Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm-4.9 / efd5b7b5d79010ae147e384185b8ac594d028850 / . / drivers / input / serio / hyperv-keyboard.c
blob: 613261994621451199ba551633303780a7d7c93f [file] [log] [blame]
K. Y. Srinivasanaed06b92013-09-18 12:50:42 -0700[diff] [blame]1/*
2 * Copyright (c) 2013, Microsoft Corporation.
3 *
4 * This program is free software; you can redistribute it and/or modify it
5 * under the terms and conditions of the GNU General Public License,
6 * version 2, as published by the Free Software Foundation.
7 *
8 * This program is distributed in the hope it will be useful, but WITHOUT
9 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
10 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
11 * more details.
12 */
13
14#include <linux/init.h>
15#include <linux/module.h>
16#include <linux/device.h>
17#include <linux/completion.h>
18#include <linux/hyperv.h>
19#include <linux/serio.h>
20#include <linux/slab.h>
21
22/*
23 * Current version 1.0
24 *
25 */
26#define SYNTH_KBD_VERSION_MAJOR 1
27#define SYNTH_KBD_VERSION_MINOR 0
28#define SYNTH_KBD_VERSION (SYNTH_KBD_VERSION_MINOR | \
29 (SYNTH_KBD_VERSION_MAJOR << 16))
30
31
32/*
33 * Message types in the synthetic input protocol
34 */
35enum synth_kbd_msg_type {
36 SYNTH_KBD_PROTOCOL_REQUEST = 1,
37 SYNTH_KBD_PROTOCOL_RESPONSE = 2,
38 SYNTH_KBD_EVENT = 3,
39 SYNTH_KBD_LED_INDICATORS = 4,
40};
41
42/*
43 * Basic message structures.
44 */
45struct synth_kbd_msg_hdr {
46 __le32 type;
47};
48
49struct synth_kbd_msg {
50 struct synth_kbd_msg_hdr header;
51 char data[]; /* Enclosed message */
52};
53
54union synth_kbd_version {
55 __le32 version;
56};
57
58/*
59 * Protocol messages
60 */
61struct synth_kbd_protocol_request {
62 struct synth_kbd_msg_hdr header;
63 union synth_kbd_version version_requested;
64};
65
66#define PROTOCOL_ACCEPTED BIT(0)
67struct synth_kbd_protocol_response {
68 struct synth_kbd_msg_hdr header;
69 __le32 proto_status;
70};
71
72#define IS_UNICODE BIT(0)
73#define IS_BREAK BIT(1)
74#define IS_E0 BIT(2)
75#define IS_E1 BIT(3)
76struct synth_kbd_keystroke {
77 struct synth_kbd_msg_hdr header;
78 __le16 make_code;
79 __le16 reserved0;
80 __le32 info; /* Additional information */
81};
82
83
84#define HK_MAXIMUM_MESSAGE_SIZE 256
85
86#define KBD_VSC_SEND_RING_BUFFER_SIZE (10 * PAGE_SIZE)
87#define KBD_VSC_RECV_RING_BUFFER_SIZE (10 * PAGE_SIZE)
88
89#define XTKBD_EMUL0 0xe0
90#define XTKBD_EMUL1 0xe1
91#define XTKBD_RELEASE 0x80
92
93
94/*
95 * Represents a keyboard device
96 */
97struct hv_kbd_dev {
98 struct hv_device *hv_dev;
99 struct serio *hv_serio;
100 struct synth_kbd_protocol_request protocol_req;
101 struct synth_kbd_protocol_response protocol_resp;
102 /* Synchronize the request/response if needed */
103 struct completion wait_event;
104 spinlock_t lock; /* protects 'started' field */
105 bool started;
106};
107
108static void hv_kbd_on_receive(struct hv_device *hv_dev,
109 struct synth_kbd_msg *msg, u32 msg_length)
110{
111 struct hv_kbd_dev *kbd_dev = hv_get_drvdata(hv_dev);
112 struct synth_kbd_keystroke *ks_msg;
113 unsigned long flags;
114 u32 msg_type = __le32_to_cpu(msg->header.type);
115 u32 info;
116 u16 scan_code;
117
118 switch (msg_type) {
119 case SYNTH_KBD_PROTOCOL_RESPONSE:
120 /*
121 * Validate the information provided by the host.
122 * If the host is giving us a bogus packet,
123 * drop the packet (hoping the problem
124 * goes away).
125 */
126 if (msg_length < sizeof(struct synth_kbd_protocol_response)) {
127 dev_err(&hv_dev->device,
128 "Illegal protocol response packet (len: %d)\n",
129 msg_length);
130 break;
131 }
132
133 memcpy(&kbd_dev->protocol_resp, msg,
134 sizeof(struct synth_kbd_protocol_response));
135 complete(&kbd_dev->wait_event);
136 break;
137
138 case SYNTH_KBD_EVENT:
139 /*
140 * Validate the information provided by the host.
141 * If the host is giving us a bogus packet,
142 * drop the packet (hoping the problem
143 * goes away).
144 */
145 if (msg_length < sizeof(struct synth_kbd_keystroke)) {
146 dev_err(&hv_dev->device,
147 "Illegal keyboard event packet (len: %d)\n",
148 msg_length);
149 break;
150 }
151
152 ks_msg = (struct synth_kbd_keystroke *)msg;
153 info = __le32_to_cpu(ks_msg->info);
154
155 /*
156 * Inject the information through the serio interrupt.
157 */
158 spin_lock_irqsave(&kbd_dev->lock, flags);
159 if (kbd_dev->started) {
160 if (info & IS_E0)
161 serio_interrupt(kbd_dev->hv_serio,
162 XTKBD_EMUL0, 0);
K. Y. Srinivasanc3c4d992014-01-12 11:09:14 -0800[diff] [blame]163 if (info & IS_E1)
164 serio_interrupt(kbd_dev->hv_serio,
165 XTKBD_EMUL1, 0);
K. Y. Srinivasanaed06b92013-09-18 12:50:42 -0700[diff] [blame]166 scan_code = __le16_to_cpu(ks_msg->make_code);
167 if (info & IS_BREAK)
168 scan_code |= XTKBD_RELEASE;
169
170 serio_interrupt(kbd_dev->hv_serio, scan_code, 0);
171 }
172 spin_unlock_irqrestore(&kbd_dev->lock, flags);
173 break;
174
175 default:
176 dev_err(&hv_dev->device,
177 "unhandled message type %d\n", msg_type);
178 }
179}
180
181static void hv_kbd_handle_received_packet(struct hv_device *hv_dev,
182 struct vmpacket_descriptor *desc,
183 u32 bytes_recvd,
184 u64 req_id)
185{
186 struct synth_kbd_msg *msg;
187 u32 msg_sz;
188
189 switch (desc->type) {
190 case VM_PKT_COMP:
191 break;
192
193 case VM_PKT_DATA_INBAND:
194 /*
195 * We have a packet that has "inband" data. The API used
196 * for retrieving the packet guarantees that the complete
197 * packet is read. So, minimally, we should be able to
198 * parse the payload header safely (assuming that the host
199 * can be trusted. Trusting the host seems to be a
200 * reasonable assumption because in a virtualized
201 * environment there is not whole lot you can do if you
202 * don't trust the host.
203 *
204 * Nonetheless, let us validate if the host can be trusted
205 * (in a trivial way). The interesting aspect of this
206 * validation is how do you recover if we discover that the
207 * host is not to be trusted? Simply dropping the packet, I
208 * don't think is an appropriate recovery. In the interest
209 * of failing fast, it may be better to crash the guest.
210 * For now, I will just drop the packet!
211 */
212
213 msg_sz = bytes_recvd - (desc->offset8 << 3);
214 if (msg_sz <= sizeof(struct synth_kbd_msg_hdr)) {
215 /*
216 * Drop the packet and hope
217 * the problem magically goes away.
218 */
219 dev_err(&hv_dev->device,
220 "Illegal packet (type: %d, tid: %llx, size: %d)\n",
221 desc->type, req_id, msg_sz);
222 break;
223 }
224
225 msg = (void *)desc + (desc->offset8 << 3);
226 hv_kbd_on_receive(hv_dev, msg, msg_sz);
227 break;
228
229 default:
230 dev_err(&hv_dev->device,
231 "unhandled packet type %d, tid %llx len %d\n",
232 desc->type, req_id, bytes_recvd);
233 break;
234 }
235}
236
237static void hv_kbd_on_channel_callback(void *context)
238{
239 struct hv_device *hv_dev = context;
240 void *buffer;
241 int bufferlen = 0x100; /* Start with sensible size */
242 u32 bytes_recvd;
243 u64 req_id;
244 int error;
245
246 buffer = kmalloc(bufferlen, GFP_ATOMIC);
247 if (!buffer)
248 return;
249
250 while (1) {
251 error = vmbus_recvpacket_raw(hv_dev->channel, buffer, bufferlen,
252 &bytes_recvd, &req_id);
253 switch (error) {
254 case 0:
255 if (bytes_recvd == 0) {
256 kfree(buffer);
257 return;
258 }
259
260 hv_kbd_handle_received_packet(hv_dev, buffer,
261 bytes_recvd, req_id);
262 break;
263
264 case -ENOBUFS:
265 kfree(buffer);
266 /* Handle large packet */
267 bufferlen = bytes_recvd;
268 buffer = kmalloc(bytes_recvd, GFP_ATOMIC);
269 if (!buffer)
270 return;
271 break;
272 }
273 }
274}
275
276static int hv_kbd_connect_to_vsp(struct hv_device *hv_dev)
277{
278 struct hv_kbd_dev *kbd_dev = hv_get_drvdata(hv_dev);
279 struct synth_kbd_protocol_request *request;
280 struct synth_kbd_protocol_response *response;
281 u32 proto_status;
282 int error;
283
284 request = &kbd_dev->protocol_req;
285 memset(request, 0, sizeof(struct synth_kbd_protocol_request));
286 request->header.type = __cpu_to_le32(SYNTH_KBD_PROTOCOL_REQUEST);
287 request->version_requested.version = __cpu_to_le32(SYNTH_KBD_VERSION);
288
289 error = vmbus_sendpacket(hv_dev->channel, request,
290 sizeof(struct synth_kbd_protocol_request),
291 (unsigned long)request,
292 VM_PKT_DATA_INBAND,
293 VMBUS_DATA_PACKET_FLAG_COMPLETION_REQUESTED);
294 if (error)
295 return error;
296
297 if (!wait_for_completion_timeout(&kbd_dev->wait_event, 10 * HZ))
298 return -ETIMEDOUT;
299
300 response = &kbd_dev->protocol_resp;
301 proto_status = __le32_to_cpu(response->proto_status);
302 if (!(proto_status & PROTOCOL_ACCEPTED)) {
303 dev_err(&hv_dev->device,
304 "synth_kbd protocol request failed (version %d)\n",
305 SYNTH_KBD_VERSION);
306 return -ENODEV;
307 }
308
309 return 0;
310}
311
312static int hv_kbd_start(struct serio *serio)
313{
314 struct hv_kbd_dev *kbd_dev = serio->port_data;
315 unsigned long flags;
316
317 spin_lock_irqsave(&kbd_dev->lock, flags);
318 kbd_dev->started = true;
319 spin_unlock_irqrestore(&kbd_dev->lock, flags);
320
321 return 0;
322}
323
324static void hv_kbd_stop(struct serio *serio)
325{
326 struct hv_kbd_dev *kbd_dev = serio->port_data;
327 unsigned long flags;
328
329 spin_lock_irqsave(&kbd_dev->lock, flags);
330 kbd_dev->started = false;
331 spin_unlock_irqrestore(&kbd_dev->lock, flags);
332}
333
334static int hv_kbd_probe(struct hv_device *hv_dev,
335 const struct hv_vmbus_device_id *dev_id)
336{
337 struct hv_kbd_dev *kbd_dev;
338 struct serio *hv_serio;
339 int error;
340
341 kbd_dev = kzalloc(sizeof(struct hv_kbd_dev), GFP_KERNEL);
342 hv_serio = kzalloc(sizeof(struct serio), GFP_KERNEL);
343 if (!kbd_dev || !hv_serio) {
344 error = -ENOMEM;
345 goto err_free_mem;
346 }
347
348 kbd_dev->hv_dev = hv_dev;
349 kbd_dev->hv_serio = hv_serio;
350 spin_lock_init(&kbd_dev->lock);
351 init_completion(&kbd_dev->wait_event);
352 hv_set_drvdata(hv_dev, kbd_dev);
353
354 hv_serio->dev.parent = &hv_dev->device;
355 hv_serio->id.type = SERIO_8042_XL;
356 hv_serio->port_data = kbd_dev;
357 strlcpy(hv_serio->name, dev_name(&hv_dev->device),
358 sizeof(hv_serio->name));
359 strlcpy(hv_serio->phys, dev_name(&hv_dev->device),
360 sizeof(hv_serio->phys));
361
362 hv_serio->start = hv_kbd_start;
363 hv_serio->stop = hv_kbd_stop;
364
365 error = vmbus_open(hv_dev->channel,
366 KBD_VSC_SEND_RING_BUFFER_SIZE,
367 KBD_VSC_RECV_RING_BUFFER_SIZE,
368 NULL, 0,
369 hv_kbd_on_channel_callback,
370 hv_dev);
371 if (error)
372 goto err_free_mem;
373
374 error = hv_kbd_connect_to_vsp(hv_dev);
375 if (error)
376 goto err_close_vmbus;
377
378 serio_register_port(kbd_dev->hv_serio);
379 return 0;
380
381err_close_vmbus:
382 vmbus_close(hv_dev->channel);
383err_free_mem:
384 kfree(hv_serio);
385 kfree(kbd_dev);
386 return error;
387}
388
389static int hv_kbd_remove(struct hv_device *hv_dev)
390{
391 struct hv_kbd_dev *kbd_dev = hv_get_drvdata(hv_dev);
392
393 serio_unregister_port(kbd_dev->hv_serio);
394 vmbus_close(hv_dev->channel);
395 kfree(kbd_dev);
396
397 hv_set_drvdata(hv_dev, NULL);
398
399 return 0;
400}
401
402/*
403 * Keyboard GUID
404 * {f912ad6d-2b17-48ea-bd65-f927a61c7684}
405 */
406#define HV_KBD_GUID \
407 .guid = { \
408 0x6d, 0xad, 0x12, 0xf9, 0x17, 0x2b, 0xea, 0x48, \
409 0xbd, 0x65, 0xf9, 0x27, 0xa6, 0x1c, 0x76, 0x84 \
410 }
411
412static const struct hv_vmbus_device_id id_table[] = {
413 /* Keyboard guid */
414 { HV_KBD_GUID, },
415 { },
416};
417
418MODULE_DEVICE_TABLE(vmbus, id_table);
419
420static struct hv_driver hv_kbd_drv = {
421 .name = KBUILD_MODNAME,
422 .id_table = id_table,
423 .probe = hv_kbd_probe,
424 .remove = hv_kbd_remove,
425};
426
427static int __init hv_kbd_init(void)
428{
429 return vmbus_driver_register(&hv_kbd_drv);
430}
431
432static void __exit hv_kbd_exit(void)
433{
434 vmbus_driver_unregister(&hv_kbd_drv);
435}
436
437MODULE_LICENSE("GPL");
438module_init(hv_kbd_init);
439module_exit(hv_kbd_exit);