search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
USB: add binary API to usbmon
[usb.git] / drivers / usb / mon / mon_text.c
blobd38a1279d9d9b071c0a9ddf0b078f094bf80a627
1 /*
2 * The USB Monitor, inspired by Dave Harding's USBMon.
3 *
4 * This is a text format reader.
5 */
6
7 #include <linux/kernel.h>
8 #include <linux/list.h>
9 #include <linux/usb.h>
10 #include <linux/time.h>
11 #include <linux/mutex.h>
12 #include <linux/debugfs.h>
13 #include <asm/uaccess.h>
14
15 #include "usb_mon.h"
16
17 /*
18 * No, we do not want arbitrarily long data strings.
19 * Use the binary interface if you want to capture bulk data!
20 */
21 #define DATA_MAX 32
22
23 /*
24 * Defined by USB 2.0 clause 9.3, table 9.2.
25 */
26 #define SETUP_MAX 8
27
28 /*
29 * This limit exists to prevent OOMs when the user process stops reading.
30 * If usbmon were available to unprivileged processes, it might be open
31 * to a local DoS. But we have to keep to root in order to prevent
32 * password sniffing from HID devices.
33 */
34 #define EVENT_MAX (2*PAGE_SIZE / sizeof(struct mon_event_text))
35
36 #define PRINTF_DFL 160
37
38 struct mon_event_text {
39 struct list_head e_link;
40 int type; /* submit, complete, etc. */
41 unsigned int pipe; /* Pipe */
42 unsigned long id; /* From pointer, most of the time */
43 unsigned int tstamp;
44 int length; /* Depends on type: xfer length or act length */
45 int status;
46 char setup_flag;
47 char data_flag;
48 unsigned char setup[SETUP_MAX];
49 unsigned char data[DATA_MAX];
50 };
51
52 #define SLAB_NAME_SZ 30
53 struct mon_reader_text {
54 struct kmem_cache *e_slab;
55 int nevents;
56 struct list_head e_list;
57 struct mon_reader r; /* In C, parent class can be placed anywhere */
58
59 wait_queue_head_t wait;
60 int printf_size;
61 char *printf_buf;
62 struct mutex printf_lock;
63
64 char slab_name[SLAB_NAME_SZ];
65 };
66
67 static struct dentry *mon_dir; /* Usually /sys/kernel/debug/usbmon */
68
69 static void mon_text_ctor(void *, struct kmem_cache *, unsigned long);
70
71 /*
72 * mon_text_submit
73 * mon_text_complete
74 *
75 * May be called from an interrupt.
76 *
77 * This is called with the whole mon_bus locked, so no additional lock.
78 */
79
80 static inline char mon_text_get_setup(struct mon_event_text *ep,
81 struct urb *urb, char ev_type, struct mon_bus *mbus)
82 {
83
84 if (!usb_pipecontrol(urb->pipe) || ev_type != 'S')
85 return '-';
86
87 if (mbus->uses_dma && (urb->transfer_flags & URB_NO_SETUP_DMA_MAP))
88 return mon_dmapeek(ep->setup, urb->setup_dma, SETUP_MAX);
89 if (urb->setup_packet == NULL)
90 return 'Z'; /* '0' would be not as pretty. */
91
92 memcpy(ep->setup, urb->setup_packet, SETUP_MAX);
93 return 0;
94 }
95
96 static inline char mon_text_get_data(struct mon_event_text *ep, struct urb *urb,
97 int len, char ev_type, struct mon_bus *mbus)
98 {
99 int pipe = urb->pipe;
100
101 if (len <= 0)
102 return 'L';
103 if (len >= DATA_MAX)
104 len = DATA_MAX;
105
106 if (usb_pipein(pipe)) {
107 if (ev_type == 'S')
108 return '<';
109 } else {
110 if (ev_type == 'C')
111 return '>';
112 }
113
114 /*
115 * The check to see if it's safe to poke at data has an enormous
116 * number of corner cases, but it seems that the following is
117 * more or less safe.
118 *
119 * We do not even try to look at transfer_buffer, because it can
120 * contain non-NULL garbage in case the upper level promised to
121 * set DMA for the HCD.
122 */
123 if (mbus->uses_dma && (urb->transfer_flags & URB_NO_TRANSFER_DMA_MAP))
124 return mon_dmapeek(ep->data, urb->transfer_dma, len);
125
126 if (urb->transfer_buffer == NULL)
127 return 'Z'; /* '0' would be not as pretty. */
128
129 memcpy(ep->data, urb->transfer_buffer, len);
130 return 0;
131 }
132
133 static inline unsigned int mon_get_timestamp(void)
134 {
135 struct timeval tval;
136 unsigned int stamp;
137
138 do_gettimeofday(&tval);
139 stamp = tval.tv_sec & 0xFFFF; /* 2^32 = 4294967296. Limit to 4096s. */
140 stamp = stamp * 1000000 + tval.tv_usec;
141 return stamp;
142 }
143
144 static void mon_text_event(struct mon_reader_text *rp, struct urb *urb,
145 char ev_type)
146 {
147 struct mon_event_text *ep;
148 unsigned int stamp;
149
150 stamp = mon_get_timestamp();
151
152 if (rp->nevents >= EVENT_MAX ||
153 (ep = kmem_cache_alloc(rp->e_slab, GFP_ATOMIC)) == NULL) {
154 rp->r.m_bus->cnt_text_lost++;
155 return;
156 }
157
158 ep->type = ev_type;
159 ep->pipe = urb->pipe;
160 ep->id = (unsigned long) urb;
161 ep->tstamp = stamp;
162 ep->length = (ev_type == 'S') ?
163 urb->transfer_buffer_length : urb->actual_length;
164 /* Collecting status makes debugging sense for submits, too */
165 ep->status = urb->status;
166
167 ep->setup_flag = mon_text_get_setup(ep, urb, ev_type, rp->r.m_bus);
168 ep->data_flag = mon_text_get_data(ep, urb, ep->length, ev_type,
169 rp->r.m_bus);
170
171 rp->nevents++;
172 list_add_tail(&ep->e_link, &rp->e_list);
173 wake_up(&rp->wait);
174 }
175
176 static void mon_text_submit(void *data, struct urb *urb)
177 {
178 struct mon_reader_text *rp = data;
179 mon_text_event(rp, urb, 'S');
180 }
181
182 static void mon_text_complete(void *data, struct urb *urb)
183 {
184 struct mon_reader_text *rp = data;
185 mon_text_event(rp, urb, 'C');
186 }
187
188 static void mon_text_error(void *data, struct urb *urb, int error)
189 {
190 struct mon_reader_text *rp = data;
191 struct mon_event_text *ep;
192
193 if (rp->nevents >= EVENT_MAX ||
194 (ep = kmem_cache_alloc(rp->e_slab, GFP_ATOMIC)) == NULL) {
195 rp->r.m_bus->cnt_text_lost++;
196 return;
197 }
198
199 ep->type = 'E';
200 ep->pipe = urb->pipe;
201 ep->id = (unsigned long) urb;
202 ep->tstamp = 0;
203 ep->length = 0;
204 ep->status = error;
205
206 ep->setup_flag = '-';
207 ep->data_flag = 'E';
208
209 rp->nevents++;
210 list_add_tail(&ep->e_link, &rp->e_list);
211 wake_up(&rp->wait);
212 }
213
214 /*
215 * Fetch next event from the circular buffer.
216 */
217 static struct mon_event_text *mon_text_fetch(struct mon_reader_text *rp,
218 struct mon_bus *mbus)
219 {
220 struct list_head *p;
221 unsigned long flags;
222
223 spin_lock_irqsave(&mbus->lock, flags);
224 if (list_empty(&rp->e_list)) {
225 spin_unlock_irqrestore(&mbus->lock, flags);
226 return NULL;
227 }
228 p = rp->e_list.next;
229 list_del(p);
230 --rp->nevents;
231 spin_unlock_irqrestore(&mbus->lock, flags);
232 return list_entry(p, struct mon_event_text, e_link);
233 }
234
235 /*
236 */
237 static int mon_text_open(struct inode *inode, struct file *file)
238 {
239 struct mon_bus *mbus;
240 struct usb_bus *ubus;
241 struct mon_reader_text *rp;
242 int rc;
243
244 mutex_lock(&mon_lock);
245 mbus = inode->i_private;
246 ubus = mbus->u_bus;
247
248 rp = kzalloc(sizeof(struct mon_reader_text), GFP_KERNEL);
249 if (rp == NULL) {
250 rc = -ENOMEM;
251 goto err_alloc;
252 }
253 INIT_LIST_HEAD(&rp->e_list);
254 init_waitqueue_head(&rp->wait);
255 mutex_init(&rp->printf_lock);
256
257 rp->printf_size = PRINTF_DFL;
258 rp->printf_buf = kmalloc(rp->printf_size, GFP_KERNEL);
259 if (rp->printf_buf == NULL) {
260 rc = -ENOMEM;
261 goto err_alloc_pr;
262 }
263
264 rp->r.m_bus = mbus;
265 rp->r.r_data = rp;
266 rp->r.rnf_submit = mon_text_submit;
267 rp->r.rnf_error = mon_text_error;
268 rp->r.rnf_complete = mon_text_complete;
269
270 snprintf(rp->slab_name, SLAB_NAME_SZ, "mon%dt_%lx", ubus->busnum,
271 (long)rp);
272 rp->e_slab = kmem_cache_create(rp->slab_name,
273 sizeof(struct mon_event_text), sizeof(long), 0,
274 mon_text_ctor, NULL);
275 if (rp->e_slab == NULL) {
276 rc = -ENOMEM;
277 goto err_slab;
278 }
279
280 mon_reader_add(mbus, &rp->r);
281
282 file->private_data = rp;
283 mutex_unlock(&mon_lock);
284 return 0;
285
286 // err_busy:
287 // kmem_cache_destroy(rp->e_slab);
288 err_slab:
289 kfree(rp->printf_buf);
290 err_alloc_pr:
291 kfree(rp);
292 err_alloc:
293 mutex_unlock(&mon_lock);
294 return rc;
295 }
296
297 /*
298 * For simplicity, we read one record in one system call and throw out
299 * what does not fit. This means that the following does not work:
300 * dd if=/dbg/usbmon/0t bs=10
301 * Also, we do not allow seeks and do not bother advancing the offset.
302 */
303 static ssize_t mon_text_read(struct file *file, char __user *buf,
304 size_t nbytes, loff_t *ppos)
305 {
306 struct mon_reader_text *rp = file->private_data;
307 struct mon_bus *mbus = rp->r.m_bus;
308 DECLARE_WAITQUEUE(waita, current);
309 struct mon_event_text *ep;
310 int cnt, limit;
311 char *pbuf;
312 char udir, utype;
313 int data_len, i;
314
315 add_wait_queue(&rp->wait, &waita);
316 set_current_state(TASK_INTERRUPTIBLE);
317 while ((ep = mon_text_fetch(rp, mbus)) == NULL) {
318 if (file->f_flags & O_NONBLOCK) {
319 set_current_state(TASK_RUNNING);
320 remove_wait_queue(&rp->wait, &waita);
321 return -EWOULDBLOCK; /* Same as EAGAIN in Linux */
322 }
323 /*
324 * We do not count nwaiters, because ->release is supposed
325 * to be called when all openers are gone only.
326 */
327 schedule();
328 if (signal_pending(current)) {
329 remove_wait_queue(&rp->wait, &waita);
330 return -EINTR;
331 }
332 set_current_state(TASK_INTERRUPTIBLE);
333 }
334 set_current_state(TASK_RUNNING);
335 remove_wait_queue(&rp->wait, &waita);
336
337 mutex_lock(&rp->printf_lock);
338 cnt = 0;
339 pbuf = rp->printf_buf;
340 limit = rp->printf_size;
341
342 udir = usb_pipein(ep->pipe) ? 'i' : 'o';
343 switch (usb_pipetype(ep->pipe)) {
344 case PIPE_ISOCHRONOUS: utype = 'Z'; break;
345 case PIPE_INTERRUPT: utype = 'I'; break;
346 case PIPE_CONTROL: utype = 'C'; break;
347 default: /* PIPE_BULK */ utype = 'B';
348 }
349 cnt += snprintf(pbuf + cnt, limit - cnt,
350 "%lx %u %c %c%c:%03u:%02u",
351 ep->id, ep->tstamp, ep->type,
352 utype, udir, usb_pipedevice(ep->pipe), usb_pipeendpoint(ep->pipe));
353
354 if (ep->setup_flag == 0) { /* Setup packet is present and captured */
355 cnt += snprintf(pbuf + cnt, limit - cnt,
356 " s %02x %02x %04x %04x %04x",
357 ep->setup[0],
358 ep->setup[1],
359 (ep->setup[3] << 8) | ep->setup[2],
360 (ep->setup[5] << 8) | ep->setup[4],
361 (ep->setup[7] << 8) | ep->setup[6]);
362 } else if (ep->setup_flag != '-') { /* Unable to capture setup packet */
363 cnt += snprintf(pbuf + cnt, limit - cnt,
364 " %c __ __ ____ ____ ____", ep->setup_flag);
365 } else { /* No setup for this kind of URB */
366 cnt += snprintf(pbuf + cnt, limit - cnt, " %d", ep->status);
367 }
368 cnt += snprintf(pbuf + cnt, limit - cnt, " %d", ep->length);
369
370 if ((data_len = ep->length) > 0) {
371 if (ep->data_flag == 0) {
372 cnt += snprintf(pbuf + cnt, limit - cnt, " =");
373 if (data_len >= DATA_MAX)
374 data_len = DATA_MAX;
375 for (i = 0; i < data_len; i++) {
376 if (i % 4 == 0) {
377 cnt += snprintf(pbuf + cnt, limit - cnt,
378 " ");
379 }
380 cnt += snprintf(pbuf + cnt, limit - cnt,
381 "%02x", ep->data[i]);
382 }
383 cnt += snprintf(pbuf + cnt, limit - cnt, "\n");
384 } else {
385 cnt += snprintf(pbuf + cnt, limit - cnt,
386 " %c\n", ep->data_flag);
387 }
388 } else {
389 cnt += snprintf(pbuf + cnt, limit - cnt, "\n");
390 }
391
392 if (copy_to_user(buf, rp->printf_buf, cnt))
393 cnt = -EFAULT;
394 mutex_unlock(&rp->printf_lock);
395 kmem_cache_free(rp->e_slab, ep);
396 return cnt;
397 }
398
399 static int mon_text_release(struct inode *inode, struct file *file)
400 {
401 struct mon_reader_text *rp = file->private_data;
402 struct mon_bus *mbus;
403 /* unsigned long flags; */
404 struct list_head *p;
405 struct mon_event_text *ep;
406
407 mutex_lock(&mon_lock);
408 mbus = inode->i_private;
409
410 if (mbus->nreaders <= 0) {
411 printk(KERN_ERR TAG ": consistency error on close\n");
412 mutex_unlock(&mon_lock);
413 return 0;
414 }
415 mon_reader_del(mbus, &rp->r);
416
417 /*
418 * In theory, e_list is protected by mbus->lock. However,
419 * after mon_reader_del has finished, the following is the case:
420 * - we are not on reader list anymore, so new events won't be added;
421 * - whole mbus may be dropped if it was orphaned.
422 * So, we better not touch mbus.
423 */
424 /* spin_lock_irqsave(&mbus->lock, flags); */
425 while (!list_empty(&rp->e_list)) {
426 p = rp->e_list.next;
427 ep = list_entry(p, struct mon_event_text, e_link);
428 list_del(p);
429 --rp->nevents;
430 kmem_cache_free(rp->e_slab, ep);
431 }
432 /* spin_unlock_irqrestore(&mbus->lock, flags); */
433
434 kmem_cache_destroy(rp->e_slab);
435 kfree(rp->printf_buf);
436 kfree(rp);
437
438 mutex_unlock(&mon_lock);
439 return 0;
440 }
441
442 static const struct file_operations mon_fops_text = {
443 .owner = THIS_MODULE,
444 .open = mon_text_open,
445 .llseek = no_llseek,
446 .read = mon_text_read,
447 /* .write = mon_text_write, */
448 /* .poll = mon_text_poll, */
449 /* .ioctl = mon_text_ioctl, */
450 .release = mon_text_release,
451 };
452
453 int mon_text_add(struct mon_bus *mbus, const struct usb_bus *ubus)
454 {
455 struct dentry *d;
456 enum { NAMESZ = 10 };
457 char name[NAMESZ];
458 int rc;
459
460 rc = snprintf(name, NAMESZ, "%dt", ubus->busnum);
461 if (rc <= 0 || rc >= NAMESZ)
462 goto err_print_t;
463 d = debugfs_create_file(name, 0600, mon_dir, mbus, &mon_fops_text);
464 if (d == NULL)
465 goto err_create_t;
466 mbus->dent_t = d;
467
468 /* XXX The stats do not belong to here (text API), but oh well... */
469 rc = snprintf(name, NAMESZ, "%ds", ubus->busnum);
470 if (rc <= 0 || rc >= NAMESZ)
471 goto err_print_s;
472 d = debugfs_create_file(name, 0600, mon_dir, mbus, &mon_fops_stat);
473 if (d == NULL)
474 goto err_create_s;
475 mbus->dent_s = d;
476
477 return 1;
478
479 err_create_s:
480 err_print_s:
481 debugfs_remove(mbus->dent_t);
482 mbus->dent_t = NULL;
483 err_create_t:
484 err_print_t:
485 return 0;
486 }
487
488 void mon_text_del(struct mon_bus *mbus)
489 {
490 debugfs_remove(mbus->dent_t);
491 debugfs_remove(mbus->dent_s);
492 }
493
494 /*
495 * Slab interface: constructor.
496 */
497 static void mon_text_ctor(void *mem, struct kmem_cache *slab, unsigned long sflags)
498 {
499 /*
500 * Nothing to initialize. No, really!
501 * So, we fill it with garbage to emulate a reused object.
502 */
503 memset(mem, 0xe5, sizeof(struct mon_event_text));
504 }
505
506 int __init mon_text_init(void)
507 {
508 struct dentry *mondir;
509
510 mondir = debugfs_create_dir("usbmon", NULL);
511 if (IS_ERR(mondir)) {
512 printk(KERN_NOTICE TAG ": debugfs is not available\n");
513 return -ENODEV;
514 }
515 if (mondir == NULL) {
516 printk(KERN_NOTICE TAG ": unable to create usbmon directory\n");
517 return -ENODEV;
518 }
519 mon_dir = mondir;
520 return 0;
521 }
522
523 void __exit mon_text_exit(void)
524 {
525 debugfs_remove(mon_dir);
526 }
USB Experimental Work