1/* 2 * bdc_ep.c - BRCM BDC USB3.0 device controller endpoint related functions 3 * 4 * Copyright (C) 2014 Broadcom Corporation 5 * 6 * Author: Ashwini Pahuja 7 * 8 * Based on drivers under drivers/usb/ 9 * 10 * This program is free software; you can redistribute it and/or modify it 11 * under the terms of the GNU General Public License as published by the 12 * Free Software Foundation; either version 2 of the License, or (at your 13 * option) any later version. 14 * 15 */ 16#include <linux/module.h> 17#include <linux/pci.h> 18#include <linux/dma-mapping.h> 19#include <linux/kernel.h> 20#include <linux/delay.h> 21#include <linux/dmapool.h> 22#include <linux/ioport.h> 23#include <linux/sched.h> 24#include <linux/slab.h> 25#include <linux/errno.h> 26#include <linux/init.h> 27#include <linux/timer.h> 28#include <linux/list.h> 29#include <linux/interrupt.h> 30#include <linux/moduleparam.h> 31#include <linux/device.h> 32#include <linux/usb/ch9.h> 33#include <linux/usb/gadget.h> 34#include <linux/usb/otg.h> 35#include <linux/pm.h> 36#include <linux/io.h> 37#include <linux/irq.h> 38#include <asm/unaligned.h> 39#include <linux/platform_device.h> 40#include <linux/usb/composite.h> 41 42#include "bdc.h" 43#include "bdc_ep.h" 44#include "bdc_cmd.h" 45#include "bdc_dbg.h" 46 47static const char * const ep0_state_string[] = { 48 "WAIT_FOR_SETUP", 49 "WAIT_FOR_DATA_START", 50 "WAIT_FOR_DATA_XMIT", 51 "WAIT_FOR_STATUS_START", 52 "WAIT_FOR_STATUS_XMIT", 53 "STATUS_PENDING" 54}; 55 56/* Free the bdl during ep disable */ 57static void ep_bd_list_free(struct bdc_ep *ep, u32 num_tabs) 58{ 59 struct bd_list *bd_list = &ep->bd_list; 60 struct bdc *bdc = ep->bdc; 61 struct bd_table *bd_table; 62 int index; 63 64 dev_dbg(bdc->dev, "%s ep:%s num_tabs:%d\n", 65 __func__, ep->name, num_tabs); 66 67 if (!bd_list->bd_table_array) { 68 dev_dbg(bdc->dev, "%s already freed\n", ep->name); 69 return; 70 } 71 for (index = 0; index < num_tabs; index++) { 72 /* 73 * check if the bd_table struct is allocated ? 74 * if yes, then check if bd memory has been allocated, then 75 * free the dma_pool and also the bd_table struct memory 76 */ 77 bd_table = bd_list->bd_table_array[index]; 78 dev_dbg(bdc->dev, "bd_table:%p index:%d\n", bd_table, index); 79 if (!bd_table) { 80 dev_dbg(bdc->dev, "bd_table not allocated\n"); 81 continue; 82 } 83 if (!bd_table->start_bd) { 84 dev_dbg(bdc->dev, "bd dma pool not allocted\n"); 85 continue; 86 } 87 88 dev_dbg(bdc->dev, 89 "Free dma pool start_bd:%p dma:%llx\n", 90 bd_table->start_bd, 91 (unsigned long long)bd_table->dma); 92 93 dma_pool_free(bdc->bd_table_pool, 94 bd_table->start_bd, 95 bd_table->dma); 96 /* Free the bd_table structure */ 97 kfree(bd_table); 98 } 99 /* Free the bd table array */ 100 kfree(ep->bd_list.bd_table_array); 101} 102 103/* 104 * chain the tables, by insteting a chain bd at the end of prev_table, pointing 105 * to next_table 106 */ 107static inline void chain_table(struct bd_table *prev_table, 108 struct bd_table *next_table, 109 u32 bd_p_tab) 110{ 111 /* Chain the prev table to next table */ 112 prev_table->start_bd[bd_p_tab-1].offset[0] = 113 cpu_to_le32(lower_32_bits(next_table->dma)); 114 115 prev_table->start_bd[bd_p_tab-1].offset[1] = 116 cpu_to_le32(upper_32_bits(next_table->dma)); 117 118 prev_table->start_bd[bd_p_tab-1].offset[2] = 119 0x0; 120 121 prev_table->start_bd[bd_p_tab-1].offset[3] = 122 cpu_to_le32(MARK_CHAIN_BD); 123} 124 125/* Allocate the bdl for ep, during config ep */ 126static int ep_bd_list_alloc(struct bdc_ep *ep) 127{ 128 struct bd_table *prev_table = NULL; 129 int index, num_tabs, bd_p_tab; 130 struct bdc *bdc = ep->bdc; 131 struct bd_table *bd_table; 132 dma_addr_t dma; 133 134 if (usb_endpoint_xfer_isoc(ep->desc)) 135 num_tabs = NUM_TABLES_ISOCH; 136 else 137 num_tabs = NUM_TABLES; 138 139 bd_p_tab = NUM_BDS_PER_TABLE; 140 /* if there is only 1 table in bd list then loop chain to self */ 141 dev_dbg(bdc->dev, 142 "%s ep:%p num_tabs:%d\n", 143 __func__, ep, num_tabs); 144 145 /* Allocate memory for table array */ 146 ep->bd_list.bd_table_array = kzalloc( 147 num_tabs * sizeof(struct bd_table *), 148 GFP_ATOMIC); 149 if (!ep->bd_list.bd_table_array) 150 return -ENOMEM; 151 152 /* Allocate memory for each table */ 153 for (index = 0; index < num_tabs; index++) { 154 /* Allocate memory for bd_table structure */ 155 bd_table = kzalloc(sizeof(struct bd_table), GFP_ATOMIC); 156 if (!bd_table) 157 goto fail; 158 159 bd_table->start_bd = dma_pool_alloc(bdc->bd_table_pool, 160 GFP_ATOMIC, 161 &dma); 162 if (!bd_table->start_bd) { 163 kfree(bd_table); 164 goto fail; 165 } 166 167 bd_table->dma = dma; 168 169 dev_dbg(bdc->dev, 170 "index:%d start_bd:%p dma=%08llx prev_table:%p\n", 171 index, bd_table->start_bd, 172 (unsigned long long)bd_table->dma, prev_table); 173 174 ep->bd_list.bd_table_array[index] = bd_table; 175 memset(bd_table->start_bd, 0, bd_p_tab * sizeof(struct bdc_bd)); 176 if (prev_table) 177 chain_table(prev_table, bd_table, bd_p_tab); 178 179 prev_table = bd_table; 180 } 181 chain_table(prev_table, ep->bd_list.bd_table_array[0], bd_p_tab); 182 /* Memory allocation is successful, now init the internal fields */ 183 ep->bd_list.num_tabs = num_tabs; 184 ep->bd_list.max_bdi = (num_tabs * bd_p_tab) - 1; 185 ep->bd_list.num_tabs = num_tabs; 186 ep->bd_list.num_bds_table = bd_p_tab; 187 ep->bd_list.eqp_bdi = 0; 188 ep->bd_list.hwd_bdi = 0; 189 190 return 0; 191fail: 192 /* Free the bd_table_array, bd_table struct, bd's */ 193 ep_bd_list_free(ep, num_tabs); 194 195 return -ENOMEM; 196} 197 198/* returns how many bd's are need for this transfer */ 199static inline int bd_needed_req(struct bdc_req *req) 200{ 201 int bd_needed = 0; 202 int remaining; 203 204 /* 1 bd needed for 0 byte transfer */ 205 if (req->usb_req.length == 0) 206 return 1; 207 208 /* remaining bytes after tranfering all max BD size BD's */ 209 remaining = req->usb_req.length % BD_MAX_BUFF_SIZE; 210 if (remaining) 211 bd_needed++; 212 213 /* How many maximum BUFF size BD's ? */ 214 remaining = req->usb_req.length / BD_MAX_BUFF_SIZE; 215 bd_needed += remaining; 216 217 return bd_needed; 218} 219 220/* returns the bd index(bdi) corresponding to bd dma address */ 221static int bd_add_to_bdi(struct bdc_ep *ep, dma_addr_t bd_dma_addr) 222{ 223 struct bd_list *bd_list = &ep->bd_list; 224 dma_addr_t dma_first_bd, dma_last_bd; 225 struct bdc *bdc = ep->bdc; 226 struct bd_table *bd_table; 227 bool found = false; 228 int tbi, bdi; 229 230 dma_first_bd = dma_last_bd = 0; 231 dev_dbg(bdc->dev, "%s %llx\n", 232 __func__, (unsigned long long)bd_dma_addr); 233 /* 234 * Find in which table this bd_dma_addr belongs?, go through the table 235 * array and compare addresses of first and last address of bd of each 236 * table 237 */ 238 for (tbi = 0; tbi < bd_list->num_tabs; tbi++) { 239 bd_table = bd_list->bd_table_array[tbi]; 240 dma_first_bd = bd_table->dma; 241 dma_last_bd = bd_table->dma + 242 (sizeof(struct bdc_bd) * 243 (bd_list->num_bds_table - 1)); 244 dev_dbg(bdc->dev, "dma_first_bd:%llx dma_last_bd:%llx\n", 245 (unsigned long long)dma_first_bd, 246 (unsigned long long)dma_last_bd); 247 if (bd_dma_addr >= dma_first_bd && bd_dma_addr <= dma_last_bd) { 248 found = true; 249 break; 250 } 251 } 252 if (unlikely(!found)) { 253 dev_err(bdc->dev, "%s FATAL err, bd not found\n", __func__); 254 return -EINVAL; 255 } 256 /* Now we know the table, find the bdi */ 257 bdi = (bd_dma_addr - dma_first_bd) / sizeof(struct bdc_bd); 258 259 /* return the global bdi, to compare with ep eqp_bdi */ 260 return (bdi + (tbi * bd_list->num_bds_table)); 261} 262 263/* returns the table index(tbi) of the given bdi */ 264static int bdi_to_tbi(struct bdc_ep *ep, int bdi) 265{ 266 int tbi; 267 268 tbi = bdi / ep->bd_list.num_bds_table; 269 dev_vdbg(ep->bdc->dev, 270 "bdi:%d num_bds_table:%d tbi:%d\n", 271 bdi, ep->bd_list.num_bds_table, tbi); 272 273 return tbi; 274} 275 276/* Find the bdi last bd in the transfer */ 277static inline int find_end_bdi(struct bdc_ep *ep, int next_hwd_bdi) 278{ 279 int end_bdi; 280 281 end_bdi = next_hwd_bdi - 1; 282 if (end_bdi < 0) 283 end_bdi = ep->bd_list.max_bdi - 1; 284 else if ((end_bdi % (ep->bd_list.num_bds_table-1)) == 0) 285 end_bdi--; 286 287 return end_bdi; 288} 289 290/* 291 * How many transfer bd's are available on this ep bdl, chain bds are not 292 * counted in available bds 293 */ 294static int bd_available_ep(struct bdc_ep *ep) 295{ 296 struct bd_list *bd_list = &ep->bd_list; 297 int available1, available2; 298 struct bdc *bdc = ep->bdc; 299 int chain_bd1, chain_bd2; 300 int available_bd = 0; 301 302 available1 = available2 = chain_bd1 = chain_bd2 = 0; 303 /* if empty then we have all bd's available - number of chain bd's */ 304 if (bd_list->eqp_bdi == bd_list->hwd_bdi) 305 return bd_list->max_bdi - bd_list->num_tabs; 306 307 /* 308 * Depending upon where eqp and dqp pointers are, caculate number 309 * of avaialble bd's 310 */ 311 if (bd_list->hwd_bdi < bd_list->eqp_bdi) { 312 /* available bd's are from eqp..max_bds + 0..dqp - chain_bds */ 313 available1 = bd_list->max_bdi - bd_list->eqp_bdi; 314 available2 = bd_list->hwd_bdi; 315 chain_bd1 = available1 / bd_list->num_bds_table; 316 chain_bd2 = available2 / bd_list->num_bds_table; 317 dev_vdbg(bdc->dev, "chain_bd1:%d chain_bd2:%d\n", 318 chain_bd1, chain_bd2); 319 available_bd = available1 + available2 - chain_bd1 - chain_bd2; 320 } else { 321 /* available bd's are from eqp..dqp - number of chain bd's */ 322 available1 = bd_list->hwd_bdi - bd_list->eqp_bdi; 323 /* if gap between eqp and dqp is less than NUM_BDS_PER_TABLE */ 324 if ((bd_list->hwd_bdi - bd_list->eqp_bdi) 325 <= bd_list->num_bds_table) { 326 /* If there any chain bd in between */ 327 if (!(bdi_to_tbi(ep, bd_list->hwd_bdi) 328 == bdi_to_tbi(ep, bd_list->eqp_bdi))) { 329 available_bd = available1 - 1; 330 } 331 } else { 332 chain_bd1 = available1 / bd_list->num_bds_table; 333 available_bd = available1 - chain_bd1; 334 } 335 } 336 /* 337 * we need to keep one extra bd to check if ring is full or empty so 338 * reduce by 1 339 */ 340 available_bd--; 341 dev_vdbg(bdc->dev, "available_bd:%d\n", available_bd); 342 343 return available_bd; 344} 345 346/* Notify the hardware after queueing the bd to bdl */ 347void bdc_notify_xfr(struct bdc *bdc, u32 epnum) 348{ 349 struct bdc_ep *ep = bdc->bdc_ep_array[epnum]; 350 351 dev_vdbg(bdc->dev, "%s epnum:%d\n", __func__, epnum); 352 /* 353 * We don't have anyway to check if ep state is running, 354 * except the software flags. 355 */ 356 if (unlikely(ep->flags & BDC_EP_STOP)) 357 ep->flags &= ~BDC_EP_STOP; 358 359 bdc_writel(bdc->regs, BDC_XSFNTF, epnum); 360} 361 362/* returns the bd corresponding to bdi */ 363static struct bdc_bd *bdi_to_bd(struct bdc_ep *ep, int bdi) 364{ 365 int tbi = bdi_to_tbi(ep, bdi); 366 int local_bdi = 0; 367 368 local_bdi = bdi - (tbi * ep->bd_list.num_bds_table); 369 dev_vdbg(ep->bdc->dev, 370 "%s bdi:%d local_bdi:%d\n", 371 __func__, bdi, local_bdi); 372 373 return (ep->bd_list.bd_table_array[tbi]->start_bd + local_bdi); 374} 375 376/* Advance the enqueue pointer */ 377static void ep_bdlist_eqp_adv(struct bdc_ep *ep) 378{ 379 ep->bd_list.eqp_bdi++; 380 /* if it's chain bd, then move to next */ 381 if (((ep->bd_list.eqp_bdi + 1) % ep->bd_list.num_bds_table) == 0) 382 ep->bd_list.eqp_bdi++; 383 384 /* if the eqp is pointing to last + 1 then move back to 0 */ 385 if (ep->bd_list.eqp_bdi == (ep->bd_list.max_bdi + 1)) 386 ep->bd_list.eqp_bdi = 0; 387} 388 389/* Setup the first bd for ep0 transfer */ 390static int setup_first_bd_ep0(struct bdc *bdc, struct bdc_req *req, u32 *dword3) 391{ 392 u16 wValue; 393 u32 req_len; 394 395 req->ep->dir = 0; 396 req_len = req->usb_req.length; 397 switch (bdc->ep0_state) { 398 case WAIT_FOR_DATA_START: 399 *dword3 |= BD_TYPE_DS; 400 if (bdc->setup_pkt.bRequestType & USB_DIR_IN) 401 *dword3 |= BD_DIR_IN; 402 403 /* check if zlp will be needed */ 404 wValue = le16_to_cpu(bdc->setup_pkt.wValue); 405 if ((wValue > req_len) && 406 (req_len % bdc->gadget.ep0->maxpacket == 0)) { 407 dev_dbg(bdc->dev, "ZLP needed wVal:%d len:%d MaxP:%d\n", 408 wValue, req_len, 409 bdc->gadget.ep0->maxpacket); 410 bdc->zlp_needed = true; 411 } 412 break; 413 414 case WAIT_FOR_STATUS_START: 415 *dword3 |= BD_TYPE_SS; 416 if (!le16_to_cpu(bdc->setup_pkt.wLength) || 417 !(bdc->setup_pkt.bRequestType & USB_DIR_IN)) 418 *dword3 |= BD_DIR_IN; 419 break; 420 default: 421 dev_err(bdc->dev, 422 "Unknown ep0 state for queueing bd ep0_state:%s\n", 423 ep0_state_string[bdc->ep0_state]); 424 return -EINVAL; 425 } 426 427 return 0; 428} 429 430/* Setup the bd dma descriptor for a given request */ 431static int setup_bd_list_xfr(struct bdc *bdc, struct bdc_req *req, int num_bds) 432{ 433 dma_addr_t buf_add = req->usb_req.dma; 434 u32 maxp, tfs, dword2, dword3; 435 struct bd_transfer *bd_xfr; 436 struct bd_list *bd_list; 437 struct bdc_ep *ep; 438 struct bdc_bd *bd; 439 int ret, bdnum; 440 u32 req_len; 441 442 ep = req->ep; 443 bd_list = &ep->bd_list; 444 bd_xfr = &req->bd_xfr; 445 bd_xfr->req = req; 446 bd_xfr->start_bdi = bd_list->eqp_bdi; 447 bd = bdi_to_bd(ep, bd_list->eqp_bdi); 448 req_len = req->usb_req.length; 449 maxp = usb_endpoint_maxp(ep->desc) & 0x7ff; 450 tfs = roundup(req->usb_req.length, maxp); 451 tfs = tfs/maxp; 452 dev_vdbg(bdc->dev, "%s ep:%s num_bds:%d tfs:%d r_len:%d bd:%p\n", 453 __func__, ep->name, num_bds, tfs, req_len, bd); 454 455 for (bdnum = 0; bdnum < num_bds; bdnum++) { 456 dword2 = dword3 = 0; 457 /* First bd */ 458 if (!bdnum) { 459 dword3 |= BD_SOT|BD_SBF|(tfs<<BD_TFS_SHIFT); 460 dword2 |= BD_LTF; 461 /* format of first bd for ep0 is different than other */ 462 if (ep->ep_num == 1) { 463 ret = setup_first_bd_ep0(bdc, req, &dword3); 464 if (ret) 465 return ret; 466 } 467 } 468 if (!req->ep->dir) 469 dword3 |= BD_ISP; 470 471 if (req_len > BD_MAX_BUFF_SIZE) { 472 dword2 |= BD_MAX_BUFF_SIZE; 473 req_len -= BD_MAX_BUFF_SIZE; 474 } else { 475 /* this should be the last bd */ 476 dword2 |= req_len; 477 dword3 |= BD_IOC; 478 dword3 |= BD_EOT; 479 } 480 /* Currently only 1 INT target is supported */ 481 dword2 |= BD_INTR_TARGET(0); 482 bd = bdi_to_bd(ep, ep->bd_list.eqp_bdi); 483 if (unlikely(!bd)) { 484 dev_err(bdc->dev, "Err bd pointing to wrong addr\n"); 485 return -EINVAL; 486 } 487 /* write bd */ 488 bd->offset[0] = cpu_to_le32(lower_32_bits(buf_add)); 489 bd->offset[1] = cpu_to_le32(upper_32_bits(buf_add)); 490 bd->offset[2] = cpu_to_le32(dword2); 491 bd->offset[3] = cpu_to_le32(dword3); 492 /* advance eqp pointer */ 493 ep_bdlist_eqp_adv(ep); 494 /* advance the buff pointer */ 495 buf_add += BD_MAX_BUFF_SIZE; 496 dev_vdbg(bdc->dev, "buf_add:%08llx req_len:%d bd:%p eqp:%d\n", 497 (unsigned long long)buf_add, req_len, bd, 498 ep->bd_list.eqp_bdi); 499 bd = bdi_to_bd(ep, ep->bd_list.eqp_bdi); 500 bd->offset[3] = cpu_to_le32(BD_SBF); 501 } 502 /* clear the STOP BD fetch bit from the first bd of this xfr */ 503 bd = bdi_to_bd(ep, bd_xfr->start_bdi); 504 bd->offset[3] &= cpu_to_le32(~BD_SBF); 505 /* the new eqp will be next hw dqp */ 506 bd_xfr->num_bds = num_bds; 507 bd_xfr->next_hwd_bdi = ep->bd_list.eqp_bdi; 508 /* everything is written correctly before notifying the HW */ 509 wmb(); 510 511 return 0; 512} 513 514/* Queue the xfr */ 515static int bdc_queue_xfr(struct bdc *bdc, struct bdc_req *req) 516{ 517 int num_bds, bd_available; 518 struct bdc_ep *ep; 519 int ret; 520 521 ep = req->ep; 522 dev_dbg(bdc->dev, "%s req:%p\n", __func__, req); 523 dev_dbg(bdc->dev, "eqp_bdi:%d hwd_bdi:%d\n", 524 ep->bd_list.eqp_bdi, ep->bd_list.hwd_bdi); 525 526 num_bds = bd_needed_req(req); 527 bd_available = bd_available_ep(ep); 528 529 /* how many bd's are avaialble on ep */ 530 if (num_bds > bd_available) 531 return -ENOMEM; 532 533 ret = setup_bd_list_xfr(bdc, req, num_bds); 534 if (ret) 535 return ret; 536 list_add_tail(&req->queue, &ep->queue); 537 bdc_dbg_bd_list(bdc, ep); 538 bdc_notify_xfr(bdc, ep->ep_num); 539 540 return 0; 541} 542 543/* callback to gadget layer when xfr completes */ 544static void bdc_req_complete(struct bdc_ep *ep, struct bdc_req *req, 545 int status) 546{ 547 struct bdc *bdc = ep->bdc; 548 549 if (req == NULL || &req->queue == NULL || &req->usb_req == NULL) 550 return; 551 552 dev_dbg(bdc->dev, "%s ep:%s status:%d\n", __func__, ep->name, status); 553 list_del(&req->queue); 554 req->usb_req.status = status; 555 usb_gadget_unmap_request(&bdc->gadget, &req->usb_req, ep->dir); 556 if (req->usb_req.complete) { 557 spin_unlock(&bdc->lock); 558 usb_gadget_giveback_request(&ep->usb_ep, &req->usb_req); 559 spin_lock(&bdc->lock); 560 } 561} 562 563/* Disable the endpoint */ 564int bdc_ep_disable(struct bdc_ep *ep) 565{ 566 struct bdc_req *req; 567 struct bdc *bdc; 568 int ret; 569 570 ret = 0; 571 bdc = ep->bdc; 572 dev_dbg(bdc->dev, "%s() ep->ep_num=%d\n", __func__, ep->ep_num); 573 /* Stop the endpoint */ 574 ret = bdc_stop_ep(bdc, ep->ep_num); 575 576 /* 577 * Intentionally don't check the ret value of stop, it can fail in 578 * disconnect scenarios, continue with dconfig 579 */ 580 /* de-queue any pending requests */ 581 while (!list_empty(&ep->queue)) { 582 req = list_entry(ep->queue.next, struct bdc_req, 583 queue); 584 bdc_req_complete(ep, req, -ESHUTDOWN); 585 } 586 /* deconfigure the endpoint */ 587 ret = bdc_dconfig_ep(bdc, ep); 588 if (ret) 589 dev_warn(bdc->dev, 590 "dconfig fail but continue with memory free"); 591 592 ep->flags = 0; 593 /* ep0 memory is not freed, but reused on next connect sr */ 594 if (ep->ep_num == 1) 595 return 0; 596 597 /* Free the bdl memory */ 598 ep_bd_list_free(ep, ep->bd_list.num_tabs); 599 ep->desc = NULL; 600 ep->comp_desc = NULL; 601 ep->usb_ep.desc = NULL; 602 ep->ep_type = 0; 603 604 return ret; 605} 606 607/* Enable the ep */ 608int bdc_ep_enable(struct bdc_ep *ep) 609{ 610 struct bdc *bdc; 611 int ret = 0; 612 613 bdc = ep->bdc; 614 dev_dbg(bdc->dev, "%s NUM_TABLES:%d %d\n", 615 __func__, NUM_TABLES, NUM_TABLES_ISOCH); 616 617 ret = ep_bd_list_alloc(ep); 618 if (ret) { 619 dev_err(bdc->dev, "ep bd list allocation failed:%d\n", ret); 620 return -ENOMEM; 621 } 622 bdc_dbg_bd_list(bdc, ep); 623 /* only for ep0: config ep is called for ep0 from connect event */ 624 ep->flags |= BDC_EP_ENABLED; 625 if (ep->ep_num == 1) 626 return ret; 627 628 /* Issue a configure endpoint command */ 629 ret = bdc_config_ep(bdc, ep); 630 if (ret) 631 return ret; 632 633 ep->usb_ep.maxpacket = usb_endpoint_maxp(ep->desc); 634 ep->usb_ep.desc = ep->desc; 635 ep->usb_ep.comp_desc = ep->comp_desc; 636 ep->ep_type = usb_endpoint_type(ep->desc); 637 ep->flags |= BDC_EP_ENABLED; 638 639 return 0; 640} 641 642/* EP0 related code */ 643 644/* Queue a status stage BD */ 645static int ep0_queue_status_stage(struct bdc *bdc) 646{ 647 struct bdc_req *status_req; 648 struct bdc_ep *ep; 649 650 status_req = &bdc->status_req; 651 ep = bdc->bdc_ep_array[1]; 652 status_req->ep = ep; 653 status_req->usb_req.length = 0; 654 status_req->usb_req.status = -EINPROGRESS; 655 status_req->usb_req.actual = 0; 656 status_req->usb_req.complete = NULL; 657 bdc_queue_xfr(bdc, status_req); 658 659 return 0; 660} 661 662/* Queue xfr on ep0 */ 663static int ep0_queue(struct bdc_ep *ep, struct bdc_req *req) 664{ 665 struct bdc *bdc; 666 int ret; 667 668 bdc = ep->bdc; 669 dev_dbg(bdc->dev, "%s()\n", __func__); 670 req->usb_req.actual = 0; 671 req->usb_req.status = -EINPROGRESS; 672 req->epnum = ep->ep_num; 673 674 if (bdc->delayed_status) { 675 bdc->delayed_status = false; 676 /* if status stage was delayed? */ 677 if (bdc->ep0_state == WAIT_FOR_STATUS_START) { 678 /* Queue a status stage BD */ 679 ep0_queue_status_stage(bdc); 680 bdc->ep0_state = WAIT_FOR_STATUS_XMIT; 681 return 0; 682 } 683 } else { 684 /* 685 * if delayed status is false and 0 length transfer is requested 686 * i.e. for status stage of some setup request, then just 687 * return from here the status stage is queued independently 688 */ 689 if (req->usb_req.length == 0) 690 return 0; 691 692 } 693 ret = usb_gadget_map_request(&bdc->gadget, &req->usb_req, ep->dir); 694 if (ret) { 695 dev_err(bdc->dev, "dma mapping failed %s\n", ep->name); 696 return ret; 697 } 698 699 return bdc_queue_xfr(bdc, req); 700} 701 702/* Queue data stage */ 703static int ep0_queue_data_stage(struct bdc *bdc) 704{ 705 struct usb_request *ep0_usb_req; 706 struct bdc_ep *ep; 707 708 dev_dbg(bdc->dev, "%s\n", __func__); 709 ep0_usb_req = &bdc->ep0_req.usb_req; 710 ep = bdc->bdc_ep_array[1]; 711 bdc->ep0_req.ep = ep; 712 bdc->ep0_req.usb_req.complete = NULL; 713 714 return ep0_queue(ep, &bdc->ep0_req); 715} 716 717/* Queue req on ep */ 718static int ep_queue(struct bdc_ep *ep, struct bdc_req *req) 719{ 720 struct bdc *bdc; 721 int ret = 0; 722 723 if (!req || !ep->usb_ep.desc) 724 return -EINVAL; 725 726 bdc = ep->bdc; 727 728 req->usb_req.actual = 0; 729 req->usb_req.status = -EINPROGRESS; 730 req->epnum = ep->ep_num; 731 732 ret = usb_gadget_map_request(&bdc->gadget, &req->usb_req, ep->dir); 733 if (ret) { 734 dev_err(bdc->dev, "dma mapping failed\n"); 735 return ret; 736 } 737 738 return bdc_queue_xfr(bdc, req); 739} 740 741/* Dequeue a request from ep */ 742static int ep_dequeue(struct bdc_ep *ep, struct bdc_req *req) 743{ 744 int start_bdi, end_bdi, tbi, eqp_bdi, curr_hw_dqpi; 745 bool start_pending, end_pending; 746 bool first_remove = false; 747 struct bdc_req *first_req; 748 struct bdc_bd *bd_start; 749 struct bd_table *table; 750 dma_addr_t next_bd_dma; 751 u64 deq_ptr_64 = 0; 752 struct bdc *bdc; 753 u32 tmp_32; 754 int ret; 755 756 bdc = ep->bdc; 757 start_pending = end_pending = false; 758 eqp_bdi = ep->bd_list.eqp_bdi - 1; 759 760 if (eqp_bdi < 0) 761 eqp_bdi = ep->bd_list.max_bdi; 762 763 start_bdi = req->bd_xfr.start_bdi; 764 end_bdi = find_end_bdi(ep, req->bd_xfr.next_hwd_bdi); 765 766 dev_dbg(bdc->dev, "%s ep:%s start:%d end:%d\n", 767 __func__, ep->name, start_bdi, end_bdi); 768 dev_dbg(bdc->dev, "ep_dequeue ep=%p ep->desc=%p\n", 769 ep, (void *)ep->usb_ep.desc); 770 /* Stop the ep to see where the HW is ? */ 771 ret = bdc_stop_ep(bdc, ep->ep_num); 772 /* if there is an issue with stopping ep, then no need to go further */ 773 if (ret) 774 return 0; 775 776 /* 777 * After endpoint is stopped, there can be 3 cases, the request 778 * is processed, pending or in the middle of processing 779 */ 780 781 /* The current hw dequeue pointer */ 782 tmp_32 = bdc_readl(bdc->regs, BDC_EPSTS0(0)); 783 deq_ptr_64 = tmp_32; 784 tmp_32 = bdc_readl(bdc->regs, BDC_EPSTS1(0)); 785 deq_ptr_64 |= ((u64)tmp_32 << 32); 786 787 /* we have the dma addr of next bd that will be fetched by hardware */ 788 curr_hw_dqpi = bd_add_to_bdi(ep, deq_ptr_64); 789 if (curr_hw_dqpi < 0) 790 return curr_hw_dqpi; 791 792 /* 793 * curr_hw_dqpi points to actual dqp of HW and HW owns bd's from 794 * curr_hw_dqbdi..eqp_bdi. 795 */ 796 797 /* Check if start_bdi and end_bdi are in range of HW owned BD's */ 798 if (curr_hw_dqpi > eqp_bdi) { 799 /* there is a wrap from last to 0 */ 800 if (start_bdi >= curr_hw_dqpi || start_bdi <= eqp_bdi) { 801 start_pending = true; 802 end_pending = true; 803 } else if (end_bdi >= curr_hw_dqpi || end_bdi <= eqp_bdi) { 804 end_pending = true; 805 } 806 } else { 807 if (start_bdi >= curr_hw_dqpi) { 808 start_pending = true; 809 end_pending = true; 810 } else if (end_bdi >= curr_hw_dqpi) { 811 end_pending = true; 812 } 813 } 814 dev_dbg(bdc->dev, 815 "start_pending:%d end_pending:%d speed:%d\n", 816 start_pending, end_pending, bdc->gadget.speed); 817 818 /* If both start till end are processes, we cannot deq req */ 819 if (!start_pending && !end_pending) 820 return -EINVAL; 821 822 /* 823 * if ep_dequeue is called after disconnect then just return 824 * success from here 825 */ 826 if (bdc->gadget.speed == USB_SPEED_UNKNOWN) 827 return 0; 828 tbi = bdi_to_tbi(ep, req->bd_xfr.next_hwd_bdi); 829 table = ep->bd_list.bd_table_array[tbi]; 830 next_bd_dma = table->dma + 831 sizeof(struct bdc_bd)*(req->bd_xfr.next_hwd_bdi - 832 tbi * ep->bd_list.num_bds_table); 833 834 first_req = list_first_entry(&ep->queue, struct bdc_req, 835 queue); 836 837 if (req == first_req) 838 first_remove = true; 839 840 /* 841 * Due to HW limitation we need to bypadd chain bd's and issue ep_bla, 842 * incase if start is pending this is the first request in the list 843 * then issue ep_bla instead of marking as chain bd 844 */ 845 if (start_pending && !first_remove) { 846 /* 847 * Mark the start bd as Chain bd, and point the chain 848 * bd to next_bd_dma 849 */ 850 bd_start = bdi_to_bd(ep, start_bdi); 851 bd_start->offset[0] = cpu_to_le32(lower_32_bits(next_bd_dma)); 852 bd_start->offset[1] = cpu_to_le32(upper_32_bits(next_bd_dma)); 853 bd_start->offset[2] = 0x0; 854 bd_start->offset[3] = cpu_to_le32(MARK_CHAIN_BD); 855 bdc_dbg_bd_list(bdc, ep); 856 } else if (end_pending) { 857 /* 858 * The transfer is stopped in the middle, move the 859 * HW deq pointer to next_bd_dma 860 */ 861 ret = bdc_ep_bla(bdc, ep, next_bd_dma); 862 if (ret) { 863 dev_err(bdc->dev, "error in ep_bla:%d\n", ret); 864 return ret; 865 } 866 } 867 868 return 0; 869} 870 871/* Halt/Clear the ep based on value */ 872static int ep_set_halt(struct bdc_ep *ep, u32 value) 873{ 874 struct bdc *bdc; 875 int ret; 876 877 bdc = ep->bdc; 878 dev_dbg(bdc->dev, "%s ep:%s value=%d\n", __func__, ep->name, value); 879 880 if (value) { 881 dev_dbg(bdc->dev, "Halt\n"); 882 if (ep->ep_num == 1) 883 bdc->ep0_state = WAIT_FOR_SETUP; 884 885 ret = bdc_ep_set_stall(bdc, ep->ep_num); 886 if (ret) 887 dev_err(bdc->dev, "failed to set STALL on %s\n", 888 ep->name); 889 else 890 ep->flags |= BDC_EP_STALL; 891 } else { 892 /* Clear */ 893 dev_dbg(bdc->dev, "Before Clear\n"); 894 ret = bdc_ep_clear_stall(bdc, ep->ep_num); 895 if (ret) 896 dev_err(bdc->dev, "failed to clear STALL on %s\n", 897 ep->name); 898 else 899 ep->flags &= ~BDC_EP_STALL; 900 dev_dbg(bdc->dev, "After Clear\n"); 901 } 902 903 return ret; 904} 905 906/* Free all the ep */ 907void bdc_free_ep(struct bdc *bdc) 908{ 909 struct bdc_ep *ep; 910 u8 epnum; 911 912 dev_dbg(bdc->dev, "%s\n", __func__); 913 for (epnum = 1; epnum < bdc->num_eps; epnum++) { 914 ep = bdc->bdc_ep_array[epnum]; 915 if (!ep) 916 continue; 917 918 if (ep->flags & BDC_EP_ENABLED) 919 ep_bd_list_free(ep, ep->bd_list.num_tabs); 920 921 /* ep0 is not in this gadget list */ 922 if (epnum != 1) 923 list_del(&ep->usb_ep.ep_list); 924 925 kfree(ep); 926 } 927} 928 929/* USB2 spec, section 7.1.20 */ 930static int bdc_set_test_mode(struct bdc *bdc) 931{ 932 u32 usb2_pm; 933 934 usb2_pm = bdc_readl(bdc->regs, BDC_USPPM2); 935 usb2_pm &= ~BDC_PTC_MASK; 936 dev_dbg(bdc->dev, "%s\n", __func__); 937 switch (bdc->test_mode) { 938 case TEST_J: 939 case TEST_K: 940 case TEST_SE0_NAK: 941 case TEST_PACKET: 942 case TEST_FORCE_EN: 943 usb2_pm |= bdc->test_mode << 28; 944 break; 945 default: 946 return -EINVAL; 947 } 948 dev_dbg(bdc->dev, "usb2_pm=%08x", usb2_pm); 949 bdc_writel(bdc->regs, BDC_USPPM2, usb2_pm); 950 951 return 0; 952} 953 954/* 955 * Helper function to handle Transfer status report with status as either 956 * success or short 957 */ 958static void handle_xsr_succ_status(struct bdc *bdc, struct bdc_ep *ep, 959 struct bdc_sr *sreport) 960{ 961 int short_bdi, start_bdi, end_bdi, max_len_bds, chain_bds; 962 struct bd_list *bd_list = &ep->bd_list; 963 int actual_length, length_short; 964 struct bd_transfer *bd_xfr; 965 struct bdc_bd *short_bd; 966 struct bdc_req *req; 967 u64 deq_ptr_64 = 0; 968 int status = 0; 969 int sr_status; 970 u32 tmp_32; 971 972 dev_dbg(bdc->dev, "%s ep:%p\n", __func__, ep); 973 bdc_dbg_srr(bdc, 0); 974 /* do not process thie sr if ignore flag is set */ 975 if (ep->ignore_next_sr) { 976 ep->ignore_next_sr = false; 977 return; 978 } 979 980 if (unlikely(list_empty(&ep->queue))) { 981 dev_warn(bdc->dev, "xfr srr with no BD's queued\n"); 982 return; 983 } 984 req = list_entry(ep->queue.next, struct bdc_req, 985 queue); 986 987 bd_xfr = &req->bd_xfr; 988 sr_status = XSF_STS(le32_to_cpu(sreport->offset[3])); 989 990 /* 991 * sr_status is short and this transfer has more than 1 bd then it needs 992 * special handling, this is only applicable for bulk and ctrl 993 */ 994 if (sr_status == XSF_SHORT && bd_xfr->num_bds > 1) { 995 /* 996 * This is multi bd xfr, lets see which bd 997 * caused short transfer and how many bytes have been 998 * transferred so far. 999 */ 1000 tmp_32 = le32_to_cpu(sreport->offset[0]); 1001 deq_ptr_64 = tmp_32; 1002 tmp_32 = le32_to_cpu(sreport->offset[1]); 1003 deq_ptr_64 |= ((u64)tmp_32 << 32); 1004 short_bdi = bd_add_to_bdi(ep, deq_ptr_64); 1005 if (unlikely(short_bdi < 0)) 1006 dev_warn(bdc->dev, "bd doesn't exist?\n"); 1007 1008 start_bdi = bd_xfr->start_bdi; 1009 /* 1010 * We know the start_bdi and short_bdi, how many xfr 1011 * bds in between 1012 */ 1013 if (start_bdi <= short_bdi) { 1014 max_len_bds = short_bdi - start_bdi; 1015 if (max_len_bds <= bd_list->num_bds_table) { 1016 if (!(bdi_to_tbi(ep, start_bdi) == 1017 bdi_to_tbi(ep, short_bdi))) 1018 max_len_bds--; 1019 } else { 1020 chain_bds = max_len_bds/bd_list->num_bds_table; 1021 max_len_bds -= chain_bds; 1022 } 1023 } else { 1024 /* there is a wrap in the ring within a xfr */ 1025 chain_bds = (bd_list->max_bdi - start_bdi)/ 1026 bd_list->num_bds_table; 1027 chain_bds += short_bdi/bd_list->num_bds_table; 1028 max_len_bds = bd_list->max_bdi - start_bdi; 1029 max_len_bds += short_bdi; 1030 max_len_bds -= chain_bds; 1031 } 1032 /* max_len_bds is the number of full length bds */ 1033 end_bdi = find_end_bdi(ep, bd_xfr->next_hwd_bdi); 1034 if (!(end_bdi == short_bdi)) 1035 ep->ignore_next_sr = true; 1036 1037 actual_length = max_len_bds * BD_MAX_BUFF_SIZE; 1038 short_bd = bdi_to_bd(ep, short_bdi); 1039 /* length queued */ 1040 length_short = le32_to_cpu(short_bd->offset[2]) & 0x1FFFFF; 1041 /* actual length trensfered */ 1042 length_short -= SR_BD_LEN(le32_to_cpu(sreport->offset[2])); 1043 actual_length += length_short; 1044 req->usb_req.actual = actual_length; 1045 } else { 1046 req->usb_req.actual = req->usb_req.length - 1047 SR_BD_LEN(le32_to_cpu(sreport->offset[2])); 1048 dev_dbg(bdc->dev, 1049 "len=%d actual=%d bd_xfr->next_hwd_bdi:%d\n", 1050 req->usb_req.length, req->usb_req.actual, 1051 bd_xfr->next_hwd_bdi); 1052 } 1053 1054 /* Update the dequeue pointer */ 1055 ep->bd_list.hwd_bdi = bd_xfr->next_hwd_bdi; 1056 if (req->usb_req.actual < req->usb_req.length) { 1057 dev_dbg(bdc->dev, "short xfr on %d\n", ep->ep_num); 1058 if (req->usb_req.short_not_ok) 1059 status = -EREMOTEIO; 1060 } 1061 bdc_req_complete(ep, bd_xfr->req, status); 1062} 1063 1064/* EP0 setup related packet handlers */ 1065 1066/* 1067 * Setup packet received, just store the packet and process on next DS or SS 1068 * started SR 1069 */ 1070void bdc_xsf_ep0_setup_recv(struct bdc *bdc, struct bdc_sr *sreport) 1071{ 1072 struct usb_ctrlrequest *setup_pkt; 1073 u32 len; 1074 1075 dev_dbg(bdc->dev, 1076 "%s ep0_state:%s\n", 1077 __func__, ep0_state_string[bdc->ep0_state]); 1078 /* Store received setup packet */ 1079 setup_pkt = &bdc->setup_pkt; 1080 memcpy(setup_pkt, &sreport->offset[0], sizeof(*setup_pkt)); 1081 len = le16_to_cpu(setup_pkt->wLength); 1082 if (!len) 1083 bdc->ep0_state = WAIT_FOR_STATUS_START; 1084 else 1085 bdc->ep0_state = WAIT_FOR_DATA_START; 1086 1087 1088 dev_dbg(bdc->dev, 1089 "%s exit ep0_state:%s\n", 1090 __func__, ep0_state_string[bdc->ep0_state]); 1091} 1092 1093/* Stall ep0 */ 1094static void ep0_stall(struct bdc *bdc) 1095{ 1096 struct bdc_ep *ep = bdc->bdc_ep_array[1]; 1097 struct bdc_req *req; 1098 1099 dev_dbg(bdc->dev, "%s\n", __func__); 1100 bdc->delayed_status = false; 1101 ep_set_halt(ep, 1); 1102 1103 /* de-queue any pendig requests */ 1104 while (!list_empty(&ep->queue)) { 1105 req = list_entry(ep->queue.next, struct bdc_req, 1106 queue); 1107 bdc_req_complete(ep, req, -ESHUTDOWN); 1108 } 1109} 1110 1111/* SET_ADD handlers */ 1112static int ep0_set_address(struct bdc *bdc, struct usb_ctrlrequest *ctrl) 1113{ 1114 enum usb_device_state state = bdc->gadget.state; 1115 int ret = 0; 1116 u32 addr; 1117 1118 addr = le16_to_cpu(ctrl->wValue); 1119 dev_dbg(bdc->dev, 1120 "%s addr:%d dev state:%d\n", 1121 __func__, addr, state); 1122 1123 if (addr > 127) 1124 return -EINVAL; 1125 1126 switch (state) { 1127 case USB_STATE_DEFAULT: 1128 case USB_STATE_ADDRESS: 1129 /* Issue Address device command */ 1130 ret = bdc_address_device(bdc, addr); 1131 if (ret) 1132 return ret; 1133 1134 if (addr) 1135 usb_gadget_set_state(&bdc->gadget, USB_STATE_ADDRESS); 1136 else 1137 usb_gadget_set_state(&bdc->gadget, USB_STATE_DEFAULT); 1138 1139 bdc->dev_addr = addr; 1140 break; 1141 default: 1142 dev_warn(bdc->dev, 1143 "SET Address in wrong device state %d\n", 1144 state); 1145 ret = -EINVAL; 1146 } 1147 1148 return ret; 1149} 1150 1151/* Handler for SET/CLEAR FEATURE requests for device */ 1152static int ep0_handle_feature_dev(struct bdc *bdc, u16 wValue, 1153 u16 wIndex, bool set) 1154{ 1155 enum usb_device_state state = bdc->gadget.state; 1156 u32 usppms = 0; 1157 1158 dev_dbg(bdc->dev, "%s set:%d dev state:%d\n", 1159 __func__, set, state); 1160 switch (wValue) { 1161 case USB_DEVICE_REMOTE_WAKEUP: 1162 dev_dbg(bdc->dev, "USB_DEVICE_REMOTE_WAKEUP\n"); 1163 if (set) 1164 bdc->devstatus |= REMOTE_WAKE_ENABLE; 1165 else 1166 bdc->devstatus &= ~REMOTE_WAKE_ENABLE; 1167 break; 1168 1169 case USB_DEVICE_TEST_MODE: 1170 dev_dbg(bdc->dev, "USB_DEVICE_TEST_MODE\n"); 1171 if ((wIndex & 0xFF) || 1172 (bdc->gadget.speed != USB_SPEED_HIGH) || !set) 1173 return -EINVAL; 1174 1175 bdc->test_mode = wIndex >> 8; 1176 break; 1177 1178 case USB_DEVICE_U1_ENABLE: 1179 dev_dbg(bdc->dev, "USB_DEVICE_U1_ENABLE\n"); 1180 1181 if (bdc->gadget.speed != USB_SPEED_SUPER || 1182 state != USB_STATE_CONFIGURED) 1183 return -EINVAL; 1184 1185 usppms = bdc_readl(bdc->regs, BDC_USPPMS); 1186 if (set) { 1187 /* clear previous u1t */ 1188 usppms &= ~BDC_U1T(BDC_U1T_MASK); 1189 usppms |= BDC_U1T(U1_TIMEOUT); 1190 usppms |= BDC_U1E | BDC_PORT_W1S; 1191 bdc->devstatus |= (1 << USB_DEV_STAT_U1_ENABLED); 1192 } else { 1193 usppms &= ~BDC_U1E; 1194 usppms |= BDC_PORT_W1S; 1195 bdc->devstatus &= ~(1 << USB_DEV_STAT_U1_ENABLED); 1196 } 1197 bdc_writel(bdc->regs, BDC_USPPMS, usppms); 1198 break; 1199 1200 case USB_DEVICE_U2_ENABLE: 1201 dev_dbg(bdc->dev, "USB_DEVICE_U2_ENABLE\n"); 1202 1203 if (bdc->gadget.speed != USB_SPEED_SUPER || 1204 state != USB_STATE_CONFIGURED) 1205 return -EINVAL; 1206 1207 usppms = bdc_readl(bdc->regs, BDC_USPPMS); 1208 if (set) { 1209 usppms |= BDC_U2E; 1210 usppms |= BDC_U2A; 1211 bdc->devstatus |= (1 << USB_DEV_STAT_U2_ENABLED); 1212 } else { 1213 usppms &= ~BDC_U2E; 1214 usppms &= ~BDC_U2A; 1215 bdc->devstatus &= ~(1 << USB_DEV_STAT_U2_ENABLED); 1216 } 1217 bdc_writel(bdc->regs, BDC_USPPMS, usppms); 1218 break; 1219 1220 case USB_DEVICE_LTM_ENABLE: 1221 dev_dbg(bdc->dev, "USB_DEVICE_LTM_ENABLE?\n"); 1222 if (bdc->gadget.speed != USB_SPEED_SUPER || 1223 state != USB_STATE_CONFIGURED) 1224 return -EINVAL; 1225 break; 1226 default: 1227 dev_err(bdc->dev, "Unknown wValue:%d\n", wValue); 1228 return -EOPNOTSUPP; 1229 } /* USB_RECIP_DEVICE end */ 1230 1231 return 0; 1232} 1233 1234/* SET/CLEAR FEATURE handler */ 1235static int ep0_handle_feature(struct bdc *bdc, 1236 struct usb_ctrlrequest *setup_pkt, bool set) 1237{ 1238 enum usb_device_state state = bdc->gadget.state; 1239 struct bdc_ep *ep; 1240 u16 wValue; 1241 u16 wIndex; 1242 int epnum; 1243 1244 wValue = le16_to_cpu(setup_pkt->wValue); 1245 wIndex = le16_to_cpu(setup_pkt->wIndex); 1246 1247 dev_dbg(bdc->dev, 1248 "%s wValue=%d wIndex=%d devstate=%08x speed=%d set=%d", 1249 __func__, wValue, wIndex, state, 1250 bdc->gadget.speed, set); 1251 1252 switch (setup_pkt->bRequestType & USB_RECIP_MASK) { 1253 case USB_RECIP_DEVICE: 1254 return ep0_handle_feature_dev(bdc, wValue, wIndex, set); 1255 case USB_RECIP_INTERFACE: 1256 dev_dbg(bdc->dev, "USB_RECIP_INTERFACE\n"); 1257 /* USB3 spec, sec 9.4.9 */ 1258 if (wValue != USB_INTRF_FUNC_SUSPEND) 1259 return -EINVAL; 1260 /* USB3 spec, Table 9-8 */ 1261 if (set) { 1262 if (wIndex & USB_INTRF_FUNC_SUSPEND_RW) { 1263 dev_dbg(bdc->dev, "SET REMOTE_WAKEUP\n"); 1264 bdc->devstatus |= REMOTE_WAKE_ENABLE; 1265 } else { 1266 dev_dbg(bdc->dev, "CLEAR REMOTE_WAKEUP\n"); 1267 bdc->devstatus &= ~REMOTE_WAKE_ENABLE; 1268 } 1269 } 1270 break; 1271 1272 case USB_RECIP_ENDPOINT: 1273 dev_dbg(bdc->dev, "USB_RECIP_ENDPOINT\n"); 1274 if (wValue != USB_ENDPOINT_HALT) 1275 return -EINVAL; 1276 1277 epnum = wIndex & USB_ENDPOINT_NUMBER_MASK; 1278 if (epnum) { 1279 if ((wIndex & USB_ENDPOINT_DIR_MASK) == USB_DIR_IN) 1280 epnum = epnum * 2 + 1; 1281 else 1282 epnum *= 2; 1283 } else { 1284 epnum = 1; /*EP0*/ 1285 } 1286 /* 1287 * If CLEAR_FEATURE on ep0 then don't do anything as the stall 1288 * condition on ep0 has already been cleared when SETUP packet 1289 * was received. 1290 */ 1291 if (epnum == 1 && !set) { 1292 dev_dbg(bdc->dev, "ep0 stall already cleared\n"); 1293 return 0; 1294 } 1295 dev_dbg(bdc->dev, "epnum=%d\n", epnum); 1296 ep = bdc->bdc_ep_array[epnum]; 1297 if (!ep) 1298 return -EINVAL; 1299 1300 return ep_set_halt(ep, set); 1301 default: 1302 dev_err(bdc->dev, "Unknown recipient\n"); 1303 return -EINVAL; 1304 } 1305 1306 return 0; 1307} 1308 1309/* GET_STATUS request handler */ 1310static int ep0_handle_status(struct bdc *bdc, 1311 struct usb_ctrlrequest *setup_pkt) 1312{ 1313 enum usb_device_state state = bdc->gadget.state; 1314 struct bdc_ep *ep; 1315 u16 usb_status = 0; 1316 u32 epnum; 1317 u16 wIndex; 1318 1319 /* USB2.0 spec sec 9.4.5 */ 1320 if (state == USB_STATE_DEFAULT) 1321 return -EINVAL; 1322 wIndex = le16_to_cpu(setup_pkt->wIndex); 1323 dev_dbg(bdc->dev, "%s\n", __func__); 1324 usb_status = bdc->devstatus; 1325 switch (setup_pkt->bRequestType & USB_RECIP_MASK) { 1326 case USB_RECIP_DEVICE: 1327 dev_dbg(bdc->dev, 1328 "USB_RECIP_DEVICE devstatus:%08x\n", 1329 bdc->devstatus); 1330 /* USB3 spec, sec 9.4.5 */ 1331 if (bdc->gadget.speed == USB_SPEED_SUPER) 1332 usb_status &= ~REMOTE_WAKE_ENABLE; 1333 break; 1334 1335 case USB_RECIP_INTERFACE: 1336 dev_dbg(bdc->dev, "USB_RECIP_INTERFACE\n"); 1337 if (bdc->gadget.speed == USB_SPEED_SUPER) { 1338 /* 1339 * This should come from func for Func remote wkup 1340 * usb_status |=1; 1341 */ 1342 if (bdc->devstatus & REMOTE_WAKE_ENABLE) 1343 usb_status |= REMOTE_WAKE_ENABLE; 1344 } else { 1345 usb_status = 0; 1346 } 1347 1348 break; 1349 1350 case USB_RECIP_ENDPOINT: 1351 dev_dbg(bdc->dev, "USB_RECIP_ENDPOINT\n"); 1352 epnum = wIndex & USB_ENDPOINT_NUMBER_MASK; 1353 if (epnum) { 1354 if ((wIndex & USB_ENDPOINT_DIR_MASK) == USB_DIR_IN) 1355 epnum = epnum*2 + 1; 1356 else 1357 epnum *= 2; 1358 } else { 1359 epnum = 1; /* EP0 */ 1360 } 1361 1362 ep = bdc->bdc_ep_array[epnum]; 1363 if (!ep) { 1364 dev_err(bdc->dev, "ISSUE, GET_STATUS for invalid EP ?"); 1365 return -EINVAL; 1366 } 1367 if (ep->flags & BDC_EP_STALL) 1368 usb_status |= 1 << USB_ENDPOINT_HALT; 1369 1370 break; 1371 default: 1372 dev_err(bdc->dev, "Unknown recipient for get_status\n"); 1373 return -EINVAL; 1374 } 1375 /* prepare a data stage for GET_STATUS */ 1376 dev_dbg(bdc->dev, "usb_status=%08x\n", usb_status); 1377 *(__le16 *)bdc->ep0_response_buff = cpu_to_le16(usb_status); 1378 bdc->ep0_req.usb_req.length = 2; 1379 bdc->ep0_req.usb_req.buf = &bdc->ep0_response_buff; 1380 ep0_queue_data_stage(bdc); 1381 1382 return 0; 1383} 1384 1385static void ep0_set_sel_cmpl(struct usb_ep *_ep, struct usb_request *_req) 1386{ 1387 /* ep0_set_sel_cmpl */ 1388} 1389 1390/* Queue data stage to handle 6 byte SET_SEL request */ 1391static int ep0_set_sel(struct bdc *bdc, 1392 struct usb_ctrlrequest *setup_pkt) 1393{ 1394 struct bdc_ep *ep; 1395 u16 wLength; 1396 u16 wValue; 1397 1398 dev_dbg(bdc->dev, "%s\n", __func__); 1399 wValue = le16_to_cpu(setup_pkt->wValue); 1400 wLength = le16_to_cpu(setup_pkt->wLength); 1401 if (unlikely(wLength != 6)) { 1402 dev_err(bdc->dev, "%s Wrong wLength:%d\n", __func__, wLength); 1403 return -EINVAL; 1404 } 1405 ep = bdc->bdc_ep_array[1]; 1406 bdc->ep0_req.ep = ep; 1407 bdc->ep0_req.usb_req.length = 6; 1408 bdc->ep0_req.usb_req.buf = bdc->ep0_response_buff; 1409 bdc->ep0_req.usb_req.complete = ep0_set_sel_cmpl; 1410 ep0_queue_data_stage(bdc); 1411 1412 return 0; 1413} 1414 1415/* 1416 * Queue a 0 byte bd only if wLength is more than the length and and length is 1417 * a multiple of MaxPacket then queue 0 byte BD 1418 */ 1419static int ep0_queue_zlp(struct bdc *bdc) 1420{ 1421 int ret; 1422 1423 dev_dbg(bdc->dev, "%s\n", __func__); 1424 bdc->ep0_req.ep = bdc->bdc_ep_array[1]; 1425 bdc->ep0_req.usb_req.length = 0; 1426 bdc->ep0_req.usb_req.complete = NULL; 1427 bdc->ep0_state = WAIT_FOR_DATA_START; 1428 ret = bdc_queue_xfr(bdc, &bdc->ep0_req); 1429 if (ret) { 1430 dev_err(bdc->dev, "err queueing zlp :%d\n", ret); 1431 return ret; 1432 } 1433 bdc->ep0_state = WAIT_FOR_DATA_XMIT; 1434 1435 return 0; 1436} 1437 1438/* Control request handler */ 1439static int handle_control_request(struct bdc *bdc) 1440{ 1441 enum usb_device_state state = bdc->gadget.state; 1442 struct usb_ctrlrequest *setup_pkt; 1443 int delegate_setup = 0; 1444 int ret = 0; 1445 int config = 0; 1446 1447 setup_pkt = &bdc->setup_pkt; 1448 dev_dbg(bdc->dev, "%s\n", __func__); 1449 if ((setup_pkt->bRequestType & USB_TYPE_MASK) == USB_TYPE_STANDARD) { 1450 switch (setup_pkt->bRequest) { 1451 case USB_REQ_SET_ADDRESS: 1452 dev_dbg(bdc->dev, "USB_REQ_SET_ADDRESS\n"); 1453 ret = ep0_set_address(bdc, setup_pkt); 1454 bdc->devstatus &= DEVSTATUS_CLEAR; 1455 break; 1456 1457 case USB_REQ_SET_CONFIGURATION: 1458 dev_dbg(bdc->dev, "USB_REQ_SET_CONFIGURATION\n"); 1459 if (state == USB_STATE_ADDRESS) { 1460 usb_gadget_set_state(&bdc->gadget, 1461 USB_STATE_CONFIGURED); 1462 } else if (state == USB_STATE_CONFIGURED) { 1463 /* 1464 * USB2 spec sec 9.4.7, if wValue is 0 then dev 1465 * is moved to addressed state 1466 */ 1467 config = le16_to_cpu(setup_pkt->wValue); 1468 if (!config) 1469 usb_gadget_set_state( 1470 &bdc->gadget, 1471 USB_STATE_ADDRESS); 1472 } 1473 delegate_setup = 1; 1474 break; 1475 1476 case USB_REQ_SET_FEATURE: 1477 dev_dbg(bdc->dev, "USB_REQ_SET_FEATURE\n"); 1478 ret = ep0_handle_feature(bdc, setup_pkt, 1); 1479 break; 1480 1481 case USB_REQ_CLEAR_FEATURE: 1482 dev_dbg(bdc->dev, "USB_REQ_CLEAR_FEATURE\n"); 1483 ret = ep0_handle_feature(bdc, setup_pkt, 0); 1484 break; 1485 1486 case USB_REQ_GET_STATUS: 1487 dev_dbg(bdc->dev, "USB_REQ_GET_STATUS\n"); 1488 ret = ep0_handle_status(bdc, setup_pkt); 1489 break; 1490 1491 case USB_REQ_SET_SEL: 1492 dev_dbg(bdc->dev, "USB_REQ_SET_SEL\n"); 1493 ret = ep0_set_sel(bdc, setup_pkt); 1494 break; 1495 1496 case USB_REQ_SET_ISOCH_DELAY: 1497 dev_warn(bdc->dev, 1498 "USB_REQ_SET_ISOCH_DELAY not handled\n"); 1499 ret = 0; 1500 break; 1501 default: 1502 delegate_setup = 1; 1503 } 1504 } else { 1505 delegate_setup = 1; 1506 } 1507 1508 if (delegate_setup) { 1509 spin_unlock(&bdc->lock); 1510 ret = bdc->gadget_driver->setup(&bdc->gadget, setup_pkt); 1511 spin_lock(&bdc->lock); 1512 } 1513 1514 return ret; 1515} 1516 1517/* EP0: Data stage started */ 1518void bdc_xsf_ep0_data_start(struct bdc *bdc, struct bdc_sr *sreport) 1519{ 1520 struct bdc_ep *ep; 1521 int ret = 0; 1522 1523 dev_dbg(bdc->dev, "%s\n", __func__); 1524 ep = bdc->bdc_ep_array[1]; 1525 /* If ep0 was stalled, the clear it first */ 1526 if (ep->flags & BDC_EP_STALL) { 1527 ret = ep_set_halt(ep, 0); 1528 if (ret) 1529 goto err; 1530 } 1531 if (bdc->ep0_state != WAIT_FOR_DATA_START) 1532 dev_warn(bdc->dev, 1533 "Data stage not expected ep0_state:%s\n", 1534 ep0_state_string[bdc->ep0_state]); 1535 1536 ret = handle_control_request(bdc); 1537 if (ret == USB_GADGET_DELAYED_STATUS) { 1538 /* 1539 * The ep0 state will remain WAIT_FOR_DATA_START till 1540 * we received ep_queue on ep0 1541 */ 1542 bdc->delayed_status = true; 1543 return; 1544 } 1545 if (!ret) { 1546 bdc->ep0_state = WAIT_FOR_DATA_XMIT; 1547 dev_dbg(bdc->dev, 1548 "ep0_state:%s", ep0_state_string[bdc->ep0_state]); 1549 return; 1550 } 1551err: 1552 ep0_stall(bdc); 1553} 1554 1555/* EP0: status stage started */ 1556void bdc_xsf_ep0_status_start(struct bdc *bdc, struct bdc_sr *sreport) 1557{ 1558 struct usb_ctrlrequest *setup_pkt; 1559 struct bdc_ep *ep; 1560 int ret = 0; 1561 1562 dev_dbg(bdc->dev, 1563 "%s ep0_state:%s", 1564 __func__, ep0_state_string[bdc->ep0_state]); 1565 ep = bdc->bdc_ep_array[1]; 1566 1567 /* check if ZLP was queued? */ 1568 if (bdc->zlp_needed) 1569 bdc->zlp_needed = false; 1570 1571 if (ep->flags & BDC_EP_STALL) { 1572 ret = ep_set_halt(ep, 0); 1573 if (ret) 1574 goto err; 1575 } 1576 1577 if ((bdc->ep0_state != WAIT_FOR_STATUS_START) && 1578 (bdc->ep0_state != WAIT_FOR_DATA_XMIT)) 1579 dev_err(bdc->dev, 1580 "Status stage recv but ep0_state:%s\n", 1581 ep0_state_string[bdc->ep0_state]); 1582 1583 /* check if data stage is in progress ? */ 1584 if (bdc->ep0_state == WAIT_FOR_DATA_XMIT) { 1585 bdc->ep0_state = STATUS_PENDING; 1586 /* Status stage will be queued upon Data stage transmit event */ 1587 dev_dbg(bdc->dev, 1588 "status started but data not transmitted yet\n"); 1589 return; 1590 } 1591 setup_pkt = &bdc->setup_pkt; 1592 1593 /* 1594 * 2 stage setup then only process the setup, for 3 stage setup the date 1595 * stage is already handled 1596 */ 1597 if (!le16_to_cpu(setup_pkt->wLength)) { 1598 ret = handle_control_request(bdc); 1599 if (ret == USB_GADGET_DELAYED_STATUS) { 1600 bdc->delayed_status = true; 1601 /* ep0_state will remain WAIT_FOR_STATUS_START */ 1602 return; 1603 } 1604 } 1605 if (!ret) { 1606 /* Queue a status stage BD */ 1607 ep0_queue_status_stage(bdc); 1608 bdc->ep0_state = WAIT_FOR_STATUS_XMIT; 1609 dev_dbg(bdc->dev, 1610 "ep0_state:%s", ep0_state_string[bdc->ep0_state]); 1611 return; 1612 } 1613err: 1614 ep0_stall(bdc); 1615} 1616 1617/* Helper function to update ep0 upon SR with xsf_succ or xsf_short */ 1618static void ep0_xsf_complete(struct bdc *bdc, struct bdc_sr *sreport) 1619{ 1620 dev_dbg(bdc->dev, "%s\n", __func__); 1621 switch (bdc->ep0_state) { 1622 case WAIT_FOR_DATA_XMIT: 1623 bdc->ep0_state = WAIT_FOR_STATUS_START; 1624 break; 1625 case WAIT_FOR_STATUS_XMIT: 1626 bdc->ep0_state = WAIT_FOR_SETUP; 1627 if (bdc->test_mode) { 1628 int ret; 1629 1630 dev_dbg(bdc->dev, "test_mode:%d\n", bdc->test_mode); 1631 ret = bdc_set_test_mode(bdc); 1632 if (ret < 0) { 1633 dev_err(bdc->dev, "Err in setting Test mode\n"); 1634 return; 1635 } 1636 bdc->test_mode = 0; 1637 } 1638 break; 1639 case STATUS_PENDING: 1640 bdc_xsf_ep0_status_start(bdc, sreport); 1641 break; 1642 1643 default: 1644 dev_err(bdc->dev, 1645 "Unknown ep0_state:%s\n", 1646 ep0_state_string[bdc->ep0_state]); 1647 1648 } 1649} 1650 1651/* xfr completion status report handler */ 1652void bdc_sr_xsf(struct bdc *bdc, struct bdc_sr *sreport) 1653{ 1654 struct bdc_ep *ep; 1655 u32 sr_status; 1656 u8 ep_num; 1657 1658 ep_num = (le32_to_cpu(sreport->offset[3])>>4) & 0x1f; 1659 ep = bdc->bdc_ep_array[ep_num]; 1660 if (!ep || !(ep->flags & BDC_EP_ENABLED)) { 1661 dev_err(bdc->dev, "xsf for ep not enabled\n"); 1662 return; 1663 } 1664 /* 1665 * check if this transfer is after link went from U3->U0 due 1666 * to remote wakeup 1667 */ 1668 if (bdc->devstatus & FUNC_WAKE_ISSUED) { 1669 bdc->devstatus &= ~(FUNC_WAKE_ISSUED); 1670 dev_dbg(bdc->dev, "%s clearing FUNC_WAKE_ISSUED flag\n", 1671 __func__); 1672 } 1673 sr_status = XSF_STS(le32_to_cpu(sreport->offset[3])); 1674 dev_dbg_ratelimited(bdc->dev, "%s sr_status=%d ep:%s\n", 1675 __func__, sr_status, ep->name); 1676 1677 switch (sr_status) { 1678 case XSF_SUCC: 1679 case XSF_SHORT: 1680 handle_xsr_succ_status(bdc, ep, sreport); 1681 if (ep_num == 1) 1682 ep0_xsf_complete(bdc, sreport); 1683 break; 1684 1685 case XSF_SETUP_RECV: 1686 case XSF_DATA_START: 1687 case XSF_STATUS_START: 1688 if (ep_num != 1) { 1689 dev_err(bdc->dev, 1690 "ep0 related packets on non ep0 endpoint"); 1691 return; 1692 } 1693 bdc->sr_xsf_ep0[sr_status - XSF_SETUP_RECV](bdc, sreport); 1694 break; 1695 1696 case XSF_BABB: 1697 if (ep_num == 1) { 1698 dev_dbg(bdc->dev, "Babble on ep0 zlp_need:%d\n", 1699 bdc->zlp_needed); 1700 /* 1701 * If the last completed transfer had wLength >Data Len, 1702 * and Len is multiple of MaxPacket,then queue ZLP 1703 */ 1704 if (bdc->zlp_needed) { 1705 /* queue 0 length bd */ 1706 ep0_queue_zlp(bdc); 1707 return; 1708 } 1709 } 1710 dev_warn(bdc->dev, "Babble on ep not handled\n"); 1711 break; 1712 default: 1713 dev_warn(bdc->dev, "sr status not handled:%x\n", sr_status); 1714 break; 1715 } 1716} 1717 1718static int bdc_gadget_ep_queue(struct usb_ep *_ep, 1719 struct usb_request *_req, gfp_t gfp_flags) 1720{ 1721 struct bdc_req *req; 1722 unsigned long flags; 1723 struct bdc_ep *ep; 1724 struct bdc *bdc; 1725 int ret; 1726 1727 if (!_ep || !_ep->desc) 1728 return -ESHUTDOWN; 1729 1730 if (!_req || !_req->complete || !_req->buf) 1731 return -EINVAL; 1732 1733 ep = to_bdc_ep(_ep); 1734 req = to_bdc_req(_req); 1735 bdc = ep->bdc; 1736 dev_dbg(bdc->dev, "%s ep:%p req:%p\n", __func__, ep, req); 1737 dev_dbg(bdc->dev, "queuing request %p to %s length %d zero:%d\n", 1738 _req, ep->name, _req->length, _req->zero); 1739 1740 if (!ep->usb_ep.desc) { 1741 dev_warn(bdc->dev, 1742 "trying to queue req %p to disabled %s\n", 1743 _req, ep->name); 1744 return -ESHUTDOWN; 1745 } 1746 1747 if (_req->length > MAX_XFR_LEN) { 1748 dev_warn(bdc->dev, 1749 "req length > supported MAX:%d requested:%d\n", 1750 MAX_XFR_LEN, _req->length); 1751 return -EOPNOTSUPP; 1752 } 1753 spin_lock_irqsave(&bdc->lock, flags); 1754 if (ep == bdc->bdc_ep_array[1]) 1755 ret = ep0_queue(ep, req); 1756 else 1757 ret = ep_queue(ep, req); 1758 1759 spin_unlock_irqrestore(&bdc->lock, flags); 1760 1761 return ret; 1762} 1763 1764static int bdc_gadget_ep_dequeue(struct usb_ep *_ep, 1765 struct usb_request *_req) 1766{ 1767 struct bdc_req *req; 1768 unsigned long flags; 1769 struct bdc_ep *ep; 1770 struct bdc *bdc; 1771 int ret; 1772 1773 if (!_ep || !_req) 1774 return -EINVAL; 1775 1776 ep = to_bdc_ep(_ep); 1777 req = to_bdc_req(_req); 1778 bdc = ep->bdc; 1779 dev_dbg(bdc->dev, "%s ep:%s req:%p\n", __func__, ep->name, req); 1780 bdc_dbg_bd_list(bdc, ep); 1781 spin_lock_irqsave(&bdc->lock, flags); 1782 /* make sure it's still queued on this endpoint */ 1783 list_for_each_entry(req, &ep->queue, queue) { 1784 if (&req->usb_req == _req) 1785 break; 1786 } 1787 if (&req->usb_req != _req) { 1788 spin_unlock_irqrestore(&bdc->lock, flags); 1789 dev_err(bdc->dev, "usb_req !=req n"); 1790 return -EINVAL; 1791 } 1792 ret = ep_dequeue(ep, req); 1793 if (ret) { 1794 ret = -EOPNOTSUPP; 1795 goto err; 1796 } 1797 bdc_req_complete(ep, req, -ECONNRESET); 1798 1799err: 1800 bdc_dbg_bd_list(bdc, ep); 1801 spin_unlock_irqrestore(&bdc->lock, flags); 1802 1803 return ret; 1804} 1805 1806static int bdc_gadget_ep_set_halt(struct usb_ep *_ep, int value) 1807{ 1808 unsigned long flags; 1809 struct bdc_ep *ep; 1810 struct bdc *bdc; 1811 int ret; 1812 1813 ep = to_bdc_ep(_ep); 1814 bdc = ep->bdc; 1815 dev_dbg(bdc->dev, "%s ep:%s value=%d\n", __func__, ep->name, value); 1816 spin_lock_irqsave(&bdc->lock, flags); 1817 if (usb_endpoint_xfer_isoc(ep->usb_ep.desc)) 1818 ret = -EINVAL; 1819 else if (!list_empty(&ep->queue)) 1820 ret = -EAGAIN; 1821 else 1822 ret = ep_set_halt(ep, value); 1823 1824 spin_unlock_irqrestore(&bdc->lock, flags); 1825 1826 return ret; 1827} 1828 1829static struct usb_request *bdc_gadget_alloc_request(struct usb_ep *_ep, 1830 gfp_t gfp_flags) 1831{ 1832 struct bdc_req *req; 1833 struct bdc_ep *ep; 1834 1835 req = kzalloc(sizeof(*req), gfp_flags); 1836 if (!req) 1837 return NULL; 1838 1839 ep = to_bdc_ep(_ep); 1840 req->ep = ep; 1841 req->epnum = ep->ep_num; 1842 req->usb_req.dma = DMA_ADDR_INVALID; 1843 dev_dbg(ep->bdc->dev, "%s ep:%s req:%p\n", __func__, ep->name, req); 1844 1845 return &req->usb_req; 1846} 1847 1848static void bdc_gadget_free_request(struct usb_ep *_ep, 1849 struct usb_request *_req) 1850{ 1851 struct bdc_req *req; 1852 1853 req = to_bdc_req(_req); 1854 kfree(req); 1855} 1856 1857/* endpoint operations */ 1858 1859/* configure endpoint and also allocate resources */ 1860static int bdc_gadget_ep_enable(struct usb_ep *_ep, 1861 const struct usb_endpoint_descriptor *desc) 1862{ 1863 unsigned long flags; 1864 struct bdc_ep *ep; 1865 struct bdc *bdc; 1866 int ret; 1867 1868 if (!_ep || !desc || desc->bDescriptorType != USB_DT_ENDPOINT) { 1869 pr_debug("bdc_gadget_ep_enable invalid parameters\n"); 1870 return -EINVAL; 1871 } 1872 1873 if (!desc->wMaxPacketSize) { 1874 pr_debug("bdc_gadget_ep_enable missing wMaxPacketSize\n"); 1875 return -EINVAL; 1876 } 1877 1878 ep = to_bdc_ep(_ep); 1879 bdc = ep->bdc; 1880 1881 /* Sanity check, upper layer will not send enable for ep0 */ 1882 if (ep == bdc->bdc_ep_array[1]) 1883 return -EINVAL; 1884 1885 if (!bdc->gadget_driver 1886 || bdc->gadget.speed == USB_SPEED_UNKNOWN) { 1887 return -ESHUTDOWN; 1888 } 1889 1890 dev_dbg(bdc->dev, "%s Enabling %s\n", __func__, ep->name); 1891 spin_lock_irqsave(&bdc->lock, flags); 1892 ep->desc = desc; 1893 ep->comp_desc = _ep->comp_desc; 1894 ret = bdc_ep_enable(ep); 1895 spin_unlock_irqrestore(&bdc->lock, flags); 1896 1897 return ret; 1898} 1899 1900static int bdc_gadget_ep_disable(struct usb_ep *_ep) 1901{ 1902 unsigned long flags; 1903 struct bdc_ep *ep; 1904 struct bdc *bdc; 1905 int ret; 1906 1907 if (!_ep) { 1908 pr_debug("bdc: invalid parameters\n"); 1909 return -EINVAL; 1910 } 1911 ep = to_bdc_ep(_ep); 1912 bdc = ep->bdc; 1913 1914 /* Upper layer will not call this for ep0, but do a sanity check */ 1915 if (ep == bdc->bdc_ep_array[1]) { 1916 dev_warn(bdc->dev, "%s called for ep0\n", __func__); 1917 return -EINVAL; 1918 } 1919 dev_dbg(bdc->dev, 1920 "%s() ep:%s ep->flags:%08x\n", 1921 __func__, ep->name, ep->flags); 1922 1923 if (!(ep->flags & BDC_EP_ENABLED)) { 1924 dev_warn(bdc->dev, "%s is already disabled\n", ep->name); 1925 return 0; 1926 } 1927 spin_lock_irqsave(&bdc->lock, flags); 1928 ret = bdc_ep_disable(ep); 1929 spin_unlock_irqrestore(&bdc->lock, flags); 1930 1931 return ret; 1932} 1933 1934static const struct usb_ep_ops bdc_gadget_ep_ops = { 1935 .enable = bdc_gadget_ep_enable, 1936 .disable = bdc_gadget_ep_disable, 1937 .alloc_request = bdc_gadget_alloc_request, 1938 .free_request = bdc_gadget_free_request, 1939 .queue = bdc_gadget_ep_queue, 1940 .dequeue = bdc_gadget_ep_dequeue, 1941 .set_halt = bdc_gadget_ep_set_halt 1942}; 1943 1944/* dir = 1 is IN */ 1945static int init_ep(struct bdc *bdc, u32 epnum, u32 dir) 1946{ 1947 struct bdc_ep *ep; 1948 1949 dev_dbg(bdc->dev, "%s epnum=%d dir=%d\n", __func__, epnum, dir); 1950 ep = kzalloc(sizeof(*ep), GFP_KERNEL); 1951 if (!ep) 1952 return -ENOMEM; 1953 1954 ep->bdc = bdc; 1955 ep->dir = dir; 1956 1957 if (dir) 1958 ep->usb_ep.caps.dir_in = true; 1959 else 1960 ep->usb_ep.caps.dir_out = true; 1961 1962 /* ep->ep_num is the index inside bdc_ep */ 1963 if (epnum == 1) { 1964 ep->ep_num = 1; 1965 bdc->bdc_ep_array[ep->ep_num] = ep; 1966 snprintf(ep->name, sizeof(ep->name), "ep%d", epnum - 1); 1967 usb_ep_set_maxpacket_limit(&ep->usb_ep, EP0_MAX_PKT_SIZE); 1968 ep->usb_ep.caps.type_control = true; 1969 ep->comp_desc = NULL; 1970 bdc->gadget.ep0 = &ep->usb_ep; 1971 } else { 1972 if (dir) 1973 ep->ep_num = epnum * 2 - 1; 1974 else 1975 ep->ep_num = epnum * 2 - 2; 1976 1977 bdc->bdc_ep_array[ep->ep_num] = ep; 1978 snprintf(ep->name, sizeof(ep->name), "ep%d%s", epnum - 1, 1979 dir & 1 ? "in" : "out"); 1980 1981 usb_ep_set_maxpacket_limit(&ep->usb_ep, 1024); 1982 ep->usb_ep.caps.type_iso = true; 1983 ep->usb_ep.caps.type_bulk = true; 1984 ep->usb_ep.caps.type_int = true; 1985 ep->usb_ep.max_streams = 0; 1986 list_add_tail(&ep->usb_ep.ep_list, &bdc->gadget.ep_list); 1987 } 1988 ep->usb_ep.ops = &bdc_gadget_ep_ops; 1989 ep->usb_ep.name = ep->name; 1990 ep->flags = 0; 1991 ep->ignore_next_sr = false; 1992 dev_dbg(bdc->dev, "ep=%p ep->usb_ep.name=%s epnum=%d ep->epnum=%d\n", 1993 ep, ep->usb_ep.name, epnum, ep->ep_num); 1994 1995 INIT_LIST_HEAD(&ep->queue); 1996 1997 return 0; 1998} 1999 2000/* Init all ep */ 2001int bdc_init_ep(struct bdc *bdc) 2002{ 2003 u8 epnum; 2004 int ret; 2005 2006 dev_dbg(bdc->dev, "%s()\n", __func__); 2007 INIT_LIST_HEAD(&bdc->gadget.ep_list); 2008 /* init ep0 */ 2009 ret = init_ep(bdc, 1, 0); 2010 if (ret) { 2011 dev_err(bdc->dev, "init ep ep0 fail %d\n", ret); 2012 return ret; 2013 } 2014 2015 for (epnum = 2; epnum <= bdc->num_eps / 2; epnum++) { 2016 /* OUT */ 2017 ret = init_ep(bdc, epnum, 0); 2018 if (ret) { 2019 dev_err(bdc->dev, 2020 "init ep failed for:%d error: %d\n", 2021 epnum, ret); 2022 return ret; 2023 } 2024 2025 /* IN */ 2026 ret = init_ep(bdc, epnum, 1); 2027 if (ret) { 2028 dev_err(bdc->dev, 2029 "init ep failed for:%d error: %d\n", 2030 epnum, ret); 2031 return ret; 2032 } 2033 } 2034 2035 return 0; 2036} 2037