Version:  2.0.40 2.2.26 2.4.37 3.3 3.4 3.5 3.6 3.7 3.8 3.9 3.10 3.11 3.12 3.13 3.14 3.15 3.16 3.17 3.18 3.19

Linux/drivers/input/evdev.c

  1 /*
  2  * Event char devices, giving access to raw input device events.
  3  *
  4  * Copyright (c) 1999-2002 Vojtech Pavlik
  5  *
  6  * This program is free software; you can redistribute it and/or modify it
  7  * under the terms of the GNU General Public License version 2 as published by
  8  * the Free Software Foundation.
  9  */
 10 
 11 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
 12 
 13 #define EVDEV_MINOR_BASE        64
 14 #define EVDEV_MINORS            32
 15 #define EVDEV_MIN_BUFFER_SIZE   64U
 16 #define EVDEV_BUF_PACKETS       8
 17 
 18 #include <linux/poll.h>
 19 #include <linux/sched.h>
 20 #include <linux/slab.h>
 21 #include <linux/vmalloc.h>
 22 #include <linux/mm.h>
 23 #include <linux/module.h>
 24 #include <linux/init.h>
 25 #include <linux/input/mt.h>
 26 #include <linux/major.h>
 27 #include <linux/device.h>
 28 #include <linux/cdev.h>
 29 #include "input-compat.h"
 30 
 31 enum evdev_clock_type {
 32         EV_CLK_REAL = 0,
 33         EV_CLK_MONO,
 34         EV_CLK_BOOT,
 35         EV_CLK_MAX
 36 };
 37 
 38 struct evdev {
 39         int open;
 40         struct input_handle handle;
 41         wait_queue_head_t wait;
 42         struct evdev_client __rcu *grab;
 43         struct list_head client_list;
 44         spinlock_t client_lock; /* protects client_list */
 45         struct mutex mutex;
 46         struct device dev;
 47         struct cdev cdev;
 48         bool exist;
 49 };
 50 
 51 struct evdev_client {
 52         unsigned int head;
 53         unsigned int tail;
 54         unsigned int packet_head; /* [future] position of the first element of next packet */
 55         spinlock_t buffer_lock; /* protects access to buffer, head and tail */
 56         struct fasync_struct *fasync;
 57         struct evdev *evdev;
 58         struct list_head node;
 59         int clk_type;
 60         bool revoked;
 61         unsigned int bufsize;
 62         struct input_event buffer[];
 63 };
 64 
 65 static int evdev_set_clk_type(struct evdev_client *client, unsigned int clkid)
 66 {
 67         switch (clkid) {
 68 
 69         case CLOCK_REALTIME:
 70                 client->clk_type = EV_CLK_REAL;
 71                 break;
 72         case CLOCK_MONOTONIC:
 73                 client->clk_type = EV_CLK_MONO;
 74                 break;
 75         case CLOCK_BOOTTIME:
 76                 client->clk_type = EV_CLK_BOOT;
 77                 break;
 78         default:
 79                 return -EINVAL;
 80         }
 81 
 82         return 0;
 83 }
 84 
 85 /* flush queued events of type @type, caller must hold client->buffer_lock */
 86 static void __evdev_flush_queue(struct evdev_client *client, unsigned int type)
 87 {
 88         unsigned int i, head, num;
 89         unsigned int mask = client->bufsize - 1;
 90         bool is_report;
 91         struct input_event *ev;
 92 
 93         BUG_ON(type == EV_SYN);
 94 
 95         head = client->tail;
 96         client->packet_head = client->tail;
 97 
 98         /* init to 1 so a leading SYN_REPORT will not be dropped */
 99         num = 1;
100 
101         for (i = client->tail; i != client->head; i = (i + 1) & mask) {
102                 ev = &client->buffer[i];
103                 is_report = ev->type == EV_SYN && ev->code == SYN_REPORT;
104 
105                 if (ev->type == type) {
106                         /* drop matched entry */
107                         continue;
108                 } else if (is_report && !num) {
109                         /* drop empty SYN_REPORT groups */
110                         continue;
111                 } else if (head != i) {
112                         /* move entry to fill the gap */
113                         client->buffer[head].time = ev->time;
114                         client->buffer[head].type = ev->type;
115                         client->buffer[head].code = ev->code;
116                         client->buffer[head].value = ev->value;
117                 }
118 
119                 num++;
120                 head = (head + 1) & mask;
121 
122                 if (is_report) {
123                         num = 0;
124                         client->packet_head = head;
125                 }
126         }
127 
128         client->head = head;
129 }
130 
131 /* queue SYN_DROPPED event */
132 static void evdev_queue_syn_dropped(struct evdev_client *client)
133 {
134         unsigned long flags;
135         struct input_event ev;
136         ktime_t time;
137 
138         time = client->clk_type == EV_CLK_REAL ?
139                         ktime_get_real() :
140                         client->clk_type == EV_CLK_MONO ?
141                                 ktime_get() :
142                                 ktime_get_boottime();
143 
144         ev.time = ktime_to_timeval(time);
145         ev.type = EV_SYN;
146         ev.code = SYN_DROPPED;
147         ev.value = 0;
148 
149         spin_lock_irqsave(&client->buffer_lock, flags);
150 
151         client->buffer[client->head++] = ev;
152         client->head &= client->bufsize - 1;
153 
154         if (unlikely(client->head == client->tail)) {
155                 /* drop queue but keep our SYN_DROPPED event */
156                 client->tail = (client->head - 1) & (client->bufsize - 1);
157                 client->packet_head = client->tail;
158         }
159 
160         spin_unlock_irqrestore(&client->buffer_lock, flags);
161 }
162 
163 static void __pass_event(struct evdev_client *client,
164                          const struct input_event *event)
165 {
166         client->buffer[client->head++] = *event;
167         client->head &= client->bufsize - 1;
168 
169         if (unlikely(client->head == client->tail)) {
170                 /*
171                  * This effectively "drops" all unconsumed events, leaving
172                  * EV_SYN/SYN_DROPPED plus the newest event in the queue.
173                  */
174                 client->tail = (client->head - 2) & (client->bufsize - 1);
175 
176                 client->buffer[client->tail].time = event->time;
177                 client->buffer[client->tail].type = EV_SYN;
178                 client->buffer[client->tail].code = SYN_DROPPED;
179                 client->buffer[client->tail].value = 0;
180 
181                 client->packet_head = client->tail;
182         }
183 
184         if (event->type == EV_SYN && event->code == SYN_REPORT) {
185                 client->packet_head = client->head;
186                 kill_fasync(&client->fasync, SIGIO, POLL_IN);
187         }
188 }
189 
190 static void evdev_pass_values(struct evdev_client *client,
191                         const struct input_value *vals, unsigned int count,
192                         ktime_t *ev_time)
193 {
194         struct evdev *evdev = client->evdev;
195         const struct input_value *v;
196         struct input_event event;
197         bool wakeup = false;
198 
199         if (client->revoked)
200                 return;
201 
202         event.time = ktime_to_timeval(ev_time[client->clk_type]);
203 
204         /* Interrupts are disabled, just acquire the lock. */
205         spin_lock(&client->buffer_lock);
206 
207         for (v = vals; v != vals + count; v++) {
208                 event.type = v->type;
209                 event.code = v->code;
210                 event.value = v->value;
211                 __pass_event(client, &event);
212                 if (v->type == EV_SYN && v->code == SYN_REPORT)
213                         wakeup = true;
214         }
215 
216         spin_unlock(&client->buffer_lock);
217 
218         if (wakeup)
219                 wake_up_interruptible(&evdev->wait);
220 }
221 
222 /*
223  * Pass incoming events to all connected clients.
224  */
225 static void evdev_events(struct input_handle *handle,
226                          const struct input_value *vals, unsigned int count)
227 {
228         struct evdev *evdev = handle->private;
229         struct evdev_client *client;
230         ktime_t ev_time[EV_CLK_MAX];
231 
232         ev_time[EV_CLK_MONO] = ktime_get();
233         ev_time[EV_CLK_REAL] = ktime_mono_to_real(ev_time[EV_CLK_MONO]);
234         ev_time[EV_CLK_BOOT] = ktime_mono_to_any(ev_time[EV_CLK_MONO],
235                                                  TK_OFFS_BOOT);
236 
237         rcu_read_lock();
238 
239         client = rcu_dereference(evdev->grab);
240 
241         if (client)
242                 evdev_pass_values(client, vals, count, ev_time);
243         else
244                 list_for_each_entry_rcu(client, &evdev->client_list, node)
245                         evdev_pass_values(client, vals, count, ev_time);
246 
247         rcu_read_unlock();
248 }
249 
250 /*
251  * Pass incoming event to all connected clients.
252  */
253 static void evdev_event(struct input_handle *handle,
254                         unsigned int type, unsigned int code, int value)
255 {
256         struct input_value vals[] = { { type, code, value } };
257 
258         evdev_events(handle, vals, 1);
259 }
260 
261 static int evdev_fasync(int fd, struct file *file, int on)
262 {
263         struct evdev_client *client = file->private_data;
264 
265         return fasync_helper(fd, file, on, &client->fasync);
266 }
267 
268 static int evdev_flush(struct file *file, fl_owner_t id)
269 {
270         struct evdev_client *client = file->private_data;
271         struct evdev *evdev = client->evdev;
272         int retval;
273 
274         retval = mutex_lock_interruptible(&evdev->mutex);
275         if (retval)
276                 return retval;
277 
278         if (!evdev->exist || client->revoked)
279                 retval = -ENODEV;
280         else
281                 retval = input_flush_device(&evdev->handle, file);
282 
283         mutex_unlock(&evdev->mutex);
284         return retval;
285 }
286 
287 static void evdev_free(struct device *dev)
288 {
289         struct evdev *evdev = container_of(dev, struct evdev, dev);
290 
291         input_put_device(evdev->handle.dev);
292         kfree(evdev);
293 }
294 
295 /*
296  * Grabs an event device (along with underlying input device).
297  * This function is called with evdev->mutex taken.
298  */
299 static int evdev_grab(struct evdev *evdev, struct evdev_client *client)
300 {
301         int error;
302 
303         if (evdev->grab)
304                 return -EBUSY;
305 
306         error = input_grab_device(&evdev->handle);
307         if (error)
308                 return error;
309 
310         rcu_assign_pointer(evdev->grab, client);
311 
312         return 0;
313 }
314 
315 static int evdev_ungrab(struct evdev *evdev, struct evdev_client *client)
316 {
317         struct evdev_client *grab = rcu_dereference_protected(evdev->grab,
318                                         lockdep_is_held(&evdev->mutex));
319 
320         if (grab != client)
321                 return  -EINVAL;
322 
323         rcu_assign_pointer(evdev->grab, NULL);
324         synchronize_rcu();
325         input_release_device(&evdev->handle);
326 
327         return 0;
328 }
329 
330 static void evdev_attach_client(struct evdev *evdev,
331                                 struct evdev_client *client)
332 {
333         spin_lock(&evdev->client_lock);
334         list_add_tail_rcu(&client->node, &evdev->client_list);
335         spin_unlock(&evdev->client_lock);
336 }
337 
338 static void evdev_detach_client(struct evdev *evdev,
339                                 struct evdev_client *client)
340 {
341         spin_lock(&evdev->client_lock);
342         list_del_rcu(&client->node);
343         spin_unlock(&evdev->client_lock);
344         synchronize_rcu();
345 }
346 
347 static int evdev_open_device(struct evdev *evdev)
348 {
349         int retval;
350 
351         retval = mutex_lock_interruptible(&evdev->mutex);
352         if (retval)
353                 return retval;
354 
355         if (!evdev->exist)
356                 retval = -ENODEV;
357         else if (!evdev->open++) {
358                 retval = input_open_device(&evdev->handle);
359                 if (retval)
360                         evdev->open--;
361         }
362 
363         mutex_unlock(&evdev->mutex);
364         return retval;
365 }
366 
367 static void evdev_close_device(struct evdev *evdev)
368 {
369         mutex_lock(&evdev->mutex);
370 
371         if (evdev->exist && !--evdev->open)
372                 input_close_device(&evdev->handle);
373 
374         mutex_unlock(&evdev->mutex);
375 }
376 
377 /*
378  * Wake up users waiting for IO so they can disconnect from
379  * dead device.
380  */
381 static void evdev_hangup(struct evdev *evdev)
382 {
383         struct evdev_client *client;
384 
385         spin_lock(&evdev->client_lock);
386         list_for_each_entry(client, &evdev->client_list, node)
387                 kill_fasync(&client->fasync, SIGIO, POLL_HUP);
388         spin_unlock(&evdev->client_lock);
389 
390         wake_up_interruptible(&evdev->wait);
391 }
392 
393 static int evdev_release(struct inode *inode, struct file *file)
394 {
395         struct evdev_client *client = file->private_data;
396         struct evdev *evdev = client->evdev;
397 
398         mutex_lock(&evdev->mutex);
399         evdev_ungrab(evdev, client);
400         mutex_unlock(&evdev->mutex);
401 
402         evdev_detach_client(evdev, client);
403 
404         if (is_vmalloc_addr(client))
405                 vfree(client);
406         else
407                 kfree(client);
408 
409         evdev_close_device(evdev);
410 
411         return 0;
412 }
413 
414 static unsigned int evdev_compute_buffer_size(struct input_dev *dev)
415 {
416         unsigned int n_events =
417                 max(dev->hint_events_per_packet * EVDEV_BUF_PACKETS,
418                     EVDEV_MIN_BUFFER_SIZE);
419 
420         return roundup_pow_of_two(n_events);
421 }
422 
423 static int evdev_open(struct inode *inode, struct file *file)
424 {
425         struct evdev *evdev = container_of(inode->i_cdev, struct evdev, cdev);
426         unsigned int bufsize = evdev_compute_buffer_size(evdev->handle.dev);
427         unsigned int size = sizeof(struct evdev_client) +
428                                         bufsize * sizeof(struct input_event);
429         struct evdev_client *client;
430         int error;
431 
432         client = kzalloc(size, GFP_KERNEL | __GFP_NOWARN);
433         if (!client)
434                 client = vzalloc(size);
435         if (!client)
436                 return -ENOMEM;
437 
438         client->bufsize = bufsize;
439         spin_lock_init(&client->buffer_lock);
440         client->evdev = evdev;
441         evdev_attach_client(evdev, client);
442 
443         error = evdev_open_device(evdev);
444         if (error)
445                 goto err_free_client;
446 
447         file->private_data = client;
448         nonseekable_open(inode, file);
449 
450         return 0;
451 
452  err_free_client:
453         evdev_detach_client(evdev, client);
454         kvfree(client);
455         return error;
456 }
457 
458 static ssize_t evdev_write(struct file *file, const char __user *buffer,
459                            size_t count, loff_t *ppos)
460 {
461         struct evdev_client *client = file->private_data;
462         struct evdev *evdev = client->evdev;
463         struct input_event event;
464         int retval = 0;
465 
466         if (count != 0 && count < input_event_size())
467                 return -EINVAL;
468 
469         retval = mutex_lock_interruptible(&evdev->mutex);
470         if (retval)
471                 return retval;
472 
473         if (!evdev->exist || client->revoked) {
474                 retval = -ENODEV;
475                 goto out;
476         }
477 
478         while (retval + input_event_size() <= count) {
479 
480                 if (input_event_from_user(buffer + retval, &event)) {
481                         retval = -EFAULT;
482                         goto out;
483                 }
484                 retval += input_event_size();
485 
486                 input_inject_event(&evdev->handle,
487                                    event.type, event.code, event.value);
488         }
489 
490  out:
491         mutex_unlock(&evdev->mutex);
492         return retval;
493 }
494 
495 static int evdev_fetch_next_event(struct evdev_client *client,
496                                   struct input_event *event)
497 {
498         int have_event;
499 
500         spin_lock_irq(&client->buffer_lock);
501 
502         have_event = client->packet_head != client->tail;
503         if (have_event) {
504                 *event = client->buffer[client->tail++];
505                 client->tail &= client->bufsize - 1;
506         }
507 
508         spin_unlock_irq(&client->buffer_lock);
509 
510         return have_event;
511 }
512 
513 static ssize_t evdev_read(struct file *file, char __user *buffer,
514                           size_t count, loff_t *ppos)
515 {
516         struct evdev_client *client = file->private_data;
517         struct evdev *evdev = client->evdev;
518         struct input_event event;
519         size_t read = 0;
520         int error;
521 
522         if (count != 0 && count < input_event_size())
523                 return -EINVAL;
524 
525         for (;;) {
526                 if (!evdev->exist || client->revoked)
527                         return -ENODEV;
528 
529                 if (client->packet_head == client->tail &&
530                     (file->f_flags & O_NONBLOCK))
531                         return -EAGAIN;
532 
533                 /*
534                  * count == 0 is special - no IO is done but we check
535                  * for error conditions (see above).
536                  */
537                 if (count == 0)
538                         break;
539 
540                 while (read + input_event_size() <= count &&
541                        evdev_fetch_next_event(client, &event)) {
542 
543                         if (input_event_to_user(buffer + read, &event))
544                                 return -EFAULT;
545 
546                         read += input_event_size();
547                 }
548 
549                 if (read)
550                         break;
551 
552                 if (!(file->f_flags & O_NONBLOCK)) {
553                         error = wait_event_interruptible(evdev->wait,
554                                         client->packet_head != client->tail ||
555                                         !evdev->exist || client->revoked);
556                         if (error)
557                                 return error;
558                 }
559         }
560 
561         return read;
562 }
563 
564 /* No kernel lock - fine */
565 static unsigned int evdev_poll(struct file *file, poll_table *wait)
566 {
567         struct evdev_client *client = file->private_data;
568         struct evdev *evdev = client->evdev;
569         unsigned int mask;
570 
571         poll_wait(file, &evdev->wait, wait);
572 
573         if (evdev->exist && !client->revoked)
574                 mask = POLLOUT | POLLWRNORM;
575         else
576                 mask = POLLHUP | POLLERR;
577 
578         if (client->packet_head != client->tail)
579                 mask |= POLLIN | POLLRDNORM;
580 
581         return mask;
582 }
583 
584 #ifdef CONFIG_COMPAT
585 
586 #define BITS_PER_LONG_COMPAT (sizeof(compat_long_t) * 8)
587 #define BITS_TO_LONGS_COMPAT(x) ((((x) - 1) / BITS_PER_LONG_COMPAT) + 1)
588 
589 #ifdef __BIG_ENDIAN
590 static int bits_to_user(unsigned long *bits, unsigned int maxbit,
591                         unsigned int maxlen, void __user *p, int compat)
592 {
593         int len, i;
594 
595         if (compat) {
596                 len = BITS_TO_LONGS_COMPAT(maxbit) * sizeof(compat_long_t);
597                 if (len > maxlen)
598                         len = maxlen;
599 
600                 for (i = 0; i < len / sizeof(compat_long_t); i++)
601                         if (copy_to_user((compat_long_t __user *) p + i,
602                                          (compat_long_t *) bits +
603                                                 i + 1 - ((i % 2) << 1),
604                                          sizeof(compat_long_t)))
605                                 return -EFAULT;
606         } else {
607                 len = BITS_TO_LONGS(maxbit) * sizeof(long);
608                 if (len > maxlen)
609                         len = maxlen;
610 
611                 if (copy_to_user(p, bits, len))
612                         return -EFAULT;
613         }
614 
615         return len;
616 }
617 #else
618 static int bits_to_user(unsigned long *bits, unsigned int maxbit,
619                         unsigned int maxlen, void __user *p, int compat)
620 {
621         int len = compat ?
622                         BITS_TO_LONGS_COMPAT(maxbit) * sizeof(compat_long_t) :
623                         BITS_TO_LONGS(maxbit) * sizeof(long);
624 
625         if (len > maxlen)
626                 len = maxlen;
627 
628         return copy_to_user(p, bits, len) ? -EFAULT : len;
629 }
630 #endif /* __BIG_ENDIAN */
631 
632 #else
633 
634 static int bits_to_user(unsigned long *bits, unsigned int maxbit,
635                         unsigned int maxlen, void __user *p, int compat)
636 {
637         int len = BITS_TO_LONGS(maxbit) * sizeof(long);
638 
639         if (len > maxlen)
640                 len = maxlen;
641 
642         return copy_to_user(p, bits, len) ? -EFAULT : len;
643 }
644 
645 #endif /* CONFIG_COMPAT */
646 
647 static int str_to_user(const char *str, unsigned int maxlen, void __user *p)
648 {
649         int len;
650 
651         if (!str)
652                 return -ENOENT;
653 
654         len = strlen(str) + 1;
655         if (len > maxlen)
656                 len = maxlen;
657 
658         return copy_to_user(p, str, len) ? -EFAULT : len;
659 }
660 
661 static int handle_eviocgbit(struct input_dev *dev,
662                             unsigned int type, unsigned int size,
663                             void __user *p, int compat_mode)
664 {
665         unsigned long *bits;
666         int len;
667 
668         switch (type) {
669 
670         case      0: bits = dev->evbit;  len = EV_MAX;  break;
671         case EV_KEY: bits = dev->keybit; len = KEY_MAX; break;
672         case EV_REL: bits = dev->relbit; len = REL_MAX; break;
673         case EV_ABS: bits = dev->absbit; len = ABS_MAX; break;
674         case EV_MSC: bits = dev->mscbit; len = MSC_MAX; break;
675         case EV_LED: bits = dev->ledbit; len = LED_MAX; break;
676         case EV_SND: bits = dev->sndbit; len = SND_MAX; break;
677         case EV_FF:  bits = dev->ffbit;  len = FF_MAX;  break;
678         case EV_SW:  bits = dev->swbit;  len = SW_MAX;  break;
679         default: return -EINVAL;
680         }
681 
682         return bits_to_user(bits, len, size, p, compat_mode);
683 }
684 
685 static int evdev_handle_get_keycode(struct input_dev *dev, void __user *p)
686 {
687         struct input_keymap_entry ke = {
688                 .len    = sizeof(unsigned int),
689                 .flags  = 0,
690         };
691         int __user *ip = (int __user *)p;
692         int error;
693 
694         /* legacy case */
695         if (copy_from_user(ke.scancode, p, sizeof(unsigned int)))
696                 return -EFAULT;
697 
698         error = input_get_keycode(dev, &ke);
699         if (error)
700                 return error;
701 
702         if (put_user(ke.keycode, ip + 1))
703                 return -EFAULT;
704 
705         return 0;
706 }
707 
708 static int evdev_handle_get_keycode_v2(struct input_dev *dev, void __user *p)
709 {
710         struct input_keymap_entry ke;
711         int error;
712 
713         if (copy_from_user(&ke, p, sizeof(ke)))
714                 return -EFAULT;
715 
716         error = input_get_keycode(dev, &ke);
717         if (error)
718                 return error;
719 
720         if (copy_to_user(p, &ke, sizeof(ke)))
721                 return -EFAULT;
722 
723         return 0;
724 }
725 
726 static int evdev_handle_set_keycode(struct input_dev *dev, void __user *p)
727 {
728         struct input_keymap_entry ke = {
729                 .len    = sizeof(unsigned int),
730                 .flags  = 0,
731         };
732         int __user *ip = (int __user *)p;
733 
734         if (copy_from_user(ke.scancode, p, sizeof(unsigned int)))
735                 return -EFAULT;
736 
737         if (get_user(ke.keycode, ip + 1))
738                 return -EFAULT;
739 
740         return input_set_keycode(dev, &ke);
741 }
742 
743 static int evdev_handle_set_keycode_v2(struct input_dev *dev, void __user *p)
744 {
745         struct input_keymap_entry ke;
746 
747         if (copy_from_user(&ke, p, sizeof(ke)))
748                 return -EFAULT;
749 
750         if (ke.len > sizeof(ke.scancode))
751                 return -EINVAL;
752 
753         return input_set_keycode(dev, &ke);
754 }
755 
756 /*
757  * If we transfer state to the user, we should flush all pending events
758  * of the same type from the client's queue. Otherwise, they might end up
759  * with duplicate events, which can screw up client's state tracking.
760  * If bits_to_user fails after flushing the queue, we queue a SYN_DROPPED
761  * event so user-space will notice missing events.
762  *
763  * LOCKING:
764  * We need to take event_lock before buffer_lock to avoid dead-locks. But we
765  * need the even_lock only to guarantee consistent state. We can safely release
766  * it while flushing the queue. This allows input-core to handle filters while
767  * we flush the queue.
768  */
769 static int evdev_handle_get_val(struct evdev_client *client,
770                                 struct input_dev *dev, unsigned int type,
771                                 unsigned long *bits, unsigned int maxbit,
772                                 unsigned int maxlen, void __user *p,
773                                 int compat)
774 {
775         int ret;
776         unsigned long *mem;
777         size_t len;
778 
779         len = BITS_TO_LONGS(maxbit) * sizeof(unsigned long);
780         mem = kmalloc(len, GFP_KERNEL);
781         if (!mem)
782                 return -ENOMEM;
783 
784         spin_lock_irq(&dev->event_lock);
785         spin_lock(&client->buffer_lock);
786 
787         memcpy(mem, bits, len);
788 
789         spin_unlock(&dev->event_lock);
790 
791         __evdev_flush_queue(client, type);
792 
793         spin_unlock_irq(&client->buffer_lock);
794 
795         ret = bits_to_user(mem, maxbit, maxlen, p, compat);
796         if (ret < 0)
797                 evdev_queue_syn_dropped(client);
798 
799         kfree(mem);
800 
801         return ret;
802 }
803 
804 static int evdev_handle_mt_request(struct input_dev *dev,
805                                    unsigned int size,
806                                    int __user *ip)
807 {
808         const struct input_mt *mt = dev->mt;
809         unsigned int code;
810         int max_slots;
811         int i;
812 
813         if (get_user(code, &ip[0]))
814                 return -EFAULT;
815         if (!mt || !input_is_mt_value(code))
816                 return -EINVAL;
817 
818         max_slots = (size - sizeof(__u32)) / sizeof(__s32);
819         for (i = 0; i < mt->num_slots && i < max_slots; i++) {
820                 int value = input_mt_get_value(&mt->slots[i], code);
821                 if (put_user(value, &ip[1 + i]))
822                         return -EFAULT;
823         }
824 
825         return 0;
826 }
827 
828 static int evdev_revoke(struct evdev *evdev, struct evdev_client *client,
829                         struct file *file)
830 {
831         client->revoked = true;
832         evdev_ungrab(evdev, client);
833         input_flush_device(&evdev->handle, file);
834         wake_up_interruptible(&evdev->wait);
835 
836         return 0;
837 }
838 
839 static long evdev_do_ioctl(struct file *file, unsigned int cmd,
840                            void __user *p, int compat_mode)
841 {
842         struct evdev_client *client = file->private_data;
843         struct evdev *evdev = client->evdev;
844         struct input_dev *dev = evdev->handle.dev;
845         struct input_absinfo abs;
846         struct ff_effect effect;
847         int __user *ip = (int __user *)p;
848         unsigned int i, t, u, v;
849         unsigned int size;
850         int error;
851 
852         /* First we check for fixed-length commands */
853         switch (cmd) {
854 
855         case EVIOCGVERSION:
856                 return put_user(EV_VERSION, ip);
857 
858         case EVIOCGID:
859                 if (copy_to_user(p, &dev->id, sizeof(struct input_id)))
860                         return -EFAULT;
861                 return 0;
862 
863         case EVIOCGREP:
864                 if (!test_bit(EV_REP, dev->evbit))
865                         return -ENOSYS;
866                 if (put_user(dev->rep[REP_DELAY], ip))
867                         return -EFAULT;
868                 if (put_user(dev->rep[REP_PERIOD], ip + 1))
869                         return -EFAULT;
870                 return 0;
871 
872         case EVIOCSREP:
873                 if (!test_bit(EV_REP, dev->evbit))
874                         return -ENOSYS;
875                 if (get_user(u, ip))
876                         return -EFAULT;
877                 if (get_user(v, ip + 1))
878                         return -EFAULT;
879 
880                 input_inject_event(&evdev->handle, EV_REP, REP_DELAY, u);
881                 input_inject_event(&evdev->handle, EV_REP, REP_PERIOD, v);
882 
883                 return 0;
884 
885         case EVIOCRMFF:
886                 return input_ff_erase(dev, (int)(unsigned long) p, file);
887 
888         case EVIOCGEFFECTS:
889                 i = test_bit(EV_FF, dev->evbit) ?
890                                 dev->ff->max_effects : 0;
891                 if (put_user(i, ip))
892                         return -EFAULT;
893                 return 0;
894 
895         case EVIOCGRAB:
896                 if (p)
897                         return evdev_grab(evdev, client);
898                 else
899                         return evdev_ungrab(evdev, client);
900 
901         case EVIOCREVOKE:
902                 if (p)
903                         return -EINVAL;
904                 else
905                         return evdev_revoke(evdev, client, file);
906 
907         case EVIOCSCLOCKID:
908                 if (copy_from_user(&i, p, sizeof(unsigned int)))
909                         return -EFAULT;
910 
911                 return evdev_set_clk_type(client, i);
912 
913         case EVIOCGKEYCODE:
914                 return evdev_handle_get_keycode(dev, p);
915 
916         case EVIOCSKEYCODE:
917                 return evdev_handle_set_keycode(dev, p);
918 
919         case EVIOCGKEYCODE_V2:
920                 return evdev_handle_get_keycode_v2(dev, p);
921 
922         case EVIOCSKEYCODE_V2:
923                 return evdev_handle_set_keycode_v2(dev, p);
924         }
925 
926         size = _IOC_SIZE(cmd);
927 
928         /* Now check variable-length commands */
929 #define EVIOC_MASK_SIZE(nr)     ((nr) & ~(_IOC_SIZEMASK << _IOC_SIZESHIFT))
930         switch (EVIOC_MASK_SIZE(cmd)) {
931 
932         case EVIOCGPROP(0):
933                 return bits_to_user(dev->propbit, INPUT_PROP_MAX,
934                                     size, p, compat_mode);
935 
936         case EVIOCGMTSLOTS(0):
937                 return evdev_handle_mt_request(dev, size, ip);
938 
939         case EVIOCGKEY(0):
940                 return evdev_handle_get_val(client, dev, EV_KEY, dev->key,
941                                             KEY_MAX, size, p, compat_mode);
942 
943         case EVIOCGLED(0):
944                 return evdev_handle_get_val(client, dev, EV_LED, dev->led,
945                                             LED_MAX, size, p, compat_mode);
946 
947         case EVIOCGSND(0):
948                 return evdev_handle_get_val(client, dev, EV_SND, dev->snd,
949                                             SND_MAX, size, p, compat_mode);
950 
951         case EVIOCGSW(0):
952                 return evdev_handle_get_val(client, dev, EV_SW, dev->sw,
953                                             SW_MAX, size, p, compat_mode);
954 
955         case EVIOCGNAME(0):
956                 return str_to_user(dev->name, size, p);
957 
958         case EVIOCGPHYS(0):
959                 return str_to_user(dev->phys, size, p);
960 
961         case EVIOCGUNIQ(0):
962                 return str_to_user(dev->uniq, size, p);
963 
964         case EVIOC_MASK_SIZE(EVIOCSFF):
965                 if (input_ff_effect_from_user(p, size, &effect))
966                         return -EFAULT;
967 
968                 error = input_ff_upload(dev, &effect, file);
969                 if (error)
970                         return error;
971 
972                 if (put_user(effect.id, &(((struct ff_effect __user *)p)->id)))
973                         return -EFAULT;
974 
975                 return 0;
976         }
977 
978         /* Multi-number variable-length handlers */
979         if (_IOC_TYPE(cmd) != 'E')
980                 return -EINVAL;
981 
982         if (_IOC_DIR(cmd) == _IOC_READ) {
983 
984                 if ((_IOC_NR(cmd) & ~EV_MAX) == _IOC_NR(EVIOCGBIT(0, 0)))
985                         return handle_eviocgbit(dev,
986                                                 _IOC_NR(cmd) & EV_MAX, size,
987                                                 p, compat_mode);
988 
989                 if ((_IOC_NR(cmd) & ~ABS_MAX) == _IOC_NR(EVIOCGABS(0))) {
990 
991                         if (!dev->absinfo)
992                                 return -EINVAL;
993 
994                         t = _IOC_NR(cmd) & ABS_MAX;
995                         abs = dev->absinfo[t];
996 
997                         if (copy_to_user(p, &abs, min_t(size_t,
998                                         size, sizeof(struct input_absinfo))))
999                                 return -EFAULT;
1000 
1001                         return 0;
1002                 }
1003         }
1004 
1005         if (_IOC_DIR(cmd) == _IOC_WRITE) {
1006 
1007                 if ((_IOC_NR(cmd) & ~ABS_MAX) == _IOC_NR(EVIOCSABS(0))) {
1008 
1009                         if (!dev->absinfo)
1010                                 return -EINVAL;
1011 
1012                         t = _IOC_NR(cmd) & ABS_MAX;
1013 
1014                         if (copy_from_user(&abs, p, min_t(size_t,
1015                                         size, sizeof(struct input_absinfo))))
1016                                 return -EFAULT;
1017 
1018                         if (size < sizeof(struct input_absinfo))
1019                                 abs.resolution = 0;
1020 
1021                         /* We can't change number of reserved MT slots */
1022                         if (t == ABS_MT_SLOT)
1023                                 return -EINVAL;
1024 
1025                         /*
1026                          * Take event lock to ensure that we are not
1027                          * changing device parameters in the middle
1028                          * of event.
1029                          */
1030                         spin_lock_irq(&dev->event_lock);
1031                         dev->absinfo[t] = abs;
1032                         spin_unlock_irq(&dev->event_lock);
1033 
1034                         return 0;
1035                 }
1036         }
1037 
1038         return -EINVAL;
1039 }
1040 
1041 static long evdev_ioctl_handler(struct file *file, unsigned int cmd,
1042                                 void __user *p, int compat_mode)
1043 {
1044         struct evdev_client *client = file->private_data;
1045         struct evdev *evdev = client->evdev;
1046         int retval;
1047 
1048         retval = mutex_lock_interruptible(&evdev->mutex);
1049         if (retval)
1050                 return retval;
1051 
1052         if (!evdev->exist || client->revoked) {
1053                 retval = -ENODEV;
1054                 goto out;
1055         }
1056 
1057         retval = evdev_do_ioctl(file, cmd, p, compat_mode);
1058 
1059  out:
1060         mutex_unlock(&evdev->mutex);
1061         return retval;
1062 }
1063 
1064 static long evdev_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
1065 {
1066         return evdev_ioctl_handler(file, cmd, (void __user *)arg, 0);
1067 }
1068 
1069 #ifdef CONFIG_COMPAT
1070 static long evdev_ioctl_compat(struct file *file,
1071                                 unsigned int cmd, unsigned long arg)
1072 {
1073         return evdev_ioctl_handler(file, cmd, compat_ptr(arg), 1);
1074 }
1075 #endif
1076 
1077 static const struct file_operations evdev_fops = {
1078         .owner          = THIS_MODULE,
1079         .read           = evdev_read,
1080         .write          = evdev_write,
1081         .poll           = evdev_poll,
1082         .open           = evdev_open,
1083         .release        = evdev_release,
1084         .unlocked_ioctl = evdev_ioctl,
1085 #ifdef CONFIG_COMPAT
1086         .compat_ioctl   = evdev_ioctl_compat,
1087 #endif
1088         .fasync         = evdev_fasync,
1089         .flush          = evdev_flush,
1090         .llseek         = no_llseek,
1091 };
1092 
1093 /*
1094  * Mark device non-existent. This disables writes, ioctls and
1095  * prevents new users from opening the device. Already posted
1096  * blocking reads will stay, however new ones will fail.
1097  */
1098 static void evdev_mark_dead(struct evdev *evdev)
1099 {
1100         mutex_lock(&evdev->mutex);
1101         evdev->exist = false;
1102         mutex_unlock(&evdev->mutex);
1103 }
1104 
1105 static void evdev_cleanup(struct evdev *evdev)
1106 {
1107         struct input_handle *handle = &evdev->handle;
1108 
1109         evdev_mark_dead(evdev);
1110         evdev_hangup(evdev);
1111 
1112         cdev_del(&evdev->cdev);
1113 
1114         /* evdev is marked dead so no one else accesses evdev->open */
1115         if (evdev->open) {
1116                 input_flush_device(handle, NULL);
1117                 input_close_device(handle);
1118         }
1119 }
1120 
1121 /*
1122  * Create new evdev device. Note that input core serializes calls
1123  * to connect and disconnect.
1124  */
1125 static int evdev_connect(struct input_handler *handler, struct input_dev *dev,
1126                          const struct input_device_id *id)
1127 {
1128         struct evdev *evdev;
1129         int minor;
1130         int dev_no;
1131         int error;
1132 
1133         minor = input_get_new_minor(EVDEV_MINOR_BASE, EVDEV_MINORS, true);
1134         if (minor < 0) {
1135                 error = minor;
1136                 pr_err("failed to reserve new minor: %d\n", error);
1137                 return error;
1138         }
1139 
1140         evdev = kzalloc(sizeof(struct evdev), GFP_KERNEL);
1141         if (!evdev) {
1142                 error = -ENOMEM;
1143                 goto err_free_minor;
1144         }
1145 
1146         INIT_LIST_HEAD(&evdev->client_list);
1147         spin_lock_init(&evdev->client_lock);
1148         mutex_init(&evdev->mutex);
1149         init_waitqueue_head(&evdev->wait);
1150         evdev->exist = true;
1151 
1152         dev_no = minor;
1153         /* Normalize device number if it falls into legacy range */
1154         if (dev_no < EVDEV_MINOR_BASE + EVDEV_MINORS)
1155                 dev_no -= EVDEV_MINOR_BASE;
1156         dev_set_name(&evdev->dev, "event%d", dev_no);
1157 
1158         evdev->handle.dev = input_get_device(dev);
1159         evdev->handle.name = dev_name(&evdev->dev);
1160         evdev->handle.handler = handler;
1161         evdev->handle.private = evdev;
1162 
1163         evdev->dev.devt = MKDEV(INPUT_MAJOR, minor);
1164         evdev->dev.class = &input_class;
1165         evdev->dev.parent = &dev->dev;
1166         evdev->dev.release = evdev_free;
1167         device_initialize(&evdev->dev);
1168 
1169         error = input_register_handle(&evdev->handle);
1170         if (error)
1171                 goto err_free_evdev;
1172 
1173         cdev_init(&evdev->cdev, &evdev_fops);
1174         evdev->cdev.kobj.parent = &evdev->dev.kobj;
1175         error = cdev_add(&evdev->cdev, evdev->dev.devt, 1);
1176         if (error)
1177                 goto err_unregister_handle;
1178 
1179         error = device_add(&evdev->dev);
1180         if (error)
1181                 goto err_cleanup_evdev;
1182 
1183         return 0;
1184 
1185  err_cleanup_evdev:
1186         evdev_cleanup(evdev);
1187  err_unregister_handle:
1188         input_unregister_handle(&evdev->handle);
1189  err_free_evdev:
1190         put_device(&evdev->dev);
1191  err_free_minor:
1192         input_free_minor(minor);
1193         return error;
1194 }
1195 
1196 static void evdev_disconnect(struct input_handle *handle)
1197 {
1198         struct evdev *evdev = handle->private;
1199 
1200         device_del(&evdev->dev);
1201         evdev_cleanup(evdev);
1202         input_free_minor(MINOR(evdev->dev.devt));
1203         input_unregister_handle(handle);
1204         put_device(&evdev->dev);
1205 }
1206 
1207 static const struct input_device_id evdev_ids[] = {
1208         { .driver_info = 1 },   /* Matches all devices */
1209         { },                    /* Terminating zero entry */
1210 };
1211 
1212 MODULE_DEVICE_TABLE(input, evdev_ids);
1213 
1214 static struct input_handler evdev_handler = {
1215         .event          = evdev_event,
1216         .events         = evdev_events,
1217         .connect        = evdev_connect,
1218         .disconnect     = evdev_disconnect,
1219         .legacy_minors  = true,
1220         .minor          = EVDEV_MINOR_BASE,
1221         .name           = "evdev",
1222         .id_table       = evdev_ids,
1223 };
1224 
1225 static int __init evdev_init(void)
1226 {
1227         return input_register_handler(&evdev_handler);
1228 }
1229 
1230 static void __exit evdev_exit(void)
1231 {
1232         input_unregister_handler(&evdev_handler);
1233 }
1234 
1235 module_init(evdev_init);
1236 module_exit(evdev_exit);
1237 
1238 MODULE_AUTHOR("Vojtech Pavlik <vojtech@ucw.cz>");
1239 MODULE_DESCRIPTION("Input driver event char devices");
1240 MODULE_LICENSE("GPL");
1241 

This page was automatically generated by LXR 0.3.1 (source).  •  Linux is a registered trademark of Linus Torvalds  •  Contact us