X-Git-Url: http://ftp.safe.ca/?a=blobdiff_plain;f=drivers%2Finput%2Fevdev.c;h=2ee6c7a68bdccf4c9cf6c330f824d341f0a69302;hb=31dd6a2672e337f5de188df3e5169ee732798236;hp=a4696cd0978ca68c436ad37ceaa66252b4464b68;hpb=c9bcd582dfeec845b83bc948a430c9958bf839e6;p=safe%2Fjmp%2Flinux-2.6

diff --git a/drivers/input/evdev.c b/drivers/input/evdev.c
index a4696cd..2ee6c7a 100644
--- a/drivers/input/evdev.c
+++ b/drivers/input/evdev.c
@@ -13,711 +13,858 @@
 #define EVDEV_BUFFER_SIZE	64
 
 #include <linux/poll.h>
+#include <linux/sched.h>
 #include <linux/slab.h>
 #include <linux/module.h>
 #include <linux/init.h>
 #include <linux/input.h>
 #include <linux/major.h>
-#include <linux/smp_lock.h>
 #include <linux/device.h>
-#include <linux/compat.h>
+#include "input-compat.h"
 
 struct evdev {
 	int exist;
 	int open;
 	int minor;
-	char name[16];
 	struct input_handle handle;
 	wait_queue_head_t wait;
-	struct evdev_list *grab;
-	struct list_head list;
+	struct evdev_client *grab;
+	struct list_head client_list;
+	spinlock_t client_lock; /* protects client_list */
+	struct mutex mutex;
+	struct device dev;
 };
 
-struct evdev_list {
+struct evdev_client {
 	struct input_event buffer[EVDEV_BUFFER_SIZE];
 	int head;
 	int tail;
+	spinlock_t buffer_lock; /* protects access to buffer, head and tail */
 	struct fasync_struct *fasync;
 	struct evdev *evdev;
 	struct list_head node;
 };
 
 static struct evdev *evdev_table[EVDEV_MINORS];
+static DEFINE_MUTEX(evdev_table_mutex);
 
-static void evdev_event(struct input_handle *handle, unsigned int type, unsigned int code, int value)
+static void evdev_pass_event(struct evdev_client *client,
+			     struct input_event *event)
 {
-	struct evdev *evdev = handle->private;
-	struct evdev_list *list;
+	/*
+	 * Interrupts are disabled, just acquire the lock
+	 */
+	spin_lock(&client->buffer_lock);
+	client->buffer[client->head++] = *event;
+	client->head &= EVDEV_BUFFER_SIZE - 1;
+	spin_unlock(&client->buffer_lock);
+
+	if (event->type == EV_SYN)
+		kill_fasync(&client->fasync, SIGIO, POLL_IN);
+}
 
-	if (evdev->grab) {
-		list = evdev->grab;
+/*
+ * Pass incoming event to all connected clients.
+ */
+static void evdev_event(struct input_handle *handle,
+			unsigned int type, unsigned int code, int value)
+{
+	struct evdev *evdev = handle->private;
+	struct evdev_client *client;
+	struct input_event event;
 
-		do_gettimeofday(&list->buffer[list->head].time);
-		list->buffer[list->head].type = type;
-		list->buffer[list->head].code = code;
-		list->buffer[list->head].value = value;
-		list->head = (list->head + 1) & (EVDEV_BUFFER_SIZE - 1);
+	do_gettimeofday(&event.time);
+	event.type = type;
+	event.code = code;
+	event.value = value;
 
-		kill_fasync(&list->fasync, SIGIO, POLL_IN);
-	} else
-		list_for_each_entry(list, &evdev->list, node) {
+	rcu_read_lock();
 
-			do_gettimeofday(&list->buffer[list->head].time);
-			list->buffer[list->head].type = type;
-			list->buffer[list->head].code = code;
-			list->buffer[list->head].value = value;
-			list->head = (list->head + 1) & (EVDEV_BUFFER_SIZE - 1);
+	client = rcu_dereference(evdev->grab);
+	if (client)
+		evdev_pass_event(client, &event);
+	else
+		list_for_each_entry_rcu(client, &evdev->client_list, node)
+			evdev_pass_event(client, &event);
 
-			kill_fasync(&list->fasync, SIGIO, POLL_IN);
-		}
+	rcu_read_unlock();
 
 	wake_up_interruptible(&evdev->wait);
 }
 
 static int evdev_fasync(int fd, struct file *file, int on)
 {
-	int retval;
-	struct evdev_list *list = file->private_data;
-	retval = fasync_helper(fd, file, on, &list->fasync);
-	return retval < 0 ? retval : 0;
+	struct evdev_client *client = file->private_data;
+
+	return fasync_helper(fd, file, on, &client->fasync);
 }
 
-static int evdev_flush(struct file * file)
+static int evdev_flush(struct file *file, fl_owner_t id)
 {
-	struct evdev_list *list = file->private_data;
-	if (!list->evdev->exist) return -ENODEV;
-	return input_flush_device(&list->evdev->handle, file);
+	struct evdev_client *client = file->private_data;
+	struct evdev *evdev = client->evdev;
+	int retval;
+
+	retval = mutex_lock_interruptible(&evdev->mutex);
+	if (retval)
+		return retval;
+
+	if (!evdev->exist)
+		retval = -ENODEV;
+	else
+		retval = input_flush_device(&evdev->handle, file);
+
+	mutex_unlock(&evdev->mutex);
+	return retval;
 }
 
-static void evdev_free(struct evdev *evdev)
+static void evdev_free(struct device *dev)
 {
-	evdev_table[evdev->minor] = NULL;
+	struct evdev *evdev = container_of(dev, struct evdev, dev);
+
+	input_put_device(evdev->handle.dev);
 	kfree(evdev);
 }
 
-static int evdev_release(struct inode * inode, struct file * file)
+/*
+ * Grabs an event device (along with underlying input device).
+ * This function is called with evdev->mutex taken.
+ */
+static int evdev_grab(struct evdev *evdev, struct evdev_client *client)
 {
-	struct evdev_list *list = file->private_data;
+	int error;
 
-	if (list->evdev->grab == list) {
-		input_release_device(&list->evdev->handle);
-		list->evdev->grab = NULL;
-	}
+	if (evdev->grab)
+		return -EBUSY;
 
-	evdev_fasync(-1, file, 0);
-	list_del(&list->node);
+	error = input_grab_device(&evdev->handle);
+	if (error)
+		return error;
 
-	if (!--list->evdev->open) {
-		if (list->evdev->exist)
-			input_close_device(&list->evdev->handle);
-		else
-			evdev_free(list->evdev);
-	}
+	rcu_assign_pointer(evdev->grab, client);
+	synchronize_rcu();
 
-	kfree(list);
 	return 0;
 }
 
-static int evdev_open(struct inode * inode, struct file * file)
+static int evdev_ungrab(struct evdev *evdev, struct evdev_client *client)
 {
-	struct evdev_list *list;
-	int i = iminor(inode) - EVDEV_MINOR_BASE;
-	int accept_err;
+	if (evdev->grab != client)
+		return  -EINVAL;
 
-	if (i >= EVDEV_MINORS || !evdev_table[i] || !evdev_table[i]->exist)
-		return -ENODEV;
+	rcu_assign_pointer(evdev->grab, NULL);
+	synchronize_rcu();
+	input_release_device(&evdev->handle);
 
-	if ((accept_err = input_accept_process(&(evdev_table[i]->handle), file)))
-		return accept_err;
+	return 0;
+}
 
-	if (!(list = kmalloc(sizeof(struct evdev_list), GFP_KERNEL)))
-		return -ENOMEM;
-	memset(list, 0, sizeof(struct evdev_list));
+static void evdev_attach_client(struct evdev *evdev,
+				struct evdev_client *client)
+{
+	spin_lock(&evdev->client_lock);
+	list_add_tail_rcu(&client->node, &evdev->client_list);
+	spin_unlock(&evdev->client_lock);
+	synchronize_rcu();
+}
+
+static void evdev_detach_client(struct evdev *evdev,
+				struct evdev_client *client)
+{
+	spin_lock(&evdev->client_lock);
+	list_del_rcu(&client->node);
+	spin_unlock(&evdev->client_lock);
+	synchronize_rcu();
+}
 
-	list->evdev = evdev_table[i];
-	list_add_tail(&list->node, &evdev_table[i]->list);
-	file->private_data = list;
+static int evdev_open_device(struct evdev *evdev)
+{
+	int retval;
 
-	if (!list->evdev->open++)
-		if (list->evdev->exist)
-			input_open_device(&list->evdev->handle);
+	retval = mutex_lock_interruptible(&evdev->mutex);
+	if (retval)
+		return retval;
 
-	return 0;
+	if (!evdev->exist)
+		retval = -ENODEV;
+	else if (!evdev->open++) {
+		retval = input_open_device(&evdev->handle);
+		if (retval)
+			evdev->open--;
+	}
+
+	mutex_unlock(&evdev->mutex);
+	return retval;
 }
 
-#ifdef CONFIG_COMPAT
-struct input_event_compat {
-	struct compat_timeval time;
-	__u16 type;
-	__u16 code;
-	__s32 value;
-};
+static void evdev_close_device(struct evdev *evdev)
+{
+	mutex_lock(&evdev->mutex);
 
-#ifdef CONFIG_X86_64
-#  define COMPAT_TEST test_thread_flag(TIF_IA32)
-#elif defined(CONFIG_IA64)
-#  define COMPAT_TEST IS_IA32_PROCESS(ia64_task_regs(current))
-#elif defined(CONFIG_ARCH_S390)
-#  define COMPAT_TEST test_thread_flag(TIF_31BIT)
-#elif defined(CONFIG_MIPS)
-#  define COMPAT_TEST (current->thread.mflags & MF_32BIT_ADDR)
-#else
-#  define COMPAT_TEST test_thread_flag(TIF_32BIT)
-#endif
+	if (evdev->exist && !--evdev->open)
+		input_close_device(&evdev->handle);
+
+	mutex_unlock(&evdev->mutex);
+}
 
-static ssize_t evdev_write_compat(struct file * file, const char __user * buffer, size_t count, loff_t *ppos)
+/*
+ * Wake up users waiting for IO so they can disconnect from
+ * dead device.
+ */
+static void evdev_hangup(struct evdev *evdev)
 {
-	struct evdev_list *list = file->private_data;
-	struct input_event_compat event;
-	int retval = 0;
+	struct evdev_client *client;
 
-	while (retval < count) {
-		if (copy_from_user(&event, buffer + retval, sizeof(struct input_event_compat)))
-			return -EFAULT;
-		input_event(list->evdev->handle.dev, event.type, event.code, event.value);
-		retval += sizeof(struct input_event_compat);
+	spin_lock(&evdev->client_lock);
+	list_for_each_entry(client, &evdev->client_list, node)
+		kill_fasync(&client->fasync, SIGIO, POLL_HUP);
+	spin_unlock(&evdev->client_lock);
+
+	wake_up_interruptible(&evdev->wait);
+}
+
+static int evdev_release(struct inode *inode, struct file *file)
+{
+	struct evdev_client *client = file->private_data;
+	struct evdev *evdev = client->evdev;
+
+	mutex_lock(&evdev->mutex);
+	if (evdev->grab == client)
+		evdev_ungrab(evdev, client);
+	mutex_unlock(&evdev->mutex);
+
+	evdev_detach_client(evdev, client);
+	kfree(client);
+
+	evdev_close_device(evdev);
+	put_device(&evdev->dev);
+
+	return 0;
+}
+
+static int evdev_open(struct inode *inode, struct file *file)
+{
+	struct evdev *evdev;
+	struct evdev_client *client;
+	int i = iminor(inode) - EVDEV_MINOR_BASE;
+	int error;
+
+	if (i >= EVDEV_MINORS)
+		return -ENODEV;
+
+	error = mutex_lock_interruptible(&evdev_table_mutex);
+	if (error)
+		return error;
+	evdev = evdev_table[i];
+	if (evdev)
+		get_device(&evdev->dev);
+	mutex_unlock(&evdev_table_mutex);
+
+	if (!evdev)
+		return -ENODEV;
+
+	client = kzalloc(sizeof(struct evdev_client), GFP_KERNEL);
+	if (!client) {
+		error = -ENOMEM;
+		goto err_put_evdev;
 	}
 
-	return retval;
+	spin_lock_init(&client->buffer_lock);
+	client->evdev = evdev;
+	evdev_attach_client(evdev, client);
+
+	error = evdev_open_device(evdev);
+	if (error)
+		goto err_free_client;
+
+	file->private_data = client;
+	nonseekable_open(inode, file);
+
+	return 0;
+
+ err_free_client:
+	evdev_detach_client(evdev, client);
+	kfree(client);
+ err_put_evdev:
+	put_device(&evdev->dev);
+	return error;
 }
-#endif
 
-static ssize_t evdev_write(struct file * file, const char __user * buffer, size_t count, loff_t *ppos)
+static ssize_t evdev_write(struct file *file, const char __user *buffer,
+			   size_t count, loff_t *ppos)
 {
-	struct evdev_list *list = file->private_data;
+	struct evdev_client *client = file->private_data;
+	struct evdev *evdev = client->evdev;
 	struct input_event event;
-	int retval = 0;
+	int retval;
 
-	if (!list->evdev->exist) return -ENODEV;
+	retval = mutex_lock_interruptible(&evdev->mutex);
+	if (retval)
+		return retval;
 
-#ifdef CONFIG_COMPAT
-	if (COMPAT_TEST)
-		return evdev_write_compat(file, buffer, count, ppos);
-#endif
+	if (!evdev->exist) {
+		retval = -ENODEV;
+		goto out;
+	}
 
 	while (retval < count) {
 
-		if (copy_from_user(&event, buffer + retval, sizeof(struct input_event)))
-			return -EFAULT;
-		input_event(list->evdev->handle.dev, event.type, event.code, event.value);
-		retval += sizeof(struct input_event);
+		if (input_event_from_user(buffer + retval, &event)) {
+			retval = -EFAULT;
+			goto out;
+		}
+
+		input_inject_event(&evdev->handle,
+				   event.type, event.code, event.value);
+		retval += input_event_size();
 	}
 
+ out:
+	mutex_unlock(&evdev->mutex);
 	return retval;
 }
 
-#ifdef CONFIG_COMPAT
-static ssize_t evdev_read_compat(struct file * file, char __user * buffer, size_t count, loff_t *ppos)
+static int evdev_fetch_next_event(struct evdev_client *client,
+				  struct input_event *event)
+{
+	int have_event;
+
+	spin_lock_irq(&client->buffer_lock);
+
+	have_event = client->head != client->tail;
+	if (have_event) {
+		*event = client->buffer[client->tail++];
+		client->tail &= EVDEV_BUFFER_SIZE - 1;
+	}
+
+	spin_unlock_irq(&client->buffer_lock);
+
+	return have_event;
+}
+
+static ssize_t evdev_read(struct file *file, char __user *buffer,
+			  size_t count, loff_t *ppos)
 {
-	struct evdev_list *list = file->private_data;
+	struct evdev_client *client = file->private_data;
+	struct evdev *evdev = client->evdev;
+	struct input_event event;
 	int retval;
 
-	if (count < sizeof(struct input_event_compat))
+	if (count < input_event_size())
 		return -EINVAL;
 
-	if (list->head == list->tail && list->evdev->exist && (file->f_flags & O_NONBLOCK))
+	if (client->head == client->tail && evdev->exist &&
+	    (file->f_flags & O_NONBLOCK))
 		return -EAGAIN;
 
-	retval = wait_event_interruptible(list->evdev->wait,
-		list->head != list->tail || (!list->evdev->exist));
-
+	retval = wait_event_interruptible(evdev->wait,
+		client->head != client->tail || !evdev->exist);
 	if (retval)
 		return retval;
 
-	if (!list->evdev->exist)
+	if (!evdev->exist)
 		return -ENODEV;
 
-	while (list->head != list->tail && retval + sizeof(struct input_event_compat) <= count) {
-		struct input_event *event = (struct input_event *) list->buffer + list->tail;
-		struct input_event_compat event_compat;
-		event_compat.time.tv_sec = event->time.tv_sec;
-		event_compat.time.tv_usec = event->time.tv_usec;
-		event_compat.type = event->type;
-		event_compat.code = event->code;
-		event_compat.value = event->value;
-
-		if (copy_to_user(buffer + retval, &event_compat,
-			sizeof(struct input_event_compat))) return -EFAULT;
-		list->tail = (list->tail + 1) & (EVDEV_BUFFER_SIZE - 1);
-		retval += sizeof(struct input_event_compat);
+	while (retval + input_event_size() <= count &&
+	       evdev_fetch_next_event(client, &event)) {
+
+		if (input_event_to_user(buffer + retval, &event))
+			return -EFAULT;
+
+		retval += input_event_size();
 	}
 
 	return retval;
 }
-#endif
 
-static ssize_t evdev_read(struct file * file, char __user * buffer, size_t count, loff_t *ppos)
+/* No kernel lock - fine */
+static unsigned int evdev_poll(struct file *file, poll_table *wait)
 {
-	struct evdev_list *list = file->private_data;
-	int retval;
+	struct evdev_client *client = file->private_data;
+	struct evdev *evdev = client->evdev;
+
+	poll_wait(file, &evdev->wait, wait);
+	return ((client->head == client->tail) ? 0 : (POLLIN | POLLRDNORM)) |
+		(evdev->exist ? 0 : (POLLHUP | POLLERR));
+}
 
 #ifdef CONFIG_COMPAT
-	if (COMPAT_TEST)
-		return evdev_read_compat(file, buffer, count, ppos);
-#endif
 
-	if (count < sizeof(struct input_event))
-		return -EINVAL;
+#define BITS_PER_LONG_COMPAT (sizeof(compat_long_t) * 8)
+#define BITS_TO_LONGS_COMPAT(x) ((((x) - 1) / BITS_PER_LONG_COMPAT) + 1)
 
-	if (list->head == list->tail && list->evdev->exist && (file->f_flags & O_NONBLOCK))
-		return -EAGAIN;
+#ifdef __BIG_ENDIAN
+static int bits_to_user(unsigned long *bits, unsigned int maxbit,
+			unsigned int maxlen, void __user *p, int compat)
+{
+	int len, i;
+
+	if (compat) {
+		len = BITS_TO_LONGS_COMPAT(maxbit) * sizeof(compat_long_t);
+		if (len > maxlen)
+			len = maxlen;
+
+		for (i = 0; i < len / sizeof(compat_long_t); i++)
+			if (copy_to_user((compat_long_t __user *) p + i,
+					 (compat_long_t *) bits +
+						i + 1 - ((i % 2) << 1),
+					 sizeof(compat_long_t)))
+				return -EFAULT;
+	} else {
+		len = BITS_TO_LONGS(maxbit) * sizeof(long);
+		if (len > maxlen)
+			len = maxlen;
 
-	retval = wait_event_interruptible(list->evdev->wait,
-		list->head != list->tail || (!list->evdev->exist));
+		if (copy_to_user(p, bits, len))
+			return -EFAULT;
+	}
 
-	if (retval)
-		return retval;
+	return len;
+}
+#else
+static int bits_to_user(unsigned long *bits, unsigned int maxbit,
+			unsigned int maxlen, void __user *p, int compat)
+{
+	int len = compat ?
+			BITS_TO_LONGS_COMPAT(maxbit) * sizeof(compat_long_t) :
+			BITS_TO_LONGS(maxbit) * sizeof(long);
 
-	if (!list->evdev->exist)
-		return -ENODEV;
+	if (len > maxlen)
+		len = maxlen;
 
-	while (list->head != list->tail && retval + sizeof(struct input_event) <= count) {
-		if (copy_to_user(buffer + retval, list->buffer + list->tail,
-			sizeof(struct input_event))) return -EFAULT;
-		list->tail = (list->tail + 1) & (EVDEV_BUFFER_SIZE - 1);
-		retval += sizeof(struct input_event);
-	}
+	return copy_to_user(p, bits, len) ? -EFAULT : len;
+}
+#endif /* __BIG_ENDIAN */
 
-	return retval;
+#else
+
+static int bits_to_user(unsigned long *bits, unsigned int maxbit,
+			unsigned int maxlen, void __user *p, int compat)
+{
+	int len = BITS_TO_LONGS(maxbit) * sizeof(long);
+
+	if (len > maxlen)
+		len = maxlen;
+
+	return copy_to_user(p, bits, len) ? -EFAULT : len;
 }
 
-/* No kernel lock - fine */
-static unsigned int evdev_poll(struct file *file, poll_table *wait)
+#endif /* CONFIG_COMPAT */
+
+static int str_to_user(const char *str, unsigned int maxlen, void __user *p)
 {
-	struct evdev_list *list = file->private_data;
-	poll_wait(file, &list->evdev->wait, wait);
-	return ((list->head == list->tail) ? 0 : (POLLIN | POLLRDNORM)) |
-		(list->evdev->exist ? 0 : (POLLHUP | POLLERR));
+	int len;
+
+	if (!str)
+		return -ENOENT;
+
+	len = strlen(str) + 1;
+	if (len > maxlen)
+		len = maxlen;
+
+	return copy_to_user(p, str, len) ? -EFAULT : len;
 }
 
-static long evdev_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
+#define OLD_KEY_MAX	0x1ff
+static int handle_eviocgbit(struct input_dev *dev, unsigned int cmd, void __user *p, int compat_mode)
 {
-	struct evdev_list *list = file->private_data;
-	struct evdev *evdev = list->evdev;
+	static unsigned long keymax_warn_time;
+	unsigned long *bits;
+	int len;
+
+	switch (_IOC_NR(cmd) & EV_MAX) {
+
+	case      0: bits = dev->evbit;  len = EV_MAX;  break;
+	case EV_KEY: bits = dev->keybit; len = KEY_MAX; break;
+	case EV_REL: bits = dev->relbit; len = REL_MAX; break;
+	case EV_ABS: bits = dev->absbit; len = ABS_MAX; break;
+	case EV_MSC: bits = dev->mscbit; len = MSC_MAX; break;
+	case EV_LED: bits = dev->ledbit; len = LED_MAX; break;
+	case EV_SND: bits = dev->sndbit; len = SND_MAX; break;
+	case EV_FF:  bits = dev->ffbit;  len = FF_MAX;  break;
+	case EV_SW:  bits = dev->swbit;  len = SW_MAX;  break;
+	default: return -EINVAL;
+	}
+
+	/*
+	 * Work around bugs in userspace programs that like to do
+	 * EVIOCGBIT(EV_KEY, KEY_MAX) and not realize that 'len'
+	 * should be in bytes, not in bits.
+	 */
+	if ((_IOC_NR(cmd) & EV_MAX) == EV_KEY && _IOC_SIZE(cmd) == OLD_KEY_MAX) {
+		len = OLD_KEY_MAX;
+		if (printk_timed_ratelimit(&keymax_warn_time, 10 * 1000))
+			printk(KERN_WARNING
+				"evdev.c(EVIOCGBIT): Suspicious buffer size %u, "
+				"limiting output to %zu bytes. See "
+				"http://userweb.kernel.org/~dtor/eviocgbit-bug.html\n",
+				OLD_KEY_MAX,
+				BITS_TO_LONGS(OLD_KEY_MAX) * sizeof(long));
+	}
+
+	return bits_to_user(bits, len, _IOC_SIZE(cmd), p, compat_mode);
+}
+#undef OLD_KEY_MAX
+
+static long evdev_do_ioctl(struct file *file, unsigned int cmd,
+			   void __user *p, int compat_mode)
+{
+	struct evdev_client *client = file->private_data;
+	struct evdev *evdev = client->evdev;
 	struct input_dev *dev = evdev->handle.dev;
 	struct input_absinfo abs;
-	void __user *p = (void __user *)arg;
-	int __user *ip = (int __user *)arg;
-	int i, t, u, v;
-
-	if (!evdev->exist) return -ENODEV;
+	struct ff_effect effect;
+	int __user *ip = (int __user *)p;
+	unsigned int i, t, u, v;
+	int error;
 
 	switch (cmd) {
 
-		case EVIOCGVERSION:
-			return put_user(EV_VERSION, ip);
-
-		case EVIOCGID:
-			return copy_to_user(p, &dev->id, sizeof(struct input_id)) ? -EFAULT : 0;
-
-		case EVIOCGKEYCODE:
-			if (get_user(t, ip)) return -EFAULT;
-			if (t < 0 || t >= dev->keycodemax || !dev->keycodesize) return -EINVAL;
-			if (put_user(INPUT_KEYCODE(dev, t), ip + 1)) return -EFAULT;
-			return 0;
-
-		case EVIOCSKEYCODE:
-			if (get_user(t, ip)) return -EFAULT;
-			if (t < 0 || t >= dev->keycodemax || !dev->keycodesize) return -EINVAL;
-			if (get_user(v, ip + 1)) return -EFAULT;
-			if (v < 0 || v > KEY_MAX) return -EINVAL;
-			if (dev->keycodesize < sizeof(v) && (v >> (dev->keycodesize * 8))) return -EINVAL;
-			u = SET_INPUT_KEYCODE(dev, t, v);
-			clear_bit(u, dev->keybit);
-			set_bit(v, dev->keybit);
-			for (i = 0; i < dev->keycodemax; i++)
-				if (INPUT_KEYCODE(dev,i) == u)
-					set_bit(u, dev->keybit);
-			return 0;
-
-		case EVIOCSFF:
-			if (dev->upload_effect) {
-				struct ff_effect effect;
-				int err;
-
-				if (copy_from_user(&effect, p, sizeof(effect)))
-					return -EFAULT;
-				err = dev->upload_effect(dev, &effect);
-				if (put_user(effect.id, &(((struct ff_effect __user *)arg)->id)))
-					return -EFAULT;
-				return err;
-			}
-			else return -ENOSYS;
+	case EVIOCGVERSION:
+		return put_user(EV_VERSION, ip);
 
-		case EVIOCRMFF:
-			if (dev->erase_effect) {
-				return dev->erase_effect(dev, (int)arg);
-			}
-			else return -ENOSYS;
+	case EVIOCGID:
+		if (copy_to_user(p, &dev->id, sizeof(struct input_id)))
+			return -EFAULT;
+		return 0;
 
-		case EVIOCGEFFECTS:
-			if (put_user(dev->ff_effects_max, ip))
-				return -EFAULT;
-			return 0;
-
-		case EVIOCGRAB:
-			if (arg) {
-				if (evdev->grab)
-					return -EBUSY;
-				if (input_grab_device(&evdev->handle))
-					return -EBUSY;
-				evdev->grab = list;
-				return 0;
-			} else {
-				if (evdev->grab != list)
-					return -EINVAL;
-				input_release_device(&evdev->handle);
-				evdev->grab = NULL;
-				return 0;
-			}
+	case EVIOCGREP:
+		if (!test_bit(EV_REP, dev->evbit))
+			return -ENOSYS;
+		if (put_user(dev->rep[REP_DELAY], ip))
+			return -EFAULT;
+		if (put_user(dev->rep[REP_PERIOD], ip + 1))
+			return -EFAULT;
+		return 0;
+
+	case EVIOCSREP:
+		if (!test_bit(EV_REP, dev->evbit))
+			return -ENOSYS;
+		if (get_user(u, ip))
+			return -EFAULT;
+		if (get_user(v, ip + 1))
+			return -EFAULT;
 
-		default:
-
-			if (_IOC_TYPE(cmd) != 'E')
-				return -EINVAL;
-
-			if (_IOC_DIR(cmd) == _IOC_READ) {
-
-				if ((_IOC_NR(cmd) & ~EV_MAX) == _IOC_NR(EVIOCGBIT(0,0))) {
-
-					long *bits;
-					int len;
-
-					switch (_IOC_NR(cmd) & EV_MAX) {
-						case      0: bits = dev->evbit;  len = EV_MAX;  break;
-						case EV_KEY: bits = dev->keybit; len = KEY_MAX; break;
-						case EV_REL: bits = dev->relbit; len = REL_MAX; break;
-						case EV_ABS: bits = dev->absbit; len = ABS_MAX; break;
-						case EV_MSC: bits = dev->mscbit; len = MSC_MAX; break;
-						case EV_LED: bits = dev->ledbit; len = LED_MAX; break;
-						case EV_SND: bits = dev->sndbit; len = SND_MAX; break;
-						case EV_FF:  bits = dev->ffbit;  len = FF_MAX;  break;
-						case EV_SW:  bits = dev->swbit;  len = SW_MAX;  break;
-						default: return -EINVAL;
-					}
-					len = NBITS(len) * sizeof(long);
-					if (len > _IOC_SIZE(cmd)) len = _IOC_SIZE(cmd);
-					return copy_to_user(p, bits, len) ? -EFAULT : len;
-				}
-
-				if (_IOC_NR(cmd) == _IOC_NR(EVIOCGKEY(0))) {
-					int len;
-					len = NBITS(KEY_MAX) * sizeof(long);
-					if (len > _IOC_SIZE(cmd)) len = _IOC_SIZE(cmd);
-					return copy_to_user(p, dev->key, len) ? -EFAULT : len;
-				}
-
-				if (_IOC_NR(cmd) == _IOC_NR(EVIOCGLED(0))) {
-					int len;
-					len = NBITS(LED_MAX) * sizeof(long);
-					if (len > _IOC_SIZE(cmd)) len = _IOC_SIZE(cmd);
-					return copy_to_user(p, dev->led, len) ? -EFAULT : len;
-				}
-
-				if (_IOC_NR(cmd) == _IOC_NR(EVIOCGSND(0))) {
-					int len;
-					len = NBITS(SND_MAX) * sizeof(long);
-					if (len > _IOC_SIZE(cmd)) len = _IOC_SIZE(cmd);
-					return copy_to_user(p, dev->snd, len) ? -EFAULT : len;
-				}
-
-				if (_IOC_NR(cmd) == _IOC_NR(EVIOCGSW(0))) {
-					int len;
-					len = NBITS(SW_MAX) * sizeof(long);
-					if (len > _IOC_SIZE(cmd)) len = _IOC_SIZE(cmd);
-					return copy_to_user(p, dev->sw, len) ? -EFAULT : len;
-				}
-
-				if (_IOC_NR(cmd) == _IOC_NR(EVIOCGNAME(0))) {
-					int len;
-					if (!dev->name) return -ENOENT;
-					len = strlen(dev->name) + 1;
-					if (len > _IOC_SIZE(cmd)) len = _IOC_SIZE(cmd);
-					return copy_to_user(p, dev->name, len) ? -EFAULT : len;
-				}
-
-				if (_IOC_NR(cmd) == _IOC_NR(EVIOCGPHYS(0))) {
-					int len;
-					if (!dev->phys) return -ENOENT;
-					len = strlen(dev->phys) + 1;
-					if (len > _IOC_SIZE(cmd)) len = _IOC_SIZE(cmd);
-					return copy_to_user(p, dev->phys, len) ? -EFAULT : len;
-				}
-
-				if (_IOC_NR(cmd) == _IOC_NR(EVIOCGUNIQ(0))) {
-					int len;
-					if (!dev->uniq) return -ENOENT;
-					len = strlen(dev->uniq) + 1;
-					if (len > _IOC_SIZE(cmd)) len = _IOC_SIZE(cmd);
-					return copy_to_user(p, dev->uniq, len) ? -EFAULT : len;
-				}
-
-				if ((_IOC_NR(cmd) & ~ABS_MAX) == _IOC_NR(EVIOCGABS(0))) {
-
-					int t = _IOC_NR(cmd) & ABS_MAX;
-
-					abs.value = dev->abs[t];
-					abs.minimum = dev->absmin[t];
-					abs.maximum = dev->absmax[t];
-					abs.fuzz = dev->absfuzz[t];
-					abs.flat = dev->absflat[t];
-
-					if (copy_to_user(p, &abs, sizeof(struct input_absinfo)))
-						return -EFAULT;
-
-					return 0;
-				}
+		input_inject_event(&evdev->handle, EV_REP, REP_DELAY, u);
+		input_inject_event(&evdev->handle, EV_REP, REP_PERIOD, v);
 
-			}
+		return 0;
+
+	case EVIOCGKEYCODE:
+		if (get_user(t, ip))
+			return -EFAULT;
 
-			if (_IOC_DIR(cmd) == _IOC_WRITE) {
+		error = input_get_keycode(dev, t, &v);
+		if (error)
+			return error;
 
-				if ((_IOC_NR(cmd) & ~ABS_MAX) == _IOC_NR(EVIOCSABS(0))) {
+		if (put_user(v, ip + 1))
+			return -EFAULT;
+
+		return 0;
+
+	case EVIOCSKEYCODE:
+		if (get_user(t, ip) || get_user(v, ip + 1))
+			return -EFAULT;
+
+		return input_set_keycode(dev, t, v);
+
+	case EVIOCRMFF:
+		return input_ff_erase(dev, (int)(unsigned long) p, file);
+
+	case EVIOCGEFFECTS:
+		i = test_bit(EV_FF, dev->evbit) ?
+				dev->ff->max_effects : 0;
+		if (put_user(i, ip))
+			return -EFAULT;
+		return 0;
+
+	case EVIOCGRAB:
+		if (p)
+			return evdev_grab(evdev, client);
+		else
+			return evdev_ungrab(evdev, client);
+
+	default:
+
+		if (_IOC_TYPE(cmd) != 'E')
+			return -EINVAL;
+
+		if (_IOC_DIR(cmd) == _IOC_READ) {
+
+			if ((_IOC_NR(cmd) & ~EV_MAX) == _IOC_NR(EVIOCGBIT(0, 0)))
+				return handle_eviocgbit(dev, cmd, p, compat_mode);
+
+			if (_IOC_NR(cmd) == _IOC_NR(EVIOCGKEY(0)))
+				return bits_to_user(dev->key, KEY_MAX, _IOC_SIZE(cmd),
+						    p, compat_mode);
+
+			if (_IOC_NR(cmd) == _IOC_NR(EVIOCGLED(0)))
+				return bits_to_user(dev->led, LED_MAX, _IOC_SIZE(cmd),
+						    p, compat_mode);
+
+			if (_IOC_NR(cmd) == _IOC_NR(EVIOCGSND(0)))
+				return bits_to_user(dev->snd, SND_MAX, _IOC_SIZE(cmd),
+						    p, compat_mode);
 
-					int t = _IOC_NR(cmd) & ABS_MAX;
+			if (_IOC_NR(cmd) == _IOC_NR(EVIOCGSW(0)))
+				return bits_to_user(dev->sw, SW_MAX, _IOC_SIZE(cmd),
+						    p, compat_mode);
 
-					if (copy_from_user(&abs, p, sizeof(struct input_absinfo)))
-						return -EFAULT;
+			if (_IOC_NR(cmd) == _IOC_NR(EVIOCGNAME(0)))
+				return str_to_user(dev->name, _IOC_SIZE(cmd), p);
 
-					dev->abs[t] = abs.value;
-					dev->absmin[t] = abs.minimum;
-					dev->absmax[t] = abs.maximum;
-					dev->absfuzz[t] = abs.fuzz;
-					dev->absflat[t] = abs.flat;
+			if (_IOC_NR(cmd) == _IOC_NR(EVIOCGPHYS(0)))
+				return str_to_user(dev->phys, _IOC_SIZE(cmd), p);
 
-					return 0;
-				}
+			if (_IOC_NR(cmd) == _IOC_NR(EVIOCGUNIQ(0)))
+				return str_to_user(dev->uniq, _IOC_SIZE(cmd), p);
+
+			if ((_IOC_NR(cmd) & ~ABS_MAX) == _IOC_NR(EVIOCGABS(0))) {
+
+				t = _IOC_NR(cmd) & ABS_MAX;
+
+				abs.value = dev->abs[t];
+				abs.minimum = dev->absmin[t];
+				abs.maximum = dev->absmax[t];
+				abs.fuzz = dev->absfuzz[t];
+				abs.flat = dev->absflat[t];
+				abs.resolution = dev->absres[t];
+
+				if (copy_to_user(p, &abs, min_t(size_t,
+								_IOC_SIZE(cmd),
+								sizeof(struct input_absinfo))))
+					return -EFAULT;
+
+				return 0;
 			}
-	}
-	return -EINVAL;
-}
 
-#ifdef CONFIG_COMPAT
+		}
 
-#define BITS_PER_LONG_COMPAT (sizeof(compat_long_t) * 8)
-#define NBITS_COMPAT(x) ((((x)-1)/BITS_PER_LONG_COMPAT)+1)
-#define OFF_COMPAT(x)  ((x)%BITS_PER_LONG_COMPAT)
-#define BIT_COMPAT(x)  (1UL<<OFF_COMPAT(x))
-#define LONG_COMPAT(x) ((x)/BITS_PER_LONG_COMPAT)
-#define test_bit_compat(bit, array) ((array[LONG_COMPAT(bit)] >> OFF_COMPAT(bit)) & 1)
+		if (_IOC_DIR(cmd) == _IOC_WRITE) {
 
-#ifdef __BIG_ENDIAN
-#define bit_to_user(bit, max) \
-do { \
-	int i; \
-	int len = NBITS_COMPAT((max)) * sizeof(compat_long_t); \
-	if (len > _IOC_SIZE(cmd)) len = _IOC_SIZE(cmd); \
-	for (i = 0; i < len / sizeof(compat_long_t); i++) \
-		if (copy_to_user((compat_long_t __user *) p + i, \
-				 (compat_long_t*) (bit) + i + 1 - ((i % 2) << 1), \
-				 sizeof(compat_long_t))) \
-			return -EFAULT; \
-	return len; \
-} while (0)
-#else
-#define bit_to_user(bit, max) \
-do { \
-	int len = NBITS_COMPAT((max)) * sizeof(compat_long_t); \
-	if (len > _IOC_SIZE(cmd)) len = _IOC_SIZE(cmd); \
-	return copy_to_user(p, (bit), len) ? -EFAULT : len; \
-} while (0)
-#endif
+			if (_IOC_NR(cmd) == _IOC_NR(EVIOCSFF)) {
 
-static long evdev_ioctl_compat(struct file *file, unsigned int cmd, unsigned long arg)
-{
-	struct evdev_list *list = file->private_data;
-	struct evdev *evdev = list->evdev;
-	struct input_dev *dev = evdev->handle.dev;
-	struct input_absinfo abs;
-	void __user *p = compat_ptr(arg);
+				if (input_ff_effect_from_user(p, _IOC_SIZE(cmd), &effect))
+					return -EFAULT;
 
-	if (!evdev->exist) return -ENODEV;
+				error = input_ff_upload(dev, &effect, file);
 
-	switch (cmd) {
+				if (put_user(effect.id, &(((struct ff_effect __user *)p)->id)))
+					return -EFAULT;
 
-		case EVIOCGVERSION:
-		case EVIOCGID:
-		case EVIOCGKEYCODE:
-		case EVIOCSKEYCODE:
-		case EVIOCSFF:
-		case EVIOCRMFF:
-		case EVIOCGEFFECTS:
-		case EVIOCGRAB:
-			return evdev_ioctl(file, cmd, (unsigned long) p);
-
-		default:
-
-			if (_IOC_TYPE(cmd) != 'E')
-				return -EINVAL;
-
-			if (_IOC_DIR(cmd) == _IOC_READ) {
-
-				if ((_IOC_NR(cmd) & ~EV_MAX) == _IOC_NR(EVIOCGBIT(0,0))) {
-					long *bits;
-					int max;
-
-					switch (_IOC_NR(cmd) & EV_MAX) {
-						case      0: bits = dev->evbit;  max = EV_MAX;  break;
-						case EV_KEY: bits = dev->keybit; max = KEY_MAX; break;
-						case EV_REL: bits = dev->relbit; max = REL_MAX; break;
-						case EV_ABS: bits = dev->absbit; max = ABS_MAX; break;
-						case EV_MSC: bits = dev->mscbit; max = MSC_MAX; break;
-						case EV_LED: bits = dev->ledbit; max = LED_MAX; break;
-						case EV_SND: bits = dev->sndbit; max = SND_MAX; break;
-						case EV_FF:  bits = dev->ffbit;  max = FF_MAX;  break;
-						default: return -EINVAL;
-					}
-					bit_to_user(bits, max);
-				}
-
-				if (_IOC_NR(cmd) == _IOC_NR(EVIOCGKEY(0)))
-					bit_to_user(dev->key, KEY_MAX);
-
-				if (_IOC_NR(cmd) == _IOC_NR(EVIOCGLED(0)))
-					bit_to_user(dev->led, LED_MAX);
-
-				if (_IOC_NR(cmd) == _IOC_NR(EVIOCGSND(0)))
-					bit_to_user(dev->snd, SND_MAX);
-
-				if (_IOC_NR(cmd) == _IOC_NR(EVIOCGNAME(0))) {
-					int len;
-					if (!dev->name) return -ENOENT;
-					len = strlen(dev->name) + 1;
-					if (len > _IOC_SIZE(cmd)) len = _IOC_SIZE(cmd);
-					return copy_to_user(p, dev->name, len) ? -EFAULT : len;
-				}
-
-				if (_IOC_NR(cmd) == _IOC_NR(EVIOCGPHYS(0))) {
-					int len;
-					if (!dev->phys) return -ENOENT;
-					len = strlen(dev->phys) + 1;
-					if (len > _IOC_SIZE(cmd)) len = _IOC_SIZE(cmd);
-					return copy_to_user(p, dev->phys, len) ? -EFAULT : len;
-				}
-
-				if (_IOC_NR(cmd) == _IOC_NR(EVIOCGUNIQ(0))) {
-					int len;
-					if (!dev->uniq) return -ENOENT;
-					len = strlen(dev->uniq) + 1;
-					if (len > _IOC_SIZE(cmd)) len = _IOC_SIZE(cmd);
-					return copy_to_user(p, dev->uniq, len) ? -EFAULT : len;
-				}
-
-				if ((_IOC_NR(cmd) & ~ABS_MAX) == _IOC_NR(EVIOCGABS(0))) {
-
-					int t = _IOC_NR(cmd) & ABS_MAX;
-
-					abs.value = dev->abs[t];
-					abs.minimum = dev->absmin[t];
-					abs.maximum = dev->absmax[t];
-					abs.fuzz = dev->absfuzz[t];
-					abs.flat = dev->absflat[t];
-
-					if (copy_to_user(p, &abs, sizeof(struct input_absinfo)))
-						return -EFAULT;
-
-					return 0;
-				}
+				return error;
 			}
 
-			if (_IOC_DIR(cmd) == _IOC_WRITE) {
+			if ((_IOC_NR(cmd) & ~ABS_MAX) == _IOC_NR(EVIOCSABS(0))) {
+
+				t = _IOC_NR(cmd) & ABS_MAX;
 
-				if ((_IOC_NR(cmd) & ~ABS_MAX) == _IOC_NR(EVIOCSABS(0))) {
+				if (copy_from_user(&abs, p, min_t(size_t,
+								  _IOC_SIZE(cmd),
+								  sizeof(struct input_absinfo))))
+					return -EFAULT;
 
-					int t = _IOC_NR(cmd) & ABS_MAX;
+				/*
+				 * Take event lock to ensure that we are not
+				 * changing device parameters in the middle
+				 * of event.
+				 */
+				spin_lock_irq(&dev->event_lock);
 
-					if (copy_from_user(&abs, p, sizeof(struct input_absinfo)))
-						return -EFAULT;
+				dev->abs[t] = abs.value;
+				dev->absmin[t] = abs.minimum;
+				dev->absmax[t] = abs.maximum;
+				dev->absfuzz[t] = abs.fuzz;
+				dev->absflat[t] = abs.flat;
+				dev->absres[t] = _IOC_SIZE(cmd) < sizeof(struct input_absinfo) ?
+							0 : abs.resolution;
 
-					dev->abs[t] = abs.value;
-					dev->absmin[t] = abs.minimum;
-					dev->absmax[t] = abs.maximum;
-					dev->absfuzz[t] = abs.fuzz;
-					dev->absflat[t] = abs.flat;
+				spin_unlock_irq(&dev->event_lock);
 
-					return 0;
-				}
+				return 0;
 			}
+		}
 	}
 	return -EINVAL;
 }
+
+static long evdev_ioctl_handler(struct file *file, unsigned int cmd,
+				void __user *p, int compat_mode)
+{
+	struct evdev_client *client = file->private_data;
+	struct evdev *evdev = client->evdev;
+	int retval;
+
+	retval = mutex_lock_interruptible(&evdev->mutex);
+	if (retval)
+		return retval;
+
+	if (!evdev->exist) {
+		retval = -ENODEV;
+		goto out;
+	}
+
+	retval = evdev_do_ioctl(file, cmd, p, compat_mode);
+
+ out:
+	mutex_unlock(&evdev->mutex);
+	return retval;
+}
+
+static long evdev_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
+{
+	return evdev_ioctl_handler(file, cmd, (void __user *)arg, 0);
+}
+
+#ifdef CONFIG_COMPAT
+static long evdev_ioctl_compat(struct file *file,
+				unsigned int cmd, unsigned long arg)
+{
+	return evdev_ioctl_handler(file, cmd, compat_ptr(arg), 1);
+}
 #endif
 
-static struct file_operations evdev_fops = {
-	.owner =	THIS_MODULE,
-	.read =		evdev_read,
-	.write =	evdev_write,
-	.poll =		evdev_poll,
-	.open =		evdev_open,
-	.release =	evdev_release,
-	.unlocked_ioctl = evdev_ioctl,
+static const struct file_operations evdev_fops = {
+	.owner		= THIS_MODULE,
+	.read		= evdev_read,
+	.write		= evdev_write,
+	.poll		= evdev_poll,
+	.open		= evdev_open,
+	.release	= evdev_release,
+	.unlocked_ioctl	= evdev_ioctl,
 #ifdef CONFIG_COMPAT
-	.compat_ioctl =	evdev_ioctl_compat,
+	.compat_ioctl	= evdev_ioctl_compat,
 #endif
-	.fasync =	evdev_fasync,
-	.flush =	evdev_flush
+	.fasync		= evdev_fasync,
+	.flush		= evdev_flush
 };
 
-static struct input_handle *evdev_connect(struct input_handler *handler, struct input_dev *dev, struct input_device_id *id)
+static int evdev_install_chrdev(struct evdev *evdev)
+{
+	/*
+	 * No need to do any locking here as calls to connect and
+	 * disconnect are serialized by the input core
+	 */
+	evdev_table[evdev->minor] = evdev;
+	return 0;
+}
+
+static void evdev_remove_chrdev(struct evdev *evdev)
+{
+	/*
+	 * Lock evdev table to prevent race with evdev_open()
+	 */
+	mutex_lock(&evdev_table_mutex);
+	evdev_table[evdev->minor] = NULL;
+	mutex_unlock(&evdev_table_mutex);
+}
+
+/*
+ * Mark device non-existent. This disables writes, ioctls and
+ * prevents new users from opening the device. Already posted
+ * blocking reads will stay, however new ones will fail.
+ */
+static void evdev_mark_dead(struct evdev *evdev)
+{
+	mutex_lock(&evdev->mutex);
+	evdev->exist = 0;
+	mutex_unlock(&evdev->mutex);
+}
+
+static void evdev_cleanup(struct evdev *evdev)
+{
+	struct input_handle *handle = &evdev->handle;
+
+	evdev_mark_dead(evdev);
+	evdev_hangup(evdev);
+	evdev_remove_chrdev(evdev);
+
+	/* evdev is marked dead so no one else accesses evdev->open */
+	if (evdev->open) {
+		input_flush_device(handle, NULL);
+		input_close_device(handle);
+	}
+}
+
+/*
+ * Create new evdev device. Note that input core serializes calls
+ * to connect and disconnect so we don't need to lock evdev_table here.
+ */
+static int evdev_connect(struct input_handler *handler, struct input_dev *dev,
+			 const struct input_device_id *id)
 {
 	struct evdev *evdev;
-	struct class_device *cdev;
 	int minor;
+	int error;
+
+	for (minor = 0; minor < EVDEV_MINORS; minor++)
+		if (!evdev_table[minor])
+			break;
 
-	for (minor = 0; minor < EVDEV_MINORS && evdev_table[minor]; minor++);
 	if (minor == EVDEV_MINORS) {
 		printk(KERN_ERR "evdev: no more free evdev devices\n");
-		return NULL;
+		return -ENFILE;
 	}
 
-	if (!(evdev = kmalloc(sizeof(struct evdev), GFP_KERNEL)))
-		return NULL;
-	memset(evdev, 0, sizeof(struct evdev));
+	evdev = kzalloc(sizeof(struct evdev), GFP_KERNEL);
+	if (!evdev)
+		return -ENOMEM;
 
-	INIT_LIST_HEAD(&evdev->list);
+	INIT_LIST_HEAD(&evdev->client_list);
+	spin_lock_init(&evdev->client_lock);
+	mutex_init(&evdev->mutex);
 	init_waitqueue_head(&evdev->wait);
 
+	dev_set_name(&evdev->dev, "event%d", minor);
 	evdev->exist = 1;
 	evdev->minor = minor;
-	evdev->handle.dev = dev;
-	evdev->handle.name = evdev->name;
+
+	evdev->handle.dev = input_get_device(dev);
+	evdev->handle.name = dev_name(&evdev->dev);
 	evdev->handle.handler = handler;
 	evdev->handle.private = evdev;
-	sprintf(evdev->name, "event%d", minor);
 
-	evdev_table[minor] = evdev;
+	evdev->dev.devt = MKDEV(INPUT_MAJOR, EVDEV_MINOR_BASE + minor);
+	evdev->dev.class = &input_class;
+	evdev->dev.parent = &dev->dev;
+	evdev->dev.release = evdev_free;
+	device_initialize(&evdev->dev);
 
-	cdev = class_device_create(&input_class, &dev->cdev,
-			MKDEV(INPUT_MAJOR, EVDEV_MINOR_BASE + minor),
-			dev->cdev.dev, evdev->name);
+	error = input_register_handle(&evdev->handle);
+	if (error)
+		goto err_free_evdev;
 
-	/* temporary symlink to keep userspace happy */
-	sysfs_create_link(&input_class.subsys.kset.kobj, &cdev->kobj,
-			  evdev->name);
+	error = evdev_install_chrdev(evdev);
+	if (error)
+		goto err_unregister_handle;
 
-	return &evdev->handle;
+	error = device_add(&evdev->dev);
+	if (error)
+		goto err_cleanup_evdev;
+
+	return 0;
+
+ err_cleanup_evdev:
+	evdev_cleanup(evdev);
+ err_unregister_handle:
+	input_unregister_handle(&evdev->handle);
+ err_free_evdev:
+	put_device(&evdev->dev);
+	return error;
 }
 
 static void evdev_disconnect(struct input_handle *handle)
 {
 	struct evdev *evdev = handle->private;
-	struct evdev_list *list;
-
-	sysfs_remove_link(&input_class.subsys.kset.kobj, evdev->name);
-	class_device_destroy(&input_class,
-			MKDEV(INPUT_MAJOR, EVDEV_MINOR_BASE + evdev->minor));
-	evdev->exist = 0;
 
-	if (evdev->open) {
-		input_close_device(handle);
-		wake_up_interruptible(&evdev->wait);
-		list_for_each_entry(list, &evdev->list, node)
-			kill_fasync(&list->fasync, SIGIO, POLL_HUP);
-	} else
-		evdev_free(evdev);
+	device_del(&evdev->dev);
+	evdev_cleanup(evdev);
+	input_unregister_handle(handle);
+	put_device(&evdev->dev);
 }
 
-static struct input_device_id evdev_ids[] = {
+static const struct input_device_id evdev_ids[] = {
 	{ .driver_info = 1 },	/* Matches all devices */
 	{ },			/* Terminating zero entry */
 };
@@ -725,19 +872,18 @@ static struct input_device_id evdev_ids[] = {
 MODULE_DEVICE_TABLE(input, evdev_ids);
 
 static struct input_handler evdev_handler = {
-	.event =	evdev_event,
-	.connect =	evdev_connect,
-	.disconnect =	evdev_disconnect,
-	.fops =		&evdev_fops,
-	.minor =	EVDEV_MINOR_BASE,
-	.name =		"evdev",
-	.id_table =	evdev_ids,
+	.event		= evdev_event,
+	.connect	= evdev_connect,
+	.disconnect	= evdev_disconnect,
+	.fops		= &evdev_fops,
+	.minor		= EVDEV_MINOR_BASE,
+	.name		= "evdev",
+	.id_table	= evdev_ids,
 };
 
 static int __init evdev_init(void)
 {
-	input_register_handler(&evdev_handler);
-	return 0;
+	return input_register_handler(&evdev_handler);
 }
 
 static void __exit evdev_exit(void)