Linux Kernel  3.7.1
 All Data Structures Namespaces Files Functions Variables Typedefs Enumerations Enumerator Macros Groups Pages
rndis.c
Go to the documentation of this file.
1 /*
2  * RNDIS MSG parser
3  *
4  * Authors: Benedikt Spranger, Pengutronix
5  * Robert Schwebel, Pengutronix
6  *
7  * This program is free software; you can redistribute it and/or
8  * modify it under the terms of the GNU General Public License
9  * version 2, as published by the Free Software Foundation.
10  *
11  * This software was originally developed in conformance with
12  * Microsoft's Remote NDIS Specification License Agreement.
13  *
14  * 03/12/2004 Kai-Uwe Bloem <[email protected]>
15  * Fixed message length bug in init_response
16  *
17  * 03/25/2004 Kai-Uwe Bloem <[email protected]>
18  * Fixed rndis_rm_hdr length bug.
19  *
20  * Copyright (C) 2004 by David Brownell
21  * updates to merge with Linux 2.6, better match RNDIS spec
22  */
23 
24 #include <linux/module.h>
25 #include <linux/moduleparam.h>
26 #include <linux/kernel.h>
27 #include <linux/errno.h>
28 #include <linux/init.h>
29 #include <linux/list.h>
30 #include <linux/proc_fs.h>
31 #include <linux/slab.h>
32 #include <linux/seq_file.h>
33 #include <linux/netdevice.h>
34 
35 #include <asm/io.h>
36 #include <asm/byteorder.h>
37 #include <asm/unaligned.h>
38 
39 
40 #undef VERBOSE_DEBUG
41 
42 #include "rndis.h"
43 
44 
45 /* The driver for your USB chip needs to support ep0 OUT to work with
46  * RNDIS, plus all three CDC Ethernet endpoints (interrupt not optional).
47  *
48  * Windows hosts need an INF file like Documentation/usb/linux.inf
49  * and will be happier if you provide the host_addr module parameter.
50  */
51 
52 #if 0
53 static int rndis_debug = 0;
54 module_param (rndis_debug, int, 0);
55 MODULE_PARM_DESC (rndis_debug, "enable debugging");
56 #else
57 #define rndis_debug 0
58 #endif
59 
60 #define RNDIS_MAX_CONFIGS 1
61 
62 
63 static rndis_params rndis_per_dev_params[RNDIS_MAX_CONFIGS];
64 
65 /* Driver Version */
66 static const __le32 rndis_driver_version = cpu_to_le32(1);
67 
68 /* Function Prototypes */
69 static rndis_resp_t *rndis_add_response(int configNr, u32 length);
70 
71 
72 /* supported OIDs */
73 static const u32 oid_supported_list[] =
74 {
75  /* the general stuff */
91 
92  /* the statistical stuff */
98 #ifdef RNDIS_OPTIONAL_STATS
113 #endif /* RNDIS_OPTIONAL_STATS */
114 
115  /* mandatory 802.3 */
116  /* the general stuff */
122 
123  /* the statistical stuff */
127 #ifdef RNDIS_OPTIONAL_STATS
135 #endif /* RNDIS_OPTIONAL_STATS */
136 
137 #ifdef RNDIS_PM
138  /* PM and wakeup are "mandatory" for USB, but the RNDIS specs
139  * don't say what they mean ... and the NDIS specs are often
140  * confusing and/or ambiguous in this context. (That is, more
141  * so than their specs for the other OIDs.)
142  *
143  * FIXME someone who knows what these should do, please
144  * implement them!
145  */
146 
147  /* power management */
148  OID_PNP_CAPABILITIES,
149  OID_PNP_QUERY_POWER,
150  OID_PNP_SET_POWER,
151 
152 #ifdef RNDIS_WAKEUP
153  /* wake up host */
154  OID_PNP_ENABLE_WAKE_UP,
155  OID_PNP_ADD_WAKE_UP_PATTERN,
156  OID_PNP_REMOVE_WAKE_UP_PATTERN,
157 #endif /* RNDIS_WAKEUP */
158 #endif /* RNDIS_PM */
159 };
160 
161 
162 /* NDIS Functions */
163 static int gen_ndis_query_resp(int configNr, u32 OID, u8 *buf,
164  unsigned buf_len, rndis_resp_t *r)
165 {
166  int retval = -ENOTSUPP;
167  u32 length = 4; /* usually */
168  __le32 *outbuf;
169  int i, count;
171  struct net_device *net;
172  struct rtnl_link_stats64 temp;
173  const struct rtnl_link_stats64 *stats;
174 
175  if (!r) return -ENOMEM;
176  resp = (rndis_query_cmplt_type *)r->buf;
177 
178  if (!resp) return -ENOMEM;
179 
180  if (buf_len && rndis_debug > 1) {
181  pr_debug("query OID %08x value, len %d:\n", OID, buf_len);
182  for (i = 0; i < buf_len; i += 16) {
183  pr_debug("%03d: %08x %08x %08x %08x\n", i,
184  get_unaligned_le32(&buf[i]),
185  get_unaligned_le32(&buf[i + 4]),
186  get_unaligned_le32(&buf[i + 8]),
187  get_unaligned_le32(&buf[i + 12]));
188  }
189  }
190 
191  /* response goes here, right after the header */
192  outbuf = (__le32 *)&resp[1];
194 
195  net = rndis_per_dev_params[configNr].dev;
196  stats = dev_get_stats(net, &temp);
197 
198  switch (OID) {
199 
200  /* general oids (table 4-1) */
201 
202  /* mandatory */
204  pr_debug("%s: RNDIS_OID_GEN_SUPPORTED_LIST\n", __func__);
205  length = sizeof(oid_supported_list);
206  count = length / sizeof(u32);
207  for (i = 0; i < count; i++)
208  outbuf[i] = cpu_to_le32(oid_supported_list[i]);
209  retval = 0;
210  break;
211 
212  /* mandatory */
214  pr_debug("%s: RNDIS_OID_GEN_HARDWARE_STATUS\n", __func__);
215  /* Bogus question!
216  * Hardware must be ready to receive high level protocols.
217  * BTW:
218  * reddite ergo quae sunt Caesaris Caesari
219  * et quae sunt Dei Deo!
220  */
221  *outbuf = cpu_to_le32(0);
222  retval = 0;
223  break;
224 
225  /* mandatory */
227  pr_debug("%s: RNDIS_OID_GEN_MEDIA_SUPPORTED\n", __func__);
228  *outbuf = cpu_to_le32(rndis_per_dev_params[configNr].medium);
229  retval = 0;
230  break;
231 
232  /* mandatory */
234  pr_debug("%s: RNDIS_OID_GEN_MEDIA_IN_USE\n", __func__);
235  /* one medium, one transport... (maybe you do it better) */
236  *outbuf = cpu_to_le32(rndis_per_dev_params[configNr].medium);
237  retval = 0;
238  break;
239 
240  /* mandatory */
242  pr_debug("%s: RNDIS_OID_GEN_MAXIMUM_FRAME_SIZE\n", __func__);
243  if (rndis_per_dev_params[configNr].dev) {
244  *outbuf = cpu_to_le32(
245  rndis_per_dev_params[configNr].dev->mtu);
246  retval = 0;
247  }
248  break;
249 
250  /* mandatory */
252  if (rndis_debug > 1)
253  pr_debug("%s: RNDIS_OID_GEN_LINK_SPEED\n", __func__);
254  if (rndis_per_dev_params[configNr].media_state
256  *outbuf = cpu_to_le32(0);
257  else
258  *outbuf = cpu_to_le32(
259  rndis_per_dev_params[configNr].speed);
260  retval = 0;
261  break;
262 
263  /* mandatory */
265  pr_debug("%s: RNDIS_OID_GEN_TRANSMIT_BLOCK_SIZE\n", __func__);
266  if (rndis_per_dev_params[configNr].dev) {
267  *outbuf = cpu_to_le32(
268  rndis_per_dev_params[configNr].dev->mtu);
269  retval = 0;
270  }
271  break;
272 
273  /* mandatory */
275  pr_debug("%s: RNDIS_OID_GEN_RECEIVE_BLOCK_SIZE\n", __func__);
276  if (rndis_per_dev_params[configNr].dev) {
277  *outbuf = cpu_to_le32(
278  rndis_per_dev_params[configNr].dev->mtu);
279  retval = 0;
280  }
281  break;
282 
283  /* mandatory */
285  pr_debug("%s: RNDIS_OID_GEN_VENDOR_ID\n", __func__);
286  *outbuf = cpu_to_le32(
287  rndis_per_dev_params[configNr].vendorID);
288  retval = 0;
289  break;
290 
291  /* mandatory */
293  pr_debug("%s: RNDIS_OID_GEN_VENDOR_DESCRIPTION\n", __func__);
294  if (rndis_per_dev_params[configNr].vendorDescr) {
295  length = strlen(rndis_per_dev_params[configNr].
296  vendorDescr);
297  memcpy(outbuf,
298  rndis_per_dev_params[configNr].vendorDescr,
299  length);
300  } else {
301  outbuf[0] = 0;
302  }
303  retval = 0;
304  break;
305 
307  pr_debug("%s: RNDIS_OID_GEN_VENDOR_DRIVER_VERSION\n", __func__);
308  /* Created as LE */
309  *outbuf = rndis_driver_version;
310  retval = 0;
311  break;
312 
313  /* mandatory */
315  pr_debug("%s: RNDIS_OID_GEN_CURRENT_PACKET_FILTER\n", __func__);
316  *outbuf = cpu_to_le32(*rndis_per_dev_params[configNr].filter);
317  retval = 0;
318  break;
319 
320  /* mandatory */
322  pr_debug("%s: RNDIS_OID_GEN_MAXIMUM_TOTAL_SIZE\n", __func__);
324  retval = 0;
325  break;
326 
327  /* mandatory */
329  if (rndis_debug > 1)
330  pr_debug("%s: RNDIS_OID_GEN_MEDIA_CONNECT_STATUS\n", __func__);
331  *outbuf = cpu_to_le32(rndis_per_dev_params[configNr]
332  .media_state);
333  retval = 0;
334  break;
335 
337  pr_debug("%s: RNDIS_OID_GEN_PHYSICAL_MEDIUM\n", __func__);
338  *outbuf = cpu_to_le32(0);
339  retval = 0;
340  break;
341 
342  /* The RNDIS specification is incomplete/wrong. Some versions
343  * of MS-Windows expect OIDs that aren't specified there. Other
344  * versions emit undefined RNDIS messages. DOCUMENT ALL THESE!
345  */
346  case RNDIS_OID_GEN_MAC_OPTIONS: /* from WinME */
347  pr_debug("%s: RNDIS_OID_GEN_MAC_OPTIONS\n", __func__);
348  *outbuf = cpu_to_le32(
351  retval = 0;
352  break;
353 
354  /* statistics OIDs (table 4-2) */
355 
356  /* mandatory */
358  if (rndis_debug > 1)
359  pr_debug("%s: RNDIS_OID_GEN_XMIT_OK\n", __func__);
360  if (stats) {
361  *outbuf = cpu_to_le32(stats->tx_packets
362  - stats->tx_errors - stats->tx_dropped);
363  retval = 0;
364  }
365  break;
366 
367  /* mandatory */
369  if (rndis_debug > 1)
370  pr_debug("%s: RNDIS_OID_GEN_RCV_OK\n", __func__);
371  if (stats) {
372  *outbuf = cpu_to_le32(stats->rx_packets
373  - stats->rx_errors - stats->rx_dropped);
374  retval = 0;
375  }
376  break;
377 
378  /* mandatory */
380  if (rndis_debug > 1)
381  pr_debug("%s: RNDIS_OID_GEN_XMIT_ERROR\n", __func__);
382  if (stats) {
383  *outbuf = cpu_to_le32(stats->tx_errors);
384  retval = 0;
385  }
386  break;
387 
388  /* mandatory */
390  if (rndis_debug > 1)
391  pr_debug("%s: RNDIS_OID_GEN_RCV_ERROR\n", __func__);
392  if (stats) {
393  *outbuf = cpu_to_le32(stats->rx_errors);
394  retval = 0;
395  }
396  break;
397 
398  /* mandatory */
400  pr_debug("%s: RNDIS_OID_GEN_RCV_NO_BUFFER\n", __func__);
401  if (stats) {
402  *outbuf = cpu_to_le32(stats->rx_dropped);
403  retval = 0;
404  }
405  break;
406 
407  /* ieee802.3 OIDs (table 4-3) */
408 
409  /* mandatory */
411  pr_debug("%s: RNDIS_OID_802_3_PERMANENT_ADDRESS\n", __func__);
412  if (rndis_per_dev_params[configNr].dev) {
413  length = ETH_ALEN;
414  memcpy(outbuf,
415  rndis_per_dev_params[configNr].host_mac,
416  length);
417  retval = 0;
418  }
419  break;
420 
421  /* mandatory */
423  pr_debug("%s: RNDIS_OID_802_3_CURRENT_ADDRESS\n", __func__);
424  if (rndis_per_dev_params[configNr].dev) {
425  length = ETH_ALEN;
426  memcpy(outbuf,
427  rndis_per_dev_params [configNr].host_mac,
428  length);
429  retval = 0;
430  }
431  break;
432 
433  /* mandatory */
435  pr_debug("%s: RNDIS_OID_802_3_MULTICAST_LIST\n", __func__);
436  /* Multicast base address only */
437  *outbuf = cpu_to_le32(0xE0000000);
438  retval = 0;
439  break;
440 
441  /* mandatory */
443  pr_debug("%s: RNDIS_OID_802_3_MAXIMUM_LIST_SIZE\n", __func__);
444  /* Multicast base address only */
445  *outbuf = cpu_to_le32(1);
446  retval = 0;
447  break;
448 
450  pr_debug("%s: RNDIS_OID_802_3_MAC_OPTIONS\n", __func__);
451  *outbuf = cpu_to_le32(0);
452  retval = 0;
453  break;
454 
455  /* ieee802.3 statistics OIDs (table 4-4) */
456 
457  /* mandatory */
459  pr_debug("%s: RNDIS_OID_802_3_RCV_ERROR_ALIGNMENT\n", __func__);
460  if (stats) {
461  *outbuf = cpu_to_le32(stats->rx_frame_errors);
462  retval = 0;
463  }
464  break;
465 
466  /* mandatory */
468  pr_debug("%s: RNDIS_OID_802_3_XMIT_ONE_COLLISION\n", __func__);
469  *outbuf = cpu_to_le32(0);
470  retval = 0;
471  break;
472 
473  /* mandatory */
475  pr_debug("%s: RNDIS_OID_802_3_XMIT_MORE_COLLISIONS\n", __func__);
476  *outbuf = cpu_to_le32(0);
477  retval = 0;
478  break;
479 
480  default:
481  pr_warning("%s: query unknown OID 0x%08X\n",
482  __func__, OID);
483  }
484  if (retval < 0)
485  length = 0;
486 
487  resp->InformationBufferLength = cpu_to_le32(length);
488  r->length = length + sizeof(*resp);
489  resp->MessageLength = cpu_to_le32(r->length);
490  return retval;
491 }
492 
493 static int gen_ndis_set_resp(u8 configNr, u32 OID, u8 *buf, u32 buf_len,
494  rndis_resp_t *r)
495 {
497  int i, retval = -ENOTSUPP;
498  struct rndis_params *params;
499 
500  if (!r)
501  return -ENOMEM;
502  resp = (rndis_set_cmplt_type *)r->buf;
503  if (!resp)
504  return -ENOMEM;
505 
506  if (buf_len && rndis_debug > 1) {
507  pr_debug("set OID %08x value, len %d:\n", OID, buf_len);
508  for (i = 0; i < buf_len; i += 16) {
509  pr_debug("%03d: %08x %08x %08x %08x\n", i,
510  get_unaligned_le32(&buf[i]),
511  get_unaligned_le32(&buf[i + 4]),
512  get_unaligned_le32(&buf[i + 8]),
513  get_unaligned_le32(&buf[i + 12]));
514  }
515  }
516 
517  params = &rndis_per_dev_params[configNr];
518  switch (OID) {
520 
521  /* these NDIS_PACKET_TYPE_* bitflags are shared with
522  * cdc_filter; it's not RNDIS-specific
523  * NDIS_PACKET_TYPE_x == USB_CDC_PACKET_TYPE_x for x in:
524  * PROMISCUOUS, DIRECTED,
525  * MULTICAST, ALL_MULTICAST, BROADCAST
526  */
527  *params->filter = (u16)get_unaligned_le32(buf);
528  pr_debug("%s: RNDIS_OID_GEN_CURRENT_PACKET_FILTER %08x\n",
529  __func__, *params->filter);
530 
531  /* this call has a significant side effect: it's
532  * what makes the packet flow start and stop, like
533  * activating the CDC Ethernet altsetting.
534  */
535  retval = 0;
536  if (*params->filter) {
537  params->state = RNDIS_DATA_INITIALIZED;
538  netif_carrier_on(params->dev);
539  if (netif_running(params->dev))
540  netif_wake_queue(params->dev);
541  } else {
542  params->state = RNDIS_INITIALIZED;
543  netif_carrier_off(params->dev);
544  netif_stop_queue(params->dev);
545  }
546  break;
547 
549  /* I think we can ignore this */
550  pr_debug("%s: RNDIS_OID_802_3_MULTICAST_LIST\n", __func__);
551  retval = 0;
552  break;
553 
554  default:
555  pr_warning("%s: set unknown OID 0x%08X, size %d\n",
556  __func__, OID, buf_len);
557  }
558 
559  return retval;
560 }
561 
562 /*
563  * Response Functions
564  */
565 
566 static int rndis_init_response(int configNr, rndis_init_msg_type *buf)
567 {
569  rndis_resp_t *r;
570  struct rndis_params *params = rndis_per_dev_params + configNr;
571 
572  if (!params->dev)
573  return -ENOTSUPP;
574 
575  r = rndis_add_response(configNr, sizeof(rndis_init_cmplt_type));
576  if (!r)
577  return -ENOMEM;
578  resp = (rndis_init_cmplt_type *)r->buf;
579 
581  resp->MessageLength = cpu_to_le32(52);
582  resp->RequestID = buf->RequestID; /* Still LE in msg buffer */
590  params->dev->mtu
591  + sizeof(struct ethhdr)
592  + sizeof(struct rndis_packet_msg_type)
593  + 22);
595  resp->AFListOffset = cpu_to_le32(0);
596  resp->AFListSize = cpu_to_le32(0);
597 
598  params->resp_avail(params->v);
599  return 0;
600 }
601 
602 static int rndis_query_response(int configNr, rndis_query_msg_type *buf)
603 {
605  rndis_resp_t *r;
606  struct rndis_params *params = rndis_per_dev_params + configNr;
607 
608  /* pr_debug("%s: OID = %08X\n", __func__, cpu_to_le32(buf->OID)); */
609  if (!params->dev)
610  return -ENOTSUPP;
611 
612  /*
613  * we need more memory:
614  * gen_ndis_query_resp expects enough space for
615  * rndis_query_cmplt_type followed by data.
616  * oid_supported_list is the largest data reply
617  */
618  r = rndis_add_response(configNr,
619  sizeof(oid_supported_list) + sizeof(rndis_query_cmplt_type));
620  if (!r)
621  return -ENOMEM;
622  resp = (rndis_query_cmplt_type *)r->buf;
623 
625  resp->RequestID = buf->RequestID; /* Still LE in msg buffer */
626 
627  if (gen_ndis_query_resp(configNr, le32_to_cpu(buf->OID),
629  + 8 + (u8 *)buf,
631  r)) {
632  /* OID not supported */
634  resp->MessageLength = cpu_to_le32(sizeof *resp);
637  } else
639 
640  params->resp_avail(params->v);
641  return 0;
642 }
643 
644 static int rndis_set_response(int configNr, rndis_set_msg_type *buf)
645 {
646  u32 BufLength, BufOffset;
648  rndis_resp_t *r;
649  struct rndis_params *params = rndis_per_dev_params + configNr;
650 
651  r = rndis_add_response(configNr, sizeof(rndis_set_cmplt_type));
652  if (!r)
653  return -ENOMEM;
654  resp = (rndis_set_cmplt_type *)r->buf;
655 
656  BufLength = le32_to_cpu(buf->InformationBufferLength);
657  BufOffset = le32_to_cpu(buf->InformationBufferOffset);
658 
659 #ifdef VERBOSE_DEBUG
660  pr_debug("%s: Length: %d\n", __func__, BufLength);
661  pr_debug("%s: Offset: %d\n", __func__, BufOffset);
662  pr_debug("%s: InfoBuffer: ", __func__);
663 
664  for (i = 0; i < BufLength; i++) {
665  pr_debug("%02x ", *(((u8 *) buf) + i + 8 + BufOffset));
666  }
667 
668  pr_debug("\n");
669 #endif
670 
672  resp->MessageLength = cpu_to_le32(16);
673  resp->RequestID = buf->RequestID; /* Still LE in msg buffer */
674  if (gen_ndis_set_resp(configNr, le32_to_cpu(buf->OID),
675  ((u8 *)buf) + 8 + BufOffset, BufLength, r))
677  else
679 
680  params->resp_avail(params->v);
681  return 0;
682 }
683 
684 static int rndis_reset_response(int configNr, rndis_reset_msg_type *buf)
685 {
687  rndis_resp_t *r;
688  struct rndis_params *params = rndis_per_dev_params + configNr;
689 
690  r = rndis_add_response(configNr, sizeof(rndis_reset_cmplt_type));
691  if (!r)
692  return -ENOMEM;
693  resp = (rndis_reset_cmplt_type *)r->buf;
694 
696  resp->MessageLength = cpu_to_le32(16);
698  /* resent information */
699  resp->AddressingReset = cpu_to_le32(1);
700 
701  params->resp_avail(params->v);
702  return 0;
703 }
704 
705 static int rndis_keepalive_response(int configNr,
707 {
709  rndis_resp_t *r;
710  struct rndis_params *params = rndis_per_dev_params + configNr;
711 
712  /* host "should" check only in RNDIS_DATA_INITIALIZED state */
713 
714  r = rndis_add_response(configNr, sizeof(rndis_keepalive_cmplt_type));
715  if (!r)
716  return -ENOMEM;
717  resp = (rndis_keepalive_cmplt_type *)r->buf;
718 
720  resp->MessageLength = cpu_to_le32(16);
721  resp->RequestID = buf->RequestID; /* Still LE in msg buffer */
723 
724  params->resp_avail(params->v);
725  return 0;
726 }
727 
728 
729 /*
730  * Device to Host Comunication
731  */
732 static int rndis_indicate_status_msg(int configNr, u32 status)
733 {
735  rndis_resp_t *r;
736  struct rndis_params *params = rndis_per_dev_params + configNr;
737 
738  if (params->state == RNDIS_UNINITIALIZED)
739  return -ENOTSUPP;
740 
741  r = rndis_add_response(configNr,
743  if (!r)
744  return -ENOMEM;
745  resp = (rndis_indicate_status_msg_type *)r->buf;
746 
748  resp->MessageLength = cpu_to_le32(20);
749  resp->Status = cpu_to_le32(status);
750  resp->StatusBufferLength = cpu_to_le32(0);
751  resp->StatusBufferOffset = cpu_to_le32(0);
752 
753  params->resp_avail(params->v);
754  return 0;
755 }
756 
757 int rndis_signal_connect(int configNr)
758 {
759  rndis_per_dev_params[configNr].media_state
761  return rndis_indicate_status_msg(configNr,
763 }
764 
765 int rndis_signal_disconnect(int configNr)
766 {
767  rndis_per_dev_params[configNr].media_state
769  return rndis_indicate_status_msg(configNr,
771 }
772 
773 void rndis_uninit(int configNr)
774 {
775  u8 *buf;
776  u32 length;
777 
778  if (configNr >= RNDIS_MAX_CONFIGS)
779  return;
780  rndis_per_dev_params[configNr].state = RNDIS_UNINITIALIZED;
781 
782  /* drain the response queue */
783  while ((buf = rndis_get_next_response(configNr, &length)))
784  rndis_free_response(configNr, buf);
785 }
786 
787 void rndis_set_host_mac(int configNr, const u8 *addr)
788 {
789  rndis_per_dev_params[configNr].host_mac = addr;
790 }
791 
792 /*
793  * Message Parser
794  */
795 int rndis_msg_parser(u8 configNr, u8 *buf)
796 {
797  u32 MsgType, MsgLength;
798  __le32 *tmp;
799  struct rndis_params *params;
800 
801  if (!buf)
802  return -ENOMEM;
803 
804  tmp = (__le32 *)buf;
805  MsgType = get_unaligned_le32(tmp++);
806  MsgLength = get_unaligned_le32(tmp++);
807 
808  if (configNr >= RNDIS_MAX_CONFIGS)
809  return -ENOTSUPP;
810  params = &rndis_per_dev_params[configNr];
811 
812  /* NOTE: RNDIS is *EXTREMELY* chatty ... Windows constantly polls for
813  * rx/tx statistics and link status, in addition to KEEPALIVE traffic
814  * and normal HC level polling to see if there's any IN traffic.
815  */
816 
817  /* For USB: responses may take up to 10 seconds */
818  switch (MsgType) {
819  case RNDIS_MSG_INIT:
820  pr_debug("%s: RNDIS_MSG_INIT\n",
821  __func__);
822  params->state = RNDIS_INITIALIZED;
823  return rndis_init_response(configNr,
824  (rndis_init_msg_type *)buf);
825 
826  case RNDIS_MSG_HALT:
827  pr_debug("%s: RNDIS_MSG_HALT\n",
828  __func__);
829  params->state = RNDIS_UNINITIALIZED;
830  if (params->dev) {
831  netif_carrier_off(params->dev);
832  netif_stop_queue(params->dev);
833  }
834  return 0;
835 
836  case RNDIS_MSG_QUERY:
837  return rndis_query_response(configNr,
838  (rndis_query_msg_type *)buf);
839 
840  case RNDIS_MSG_SET:
841  return rndis_set_response(configNr,
842  (rndis_set_msg_type *)buf);
843 
844  case RNDIS_MSG_RESET:
845  pr_debug("%s: RNDIS_MSG_RESET\n",
846  __func__);
847  return rndis_reset_response(configNr,
848  (rndis_reset_msg_type *)buf);
849 
850  case RNDIS_MSG_KEEPALIVE:
851  /* For USB: host does this every 5 seconds */
852  if (rndis_debug > 1)
853  pr_debug("%s: RNDIS_MSG_KEEPALIVE\n",
854  __func__);
855  return rndis_keepalive_response(configNr,
857  buf);
858 
859  default:
860  /* At least Windows XP emits some undefined RNDIS messages.
861  * In one case those messages seemed to relate to the host
862  * suspending itself.
863  */
864  pr_warning("%s: unknown RNDIS message 0x%08X len %d\n",
865  __func__, MsgType, MsgLength);
866  print_hex_dump_bytes(__func__, DUMP_PREFIX_OFFSET,
867  buf, MsgLength);
868  break;
869  }
870 
871  return -ENOTSUPP;
872 }
873 
874 int rndis_register(void (*resp_avail)(void *v), void *v)
875 {
876  u8 i;
877 
878  if (!resp_avail)
879  return -EINVAL;
880 
881  for (i = 0; i < RNDIS_MAX_CONFIGS; i++) {
882  if (!rndis_per_dev_params[i].used) {
883  rndis_per_dev_params[i].used = 1;
884  rndis_per_dev_params[i].resp_avail = resp_avail;
885  rndis_per_dev_params[i].v = v;
886  pr_debug("%s: configNr = %d\n", __func__, i);
887  return i;
888  }
889  }
890  pr_debug("failed\n");
891 
892  return -ENODEV;
893 }
894 
895 void rndis_deregister(int configNr)
896 {
897  pr_debug("%s:\n", __func__);
898 
899  if (configNr >= RNDIS_MAX_CONFIGS) return;
900  rndis_per_dev_params[configNr].used = 0;
901 }
902 
903 int rndis_set_param_dev(u8 configNr, struct net_device *dev, u16 *cdc_filter)
904 {
905  pr_debug("%s:\n", __func__);
906  if (!dev)
907  return -EINVAL;
908  if (configNr >= RNDIS_MAX_CONFIGS) return -1;
909 
910  rndis_per_dev_params[configNr].dev = dev;
911  rndis_per_dev_params[configNr].filter = cdc_filter;
912 
913  return 0;
914 }
915 
916 int rndis_set_param_vendor(u8 configNr, u32 vendorID, const char *vendorDescr)
917 {
918  pr_debug("%s:\n", __func__);
919  if (!vendorDescr) return -1;
920  if (configNr >= RNDIS_MAX_CONFIGS) return -1;
921 
922  rndis_per_dev_params[configNr].vendorID = vendorID;
923  rndis_per_dev_params[configNr].vendorDescr = vendorDescr;
924 
925  return 0;
926 }
927 
929 {
930  pr_debug("%s: %u %u\n", __func__, medium, speed);
931  if (configNr >= RNDIS_MAX_CONFIGS) return -1;
932 
933  rndis_per_dev_params[configNr].medium = medium;
934  rndis_per_dev_params[configNr].speed = speed;
935 
936  return 0;
937 }
938 
939 void rndis_add_hdr(struct sk_buff *skb)
940 {
942 
943  if (!skb)
944  return;
945  header = (void *)skb_push(skb, sizeof(*header));
946  memset(header, 0, sizeof *header);
948  header->MessageLength = cpu_to_le32(skb->len);
949  header->DataOffset = cpu_to_le32(36);
950  header->DataLength = cpu_to_le32(skb->len - sizeof(*header));
951 }
952 
953 void rndis_free_response(int configNr, u8 *buf)
954 {
955  rndis_resp_t *r;
956  struct list_head *act, *tmp;
957 
958  list_for_each_safe(act, tmp,
959  &(rndis_per_dev_params[configNr].resp_queue))
960  {
961  r = list_entry(act, rndis_resp_t, list);
962  if (r && r->buf == buf) {
963  list_del(&r->list);
964  kfree(r);
965  }
966  }
967 }
968 
969 u8 *rndis_get_next_response(int configNr, u32 *length)
970 {
971  rndis_resp_t *r;
972  struct list_head *act, *tmp;
973 
974  if (!length) return NULL;
975 
976  list_for_each_safe(act, tmp,
977  &(rndis_per_dev_params[configNr].resp_queue))
978  {
979  r = list_entry(act, rndis_resp_t, list);
980  if (!r->send) {
981  r->send = 1;
982  *length = r->length;
983  return r->buf;
984  }
985  }
986 
987  return NULL;
988 }
989 
990 static rndis_resp_t *rndis_add_response(int configNr, u32 length)
991 {
992  rndis_resp_t *r;
993 
994  /* NOTE: this gets copied into ether.c USB_BUFSIZ bytes ... */
995  r = kmalloc(sizeof(rndis_resp_t) + length, GFP_ATOMIC);
996  if (!r) return NULL;
997 
998  r->buf = (u8 *)(r + 1);
999  r->length = length;
1000  r->send = 0;
1001 
1002  list_add_tail(&r->list,
1003  &(rndis_per_dev_params[configNr].resp_queue));
1004  return r;
1005 }
1006 
1008  struct sk_buff *skb,
1009  struct sk_buff_head *list)
1010 {
1011  /* tmp points to a struct rndis_packet_msg_type */
1012  __le32 *tmp = (void *)skb->data;
1013 
1014  /* MessageType, MessageLength */
1016  != get_unaligned(tmp++)) {
1017  dev_kfree_skb_any(skb);
1018  return -EINVAL;
1019  }
1020  tmp++;
1021 
1022  /* DataOffset, DataLength */
1023  if (!skb_pull(skb, get_unaligned_le32(tmp++) + 8)) {
1024  dev_kfree_skb_any(skb);
1025  return -EOVERFLOW;
1026  }
1027  skb_trim(skb, get_unaligned_le32(tmp++));
1028 
1029  skb_queue_tail(list, skb);
1030  return 0;
1031 }
1032 
1033 #ifdef CONFIG_USB_GADGET_DEBUG_FILES
1034 
1035 static int rndis_proc_show(struct seq_file *m, void *v)
1036 {
1037  rndis_params *param = m->private;
1038 
1039  seq_printf(m,
1040  "Config Nr. %d\n"
1041  "used : %s\n"
1042  "state : %s\n"
1043  "medium : 0x%08X\n"
1044  "speed : %d\n"
1045  "cable : %s\n"
1046  "vendor ID : 0x%08X\n"
1047  "vendor : %s\n",
1048  param->confignr, (param->used) ? "y" : "n",
1049  ({ char *s = "?";
1050  switch (param->state) {
1051  case RNDIS_UNINITIALIZED:
1052  s = "RNDIS_UNINITIALIZED"; break;
1053  case RNDIS_INITIALIZED:
1054  s = "RNDIS_INITIALIZED"; break;
1056  s = "RNDIS_DATA_INITIALIZED"; break;
1057  }; s; }),
1058  param->medium,
1059  (param->media_state) ? 0 : param->speed*100,
1060  (param->media_state) ? "disconnected" : "connected",
1061  param->vendorID, param->vendorDescr);
1062  return 0;
1063 }
1064 
1065 static ssize_t rndis_proc_write(struct file *file, const char __user *buffer,
1066  size_t count, loff_t *ppos)
1067 {
1068  rndis_params *p = PDE(file->f_path.dentry->d_inode)->data;
1069  u32 speed = 0;
1070  int i, fl_speed = 0;
1071 
1072  for (i = 0; i < count; i++) {
1073  char c;
1074  if (get_user(c, buffer))
1075  return -EFAULT;
1076  switch (c) {
1077  case '0':
1078  case '1':
1079  case '2':
1080  case '3':
1081  case '4':
1082  case '5':
1083  case '6':
1084  case '7':
1085  case '8':
1086  case '9':
1087  fl_speed = 1;
1088  speed = speed * 10 + c - '0';
1089  break;
1090  case 'C':
1091  case 'c':
1093  break;
1094  case 'D':
1095  case 'd':
1097  break;
1098  default:
1099  if (fl_speed) p->speed = speed;
1100  else pr_debug("%c is not valid\n", c);
1101  break;
1102  }
1103 
1104  buffer++;
1105  }
1106 
1107  return count;
1108 }
1109 
1110 static int rndis_proc_open(struct inode *inode, struct file *file)
1111 {
1112  return single_open(file, rndis_proc_show, PDE(inode)->data);
1113 }
1114 
1115 static const struct file_operations rndis_proc_fops = {
1116  .owner = THIS_MODULE,
1117  .open = rndis_proc_open,
1118  .read = seq_read,
1119  .llseek = seq_lseek,
1120  .release = single_release,
1121  .write = rndis_proc_write,
1122 };
1123 
1124 #define NAME_TEMPLATE "driver/rndis-%03d"
1125 
1126 static struct proc_dir_entry *rndis_connect_state [RNDIS_MAX_CONFIGS];
1127 
1128 #endif /* CONFIG_USB_GADGET_DEBUG_FILES */
1129 
1130 
1131 int rndis_init(void)
1132 {
1133  u8 i;
1134 
1135  for (i = 0; i < RNDIS_MAX_CONFIGS; i++) {
1136 #ifdef CONFIG_USB_GADGET_DEBUG_FILES
1137  char name [20];
1138 
1139  sprintf(name, NAME_TEMPLATE, i);
1140  rndis_connect_state[i] = proc_create_data(name, 0660, NULL,
1141  &rndis_proc_fops,
1142  (void *)(rndis_per_dev_params + i));
1143  if (!rndis_connect_state[i]) {
1144  pr_debug("%s: remove entries", __func__);
1145  while (i) {
1146  sprintf(name, NAME_TEMPLATE, --i);
1147  remove_proc_entry(name, NULL);
1148  }
1149  pr_debug("\n");
1150  return -EIO;
1151  }
1152 #endif
1153  rndis_per_dev_params[i].confignr = i;
1154  rndis_per_dev_params[i].used = 0;
1155  rndis_per_dev_params[i].state = RNDIS_UNINITIALIZED;
1156  rndis_per_dev_params[i].media_state
1158  INIT_LIST_HEAD(&(rndis_per_dev_params[i].resp_queue));
1159  }
1160 
1161  return 0;
1162 }
1163 
1164 void rndis_exit(void)
1165 {
1166 #ifdef CONFIG_USB_GADGET_DEBUG_FILES
1167  u8 i;
1168  char name[20];
1169 
1170  for (i = 0; i < RNDIS_MAX_CONFIGS; i++) {
1171  sprintf(name, NAME_TEMPLATE, i);
1172  remove_proc_entry(name, NULL);
1173  }
1174 #endif
1175 }