1 // SPDX-License-Identifier: GPL-2.0
2 /*
3 * mtu3_gadget_ep0.c - MediaTek USB3 DRD peripheral driver ep0 handling
4 *
5 * Copyright (c) 2016 MediaTek Inc.
6 *
7 * Author: Chunfeng.Yun <chunfeng.yun@mediatek.com>
8 */
9
10 #include <linux/iopoll.h>
11 #include <linux/usb/composite.h>
12
13 #include "mtu3.h"
14
15 /* ep0 is always mtu3->in_eps[0] */
16 #define next_ep0_request(mtu) next_request((mtu)->ep0)
17
18 /* for high speed test mode; see USB 2.0 spec 7.1.20 */
19 static const u8 mtu3_test_packet[53] = {
20 /* implicit SYNC then DATA0 to start */
21
22 /* JKJKJKJK x9 */
23 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
24 /* JJKKJJKK x8 */
25 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
26 /* JJJJKKKK x8 */
27 0xee, 0xee, 0xee, 0xee, 0xee, 0xee, 0xee, 0xee,
28 /* JJJJJJJKKKKKKK x8 */
29 0xfe, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
30 /* JJJJJJJK x8 */
31 0x7f, 0xbf, 0xdf, 0xef, 0xf7, 0xfb, 0xfd,
32 /* JKKKKKKK x10, JK */
33 0xfc, 0x7e, 0xbf, 0xdf, 0xef, 0xf7, 0xfb, 0xfd, 0x7e,
34 /* implicit CRC16 then EOP to end */
35 };
36
decode_ep0_state(struct mtu3 * mtu)37 static char *decode_ep0_state(struct mtu3 *mtu)
38 {
39 switch (mtu->ep0_state) {
40 case MU3D_EP0_STATE_SETUP:
41 return "SETUP";
42 case MU3D_EP0_STATE_TX:
43 return "IN";
44 case MU3D_EP0_STATE_RX:
45 return "OUT";
46 case MU3D_EP0_STATE_TX_END:
47 return "TX-END";
48 case MU3D_EP0_STATE_STALL:
49 return "STALL";
50 default:
51 return "??";
52 }
53 }
54
ep0_req_giveback(struct mtu3 * mtu,struct usb_request * req)55 static void ep0_req_giveback(struct mtu3 *mtu, struct usb_request *req)
56 {
57 mtu3_req_complete(mtu->ep0, req, 0);
58 }
59
60 static int
forward_to_driver(struct mtu3 * mtu,const struct usb_ctrlrequest * setup)61 forward_to_driver(struct mtu3 *mtu, const struct usb_ctrlrequest *setup)
62 __releases(mtu->lock)
63 __acquires(mtu->lock)
64 {
65 int ret;
66
67 if (!mtu->gadget_driver)
68 return -EOPNOTSUPP;
69
70 spin_unlock(&mtu->lock);
71 ret = mtu->gadget_driver->setup(&mtu->g, setup);
72 spin_lock(&mtu->lock);
73
74 dev_dbg(mtu->dev, "%s ret %d\n", __func__, ret);
75 return ret;
76 }
77
writel_rep(volatile void * addr,const void * buffer,unsigned int count)78 static inline void writel_rep(volatile void *addr, const void *buffer,
79 unsigned int count)
80 {
81 if (count) {
82 const u32 *buf = buffer;
83
84 do {
85 writel(*buf++, addr);
86 } while (--count);
87 }
88 }
89
readl_rep(const volatile void * addr,void * buffer,unsigned int count)90 static inline void readl_rep(const volatile void *addr, void *buffer,
91 unsigned int count)
92 {
93 if (count) {
94 u32 *buf = buffer;
95
96 do {
97 u32 x = readl(addr);
98 *buf++ = x;
99 } while (--count);
100 }
101 }
102
ep0_write_fifo(struct mtu3_ep * mep,const u8 * src,u16 len)103 static void ep0_write_fifo(struct mtu3_ep *mep, const u8 *src, u16 len)
104 {
105 void __iomem *fifo = mep->mtu->mac_base + U3D_FIFO0;
106 u16 index = 0;
107
108 dev_dbg(mep->mtu->dev, "%s: ep%din, len=%d, buf=%p\n",
109 __func__, mep->epnum, len, src);
110
111 if (len >= 4) {
112 writel_rep(fifo, src, len >> 2);
113 index = len & ~0x03;
114 }
115 if (len & 0x02) {
116 writew(*(u16 *)&src[index], fifo);
117 index += 2;
118 }
119 if (len & 0x01)
120 writeb(src[index], fifo);
121 }
122
ep0_read_fifo(struct mtu3_ep * mep,u8 * dst,u16 len)123 static void ep0_read_fifo(struct mtu3_ep *mep, u8 *dst, u16 len)
124 {
125 void __iomem *fifo = mep->mtu->mac_base + U3D_FIFO0;
126 u32 value;
127 u16 index = 0;
128
129 dev_dbg(mep->mtu->dev, "%s: ep%dout len=%d buf=%p\n",
130 __func__, mep->epnum, len, dst);
131
132 if (len >= 4) {
133 readl_rep(fifo, dst, len >> 2);
134 index = len & ~0x03;
135 }
136 if (len & 0x3) {
137 value = readl(fifo);
138 memcpy(&dst[index], &value, len & 0x3);
139 }
140 }
141
ep0_load_test_packet(struct mtu3 * mtu)142 static void ep0_load_test_packet(struct mtu3 *mtu)
143 {
144 /*
145 * because the length of test packet is less than max packet of HS ep0,
146 * write it into fifo directly.
147 */
148 ep0_write_fifo(mtu->ep0, mtu3_test_packet, sizeof(mtu3_test_packet));
149 }
150
151 /*
152 * A. send STALL for setup transfer without data stage:
153 * set SENDSTALL and SETUPPKTRDY at the same time;
154 * B. send STALL for other cases:
155 * set SENDSTALL only.
156 */
ep0_stall_set(struct mtu3_ep * mep0,bool set,u32 pktrdy)157 static void ep0_stall_set(struct mtu3_ep *mep0, bool set, u32 pktrdy)
158 {
159 struct mtu3 *mtu = mep0->mtu;
160 void __iomem *mbase = mtu->mac_base;
161 u32 csr;
162
163 /* EP0_SENTSTALL is W1C */
164 csr = mtu3_readl(mbase, U3D_EP0CSR) & EP0_W1C_BITS;
165 if (set)
166 csr |= EP0_SENDSTALL | pktrdy;
167 else
168 csr = (csr & ~EP0_SENDSTALL) | EP0_SENTSTALL;
169 mtu3_writel(mtu->mac_base, U3D_EP0CSR, csr);
170
171 mtu->delayed_status = false;
172 mtu->ep0_state = MU3D_EP0_STATE_SETUP;
173
174 dev_dbg(mtu->dev, "ep0: %s STALL, ep0_state: %s\n",
175 set ? "SEND" : "CLEAR", decode_ep0_state(mtu));
176 }
177
ep0_do_status_stage(struct mtu3 * mtu)178 static void ep0_do_status_stage(struct mtu3 *mtu)
179 {
180 void __iomem *mbase = mtu->mac_base;
181 u32 value;
182
183 value = mtu3_readl(mbase, U3D_EP0CSR) & EP0_W1C_BITS;
184 mtu3_writel(mbase, U3D_EP0CSR, value | EP0_SETUPPKTRDY | EP0_DATAEND);
185 }
186
187 static int ep0_queue(struct mtu3_ep *mep0, struct mtu3_request *mreq);
188
ep0_dummy_complete(struct usb_ep * ep,struct usb_request * req)189 static void ep0_dummy_complete(struct usb_ep *ep, struct usb_request *req)
190 {}
191
ep0_set_sel_complete(struct usb_ep * ep,struct usb_request * req)192 static void ep0_set_sel_complete(struct usb_ep *ep, struct usb_request *req)
193 {
194 struct mtu3_request *mreq;
195 struct mtu3 *mtu;
196 struct usb_set_sel_req sel;
197
198 memcpy(&sel, req->buf, sizeof(sel));
199
200 mreq = to_mtu3_request(req);
201 mtu = mreq->mtu;
202 dev_dbg(mtu->dev, "u1sel:%d, u1pel:%d, u2sel:%d, u2pel:%d\n",
203 sel.u1_sel, sel.u1_pel, sel.u2_sel, sel.u2_pel);
204 }
205
206 /* queue data stage to handle 6 byte SET_SEL request */
ep0_set_sel(struct mtu3 * mtu,struct usb_ctrlrequest * setup)207 static int ep0_set_sel(struct mtu3 *mtu, struct usb_ctrlrequest *setup)
208 {
209 int ret;
210 u16 length = le16_to_cpu(setup->wLength);
211
212 if (unlikely(length != 6)) {
213 dev_err(mtu->dev, "%s wrong wLength:%d\n",
214 __func__, length);
215 return -EINVAL;
216 }
217
218 mtu->ep0_req.mep = mtu->ep0;
219 mtu->ep0_req.request.length = 6;
220 mtu->ep0_req.request.buf = mtu->setup_buf;
221 mtu->ep0_req.request.complete = ep0_set_sel_complete;
222 ret = ep0_queue(mtu->ep0, &mtu->ep0_req);
223
224 return ret < 0 ? ret : 1;
225 }
226
227 static int
ep0_get_status(struct mtu3 * mtu,const struct usb_ctrlrequest * setup)228 ep0_get_status(struct mtu3 *mtu, const struct usb_ctrlrequest *setup)
229 {
230 struct mtu3_ep *mep = NULL;
231 int handled = 1;
232 u8 result[2] = {0, 0};
233 u8 epnum = 0;
234 int is_in;
235
236 switch (setup->bRequestType & USB_RECIP_MASK) {
237 case USB_RECIP_DEVICE:
238 result[0] = mtu->is_self_powered << USB_DEVICE_SELF_POWERED;
239 result[0] |= mtu->may_wakeup << USB_DEVICE_REMOTE_WAKEUP;
240
241 if (mtu->g.speed >= USB_SPEED_SUPER) {
242 result[0] |= mtu->u1_enable << USB_DEV_STAT_U1_ENABLED;
243 result[0] |= mtu->u2_enable << USB_DEV_STAT_U2_ENABLED;
244 }
245
246 dev_dbg(mtu->dev, "%s result=%x, U1=%x, U2=%x\n", __func__,
247 result[0], mtu->u1_enable, mtu->u2_enable);
248
249 break;
250 case USB_RECIP_INTERFACE:
251 break;
252 case USB_RECIP_ENDPOINT:
253 epnum = (u8)le16_to_cpu(setup->wIndex);
254 is_in = epnum & USB_DIR_IN;
255 epnum &= USB_ENDPOINT_NUMBER_MASK;
256
257 if (epnum >= mtu->num_eps) {
258 handled = -EINVAL;
259 break;
260 }
261 if (!epnum)
262 break;
263
264 mep = (is_in ? mtu->in_eps : mtu->out_eps) + epnum;
265 if (!mep->desc) {
266 handled = -EINVAL;
267 break;
268 }
269 if (mep->flags & MTU3_EP_STALL)
270 result[0] |= 1 << USB_ENDPOINT_HALT;
271
272 break;
273 default:
274 /* class, vendor, etc ... delegate */
275 handled = 0;
276 break;
277 }
278
279 if (handled > 0) {
280 int ret;
281
282 /* prepare a data stage for GET_STATUS */
283 dev_dbg(mtu->dev, "get_status=%x\n", *(u16 *)result);
284 memcpy(mtu->setup_buf, result, sizeof(result));
285 mtu->ep0_req.mep = mtu->ep0;
286 mtu->ep0_req.request.length = 2;
287 mtu->ep0_req.request.buf = &mtu->setup_buf;
288 mtu->ep0_req.request.complete = ep0_dummy_complete;
289 ret = ep0_queue(mtu->ep0, &mtu->ep0_req);
290 if (ret < 0)
291 handled = ret;
292 }
293 return handled;
294 }
295
handle_test_mode(struct mtu3 * mtu,struct usb_ctrlrequest * setup)296 static int handle_test_mode(struct mtu3 *mtu, struct usb_ctrlrequest *setup)
297 {
298 void __iomem *mbase = mtu->mac_base;
299 int handled = 1;
300 u32 value = 0;
301
302 switch (le16_to_cpu(setup->wIndex) >> 8) {
303 case TEST_J:
304 dev_dbg(mtu->dev, "TEST_J\n");
305 mtu->test_mode_nr = TEST_J_MODE;
306 break;
307 case TEST_K:
308 dev_dbg(mtu->dev, "TEST_K\n");
309 mtu->test_mode_nr = TEST_K_MODE;
310 break;
311 case TEST_SE0_NAK:
312 dev_dbg(mtu->dev, "TEST_SE0_NAK\n");
313 mtu->test_mode_nr = TEST_SE0_NAK_MODE;
314 break;
315 case TEST_PACKET:
316 dev_dbg(mtu->dev, "TEST_PACKET\n");
317 mtu->test_mode_nr = TEST_PACKET_MODE;
318 break;
319 default:
320 handled = -EINVAL;
321 goto out;
322 }
323
324 mtu->test_mode = true;
325
326 /* no TX completion interrupt, and need restart platform after test */
327 if (mtu->test_mode_nr == TEST_PACKET_MODE)
328 ep0_load_test_packet(mtu);
329
330 /* send status before entering test mode. */
331 ep0_do_status_stage(mtu);
332
333 /* wait for ACK status sent by host */
334 readl_poll_timeout(mbase + U3D_EP0CSR, value,
335 !(value & EP0_DATAEND), 5000);
336
337 mtu3_writel(mbase, U3D_USB2_TEST_MODE, mtu->test_mode_nr);
338
339 mtu->ep0_state = MU3D_EP0_STATE_SETUP;
340
341 out:
342 return handled;
343 }
344
ep0_handle_feature_dev(struct mtu3 * mtu,struct usb_ctrlrequest * setup,bool set)345 static int ep0_handle_feature_dev(struct mtu3 *mtu,
346 struct usb_ctrlrequest *setup, bool set)
347 {
348 void __iomem *mbase = mtu->mac_base;
349 int handled = -EINVAL;
350 u32 lpc;
351
352 switch (le16_to_cpu(setup->wValue)) {
353 case USB_DEVICE_REMOTE_WAKEUP:
354 mtu->may_wakeup = !!set;
355 handled = 1;
356 break;
357 case USB_DEVICE_TEST_MODE:
358 if (!set || (mtu->g.speed != USB_SPEED_HIGH) ||
359 (le16_to_cpu(setup->wIndex) & 0xff))
360 break;
361
362 handled = handle_test_mode(mtu, setup);
363 break;
364 case USB_DEVICE_U1_ENABLE:
365 if (mtu->g.speed < USB_SPEED_SUPER ||
366 mtu->g.state != USB_STATE_CONFIGURED)
367 break;
368
369 lpc = mtu3_readl(mbase, U3D_LINK_POWER_CONTROL);
370 if (set)
371 lpc |= SW_U1_REQUEST_ENABLE;
372 else
373 lpc &= ~SW_U1_REQUEST_ENABLE;
374 mtu3_writel(mbase, U3D_LINK_POWER_CONTROL, lpc);
375
376 mtu->u1_enable = !!set;
377 handled = 1;
378 break;
379 case USB_DEVICE_U2_ENABLE:
380 if (mtu->g.speed < USB_SPEED_SUPER ||
381 mtu->g.state != USB_STATE_CONFIGURED)
382 break;
383
384 lpc = mtu3_readl(mbase, U3D_LINK_POWER_CONTROL);
385 if (set)
386 lpc |= SW_U2_REQUEST_ENABLE;
387 else
388 lpc &= ~SW_U2_REQUEST_ENABLE;
389 mtu3_writel(mbase, U3D_LINK_POWER_CONTROL, lpc);
390
391 mtu->u2_enable = !!set;
392 handled = 1;
393 break;
394 default:
395 handled = -EINVAL;
396 break;
397 }
398 return handled;
399 }
400
ep0_handle_feature(struct mtu3 * mtu,struct usb_ctrlrequest * setup,bool set)401 static int ep0_handle_feature(struct mtu3 *mtu,
402 struct usb_ctrlrequest *setup, bool set)
403 {
404 struct mtu3_ep *mep;
405 int handled = -EINVAL;
406 int is_in;
407 u16 value;
408 u16 index;
409 u8 epnum;
410
411 value = le16_to_cpu(setup->wValue);
412 index = le16_to_cpu(setup->wIndex);
413
414 switch (setup->bRequestType & USB_RECIP_MASK) {
415 case USB_RECIP_DEVICE:
416 handled = ep0_handle_feature_dev(mtu, setup, set);
417 break;
418 case USB_RECIP_INTERFACE:
419 /* superspeed only */
420 if (value == USB_INTRF_FUNC_SUSPEND &&
421 mtu->g.speed >= USB_SPEED_SUPER) {
422 /*
423 * forward the request because function drivers
424 * should handle it
425 */
426 handled = 0;
427 }
428 break;
429 case USB_RECIP_ENDPOINT:
430 epnum = index & USB_ENDPOINT_NUMBER_MASK;
431 if (epnum == 0 || epnum >= mtu->num_eps ||
432 value != USB_ENDPOINT_HALT)
433 break;
434
435 is_in = index & USB_DIR_IN;
436 mep = (is_in ? mtu->in_eps : mtu->out_eps) + epnum;
437 if (!mep->desc)
438 break;
439
440 handled = 1;
441 /* ignore request if endpoint is wedged */
442 if (mep->flags & MTU3_EP_WEDGE)
443 break;
444
445 mtu3_ep_stall_set(mep, set);
446 break;
447 default:
448 /* class, vendor, etc ... delegate */
449 handled = 0;
450 break;
451 }
452 return handled;
453 }
454
455 /*
456 * handle all control requests can be handled
457 * returns:
458 * negative errno - error happened
459 * zero - need delegate SETUP to gadget driver
460 * positive - already handled
461 */
handle_standard_request(struct mtu3 * mtu,struct usb_ctrlrequest * setup)462 static int handle_standard_request(struct mtu3 *mtu,
463 struct usb_ctrlrequest *setup)
464 {
465 void __iomem *mbase = mtu->mac_base;
466 enum usb_device_state state = mtu->g.state;
467 int handled = -EINVAL;
468 u32 dev_conf;
469 u16 value;
470
471 value = le16_to_cpu(setup->wValue);
472
473 /* the gadget driver handles everything except what we must handle */
474 switch (setup->bRequest) {
475 case USB_REQ_SET_ADDRESS:
476 /* change it after the status stage */
477 mtu->address = (u8)(value & 0x7f);
478 dev_dbg(mtu->dev, "set address to 0x%x\n", mtu->address);
479
480 dev_conf = mtu3_readl(mbase, U3D_DEVICE_CONF);
481 dev_conf &= ~DEV_ADDR_MSK;
482 dev_conf |= DEV_ADDR(mtu->address);
483 mtu3_writel(mbase, U3D_DEVICE_CONF, dev_conf);
484
485 if (mtu->address)
486 usb_gadget_set_state(&mtu->g, USB_STATE_ADDRESS);
487 else
488 usb_gadget_set_state(&mtu->g, USB_STATE_DEFAULT);
489
490 handled = 1;
491 break;
492 case USB_REQ_SET_CONFIGURATION:
493 if (state == USB_STATE_ADDRESS) {
494 usb_gadget_set_state(&mtu->g,
495 USB_STATE_CONFIGURED);
496 } else if (state == USB_STATE_CONFIGURED) {
497 /*
498 * USB2 spec sec 9.4.7, if wValue is 0 then dev
499 * is moved to addressed state
500 */
501 if (!value)
502 usb_gadget_set_state(&mtu->g,
503 USB_STATE_ADDRESS);
504 }
505 handled = 0;
506 break;
507 case USB_REQ_CLEAR_FEATURE:
508 handled = ep0_handle_feature(mtu, setup, 0);
509 break;
510 case USB_REQ_SET_FEATURE:
511 handled = ep0_handle_feature(mtu, setup, 1);
512 break;
513 case USB_REQ_GET_STATUS:
514 handled = ep0_get_status(mtu, setup);
515 break;
516 case USB_REQ_SET_SEL:
517 handled = ep0_set_sel(mtu, setup);
518 break;
519 case USB_REQ_SET_ISOCH_DELAY:
520 handled = 1;
521 break;
522 default:
523 /* delegate SET_CONFIGURATION, etc */
524 handled = 0;
525 }
526
527 return handled;
528 }
529
530 /* receive an data packet (OUT) */
ep0_rx_state(struct mtu3 * mtu)531 static void ep0_rx_state(struct mtu3 *mtu)
532 {
533 struct mtu3_request *mreq;
534 struct usb_request *req;
535 void __iomem *mbase = mtu->mac_base;
536 u32 maxp;
537 u32 csr;
538 u16 count = 0;
539
540 dev_dbg(mtu->dev, "%s\n", __func__);
541
542 csr = mtu3_readl(mbase, U3D_EP0CSR) & EP0_W1C_BITS;
543 mreq = next_ep0_request(mtu);
544 req = &mreq->request;
545
546 /* read packet and ack; or stall because of gadget driver bug */
547 if (req) {
548 void *buf = req->buf + req->actual;
549 unsigned int len = req->length - req->actual;
550
551 /* read the buffer */
552 count = mtu3_readl(mbase, U3D_RXCOUNT0);
553 if (count > len) {
554 req->status = -EOVERFLOW;
555 count = len;
556 }
557 ep0_read_fifo(mtu->ep0, buf, count);
558 req->actual += count;
559 csr |= EP0_RXPKTRDY;
560
561 maxp = mtu->g.ep0->maxpacket;
562 if (count < maxp || req->actual == req->length) {
563 mtu->ep0_state = MU3D_EP0_STATE_SETUP;
564 dev_dbg(mtu->dev, "ep0 state: %s\n",
565 decode_ep0_state(mtu));
566
567 csr |= EP0_DATAEND;
568 } else {
569 req = NULL;
570 }
571 } else {
572 csr |= EP0_RXPKTRDY | EP0_SENDSTALL;
573 dev_dbg(mtu->dev, "%s: SENDSTALL\n", __func__);
574 }
575
576 mtu3_writel(mbase, U3D_EP0CSR, csr);
577
578 /* give back the request if have received all data */
579 if (req)
580 ep0_req_giveback(mtu, req);
581 }
582
583 /* transmitting to the host (IN) */
ep0_tx_state(struct mtu3 * mtu)584 static void ep0_tx_state(struct mtu3 *mtu)
585 {
586 struct mtu3_request *mreq = next_ep0_request(mtu);
587 struct usb_request *req;
588 u32 csr;
589 u8 *src;
590 u32 count;
591 u32 maxp;
592
593 dev_dbg(mtu->dev, "%s\n", __func__);
594
595 if (!mreq)
596 return;
597
598 maxp = mtu->g.ep0->maxpacket;
599 req = &mreq->request;
600
601 /* load the data */
602 src = (u8 *)req->buf + req->actual;
603 count = min(maxp, req->length - req->actual);
604 if (count)
605 ep0_write_fifo(mtu->ep0, src, count);
606
607 dev_dbg(mtu->dev, "%s act=%d, len=%d, cnt=%d, maxp=%d zero=%d\n",
608 __func__, req->actual, req->length, count, maxp, req->zero);
609
610 req->actual += count;
611
612 if ((count < maxp) ||
613 ((req->actual == req->length) && !req->zero))
614 mtu->ep0_state = MU3D_EP0_STATE_TX_END;
615
616 /* send it out, triggering a "txpktrdy cleared" irq */
617 csr = mtu3_readl(mtu->mac_base, U3D_EP0CSR) & EP0_W1C_BITS;
618 mtu3_writel(mtu->mac_base, U3D_EP0CSR, csr | EP0_TXPKTRDY);
619
620 dev_dbg(mtu->dev, "%s ep0csr=0x%x\n", __func__,
621 mtu3_readl(mtu->mac_base, U3D_EP0CSR));
622 }
623
ep0_read_setup(struct mtu3 * mtu,struct usb_ctrlrequest * setup)624 static void ep0_read_setup(struct mtu3 *mtu, struct usb_ctrlrequest *setup)
625 {
626 struct mtu3_request *mreq;
627 u32 count;
628 u32 csr;
629
630 csr = mtu3_readl(mtu->mac_base, U3D_EP0CSR) & EP0_W1C_BITS;
631 count = mtu3_readl(mtu->mac_base, U3D_RXCOUNT0);
632
633 ep0_read_fifo(mtu->ep0, (u8 *)setup, count);
634
635 dev_dbg(mtu->dev, "SETUP req%02x.%02x v%04x i%04x l%04x\n",
636 setup->bRequestType, setup->bRequest,
637 le16_to_cpu(setup->wValue), le16_to_cpu(setup->wIndex),
638 le16_to_cpu(setup->wLength));
639
640 /* clean up any leftover transfers */
641 mreq = next_ep0_request(mtu);
642 if (mreq)
643 ep0_req_giveback(mtu, &mreq->request);
644
645 if (le16_to_cpu(setup->wLength) == 0) {
646 ; /* no data stage, nothing to do */
647 } else if (setup->bRequestType & USB_DIR_IN) {
648 mtu3_writel(mtu->mac_base, U3D_EP0CSR,
649 csr | EP0_SETUPPKTRDY | EP0_DPHTX);
650 mtu->ep0_state = MU3D_EP0_STATE_TX;
651 } else {
652 mtu3_writel(mtu->mac_base, U3D_EP0CSR,
653 (csr | EP0_SETUPPKTRDY) & (~EP0_DPHTX));
654 mtu->ep0_state = MU3D_EP0_STATE_RX;
655 }
656 }
657
ep0_handle_setup(struct mtu3 * mtu)658 static int ep0_handle_setup(struct mtu3 *mtu)
659 __releases(mtu->lock)
660 __acquires(mtu->lock)
661 {
662 struct usb_ctrlrequest setup;
663 struct mtu3_request *mreq;
664 int handled = 0;
665
666 ep0_read_setup(mtu, &setup);
667
668 if ((setup.bRequestType & USB_TYPE_MASK) == USB_TYPE_STANDARD)
669 handled = handle_standard_request(mtu, &setup);
670
671 dev_dbg(mtu->dev, "handled %d, ep0_state: %s\n",
672 handled, decode_ep0_state(mtu));
673
674 if (handled < 0)
675 goto stall;
676 else if (handled > 0)
677 goto finish;
678
679 handled = forward_to_driver(mtu, &setup);
680 if (handled < 0) {
681 stall:
682 dev_dbg(mtu->dev, "%s stall (%d)\n", __func__, handled);
683
684 ep0_stall_set(mtu->ep0, true,
685 le16_to_cpu(setup.wLength) ? 0 : EP0_SETUPPKTRDY);
686
687 return 0;
688 }
689
690 finish:
691 if (mtu->test_mode) {
692 ; /* nothing to do */
693 } else if (handled == USB_GADGET_DELAYED_STATUS) {
694
695 mreq = next_ep0_request(mtu);
696 if (mreq) {
697 /* already asked us to continue delayed status */
698 ep0_do_status_stage(mtu);
699 ep0_req_giveback(mtu, &mreq->request);
700 } else {
701 /* do delayed STATUS stage till receive ep0_queue */
702 mtu->delayed_status = true;
703 }
704 } else if (le16_to_cpu(setup.wLength) == 0) { /* no data stage */
705
706 ep0_do_status_stage(mtu);
707 /* complete zlp request directly */
708 mreq = next_ep0_request(mtu);
709 if (mreq && !mreq->request.length)
710 ep0_req_giveback(mtu, &mreq->request);
711 }
712
713 return 0;
714 }
715
mtu3_ep0_isr(struct mtu3 * mtu)716 irqreturn_t mtu3_ep0_isr(struct mtu3 *mtu)
717 {
718 void __iomem *mbase = mtu->mac_base;
719 struct mtu3_request *mreq;
720 u32 int_status;
721 irqreturn_t ret = IRQ_NONE;
722 u32 csr;
723 u32 len;
724
725 int_status = mtu3_readl(mbase, U3D_EPISR);
726 int_status &= mtu3_readl(mbase, U3D_EPIER);
727 mtu3_writel(mbase, U3D_EPISR, int_status); /* W1C */
728
729 /* only handle ep0's */
730 if (!(int_status & (EP0ISR | SETUPENDISR)))
731 return IRQ_NONE;
732
733 /* abort current SETUP, and process new one */
734 if (int_status & SETUPENDISR)
735 mtu->ep0_state = MU3D_EP0_STATE_SETUP;
736
737 csr = mtu3_readl(mbase, U3D_EP0CSR);
738
739 dev_dbg(mtu->dev, "%s csr=0x%x\n", __func__, csr);
740
741 /* we sent a stall.. need to clear it now.. */
742 if (csr & EP0_SENTSTALL) {
743 ep0_stall_set(mtu->ep0, false, 0);
744 csr = mtu3_readl(mbase, U3D_EP0CSR);
745 ret = IRQ_HANDLED;
746 }
747 dev_dbg(mtu->dev, "ep0_state: %s\n", decode_ep0_state(mtu));
748
749 switch (mtu->ep0_state) {
750 case MU3D_EP0_STATE_TX:
751 /* irq on clearing txpktrdy */
752 if ((csr & EP0_FIFOFULL) == 0) {
753 ep0_tx_state(mtu);
754 ret = IRQ_HANDLED;
755 }
756 break;
757 case MU3D_EP0_STATE_RX:
758 /* irq on set rxpktrdy */
759 if (csr & EP0_RXPKTRDY) {
760 ep0_rx_state(mtu);
761 ret = IRQ_HANDLED;
762 }
763 break;
764 case MU3D_EP0_STATE_TX_END:
765 mtu3_writel(mbase, U3D_EP0CSR,
766 (csr & EP0_W1C_BITS) | EP0_DATAEND);
767
768 mreq = next_ep0_request(mtu);
769 if (mreq)
770 ep0_req_giveback(mtu, &mreq->request);
771
772 mtu->ep0_state = MU3D_EP0_STATE_SETUP;
773 ret = IRQ_HANDLED;
774 dev_dbg(mtu->dev, "ep0_state: %s\n", decode_ep0_state(mtu));
775 break;
776 case MU3D_EP0_STATE_SETUP:
777 if (!(csr & EP0_SETUPPKTRDY))
778 break;
779
780 len = mtu3_readl(mbase, U3D_RXCOUNT0);
781 if (len != 8) {
782 dev_err(mtu->dev, "SETUP packet len %d != 8 ?\n", len);
783 break;
784 }
785
786 ep0_handle_setup(mtu);
787 ret = IRQ_HANDLED;
788 break;
789 default:
790 /* can't happen */
791 ep0_stall_set(mtu->ep0, true, 0);
792 WARN_ON(1);
793 break;
794 }
795
796 return ret;
797 }
798
mtu3_ep0_enable(struct usb_ep * ep,const struct usb_endpoint_descriptor * desc)799 static int mtu3_ep0_enable(struct usb_ep *ep,
800 const struct usb_endpoint_descriptor *desc)
801 {
802 /* always enabled */
803 return -EINVAL;
804 }
805
mtu3_ep0_disable(struct usb_ep * ep)806 static int mtu3_ep0_disable(struct usb_ep *ep)
807 {
808 /* always enabled */
809 return -EINVAL;
810 }
811
ep0_queue(struct mtu3_ep * mep,struct mtu3_request * mreq)812 static int ep0_queue(struct mtu3_ep *mep, struct mtu3_request *mreq)
813 {
814 struct mtu3 *mtu = mep->mtu;
815
816 mreq->mtu = mtu;
817 mreq->request.actual = 0;
818 mreq->request.status = -EINPROGRESS;
819
820 dev_dbg(mtu->dev, "%s %s (ep0_state: %s), len#%d\n", __func__,
821 mep->name, decode_ep0_state(mtu), mreq->request.length);
822
823 switch (mtu->ep0_state) {
824 case MU3D_EP0_STATE_SETUP:
825 case MU3D_EP0_STATE_RX: /* control-OUT data */
826 case MU3D_EP0_STATE_TX: /* control-IN data */
827 break;
828 default:
829 dev_err(mtu->dev, "%s, error in ep0 state %s\n", __func__,
830 decode_ep0_state(mtu));
831 return -EINVAL;
832 }
833
834 if (mtu->delayed_status) {
835 mtu->delayed_status = false;
836 ep0_do_status_stage(mtu);
837 /* needn't giveback the request for handling delay STATUS */
838 return 0;
839 }
840
841 if (!list_empty(&mep->req_list))
842 return -EBUSY;
843
844 list_add_tail(&mreq->list, &mep->req_list);
845
846 /* sequence #1, IN ... start writing the data */
847 if (mtu->ep0_state == MU3D_EP0_STATE_TX)
848 ep0_tx_state(mtu);
849
850 return 0;
851 }
852
mtu3_ep0_queue(struct usb_ep * ep,struct usb_request * req,gfp_t gfp)853 static int mtu3_ep0_queue(struct usb_ep *ep,
854 struct usb_request *req, gfp_t gfp)
855 {
856 struct mtu3_ep *mep;
857 struct mtu3_request *mreq;
858 struct mtu3 *mtu;
859 unsigned long flags;
860 int ret = 0;
861
862 if (!ep || !req)
863 return -EINVAL;
864
865 mep = to_mtu3_ep(ep);
866 mtu = mep->mtu;
867 mreq = to_mtu3_request(req);
868
869 spin_lock_irqsave(&mtu->lock, flags);
870 ret = ep0_queue(mep, mreq);
871 spin_unlock_irqrestore(&mtu->lock, flags);
872 return ret;
873 }
874
mtu3_ep0_dequeue(struct usb_ep * ep,struct usb_request * req)875 static int mtu3_ep0_dequeue(struct usb_ep *ep, struct usb_request *req)
876 {
877 /* we just won't support this */
878 return -EINVAL;
879 }
880
mtu3_ep0_halt(struct usb_ep * ep,int value)881 static int mtu3_ep0_halt(struct usb_ep *ep, int value)
882 {
883 struct mtu3_ep *mep;
884 struct mtu3 *mtu;
885 unsigned long flags;
886 int ret = 0;
887
888 if (!ep || !value)
889 return -EINVAL;
890
891 mep = to_mtu3_ep(ep);
892 mtu = mep->mtu;
893
894 dev_dbg(mtu->dev, "%s\n", __func__);
895
896 spin_lock_irqsave(&mtu->lock, flags);
897
898 if (!list_empty(&mep->req_list)) {
899 ret = -EBUSY;
900 goto cleanup;
901 }
902
903 switch (mtu->ep0_state) {
904 /*
905 * stalls are usually issued after parsing SETUP packet, either
906 * directly in irq context from setup() or else later.
907 */
908 case MU3D_EP0_STATE_TX:
909 case MU3D_EP0_STATE_TX_END:
910 case MU3D_EP0_STATE_RX:
911 case MU3D_EP0_STATE_SETUP:
912 ep0_stall_set(mtu->ep0, true, 0);
913 break;
914 default:
915 dev_dbg(mtu->dev, "ep0 can't halt in state %s\n",
916 decode_ep0_state(mtu));
917 ret = -EINVAL;
918 }
919
920 cleanup:
921 spin_unlock_irqrestore(&mtu->lock, flags);
922 return ret;
923 }
924
925 const struct usb_ep_ops mtu3_ep0_ops = {
926 .enable = mtu3_ep0_enable,
927 .disable = mtu3_ep0_disable,
928 .alloc_request = mtu3_alloc_request,
929 .free_request = mtu3_free_request,
930 .queue = mtu3_ep0_queue,
931 .dequeue = mtu3_ep0_dequeue,
932 .set_halt = mtu3_ep0_halt,
933 };
934