2 #include <linux/module.h>
3 #include <linux/init.h>
4 #include <linux/slab.h>
5 #include <linux/device.h>
6 #include <asm/byteorder.h>
10 #define USB_MAXALTSETTING 128 /* Hard limit */
11 #define USB_MAXENDPOINTS 30 /* Hard limit */
13 #define USB_MAXCONFIG 8 /* Arbitrary limit */
16 static inline const char *plural(int n
)
18 return (n
== 1 ? "" : "s");
21 static int find_next_descriptor(unsigned char *buffer
, int size
,
22 int dt1
, int dt2
, int *num_skipped
)
24 struct usb_descriptor_header
*h
;
26 unsigned char *buffer0
= buffer
;
28 /* Find the next descriptor of type dt1 or dt2 */
30 h
= (struct usb_descriptor_header
*) buffer
;
31 if (h
->bDescriptorType
== dt1
|| h
->bDescriptorType
== dt2
)
38 /* Store the number of descriptors skipped and return the
39 * number of bytes skipped */
42 return buffer
- buffer0
;
45 static int usb_parse_endpoint(struct device
*ddev
, int cfgno
, int inum
,
46 int asnum
, struct usb_host_interface
*ifp
, int num_ep
,
47 unsigned char *buffer
, int size
)
49 unsigned char *buffer0
= buffer
;
50 struct usb_endpoint_descriptor
*d
;
51 struct usb_host_endpoint
*endpoint
;
54 d
= (struct usb_endpoint_descriptor
*) buffer
;
58 if (d
->bLength
>= USB_DT_ENDPOINT_AUDIO_SIZE
)
59 n
= USB_DT_ENDPOINT_AUDIO_SIZE
;
60 else if (d
->bLength
>= USB_DT_ENDPOINT_SIZE
)
61 n
= USB_DT_ENDPOINT_SIZE
;
63 dev_warn(ddev
, "config %d interface %d altsetting %d has an "
64 "invalid endpoint descriptor of length %d, skipping\n",
65 cfgno
, inum
, asnum
, d
->bLength
);
66 goto skip_to_next_endpoint_or_interface_descriptor
;
69 i
= d
->bEndpointAddress
& ~USB_ENDPOINT_DIR_MASK
;
70 if (i
>= 16 || i
== 0) {
71 dev_warn(ddev
, "config %d interface %d altsetting %d has an "
72 "invalid endpoint with address 0x%X, skipping\n",
73 cfgno
, inum
, asnum
, d
->bEndpointAddress
);
74 goto skip_to_next_endpoint_or_interface_descriptor
;
77 /* Only store as many endpoints as we have room for */
78 if (ifp
->desc
.bNumEndpoints
>= num_ep
)
79 goto skip_to_next_endpoint_or_interface_descriptor
;
81 endpoint
= &ifp
->endpoint
[ifp
->desc
.bNumEndpoints
];
82 ++ifp
->desc
.bNumEndpoints
;
84 memcpy(&endpoint
->desc
, d
, n
);
85 INIT_LIST_HEAD(&endpoint
->urb_list
);
87 /* Skip over any Class Specific or Vendor Specific descriptors;
88 * find the next endpoint or interface descriptor */
89 endpoint
->extra
= buffer
;
90 i
= find_next_descriptor(buffer
, size
, USB_DT_ENDPOINT
,
91 USB_DT_INTERFACE
, &n
);
92 endpoint
->extralen
= i
;
94 dev_dbg(ddev
, "skipped %d descriptor%s after %s\n",
95 n
, plural(n
), "endpoint");
96 return buffer
- buffer0
+ i
;
98 skip_to_next_endpoint_or_interface_descriptor
:
99 i
= find_next_descriptor(buffer
, size
, USB_DT_ENDPOINT
,
100 USB_DT_INTERFACE
, NULL
);
101 return buffer
- buffer0
+ i
;
104 void usb_release_interface_cache(struct kref
*ref
)
106 struct usb_interface_cache
*intfc
= ref_to_usb_interface_cache(ref
);
109 for (j
= 0; j
< intfc
->num_altsetting
; j
++) {
110 struct usb_host_interface
*alt
= &intfc
->altsetting
[j
];
112 kfree(alt
->endpoint
);
118 static int usb_parse_interface(struct device
*ddev
, int cfgno
,
119 struct usb_host_config
*config
, unsigned char *buffer
, int size
,
120 u8 inums
[], u8 nalts
[])
122 unsigned char *buffer0
= buffer
;
123 struct usb_interface_descriptor
*d
;
125 struct usb_interface_cache
*intfc
;
126 struct usb_host_interface
*alt
;
129 int num_ep
, num_ep_orig
;
131 d
= (struct usb_interface_descriptor
*) buffer
;
132 buffer
+= d
->bLength
;
135 if (d
->bLength
< USB_DT_INTERFACE_SIZE
)
136 goto skip_to_next_interface_descriptor
;
138 /* Which interface entry is this? */
140 inum
= d
->bInterfaceNumber
;
141 for (i
= 0; i
< config
->desc
.bNumInterfaces
; ++i
) {
142 if (inums
[i
] == inum
) {
143 intfc
= config
->intf_cache
[i
];
147 if (!intfc
|| intfc
->num_altsetting
>= nalts
[i
])
148 goto skip_to_next_interface_descriptor
;
150 /* Check for duplicate altsetting entries */
151 asnum
= d
->bAlternateSetting
;
152 for ((i
= 0, alt
= &intfc
->altsetting
[0]);
153 i
< intfc
->num_altsetting
;
155 if (alt
->desc
.bAlternateSetting
== asnum
) {
156 dev_warn(ddev
, "Duplicate descriptor for config %d "
157 "interface %d altsetting %d, skipping\n",
159 goto skip_to_next_interface_descriptor
;
163 ++intfc
->num_altsetting
;
164 memcpy(&alt
->desc
, d
, USB_DT_INTERFACE_SIZE
);
166 /* Skip over any Class Specific or Vendor Specific descriptors;
167 * find the first endpoint or interface descriptor */
169 i
= find_next_descriptor(buffer
, size
, USB_DT_ENDPOINT
,
170 USB_DT_INTERFACE
, &n
);
173 dev_dbg(ddev
, "skipped %d descriptor%s after %s\n",
174 n
, plural(n
), "interface");
178 /* Allocate space for the right(?) number of endpoints */
179 num_ep
= num_ep_orig
= alt
->desc
.bNumEndpoints
;
180 alt
->desc
.bNumEndpoints
= 0; // Use as a counter
181 if (num_ep
> USB_MAXENDPOINTS
) {
182 dev_warn(ddev
, "too many endpoints for config %d interface %d "
183 "altsetting %d: %d, using maximum allowed: %d\n",
184 cfgno
, inum
, asnum
, num_ep
, USB_MAXENDPOINTS
);
185 num_ep
= USB_MAXENDPOINTS
;
188 if (num_ep
> 0) { /* Can't allocate 0 bytes */
189 len
= sizeof(struct usb_host_endpoint
) * num_ep
;
190 alt
->endpoint
= kzalloc(len
, GFP_KERNEL
);
195 /* Parse all the endpoint descriptors */
198 if (((struct usb_descriptor_header
*) buffer
)->bDescriptorType
201 retval
= usb_parse_endpoint(ddev
, cfgno
, inum
, asnum
, alt
,
202 num_ep
, buffer
, size
);
211 if (n
!= num_ep_orig
)
212 dev_warn(ddev
, "config %d interface %d altsetting %d has %d "
213 "endpoint descriptor%s, different from the interface "
214 "descriptor's value: %d\n",
215 cfgno
, inum
, asnum
, n
, plural(n
), num_ep_orig
);
216 return buffer
- buffer0
;
218 skip_to_next_interface_descriptor
:
219 i
= find_next_descriptor(buffer
, size
, USB_DT_INTERFACE
,
220 USB_DT_INTERFACE
, NULL
);
221 return buffer
- buffer0
+ i
;
224 static int usb_parse_configuration(struct device
*ddev
, int cfgidx
,
225 struct usb_host_config
*config
, unsigned char *buffer
, int size
)
227 unsigned char *buffer0
= buffer
;
229 int nintf
, nintf_orig
;
231 struct usb_interface_cache
*intfc
;
232 unsigned char *buffer2
;
234 struct usb_descriptor_header
*header
;
236 u8 inums
[USB_MAXINTERFACES
], nalts
[USB_MAXINTERFACES
];
238 memcpy(&config
->desc
, buffer
, USB_DT_CONFIG_SIZE
);
239 if (config
->desc
.bDescriptorType
!= USB_DT_CONFIG
||
240 config
->desc
.bLength
< USB_DT_CONFIG_SIZE
) {
241 dev_err(ddev
, "invalid descriptor for config index %d: "
242 "type = 0x%X, length = %d\n", cfgidx
,
243 config
->desc
.bDescriptorType
, config
->desc
.bLength
);
246 cfgno
= config
->desc
.bConfigurationValue
;
248 buffer
+= config
->desc
.bLength
;
249 size
-= config
->desc
.bLength
;
251 nintf
= nintf_orig
= config
->desc
.bNumInterfaces
;
252 if (nintf
> USB_MAXINTERFACES
) {
253 dev_warn(ddev
, "config %d has too many interfaces: %d, "
254 "using maximum allowed: %d\n",
255 cfgno
, nintf
, USB_MAXINTERFACES
);
256 nintf
= USB_MAXINTERFACES
;
259 /* Go through the descriptors, checking their length and counting the
260 * number of altsettings for each interface */
262 for ((buffer2
= buffer
, size2
= size
);
264 (buffer2
+= header
->bLength
, size2
-= header
->bLength
)) {
266 if (size2
< sizeof(struct usb_descriptor_header
)) {
267 dev_warn(ddev
, "config %d descriptor has %d excess "
268 "byte%s, ignoring\n",
269 cfgno
, size2
, plural(size2
));
273 header
= (struct usb_descriptor_header
*) buffer2
;
274 if ((header
->bLength
> size2
) || (header
->bLength
< 2)) {
275 dev_warn(ddev
, "config %d has an invalid descriptor "
276 "of length %d, skipping remainder of the config\n",
277 cfgno
, header
->bLength
);
281 if (header
->bDescriptorType
== USB_DT_INTERFACE
) {
282 struct usb_interface_descriptor
*d
;
285 d
= (struct usb_interface_descriptor
*) header
;
286 if (d
->bLength
< USB_DT_INTERFACE_SIZE
) {
287 dev_warn(ddev
, "config %d has an invalid "
288 "interface descriptor of length %d, "
289 "skipping\n", cfgno
, d
->bLength
);
293 inum
= d
->bInterfaceNumber
;
294 if (inum
>= nintf_orig
)
295 dev_warn(ddev
, "config %d has an invalid "
296 "interface number: %d but max is %d\n",
297 cfgno
, inum
, nintf_orig
- 1);
299 /* Have we already encountered this interface?
300 * Count its altsettings */
301 for (i
= 0; i
< n
; ++i
) {
302 if (inums
[i
] == inum
)
308 } else if (n
< USB_MAXINTERFACES
) {
314 } else if (header
->bDescriptorType
== USB_DT_DEVICE
||
315 header
->bDescriptorType
== USB_DT_CONFIG
)
316 dev_warn(ddev
, "config %d contains an unexpected "
317 "descriptor of type 0x%X, skipping\n",
318 cfgno
, header
->bDescriptorType
);
320 } /* for ((buffer2 = buffer, size2 = size); ...) */
321 size
= buffer2
- buffer
;
322 config
->desc
.wTotalLength
= cpu_to_le16(buffer2
- buffer0
);
325 dev_warn(ddev
, "config %d has %d interface%s, different from "
326 "the descriptor's value: %d\n",
327 cfgno
, n
, plural(n
), nintf_orig
);
329 dev_warn(ddev
, "config %d has no interfaces?\n", cfgno
);
330 config
->desc
.bNumInterfaces
= nintf
= n
;
332 /* Check for missing interface numbers */
333 for (i
= 0; i
< nintf
; ++i
) {
334 for (j
= 0; j
< nintf
; ++j
) {
339 dev_warn(ddev
, "config %d has no interface number "
343 /* Allocate the usb_interface_caches and altsetting arrays */
344 for (i
= 0; i
< nintf
; ++i
) {
346 if (j
> USB_MAXALTSETTING
) {
347 dev_warn(ddev
, "too many alternate settings for "
348 "config %d interface %d: %d, "
349 "using maximum allowed: %d\n",
350 cfgno
, inums
[i
], j
, USB_MAXALTSETTING
);
351 nalts
[i
] = j
= USB_MAXALTSETTING
;
354 len
= sizeof(*intfc
) + sizeof(struct usb_host_interface
) * j
;
355 config
->intf_cache
[i
] = intfc
= kzalloc(len
, GFP_KERNEL
);
358 kref_init(&intfc
->ref
);
361 /* Skip over any Class Specific or Vendor Specific descriptors;
362 * find the first interface descriptor */
363 config
->extra
= buffer
;
364 i
= find_next_descriptor(buffer
, size
, USB_DT_INTERFACE
,
365 USB_DT_INTERFACE
, &n
);
366 config
->extralen
= i
;
368 dev_dbg(ddev
, "skipped %d descriptor%s after %s\n",
369 n
, plural(n
), "configuration");
373 /* Parse all the interface/altsetting descriptors */
375 retval
= usb_parse_interface(ddev
, cfgno
, config
,
376 buffer
, size
, inums
, nalts
);
384 /* Check for missing altsettings */
385 for (i
= 0; i
< nintf
; ++i
) {
386 intfc
= config
->intf_cache
[i
];
387 for (j
= 0; j
< intfc
->num_altsetting
; ++j
) {
388 for (n
= 0; n
< intfc
->num_altsetting
; ++n
) {
389 if (intfc
->altsetting
[n
].desc
.
390 bAlternateSetting
== j
)
393 if (n
>= intfc
->num_altsetting
)
394 dev_warn(ddev
, "config %d interface %d has no "
395 "altsetting %d\n", cfgno
, inums
[i
], j
);
402 // hub-only!! ... and only exported for reset/reinit path.
403 // otherwise used internally on disconnect/destroy path
404 void usb_destroy_configuration(struct usb_device
*dev
)
411 if (dev
->rawdescriptors
) {
412 for (i
= 0; i
< dev
->descriptor
.bNumConfigurations
; i
++)
413 kfree(dev
->rawdescriptors
[i
]);
415 kfree(dev
->rawdescriptors
);
416 dev
->rawdescriptors
= NULL
;
419 for (c
= 0; c
< dev
->descriptor
.bNumConfigurations
; c
++) {
420 struct usb_host_config
*cf
= &dev
->config
[c
];
423 for (i
= 0; i
< cf
->desc
.bNumInterfaces
; i
++) {
424 if (cf
->intf_cache
[i
])
425 kref_put(&cf
->intf_cache
[i
]->ref
,
426 usb_release_interface_cache
);
434 // hub-only!! ... and only in reset path, or usb_new_device()
435 // (used by real hubs and virtual root hubs)
436 int usb_get_configuration(struct usb_device
*dev
)
438 struct device
*ddev
= &dev
->dev
;
439 int ncfg
= dev
->descriptor
.bNumConfigurations
;
440 int result
= -ENOMEM
;
441 unsigned int cfgno
, length
;
442 unsigned char *buffer
;
443 unsigned char *bigbuffer
;
444 struct usb_config_descriptor
*desc
;
446 if (ncfg
> USB_MAXCONFIG
) {
447 dev_warn(ddev
, "too many configurations: %d, "
448 "using maximum allowed: %d\n", ncfg
, USB_MAXCONFIG
);
449 dev
->descriptor
.bNumConfigurations
= ncfg
= USB_MAXCONFIG
;
453 dev_err(ddev
, "no configurations\n");
457 length
= ncfg
* sizeof(struct usb_host_config
);
458 dev
->config
= kzalloc(length
, GFP_KERNEL
);
462 length
= ncfg
* sizeof(char *);
463 dev
->rawdescriptors
= kzalloc(length
, GFP_KERNEL
);
464 if (!dev
->rawdescriptors
)
467 buffer
= kmalloc(USB_DT_CONFIG_SIZE
, GFP_KERNEL
);
470 desc
= (struct usb_config_descriptor
*)buffer
;
472 for (cfgno
= 0; cfgno
< ncfg
; cfgno
++) {
473 /* We grab just the first descriptor so we know how long
474 * the whole configuration is */
475 result
= usb_get_descriptor(dev
, USB_DT_CONFIG
, cfgno
,
476 buffer
, USB_DT_CONFIG_SIZE
);
478 dev_err(ddev
, "unable to read config index %d "
479 "descriptor/%s\n", cfgno
, "start");
480 dev_err(ddev
, "chopping to %d config(s)\n", cfgno
);
481 dev
->descriptor
.bNumConfigurations
= cfgno
;
483 } else if (result
< 4) {
484 dev_err(ddev
, "config index %d descriptor too short "
485 "(expected %i, got %i)\n", cfgno
,
486 USB_DT_CONFIG_SIZE
, result
);
490 length
= max((int) le16_to_cpu(desc
->wTotalLength
),
493 /* Now that we know the length, get the whole thing */
494 bigbuffer
= kmalloc(length
, GFP_KERNEL
);
499 result
= usb_get_descriptor(dev
, USB_DT_CONFIG
, cfgno
,
502 dev_err(ddev
, "unable to read config index %d "
503 "descriptor/%s\n", cfgno
, "all");
507 if (result
< length
) {
508 dev_warn(ddev
, "config index %d descriptor too short "
509 "(expected %i, got %i)\n", cfgno
, length
, result
);
513 dev
->rawdescriptors
[cfgno
] = bigbuffer
;
515 result
= usb_parse_configuration(&dev
->dev
, cfgno
,
516 &dev
->config
[cfgno
], bigbuffer
, length
);
526 dev
->descriptor
.bNumConfigurations
= cfgno
;
528 if (result
== -ENOMEM
)
529 dev_err(ddev
, "out of memory\n");