1 /* 2 * bdc_ep.c - BRCM BDC USB3.0 device controller endpoint related functions 3 * 4 * Copyright (C) 2014 Broadcom Corporation 5 * 6 * Author: Ashwini Pahuja 7 * 8 * Based on drivers under drivers/usb/ 9 * 10 * This program is free software; you can redistribute it and/or modify it 11 * under the terms of the GNU General Public License as published by the 12 * Free Software Foundation; either version 2 of the License, or (at your 13 * option) any later version. 14 * 15 */ 16 #include <linux/module.h> 17 #include <linux/pci.h> 18 #include <linux/dma-mapping.h> 19 #include <linux/kernel.h> 20 #include <linux/delay.h> 21 #include <linux/dmapool.h> 22 #include <linux/ioport.h> 23 #include <linux/sched.h> 24 #include <linux/slab.h> 25 #include <linux/errno.h> 26 #include <linux/init.h> 27 #include <linux/timer.h> 28 #include <linux/list.h> 29 #include <linux/interrupt.h> 30 #include <linux/moduleparam.h> 31 #include <linux/device.h> 32 #include <linux/usb/ch9.h> 33 #include <linux/usb/gadget.h> 34 #include <linux/usb/otg.h> 35 #include <linux/pm.h> 36 #include <linux/io.h> 37 #include <linux/irq.h> 38 #include <asm/unaligned.h> 39 #include <linux/platform_device.h> 40 #include <linux/usb/composite.h> 41 42 #include "bdc.h" 43 #include "bdc_ep.h" 44 #include "bdc_cmd.h" 45 #include "bdc_dbg.h" 46 47 static const char * const ep0_state_string[] = { 48 "WAIT_FOR_SETUP", 49 "WAIT_FOR_DATA_START", 50 "WAIT_FOR_DATA_XMIT", 51 "WAIT_FOR_STATUS_START", 52 "WAIT_FOR_STATUS_XMIT", 53 "STATUS_PENDING" 54 }; 55 56 /* Free the bdl during ep disable */ 57 static void ep_bd_list_free(struct bdc_ep *ep, u32 num_tabs) 58 { 59 struct bd_list *bd_list = &ep->bd_list; 60 struct bdc *bdc = ep->bdc; 61 struct bd_table *bd_table; 62 int index; 63 64 dev_dbg(bdc->dev, "%s ep:%s num_tabs:%d\n", 65 __func__, ep->name, num_tabs); 66 67 if (!bd_list->bd_table_array) { 68 dev_dbg(bdc->dev, "%s already freed\n", ep->name); 69 return; 70 } 71 for (index = 0; index < num_tabs; index++) { 72 /* 73 * check if the bd_table struct is allocated ? 74 * if yes, then check if bd memory has been allocated, then 75 * free the dma_pool and also the bd_table struct memory 76 */ 77 bd_table = bd_list->bd_table_array[index]; 78 dev_dbg(bdc->dev, "bd_table:%p index:%d\n", bd_table, index); 79 if (!bd_table) { 80 dev_dbg(bdc->dev, "bd_table not allocated\n"); 81 continue; 82 } 83 if (!bd_table->start_bd) { 84 dev_dbg(bdc->dev, "bd dma pool not allocted\n"); 85 continue; 86 } 87 88 dev_dbg(bdc->dev, 89 "Free dma pool start_bd:%p dma:%llx\n", 90 bd_table->start_bd, 91 (unsigned long long)bd_table->dma); 92 93 dma_pool_free(bdc->bd_table_pool, 94 bd_table->start_bd, 95 bd_table->dma); 96 /* Free the bd_table structure */ 97 kfree(bd_table); 98 } 99 /* Free the bd table array */ 100 kfree(ep->bd_list.bd_table_array); 101 } 102 103 /* 104 * chain the tables, by insteting a chain bd at the end of prev_table, pointing 105 * to next_table 106 */ 107 static inline void chain_table(struct bd_table *prev_table, 108 struct bd_table *next_table, 109 u32 bd_p_tab) 110 { 111 /* Chain the prev table to next table */ 112 prev_table->start_bd[bd_p_tab-1].offset[0] = 113 cpu_to_le32(lower_32_bits(next_table->dma)); 114 115 prev_table->start_bd[bd_p_tab-1].offset[1] = 116 cpu_to_le32(upper_32_bits(next_table->dma)); 117 118 prev_table->start_bd[bd_p_tab-1].offset[2] = 119 0x0; 120 121 prev_table->start_bd[bd_p_tab-1].offset[3] = 122 cpu_to_le32(MARK_CHAIN_BD); 123 } 124 125 /* Allocate the bdl for ep, during config ep */ 126 static int ep_bd_list_alloc(struct bdc_ep *ep) 127 { 128 struct bd_table *prev_table = NULL; 129 int index, num_tabs, bd_p_tab; 130 struct bdc *bdc = ep->bdc; 131 struct bd_table *bd_table; 132 dma_addr_t dma; 133 134 if (usb_endpoint_xfer_isoc(ep->desc)) 135 num_tabs = NUM_TABLES_ISOCH; 136 else 137 num_tabs = NUM_TABLES; 138 139 bd_p_tab = NUM_BDS_PER_TABLE; 140 /* if there is only 1 table in bd list then loop chain to self */ 141 dev_dbg(bdc->dev, 142 "%s ep:%p num_tabs:%d\n", 143 __func__, ep, num_tabs); 144 145 /* Allocate memory for table array */ 146 ep->bd_list.bd_table_array = kzalloc( 147 num_tabs * sizeof(struct bd_table *), 148 GFP_ATOMIC); 149 if (!ep->bd_list.bd_table_array) 150 return -ENOMEM; 151 152 /* Allocate memory for each table */ 153 for (index = 0; index < num_tabs; index++) { 154 /* Allocate memory for bd_table structure */ 155 bd_table = kzalloc(sizeof(struct bd_table), GFP_ATOMIC); 156 if (!bd_table) 157 goto fail; 158 159 bd_table->start_bd = dma_pool_alloc(bdc->bd_table_pool, 160 GFP_ATOMIC, 161 &dma); 162 if (!bd_table->start_bd) 163 goto fail; 164 165 bd_table->dma = dma; 166 167 dev_dbg(bdc->dev, 168 "index:%d start_bd:%p dma=%08llx prev_table:%p\n", 169 index, bd_table->start_bd, 170 (unsigned long long)bd_table->dma, prev_table); 171 172 ep->bd_list.bd_table_array[index] = bd_table; 173 memset(bd_table->start_bd, 0, bd_p_tab * sizeof(struct bdc_bd)); 174 if (prev_table) 175 chain_table(prev_table, bd_table, bd_p_tab); 176 177 prev_table = bd_table; 178 } 179 chain_table(prev_table, ep->bd_list.bd_table_array[0], bd_p_tab); 180 /* Memory allocation is successful, now init the internal fields */ 181 ep->bd_list.num_tabs = num_tabs; 182 ep->bd_list.max_bdi = (num_tabs * bd_p_tab) - 1; 183 ep->bd_list.num_tabs = num_tabs; 184 ep->bd_list.num_bds_table = bd_p_tab; 185 ep->bd_list.eqp_bdi = 0; 186 ep->bd_list.hwd_bdi = 0; 187 188 return 0; 189 fail: 190 /* Free the bd_table_array, bd_table struct, bd's */ 191 ep_bd_list_free(ep, num_tabs); 192 193 return -ENOMEM; 194 } 195 196 /* returns how many bd's are need for this transfer */ 197 static inline int bd_needed_req(struct bdc_req *req) 198 { 199 int bd_needed = 0; 200 int remaining; 201 202 /* 1 bd needed for 0 byte transfer */ 203 if (req->usb_req.length == 0) 204 return 1; 205 206 /* remaining bytes after tranfering all max BD size BD's */ 207 remaining = req->usb_req.length % BD_MAX_BUFF_SIZE; 208 if (remaining) 209 bd_needed++; 210 211 /* How many maximum BUFF size BD's ? */ 212 remaining = req->usb_req.length / BD_MAX_BUFF_SIZE; 213 bd_needed += remaining; 214 215 return bd_needed; 216 } 217 218 /* returns the bd index(bdi) corresponding to bd dma address */ 219 static int bd_add_to_bdi(struct bdc_ep *ep, dma_addr_t bd_dma_addr) 220 { 221 struct bd_list *bd_list = &ep->bd_list; 222 dma_addr_t dma_first_bd, dma_last_bd; 223 struct bdc *bdc = ep->bdc; 224 struct bd_table *bd_table; 225 bool found = false; 226 int tbi, bdi; 227 228 dma_first_bd = dma_last_bd = 0; 229 dev_dbg(bdc->dev, "%s %llx\n", 230 __func__, (unsigned long long)bd_dma_addr); 231 /* 232 * Find in which table this bd_dma_addr belongs?, go through the table 233 * array and compare addresses of first and last address of bd of each 234 * table 235 */ 236 for (tbi = 0; tbi < bd_list->num_tabs; tbi++) { 237 bd_table = bd_list->bd_table_array[tbi]; 238 dma_first_bd = bd_table->dma; 239 dma_last_bd = bd_table->dma + 240 (sizeof(struct bdc_bd) * 241 (bd_list->num_bds_table - 1)); 242 dev_dbg(bdc->dev, "dma_first_bd:%llx dma_last_bd:%llx\n", 243 (unsigned long long)dma_first_bd, 244 (unsigned long long)dma_last_bd); 245 if (bd_dma_addr >= dma_first_bd && bd_dma_addr <= dma_last_bd) { 246 found = true; 247 break; 248 } 249 } 250 if (unlikely(!found)) { 251 dev_err(bdc->dev, "%s FATAL err, bd not found\n", __func__); 252 return -EINVAL; 253 } 254 /* Now we know the table, find the bdi */ 255 bdi = (bd_dma_addr - dma_first_bd) / sizeof(struct bdc_bd); 256 257 /* return the global bdi, to compare with ep eqp_bdi */ 258 return (bdi + (tbi * bd_list->num_bds_table)); 259 } 260 261 /* returns the table index(tbi) of the given bdi */ 262 static int bdi_to_tbi(struct bdc_ep *ep, int bdi) 263 { 264 int tbi; 265 266 tbi = bdi / ep->bd_list.num_bds_table; 267 dev_vdbg(ep->bdc->dev, 268 "bdi:%d num_bds_table:%d tbi:%d\n", 269 bdi, ep->bd_list.num_bds_table, tbi); 270 271 return tbi; 272 } 273 274 /* Find the bdi last bd in the transfer */ 275 static inline int find_end_bdi(struct bdc_ep *ep, int next_hwd_bdi) 276 { 277 int end_bdi; 278 279 end_bdi = next_hwd_bdi - 1; 280 if (end_bdi < 0) 281 end_bdi = ep->bd_list.max_bdi - 1; 282 else if ((end_bdi % (ep->bd_list.num_bds_table-1)) == 0) 283 end_bdi--; 284 285 return end_bdi; 286 } 287 288 /* 289 * How many transfer bd's are available on this ep bdl, chain bds are not 290 * counted in available bds 291 */ 292 static int bd_available_ep(struct bdc_ep *ep) 293 { 294 struct bd_list *bd_list = &ep->bd_list; 295 int available1, available2; 296 struct bdc *bdc = ep->bdc; 297 int chain_bd1, chain_bd2; 298 int available_bd = 0; 299 300 available1 = available2 = chain_bd1 = chain_bd2 = 0; 301 /* if empty then we have all bd's available - number of chain bd's */ 302 if (bd_list->eqp_bdi == bd_list->hwd_bdi) 303 return bd_list->max_bdi - bd_list->num_tabs; 304 305 /* 306 * Depending upon where eqp and dqp pointers are, caculate number 307 * of avaialble bd's 308 */ 309 if (bd_list->hwd_bdi < bd_list->eqp_bdi) { 310 /* available bd's are from eqp..max_bds + 0..dqp - chain_bds */ 311 available1 = bd_list->max_bdi - bd_list->eqp_bdi; 312 available2 = bd_list->hwd_bdi; 313 chain_bd1 = available1 / bd_list->num_bds_table; 314 chain_bd2 = available2 / bd_list->num_bds_table; 315 dev_vdbg(bdc->dev, "chain_bd1:%d chain_bd2:%d\n", 316 chain_bd1, chain_bd2); 317 available_bd = available1 + available2 - chain_bd1 - chain_bd2; 318 } else { 319 /* available bd's are from eqp..dqp - number of chain bd's */ 320 available1 = bd_list->hwd_bdi - bd_list->eqp_bdi; 321 /* if gap between eqp and dqp is less than NUM_BDS_PER_TABLE */ 322 if ((bd_list->hwd_bdi - bd_list->eqp_bdi) 323 <= bd_list->num_bds_table) { 324 /* If there any chain bd in between */ 325 if (!(bdi_to_tbi(ep, bd_list->hwd_bdi) 326 == bdi_to_tbi(ep, bd_list->eqp_bdi))) { 327 available_bd = available1 - 1; 328 } 329 } else { 330 chain_bd1 = available1 / bd_list->num_bds_table; 331 available_bd = available1 - chain_bd1; 332 } 333 } 334 /* 335 * we need to keep one extra bd to check if ring is full or empty so 336 * reduce by 1 337 */ 338 available_bd--; 339 dev_vdbg(bdc->dev, "available_bd:%d\n", available_bd); 340 341 return available_bd; 342 } 343 344 /* Notify the hardware after queueing the bd to bdl */ 345 void bdc_notify_xfr(struct bdc *bdc, u32 epnum) 346 { 347 struct bdc_ep *ep = bdc->bdc_ep_array[epnum]; 348 349 dev_vdbg(bdc->dev, "%s epnum:%d\n", __func__, epnum); 350 /* 351 * We don't have anyway to check if ep state is running, 352 * except the software flags. 353 */ 354 if (unlikely(ep->flags & BDC_EP_STOP)) 355 ep->flags &= ~BDC_EP_STOP; 356 357 bdc_writel(bdc->regs, BDC_XSFNTF, epnum); 358 } 359 360 /* returns the bd corresponding to bdi */ 361 static struct bdc_bd *bdi_to_bd(struct bdc_ep *ep, int bdi) 362 { 363 int tbi = bdi_to_tbi(ep, bdi); 364 int local_bdi = 0; 365 366 local_bdi = bdi - (tbi * ep->bd_list.num_bds_table); 367 dev_vdbg(ep->bdc->dev, 368 "%s bdi:%d local_bdi:%d\n", 369 __func__, bdi, local_bdi); 370 371 return (ep->bd_list.bd_table_array[tbi]->start_bd + local_bdi); 372 } 373 374 /* Advance the enqueue pointer */ 375 static void ep_bdlist_eqp_adv(struct bdc_ep *ep) 376 { 377 ep->bd_list.eqp_bdi++; 378 /* if it's chain bd, then move to next */ 379 if (((ep->bd_list.eqp_bdi + 1) % ep->bd_list.num_bds_table) == 0) 380 ep->bd_list.eqp_bdi++; 381 382 /* if the eqp is pointing to last + 1 then move back to 0 */ 383 if (ep->bd_list.eqp_bdi == (ep->bd_list.max_bdi + 1)) 384 ep->bd_list.eqp_bdi = 0; 385 } 386 387 /* Setup the first bd for ep0 transfer */ 388 static int setup_first_bd_ep0(struct bdc *bdc, struct bdc_req *req, u32 *dword3) 389 { 390 u16 wValue; 391 u32 req_len; 392 393 req->ep->dir = 0; 394 req_len = req->usb_req.length; 395 switch (bdc->ep0_state) { 396 case WAIT_FOR_DATA_START: 397 *dword3 |= BD_TYPE_DS; 398 if (bdc->setup_pkt.bRequestType & USB_DIR_IN) 399 *dword3 |= BD_DIR_IN; 400 401 /* check if zlp will be needed */ 402 wValue = le16_to_cpu(bdc->setup_pkt.wValue); 403 if ((wValue > req_len) && 404 (req_len % bdc->gadget.ep0->maxpacket == 0)) { 405 dev_dbg(bdc->dev, "ZLP needed wVal:%d len:%d MaxP:%d\n", 406 wValue, req_len, 407 bdc->gadget.ep0->maxpacket); 408 bdc->zlp_needed = true; 409 } 410 break; 411 412 case WAIT_FOR_STATUS_START: 413 *dword3 |= BD_TYPE_SS; 414 if (!le16_to_cpu(bdc->setup_pkt.wLength) || 415 !(bdc->setup_pkt.bRequestType & USB_DIR_IN)) 416 *dword3 |= BD_DIR_IN; 417 break; 418 default: 419 dev_err(bdc->dev, 420 "Unknown ep0 state for queueing bd ep0_state:%s\n", 421 ep0_state_string[bdc->ep0_state]); 422 return -EINVAL; 423 } 424 425 return 0; 426 } 427 428 /* Setup the bd dma descriptor for a given request */ 429 static int setup_bd_list_xfr(struct bdc *bdc, struct bdc_req *req, int num_bds) 430 { 431 dma_addr_t buf_add = req->usb_req.dma; 432 u32 maxp, tfs, dword2, dword3; 433 struct bd_transfer *bd_xfr; 434 struct bd_list *bd_list; 435 struct bdc_ep *ep; 436 struct bdc_bd *bd; 437 int ret, bdnum; 438 u32 req_len; 439 440 ep = req->ep; 441 bd_list = &ep->bd_list; 442 bd_xfr = &req->bd_xfr; 443 bd_xfr->req = req; 444 bd_xfr->start_bdi = bd_list->eqp_bdi; 445 bd = bdi_to_bd(ep, bd_list->eqp_bdi); 446 req_len = req->usb_req.length; 447 maxp = usb_endpoint_maxp(ep->desc) & 0x7ff; 448 tfs = roundup(req->usb_req.length, maxp); 449 tfs = tfs/maxp; 450 dev_vdbg(bdc->dev, "%s ep:%s num_bds:%d tfs:%d r_len:%d bd:%p\n", 451 __func__, ep->name, num_bds, tfs, req_len, bd); 452 453 for (bdnum = 0; bdnum < num_bds; bdnum++) { 454 dword2 = dword3 = 0; 455 /* First bd */ 456 if (!bdnum) { 457 dword3 |= BD_SOT|BD_SBF|(tfs<<BD_TFS_SHIFT); 458 dword2 |= BD_LTF; 459 /* format of first bd for ep0 is different than other */ 460 if (ep->ep_num == 1) { 461 ret = setup_first_bd_ep0(bdc, req, &dword3); 462 if (ret) 463 return ret; 464 } 465 } 466 if (!req->ep->dir) 467 dword3 |= BD_ISP; 468 469 if (req_len > BD_MAX_BUFF_SIZE) { 470 dword2 |= BD_MAX_BUFF_SIZE; 471 req_len -= BD_MAX_BUFF_SIZE; 472 } else { 473 /* this should be the last bd */ 474 dword2 |= req_len; 475 dword3 |= BD_IOC; 476 dword3 |= BD_EOT; 477 } 478 /* Currently only 1 INT target is supported */ 479 dword2 |= BD_INTR_TARGET(0); 480 bd = bdi_to_bd(ep, ep->bd_list.eqp_bdi); 481 if (unlikely(!bd)) { 482 dev_err(bdc->dev, "Err bd pointing to wrong addr\n"); 483 return -EINVAL; 484 } 485 /* write bd */ 486 bd->offset[0] = cpu_to_le32(lower_32_bits(buf_add)); 487 bd->offset[1] = cpu_to_le32(upper_32_bits(buf_add)); 488 bd->offset[2] = cpu_to_le32(dword2); 489 bd->offset[3] = cpu_to_le32(dword3); 490 /* advance eqp pointer */ 491 ep_bdlist_eqp_adv(ep); 492 /* advance the buff pointer */ 493 buf_add += BD_MAX_BUFF_SIZE; 494 dev_vdbg(bdc->dev, "buf_add:%08llx req_len:%d bd:%p eqp:%d\n", 495 (unsigned long long)buf_add, req_len, bd, 496 ep->bd_list.eqp_bdi); 497 bd = bdi_to_bd(ep, ep->bd_list.eqp_bdi); 498 bd->offset[3] = cpu_to_le32(BD_SBF); 499 } 500 /* clear the STOP BD fetch bit from the first bd of this xfr */ 501 bd = bdi_to_bd(ep, bd_xfr->start_bdi); 502 bd->offset[3] &= cpu_to_le32(~BD_SBF); 503 /* the new eqp will be next hw dqp */ 504 bd_xfr->num_bds = num_bds; 505 bd_xfr->next_hwd_bdi = ep->bd_list.eqp_bdi; 506 /* everything is written correctly before notifying the HW */ 507 wmb(); 508 509 return 0; 510 } 511 512 /* Queue the xfr */ 513 static int bdc_queue_xfr(struct bdc *bdc, struct bdc_req *req) 514 { 515 int num_bds, bd_available; 516 struct bdc_ep *ep; 517 int ret; 518 519 ep = req->ep; 520 dev_dbg(bdc->dev, "%s req:%p\n", __func__, req); 521 dev_dbg(bdc->dev, "eqp_bdi:%d hwd_bdi:%d\n", 522 ep->bd_list.eqp_bdi, ep->bd_list.hwd_bdi); 523 524 num_bds = bd_needed_req(req); 525 bd_available = bd_available_ep(ep); 526 527 /* how many bd's are avaialble on ep */ 528 if (num_bds > bd_available) 529 return -ENOMEM; 530 531 ret = setup_bd_list_xfr(bdc, req, num_bds); 532 if (ret) 533 return ret; 534 list_add_tail(&req->queue, &ep->queue); 535 bdc_dbg_bd_list(bdc, ep); 536 bdc_notify_xfr(bdc, ep->ep_num); 537 538 return 0; 539 } 540 541 /* callback to gadget layer when xfr completes */ 542 static void bdc_req_complete(struct bdc_ep *ep, struct bdc_req *req, 543 int status) 544 { 545 struct bdc *bdc = ep->bdc; 546 547 if (req == NULL || &req->queue == NULL || &req->usb_req == NULL) 548 return; 549 550 dev_dbg(bdc->dev, "%s ep:%s status:%d\n", __func__, ep->name, status); 551 list_del(&req->queue); 552 req->usb_req.status = status; 553 usb_gadget_unmap_request(&bdc->gadget, &req->usb_req, ep->dir); 554 if (req->usb_req.complete) { 555 spin_unlock(&bdc->lock); 556 usb_gadget_giveback_request(&ep->usb_ep, &req->usb_req); 557 spin_lock(&bdc->lock); 558 } 559 } 560 561 /* Disable the endpoint */ 562 int bdc_ep_disable(struct bdc_ep *ep) 563 { 564 struct bdc_req *req; 565 struct bdc *bdc; 566 int ret; 567 568 ret = 0; 569 bdc = ep->bdc; 570 dev_dbg(bdc->dev, "%s() ep->ep_num=%d\n", __func__, ep->ep_num); 571 /* Stop the endpoint */ 572 ret = bdc_stop_ep(bdc, ep->ep_num); 573 574 /* 575 * Intentionally don't check the ret value of stop, it can fail in 576 * disconnect scenarios, continue with dconfig 577 */ 578 /* de-queue any pending requests */ 579 while (!list_empty(&ep->queue)) { 580 req = list_entry(ep->queue.next, struct bdc_req, 581 queue); 582 bdc_req_complete(ep, req, -ESHUTDOWN); 583 } 584 /* deconfigure the endpoint */ 585 ret = bdc_dconfig_ep(bdc, ep); 586 if (ret) 587 dev_warn(bdc->dev, 588 "dconfig fail but continue with memory free"); 589 590 ep->flags = 0; 591 /* ep0 memory is not freed, but reused on next connect sr */ 592 if (ep->ep_num == 1) 593 return 0; 594 595 /* Free the bdl memory */ 596 ep_bd_list_free(ep, ep->bd_list.num_tabs); 597 ep->desc = NULL; 598 ep->comp_desc = NULL; 599 ep->usb_ep.desc = NULL; 600 ep->ep_type = 0; 601 602 return ret; 603 } 604 605 /* Enable the ep */ 606 int bdc_ep_enable(struct bdc_ep *ep) 607 { 608 struct bdc *bdc; 609 int ret = 0; 610 611 bdc = ep->bdc; 612 dev_dbg(bdc->dev, "%s NUM_TABLES:%d %d\n", 613 __func__, NUM_TABLES, NUM_TABLES_ISOCH); 614 615 ret = ep_bd_list_alloc(ep); 616 if (ret) { 617 dev_err(bdc->dev, "ep bd list allocation failed:%d\n", ret); 618 return -ENOMEM; 619 } 620 bdc_dbg_bd_list(bdc, ep); 621 /* only for ep0: config ep is called for ep0 from connect event */ 622 ep->flags |= BDC_EP_ENABLED; 623 if (ep->ep_num == 1) 624 return ret; 625 626 /* Issue a configure endpoint command */ 627 ret = bdc_config_ep(bdc, ep); 628 if (ret) 629 return ret; 630 631 ep->usb_ep.maxpacket = usb_endpoint_maxp(ep->desc); 632 ep->usb_ep.desc = ep->desc; 633 ep->usb_ep.comp_desc = ep->comp_desc; 634 ep->ep_type = usb_endpoint_type(ep->desc); 635 ep->flags |= BDC_EP_ENABLED; 636 637 return 0; 638 } 639 640 /* EP0 related code */ 641 642 /* Queue a status stage BD */ 643 static int ep0_queue_status_stage(struct bdc *bdc) 644 { 645 struct bdc_req *status_req; 646 struct bdc_ep *ep; 647 648 status_req = &bdc->status_req; 649 ep = bdc->bdc_ep_array[1]; 650 status_req->ep = ep; 651 status_req->usb_req.length = 0; 652 status_req->usb_req.status = -EINPROGRESS; 653 status_req->usb_req.actual = 0; 654 status_req->usb_req.complete = NULL; 655 bdc_queue_xfr(bdc, status_req); 656 657 return 0; 658 } 659 660 /* Queue xfr on ep0 */ 661 static int ep0_queue(struct bdc_ep *ep, struct bdc_req *req) 662 { 663 struct bdc *bdc; 664 int ret; 665 666 bdc = ep->bdc; 667 dev_dbg(bdc->dev, "%s()\n", __func__); 668 req->usb_req.actual = 0; 669 req->usb_req.status = -EINPROGRESS; 670 req->epnum = ep->ep_num; 671 672 if (bdc->delayed_status) { 673 bdc->delayed_status = false; 674 /* if status stage was delayed? */ 675 if (bdc->ep0_state == WAIT_FOR_STATUS_START) { 676 /* Queue a status stage BD */ 677 ep0_queue_status_stage(bdc); 678 bdc->ep0_state = WAIT_FOR_STATUS_XMIT; 679 return 0; 680 } 681 } else { 682 /* 683 * if delayed status is false and 0 length transfer is requested 684 * i.e. for status stage of some setup request, then just 685 * return from here the status stage is queued independently 686 */ 687 if (req->usb_req.length == 0) 688 return 0; 689 690 } 691 ret = usb_gadget_map_request(&bdc->gadget, &req->usb_req, ep->dir); 692 if (ret) { 693 dev_err(bdc->dev, "dma mapping failed %s\n", ep->name); 694 return ret; 695 } 696 697 return bdc_queue_xfr(bdc, req); 698 } 699 700 /* Queue data stage */ 701 static int ep0_queue_data_stage(struct bdc *bdc) 702 { 703 struct usb_request *ep0_usb_req; 704 struct bdc_ep *ep; 705 706 dev_dbg(bdc->dev, "%s\n", __func__); 707 ep0_usb_req = &bdc->ep0_req.usb_req; 708 ep = bdc->bdc_ep_array[1]; 709 bdc->ep0_req.ep = ep; 710 bdc->ep0_req.usb_req.complete = NULL; 711 712 return ep0_queue(ep, &bdc->ep0_req); 713 } 714 715 /* Queue req on ep */ 716 static int ep_queue(struct bdc_ep *ep, struct bdc_req *req) 717 { 718 struct bdc *bdc; 719 int ret = 0; 720 721 bdc = ep->bdc; 722 if (!req || !ep || !ep->usb_ep.desc) 723 return -EINVAL; 724 725 req->usb_req.actual = 0; 726 req->usb_req.status = -EINPROGRESS; 727 req->epnum = ep->ep_num; 728 729 ret = usb_gadget_map_request(&bdc->gadget, &req->usb_req, ep->dir); 730 if (ret) { 731 dev_err(bdc->dev, "dma mapping failed\n"); 732 return ret; 733 } 734 735 return bdc_queue_xfr(bdc, req); 736 } 737 738 /* Dequeue a request from ep */ 739 static int ep_dequeue(struct bdc_ep *ep, struct bdc_req *req) 740 { 741 int start_bdi, end_bdi, tbi, eqp_bdi, curr_hw_dqpi; 742 bool start_pending, end_pending; 743 bool first_remove = false; 744 struct bdc_req *first_req; 745 struct bdc_bd *bd_start; 746 struct bd_table *table; 747 dma_addr_t next_bd_dma; 748 u64 deq_ptr_64 = 0; 749 struct bdc *bdc; 750 u32 tmp_32; 751 int ret; 752 753 bdc = ep->bdc; 754 start_pending = end_pending = false; 755 eqp_bdi = ep->bd_list.eqp_bdi - 1; 756 757 if (eqp_bdi < 0) 758 eqp_bdi = ep->bd_list.max_bdi; 759 760 start_bdi = req->bd_xfr.start_bdi; 761 end_bdi = find_end_bdi(ep, req->bd_xfr.next_hwd_bdi); 762 763 dev_dbg(bdc->dev, "%s ep:%s start:%d end:%d\n", 764 __func__, ep->name, start_bdi, end_bdi); 765 dev_dbg(bdc->dev, "ep_dequeue ep=%p ep->desc=%p\n", 766 ep, (void *)ep->usb_ep.desc); 767 /* Stop the ep to see where the HW is ? */ 768 ret = bdc_stop_ep(bdc, ep->ep_num); 769 /* if there is an issue with stopping ep, then no need to go further */ 770 if (ret) 771 return 0; 772 773 /* 774 * After endpoint is stopped, there can be 3 cases, the request 775 * is processed, pending or in the middle of processing 776 */ 777 778 /* The current hw dequeue pointer */ 779 tmp_32 = bdc_readl(bdc->regs, BDC_EPSTS0(0)); 780 deq_ptr_64 = tmp_32; 781 tmp_32 = bdc_readl(bdc->regs, BDC_EPSTS0(1)); 782 deq_ptr_64 |= ((u64)tmp_32 << 32); 783 784 /* we have the dma addr of next bd that will be fetched by hardware */ 785 curr_hw_dqpi = bd_add_to_bdi(ep, deq_ptr_64); 786 if (curr_hw_dqpi < 0) 787 return curr_hw_dqpi; 788 789 /* 790 * curr_hw_dqpi points to actual dqp of HW and HW owns bd's from 791 * curr_hw_dqbdi..eqp_bdi. 792 */ 793 794 /* Check if start_bdi and end_bdi are in range of HW owned BD's */ 795 if (curr_hw_dqpi > eqp_bdi) { 796 /* there is a wrap from last to 0 */ 797 if (start_bdi >= curr_hw_dqpi || start_bdi <= eqp_bdi) { 798 start_pending = true; 799 end_pending = true; 800 } else if (end_bdi >= curr_hw_dqpi || end_bdi <= eqp_bdi) { 801 end_pending = true; 802 } 803 } else { 804 if (start_bdi >= curr_hw_dqpi) { 805 start_pending = true; 806 end_pending = true; 807 } else if (end_bdi >= curr_hw_dqpi) { 808 end_pending = true; 809 } 810 } 811 dev_dbg(bdc->dev, 812 "start_pending:%d end_pending:%d speed:%d\n", 813 start_pending, end_pending, bdc->gadget.speed); 814 815 /* If both start till end are processes, we cannot deq req */ 816 if (!start_pending && !end_pending) 817 return -EINVAL; 818 819 /* 820 * if ep_dequeue is called after disconnect then just return 821 * success from here 822 */ 823 if (bdc->gadget.speed == USB_SPEED_UNKNOWN) 824 return 0; 825 tbi = bdi_to_tbi(ep, req->bd_xfr.next_hwd_bdi); 826 table = ep->bd_list.bd_table_array[tbi]; 827 next_bd_dma = table->dma + 828 sizeof(struct bdc_bd)*(req->bd_xfr.next_hwd_bdi - 829 tbi * ep->bd_list.num_bds_table); 830 831 first_req = list_first_entry(&ep->queue, struct bdc_req, 832 queue); 833 834 if (req == first_req) 835 first_remove = true; 836 837 /* 838 * Due to HW limitation we need to bypadd chain bd's and issue ep_bla, 839 * incase if start is pending this is the first request in the list 840 * then issue ep_bla instead of marking as chain bd 841 */ 842 if (start_pending && !first_remove) { 843 /* 844 * Mark the start bd as Chain bd, and point the chain 845 * bd to next_bd_dma 846 */ 847 bd_start = bdi_to_bd(ep, start_bdi); 848 bd_start->offset[0] = cpu_to_le32(lower_32_bits(next_bd_dma)); 849 bd_start->offset[1] = cpu_to_le32(upper_32_bits(next_bd_dma)); 850 bd_start->offset[2] = 0x0; 851 bd_start->offset[3] = cpu_to_le32(MARK_CHAIN_BD); 852 bdc_dbg_bd_list(bdc, ep); 853 } else if (end_pending) { 854 /* 855 * The transfer is stopped in the middle, move the 856 * HW deq pointer to next_bd_dma 857 */ 858 ret = bdc_ep_bla(bdc, ep, next_bd_dma); 859 if (ret) { 860 dev_err(bdc->dev, "error in ep_bla:%d\n", ret); 861 return ret; 862 } 863 } 864 865 return 0; 866 } 867 868 /* Halt/Clear the ep based on value */ 869 static int ep_set_halt(struct bdc_ep *ep, u32 value) 870 { 871 struct bdc *bdc; 872 int ret; 873 874 bdc = ep->bdc; 875 dev_dbg(bdc->dev, "%s ep:%s value=%d\n", __func__, ep->name, value); 876 877 if (value) { 878 dev_dbg(bdc->dev, "Halt\n"); 879 if (ep->ep_num == 1) 880 bdc->ep0_state = WAIT_FOR_SETUP; 881 882 ret = bdc_ep_set_stall(bdc, ep->ep_num); 883 if (ret) 884 dev_err(bdc->dev, "failed to %s STALL on %s\n", 885 value ? "set" : "clear", ep->name); 886 else 887 ep->flags |= BDC_EP_STALL; 888 } else { 889 /* Clear */ 890 dev_dbg(bdc->dev, "Before Clear\n"); 891 ret = bdc_ep_clear_stall(bdc, ep->ep_num); 892 if (ret) 893 dev_err(bdc->dev, "failed to %s STALL on %s\n", 894 value ? "set" : "clear", ep->name); 895 else 896 ep->flags &= ~BDC_EP_STALL; 897 dev_dbg(bdc->dev, "After Clear\n"); 898 } 899 900 return ret; 901 } 902 903 /* Free all the ep */ 904 void bdc_free_ep(struct bdc *bdc) 905 { 906 struct bdc_ep *ep; 907 u8 epnum; 908 909 dev_dbg(bdc->dev, "%s\n", __func__); 910 for (epnum = 1; epnum < bdc->num_eps; epnum++) { 911 ep = bdc->bdc_ep_array[epnum]; 912 if (!ep) 913 continue; 914 915 if (ep->flags & BDC_EP_ENABLED) 916 ep_bd_list_free(ep, ep->bd_list.num_tabs); 917 918 /* ep0 is not in this gadget list */ 919 if (epnum != 1) 920 list_del(&ep->usb_ep.ep_list); 921 922 kfree(ep); 923 } 924 } 925 926 /* USB2 spec, section 7.1.20 */ 927 static int bdc_set_test_mode(struct bdc *bdc) 928 { 929 u32 usb2_pm; 930 931 usb2_pm = bdc_readl(bdc->regs, BDC_USPPM2); 932 usb2_pm &= ~BDC_PTC_MASK; 933 dev_dbg(bdc->dev, "%s\n", __func__); 934 switch (bdc->test_mode) { 935 case TEST_J: 936 case TEST_K: 937 case TEST_SE0_NAK: 938 case TEST_PACKET: 939 case TEST_FORCE_EN: 940 usb2_pm |= bdc->test_mode << 28; 941 break; 942 default: 943 return -EINVAL; 944 } 945 dev_dbg(bdc->dev, "usb2_pm=%08x", usb2_pm); 946 bdc_writel(bdc->regs, BDC_USPPM2, usb2_pm); 947 948 return 0; 949 } 950 951 /* 952 * Helper function to handle Transfer status report with status as either 953 * success or short 954 */ 955 static void handle_xsr_succ_status(struct bdc *bdc, struct bdc_ep *ep, 956 struct bdc_sr *sreport) 957 { 958 int short_bdi, start_bdi, end_bdi, max_len_bds, chain_bds; 959 struct bd_list *bd_list = &ep->bd_list; 960 int actual_length, length_short; 961 struct bd_transfer *bd_xfr; 962 struct bdc_bd *short_bd; 963 struct bdc_req *req; 964 u64 deq_ptr_64 = 0; 965 int status = 0; 966 int sr_status; 967 u32 tmp_32; 968 969 dev_dbg(bdc->dev, "%s ep:%p\n", __func__, ep); 970 bdc_dbg_srr(bdc, 0); 971 /* do not process thie sr if ignore flag is set */ 972 if (ep->ignore_next_sr) { 973 ep->ignore_next_sr = false; 974 return; 975 } 976 977 if (unlikely(list_empty(&ep->queue))) { 978 dev_warn(bdc->dev, "xfr srr with no BD's queued\n"); 979 return; 980 } 981 req = list_entry(ep->queue.next, struct bdc_req, 982 queue); 983 984 bd_xfr = &req->bd_xfr; 985 sr_status = XSF_STS(le32_to_cpu(sreport->offset[3])); 986 987 /* 988 * sr_status is short and this transfer has more than 1 bd then it needs 989 * special handling, this is only applicable for bulk and ctrl 990 */ 991 if (sr_status == XSF_SHORT && bd_xfr->num_bds > 1) { 992 /* 993 * This is multi bd xfr, lets see which bd 994 * caused short transfer and how many bytes have been 995 * transferred so far. 996 */ 997 tmp_32 = le32_to_cpu(sreport->offset[0]); 998 deq_ptr_64 = tmp_32; 999 tmp_32 = le32_to_cpu(sreport->offset[1]); 1000 deq_ptr_64 |= ((u64)tmp_32 << 32); 1001 short_bdi = bd_add_to_bdi(ep, deq_ptr_64); 1002 if (unlikely(short_bdi < 0)) 1003 dev_warn(bdc->dev, "bd doesn't exist?\n"); 1004 1005 start_bdi = bd_xfr->start_bdi; 1006 /* 1007 * We know the start_bdi and short_bdi, how many xfr 1008 * bds in between 1009 */ 1010 if (start_bdi <= short_bdi) { 1011 max_len_bds = short_bdi - start_bdi; 1012 if (max_len_bds <= bd_list->num_bds_table) { 1013 if (!(bdi_to_tbi(ep, start_bdi) == 1014 bdi_to_tbi(ep, short_bdi))) 1015 max_len_bds--; 1016 } else { 1017 chain_bds = max_len_bds/bd_list->num_bds_table; 1018 max_len_bds -= chain_bds; 1019 } 1020 } else { 1021 /* there is a wrap in the ring within a xfr */ 1022 chain_bds = (bd_list->max_bdi - start_bdi)/ 1023 bd_list->num_bds_table; 1024 chain_bds += short_bdi/bd_list->num_bds_table; 1025 max_len_bds = bd_list->max_bdi - start_bdi; 1026 max_len_bds += short_bdi; 1027 max_len_bds -= chain_bds; 1028 } 1029 /* max_len_bds is the number of full length bds */ 1030 end_bdi = find_end_bdi(ep, bd_xfr->next_hwd_bdi); 1031 if (!(end_bdi == short_bdi)) 1032 ep->ignore_next_sr = true; 1033 1034 actual_length = max_len_bds * BD_MAX_BUFF_SIZE; 1035 short_bd = bdi_to_bd(ep, short_bdi); 1036 /* length queued */ 1037 length_short = le32_to_cpu(short_bd->offset[2]) & 0x1FFFFF; 1038 /* actual length trensfered */ 1039 length_short -= SR_BD_LEN(le32_to_cpu(sreport->offset[2])); 1040 actual_length += length_short; 1041 req->usb_req.actual = actual_length; 1042 } else { 1043 req->usb_req.actual = req->usb_req.length - 1044 SR_BD_LEN(le32_to_cpu(sreport->offset[2])); 1045 dev_dbg(bdc->dev, 1046 "len=%d actual=%d bd_xfr->next_hwd_bdi:%d\n", 1047 req->usb_req.length, req->usb_req.actual, 1048 bd_xfr->next_hwd_bdi); 1049 } 1050 1051 /* Update the dequeue pointer */ 1052 ep->bd_list.hwd_bdi = bd_xfr->next_hwd_bdi; 1053 if (req->usb_req.actual < req->usb_req.length) { 1054 dev_dbg(bdc->dev, "short xfr on %d\n", ep->ep_num); 1055 if (req->usb_req.short_not_ok) 1056 status = -EREMOTEIO; 1057 } 1058 bdc_req_complete(ep, bd_xfr->req, status); 1059 } 1060 1061 /* EP0 setup related packet handlers */ 1062 1063 /* 1064 * Setup packet received, just store the packet and process on next DS or SS 1065 * started SR 1066 */ 1067 void bdc_xsf_ep0_setup_recv(struct bdc *bdc, struct bdc_sr *sreport) 1068 { 1069 struct usb_ctrlrequest *setup_pkt; 1070 u32 len; 1071 1072 dev_dbg(bdc->dev, 1073 "%s ep0_state:%s\n", 1074 __func__, ep0_state_string[bdc->ep0_state]); 1075 /* Store received setup packet */ 1076 setup_pkt = &bdc->setup_pkt; 1077 memcpy(setup_pkt, &sreport->offset[0], sizeof(*setup_pkt)); 1078 len = le16_to_cpu(setup_pkt->wLength); 1079 if (!len) 1080 bdc->ep0_state = WAIT_FOR_STATUS_START; 1081 else 1082 bdc->ep0_state = WAIT_FOR_DATA_START; 1083 1084 1085 dev_dbg(bdc->dev, 1086 "%s exit ep0_state:%s\n", 1087 __func__, ep0_state_string[bdc->ep0_state]); 1088 } 1089 1090 /* Stall ep0 */ 1091 static void ep0_stall(struct bdc *bdc) 1092 { 1093 struct bdc_ep *ep = bdc->bdc_ep_array[1]; 1094 struct bdc_req *req; 1095 1096 dev_dbg(bdc->dev, "%s\n", __func__); 1097 bdc->delayed_status = false; 1098 ep_set_halt(ep, 1); 1099 1100 /* de-queue any pendig requests */ 1101 while (!list_empty(&ep->queue)) { 1102 req = list_entry(ep->queue.next, struct bdc_req, 1103 queue); 1104 bdc_req_complete(ep, req, -ESHUTDOWN); 1105 } 1106 } 1107 1108 /* SET_ADD handlers */ 1109 static int ep0_set_address(struct bdc *bdc, struct usb_ctrlrequest *ctrl) 1110 { 1111 enum usb_device_state state = bdc->gadget.state; 1112 int ret = 0; 1113 u32 addr; 1114 1115 addr = le16_to_cpu(ctrl->wValue); 1116 dev_dbg(bdc->dev, 1117 "%s addr:%d dev state:%d\n", 1118 __func__, addr, state); 1119 1120 if (addr > 127) 1121 return -EINVAL; 1122 1123 switch (state) { 1124 case USB_STATE_DEFAULT: 1125 case USB_STATE_ADDRESS: 1126 /* Issue Address device command */ 1127 ret = bdc_address_device(bdc, addr); 1128 if (ret) 1129 return ret; 1130 1131 if (addr) 1132 usb_gadget_set_state(&bdc->gadget, USB_STATE_ADDRESS); 1133 else 1134 usb_gadget_set_state(&bdc->gadget, USB_STATE_DEFAULT); 1135 1136 bdc->dev_addr = addr; 1137 break; 1138 default: 1139 dev_warn(bdc->dev, 1140 "SET Address in wrong device state %d\n", 1141 state); 1142 ret = -EINVAL; 1143 } 1144 1145 return ret; 1146 } 1147 1148 /* Handler for SET/CLEAR FEATURE requests for device */ 1149 static int ep0_handle_feature_dev(struct bdc *bdc, u16 wValue, 1150 u16 wIndex, bool set) 1151 { 1152 enum usb_device_state state = bdc->gadget.state; 1153 u32 usppms = 0; 1154 1155 dev_dbg(bdc->dev, "%s set:%d dev state:%d\n", 1156 __func__, set, state); 1157 switch (wValue) { 1158 case USB_DEVICE_REMOTE_WAKEUP: 1159 dev_dbg(bdc->dev, "USB_DEVICE_REMOTE_WAKEUP\n"); 1160 if (set) 1161 bdc->devstatus |= REMOTE_WAKE_ENABLE; 1162 else 1163 bdc->devstatus &= ~REMOTE_WAKE_ENABLE; 1164 break; 1165 1166 case USB_DEVICE_TEST_MODE: 1167 dev_dbg(bdc->dev, "USB_DEVICE_TEST_MODE\n"); 1168 if ((wIndex & 0xFF) || 1169 (bdc->gadget.speed != USB_SPEED_HIGH) || !set) 1170 return -EINVAL; 1171 1172 bdc->test_mode = wIndex >> 8; 1173 break; 1174 1175 case USB_DEVICE_U1_ENABLE: 1176 dev_dbg(bdc->dev, "USB_DEVICE_U1_ENABLE\n"); 1177 1178 if (bdc->gadget.speed != USB_SPEED_SUPER || 1179 state != USB_STATE_CONFIGURED) 1180 return -EINVAL; 1181 1182 usppms = bdc_readl(bdc->regs, BDC_USPPMS); 1183 if (set) { 1184 /* clear previous u1t */ 1185 usppms &= ~BDC_U1T(BDC_U1T_MASK); 1186 usppms |= BDC_U1T(U1_TIMEOUT); 1187 usppms |= BDC_U1E | BDC_PORT_W1S; 1188 bdc->devstatus |= (1 << USB_DEV_STAT_U1_ENABLED); 1189 } else { 1190 usppms &= ~BDC_U1E; 1191 usppms |= BDC_PORT_W1S; 1192 bdc->devstatus &= ~(1 << USB_DEV_STAT_U1_ENABLED); 1193 } 1194 bdc_writel(bdc->regs, BDC_USPPMS, usppms); 1195 break; 1196 1197 case USB_DEVICE_U2_ENABLE: 1198 dev_dbg(bdc->dev, "USB_DEVICE_U2_ENABLE\n"); 1199 1200 if (bdc->gadget.speed != USB_SPEED_SUPER || 1201 state != USB_STATE_CONFIGURED) 1202 return -EINVAL; 1203 1204 usppms = bdc_readl(bdc->regs, BDC_USPPMS); 1205 if (set) { 1206 usppms |= BDC_U2E; 1207 usppms |= BDC_U2A; 1208 bdc->devstatus |= (1 << USB_DEV_STAT_U2_ENABLED); 1209 } else { 1210 usppms &= ~BDC_U2E; 1211 usppms &= ~BDC_U2A; 1212 bdc->devstatus &= ~(1 << USB_DEV_STAT_U2_ENABLED); 1213 } 1214 bdc_writel(bdc->regs, BDC_USPPMS, usppms); 1215 break; 1216 1217 case USB_DEVICE_LTM_ENABLE: 1218 dev_dbg(bdc->dev, "USB_DEVICE_LTM_ENABLE?\n"); 1219 if (bdc->gadget.speed != USB_SPEED_SUPER || 1220 state != USB_STATE_CONFIGURED) 1221 return -EINVAL; 1222 break; 1223 default: 1224 dev_err(bdc->dev, "Unknown wValue:%d\n", wValue); 1225 return -EOPNOTSUPP; 1226 } /* USB_RECIP_DEVICE end */ 1227 1228 return 0; 1229 } 1230 1231 /* SET/CLEAR FEATURE handler */ 1232 static int ep0_handle_feature(struct bdc *bdc, 1233 struct usb_ctrlrequest *setup_pkt, bool set) 1234 { 1235 enum usb_device_state state = bdc->gadget.state; 1236 struct bdc_ep *ep; 1237 u16 wValue; 1238 u16 wIndex; 1239 int epnum; 1240 1241 wValue = le16_to_cpu(setup_pkt->wValue); 1242 wIndex = le16_to_cpu(setup_pkt->wIndex); 1243 1244 dev_dbg(bdc->dev, 1245 "%s wValue=%d wIndex=%d devstate=%08x speed=%d set=%d", 1246 __func__, wValue, wIndex, state, 1247 bdc->gadget.speed, set); 1248 1249 switch (setup_pkt->bRequestType & USB_RECIP_MASK) { 1250 case USB_RECIP_DEVICE: 1251 return ep0_handle_feature_dev(bdc, wValue, wIndex, set); 1252 case USB_RECIP_INTERFACE: 1253 dev_dbg(bdc->dev, "USB_RECIP_INTERFACE\n"); 1254 /* USB3 spec, sec 9.4.9 */ 1255 if (wValue != USB_INTRF_FUNC_SUSPEND) 1256 return -EINVAL; 1257 /* USB3 spec, Table 9-8 */ 1258 if (set) { 1259 if (wIndex & USB_INTRF_FUNC_SUSPEND_RW) { 1260 dev_dbg(bdc->dev, "SET REMOTE_WAKEUP\n"); 1261 bdc->devstatus |= REMOTE_WAKE_ENABLE; 1262 } else { 1263 dev_dbg(bdc->dev, "CLEAR REMOTE_WAKEUP\n"); 1264 bdc->devstatus &= ~REMOTE_WAKE_ENABLE; 1265 } 1266 } 1267 break; 1268 1269 case USB_RECIP_ENDPOINT: 1270 dev_dbg(bdc->dev, "USB_RECIP_ENDPOINT\n"); 1271 if (wValue != USB_ENDPOINT_HALT) 1272 return -EINVAL; 1273 1274 epnum = wIndex & USB_ENDPOINT_NUMBER_MASK; 1275 if (epnum) { 1276 if ((wIndex & USB_ENDPOINT_DIR_MASK) == USB_DIR_IN) 1277 epnum = epnum * 2 + 1; 1278 else 1279 epnum *= 2; 1280 } else { 1281 epnum = 1; /*EP0*/ 1282 } 1283 /* 1284 * If CLEAR_FEATURE on ep0 then don't do anything as the stall 1285 * condition on ep0 has already been cleared when SETUP packet 1286 * was received. 1287 */ 1288 if (epnum == 1 && !set) { 1289 dev_dbg(bdc->dev, "ep0 stall already cleared\n"); 1290 return 0; 1291 } 1292 dev_dbg(bdc->dev, "epnum=%d\n", epnum); 1293 ep = bdc->bdc_ep_array[epnum]; 1294 if (!ep) 1295 return -EINVAL; 1296 1297 return ep_set_halt(ep, set); 1298 default: 1299 dev_err(bdc->dev, "Unknown recipient\n"); 1300 return -EINVAL; 1301 } 1302 1303 return 0; 1304 } 1305 1306 /* GET_STATUS request handler */ 1307 static int ep0_handle_status(struct bdc *bdc, 1308 struct usb_ctrlrequest *setup_pkt) 1309 { 1310 enum usb_device_state state = bdc->gadget.state; 1311 struct bdc_ep *ep; 1312 u16 usb_status = 0; 1313 u32 epnum; 1314 u16 wIndex; 1315 1316 /* USB2.0 spec sec 9.4.5 */ 1317 if (state == USB_STATE_DEFAULT) 1318 return -EINVAL; 1319 wIndex = le16_to_cpu(setup_pkt->wIndex); 1320 dev_dbg(bdc->dev, "%s\n", __func__); 1321 usb_status = bdc->devstatus; 1322 switch (setup_pkt->bRequestType & USB_RECIP_MASK) { 1323 case USB_RECIP_DEVICE: 1324 dev_dbg(bdc->dev, 1325 "USB_RECIP_DEVICE devstatus:%08x\n", 1326 bdc->devstatus); 1327 /* USB3 spec, sec 9.4.5 */ 1328 if (bdc->gadget.speed == USB_SPEED_SUPER) 1329 usb_status &= ~REMOTE_WAKE_ENABLE; 1330 break; 1331 1332 case USB_RECIP_INTERFACE: 1333 dev_dbg(bdc->dev, "USB_RECIP_INTERFACE\n"); 1334 if (bdc->gadget.speed == USB_SPEED_SUPER) { 1335 /* 1336 * This should come from func for Func remote wkup 1337 * usb_status |=1; 1338 */ 1339 if (bdc->devstatus & REMOTE_WAKE_ENABLE) 1340 usb_status |= REMOTE_WAKE_ENABLE; 1341 } else { 1342 usb_status = 0; 1343 } 1344 1345 break; 1346 1347 case USB_RECIP_ENDPOINT: 1348 dev_dbg(bdc->dev, "USB_RECIP_ENDPOINT\n"); 1349 epnum = wIndex & USB_ENDPOINT_NUMBER_MASK; 1350 if (epnum) { 1351 if ((wIndex & USB_ENDPOINT_DIR_MASK) == USB_DIR_IN) 1352 epnum = epnum*2 + 1; 1353 else 1354 epnum *= 2; 1355 } else { 1356 epnum = 1; /* EP0 */ 1357 } 1358 1359 ep = bdc->bdc_ep_array[epnum]; 1360 if (!ep) { 1361 dev_err(bdc->dev, "ISSUE, GET_STATUS for invalid EP ?"); 1362 return -EINVAL; 1363 } 1364 if (ep->flags & BDC_EP_STALL) 1365 usb_status |= 1 << USB_ENDPOINT_HALT; 1366 1367 break; 1368 default: 1369 dev_err(bdc->dev, "Unknown recipient for get_status\n"); 1370 return -EINVAL; 1371 } 1372 /* prepare a data stage for GET_STATUS */ 1373 dev_dbg(bdc->dev, "usb_status=%08x\n", usb_status); 1374 *(__le16 *)bdc->ep0_response_buff = cpu_to_le16(usb_status); 1375 bdc->ep0_req.usb_req.length = 2; 1376 bdc->ep0_req.usb_req.buf = &bdc->ep0_response_buff; 1377 ep0_queue_data_stage(bdc); 1378 1379 return 0; 1380 } 1381 1382 static void ep0_set_sel_cmpl(struct usb_ep *_ep, struct usb_request *_req) 1383 { 1384 /* ep0_set_sel_cmpl */ 1385 } 1386 1387 /* Queue data stage to handle 6 byte SET_SEL request */ 1388 static int ep0_set_sel(struct bdc *bdc, 1389 struct usb_ctrlrequest *setup_pkt) 1390 { 1391 struct bdc_ep *ep; 1392 u16 wLength; 1393 u16 wValue; 1394 1395 dev_dbg(bdc->dev, "%s\n", __func__); 1396 wValue = le16_to_cpu(setup_pkt->wValue); 1397 wLength = le16_to_cpu(setup_pkt->wLength); 1398 if (unlikely(wLength != 6)) { 1399 dev_err(bdc->dev, "%s Wrong wLength:%d\n", __func__, wLength); 1400 return -EINVAL; 1401 } 1402 ep = bdc->bdc_ep_array[1]; 1403 bdc->ep0_req.ep = ep; 1404 bdc->ep0_req.usb_req.length = 6; 1405 bdc->ep0_req.usb_req.buf = bdc->ep0_response_buff; 1406 bdc->ep0_req.usb_req.complete = ep0_set_sel_cmpl; 1407 ep0_queue_data_stage(bdc); 1408 1409 return 0; 1410 } 1411 1412 /* 1413 * Queue a 0 byte bd only if wLength is more than the length and and length is 1414 * a multiple of MaxPacket then queue 0 byte BD 1415 */ 1416 static int ep0_queue_zlp(struct bdc *bdc) 1417 { 1418 int ret; 1419 1420 dev_dbg(bdc->dev, "%s\n", __func__); 1421 bdc->ep0_req.ep = bdc->bdc_ep_array[1]; 1422 bdc->ep0_req.usb_req.length = 0; 1423 bdc->ep0_req.usb_req.complete = NULL; 1424 bdc->ep0_state = WAIT_FOR_DATA_START; 1425 ret = bdc_queue_xfr(bdc, &bdc->ep0_req); 1426 if (ret) { 1427 dev_err(bdc->dev, "err queueing zlp :%d\n", ret); 1428 return ret; 1429 } 1430 bdc->ep0_state = WAIT_FOR_DATA_XMIT; 1431 1432 return 0; 1433 } 1434 1435 /* Control request handler */ 1436 static int handle_control_request(struct bdc *bdc) 1437 { 1438 enum usb_device_state state = bdc->gadget.state; 1439 struct usb_ctrlrequest *setup_pkt; 1440 int delegate_setup = 0; 1441 int ret = 0; 1442 int config = 0; 1443 1444 setup_pkt = &bdc->setup_pkt; 1445 dev_dbg(bdc->dev, "%s\n", __func__); 1446 if ((setup_pkt->bRequestType & USB_TYPE_MASK) == USB_TYPE_STANDARD) { 1447 switch (setup_pkt->bRequest) { 1448 case USB_REQ_SET_ADDRESS: 1449 dev_dbg(bdc->dev, "USB_REQ_SET_ADDRESS\n"); 1450 ret = ep0_set_address(bdc, setup_pkt); 1451 bdc->devstatus &= DEVSTATUS_CLEAR; 1452 break; 1453 1454 case USB_REQ_SET_CONFIGURATION: 1455 dev_dbg(bdc->dev, "USB_REQ_SET_CONFIGURATION\n"); 1456 if (state == USB_STATE_ADDRESS) { 1457 usb_gadget_set_state(&bdc->gadget, 1458 USB_STATE_CONFIGURED); 1459 } else if (state == USB_STATE_CONFIGURED) { 1460 /* 1461 * USB2 spec sec 9.4.7, if wValue is 0 then dev 1462 * is moved to addressed state 1463 */ 1464 config = le16_to_cpu(setup_pkt->wValue); 1465 if (!config) 1466 usb_gadget_set_state( 1467 &bdc->gadget, 1468 USB_STATE_ADDRESS); 1469 } 1470 delegate_setup = 1; 1471 break; 1472 1473 case USB_REQ_SET_FEATURE: 1474 dev_dbg(bdc->dev, "USB_REQ_SET_FEATURE\n"); 1475 ret = ep0_handle_feature(bdc, setup_pkt, 1); 1476 break; 1477 1478 case USB_REQ_CLEAR_FEATURE: 1479 dev_dbg(bdc->dev, "USB_REQ_CLEAR_FEATURE\n"); 1480 ret = ep0_handle_feature(bdc, setup_pkt, 0); 1481 break; 1482 1483 case USB_REQ_GET_STATUS: 1484 dev_dbg(bdc->dev, "USB_REQ_GET_STATUS\n"); 1485 ret = ep0_handle_status(bdc, setup_pkt); 1486 break; 1487 1488 case USB_REQ_SET_SEL: 1489 dev_dbg(bdc->dev, "USB_REQ_SET_SEL\n"); 1490 ret = ep0_set_sel(bdc, setup_pkt); 1491 break; 1492 1493 case USB_REQ_SET_ISOCH_DELAY: 1494 dev_warn(bdc->dev, 1495 "USB_REQ_SET_ISOCH_DELAY not handled\n"); 1496 ret = 0; 1497 break; 1498 default: 1499 delegate_setup = 1; 1500 } 1501 } else { 1502 delegate_setup = 1; 1503 } 1504 1505 if (delegate_setup) { 1506 spin_unlock(&bdc->lock); 1507 ret = bdc->gadget_driver->setup(&bdc->gadget, setup_pkt); 1508 spin_lock(&bdc->lock); 1509 } 1510 1511 return ret; 1512 } 1513 1514 /* EP0: Data stage started */ 1515 void bdc_xsf_ep0_data_start(struct bdc *bdc, struct bdc_sr *sreport) 1516 { 1517 struct bdc_ep *ep; 1518 int ret = 0; 1519 1520 dev_dbg(bdc->dev, "%s\n", __func__); 1521 ep = bdc->bdc_ep_array[1]; 1522 /* If ep0 was stalled, the clear it first */ 1523 if (ep->flags & BDC_EP_STALL) { 1524 ret = ep_set_halt(ep, 0); 1525 if (ret) 1526 goto err; 1527 } 1528 if (bdc->ep0_state != WAIT_FOR_DATA_START) 1529 dev_warn(bdc->dev, 1530 "Data stage not expected ep0_state:%s\n", 1531 ep0_state_string[bdc->ep0_state]); 1532 1533 ret = handle_control_request(bdc); 1534 if (ret == USB_GADGET_DELAYED_STATUS) { 1535 /* 1536 * The ep0 state will remain WAIT_FOR_DATA_START till 1537 * we received ep_queue on ep0 1538 */ 1539 bdc->delayed_status = true; 1540 return; 1541 } 1542 if (!ret) { 1543 bdc->ep0_state = WAIT_FOR_DATA_XMIT; 1544 dev_dbg(bdc->dev, 1545 "ep0_state:%s", ep0_state_string[bdc->ep0_state]); 1546 return; 1547 } 1548 err: 1549 ep0_stall(bdc); 1550 } 1551 1552 /* EP0: status stage started */ 1553 void bdc_xsf_ep0_status_start(struct bdc *bdc, struct bdc_sr *sreport) 1554 { 1555 struct usb_ctrlrequest *setup_pkt; 1556 struct bdc_ep *ep; 1557 int ret = 0; 1558 1559 dev_dbg(bdc->dev, 1560 "%s ep0_state:%s", 1561 __func__, ep0_state_string[bdc->ep0_state]); 1562 ep = bdc->bdc_ep_array[1]; 1563 1564 /* check if ZLP was queued? */ 1565 if (bdc->zlp_needed) 1566 bdc->zlp_needed = false; 1567 1568 if (ep->flags & BDC_EP_STALL) { 1569 ret = ep_set_halt(ep, 0); 1570 if (ret) 1571 goto err; 1572 } 1573 1574 if ((bdc->ep0_state != WAIT_FOR_STATUS_START) && 1575 (bdc->ep0_state != WAIT_FOR_DATA_XMIT)) 1576 dev_err(bdc->dev, 1577 "Status stage recv but ep0_state:%s\n", 1578 ep0_state_string[bdc->ep0_state]); 1579 1580 /* check if data stage is in progress ? */ 1581 if (bdc->ep0_state == WAIT_FOR_DATA_XMIT) { 1582 bdc->ep0_state = STATUS_PENDING; 1583 /* Status stage will be queued upon Data stage transmit event */ 1584 dev_dbg(bdc->dev, 1585 "status started but data not transmitted yet\n"); 1586 return; 1587 } 1588 setup_pkt = &bdc->setup_pkt; 1589 1590 /* 1591 * 2 stage setup then only process the setup, for 3 stage setup the date 1592 * stage is already handled 1593 */ 1594 if (!le16_to_cpu(setup_pkt->wLength)) { 1595 ret = handle_control_request(bdc); 1596 if (ret == USB_GADGET_DELAYED_STATUS) { 1597 bdc->delayed_status = true; 1598 /* ep0_state will remain WAIT_FOR_STATUS_START */ 1599 return; 1600 } 1601 } 1602 if (!ret) { 1603 /* Queue a status stage BD */ 1604 ep0_queue_status_stage(bdc); 1605 bdc->ep0_state = WAIT_FOR_STATUS_XMIT; 1606 dev_dbg(bdc->dev, 1607 "ep0_state:%s", ep0_state_string[bdc->ep0_state]); 1608 return; 1609 } 1610 err: 1611 ep0_stall(bdc); 1612 } 1613 1614 /* Helper function to update ep0 upon SR with xsf_succ or xsf_short */ 1615 static void ep0_xsf_complete(struct bdc *bdc, struct bdc_sr *sreport) 1616 { 1617 dev_dbg(bdc->dev, "%s\n", __func__); 1618 switch (bdc->ep0_state) { 1619 case WAIT_FOR_DATA_XMIT: 1620 bdc->ep0_state = WAIT_FOR_STATUS_START; 1621 break; 1622 case WAIT_FOR_STATUS_XMIT: 1623 bdc->ep0_state = WAIT_FOR_SETUP; 1624 if (bdc->test_mode) { 1625 int ret; 1626 1627 dev_dbg(bdc->dev, "test_mode:%d\n", bdc->test_mode); 1628 ret = bdc_set_test_mode(bdc); 1629 if (ret < 0) { 1630 dev_err(bdc->dev, "Err in setting Test mode\n"); 1631 return; 1632 } 1633 bdc->test_mode = 0; 1634 } 1635 break; 1636 case STATUS_PENDING: 1637 bdc_xsf_ep0_status_start(bdc, sreport); 1638 break; 1639 1640 default: 1641 dev_err(bdc->dev, 1642 "Unknown ep0_state:%s\n", 1643 ep0_state_string[bdc->ep0_state]); 1644 1645 } 1646 } 1647 1648 /* xfr completion status report handler */ 1649 void bdc_sr_xsf(struct bdc *bdc, struct bdc_sr *sreport) 1650 { 1651 struct bdc_ep *ep; 1652 u32 sr_status; 1653 u8 ep_num; 1654 1655 ep_num = (le32_to_cpu(sreport->offset[3])>>4) & 0x1f; 1656 ep = bdc->bdc_ep_array[ep_num]; 1657 if (!ep || !(ep->flags & BDC_EP_ENABLED)) { 1658 dev_err(bdc->dev, "xsf for ep not enabled\n"); 1659 return; 1660 } 1661 /* 1662 * check if this transfer is after link went from U3->U0 due 1663 * to remote wakeup 1664 */ 1665 if (bdc->devstatus & FUNC_WAKE_ISSUED) { 1666 bdc->devstatus &= ~(FUNC_WAKE_ISSUED); 1667 dev_dbg(bdc->dev, "%s clearing FUNC_WAKE_ISSUED flag\n", 1668 __func__); 1669 } 1670 sr_status = XSF_STS(le32_to_cpu(sreport->offset[3])); 1671 dev_dbg_ratelimited(bdc->dev, "%s sr_status=%d ep:%s\n", 1672 __func__, sr_status, ep->name); 1673 1674 switch (sr_status) { 1675 case XSF_SUCC: 1676 case XSF_SHORT: 1677 handle_xsr_succ_status(bdc, ep, sreport); 1678 if (ep_num == 1) 1679 ep0_xsf_complete(bdc, sreport); 1680 break; 1681 1682 case XSF_SETUP_RECV: 1683 case XSF_DATA_START: 1684 case XSF_STATUS_START: 1685 if (ep_num != 1) { 1686 dev_err(bdc->dev, 1687 "ep0 related packets on non ep0 endpoint"); 1688 return; 1689 } 1690 bdc->sr_xsf_ep0[sr_status - XSF_SETUP_RECV](bdc, sreport); 1691 break; 1692 1693 case XSF_BABB: 1694 if (ep_num == 1) { 1695 dev_dbg(bdc->dev, "Babble on ep0 zlp_need:%d\n", 1696 bdc->zlp_needed); 1697 /* 1698 * If the last completed transfer had wLength >Data Len, 1699 * and Len is multiple of MaxPacket,then queue ZLP 1700 */ 1701 if (bdc->zlp_needed) { 1702 /* queue 0 length bd */ 1703 ep0_queue_zlp(bdc); 1704 return; 1705 } 1706 } 1707 dev_warn(bdc->dev, "Babble on ep not handled\n"); 1708 break; 1709 default: 1710 dev_warn(bdc->dev, "sr status not handled:%x\n", sr_status); 1711 break; 1712 } 1713 } 1714 1715 static int bdc_gadget_ep_queue(struct usb_ep *_ep, 1716 struct usb_request *_req, gfp_t gfp_flags) 1717 { 1718 struct bdc_req *req; 1719 unsigned long flags; 1720 struct bdc_ep *ep; 1721 struct bdc *bdc; 1722 int ret; 1723 1724 if (!_ep || !_ep->desc) 1725 return -ESHUTDOWN; 1726 1727 if (!_req || !_req->complete || !_req->buf) 1728 return -EINVAL; 1729 1730 ep = to_bdc_ep(_ep); 1731 req = to_bdc_req(_req); 1732 bdc = ep->bdc; 1733 dev_dbg(bdc->dev, "%s ep:%p req:%p\n", __func__, ep, req); 1734 dev_dbg(bdc->dev, "queuing request %p to %s length %d zero:%d\n", 1735 _req, ep->name, _req->length, _req->zero); 1736 1737 if (!ep->usb_ep.desc) { 1738 dev_warn(bdc->dev, 1739 "trying to queue req %p to disabled %s\n", 1740 _req, ep->name); 1741 return -ESHUTDOWN; 1742 } 1743 1744 if (_req->length > MAX_XFR_LEN) { 1745 dev_warn(bdc->dev, 1746 "req length > supported MAX:%d requested:%d\n", 1747 MAX_XFR_LEN, _req->length); 1748 return -EOPNOTSUPP; 1749 } 1750 spin_lock_irqsave(&bdc->lock, flags); 1751 if (ep == bdc->bdc_ep_array[1]) 1752 ret = ep0_queue(ep, req); 1753 else 1754 ret = ep_queue(ep, req); 1755 1756 spin_unlock_irqrestore(&bdc->lock, flags); 1757 1758 return ret; 1759 } 1760 1761 static int bdc_gadget_ep_dequeue(struct usb_ep *_ep, 1762 struct usb_request *_req) 1763 { 1764 struct bdc_req *req; 1765 unsigned long flags; 1766 struct bdc_ep *ep; 1767 struct bdc *bdc; 1768 int ret; 1769 1770 if (!_ep || !_req) 1771 return -EINVAL; 1772 1773 ep = to_bdc_ep(_ep); 1774 req = to_bdc_req(_req); 1775 bdc = ep->bdc; 1776 dev_dbg(bdc->dev, "%s ep:%s req:%p\n", __func__, ep->name, req); 1777 bdc_dbg_bd_list(bdc, ep); 1778 spin_lock_irqsave(&bdc->lock, flags); 1779 /* make sure it's still queued on this endpoint */ 1780 list_for_each_entry(req, &ep->queue, queue) { 1781 if (&req->usb_req == _req) 1782 break; 1783 } 1784 if (&req->usb_req != _req) { 1785 spin_unlock_irqrestore(&bdc->lock, flags); 1786 dev_err(bdc->dev, "usb_req !=req n"); 1787 return -EINVAL; 1788 } 1789 ret = ep_dequeue(ep, req); 1790 if (ret) { 1791 ret = -EOPNOTSUPP; 1792 goto err; 1793 } 1794 bdc_req_complete(ep, req, -ECONNRESET); 1795 1796 err: 1797 bdc_dbg_bd_list(bdc, ep); 1798 spin_unlock_irqrestore(&bdc->lock, flags); 1799 1800 return ret; 1801 } 1802 1803 static int bdc_gadget_ep_set_halt(struct usb_ep *_ep, int value) 1804 { 1805 unsigned long flags; 1806 struct bdc_ep *ep; 1807 struct bdc *bdc; 1808 int ret; 1809 1810 ep = to_bdc_ep(_ep); 1811 bdc = ep->bdc; 1812 dev_dbg(bdc->dev, "%s ep:%s value=%d\n", __func__, ep->name, value); 1813 spin_lock_irqsave(&bdc->lock, flags); 1814 if (usb_endpoint_xfer_isoc(ep->usb_ep.desc)) 1815 ret = -EINVAL; 1816 else if (!list_empty(&ep->queue)) 1817 ret = -EAGAIN; 1818 else 1819 ret = ep_set_halt(ep, value); 1820 1821 spin_unlock_irqrestore(&bdc->lock, flags); 1822 1823 return ret; 1824 } 1825 1826 static struct usb_request *bdc_gadget_alloc_request(struct usb_ep *_ep, 1827 gfp_t gfp_flags) 1828 { 1829 struct bdc_req *req; 1830 struct bdc_ep *ep; 1831 1832 req = kzalloc(sizeof(*req), gfp_flags); 1833 if (!req) 1834 return NULL; 1835 1836 ep = to_bdc_ep(_ep); 1837 req->ep = ep; 1838 req->epnum = ep->ep_num; 1839 req->usb_req.dma = DMA_ADDR_INVALID; 1840 dev_dbg(ep->bdc->dev, "%s ep:%s req:%p\n", __func__, ep->name, req); 1841 1842 return &req->usb_req; 1843 } 1844 1845 static void bdc_gadget_free_request(struct usb_ep *_ep, 1846 struct usb_request *_req) 1847 { 1848 struct bdc_req *req; 1849 1850 req = to_bdc_req(_req); 1851 kfree(req); 1852 } 1853 1854 /* endpoint operations */ 1855 1856 /* configure endpoint and also allocate resources */ 1857 static int bdc_gadget_ep_enable(struct usb_ep *_ep, 1858 const struct usb_endpoint_descriptor *desc) 1859 { 1860 unsigned long flags; 1861 struct bdc_ep *ep; 1862 struct bdc *bdc; 1863 int ret; 1864 1865 if (!_ep || !desc || desc->bDescriptorType != USB_DT_ENDPOINT) { 1866 pr_debug("bdc_gadget_ep_enable invalid parameters\n"); 1867 return -EINVAL; 1868 } 1869 1870 if (!desc->wMaxPacketSize) { 1871 pr_debug("bdc_gadget_ep_enable missing wMaxPacketSize\n"); 1872 return -EINVAL; 1873 } 1874 1875 ep = to_bdc_ep(_ep); 1876 bdc = ep->bdc; 1877 1878 /* Sanity check, upper layer will not send enable for ep0 */ 1879 if (ep == bdc->bdc_ep_array[1]) 1880 return -EINVAL; 1881 1882 if (!bdc->gadget_driver 1883 || bdc->gadget.speed == USB_SPEED_UNKNOWN) { 1884 return -ESHUTDOWN; 1885 } 1886 1887 dev_dbg(bdc->dev, "%s Enabling %s\n", __func__, ep->name); 1888 spin_lock_irqsave(&bdc->lock, flags); 1889 ep->desc = desc; 1890 ep->comp_desc = _ep->comp_desc; 1891 ret = bdc_ep_enable(ep); 1892 spin_unlock_irqrestore(&bdc->lock, flags); 1893 1894 return ret; 1895 } 1896 1897 static int bdc_gadget_ep_disable(struct usb_ep *_ep) 1898 { 1899 unsigned long flags; 1900 struct bdc_ep *ep; 1901 struct bdc *bdc; 1902 int ret; 1903 1904 if (!_ep) { 1905 pr_debug("bdc: invalid parameters\n"); 1906 return -EINVAL; 1907 } 1908 ep = to_bdc_ep(_ep); 1909 bdc = ep->bdc; 1910 1911 /* Upper layer will not call this for ep0, but do a sanity check */ 1912 if (ep == bdc->bdc_ep_array[1]) { 1913 dev_warn(bdc->dev, "%s called for ep0\n", __func__); 1914 return -EINVAL; 1915 } 1916 dev_dbg(bdc->dev, 1917 "%s() ep:%s ep->flags:%08x\n", 1918 __func__, ep->name, ep->flags); 1919 1920 if (!(ep->flags & BDC_EP_ENABLED)) { 1921 dev_warn(bdc->dev, "%s is already disabled\n", ep->name); 1922 return 0; 1923 } 1924 spin_lock_irqsave(&bdc->lock, flags); 1925 ret = bdc_ep_disable(ep); 1926 spin_unlock_irqrestore(&bdc->lock, flags); 1927 1928 return ret; 1929 } 1930 1931 static const struct usb_ep_ops bdc_gadget_ep_ops = { 1932 .enable = bdc_gadget_ep_enable, 1933 .disable = bdc_gadget_ep_disable, 1934 .alloc_request = bdc_gadget_alloc_request, 1935 .free_request = bdc_gadget_free_request, 1936 .queue = bdc_gadget_ep_queue, 1937 .dequeue = bdc_gadget_ep_dequeue, 1938 .set_halt = bdc_gadget_ep_set_halt 1939 }; 1940 1941 /* dir = 1 is IN */ 1942 static int init_ep(struct bdc *bdc, u32 epnum, u32 dir) 1943 { 1944 struct bdc_ep *ep; 1945 1946 dev_dbg(bdc->dev, "%s epnum=%d dir=%d\n", __func__, epnum, dir); 1947 ep = kzalloc(sizeof(*ep), GFP_KERNEL); 1948 if (!ep) 1949 return -ENOMEM; 1950 1951 ep->bdc = bdc; 1952 ep->dir = dir; 1953 1954 /* ep->ep_num is the index inside bdc_ep */ 1955 if (epnum == 1) { 1956 ep->ep_num = 1; 1957 bdc->bdc_ep_array[ep->ep_num] = ep; 1958 snprintf(ep->name, sizeof(ep->name), "ep%d", epnum - 1); 1959 usb_ep_set_maxpacket_limit(&ep->usb_ep, EP0_MAX_PKT_SIZE); 1960 ep->comp_desc = NULL; 1961 bdc->gadget.ep0 = &ep->usb_ep; 1962 } else { 1963 if (dir) 1964 ep->ep_num = epnum * 2 - 1; 1965 else 1966 ep->ep_num = epnum * 2 - 2; 1967 1968 bdc->bdc_ep_array[ep->ep_num] = ep; 1969 snprintf(ep->name, sizeof(ep->name), "ep%d%s", epnum - 1, 1970 dir & 1 ? "in" : "out"); 1971 1972 usb_ep_set_maxpacket_limit(&ep->usb_ep, 1024); 1973 ep->usb_ep.max_streams = 0; 1974 list_add_tail(&ep->usb_ep.ep_list, &bdc->gadget.ep_list); 1975 } 1976 ep->usb_ep.ops = &bdc_gadget_ep_ops; 1977 ep->usb_ep.name = ep->name; 1978 ep->flags = 0; 1979 ep->ignore_next_sr = false; 1980 dev_dbg(bdc->dev, "ep=%p ep->usb_ep.name=%s epnum=%d ep->epnum=%d\n", 1981 ep, ep->usb_ep.name, epnum, ep->ep_num); 1982 1983 INIT_LIST_HEAD(&ep->queue); 1984 1985 return 0; 1986 } 1987 1988 /* Init all ep */ 1989 int bdc_init_ep(struct bdc *bdc) 1990 { 1991 u8 epnum; 1992 int ret; 1993 1994 dev_dbg(bdc->dev, "%s()\n", __func__); 1995 INIT_LIST_HEAD(&bdc->gadget.ep_list); 1996 /* init ep0 */ 1997 ret = init_ep(bdc, 1, 0); 1998 if (ret) { 1999 dev_err(bdc->dev, "init ep ep0 fail %d\n", ret); 2000 return ret; 2001 } 2002 2003 for (epnum = 2; epnum <= bdc->num_eps / 2; epnum++) { 2004 /* OUT */ 2005 ret = init_ep(bdc, epnum, 0); 2006 if (ret) { 2007 dev_err(bdc->dev, 2008 "init ep failed for:%d error: %d\n", 2009 epnum, ret); 2010 return ret; 2011 } 2012 2013 /* IN */ 2014 ret = init_ep(bdc, epnum, 1); 2015 if (ret) { 2016 dev_err(bdc->dev, 2017 "init ep failed for:%d error: %d\n", 2018 epnum, ret); 2019 return ret; 2020 } 2021 } 2022 2023 return 0; 2024 } 2025