1 /* 2 * mtu3_gadget_ep0.c - MediaTek USB3 DRD peripheral driver ep0 handling 3 * 4 * Copyright (c) 2016 MediaTek Inc. 5 * 6 * Author: Chunfeng.Yun <chunfeng.yun@mediatek.com> 7 * 8 * This software is licensed under the terms of the GNU General Public 9 * License version 2, as published by the Free Software Foundation, and 10 * may be copied, distributed, and modified under those terms. 11 * 12 * This program is distributed in the hope that it will be useful, 13 * but WITHOUT ANY WARRANTY; without even the implied warranty of 14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 15 * GNU General Public License for more details. 16 * 17 */ 18 19 #include <linux/usb/composite.h> 20 21 #include "mtu3.h" 22 23 /* ep0 is always mtu3->in_eps[0] */ 24 #define next_ep0_request(mtu) next_request((mtu)->ep0) 25 26 /* for high speed test mode; see USB 2.0 spec 7.1.20 */ 27 static const u8 mtu3_test_packet[53] = { 28 /* implicit SYNC then DATA0 to start */ 29 30 /* JKJKJKJK x9 */ 31 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 32 /* JJKKJJKK x8 */ 33 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 34 /* JJJJKKKK x8 */ 35 0xee, 0xee, 0xee, 0xee, 0xee, 0xee, 0xee, 0xee, 36 /* JJJJJJJKKKKKKK x8 */ 37 0xfe, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 38 /* JJJJJJJK x8 */ 39 0x7f, 0xbf, 0xdf, 0xef, 0xf7, 0xfb, 0xfd, 40 /* JKKKKKKK x10, JK */ 41 0xfc, 0x7e, 0xbf, 0xdf, 0xef, 0xf7, 0xfb, 0xfd, 0x7e, 42 /* implicit CRC16 then EOP to end */ 43 }; 44 45 static char *decode_ep0_state(struct mtu3 *mtu) 46 { 47 switch (mtu->ep0_state) { 48 case MU3D_EP0_STATE_SETUP: 49 return "SETUP"; 50 case MU3D_EP0_STATE_TX: 51 return "IN"; 52 case MU3D_EP0_STATE_RX: 53 return "OUT"; 54 case MU3D_EP0_STATE_TX_END: 55 return "TX-END"; 56 case MU3D_EP0_STATE_STALL: 57 return "STALL"; 58 default: 59 return "??"; 60 } 61 } 62 63 static void ep0_req_giveback(struct mtu3 *mtu, struct usb_request *req) 64 { 65 mtu3_req_complete(mtu->ep0, req, 0); 66 } 67 68 static int 69 forward_to_driver(struct mtu3 *mtu, const struct usb_ctrlrequest *setup) 70 __releases(mtu->lock) 71 __acquires(mtu->lock) 72 { 73 int ret; 74 75 if (!mtu->gadget_driver) 76 return -EOPNOTSUPP; 77 78 spin_unlock(&mtu->lock); 79 ret = mtu->gadget_driver->setup(&mtu->g, setup); 80 spin_lock(&mtu->lock); 81 82 dev_dbg(mtu->dev, "%s ret %d\n", __func__, ret); 83 return ret; 84 } 85 86 static void ep0_write_fifo(struct mtu3_ep *mep, const u8 *src, u16 len) 87 { 88 void __iomem *fifo = mep->mtu->mac_base + U3D_FIFO0; 89 u16 index = 0; 90 91 dev_dbg(mep->mtu->dev, "%s: ep%din, len=%d, buf=%p\n", 92 __func__, mep->epnum, len, src); 93 94 if (len >= 4) { 95 iowrite32_rep(fifo, src, len >> 2); 96 index = len & ~0x03; 97 } 98 if (len & 0x02) { 99 writew(*(u16 *)&src[index], fifo); 100 index += 2; 101 } 102 if (len & 0x01) 103 writeb(src[index], fifo); 104 } 105 106 static void ep0_read_fifo(struct mtu3_ep *mep, u8 *dst, u16 len) 107 { 108 void __iomem *fifo = mep->mtu->mac_base + U3D_FIFO0; 109 u32 value; 110 u16 index = 0; 111 112 dev_dbg(mep->mtu->dev, "%s: ep%dout len=%d buf=%p\n", 113 __func__, mep->epnum, len, dst); 114 115 if (len >= 4) { 116 ioread32_rep(fifo, dst, len >> 2); 117 index = len & ~0x03; 118 } 119 if (len & 0x3) { 120 value = readl(fifo); 121 memcpy(&dst[index], &value, len & 0x3); 122 } 123 124 } 125 126 static void ep0_load_test_packet(struct mtu3 *mtu) 127 { 128 /* 129 * because the length of test packet is less than max packet of HS ep0, 130 * write it into fifo directly. 131 */ 132 ep0_write_fifo(mtu->ep0, mtu3_test_packet, sizeof(mtu3_test_packet)); 133 } 134 135 /* 136 * A. send STALL for setup transfer without data stage: 137 * set SENDSTALL and SETUPPKTRDY at the same time; 138 * B. send STALL for other cases: 139 * set SENDSTALL only. 140 */ 141 static void ep0_stall_set(struct mtu3_ep *mep0, bool set, u32 pktrdy) 142 { 143 struct mtu3 *mtu = mep0->mtu; 144 void __iomem *mbase = mtu->mac_base; 145 u32 csr; 146 147 /* EP0_SENTSTALL is W1C */ 148 csr = mtu3_readl(mbase, U3D_EP0CSR) & EP0_W1C_BITS; 149 if (set) 150 csr |= EP0_SENDSTALL | pktrdy; 151 else 152 csr = (csr & ~EP0_SENDSTALL) | EP0_SENTSTALL; 153 mtu3_writel(mtu->mac_base, U3D_EP0CSR, csr); 154 155 mtu->delayed_status = false; 156 mtu->ep0_state = MU3D_EP0_STATE_SETUP; 157 158 dev_dbg(mtu->dev, "ep0: %s STALL, ep0_state: %s\n", 159 set ? "SEND" : "CLEAR", decode_ep0_state(mtu)); 160 } 161 162 static int ep0_queue(struct mtu3_ep *mep0, struct mtu3_request *mreq); 163 164 static void ep0_dummy_complete(struct usb_ep *ep, struct usb_request *req) 165 {} 166 167 static void ep0_set_sel_complete(struct usb_ep *ep, struct usb_request *req) 168 { 169 struct mtu3_request *mreq; 170 struct mtu3 *mtu; 171 struct usb_set_sel_req sel; 172 173 memcpy(&sel, req->buf, sizeof(sel)); 174 175 mreq = to_mtu3_request(req); 176 mtu = mreq->mtu; 177 dev_dbg(mtu->dev, "u1sel:%d, u1pel:%d, u2sel:%d, u2pel:%d\n", 178 sel.u1_sel, sel.u1_pel, sel.u2_sel, sel.u2_pel); 179 } 180 181 /* queue data stage to handle 6 byte SET_SEL request */ 182 static int ep0_set_sel(struct mtu3 *mtu, struct usb_ctrlrequest *setup) 183 { 184 int ret; 185 u16 length = le16_to_cpu(setup->wLength); 186 187 if (unlikely(length != 6)) { 188 dev_err(mtu->dev, "%s wrong wLength:%d\n", 189 __func__, length); 190 return -EINVAL; 191 } 192 193 mtu->ep0_req.mep = mtu->ep0; 194 mtu->ep0_req.request.length = 6; 195 mtu->ep0_req.request.buf = mtu->setup_buf; 196 mtu->ep0_req.request.complete = ep0_set_sel_complete; 197 ret = ep0_queue(mtu->ep0, &mtu->ep0_req); 198 199 return ret < 0 ? ret : 1; 200 } 201 202 static int 203 ep0_get_status(struct mtu3 *mtu, const struct usb_ctrlrequest *setup) 204 { 205 struct mtu3_ep *mep = NULL; 206 int handled = 1; 207 u8 result[2] = {0, 0}; 208 u8 epnum = 0; 209 int is_in; 210 211 switch (setup->bRequestType & USB_RECIP_MASK) { 212 case USB_RECIP_DEVICE: 213 result[0] = mtu->is_self_powered << USB_DEVICE_SELF_POWERED; 214 result[0] |= mtu->may_wakeup << USB_DEVICE_REMOTE_WAKEUP; 215 /* superspeed only */ 216 if (mtu->g.speed == USB_SPEED_SUPER) { 217 result[0] |= mtu->u1_enable << USB_DEV_STAT_U1_ENABLED; 218 result[0] |= mtu->u2_enable << USB_DEV_STAT_U2_ENABLED; 219 } 220 221 dev_dbg(mtu->dev, "%s result=%x, U1=%x, U2=%x\n", __func__, 222 result[0], mtu->u1_enable, mtu->u2_enable); 223 224 break; 225 case USB_RECIP_INTERFACE: 226 break; 227 case USB_RECIP_ENDPOINT: 228 epnum = (u8) le16_to_cpu(setup->wIndex); 229 is_in = epnum & USB_DIR_IN; 230 epnum &= USB_ENDPOINT_NUMBER_MASK; 231 232 if (epnum >= mtu->num_eps) { 233 handled = -EINVAL; 234 break; 235 } 236 if (!epnum) 237 break; 238 239 mep = (is_in ? mtu->in_eps : mtu->out_eps) + epnum; 240 if (!mep->desc) { 241 handled = -EINVAL; 242 break; 243 } 244 if (mep->flags & MTU3_EP_STALL) 245 result[0] |= 1 << USB_ENDPOINT_HALT; 246 247 break; 248 default: 249 /* class, vendor, etc ... delegate */ 250 handled = 0; 251 break; 252 } 253 254 if (handled > 0) { 255 int ret; 256 257 /* prepare a data stage for GET_STATUS */ 258 dev_dbg(mtu->dev, "get_status=%x\n", *(u16 *)result); 259 memcpy(mtu->setup_buf, result, sizeof(result)); 260 mtu->ep0_req.mep = mtu->ep0; 261 mtu->ep0_req.request.length = 2; 262 mtu->ep0_req.request.buf = &mtu->setup_buf; 263 mtu->ep0_req.request.complete = ep0_dummy_complete; 264 ret = ep0_queue(mtu->ep0, &mtu->ep0_req); 265 if (ret < 0) 266 handled = ret; 267 } 268 return handled; 269 } 270 271 static int handle_test_mode(struct mtu3 *mtu, struct usb_ctrlrequest *setup) 272 { 273 void __iomem *mbase = mtu->mac_base; 274 int handled = 1; 275 276 switch (le16_to_cpu(setup->wIndex) >> 8) { 277 case TEST_J: 278 dev_dbg(mtu->dev, "TEST_J\n"); 279 mtu->test_mode_nr = TEST_J_MODE; 280 break; 281 case TEST_K: 282 dev_dbg(mtu->dev, "TEST_K\n"); 283 mtu->test_mode_nr = TEST_K_MODE; 284 break; 285 case TEST_SE0_NAK: 286 dev_dbg(mtu->dev, "TEST_SE0_NAK\n"); 287 mtu->test_mode_nr = TEST_SE0_NAK_MODE; 288 break; 289 case TEST_PACKET: 290 dev_dbg(mtu->dev, "TEST_PACKET\n"); 291 mtu->test_mode_nr = TEST_PACKET_MODE; 292 break; 293 default: 294 handled = -EINVAL; 295 goto out; 296 } 297 298 mtu->test_mode = true; 299 300 /* no TX completion interrupt, and need restart platform after test */ 301 if (mtu->test_mode_nr == TEST_PACKET_MODE) 302 ep0_load_test_packet(mtu); 303 304 mtu3_writel(mbase, U3D_USB2_TEST_MODE, mtu->test_mode_nr); 305 306 mtu->ep0_state = MU3D_EP0_STATE_SETUP; 307 308 out: 309 return handled; 310 } 311 312 static int ep0_handle_feature_dev(struct mtu3 *mtu, 313 struct usb_ctrlrequest *setup, bool set) 314 { 315 void __iomem *mbase = mtu->mac_base; 316 int handled = -EINVAL; 317 u32 lpc; 318 319 switch (le16_to_cpu(setup->wValue)) { 320 case USB_DEVICE_REMOTE_WAKEUP: 321 mtu->may_wakeup = !!set; 322 handled = 1; 323 break; 324 case USB_DEVICE_TEST_MODE: 325 if (!set || (mtu->g.speed != USB_SPEED_HIGH) || 326 (le16_to_cpu(setup->wIndex) & 0xff)) 327 break; 328 329 handled = handle_test_mode(mtu, setup); 330 break; 331 case USB_DEVICE_U1_ENABLE: 332 if (mtu->g.speed != USB_SPEED_SUPER || 333 mtu->g.state != USB_STATE_CONFIGURED) 334 break; 335 336 lpc = mtu3_readl(mbase, U3D_LINK_POWER_CONTROL); 337 if (set) 338 lpc |= SW_U1_ACCEPT_ENABLE; 339 else 340 lpc &= ~SW_U1_ACCEPT_ENABLE; 341 mtu3_writel(mbase, U3D_LINK_POWER_CONTROL, lpc); 342 343 mtu->u1_enable = !!set; 344 handled = 1; 345 break; 346 case USB_DEVICE_U2_ENABLE: 347 if (mtu->g.speed != USB_SPEED_SUPER || 348 mtu->g.state != USB_STATE_CONFIGURED) 349 break; 350 351 lpc = mtu3_readl(mbase, U3D_LINK_POWER_CONTROL); 352 if (set) 353 lpc |= SW_U2_ACCEPT_ENABLE; 354 else 355 lpc &= ~SW_U2_ACCEPT_ENABLE; 356 mtu3_writel(mbase, U3D_LINK_POWER_CONTROL, lpc); 357 358 mtu->u2_enable = !!set; 359 handled = 1; 360 break; 361 default: 362 handled = -EINVAL; 363 break; 364 } 365 return handled; 366 } 367 368 static int ep0_handle_feature(struct mtu3 *mtu, 369 struct usb_ctrlrequest *setup, bool set) 370 { 371 struct mtu3_ep *mep; 372 int handled = -EINVAL; 373 int is_in; 374 u16 value; 375 u16 index; 376 u8 epnum; 377 378 value = le16_to_cpu(setup->wValue); 379 index = le16_to_cpu(setup->wIndex); 380 381 switch (setup->bRequestType & USB_RECIP_MASK) { 382 case USB_RECIP_DEVICE: 383 handled = ep0_handle_feature_dev(mtu, setup, set); 384 break; 385 case USB_RECIP_INTERFACE: 386 /* superspeed only */ 387 if ((value == USB_INTRF_FUNC_SUSPEND) 388 && (mtu->g.speed == USB_SPEED_SUPER)) { 389 /* 390 * forward the request because function drivers 391 * should handle it 392 */ 393 handled = 0; 394 } 395 break; 396 case USB_RECIP_ENDPOINT: 397 epnum = index & USB_ENDPOINT_NUMBER_MASK; 398 if (epnum == 0 || epnum >= mtu->num_eps || 399 value != USB_ENDPOINT_HALT) 400 break; 401 402 is_in = index & USB_DIR_IN; 403 mep = (is_in ? mtu->in_eps : mtu->out_eps) + epnum; 404 if (!mep->desc) 405 break; 406 407 handled = 1; 408 /* ignore request if endpoint is wedged */ 409 if (mep->wedged) 410 break; 411 412 mtu3_ep_stall_set(mep, set); 413 break; 414 default: 415 /* class, vendor, etc ... delegate */ 416 handled = 0; 417 break; 418 } 419 return handled; 420 } 421 422 /* 423 * handle all control requests can be handled 424 * returns: 425 * negative errno - error happened 426 * zero - need delegate SETUP to gadget driver 427 * positive - already handled 428 */ 429 static int handle_standard_request(struct mtu3 *mtu, 430 struct usb_ctrlrequest *setup) 431 { 432 void __iomem *mbase = mtu->mac_base; 433 enum usb_device_state state = mtu->g.state; 434 int handled = -EINVAL; 435 u32 dev_conf; 436 u16 value; 437 438 value = le16_to_cpu(setup->wValue); 439 440 /* the gadget driver handles everything except what we must handle */ 441 switch (setup->bRequest) { 442 case USB_REQ_SET_ADDRESS: 443 /* change it after the status stage */ 444 mtu->address = (u8) (value & 0x7f); 445 dev_dbg(mtu->dev, "set address to 0x%x\n", mtu->address); 446 447 dev_conf = mtu3_readl(mbase, U3D_DEVICE_CONF); 448 dev_conf &= ~DEV_ADDR_MSK; 449 dev_conf |= DEV_ADDR(mtu->address); 450 mtu3_writel(mbase, U3D_DEVICE_CONF, dev_conf); 451 452 if (mtu->address) 453 usb_gadget_set_state(&mtu->g, USB_STATE_ADDRESS); 454 else 455 usb_gadget_set_state(&mtu->g, USB_STATE_DEFAULT); 456 457 handled = 1; 458 break; 459 case USB_REQ_SET_CONFIGURATION: 460 if (state == USB_STATE_ADDRESS) { 461 usb_gadget_set_state(&mtu->g, 462 USB_STATE_CONFIGURED); 463 } else if (state == USB_STATE_CONFIGURED) { 464 /* 465 * USB2 spec sec 9.4.7, if wValue is 0 then dev 466 * is moved to addressed state 467 */ 468 if (!value) 469 usb_gadget_set_state(&mtu->g, 470 USB_STATE_ADDRESS); 471 } 472 handled = 0; 473 break; 474 case USB_REQ_CLEAR_FEATURE: 475 handled = ep0_handle_feature(mtu, setup, 0); 476 break; 477 case USB_REQ_SET_FEATURE: 478 handled = ep0_handle_feature(mtu, setup, 1); 479 break; 480 case USB_REQ_GET_STATUS: 481 handled = ep0_get_status(mtu, setup); 482 break; 483 case USB_REQ_SET_SEL: 484 handled = ep0_set_sel(mtu, setup); 485 break; 486 case USB_REQ_SET_ISOCH_DELAY: 487 handled = 1; 488 break; 489 default: 490 /* delegate SET_CONFIGURATION, etc */ 491 handled = 0; 492 } 493 494 return handled; 495 } 496 497 /* receive an data packet (OUT) */ 498 static void ep0_rx_state(struct mtu3 *mtu) 499 { 500 struct mtu3_request *mreq; 501 struct usb_request *req; 502 void __iomem *mbase = mtu->mac_base; 503 u32 maxp; 504 u32 csr; 505 u16 count = 0; 506 507 dev_dbg(mtu->dev, "%s\n", __func__); 508 509 csr = mtu3_readl(mbase, U3D_EP0CSR) & EP0_W1C_BITS; 510 mreq = next_ep0_request(mtu); 511 req = &mreq->request; 512 513 /* read packet and ack; or stall because of gadget driver bug */ 514 if (req) { 515 void *buf = req->buf + req->actual; 516 unsigned int len = req->length - req->actual; 517 518 /* read the buffer */ 519 count = mtu3_readl(mbase, U3D_RXCOUNT0); 520 if (count > len) { 521 req->status = -EOVERFLOW; 522 count = len; 523 } 524 ep0_read_fifo(mtu->ep0, buf, count); 525 req->actual += count; 526 csr |= EP0_RXPKTRDY; 527 528 maxp = mtu->g.ep0->maxpacket; 529 if (count < maxp || req->actual == req->length) { 530 mtu->ep0_state = MU3D_EP0_STATE_SETUP; 531 dev_dbg(mtu->dev, "ep0 state: %s\n", 532 decode_ep0_state(mtu)); 533 534 csr |= EP0_DATAEND; 535 } else { 536 req = NULL; 537 } 538 } else { 539 csr |= EP0_RXPKTRDY | EP0_SENDSTALL; 540 dev_dbg(mtu->dev, "%s: SENDSTALL\n", __func__); 541 } 542 543 mtu3_writel(mbase, U3D_EP0CSR, csr); 544 545 /* give back the request if have received all data */ 546 if (req) 547 ep0_req_giveback(mtu, req); 548 549 } 550 551 /* transmitting to the host (IN) */ 552 static void ep0_tx_state(struct mtu3 *mtu) 553 { 554 struct mtu3_request *mreq = next_ep0_request(mtu); 555 struct usb_request *req; 556 u32 csr; 557 u8 *src; 558 u8 count; 559 u32 maxp; 560 561 dev_dbg(mtu->dev, "%s\n", __func__); 562 563 if (!mreq) 564 return; 565 566 maxp = mtu->g.ep0->maxpacket; 567 req = &mreq->request; 568 569 /* load the data */ 570 src = (u8 *)req->buf + req->actual; 571 count = min(maxp, req->length - req->actual); 572 if (count) 573 ep0_write_fifo(mtu->ep0, src, count); 574 575 dev_dbg(mtu->dev, "%s act=%d, len=%d, cnt=%d, maxp=%d zero=%d\n", 576 __func__, req->actual, req->length, count, maxp, req->zero); 577 578 req->actual += count; 579 580 if ((count < maxp) 581 || ((req->actual == req->length) && !req->zero)) 582 mtu->ep0_state = MU3D_EP0_STATE_TX_END; 583 584 /* send it out, triggering a "txpktrdy cleared" irq */ 585 csr = mtu3_readl(mtu->mac_base, U3D_EP0CSR) & EP0_W1C_BITS; 586 mtu3_writel(mtu->mac_base, U3D_EP0CSR, csr | EP0_TXPKTRDY); 587 588 dev_dbg(mtu->dev, "%s ep0csr=0x%x\n", __func__, 589 mtu3_readl(mtu->mac_base, U3D_EP0CSR)); 590 } 591 592 static void ep0_read_setup(struct mtu3 *mtu, struct usb_ctrlrequest *setup) 593 { 594 struct mtu3_request *mreq; 595 u32 count; 596 u32 csr; 597 598 csr = mtu3_readl(mtu->mac_base, U3D_EP0CSR) & EP0_W1C_BITS; 599 count = mtu3_readl(mtu->mac_base, U3D_RXCOUNT0); 600 601 ep0_read_fifo(mtu->ep0, (u8 *)setup, count); 602 603 dev_dbg(mtu->dev, "SETUP req%02x.%02x v%04x i%04x l%04x\n", 604 setup->bRequestType, setup->bRequest, 605 le16_to_cpu(setup->wValue), le16_to_cpu(setup->wIndex), 606 le16_to_cpu(setup->wLength)); 607 608 /* clean up any leftover transfers */ 609 mreq = next_ep0_request(mtu); 610 if (mreq) 611 ep0_req_giveback(mtu, &mreq->request); 612 613 if (le16_to_cpu(setup->wLength) == 0) { 614 ; /* no data stage, nothing to do */ 615 } else if (setup->bRequestType & USB_DIR_IN) { 616 mtu3_writel(mtu->mac_base, U3D_EP0CSR, 617 csr | EP0_SETUPPKTRDY | EP0_DPHTX); 618 mtu->ep0_state = MU3D_EP0_STATE_TX; 619 } else { 620 mtu3_writel(mtu->mac_base, U3D_EP0CSR, 621 (csr | EP0_SETUPPKTRDY) & (~EP0_DPHTX)); 622 mtu->ep0_state = MU3D_EP0_STATE_RX; 623 } 624 } 625 626 static int ep0_handle_setup(struct mtu3 *mtu) 627 __releases(mtu->lock) 628 __acquires(mtu->lock) 629 { 630 struct usb_ctrlrequest setup; 631 struct mtu3_request *mreq; 632 void __iomem *mbase = mtu->mac_base; 633 int handled = 0; 634 635 ep0_read_setup(mtu, &setup); 636 637 if ((setup.bRequestType & USB_TYPE_MASK) == USB_TYPE_STANDARD) 638 handled = handle_standard_request(mtu, &setup); 639 640 dev_dbg(mtu->dev, "handled %d, ep0_state: %s\n", 641 handled, decode_ep0_state(mtu)); 642 643 if (handled < 0) 644 goto stall; 645 else if (handled > 0) 646 goto finish; 647 648 handled = forward_to_driver(mtu, &setup); 649 if (handled < 0) { 650 stall: 651 dev_dbg(mtu->dev, "%s stall (%d)\n", __func__, handled); 652 653 ep0_stall_set(mtu->ep0, true, 654 le16_to_cpu(setup.wLength) ? 0 : EP0_SETUPPKTRDY); 655 656 return 0; 657 } 658 659 finish: 660 if (mtu->test_mode) { 661 ; /* nothing to do */ 662 } else if (handled == USB_GADGET_DELAYED_STATUS) { 663 /* handle the delay STATUS phase till receive ep_queue on ep0 */ 664 mtu->delayed_status = true; 665 } else if (le16_to_cpu(setup.wLength) == 0) { /* no data stage */ 666 667 mtu3_writel(mbase, U3D_EP0CSR, 668 (mtu3_readl(mbase, U3D_EP0CSR) & EP0_W1C_BITS) 669 | EP0_SETUPPKTRDY | EP0_DATAEND); 670 671 /* complete zlp request directly */ 672 mreq = next_ep0_request(mtu); 673 if (mreq && !mreq->request.length) 674 ep0_req_giveback(mtu, &mreq->request); 675 } 676 677 return 0; 678 } 679 680 irqreturn_t mtu3_ep0_isr(struct mtu3 *mtu) 681 { 682 void __iomem *mbase = mtu->mac_base; 683 struct mtu3_request *mreq; 684 u32 int_status; 685 irqreturn_t ret = IRQ_NONE; 686 u32 csr; 687 u32 len; 688 689 int_status = mtu3_readl(mbase, U3D_EPISR); 690 int_status &= mtu3_readl(mbase, U3D_EPIER); 691 mtu3_writel(mbase, U3D_EPISR, int_status); /* W1C */ 692 693 /* only handle ep0's */ 694 if (!(int_status & EP0ISR)) 695 return IRQ_NONE; 696 697 csr = mtu3_readl(mbase, U3D_EP0CSR); 698 699 dev_dbg(mtu->dev, "%s csr=0x%x\n", __func__, csr); 700 701 /* we sent a stall.. need to clear it now.. */ 702 if (csr & EP0_SENTSTALL) { 703 ep0_stall_set(mtu->ep0, false, 0); 704 csr = mtu3_readl(mbase, U3D_EP0CSR); 705 ret = IRQ_HANDLED; 706 } 707 dev_dbg(mtu->dev, "ep0_state: %s\n", decode_ep0_state(mtu)); 708 709 switch (mtu->ep0_state) { 710 case MU3D_EP0_STATE_TX: 711 /* irq on clearing txpktrdy */ 712 if ((csr & EP0_FIFOFULL) == 0) { 713 ep0_tx_state(mtu); 714 ret = IRQ_HANDLED; 715 } 716 break; 717 case MU3D_EP0_STATE_RX: 718 /* irq on set rxpktrdy */ 719 if (csr & EP0_RXPKTRDY) { 720 ep0_rx_state(mtu); 721 ret = IRQ_HANDLED; 722 } 723 break; 724 case MU3D_EP0_STATE_TX_END: 725 mtu3_writel(mbase, U3D_EP0CSR, 726 (csr & EP0_W1C_BITS) | EP0_DATAEND); 727 728 mreq = next_ep0_request(mtu); 729 if (mreq) 730 ep0_req_giveback(mtu, &mreq->request); 731 732 mtu->ep0_state = MU3D_EP0_STATE_SETUP; 733 ret = IRQ_HANDLED; 734 dev_dbg(mtu->dev, "ep0_state: %s\n", decode_ep0_state(mtu)); 735 break; 736 case MU3D_EP0_STATE_SETUP: 737 if (!(csr & EP0_SETUPPKTRDY)) 738 break; 739 740 len = mtu3_readl(mbase, U3D_RXCOUNT0); 741 if (len != 8) { 742 dev_err(mtu->dev, "SETUP packet len %d != 8 ?\n", len); 743 break; 744 } 745 746 ep0_handle_setup(mtu); 747 ret = IRQ_HANDLED; 748 break; 749 default: 750 /* can't happen */ 751 ep0_stall_set(mtu->ep0, true, 0); 752 WARN_ON(1); 753 break; 754 } 755 756 return ret; 757 } 758 759 760 static int mtu3_ep0_enable(struct usb_ep *ep, 761 const struct usb_endpoint_descriptor *desc) 762 { 763 /* always enabled */ 764 return -EINVAL; 765 } 766 767 static int mtu3_ep0_disable(struct usb_ep *ep) 768 { 769 /* always enabled */ 770 return -EINVAL; 771 } 772 773 static int ep0_queue(struct mtu3_ep *mep, struct mtu3_request *mreq) 774 { 775 struct mtu3 *mtu = mep->mtu; 776 777 mreq->mtu = mtu; 778 mreq->request.actual = 0; 779 mreq->request.status = -EINPROGRESS; 780 781 dev_dbg(mtu->dev, "%s %s (ep0_state: %s), len#%d\n", __func__, 782 mep->name, decode_ep0_state(mtu), mreq->request.length); 783 784 switch (mtu->ep0_state) { 785 case MU3D_EP0_STATE_SETUP: 786 case MU3D_EP0_STATE_RX: /* control-OUT data */ 787 case MU3D_EP0_STATE_TX: /* control-IN data */ 788 break; 789 default: 790 dev_err(mtu->dev, "%s, error in ep0 state %s\n", __func__, 791 decode_ep0_state(mtu)); 792 return -EINVAL; 793 } 794 795 if (mtu->delayed_status) { 796 u32 csr; 797 798 mtu->delayed_status = false; 799 csr = mtu3_readl(mtu->mac_base, U3D_EP0CSR) & EP0_W1C_BITS; 800 csr |= EP0_SETUPPKTRDY | EP0_DATAEND; 801 mtu3_writel(mtu->mac_base, U3D_EP0CSR, csr); 802 /* needn't giveback the request for handling delay STATUS */ 803 return 0; 804 } 805 806 if (!list_empty(&mep->req_list)) 807 return -EBUSY; 808 809 list_add_tail(&mreq->list, &mep->req_list); 810 811 /* sequence #1, IN ... start writing the data */ 812 if (mtu->ep0_state == MU3D_EP0_STATE_TX) 813 ep0_tx_state(mtu); 814 815 return 0; 816 } 817 818 static int mtu3_ep0_queue(struct usb_ep *ep, 819 struct usb_request *req, gfp_t gfp) 820 { 821 struct mtu3_ep *mep; 822 struct mtu3_request *mreq; 823 struct mtu3 *mtu; 824 unsigned long flags; 825 int ret = 0; 826 827 if (!ep || !req) 828 return -EINVAL; 829 830 mep = to_mtu3_ep(ep); 831 mtu = mep->mtu; 832 mreq = to_mtu3_request(req); 833 834 spin_lock_irqsave(&mtu->lock, flags); 835 ret = ep0_queue(mep, mreq); 836 spin_unlock_irqrestore(&mtu->lock, flags); 837 return ret; 838 } 839 840 static int mtu3_ep0_dequeue(struct usb_ep *ep, struct usb_request *req) 841 { 842 /* we just won't support this */ 843 return -EINVAL; 844 } 845 846 static int mtu3_ep0_halt(struct usb_ep *ep, int value) 847 { 848 struct mtu3_ep *mep; 849 struct mtu3 *mtu; 850 unsigned long flags; 851 int ret = 0; 852 853 if (!ep || !value) 854 return -EINVAL; 855 856 mep = to_mtu3_ep(ep); 857 mtu = mep->mtu; 858 859 dev_dbg(mtu->dev, "%s\n", __func__); 860 861 spin_lock_irqsave(&mtu->lock, flags); 862 863 if (!list_empty(&mep->req_list)) { 864 ret = -EBUSY; 865 goto cleanup; 866 } 867 868 switch (mtu->ep0_state) { 869 /* 870 * stalls are usually issued after parsing SETUP packet, either 871 * directly in irq context from setup() or else later. 872 */ 873 case MU3D_EP0_STATE_TX: 874 case MU3D_EP0_STATE_TX_END: 875 case MU3D_EP0_STATE_RX: 876 case MU3D_EP0_STATE_SETUP: 877 ep0_stall_set(mtu->ep0, true, 0); 878 break; 879 default: 880 dev_dbg(mtu->dev, "ep0 can't halt in state %s\n", 881 decode_ep0_state(mtu)); 882 ret = -EINVAL; 883 } 884 885 cleanup: 886 spin_unlock_irqrestore(&mtu->lock, flags); 887 return ret; 888 } 889 890 const struct usb_ep_ops mtu3_ep0_ops = { 891 .enable = mtu3_ep0_enable, 892 .disable = mtu3_ep0_disable, 893 .alloc_request = mtu3_alloc_request, 894 .free_request = mtu3_free_request, 895 .queue = mtu3_ep0_queue, 896 .dequeue = mtu3_ep0_dequeue, 897 .set_halt = mtu3_ep0_halt, 898 }; 899