1#include <linux/usb.h> 2#include <linux/usb/ch9.h> 3#include <linux/usb/hcd.h> 4#include <linux/usb/quirks.h> 5#include <linux/module.h> 6#include <linux/init.h> 7#include <linux/slab.h> 8#include <linux/device.h> 9#include <asm/byteorder.h> 10#include "usb.h" 11 12 13#define USB_MAXALTSETTING 128 /* Hard limit */ 14#define USB_MAXENDPOINTS 30 /* Hard limit */ 15 16#define USB_MAXCONFIG 8 /* Arbitrary limit */ 17 18 19static inline const char *plural(int n) 20{ 21 return (n == 1 ? "" : "s"); 22} 23 24static int find_next_descriptor(unsigned char *buffer, int size, 25 int dt1, int dt2, int *num_skipped) 26{ 27 struct usb_descriptor_header *h; 28 int n = 0; 29 unsigned char *buffer0 = buffer; 30 31 /* Find the next descriptor of type dt1 or dt2 */ 32 while (size > 0) { 33 h = (struct usb_descriptor_header *) buffer; 34 if (h->bDescriptorType == dt1 || h->bDescriptorType == dt2) 35 break; 36 buffer += h->bLength; 37 size -= h->bLength; 38 ++n; 39 } 40 41 /* Store the number of descriptors skipped and return the 42 * number of bytes skipped */ 43 if (num_skipped) 44 *num_skipped = n; 45 return buffer - buffer0; 46} 47 48static void usb_parse_ss_endpoint_companion(struct device *ddev, int cfgno, 49 int inum, int asnum, struct usb_host_endpoint *ep, 50 unsigned char *buffer, int size) 51{ 52 struct usb_ss_ep_comp_descriptor *desc; 53 int max_tx; 54 55 /* The SuperSpeed endpoint companion descriptor is supposed to 56 * be the first thing immediately following the endpoint descriptor. 57 */ 58 desc = (struct usb_ss_ep_comp_descriptor *) buffer; 59 if (desc->bDescriptorType != USB_DT_SS_ENDPOINT_COMP || 60 size < USB_DT_SS_EP_COMP_SIZE) { 61 dev_warn(ddev, "No SuperSpeed endpoint companion for config %d " 62 " interface %d altsetting %d ep %d: " 63 "using minimum values\n", 64 cfgno, inum, asnum, ep->desc.bEndpointAddress); 65 66 /* Fill in some default values. 67 * Leave bmAttributes as zero, which will mean no streams for 68 * bulk, and isoc won't support multiple bursts of packets. 69 * With bursts of only one packet, and a Mult of 1, the max 70 * amount of data moved per endpoint service interval is one 71 * packet. 72 */ 73 ep->ss_ep_comp.bLength = USB_DT_SS_EP_COMP_SIZE; 74 ep->ss_ep_comp.bDescriptorType = USB_DT_SS_ENDPOINT_COMP; 75 if (usb_endpoint_xfer_isoc(&ep->desc) || 76 usb_endpoint_xfer_int(&ep->desc)) 77 ep->ss_ep_comp.wBytesPerInterval = 78 ep->desc.wMaxPacketSize; 79 return; 80 } 81 82 memcpy(&ep->ss_ep_comp, desc, USB_DT_SS_EP_COMP_SIZE); 83 84 /* Check the various values */ 85 if (usb_endpoint_xfer_control(&ep->desc) && desc->bMaxBurst != 0) { 86 dev_warn(ddev, "Control endpoint with bMaxBurst = %d in " 87 "config %d interface %d altsetting %d ep %d: " 88 "setting to zero\n", desc->bMaxBurst, 89 cfgno, inum, asnum, ep->desc.bEndpointAddress); 90 ep->ss_ep_comp.bMaxBurst = 0; 91 } else if (desc->bMaxBurst > 15) { 92 dev_warn(ddev, "Endpoint with bMaxBurst = %d in " 93 "config %d interface %d altsetting %d ep %d: " 94 "setting to 15\n", desc->bMaxBurst, 95 cfgno, inum, asnum, ep->desc.bEndpointAddress); 96 ep->ss_ep_comp.bMaxBurst = 15; 97 } 98 99 if ((usb_endpoint_xfer_control(&ep->desc) || 100 usb_endpoint_xfer_int(&ep->desc)) && 101 desc->bmAttributes != 0) { 102 dev_warn(ddev, "%s endpoint with bmAttributes = %d in " 103 "config %d interface %d altsetting %d ep %d: " 104 "setting to zero\n", 105 usb_endpoint_xfer_control(&ep->desc) ? "Control" : "Bulk", 106 desc->bmAttributes, 107 cfgno, inum, asnum, ep->desc.bEndpointAddress); 108 ep->ss_ep_comp.bmAttributes = 0; 109 } else if (usb_endpoint_xfer_bulk(&ep->desc) && 110 desc->bmAttributes > 16) { 111 dev_warn(ddev, "Bulk endpoint with more than 65536 streams in " 112 "config %d interface %d altsetting %d ep %d: " 113 "setting to max\n", 114 cfgno, inum, asnum, ep->desc.bEndpointAddress); 115 ep->ss_ep_comp.bmAttributes = 16; 116 } else if (usb_endpoint_xfer_isoc(&ep->desc) && 117 desc->bmAttributes > 2) { 118 dev_warn(ddev, "Isoc endpoint has Mult of %d in " 119 "config %d interface %d altsetting %d ep %d: " 120 "setting to 3\n", desc->bmAttributes + 1, 121 cfgno, inum, asnum, ep->desc.bEndpointAddress); 122 ep->ss_ep_comp.bmAttributes = 2; 123 } 124 125 if (usb_endpoint_xfer_isoc(&ep->desc)) 126 max_tx = (desc->bMaxBurst + 1) * (desc->bmAttributes + 1) * 127 usb_endpoint_maxp(&ep->desc); 128 else if (usb_endpoint_xfer_int(&ep->desc)) 129 max_tx = usb_endpoint_maxp(&ep->desc) * 130 (desc->bMaxBurst + 1); 131 else 132 max_tx = 999999; 133 if (le16_to_cpu(desc->wBytesPerInterval) > max_tx) { 134 dev_warn(ddev, "%s endpoint with wBytesPerInterval of %d in " 135 "config %d interface %d altsetting %d ep %d: " 136 "setting to %d\n", 137 usb_endpoint_xfer_isoc(&ep->desc) ? "Isoc" : "Int", 138 le16_to_cpu(desc->wBytesPerInterval), 139 cfgno, inum, asnum, ep->desc.bEndpointAddress, 140 max_tx); 141 ep->ss_ep_comp.wBytesPerInterval = cpu_to_le16(max_tx); 142 } 143} 144 145static int usb_parse_endpoint(struct device *ddev, int cfgno, int inum, 146 int asnum, struct usb_host_interface *ifp, int num_ep, 147 unsigned char *buffer, int size) 148{ 149 unsigned char *buffer0 = buffer; 150 struct usb_endpoint_descriptor *d; 151 struct usb_host_endpoint *endpoint; 152 int n, i, j, retval; 153 154 d = (struct usb_endpoint_descriptor *) buffer; 155 buffer += d->bLength; 156 size -= d->bLength; 157 158 if (d->bLength >= USB_DT_ENDPOINT_AUDIO_SIZE) 159 n = USB_DT_ENDPOINT_AUDIO_SIZE; 160 else if (d->bLength >= USB_DT_ENDPOINT_SIZE) 161 n = USB_DT_ENDPOINT_SIZE; 162 else { 163 dev_warn(ddev, "config %d interface %d altsetting %d has an " 164 "invalid endpoint descriptor of length %d, skipping\n", 165 cfgno, inum, asnum, d->bLength); 166 goto skip_to_next_endpoint_or_interface_descriptor; 167 } 168 169 i = d->bEndpointAddress & ~USB_ENDPOINT_DIR_MASK; 170 if (i >= 16 || i == 0) { 171 dev_warn(ddev, "config %d interface %d altsetting %d has an " 172 "invalid endpoint with address 0x%X, skipping\n", 173 cfgno, inum, asnum, d->bEndpointAddress); 174 goto skip_to_next_endpoint_or_interface_descriptor; 175 } 176 177 /* Only store as many endpoints as we have room for */ 178 if (ifp->desc.bNumEndpoints >= num_ep) 179 goto skip_to_next_endpoint_or_interface_descriptor; 180 181 endpoint = &ifp->endpoint[ifp->desc.bNumEndpoints]; 182 ++ifp->desc.bNumEndpoints; 183 184 memcpy(&endpoint->desc, d, n); 185 INIT_LIST_HEAD(&endpoint->urb_list); 186 187 /* Fix up bInterval values outside the legal range. Use 32 ms if no 188 * proper value can be guessed. */ 189 i = 0; /* i = min, j = max, n = default */ 190 j = 255; 191 if (usb_endpoint_xfer_int(d)) { 192 i = 1; 193 switch (to_usb_device(ddev)->speed) { 194 case USB_SPEED_SUPER: 195 case USB_SPEED_HIGH: 196 /* Many device manufacturers are using full-speed 197 * bInterval values in high-speed interrupt endpoint 198 * descriptors. Try to fix those and fall back to a 199 * 32 ms default value otherwise. */ 200 n = fls(d->bInterval*8); 201 if (n == 0) 202 n = 9; /* 32 ms = 2^(9-1) uframes */ 203 j = 16; 204 break; 205 default: /* USB_SPEED_FULL or _LOW */ 206 /* For low-speed, 10 ms is the official minimum. 207 * But some "overclocked" devices might want faster 208 * polling so we'll allow it. */ 209 n = 32; 210 break; 211 } 212 } else if (usb_endpoint_xfer_isoc(d)) { 213 i = 1; 214 j = 16; 215 switch (to_usb_device(ddev)->speed) { 216 case USB_SPEED_HIGH: 217 n = 9; /* 32 ms = 2^(9-1) uframes */ 218 break; 219 default: /* USB_SPEED_FULL */ 220 n = 6; /* 32 ms = 2^(6-1) frames */ 221 break; 222 } 223 } 224 if (d->bInterval < i || d->bInterval > j) { 225 dev_warn(ddev, "config %d interface %d altsetting %d " 226 "endpoint 0x%X has an invalid bInterval %d, " 227 "changing to %d\n", 228 cfgno, inum, asnum, 229 d->bEndpointAddress, d->bInterval, n); 230 endpoint->desc.bInterval = n; 231 } 232 233 /* Some buggy low-speed devices have Bulk endpoints, which is 234 * explicitly forbidden by the USB spec. In an attempt to make 235 * them usable, we will try treating them as Interrupt endpoints. 236 */ 237 if (to_usb_device(ddev)->speed == USB_SPEED_LOW && 238 usb_endpoint_xfer_bulk(d)) { 239 dev_warn(ddev, "config %d interface %d altsetting %d " 240 "endpoint 0x%X is Bulk; changing to Interrupt\n", 241 cfgno, inum, asnum, d->bEndpointAddress); 242 endpoint->desc.bmAttributes = USB_ENDPOINT_XFER_INT; 243 endpoint->desc.bInterval = 1; 244 if (usb_endpoint_maxp(&endpoint->desc) > 8) 245 endpoint->desc.wMaxPacketSize = cpu_to_le16(8); 246 } 247 248 /* 249 * Some buggy high speed devices have bulk endpoints using 250 * maxpacket sizes other than 512. High speed HCDs may not 251 * be able to handle that particular bug, so let's warn... 252 */ 253 if (to_usb_device(ddev)->speed == USB_SPEED_HIGH 254 && usb_endpoint_xfer_bulk(d)) { 255 unsigned maxp; 256 257 maxp = usb_endpoint_maxp(&endpoint->desc) & 0x07ff; 258 if (maxp != 512) 259 dev_warn(ddev, "config %d interface %d altsetting %d " 260 "bulk endpoint 0x%X has invalid maxpacket %d\n", 261 cfgno, inum, asnum, d->bEndpointAddress, 262 maxp); 263 } 264 265 /* Parse a possible SuperSpeed endpoint companion descriptor */ 266 if (to_usb_device(ddev)->speed == USB_SPEED_SUPER) 267 usb_parse_ss_endpoint_companion(ddev, cfgno, 268 inum, asnum, endpoint, buffer, size); 269 270 /* Skip over any Class Specific or Vendor Specific descriptors; 271 * find the next endpoint or interface descriptor */ 272 endpoint->extra = buffer; 273 i = find_next_descriptor(buffer, size, USB_DT_ENDPOINT, 274 USB_DT_INTERFACE, &n); 275 endpoint->extralen = i; 276 retval = buffer - buffer0 + i; 277 if (n > 0) 278 dev_dbg(ddev, "skipped %d descriptor%s after %s\n", 279 n, plural(n), "endpoint"); 280 return retval; 281 282skip_to_next_endpoint_or_interface_descriptor: 283 i = find_next_descriptor(buffer, size, USB_DT_ENDPOINT, 284 USB_DT_INTERFACE, NULL); 285 return buffer - buffer0 + i; 286} 287 288void usb_release_interface_cache(struct kref *ref) 289{ 290 struct usb_interface_cache *intfc = ref_to_usb_interface_cache(ref); 291 int j; 292 293 for (j = 0; j < intfc->num_altsetting; j++) { 294 struct usb_host_interface *alt = &intfc->altsetting[j]; 295 296 kfree(alt->endpoint); 297 kfree(alt->string); 298 } 299 kfree(intfc); 300} 301 302static int usb_parse_interface(struct device *ddev, int cfgno, 303 struct usb_host_config *config, unsigned char *buffer, int size, 304 u8 inums[], u8 nalts[]) 305{ 306 unsigned char *buffer0 = buffer; 307 struct usb_interface_descriptor *d; 308 int inum, asnum; 309 struct usb_interface_cache *intfc; 310 struct usb_host_interface *alt; 311 int i, n; 312 int len, retval; 313 int num_ep, num_ep_orig; 314 315 d = (struct usb_interface_descriptor *) buffer; 316 buffer += d->bLength; 317 size -= d->bLength; 318 319 if (d->bLength < USB_DT_INTERFACE_SIZE) 320 goto skip_to_next_interface_descriptor; 321 322 /* Which interface entry is this? */ 323 intfc = NULL; 324 inum = d->bInterfaceNumber; 325 for (i = 0; i < config->desc.bNumInterfaces; ++i) { 326 if (inums[i] == inum) { 327 intfc = config->intf_cache[i]; 328 break; 329 } 330 } 331 if (!intfc || intfc->num_altsetting >= nalts[i]) 332 goto skip_to_next_interface_descriptor; 333 334 /* Check for duplicate altsetting entries */ 335 asnum = d->bAlternateSetting; 336 for ((i = 0, alt = &intfc->altsetting[0]); 337 i < intfc->num_altsetting; 338 (++i, ++alt)) { 339 if (alt->desc.bAlternateSetting == asnum) { 340 dev_warn(ddev, "Duplicate descriptor for config %d " 341 "interface %d altsetting %d, skipping\n", 342 cfgno, inum, asnum); 343 goto skip_to_next_interface_descriptor; 344 } 345 } 346 347 ++intfc->num_altsetting; 348 memcpy(&alt->desc, d, USB_DT_INTERFACE_SIZE); 349 350 /* Skip over any Class Specific or Vendor Specific descriptors; 351 * find the first endpoint or interface descriptor */ 352 alt->extra = buffer; 353 i = find_next_descriptor(buffer, size, USB_DT_ENDPOINT, 354 USB_DT_INTERFACE, &n); 355 alt->extralen = i; 356 if (n > 0) 357 dev_dbg(ddev, "skipped %d descriptor%s after %s\n", 358 n, plural(n), "interface"); 359 buffer += i; 360 size -= i; 361 362 /* Allocate space for the right(?) number of endpoints */ 363 num_ep = num_ep_orig = alt->desc.bNumEndpoints; 364 alt->desc.bNumEndpoints = 0; /* Use as a counter */ 365 if (num_ep > USB_MAXENDPOINTS) { 366 dev_warn(ddev, "too many endpoints for config %d interface %d " 367 "altsetting %d: %d, using maximum allowed: %d\n", 368 cfgno, inum, asnum, num_ep, USB_MAXENDPOINTS); 369 num_ep = USB_MAXENDPOINTS; 370 } 371 372 if (num_ep > 0) { 373 /* Can't allocate 0 bytes */ 374 len = sizeof(struct usb_host_endpoint) * num_ep; 375 alt->endpoint = kzalloc(len, GFP_KERNEL); 376 if (!alt->endpoint) 377 return -ENOMEM; 378 } 379 380 /* Parse all the endpoint descriptors */ 381 n = 0; 382 while (size > 0) { 383 if (((struct usb_descriptor_header *) buffer)->bDescriptorType 384 == USB_DT_INTERFACE) 385 break; 386 retval = usb_parse_endpoint(ddev, cfgno, inum, asnum, alt, 387 num_ep, buffer, size); 388 if (retval < 0) 389 return retval; 390 ++n; 391 392 buffer += retval; 393 size -= retval; 394 } 395 396 if (n != num_ep_orig) 397 dev_warn(ddev, "config %d interface %d altsetting %d has %d " 398 "endpoint descriptor%s, different from the interface " 399 "descriptor's value: %d\n", 400 cfgno, inum, asnum, n, plural(n), num_ep_orig); 401 return buffer - buffer0; 402 403skip_to_next_interface_descriptor: 404 i = find_next_descriptor(buffer, size, USB_DT_INTERFACE, 405 USB_DT_INTERFACE, NULL); 406 return buffer - buffer0 + i; 407} 408 409static int usb_parse_configuration(struct usb_device *dev, int cfgidx, 410 struct usb_host_config *config, unsigned char *buffer, int size) 411{ 412 struct device *ddev = &dev->dev; 413 unsigned char *buffer0 = buffer; 414 int cfgno; 415 int nintf, nintf_orig; 416 int i, j, n; 417 struct usb_interface_cache *intfc; 418 unsigned char *buffer2; 419 int size2; 420 struct usb_descriptor_header *header; 421 int len, retval; 422 u8 inums[USB_MAXINTERFACES], nalts[USB_MAXINTERFACES]; 423 unsigned iad_num = 0; 424 425 memcpy(&config->desc, buffer, USB_DT_CONFIG_SIZE); 426 if (config->desc.bDescriptorType != USB_DT_CONFIG || 427 config->desc.bLength < USB_DT_CONFIG_SIZE) { 428 dev_err(ddev, "invalid descriptor for config index %d: " 429 "type = 0x%X, length = %d\n", cfgidx, 430 config->desc.bDescriptorType, config->desc.bLength); 431 return -EINVAL; 432 } 433 cfgno = config->desc.bConfigurationValue; 434 435 buffer += config->desc.bLength; 436 size -= config->desc.bLength; 437 438 nintf = nintf_orig = config->desc.bNumInterfaces; 439 if (nintf > USB_MAXINTERFACES) { 440 dev_warn(ddev, "config %d has too many interfaces: %d, " 441 "using maximum allowed: %d\n", 442 cfgno, nintf, USB_MAXINTERFACES); 443 nintf = USB_MAXINTERFACES; 444 } 445 446 /* Go through the descriptors, checking their length and counting the 447 * number of altsettings for each interface */ 448 n = 0; 449 for ((buffer2 = buffer, size2 = size); 450 size2 > 0; 451 (buffer2 += header->bLength, size2 -= header->bLength)) { 452 453 if (size2 < sizeof(struct usb_descriptor_header)) { 454 dev_warn(ddev, "config %d descriptor has %d excess " 455 "byte%s, ignoring\n", 456 cfgno, size2, plural(size2)); 457 break; 458 } 459 460 header = (struct usb_descriptor_header *) buffer2; 461 if ((header->bLength > size2) || (header->bLength < 2)) { 462 dev_warn(ddev, "config %d has an invalid descriptor " 463 "of length %d, skipping remainder of the config\n", 464 cfgno, header->bLength); 465 break; 466 } 467 468 if (header->bDescriptorType == USB_DT_INTERFACE) { 469 struct usb_interface_descriptor *d; 470 int inum; 471 472 d = (struct usb_interface_descriptor *) header; 473 if (d->bLength < USB_DT_INTERFACE_SIZE) { 474 dev_warn(ddev, "config %d has an invalid " 475 "interface descriptor of length %d, " 476 "skipping\n", cfgno, d->bLength); 477 continue; 478 } 479 480 inum = d->bInterfaceNumber; 481 482 if ((dev->quirks & USB_QUIRK_HONOR_BNUMINTERFACES) && 483 n >= nintf_orig) { 484 dev_warn(ddev, "config %d has more interface " 485 "descriptors, than it declares in " 486 "bNumInterfaces, ignoring interface " 487 "number: %d\n", cfgno, inum); 488 continue; 489 } 490 491 if (inum >= nintf_orig) 492 dev_warn(ddev, "config %d has an invalid " 493 "interface number: %d but max is %d\n", 494 cfgno, inum, nintf_orig - 1); 495 496 /* Have we already encountered this interface? 497 * Count its altsettings */ 498 for (i = 0; i < n; ++i) { 499 if (inums[i] == inum) 500 break; 501 } 502 if (i < n) { 503 if (nalts[i] < 255) 504 ++nalts[i]; 505 } else if (n < USB_MAXINTERFACES) { 506 inums[n] = inum; 507 nalts[n] = 1; 508 ++n; 509 } 510 511 } else if (header->bDescriptorType == 512 USB_DT_INTERFACE_ASSOCIATION) { 513 if (iad_num == USB_MAXIADS) { 514 dev_warn(ddev, "found more Interface " 515 "Association Descriptors " 516 "than allocated for in " 517 "configuration %d\n", cfgno); 518 } else { 519 config->intf_assoc[iad_num] = 520 (struct usb_interface_assoc_descriptor 521 *)header; 522 iad_num++; 523 } 524 525 } else if (header->bDescriptorType == USB_DT_DEVICE || 526 header->bDescriptorType == USB_DT_CONFIG) 527 dev_warn(ddev, "config %d contains an unexpected " 528 "descriptor of type 0x%X, skipping\n", 529 cfgno, header->bDescriptorType); 530 531 } /* for ((buffer2 = buffer, size2 = size); ...) */ 532 size = buffer2 - buffer; 533 config->desc.wTotalLength = cpu_to_le16(buffer2 - buffer0); 534 535 if (n != nintf) 536 dev_warn(ddev, "config %d has %d interface%s, different from " 537 "the descriptor's value: %d\n", 538 cfgno, n, plural(n), nintf_orig); 539 else if (n == 0) 540 dev_warn(ddev, "config %d has no interfaces?\n", cfgno); 541 config->desc.bNumInterfaces = nintf = n; 542 543 /* Check for missing interface numbers */ 544 for (i = 0; i < nintf; ++i) { 545 for (j = 0; j < nintf; ++j) { 546 if (inums[j] == i) 547 break; 548 } 549 if (j >= nintf) 550 dev_warn(ddev, "config %d has no interface number " 551 "%d\n", cfgno, i); 552 } 553 554 /* Allocate the usb_interface_caches and altsetting arrays */ 555 for (i = 0; i < nintf; ++i) { 556 j = nalts[i]; 557 if (j > USB_MAXALTSETTING) { 558 dev_warn(ddev, "too many alternate settings for " 559 "config %d interface %d: %d, " 560 "using maximum allowed: %d\n", 561 cfgno, inums[i], j, USB_MAXALTSETTING); 562 nalts[i] = j = USB_MAXALTSETTING; 563 } 564 565 len = sizeof(*intfc) + sizeof(struct usb_host_interface) * j; 566 config->intf_cache[i] = intfc = kzalloc(len, GFP_KERNEL); 567 if (!intfc) 568 return -ENOMEM; 569 kref_init(&intfc->ref); 570 } 571 572 /* FIXME: parse the BOS descriptor */ 573 574 /* Skip over any Class Specific or Vendor Specific descriptors; 575 * find the first interface descriptor */ 576 config->extra = buffer; 577 i = find_next_descriptor(buffer, size, USB_DT_INTERFACE, 578 USB_DT_INTERFACE, &n); 579 config->extralen = i; 580 if (n > 0) 581 dev_dbg(ddev, "skipped %d descriptor%s after %s\n", 582 n, plural(n), "configuration"); 583 buffer += i; 584 size -= i; 585 586 /* Parse all the interface/altsetting descriptors */ 587 while (size > 0) { 588 retval = usb_parse_interface(ddev, cfgno, config, 589 buffer, size, inums, nalts); 590 if (retval < 0) 591 return retval; 592 593 buffer += retval; 594 size -= retval; 595 } 596 597 /* Check for missing altsettings */ 598 for (i = 0; i < nintf; ++i) { 599 intfc = config->intf_cache[i]; 600 for (j = 0; j < intfc->num_altsetting; ++j) { 601 for (n = 0; n < intfc->num_altsetting; ++n) { 602 if (intfc->altsetting[n].desc. 603 bAlternateSetting == j) 604 break; 605 } 606 if (n >= intfc->num_altsetting) 607 dev_warn(ddev, "config %d interface %d has no " 608 "altsetting %d\n", cfgno, inums[i], j); 609 } 610 } 611 612 return 0; 613} 614 615/* hub-only!! ... and only exported for reset/reinit path. 616 * otherwise used internally on disconnect/destroy path 617 */ 618void usb_destroy_configuration(struct usb_device *dev) 619{ 620 int c, i; 621 622 if (!dev->config) 623 return; 624 625 if (dev->rawdescriptors) { 626 for (i = 0; i < dev->descriptor.bNumConfigurations; i++) 627 kfree(dev->rawdescriptors[i]); 628 629 kfree(dev->rawdescriptors); 630 dev->rawdescriptors = NULL; 631 } 632 633 for (c = 0; c < dev->descriptor.bNumConfigurations; c++) { 634 struct usb_host_config *cf = &dev->config[c]; 635 636 kfree(cf->string); 637 for (i = 0; i < cf->desc.bNumInterfaces; i++) { 638 if (cf->intf_cache[i]) 639 kref_put(&cf->intf_cache[i]->ref, 640 usb_release_interface_cache); 641 } 642 } 643 kfree(dev->config); 644 dev->config = NULL; 645} 646 647 648/* 649 * Get the USB config descriptors, cache and parse'em 650 * 651 * hub-only!! ... and only in reset path, or usb_new_device() 652 * (used by real hubs and virtual root hubs) 653 * 654 * NOTE: if this is a WUSB device and is not authorized, we skip the 655 * whole thing. A non-authorized USB device has no 656 * configurations. 657 */ 658int usb_get_configuration(struct usb_device *dev) 659{ 660 struct device *ddev = &dev->dev; 661 int ncfg = dev->descriptor.bNumConfigurations; 662 int result = 0; 663 unsigned int cfgno, length; 664 unsigned char *bigbuffer; 665 struct usb_config_descriptor *desc; 666 667 cfgno = 0; 668 if (dev->authorized == 0) /* Not really an error */ 669 goto out_not_authorized; 670 result = -ENOMEM; 671 if (ncfg > USB_MAXCONFIG) { 672 dev_warn(ddev, "too many configurations: %d, " 673 "using maximum allowed: %d\n", ncfg, USB_MAXCONFIG); 674 dev->descriptor.bNumConfigurations = ncfg = USB_MAXCONFIG; 675 } 676 677 if (ncfg < 1) { 678 dev_err(ddev, "no configurations\n"); 679 return -EINVAL; 680 } 681 682 length = ncfg * sizeof(struct usb_host_config); 683 dev->config = kzalloc(length, GFP_KERNEL); 684 if (!dev->config) 685 goto err2; 686 687 length = ncfg * sizeof(char *); 688 dev->rawdescriptors = kzalloc(length, GFP_KERNEL); 689 if (!dev->rawdescriptors) 690 goto err2; 691 692 desc = kmalloc(USB_DT_CONFIG_SIZE, GFP_KERNEL); 693 if (!desc) 694 goto err2; 695 696 result = 0; 697 for (; cfgno < ncfg; cfgno++) { 698 /* We grab just the first descriptor so we know how long 699 * the whole configuration is */ 700 result = usb_get_descriptor(dev, USB_DT_CONFIG, cfgno, 701 desc, USB_DT_CONFIG_SIZE); 702 if (result < 0) { 703 dev_err(ddev, "unable to read config index %d " 704 "descriptor/%s: %d\n", cfgno, "start", result); 705 dev_err(ddev, "chopping to %d config(s)\n", cfgno); 706 dev->descriptor.bNumConfigurations = cfgno; 707 break; 708 } else if (result < 4) { 709 dev_err(ddev, "config index %d descriptor too short " 710 "(expected %i, got %i)\n", cfgno, 711 USB_DT_CONFIG_SIZE, result); 712 result = -EINVAL; 713 goto err; 714 } 715 length = max((int) le16_to_cpu(desc->wTotalLength), 716 USB_DT_CONFIG_SIZE); 717 718 /* Now that we know the length, get the whole thing */ 719 bigbuffer = kmalloc(length, GFP_KERNEL); 720 if (!bigbuffer) { 721 result = -ENOMEM; 722 goto err; 723 } 724 result = usb_get_descriptor(dev, USB_DT_CONFIG, cfgno, 725 bigbuffer, length); 726 if (result < 0) { 727 dev_err(ddev, "unable to read config index %d " 728 "descriptor/%s\n", cfgno, "all"); 729 kfree(bigbuffer); 730 goto err; 731 } 732 if (result < length) { 733 dev_warn(ddev, "config index %d descriptor too short " 734 "(expected %i, got %i)\n", cfgno, length, result); 735 length = result; 736 } 737 738 dev->rawdescriptors[cfgno] = bigbuffer; 739 740 result = usb_parse_configuration(dev, cfgno, 741 &dev->config[cfgno], bigbuffer, length); 742 if (result < 0) { 743 ++cfgno; 744 goto err; 745 } 746 } 747 result = 0; 748 749err: 750 kfree(desc); 751out_not_authorized: 752 dev->descriptor.bNumConfigurations = cfgno; 753err2: 754 if (result == -ENOMEM) 755 dev_err(ddev, "out of memory\n"); 756 return result; 757} 758 759void usb_release_bos_descriptor(struct usb_device *dev) 760{ 761 if (dev->bos) { 762 kfree(dev->bos->desc); 763 kfree(dev->bos); 764 dev->bos = NULL; 765 } 766} 767 768/* Get BOS descriptor set */ 769int usb_get_bos_descriptor(struct usb_device *dev) 770{ 771 struct device *ddev = &dev->dev; 772 struct usb_bos_descriptor *bos; 773 struct usb_dev_cap_header *cap; 774 unsigned char *buffer; 775 int length, total_len, num, i; 776 int ret; 777 778 bos = kzalloc(sizeof(struct usb_bos_descriptor), GFP_KERNEL); 779 if (!bos) 780 return -ENOMEM; 781 782 /* Get BOS descriptor */ 783 ret = usb_get_descriptor(dev, USB_DT_BOS, 0, bos, USB_DT_BOS_SIZE); 784 if (ret < USB_DT_BOS_SIZE) { 785 dev_err(ddev, "unable to get BOS descriptor\n"); 786 if (ret >= 0) 787 ret = -ENOMSG; 788 kfree(bos); 789 return ret; 790 } 791 792 length = bos->bLength; 793 total_len = le16_to_cpu(bos->wTotalLength); 794 num = bos->bNumDeviceCaps; 795 kfree(bos); 796 if (total_len < length) 797 return -EINVAL; 798 799 dev->bos = kzalloc(sizeof(struct usb_host_bos), GFP_KERNEL); 800 if (!dev->bos) 801 return -ENOMEM; 802 803 /* Now let's get the whole BOS descriptor set */ 804 buffer = kzalloc(total_len, GFP_KERNEL); 805 if (!buffer) { 806 ret = -ENOMEM; 807 goto err; 808 } 809 dev->bos->desc = (struct usb_bos_descriptor *)buffer; 810 811 ret = usb_get_descriptor(dev, USB_DT_BOS, 0, buffer, total_len); 812 if (ret < total_len) { 813 dev_err(ddev, "unable to get BOS descriptor set\n"); 814 if (ret >= 0) 815 ret = -ENOMSG; 816 goto err; 817 } 818 total_len -= length; 819 820 for (i = 0; i < num; i++) { 821 buffer += length; 822 cap = (struct usb_dev_cap_header *)buffer; 823 length = cap->bLength; 824 825 if (total_len < length) 826 break; 827 total_len -= length; 828 829 if (cap->bDescriptorType != USB_DT_DEVICE_CAPABILITY) { 830 dev_warn(ddev, "descriptor type invalid, skip\n"); 831 continue; 832 } 833 834 switch (cap->bDevCapabilityType) { 835 case USB_CAP_TYPE_WIRELESS_USB: 836 /* Wireless USB cap descriptor is handled by wusb */ 837 break; 838 case USB_CAP_TYPE_EXT: 839 dev->bos->ext_cap = 840 (struct usb_ext_cap_descriptor *)buffer; 841 break; 842 case USB_SS_CAP_TYPE: 843 dev->bos->ss_cap = 844 (struct usb_ss_cap_descriptor *)buffer; 845 break; 846 case CONTAINER_ID_TYPE: 847 dev->bos->ss_id = 848 (struct usb_ss_container_id_descriptor *)buffer; 849 break; 850 default: 851 break; 852 } 853 } 854 855 return 0; 856 857err: 858 usb_release_bos_descriptor(dev); 859 return ret; 860} 861