2 * Copyright (c) 2001 Paul Stewart
3 * Copyright (c) 2001 Vojtech Pavlik
5 * HID char devices, giving access to raw HID device events.
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU General Public License for more details.
20 * You should have received a copy of the GNU General Public License
21 * along with this program; if not, write to the Free Software
22 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
24 * Should you need to contact me, the author, you can do so either by
25 * e-mail - mail your message to Paul Stewart <stewart@wetlogic.net>
28 #include <linux/poll.h>
29 #include <linux/slab.h>
30 #include <linux/module.h>
31 #include <linux/init.h>
32 #include <linux/input.h>
33 #include <linux/usb.h>
34 #include <linux/hid.h>
35 #include <linux/hiddev.h>
36 #include <linux/compat.h>
37 #include <linux/vmalloc.h>
38 #include <linux/nospec.h>
41 #ifdef CONFIG_USB_DYNAMIC_MINORS
42 #define HIDDEV_MINOR_BASE 0
43 #define HIDDEV_MINORS 256
45 #define HIDDEV_MINOR_BASE 96
46 #define HIDDEV_MINORS 16
48 #define HIDDEV_BUFFER_SIZE 2048
53 struct mutex existancelock;
54 wait_queue_head_t wait;
55 struct hid_device *hid;
56 struct list_head list;
61 struct hiddev_usage_ref buffer[HIDDEV_BUFFER_SIZE];
65 struct fasync_struct *fasync;
66 struct hiddev *hiddev;
67 struct list_head node;
68 struct mutex thread_lock;
72 * Find a report, given the report's type and ID. The ID can be specified
73 * indirectly by REPORT_ID_FIRST (which returns the first report of the given
74 * type) or by (REPORT_ID_NEXT | old_id), which returns the next report of the
75 * given type which follows old_id.
77 static struct hid_report *
78 hiddev_lookup_report(struct hid_device *hid, struct hiddev_report_info *rinfo)
80 unsigned int flags = rinfo->report_id & ~HID_REPORT_ID_MASK;
81 unsigned int rid = rinfo->report_id & HID_REPORT_ID_MASK;
82 struct hid_report_enum *report_enum;
83 struct hid_report *report;
84 struct list_head *list;
86 if (rinfo->report_type < HID_REPORT_TYPE_MIN ||
87 rinfo->report_type > HID_REPORT_TYPE_MAX)
90 report_enum = hid->report_enum +
91 (rinfo->report_type - HID_REPORT_TYPE_MIN);
94 case 0: /* Nothing to do -- report_id is already set correctly */
97 case HID_REPORT_ID_FIRST:
98 if (list_empty(&report_enum->report_list))
101 list = report_enum->report_list.next;
102 report = list_entry(list, struct hid_report, list);
103 rinfo->report_id = report->id;
106 case HID_REPORT_ID_NEXT:
107 report = report_enum->report_id_hash[rid];
111 list = report->list.next;
112 if (list == &report_enum->report_list)
115 report = list_entry(list, struct hid_report, list);
116 rinfo->report_id = report->id;
123 return report_enum->report_id_hash[rinfo->report_id];
127 * Perform an exhaustive search of the report table for a usage, given its
130 static struct hid_field *
131 hiddev_lookup_usage(struct hid_device *hid, struct hiddev_usage_ref *uref)
134 struct hid_report *report;
135 struct hid_report_enum *report_enum;
136 struct hid_field *field;
138 if (uref->report_type < HID_REPORT_TYPE_MIN ||
139 uref->report_type > HID_REPORT_TYPE_MAX)
142 report_enum = hid->report_enum +
143 (uref->report_type - HID_REPORT_TYPE_MIN);
145 list_for_each_entry(report, &report_enum->report_list, list) {
146 for (i = 0; i < report->maxfield; i++) {
147 field = report->field[i];
148 for (j = 0; j < field->maxusage; j++) {
149 if (field->usage[j].hid == uref->usage_code) {
150 uref->report_id = report->id;
151 uref->field_index = i;
152 uref->usage_index = j;
162 static void hiddev_send_event(struct hid_device *hid,
163 struct hiddev_usage_ref *uref)
165 struct hiddev *hiddev = hid->hiddev;
166 struct hiddev_list *list;
169 spin_lock_irqsave(&hiddev->list_lock, flags);
170 list_for_each_entry(list, &hiddev->list, node) {
171 if (uref->field_index != HID_FIELD_INDEX_NONE ||
172 (list->flags & HIDDEV_FLAG_REPORT) != 0) {
173 list->buffer[list->head] = *uref;
174 list->head = (list->head + 1) &
175 (HIDDEV_BUFFER_SIZE - 1);
176 kill_fasync(&list->fasync, SIGIO, POLL_IN);
179 spin_unlock_irqrestore(&hiddev->list_lock, flags);
181 wake_up_interruptible(&hiddev->wait);
185 * This is where hid.c calls into hiddev to pass an event that occurred over
188 void hiddev_hid_event(struct hid_device *hid, struct hid_field *field,
189 struct hid_usage *usage, __s32 value)
191 unsigned type = field->report_type;
192 struct hiddev_usage_ref uref;
195 (type == HID_INPUT_REPORT) ? HID_REPORT_TYPE_INPUT :
196 ((type == HID_OUTPUT_REPORT) ? HID_REPORT_TYPE_OUTPUT :
197 ((type == HID_FEATURE_REPORT) ? HID_REPORT_TYPE_FEATURE : 0));
198 uref.report_id = field->report->id;
199 uref.field_index = field->index;
200 uref.usage_index = (usage - field->usage);
201 uref.usage_code = usage->hid;
204 hiddev_send_event(hid, &uref);
206 EXPORT_SYMBOL_GPL(hiddev_hid_event);
208 void hiddev_report_event(struct hid_device *hid, struct hid_report *report)
210 unsigned type = report->type;
211 struct hiddev_usage_ref uref;
213 memset(&uref, 0, sizeof(uref));
215 (type == HID_INPUT_REPORT) ? HID_REPORT_TYPE_INPUT :
216 ((type == HID_OUTPUT_REPORT) ? HID_REPORT_TYPE_OUTPUT :
217 ((type == HID_FEATURE_REPORT) ? HID_REPORT_TYPE_FEATURE : 0));
218 uref.report_id = report->id;
219 uref.field_index = HID_FIELD_INDEX_NONE;
221 hiddev_send_event(hid, &uref);
227 static int hiddev_fasync(int fd, struct file *file, int on)
229 struct hiddev_list *list = file->private_data;
231 return fasync_helper(fd, file, on, &list->fasync);
238 static int hiddev_release(struct inode * inode, struct file * file)
240 struct hiddev_list *list = file->private_data;
243 spin_lock_irqsave(&list->hiddev->list_lock, flags);
244 list_del(&list->node);
245 spin_unlock_irqrestore(&list->hiddev->list_lock, flags);
247 mutex_lock(&list->hiddev->existancelock);
248 if (!--list->hiddev->open) {
249 if (list->hiddev->exist) {
250 usbhid_close(list->hiddev->hid);
251 usbhid_put_power(list->hiddev->hid);
253 mutex_unlock(&list->hiddev->existancelock);
260 mutex_unlock(&list->hiddev->existancelock);
269 static int hiddev_open(struct inode *inode, struct file *file)
271 struct hiddev_list *list;
272 struct usb_interface *intf;
273 struct hid_device *hid;
274 struct hiddev *hiddev;
277 intf = usbhid_find_interface(iminor(inode));
280 hid = usb_get_intfdata(intf);
281 hiddev = hid->hiddev;
283 if (!(list = vzalloc(sizeof(struct hiddev_list))))
285 mutex_init(&list->thread_lock);
286 list->hiddev = hiddev;
287 file->private_data = list;
290 * no need for locking because the USB major number
291 * is shared which usbcore guards against disconnect
293 if (list->hiddev->exist) {
294 if (!list->hiddev->open++) {
295 res = usbhid_open(hiddev->hid);
306 spin_lock_irq(&list->hiddev->list_lock);
307 list_add_tail(&list->node, &hiddev->list);
308 spin_unlock_irq(&list->hiddev->list_lock);
310 mutex_lock(&hiddev->existancelock);
312 * recheck exist with existance lock held to
313 * avoid opening a disconnected device
315 if (!list->hiddev->exist) {
319 if (!list->hiddev->open++)
320 if (list->hiddev->exist) {
321 struct hid_device *hid = hiddev->hid;
322 res = usbhid_get_power(hid);
329 mutex_unlock(&hiddev->existancelock);
332 mutex_unlock(&hiddev->existancelock);
334 spin_lock_irq(&list->hiddev->list_lock);
335 list_del(&list->node);
336 spin_unlock_irq(&list->hiddev->list_lock);
338 file->private_data = NULL;
346 static ssize_t hiddev_write(struct file * file, const char __user * buffer, size_t count, loff_t *ppos)
354 static ssize_t hiddev_read(struct file * file, char __user * buffer, size_t count, loff_t *ppos)
357 struct hiddev_list *list = file->private_data;
361 event_size = ((list->flags & HIDDEV_FLAG_UREF) != 0) ?
362 sizeof(struct hiddev_usage_ref) : sizeof(struct hiddev_event);
364 if (count < event_size)
367 /* lock against other threads */
368 retval = mutex_lock_interruptible(&list->thread_lock);
372 while (retval == 0) {
373 if (list->head == list->tail) {
374 prepare_to_wait(&list->hiddev->wait, &wait, TASK_INTERRUPTIBLE);
376 while (list->head == list->tail) {
377 if (signal_pending(current)) {
378 retval = -ERESTARTSYS;
381 if (!list->hiddev->exist) {
385 if (file->f_flags & O_NONBLOCK) {
390 /* let O_NONBLOCK tasks run */
391 mutex_unlock(&list->thread_lock);
393 if (mutex_lock_interruptible(&list->thread_lock)) {
394 finish_wait(&list->hiddev->wait, &wait);
397 set_current_state(TASK_INTERRUPTIBLE);
399 finish_wait(&list->hiddev->wait, &wait);
404 mutex_unlock(&list->thread_lock);
409 while (list->head != list->tail &&
410 retval + event_size <= count) {
411 if ((list->flags & HIDDEV_FLAG_UREF) == 0) {
412 if (list->buffer[list->tail].field_index != HID_FIELD_INDEX_NONE) {
413 struct hiddev_event event;
415 event.hid = list->buffer[list->tail].usage_code;
416 event.value = list->buffer[list->tail].value;
417 if (copy_to_user(buffer + retval, &event, sizeof(struct hiddev_event))) {
418 mutex_unlock(&list->thread_lock);
421 retval += sizeof(struct hiddev_event);
424 if (list->buffer[list->tail].field_index != HID_FIELD_INDEX_NONE ||
425 (list->flags & HIDDEV_FLAG_REPORT) != 0) {
427 if (copy_to_user(buffer + retval, list->buffer + list->tail, sizeof(struct hiddev_usage_ref))) {
428 mutex_unlock(&list->thread_lock);
431 retval += sizeof(struct hiddev_usage_ref);
434 list->tail = (list->tail + 1) & (HIDDEV_BUFFER_SIZE - 1);
438 mutex_unlock(&list->thread_lock);
445 * No kernel lock - fine
447 static unsigned int hiddev_poll(struct file *file, poll_table *wait)
449 struct hiddev_list *list = file->private_data;
451 poll_wait(file, &list->hiddev->wait, wait);
452 if (list->head != list->tail)
453 return POLLIN | POLLRDNORM;
454 if (!list->hiddev->exist)
455 return POLLERR | POLLHUP;
462 static noinline int hiddev_ioctl_usage(struct hiddev *hiddev, unsigned int cmd, void __user *user_arg)
464 struct hid_device *hid = hiddev->hid;
465 struct hiddev_report_info rinfo;
466 struct hiddev_usage_ref_multi *uref_multi = NULL;
467 struct hiddev_usage_ref *uref;
468 struct hid_report *report;
469 struct hid_field *field;
472 uref_multi = kmalloc(sizeof(struct hiddev_usage_ref_multi), GFP_KERNEL);
475 uref = &uref_multi->uref;
476 if (cmd == HIDIOCGUSAGES || cmd == HIDIOCSUSAGES) {
477 if (copy_from_user(uref_multi, user_arg,
478 sizeof(*uref_multi)))
481 if (copy_from_user(uref, user_arg, sizeof(*uref)))
487 rinfo.report_type = uref->report_type;
488 rinfo.report_id = uref->report_id;
489 if ((report = hiddev_lookup_report(hid, &rinfo)) == NULL)
492 if (uref->field_index >= report->maxfield)
494 uref->field_index = array_index_nospec(uref->field_index,
497 field = report->field[uref->field_index];
498 if (uref->usage_index >= field->maxusage)
500 uref->usage_index = array_index_nospec(uref->usage_index,
503 uref->usage_code = field->usage[uref->usage_index].hid;
505 if (copy_to_user(user_arg, uref, sizeof(*uref)))
511 if (cmd != HIDIOCGUSAGE &&
512 cmd != HIDIOCGUSAGES &&
513 uref->report_type == HID_REPORT_TYPE_INPUT)
516 if (uref->report_id == HID_REPORT_ID_UNKNOWN) {
517 field = hiddev_lookup_usage(hid, uref);
521 rinfo.report_type = uref->report_type;
522 rinfo.report_id = uref->report_id;
523 if ((report = hiddev_lookup_report(hid, &rinfo)) == NULL)
526 if (uref->field_index >= report->maxfield)
528 uref->field_index = array_index_nospec(uref->field_index,
531 field = report->field[uref->field_index];
533 if (cmd == HIDIOCGCOLLECTIONINDEX) {
534 if (uref->usage_index >= field->maxusage)
537 array_index_nospec(uref->usage_index,
539 } else if (uref->usage_index >= field->report_count)
543 if (cmd == HIDIOCGUSAGES || cmd == HIDIOCSUSAGES) {
544 if (uref_multi->num_values > HID_MAX_MULTI_USAGES ||
545 uref->usage_index + uref_multi->num_values >
550 array_index_nospec(uref->usage_index,
551 field->report_count -
552 uref_multi->num_values);
557 if (uref->usage_index >= field->report_count)
559 uref->value = field->value[uref->usage_index];
560 if (copy_to_user(user_arg, uref, sizeof(*uref)))
565 if (uref->usage_index >= field->report_count)
567 field->value[uref->usage_index] = uref->value;
570 case HIDIOCGCOLLECTIONINDEX:
571 i = field->usage[uref->usage_index].collection_index;
575 for (i = 0; i < uref_multi->num_values; i++)
576 uref_multi->values[i] =
577 field->value[uref->usage_index + i];
578 if (copy_to_user(user_arg, uref_multi,
579 sizeof(*uref_multi)))
583 for (i = 0; i < uref_multi->num_values; i++)
584 field->value[uref->usage_index + i] =
585 uref_multi->values[i];
601 static noinline int hiddev_ioctl_string(struct hiddev *hiddev, unsigned int cmd, void __user *user_arg)
603 struct hid_device *hid = hiddev->hid;
604 struct usb_device *dev = hid_to_usb_dev(hid);
608 if (get_user(idx, (int __user *)user_arg))
611 if ((buf = kmalloc(HID_STRING_SIZE, GFP_KERNEL)) == NULL)
614 if ((len = usb_string(dev, idx, buf, HID_STRING_SIZE-1)) < 0) {
619 if (copy_to_user(user_arg+sizeof(int), buf, len+1)) {
629 static long hiddev_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
631 struct hiddev_list *list = file->private_data;
632 struct hiddev *hiddev = list->hiddev;
633 struct hid_device *hid;
634 struct hiddev_collection_info cinfo;
635 struct hiddev_report_info rinfo;
636 struct hiddev_field_info finfo;
637 struct hiddev_devinfo dinfo;
638 struct hid_report *report;
639 struct hid_field *field;
640 void __user *user_arg = (void __user *)arg;
643 /* Called without BKL by compat methods so no BKL taken */
645 mutex_lock(&hiddev->existancelock);
646 if (!hiddev->exist) {
656 r = put_user(HID_VERSION, (int __user *)arg) ?
660 case HIDIOCAPPLICATION:
661 if (arg >= hid->maxapplication)
664 for (i = 0; i < hid->maxcollection; i++)
665 if (hid->collection[i].type ==
666 HID_COLLECTION_APPLICATION && arg-- == 0)
669 if (i < hid->maxcollection)
670 r = hid->collection[i].usage;
675 struct usb_device *dev = hid_to_usb_dev(hid);
676 struct usbhid_device *usbhid = hid->driver_data;
678 memset(&dinfo, 0, sizeof(dinfo));
680 dinfo.bustype = BUS_USB;
681 dinfo.busnum = dev->bus->busnum;
682 dinfo.devnum = dev->devnum;
683 dinfo.ifnum = usbhid->ifnum;
684 dinfo.vendor = le16_to_cpu(dev->descriptor.idVendor);
685 dinfo.product = le16_to_cpu(dev->descriptor.idProduct);
686 dinfo.version = le16_to_cpu(dev->descriptor.bcdDevice);
687 dinfo.num_applications = hid->maxapplication;
689 r = copy_to_user(user_arg, &dinfo, sizeof(dinfo)) ?
695 r = put_user(list->flags, (int __user *)arg) ?
703 if (get_user(newflags, (int __user *)arg)) {
708 if ((newflags & ~HIDDEV_FLAGS) != 0 ||
709 ((newflags & HIDDEV_FLAG_REPORT) != 0 &&
710 (newflags & HIDDEV_FLAG_UREF) == 0))
713 list->flags = newflags;
720 r = hiddev_ioctl_string(hiddev, cmd, user_arg);
723 case HIDIOCINITREPORT:
724 usbhid_init_reports(hid);
729 if (copy_from_user(&rinfo, user_arg, sizeof(rinfo))) {
734 if (rinfo.report_type == HID_REPORT_TYPE_OUTPUT)
737 report = hiddev_lookup_report(hid, &rinfo);
741 hid_hw_request(hid, report, HID_REQ_GET_REPORT);
748 if (copy_from_user(&rinfo, user_arg, sizeof(rinfo))) {
753 if (rinfo.report_type == HID_REPORT_TYPE_INPUT)
756 report = hiddev_lookup_report(hid, &rinfo);
760 hid_hw_request(hid, report, HID_REQ_SET_REPORT);
766 case HIDIOCGREPORTINFO:
767 if (copy_from_user(&rinfo, user_arg, sizeof(rinfo))) {
772 report = hiddev_lookup_report(hid, &rinfo);
776 rinfo.num_fields = report->maxfield;
778 r = copy_to_user(user_arg, &rinfo, sizeof(rinfo)) ?
782 case HIDIOCGFIELDINFO:
783 if (copy_from_user(&finfo, user_arg, sizeof(finfo))) {
788 rinfo.report_type = finfo.report_type;
789 rinfo.report_id = finfo.report_id;
791 report = hiddev_lookup_report(hid, &rinfo);
795 if (finfo.field_index >= report->maxfield)
797 finfo.field_index = array_index_nospec(finfo.field_index,
800 field = report->field[finfo.field_index];
801 memset(&finfo, 0, sizeof(finfo));
802 finfo.report_type = rinfo.report_type;
803 finfo.report_id = rinfo.report_id;
804 finfo.field_index = field->report_count - 1;
805 finfo.maxusage = field->maxusage;
806 finfo.flags = field->flags;
807 finfo.physical = field->physical;
808 finfo.logical = field->logical;
809 finfo.application = field->application;
810 finfo.logical_minimum = field->logical_minimum;
811 finfo.logical_maximum = field->logical_maximum;
812 finfo.physical_minimum = field->physical_minimum;
813 finfo.physical_maximum = field->physical_maximum;
814 finfo.unit_exponent = field->unit_exponent;
815 finfo.unit = field->unit;
817 r = copy_to_user(user_arg, &finfo, sizeof(finfo)) ?
827 case HIDIOCGCOLLECTIONINDEX:
828 r = hiddev_ioctl_usage(hiddev, cmd, user_arg);
831 case HIDIOCGCOLLECTIONINFO:
832 if (copy_from_user(&cinfo, user_arg, sizeof(cinfo))) {
837 if (cinfo.index >= hid->maxcollection)
839 cinfo.index = array_index_nospec(cinfo.index,
842 cinfo.type = hid->collection[cinfo.index].type;
843 cinfo.usage = hid->collection[cinfo.index].usage;
844 cinfo.level = hid->collection[cinfo.index].level;
846 r = copy_to_user(user_arg, &cinfo, sizeof(cinfo)) ?
851 if (_IOC_TYPE(cmd) != 'H' || _IOC_DIR(cmd) != _IOC_READ)
854 if (_IOC_NR(cmd) == _IOC_NR(HIDIOCGNAME(0))) {
855 int len = strlen(hid->name) + 1;
856 if (len > _IOC_SIZE(cmd))
857 len = _IOC_SIZE(cmd);
858 r = copy_to_user(user_arg, hid->name, len) ?
863 if (_IOC_NR(cmd) == _IOC_NR(HIDIOCGPHYS(0))) {
864 int len = strlen(hid->phys) + 1;
865 if (len > _IOC_SIZE(cmd))
866 len = _IOC_SIZE(cmd);
867 r = copy_to_user(user_arg, hid->phys, len) ?
874 mutex_unlock(&hiddev->existancelock);
879 static long hiddev_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
881 return hiddev_ioctl(file, cmd, (unsigned long)compat_ptr(arg));
885 static const struct file_operations hiddev_fops = {
886 .owner = THIS_MODULE,
888 .write = hiddev_write,
891 .release = hiddev_release,
892 .unlocked_ioctl = hiddev_ioctl,
893 .fasync = hiddev_fasync,
895 .compat_ioctl = hiddev_compat_ioctl,
897 .llseek = noop_llseek,
900 static char *hiddev_devnode(struct device *dev, umode_t *mode)
902 return kasprintf(GFP_KERNEL, "usb/%s", dev_name(dev));
905 static struct usb_class_driver hiddev_class = {
907 .devnode = hiddev_devnode,
908 .fops = &hiddev_fops,
909 .minor_base = HIDDEV_MINOR_BASE,
913 * This is where hid.c calls us to connect a hid device to the hiddev driver
915 int hiddev_connect(struct hid_device *hid, unsigned int force)
917 struct hiddev *hiddev;
918 struct usbhid_device *usbhid = hid->driver_data;
923 for (i = 0; i < hid->maxcollection; i++)
924 if (hid->collection[i].type ==
925 HID_COLLECTION_APPLICATION &&
926 !IS_INPUT_APPLICATION(hid->collection[i].usage))
929 if (i == hid->maxcollection)
933 if (!(hiddev = kzalloc(sizeof(struct hiddev), GFP_KERNEL)))
936 init_waitqueue_head(&hiddev->wait);
937 INIT_LIST_HEAD(&hiddev->list);
938 spin_lock_init(&hiddev->list_lock);
939 mutex_init(&hiddev->existancelock);
940 hid->hiddev = hiddev;
943 retval = usb_register_dev(usbhid->intf, &hiddev_class);
945 hid_err(hid, "Not able to get a minor for this device\n");
954 * This is where hid.c calls us to disconnect a hiddev device from the
955 * corresponding hid device (usually because the usb device has disconnected)
957 static struct usb_class_driver hiddev_class;
958 void hiddev_disconnect(struct hid_device *hid)
960 struct hiddev *hiddev = hid->hiddev;
961 struct usbhid_device *usbhid = hid->driver_data;
963 usb_deregister_dev(usbhid->intf, &hiddev_class);
965 mutex_lock(&hiddev->existancelock);
969 usbhid_close(hiddev->hid);
970 wake_up_interruptible(&hiddev->wait);
971 mutex_unlock(&hiddev->existancelock);
973 mutex_unlock(&hiddev->existancelock);