LXR uboot/drivers/usb/musb-new/musb_gadget

   1// SPDX-License-Identifier: GPL-2.0
   2/*
   3 * MUSB OTG peripheral driver ep0 handling
   4 *
   5 * Copyright 2005 Mentor Graphics Corporation
   6 * Copyright (C) 2005-2006 by Texas Instruments
   7 * Copyright (C) 2006-2007 Nokia Corporation
   8 * Copyright (C) 2008-2009 MontaVista Software, Inc. <source@mvista.com>
   9 */
  10
  11#ifndef __UBOOT__
  12#include <log.h>
  13#include <dm/device_compat.h>
  14#include <linux/kernel.h>
  15#include <linux/list.h>
  16#include <linux/timer.h>
  17#include <linux/spinlock.h>
  18#include <linux/device.h>
  19#include <linux/interrupt.h>
  20#else
  21#include <common.h>
  22#include <dm.h>
  23#include <dm/device_compat.h>
  24#include <asm/processor.h>
  25#include "linux-compat.h"
  26#endif
  27
  28#include "musb_core.h"
  29
  30/* ep0 is always musb->endpoints[0].ep_in */
  31#define next_ep0_request(musb)  next_in_request(&(musb)->endpoints[0])
  32
  33/*
  34 * locking note:  we use only the controller lock, for simpler correctness.
  35 * It's always held with IRQs blocked.
  36 *
  37 * It protects the ep0 request queue as well as ep0_state, not just the
  38 * controller and indexed registers.  And that lock stays held unless it
  39 * needs to be dropped to allow reentering this driver ... like upcalls to
  40 * the gadget driver, or adjusting endpoint halt status.
  41 */
  42
  43static char *decode_ep0stage(u8 stage)
  44{
  45        switch (stage) {
  46        case MUSB_EP0_STAGE_IDLE:       return "idle";
  47        case MUSB_EP0_STAGE_SETUP:      return "setup";
  48        case MUSB_EP0_STAGE_TX:         return "in";
  49        case MUSB_EP0_STAGE_RX:         return "out";
  50        case MUSB_EP0_STAGE_ACKWAIT:    return "wait";
  51        case MUSB_EP0_STAGE_STATUSIN:   return "in/status";
  52        case MUSB_EP0_STAGE_STATUSOUT:  return "out/status";
  53        default:                        return "?";
  54        }
  55}
  56
  57/* handle a standard GET_STATUS request
  58 * Context:  caller holds controller lock
  59 */
  60static int service_tx_status_request(
  61        struct musb *musb,
  62        const struct usb_ctrlrequest *ctrlrequest)
  63{
  64        void __iomem    *mbase = musb->mregs;
  65        int handled = 1;
  66        u8 result[2], epnum = 0;
  67        const u8 recip = ctrlrequest->bRequestType & USB_RECIP_MASK;
  68
  69        result[1] = 0;
  70
  71        switch (recip) {
  72        case USB_RECIP_DEVICE:
  73                result[0] = musb->is_self_powered << USB_DEVICE_SELF_POWERED;
  74                result[0] |= musb->may_wakeup << USB_DEVICE_REMOTE_WAKEUP;
  75                if (musb->g.is_otg) {
  76                        result[0] |= musb->g.b_hnp_enable
  77                                << USB_DEVICE_B_HNP_ENABLE;
  78                        result[0] |= musb->g.a_alt_hnp_support
  79                                << USB_DEVICE_A_ALT_HNP_SUPPORT;
  80                        result[0] |= musb->g.a_hnp_support
  81                                << USB_DEVICE_A_HNP_SUPPORT;
  82                }
  83                break;
  84
  85        case USB_RECIP_INTERFACE:
  86                result[0] = 0;
  87                break;
  88
  89        case USB_RECIP_ENDPOINT: {
  90                int             is_in;
  91                struct musb_ep  *ep;
  92                u16             tmp;
  93                void __iomem    *regs;
  94
  95                epnum = (u8) ctrlrequest->wIndex;
  96                if (!epnum) {
  97                        result[0] = 0;
  98                        break;
  99                }
 100
 101                is_in = epnum & USB_DIR_IN;
 102                if (is_in) {
 103                        epnum &= 0x0f;
 104                        ep = &musb->endpoints[epnum].ep_in;
 105                } else {
 106                        ep = &musb->endpoints[epnum].ep_out;
 107                }
 108                regs = musb->endpoints[epnum].regs;
 109
 110                if (epnum >= MUSB_C_NUM_EPS || !ep->desc) {
 111                        handled = -EINVAL;
 112                        break;
 113                }
 114
 115                musb_ep_select(mbase, epnum);
 116                if (is_in)
 117                        tmp = musb_readw(regs, MUSB_TXCSR)
 118                                                & MUSB_TXCSR_P_SENDSTALL;
 119                else
 120                        tmp = musb_readw(regs, MUSB_RXCSR)
 121                                                & MUSB_RXCSR_P_SENDSTALL;
 122                musb_ep_select(mbase, 0);
 123
 124                result[0] = tmp ? 1 : 0;
 125                } break;
 126
 127        default:
 128                /* class, vendor, etc ... delegate */
 129                handled = 0;
 130                break;
 131        }
 132
 133        /* fill up the fifo; caller updates csr0 */
 134        if (handled > 0) {
 135                u16     len = le16_to_cpu(ctrlrequest->wLength);
 136
 137                if (len > 2)
 138                        len = 2;
 139                musb_write_fifo(&musb->endpoints[0], len, result);
 140        }
 141
 142        return handled;
 143}
 144
 145/*
 146 * handle a control-IN request, the end0 buffer contains the current request
 147 * that is supposed to be a standard control request. Assumes the fifo to
 148 * be at least 2 bytes long.
 149 *
 150 * @return 0 if the request was NOT HANDLED,
 151 * < 0 when error
 152 * > 0 when the request is processed
 153 *
 154 * Context:  caller holds controller lock
 155 */
 156static int
 157service_in_request(struct musb *musb, const struct usb_ctrlrequest *ctrlrequest)
 158{
 159        int handled = 0;        /* not handled */
 160
 161        if ((ctrlrequest->bRequestType & USB_TYPE_MASK)
 162                        == USB_TYPE_STANDARD) {
 163                switch (ctrlrequest->bRequest) {
 164                case USB_REQ_GET_STATUS:
 165                        handled = service_tx_status_request(musb,
 166                                        ctrlrequest);
 167                        break;
 168
 169                /* case USB_REQ_SYNC_FRAME: */
 170
 171                default:
 172                        break;
 173                }
 174        }
 175        return handled;
 176}
 177
 178/*
 179 * Context:  caller holds controller lock
 180 */
 181static void musb_g_ep0_giveback(struct musb *musb, struct usb_request *req)
 182{
 183        musb_g_giveback(&musb->endpoints[0].ep_in, req, 0);
 184}
 185
 186/*
 187 * Tries to start B-device HNP negotiation if enabled via sysfs
 188 */
 189static inline void musb_try_b_hnp_enable(struct musb *musb)
 190{
 191        void __iomem    *mbase = musb->mregs;
 192        u8              devctl;
 193
 194        dev_dbg(musb->controller, "HNP: Setting HR\n");
 195        devctl = musb_readb(mbase, MUSB_DEVCTL);
 196        musb_writeb(mbase, MUSB_DEVCTL, devctl | MUSB_DEVCTL_HR);
 197}
 198
 199/*
 200 * Handle all control requests with no DATA stage, including standard
 201 * requests such as:
 202 * USB_REQ_SET_CONFIGURATION, USB_REQ_SET_INTERFACE, unrecognized
 203 *      always delegated to the gadget driver
 204 * USB_REQ_SET_ADDRESS, USB_REQ_CLEAR_FEATURE, USB_REQ_SET_FEATURE
 205 *      always handled here, except for class/vendor/... features
 206 *
 207 * Context:  caller holds controller lock
 208 */
 209static int
 210service_zero_data_request(struct musb *musb,
 211                struct usb_ctrlrequest *ctrlrequest)
 212__releases(musb->lock)
 213__acquires(musb->lock)
 214{
 215        int handled = -EINVAL;
 216        void __iomem *mbase = musb->mregs;
 217        const u8 recip = ctrlrequest->bRequestType & USB_RECIP_MASK;
 218
 219        /* the gadget driver handles everything except what we MUST handle */
 220        if ((ctrlrequest->bRequestType & USB_TYPE_MASK)
 221                        == USB_TYPE_STANDARD) {
 222                switch (ctrlrequest->bRequest) {
 223                case USB_REQ_SET_ADDRESS:
 224                        /* change it after the status stage */
 225                        musb->set_address = true;
 226                        musb->address = (u8) (ctrlrequest->wValue & 0x7f);
 227                        handled = 1;
 228                        break;
 229
 230                case USB_REQ_CLEAR_FEATURE:
 231                        switch (recip) {
 232                        case USB_RECIP_DEVICE:
 233                                if (ctrlrequest->wValue
 234                                                != USB_DEVICE_REMOTE_WAKEUP)
 235                                        break;
 236                                musb->may_wakeup = 0;
 237                                handled = 1;
 238                                break;
 239                        case USB_RECIP_INTERFACE:
 240                                break;
 241                        case USB_RECIP_ENDPOINT:{
 242                                const u8                epnum =
 243                                        ctrlrequest->wIndex & 0x0f;
 244                                struct musb_ep          *musb_ep;
 245                                struct musb_hw_ep       *ep;
 246                                struct musb_request     *request;
 247                                void __iomem            *regs;
 248                                int                     is_in;
 249                                u16                     csr;
 250
 251                                if (epnum == 0 || epnum >= MUSB_C_NUM_EPS ||
 252                                    ctrlrequest->wValue != USB_ENDPOINT_HALT)
 253                                        break;
 254
 255                                ep = musb->endpoints + epnum;
 256                                regs = ep->regs;
 257                                is_in = ctrlrequest->wIndex & USB_DIR_IN;
 258                                if (is_in)
 259                                        musb_ep = &ep->ep_in;
 260                                else
 261                                        musb_ep = &ep->ep_out;
 262                                if (!musb_ep->desc)
 263                                        break;
 264
 265                                handled = 1;
 266                                /* Ignore request if endpoint is wedged */
 267                                if (musb_ep->wedged)
 268                                        break;
 269
 270                                musb_ep_select(mbase, epnum);
 271                                if (is_in) {
 272                                        csr  = musb_readw(regs, MUSB_TXCSR);
 273                                        csr |= MUSB_TXCSR_CLRDATATOG |
 274                                               MUSB_TXCSR_P_WZC_BITS;
 275                                        csr &= ~(MUSB_TXCSR_P_SENDSTALL |
 276                                                 MUSB_TXCSR_P_SENTSTALL |
 277                                                 MUSB_TXCSR_TXPKTRDY);
 278                                        musb_writew(regs, MUSB_TXCSR, csr);
 279                                } else {
 280                                        csr  = musb_readw(regs, MUSB_RXCSR);
 281                                        csr |= MUSB_RXCSR_CLRDATATOG |
 282                                               MUSB_RXCSR_P_WZC_BITS;
 283                                        csr &= ~(MUSB_RXCSR_P_SENDSTALL |
 284                                                 MUSB_RXCSR_P_SENTSTALL);
 285                                        musb_writew(regs, MUSB_RXCSR, csr);
 286                                }
 287
 288                                /* Maybe start the first request in the queue */
 289                                request = next_request(musb_ep);
 290                                if (!musb_ep->busy && request) {
 291                                        dev_dbg(musb->controller, "restarting the request\n");
 292                                        musb_ep_restart(musb, request);
 293                                }
 294
 295                                /* select ep0 again */
 296                                musb_ep_select(mbase, 0);
 297                                } break;
 298                        default:
 299                                /* class, vendor, etc ... delegate */
 300                                handled = 0;
 301                                break;
 302                        }
 303                        break;
 304
 305                case USB_REQ_SET_FEATURE:
 306                        switch (recip) {
 307                        case USB_RECIP_DEVICE:
 308                                handled = 1;
 309                                switch (ctrlrequest->wValue) {
 310                                case USB_DEVICE_REMOTE_WAKEUP:
 311                                        musb->may_wakeup = 1;
 312                                        break;
 313                                case USB_DEVICE_TEST_MODE:
 314                                        if (musb->g.speed != USB_SPEED_HIGH)
 315                                                goto stall;
 316                                        if (ctrlrequest->wIndex & 0xff)
 317                                                goto stall;
 318
 319                                        switch (ctrlrequest->wIndex >> 8) {
 320                                        case 1:
 321                                                pr_debug("TEST_J\n");
 322                                                /* TEST_J */
 323                                                musb->test_mode_nr =
 324                                                        MUSB_TEST_J;
 325                                                break;
 326                                        case 2:
 327                                                /* TEST_K */
 328                                                pr_debug("TEST_K\n");
 329                                                musb->test_mode_nr =
 330                                                        MUSB_TEST_K;
 331                                                break;
 332                                        case 3:
 333                                                /* TEST_SE0_NAK */
 334                                                pr_debug("TEST_SE0_NAK\n");
 335                                                musb->test_mode_nr =
 336                                                        MUSB_TEST_SE0_NAK;
 337                                                break;
 338                                        case 4:
 339                                                /* TEST_PACKET */
 340                                                pr_debug("TEST_PACKET\n");
 341                                                musb->test_mode_nr =
 342                                                        MUSB_TEST_PACKET;
 343                                                break;
 344
 345                                        case 0xc0:
 346                                                /* TEST_FORCE_HS */
 347                                                pr_debug("TEST_FORCE_HS\n");
 348                                                musb->test_mode_nr =
 349                                                        MUSB_TEST_FORCE_HS;
 350                                                break;
 351                                        case 0xc1:
 352                                                /* TEST_FORCE_FS */
 353                                                pr_debug("TEST_FORCE_FS\n");
 354                                                musb->test_mode_nr =
 355                                                        MUSB_TEST_FORCE_FS;
 356                                                break;
 357                                        case 0xc2:
 358                                                /* TEST_FIFO_ACCESS */
 359                                                pr_debug("TEST_FIFO_ACCESS\n");
 360                                                musb->test_mode_nr =
 361                                                        MUSB_TEST_FIFO_ACCESS;
 362                                                break;
 363                                        case 0xc3:
 364                                                /* TEST_FORCE_HOST */
 365                                                pr_debug("TEST_FORCE_HOST\n");
 366                                                musb->test_mode_nr =
 367                                                        MUSB_TEST_FORCE_HOST;
 368                                                break;
 369                                        default:
 370                                                goto stall;
 371                                        }
 372
 373                                        /* enter test mode after irq */
 374                                        if (handled > 0)
 375                                                musb->test_mode = true;
 376                                        break;
 377                                case USB_DEVICE_B_HNP_ENABLE:
 378                                        if (!musb->g.is_otg)
 379                                                goto stall;
 380                                        musb->g.b_hnp_enable = 1;
 381                                        musb_try_b_hnp_enable(musb);
 382                                        break;
 383                                case USB_DEVICE_A_HNP_SUPPORT:
 384                                        if (!musb->g.is_otg)
 385                                                goto stall;
 386                                        musb->g.a_hnp_support = 1;
 387                                        break;
 388                                case USB_DEVICE_A_ALT_HNP_SUPPORT:
 389                                        if (!musb->g.is_otg)
 390                                                goto stall;
 391                                        musb->g.a_alt_hnp_support = 1;
 392                                        break;
 393                                case USB_DEVICE_DEBUG_MODE:
 394                                        handled = 0;
 395                                        break;
 396stall:
 397                                default:
 398                                        handled = -EINVAL;
 399                                        break;
 400                                }
 401                                break;
 402
 403                        case USB_RECIP_INTERFACE:
 404                                break;
 405
 406                        case USB_RECIP_ENDPOINT:{
 407                                const u8                epnum =
 408                                        ctrlrequest->wIndex & 0x0f;
 409                                struct musb_ep          *musb_ep;
 410                                struct musb_hw_ep       *ep;
 411                                void __iomem            *regs;
 412                                int                     is_in;
 413                                u16                     csr;
 414
 415                                if (epnum == 0 || epnum >= MUSB_C_NUM_EPS ||
 416                                    ctrlrequest->wValue != USB_ENDPOINT_HALT)
 417                                        break;
 418
 419                                ep = musb->endpoints + epnum;
 420                                regs = ep->regs;
 421                                is_in = ctrlrequest->wIndex & USB_DIR_IN;
 422                                if (is_in)
 423                                        musb_ep = &ep->ep_in;
 424                                else
 425                                        musb_ep = &ep->ep_out;
 426                                if (!musb_ep->desc)
 427                                        break;
 428
 429                                musb_ep_select(mbase, epnum);
 430                                if (is_in) {
 431                                        csr = musb_readw(regs, MUSB_TXCSR);
 432                                        if (csr & MUSB_TXCSR_FIFONOTEMPTY)
 433                                                csr |= MUSB_TXCSR_FLUSHFIFO;
 434                                        csr |= MUSB_TXCSR_P_SENDSTALL
 435                                                | MUSB_TXCSR_CLRDATATOG
 436                                                | MUSB_TXCSR_P_WZC_BITS;
 437                                        musb_writew(regs, MUSB_TXCSR, csr);
 438                                } else {
 439                                        csr = musb_readw(regs, MUSB_RXCSR);
 440                                        csr |= MUSB_RXCSR_P_SENDSTALL
 441                                                | MUSB_RXCSR_FLUSHFIFO
 442                                                | MUSB_RXCSR_CLRDATATOG
 443                                                | MUSB_RXCSR_P_WZC_BITS;
 444                                        musb_writew(regs, MUSB_RXCSR, csr);
 445                                }
 446
 447                                /* select ep0 again */
 448                                musb_ep_select(mbase, 0);
 449                                handled = 1;
 450                                } break;
 451
 452                        default:
 453                                /* class, vendor, etc ... delegate */
 454                                handled = 0;
 455                                break;
 456                        }
 457                        break;
 458                default:
 459                        /* delegate SET_CONFIGURATION, etc */
 460                        handled = 0;
 461                }
 462        } else
 463                handled = 0;
 464        return handled;
 465}
 466
 467/* we have an ep0out data packet
 468 * Context:  caller holds controller lock
 469 */
 470static void ep0_rxstate(struct musb *musb)
 471{
 472        void __iomem            *regs = musb->control_ep->regs;
 473        struct musb_request     *request;
 474        struct usb_request      *req;
 475        u16                     count, csr;
 476
 477        request = next_ep0_request(musb);
 478        req = &request->request;
 479
 480        /* read packet and ack; or stall because of gadget driver bug:
 481         * should have provided the rx buffer before setup() returned.
 482         */
 483        if (req) {
 484                void            *buf = req->buf + req->actual;
 485                unsigned        len = req->length - req->actual;
 486
 487                /* read the buffer */
 488                count = musb_readb(regs, MUSB_COUNT0);
 489                if (count > len) {
 490                        req->status = -EOVERFLOW;
 491                        count = len;
 492                }
 493                musb_read_fifo(&musb->endpoints[0], count, buf);
 494                req->actual += count;
 495                csr = MUSB_CSR0_P_SVDRXPKTRDY;
 496                if (count < 64 || req->actual == req->length) {
 497                        musb->ep0_state = MUSB_EP0_STAGE_STATUSIN;
 498                        csr |= MUSB_CSR0_P_DATAEND;
 499                } else
 500                        req = NULL;
 501        } else
 502                csr = MUSB_CSR0_P_SVDRXPKTRDY | MUSB_CSR0_P_SENDSTALL;
 503
 504
 505        /* Completion handler may choose to stall, e.g. because the
 506         * message just received holds invalid data.
 507         */
 508        if (req) {
 509                musb->ackpend = csr;
 510                musb_g_ep0_giveback(musb, req);
 511                if (!musb->ackpend)
 512                        return;
 513                musb->ackpend = 0;
 514        }
 515        musb_ep_select(musb->mregs, 0);
 516        musb_writew(regs, MUSB_CSR0, csr);
 517}
 518
 519/*
 520 * transmitting to the host (IN), this code might be called from IRQ
 521 * and from kernel thread.
 522 *
 523 * Context:  caller holds controller lock
 524 */
 525static void ep0_txstate(struct musb *musb)
 526{
 527        void __iomem            *regs = musb->control_ep->regs;
 528        struct musb_request     *req = next_ep0_request(musb);
 529        struct usb_request      *request;
 530        u16                     csr = MUSB_CSR0_TXPKTRDY;
 531        u8                      *fifo_src;
 532        u8                      fifo_count;
 533
 534        if (!req) {
 535                /* WARN_ON(1); */
 536                dev_dbg(musb->controller, "odd; csr0 %04x\n", musb_readw(regs, MUSB_CSR0));
 537                return;
 538        }
 539
 540        request = &req->request;
 541
 542        /* load the data */
 543        fifo_src = (u8 *) request->buf + request->actual;
 544        fifo_count = min((unsigned) MUSB_EP0_FIFOSIZE,
 545                request->length - request->actual);
 546        musb_write_fifo(&musb->endpoints[0], fifo_count, fifo_src);
 547        request->actual += fifo_count;
 548
 549        /* update the flags */
 550        if (fifo_count < MUSB_MAX_END0_PACKET
 551                        || (request->actual == request->length
 552                                && !request->zero)) {
 553                musb->ep0_state = MUSB_EP0_STAGE_STATUSOUT;
 554                csr |= MUSB_CSR0_P_DATAEND;
 555        } else
 556                request = NULL;
 557
 558        /* send it out, triggering a "txpktrdy cleared" irq */
 559        musb_ep_select(musb->mregs, 0);
 560        musb_writew(regs, MUSB_CSR0, csr);
 561
 562        /* report completions as soon as the fifo's loaded; there's no
 563         * win in waiting till this last packet gets acked.  (other than
 564         * very precise fault reporting, needed by USB TMC; possible with
 565         * this hardware, but not usable from portable gadget drivers.)
 566         */
 567        if (request) {
 568                musb->ackpend = csr;
 569                musb_g_ep0_giveback(musb, request);
 570                if (!musb->ackpend)
 571                        return;
 572                musb->ackpend = 0;
 573        }
 574}
 575
 576/*
 577 * Read a SETUP packet (struct usb_ctrlrequest) from the hardware.
 578 * Fields are left in USB byte-order.
 579 *
 580 * Context:  caller holds controller lock.
 581 */
 582static void
 583musb_read_setup(struct musb *musb, struct usb_ctrlrequest *req)
 584{
 585        struct musb_request     *r;
 586        void __iomem            *regs = musb->control_ep->regs;
 587
 588        musb_read_fifo(&musb->endpoints[0], sizeof *req, (u8 *)req);
 589
 590        /* NOTE:  earlier 2.6 versions changed setup packets to host
 591         * order, but now USB packets always stay in USB byte order.
 592         */
 593        dev_dbg(musb->controller, "SETUP req%02x.%02x v%04x i%04x l%d\n",
 594                req->bRequestType,
 595                req->bRequest,
 596                le16_to_cpu(req->wValue),
 597                le16_to_cpu(req->wIndex),
 598                le16_to_cpu(req->wLength));
 599
 600        /* clean up any leftover transfers */
 601        r = next_ep0_request(musb);
 602        if (r)
 603                musb_g_ep0_giveback(musb, &r->request);
 604
 605        /* For zero-data requests we want to delay the STATUS stage to
 606         * avoid SETUPEND errors.  If we read data (OUT), delay accepting
 607         * packets until there's a buffer to store them in.
 608         *
 609         * If we write data, the controller acts happier if we enable
 610         * the TX FIFO right away, and give the controller a moment
 611         * to switch modes...
 612         */
 613        musb->set_address = false;
 614        musb->ackpend = MUSB_CSR0_P_SVDRXPKTRDY;
 615        if (req->wLength == 0) {
 616                if (req->bRequestType & USB_DIR_IN)
 617                        musb->ackpend |= MUSB_CSR0_TXPKTRDY;
 618                musb->ep0_state = MUSB_EP0_STAGE_ACKWAIT;
 619        } else if (req->bRequestType & USB_DIR_IN) {
 620                musb->ep0_state = MUSB_EP0_STAGE_TX;
 621                musb_writew(regs, MUSB_CSR0, MUSB_CSR0_P_SVDRXPKTRDY);
 622                while ((musb_readw(regs, MUSB_CSR0)
 623                                & MUSB_CSR0_RXPKTRDY) != 0)
 624                        cpu_relax();
 625                musb->ackpend = 0;
 626        } else
 627                musb->ep0_state = MUSB_EP0_STAGE_RX;
 628}
 629
 630static int
 631forward_to_driver(struct musb *musb, const struct usb_ctrlrequest *ctrlrequest)
 632__releases(musb->lock)
 633__acquires(musb->lock)
 634{
 635        int retval;
 636        if (!musb->gadget_driver)
 637                return -EOPNOTSUPP;
 638        spin_unlock(&musb->lock);
 639        retval = musb->gadget_driver->setup(&musb->g, ctrlrequest);
 640        spin_lock(&musb->lock);
 641        return retval;
 642}
 643
 644/*
 645 * Handle peripheral ep0 interrupt
 646 *
 647 * Context: irq handler; we won't re-enter the driver that way.
 648 */
 649irqreturn_t musb_g_ep0_irq(struct musb *musb)
 650{
 651        u16             csr;
 652        u16             len;
 653        void __iomem    *mbase = musb->mregs;
 654        void __iomem    *regs = musb->endpoints[0].regs;
 655        irqreturn_t     retval = IRQ_NONE;
 656
 657        musb_ep_select(mbase, 0);       /* select ep0 */
 658        csr = musb_readw(regs, MUSB_CSR0);
 659        len = musb_readb(regs, MUSB_COUNT0);
 660
 661        dev_dbg(musb->controller, "csr %04x, count %d, myaddr %d, ep0stage %s\n",
 662                        csr, len,
 663                        musb_readb(mbase, MUSB_FADDR),
 664                        decode_ep0stage(musb->ep0_state));
 665
 666        if (csr & MUSB_CSR0_P_DATAEND) {
 667                /*
 668                 * If DATAEND is set we should not call the callback,
 669                 * hence the status stage is not complete.
 670                 */
 671                return IRQ_HANDLED;
 672        }
 673
 674        /* I sent a stall.. need to acknowledge it now.. */
 675        if (csr & MUSB_CSR0_P_SENTSTALL) {
 676                musb_writew(regs, MUSB_CSR0,
 677                                csr & ~MUSB_CSR0_P_SENTSTALL);
 678                retval = IRQ_HANDLED;
 679                musb->ep0_state = MUSB_EP0_STAGE_IDLE;
 680                csr = musb_readw(regs, MUSB_CSR0);
 681        }
 682
 683        /* request ended "early" */
 684        if (csr & MUSB_CSR0_P_SETUPEND) {
 685                musb_writew(regs, MUSB_CSR0, MUSB_CSR0_P_SVDSETUPEND);
 686                retval = IRQ_HANDLED;
 687                /* Transition into the early status phase */
 688                switch (musb->ep0_state) {
 689                case MUSB_EP0_STAGE_TX:
 690                        musb->ep0_state = MUSB_EP0_STAGE_STATUSOUT;
 691                        break;
 692                case MUSB_EP0_STAGE_RX:
 693                        musb->ep0_state = MUSB_EP0_STAGE_STATUSIN;
 694                        break;
 695                default:
 696                        ERR("SetupEnd came in a wrong ep0stage %s\n",
 697                            decode_ep0stage(musb->ep0_state));
 698                }
 699                csr = musb_readw(regs, MUSB_CSR0);
 700                /* NOTE:  request may need completion */
 701        }
 702
 703        /* docs from Mentor only describe tx, rx, and idle/setup states.
 704         * we need to handle nuances around status stages, and also the
 705         * case where status and setup stages come back-to-back ...
 706         */
 707        switch (musb->ep0_state) {
 708
 709        case MUSB_EP0_STAGE_TX:
 710                /* irq on clearing txpktrdy */
 711                if ((csr & MUSB_CSR0_TXPKTRDY) == 0) {
 712                        ep0_txstate(musb);
 713                        retval = IRQ_HANDLED;
 714                }
 715                break;
 716
 717        case MUSB_EP0_STAGE_RX:
 718                /* irq on set rxpktrdy */
 719                if (csr & MUSB_CSR0_RXPKTRDY) {
 720                        ep0_rxstate(musb);
 721                        retval = IRQ_HANDLED;
 722                }
 723                break;
 724
 725        case MUSB_EP0_STAGE_STATUSIN:
 726                /* end of sequence #2 (OUT/RX state) or #3 (no data) */
 727
 728                /* update address (if needed) only @ the end of the
 729                 * status phase per usb spec, which also guarantees
 730                 * we get 10 msec to receive this irq... until this
 731                 * is done we won't see the next packet.
 732                 */
 733                if (musb->set_address) {
 734                        musb->set_address = false;
 735                        musb_writeb(mbase, MUSB_FADDR, musb->address);
 736                }
 737
 738                /* enter test mode if needed (exit by reset) */
 739                else if (musb->test_mode) {
 740                        dev_dbg(musb->controller, "entering TESTMODE\n");
 741
 742                        if (MUSB_TEST_PACKET == musb->test_mode_nr)
 743                                musb_load_testpacket(musb);
 744
 745                        musb_writeb(mbase, MUSB_TESTMODE,
 746                                        musb->test_mode_nr);
 747                }
 748                /* FALLTHROUGH */
 749
 750        case MUSB_EP0_STAGE_STATUSOUT:
 751                /* end of sequence #1: write to host (TX state) */
 752                {
 753                        struct musb_request     *req;
 754
 755                        req = next_ep0_request(musb);
 756                        if (req)
 757                                musb_g_ep0_giveback(musb, &req->request);
 758                }
 759
 760                /*
 761                 * In case when several interrupts can get coalesced,
 762                 * check to see if we've already received a SETUP packet...
 763                 */
 764                if (csr & MUSB_CSR0_RXPKTRDY)
 765                        goto setup;
 766
 767                retval = IRQ_HANDLED;
 768                musb->ep0_state = MUSB_EP0_STAGE_IDLE;
 769                break;
 770
 771        case MUSB_EP0_STAGE_IDLE:
 772                /*
 773                 * This state is typically (but not always) indiscernible
 774                 * from the status states since the corresponding interrupts
 775                 * tend to happen within too little period of time (with only
 776                 * a zero-length packet in between) and so get coalesced...
 777                 */
 778                retval = IRQ_HANDLED;
 779                musb->ep0_state = MUSB_EP0_STAGE_SETUP;
 780                /* FALLTHROUGH */
 781
 782        case MUSB_EP0_STAGE_SETUP:
 783setup:
 784                if (csr & MUSB_CSR0_RXPKTRDY) {
 785                        struct usb_ctrlrequest  setup;
 786                        int                     handled = 0;
 787
 788                        if (len != 8) {
 789                                ERR("SETUP packet len %d != 8 ?\n", len);
 790                                break;
 791                        }
 792                        musb_read_setup(musb, &setup);
 793                        retval = IRQ_HANDLED;
 794
 795                        /* sometimes the RESET won't be reported */
 796                        if (unlikely(musb->g.speed == USB_SPEED_UNKNOWN)) {
 797                                u8      power;
 798
 799                                printk(KERN_NOTICE "%s: peripheral reset "
 800                                                "irq lost!\n",
 801                                                musb_driver_name);
 802                                power = musb_readb(mbase, MUSB_POWER);
 803                                musb->g.speed = (power & MUSB_POWER_HSMODE)
 804                                        ? USB_SPEED_HIGH : USB_SPEED_FULL;
 805
 806                        }
 807
 808                        switch (musb->ep0_state) {
 809
 810                        /* sequence #3 (no data stage), includes requests
 811                         * we can't forward (notably SET_ADDRESS and the
 812                         * device/endpoint feature set/clear operations)
 813                         * plus SET_CONFIGURATION and others we must
 814                         */
 815                        case MUSB_EP0_STAGE_ACKWAIT:
 816                                handled = service_zero_data_request(
 817                                                musb, &setup);
 818
 819                                /*
 820                                 * We're expecting no data in any case, so
 821                                 * always set the DATAEND bit -- doing this
 822                                 * here helps avoid SetupEnd interrupt coming
 823                                 * in the idle stage when we're stalling...
 824                                 */
 825                                musb->ackpend |= MUSB_CSR0_P_DATAEND;
 826
 827                                /* status stage might be immediate */
 828                                if (handled > 0)
 829                                        musb->ep0_state =
 830                                                MUSB_EP0_STAGE_STATUSIN;
 831                                break;
 832
 833                        /* sequence #1 (IN to host), includes GET_STATUS
 834                         * requests that we can't forward, GET_DESCRIPTOR
 835                         * and others that we must
 836                         */
 837                        case MUSB_EP0_STAGE_TX:
 838                                handled = service_in_request(musb, &setup);
 839                                if (handled > 0) {
 840                                        musb->ackpend = MUSB_CSR0_TXPKTRDY
 841                                                | MUSB_CSR0_P_DATAEND;
 842                                        musb->ep0_state =
 843                                                MUSB_EP0_STAGE_STATUSOUT;
 844                                }
 845                                break;
 846
 847                        /* sequence #2 (OUT from host), always forward */
 848                        default:                /* MUSB_EP0_STAGE_RX */
 849                                break;
 850                        }
 851
 852                        dev_dbg(musb->controller, "handled %d, csr %04x, ep0stage %s\n",
 853                                handled, csr,
 854                                decode_ep0stage(musb->ep0_state));
 855
 856                        /* unless we need to delegate this to the gadget
 857                         * driver, we know how to wrap this up:  csr0 has
 858                         * not yet been written.
 859                         */
 860                        if (handled < 0)
 861                                goto stall;
 862                        else if (handled > 0)
 863                                goto finish;
 864
 865                        handled = forward_to_driver(musb, &setup);
 866                        if (handled < 0) {
 867                                musb_ep_select(mbase, 0);
 868stall:
 869                                dev_dbg(musb->controller, "stall (%d)\n", handled);
 870                                musb->ackpend |= MUSB_CSR0_P_SENDSTALL;
 871                                musb->ep0_state = MUSB_EP0_STAGE_IDLE;
 872finish:
 873                                musb_writew(regs, MUSB_CSR0,
 874                                                musb->ackpend);
 875                                musb->ackpend = 0;
 876                        }
 877                }
 878                break;
 879
 880        case MUSB_EP0_STAGE_ACKWAIT:
 881                /* This should not happen. But happens with tusb6010 with
 882                 * g_file_storage and high speed. Do nothing.
 883                 */
 884                retval = IRQ_HANDLED;
 885                break;
 886
 887        default:
 888                /* "can't happen" */
 889                assert_noisy(false);
 890                musb_writew(regs, MUSB_CSR0, MUSB_CSR0_P_SENDSTALL);
 891                musb->ep0_state = MUSB_EP0_STAGE_IDLE;
 892                break;
 893        }
 894
 895        return retval;
 896}
 897
 898
 899static int
 900musb_g_ep0_enable(struct usb_ep *ep, const struct usb_endpoint_descriptor *desc)
 901{
 902        /* always enabled */
 903        return -EINVAL;
 904}
 905
 906static int musb_g_ep0_disable(struct usb_ep *e)
 907{
 908        /* always enabled */
 909        return -EINVAL;
 910}
 911
 912static int
 913musb_g_ep0_queue(struct usb_ep *e, struct usb_request *r, gfp_t gfp_flags)
 914{
 915        struct musb_ep          *ep;
 916        struct musb_request     *req;
 917        struct musb             *musb;
 918        int                     status;
 919        unsigned long           lockflags;
 920        void __iomem            *regs;
 921
 922        if (!e || !r)
 923                return -EINVAL;
 924
 925        ep = to_musb_ep(e);
 926        musb = ep->musb;
 927        regs = musb->control_ep->regs;
 928
 929        req = to_musb_request(r);
 930        req->musb = musb;
 931        req->request.actual = 0;
 932        req->request.status = -EINPROGRESS;
 933        req->tx = ep->is_in;
 934
 935        spin_lock_irqsave(&musb->lock, lockflags);
 936
 937        if (!list_empty(&ep->req_list)) {
 938                status = -EBUSY;
 939                goto cleanup;
 940        }
 941
 942        switch (musb->ep0_state) {
 943        case MUSB_EP0_STAGE_RX:         /* control-OUT data */
 944        case MUSB_EP0_STAGE_TX:         /* control-IN data */
 945        case MUSB_EP0_STAGE_ACKWAIT:    /* zero-length data */
 946                status = 0;
 947                break;
 948        default:
 949                dev_dbg(musb->controller, "ep0 request queued in state %d\n",
 950                                musb->ep0_state);
 951                status = -EINVAL;
 952                goto cleanup;
 953        }
 954
 955        /* add request to the list */
 956        list_add_tail(&req->list, &ep->req_list);
 957
 958        dev_dbg(musb->controller, "queue to %s (%s), length=%d\n",
 959                        ep->name, ep->is_in ? "IN/TX" : "OUT/RX",
 960                        req->request.length);
 961
 962        musb_ep_select(musb->mregs, 0);
 963
 964        /* sequence #1, IN ... start writing the data */
 965        if (musb->ep0_state == MUSB_EP0_STAGE_TX)
 966                ep0_txstate(musb);
 967
 968        /* sequence #3, no-data ... issue IN status */
 969        else if (musb->ep0_state == MUSB_EP0_STAGE_ACKWAIT) {
 970                if (req->request.length)
 971                        status = -EINVAL;
 972                else {
 973                        musb->ep0_state = MUSB_EP0_STAGE_STATUSIN;
 974                        musb_writew(regs, MUSB_CSR0,
 975                                        musb->ackpend | MUSB_CSR0_P_DATAEND);
 976                        musb->ackpend = 0;
 977                        musb_g_ep0_giveback(ep->musb, r);
 978                }
 979
 980        /* else for sequence #2 (OUT), caller provides a buffer
 981         * before the next packet arrives.  deferred responses
 982         * (after SETUP is acked) are racey.
 983         */
 984        } else if (musb->ackpend) {
 985                musb_writew(regs, MUSB_CSR0, musb->ackpend);
 986                musb->ackpend = 0;
 987        }
 988
 989cleanup:
 990        spin_unlock_irqrestore(&musb->lock, lockflags);
 991        return status;
 992}
 993
 994static int musb_g_ep0_dequeue(struct usb_ep *ep, struct usb_request *req)
 995{
 996        /* we just won't support this */
 997        return -EINVAL;
 998}
 999
1000static int musb_g_ep0_halt(struct usb_ep *e, int value)

1001{
1002        struct musb_ep          *ep;
1003        struct musb             *musb;
1004        void __iomem            *base, *regs;
1005        unsigned long           flags;
1006        int                     status;
1007        u16                     csr;
1008
1009        if (!e || !value)
1010                return -EINVAL;
1011
1012        ep = to_musb_ep(e);
1013        musb = ep->musb;
1014        base = musb->mregs;
1015        regs = musb->control_ep->regs;
1016        status = 0;
1017
1018        spin_lock_irqsave(&musb->lock, flags);
1019
1020        if (!list_empty(&ep->req_list)) {
1021                status = -EBUSY;
1022                goto cleanup;
1023        }
1024
1025        musb_ep_select(base, 0);
1026        csr = musb->ackpend;
1027
1028        switch (musb->ep0_state) {
1029
1030        /* Stalls are usually issued after parsing SETUP packet, either
1031         * directly in irq context from setup() or else later.
1032         */
1033        case MUSB_EP0_STAGE_TX:         /* control-IN data */
1034        case MUSB_EP0_STAGE_ACKWAIT:    /* STALL for zero-length data */
1035        case MUSB_EP0_STAGE_RX:         /* control-OUT data */
1036                csr = musb_readw(regs, MUSB_CSR0);
1037                /* FALLTHROUGH */
1038
1039        /* It's also OK to issue stalls during callbacks when a non-empty
1040         * DATA stage buffer has been read (or even written).
1041         */
1042        case MUSB_EP0_STAGE_STATUSIN:   /* control-OUT status */
1043        case MUSB_EP0_STAGE_STATUSOUT:  /* control-IN status */
1044
1045                csr |= MUSB_CSR0_P_SENDSTALL;
1046                musb_writew(regs, MUSB_CSR0, csr);
1047                musb->ep0_state = MUSB_EP0_STAGE_IDLE;
1048                musb->ackpend = 0;
1049                break;
1050        default:
1051                dev_dbg(musb->controller, "ep0 can't halt in state %d\n", musb->ep0_state);
1052                status = -EINVAL;
1053        }
1054
1055cleanup:
1056        spin_unlock_irqrestore(&musb->lock, flags);
1057        return status;
1058}
1059
1060const struct usb_ep_ops musb_g_ep0_ops = {
1061        .enable         = musb_g_ep0_enable,
1062        .disable        = musb_g_ep0_disable,
1063        .alloc_request  = musb_alloc_request,
1064        .free_request   = musb_free_request,
1065        .queue          = musb_g_ep0_queue,
1066        .dequeue        = musb_g_ep0_dequeue,
1067        .set_halt       = musb_g_ep0_halt,
1068};
1069