rndis_host.c (21014B)
1// SPDX-License-Identifier: GPL-2.0-or-later 2/* 3 * Host Side support for RNDIS Networking Links 4 * Copyright (C) 2005 by David Brownell 5 */ 6#include <linux/module.h> 7#include <linux/netdevice.h> 8#include <linux/etherdevice.h> 9#include <linux/ethtool.h> 10#include <linux/workqueue.h> 11#include <linux/slab.h> 12#include <linux/mii.h> 13#include <linux/usb.h> 14#include <linux/usb/cdc.h> 15#include <linux/usb/usbnet.h> 16#include <linux/usb/rndis_host.h> 17 18 19/* 20 * RNDIS is NDIS remoted over USB. It's a MSFT variant of CDC ACM ... of 21 * course ACM was intended for modems, not Ethernet links! USB's standard 22 * for Ethernet links is "CDC Ethernet", which is significantly simpler. 23 * 24 * NOTE that Microsoft's "RNDIS 1.0" specification is incomplete. Issues 25 * include: 26 * - Power management in particular relies on information that's scattered 27 * through other documentation, and which is incomplete or incorrect even 28 * there. 29 * - There are various undocumented protocol requirements, such as the 30 * need to send unused garbage in control-OUT messages. 31 * - In some cases, MS-Windows will emit undocumented requests; this 32 * matters more to peripheral implementations than host ones. 33 * 34 * Moreover there's a no-open-specs variant of RNDIS called "ActiveSync". 35 * 36 * For these reasons and others, ** USE OF RNDIS IS STRONGLY DISCOURAGED ** in 37 * favor of such non-proprietary alternatives as CDC Ethernet or the newer (and 38 * currently rare) "Ethernet Emulation Model" (EEM). 39 */ 40 41/* 42 * RNDIS notifications from device: command completion; "reverse" 43 * keepalives; etc 44 */ 45void rndis_status(struct usbnet *dev, struct urb *urb) 46{ 47 netdev_dbg(dev->net, "rndis status urb, len %d stat %d\n", 48 urb->actual_length, urb->status); 49 // FIXME for keepalives, respond immediately (asynchronously) 50 // if not an RNDIS status, do like cdc_status(dev,urb) does 51} 52EXPORT_SYMBOL_GPL(rndis_status); 53 54/* 55 * RNDIS indicate messages. 56 */ 57static void rndis_msg_indicate(struct usbnet *dev, struct rndis_indicate *msg, 58 int buflen) 59{ 60 struct cdc_state *info = (void *)&dev->data; 61 struct device *udev = &info->control->dev; 62 63 if (dev->driver_info->indication) { 64 dev->driver_info->indication(dev, msg, buflen); 65 } else { 66 u32 status = le32_to_cpu(msg->status); 67 68 switch (status) { 69 case RNDIS_STATUS_MEDIA_CONNECT: 70 dev_info(udev, "rndis media connect\n"); 71 break; 72 case RNDIS_STATUS_MEDIA_DISCONNECT: 73 dev_info(udev, "rndis media disconnect\n"); 74 break; 75 default: 76 dev_info(udev, "rndis indication: 0x%08x\n", status); 77 } 78 } 79} 80 81/* 82 * RPC done RNDIS-style. Caller guarantees: 83 * - message is properly byteswapped 84 * - there's no other request pending 85 * - buf can hold up to 1KB response (required by RNDIS spec) 86 * On return, the first few entries are already byteswapped. 87 * 88 * Call context is likely probe(), before interface name is known, 89 * which is why we won't try to use it in the diagnostics. 90 */ 91int rndis_command(struct usbnet *dev, struct rndis_msg_hdr *buf, int buflen) 92{ 93 struct cdc_state *info = (void *) &dev->data; 94 struct usb_cdc_notification notification; 95 int master_ifnum; 96 int retval; 97 int partial; 98 unsigned count; 99 u32 xid = 0, msg_len, request_id, msg_type, rsp, 100 status; 101 102 /* REVISIT when this gets called from contexts other than probe() or 103 * disconnect(): either serialize, or dispatch responses on xid 104 */ 105 106 msg_type = le32_to_cpu(buf->msg_type); 107 108 /* Issue the request; xid is unique, don't bother byteswapping it */ 109 if (likely(msg_type != RNDIS_MSG_HALT && msg_type != RNDIS_MSG_RESET)) { 110 xid = dev->xid++; 111 if (!xid) 112 xid = dev->xid++; 113 buf->request_id = (__force __le32) xid; 114 } 115 master_ifnum = info->control->cur_altsetting->desc.bInterfaceNumber; 116 retval = usb_control_msg(dev->udev, 117 usb_sndctrlpipe(dev->udev, 0), 118 USB_CDC_SEND_ENCAPSULATED_COMMAND, 119 USB_TYPE_CLASS | USB_RECIP_INTERFACE, 120 0, master_ifnum, 121 buf, le32_to_cpu(buf->msg_len), 122 RNDIS_CONTROL_TIMEOUT_MS); 123 if (unlikely(retval < 0 || xid == 0)) 124 return retval; 125 126 /* Some devices don't respond on the control channel until 127 * polled on the status channel, so do that first. */ 128 if (dev->driver_info->data & RNDIS_DRIVER_DATA_POLL_STATUS) { 129 retval = usb_interrupt_msg( 130 dev->udev, 131 usb_rcvintpipe(dev->udev, 132 dev->status->desc.bEndpointAddress), 133 ¬ification, sizeof(notification), &partial, 134 RNDIS_CONTROL_TIMEOUT_MS); 135 if (unlikely(retval < 0)) 136 return retval; 137 } 138 139 /* Poll the control channel; the request probably completed immediately */ 140 rsp = le32_to_cpu(buf->msg_type) | RNDIS_MSG_COMPLETION; 141 for (count = 0; count < 10; count++) { 142 memset(buf, 0, CONTROL_BUFFER_SIZE); 143 retval = usb_control_msg(dev->udev, 144 usb_rcvctrlpipe(dev->udev, 0), 145 USB_CDC_GET_ENCAPSULATED_RESPONSE, 146 USB_DIR_IN | USB_TYPE_CLASS | USB_RECIP_INTERFACE, 147 0, master_ifnum, 148 buf, buflen, 149 RNDIS_CONTROL_TIMEOUT_MS); 150 if (likely(retval >= 8)) { 151 msg_type = le32_to_cpu(buf->msg_type); 152 msg_len = le32_to_cpu(buf->msg_len); 153 status = le32_to_cpu(buf->status); 154 request_id = (__force u32) buf->request_id; 155 if (likely(msg_type == rsp)) { 156 if (likely(request_id == xid)) { 157 if (unlikely(rsp == RNDIS_MSG_RESET_C)) 158 return 0; 159 if (likely(RNDIS_STATUS_SUCCESS == 160 status)) 161 return 0; 162 dev_dbg(&info->control->dev, 163 "rndis reply status %08x\n", 164 status); 165 return -EL3RST; 166 } 167 dev_dbg(&info->control->dev, 168 "rndis reply id %d expected %d\n", 169 request_id, xid); 170 /* then likely retry */ 171 } else switch (msg_type) { 172 case RNDIS_MSG_INDICATE: /* fault/event */ 173 rndis_msg_indicate(dev, (void *)buf, buflen); 174 break; 175 case RNDIS_MSG_KEEPALIVE: { /* ping */ 176 struct rndis_keepalive_c *msg = (void *)buf; 177 178 msg->msg_type = cpu_to_le32(RNDIS_MSG_KEEPALIVE_C); 179 msg->msg_len = cpu_to_le32(sizeof *msg); 180 msg->status = cpu_to_le32(RNDIS_STATUS_SUCCESS); 181 retval = usb_control_msg(dev->udev, 182 usb_sndctrlpipe(dev->udev, 0), 183 USB_CDC_SEND_ENCAPSULATED_COMMAND, 184 USB_TYPE_CLASS | USB_RECIP_INTERFACE, 185 0, master_ifnum, 186 msg, sizeof *msg, 187 RNDIS_CONTROL_TIMEOUT_MS); 188 if (unlikely(retval < 0)) 189 dev_dbg(&info->control->dev, 190 "rndis keepalive err %d\n", 191 retval); 192 } 193 break; 194 default: 195 dev_dbg(&info->control->dev, 196 "unexpected rndis msg %08x len %d\n", 197 le32_to_cpu(buf->msg_type), msg_len); 198 } 199 } else { 200 /* device probably issued a protocol stall; ignore */ 201 dev_dbg(&info->control->dev, 202 "rndis response error, code %d\n", retval); 203 } 204 msleep(40); 205 } 206 dev_dbg(&info->control->dev, "rndis response timeout\n"); 207 return -ETIMEDOUT; 208} 209EXPORT_SYMBOL_GPL(rndis_command); 210 211/* 212 * rndis_query: 213 * 214 * Performs a query for @oid along with 0 or more bytes of payload as 215 * specified by @in_len. If @reply_len is not set to -1 then the reply 216 * length is checked against this value, resulting in an error if it 217 * doesn't match. 218 * 219 * NOTE: Adding a payload exactly or greater than the size of the expected 220 * response payload is an evident requirement MSFT added for ActiveSync. 221 * 222 * The only exception is for OIDs that return a variably sized response, 223 * in which case no payload should be added. This undocumented (and 224 * nonsensical!) issue was found by sniffing protocol requests from the 225 * ActiveSync 4.1 Windows driver. 226 */ 227static int rndis_query(struct usbnet *dev, struct usb_interface *intf, 228 void *buf, u32 oid, u32 in_len, 229 void **reply, int *reply_len) 230{ 231 int retval; 232 union { 233 void *buf; 234 struct rndis_msg_hdr *header; 235 struct rndis_query *get; 236 struct rndis_query_c *get_c; 237 } u; 238 u32 off, len; 239 240 u.buf = buf; 241 242 memset(u.get, 0, sizeof *u.get + in_len); 243 u.get->msg_type = cpu_to_le32(RNDIS_MSG_QUERY); 244 u.get->msg_len = cpu_to_le32(sizeof *u.get + in_len); 245 u.get->oid = cpu_to_le32(oid); 246 u.get->len = cpu_to_le32(in_len); 247 u.get->offset = cpu_to_le32(20); 248 249 retval = rndis_command(dev, u.header, CONTROL_BUFFER_SIZE); 250 if (unlikely(retval < 0)) { 251 dev_err(&intf->dev, "RNDIS_MSG_QUERY(0x%08x) failed, %d\n", 252 oid, retval); 253 return retval; 254 } 255 256 off = le32_to_cpu(u.get_c->offset); 257 len = le32_to_cpu(u.get_c->len); 258 if (unlikely((8 + off + len) > CONTROL_BUFFER_SIZE)) 259 goto response_error; 260 261 if (*reply_len != -1 && len != *reply_len) 262 goto response_error; 263 264 *reply = (unsigned char *) &u.get_c->request_id + off; 265 *reply_len = len; 266 267 return retval; 268 269response_error: 270 dev_err(&intf->dev, "RNDIS_MSG_QUERY(0x%08x) " 271 "invalid response - off %d len %d\n", 272 oid, off, len); 273 return -EDOM; 274} 275 276/* same as usbnet_netdev_ops but MTU change not allowed */ 277static const struct net_device_ops rndis_netdev_ops = { 278 .ndo_open = usbnet_open, 279 .ndo_stop = usbnet_stop, 280 .ndo_start_xmit = usbnet_start_xmit, 281 .ndo_tx_timeout = usbnet_tx_timeout, 282 .ndo_get_stats64 = dev_get_tstats64, 283 .ndo_set_mac_address = eth_mac_addr, 284 .ndo_validate_addr = eth_validate_addr, 285}; 286 287int 288generic_rndis_bind(struct usbnet *dev, struct usb_interface *intf, int flags) 289{ 290 int retval; 291 struct net_device *net = dev->net; 292 struct cdc_state *info = (void *) &dev->data; 293 union { 294 void *buf; 295 struct rndis_msg_hdr *header; 296 struct rndis_init *init; 297 struct rndis_init_c *init_c; 298 struct rndis_query *get; 299 struct rndis_query_c *get_c; 300 struct rndis_set *set; 301 struct rndis_set_c *set_c; 302 struct rndis_halt *halt; 303 } u; 304 u32 tmp; 305 __le32 phym_unspec, *phym; 306 int reply_len; 307 unsigned char *bp; 308 309 /* we can't rely on i/o from stack working, or stack allocation */ 310 u.buf = kmalloc(CONTROL_BUFFER_SIZE, GFP_KERNEL); 311 if (!u.buf) 312 return -ENOMEM; 313 retval = usbnet_generic_cdc_bind(dev, intf); 314 if (retval < 0) 315 goto fail; 316 317 u.init->msg_type = cpu_to_le32(RNDIS_MSG_INIT); 318 u.init->msg_len = cpu_to_le32(sizeof *u.init); 319 u.init->major_version = cpu_to_le32(1); 320 u.init->minor_version = cpu_to_le32(0); 321 322 /* max transfer (in spec) is 0x4000 at full speed, but for 323 * TX we'll stick to one Ethernet packet plus RNDIS framing. 324 * For RX we handle drivers that zero-pad to end-of-packet. 325 * Don't let userspace change these settings. 326 * 327 * NOTE: there still seems to be weirdness here, as if we need 328 * to do some more things to make sure WinCE targets accept this. 329 * They default to jumbograms of 8KB or 16KB, which is absurd 330 * for such low data rates and which is also more than Linux 331 * can usually expect to allocate for SKB data... 332 */ 333 net->hard_header_len += sizeof (struct rndis_data_hdr); 334 dev->hard_mtu = net->mtu + net->hard_header_len; 335 336 dev->maxpacket = usb_maxpacket(dev->udev, dev->out); 337 if (dev->maxpacket == 0) { 338 netif_dbg(dev, probe, dev->net, 339 "dev->maxpacket can't be 0\n"); 340 retval = -EINVAL; 341 goto fail_and_release; 342 } 343 344 dev->rx_urb_size = dev->hard_mtu + (dev->maxpacket + 1); 345 dev->rx_urb_size &= ~(dev->maxpacket - 1); 346 u.init->max_transfer_size = cpu_to_le32(dev->rx_urb_size); 347 348 net->netdev_ops = &rndis_netdev_ops; 349 350 retval = rndis_command(dev, u.header, CONTROL_BUFFER_SIZE); 351 if (unlikely(retval < 0)) { 352 /* it might not even be an RNDIS device!! */ 353 dev_err(&intf->dev, "RNDIS init failed, %d\n", retval); 354 goto fail_and_release; 355 } 356 tmp = le32_to_cpu(u.init_c->max_transfer_size); 357 if (tmp < dev->hard_mtu) { 358 if (tmp <= net->hard_header_len) { 359 dev_err(&intf->dev, 360 "dev can't take %u byte packets (max %u)\n", 361 dev->hard_mtu, tmp); 362 retval = -EINVAL; 363 goto halt_fail_and_release; 364 } 365 dev_warn(&intf->dev, 366 "dev can't take %u byte packets (max %u), " 367 "adjusting MTU to %u\n", 368 dev->hard_mtu, tmp, tmp - net->hard_header_len); 369 dev->hard_mtu = tmp; 370 net->mtu = dev->hard_mtu - net->hard_header_len; 371 } 372 373 /* REVISIT: peripheral "alignment" request is ignored ... */ 374 dev_dbg(&intf->dev, 375 "hard mtu %u (%u from dev), rx buflen %zu, align %d\n", 376 dev->hard_mtu, tmp, dev->rx_urb_size, 377 1 << le32_to_cpu(u.init_c->packet_alignment)); 378 379 /* module has some device initialization code needs to be done right 380 * after RNDIS_INIT */ 381 if (dev->driver_info->early_init && 382 dev->driver_info->early_init(dev) != 0) 383 goto halt_fail_and_release; 384 385 /* Check physical medium */ 386 phym = NULL; 387 reply_len = sizeof *phym; 388 retval = rndis_query(dev, intf, u.buf, 389 RNDIS_OID_GEN_PHYSICAL_MEDIUM, 390 reply_len, (void **)&phym, &reply_len); 391 if (retval != 0 || !phym) { 392 /* OID is optional so don't fail here. */ 393 phym_unspec = cpu_to_le32(RNDIS_PHYSICAL_MEDIUM_UNSPECIFIED); 394 phym = &phym_unspec; 395 } 396 if ((flags & FLAG_RNDIS_PHYM_WIRELESS) && 397 le32_to_cpup(phym) != RNDIS_PHYSICAL_MEDIUM_WIRELESS_LAN) { 398 netif_dbg(dev, probe, dev->net, 399 "driver requires wireless physical medium, but device is not\n"); 400 retval = -ENODEV; 401 goto halt_fail_and_release; 402 } 403 if ((flags & FLAG_RNDIS_PHYM_NOT_WIRELESS) && 404 le32_to_cpup(phym) == RNDIS_PHYSICAL_MEDIUM_WIRELESS_LAN) { 405 netif_dbg(dev, probe, dev->net, 406 "driver requires non-wireless physical medium, but device is wireless.\n"); 407 retval = -ENODEV; 408 goto halt_fail_and_release; 409 } 410 411 /* Get designated host ethernet address */ 412 reply_len = ETH_ALEN; 413 retval = rndis_query(dev, intf, u.buf, 414 RNDIS_OID_802_3_PERMANENT_ADDRESS, 415 48, (void **) &bp, &reply_len); 416 if (unlikely(retval< 0)) { 417 dev_err(&intf->dev, "rndis get ethaddr, %d\n", retval); 418 goto halt_fail_and_release; 419 } 420 421 eth_hw_addr_set(net, bp); 422 423 /* set a nonzero filter to enable data transfers */ 424 memset(u.set, 0, sizeof *u.set); 425 u.set->msg_type = cpu_to_le32(RNDIS_MSG_SET); 426 u.set->msg_len = cpu_to_le32(4 + sizeof *u.set); 427 u.set->oid = cpu_to_le32(RNDIS_OID_GEN_CURRENT_PACKET_FILTER); 428 u.set->len = cpu_to_le32(4); 429 u.set->offset = cpu_to_le32((sizeof *u.set) - 8); 430 *(__le32 *)(u.buf + sizeof *u.set) = cpu_to_le32(RNDIS_DEFAULT_FILTER); 431 432 retval = rndis_command(dev, u.header, CONTROL_BUFFER_SIZE); 433 if (unlikely(retval < 0)) { 434 dev_err(&intf->dev, "rndis set packet filter, %d\n", retval); 435 goto halt_fail_and_release; 436 } 437 438 retval = 0; 439 440 kfree(u.buf); 441 return retval; 442 443halt_fail_and_release: 444 memset(u.halt, 0, sizeof *u.halt); 445 u.halt->msg_type = cpu_to_le32(RNDIS_MSG_HALT); 446 u.halt->msg_len = cpu_to_le32(sizeof *u.halt); 447 (void) rndis_command(dev, (void *)u.halt, CONTROL_BUFFER_SIZE); 448fail_and_release: 449 usb_set_intfdata(info->data, NULL); 450 usb_driver_release_interface(driver_of(intf), info->data); 451 info->data = NULL; 452fail: 453 kfree(u.buf); 454 return retval; 455} 456EXPORT_SYMBOL_GPL(generic_rndis_bind); 457 458static int rndis_bind(struct usbnet *dev, struct usb_interface *intf) 459{ 460 return generic_rndis_bind(dev, intf, FLAG_RNDIS_PHYM_NOT_WIRELESS); 461} 462 463static int zte_rndis_bind(struct usbnet *dev, struct usb_interface *intf) 464{ 465 int status = rndis_bind(dev, intf); 466 467 if (!status && (dev->net->dev_addr[0] & 0x02)) 468 eth_hw_addr_random(dev->net); 469 470 return status; 471} 472 473void rndis_unbind(struct usbnet *dev, struct usb_interface *intf) 474{ 475 struct rndis_halt *halt; 476 477 /* try to clear any rndis state/activity (no i/o from stack!) */ 478 halt = kzalloc(CONTROL_BUFFER_SIZE, GFP_KERNEL); 479 if (halt) { 480 halt->msg_type = cpu_to_le32(RNDIS_MSG_HALT); 481 halt->msg_len = cpu_to_le32(sizeof *halt); 482 (void) rndis_command(dev, (void *)halt, CONTROL_BUFFER_SIZE); 483 kfree(halt); 484 } 485 486 usbnet_cdc_unbind(dev, intf); 487} 488EXPORT_SYMBOL_GPL(rndis_unbind); 489 490/* 491 * DATA -- host must not write zlps 492 */ 493int rndis_rx_fixup(struct usbnet *dev, struct sk_buff *skb) 494{ 495 bool dst_mac_fixup; 496 497 /* This check is no longer done by usbnet */ 498 if (skb->len < dev->net->hard_header_len) 499 return 0; 500 501 dst_mac_fixup = !!(dev->driver_info->data & RNDIS_DRIVER_DATA_DST_MAC_FIXUP); 502 503 /* peripheral may have batched packets to us... */ 504 while (likely(skb->len)) { 505 struct rndis_data_hdr *hdr = (void *)skb->data; 506 struct sk_buff *skb2; 507 u32 msg_type, msg_len, data_offset, data_len; 508 509 msg_type = le32_to_cpu(hdr->msg_type); 510 msg_len = le32_to_cpu(hdr->msg_len); 511 data_offset = le32_to_cpu(hdr->data_offset); 512 data_len = le32_to_cpu(hdr->data_len); 513 514 /* don't choke if we see oob, per-packet data, etc */ 515 if (unlikely(msg_type != RNDIS_MSG_PACKET || skb->len < msg_len 516 || (data_offset + data_len + 8) > msg_len)) { 517 dev->net->stats.rx_frame_errors++; 518 netdev_dbg(dev->net, "bad rndis message %d/%d/%d/%d, len %d\n", 519 le32_to_cpu(hdr->msg_type), 520 msg_len, data_offset, data_len, skb->len); 521 return 0; 522 } 523 skb_pull(skb, 8 + data_offset); 524 525 /* at most one packet left? */ 526 if (likely((data_len - skb->len) <= sizeof *hdr)) { 527 skb_trim(skb, data_len); 528 break; 529 } 530 531 /* try to return all the packets in the batch */ 532 skb2 = skb_clone(skb, GFP_ATOMIC); 533 if (unlikely(!skb2)) 534 break; 535 skb_pull(skb, msg_len - sizeof *hdr); 536 skb_trim(skb2, data_len); 537 538 if (unlikely(dst_mac_fixup)) 539 usbnet_cdc_zte_rx_fixup(dev, skb2); 540 541 usbnet_skb_return(dev, skb2); 542 } 543 544 /* caller will usbnet_skb_return the remaining packet */ 545 if (unlikely(dst_mac_fixup)) 546 usbnet_cdc_zte_rx_fixup(dev, skb); 547 548 return 1; 549} 550EXPORT_SYMBOL_GPL(rndis_rx_fixup); 551 552struct sk_buff * 553rndis_tx_fixup(struct usbnet *dev, struct sk_buff *skb, gfp_t flags) 554{ 555 struct rndis_data_hdr *hdr; 556 struct sk_buff *skb2; 557 unsigned len = skb->len; 558 559 if (likely(!skb_cloned(skb))) { 560 int room = skb_headroom(skb); 561 562 /* enough head room as-is? */ 563 if (unlikely((sizeof *hdr) <= room)) 564 goto fill; 565 566 /* enough room, but needs to be readjusted? */ 567 room += skb_tailroom(skb); 568 if (likely((sizeof *hdr) <= room)) { 569 skb->data = memmove(skb->head + sizeof *hdr, 570 skb->data, len); 571 skb_set_tail_pointer(skb, len); 572 goto fill; 573 } 574 } 575 576 /* create a new skb, with the correct size (and tailpad) */ 577 skb2 = skb_copy_expand(skb, sizeof *hdr, 1, flags); 578 dev_kfree_skb_any(skb); 579 if (unlikely(!skb2)) 580 return skb2; 581 skb = skb2; 582 583 /* fill out the RNDIS header. we won't bother trying to batch 584 * packets; Linux minimizes wasted bandwidth through tx queues. 585 */ 586fill: 587 hdr = __skb_push(skb, sizeof *hdr); 588 memset(hdr, 0, sizeof *hdr); 589 hdr->msg_type = cpu_to_le32(RNDIS_MSG_PACKET); 590 hdr->msg_len = cpu_to_le32(skb->len); 591 hdr->data_offset = cpu_to_le32(sizeof(*hdr) - 8); 592 hdr->data_len = cpu_to_le32(len); 593 594 /* FIXME make the last packet always be short ... */ 595 return skb; 596} 597EXPORT_SYMBOL_GPL(rndis_tx_fixup); 598 599 600static const struct driver_info rndis_info = { 601 .description = "RNDIS device", 602 .flags = FLAG_ETHER | FLAG_POINTTOPOINT | FLAG_FRAMING_RN | FLAG_NO_SETINT, 603 .bind = rndis_bind, 604 .unbind = rndis_unbind, 605 .status = rndis_status, 606 .rx_fixup = rndis_rx_fixup, 607 .tx_fixup = rndis_tx_fixup, 608}; 609 610static const struct driver_info rndis_poll_status_info = { 611 .description = "RNDIS device (poll status before control)", 612 .flags = FLAG_ETHER | FLAG_POINTTOPOINT | FLAG_FRAMING_RN | FLAG_NO_SETINT, 613 .data = RNDIS_DRIVER_DATA_POLL_STATUS, 614 .bind = rndis_bind, 615 .unbind = rndis_unbind, 616 .status = rndis_status, 617 .rx_fixup = rndis_rx_fixup, 618 .tx_fixup = rndis_tx_fixup, 619}; 620 621static const struct driver_info zte_rndis_info = { 622 .description = "ZTE RNDIS device", 623 .flags = FLAG_ETHER | FLAG_POINTTOPOINT | FLAG_FRAMING_RN | FLAG_NO_SETINT, 624 .data = RNDIS_DRIVER_DATA_DST_MAC_FIXUP, 625 .bind = zte_rndis_bind, 626 .unbind = rndis_unbind, 627 .status = rndis_status, 628 .rx_fixup = rndis_rx_fixup, 629 .tx_fixup = rndis_tx_fixup, 630}; 631 632/*-------------------------------------------------------------------------*/ 633 634static const struct usb_device_id products [] = { 635{ 636 /* 2Wire HomePortal 1000SW */ 637 USB_DEVICE_AND_INTERFACE_INFO(0x1630, 0x0042, 638 USB_CLASS_COMM, 2 /* ACM */, 0x0ff), 639 .driver_info = (unsigned long) &rndis_poll_status_info, 640}, { 641 /* Hytera Communications DMR radios' "Radio to PC Network" */ 642 USB_VENDOR_AND_INTERFACE_INFO(0x238b, 643 USB_CLASS_COMM, 2 /* ACM */, 0x0ff), 644 .driver_info = (unsigned long)&rndis_info, 645}, { 646 /* ZTE WWAN modules */ 647 USB_VENDOR_AND_INTERFACE_INFO(0x19d2, 648 USB_CLASS_WIRELESS_CONTROLLER, 1, 3), 649 .driver_info = (unsigned long)&zte_rndis_info, 650}, { 651 /* ZTE WWAN modules, ACM flavour */ 652 USB_VENDOR_AND_INTERFACE_INFO(0x19d2, 653 USB_CLASS_COMM, 2 /* ACM */, 0x0ff), 654 .driver_info = (unsigned long)&zte_rndis_info, 655}, { 656 /* RNDIS is MSFT's un-official variant of CDC ACM */ 657 USB_INTERFACE_INFO(USB_CLASS_COMM, 2 /* ACM */, 0x0ff), 658 .driver_info = (unsigned long) &rndis_info, 659}, { 660 /* "ActiveSync" is an undocumented variant of RNDIS, used in WM5 */ 661 USB_INTERFACE_INFO(USB_CLASS_MISC, 1, 1), 662 .driver_info = (unsigned long) &rndis_poll_status_info, 663}, { 664 /* RNDIS for tethering */ 665 USB_INTERFACE_INFO(USB_CLASS_WIRELESS_CONTROLLER, 1, 3), 666 .driver_info = (unsigned long) &rndis_info, 667}, { 668 /* Novatel Verizon USB730L */ 669 USB_INTERFACE_INFO(USB_CLASS_MISC, 4, 1), 670 .driver_info = (unsigned long) &rndis_info, 671}, 672 { }, // END 673}; 674MODULE_DEVICE_TABLE(usb, products); 675 676static struct usb_driver rndis_driver = { 677 .name = "rndis_host", 678 .id_table = products, 679 .probe = usbnet_probe, 680 .disconnect = usbnet_disconnect, 681 .suspend = usbnet_suspend, 682 .resume = usbnet_resume, 683 .disable_hub_initiated_lpm = 1, 684}; 685 686module_usb_driver(rndis_driver); 687 688MODULE_AUTHOR("David Brownell"); 689MODULE_DESCRIPTION("USB Host side RNDIS driver"); 690MODULE_LICENSE("GPL");