1 // SPDX-License-Identifier: GPL-2.0 2 #include <linux/kernel.h> 3 #include <linux/errno.h> 4 #include <linux/init.h> 5 #include <linux/slab.h> 6 #include <linux/mm.h> 7 #include <linux/module.h> 8 #include <linux/moduleparam.h> 9 #include <linux/scatterlist.h> 10 #include <linux/mutex.h> 11 #include <linux/timer.h> 12 #include <linux/usb.h> 13 14 #define SIMPLE_IO_TIMEOUT 10000 /* in milliseconds */ 15 16 /*-------------------------------------------------------------------------*/ 17 18 static int override_alt = -1; 19 module_param_named(alt, override_alt, int, 0644); 20 MODULE_PARM_DESC(alt, ">= 0 to override altsetting selection"); 21 static void complicated_callback(struct urb *urb); 22 23 /*-------------------------------------------------------------------------*/ 24 25 /* FIXME make these public somewhere; usbdevfs.h? */ 26 27 /* Parameter for usbtest driver. */ 28 struct usbtest_param_32 { 29 /* inputs */ 30 __u32 test_num; /* 0..(TEST_CASES-1) */ 31 __u32 iterations; 32 __u32 length; 33 __u32 vary; 34 __u32 sglen; 35 36 /* outputs */ 37 __s32 duration_sec; 38 __s32 duration_usec; 39 }; 40 41 /* 42 * Compat parameter to the usbtest driver. 43 * This supports older user space binaries compiled with 64 bit compiler. 44 */ 45 struct usbtest_param_64 { 46 /* inputs */ 47 __u32 test_num; /* 0..(TEST_CASES-1) */ 48 __u32 iterations; 49 __u32 length; 50 __u32 vary; 51 __u32 sglen; 52 53 /* outputs */ 54 __s64 duration_sec; 55 __s64 duration_usec; 56 }; 57 58 /* IOCTL interface to the driver. */ 59 #define USBTEST_REQUEST_32 _IOWR('U', 100, struct usbtest_param_32) 60 /* COMPAT IOCTL interface to the driver. */ 61 #define USBTEST_REQUEST_64 _IOWR('U', 100, struct usbtest_param_64) 62 63 /*-------------------------------------------------------------------------*/ 64 65 #define GENERIC /* let probe() bind using module params */ 66 67 /* Some devices that can be used for testing will have "real" drivers. 68 * Entries for those need to be enabled here by hand, after disabling 69 * that "real" driver. 70 */ 71 //#define IBOT2 /* grab iBOT2 webcams */ 72 //#define KEYSPAN_19Qi /* grab un-renumerated serial adapter */ 73 74 /*-------------------------------------------------------------------------*/ 75 76 struct usbtest_info { 77 const char *name; 78 u8 ep_in; /* bulk/intr source */ 79 u8 ep_out; /* bulk/intr sink */ 80 unsigned autoconf:1; 81 unsigned ctrl_out:1; 82 unsigned iso:1; /* try iso in/out */ 83 unsigned intr:1; /* try interrupt in/out */ 84 int alt; 85 }; 86 87 /* this is accessed only through usbfs ioctl calls. 88 * one ioctl to issue a test ... one lock per device. 89 * tests create other threads if they need them. 90 * urbs and buffers are allocated dynamically, 91 * and data generated deterministically. 92 */ 93 struct usbtest_dev { 94 struct usb_interface *intf; 95 struct usbtest_info *info; 96 int in_pipe; 97 int out_pipe; 98 int in_iso_pipe; 99 int out_iso_pipe; 100 int in_int_pipe; 101 int out_int_pipe; 102 struct usb_endpoint_descriptor *iso_in, *iso_out; 103 struct usb_endpoint_descriptor *int_in, *int_out; 104 struct mutex lock; 105 106 #define TBUF_SIZE 256 107 u8 *buf; 108 }; 109 110 static struct usb_device *testdev_to_usbdev(struct usbtest_dev *test) 111 { 112 return interface_to_usbdev(test->intf); 113 } 114 115 /* set up all urbs so they can be used with either bulk or interrupt */ 116 #define INTERRUPT_RATE 1 /* msec/transfer */ 117 118 #define ERROR(tdev, fmt, args...) \ 119 dev_err(&(tdev)->intf->dev , fmt , ## args) 120 #define WARNING(tdev, fmt, args...) \ 121 dev_warn(&(tdev)->intf->dev , fmt , ## args) 122 123 #define GUARD_BYTE 0xA5 124 #define MAX_SGLEN 128 125 126 /*-------------------------------------------------------------------------*/ 127 128 static inline void endpoint_update(int edi, 129 struct usb_host_endpoint **in, 130 struct usb_host_endpoint **out, 131 struct usb_host_endpoint *e) 132 { 133 if (edi) { 134 if (!*in) 135 *in = e; 136 } else { 137 if (!*out) 138 *out = e; 139 } 140 } 141 142 static int 143 get_endpoints(struct usbtest_dev *dev, struct usb_interface *intf) 144 { 145 int tmp; 146 struct usb_host_interface *alt; 147 struct usb_host_endpoint *in, *out; 148 struct usb_host_endpoint *iso_in, *iso_out; 149 struct usb_host_endpoint *int_in, *int_out; 150 struct usb_device *udev; 151 152 for (tmp = 0; tmp < intf->num_altsetting; tmp++) { 153 unsigned ep; 154 155 in = out = NULL; 156 iso_in = iso_out = NULL; 157 int_in = int_out = NULL; 158 alt = intf->altsetting + tmp; 159 160 if (override_alt >= 0 && 161 override_alt != alt->desc.bAlternateSetting) 162 continue; 163 164 /* take the first altsetting with in-bulk + out-bulk; 165 * ignore other endpoints and altsettings. 166 */ 167 for (ep = 0; ep < alt->desc.bNumEndpoints; ep++) { 168 struct usb_host_endpoint *e; 169 int edi; 170 171 e = alt->endpoint + ep; 172 edi = usb_endpoint_dir_in(&e->desc); 173 174 switch (usb_endpoint_type(&e->desc)) { 175 case USB_ENDPOINT_XFER_BULK: 176 endpoint_update(edi, &in, &out, e); 177 continue; 178 case USB_ENDPOINT_XFER_INT: 179 if (dev->info->intr) 180 endpoint_update(edi, &int_in, &int_out, e); 181 continue; 182 case USB_ENDPOINT_XFER_ISOC: 183 if (dev->info->iso) 184 endpoint_update(edi, &iso_in, &iso_out, e); 185 /* FALLTHROUGH */ 186 default: 187 continue; 188 } 189 } 190 if ((in && out) || iso_in || iso_out || int_in || int_out) 191 goto found; 192 } 193 return -EINVAL; 194 195 found: 196 udev = testdev_to_usbdev(dev); 197 dev->info->alt = alt->desc.bAlternateSetting; 198 if (alt->desc.bAlternateSetting != 0) { 199 tmp = usb_set_interface(udev, 200 alt->desc.bInterfaceNumber, 201 alt->desc.bAlternateSetting); 202 if (tmp < 0) 203 return tmp; 204 } 205 206 if (in) 207 dev->in_pipe = usb_rcvbulkpipe(udev, 208 in->desc.bEndpointAddress & USB_ENDPOINT_NUMBER_MASK); 209 if (out) 210 dev->out_pipe = usb_sndbulkpipe(udev, 211 out->desc.bEndpointAddress & USB_ENDPOINT_NUMBER_MASK); 212 213 if (iso_in) { 214 dev->iso_in = &iso_in->desc; 215 dev->in_iso_pipe = usb_rcvisocpipe(udev, 216 iso_in->desc.bEndpointAddress 217 & USB_ENDPOINT_NUMBER_MASK); 218 } 219 220 if (iso_out) { 221 dev->iso_out = &iso_out->desc; 222 dev->out_iso_pipe = usb_sndisocpipe(udev, 223 iso_out->desc.bEndpointAddress 224 & USB_ENDPOINT_NUMBER_MASK); 225 } 226 227 if (int_in) { 228 dev->int_in = &int_in->desc; 229 dev->in_int_pipe = usb_rcvintpipe(udev, 230 int_in->desc.bEndpointAddress 231 & USB_ENDPOINT_NUMBER_MASK); 232 } 233 234 if (int_out) { 235 dev->int_out = &int_out->desc; 236 dev->out_int_pipe = usb_sndintpipe(udev, 237 int_out->desc.bEndpointAddress 238 & USB_ENDPOINT_NUMBER_MASK); 239 } 240 return 0; 241 } 242 243 /*-------------------------------------------------------------------------*/ 244 245 /* Support for testing basic non-queued I/O streams. 246 * 247 * These just package urbs as requests that can be easily canceled. 248 * Each urb's data buffer is dynamically allocated; callers can fill 249 * them with non-zero test data (or test for it) when appropriate. 250 */ 251 252 static void simple_callback(struct urb *urb) 253 { 254 complete(urb->context); 255 } 256 257 static struct urb *usbtest_alloc_urb( 258 struct usb_device *udev, 259 int pipe, 260 unsigned long bytes, 261 unsigned transfer_flags, 262 unsigned offset, 263 u8 bInterval, 264 usb_complete_t complete_fn) 265 { 266 struct urb *urb; 267 268 urb = usb_alloc_urb(0, GFP_KERNEL); 269 if (!urb) 270 return urb; 271 272 if (bInterval) 273 usb_fill_int_urb(urb, udev, pipe, NULL, bytes, complete_fn, 274 NULL, bInterval); 275 else 276 usb_fill_bulk_urb(urb, udev, pipe, NULL, bytes, complete_fn, 277 NULL); 278 279 urb->interval = (udev->speed == USB_SPEED_HIGH) 280 ? (INTERRUPT_RATE << 3) 281 : INTERRUPT_RATE; 282 urb->transfer_flags = transfer_flags; 283 if (usb_pipein(pipe)) 284 urb->transfer_flags |= URB_SHORT_NOT_OK; 285 286 if ((bytes + offset) == 0) 287 return urb; 288 289 if (urb->transfer_flags & URB_NO_TRANSFER_DMA_MAP) 290 urb->transfer_buffer = usb_alloc_coherent(udev, bytes + offset, 291 GFP_KERNEL, &urb->transfer_dma); 292 else 293 urb->transfer_buffer = kmalloc(bytes + offset, GFP_KERNEL); 294 295 if (!urb->transfer_buffer) { 296 usb_free_urb(urb); 297 return NULL; 298 } 299 300 /* To test unaligned transfers add an offset and fill the 301 unused memory with a guard value */ 302 if (offset) { 303 memset(urb->transfer_buffer, GUARD_BYTE, offset); 304 urb->transfer_buffer += offset; 305 if (urb->transfer_flags & URB_NO_TRANSFER_DMA_MAP) 306 urb->transfer_dma += offset; 307 } 308 309 /* For inbound transfers use guard byte so that test fails if 310 data not correctly copied */ 311 memset(urb->transfer_buffer, 312 usb_pipein(urb->pipe) ? GUARD_BYTE : 0, 313 bytes); 314 return urb; 315 } 316 317 static struct urb *simple_alloc_urb( 318 struct usb_device *udev, 319 int pipe, 320 unsigned long bytes, 321 u8 bInterval) 322 { 323 return usbtest_alloc_urb(udev, pipe, bytes, URB_NO_TRANSFER_DMA_MAP, 0, 324 bInterval, simple_callback); 325 } 326 327 static struct urb *complicated_alloc_urb( 328 struct usb_device *udev, 329 int pipe, 330 unsigned long bytes, 331 u8 bInterval) 332 { 333 return usbtest_alloc_urb(udev, pipe, bytes, URB_NO_TRANSFER_DMA_MAP, 0, 334 bInterval, complicated_callback); 335 } 336 337 static unsigned pattern; 338 static unsigned mod_pattern; 339 module_param_named(pattern, mod_pattern, uint, S_IRUGO | S_IWUSR); 340 MODULE_PARM_DESC(mod_pattern, "i/o pattern (0 == zeroes)"); 341 342 static unsigned get_maxpacket(struct usb_device *udev, int pipe) 343 { 344 struct usb_host_endpoint *ep; 345 346 ep = usb_pipe_endpoint(udev, pipe); 347 return le16_to_cpup(&ep->desc.wMaxPacketSize); 348 } 349 350 static void simple_fill_buf(struct urb *urb) 351 { 352 unsigned i; 353 u8 *buf = urb->transfer_buffer; 354 unsigned len = urb->transfer_buffer_length; 355 unsigned maxpacket; 356 357 switch (pattern) { 358 default: 359 /* FALLTHROUGH */ 360 case 0: 361 memset(buf, 0, len); 362 break; 363 case 1: /* mod63 */ 364 maxpacket = get_maxpacket(urb->dev, urb->pipe); 365 for (i = 0; i < len; i++) 366 *buf++ = (u8) ((i % maxpacket) % 63); 367 break; 368 } 369 } 370 371 static inline unsigned long buffer_offset(void *buf) 372 { 373 return (unsigned long)buf & (ARCH_KMALLOC_MINALIGN - 1); 374 } 375 376 static int check_guard_bytes(struct usbtest_dev *tdev, struct urb *urb) 377 { 378 u8 *buf = urb->transfer_buffer; 379 u8 *guard = buf - buffer_offset(buf); 380 unsigned i; 381 382 for (i = 0; guard < buf; i++, guard++) { 383 if (*guard != GUARD_BYTE) { 384 ERROR(tdev, "guard byte[%d] %d (not %d)\n", 385 i, *guard, GUARD_BYTE); 386 return -EINVAL; 387 } 388 } 389 return 0; 390 } 391 392 static int simple_check_buf(struct usbtest_dev *tdev, struct urb *urb) 393 { 394 unsigned i; 395 u8 expected; 396 u8 *buf = urb->transfer_buffer; 397 unsigned len = urb->actual_length; 398 unsigned maxpacket = get_maxpacket(urb->dev, urb->pipe); 399 400 int ret = check_guard_bytes(tdev, urb); 401 if (ret) 402 return ret; 403 404 for (i = 0; i < len; i++, buf++) { 405 switch (pattern) { 406 /* all-zeroes has no synchronization issues */ 407 case 0: 408 expected = 0; 409 break; 410 /* mod63 stays in sync with short-terminated transfers, 411 * or otherwise when host and gadget agree on how large 412 * each usb transfer request should be. resync is done 413 * with set_interface or set_config. 414 */ 415 case 1: /* mod63 */ 416 expected = (i % maxpacket) % 63; 417 break; 418 /* always fail unsupported patterns */ 419 default: 420 expected = !*buf; 421 break; 422 } 423 if (*buf == expected) 424 continue; 425 ERROR(tdev, "buf[%d] = %d (not %d)\n", i, *buf, expected); 426 return -EINVAL; 427 } 428 return 0; 429 } 430 431 static void simple_free_urb(struct urb *urb) 432 { 433 unsigned long offset = buffer_offset(urb->transfer_buffer); 434 435 if (urb->transfer_flags & URB_NO_TRANSFER_DMA_MAP) 436 usb_free_coherent( 437 urb->dev, 438 urb->transfer_buffer_length + offset, 439 urb->transfer_buffer - offset, 440 urb->transfer_dma - offset); 441 else 442 kfree(urb->transfer_buffer - offset); 443 usb_free_urb(urb); 444 } 445 446 static int simple_io( 447 struct usbtest_dev *tdev, 448 struct urb *urb, 449 int iterations, 450 int vary, 451 int expected, 452 const char *label 453 ) 454 { 455 struct usb_device *udev = urb->dev; 456 int max = urb->transfer_buffer_length; 457 struct completion completion; 458 int retval = 0; 459 unsigned long expire; 460 461 urb->context = &completion; 462 while (retval == 0 && iterations-- > 0) { 463 init_completion(&completion); 464 if (usb_pipeout(urb->pipe)) { 465 simple_fill_buf(urb); 466 urb->transfer_flags |= URB_ZERO_PACKET; 467 } 468 retval = usb_submit_urb(urb, GFP_KERNEL); 469 if (retval != 0) 470 break; 471 472 expire = msecs_to_jiffies(SIMPLE_IO_TIMEOUT); 473 if (!wait_for_completion_timeout(&completion, expire)) { 474 usb_kill_urb(urb); 475 retval = (urb->status == -ENOENT ? 476 -ETIMEDOUT : urb->status); 477 } else { 478 retval = urb->status; 479 } 480 481 urb->dev = udev; 482 if (retval == 0 && usb_pipein(urb->pipe)) 483 retval = simple_check_buf(tdev, urb); 484 485 if (vary) { 486 int len = urb->transfer_buffer_length; 487 488 len += vary; 489 len %= max; 490 if (len == 0) 491 len = (vary < max) ? vary : max; 492 urb->transfer_buffer_length = len; 493 } 494 495 /* FIXME if endpoint halted, clear halt (and log) */ 496 } 497 urb->transfer_buffer_length = max; 498 499 if (expected != retval) 500 dev_err(&udev->dev, 501 "%s failed, iterations left %d, status %d (not %d)\n", 502 label, iterations, retval, expected); 503 return retval; 504 } 505 506 507 /*-------------------------------------------------------------------------*/ 508 509 /* We use scatterlist primitives to test queued I/O. 510 * Yes, this also tests the scatterlist primitives. 511 */ 512 513 static void free_sglist(struct scatterlist *sg, int nents) 514 { 515 unsigned i; 516 517 if (!sg) 518 return; 519 for (i = 0; i < nents; i++) { 520 if (!sg_page(&sg[i])) 521 continue; 522 kfree(sg_virt(&sg[i])); 523 } 524 kfree(sg); 525 } 526 527 static struct scatterlist * 528 alloc_sglist(int nents, int max, int vary, struct usbtest_dev *dev, int pipe) 529 { 530 struct scatterlist *sg; 531 unsigned int n_size = 0; 532 unsigned i; 533 unsigned size = max; 534 unsigned maxpacket = 535 get_maxpacket(interface_to_usbdev(dev->intf), pipe); 536 537 if (max == 0) 538 return NULL; 539 540 sg = kmalloc_array(nents, sizeof(*sg), GFP_KERNEL); 541 if (!sg) 542 return NULL; 543 sg_init_table(sg, nents); 544 545 for (i = 0; i < nents; i++) { 546 char *buf; 547 unsigned j; 548 549 buf = kzalloc(size, GFP_KERNEL); 550 if (!buf) { 551 free_sglist(sg, i); 552 return NULL; 553 } 554 555 /* kmalloc pages are always physically contiguous! */ 556 sg_set_buf(&sg[i], buf, size); 557 558 switch (pattern) { 559 case 0: 560 /* already zeroed */ 561 break; 562 case 1: 563 for (j = 0; j < size; j++) 564 *buf++ = (u8) (((j + n_size) % maxpacket) % 63); 565 n_size += size; 566 break; 567 } 568 569 if (vary) { 570 size += vary; 571 size %= max; 572 if (size == 0) 573 size = (vary < max) ? vary : max; 574 } 575 } 576 577 return sg; 578 } 579 580 static void sg_timeout(unsigned long _req) 581 { 582 struct usb_sg_request *req = (struct usb_sg_request *) _req; 583 584 usb_sg_cancel(req); 585 } 586 587 static int perform_sglist( 588 struct usbtest_dev *tdev, 589 unsigned iterations, 590 int pipe, 591 struct usb_sg_request *req, 592 struct scatterlist *sg, 593 int nents 594 ) 595 { 596 struct usb_device *udev = testdev_to_usbdev(tdev); 597 int retval = 0; 598 struct timer_list sg_timer; 599 600 setup_timer_on_stack(&sg_timer, sg_timeout, (unsigned long) req); 601 602 while (retval == 0 && iterations-- > 0) { 603 retval = usb_sg_init(req, udev, pipe, 604 (udev->speed == USB_SPEED_HIGH) 605 ? (INTERRUPT_RATE << 3) 606 : INTERRUPT_RATE, 607 sg, nents, 0, GFP_KERNEL); 608 609 if (retval) 610 break; 611 mod_timer(&sg_timer, jiffies + 612 msecs_to_jiffies(SIMPLE_IO_TIMEOUT)); 613 usb_sg_wait(req); 614 if (!del_timer_sync(&sg_timer)) 615 retval = -ETIMEDOUT; 616 else 617 retval = req->status; 618 619 /* FIXME check resulting data pattern */ 620 621 /* FIXME if endpoint halted, clear halt (and log) */ 622 } 623 624 /* FIXME for unlink or fault handling tests, don't report 625 * failure if retval is as we expected ... 626 */ 627 if (retval) 628 ERROR(tdev, "perform_sglist failed, " 629 "iterations left %d, status %d\n", 630 iterations, retval); 631 return retval; 632 } 633 634 635 /*-------------------------------------------------------------------------*/ 636 637 /* unqueued control message testing 638 * 639 * there's a nice set of device functional requirements in chapter 9 of the 640 * usb 2.0 spec, which we can apply to ANY device, even ones that don't use 641 * special test firmware. 642 * 643 * we know the device is configured (or suspended) by the time it's visible 644 * through usbfs. we can't change that, so we won't test enumeration (which 645 * worked 'well enough' to get here, this time), power management (ditto), 646 * or remote wakeup (which needs human interaction). 647 */ 648 649 static unsigned realworld = 1; 650 module_param(realworld, uint, 0); 651 MODULE_PARM_DESC(realworld, "clear to demand stricter spec compliance"); 652 653 static int get_altsetting(struct usbtest_dev *dev) 654 { 655 struct usb_interface *iface = dev->intf; 656 struct usb_device *udev = interface_to_usbdev(iface); 657 int retval; 658 659 retval = usb_control_msg(udev, usb_rcvctrlpipe(udev, 0), 660 USB_REQ_GET_INTERFACE, USB_DIR_IN|USB_RECIP_INTERFACE, 661 0, iface->altsetting[0].desc.bInterfaceNumber, 662 dev->buf, 1, USB_CTRL_GET_TIMEOUT); 663 switch (retval) { 664 case 1: 665 return dev->buf[0]; 666 case 0: 667 retval = -ERANGE; 668 /* FALLTHROUGH */ 669 default: 670 return retval; 671 } 672 } 673 674 static int set_altsetting(struct usbtest_dev *dev, int alternate) 675 { 676 struct usb_interface *iface = dev->intf; 677 struct usb_device *udev; 678 679 if (alternate < 0 || alternate >= 256) 680 return -EINVAL; 681 682 udev = interface_to_usbdev(iface); 683 return usb_set_interface(udev, 684 iface->altsetting[0].desc.bInterfaceNumber, 685 alternate); 686 } 687 688 static int is_good_config(struct usbtest_dev *tdev, int len) 689 { 690 struct usb_config_descriptor *config; 691 692 if (len < sizeof(*config)) 693 return 0; 694 config = (struct usb_config_descriptor *) tdev->buf; 695 696 switch (config->bDescriptorType) { 697 case USB_DT_CONFIG: 698 case USB_DT_OTHER_SPEED_CONFIG: 699 if (config->bLength != 9) { 700 ERROR(tdev, "bogus config descriptor length\n"); 701 return 0; 702 } 703 /* this bit 'must be 1' but often isn't */ 704 if (!realworld && !(config->bmAttributes & 0x80)) { 705 ERROR(tdev, "high bit of config attributes not set\n"); 706 return 0; 707 } 708 if (config->bmAttributes & 0x1f) { /* reserved == 0 */ 709 ERROR(tdev, "reserved config bits set\n"); 710 return 0; 711 } 712 break; 713 default: 714 return 0; 715 } 716 717 if (le16_to_cpu(config->wTotalLength) == len) /* read it all */ 718 return 1; 719 if (le16_to_cpu(config->wTotalLength) >= TBUF_SIZE) /* max partial read */ 720 return 1; 721 ERROR(tdev, "bogus config descriptor read size\n"); 722 return 0; 723 } 724 725 static int is_good_ext(struct usbtest_dev *tdev, u8 *buf) 726 { 727 struct usb_ext_cap_descriptor *ext; 728 u32 attr; 729 730 ext = (struct usb_ext_cap_descriptor *) buf; 731 732 if (ext->bLength != USB_DT_USB_EXT_CAP_SIZE) { 733 ERROR(tdev, "bogus usb 2.0 extension descriptor length\n"); 734 return 0; 735 } 736 737 attr = le32_to_cpu(ext->bmAttributes); 738 /* bits[1:15] is used and others are reserved */ 739 if (attr & ~0xfffe) { /* reserved == 0 */ 740 ERROR(tdev, "reserved bits set\n"); 741 return 0; 742 } 743 744 return 1; 745 } 746 747 static int is_good_ss_cap(struct usbtest_dev *tdev, u8 *buf) 748 { 749 struct usb_ss_cap_descriptor *ss; 750 751 ss = (struct usb_ss_cap_descriptor *) buf; 752 753 if (ss->bLength != USB_DT_USB_SS_CAP_SIZE) { 754 ERROR(tdev, "bogus superspeed device capability descriptor length\n"); 755 return 0; 756 } 757 758 /* 759 * only bit[1] of bmAttributes is used for LTM and others are 760 * reserved 761 */ 762 if (ss->bmAttributes & ~0x02) { /* reserved == 0 */ 763 ERROR(tdev, "reserved bits set in bmAttributes\n"); 764 return 0; 765 } 766 767 /* bits[0:3] of wSpeedSupported is used and others are reserved */ 768 if (le16_to_cpu(ss->wSpeedSupported) & ~0x0f) { /* reserved == 0 */ 769 ERROR(tdev, "reserved bits set in wSpeedSupported\n"); 770 return 0; 771 } 772 773 return 1; 774 } 775 776 static int is_good_con_id(struct usbtest_dev *tdev, u8 *buf) 777 { 778 struct usb_ss_container_id_descriptor *con_id; 779 780 con_id = (struct usb_ss_container_id_descriptor *) buf; 781 782 if (con_id->bLength != USB_DT_USB_SS_CONTN_ID_SIZE) { 783 ERROR(tdev, "bogus container id descriptor length\n"); 784 return 0; 785 } 786 787 if (con_id->bReserved) { /* reserved == 0 */ 788 ERROR(tdev, "reserved bits set\n"); 789 return 0; 790 } 791 792 return 1; 793 } 794 795 /* sanity test for standard requests working with usb_control_mesg() and some 796 * of the utility functions which use it. 797 * 798 * this doesn't test how endpoint halts behave or data toggles get set, since 799 * we won't do I/O to bulk/interrupt endpoints here (which is how to change 800 * halt or toggle). toggle testing is impractical without support from hcds. 801 * 802 * this avoids failing devices linux would normally work with, by not testing 803 * config/altsetting operations for devices that only support their defaults. 804 * such devices rarely support those needless operations. 805 * 806 * NOTE that since this is a sanity test, it's not examining boundary cases 807 * to see if usbcore, hcd, and device all behave right. such testing would 808 * involve varied read sizes and other operation sequences. 809 */ 810 static int ch9_postconfig(struct usbtest_dev *dev) 811 { 812 struct usb_interface *iface = dev->intf; 813 struct usb_device *udev = interface_to_usbdev(iface); 814 int i, alt, retval; 815 816 /* [9.2.3] if there's more than one altsetting, we need to be able to 817 * set and get each one. mostly trusts the descriptors from usbcore. 818 */ 819 for (i = 0; i < iface->num_altsetting; i++) { 820 821 /* 9.2.3 constrains the range here */ 822 alt = iface->altsetting[i].desc.bAlternateSetting; 823 if (alt < 0 || alt >= iface->num_altsetting) { 824 dev_err(&iface->dev, 825 "invalid alt [%d].bAltSetting = %d\n", 826 i, alt); 827 } 828 829 /* [real world] get/set unimplemented if there's only one */ 830 if (realworld && iface->num_altsetting == 1) 831 continue; 832 833 /* [9.4.10] set_interface */ 834 retval = set_altsetting(dev, alt); 835 if (retval) { 836 dev_err(&iface->dev, "can't set_interface = %d, %d\n", 837 alt, retval); 838 return retval; 839 } 840 841 /* [9.4.4] get_interface always works */ 842 retval = get_altsetting(dev); 843 if (retval != alt) { 844 dev_err(&iface->dev, "get alt should be %d, was %d\n", 845 alt, retval); 846 return (retval < 0) ? retval : -EDOM; 847 } 848 849 } 850 851 /* [real world] get_config unimplemented if there's only one */ 852 if (!realworld || udev->descriptor.bNumConfigurations != 1) { 853 int expected = udev->actconfig->desc.bConfigurationValue; 854 855 /* [9.4.2] get_configuration always works 856 * ... although some cheap devices (like one TI Hub I've got) 857 * won't return config descriptors except before set_config. 858 */ 859 retval = usb_control_msg(udev, usb_rcvctrlpipe(udev, 0), 860 USB_REQ_GET_CONFIGURATION, 861 USB_DIR_IN | USB_RECIP_DEVICE, 862 0, 0, dev->buf, 1, USB_CTRL_GET_TIMEOUT); 863 if (retval != 1 || dev->buf[0] != expected) { 864 dev_err(&iface->dev, "get config --> %d %d (1 %d)\n", 865 retval, dev->buf[0], expected); 866 return (retval < 0) ? retval : -EDOM; 867 } 868 } 869 870 /* there's always [9.4.3] a device descriptor [9.6.1] */ 871 retval = usb_get_descriptor(udev, USB_DT_DEVICE, 0, 872 dev->buf, sizeof(udev->descriptor)); 873 if (retval != sizeof(udev->descriptor)) { 874 dev_err(&iface->dev, "dev descriptor --> %d\n", retval); 875 return (retval < 0) ? retval : -EDOM; 876 } 877 878 /* 879 * there's always [9.4.3] a bos device descriptor [9.6.2] in USB 880 * 3.0 spec 881 */ 882 if (le16_to_cpu(udev->descriptor.bcdUSB) >= 0x0210) { 883 struct usb_bos_descriptor *bos = NULL; 884 struct usb_dev_cap_header *header = NULL; 885 unsigned total, num, length; 886 u8 *buf; 887 888 retval = usb_get_descriptor(udev, USB_DT_BOS, 0, dev->buf, 889 sizeof(*udev->bos->desc)); 890 if (retval != sizeof(*udev->bos->desc)) { 891 dev_err(&iface->dev, "bos descriptor --> %d\n", retval); 892 return (retval < 0) ? retval : -EDOM; 893 } 894 895 bos = (struct usb_bos_descriptor *)dev->buf; 896 total = le16_to_cpu(bos->wTotalLength); 897 num = bos->bNumDeviceCaps; 898 899 if (total > TBUF_SIZE) 900 total = TBUF_SIZE; 901 902 /* 903 * get generic device-level capability descriptors [9.6.2] 904 * in USB 3.0 spec 905 */ 906 retval = usb_get_descriptor(udev, USB_DT_BOS, 0, dev->buf, 907 total); 908 if (retval != total) { 909 dev_err(&iface->dev, "bos descriptor set --> %d\n", 910 retval); 911 return (retval < 0) ? retval : -EDOM; 912 } 913 914 length = sizeof(*udev->bos->desc); 915 buf = dev->buf; 916 for (i = 0; i < num; i++) { 917 buf += length; 918 if (buf + sizeof(struct usb_dev_cap_header) > 919 dev->buf + total) 920 break; 921 922 header = (struct usb_dev_cap_header *)buf; 923 length = header->bLength; 924 925 if (header->bDescriptorType != 926 USB_DT_DEVICE_CAPABILITY) { 927 dev_warn(&udev->dev, "not device capability descriptor, skip\n"); 928 continue; 929 } 930 931 switch (header->bDevCapabilityType) { 932 case USB_CAP_TYPE_EXT: 933 if (buf + USB_DT_USB_EXT_CAP_SIZE > 934 dev->buf + total || 935 !is_good_ext(dev, buf)) { 936 dev_err(&iface->dev, "bogus usb 2.0 extension descriptor\n"); 937 return -EDOM; 938 } 939 break; 940 case USB_SS_CAP_TYPE: 941 if (buf + USB_DT_USB_SS_CAP_SIZE > 942 dev->buf + total || 943 !is_good_ss_cap(dev, buf)) { 944 dev_err(&iface->dev, "bogus superspeed device capability descriptor\n"); 945 return -EDOM; 946 } 947 break; 948 case CONTAINER_ID_TYPE: 949 if (buf + USB_DT_USB_SS_CONTN_ID_SIZE > 950 dev->buf + total || 951 !is_good_con_id(dev, buf)) { 952 dev_err(&iface->dev, "bogus container id descriptor\n"); 953 return -EDOM; 954 } 955 break; 956 default: 957 break; 958 } 959 } 960 } 961 962 /* there's always [9.4.3] at least one config descriptor [9.6.3] */ 963 for (i = 0; i < udev->descriptor.bNumConfigurations; i++) { 964 retval = usb_get_descriptor(udev, USB_DT_CONFIG, i, 965 dev->buf, TBUF_SIZE); 966 if (!is_good_config(dev, retval)) { 967 dev_err(&iface->dev, 968 "config [%d] descriptor --> %d\n", 969 i, retval); 970 return (retval < 0) ? retval : -EDOM; 971 } 972 973 /* FIXME cross-checking udev->config[i] to make sure usbcore 974 * parsed it right (etc) would be good testing paranoia 975 */ 976 } 977 978 /* and sometimes [9.2.6.6] speed dependent descriptors */ 979 if (le16_to_cpu(udev->descriptor.bcdUSB) == 0x0200) { 980 struct usb_qualifier_descriptor *d = NULL; 981 982 /* device qualifier [9.6.2] */ 983 retval = usb_get_descriptor(udev, 984 USB_DT_DEVICE_QUALIFIER, 0, dev->buf, 985 sizeof(struct usb_qualifier_descriptor)); 986 if (retval == -EPIPE) { 987 if (udev->speed == USB_SPEED_HIGH) { 988 dev_err(&iface->dev, 989 "hs dev qualifier --> %d\n", 990 retval); 991 return retval; 992 } 993 /* usb2.0 but not high-speed capable; fine */ 994 } else if (retval != sizeof(struct usb_qualifier_descriptor)) { 995 dev_err(&iface->dev, "dev qualifier --> %d\n", retval); 996 return (retval < 0) ? retval : -EDOM; 997 } else 998 d = (struct usb_qualifier_descriptor *) dev->buf; 999 1000 /* might not have [9.6.2] any other-speed configs [9.6.4] */ 1001 if (d) { 1002 unsigned max = d->bNumConfigurations; 1003 for (i = 0; i < max; i++) { 1004 retval = usb_get_descriptor(udev, 1005 USB_DT_OTHER_SPEED_CONFIG, i, 1006 dev->buf, TBUF_SIZE); 1007 if (!is_good_config(dev, retval)) { 1008 dev_err(&iface->dev, 1009 "other speed config --> %d\n", 1010 retval); 1011 return (retval < 0) ? retval : -EDOM; 1012 } 1013 } 1014 } 1015 } 1016 /* FIXME fetch strings from at least the device descriptor */ 1017 1018 /* [9.4.5] get_status always works */ 1019 retval = usb_get_std_status(udev, USB_RECIP_DEVICE, 0, dev->buf); 1020 if (retval) { 1021 dev_err(&iface->dev, "get dev status --> %d\n", retval); 1022 return retval; 1023 } 1024 1025 /* FIXME configuration.bmAttributes says if we could try to set/clear 1026 * the device's remote wakeup feature ... if we can, test that here 1027 */ 1028 1029 retval = usb_get_std_status(udev, USB_RECIP_INTERFACE, 1030 iface->altsetting[0].desc.bInterfaceNumber, dev->buf); 1031 if (retval) { 1032 dev_err(&iface->dev, "get interface status --> %d\n", retval); 1033 return retval; 1034 } 1035 /* FIXME get status for each endpoint in the interface */ 1036 1037 return 0; 1038 } 1039 1040 /*-------------------------------------------------------------------------*/ 1041 1042 /* use ch9 requests to test whether: 1043 * (a) queues work for control, keeping N subtests queued and 1044 * active (auto-resubmit) for M loops through the queue. 1045 * (b) protocol stalls (control-only) will autorecover. 1046 * it's not like bulk/intr; no halt clearing. 1047 * (c) short control reads are reported and handled. 1048 * (d) queues are always processed in-order 1049 */ 1050 1051 struct ctrl_ctx { 1052 spinlock_t lock; 1053 struct usbtest_dev *dev; 1054 struct completion complete; 1055 unsigned count; 1056 unsigned pending; 1057 int status; 1058 struct urb **urb; 1059 struct usbtest_param_32 *param; 1060 int last; 1061 }; 1062 1063 #define NUM_SUBCASES 16 /* how many test subcases here? */ 1064 1065 struct subcase { 1066 struct usb_ctrlrequest setup; 1067 int number; 1068 int expected; 1069 }; 1070 1071 static void ctrl_complete(struct urb *urb) 1072 { 1073 struct ctrl_ctx *ctx = urb->context; 1074 struct usb_ctrlrequest *reqp; 1075 struct subcase *subcase; 1076 int status = urb->status; 1077 1078 reqp = (struct usb_ctrlrequest *)urb->setup_packet; 1079 subcase = container_of(reqp, struct subcase, setup); 1080 1081 spin_lock(&ctx->lock); 1082 ctx->count--; 1083 ctx->pending--; 1084 1085 /* queue must transfer and complete in fifo order, unless 1086 * usb_unlink_urb() is used to unlink something not at the 1087 * physical queue head (not tested). 1088 */ 1089 if (subcase->number > 0) { 1090 if ((subcase->number - ctx->last) != 1) { 1091 ERROR(ctx->dev, 1092 "subcase %d completed out of order, last %d\n", 1093 subcase->number, ctx->last); 1094 status = -EDOM; 1095 ctx->last = subcase->number; 1096 goto error; 1097 } 1098 } 1099 ctx->last = subcase->number; 1100 1101 /* succeed or fault in only one way? */ 1102 if (status == subcase->expected) 1103 status = 0; 1104 1105 /* async unlink for cleanup? */ 1106 else if (status != -ECONNRESET) { 1107 1108 /* some faults are allowed, not required */ 1109 if (subcase->expected > 0 && ( 1110 ((status == -subcase->expected /* happened */ 1111 || status == 0)))) /* didn't */ 1112 status = 0; 1113 /* sometimes more than one fault is allowed */ 1114 else if (subcase->number == 12 && status == -EPIPE) 1115 status = 0; 1116 else 1117 ERROR(ctx->dev, "subtest %d error, status %d\n", 1118 subcase->number, status); 1119 } 1120 1121 /* unexpected status codes mean errors; ideally, in hardware */ 1122 if (status) { 1123 error: 1124 if (ctx->status == 0) { 1125 int i; 1126 1127 ctx->status = status; 1128 ERROR(ctx->dev, "control queue %02x.%02x, err %d, " 1129 "%d left, subcase %d, len %d/%d\n", 1130 reqp->bRequestType, reqp->bRequest, 1131 status, ctx->count, subcase->number, 1132 urb->actual_length, 1133 urb->transfer_buffer_length); 1134 1135 /* FIXME this "unlink everything" exit route should 1136 * be a separate test case. 1137 */ 1138 1139 /* unlink whatever's still pending */ 1140 for (i = 1; i < ctx->param->sglen; i++) { 1141 struct urb *u = ctx->urb[ 1142 (i + subcase->number) 1143 % ctx->param->sglen]; 1144 1145 if (u == urb || !u->dev) 1146 continue; 1147 spin_unlock(&ctx->lock); 1148 status = usb_unlink_urb(u); 1149 spin_lock(&ctx->lock); 1150 switch (status) { 1151 case -EINPROGRESS: 1152 case -EBUSY: 1153 case -EIDRM: 1154 continue; 1155 default: 1156 ERROR(ctx->dev, "urb unlink --> %d\n", 1157 status); 1158 } 1159 } 1160 status = ctx->status; 1161 } 1162 } 1163 1164 /* resubmit if we need to, else mark this as done */ 1165 if ((status == 0) && (ctx->pending < ctx->count)) { 1166 status = usb_submit_urb(urb, GFP_ATOMIC); 1167 if (status != 0) { 1168 ERROR(ctx->dev, 1169 "can't resubmit ctrl %02x.%02x, err %d\n", 1170 reqp->bRequestType, reqp->bRequest, status); 1171 urb->dev = NULL; 1172 } else 1173 ctx->pending++; 1174 } else 1175 urb->dev = NULL; 1176 1177 /* signal completion when nothing's queued */ 1178 if (ctx->pending == 0) 1179 complete(&ctx->complete); 1180 spin_unlock(&ctx->lock); 1181 } 1182 1183 static int 1184 test_ctrl_queue(struct usbtest_dev *dev, struct usbtest_param_32 *param) 1185 { 1186 struct usb_device *udev = testdev_to_usbdev(dev); 1187 struct urb **urb; 1188 struct ctrl_ctx context; 1189 int i; 1190 1191 if (param->sglen == 0 || param->iterations > UINT_MAX / param->sglen) 1192 return -EOPNOTSUPP; 1193 1194 spin_lock_init(&context.lock); 1195 context.dev = dev; 1196 init_completion(&context.complete); 1197 context.count = param->sglen * param->iterations; 1198 context.pending = 0; 1199 context.status = -ENOMEM; 1200 context.param = param; 1201 context.last = -1; 1202 1203 /* allocate and init the urbs we'll queue. 1204 * as with bulk/intr sglists, sglen is the queue depth; it also 1205 * controls which subtests run (more tests than sglen) or rerun. 1206 */ 1207 urb = kcalloc(param->sglen, sizeof(struct urb *), GFP_KERNEL); 1208 if (!urb) 1209 return -ENOMEM; 1210 for (i = 0; i < param->sglen; i++) { 1211 int pipe = usb_rcvctrlpipe(udev, 0); 1212 unsigned len; 1213 struct urb *u; 1214 struct usb_ctrlrequest req; 1215 struct subcase *reqp; 1216 1217 /* sign of this variable means: 1218 * -: tested code must return this (negative) error code 1219 * +: tested code may return this (negative too) error code 1220 */ 1221 int expected = 0; 1222 1223 /* requests here are mostly expected to succeed on any 1224 * device, but some are chosen to trigger protocol stalls 1225 * or short reads. 1226 */ 1227 memset(&req, 0, sizeof(req)); 1228 req.bRequest = USB_REQ_GET_DESCRIPTOR; 1229 req.bRequestType = USB_DIR_IN|USB_RECIP_DEVICE; 1230 1231 switch (i % NUM_SUBCASES) { 1232 case 0: /* get device descriptor */ 1233 req.wValue = cpu_to_le16(USB_DT_DEVICE << 8); 1234 len = sizeof(struct usb_device_descriptor); 1235 break; 1236 case 1: /* get first config descriptor (only) */ 1237 req.wValue = cpu_to_le16((USB_DT_CONFIG << 8) | 0); 1238 len = sizeof(struct usb_config_descriptor); 1239 break; 1240 case 2: /* get altsetting (OFTEN STALLS) */ 1241 req.bRequest = USB_REQ_GET_INTERFACE; 1242 req.bRequestType = USB_DIR_IN|USB_RECIP_INTERFACE; 1243 /* index = 0 means first interface */ 1244 len = 1; 1245 expected = EPIPE; 1246 break; 1247 case 3: /* get interface status */ 1248 req.bRequest = USB_REQ_GET_STATUS; 1249 req.bRequestType = USB_DIR_IN|USB_RECIP_INTERFACE; 1250 /* interface 0 */ 1251 len = 2; 1252 break; 1253 case 4: /* get device status */ 1254 req.bRequest = USB_REQ_GET_STATUS; 1255 req.bRequestType = USB_DIR_IN|USB_RECIP_DEVICE; 1256 len = 2; 1257 break; 1258 case 5: /* get device qualifier (MAY STALL) */ 1259 req.wValue = cpu_to_le16 (USB_DT_DEVICE_QUALIFIER << 8); 1260 len = sizeof(struct usb_qualifier_descriptor); 1261 if (udev->speed != USB_SPEED_HIGH) 1262 expected = EPIPE; 1263 break; 1264 case 6: /* get first config descriptor, plus interface */ 1265 req.wValue = cpu_to_le16((USB_DT_CONFIG << 8) | 0); 1266 len = sizeof(struct usb_config_descriptor); 1267 len += sizeof(struct usb_interface_descriptor); 1268 break; 1269 case 7: /* get interface descriptor (ALWAYS STALLS) */ 1270 req.wValue = cpu_to_le16 (USB_DT_INTERFACE << 8); 1271 /* interface == 0 */ 1272 len = sizeof(struct usb_interface_descriptor); 1273 expected = -EPIPE; 1274 break; 1275 /* NOTE: two consecutive stalls in the queue here. 1276 * that tests fault recovery a bit more aggressively. */ 1277 case 8: /* clear endpoint halt (MAY STALL) */ 1278 req.bRequest = USB_REQ_CLEAR_FEATURE; 1279 req.bRequestType = USB_RECIP_ENDPOINT; 1280 /* wValue 0 == ep halt */ 1281 /* wIndex 0 == ep0 (shouldn't halt!) */ 1282 len = 0; 1283 pipe = usb_sndctrlpipe(udev, 0); 1284 expected = EPIPE; 1285 break; 1286 case 9: /* get endpoint status */ 1287 req.bRequest = USB_REQ_GET_STATUS; 1288 req.bRequestType = USB_DIR_IN|USB_RECIP_ENDPOINT; 1289 /* endpoint 0 */ 1290 len = 2; 1291 break; 1292 case 10: /* trigger short read (EREMOTEIO) */ 1293 req.wValue = cpu_to_le16((USB_DT_CONFIG << 8) | 0); 1294 len = 1024; 1295 expected = -EREMOTEIO; 1296 break; 1297 /* NOTE: two consecutive _different_ faults in the queue. */ 1298 case 11: /* get endpoint descriptor (ALWAYS STALLS) */ 1299 req.wValue = cpu_to_le16(USB_DT_ENDPOINT << 8); 1300 /* endpoint == 0 */ 1301 len = sizeof(struct usb_interface_descriptor); 1302 expected = EPIPE; 1303 break; 1304 /* NOTE: sometimes even a third fault in the queue! */ 1305 case 12: /* get string 0 descriptor (MAY STALL) */ 1306 req.wValue = cpu_to_le16(USB_DT_STRING << 8); 1307 /* string == 0, for language IDs */ 1308 len = sizeof(struct usb_interface_descriptor); 1309 /* may succeed when > 4 languages */ 1310 expected = EREMOTEIO; /* or EPIPE, if no strings */ 1311 break; 1312 case 13: /* short read, resembling case 10 */ 1313 req.wValue = cpu_to_le16((USB_DT_CONFIG << 8) | 0); 1314 /* last data packet "should" be DATA1, not DATA0 */ 1315 if (udev->speed == USB_SPEED_SUPER) 1316 len = 1024 - 512; 1317 else 1318 len = 1024 - udev->descriptor.bMaxPacketSize0; 1319 expected = -EREMOTEIO; 1320 break; 1321 case 14: /* short read; try to fill the last packet */ 1322 req.wValue = cpu_to_le16((USB_DT_DEVICE << 8) | 0); 1323 /* device descriptor size == 18 bytes */ 1324 len = udev->descriptor.bMaxPacketSize0; 1325 if (udev->speed == USB_SPEED_SUPER) 1326 len = 512; 1327 switch (len) { 1328 case 8: 1329 len = 24; 1330 break; 1331 case 16: 1332 len = 32; 1333 break; 1334 } 1335 expected = -EREMOTEIO; 1336 break; 1337 case 15: 1338 req.wValue = cpu_to_le16(USB_DT_BOS << 8); 1339 if (udev->bos) 1340 len = le16_to_cpu(udev->bos->desc->wTotalLength); 1341 else 1342 len = sizeof(struct usb_bos_descriptor); 1343 if (le16_to_cpu(udev->descriptor.bcdUSB) < 0x0201) 1344 expected = -EPIPE; 1345 break; 1346 default: 1347 ERROR(dev, "bogus number of ctrl queue testcases!\n"); 1348 context.status = -EINVAL; 1349 goto cleanup; 1350 } 1351 req.wLength = cpu_to_le16(len); 1352 urb[i] = u = simple_alloc_urb(udev, pipe, len, 0); 1353 if (!u) 1354 goto cleanup; 1355 1356 reqp = kmalloc(sizeof(*reqp), GFP_KERNEL); 1357 if (!reqp) 1358 goto cleanup; 1359 reqp->setup = req; 1360 reqp->number = i % NUM_SUBCASES; 1361 reqp->expected = expected; 1362 u->setup_packet = (char *) &reqp->setup; 1363 1364 u->context = &context; 1365 u->complete = ctrl_complete; 1366 } 1367 1368 /* queue the urbs */ 1369 context.urb = urb; 1370 spin_lock_irq(&context.lock); 1371 for (i = 0; i < param->sglen; i++) { 1372 context.status = usb_submit_urb(urb[i], GFP_ATOMIC); 1373 if (context.status != 0) { 1374 ERROR(dev, "can't submit urb[%d], status %d\n", 1375 i, context.status); 1376 context.count = context.pending; 1377 break; 1378 } 1379 context.pending++; 1380 } 1381 spin_unlock_irq(&context.lock); 1382 1383 /* FIXME set timer and time out; provide a disconnect hook */ 1384 1385 /* wait for the last one to complete */ 1386 if (context.pending > 0) 1387 wait_for_completion(&context.complete); 1388 1389 cleanup: 1390 for (i = 0; i < param->sglen; i++) { 1391 if (!urb[i]) 1392 continue; 1393 urb[i]->dev = udev; 1394 kfree(urb[i]->setup_packet); 1395 simple_free_urb(urb[i]); 1396 } 1397 kfree(urb); 1398 return context.status; 1399 } 1400 #undef NUM_SUBCASES 1401 1402 1403 /*-------------------------------------------------------------------------*/ 1404 1405 static void unlink1_callback(struct urb *urb) 1406 { 1407 int status = urb->status; 1408 1409 /* we "know" -EPIPE (stall) never happens */ 1410 if (!status) 1411 status = usb_submit_urb(urb, GFP_ATOMIC); 1412 if (status) { 1413 urb->status = status; 1414 complete(urb->context); 1415 } 1416 } 1417 1418 static int unlink1(struct usbtest_dev *dev, int pipe, int size, int async) 1419 { 1420 struct urb *urb; 1421 struct completion completion; 1422 int retval = 0; 1423 1424 init_completion(&completion); 1425 urb = simple_alloc_urb(testdev_to_usbdev(dev), pipe, size, 0); 1426 if (!urb) 1427 return -ENOMEM; 1428 urb->context = &completion; 1429 urb->complete = unlink1_callback; 1430 1431 if (usb_pipeout(urb->pipe)) { 1432 simple_fill_buf(urb); 1433 urb->transfer_flags |= URB_ZERO_PACKET; 1434 } 1435 1436 /* keep the endpoint busy. there are lots of hc/hcd-internal 1437 * states, and testing should get to all of them over time. 1438 * 1439 * FIXME want additional tests for when endpoint is STALLing 1440 * due to errors, or is just NAKing requests. 1441 */ 1442 retval = usb_submit_urb(urb, GFP_KERNEL); 1443 if (retval != 0) { 1444 dev_err(&dev->intf->dev, "submit fail %d\n", retval); 1445 return retval; 1446 } 1447 1448 /* unlinking that should always work. variable delay tests more 1449 * hcd states and code paths, even with little other system load. 1450 */ 1451 msleep(jiffies % (2 * INTERRUPT_RATE)); 1452 if (async) { 1453 while (!completion_done(&completion)) { 1454 retval = usb_unlink_urb(urb); 1455 1456 if (retval == 0 && usb_pipein(urb->pipe)) 1457 retval = simple_check_buf(dev, urb); 1458 1459 switch (retval) { 1460 case -EBUSY: 1461 case -EIDRM: 1462 /* we can't unlink urbs while they're completing 1463 * or if they've completed, and we haven't 1464 * resubmitted. "normal" drivers would prevent 1465 * resubmission, but since we're testing unlink 1466 * paths, we can't. 1467 */ 1468 ERROR(dev, "unlink retry\n"); 1469 continue; 1470 case 0: 1471 case -EINPROGRESS: 1472 break; 1473 1474 default: 1475 dev_err(&dev->intf->dev, 1476 "unlink fail %d\n", retval); 1477 return retval; 1478 } 1479 1480 break; 1481 } 1482 } else 1483 usb_kill_urb(urb); 1484 1485 wait_for_completion(&completion); 1486 retval = urb->status; 1487 simple_free_urb(urb); 1488 1489 if (async) 1490 return (retval == -ECONNRESET) ? 0 : retval - 1000; 1491 else 1492 return (retval == -ENOENT || retval == -EPERM) ? 1493 0 : retval - 2000; 1494 } 1495 1496 static int unlink_simple(struct usbtest_dev *dev, int pipe, int len) 1497 { 1498 int retval = 0; 1499 1500 /* test sync and async paths */ 1501 retval = unlink1(dev, pipe, len, 1); 1502 if (!retval) 1503 retval = unlink1(dev, pipe, len, 0); 1504 return retval; 1505 } 1506 1507 /*-------------------------------------------------------------------------*/ 1508 1509 struct queued_ctx { 1510 struct completion complete; 1511 atomic_t pending; 1512 unsigned num; 1513 int status; 1514 struct urb **urbs; 1515 }; 1516 1517 static void unlink_queued_callback(struct urb *urb) 1518 { 1519 int status = urb->status; 1520 struct queued_ctx *ctx = urb->context; 1521 1522 if (ctx->status) 1523 goto done; 1524 if (urb == ctx->urbs[ctx->num - 4] || urb == ctx->urbs[ctx->num - 2]) { 1525 if (status == -ECONNRESET) 1526 goto done; 1527 /* What error should we report if the URB completed normally? */ 1528 } 1529 if (status != 0) 1530 ctx->status = status; 1531 1532 done: 1533 if (atomic_dec_and_test(&ctx->pending)) 1534 complete(&ctx->complete); 1535 } 1536 1537 static int unlink_queued(struct usbtest_dev *dev, int pipe, unsigned num, 1538 unsigned size) 1539 { 1540 struct queued_ctx ctx; 1541 struct usb_device *udev = testdev_to_usbdev(dev); 1542 void *buf; 1543 dma_addr_t buf_dma; 1544 int i; 1545 int retval = -ENOMEM; 1546 1547 init_completion(&ctx.complete); 1548 atomic_set(&ctx.pending, 1); /* One more than the actual value */ 1549 ctx.num = num; 1550 ctx.status = 0; 1551 1552 buf = usb_alloc_coherent(udev, size, GFP_KERNEL, &buf_dma); 1553 if (!buf) 1554 return retval; 1555 memset(buf, 0, size); 1556 1557 /* Allocate and init the urbs we'll queue */ 1558 ctx.urbs = kcalloc(num, sizeof(struct urb *), GFP_KERNEL); 1559 if (!ctx.urbs) 1560 goto free_buf; 1561 for (i = 0; i < num; i++) { 1562 ctx.urbs[i] = usb_alloc_urb(0, GFP_KERNEL); 1563 if (!ctx.urbs[i]) 1564 goto free_urbs; 1565 usb_fill_bulk_urb(ctx.urbs[i], udev, pipe, buf, size, 1566 unlink_queued_callback, &ctx); 1567 ctx.urbs[i]->transfer_dma = buf_dma; 1568 ctx.urbs[i]->transfer_flags = URB_NO_TRANSFER_DMA_MAP; 1569 1570 if (usb_pipeout(ctx.urbs[i]->pipe)) { 1571 simple_fill_buf(ctx.urbs[i]); 1572 ctx.urbs[i]->transfer_flags |= URB_ZERO_PACKET; 1573 } 1574 } 1575 1576 /* Submit all the URBs and then unlink URBs num - 4 and num - 2. */ 1577 for (i = 0; i < num; i++) { 1578 atomic_inc(&ctx.pending); 1579 retval = usb_submit_urb(ctx.urbs[i], GFP_KERNEL); 1580 if (retval != 0) { 1581 dev_err(&dev->intf->dev, "submit urbs[%d] fail %d\n", 1582 i, retval); 1583 atomic_dec(&ctx.pending); 1584 ctx.status = retval; 1585 break; 1586 } 1587 } 1588 if (i == num) { 1589 usb_unlink_urb(ctx.urbs[num - 4]); 1590 usb_unlink_urb(ctx.urbs[num - 2]); 1591 } else { 1592 while (--i >= 0) 1593 usb_unlink_urb(ctx.urbs[i]); 1594 } 1595 1596 if (atomic_dec_and_test(&ctx.pending)) /* The extra count */ 1597 complete(&ctx.complete); 1598 wait_for_completion(&ctx.complete); 1599 retval = ctx.status; 1600 1601 free_urbs: 1602 for (i = 0; i < num; i++) 1603 usb_free_urb(ctx.urbs[i]); 1604 kfree(ctx.urbs); 1605 free_buf: 1606 usb_free_coherent(udev, size, buf, buf_dma); 1607 return retval; 1608 } 1609 1610 /*-------------------------------------------------------------------------*/ 1611 1612 static int verify_not_halted(struct usbtest_dev *tdev, int ep, struct urb *urb) 1613 { 1614 int retval; 1615 u16 status; 1616 1617 /* shouldn't look or act halted */ 1618 retval = usb_get_std_status(urb->dev, USB_RECIP_ENDPOINT, ep, &status); 1619 if (retval < 0) { 1620 ERROR(tdev, "ep %02x couldn't get no-halt status, %d\n", 1621 ep, retval); 1622 return retval; 1623 } 1624 if (status != 0) { 1625 ERROR(tdev, "ep %02x bogus status: %04x != 0\n", ep, status); 1626 return -EINVAL; 1627 } 1628 retval = simple_io(tdev, urb, 1, 0, 0, __func__); 1629 if (retval != 0) 1630 return -EINVAL; 1631 return 0; 1632 } 1633 1634 static int verify_halted(struct usbtest_dev *tdev, int ep, struct urb *urb) 1635 { 1636 int retval; 1637 u16 status; 1638 1639 /* should look and act halted */ 1640 retval = usb_get_std_status(urb->dev, USB_RECIP_ENDPOINT, ep, &status); 1641 if (retval < 0) { 1642 ERROR(tdev, "ep %02x couldn't get halt status, %d\n", 1643 ep, retval); 1644 return retval; 1645 } 1646 if (status != 1) { 1647 ERROR(tdev, "ep %02x bogus status: %04x != 1\n", ep, status); 1648 return -EINVAL; 1649 } 1650 retval = simple_io(tdev, urb, 1, 0, -EPIPE, __func__); 1651 if (retval != -EPIPE) 1652 return -EINVAL; 1653 retval = simple_io(tdev, urb, 1, 0, -EPIPE, "verify_still_halted"); 1654 if (retval != -EPIPE) 1655 return -EINVAL; 1656 return 0; 1657 } 1658 1659 static int test_halt(struct usbtest_dev *tdev, int ep, struct urb *urb) 1660 { 1661 int retval; 1662 1663 /* shouldn't look or act halted now */ 1664 retval = verify_not_halted(tdev, ep, urb); 1665 if (retval < 0) 1666 return retval; 1667 1668 /* set halt (protocol test only), verify it worked */ 1669 retval = usb_control_msg(urb->dev, usb_sndctrlpipe(urb->dev, 0), 1670 USB_REQ_SET_FEATURE, USB_RECIP_ENDPOINT, 1671 USB_ENDPOINT_HALT, ep, 1672 NULL, 0, USB_CTRL_SET_TIMEOUT); 1673 if (retval < 0) { 1674 ERROR(tdev, "ep %02x couldn't set halt, %d\n", ep, retval); 1675 return retval; 1676 } 1677 retval = verify_halted(tdev, ep, urb); 1678 if (retval < 0) { 1679 int ret; 1680 1681 /* clear halt anyways, else further tests will fail */ 1682 ret = usb_clear_halt(urb->dev, urb->pipe); 1683 if (ret) 1684 ERROR(tdev, "ep %02x couldn't clear halt, %d\n", 1685 ep, ret); 1686 1687 return retval; 1688 } 1689 1690 /* clear halt (tests API + protocol), verify it worked */ 1691 retval = usb_clear_halt(urb->dev, urb->pipe); 1692 if (retval < 0) { 1693 ERROR(tdev, "ep %02x couldn't clear halt, %d\n", ep, retval); 1694 return retval; 1695 } 1696 retval = verify_not_halted(tdev, ep, urb); 1697 if (retval < 0) 1698 return retval; 1699 1700 /* NOTE: could also verify SET_INTERFACE clear halts ... */ 1701 1702 return 0; 1703 } 1704 1705 static int halt_simple(struct usbtest_dev *dev) 1706 { 1707 int ep; 1708 int retval = 0; 1709 struct urb *urb; 1710 struct usb_device *udev = testdev_to_usbdev(dev); 1711 1712 if (udev->speed == USB_SPEED_SUPER) 1713 urb = simple_alloc_urb(udev, 0, 1024, 0); 1714 else 1715 urb = simple_alloc_urb(udev, 0, 512, 0); 1716 if (urb == NULL) 1717 return -ENOMEM; 1718 1719 if (dev->in_pipe) { 1720 ep = usb_pipeendpoint(dev->in_pipe) | USB_DIR_IN; 1721 urb->pipe = dev->in_pipe; 1722 retval = test_halt(dev, ep, urb); 1723 if (retval < 0) 1724 goto done; 1725 } 1726 1727 if (dev->out_pipe) { 1728 ep = usb_pipeendpoint(dev->out_pipe); 1729 urb->pipe = dev->out_pipe; 1730 retval = test_halt(dev, ep, urb); 1731 } 1732 done: 1733 simple_free_urb(urb); 1734 return retval; 1735 } 1736 1737 /*-------------------------------------------------------------------------*/ 1738 1739 /* Control OUT tests use the vendor control requests from Intel's 1740 * USB 2.0 compliance test device: write a buffer, read it back. 1741 * 1742 * Intel's spec only _requires_ that it work for one packet, which 1743 * is pretty weak. Some HCDs place limits here; most devices will 1744 * need to be able to handle more than one OUT data packet. We'll 1745 * try whatever we're told to try. 1746 */ 1747 static int ctrl_out(struct usbtest_dev *dev, 1748 unsigned count, unsigned length, unsigned vary, unsigned offset) 1749 { 1750 unsigned i, j, len; 1751 int retval; 1752 u8 *buf; 1753 char *what = "?"; 1754 struct usb_device *udev; 1755 1756 if (length < 1 || length > 0xffff || vary >= length) 1757 return -EINVAL; 1758 1759 buf = kmalloc(length + offset, GFP_KERNEL); 1760 if (!buf) 1761 return -ENOMEM; 1762 1763 buf += offset; 1764 udev = testdev_to_usbdev(dev); 1765 len = length; 1766 retval = 0; 1767 1768 /* NOTE: hardware might well act differently if we pushed it 1769 * with lots back-to-back queued requests. 1770 */ 1771 for (i = 0; i < count; i++) { 1772 /* write patterned data */ 1773 for (j = 0; j < len; j++) 1774 buf[j] = (u8)(i + j); 1775 retval = usb_control_msg(udev, usb_sndctrlpipe(udev, 0), 1776 0x5b, USB_DIR_OUT|USB_TYPE_VENDOR, 1777 0, 0, buf, len, USB_CTRL_SET_TIMEOUT); 1778 if (retval != len) { 1779 what = "write"; 1780 if (retval >= 0) { 1781 ERROR(dev, "ctrl_out, wlen %d (expected %d)\n", 1782 retval, len); 1783 retval = -EBADMSG; 1784 } 1785 break; 1786 } 1787 1788 /* read it back -- assuming nothing intervened!! */ 1789 retval = usb_control_msg(udev, usb_rcvctrlpipe(udev, 0), 1790 0x5c, USB_DIR_IN|USB_TYPE_VENDOR, 1791 0, 0, buf, len, USB_CTRL_GET_TIMEOUT); 1792 if (retval != len) { 1793 what = "read"; 1794 if (retval >= 0) { 1795 ERROR(dev, "ctrl_out, rlen %d (expected %d)\n", 1796 retval, len); 1797 retval = -EBADMSG; 1798 } 1799 break; 1800 } 1801 1802 /* fail if we can't verify */ 1803 for (j = 0; j < len; j++) { 1804 if (buf[j] != (u8)(i + j)) { 1805 ERROR(dev, "ctrl_out, byte %d is %d not %d\n", 1806 j, buf[j], (u8)(i + j)); 1807 retval = -EBADMSG; 1808 break; 1809 } 1810 } 1811 if (retval < 0) { 1812 what = "verify"; 1813 break; 1814 } 1815 1816 len += vary; 1817 1818 /* [real world] the "zero bytes IN" case isn't really used. 1819 * hardware can easily trip up in this weird case, since its 1820 * status stage is IN, not OUT like other ep0in transfers. 1821 */ 1822 if (len > length) 1823 len = realworld ? 1 : 0; 1824 } 1825 1826 if (retval < 0) 1827 ERROR(dev, "ctrl_out %s failed, code %d, count %d\n", 1828 what, retval, i); 1829 1830 kfree(buf - offset); 1831 return retval; 1832 } 1833 1834 /*-------------------------------------------------------------------------*/ 1835 1836 /* ISO/BULK tests ... mimics common usage 1837 * - buffer length is split into N packets (mostly maxpacket sized) 1838 * - multi-buffers according to sglen 1839 */ 1840 1841 struct transfer_context { 1842 unsigned count; 1843 unsigned pending; 1844 spinlock_t lock; 1845 struct completion done; 1846 int submit_error; 1847 unsigned long errors; 1848 unsigned long packet_count; 1849 struct usbtest_dev *dev; 1850 bool is_iso; 1851 }; 1852 1853 static void complicated_callback(struct urb *urb) 1854 { 1855 struct transfer_context *ctx = urb->context; 1856 1857 spin_lock(&ctx->lock); 1858 ctx->count--; 1859 1860 ctx->packet_count += urb->number_of_packets; 1861 if (urb->error_count > 0) 1862 ctx->errors += urb->error_count; 1863 else if (urb->status != 0) 1864 ctx->errors += (ctx->is_iso ? urb->number_of_packets : 1); 1865 else if (urb->actual_length != urb->transfer_buffer_length) 1866 ctx->errors++; 1867 else if (check_guard_bytes(ctx->dev, urb) != 0) 1868 ctx->errors++; 1869 1870 if (urb->status == 0 && ctx->count > (ctx->pending - 1) 1871 && !ctx->submit_error) { 1872 int status = usb_submit_urb(urb, GFP_ATOMIC); 1873 switch (status) { 1874 case 0: 1875 goto done; 1876 default: 1877 dev_err(&ctx->dev->intf->dev, 1878 "resubmit err %d\n", 1879 status); 1880 /* FALLTHROUGH */ 1881 case -ENODEV: /* disconnected */ 1882 case -ESHUTDOWN: /* endpoint disabled */ 1883 ctx->submit_error = 1; 1884 break; 1885 } 1886 } 1887 1888 ctx->pending--; 1889 if (ctx->pending == 0) { 1890 if (ctx->errors) 1891 dev_err(&ctx->dev->intf->dev, 1892 "during the test, %lu errors out of %lu\n", 1893 ctx->errors, ctx->packet_count); 1894 complete(&ctx->done); 1895 } 1896 done: 1897 spin_unlock(&ctx->lock); 1898 } 1899 1900 static struct urb *iso_alloc_urb( 1901 struct usb_device *udev, 1902 int pipe, 1903 struct usb_endpoint_descriptor *desc, 1904 long bytes, 1905 unsigned offset 1906 ) 1907 { 1908 struct urb *urb; 1909 unsigned i, maxp, packets; 1910 1911 if (bytes < 0 || !desc) 1912 return NULL; 1913 maxp = usb_endpoint_maxp(desc); 1914 maxp *= usb_endpoint_maxp_mult(desc); 1915 packets = DIV_ROUND_UP(bytes, maxp); 1916 1917 urb = usb_alloc_urb(packets, GFP_KERNEL); 1918 if (!urb) 1919 return urb; 1920 urb->dev = udev; 1921 urb->pipe = pipe; 1922 1923 urb->number_of_packets = packets; 1924 urb->transfer_buffer_length = bytes; 1925 urb->transfer_buffer = usb_alloc_coherent(udev, bytes + offset, 1926 GFP_KERNEL, 1927 &urb->transfer_dma); 1928 if (!urb->transfer_buffer) { 1929 usb_free_urb(urb); 1930 return NULL; 1931 } 1932 if (offset) { 1933 memset(urb->transfer_buffer, GUARD_BYTE, offset); 1934 urb->transfer_buffer += offset; 1935 urb->transfer_dma += offset; 1936 } 1937 /* For inbound transfers use guard byte so that test fails if 1938 data not correctly copied */ 1939 memset(urb->transfer_buffer, 1940 usb_pipein(urb->pipe) ? GUARD_BYTE : 0, 1941 bytes); 1942 1943 for (i = 0; i < packets; i++) { 1944 /* here, only the last packet will be short */ 1945 urb->iso_frame_desc[i].length = min((unsigned) bytes, maxp); 1946 bytes -= urb->iso_frame_desc[i].length; 1947 1948 urb->iso_frame_desc[i].offset = maxp * i; 1949 } 1950 1951 urb->complete = complicated_callback; 1952 /* urb->context = SET BY CALLER */ 1953 urb->interval = 1 << (desc->bInterval - 1); 1954 urb->transfer_flags = URB_ISO_ASAP | URB_NO_TRANSFER_DMA_MAP; 1955 return urb; 1956 } 1957 1958 static int 1959 test_queue(struct usbtest_dev *dev, struct usbtest_param_32 *param, 1960 int pipe, struct usb_endpoint_descriptor *desc, unsigned offset) 1961 { 1962 struct transfer_context context; 1963 struct usb_device *udev; 1964 unsigned i; 1965 unsigned long packets = 0; 1966 int status = 0; 1967 struct urb *urbs[param->sglen]; 1968 1969 if (!param->sglen || param->iterations > UINT_MAX / param->sglen) 1970 return -EINVAL; 1971 1972 memset(&context, 0, sizeof(context)); 1973 context.count = param->iterations * param->sglen; 1974 context.dev = dev; 1975 context.is_iso = !!desc; 1976 init_completion(&context.done); 1977 spin_lock_init(&context.lock); 1978 1979 udev = testdev_to_usbdev(dev); 1980 1981 for (i = 0; i < param->sglen; i++) { 1982 if (context.is_iso) 1983 urbs[i] = iso_alloc_urb(udev, pipe, desc, 1984 param->length, offset); 1985 else 1986 urbs[i] = complicated_alloc_urb(udev, pipe, 1987 param->length, 0); 1988 1989 if (!urbs[i]) { 1990 status = -ENOMEM; 1991 goto fail; 1992 } 1993 packets += urbs[i]->number_of_packets; 1994 urbs[i]->context = &context; 1995 } 1996 packets *= param->iterations; 1997 1998 if (context.is_iso) { 1999 dev_info(&dev->intf->dev, 2000 "iso period %d %sframes, wMaxPacket %d, transactions: %d\n", 2001 1 << (desc->bInterval - 1), 2002 (udev->speed == USB_SPEED_HIGH) ? "micro" : "", 2003 usb_endpoint_maxp(desc), 2004 usb_endpoint_maxp_mult(desc)); 2005 2006 dev_info(&dev->intf->dev, 2007 "total %lu msec (%lu packets)\n", 2008 (packets * (1 << (desc->bInterval - 1))) 2009 / ((udev->speed == USB_SPEED_HIGH) ? 8 : 1), 2010 packets); 2011 } 2012 2013 spin_lock_irq(&context.lock); 2014 for (i = 0; i < param->sglen; i++) { 2015 ++context.pending; 2016 status = usb_submit_urb(urbs[i], GFP_ATOMIC); 2017 if (status < 0) { 2018 ERROR(dev, "submit iso[%d], error %d\n", i, status); 2019 if (i == 0) { 2020 spin_unlock_irq(&context.lock); 2021 goto fail; 2022 } 2023 2024 simple_free_urb(urbs[i]); 2025 urbs[i] = NULL; 2026 context.pending--; 2027 context.submit_error = 1; 2028 break; 2029 } 2030 } 2031 spin_unlock_irq(&context.lock); 2032 2033 wait_for_completion(&context.done); 2034 2035 for (i = 0; i < param->sglen; i++) { 2036 if (urbs[i]) 2037 simple_free_urb(urbs[i]); 2038 } 2039 /* 2040 * Isochronous transfers are expected to fail sometimes. As an 2041 * arbitrary limit, we will report an error if any submissions 2042 * fail or if the transfer failure rate is > 10%. 2043 */ 2044 if (status != 0) 2045 ; 2046 else if (context.submit_error) 2047 status = -EACCES; 2048 else if (context.errors > 2049 (context.is_iso ? context.packet_count / 10 : 0)) 2050 status = -EIO; 2051 return status; 2052 2053 fail: 2054 for (i = 0; i < param->sglen; i++) { 2055 if (urbs[i]) 2056 simple_free_urb(urbs[i]); 2057 } 2058 return status; 2059 } 2060 2061 static int test_unaligned_bulk( 2062 struct usbtest_dev *tdev, 2063 int pipe, 2064 unsigned length, 2065 int iterations, 2066 unsigned transfer_flags, 2067 const char *label) 2068 { 2069 int retval; 2070 struct urb *urb = usbtest_alloc_urb(testdev_to_usbdev(tdev), 2071 pipe, length, transfer_flags, 1, 0, simple_callback); 2072 2073 if (!urb) 2074 return -ENOMEM; 2075 2076 retval = simple_io(tdev, urb, iterations, 0, 0, label); 2077 simple_free_urb(urb); 2078 return retval; 2079 } 2080 2081 /* Run tests. */ 2082 static int 2083 usbtest_do_ioctl(struct usb_interface *intf, struct usbtest_param_32 *param) 2084 { 2085 struct usbtest_dev *dev = usb_get_intfdata(intf); 2086 struct usb_device *udev = testdev_to_usbdev(dev); 2087 struct urb *urb; 2088 struct scatterlist *sg; 2089 struct usb_sg_request req; 2090 unsigned i; 2091 int retval = -EOPNOTSUPP; 2092 2093 if (param->iterations <= 0) 2094 return -EINVAL; 2095 if (param->sglen > MAX_SGLEN) 2096 return -EINVAL; 2097 /* 2098 * Just a bunch of test cases that every HCD is expected to handle. 2099 * 2100 * Some may need specific firmware, though it'd be good to have 2101 * one firmware image to handle all the test cases. 2102 * 2103 * FIXME add more tests! cancel requests, verify the data, control 2104 * queueing, concurrent read+write threads, and so on. 2105 */ 2106 switch (param->test_num) { 2107 2108 case 0: 2109 dev_info(&intf->dev, "TEST 0: NOP\n"); 2110 retval = 0; 2111 break; 2112 2113 /* Simple non-queued bulk I/O tests */ 2114 case 1: 2115 if (dev->out_pipe == 0) 2116 break; 2117 dev_info(&intf->dev, 2118 "TEST 1: write %d bytes %u times\n", 2119 param->length, param->iterations); 2120 urb = simple_alloc_urb(udev, dev->out_pipe, param->length, 0); 2121 if (!urb) { 2122 retval = -ENOMEM; 2123 break; 2124 } 2125 /* FIRMWARE: bulk sink (maybe accepts short writes) */ 2126 retval = simple_io(dev, urb, param->iterations, 0, 0, "test1"); 2127 simple_free_urb(urb); 2128 break; 2129 case 2: 2130 if (dev->in_pipe == 0) 2131 break; 2132 dev_info(&intf->dev, 2133 "TEST 2: read %d bytes %u times\n", 2134 param->length, param->iterations); 2135 urb = simple_alloc_urb(udev, dev->in_pipe, param->length, 0); 2136 if (!urb) { 2137 retval = -ENOMEM; 2138 break; 2139 } 2140 /* FIRMWARE: bulk source (maybe generates short writes) */ 2141 retval = simple_io(dev, urb, param->iterations, 0, 0, "test2"); 2142 simple_free_urb(urb); 2143 break; 2144 case 3: 2145 if (dev->out_pipe == 0 || param->vary == 0) 2146 break; 2147 dev_info(&intf->dev, 2148 "TEST 3: write/%d 0..%d bytes %u times\n", 2149 param->vary, param->length, param->iterations); 2150 urb = simple_alloc_urb(udev, dev->out_pipe, param->length, 0); 2151 if (!urb) { 2152 retval = -ENOMEM; 2153 break; 2154 } 2155 /* FIRMWARE: bulk sink (maybe accepts short writes) */ 2156 retval = simple_io(dev, urb, param->iterations, param->vary, 2157 0, "test3"); 2158 simple_free_urb(urb); 2159 break; 2160 case 4: 2161 if (dev->in_pipe == 0 || param->vary == 0) 2162 break; 2163 dev_info(&intf->dev, 2164 "TEST 4: read/%d 0..%d bytes %u times\n", 2165 param->vary, param->length, param->iterations); 2166 urb = simple_alloc_urb(udev, dev->in_pipe, param->length, 0); 2167 if (!urb) { 2168 retval = -ENOMEM; 2169 break; 2170 } 2171 /* FIRMWARE: bulk source (maybe generates short writes) */ 2172 retval = simple_io(dev, urb, param->iterations, param->vary, 2173 0, "test4"); 2174 simple_free_urb(urb); 2175 break; 2176 2177 /* Queued bulk I/O tests */ 2178 case 5: 2179 if (dev->out_pipe == 0 || param->sglen == 0) 2180 break; 2181 dev_info(&intf->dev, 2182 "TEST 5: write %d sglists %d entries of %d bytes\n", 2183 param->iterations, 2184 param->sglen, param->length); 2185 sg = alloc_sglist(param->sglen, param->length, 2186 0, dev, dev->out_pipe); 2187 if (!sg) { 2188 retval = -ENOMEM; 2189 break; 2190 } 2191 /* FIRMWARE: bulk sink (maybe accepts short writes) */ 2192 retval = perform_sglist(dev, param->iterations, dev->out_pipe, 2193 &req, sg, param->sglen); 2194 free_sglist(sg, param->sglen); 2195 break; 2196 2197 case 6: 2198 if (dev->in_pipe == 0 || param->sglen == 0) 2199 break; 2200 dev_info(&intf->dev, 2201 "TEST 6: read %d sglists %d entries of %d bytes\n", 2202 param->iterations, 2203 param->sglen, param->length); 2204 sg = alloc_sglist(param->sglen, param->length, 2205 0, dev, dev->in_pipe); 2206 if (!sg) { 2207 retval = -ENOMEM; 2208 break; 2209 } 2210 /* FIRMWARE: bulk source (maybe generates short writes) */ 2211 retval = perform_sglist(dev, param->iterations, dev->in_pipe, 2212 &req, sg, param->sglen); 2213 free_sglist(sg, param->sglen); 2214 break; 2215 case 7: 2216 if (dev->out_pipe == 0 || param->sglen == 0 || param->vary == 0) 2217 break; 2218 dev_info(&intf->dev, 2219 "TEST 7: write/%d %d sglists %d entries 0..%d bytes\n", 2220 param->vary, param->iterations, 2221 param->sglen, param->length); 2222 sg = alloc_sglist(param->sglen, param->length, 2223 param->vary, dev, dev->out_pipe); 2224 if (!sg) { 2225 retval = -ENOMEM; 2226 break; 2227 } 2228 /* FIRMWARE: bulk sink (maybe accepts short writes) */ 2229 retval = perform_sglist(dev, param->iterations, dev->out_pipe, 2230 &req, sg, param->sglen); 2231 free_sglist(sg, param->sglen); 2232 break; 2233 case 8: 2234 if (dev->in_pipe == 0 || param->sglen == 0 || param->vary == 0) 2235 break; 2236 dev_info(&intf->dev, 2237 "TEST 8: read/%d %d sglists %d entries 0..%d bytes\n", 2238 param->vary, param->iterations, 2239 param->sglen, param->length); 2240 sg = alloc_sglist(param->sglen, param->length, 2241 param->vary, dev, dev->in_pipe); 2242 if (!sg) { 2243 retval = -ENOMEM; 2244 break; 2245 } 2246 /* FIRMWARE: bulk source (maybe generates short writes) */ 2247 retval = perform_sglist(dev, param->iterations, dev->in_pipe, 2248 &req, sg, param->sglen); 2249 free_sglist(sg, param->sglen); 2250 break; 2251 2252 /* non-queued sanity tests for control (chapter 9 subset) */ 2253 case 9: 2254 retval = 0; 2255 dev_info(&intf->dev, 2256 "TEST 9: ch9 (subset) control tests, %d times\n", 2257 param->iterations); 2258 for (i = param->iterations; retval == 0 && i--; /* NOP */) 2259 retval = ch9_postconfig(dev); 2260 if (retval) 2261 dev_err(&intf->dev, "ch9 subset failed, " 2262 "iterations left %d\n", i); 2263 break; 2264 2265 /* queued control messaging */ 2266 case 10: 2267 retval = 0; 2268 dev_info(&intf->dev, 2269 "TEST 10: queue %d control calls, %d times\n", 2270 param->sglen, 2271 param->iterations); 2272 retval = test_ctrl_queue(dev, param); 2273 break; 2274 2275 /* simple non-queued unlinks (ring with one urb) */ 2276 case 11: 2277 if (dev->in_pipe == 0 || !param->length) 2278 break; 2279 retval = 0; 2280 dev_info(&intf->dev, "TEST 11: unlink %d reads of %d\n", 2281 param->iterations, param->length); 2282 for (i = param->iterations; retval == 0 && i--; /* NOP */) 2283 retval = unlink_simple(dev, dev->in_pipe, 2284 param->length); 2285 if (retval) 2286 dev_err(&intf->dev, "unlink reads failed %d, " 2287 "iterations left %d\n", retval, i); 2288 break; 2289 case 12: 2290 if (dev->out_pipe == 0 || !param->length) 2291 break; 2292 retval = 0; 2293 dev_info(&intf->dev, "TEST 12: unlink %d writes of %d\n", 2294 param->iterations, param->length); 2295 for (i = param->iterations; retval == 0 && i--; /* NOP */) 2296 retval = unlink_simple(dev, dev->out_pipe, 2297 param->length); 2298 if (retval) 2299 dev_err(&intf->dev, "unlink writes failed %d, " 2300 "iterations left %d\n", retval, i); 2301 break; 2302 2303 /* ep halt tests */ 2304 case 13: 2305 if (dev->out_pipe == 0 && dev->in_pipe == 0) 2306 break; 2307 retval = 0; 2308 dev_info(&intf->dev, "TEST 13: set/clear %d halts\n", 2309 param->iterations); 2310 for (i = param->iterations; retval == 0 && i--; /* NOP */) 2311 retval = halt_simple(dev); 2312 2313 if (retval) 2314 ERROR(dev, "halts failed, iterations left %d\n", i); 2315 break; 2316 2317 /* control write tests */ 2318 case 14: 2319 if (!dev->info->ctrl_out) 2320 break; 2321 dev_info(&intf->dev, "TEST 14: %d ep0out, %d..%d vary %d\n", 2322 param->iterations, 2323 realworld ? 1 : 0, param->length, 2324 param->vary); 2325 retval = ctrl_out(dev, param->iterations, 2326 param->length, param->vary, 0); 2327 break; 2328 2329 /* iso write tests */ 2330 case 15: 2331 if (dev->out_iso_pipe == 0 || param->sglen == 0) 2332 break; 2333 dev_info(&intf->dev, 2334 "TEST 15: write %d iso, %d entries of %d bytes\n", 2335 param->iterations, 2336 param->sglen, param->length); 2337 /* FIRMWARE: iso sink */ 2338 retval = test_queue(dev, param, 2339 dev->out_iso_pipe, dev->iso_out, 0); 2340 break; 2341 2342 /* iso read tests */ 2343 case 16: 2344 if (dev->in_iso_pipe == 0 || param->sglen == 0) 2345 break; 2346 dev_info(&intf->dev, 2347 "TEST 16: read %d iso, %d entries of %d bytes\n", 2348 param->iterations, 2349 param->sglen, param->length); 2350 /* FIRMWARE: iso source */ 2351 retval = test_queue(dev, param, 2352 dev->in_iso_pipe, dev->iso_in, 0); 2353 break; 2354 2355 /* FIXME scatterlist cancel (needs helper thread) */ 2356 2357 /* Tests for bulk I/O using DMA mapping by core and odd address */ 2358 case 17: 2359 if (dev->out_pipe == 0) 2360 break; 2361 dev_info(&intf->dev, 2362 "TEST 17: write odd addr %d bytes %u times core map\n", 2363 param->length, param->iterations); 2364 2365 retval = test_unaligned_bulk( 2366 dev, dev->out_pipe, 2367 param->length, param->iterations, 2368 0, "test17"); 2369 break; 2370 2371 case 18: 2372 if (dev->in_pipe == 0) 2373 break; 2374 dev_info(&intf->dev, 2375 "TEST 18: read odd addr %d bytes %u times core map\n", 2376 param->length, param->iterations); 2377 2378 retval = test_unaligned_bulk( 2379 dev, dev->in_pipe, 2380 param->length, param->iterations, 2381 0, "test18"); 2382 break; 2383 2384 /* Tests for bulk I/O using premapped coherent buffer and odd address */ 2385 case 19: 2386 if (dev->out_pipe == 0) 2387 break; 2388 dev_info(&intf->dev, 2389 "TEST 19: write odd addr %d bytes %u times premapped\n", 2390 param->length, param->iterations); 2391 2392 retval = test_unaligned_bulk( 2393 dev, dev->out_pipe, 2394 param->length, param->iterations, 2395 URB_NO_TRANSFER_DMA_MAP, "test19"); 2396 break; 2397 2398 case 20: 2399 if (dev->in_pipe == 0) 2400 break; 2401 dev_info(&intf->dev, 2402 "TEST 20: read odd addr %d bytes %u times premapped\n", 2403 param->length, param->iterations); 2404 2405 retval = test_unaligned_bulk( 2406 dev, dev->in_pipe, 2407 param->length, param->iterations, 2408 URB_NO_TRANSFER_DMA_MAP, "test20"); 2409 break; 2410 2411 /* control write tests with unaligned buffer */ 2412 case 21: 2413 if (!dev->info->ctrl_out) 2414 break; 2415 dev_info(&intf->dev, 2416 "TEST 21: %d ep0out odd addr, %d..%d vary %d\n", 2417 param->iterations, 2418 realworld ? 1 : 0, param->length, 2419 param->vary); 2420 retval = ctrl_out(dev, param->iterations, 2421 param->length, param->vary, 1); 2422 break; 2423 2424 /* unaligned iso tests */ 2425 case 22: 2426 if (dev->out_iso_pipe == 0 || param->sglen == 0) 2427 break; 2428 dev_info(&intf->dev, 2429 "TEST 22: write %d iso odd, %d entries of %d bytes\n", 2430 param->iterations, 2431 param->sglen, param->length); 2432 retval = test_queue(dev, param, 2433 dev->out_iso_pipe, dev->iso_out, 1); 2434 break; 2435 2436 case 23: 2437 if (dev->in_iso_pipe == 0 || param->sglen == 0) 2438 break; 2439 dev_info(&intf->dev, 2440 "TEST 23: read %d iso odd, %d entries of %d bytes\n", 2441 param->iterations, 2442 param->sglen, param->length); 2443 retval = test_queue(dev, param, 2444 dev->in_iso_pipe, dev->iso_in, 1); 2445 break; 2446 2447 /* unlink URBs from a bulk-OUT queue */ 2448 case 24: 2449 if (dev->out_pipe == 0 || !param->length || param->sglen < 4) 2450 break; 2451 retval = 0; 2452 dev_info(&intf->dev, "TEST 24: unlink from %d queues of " 2453 "%d %d-byte writes\n", 2454 param->iterations, param->sglen, param->length); 2455 for (i = param->iterations; retval == 0 && i > 0; --i) { 2456 retval = unlink_queued(dev, dev->out_pipe, 2457 param->sglen, param->length); 2458 if (retval) { 2459 dev_err(&intf->dev, 2460 "unlink queued writes failed %d, " 2461 "iterations left %d\n", retval, i); 2462 break; 2463 } 2464 } 2465 break; 2466 2467 /* Simple non-queued interrupt I/O tests */ 2468 case 25: 2469 if (dev->out_int_pipe == 0) 2470 break; 2471 dev_info(&intf->dev, 2472 "TEST 25: write %d bytes %u times\n", 2473 param->length, param->iterations); 2474 urb = simple_alloc_urb(udev, dev->out_int_pipe, param->length, 2475 dev->int_out->bInterval); 2476 if (!urb) { 2477 retval = -ENOMEM; 2478 break; 2479 } 2480 /* FIRMWARE: interrupt sink (maybe accepts short writes) */ 2481 retval = simple_io(dev, urb, param->iterations, 0, 0, "test25"); 2482 simple_free_urb(urb); 2483 break; 2484 case 26: 2485 if (dev->in_int_pipe == 0) 2486 break; 2487 dev_info(&intf->dev, 2488 "TEST 26: read %d bytes %u times\n", 2489 param->length, param->iterations); 2490 urb = simple_alloc_urb(udev, dev->in_int_pipe, param->length, 2491 dev->int_in->bInterval); 2492 if (!urb) { 2493 retval = -ENOMEM; 2494 break; 2495 } 2496 /* FIRMWARE: interrupt source (maybe generates short writes) */ 2497 retval = simple_io(dev, urb, param->iterations, 0, 0, "test26"); 2498 simple_free_urb(urb); 2499 break; 2500 case 27: 2501 /* We do performance test, so ignore data compare */ 2502 if (dev->out_pipe == 0 || param->sglen == 0 || pattern != 0) 2503 break; 2504 dev_info(&intf->dev, 2505 "TEST 27: bulk write %dMbytes\n", (param->iterations * 2506 param->sglen * param->length) / (1024 * 1024)); 2507 retval = test_queue(dev, param, 2508 dev->out_pipe, NULL, 0); 2509 break; 2510 case 28: 2511 if (dev->in_pipe == 0 || param->sglen == 0 || pattern != 0) 2512 break; 2513 dev_info(&intf->dev, 2514 "TEST 28: bulk read %dMbytes\n", (param->iterations * 2515 param->sglen * param->length) / (1024 * 1024)); 2516 retval = test_queue(dev, param, 2517 dev->in_pipe, NULL, 0); 2518 break; 2519 } 2520 return retval; 2521 } 2522 2523 /*-------------------------------------------------------------------------*/ 2524 2525 /* We only have this one interface to user space, through usbfs. 2526 * User mode code can scan usbfs to find N different devices (maybe on 2527 * different busses) to use when testing, and allocate one thread per 2528 * test. So discovery is simplified, and we have no device naming issues. 2529 * 2530 * Don't use these only as stress/load tests. Use them along with with 2531 * other USB bus activity: plugging, unplugging, mousing, mp3 playback, 2532 * video capture, and so on. Run different tests at different times, in 2533 * different sequences. Nothing here should interact with other devices, 2534 * except indirectly by consuming USB bandwidth and CPU resources for test 2535 * threads and request completion. But the only way to know that for sure 2536 * is to test when HC queues are in use by many devices. 2537 * 2538 * WARNING: Because usbfs grabs udev->dev.sem before calling this ioctl(), 2539 * it locks out usbcore in certain code paths. Notably, if you disconnect 2540 * the device-under-test, hub_wq will wait block forever waiting for the 2541 * ioctl to complete ... so that usb_disconnect() can abort the pending 2542 * urbs and then call usbtest_disconnect(). To abort a test, you're best 2543 * off just killing the userspace task and waiting for it to exit. 2544 */ 2545 2546 static int 2547 usbtest_ioctl(struct usb_interface *intf, unsigned int code, void *buf) 2548 { 2549 2550 struct usbtest_dev *dev = usb_get_intfdata(intf); 2551 struct usbtest_param_64 *param_64 = buf; 2552 struct usbtest_param_32 temp; 2553 struct usbtest_param_32 *param_32 = buf; 2554 struct timespec64 start; 2555 struct timespec64 end; 2556 struct timespec64 duration; 2557 int retval = -EOPNOTSUPP; 2558 2559 /* FIXME USBDEVFS_CONNECTINFO doesn't say how fast the device is. */ 2560 2561 pattern = mod_pattern; 2562 2563 if (mutex_lock_interruptible(&dev->lock)) 2564 return -ERESTARTSYS; 2565 2566 /* FIXME: What if a system sleep starts while a test is running? */ 2567 2568 /* some devices, like ez-usb default devices, need a non-default 2569 * altsetting to have any active endpoints. some tests change 2570 * altsettings; force a default so most tests don't need to check. 2571 */ 2572 if (dev->info->alt >= 0) { 2573 if (intf->altsetting->desc.bInterfaceNumber) { 2574 retval = -ENODEV; 2575 goto free_mutex; 2576 } 2577 retval = set_altsetting(dev, dev->info->alt); 2578 if (retval) { 2579 dev_err(&intf->dev, 2580 "set altsetting to %d failed, %d\n", 2581 dev->info->alt, retval); 2582 goto free_mutex; 2583 } 2584 } 2585 2586 switch (code) { 2587 case USBTEST_REQUEST_64: 2588 temp.test_num = param_64->test_num; 2589 temp.iterations = param_64->iterations; 2590 temp.length = param_64->length; 2591 temp.sglen = param_64->sglen; 2592 temp.vary = param_64->vary; 2593 param_32 = &temp; 2594 break; 2595 2596 case USBTEST_REQUEST_32: 2597 break; 2598 2599 default: 2600 retval = -EOPNOTSUPP; 2601 goto free_mutex; 2602 } 2603 2604 ktime_get_ts64(&start); 2605 2606 retval = usbtest_do_ioctl(intf, param_32); 2607 if (retval < 0) 2608 goto free_mutex; 2609 2610 ktime_get_ts64(&end); 2611 2612 duration = timespec64_sub(end, start); 2613 2614 temp.duration_sec = duration.tv_sec; 2615 temp.duration_usec = duration.tv_nsec/NSEC_PER_USEC; 2616 2617 switch (code) { 2618 case USBTEST_REQUEST_32: 2619 param_32->duration_sec = temp.duration_sec; 2620 param_32->duration_usec = temp.duration_usec; 2621 break; 2622 2623 case USBTEST_REQUEST_64: 2624 param_64->duration_sec = temp.duration_sec; 2625 param_64->duration_usec = temp.duration_usec; 2626 break; 2627 } 2628 2629 free_mutex: 2630 mutex_unlock(&dev->lock); 2631 return retval; 2632 } 2633 2634 /*-------------------------------------------------------------------------*/ 2635 2636 static unsigned force_interrupt; 2637 module_param(force_interrupt, uint, 0); 2638 MODULE_PARM_DESC(force_interrupt, "0 = test default; else interrupt"); 2639 2640 #ifdef GENERIC 2641 static unsigned short vendor; 2642 module_param(vendor, ushort, 0); 2643 MODULE_PARM_DESC(vendor, "vendor code (from usb-if)"); 2644 2645 static unsigned short product; 2646 module_param(product, ushort, 0); 2647 MODULE_PARM_DESC(product, "product code (from vendor)"); 2648 #endif 2649 2650 static int 2651 usbtest_probe(struct usb_interface *intf, const struct usb_device_id *id) 2652 { 2653 struct usb_device *udev; 2654 struct usbtest_dev *dev; 2655 struct usbtest_info *info; 2656 char *rtest, *wtest; 2657 char *irtest, *iwtest; 2658 char *intrtest, *intwtest; 2659 2660 udev = interface_to_usbdev(intf); 2661 2662 #ifdef GENERIC 2663 /* specify devices by module parameters? */ 2664 if (id->match_flags == 0) { 2665 /* vendor match required, product match optional */ 2666 if (!vendor || le16_to_cpu(udev->descriptor.idVendor) != (u16)vendor) 2667 return -ENODEV; 2668 if (product && le16_to_cpu(udev->descriptor.idProduct) != (u16)product) 2669 return -ENODEV; 2670 dev_info(&intf->dev, "matched module params, " 2671 "vend=0x%04x prod=0x%04x\n", 2672 le16_to_cpu(udev->descriptor.idVendor), 2673 le16_to_cpu(udev->descriptor.idProduct)); 2674 } 2675 #endif 2676 2677 dev = kzalloc(sizeof(*dev), GFP_KERNEL); 2678 if (!dev) 2679 return -ENOMEM; 2680 info = (struct usbtest_info *) id->driver_info; 2681 dev->info = info; 2682 mutex_init(&dev->lock); 2683 2684 dev->intf = intf; 2685 2686 /* cacheline-aligned scratch for i/o */ 2687 dev->buf = kmalloc(TBUF_SIZE, GFP_KERNEL); 2688 if (dev->buf == NULL) { 2689 kfree(dev); 2690 return -ENOMEM; 2691 } 2692 2693 /* NOTE this doesn't yet test the handful of difference that are 2694 * visible with high speed interrupts: bigger maxpacket (1K) and 2695 * "high bandwidth" modes (up to 3 packets/uframe). 2696 */ 2697 rtest = wtest = ""; 2698 irtest = iwtest = ""; 2699 intrtest = intwtest = ""; 2700 if (force_interrupt || udev->speed == USB_SPEED_LOW) { 2701 if (info->ep_in) { 2702 dev->in_pipe = usb_rcvintpipe(udev, info->ep_in); 2703 rtest = " intr-in"; 2704 } 2705 if (info->ep_out) { 2706 dev->out_pipe = usb_sndintpipe(udev, info->ep_out); 2707 wtest = " intr-out"; 2708 } 2709 } else { 2710 if (override_alt >= 0 || info->autoconf) { 2711 int status; 2712 2713 status = get_endpoints(dev, intf); 2714 if (status < 0) { 2715 WARNING(dev, "couldn't get endpoints, %d\n", 2716 status); 2717 kfree(dev->buf); 2718 kfree(dev); 2719 return status; 2720 } 2721 /* may find bulk or ISO pipes */ 2722 } else { 2723 if (info->ep_in) 2724 dev->in_pipe = usb_rcvbulkpipe(udev, 2725 info->ep_in); 2726 if (info->ep_out) 2727 dev->out_pipe = usb_sndbulkpipe(udev, 2728 info->ep_out); 2729 } 2730 if (dev->in_pipe) 2731 rtest = " bulk-in"; 2732 if (dev->out_pipe) 2733 wtest = " bulk-out"; 2734 if (dev->in_iso_pipe) 2735 irtest = " iso-in"; 2736 if (dev->out_iso_pipe) 2737 iwtest = " iso-out"; 2738 if (dev->in_int_pipe) 2739 intrtest = " int-in"; 2740 if (dev->out_int_pipe) 2741 intwtest = " int-out"; 2742 } 2743 2744 usb_set_intfdata(intf, dev); 2745 dev_info(&intf->dev, "%s\n", info->name); 2746 dev_info(&intf->dev, "%s {control%s%s%s%s%s%s%s} tests%s\n", 2747 usb_speed_string(udev->speed), 2748 info->ctrl_out ? " in/out" : "", 2749 rtest, wtest, 2750 irtest, iwtest, 2751 intrtest, intwtest, 2752 info->alt >= 0 ? " (+alt)" : ""); 2753 return 0; 2754 } 2755 2756 static int usbtest_suspend(struct usb_interface *intf, pm_message_t message) 2757 { 2758 return 0; 2759 } 2760 2761 static int usbtest_resume(struct usb_interface *intf) 2762 { 2763 return 0; 2764 } 2765 2766 2767 static void usbtest_disconnect(struct usb_interface *intf) 2768 { 2769 struct usbtest_dev *dev = usb_get_intfdata(intf); 2770 2771 usb_set_intfdata(intf, NULL); 2772 dev_dbg(&intf->dev, "disconnect\n"); 2773 kfree(dev); 2774 } 2775 2776 /* Basic testing only needs a device that can source or sink bulk traffic. 2777 * Any device can test control transfers (default with GENERIC binding). 2778 * 2779 * Several entries work with the default EP0 implementation that's built 2780 * into EZ-USB chips. There's a default vendor ID which can be overridden 2781 * by (very) small config EEPROMS, but otherwise all these devices act 2782 * identically until firmware is loaded: only EP0 works. It turns out 2783 * to be easy to make other endpoints work, without modifying that EP0 2784 * behavior. For now, we expect that kind of firmware. 2785 */ 2786 2787 /* an21xx or fx versions of ez-usb */ 2788 static struct usbtest_info ez1_info = { 2789 .name = "EZ-USB device", 2790 .ep_in = 2, 2791 .ep_out = 2, 2792 .alt = 1, 2793 }; 2794 2795 /* fx2 version of ez-usb */ 2796 static struct usbtest_info ez2_info = { 2797 .name = "FX2 device", 2798 .ep_in = 6, 2799 .ep_out = 2, 2800 .alt = 1, 2801 }; 2802 2803 /* ezusb family device with dedicated usb test firmware, 2804 */ 2805 static struct usbtest_info fw_info = { 2806 .name = "usb test device", 2807 .ep_in = 2, 2808 .ep_out = 2, 2809 .alt = 1, 2810 .autoconf = 1, /* iso and ctrl_out need autoconf */ 2811 .ctrl_out = 1, 2812 .iso = 1, /* iso_ep's are #8 in/out */ 2813 }; 2814 2815 /* peripheral running Linux and 'zero.c' test firmware, or 2816 * its user-mode cousin. different versions of this use 2817 * different hardware with the same vendor/product codes. 2818 * host side MUST rely on the endpoint descriptors. 2819 */ 2820 static struct usbtest_info gz_info = { 2821 .name = "Linux gadget zero", 2822 .autoconf = 1, 2823 .ctrl_out = 1, 2824 .iso = 1, 2825 .intr = 1, 2826 .alt = 0, 2827 }; 2828 2829 static struct usbtest_info um_info = { 2830 .name = "Linux user mode test driver", 2831 .autoconf = 1, 2832 .alt = -1, 2833 }; 2834 2835 static struct usbtest_info um2_info = { 2836 .name = "Linux user mode ISO test driver", 2837 .autoconf = 1, 2838 .iso = 1, 2839 .alt = -1, 2840 }; 2841 2842 #ifdef IBOT2 2843 /* this is a nice source of high speed bulk data; 2844 * uses an FX2, with firmware provided in the device 2845 */ 2846 static struct usbtest_info ibot2_info = { 2847 .name = "iBOT2 webcam", 2848 .ep_in = 2, 2849 .alt = -1, 2850 }; 2851 #endif 2852 2853 #ifdef GENERIC 2854 /* we can use any device to test control traffic */ 2855 static struct usbtest_info generic_info = { 2856 .name = "Generic USB device", 2857 .alt = -1, 2858 }; 2859 #endif 2860 2861 2862 static const struct usb_device_id id_table[] = { 2863 2864 /*-------------------------------------------------------------*/ 2865 2866 /* EZ-USB devices which download firmware to replace (or in our 2867 * case augment) the default device implementation. 2868 */ 2869 2870 /* generic EZ-USB FX controller */ 2871 { USB_DEVICE(0x0547, 0x2235), 2872 .driver_info = (unsigned long) &ez1_info, 2873 }, 2874 2875 /* CY3671 development board with EZ-USB FX */ 2876 { USB_DEVICE(0x0547, 0x0080), 2877 .driver_info = (unsigned long) &ez1_info, 2878 }, 2879 2880 /* generic EZ-USB FX2 controller (or development board) */ 2881 { USB_DEVICE(0x04b4, 0x8613), 2882 .driver_info = (unsigned long) &ez2_info, 2883 }, 2884 2885 /* re-enumerated usb test device firmware */ 2886 { USB_DEVICE(0xfff0, 0xfff0), 2887 .driver_info = (unsigned long) &fw_info, 2888 }, 2889 2890 /* "Gadget Zero" firmware runs under Linux */ 2891 { USB_DEVICE(0x0525, 0xa4a0), 2892 .driver_info = (unsigned long) &gz_info, 2893 }, 2894 2895 /* so does a user-mode variant */ 2896 { USB_DEVICE(0x0525, 0xa4a4), 2897 .driver_info = (unsigned long) &um_info, 2898 }, 2899 2900 /* ... and a user-mode variant that talks iso */ 2901 { USB_DEVICE(0x0525, 0xa4a3), 2902 .driver_info = (unsigned long) &um2_info, 2903 }, 2904 2905 #ifdef KEYSPAN_19Qi 2906 /* Keyspan 19qi uses an21xx (original EZ-USB) */ 2907 /* this does not coexist with the real Keyspan 19qi driver! */ 2908 { USB_DEVICE(0x06cd, 0x010b), 2909 .driver_info = (unsigned long) &ez1_info, 2910 }, 2911 #endif 2912 2913 /*-------------------------------------------------------------*/ 2914 2915 #ifdef IBOT2 2916 /* iBOT2 makes a nice source of high speed bulk-in data */ 2917 /* this does not coexist with a real iBOT2 driver! */ 2918 { USB_DEVICE(0x0b62, 0x0059), 2919 .driver_info = (unsigned long) &ibot2_info, 2920 }, 2921 #endif 2922 2923 /*-------------------------------------------------------------*/ 2924 2925 #ifdef GENERIC 2926 /* module params can specify devices to use for control tests */ 2927 { .driver_info = (unsigned long) &generic_info, }, 2928 #endif 2929 2930 /*-------------------------------------------------------------*/ 2931 2932 { } 2933 }; 2934 MODULE_DEVICE_TABLE(usb, id_table); 2935 2936 static struct usb_driver usbtest_driver = { 2937 .name = "usbtest", 2938 .id_table = id_table, 2939 .probe = usbtest_probe, 2940 .unlocked_ioctl = usbtest_ioctl, 2941 .disconnect = usbtest_disconnect, 2942 .suspend = usbtest_suspend, 2943 .resume = usbtest_resume, 2944 }; 2945 2946 /*-------------------------------------------------------------------------*/ 2947 2948 static int __init usbtest_init(void) 2949 { 2950 #ifdef GENERIC 2951 if (vendor) 2952 pr_debug("params: vend=0x%04x prod=0x%04x\n", vendor, product); 2953 #endif 2954 return usb_register(&usbtest_driver); 2955 } 2956 module_init(usbtest_init); 2957 2958 static void __exit usbtest_exit(void) 2959 { 2960 usb_deregister(&usbtest_driver); 2961 } 2962 module_exit(usbtest_exit); 2963 2964 MODULE_DESCRIPTION("USB Core/HCD Testing Driver"); 2965 MODULE_LICENSE("GPL"); 2966 2967