2 * Event char devices, giving access to raw input device events.
4 * Copyright (c) 1999-2002 Vojtech Pavlik
6 * This program is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License version 2 as published by
8 * the Free Software Foundation.
11 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
13 #define EVDEV_MINOR_BASE 64
14 #define EVDEV_MINORS 32
15 #define EVDEV_MIN_BUFFER_SIZE 64U
16 #define EVDEV_BUF_PACKETS 8
18 #include <linux/poll.h>
19 #include <linux/sched.h>
20 #include <linux/slab.h>
21 #include <linux/module.h>
22 #include <linux/init.h>
23 #include <linux/input.h>
24 #include <linux/major.h>
25 #include <linux/device.h>
26 #include <linux/wakelock.h>
27 #include "input-compat.h"
32 struct input_handle handle;
33 wait_queue_head_t wait;
34 struct evdev_client __rcu *grab;
35 struct list_head client_list;
36 spinlock_t client_lock; /* protects client_list */
45 unsigned int packet_head; /* [future] position of the first element of next packet */
46 spinlock_t buffer_lock; /* protects access to buffer, head and tail */
47 struct wake_lock wake_lock;
49 struct fasync_struct *fasync;
51 struct list_head node;
53 struct input_event buffer[];
56 static struct evdev *evdev_table[EVDEV_MINORS];
57 static DEFINE_MUTEX(evdev_table_mutex);
59 static void evdev_pass_event(struct evdev_client *client,
60 struct input_event *event)
62 /* Interrupts are disabled, just acquire the lock. */
63 spin_lock(&client->buffer_lock);
65 wake_lock_timeout(&client->wake_lock, 5 * HZ);
66 client->buffer[client->head++] = *event;
67 client->head &= client->bufsize - 1;
69 if (unlikely(client->head == client->tail)) {
71 * This effectively "drops" all unconsumed events, leaving
72 * EV_SYN/SYN_DROPPED plus the newest event in the queue.
74 client->tail = (client->head - 2) & (client->bufsize - 1);
76 client->buffer[client->tail].time = event->time;
77 client->buffer[client->tail].type = EV_SYN;
78 client->buffer[client->tail].code = SYN_DROPPED;
79 client->buffer[client->tail].value = 0;
81 client->packet_head = client->tail;
84 if (event->type == EV_SYN && event->code == SYN_REPORT) {
85 client->packet_head = client->head;
86 kill_fasync(&client->fasync, SIGIO, POLL_IN);
89 spin_unlock(&client->buffer_lock);
93 * Pass incoming event to all connected clients.
95 static void evdev_event(struct input_handle *handle,
96 unsigned int type, unsigned int code, int value)
98 struct evdev *evdev = handle->private;
99 struct evdev_client *client;
100 struct input_event event;
104 event.time.tv_sec = ts.tv_sec;
105 event.time.tv_usec = ts.tv_nsec / NSEC_PER_USEC;
112 client = rcu_dereference(evdev->grab);
114 evdev_pass_event(client, &event);
116 list_for_each_entry_rcu(client, &evdev->client_list, node)
117 evdev_pass_event(client, &event);
121 if (type == EV_SYN && code == SYN_REPORT)
122 wake_up_interruptible(&evdev->wait);
125 static int evdev_fasync(int fd, struct file *file, int on)
127 struct evdev_client *client = file->private_data;
129 return fasync_helper(fd, file, on, &client->fasync);
132 static int evdev_flush(struct file *file, fl_owner_t id)
134 struct evdev_client *client = file->private_data;
135 struct evdev *evdev = client->evdev;
138 retval = mutex_lock_interruptible(&evdev->mutex);
145 retval = input_flush_device(&evdev->handle, file);
147 mutex_unlock(&evdev->mutex);
151 static void evdev_free(struct device *dev)
153 struct evdev *evdev = container_of(dev, struct evdev, dev);
155 input_put_device(evdev->handle.dev);
160 * Grabs an event device (along with underlying input device).
161 * This function is called with evdev->mutex taken.
163 static int evdev_grab(struct evdev *evdev, struct evdev_client *client)
170 error = input_grab_device(&evdev->handle);
174 rcu_assign_pointer(evdev->grab, client);
179 static int evdev_ungrab(struct evdev *evdev, struct evdev_client *client)
181 if (evdev->grab != client)
184 rcu_assign_pointer(evdev->grab, NULL);
186 input_release_device(&evdev->handle);
191 static void evdev_attach_client(struct evdev *evdev,
192 struct evdev_client *client)
194 spin_lock(&evdev->client_lock);
195 list_add_tail_rcu(&client->node, &evdev->client_list);
196 spin_unlock(&evdev->client_lock);
199 static void evdev_detach_client(struct evdev *evdev,
200 struct evdev_client *client)
202 spin_lock(&evdev->client_lock);
203 list_del_rcu(&client->node);
204 spin_unlock(&evdev->client_lock);
208 static int evdev_open_device(struct evdev *evdev)
212 retval = mutex_lock_interruptible(&evdev->mutex);
218 else if (!evdev->open++) {
219 retval = input_open_device(&evdev->handle);
224 mutex_unlock(&evdev->mutex);
228 static void evdev_close_device(struct evdev *evdev)
230 mutex_lock(&evdev->mutex);
232 if (evdev->exist && !--evdev->open)
233 input_close_device(&evdev->handle);
235 mutex_unlock(&evdev->mutex);
239 * Wake up users waiting for IO so they can disconnect from
242 static void evdev_hangup(struct evdev *evdev)
244 struct evdev_client *client;
246 spin_lock(&evdev->client_lock);
247 list_for_each_entry(client, &evdev->client_list, node)
248 kill_fasync(&client->fasync, SIGIO, POLL_HUP);
249 spin_unlock(&evdev->client_lock);
251 wake_up_interruptible(&evdev->wait);
254 static int evdev_release(struct inode *inode, struct file *file)
256 struct evdev_client *client = file->private_data;
257 struct evdev *evdev = client->evdev;
259 mutex_lock(&evdev->mutex);
260 if (evdev->grab == client)
261 evdev_ungrab(evdev, client);
262 mutex_unlock(&evdev->mutex);
264 evdev_detach_client(evdev, client);
265 wake_lock_destroy(&client->wake_lock);
268 evdev_close_device(evdev);
269 put_device(&evdev->dev);
274 static unsigned int evdev_compute_buffer_size(struct input_dev *dev)
276 unsigned int n_events =
277 max(dev->hint_events_per_packet * EVDEV_BUF_PACKETS,
278 EVDEV_MIN_BUFFER_SIZE);
280 return roundup_pow_of_two(n_events);
283 static int evdev_open(struct inode *inode, struct file *file)
286 struct evdev_client *client;
287 int i = iminor(inode) - EVDEV_MINOR_BASE;
288 unsigned int bufsize;
291 if (i >= EVDEV_MINORS)
294 error = mutex_lock_interruptible(&evdev_table_mutex);
297 evdev = evdev_table[i];
299 get_device(&evdev->dev);
300 mutex_unlock(&evdev_table_mutex);
305 bufsize = evdev_compute_buffer_size(evdev->handle.dev);
307 client = kzalloc(sizeof(struct evdev_client) +
308 bufsize * sizeof(struct input_event),
315 client->bufsize = bufsize;
316 spin_lock_init(&client->buffer_lock);
317 snprintf(client->name, sizeof(client->name), "%s-%d",
318 dev_name(&evdev->dev), task_tgid_vnr(current));
319 wake_lock_init(&client->wake_lock, WAKE_LOCK_SUSPEND, client->name);
320 client->evdev = evdev;
321 evdev_attach_client(evdev, client);
323 error = evdev_open_device(evdev);
325 goto err_free_client;
327 file->private_data = client;
328 nonseekable_open(inode, file);
333 evdev_detach_client(evdev, client);
334 wake_lock_destroy(&client->wake_lock);
337 put_device(&evdev->dev);
341 static ssize_t evdev_write(struct file *file, const char __user *buffer,
342 size_t count, loff_t *ppos)
344 struct evdev_client *client = file->private_data;
345 struct evdev *evdev = client->evdev;
346 struct input_event event;
349 if (count < input_event_size())
352 retval = mutex_lock_interruptible(&evdev->mutex);
362 if (input_event_from_user(buffer + retval, &event)) {
366 retval += input_event_size();
368 input_inject_event(&evdev->handle,
369 event.type, event.code, event.value);
370 } while (retval + input_event_size() <= count);
373 mutex_unlock(&evdev->mutex);
377 static int evdev_fetch_next_event(struct evdev_client *client,
378 struct input_event *event)
382 spin_lock_irq(&client->buffer_lock);
384 have_event = client->packet_head != client->tail;
386 *event = client->buffer[client->tail++];
387 client->tail &= client->bufsize - 1;
388 if (client->head == client->tail)
389 wake_unlock(&client->wake_lock);
392 spin_unlock_irq(&client->buffer_lock);
397 static ssize_t evdev_read(struct file *file, char __user *buffer,
398 size_t count, loff_t *ppos)
400 struct evdev_client *client = file->private_data;
401 struct evdev *evdev = client->evdev;
402 struct input_event event;
405 if (count < input_event_size())
408 if (!(file->f_flags & O_NONBLOCK)) {
409 retval = wait_event_interruptible(evdev->wait,
410 client->packet_head != client->tail || !evdev->exist);
418 while (retval + input_event_size() <= count &&
419 evdev_fetch_next_event(client, &event)) {
421 if (input_event_to_user(buffer + retval, &event))
424 retval += input_event_size();
427 if (retval == 0 && file->f_flags & O_NONBLOCK)
432 /* No kernel lock - fine */
433 static unsigned int evdev_poll(struct file *file, poll_table *wait)
435 struct evdev_client *client = file->private_data;
436 struct evdev *evdev = client->evdev;
439 poll_wait(file, &evdev->wait, wait);
441 mask = evdev->exist ? POLLOUT | POLLWRNORM : POLLHUP | POLLERR;
442 if (client->packet_head != client->tail)
443 mask |= POLLIN | POLLRDNORM;
450 #define BITS_PER_LONG_COMPAT (sizeof(compat_long_t) * 8)
451 #define BITS_TO_LONGS_COMPAT(x) ((((x) - 1) / BITS_PER_LONG_COMPAT) + 1)
454 static int bits_to_user(unsigned long *bits, unsigned int maxbit,
455 unsigned int maxlen, void __user *p, int compat)
460 len = BITS_TO_LONGS_COMPAT(maxbit) * sizeof(compat_long_t);
464 for (i = 0; i < len / sizeof(compat_long_t); i++)
465 if (copy_to_user((compat_long_t __user *) p + i,
466 (compat_long_t *) bits +
467 i + 1 - ((i % 2) << 1),
468 sizeof(compat_long_t)))
471 len = BITS_TO_LONGS(maxbit) * sizeof(long);
475 if (copy_to_user(p, bits, len))
482 static int bits_to_user(unsigned long *bits, unsigned int maxbit,
483 unsigned int maxlen, void __user *p, int compat)
486 BITS_TO_LONGS_COMPAT(maxbit) * sizeof(compat_long_t) :
487 BITS_TO_LONGS(maxbit) * sizeof(long);
492 return copy_to_user(p, bits, len) ? -EFAULT : len;
494 #endif /* __BIG_ENDIAN */
498 static int bits_to_user(unsigned long *bits, unsigned int maxbit,
499 unsigned int maxlen, void __user *p, int compat)
501 int len = BITS_TO_LONGS(maxbit) * sizeof(long);
506 return copy_to_user(p, bits, len) ? -EFAULT : len;
509 #endif /* CONFIG_COMPAT */
511 static int str_to_user(const char *str, unsigned int maxlen, void __user *p)
518 len = strlen(str) + 1;
522 return copy_to_user(p, str, len) ? -EFAULT : len;
525 #define OLD_KEY_MAX 0x1ff
526 static int handle_eviocgbit(struct input_dev *dev,
527 unsigned int type, unsigned int size,
528 void __user *p, int compat_mode)
530 static unsigned long keymax_warn_time;
536 case 0: bits = dev->evbit; len = EV_MAX; break;
537 case EV_KEY: bits = dev->keybit; len = KEY_MAX; break;
538 case EV_REL: bits = dev->relbit; len = REL_MAX; break;
539 case EV_ABS: bits = dev->absbit; len = ABS_MAX; break;
540 case EV_MSC: bits = dev->mscbit; len = MSC_MAX; break;
541 case EV_LED: bits = dev->ledbit; len = LED_MAX; break;
542 case EV_SND: bits = dev->sndbit; len = SND_MAX; break;
543 case EV_FF: bits = dev->ffbit; len = FF_MAX; break;
544 case EV_SW: bits = dev->swbit; len = SW_MAX; break;
545 default: return -EINVAL;
549 * Work around bugs in userspace programs that like to do
550 * EVIOCGBIT(EV_KEY, KEY_MAX) and not realize that 'len'
551 * should be in bytes, not in bits.
553 if (type == EV_KEY && size == OLD_KEY_MAX) {
555 if (printk_timed_ratelimit(&keymax_warn_time, 10 * 1000))
556 pr_warning("(EVIOCGBIT): Suspicious buffer size %u, "
557 "limiting output to %zu bytes. See "
558 "http://userweb.kernel.org/~dtor/eviocgbit-bug.html\n",
560 BITS_TO_LONGS(OLD_KEY_MAX) * sizeof(long));
563 return bits_to_user(bits, len, size, p, compat_mode);
567 static int evdev_handle_get_keycode(struct input_dev *dev, void __user *p)
569 struct input_keymap_entry ke = {
570 .len = sizeof(unsigned int),
573 int __user *ip = (int __user *)p;
577 if (copy_from_user(ke.scancode, p, sizeof(unsigned int)))
580 error = input_get_keycode(dev, &ke);
584 if (put_user(ke.keycode, ip + 1))
590 static int evdev_handle_get_keycode_v2(struct input_dev *dev, void __user *p)
592 struct input_keymap_entry ke;
595 if (copy_from_user(&ke, p, sizeof(ke)))
598 error = input_get_keycode(dev, &ke);
602 if (copy_to_user(p, &ke, sizeof(ke)))
608 static int evdev_handle_set_keycode(struct input_dev *dev, void __user *p)
610 struct input_keymap_entry ke = {
611 .len = sizeof(unsigned int),
614 int __user *ip = (int __user *)p;
616 if (copy_from_user(ke.scancode, p, sizeof(unsigned int)))
619 if (get_user(ke.keycode, ip + 1))
622 return input_set_keycode(dev, &ke);
625 static int evdev_handle_set_keycode_v2(struct input_dev *dev, void __user *p)
627 struct input_keymap_entry ke;
629 if (copy_from_user(&ke, p, sizeof(ke)))
632 if (ke.len > sizeof(ke.scancode))
635 return input_set_keycode(dev, &ke);
638 static long evdev_do_ioctl(struct file *file, unsigned int cmd,
639 void __user *p, int compat_mode)
641 struct evdev_client *client = file->private_data;
642 struct evdev *evdev = client->evdev;
643 struct input_dev *dev = evdev->handle.dev;
644 struct input_absinfo abs;
645 struct ff_effect effect;
646 int __user *ip = (int __user *)p;
647 unsigned int i, t, u, v;
651 /* First we check for fixed-length commands */
655 return put_user(EV_VERSION, ip);
658 if (copy_to_user(p, &dev->id, sizeof(struct input_id)))
663 if (!test_bit(EV_REP, dev->evbit))
665 if (put_user(dev->rep[REP_DELAY], ip))
667 if (put_user(dev->rep[REP_PERIOD], ip + 1))
672 if (!test_bit(EV_REP, dev->evbit))
676 if (get_user(v, ip + 1))
679 input_inject_event(&evdev->handle, EV_REP, REP_DELAY, u);
680 input_inject_event(&evdev->handle, EV_REP, REP_PERIOD, v);
685 return input_ff_erase(dev, (int)(unsigned long) p, file);
688 i = test_bit(EV_FF, dev->evbit) ?
689 dev->ff->max_effects : 0;
696 return evdev_grab(evdev, client);
698 return evdev_ungrab(evdev, client);
701 return evdev_handle_get_keycode(dev, p);
704 return evdev_handle_set_keycode(dev, p);
706 case EVIOCGKEYCODE_V2:
707 return evdev_handle_get_keycode_v2(dev, p);
709 case EVIOCSKEYCODE_V2:
710 return evdev_handle_set_keycode_v2(dev, p);
713 size = _IOC_SIZE(cmd);
715 /* Now check variable-length commands */
716 #define EVIOC_MASK_SIZE(nr) ((nr) & ~(_IOC_SIZEMASK << _IOC_SIZESHIFT))
717 switch (EVIOC_MASK_SIZE(cmd)) {
720 return bits_to_user(dev->propbit, INPUT_PROP_MAX,
721 size, p, compat_mode);
724 return bits_to_user(dev->key, KEY_MAX, size, p, compat_mode);
727 return bits_to_user(dev->led, LED_MAX, size, p, compat_mode);
730 return bits_to_user(dev->snd, SND_MAX, size, p, compat_mode);
733 return bits_to_user(dev->sw, SW_MAX, size, p, compat_mode);
736 return str_to_user(dev->name, size, p);
739 return str_to_user(dev->phys, size, p);
742 return str_to_user(dev->uniq, size, p);
744 case EVIOC_MASK_SIZE(EVIOCSFF):
745 if (input_ff_effect_from_user(p, size, &effect))
748 error = input_ff_upload(dev, &effect, file);
750 if (put_user(effect.id, &(((struct ff_effect __user *)p)->id)))
756 /* Multi-number variable-length handlers */
757 if (_IOC_TYPE(cmd) != 'E')
760 if (_IOC_DIR(cmd) == _IOC_READ) {
762 if ((_IOC_NR(cmd) & ~EV_MAX) == _IOC_NR(EVIOCGBIT(0, 0)))
763 return handle_eviocgbit(dev,
764 _IOC_NR(cmd) & EV_MAX, size,
767 if ((_IOC_NR(cmd) & ~ABS_MAX) == _IOC_NR(EVIOCGABS(0))) {
772 t = _IOC_NR(cmd) & ABS_MAX;
773 abs = dev->absinfo[t];
775 if (copy_to_user(p, &abs, min_t(size_t,
776 size, sizeof(struct input_absinfo))))
783 if (_IOC_DIR(cmd) == _IOC_WRITE) {
785 if ((_IOC_NR(cmd) & ~ABS_MAX) == _IOC_NR(EVIOCSABS(0))) {
790 t = _IOC_NR(cmd) & ABS_MAX;
792 if (copy_from_user(&abs, p, min_t(size_t,
793 size, sizeof(struct input_absinfo))))
796 if (size < sizeof(struct input_absinfo))
799 /* We can't change number of reserved MT slots */
800 if (t == ABS_MT_SLOT)
804 * Take event lock to ensure that we are not
805 * changing device parameters in the middle
808 spin_lock_irq(&dev->event_lock);
809 dev->absinfo[t] = abs;
810 spin_unlock_irq(&dev->event_lock);
819 static long evdev_ioctl_handler(struct file *file, unsigned int cmd,
820 void __user *p, int compat_mode)
822 struct evdev_client *client = file->private_data;
823 struct evdev *evdev = client->evdev;
826 retval = mutex_lock_interruptible(&evdev->mutex);
835 retval = evdev_do_ioctl(file, cmd, p, compat_mode);
838 mutex_unlock(&evdev->mutex);
842 static long evdev_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
844 return evdev_ioctl_handler(file, cmd, (void __user *)arg, 0);
848 static long evdev_ioctl_compat(struct file *file,
849 unsigned int cmd, unsigned long arg)
851 return evdev_ioctl_handler(file, cmd, compat_ptr(arg), 1);
855 static const struct file_operations evdev_fops = {
856 .owner = THIS_MODULE,
858 .write = evdev_write,
861 .release = evdev_release,
862 .unlocked_ioctl = evdev_ioctl,
864 .compat_ioctl = evdev_ioctl_compat,
866 .fasync = evdev_fasync,
867 .flush = evdev_flush,
871 static int evdev_install_chrdev(struct evdev *evdev)
874 * No need to do any locking here as calls to connect and
875 * disconnect are serialized by the input core
877 evdev_table[evdev->minor] = evdev;
881 static void evdev_remove_chrdev(struct evdev *evdev)
884 * Lock evdev table to prevent race with evdev_open()
886 mutex_lock(&evdev_table_mutex);
887 evdev_table[evdev->minor] = NULL;
888 mutex_unlock(&evdev_table_mutex);
892 * Mark device non-existent. This disables writes, ioctls and
893 * prevents new users from opening the device. Already posted
894 * blocking reads will stay, however new ones will fail.
896 static void evdev_mark_dead(struct evdev *evdev)
898 mutex_lock(&evdev->mutex);
899 evdev->exist = false;
900 mutex_unlock(&evdev->mutex);
903 static void evdev_cleanup(struct evdev *evdev)
905 struct input_handle *handle = &evdev->handle;
907 evdev_mark_dead(evdev);
909 evdev_remove_chrdev(evdev);
911 /* evdev is marked dead so no one else accesses evdev->open */
913 input_flush_device(handle, NULL);
914 input_close_device(handle);
919 * Create new evdev device. Note that input core serializes calls
920 * to connect and disconnect so we don't need to lock evdev_table here.
922 static int evdev_connect(struct input_handler *handler, struct input_dev *dev,
923 const struct input_device_id *id)
929 for (minor = 0; minor < EVDEV_MINORS; minor++)
930 if (!evdev_table[minor])
933 if (minor == EVDEV_MINORS) {
934 pr_err("no more free evdev devices\n");
938 evdev = kzalloc(sizeof(struct evdev), GFP_KERNEL);
942 INIT_LIST_HEAD(&evdev->client_list);
943 spin_lock_init(&evdev->client_lock);
944 mutex_init(&evdev->mutex);
945 init_waitqueue_head(&evdev->wait);
947 dev_set_name(&evdev->dev, "event%d", minor);
949 evdev->minor = minor;
951 evdev->handle.dev = input_get_device(dev);
952 evdev->handle.name = dev_name(&evdev->dev);
953 evdev->handle.handler = handler;
954 evdev->handle.private = evdev;
956 evdev->dev.devt = MKDEV(INPUT_MAJOR, EVDEV_MINOR_BASE + minor);
957 evdev->dev.class = &input_class;
958 evdev->dev.parent = &dev->dev;
959 evdev->dev.release = evdev_free;
960 device_initialize(&evdev->dev);
962 error = input_register_handle(&evdev->handle);
966 error = evdev_install_chrdev(evdev);
968 goto err_unregister_handle;
970 error = device_add(&evdev->dev);
972 goto err_cleanup_evdev;
977 evdev_cleanup(evdev);
978 err_unregister_handle:
979 input_unregister_handle(&evdev->handle);
981 put_device(&evdev->dev);
985 static void evdev_disconnect(struct input_handle *handle)
987 struct evdev *evdev = handle->private;
989 device_del(&evdev->dev);
990 evdev_cleanup(evdev);
991 input_unregister_handle(handle);
992 put_device(&evdev->dev);
995 static const struct input_device_id evdev_ids[] = {
996 { .driver_info = 1 }, /* Matches all devices */
997 { }, /* Terminating zero entry */
1000 MODULE_DEVICE_TABLE(input, evdev_ids);
1002 static struct input_handler evdev_handler = {
1003 .event = evdev_event,
1004 .connect = evdev_connect,
1005 .disconnect = evdev_disconnect,
1006 .fops = &evdev_fops,
1007 .minor = EVDEV_MINOR_BASE,
1009 .id_table = evdev_ids,
1012 static int __init evdev_init(void)
1014 return input_register_handler(&evdev_handler);
1017 static void __exit evdev_exit(void)
1019 input_unregister_handler(&evdev_handler);
1022 module_init(evdev_init);
1023 module_exit(evdev_exit);
1025 MODULE_AUTHOR("Vojtech Pavlik <vojtech@ucw.cz>");
1026 MODULE_DESCRIPTION("Input driver event char devices");
1027 MODULE_LICENSE("GPL");