Received: by 2002:a25:1506:0:0:0:0:0 with SMTP id 6csp2604905ybv; Mon, 24 Feb 2020 08:14:32 -0800 (PST) X-Google-Smtp-Source: APXvYqxhOeQR7oyJGG6uF4hHgywxlqeywNNubwOeiElbDC8vsBTbkI7p1R2Dfc1/geW6cuhXGay9 X-Received: by 2002:a9d:395:: with SMTP id f21mr40922761otf.67.1582560872442; Mon, 24 Feb 2020 08:14:32 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1582560872; cv=none; d=google.com; s=arc-20160816; b=VgpzWbbyEOvGd5FUEelaVu4sRJgoA4QNMp24iH64/eOiFVEuYLw4r6JcSb8zwEJwYB nGBvq9snys0b3cnpJDbCyYebn+z2QDlcDNlLiKW2RAr3rOe31mcUWpG5zvmbJk1JcEDt SIK+/BqCy6b3FSjzEyuWa5lP1zFq88s6GbUVmyFCz8Q81WfI2jC73y/X4ghUR/dctsFY PHUjQ6wCNpf0SP8wXDIARkX5bRSOKaQSmskcSYsWS+NJg4lBsSCn8ehn5AMwuw8qdkoq es6wqIQVIWOS5TcFBq/MIhCp4yQHqnD/FOB/lahUIUVM73CzmHAjbChVj3wfTRaVZhM3 fxRA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:from:subject:mime-version :message-id:date:dkim-signature; bh=h60gecOqE+CkPbm4fQgbS/Dl80MdiGYEyWLaquQ9wSQ=; b=AWj1sFfu4p8rEPym4SnMlZKa9jieabLdf7K15i8B/tqWYRToAbzZaVRu9lmEK+JfA9 Ex4Wf+5CvzFB8zei8zbMjm2hRvDQMk7DWAFNeEH3b+a+DuyITWNanRwF5rj58uMG39jp vi4BoQM1Q/3lfZE0GS7Iz97QjZZOBN3FRGBbVcNld1wi4TY+JkS2ExgSOcutzSTgPq4+ PSV6lCs/hlZIudvG4kTg1PaXoyBppnsXjomzk0sr2FIjovysyfpee5vqZrzEuwqk5VcE +xTW/Rouwv9XI69Zr1mR6/9z67cnoFJtMTIQp8UwS6z6YLNfvLg2IZf+MWDJjDjYZtWk RRVw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=Ox8snbgm; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id n11si6464999otk.290.2020.02.24.08.14.19; Mon, 24 Feb 2020 08:14:32 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=Ox8snbgm; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727763AbgBXQNK (ORCPT + 99 others); Mon, 24 Feb 2020 11:13:10 -0500 Received: from mail-ua1-f73.google.com ([209.85.222.73]:45348 "EHLO mail-ua1-f73.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727755AbgBXQNJ (ORCPT ); Mon, 24 Feb 2020 11:13:09 -0500 Received: by mail-ua1-f73.google.com with SMTP id h10so1298923uab.12 for ; Mon, 24 Feb 2020 08:13:08 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:message-id:mime-version:subject:from:to:cc; bh=h60gecOqE+CkPbm4fQgbS/Dl80MdiGYEyWLaquQ9wSQ=; b=Ox8snbgmpRptmL9zqZZzMCWd9miSlaakRxq5b+8hKP3Yn242ka+PSr3D+Z0cjjsqLZ VUU3/kCii9htAhzkEU3llvBIaGwZLd5kXUgP3qKr3lNHHLn1V0JCvCgVXbJDzWW2Z0Km Z/S144HTsa9nOCjY3v68Eo7kQqTPoYme2phc5yY914d2MPgffby6E1G/gciDcClsNrPs bDhZ/IvTzB3CN2NzTTiDXkemmLTkUIofuSewsyOfC0SJNl2FNkyDeD87RpJoPIG4/KKo bUGBVstY6o6OqeKzMEhyUnvXetvVsvQ1fznOBCzfg+uwOYqtZabEtYKz0pSCyXOEswqh xyCQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:message-id:mime-version:subject:from:to:cc; bh=h60gecOqE+CkPbm4fQgbS/Dl80MdiGYEyWLaquQ9wSQ=; b=rHo+j53drjMd13ZVLF4PnJzdHOQ8TjsVWq2i2VkUgw2WaDu21pcZWhfcrNGgVj0lNs FZrRrynjBlN9grVaQgtD4UTnYH/zeDqf8Yq5PCIsCFjn0PN+5ntX229zv2IiN2E7he6r y12mXsAb6dVVL5oQliNmplYxQImBs+g5FxTz1y9cP7dBf6NVYMPhwtuSYi3lSv8f+ZlT RJgSlNG7n5Eg+AJRHGCNv35mSzVUPoGi/oHVoEof5oQSjEYTI6oyrpTSy4MFdTIoCN+q ZyWmZ/isHrpwgvixpA8+dEg08dOciSAqPdyZ7wsfG4FAD7RIJXuf+iO2AKwIVokp67eJ xKAw== X-Gm-Message-State: APjAAAUuB9OYAuz3gbTLV6b0yhC7XHJvvowMMmK3XBPcT1eKwsYRCtSJ DTGBWn2uCZAUVMVvf0els+6W0Q3BAo54Sgxs X-Received: by 2002:ab0:74ce:: with SMTP id f14mr24789698uaq.118.1582560787523; Mon, 24 Feb 2020 08:13:07 -0800 (PST) Date: Mon, 24 Feb 2020 17:13:02 +0100 Message-Id: Mime-Version: 1.0 X-Mailer: git-send-email 2.25.0.265.gbab2e86ba0-goog Subject: [PATCH v6 0/1] usb: gadget: add raw-gadget interface From: Andrey Konovalov To: linux-usb@vger.kernel.org, linux-kernel@vger.kernel.org, Greg Kroah-Hartman , Felipe Balbi Cc: Jonathan Corbet , Alan Stern , Dmitry Vyukov , Alexander Potapenko , Marco Elver , Andrey Konovalov Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org This patchset (currently a single patch) adds a new userspace interface for the USB Gadget subsystem called USB Raw Gadget. This is what is currently being used to enable coverage-guided USB fuzzing with syzkaller: https://github.com/google/syzkaller/blob/master/docs/linux/external_fuzzing_usb.md Initially I was using GadgetFS (together with the Dummy HCD/UDC module) to perform emulation of USB devices for fuzzing, but later switched to a custom written interface. The incentive to implement a different interface was to provide a somewhat raw and direct access to the USB Gadget layer for the userspace, where every USB request is passed to the userspace to get a response. See documentation for the list of differences between Raw Gadget and GadgetFS. Currently Raw Gadget only supports blocking I/O mode, that synchronously waits for the result of each operation to allow collecting coverage per operation. This patchset has been pushed to the public Linux kernel Gerrit instance: https://linux-review.googlesource.com/c/linux/kernel/git/torvalds/linux/+/2144 Changes v5 -> v6: - Prevent raw_process_ep_io() racing with raw_ioctl_ep_disable() by checking urb_queued flag in the latter. - Use GFP_KERNEL instead of GFP_ATOMIC where possible. - Reject opening raw-gadget with O_NONBLOCK to allow future extensions to support nonblocking IO. - Reduce RAW_EVENT_QUEUE_SIZE to 16. Changes v4 -> v5: - Specified explicit usb_raw_event_type enum values for all entries. - Dropped pointless locking in gadget_unbind(). Changes v3 -> v4: - Print debug message when maxpacket check fails. - Use module_misc_device() instead of module_init/exit(). - Reuse DRIVER_NAME macro in raw_device struct definition. - Don't print WARNING in raw_release(). - Add comment that explains locking into raw_event_queue_fetch(). - Print a WARNING when event queue size is exceeded. - Rename raw.c to raw_gadget.c. - Mention module name in Kconfig. - Reworked logging to use dev_err/dbg() instead of pr_err/debug(). Changes v2 -> v3: - Updated device path in documentation. - Changed usb_raw_init struct layout to make it the same for 32 bit compat mode. - Added compat_ioctl to raw_fops. - Changed raw_ioctl_init() to return EINVAL for invalid USB speeds, except for USB_SPEED_UNKNOWN, which defaults to USB_SPEED_HIGH. - Reject endpoints with maxpacket = 0 in raw_ioctl_ep_enable(). Changes v1 -> v2: - Moved raw.c to legacy/. - Changed uapi header to use __u* types. - Switched from debugfs entry to a misc device. - Changed raw_dev from refcount to kref. - Moved UDC_NAME_LENGTH_MAX to uapi headers. - Used usb_endpoint_type() and usb_endpoint_dir_in/out() functions instead of open coding them. - Added "WITH Linux-syscall-note" to SPDX id in the uapi header. - Removed pr_err() if case dev_new() fails. - Reduced the number of debugging messages. Andrey Konovalov (1): usb: gadget: add raw-gadget interface Documentation/usb/index.rst | 1 + Documentation/usb/raw-gadget.rst | 61 ++ drivers/usb/gadget/legacy/Kconfig | 11 + drivers/usb/gadget/legacy/Makefile | 1 + drivers/usb/gadget/legacy/raw_gadget.c | 1078 ++++++++++++++++++++++++ include/uapi/linux/usb/raw_gadget.h | 167 ++++ 6 files changed, 1319 insertions(+) create mode 100644 Documentation/usb/raw-gadget.rst create mode 100644 drivers/usb/gadget/legacy/raw_gadget.c create mode 100644 include/uapi/linux/usb/raw_gadget.h -- 2.25.0.265.gbab2e86ba0-goog