Version:  2.0.40 2.2.26 2.4.37 3.0 3.1 3.2 3.3 3.4 3.5 3.6 3.7 3.8 3.9 3.10 3.11 3.12 3.13 3.14 3.15 3.16

Linux/drivers/input/evdev.c

  1 /*
  2  * Event char devices, giving access to raw input device events.
  3  *
  4  * Copyright (c) 1999-2002 Vojtech Pavlik
  5  *
  6  * This program is free software; you can redistribute it and/or modify it
  7  * under the terms of the GNU General Public License version 2 as published by
  8  * the Free Software Foundation.
  9  */
 10 
 11 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
 12 
 13 #define EVDEV_MINOR_BASE        64
 14 #define EVDEV_MINORS            32
 15 #define EVDEV_MIN_BUFFER_SIZE   64U
 16 #define EVDEV_BUF_PACKETS       8
 17 
 18 #include <linux/poll.h>
 19 #include <linux/sched.h>
 20 #include <linux/slab.h>
 21 #include <linux/vmalloc.h>
 22 #include <linux/mm.h>
 23 #include <linux/module.h>
 24 #include <linux/init.h>
 25 #include <linux/input/mt.h>
 26 #include <linux/major.h>
 27 #include <linux/device.h>
 28 #include <linux/cdev.h>
 29 #include "input-compat.h"
 30 
 31 struct evdev {
 32         int open;
 33         struct input_handle handle;
 34         wait_queue_head_t wait;
 35         struct evdev_client __rcu *grab;
 36         struct list_head client_list;
 37         spinlock_t client_lock; /* protects client_list */
 38         struct mutex mutex;
 39         struct device dev;
 40         struct cdev cdev;
 41         bool exist;
 42 };
 43 
 44 struct evdev_client {
 45         unsigned int head;
 46         unsigned int tail;
 47         unsigned int packet_head; /* [future] position of the first element of next packet */
 48         spinlock_t buffer_lock; /* protects access to buffer, head and tail */
 49         struct fasync_struct *fasync;
 50         struct evdev *evdev;
 51         struct list_head node;
 52         int clkid;
 53         bool revoked;
 54         unsigned int bufsize;
 55         struct input_event buffer[];
 56 };
 57 
 58 /* flush queued events of type @type, caller must hold client->buffer_lock */
 59 static void __evdev_flush_queue(struct evdev_client *client, unsigned int type)
 60 {
 61         unsigned int i, head, num;
 62         unsigned int mask = client->bufsize - 1;
 63         bool is_report;
 64         struct input_event *ev;
 65 
 66         BUG_ON(type == EV_SYN);
 67 
 68         head = client->tail;
 69         client->packet_head = client->tail;
 70 
 71         /* init to 1 so a leading SYN_REPORT will not be dropped */
 72         num = 1;
 73 
 74         for (i = client->tail; i != client->head; i = (i + 1) & mask) {
 75                 ev = &client->buffer[i];
 76                 is_report = ev->type == EV_SYN && ev->code == SYN_REPORT;
 77 
 78                 if (ev->type == type) {
 79                         /* drop matched entry */
 80                         continue;
 81                 } else if (is_report && !num) {
 82                         /* drop empty SYN_REPORT groups */
 83                         continue;
 84                 } else if (head != i) {
 85                         /* move entry to fill the gap */
 86                         client->buffer[head].time = ev->time;
 87                         client->buffer[head].type = ev->type;
 88                         client->buffer[head].code = ev->code;
 89                         client->buffer[head].value = ev->value;
 90                 }
 91 
 92                 num++;
 93                 head = (head + 1) & mask;
 94 
 95                 if (is_report) {
 96                         num = 0;
 97                         client->packet_head = head;
 98                 }
 99         }
100 
101         client->head = head;
102 }
103 
104 /* queue SYN_DROPPED event */
105 static void evdev_queue_syn_dropped(struct evdev_client *client)
106 {
107         unsigned long flags;
108         struct input_event ev;
109         ktime_t time;
110 
111         time = ktime_get();
112         if (client->clkid != CLOCK_MONOTONIC)
113                 time = ktime_sub(time, ktime_get_monotonic_offset());
114 
115         ev.time = ktime_to_timeval(time);
116         ev.type = EV_SYN;
117         ev.code = SYN_DROPPED;
118         ev.value = 0;
119 
120         spin_lock_irqsave(&client->buffer_lock, flags);
121 
122         client->buffer[client->head++] = ev;
123         client->head &= client->bufsize - 1;
124 
125         if (unlikely(client->head == client->tail)) {
126                 /* drop queue but keep our SYN_DROPPED event */
127                 client->tail = (client->head - 1) & (client->bufsize - 1);
128                 client->packet_head = client->tail;
129         }
130 
131         spin_unlock_irqrestore(&client->buffer_lock, flags);
132 }
133 
134 static void __pass_event(struct evdev_client *client,
135                          const struct input_event *event)
136 {
137         client->buffer[client->head++] = *event;
138         client->head &= client->bufsize - 1;
139 
140         if (unlikely(client->head == client->tail)) {
141                 /*
142                  * This effectively "drops" all unconsumed events, leaving
143                  * EV_SYN/SYN_DROPPED plus the newest event in the queue.
144                  */
145                 client->tail = (client->head - 2) & (client->bufsize - 1);
146 
147                 client->buffer[client->tail].time = event->time;
148                 client->buffer[client->tail].type = EV_SYN;
149                 client->buffer[client->tail].code = SYN_DROPPED;
150                 client->buffer[client->tail].value = 0;
151 
152                 client->packet_head = client->tail;
153         }
154 
155         if (event->type == EV_SYN && event->code == SYN_REPORT) {
156                 client->packet_head = client->head;
157                 kill_fasync(&client->fasync, SIGIO, POLL_IN);
158         }
159 }
160 
161 static void evdev_pass_values(struct evdev_client *client,
162                         const struct input_value *vals, unsigned int count,
163                         ktime_t mono, ktime_t real)
164 {
165         struct evdev *evdev = client->evdev;
166         const struct input_value *v;
167         struct input_event event;
168         bool wakeup = false;
169 
170         if (client->revoked)
171                 return;
172 
173         event.time = ktime_to_timeval(client->clkid == CLOCK_MONOTONIC ?
174                                       mono : real);
175 
176         /* Interrupts are disabled, just acquire the lock. */
177         spin_lock(&client->buffer_lock);
178 
179         for (v = vals; v != vals + count; v++) {
180                 event.type = v->type;
181                 event.code = v->code;
182                 event.value = v->value;
183                 __pass_event(client, &event);
184                 if (v->type == EV_SYN && v->code == SYN_REPORT)
185                         wakeup = true;
186         }
187 
188         spin_unlock(&client->buffer_lock);
189 
190         if (wakeup)
191                 wake_up_interruptible(&evdev->wait);
192 }
193 
194 /*
195  * Pass incoming events to all connected clients.
196  */
197 static void evdev_events(struct input_handle *handle,
198                          const struct input_value *vals, unsigned int count)
199 {
200         struct evdev *evdev = handle->private;
201         struct evdev_client *client;
202         ktime_t time_mono, time_real;
203 
204         time_mono = ktime_get();
205         time_real = ktime_sub(time_mono, ktime_get_monotonic_offset());
206 
207         rcu_read_lock();
208 
209         client = rcu_dereference(evdev->grab);
210 
211         if (client)
212                 evdev_pass_values(client, vals, count, time_mono, time_real);
213         else
214                 list_for_each_entry_rcu(client, &evdev->client_list, node)
215                         evdev_pass_values(client, vals, count,
216                                           time_mono, time_real);
217 
218         rcu_read_unlock();
219 }
220 
221 /*
222  * Pass incoming event to all connected clients.
223  */
224 static void evdev_event(struct input_handle *handle,
225                         unsigned int type, unsigned int code, int value)
226 {
227         struct input_value vals[] = { { type, code, value } };
228 
229         evdev_events(handle, vals, 1);
230 }
231 
232 static int evdev_fasync(int fd, struct file *file, int on)
233 {
234         struct evdev_client *client = file->private_data;
235 
236         return fasync_helper(fd, file, on, &client->fasync);
237 }
238 
239 static int evdev_flush(struct file *file, fl_owner_t id)
240 {
241         struct evdev_client *client = file->private_data;
242         struct evdev *evdev = client->evdev;
243         int retval;
244 
245         retval = mutex_lock_interruptible(&evdev->mutex);
246         if (retval)
247                 return retval;
248 
249         if (!evdev->exist || client->revoked)
250                 retval = -ENODEV;
251         else
252                 retval = input_flush_device(&evdev->handle, file);
253 
254         mutex_unlock(&evdev->mutex);
255         return retval;
256 }
257 
258 static void evdev_free(struct device *dev)
259 {
260         struct evdev *evdev = container_of(dev, struct evdev, dev);
261 
262         input_put_device(evdev->handle.dev);
263         kfree(evdev);
264 }
265 
266 /*
267  * Grabs an event device (along with underlying input device).
268  * This function is called with evdev->mutex taken.
269  */
270 static int evdev_grab(struct evdev *evdev, struct evdev_client *client)
271 {
272         int error;
273 
274         if (evdev->grab)
275                 return -EBUSY;
276 
277         error = input_grab_device(&evdev->handle);
278         if (error)
279                 return error;
280 
281         rcu_assign_pointer(evdev->grab, client);
282 
283         return 0;
284 }
285 
286 static int evdev_ungrab(struct evdev *evdev, struct evdev_client *client)
287 {
288         struct evdev_client *grab = rcu_dereference_protected(evdev->grab,
289                                         lockdep_is_held(&evdev->mutex));
290 
291         if (grab != client)
292                 return  -EINVAL;
293 
294         rcu_assign_pointer(evdev->grab, NULL);
295         synchronize_rcu();
296         input_release_device(&evdev->handle);
297 
298         return 0;
299 }
300 
301 static void evdev_attach_client(struct evdev *evdev,
302                                 struct evdev_client *client)
303 {
304         spin_lock(&evdev->client_lock);
305         list_add_tail_rcu(&client->node, &evdev->client_list);
306         spin_unlock(&evdev->client_lock);
307 }
308 
309 static void evdev_detach_client(struct evdev *evdev,
310                                 struct evdev_client *client)
311 {
312         spin_lock(&evdev->client_lock);
313         list_del_rcu(&client->node);
314         spin_unlock(&evdev->client_lock);
315         synchronize_rcu();
316 }
317 
318 static int evdev_open_device(struct evdev *evdev)
319 {
320         int retval;
321 
322         retval = mutex_lock_interruptible(&evdev->mutex);
323         if (retval)
324                 return retval;
325 
326         if (!evdev->exist)
327                 retval = -ENODEV;
328         else if (!evdev->open++) {
329                 retval = input_open_device(&evdev->handle);
330                 if (retval)
331                         evdev->open--;
332         }
333 
334         mutex_unlock(&evdev->mutex);
335         return retval;
336 }
337 
338 static void evdev_close_device(struct evdev *evdev)
339 {
340         mutex_lock(&evdev->mutex);
341 
342         if (evdev->exist && !--evdev->open)
343                 input_close_device(&evdev->handle);
344 
345         mutex_unlock(&evdev->mutex);
346 }
347 
348 /*
349  * Wake up users waiting for IO so they can disconnect from
350  * dead device.
351  */
352 static void evdev_hangup(struct evdev *evdev)
353 {
354         struct evdev_client *client;
355 
356         spin_lock(&evdev->client_lock);
357         list_for_each_entry(client, &evdev->client_list, node)
358                 kill_fasync(&client->fasync, SIGIO, POLL_HUP);
359         spin_unlock(&evdev->client_lock);
360 
361         wake_up_interruptible(&evdev->wait);
362 }
363 
364 static int evdev_release(struct inode *inode, struct file *file)
365 {
366         struct evdev_client *client = file->private_data;
367         struct evdev *evdev = client->evdev;
368 
369         mutex_lock(&evdev->mutex);
370         evdev_ungrab(evdev, client);
371         mutex_unlock(&evdev->mutex);
372 
373         evdev_detach_client(evdev, client);
374 
375         if (is_vmalloc_addr(client))
376                 vfree(client);
377         else
378                 kfree(client);
379 
380         evdev_close_device(evdev);
381 
382         return 0;
383 }
384 
385 static unsigned int evdev_compute_buffer_size(struct input_dev *dev)
386 {
387         unsigned int n_events =
388                 max(dev->hint_events_per_packet * EVDEV_BUF_PACKETS,
389                     EVDEV_MIN_BUFFER_SIZE);
390 
391         return roundup_pow_of_two(n_events);
392 }
393 
394 static int evdev_open(struct inode *inode, struct file *file)
395 {
396         struct evdev *evdev = container_of(inode->i_cdev, struct evdev, cdev);
397         unsigned int bufsize = evdev_compute_buffer_size(evdev->handle.dev);
398         unsigned int size = sizeof(struct evdev_client) +
399                                         bufsize * sizeof(struct input_event);
400         struct evdev_client *client;
401         int error;
402 
403         client = kzalloc(size, GFP_KERNEL | __GFP_NOWARN);
404         if (!client)
405                 client = vzalloc(size);
406         if (!client)
407                 return -ENOMEM;
408 
409         client->bufsize = bufsize;
410         spin_lock_init(&client->buffer_lock);
411         client->evdev = evdev;
412         evdev_attach_client(evdev, client);
413 
414         error = evdev_open_device(evdev);
415         if (error)
416                 goto err_free_client;
417 
418         file->private_data = client;
419         nonseekable_open(inode, file);
420 
421         return 0;
422 
423  err_free_client:
424         evdev_detach_client(evdev, client);
425         kfree(client);
426         return error;
427 }
428 
429 static ssize_t evdev_write(struct file *file, const char __user *buffer,
430                            size_t count, loff_t *ppos)
431 {
432         struct evdev_client *client = file->private_data;
433         struct evdev *evdev = client->evdev;
434         struct input_event event;
435         int retval = 0;
436 
437         if (count != 0 && count < input_event_size())
438                 return -EINVAL;
439 
440         retval = mutex_lock_interruptible(&evdev->mutex);
441         if (retval)
442                 return retval;
443 
444         if (!evdev->exist || client->revoked) {
445                 retval = -ENODEV;
446                 goto out;
447         }
448 
449         while (retval + input_event_size() <= count) {
450 
451                 if (input_event_from_user(buffer + retval, &event)) {
452                         retval = -EFAULT;
453                         goto out;
454                 }
455                 retval += input_event_size();
456 
457                 input_inject_event(&evdev->handle,
458                                    event.type, event.code, event.value);
459         }
460 
461  out:
462         mutex_unlock(&evdev->mutex);
463         return retval;
464 }
465 
466 static int evdev_fetch_next_event(struct evdev_client *client,
467                                   struct input_event *event)
468 {
469         int have_event;
470 
471         spin_lock_irq(&client->buffer_lock);
472 
473         have_event = client->packet_head != client->tail;
474         if (have_event) {
475                 *event = client->buffer[client->tail++];
476                 client->tail &= client->bufsize - 1;
477         }
478 
479         spin_unlock_irq(&client->buffer_lock);
480 
481         return have_event;
482 }
483 
484 static ssize_t evdev_read(struct file *file, char __user *buffer,
485                           size_t count, loff_t *ppos)
486 {
487         struct evdev_client *client = file->private_data;
488         struct evdev *evdev = client->evdev;
489         struct input_event event;
490         size_t read = 0;
491         int error;
492 
493         if (count != 0 && count < input_event_size())
494                 return -EINVAL;
495 
496         for (;;) {
497                 if (!evdev->exist || client->revoked)
498                         return -ENODEV;
499 
500                 if (client->packet_head == client->tail &&
501                     (file->f_flags & O_NONBLOCK))
502                         return -EAGAIN;
503 
504                 /*
505                  * count == 0 is special - no IO is done but we check
506                  * for error conditions (see above).
507                  */
508                 if (count == 0)
509                         break;
510 
511                 while (read + input_event_size() <= count &&
512                        evdev_fetch_next_event(client, &event)) {
513 
514                         if (input_event_to_user(buffer + read, &event))
515                                 return -EFAULT;
516 
517                         read += input_event_size();
518                 }
519 
520                 if (read)
521                         break;
522 
523                 if (!(file->f_flags & O_NONBLOCK)) {
524                         error = wait_event_interruptible(evdev->wait,
525                                         client->packet_head != client->tail ||
526                                         !evdev->exist || client->revoked);
527                         if (error)
528                                 return error;
529                 }
530         }
531 
532         return read;
533 }
534 
535 /* No kernel lock - fine */
536 static unsigned int evdev_poll(struct file *file, poll_table *wait)
537 {
538         struct evdev_client *client = file->private_data;
539         struct evdev *evdev = client->evdev;
540         unsigned int mask;
541 
542         poll_wait(file, &evdev->wait, wait);
543 
544         if (evdev->exist && !client->revoked)
545                 mask = POLLOUT | POLLWRNORM;
546         else
547                 mask = POLLHUP | POLLERR;
548 
549         if (client->packet_head != client->tail)
550                 mask |= POLLIN | POLLRDNORM;
551 
552         return mask;
553 }
554 
555 #ifdef CONFIG_COMPAT
556 
557 #define BITS_PER_LONG_COMPAT (sizeof(compat_long_t) * 8)
558 #define BITS_TO_LONGS_COMPAT(x) ((((x) - 1) / BITS_PER_LONG_COMPAT) + 1)
559 
560 #ifdef __BIG_ENDIAN
561 static int bits_to_user(unsigned long *bits, unsigned int maxbit,
562                         unsigned int maxlen, void __user *p, int compat)
563 {
564         int len, i;
565 
566         if (compat) {
567                 len = BITS_TO_LONGS_COMPAT(maxbit) * sizeof(compat_long_t);
568                 if (len > maxlen)
569                         len = maxlen;
570 
571                 for (i = 0; i < len / sizeof(compat_long_t); i++)
572                         if (copy_to_user((compat_long_t __user *) p + i,
573                                          (compat_long_t *) bits +
574                                                 i + 1 - ((i % 2) << 1),
575                                          sizeof(compat_long_t)))
576                                 return -EFAULT;
577         } else {
578                 len = BITS_TO_LONGS(maxbit) * sizeof(long);
579                 if (len > maxlen)
580                         len = maxlen;
581 
582                 if (copy_to_user(p, bits, len))
583                         return -EFAULT;
584         }
585 
586         return len;
587 }
588 #else
589 static int bits_to_user(unsigned long *bits, unsigned int maxbit,
590                         unsigned int maxlen, void __user *p, int compat)
591 {
592         int len = compat ?
593                         BITS_TO_LONGS_COMPAT(maxbit) * sizeof(compat_long_t) :
594                         BITS_TO_LONGS(maxbit) * sizeof(long);
595 
596         if (len > maxlen)
597                 len = maxlen;
598 
599         return copy_to_user(p, bits, len) ? -EFAULT : len;
600 }
601 #endif /* __BIG_ENDIAN */
602 
603 #else
604 
605 static int bits_to_user(unsigned long *bits, unsigned int maxbit,
606                         unsigned int maxlen, void __user *p, int compat)
607 {
608         int len = BITS_TO_LONGS(maxbit) * sizeof(long);
609 
610         if (len > maxlen)
611                 len = maxlen;
612 
613         return copy_to_user(p, bits, len) ? -EFAULT : len;
614 }
615 
616 #endif /* CONFIG_COMPAT */
617 
618 static int str_to_user(const char *str, unsigned int maxlen, void __user *p)
619 {
620         int len;
621 
622         if (!str)
623                 return -ENOENT;
624 
625         len = strlen(str) + 1;
626         if (len > maxlen)
627                 len = maxlen;
628 
629         return copy_to_user(p, str, len) ? -EFAULT : len;
630 }
631 
632 static int handle_eviocgbit(struct input_dev *dev,
633                             unsigned int type, unsigned int size,
634                             void __user *p, int compat_mode)
635 {
636         unsigned long *bits;
637         int len;
638 
639         switch (type) {
640 
641         case      0: bits = dev->evbit;  len = EV_MAX;  break;
642         case EV_KEY: bits = dev->keybit; len = KEY_MAX; break;
643         case EV_REL: bits = dev->relbit; len = REL_MAX; break;
644         case EV_ABS: bits = dev->absbit; len = ABS_MAX; break;
645         case EV_MSC: bits = dev->mscbit; len = MSC_MAX; break;
646         case EV_LED: bits = dev->ledbit; len = LED_MAX; break;
647         case EV_SND: bits = dev->sndbit; len = SND_MAX; break;
648         case EV_FF:  bits = dev->ffbit;  len = FF_MAX;  break;
649         case EV_SW:  bits = dev->swbit;  len = SW_MAX;  break;
650         default: return -EINVAL;
651         }
652 
653         return bits_to_user(bits, len, size, p, compat_mode);
654 }
655 
656 static int evdev_handle_get_keycode(struct input_dev *dev, void __user *p)
657 {
658         struct input_keymap_entry ke = {
659                 .len    = sizeof(unsigned int),
660                 .flags  = 0,
661         };
662         int __user *ip = (int __user *)p;
663         int error;
664 
665         /* legacy case */
666         if (copy_from_user(ke.scancode, p, sizeof(unsigned int)))
667                 return -EFAULT;
668 
669         error = input_get_keycode(dev, &ke);
670         if (error)
671                 return error;
672 
673         if (put_user(ke.keycode, ip + 1))
674                 return -EFAULT;
675 
676         return 0;
677 }
678 
679 static int evdev_handle_get_keycode_v2(struct input_dev *dev, void __user *p)
680 {
681         struct input_keymap_entry ke;
682         int error;
683 
684         if (copy_from_user(&ke, p, sizeof(ke)))
685                 return -EFAULT;
686 
687         error = input_get_keycode(dev, &ke);
688         if (error)
689                 return error;
690 
691         if (copy_to_user(p, &ke, sizeof(ke)))
692                 return -EFAULT;
693 
694         return 0;
695 }
696 
697 static int evdev_handle_set_keycode(struct input_dev *dev, void __user *p)
698 {
699         struct input_keymap_entry ke = {
700                 .len    = sizeof(unsigned int),
701                 .flags  = 0,
702         };
703         int __user *ip = (int __user *)p;
704 
705         if (copy_from_user(ke.scancode, p, sizeof(unsigned int)))
706                 return -EFAULT;
707 
708         if (get_user(ke.keycode, ip + 1))
709                 return -EFAULT;
710 
711         return input_set_keycode(dev, &ke);
712 }
713 
714 static int evdev_handle_set_keycode_v2(struct input_dev *dev, void __user *p)
715 {
716         struct input_keymap_entry ke;
717 
718         if (copy_from_user(&ke, p, sizeof(ke)))
719                 return -EFAULT;
720 
721         if (ke.len > sizeof(ke.scancode))
722                 return -EINVAL;
723 
724         return input_set_keycode(dev, &ke);
725 }
726 
727 /*
728  * If we transfer state to the user, we should flush all pending events
729  * of the same type from the client's queue. Otherwise, they might end up
730  * with duplicate events, which can screw up client's state tracking.
731  * If bits_to_user fails after flushing the queue, we queue a SYN_DROPPED
732  * event so user-space will notice missing events.
733  *
734  * LOCKING:
735  * We need to take event_lock before buffer_lock to avoid dead-locks. But we
736  * need the even_lock only to guarantee consistent state. We can safely release
737  * it while flushing the queue. This allows input-core to handle filters while
738  * we flush the queue.
739  */
740 static int evdev_handle_get_val(struct evdev_client *client,
741                                 struct input_dev *dev, unsigned int type,
742                                 unsigned long *bits, unsigned int max,
743                                 unsigned int size, void __user *p, int compat)
744 {
745         int ret;
746         unsigned long *mem;
747 
748         mem = kmalloc(sizeof(unsigned long) * max, GFP_KERNEL);
749         if (!mem)
750                 return -ENOMEM;
751 
752         spin_lock_irq(&dev->event_lock);
753         spin_lock(&client->buffer_lock);
754 
755         memcpy(mem, bits, sizeof(unsigned long) * max);
756 
757         spin_unlock(&dev->event_lock);
758 
759         __evdev_flush_queue(client, type);
760 
761         spin_unlock_irq(&client->buffer_lock);
762 
763         ret = bits_to_user(mem, max, size, p, compat);
764         if (ret < 0)
765                 evdev_queue_syn_dropped(client);
766 
767         kfree(mem);
768 
769         return ret;
770 }
771 
772 static int evdev_handle_mt_request(struct input_dev *dev,
773                                    unsigned int size,
774                                    int __user *ip)
775 {
776         const struct input_mt *mt = dev->mt;
777         unsigned int code;
778         int max_slots;
779         int i;
780 
781         if (get_user(code, &ip[0]))
782                 return -EFAULT;
783         if (!mt || !input_is_mt_value(code))
784                 return -EINVAL;
785 
786         max_slots = (size - sizeof(__u32)) / sizeof(__s32);
787         for (i = 0; i < mt->num_slots && i < max_slots; i++) {
788                 int value = input_mt_get_value(&mt->slots[i], code);
789                 if (put_user(value, &ip[1 + i]))
790                         return -EFAULT;
791         }
792 
793         return 0;
794 }
795 
796 static int evdev_revoke(struct evdev *evdev, struct evdev_client *client,
797                         struct file *file)
798 {
799         client->revoked = true;
800         evdev_ungrab(evdev, client);
801         input_flush_device(&evdev->handle, file);
802         wake_up_interruptible(&evdev->wait);
803 
804         return 0;
805 }
806 
807 static long evdev_do_ioctl(struct file *file, unsigned int cmd,
808                            void __user *p, int compat_mode)
809 {
810         struct evdev_client *client = file->private_data;
811         struct evdev *evdev = client->evdev;
812         struct input_dev *dev = evdev->handle.dev;
813         struct input_absinfo abs;
814         struct ff_effect effect;
815         int __user *ip = (int __user *)p;
816         unsigned int i, t, u, v;
817         unsigned int size;
818         int error;
819 
820         /* First we check for fixed-length commands */
821         switch (cmd) {
822 
823         case EVIOCGVERSION:
824                 return put_user(EV_VERSION, ip);
825 
826         case EVIOCGID:
827                 if (copy_to_user(p, &dev->id, sizeof(struct input_id)))
828                         return -EFAULT;
829                 return 0;
830 
831         case EVIOCGREP:
832                 if (!test_bit(EV_REP, dev->evbit))
833                         return -ENOSYS;
834                 if (put_user(dev->rep[REP_DELAY], ip))
835                         return -EFAULT;
836                 if (put_user(dev->rep[REP_PERIOD], ip + 1))
837                         return -EFAULT;
838                 return 0;
839 
840         case EVIOCSREP:
841                 if (!test_bit(EV_REP, dev->evbit))
842                         return -ENOSYS;
843                 if (get_user(u, ip))
844                         return -EFAULT;
845                 if (get_user(v, ip + 1))
846                         return -EFAULT;
847 
848                 input_inject_event(&evdev->handle, EV_REP, REP_DELAY, u);
849                 input_inject_event(&evdev->handle, EV_REP, REP_PERIOD, v);
850 
851                 return 0;
852 
853         case EVIOCRMFF:
854                 return input_ff_erase(dev, (int)(unsigned long) p, file);
855 
856         case EVIOCGEFFECTS:
857                 i = test_bit(EV_FF, dev->evbit) ?
858                                 dev->ff->max_effects : 0;
859                 if (put_user(i, ip))
860                         return -EFAULT;
861                 return 0;
862 
863         case EVIOCGRAB:
864                 if (p)
865                         return evdev_grab(evdev, client);
866                 else
867                         return evdev_ungrab(evdev, client);
868 
869         case EVIOCREVOKE:
870                 if (p)
871                         return -EINVAL;
872                 else
873                         return evdev_revoke(evdev, client, file);
874 
875         case EVIOCSCLOCKID:
876                 if (copy_from_user(&i, p, sizeof(unsigned int)))
877                         return -EFAULT;
878                 if (i != CLOCK_MONOTONIC && i != CLOCK_REALTIME)
879                         return -EINVAL;
880                 client->clkid = i;
881                 return 0;
882 
883         case EVIOCGKEYCODE:
884                 return evdev_handle_get_keycode(dev, p);
885 
886         case EVIOCSKEYCODE:
887                 return evdev_handle_set_keycode(dev, p);
888 
889         case EVIOCGKEYCODE_V2:
890                 return evdev_handle_get_keycode_v2(dev, p);
891 
892         case EVIOCSKEYCODE_V2:
893                 return evdev_handle_set_keycode_v2(dev, p);
894         }
895 
896         size = _IOC_SIZE(cmd);
897 
898         /* Now check variable-length commands */
899 #define EVIOC_MASK_SIZE(nr)     ((nr) & ~(_IOC_SIZEMASK << _IOC_SIZESHIFT))
900         switch (EVIOC_MASK_SIZE(cmd)) {
901 
902         case EVIOCGPROP(0):
903                 return bits_to_user(dev->propbit, INPUT_PROP_MAX,
904                                     size, p, compat_mode);
905 
906         case EVIOCGMTSLOTS(0):
907                 return evdev_handle_mt_request(dev, size, ip);
908 
909         case EVIOCGKEY(0):
910                 return evdev_handle_get_val(client, dev, EV_KEY, dev->key,
911                                             KEY_MAX, size, p, compat_mode);
912 
913         case EVIOCGLED(0):
914                 return evdev_handle_get_val(client, dev, EV_LED, dev->led,
915                                             LED_MAX, size, p, compat_mode);
916 
917         case EVIOCGSND(0):
918                 return evdev_handle_get_val(client, dev, EV_SND, dev->snd,
919                                             SND_MAX, size, p, compat_mode);
920 
921         case EVIOCGSW(0):
922                 return evdev_handle_get_val(client, dev, EV_SW, dev->sw,
923                                             SW_MAX, size, p, compat_mode);
924 
925         case EVIOCGNAME(0):
926                 return str_to_user(dev->name, size, p);
927 
928         case EVIOCGPHYS(0):
929                 return str_to_user(dev->phys, size, p);
930 
931         case EVIOCGUNIQ(0):
932                 return str_to_user(dev->uniq, size, p);
933 
934         case EVIOC_MASK_SIZE(EVIOCSFF):
935                 if (input_ff_effect_from_user(p, size, &effect))
936                         return -EFAULT;
937 
938                 error = input_ff_upload(dev, &effect, file);
939                 if (error)
940                         return error;
941 
942                 if (put_user(effect.id, &(((struct ff_effect __user *)p)->id)))
943                         return -EFAULT;
944 
945                 return 0;
946         }
947 
948         /* Multi-number variable-length handlers */
949         if (_IOC_TYPE(cmd) != 'E')
950                 return -EINVAL;
951 
952         if (_IOC_DIR(cmd) == _IOC_READ) {
953 
954                 if ((_IOC_NR(cmd) & ~EV_MAX) == _IOC_NR(EVIOCGBIT(0, 0)))
955                         return handle_eviocgbit(dev,
956                                                 _IOC_NR(cmd) & EV_MAX, size,
957                                                 p, compat_mode);
958 
959                 if ((_IOC_NR(cmd) & ~ABS_MAX) == _IOC_NR(EVIOCGABS(0))) {
960 
961                         if (!dev->absinfo)
962                                 return -EINVAL;
963 
964                         t = _IOC_NR(cmd) & ABS_MAX;
965                         abs = dev->absinfo[t];
966 
967                         if (copy_to_user(p, &abs, min_t(size_t,
968                                         size, sizeof(struct input_absinfo))))
969                                 return -EFAULT;
970 
971                         return 0;
972                 }
973         }
974 
975         if (_IOC_DIR(cmd) == _IOC_WRITE) {
976 
977                 if ((_IOC_NR(cmd) & ~ABS_MAX) == _IOC_NR(EVIOCSABS(0))) {
978 
979                         if (!dev->absinfo)
980                                 return -EINVAL;
981 
982                         t = _IOC_NR(cmd) & ABS_MAX;
983 
984                         if (copy_from_user(&abs, p, min_t(size_t,
985                                         size, sizeof(struct input_absinfo))))
986                                 return -EFAULT;
987 
988                         if (size < sizeof(struct input_absinfo))
989                                 abs.resolution = 0;
990 
991                         /* We can't change number of reserved MT slots */
992                         if (t == ABS_MT_SLOT)
993                                 return -EINVAL;
994 
995                         /*
996                          * Take event lock to ensure that we are not
997                          * changing device parameters in the middle
998                          * of event.
999                          */
1000                         spin_lock_irq(&dev->event_lock);
1001                         dev->absinfo[t] = abs;
1002                         spin_unlock_irq(&dev->event_lock);
1003 
1004                         return 0;
1005                 }
1006         }
1007 
1008         return -EINVAL;
1009 }
1010 
1011 static long evdev_ioctl_handler(struct file *file, unsigned int cmd,
1012                                 void __user *p, int compat_mode)
1013 {
1014         struct evdev_client *client = file->private_data;
1015         struct evdev *evdev = client->evdev;
1016         int retval;
1017 
1018         retval = mutex_lock_interruptible(&evdev->mutex);
1019         if (retval)
1020                 return retval;
1021 
1022         if (!evdev->exist || client->revoked) {
1023                 retval = -ENODEV;
1024                 goto out;
1025         }
1026 
1027         retval = evdev_do_ioctl(file, cmd, p, compat_mode);
1028 
1029  out:
1030         mutex_unlock(&evdev->mutex);
1031         return retval;
1032 }
1033 
1034 static long evdev_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
1035 {
1036         return evdev_ioctl_handler(file, cmd, (void __user *)arg, 0);
1037 }
1038 
1039 #ifdef CONFIG_COMPAT
1040 static long evdev_ioctl_compat(struct file *file,
1041                                 unsigned int cmd, unsigned long arg)
1042 {
1043         return evdev_ioctl_handler(file, cmd, compat_ptr(arg), 1);
1044 }
1045 #endif
1046 
1047 static const struct file_operations evdev_fops = {
1048         .owner          = THIS_MODULE,
1049         .read           = evdev_read,
1050         .write          = evdev_write,
1051         .poll           = evdev_poll,
1052         .open           = evdev_open,
1053         .release        = evdev_release,
1054         .unlocked_ioctl = evdev_ioctl,
1055 #ifdef CONFIG_COMPAT
1056         .compat_ioctl   = evdev_ioctl_compat,
1057 #endif
1058         .fasync         = evdev_fasync,
1059         .flush          = evdev_flush,
1060         .llseek         = no_llseek,
1061 };
1062 
1063 /*
1064  * Mark device non-existent. This disables writes, ioctls and
1065  * prevents new users from opening the device. Already posted
1066  * blocking reads will stay, however new ones will fail.
1067  */
1068 static void evdev_mark_dead(struct evdev *evdev)
1069 {
1070         mutex_lock(&evdev->mutex);
1071         evdev->exist = false;
1072         mutex_unlock(&evdev->mutex);
1073 }
1074 
1075 static void evdev_cleanup(struct evdev *evdev)
1076 {
1077         struct input_handle *handle = &evdev->handle;
1078 
1079         evdev_mark_dead(evdev);
1080         evdev_hangup(evdev);
1081 
1082         cdev_del(&evdev->cdev);
1083 
1084         /* evdev is marked dead so no one else accesses evdev->open */
1085         if (evdev->open) {
1086                 input_flush_device(handle, NULL);
1087                 input_close_device(handle);
1088         }
1089 }
1090 
1091 /*
1092  * Create new evdev device. Note that input core serializes calls
1093  * to connect and disconnect.
1094  */
1095 static int evdev_connect(struct input_handler *handler, struct input_dev *dev,
1096                          const struct input_device_id *id)
1097 {
1098         struct evdev *evdev;
1099         int minor;
1100         int dev_no;
1101         int error;
1102 
1103         minor = input_get_new_minor(EVDEV_MINOR_BASE, EVDEV_MINORS, true);
1104         if (minor < 0) {
1105                 error = minor;
1106                 pr_err("failed to reserve new minor: %d\n", error);
1107                 return error;
1108         }
1109 
1110         evdev = kzalloc(sizeof(struct evdev), GFP_KERNEL);
1111         if (!evdev) {
1112                 error = -ENOMEM;
1113                 goto err_free_minor;
1114         }
1115 
1116         INIT_LIST_HEAD(&evdev->client_list);
1117         spin_lock_init(&evdev->client_lock);
1118         mutex_init(&evdev->mutex);
1119         init_waitqueue_head(&evdev->wait);
1120         evdev->exist = true;
1121 
1122         dev_no = minor;
1123         /* Normalize device number if it falls into legacy range */
1124         if (dev_no < EVDEV_MINOR_BASE + EVDEV_MINORS)
1125                 dev_no -= EVDEV_MINOR_BASE;
1126         dev_set_name(&evdev->dev, "event%d", dev_no);
1127 
1128         evdev->handle.dev = input_get_device(dev);
1129         evdev->handle.name = dev_name(&evdev->dev);
1130         evdev->handle.handler = handler;
1131         evdev->handle.private = evdev;
1132 
1133         evdev->dev.devt = MKDEV(INPUT_MAJOR, minor);
1134         evdev->dev.class = &input_class;
1135         evdev->dev.parent = &dev->dev;
1136         evdev->dev.release = evdev_free;
1137         device_initialize(&evdev->dev);
1138 
1139         error = input_register_handle(&evdev->handle);
1140         if (error)
1141                 goto err_free_evdev;
1142 
1143         cdev_init(&evdev->cdev, &evdev_fops);
1144         evdev->cdev.kobj.parent = &evdev->dev.kobj;
1145         error = cdev_add(&evdev->cdev, evdev->dev.devt, 1);
1146         if (error)
1147                 goto err_unregister_handle;
1148 
1149         error = device_add(&evdev->dev);
1150         if (error)
1151                 goto err_cleanup_evdev;
1152 
1153         return 0;
1154 
1155  err_cleanup_evdev:
1156         evdev_cleanup(evdev);
1157  err_unregister_handle:
1158         input_unregister_handle(&evdev->handle);
1159  err_free_evdev:
1160         put_device(&evdev->dev);
1161  err_free_minor:
1162         input_free_minor(minor);
1163         return error;
1164 }
1165 
1166 static void evdev_disconnect(struct input_handle *handle)
1167 {
1168         struct evdev *evdev = handle->private;
1169 
1170         device_del(&evdev->dev);
1171         evdev_cleanup(evdev);
1172         input_free_minor(MINOR(evdev->dev.devt));
1173         input_unregister_handle(handle);
1174         put_device(&evdev->dev);
1175 }
1176 
1177 static const struct input_device_id evdev_ids[] = {
1178         { .driver_info = 1 },   /* Matches all devices */
1179         { },                    /* Terminating zero entry */
1180 };
1181 
1182 MODULE_DEVICE_TABLE(input, evdev_ids);
1183 
1184 static struct input_handler evdev_handler = {
1185         .event          = evdev_event,
1186         .events         = evdev_events,
1187         .connect        = evdev_connect,
1188         .disconnect     = evdev_disconnect,
1189         .legacy_minors  = true,
1190         .minor          = EVDEV_MINOR_BASE,
1191         .name           = "evdev",
1192         .id_table       = evdev_ids,
1193 };
1194 
1195 static int __init evdev_init(void)
1196 {
1197         return input_register_handler(&evdev_handler);
1198 }
1199 
1200 static void __exit evdev_exit(void)
1201 {
1202         input_unregister_handler(&evdev_handler);
1203 }
1204 
1205 module_init(evdev_init);
1206 module_exit(evdev_exit);
1207 
1208 MODULE_AUTHOR("Vojtech Pavlik <vojtech@ucw.cz>");
1209 MODULE_DESCRIPTION("Input driver event char devices");
1210 MODULE_LICENSE("GPL");
1211 

This page was automatically generated by LXR 0.3.1 (source).  •  Linux is a registered trademark of Linus Torvalds  •  Contact us