017fc20167d41c1a9eb168ea8c980d8793817054
[linux-2.6.git] / drivers / hid / hid-core.c
1 /*
2  *  HID support for Linux
3  *
4  *  Copyright (c) 1999 Andreas Gal
5  *  Copyright (c) 2000-2005 Vojtech Pavlik <vojtech@suse.cz>
6  *  Copyright (c) 2005 Michael Haboustak <mike-@cinci.rr.com> for Concept2, Inc
7  *  Copyright (c) 2006-2007 Jiri Kosina
8  */
9
10 /*
11  * This program is free software; you can redistribute it and/or modify it
12  * under the terms of the GNU General Public License as published by the Free
13  * Software Foundation; either version 2 of the License, or (at your option)
14  * any later version.
15  */
16
17 #include <linux/module.h>
18 #include <linux/slab.h>
19 #include <linux/init.h>
20 #include <linux/kernel.h>
21 #include <linux/list.h>
22 #include <linux/mm.h>
23 #include <linux/spinlock.h>
24 #include <asm/unaligned.h>
25 #include <asm/byteorder.h>
26 #include <linux/input.h>
27 #include <linux/wait.h>
28 #include <linux/vmalloc.h>
29 #include <linux/sched.h>
30
31 #include <linux/hid.h>
32 #include <linux/hiddev.h>
33 #include <linux/hid-debug.h>
34 #include <linux/hidraw.h>
35
36 /*
37  * Version Information
38  */
39
40 #define DRIVER_VERSION "v2.6"
41 #define DRIVER_AUTHOR "Andreas Gal, Vojtech Pavlik, Jiri Kosina"
42 #define DRIVER_DESC "HID core driver"
43 #define DRIVER_LICENSE "GPL"
44
45 #ifdef CONFIG_HID_DEBUG
46 int hid_debug = 0;
47 module_param_named(debug, hid_debug, int, 0600);
48 MODULE_PARM_DESC(debug, "HID debugging (0=off, 1=probing info, 2=continuous data dumping)");
49 EXPORT_SYMBOL_GPL(hid_debug);
50 #endif
51
52 /*
53  * Register a new report for a device.
54  */
55
56 static struct hid_report *hid_register_report(struct hid_device *device, unsigned type, unsigned id)
57 {
58         struct hid_report_enum *report_enum = device->report_enum + type;
59         struct hid_report *report;
60
61         if (report_enum->report_id_hash[id])
62                 return report_enum->report_id_hash[id];
63
64         if (!(report = kzalloc(sizeof(struct hid_report), GFP_KERNEL)))
65                 return NULL;
66
67         if (id != 0)
68                 report_enum->numbered = 1;
69
70         report->id = id;
71         report->type = type;
72         report->size = 0;
73         report->device = device;
74         report_enum->report_id_hash[id] = report;
75
76         list_add_tail(&report->list, &report_enum->report_list);
77
78         return report;
79 }
80
81 /*
82  * Register a new field for this report.
83  */
84
85 static struct hid_field *hid_register_field(struct hid_report *report, unsigned usages, unsigned values)
86 {
87         struct hid_field *field;
88
89         if (report->maxfield == HID_MAX_FIELDS) {
90                 dbg_hid("too many fields in report\n");
91                 return NULL;
92         }
93
94         if (!(field = kzalloc(sizeof(struct hid_field) + usages * sizeof(struct hid_usage)
95                 + values * sizeof(unsigned), GFP_KERNEL))) return NULL;
96
97         field->index = report->maxfield++;
98         report->field[field->index] = field;
99         field->usage = (struct hid_usage *)(field + 1);
100         field->value = (s32 *)(field->usage + usages);
101         field->report = report;
102
103         return field;
104 }
105
106 /*
107  * Open a collection. The type/usage is pushed on the stack.
108  */
109
110 static int open_collection(struct hid_parser *parser, unsigned type)
111 {
112         struct hid_collection *collection;
113         unsigned usage;
114
115         usage = parser->local.usage[0];
116
117         if (parser->collection_stack_ptr == HID_COLLECTION_STACK_SIZE) {
118                 dbg_hid("collection stack overflow\n");
119                 return -1;
120         }
121
122         if (parser->device->maxcollection == parser->device->collection_size) {
123                 collection = kmalloc(sizeof(struct hid_collection) *
124                                 parser->device->collection_size * 2, GFP_KERNEL);
125                 if (collection == NULL) {
126                         dbg_hid("failed to reallocate collection array\n");
127                         return -1;
128                 }
129                 memcpy(collection, parser->device->collection,
130                         sizeof(struct hid_collection) *
131                         parser->device->collection_size);
132                 memset(collection + parser->device->collection_size, 0,
133                         sizeof(struct hid_collection) *
134                         parser->device->collection_size);
135                 kfree(parser->device->collection);
136                 parser->device->collection = collection;
137                 parser->device->collection_size *= 2;
138         }
139
140         parser->collection_stack[parser->collection_stack_ptr++] =
141                 parser->device->maxcollection;
142
143         collection = parser->device->collection +
144                 parser->device->maxcollection++;
145         collection->type = type;
146         collection->usage = usage;
147         collection->level = parser->collection_stack_ptr - 1;
148
149         if (type == HID_COLLECTION_APPLICATION)
150                 parser->device->maxapplication++;
151
152         return 0;
153 }
154
155 /*
156  * Close a collection.
157  */
158
159 static int close_collection(struct hid_parser *parser)
160 {
161         if (!parser->collection_stack_ptr) {
162                 dbg_hid("collection stack underflow\n");
163                 return -1;
164         }
165         parser->collection_stack_ptr--;
166         return 0;
167 }
168
169 /*
170  * Climb up the stack, search for the specified collection type
171  * and return the usage.
172  */
173
174 static unsigned hid_lookup_collection(struct hid_parser *parser, unsigned type)
175 {
176         int n;
177         for (n = parser->collection_stack_ptr - 1; n >= 0; n--)
178                 if (parser->device->collection[parser->collection_stack[n]].type == type)
179                         return parser->device->collection[parser->collection_stack[n]].usage;
180         return 0; /* we know nothing about this usage type */
181 }
182
183 /*
184  * Add a usage to the temporary parser table.
185  */
186
187 static int hid_add_usage(struct hid_parser *parser, unsigned usage)
188 {
189         if (parser->local.usage_index >= HID_MAX_USAGES) {
190                 dbg_hid("usage index exceeded\n");
191                 return -1;
192         }
193         parser->local.usage[parser->local.usage_index] = usage;
194         parser->local.collection_index[parser->local.usage_index] =
195                 parser->collection_stack_ptr ?
196                 parser->collection_stack[parser->collection_stack_ptr - 1] : 0;
197         parser->local.usage_index++;
198         return 0;
199 }
200
201 /*
202  * Register a new field for this report.
203  */
204
205 static int hid_add_field(struct hid_parser *parser, unsigned report_type, unsigned flags)
206 {
207         struct hid_report *report;
208         struct hid_field *field;
209         int usages;
210         unsigned offset;
211         int i;
212
213         if (!(report = hid_register_report(parser->device, report_type, parser->global.report_id))) {
214                 dbg_hid("hid_register_report failed\n");
215                 return -1;
216         }
217
218         if (parser->global.logical_maximum < parser->global.logical_minimum) {
219                 dbg_hid("logical range invalid %d %d\n", parser->global.logical_minimum, parser->global.logical_maximum);
220                 return -1;
221         }
222
223         offset = report->size;
224         report->size += parser->global.report_size * parser->global.report_count;
225
226         if (!parser->local.usage_index) /* Ignore padding fields */
227                 return 0;
228
229         usages = max_t(int, parser->local.usage_index, parser->global.report_count);
230
231         if ((field = hid_register_field(report, usages, parser->global.report_count)) == NULL)
232                 return 0;
233
234         field->physical = hid_lookup_collection(parser, HID_COLLECTION_PHYSICAL);
235         field->logical = hid_lookup_collection(parser, HID_COLLECTION_LOGICAL);
236         field->application = hid_lookup_collection(parser, HID_COLLECTION_APPLICATION);
237
238         for (i = 0; i < usages; i++) {
239                 int j = i;
240                 /* Duplicate the last usage we parsed if we have excess values */
241                 if (i >= parser->local.usage_index)
242                         j = parser->local.usage_index - 1;
243                 field->usage[i].hid = parser->local.usage[j];
244                 field->usage[i].collection_index =
245                         parser->local.collection_index[j];
246         }
247
248         field->maxusage = usages;
249         field->flags = flags;
250         field->report_offset = offset;
251         field->report_type = report_type;
252         field->report_size = parser->global.report_size;
253         field->report_count = parser->global.report_count;
254         field->logical_minimum = parser->global.logical_minimum;
255         field->logical_maximum = parser->global.logical_maximum;
256         field->physical_minimum = parser->global.physical_minimum;
257         field->physical_maximum = parser->global.physical_maximum;
258         field->unit_exponent = parser->global.unit_exponent;
259         field->unit = parser->global.unit;
260
261         return 0;
262 }
263
264 /*
265  * Read data value from item.
266  */
267
268 static u32 item_udata(struct hid_item *item)
269 {
270         switch (item->size) {
271                 case 1: return item->data.u8;
272                 case 2: return item->data.u16;
273                 case 4: return item->data.u32;
274         }
275         return 0;
276 }
277
278 static s32 item_sdata(struct hid_item *item)
279 {
280         switch (item->size) {
281                 case 1: return item->data.s8;
282                 case 2: return item->data.s16;
283                 case 4: return item->data.s32;
284         }
285         return 0;
286 }
287
288 /*
289  * Process a global item.
290  */
291
292 static int hid_parser_global(struct hid_parser *parser, struct hid_item *item)
293 {
294         switch (item->tag) {
295
296                 case HID_GLOBAL_ITEM_TAG_PUSH:
297
298                         if (parser->global_stack_ptr == HID_GLOBAL_STACK_SIZE) {
299                                 dbg_hid("global enviroment stack overflow\n");
300                                 return -1;
301                         }
302
303                         memcpy(parser->global_stack + parser->global_stack_ptr++,
304                                 &parser->global, sizeof(struct hid_global));
305                         return 0;
306
307                 case HID_GLOBAL_ITEM_TAG_POP:
308
309                         if (!parser->global_stack_ptr) {
310                                 dbg_hid("global enviroment stack underflow\n");
311                                 return -1;
312                         }
313
314                         memcpy(&parser->global, parser->global_stack + --parser->global_stack_ptr,
315                                 sizeof(struct hid_global));
316                         return 0;
317
318                 case HID_GLOBAL_ITEM_TAG_USAGE_PAGE:
319                         parser->global.usage_page = item_udata(item);
320                         return 0;
321
322                 case HID_GLOBAL_ITEM_TAG_LOGICAL_MINIMUM:
323                         parser->global.logical_minimum = item_sdata(item);
324                         return 0;
325
326                 case HID_GLOBAL_ITEM_TAG_LOGICAL_MAXIMUM:
327                         if (parser->global.logical_minimum < 0)
328                                 parser->global.logical_maximum = item_sdata(item);
329                         else
330                                 parser->global.logical_maximum = item_udata(item);
331                         return 0;
332
333                 case HID_GLOBAL_ITEM_TAG_PHYSICAL_MINIMUM:
334                         parser->global.physical_minimum = item_sdata(item);
335                         return 0;
336
337                 case HID_GLOBAL_ITEM_TAG_PHYSICAL_MAXIMUM:
338                         if (parser->global.physical_minimum < 0)
339                                 parser->global.physical_maximum = item_sdata(item);
340                         else
341                                 parser->global.physical_maximum = item_udata(item);
342                         return 0;
343
344                 case HID_GLOBAL_ITEM_TAG_UNIT_EXPONENT:
345                         parser->global.unit_exponent = item_sdata(item);
346                         return 0;
347
348                 case HID_GLOBAL_ITEM_TAG_UNIT:
349                         parser->global.unit = item_udata(item);
350                         return 0;
351
352                 case HID_GLOBAL_ITEM_TAG_REPORT_SIZE:
353                         if ((parser->global.report_size = item_udata(item)) > 32) {
354                                 dbg_hid("invalid report_size %d\n", parser->global.report_size);
355                                 return -1;
356                         }
357                         return 0;
358
359                 case HID_GLOBAL_ITEM_TAG_REPORT_COUNT:
360                         if ((parser->global.report_count = item_udata(item)) > HID_MAX_USAGES) {
361                                 dbg_hid("invalid report_count %d\n", parser->global.report_count);
362                                 return -1;
363                         }
364                         return 0;
365
366                 case HID_GLOBAL_ITEM_TAG_REPORT_ID:
367                         if ((parser->global.report_id = item_udata(item)) == 0) {
368                                 dbg_hid("report_id 0 is invalid\n");
369                                 return -1;
370                         }
371                         return 0;
372
373                 default:
374                         dbg_hid("unknown global tag 0x%x\n", item->tag);
375                         return -1;
376         }
377 }
378
379 /*
380  * Process a local item.
381  */
382
383 static int hid_parser_local(struct hid_parser *parser, struct hid_item *item)
384 {
385         __u32 data;
386         unsigned n;
387
388         if (item->size == 0) {
389                 dbg_hid("item data expected for local item\n");
390                 return -1;
391         }
392
393         data = item_udata(item);
394
395         switch (item->tag) {
396
397                 case HID_LOCAL_ITEM_TAG_DELIMITER:
398
399                         if (data) {
400                                 /*
401                                  * We treat items before the first delimiter
402                                  * as global to all usage sets (branch 0).
403                                  * In the moment we process only these global
404                                  * items and the first delimiter set.
405                                  */
406                                 if (parser->local.delimiter_depth != 0) {
407                                         dbg_hid("nested delimiters\n");
408                                         return -1;
409                                 }
410                                 parser->local.delimiter_depth++;
411                                 parser->local.delimiter_branch++;
412                         } else {
413                                 if (parser->local.delimiter_depth < 1) {
414                                         dbg_hid("bogus close delimiter\n");
415                                         return -1;
416                                 }
417                                 parser->local.delimiter_depth--;
418                         }
419                         return 1;
420
421                 case HID_LOCAL_ITEM_TAG_USAGE:
422
423                         if (parser->local.delimiter_branch > 1) {
424                                 dbg_hid("alternative usage ignored\n");
425                                 return 0;
426                         }
427
428                         if (item->size <= 2)
429                                 data = (parser->global.usage_page << 16) + data;
430
431                         return hid_add_usage(parser, data);
432
433                 case HID_LOCAL_ITEM_TAG_USAGE_MINIMUM:
434
435                         if (parser->local.delimiter_branch > 1) {
436                                 dbg_hid("alternative usage ignored\n");
437                                 return 0;
438                         }
439
440                         if (item->size <= 2)
441                                 data = (parser->global.usage_page << 16) + data;
442
443                         parser->local.usage_minimum = data;
444                         return 0;
445
446                 case HID_LOCAL_ITEM_TAG_USAGE_MAXIMUM:
447
448                         if (parser->local.delimiter_branch > 1) {
449                                 dbg_hid("alternative usage ignored\n");
450                                 return 0;
451                         }
452
453                         if (item->size <= 2)
454                                 data = (parser->global.usage_page << 16) + data;
455
456                         for (n = parser->local.usage_minimum; n <= data; n++)
457                                 if (hid_add_usage(parser, n)) {
458                                         dbg_hid("hid_add_usage failed\n");
459                                         return -1;
460                                 }
461                         return 0;
462
463                 default:
464
465                         dbg_hid("unknown local item tag 0x%x\n", item->tag);
466                         return 0;
467         }
468         return 0;
469 }
470
471 /*
472  * Process a main item.
473  */
474
475 static int hid_parser_main(struct hid_parser *parser, struct hid_item *item)
476 {
477         __u32 data;
478         int ret;
479
480         data = item_udata(item);
481
482         switch (item->tag) {
483                 case HID_MAIN_ITEM_TAG_BEGIN_COLLECTION:
484                         ret = open_collection(parser, data & 0xff);
485                         break;
486                 case HID_MAIN_ITEM_TAG_END_COLLECTION:
487                         ret = close_collection(parser);
488                         break;
489                 case HID_MAIN_ITEM_TAG_INPUT:
490                         ret = hid_add_field(parser, HID_INPUT_REPORT, data);
491                         break;
492                 case HID_MAIN_ITEM_TAG_OUTPUT:
493                         ret = hid_add_field(parser, HID_OUTPUT_REPORT, data);
494                         break;
495                 case HID_MAIN_ITEM_TAG_FEATURE:
496                         ret = hid_add_field(parser, HID_FEATURE_REPORT, data);
497                         break;
498                 default:
499                         dbg_hid("unknown main item tag 0x%x\n", item->tag);
500                         ret = 0;
501         }
502
503         memset(&parser->local, 0, sizeof(parser->local));       /* Reset the local parser environment */
504
505         return ret;
506 }
507
508 /*
509  * Process a reserved item.
510  */
511
512 static int hid_parser_reserved(struct hid_parser *parser, struct hid_item *item)
513 {
514         dbg_hid("reserved item type, tag 0x%x\n", item->tag);
515         return 0;
516 }
517
518 /*
519  * Free a report and all registered fields. The field->usage and
520  * field->value table's are allocated behind the field, so we need
521  * only to free(field) itself.
522  */
523
524 static void hid_free_report(struct hid_report *report)
525 {
526         unsigned n;
527
528         for (n = 0; n < report->maxfield; n++)
529                 kfree(report->field[n]);
530         kfree(report);
531 }
532
533 /*
534  * Free a device structure, all reports, and all fields.
535  */
536
537 static void hid_device_release(struct device *dev)
538 {
539         struct hid_device *device = container_of(dev, struct hid_device, dev);
540         unsigned i, j;
541
542         for (i = 0; i < HID_REPORT_TYPES; i++) {
543                 struct hid_report_enum *report_enum = device->report_enum + i;
544
545                 for (j = 0; j < 256; j++) {
546                         struct hid_report *report = report_enum->report_id_hash[j];
547                         if (report)
548                                 hid_free_report(report);
549                 }
550         }
551
552         kfree(device->rdesc);
553         kfree(device->collection);
554         kfree(device);
555 }
556
557 /*
558  * Fetch a report description item from the data stream. We support long
559  * items, though they are not used yet.
560  */
561
562 static u8 *fetch_item(__u8 *start, __u8 *end, struct hid_item *item)
563 {
564         u8 b;
565
566         if ((end - start) <= 0)
567                 return NULL;
568
569         b = *start++;
570
571         item->type = (b >> 2) & 3;
572         item->tag  = (b >> 4) & 15;
573
574         if (item->tag == HID_ITEM_TAG_LONG) {
575
576                 item->format = HID_ITEM_FORMAT_LONG;
577
578                 if ((end - start) < 2)
579                         return NULL;
580
581                 item->size = *start++;
582                 item->tag  = *start++;
583
584                 if ((end - start) < item->size)
585                         return NULL;
586
587                 item->data.longdata = start;
588                 start += item->size;
589                 return start;
590         }
591
592         item->format = HID_ITEM_FORMAT_SHORT;
593         item->size = b & 3;
594
595         switch (item->size) {
596
597                 case 0:
598                         return start;
599
600                 case 1:
601                         if ((end - start) < 1)
602                                 return NULL;
603                         item->data.u8 = *start++;
604                         return start;
605
606                 case 2:
607                         if ((end - start) < 2)
608                                 return NULL;
609                         item->data.u16 = get_unaligned_le16(start);
610                         start = (__u8 *)((__le16 *)start + 1);
611                         return start;
612
613                 case 3:
614                         item->size++;
615                         if ((end - start) < 4)
616                                 return NULL;
617                         item->data.u32 = get_unaligned_le32(start);
618                         start = (__u8 *)((__le32 *)start + 1);
619                         return start;
620         }
621
622         return NULL;
623 }
624
625 /**
626  * hid_parse_report - parse device report
627  *
628  * @device: hid device
629  * @start: report start
630  * @size: report size
631  *
632  * Parse a report description into a hid_device structure. Reports are
633  * enumerated, fields are attached to these reports.
634  * 0 returned on success, otherwise nonzero error value.
635  */
636 int hid_parse_report(struct hid_device *device, __u8 *start,
637                 unsigned size)
638 {
639         struct hid_parser *parser;
640         struct hid_item item;
641         __u8 *end;
642         int ret;
643         static int (*dispatch_type[])(struct hid_parser *parser,
644                                       struct hid_item *item) = {
645                 hid_parser_main,
646                 hid_parser_global,
647                 hid_parser_local,
648                 hid_parser_reserved
649         };
650
651         device->rdesc = kmalloc(size, GFP_KERNEL);
652         if (device->rdesc == NULL)
653                 return -ENOMEM;
654         memcpy(device->rdesc, start, size);
655         device->rsize = size;
656
657         parser = vmalloc(sizeof(struct hid_parser));
658         if (!parser) {
659                 ret = -ENOMEM;
660                 goto err;
661         }
662
663         memset(parser, 0, sizeof(struct hid_parser));
664         parser->device = device;
665
666         end = start + size;
667         ret = -EINVAL;
668         while ((start = fetch_item(start, end, &item)) != NULL) {
669
670                 if (item.format != HID_ITEM_FORMAT_SHORT) {
671                         dbg_hid("unexpected long global item\n");
672                         goto err;
673                 }
674
675                 if (dispatch_type[item.type](parser, &item)) {
676                         dbg_hid("item %u %u %u %u parsing failed\n",
677                                 item.format, (unsigned)item.size, (unsigned)item.type, (unsigned)item.tag);
678                         goto err;
679                 }
680
681                 if (start == end) {
682                         if (parser->collection_stack_ptr) {
683                                 dbg_hid("unbalanced collection at end of report description\n");
684                                 goto err;
685                         }
686                         if (parser->local.delimiter_depth) {
687                                 dbg_hid("unbalanced delimiter at end of report description\n");
688                                 goto err;
689                         }
690                         vfree(parser);
691                         return 0;
692                 }
693         }
694
695         dbg_hid("item fetching failed at offset %d\n", (int)(end - start));
696 err:
697         vfree(parser);
698         return ret;
699 }
700 EXPORT_SYMBOL_GPL(hid_parse_report);
701
702 /*
703  * Convert a signed n-bit integer to signed 32-bit integer. Common
704  * cases are done through the compiler, the screwed things has to be
705  * done by hand.
706  */
707
708 static s32 snto32(__u32 value, unsigned n)
709 {
710         switch (n) {
711                 case 8:  return ((__s8)value);
712                 case 16: return ((__s16)value);
713                 case 32: return ((__s32)value);
714         }
715         return value & (1 << (n - 1)) ? value | (-1 << n) : value;
716 }
717
718 /*
719  * Convert a signed 32-bit integer to a signed n-bit integer.
720  */
721
722 static u32 s32ton(__s32 value, unsigned n)
723 {
724         s32 a = value >> (n - 1);
725         if (a && a != -1)
726                 return value < 0 ? 1 << (n - 1) : (1 << (n - 1)) - 1;
727         return value & ((1 << n) - 1);
728 }
729
730 /*
731  * Extract/implement a data field from/to a little endian report (bit array).
732  *
733  * Code sort-of follows HID spec:
734  *     http://www.usb.org/developers/devclass_docs/HID1_11.pdf
735  *
736  * While the USB HID spec allows unlimited length bit fields in "report
737  * descriptors", most devices never use more than 16 bits.
738  * One model of UPS is claimed to report "LINEV" as a 32-bit field.
739  * Search linux-kernel and linux-usb-devel archives for "hid-core extract".
740  */
741
742 static __inline__ __u32 extract(__u8 *report, unsigned offset, unsigned n)
743 {
744         u64 x;
745
746         if (n > 32)
747                 printk(KERN_WARNING "HID: extract() called with n (%d) > 32! (%s)\n",
748                                 n, current->comm);
749
750         report += offset >> 3;  /* adjust byte index */
751         offset &= 7;            /* now only need bit offset into one byte */
752         x = get_unaligned_le64(report);
753         x = (x >> offset) & ((1ULL << n) - 1);  /* extract bit field */
754         return (u32) x;
755 }
756
757 /*
758  * "implement" : set bits in a little endian bit stream.
759  * Same concepts as "extract" (see comments above).
760  * The data mangled in the bit stream remains in little endian
761  * order the whole time. It make more sense to talk about
762  * endianness of register values by considering a register
763  * a "cached" copy of the little endiad bit stream.
764  */
765 static __inline__ void implement(__u8 *report, unsigned offset, unsigned n, __u32 value)
766 {
767         u64 x;
768         u64 m = (1ULL << n) - 1;
769
770         if (n > 32)
771                 printk(KERN_WARNING "HID: implement() called with n (%d) > 32! (%s)\n",
772                                 n, current->comm);
773
774         if (value > m)
775                 printk(KERN_WARNING "HID: implement() called with too large value %d! (%s)\n",
776                                 value, current->comm);
777         WARN_ON(value > m);
778         value &= m;
779
780         report += offset >> 3;
781         offset &= 7;
782
783         x = get_unaligned_le64(report);
784         x &= ~(m << offset);
785         x |= ((u64)value) << offset;
786         put_unaligned_le64(x, report);
787 }
788
789 /*
790  * Search an array for a value.
791  */
792
793 static __inline__ int search(__s32 *array, __s32 value, unsigned n)
794 {
795         while (n--) {
796                 if (*array++ == value)
797                         return 0;
798         }
799         return -1;
800 }
801
802 /**
803  * hid_match_report - check if driver's raw_event should be called
804  *
805  * @hid: hid device
806  * @report_type: type to match against
807  *
808  * compare hid->driver->report_table->report_type to report->type
809  */
810 static int hid_match_report(struct hid_device *hid, struct hid_report *report)
811 {
812         const struct hid_report_id *id = hid->driver->report_table;
813
814         if (!id) /* NULL means all */
815                 return 1;
816
817         for (; id->report_type != HID_TERMINATOR; id++)
818                 if (id->report_type == HID_ANY_ID ||
819                                 id->report_type == report->type)
820                         return 1;
821         return 0;
822 }
823
824 /**
825  * hid_match_usage - check if driver's event should be called
826  *
827  * @hid: hid device
828  * @usage: usage to match against
829  *
830  * compare hid->driver->usage_table->usage_{type,code} to
831  * usage->usage_{type,code}
832  */
833 static int hid_match_usage(struct hid_device *hid, struct hid_usage *usage)
834 {
835         const struct hid_usage_id *id = hid->driver->usage_table;
836
837         if (!id) /* NULL means all */
838                 return 1;
839
840         for (; id->usage_type != HID_ANY_ID - 1; id++)
841                 if ((id->usage_hid == HID_ANY_ID ||
842                                 id->usage_hid == usage->hid) &&
843                                 (id->usage_type == HID_ANY_ID ||
844                                 id->usage_type == usage->type) &&
845                                 (id->usage_code == HID_ANY_ID ||
846                                  id->usage_code == usage->code))
847                         return 1;
848         return 0;
849 }
850
851 static void hid_process_event(struct hid_device *hid, struct hid_field *field,
852                 struct hid_usage *usage, __s32 value, int interrupt)
853 {
854         struct hid_driver *hdrv = hid->driver;
855         int ret;
856
857         hid_dump_input(usage, value);
858
859         if (hdrv && hdrv->event && hid_match_usage(hid, usage)) {
860                 ret = hdrv->event(hid, field, usage, value);
861                 if (ret != 0) {
862                         if (ret < 0)
863                                 dbg_hid("%s's event failed with %d\n",
864                                                 hdrv->name, ret);
865                         return;
866                 }
867         }
868
869         if (hid->claimed & HID_CLAIMED_INPUT)
870                 hidinput_hid_event(hid, field, usage, value);
871         if (hid->claimed & HID_CLAIMED_HIDDEV && interrupt && hid->hiddev_hid_event)
872                 hid->hiddev_hid_event(hid, field, usage, value);
873 }
874
875 /*
876  * Analyse a received field, and fetch the data from it. The field
877  * content is stored for next report processing (we do differential
878  * reporting to the layer).
879  */
880
881 static void hid_input_field(struct hid_device *hid, struct hid_field *field,
882                             __u8 *data, int interrupt)
883 {
884         unsigned n;
885         unsigned count = field->report_count;
886         unsigned offset = field->report_offset;
887         unsigned size = field->report_size;
888         __s32 min = field->logical_minimum;
889         __s32 max = field->logical_maximum;
890         __s32 *value;
891
892         if (!(value = kmalloc(sizeof(__s32) * count, GFP_ATOMIC)))
893                 return;
894
895         for (n = 0; n < count; n++) {
896
897                         value[n] = min < 0 ? snto32(extract(data, offset + n * size, size), size) :
898                                                     extract(data, offset + n * size, size);
899
900                         if (!(field->flags & HID_MAIN_ITEM_VARIABLE) /* Ignore report if ErrorRollOver */
901                             && value[n] >= min && value[n] <= max
902                             && field->usage[value[n] - min].hid == HID_UP_KEYBOARD + 1)
903                                 goto exit;
904         }
905
906         for (n = 0; n < count; n++) {
907
908                 if (HID_MAIN_ITEM_VARIABLE & field->flags) {
909                         hid_process_event(hid, field, &field->usage[n], value[n], interrupt);
910                         continue;
911                 }
912
913                 if (field->value[n] >= min && field->value[n] <= max
914                         && field->usage[field->value[n] - min].hid
915                         && search(value, field->value[n], count))
916                                 hid_process_event(hid, field, &field->usage[field->value[n] - min], 0, interrupt);
917
918                 if (value[n] >= min && value[n] <= max
919                         && field->usage[value[n] - min].hid
920                         && search(field->value, value[n], count))
921                                 hid_process_event(hid, field, &field->usage[value[n] - min], 1, interrupt);
922         }
923
924         memcpy(field->value, value, count * sizeof(__s32));
925 exit:
926         kfree(value);
927 }
928
929 /*
930  * Output the field into the report.
931  */
932
933 static void hid_output_field(struct hid_field *field, __u8 *data)
934 {
935         unsigned count = field->report_count;
936         unsigned offset = field->report_offset;
937         unsigned size = field->report_size;
938         unsigned bitsused = offset + count * size;
939         unsigned n;
940
941         /* make sure the unused bits in the last byte are zeros */
942         if (count > 0 && size > 0 && (bitsused % 8) != 0)
943                 data[(bitsused-1)/8] &= (1 << (bitsused % 8)) - 1;
944
945         for (n = 0; n < count; n++) {
946                 if (field->logical_minimum < 0) /* signed values */
947                         implement(data, offset + n * size, size, s32ton(field->value[n], size));
948                 else                            /* unsigned values */
949                         implement(data, offset + n * size, size, field->value[n]);
950         }
951 }
952
953 /*
954  * Create a report.
955  */
956
957 void hid_output_report(struct hid_report *report, __u8 *data)
958 {
959         unsigned n;
960
961         if (report->id > 0)
962                 *data++ = report->id;
963
964         for (n = 0; n < report->maxfield; n++)
965                 hid_output_field(report->field[n], data);
966 }
967 EXPORT_SYMBOL_GPL(hid_output_report);
968
969 /*
970  * Set a field value. The report this field belongs to has to be
971  * created and transferred to the device, to set this value in the
972  * device.
973  */
974
975 int hid_set_field(struct hid_field *field, unsigned offset, __s32 value)
976 {
977         unsigned size = field->report_size;
978
979         hid_dump_input(field->usage + offset, value);
980
981         if (offset >= field->report_count) {
982                 dbg_hid("offset (%d) exceeds report_count (%d)\n", offset, field->report_count);
983                 hid_dump_field(field, 8);
984                 return -1;
985         }
986         if (field->logical_minimum < 0) {
987                 if (value != snto32(s32ton(value, size), size)) {
988                         dbg_hid("value %d is out of range\n", value);
989                         return -1;
990                 }
991         }
992         field->value[offset] = value;
993         return 0;
994 }
995 EXPORT_SYMBOL_GPL(hid_set_field);
996
997 static struct hid_report *hid_get_report(struct hid_report_enum *report_enum,
998                 const u8 *data)
999 {
1000         struct hid_report *report;
1001         unsigned int n = 0;     /* Normally report number is 0 */
1002
1003         /* Device uses numbered reports, data[0] is report number */
1004         if (report_enum->numbered)
1005                 n = *data;
1006
1007         report = report_enum->report_id_hash[n];
1008         if (report == NULL)
1009                 dbg_hid("undefined report_id %u received\n", n);
1010
1011         return report;
1012 }
1013
1014 void hid_report_raw_event(struct hid_device *hid, int type, u8 *data, int size,
1015                 int interrupt)
1016 {
1017         struct hid_report_enum *report_enum = hid->report_enum + type;
1018         struct hid_report *report;
1019         unsigned int a;
1020         int rsize, csize = size;
1021         u8 *cdata = data;
1022
1023         report = hid_get_report(report_enum, data);
1024         if (!report)
1025                 return;
1026
1027         if (report_enum->numbered) {
1028                 cdata++;
1029                 csize--;
1030         }
1031
1032         rsize = ((report->size - 1) >> 3) + 1;
1033
1034         if (csize < rsize) {
1035                 dbg_hid("report %d is too short, (%d < %d)\n", report->id,
1036                                 csize, rsize);
1037                 memset(cdata + csize, 0, rsize - csize);
1038         }
1039
1040         if ((hid->claimed & HID_CLAIMED_HIDDEV) && hid->hiddev_report_event)
1041                 hid->hiddev_report_event(hid, report);
1042         if (hid->claimed & HID_CLAIMED_HIDRAW) {
1043                 /* numbered reports need to be passed with the report num */
1044                 if (report_enum->numbered)
1045                         hidraw_report_event(hid, data - 1, size + 1);
1046                 else
1047                         hidraw_report_event(hid, data, size);
1048         }
1049
1050         for (a = 0; a < report->maxfield; a++)
1051                 hid_input_field(hid, report->field[a], cdata, interrupt);
1052
1053         if (hid->claimed & HID_CLAIMED_INPUT)
1054                 hidinput_report_event(hid, report);
1055 }
1056 EXPORT_SYMBOL_GPL(hid_report_raw_event);
1057
1058 /**
1059  * hid_input_report - report data from lower layer (usb, bt...)
1060  *
1061  * @hid: hid device
1062  * @type: HID report type (HID_*_REPORT)
1063  * @data: report contents
1064  * @size: size of data parameter
1065  * @interrupt: called from atomic?
1066  *
1067  * This is data entry for lower layers.
1068  */
1069 int hid_input_report(struct hid_device *hid, int type, u8 *data, int size, int interrupt)
1070 {
1071         struct hid_report_enum *report_enum = hid->report_enum + type;
1072         struct hid_driver *hdrv = hid->driver;
1073         struct hid_report *report;
1074         unsigned int i;
1075         int ret;
1076
1077         if (!hid || !hid->driver)
1078                 return -ENODEV;
1079
1080         if (!size) {
1081                 dbg_hid("empty report\n");
1082                 return -1;
1083         }
1084
1085         dbg_hid("report (size %u) (%snumbered)\n", size, report_enum->numbered ? "" : "un");
1086
1087         report = hid_get_report(report_enum, data);
1088         if (!report)
1089                 return -1;
1090
1091         /* dump the report */
1092         dbg_hid("report %d (size %u) = ", report->id, size);
1093         for (i = 0; i < size; i++)
1094                 dbg_hid_line(" %02x", data[i]);
1095         dbg_hid_line("\n");
1096
1097         if (hdrv && hdrv->raw_event && hid_match_report(hid, report)) {
1098                 ret = hdrv->raw_event(hid, report, data, size);
1099                 if (ret != 0)
1100                         return ret < 0 ? ret : 0;
1101         }
1102
1103         hid_report_raw_event(hid, type, data, size, interrupt);
1104
1105         return 0;
1106 }
1107 EXPORT_SYMBOL_GPL(hid_input_report);
1108
1109 static bool hid_match_one_id(struct hid_device *hdev,
1110                 const struct hid_device_id *id)
1111 {
1112         return id->bus == hdev->bus &&
1113                 (id->vendor == HID_ANY_ID || id->vendor == hdev->vendor) &&
1114                 (id->product == HID_ANY_ID || id->product == hdev->product);
1115 }
1116
1117 static const struct hid_device_id *hid_match_id(struct hid_device *hdev,
1118                 const struct hid_device_id *id)
1119 {
1120         for (; id->bus; id++)
1121                 if (hid_match_one_id(hdev, id))
1122                         return id;
1123
1124         return NULL;
1125 }
1126
1127 static const struct hid_device_id hid_blacklist[] = {
1128         { }
1129 };
1130
1131 static int hid_bus_match(struct device *dev, struct device_driver *drv)
1132 {
1133         struct hid_driver *hdrv = container_of(drv, struct hid_driver, driver);
1134         struct hid_device *hdev = container_of(dev, struct hid_device, dev);
1135
1136         if (!hid_match_id(hdev, hdrv->id_table))
1137                 return 0;
1138
1139         /* generic wants all non-blacklisted */
1140         if (!strncmp(hdrv->name, "generic-", 8))
1141                 return !hid_match_id(hdev, hid_blacklist);
1142
1143         return 1;
1144 }
1145
1146 static int hid_device_probe(struct device *dev)
1147 {
1148         struct hid_driver *hdrv = container_of(dev->driver,
1149                         struct hid_driver, driver);
1150         struct hid_device *hdev = container_of(dev, struct hid_device, dev);
1151         const struct hid_device_id *id;
1152         int ret = 0;
1153
1154         if (!hdev->driver) {
1155                 if (hdrv->probe) {
1156                         ret = -ENODEV;
1157
1158                         id = hid_match_id(hdev, hdrv->id_table);
1159                         if (id)
1160                                 ret = hdrv->probe(hdev, id);
1161                 }
1162                 if (!ret)
1163                         hdev->driver = hdrv;
1164         }
1165         return ret;
1166 }
1167
1168 static int hid_device_remove(struct device *dev)
1169 {
1170         struct hid_device *hdev = container_of(dev, struct hid_device, dev);
1171         struct hid_driver *hdrv = hdev->driver;
1172
1173         if (hdrv) {
1174                 if (hdrv->remove)
1175                         hdrv->remove(hdev);
1176                 hdev->driver = NULL;
1177         }
1178
1179         return 0;
1180 }
1181
1182 static int hid_uevent(struct device *dev, struct kobj_uevent_env *env)
1183 {
1184         struct hid_device *hdev = container_of(dev, struct hid_device, dev);
1185
1186         if (add_uevent_var(env, "HID_ID=%04X:%08X:%08X",
1187                         hdev->bus, hdev->vendor, hdev->product))
1188                 return -ENOMEM;
1189
1190         if (add_uevent_var(env, "HID_NAME=%s", hdev->name))
1191                 return -ENOMEM;
1192
1193         if (add_uevent_var(env, "HID_PHYS=%s", hdev->phys))
1194                 return -ENOMEM;
1195
1196         if (add_uevent_var(env, "HID_UNIQ=%s", hdev->uniq))
1197                 return -ENOMEM;
1198
1199         if (add_uevent_var(env, "MODALIAS=hid:b%04Xv%08Xp%08X",
1200                         hdev->bus, hdev->vendor, hdev->product))
1201                 return -ENOMEM;
1202
1203         return 0;
1204 }
1205
1206 static struct bus_type hid_bus_type = {
1207         .name           = "hid",
1208         .match          = hid_bus_match,
1209         .probe          = hid_device_probe,
1210         .remove         = hid_device_remove,
1211         .uevent         = hid_uevent,
1212 };
1213
1214 int hid_add_device(struct hid_device *hdev)
1215 {
1216         static atomic_t id = ATOMIC_INIT(0);
1217         int ret;
1218
1219         if (WARN_ON(hdev->status & HID_STAT_ADDED))
1220                 return -EBUSY;
1221
1222         /* XXX hack, any other cleaner solution < 20 bus_id bytes? */
1223         sprintf(hdev->dev.bus_id, "%04X:%04X:%04X.%04X", hdev->bus,
1224                         hdev->vendor, hdev->product, atomic_inc_return(&id));
1225
1226         ret = device_add(&hdev->dev);
1227         if (!ret)
1228                 hdev->status |= HID_STAT_ADDED;
1229
1230         return ret;
1231 }
1232 EXPORT_SYMBOL_GPL(hid_add_device);
1233
1234 /**
1235  * hid_allocate_device - allocate new hid device descriptor
1236  *
1237  * Allocate and initialize hid device, so that hid_destroy_device might be
1238  * used to free it.
1239  *
1240  * New hid_device pointer is returned on success, otherwise ERR_PTR encoded
1241  * error value.
1242  */
1243 struct hid_device *hid_allocate_device(void)
1244 {
1245         struct hid_device *hdev;
1246         unsigned int i;
1247         int ret = -ENOMEM;
1248
1249         hdev = kzalloc(sizeof(*hdev), GFP_KERNEL);
1250         if (hdev == NULL)
1251                 return ERR_PTR(ret);
1252
1253         device_initialize(&hdev->dev);
1254         hdev->dev.release = hid_device_release;
1255         hdev->dev.bus = &hid_bus_type;
1256
1257         hdev->collection = kcalloc(HID_DEFAULT_NUM_COLLECTIONS,
1258                         sizeof(struct hid_collection), GFP_KERNEL);
1259         if (hdev->collection == NULL)
1260                 goto err;
1261         hdev->collection_size = HID_DEFAULT_NUM_COLLECTIONS;
1262
1263         for (i = 0; i < HID_REPORT_TYPES; i++)
1264                 INIT_LIST_HEAD(&hdev->report_enum[i].report_list);
1265
1266         return hdev;
1267 err:
1268         put_device(&hdev->dev);
1269         return ERR_PTR(ret);
1270 }
1271 EXPORT_SYMBOL_GPL(hid_allocate_device);
1272
1273 static void hid_remove_device(struct hid_device *hdev)
1274 {
1275         if (hdev->status & HID_STAT_ADDED) {
1276                 device_del(&hdev->dev);
1277                 hdev->status &= ~HID_STAT_ADDED;
1278         }
1279 }
1280
1281 /**
1282  * hid_destroy_device - free previously allocated device
1283  *
1284  * @hdev: hid device
1285  *
1286  * If you allocate hid_device through hid_allocate_device, you should ever
1287  * free by this function.
1288  */
1289 void hid_destroy_device(struct hid_device *hdev)
1290 {
1291         hid_remove_device(hdev);
1292         put_device(&hdev->dev);
1293 }
1294 EXPORT_SYMBOL_GPL(hid_destroy_device);
1295
1296 int __hid_register_driver(struct hid_driver *hdrv, struct module *owner,
1297                 const char *mod_name)
1298 {
1299         hdrv->driver.name = hdrv->name;
1300         hdrv->driver.bus = &hid_bus_type;
1301         hdrv->driver.owner = owner;
1302         hdrv->driver.mod_name = mod_name;
1303
1304         return driver_register(&hdrv->driver);
1305 }
1306 EXPORT_SYMBOL_GPL(__hid_register_driver);
1307
1308 void hid_unregister_driver(struct hid_driver *hdrv)
1309 {
1310         driver_unregister(&hdrv->driver);
1311 }
1312 EXPORT_SYMBOL_GPL(hid_unregister_driver);
1313
1314 static int __init hid_init(void)
1315 {
1316         int ret;
1317
1318         ret = bus_register(&hid_bus_type);
1319         if (ret) {
1320                 printk(KERN_ERR "HID: can't register hid bus\n");
1321                 goto err;
1322         }
1323
1324         ret = hidraw_init();
1325         if (ret)
1326                 goto err_bus;
1327
1328         return 0;
1329 err_bus:
1330         bus_unregister(&hid_bus_type);
1331 err:
1332         return ret;
1333 }
1334
1335 static void __exit hid_exit(void)
1336 {
1337         hidraw_exit();
1338         bus_unregister(&hid_bus_type);
1339 }
1340
1341 module_init(hid_init);
1342 module_exit(hid_exit);
1343
1344 MODULE_LICENSE(DRIVER_LICENSE);
1345