1 /* $FreeBSD$ */ 2 /*- 3 * Copyright (c) 2008 Hans Petter Selasky. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 15 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 16 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 17 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 18 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 19 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 23 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 24 * SUCH DAMAGE. 25 */ 26 27 #include <dev/usb/usb_defs.h> 28 #include <dev/usb/usb_mfunc.h> 29 #include <dev/usb/usb_error.h> 30 #include <dev/usb/usb.h> 31 32 #define USB_DEBUG_VAR usb2_debug 33 34 #include <dev/usb/usb_core.h> 35 #include <dev/usb/usb_process.h> 36 #include <dev/usb/usb_busdma.h> 37 #include <dev/usb/usb_transfer.h> 38 #include <dev/usb/usb_device.h> 39 #include <dev/usb/usb_debug.h> 40 #include <dev/usb/usb_dynamic.h> 41 #include <dev/usb/usb_hub.h> 42 43 #include <dev/usb/usb_controller.h> 44 #include <dev/usb/usb_bus.h> 45 46 /* enum */ 47 48 enum { 49 ST_DATA, 50 ST_POST_STATUS, 51 }; 52 53 /* function prototypes */ 54 55 static uint8_t usb2_handle_get_stall(struct usb2_device *, uint8_t); 56 static usb2_error_t usb2_handle_remote_wakeup(struct usb2_xfer *, uint8_t); 57 static usb2_error_t usb2_handle_request(struct usb2_xfer *); 58 static usb2_error_t usb2_handle_set_config(struct usb2_xfer *, uint8_t); 59 static usb2_error_t usb2_handle_set_stall(struct usb2_xfer *, uint8_t, 60 uint8_t); 61 static usb2_error_t usb2_handle_iface_request(struct usb2_xfer *, void **, 62 uint16_t *, struct usb2_device_request, uint16_t, 63 uint8_t); 64 65 /*------------------------------------------------------------------------* 66 * usb2_handle_request_callback 67 * 68 * This function is the USB callback for generic USB Device control 69 * transfers. 70 *------------------------------------------------------------------------*/ 71 void 72 usb2_handle_request_callback(struct usb2_xfer *xfer) 73 { 74 usb2_error_t err; 75 76 /* check the current transfer state */ 77 78 switch (USB_GET_STATE(xfer)) { 79 case USB_ST_SETUP: 80 case USB_ST_TRANSFERRED: 81 82 /* handle the request */ 83 err = usb2_handle_request(xfer); 84 85 if (err) { 86 87 if (err == USB_ERR_BAD_CONTEXT) { 88 /* we need to re-setup the control transfer */ 89 usb2_needs_explore(xfer->xroot->bus, 0); 90 break; 91 } 92 /* 93 * If no control transfer is active, 94 * receive the next SETUP message: 95 */ 96 goto tr_restart; 97 } 98 usb2_start_hardware(xfer); 99 break; 100 101 default: 102 if (xfer->error != USB_ERR_CANCELLED) { 103 /* should not happen - try stalling */ 104 goto tr_restart; 105 } 106 break; 107 } 108 return; 109 110 tr_restart: 111 xfer->frlengths[0] = sizeof(struct usb2_device_request); 112 xfer->nframes = 1; 113 xfer->flags.manual_status = 1; 114 xfer->flags.force_short_xfer = 0; 115 xfer->flags.stall_pipe = 1; /* cancel previous transfer, if any */ 116 usb2_start_hardware(xfer); 117 } 118 119 /*------------------------------------------------------------------------* 120 * usb2_handle_set_config 121 * 122 * Returns: 123 * 0: Success 124 * Else: Failure 125 *------------------------------------------------------------------------*/ 126 static usb2_error_t 127 usb2_handle_set_config(struct usb2_xfer *xfer, uint8_t conf_no) 128 { 129 struct usb2_device *udev = xfer->xroot->udev; 130 usb2_error_t err = 0; 131 132 /* 133 * We need to protect against other threads doing probe and 134 * attach: 135 */ 136 USB_XFER_UNLOCK(xfer); 137 mtx_lock(&Giant); /* XXX */ 138 sx_xlock(udev->default_sx + 1); 139 140 if (conf_no == USB_UNCONFIG_NO) { 141 conf_no = USB_UNCONFIG_INDEX; 142 } else { 143 /* 144 * The relationship between config number and config index 145 * is very simple in our case: 146 */ 147 conf_no--; 148 } 149 150 if (usb2_set_config_index(udev, conf_no)) { 151 DPRINTF("set config %d failed\n", conf_no); 152 err = USB_ERR_STALLED; 153 goto done; 154 } 155 if (usb2_probe_and_attach(udev, USB_IFACE_INDEX_ANY)) { 156 DPRINTF("probe and attach failed\n"); 157 err = USB_ERR_STALLED; 158 goto done; 159 } 160 done: 161 mtx_unlock(&Giant); /* XXX */ 162 sx_unlock(udev->default_sx + 1); 163 USB_XFER_LOCK(xfer); 164 return (err); 165 } 166 167 /*------------------------------------------------------------------------* 168 * usb2_handle_iface_request 169 * 170 * Returns: 171 * 0: Success 172 * Else: Failure 173 *------------------------------------------------------------------------*/ 174 static usb2_error_t 175 usb2_handle_iface_request(struct usb2_xfer *xfer, 176 void **ppdata, uint16_t *plen, 177 struct usb2_device_request req, uint16_t off, uint8_t state) 178 { 179 struct usb2_interface *iface; 180 struct usb2_interface *iface_parent; /* parent interface */ 181 struct usb2_device *udev = xfer->xroot->udev; 182 int error; 183 uint8_t iface_index; 184 185 if ((req.bmRequestType & 0x1F) == UT_INTERFACE) { 186 iface_index = req.wIndex[0]; /* unicast */ 187 } else { 188 iface_index = 0; /* broadcast */ 189 } 190 191 /* 192 * We need to protect against other threads doing probe and 193 * attach: 194 */ 195 USB_XFER_UNLOCK(xfer); 196 mtx_lock(&Giant); /* XXX */ 197 sx_xlock(udev->default_sx + 1); 198 199 error = ENXIO; 200 201 tr_repeat: 202 iface = usb2_get_iface(udev, iface_index); 203 if ((iface == NULL) || 204 (iface->idesc == NULL)) { 205 /* end of interfaces non-existing interface */ 206 goto tr_stalled; 207 } 208 /* forward request to interface, if any */ 209 210 if ((error != 0) && 211 (error != ENOTTY) && 212 (iface->subdev != NULL) && 213 device_is_attached(iface->subdev)) { 214 #if 0 215 DEVMETHOD(usb2_handle_request, NULL); /* dummy */ 216 #endif 217 error = USB_HANDLE_REQUEST(iface->subdev, 218 &req, ppdata, plen, 219 off, (state == ST_POST_STATUS)); 220 } 221 iface_parent = usb2_get_iface(udev, iface->parent_iface_index); 222 223 if ((iface_parent == NULL) || 224 (iface_parent->idesc == NULL)) { 225 /* non-existing interface */ 226 iface_parent = NULL; 227 } 228 /* forward request to parent interface, if any */ 229 230 if ((error != 0) && 231 (error != ENOTTY) && 232 (iface_parent != NULL) && 233 (iface_parent->subdev != NULL) && 234 ((req.bmRequestType & 0x1F) == UT_INTERFACE) && 235 (iface_parent->subdev != iface->subdev) && 236 device_is_attached(iface_parent->subdev)) { 237 error = USB_HANDLE_REQUEST(iface_parent->subdev, 238 &req, ppdata, plen, off, 239 (state == ST_POST_STATUS)); 240 } 241 if (error == 0) { 242 /* negativly adjust pointer and length */ 243 *ppdata = ((uint8_t *)(*ppdata)) - off; 244 *plen += off; 245 goto tr_valid; 246 } else if (error == ENOTTY) { 247 goto tr_stalled; 248 } 249 if ((req.bmRequestType & 0x1F) != UT_INTERFACE) { 250 iface_index++; /* iterate */ 251 goto tr_repeat; 252 } 253 if (state == ST_POST_STATUS) { 254 /* we are complete */ 255 goto tr_valid; 256 } 257 switch (req.bmRequestType) { 258 case UT_WRITE_INTERFACE: 259 switch (req.bRequest) { 260 case UR_SET_INTERFACE: 261 /* 262 * Handle special case. If we have parent interface 263 * we just reset the endpoints, because this is a 264 * multi interface device and re-attaching only a 265 * part of the device is not possible. Also if the 266 * alternate setting is the same like before we just 267 * reset the interface endoints. 268 */ 269 if ((iface_parent != NULL) || 270 (iface->alt_index == req.wValue[0])) { 271 error = usb2_reset_iface_endpoints(udev, 272 iface_index); 273 if (error) { 274 DPRINTF("alt setting failed %s\n", 275 usb2_errstr(error)); 276 goto tr_stalled; 277 } 278 break; 279 } 280 /* 281 * Doing the alternate setting will detach the 282 * interface aswell: 283 */ 284 error = usb2_set_alt_interface_index(udev, 285 iface_index, req.wValue[0]); 286 if (error) { 287 DPRINTF("alt setting failed %s\n", 288 usb2_errstr(error)); 289 goto tr_stalled; 290 } 291 error = usb2_probe_and_attach(udev, 292 iface_index); 293 if (error) { 294 DPRINTF("alt setting probe failed\n"); 295 goto tr_stalled; 296 } 297 break; 298 default: 299 goto tr_stalled; 300 } 301 break; 302 303 case UT_READ_INTERFACE: 304 switch (req.bRequest) { 305 case UR_GET_INTERFACE: 306 *ppdata = &iface->alt_index; 307 *plen = 1; 308 break; 309 310 default: 311 goto tr_stalled; 312 } 313 break; 314 default: 315 goto tr_stalled; 316 } 317 tr_valid: 318 mtx_unlock(&Giant); 319 sx_unlock(udev->default_sx + 1); 320 USB_XFER_LOCK(xfer); 321 return (0); 322 323 tr_stalled: 324 mtx_unlock(&Giant); 325 sx_unlock(udev->default_sx + 1); 326 USB_XFER_LOCK(xfer); 327 return (USB_ERR_STALLED); 328 } 329 330 /*------------------------------------------------------------------------* 331 * usb2_handle_stall 332 * 333 * Returns: 334 * 0: Success 335 * Else: Failure 336 *------------------------------------------------------------------------*/ 337 static usb2_error_t 338 usb2_handle_set_stall(struct usb2_xfer *xfer, uint8_t ep, uint8_t do_stall) 339 { 340 struct usb2_device *udev = xfer->xroot->udev; 341 usb2_error_t err; 342 343 USB_XFER_UNLOCK(xfer); 344 err = usb2_set_endpoint_stall(udev, 345 usb2_get_pipe_by_addr(udev, ep), do_stall); 346 USB_XFER_LOCK(xfer); 347 return (err); 348 } 349 350 /*------------------------------------------------------------------------* 351 * usb2_handle_get_stall 352 * 353 * Returns: 354 * 0: Success 355 * Else: Failure 356 *------------------------------------------------------------------------*/ 357 static uint8_t 358 usb2_handle_get_stall(struct usb2_device *udev, uint8_t ea_val) 359 { 360 struct usb2_pipe *pipe; 361 uint8_t halted; 362 363 pipe = usb2_get_pipe_by_addr(udev, ea_val); 364 if (pipe == NULL) { 365 /* nothing to do */ 366 return (0); 367 } 368 USB_BUS_LOCK(udev->bus); 369 halted = pipe->is_stalled; 370 USB_BUS_UNLOCK(udev->bus); 371 372 return (halted); 373 } 374 375 /*------------------------------------------------------------------------* 376 * usb2_handle_remote_wakeup 377 * 378 * Returns: 379 * 0: Success 380 * Else: Failure 381 *------------------------------------------------------------------------*/ 382 static usb2_error_t 383 usb2_handle_remote_wakeup(struct usb2_xfer *xfer, uint8_t is_on) 384 { 385 struct usb2_device *udev; 386 struct usb2_bus *bus; 387 388 udev = xfer->xroot->udev; 389 bus = udev->bus; 390 391 USB_BUS_LOCK(bus); 392 393 if (is_on) { 394 udev->flags.remote_wakeup = 1; 395 } else { 396 udev->flags.remote_wakeup = 0; 397 } 398 399 USB_BUS_UNLOCK(bus); 400 401 /* In case we are out of sync, update the power state. */ 402 403 usb2_bus_power_update(udev->bus); 404 405 return (0); /* success */ 406 } 407 408 /*------------------------------------------------------------------------* 409 * usb2_handle_request 410 * 411 * Internal state sequence: 412 * 413 * ST_DATA -> ST_POST_STATUS 414 * 415 * Returns: 416 * 0: Ready to start hardware 417 * Else: Stall current transfer, if any 418 *------------------------------------------------------------------------*/ 419 static usb2_error_t 420 usb2_handle_request(struct usb2_xfer *xfer) 421 { 422 struct usb2_device_request req; 423 struct usb2_device *udev; 424 const void *src_zcopy; /* zero-copy source pointer */ 425 const void *src_mcopy; /* non zero-copy source pointer */ 426 uint16_t off; /* data offset */ 427 uint16_t rem; /* data remainder */ 428 uint16_t max_len; /* max fragment length */ 429 uint16_t wValue; 430 uint16_t wIndex; 431 uint8_t state; 432 usb2_error_t err; 433 union { 434 uWord wStatus; 435 uint8_t buf[2]; 436 } temp; 437 438 /* 439 * Filter the USB transfer state into 440 * something which we understand: 441 */ 442 443 switch (USB_GET_STATE(xfer)) { 444 case USB_ST_SETUP: 445 state = ST_DATA; 446 447 if (!xfer->flags_int.control_act) { 448 /* nothing to do */ 449 goto tr_stalled; 450 } 451 break; 452 453 default: /* USB_ST_TRANSFERRED */ 454 if (!xfer->flags_int.control_act) { 455 state = ST_POST_STATUS; 456 } else { 457 state = ST_DATA; 458 } 459 break; 460 } 461 462 /* reset frame stuff */ 463 464 xfer->frlengths[0] = 0; 465 466 usb2_set_frame_offset(xfer, 0, 0); 467 usb2_set_frame_offset(xfer, sizeof(req), 1); 468 469 /* get the current request, if any */ 470 471 usb2_copy_out(xfer->frbuffers, 0, &req, sizeof(req)); 472 473 if (xfer->flags_int.control_rem == 0xFFFF) { 474 /* first time - not initialised */ 475 rem = UGETW(req.wLength); 476 off = 0; 477 } else { 478 /* not first time - initialised */ 479 rem = xfer->flags_int.control_rem; 480 off = UGETW(req.wLength) - rem; 481 } 482 483 /* set some defaults */ 484 485 max_len = 0; 486 src_zcopy = NULL; 487 src_mcopy = NULL; 488 udev = xfer->xroot->udev; 489 490 /* get some request fields decoded */ 491 492 wValue = UGETW(req.wValue); 493 wIndex = UGETW(req.wIndex); 494 495 DPRINTF("req 0x%02x 0x%02x 0x%04x 0x%04x " 496 "off=0x%x rem=0x%x, state=%d\n", req.bmRequestType, 497 req.bRequest, wValue, wIndex, off, rem, state); 498 499 /* demultiplex the control request */ 500 501 switch (req.bmRequestType) { 502 case UT_READ_DEVICE: 503 if (state != ST_DATA) { 504 break; 505 } 506 switch (req.bRequest) { 507 case UR_GET_DESCRIPTOR: 508 goto tr_handle_get_descriptor; 509 case UR_GET_CONFIG: 510 goto tr_handle_get_config; 511 case UR_GET_STATUS: 512 goto tr_handle_get_status; 513 default: 514 goto tr_stalled; 515 } 516 break; 517 518 case UT_WRITE_DEVICE: 519 switch (req.bRequest) { 520 case UR_SET_ADDRESS: 521 goto tr_handle_set_address; 522 case UR_SET_CONFIG: 523 goto tr_handle_set_config; 524 case UR_CLEAR_FEATURE: 525 switch (wValue) { 526 case UF_DEVICE_REMOTE_WAKEUP: 527 goto tr_handle_clear_wakeup; 528 default: 529 goto tr_stalled; 530 } 531 break; 532 case UR_SET_FEATURE: 533 switch (wValue) { 534 case UF_DEVICE_REMOTE_WAKEUP: 535 goto tr_handle_set_wakeup; 536 default: 537 goto tr_stalled; 538 } 539 break; 540 default: 541 goto tr_stalled; 542 } 543 break; 544 545 case UT_WRITE_ENDPOINT: 546 switch (req.bRequest) { 547 case UR_CLEAR_FEATURE: 548 switch (wValue) { 549 case UF_ENDPOINT_HALT: 550 goto tr_handle_clear_halt; 551 default: 552 goto tr_stalled; 553 } 554 break; 555 case UR_SET_FEATURE: 556 switch (wValue) { 557 case UF_ENDPOINT_HALT: 558 goto tr_handle_set_halt; 559 default: 560 goto tr_stalled; 561 } 562 break; 563 default: 564 goto tr_stalled; 565 } 566 break; 567 568 case UT_READ_ENDPOINT: 569 switch (req.bRequest) { 570 case UR_GET_STATUS: 571 goto tr_handle_get_ep_status; 572 default: 573 goto tr_stalled; 574 } 575 break; 576 default: 577 /* we use "USB_ADD_BYTES" to de-const the src_zcopy */ 578 err = usb2_handle_iface_request(xfer, 579 USB_ADD_BYTES(&src_zcopy, 0), 580 &max_len, req, off, state); 581 if (err == 0) { 582 goto tr_valid; 583 } 584 /* 585 * Reset zero-copy pointer and max length 586 * variable in case they were unintentionally 587 * set: 588 */ 589 src_zcopy = NULL; 590 max_len = 0; 591 592 /* 593 * Check if we have a vendor specific 594 * descriptor: 595 */ 596 goto tr_handle_get_descriptor; 597 } 598 goto tr_valid; 599 600 tr_handle_get_descriptor: 601 (usb2_temp_get_desc_p) (udev, &req, &src_zcopy, &max_len); 602 if (src_zcopy == NULL) { 603 goto tr_stalled; 604 } 605 goto tr_valid; 606 607 tr_handle_get_config: 608 temp.buf[0] = udev->curr_config_no; 609 src_mcopy = temp.buf; 610 max_len = 1; 611 goto tr_valid; 612 613 tr_handle_get_status: 614 615 wValue = 0; 616 617 USB_BUS_LOCK(udev->bus); 618 if (udev->flags.remote_wakeup) { 619 wValue |= UDS_REMOTE_WAKEUP; 620 } 621 if (udev->flags.self_powered) { 622 wValue |= UDS_SELF_POWERED; 623 } 624 USB_BUS_UNLOCK(udev->bus); 625 626 USETW(temp.wStatus, wValue); 627 src_mcopy = temp.wStatus; 628 max_len = sizeof(temp.wStatus); 629 goto tr_valid; 630 631 tr_handle_set_address: 632 if (state == ST_DATA) { 633 if (wValue >= 0x80) { 634 /* invalid value */ 635 goto tr_stalled; 636 } else if (udev->curr_config_no != 0) { 637 /* we are configured ! */ 638 goto tr_stalled; 639 } 640 } else if (state == ST_POST_STATUS) { 641 udev->address = (wValue & 0x7F); 642 goto tr_bad_context; 643 } 644 goto tr_valid; 645 646 tr_handle_set_config: 647 if (state == ST_DATA) { 648 if (usb2_handle_set_config(xfer, req.wValue[0])) { 649 goto tr_stalled; 650 } 651 } 652 goto tr_valid; 653 654 tr_handle_clear_halt: 655 if (state == ST_DATA) { 656 if (usb2_handle_set_stall(xfer, req.wIndex[0], 0)) { 657 goto tr_stalled; 658 } 659 } 660 goto tr_valid; 661 662 tr_handle_clear_wakeup: 663 if (state == ST_DATA) { 664 if (usb2_handle_remote_wakeup(xfer, 0)) { 665 goto tr_stalled; 666 } 667 } 668 goto tr_valid; 669 670 tr_handle_set_halt: 671 if (state == ST_DATA) { 672 if (usb2_handle_set_stall(xfer, req.wIndex[0], 1)) { 673 goto tr_stalled; 674 } 675 } 676 goto tr_valid; 677 678 tr_handle_set_wakeup: 679 if (state == ST_DATA) { 680 if (usb2_handle_remote_wakeup(xfer, 1)) { 681 goto tr_stalled; 682 } 683 } 684 goto tr_valid; 685 686 tr_handle_get_ep_status: 687 if (state == ST_DATA) { 688 temp.wStatus[0] = 689 usb2_handle_get_stall(udev, req.wIndex[0]); 690 temp.wStatus[1] = 0; 691 src_mcopy = temp.wStatus; 692 max_len = sizeof(temp.wStatus); 693 } 694 goto tr_valid; 695 696 tr_valid: 697 if (state == ST_POST_STATUS) { 698 goto tr_stalled; 699 } 700 /* subtract offset from length */ 701 702 max_len -= off; 703 704 /* Compute the real maximum data length */ 705 706 if (max_len > xfer->max_data_length) { 707 max_len = xfer->max_data_length; 708 } 709 if (max_len > rem) { 710 max_len = rem; 711 } 712 /* 713 * If the remainder is greater than the maximum data length, 714 * we need to truncate the value for the sake of the 715 * comparison below: 716 */ 717 if (rem > xfer->max_data_length) { 718 rem = xfer->max_data_length; 719 } 720 if (rem != max_len) { 721 /* 722 * If we don't transfer the data we can transfer, then 723 * the transfer is short ! 724 */ 725 xfer->flags.force_short_xfer = 1; 726 xfer->nframes = 2; 727 } else { 728 /* 729 * Default case 730 */ 731 xfer->flags.force_short_xfer = 0; 732 xfer->nframes = max_len ? 2 : 1; 733 } 734 if (max_len > 0) { 735 if (src_mcopy) { 736 src_mcopy = USB_ADD_BYTES(src_mcopy, off); 737 usb2_copy_in(xfer->frbuffers + 1, 0, 738 src_mcopy, max_len); 739 } else { 740 usb2_set_frame_data(xfer, 741 USB_ADD_BYTES(src_zcopy, off), 1); 742 } 743 xfer->frlengths[1] = max_len; 744 } else { 745 /* the end is reached, send status */ 746 xfer->flags.manual_status = 0; 747 xfer->frlengths[1] = 0; 748 } 749 DPRINTF("success\n"); 750 return (0); /* success */ 751 752 tr_stalled: 753 DPRINTF("%s\n", (state == ST_POST_STATUS) ? 754 "complete" : "stalled"); 755 return (USB_ERR_STALLED); 756 757 tr_bad_context: 758 DPRINTF("bad context\n"); 759 return (USB_ERR_BAD_CONTEXT); 760 } 761