2 * bdc_ep.c - BRCM BDC USB3.0 device controller endpoint related functions
4 * Copyright (C) 2014 Broadcom Corporation
6 * Author: Ashwini Pahuja
8 * Based on drivers under drivers/usb/
10 * This program is free software; you can redistribute it and/or modify it
11 * under the terms of the GNU General Public License as published by the
12 * Free Software Foundation; either version 2 of the License, or (at your
13 * option) any later version.
16 #include <linux/module.h>
17 #include <linux/pci.h>
18 #include <linux/dma-mapping.h>
19 #include <linux/kernel.h>
20 #include <linux/delay.h>
21 #include <linux/dmapool.h>
22 #include <linux/ioport.h>
23 #include <linux/sched.h>
24 #include <linux/slab.h>
25 #include <linux/errno.h>
26 #include <linux/init.h>
27 #include <linux/timer.h>
28 #include <linux/list.h>
29 #include <linux/interrupt.h>
30 #include <linux/moduleparam.h>
31 #include <linux/device.h>
32 #include <linux/usb/ch9.h>
33 #include <linux/usb/gadget.h>
34 #include <linux/usb/otg.h>
37 #include <linux/irq.h>
38 #include <asm/unaligned.h>
39 #include <linux/platform_device.h>
40 #include <linux/usb/composite.h>
47 static const char * const ep0_state_string[] = {
49 "WAIT_FOR_DATA_START",
51 "WAIT_FOR_STATUS_START",
52 "WAIT_FOR_STATUS_XMIT",
56 /* Free the bdl during ep disable */
57 static void ep_bd_list_free(struct bdc_ep *ep, u32 num_tabs)
59 struct bd_list *bd_list = &ep->bd_list;
60 struct bdc *bdc = ep->bdc;
61 struct bd_table *bd_table;
64 dev_dbg(bdc->dev, "%s ep:%s num_tabs:%d\n",
65 __func__, ep->name, num_tabs);
67 if (!bd_list->bd_table_array) {
68 dev_dbg(bdc->dev, "%s already freed\n", ep->name);
71 for (index = 0; index < num_tabs; index++) {
73 * check if the bd_table struct is allocated ?
74 * if yes, then check if bd memory has been allocated, then
75 * free the dma_pool and also the bd_table struct memory
77 bd_table = bd_list->bd_table_array[index];
78 dev_dbg(bdc->dev, "bd_table:%p index:%d\n", bd_table, index);
80 dev_dbg(bdc->dev, "bd_table not allocated\n");
83 if (!bd_table->start_bd) {
84 dev_dbg(bdc->dev, "bd dma pool not allocted\n");
89 "Free dma pool start_bd:%p dma:%llx\n",
91 (unsigned long long)bd_table->dma);
93 dma_pool_free(bdc->bd_table_pool,
96 /* Free the bd_table structure */
99 /* Free the bd table array */
100 kfree(ep->bd_list.bd_table_array);
104 * chain the tables, by insteting a chain bd at the end of prev_table, pointing
107 static inline void chain_table(struct bd_table *prev_table,
108 struct bd_table *next_table,
111 /* Chain the prev table to next table */
112 prev_table->start_bd[bd_p_tab-1].offset[0] =
113 cpu_to_le32(lower_32_bits(next_table->dma));
115 prev_table->start_bd[bd_p_tab-1].offset[1] =
116 cpu_to_le32(upper_32_bits(next_table->dma));
118 prev_table->start_bd[bd_p_tab-1].offset[2] =
121 prev_table->start_bd[bd_p_tab-1].offset[3] =
122 cpu_to_le32(MARK_CHAIN_BD);
125 /* Allocate the bdl for ep, during config ep */
126 static int ep_bd_list_alloc(struct bdc_ep *ep)
128 struct bd_table *prev_table = NULL;
129 int index, num_tabs, bd_p_tab;
130 struct bdc *bdc = ep->bdc;
131 struct bd_table *bd_table;
134 if (usb_endpoint_xfer_isoc(ep->desc))
135 num_tabs = NUM_TABLES_ISOCH;
137 num_tabs = NUM_TABLES;
139 bd_p_tab = NUM_BDS_PER_TABLE;
140 /* if there is only 1 table in bd list then loop chain to self */
142 "%s ep:%p num_tabs:%d\n",
143 __func__, ep, num_tabs);
145 /* Allocate memory for table array */
146 ep->bd_list.bd_table_array = kzalloc(
147 num_tabs * sizeof(struct bd_table *),
149 if (!ep->bd_list.bd_table_array)
152 /* Allocate memory for each table */
153 for (index = 0; index < num_tabs; index++) {
154 /* Allocate memory for bd_table structure */
155 bd_table = kzalloc(sizeof(struct bd_table), GFP_ATOMIC);
159 bd_table->start_bd = dma_pool_alloc(bdc->bd_table_pool,
162 if (!bd_table->start_bd)
168 "index:%d start_bd:%p dma=%08llx prev_table:%p\n",
169 index, bd_table->start_bd,
170 (unsigned long long)bd_table->dma, prev_table);
172 ep->bd_list.bd_table_array[index] = bd_table;
173 memset(bd_table->start_bd, 0, bd_p_tab * sizeof(struct bdc_bd));
175 chain_table(prev_table, bd_table, bd_p_tab);
177 prev_table = bd_table;
179 chain_table(prev_table, ep->bd_list.bd_table_array[0], bd_p_tab);
180 /* Memory allocation is successful, now init the internal fields */
181 ep->bd_list.num_tabs = num_tabs;
182 ep->bd_list.max_bdi = (num_tabs * bd_p_tab) - 1;
183 ep->bd_list.num_tabs = num_tabs;
184 ep->bd_list.num_bds_table = bd_p_tab;
185 ep->bd_list.eqp_bdi = 0;
186 ep->bd_list.hwd_bdi = 0;
190 /* Free the bd_table_array, bd_table struct, bd's */
191 ep_bd_list_free(ep, num_tabs);
196 /* returns how many bd's are need for this transfer */
197 static inline int bd_needed_req(struct bdc_req *req)
202 /* 1 bd needed for 0 byte transfer */
203 if (req->usb_req.length == 0)
206 /* remaining bytes after tranfering all max BD size BD's */
207 remaining = req->usb_req.length % BD_MAX_BUFF_SIZE;
211 /* How many maximum BUFF size BD's ? */
212 remaining = req->usb_req.length / BD_MAX_BUFF_SIZE;
213 bd_needed += remaining;
218 /* returns the bd index(bdi) corresponding to bd dma address */
219 static int bd_add_to_bdi(struct bdc_ep *ep, dma_addr_t bd_dma_addr)
221 struct bd_list *bd_list = &ep->bd_list;
222 dma_addr_t dma_first_bd, dma_last_bd;
223 struct bdc *bdc = ep->bdc;
224 struct bd_table *bd_table;
228 dma_first_bd = dma_last_bd = 0;
229 dev_dbg(bdc->dev, "%s %llx\n",
230 __func__, (unsigned long long)bd_dma_addr);
232 * Find in which table this bd_dma_addr belongs?, go through the table
233 * array and compare addresses of first and last address of bd of each
236 for (tbi = 0; tbi < bd_list->num_tabs; tbi++) {
237 bd_table = bd_list->bd_table_array[tbi];
238 dma_first_bd = bd_table->dma;
239 dma_last_bd = bd_table->dma +
240 (sizeof(struct bdc_bd) *
241 (bd_list->num_bds_table - 1));
242 dev_dbg(bdc->dev, "dma_first_bd:%llx dma_last_bd:%llx\n",
243 (unsigned long long)dma_first_bd,
244 (unsigned long long)dma_last_bd);
245 if (bd_dma_addr >= dma_first_bd && bd_dma_addr <= dma_last_bd) {
250 if (unlikely(!found)) {
251 dev_err(bdc->dev, "%s FATAL err, bd not found\n", __func__);
254 /* Now we know the table, find the bdi */
255 bdi = (bd_dma_addr - dma_first_bd) / sizeof(struct bdc_bd);
257 /* return the global bdi, to compare with ep eqp_bdi */
258 return (bdi + (tbi * bd_list->num_bds_table));
261 /* returns the table index(tbi) of the given bdi */
262 static int bdi_to_tbi(struct bdc_ep *ep, int bdi)
266 tbi = bdi / ep->bd_list.num_bds_table;
267 dev_vdbg(ep->bdc->dev,
268 "bdi:%d num_bds_table:%d tbi:%d\n",
269 bdi, ep->bd_list.num_bds_table, tbi);
274 /* Find the bdi last bd in the transfer */
275 static inline int find_end_bdi(struct bdc_ep *ep, int next_hwd_bdi)
279 end_bdi = next_hwd_bdi - 1;
281 end_bdi = ep->bd_list.max_bdi - 1;
282 else if ((end_bdi % (ep->bd_list.num_bds_table-1)) == 0)
289 * How many transfer bd's are available on this ep bdl, chain bds are not
290 * counted in available bds
292 static int bd_available_ep(struct bdc_ep *ep)
294 struct bd_list *bd_list = &ep->bd_list;
295 int available1, available2;
296 struct bdc *bdc = ep->bdc;
297 int chain_bd1, chain_bd2;
298 int available_bd = 0;
300 available1 = available2 = chain_bd1 = chain_bd2 = 0;
301 /* if empty then we have all bd's available - number of chain bd's */
302 if (bd_list->eqp_bdi == bd_list->hwd_bdi)
303 return bd_list->max_bdi - bd_list->num_tabs;
306 * Depending upon where eqp and dqp pointers are, caculate number
309 if (bd_list->hwd_bdi < bd_list->eqp_bdi) {
310 /* available bd's are from eqp..max_bds + 0..dqp - chain_bds */
311 available1 = bd_list->max_bdi - bd_list->eqp_bdi;
312 available2 = bd_list->hwd_bdi;
313 chain_bd1 = available1 / bd_list->num_bds_table;
314 chain_bd2 = available2 / bd_list->num_bds_table;
315 dev_vdbg(bdc->dev, "chain_bd1:%d chain_bd2:%d\n",
316 chain_bd1, chain_bd2);
317 available_bd = available1 + available2 - chain_bd1 - chain_bd2;
319 /* available bd's are from eqp..dqp - number of chain bd's */
320 available1 = bd_list->hwd_bdi - bd_list->eqp_bdi;
321 /* if gap between eqp and dqp is less than NUM_BDS_PER_TABLE */
322 if ((bd_list->hwd_bdi - bd_list->eqp_bdi)
323 <= bd_list->num_bds_table) {
324 /* If there any chain bd in between */
325 if (!(bdi_to_tbi(ep, bd_list->hwd_bdi)
326 == bdi_to_tbi(ep, bd_list->eqp_bdi))) {
327 available_bd = available1 - 1;
330 chain_bd1 = available1 / bd_list->num_bds_table;
331 available_bd = available1 - chain_bd1;
335 * we need to keep one extra bd to check if ring is full or empty so
339 dev_vdbg(bdc->dev, "available_bd:%d\n", available_bd);
344 /* Notify the hardware after queueing the bd to bdl */
345 void bdc_notify_xfr(struct bdc *bdc, u32 epnum)
347 struct bdc_ep *ep = bdc->bdc_ep_array[epnum];
349 dev_vdbg(bdc->dev, "%s epnum:%d\n", __func__, epnum);
351 * We don't have anyway to check if ep state is running,
352 * except the software flags.
354 if (unlikely(ep->flags & BDC_EP_STOP))
355 ep->flags &= ~BDC_EP_STOP;
357 bdc_writel(bdc->regs, BDC_XSFNTF, epnum);
360 /* returns the bd corresponding to bdi */
361 static struct bdc_bd *bdi_to_bd(struct bdc_ep *ep, int bdi)
363 int tbi = bdi_to_tbi(ep, bdi);
366 local_bdi = bdi - (tbi * ep->bd_list.num_bds_table);
367 dev_vdbg(ep->bdc->dev,
368 "%s bdi:%d local_bdi:%d\n",
369 __func__, bdi, local_bdi);
371 return (ep->bd_list.bd_table_array[tbi]->start_bd + local_bdi);
374 /* Advance the enqueue pointer */
375 static void ep_bdlist_eqp_adv(struct bdc_ep *ep)
377 ep->bd_list.eqp_bdi++;
378 /* if it's chain bd, then move to next */
379 if (((ep->bd_list.eqp_bdi + 1) % ep->bd_list.num_bds_table) == 0)
380 ep->bd_list.eqp_bdi++;
382 /* if the eqp is pointing to last + 1 then move back to 0 */
383 if (ep->bd_list.eqp_bdi == (ep->bd_list.max_bdi + 1))
384 ep->bd_list.eqp_bdi = 0;
387 /* Setup the first bd for ep0 transfer */
388 static int setup_first_bd_ep0(struct bdc *bdc, struct bdc_req *req, u32 *dword3)
394 req_len = req->usb_req.length;
395 switch (bdc->ep0_state) {
396 case WAIT_FOR_DATA_START:
397 *dword3 |= BD_TYPE_DS;
398 if (bdc->setup_pkt.bRequestType & USB_DIR_IN)
399 *dword3 |= BD_DIR_IN;
401 /* check if zlp will be needed */
402 wValue = le16_to_cpu(bdc->setup_pkt.wValue);
403 if ((wValue > req_len) &&
404 (req_len % bdc->gadget.ep0->maxpacket == 0)) {
405 dev_dbg(bdc->dev, "ZLP needed wVal:%d len:%d MaxP:%d\n",
407 bdc->gadget.ep0->maxpacket);
408 bdc->zlp_needed = true;
412 case WAIT_FOR_STATUS_START:
413 *dword3 |= BD_TYPE_SS;
414 if (!le16_to_cpu(bdc->setup_pkt.wLength) ||
415 !(bdc->setup_pkt.bRequestType & USB_DIR_IN))
416 *dword3 |= BD_DIR_IN;
420 "Unknown ep0 state for queueing bd ep0_state:%s\n",
421 ep0_state_string[bdc->ep0_state]);
428 /* Setup the bd dma descriptor for a given request */
429 static int setup_bd_list_xfr(struct bdc *bdc, struct bdc_req *req, int num_bds)
431 dma_addr_t buf_add = req->usb_req.dma;
432 u32 maxp, tfs, dword2, dword3;
433 struct bd_transfer *bd_xfr;
434 struct bd_list *bd_list;
441 bd_list = &ep->bd_list;
442 bd_xfr = &req->bd_xfr;
444 bd_xfr->start_bdi = bd_list->eqp_bdi;
445 bd = bdi_to_bd(ep, bd_list->eqp_bdi);
446 req_len = req->usb_req.length;
447 maxp = usb_endpoint_maxp(ep->desc) & 0x7ff;
448 tfs = roundup(req->usb_req.length, maxp);
450 dev_vdbg(bdc->dev, "%s ep:%s num_bds:%d tfs:%d r_len:%d bd:%p\n",
451 __func__, ep->name, num_bds, tfs, req_len, bd);
453 for (bdnum = 0; bdnum < num_bds; bdnum++) {
457 dword3 |= BD_SOT|BD_SBF|(tfs<<BD_TFS_SHIFT);
459 /* format of first bd for ep0 is different than other */
460 if (ep->ep_num == 1) {
461 ret = setup_first_bd_ep0(bdc, req, &dword3);
469 if (req_len > BD_MAX_BUFF_SIZE) {
470 dword2 |= BD_MAX_BUFF_SIZE;
471 req_len -= BD_MAX_BUFF_SIZE;
473 /* this should be the last bd */
478 /* Currently only 1 INT target is supported */
479 dword2 |= BD_INTR_TARGET(0);
480 bd = bdi_to_bd(ep, ep->bd_list.eqp_bdi);
482 dev_err(bdc->dev, "Err bd pointing to wrong addr\n");
486 bd->offset[0] = cpu_to_le32(lower_32_bits(buf_add));
487 bd->offset[1] = cpu_to_le32(upper_32_bits(buf_add));
488 bd->offset[2] = cpu_to_le32(dword2);
489 bd->offset[3] = cpu_to_le32(dword3);
490 /* advance eqp pointer */
491 ep_bdlist_eqp_adv(ep);
492 /* advance the buff pointer */
493 buf_add += BD_MAX_BUFF_SIZE;
494 dev_vdbg(bdc->dev, "buf_add:%08llx req_len:%d bd:%p eqp:%d\n",
495 (unsigned long long)buf_add, req_len, bd,
496 ep->bd_list.eqp_bdi);
497 bd = bdi_to_bd(ep, ep->bd_list.eqp_bdi);
498 bd->offset[3] = cpu_to_le32(BD_SBF);
500 /* clear the STOP BD fetch bit from the first bd of this xfr */
501 bd = bdi_to_bd(ep, bd_xfr->start_bdi);
502 bd->offset[3] &= cpu_to_le32(~BD_SBF);
503 /* the new eqp will be next hw dqp */
504 bd_xfr->num_bds = num_bds;
505 bd_xfr->next_hwd_bdi = ep->bd_list.eqp_bdi;
506 /* everything is written correctly before notifying the HW */
513 static int bdc_queue_xfr(struct bdc *bdc, struct bdc_req *req)
515 int num_bds, bd_available;
520 dev_dbg(bdc->dev, "%s req:%p\n", __func__, req);
521 dev_dbg(bdc->dev, "eqp_bdi:%d hwd_bdi:%d\n",
522 ep->bd_list.eqp_bdi, ep->bd_list.hwd_bdi);
524 num_bds = bd_needed_req(req);
525 bd_available = bd_available_ep(ep);
527 /* how many bd's are avaialble on ep */
528 if (num_bds > bd_available)
531 ret = setup_bd_list_xfr(bdc, req, num_bds);
534 list_add_tail(&req->queue, &ep->queue);
535 bdc_dbg_bd_list(bdc, ep);
536 bdc_notify_xfr(bdc, ep->ep_num);
541 /* callback to gadget layer when xfr completes */
542 static void bdc_req_complete(struct bdc_ep *ep, struct bdc_req *req,
545 struct bdc *bdc = ep->bdc;
547 if (req == NULL || &req->queue == NULL || &req->usb_req == NULL)
550 dev_dbg(bdc->dev, "%s ep:%s status:%d\n", __func__, ep->name, status);
551 list_del(&req->queue);
552 req->usb_req.status = status;
553 usb_gadget_unmap_request(&bdc->gadget, &req->usb_req, ep->dir);
554 if (req->usb_req.complete) {
555 spin_unlock(&bdc->lock);
556 usb_gadget_giveback_request(&ep->usb_ep, &req->usb_req);
557 spin_lock(&bdc->lock);
561 /* Disable the endpoint */
562 int bdc_ep_disable(struct bdc_ep *ep)
570 dev_dbg(bdc->dev, "%s() ep->ep_num=%d\n", __func__, ep->ep_num);
571 /* Stop the endpoint */
572 ret = bdc_stop_ep(bdc, ep->ep_num);
575 * Intentionally don't check the ret value of stop, it can fail in
576 * disconnect scenarios, continue with dconfig
578 /* de-queue any pending requests */
579 while (!list_empty(&ep->queue)) {
580 req = list_entry(ep->queue.next, struct bdc_req,
582 bdc_req_complete(ep, req, -ESHUTDOWN);
584 /* deconfigure the endpoint */
585 ret = bdc_dconfig_ep(bdc, ep);
588 "dconfig fail but continue with memory free");
591 /* ep0 memory is not freed, but reused on next connect sr */
595 /* Free the bdl memory */
596 ep_bd_list_free(ep, ep->bd_list.num_tabs);
598 ep->comp_desc = NULL;
599 ep->usb_ep.desc = NULL;
606 int bdc_ep_enable(struct bdc_ep *ep)
612 dev_dbg(bdc->dev, "%s NUM_TABLES:%d %d\n",
613 __func__, NUM_TABLES, NUM_TABLES_ISOCH);
615 ret = ep_bd_list_alloc(ep);
617 dev_err(bdc->dev, "ep bd list allocation failed:%d\n", ret);
620 bdc_dbg_bd_list(bdc, ep);
621 /* only for ep0: config ep is called for ep0 from connect event */
622 ep->flags |= BDC_EP_ENABLED;
626 /* Issue a configure endpoint command */
627 ret = bdc_config_ep(bdc, ep);
631 ep->usb_ep.maxpacket = usb_endpoint_maxp(ep->desc);
632 ep->usb_ep.desc = ep->desc;
633 ep->usb_ep.comp_desc = ep->comp_desc;
634 ep->ep_type = usb_endpoint_type(ep->desc);
635 ep->flags |= BDC_EP_ENABLED;
640 /* EP0 related code */
642 /* Queue a status stage BD */
643 static int ep0_queue_status_stage(struct bdc *bdc)
645 struct bdc_req *status_req;
648 status_req = &bdc->status_req;
649 ep = bdc->bdc_ep_array[1];
651 status_req->usb_req.length = 0;
652 status_req->usb_req.status = -EINPROGRESS;
653 status_req->usb_req.actual = 0;
654 status_req->usb_req.complete = NULL;
655 bdc_queue_xfr(bdc, status_req);
660 /* Queue xfr on ep0 */
661 static int ep0_queue(struct bdc_ep *ep, struct bdc_req *req)
667 dev_dbg(bdc->dev, "%s()\n", __func__);
668 req->usb_req.actual = 0;
669 req->usb_req.status = -EINPROGRESS;
670 req->epnum = ep->ep_num;
672 if (bdc->delayed_status) {
673 bdc->delayed_status = false;
674 /* if status stage was delayed? */
675 if (bdc->ep0_state == WAIT_FOR_STATUS_START) {
676 /* Queue a status stage BD */
677 ep0_queue_status_stage(bdc);
678 bdc->ep0_state = WAIT_FOR_STATUS_XMIT;
683 * if delayed status is false and 0 length transfer is requested
684 * i.e. for status stage of some setup request, then just
685 * return from here the status stage is queued independently
687 if (req->usb_req.length == 0)
691 ret = usb_gadget_map_request(&bdc->gadget, &req->usb_req, ep->dir);
693 dev_err(bdc->dev, "dma mapping failed %s\n", ep->name);
697 return bdc_queue_xfr(bdc, req);
700 /* Queue data stage */
701 static int ep0_queue_data_stage(struct bdc *bdc)
703 struct usb_request *ep0_usb_req;
706 dev_dbg(bdc->dev, "%s\n", __func__);
707 ep0_usb_req = &bdc->ep0_req.usb_req;
708 ep = bdc->bdc_ep_array[1];
709 bdc->ep0_req.ep = ep;
710 bdc->ep0_req.usb_req.complete = NULL;
712 return ep0_queue(ep, &bdc->ep0_req);
715 /* Queue req on ep */
716 static int ep_queue(struct bdc_ep *ep, struct bdc_req *req)
722 if (!req || !ep || !ep->usb_ep.desc)
725 req->usb_req.actual = 0;
726 req->usb_req.status = -EINPROGRESS;
727 req->epnum = ep->ep_num;
729 ret = usb_gadget_map_request(&bdc->gadget, &req->usb_req, ep->dir);
731 dev_err(bdc->dev, "dma mapping failed\n");
735 return bdc_queue_xfr(bdc, req);
738 /* Dequeue a request from ep */
739 static int ep_dequeue(struct bdc_ep *ep, struct bdc_req *req)
741 int start_bdi, end_bdi, tbi, eqp_bdi, curr_hw_dqpi;
742 bool start_pending, end_pending;
743 bool first_remove = false;
744 struct bdc_req *first_req;
745 struct bdc_bd *bd_start;
746 struct bd_table *table;
747 dma_addr_t next_bd_dma;
754 start_pending = end_pending = false;
755 eqp_bdi = ep->bd_list.eqp_bdi - 1;
758 eqp_bdi = ep->bd_list.max_bdi;
760 start_bdi = req->bd_xfr.start_bdi;
761 end_bdi = find_end_bdi(ep, req->bd_xfr.next_hwd_bdi);
763 dev_dbg(bdc->dev, "%s ep:%s start:%d end:%d\n",
764 __func__, ep->name, start_bdi, end_bdi);
765 dev_dbg(bdc->dev, "ep_dequeue ep=%p ep->desc=%p\n",
766 ep, (void *)ep->usb_ep.desc);
767 /* Stop the ep to see where the HW is ? */
768 ret = bdc_stop_ep(bdc, ep->ep_num);
769 /* if there is an issue with stopping ep, then no need to go further */
774 * After endpoint is stopped, there can be 3 cases, the request
775 * is processed, pending or in the middle of processing
778 /* The current hw dequeue pointer */
779 tmp_32 = bdc_readl(bdc->regs, BDC_EPSTS0(0));
781 tmp_32 = bdc_readl(bdc->regs, BDC_EPSTS0(1));
782 deq_ptr_64 |= ((u64)tmp_32 << 32);
784 /* we have the dma addr of next bd that will be fetched by hardware */
785 curr_hw_dqpi = bd_add_to_bdi(ep, deq_ptr_64);
786 if (curr_hw_dqpi < 0)
790 * curr_hw_dqpi points to actual dqp of HW and HW owns bd's from
791 * curr_hw_dqbdi..eqp_bdi.
794 /* Check if start_bdi and end_bdi are in range of HW owned BD's */
795 if (curr_hw_dqpi > eqp_bdi) {
796 /* there is a wrap from last to 0 */
797 if (start_bdi >= curr_hw_dqpi || start_bdi <= eqp_bdi) {
798 start_pending = true;
800 } else if (end_bdi >= curr_hw_dqpi || end_bdi <= eqp_bdi) {
804 if (start_bdi >= curr_hw_dqpi) {
805 start_pending = true;
807 } else if (end_bdi >= curr_hw_dqpi) {
812 "start_pending:%d end_pending:%d speed:%d\n",
813 start_pending, end_pending, bdc->gadget.speed);
815 /* If both start till end are processes, we cannot deq req */
816 if (!start_pending && !end_pending)
820 * if ep_dequeue is called after disconnect then just return
823 if (bdc->gadget.speed == USB_SPEED_UNKNOWN)
825 tbi = bdi_to_tbi(ep, req->bd_xfr.next_hwd_bdi);
826 table = ep->bd_list.bd_table_array[tbi];
827 next_bd_dma = table->dma +
828 sizeof(struct bdc_bd)*(req->bd_xfr.next_hwd_bdi -
829 tbi * ep->bd_list.num_bds_table);
831 first_req = list_first_entry(&ep->queue, struct bdc_req,
834 if (req == first_req)
838 * Due to HW limitation we need to bypadd chain bd's and issue ep_bla,
839 * incase if start is pending this is the first request in the list
840 * then issue ep_bla instead of marking as chain bd
842 if (start_pending && !first_remove) {
844 * Mark the start bd as Chain bd, and point the chain
847 bd_start = bdi_to_bd(ep, start_bdi);
848 bd_start->offset[0] = cpu_to_le32(lower_32_bits(next_bd_dma));
849 bd_start->offset[1] = cpu_to_le32(upper_32_bits(next_bd_dma));
850 bd_start->offset[2] = 0x0;
851 bd_start->offset[3] = cpu_to_le32(MARK_CHAIN_BD);
852 bdc_dbg_bd_list(bdc, ep);
853 } else if (end_pending) {
855 * The transfer is stopped in the middle, move the
856 * HW deq pointer to next_bd_dma
858 ret = bdc_ep_bla(bdc, ep, next_bd_dma);
860 dev_err(bdc->dev, "error in ep_bla:%d\n", ret);
868 /* Halt/Clear the ep based on value */
869 static int ep_set_halt(struct bdc_ep *ep, u32 value)
875 dev_dbg(bdc->dev, "%s ep:%s value=%d\n", __func__, ep->name, value);
878 dev_dbg(bdc->dev, "Halt\n");
880 bdc->ep0_state = WAIT_FOR_SETUP;
882 ret = bdc_ep_set_stall(bdc, ep->ep_num);
884 dev_err(bdc->dev, "failed to %s STALL on %s\n",
885 value ? "set" : "clear", ep->name);
887 ep->flags |= BDC_EP_STALL;
890 dev_dbg(bdc->dev, "Before Clear\n");
891 ret = bdc_ep_clear_stall(bdc, ep->ep_num);
893 dev_err(bdc->dev, "failed to %s STALL on %s\n",
894 value ? "set" : "clear", ep->name);
896 ep->flags &= ~BDC_EP_STALL;
897 dev_dbg(bdc->dev, "After Clear\n");
903 /* Free all the ep */
904 void bdc_free_ep(struct bdc *bdc)
909 dev_dbg(bdc->dev, "%s\n", __func__);
910 for (epnum = 1; epnum < bdc->num_eps; epnum++) {
911 ep = bdc->bdc_ep_array[epnum];
915 if (ep->flags & BDC_EP_ENABLED)
916 ep_bd_list_free(ep, ep->bd_list.num_tabs);
918 /* ep0 is not in this gadget list */
920 list_del(&ep->usb_ep.ep_list);
926 /* USB2 spec, section 7.1.20 */
927 static int bdc_set_test_mode(struct bdc *bdc)
931 usb2_pm = bdc_readl(bdc->regs, BDC_USPPM2);
932 usb2_pm &= ~BDC_PTC_MASK;
933 dev_dbg(bdc->dev, "%s\n", __func__);
934 switch (bdc->test_mode) {
940 usb2_pm |= bdc->test_mode << 28;
945 dev_dbg(bdc->dev, "usb2_pm=%08x", usb2_pm);
946 bdc_writel(bdc->regs, BDC_USPPM2, usb2_pm);
952 * Helper function to handle Transfer status report with status as either
955 static void handle_xsr_succ_status(struct bdc *bdc, struct bdc_ep *ep,
956 struct bdc_sr *sreport)
958 int short_bdi, start_bdi, end_bdi, max_len_bds, chain_bds;
959 struct bd_list *bd_list = &ep->bd_list;
960 int actual_length, length_short;
961 struct bd_transfer *bd_xfr;
962 struct bdc_bd *short_bd;
969 dev_dbg(bdc->dev, "%s ep:%p\n", __func__, ep);
971 /* do not process thie sr if ignore flag is set */
972 if (ep->ignore_next_sr) {
973 ep->ignore_next_sr = false;
977 if (unlikely(list_empty(&ep->queue))) {
978 dev_warn(bdc->dev, "xfr srr with no BD's queued\n");
981 req = list_entry(ep->queue.next, struct bdc_req,
984 bd_xfr = &req->bd_xfr;
985 sr_status = XSF_STS(le32_to_cpu(sreport->offset[3]));
988 * sr_status is short and this transfer has more than 1 bd then it needs
989 * special handling, this is only applicable for bulk and ctrl
991 if (sr_status == XSF_SHORT && bd_xfr->num_bds > 1) {
993 * This is multi bd xfr, lets see which bd
994 * caused short transfer and how many bytes have been
995 * transferred so far.
997 tmp_32 = le32_to_cpu(sreport->offset[0]);
999 tmp_32 = le32_to_cpu(sreport->offset[1]);
1000 deq_ptr_64 |= ((u64)tmp_32 << 32);
1001 short_bdi = bd_add_to_bdi(ep, deq_ptr_64);
1002 if (unlikely(short_bdi < 0))
1003 dev_warn(bdc->dev, "bd doesn't exist?\n");
1005 start_bdi = bd_xfr->start_bdi;
1007 * We know the start_bdi and short_bdi, how many xfr
1010 if (start_bdi <= short_bdi) {
1011 max_len_bds = short_bdi - start_bdi;
1012 if (max_len_bds <= bd_list->num_bds_table) {
1013 if (!(bdi_to_tbi(ep, start_bdi) ==
1014 bdi_to_tbi(ep, short_bdi)))
1017 chain_bds = max_len_bds/bd_list->num_bds_table;
1018 max_len_bds -= chain_bds;
1021 /* there is a wrap in the ring within a xfr */
1022 chain_bds = (bd_list->max_bdi - start_bdi)/
1023 bd_list->num_bds_table;
1024 chain_bds += short_bdi/bd_list->num_bds_table;
1025 max_len_bds = bd_list->max_bdi - start_bdi;
1026 max_len_bds += short_bdi;
1027 max_len_bds -= chain_bds;
1029 /* max_len_bds is the number of full length bds */
1030 end_bdi = find_end_bdi(ep, bd_xfr->next_hwd_bdi);
1031 if (!(end_bdi == short_bdi))
1032 ep->ignore_next_sr = true;
1034 actual_length = max_len_bds * BD_MAX_BUFF_SIZE;
1035 short_bd = bdi_to_bd(ep, short_bdi);
1037 length_short = le32_to_cpu(short_bd->offset[2]) & 0x1FFFFF;
1038 /* actual length trensfered */
1039 length_short -= SR_BD_LEN(le32_to_cpu(sreport->offset[2]));
1040 actual_length += length_short;
1041 req->usb_req.actual = actual_length;
1043 req->usb_req.actual = req->usb_req.length -
1044 SR_BD_LEN(le32_to_cpu(sreport->offset[2]));
1046 "len=%d actual=%d bd_xfr->next_hwd_bdi:%d\n",
1047 req->usb_req.length, req->usb_req.actual,
1048 bd_xfr->next_hwd_bdi);
1051 /* Update the dequeue pointer */
1052 ep->bd_list.hwd_bdi = bd_xfr->next_hwd_bdi;
1053 if (req->usb_req.actual < req->usb_req.length) {
1054 dev_dbg(bdc->dev, "short xfr on %d\n", ep->ep_num);
1055 if (req->usb_req.short_not_ok)
1056 status = -EREMOTEIO;
1058 bdc_req_complete(ep, bd_xfr->req, status);
1061 /* EP0 setup related packet handlers */
1064 * Setup packet received, just store the packet and process on next DS or SS
1067 void bdc_xsf_ep0_setup_recv(struct bdc *bdc, struct bdc_sr *sreport)
1069 struct usb_ctrlrequest *setup_pkt;
1073 "%s ep0_state:%s\n",
1074 __func__, ep0_state_string[bdc->ep0_state]);
1075 /* Store received setup packet */
1076 setup_pkt = &bdc->setup_pkt;
1077 memcpy(setup_pkt, &sreport->offset[0], sizeof(*setup_pkt));
1078 len = le16_to_cpu(setup_pkt->wLength);
1080 bdc->ep0_state = WAIT_FOR_STATUS_START;
1082 bdc->ep0_state = WAIT_FOR_DATA_START;
1086 "%s exit ep0_state:%s\n",
1087 __func__, ep0_state_string[bdc->ep0_state]);
1091 static void ep0_stall(struct bdc *bdc)
1093 struct bdc_ep *ep = bdc->bdc_ep_array[1];
1094 struct bdc_req *req;
1096 dev_dbg(bdc->dev, "%s\n", __func__);
1097 bdc->delayed_status = false;
1100 /* de-queue any pendig requests */
1101 while (!list_empty(&ep->queue)) {
1102 req = list_entry(ep->queue.next, struct bdc_req,
1104 bdc_req_complete(ep, req, -ESHUTDOWN);
1108 /* SET_ADD handlers */
1109 static int ep0_set_address(struct bdc *bdc, struct usb_ctrlrequest *ctrl)
1111 enum usb_device_state state = bdc->gadget.state;
1115 addr = le16_to_cpu(ctrl->wValue);
1117 "%s addr:%d dev state:%d\n",
1118 __func__, addr, state);
1124 case USB_STATE_DEFAULT:
1125 case USB_STATE_ADDRESS:
1126 /* Issue Address device command */
1127 ret = bdc_address_device(bdc, addr);
1132 usb_gadget_set_state(&bdc->gadget, USB_STATE_ADDRESS);
1134 usb_gadget_set_state(&bdc->gadget, USB_STATE_DEFAULT);
1136 bdc->dev_addr = addr;
1140 "SET Address in wrong device state %d\n",
1148 /* Handler for SET/CLEAR FEATURE requests for device */
1149 static int ep0_handle_feature_dev(struct bdc *bdc, u16 wValue,
1150 u16 wIndex, bool set)
1152 enum usb_device_state state = bdc->gadget.state;
1155 dev_dbg(bdc->dev, "%s set:%d dev state:%d\n",
1156 __func__, set, state);
1158 case USB_DEVICE_REMOTE_WAKEUP:
1159 dev_dbg(bdc->dev, "USB_DEVICE_REMOTE_WAKEUP\n");
1161 bdc->devstatus |= REMOTE_WAKE_ENABLE;
1163 bdc->devstatus &= ~REMOTE_WAKE_ENABLE;
1166 case USB_DEVICE_TEST_MODE:
1167 dev_dbg(bdc->dev, "USB_DEVICE_TEST_MODE\n");
1168 if ((wIndex & 0xFF) ||
1169 (bdc->gadget.speed != USB_SPEED_HIGH) || !set)
1172 bdc->test_mode = wIndex >> 8;
1175 case USB_DEVICE_U1_ENABLE:
1176 dev_dbg(bdc->dev, "USB_DEVICE_U1_ENABLE\n");
1178 if (bdc->gadget.speed != USB_SPEED_SUPER ||
1179 state != USB_STATE_CONFIGURED)
1182 usppms = bdc_readl(bdc->regs, BDC_USPPMS);
1184 /* clear previous u1t */
1185 usppms &= ~BDC_U1T(BDC_U1T_MASK);
1186 usppms |= BDC_U1T(U1_TIMEOUT);
1187 usppms |= BDC_U1E | BDC_PORT_W1S;
1188 bdc->devstatus |= (1 << USB_DEV_STAT_U1_ENABLED);
1191 usppms |= BDC_PORT_W1S;
1192 bdc->devstatus &= ~(1 << USB_DEV_STAT_U1_ENABLED);
1194 bdc_writel(bdc->regs, BDC_USPPMS, usppms);
1197 case USB_DEVICE_U2_ENABLE:
1198 dev_dbg(bdc->dev, "USB_DEVICE_U2_ENABLE\n");
1200 if (bdc->gadget.speed != USB_SPEED_SUPER ||
1201 state != USB_STATE_CONFIGURED)
1204 usppms = bdc_readl(bdc->regs, BDC_USPPMS);
1208 bdc->devstatus |= (1 << USB_DEV_STAT_U2_ENABLED);
1212 bdc->devstatus &= ~(1 << USB_DEV_STAT_U2_ENABLED);
1214 bdc_writel(bdc->regs, BDC_USPPMS, usppms);
1217 case USB_DEVICE_LTM_ENABLE:
1218 dev_dbg(bdc->dev, "USB_DEVICE_LTM_ENABLE?\n");
1219 if (bdc->gadget.speed != USB_SPEED_SUPER ||
1220 state != USB_STATE_CONFIGURED)
1224 dev_err(bdc->dev, "Unknown wValue:%d\n", wValue);
1226 } /* USB_RECIP_DEVICE end */
1231 /* SET/CLEAR FEATURE handler */
1232 static int ep0_handle_feature(struct bdc *bdc,
1233 struct usb_ctrlrequest *setup_pkt, bool set)
1235 enum usb_device_state state = bdc->gadget.state;
1241 wValue = le16_to_cpu(setup_pkt->wValue);
1242 wIndex = le16_to_cpu(setup_pkt->wIndex);
1245 "%s wValue=%d wIndex=%d devstate=%08x speed=%d set=%d",
1246 __func__, wValue, wIndex, state,
1247 bdc->gadget.speed, set);
1249 switch (setup_pkt->bRequestType & USB_RECIP_MASK) {
1250 case USB_RECIP_DEVICE:
1251 return ep0_handle_feature_dev(bdc, wValue, wIndex, set);
1252 case USB_RECIP_INTERFACE:
1253 dev_dbg(bdc->dev, "USB_RECIP_INTERFACE\n");
1254 /* USB3 spec, sec 9.4.9 */
1255 if (wValue != USB_INTRF_FUNC_SUSPEND)
1257 /* USB3 spec, Table 9-8 */
1259 if (wIndex & USB_INTRF_FUNC_SUSPEND_RW) {
1260 dev_dbg(bdc->dev, "SET REMOTE_WAKEUP\n");
1261 bdc->devstatus |= REMOTE_WAKE_ENABLE;
1263 dev_dbg(bdc->dev, "CLEAR REMOTE_WAKEUP\n");
1264 bdc->devstatus &= ~REMOTE_WAKE_ENABLE;
1269 case USB_RECIP_ENDPOINT:
1270 dev_dbg(bdc->dev, "USB_RECIP_ENDPOINT\n");
1271 if (wValue != USB_ENDPOINT_HALT)
1274 epnum = wIndex & USB_ENDPOINT_NUMBER_MASK;
1276 if ((wIndex & USB_ENDPOINT_DIR_MASK) == USB_DIR_IN)
1277 epnum = epnum * 2 + 1;
1284 * If CLEAR_FEATURE on ep0 then don't do anything as the stall
1285 * condition on ep0 has already been cleared when SETUP packet
1288 if (epnum == 1 && !set) {
1289 dev_dbg(bdc->dev, "ep0 stall already cleared\n");
1292 dev_dbg(bdc->dev, "epnum=%d\n", epnum);
1293 ep = bdc->bdc_ep_array[epnum];
1297 return ep_set_halt(ep, set);
1299 dev_err(bdc->dev, "Unknown recipient\n");
1306 /* GET_STATUS request handler */
1307 static int ep0_handle_status(struct bdc *bdc,
1308 struct usb_ctrlrequest *setup_pkt)
1310 enum usb_device_state state = bdc->gadget.state;
1316 /* USB2.0 spec sec 9.4.5 */
1317 if (state == USB_STATE_DEFAULT)
1319 wIndex = le16_to_cpu(setup_pkt->wIndex);
1320 dev_dbg(bdc->dev, "%s\n", __func__);
1321 usb_status = bdc->devstatus;
1322 switch (setup_pkt->bRequestType & USB_RECIP_MASK) {
1323 case USB_RECIP_DEVICE:
1325 "USB_RECIP_DEVICE devstatus:%08x\n",
1327 /* USB3 spec, sec 9.4.5 */
1328 if (bdc->gadget.speed == USB_SPEED_SUPER)
1329 usb_status &= ~REMOTE_WAKE_ENABLE;
1332 case USB_RECIP_INTERFACE:
1333 dev_dbg(bdc->dev, "USB_RECIP_INTERFACE\n");
1334 if (bdc->gadget.speed == USB_SPEED_SUPER) {
1336 * This should come from func for Func remote wkup
1339 if (bdc->devstatus & REMOTE_WAKE_ENABLE)
1340 usb_status |= REMOTE_WAKE_ENABLE;
1347 case USB_RECIP_ENDPOINT:
1348 dev_dbg(bdc->dev, "USB_RECIP_ENDPOINT\n");
1349 epnum = wIndex & USB_ENDPOINT_NUMBER_MASK;
1351 if ((wIndex & USB_ENDPOINT_DIR_MASK) == USB_DIR_IN)
1352 epnum = epnum*2 + 1;
1356 epnum = 1; /* EP0 */
1359 ep = bdc->bdc_ep_array[epnum];
1361 dev_err(bdc->dev, "ISSUE, GET_STATUS for invalid EP ?");
1364 if (ep->flags & BDC_EP_STALL)
1365 usb_status |= 1 << USB_ENDPOINT_HALT;
1369 dev_err(bdc->dev, "Unknown recipient for get_status\n");
1372 /* prepare a data stage for GET_STATUS */
1373 dev_dbg(bdc->dev, "usb_status=%08x\n", usb_status);
1374 *(__le16 *)bdc->ep0_response_buff = cpu_to_le16(usb_status);
1375 bdc->ep0_req.usb_req.length = 2;
1376 bdc->ep0_req.usb_req.buf = &bdc->ep0_response_buff;
1377 ep0_queue_data_stage(bdc);
1382 static void ep0_set_sel_cmpl(struct usb_ep *_ep, struct usb_request *_req)
1384 /* ep0_set_sel_cmpl */
1387 /* Queue data stage to handle 6 byte SET_SEL request */
1388 static int ep0_set_sel(struct bdc *bdc,
1389 struct usb_ctrlrequest *setup_pkt)
1395 dev_dbg(bdc->dev, "%s\n", __func__);
1396 wValue = le16_to_cpu(setup_pkt->wValue);
1397 wLength = le16_to_cpu(setup_pkt->wLength);
1398 if (unlikely(wLength != 6)) {
1399 dev_err(bdc->dev, "%s Wrong wLength:%d\n", __func__, wLength);
1402 ep = bdc->bdc_ep_array[1];
1403 bdc->ep0_req.ep = ep;
1404 bdc->ep0_req.usb_req.length = 6;
1405 bdc->ep0_req.usb_req.buf = bdc->ep0_response_buff;
1406 bdc->ep0_req.usb_req.complete = ep0_set_sel_cmpl;
1407 ep0_queue_data_stage(bdc);
1413 * Queue a 0 byte bd only if wLength is more than the length and and length is
1414 * a multiple of MaxPacket then queue 0 byte BD
1416 static int ep0_queue_zlp(struct bdc *bdc)
1420 dev_dbg(bdc->dev, "%s\n", __func__);
1421 bdc->ep0_req.ep = bdc->bdc_ep_array[1];
1422 bdc->ep0_req.usb_req.length = 0;
1423 bdc->ep0_req.usb_req.complete = NULL;
1424 bdc->ep0_state = WAIT_FOR_DATA_START;
1425 ret = bdc_queue_xfr(bdc, &bdc->ep0_req);
1427 dev_err(bdc->dev, "err queueing zlp :%d\n", ret);
1430 bdc->ep0_state = WAIT_FOR_DATA_XMIT;
1435 /* Control request handler */
1436 static int handle_control_request(struct bdc *bdc)
1438 enum usb_device_state state = bdc->gadget.state;
1439 struct usb_ctrlrequest *setup_pkt;
1440 int delegate_setup = 0;
1444 setup_pkt = &bdc->setup_pkt;
1445 dev_dbg(bdc->dev, "%s\n", __func__);
1446 if ((setup_pkt->bRequestType & USB_TYPE_MASK) == USB_TYPE_STANDARD) {
1447 switch (setup_pkt->bRequest) {
1448 case USB_REQ_SET_ADDRESS:
1449 dev_dbg(bdc->dev, "USB_REQ_SET_ADDRESS\n");
1450 ret = ep0_set_address(bdc, setup_pkt);
1451 bdc->devstatus &= DEVSTATUS_CLEAR;
1454 case USB_REQ_SET_CONFIGURATION:
1455 dev_dbg(bdc->dev, "USB_REQ_SET_CONFIGURATION\n");
1456 if (state == USB_STATE_ADDRESS) {
1457 usb_gadget_set_state(&bdc->gadget,
1458 USB_STATE_CONFIGURED);
1459 } else if (state == USB_STATE_CONFIGURED) {
1461 * USB2 spec sec 9.4.7, if wValue is 0 then dev
1462 * is moved to addressed state
1464 config = le16_to_cpu(setup_pkt->wValue);
1466 usb_gadget_set_state(
1473 case USB_REQ_SET_FEATURE:
1474 dev_dbg(bdc->dev, "USB_REQ_SET_FEATURE\n");
1475 ret = ep0_handle_feature(bdc, setup_pkt, 1);
1478 case USB_REQ_CLEAR_FEATURE:
1479 dev_dbg(bdc->dev, "USB_REQ_CLEAR_FEATURE\n");
1480 ret = ep0_handle_feature(bdc, setup_pkt, 0);
1483 case USB_REQ_GET_STATUS:
1484 dev_dbg(bdc->dev, "USB_REQ_GET_STATUS\n");
1485 ret = ep0_handle_status(bdc, setup_pkt);
1488 case USB_REQ_SET_SEL:
1489 dev_dbg(bdc->dev, "USB_REQ_SET_SEL\n");
1490 ret = ep0_set_sel(bdc, setup_pkt);
1493 case USB_REQ_SET_ISOCH_DELAY:
1495 "USB_REQ_SET_ISOCH_DELAY not handled\n");
1505 if (delegate_setup) {
1506 spin_unlock(&bdc->lock);
1507 ret = bdc->gadget_driver->setup(&bdc->gadget, setup_pkt);
1508 spin_lock(&bdc->lock);
1514 /* EP0: Data stage started */
1515 void bdc_xsf_ep0_data_start(struct bdc *bdc, struct bdc_sr *sreport)
1520 dev_dbg(bdc->dev, "%s\n", __func__);
1521 ep = bdc->bdc_ep_array[1];
1522 /* If ep0 was stalled, the clear it first */
1523 if (ep->flags & BDC_EP_STALL) {
1524 ret = ep_set_halt(ep, 0);
1528 if (bdc->ep0_state != WAIT_FOR_DATA_START)
1530 "Data stage not expected ep0_state:%s\n",
1531 ep0_state_string[bdc->ep0_state]);
1533 ret = handle_control_request(bdc);
1534 if (ret == USB_GADGET_DELAYED_STATUS) {
1536 * The ep0 state will remain WAIT_FOR_DATA_START till
1537 * we received ep_queue on ep0
1539 bdc->delayed_status = true;
1543 bdc->ep0_state = WAIT_FOR_DATA_XMIT;
1545 "ep0_state:%s", ep0_state_string[bdc->ep0_state]);
1552 /* EP0: status stage started */
1553 void bdc_xsf_ep0_status_start(struct bdc *bdc, struct bdc_sr *sreport)
1555 struct usb_ctrlrequest *setup_pkt;
1561 __func__, ep0_state_string[bdc->ep0_state]);
1562 ep = bdc->bdc_ep_array[1];
1564 /* check if ZLP was queued? */
1565 if (bdc->zlp_needed)
1566 bdc->zlp_needed = false;
1568 if (ep->flags & BDC_EP_STALL) {
1569 ret = ep_set_halt(ep, 0);
1574 if ((bdc->ep0_state != WAIT_FOR_STATUS_START) &&
1575 (bdc->ep0_state != WAIT_FOR_DATA_XMIT))
1577 "Status stage recv but ep0_state:%s\n",
1578 ep0_state_string[bdc->ep0_state]);
1580 /* check if data stage is in progress ? */
1581 if (bdc->ep0_state == WAIT_FOR_DATA_XMIT) {
1582 bdc->ep0_state = STATUS_PENDING;
1583 /* Status stage will be queued upon Data stage transmit event */
1585 "status started but data not transmitted yet\n");
1588 setup_pkt = &bdc->setup_pkt;
1591 * 2 stage setup then only process the setup, for 3 stage setup the date
1592 * stage is already handled
1594 if (!le16_to_cpu(setup_pkt->wLength)) {
1595 ret = handle_control_request(bdc);
1596 if (ret == USB_GADGET_DELAYED_STATUS) {
1597 bdc->delayed_status = true;
1598 /* ep0_state will remain WAIT_FOR_STATUS_START */
1603 /* Queue a status stage BD */
1604 ep0_queue_status_stage(bdc);
1605 bdc->ep0_state = WAIT_FOR_STATUS_XMIT;
1607 "ep0_state:%s", ep0_state_string[bdc->ep0_state]);
1614 /* Helper function to update ep0 upon SR with xsf_succ or xsf_short */
1615 static void ep0_xsf_complete(struct bdc *bdc, struct bdc_sr *sreport)
1617 dev_dbg(bdc->dev, "%s\n", __func__);
1618 switch (bdc->ep0_state) {
1619 case WAIT_FOR_DATA_XMIT:
1620 bdc->ep0_state = WAIT_FOR_STATUS_START;
1622 case WAIT_FOR_STATUS_XMIT:
1623 bdc->ep0_state = WAIT_FOR_SETUP;
1624 if (bdc->test_mode) {
1627 dev_dbg(bdc->dev, "test_mode:%d\n", bdc->test_mode);
1628 ret = bdc_set_test_mode(bdc);
1630 dev_err(bdc->dev, "Err in setting Test mode\n");
1636 case STATUS_PENDING:
1637 bdc_xsf_ep0_status_start(bdc, sreport);
1642 "Unknown ep0_state:%s\n",
1643 ep0_state_string[bdc->ep0_state]);
1648 /* xfr completion status report handler */
1649 void bdc_sr_xsf(struct bdc *bdc, struct bdc_sr *sreport)
1655 ep_num = (le32_to_cpu(sreport->offset[3])>>4) & 0x1f;
1656 ep = bdc->bdc_ep_array[ep_num];
1657 if (!ep || !(ep->flags & BDC_EP_ENABLED)) {
1658 dev_err(bdc->dev, "xsf for ep not enabled\n");
1662 * check if this transfer is after link went from U3->U0 due
1665 if (bdc->devstatus & FUNC_WAKE_ISSUED) {
1666 bdc->devstatus &= ~(FUNC_WAKE_ISSUED);
1667 dev_dbg(bdc->dev, "%s clearing FUNC_WAKE_ISSUED flag\n",
1670 sr_status = XSF_STS(le32_to_cpu(sreport->offset[3]));
1671 dev_dbg_ratelimited(bdc->dev, "%s sr_status=%d ep:%s\n",
1672 __func__, sr_status, ep->name);
1674 switch (sr_status) {
1677 handle_xsr_succ_status(bdc, ep, sreport);
1679 ep0_xsf_complete(bdc, sreport);
1682 case XSF_SETUP_RECV:
1683 case XSF_DATA_START:
1684 case XSF_STATUS_START:
1687 "ep0 related packets on non ep0 endpoint");
1690 bdc->sr_xsf_ep0[sr_status - XSF_SETUP_RECV](bdc, sreport);
1695 dev_dbg(bdc->dev, "Babble on ep0 zlp_need:%d\n",
1698 * If the last completed transfer had wLength >Data Len,
1699 * and Len is multiple of MaxPacket,then queue ZLP
1701 if (bdc->zlp_needed) {
1702 /* queue 0 length bd */
1707 dev_warn(bdc->dev, "Babble on ep not handled\n");
1710 dev_warn(bdc->dev, "sr status not handled:%x\n", sr_status);
1715 static int bdc_gadget_ep_queue(struct usb_ep *_ep,
1716 struct usb_request *_req, gfp_t gfp_flags)
1718 struct bdc_req *req;
1719 unsigned long flags;
1724 if (!_ep || !_ep->desc)
1727 if (!_req || !_req->complete || !_req->buf)
1730 ep = to_bdc_ep(_ep);
1731 req = to_bdc_req(_req);
1733 dev_dbg(bdc->dev, "%s ep:%p req:%p\n", __func__, ep, req);
1734 dev_dbg(bdc->dev, "queuing request %p to %s length %d zero:%d\n",
1735 _req, ep->name, _req->length, _req->zero);
1737 if (!ep->usb_ep.desc) {
1739 "trying to queue req %p to disabled %s\n",
1744 if (_req->length > MAX_XFR_LEN) {
1746 "req length > supported MAX:%d requested:%d\n",
1747 MAX_XFR_LEN, _req->length);
1750 spin_lock_irqsave(&bdc->lock, flags);
1751 if (ep == bdc->bdc_ep_array[1])
1752 ret = ep0_queue(ep, req);
1754 ret = ep_queue(ep, req);
1756 spin_unlock_irqrestore(&bdc->lock, flags);
1761 static int bdc_gadget_ep_dequeue(struct usb_ep *_ep,
1762 struct usb_request *_req)
1764 struct bdc_req *req;
1765 unsigned long flags;
1773 ep = to_bdc_ep(_ep);
1774 req = to_bdc_req(_req);
1776 dev_dbg(bdc->dev, "%s ep:%s req:%p\n", __func__, ep->name, req);
1777 bdc_dbg_bd_list(bdc, ep);
1778 spin_lock_irqsave(&bdc->lock, flags);
1779 /* make sure it's still queued on this endpoint */
1780 list_for_each_entry(req, &ep->queue, queue) {
1781 if (&req->usb_req == _req)
1784 if (&req->usb_req != _req) {
1785 spin_unlock_irqrestore(&bdc->lock, flags);
1786 dev_err(bdc->dev, "usb_req !=req n");
1789 ret = ep_dequeue(ep, req);
1794 bdc_req_complete(ep, req, -ECONNRESET);
1797 bdc_dbg_bd_list(bdc, ep);
1798 spin_unlock_irqrestore(&bdc->lock, flags);
1803 static int bdc_gadget_ep_set_halt(struct usb_ep *_ep, int value)
1805 unsigned long flags;
1810 ep = to_bdc_ep(_ep);
1812 dev_dbg(bdc->dev, "%s ep:%s value=%d\n", __func__, ep->name, value);
1813 spin_lock_irqsave(&bdc->lock, flags);
1814 if (usb_endpoint_xfer_isoc(ep->usb_ep.desc))
1816 else if (!list_empty(&ep->queue))
1819 ret = ep_set_halt(ep, value);
1821 spin_unlock_irqrestore(&bdc->lock, flags);
1826 static struct usb_request *bdc_gadget_alloc_request(struct usb_ep *_ep,
1829 struct bdc_req *req;
1832 req = kzalloc(sizeof(*req), gfp_flags);
1836 ep = to_bdc_ep(_ep);
1838 req->epnum = ep->ep_num;
1839 req->usb_req.dma = DMA_ADDR_INVALID;
1840 dev_dbg(ep->bdc->dev, "%s ep:%s req:%p\n", __func__, ep->name, req);
1842 return &req->usb_req;
1845 static void bdc_gadget_free_request(struct usb_ep *_ep,
1846 struct usb_request *_req)
1848 struct bdc_req *req;
1850 req = to_bdc_req(_req);
1854 /* endpoint operations */
1856 /* configure endpoint and also allocate resources */
1857 static int bdc_gadget_ep_enable(struct usb_ep *_ep,
1858 const struct usb_endpoint_descriptor *desc)
1860 unsigned long flags;
1865 if (!_ep || !desc || desc->bDescriptorType != USB_DT_ENDPOINT) {
1866 pr_debug("bdc_gadget_ep_enable invalid parameters\n");
1870 if (!desc->wMaxPacketSize) {
1871 pr_debug("bdc_gadget_ep_enable missing wMaxPacketSize\n");
1875 ep = to_bdc_ep(_ep);
1878 /* Sanity check, upper layer will not send enable for ep0 */
1879 if (ep == bdc->bdc_ep_array[1])
1882 if (!bdc->gadget_driver
1883 || bdc->gadget.speed == USB_SPEED_UNKNOWN) {
1887 dev_dbg(bdc->dev, "%s Enabling %s\n", __func__, ep->name);
1888 spin_lock_irqsave(&bdc->lock, flags);
1890 ep->comp_desc = _ep->comp_desc;
1891 ret = bdc_ep_enable(ep);
1892 spin_unlock_irqrestore(&bdc->lock, flags);
1897 static int bdc_gadget_ep_disable(struct usb_ep *_ep)
1899 unsigned long flags;
1905 pr_debug("bdc: invalid parameters\n");
1908 ep = to_bdc_ep(_ep);
1911 /* Upper layer will not call this for ep0, but do a sanity check */
1912 if (ep == bdc->bdc_ep_array[1]) {
1913 dev_warn(bdc->dev, "%s called for ep0\n", __func__);
1917 "%s() ep:%s ep->flags:%08x\n",
1918 __func__, ep->name, ep->flags);
1920 if (!(ep->flags & BDC_EP_ENABLED)) {
1921 dev_warn(bdc->dev, "%s is already disabled\n", ep->name);
1924 spin_lock_irqsave(&bdc->lock, flags);
1925 ret = bdc_ep_disable(ep);
1926 spin_unlock_irqrestore(&bdc->lock, flags);
1931 static const struct usb_ep_ops bdc_gadget_ep_ops = {
1932 .enable = bdc_gadget_ep_enable,
1933 .disable = bdc_gadget_ep_disable,
1934 .alloc_request = bdc_gadget_alloc_request,
1935 .free_request = bdc_gadget_free_request,
1936 .queue = bdc_gadget_ep_queue,
1937 .dequeue = bdc_gadget_ep_dequeue,
1938 .set_halt = bdc_gadget_ep_set_halt
1942 static int init_ep(struct bdc *bdc, u32 epnum, u32 dir)
1946 dev_dbg(bdc->dev, "%s epnum=%d dir=%d\n", __func__, epnum, dir);
1947 ep = kzalloc(sizeof(*ep), GFP_KERNEL);
1954 /* ep->ep_num is the index inside bdc_ep */
1957 bdc->bdc_ep_array[ep->ep_num] = ep;
1958 snprintf(ep->name, sizeof(ep->name), "ep%d", epnum - 1);
1959 usb_ep_set_maxpacket_limit(&ep->usb_ep, EP0_MAX_PKT_SIZE);
1960 ep->comp_desc = NULL;
1961 bdc->gadget.ep0 = &ep->usb_ep;
1964 ep->ep_num = epnum * 2 - 1;
1966 ep->ep_num = epnum * 2 - 2;
1968 bdc->bdc_ep_array[ep->ep_num] = ep;
1969 snprintf(ep->name, sizeof(ep->name), "ep%d%s", epnum - 1,
1970 dir & 1 ? "in" : "out");
1972 usb_ep_set_maxpacket_limit(&ep->usb_ep, 1024);
1973 ep->usb_ep.max_streams = 0;
1974 list_add_tail(&ep->usb_ep.ep_list, &bdc->gadget.ep_list);
1976 ep->usb_ep.ops = &bdc_gadget_ep_ops;
1977 ep->usb_ep.name = ep->name;
1979 ep->ignore_next_sr = false;
1980 dev_dbg(bdc->dev, "ep=%p ep->usb_ep.name=%s epnum=%d ep->epnum=%d\n",
1981 ep, ep->usb_ep.name, epnum, ep->ep_num);
1983 INIT_LIST_HEAD(&ep->queue);
1989 int bdc_init_ep(struct bdc *bdc)
1994 dev_dbg(bdc->dev, "%s()\n", __func__);
1995 INIT_LIST_HEAD(&bdc->gadget.ep_list);
1997 ret = init_ep(bdc, 1, 0);
1999 dev_err(bdc->dev, "init ep ep0 fail %d\n", ret);
2003 for (epnum = 2; epnum <= bdc->num_eps / 2; epnum++) {
2005 ret = init_ep(bdc, epnum, 0);
2008 "init ep failed for:%d error: %d\n",
2014 ret = init_ep(bdc, epnum, 1);
2017 "init ep failed for:%d error: %d\n",
projects / cascardo / linux.git / blob