198. {
  199. wusbhc_cack_rm(wusbhc, wusb_dev);
  200. if (wusbhc->cack_count)
  201. wusbhc_mmcie_set(wusbhc, 0, 0, &wusbhc->cack_ie.hdr);
  202. else
  203. wusbhc_mmcie_rm(wusbhc, &wusbhc->cack_ie.hdr);
  204. }
  205. static void wusbhc_devconnect_acked_work(struct work_struct *work)
  206. {
  207. struct wusb_dev *wusb_dev = container_of(work, struct wusb_dev,
  208. devconnect_acked_work);
  209. struct wusbhc *wusbhc = wusb_dev->wusbhc;
  210. mutex_lock(&wusbhc->mutex);
  211. wusbhc_devconnect_acked(wusbhc, wusb_dev);
  212. mutex_unlock(&wusbhc->mutex);
  213. wusb_dev_put(wusb_dev);
  214. }
  215. /*
  216. * Ack a device for connection
  217. *
  218. * FIXME: docs
  219. *
  220. * @pr_cdid: Printable CDID...hex Use @dnc->cdid for the real deal.
  221. *
  222. * So we get the connect ack IE (may have been allocated already),
  223. * find an empty connect block, an empty virtual port, create an
  224. * address with it (see below), make it an unauth addr [bit 7 set] and
  225. * set the MMC.
  226. *
  227. * Addresses: because WUSB hosts have no downstream hubs, we can do a
  228. * 1:1 mapping between 'port number' and device
  229. * address. This simplifies many things, as during this
  230. * initial connect phase the USB stack has no knowledge of
  231. * the device and hasn't assigned an address yet--we know
  232. * USB's choose_address() will use the same heuristics we
  233. * use here, so we can assume which address will be assigned.
  234. *
  235. * USB stack always assigns address 1 to the root hub, so
  236. * to the port number we add 2 (thus virtual port #0 is
  237. * addr #2).
  238. *
  239. * @wusbhc shall be referenced
  240. */
  241. static
  242. void wusbhc_devconnect_ack(struct wusbhc *wusbhc, struct wusb_dn_connect *dnc,
  243. const char *pr_cdid)
  244. {
  245. int result;
  246. struct device *dev = wusbhc->dev;
  247. struct wusb_dev *wusb_dev;
  248. struct wusb_port *port;
  249. unsigned idx;
  250. mutex_lock(&wusbhc->mutex);
  251. /* Check we are not handling it already */
  252. for (idx = 0; idx < wusbhc->ports_max; idx++) {
  253. port = wusb_port_by_idx(wusbhc, idx);
  254. if (port->wusb_dev
  255. && memcmp(&dnc->CDID, &port->wusb_dev->cdid, sizeof(dnc->CDID)) == 0)
  256. goto error_unlock;
  257. }
  258. /* Look up those fake ports we have for a free one */
  259. for (idx = 0; idx < wusbhc->ports_max; idx++) {
  260. port = wusb_port_by_idx(wusbhc, idx);
  261. if ((port->status & USB_PORT_STAT_POWER)
  262. && !(port->status & USB_PORT_STAT_CONNECTION))
  263. break;
  264. }
  265. if (idx >= wusbhc->ports_max) {
  266. dev_err(dev, "Host controller can't connect more devices "
  267. "(%u already connected); device %s rejected\n",
  268. wusbhc->ports_max, pr_cdid);
  269. /* NOTE: we could send a WUIE_Disconnect here, but we haven't
  270. * event acked, so the device will eventually timeout the
  271. * connection, right? */
  272. goto error_unlock;
  273. }
  274. /* Make sure we are using no crypto on that "virtual port" */
  275. wusbhc->set_ptk(wusbhc, idx, 0, NULL, 0);
  276. /* Grab a filled in Connect-Ack context, fill out the
  277. * Connect-Ack Wireless USB IE, set the MMC */
  278. wusb_dev = wusbhc_cack_add(wusbhc, dnc, pr_cdid, idx);
  279. if (wusb_dev == NULL)
  280. goto error_unlock;
  281. result = wusbhc_mmcie_set(wusbhc, 0, 0, &wusbhc->cack_ie.hdr);
  282. if (result < 0)
  283. goto error_unlock;
  284. /* Give the device at least 2ms (WUSB1.0[7.5.1p3]), let's do
  285. * three for a good measure */
  286. msleep(3);
  287. port->wusb_dev = wusb_dev;
  288. port->status |= USB_PORT_STAT_CONNECTION;
  289. port->change |= USB_PORT_STAT_C_CONNECTION;
  290. /* Now the port status changed to connected; hub_wq will
  291. * pick the change up and try to reset the port to bring it to
  292. * the enabled state--so this process returns up to the stack
  293. * and it calls back into wusbhc_rh_port_reset().
  294. */
  295. error_unlock:
  296. mutex_unlock(&wusbhc->mutex);
  297. return;
  298. }
  299. /*
  300. * Disconnect a Wireless USB device from its fake port
  301. *
  302. * Marks the port as disconnected so that hub_wq can pick up the change
  303. * and drops our knowledge about the device.
  304. *
  305. * Assumes there is a device connected
  306. *
  307. * @port_index: zero based port number
  308. *
  309. * NOTE: @wusbhc->mutex is locked
  310. *
  311. * WARNING: From here it is not very safe to access anything hanging off
  312. * wusb_dev
  313. */
  314. static void __wusbhc_dev_disconnect(struct wusbhc *wusbhc,
  315. struct wusb_port *port)
  316. {
  317. struct wusb_dev *wusb_dev = port->wusb_dev;
  318. port->status &= ~(USB_PORT_STAT_CONNECTION | USB_PORT_STAT_ENABLE
  319. | USB_PORT_STAT_SUSPEND | USB_PORT_STAT_RESET
  320. | USB_PORT_STAT_LOW_SPEED | USB_PORT_STAT_HIGH_SPEED);
  321. port->change |= USB_PORT_STAT_C_CONNECTION | USB_PORT_STAT_C_ENABLE;
  322. if (wusb_dev) {
  323. dev_dbg(wusbhc->dev, "disconnecting device from port %d\n", wusb_dev->port_idx);
  324. if (!list_empty(&wusb_dev->cack_node))
  325. list_del_init(&wusb_dev->cack_node);
  326. /* For the one in cack_add() */
  327. wusb_dev_put(wusb_dev);
  328. }
  329. port->wusb_dev = NULL;
  330. /* After a device disconnects, change the GTK (see [WUSB]
  331. * section 6.2.11.2). */
  332. if (wusbhc->active)
  333. wusbhc_gtk_rekey(wusbhc);
  334. /* The Wireless USB part has forgotten about the device already; now
  335. * hub_wq's timer will pick up the disconnection and remove the USB
  336. * device from the system
  337. */
  338. }
  339. /*
  340. * Refresh the list of keep alives to emit in the MMC
  341. *
  342. * We only publish the first four devices that have a coming timeout
  343. * condition. Then when we are done processing those, we go for the
  344. * next ones. We ignore the ones that have timed out already (they'll
  345. * be purged).
  346. *
  347. * This might cause the first devices to timeout the last devices in
  348. * the port array...FIXME: come up with a better algorithm?
  349. *
  350. * Note we can't do much about MMC's ops errors; we hope next refresh
  351. * will kind of handle it.
  352. *
  353. * NOTE: @wusbhc->mutex is locked
  354. */
  355. static void __wusbhc_keep_alive(struct wusbhc *wusbhc)
  356. {
  357. struct device *dev = wusbhc->dev;
  358. unsigned cnt;
  359. struct wusb_dev *wusb_dev;
  360. struct wusb_port *wusb_port;
  361. struct wuie_keep_alive *ie = &wusbhc->keep_alive_ie;
  362. unsigned keep_alives, old_keep_alives;
  363. old_keep_alives = ie->hdr.bLength - sizeof(ie->hdr);
  364. keep_alives = 0;
  365. for (cnt = 0;
  366. keep_alives < WUIE_ELT_MAX && cnt < wusbhc->ports_max;
  367. cnt++) {
  368. unsigned tt = msecs_to_jiffies(wusbhc->trust_timeout);
  369. wusb_port = wusb_port_by_idx(wusbhc, cnt);
  370. wusb_dev = wusb_port->wusb_dev;
  371. if (wusb_dev == NULL)
  372. continue;
  373. if (wusb_dev->usb_dev == NULL)
  374. continue;
  375. if (time_after(jiffies, wusb_dev->entry_ts + tt)) {
  376. dev_err(dev, "KEEPALIVE: device %u timed out\n",
  377. wusb_dev->addr);
  378. __wusbhc_dev_disconnect(wusbhc, wusb_port);
  379. } else if (time_after(jiffies, wusb_dev->entry_ts + tt/3)) {
  380. /* Approaching timeout cut off, need to refresh */
  381. ie->bDeviceAddress[keep_alives++] = wusb_dev->addr;
  382. }
  383. }
  384. if (keep_alives & 0x1) /* pad to even number ([WUSB] section 7.5.9) */
  385. ie->bDeviceAddress[keep_alives++] = 0x7f;
  386. ie->hdr.bLength = sizeof(ie->hdr) +
  387. keep_alives*sizeof(ie->bDeviceAddress[0]);
  388. if (keep_alives > 0)
  389. wusbhc_mmcie_set(wusbhc, 10, 5, &ie->hdr);
  390. else if (old_keep_alives != 0)
  391. wusbhc_mmcie_rm(wusbhc, &ie->hdr);
  392. }
  393. /*
  394. * Do a run through all devices checking for timeouts
  395. */
  396. static void wusbhc_keep_alive_run(struct work_struct *ws)
  397. {
  398. struct delayed_work *dw = to_delayed_work(ws);
  399. struct wusbhc *wusbhc = container_of(dw, struct wusbhc, keep_alive_timer);
  400. mutex_lock(&wusbhc->mutex);
  401. __wusbhc_keep_alive(wusbhc);
  402. mutex_unlock(&wusbhc->mutex);
  403. queue_delayed_work(wusbd, &wusbhc->keep_alive_timer,
  404. msecs_to_jiffies(wusbhc->trust_timeout / 2));
  405. }
  406. /*
  407. * Find the wusb_dev from its device address.
  408. *
  409. * The device can be found directly from the address (see
  410. * wusb_cack_add() for where the device address is set to port_idx
  411. * +2), except when the address is zero.
  412. */
  413. static struct wusb_dev *wusbhc_find_dev_by_addr(struct wusbhc *wusbhc, u8 addr)
  414. {
  415. int p;
  416. if (addr == 0xff) /* unconnected */
  417. return NULL;
  418. if (addr > 0) {
  419. int port = (addr & ~0x80) - 2;
  420. if (port < 0 || port >= wusbhc->ports_max)
  421. return NULL;
  422. return wusb_port_by_idx(wusbhc, port)->wusb_dev;
  423. }
  424. /* Look for the device with address 0. */
  425. for (p = 0; p < wusbhc->ports_max; p++) {
  426. struct wusb_dev *wusb_dev = wusb_port_by_idx(wusbhc, p)->wusb_dev;
  427. if (wusb_dev && wusb_dev->addr == addr)
  428. return wusb_dev;
  429. }
  430. return NULL;
  431. }
  432. /*
  433. * Handle a DN_Alive notification (WUSB1.0[7.6.1])
  434. *
  435. * This just updates the device activity timestamp and then refreshes
  436. * the keep alive IE.
  437. *
  438. * @wusbhc shall be referenced and unlocked
  439. */
  440. static void wusbhc_handle_dn_alive(struct wusbhc *wusbhc, u8 srcaddr)
  441. {
  442. struct wusb_dev *wusb_dev;
  443. mutex_lock(&wusbhc->mutex);
  444. wusb_dev = wusbhc_find_dev_by_addr(wusbhc, srcaddr);
  445. if (wusb_dev == NULL) {
  446. dev_dbg(wusbhc->dev, "ignoring DN_Alive from unconnected device %02x\n",
  447. srcaddr);
  448. } else {
  449. wusb_dev->entry_ts = jiffies;
  450. __wusbhc_keep_alive(wusbhc);
  451. }
  452. mutex_unlock(&wusbhc->mutex);
  453. }
  454. /*
  455. * Handle a DN_Connect notification (WUSB1.0[7.6.1])
  456. *
  457. * @wusbhc
  458. * @pkt_hdr
  459. * @size: Size of the buffer where the notification resides; if the
  460. * notification data suggests there should be more data than
  461. * available, an error will be signaled and the whole buffer
  462. * consumed.
  463. *
  464. * @wusbhc->mutex shall be held
  465. */
  466. static void wusbhc_handle_dn_connect(struct wusbhc *wusbhc,
  467. struct wusb_dn_hdr *dn_hdr,
  468. size_t size)
  469. {
  470. struct device *dev = wusbhc->dev;
  471. struct wusb_dn_connect *dnc;
  472. char pr_cdid[WUSB_CKHDID_STRSIZE];
  473. static const char *beacon_behaviour[] = {
  474. "reserved",
  475. "self-beacon",
  476. "directed-beacon",
  477. "no-beacon"
  478. };
  479. if (size < sizeof(*dnc)) {
  480. dev_err(dev, "DN CONNECT: short notification (%zu < %zu)\n",
  481. size, sizeof(*dnc));
  482. return;
  483. }
  484. dnc = container_of(dn_hdr, struct wusb_dn_connect, hdr);
  485. ckhdid_printf(pr_cdid, sizeof(pr_cdid), &dnc->CDID);
  486. dev_info(dev, "DN CONNECT: device %s @ %x (%s) wants to %s\n",
  487. pr_cdid,
  488. wusb_dn_connect_prev_dev_addr(dnc),
  489. beacon_behaviour[wusb_dn_connect_beacon_behavior(dnc)],
  490. wusb_dn_connect_new_connection(dnc) ? "connect" : "reconnect");
  491. /* ACK the connect */
  492. wusbhc_devconnect_ack(wusbhc, dnc, pr_cdid);
  493. }
  494. /*
  495. * Handle a DN_Disconnect notification (WUSB1.0[7.6.1])
  496. *
  497. * Device is going down -- do the disconnect.
  498. *
  499. * @wusbhc shall be referenced and unlocked
  500. */
  501. static void wusbhc_handle_dn_disconnect(struct wusbhc *wusbhc, u8 srcaddr)
  502. {
  503. struct device *dev = wusbhc->dev;
  504. struct wusb_dev *wusb_dev;
  505. mutex_lock(&wusbhc->mutex);
  506. wusb_dev = wusbhc_find_dev_by_addr(wusbhc, srcaddr);
  507. if (wusb_dev == NULL) {
  508. dev_dbg(dev, "ignoring DN DISCONNECT from unconnected device %02x\n",
  509. srcaddr);
  510. } else {
  511. dev_info(dev, "DN DISCONNECT: device 0x%02x going down\n",
  512. wusb_dev->addr);
  513. __wusbhc_dev_disconnect(wusbhc, wusb_port_by_idx(wusbhc,
  514. wusb_dev->port_idx));
  515. }
  516. mutex_unlock(&wusbhc->mutex);
  517. }
  518. /*
  519. * Handle a Device Notification coming a host
  520. *
  521. * The Device Notification comes from a host (HWA, DWA or WHCI)
  522. * wrapped in a set of headers. Somebody else has peeled off those
  523. * headers for us and we just get one Device Notifications.
  524. *
  525. * Invalid DNs (e.g., too short) are discarded.
  526. *
  527. * @wusbhc shall be referenced
  528. *
  529. * FIXMES:
  530. * - implement priorities as in WUSB1.0[Table 7-55]?
  531. */
  532. void wusbhc_handle_dn(struct wusbhc *wusbhc, u8 srcaddr,
  533. struct wusb_dn_hdr *dn_hdr, size_t size)
  534. {
  535. struct device *dev = wusbhc->dev;
  536. if (size < sizeof(struct wusb_dn_hdr)) {
  537. dev_err(dev, "DN data shorter than DN header (%d < %d)\n",
  538. (int)size, (int)sizeof(struct wusb_dn_hdr));
  539. return;
  540. }
  541. switch (dn_hdr->bType) {
  542. case WUSB_DN_CONNECT:
  543. wusbhc_handle_dn_connect(wusbhc, dn_hdr, size);
  544. break;
  545. case WUSB_DN_ALIVE:
  546. wusbhc_handle_dn_alive(wusbhc, srcaddr);
  547. break;
  548. case WUSB_DN_DISCONNECT:
  549. wusbhc_handle_dn_disconnect(wusbhc, srcaddr);
  550. break;
  551. case WUSB_DN_MASAVAILCHANGED:
  552. case WUSB_DN_RWAKE:
  553. case WUSB_DN_SLEEP:
  554. /* FIXME: handle these DNs. */
  555. break;
  556. case WUSB_DN_EPRDY:
  557. /* The hardware handles these. */
  558. break;
  559. default:
  560. dev_warn(dev, "unknown DN %u (%d octets) from %u\n",
  561. dn_hdr->bType, (int)size, srcaddr);
  562. }
  563. }
  564. EXPORT_SYMBOL_GPL(wusbhc_handle_dn);
  565. /*
  566. * Disconnect a WUSB device from a the cluster
  567. *
  568. * @wusbhc
  569. * @port Fake port where the device is (wusbhc index, not USB port number).
  570. *
  571. * In Wireless USB, a disconnect is basically telling the device he is
  572. * being disconnected and forgetting about him.
  573. *
  574. * We send the device a Device Disconnect IE (WUSB1.0[7.5.11]) for 100
  575. * ms and then keep going.
  576. *
  577. * We don't do much in case of error; we always pretend we disabled
  578. * the port and disconnected the device. If physically the request
  579. * didn't get there (many things can fail in the way there), the stack
  580. * will reject the device's communication attempts.
  581. *
  582. * @wusbhc should be refcounted and locked
  583. */
  584. void __wusbhc_dev_disable(struct wusbhc *wusbhc, u8 port_idx)
  585. {
  586. int result;
  587. struct device *dev = wusbhc->dev;
  588. struct wusb_dev *wusb_dev;
  589. struct wuie_disconnect *ie;
  590. wusb_dev = wusb_port_by_idx(wusbhc, port_idx)->wusb_dev;
  591. if (wusb_dev == NULL) {
  592. /* reset no device? ignore */
  593. dev_dbg(dev, "DISCONNECT: no device at port %u, ignoring\n",
  594. port_idx);
  595. return;
  596. }
  597. __wusbhc_dev_disconnect(wusbhc, wusb_port_by_idx(wusbhc, port_idx));
  598. ie = kzalloc(sizeof(*ie), GFP_KERNEL);
  599. if (ie == NULL)
  600. return;
  601. ie->hdr.bLength = sizeof(*ie);
  602. ie->hdr.bIEIdentifier = WUIE_ID_DEVICE_DISCONNECT;
  603. ie->bDeviceAddress = wusb_dev->addr;
  604. result = wusbhc_mmcie_set(wusbhc, 0, 0, &ie->hdr);
  605. if (result < 0)
  606. dev_err(dev, "DISCONNECT: can't set MMC: %d\n", result);
  607. else {
  608. /* At least 6 MMCs, assuming at least 1 MMC per zone. */
  609. msleep(7*4);
  610. wusbhc_mmcie_rm(wusbhc, &ie->hdr);
  611. }
  612. kfree(ie);
  613. }
  614. /*
  615. * Walk over the BOS descriptor, verify and grok it
  616. *
  617. * @usb_dev: referenced
  618. * @wusb_dev: referenced and unlocked
  619. *
  620. * The BOS descriptor is defined at WUSB1.0[7.4.1], and it defines a
  621. * "flexible" way to wrap all kinds of descriptors inside an standard
  622. * descriptor (wonder why they didn't use normal descriptors,
  623. * btw). Not like they lack code.
  624. *
  625. * At the end we go to look for the WUSB Device Capabilities
  626. * (WUSB1.0[7.4.1.1]) that is wrapped in a device capability descriptor
  627. * that is part of the BOS descriptor set. That tells us what does the
  628. * device support (dual role, beacon type, UWB PHY rates).
  629. */
  630. static int wusb_dev_bos_grok(struct usb_device *usb_dev,
  631. struct wusb_dev *wusb_dev,
  632. struct usb_bos_descriptor *bos, size_t desc_size)
  633. {
  634. ssize_t result;
  635. struct device *dev = &usb_dev->dev;
  636. void *itr, *top;
  637. /* Walk over BOS capabilities, verify them */
  638. itr = (void *)bos + sizeof(*bos);
  639. top = itr + desc_size - sizeof(*bos);
  640. while (itr < top) {
  641. struct usb_dev_cap_header *cap_hdr = itr;
  642. size_t cap_size;
  643. u8 cap_type;
  644. if (top - itr < sizeof(*cap_hdr)) {
  645. dev_err(dev, "Device BUG? premature end of BOS header "
  646. "data [offset 0x%02x]: only %zu bytes left\n",
  647. (int)(itr - (void *)bos), top - itr);
  648. result = -ENOSPC;
  649. goto error_bad_cap;
  650. }
  651. cap_size = cap_hdr->bLength;
  652. cap_type = cap_hdr->bDevCapabilityType;
  653. if (cap_size == 0)
  654. break;
  655. if (cap_size > top - itr) {
  656. dev_err(dev, "Device BUG? premature end of BOS data "
  657. "[offset 0x%02x cap %02x %zu bytes]: "
  658. "only %zu bytes left\n",
  659. (int)(itr - (void *)bos),
  660. cap_type, cap_size, top - itr);
  661. result = -EBADF;
  662. goto error_bad_cap;
  663. }
  664. switch (cap_type) {
  665. case USB_CAP_TYPE_WIRELESS_USB:
  666. if (cap_size != sizeof(*wusb_dev->wusb_cap_descr))
  667. dev_err(dev, "Device BUG? WUSB Capability "
  668. "descriptor is %zu bytes vs %zu "
  669. "needed\n", cap_size,
  670. sizeof(*wusb_dev->wusb_cap_descr));
  671. else
  672. wusb_dev->wusb_cap_descr = itr;
  673. break;
  674. default:
  675. dev_err(dev, "BUG? Unknown BOS capability 0x%02x "
  676. "(%zu bytes) at offset 0x%02x\n", cap_type,
  677. cap_size, (int)(itr - (void *)bos));
  678. }
  679. itr += cap_size;
  680. }
  681. result = 0;
  682. error_bad_cap:
  683. return result;
  684. }
  685. /*
  686. * Add information from the BOS descriptors to the device
  687. *
  688. * @usb_dev: referenced
  689. * @wusb_dev: referenced and unlocked
  690. *
  691. * So what we do is we alloc a space for the BOS descriptor of 64
  692. * bytes; read the first four bytes which include the wTotalLength
  693. * field (WUSB1.0[T7-26]) and if it fits in those 64 bytes, read the
  694. * whole thing. If not we realloc to that size.
  695. *
  696. * Then we call the groking function, that will fill up
  697. * wusb_dev->wusb_cap_descr, which is what we'll need later on.
  698. */
  699. static int wusb_dev_bos_add(struct usb_device *usb_dev,
  700. struct wusb_dev *wusb_dev)
  701. {
  702. ssize_t result;
  703. struct device *dev = &usb_dev->dev;
  704. struct usb_bos_descriptor *bos;
  705. size_t alloc_size = 32, desc_size = 4;
  706. bos = kmalloc(alloc_size, GFP_KERNEL);
  707. if (bos == NULL)
  708. return -ENOMEM;
  709. result = usb_get_descriptor(usb_dev, USB_DT_BOS, 0, bos, desc_size);
  710. if (result < 4) {
  711. dev_err(dev, "Can't get BOS descriptor or too short: %zd\n",
  712. result);
  713. goto error_get_descriptor;
  714. }
  715. desc_size = le16_to_cpu(bos->wTotalLength);
  716. if (desc_size >= alloc_size) {
  717. kfree(bos);
  718. alloc_size = desc_size;
  719. bos = kmalloc(alloc_size, GFP_KERNEL);
  720. if (bos == NULL)
  721. return -ENOMEM;
  722. }
  723. result = usb_get_descriptor(usb_dev, USB_DT_BOS, 0, bos, desc_size);
  724. if (result < 0 || result != desc_size) {
  725. dev_err(dev, "Can't get BOS descriptor or too short (need "
  726. "%zu bytes): %zd\n", desc_size, result);
  727. goto error_get_descriptor;
  728. }
  729. if (result < sizeof(*bos)
  730. || le16_to_cpu(bos->wTotalLength) != desc_size) {
  731. dev_err(dev, "Can't get BOS descriptor or too short (need "
  732. "%zu bytes): %zd\n", desc_size, result);
  733. goto error_get_descriptor;
  734. }
  735. result = wusb_dev_bos_grok(usb_dev, wusb_dev, bos, result);
  736. if (result < 0)
  737. goto error_bad_bos;
  738. wusb_dev->bos = bos;
  739. return 0;
  740. error_bad_bos:
  741. error_get_descriptor:
  742. kfree(bos);
  743. wusb_dev->wusb_cap_descr = NULL;
  744. return result;
  745. }
  746. static void wusb_dev_bos_rm(struct wusb_dev *wusb_dev)
  747. {
  748. kfree(wusb_dev->bos);
  749. wusb_dev->wusb_cap_descr = NULL;
  750. };
  751. /*
  752. * USB stack's device addition Notifier Callback
  753. *
  754. * Called from drivers/usb/core/hub.c when a new device is added; we
  755. * use this hook to perform certain WUSB specific setup work on the
  756. * new device. As well, it is the first time we can connect the
  757. * wusb_dev and the usb_dev. So we note it down in wusb_dev and take a
  758. * reference that we'll drop.
  759. *
  760. * First we need to determine if the device is a WUSB device (else we
  761. * ignore it). For that we use the speed setting (USB_SPEED_WIRELESS)
  762. * [FIXME: maybe we'd need something more definitive]. If so, we track
  763. * it's usb_busd and from there, the WUSB HC.
  764. *
  765. * Because all WUSB HCs are contained in a 'struct wusbhc', voila, we
  766. * get the wusbhc for the device.
  767. *
  768. * We have a reference on @usb_dev (as we are called at the end of its
  769. * enumeration).
  770. *
  771. * NOTE: @usb_dev locked
  772. */
  773. static void wusb_dev_add_ncb(struct usb_device *usb_dev)
  774. {
  775. int result = 0;
  776. struct wusb_dev *wusb_dev;
  777. struct wusbhc *wusbhc;
  778. struct device *dev = &usb_dev->dev;
  779. u8 port_idx;
  780. if (usb_dev->wusb == 0 || usb_dev->devnum == 1)
  781. return; /* skip non wusb and wusb RHs */
  782. usb_set_device_state(usb_dev, USB_STATE_UNAUTHENTICATED);
  783. wusbhc = wusbhc_get_by_usb_dev(usb_dev);
  784. if (wusbhc == NULL)
  785. goto error_nodev;
  786. mutex_lock(&wusbhc->mutex);
  787. wusb_dev = __wusb_dev_get_by_usb_dev(wusbhc, usb_dev);
  788. port_idx = wusb_port_no_to_idx(usb_dev->portnum);
  789. mutex_unlock(&wusbhc->mutex);
  790. if (wusb_dev == NULL)
  791. goto error_nodev;
  792. wusb_dev->usb_dev = usb_get_dev(usb_dev);
  793. usb_dev->wusb_dev = wusb_dev_get(wusb_dev);
  794. result = wusb_dev_sec_add(wusbhc, usb_dev, wusb_dev);
  795. if (result < 0) {
  796. dev_err(dev, "Cannot enable security: %d\n", result);
  797. goto error_sec_add;
  798. }
  799. /* Now query the device for it's BOS and attach it to wusb_dev */
  800. result = wusb_dev_bos_add(usb_dev, wusb_dev);
  801. if (result < 0) {
  802. dev_err(dev, "Cannot get BOS descriptors: %d\n", result);
  803. goto error_bos_add;
  804. }
  805. result = wusb_dev_sysfs_add(wusbhc, usb_dev, wusb_dev);
  806. if (result < 0)
  807. goto error_add_sysfs;
  808. out:
  809. wusb_dev_put(wusb_dev);
  810. wusbhc_put(wusbhc);
  811. error_nodev:
  812. return;
  813. error_add_sysfs:
  814. wusb_dev_bos_rm(wusb_dev);
  815. error_bos_add:
  816. wusb_dev_sec_rm(wusb_dev);
  817. error_sec_add:
  818. mutex_lock(&wusbhc->mutex);
  819. __wusbhc_dev_disconnect(wusbhc, wusb_port_by_idx(wusbhc, port_idx));
  820. mutex_unlock(&wusbhc->mutex);
  821. goto out;
  822. }
  823. /*
  824. * Undo all the steps done at connection by the notifier callback
  825. *
  826. * NOTE: @usb_dev locked
  827. */
  828. static void wusb_dev_rm_ncb(struct usb_device *usb_dev)
  829. {
  830. struct wusb_dev *wusb_dev = usb_dev->wusb_dev;
  831. if (usb_dev->wusb == 0 || usb_dev->devnum == 1)
  832. return; /* skip non wusb and wusb RHs */
  833. wusb_dev_sysfs_rm(wusb_dev);
  834. wusb_dev_bos_rm(wusb_dev);
  835. wusb_dev_sec_rm(wusb_dev);
  836. wusb_dev->usb_dev = NULL;
  837. usb_dev->wusb_dev = NULL;
  838. wusb_dev_put(wusb_dev);
  839. usb_put_dev(usb_dev);
  840. }
  841. /*
  842. * Handle notifications from the USB stack (notifier call back)
  843. *
  844. * This is called when the USB stack does a
  845. * usb_{bus,device}_{add,remove}() so we can do WUSB specific
  846. * handling. It is called with [for the case of
  847. * USB_DEVICE_{ADD,REMOVE} with the usb_dev locked.
  848. */
  849. int wusb_usb_ncb(struct notifier_block *nb, unsigned long val,
  850. void *priv)
  851. {
  852. int result = NOTIFY_OK;
  853. switch (val) {
  854. case USB_DEVICE_ADD:
  855. wusb_dev_add_ncb(priv);
  856. break;
  857. case USB_DEVICE_REMOVE:
  858. wusb_dev_rm_ncb(priv);
  859. break;
  860. case USB_BUS_ADD:
  861. /* ignore (for now) */
  862. case USB_BUS_REMOVE:
  863. break;
  864. default:
  865. WARN_ON(1);
  866. result = NOTIFY_BAD;
  867. }
  868. return result;
  869. }
  870. /*
  871. * Return a referenced wusb_dev given a @wusbhc and @usb_dev
  872. */
  873. struct wusb_dev *__wusb_dev_get_by_usb_dev(struct wusbhc *wusbhc,
  874. struct usb_device *usb_dev)
  875. {
  876. struct wusb_dev *wusb_dev;
  877. u8 port_idx;
  878. port_idx = wusb_port_no_to_idx(usb_dev->portnum);
  879. BUG_ON(port_idx > wusbhc->ports_max);
  880. wusb_dev = wusb_port_by_idx(wusbhc, port_idx)->wusb_dev;
  881. if (wusb_dev != NULL) /* ops, device is gone */
  882. wusb_dev_get(wusb_dev);
  883. return wusb_dev;
  884. }
  885. EXPORT_SYMBOL_GPL(__wusb_dev_get_by_usb_dev);
  886. void wusb_dev_destroy(struct kref *_wusb_dev)
  887. {
  888. struct wusb_dev *wusb_dev = container_of(_wusb_dev, struct wusb_dev, refcnt);
  889. list_del_init(&wusb_dev->cack_node);
  890. wusb_dev_free(wusb_dev);
  891. }
  892. EXPORT_SYMBOL_GPL(wusb_dev_destroy);
  893. /*
  894. * Create all the device connect handling infrastructure
  895. *
  896. * This is basically the device info array, Connect Acknowledgement
  897. * (cack) lists, keep-alive timers (and delayed work thread).
  898. */
  899. int wusbhc_devconnect_create(struct wusbhc *wusbhc)
  900. {
  901. wusbhc->keep_alive_ie.hdr.bIEIdentifier = WUIE_ID_KEEP_ALIVE;
  902. wusbhc->keep_alive_ie.hdr.bLength = sizeof(wusbhc->keep_alive_ie.hdr);
  903. INIT_DELAYED_WORK(&wusbhc->keep_alive_timer, wusbhc_keep_alive_run);
  904. wusbhc->cack_ie.hdr.bIEIdentifier = WUIE_ID_CONNECTACK;
  905. wusbhc->cack_ie.hdr.bLength = sizeof(wusbhc->cack_ie.hdr);
  906. INIT_LIST_HEAD(&wusbhc->cack_list);
  907. return 0;
  908. }
  909. /*
  910. * Release all resources taken by the devconnect stuff
  911. */
  912. void wusbhc_devconnect_destroy(struct wusbhc *wusbhc)
  913. {
  914. /* no op */
  915. }
  916. /*
  917. * wusbhc_devconnect_start - start accepting device connections
  918. * @wusbhc: the WUSB HC
  919. *
  920. * Sets the Host Info IE to accept all new connections.
  921. *
  922. * FIXME: This also enables the keep alives but this is not necessary
  923. * until there are connected and authenticated devices.
  924. */
  925. int wusbhc_devconnect_start(struct wusbhc *wusbhc)
  926. {
  927. struct device *dev = wusbhc->dev;
  928. struct wuie_host_info *hi;
  929. int result;
  930. hi = kzalloc(sizeof(*hi), GFP_KERNEL);
  931. if (hi == NULL)
  932. return -ENOMEM;
  933. hi->hdr.bLength = sizeof(*hi);
  934. hi->hdr.bIEIdentifier = WUIE_ID_HOST_INFO;
  935. hi->attributes = cpu_to_le16((wusbhc->rsv->stream << 3) | WUIE_HI_CAP_ALL);
  936. hi->CHID = wusbhc->chid;
  937. result = wusbhc_mmcie_set(wusbhc, 0, 0, &hi->hdr);
  938. if (result < 0) {
  939. dev_err(dev, "Cannot add Host Info MMCIE: %d\n", result);
  940. goto error_mmcie_set;
  941. }
  942. wusbhc->wuie_host_info = hi;
  943. queue_delayed_work(wusbd, &wusbhc->keep_alive_timer,
  944. msecs_to_jiffies(wusbhc->trust_timeout / 2));
  945. return 0;
  946. error_mmcie_set:
  947. kfree(hi);
  948. return result;
  949. }
  950. /*
  951. * wusbhc_devconnect_stop - stop managing connected devices
  952. * @wusbhc: the WUSB HC
  953. *
  954. * Disconnects any devices still connected, stops the keep alives and
  955. * removes the Host Info IE.
  956. */
  957. void wusbhc_devconnect_stop(struct wusbhc *wusbhc)
  958. {
  959. int i;
  960. mutex_lock(&wusbhc->mutex);
  961. for (i = 0; i < wusbhc->ports_max; i++) {
  962. if (wusbhc->port[i].wusb_dev)
  963. __wusbhc_dev_disconnect(wusbhc, &wusbhc->port[i]);
  964. }
  965. mutex_unlock(&wusbhc->mutex);
  966. cancel_delayed_work_sync(&wusbhc->keep_alive_timer);
  967. wusbhc_mmcie_rm(wusbhc, &wusbhc->wuie_host_info->hdr);
  968. kfree(wusbhc->wuie_host_info);
  969. wusbhc->wuie_host_info = NULL;
  970. }
  971. /*
  972. * wusb_set_dev_addr - set the WUSB device address used by the host
  973. * @wusbhc: the WUSB HC the device is connect to
  974. * @wusb_dev: the WUSB device
  975. * @addr: new device address
  976. */
  977. int wusb_set_dev_addr(struct wusbhc *wusbhc, struct wusb_dev *wusb_dev, u8 addr)
  978. {
  979. int result;
  980. wusb_dev->addr = addr;
  981. result = wusbhc->dev_info_set(wusbhc, wusb_dev);
  982. if (result < 0)
  983. dev_err(wusbhc->dev, "device %d: failed to set device "
  984. "address\n", wusb_dev->port_idx);
  985. else
  986. dev_info(wusbhc->dev, "device %d: %s addr %u\n",
  987. wusb_dev->port_idx,
  988. (addr & WUSB_DEV_ADDR_UNAUTH) ? "unauth" : "auth",
  989. wusb_dev->addr);
  990. return result;
  991. }