1 // SPDX-License-Identifier: GPL-2.0 2 /* 3 * mtu3_gadget_ep0.c - MediaTek USB3 DRD peripheral driver ep0 handling 4 * 5 * Copyright (c) 2016 MediaTek Inc. 6 * 7 * Author: Chunfeng.Yun <chunfeng.yun@mediatek.com> 8 */ 9 10 #include <linux/iopoll.h> 11 #include <linux/usb/composite.h> 12 13 #include "mtu3.h" 14 15 /* ep0 is always mtu3->in_eps[0] */ 16 #define next_ep0_request(mtu) next_request((mtu)->ep0) 17 18 /* for high speed test mode; see USB 2.0 spec 7.1.20 */ 19 static const u8 mtu3_test_packet[53] = { 20 /* implicit SYNC then DATA0 to start */ 21 22 /* JKJKJKJK x9 */ 23 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 24 /* JJKKJJKK x8 */ 25 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 26 /* JJJJKKKK x8 */ 27 0xee, 0xee, 0xee, 0xee, 0xee, 0xee, 0xee, 0xee, 28 /* JJJJJJJKKKKKKK x8 */ 29 0xfe, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 30 /* JJJJJJJK x8 */ 31 0x7f, 0xbf, 0xdf, 0xef, 0xf7, 0xfb, 0xfd, 32 /* JKKKKKKK x10, JK */ 33 0xfc, 0x7e, 0xbf, 0xdf, 0xef, 0xf7, 0xfb, 0xfd, 0x7e, 34 /* implicit CRC16 then EOP to end */ 35 }; 36 37 static char *decode_ep0_state(struct mtu3 *mtu) 38 { 39 switch (mtu->ep0_state) { 40 case MU3D_EP0_STATE_SETUP: 41 return "SETUP"; 42 case MU3D_EP0_STATE_TX: 43 return "IN"; 44 case MU3D_EP0_STATE_RX: 45 return "OUT"; 46 case MU3D_EP0_STATE_TX_END: 47 return "TX-END"; 48 case MU3D_EP0_STATE_STALL: 49 return "STALL"; 50 default: 51 return "??"; 52 } 53 } 54 55 static void ep0_req_giveback(struct mtu3 *mtu, struct usb_request *req) 56 { 57 mtu3_req_complete(mtu->ep0, req, 0); 58 } 59 60 static int 61 forward_to_driver(struct mtu3 *mtu, const struct usb_ctrlrequest *setup) 62 __releases(mtu->lock) 63 __acquires(mtu->lock) 64 { 65 int ret; 66 67 if (!mtu->gadget_driver) 68 return -EOPNOTSUPP; 69 70 spin_unlock(&mtu->lock); 71 ret = mtu->gadget_driver->setup(&mtu->g, setup); 72 spin_lock(&mtu->lock); 73 74 dev_dbg(mtu->dev, "%s ret %d\n", __func__, ret); 75 return ret; 76 } 77 78 static void ep0_write_fifo(struct mtu3_ep *mep, const u8 *src, u16 len) 79 { 80 void __iomem *fifo = mep->mtu->mac_base + U3D_FIFO0; 81 u16 index = 0; 82 83 dev_dbg(mep->mtu->dev, "%s: ep%din, len=%d, buf=%p\n", 84 __func__, mep->epnum, len, src); 85 86 if (len >= 4) { 87 iowrite32_rep(fifo, src, len >> 2); 88 index = len & ~0x03; 89 } 90 if (len & 0x02) { 91 writew(*(u16 *)&src[index], fifo); 92 index += 2; 93 } 94 if (len & 0x01) 95 writeb(src[index], fifo); 96 } 97 98 static void ep0_read_fifo(struct mtu3_ep *mep, u8 *dst, u16 len) 99 { 100 void __iomem *fifo = mep->mtu->mac_base + U3D_FIFO0; 101 u32 value; 102 u16 index = 0; 103 104 dev_dbg(mep->mtu->dev, "%s: ep%dout len=%d buf=%p\n", 105 __func__, mep->epnum, len, dst); 106 107 if (len >= 4) { 108 ioread32_rep(fifo, dst, len >> 2); 109 index = len & ~0x03; 110 } 111 if (len & 0x3) { 112 value = readl(fifo); 113 memcpy(&dst[index], &value, len & 0x3); 114 } 115 116 } 117 118 static void ep0_load_test_packet(struct mtu3 *mtu) 119 { 120 /* 121 * because the length of test packet is less than max packet of HS ep0, 122 * write it into fifo directly. 123 */ 124 ep0_write_fifo(mtu->ep0, mtu3_test_packet, sizeof(mtu3_test_packet)); 125 } 126 127 /* 128 * A. send STALL for setup transfer without data stage: 129 * set SENDSTALL and SETUPPKTRDY at the same time; 130 * B. send STALL for other cases: 131 * set SENDSTALL only. 132 */ 133 static void ep0_stall_set(struct mtu3_ep *mep0, bool set, u32 pktrdy) 134 { 135 struct mtu3 *mtu = mep0->mtu; 136 void __iomem *mbase = mtu->mac_base; 137 u32 csr; 138 139 /* EP0_SENTSTALL is W1C */ 140 csr = mtu3_readl(mbase, U3D_EP0CSR) & EP0_W1C_BITS; 141 if (set) 142 csr |= EP0_SENDSTALL | pktrdy; 143 else 144 csr = (csr & ~EP0_SENDSTALL) | EP0_SENTSTALL; 145 mtu3_writel(mtu->mac_base, U3D_EP0CSR, csr); 146 147 mtu->delayed_status = false; 148 mtu->ep0_state = MU3D_EP0_STATE_SETUP; 149 150 dev_dbg(mtu->dev, "ep0: %s STALL, ep0_state: %s\n", 151 set ? "SEND" : "CLEAR", decode_ep0_state(mtu)); 152 } 153 154 static int ep0_queue(struct mtu3_ep *mep0, struct mtu3_request *mreq); 155 156 static void ep0_dummy_complete(struct usb_ep *ep, struct usb_request *req) 157 {} 158 159 static void ep0_set_sel_complete(struct usb_ep *ep, struct usb_request *req) 160 { 161 struct mtu3_request *mreq; 162 struct mtu3 *mtu; 163 struct usb_set_sel_req sel; 164 165 memcpy(&sel, req->buf, sizeof(sel)); 166 167 mreq = to_mtu3_request(req); 168 mtu = mreq->mtu; 169 dev_dbg(mtu->dev, "u1sel:%d, u1pel:%d, u2sel:%d, u2pel:%d\n", 170 sel.u1_sel, sel.u1_pel, sel.u2_sel, sel.u2_pel); 171 } 172 173 /* queue data stage to handle 6 byte SET_SEL request */ 174 static int ep0_set_sel(struct mtu3 *mtu, struct usb_ctrlrequest *setup) 175 { 176 int ret; 177 u16 length = le16_to_cpu(setup->wLength); 178 179 if (unlikely(length != 6)) { 180 dev_err(mtu->dev, "%s wrong wLength:%d\n", 181 __func__, length); 182 return -EINVAL; 183 } 184 185 mtu->ep0_req.mep = mtu->ep0; 186 mtu->ep0_req.request.length = 6; 187 mtu->ep0_req.request.buf = mtu->setup_buf; 188 mtu->ep0_req.request.complete = ep0_set_sel_complete; 189 ret = ep0_queue(mtu->ep0, &mtu->ep0_req); 190 191 return ret < 0 ? ret : 1; 192 } 193 194 static int 195 ep0_get_status(struct mtu3 *mtu, const struct usb_ctrlrequest *setup) 196 { 197 struct mtu3_ep *mep = NULL; 198 int handled = 1; 199 u8 result[2] = {0, 0}; 200 u8 epnum = 0; 201 int is_in; 202 203 switch (setup->bRequestType & USB_RECIP_MASK) { 204 case USB_RECIP_DEVICE: 205 result[0] = mtu->is_self_powered << USB_DEVICE_SELF_POWERED; 206 result[0] |= mtu->may_wakeup << USB_DEVICE_REMOTE_WAKEUP; 207 208 if (mtu->g.speed >= USB_SPEED_SUPER) { 209 result[0] |= mtu->u1_enable << USB_DEV_STAT_U1_ENABLED; 210 result[0] |= mtu->u2_enable << USB_DEV_STAT_U2_ENABLED; 211 } 212 213 dev_dbg(mtu->dev, "%s result=%x, U1=%x, U2=%x\n", __func__, 214 result[0], mtu->u1_enable, mtu->u2_enable); 215 216 break; 217 case USB_RECIP_INTERFACE: 218 break; 219 case USB_RECIP_ENDPOINT: 220 epnum = (u8) le16_to_cpu(setup->wIndex); 221 is_in = epnum & USB_DIR_IN; 222 epnum &= USB_ENDPOINT_NUMBER_MASK; 223 224 if (epnum >= mtu->num_eps) { 225 handled = -EINVAL; 226 break; 227 } 228 if (!epnum) 229 break; 230 231 mep = (is_in ? mtu->in_eps : mtu->out_eps) + epnum; 232 if (!mep->desc) { 233 handled = -EINVAL; 234 break; 235 } 236 if (mep->flags & MTU3_EP_STALL) 237 result[0] |= 1 << USB_ENDPOINT_HALT; 238 239 break; 240 default: 241 /* class, vendor, etc ... delegate */ 242 handled = 0; 243 break; 244 } 245 246 if (handled > 0) { 247 int ret; 248 249 /* prepare a data stage for GET_STATUS */ 250 dev_dbg(mtu->dev, "get_status=%x\n", *(u16 *)result); 251 memcpy(mtu->setup_buf, result, sizeof(result)); 252 mtu->ep0_req.mep = mtu->ep0; 253 mtu->ep0_req.request.length = 2; 254 mtu->ep0_req.request.buf = &mtu->setup_buf; 255 mtu->ep0_req.request.complete = ep0_dummy_complete; 256 ret = ep0_queue(mtu->ep0, &mtu->ep0_req); 257 if (ret < 0) 258 handled = ret; 259 } 260 return handled; 261 } 262 263 static int handle_test_mode(struct mtu3 *mtu, struct usb_ctrlrequest *setup) 264 { 265 void __iomem *mbase = mtu->mac_base; 266 int handled = 1; 267 u32 value; 268 269 switch (le16_to_cpu(setup->wIndex) >> 8) { 270 case TEST_J: 271 dev_dbg(mtu->dev, "TEST_J\n"); 272 mtu->test_mode_nr = TEST_J_MODE; 273 break; 274 case TEST_K: 275 dev_dbg(mtu->dev, "TEST_K\n"); 276 mtu->test_mode_nr = TEST_K_MODE; 277 break; 278 case TEST_SE0_NAK: 279 dev_dbg(mtu->dev, "TEST_SE0_NAK\n"); 280 mtu->test_mode_nr = TEST_SE0_NAK_MODE; 281 break; 282 case TEST_PACKET: 283 dev_dbg(mtu->dev, "TEST_PACKET\n"); 284 mtu->test_mode_nr = TEST_PACKET_MODE; 285 break; 286 default: 287 handled = -EINVAL; 288 goto out; 289 } 290 291 mtu->test_mode = true; 292 293 /* no TX completion interrupt, and need restart platform after test */ 294 if (mtu->test_mode_nr == TEST_PACKET_MODE) 295 ep0_load_test_packet(mtu); 296 297 /* send status before entering test mode. */ 298 value = mtu3_readl(mbase, U3D_EP0CSR) & EP0_W1C_BITS; 299 mtu3_writel(mbase, U3D_EP0CSR, value | EP0_SETUPPKTRDY | EP0_DATAEND); 300 301 /* wait for ACK status sent by host */ 302 readl_poll_timeout_atomic(mbase + U3D_EP0CSR, value, 303 !(value & EP0_DATAEND), 100, 5000); 304 305 mtu3_writel(mbase, U3D_USB2_TEST_MODE, mtu->test_mode_nr); 306 307 mtu->ep0_state = MU3D_EP0_STATE_SETUP; 308 309 out: 310 return handled; 311 } 312 313 static int ep0_handle_feature_dev(struct mtu3 *mtu, 314 struct usb_ctrlrequest *setup, bool set) 315 { 316 void __iomem *mbase = mtu->mac_base; 317 int handled = -EINVAL; 318 u32 lpc; 319 320 switch (le16_to_cpu(setup->wValue)) { 321 case USB_DEVICE_REMOTE_WAKEUP: 322 mtu->may_wakeup = !!set; 323 handled = 1; 324 break; 325 case USB_DEVICE_TEST_MODE: 326 if (!set || (mtu->g.speed != USB_SPEED_HIGH) || 327 (le16_to_cpu(setup->wIndex) & 0xff)) 328 break; 329 330 handled = handle_test_mode(mtu, setup); 331 break; 332 case USB_DEVICE_U1_ENABLE: 333 if (mtu->g.speed < USB_SPEED_SUPER || 334 mtu->g.state != USB_STATE_CONFIGURED) 335 break; 336 337 lpc = mtu3_readl(mbase, U3D_LINK_POWER_CONTROL); 338 if (set) 339 lpc |= SW_U1_ACCEPT_ENABLE; 340 else 341 lpc &= ~SW_U1_ACCEPT_ENABLE; 342 mtu3_writel(mbase, U3D_LINK_POWER_CONTROL, lpc); 343 344 mtu->u1_enable = !!set; 345 handled = 1; 346 break; 347 case USB_DEVICE_U2_ENABLE: 348 if (mtu->g.speed < USB_SPEED_SUPER || 349 mtu->g.state != USB_STATE_CONFIGURED) 350 break; 351 352 lpc = mtu3_readl(mbase, U3D_LINK_POWER_CONTROL); 353 if (set) 354 lpc |= SW_U2_ACCEPT_ENABLE; 355 else 356 lpc &= ~SW_U2_ACCEPT_ENABLE; 357 mtu3_writel(mbase, U3D_LINK_POWER_CONTROL, lpc); 358 359 mtu->u2_enable = !!set; 360 handled = 1; 361 break; 362 default: 363 handled = -EINVAL; 364 break; 365 } 366 return handled; 367 } 368 369 static int ep0_handle_feature(struct mtu3 *mtu, 370 struct usb_ctrlrequest *setup, bool set) 371 { 372 struct mtu3_ep *mep; 373 int handled = -EINVAL; 374 int is_in; 375 u16 value; 376 u16 index; 377 u8 epnum; 378 379 value = le16_to_cpu(setup->wValue); 380 index = le16_to_cpu(setup->wIndex); 381 382 switch (setup->bRequestType & USB_RECIP_MASK) { 383 case USB_RECIP_DEVICE: 384 handled = ep0_handle_feature_dev(mtu, setup, set); 385 break; 386 case USB_RECIP_INTERFACE: 387 /* superspeed only */ 388 if (value == USB_INTRF_FUNC_SUSPEND && 389 mtu->g.speed >= USB_SPEED_SUPER) { 390 /* 391 * forward the request because function drivers 392 * should handle it 393 */ 394 handled = 0; 395 } 396 break; 397 case USB_RECIP_ENDPOINT: 398 epnum = index & USB_ENDPOINT_NUMBER_MASK; 399 if (epnum == 0 || epnum >= mtu->num_eps || 400 value != USB_ENDPOINT_HALT) 401 break; 402 403 is_in = index & USB_DIR_IN; 404 mep = (is_in ? mtu->in_eps : mtu->out_eps) + epnum; 405 if (!mep->desc) 406 break; 407 408 handled = 1; 409 /* ignore request if endpoint is wedged */ 410 if (mep->wedged) 411 break; 412 413 mtu3_ep_stall_set(mep, set); 414 break; 415 default: 416 /* class, vendor, etc ... delegate */ 417 handled = 0; 418 break; 419 } 420 return handled; 421 } 422 423 /* 424 * handle all control requests can be handled 425 * returns: 426 * negative errno - error happened 427 * zero - need delegate SETUP to gadget driver 428 * positive - already handled 429 */ 430 static int handle_standard_request(struct mtu3 *mtu, 431 struct usb_ctrlrequest *setup) 432 { 433 void __iomem *mbase = mtu->mac_base; 434 enum usb_device_state state = mtu->g.state; 435 int handled = -EINVAL; 436 u32 dev_conf; 437 u16 value; 438 439 value = le16_to_cpu(setup->wValue); 440 441 /* the gadget driver handles everything except what we must handle */ 442 switch (setup->bRequest) { 443 case USB_REQ_SET_ADDRESS: 444 /* change it after the status stage */ 445 mtu->address = (u8) (value & 0x7f); 446 dev_dbg(mtu->dev, "set address to 0x%x\n", mtu->address); 447 448 dev_conf = mtu3_readl(mbase, U3D_DEVICE_CONF); 449 dev_conf &= ~DEV_ADDR_MSK; 450 dev_conf |= DEV_ADDR(mtu->address); 451 mtu3_writel(mbase, U3D_DEVICE_CONF, dev_conf); 452 453 if (mtu->address) 454 usb_gadget_set_state(&mtu->g, USB_STATE_ADDRESS); 455 else 456 usb_gadget_set_state(&mtu->g, USB_STATE_DEFAULT); 457 458 handled = 1; 459 break; 460 case USB_REQ_SET_CONFIGURATION: 461 if (state == USB_STATE_ADDRESS) { 462 usb_gadget_set_state(&mtu->g, 463 USB_STATE_CONFIGURED); 464 } else if (state == USB_STATE_CONFIGURED) { 465 /* 466 * USB2 spec sec 9.4.7, if wValue is 0 then dev 467 * is moved to addressed state 468 */ 469 if (!value) 470 usb_gadget_set_state(&mtu->g, 471 USB_STATE_ADDRESS); 472 } 473 handled = 0; 474 break; 475 case USB_REQ_CLEAR_FEATURE: 476 handled = ep0_handle_feature(mtu, setup, 0); 477 break; 478 case USB_REQ_SET_FEATURE: 479 handled = ep0_handle_feature(mtu, setup, 1); 480 break; 481 case USB_REQ_GET_STATUS: 482 handled = ep0_get_status(mtu, setup); 483 break; 484 case USB_REQ_SET_SEL: 485 handled = ep0_set_sel(mtu, setup); 486 break; 487 case USB_REQ_SET_ISOCH_DELAY: 488 handled = 1; 489 break; 490 default: 491 /* delegate SET_CONFIGURATION, etc */ 492 handled = 0; 493 } 494 495 return handled; 496 } 497 498 /* receive an data packet (OUT) */ 499 static void ep0_rx_state(struct mtu3 *mtu) 500 { 501 struct mtu3_request *mreq; 502 struct usb_request *req; 503 void __iomem *mbase = mtu->mac_base; 504 u32 maxp; 505 u32 csr; 506 u16 count = 0; 507 508 dev_dbg(mtu->dev, "%s\n", __func__); 509 510 csr = mtu3_readl(mbase, U3D_EP0CSR) & EP0_W1C_BITS; 511 mreq = next_ep0_request(mtu); 512 req = &mreq->request; 513 514 /* read packet and ack; or stall because of gadget driver bug */ 515 if (req) { 516 void *buf = req->buf + req->actual; 517 unsigned int len = req->length - req->actual; 518 519 /* read the buffer */ 520 count = mtu3_readl(mbase, U3D_RXCOUNT0); 521 if (count > len) { 522 req->status = -EOVERFLOW; 523 count = len; 524 } 525 ep0_read_fifo(mtu->ep0, buf, count); 526 req->actual += count; 527 csr |= EP0_RXPKTRDY; 528 529 maxp = mtu->g.ep0->maxpacket; 530 if (count < maxp || req->actual == req->length) { 531 mtu->ep0_state = MU3D_EP0_STATE_SETUP; 532 dev_dbg(mtu->dev, "ep0 state: %s\n", 533 decode_ep0_state(mtu)); 534 535 csr |= EP0_DATAEND; 536 } else { 537 req = NULL; 538 } 539 } else { 540 csr |= EP0_RXPKTRDY | EP0_SENDSTALL; 541 dev_dbg(mtu->dev, "%s: SENDSTALL\n", __func__); 542 } 543 544 mtu3_writel(mbase, U3D_EP0CSR, csr); 545 546 /* give back the request if have received all data */ 547 if (req) 548 ep0_req_giveback(mtu, req); 549 550 } 551 552 /* transmitting to the host (IN) */ 553 static void ep0_tx_state(struct mtu3 *mtu) 554 { 555 struct mtu3_request *mreq = next_ep0_request(mtu); 556 struct usb_request *req; 557 u32 csr; 558 u8 *src; 559 u32 count; 560 u32 maxp; 561 562 dev_dbg(mtu->dev, "%s\n", __func__); 563 564 if (!mreq) 565 return; 566 567 maxp = mtu->g.ep0->maxpacket; 568 req = &mreq->request; 569 570 /* load the data */ 571 src = (u8 *)req->buf + req->actual; 572 count = min(maxp, req->length - req->actual); 573 if (count) 574 ep0_write_fifo(mtu->ep0, src, count); 575 576 dev_dbg(mtu->dev, "%s act=%d, len=%d, cnt=%d, maxp=%d zero=%d\n", 577 __func__, req->actual, req->length, count, maxp, req->zero); 578 579 req->actual += count; 580 581 if ((count < maxp) 582 || ((req->actual == req->length) && !req->zero)) 583 mtu->ep0_state = MU3D_EP0_STATE_TX_END; 584 585 /* send it out, triggering a "txpktrdy cleared" irq */ 586 csr = mtu3_readl(mtu->mac_base, U3D_EP0CSR) & EP0_W1C_BITS; 587 mtu3_writel(mtu->mac_base, U3D_EP0CSR, csr | EP0_TXPKTRDY); 588 589 dev_dbg(mtu->dev, "%s ep0csr=0x%x\n", __func__, 590 mtu3_readl(mtu->mac_base, U3D_EP0CSR)); 591 } 592 593 static void ep0_read_setup(struct mtu3 *mtu, struct usb_ctrlrequest *setup) 594 { 595 struct mtu3_request *mreq; 596 u32 count; 597 u32 csr; 598 599 csr = mtu3_readl(mtu->mac_base, U3D_EP0CSR) & EP0_W1C_BITS; 600 count = mtu3_readl(mtu->mac_base, U3D_RXCOUNT0); 601 602 ep0_read_fifo(mtu->ep0, (u8 *)setup, count); 603 604 dev_dbg(mtu->dev, "SETUP req%02x.%02x v%04x i%04x l%04x\n", 605 setup->bRequestType, setup->bRequest, 606 le16_to_cpu(setup->wValue), le16_to_cpu(setup->wIndex), 607 le16_to_cpu(setup->wLength)); 608 609 /* clean up any leftover transfers */ 610 mreq = next_ep0_request(mtu); 611 if (mreq) 612 ep0_req_giveback(mtu, &mreq->request); 613 614 if (le16_to_cpu(setup->wLength) == 0) { 615 ; /* no data stage, nothing to do */ 616 } else if (setup->bRequestType & USB_DIR_IN) { 617 mtu3_writel(mtu->mac_base, U3D_EP0CSR, 618 csr | EP0_SETUPPKTRDY | EP0_DPHTX); 619 mtu->ep0_state = MU3D_EP0_STATE_TX; 620 } else { 621 mtu3_writel(mtu->mac_base, U3D_EP0CSR, 622 (csr | EP0_SETUPPKTRDY) & (~EP0_DPHTX)); 623 mtu->ep0_state = MU3D_EP0_STATE_RX; 624 } 625 } 626 627 static int ep0_handle_setup(struct mtu3 *mtu) 628 __releases(mtu->lock) 629 __acquires(mtu->lock) 630 { 631 struct usb_ctrlrequest setup; 632 struct mtu3_request *mreq; 633 void __iomem *mbase = mtu->mac_base; 634 int handled = 0; 635 636 ep0_read_setup(mtu, &setup); 637 638 if ((setup.bRequestType & USB_TYPE_MASK) == USB_TYPE_STANDARD) 639 handled = handle_standard_request(mtu, &setup); 640 641 dev_dbg(mtu->dev, "handled %d, ep0_state: %s\n", 642 handled, decode_ep0_state(mtu)); 643 644 if (handled < 0) 645 goto stall; 646 else if (handled > 0) 647 goto finish; 648 649 handled = forward_to_driver(mtu, &setup); 650 if (handled < 0) { 651 stall: 652 dev_dbg(mtu->dev, "%s stall (%d)\n", __func__, handled); 653 654 ep0_stall_set(mtu->ep0, true, 655 le16_to_cpu(setup.wLength) ? 0 : EP0_SETUPPKTRDY); 656 657 return 0; 658 } 659 660 finish: 661 if (mtu->test_mode) { 662 ; /* nothing to do */ 663 } else if (handled == USB_GADGET_DELAYED_STATUS) { 664 /* handle the delay STATUS phase till receive ep_queue on ep0 */ 665 mtu->delayed_status = true; 666 } else if (le16_to_cpu(setup.wLength) == 0) { /* no data stage */ 667 668 mtu3_writel(mbase, U3D_EP0CSR, 669 (mtu3_readl(mbase, U3D_EP0CSR) & EP0_W1C_BITS) 670 | EP0_SETUPPKTRDY | EP0_DATAEND); 671 672 /* complete zlp request directly */ 673 mreq = next_ep0_request(mtu); 674 if (mreq && !mreq->request.length) 675 ep0_req_giveback(mtu, &mreq->request); 676 } 677 678 return 0; 679 } 680 681 irqreturn_t mtu3_ep0_isr(struct mtu3 *mtu) 682 { 683 void __iomem *mbase = mtu->mac_base; 684 struct mtu3_request *mreq; 685 u32 int_status; 686 irqreturn_t ret = IRQ_NONE; 687 u32 csr; 688 u32 len; 689 690 int_status = mtu3_readl(mbase, U3D_EPISR); 691 int_status &= mtu3_readl(mbase, U3D_EPIER); 692 mtu3_writel(mbase, U3D_EPISR, int_status); /* W1C */ 693 694 /* only handle ep0's */ 695 if (!(int_status & EP0ISR)) 696 return IRQ_NONE; 697 698 csr = mtu3_readl(mbase, U3D_EP0CSR); 699 700 dev_dbg(mtu->dev, "%s csr=0x%x\n", __func__, csr); 701 702 /* we sent a stall.. need to clear it now.. */ 703 if (csr & EP0_SENTSTALL) { 704 ep0_stall_set(mtu->ep0, false, 0); 705 csr = mtu3_readl(mbase, U3D_EP0CSR); 706 ret = IRQ_HANDLED; 707 } 708 dev_dbg(mtu->dev, "ep0_state: %s\n", decode_ep0_state(mtu)); 709 710 switch (mtu->ep0_state) { 711 case MU3D_EP0_STATE_TX: 712 /* irq on clearing txpktrdy */ 713 if ((csr & EP0_FIFOFULL) == 0) { 714 ep0_tx_state(mtu); 715 ret = IRQ_HANDLED; 716 } 717 break; 718 case MU3D_EP0_STATE_RX: 719 /* irq on set rxpktrdy */ 720 if (csr & EP0_RXPKTRDY) { 721 ep0_rx_state(mtu); 722 ret = IRQ_HANDLED; 723 } 724 break; 725 case MU3D_EP0_STATE_TX_END: 726 mtu3_writel(mbase, U3D_EP0CSR, 727 (csr & EP0_W1C_BITS) | EP0_DATAEND); 728 729 mreq = next_ep0_request(mtu); 730 if (mreq) 731 ep0_req_giveback(mtu, &mreq->request); 732 733 mtu->ep0_state = MU3D_EP0_STATE_SETUP; 734 ret = IRQ_HANDLED; 735 dev_dbg(mtu->dev, "ep0_state: %s\n", decode_ep0_state(mtu)); 736 break; 737 case MU3D_EP0_STATE_SETUP: 738 if (!(csr & EP0_SETUPPKTRDY)) 739 break; 740 741 len = mtu3_readl(mbase, U3D_RXCOUNT0); 742 if (len != 8) { 743 dev_err(mtu->dev, "SETUP packet len %d != 8 ?\n", len); 744 break; 745 } 746 747 ep0_handle_setup(mtu); 748 ret = IRQ_HANDLED; 749 break; 750 default: 751 /* can't happen */ 752 ep0_stall_set(mtu->ep0, true, 0); 753 WARN_ON(1); 754 break; 755 } 756 757 return ret; 758 } 759 760 761 static int mtu3_ep0_enable(struct usb_ep *ep, 762 const struct usb_endpoint_descriptor *desc) 763 { 764 /* always enabled */ 765 return -EINVAL; 766 } 767 768 static int mtu3_ep0_disable(struct usb_ep *ep) 769 { 770 /* always enabled */ 771 return -EINVAL; 772 } 773 774 static int ep0_queue(struct mtu3_ep *mep, struct mtu3_request *mreq) 775 { 776 struct mtu3 *mtu = mep->mtu; 777 778 mreq->mtu = mtu; 779 mreq->request.actual = 0; 780 mreq->request.status = -EINPROGRESS; 781 782 dev_dbg(mtu->dev, "%s %s (ep0_state: %s), len#%d\n", __func__, 783 mep->name, decode_ep0_state(mtu), mreq->request.length); 784 785 switch (mtu->ep0_state) { 786 case MU3D_EP0_STATE_SETUP: 787 case MU3D_EP0_STATE_RX: /* control-OUT data */ 788 case MU3D_EP0_STATE_TX: /* control-IN data */ 789 break; 790 default: 791 dev_err(mtu->dev, "%s, error in ep0 state %s\n", __func__, 792 decode_ep0_state(mtu)); 793 return -EINVAL; 794 } 795 796 if (mtu->delayed_status) { 797 u32 csr; 798 799 mtu->delayed_status = false; 800 csr = mtu3_readl(mtu->mac_base, U3D_EP0CSR) & EP0_W1C_BITS; 801 csr |= EP0_SETUPPKTRDY | EP0_DATAEND; 802 mtu3_writel(mtu->mac_base, U3D_EP0CSR, csr); 803 /* needn't giveback the request for handling delay STATUS */ 804 return 0; 805 } 806 807 if (!list_empty(&mep->req_list)) 808 return -EBUSY; 809 810 list_add_tail(&mreq->list, &mep->req_list); 811 812 /* sequence #1, IN ... start writing the data */ 813 if (mtu->ep0_state == MU3D_EP0_STATE_TX) 814 ep0_tx_state(mtu); 815 816 return 0; 817 } 818 819 static int mtu3_ep0_queue(struct usb_ep *ep, 820 struct usb_request *req, gfp_t gfp) 821 { 822 struct mtu3_ep *mep; 823 struct mtu3_request *mreq; 824 struct mtu3 *mtu; 825 unsigned long flags; 826 int ret = 0; 827 828 if (!ep || !req) 829 return -EINVAL; 830 831 mep = to_mtu3_ep(ep); 832 mtu = mep->mtu; 833 mreq = to_mtu3_request(req); 834 835 spin_lock_irqsave(&mtu->lock, flags); 836 ret = ep0_queue(mep, mreq); 837 spin_unlock_irqrestore(&mtu->lock, flags); 838 return ret; 839 } 840 841 static int mtu3_ep0_dequeue(struct usb_ep *ep, struct usb_request *req) 842 { 843 /* we just won't support this */ 844 return -EINVAL; 845 } 846 847 static int mtu3_ep0_halt(struct usb_ep *ep, int value) 848 { 849 struct mtu3_ep *mep; 850 struct mtu3 *mtu; 851 unsigned long flags; 852 int ret = 0; 853 854 if (!ep || !value) 855 return -EINVAL; 856 857 mep = to_mtu3_ep(ep); 858 mtu = mep->mtu; 859 860 dev_dbg(mtu->dev, "%s\n", __func__); 861 862 spin_lock_irqsave(&mtu->lock, flags); 863 864 if (!list_empty(&mep->req_list)) { 865 ret = -EBUSY; 866 goto cleanup; 867 } 868 869 switch (mtu->ep0_state) { 870 /* 871 * stalls are usually issued after parsing SETUP packet, either 872 * directly in irq context from setup() or else later. 873 */ 874 case MU3D_EP0_STATE_TX: 875 case MU3D_EP0_STATE_TX_END: 876 case MU3D_EP0_STATE_RX: 877 case MU3D_EP0_STATE_SETUP: 878 ep0_stall_set(mtu->ep0, true, 0); 879 break; 880 default: 881 dev_dbg(mtu->dev, "ep0 can't halt in state %s\n", 882 decode_ep0_state(mtu)); 883 ret = -EINVAL; 884 } 885 886 cleanup: 887 spin_unlock_irqrestore(&mtu->lock, flags); 888 return ret; 889 } 890 891 const struct usb_ep_ops mtu3_ep0_ops = { 892 .enable = mtu3_ep0_enable, 893 .disable = mtu3_ep0_disable, 894 .alloc_request = mtu3_alloc_request, 895 .free_request = mtu3_free_request, 896 .queue = mtu3_ep0_queue, 897 .dequeue = mtu3_ep0_dequeue, 898 .set_halt = mtu3_ep0_halt, 899 }; 900