[PATCH v4 0/1] usb: gadget: add raw-gadget interface

From: Andrey Konovalov
Date: Wed Dec 18 2019 - 14:27:06 EST

Next message: Andrey Konovalov: "[PATCH v4 1/1] usb: gadget: add raw-gadget interface"
Previous message: Manfred Spraul: "Re: [PATCH] Revert "ipc,sem: remove uneeded sem_undo_list lock usage in exit_sem()""
Next in thread: Andrey Konovalov: "[PATCH v4 1/1] usb: gadget: add raw-gadget interface"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This patchset (currently a single patch) adds a new userspace interface
for the USB Gadget subsystem called USB Raw Gadget (I don't mind changing
the name to something else if there are better ideas). This is what
currently being used to enable coverage-buided USB fuzzing with syzkaller:

https://github.com/google/syzkaller/blob/master/docs/linux/external_fuzzing_usb.md

Initially I was using GadgetFS (together with the Dummy HCD/UDC module)
to perform emulation of USB devices for fuzzing, but later switched to a
custom written interface. The incentive to implement a different interface
was to provide a somewhat raw and direct access to the USB Gadget layer
for the userspace, where every USB request is passed to the userspace to
get a response. See documentation for the list of differences between
Raw Gadget and GadgetFS.

This patchset has been pushed to the public Linux kernel Gerrit instance:

https://linux-review.googlesource.com/c/linux/kernel/git/torvalds/linux/+/2144

Changes v3 -> v4:
- Print debug message when maxpacket check fails.
- Use module_misc_device() instead of module_init/exit().
- Reuse DRIVER_NAME macro in raw_device struct definition.
- Don't print WARNING in raw_release().
- Add comment that explains locking into raw_event_queue_fetch().
- Print a WARNING when event queue size is exceeded.
- Rename raw.c to raw_gadget.c.
- Mention module name in Kconfig.
- Reworked logging to use dev_err/dbg() instead of pr_err/debug().

Changes v2 -> v3:
- Updated device path in documentation.
- Changed usb_raw_init struct layout to make it the same for 32 bit compat
mode.
- Added compat_ioctl to raw_fops.
- Changed raw_ioctl_init() to return EINVAL for invalid USB speeds, except
for USB_SPEED_UNKNOWN, which defaults to USB_SPEED_HIGH.
- Reject endpoints with maxpacket = 0 in raw_ioctl_ep_enable().

Changes v1 -> v2:
- Moved raw.c to legacy/.
- Changed uapi header to use __u* types.
- Switched from debugfs entry to a misc device.
- Changed raw_dev from refcount to kref.
- Moved UDC_NAME_LENGTH_MAX to uapi headers.
- Used usb_endpoint_type() and usb_endpoint_dir_in/out() functions instead
of open coding them.
- Added "WITH Linux-syscall-note" to SPDX id in the uapi header.
- Removed pr_err() if case dev_new() fails.
- Reduced the number of debugging messages.

Andrey Konovalov (1):
usb: gadget: add raw-gadget interface

Documentation/usb/index.rst | 1 +
Documentation/usb/raw-gadget.rst | 59 ++
drivers/usb/gadget/legacy/Kconfig | 11 +
drivers/usb/gadget/legacy/Makefile | 1 +
drivers/usb/gadget/legacy/raw_gadget.c | 1071 ++++++++++++++++++++++++
include/uapi/linux/usb/raw_gadget.h | 167 ++++
6 files changed, 1310 insertions(+)
create mode 100644 Documentation/usb/raw-gadget.rst
create mode 100644 drivers/usb/gadget/legacy/raw_gadget.c
create mode 100644 include/uapi/linux/usb/raw_gadget.h

--
2.24.1.735.g03f4e72817-goog

Next message: Andrey Konovalov: "[PATCH v4 1/1] usb: gadget: add raw-gadget interface"
Previous message: Manfred Spraul: "Re: [PATCH] Revert "ipc,sem: remove uneeded sem_undo_list lock usage in exit_sem()""
Next in thread: Andrey Konovalov: "[PATCH v4 1/1] usb: gadget: add raw-gadget interface"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]