Version:  2.0.40 2.2.26 2.4.37 3.6 3.7 3.8 3.9 3.10 3.11 3.12 3.13 3.14 3.15 3.16 3.17 3.18 3.19 4.0 4.1 4.2

Linux/drivers/input/evdev.c

  1 /*
  2  * Event char devices, giving access to raw input device events.
  3  *
  4  * Copyright (c) 1999-2002 Vojtech Pavlik
  5  *
  6  * This program is free software; you can redistribute it and/or modify it
  7  * under the terms of the GNU General Public License version 2 as published by
  8  * the Free Software Foundation.
  9  */
 10 
 11 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
 12 
 13 #define EVDEV_MINOR_BASE        64
 14 #define EVDEV_MINORS            32
 15 #define EVDEV_MIN_BUFFER_SIZE   64U
 16 #define EVDEV_BUF_PACKETS       8
 17 
 18 #include <linux/poll.h>
 19 #include <linux/sched.h>
 20 #include <linux/slab.h>
 21 #include <linux/vmalloc.h>
 22 #include <linux/mm.h>
 23 #include <linux/module.h>
 24 #include <linux/init.h>
 25 #include <linux/input/mt.h>
 26 #include <linux/major.h>
 27 #include <linux/device.h>
 28 #include <linux/cdev.h>
 29 #include "input-compat.h"
 30 
 31 enum evdev_clock_type {
 32         EV_CLK_REAL = 0,
 33         EV_CLK_MONO,
 34         EV_CLK_BOOT,
 35         EV_CLK_MAX
 36 };
 37 
 38 struct evdev {
 39         int open;
 40         struct input_handle handle;
 41         wait_queue_head_t wait;
 42         struct evdev_client __rcu *grab;
 43         struct list_head client_list;
 44         spinlock_t client_lock; /* protects client_list */
 45         struct mutex mutex;
 46         struct device dev;
 47         struct cdev cdev;
 48         bool exist;
 49 };
 50 
 51 struct evdev_client {
 52         unsigned int head;
 53         unsigned int tail;
 54         unsigned int packet_head; /* [future] position of the first element of next packet */
 55         spinlock_t buffer_lock; /* protects access to buffer, head and tail */
 56         struct fasync_struct *fasync;
 57         struct evdev *evdev;
 58         struct list_head node;
 59         int clk_type;
 60         bool revoked;
 61         unsigned int bufsize;
 62         struct input_event buffer[];
 63 };
 64 
 65 /* flush queued events of type @type, caller must hold client->buffer_lock */
 66 static void __evdev_flush_queue(struct evdev_client *client, unsigned int type)
 67 {
 68         unsigned int i, head, num;
 69         unsigned int mask = client->bufsize - 1;
 70         bool is_report;
 71         struct input_event *ev;
 72 
 73         BUG_ON(type == EV_SYN);
 74 
 75         head = client->tail;
 76         client->packet_head = client->tail;
 77 
 78         /* init to 1 so a leading SYN_REPORT will not be dropped */
 79         num = 1;
 80 
 81         for (i = client->tail; i != client->head; i = (i + 1) & mask) {
 82                 ev = &client->buffer[i];
 83                 is_report = ev->type == EV_SYN && ev->code == SYN_REPORT;
 84 
 85                 if (ev->type == type) {
 86                         /* drop matched entry */
 87                         continue;
 88                 } else if (is_report && !num) {
 89                         /* drop empty SYN_REPORT groups */
 90                         continue;
 91                 } else if (head != i) {
 92                         /* move entry to fill the gap */
 93                         client->buffer[head].time = ev->time;
 94                         client->buffer[head].type = ev->type;
 95                         client->buffer[head].code = ev->code;
 96                         client->buffer[head].value = ev->value;
 97                 }
 98 
 99                 num++;
100                 head = (head + 1) & mask;
101 
102                 if (is_report) {
103                         num = 0;
104                         client->packet_head = head;
105                 }
106         }
107 
108         client->head = head;
109 }
110 
111 static void __evdev_queue_syn_dropped(struct evdev_client *client)
112 {
113         struct input_event ev;
114         ktime_t time;
115 
116         time = client->clk_type == EV_CLK_REAL ?
117                         ktime_get_real() :
118                         client->clk_type == EV_CLK_MONO ?
119                                 ktime_get() :
120                                 ktime_get_boottime();
121 
122         ev.time = ktime_to_timeval(time);
123         ev.type = EV_SYN;
124         ev.code = SYN_DROPPED;
125         ev.value = 0;
126 
127         client->buffer[client->head++] = ev;
128         client->head &= client->bufsize - 1;
129 
130         if (unlikely(client->head == client->tail)) {
131                 /* drop queue but keep our SYN_DROPPED event */
132                 client->tail = (client->head - 1) & (client->bufsize - 1);
133                 client->packet_head = client->tail;
134         }
135 }
136 
137 static void evdev_queue_syn_dropped(struct evdev_client *client)
138 {
139         unsigned long flags;
140 
141         spin_lock_irqsave(&client->buffer_lock, flags);
142         __evdev_queue_syn_dropped(client);
143         spin_unlock_irqrestore(&client->buffer_lock, flags);
144 }
145 
146 static int evdev_set_clk_type(struct evdev_client *client, unsigned int clkid)
147 {
148         unsigned long flags;
149 
150         if (client->clk_type == clkid)
151                 return 0;
152 
153         switch (clkid) {
154 
155         case CLOCK_REALTIME:
156                 client->clk_type = EV_CLK_REAL;
157                 break;
158         case CLOCK_MONOTONIC:
159                 client->clk_type = EV_CLK_MONO;
160                 break;
161         case CLOCK_BOOTTIME:
162                 client->clk_type = EV_CLK_BOOT;
163                 break;
164         default:
165                 return -EINVAL;
166         }
167 
168         /*
169          * Flush pending events and queue SYN_DROPPED event,
170          * but only if the queue is not empty.
171          */
172         spin_lock_irqsave(&client->buffer_lock, flags);
173 
174         if (client->head != client->tail) {
175                 client->packet_head = client->head = client->tail;
176                 __evdev_queue_syn_dropped(client);
177         }
178 
179         spin_unlock_irqrestore(&client->buffer_lock, flags);
180 
181         return 0;
182 }
183 
184 static void __pass_event(struct evdev_client *client,
185                          const struct input_event *event)
186 {
187         client->buffer[client->head++] = *event;
188         client->head &= client->bufsize - 1;
189 
190         if (unlikely(client->head == client->tail)) {
191                 /*
192                  * This effectively "drops" all unconsumed events, leaving
193                  * EV_SYN/SYN_DROPPED plus the newest event in the queue.
194                  */
195                 client->tail = (client->head - 2) & (client->bufsize - 1);
196 
197                 client->buffer[client->tail].time = event->time;
198                 client->buffer[client->tail].type = EV_SYN;
199                 client->buffer[client->tail].code = SYN_DROPPED;
200                 client->buffer[client->tail].value = 0;
201 
202                 client->packet_head = client->tail;
203         }
204 
205         if (event->type == EV_SYN && event->code == SYN_REPORT) {
206                 client->packet_head = client->head;
207                 kill_fasync(&client->fasync, SIGIO, POLL_IN);
208         }
209 }
210 
211 static void evdev_pass_values(struct evdev_client *client,
212                         const struct input_value *vals, unsigned int count,
213                         ktime_t *ev_time)
214 {
215         struct evdev *evdev = client->evdev;
216         const struct input_value *v;
217         struct input_event event;
218         bool wakeup = false;
219 
220         if (client->revoked)
221                 return;
222 
223         event.time = ktime_to_timeval(ev_time[client->clk_type]);
224 
225         /* Interrupts are disabled, just acquire the lock. */
226         spin_lock(&client->buffer_lock);
227 
228         for (v = vals; v != vals + count; v++) {
229                 event.type = v->type;
230                 event.code = v->code;
231                 event.value = v->value;
232                 __pass_event(client, &event);
233                 if (v->type == EV_SYN && v->code == SYN_REPORT)
234                         wakeup = true;
235         }
236 
237         spin_unlock(&client->buffer_lock);
238 
239         if (wakeup)
240                 wake_up_interruptible(&evdev->wait);
241 }
242 
243 /*
244  * Pass incoming events to all connected clients.
245  */
246 static void evdev_events(struct input_handle *handle,
247                          const struct input_value *vals, unsigned int count)
248 {
249         struct evdev *evdev = handle->private;
250         struct evdev_client *client;
251         ktime_t ev_time[EV_CLK_MAX];
252 
253         ev_time[EV_CLK_MONO] = ktime_get();
254         ev_time[EV_CLK_REAL] = ktime_mono_to_real(ev_time[EV_CLK_MONO]);
255         ev_time[EV_CLK_BOOT] = ktime_mono_to_any(ev_time[EV_CLK_MONO],
256                                                  TK_OFFS_BOOT);
257 
258         rcu_read_lock();
259 
260         client = rcu_dereference(evdev->grab);
261 
262         if (client)
263                 evdev_pass_values(client, vals, count, ev_time);
264         else
265                 list_for_each_entry_rcu(client, &evdev->client_list, node)
266                         evdev_pass_values(client, vals, count, ev_time);
267 
268         rcu_read_unlock();
269 }
270 
271 /*
272  * Pass incoming event to all connected clients.
273  */
274 static void evdev_event(struct input_handle *handle,
275                         unsigned int type, unsigned int code, int value)
276 {
277         struct input_value vals[] = { { type, code, value } };
278 
279         evdev_events(handle, vals, 1);
280 }
281 
282 static int evdev_fasync(int fd, struct file *file, int on)
283 {
284         struct evdev_client *client = file->private_data;
285 
286         return fasync_helper(fd, file, on, &client->fasync);
287 }
288 
289 static int evdev_flush(struct file *file, fl_owner_t id)
290 {
291         struct evdev_client *client = file->private_data;
292         struct evdev *evdev = client->evdev;
293         int retval;
294 
295         retval = mutex_lock_interruptible(&evdev->mutex);
296         if (retval)
297                 return retval;
298 
299         if (!evdev->exist || client->revoked)
300                 retval = -ENODEV;
301         else
302                 retval = input_flush_device(&evdev->handle, file);
303 
304         mutex_unlock(&evdev->mutex);
305         return retval;
306 }
307 
308 static void evdev_free(struct device *dev)
309 {
310         struct evdev *evdev = container_of(dev, struct evdev, dev);
311 
312         input_put_device(evdev->handle.dev);
313         kfree(evdev);
314 }
315 
316 /*
317  * Grabs an event device (along with underlying input device).
318  * This function is called with evdev->mutex taken.
319  */
320 static int evdev_grab(struct evdev *evdev, struct evdev_client *client)
321 {
322         int error;
323 
324         if (evdev->grab)
325                 return -EBUSY;
326 
327         error = input_grab_device(&evdev->handle);
328         if (error)
329                 return error;
330 
331         rcu_assign_pointer(evdev->grab, client);
332 
333         return 0;
334 }
335 
336 static int evdev_ungrab(struct evdev *evdev, struct evdev_client *client)
337 {
338         struct evdev_client *grab = rcu_dereference_protected(evdev->grab,
339                                         lockdep_is_held(&evdev->mutex));
340 
341         if (grab != client)
342                 return  -EINVAL;
343 
344         rcu_assign_pointer(evdev->grab, NULL);
345         synchronize_rcu();
346         input_release_device(&evdev->handle);
347 
348         return 0;
349 }
350 
351 static void evdev_attach_client(struct evdev *evdev,
352                                 struct evdev_client *client)
353 {
354         spin_lock(&evdev->client_lock);
355         list_add_tail_rcu(&client->node, &evdev->client_list);
356         spin_unlock(&evdev->client_lock);
357 }
358 
359 static void evdev_detach_client(struct evdev *evdev,
360                                 struct evdev_client *client)
361 {
362         spin_lock(&evdev->client_lock);
363         list_del_rcu(&client->node);
364         spin_unlock(&evdev->client_lock);
365         synchronize_rcu();
366 }
367 
368 static int evdev_open_device(struct evdev *evdev)
369 {
370         int retval;
371 
372         retval = mutex_lock_interruptible(&evdev->mutex);
373         if (retval)
374                 return retval;
375 
376         if (!evdev->exist)
377                 retval = -ENODEV;
378         else if (!evdev->open++) {
379                 retval = input_open_device(&evdev->handle);
380                 if (retval)
381                         evdev->open--;
382         }
383 
384         mutex_unlock(&evdev->mutex);
385         return retval;
386 }
387 
388 static void evdev_close_device(struct evdev *evdev)
389 {
390         mutex_lock(&evdev->mutex);
391 
392         if (evdev->exist && !--evdev->open)
393                 input_close_device(&evdev->handle);
394 
395         mutex_unlock(&evdev->mutex);
396 }
397 
398 /*
399  * Wake up users waiting for IO so they can disconnect from
400  * dead device.
401  */
402 static void evdev_hangup(struct evdev *evdev)
403 {
404         struct evdev_client *client;
405 
406         spin_lock(&evdev->client_lock);
407         list_for_each_entry(client, &evdev->client_list, node)
408                 kill_fasync(&client->fasync, SIGIO, POLL_HUP);
409         spin_unlock(&evdev->client_lock);
410 
411         wake_up_interruptible(&evdev->wait);
412 }
413 
414 static int evdev_release(struct inode *inode, struct file *file)
415 {
416         struct evdev_client *client = file->private_data;
417         struct evdev *evdev = client->evdev;
418 
419         mutex_lock(&evdev->mutex);
420         evdev_ungrab(evdev, client);
421         mutex_unlock(&evdev->mutex);
422 
423         evdev_detach_client(evdev, client);
424 
425         kvfree(client);
426 
427         evdev_close_device(evdev);
428 
429         return 0;
430 }
431 
432 static unsigned int evdev_compute_buffer_size(struct input_dev *dev)
433 {
434         unsigned int n_events =
435                 max(dev->hint_events_per_packet * EVDEV_BUF_PACKETS,
436                     EVDEV_MIN_BUFFER_SIZE);
437 
438         return roundup_pow_of_two(n_events);
439 }
440 
441 static int evdev_open(struct inode *inode, struct file *file)
442 {
443         struct evdev *evdev = container_of(inode->i_cdev, struct evdev, cdev);
444         unsigned int bufsize = evdev_compute_buffer_size(evdev->handle.dev);
445         unsigned int size = sizeof(struct evdev_client) +
446                                         bufsize * sizeof(struct input_event);
447         struct evdev_client *client;
448         int error;
449 
450         client = kzalloc(size, GFP_KERNEL | __GFP_NOWARN);
451         if (!client)
452                 client = vzalloc(size);
453         if (!client)
454                 return -ENOMEM;
455 
456         client->bufsize = bufsize;
457         spin_lock_init(&client->buffer_lock);
458         client->evdev = evdev;
459         evdev_attach_client(evdev, client);
460 
461         error = evdev_open_device(evdev);
462         if (error)
463                 goto err_free_client;
464 
465         file->private_data = client;
466         nonseekable_open(inode, file);
467 
468         return 0;
469 
470  err_free_client:
471         evdev_detach_client(evdev, client);
472         kvfree(client);
473         return error;
474 }
475 
476 static ssize_t evdev_write(struct file *file, const char __user *buffer,
477                            size_t count, loff_t *ppos)
478 {
479         struct evdev_client *client = file->private_data;
480         struct evdev *evdev = client->evdev;
481         struct input_event event;
482         int retval = 0;
483 
484         if (count != 0 && count < input_event_size())
485                 return -EINVAL;
486 
487         retval = mutex_lock_interruptible(&evdev->mutex);
488         if (retval)
489                 return retval;
490 
491         if (!evdev->exist || client->revoked) {
492                 retval = -ENODEV;
493                 goto out;
494         }
495 
496         while (retval + input_event_size() <= count) {
497 
498                 if (input_event_from_user(buffer + retval, &event)) {
499                         retval = -EFAULT;
500                         goto out;
501                 }
502                 retval += input_event_size();
503 
504                 input_inject_event(&evdev->handle,
505                                    event.type, event.code, event.value);
506         }
507 
508  out:
509         mutex_unlock(&evdev->mutex);
510         return retval;
511 }
512 
513 static int evdev_fetch_next_event(struct evdev_client *client,
514                                   struct input_event *event)
515 {
516         int have_event;
517 
518         spin_lock_irq(&client->buffer_lock);
519 
520         have_event = client->packet_head != client->tail;
521         if (have_event) {
522                 *event = client->buffer[client->tail++];
523                 client->tail &= client->bufsize - 1;
524         }
525 
526         spin_unlock_irq(&client->buffer_lock);
527 
528         return have_event;
529 }
530 
531 static ssize_t evdev_read(struct file *file, char __user *buffer,
532                           size_t count, loff_t *ppos)
533 {
534         struct evdev_client *client = file->private_data;
535         struct evdev *evdev = client->evdev;
536         struct input_event event;
537         size_t read = 0;
538         int error;
539 
540         if (count != 0 && count < input_event_size())
541                 return -EINVAL;
542 
543         for (;;) {
544                 if (!evdev->exist || client->revoked)
545                         return -ENODEV;
546 
547                 if (client->packet_head == client->tail &&
548                     (file->f_flags & O_NONBLOCK))
549                         return -EAGAIN;
550 
551                 /*
552                  * count == 0 is special - no IO is done but we check
553                  * for error conditions (see above).
554                  */
555                 if (count == 0)
556                         break;
557 
558                 while (read + input_event_size() <= count &&
559                        evdev_fetch_next_event(client, &event)) {
560 
561                         if (input_event_to_user(buffer + read, &event))
562                                 return -EFAULT;
563 
564                         read += input_event_size();
565                 }
566 
567                 if (read)
568                         break;
569 
570                 if (!(file->f_flags & O_NONBLOCK)) {
571                         error = wait_event_interruptible(evdev->wait,
572                                         client->packet_head != client->tail ||
573                                         !evdev->exist || client->revoked);
574                         if (error)
575                                 return error;
576                 }
577         }
578 
579         return read;
580 }
581 
582 /* No kernel lock - fine */
583 static unsigned int evdev_poll(struct file *file, poll_table *wait)
584 {
585         struct evdev_client *client = file->private_data;
586         struct evdev *evdev = client->evdev;
587         unsigned int mask;
588 
589         poll_wait(file, &evdev->wait, wait);
590 
591         if (evdev->exist && !client->revoked)
592                 mask = POLLOUT | POLLWRNORM;
593         else
594                 mask = POLLHUP | POLLERR;
595 
596         if (client->packet_head != client->tail)
597                 mask |= POLLIN | POLLRDNORM;
598 
599         return mask;
600 }
601 
602 #ifdef CONFIG_COMPAT
603 
604 #define BITS_PER_LONG_COMPAT (sizeof(compat_long_t) * 8)
605 #define BITS_TO_LONGS_COMPAT(x) ((((x) - 1) / BITS_PER_LONG_COMPAT) + 1)
606 
607 #ifdef __BIG_ENDIAN
608 static int bits_to_user(unsigned long *bits, unsigned int maxbit,
609                         unsigned int maxlen, void __user *p, int compat)
610 {
611         int len, i;
612 
613         if (compat) {
614                 len = BITS_TO_LONGS_COMPAT(maxbit) * sizeof(compat_long_t);
615                 if (len > maxlen)
616                         len = maxlen;
617 
618                 for (i = 0; i < len / sizeof(compat_long_t); i++)
619                         if (copy_to_user((compat_long_t __user *) p + i,
620                                          (compat_long_t *) bits +
621                                                 i + 1 - ((i % 2) << 1),
622                                          sizeof(compat_long_t)))
623                                 return -EFAULT;
624         } else {
625                 len = BITS_TO_LONGS(maxbit) * sizeof(long);
626                 if (len > maxlen)
627                         len = maxlen;
628 
629                 if (copy_to_user(p, bits, len))
630                         return -EFAULT;
631         }
632 
633         return len;
634 }
635 #else
636 static int bits_to_user(unsigned long *bits, unsigned int maxbit,
637                         unsigned int maxlen, void __user *p, int compat)
638 {
639         int len = compat ?
640                         BITS_TO_LONGS_COMPAT(maxbit) * sizeof(compat_long_t) :
641                         BITS_TO_LONGS(maxbit) * sizeof(long);
642 
643         if (len > maxlen)
644                 len = maxlen;
645 
646         return copy_to_user(p, bits, len) ? -EFAULT : len;
647 }
648 #endif /* __BIG_ENDIAN */
649 
650 #else
651 
652 static int bits_to_user(unsigned long *bits, unsigned int maxbit,
653                         unsigned int maxlen, void __user *p, int compat)
654 {
655         int len = BITS_TO_LONGS(maxbit) * sizeof(long);
656 
657         if (len > maxlen)
658                 len = maxlen;
659 
660         return copy_to_user(p, bits, len) ? -EFAULT : len;
661 }
662 
663 #endif /* CONFIG_COMPAT */
664 
665 static int str_to_user(const char *str, unsigned int maxlen, void __user *p)
666 {
667         int len;
668 
669         if (!str)
670                 return -ENOENT;
671 
672         len = strlen(str) + 1;
673         if (len > maxlen)
674                 len = maxlen;
675 
676         return copy_to_user(p, str, len) ? -EFAULT : len;
677 }
678 
679 static int handle_eviocgbit(struct input_dev *dev,
680                             unsigned int type, unsigned int size,
681                             void __user *p, int compat_mode)
682 {
683         unsigned long *bits;
684         int len;
685 
686         switch (type) {
687 
688         case      0: bits = dev->evbit;  len = EV_MAX;  break;
689         case EV_KEY: bits = dev->keybit; len = KEY_MAX; break;
690         case EV_REL: bits = dev->relbit; len = REL_MAX; break;
691         case EV_ABS: bits = dev->absbit; len = ABS_MAX; break;
692         case EV_MSC: bits = dev->mscbit; len = MSC_MAX; break;
693         case EV_LED: bits = dev->ledbit; len = LED_MAX; break;
694         case EV_SND: bits = dev->sndbit; len = SND_MAX; break;
695         case EV_FF:  bits = dev->ffbit;  len = FF_MAX;  break;
696         case EV_SW:  bits = dev->swbit;  len = SW_MAX;  break;
697         default: return -EINVAL;
698         }
699 
700         return bits_to_user(bits, len, size, p, compat_mode);
701 }
702 
703 static int evdev_handle_get_keycode(struct input_dev *dev, void __user *p)
704 {
705         struct input_keymap_entry ke = {
706                 .len    = sizeof(unsigned int),
707                 .flags  = 0,
708         };
709         int __user *ip = (int __user *)p;
710         int error;
711 
712         /* legacy case */
713         if (copy_from_user(ke.scancode, p, sizeof(unsigned int)))
714                 return -EFAULT;
715 
716         error = input_get_keycode(dev, &ke);
717         if (error)
718                 return error;
719 
720         if (put_user(ke.keycode, ip + 1))
721                 return -EFAULT;
722 
723         return 0;
724 }
725 
726 static int evdev_handle_get_keycode_v2(struct input_dev *dev, void __user *p)
727 {
728         struct input_keymap_entry ke;
729         int error;
730 
731         if (copy_from_user(&ke, p, sizeof(ke)))
732                 return -EFAULT;
733 
734         error = input_get_keycode(dev, &ke);
735         if (error)
736                 return error;
737 
738         if (copy_to_user(p, &ke, sizeof(ke)))
739                 return -EFAULT;
740 
741         return 0;
742 }
743 
744 static int evdev_handle_set_keycode(struct input_dev *dev, void __user *p)
745 {
746         struct input_keymap_entry ke = {
747                 .len    = sizeof(unsigned int),
748                 .flags  = 0,
749         };
750         int __user *ip = (int __user *)p;
751 
752         if (copy_from_user(ke.scancode, p, sizeof(unsigned int)))
753                 return -EFAULT;
754 
755         if (get_user(ke.keycode, ip + 1))
756                 return -EFAULT;
757 
758         return input_set_keycode(dev, &ke);
759 }
760 
761 static int evdev_handle_set_keycode_v2(struct input_dev *dev, void __user *p)
762 {
763         struct input_keymap_entry ke;
764 
765         if (copy_from_user(&ke, p, sizeof(ke)))
766                 return -EFAULT;
767 
768         if (ke.len > sizeof(ke.scancode))
769                 return -EINVAL;
770 
771         return input_set_keycode(dev, &ke);
772 }
773 
774 /*
775  * If we transfer state to the user, we should flush all pending events
776  * of the same type from the client's queue. Otherwise, they might end up
777  * with duplicate events, which can screw up client's state tracking.
778  * If bits_to_user fails after flushing the queue, we queue a SYN_DROPPED
779  * event so user-space will notice missing events.
780  *
781  * LOCKING:
782  * We need to take event_lock before buffer_lock to avoid dead-locks. But we
783  * need the even_lock only to guarantee consistent state. We can safely release
784  * it while flushing the queue. This allows input-core to handle filters while
785  * we flush the queue.
786  */
787 static int evdev_handle_get_val(struct evdev_client *client,
788                                 struct input_dev *dev, unsigned int type,
789                                 unsigned long *bits, unsigned int maxbit,
790                                 unsigned int maxlen, void __user *p,
791                                 int compat)
792 {
793         int ret;
794         unsigned long *mem;
795         size_t len;
796 
797         len = BITS_TO_LONGS(maxbit) * sizeof(unsigned long);
798         mem = kmalloc(len, GFP_KERNEL);
799         if (!mem)
800                 return -ENOMEM;
801 
802         spin_lock_irq(&dev->event_lock);
803         spin_lock(&client->buffer_lock);
804 
805         memcpy(mem, bits, len);
806 
807         spin_unlock(&dev->event_lock);
808 
809         __evdev_flush_queue(client, type);
810 
811         spin_unlock_irq(&client->buffer_lock);
812 
813         ret = bits_to_user(mem, maxbit, maxlen, p, compat);
814         if (ret < 0)
815                 evdev_queue_syn_dropped(client);
816 
817         kfree(mem);
818 
819         return ret;
820 }
821 
822 static int evdev_handle_mt_request(struct input_dev *dev,
823                                    unsigned int size,
824                                    int __user *ip)
825 {
826         const struct input_mt *mt = dev->mt;
827         unsigned int code;
828         int max_slots;
829         int i;
830 
831         if (get_user(code, &ip[0]))
832                 return -EFAULT;
833         if (!mt || !input_is_mt_value(code))
834                 return -EINVAL;
835 
836         max_slots = (size - sizeof(__u32)) / sizeof(__s32);
837         for (i = 0; i < mt->num_slots && i < max_slots; i++) {
838                 int value = input_mt_get_value(&mt->slots[i], code);
839                 if (put_user(value, &ip[1 + i]))
840                         return -EFAULT;
841         }
842 
843         return 0;
844 }
845 
846 static int evdev_revoke(struct evdev *evdev, struct evdev_client *client,
847                         struct file *file)
848 {
849         client->revoked = true;
850         evdev_ungrab(evdev, client);
851         input_flush_device(&evdev->handle, file);
852         wake_up_interruptible(&evdev->wait);
853 
854         return 0;
855 }
856 
857 static long evdev_do_ioctl(struct file *file, unsigned int cmd,
858                            void __user *p, int compat_mode)
859 {
860         struct evdev_client *client = file->private_data;
861         struct evdev *evdev = client->evdev;
862         struct input_dev *dev = evdev->handle.dev;
863         struct input_absinfo abs;
864         struct ff_effect effect;
865         int __user *ip = (int __user *)p;
866         unsigned int i, t, u, v;
867         unsigned int size;
868         int error;
869 
870         /* First we check for fixed-length commands */
871         switch (cmd) {
872 
873         case EVIOCGVERSION:
874                 return put_user(EV_VERSION, ip);
875 
876         case EVIOCGID:
877                 if (copy_to_user(p, &dev->id, sizeof(struct input_id)))
878                         return -EFAULT;
879                 return 0;
880 
881         case EVIOCGREP:
882                 if (!test_bit(EV_REP, dev->evbit))
883                         return -ENOSYS;
884                 if (put_user(dev->rep[REP_DELAY], ip))
885                         return -EFAULT;
886                 if (put_user(dev->rep[REP_PERIOD], ip + 1))
887                         return -EFAULT;
888                 return 0;
889 
890         case EVIOCSREP:
891                 if (!test_bit(EV_REP, dev->evbit))
892                         return -ENOSYS;
893                 if (get_user(u, ip))
894                         return -EFAULT;
895                 if (get_user(v, ip + 1))
896                         return -EFAULT;
897 
898                 input_inject_event(&evdev->handle, EV_REP, REP_DELAY, u);
899                 input_inject_event(&evdev->handle, EV_REP, REP_PERIOD, v);
900 
901                 return 0;
902 
903         case EVIOCRMFF:
904                 return input_ff_erase(dev, (int)(unsigned long) p, file);
905 
906         case EVIOCGEFFECTS:
907                 i = test_bit(EV_FF, dev->evbit) ?
908                                 dev->ff->max_effects : 0;
909                 if (put_user(i, ip))
910                         return -EFAULT;
911                 return 0;
912 
913         case EVIOCGRAB:
914                 if (p)
915                         return evdev_grab(evdev, client);
916                 else
917                         return evdev_ungrab(evdev, client);
918 
919         case EVIOCREVOKE:
920                 if (p)
921                         return -EINVAL;
922                 else
923                         return evdev_revoke(evdev, client, file);
924 
925         case EVIOCSCLOCKID:
926                 if (copy_from_user(&i, p, sizeof(unsigned int)))
927                         return -EFAULT;
928 
929                 return evdev_set_clk_type(client, i);
930 
931         case EVIOCGKEYCODE:
932                 return evdev_handle_get_keycode(dev, p);
933 
934         case EVIOCSKEYCODE:
935                 return evdev_handle_set_keycode(dev, p);
936 
937         case EVIOCGKEYCODE_V2:
938                 return evdev_handle_get_keycode_v2(dev, p);
939 
940         case EVIOCSKEYCODE_V2:
941                 return evdev_handle_set_keycode_v2(dev, p);
942         }
943 
944         size = _IOC_SIZE(cmd);
945 
946         /* Now check variable-length commands */
947 #define EVIOC_MASK_SIZE(nr)     ((nr) & ~(_IOC_SIZEMASK << _IOC_SIZESHIFT))
948         switch (EVIOC_MASK_SIZE(cmd)) {
949 
950         case EVIOCGPROP(0):
951                 return bits_to_user(dev->propbit, INPUT_PROP_MAX,
952                                     size, p, compat_mode);
953 
954         case EVIOCGMTSLOTS(0):
955                 return evdev_handle_mt_request(dev, size, ip);
956 
957         case EVIOCGKEY(0):
958                 return evdev_handle_get_val(client, dev, EV_KEY, dev->key,
959                                             KEY_MAX, size, p, compat_mode);
960 
961         case EVIOCGLED(0):
962                 return evdev_handle_get_val(client, dev, EV_LED, dev->led,
963                                             LED_MAX, size, p, compat_mode);
964 
965         case EVIOCGSND(0):
966                 return evdev_handle_get_val(client, dev, EV_SND, dev->snd,
967                                             SND_MAX, size, p, compat_mode);
968 
969         case EVIOCGSW(0):
970                 return evdev_handle_get_val(client, dev, EV_SW, dev->sw,
971                                             SW_MAX, size, p, compat_mode);
972 
973         case EVIOCGNAME(0):
974                 return str_to_user(dev->name, size, p);
975 
976         case EVIOCGPHYS(0):
977                 return str_to_user(dev->phys, size, p);
978 
979         case EVIOCGUNIQ(0):
980                 return str_to_user(dev->uniq, size, p);
981 
982         case EVIOC_MASK_SIZE(EVIOCSFF):
983                 if (input_ff_effect_from_user(p, size, &effect))
984                         return -EFAULT;
985 
986                 error = input_ff_upload(dev, &effect, file);
987                 if (error)
988                         return error;
989 
990                 if (put_user(effect.id, &(((struct ff_effect __user *)p)->id)))
991                         return -EFAULT;
992 
993                 return 0;
994         }
995 
996         /* Multi-number variable-length handlers */
997         if (_IOC_TYPE(cmd) != 'E')
998                 return -EINVAL;
999 
1000         if (_IOC_DIR(cmd) == _IOC_READ) {
1001 
1002                 if ((_IOC_NR(cmd) & ~EV_MAX) == _IOC_NR(EVIOCGBIT(0, 0)))
1003                         return handle_eviocgbit(dev,
1004                                                 _IOC_NR(cmd) & EV_MAX, size,
1005                                                 p, compat_mode);
1006 
1007                 if ((_IOC_NR(cmd) & ~ABS_MAX) == _IOC_NR(EVIOCGABS(0))) {
1008 
1009                         if (!dev->absinfo)
1010                                 return -EINVAL;
1011 
1012                         t = _IOC_NR(cmd) & ABS_MAX;
1013                         abs = dev->absinfo[t];
1014 
1015                         if (copy_to_user(p, &abs, min_t(size_t,
1016                                         size, sizeof(struct input_absinfo))))
1017                                 return -EFAULT;
1018 
1019                         return 0;
1020                 }
1021         }
1022 
1023         if (_IOC_DIR(cmd) == _IOC_WRITE) {
1024 
1025                 if ((_IOC_NR(cmd) & ~ABS_MAX) == _IOC_NR(EVIOCSABS(0))) {
1026 
1027                         if (!dev->absinfo)
1028                                 return -EINVAL;
1029 
1030                         t = _IOC_NR(cmd) & ABS_MAX;
1031 
1032                         if (copy_from_user(&abs, p, min_t(size_t,
1033                                         size, sizeof(struct input_absinfo))))
1034                                 return -EFAULT;
1035 
1036                         if (size < sizeof(struct input_absinfo))
1037                                 abs.resolution = 0;
1038 
1039                         /* We can't change number of reserved MT slots */
1040                         if (t == ABS_MT_SLOT)
1041                                 return -EINVAL;
1042 
1043                         /*
1044                          * Take event lock to ensure that we are not
1045                          * changing device parameters in the middle
1046                          * of event.
1047                          */
1048                         spin_lock_irq(&dev->event_lock);
1049                         dev->absinfo[t] = abs;
1050                         spin_unlock_irq(&dev->event_lock);
1051 
1052                         return 0;
1053                 }
1054         }
1055 
1056         return -EINVAL;
1057 }
1058 
1059 static long evdev_ioctl_handler(struct file *file, unsigned int cmd,
1060                                 void __user *p, int compat_mode)
1061 {
1062         struct evdev_client *client = file->private_data;
1063         struct evdev *evdev = client->evdev;
1064         int retval;
1065 
1066         retval = mutex_lock_interruptible(&evdev->mutex);
1067         if (retval)
1068                 return retval;
1069 
1070         if (!evdev->exist || client->revoked) {
1071                 retval = -ENODEV;
1072                 goto out;
1073         }
1074 
1075         retval = evdev_do_ioctl(file, cmd, p, compat_mode);
1076 
1077  out:
1078         mutex_unlock(&evdev->mutex);
1079         return retval;
1080 }
1081 
1082 static long evdev_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
1083 {
1084         return evdev_ioctl_handler(file, cmd, (void __user *)arg, 0);
1085 }
1086 
1087 #ifdef CONFIG_COMPAT
1088 static long evdev_ioctl_compat(struct file *file,
1089                                 unsigned int cmd, unsigned long arg)
1090 {
1091         return evdev_ioctl_handler(file, cmd, compat_ptr(arg), 1);
1092 }
1093 #endif
1094 
1095 static const struct file_operations evdev_fops = {
1096         .owner          = THIS_MODULE,
1097         .read           = evdev_read,
1098         .write          = evdev_write,
1099         .poll           = evdev_poll,
1100         .open           = evdev_open,
1101         .release        = evdev_release,
1102         .unlocked_ioctl = evdev_ioctl,
1103 #ifdef CONFIG_COMPAT
1104         .compat_ioctl   = evdev_ioctl_compat,
1105 #endif
1106         .fasync         = evdev_fasync,
1107         .flush          = evdev_flush,
1108         .llseek         = no_llseek,
1109 };
1110 
1111 /*
1112  * Mark device non-existent. This disables writes, ioctls and
1113  * prevents new users from opening the device. Already posted
1114  * blocking reads will stay, however new ones will fail.
1115  */
1116 static void evdev_mark_dead(struct evdev *evdev)
1117 {
1118         mutex_lock(&evdev->mutex);
1119         evdev->exist = false;
1120         mutex_unlock(&evdev->mutex);
1121 }
1122 
1123 static void evdev_cleanup(struct evdev *evdev)
1124 {
1125         struct input_handle *handle = &evdev->handle;
1126 
1127         evdev_mark_dead(evdev);
1128         evdev_hangup(evdev);
1129 
1130         cdev_del(&evdev->cdev);
1131 
1132         /* evdev is marked dead so no one else accesses evdev->open */
1133         if (evdev->open) {
1134                 input_flush_device(handle, NULL);
1135                 input_close_device(handle);
1136         }
1137 }
1138 
1139 /*
1140  * Create new evdev device. Note that input core serializes calls
1141  * to connect and disconnect.
1142  */
1143 static int evdev_connect(struct input_handler *handler, struct input_dev *dev,
1144                          const struct input_device_id *id)
1145 {
1146         struct evdev *evdev;
1147         int minor;
1148         int dev_no;
1149         int error;
1150 
1151         minor = input_get_new_minor(EVDEV_MINOR_BASE, EVDEV_MINORS, true);
1152         if (minor < 0) {
1153                 error = minor;
1154                 pr_err("failed to reserve new minor: %d\n", error);
1155                 return error;
1156         }
1157 
1158         evdev = kzalloc(sizeof(struct evdev), GFP_KERNEL);
1159         if (!evdev) {
1160                 error = -ENOMEM;
1161                 goto err_free_minor;
1162         }
1163 
1164         INIT_LIST_HEAD(&evdev->client_list);
1165         spin_lock_init(&evdev->client_lock);
1166         mutex_init(&evdev->mutex);
1167         init_waitqueue_head(&evdev->wait);
1168         evdev->exist = true;
1169 
1170         dev_no = minor;
1171         /* Normalize device number if it falls into legacy range */
1172         if (dev_no < EVDEV_MINOR_BASE + EVDEV_MINORS)
1173                 dev_no -= EVDEV_MINOR_BASE;
1174         dev_set_name(&evdev->dev, "event%d", dev_no);
1175 
1176         evdev->handle.dev = input_get_device(dev);
1177         evdev->handle.name = dev_name(&evdev->dev);
1178         evdev->handle.handler = handler;
1179         evdev->handle.private = evdev;
1180 
1181         evdev->dev.devt = MKDEV(INPUT_MAJOR, minor);
1182         evdev->dev.class = &input_class;
1183         evdev->dev.parent = &dev->dev;
1184         evdev->dev.release = evdev_free;
1185         device_initialize(&evdev->dev);
1186 
1187         error = input_register_handle(&evdev->handle);
1188         if (error)
1189                 goto err_free_evdev;
1190 
1191         cdev_init(&evdev->cdev, &evdev_fops);
1192         evdev->cdev.kobj.parent = &evdev->dev.kobj;
1193         error = cdev_add(&evdev->cdev, evdev->dev.devt, 1);
1194         if (error)
1195                 goto err_unregister_handle;
1196 
1197         error = device_add(&evdev->dev);
1198         if (error)
1199                 goto err_cleanup_evdev;
1200 
1201         return 0;
1202 
1203  err_cleanup_evdev:
1204         evdev_cleanup(evdev);
1205  err_unregister_handle:
1206         input_unregister_handle(&evdev->handle);
1207  err_free_evdev:
1208         put_device(&evdev->dev);
1209  err_free_minor:
1210         input_free_minor(minor);
1211         return error;
1212 }
1213 
1214 static void evdev_disconnect(struct input_handle *handle)
1215 {
1216         struct evdev *evdev = handle->private;
1217 
1218         device_del(&evdev->dev);
1219         evdev_cleanup(evdev);
1220         input_free_minor(MINOR(evdev->dev.devt));
1221         input_unregister_handle(handle);
1222         put_device(&evdev->dev);
1223 }
1224 
1225 static const struct input_device_id evdev_ids[] = {
1226         { .driver_info = 1 },   /* Matches all devices */
1227         { },                    /* Terminating zero entry */
1228 };
1229 
1230 MODULE_DEVICE_TABLE(input, evdev_ids);
1231 
1232 static struct input_handler evdev_handler = {
1233         .event          = evdev_event,
1234         .events         = evdev_events,
1235         .connect        = evdev_connect,
1236         .disconnect     = evdev_disconnect,
1237         .legacy_minors  = true,
1238         .minor          = EVDEV_MINOR_BASE,
1239         .name           = "evdev",
1240         .id_table       = evdev_ids,
1241 };
1242 
1243 static int __init evdev_init(void)
1244 {
1245         return input_register_handler(&evdev_handler);
1246 }
1247 
1248 static void __exit evdev_exit(void)
1249 {
1250         input_unregister_handler(&evdev_handler);
1251 }
1252 
1253 module_init(evdev_init);
1254 module_exit(evdev_exit);
1255 
1256 MODULE_AUTHOR("Vojtech Pavlik <vojtech@ucw.cz>");
1257 MODULE_DESCRIPTION("Input driver event char devices");
1258 MODULE_LICENSE("GPL");
1259 

This page was automatically generated by LXR 0.3.1 (source).  •  Linux is a registered trademark of Linus Torvalds  •  Contact us