usb: gadget: udc: core: Prevent soft_connect_store() race

 * @allow_connect: Indicates whether UDC is allowed to be pulled up.

 * Set/cleared by gadget_(un)bind_driver() after gadget driver is bound or

 * unbound.

 * @connect_lock: protects udc->started, gadget->connect,

 * gadget->allow_connect and gadget->deactivate. The routines

 * usb_gadget_connect_locked(), usb_gadget_disconnect_locked(),

 * usb_udc_connect_control_locked(), usb_gadget_udc_start_locked() and

 * usb_gadget_udc_stop_locked() are called with this lock held.

 *

 * This represents the internal data structure which is used by the UDC-class

 * to hold information about udc driver and gadget together.

	bool				started;

	bool				allow_connect;

	struct work_struct		vbus_work;

	struct mutex			connect_lock;

};

static struct class *udc_class;

}

EXPORT_SYMBOL_GPL(usb_gadget_vbus_disconnect);

/**

 * usb_gadget_connect - software-controlled connect to USB host

 * @gadget:the peripheral being connected

 *

 * Enables the D+ (or potentially D-) pullup.  The host will start

 * enumerating this gadget when the pullup is active and a VBUS session

 * is active (the link is powered).

 *

 * Returns zero on success, else negative errno.

 */

int usb_gadget_connect(struct usb_gadget *gadget)

static int usb_gadget_connect_locked(struct usb_gadget *gadget)

	__must_hold(&gadget->udc->connect_lock)

{

	int ret = 0;

		goto out;

	}

	if (gadget->deactivated || !gadget->udc->allow_connect) {

	if (gadget->deactivated || !gadget->udc->allow_connect || !gadget->udc->started) {

		/*

		 * If gadget is deactivated we only save new state.

		 * Gadget will be connected automatically after activation.

		 * If the gadget isn't usable (because it is deactivated,

		 * unbound, or not yet started), we only save the new state.

		 * The gadget will be connected automatically when it is

		 * activated/bound/started.

		 */

		gadget->connected = true;

		goto out;

	return ret;

}

EXPORT_SYMBOL_GPL(usb_gadget_connect);

/**

 * usb_gadget_disconnect - software-controlled disconnect from USB host

 * @gadget:the peripheral being disconnected

 *

 * Disables the D+ (or potentially D-) pullup, which the host may see

 * as a disconnect (when a VBUS session is active).  Not all systems

 * support software pullup controls.

 * usb_gadget_connect - software-controlled connect to USB host

 * @gadget:the peripheral being connected

 *

 * Following a successful disconnect, invoke the ->disconnect() callback

 * for the current gadget driver so that UDC drivers don't need to.

 * Enables the D+ (or potentially D-) pullup.  The host will start

 * enumerating this gadget when the pullup is active and a VBUS session

 * is active (the link is powered).

 *

 * Returns zero on success, else negative errno.

 */

int usb_gadget_disconnect(struct usb_gadget *gadget)

int usb_gadget_connect(struct usb_gadget *gadget)

{

	int ret;

	mutex_lock(&gadget->udc->connect_lock);

	ret = usb_gadget_connect_locked(gadget);

	mutex_unlock(&gadget->udc->connect_lock);

	return ret;

}

EXPORT_SYMBOL_GPL(usb_gadget_connect);

static int usb_gadget_disconnect_locked(struct usb_gadget *gadget)

	__must_hold(&gadget->udc->connect_lock)

{

	int ret = 0;

	if (!gadget->connected)

		goto out;

	if (gadget->deactivated) {

	if (gadget->deactivated || !gadget->udc->started) {

		/*

		 * If gadget is deactivated we only save new state.

		 * Gadget will stay disconnected after activation.

	return ret;

}

/**

 * usb_gadget_disconnect - software-controlled disconnect from USB host

 * @gadget:the peripheral being disconnected

 *

 * Disables the D+ (or potentially D-) pullup, which the host may see

 * as a disconnect (when a VBUS session is active).  Not all systems

 * support software pullup controls.

 *

 * Following a successful disconnect, invoke the ->disconnect() callback

 * for the current gadget driver so that UDC drivers don't need to.

 *

 * Returns zero on success, else negative errno.

 */

int usb_gadget_disconnect(struct usb_gadget *gadget)

{

	int ret;

	mutex_lock(&gadget->udc->connect_lock);

	ret = usb_gadget_disconnect_locked(gadget);

	mutex_unlock(&gadget->udc->connect_lock);

	return ret;

}

EXPORT_SYMBOL_GPL(usb_gadget_disconnect);

/**

{

	int ret = 0;

	mutex_lock(&gadget->udc->connect_lock);

	if (gadget->deactivated)

		goto out;

		goto unlock;

	if (gadget->connected) {

		ret = usb_gadget_disconnect(gadget);

		ret = usb_gadget_disconnect_locked(gadget);

		if (ret)

			goto out;

			goto unlock;

		/*

		 * If gadget was being connected before deactivation, we want

	}

	gadget->deactivated = true;

out:

unlock:

	mutex_unlock(&gadget->udc->connect_lock);

	trace_usb_gadget_deactivate(gadget, ret);

	return ret;

{

	int ret = 0;

	mutex_lock(&gadget->udc->connect_lock);

	if (!gadget->deactivated)

		goto out;

		goto unlock;

	gadget->deactivated = false;

	 * while it was being deactivated, we call usb_gadget_connect().

	 */

	if (gadget->connected)

		ret = usb_gadget_connect(gadget);

		ret = usb_gadget_connect_locked(gadget);

	mutex_unlock(&gadget->udc->connect_lock);

out:

unlock:

	mutex_unlock(&gadget->udc->connect_lock);

	trace_usb_gadget_activate(gadget, ret);

	return ret;

/* ------------------------------------------------------------------------- */

static void usb_udc_connect_control(struct usb_udc *udc)

/* Acquire connect_lock before calling this function. */

static void usb_udc_connect_control_locked(struct usb_udc *udc) __must_hold(&udc->connect_lock)

{

	if (udc->vbus)

		usb_gadget_connect(udc->gadget);

		usb_gadget_connect_locked(udc->gadget);

	else

		usb_gadget_disconnect(udc->gadget);

		usb_gadget_disconnect_locked(udc->gadget);

}

static void vbus_event_work(struct work_struct *work)

{

	struct usb_udc *udc = container_of(work, struct usb_udc, vbus_work);

	usb_udc_connect_control(udc);

	mutex_lock(&udc->connect_lock);

	usb_udc_connect_control_locked(udc);

	mutex_unlock(&udc->connect_lock);

}

/**

EXPORT_SYMBOL_GPL(usb_gadget_udc_reset);

/**

 * usb_gadget_udc_start - tells usb device controller to start up

 * usb_gadget_udc_start_locked - tells usb device controller to start up

 * @udc: The UDC to be started

 *

 * This call is issued by the UDC Class driver when it's about

 * necessary to have it powered on.

 *

 * Returns zero on success, else negative errno.

 *

 * Caller should acquire connect_lock before invoking this function.

 */

static inline int usb_gadget_udc_start(struct usb_udc *udc)

static inline int usb_gadget_udc_start_locked(struct usb_udc *udc)

	__must_hold(&udc->connect_lock)

{

	int ret;

}

/**

 * usb_gadget_udc_stop - tells usb device controller we don't need it anymore

 * usb_gadget_udc_stop_locked - tells usb device controller we don't need it anymore

 * @udc: The UDC to be stopped

 *

 * This call is issued by the UDC Class driver after calling

 * The details are implementation specific, but it can go as

 * far as powering off UDC completely and disable its data

 * line pullups.

 *

 * Caller should acquire connect lock before invoking this function.

 */

static inline void usb_gadget_udc_stop(struct usb_udc *udc)

static inline void usb_gadget_udc_stop_locked(struct usb_udc *udc)

	__must_hold(&udc->connect_lock)

{

	if (!udc->started) {

		dev_err(&udc->dev, "UDC had already stopped\n");

	udc->gadget = gadget;

	gadget->udc = udc;

	mutex_init(&udc->connect_lock);

	udc->started = false;

	if (ret)

		goto err_bind;

	ret = usb_gadget_udc_start(udc);

	if (ret)

	mutex_lock(&udc->connect_lock);

	ret = usb_gadget_udc_start_locked(udc);

	if (ret) {

		mutex_unlock(&udc->connect_lock);

		goto err_start;

	}

	usb_gadget_enable_async_callbacks(udc);

	udc->allow_connect = true;

	usb_udc_connect_control(udc);

	usb_udc_connect_control_locked(udc);

	mutex_unlock(&udc->connect_lock);

	kobject_uevent(&udc->dev.kobj, KOBJ_CHANGE);

	return 0;

	udc->allow_connect = false;

	cancel_work_sync(&udc->vbus_work);

	usb_gadget_disconnect(gadget);

	mutex_lock(&udc->connect_lock);

	usb_gadget_disconnect_locked(gadget);

	usb_gadget_disable_async_callbacks(udc);

	if (gadget->irq)

		synchronize_irq(gadget->irq);

	udc->driver->unbind(gadget);

	usb_gadget_udc_stop(udc);

	usb_gadget_udc_stop_locked(udc);

	mutex_unlock(&udc->connect_lock);

	mutex_lock(&udc_lock);

	driver->is_bound = false;

	}

	if (sysfs_streq(buf, "connect")) {

		usb_gadget_udc_start(udc);

		usb_gadget_connect(udc->gadget);

		mutex_lock(&udc->connect_lock);

		usb_gadget_udc_start_locked(udc);

		usb_gadget_connect_locked(udc->gadget);

		mutex_unlock(&udc->connect_lock);

	} else if (sysfs_streq(buf, "disconnect")) {

		usb_gadget_disconnect(udc->gadget);

		usb_gadget_udc_stop(udc);

		mutex_lock(&udc->connect_lock);

		usb_gadget_disconnect_locked(udc->gadget);

		usb_gadget_udc_stop_locked(udc);

		mutex_unlock(&udc->connect_lock);

	} else {

		dev_err(dev, "unsupported command '%s'\n", buf);

		ret = -EINVAL;