Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm-4.9 / 1cc4f16c4144096fbb11bac089042c27760993b1 / . / drivers / usb / gadget / function / f_qc_rndis.c
blob: a8e70929db0f1aca2678eac9172e3e30b3364566 [file] [log] [blame]
Chandana Kishori Chiluveru50a21842017-11-06 14:54:24 +0530[diff] [blame]1/*
2 * f_qc_rndis.c -- RNDIS link function driver
3 *
4 * Copyright (C) 2003-2005,2008 David Brownell
5 * Copyright (C) 2003-2004 Robert Schwebel, Benedikt Spranger
6 * Copyright (C) 2008 Nokia Corporation
7 * Copyright (C) 2009 Samsung Electronics
8 * Author: Michal Nazarewicz (mina86@mina86.com)
9 * Copyright (c) 2012-2017, The Linux Foundation. All rights reserved.
10 *
11 * This program is free software; you can redistribute it and/or modify
12 * it under the terms of the GNU General Public License version 2
13 *
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
18 */
19
20/* #define VERBOSE_DEBUG */
21
22#include <linux/slab.h>
23#include <linux/kernel.h>
24#include <linux/module.h>
25#include <linux/device.h>
26#include <linux/etherdevice.h>
27
28#include <linux/atomic.h>
29
30#include "u_ether.h"
31#include "rndis.h"
32#include "u_data_ipa.h"
33#include <linux/rndis_ipa.h>
34#include "configfs.h"
35
36unsigned int rndis_dl_max_xfer_size = 9216;
37module_param(rndis_dl_max_xfer_size, uint, 0644);
38MODULE_PARM_DESC(rndis_dl_max_xfer_size,
39 "Max size of bus transfer to host");
40
41static struct class *rndis_class;
42static dev_t rndis_dev;
43static DEFINE_IDA(chardev_ida);
44
45/*
46 * This function is an RNDIS Ethernet port -- a Microsoft protocol that's
47 * been promoted instead of the standard CDC Ethernet. The published RNDIS
48 * spec is ambiguous, incomplete, and needlessly complex. Variants such as
49 * ActiveSync have even worse status in terms of specification.
50 *
51 * In short: it's a protocol controlled by (and for) Microsoft, not for an
52 * Open ecosystem or markets. Linux supports it *only* because Microsoft
53 * doesn't support the CDC Ethernet standard.
54 *
55 * The RNDIS data transfer model is complex, with multiple Ethernet packets
56 * per USB message, and out of band data. The control model is built around
57 * what's essentially an "RNDIS RPC" protocol. It's all wrapped in a CDC ACM
58 * (modem, not Ethernet) veneer, with those ACM descriptors being entirely
59 * useless (they're ignored). RNDIS expects to be the only function in its
60 * configuration, so it's no real help if you need composite devices; and
61 * it expects to be the first configuration too.
62 *
63 * There is a single technical advantage of RNDIS over CDC Ethernet, if you
64 * discount the fluff that its RPC can be made to deliver: it doesn't need
65 * a NOP altsetting for the data interface. That lets it work on some of the
66 * "so smart it's stupid" hardware which takes over configuration changes
67 * from the software, and adds restrictions like "no altsettings".
68 *
69 * Unfortunately MSFT's RNDIS drivers are buggy. They hang or oops, and
70 * have all sorts of contrary-to-specification oddities that can prevent
71 * them from working sanely. Since bugfixes (or accurate specs, letting
72 * Linux work around those bugs) are unlikely to ever come from MSFT, you
73 * may want to avoid using RNDIS on purely operational grounds.
74 *
75 * Omissions from the RNDIS 1.0 specification include:
76 *
77 * - Power management ... references data that's scattered around lots
78 * of other documentation, which is incorrect/incomplete there too.
79 *
80 * - There are various undocumented protocol requirements, like the need
81 * to send garbage in some control-OUT messages.
82 *
83 * - MS-Windows drivers sometimes emit undocumented requests.
84 *
85 * This function is based on RNDIS link function driver and
86 * contains MSM specific implementation.
87 */
88
89struct f_rndis_qc {
90 struct usb_function func;
91 u8 ctrl_id, data_id;
92 u8 ethaddr[ETH_ALEN];
93 u32 vendorID;
94 u8 ul_max_pkt_per_xfer;
95 u8 pkt_alignment_factor;
96 u32 max_pkt_size;
97 const char *manufacturer;
98 struct rndis_params *params;
99 atomic_t ioctl_excl;
100 atomic_t open_excl;
101
102 struct usb_ep *notify;
103 struct usb_request *notify_req;
104 atomic_t notify_count;
105 struct gadget_ipa_port bam_port;
106 struct cdev cdev;
107 struct device *dev;
108 u8 port_num;
109 u16 cdc_filter;
110 bool net_ready_trigger;
111};
112
113static struct ipa_usb_init_params rndis_ipa_params;
114static spinlock_t rndis_lock;
115static bool rndis_ipa_supported;
116static void rndis_qc_open(struct f_rndis_qc *rndis);
117
118static inline struct f_rndis_qc *func_to_rndis_qc(struct usb_function *f)
119{
120 return container_of(f, struct f_rndis_qc, func);
121}
122
123/* peak (theoretical) bulk transfer rate in bits-per-second */
124static unsigned int rndis_qc_bitrate(struct usb_gadget *g)
125{
126 if (gadget_is_superspeed(g) && g->speed == USB_SPEED_SUPER)
127 return 13 * 1024 * 8 * 1000 * 8;
128 else if (gadget_is_dualspeed(g) && g->speed == USB_SPEED_HIGH)
129 return 13 * 512 * 8 * 1000 * 8;
130 else
131 return 19 * 64 * 1 * 1000 * 8;
132}
133
134/*-------------------------------------------------------------------------*/
135
136#define RNDIS_QC_LOG2_STATUS_INTERVAL_MSEC 5 /* 1 << 5 == 32 msec */
137#define RNDIS_QC_STATUS_BYTECOUNT 8 /* 8 bytes data */
138
139/* currently only one rndis instance is supported - port
140 * index 0.
141 */
142#define RNDIS_QC_NO_PORTS 1
143#define RNDIS_QC_ACTIVE_PORT 0
144
145/* default max packets per tarnsfer value */
146#define DEFAULT_MAX_PKT_PER_XFER 15
147
148/* default pkt alignment factor */
149#define DEFAULT_PKT_ALIGNMENT_FACTOR 4
150
151#define RNDIS_QC_IOCTL_MAGIC 'i'
152#define RNDIS_QC_GET_MAX_PKT_PER_XFER _IOR(RNDIS_QC_IOCTL_MAGIC, 1, u8)
153#define RNDIS_QC_GET_MAX_PKT_SIZE _IOR(RNDIS_QC_IOCTL_MAGIC, 2, u32)
154
155
156/* interface descriptor: */
157
158/* interface descriptor: Supports "Wireless" RNDIS; auto-detected by Windows*/
159static struct usb_interface_descriptor rndis_qc_control_intf = {
160 .bLength = sizeof(rndis_qc_control_intf),
161 .bDescriptorType = USB_DT_INTERFACE,
162
163 /* .bInterfaceNumber = DYNAMIC */
164 /* status endpoint is optional; this could be patched later */
165 .bNumEndpoints = 1,
166 .bInterfaceClass = USB_CLASS_WIRELESS_CONTROLLER,
167 .bInterfaceSubClass = 0x01,
168 .bInterfaceProtocol = 0x03,
169 /* .iInterface = DYNAMIC */
170};
171
172static struct usb_cdc_header_desc rndis_qc_header_desc = {
173 .bLength = sizeof(rndis_qc_header_desc),
174 .bDescriptorType = USB_DT_CS_INTERFACE,
175 .bDescriptorSubType = USB_CDC_HEADER_TYPE,
176
177 .bcdCDC = cpu_to_le16(0x0110),
178};
179
180static struct usb_cdc_call_mgmt_descriptor rndis_qc_call_mgmt_descriptor = {
181 .bLength = sizeof(rndis_qc_call_mgmt_descriptor),
182 .bDescriptorType = USB_DT_CS_INTERFACE,
183 .bDescriptorSubType = USB_CDC_CALL_MANAGEMENT_TYPE,
184
185 .bmCapabilities = 0x00,
186 .bDataInterface = 0x01,
187};
188
189static struct usb_cdc_acm_descriptor rndis_qc_acm_descriptor = {
190 .bLength = sizeof(rndis_qc_acm_descriptor),
191 .bDescriptorType = USB_DT_CS_INTERFACE,
192 .bDescriptorSubType = USB_CDC_ACM_TYPE,
193
194 .bmCapabilities = 0x00,
195};
196
197static struct usb_cdc_union_desc rndis_qc_union_desc = {
198 .bLength = sizeof(rndis_qc_union_desc),
199 .bDescriptorType = USB_DT_CS_INTERFACE,
200 .bDescriptorSubType = USB_CDC_UNION_TYPE,
201 /* .bMasterInterface0 = DYNAMIC */
202 /* .bSlaveInterface0 = DYNAMIC */
203};
204
205/* the data interface has two bulk endpoints */
206
207static struct usb_interface_descriptor rndis_qc_data_intf = {
208 .bLength = sizeof(rndis_qc_data_intf),
209 .bDescriptorType = USB_DT_INTERFACE,
210
211 /* .bInterfaceNumber = DYNAMIC */
212 .bNumEndpoints = 2,
213 .bInterfaceClass = USB_CLASS_CDC_DATA,
214 .bInterfaceSubClass = 0,
215 .bInterfaceProtocol = 0,
216 /* .iInterface = DYNAMIC */
217};
218
219
220/* Supports "Wireless" RNDIS; auto-detected by Windows */
221static struct usb_interface_assoc_descriptor
222rndis_qc_iad_descriptor = {
223 .bLength = sizeof(rndis_qc_iad_descriptor),
224 .bDescriptorType = USB_DT_INTERFACE_ASSOCIATION,
225 .bFirstInterface = 0, /* XXX, hardcoded */
226 .bInterfaceCount = 2, /* control + data */
227 .bFunctionClass = USB_CLASS_WIRELESS_CONTROLLER,
228 .bFunctionSubClass = 0x01,
229 .bFunctionProtocol = 0x03,
230 /* .iFunction = DYNAMIC */
231};
232
233/* full speed support: */
234
235static struct usb_endpoint_descriptor rndis_qc_fs_notify_desc = {
236 .bLength = USB_DT_ENDPOINT_SIZE,
237 .bDescriptorType = USB_DT_ENDPOINT,
238
239 .bEndpointAddress = USB_DIR_IN,
240 .bmAttributes = USB_ENDPOINT_XFER_INT,
241 .wMaxPacketSize = cpu_to_le16(RNDIS_QC_STATUS_BYTECOUNT),
242 .bInterval = 1 << RNDIS_QC_LOG2_STATUS_INTERVAL_MSEC,
243};
244
245static struct usb_endpoint_descriptor rndis_qc_fs_in_desc = {
246 .bLength = USB_DT_ENDPOINT_SIZE,
247 .bDescriptorType = USB_DT_ENDPOINT,
248
249 .bEndpointAddress = USB_DIR_IN,
250 .bmAttributes = USB_ENDPOINT_XFER_BULK,
251};
252
253static struct usb_endpoint_descriptor rndis_qc_fs_out_desc = {
254 .bLength = USB_DT_ENDPOINT_SIZE,
255 .bDescriptorType = USB_DT_ENDPOINT,
256
257 .bEndpointAddress = USB_DIR_OUT,
258 .bmAttributes = USB_ENDPOINT_XFER_BULK,
259};
260
261static struct usb_descriptor_header *eth_qc_fs_function[] = {
262 (struct usb_descriptor_header *) &rndis_qc_iad_descriptor,
263 /* control interface matches ACM, not Ethernet */
264 (struct usb_descriptor_header *) &rndis_qc_control_intf,
265 (struct usb_descriptor_header *) &rndis_qc_header_desc,
266 (struct usb_descriptor_header *) &rndis_qc_call_mgmt_descriptor,
267 (struct usb_descriptor_header *) &rndis_qc_acm_descriptor,
268 (struct usb_descriptor_header *) &rndis_qc_union_desc,
269 (struct usb_descriptor_header *) &rndis_qc_fs_notify_desc,
270 /* data interface has no altsetting */
271 (struct usb_descriptor_header *) &rndis_qc_data_intf,
272 (struct usb_descriptor_header *) &rndis_qc_fs_in_desc,
273 (struct usb_descriptor_header *) &rndis_qc_fs_out_desc,
274 NULL,
275};
276
277/* high speed support: */
278
279static struct usb_endpoint_descriptor rndis_qc_hs_notify_desc = {
280 .bLength = USB_DT_ENDPOINT_SIZE,
281 .bDescriptorType = USB_DT_ENDPOINT,
282
283 .bEndpointAddress = USB_DIR_IN,
284 .bmAttributes = USB_ENDPOINT_XFER_INT,
285 .wMaxPacketSize = cpu_to_le16(RNDIS_QC_STATUS_BYTECOUNT),
286 .bInterval = RNDIS_QC_LOG2_STATUS_INTERVAL_MSEC + 4,
287};
288static struct usb_endpoint_descriptor rndis_qc_hs_in_desc = {
289 .bLength = USB_DT_ENDPOINT_SIZE,
290 .bDescriptorType = USB_DT_ENDPOINT,
291
292 .bEndpointAddress = USB_DIR_IN,
293 .bmAttributes = USB_ENDPOINT_XFER_BULK,
294 .wMaxPacketSize = cpu_to_le16(512),
295};
296
297static struct usb_endpoint_descriptor rndis_qc_hs_out_desc = {
298 .bLength = USB_DT_ENDPOINT_SIZE,
299 .bDescriptorType = USB_DT_ENDPOINT,
300
301 .bEndpointAddress = USB_DIR_OUT,
302 .bmAttributes = USB_ENDPOINT_XFER_BULK,
303 .wMaxPacketSize = cpu_to_le16(512),
304};
305
306static struct usb_descriptor_header *eth_qc_hs_function[] = {
307 (struct usb_descriptor_header *) &rndis_qc_iad_descriptor,
308 /* control interface matches ACM, not Ethernet */
309 (struct usb_descriptor_header *) &rndis_qc_control_intf,
310 (struct usb_descriptor_header *) &rndis_qc_header_desc,
311 (struct usb_descriptor_header *) &rndis_qc_call_mgmt_descriptor,
312 (struct usb_descriptor_header *) &rndis_qc_acm_descriptor,
313 (struct usb_descriptor_header *) &rndis_qc_union_desc,
314 (struct usb_descriptor_header *) &rndis_qc_hs_notify_desc,
315 /* data interface has no altsetting */
316 (struct usb_descriptor_header *) &rndis_qc_data_intf,
317 (struct usb_descriptor_header *) &rndis_qc_hs_in_desc,
318 (struct usb_descriptor_header *) &rndis_qc_hs_out_desc,
319 NULL,
320};
321
322/* super speed support: */
323
324static struct usb_endpoint_descriptor rndis_qc_ss_notify_desc = {
325 .bLength = USB_DT_ENDPOINT_SIZE,
326 .bDescriptorType = USB_DT_ENDPOINT,
327
328 .bEndpointAddress = USB_DIR_IN,
329 .bmAttributes = USB_ENDPOINT_XFER_INT,
330 .wMaxPacketSize = cpu_to_le16(RNDIS_QC_STATUS_BYTECOUNT),
331 .bInterval = RNDIS_QC_LOG2_STATUS_INTERVAL_MSEC + 4,
332};
333
334static struct usb_ss_ep_comp_descriptor ss_intr_comp_desc = {
335 .bLength = sizeof(ss_intr_comp_desc),
336 .bDescriptorType = USB_DT_SS_ENDPOINT_COMP,
337
338 /* the following 3 values can be tweaked if necessary */
339 /* .bMaxBurst = 0, */
340 /* .bmAttributes = 0, */
341 .wBytesPerInterval = cpu_to_le16(RNDIS_QC_STATUS_BYTECOUNT),
342};
343
344static struct usb_ss_ep_comp_descriptor rndis_qc_ss_intr_comp_desc = {
345 .bLength = sizeof(ss_intr_comp_desc),
346 .bDescriptorType = USB_DT_SS_ENDPOINT_COMP,
347
348 /* the following 3 values can be tweaked if necessary */
349 /* .bMaxBurst = 0, */
350 /* .bmAttributes = 0, */
351 .wBytesPerInterval = cpu_to_le16(RNDIS_QC_STATUS_BYTECOUNT),
352};
353
354static struct usb_ss_ep_comp_descriptor ss_bulk_comp_desc = {
355 .bLength = sizeof(ss_bulk_comp_desc),
356 .bDescriptorType = USB_DT_SS_ENDPOINT_COMP,
357
358 /* the following 2 values can be tweaked if necessary */
359 /* .bMaxBurst = 0, */
360 /* .bmAttributes = 0, */
361};
362
363static struct usb_endpoint_descriptor rndis_qc_ss_in_desc = {
364 .bLength = USB_DT_ENDPOINT_SIZE,
365 .bDescriptorType = USB_DT_ENDPOINT,
366
367 .bEndpointAddress = USB_DIR_IN,
368 .bmAttributes = USB_ENDPOINT_XFER_BULK,
369 .wMaxPacketSize = cpu_to_le16(1024),
370};
371
372static struct usb_endpoint_descriptor rndis_qc_ss_out_desc = {
373 .bLength = USB_DT_ENDPOINT_SIZE,
374 .bDescriptorType = USB_DT_ENDPOINT,
375
376 .bEndpointAddress = USB_DIR_OUT,
377 .bmAttributes = USB_ENDPOINT_XFER_BULK,
378 .wMaxPacketSize = cpu_to_le16(1024),
379};
380
381static struct usb_ss_ep_comp_descriptor rndis_qc_ss_bulk_comp_desc = {
382 .bLength = sizeof(ss_bulk_comp_desc),
383 .bDescriptorType = USB_DT_SS_ENDPOINT_COMP,
384
385 /* the following 2 values can be tweaked if necessary */
386 /* .bMaxBurst = 0, */
387 /* .bmAttributes = 0, */
388};
389
390static struct usb_descriptor_header *eth_qc_ss_function[] = {
391 (struct usb_descriptor_header *) &rndis_qc_iad_descriptor,
392
393 /* control interface matches ACM, not Ethernet */
394 (struct usb_descriptor_header *) &rndis_qc_control_intf,
395 (struct usb_descriptor_header *) &rndis_qc_header_desc,
396 (struct usb_descriptor_header *) &rndis_qc_call_mgmt_descriptor,
397 (struct usb_descriptor_header *) &rndis_qc_acm_descriptor,
398 (struct usb_descriptor_header *) &rndis_qc_union_desc,
399 (struct usb_descriptor_header *) &rndis_qc_ss_notify_desc,
400 (struct usb_descriptor_header *) &rndis_qc_ss_intr_comp_desc,
401
402 /* data interface has no altsetting */
403 (struct usb_descriptor_header *) &rndis_qc_data_intf,
404 (struct usb_descriptor_header *) &rndis_qc_ss_in_desc,
405 (struct usb_descriptor_header *) &rndis_qc_ss_bulk_comp_desc,
406 (struct usb_descriptor_header *) &rndis_qc_ss_out_desc,
407 (struct usb_descriptor_header *) &rndis_qc_ss_bulk_comp_desc,
408 NULL,
409};
410
411/* string descriptors: */
412
413static struct usb_string rndis_qc_string_defs[] = {
414 [0].s = "RNDIS Communications Control",
415 [1].s = "RNDIS Ethernet Data",
416 [2].s = "RNDIS",
417 { } /* end of list */
418};
419
420static struct usb_gadget_strings rndis_qc_string_table = {
421 .language = 0x0409, /* en-us */
422 .strings = rndis_qc_string_defs,
423};
424
425static struct usb_gadget_strings *rndis_qc_strings[] = {
426 &rndis_qc_string_table,
427 NULL,
428};
429
430struct f_rndis_qc *_rndis_qc;
431
432static inline int rndis_qc_lock(atomic_t *excl)
433{
434 if (atomic_inc_return(excl) == 1)
435 return 0;
436
437 atomic_dec(excl);
438 return -EBUSY;
439}
440
441static inline void rndis_qc_unlock(atomic_t *excl)
442{
443 atomic_dec(excl);
444}
445
446/*-------------------------------------------------------------------------*/
447
448static void rndis_qc_response_available(void *_rndis)
449{
450 struct f_rndis_qc *rndis = _rndis;
451 struct usb_request *req = rndis->notify_req;
452 __le32 *data = req->buf;
453 int status;
454
455 if (atomic_inc_return(&rndis->notify_count) != 1)
456 return;
457
458 if (!rndis->notify->driver_data)
459 return;
460
461 /* Send RNDIS RESPONSE_AVAILABLE notification; a
462 * USB_CDC_NOTIFY_RESPONSE_AVAILABLE "should" work too
463 *
464 * This is the only notification defined by RNDIS.
465 */
466 data[0] = cpu_to_le32(1);
467 data[1] = cpu_to_le32(0);
468
469 status = usb_ep_queue(rndis->notify, req, GFP_ATOMIC);
470 if (status) {
471 atomic_dec(&rndis->notify_count);
472 pr_info("notify/0 --> %d\n", status);
473 }
474}
475
476static void rndis_qc_response_complete(struct usb_ep *ep,
477 struct usb_request *req)
478{
479 struct f_rndis_qc *rndis;
480 int status = req->status;
481 struct usb_composite_dev *cdev;
482 struct usb_ep *notify_ep;
483
484 spin_lock(&rndis_lock);
485 rndis = _rndis_qc;
486 if (!rndis || !rndis->notify || !rndis->notify->driver_data) {
487 spin_unlock(&rndis_lock);
488 return;
489 }
490
491 if (!rndis->func.config || !rndis->func.config->cdev) {
492 pr_err("%s(): cdev or config is NULL.\n", __func__);
493 spin_unlock(&rndis_lock);
494 return;
495 }
496
497 cdev = rndis->func.config->cdev;
498
499 /* after TX:
500 * - USB_CDC_GET_ENCAPSULATED_RESPONSE (ep0/control)
501 * - RNDIS_RESPONSE_AVAILABLE (status/irq)
502 */
503 switch (status) {
504 case -ECONNRESET:
505 case -ESHUTDOWN:
506 /* connection gone */
507 atomic_set(&rndis->notify_count, 0);
508 goto out;
509 default:
510 pr_info("RNDIS %s response error %d, %d/%d\n",
511 ep->name, status,
512 req->actual, req->length);
513 /* FALLTHROUGH */
514 case 0:
515 if (ep != rndis->notify)
516 goto out;
517
518 /* handle multiple pending RNDIS_RESPONSE_AVAILABLE
519 * notifications by resending until we're done
520 */
521 if (atomic_dec_and_test(&rndis->notify_count))
522 goto out;
523 notify_ep = rndis->notify;
524 spin_unlock(&rndis_lock);
525 status = usb_ep_queue(notify_ep, req, GFP_ATOMIC);
526 if (status) {
527 spin_lock(&rndis_lock);
528 if (!_rndis_qc)
529 goto out;
530 atomic_dec(&_rndis_qc->notify_count);
531 DBG(cdev, "notify/1 --> %d\n", status);
532 spin_unlock(&rndis_lock);
533 }
534 }
535
536 return;
537
538out:
539 spin_unlock(&rndis_lock);
540}
541
542static void rndis_qc_command_complete(struct usb_ep *ep,
543 struct usb_request *req)
544{
545 struct f_rndis_qc *rndis;
546 int status;
547 rndis_init_msg_type *buf;
548 u32 ul_max_xfer_size, dl_max_xfer_size;
549
550 if (req->status != 0) {
551 pr_err("%s: RNDIS command completion error %d\n",
552 __func__, req->status);
553 return;
554 }
555
556 spin_lock(&rndis_lock);
557 rndis = _rndis_qc;
558 if (!rndis || !rndis->notify || !rndis->notify->driver_data) {
559 spin_unlock(&rndis_lock);
560 return;
561 }
562
563 /* received RNDIS command from USB_CDC_SEND_ENCAPSULATED_COMMAND */
564 status = rndis_msg_parser(rndis->params, (u8 *) req->buf);
565 if (status < 0)
566 pr_err("RNDIS command error %d, %d/%d\n",
567 status, req->actual, req->length);
568
569 buf = (rndis_init_msg_type *)req->buf;
570
571 if (buf->MessageType == RNDIS_MSG_INIT) {
572 ul_max_xfer_size = rndis_get_ul_max_xfer_size(rndis->params);
573 ipa_data_set_ul_max_xfer_size(ul_max_xfer_size);
574 /*
575 * For consistent data throughput from IPA, it is required to
576 * fine tune aggregation byte limit as 7KB. RNDIS IPA driver
577 * use provided this value to calculate aggregation byte limit
578 * and program IPA hardware for aggregation.
579 * Host provides 8KB or 16KB as Max Transfer size, hence select
580 * minimum out of host provided value and optimum transfer size
581 * to get 7KB as aggregation byte limit.
582 */
583 if (rndis_dl_max_xfer_size)
584 dl_max_xfer_size = min_t(u32, rndis_dl_max_xfer_size,
585 rndis_get_dl_max_xfer_size(rndis->params));
586 else
587 dl_max_xfer_size =
588 rndis_get_dl_max_xfer_size(rndis->params);
589 ipa_data_set_dl_max_xfer_size(dl_max_xfer_size);
590 }
591 spin_unlock(&rndis_lock);
592}
593
594static int
595rndis_qc_setup(struct usb_function *f, const struct usb_ctrlrequest *ctrl)
596{
597 struct f_rndis_qc *rndis = func_to_rndis_qc(f);
598 struct usb_composite_dev *cdev = f->config->cdev;
599 struct usb_request *req = cdev->req;
600 int value = -EOPNOTSUPP;
601 u16 w_index = le16_to_cpu(ctrl->wIndex);
602 u16 w_value = le16_to_cpu(ctrl->wValue);
603 u16 w_length = le16_to_cpu(ctrl->wLength);
604
605 /* composite driver infrastructure handles everything except
606 * CDC class messages; interface activation uses set_alt().
607 */
608 pr_debug("%s: Enter\n", __func__);
609 switch ((ctrl->bRequestType << 8) | ctrl->bRequest) {
610
611 /* RNDIS uses the CDC command encapsulation mechanism to implement
612 * an RPC scheme, with much getting/setting of attributes by OID.
613 */
614 case ((USB_DIR_OUT | USB_TYPE_CLASS | USB_RECIP_INTERFACE) << 8)
615 | USB_CDC_SEND_ENCAPSULATED_COMMAND:
616 if (w_value || w_index != rndis->ctrl_id)
617 goto invalid;
618 /* read the request; process it later */
619 value = w_length;
620 req->complete = rndis_qc_command_complete;
621 /* later, rndis_response_available() sends a notification */
622 break;
623
624 case ((USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_INTERFACE) << 8)
625 | USB_CDC_GET_ENCAPSULATED_RESPONSE:
626 if (w_value || w_index != rndis->ctrl_id)
627 goto invalid;
628 else {
629 u8 *buf;
630 u32 n;
631
632 /* return the result */
633 buf = rndis_get_next_response(rndis->params, &n);
634 if (buf) {
635 memcpy(req->buf, buf, n);
636 req->complete = rndis_qc_response_complete;
637 rndis_free_response(rndis->params, buf);
638 value = n;
639 }
640 /* else stalls ... spec says to avoid that */
641 }
642 break;
643
644 default:
645invalid:
646 VDBG(cdev, "invalid control req%02x.%02x v%04x i%04x l%d\n",
647 ctrl->bRequestType, ctrl->bRequest,
648 w_value, w_index, w_length);
649 }
650
651 /* respond with data transfer or status phase? */
652 if (value >= 0) {
653 DBG(cdev, "rndis req%02x.%02x v%04x i%04x l%d\n",
654 ctrl->bRequestType, ctrl->bRequest,
655 w_value, w_index, w_length);
656 req->context = rndis;
657 req->zero = (value < w_length);
658 req->length = value;
659 value = usb_ep_queue(cdev->gadget->ep0, req, GFP_ATOMIC);
660 if (value < 0)
661 pr_err("rndis response on err %d\n", value);
662 }
663
664 /* device either stalls (value < 0) or reports success */
665 return value;
666}
667
668struct net_device *rndis_qc_get_net(const char *netname)
669{
670 struct net_device *net_dev;
671
672 net_dev = dev_get_by_name(&init_net, netname);
673 if (!net_dev)
674 return ERR_PTR(-EINVAL);
675
676 /*
677 * Decrement net_dev refcount as it was incremented in
678 * dev_get_by_name().
679 */
680 dev_put(net_dev);
681 return net_dev;
682}
683
684static int rndis_qc_set_alt(struct usb_function *f, unsigned int intf,
685 unsigned int alt)
686{
687 struct f_rndis_qc *rndis = func_to_rndis_qc(f);
688 struct f_rndis_qc_opts *opts;
689 struct usb_composite_dev *cdev = f->config->cdev;
690 u8 src_connection_idx;
691 u8 dst_connection_idx;
692 enum usb_ctrl usb_bam_type;
693 int ret;
694
695 /* we know alt == 0 */
696
697 opts = container_of(f->fi, struct f_rndis_qc_opts, func_inst);
698 if (intf == rndis->ctrl_id) {
699 if (rndis->notify->driver_data) {
700 VDBG(cdev, "reset rndis control %d\n", intf);
701 usb_ep_disable(rndis->notify);
702 }
703 if (!rndis->notify->desc) {
704 VDBG(cdev, "init rndis ctrl %d\n", intf);
705 if (config_ep_by_speed(cdev->gadget, f, rndis->notify))
706 goto fail;
707 }
708 usb_ep_enable(rndis->notify);
709 rndis->notify->driver_data = rndis;
710
711 } else if (intf == rndis->data_id) {
712 struct net_device *net;
713
714 rndis->net_ready_trigger = false;
715 if (rndis->bam_port.in->driver_data) {
716 DBG(cdev, "reset rndis\n");
717 /* bam_port is needed for disconnecting the BAM data
718 * path. Only after the BAM data path is disconnected,
719 * we can disconnect the port from the network layer.
720 */
721 ipa_data_disconnect(&rndis->bam_port,
722 USB_IPA_FUNC_RNDIS);
723 }
724
725 if (!rndis->bam_port.in->desc || !rndis->bam_port.out->desc) {
726 DBG(cdev, "init rndis\n");
727 if (config_ep_by_speed(cdev->gadget, f,
728 rndis->bam_port.in) ||
729 config_ep_by_speed(cdev->gadget, f,
730 rndis->bam_port.out)) {
731 rndis->bam_port.in->desc = NULL;
732 rndis->bam_port.out->desc = NULL;
733 goto fail;
734 }
735 }
736
737 /* RNDIS should be in the "RNDIS uninitialized" state,
738 * either never activated or after rndis_uninit().
739 *
740 * We don't want data to flow here until a nonzero packet
741 * filter is set, at which point it enters "RNDIS data
742 * initialized" state ... but we do want the endpoints
743 * to be activated. It's a strange little state.
744 *
745 * REVISIT the RNDIS gadget code has done this wrong for a
746 * very long time. We need another call to the link layer
747 * code -- gether_updown(...bool) maybe -- to do it right.
748 */
749 rndis->cdc_filter = 0;
750
751 rndis->bam_port.cdev = cdev;
752 rndis->bam_port.func = &rndis->func;
753 ipa_data_port_select(USB_IPA_FUNC_RNDIS);
754 usb_bam_type = usb_bam_get_bam_type(cdev->gadget->name);
755
756 src_connection_idx = usb_bam_get_connection_idx(usb_bam_type,
757 IPA_P_BAM, USB_TO_PEER_PERIPHERAL, USB_BAM_DEVICE,
758 rndis->port_num);
759 dst_connection_idx = usb_bam_get_connection_idx(usb_bam_type,
760 IPA_P_BAM, PEER_PERIPHERAL_TO_USB, USB_BAM_DEVICE,
761 rndis->port_num);
762 if (src_connection_idx < 0 || dst_connection_idx < 0) {
763 pr_err("%s: usb_bam_get_connection_idx failed\n",
764 __func__);
765 return ret;
766 }
767 if (ipa_data_connect(&rndis->bam_port, USB_IPA_FUNC_RNDIS,
768 src_connection_idx, dst_connection_idx))
769 goto fail;
770
771 DBG(cdev, "RNDIS RX/TX early activation ...\n");
772 rndis_qc_open(rndis);
773 net = rndis_qc_get_net("rndis0");
774 if (IS_ERR(net))
775 return PTR_ERR(net);
776 opts->net = net;
777
778 rndis_set_param_dev(rndis->params, net,
779 &rndis->cdc_filter);
780 } else
781 goto fail;
782
783 return 0;
784fail:
785 return -EINVAL;
786}
787
788static void rndis_qc_disable(struct usb_function *f)
789{
790 struct f_rndis_qc *rndis = func_to_rndis_qc(f);
791 struct usb_composite_dev *cdev = f->config->cdev;
792 unsigned long flags;
793
794 if (!rndis->notify->driver_data)
795 return;
796
797 DBG(cdev, "rndis deactivated\n");
798
799 spin_lock_irqsave(&rndis_lock, flags);
800 rndis_uninit(rndis->params);
801 spin_unlock_irqrestore(&rndis_lock, flags);
802 ipa_data_disconnect(&rndis->bam_port, USB_IPA_FUNC_RNDIS);
803
804 msm_ep_unconfig(rndis->bam_port.out);
805 msm_ep_unconfig(rndis->bam_port.in);
806 usb_ep_disable(rndis->notify);
807 rndis->notify->driver_data = NULL;
808}
809
810static void rndis_qc_suspend(struct usb_function *f)
811{
812 struct f_rndis_qc *rndis = func_to_rndis_qc(f);
813 bool remote_wakeup_allowed;
814
815 if (f->config->cdev->gadget->speed == USB_SPEED_SUPER)
816 remote_wakeup_allowed = f->func_wakeup_allowed;
817 else
818 remote_wakeup_allowed = f->config->cdev->gadget->remote_wakeup;
819
820 pr_info("%s(): start rndis suspend: remote_wakeup_allowed:%d\n:",
821 __func__, remote_wakeup_allowed);
822
823 if (!remote_wakeup_allowed) {
824 /* This is required as Linux host side RNDIS driver doesn't
825 * send RNDIS_MESSAGE_PACKET_FILTER before suspending USB bus.
826 * Hence we perform same operations explicitly here for Linux
827 * host case. In case of windows, this RNDIS state machine is
828 * already updated due to receiving of PACKET_FILTER.
829 */
830 rndis_flow_control(rndis->params, true);
831 pr_debug("%s(): Disconnecting\n", __func__);
832 }
833
834 ipa_data_suspend(&rndis->bam_port, USB_IPA_FUNC_RNDIS,
835 remote_wakeup_allowed);
836 pr_debug("rndis suspended\n");
837}
838
839static void rndis_qc_resume(struct usb_function *f)
840{
841 struct f_rndis_qc *rndis = func_to_rndis_qc(f);
842 bool remote_wakeup_allowed;
843
844 pr_debug("%s: rndis resumed\n", __func__);
845
846 /* Nothing to do if DATA interface wasn't initialized */
847 if (!rndis->bam_port.cdev) {
848 pr_debug("data interface was not up\n");
849 return;
850 }
851
852 if (f->config->cdev->gadget->speed == USB_SPEED_SUPER)
853 remote_wakeup_allowed = f->func_wakeup_allowed;
854 else
855 remote_wakeup_allowed = f->config->cdev->gadget->remote_wakeup;
856
857 ipa_data_resume(&rndis->bam_port, USB_IPA_FUNC_RNDIS,
858 remote_wakeup_allowed);
859
860 if (!remote_wakeup_allowed) {
861 rndis_qc_open(rndis);
862 /*
863 * Linux Host doesn't sends RNDIS_MSG_INIT or non-zero value
864 * set with RNDIS_MESSAGE_PACKET_FILTER after performing bus
865 * resume. Hence trigger USB IPA transfer functionality
866 * explicitly here. For Windows host case is also being
867 * handle with RNDIS state machine.
868 */
869 rndis_flow_control(rndis->params, false);
870 }
871
872 pr_debug("%s: RNDIS resume completed\n", __func__);
873}
874
875/*-------------------------------------------------------------------------*/
876
877/*
878 * This isn't quite the same mechanism as CDC Ethernet, since the
879 * notification scheme passes less data, but the same set of link
880 * states must be tested. A key difference is that altsettings are
881 * not used to tell whether the link should send packets or not.
882 */
883
884static void rndis_qc_open(struct f_rndis_qc *rndis)
885{
886 struct usb_composite_dev *cdev = rndis->func.config->cdev;
887
888 DBG(cdev, "%s\n", __func__);
889
890 rndis_set_param_medium(rndis->params, RNDIS_MEDIUM_802_3,
891 rndis_qc_bitrate(cdev->gadget) / 100);
892 rndis_signal_connect(rndis->params);
893}
894
895void ipa_data_flow_control_enable(bool enable, struct rndis_params *param)
896{
897 if (enable)
898 ipa_data_stop_rndis_ipa(USB_IPA_FUNC_RNDIS);
899 else
900 ipa_data_start_rndis_ipa(USB_IPA_FUNC_RNDIS);
901}
902
903/*-------------------------------------------------------------------------*/
904
905/* ethernet function driver setup/binding */
906
907static int
908rndis_qc_bind(struct usb_configuration *c, struct usb_function *f)
909{
910 struct usb_composite_dev *cdev = c->cdev;
911 struct f_rndis_qc *rndis = func_to_rndis_qc(f);
912 struct rndis_params *params;
913 int status;
914 struct usb_ep *ep;
915
916 /* maybe allocate device-global string IDs */
917 if (rndis_qc_string_defs[0].id == 0) {
918
919 /* control interface label */
920 status = usb_string_id(c->cdev);
921 if (status < 0)
922 return status;
923 rndis_qc_string_defs[0].id = status;
924 rndis_qc_control_intf.iInterface = status;
925
926 /* data interface label */
927 status = usb_string_id(c->cdev);
928 if (status < 0)
929 return status;
930 rndis_qc_string_defs[1].id = status;
931 rndis_qc_data_intf.iInterface = status;
932
933 /* IAD iFunction label */
934 status = usb_string_id(c->cdev);
935 if (status < 0)
936 return status;
937 rndis_qc_string_defs[2].id = status;
938 rndis_qc_iad_descriptor.iFunction = status;
939 }
940
941 /* allocate instance-specific interface IDs */
942 status = usb_interface_id(c, f);
943 if (status < 0)
944 goto fail;
945 rndis->ctrl_id = status;
946 rndis_qc_iad_descriptor.bFirstInterface = status;
947
948 rndis_qc_control_intf.bInterfaceNumber = status;
949 rndis_qc_union_desc.bMasterInterface0 = status;
950
951 status = usb_interface_id(c, f);
952 if (status < 0)
953 goto fail;
954 rndis->data_id = status;
955
956 rndis_qc_data_intf.bInterfaceNumber = status;
957 rndis_qc_union_desc.bSlaveInterface0 = status;
958
959 status = -ENODEV;
960
961 /* allocate instance-specific endpoints */
962 ep = usb_ep_autoconfig(cdev->gadget, &rndis_qc_fs_in_desc);
963 if (!ep)
964 goto fail;
965 rndis->bam_port.in = ep;
966 ep->driver_data = cdev; /* claim */
967
968 ep = usb_ep_autoconfig(cdev->gadget, &rndis_qc_fs_out_desc);
969 if (!ep)
970 goto fail;
971 rndis->bam_port.out = ep;
972 ep->driver_data = cdev; /* claim */
973
974 /* NOTE: a status/notification endpoint is, strictly speaking,
975 * optional. We don't treat it that way though! It's simpler,
976 * and some newer profiles don't treat it as optional.
977 */
978 ep = usb_ep_autoconfig(cdev->gadget, &rndis_qc_fs_notify_desc);
979 if (!ep)
980 goto fail;
981 rndis->notify = ep;
982 ep->driver_data = cdev; /* claim */
983
984 status = -ENOMEM;
985
986 /* allocate notification request and buffer */
987 rndis->notify_req = usb_ep_alloc_request(ep, GFP_KERNEL);
988 if (!rndis->notify_req)
989 goto fail;
990 rndis->notify_req->buf = kmalloc(RNDIS_QC_STATUS_BYTECOUNT, GFP_KERNEL);
991 if (!rndis->notify_req->buf)
992 goto fail;
993 rndis->notify_req->length = RNDIS_QC_STATUS_BYTECOUNT;
994 rndis->notify_req->context = rndis;
995 rndis->notify_req->complete = rndis_qc_response_complete;
996
997 /* copy descriptors, and track endpoint copies */
998 f->fs_descriptors = usb_copy_descriptors(eth_qc_fs_function);
999 if (!f->fs_descriptors)
1000 goto fail;
1001
1002 /* support all relevant hardware speeds... we expect that when
1003 * hardware is dual speed, all bulk-capable endpoints work at
1004 * both speeds
1005 */
1006 if (gadget_is_dualspeed(c->cdev->gadget)) {
1007 rndis_qc_hs_in_desc.bEndpointAddress =
1008 rndis_qc_fs_in_desc.bEndpointAddress;
1009 rndis_qc_hs_out_desc.bEndpointAddress =
1010 rndis_qc_fs_out_desc.bEndpointAddress;
1011 rndis_qc_hs_notify_desc.bEndpointAddress =
1012 rndis_qc_fs_notify_desc.bEndpointAddress;
1013
1014 /* copy descriptors, and track endpoint copies */
1015 f->hs_descriptors = usb_copy_descriptors(eth_qc_hs_function);
1016
1017 if (!f->hs_descriptors)
1018 goto fail;
1019 }
1020
1021 if (gadget_is_superspeed(c->cdev->gadget)) {
1022 rndis_qc_ss_in_desc.bEndpointAddress =
1023 rndis_qc_fs_in_desc.bEndpointAddress;
1024 rndis_qc_ss_out_desc.bEndpointAddress =
1025 rndis_qc_fs_out_desc.bEndpointAddress;
1026 rndis_qc_ss_notify_desc.bEndpointAddress =
1027 rndis_qc_fs_notify_desc.bEndpointAddress;
1028
1029 /* copy descriptors, and track endpoint copies */
1030 f->ss_descriptors = usb_copy_descriptors(eth_qc_ss_function);
1031 if (!f->ss_descriptors)
1032 goto fail;
1033 }
1034
1035 params = rndis_register(rndis_qc_response_available, rndis,
1036 ipa_data_flow_control_enable);
1037 if (params < 0)
1038 goto fail;
1039 rndis->params = params;
1040
1041 rndis_set_param_medium(rndis->params, RNDIS_MEDIUM_802_3, 0);
1042 rndis_set_host_mac(rndis->params, rndis->ethaddr);
1043
1044 if (rndis->manufacturer && rndis->vendorID &&
1045 rndis_set_param_vendor(rndis->params, rndis->vendorID,
1046 rndis->manufacturer))
1047 goto fail;
1048
1049 pr_debug("%s(): max_pkt_per_xfer:%d\n", __func__,
1050 rndis->ul_max_pkt_per_xfer);
1051 rndis_set_max_pkt_xfer(rndis->params, rndis->ul_max_pkt_per_xfer);
1052
1053 /* In case of aggregated packets QC device will request
1054 * aliment to 4 (2^2).
1055 */
1056 pr_debug("%s(): pkt_alignment_factor:%d\n", __func__,
1057 rndis->pkt_alignment_factor);
1058 rndis_set_pkt_alignment_factor(rndis->params,
1059 rndis->pkt_alignment_factor);
1060
1061 /* NOTE: all that is done without knowing or caring about
1062 * the network link ... which is unavailable to this code
1063 * until we're activated via set_alt().
1064 */
1065
1066 DBG(cdev, "RNDIS: %s speed IN/%s OUT/%s NOTIFY/%s\n",
1067 gadget_is_superspeed(c->cdev->gadget) ? "super" :
1068 gadget_is_dualspeed(c->cdev->gadget) ? "dual" : "full",
1069 rndis->bam_port.in->name, rndis->bam_port.out->name,
1070 rndis->notify->name);
1071 return 0;
1072
1073fail:
1074 if (gadget_is_superspeed(c->cdev->gadget) && f->ss_descriptors)
1075 usb_free_descriptors(f->ss_descriptors);
1076 if (gadget_is_dualspeed(c->cdev->gadget) && f->hs_descriptors)
1077 usb_free_descriptors(f->hs_descriptors);
1078 if (f->fs_descriptors)
1079 usb_free_descriptors(f->fs_descriptors);
1080
1081 if (rndis->notify_req) {
1082 kfree(rndis->notify_req->buf);
1083 usb_ep_free_request(rndis->notify, rndis->notify_req);
1084 }
1085
1086 /* we might as well release our claims on endpoints */
1087 if (rndis->notify)
1088 rndis->notify->driver_data = NULL;
1089 if (rndis->bam_port.out->desc)
1090 rndis->bam_port.out->driver_data = NULL;
1091 if (rndis->bam_port.in->desc)
1092 rndis->bam_port.in->driver_data = NULL;
1093
1094 pr_err("%s: can't bind, err %d\n", f->name, status);
1095
1096 return status;
1097}
1098
1099static void rndis_qc_free(struct usb_function *f)
1100{
1101 struct f_rndis_qc_opts *opts;
1102
1103 opts = container_of(f->fi, struct f_rndis_qc_opts, func_inst);
1104 opts->refcnt--;
1105}
1106
1107static void
1108rndis_qc_unbind(struct usb_configuration *c, struct usb_function *f)
1109{
1110 struct f_rndis_qc *rndis = func_to_rndis_qc(f);
1111
1112 pr_debug("rndis_qc_unbind: free\n");
1113 rndis_deregister(rndis->params);
1114
1115 if (gadget_is_dualspeed(c->cdev->gadget))
1116 usb_free_descriptors(f->hs_descriptors);
1117 usb_free_descriptors(f->fs_descriptors);
1118
1119 kfree(rndis->notify_req->buf);
1120 usb_ep_free_request(rndis->notify, rndis->notify_req);
1121
1122 /*
1123 * call flush_workqueue to make sure that any pending
1124 * disconnect_work() from u_bam_data.c file is being
1125 * flushed before calling this rndis_ipa_cleanup API
1126 * as rndis ipa disconnect API is required to be
1127 * called before this.
1128 */
1129 ipa_data_flush_workqueue();
1130 rndis_ipa_cleanup(rndis_ipa_params.private);
1131 rndis_ipa_supported = false;
1132
1133}
1134
1135void rndis_ipa_reset_trigger(void)
1136{
1137 struct f_rndis_qc *rndis;
1138
1139 rndis = _rndis_qc;
1140 if (!rndis) {
1141 pr_err("%s: No RNDIS instance", __func__);
1142 return;
1143 }
1144
1145 rndis->net_ready_trigger = false;
1146}
1147
1148/*
1149 * Callback let RNDIS_IPA trigger us when network interface is up
1150 * and userspace is ready to answer DHCP requests
1151 */
1152void rndis_net_ready_notify(void)
1153{
1154 struct f_rndis_qc *rndis;
1155 unsigned long flags;
1156
1157 spin_lock_irqsave(&rndis_lock, flags);
1158 rndis = _rndis_qc;
1159 if (!rndis) {
1160 pr_err("%s: No RNDIS instance", __func__);
1161 spin_unlock_irqrestore(&rndis_lock, flags);
1162 return;
1163 }
1164 if (rndis->net_ready_trigger) {
1165 pr_err("%s: Already triggered", __func__);
1166 spin_unlock_irqrestore(&rndis_lock, flags);
1167 return;
1168 }
1169
1170 pr_debug("%s: Set net_ready_trigger", __func__);
1171 rndis->net_ready_trigger = true;
1172 spin_unlock_irqrestore(&rndis_lock, flags);
1173 ipa_data_start_rx_tx(USB_IPA_FUNC_RNDIS);
1174}
1175
1176/**
1177 * rndis_qc_bind_config - add RNDIS network link to a configuration
1178 * @c: the configuration to support the network link
1179 * @ethaddr: a buffer in which the ethernet address of the host side
1180 * side of the link was recorded
1181 * Context: single threaded during gadget setup
1182 *
1183 * Returns zero on success, else negative errno.
1184 *
1185 * Caller must have called @gether_setup(). Caller is also responsible
1186 * for calling @gether_cleanup() before module unload.
1187 */
1188
1189static struct
1190usb_function *rndis_qc_bind_config_vendor(struct usb_function_instance *fi,
1191 u32 vendorID, const char *manufacturer,
1192 u8 max_pkt_per_xfer, u8 pkt_alignment_factor)
1193{
1194 struct f_rndis_qc_opts *opts = container_of(fi,
1195 struct f_rndis_qc_opts, func_inst);
1196 struct f_rndis_qc *rndis;
1197 int status;
1198
1199 /* allocate and initialize one new instance */
1200 status = -ENOMEM;
1201
1202 opts = container_of(fi, struct f_rndis_qc_opts, func_inst);
1203
1204 opts->refcnt++;
1205 rndis = opts->rndis;
1206
1207 rndis->vendorID = opts->vendor_id;
1208 rndis->manufacturer = opts->manufacturer;
1209 /* export host's Ethernet address in CDC format */
1210 random_ether_addr(rndis_ipa_params.host_ethaddr);
1211 random_ether_addr(rndis_ipa_params.device_ethaddr);
1212 pr_debug("setting host_ethaddr=%pM, device_ethaddr=%pM\n",
1213 rndis_ipa_params.host_ethaddr,
1214 rndis_ipa_params.device_ethaddr);
1215 rndis_ipa_supported = true;
1216 ether_addr_copy(rndis->ethaddr, rndis_ipa_params.host_ethaddr);
1217 rndis_ipa_params.device_ready_notify = rndis_net_ready_notify;
1218
1219 /* if max_pkt_per_xfer was not configured set to default value */
1220 rndis->ul_max_pkt_per_xfer =
1221 max_pkt_per_xfer ? max_pkt_per_xfer :
1222 DEFAULT_MAX_PKT_PER_XFER;
1223 ipa_data_set_ul_max_pkt_num(rndis->ul_max_pkt_per_xfer);
1224
1225 /*
1226 * Check no RNDIS aggregation, and alignment if not mentioned,
1227 * use alignment factor as zero. If aggregated RNDIS data transfer,
1228 * max packet per transfer would be default if it is not set
1229 * explicitly, and same way use alignment factor as 2 by default.
1230 * This would eliminate need of writing to sysfs if default RNDIS
1231 * aggregation setting required. Writing to both sysfs entries,
1232 * those values will always override default values.
1233 */
1234 if ((rndis->pkt_alignment_factor == 0) &&
1235 (rndis->ul_max_pkt_per_xfer == 1))
1236 rndis->pkt_alignment_factor = 0;
1237 else
1238 rndis->pkt_alignment_factor = pkt_alignment_factor ?
1239 pkt_alignment_factor :
1240 DEFAULT_PKT_ALIGNMENT_FACTOR;
1241
1242 /* RNDIS activates when the host changes this filter */
1243 rndis->cdc_filter = 0;
1244
1245 rndis->func.name = "rndis";
1246 rndis->func.strings = rndis_qc_strings;
1247 /* descriptors are per-instance copies */
1248 rndis->func.bind = rndis_qc_bind;
1249 rndis->func.unbind = rndis_qc_unbind;
1250 rndis->func.set_alt = rndis_qc_set_alt;
1251 rndis->func.setup = rndis_qc_setup;
1252 rndis->func.disable = rndis_qc_disable;
1253 rndis->func.suspend = rndis_qc_suspend;
1254 rndis->func.resume = rndis_qc_resume;
1255 rndis->func.free_func = rndis_qc_free;
1256
1257 status = rndis_ipa_init(&rndis_ipa_params);
1258 if (status) {
1259 pr_err("%s: failed to init rndis_ipa\n", __func__);
1260 goto fail;
1261 }
1262
1263 _rndis_qc = rndis;
1264
1265 return &rndis->func;
1266fail:
1267 kfree(rndis);
1268 _rndis_qc = NULL;
1269 return ERR_PTR(status);
1270}
1271
1272static struct usb_function *qcrndis_alloc(struct usb_function_instance *fi)
1273{
1274 return rndis_qc_bind_config_vendor(fi, 0, NULL, 0, 0);
1275}
1276
1277static int rndis_qc_open_dev(struct inode *ip, struct file *fp)
1278{
1279 int ret = 0;
1280 unsigned long flags;
1281
1282 pr_info("Open rndis QC driver\n");
1283
1284 spin_lock_irqsave(&rndis_lock, flags);
1285 if (!_rndis_qc) {
1286 pr_err("rndis_qc_dev not created yet\n");
1287 ret = -ENODEV;
1288 goto fail;
1289 }
1290
1291 if (rndis_qc_lock(&_rndis_qc->open_excl)) {
1292 pr_err("Already opened\n");
1293 ret = -EBUSY;
1294 goto fail;
1295 }
1296
1297 fp->private_data = _rndis_qc;
1298fail:
1299 spin_unlock_irqrestore(&rndis_lock, flags);
1300
1301 if (!ret)
1302 pr_info("rndis QC file opened\n");
1303
1304 return ret;
1305}
1306
1307static int rndis_qc_release_dev(struct inode *ip, struct file *fp)
1308{
1309 unsigned long flags;
1310
1311 pr_info("Close rndis QC file\n");
1312
1313 spin_lock_irqsave(&rndis_lock, flags);
1314
1315 if (!_rndis_qc) {
1316 pr_err("rndis_qc_dev not present\n");
1317 spin_unlock_irqrestore(&rndis_lock, flags);
1318 return -ENODEV;
1319 }
1320 rndis_qc_unlock(&_rndis_qc->open_excl);
1321 spin_unlock_irqrestore(&rndis_lock, flags);
1322 return 0;
1323}
1324
1325static long rndis_qc_ioctl(struct file *fp, unsigned int cmd, unsigned long arg)
1326{
1327 u8 qc_max_pkt_per_xfer = 0;
1328 u32 qc_max_pkt_size = 0;
1329 int ret = 0;
1330 unsigned long flags;
1331
1332 spin_lock_irqsave(&rndis_lock, flags);
1333 if (!_rndis_qc) {
1334 pr_err("rndis_qc_dev not present\n");
1335 ret = -ENODEV;
1336 goto fail;
1337 }
1338
1339 qc_max_pkt_per_xfer = _rndis_qc->ul_max_pkt_per_xfer;
1340 qc_max_pkt_size = _rndis_qc->max_pkt_size;
1341
1342 if (rndis_qc_lock(&_rndis_qc->ioctl_excl)) {
1343 ret = -EBUSY;
1344 goto fail;
1345 }
1346
1347 spin_unlock_irqrestore(&rndis_lock, flags);
1348
1349 pr_info("Received command %d\n", cmd);
1350
1351 switch (cmd) {
1352 case RNDIS_QC_GET_MAX_PKT_PER_XFER:
1353 ret = copy_to_user((void __user *)arg,
1354 &qc_max_pkt_per_xfer,
1355 sizeof(qc_max_pkt_per_xfer));
1356 if (ret) {
1357 pr_err("copying to user space failed\n");
1358 ret = -EFAULT;
1359 }
1360 pr_info("Sent UL max packets per xfer %d\n",
1361 qc_max_pkt_per_xfer);
1362 break;
1363 case RNDIS_QC_GET_MAX_PKT_SIZE:
1364 ret = copy_to_user((void __user *)arg,
1365 &qc_max_pkt_size,
1366 sizeof(qc_max_pkt_size));
1367 if (ret) {
1368 pr_err("copying to user space failed\n");
1369 ret = -EFAULT;
1370 }
1371 pr_debug("Sent max packet size %d\n",
1372 qc_max_pkt_size);
1373 break;
1374 default:
1375 pr_err("Unsupported IOCTL\n");
1376 ret = -EINVAL;
1377 }
1378
1379 spin_lock_irqsave(&rndis_lock, flags);
1380
1381 if (!_rndis_qc) {
1382 pr_err("rndis_qc_dev not present\n");
1383 ret = -ENODEV;
1384 goto fail;
1385 }
1386
1387 rndis_qc_unlock(&_rndis_qc->ioctl_excl);
1388
1389fail:
1390 spin_unlock_irqrestore(&rndis_lock, flags);
1391 return ret;
1392}
1393
1394static const struct file_operations rndis_qc_fops = {
1395 .owner = THIS_MODULE,
1396 .open = rndis_qc_open_dev,
1397 .release = rndis_qc_release_dev,
1398 .unlocked_ioctl = rndis_qc_ioctl,
1399};
1400
1401static void qcrndis_free_inst(struct usb_function_instance *f)
1402{
1403 struct f_rndis_qc_opts *opts = container_of(f,
1404 struct f_rndis_qc_opts, func_inst);
1405 int minor = MINOR(opts->rndis->cdev.dev);
1406 unsigned long flags;
1407
1408 device_destroy(rndis_class, MKDEV(MAJOR(rndis_dev), minor));
1409 class_destroy(rndis_class);
1410 cdev_del(&opts->rndis->cdev);
1411 ida_simple_remove(&chardev_ida, minor);
1412 unregister_chrdev_region(rndis_dev, 1);
1413
1414 ipa_data_free(USB_IPA_FUNC_RNDIS);
1415 spin_lock_irqsave(&rndis_lock, flags);
1416 kfree(opts->rndis);
1417 _rndis_qc = NULL;
1418 kfree(opts);
1419 spin_unlock_irqrestore(&rndis_lock, flags);
1420}
1421
1422static int qcrndis_set_inst_name(struct usb_function_instance *fi,
1423 const char *name)
1424{
1425 struct f_rndis_qc_opts *opts = container_of(fi,
1426 struct f_rndis_qc_opts, func_inst);
1427 struct f_rndis_qc *rndis;
1428 int name_len;
1429 int ret, minor;
1430
1431 name_len = strlen(name) + 1;
1432 if (name_len > MAX_INST_NAME_LEN)
1433 return -ENAMETOOLONG;
1434
1435 pr_debug("initialize rndis QC instance\n");
1436 rndis = kzalloc(sizeof(*rndis), GFP_KERNEL);
1437 if (!rndis) {
1438 pr_err("%s: fail allocate and initialize new instance\n",
1439 __func__);
1440 return -ENOMEM;
1441 }
1442
1443 spin_lock_init(&rndis_lock);
1444 opts->rndis = rndis;
1445 rndis_class = class_create(THIS_MODULE, "usbrndis");
1446 ret = alloc_chrdev_region(&rndis_dev, 0, 1, "usb_rndis");
1447 if (ret < 0) {
1448 pr_err("Fail to allocate usb rndis char dev region\n");
1449 return ret;
1450 }
1451
1452 /* get a minor number */
1453 minor = ida_simple_get(&chardev_ida, 0, 0, GFP_KERNEL);
1454 if (minor < 0) {
1455 pr_err("%s: No more minor numbers left! rc:%d\n", __func__,
1456 minor);
1457 ret = -ENODEV;
1458 goto fail_out_of_minors;
1459 }
1460 rndis->dev = device_create(rndis_class, NULL,
1461 MKDEV(MAJOR(rndis_dev), minor),
1462 rndis, "android_rndis_qc");
1463 if (IS_ERR(rndis->dev)) {
1464 ret = PTR_ERR(rndis->dev);
1465 pr_err("%s: device_create failed for (%d)", __func__, ret);
1466 goto fail_return_minor;
1467 }
1468 cdev_init(&rndis->cdev, &rndis_qc_fops);
1469 ret = cdev_add(&rndis->cdev, MKDEV(MAJOR(rndis_dev), minor), 1);
1470 if (ret < 0) {
1471 pr_err("%s: cdev_add failed for %s (%d)", __func__,
1472 name, ret);
1473 goto fail_cdev_add;
1474 }
1475
1476 if (ret)
1477 pr_err("rndis QC driver failed to register\n");
1478
1479 ret = ipa_data_setup(USB_IPA_FUNC_RNDIS);
1480 if (ret) {
1481 pr_err("bam_data_setup failed err: %d\n", ret);
1482 goto fail_data_setup;
1483 }
1484
1485 return 0;
1486fail_data_setup:
1487 cdev_del(&rndis->cdev);
1488fail_cdev_add:
1489 device_destroy(rndis_class, MKDEV(MAJOR(rndis_dev), minor));
1490fail_return_minor:
1491 ida_simple_remove(&chardev_ida, minor);
1492fail_out_of_minors:
1493 unregister_chrdev_region(rndis_dev, 1);
1494 class_destroy(rndis_class);
1495 kfree(rndis);
1496 return ret;
1497}
1498
1499static inline
1500struct f_rndis_qc_opts *to_f_qc_rndis_opts(struct config_item *item)
1501{
1502 return container_of(to_config_group(item), struct f_rndis_qc_opts,
1503 func_inst.group);
1504}
1505
1506static void qcrndis_attr_release(struct config_item *item)
1507{
1508 struct f_rndis_qc_opts *opts = to_f_qc_rndis_opts(item);
1509
1510 usb_put_function_instance(&opts->func_inst);
1511}
1512
1513static struct configfs_item_operations qcrndis_item_ops = {
1514 .release = qcrndis_attr_release,
1515};
1516
1517static struct config_item_type qcrndis_func_type = {
1518 .ct_item_ops = &qcrndis_item_ops,
1519 .ct_owner = THIS_MODULE,
1520};
1521
1522static struct usb_function_instance *qcrndis_alloc_inst(void)
1523{
1524 struct f_rndis_qc_opts *opts;
1525
1526 opts = kzalloc(sizeof(*opts), GFP_KERNEL);
1527 if (!opts)
1528 return ERR_PTR(-ENOMEM);
1529
1530 opts->func_inst.set_inst_name = qcrndis_set_inst_name;
1531 opts->func_inst.free_func_inst = qcrndis_free_inst;
1532
1533 config_group_init_type_name(&opts->func_inst.group, "",
1534 &qcrndis_func_type);
1535
1536 return &opts->func_inst;
1537}
1538
1539void *rndis_qc_get_ipa_rx_cb(void)
1540{
1541 return rndis_ipa_params.ipa_rx_notify;
1542}
1543
1544void *rndis_qc_get_ipa_tx_cb(void)
1545{
1546 return rndis_ipa_params.ipa_tx_notify;
1547}
1548
1549void *rndis_qc_get_ipa_priv(void)
1550{
1551 return rndis_ipa_params.private;
1552}
1553
1554bool rndis_qc_get_skip_ep_config(void)
1555{
1556 return rndis_ipa_params.skip_ep_cfg;
1557}
1558
1559DECLARE_USB_FUNCTION_INIT(rndis_bam, qcrndis_alloc_inst, qcrndis_alloc);
1560
1561static int __init usb_qcrndis_init(void)
1562{
1563 int ret;
1564
1565 ret = usb_function_register(&rndis_bamusb_func);
1566 if (ret) {
1567 pr_err("%s: failed to register diag %d\n", __func__, ret);
1568 return ret;
1569 }
1570 return ret;
1571}
1572
1573static void __exit usb_qcrndis_exit(void)
1574{
1575 usb_function_unregister(&rndis_bamusb_func);
1576}
1577
1578module_init(usb_qcrndis_init);
1579module_exit(usb_qcrndis_exit);
1580MODULE_DESCRIPTION("USB RMNET Function Driver");