1 #include <linux/kernel.h>
2 #include <linux/errno.h>
3 #include <linux/init.h>
4 #include <linux/slab.h>
5 #include <linux/mm.h>
6 #include <linux/module.h>
7 #include <linux/moduleparam.h>
8 #include <linux/scatterlist.h>
9 #include <linux/mutex.h>
10 #include <linux/timer.h>
11 #include <linux/usb.h>
12
13 #define SIMPLE_IO_TIMEOUT 10000 /* in milliseconds */
14
15 /*-------------------------------------------------------------------------*/
16
17 static int override_alt = -1;
18 module_param_named(alt, override_alt, int, 0644);
19 MODULE_PARM_DESC(alt, ">= 0 to override altsetting selection");
20 static void complicated_callback(struct urb *urb);
21
22 /*-------------------------------------------------------------------------*/
23
24 /* FIXME make these public somewhere; usbdevfs.h? */
25 struct usbtest_param {
26 /* inputs */
27 unsigned test_num; /* 0..(TEST_CASES-1) */
28 unsigned iterations;
29 unsigned length;
30 unsigned vary;
31 unsigned sglen;
32
33 /* outputs */
34 struct timeval duration;
35 };
36 #define USBTEST_REQUEST _IOWR('U', 100, struct usbtest_param)
37
38 /*-------------------------------------------------------------------------*/
39
40 #define GENERIC /* let probe() bind using module params */
41
42 /* Some devices that can be used for testing will have "real" drivers.
43 * Entries for those need to be enabled here by hand, after disabling
44 * that "real" driver.
45 */
46 //#define IBOT2 /* grab iBOT2 webcams */
47 //#define KEYSPAN_19Qi /* grab un-renumerated serial adapter */
48
49 /*-------------------------------------------------------------------------*/
50
51 struct usbtest_info {
52 const char *name;
53 u8 ep_in; /* bulk/intr source */
54 u8 ep_out; /* bulk/intr sink */
55 unsigned autoconf:1;
56 unsigned ctrl_out:1;
57 unsigned iso:1; /* try iso in/out */
58 unsigned intr:1; /* try interrupt in/out */
59 int alt;
60 };
61
62 /* this is accessed only through usbfs ioctl calls.
63 * one ioctl to issue a test ... one lock per device.
64 * tests create other threads if they need them.
65 * urbs and buffers are allocated dynamically,
66 * and data generated deterministically.
67 */
68 struct usbtest_dev {
69 struct usb_interface *intf;
70 struct usbtest_info *info;
71 int in_pipe;
72 int out_pipe;
73 int in_iso_pipe;
74 int out_iso_pipe;
75 int in_int_pipe;
76 int out_int_pipe;
77 struct usb_endpoint_descriptor *iso_in, *iso_out;
78 struct usb_endpoint_descriptor *int_in, *int_out;
79 struct mutex lock;
80
81 #define TBUF_SIZE 256
82 u8 *buf;
83 };
84
testdev_to_usbdev(struct usbtest_dev * test)85 static struct usb_device *testdev_to_usbdev(struct usbtest_dev *test)
86 {
87 return interface_to_usbdev(test->intf);
88 }
89
90 /* set up all urbs so they can be used with either bulk or interrupt */
91 #define INTERRUPT_RATE 1 /* msec/transfer */
92
93 #define ERROR(tdev, fmt, args...) \
94 dev_err(&(tdev)->intf->dev , fmt , ## args)
95 #define WARNING(tdev, fmt, args...) \
96 dev_warn(&(tdev)->intf->dev , fmt , ## args)
97
98 #define GUARD_BYTE 0xA5
99 #define MAX_SGLEN 128
100
101 /*-------------------------------------------------------------------------*/
102
103 static int
get_endpoints(struct usbtest_dev * dev,struct usb_interface * intf)104 get_endpoints(struct usbtest_dev *dev, struct usb_interface *intf)
105 {
106 int tmp;
107 struct usb_host_interface *alt;
108 struct usb_host_endpoint *in, *out;
109 struct usb_host_endpoint *iso_in, *iso_out;
110 struct usb_host_endpoint *int_in, *int_out;
111 struct usb_device *udev;
112
113 for (tmp = 0; tmp < intf->num_altsetting; tmp++) {
114 unsigned ep;
115
116 in = out = NULL;
117 iso_in = iso_out = NULL;
118 int_in = int_out = NULL;
119 alt = intf->altsetting + tmp;
120
121 if (override_alt >= 0 &&
122 override_alt != alt->desc.bAlternateSetting)
123 continue;
124
125 /* take the first altsetting with in-bulk + out-bulk;
126 * ignore other endpoints and altsettings.
127 */
128 for (ep = 0; ep < alt->desc.bNumEndpoints; ep++) {
129 struct usb_host_endpoint *e;
130
131 e = alt->endpoint + ep;
132 switch (usb_endpoint_type(&e->desc)) {
133 case USB_ENDPOINT_XFER_BULK:
134 break;
135 case USB_ENDPOINT_XFER_INT:
136 if (dev->info->intr)
137 goto try_intr;
138 case USB_ENDPOINT_XFER_ISOC:
139 if (dev->info->iso)
140 goto try_iso;
141 /* FALLTHROUGH */
142 default:
143 continue;
144 }
145 if (usb_endpoint_dir_in(&e->desc)) {
146 if (!in)
147 in = e;
148 } else {
149 if (!out)
150 out = e;
151 }
152 continue;
153 try_intr:
154 if (usb_endpoint_dir_in(&e->desc)) {
155 if (!int_in)
156 int_in = e;
157 } else {
158 if (!int_out)
159 int_out = e;
160 }
161 continue;
162 try_iso:
163 if (usb_endpoint_dir_in(&e->desc)) {
164 if (!iso_in)
165 iso_in = e;
166 } else {
167 if (!iso_out)
168 iso_out = e;
169 }
170 }
171 if ((in && out) || iso_in || iso_out || int_in || int_out)
172 goto found;
173 }
174 return -EINVAL;
175
176 found:
177 udev = testdev_to_usbdev(dev);
178 dev->info->alt = alt->desc.bAlternateSetting;
179 if (alt->desc.bAlternateSetting != 0) {
180 tmp = usb_set_interface(udev,
181 alt->desc.bInterfaceNumber,
182 alt->desc.bAlternateSetting);
183 if (tmp < 0)
184 return tmp;
185 }
186
187 if (in) {
188 dev->in_pipe = usb_rcvbulkpipe(udev,
189 in->desc.bEndpointAddress & USB_ENDPOINT_NUMBER_MASK);
190 dev->out_pipe = usb_sndbulkpipe(udev,
191 out->desc.bEndpointAddress & USB_ENDPOINT_NUMBER_MASK);
192 }
193 if (iso_in) {
194 dev->iso_in = &iso_in->desc;
195 dev->in_iso_pipe = usb_rcvisocpipe(udev,
196 iso_in->desc.bEndpointAddress
197 & USB_ENDPOINT_NUMBER_MASK);
198 }
199
200 if (iso_out) {
201 dev->iso_out = &iso_out->desc;
202 dev->out_iso_pipe = usb_sndisocpipe(udev,
203 iso_out->desc.bEndpointAddress
204 & USB_ENDPOINT_NUMBER_MASK);
205 }
206
207 if (int_in) {
208 dev->int_in = &int_in->desc;
209 dev->in_int_pipe = usb_rcvintpipe(udev,
210 int_in->desc.bEndpointAddress
211 & USB_ENDPOINT_NUMBER_MASK);
212 }
213
214 if (int_out) {
215 dev->int_out = &int_out->desc;
216 dev->out_int_pipe = usb_sndintpipe(udev,
217 int_out->desc.bEndpointAddress
218 & USB_ENDPOINT_NUMBER_MASK);
219 }
220 return 0;
221 }
222
223 /*-------------------------------------------------------------------------*/
224
225 /* Support for testing basic non-queued I/O streams.
226 *
227 * These just package urbs as requests that can be easily canceled.
228 * Each urb's data buffer is dynamically allocated; callers can fill
229 * them with non-zero test data (or test for it) when appropriate.
230 */
231
simple_callback(struct urb * urb)232 static void simple_callback(struct urb *urb)
233 {
234 complete(urb->context);
235 }
236
usbtest_alloc_urb(struct usb_device * udev,int pipe,unsigned long bytes,unsigned transfer_flags,unsigned offset,u8 bInterval,usb_complete_t complete_fn)237 static struct urb *usbtest_alloc_urb(
238 struct usb_device *udev,
239 int pipe,
240 unsigned long bytes,
241 unsigned transfer_flags,
242 unsigned offset,
243 u8 bInterval,
244 usb_complete_t complete_fn)
245 {
246 struct urb *urb;
247
248 urb = usb_alloc_urb(0, GFP_KERNEL);
249 if (!urb)
250 return urb;
251
252 if (bInterval)
253 usb_fill_int_urb(urb, udev, pipe, NULL, bytes, complete_fn,
254 NULL, bInterval);
255 else
256 usb_fill_bulk_urb(urb, udev, pipe, NULL, bytes, complete_fn,
257 NULL);
258
259 urb->interval = (udev->speed == USB_SPEED_HIGH)
260 ? (INTERRUPT_RATE << 3)
261 : INTERRUPT_RATE;
262 urb->transfer_flags = transfer_flags;
263 if (usb_pipein(pipe))
264 urb->transfer_flags |= URB_SHORT_NOT_OK;
265
266 if (urb->transfer_flags & URB_NO_TRANSFER_DMA_MAP)
267 urb->transfer_buffer = usb_alloc_coherent(udev, bytes + offset,
268 GFP_KERNEL, &urb->transfer_dma);
269 else
270 urb->transfer_buffer = kmalloc(bytes + offset, GFP_KERNEL);
271
272 if (!urb->transfer_buffer) {
273 usb_free_urb(urb);
274 return NULL;
275 }
276
277 /* To test unaligned transfers add an offset and fill the
278 unused memory with a guard value */
279 if (offset) {
280 memset(urb->transfer_buffer, GUARD_BYTE, offset);
281 urb->transfer_buffer += offset;
282 if (urb->transfer_flags & URB_NO_TRANSFER_DMA_MAP)
283 urb->transfer_dma += offset;
284 }
285
286 /* For inbound transfers use guard byte so that test fails if
287 data not correctly copied */
288 memset(urb->transfer_buffer,
289 usb_pipein(urb->pipe) ? GUARD_BYTE : 0,
290 bytes);
291 return urb;
292 }
293
simple_alloc_urb(struct usb_device * udev,int pipe,unsigned long bytes,u8 bInterval)294 static struct urb *simple_alloc_urb(
295 struct usb_device *udev,
296 int pipe,
297 unsigned long bytes,
298 u8 bInterval)
299 {
300 return usbtest_alloc_urb(udev, pipe, bytes, URB_NO_TRANSFER_DMA_MAP, 0,
301 bInterval, simple_callback);
302 }
303
complicated_alloc_urb(struct usb_device * udev,int pipe,unsigned long bytes,u8 bInterval)304 static struct urb *complicated_alloc_urb(
305 struct usb_device *udev,
306 int pipe,
307 unsigned long bytes,
308 u8 bInterval)
309 {
310 return usbtest_alloc_urb(udev, pipe, bytes, URB_NO_TRANSFER_DMA_MAP, 0,
311 bInterval, complicated_callback);
312 }
313
314 static unsigned pattern;
315 static unsigned mod_pattern;
316 module_param_named(pattern, mod_pattern, uint, S_IRUGO | S_IWUSR);
317 MODULE_PARM_DESC(mod_pattern, "i/o pattern (0 == zeroes)");
318
get_maxpacket(struct usb_device * udev,int pipe)319 static unsigned get_maxpacket(struct usb_device *udev, int pipe)
320 {
321 struct usb_host_endpoint *ep;
322
323 ep = usb_pipe_endpoint(udev, pipe);
324 return le16_to_cpup(&ep->desc.wMaxPacketSize);
325 }
326
simple_fill_buf(struct urb * urb)327 static void simple_fill_buf(struct urb *urb)
328 {
329 unsigned i;
330 u8 *buf = urb->transfer_buffer;
331 unsigned len = urb->transfer_buffer_length;
332 unsigned maxpacket;
333
334 switch (pattern) {
335 default:
336 /* FALLTHROUGH */
337 case 0:
338 memset(buf, 0, len);
339 break;
340 case 1: /* mod63 */
341 maxpacket = get_maxpacket(urb->dev, urb->pipe);
342 for (i = 0; i < len; i++)
343 *buf++ = (u8) ((i % maxpacket) % 63);
344 break;
345 }
346 }
347
buffer_offset(void * buf)348 static inline unsigned long buffer_offset(void *buf)
349 {
350 return (unsigned long)buf & (ARCH_KMALLOC_MINALIGN - 1);
351 }
352
check_guard_bytes(struct usbtest_dev * tdev,struct urb * urb)353 static int check_guard_bytes(struct usbtest_dev *tdev, struct urb *urb)
354 {
355 u8 *buf = urb->transfer_buffer;
356 u8 *guard = buf - buffer_offset(buf);
357 unsigned i;
358
359 for (i = 0; guard < buf; i++, guard++) {
360 if (*guard != GUARD_BYTE) {
361 ERROR(tdev, "guard byte[%d] %d (not %d)\n",
362 i, *guard, GUARD_BYTE);
363 return -EINVAL;
364 }
365 }
366 return 0;
367 }
368
simple_check_buf(struct usbtest_dev * tdev,struct urb * urb)369 static int simple_check_buf(struct usbtest_dev *tdev, struct urb *urb)
370 {
371 unsigned i;
372 u8 expected;
373 u8 *buf = urb->transfer_buffer;
374 unsigned len = urb->actual_length;
375 unsigned maxpacket = get_maxpacket(urb->dev, urb->pipe);
376
377 int ret = check_guard_bytes(tdev, urb);
378 if (ret)
379 return ret;
380
381 for (i = 0; i < len; i++, buf++) {
382 switch (pattern) {
383 /* all-zeroes has no synchronization issues */
384 case 0:
385 expected = 0;
386 break;
387 /* mod63 stays in sync with short-terminated transfers,
388 * or otherwise when host and gadget agree on how large
389 * each usb transfer request should be. resync is done
390 * with set_interface or set_config.
391 */
392 case 1: /* mod63 */
393 expected = (i % maxpacket) % 63;
394 break;
395 /* always fail unsupported patterns */
396 default:
397 expected = !*buf;
398 break;
399 }
400 if (*buf == expected)
401 continue;
402 ERROR(tdev, "buf[%d] = %d (not %d)\n", i, *buf, expected);
403 return -EINVAL;
404 }
405 return 0;
406 }
407
simple_free_urb(struct urb * urb)408 static void simple_free_urb(struct urb *urb)
409 {
410 unsigned long offset = buffer_offset(urb->transfer_buffer);
411
412 if (urb->transfer_flags & URB_NO_TRANSFER_DMA_MAP)
413 usb_free_coherent(
414 urb->dev,
415 urb->transfer_buffer_length + offset,
416 urb->transfer_buffer - offset,
417 urb->transfer_dma - offset);
418 else
419 kfree(urb->transfer_buffer - offset);
420 usb_free_urb(urb);
421 }
422
simple_io(struct usbtest_dev * tdev,struct urb * urb,int iterations,int vary,int expected,const char * label)423 static int simple_io(
424 struct usbtest_dev *tdev,
425 struct urb *urb,
426 int iterations,
427 int vary,
428 int expected,
429 const char *label
430 )
431 {
432 struct usb_device *udev = urb->dev;
433 int max = urb->transfer_buffer_length;
434 struct completion completion;
435 int retval = 0;
436 unsigned long expire;
437
438 urb->context = &completion;
439 while (retval == 0 && iterations-- > 0) {
440 init_completion(&completion);
441 if (usb_pipeout(urb->pipe)) {
442 simple_fill_buf(urb);
443 urb->transfer_flags |= URB_ZERO_PACKET;
444 }
445 retval = usb_submit_urb(urb, GFP_KERNEL);
446 if (retval != 0)
447 break;
448
449 expire = msecs_to_jiffies(SIMPLE_IO_TIMEOUT);
450 if (!wait_for_completion_timeout(&completion, expire)) {
451 usb_kill_urb(urb);
452 retval = (urb->status == -ENOENT ?
453 -ETIMEDOUT : urb->status);
454 } else {
455 retval = urb->status;
456 }
457
458 urb->dev = udev;
459 if (retval == 0 && usb_pipein(urb->pipe))
460 retval = simple_check_buf(tdev, urb);
461
462 if (vary) {
463 int len = urb->transfer_buffer_length;
464
465 len += vary;
466 len %= max;
467 if (len == 0)
468 len = (vary < max) ? vary : max;
469 urb->transfer_buffer_length = len;
470 }
471
472 /* FIXME if endpoint halted, clear halt (and log) */
473 }
474 urb->transfer_buffer_length = max;
475
476 if (expected != retval)
477 dev_err(&udev->dev,
478 "%s failed, iterations left %d, status %d (not %d)\n",
479 label, iterations, retval, expected);
480 return retval;
481 }
482
483
484 /*-------------------------------------------------------------------------*/
485
486 /* We use scatterlist primitives to test queued I/O.
487 * Yes, this also tests the scatterlist primitives.
488 */
489
free_sglist(struct scatterlist * sg,int nents)490 static void free_sglist(struct scatterlist *sg, int nents)
491 {
492 unsigned i;
493
494 if (!sg)
495 return;
496 for (i = 0; i < nents; i++) {
497 if (!sg_page(&sg[i]))
498 continue;
499 kfree(sg_virt(&sg[i]));
500 }
501 kfree(sg);
502 }
503
504 static struct scatterlist *
alloc_sglist(int nents,int max,int vary,struct usbtest_dev * dev,int pipe)505 alloc_sglist(int nents, int max, int vary, struct usbtest_dev *dev, int pipe)
506 {
507 struct scatterlist *sg;
508 unsigned int n_size = 0;
509 unsigned i;
510 unsigned size = max;
511 unsigned maxpacket =
512 get_maxpacket(interface_to_usbdev(dev->intf), pipe);
513
514 if (max == 0)
515 return NULL;
516
517 sg = kmalloc_array(nents, sizeof(*sg), GFP_KERNEL);
518 if (!sg)
519 return NULL;
520 sg_init_table(sg, nents);
521
522 for (i = 0; i < nents; i++) {
523 char *buf;
524 unsigned j;
525
526 buf = kzalloc(size, GFP_KERNEL);
527 if (!buf) {
528 free_sglist(sg, i);
529 return NULL;
530 }
531
532 /* kmalloc pages are always physically contiguous! */
533 sg_set_buf(&sg[i], buf, size);
534
535 switch (pattern) {
536 case 0:
537 /* already zeroed */
538 break;
539 case 1:
540 for (j = 0; j < size; j++)
541 *buf++ = (u8) (((j + n_size) % maxpacket) % 63);
542 n_size += size;
543 break;
544 }
545
546 if (vary) {
547 size += vary;
548 size %= max;
549 if (size == 0)
550 size = (vary < max) ? vary : max;
551 }
552 }
553
554 return sg;
555 }
556
sg_timeout(unsigned long _req)557 static void sg_timeout(unsigned long _req)
558 {
559 struct usb_sg_request *req = (struct usb_sg_request *) _req;
560
561 req->status = -ETIMEDOUT;
562 usb_sg_cancel(req);
563 }
564
perform_sglist(struct usbtest_dev * tdev,unsigned iterations,int pipe,struct usb_sg_request * req,struct scatterlist * sg,int nents)565 static int perform_sglist(
566 struct usbtest_dev *tdev,
567 unsigned iterations,
568 int pipe,
569 struct usb_sg_request *req,
570 struct scatterlist *sg,
571 int nents
572 )
573 {
574 struct usb_device *udev = testdev_to_usbdev(tdev);
575 int retval = 0;
576 struct timer_list sg_timer;
577
578 setup_timer_on_stack(&sg_timer, sg_timeout, (unsigned long) req);
579
580 while (retval == 0 && iterations-- > 0) {
581 retval = usb_sg_init(req, udev, pipe,
582 (udev->speed == USB_SPEED_HIGH)
583 ? (INTERRUPT_RATE << 3)
584 : INTERRUPT_RATE,
585 sg, nents, 0, GFP_KERNEL);
586
587 if (retval)
588 break;
589 mod_timer(&sg_timer, jiffies +
590 msecs_to_jiffies(SIMPLE_IO_TIMEOUT));
591 usb_sg_wait(req);
592 del_timer_sync(&sg_timer);
593 retval = req->status;
594
595 /* FIXME check resulting data pattern */
596
597 /* FIXME if endpoint halted, clear halt (and log) */
598 }
599
600 /* FIXME for unlink or fault handling tests, don't report
601 * failure if retval is as we expected ...
602 */
603 if (retval)
604 ERROR(tdev, "perform_sglist failed, "
605 "iterations left %d, status %d\n",
606 iterations, retval);
607 return retval;
608 }
609
610
611 /*-------------------------------------------------------------------------*/
612
613 /* unqueued control message testing
614 *
615 * there's a nice set of device functional requirements in chapter 9 of the
616 * usb 2.0 spec, which we can apply to ANY device, even ones that don't use
617 * special test firmware.
618 *
619 * we know the device is configured (or suspended) by the time it's visible
620 * through usbfs. we can't change that, so we won't test enumeration (which
621 * worked 'well enough' to get here, this time), power management (ditto),
622 * or remote wakeup (which needs human interaction).
623 */
624
625 static unsigned realworld = 1;
626 module_param(realworld, uint, 0);
627 MODULE_PARM_DESC(realworld, "clear to demand stricter spec compliance");
628
get_altsetting(struct usbtest_dev * dev)629 static int get_altsetting(struct usbtest_dev *dev)
630 {
631 struct usb_interface *iface = dev->intf;
632 struct usb_device *udev = interface_to_usbdev(iface);
633 int retval;
634
635 retval = usb_control_msg(udev, usb_rcvctrlpipe(udev, 0),
636 USB_REQ_GET_INTERFACE, USB_DIR_IN|USB_RECIP_INTERFACE,
637 0, iface->altsetting[0].desc.bInterfaceNumber,
638 dev->buf, 1, USB_CTRL_GET_TIMEOUT);
639 switch (retval) {
640 case 1:
641 return dev->buf[0];
642 case 0:
643 retval = -ERANGE;
644 /* FALLTHROUGH */
645 default:
646 return retval;
647 }
648 }
649
set_altsetting(struct usbtest_dev * dev,int alternate)650 static int set_altsetting(struct usbtest_dev *dev, int alternate)
651 {
652 struct usb_interface *iface = dev->intf;
653 struct usb_device *udev;
654
655 if (alternate < 0 || alternate >= 256)
656 return -EINVAL;
657
658 udev = interface_to_usbdev(iface);
659 return usb_set_interface(udev,
660 iface->altsetting[0].desc.bInterfaceNumber,
661 alternate);
662 }
663
is_good_config(struct usbtest_dev * tdev,int len)664 static int is_good_config(struct usbtest_dev *tdev, int len)
665 {
666 struct usb_config_descriptor *config;
667
668 if (len < sizeof(*config))
669 return 0;
670 config = (struct usb_config_descriptor *) tdev->buf;
671
672 switch (config->bDescriptorType) {
673 case USB_DT_CONFIG:
674 case USB_DT_OTHER_SPEED_CONFIG:
675 if (config->bLength != 9) {
676 ERROR(tdev, "bogus config descriptor length\n");
677 return 0;
678 }
679 /* this bit 'must be 1' but often isn't */
680 if (!realworld && !(config->bmAttributes & 0x80)) {
681 ERROR(tdev, "high bit of config attributes not set\n");
682 return 0;
683 }
684 if (config->bmAttributes & 0x1f) { /* reserved == 0 */
685 ERROR(tdev, "reserved config bits set\n");
686 return 0;
687 }
688 break;
689 default:
690 return 0;
691 }
692
693 if (le16_to_cpu(config->wTotalLength) == len) /* read it all */
694 return 1;
695 if (le16_to_cpu(config->wTotalLength) >= TBUF_SIZE) /* max partial read */
696 return 1;
697 ERROR(tdev, "bogus config descriptor read size\n");
698 return 0;
699 }
700
is_good_ext(struct usbtest_dev * tdev,u8 * buf)701 static int is_good_ext(struct usbtest_dev *tdev, u8 *buf)
702 {
703 struct usb_ext_cap_descriptor *ext;
704 u32 attr;
705
706 ext = (struct usb_ext_cap_descriptor *) buf;
707
708 if (ext->bLength != USB_DT_USB_EXT_CAP_SIZE) {
709 ERROR(tdev, "bogus usb 2.0 extension descriptor length\n");
710 return 0;
711 }
712
713 attr = le32_to_cpu(ext->bmAttributes);
714 /* bits[1:15] is used and others are reserved */
715 if (attr & ~0xfffe) { /* reserved == 0 */
716 ERROR(tdev, "reserved bits set\n");
717 return 0;
718 }
719
720 return 1;
721 }
722
is_good_ss_cap(struct usbtest_dev * tdev,u8 * buf)723 static int is_good_ss_cap(struct usbtest_dev *tdev, u8 *buf)
724 {
725 struct usb_ss_cap_descriptor *ss;
726
727 ss = (struct usb_ss_cap_descriptor *) buf;
728
729 if (ss->bLength != USB_DT_USB_SS_CAP_SIZE) {
730 ERROR(tdev, "bogus superspeed device capability descriptor length\n");
731 return 0;
732 }
733
734 /*
735 * only bit[1] of bmAttributes is used for LTM and others are
736 * reserved
737 */
738 if (ss->bmAttributes & ~0x02) { /* reserved == 0 */
739 ERROR(tdev, "reserved bits set in bmAttributes\n");
740 return 0;
741 }
742
743 /* bits[0:3] of wSpeedSupported is used and others are reserved */
744 if (le16_to_cpu(ss->wSpeedSupported) & ~0x0f) { /* reserved == 0 */
745 ERROR(tdev, "reserved bits set in wSpeedSupported\n");
746 return 0;
747 }
748
749 return 1;
750 }
751
is_good_con_id(struct usbtest_dev * tdev,u8 * buf)752 static int is_good_con_id(struct usbtest_dev *tdev, u8 *buf)
753 {
754 struct usb_ss_container_id_descriptor *con_id;
755
756 con_id = (struct usb_ss_container_id_descriptor *) buf;
757
758 if (con_id->bLength != USB_DT_USB_SS_CONTN_ID_SIZE) {
759 ERROR(tdev, "bogus container id descriptor length\n");
760 return 0;
761 }
762
763 if (con_id->bReserved) { /* reserved == 0 */
764 ERROR(tdev, "reserved bits set\n");
765 return 0;
766 }
767
768 return 1;
769 }
770
771 /* sanity test for standard requests working with usb_control_mesg() and some
772 * of the utility functions which use it.
773 *
774 * this doesn't test how endpoint halts behave or data toggles get set, since
775 * we won't do I/O to bulk/interrupt endpoints here (which is how to change
776 * halt or toggle). toggle testing is impractical without support from hcds.
777 *
778 * this avoids failing devices linux would normally work with, by not testing
779 * config/altsetting operations for devices that only support their defaults.
780 * such devices rarely support those needless operations.
781 *
782 * NOTE that since this is a sanity test, it's not examining boundary cases
783 * to see if usbcore, hcd, and device all behave right. such testing would
784 * involve varied read sizes and other operation sequences.
785 */
ch9_postconfig(struct usbtest_dev * dev)786 static int ch9_postconfig(struct usbtest_dev *dev)
787 {
788 struct usb_interface *iface = dev->intf;
789 struct usb_device *udev = interface_to_usbdev(iface);
790 int i, alt, retval;
791
792 /* [9.2.3] if there's more than one altsetting, we need to be able to
793 * set and get each one. mostly trusts the descriptors from usbcore.
794 */
795 for (i = 0; i < iface->num_altsetting; i++) {
796
797 /* 9.2.3 constrains the range here */
798 alt = iface->altsetting[i].desc.bAlternateSetting;
799 if (alt < 0 || alt >= iface->num_altsetting) {
800 dev_err(&iface->dev,
801 "invalid alt [%d].bAltSetting = %d\n",
802 i, alt);
803 }
804
805 /* [real world] get/set unimplemented if there's only one */
806 if (realworld && iface->num_altsetting == 1)
807 continue;
808
809 /* [9.4.10] set_interface */
810 retval = set_altsetting(dev, alt);
811 if (retval) {
812 dev_err(&iface->dev, "can't set_interface = %d, %d\n",
813 alt, retval);
814 return retval;
815 }
816
817 /* [9.4.4] get_interface always works */
818 retval = get_altsetting(dev);
819 if (retval != alt) {
820 dev_err(&iface->dev, "get alt should be %d, was %d\n",
821 alt, retval);
822 return (retval < 0) ? retval : -EDOM;
823 }
824
825 }
826
827 /* [real world] get_config unimplemented if there's only one */
828 if (!realworld || udev->descriptor.bNumConfigurations != 1) {
829 int expected = udev->actconfig->desc.bConfigurationValue;
830
831 /* [9.4.2] get_configuration always works
832 * ... although some cheap devices (like one TI Hub I've got)
833 * won't return config descriptors except before set_config.
834 */
835 retval = usb_control_msg(udev, usb_rcvctrlpipe(udev, 0),
836 USB_REQ_GET_CONFIGURATION,
837 USB_DIR_IN | USB_RECIP_DEVICE,
838 0, 0, dev->buf, 1, USB_CTRL_GET_TIMEOUT);
839 if (retval != 1 || dev->buf[0] != expected) {
840 dev_err(&iface->dev, "get config --> %d %d (1 %d)\n",
841 retval, dev->buf[0], expected);
842 return (retval < 0) ? retval : -EDOM;
843 }
844 }
845
846 /* there's always [9.4.3] a device descriptor [9.6.1] */
847 retval = usb_get_descriptor(udev, USB_DT_DEVICE, 0,
848 dev->buf, sizeof(udev->descriptor));
849 if (retval != sizeof(udev->descriptor)) {
850 dev_err(&iface->dev, "dev descriptor --> %d\n", retval);
851 return (retval < 0) ? retval : -EDOM;
852 }
853
854 /*
855 * there's always [9.4.3] a bos device descriptor [9.6.2] in USB
856 * 3.0 spec
857 */
858 if (le16_to_cpu(udev->descriptor.bcdUSB) >= 0x0210) {
859 struct usb_bos_descriptor *bos = NULL;
860 struct usb_dev_cap_header *header = NULL;
861 unsigned total, num, length;
862 u8 *buf;
863
864 retval = usb_get_descriptor(udev, USB_DT_BOS, 0, dev->buf,
865 sizeof(*udev->bos->desc));
866 if (retval != sizeof(*udev->bos->desc)) {
867 dev_err(&iface->dev, "bos descriptor --> %d\n", retval);
868 return (retval < 0) ? retval : -EDOM;
869 }
870
871 bos = (struct usb_bos_descriptor *)dev->buf;
872 total = le16_to_cpu(bos->wTotalLength);
873 num = bos->bNumDeviceCaps;
874
875 if (total > TBUF_SIZE)
876 total = TBUF_SIZE;
877
878 /*
879 * get generic device-level capability descriptors [9.6.2]
880 * in USB 3.0 spec
881 */
882 retval = usb_get_descriptor(udev, USB_DT_BOS, 0, dev->buf,
883 total);
884 if (retval != total) {
885 dev_err(&iface->dev, "bos descriptor set --> %d\n",
886 retval);
887 return (retval < 0) ? retval : -EDOM;
888 }
889
890 length = sizeof(*udev->bos->desc);
891 buf = dev->buf;
892 for (i = 0; i < num; i++) {
893 buf += length;
894 if (buf + sizeof(struct usb_dev_cap_header) >
895 dev->buf + total)
896 break;
897
898 header = (struct usb_dev_cap_header *)buf;
899 length = header->bLength;
900
901 if (header->bDescriptorType !=
902 USB_DT_DEVICE_CAPABILITY) {
903 dev_warn(&udev->dev, "not device capability descriptor, skip\n");
904 continue;
905 }
906
907 switch (header->bDevCapabilityType) {
908 case USB_CAP_TYPE_EXT:
909 if (buf + USB_DT_USB_EXT_CAP_SIZE >
910 dev->buf + total ||
911 !is_good_ext(dev, buf)) {
912 dev_err(&iface->dev, "bogus usb 2.0 extension descriptor\n");
913 return -EDOM;
914 }
915 break;
916 case USB_SS_CAP_TYPE:
917 if (buf + USB_DT_USB_SS_CAP_SIZE >
918 dev->buf + total ||
919 !is_good_ss_cap(dev, buf)) {
920 dev_err(&iface->dev, "bogus superspeed device capability descriptor\n");
921 return -EDOM;
922 }
923 break;
924 case CONTAINER_ID_TYPE:
925 if (buf + USB_DT_USB_SS_CONTN_ID_SIZE >
926 dev->buf + total ||
927 !is_good_con_id(dev, buf)) {
928 dev_err(&iface->dev, "bogus container id descriptor\n");
929 return -EDOM;
930 }
931 break;
932 default:
933 break;
934 }
935 }
936 }
937
938 /* there's always [9.4.3] at least one config descriptor [9.6.3] */
939 for (i = 0; i < udev->descriptor.bNumConfigurations; i++) {
940 retval = usb_get_descriptor(udev, USB_DT_CONFIG, i,
941 dev->buf, TBUF_SIZE);
942 if (!is_good_config(dev, retval)) {
943 dev_err(&iface->dev,
944 "config [%d] descriptor --> %d\n",
945 i, retval);
946 return (retval < 0) ? retval : -EDOM;
947 }
948
949 /* FIXME cross-checking udev->config[i] to make sure usbcore
950 * parsed it right (etc) would be good testing paranoia
951 */
952 }
953
954 /* and sometimes [9.2.6.6] speed dependent descriptors */
955 if (le16_to_cpu(udev->descriptor.bcdUSB) == 0x0200) {
956 struct usb_qualifier_descriptor *d = NULL;
957
958 /* device qualifier [9.6.2] */
959 retval = usb_get_descriptor(udev,
960 USB_DT_DEVICE_QUALIFIER, 0, dev->buf,
961 sizeof(struct usb_qualifier_descriptor));
962 if (retval == -EPIPE) {
963 if (udev->speed == USB_SPEED_HIGH) {
964 dev_err(&iface->dev,
965 "hs dev qualifier --> %d\n",
966 retval);
967 return (retval < 0) ? retval : -EDOM;
968 }
969 /* usb2.0 but not high-speed capable; fine */
970 } else if (retval != sizeof(struct usb_qualifier_descriptor)) {
971 dev_err(&iface->dev, "dev qualifier --> %d\n", retval);
972 return (retval < 0) ? retval : -EDOM;
973 } else
974 d = (struct usb_qualifier_descriptor *) dev->buf;
975
976 /* might not have [9.6.2] any other-speed configs [9.6.4] */
977 if (d) {
978 unsigned max = d->bNumConfigurations;
979 for (i = 0; i < max; i++) {
980 retval = usb_get_descriptor(udev,
981 USB_DT_OTHER_SPEED_CONFIG, i,
982 dev->buf, TBUF_SIZE);
983 if (!is_good_config(dev, retval)) {
984 dev_err(&iface->dev,
985 "other speed config --> %d\n",
986 retval);
987 return (retval < 0) ? retval : -EDOM;
988 }
989 }
990 }
991 }
992 /* FIXME fetch strings from at least the device descriptor */
993
994 /* [9.4.5] get_status always works */
995 retval = usb_get_status(udev, USB_RECIP_DEVICE, 0, dev->buf);
996 if (retval) {
997 dev_err(&iface->dev, "get dev status --> %d\n", retval);
998 return retval;
999 }
1000
1001 /* FIXME configuration.bmAttributes says if we could try to set/clear
1002 * the device's remote wakeup feature ... if we can, test that here
1003 */
1004
1005 retval = usb_get_status(udev, USB_RECIP_INTERFACE,
1006 iface->altsetting[0].desc.bInterfaceNumber, dev->buf);
1007 if (retval) {
1008 dev_err(&iface->dev, "get interface status --> %d\n", retval);
1009 return retval;
1010 }
1011 /* FIXME get status for each endpoint in the interface */
1012
1013 return 0;
1014 }
1015
1016 /*-------------------------------------------------------------------------*/
1017
1018 /* use ch9 requests to test whether:
1019 * (a) queues work for control, keeping N subtests queued and
1020 * active (auto-resubmit) for M loops through the queue.
1021 * (b) protocol stalls (control-only) will autorecover.
1022 * it's not like bulk/intr; no halt clearing.
1023 * (c) short control reads are reported and handled.
1024 * (d) queues are always processed in-order
1025 */
1026
1027 struct ctrl_ctx {
1028 spinlock_t lock;
1029 struct usbtest_dev *dev;
1030 struct completion complete;
1031 unsigned count;
1032 unsigned pending;
1033 int status;
1034 struct urb **urb;
1035 struct usbtest_param *param;
1036 int last;
1037 };
1038
1039 #define NUM_SUBCASES 16 /* how many test subcases here? */
1040
1041 struct subcase {
1042 struct usb_ctrlrequest setup;
1043 int number;
1044 int expected;
1045 };
1046
ctrl_complete(struct urb * urb)1047 static void ctrl_complete(struct urb *urb)
1048 {
1049 struct ctrl_ctx *ctx = urb->context;
1050 struct usb_ctrlrequest *reqp;
1051 struct subcase *subcase;
1052 int status = urb->status;
1053
1054 reqp = (struct usb_ctrlrequest *)urb->setup_packet;
1055 subcase = container_of(reqp, struct subcase, setup);
1056
1057 spin_lock(&ctx->lock);
1058 ctx->count--;
1059 ctx->pending--;
1060
1061 /* queue must transfer and complete in fifo order, unless
1062 * usb_unlink_urb() is used to unlink something not at the
1063 * physical queue head (not tested).
1064 */
1065 if (subcase->number > 0) {
1066 if ((subcase->number - ctx->last) != 1) {
1067 ERROR(ctx->dev,
1068 "subcase %d completed out of order, last %d\n",
1069 subcase->number, ctx->last);
1070 status = -EDOM;
1071 ctx->last = subcase->number;
1072 goto error;
1073 }
1074 }
1075 ctx->last = subcase->number;
1076
1077 /* succeed or fault in only one way? */
1078 if (status == subcase->expected)
1079 status = 0;
1080
1081 /* async unlink for cleanup? */
1082 else if (status != -ECONNRESET) {
1083
1084 /* some faults are allowed, not required */
1085 if (subcase->expected > 0 && (
1086 ((status == -subcase->expected /* happened */
1087 || status == 0)))) /* didn't */
1088 status = 0;
1089 /* sometimes more than one fault is allowed */
1090 else if (subcase->number == 12 && status == -EPIPE)
1091 status = 0;
1092 else
1093 ERROR(ctx->dev, "subtest %d error, status %d\n",
1094 subcase->number, status);
1095 }
1096
1097 /* unexpected status codes mean errors; ideally, in hardware */
1098 if (status) {
1099 error:
1100 if (ctx->status == 0) {
1101 int i;
1102
1103 ctx->status = status;
1104 ERROR(ctx->dev, "control queue %02x.%02x, err %d, "
1105 "%d left, subcase %d, len %d/%d\n",
1106 reqp->bRequestType, reqp->bRequest,
1107 status, ctx->count, subcase->number,
1108 urb->actual_length,
1109 urb->transfer_buffer_length);
1110
1111 /* FIXME this "unlink everything" exit route should
1112 * be a separate test case.
1113 */
1114
1115 /* unlink whatever's still pending */
1116 for (i = 1; i < ctx->param->sglen; i++) {
1117 struct urb *u = ctx->urb[
1118 (i + subcase->number)
1119 % ctx->param->sglen];
1120
1121 if (u == urb || !u->dev)
1122 continue;
1123 spin_unlock(&ctx->lock);
1124 status = usb_unlink_urb(u);
1125 spin_lock(&ctx->lock);
1126 switch (status) {
1127 case -EINPROGRESS:
1128 case -EBUSY:
1129 case -EIDRM:
1130 continue;
1131 default:
1132 ERROR(ctx->dev, "urb unlink --> %d\n",
1133 status);
1134 }
1135 }
1136 status = ctx->status;
1137 }
1138 }
1139
1140 /* resubmit if we need to, else mark this as done */
1141 if ((status == 0) && (ctx->pending < ctx->count)) {
1142 status = usb_submit_urb(urb, GFP_ATOMIC);
1143 if (status != 0) {
1144 ERROR(ctx->dev,
1145 "can't resubmit ctrl %02x.%02x, err %d\n",
1146 reqp->bRequestType, reqp->bRequest, status);
1147 urb->dev = NULL;
1148 } else
1149 ctx->pending++;
1150 } else
1151 urb->dev = NULL;
1152
1153 /* signal completion when nothing's queued */
1154 if (ctx->pending == 0)
1155 complete(&ctx->complete);
1156 spin_unlock(&ctx->lock);
1157 }
1158
1159 static int
test_ctrl_queue(struct usbtest_dev * dev,struct usbtest_param * param)1160 test_ctrl_queue(struct usbtest_dev *dev, struct usbtest_param *param)
1161 {
1162 struct usb_device *udev = testdev_to_usbdev(dev);
1163 struct urb **urb;
1164 struct ctrl_ctx context;
1165 int i;
1166
1167 if (param->sglen == 0 || param->iterations > UINT_MAX / param->sglen)
1168 return -EOPNOTSUPP;
1169
1170 spin_lock_init(&context.lock);
1171 context.dev = dev;
1172 init_completion(&context.complete);
1173 context.count = param->sglen * param->iterations;
1174 context.pending = 0;
1175 context.status = -ENOMEM;
1176 context.param = param;
1177 context.last = -1;
1178
1179 /* allocate and init the urbs we'll queue.
1180 * as with bulk/intr sglists, sglen is the queue depth; it also
1181 * controls which subtests run (more tests than sglen) or rerun.
1182 */
1183 urb = kcalloc(param->sglen, sizeof(struct urb *), GFP_KERNEL);
1184 if (!urb)
1185 return -ENOMEM;
1186 for (i = 0; i < param->sglen; i++) {
1187 int pipe = usb_rcvctrlpipe(udev, 0);
1188 unsigned len;
1189 struct urb *u;
1190 struct usb_ctrlrequest req;
1191 struct subcase *reqp;
1192
1193 /* sign of this variable means:
1194 * -: tested code must return this (negative) error code
1195 * +: tested code may return this (negative too) error code
1196 */
1197 int expected = 0;
1198
1199 /* requests here are mostly expected to succeed on any
1200 * device, but some are chosen to trigger protocol stalls
1201 * or short reads.
1202 */
1203 memset(&req, 0, sizeof(req));
1204 req.bRequest = USB_REQ_GET_DESCRIPTOR;
1205 req.bRequestType = USB_DIR_IN|USB_RECIP_DEVICE;
1206
1207 switch (i % NUM_SUBCASES) {
1208 case 0: /* get device descriptor */
1209 req.wValue = cpu_to_le16(USB_DT_DEVICE << 8);
1210 len = sizeof(struct usb_device_descriptor);
1211 break;
1212 case 1: /* get first config descriptor (only) */
1213 req.wValue = cpu_to_le16((USB_DT_CONFIG << 8) | 0);
1214 len = sizeof(struct usb_config_descriptor);
1215 break;
1216 case 2: /* get altsetting (OFTEN STALLS) */
1217 req.bRequest = USB_REQ_GET_INTERFACE;
1218 req.bRequestType = USB_DIR_IN|USB_RECIP_INTERFACE;
1219 /* index = 0 means first interface */
1220 len = 1;
1221 expected = EPIPE;
1222 break;
1223 case 3: /* get interface status */
1224 req.bRequest = USB_REQ_GET_STATUS;
1225 req.bRequestType = USB_DIR_IN|USB_RECIP_INTERFACE;
1226 /* interface 0 */
1227 len = 2;
1228 break;
1229 case 4: /* get device status */
1230 req.bRequest = USB_REQ_GET_STATUS;
1231 req.bRequestType = USB_DIR_IN|USB_RECIP_DEVICE;
1232 len = 2;
1233 break;
1234 case 5: /* get device qualifier (MAY STALL) */
1235 req.wValue = cpu_to_le16 (USB_DT_DEVICE_QUALIFIER << 8);
1236 len = sizeof(struct usb_qualifier_descriptor);
1237 if (udev->speed != USB_SPEED_HIGH)
1238 expected = EPIPE;
1239 break;
1240 case 6: /* get first config descriptor, plus interface */
1241 req.wValue = cpu_to_le16((USB_DT_CONFIG << 8) | 0);
1242 len = sizeof(struct usb_config_descriptor);
1243 len += sizeof(struct usb_interface_descriptor);
1244 break;
1245 case 7: /* get interface descriptor (ALWAYS STALLS) */
1246 req.wValue = cpu_to_le16 (USB_DT_INTERFACE << 8);
1247 /* interface == 0 */
1248 len = sizeof(struct usb_interface_descriptor);
1249 expected = -EPIPE;
1250 break;
1251 /* NOTE: two consecutive stalls in the queue here.
1252 * that tests fault recovery a bit more aggressively. */
1253 case 8: /* clear endpoint halt (MAY STALL) */
1254 req.bRequest = USB_REQ_CLEAR_FEATURE;
1255 req.bRequestType = USB_RECIP_ENDPOINT;
1256 /* wValue 0 == ep halt */
1257 /* wIndex 0 == ep0 (shouldn't halt!) */
1258 len = 0;
1259 pipe = usb_sndctrlpipe(udev, 0);
1260 expected = EPIPE;
1261 break;
1262 case 9: /* get endpoint status */
1263 req.bRequest = USB_REQ_GET_STATUS;
1264 req.bRequestType = USB_DIR_IN|USB_RECIP_ENDPOINT;
1265 /* endpoint 0 */
1266 len = 2;
1267 break;
1268 case 10: /* trigger short read (EREMOTEIO) */
1269 req.wValue = cpu_to_le16((USB_DT_CONFIG << 8) | 0);
1270 len = 1024;
1271 expected = -EREMOTEIO;
1272 break;
1273 /* NOTE: two consecutive _different_ faults in the queue. */
1274 case 11: /* get endpoint descriptor (ALWAYS STALLS) */
1275 req.wValue = cpu_to_le16(USB_DT_ENDPOINT << 8);
1276 /* endpoint == 0 */
1277 len = sizeof(struct usb_interface_descriptor);
1278 expected = EPIPE;
1279 break;
1280 /* NOTE: sometimes even a third fault in the queue! */
1281 case 12: /* get string 0 descriptor (MAY STALL) */
1282 req.wValue = cpu_to_le16(USB_DT_STRING << 8);
1283 /* string == 0, for language IDs */
1284 len = sizeof(struct usb_interface_descriptor);
1285 /* may succeed when > 4 languages */
1286 expected = EREMOTEIO; /* or EPIPE, if no strings */
1287 break;
1288 case 13: /* short read, resembling case 10 */
1289 req.wValue = cpu_to_le16((USB_DT_CONFIG << 8) | 0);
1290 /* last data packet "should" be DATA1, not DATA0 */
1291 if (udev->speed == USB_SPEED_SUPER)
1292 len = 1024 - 512;
1293 else
1294 len = 1024 - udev->descriptor.bMaxPacketSize0;
1295 expected = -EREMOTEIO;
1296 break;
1297 case 14: /* short read; try to fill the last packet */
1298 req.wValue = cpu_to_le16((USB_DT_DEVICE << 8) | 0);
1299 /* device descriptor size == 18 bytes */
1300 len = udev->descriptor.bMaxPacketSize0;
1301 if (udev->speed == USB_SPEED_SUPER)
1302 len = 512;
1303 switch (len) {
1304 case 8:
1305 len = 24;
1306 break;
1307 case 16:
1308 len = 32;
1309 break;
1310 }
1311 expected = -EREMOTEIO;
1312 break;
1313 case 15:
1314 req.wValue = cpu_to_le16(USB_DT_BOS << 8);
1315 if (udev->bos)
1316 len = le16_to_cpu(udev->bos->desc->wTotalLength);
1317 else
1318 len = sizeof(struct usb_bos_descriptor);
1319 if (le16_to_cpu(udev->descriptor.bcdUSB) < 0x0201)
1320 expected = -EPIPE;
1321 break;
1322 default:
1323 ERROR(dev, "bogus number of ctrl queue testcases!\n");
1324 context.status = -EINVAL;
1325 goto cleanup;
1326 }
1327 req.wLength = cpu_to_le16(len);
1328 urb[i] = u = simple_alloc_urb(udev, pipe, len, 0);
1329 if (!u)
1330 goto cleanup;
1331
1332 reqp = kmalloc(sizeof(*reqp), GFP_KERNEL);
1333 if (!reqp)
1334 goto cleanup;
1335 reqp->setup = req;
1336 reqp->number = i % NUM_SUBCASES;
1337 reqp->expected = expected;
1338 u->setup_packet = (char *) &reqp->setup;
1339
1340 u->context = &context;
1341 u->complete = ctrl_complete;
1342 }
1343
1344 /* queue the urbs */
1345 context.urb = urb;
1346 spin_lock_irq(&context.lock);
1347 for (i = 0; i < param->sglen; i++) {
1348 context.status = usb_submit_urb(urb[i], GFP_ATOMIC);
1349 if (context.status != 0) {
1350 ERROR(dev, "can't submit urb[%d], status %d\n",
1351 i, context.status);
1352 context.count = context.pending;
1353 break;
1354 }
1355 context.pending++;
1356 }
1357 spin_unlock_irq(&context.lock);
1358
1359 /* FIXME set timer and time out; provide a disconnect hook */
1360
1361 /* wait for the last one to complete */
1362 if (context.pending > 0)
1363 wait_for_completion(&context.complete);
1364
1365 cleanup:
1366 for (i = 0; i < param->sglen; i++) {
1367 if (!urb[i])
1368 continue;
1369 urb[i]->dev = udev;
1370 kfree(urb[i]->setup_packet);
1371 simple_free_urb(urb[i]);
1372 }
1373 kfree(urb);
1374 return context.status;
1375 }
1376 #undef NUM_SUBCASES
1377
1378
1379 /*-------------------------------------------------------------------------*/
1380
unlink1_callback(struct urb * urb)1381 static void unlink1_callback(struct urb *urb)
1382 {
1383 int status = urb->status;
1384
1385 /* we "know" -EPIPE (stall) never happens */
1386 if (!status)
1387 status = usb_submit_urb(urb, GFP_ATOMIC);
1388 if (status) {
1389 urb->status = status;
1390 complete(urb->context);
1391 }
1392 }
1393
unlink1(struct usbtest_dev * dev,int pipe,int size,int async)1394 static int unlink1(struct usbtest_dev *dev, int pipe, int size, int async)
1395 {
1396 struct urb *urb;
1397 struct completion completion;
1398 int retval = 0;
1399
1400 init_completion(&completion);
1401 urb = simple_alloc_urb(testdev_to_usbdev(dev), pipe, size, 0);
1402 if (!urb)
1403 return -ENOMEM;
1404 urb->context = &completion;
1405 urb->complete = unlink1_callback;
1406
1407 if (usb_pipeout(urb->pipe)) {
1408 simple_fill_buf(urb);
1409 urb->transfer_flags |= URB_ZERO_PACKET;
1410 }
1411
1412 /* keep the endpoint busy. there are lots of hc/hcd-internal
1413 * states, and testing should get to all of them over time.
1414 *
1415 * FIXME want additional tests for when endpoint is STALLing
1416 * due to errors, or is just NAKing requests.
1417 */
1418 retval = usb_submit_urb(urb, GFP_KERNEL);
1419 if (retval != 0) {
1420 dev_err(&dev->intf->dev, "submit fail %d\n", retval);
1421 return retval;
1422 }
1423
1424 /* unlinking that should always work. variable delay tests more
1425 * hcd states and code paths, even with little other system load.
1426 */
1427 msleep(jiffies % (2 * INTERRUPT_RATE));
1428 if (async) {
1429 while (!completion_done(&completion)) {
1430 retval = usb_unlink_urb(urb);
1431
1432 if (retval == 0 && usb_pipein(urb->pipe))
1433 retval = simple_check_buf(dev, urb);
1434
1435 switch (retval) {
1436 case -EBUSY:
1437 case -EIDRM:
1438 /* we can't unlink urbs while they're completing
1439 * or if they've completed, and we haven't
1440 * resubmitted. "normal" drivers would prevent
1441 * resubmission, but since we're testing unlink
1442 * paths, we can't.
1443 */
1444 ERROR(dev, "unlink retry\n");
1445 continue;
1446 case 0:
1447 case -EINPROGRESS:
1448 break;
1449
1450 default:
1451 dev_err(&dev->intf->dev,
1452 "unlink fail %d\n", retval);
1453 return retval;
1454 }
1455
1456 break;
1457 }
1458 } else
1459 usb_kill_urb(urb);
1460
1461 wait_for_completion(&completion);
1462 retval = urb->status;
1463 simple_free_urb(urb);
1464
1465 if (async)
1466 return (retval == -ECONNRESET) ? 0 : retval - 1000;
1467 else
1468 return (retval == -ENOENT || retval == -EPERM) ?
1469 0 : retval - 2000;
1470 }
1471
unlink_simple(struct usbtest_dev * dev,int pipe,int len)1472 static int unlink_simple(struct usbtest_dev *dev, int pipe, int len)
1473 {
1474 int retval = 0;
1475
1476 /* test sync and async paths */
1477 retval = unlink1(dev, pipe, len, 1);
1478 if (!retval)
1479 retval = unlink1(dev, pipe, len, 0);
1480 return retval;
1481 }
1482
1483 /*-------------------------------------------------------------------------*/
1484
1485 struct queued_ctx {
1486 struct completion complete;
1487 atomic_t pending;
1488 unsigned num;
1489 int status;
1490 struct urb **urbs;
1491 };
1492
unlink_queued_callback(struct urb * urb)1493 static void unlink_queued_callback(struct urb *urb)
1494 {
1495 int status = urb->status;
1496 struct queued_ctx *ctx = urb->context;
1497
1498 if (ctx->status)
1499 goto done;
1500 if (urb == ctx->urbs[ctx->num - 4] || urb == ctx->urbs[ctx->num - 2]) {
1501 if (status == -ECONNRESET)
1502 goto done;
1503 /* What error should we report if the URB completed normally? */
1504 }
1505 if (status != 0)
1506 ctx->status = status;
1507
1508 done:
1509 if (atomic_dec_and_test(&ctx->pending))
1510 complete(&ctx->complete);
1511 }
1512
unlink_queued(struct usbtest_dev * dev,int pipe,unsigned num,unsigned size)1513 static int unlink_queued(struct usbtest_dev *dev, int pipe, unsigned num,
1514 unsigned size)
1515 {
1516 struct queued_ctx ctx;
1517 struct usb_device *udev = testdev_to_usbdev(dev);
1518 void *buf;
1519 dma_addr_t buf_dma;
1520 int i;
1521 int retval = -ENOMEM;
1522
1523 init_completion(&ctx.complete);
1524 atomic_set(&ctx.pending, 1); /* One more than the actual value */
1525 ctx.num = num;
1526 ctx.status = 0;
1527
1528 buf = usb_alloc_coherent(udev, size, GFP_KERNEL, &buf_dma);
1529 if (!buf)
1530 return retval;
1531 memset(buf, 0, size);
1532
1533 /* Allocate and init the urbs we'll queue */
1534 ctx.urbs = kcalloc(num, sizeof(struct urb *), GFP_KERNEL);
1535 if (!ctx.urbs)
1536 goto free_buf;
1537 for (i = 0; i < num; i++) {
1538 ctx.urbs[i] = usb_alloc_urb(0, GFP_KERNEL);
1539 if (!ctx.urbs[i])
1540 goto free_urbs;
1541 usb_fill_bulk_urb(ctx.urbs[i], udev, pipe, buf, size,
1542 unlink_queued_callback, &ctx);
1543 ctx.urbs[i]->transfer_dma = buf_dma;
1544 ctx.urbs[i]->transfer_flags = URB_NO_TRANSFER_DMA_MAP;
1545
1546 if (usb_pipeout(ctx.urbs[i]->pipe)) {
1547 simple_fill_buf(ctx.urbs[i]);
1548 ctx.urbs[i]->transfer_flags |= URB_ZERO_PACKET;
1549 }
1550 }
1551
1552 /* Submit all the URBs and then unlink URBs num - 4 and num - 2. */
1553 for (i = 0; i < num; i++) {
1554 atomic_inc(&ctx.pending);
1555 retval = usb_submit_urb(ctx.urbs[i], GFP_KERNEL);
1556 if (retval != 0) {
1557 dev_err(&dev->intf->dev, "submit urbs[%d] fail %d\n",
1558 i, retval);
1559 atomic_dec(&ctx.pending);
1560 ctx.status = retval;
1561 break;
1562 }
1563 }
1564 if (i == num) {
1565 usb_unlink_urb(ctx.urbs[num - 4]);
1566 usb_unlink_urb(ctx.urbs[num - 2]);
1567 } else {
1568 while (--i >= 0)
1569 usb_unlink_urb(ctx.urbs[i]);
1570 }
1571
1572 if (atomic_dec_and_test(&ctx.pending)) /* The extra count */
1573 complete(&ctx.complete);
1574 wait_for_completion(&ctx.complete);
1575 retval = ctx.status;
1576
1577 free_urbs:
1578 for (i = 0; i < num; i++)
1579 usb_free_urb(ctx.urbs[i]);
1580 kfree(ctx.urbs);
1581 free_buf:
1582 usb_free_coherent(udev, size, buf, buf_dma);
1583 return retval;
1584 }
1585
1586 /*-------------------------------------------------------------------------*/
1587
verify_not_halted(struct usbtest_dev * tdev,int ep,struct urb * urb)1588 static int verify_not_halted(struct usbtest_dev *tdev, int ep, struct urb *urb)
1589 {
1590 int retval;
1591 u16 status;
1592
1593 /* shouldn't look or act halted */
1594 retval = usb_get_status(urb->dev, USB_RECIP_ENDPOINT, ep, &status);
1595 if (retval < 0) {
1596 ERROR(tdev, "ep %02x couldn't get no-halt status, %d\n",
1597 ep, retval);
1598 return retval;
1599 }
1600 if (status != 0) {
1601 ERROR(tdev, "ep %02x bogus status: %04x != 0\n", ep, status);
1602 return -EINVAL;
1603 }
1604 retval = simple_io(tdev, urb, 1, 0, 0, __func__);
1605 if (retval != 0)
1606 return -EINVAL;
1607 return 0;
1608 }
1609
verify_halted(struct usbtest_dev * tdev,int ep,struct urb * urb)1610 static int verify_halted(struct usbtest_dev *tdev, int ep, struct urb *urb)
1611 {
1612 int retval;
1613 u16 status;
1614
1615 /* should look and act halted */
1616 retval = usb_get_status(urb->dev, USB_RECIP_ENDPOINT, ep, &status);
1617 if (retval < 0) {
1618 ERROR(tdev, "ep %02x couldn't get halt status, %d\n",
1619 ep, retval);
1620 return retval;
1621 }
1622 if (status != 1) {
1623 ERROR(tdev, "ep %02x bogus status: %04x != 1\n", ep, status);
1624 return -EINVAL;
1625 }
1626 retval = simple_io(tdev, urb, 1, 0, -EPIPE, __func__);
1627 if (retval != -EPIPE)
1628 return -EINVAL;
1629 retval = simple_io(tdev, urb, 1, 0, -EPIPE, "verify_still_halted");
1630 if (retval != -EPIPE)
1631 return -EINVAL;
1632 return 0;
1633 }
1634
test_halt(struct usbtest_dev * tdev,int ep,struct urb * urb)1635 static int test_halt(struct usbtest_dev *tdev, int ep, struct urb *urb)
1636 {
1637 int retval;
1638
1639 /* shouldn't look or act halted now */
1640 retval = verify_not_halted(tdev, ep, urb);
1641 if (retval < 0)
1642 return retval;
1643
1644 /* set halt (protocol test only), verify it worked */
1645 retval = usb_control_msg(urb->dev, usb_sndctrlpipe(urb->dev, 0),
1646 USB_REQ_SET_FEATURE, USB_RECIP_ENDPOINT,
1647 USB_ENDPOINT_HALT, ep,
1648 NULL, 0, USB_CTRL_SET_TIMEOUT);
1649 if (retval < 0) {
1650 ERROR(tdev, "ep %02x couldn't set halt, %d\n", ep, retval);
1651 return retval;
1652 }
1653 retval = verify_halted(tdev, ep, urb);
1654 if (retval < 0) {
1655 int ret;
1656
1657 /* clear halt anyways, else further tests will fail */
1658 ret = usb_clear_halt(urb->dev, urb->pipe);
1659 if (ret)
1660 ERROR(tdev, "ep %02x couldn't clear halt, %d\n",
1661 ep, ret);
1662
1663 return retval;
1664 }
1665
1666 /* clear halt (tests API + protocol), verify it worked */
1667 retval = usb_clear_halt(urb->dev, urb->pipe);
1668 if (retval < 0) {
1669 ERROR(tdev, "ep %02x couldn't clear halt, %d\n", ep, retval);
1670 return retval;
1671 }
1672 retval = verify_not_halted(tdev, ep, urb);
1673 if (retval < 0)
1674 return retval;
1675
1676 /* NOTE: could also verify SET_INTERFACE clear halts ... */
1677
1678 return 0;
1679 }
1680
halt_simple(struct usbtest_dev * dev)1681 static int halt_simple(struct usbtest_dev *dev)
1682 {
1683 int ep;
1684 int retval = 0;
1685 struct urb *urb;
1686 struct usb_device *udev = testdev_to_usbdev(dev);
1687
1688 if (udev->speed == USB_SPEED_SUPER)
1689 urb = simple_alloc_urb(udev, 0, 1024, 0);
1690 else
1691 urb = simple_alloc_urb(udev, 0, 512, 0);
1692 if (urb == NULL)
1693 return -ENOMEM;
1694
1695 if (dev->in_pipe) {
1696 ep = usb_pipeendpoint(dev->in_pipe) | USB_DIR_IN;
1697 urb->pipe = dev->in_pipe;
1698 retval = test_halt(dev, ep, urb);
1699 if (retval < 0)
1700 goto done;
1701 }
1702
1703 if (dev->out_pipe) {
1704 ep = usb_pipeendpoint(dev->out_pipe);
1705 urb->pipe = dev->out_pipe;
1706 retval = test_halt(dev, ep, urb);
1707 }
1708 done:
1709 simple_free_urb(urb);
1710 return retval;
1711 }
1712
1713 /*-------------------------------------------------------------------------*/
1714
1715 /* Control OUT tests use the vendor control requests from Intel's
1716 * USB 2.0 compliance test device: write a buffer, read it back.
1717 *
1718 * Intel's spec only _requires_ that it work for one packet, which
1719 * is pretty weak. Some HCDs place limits here; most devices will
1720 * need to be able to handle more than one OUT data packet. We'll
1721 * try whatever we're told to try.
1722 */
ctrl_out(struct usbtest_dev * dev,unsigned count,unsigned length,unsigned vary,unsigned offset)1723 static int ctrl_out(struct usbtest_dev *dev,
1724 unsigned count, unsigned length, unsigned vary, unsigned offset)
1725 {
1726 unsigned i, j, len;
1727 int retval;
1728 u8 *buf;
1729 char *what = "?";
1730 struct usb_device *udev;
1731
1732 if (length < 1 || length > 0xffff || vary >= length)
1733 return -EINVAL;
1734
1735 buf = kmalloc(length + offset, GFP_KERNEL);
1736 if (!buf)
1737 return -ENOMEM;
1738
1739 buf += offset;
1740 udev = testdev_to_usbdev(dev);
1741 len = length;
1742 retval = 0;
1743
1744 /* NOTE: hardware might well act differently if we pushed it
1745 * with lots back-to-back queued requests.
1746 */
1747 for (i = 0; i < count; i++) {
1748 /* write patterned data */
1749 for (j = 0; j < len; j++)
1750 buf[j] = (u8)(i + j);
1751 retval = usb_control_msg(udev, usb_sndctrlpipe(udev, 0),
1752 0x5b, USB_DIR_OUT|USB_TYPE_VENDOR,
1753 0, 0, buf, len, USB_CTRL_SET_TIMEOUT);
1754 if (retval != len) {
1755 what = "write";
1756 if (retval >= 0) {
1757 ERROR(dev, "ctrl_out, wlen %d (expected %d)\n",
1758 retval, len);
1759 retval = -EBADMSG;
1760 }
1761 break;
1762 }
1763
1764 /* read it back -- assuming nothing intervened!! */
1765 retval = usb_control_msg(udev, usb_rcvctrlpipe(udev, 0),
1766 0x5c, USB_DIR_IN|USB_TYPE_VENDOR,
1767 0, 0, buf, len, USB_CTRL_GET_TIMEOUT);
1768 if (retval != len) {
1769 what = "read";
1770 if (retval >= 0) {
1771 ERROR(dev, "ctrl_out, rlen %d (expected %d)\n",
1772 retval, len);
1773 retval = -EBADMSG;
1774 }
1775 break;
1776 }
1777
1778 /* fail if we can't verify */
1779 for (j = 0; j < len; j++) {
1780 if (buf[j] != (u8)(i + j)) {
1781 ERROR(dev, "ctrl_out, byte %d is %d not %d\n",
1782 j, buf[j], (u8)(i + j));
1783 retval = -EBADMSG;
1784 break;
1785 }
1786 }
1787 if (retval < 0) {
1788 what = "verify";
1789 break;
1790 }
1791
1792 len += vary;
1793
1794 /* [real world] the "zero bytes IN" case isn't really used.
1795 * hardware can easily trip up in this weird case, since its
1796 * status stage is IN, not OUT like other ep0in transfers.
1797 */
1798 if (len > length)
1799 len = realworld ? 1 : 0;
1800 }
1801
1802 if (retval < 0)
1803 ERROR(dev, "ctrl_out %s failed, code %d, count %d\n",
1804 what, retval, i);
1805
1806 kfree(buf - offset);
1807 return retval;
1808 }
1809
1810 /*-------------------------------------------------------------------------*/
1811
1812 /* ISO/BULK tests ... mimics common usage
1813 * - buffer length is split into N packets (mostly maxpacket sized)
1814 * - multi-buffers according to sglen
1815 */
1816
1817 struct transfer_context {
1818 unsigned count;
1819 unsigned pending;
1820 spinlock_t lock;
1821 struct completion done;
1822 int submit_error;
1823 unsigned long errors;
1824 unsigned long packet_count;
1825 struct usbtest_dev *dev;
1826 bool is_iso;
1827 };
1828
complicated_callback(struct urb * urb)1829 static void complicated_callback(struct urb *urb)
1830 {
1831 struct transfer_context *ctx = urb->context;
1832
1833 spin_lock(&ctx->lock);
1834 ctx->count--;
1835
1836 ctx->packet_count += urb->number_of_packets;
1837 if (urb->error_count > 0)
1838 ctx->errors += urb->error_count;
1839 else if (urb->status != 0)
1840 ctx->errors += (ctx->is_iso ? urb->number_of_packets : 1);
1841 else if (urb->actual_length != urb->transfer_buffer_length)
1842 ctx->errors++;
1843 else if (check_guard_bytes(ctx->dev, urb) != 0)
1844 ctx->errors++;
1845
1846 if (urb->status == 0 && ctx->count > (ctx->pending - 1)
1847 && !ctx->submit_error) {
1848 int status = usb_submit_urb(urb, GFP_ATOMIC);
1849 switch (status) {
1850 case 0:
1851 goto done;
1852 default:
1853 dev_err(&ctx->dev->intf->dev,
1854 "iso resubmit err %d\n",
1855 status);
1856 /* FALLTHROUGH */
1857 case -ENODEV: /* disconnected */
1858 case -ESHUTDOWN: /* endpoint disabled */
1859 ctx->submit_error = 1;
1860 break;
1861 }
1862 }
1863
1864 ctx->pending--;
1865 if (ctx->pending == 0) {
1866 if (ctx->errors)
1867 dev_err(&ctx->dev->intf->dev,
1868 "iso test, %lu errors out of %lu\n",
1869 ctx->errors, ctx->packet_count);
1870 complete(&ctx->done);
1871 }
1872 done:
1873 spin_unlock(&ctx->lock);
1874 }
1875
iso_alloc_urb(struct usb_device * udev,int pipe,struct usb_endpoint_descriptor * desc,long bytes,unsigned offset)1876 static struct urb *iso_alloc_urb(
1877 struct usb_device *udev,
1878 int pipe,
1879 struct usb_endpoint_descriptor *desc,
1880 long bytes,
1881 unsigned offset
1882 )
1883 {
1884 struct urb *urb;
1885 unsigned i, maxp, packets;
1886
1887 if (bytes < 0 || !desc)
1888 return NULL;
1889 maxp = 0x7ff & usb_endpoint_maxp(desc);
1890 maxp *= 1 + (0x3 & (usb_endpoint_maxp(desc) >> 11));
1891 packets = DIV_ROUND_UP(bytes, maxp);
1892
1893 urb = usb_alloc_urb(packets, GFP_KERNEL);
1894 if (!urb)
1895 return urb;
1896 urb->dev = udev;
1897 urb->pipe = pipe;
1898
1899 urb->number_of_packets = packets;
1900 urb->transfer_buffer_length = bytes;
1901 urb->transfer_buffer = usb_alloc_coherent(udev, bytes + offset,
1902 GFP_KERNEL,
1903 &urb->transfer_dma);
1904 if (!urb->transfer_buffer) {
1905 usb_free_urb(urb);
1906 return NULL;
1907 }
1908 if (offset) {
1909 memset(urb->transfer_buffer, GUARD_BYTE, offset);
1910 urb->transfer_buffer += offset;
1911 urb->transfer_dma += offset;
1912 }
1913 /* For inbound transfers use guard byte so that test fails if
1914 data not correctly copied */
1915 memset(urb->transfer_buffer,
1916 usb_pipein(urb->pipe) ? GUARD_BYTE : 0,
1917 bytes);
1918
1919 for (i = 0; i < packets; i++) {
1920 /* here, only the last packet will be short */
1921 urb->iso_frame_desc[i].length = min((unsigned) bytes, maxp);
1922 bytes -= urb->iso_frame_desc[i].length;
1923
1924 urb->iso_frame_desc[i].offset = maxp * i;
1925 }
1926
1927 urb->complete = complicated_callback;
1928 /* urb->context = SET BY CALLER */
1929 urb->interval = 1 << (desc->bInterval - 1);
1930 urb->transfer_flags = URB_ISO_ASAP | URB_NO_TRANSFER_DMA_MAP;
1931 return urb;
1932 }
1933
1934 static int
test_queue(struct usbtest_dev * dev,struct usbtest_param * param,int pipe,struct usb_endpoint_descriptor * desc,unsigned offset)1935 test_queue(struct usbtest_dev *dev, struct usbtest_param *param,
1936 int pipe, struct usb_endpoint_descriptor *desc, unsigned offset)
1937 {
1938 struct transfer_context context;
1939 struct usb_device *udev;
1940 unsigned i;
1941 unsigned long packets = 0;
1942 int status = 0;
1943 struct urb *urbs[param->sglen];
1944
1945 memset(&context, 0, sizeof(context));
1946 context.count = param->iterations * param->sglen;
1947 context.dev = dev;
1948 context.is_iso = !!desc;
1949 init_completion(&context.done);
1950 spin_lock_init(&context.lock);
1951
1952 udev = testdev_to_usbdev(dev);
1953
1954 for (i = 0; i < param->sglen; i++) {
1955 if (context.is_iso)
1956 urbs[i] = iso_alloc_urb(udev, pipe, desc,
1957 param->length, offset);
1958 else
1959 urbs[i] = complicated_alloc_urb(udev, pipe,
1960 param->length, 0);
1961
1962 if (!urbs[i]) {
1963 status = -ENOMEM;
1964 goto fail;
1965 }
1966 packets += urbs[i]->number_of_packets;
1967 urbs[i]->context = &context;
1968 }
1969 packets *= param->iterations;
1970
1971 if (context.is_iso) {
1972 dev_info(&dev->intf->dev,
1973 "iso period %d %sframes, wMaxPacket %d, transactions: %d\n",
1974 1 << (desc->bInterval - 1),
1975 (udev->speed == USB_SPEED_HIGH) ? "micro" : "",
1976 usb_endpoint_maxp(desc) & 0x7ff,
1977 1 + (0x3 & (usb_endpoint_maxp(desc) >> 11)));
1978
1979 dev_info(&dev->intf->dev,
1980 "total %lu msec (%lu packets)\n",
1981 (packets * (1 << (desc->bInterval - 1)))
1982 / ((udev->speed == USB_SPEED_HIGH) ? 8 : 1),
1983 packets);
1984 }
1985
1986 spin_lock_irq(&context.lock);
1987 for (i = 0; i < param->sglen; i++) {
1988 ++context.pending;
1989 status = usb_submit_urb(urbs[i], GFP_ATOMIC);
1990 if (status < 0) {
1991 ERROR(dev, "submit iso[%d], error %d\n", i, status);
1992 if (i == 0) {
1993 spin_unlock_irq(&context.lock);
1994 goto fail;
1995 }
1996
1997 simple_free_urb(urbs[i]);
1998 urbs[i] = NULL;
1999 context.pending--;
2000 context.submit_error = 1;
2001 break;
2002 }
2003 }
2004 spin_unlock_irq(&context.lock);
2005
2006 wait_for_completion(&context.done);
2007
2008 for (i = 0; i < param->sglen; i++) {
2009 if (urbs[i])
2010 simple_free_urb(urbs[i]);
2011 }
2012 /*
2013 * Isochronous transfers are expected to fail sometimes. As an
2014 * arbitrary limit, we will report an error if any submissions
2015 * fail or if the transfer failure rate is > 10%.
2016 */
2017 if (status != 0)
2018 ;
2019 else if (context.submit_error)
2020 status = -EACCES;
2021 else if (context.errors >
2022 (context.is_iso ? context.packet_count / 10 : 0))
2023 status = -EIO;
2024 return status;
2025
2026 fail:
2027 for (i = 0; i < param->sglen; i++) {
2028 if (urbs[i])
2029 simple_free_urb(urbs[i]);
2030 }
2031 return status;
2032 }
2033
test_unaligned_bulk(struct usbtest_dev * tdev,int pipe,unsigned length,int iterations,unsigned transfer_flags,const char * label)2034 static int test_unaligned_bulk(
2035 struct usbtest_dev *tdev,
2036 int pipe,
2037 unsigned length,
2038 int iterations,
2039 unsigned transfer_flags,
2040 const char *label)
2041 {
2042 int retval;
2043 struct urb *urb = usbtest_alloc_urb(testdev_to_usbdev(tdev),
2044 pipe, length, transfer_flags, 1, 0, simple_callback);
2045
2046 if (!urb)
2047 return -ENOMEM;
2048
2049 retval = simple_io(tdev, urb, iterations, 0, 0, label);
2050 simple_free_urb(urb);
2051 return retval;
2052 }
2053
2054 /*-------------------------------------------------------------------------*/
2055
2056 /* We only have this one interface to user space, through usbfs.
2057 * User mode code can scan usbfs to find N different devices (maybe on
2058 * different busses) to use when testing, and allocate one thread per
2059 * test. So discovery is simplified, and we have no device naming issues.
2060 *
2061 * Don't use these only as stress/load tests. Use them along with with
2062 * other USB bus activity: plugging, unplugging, mousing, mp3 playback,
2063 * video capture, and so on. Run different tests at different times, in
2064 * different sequences. Nothing here should interact with other devices,
2065 * except indirectly by consuming USB bandwidth and CPU resources for test
2066 * threads and request completion. But the only way to know that for sure
2067 * is to test when HC queues are in use by many devices.
2068 *
2069 * WARNING: Because usbfs grabs udev->dev.sem before calling this ioctl(),
2070 * it locks out usbcore in certain code paths. Notably, if you disconnect
2071 * the device-under-test, hub_wq will wait block forever waiting for the
2072 * ioctl to complete ... so that usb_disconnect() can abort the pending
2073 * urbs and then call usbtest_disconnect(). To abort a test, you're best
2074 * off just killing the userspace task and waiting for it to exit.
2075 */
2076
2077 static int
usbtest_ioctl(struct usb_interface * intf,unsigned int code,void * buf)2078 usbtest_ioctl(struct usb_interface *intf, unsigned int code, void *buf)
2079 {
2080 struct usbtest_dev *dev = usb_get_intfdata(intf);
2081 struct usb_device *udev = testdev_to_usbdev(dev);
2082 struct usbtest_param *param = buf;
2083 int retval = -EOPNOTSUPP;
2084 struct urb *urb;
2085 struct scatterlist *sg;
2086 struct usb_sg_request req;
2087 struct timeval start;
2088 unsigned i;
2089
2090 /* FIXME USBDEVFS_CONNECTINFO doesn't say how fast the device is. */
2091
2092 pattern = mod_pattern;
2093
2094 if (code != USBTEST_REQUEST)
2095 return -EOPNOTSUPP;
2096
2097 if (param->iterations <= 0)
2098 return -EINVAL;
2099
2100 if (param->sglen > MAX_SGLEN)
2101 return -EINVAL;
2102
2103 if (mutex_lock_interruptible(&dev->lock))
2104 return -ERESTARTSYS;
2105
2106 /* FIXME: What if a system sleep starts while a test is running? */
2107
2108 /* some devices, like ez-usb default devices, need a non-default
2109 * altsetting to have any active endpoints. some tests change
2110 * altsettings; force a default so most tests don't need to check.
2111 */
2112 if (dev->info->alt >= 0) {
2113 int res;
2114
2115 if (intf->altsetting->desc.bInterfaceNumber) {
2116 mutex_unlock(&dev->lock);
2117 return -ENODEV;
2118 }
2119 res = set_altsetting(dev, dev->info->alt);
2120 if (res) {
2121 dev_err(&intf->dev,
2122 "set altsetting to %d failed, %d\n",
2123 dev->info->alt, res);
2124 mutex_unlock(&dev->lock);
2125 return res;
2126 }
2127 }
2128
2129 /*
2130 * Just a bunch of test cases that every HCD is expected to handle.
2131 *
2132 * Some may need specific firmware, though it'd be good to have
2133 * one firmware image to handle all the test cases.
2134 *
2135 * FIXME add more tests! cancel requests, verify the data, control
2136 * queueing, concurrent read+write threads, and so on.
2137 */
2138 do_gettimeofday(&start);
2139 switch (param->test_num) {
2140
2141 case 0:
2142 dev_info(&intf->dev, "TEST 0: NOP\n");
2143 retval = 0;
2144 break;
2145
2146 /* Simple non-queued bulk I/O tests */
2147 case 1:
2148 if (dev->out_pipe == 0)
2149 break;
2150 dev_info(&intf->dev,
2151 "TEST 1: write %d bytes %u times\n",
2152 param->length, param->iterations);
2153 urb = simple_alloc_urb(udev, dev->out_pipe, param->length, 0);
2154 if (!urb) {
2155 retval = -ENOMEM;
2156 break;
2157 }
2158 /* FIRMWARE: bulk sink (maybe accepts short writes) */
2159 retval = simple_io(dev, urb, param->iterations, 0, 0, "test1");
2160 simple_free_urb(urb);
2161 break;
2162 case 2:
2163 if (dev->in_pipe == 0)
2164 break;
2165 dev_info(&intf->dev,
2166 "TEST 2: read %d bytes %u times\n",
2167 param->length, param->iterations);
2168 urb = simple_alloc_urb(udev, dev->in_pipe, param->length, 0);
2169 if (!urb) {
2170 retval = -ENOMEM;
2171 break;
2172 }
2173 /* FIRMWARE: bulk source (maybe generates short writes) */
2174 retval = simple_io(dev, urb, param->iterations, 0, 0, "test2");
2175 simple_free_urb(urb);
2176 break;
2177 case 3:
2178 if (dev->out_pipe == 0 || param->vary == 0)
2179 break;
2180 dev_info(&intf->dev,
2181 "TEST 3: write/%d 0..%d bytes %u times\n",
2182 param->vary, param->length, param->iterations);
2183 urb = simple_alloc_urb(udev, dev->out_pipe, param->length, 0);
2184 if (!urb) {
2185 retval = -ENOMEM;
2186 break;
2187 }
2188 /* FIRMWARE: bulk sink (maybe accepts short writes) */
2189 retval = simple_io(dev, urb, param->iterations, param->vary,
2190 0, "test3");
2191 simple_free_urb(urb);
2192 break;
2193 case 4:
2194 if (dev->in_pipe == 0 || param->vary == 0)
2195 break;
2196 dev_info(&intf->dev,
2197 "TEST 4: read/%d 0..%d bytes %u times\n",
2198 param->vary, param->length, param->iterations);
2199 urb = simple_alloc_urb(udev, dev->in_pipe, param->length, 0);
2200 if (!urb) {
2201 retval = -ENOMEM;
2202 break;
2203 }
2204 /* FIRMWARE: bulk source (maybe generates short writes) */
2205 retval = simple_io(dev, urb, param->iterations, param->vary,
2206 0, "test4");
2207 simple_free_urb(urb);
2208 break;
2209
2210 /* Queued bulk I/O tests */
2211 case 5:
2212 if (dev->out_pipe == 0 || param->sglen == 0)
2213 break;
2214 dev_info(&intf->dev,
2215 "TEST 5: write %d sglists %d entries of %d bytes\n",
2216 param->iterations,
2217 param->sglen, param->length);
2218 sg = alloc_sglist(param->sglen, param->length,
2219 0, dev, dev->out_pipe);
2220 if (!sg) {
2221 retval = -ENOMEM;
2222 break;
2223 }
2224 /* FIRMWARE: bulk sink (maybe accepts short writes) */
2225 retval = perform_sglist(dev, param->iterations, dev->out_pipe,
2226 &req, sg, param->sglen);
2227 free_sglist(sg, param->sglen);
2228 break;
2229
2230 case 6:
2231 if (dev->in_pipe == 0 || param->sglen == 0)
2232 break;
2233 dev_info(&intf->dev,
2234 "TEST 6: read %d sglists %d entries of %d bytes\n",
2235 param->iterations,
2236 param->sglen, param->length);
2237 sg = alloc_sglist(param->sglen, param->length,
2238 0, dev, dev->in_pipe);
2239 if (!sg) {
2240 retval = -ENOMEM;
2241 break;
2242 }
2243 /* FIRMWARE: bulk source (maybe generates short writes) */
2244 retval = perform_sglist(dev, param->iterations, dev->in_pipe,
2245 &req, sg, param->sglen);
2246 free_sglist(sg, param->sglen);
2247 break;
2248 case 7:
2249 if (dev->out_pipe == 0 || param->sglen == 0 || param->vary == 0)
2250 break;
2251 dev_info(&intf->dev,
2252 "TEST 7: write/%d %d sglists %d entries 0..%d bytes\n",
2253 param->vary, param->iterations,
2254 param->sglen, param->length);
2255 sg = alloc_sglist(param->sglen, param->length,
2256 param->vary, dev, dev->out_pipe);
2257 if (!sg) {
2258 retval = -ENOMEM;
2259 break;
2260 }
2261 /* FIRMWARE: bulk sink (maybe accepts short writes) */
2262 retval = perform_sglist(dev, param->iterations, dev->out_pipe,
2263 &req, sg, param->sglen);
2264 free_sglist(sg, param->sglen);
2265 break;
2266 case 8:
2267 if (dev->in_pipe == 0 || param->sglen == 0 || param->vary == 0)
2268 break;
2269 dev_info(&intf->dev,
2270 "TEST 8: read/%d %d sglists %d entries 0..%d bytes\n",
2271 param->vary, param->iterations,
2272 param->sglen, param->length);
2273 sg = alloc_sglist(param->sglen, param->length,
2274 param->vary, dev, dev->in_pipe);
2275 if (!sg) {
2276 retval = -ENOMEM;
2277 break;
2278 }
2279 /* FIRMWARE: bulk source (maybe generates short writes) */
2280 retval = perform_sglist(dev, param->iterations, dev->in_pipe,
2281 &req, sg, param->sglen);
2282 free_sglist(sg, param->sglen);
2283 break;
2284
2285 /* non-queued sanity tests for control (chapter 9 subset) */
2286 case 9:
2287 retval = 0;
2288 dev_info(&intf->dev,
2289 "TEST 9: ch9 (subset) control tests, %d times\n",
2290 param->iterations);
2291 for (i = param->iterations; retval == 0 && i--; /* NOP */)
2292 retval = ch9_postconfig(dev);
2293 if (retval)
2294 dev_err(&intf->dev, "ch9 subset failed, "
2295 "iterations left %d\n", i);
2296 break;
2297
2298 /* queued control messaging */
2299 case 10:
2300 retval = 0;
2301 dev_info(&intf->dev,
2302 "TEST 10: queue %d control calls, %d times\n",
2303 param->sglen,
2304 param->iterations);
2305 retval = test_ctrl_queue(dev, param);
2306 break;
2307
2308 /* simple non-queued unlinks (ring with one urb) */
2309 case 11:
2310 if (dev->in_pipe == 0 || !param->length)
2311 break;
2312 retval = 0;
2313 dev_info(&intf->dev, "TEST 11: unlink %d reads of %d\n",
2314 param->iterations, param->length);
2315 for (i = param->iterations; retval == 0 && i--; /* NOP */)
2316 retval = unlink_simple(dev, dev->in_pipe,
2317 param->length);
2318 if (retval)
2319 dev_err(&intf->dev, "unlink reads failed %d, "
2320 "iterations left %d\n", retval, i);
2321 break;
2322 case 12:
2323 if (dev->out_pipe == 0 || !param->length)
2324 break;
2325 retval = 0;
2326 dev_info(&intf->dev, "TEST 12: unlink %d writes of %d\n",
2327 param->iterations, param->length);
2328 for (i = param->iterations; retval == 0 && i--; /* NOP */)
2329 retval = unlink_simple(dev, dev->out_pipe,
2330 param->length);
2331 if (retval)
2332 dev_err(&intf->dev, "unlink writes failed %d, "
2333 "iterations left %d\n", retval, i);
2334 break;
2335
2336 /* ep halt tests */
2337 case 13:
2338 if (dev->out_pipe == 0 && dev->in_pipe == 0)
2339 break;
2340 retval = 0;
2341 dev_info(&intf->dev, "TEST 13: set/clear %d halts\n",
2342 param->iterations);
2343 for (i = param->iterations; retval == 0 && i--; /* NOP */)
2344 retval = halt_simple(dev);
2345
2346 if (retval)
2347 ERROR(dev, "halts failed, iterations left %d\n", i);
2348 break;
2349
2350 /* control write tests */
2351 case 14:
2352 if (!dev->info->ctrl_out)
2353 break;
2354 dev_info(&intf->dev, "TEST 14: %d ep0out, %d..%d vary %d\n",
2355 param->iterations,
2356 realworld ? 1 : 0, param->length,
2357 param->vary);
2358 retval = ctrl_out(dev, param->iterations,
2359 param->length, param->vary, 0);
2360 break;
2361
2362 /* iso write tests */
2363 case 15:
2364 if (dev->out_iso_pipe == 0 || param->sglen == 0)
2365 break;
2366 dev_info(&intf->dev,
2367 "TEST 15: write %d iso, %d entries of %d bytes\n",
2368 param->iterations,
2369 param->sglen, param->length);
2370 /* FIRMWARE: iso sink */
2371 retval = test_queue(dev, param,
2372 dev->out_iso_pipe, dev->iso_out, 0);
2373 break;
2374
2375 /* iso read tests */
2376 case 16:
2377 if (dev->in_iso_pipe == 0 || param->sglen == 0)
2378 break;
2379 dev_info(&intf->dev,
2380 "TEST 16: read %d iso, %d entries of %d bytes\n",
2381 param->iterations,
2382 param->sglen, param->length);
2383 /* FIRMWARE: iso source */
2384 retval = test_queue(dev, param,
2385 dev->in_iso_pipe, dev->iso_in, 0);
2386 break;
2387
2388 /* FIXME scatterlist cancel (needs helper thread) */
2389
2390 /* Tests for bulk I/O using DMA mapping by core and odd address */
2391 case 17:
2392 if (dev->out_pipe == 0)
2393 break;
2394 dev_info(&intf->dev,
2395 "TEST 17: write odd addr %d bytes %u times core map\n",
2396 param->length, param->iterations);
2397
2398 retval = test_unaligned_bulk(
2399 dev, dev->out_pipe,
2400 param->length, param->iterations,
2401 0, "test17");
2402 break;
2403
2404 case 18:
2405 if (dev->in_pipe == 0)
2406 break;
2407 dev_info(&intf->dev,
2408 "TEST 18: read odd addr %d bytes %u times core map\n",
2409 param->length, param->iterations);
2410
2411 retval = test_unaligned_bulk(
2412 dev, dev->in_pipe,
2413 param->length, param->iterations,
2414 0, "test18");
2415 break;
2416
2417 /* Tests for bulk I/O using premapped coherent buffer and odd address */
2418 case 19:
2419 if (dev->out_pipe == 0)
2420 break;
2421 dev_info(&intf->dev,
2422 "TEST 19: write odd addr %d bytes %u times premapped\n",
2423 param->length, param->iterations);
2424
2425 retval = test_unaligned_bulk(
2426 dev, dev->out_pipe,
2427 param->length, param->iterations,
2428 URB_NO_TRANSFER_DMA_MAP, "test19");
2429 break;
2430
2431 case 20:
2432 if (dev->in_pipe == 0)
2433 break;
2434 dev_info(&intf->dev,
2435 "TEST 20: read odd addr %d bytes %u times premapped\n",
2436 param->length, param->iterations);
2437
2438 retval = test_unaligned_bulk(
2439 dev, dev->in_pipe,
2440 param->length, param->iterations,
2441 URB_NO_TRANSFER_DMA_MAP, "test20");
2442 break;
2443
2444 /* control write tests with unaligned buffer */
2445 case 21:
2446 if (!dev->info->ctrl_out)
2447 break;
2448 dev_info(&intf->dev,
2449 "TEST 21: %d ep0out odd addr, %d..%d vary %d\n",
2450 param->iterations,
2451 realworld ? 1 : 0, param->length,
2452 param->vary);
2453 retval = ctrl_out(dev, param->iterations,
2454 param->length, param->vary, 1);
2455 break;
2456
2457 /* unaligned iso tests */
2458 case 22:
2459 if (dev->out_iso_pipe == 0 || param->sglen == 0)
2460 break;
2461 dev_info(&intf->dev,
2462 "TEST 22: write %d iso odd, %d entries of %d bytes\n",
2463 param->iterations,
2464 param->sglen, param->length);
2465 retval = test_queue(dev, param,
2466 dev->out_iso_pipe, dev->iso_out, 1);
2467 break;
2468
2469 case 23:
2470 if (dev->in_iso_pipe == 0 || param->sglen == 0)
2471 break;
2472 dev_info(&intf->dev,
2473 "TEST 23: read %d iso odd, %d entries of %d bytes\n",
2474 param->iterations,
2475 param->sglen, param->length);
2476 retval = test_queue(dev, param,
2477 dev->in_iso_pipe, dev->iso_in, 1);
2478 break;
2479
2480 /* unlink URBs from a bulk-OUT queue */
2481 case 24:
2482 if (dev->out_pipe == 0 || !param->length || param->sglen < 4)
2483 break;
2484 retval = 0;
2485 dev_info(&intf->dev, "TEST 24: unlink from %d queues of "
2486 "%d %d-byte writes\n",
2487 param->iterations, param->sglen, param->length);
2488 for (i = param->iterations; retval == 0 && i > 0; --i) {
2489 retval = unlink_queued(dev, dev->out_pipe,
2490 param->sglen, param->length);
2491 if (retval) {
2492 dev_err(&intf->dev,
2493 "unlink queued writes failed %d, "
2494 "iterations left %d\n", retval, i);
2495 break;
2496 }
2497 }
2498 break;
2499
2500 /* Simple non-queued interrupt I/O tests */
2501 case 25:
2502 if (dev->out_int_pipe == 0)
2503 break;
2504 dev_info(&intf->dev,
2505 "TEST 25: write %d bytes %u times\n",
2506 param->length, param->iterations);
2507 urb = simple_alloc_urb(udev, dev->out_int_pipe, param->length,
2508 dev->int_out->bInterval);
2509 if (!urb) {
2510 retval = -ENOMEM;
2511 break;
2512 }
2513 /* FIRMWARE: interrupt sink (maybe accepts short writes) */
2514 retval = simple_io(dev, urb, param->iterations, 0, 0, "test25");
2515 simple_free_urb(urb);
2516 break;
2517 case 26:
2518 if (dev->in_int_pipe == 0)
2519 break;
2520 dev_info(&intf->dev,
2521 "TEST 26: read %d bytes %u times\n",
2522 param->length, param->iterations);
2523 urb = simple_alloc_urb(udev, dev->in_int_pipe, param->length,
2524 dev->int_in->bInterval);
2525 if (!urb) {
2526 retval = -ENOMEM;
2527 break;
2528 }
2529 /* FIRMWARE: interrupt source (maybe generates short writes) */
2530 retval = simple_io(dev, urb, param->iterations, 0, 0, "test26");
2531 simple_free_urb(urb);
2532 break;
2533 case 27:
2534 /* We do performance test, so ignore data compare */
2535 if (dev->out_pipe == 0 || param->sglen == 0 || pattern != 0)
2536 break;
2537 dev_info(&intf->dev,
2538 "TEST 27: bulk write %dMbytes\n", (param->iterations *
2539 param->sglen * param->length) / (1024 * 1024));
2540 retval = test_queue(dev, param,
2541 dev->out_pipe, NULL, 0);
2542 break;
2543 case 28:
2544 if (dev->in_pipe == 0 || param->sglen == 0 || pattern != 0)
2545 break;
2546 dev_info(&intf->dev,
2547 "TEST 28: bulk read %dMbytes\n", (param->iterations *
2548 param->sglen * param->length) / (1024 * 1024));
2549 retval = test_queue(dev, param,
2550 dev->in_pipe, NULL, 0);
2551 break;
2552 }
2553 do_gettimeofday(¶m->duration);
2554 param->duration.tv_sec -= start.tv_sec;
2555 param->duration.tv_usec -= start.tv_usec;
2556 if (param->duration.tv_usec < 0) {
2557 param->duration.tv_usec += 1000 * 1000;
2558 param->duration.tv_sec -= 1;
2559 }
2560 mutex_unlock(&dev->lock);
2561 return retval;
2562 }
2563
2564 /*-------------------------------------------------------------------------*/
2565
2566 static unsigned force_interrupt;
2567 module_param(force_interrupt, uint, 0);
2568 MODULE_PARM_DESC(force_interrupt, "0 = test default; else interrupt");
2569
2570 #ifdef GENERIC
2571 static unsigned short vendor;
2572 module_param(vendor, ushort, 0);
2573 MODULE_PARM_DESC(vendor, "vendor code (from usb-if)");
2574
2575 static unsigned short product;
2576 module_param(product, ushort, 0);
2577 MODULE_PARM_DESC(product, "product code (from vendor)");
2578 #endif
2579
2580 static int
usbtest_probe(struct usb_interface * intf,const struct usb_device_id * id)2581 usbtest_probe(struct usb_interface *intf, const struct usb_device_id *id)
2582 {
2583 struct usb_device *udev;
2584 struct usbtest_dev *dev;
2585 struct usbtest_info *info;
2586 char *rtest, *wtest;
2587 char *irtest, *iwtest;
2588 char *intrtest, *intwtest;
2589
2590 udev = interface_to_usbdev(intf);
2591
2592 #ifdef GENERIC
2593 /* specify devices by module parameters? */
2594 if (id->match_flags == 0) {
2595 /* vendor match required, product match optional */
2596 if (!vendor || le16_to_cpu(udev->descriptor.idVendor) != (u16)vendor)
2597 return -ENODEV;
2598 if (product && le16_to_cpu(udev->descriptor.idProduct) != (u16)product)
2599 return -ENODEV;
2600 dev_info(&intf->dev, "matched module params, "
2601 "vend=0x%04x prod=0x%04x\n",
2602 le16_to_cpu(udev->descriptor.idVendor),
2603 le16_to_cpu(udev->descriptor.idProduct));
2604 }
2605 #endif
2606
2607 dev = kzalloc(sizeof(*dev), GFP_KERNEL);
2608 if (!dev)
2609 return -ENOMEM;
2610 info = (struct usbtest_info *) id->driver_info;
2611 dev->info = info;
2612 mutex_init(&dev->lock);
2613
2614 dev->intf = intf;
2615
2616 /* cacheline-aligned scratch for i/o */
2617 dev->buf = kmalloc(TBUF_SIZE, GFP_KERNEL);
2618 if (dev->buf == NULL) {
2619 kfree(dev);
2620 return -ENOMEM;
2621 }
2622
2623 /* NOTE this doesn't yet test the handful of difference that are
2624 * visible with high speed interrupts: bigger maxpacket (1K) and
2625 * "high bandwidth" modes (up to 3 packets/uframe).
2626 */
2627 rtest = wtest = "";
2628 irtest = iwtest = "";
2629 intrtest = intwtest = "";
2630 if (force_interrupt || udev->speed == USB_SPEED_LOW) {
2631 if (info->ep_in) {
2632 dev->in_pipe = usb_rcvintpipe(udev, info->ep_in);
2633 rtest = " intr-in";
2634 }
2635 if (info->ep_out) {
2636 dev->out_pipe = usb_sndintpipe(udev, info->ep_out);
2637 wtest = " intr-out";
2638 }
2639 } else {
2640 if (override_alt >= 0 || info->autoconf) {
2641 int status;
2642
2643 status = get_endpoints(dev, intf);
2644 if (status < 0) {
2645 WARNING(dev, "couldn't get endpoints, %d\n",
2646 status);
2647 kfree(dev->buf);
2648 kfree(dev);
2649 return status;
2650 }
2651 /* may find bulk or ISO pipes */
2652 } else {
2653 if (info->ep_in)
2654 dev->in_pipe = usb_rcvbulkpipe(udev,
2655 info->ep_in);
2656 if (info->ep_out)
2657 dev->out_pipe = usb_sndbulkpipe(udev,
2658 info->ep_out);
2659 }
2660 if (dev->in_pipe)
2661 rtest = " bulk-in";
2662 if (dev->out_pipe)
2663 wtest = " bulk-out";
2664 if (dev->in_iso_pipe)
2665 irtest = " iso-in";
2666 if (dev->out_iso_pipe)
2667 iwtest = " iso-out";
2668 if (dev->in_int_pipe)
2669 intrtest = " int-in";
2670 if (dev->out_int_pipe)
2671 intwtest = " int-out";
2672 }
2673
2674 usb_set_intfdata(intf, dev);
2675 dev_info(&intf->dev, "%s\n", info->name);
2676 dev_info(&intf->dev, "%s {control%s%s%s%s%s%s%s} tests%s\n",
2677 usb_speed_string(udev->speed),
2678 info->ctrl_out ? " in/out" : "",
2679 rtest, wtest,
2680 irtest, iwtest,
2681 intrtest, intwtest,
2682 info->alt >= 0 ? " (+alt)" : "");
2683 return 0;
2684 }
2685
usbtest_suspend(struct usb_interface * intf,pm_message_t message)2686 static int usbtest_suspend(struct usb_interface *intf, pm_message_t message)
2687 {
2688 return 0;
2689 }
2690
usbtest_resume(struct usb_interface * intf)2691 static int usbtest_resume(struct usb_interface *intf)
2692 {
2693 return 0;
2694 }
2695
2696
usbtest_disconnect(struct usb_interface * intf)2697 static void usbtest_disconnect(struct usb_interface *intf)
2698 {
2699 struct usbtest_dev *dev = usb_get_intfdata(intf);
2700
2701 usb_set_intfdata(intf, NULL);
2702 dev_dbg(&intf->dev, "disconnect\n");
2703 kfree(dev);
2704 }
2705
2706 /* Basic testing only needs a device that can source or sink bulk traffic.
2707 * Any device can test control transfers (default with GENERIC binding).
2708 *
2709 * Several entries work with the default EP0 implementation that's built
2710 * into EZ-USB chips. There's a default vendor ID which can be overridden
2711 * by (very) small config EEPROMS, but otherwise all these devices act
2712 * identically until firmware is loaded: only EP0 works. It turns out
2713 * to be easy to make other endpoints work, without modifying that EP0
2714 * behavior. For now, we expect that kind of firmware.
2715 */
2716
2717 /* an21xx or fx versions of ez-usb */
2718 static struct usbtest_info ez1_info = {
2719 .name = "EZ-USB device",
2720 .ep_in = 2,
2721 .ep_out = 2,
2722 .alt = 1,
2723 };
2724
2725 /* fx2 version of ez-usb */
2726 static struct usbtest_info ez2_info = {
2727 .name = "FX2 device",
2728 .ep_in = 6,
2729 .ep_out = 2,
2730 .alt = 1,
2731 };
2732
2733 /* ezusb family device with dedicated usb test firmware,
2734 */
2735 static struct usbtest_info fw_info = {
2736 .name = "usb test device",
2737 .ep_in = 2,
2738 .ep_out = 2,
2739 .alt = 1,
2740 .autoconf = 1, /* iso and ctrl_out need autoconf */
2741 .ctrl_out = 1,
2742 .iso = 1, /* iso_ep's are #8 in/out */
2743 };
2744
2745 /* peripheral running Linux and 'zero.c' test firmware, or
2746 * its user-mode cousin. different versions of this use
2747 * different hardware with the same vendor/product codes.
2748 * host side MUST rely on the endpoint descriptors.
2749 */
2750 static struct usbtest_info gz_info = {
2751 .name = "Linux gadget zero",
2752 .autoconf = 1,
2753 .ctrl_out = 1,
2754 .iso = 1,
2755 .intr = 1,
2756 .alt = 0,
2757 };
2758
2759 static struct usbtest_info um_info = {
2760 .name = "Linux user mode test driver",
2761 .autoconf = 1,
2762 .alt = -1,
2763 };
2764
2765 static struct usbtest_info um2_info = {
2766 .name = "Linux user mode ISO test driver",
2767 .autoconf = 1,
2768 .iso = 1,
2769 .alt = -1,
2770 };
2771
2772 #ifdef IBOT2
2773 /* this is a nice source of high speed bulk data;
2774 * uses an FX2, with firmware provided in the device
2775 */
2776 static struct usbtest_info ibot2_info = {
2777 .name = "iBOT2 webcam",
2778 .ep_in = 2,
2779 .alt = -1,
2780 };
2781 #endif
2782
2783 #ifdef GENERIC
2784 /* we can use any device to test control traffic */
2785 static struct usbtest_info generic_info = {
2786 .name = "Generic USB device",
2787 .alt = -1,
2788 };
2789 #endif
2790
2791
2792 static const struct usb_device_id id_table[] = {
2793
2794 /*-------------------------------------------------------------*/
2795
2796 /* EZ-USB devices which download firmware to replace (or in our
2797 * case augment) the default device implementation.
2798 */
2799
2800 /* generic EZ-USB FX controller */
2801 { USB_DEVICE(0x0547, 0x2235),
2802 .driver_info = (unsigned long) &ez1_info,
2803 },
2804
2805 /* CY3671 development board with EZ-USB FX */
2806 { USB_DEVICE(0x0547, 0x0080),
2807 .driver_info = (unsigned long) &ez1_info,
2808 },
2809
2810 /* generic EZ-USB FX2 controller (or development board) */
2811 { USB_DEVICE(0x04b4, 0x8613),
2812 .driver_info = (unsigned long) &ez2_info,
2813 },
2814
2815 /* re-enumerated usb test device firmware */
2816 { USB_DEVICE(0xfff0, 0xfff0),
2817 .driver_info = (unsigned long) &fw_info,
2818 },
2819
2820 /* "Gadget Zero" firmware runs under Linux */
2821 { USB_DEVICE(0x0525, 0xa4a0),
2822 .driver_info = (unsigned long) &gz_info,
2823 },
2824
2825 /* so does a user-mode variant */
2826 { USB_DEVICE(0x0525, 0xa4a4),
2827 .driver_info = (unsigned long) &um_info,
2828 },
2829
2830 /* ... and a user-mode variant that talks iso */
2831 { USB_DEVICE(0x0525, 0xa4a3),
2832 .driver_info = (unsigned long) &um2_info,
2833 },
2834
2835 #ifdef KEYSPAN_19Qi
2836 /* Keyspan 19qi uses an21xx (original EZ-USB) */
2837 /* this does not coexist with the real Keyspan 19qi driver! */
2838 { USB_DEVICE(0x06cd, 0x010b),
2839 .driver_info = (unsigned long) &ez1_info,
2840 },
2841 #endif
2842
2843 /*-------------------------------------------------------------*/
2844
2845 #ifdef IBOT2
2846 /* iBOT2 makes a nice source of high speed bulk-in data */
2847 /* this does not coexist with a real iBOT2 driver! */
2848 { USB_DEVICE(0x0b62, 0x0059),
2849 .driver_info = (unsigned long) &ibot2_info,
2850 },
2851 #endif
2852
2853 /*-------------------------------------------------------------*/
2854
2855 #ifdef GENERIC
2856 /* module params can specify devices to use for control tests */
2857 { .driver_info = (unsigned long) &generic_info, },
2858 #endif
2859
2860 /*-------------------------------------------------------------*/
2861
2862 { }
2863 };
2864 MODULE_DEVICE_TABLE(usb, id_table);
2865
2866 static struct usb_driver usbtest_driver = {
2867 .name = "usbtest",
2868 .id_table = id_table,
2869 .probe = usbtest_probe,
2870 .unlocked_ioctl = usbtest_ioctl,
2871 .disconnect = usbtest_disconnect,
2872 .suspend = usbtest_suspend,
2873 .resume = usbtest_resume,
2874 };
2875
2876 /*-------------------------------------------------------------------------*/
2877
usbtest_init(void)2878 static int __init usbtest_init(void)
2879 {
2880 #ifdef GENERIC
2881 if (vendor)
2882 pr_debug("params: vend=0x%04x prod=0x%04x\n", vendor, product);
2883 #endif
2884 return usb_register(&usbtest_driver);
2885 }
2886 module_init(usbtest_init);
2887
usbtest_exit(void)2888 static void __exit usbtest_exit(void)
2889 {
2890 usb_deregister(&usbtest_driver);
2891 }
2892 module_exit(usbtest_exit);
2893
2894 MODULE_DESCRIPTION("USB Core/HCD Testing Driver");
2895 MODULE_LICENSE("GPL");
2896
2897