Bluetooth: hidp: Add support for hidraw HIDIOCGFEATURE and HIDIOCSFEATURE
in [Kernel]
|
Prev: [PATCH] x86: add power_end event to process_*.c cpu_idle routine
Next: [PATCH] hid-input: Use a larger event buffer for MT devices
From: Alan Ott on 14 Jun 2010 07:50 On 06/13/2010 06:18 PM, Alan Ott wrote: > 3. A blocking, synchronous GET_REPORT transfer was easy when I > implemented this for USB because data is both sent and received as > part of a single control transfer. Because of the nature of Bluetooth > however, where it is viewed more as an asynchronous network device, > and with hidraw allowing multiple handles to a single device to exist, > there could be a race when two handles call the hidp_get_raw_report() > function concurrently, requesting the same report. I've convinced > myself that this is not a problem, because since both callers > requested the same report, the worst that could happen is that one > could get a report which is slightly out of date. > > Consider the following case: > 1. Client 1 requests report (Userspace call to HIDIOCGFEATURE) > 2. Client 2 requests report (Userspace call to HIDIOCGFEATURE) > 3. Client 1's report is returned, and delivered to BOTH clients > 4. Client 2's report is returned (and discarded) > > Note here that Client 1's report and Client 2's report are the same > report, ie: they reflect the state of the same data on the device, > just at different times. In this case, they are indeed exactly the > same data, but consider this case: > 1. Client 1 requests report (Userspace call to HIDIOCGFEATURE) > 2. Client 2 SETS report (Userspace call to HIDIOCSFEATURE) > 2. Client 2 requests report (Userspace call to HIDIOCGFEATURE) > 3. Client 1's report is returned, and delivered to Clients 1 and 2 > 4. Client 2's report is returned > > In this case, client 2 receives OLD data (since it set new data, and > the call to write the reports is currently not synchronous). To make > writes synchronous, we'd run into the same problem, of two writes > happening concurrently, and the 2nd one receiving the ACK from the > first one. > > Alan. > I just remembered to look at the hidraw.c source, to see that the call to the hid_get_raw_report() function pointer (which points to hidp_get_raw_report()) is called with a global mutex held. I believe this will prevent the race mentioned in #3 above in the case that all clients are communicating with the device using hidraw. Of course, the situation above could still occur if one of the clients represents an actual driver (which isn't subject to the hidraw mutex). -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo(a)vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
From: Jiri Kosina on 19 Jun 2010 14:00 On Sun, 13 Jun 2010, Alan Ott wrote: > This patch adds support or getting and setting feature reports for bluetooth > HID devices from HIDRAW. > > Signed-off-by: Alan Ott <alan(a)signal11.us> Marcel, any word on this please? We already have USB counterpart in, so it'd be nice to finalize the Bluetooth part as well. Thanks. > --- > net/bluetooth/hidp/core.c | 121 +++++++++++++++++++++++++++++++++++++++++++-- > net/bluetooth/hidp/hidp.h | 8 +++ > 2 files changed, 125 insertions(+), 4 deletions(-) > > diff --git a/net/bluetooth/hidp/core.c b/net/bluetooth/hidp/core.c > index bfe641b..0f068a0 100644 > --- a/net/bluetooth/hidp/core.c > +++ b/net/bluetooth/hidp/core.c > @@ -36,6 +36,7 @@ > #include <linux/file.h> > #include <linux/init.h> > #include <linux/wait.h> > +#include <linux/mutex.h> > #include <net/sock.h> > > #include <linux/input.h> > @@ -313,6 +314,93 @@ static int hidp_send_report(struct hidp_session *session, struct hid_report *rep > return hidp_queue_report(session, buf, rsize); > } > > +static int hidp_get_raw_report(struct hid_device *hid, > + unsigned char report_number, > + unsigned char *data, size_t count, > + unsigned char report_type) > +{ > + struct hidp_session *session = hid->driver_data; > + struct sk_buff *skb; > + size_t len; > + int numbered_reports = hid->report_enum[report_type].numbered; > + > + switch (report_type) { > + case HID_FEATURE_REPORT: > + report_type = HIDP_TRANS_GET_REPORT | HIDP_DATA_RTYPE_FEATURE; > + break; > + case HID_INPUT_REPORT: > + report_type = HIDP_TRANS_GET_REPORT | HIDP_DATA_RTYPE_INPUT; > + break; > + case HID_OUTPUT_REPORT: > + report_type = HIDP_TRANS_GET_REPORT | HIDP_DATA_RTYPE_OUPUT; > + break; > + default: > + return -EINVAL; > + } > + > + if (mutex_lock_interruptible(&session->report_mutex)) > + return -ERESTARTSYS; > + > + /* Set up our wait, and send the report request to the device. */ > + session->waiting_report_type = report_type & HIDP_DATA_RTYPE_MASK; > + session->waiting_report_number = numbered_reports ? report_number : -1; > + set_bit(HIDP_WAITING_FOR_RETURN, &session->flags); > + data[0] = report_number; > + if (hidp_send_ctrl_message(hid->driver_data, report_type, data, 1)) > + goto err_eio; > + > + /* Wait for the return of the report. The returned report > + gets put in session->report_return. */ > + while (test_bit(HIDP_WAITING_FOR_RETURN, &session->flags)) { > + int res; > + > + res = wait_event_interruptible_timeout(session->report_queue, > + !test_bit(HIDP_WAITING_FOR_RETURN, &session->flags), > + 5*HZ); > + if (res == 0) { > + /* timeout */ > + goto err_eio; > + } > + if (res < 0) { > + /* signal */ > + goto err_restartsys; > + } > + } > + > + skb = session->report_return; > + if (skb) { > + if (numbered_reports) { > + /* Strip off the report number. */ > + size_t rpt_len = skb->len-1; > + len = rpt_len < count ? rpt_len : count; > + memcpy(data, skb->data+1, len); > + } else { > + len = skb->len < count ? skb->len : count; > + memcpy(data, skb->data, len); > + } > + > + kfree_skb(skb); > + session->report_return = NULL; > + } else { > + /* Device returned a HANDSHAKE, indicating protocol error. */ > + len = -EIO; > + } > + > + clear_bit(HIDP_WAITING_FOR_RETURN, &session->flags); > + mutex_unlock(&session->report_mutex); > + > + return len; > + > +err_restartsys: > + clear_bit(HIDP_WAITING_FOR_RETURN, &session->flags); > + mutex_unlock(&session->report_mutex); > + return -ERESTARTSYS; > +err_eio: > + clear_bit(HIDP_WAITING_FOR_RETURN, &session->flags); > + mutex_unlock(&session->report_mutex); > + return -EIO; > +} > + > static int hidp_output_raw_report(struct hid_device *hid, unsigned char *data, size_t count, > unsigned char report_type) > { > @@ -367,6 +455,10 @@ static void hidp_process_handshake(struct hidp_session *session, > case HIDP_HSHK_ERR_INVALID_REPORT_ID: > case HIDP_HSHK_ERR_UNSUPPORTED_REQUEST: > case HIDP_HSHK_ERR_INVALID_PARAMETER: > + if (test_bit(HIDP_WAITING_FOR_RETURN, &session->flags)) { > + clear_bit(HIDP_WAITING_FOR_RETURN, &session->flags); > + wake_up_interruptible(&session->report_queue); > + } > /* FIXME: Call into SET_ GET_ handlers here */ > break; > > @@ -403,9 +495,11 @@ static void hidp_process_hid_control(struct hidp_session *session, > } > } > > -static void hidp_process_data(struct hidp_session *session, struct sk_buff *skb, > +/* Returns true if the passed-in skb should be freed by the caller. */ > +static int hidp_process_data(struct hidp_session *session, struct sk_buff *skb, > unsigned char param) > { > + int done_with_skb = 1; > BT_DBG("session %p skb %p len %d param 0x%02x", session, skb, skb->len, param); > > switch (param) { > @@ -417,7 +511,6 @@ static void hidp_process_data(struct hidp_session *session, struct sk_buff *skb, > > if (session->hid) > hid_input_report(session->hid, HID_INPUT_REPORT, skb->data, skb->len, 0); > - > break; > > case HIDP_DATA_RTYPE_OTHER: > @@ -429,12 +522,27 @@ static void hidp_process_data(struct hidp_session *session, struct sk_buff *skb, > __hidp_send_ctrl_message(session, > HIDP_TRANS_HANDSHAKE | HIDP_HSHK_ERR_INVALID_PARAMETER, NULL, 0); > } > + > + if (test_bit(HIDP_WAITING_FOR_RETURN, &session->flags) && > + param == session->waiting_report_type) { > + if (session->waiting_report_number < 0 || > + session->waiting_report_number == skb->data[0]) { > + /* hidp_get_raw_report() is waiting on this report. */ > + session->report_return = skb; > + done_with_skb = 0; > + clear_bit(HIDP_WAITING_FOR_RETURN, &session->flags); > + wake_up_interruptible(&session->report_queue); > + } > + } > + > + return done_with_skb; > } > > static void hidp_recv_ctrl_frame(struct hidp_session *session, > struct sk_buff *skb) > { > unsigned char hdr, type, param; > + int free_skb = 1; > > BT_DBG("session %p skb %p len %d", session, skb, skb->len); > > @@ -454,7 +562,7 @@ static void hidp_recv_ctrl_frame(struct hidp_session *session, > break; > > case HIDP_TRANS_DATA: > - hidp_process_data(session, skb, param); > + free_skb = hidp_process_data(session, skb, param); > break; > > default: > @@ -463,7 +571,8 @@ static void hidp_recv_ctrl_frame(struct hidp_session *session, > break; > } > > - kfree_skb(skb); > + if (free_skb) > + kfree_skb(skb); > } > > static void hidp_recv_intr_frame(struct hidp_session *session, > @@ -797,6 +906,7 @@ static int hidp_setup_hid(struct hidp_session *session, > hid->dev.parent = hidp_get_device(session); > hid->ll_driver = &hidp_hid_driver; > > + hid->hid_get_raw_report = hidp_get_raw_report; > hid->hid_output_raw_report = hidp_output_raw_report; > > err = hid_add_device(hid); > @@ -857,6 +967,9 @@ int hidp_add_connection(struct hidp_connadd_req *req, struct socket *ctrl_sock, > skb_queue_head_init(&session->ctrl_transmit); > skb_queue_head_init(&session->intr_transmit); > > + mutex_init(&session->report_mutex); > + init_waitqueue_head(&session->report_queue); > + > session->flags = req->flags & (1 << HIDP_BLUETOOTH_VENDOR_ID); > session->idle_to = req->idle_to; > > diff --git a/net/bluetooth/hidp/hidp.h b/net/bluetooth/hidp/hidp.h > index 8d934a1..00e71dd 100644 > --- a/net/bluetooth/hidp/hidp.h > +++ b/net/bluetooth/hidp/hidp.h > @@ -80,6 +80,7 @@ > #define HIDP_VIRTUAL_CABLE_UNPLUG 0 > #define HIDP_BOOT_PROTOCOL_MODE 1 > #define HIDP_BLUETOOTH_VENDOR_ID 9 > +#define HIDP_WAITING_FOR_RETURN 10 > > struct hidp_connadd_req { > int ctrl_sock; // Connected control socket > @@ -154,6 +155,13 @@ struct hidp_session { > struct sk_buff_head ctrl_transmit; > struct sk_buff_head intr_transmit; > > + /* Used in hidp_get_raw_report() */ > + int waiting_report_type; /* HIDP_DATA_RTYPE_* */ > + int waiting_report_number; /* -1 for not numbered */ > + struct mutex report_mutex; > + struct sk_buff *report_return; > + wait_queue_head_t report_queue; > + > /* Report descriptor */ > __u8 *rd_data; > uint rd_size; > -- > 1.7.0.4 > > -- Jiri Kosina SUSE Labs, Novell Inc. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo(a)vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
From: Jiri Kosina on 29 Jun 2010 05:00
On Tue, 29 Jun 2010, David Miller wrote: > >> This patch adds support or getting and setting feature reports for bluetooth > >> HID devices from HIDRAW. > >> > >> Signed-off-by: Alan Ott <alan(a)signal11.us> > >> --- > > > > Ping. > > We effectively don't have a bluetooth maintainer at the current point in > time. I've tried to let patches sit for a while hoping the listed > maintainer would do something, at least occaisionally, but that simply > isn't happening. Frankly, I don't understand what exactly the current situation with in-kernel bluetooth stack is anyway. What is the relation between what we have in net/bluetooth and the tree at [1], which seems to be quite actively developed? > So I'll just pick patches up directly as I find time to review them, but > I have to warn that for me it's going to be done in a very low priority > way because I really don't find bluetooth all that exciting. :-) If needed, I can at least take over the net/bluetooth/hidp part, as I maintain the rest of the HID code anyway. [1] http://git.kernel.org/?p=bluetooth/bluez.git;a=summary -- Jiri Kosina SUSE Labs, Novell Inc. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo(a)vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/ |