LXR linux/drivers/usb/musb/musb_gadget

   1/*
   2 * MUSB OTG peripheral driver ep0 handling
   3 *
   4 * Copyright 2005 Mentor Graphics Corporation
   5 * Copyright (C) 2005-2006 by Texas Instruments
   6 * Copyright (C) 2006-2007 Nokia Corporation
   7 * Copyright (C) 2008-2009 MontaVista Software, Inc. <source@mvista.com>
   8 *
   9 * This program is free software; you can redistribute it and/or
  10 * modify it under the terms of the GNU General Public License
  11 * version 2 as published by the Free Software Foundation.
  12 *
  13 * This program is distributed in the hope that it will be useful, but
  14 * WITHOUT ANY WARRANTY; without even the implied warranty of
  15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  16 * General Public License for more details.
  17 *
  18 * You should have received a copy of the GNU General Public License
  19 * along with this program; if not, write to the Free Software
  20 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
  21 * 02110-1301 USA
  22 *
  23 * THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESS OR IMPLIED
  24 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
  25 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.  IN
  26 * NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY DIRECT, INDIRECT,
  27 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
  28 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
  29 * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
  30 * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
  31 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
  32 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  33 *
  34 */
  35
  36#include <linux/kernel.h>
  37#include <linux/list.h>
  38#include <linux/timer.h>
  39#include <linux/spinlock.h>
  40#include <linux/device.h>
  41#include <linux/interrupt.h>
  42
  43#include "musb_core.h"
  44
  45/* ep0 is always musb->endpoints[0].ep_in */
  46#define next_ep0_request(musb)  next_in_request(&(musb)->endpoints[0])
  47
  48/*
  49 * locking note:  we use only the controller lock, for simpler correctness.
  50 * It's always held with IRQs blocked.
  51 *
  52 * It protects the ep0 request queue as well as ep0_state, not just the
  53 * controller and indexed registers.  And that lock stays held unless it
  54 * needs to be dropped to allow reentering this driver ... like upcalls to
  55 * the gadget driver, or adjusting endpoint halt status.
  56 */
  57
  58static char *decode_ep0stage(u8 stage)
  59{
  60        switch (stage) {
  61        case MUSB_EP0_STAGE_IDLE:       return "idle";
  62        case MUSB_EP0_STAGE_SETUP:      return "setup";
  63        case MUSB_EP0_STAGE_TX:         return "in";
  64        case MUSB_EP0_STAGE_RX:         return "out";
  65        case MUSB_EP0_STAGE_ACKWAIT:    return "wait";
  66        case MUSB_EP0_STAGE_STATUSIN:   return "in/status";
  67        case MUSB_EP0_STAGE_STATUSOUT:  return "out/status";
  68        default:                        return "?";
  69        }
  70}
  71
  72/* handle a standard GET_STATUS request
  73 * Context:  caller holds controller lock
  74 */
  75static int service_tx_status_request(
  76        struct musb *musb,
  77        const struct usb_ctrlrequest *ctrlrequest)
  78{
  79        void __iomem    *mbase = musb->mregs;
  80        int handled = 1;
  81        u8 result[2], epnum = 0;
  82        const u8 recip = ctrlrequest->bRequestType & USB_RECIP_MASK;
  83
  84        result[1] = 0;
  85
  86        switch (recip) {
  87        case USB_RECIP_DEVICE:
  88                result[0] = musb->g.is_selfpowered << USB_DEVICE_SELF_POWERED;
  89                result[0] |= musb->may_wakeup << USB_DEVICE_REMOTE_WAKEUP;
  90                if (musb->g.is_otg) {
  91                        result[0] |= musb->g.b_hnp_enable
  92                                << USB_DEVICE_B_HNP_ENABLE;
  93                        result[0] |= musb->g.a_alt_hnp_support
  94                                << USB_DEVICE_A_ALT_HNP_SUPPORT;
  95                        result[0] |= musb->g.a_hnp_support
  96                                << USB_DEVICE_A_HNP_SUPPORT;
  97                }
  98                break;
  99
 100        case USB_RECIP_INTERFACE:
 101                result[0] = 0;
 102                break;
 103
 104        case USB_RECIP_ENDPOINT: {
 105                int             is_in;
 106                struct musb_ep  *ep;
 107                u16             tmp;
 108                void __iomem    *regs;
 109
 110                epnum = (u8) ctrlrequest->wIndex;
 111                if (!epnum) {
 112                        result[0] = 0;
 113                        break;
 114                }
 115
 116                is_in = epnum & USB_DIR_IN;
 117                if (is_in) {
 118                        epnum &= 0x0f;
 119                        ep = &musb->endpoints[epnum].ep_in;
 120                } else {
 121                        ep = &musb->endpoints[epnum].ep_out;
 122                }
 123                regs = musb->endpoints[epnum].regs;
 124
 125                if (epnum >= MUSB_C_NUM_EPS || !ep->desc) {
 126                        handled = -EINVAL;
 127                        break;
 128                }
 129
 130                musb_ep_select(mbase, epnum);
 131                if (is_in)
 132                        tmp = musb_readw(regs, MUSB_TXCSR)
 133                                                & MUSB_TXCSR_P_SENDSTALL;
 134                else
 135                        tmp = musb_readw(regs, MUSB_RXCSR)
 136                                                & MUSB_RXCSR_P_SENDSTALL;
 137                musb_ep_select(mbase, 0);
 138
 139                result[0] = tmp ? 1 : 0;
 140                } break;
 141
 142        default:
 143                /* class, vendor, etc ... delegate */
 144                handled = 0;
 145                break;
 146        }
 147
 148        /* fill up the fifo; caller updates csr0 */
 149        if (handled > 0) {
 150                u16     len = le16_to_cpu(ctrlrequest->wLength);
 151
 152                if (len > 2)
 153                        len = 2;
 154                musb_write_fifo(&musb->endpoints[0], len, result);
 155        }
 156
 157        return handled;
 158}
 159
 160/*
 161 * handle a control-IN request, the end0 buffer contains the current request
 162 * that is supposed to be a standard control request. Assumes the fifo to
 163 * be at least 2 bytes long.
 164 *
 165 * @return 0 if the request was NOT HANDLED,
 166 * < 0 when error
 167 * > 0 when the request is processed
 168 *
 169 * Context:  caller holds controller lock
 170 */
 171static int
 172service_in_request(struct musb *musb, const struct usb_ctrlrequest *ctrlrequest)
 173{
 174        int handled = 0;        /* not handled */
 175
 176        if ((ctrlrequest->bRequestType & USB_TYPE_MASK)
 177                        == USB_TYPE_STANDARD) {
 178                switch (ctrlrequest->bRequest) {
 179                case USB_REQ_GET_STATUS:
 180                        handled = service_tx_status_request(musb,
 181                                        ctrlrequest);
 182                        break;
 183
 184                /* case USB_REQ_SYNC_FRAME: */
 185
 186                default:
 187                        break;
 188                }
 189        }
 190        return handled;
 191}
 192
 193/*
 194 * Context:  caller holds controller lock
 195 */
 196static void musb_g_ep0_giveback(struct musb *musb, struct usb_request *req)
 197{
 198        musb_g_giveback(&musb->endpoints[0].ep_in, req, 0);
 199}
 200
 201/*
 202 * Tries to start B-device HNP negotiation if enabled via sysfs
 203 */
 204static inline void musb_try_b_hnp_enable(struct musb *musb)
 205{
 206        void __iomem    *mbase = musb->mregs;
 207        u8              devctl;
 208
 209        dev_dbg(musb->controller, "HNP: Setting HR\n");
 210        devctl = musb_readb(mbase, MUSB_DEVCTL);
 211        musb_writeb(mbase, MUSB_DEVCTL, devctl | MUSB_DEVCTL_HR);
 212}
 213
 214/*
 215 * Handle all control requests with no DATA stage, including standard
 216 * requests such as:
 217 * USB_REQ_SET_CONFIGURATION, USB_REQ_SET_INTERFACE, unrecognized
 218 *      always delegated to the gadget driver
 219 * USB_REQ_SET_ADDRESS, USB_REQ_CLEAR_FEATURE, USB_REQ_SET_FEATURE
 220 *      always handled here, except for class/vendor/... features
 221 *
 222 * Context:  caller holds controller lock
 223 */
 224static int
 225service_zero_data_request(struct musb *musb,
 226                struct usb_ctrlrequest *ctrlrequest)
 227__releases(musb->lock)
 228__acquires(musb->lock)
 229{
 230        int handled = -EINVAL;
 231        void __iomem *mbase = musb->mregs;
 232        const u8 recip = ctrlrequest->bRequestType & USB_RECIP_MASK;
 233
 234        /* the gadget driver handles everything except what we MUST handle */
 235        if ((ctrlrequest->bRequestType & USB_TYPE_MASK)
 236                        == USB_TYPE_STANDARD) {
 237                switch (ctrlrequest->bRequest) {
 238                case USB_REQ_SET_ADDRESS:
 239                        /* change it after the status stage */
 240                        musb->set_address = true;
 241                        musb->address = (u8) (ctrlrequest->wValue & 0x7f);
 242                        handled = 1;
 243                        break;
 244
 245                case USB_REQ_CLEAR_FEATURE:
 246                        switch (recip) {
 247                        case USB_RECIP_DEVICE:
 248                                if (ctrlrequest->wValue
 249                                                != USB_DEVICE_REMOTE_WAKEUP)
 250                                        break;
 251                                musb->may_wakeup = 0;
 252                                handled = 1;
 253                                break;
 254                        case USB_RECIP_INTERFACE:
 255                                break;
 256                        case USB_RECIP_ENDPOINT:{
 257                                const u8                epnum =
 258                                        ctrlrequest->wIndex & 0x0f;
 259                                struct musb_ep          *musb_ep;
 260                                struct musb_hw_ep       *ep;
 261                                struct musb_request     *request;
 262                                void __iomem            *regs;
 263                                int                     is_in;
 264                                u16                     csr;
 265
 266                                if (epnum == 0 || epnum >= MUSB_C_NUM_EPS ||
 267                                    ctrlrequest->wValue != USB_ENDPOINT_HALT)
 268                                        break;
 269
 270                                ep = musb->endpoints + epnum;
 271                                regs = ep->regs;
 272                                is_in = ctrlrequest->wIndex & USB_DIR_IN;
 273                                if (is_in)
 274                                        musb_ep = &ep->ep_in;
 275                                else
 276                                        musb_ep = &ep->ep_out;
 277                                if (!musb_ep->desc)
 278                                        break;
 279
 280                                handled = 1;
 281                                /* Ignore request if endpoint is wedged */
 282                                if (musb_ep->wedged)
 283                                        break;
 284
 285                                musb_ep_select(mbase, epnum);
 286                                if (is_in) {
 287                                        csr  = musb_readw(regs, MUSB_TXCSR);
 288                                        csr |= MUSB_TXCSR_CLRDATATOG |
 289                                               MUSB_TXCSR_P_WZC_BITS;
 290                                        csr &= ~(MUSB_TXCSR_P_SENDSTALL |
 291                                                 MUSB_TXCSR_P_SENTSTALL |
 292                                                 MUSB_TXCSR_TXPKTRDY);
 293                                        musb_writew(regs, MUSB_TXCSR, csr);
 294                                } else {
 295                                        csr  = musb_readw(regs, MUSB_RXCSR);
 296                                        csr |= MUSB_RXCSR_CLRDATATOG |
 297                                               MUSB_RXCSR_P_WZC_BITS;
 298                                        csr &= ~(MUSB_RXCSR_P_SENDSTALL |
 299                                                 MUSB_RXCSR_P_SENTSTALL);
 300                                        musb_writew(regs, MUSB_RXCSR, csr);
 301                                }
 302
 303                                /* Maybe start the first request in the queue */
 304                                request = next_request(musb_ep);
 305                                if (!musb_ep->busy && request) {
 306                                        dev_dbg(musb->controller, "restarting the request\n");
 307                                        musb_ep_restart(musb, request);
 308                                }
 309
 310                                /* select ep0 again */
 311                                musb_ep_select(mbase, 0);
 312                                } break;
 313                        default:
 314                                /* class, vendor, etc ... delegate */
 315                                handled = 0;
 316                                break;
 317                        }
 318                        break;
 319
 320                case USB_REQ_SET_FEATURE:
 321                        switch (recip) {
 322                        case USB_RECIP_DEVICE:
 323                                handled = 1;
 324                                switch (ctrlrequest->wValue) {
 325                                case USB_DEVICE_REMOTE_WAKEUP:
 326                                        musb->may_wakeup = 1;
 327                                        break;
 328                                case USB_DEVICE_TEST_MODE:
 329                                        if (musb->g.speed != USB_SPEED_HIGH)
 330                                                goto stall;
 331                                        if (ctrlrequest->wIndex & 0xff)
 332                                                goto stall;
 333
 334                                        switch (ctrlrequest->wIndex >> 8) {
 335                                        case 1:
 336                                                pr_debug("TEST_J\n");
 337                                                /* TEST_J */
 338                                                musb->test_mode_nr =
 339                                                        MUSB_TEST_J;
 340                                                break;
 341                                        case 2:
 342                                                /* TEST_K */
 343                                                pr_debug("TEST_K\n");
 344                                                musb->test_mode_nr =
 345                                                        MUSB_TEST_K;
 346                                                break;
 347                                        case 3:
 348                                                /* TEST_SE0_NAK */
 349                                                pr_debug("TEST_SE0_NAK\n");
 350                                                musb->test_mode_nr =
 351                                                        MUSB_TEST_SE0_NAK;
 352                                                break;
 353                                        case 4:
 354                                                /* TEST_PACKET */
 355                                                pr_debug("TEST_PACKET\n");
 356                                                musb->test_mode_nr =
 357                                                        MUSB_TEST_PACKET;
 358                                                break;
 359
 360                                        case 0xc0:
 361                                                /* TEST_FORCE_HS */
 362                                                pr_debug("TEST_FORCE_HS\n");
 363                                                musb->test_mode_nr =
 364                                                        MUSB_TEST_FORCE_HS;
 365                                                break;
 366                                        case 0xc1:
 367                                                /* TEST_FORCE_FS */
 368                                                pr_debug("TEST_FORCE_FS\n");
 369                                                musb->test_mode_nr =
 370                                                        MUSB_TEST_FORCE_FS;
 371                                                break;
 372                                        case 0xc2:
 373                                                /* TEST_FIFO_ACCESS */
 374                                                pr_debug("TEST_FIFO_ACCESS\n");
 375                                                musb->test_mode_nr =
 376                                                        MUSB_TEST_FIFO_ACCESS;
 377                                                break;
 378                                        case 0xc3:
 379                                                /* TEST_FORCE_HOST */
 380                                                pr_debug("TEST_FORCE_HOST\n");
 381                                                musb->test_mode_nr =
 382                                                        MUSB_TEST_FORCE_HOST;
 383                                                break;
 384                                        default:
 385                                                goto stall;
 386                                        }
 387
 388                                        /* enter test mode after irq */
 389                                        if (handled > 0)
 390                                                musb->test_mode = true;
 391                                        break;
 392                                case USB_DEVICE_B_HNP_ENABLE:
 393                                        if (!musb->g.is_otg)
 394                                                goto stall;
 395                                        musb->g.b_hnp_enable = 1;
 396                                        musb_try_b_hnp_enable(musb);
 397                                        break;
 398                                case USB_DEVICE_A_HNP_SUPPORT:
 399                                        if (!musb->g.is_otg)
 400                                                goto stall;
 401                                        musb->g.a_hnp_support = 1;
 402                                        break;
 403                                case USB_DEVICE_A_ALT_HNP_SUPPORT:
 404                                        if (!musb->g.is_otg)
 405                                                goto stall;
 406                                        musb->g.a_alt_hnp_support = 1;
 407                                        break;
 408                                case USB_DEVICE_DEBUG_MODE:
 409                                        handled = 0;
 410                                        break;
 411stall:
 412                                default:
 413                                        handled = -EINVAL;
 414                                        break;
 415                                }
 416                                break;
 417
 418                        case USB_RECIP_INTERFACE:
 419                                break;
 420
 421                        case USB_RECIP_ENDPOINT:{
 422                                const u8                epnum =
 423                                        ctrlrequest->wIndex & 0x0f;
 424                                struct musb_ep          *musb_ep;
 425                                struct musb_hw_ep       *ep;
 426                                void __iomem            *regs;
 427                                int                     is_in;
 428                                u16                     csr;
 429
 430                                if (epnum == 0 || epnum >= MUSB_C_NUM_EPS ||
 431                                    ctrlrequest->wValue != USB_ENDPOINT_HALT)
 432                                        break;
 433
 434                                ep = musb->endpoints + epnum;
 435                                regs = ep->regs;
 436                                is_in = ctrlrequest->wIndex & USB_DIR_IN;
 437                                if (is_in)
 438                                        musb_ep = &ep->ep_in;
 439                                else
 440                                        musb_ep = &ep->ep_out;
 441                                if (!musb_ep->desc)
 442                                        break;
 443
 444                                musb_ep_select(mbase, epnum);
 445                                if (is_in) {
 446                                        csr = musb_readw(regs, MUSB_TXCSR);
 447                                        if (csr & MUSB_TXCSR_FIFONOTEMPTY)
 448                                                csr |= MUSB_TXCSR_FLUSHFIFO;
 449                                        csr |= MUSB_TXCSR_P_SENDSTALL
 450                                                | MUSB_TXCSR_CLRDATATOG
 451                                                | MUSB_TXCSR_P_WZC_BITS;
 452                                        musb_writew(regs, MUSB_TXCSR, csr);
 453                                } else {
 454                                        csr = musb_readw(regs, MUSB_RXCSR);
 455                                        csr |= MUSB_RXCSR_P_SENDSTALL
 456                                                | MUSB_RXCSR_FLUSHFIFO
 457                                                | MUSB_RXCSR_CLRDATATOG
 458                                                | MUSB_RXCSR_P_WZC_BITS;
 459                                        musb_writew(regs, MUSB_RXCSR, csr);
 460                                }
 461
 462                                /* select ep0 again */
 463                                musb_ep_select(mbase, 0);
 464                                handled = 1;
 465                                } break;
 466
 467                        default:
 468                                /* class, vendor, etc ... delegate */
 469                                handled = 0;
 470                                break;
 471                        }
 472                        break;
 473                default:
 474                        /* delegate SET_CONFIGURATION, etc */
 475                        handled = 0;
 476                }
 477        } else
 478                handled = 0;
 479        return handled;
 480}
 481
 482/* we have an ep0out data packet
 483 * Context:  caller holds controller lock
 484 */
 485static void ep0_rxstate(struct musb *musb)
 486{
 487        void __iomem            *regs = musb->control_ep->regs;
 488        struct musb_request     *request;
 489        struct usb_request      *req;
 490        u16                     count, csr;
 491
 492        request = next_ep0_request(musb);
 493        req = &request->request;
 494
 495        /* read packet and ack; or stall because of gadget driver bug:
 496         * should have provided the rx buffer before setup() returned.
 497         */
 498        if (req) {
 499                void            *buf = req->buf + req->actual;
 500                unsigned        len = req->length - req->actual;
 501
 502                /* read the buffer */
 503                count = musb_readb(regs, MUSB_COUNT0);
 504                if (count > len) {
 505                        req->status = -EOVERFLOW;
 506                        count = len;
 507                }
 508                if (count > 0) {
 509                        musb_read_fifo(&musb->endpoints[0], count, buf);
 510                        req->actual += count;
 511                }
 512                csr = MUSB_CSR0_P_SVDRXPKTRDY;
 513                if (count < 64 || req->actual == req->length) {
 514                        musb->ep0_state = MUSB_EP0_STAGE_STATUSIN;
 515                        csr |= MUSB_CSR0_P_DATAEND;
 516                } else
 517                        req = NULL;
 518        } else
 519                csr = MUSB_CSR0_P_SVDRXPKTRDY | MUSB_CSR0_P_SENDSTALL;
 520
 521
 522        /* Completion handler may choose to stall, e.g. because the
 523         * message just received holds invalid data.
 524         */
 525        if (req) {
 526                musb->ackpend = csr;
 527                musb_g_ep0_giveback(musb, req);
 528                if (!musb->ackpend)
 529                        return;
 530                musb->ackpend = 0;
 531        }
 532        musb_ep_select(musb->mregs, 0);
 533        musb_writew(regs, MUSB_CSR0, csr);
 534}
 535
 536/*
 537 * transmitting to the host (IN), this code might be called from IRQ
 538 * and from kernel thread.
 539 *
 540 * Context:  caller holds controller lock
 541 */
 542static void ep0_txstate(struct musb *musb)
 543{
 544        void __iomem            *regs = musb->control_ep->regs;
 545        struct musb_request     *req = next_ep0_request(musb);
 546        struct usb_request      *request;
 547        u16                     csr = MUSB_CSR0_TXPKTRDY;
 548        u8                      *fifo_src;
 549        u8                      fifo_count;
 550
 551        if (!req) {
 552                /* WARN_ON(1); */
 553                dev_dbg(musb->controller, "odd; csr0 %04x\n", musb_readw(regs, MUSB_CSR0));
 554                return;
 555        }
 556
 557        request = &req->request;
 558
 559        /* load the data */
 560        fifo_src = (u8 *) request->buf + request->actual;
 561        fifo_count = min((unsigned) MUSB_EP0_FIFOSIZE,
 562                request->length - request->actual);
 563        musb_write_fifo(&musb->endpoints[0], fifo_count, fifo_src);
 564        request->actual += fifo_count;
 565
 566        /* update the flags */
 567        if (fifo_count < MUSB_MAX_END0_PACKET
 568                        || (request->actual == request->length
 569                                && !request->zero)) {
 570                musb->ep0_state = MUSB_EP0_STAGE_STATUSOUT;
 571                csr |= MUSB_CSR0_P_DATAEND;
 572        } else
 573                request = NULL;
 574
 575        /* report completions as soon as the fifo's loaded; there's no
 576         * win in waiting till this last packet gets acked.  (other than
 577         * very precise fault reporting, needed by USB TMC; possible with
 578         * this hardware, but not usable from portable gadget drivers.)
 579         */
 580        if (request) {
 581                musb->ackpend = csr;
 582                musb_g_ep0_giveback(musb, request);
 583                if (!musb->ackpend)
 584                        return;
 585                musb->ackpend = 0;
 586        }
 587
 588        /* send it out, triggering a "txpktrdy cleared" irq */
 589        musb_ep_select(musb->mregs, 0);
 590        musb_writew(regs, MUSB_CSR0, csr);
 591}
 592
 593/*
 594 * Read a SETUP packet (struct usb_ctrlrequest) from the hardware.
 595 * Fields are left in USB byte-order.
 596 *
 597 * Context:  caller holds controller lock.
 598 */
 599static void
 600musb_read_setup(struct musb *musb, struct usb_ctrlrequest *req)
 601{
 602        struct musb_request     *r;
 603        void __iomem            *regs = musb->control_ep->regs;
 604
 605        musb_read_fifo(&musb->endpoints[0], sizeof *req, (u8 *)req);
 606
 607        /* NOTE:  earlier 2.6 versions changed setup packets to host
 608         * order, but now USB packets always stay in USB byte order.
 609         */
 610        dev_dbg(musb->controller, "SETUP req%02x.%02x v%04x i%04x l%d\n",
 611                req->bRequestType,
 612                req->bRequest,
 613                le16_to_cpu(req->wValue),
 614                le16_to_cpu(req->wIndex),
 615                le16_to_cpu(req->wLength));
 616
 617        /* clean up any leftover transfers */
 618        r = next_ep0_request(musb);
 619        if (r)
 620                musb_g_ep0_giveback(musb, &r->request);
 621
 622        /* For zero-data requests we want to delay the STATUS stage to
 623         * avoid SETUPEND errors.  If we read data (OUT), delay accepting
 624         * packets until there's a buffer to store them in.
 625         *
 626         * If we write data, the controller acts happier if we enable
 627         * the TX FIFO right away, and give the controller a moment
 628         * to switch modes...
 629         */
 630        musb->set_address = false;
 631        musb->ackpend = MUSB_CSR0_P_SVDRXPKTRDY;
 632        if (req->wLength == 0) {
 633                if (req->bRequestType & USB_DIR_IN)
 634                        musb->ackpend |= MUSB_CSR0_TXPKTRDY;
 635                musb->ep0_state = MUSB_EP0_STAGE_ACKWAIT;
 636        } else if (req->bRequestType & USB_DIR_IN) {
 637                musb->ep0_state = MUSB_EP0_STAGE_TX;
 638                musb_writew(regs, MUSB_CSR0, MUSB_CSR0_P_SVDRXPKTRDY);
 639                while ((musb_readw(regs, MUSB_CSR0)
 640                                & MUSB_CSR0_RXPKTRDY) != 0)
 641                        cpu_relax();
 642                musb->ackpend = 0;
 643        } else
 644                musb->ep0_state = MUSB_EP0_STAGE_RX;
 645}
 646
 647static int
 648forward_to_driver(struct musb *musb, const struct usb_ctrlrequest *ctrlrequest)
 649__releases(musb->lock)
 650__acquires(musb->lock)
 651{
 652        int retval;
 653        if (!musb->gadget_driver)
 654                return -EOPNOTSUPP;
 655        spin_unlock(&musb->lock);
 656        retval = musb->gadget_driver->setup(&musb->g, ctrlrequest);
 657        spin_lock(&musb->lock);
 658        return retval;
 659}
 660
 661/*
 662 * Handle peripheral ep0 interrupt
 663 *
 664 * Context: irq handler; we won't re-enter the driver that way.
 665 */
 666irqreturn_t musb_g_ep0_irq(struct musb *musb)
 667{
 668        u16             csr;
 669        u16             len;
 670        void __iomem    *mbase = musb->mregs;
 671        void __iomem    *regs = musb->endpoints[0].regs;
 672        irqreturn_t     retval = IRQ_NONE;
 673
 674        musb_ep_select(mbase, 0);       /* select ep0 */
 675        csr = musb_readw(regs, MUSB_CSR0);
 676        len = musb_readb(regs, MUSB_COUNT0);
 677
 678        dev_dbg(musb->controller, "csr %04x, count %d, ep0stage %s\n",
 679                        csr, len, decode_ep0stage(musb->ep0_state));
 680
 681        if (csr & MUSB_CSR0_P_DATAEND) {
 682                /*
 683                 * If DATAEND is set we should not call the callback,
 684                 * hence the status stage is not complete.
 685                 */
 686                return IRQ_HANDLED;
 687        }
 688
 689        /* I sent a stall.. need to acknowledge it now.. */
 690        if (csr & MUSB_CSR0_P_SENTSTALL) {
 691                musb_writew(regs, MUSB_CSR0,
 692                                csr & ~MUSB_CSR0_P_SENTSTALL);
 693                retval = IRQ_HANDLED;
 694                musb->ep0_state = MUSB_EP0_STAGE_IDLE;
 695                csr = musb_readw(regs, MUSB_CSR0);
 696        }
 697
 698        /* request ended "early" */
 699        if (csr & MUSB_CSR0_P_SETUPEND) {
 700                musb_writew(regs, MUSB_CSR0, MUSB_CSR0_P_SVDSETUPEND);
 701                retval = IRQ_HANDLED;
 702                /* Transition into the early status phase */
 703                switch (musb->ep0_state) {
 704                case MUSB_EP0_STAGE_TX:
 705                        musb->ep0_state = MUSB_EP0_STAGE_STATUSOUT;
 706                        break;
 707                case MUSB_EP0_STAGE_RX:
 708                        musb->ep0_state = MUSB_EP0_STAGE_STATUSIN;
 709                        break;
 710                default:
 711                        ERR("SetupEnd came in a wrong ep0stage %s\n",
 712                            decode_ep0stage(musb->ep0_state));
 713                }
 714                csr = musb_readw(regs, MUSB_CSR0);
 715                /* NOTE:  request may need completion */
 716        }
 717
 718        /* docs from Mentor only describe tx, rx, and idle/setup states.
 719         * we need to handle nuances around status stages, and also the
 720         * case where status and setup stages come back-to-back ...
 721         */
 722        switch (musb->ep0_state) {
 723
 724        case MUSB_EP0_STAGE_TX:
 725                /* irq on clearing txpktrdy */
 726                if ((csr & MUSB_CSR0_TXPKTRDY) == 0) {
 727                        ep0_txstate(musb);
 728                        retval = IRQ_HANDLED;
 729                }
 730                break;
 731
 732        case MUSB_EP0_STAGE_RX:
 733                /* irq on set rxpktrdy */
 734                if (csr & MUSB_CSR0_RXPKTRDY) {
 735                        ep0_rxstate(musb);
 736                        retval = IRQ_HANDLED;
 737                }
 738                break;
 739
 740        case MUSB_EP0_STAGE_STATUSIN:
 741                /* end of sequence #2 (OUT/RX state) or #3 (no data) */
 742
 743                /* update address (if needed) only @ the end of the
 744                 * status phase per usb spec, which also guarantees
 745                 * we get 10 msec to receive this irq... until this
 746                 * is done we won't see the next packet.
 747                 */
 748                if (musb->set_address) {
 749                        musb->set_address = false;
 750                        musb_writeb(mbase, MUSB_FADDR, musb->address);
 751                }
 752
 753                /* enter test mode if needed (exit by reset) */
 754                else if (musb->test_mode) {
 755                        dev_dbg(musb->controller, "entering TESTMODE\n");
 756
 757                        if (MUSB_TEST_PACKET == musb->test_mode_nr)
 758                                musb_load_testpacket(musb);
 759
 760                        musb_writeb(mbase, MUSB_TESTMODE,
 761                                        musb->test_mode_nr);
 762                }
 763                /* FALLTHROUGH */
 764
 765        case MUSB_EP0_STAGE_STATUSOUT:
 766                /* end of sequence #1: write to host (TX state) */
 767                {
 768                        struct musb_request     *req;
 769
 770                        req = next_ep0_request(musb);
 771                        if (req)
 772                                musb_g_ep0_giveback(musb, &req->request);
 773                }
 774
 775                /*
 776                 * In case when several interrupts can get coalesced,
 777                 * check to see if we've already received a SETUP packet...
 778                 */
 779                if (csr & MUSB_CSR0_RXPKTRDY)
 780                        goto setup;
 781
 782                retval = IRQ_HANDLED;
 783                musb->ep0_state = MUSB_EP0_STAGE_IDLE;
 784                break;
 785
 786        case MUSB_EP0_STAGE_IDLE:
 787                /*
 788                 * This state is typically (but not always) indiscernible
 789                 * from the status states since the corresponding interrupts
 790                 * tend to happen within too little period of time (with only
 791                 * a zero-length packet in between) and so get coalesced...
 792                 */
 793                retval = IRQ_HANDLED;
 794                musb->ep0_state = MUSB_EP0_STAGE_SETUP;
 795                /* FALLTHROUGH */
 796
 797        case MUSB_EP0_STAGE_SETUP:
 798setup:
 799                if (csr & MUSB_CSR0_RXPKTRDY) {
 800                        struct usb_ctrlrequest  setup;
 801                        int                     handled = 0;
 802
 803                        if (len != 8) {
 804                                ERR("SETUP packet len %d != 8 ?\n", len);
 805                                break;
 806                        }
 807                        musb_read_setup(musb, &setup);
 808                        retval = IRQ_HANDLED;
 809
 810                        /* sometimes the RESET won't be reported */
 811                        if (unlikely(musb->g.speed == USB_SPEED_UNKNOWN)) {
 812                                u8      power;
 813
 814                                printk(KERN_NOTICE "%s: peripheral reset "
 815                                                "irq lost!\n",
 816                                                musb_driver_name);
 817                                power = musb_readb(mbase, MUSB_POWER);
 818                                musb->g.speed = (power & MUSB_POWER_HSMODE)
 819                                        ? USB_SPEED_HIGH : USB_SPEED_FULL;
 820
 821                        }
 822
 823                        switch (musb->ep0_state) {
 824
 825                        /* sequence #3 (no data stage), includes requests
 826                         * we can't forward (notably SET_ADDRESS and the
 827                         * device/endpoint feature set/clear operations)
 828                         * plus SET_CONFIGURATION and others we must
 829                         */
 830                        case MUSB_EP0_STAGE_ACKWAIT:
 831                                handled = service_zero_data_request(
 832                                                musb, &setup);
 833
 834                                /*
 835                                 * We're expecting no data in any case, so
 836                                 * always set the DATAEND bit -- doing this
 837                                 * here helps avoid SetupEnd interrupt coming
 838                                 * in the idle stage when we're stalling...
 839                                 */
 840                                musb->ackpend |= MUSB_CSR0_P_DATAEND;
 841
 842                                /* status stage might be immediate */
 843                                if (handled > 0)
 844                                        musb->ep0_state =
 845                                                MUSB_EP0_STAGE_STATUSIN;
 846                                break;
 847
 848                        /* sequence #1 (IN to host), includes GET_STATUS
 849                         * requests that we can't forward, GET_DESCRIPTOR
 850                         * and others that we must
 851                         */
 852                        case MUSB_EP0_STAGE_TX:
 853                                handled = service_in_request(musb, &setup);
 854                                if (handled > 0) {
 855                                        musb->ackpend = MUSB_CSR0_TXPKTRDY
 856                                                | MUSB_CSR0_P_DATAEND;
 857                                        musb->ep0_state =
 858                                                MUSB_EP0_STAGE_STATUSOUT;
 859                                }
 860                                break;
 861
 862                        /* sequence #2 (OUT from host), always forward */
 863                        default:                /* MUSB_EP0_STAGE_RX */
 864                                break;
 865                        }
 866
 867                        dev_dbg(musb->controller, "handled %d, csr %04x, ep0stage %s\n",
 868                                handled, csr,
 869                                decode_ep0stage(musb->ep0_state));
 870
 871                        /* unless we need to delegate this to the gadget
 872                         * driver, we know how to wrap this up:  csr0 has
 873                         * not yet been written.
 874                         */
 875                        if (handled < 0)
 876                                goto stall;
 877                        else if (handled > 0)
 878                                goto finish;
 879
 880                        handled = forward_to_driver(musb, &setup);
 881                        if (handled < 0) {
 882                                musb_ep_select(mbase, 0);
 883stall:
 884                                dev_dbg(musb->controller, "stall (%d)\n", handled);
 885                                musb->ackpend |= MUSB_CSR0_P_SENDSTALL;
 886                                musb->ep0_state = MUSB_EP0_STAGE_IDLE;
 887finish:
 888                                musb_writew(regs, MUSB_CSR0,
 889                                                musb->ackpend);
 890                                musb->ackpend = 0;
 891                        }
 892                }
 893                break;
 894
 895        case MUSB_EP0_STAGE_ACKWAIT:
 896                /* This should not happen. But happens with tusb6010 with
 897                 * g_file_storage and high speed. Do nothing.
 898                 */
 899                retval = IRQ_HANDLED;
 900                break;
 901
 902        default:
 903                /* "can't happen" */
 904                WARN_ON(1);
 905                musb_writew(regs, MUSB_CSR0, MUSB_CSR0_P_SENDSTALL);
 906                musb->ep0_state = MUSB_EP0_STAGE_IDLE;
 907                break;
 908        }
 909
 910        return retval;
 911}
 912
 913
 914static int
 915musb_g_ep0_enable(struct usb_ep *ep, const struct usb_endpoint_descriptor *desc)
 916{
 917        /* always enabled */
 918        return -EINVAL;
 919}
 920
 921static int musb_g_ep0_disable(struct usb_ep *e)
 922{
 923        /* always enabled */
 924        return -EINVAL;
 925}
 926
 927static int
 928musb_g_ep0_queue(struct usb_ep *e, struct usb_request *r, gfp_t gfp_flags)
 929{
 930        struct musb_ep          *ep;
 931        struct musb_request     *req;
 932        struct musb             *musb;
 933        int                     status;
 934        unsigned long           lockflags;
 935        void __iomem            *regs;
 936
 937        if (!e || !r)
 938                return -EINVAL;
 939
 940        ep = to_musb_ep(e);
 941        musb = ep->musb;
 942        regs = musb->control_ep->regs;
 943
 944        req = to_musb_request(r);
 945        req->musb = musb;
 946        req->request.actual = 0;
 947        req->request.status = -EINPROGRESS;
 948        req->tx = ep->is_in;
 949
 950        spin_lock_irqsave(&musb->lock, lockflags);
 951
 952        if (!list_empty(&ep->req_list)) {
 953                status = -EBUSY;
 954                goto cleanup;
 955        }
 956
 957        switch (musb->ep0_state) {
 958        case MUSB_EP0_STAGE_RX:         /* control-OUT data */
 959        case MUSB_EP0_STAGE_TX:         /* control-IN data */
 960        case MUSB_EP0_STAGE_ACKWAIT:    /* zero-length data */
 961                status = 0;
 962                break;
 963        default:
 964                dev_dbg(musb->controller, "ep0 request queued in state %d\n",
 965                                musb->ep0_state);
 966                status = -EINVAL;
 967                goto cleanup;
 968        }
 969
 970        /* add request to the list */
 971        list_add_tail(&req->list, &ep->req_list);
 972
 973        dev_dbg(musb->controller, "queue to %s (%s), length=%d\n",
 974                        ep->name, ep->is_in ? "IN/TX" : "OUT/RX",
 975                        req->request.length);
 976
 977        musb_ep_select(musb->mregs, 0);
 978
 979        /* sequence #1, IN ... start writing the data */
 980        if (musb->ep0_state == MUSB_EP0_STAGE_TX)
 981                ep0_txstate(musb);
 982
 983        /* sequence #3, no-data ... issue IN status */
 984        else if (musb->ep0_state == MUSB_EP0_STAGE_ACKWAIT) {
 985                if (req->request.length)
 986                        status = -EINVAL;
 987                else {
 988                        musb->ep0_state = MUSB_EP0_STAGE_STATUSIN;
 989                        musb_writew(regs, MUSB_CSR0,
 990                                        musb->ackpend | MUSB_CSR0_P_DATAEND);
 991                        musb->ackpend = 0;
 992                        musb_g_ep0_giveback(ep->musb, r);
 993                }
 994
 995        /* else for sequence #2 (OUT), caller provides a buffer
 996         * before the next packet arrives.  deferred responses
 997         * (after SETUP is acked) are racey.
 998         */
 999        } else if (musb->ackpend) {
1000                musb_writew(regs, MUSB_CSR0, musb->ackpend);

1001                musb->ackpend = 0;
1002        }
1003
1004cleanup:
1005        spin_unlock_irqrestore(&musb->lock, lockflags);
1006        return status;
1007}
1008
1009static int musb_g_ep0_dequeue(struct usb_ep *ep, struct usb_request *req)
1010{
1011        /* we just won't support this */
1012        return -EINVAL;
1013}
1014
1015static int musb_g_ep0_halt(struct usb_ep *e, int value)
1016{
1017        struct musb_ep          *ep;
1018        struct musb             *musb;
1019        void __iomem            *base, *regs;
1020        unsigned long           flags;
1021        int                     status;
1022        u16                     csr;
1023
1024        if (!e || !value)
1025                return -EINVAL;
1026
1027        ep = to_musb_ep(e);
1028        musb = ep->musb;
1029        base = musb->mregs;
1030        regs = musb->control_ep->regs;
1031        status = 0;
1032
1033        spin_lock_irqsave(&musb->lock, flags);
1034
1035        if (!list_empty(&ep->req_list)) {
1036                status = -EBUSY;
1037                goto cleanup;
1038        }
1039
1040        musb_ep_select(base, 0);
1041        csr = musb->ackpend;
1042
1043        switch (musb->ep0_state) {
1044
1045        /* Stalls are usually issued after parsing SETUP packet, either
1046         * directly in irq context from setup() or else later.
1047         */
1048        case MUSB_EP0_STAGE_TX:         /* control-IN data */
1049        case MUSB_EP0_STAGE_ACKWAIT:    /* STALL for zero-length data */
1050        case MUSB_EP0_STAGE_RX:         /* control-OUT data */
1051                csr = musb_readw(regs, MUSB_CSR0);
1052                /* FALLTHROUGH */
1053
1054        /* It's also OK to issue stalls during callbacks when a non-empty
1055         * DATA stage buffer has been read (or even written).
1056         */
1057        case MUSB_EP0_STAGE_STATUSIN:   /* control-OUT status */
1058        case MUSB_EP0_STAGE_STATUSOUT:  /* control-IN status */
1059
1060                csr |= MUSB_CSR0_P_SENDSTALL;
1061                musb_writew(regs, MUSB_CSR0, csr);
1062                musb->ep0_state = MUSB_EP0_STAGE_IDLE;
1063                musb->ackpend = 0;
1064                break;
1065        default:
1066                dev_dbg(musb->controller, "ep0 can't halt in state %d\n", musb->ep0_state);
1067                status = -EINVAL;
1068        }
1069
1070cleanup:
1071        spin_unlock_irqrestore(&musb->lock, flags);
1072        return status;
1073}
1074
1075const struct usb_ep_ops musb_g_ep0_ops = {
1076        .enable         = musb_g_ep0_enable,
1077        .disable        = musb_g_ep0_disable,
1078        .alloc_request  = musb_alloc_request,
1079        .free_request   = musb_free_request,
1080        .queue          = musb_g_ep0_queue,
1081        .dequeue        = musb_g_ep0_dequeue,
1082        .set_halt       = musb_g_ep0_halt,
1083};
1084