xref: /openbmc/linux/drivers/usb/core/hcd.c (revision f7777dcc)
1 /*
2  * (C) Copyright Linus Torvalds 1999
3  * (C) Copyright Johannes Erdfelt 1999-2001
4  * (C) Copyright Andreas Gal 1999
5  * (C) Copyright Gregory P. Smith 1999
6  * (C) Copyright Deti Fliegl 1999
7  * (C) Copyright Randy Dunlap 2000
8  * (C) Copyright David Brownell 2000-2002
9  *
10  * This program is free software; you can redistribute it and/or modify it
11  * under the terms of the GNU General Public License as published by the
12  * Free Software Foundation; either version 2 of the License, or (at your
13  * option) any later version.
14  *
15  * This program is distributed in the hope that it will be useful, but
16  * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
17  * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
18  * for more details.
19  *
20  * You should have received a copy of the GNU General Public License
21  * along with this program; if not, write to the Free Software Foundation,
22  * Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
23  */
24 
25 #include <linux/bcd.h>
26 #include <linux/module.h>
27 #include <linux/version.h>
28 #include <linux/kernel.h>
29 #include <linux/slab.h>
30 #include <linux/completion.h>
31 #include <linux/utsname.h>
32 #include <linux/mm.h>
33 #include <asm/io.h>
34 #include <linux/device.h>
35 #include <linux/dma-mapping.h>
36 #include <linux/mutex.h>
37 #include <asm/irq.h>
38 #include <asm/byteorder.h>
39 #include <asm/unaligned.h>
40 #include <linux/platform_device.h>
41 #include <linux/workqueue.h>
42 #include <linux/pm_runtime.h>
43 
44 #include <linux/usb.h>
45 #include <linux/usb/hcd.h>
46 
47 #include "usb.h"
48 
49 
50 /*-------------------------------------------------------------------------*/
51 
52 /*
53  * USB Host Controller Driver framework
54  *
55  * Plugs into usbcore (usb_bus) and lets HCDs share code, minimizing
56  * HCD-specific behaviors/bugs.
57  *
58  * This does error checks, tracks devices and urbs, and delegates to a
59  * "hc_driver" only for code (and data) that really needs to know about
60  * hardware differences.  That includes root hub registers, i/o queues,
61  * and so on ... but as little else as possible.
62  *
63  * Shared code includes most of the "root hub" code (these are emulated,
64  * though each HC's hardware works differently) and PCI glue, plus request
65  * tracking overhead.  The HCD code should only block on spinlocks or on
66  * hardware handshaking; blocking on software events (such as other kernel
67  * threads releasing resources, or completing actions) is all generic.
68  *
69  * Happens the USB 2.0 spec says this would be invisible inside the "USBD",
70  * and includes mostly a "HCDI" (HCD Interface) along with some APIs used
71  * only by the hub driver ... and that neither should be seen or used by
72  * usb client device drivers.
73  *
74  * Contributors of ideas or unattributed patches include: David Brownell,
75  * Roman Weissgaerber, Rory Bolt, Greg Kroah-Hartman, ...
76  *
77  * HISTORY:
78  * 2002-02-21	Pull in most of the usb_bus support from usb.c; some
79  *		associated cleanup.  "usb_hcd" still != "usb_bus".
80  * 2001-12-12	Initial patch version for Linux 2.5.1 kernel.
81  */
82 
83 /*-------------------------------------------------------------------------*/
84 
85 /* Keep track of which host controller drivers are loaded */
86 unsigned long usb_hcds_loaded;
87 EXPORT_SYMBOL_GPL(usb_hcds_loaded);
88 
89 /* host controllers we manage */
90 LIST_HEAD (usb_bus_list);
91 EXPORT_SYMBOL_GPL (usb_bus_list);
92 
93 /* used when allocating bus numbers */
94 #define USB_MAXBUS		64
95 struct usb_busmap {
96 	unsigned long busmap [USB_MAXBUS / (8*sizeof (unsigned long))];
97 };
98 static struct usb_busmap busmap;
99 
100 /* used when updating list of hcds */
101 DEFINE_MUTEX(usb_bus_list_lock);	/* exported only for usbfs */
102 EXPORT_SYMBOL_GPL (usb_bus_list_lock);
103 
104 /* used for controlling access to virtual root hubs */
105 static DEFINE_SPINLOCK(hcd_root_hub_lock);
106 
107 /* used when updating an endpoint's URB list */
108 static DEFINE_SPINLOCK(hcd_urb_list_lock);
109 
110 /* used to protect against unlinking URBs after the device is gone */
111 static DEFINE_SPINLOCK(hcd_urb_unlink_lock);
112 
113 /* wait queue for synchronous unlinks */
114 DECLARE_WAIT_QUEUE_HEAD(usb_kill_urb_queue);
115 
116 static inline int is_root_hub(struct usb_device *udev)
117 {
118 	return (udev->parent == NULL);
119 }
120 
121 /*-------------------------------------------------------------------------*/
122 
123 /*
124  * Sharable chunks of root hub code.
125  */
126 
127 /*-------------------------------------------------------------------------*/
128 #define KERNEL_REL	bin2bcd(((LINUX_VERSION_CODE >> 16) & 0x0ff))
129 #define KERNEL_VER	bin2bcd(((LINUX_VERSION_CODE >> 8) & 0x0ff))
130 
131 /* usb 3.0 root hub device descriptor */
132 static const u8 usb3_rh_dev_descriptor[18] = {
133 	0x12,       /*  __u8  bLength; */
134 	0x01,       /*  __u8  bDescriptorType; Device */
135 	0x00, 0x03, /*  __le16 bcdUSB; v3.0 */
136 
137 	0x09,	    /*  __u8  bDeviceClass; HUB_CLASSCODE */
138 	0x00,	    /*  __u8  bDeviceSubClass; */
139 	0x03,       /*  __u8  bDeviceProtocol; USB 3.0 hub */
140 	0x09,       /*  __u8  bMaxPacketSize0; 2^9 = 512 Bytes */
141 
142 	0x6b, 0x1d, /*  __le16 idVendor; Linux Foundation 0x1d6b */
143 	0x03, 0x00, /*  __le16 idProduct; device 0x0003 */
144 	KERNEL_VER, KERNEL_REL, /*  __le16 bcdDevice */
145 
146 	0x03,       /*  __u8  iManufacturer; */
147 	0x02,       /*  __u8  iProduct; */
148 	0x01,       /*  __u8  iSerialNumber; */
149 	0x01        /*  __u8  bNumConfigurations; */
150 };
151 
152 /* usb 2.5 (wireless USB 1.0) root hub device descriptor */
153 static const u8 usb25_rh_dev_descriptor[18] = {
154 	0x12,       /*  __u8  bLength; */
155 	0x01,       /*  __u8  bDescriptorType; Device */
156 	0x50, 0x02, /*  __le16 bcdUSB; v2.5 */
157 
158 	0x09,	    /*  __u8  bDeviceClass; HUB_CLASSCODE */
159 	0x00,	    /*  __u8  bDeviceSubClass; */
160 	0x00,       /*  __u8  bDeviceProtocol; [ usb 2.0 no TT ] */
161 	0xFF,       /*  __u8  bMaxPacketSize0; always 0xFF (WUSB Spec 7.4.1). */
162 
163 	0x6b, 0x1d, /*  __le16 idVendor; Linux Foundation 0x1d6b */
164 	0x02, 0x00, /*  __le16 idProduct; device 0x0002 */
165 	KERNEL_VER, KERNEL_REL, /*  __le16 bcdDevice */
166 
167 	0x03,       /*  __u8  iManufacturer; */
168 	0x02,       /*  __u8  iProduct; */
169 	0x01,       /*  __u8  iSerialNumber; */
170 	0x01        /*  __u8  bNumConfigurations; */
171 };
172 
173 /* usb 2.0 root hub device descriptor */
174 static const u8 usb2_rh_dev_descriptor [18] = {
175 	0x12,       /*  __u8  bLength; */
176 	0x01,       /*  __u8  bDescriptorType; Device */
177 	0x00, 0x02, /*  __le16 bcdUSB; v2.0 */
178 
179 	0x09,	    /*  __u8  bDeviceClass; HUB_CLASSCODE */
180 	0x00,	    /*  __u8  bDeviceSubClass; */
181 	0x00,       /*  __u8  bDeviceProtocol; [ usb 2.0 no TT ] */
182 	0x40,       /*  __u8  bMaxPacketSize0; 64 Bytes */
183 
184 	0x6b, 0x1d, /*  __le16 idVendor; Linux Foundation 0x1d6b */
185 	0x02, 0x00, /*  __le16 idProduct; device 0x0002 */
186 	KERNEL_VER, KERNEL_REL, /*  __le16 bcdDevice */
187 
188 	0x03,       /*  __u8  iManufacturer; */
189 	0x02,       /*  __u8  iProduct; */
190 	0x01,       /*  __u8  iSerialNumber; */
191 	0x01        /*  __u8  bNumConfigurations; */
192 };
193 
194 /* no usb 2.0 root hub "device qualifier" descriptor: one speed only */
195 
196 /* usb 1.1 root hub device descriptor */
197 static const u8 usb11_rh_dev_descriptor [18] = {
198 	0x12,       /*  __u8  bLength; */
199 	0x01,       /*  __u8  bDescriptorType; Device */
200 	0x10, 0x01, /*  __le16 bcdUSB; v1.1 */
201 
202 	0x09,	    /*  __u8  bDeviceClass; HUB_CLASSCODE */
203 	0x00,	    /*  __u8  bDeviceSubClass; */
204 	0x00,       /*  __u8  bDeviceProtocol; [ low/full speeds only ] */
205 	0x40,       /*  __u8  bMaxPacketSize0; 64 Bytes */
206 
207 	0x6b, 0x1d, /*  __le16 idVendor; Linux Foundation 0x1d6b */
208 	0x01, 0x00, /*  __le16 idProduct; device 0x0001 */
209 	KERNEL_VER, KERNEL_REL, /*  __le16 bcdDevice */
210 
211 	0x03,       /*  __u8  iManufacturer; */
212 	0x02,       /*  __u8  iProduct; */
213 	0x01,       /*  __u8  iSerialNumber; */
214 	0x01        /*  __u8  bNumConfigurations; */
215 };
216 
217 
218 /*-------------------------------------------------------------------------*/
219 
220 /* Configuration descriptors for our root hubs */
221 
222 static const u8 fs_rh_config_descriptor [] = {
223 
224 	/* one configuration */
225 	0x09,       /*  __u8  bLength; */
226 	0x02,       /*  __u8  bDescriptorType; Configuration */
227 	0x19, 0x00, /*  __le16 wTotalLength; */
228 	0x01,       /*  __u8  bNumInterfaces; (1) */
229 	0x01,       /*  __u8  bConfigurationValue; */
230 	0x00,       /*  __u8  iConfiguration; */
231 	0xc0,       /*  __u8  bmAttributes;
232 				 Bit 7: must be set,
233 				     6: Self-powered,
234 				     5: Remote wakeup,
235 				     4..0: resvd */
236 	0x00,       /*  __u8  MaxPower; */
237 
238 	/* USB 1.1:
239 	 * USB 2.0, single TT organization (mandatory):
240 	 *	one interface, protocol 0
241 	 *
242 	 * USB 2.0, multiple TT organization (optional):
243 	 *	two interfaces, protocols 1 (like single TT)
244 	 *	and 2 (multiple TT mode) ... config is
245 	 *	sometimes settable
246 	 *	NOT IMPLEMENTED
247 	 */
248 
249 	/* one interface */
250 	0x09,       /*  __u8  if_bLength; */
251 	0x04,       /*  __u8  if_bDescriptorType; Interface */
252 	0x00,       /*  __u8  if_bInterfaceNumber; */
253 	0x00,       /*  __u8  if_bAlternateSetting; */
254 	0x01,       /*  __u8  if_bNumEndpoints; */
255 	0x09,       /*  __u8  if_bInterfaceClass; HUB_CLASSCODE */
256 	0x00,       /*  __u8  if_bInterfaceSubClass; */
257 	0x00,       /*  __u8  if_bInterfaceProtocol; [usb1.1 or single tt] */
258 	0x00,       /*  __u8  if_iInterface; */
259 
260 	/* one endpoint (status change endpoint) */
261 	0x07,       /*  __u8  ep_bLength; */
262 	0x05,       /*  __u8  ep_bDescriptorType; Endpoint */
263 	0x81,       /*  __u8  ep_bEndpointAddress; IN Endpoint 1 */
264  	0x03,       /*  __u8  ep_bmAttributes; Interrupt */
265  	0x02, 0x00, /*  __le16 ep_wMaxPacketSize; 1 + (MAX_ROOT_PORTS / 8) */
266 	0xff        /*  __u8  ep_bInterval; (255ms -- usb 2.0 spec) */
267 };
268 
269 static const u8 hs_rh_config_descriptor [] = {
270 
271 	/* one configuration */
272 	0x09,       /*  __u8  bLength; */
273 	0x02,       /*  __u8  bDescriptorType; Configuration */
274 	0x19, 0x00, /*  __le16 wTotalLength; */
275 	0x01,       /*  __u8  bNumInterfaces; (1) */
276 	0x01,       /*  __u8  bConfigurationValue; */
277 	0x00,       /*  __u8  iConfiguration; */
278 	0xc0,       /*  __u8  bmAttributes;
279 				 Bit 7: must be set,
280 				     6: Self-powered,
281 				     5: Remote wakeup,
282 				     4..0: resvd */
283 	0x00,       /*  __u8  MaxPower; */
284 
285 	/* USB 1.1:
286 	 * USB 2.0, single TT organization (mandatory):
287 	 *	one interface, protocol 0
288 	 *
289 	 * USB 2.0, multiple TT organization (optional):
290 	 *	two interfaces, protocols 1 (like single TT)
291 	 *	and 2 (multiple TT mode) ... config is
292 	 *	sometimes settable
293 	 *	NOT IMPLEMENTED
294 	 */
295 
296 	/* one interface */
297 	0x09,       /*  __u8  if_bLength; */
298 	0x04,       /*  __u8  if_bDescriptorType; Interface */
299 	0x00,       /*  __u8  if_bInterfaceNumber; */
300 	0x00,       /*  __u8  if_bAlternateSetting; */
301 	0x01,       /*  __u8  if_bNumEndpoints; */
302 	0x09,       /*  __u8  if_bInterfaceClass; HUB_CLASSCODE */
303 	0x00,       /*  __u8  if_bInterfaceSubClass; */
304 	0x00,       /*  __u8  if_bInterfaceProtocol; [usb1.1 or single tt] */
305 	0x00,       /*  __u8  if_iInterface; */
306 
307 	/* one endpoint (status change endpoint) */
308 	0x07,       /*  __u8  ep_bLength; */
309 	0x05,       /*  __u8  ep_bDescriptorType; Endpoint */
310 	0x81,       /*  __u8  ep_bEndpointAddress; IN Endpoint 1 */
311  	0x03,       /*  __u8  ep_bmAttributes; Interrupt */
312 		    /* __le16 ep_wMaxPacketSize; 1 + (MAX_ROOT_PORTS / 8)
313 		     * see hub.c:hub_configure() for details. */
314 	(USB_MAXCHILDREN + 1 + 7) / 8, 0x00,
315 	0x0c        /*  __u8  ep_bInterval; (256ms -- usb 2.0 spec) */
316 };
317 
318 static const u8 ss_rh_config_descriptor[] = {
319 	/* one configuration */
320 	0x09,       /*  __u8  bLength; */
321 	0x02,       /*  __u8  bDescriptorType; Configuration */
322 	0x1f, 0x00, /*  __le16 wTotalLength; */
323 	0x01,       /*  __u8  bNumInterfaces; (1) */
324 	0x01,       /*  __u8  bConfigurationValue; */
325 	0x00,       /*  __u8  iConfiguration; */
326 	0xc0,       /*  __u8  bmAttributes;
327 				 Bit 7: must be set,
328 				     6: Self-powered,
329 				     5: Remote wakeup,
330 				     4..0: resvd */
331 	0x00,       /*  __u8  MaxPower; */
332 
333 	/* one interface */
334 	0x09,       /*  __u8  if_bLength; */
335 	0x04,       /*  __u8  if_bDescriptorType; Interface */
336 	0x00,       /*  __u8  if_bInterfaceNumber; */
337 	0x00,       /*  __u8  if_bAlternateSetting; */
338 	0x01,       /*  __u8  if_bNumEndpoints; */
339 	0x09,       /*  __u8  if_bInterfaceClass; HUB_CLASSCODE */
340 	0x00,       /*  __u8  if_bInterfaceSubClass; */
341 	0x00,       /*  __u8  if_bInterfaceProtocol; */
342 	0x00,       /*  __u8  if_iInterface; */
343 
344 	/* one endpoint (status change endpoint) */
345 	0x07,       /*  __u8  ep_bLength; */
346 	0x05,       /*  __u8  ep_bDescriptorType; Endpoint */
347 	0x81,       /*  __u8  ep_bEndpointAddress; IN Endpoint 1 */
348 	0x03,       /*  __u8  ep_bmAttributes; Interrupt */
349 		    /* __le16 ep_wMaxPacketSize; 1 + (MAX_ROOT_PORTS / 8)
350 		     * see hub.c:hub_configure() for details. */
351 	(USB_MAXCHILDREN + 1 + 7) / 8, 0x00,
352 	0x0c,       /*  __u8  ep_bInterval; (256ms -- usb 2.0 spec) */
353 
354 	/* one SuperSpeed endpoint companion descriptor */
355 	0x06,        /* __u8 ss_bLength */
356 	0x30,        /* __u8 ss_bDescriptorType; SuperSpeed EP Companion */
357 	0x00,        /* __u8 ss_bMaxBurst; allows 1 TX between ACKs */
358 	0x00,        /* __u8 ss_bmAttributes; 1 packet per service interval */
359 	0x02, 0x00   /* __le16 ss_wBytesPerInterval; 15 bits for max 15 ports */
360 };
361 
362 /* authorized_default behaviour:
363  * -1 is authorized for all devices except wireless (old behaviour)
364  * 0 is unauthorized for all devices
365  * 1 is authorized for all devices
366  */
367 static int authorized_default = -1;
368 module_param(authorized_default, int, S_IRUGO|S_IWUSR);
369 MODULE_PARM_DESC(authorized_default,
370 		"Default USB device authorization: 0 is not authorized, 1 is "
371 		"authorized, -1 is authorized except for wireless USB (default, "
372 		"old behaviour");
373 /*-------------------------------------------------------------------------*/
374 
375 /**
376  * ascii2desc() - Helper routine for producing UTF-16LE string descriptors
377  * @s: Null-terminated ASCII (actually ISO-8859-1) string
378  * @buf: Buffer for USB string descriptor (header + UTF-16LE)
379  * @len: Length (in bytes; may be odd) of descriptor buffer.
380  *
381  * Return: The number of bytes filled in: 2 + 2*strlen(s) or @len,
382  * whichever is less.
383  *
384  * Note:
385  * USB String descriptors can contain at most 126 characters; input
386  * strings longer than that are truncated.
387  */
388 static unsigned
389 ascii2desc(char const *s, u8 *buf, unsigned len)
390 {
391 	unsigned n, t = 2 + 2*strlen(s);
392 
393 	if (t > 254)
394 		t = 254;	/* Longest possible UTF string descriptor */
395 	if (len > t)
396 		len = t;
397 
398 	t += USB_DT_STRING << 8;	/* Now t is first 16 bits to store */
399 
400 	n = len;
401 	while (n--) {
402 		*buf++ = t;
403 		if (!n--)
404 			break;
405 		*buf++ = t >> 8;
406 		t = (unsigned char)*s++;
407 	}
408 	return len;
409 }
410 
411 /**
412  * rh_string() - provides string descriptors for root hub
413  * @id: the string ID number (0: langids, 1: serial #, 2: product, 3: vendor)
414  * @hcd: the host controller for this root hub
415  * @data: buffer for output packet
416  * @len: length of the provided buffer
417  *
418  * Produces either a manufacturer, product or serial number string for the
419  * virtual root hub device.
420  *
421  * Return: The number of bytes filled in: the length of the descriptor or
422  * of the provided buffer, whichever is less.
423  */
424 static unsigned
425 rh_string(int id, struct usb_hcd const *hcd, u8 *data, unsigned len)
426 {
427 	char buf[100];
428 	char const *s;
429 	static char const langids[4] = {4, USB_DT_STRING, 0x09, 0x04};
430 
431 	// language ids
432 	switch (id) {
433 	case 0:
434 		/* Array of LANGID codes (0x0409 is MSFT-speak for "en-us") */
435 		/* See http://www.usb.org/developers/docs/USB_LANGIDs.pdf */
436 		if (len > 4)
437 			len = 4;
438 		memcpy(data, langids, len);
439 		return len;
440 	case 1:
441 		/* Serial number */
442 		s = hcd->self.bus_name;
443 		break;
444 	case 2:
445 		/* Product name */
446 		s = hcd->product_desc;
447 		break;
448 	case 3:
449 		/* Manufacturer */
450 		snprintf (buf, sizeof buf, "%s %s %s", init_utsname()->sysname,
451 			init_utsname()->release, hcd->driver->description);
452 		s = buf;
453 		break;
454 	default:
455 		/* Can't happen; caller guarantees it */
456 		return 0;
457 	}
458 
459 	return ascii2desc(s, data, len);
460 }
461 
462 
463 /* Root hub control transfers execute synchronously */
464 static int rh_call_control (struct usb_hcd *hcd, struct urb *urb)
465 {
466 	struct usb_ctrlrequest *cmd;
467  	u16		typeReq, wValue, wIndex, wLength;
468 	u8		*ubuf = urb->transfer_buffer;
469 	unsigned	len = 0;
470 	int		status;
471 	u8		patch_wakeup = 0;
472 	u8		patch_protocol = 0;
473 	u16		tbuf_size;
474 	u8		*tbuf = NULL;
475 	const u8	*bufp;
476 
477 	might_sleep();
478 
479 	spin_lock_irq(&hcd_root_hub_lock);
480 	status = usb_hcd_link_urb_to_ep(hcd, urb);
481 	spin_unlock_irq(&hcd_root_hub_lock);
482 	if (status)
483 		return status;
484 	urb->hcpriv = hcd;	/* Indicate it's queued */
485 
486 	cmd = (struct usb_ctrlrequest *) urb->setup_packet;
487 	typeReq  = (cmd->bRequestType << 8) | cmd->bRequest;
488 	wValue   = le16_to_cpu (cmd->wValue);
489 	wIndex   = le16_to_cpu (cmd->wIndex);
490 	wLength  = le16_to_cpu (cmd->wLength);
491 
492 	if (wLength > urb->transfer_buffer_length)
493 		goto error;
494 
495 	/*
496 	 * tbuf should be at least as big as the
497 	 * USB hub descriptor.
498 	 */
499 	tbuf_size =  max_t(u16, sizeof(struct usb_hub_descriptor), wLength);
500 	tbuf = kzalloc(tbuf_size, GFP_KERNEL);
501 	if (!tbuf)
502 		return -ENOMEM;
503 
504 	bufp = tbuf;
505 
506 
507 	urb->actual_length = 0;
508 	switch (typeReq) {
509 
510 	/* DEVICE REQUESTS */
511 
512 	/* The root hub's remote wakeup enable bit is implemented using
513 	 * driver model wakeup flags.  If this system supports wakeup
514 	 * through USB, userspace may change the default "allow wakeup"
515 	 * policy through sysfs or these calls.
516 	 *
517 	 * Most root hubs support wakeup from downstream devices, for
518 	 * runtime power management (disabling USB clocks and reducing
519 	 * VBUS power usage).  However, not all of them do so; silicon,
520 	 * board, and BIOS bugs here are not uncommon, so these can't
521 	 * be treated quite like external hubs.
522 	 *
523 	 * Likewise, not all root hubs will pass wakeup events upstream,
524 	 * to wake up the whole system.  So don't assume root hub and
525 	 * controller capabilities are identical.
526 	 */
527 
528 	case DeviceRequest | USB_REQ_GET_STATUS:
529 		tbuf [0] = (device_may_wakeup(&hcd->self.root_hub->dev)
530 					<< USB_DEVICE_REMOTE_WAKEUP)
531 				| (1 << USB_DEVICE_SELF_POWERED);
532 		tbuf [1] = 0;
533 		len = 2;
534 		break;
535 	case DeviceOutRequest | USB_REQ_CLEAR_FEATURE:
536 		if (wValue == USB_DEVICE_REMOTE_WAKEUP)
537 			device_set_wakeup_enable(&hcd->self.root_hub->dev, 0);
538 		else
539 			goto error;
540 		break;
541 	case DeviceOutRequest | USB_REQ_SET_FEATURE:
542 		if (device_can_wakeup(&hcd->self.root_hub->dev)
543 				&& wValue == USB_DEVICE_REMOTE_WAKEUP)
544 			device_set_wakeup_enable(&hcd->self.root_hub->dev, 1);
545 		else
546 			goto error;
547 		break;
548 	case DeviceRequest | USB_REQ_GET_CONFIGURATION:
549 		tbuf [0] = 1;
550 		len = 1;
551 			/* FALLTHROUGH */
552 	case DeviceOutRequest | USB_REQ_SET_CONFIGURATION:
553 		break;
554 	case DeviceRequest | USB_REQ_GET_DESCRIPTOR:
555 		switch (wValue & 0xff00) {
556 		case USB_DT_DEVICE << 8:
557 			switch (hcd->speed) {
558 			case HCD_USB3:
559 				bufp = usb3_rh_dev_descriptor;
560 				break;
561 			case HCD_USB25:
562 				bufp = usb25_rh_dev_descriptor;
563 				break;
564 			case HCD_USB2:
565 				bufp = usb2_rh_dev_descriptor;
566 				break;
567 			case HCD_USB11:
568 				bufp = usb11_rh_dev_descriptor;
569 				break;
570 			default:
571 				goto error;
572 			}
573 			len = 18;
574 			if (hcd->has_tt)
575 				patch_protocol = 1;
576 			break;
577 		case USB_DT_CONFIG << 8:
578 			switch (hcd->speed) {
579 			case HCD_USB3:
580 				bufp = ss_rh_config_descriptor;
581 				len = sizeof ss_rh_config_descriptor;
582 				break;
583 			case HCD_USB25:
584 			case HCD_USB2:
585 				bufp = hs_rh_config_descriptor;
586 				len = sizeof hs_rh_config_descriptor;
587 				break;
588 			case HCD_USB11:
589 				bufp = fs_rh_config_descriptor;
590 				len = sizeof fs_rh_config_descriptor;
591 				break;
592 			default:
593 				goto error;
594 			}
595 			if (device_can_wakeup(&hcd->self.root_hub->dev))
596 				patch_wakeup = 1;
597 			break;
598 		case USB_DT_STRING << 8:
599 			if ((wValue & 0xff) < 4)
600 				urb->actual_length = rh_string(wValue & 0xff,
601 						hcd, ubuf, wLength);
602 			else /* unsupported IDs --> "protocol stall" */
603 				goto error;
604 			break;
605 		case USB_DT_BOS << 8:
606 			goto nongeneric;
607 		default:
608 			goto error;
609 		}
610 		break;
611 	case DeviceRequest | USB_REQ_GET_INTERFACE:
612 		tbuf [0] = 0;
613 		len = 1;
614 			/* FALLTHROUGH */
615 	case DeviceOutRequest | USB_REQ_SET_INTERFACE:
616 		break;
617 	case DeviceOutRequest | USB_REQ_SET_ADDRESS:
618 		// wValue == urb->dev->devaddr
619 		dev_dbg (hcd->self.controller, "root hub device address %d\n",
620 			wValue);
621 		break;
622 
623 	/* INTERFACE REQUESTS (no defined feature/status flags) */
624 
625 	/* ENDPOINT REQUESTS */
626 
627 	case EndpointRequest | USB_REQ_GET_STATUS:
628 		// ENDPOINT_HALT flag
629 		tbuf [0] = 0;
630 		tbuf [1] = 0;
631 		len = 2;
632 			/* FALLTHROUGH */
633 	case EndpointOutRequest | USB_REQ_CLEAR_FEATURE:
634 	case EndpointOutRequest | USB_REQ_SET_FEATURE:
635 		dev_dbg (hcd->self.controller, "no endpoint features yet\n");
636 		break;
637 
638 	/* CLASS REQUESTS (and errors) */
639 
640 	default:
641 nongeneric:
642 		/* non-generic request */
643 		switch (typeReq) {
644 		case GetHubStatus:
645 		case GetPortStatus:
646 			len = 4;
647 			break;
648 		case GetHubDescriptor:
649 			len = sizeof (struct usb_hub_descriptor);
650 			break;
651 		case DeviceRequest | USB_REQ_GET_DESCRIPTOR:
652 			/* len is returned by hub_control */
653 			break;
654 		}
655 		status = hcd->driver->hub_control (hcd,
656 			typeReq, wValue, wIndex,
657 			tbuf, wLength);
658 
659 		if (typeReq == GetHubDescriptor)
660 			usb_hub_adjust_deviceremovable(hcd->self.root_hub,
661 				(struct usb_hub_descriptor *)tbuf);
662 		break;
663 error:
664 		/* "protocol stall" on error */
665 		status = -EPIPE;
666 	}
667 
668 	if (status < 0) {
669 		len = 0;
670 		if (status != -EPIPE) {
671 			dev_dbg (hcd->self.controller,
672 				"CTRL: TypeReq=0x%x val=0x%x "
673 				"idx=0x%x len=%d ==> %d\n",
674 				typeReq, wValue, wIndex,
675 				wLength, status);
676 		}
677 	} else if (status > 0) {
678 		/* hub_control may return the length of data copied. */
679 		len = status;
680 		status = 0;
681 	}
682 	if (len) {
683 		if (urb->transfer_buffer_length < len)
684 			len = urb->transfer_buffer_length;
685 		urb->actual_length = len;
686 		// always USB_DIR_IN, toward host
687 		memcpy (ubuf, bufp, len);
688 
689 		/* report whether RH hardware supports remote wakeup */
690 		if (patch_wakeup &&
691 				len > offsetof (struct usb_config_descriptor,
692 						bmAttributes))
693 			((struct usb_config_descriptor *)ubuf)->bmAttributes
694 				|= USB_CONFIG_ATT_WAKEUP;
695 
696 		/* report whether RH hardware has an integrated TT */
697 		if (patch_protocol &&
698 				len > offsetof(struct usb_device_descriptor,
699 						bDeviceProtocol))
700 			((struct usb_device_descriptor *) ubuf)->
701 				bDeviceProtocol = USB_HUB_PR_HS_SINGLE_TT;
702 	}
703 
704 	kfree(tbuf);
705 
706 	/* any errors get returned through the urb completion */
707 	spin_lock_irq(&hcd_root_hub_lock);
708 	usb_hcd_unlink_urb_from_ep(hcd, urb);
709 	usb_hcd_giveback_urb(hcd, urb, status);
710 	spin_unlock_irq(&hcd_root_hub_lock);
711 	return 0;
712 }
713 
714 /*-------------------------------------------------------------------------*/
715 
716 /*
717  * Root Hub interrupt transfers are polled using a timer if the
718  * driver requests it; otherwise the driver is responsible for
719  * calling usb_hcd_poll_rh_status() when an event occurs.
720  *
721  * Completions are called in_interrupt(), but they may or may not
722  * be in_irq().
723  */
724 void usb_hcd_poll_rh_status(struct usb_hcd *hcd)
725 {
726 	struct urb	*urb;
727 	int		length;
728 	unsigned long	flags;
729 	char		buffer[6];	/* Any root hubs with > 31 ports? */
730 
731 	if (unlikely(!hcd->rh_pollable))
732 		return;
733 	if (!hcd->uses_new_polling && !hcd->status_urb)
734 		return;
735 
736 	length = hcd->driver->hub_status_data(hcd, buffer);
737 	if (length > 0) {
738 
739 		/* try to complete the status urb */
740 		spin_lock_irqsave(&hcd_root_hub_lock, flags);
741 		urb = hcd->status_urb;
742 		if (urb) {
743 			clear_bit(HCD_FLAG_POLL_PENDING, &hcd->flags);
744 			hcd->status_urb = NULL;
745 			urb->actual_length = length;
746 			memcpy(urb->transfer_buffer, buffer, length);
747 
748 			usb_hcd_unlink_urb_from_ep(hcd, urb);
749 			usb_hcd_giveback_urb(hcd, urb, 0);
750 		} else {
751 			length = 0;
752 			set_bit(HCD_FLAG_POLL_PENDING, &hcd->flags);
753 		}
754 		spin_unlock_irqrestore(&hcd_root_hub_lock, flags);
755 	}
756 
757 	/* The USB 2.0 spec says 256 ms.  This is close enough and won't
758 	 * exceed that limit if HZ is 100. The math is more clunky than
759 	 * maybe expected, this is to make sure that all timers for USB devices
760 	 * fire at the same time to give the CPU a break in between */
761 	if (hcd->uses_new_polling ? HCD_POLL_RH(hcd) :
762 			(length == 0 && hcd->status_urb != NULL))
763 		mod_timer (&hcd->rh_timer, (jiffies/(HZ/4) + 1) * (HZ/4));
764 }
765 EXPORT_SYMBOL_GPL(usb_hcd_poll_rh_status);
766 
767 /* timer callback */
768 static void rh_timer_func (unsigned long _hcd)
769 {
770 	usb_hcd_poll_rh_status((struct usb_hcd *) _hcd);
771 }
772 
773 /*-------------------------------------------------------------------------*/
774 
775 static int rh_queue_status (struct usb_hcd *hcd, struct urb *urb)
776 {
777 	int		retval;
778 	unsigned long	flags;
779 	unsigned	len = 1 + (urb->dev->maxchild / 8);
780 
781 	spin_lock_irqsave (&hcd_root_hub_lock, flags);
782 	if (hcd->status_urb || urb->transfer_buffer_length < len) {
783 		dev_dbg (hcd->self.controller, "not queuing rh status urb\n");
784 		retval = -EINVAL;
785 		goto done;
786 	}
787 
788 	retval = usb_hcd_link_urb_to_ep(hcd, urb);
789 	if (retval)
790 		goto done;
791 
792 	hcd->status_urb = urb;
793 	urb->hcpriv = hcd;	/* indicate it's queued */
794 	if (!hcd->uses_new_polling)
795 		mod_timer(&hcd->rh_timer, (jiffies/(HZ/4) + 1) * (HZ/4));
796 
797 	/* If a status change has already occurred, report it ASAP */
798 	else if (HCD_POLL_PENDING(hcd))
799 		mod_timer(&hcd->rh_timer, jiffies);
800 	retval = 0;
801  done:
802 	spin_unlock_irqrestore (&hcd_root_hub_lock, flags);
803 	return retval;
804 }
805 
806 static int rh_urb_enqueue (struct usb_hcd *hcd, struct urb *urb)
807 {
808 	if (usb_endpoint_xfer_int(&urb->ep->desc))
809 		return rh_queue_status (hcd, urb);
810 	if (usb_endpoint_xfer_control(&urb->ep->desc))
811 		return rh_call_control (hcd, urb);
812 	return -EINVAL;
813 }
814 
815 /*-------------------------------------------------------------------------*/
816 
817 /* Unlinks of root-hub control URBs are legal, but they don't do anything
818  * since these URBs always execute synchronously.
819  */
820 static int usb_rh_urb_dequeue(struct usb_hcd *hcd, struct urb *urb, int status)
821 {
822 	unsigned long	flags;
823 	int		rc;
824 
825 	spin_lock_irqsave(&hcd_root_hub_lock, flags);
826 	rc = usb_hcd_check_unlink_urb(hcd, urb, status);
827 	if (rc)
828 		goto done;
829 
830 	if (usb_endpoint_num(&urb->ep->desc) == 0) {	/* Control URB */
831 		;	/* Do nothing */
832 
833 	} else {				/* Status URB */
834 		if (!hcd->uses_new_polling)
835 			del_timer (&hcd->rh_timer);
836 		if (urb == hcd->status_urb) {
837 			hcd->status_urb = NULL;
838 			usb_hcd_unlink_urb_from_ep(hcd, urb);
839 			usb_hcd_giveback_urb(hcd, urb, status);
840 		}
841 	}
842  done:
843 	spin_unlock_irqrestore(&hcd_root_hub_lock, flags);
844 	return rc;
845 }
846 
847 
848 
849 /*
850  * Show & store the current value of authorized_default
851  */
852 static ssize_t authorized_default_show(struct device *dev,
853 				       struct device_attribute *attr, char *buf)
854 {
855 	struct usb_device *rh_usb_dev = to_usb_device(dev);
856 	struct usb_bus *usb_bus = rh_usb_dev->bus;
857 	struct usb_hcd *usb_hcd;
858 
859 	if (usb_bus == NULL)	/* FIXME: not sure if this case is possible */
860 		return -ENODEV;
861 	usb_hcd = bus_to_hcd(usb_bus);
862 	return snprintf(buf, PAGE_SIZE, "%u\n", usb_hcd->authorized_default);
863 }
864 
865 static ssize_t authorized_default_store(struct device *dev,
866 					struct device_attribute *attr,
867 					const char *buf, size_t size)
868 {
869 	ssize_t result;
870 	unsigned val;
871 	struct usb_device *rh_usb_dev = to_usb_device(dev);
872 	struct usb_bus *usb_bus = rh_usb_dev->bus;
873 	struct usb_hcd *usb_hcd;
874 
875 	if (usb_bus == NULL)	/* FIXME: not sure if this case is possible */
876 		return -ENODEV;
877 	usb_hcd = bus_to_hcd(usb_bus);
878 	result = sscanf(buf, "%u\n", &val);
879 	if (result == 1) {
880 		usb_hcd->authorized_default = val? 1 : 0;
881 		result = size;
882 	}
883 	else
884 		result = -EINVAL;
885 	return result;
886 }
887 static DEVICE_ATTR_RW(authorized_default);
888 
889 /* Group all the USB bus attributes */
890 static struct attribute *usb_bus_attrs[] = {
891 		&dev_attr_authorized_default.attr,
892 		NULL,
893 };
894 
895 static struct attribute_group usb_bus_attr_group = {
896 	.name = NULL,	/* we want them in the same directory */
897 	.attrs = usb_bus_attrs,
898 };
899 
900 
901 
902 /*-------------------------------------------------------------------------*/
903 
904 /**
905  * usb_bus_init - shared initialization code
906  * @bus: the bus structure being initialized
907  *
908  * This code is used to initialize a usb_bus structure, memory for which is
909  * separately managed.
910  */
911 static void usb_bus_init (struct usb_bus *bus)
912 {
913 	memset (&bus->devmap, 0, sizeof(struct usb_devmap));
914 
915 	bus->devnum_next = 1;
916 
917 	bus->root_hub = NULL;
918 	bus->busnum = -1;
919 	bus->bandwidth_allocated = 0;
920 	bus->bandwidth_int_reqs  = 0;
921 	bus->bandwidth_isoc_reqs = 0;
922 
923 	INIT_LIST_HEAD (&bus->bus_list);
924 }
925 
926 /*-------------------------------------------------------------------------*/
927 
928 /**
929  * usb_register_bus - registers the USB host controller with the usb core
930  * @bus: pointer to the bus to register
931  * Context: !in_interrupt()
932  *
933  * Assigns a bus number, and links the controller into usbcore data
934  * structures so that it can be seen by scanning the bus list.
935  *
936  * Return: 0 if successful. A negative error code otherwise.
937  */
938 static int usb_register_bus(struct usb_bus *bus)
939 {
940 	int result = -E2BIG;
941 	int busnum;
942 
943 	mutex_lock(&usb_bus_list_lock);
944 	busnum = find_next_zero_bit (busmap.busmap, USB_MAXBUS, 1);
945 	if (busnum >= USB_MAXBUS) {
946 		printk (KERN_ERR "%s: too many buses\n", usbcore_name);
947 		goto error_find_busnum;
948 	}
949 	set_bit (busnum, busmap.busmap);
950 	bus->busnum = busnum;
951 
952 	/* Add it to the local list of buses */
953 	list_add (&bus->bus_list, &usb_bus_list);
954 	mutex_unlock(&usb_bus_list_lock);
955 
956 	usb_notify_add_bus(bus);
957 
958 	dev_info (bus->controller, "new USB bus registered, assigned bus "
959 		  "number %d\n", bus->busnum);
960 	return 0;
961 
962 error_find_busnum:
963 	mutex_unlock(&usb_bus_list_lock);
964 	return result;
965 }
966 
967 /**
968  * usb_deregister_bus - deregisters the USB host controller
969  * @bus: pointer to the bus to deregister
970  * Context: !in_interrupt()
971  *
972  * Recycles the bus number, and unlinks the controller from usbcore data
973  * structures so that it won't be seen by scanning the bus list.
974  */
975 static void usb_deregister_bus (struct usb_bus *bus)
976 {
977 	dev_info (bus->controller, "USB bus %d deregistered\n", bus->busnum);
978 
979 	/*
980 	 * NOTE: make sure that all the devices are removed by the
981 	 * controller code, as well as having it call this when cleaning
982 	 * itself up
983 	 */
984 	mutex_lock(&usb_bus_list_lock);
985 	list_del (&bus->bus_list);
986 	mutex_unlock(&usb_bus_list_lock);
987 
988 	usb_notify_remove_bus(bus);
989 
990 	clear_bit (bus->busnum, busmap.busmap);
991 }
992 
993 /**
994  * register_root_hub - called by usb_add_hcd() to register a root hub
995  * @hcd: host controller for this root hub
996  *
997  * This function registers the root hub with the USB subsystem.  It sets up
998  * the device properly in the device tree and then calls usb_new_device()
999  * to register the usb device.  It also assigns the root hub's USB address
1000  * (always 1).
1001  *
1002  * Return: 0 if successful. A negative error code otherwise.
1003  */
1004 static int register_root_hub(struct usb_hcd *hcd)
1005 {
1006 	struct device *parent_dev = hcd->self.controller;
1007 	struct usb_device *usb_dev = hcd->self.root_hub;
1008 	const int devnum = 1;
1009 	int retval;
1010 
1011 	usb_dev->devnum = devnum;
1012 	usb_dev->bus->devnum_next = devnum + 1;
1013 	memset (&usb_dev->bus->devmap.devicemap, 0,
1014 			sizeof usb_dev->bus->devmap.devicemap);
1015 	set_bit (devnum, usb_dev->bus->devmap.devicemap);
1016 	usb_set_device_state(usb_dev, USB_STATE_ADDRESS);
1017 
1018 	mutex_lock(&usb_bus_list_lock);
1019 
1020 	usb_dev->ep0.desc.wMaxPacketSize = cpu_to_le16(64);
1021 	retval = usb_get_device_descriptor(usb_dev, USB_DT_DEVICE_SIZE);
1022 	if (retval != sizeof usb_dev->descriptor) {
1023 		mutex_unlock(&usb_bus_list_lock);
1024 		dev_dbg (parent_dev, "can't read %s device descriptor %d\n",
1025 				dev_name(&usb_dev->dev), retval);
1026 		return (retval < 0) ? retval : -EMSGSIZE;
1027 	}
1028 	if (usb_dev->speed == USB_SPEED_SUPER) {
1029 		retval = usb_get_bos_descriptor(usb_dev);
1030 		if (retval < 0) {
1031 			mutex_unlock(&usb_bus_list_lock);
1032 			dev_dbg(parent_dev, "can't read %s bos descriptor %d\n",
1033 					dev_name(&usb_dev->dev), retval);
1034 			return retval;
1035 		}
1036 	}
1037 
1038 	retval = usb_new_device (usb_dev);
1039 	if (retval) {
1040 		dev_err (parent_dev, "can't register root hub for %s, %d\n",
1041 				dev_name(&usb_dev->dev), retval);
1042 	} else {
1043 		spin_lock_irq (&hcd_root_hub_lock);
1044 		hcd->rh_registered = 1;
1045 		spin_unlock_irq (&hcd_root_hub_lock);
1046 
1047 		/* Did the HC die before the root hub was registered? */
1048 		if (HCD_DEAD(hcd))
1049 			usb_hc_died (hcd);	/* This time clean up */
1050 	}
1051 	mutex_unlock(&usb_bus_list_lock);
1052 
1053 	return retval;
1054 }
1055 
1056 /*
1057  * usb_hcd_start_port_resume - a root-hub port is sending a resume signal
1058  * @bus: the bus which the root hub belongs to
1059  * @portnum: the port which is being resumed
1060  *
1061  * HCDs should call this function when they know that a resume signal is
1062  * being sent to a root-hub port.  The root hub will be prevented from
1063  * going into autosuspend until usb_hcd_end_port_resume() is called.
1064  *
1065  * The bus's private lock must be held by the caller.
1066  */
1067 void usb_hcd_start_port_resume(struct usb_bus *bus, int portnum)
1068 {
1069 	unsigned bit = 1 << portnum;
1070 
1071 	if (!(bus->resuming_ports & bit)) {
1072 		bus->resuming_ports |= bit;
1073 		pm_runtime_get_noresume(&bus->root_hub->dev);
1074 	}
1075 }
1076 EXPORT_SYMBOL_GPL(usb_hcd_start_port_resume);
1077 
1078 /*
1079  * usb_hcd_end_port_resume - a root-hub port has stopped sending a resume signal
1080  * @bus: the bus which the root hub belongs to
1081  * @portnum: the port which is being resumed
1082  *
1083  * HCDs should call this function when they know that a resume signal has
1084  * stopped being sent to a root-hub port.  The root hub will be allowed to
1085  * autosuspend again.
1086  *
1087  * The bus's private lock must be held by the caller.
1088  */
1089 void usb_hcd_end_port_resume(struct usb_bus *bus, int portnum)
1090 {
1091 	unsigned bit = 1 << portnum;
1092 
1093 	if (bus->resuming_ports & bit) {
1094 		bus->resuming_ports &= ~bit;
1095 		pm_runtime_put_noidle(&bus->root_hub->dev);
1096 	}
1097 }
1098 EXPORT_SYMBOL_GPL(usb_hcd_end_port_resume);
1099 
1100 /*-------------------------------------------------------------------------*/
1101 
1102 /**
1103  * usb_calc_bus_time - approximate periodic transaction time in nanoseconds
1104  * @speed: from dev->speed; USB_SPEED_{LOW,FULL,HIGH}
1105  * @is_input: true iff the transaction sends data to the host
1106  * @isoc: true for isochronous transactions, false for interrupt ones
1107  * @bytecount: how many bytes in the transaction.
1108  *
1109  * Return: Approximate bus time in nanoseconds for a periodic transaction.
1110  *
1111  * Note:
1112  * See USB 2.0 spec section 5.11.3; only periodic transfers need to be
1113  * scheduled in software, this function is only used for such scheduling.
1114  */
1115 long usb_calc_bus_time (int speed, int is_input, int isoc, int bytecount)
1116 {
1117 	unsigned long	tmp;
1118 
1119 	switch (speed) {
1120 	case USB_SPEED_LOW: 	/* INTR only */
1121 		if (is_input) {
1122 			tmp = (67667L * (31L + 10L * BitTime (bytecount))) / 1000L;
1123 			return (64060L + (2 * BW_HUB_LS_SETUP) + BW_HOST_DELAY + tmp);
1124 		} else {
1125 			tmp = (66700L * (31L + 10L * BitTime (bytecount))) / 1000L;
1126 			return (64107L + (2 * BW_HUB_LS_SETUP) + BW_HOST_DELAY + tmp);
1127 		}
1128 	case USB_SPEED_FULL:	/* ISOC or INTR */
1129 		if (isoc) {
1130 			tmp = (8354L * (31L + 10L * BitTime (bytecount))) / 1000L;
1131 			return (((is_input) ? 7268L : 6265L) + BW_HOST_DELAY + tmp);
1132 		} else {
1133 			tmp = (8354L * (31L + 10L * BitTime (bytecount))) / 1000L;
1134 			return (9107L + BW_HOST_DELAY + tmp);
1135 		}
1136 	case USB_SPEED_HIGH:	/* ISOC or INTR */
1137 		// FIXME adjust for input vs output
1138 		if (isoc)
1139 			tmp = HS_NSECS_ISO (bytecount);
1140 		else
1141 			tmp = HS_NSECS (bytecount);
1142 		return tmp;
1143 	default:
1144 		pr_debug ("%s: bogus device speed!\n", usbcore_name);
1145 		return -1;
1146 	}
1147 }
1148 EXPORT_SYMBOL_GPL(usb_calc_bus_time);
1149 
1150 
1151 /*-------------------------------------------------------------------------*/
1152 
1153 /*
1154  * Generic HC operations.
1155  */
1156 
1157 /*-------------------------------------------------------------------------*/
1158 
1159 /**
1160  * usb_hcd_link_urb_to_ep - add an URB to its endpoint queue
1161  * @hcd: host controller to which @urb was submitted
1162  * @urb: URB being submitted
1163  *
1164  * Host controller drivers should call this routine in their enqueue()
1165  * method.  The HCD's private spinlock must be held and interrupts must
1166  * be disabled.  The actions carried out here are required for URB
1167  * submission, as well as for endpoint shutdown and for usb_kill_urb.
1168  *
1169  * Return: 0 for no error, otherwise a negative error code (in which case
1170  * the enqueue() method must fail).  If no error occurs but enqueue() fails
1171  * anyway, it must call usb_hcd_unlink_urb_from_ep() before releasing
1172  * the private spinlock and returning.
1173  */
1174 int usb_hcd_link_urb_to_ep(struct usb_hcd *hcd, struct urb *urb)
1175 {
1176 	int		rc = 0;
1177 
1178 	spin_lock(&hcd_urb_list_lock);
1179 
1180 	/* Check that the URB isn't being killed */
1181 	if (unlikely(atomic_read(&urb->reject))) {
1182 		rc = -EPERM;
1183 		goto done;
1184 	}
1185 
1186 	if (unlikely(!urb->ep->enabled)) {
1187 		rc = -ENOENT;
1188 		goto done;
1189 	}
1190 
1191 	if (unlikely(!urb->dev->can_submit)) {
1192 		rc = -EHOSTUNREACH;
1193 		goto done;
1194 	}
1195 
1196 	/*
1197 	 * Check the host controller's state and add the URB to the
1198 	 * endpoint's queue.
1199 	 */
1200 	if (HCD_RH_RUNNING(hcd)) {
1201 		urb->unlinked = 0;
1202 		list_add_tail(&urb->urb_list, &urb->ep->urb_list);
1203 	} else {
1204 		rc = -ESHUTDOWN;
1205 		goto done;
1206 	}
1207  done:
1208 	spin_unlock(&hcd_urb_list_lock);
1209 	return rc;
1210 }
1211 EXPORT_SYMBOL_GPL(usb_hcd_link_urb_to_ep);
1212 
1213 /**
1214  * usb_hcd_check_unlink_urb - check whether an URB may be unlinked
1215  * @hcd: host controller to which @urb was submitted
1216  * @urb: URB being checked for unlinkability
1217  * @status: error code to store in @urb if the unlink succeeds
1218  *
1219  * Host controller drivers should call this routine in their dequeue()
1220  * method.  The HCD's private spinlock must be held and interrupts must
1221  * be disabled.  The actions carried out here are required for making
1222  * sure than an unlink is valid.
1223  *
1224  * Return: 0 for no error, otherwise a negative error code (in which case
1225  * the dequeue() method must fail).  The possible error codes are:
1226  *
1227  *	-EIDRM: @urb was not submitted or has already completed.
1228  *		The completion function may not have been called yet.
1229  *
1230  *	-EBUSY: @urb has already been unlinked.
1231  */
1232 int usb_hcd_check_unlink_urb(struct usb_hcd *hcd, struct urb *urb,
1233 		int status)
1234 {
1235 	struct list_head	*tmp;
1236 
1237 	/* insist the urb is still queued */
1238 	list_for_each(tmp, &urb->ep->urb_list) {
1239 		if (tmp == &urb->urb_list)
1240 			break;
1241 	}
1242 	if (tmp != &urb->urb_list)
1243 		return -EIDRM;
1244 
1245 	/* Any status except -EINPROGRESS means something already started to
1246 	 * unlink this URB from the hardware.  So there's no more work to do.
1247 	 */
1248 	if (urb->unlinked)
1249 		return -EBUSY;
1250 	urb->unlinked = status;
1251 	return 0;
1252 }
1253 EXPORT_SYMBOL_GPL(usb_hcd_check_unlink_urb);
1254 
1255 /**
1256  * usb_hcd_unlink_urb_from_ep - remove an URB from its endpoint queue
1257  * @hcd: host controller to which @urb was submitted
1258  * @urb: URB being unlinked
1259  *
1260  * Host controller drivers should call this routine before calling
1261  * usb_hcd_giveback_urb().  The HCD's private spinlock must be held and
1262  * interrupts must be disabled.  The actions carried out here are required
1263  * for URB completion.
1264  */
1265 void usb_hcd_unlink_urb_from_ep(struct usb_hcd *hcd, struct urb *urb)
1266 {
1267 	/* clear all state linking urb to this dev (and hcd) */
1268 	spin_lock(&hcd_urb_list_lock);
1269 	list_del_init(&urb->urb_list);
1270 	spin_unlock(&hcd_urb_list_lock);
1271 }
1272 EXPORT_SYMBOL_GPL(usb_hcd_unlink_urb_from_ep);
1273 
1274 /*
1275  * Some usb host controllers can only perform dma using a small SRAM area.
1276  * The usb core itself is however optimized for host controllers that can dma
1277  * using regular system memory - like pci devices doing bus mastering.
1278  *
1279  * To support host controllers with limited dma capabilites we provide dma
1280  * bounce buffers. This feature can be enabled using the HCD_LOCAL_MEM flag.
1281  * For this to work properly the host controller code must first use the
1282  * function dma_declare_coherent_memory() to point out which memory area
1283  * that should be used for dma allocations.
1284  *
1285  * The HCD_LOCAL_MEM flag then tells the usb code to allocate all data for
1286  * dma using dma_alloc_coherent() which in turn allocates from the memory
1287  * area pointed out with dma_declare_coherent_memory().
1288  *
1289  * So, to summarize...
1290  *
1291  * - We need "local" memory, canonical example being
1292  *   a small SRAM on a discrete controller being the
1293  *   only memory that the controller can read ...
1294  *   (a) "normal" kernel memory is no good, and
1295  *   (b) there's not enough to share
1296  *
1297  * - The only *portable* hook for such stuff in the
1298  *   DMA framework is dma_declare_coherent_memory()
1299  *
1300  * - So we use that, even though the primary requirement
1301  *   is that the memory be "local" (hence addressible
1302  *   by that device), not "coherent".
1303  *
1304  */
1305 
1306 static int hcd_alloc_coherent(struct usb_bus *bus,
1307 			      gfp_t mem_flags, dma_addr_t *dma_handle,
1308 			      void **vaddr_handle, size_t size,
1309 			      enum dma_data_direction dir)
1310 {
1311 	unsigned char *vaddr;
1312 
1313 	if (*vaddr_handle == NULL) {
1314 		WARN_ON_ONCE(1);
1315 		return -EFAULT;
1316 	}
1317 
1318 	vaddr = hcd_buffer_alloc(bus, size + sizeof(vaddr),
1319 				 mem_flags, dma_handle);
1320 	if (!vaddr)
1321 		return -ENOMEM;
1322 
1323 	/*
1324 	 * Store the virtual address of the buffer at the end
1325 	 * of the allocated dma buffer. The size of the buffer
1326 	 * may be uneven so use unaligned functions instead
1327 	 * of just rounding up. It makes sense to optimize for
1328 	 * memory footprint over access speed since the amount
1329 	 * of memory available for dma may be limited.
1330 	 */
1331 	put_unaligned((unsigned long)*vaddr_handle,
1332 		      (unsigned long *)(vaddr + size));
1333 
1334 	if (dir == DMA_TO_DEVICE)
1335 		memcpy(vaddr, *vaddr_handle, size);
1336 
1337 	*vaddr_handle = vaddr;
1338 	return 0;
1339 }
1340 
1341 static void hcd_free_coherent(struct usb_bus *bus, dma_addr_t *dma_handle,
1342 			      void **vaddr_handle, size_t size,
1343 			      enum dma_data_direction dir)
1344 {
1345 	unsigned char *vaddr = *vaddr_handle;
1346 
1347 	vaddr = (void *)get_unaligned((unsigned long *)(vaddr + size));
1348 
1349 	if (dir == DMA_FROM_DEVICE)
1350 		memcpy(vaddr, *vaddr_handle, size);
1351 
1352 	hcd_buffer_free(bus, size + sizeof(vaddr), *vaddr_handle, *dma_handle);
1353 
1354 	*vaddr_handle = vaddr;
1355 	*dma_handle = 0;
1356 }
1357 
1358 void usb_hcd_unmap_urb_setup_for_dma(struct usb_hcd *hcd, struct urb *urb)
1359 {
1360 	if (urb->transfer_flags & URB_SETUP_MAP_SINGLE)
1361 		dma_unmap_single(hcd->self.controller,
1362 				urb->setup_dma,
1363 				sizeof(struct usb_ctrlrequest),
1364 				DMA_TO_DEVICE);
1365 	else if (urb->transfer_flags & URB_SETUP_MAP_LOCAL)
1366 		hcd_free_coherent(urb->dev->bus,
1367 				&urb->setup_dma,
1368 				(void **) &urb->setup_packet,
1369 				sizeof(struct usb_ctrlrequest),
1370 				DMA_TO_DEVICE);
1371 
1372 	/* Make it safe to call this routine more than once */
1373 	urb->transfer_flags &= ~(URB_SETUP_MAP_SINGLE | URB_SETUP_MAP_LOCAL);
1374 }
1375 EXPORT_SYMBOL_GPL(usb_hcd_unmap_urb_setup_for_dma);
1376 
1377 static void unmap_urb_for_dma(struct usb_hcd *hcd, struct urb *urb)
1378 {
1379 	if (hcd->driver->unmap_urb_for_dma)
1380 		hcd->driver->unmap_urb_for_dma(hcd, urb);
1381 	else
1382 		usb_hcd_unmap_urb_for_dma(hcd, urb);
1383 }
1384 
1385 void usb_hcd_unmap_urb_for_dma(struct usb_hcd *hcd, struct urb *urb)
1386 {
1387 	enum dma_data_direction dir;
1388 
1389 	usb_hcd_unmap_urb_setup_for_dma(hcd, urb);
1390 
1391 	dir = usb_urb_dir_in(urb) ? DMA_FROM_DEVICE : DMA_TO_DEVICE;
1392 	if (urb->transfer_flags & URB_DMA_MAP_SG)
1393 		dma_unmap_sg(hcd->self.controller,
1394 				urb->sg,
1395 				urb->num_sgs,
1396 				dir);
1397 	else if (urb->transfer_flags & URB_DMA_MAP_PAGE)
1398 		dma_unmap_page(hcd->self.controller,
1399 				urb->transfer_dma,
1400 				urb->transfer_buffer_length,
1401 				dir);
1402 	else if (urb->transfer_flags & URB_DMA_MAP_SINGLE)
1403 		dma_unmap_single(hcd->self.controller,
1404 				urb->transfer_dma,
1405 				urb->transfer_buffer_length,
1406 				dir);
1407 	else if (urb->transfer_flags & URB_MAP_LOCAL)
1408 		hcd_free_coherent(urb->dev->bus,
1409 				&urb->transfer_dma,
1410 				&urb->transfer_buffer,
1411 				urb->transfer_buffer_length,
1412 				dir);
1413 
1414 	/* Make it safe to call this routine more than once */
1415 	urb->transfer_flags &= ~(URB_DMA_MAP_SG | URB_DMA_MAP_PAGE |
1416 			URB_DMA_MAP_SINGLE | URB_MAP_LOCAL);
1417 }
1418 EXPORT_SYMBOL_GPL(usb_hcd_unmap_urb_for_dma);
1419 
1420 static int map_urb_for_dma(struct usb_hcd *hcd, struct urb *urb,
1421 			   gfp_t mem_flags)
1422 {
1423 	if (hcd->driver->map_urb_for_dma)
1424 		return hcd->driver->map_urb_for_dma(hcd, urb, mem_flags);
1425 	else
1426 		return usb_hcd_map_urb_for_dma(hcd, urb, mem_flags);
1427 }
1428 
1429 int usb_hcd_map_urb_for_dma(struct usb_hcd *hcd, struct urb *urb,
1430 			    gfp_t mem_flags)
1431 {
1432 	enum dma_data_direction dir;
1433 	int ret = 0;
1434 
1435 	/* Map the URB's buffers for DMA access.
1436 	 * Lower level HCD code should use *_dma exclusively,
1437 	 * unless it uses pio or talks to another transport,
1438 	 * or uses the provided scatter gather list for bulk.
1439 	 */
1440 
1441 	if (usb_endpoint_xfer_control(&urb->ep->desc)) {
1442 		if (hcd->self.uses_pio_for_control)
1443 			return ret;
1444 		if (hcd->self.uses_dma) {
1445 			urb->setup_dma = dma_map_single(
1446 					hcd->self.controller,
1447 					urb->setup_packet,
1448 					sizeof(struct usb_ctrlrequest),
1449 					DMA_TO_DEVICE);
1450 			if (dma_mapping_error(hcd->self.controller,
1451 						urb->setup_dma))
1452 				return -EAGAIN;
1453 			urb->transfer_flags |= URB_SETUP_MAP_SINGLE;
1454 		} else if (hcd->driver->flags & HCD_LOCAL_MEM) {
1455 			ret = hcd_alloc_coherent(
1456 					urb->dev->bus, mem_flags,
1457 					&urb->setup_dma,
1458 					(void **)&urb->setup_packet,
1459 					sizeof(struct usb_ctrlrequest),
1460 					DMA_TO_DEVICE);
1461 			if (ret)
1462 				return ret;
1463 			urb->transfer_flags |= URB_SETUP_MAP_LOCAL;
1464 		}
1465 	}
1466 
1467 	dir = usb_urb_dir_in(urb) ? DMA_FROM_DEVICE : DMA_TO_DEVICE;
1468 	if (urb->transfer_buffer_length != 0
1469 	    && !(urb->transfer_flags & URB_NO_TRANSFER_DMA_MAP)) {
1470 		if (hcd->self.uses_dma) {
1471 			if (urb->num_sgs) {
1472 				int n;
1473 
1474 				/* We don't support sg for isoc transfers ! */
1475 				if (usb_endpoint_xfer_isoc(&urb->ep->desc)) {
1476 					WARN_ON(1);
1477 					return -EINVAL;
1478 				}
1479 
1480 				n = dma_map_sg(
1481 						hcd->self.controller,
1482 						urb->sg,
1483 						urb->num_sgs,
1484 						dir);
1485 				if (n <= 0)
1486 					ret = -EAGAIN;
1487 				else
1488 					urb->transfer_flags |= URB_DMA_MAP_SG;
1489 				urb->num_mapped_sgs = n;
1490 				if (n != urb->num_sgs)
1491 					urb->transfer_flags |=
1492 							URB_DMA_SG_COMBINED;
1493 			} else if (urb->sg) {
1494 				struct scatterlist *sg = urb->sg;
1495 				urb->transfer_dma = dma_map_page(
1496 						hcd->self.controller,
1497 						sg_page(sg),
1498 						sg->offset,
1499 						urb->transfer_buffer_length,
1500 						dir);
1501 				if (dma_mapping_error(hcd->self.controller,
1502 						urb->transfer_dma))
1503 					ret = -EAGAIN;
1504 				else
1505 					urb->transfer_flags |= URB_DMA_MAP_PAGE;
1506 			} else {
1507 				urb->transfer_dma = dma_map_single(
1508 						hcd->self.controller,
1509 						urb->transfer_buffer,
1510 						urb->transfer_buffer_length,
1511 						dir);
1512 				if (dma_mapping_error(hcd->self.controller,
1513 						urb->transfer_dma))
1514 					ret = -EAGAIN;
1515 				else
1516 					urb->transfer_flags |= URB_DMA_MAP_SINGLE;
1517 			}
1518 		} else if (hcd->driver->flags & HCD_LOCAL_MEM) {
1519 			ret = hcd_alloc_coherent(
1520 					urb->dev->bus, mem_flags,
1521 					&urb->transfer_dma,
1522 					&urb->transfer_buffer,
1523 					urb->transfer_buffer_length,
1524 					dir);
1525 			if (ret == 0)
1526 				urb->transfer_flags |= URB_MAP_LOCAL;
1527 		}
1528 		if (ret && (urb->transfer_flags & (URB_SETUP_MAP_SINGLE |
1529 				URB_SETUP_MAP_LOCAL)))
1530 			usb_hcd_unmap_urb_for_dma(hcd, urb);
1531 	}
1532 	return ret;
1533 }
1534 EXPORT_SYMBOL_GPL(usb_hcd_map_urb_for_dma);
1535 
1536 /*-------------------------------------------------------------------------*/
1537 
1538 /* may be called in any context with a valid urb->dev usecount
1539  * caller surrenders "ownership" of urb
1540  * expects usb_submit_urb() to have sanity checked and conditioned all
1541  * inputs in the urb
1542  */
1543 int usb_hcd_submit_urb (struct urb *urb, gfp_t mem_flags)
1544 {
1545 	int			status;
1546 	struct usb_hcd		*hcd = bus_to_hcd(urb->dev->bus);
1547 
1548 	/* increment urb's reference count as part of giving it to the HCD
1549 	 * (which will control it).  HCD guarantees that it either returns
1550 	 * an error or calls giveback(), but not both.
1551 	 */
1552 	usb_get_urb(urb);
1553 	atomic_inc(&urb->use_count);
1554 	atomic_inc(&urb->dev->urbnum);
1555 	usbmon_urb_submit(&hcd->self, urb);
1556 
1557 	/* NOTE requirements on root-hub callers (usbfs and the hub
1558 	 * driver, for now):  URBs' urb->transfer_buffer must be
1559 	 * valid and usb_buffer_{sync,unmap}() not be needed, since
1560 	 * they could clobber root hub response data.  Also, control
1561 	 * URBs must be submitted in process context with interrupts
1562 	 * enabled.
1563 	 */
1564 
1565 	if (is_root_hub(urb->dev)) {
1566 		status = rh_urb_enqueue(hcd, urb);
1567 	} else {
1568 		status = map_urb_for_dma(hcd, urb, mem_flags);
1569 		if (likely(status == 0)) {
1570 			status = hcd->driver->urb_enqueue(hcd, urb, mem_flags);
1571 			if (unlikely(status))
1572 				unmap_urb_for_dma(hcd, urb);
1573 		}
1574 	}
1575 
1576 	if (unlikely(status)) {
1577 		usbmon_urb_submit_error(&hcd->self, urb, status);
1578 		urb->hcpriv = NULL;
1579 		INIT_LIST_HEAD(&urb->urb_list);
1580 		atomic_dec(&urb->use_count);
1581 		atomic_dec(&urb->dev->urbnum);
1582 		if (atomic_read(&urb->reject))
1583 			wake_up(&usb_kill_urb_queue);
1584 		usb_put_urb(urb);
1585 	}
1586 	return status;
1587 }
1588 
1589 /*-------------------------------------------------------------------------*/
1590 
1591 /* this makes the hcd giveback() the urb more quickly, by kicking it
1592  * off hardware queues (which may take a while) and returning it as
1593  * soon as practical.  we've already set up the urb's return status,
1594  * but we can't know if the callback completed already.
1595  */
1596 static int unlink1(struct usb_hcd *hcd, struct urb *urb, int status)
1597 {
1598 	int		value;
1599 
1600 	if (is_root_hub(urb->dev))
1601 		value = usb_rh_urb_dequeue(hcd, urb, status);
1602 	else {
1603 
1604 		/* The only reason an HCD might fail this call is if
1605 		 * it has not yet fully queued the urb to begin with.
1606 		 * Such failures should be harmless. */
1607 		value = hcd->driver->urb_dequeue(hcd, urb, status);
1608 	}
1609 	return value;
1610 }
1611 
1612 /*
1613  * called in any context
1614  *
1615  * caller guarantees urb won't be recycled till both unlink()
1616  * and the urb's completion function return
1617  */
1618 int usb_hcd_unlink_urb (struct urb *urb, int status)
1619 {
1620 	struct usb_hcd		*hcd;
1621 	int			retval = -EIDRM;
1622 	unsigned long		flags;
1623 
1624 	/* Prevent the device and bus from going away while
1625 	 * the unlink is carried out.  If they are already gone
1626 	 * then urb->use_count must be 0, since disconnected
1627 	 * devices can't have any active URBs.
1628 	 */
1629 	spin_lock_irqsave(&hcd_urb_unlink_lock, flags);
1630 	if (atomic_read(&urb->use_count) > 0) {
1631 		retval = 0;
1632 		usb_get_dev(urb->dev);
1633 	}
1634 	spin_unlock_irqrestore(&hcd_urb_unlink_lock, flags);
1635 	if (retval == 0) {
1636 		hcd = bus_to_hcd(urb->dev->bus);
1637 		retval = unlink1(hcd, urb, status);
1638 		usb_put_dev(urb->dev);
1639 	}
1640 
1641 	if (retval == 0)
1642 		retval = -EINPROGRESS;
1643 	else if (retval != -EIDRM && retval != -EBUSY)
1644 		dev_dbg(&urb->dev->dev, "hcd_unlink_urb %p fail %d\n",
1645 				urb, retval);
1646 	return retval;
1647 }
1648 
1649 /*-------------------------------------------------------------------------*/
1650 
1651 static void __usb_hcd_giveback_urb(struct urb *urb)
1652 {
1653 	struct usb_hcd *hcd = bus_to_hcd(urb->dev->bus);
1654 	int status = urb->unlinked;
1655 	unsigned long flags;
1656 
1657 	urb->hcpriv = NULL;
1658 	if (unlikely((urb->transfer_flags & URB_SHORT_NOT_OK) &&
1659 	    urb->actual_length < urb->transfer_buffer_length &&
1660 	    !status))
1661 		status = -EREMOTEIO;
1662 
1663 	unmap_urb_for_dma(hcd, urb);
1664 	usbmon_urb_complete(&hcd->self, urb, status);
1665 	usb_unanchor_urb(urb);
1666 
1667 	/* pass ownership to the completion handler */
1668 	urb->status = status;
1669 
1670 	/*
1671 	 * We disable local IRQs here avoid possible deadlock because
1672 	 * drivers may call spin_lock() to hold lock which might be
1673 	 * acquired in one hard interrupt handler.
1674 	 *
1675 	 * The local_irq_save()/local_irq_restore() around complete()
1676 	 * will be removed if current USB drivers have been cleaned up
1677 	 * and no one may trigger the above deadlock situation when
1678 	 * running complete() in tasklet.
1679 	 */
1680 	local_irq_save(flags);
1681 	urb->complete(urb);
1682 	local_irq_restore(flags);
1683 
1684 	atomic_dec(&urb->use_count);
1685 	if (unlikely(atomic_read(&urb->reject)))
1686 		wake_up(&usb_kill_urb_queue);
1687 	usb_put_urb(urb);
1688 }
1689 
1690 static void usb_giveback_urb_bh(unsigned long param)
1691 {
1692 	struct giveback_urb_bh *bh = (struct giveback_urb_bh *)param;
1693 	struct list_head local_list;
1694 
1695 	spin_lock_irq(&bh->lock);
1696 	bh->running = true;
1697  restart:
1698 	list_replace_init(&bh->head, &local_list);
1699 	spin_unlock_irq(&bh->lock);
1700 
1701 	while (!list_empty(&local_list)) {
1702 		struct urb *urb;
1703 
1704 		urb = list_entry(local_list.next, struct urb, urb_list);
1705 		list_del_init(&urb->urb_list);
1706 		__usb_hcd_giveback_urb(urb);
1707 	}
1708 
1709 	/* check if there are new URBs to giveback */
1710 	spin_lock_irq(&bh->lock);
1711 	if (!list_empty(&bh->head))
1712 		goto restart;
1713 	bh->running = false;
1714 	spin_unlock_irq(&bh->lock);
1715 }
1716 
1717 /**
1718  * usb_hcd_giveback_urb - return URB from HCD to device driver
1719  * @hcd: host controller returning the URB
1720  * @urb: urb being returned to the USB device driver.
1721  * @status: completion status code for the URB.
1722  * Context: in_interrupt()
1723  *
1724  * This hands the URB from HCD to its USB device driver, using its
1725  * completion function.  The HCD has freed all per-urb resources
1726  * (and is done using urb->hcpriv).  It also released all HCD locks;
1727  * the device driver won't cause problems if it frees, modifies,
1728  * or resubmits this URB.
1729  *
1730  * If @urb was unlinked, the value of @status will be overridden by
1731  * @urb->unlinked.  Erroneous short transfers are detected in case
1732  * the HCD hasn't checked for them.
1733  */
1734 void usb_hcd_giveback_urb(struct usb_hcd *hcd, struct urb *urb, int status)
1735 {
1736 	struct giveback_urb_bh *bh;
1737 	bool running, high_prio_bh;
1738 
1739 	/* pass status to tasklet via unlinked */
1740 	if (likely(!urb->unlinked))
1741 		urb->unlinked = status;
1742 
1743 	if (!hcd_giveback_urb_in_bh(hcd) && !is_root_hub(urb->dev)) {
1744 		__usb_hcd_giveback_urb(urb);
1745 		return;
1746 	}
1747 
1748 	if (usb_pipeisoc(urb->pipe) || usb_pipeint(urb->pipe)) {
1749 		bh = &hcd->high_prio_bh;
1750 		high_prio_bh = true;
1751 	} else {
1752 		bh = &hcd->low_prio_bh;
1753 		high_prio_bh = false;
1754 	}
1755 
1756 	spin_lock(&bh->lock);
1757 	list_add_tail(&urb->urb_list, &bh->head);
1758 	running = bh->running;
1759 	spin_unlock(&bh->lock);
1760 
1761 	if (running)
1762 		;
1763 	else if (high_prio_bh)
1764 		tasklet_hi_schedule(&bh->bh);
1765 	else
1766 		tasklet_schedule(&bh->bh);
1767 }
1768 EXPORT_SYMBOL_GPL(usb_hcd_giveback_urb);
1769 
1770 /*-------------------------------------------------------------------------*/
1771 
1772 /* Cancel all URBs pending on this endpoint and wait for the endpoint's
1773  * queue to drain completely.  The caller must first insure that no more
1774  * URBs can be submitted for this endpoint.
1775  */
1776 void usb_hcd_flush_endpoint(struct usb_device *udev,
1777 		struct usb_host_endpoint *ep)
1778 {
1779 	struct usb_hcd		*hcd;
1780 	struct urb		*urb;
1781 
1782 	if (!ep)
1783 		return;
1784 	might_sleep();
1785 	hcd = bus_to_hcd(udev->bus);
1786 
1787 	/* No more submits can occur */
1788 	spin_lock_irq(&hcd_urb_list_lock);
1789 rescan:
1790 	list_for_each_entry (urb, &ep->urb_list, urb_list) {
1791 		int	is_in;
1792 
1793 		if (urb->unlinked)
1794 			continue;
1795 		usb_get_urb (urb);
1796 		is_in = usb_urb_dir_in(urb);
1797 		spin_unlock(&hcd_urb_list_lock);
1798 
1799 		/* kick hcd */
1800 		unlink1(hcd, urb, -ESHUTDOWN);
1801 		dev_dbg (hcd->self.controller,
1802 			"shutdown urb %p ep%d%s%s\n",
1803 			urb, usb_endpoint_num(&ep->desc),
1804 			is_in ? "in" : "out",
1805 			({	char *s;
1806 
1807 				 switch (usb_endpoint_type(&ep->desc)) {
1808 				 case USB_ENDPOINT_XFER_CONTROL:
1809 					s = ""; break;
1810 				 case USB_ENDPOINT_XFER_BULK:
1811 					s = "-bulk"; break;
1812 				 case USB_ENDPOINT_XFER_INT:
1813 					s = "-intr"; break;
1814 				 default:
1815 			 		s = "-iso"; break;
1816 				};
1817 				s;
1818 			}));
1819 		usb_put_urb (urb);
1820 
1821 		/* list contents may have changed */
1822 		spin_lock(&hcd_urb_list_lock);
1823 		goto rescan;
1824 	}
1825 	spin_unlock_irq(&hcd_urb_list_lock);
1826 
1827 	/* Wait until the endpoint queue is completely empty */
1828 	while (!list_empty (&ep->urb_list)) {
1829 		spin_lock_irq(&hcd_urb_list_lock);
1830 
1831 		/* The list may have changed while we acquired the spinlock */
1832 		urb = NULL;
1833 		if (!list_empty (&ep->urb_list)) {
1834 			urb = list_entry (ep->urb_list.prev, struct urb,
1835 					urb_list);
1836 			usb_get_urb (urb);
1837 		}
1838 		spin_unlock_irq(&hcd_urb_list_lock);
1839 
1840 		if (urb) {
1841 			usb_kill_urb (urb);
1842 			usb_put_urb (urb);
1843 		}
1844 	}
1845 }
1846 
1847 /**
1848  * usb_hcd_alloc_bandwidth - check whether a new bandwidth setting exceeds
1849  *				the bus bandwidth
1850  * @udev: target &usb_device
1851  * @new_config: new configuration to install
1852  * @cur_alt: the current alternate interface setting
1853  * @new_alt: alternate interface setting that is being installed
1854  *
1855  * To change configurations, pass in the new configuration in new_config,
1856  * and pass NULL for cur_alt and new_alt.
1857  *
1858  * To reset a device's configuration (put the device in the ADDRESSED state),
1859  * pass in NULL for new_config, cur_alt, and new_alt.
1860  *
1861  * To change alternate interface settings, pass in NULL for new_config,
1862  * pass in the current alternate interface setting in cur_alt,
1863  * and pass in the new alternate interface setting in new_alt.
1864  *
1865  * Return: An error if the requested bandwidth change exceeds the
1866  * bus bandwidth or host controller internal resources.
1867  */
1868 int usb_hcd_alloc_bandwidth(struct usb_device *udev,
1869 		struct usb_host_config *new_config,
1870 		struct usb_host_interface *cur_alt,
1871 		struct usb_host_interface *new_alt)
1872 {
1873 	int num_intfs, i, j;
1874 	struct usb_host_interface *alt = NULL;
1875 	int ret = 0;
1876 	struct usb_hcd *hcd;
1877 	struct usb_host_endpoint *ep;
1878 
1879 	hcd = bus_to_hcd(udev->bus);
1880 	if (!hcd->driver->check_bandwidth)
1881 		return 0;
1882 
1883 	/* Configuration is being removed - set configuration 0 */
1884 	if (!new_config && !cur_alt) {
1885 		for (i = 1; i < 16; ++i) {
1886 			ep = udev->ep_out[i];
1887 			if (ep)
1888 				hcd->driver->drop_endpoint(hcd, udev, ep);
1889 			ep = udev->ep_in[i];
1890 			if (ep)
1891 				hcd->driver->drop_endpoint(hcd, udev, ep);
1892 		}
1893 		hcd->driver->check_bandwidth(hcd, udev);
1894 		return 0;
1895 	}
1896 	/* Check if the HCD says there's enough bandwidth.  Enable all endpoints
1897 	 * each interface's alt setting 0 and ask the HCD to check the bandwidth
1898 	 * of the bus.  There will always be bandwidth for endpoint 0, so it's
1899 	 * ok to exclude it.
1900 	 */
1901 	if (new_config) {
1902 		num_intfs = new_config->desc.bNumInterfaces;
1903 		/* Remove endpoints (except endpoint 0, which is always on the
1904 		 * schedule) from the old config from the schedule
1905 		 */
1906 		for (i = 1; i < 16; ++i) {
1907 			ep = udev->ep_out[i];
1908 			if (ep) {
1909 				ret = hcd->driver->drop_endpoint(hcd, udev, ep);
1910 				if (ret < 0)
1911 					goto reset;
1912 			}
1913 			ep = udev->ep_in[i];
1914 			if (ep) {
1915 				ret = hcd->driver->drop_endpoint(hcd, udev, ep);
1916 				if (ret < 0)
1917 					goto reset;
1918 			}
1919 		}
1920 		for (i = 0; i < num_intfs; ++i) {
1921 			struct usb_host_interface *first_alt;
1922 			int iface_num;
1923 
1924 			first_alt = &new_config->intf_cache[i]->altsetting[0];
1925 			iface_num = first_alt->desc.bInterfaceNumber;
1926 			/* Set up endpoints for alternate interface setting 0 */
1927 			alt = usb_find_alt_setting(new_config, iface_num, 0);
1928 			if (!alt)
1929 				/* No alt setting 0? Pick the first setting. */
1930 				alt = first_alt;
1931 
1932 			for (j = 0; j < alt->desc.bNumEndpoints; j++) {
1933 				ret = hcd->driver->add_endpoint(hcd, udev, &alt->endpoint[j]);
1934 				if (ret < 0)
1935 					goto reset;
1936 			}
1937 		}
1938 	}
1939 	if (cur_alt && new_alt) {
1940 		struct usb_interface *iface = usb_ifnum_to_if(udev,
1941 				cur_alt->desc.bInterfaceNumber);
1942 
1943 		if (!iface)
1944 			return -EINVAL;
1945 		if (iface->resetting_device) {
1946 			/*
1947 			 * The USB core just reset the device, so the xHCI host
1948 			 * and the device will think alt setting 0 is installed.
1949 			 * However, the USB core will pass in the alternate
1950 			 * setting installed before the reset as cur_alt.  Dig
1951 			 * out the alternate setting 0 structure, or the first
1952 			 * alternate setting if a broken device doesn't have alt
1953 			 * setting 0.
1954 			 */
1955 			cur_alt = usb_altnum_to_altsetting(iface, 0);
1956 			if (!cur_alt)
1957 				cur_alt = &iface->altsetting[0];
1958 		}
1959 
1960 		/* Drop all the endpoints in the current alt setting */
1961 		for (i = 0; i < cur_alt->desc.bNumEndpoints; i++) {
1962 			ret = hcd->driver->drop_endpoint(hcd, udev,
1963 					&cur_alt->endpoint[i]);
1964 			if (ret < 0)
1965 				goto reset;
1966 		}
1967 		/* Add all the endpoints in the new alt setting */
1968 		for (i = 0; i < new_alt->desc.bNumEndpoints; i++) {
1969 			ret = hcd->driver->add_endpoint(hcd, udev,
1970 					&new_alt->endpoint[i]);
1971 			if (ret < 0)
1972 				goto reset;
1973 		}
1974 	}
1975 	ret = hcd->driver->check_bandwidth(hcd, udev);
1976 reset:
1977 	if (ret < 0)
1978 		hcd->driver->reset_bandwidth(hcd, udev);
1979 	return ret;
1980 }
1981 
1982 /* Disables the endpoint: synchronizes with the hcd to make sure all
1983  * endpoint state is gone from hardware.  usb_hcd_flush_endpoint() must
1984  * have been called previously.  Use for set_configuration, set_interface,
1985  * driver removal, physical disconnect.
1986  *
1987  * example:  a qh stored in ep->hcpriv, holding state related to endpoint
1988  * type, maxpacket size, toggle, halt status, and scheduling.
1989  */
1990 void usb_hcd_disable_endpoint(struct usb_device *udev,
1991 		struct usb_host_endpoint *ep)
1992 {
1993 	struct usb_hcd		*hcd;
1994 
1995 	might_sleep();
1996 	hcd = bus_to_hcd(udev->bus);
1997 	if (hcd->driver->endpoint_disable)
1998 		hcd->driver->endpoint_disable(hcd, ep);
1999 }
2000 
2001 /**
2002  * usb_hcd_reset_endpoint - reset host endpoint state
2003  * @udev: USB device.
2004  * @ep:   the endpoint to reset.
2005  *
2006  * Resets any host endpoint state such as the toggle bit, sequence
2007  * number and current window.
2008  */
2009 void usb_hcd_reset_endpoint(struct usb_device *udev,
2010 			    struct usb_host_endpoint *ep)
2011 {
2012 	struct usb_hcd *hcd = bus_to_hcd(udev->bus);
2013 
2014 	if (hcd->driver->endpoint_reset)
2015 		hcd->driver->endpoint_reset(hcd, ep);
2016 	else {
2017 		int epnum = usb_endpoint_num(&ep->desc);
2018 		int is_out = usb_endpoint_dir_out(&ep->desc);
2019 		int is_control = usb_endpoint_xfer_control(&ep->desc);
2020 
2021 		usb_settoggle(udev, epnum, is_out, 0);
2022 		if (is_control)
2023 			usb_settoggle(udev, epnum, !is_out, 0);
2024 	}
2025 }
2026 
2027 /**
2028  * usb_alloc_streams - allocate bulk endpoint stream IDs.
2029  * @interface:		alternate setting that includes all endpoints.
2030  * @eps:		array of endpoints that need streams.
2031  * @num_eps:		number of endpoints in the array.
2032  * @num_streams:	number of streams to allocate.
2033  * @mem_flags:		flags hcd should use to allocate memory.
2034  *
2035  * Sets up a group of bulk endpoints to have @num_streams stream IDs available.
2036  * Drivers may queue multiple transfers to different stream IDs, which may
2037  * complete in a different order than they were queued.
2038  *
2039  * Return: On success, the number of allocated streams. On failure, a negative
2040  * error code.
2041  */
2042 int usb_alloc_streams(struct usb_interface *interface,
2043 		struct usb_host_endpoint **eps, unsigned int num_eps,
2044 		unsigned int num_streams, gfp_t mem_flags)
2045 {
2046 	struct usb_hcd *hcd;
2047 	struct usb_device *dev;
2048 	int i;
2049 
2050 	dev = interface_to_usbdev(interface);
2051 	hcd = bus_to_hcd(dev->bus);
2052 	if (!hcd->driver->alloc_streams || !hcd->driver->free_streams)
2053 		return -EINVAL;
2054 	if (dev->speed != USB_SPEED_SUPER)
2055 		return -EINVAL;
2056 
2057 	/* Streams only apply to bulk endpoints. */
2058 	for (i = 0; i < num_eps; i++)
2059 		if (!usb_endpoint_xfer_bulk(&eps[i]->desc))
2060 			return -EINVAL;
2061 
2062 	return hcd->driver->alloc_streams(hcd, dev, eps, num_eps,
2063 			num_streams, mem_flags);
2064 }
2065 EXPORT_SYMBOL_GPL(usb_alloc_streams);
2066 
2067 /**
2068  * usb_free_streams - free bulk endpoint stream IDs.
2069  * @interface:	alternate setting that includes all endpoints.
2070  * @eps:	array of endpoints to remove streams from.
2071  * @num_eps:	number of endpoints in the array.
2072  * @mem_flags:	flags hcd should use to allocate memory.
2073  *
2074  * Reverts a group of bulk endpoints back to not using stream IDs.
2075  * Can fail if we are given bad arguments, or HCD is broken.
2076  */
2077 void usb_free_streams(struct usb_interface *interface,
2078 		struct usb_host_endpoint **eps, unsigned int num_eps,
2079 		gfp_t mem_flags)
2080 {
2081 	struct usb_hcd *hcd;
2082 	struct usb_device *dev;
2083 	int i;
2084 
2085 	dev = interface_to_usbdev(interface);
2086 	hcd = bus_to_hcd(dev->bus);
2087 	if (dev->speed != USB_SPEED_SUPER)
2088 		return;
2089 
2090 	/* Streams only apply to bulk endpoints. */
2091 	for (i = 0; i < num_eps; i++)
2092 		if (!eps[i] || !usb_endpoint_xfer_bulk(&eps[i]->desc))
2093 			return;
2094 
2095 	hcd->driver->free_streams(hcd, dev, eps, num_eps, mem_flags);
2096 }
2097 EXPORT_SYMBOL_GPL(usb_free_streams);
2098 
2099 /* Protect against drivers that try to unlink URBs after the device
2100  * is gone, by waiting until all unlinks for @udev are finished.
2101  * Since we don't currently track URBs by device, simply wait until
2102  * nothing is running in the locked region of usb_hcd_unlink_urb().
2103  */
2104 void usb_hcd_synchronize_unlinks(struct usb_device *udev)
2105 {
2106 	spin_lock_irq(&hcd_urb_unlink_lock);
2107 	spin_unlock_irq(&hcd_urb_unlink_lock);
2108 }
2109 
2110 /*-------------------------------------------------------------------------*/
2111 
2112 /* called in any context */
2113 int usb_hcd_get_frame_number (struct usb_device *udev)
2114 {
2115 	struct usb_hcd	*hcd = bus_to_hcd(udev->bus);
2116 
2117 	if (!HCD_RH_RUNNING(hcd))
2118 		return -ESHUTDOWN;
2119 	return hcd->driver->get_frame_number (hcd);
2120 }
2121 
2122 /*-------------------------------------------------------------------------*/
2123 
2124 #ifdef	CONFIG_PM
2125 
2126 int hcd_bus_suspend(struct usb_device *rhdev, pm_message_t msg)
2127 {
2128 	struct usb_hcd	*hcd = container_of(rhdev->bus, struct usb_hcd, self);
2129 	int		status;
2130 	int		old_state = hcd->state;
2131 
2132 	dev_dbg(&rhdev->dev, "bus %ssuspend, wakeup %d\n",
2133 			(PMSG_IS_AUTO(msg) ? "auto-" : ""),
2134 			rhdev->do_remote_wakeup);
2135 	if (HCD_DEAD(hcd)) {
2136 		dev_dbg(&rhdev->dev, "skipped %s of dead bus\n", "suspend");
2137 		return 0;
2138 	}
2139 
2140 	if (!hcd->driver->bus_suspend) {
2141 		status = -ENOENT;
2142 	} else {
2143 		clear_bit(HCD_FLAG_RH_RUNNING, &hcd->flags);
2144 		hcd->state = HC_STATE_QUIESCING;
2145 		status = hcd->driver->bus_suspend(hcd);
2146 	}
2147 	if (status == 0) {
2148 		usb_set_device_state(rhdev, USB_STATE_SUSPENDED);
2149 		hcd->state = HC_STATE_SUSPENDED;
2150 
2151 		/* Did we race with a root-hub wakeup event? */
2152 		if (rhdev->do_remote_wakeup) {
2153 			char	buffer[6];
2154 
2155 			status = hcd->driver->hub_status_data(hcd, buffer);
2156 			if (status != 0) {
2157 				dev_dbg(&rhdev->dev, "suspend raced with wakeup event\n");
2158 				hcd_bus_resume(rhdev, PMSG_AUTO_RESUME);
2159 				status = -EBUSY;
2160 			}
2161 		}
2162 	} else {
2163 		spin_lock_irq(&hcd_root_hub_lock);
2164 		if (!HCD_DEAD(hcd)) {
2165 			set_bit(HCD_FLAG_RH_RUNNING, &hcd->flags);
2166 			hcd->state = old_state;
2167 		}
2168 		spin_unlock_irq(&hcd_root_hub_lock);
2169 		dev_dbg(&rhdev->dev, "bus %s fail, err %d\n",
2170 				"suspend", status);
2171 	}
2172 	return status;
2173 }
2174 
2175 int hcd_bus_resume(struct usb_device *rhdev, pm_message_t msg)
2176 {
2177 	struct usb_hcd	*hcd = container_of(rhdev->bus, struct usb_hcd, self);
2178 	int		status;
2179 	int		old_state = hcd->state;
2180 
2181 	dev_dbg(&rhdev->dev, "usb %sresume\n",
2182 			(PMSG_IS_AUTO(msg) ? "auto-" : ""));
2183 	if (HCD_DEAD(hcd)) {
2184 		dev_dbg(&rhdev->dev, "skipped %s of dead bus\n", "resume");
2185 		return 0;
2186 	}
2187 	if (!hcd->driver->bus_resume)
2188 		return -ENOENT;
2189 	if (HCD_RH_RUNNING(hcd))
2190 		return 0;
2191 
2192 	hcd->state = HC_STATE_RESUMING;
2193 	status = hcd->driver->bus_resume(hcd);
2194 	clear_bit(HCD_FLAG_WAKEUP_PENDING, &hcd->flags);
2195 	if (status == 0) {
2196 		struct usb_device *udev;
2197 		int port1;
2198 
2199 		spin_lock_irq(&hcd_root_hub_lock);
2200 		if (!HCD_DEAD(hcd)) {
2201 			usb_set_device_state(rhdev, rhdev->actconfig
2202 					? USB_STATE_CONFIGURED
2203 					: USB_STATE_ADDRESS);
2204 			set_bit(HCD_FLAG_RH_RUNNING, &hcd->flags);
2205 			hcd->state = HC_STATE_RUNNING;
2206 		}
2207 		spin_unlock_irq(&hcd_root_hub_lock);
2208 
2209 		/*
2210 		 * Check whether any of the enabled ports on the root hub are
2211 		 * unsuspended.  If they are then a TRSMRCY delay is needed
2212 		 * (this is what the USB-2 spec calls a "global resume").
2213 		 * Otherwise we can skip the delay.
2214 		 */
2215 		usb_hub_for_each_child(rhdev, port1, udev) {
2216 			if (udev->state != USB_STATE_NOTATTACHED &&
2217 					!udev->port_is_suspended) {
2218 				usleep_range(10000, 11000);	/* TRSMRCY */
2219 				break;
2220 			}
2221 		}
2222 	} else {
2223 		hcd->state = old_state;
2224 		dev_dbg(&rhdev->dev, "bus %s fail, err %d\n",
2225 				"resume", status);
2226 		if (status != -ESHUTDOWN)
2227 			usb_hc_died(hcd);
2228 	}
2229 	return status;
2230 }
2231 
2232 #endif	/* CONFIG_PM */
2233 
2234 #ifdef	CONFIG_PM_RUNTIME
2235 
2236 /* Workqueue routine for root-hub remote wakeup */
2237 static void hcd_resume_work(struct work_struct *work)
2238 {
2239 	struct usb_hcd *hcd = container_of(work, struct usb_hcd, wakeup_work);
2240 	struct usb_device *udev = hcd->self.root_hub;
2241 
2242 	usb_lock_device(udev);
2243 	usb_remote_wakeup(udev);
2244 	usb_unlock_device(udev);
2245 }
2246 
2247 /**
2248  * usb_hcd_resume_root_hub - called by HCD to resume its root hub
2249  * @hcd: host controller for this root hub
2250  *
2251  * The USB host controller calls this function when its root hub is
2252  * suspended (with the remote wakeup feature enabled) and a remote
2253  * wakeup request is received.  The routine submits a workqueue request
2254  * to resume the root hub (that is, manage its downstream ports again).
2255  */
2256 void usb_hcd_resume_root_hub (struct usb_hcd *hcd)
2257 {
2258 	unsigned long flags;
2259 
2260 	spin_lock_irqsave (&hcd_root_hub_lock, flags);
2261 	if (hcd->rh_registered) {
2262 		set_bit(HCD_FLAG_WAKEUP_PENDING, &hcd->flags);
2263 		queue_work(pm_wq, &hcd->wakeup_work);
2264 	}
2265 	spin_unlock_irqrestore (&hcd_root_hub_lock, flags);
2266 }
2267 EXPORT_SYMBOL_GPL(usb_hcd_resume_root_hub);
2268 
2269 #endif	/* CONFIG_PM_RUNTIME */
2270 
2271 /*-------------------------------------------------------------------------*/
2272 
2273 #ifdef	CONFIG_USB_OTG
2274 
2275 /**
2276  * usb_bus_start_enum - start immediate enumeration (for OTG)
2277  * @bus: the bus (must use hcd framework)
2278  * @port_num: 1-based number of port; usually bus->otg_port
2279  * Context: in_interrupt()
2280  *
2281  * Starts enumeration, with an immediate reset followed later by
2282  * khubd identifying and possibly configuring the device.
2283  * This is needed by OTG controller drivers, where it helps meet
2284  * HNP protocol timing requirements for starting a port reset.
2285  *
2286  * Return: 0 if successful.
2287  */
2288 int usb_bus_start_enum(struct usb_bus *bus, unsigned port_num)
2289 {
2290 	struct usb_hcd		*hcd;
2291 	int			status = -EOPNOTSUPP;
2292 
2293 	/* NOTE: since HNP can't start by grabbing the bus's address0_sem,
2294 	 * boards with root hubs hooked up to internal devices (instead of
2295 	 * just the OTG port) may need more attention to resetting...
2296 	 */
2297 	hcd = container_of (bus, struct usb_hcd, self);
2298 	if (port_num && hcd->driver->start_port_reset)
2299 		status = hcd->driver->start_port_reset(hcd, port_num);
2300 
2301 	/* run khubd shortly after (first) root port reset finishes;
2302 	 * it may issue others, until at least 50 msecs have passed.
2303 	 */
2304 	if (status == 0)
2305 		mod_timer(&hcd->rh_timer, jiffies + msecs_to_jiffies(10));
2306 	return status;
2307 }
2308 EXPORT_SYMBOL_GPL(usb_bus_start_enum);
2309 
2310 #endif
2311 
2312 /*-------------------------------------------------------------------------*/
2313 
2314 /**
2315  * usb_hcd_irq - hook IRQs to HCD framework (bus glue)
2316  * @irq: the IRQ being raised
2317  * @__hcd: pointer to the HCD whose IRQ is being signaled
2318  *
2319  * If the controller isn't HALTed, calls the driver's irq handler.
2320  * Checks whether the controller is now dead.
2321  *
2322  * Return: %IRQ_HANDLED if the IRQ was handled. %IRQ_NONE otherwise.
2323  */
2324 irqreturn_t usb_hcd_irq (int irq, void *__hcd)
2325 {
2326 	struct usb_hcd		*hcd = __hcd;
2327 	unsigned long		flags;
2328 	irqreturn_t		rc;
2329 
2330 	/* IRQF_DISABLED doesn't work correctly with shared IRQs
2331 	 * when the first handler doesn't use it.  So let's just
2332 	 * assume it's never used.
2333 	 */
2334 	local_irq_save(flags);
2335 
2336 	if (unlikely(HCD_DEAD(hcd) || !HCD_HW_ACCESSIBLE(hcd)))
2337 		rc = IRQ_NONE;
2338 	else if (hcd->driver->irq(hcd) == IRQ_NONE)
2339 		rc = IRQ_NONE;
2340 	else
2341 		rc = IRQ_HANDLED;
2342 
2343 	local_irq_restore(flags);
2344 	return rc;
2345 }
2346 EXPORT_SYMBOL_GPL(usb_hcd_irq);
2347 
2348 /*-------------------------------------------------------------------------*/
2349 
2350 /**
2351  * usb_hc_died - report abnormal shutdown of a host controller (bus glue)
2352  * @hcd: pointer to the HCD representing the controller
2353  *
2354  * This is called by bus glue to report a USB host controller that died
2355  * while operations may still have been pending.  It's called automatically
2356  * by the PCI glue, so only glue for non-PCI busses should need to call it.
2357  *
2358  * Only call this function with the primary HCD.
2359  */
2360 void usb_hc_died (struct usb_hcd *hcd)
2361 {
2362 	unsigned long flags;
2363 
2364 	dev_err (hcd->self.controller, "HC died; cleaning up\n");
2365 
2366 	spin_lock_irqsave (&hcd_root_hub_lock, flags);
2367 	clear_bit(HCD_FLAG_RH_RUNNING, &hcd->flags);
2368 	set_bit(HCD_FLAG_DEAD, &hcd->flags);
2369 	if (hcd->rh_registered) {
2370 		clear_bit(HCD_FLAG_POLL_RH, &hcd->flags);
2371 
2372 		/* make khubd clean up old urbs and devices */
2373 		usb_set_device_state (hcd->self.root_hub,
2374 				USB_STATE_NOTATTACHED);
2375 		usb_kick_khubd (hcd->self.root_hub);
2376 	}
2377 	if (usb_hcd_is_primary_hcd(hcd) && hcd->shared_hcd) {
2378 		hcd = hcd->shared_hcd;
2379 		if (hcd->rh_registered) {
2380 			clear_bit(HCD_FLAG_POLL_RH, &hcd->flags);
2381 
2382 			/* make khubd clean up old urbs and devices */
2383 			usb_set_device_state(hcd->self.root_hub,
2384 					USB_STATE_NOTATTACHED);
2385 			usb_kick_khubd(hcd->self.root_hub);
2386 		}
2387 	}
2388 	spin_unlock_irqrestore (&hcd_root_hub_lock, flags);
2389 	/* Make sure that the other roothub is also deallocated. */
2390 }
2391 EXPORT_SYMBOL_GPL (usb_hc_died);
2392 
2393 /*-------------------------------------------------------------------------*/
2394 
2395 static void init_giveback_urb_bh(struct giveback_urb_bh *bh)
2396 {
2397 
2398 	spin_lock_init(&bh->lock);
2399 	INIT_LIST_HEAD(&bh->head);
2400 	tasklet_init(&bh->bh, usb_giveback_urb_bh, (unsigned long)bh);
2401 }
2402 
2403 /**
2404  * usb_create_shared_hcd - create and initialize an HCD structure
2405  * @driver: HC driver that will use this hcd
2406  * @dev: device for this HC, stored in hcd->self.controller
2407  * @bus_name: value to store in hcd->self.bus_name
2408  * @primary_hcd: a pointer to the usb_hcd structure that is sharing the
2409  *              PCI device.  Only allocate certain resources for the primary HCD
2410  * Context: !in_interrupt()
2411  *
2412  * Allocate a struct usb_hcd, with extra space at the end for the
2413  * HC driver's private data.  Initialize the generic members of the
2414  * hcd structure.
2415  *
2416  * Return: On success, a pointer to the created and initialized HCD structure.
2417  * On failure (e.g. if memory is unavailable), %NULL.
2418  */
2419 struct usb_hcd *usb_create_shared_hcd(const struct hc_driver *driver,
2420 		struct device *dev, const char *bus_name,
2421 		struct usb_hcd *primary_hcd)
2422 {
2423 	struct usb_hcd *hcd;
2424 
2425 	hcd = kzalloc(sizeof(*hcd) + driver->hcd_priv_size, GFP_KERNEL);
2426 	if (!hcd) {
2427 		dev_dbg (dev, "hcd alloc failed\n");
2428 		return NULL;
2429 	}
2430 	if (primary_hcd == NULL) {
2431 		hcd->bandwidth_mutex = kmalloc(sizeof(*hcd->bandwidth_mutex),
2432 				GFP_KERNEL);
2433 		if (!hcd->bandwidth_mutex) {
2434 			kfree(hcd);
2435 			dev_dbg(dev, "hcd bandwidth mutex alloc failed\n");
2436 			return NULL;
2437 		}
2438 		mutex_init(hcd->bandwidth_mutex);
2439 		dev_set_drvdata(dev, hcd);
2440 	} else {
2441 		hcd->bandwidth_mutex = primary_hcd->bandwidth_mutex;
2442 		hcd->primary_hcd = primary_hcd;
2443 		primary_hcd->primary_hcd = primary_hcd;
2444 		hcd->shared_hcd = primary_hcd;
2445 		primary_hcd->shared_hcd = hcd;
2446 	}
2447 
2448 	kref_init(&hcd->kref);
2449 
2450 	usb_bus_init(&hcd->self);
2451 	hcd->self.controller = dev;
2452 	hcd->self.bus_name = bus_name;
2453 	hcd->self.uses_dma = (dev->dma_mask != NULL);
2454 
2455 	init_timer(&hcd->rh_timer);
2456 	hcd->rh_timer.function = rh_timer_func;
2457 	hcd->rh_timer.data = (unsigned long) hcd;
2458 #ifdef CONFIG_PM_RUNTIME
2459 	INIT_WORK(&hcd->wakeup_work, hcd_resume_work);
2460 #endif
2461 
2462 	hcd->driver = driver;
2463 	hcd->speed = driver->flags & HCD_MASK;
2464 	hcd->product_desc = (driver->product_desc) ? driver->product_desc :
2465 			"USB Host Controller";
2466 	return hcd;
2467 }
2468 EXPORT_SYMBOL_GPL(usb_create_shared_hcd);
2469 
2470 /**
2471  * usb_create_hcd - create and initialize an HCD structure
2472  * @driver: HC driver that will use this hcd
2473  * @dev: device for this HC, stored in hcd->self.controller
2474  * @bus_name: value to store in hcd->self.bus_name
2475  * Context: !in_interrupt()
2476  *
2477  * Allocate a struct usb_hcd, with extra space at the end for the
2478  * HC driver's private data.  Initialize the generic members of the
2479  * hcd structure.
2480  *
2481  * Return: On success, a pointer to the created and initialized HCD
2482  * structure. On failure (e.g. if memory is unavailable), %NULL.
2483  */
2484 struct usb_hcd *usb_create_hcd(const struct hc_driver *driver,
2485 		struct device *dev, const char *bus_name)
2486 {
2487 	return usb_create_shared_hcd(driver, dev, bus_name, NULL);
2488 }
2489 EXPORT_SYMBOL_GPL(usb_create_hcd);
2490 
2491 /*
2492  * Roothubs that share one PCI device must also share the bandwidth mutex.
2493  * Don't deallocate the bandwidth_mutex until the last shared usb_hcd is
2494  * deallocated.
2495  *
2496  * Make sure to only deallocate the bandwidth_mutex when the primary HCD is
2497  * freed.  When hcd_release() is called for the non-primary HCD, set the
2498  * primary_hcd's shared_hcd pointer to null (since the non-primary HCD will be
2499  * freed shortly).
2500  */
2501 static void hcd_release (struct kref *kref)
2502 {
2503 	struct usb_hcd *hcd = container_of (kref, struct usb_hcd, kref);
2504 
2505 	if (usb_hcd_is_primary_hcd(hcd))
2506 		kfree(hcd->bandwidth_mutex);
2507 	else
2508 		hcd->shared_hcd->shared_hcd = NULL;
2509 	kfree(hcd);
2510 }
2511 
2512 struct usb_hcd *usb_get_hcd (struct usb_hcd *hcd)
2513 {
2514 	if (hcd)
2515 		kref_get (&hcd->kref);
2516 	return hcd;
2517 }
2518 EXPORT_SYMBOL_GPL(usb_get_hcd);
2519 
2520 void usb_put_hcd (struct usb_hcd *hcd)
2521 {
2522 	if (hcd)
2523 		kref_put (&hcd->kref, hcd_release);
2524 }
2525 EXPORT_SYMBOL_GPL(usb_put_hcd);
2526 
2527 int usb_hcd_is_primary_hcd(struct usb_hcd *hcd)
2528 {
2529 	if (!hcd->primary_hcd)
2530 		return 1;
2531 	return hcd == hcd->primary_hcd;
2532 }
2533 EXPORT_SYMBOL_GPL(usb_hcd_is_primary_hcd);
2534 
2535 int usb_hcd_find_raw_port_number(struct usb_hcd *hcd, int port1)
2536 {
2537 	if (!hcd->driver->find_raw_port_number)
2538 		return port1;
2539 
2540 	return hcd->driver->find_raw_port_number(hcd, port1);
2541 }
2542 
2543 static int usb_hcd_request_irqs(struct usb_hcd *hcd,
2544 		unsigned int irqnum, unsigned long irqflags)
2545 {
2546 	int retval;
2547 
2548 	if (hcd->driver->irq) {
2549 
2550 		/* IRQF_DISABLED doesn't work as advertised when used together
2551 		 * with IRQF_SHARED. As usb_hcd_irq() will always disable
2552 		 * interrupts we can remove it here.
2553 		 */
2554 		if (irqflags & IRQF_SHARED)
2555 			irqflags &= ~IRQF_DISABLED;
2556 
2557 		snprintf(hcd->irq_descr, sizeof(hcd->irq_descr), "%s:usb%d",
2558 				hcd->driver->description, hcd->self.busnum);
2559 		retval = request_irq(irqnum, &usb_hcd_irq, irqflags,
2560 				hcd->irq_descr, hcd);
2561 		if (retval != 0) {
2562 			dev_err(hcd->self.controller,
2563 					"request interrupt %d failed\n",
2564 					irqnum);
2565 			return retval;
2566 		}
2567 		hcd->irq = irqnum;
2568 		dev_info(hcd->self.controller, "irq %d, %s 0x%08llx\n", irqnum,
2569 				(hcd->driver->flags & HCD_MEMORY) ?
2570 					"io mem" : "io base",
2571 					(unsigned long long)hcd->rsrc_start);
2572 	} else {
2573 		hcd->irq = 0;
2574 		if (hcd->rsrc_start)
2575 			dev_info(hcd->self.controller, "%s 0x%08llx\n",
2576 					(hcd->driver->flags & HCD_MEMORY) ?
2577 					"io mem" : "io base",
2578 					(unsigned long long)hcd->rsrc_start);
2579 	}
2580 	return 0;
2581 }
2582 
2583 /**
2584  * usb_add_hcd - finish generic HCD structure initialization and register
2585  * @hcd: the usb_hcd structure to initialize
2586  * @irqnum: Interrupt line to allocate
2587  * @irqflags: Interrupt type flags
2588  *
2589  * Finish the remaining parts of generic HCD initialization: allocate the
2590  * buffers of consistent memory, register the bus, request the IRQ line,
2591  * and call the driver's reset() and start() routines.
2592  */
2593 int usb_add_hcd(struct usb_hcd *hcd,
2594 		unsigned int irqnum, unsigned long irqflags)
2595 {
2596 	int retval;
2597 	struct usb_device *rhdev;
2598 
2599 	dev_info(hcd->self.controller, "%s\n", hcd->product_desc);
2600 
2601 	/* Keep old behaviour if authorized_default is not in [0, 1]. */
2602 	if (authorized_default < 0 || authorized_default > 1)
2603 		hcd->authorized_default = hcd->wireless? 0 : 1;
2604 	else
2605 		hcd->authorized_default = authorized_default;
2606 	set_bit(HCD_FLAG_HW_ACCESSIBLE, &hcd->flags);
2607 
2608 	/* HC is in reset state, but accessible.  Now do the one-time init,
2609 	 * bottom up so that hcds can customize the root hubs before khubd
2610 	 * starts talking to them.  (Note, bus id is assigned early too.)
2611 	 */
2612 	if ((retval = hcd_buffer_create(hcd)) != 0) {
2613 		dev_dbg(hcd->self.controller, "pool alloc failed\n");
2614 		return retval;
2615 	}
2616 
2617 	if ((retval = usb_register_bus(&hcd->self)) < 0)
2618 		goto err_register_bus;
2619 
2620 	if ((rhdev = usb_alloc_dev(NULL, &hcd->self, 0)) == NULL) {
2621 		dev_err(hcd->self.controller, "unable to allocate root hub\n");
2622 		retval = -ENOMEM;
2623 		goto err_allocate_root_hub;
2624 	}
2625 	hcd->self.root_hub = rhdev;
2626 
2627 	switch (hcd->speed) {
2628 	case HCD_USB11:
2629 		rhdev->speed = USB_SPEED_FULL;
2630 		break;
2631 	case HCD_USB2:
2632 		rhdev->speed = USB_SPEED_HIGH;
2633 		break;
2634 	case HCD_USB25:
2635 		rhdev->speed = USB_SPEED_WIRELESS;
2636 		break;
2637 	case HCD_USB3:
2638 		rhdev->speed = USB_SPEED_SUPER;
2639 		break;
2640 	default:
2641 		retval = -EINVAL;
2642 		goto err_set_rh_speed;
2643 	}
2644 
2645 	/* wakeup flag init defaults to "everything works" for root hubs,
2646 	 * but drivers can override it in reset() if needed, along with
2647 	 * recording the overall controller's system wakeup capability.
2648 	 */
2649 	device_set_wakeup_capable(&rhdev->dev, 1);
2650 
2651 	/* HCD_FLAG_RH_RUNNING doesn't matter until the root hub is
2652 	 * registered.  But since the controller can die at any time,
2653 	 * let's initialize the flag before touching the hardware.
2654 	 */
2655 	set_bit(HCD_FLAG_RH_RUNNING, &hcd->flags);
2656 
2657 	/* "reset" is misnamed; its role is now one-time init. the controller
2658 	 * should already have been reset (and boot firmware kicked off etc).
2659 	 */
2660 	if (hcd->driver->reset && (retval = hcd->driver->reset(hcd)) < 0) {
2661 		dev_err(hcd->self.controller, "can't setup: %d\n", retval);
2662 		goto err_hcd_driver_setup;
2663 	}
2664 	hcd->rh_pollable = 1;
2665 
2666 	/* NOTE: root hub and controller capabilities may not be the same */
2667 	if (device_can_wakeup(hcd->self.controller)
2668 			&& device_can_wakeup(&hcd->self.root_hub->dev))
2669 		dev_dbg(hcd->self.controller, "supports USB remote wakeup\n");
2670 
2671 	/* initialize tasklets */
2672 	init_giveback_urb_bh(&hcd->high_prio_bh);
2673 	init_giveback_urb_bh(&hcd->low_prio_bh);
2674 
2675 	/* enable irqs just before we start the controller,
2676 	 * if the BIOS provides legacy PCI irqs.
2677 	 */
2678 	if (usb_hcd_is_primary_hcd(hcd) && irqnum) {
2679 		retval = usb_hcd_request_irqs(hcd, irqnum, irqflags);
2680 		if (retval)
2681 			goto err_request_irq;
2682 	}
2683 
2684 	hcd->state = HC_STATE_RUNNING;
2685 	retval = hcd->driver->start(hcd);
2686 	if (retval < 0) {
2687 		dev_err(hcd->self.controller, "startup error %d\n", retval);
2688 		goto err_hcd_driver_start;
2689 	}
2690 
2691 	/* starting here, usbcore will pay attention to this root hub */
2692 	if ((retval = register_root_hub(hcd)) != 0)
2693 		goto err_register_root_hub;
2694 
2695 	retval = sysfs_create_group(&rhdev->dev.kobj, &usb_bus_attr_group);
2696 	if (retval < 0) {
2697 		printk(KERN_ERR "Cannot register USB bus sysfs attributes: %d\n",
2698 		       retval);
2699 		goto error_create_attr_group;
2700 	}
2701 	if (hcd->uses_new_polling && HCD_POLL_RH(hcd))
2702 		usb_hcd_poll_rh_status(hcd);
2703 
2704 	/*
2705 	 * Host controllers don't generate their own wakeup requests;
2706 	 * they only forward requests from the root hub.  Therefore
2707 	 * controllers should always be enabled for remote wakeup.
2708 	 */
2709 	device_wakeup_enable(hcd->self.controller);
2710 	return retval;
2711 
2712 error_create_attr_group:
2713 	clear_bit(HCD_FLAG_RH_RUNNING, &hcd->flags);
2714 	if (HC_IS_RUNNING(hcd->state))
2715 		hcd->state = HC_STATE_QUIESCING;
2716 	spin_lock_irq(&hcd_root_hub_lock);
2717 	hcd->rh_registered = 0;
2718 	spin_unlock_irq(&hcd_root_hub_lock);
2719 
2720 #ifdef CONFIG_PM_RUNTIME
2721 	cancel_work_sync(&hcd->wakeup_work);
2722 #endif
2723 	mutex_lock(&usb_bus_list_lock);
2724 	usb_disconnect(&rhdev);		/* Sets rhdev to NULL */
2725 	mutex_unlock(&usb_bus_list_lock);
2726 err_register_root_hub:
2727 	hcd->rh_pollable = 0;
2728 	clear_bit(HCD_FLAG_POLL_RH, &hcd->flags);
2729 	del_timer_sync(&hcd->rh_timer);
2730 	hcd->driver->stop(hcd);
2731 	hcd->state = HC_STATE_HALT;
2732 	clear_bit(HCD_FLAG_POLL_RH, &hcd->flags);
2733 	del_timer_sync(&hcd->rh_timer);
2734 err_hcd_driver_start:
2735 	if (usb_hcd_is_primary_hcd(hcd) && hcd->irq > 0)
2736 		free_irq(irqnum, hcd);
2737 err_request_irq:
2738 err_hcd_driver_setup:
2739 err_set_rh_speed:
2740 	usb_put_dev(hcd->self.root_hub);
2741 err_allocate_root_hub:
2742 	usb_deregister_bus(&hcd->self);
2743 err_register_bus:
2744 	hcd_buffer_destroy(hcd);
2745 	return retval;
2746 }
2747 EXPORT_SYMBOL_GPL(usb_add_hcd);
2748 
2749 /**
2750  * usb_remove_hcd - shutdown processing for generic HCDs
2751  * @hcd: the usb_hcd structure to remove
2752  * Context: !in_interrupt()
2753  *
2754  * Disconnects the root hub, then reverses the effects of usb_add_hcd(),
2755  * invoking the HCD's stop() method.
2756  */
2757 void usb_remove_hcd(struct usb_hcd *hcd)
2758 {
2759 	struct usb_device *rhdev = hcd->self.root_hub;
2760 
2761 	dev_info(hcd->self.controller, "remove, state %x\n", hcd->state);
2762 
2763 	usb_get_dev(rhdev);
2764 	sysfs_remove_group(&rhdev->dev.kobj, &usb_bus_attr_group);
2765 
2766 	clear_bit(HCD_FLAG_RH_RUNNING, &hcd->flags);
2767 	if (HC_IS_RUNNING (hcd->state))
2768 		hcd->state = HC_STATE_QUIESCING;
2769 
2770 	dev_dbg(hcd->self.controller, "roothub graceful disconnect\n");
2771 	spin_lock_irq (&hcd_root_hub_lock);
2772 	hcd->rh_registered = 0;
2773 	spin_unlock_irq (&hcd_root_hub_lock);
2774 
2775 #ifdef CONFIG_PM_RUNTIME
2776 	cancel_work_sync(&hcd->wakeup_work);
2777 #endif
2778 
2779 	mutex_lock(&usb_bus_list_lock);
2780 	usb_disconnect(&rhdev);		/* Sets rhdev to NULL */
2781 	mutex_unlock(&usb_bus_list_lock);
2782 
2783 	/*
2784 	 * tasklet_kill() isn't needed here because:
2785 	 * - driver's disconnect() called from usb_disconnect() should
2786 	 *   make sure its URBs are completed during the disconnect()
2787 	 *   callback
2788 	 *
2789 	 * - it is too late to run complete() here since driver may have
2790 	 *   been removed already now
2791 	 */
2792 
2793 	/* Prevent any more root-hub status calls from the timer.
2794 	 * The HCD might still restart the timer (if a port status change
2795 	 * interrupt occurs), but usb_hcd_poll_rh_status() won't invoke
2796 	 * the hub_status_data() callback.
2797 	 */
2798 	hcd->rh_pollable = 0;
2799 	clear_bit(HCD_FLAG_POLL_RH, &hcd->flags);
2800 	del_timer_sync(&hcd->rh_timer);
2801 
2802 	hcd->driver->stop(hcd);
2803 	hcd->state = HC_STATE_HALT;
2804 
2805 	/* In case the HCD restarted the timer, stop it again. */
2806 	clear_bit(HCD_FLAG_POLL_RH, &hcd->flags);
2807 	del_timer_sync(&hcd->rh_timer);
2808 
2809 	if (usb_hcd_is_primary_hcd(hcd)) {
2810 		if (hcd->irq > 0)
2811 			free_irq(hcd->irq, hcd);
2812 	}
2813 
2814 	usb_put_dev(hcd->self.root_hub);
2815 	usb_deregister_bus(&hcd->self);
2816 	hcd_buffer_destroy(hcd);
2817 }
2818 EXPORT_SYMBOL_GPL(usb_remove_hcd);
2819 
2820 void
2821 usb_hcd_platform_shutdown(struct platform_device* dev)
2822 {
2823 	struct usb_hcd *hcd = platform_get_drvdata(dev);
2824 
2825 	if (hcd->driver->shutdown)
2826 		hcd->driver->shutdown(hcd);
2827 }
2828 EXPORT_SYMBOL_GPL(usb_hcd_platform_shutdown);
2829 
2830 /*-------------------------------------------------------------------------*/
2831 
2832 #if defined(CONFIG_USB_MON) || defined(CONFIG_USB_MON_MODULE)
2833 
2834 struct usb_mon_operations *mon_ops;
2835 
2836 /*
2837  * The registration is unlocked.
2838  * We do it this way because we do not want to lock in hot paths.
2839  *
2840  * Notice that the code is minimally error-proof. Because usbmon needs
2841  * symbols from usbcore, usbcore gets referenced and cannot be unloaded first.
2842  */
2843 
2844 int usb_mon_register (struct usb_mon_operations *ops)
2845 {
2846 
2847 	if (mon_ops)
2848 		return -EBUSY;
2849 
2850 	mon_ops = ops;
2851 	mb();
2852 	return 0;
2853 }
2854 EXPORT_SYMBOL_GPL (usb_mon_register);
2855 
2856 void usb_mon_deregister (void)
2857 {
2858 
2859 	if (mon_ops == NULL) {
2860 		printk(KERN_ERR "USB: monitor was not registered\n");
2861 		return;
2862 	}
2863 	mon_ops = NULL;
2864 	mb();
2865 }
2866 EXPORT_SYMBOL_GPL (usb_mon_deregister);
2867 
2868 #endif /* CONFIG_USB_MON || CONFIG_USB_MON_MODULE */
2869