musb_gadget_ep0.c revision 47e9760529a9823be59d879f726acdc7e2fcbe11
1/* 2 * MUSB OTG peripheral driver ep0 handling 3 * 4 * Copyright 2005 Mentor Graphics Corporation 5 * Copyright (C) 2005-2006 by Texas Instruments 6 * Copyright (C) 2006-2007 Nokia Corporation 7 * Copyright (C) 2008-2009 MontaVista Software, Inc. <source@mvista.com> 8 * 9 * This program is free software; you can redistribute it and/or 10 * modify it under the terms of the GNU General Public License 11 * version 2 as published by the Free Software Foundation. 12 * 13 * This program is distributed in the hope that it will be useful, but 14 * WITHOUT ANY WARRANTY; without even the implied warranty of 15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 16 * General Public License for more details. 17 * 18 * You should have received a copy of the GNU General Public License 19 * along with this program; if not, write to the Free Software 20 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 21 * 02110-1301 USA 22 * 23 * THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESS OR IMPLIED 24 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 25 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN 26 * NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY DIRECT, INDIRECT, 27 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 28 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF 29 * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON 30 * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 31 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 32 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 33 * 34 */ 35 36#include <linux/kernel.h> 37#include <linux/list.h> 38#include <linux/timer.h> 39#include <linux/spinlock.h> 40#include <linux/init.h> 41#include <linux/device.h> 42#include <linux/interrupt.h> 43 44#include "musb_core.h" 45 46/* ep0 is always musb->endpoints[0].ep_in */ 47#define next_ep0_request(musb) next_in_request(&(musb)->endpoints[0]) 48 49/* 50 * locking note: we use only the controller lock, for simpler correctness. 51 * It's always held with IRQs blocked. 52 * 53 * It protects the ep0 request queue as well as ep0_state, not just the 54 * controller and indexed registers. And that lock stays held unless it 55 * needs to be dropped to allow reentering this driver ... like upcalls to 56 * the gadget driver, or adjusting endpoint halt status. 57 */ 58 59static char *decode_ep0stage(u8 stage) 60{ 61 switch (stage) { 62 case MUSB_EP0_STAGE_IDLE: return "idle"; 63 case MUSB_EP0_STAGE_SETUP: return "setup"; 64 case MUSB_EP0_STAGE_TX: return "in"; 65 case MUSB_EP0_STAGE_RX: return "out"; 66 case MUSB_EP0_STAGE_ACKWAIT: return "wait"; 67 case MUSB_EP0_STAGE_STATUSIN: return "in/status"; 68 case MUSB_EP0_STAGE_STATUSOUT: return "out/status"; 69 default: return "?"; 70 } 71} 72 73/* handle a standard GET_STATUS request 74 * Context: caller holds controller lock 75 */ 76static int service_tx_status_request( 77 struct musb *musb, 78 const struct usb_ctrlrequest *ctrlrequest) 79{ 80 void __iomem *mbase = musb->mregs; 81 int handled = 1; 82 u8 result[2], epnum = 0; 83 const u8 recip = ctrlrequest->bRequestType & USB_RECIP_MASK; 84 85 result[1] = 0; 86 87 switch (recip) { 88 case USB_RECIP_DEVICE: 89 result[0] = musb->is_self_powered << USB_DEVICE_SELF_POWERED; 90 result[0] |= musb->may_wakeup << USB_DEVICE_REMOTE_WAKEUP; 91#ifdef CONFIG_USB_MUSB_OTG 92 if (musb->g.is_otg) { 93 result[0] |= musb->g.b_hnp_enable 94 << USB_DEVICE_B_HNP_ENABLE; 95 result[0] |= musb->g.a_alt_hnp_support 96 << USB_DEVICE_A_ALT_HNP_SUPPORT; 97 result[0] |= musb->g.a_hnp_support 98 << USB_DEVICE_A_HNP_SUPPORT; 99 } 100#endif 101 break; 102 103 case USB_RECIP_INTERFACE: 104 result[0] = 0; 105 break; 106 107 case USB_RECIP_ENDPOINT: { 108 int is_in; 109 struct musb_ep *ep; 110 u16 tmp; 111 void __iomem *regs; 112 113 epnum = (u8) ctrlrequest->wIndex; 114 if (!epnum) { 115 result[0] = 0; 116 break; 117 } 118 119 is_in = epnum & USB_DIR_IN; 120 if (is_in) { 121 epnum &= 0x0f; 122 ep = &musb->endpoints[epnum].ep_in; 123 } else { 124 ep = &musb->endpoints[epnum].ep_out; 125 } 126 regs = musb->endpoints[epnum].regs; 127 128 if (epnum >= MUSB_C_NUM_EPS || !ep->desc) { 129 handled = -EINVAL; 130 break; 131 } 132 133 musb_ep_select(mbase, epnum); 134 if (is_in) 135 tmp = musb_readw(regs, MUSB_TXCSR) 136 & MUSB_TXCSR_P_SENDSTALL; 137 else 138 tmp = musb_readw(regs, MUSB_RXCSR) 139 & MUSB_RXCSR_P_SENDSTALL; 140 musb_ep_select(mbase, 0); 141 142 result[0] = tmp ? 1 : 0; 143 } break; 144 145 default: 146 /* class, vendor, etc ... delegate */ 147 handled = 0; 148 break; 149 } 150 151 /* fill up the fifo; caller updates csr0 */ 152 if (handled > 0) { 153 u16 len = le16_to_cpu(ctrlrequest->wLength); 154 155 if (len > 2) 156 len = 2; 157 musb_write_fifo(&musb->endpoints[0], len, result); 158 } 159 160 return handled; 161} 162 163/* 164 * handle a control-IN request, the end0 buffer contains the current request 165 * that is supposed to be a standard control request. Assumes the fifo to 166 * be at least 2 bytes long. 167 * 168 * @return 0 if the request was NOT HANDLED, 169 * < 0 when error 170 * > 0 when the request is processed 171 * 172 * Context: caller holds controller lock 173 */ 174static int 175service_in_request(struct musb *musb, const struct usb_ctrlrequest *ctrlrequest) 176{ 177 int handled = 0; /* not handled */ 178 179 if ((ctrlrequest->bRequestType & USB_TYPE_MASK) 180 == USB_TYPE_STANDARD) { 181 switch (ctrlrequest->bRequest) { 182 case USB_REQ_GET_STATUS: 183 handled = service_tx_status_request(musb, 184 ctrlrequest); 185 break; 186 187 /* case USB_REQ_SYNC_FRAME: */ 188 189 default: 190 break; 191 } 192 } 193 return handled; 194} 195 196/* 197 * Context: caller holds controller lock 198 */ 199static void musb_g_ep0_giveback(struct musb *musb, struct usb_request *req) 200{ 201 musb_g_giveback(&musb->endpoints[0].ep_in, req, 0); 202} 203 204/* 205 * Tries to start B-device HNP negotiation if enabled via sysfs 206 */ 207static inline void musb_try_b_hnp_enable(struct musb *musb) 208{ 209 void __iomem *mbase = musb->mregs; 210 u8 devctl; 211 212 DBG(1, "HNP: Setting HR\n"); 213 devctl = musb_readb(mbase, MUSB_DEVCTL); 214 musb_writeb(mbase, MUSB_DEVCTL, devctl | MUSB_DEVCTL_HR); 215} 216 217/* 218 * Handle all control requests with no DATA stage, including standard 219 * requests such as: 220 * USB_REQ_SET_CONFIGURATION, USB_REQ_SET_INTERFACE, unrecognized 221 * always delegated to the gadget driver 222 * USB_REQ_SET_ADDRESS, USB_REQ_CLEAR_FEATURE, USB_REQ_SET_FEATURE 223 * always handled here, except for class/vendor/... features 224 * 225 * Context: caller holds controller lock 226 */ 227static int 228service_zero_data_request(struct musb *musb, 229 struct usb_ctrlrequest *ctrlrequest) 230__releases(musb->lock) 231__acquires(musb->lock) 232{ 233 int handled = -EINVAL; 234 void __iomem *mbase = musb->mregs; 235 const u8 recip = ctrlrequest->bRequestType & USB_RECIP_MASK; 236 237 /* the gadget driver handles everything except what we MUST handle */ 238 if ((ctrlrequest->bRequestType & USB_TYPE_MASK) 239 == USB_TYPE_STANDARD) { 240 switch (ctrlrequest->bRequest) { 241 case USB_REQ_SET_ADDRESS: 242 /* change it after the status stage */ 243 musb->set_address = true; 244 musb->address = (u8) (ctrlrequest->wValue & 0x7f); 245 handled = 1; 246 break; 247 248 case USB_REQ_CLEAR_FEATURE: 249 switch (recip) { 250 case USB_RECIP_DEVICE: 251 if (ctrlrequest->wValue 252 != USB_DEVICE_REMOTE_WAKEUP) 253 break; 254 musb->may_wakeup = 0; 255 handled = 1; 256 break; 257 case USB_RECIP_INTERFACE: 258 break; 259 case USB_RECIP_ENDPOINT:{ 260 const u8 num = ctrlrequest->wIndex & 0x0f; 261 struct musb_ep *musb_ep; 262 263 if (num == 0 264 || num >= MUSB_C_NUM_EPS 265 || ctrlrequest->wValue 266 != USB_ENDPOINT_HALT) 267 break; 268 269 if (ctrlrequest->wIndex & USB_DIR_IN) 270 musb_ep = &musb->endpoints[num].ep_in; 271 else 272 musb_ep = &musb->endpoints[num].ep_out; 273 if (!musb_ep->desc) 274 break; 275 276 handled = 1; 277 /* Ignore request if endpoint is wedged */ 278 if (musb_ep->wedged) 279 break; 280 281 /* REVISIT do it directly, no locking games */ 282 spin_unlock(&musb->lock); 283 musb_gadget_set_halt(&musb_ep->end_point, 0); 284 spin_lock(&musb->lock); 285 286 /* select ep0 again */ 287 musb_ep_select(mbase, 0); 288 } break; 289 default: 290 /* class, vendor, etc ... delegate */ 291 handled = 0; 292 break; 293 } 294 break; 295 296 case USB_REQ_SET_FEATURE: 297 switch (recip) { 298 case USB_RECIP_DEVICE: 299 handled = 1; 300 switch (ctrlrequest->wValue) { 301 case USB_DEVICE_REMOTE_WAKEUP: 302 musb->may_wakeup = 1; 303 break; 304 case USB_DEVICE_TEST_MODE: 305 if (musb->g.speed != USB_SPEED_HIGH) 306 goto stall; 307 if (ctrlrequest->wIndex & 0xff) 308 goto stall; 309 310 switch (ctrlrequest->wIndex >> 8) { 311 case 1: 312 pr_debug("TEST_J\n"); 313 /* TEST_J */ 314 musb->test_mode_nr = 315 MUSB_TEST_J; 316 break; 317 case 2: 318 /* TEST_K */ 319 pr_debug("TEST_K\n"); 320 musb->test_mode_nr = 321 MUSB_TEST_K; 322 break; 323 case 3: 324 /* TEST_SE0_NAK */ 325 pr_debug("TEST_SE0_NAK\n"); 326 musb->test_mode_nr = 327 MUSB_TEST_SE0_NAK; 328 break; 329 case 4: 330 /* TEST_PACKET */ 331 pr_debug("TEST_PACKET\n"); 332 musb->test_mode_nr = 333 MUSB_TEST_PACKET; 334 break; 335 default: 336 goto stall; 337 } 338 339 /* enter test mode after irq */ 340 if (handled > 0) 341 musb->test_mode = true; 342 break; 343#ifdef CONFIG_USB_MUSB_OTG 344 case USB_DEVICE_B_HNP_ENABLE: 345 if (!musb->g.is_otg) 346 goto stall; 347 musb->g.b_hnp_enable = 1; 348 musb_try_b_hnp_enable(musb); 349 break; 350 case USB_DEVICE_A_HNP_SUPPORT: 351 if (!musb->g.is_otg) 352 goto stall; 353 musb->g.a_hnp_support = 1; 354 break; 355 case USB_DEVICE_A_ALT_HNP_SUPPORT: 356 if (!musb->g.is_otg) 357 goto stall; 358 musb->g.a_alt_hnp_support = 1; 359 break; 360#endif 361stall: 362 default: 363 handled = -EINVAL; 364 break; 365 } 366 break; 367 368 case USB_RECIP_INTERFACE: 369 break; 370 371 case USB_RECIP_ENDPOINT:{ 372 const u8 epnum = 373 ctrlrequest->wIndex & 0x0f; 374 struct musb_ep *musb_ep; 375 struct musb_hw_ep *ep; 376 void __iomem *regs; 377 int is_in; 378 u16 csr; 379 380 if (epnum == 0 381 || epnum >= MUSB_C_NUM_EPS 382 || ctrlrequest->wValue 383 != USB_ENDPOINT_HALT) 384 break; 385 386 ep = musb->endpoints + epnum; 387 regs = ep->regs; 388 is_in = ctrlrequest->wIndex & USB_DIR_IN; 389 if (is_in) 390 musb_ep = &ep->ep_in; 391 else 392 musb_ep = &ep->ep_out; 393 if (!musb_ep->desc) 394 break; 395 396 musb_ep_select(mbase, epnum); 397 if (is_in) { 398 csr = musb_readw(regs, 399 MUSB_TXCSR); 400 if (csr & MUSB_TXCSR_FIFONOTEMPTY) 401 csr |= MUSB_TXCSR_FLUSHFIFO; 402 csr |= MUSB_TXCSR_P_SENDSTALL 403 | MUSB_TXCSR_CLRDATATOG 404 | MUSB_TXCSR_P_WZC_BITS; 405 musb_writew(regs, MUSB_TXCSR, 406 csr); 407 } else { 408 csr = musb_readw(regs, 409 MUSB_RXCSR); 410 csr |= MUSB_RXCSR_P_SENDSTALL 411 | MUSB_RXCSR_FLUSHFIFO 412 | MUSB_RXCSR_CLRDATATOG 413 | MUSB_RXCSR_P_WZC_BITS; 414 musb_writew(regs, MUSB_RXCSR, 415 csr); 416 } 417 418 /* select ep0 again */ 419 musb_ep_select(mbase, 0); 420 handled = 1; 421 } break; 422 423 default: 424 /* class, vendor, etc ... delegate */ 425 handled = 0; 426 break; 427 } 428 break; 429 default: 430 /* delegate SET_CONFIGURATION, etc */ 431 handled = 0; 432 } 433 } else 434 handled = 0; 435 return handled; 436} 437 438/* we have an ep0out data packet 439 * Context: caller holds controller lock 440 */ 441static void ep0_rxstate(struct musb *musb) 442{ 443 void __iomem *regs = musb->control_ep->regs; 444 struct usb_request *req; 445 u16 count, csr; 446 447 req = next_ep0_request(musb); 448 449 /* read packet and ack; or stall because of gadget driver bug: 450 * should have provided the rx buffer before setup() returned. 451 */ 452 if (req) { 453 void *buf = req->buf + req->actual; 454 unsigned len = req->length - req->actual; 455 456 /* read the buffer */ 457 count = musb_readb(regs, MUSB_COUNT0); 458 if (count > len) { 459 req->status = -EOVERFLOW; 460 count = len; 461 } 462 musb_read_fifo(&musb->endpoints[0], count, buf); 463 req->actual += count; 464 csr = MUSB_CSR0_P_SVDRXPKTRDY; 465 if (count < 64 || req->actual == req->length) { 466 musb->ep0_state = MUSB_EP0_STAGE_STATUSIN; 467 csr |= MUSB_CSR0_P_DATAEND; 468 } else 469 req = NULL; 470 } else 471 csr = MUSB_CSR0_P_SVDRXPKTRDY | MUSB_CSR0_P_SENDSTALL; 472 473 474 /* Completion handler may choose to stall, e.g. because the 475 * message just received holds invalid data. 476 */ 477 if (req) { 478 musb->ackpend = csr; 479 musb_g_ep0_giveback(musb, req); 480 if (!musb->ackpend) 481 return; 482 musb->ackpend = 0; 483 } 484 musb_ep_select(musb->mregs, 0); 485 musb_writew(regs, MUSB_CSR0, csr); 486} 487 488/* 489 * transmitting to the host (IN), this code might be called from IRQ 490 * and from kernel thread. 491 * 492 * Context: caller holds controller lock 493 */ 494static void ep0_txstate(struct musb *musb) 495{ 496 void __iomem *regs = musb->control_ep->regs; 497 struct usb_request *request = next_ep0_request(musb); 498 u16 csr = MUSB_CSR0_TXPKTRDY; 499 u8 *fifo_src; 500 u8 fifo_count; 501 502 if (!request) { 503 /* WARN_ON(1); */ 504 DBG(2, "odd; csr0 %04x\n", musb_readw(regs, MUSB_CSR0)); 505 return; 506 } 507 508 /* load the data */ 509 fifo_src = (u8 *) request->buf + request->actual; 510 fifo_count = min((unsigned) MUSB_EP0_FIFOSIZE, 511 request->length - request->actual); 512 musb_write_fifo(&musb->endpoints[0], fifo_count, fifo_src); 513 request->actual += fifo_count; 514 515 /* update the flags */ 516 if (fifo_count < MUSB_MAX_END0_PACKET 517 || (request->actual == request->length 518 && !request->zero)) { 519 musb->ep0_state = MUSB_EP0_STAGE_STATUSOUT; 520 csr |= MUSB_CSR0_P_DATAEND; 521 } else 522 request = NULL; 523 524 /* report completions as soon as the fifo's loaded; there's no 525 * win in waiting till this last packet gets acked. (other than 526 * very precise fault reporting, needed by USB TMC; possible with 527 * this hardware, but not usable from portable gadget drivers.) 528 */ 529 if (request) { 530 musb->ackpend = csr; 531 musb_g_ep0_giveback(musb, request); 532 if (!musb->ackpend) 533 return; 534 musb->ackpend = 0; 535 } 536 537 /* send it out, triggering a "txpktrdy cleared" irq */ 538 musb_ep_select(musb->mregs, 0); 539 musb_writew(regs, MUSB_CSR0, csr); 540} 541 542/* 543 * Read a SETUP packet (struct usb_ctrlrequest) from the hardware. 544 * Fields are left in USB byte-order. 545 * 546 * Context: caller holds controller lock. 547 */ 548static void 549musb_read_setup(struct musb *musb, struct usb_ctrlrequest *req) 550{ 551 struct usb_request *r; 552 void __iomem *regs = musb->control_ep->regs; 553 554 musb_read_fifo(&musb->endpoints[0], sizeof *req, (u8 *)req); 555 556 /* NOTE: earlier 2.6 versions changed setup packets to host 557 * order, but now USB packets always stay in USB byte order. 558 */ 559 DBG(3, "SETUP req%02x.%02x v%04x i%04x l%d\n", 560 req->bRequestType, 561 req->bRequest, 562 le16_to_cpu(req->wValue), 563 le16_to_cpu(req->wIndex), 564 le16_to_cpu(req->wLength)); 565 566 /* clean up any leftover transfers */ 567 r = next_ep0_request(musb); 568 if (r) 569 musb_g_ep0_giveback(musb, r); 570 571 /* For zero-data requests we want to delay the STATUS stage to 572 * avoid SETUPEND errors. If we read data (OUT), delay accepting 573 * packets until there's a buffer to store them in. 574 * 575 * If we write data, the controller acts happier if we enable 576 * the TX FIFO right away, and give the controller a moment 577 * to switch modes... 578 */ 579 musb->set_address = false; 580 musb->ackpend = MUSB_CSR0_P_SVDRXPKTRDY; 581 if (req->wLength == 0) { 582 if (req->bRequestType & USB_DIR_IN) 583 musb->ackpend |= MUSB_CSR0_TXPKTRDY; 584 musb->ep0_state = MUSB_EP0_STAGE_ACKWAIT; 585 } else if (req->bRequestType & USB_DIR_IN) { 586 musb->ep0_state = MUSB_EP0_STAGE_TX; 587 musb_writew(regs, MUSB_CSR0, MUSB_CSR0_P_SVDRXPKTRDY); 588 while ((musb_readw(regs, MUSB_CSR0) 589 & MUSB_CSR0_RXPKTRDY) != 0) 590 cpu_relax(); 591 musb->ackpend = 0; 592 } else 593 musb->ep0_state = MUSB_EP0_STAGE_RX; 594} 595 596static int 597forward_to_driver(struct musb *musb, const struct usb_ctrlrequest *ctrlrequest) 598__releases(musb->lock) 599__acquires(musb->lock) 600{ 601 int retval; 602 if (!musb->gadget_driver) 603 return -EOPNOTSUPP; 604 spin_unlock(&musb->lock); 605 retval = musb->gadget_driver->setup(&musb->g, ctrlrequest); 606 spin_lock(&musb->lock); 607 return retval; 608} 609 610/* 611 * Handle peripheral ep0 interrupt 612 * 613 * Context: irq handler; we won't re-enter the driver that way. 614 */ 615irqreturn_t musb_g_ep0_irq(struct musb *musb) 616{ 617 u16 csr; 618 u16 len; 619 void __iomem *mbase = musb->mregs; 620 void __iomem *regs = musb->endpoints[0].regs; 621 irqreturn_t retval = IRQ_NONE; 622 623 musb_ep_select(mbase, 0); /* select ep0 */ 624 csr = musb_readw(regs, MUSB_CSR0); 625 len = musb_readb(regs, MUSB_COUNT0); 626 627 DBG(4, "csr %04x, count %d, myaddr %d, ep0stage %s\n", 628 csr, len, 629 musb_readb(mbase, MUSB_FADDR), 630 decode_ep0stage(musb->ep0_state)); 631 632 /* I sent a stall.. need to acknowledge it now.. */ 633 if (csr & MUSB_CSR0_P_SENTSTALL) { 634 musb_writew(regs, MUSB_CSR0, 635 csr & ~MUSB_CSR0_P_SENTSTALL); 636 retval = IRQ_HANDLED; 637 musb->ep0_state = MUSB_EP0_STAGE_IDLE; 638 csr = musb_readw(regs, MUSB_CSR0); 639 } 640 641 /* request ended "early" */ 642 if (csr & MUSB_CSR0_P_SETUPEND) { 643 musb_writew(regs, MUSB_CSR0, MUSB_CSR0_P_SVDSETUPEND); 644 retval = IRQ_HANDLED; 645 /* Transition into the early status phase */ 646 switch (musb->ep0_state) { 647 case MUSB_EP0_STAGE_TX: 648 musb->ep0_state = MUSB_EP0_STAGE_STATUSOUT; 649 break; 650 case MUSB_EP0_STAGE_RX: 651 musb->ep0_state = MUSB_EP0_STAGE_STATUSIN; 652 break; 653 default: 654 ERR("SetupEnd came in a wrong ep0stage %s", 655 decode_ep0stage(musb->ep0_state)); 656 } 657 csr = musb_readw(regs, MUSB_CSR0); 658 /* NOTE: request may need completion */ 659 } 660 661 /* docs from Mentor only describe tx, rx, and idle/setup states. 662 * we need to handle nuances around status stages, and also the 663 * case where status and setup stages come back-to-back ... 664 */ 665 switch (musb->ep0_state) { 666 667 case MUSB_EP0_STAGE_TX: 668 /* irq on clearing txpktrdy */ 669 if ((csr & MUSB_CSR0_TXPKTRDY) == 0) { 670 ep0_txstate(musb); 671 retval = IRQ_HANDLED; 672 } 673 break; 674 675 case MUSB_EP0_STAGE_RX: 676 /* irq on set rxpktrdy */ 677 if (csr & MUSB_CSR0_RXPKTRDY) { 678 ep0_rxstate(musb); 679 retval = IRQ_HANDLED; 680 } 681 break; 682 683 case MUSB_EP0_STAGE_STATUSIN: 684 /* end of sequence #2 (OUT/RX state) or #3 (no data) */ 685 686 /* update address (if needed) only @ the end of the 687 * status phase per usb spec, which also guarantees 688 * we get 10 msec to receive this irq... until this 689 * is done we won't see the next packet. 690 */ 691 if (musb->set_address) { 692 musb->set_address = false; 693 musb_writeb(mbase, MUSB_FADDR, musb->address); 694 } 695 696 /* enter test mode if needed (exit by reset) */ 697 else if (musb->test_mode) { 698 DBG(1, "entering TESTMODE\n"); 699 700 if (MUSB_TEST_PACKET == musb->test_mode_nr) 701 musb_load_testpacket(musb); 702 703 musb_writeb(mbase, MUSB_TESTMODE, 704 musb->test_mode_nr); 705 } 706 /* FALLTHROUGH */ 707 708 case MUSB_EP0_STAGE_STATUSOUT: 709 /* end of sequence #1: write to host (TX state) */ 710 { 711 struct usb_request *req; 712 713 req = next_ep0_request(musb); 714 if (req) 715 musb_g_ep0_giveback(musb, req); 716 } 717 718 /* 719 * In case when several interrupts can get coalesced, 720 * check to see if we've already received a SETUP packet... 721 */ 722 if (csr & MUSB_CSR0_RXPKTRDY) 723 goto setup; 724 725 retval = IRQ_HANDLED; 726 musb->ep0_state = MUSB_EP0_STAGE_IDLE; 727 break; 728 729 case MUSB_EP0_STAGE_IDLE: 730 /* 731 * This state is typically (but not always) indiscernible 732 * from the status states since the corresponding interrupts 733 * tend to happen within too little period of time (with only 734 * a zero-length packet in between) and so get coalesced... 735 */ 736 retval = IRQ_HANDLED; 737 musb->ep0_state = MUSB_EP0_STAGE_SETUP; 738 /* FALLTHROUGH */ 739 740 case MUSB_EP0_STAGE_SETUP: 741setup: 742 if (csr & MUSB_CSR0_RXPKTRDY) { 743 struct usb_ctrlrequest setup; 744 int handled = 0; 745 746 if (len != 8) { 747 ERR("SETUP packet len %d != 8 ?\n", len); 748 break; 749 } 750 musb_read_setup(musb, &setup); 751 retval = IRQ_HANDLED; 752 753 /* sometimes the RESET won't be reported */ 754 if (unlikely(musb->g.speed == USB_SPEED_UNKNOWN)) { 755 u8 power; 756 757 printk(KERN_NOTICE "%s: peripheral reset " 758 "irq lost!\n", 759 musb_driver_name); 760 power = musb_readb(mbase, MUSB_POWER); 761 musb->g.speed = (power & MUSB_POWER_HSMODE) 762 ? USB_SPEED_HIGH : USB_SPEED_FULL; 763 764 } 765 766 switch (musb->ep0_state) { 767 768 /* sequence #3 (no data stage), includes requests 769 * we can't forward (notably SET_ADDRESS and the 770 * device/endpoint feature set/clear operations) 771 * plus SET_CONFIGURATION and others we must 772 */ 773 case MUSB_EP0_STAGE_ACKWAIT: 774 handled = service_zero_data_request( 775 musb, &setup); 776 777 /* status stage might be immediate */ 778 if (handled > 0) { 779 musb->ackpend |= MUSB_CSR0_P_DATAEND; 780 musb->ep0_state = 781 MUSB_EP0_STAGE_STATUSIN; 782 } 783 break; 784 785 /* sequence #1 (IN to host), includes GET_STATUS 786 * requests that we can't forward, GET_DESCRIPTOR 787 * and others that we must 788 */ 789 case MUSB_EP0_STAGE_TX: 790 handled = service_in_request(musb, &setup); 791 if (handled > 0) { 792 musb->ackpend = MUSB_CSR0_TXPKTRDY 793 | MUSB_CSR0_P_DATAEND; 794 musb->ep0_state = 795 MUSB_EP0_STAGE_STATUSOUT; 796 } 797 break; 798 799 /* sequence #2 (OUT from host), always forward */ 800 default: /* MUSB_EP0_STAGE_RX */ 801 break; 802 } 803 804 DBG(3, "handled %d, csr %04x, ep0stage %s\n", 805 handled, csr, 806 decode_ep0stage(musb->ep0_state)); 807 808 /* unless we need to delegate this to the gadget 809 * driver, we know how to wrap this up: csr0 has 810 * not yet been written. 811 */ 812 if (handled < 0) 813 goto stall; 814 else if (handled > 0) 815 goto finish; 816 817 handled = forward_to_driver(musb, &setup); 818 if (handled < 0) { 819 musb_ep_select(mbase, 0); 820stall: 821 DBG(3, "stall (%d)\n", handled); 822 musb->ackpend |= MUSB_CSR0_P_SENDSTALL; 823 musb->ep0_state = MUSB_EP0_STAGE_IDLE; 824finish: 825 musb_writew(regs, MUSB_CSR0, 826 musb->ackpend); 827 musb->ackpend = 0; 828 } 829 } 830 break; 831 832 case MUSB_EP0_STAGE_ACKWAIT: 833 /* This should not happen. But happens with tusb6010 with 834 * g_file_storage and high speed. Do nothing. 835 */ 836 retval = IRQ_HANDLED; 837 break; 838 839 default: 840 /* "can't happen" */ 841 WARN_ON(1); 842 musb_writew(regs, MUSB_CSR0, MUSB_CSR0_P_SENDSTALL); 843 musb->ep0_state = MUSB_EP0_STAGE_IDLE; 844 break; 845 } 846 847 return retval; 848} 849 850 851static int 852musb_g_ep0_enable(struct usb_ep *ep, const struct usb_endpoint_descriptor *desc) 853{ 854 /* always enabled */ 855 return -EINVAL; 856} 857 858static int musb_g_ep0_disable(struct usb_ep *e) 859{ 860 /* always enabled */ 861 return -EINVAL; 862} 863 864static int 865musb_g_ep0_queue(struct usb_ep *e, struct usb_request *r, gfp_t gfp_flags) 866{ 867 struct musb_ep *ep; 868 struct musb_request *req; 869 struct musb *musb; 870 int status; 871 unsigned long lockflags; 872 void __iomem *regs; 873 874 if (!e || !r) 875 return -EINVAL; 876 877 ep = to_musb_ep(e); 878 musb = ep->musb; 879 regs = musb->control_ep->regs; 880 881 req = to_musb_request(r); 882 req->musb = musb; 883 req->request.actual = 0; 884 req->request.status = -EINPROGRESS; 885 req->tx = ep->is_in; 886 887 spin_lock_irqsave(&musb->lock, lockflags); 888 889 if (!list_empty(&ep->req_list)) { 890 status = -EBUSY; 891 goto cleanup; 892 } 893 894 switch (musb->ep0_state) { 895 case MUSB_EP0_STAGE_RX: /* control-OUT data */ 896 case MUSB_EP0_STAGE_TX: /* control-IN data */ 897 case MUSB_EP0_STAGE_ACKWAIT: /* zero-length data */ 898 status = 0; 899 break; 900 default: 901 DBG(1, "ep0 request queued in state %d\n", 902 musb->ep0_state); 903 status = -EINVAL; 904 goto cleanup; 905 } 906 907 /* add request to the list */ 908 list_add_tail(&(req->request.list), &(ep->req_list)); 909 910 DBG(3, "queue to %s (%s), length=%d\n", 911 ep->name, ep->is_in ? "IN/TX" : "OUT/RX", 912 req->request.length); 913 914 musb_ep_select(musb->mregs, 0); 915 916 /* sequence #1, IN ... start writing the data */ 917 if (musb->ep0_state == MUSB_EP0_STAGE_TX) 918 ep0_txstate(musb); 919 920 /* sequence #3, no-data ... issue IN status */ 921 else if (musb->ep0_state == MUSB_EP0_STAGE_ACKWAIT) { 922 if (req->request.length) 923 status = -EINVAL; 924 else { 925 musb->ep0_state = MUSB_EP0_STAGE_STATUSIN; 926 musb_writew(regs, MUSB_CSR0, 927 musb->ackpend | MUSB_CSR0_P_DATAEND); 928 musb->ackpend = 0; 929 musb_g_ep0_giveback(ep->musb, r); 930 } 931 932 /* else for sequence #2 (OUT), caller provides a buffer 933 * before the next packet arrives. deferred responses 934 * (after SETUP is acked) are racey. 935 */ 936 } else if (musb->ackpend) { 937 musb_writew(regs, MUSB_CSR0, musb->ackpend); 938 musb->ackpend = 0; 939 } 940 941cleanup: 942 spin_unlock_irqrestore(&musb->lock, lockflags); 943 return status; 944} 945 946static int musb_g_ep0_dequeue(struct usb_ep *ep, struct usb_request *req) 947{ 948 /* we just won't support this */ 949 return -EINVAL; 950} 951 952static int musb_g_ep0_halt(struct usb_ep *e, int value) 953{ 954 struct musb_ep *ep; 955 struct musb *musb; 956 void __iomem *base, *regs; 957 unsigned long flags; 958 int status; 959 u16 csr; 960 961 if (!e || !value) 962 return -EINVAL; 963 964 ep = to_musb_ep(e); 965 musb = ep->musb; 966 base = musb->mregs; 967 regs = musb->control_ep->regs; 968 status = 0; 969 970 spin_lock_irqsave(&musb->lock, flags); 971 972 if (!list_empty(&ep->req_list)) { 973 status = -EBUSY; 974 goto cleanup; 975 } 976 977 musb_ep_select(base, 0); 978 csr = musb->ackpend; 979 980 switch (musb->ep0_state) { 981 982 /* Stalls are usually issued after parsing SETUP packet, either 983 * directly in irq context from setup() or else later. 984 */ 985 case MUSB_EP0_STAGE_TX: /* control-IN data */ 986 case MUSB_EP0_STAGE_ACKWAIT: /* STALL for zero-length data */ 987 case MUSB_EP0_STAGE_RX: /* control-OUT data */ 988 csr = musb_readw(regs, MUSB_CSR0); 989 /* FALLTHROUGH */ 990 991 /* It's also OK to issue stalls during callbacks when a non-empty 992 * DATA stage buffer has been read (or even written). 993 */ 994 case MUSB_EP0_STAGE_STATUSIN: /* control-OUT status */ 995 case MUSB_EP0_STAGE_STATUSOUT: /* control-IN status */ 996 997 csr |= MUSB_CSR0_P_SENDSTALL; 998 musb_writew(regs, MUSB_CSR0, csr); 999 musb->ep0_state = MUSB_EP0_STAGE_IDLE; 1000 musb->ackpend = 0; 1001 break; 1002 default: 1003 DBG(1, "ep0 can't halt in state %d\n", musb->ep0_state); 1004 status = -EINVAL; 1005 } 1006 1007cleanup: 1008 spin_unlock_irqrestore(&musb->lock, flags); 1009 return status; 1010} 1011 1012const struct usb_ep_ops musb_g_ep0_ops = { 1013 .enable = musb_g_ep0_enable, 1014 .disable = musb_g_ep0_disable, 1015 .alloc_request = musb_alloc_request, 1016 .free_request = musb_free_request, 1017 .queue = musb_g_ep0_queue, 1018 .dequeue = musb_g_ep0_dequeue, 1019 .set_halt = musb_g_ep0_halt, 1020}; 1021