From: Andrey Konovalov <[email protected]>
Currently, if a USB request that was queued by Raw Gadget is interrupted
(via a signal), wait_for_completion_interruptible returns -ERESTARTSYS.
Raw Gadget then attempts to propagate this value to userspace as a return
value from its ioctls. However, when -ERESTARTSYS is returned by a syscall
handler, the kernel internally restarts the syscall.
This doesn't allow userspace applications to interrupt requests queued by
Raw Gadget (which is required when the emulated device is asked to switch
altsettings). It also violates the implied interface of Raw Gadget that a
single ioctl must only queue a single USB request.
Instead, make Raw Gadget do what GadgetFS does: check whether the request
was interrupted (dequeued with status == -ECONNRESET) and report -EINTR to
userspace.
Fixes: f2c2e717642c ("usb: gadget: add raw-gadget interface")
Signed-off-by: Andrey Konovalov <[email protected]>
---
drivers/usb/gadget/legacy/raw_gadget.c | 26 ++++++++++++++++----------
1 file changed, 16 insertions(+), 10 deletions(-)
diff --git a/drivers/usb/gadget/legacy/raw_gadget.c b/drivers/usb/gadget/legacy/raw_gadget.c
index b9ecc55a2ce2..ce9e87f84911 100644
--- a/drivers/usb/gadget/legacy/raw_gadget.c
+++ b/drivers/usb/gadget/legacy/raw_gadget.c
@@ -674,12 +674,12 @@ static int raw_process_ep0_io(struct raw_dev *dev, struct usb_raw_ep_io *io,
if (WARN_ON(in && dev->ep0_out_pending)) {
ret = -ENODEV;
dev->state = STATE_DEV_FAILED;
- goto out_done;
+ goto out_unlock;
}
if (WARN_ON(!in && dev->ep0_in_pending)) {
ret = -ENODEV;
dev->state = STATE_DEV_FAILED;
- goto out_done;
+ goto out_unlock;
}
dev->req->buf = data;
@@ -694,7 +694,7 @@ static int raw_process_ep0_io(struct raw_dev *dev, struct usb_raw_ep_io *io,
"fail, usb_ep_queue returned %d\n", ret);
spin_lock_irqsave(&dev->lock, flags);
dev->state = STATE_DEV_FAILED;
- goto out_done;
+ goto out_queue_failed;
}
ret = wait_for_completion_interruptible(&dev->ep0_done);
@@ -703,13 +703,16 @@ static int raw_process_ep0_io(struct raw_dev *dev, struct usb_raw_ep_io *io,
usb_ep_dequeue(dev->gadget->ep0, dev->req);
wait_for_completion(&dev->ep0_done);
spin_lock_irqsave(&dev->lock, flags);
- goto out_done;
+ if (dev->ep0_status == -ECONNRESET)
+ dev->ep0_status = -EINTR;
+ goto out_interrupted;
}
spin_lock_irqsave(&dev->lock, flags);
- ret = dev->ep0_status;
-out_done:
+out_interrupted:
+ ret = dev->ep0_status;
+out_queue_failed:
dev->ep0_urb_queued = false;
out_unlock:
spin_unlock_irqrestore(&dev->lock, flags);
@@ -1078,7 +1081,7 @@ static int raw_process_ep_io(struct raw_dev *dev, struct usb_raw_ep_io *io,
"fail, usb_ep_queue returned %d\n", ret);
spin_lock_irqsave(&dev->lock, flags);
dev->state = STATE_DEV_FAILED;
- goto out_done;
+ goto out_queue_failed;
}
ret = wait_for_completion_interruptible(&done);
@@ -1087,13 +1090,16 @@ static int raw_process_ep_io(struct raw_dev *dev, struct usb_raw_ep_io *io,
usb_ep_dequeue(ep->ep, ep->req);
wait_for_completion(&done);
spin_lock_irqsave(&dev->lock, flags);
- goto out_done;
+ if (ep->status == -ECONNRESET)
+ ep->status = -EINTR;
+ goto out_interrupted;
}
spin_lock_irqsave(&dev->lock, flags);
- ret = ep->status;
-out_done:
+out_interrupted:
+ ret = ep->status;
+out_queue_failed:
ep->urb_queued = false;
out_unlock:
spin_unlock_irqrestore(&dev->lock, flags);
--
2.25.1
From: Andrey Konovalov <[email protected]>
Update USB_RAW_IOCTL_EVENT_FETCH to also report suspend, resume, reset,
and disconnect events.
This allows the code that emulates a USB device via Raw Gadget to handle
these events. For example, the device can restart enumeration when it
gets reset.
Also do not print a WARNING when the event queue overflows. With these new
events being queued, the queue might overflow if the device emulation code
stops fetching events. Instead, print an error message.
Also print debug messages when a non-control event is received.
Signed-off-by: Andrey Konovalov <[email protected]>
---
drivers/usb/gadget/legacy/raw_gadget.c | 53 ++++++++++++++++++++++----
include/uapi/linux/usb/raw_gadget.h | 14 ++++++-
2 files changed, 57 insertions(+), 10 deletions(-)
diff --git a/drivers/usb/gadget/legacy/raw_gadget.c b/drivers/usb/gadget/legacy/raw_gadget.c
index daac1f078516..ee712e6570b4 100644
--- a/drivers/usb/gadget/legacy/raw_gadget.c
+++ b/drivers/usb/gadget/legacy/raw_gadget.c
@@ -65,8 +65,9 @@ static int raw_event_queue_add(struct raw_event_queue *queue,
struct usb_raw_event *event;
spin_lock_irqsave(&queue->lock, flags);
- if (WARN_ON(queue->size >= RAW_EVENT_QUEUE_SIZE)) {
+ if (queue->size >= RAW_EVENT_QUEUE_SIZE) {
spin_unlock_irqrestore(&queue->lock, flags);
+ dev_err(&gadget->dev, "event queue overflown\n");
return -ENOMEM;
}
event = kmalloc(sizeof(*event) + length, GFP_ATOMIC);
@@ -311,9 +312,10 @@ static int gadget_bind(struct usb_gadget *gadget,
dev->eps_num = i;
spin_unlock_irqrestore(&dev->lock, flags);
+ dev_dbg(&gadget->dev, "gadget connected\n");
ret = raw_queue_event(dev, USB_RAW_EVENT_CONNECT, 0, NULL);
if (ret < 0) {
- dev_err(&gadget->dev, "failed to queue event\n");
+ dev_err(&gadget->dev, "failed to queue connect event\n");
set_gadget_data(gadget, NULL);
return ret;
}
@@ -358,7 +360,7 @@ static int gadget_setup(struct usb_gadget *gadget,
ret = raw_queue_event(dev, USB_RAW_EVENT_CONTROL, sizeof(*ctrl), ctrl);
if (ret < 0)
- dev_err(&gadget->dev, "failed to queue event\n");
+ dev_err(&gadget->dev, "failed to queue control event\n");
goto out;
out_unlock:
@@ -377,11 +379,46 @@ static int gadget_setup(struct usb_gadget *gadget,
return ret;
}
-/* These are currently unused but present in case UDC driver requires them. */
-static void gadget_disconnect(struct usb_gadget *gadget) { }
-static void gadget_suspend(struct usb_gadget *gadget) { }
-static void gadget_resume(struct usb_gadget *gadget) { }
-static void gadget_reset(struct usb_gadget *gadget) { }
+static void gadget_disconnect(struct usb_gadget *gadget)
+{
+ struct raw_dev *dev = get_gadget_data(gadget);
+ int ret;
+
+ dev_dbg(&gadget->dev, "gadget disconnected\n");
+ ret = raw_queue_event(dev, USB_RAW_EVENT_DISCONNECT, 0, NULL);
+ if (ret < 0)
+ dev_err(&gadget->dev, "failed to queue disconnect event\n");
+}
+static void gadget_suspend(struct usb_gadget *gadget)
+{
+ struct raw_dev *dev = get_gadget_data(gadget);
+ int ret;
+
+ dev_dbg(&gadget->dev, "gadget suspended\n");
+ ret = raw_queue_event(dev, USB_RAW_EVENT_SUSPEND, 0, NULL);
+ if (ret < 0)
+ dev_err(&gadget->dev, "failed to queue suspend event\n");
+}
+static void gadget_resume(struct usb_gadget *gadget)
+{
+ struct raw_dev *dev = get_gadget_data(gadget);
+ int ret;
+
+ dev_dbg(&gadget->dev, "gadget resumed\n");
+ ret = raw_queue_event(dev, USB_RAW_EVENT_RESUME, 0, NULL);
+ if (ret < 0)
+ dev_err(&gadget->dev, "failed to queue resume event\n");
+}
+static void gadget_reset(struct usb_gadget *gadget)
+{
+ struct raw_dev *dev = get_gadget_data(gadget);
+ int ret;
+
+ dev_dbg(&gadget->dev, "gadget reset\n");
+ ret = raw_queue_event(dev, USB_RAW_EVENT_RESET, 0, NULL);
+ if (ret < 0)
+ dev_err(&gadget->dev, "failed to queue reset event\n");
+}
/*----------------------------------------------------------------------*/
diff --git a/include/uapi/linux/usb/raw_gadget.h b/include/uapi/linux/usb/raw_gadget.h
index c7d2199134d7..f0224a8dc858 100644
--- a/include/uapi/linux/usb/raw_gadget.h
+++ b/include/uapi/linux/usb/raw_gadget.h
@@ -44,6 +44,16 @@ enum usb_raw_event_type {
/* This event is queued when a new control request arrived to ep0. */
USB_RAW_EVENT_CONTROL = 2,
+ /*
+ * These events are queued when the gadget driver is suspended,
+ * resumed, reset, or disconnected. Note that some UDCs (e.g. dwc2)
+ * report a disconnect event instead of a reset.
+ */
+ USB_RAW_EVENT_SUSPEND = 3,
+ USB_RAW_EVENT_RESUME = 4,
+ USB_RAW_EVENT_RESET = 5,
+ USB_RAW_EVENT_DISCONNECT = 6,
+
/* The list might grow in the future. */
};
@@ -54,8 +64,8 @@ enum usb_raw_event_type {
* actual length of the fetched event data.
* @data: A buffer to store the fetched event data.
*
- * Currently the fetched data buffer is empty for USB_RAW_EVENT_CONNECT,
- * and contains struct usb_ctrlrequest for USB_RAW_EVENT_CONTROL.
+ * The fetched event data buffer contains struct usb_ctrlrequest for
+ * USB_RAW_EVENT_CONTROL and is empty for other events.
*/
struct usb_raw_event {
__u32 type;
--
2.25.1
On Thu, Oct 26, 2023 at 4:24 PM <[email protected]> wrote:
>
> diff --git a/drivers/usb/gadget/legacy/raw_gadget.c b/drivers/usb/gadget/legacy/raw_gadget.c
> index daac1f078516..ee712e6570b4 100644
> --- a/drivers/usb/gadget/legacy/raw_gadget.c
> +++ b/drivers/usb/gadget/legacy/raw_gadget.c
> @@ -65,8 +65,9 @@ static int raw_event_queue_add(struct raw_event_queue *queue,
> struct usb_raw_event *event;
>
> spin_lock_irqsave(&queue->lock, flags);
> - if (WARN_ON(queue->size >= RAW_EVENT_QUEUE_SIZE)) {
> + if (queue->size >= RAW_EVENT_QUEUE_SIZE) {
> spin_unlock_irqrestore(&queue->lock, flags);
> + dev_err(&gadget->dev, "event queue overflown\n");
This is wrong, no reference to gadget->dev here. Will fix in v2 or
send a fix up.