Loading...
1// SPDX-License-Identifier: GPL-2.0+
2/*
3 * (C) Copyright Linus Torvalds 1999
4 * (C) Copyright Johannes Erdfelt 1999-2001
5 * (C) Copyright Andreas Gal 1999
6 * (C) Copyright Gregory P. Smith 1999
7 * (C) Copyright Deti Fliegl 1999
8 * (C) Copyright Randy Dunlap 2000
9 * (C) Copyright David Brownell 2000-2002
10 */
11
12#include <linux/bcd.h>
13#include <linux/module.h>
14#include <linux/version.h>
15#include <linux/kernel.h>
16#include <linux/sched/task_stack.h>
17#include <linux/slab.h>
18#include <linux/completion.h>
19#include <linux/utsname.h>
20#include <linux/mm.h>
21#include <asm/io.h>
22#include <linux/device.h>
23#include <linux/dma-mapping.h>
24#include <linux/mutex.h>
25#include <asm/irq.h>
26#include <asm/byteorder.h>
27#include <linux/unaligned.h>
28#include <linux/platform_device.h>
29#include <linux/workqueue.h>
30#include <linux/pm_runtime.h>
31#include <linux/types.h>
32#include <linux/genalloc.h>
33#include <linux/io.h>
34#include <linux/kcov.h>
35
36#include <linux/phy/phy.h>
37#include <linux/usb.h>
38#include <linux/usb/hcd.h>
39#include <linux/usb/otg.h>
40
41#include "usb.h"
42#include "phy.h"
43
44
45/*-------------------------------------------------------------------------*/
46
47/*
48 * USB Host Controller Driver framework
49 *
50 * Plugs into usbcore (usb_bus) and lets HCDs share code, minimizing
51 * HCD-specific behaviors/bugs.
52 *
53 * This does error checks, tracks devices and urbs, and delegates to a
54 * "hc_driver" only for code (and data) that really needs to know about
55 * hardware differences. That includes root hub registers, i/o queues,
56 * and so on ... but as little else as possible.
57 *
58 * Shared code includes most of the "root hub" code (these are emulated,
59 * though each HC's hardware works differently) and PCI glue, plus request
60 * tracking overhead. The HCD code should only block on spinlocks or on
61 * hardware handshaking; blocking on software events (such as other kernel
62 * threads releasing resources, or completing actions) is all generic.
63 *
64 * Happens the USB 2.0 spec says this would be invisible inside the "USBD",
65 * and includes mostly a "HCDI" (HCD Interface) along with some APIs used
66 * only by the hub driver ... and that neither should be seen or used by
67 * usb client device drivers.
68 *
69 * Contributors of ideas or unattributed patches include: David Brownell,
70 * Roman Weissgaerber, Rory Bolt, Greg Kroah-Hartman, ...
71 *
72 * HISTORY:
73 * 2002-02-21 Pull in most of the usb_bus support from usb.c; some
74 * associated cleanup. "usb_hcd" still != "usb_bus".
75 * 2001-12-12 Initial patch version for Linux 2.5.1 kernel.
76 */
77
78/*-------------------------------------------------------------------------*/
79
80/* Keep track of which host controller drivers are loaded */
81unsigned long usb_hcds_loaded;
82EXPORT_SYMBOL_GPL(usb_hcds_loaded);
83
84/* host controllers we manage */
85DEFINE_IDR (usb_bus_idr);
86EXPORT_SYMBOL_GPL (usb_bus_idr);
87
88/* used when allocating bus numbers */
89#define USB_MAXBUS 64
90
91/* used when updating list of hcds */
92DEFINE_MUTEX(usb_bus_idr_lock); /* exported only for usbfs */
93EXPORT_SYMBOL_GPL (usb_bus_idr_lock);
94
95/* used for controlling access to virtual root hubs */
96static DEFINE_SPINLOCK(hcd_root_hub_lock);
97
98/* used when updating an endpoint's URB list */
99static DEFINE_SPINLOCK(hcd_urb_list_lock);
100
101/* used to protect against unlinking URBs after the device is gone */
102static DEFINE_SPINLOCK(hcd_urb_unlink_lock);
103
104/* wait queue for synchronous unlinks */
105DECLARE_WAIT_QUEUE_HEAD(usb_kill_urb_queue);
106
107/*-------------------------------------------------------------------------*/
108
109/*
110 * Sharable chunks of root hub code.
111 */
112
113/*-------------------------------------------------------------------------*/
114#define KERNEL_REL bin2bcd(LINUX_VERSION_MAJOR)
115#define KERNEL_VER bin2bcd(LINUX_VERSION_PATCHLEVEL)
116
117/* usb 3.1 root hub device descriptor */
118static const u8 usb31_rh_dev_descriptor[18] = {
119 0x12, /* __u8 bLength; */
120 USB_DT_DEVICE, /* __u8 bDescriptorType; Device */
121 0x10, 0x03, /* __le16 bcdUSB; v3.1 */
122
123 0x09, /* __u8 bDeviceClass; HUB_CLASSCODE */
124 0x00, /* __u8 bDeviceSubClass; */
125 0x03, /* __u8 bDeviceProtocol; USB 3 hub */
126 0x09, /* __u8 bMaxPacketSize0; 2^9 = 512 Bytes */
127
128 0x6b, 0x1d, /* __le16 idVendor; Linux Foundation 0x1d6b */
129 0x03, 0x00, /* __le16 idProduct; device 0x0003 */
130 KERNEL_VER, KERNEL_REL, /* __le16 bcdDevice */
131
132 0x03, /* __u8 iManufacturer; */
133 0x02, /* __u8 iProduct; */
134 0x01, /* __u8 iSerialNumber; */
135 0x01 /* __u8 bNumConfigurations; */
136};
137
138/* usb 3.0 root hub device descriptor */
139static const u8 usb3_rh_dev_descriptor[18] = {
140 0x12, /* __u8 bLength; */
141 USB_DT_DEVICE, /* __u8 bDescriptorType; Device */
142 0x00, 0x03, /* __le16 bcdUSB; v3.0 */
143
144 0x09, /* __u8 bDeviceClass; HUB_CLASSCODE */
145 0x00, /* __u8 bDeviceSubClass; */
146 0x03, /* __u8 bDeviceProtocol; USB 3.0 hub */
147 0x09, /* __u8 bMaxPacketSize0; 2^9 = 512 Bytes */
148
149 0x6b, 0x1d, /* __le16 idVendor; Linux Foundation 0x1d6b */
150 0x03, 0x00, /* __le16 idProduct; device 0x0003 */
151 KERNEL_VER, KERNEL_REL, /* __le16 bcdDevice */
152
153 0x03, /* __u8 iManufacturer; */
154 0x02, /* __u8 iProduct; */
155 0x01, /* __u8 iSerialNumber; */
156 0x01 /* __u8 bNumConfigurations; */
157};
158
159/* usb 2.0 root hub device descriptor */
160static const u8 usb2_rh_dev_descriptor[18] = {
161 0x12, /* __u8 bLength; */
162 USB_DT_DEVICE, /* __u8 bDescriptorType; Device */
163 0x00, 0x02, /* __le16 bcdUSB; v2.0 */
164
165 0x09, /* __u8 bDeviceClass; HUB_CLASSCODE */
166 0x00, /* __u8 bDeviceSubClass; */
167 0x00, /* __u8 bDeviceProtocol; [ usb 2.0 no TT ] */
168 0x40, /* __u8 bMaxPacketSize0; 64 Bytes */
169
170 0x6b, 0x1d, /* __le16 idVendor; Linux Foundation 0x1d6b */
171 0x02, 0x00, /* __le16 idProduct; device 0x0002 */
172 KERNEL_VER, KERNEL_REL, /* __le16 bcdDevice */
173
174 0x03, /* __u8 iManufacturer; */
175 0x02, /* __u8 iProduct; */
176 0x01, /* __u8 iSerialNumber; */
177 0x01 /* __u8 bNumConfigurations; */
178};
179
180/* no usb 2.0 root hub "device qualifier" descriptor: one speed only */
181
182/* usb 1.1 root hub device descriptor */
183static const u8 usb11_rh_dev_descriptor[18] = {
184 0x12, /* __u8 bLength; */
185 USB_DT_DEVICE, /* __u8 bDescriptorType; Device */
186 0x10, 0x01, /* __le16 bcdUSB; v1.1 */
187
188 0x09, /* __u8 bDeviceClass; HUB_CLASSCODE */
189 0x00, /* __u8 bDeviceSubClass; */
190 0x00, /* __u8 bDeviceProtocol; [ low/full speeds only ] */
191 0x40, /* __u8 bMaxPacketSize0; 64 Bytes */
192
193 0x6b, 0x1d, /* __le16 idVendor; Linux Foundation 0x1d6b */
194 0x01, 0x00, /* __le16 idProduct; device 0x0001 */
195 KERNEL_VER, KERNEL_REL, /* __le16 bcdDevice */
196
197 0x03, /* __u8 iManufacturer; */
198 0x02, /* __u8 iProduct; */
199 0x01, /* __u8 iSerialNumber; */
200 0x01 /* __u8 bNumConfigurations; */
201};
202
203
204/*-------------------------------------------------------------------------*/
205
206/* Configuration descriptors for our root hubs */
207
208static const u8 fs_rh_config_descriptor[] = {
209
210 /* one configuration */
211 0x09, /* __u8 bLength; */
212 USB_DT_CONFIG, /* __u8 bDescriptorType; Configuration */
213 0x19, 0x00, /* __le16 wTotalLength; */
214 0x01, /* __u8 bNumInterfaces; (1) */
215 0x01, /* __u8 bConfigurationValue; */
216 0x00, /* __u8 iConfiguration; */
217 0xc0, /* __u8 bmAttributes;
218 Bit 7: must be set,
219 6: Self-powered,
220 5: Remote wakeup,
221 4..0: resvd */
222 0x00, /* __u8 MaxPower; */
223
224 /* USB 1.1:
225 * USB 2.0, single TT organization (mandatory):
226 * one interface, protocol 0
227 *
228 * USB 2.0, multiple TT organization (optional):
229 * two interfaces, protocols 1 (like single TT)
230 * and 2 (multiple TT mode) ... config is
231 * sometimes settable
232 * NOT IMPLEMENTED
233 */
234
235 /* one interface */
236 0x09, /* __u8 if_bLength; */
237 USB_DT_INTERFACE, /* __u8 if_bDescriptorType; Interface */
238 0x00, /* __u8 if_bInterfaceNumber; */
239 0x00, /* __u8 if_bAlternateSetting; */
240 0x01, /* __u8 if_bNumEndpoints; */
241 0x09, /* __u8 if_bInterfaceClass; HUB_CLASSCODE */
242 0x00, /* __u8 if_bInterfaceSubClass; */
243 0x00, /* __u8 if_bInterfaceProtocol; [usb1.1 or single tt] */
244 0x00, /* __u8 if_iInterface; */
245
246 /* one endpoint (status change endpoint) */
247 0x07, /* __u8 ep_bLength; */
248 USB_DT_ENDPOINT, /* __u8 ep_bDescriptorType; Endpoint */
249 0x81, /* __u8 ep_bEndpointAddress; IN Endpoint 1 */
250 0x03, /* __u8 ep_bmAttributes; Interrupt */
251 0x02, 0x00, /* __le16 ep_wMaxPacketSize; 1 + (MAX_ROOT_PORTS / 8) */
252 0xff /* __u8 ep_bInterval; (255ms -- usb 2.0 spec) */
253};
254
255static const u8 hs_rh_config_descriptor[] = {
256
257 /* one configuration */
258 0x09, /* __u8 bLength; */
259 USB_DT_CONFIG, /* __u8 bDescriptorType; Configuration */
260 0x19, 0x00, /* __le16 wTotalLength; */
261 0x01, /* __u8 bNumInterfaces; (1) */
262 0x01, /* __u8 bConfigurationValue; */
263 0x00, /* __u8 iConfiguration; */
264 0xc0, /* __u8 bmAttributes;
265 Bit 7: must be set,
266 6: Self-powered,
267 5: Remote wakeup,
268 4..0: resvd */
269 0x00, /* __u8 MaxPower; */
270
271 /* USB 1.1:
272 * USB 2.0, single TT organization (mandatory):
273 * one interface, protocol 0
274 *
275 * USB 2.0, multiple TT organization (optional):
276 * two interfaces, protocols 1 (like single TT)
277 * and 2 (multiple TT mode) ... config is
278 * sometimes settable
279 * NOT IMPLEMENTED
280 */
281
282 /* one interface */
283 0x09, /* __u8 if_bLength; */
284 USB_DT_INTERFACE, /* __u8 if_bDescriptorType; Interface */
285 0x00, /* __u8 if_bInterfaceNumber; */
286 0x00, /* __u8 if_bAlternateSetting; */
287 0x01, /* __u8 if_bNumEndpoints; */
288 0x09, /* __u8 if_bInterfaceClass; HUB_CLASSCODE */
289 0x00, /* __u8 if_bInterfaceSubClass; */
290 0x00, /* __u8 if_bInterfaceProtocol; [usb1.1 or single tt] */
291 0x00, /* __u8 if_iInterface; */
292
293 /* one endpoint (status change endpoint) */
294 0x07, /* __u8 ep_bLength; */
295 USB_DT_ENDPOINT, /* __u8 ep_bDescriptorType; Endpoint */
296 0x81, /* __u8 ep_bEndpointAddress; IN Endpoint 1 */
297 0x03, /* __u8 ep_bmAttributes; Interrupt */
298 /* __le16 ep_wMaxPacketSize; 1 + (MAX_ROOT_PORTS / 8)
299 * see hub.c:hub_configure() for details. */
300 (USB_MAXCHILDREN + 1 + 7) / 8, 0x00,
301 0x0c /* __u8 ep_bInterval; (256ms -- usb 2.0 spec) */
302};
303
304static const u8 ss_rh_config_descriptor[] = {
305 /* one configuration */
306 0x09, /* __u8 bLength; */
307 USB_DT_CONFIG, /* __u8 bDescriptorType; Configuration */
308 0x1f, 0x00, /* __le16 wTotalLength; */
309 0x01, /* __u8 bNumInterfaces; (1) */
310 0x01, /* __u8 bConfigurationValue; */
311 0x00, /* __u8 iConfiguration; */
312 0xc0, /* __u8 bmAttributes;
313 Bit 7: must be set,
314 6: Self-powered,
315 5: Remote wakeup,
316 4..0: resvd */
317 0x00, /* __u8 MaxPower; */
318
319 /* one interface */
320 0x09, /* __u8 if_bLength; */
321 USB_DT_INTERFACE, /* __u8 if_bDescriptorType; Interface */
322 0x00, /* __u8 if_bInterfaceNumber; */
323 0x00, /* __u8 if_bAlternateSetting; */
324 0x01, /* __u8 if_bNumEndpoints; */
325 0x09, /* __u8 if_bInterfaceClass; HUB_CLASSCODE */
326 0x00, /* __u8 if_bInterfaceSubClass; */
327 0x00, /* __u8 if_bInterfaceProtocol; */
328 0x00, /* __u8 if_iInterface; */
329
330 /* one endpoint (status change endpoint) */
331 0x07, /* __u8 ep_bLength; */
332 USB_DT_ENDPOINT, /* __u8 ep_bDescriptorType; Endpoint */
333 0x81, /* __u8 ep_bEndpointAddress; IN Endpoint 1 */
334 0x03, /* __u8 ep_bmAttributes; Interrupt */
335 /* __le16 ep_wMaxPacketSize; 1 + (MAX_ROOT_PORTS / 8)
336 * see hub.c:hub_configure() for details. */
337 (USB_MAXCHILDREN + 1 + 7) / 8, 0x00,
338 0x0c, /* __u8 ep_bInterval; (256ms -- usb 2.0 spec) */
339
340 /* one SuperSpeed endpoint companion descriptor */
341 0x06, /* __u8 ss_bLength */
342 USB_DT_SS_ENDPOINT_COMP, /* __u8 ss_bDescriptorType; SuperSpeed EP */
343 /* Companion */
344 0x00, /* __u8 ss_bMaxBurst; allows 1 TX between ACKs */
345 0x00, /* __u8 ss_bmAttributes; 1 packet per service interval */
346 0x02, 0x00 /* __le16 ss_wBytesPerInterval; 15 bits for max 15 ports */
347};
348
349/* authorized_default behaviour:
350 * -1 is authorized for all devices (leftover from wireless USB)
351 * 0 is unauthorized for all devices
352 * 1 is authorized for all devices
353 * 2 is authorized for internal devices
354 */
355#define USB_AUTHORIZE_WIRED -1
356#define USB_AUTHORIZE_NONE 0
357#define USB_AUTHORIZE_ALL 1
358#define USB_AUTHORIZE_INTERNAL 2
359
360static int authorized_default = CONFIG_USB_DEFAULT_AUTHORIZATION_MODE;
361module_param(authorized_default, int, S_IRUGO|S_IWUSR);
362MODULE_PARM_DESC(authorized_default,
363 "Default USB device authorization: 0 is not authorized, 1 is authorized (default), 2 is authorized for internal devices, -1 is authorized (same as 1)");
364/*-------------------------------------------------------------------------*/
365
366/**
367 * ascii2desc() - Helper routine for producing UTF-16LE string descriptors
368 * @s: Null-terminated ASCII (actually ISO-8859-1) string
369 * @buf: Buffer for USB string descriptor (header + UTF-16LE)
370 * @len: Length (in bytes; may be odd) of descriptor buffer.
371 *
372 * Return: The number of bytes filled in: 2 + 2*strlen(s) or @len,
373 * whichever is less.
374 *
375 * Note:
376 * USB String descriptors can contain at most 126 characters; input
377 * strings longer than that are truncated.
378 */
379static unsigned
380ascii2desc(char const *s, u8 *buf, unsigned len)
381{
382 unsigned n, t = 2 + 2*strlen(s);
383
384 if (t > 254)
385 t = 254; /* Longest possible UTF string descriptor */
386 if (len > t)
387 len = t;
388
389 t += USB_DT_STRING << 8; /* Now t is first 16 bits to store */
390
391 n = len;
392 while (n--) {
393 *buf++ = t;
394 if (!n--)
395 break;
396 *buf++ = t >> 8;
397 t = (unsigned char)*s++;
398 }
399 return len;
400}
401
402/**
403 * rh_string() - provides string descriptors for root hub
404 * @id: the string ID number (0: langids, 1: serial #, 2: product, 3: vendor)
405 * @hcd: the host controller for this root hub
406 * @data: buffer for output packet
407 * @len: length of the provided buffer
408 *
409 * Produces either a manufacturer, product or serial number string for the
410 * virtual root hub device.
411 *
412 * Return: The number of bytes filled in: the length of the descriptor or
413 * of the provided buffer, whichever is less.
414 */
415static unsigned
416rh_string(int id, struct usb_hcd const *hcd, u8 *data, unsigned len)
417{
418 char buf[100];
419 char const *s;
420 static char const langids[4] = {4, USB_DT_STRING, 0x09, 0x04};
421
422 /* language ids */
423 switch (id) {
424 case 0:
425 /* Array of LANGID codes (0x0409 is MSFT-speak for "en-us") */
426 /* See http://www.usb.org/developers/docs/USB_LANGIDs.pdf */
427 if (len > 4)
428 len = 4;
429 memcpy(data, langids, len);
430 return len;
431 case 1:
432 /* Serial number */
433 s = hcd->self.bus_name;
434 break;
435 case 2:
436 /* Product name */
437 s = hcd->product_desc;
438 break;
439 case 3:
440 /* Manufacturer */
441 snprintf (buf, sizeof buf, "%s %s %s", init_utsname()->sysname,
442 init_utsname()->release, hcd->driver->description);
443 s = buf;
444 break;
445 default:
446 /* Can't happen; caller guarantees it */
447 return 0;
448 }
449
450 return ascii2desc(s, data, len);
451}
452
453
454/* Root hub control transfers execute synchronously */
455static int rh_call_control (struct usb_hcd *hcd, struct urb *urb)
456{
457 struct usb_ctrlrequest *cmd;
458 u16 typeReq, wValue, wIndex, wLength;
459 u8 *ubuf = urb->transfer_buffer;
460 unsigned len = 0;
461 int status;
462 u8 patch_wakeup = 0;
463 u8 patch_protocol = 0;
464 u16 tbuf_size;
465 u8 *tbuf = NULL;
466 const u8 *bufp;
467
468 might_sleep();
469
470 spin_lock_irq(&hcd_root_hub_lock);
471 status = usb_hcd_link_urb_to_ep(hcd, urb);
472 spin_unlock_irq(&hcd_root_hub_lock);
473 if (status)
474 return status;
475 urb->hcpriv = hcd; /* Indicate it's queued */
476
477 cmd = (struct usb_ctrlrequest *) urb->setup_packet;
478 typeReq = (cmd->bRequestType << 8) | cmd->bRequest;
479 wValue = le16_to_cpu (cmd->wValue);
480 wIndex = le16_to_cpu (cmd->wIndex);
481 wLength = le16_to_cpu (cmd->wLength);
482
483 if (wLength > urb->transfer_buffer_length)
484 goto error;
485
486 /*
487 * tbuf should be at least as big as the
488 * USB hub descriptor.
489 */
490 tbuf_size = max_t(u16, sizeof(struct usb_hub_descriptor), wLength);
491 tbuf = kzalloc(tbuf_size, GFP_KERNEL);
492 if (!tbuf) {
493 status = -ENOMEM;
494 goto err_alloc;
495 }
496
497 bufp = tbuf;
498
499
500 urb->actual_length = 0;
501 switch (typeReq) {
502
503 /* DEVICE REQUESTS */
504
505 /* The root hub's remote wakeup enable bit is implemented using
506 * driver model wakeup flags. If this system supports wakeup
507 * through USB, userspace may change the default "allow wakeup"
508 * policy through sysfs or these calls.
509 *
510 * Most root hubs support wakeup from downstream devices, for
511 * runtime power management (disabling USB clocks and reducing
512 * VBUS power usage). However, not all of them do so; silicon,
513 * board, and BIOS bugs here are not uncommon, so these can't
514 * be treated quite like external hubs.
515 *
516 * Likewise, not all root hubs will pass wakeup events upstream,
517 * to wake up the whole system. So don't assume root hub and
518 * controller capabilities are identical.
519 */
520
521 case DeviceRequest | USB_REQ_GET_STATUS:
522 tbuf[0] = (device_may_wakeup(&hcd->self.root_hub->dev)
523 << USB_DEVICE_REMOTE_WAKEUP)
524 | (1 << USB_DEVICE_SELF_POWERED);
525 tbuf[1] = 0;
526 len = 2;
527 break;
528 case DeviceOutRequest | USB_REQ_CLEAR_FEATURE:
529 if (wValue == USB_DEVICE_REMOTE_WAKEUP)
530 device_set_wakeup_enable(&hcd->self.root_hub->dev, 0);
531 else
532 goto error;
533 break;
534 case DeviceOutRequest | USB_REQ_SET_FEATURE:
535 if (device_can_wakeup(&hcd->self.root_hub->dev)
536 && wValue == USB_DEVICE_REMOTE_WAKEUP)
537 device_set_wakeup_enable(&hcd->self.root_hub->dev, 1);
538 else
539 goto error;
540 break;
541 case DeviceRequest | USB_REQ_GET_CONFIGURATION:
542 tbuf[0] = 1;
543 len = 1;
544 fallthrough;
545 case DeviceOutRequest | USB_REQ_SET_CONFIGURATION:
546 break;
547 case DeviceRequest | USB_REQ_GET_DESCRIPTOR:
548 switch (wValue & 0xff00) {
549 case USB_DT_DEVICE << 8:
550 switch (hcd->speed) {
551 case HCD_USB32:
552 case HCD_USB31:
553 bufp = usb31_rh_dev_descriptor;
554 break;
555 case HCD_USB3:
556 bufp = usb3_rh_dev_descriptor;
557 break;
558 case HCD_USB2:
559 bufp = usb2_rh_dev_descriptor;
560 break;
561 case HCD_USB11:
562 bufp = usb11_rh_dev_descriptor;
563 break;
564 default:
565 goto error;
566 }
567 len = 18;
568 if (hcd->has_tt)
569 patch_protocol = 1;
570 break;
571 case USB_DT_CONFIG << 8:
572 switch (hcd->speed) {
573 case HCD_USB32:
574 case HCD_USB31:
575 case HCD_USB3:
576 bufp = ss_rh_config_descriptor;
577 len = sizeof ss_rh_config_descriptor;
578 break;
579 case HCD_USB2:
580 bufp = hs_rh_config_descriptor;
581 len = sizeof hs_rh_config_descriptor;
582 break;
583 case HCD_USB11:
584 bufp = fs_rh_config_descriptor;
585 len = sizeof fs_rh_config_descriptor;
586 break;
587 default:
588 goto error;
589 }
590 if (device_can_wakeup(&hcd->self.root_hub->dev))
591 patch_wakeup = 1;
592 break;
593 case USB_DT_STRING << 8:
594 if ((wValue & 0xff) < 4)
595 urb->actual_length = rh_string(wValue & 0xff,
596 hcd, ubuf, wLength);
597 else /* unsupported IDs --> "protocol stall" */
598 goto error;
599 break;
600 case USB_DT_BOS << 8:
601 goto nongeneric;
602 default:
603 goto error;
604 }
605 break;
606 case DeviceRequest | USB_REQ_GET_INTERFACE:
607 tbuf[0] = 0;
608 len = 1;
609 fallthrough;
610 case DeviceOutRequest | USB_REQ_SET_INTERFACE:
611 break;
612 case DeviceOutRequest | USB_REQ_SET_ADDRESS:
613 /* wValue == urb->dev->devaddr */
614 dev_dbg (hcd->self.controller, "root hub device address %d\n",
615 wValue);
616 break;
617
618 /* INTERFACE REQUESTS (no defined feature/status flags) */
619
620 /* ENDPOINT REQUESTS */
621
622 case EndpointRequest | USB_REQ_GET_STATUS:
623 /* ENDPOINT_HALT flag */
624 tbuf[0] = 0;
625 tbuf[1] = 0;
626 len = 2;
627 fallthrough;
628 case EndpointOutRequest | USB_REQ_CLEAR_FEATURE:
629 case EndpointOutRequest | USB_REQ_SET_FEATURE:
630 dev_dbg (hcd->self.controller, "no endpoint features yet\n");
631 break;
632
633 /* CLASS REQUESTS (and errors) */
634
635 default:
636nongeneric:
637 /* non-generic request */
638 switch (typeReq) {
639 case GetHubStatus:
640 len = 4;
641 break;
642 case GetPortStatus:
643 if (wValue == HUB_PORT_STATUS)
644 len = 4;
645 else
646 /* other port status types return 8 bytes */
647 len = 8;
648 break;
649 case GetHubDescriptor:
650 len = sizeof (struct usb_hub_descriptor);
651 break;
652 case DeviceRequest | USB_REQ_GET_DESCRIPTOR:
653 /* len is returned by hub_control */
654 break;
655 }
656 status = hcd->driver->hub_control (hcd,
657 typeReq, wValue, wIndex,
658 tbuf, wLength);
659
660 if (typeReq == GetHubDescriptor)
661 usb_hub_adjust_deviceremovable(hcd->self.root_hub,
662 (struct usb_hub_descriptor *)tbuf);
663 break;
664error:
665 /* "protocol stall" on error */
666 status = -EPIPE;
667 }
668
669 if (status < 0) {
670 len = 0;
671 if (status != -EPIPE) {
672 dev_dbg (hcd->self.controller,
673 "CTRL: TypeReq=0x%x val=0x%x "
674 "idx=0x%x len=%d ==> %d\n",
675 typeReq, wValue, wIndex,
676 wLength, status);
677 }
678 } else if (status > 0) {
679 /* hub_control may return the length of data copied. */
680 len = status;
681 status = 0;
682 }
683 if (len) {
684 if (urb->transfer_buffer_length < len)
685 len = urb->transfer_buffer_length;
686 urb->actual_length = len;
687 /* always USB_DIR_IN, toward host */
688 memcpy (ubuf, bufp, len);
689
690 /* report whether RH hardware supports remote wakeup */
691 if (patch_wakeup &&
692 len > offsetof (struct usb_config_descriptor,
693 bmAttributes))
694 ((struct usb_config_descriptor *)ubuf)->bmAttributes
695 |= USB_CONFIG_ATT_WAKEUP;
696
697 /* report whether RH hardware has an integrated TT */
698 if (patch_protocol &&
699 len > offsetof(struct usb_device_descriptor,
700 bDeviceProtocol))
701 ((struct usb_device_descriptor *) ubuf)->
702 bDeviceProtocol = USB_HUB_PR_HS_SINGLE_TT;
703 }
704
705 kfree(tbuf);
706 err_alloc:
707
708 /* any errors get returned through the urb completion */
709 spin_lock_irq(&hcd_root_hub_lock);
710 usb_hcd_unlink_urb_from_ep(hcd, urb);
711 usb_hcd_giveback_urb(hcd, urb, status);
712 spin_unlock_irq(&hcd_root_hub_lock);
713 return 0;
714}
715
716/*-------------------------------------------------------------------------*/
717
718/*
719 * Root Hub interrupt transfers are polled using a timer if the
720 * driver requests it; otherwise the driver is responsible for
721 * calling usb_hcd_poll_rh_status() when an event occurs.
722 *
723 * Completion handler may not sleep. See usb_hcd_giveback_urb() for details.
724 */
725void usb_hcd_poll_rh_status(struct usb_hcd *hcd)
726{
727 struct urb *urb;
728 int length;
729 int status;
730 unsigned long flags;
731 char buffer[6]; /* Any root hubs with > 31 ports? */
732
733 if (unlikely(!hcd->rh_pollable))
734 return;
735 if (!hcd->uses_new_polling && !hcd->status_urb)
736 return;
737
738 length = hcd->driver->hub_status_data(hcd, buffer);
739 if (length > 0) {
740
741 /* try to complete the status urb */
742 spin_lock_irqsave(&hcd_root_hub_lock, flags);
743 urb = hcd->status_urb;
744 if (urb) {
745 clear_bit(HCD_FLAG_POLL_PENDING, &hcd->flags);
746 hcd->status_urb = NULL;
747 if (urb->transfer_buffer_length >= length) {
748 status = 0;
749 } else {
750 status = -EOVERFLOW;
751 length = urb->transfer_buffer_length;
752 }
753 urb->actual_length = length;
754 memcpy(urb->transfer_buffer, buffer, length);
755
756 usb_hcd_unlink_urb_from_ep(hcd, urb);
757 usb_hcd_giveback_urb(hcd, urb, status);
758 } else {
759 length = 0;
760 set_bit(HCD_FLAG_POLL_PENDING, &hcd->flags);
761 }
762 spin_unlock_irqrestore(&hcd_root_hub_lock, flags);
763 }
764
765 /* The USB 2.0 spec says 256 ms. This is close enough and won't
766 * exceed that limit if HZ is 100. The math is more clunky than
767 * maybe expected, this is to make sure that all timers for USB devices
768 * fire at the same time to give the CPU a break in between */
769 if (hcd->uses_new_polling ? HCD_POLL_RH(hcd) :
770 (length == 0 && hcd->status_urb != NULL))
771 mod_timer (&hcd->rh_timer, (jiffies/(HZ/4) + 1) * (HZ/4));
772}
773EXPORT_SYMBOL_GPL(usb_hcd_poll_rh_status);
774
775/* timer callback */
776static void rh_timer_func (struct timer_list *t)
777{
778 struct usb_hcd *_hcd = from_timer(_hcd, t, rh_timer);
779
780 usb_hcd_poll_rh_status(_hcd);
781}
782
783/*-------------------------------------------------------------------------*/
784
785static int rh_queue_status (struct usb_hcd *hcd, struct urb *urb)
786{
787 int retval;
788 unsigned long flags;
789 unsigned len = 1 + (urb->dev->maxchild / 8);
790
791 spin_lock_irqsave (&hcd_root_hub_lock, flags);
792 if (hcd->status_urb || urb->transfer_buffer_length < len) {
793 dev_dbg (hcd->self.controller, "not queuing rh status urb\n");
794 retval = -EINVAL;
795 goto done;
796 }
797
798 retval = usb_hcd_link_urb_to_ep(hcd, urb);
799 if (retval)
800 goto done;
801
802 hcd->status_urb = urb;
803 urb->hcpriv = hcd; /* indicate it's queued */
804 if (!hcd->uses_new_polling)
805 mod_timer(&hcd->rh_timer, (jiffies/(HZ/4) + 1) * (HZ/4));
806
807 /* If a status change has already occurred, report it ASAP */
808 else if (HCD_POLL_PENDING(hcd))
809 mod_timer(&hcd->rh_timer, jiffies);
810 retval = 0;
811 done:
812 spin_unlock_irqrestore (&hcd_root_hub_lock, flags);
813 return retval;
814}
815
816static int rh_urb_enqueue (struct usb_hcd *hcd, struct urb *urb)
817{
818 if (usb_endpoint_xfer_int(&urb->ep->desc))
819 return rh_queue_status (hcd, urb);
820 if (usb_endpoint_xfer_control(&urb->ep->desc))
821 return rh_call_control (hcd, urb);
822 return -EINVAL;
823}
824
825/*-------------------------------------------------------------------------*/
826
827/* Unlinks of root-hub control URBs are legal, but they don't do anything
828 * since these URBs always execute synchronously.
829 */
830static int usb_rh_urb_dequeue(struct usb_hcd *hcd, struct urb *urb, int status)
831{
832 unsigned long flags;
833 int rc;
834
835 spin_lock_irqsave(&hcd_root_hub_lock, flags);
836 rc = usb_hcd_check_unlink_urb(hcd, urb, status);
837 if (rc)
838 goto done;
839
840 if (usb_endpoint_num(&urb->ep->desc) == 0) { /* Control URB */
841 ; /* Do nothing */
842
843 } else { /* Status URB */
844 if (!hcd->uses_new_polling)
845 del_timer (&hcd->rh_timer);
846 if (urb == hcd->status_urb) {
847 hcd->status_urb = NULL;
848 usb_hcd_unlink_urb_from_ep(hcd, urb);
849 usb_hcd_giveback_urb(hcd, urb, status);
850 }
851 }
852 done:
853 spin_unlock_irqrestore(&hcd_root_hub_lock, flags);
854 return rc;
855}
856
857
858/*-------------------------------------------------------------------------*/
859
860/**
861 * usb_bus_init - shared initialization code
862 * @bus: the bus structure being initialized
863 *
864 * This code is used to initialize a usb_bus structure, memory for which is
865 * separately managed.
866 */
867static void usb_bus_init (struct usb_bus *bus)
868{
869 memset(&bus->devmap, 0, sizeof(bus->devmap));
870
871 bus->devnum_next = 1;
872
873 bus->root_hub = NULL;
874 bus->busnum = -1;
875 bus->bandwidth_allocated = 0;
876 bus->bandwidth_int_reqs = 0;
877 bus->bandwidth_isoc_reqs = 0;
878 mutex_init(&bus->devnum_next_mutex);
879}
880
881/*-------------------------------------------------------------------------*/
882
883/**
884 * usb_register_bus - registers the USB host controller with the usb core
885 * @bus: pointer to the bus to register
886 *
887 * Context: task context, might sleep.
888 *
889 * Assigns a bus number, and links the controller into usbcore data
890 * structures so that it can be seen by scanning the bus list.
891 *
892 * Return: 0 if successful. A negative error code otherwise.
893 */
894static int usb_register_bus(struct usb_bus *bus)
895{
896 int result = -E2BIG;
897 int busnum;
898
899 mutex_lock(&usb_bus_idr_lock);
900 busnum = idr_alloc(&usb_bus_idr, bus, 1, USB_MAXBUS, GFP_KERNEL);
901 if (busnum < 0) {
902 pr_err("%s: failed to get bus number\n", usbcore_name);
903 goto error_find_busnum;
904 }
905 bus->busnum = busnum;
906 mutex_unlock(&usb_bus_idr_lock);
907
908 usb_notify_add_bus(bus);
909
910 dev_info (bus->controller, "new USB bus registered, assigned bus "
911 "number %d\n", bus->busnum);
912 return 0;
913
914error_find_busnum:
915 mutex_unlock(&usb_bus_idr_lock);
916 return result;
917}
918
919/**
920 * usb_deregister_bus - deregisters the USB host controller
921 * @bus: pointer to the bus to deregister
922 *
923 * Context: task context, might sleep.
924 *
925 * Recycles the bus number, and unlinks the controller from usbcore data
926 * structures so that it won't be seen by scanning the bus list.
927 */
928static void usb_deregister_bus (struct usb_bus *bus)
929{
930 dev_info (bus->controller, "USB bus %d deregistered\n", bus->busnum);
931
932 /*
933 * NOTE: make sure that all the devices are removed by the
934 * controller code, as well as having it call this when cleaning
935 * itself up
936 */
937 mutex_lock(&usb_bus_idr_lock);
938 idr_remove(&usb_bus_idr, bus->busnum);
939 mutex_unlock(&usb_bus_idr_lock);
940
941 usb_notify_remove_bus(bus);
942}
943
944/**
945 * register_root_hub - called by usb_add_hcd() to register a root hub
946 * @hcd: host controller for this root hub
947 *
948 * This function registers the root hub with the USB subsystem. It sets up
949 * the device properly in the device tree and then calls usb_new_device()
950 * to register the usb device. It also assigns the root hub's USB address
951 * (always 1).
952 *
953 * Return: 0 if successful. A negative error code otherwise.
954 */
955static int register_root_hub(struct usb_hcd *hcd)
956{
957 struct device *parent_dev = hcd->self.controller;
958 struct usb_device *usb_dev = hcd->self.root_hub;
959 struct usb_device_descriptor *descr;
960 const int devnum = 1;
961 int retval;
962
963 usb_dev->devnum = devnum;
964 usb_dev->bus->devnum_next = devnum + 1;
965 set_bit(devnum, usb_dev->bus->devmap);
966 usb_set_device_state(usb_dev, USB_STATE_ADDRESS);
967
968 mutex_lock(&usb_bus_idr_lock);
969
970 usb_dev->ep0.desc.wMaxPacketSize = cpu_to_le16(64);
971 descr = usb_get_device_descriptor(usb_dev);
972 if (IS_ERR(descr)) {
973 retval = PTR_ERR(descr);
974 mutex_unlock(&usb_bus_idr_lock);
975 dev_dbg (parent_dev, "can't read %s device descriptor %d\n",
976 dev_name(&usb_dev->dev), retval);
977 return retval;
978 }
979 usb_dev->descriptor = *descr;
980 kfree(descr);
981
982 if (le16_to_cpu(usb_dev->descriptor.bcdUSB) >= 0x0201) {
983 retval = usb_get_bos_descriptor(usb_dev);
984 if (!retval) {
985 usb_dev->lpm_capable = usb_device_supports_lpm(usb_dev);
986 } else if (usb_dev->speed >= USB_SPEED_SUPER) {
987 mutex_unlock(&usb_bus_idr_lock);
988 dev_dbg(parent_dev, "can't read %s bos descriptor %d\n",
989 dev_name(&usb_dev->dev), retval);
990 return retval;
991 }
992 }
993
994 retval = usb_new_device (usb_dev);
995 if (retval) {
996 dev_err (parent_dev, "can't register root hub for %s, %d\n",
997 dev_name(&usb_dev->dev), retval);
998 } else {
999 spin_lock_irq (&hcd_root_hub_lock);
1000 hcd->rh_registered = 1;
1001 spin_unlock_irq (&hcd_root_hub_lock);
1002
1003 /* Did the HC die before the root hub was registered? */
1004 if (HCD_DEAD(hcd))
1005 usb_hc_died (hcd); /* This time clean up */
1006 }
1007 mutex_unlock(&usb_bus_idr_lock);
1008
1009 return retval;
1010}
1011
1012/*
1013 * usb_hcd_start_port_resume - a root-hub port is sending a resume signal
1014 * @bus: the bus which the root hub belongs to
1015 * @portnum: the port which is being resumed
1016 *
1017 * HCDs should call this function when they know that a resume signal is
1018 * being sent to a root-hub port. The root hub will be prevented from
1019 * going into autosuspend until usb_hcd_end_port_resume() is called.
1020 *
1021 * The bus's private lock must be held by the caller.
1022 */
1023void usb_hcd_start_port_resume(struct usb_bus *bus, int portnum)
1024{
1025 unsigned bit = 1 << portnum;
1026
1027 if (!(bus->resuming_ports & bit)) {
1028 bus->resuming_ports |= bit;
1029 pm_runtime_get_noresume(&bus->root_hub->dev);
1030 }
1031}
1032EXPORT_SYMBOL_GPL(usb_hcd_start_port_resume);
1033
1034/*
1035 * usb_hcd_end_port_resume - a root-hub port has stopped sending a resume signal
1036 * @bus: the bus which the root hub belongs to
1037 * @portnum: the port which is being resumed
1038 *
1039 * HCDs should call this function when they know that a resume signal has
1040 * stopped being sent to a root-hub port. The root hub will be allowed to
1041 * autosuspend again.
1042 *
1043 * The bus's private lock must be held by the caller.
1044 */
1045void usb_hcd_end_port_resume(struct usb_bus *bus, int portnum)
1046{
1047 unsigned bit = 1 << portnum;
1048
1049 if (bus->resuming_ports & bit) {
1050 bus->resuming_ports &= ~bit;
1051 pm_runtime_put_noidle(&bus->root_hub->dev);
1052 }
1053}
1054EXPORT_SYMBOL_GPL(usb_hcd_end_port_resume);
1055
1056/*-------------------------------------------------------------------------*/
1057
1058/**
1059 * usb_calc_bus_time - approximate periodic transaction time in nanoseconds
1060 * @speed: from dev->speed; USB_SPEED_{LOW,FULL,HIGH}
1061 * @is_input: true iff the transaction sends data to the host
1062 * @isoc: true for isochronous transactions, false for interrupt ones
1063 * @bytecount: how many bytes in the transaction.
1064 *
1065 * Return: Approximate bus time in nanoseconds for a periodic transaction.
1066 *
1067 * Note:
1068 * See USB 2.0 spec section 5.11.3; only periodic transfers need to be
1069 * scheduled in software, this function is only used for such scheduling.
1070 */
1071long usb_calc_bus_time (int speed, int is_input, int isoc, int bytecount)
1072{
1073 unsigned long tmp;
1074
1075 switch (speed) {
1076 case USB_SPEED_LOW: /* INTR only */
1077 if (is_input) {
1078 tmp = (67667L * (31L + 10L * BitTime (bytecount))) / 1000L;
1079 return 64060L + (2 * BW_HUB_LS_SETUP) + BW_HOST_DELAY + tmp;
1080 } else {
1081 tmp = (66700L * (31L + 10L * BitTime (bytecount))) / 1000L;
1082 return 64107L + (2 * BW_HUB_LS_SETUP) + BW_HOST_DELAY + tmp;
1083 }
1084 case USB_SPEED_FULL: /* ISOC or INTR */
1085 if (isoc) {
1086 tmp = (8354L * (31L + 10L * BitTime (bytecount))) / 1000L;
1087 return ((is_input) ? 7268L : 6265L) + BW_HOST_DELAY + tmp;
1088 } else {
1089 tmp = (8354L * (31L + 10L * BitTime (bytecount))) / 1000L;
1090 return 9107L + BW_HOST_DELAY + tmp;
1091 }
1092 case USB_SPEED_HIGH: /* ISOC or INTR */
1093 /* FIXME adjust for input vs output */
1094 if (isoc)
1095 tmp = HS_NSECS_ISO (bytecount);
1096 else
1097 tmp = HS_NSECS (bytecount);
1098 return tmp;
1099 default:
1100 pr_debug ("%s: bogus device speed!\n", usbcore_name);
1101 return -1;
1102 }
1103}
1104EXPORT_SYMBOL_GPL(usb_calc_bus_time);
1105
1106
1107/*-------------------------------------------------------------------------*/
1108
1109/*
1110 * Generic HC operations.
1111 */
1112
1113/*-------------------------------------------------------------------------*/
1114
1115/**
1116 * usb_hcd_link_urb_to_ep - add an URB to its endpoint queue
1117 * @hcd: host controller to which @urb was submitted
1118 * @urb: URB being submitted
1119 *
1120 * Host controller drivers should call this routine in their enqueue()
1121 * method. The HCD's private spinlock must be held and interrupts must
1122 * be disabled. The actions carried out here are required for URB
1123 * submission, as well as for endpoint shutdown and for usb_kill_urb.
1124 *
1125 * Return: 0 for no error, otherwise a negative error code (in which case
1126 * the enqueue() method must fail). If no error occurs but enqueue() fails
1127 * anyway, it must call usb_hcd_unlink_urb_from_ep() before releasing
1128 * the private spinlock and returning.
1129 */
1130int usb_hcd_link_urb_to_ep(struct usb_hcd *hcd, struct urb *urb)
1131{
1132 int rc = 0;
1133
1134 spin_lock(&hcd_urb_list_lock);
1135
1136 /* Check that the URB isn't being killed */
1137 if (unlikely(atomic_read(&urb->reject))) {
1138 rc = -EPERM;
1139 goto done;
1140 }
1141
1142 if (unlikely(!urb->ep->enabled)) {
1143 rc = -ENOENT;
1144 goto done;
1145 }
1146
1147 if (unlikely(!urb->dev->can_submit)) {
1148 rc = -EHOSTUNREACH;
1149 goto done;
1150 }
1151
1152 /*
1153 * Check the host controller's state and add the URB to the
1154 * endpoint's queue.
1155 */
1156 if (HCD_RH_RUNNING(hcd)) {
1157 urb->unlinked = 0;
1158 list_add_tail(&urb->urb_list, &urb->ep->urb_list);
1159 } else {
1160 rc = -ESHUTDOWN;
1161 goto done;
1162 }
1163 done:
1164 spin_unlock(&hcd_urb_list_lock);
1165 return rc;
1166}
1167EXPORT_SYMBOL_GPL(usb_hcd_link_urb_to_ep);
1168
1169/**
1170 * usb_hcd_check_unlink_urb - check whether an URB may be unlinked
1171 * @hcd: host controller to which @urb was submitted
1172 * @urb: URB being checked for unlinkability
1173 * @status: error code to store in @urb if the unlink succeeds
1174 *
1175 * Host controller drivers should call this routine in their dequeue()
1176 * method. The HCD's private spinlock must be held and interrupts must
1177 * be disabled. The actions carried out here are required for making
1178 * sure than an unlink is valid.
1179 *
1180 * Return: 0 for no error, otherwise a negative error code (in which case
1181 * the dequeue() method must fail). The possible error codes are:
1182 *
1183 * -EIDRM: @urb was not submitted or has already completed.
1184 * The completion function may not have been called yet.
1185 *
1186 * -EBUSY: @urb has already been unlinked.
1187 */
1188int usb_hcd_check_unlink_urb(struct usb_hcd *hcd, struct urb *urb,
1189 int status)
1190{
1191 struct list_head *tmp;
1192
1193 /* insist the urb is still queued */
1194 list_for_each(tmp, &urb->ep->urb_list) {
1195 if (tmp == &urb->urb_list)
1196 break;
1197 }
1198 if (tmp != &urb->urb_list)
1199 return -EIDRM;
1200
1201 /* Any status except -EINPROGRESS means something already started to
1202 * unlink this URB from the hardware. So there's no more work to do.
1203 */
1204 if (urb->unlinked)
1205 return -EBUSY;
1206 urb->unlinked = status;
1207 return 0;
1208}
1209EXPORT_SYMBOL_GPL(usb_hcd_check_unlink_urb);
1210
1211/**
1212 * usb_hcd_unlink_urb_from_ep - remove an URB from its endpoint queue
1213 * @hcd: host controller to which @urb was submitted
1214 * @urb: URB being unlinked
1215 *
1216 * Host controller drivers should call this routine before calling
1217 * usb_hcd_giveback_urb(). The HCD's private spinlock must be held and
1218 * interrupts must be disabled. The actions carried out here are required
1219 * for URB completion.
1220 */
1221void usb_hcd_unlink_urb_from_ep(struct usb_hcd *hcd, struct urb *urb)
1222{
1223 /* clear all state linking urb to this dev (and hcd) */
1224 spin_lock(&hcd_urb_list_lock);
1225 list_del_init(&urb->urb_list);
1226 spin_unlock(&hcd_urb_list_lock);
1227}
1228EXPORT_SYMBOL_GPL(usb_hcd_unlink_urb_from_ep);
1229
1230/*
1231 * Some usb host controllers can only perform dma using a small SRAM area,
1232 * or have restrictions on addressable DRAM.
1233 * The usb core itself is however optimized for host controllers that can dma
1234 * using regular system memory - like pci devices doing bus mastering.
1235 *
1236 * To support host controllers with limited dma capabilities we provide dma
1237 * bounce buffers. This feature can be enabled by initializing
1238 * hcd->localmem_pool using usb_hcd_setup_local_mem().
1239 *
1240 * The initialized hcd->localmem_pool then tells the usb code to allocate all
1241 * data for dma using the genalloc API.
1242 *
1243 * So, to summarize...
1244 *
1245 * - We need "local" memory, canonical example being
1246 * a small SRAM on a discrete controller being the
1247 * only memory that the controller can read ...
1248 * (a) "normal" kernel memory is no good, and
1249 * (b) there's not enough to share
1250 *
1251 * - So we use that, even though the primary requirement
1252 * is that the memory be "local" (hence addressable
1253 * by that device), not "coherent".
1254 *
1255 */
1256
1257static int hcd_alloc_coherent(struct usb_bus *bus,
1258 gfp_t mem_flags, dma_addr_t *dma_handle,
1259 void **vaddr_handle, size_t size,
1260 enum dma_data_direction dir)
1261{
1262 unsigned char *vaddr;
1263
1264 if (*vaddr_handle == NULL) {
1265 WARN_ON_ONCE(1);
1266 return -EFAULT;
1267 }
1268
1269 vaddr = hcd_buffer_alloc(bus, size + sizeof(unsigned long),
1270 mem_flags, dma_handle);
1271 if (!vaddr)
1272 return -ENOMEM;
1273
1274 /*
1275 * Store the virtual address of the buffer at the end
1276 * of the allocated dma buffer. The size of the buffer
1277 * may be uneven so use unaligned functions instead
1278 * of just rounding up. It makes sense to optimize for
1279 * memory footprint over access speed since the amount
1280 * of memory available for dma may be limited.
1281 */
1282 put_unaligned((unsigned long)*vaddr_handle,
1283 (unsigned long *)(vaddr + size));
1284
1285 if (dir == DMA_TO_DEVICE)
1286 memcpy(vaddr, *vaddr_handle, size);
1287
1288 *vaddr_handle = vaddr;
1289 return 0;
1290}
1291
1292static void hcd_free_coherent(struct usb_bus *bus, dma_addr_t *dma_handle,
1293 void **vaddr_handle, size_t size,
1294 enum dma_data_direction dir)
1295{
1296 unsigned char *vaddr = *vaddr_handle;
1297
1298 vaddr = (void *)get_unaligned((unsigned long *)(vaddr + size));
1299
1300 if (dir == DMA_FROM_DEVICE)
1301 memcpy(vaddr, *vaddr_handle, size);
1302
1303 hcd_buffer_free(bus, size + sizeof(vaddr), *vaddr_handle, *dma_handle);
1304
1305 *vaddr_handle = vaddr;
1306 *dma_handle = 0;
1307}
1308
1309void usb_hcd_unmap_urb_setup_for_dma(struct usb_hcd *hcd, struct urb *urb)
1310{
1311 if (IS_ENABLED(CONFIG_HAS_DMA) &&
1312 (urb->transfer_flags & URB_SETUP_MAP_SINGLE))
1313 dma_unmap_single(hcd->self.sysdev,
1314 urb->setup_dma,
1315 sizeof(struct usb_ctrlrequest),
1316 DMA_TO_DEVICE);
1317 else if (urb->transfer_flags & URB_SETUP_MAP_LOCAL)
1318 hcd_free_coherent(urb->dev->bus,
1319 &urb->setup_dma,
1320 (void **) &urb->setup_packet,
1321 sizeof(struct usb_ctrlrequest),
1322 DMA_TO_DEVICE);
1323
1324 /* Make it safe to call this routine more than once */
1325 urb->transfer_flags &= ~(URB_SETUP_MAP_SINGLE | URB_SETUP_MAP_LOCAL);
1326}
1327EXPORT_SYMBOL_GPL(usb_hcd_unmap_urb_setup_for_dma);
1328
1329static void unmap_urb_for_dma(struct usb_hcd *hcd, struct urb *urb)
1330{
1331 if (hcd->driver->unmap_urb_for_dma)
1332 hcd->driver->unmap_urb_for_dma(hcd, urb);
1333 else
1334 usb_hcd_unmap_urb_for_dma(hcd, urb);
1335}
1336
1337void usb_hcd_unmap_urb_for_dma(struct usb_hcd *hcd, struct urb *urb)
1338{
1339 enum dma_data_direction dir;
1340
1341 usb_hcd_unmap_urb_setup_for_dma(hcd, urb);
1342
1343 dir = usb_urb_dir_in(urb) ? DMA_FROM_DEVICE : DMA_TO_DEVICE;
1344 if (IS_ENABLED(CONFIG_HAS_DMA) &&
1345 (urb->transfer_flags & URB_DMA_MAP_SG))
1346 dma_unmap_sg(hcd->self.sysdev,
1347 urb->sg,
1348 urb->num_sgs,
1349 dir);
1350 else if (IS_ENABLED(CONFIG_HAS_DMA) &&
1351 (urb->transfer_flags & URB_DMA_MAP_PAGE))
1352 dma_unmap_page(hcd->self.sysdev,
1353 urb->transfer_dma,
1354 urb->transfer_buffer_length,
1355 dir);
1356 else if (IS_ENABLED(CONFIG_HAS_DMA) &&
1357 (urb->transfer_flags & URB_DMA_MAP_SINGLE))
1358 dma_unmap_single(hcd->self.sysdev,
1359 urb->transfer_dma,
1360 urb->transfer_buffer_length,
1361 dir);
1362 else if (urb->transfer_flags & URB_MAP_LOCAL)
1363 hcd_free_coherent(urb->dev->bus,
1364 &urb->transfer_dma,
1365 &urb->transfer_buffer,
1366 urb->transfer_buffer_length,
1367 dir);
1368
1369 /* Make it safe to call this routine more than once */
1370 urb->transfer_flags &= ~(URB_DMA_MAP_SG | URB_DMA_MAP_PAGE |
1371 URB_DMA_MAP_SINGLE | URB_MAP_LOCAL);
1372}
1373EXPORT_SYMBOL_GPL(usb_hcd_unmap_urb_for_dma);
1374
1375static int map_urb_for_dma(struct usb_hcd *hcd, struct urb *urb,
1376 gfp_t mem_flags)
1377{
1378 if (hcd->driver->map_urb_for_dma)
1379 return hcd->driver->map_urb_for_dma(hcd, urb, mem_flags);
1380 else
1381 return usb_hcd_map_urb_for_dma(hcd, urb, mem_flags);
1382}
1383
1384int usb_hcd_map_urb_for_dma(struct usb_hcd *hcd, struct urb *urb,
1385 gfp_t mem_flags)
1386{
1387 enum dma_data_direction dir;
1388 int ret = 0;
1389
1390 /* Map the URB's buffers for DMA access.
1391 * Lower level HCD code should use *_dma exclusively,
1392 * unless it uses pio or talks to another transport,
1393 * or uses the provided scatter gather list for bulk.
1394 */
1395
1396 if (usb_endpoint_xfer_control(&urb->ep->desc)) {
1397 if (hcd->self.uses_pio_for_control)
1398 return ret;
1399 if (hcd->localmem_pool) {
1400 ret = hcd_alloc_coherent(
1401 urb->dev->bus, mem_flags,
1402 &urb->setup_dma,
1403 (void **)&urb->setup_packet,
1404 sizeof(struct usb_ctrlrequest),
1405 DMA_TO_DEVICE);
1406 if (ret)
1407 return ret;
1408 urb->transfer_flags |= URB_SETUP_MAP_LOCAL;
1409 } else if (hcd_uses_dma(hcd)) {
1410 if (object_is_on_stack(urb->setup_packet)) {
1411 WARN_ONCE(1, "setup packet is on stack\n");
1412 return -EAGAIN;
1413 }
1414
1415 urb->setup_dma = dma_map_single(
1416 hcd->self.sysdev,
1417 urb->setup_packet,
1418 sizeof(struct usb_ctrlrequest),
1419 DMA_TO_DEVICE);
1420 if (dma_mapping_error(hcd->self.sysdev,
1421 urb->setup_dma))
1422 return -EAGAIN;
1423 urb->transfer_flags |= URB_SETUP_MAP_SINGLE;
1424 }
1425 }
1426
1427 dir = usb_urb_dir_in(urb) ? DMA_FROM_DEVICE : DMA_TO_DEVICE;
1428 if (urb->transfer_buffer_length != 0
1429 && !(urb->transfer_flags & URB_NO_TRANSFER_DMA_MAP)) {
1430 if (hcd->localmem_pool) {
1431 ret = hcd_alloc_coherent(
1432 urb->dev->bus, mem_flags,
1433 &urb->transfer_dma,
1434 &urb->transfer_buffer,
1435 urb->transfer_buffer_length,
1436 dir);
1437 if (ret == 0)
1438 urb->transfer_flags |= URB_MAP_LOCAL;
1439 } else if (hcd_uses_dma(hcd)) {
1440 if (urb->num_sgs) {
1441 int n;
1442
1443 /* We don't support sg for isoc transfers ! */
1444 if (usb_endpoint_xfer_isoc(&urb->ep->desc)) {
1445 WARN_ON(1);
1446 return -EINVAL;
1447 }
1448
1449 n = dma_map_sg(
1450 hcd->self.sysdev,
1451 urb->sg,
1452 urb->num_sgs,
1453 dir);
1454 if (!n)
1455 ret = -EAGAIN;
1456 else
1457 urb->transfer_flags |= URB_DMA_MAP_SG;
1458 urb->num_mapped_sgs = n;
1459 if (n != urb->num_sgs)
1460 urb->transfer_flags |=
1461 URB_DMA_SG_COMBINED;
1462 } else if (urb->sg) {
1463 struct scatterlist *sg = urb->sg;
1464 urb->transfer_dma = dma_map_page(
1465 hcd->self.sysdev,
1466 sg_page(sg),
1467 sg->offset,
1468 urb->transfer_buffer_length,
1469 dir);
1470 if (dma_mapping_error(hcd->self.sysdev,
1471 urb->transfer_dma))
1472 ret = -EAGAIN;
1473 else
1474 urb->transfer_flags |= URB_DMA_MAP_PAGE;
1475 } else if (object_is_on_stack(urb->transfer_buffer)) {
1476 WARN_ONCE(1, "transfer buffer is on stack\n");
1477 ret = -EAGAIN;
1478 } else {
1479 urb->transfer_dma = dma_map_single(
1480 hcd->self.sysdev,
1481 urb->transfer_buffer,
1482 urb->transfer_buffer_length,
1483 dir);
1484 if (dma_mapping_error(hcd->self.sysdev,
1485 urb->transfer_dma))
1486 ret = -EAGAIN;
1487 else
1488 urb->transfer_flags |= URB_DMA_MAP_SINGLE;
1489 }
1490 }
1491 if (ret && (urb->transfer_flags & (URB_SETUP_MAP_SINGLE |
1492 URB_SETUP_MAP_LOCAL)))
1493 usb_hcd_unmap_urb_for_dma(hcd, urb);
1494 }
1495 return ret;
1496}
1497EXPORT_SYMBOL_GPL(usb_hcd_map_urb_for_dma);
1498
1499/*-------------------------------------------------------------------------*/
1500
1501/* may be called in any context with a valid urb->dev usecount
1502 * caller surrenders "ownership" of urb
1503 * expects usb_submit_urb() to have sanity checked and conditioned all
1504 * inputs in the urb
1505 */
1506int usb_hcd_submit_urb (struct urb *urb, gfp_t mem_flags)
1507{
1508 int status;
1509 struct usb_hcd *hcd = bus_to_hcd(urb->dev->bus);
1510
1511 /* increment urb's reference count as part of giving it to the HCD
1512 * (which will control it). HCD guarantees that it either returns
1513 * an error or calls giveback(), but not both.
1514 */
1515 usb_get_urb(urb);
1516 atomic_inc(&urb->use_count);
1517 atomic_inc(&urb->dev->urbnum);
1518 usbmon_urb_submit(&hcd->self, urb);
1519
1520 /* NOTE requirements on root-hub callers (usbfs and the hub
1521 * driver, for now): URBs' urb->transfer_buffer must be
1522 * valid and usb_buffer_{sync,unmap}() not be needed, since
1523 * they could clobber root hub response data. Also, control
1524 * URBs must be submitted in process context with interrupts
1525 * enabled.
1526 */
1527
1528 if (is_root_hub(urb->dev)) {
1529 status = rh_urb_enqueue(hcd, urb);
1530 } else {
1531 status = map_urb_for_dma(hcd, urb, mem_flags);
1532 if (likely(status == 0)) {
1533 status = hcd->driver->urb_enqueue(hcd, urb, mem_flags);
1534 if (unlikely(status))
1535 unmap_urb_for_dma(hcd, urb);
1536 }
1537 }
1538
1539 if (unlikely(status)) {
1540 usbmon_urb_submit_error(&hcd->self, urb, status);
1541 urb->hcpriv = NULL;
1542 INIT_LIST_HEAD(&urb->urb_list);
1543 atomic_dec(&urb->use_count);
1544 /*
1545 * Order the write of urb->use_count above before the read
1546 * of urb->reject below. Pairs with the memory barriers in
1547 * usb_kill_urb() and usb_poison_urb().
1548 */
1549 smp_mb__after_atomic();
1550
1551 atomic_dec(&urb->dev->urbnum);
1552 if (atomic_read(&urb->reject))
1553 wake_up(&usb_kill_urb_queue);
1554 usb_put_urb(urb);
1555 }
1556 return status;
1557}
1558
1559/*-------------------------------------------------------------------------*/
1560
1561/* this makes the hcd giveback() the urb more quickly, by kicking it
1562 * off hardware queues (which may take a while) and returning it as
1563 * soon as practical. we've already set up the urb's return status,
1564 * but we can't know if the callback completed already.
1565 */
1566static int unlink1(struct usb_hcd *hcd, struct urb *urb, int status)
1567{
1568 int value;
1569
1570 if (is_root_hub(urb->dev))
1571 value = usb_rh_urb_dequeue(hcd, urb, status);
1572 else {
1573
1574 /* The only reason an HCD might fail this call is if
1575 * it has not yet fully queued the urb to begin with.
1576 * Such failures should be harmless. */
1577 value = hcd->driver->urb_dequeue(hcd, urb, status);
1578 }
1579 return value;
1580}
1581
1582/*
1583 * called in any context
1584 *
1585 * caller guarantees urb won't be recycled till both unlink()
1586 * and the urb's completion function return
1587 */
1588int usb_hcd_unlink_urb (struct urb *urb, int status)
1589{
1590 struct usb_hcd *hcd;
1591 struct usb_device *udev = urb->dev;
1592 int retval = -EIDRM;
1593 unsigned long flags;
1594
1595 /* Prevent the device and bus from going away while
1596 * the unlink is carried out. If they are already gone
1597 * then urb->use_count must be 0, since disconnected
1598 * devices can't have any active URBs.
1599 */
1600 spin_lock_irqsave(&hcd_urb_unlink_lock, flags);
1601 if (atomic_read(&urb->use_count) > 0) {
1602 retval = 0;
1603 usb_get_dev(udev);
1604 }
1605 spin_unlock_irqrestore(&hcd_urb_unlink_lock, flags);
1606 if (retval == 0) {
1607 hcd = bus_to_hcd(urb->dev->bus);
1608 retval = unlink1(hcd, urb, status);
1609 if (retval == 0)
1610 retval = -EINPROGRESS;
1611 else if (retval != -EIDRM && retval != -EBUSY)
1612 dev_dbg(&udev->dev, "hcd_unlink_urb %pK fail %d\n",
1613 urb, retval);
1614 usb_put_dev(udev);
1615 }
1616 return retval;
1617}
1618
1619/*-------------------------------------------------------------------------*/
1620
1621static void __usb_hcd_giveback_urb(struct urb *urb)
1622{
1623 struct usb_hcd *hcd = bus_to_hcd(urb->dev->bus);
1624 struct usb_anchor *anchor = urb->anchor;
1625 int status = urb->unlinked;
1626 unsigned long flags;
1627
1628 urb->hcpriv = NULL;
1629 if (unlikely((urb->transfer_flags & URB_SHORT_NOT_OK) &&
1630 urb->actual_length < urb->transfer_buffer_length &&
1631 !status))
1632 status = -EREMOTEIO;
1633
1634 unmap_urb_for_dma(hcd, urb);
1635 usbmon_urb_complete(&hcd->self, urb, status);
1636 usb_anchor_suspend_wakeups(anchor);
1637 usb_unanchor_urb(urb);
1638 if (likely(status == 0))
1639 usb_led_activity(USB_LED_EVENT_HOST);
1640
1641 /* pass ownership to the completion handler */
1642 urb->status = status;
1643 /*
1644 * Only collect coverage in the softirq context and disable interrupts
1645 * to avoid scenarios with nested remote coverage collection sections
1646 * that KCOV does not support.
1647 * See the comment next to kcov_remote_start_usb_softirq() for details.
1648 */
1649 flags = kcov_remote_start_usb_softirq((u64)urb->dev->bus->busnum);
1650 urb->complete(urb);
1651 kcov_remote_stop_softirq(flags);
1652
1653 usb_anchor_resume_wakeups(anchor);
1654 atomic_dec(&urb->use_count);
1655 /*
1656 * Order the write of urb->use_count above before the read
1657 * of urb->reject below. Pairs with the memory barriers in
1658 * usb_kill_urb() and usb_poison_urb().
1659 */
1660 smp_mb__after_atomic();
1661
1662 if (unlikely(atomic_read(&urb->reject)))
1663 wake_up(&usb_kill_urb_queue);
1664 usb_put_urb(urb);
1665}
1666
1667static void usb_giveback_urb_bh(struct work_struct *work)
1668{
1669 struct giveback_urb_bh *bh =
1670 container_of(work, struct giveback_urb_bh, bh);
1671 struct list_head local_list;
1672
1673 spin_lock_irq(&bh->lock);
1674 bh->running = true;
1675 list_replace_init(&bh->head, &local_list);
1676 spin_unlock_irq(&bh->lock);
1677
1678 while (!list_empty(&local_list)) {
1679 struct urb *urb;
1680
1681 urb = list_entry(local_list.next, struct urb, urb_list);
1682 list_del_init(&urb->urb_list);
1683 bh->completing_ep = urb->ep;
1684 __usb_hcd_giveback_urb(urb);
1685 bh->completing_ep = NULL;
1686 }
1687
1688 /*
1689 * giveback new URBs next time to prevent this function
1690 * from not exiting for a long time.
1691 */
1692 spin_lock_irq(&bh->lock);
1693 if (!list_empty(&bh->head)) {
1694 if (bh->high_prio)
1695 queue_work(system_bh_highpri_wq, &bh->bh);
1696 else
1697 queue_work(system_bh_wq, &bh->bh);
1698 }
1699 bh->running = false;
1700 spin_unlock_irq(&bh->lock);
1701}
1702
1703/**
1704 * usb_hcd_giveback_urb - return URB from HCD to device driver
1705 * @hcd: host controller returning the URB
1706 * @urb: urb being returned to the USB device driver.
1707 * @status: completion status code for the URB.
1708 *
1709 * Context: atomic. The completion callback is invoked in caller's context.
1710 * For HCDs with HCD_BH flag set, the completion callback is invoked in BH
1711 * context (except for URBs submitted to the root hub which always complete in
1712 * caller's context).
1713 *
1714 * This hands the URB from HCD to its USB device driver, using its
1715 * completion function. The HCD has freed all per-urb resources
1716 * (and is done using urb->hcpriv). It also released all HCD locks;
1717 * the device driver won't cause problems if it frees, modifies,
1718 * or resubmits this URB.
1719 *
1720 * If @urb was unlinked, the value of @status will be overridden by
1721 * @urb->unlinked. Erroneous short transfers are detected in case
1722 * the HCD hasn't checked for them.
1723 */
1724void usb_hcd_giveback_urb(struct usb_hcd *hcd, struct urb *urb, int status)
1725{
1726 struct giveback_urb_bh *bh;
1727 bool running;
1728
1729 /* pass status to BH via unlinked */
1730 if (likely(!urb->unlinked))
1731 urb->unlinked = status;
1732
1733 if (!hcd_giveback_urb_in_bh(hcd) && !is_root_hub(urb->dev)) {
1734 __usb_hcd_giveback_urb(urb);
1735 return;
1736 }
1737
1738 if (usb_pipeisoc(urb->pipe) || usb_pipeint(urb->pipe))
1739 bh = &hcd->high_prio_bh;
1740 else
1741 bh = &hcd->low_prio_bh;
1742
1743 spin_lock(&bh->lock);
1744 list_add_tail(&urb->urb_list, &bh->head);
1745 running = bh->running;
1746 spin_unlock(&bh->lock);
1747
1748 if (running)
1749 ;
1750 else if (bh->high_prio)
1751 queue_work(system_bh_highpri_wq, &bh->bh);
1752 else
1753 queue_work(system_bh_wq, &bh->bh);
1754}
1755EXPORT_SYMBOL_GPL(usb_hcd_giveback_urb);
1756
1757/*-------------------------------------------------------------------------*/
1758
1759/* Cancel all URBs pending on this endpoint and wait for the endpoint's
1760 * queue to drain completely. The caller must first insure that no more
1761 * URBs can be submitted for this endpoint.
1762 */
1763void usb_hcd_flush_endpoint(struct usb_device *udev,
1764 struct usb_host_endpoint *ep)
1765{
1766 struct usb_hcd *hcd;
1767 struct urb *urb;
1768
1769 if (!ep)
1770 return;
1771 might_sleep();
1772 hcd = bus_to_hcd(udev->bus);
1773
1774 /* No more submits can occur */
1775 spin_lock_irq(&hcd_urb_list_lock);
1776rescan:
1777 list_for_each_entry_reverse(urb, &ep->urb_list, urb_list) {
1778 int is_in;
1779
1780 if (urb->unlinked)
1781 continue;
1782 usb_get_urb (urb);
1783 is_in = usb_urb_dir_in(urb);
1784 spin_unlock(&hcd_urb_list_lock);
1785
1786 /* kick hcd */
1787 unlink1(hcd, urb, -ESHUTDOWN);
1788 dev_dbg (hcd->self.controller,
1789 "shutdown urb %pK ep%d%s-%s\n",
1790 urb, usb_endpoint_num(&ep->desc),
1791 is_in ? "in" : "out",
1792 usb_ep_type_string(usb_endpoint_type(&ep->desc)));
1793 usb_put_urb (urb);
1794
1795 /* list contents may have changed */
1796 spin_lock(&hcd_urb_list_lock);
1797 goto rescan;
1798 }
1799 spin_unlock_irq(&hcd_urb_list_lock);
1800
1801 /* Wait until the endpoint queue is completely empty */
1802 while (!list_empty (&ep->urb_list)) {
1803 spin_lock_irq(&hcd_urb_list_lock);
1804
1805 /* The list may have changed while we acquired the spinlock */
1806 urb = NULL;
1807 if (!list_empty (&ep->urb_list)) {
1808 urb = list_entry (ep->urb_list.prev, struct urb,
1809 urb_list);
1810 usb_get_urb (urb);
1811 }
1812 spin_unlock_irq(&hcd_urb_list_lock);
1813
1814 if (urb) {
1815 usb_kill_urb (urb);
1816 usb_put_urb (urb);
1817 }
1818 }
1819}
1820
1821/**
1822 * usb_hcd_alloc_bandwidth - check whether a new bandwidth setting exceeds
1823 * the bus bandwidth
1824 * @udev: target &usb_device
1825 * @new_config: new configuration to install
1826 * @cur_alt: the current alternate interface setting
1827 * @new_alt: alternate interface setting that is being installed
1828 *
1829 * To change configurations, pass in the new configuration in new_config,
1830 * and pass NULL for cur_alt and new_alt.
1831 *
1832 * To reset a device's configuration (put the device in the ADDRESSED state),
1833 * pass in NULL for new_config, cur_alt, and new_alt.
1834 *
1835 * To change alternate interface settings, pass in NULL for new_config,
1836 * pass in the current alternate interface setting in cur_alt,
1837 * and pass in the new alternate interface setting in new_alt.
1838 *
1839 * Return: An error if the requested bandwidth change exceeds the
1840 * bus bandwidth or host controller internal resources.
1841 */
1842int usb_hcd_alloc_bandwidth(struct usb_device *udev,
1843 struct usb_host_config *new_config,
1844 struct usb_host_interface *cur_alt,
1845 struct usb_host_interface *new_alt)
1846{
1847 int num_intfs, i, j;
1848 struct usb_host_interface *alt = NULL;
1849 int ret = 0;
1850 struct usb_hcd *hcd;
1851 struct usb_host_endpoint *ep;
1852
1853 hcd = bus_to_hcd(udev->bus);
1854 if (!hcd->driver->check_bandwidth)
1855 return 0;
1856
1857 /* Configuration is being removed - set configuration 0 */
1858 if (!new_config && !cur_alt) {
1859 for (i = 1; i < 16; ++i) {
1860 ep = udev->ep_out[i];
1861 if (ep)
1862 hcd->driver->drop_endpoint(hcd, udev, ep);
1863 ep = udev->ep_in[i];
1864 if (ep)
1865 hcd->driver->drop_endpoint(hcd, udev, ep);
1866 }
1867 hcd->driver->check_bandwidth(hcd, udev);
1868 return 0;
1869 }
1870 /* Check if the HCD says there's enough bandwidth. Enable all endpoints
1871 * each interface's alt setting 0 and ask the HCD to check the bandwidth
1872 * of the bus. There will always be bandwidth for endpoint 0, so it's
1873 * ok to exclude it.
1874 */
1875 if (new_config) {
1876 num_intfs = new_config->desc.bNumInterfaces;
1877 /* Remove endpoints (except endpoint 0, which is always on the
1878 * schedule) from the old config from the schedule
1879 */
1880 for (i = 1; i < 16; ++i) {
1881 ep = udev->ep_out[i];
1882 if (ep) {
1883 ret = hcd->driver->drop_endpoint(hcd, udev, ep);
1884 if (ret < 0)
1885 goto reset;
1886 }
1887 ep = udev->ep_in[i];
1888 if (ep) {
1889 ret = hcd->driver->drop_endpoint(hcd, udev, ep);
1890 if (ret < 0)
1891 goto reset;
1892 }
1893 }
1894 for (i = 0; i < num_intfs; ++i) {
1895 struct usb_host_interface *first_alt;
1896 int iface_num;
1897
1898 first_alt = &new_config->intf_cache[i]->altsetting[0];
1899 iface_num = first_alt->desc.bInterfaceNumber;
1900 /* Set up endpoints for alternate interface setting 0 */
1901 alt = usb_find_alt_setting(new_config, iface_num, 0);
1902 if (!alt)
1903 /* No alt setting 0? Pick the first setting. */
1904 alt = first_alt;
1905
1906 for (j = 0; j < alt->desc.bNumEndpoints; j++) {
1907 ret = hcd->driver->add_endpoint(hcd, udev, &alt->endpoint[j]);
1908 if (ret < 0)
1909 goto reset;
1910 }
1911 }
1912 }
1913 if (cur_alt && new_alt) {
1914 struct usb_interface *iface = usb_ifnum_to_if(udev,
1915 cur_alt->desc.bInterfaceNumber);
1916
1917 if (!iface)
1918 return -EINVAL;
1919 if (iface->resetting_device) {
1920 /*
1921 * The USB core just reset the device, so the xHCI host
1922 * and the device will think alt setting 0 is installed.
1923 * However, the USB core will pass in the alternate
1924 * setting installed before the reset as cur_alt. Dig
1925 * out the alternate setting 0 structure, or the first
1926 * alternate setting if a broken device doesn't have alt
1927 * setting 0.
1928 */
1929 cur_alt = usb_altnum_to_altsetting(iface, 0);
1930 if (!cur_alt)
1931 cur_alt = &iface->altsetting[0];
1932 }
1933
1934 /* Drop all the endpoints in the current alt setting */
1935 for (i = 0; i < cur_alt->desc.bNumEndpoints; i++) {
1936 ret = hcd->driver->drop_endpoint(hcd, udev,
1937 &cur_alt->endpoint[i]);
1938 if (ret < 0)
1939 goto reset;
1940 }
1941 /* Add all the endpoints in the new alt setting */
1942 for (i = 0; i < new_alt->desc.bNumEndpoints; i++) {
1943 ret = hcd->driver->add_endpoint(hcd, udev,
1944 &new_alt->endpoint[i]);
1945 if (ret < 0)
1946 goto reset;
1947 }
1948 }
1949 ret = hcd->driver->check_bandwidth(hcd, udev);
1950reset:
1951 if (ret < 0)
1952 hcd->driver->reset_bandwidth(hcd, udev);
1953 return ret;
1954}
1955
1956/* Disables the endpoint: synchronizes with the hcd to make sure all
1957 * endpoint state is gone from hardware. usb_hcd_flush_endpoint() must
1958 * have been called previously. Use for set_configuration, set_interface,
1959 * driver removal, physical disconnect.
1960 *
1961 * example: a qh stored in ep->hcpriv, holding state related to endpoint
1962 * type, maxpacket size, toggle, halt status, and scheduling.
1963 */
1964void usb_hcd_disable_endpoint(struct usb_device *udev,
1965 struct usb_host_endpoint *ep)
1966{
1967 struct usb_hcd *hcd;
1968
1969 might_sleep();
1970 hcd = bus_to_hcd(udev->bus);
1971 if (hcd->driver->endpoint_disable)
1972 hcd->driver->endpoint_disable(hcd, ep);
1973}
1974
1975/**
1976 * usb_hcd_reset_endpoint - reset host endpoint state
1977 * @udev: USB device.
1978 * @ep: the endpoint to reset.
1979 *
1980 * Resets any host endpoint state such as the toggle bit, sequence
1981 * number and current window.
1982 */
1983void usb_hcd_reset_endpoint(struct usb_device *udev,
1984 struct usb_host_endpoint *ep)
1985{
1986 struct usb_hcd *hcd = bus_to_hcd(udev->bus);
1987
1988 if (hcd->driver->endpoint_reset)
1989 hcd->driver->endpoint_reset(hcd, ep);
1990 else {
1991 int epnum = usb_endpoint_num(&ep->desc);
1992 int is_out = usb_endpoint_dir_out(&ep->desc);
1993 int is_control = usb_endpoint_xfer_control(&ep->desc);
1994
1995 usb_settoggle(udev, epnum, is_out, 0);
1996 if (is_control)
1997 usb_settoggle(udev, epnum, !is_out, 0);
1998 }
1999}
2000
2001/**
2002 * usb_alloc_streams - allocate bulk endpoint stream IDs.
2003 * @interface: alternate setting that includes all endpoints.
2004 * @eps: array of endpoints that need streams.
2005 * @num_eps: number of endpoints in the array.
2006 * @num_streams: number of streams to allocate.
2007 * @mem_flags: flags hcd should use to allocate memory.
2008 *
2009 * Sets up a group of bulk endpoints to have @num_streams stream IDs available.
2010 * Drivers may queue multiple transfers to different stream IDs, which may
2011 * complete in a different order than they were queued.
2012 *
2013 * Return: On success, the number of allocated streams. On failure, a negative
2014 * error code.
2015 */
2016int usb_alloc_streams(struct usb_interface *interface,
2017 struct usb_host_endpoint **eps, unsigned int num_eps,
2018 unsigned int num_streams, gfp_t mem_flags)
2019{
2020 struct usb_hcd *hcd;
2021 struct usb_device *dev;
2022 int i, ret;
2023
2024 dev = interface_to_usbdev(interface);
2025 hcd = bus_to_hcd(dev->bus);
2026 if (!hcd->driver->alloc_streams || !hcd->driver->free_streams)
2027 return -EINVAL;
2028 if (dev->speed < USB_SPEED_SUPER)
2029 return -EINVAL;
2030 if (dev->state < USB_STATE_CONFIGURED)
2031 return -ENODEV;
2032
2033 for (i = 0; i < num_eps; i++) {
2034 /* Streams only apply to bulk endpoints. */
2035 if (!usb_endpoint_xfer_bulk(&eps[i]->desc))
2036 return -EINVAL;
2037 /* Re-alloc is not allowed */
2038 if (eps[i]->streams)
2039 return -EINVAL;
2040 }
2041
2042 ret = hcd->driver->alloc_streams(hcd, dev, eps, num_eps,
2043 num_streams, mem_flags);
2044 if (ret < 0)
2045 return ret;
2046
2047 for (i = 0; i < num_eps; i++)
2048 eps[i]->streams = ret;
2049
2050 return ret;
2051}
2052EXPORT_SYMBOL_GPL(usb_alloc_streams);
2053
2054/**
2055 * usb_free_streams - free bulk endpoint stream IDs.
2056 * @interface: alternate setting that includes all endpoints.
2057 * @eps: array of endpoints to remove streams from.
2058 * @num_eps: number of endpoints in the array.
2059 * @mem_flags: flags hcd should use to allocate memory.
2060 *
2061 * Reverts a group of bulk endpoints back to not using stream IDs.
2062 * Can fail if we are given bad arguments, or HCD is broken.
2063 *
2064 * Return: 0 on success. On failure, a negative error code.
2065 */
2066int usb_free_streams(struct usb_interface *interface,
2067 struct usb_host_endpoint **eps, unsigned int num_eps,
2068 gfp_t mem_flags)
2069{
2070 struct usb_hcd *hcd;
2071 struct usb_device *dev;
2072 int i, ret;
2073
2074 dev = interface_to_usbdev(interface);
2075 hcd = bus_to_hcd(dev->bus);
2076 if (dev->speed < USB_SPEED_SUPER)
2077 return -EINVAL;
2078
2079 /* Double-free is not allowed */
2080 for (i = 0; i < num_eps; i++)
2081 if (!eps[i] || !eps[i]->streams)
2082 return -EINVAL;
2083
2084 ret = hcd->driver->free_streams(hcd, dev, eps, num_eps, mem_flags);
2085 if (ret < 0)
2086 return ret;
2087
2088 for (i = 0; i < num_eps; i++)
2089 eps[i]->streams = 0;
2090
2091 return ret;
2092}
2093EXPORT_SYMBOL_GPL(usb_free_streams);
2094
2095/* Protect against drivers that try to unlink URBs after the device
2096 * is gone, by waiting until all unlinks for @udev are finished.
2097 * Since we don't currently track URBs by device, simply wait until
2098 * nothing is running in the locked region of usb_hcd_unlink_urb().
2099 */
2100void usb_hcd_synchronize_unlinks(struct usb_device *udev)
2101{
2102 spin_lock_irq(&hcd_urb_unlink_lock);
2103 spin_unlock_irq(&hcd_urb_unlink_lock);
2104}
2105
2106/*-------------------------------------------------------------------------*/
2107
2108/* called in any context */
2109int usb_hcd_get_frame_number (struct usb_device *udev)
2110{
2111 struct usb_hcd *hcd = bus_to_hcd(udev->bus);
2112
2113 if (!HCD_RH_RUNNING(hcd))
2114 return -ESHUTDOWN;
2115 return hcd->driver->get_frame_number (hcd);
2116}
2117
2118/*-------------------------------------------------------------------------*/
2119#ifdef CONFIG_USB_HCD_TEST_MODE
2120
2121static void usb_ehset_completion(struct urb *urb)
2122{
2123 struct completion *done = urb->context;
2124
2125 complete(done);
2126}
2127/*
2128 * Allocate and initialize a control URB. This request will be used by the
2129 * EHSET SINGLE_STEP_SET_FEATURE test in which the DATA and STATUS stages
2130 * of the GetDescriptor request are sent 15 seconds after the SETUP stage.
2131 * Return NULL if failed.
2132 */
2133static struct urb *request_single_step_set_feature_urb(
2134 struct usb_device *udev,
2135 void *dr,
2136 void *buf,
2137 struct completion *done)
2138{
2139 struct urb *urb;
2140 struct usb_hcd *hcd = bus_to_hcd(udev->bus);
2141
2142 urb = usb_alloc_urb(0, GFP_KERNEL);
2143 if (!urb)
2144 return NULL;
2145
2146 urb->pipe = usb_rcvctrlpipe(udev, 0);
2147
2148 urb->ep = &udev->ep0;
2149 urb->dev = udev;
2150 urb->setup_packet = (void *)dr;
2151 urb->transfer_buffer = buf;
2152 urb->transfer_buffer_length = USB_DT_DEVICE_SIZE;
2153 urb->complete = usb_ehset_completion;
2154 urb->status = -EINPROGRESS;
2155 urb->actual_length = 0;
2156 urb->transfer_flags = URB_DIR_IN;
2157 usb_get_urb(urb);
2158 atomic_inc(&urb->use_count);
2159 atomic_inc(&urb->dev->urbnum);
2160 if (map_urb_for_dma(hcd, urb, GFP_KERNEL)) {
2161 usb_put_urb(urb);
2162 usb_free_urb(urb);
2163 return NULL;
2164 }
2165
2166 urb->context = done;
2167 return urb;
2168}
2169
2170int ehset_single_step_set_feature(struct usb_hcd *hcd, int port)
2171{
2172 int retval = -ENOMEM;
2173 struct usb_ctrlrequest *dr;
2174 struct urb *urb;
2175 struct usb_device *udev;
2176 struct usb_device_descriptor *buf;
2177 DECLARE_COMPLETION_ONSTACK(done);
2178
2179 /* Obtain udev of the rhub's child port */
2180 udev = usb_hub_find_child(hcd->self.root_hub, port);
2181 if (!udev) {
2182 dev_err(hcd->self.controller, "No device attached to the RootHub\n");
2183 return -ENODEV;
2184 }
2185 buf = kmalloc(USB_DT_DEVICE_SIZE, GFP_KERNEL);
2186 if (!buf)
2187 return -ENOMEM;
2188
2189 dr = kmalloc(sizeof(struct usb_ctrlrequest), GFP_KERNEL);
2190 if (!dr) {
2191 kfree(buf);
2192 return -ENOMEM;
2193 }
2194
2195 /* Fill Setup packet for GetDescriptor */
2196 dr->bRequestType = USB_DIR_IN;
2197 dr->bRequest = USB_REQ_GET_DESCRIPTOR;
2198 dr->wValue = cpu_to_le16(USB_DT_DEVICE << 8);
2199 dr->wIndex = 0;
2200 dr->wLength = cpu_to_le16(USB_DT_DEVICE_SIZE);
2201 urb = request_single_step_set_feature_urb(udev, dr, buf, &done);
2202 if (!urb)
2203 goto cleanup;
2204
2205 /* Submit just the SETUP stage */
2206 retval = hcd->driver->submit_single_step_set_feature(hcd, urb, 1);
2207 if (retval)
2208 goto out1;
2209 if (!wait_for_completion_timeout(&done, msecs_to_jiffies(2000))) {
2210 usb_kill_urb(urb);
2211 retval = -ETIMEDOUT;
2212 dev_err(hcd->self.controller,
2213 "%s SETUP stage timed out on ep0\n", __func__);
2214 goto out1;
2215 }
2216 msleep(15 * 1000);
2217
2218 /* Complete remaining DATA and STATUS stages using the same URB */
2219 urb->status = -EINPROGRESS;
2220 usb_get_urb(urb);
2221 atomic_inc(&urb->use_count);
2222 atomic_inc(&urb->dev->urbnum);
2223 retval = hcd->driver->submit_single_step_set_feature(hcd, urb, 0);
2224 if (!retval && !wait_for_completion_timeout(&done,
2225 msecs_to_jiffies(2000))) {
2226 usb_kill_urb(urb);
2227 retval = -ETIMEDOUT;
2228 dev_err(hcd->self.controller,
2229 "%s IN stage timed out on ep0\n", __func__);
2230 }
2231out1:
2232 usb_free_urb(urb);
2233cleanup:
2234 kfree(dr);
2235 kfree(buf);
2236 return retval;
2237}
2238EXPORT_SYMBOL_GPL(ehset_single_step_set_feature);
2239#endif /* CONFIG_USB_HCD_TEST_MODE */
2240
2241/*-------------------------------------------------------------------------*/
2242
2243#ifdef CONFIG_PM
2244
2245int hcd_bus_suspend(struct usb_device *rhdev, pm_message_t msg)
2246{
2247 struct usb_hcd *hcd = bus_to_hcd(rhdev->bus);
2248 int status;
2249 int old_state = hcd->state;
2250
2251 dev_dbg(&rhdev->dev, "bus %ssuspend, wakeup %d\n",
2252 (PMSG_IS_AUTO(msg) ? "auto-" : ""),
2253 rhdev->do_remote_wakeup);
2254 if (HCD_DEAD(hcd)) {
2255 dev_dbg(&rhdev->dev, "skipped %s of dead bus\n", "suspend");
2256 return 0;
2257 }
2258
2259 if (!hcd->driver->bus_suspend) {
2260 status = -ENOENT;
2261 } else {
2262 clear_bit(HCD_FLAG_RH_RUNNING, &hcd->flags);
2263 hcd->state = HC_STATE_QUIESCING;
2264 status = hcd->driver->bus_suspend(hcd);
2265 }
2266 if (status == 0) {
2267 usb_set_device_state(rhdev, USB_STATE_SUSPENDED);
2268 hcd->state = HC_STATE_SUSPENDED;
2269
2270 if (!PMSG_IS_AUTO(msg))
2271 usb_phy_roothub_suspend(hcd->self.sysdev,
2272 hcd->phy_roothub);
2273
2274 /* Did we race with a root-hub wakeup event? */
2275 if (rhdev->do_remote_wakeup) {
2276 char buffer[6];
2277
2278 status = hcd->driver->hub_status_data(hcd, buffer);
2279 if (status != 0) {
2280 dev_dbg(&rhdev->dev, "suspend raced with wakeup event\n");
2281 hcd_bus_resume(rhdev, PMSG_AUTO_RESUME);
2282 status = -EBUSY;
2283 }
2284 }
2285 } else {
2286 spin_lock_irq(&hcd_root_hub_lock);
2287 if (!HCD_DEAD(hcd)) {
2288 set_bit(HCD_FLAG_RH_RUNNING, &hcd->flags);
2289 hcd->state = old_state;
2290 }
2291 spin_unlock_irq(&hcd_root_hub_lock);
2292 dev_dbg(&rhdev->dev, "bus %s fail, err %d\n",
2293 "suspend", status);
2294 }
2295 return status;
2296}
2297
2298int hcd_bus_resume(struct usb_device *rhdev, pm_message_t msg)
2299{
2300 struct usb_hcd *hcd = bus_to_hcd(rhdev->bus);
2301 int status;
2302 int old_state = hcd->state;
2303
2304 dev_dbg(&rhdev->dev, "usb %sresume\n",
2305 (PMSG_IS_AUTO(msg) ? "auto-" : ""));
2306 if (HCD_DEAD(hcd)) {
2307 dev_dbg(&rhdev->dev, "skipped %s of dead bus\n", "resume");
2308 return 0;
2309 }
2310
2311 if (!PMSG_IS_AUTO(msg)) {
2312 status = usb_phy_roothub_resume(hcd->self.sysdev,
2313 hcd->phy_roothub);
2314 if (status)
2315 return status;
2316 }
2317
2318 if (!hcd->driver->bus_resume)
2319 return -ENOENT;
2320 if (HCD_RH_RUNNING(hcd))
2321 return 0;
2322
2323 hcd->state = HC_STATE_RESUMING;
2324 status = hcd->driver->bus_resume(hcd);
2325 clear_bit(HCD_FLAG_WAKEUP_PENDING, &hcd->flags);
2326 if (status == 0)
2327 status = usb_phy_roothub_calibrate(hcd->phy_roothub);
2328
2329 if (status == 0) {
2330 struct usb_device *udev;
2331 int port1;
2332
2333 spin_lock_irq(&hcd_root_hub_lock);
2334 if (!HCD_DEAD(hcd)) {
2335 usb_set_device_state(rhdev, rhdev->actconfig
2336 ? USB_STATE_CONFIGURED
2337 : USB_STATE_ADDRESS);
2338 set_bit(HCD_FLAG_RH_RUNNING, &hcd->flags);
2339 hcd->state = HC_STATE_RUNNING;
2340 }
2341 spin_unlock_irq(&hcd_root_hub_lock);
2342
2343 /*
2344 * Check whether any of the enabled ports on the root hub are
2345 * unsuspended. If they are then a TRSMRCY delay is needed
2346 * (this is what the USB-2 spec calls a "global resume").
2347 * Otherwise we can skip the delay.
2348 */
2349 usb_hub_for_each_child(rhdev, port1, udev) {
2350 if (udev->state != USB_STATE_NOTATTACHED &&
2351 !udev->port_is_suspended) {
2352 usleep_range(10000, 11000); /* TRSMRCY */
2353 break;
2354 }
2355 }
2356 } else {
2357 hcd->state = old_state;
2358 usb_phy_roothub_suspend(hcd->self.sysdev, hcd->phy_roothub);
2359 dev_dbg(&rhdev->dev, "bus %s fail, err %d\n",
2360 "resume", status);
2361 if (status != -ESHUTDOWN)
2362 usb_hc_died(hcd);
2363 }
2364 return status;
2365}
2366
2367/* Workqueue routine for root-hub remote wakeup */
2368static void hcd_resume_work(struct work_struct *work)
2369{
2370 struct usb_hcd *hcd = container_of(work, struct usb_hcd, wakeup_work);
2371 struct usb_device *udev = hcd->self.root_hub;
2372
2373 usb_remote_wakeup(udev);
2374}
2375
2376/**
2377 * usb_hcd_resume_root_hub - called by HCD to resume its root hub
2378 * @hcd: host controller for this root hub
2379 *
2380 * The USB host controller calls this function when its root hub is
2381 * suspended (with the remote wakeup feature enabled) and a remote
2382 * wakeup request is received. The routine submits a workqueue request
2383 * to resume the root hub (that is, manage its downstream ports again).
2384 */
2385void usb_hcd_resume_root_hub (struct usb_hcd *hcd)
2386{
2387 unsigned long flags;
2388
2389 spin_lock_irqsave (&hcd_root_hub_lock, flags);
2390 if (hcd->rh_registered) {
2391 pm_wakeup_event(&hcd->self.root_hub->dev, 0);
2392 set_bit(HCD_FLAG_WAKEUP_PENDING, &hcd->flags);
2393 queue_work(pm_wq, &hcd->wakeup_work);
2394 }
2395 spin_unlock_irqrestore (&hcd_root_hub_lock, flags);
2396}
2397EXPORT_SYMBOL_GPL(usb_hcd_resume_root_hub);
2398
2399#endif /* CONFIG_PM */
2400
2401/*-------------------------------------------------------------------------*/
2402
2403#ifdef CONFIG_USB_OTG
2404
2405/**
2406 * usb_bus_start_enum - start immediate enumeration (for OTG)
2407 * @bus: the bus (must use hcd framework)
2408 * @port_num: 1-based number of port; usually bus->otg_port
2409 * Context: atomic
2410 *
2411 * Starts enumeration, with an immediate reset followed later by
2412 * hub_wq identifying and possibly configuring the device.
2413 * This is needed by OTG controller drivers, where it helps meet
2414 * HNP protocol timing requirements for starting a port reset.
2415 *
2416 * Return: 0 if successful.
2417 */
2418int usb_bus_start_enum(struct usb_bus *bus, unsigned port_num)
2419{
2420 struct usb_hcd *hcd;
2421 int status = -EOPNOTSUPP;
2422
2423 /* NOTE: since HNP can't start by grabbing the bus's address0_sem,
2424 * boards with root hubs hooked up to internal devices (instead of
2425 * just the OTG port) may need more attention to resetting...
2426 */
2427 hcd = bus_to_hcd(bus);
2428 if (port_num && hcd->driver->start_port_reset)
2429 status = hcd->driver->start_port_reset(hcd, port_num);
2430
2431 /* allocate hub_wq shortly after (first) root port reset finishes;
2432 * it may issue others, until at least 50 msecs have passed.
2433 */
2434 if (status == 0)
2435 mod_timer(&hcd->rh_timer, jiffies + msecs_to_jiffies(10));
2436 return status;
2437}
2438EXPORT_SYMBOL_GPL(usb_bus_start_enum);
2439
2440#endif
2441
2442/*-------------------------------------------------------------------------*/
2443
2444/**
2445 * usb_hcd_irq - hook IRQs to HCD framework (bus glue)
2446 * @irq: the IRQ being raised
2447 * @__hcd: pointer to the HCD whose IRQ is being signaled
2448 *
2449 * If the controller isn't HALTed, calls the driver's irq handler.
2450 * Checks whether the controller is now dead.
2451 *
2452 * Return: %IRQ_HANDLED if the IRQ was handled. %IRQ_NONE otherwise.
2453 */
2454irqreturn_t usb_hcd_irq (int irq, void *__hcd)
2455{
2456 struct usb_hcd *hcd = __hcd;
2457 irqreturn_t rc;
2458
2459 if (unlikely(HCD_DEAD(hcd) || !HCD_HW_ACCESSIBLE(hcd)))
2460 rc = IRQ_NONE;
2461 else if (hcd->driver->irq(hcd) == IRQ_NONE)
2462 rc = IRQ_NONE;
2463 else
2464 rc = IRQ_HANDLED;
2465
2466 return rc;
2467}
2468EXPORT_SYMBOL_GPL(usb_hcd_irq);
2469
2470/*-------------------------------------------------------------------------*/
2471
2472/* Workqueue routine for when the root-hub has died. */
2473static void hcd_died_work(struct work_struct *work)
2474{
2475 struct usb_hcd *hcd = container_of(work, struct usb_hcd, died_work);
2476 static char *env[] = {
2477 "ERROR=DEAD",
2478 NULL
2479 };
2480
2481 /* Notify user space that the host controller has died */
2482 kobject_uevent_env(&hcd->self.root_hub->dev.kobj, KOBJ_OFFLINE, env);
2483}
2484
2485/**
2486 * usb_hc_died - report abnormal shutdown of a host controller (bus glue)
2487 * @hcd: pointer to the HCD representing the controller
2488 *
2489 * This is called by bus glue to report a USB host controller that died
2490 * while operations may still have been pending. It's called automatically
2491 * by the PCI glue, so only glue for non-PCI busses should need to call it.
2492 *
2493 * Only call this function with the primary HCD.
2494 */
2495void usb_hc_died (struct usb_hcd *hcd)
2496{
2497 unsigned long flags;
2498
2499 dev_err (hcd->self.controller, "HC died; cleaning up\n");
2500
2501 spin_lock_irqsave (&hcd_root_hub_lock, flags);
2502 clear_bit(HCD_FLAG_RH_RUNNING, &hcd->flags);
2503 set_bit(HCD_FLAG_DEAD, &hcd->flags);
2504 if (hcd->rh_registered) {
2505 clear_bit(HCD_FLAG_POLL_RH, &hcd->flags);
2506
2507 /* make hub_wq clean up old urbs and devices */
2508 usb_set_device_state (hcd->self.root_hub,
2509 USB_STATE_NOTATTACHED);
2510 usb_kick_hub_wq(hcd->self.root_hub);
2511 }
2512 if (usb_hcd_is_primary_hcd(hcd) && hcd->shared_hcd) {
2513 hcd = hcd->shared_hcd;
2514 clear_bit(HCD_FLAG_RH_RUNNING, &hcd->flags);
2515 set_bit(HCD_FLAG_DEAD, &hcd->flags);
2516 if (hcd->rh_registered) {
2517 clear_bit(HCD_FLAG_POLL_RH, &hcd->flags);
2518
2519 /* make hub_wq clean up old urbs and devices */
2520 usb_set_device_state(hcd->self.root_hub,
2521 USB_STATE_NOTATTACHED);
2522 usb_kick_hub_wq(hcd->self.root_hub);
2523 }
2524 }
2525
2526 /* Handle the case where this function gets called with a shared HCD */
2527 if (usb_hcd_is_primary_hcd(hcd))
2528 schedule_work(&hcd->died_work);
2529 else
2530 schedule_work(&hcd->primary_hcd->died_work);
2531
2532 spin_unlock_irqrestore (&hcd_root_hub_lock, flags);
2533 /* Make sure that the other roothub is also deallocated. */
2534}
2535EXPORT_SYMBOL_GPL (usb_hc_died);
2536
2537/*-------------------------------------------------------------------------*/
2538
2539static void init_giveback_urb_bh(struct giveback_urb_bh *bh)
2540{
2541
2542 spin_lock_init(&bh->lock);
2543 INIT_LIST_HEAD(&bh->head);
2544 INIT_WORK(&bh->bh, usb_giveback_urb_bh);
2545}
2546
2547struct usb_hcd *__usb_create_hcd(const struct hc_driver *driver,
2548 struct device *sysdev, struct device *dev, const char *bus_name,
2549 struct usb_hcd *primary_hcd)
2550{
2551 struct usb_hcd *hcd;
2552
2553 hcd = kzalloc(sizeof(*hcd) + driver->hcd_priv_size, GFP_KERNEL);
2554 if (!hcd)
2555 return NULL;
2556 if (primary_hcd == NULL) {
2557 hcd->address0_mutex = kmalloc(sizeof(*hcd->address0_mutex),
2558 GFP_KERNEL);
2559 if (!hcd->address0_mutex) {
2560 kfree(hcd);
2561 dev_dbg(dev, "hcd address0 mutex alloc failed\n");
2562 return NULL;
2563 }
2564 mutex_init(hcd->address0_mutex);
2565 hcd->bandwidth_mutex = kmalloc(sizeof(*hcd->bandwidth_mutex),
2566 GFP_KERNEL);
2567 if (!hcd->bandwidth_mutex) {
2568 kfree(hcd->address0_mutex);
2569 kfree(hcd);
2570 dev_dbg(dev, "hcd bandwidth mutex alloc failed\n");
2571 return NULL;
2572 }
2573 mutex_init(hcd->bandwidth_mutex);
2574 dev_set_drvdata(dev, hcd);
2575 } else {
2576 mutex_lock(&usb_port_peer_mutex);
2577 hcd->address0_mutex = primary_hcd->address0_mutex;
2578 hcd->bandwidth_mutex = primary_hcd->bandwidth_mutex;
2579 hcd->primary_hcd = primary_hcd;
2580 primary_hcd->primary_hcd = primary_hcd;
2581 hcd->shared_hcd = primary_hcd;
2582 primary_hcd->shared_hcd = hcd;
2583 mutex_unlock(&usb_port_peer_mutex);
2584 }
2585
2586 kref_init(&hcd->kref);
2587
2588 usb_bus_init(&hcd->self);
2589 hcd->self.controller = dev;
2590 hcd->self.sysdev = sysdev;
2591 hcd->self.bus_name = bus_name;
2592
2593 timer_setup(&hcd->rh_timer, rh_timer_func, 0);
2594#ifdef CONFIG_PM
2595 INIT_WORK(&hcd->wakeup_work, hcd_resume_work);
2596#endif
2597
2598 INIT_WORK(&hcd->died_work, hcd_died_work);
2599
2600 hcd->driver = driver;
2601 hcd->speed = driver->flags & HCD_MASK;
2602 hcd->product_desc = (driver->product_desc) ? driver->product_desc :
2603 "USB Host Controller";
2604 return hcd;
2605}
2606EXPORT_SYMBOL_GPL(__usb_create_hcd);
2607
2608/**
2609 * usb_create_shared_hcd - create and initialize an HCD structure
2610 * @driver: HC driver that will use this hcd
2611 * @dev: device for this HC, stored in hcd->self.controller
2612 * @bus_name: value to store in hcd->self.bus_name
2613 * @primary_hcd: a pointer to the usb_hcd structure that is sharing the
2614 * PCI device. Only allocate certain resources for the primary HCD
2615 *
2616 * Context: task context, might sleep.
2617 *
2618 * Allocate a struct usb_hcd, with extra space at the end for the
2619 * HC driver's private data. Initialize the generic members of the
2620 * hcd structure.
2621 *
2622 * Return: On success, a pointer to the created and initialized HCD structure.
2623 * On failure (e.g. if memory is unavailable), %NULL.
2624 */
2625struct usb_hcd *usb_create_shared_hcd(const struct hc_driver *driver,
2626 struct device *dev, const char *bus_name,
2627 struct usb_hcd *primary_hcd)
2628{
2629 return __usb_create_hcd(driver, dev, dev, bus_name, primary_hcd);
2630}
2631EXPORT_SYMBOL_GPL(usb_create_shared_hcd);
2632
2633/**
2634 * usb_create_hcd - create and initialize an HCD structure
2635 * @driver: HC driver that will use this hcd
2636 * @dev: device for this HC, stored in hcd->self.controller
2637 * @bus_name: value to store in hcd->self.bus_name
2638 *
2639 * Context: task context, might sleep.
2640 *
2641 * Allocate a struct usb_hcd, with extra space at the end for the
2642 * HC driver's private data. Initialize the generic members of the
2643 * hcd structure.
2644 *
2645 * Return: On success, a pointer to the created and initialized HCD
2646 * structure. On failure (e.g. if memory is unavailable), %NULL.
2647 */
2648struct usb_hcd *usb_create_hcd(const struct hc_driver *driver,
2649 struct device *dev, const char *bus_name)
2650{
2651 return __usb_create_hcd(driver, dev, dev, bus_name, NULL);
2652}
2653EXPORT_SYMBOL_GPL(usb_create_hcd);
2654
2655/*
2656 * Roothubs that share one PCI device must also share the bandwidth mutex.
2657 * Don't deallocate the bandwidth_mutex until the last shared usb_hcd is
2658 * deallocated.
2659 *
2660 * Make sure to deallocate the bandwidth_mutex only when the last HCD is
2661 * freed. When hcd_release() is called for either hcd in a peer set,
2662 * invalidate the peer's ->shared_hcd and ->primary_hcd pointers.
2663 */
2664static void hcd_release(struct kref *kref)
2665{
2666 struct usb_hcd *hcd = container_of (kref, struct usb_hcd, kref);
2667
2668 mutex_lock(&usb_port_peer_mutex);
2669 if (hcd->shared_hcd) {
2670 struct usb_hcd *peer = hcd->shared_hcd;
2671
2672 peer->shared_hcd = NULL;
2673 peer->primary_hcd = NULL;
2674 } else {
2675 kfree(hcd->address0_mutex);
2676 kfree(hcd->bandwidth_mutex);
2677 }
2678 mutex_unlock(&usb_port_peer_mutex);
2679 kfree(hcd);
2680}
2681
2682struct usb_hcd *usb_get_hcd (struct usb_hcd *hcd)
2683{
2684 if (hcd)
2685 kref_get (&hcd->kref);
2686 return hcd;
2687}
2688EXPORT_SYMBOL_GPL(usb_get_hcd);
2689
2690void usb_put_hcd (struct usb_hcd *hcd)
2691{
2692 if (hcd)
2693 kref_put (&hcd->kref, hcd_release);
2694}
2695EXPORT_SYMBOL_GPL(usb_put_hcd);
2696
2697int usb_hcd_is_primary_hcd(struct usb_hcd *hcd)
2698{
2699 if (!hcd->primary_hcd)
2700 return 1;
2701 return hcd == hcd->primary_hcd;
2702}
2703EXPORT_SYMBOL_GPL(usb_hcd_is_primary_hcd);
2704
2705int usb_hcd_find_raw_port_number(struct usb_hcd *hcd, int port1)
2706{
2707 if (!hcd->driver->find_raw_port_number)
2708 return port1;
2709
2710 return hcd->driver->find_raw_port_number(hcd, port1);
2711}
2712
2713static int usb_hcd_request_irqs(struct usb_hcd *hcd,
2714 unsigned int irqnum, unsigned long irqflags)
2715{
2716 int retval;
2717
2718 if (hcd->driver->irq) {
2719
2720 snprintf(hcd->irq_descr, sizeof(hcd->irq_descr), "%s:usb%d",
2721 hcd->driver->description, hcd->self.busnum);
2722 retval = request_irq(irqnum, &usb_hcd_irq, irqflags,
2723 hcd->irq_descr, hcd);
2724 if (retval != 0) {
2725 dev_err(hcd->self.controller,
2726 "request interrupt %d failed\n",
2727 irqnum);
2728 return retval;
2729 }
2730 hcd->irq = irqnum;
2731 dev_info(hcd->self.controller, "irq %d, %s 0x%08llx\n", irqnum,
2732 (hcd->driver->flags & HCD_MEMORY) ?
2733 "io mem" : "io port",
2734 (unsigned long long)hcd->rsrc_start);
2735 } else {
2736 hcd->irq = 0;
2737 if (hcd->rsrc_start)
2738 dev_info(hcd->self.controller, "%s 0x%08llx\n",
2739 (hcd->driver->flags & HCD_MEMORY) ?
2740 "io mem" : "io port",
2741 (unsigned long long)hcd->rsrc_start);
2742 }
2743 return 0;
2744}
2745
2746/*
2747 * Before we free this root hub, flush in-flight peering attempts
2748 * and disable peer lookups
2749 */
2750static void usb_put_invalidate_rhdev(struct usb_hcd *hcd)
2751{
2752 struct usb_device *rhdev;
2753
2754 mutex_lock(&usb_port_peer_mutex);
2755 rhdev = hcd->self.root_hub;
2756 hcd->self.root_hub = NULL;
2757 mutex_unlock(&usb_port_peer_mutex);
2758 usb_put_dev(rhdev);
2759}
2760
2761/**
2762 * usb_stop_hcd - Halt the HCD
2763 * @hcd: the usb_hcd that has to be halted
2764 *
2765 * Stop the root-hub polling timer and invoke the HCD's ->stop callback.
2766 */
2767static void usb_stop_hcd(struct usb_hcd *hcd)
2768{
2769 hcd->rh_pollable = 0;
2770 clear_bit(HCD_FLAG_POLL_RH, &hcd->flags);
2771 del_timer_sync(&hcd->rh_timer);
2772
2773 hcd->driver->stop(hcd);
2774 hcd->state = HC_STATE_HALT;
2775
2776 /* In case the HCD restarted the timer, stop it again. */
2777 clear_bit(HCD_FLAG_POLL_RH, &hcd->flags);
2778 del_timer_sync(&hcd->rh_timer);
2779}
2780
2781/**
2782 * usb_add_hcd - finish generic HCD structure initialization and register
2783 * @hcd: the usb_hcd structure to initialize
2784 * @irqnum: Interrupt line to allocate
2785 * @irqflags: Interrupt type flags
2786 *
2787 * Finish the remaining parts of generic HCD initialization: allocate the
2788 * buffers of consistent memory, register the bus, request the IRQ line,
2789 * and call the driver's reset() and start() routines.
2790 */
2791int usb_add_hcd(struct usb_hcd *hcd,
2792 unsigned int irqnum, unsigned long irqflags)
2793{
2794 int retval;
2795 struct usb_device *rhdev;
2796 struct usb_hcd *shared_hcd;
2797 int skip_phy_initialization;
2798
2799 if (usb_hcd_is_primary_hcd(hcd))
2800 skip_phy_initialization = hcd->skip_phy_initialization;
2801 else
2802 skip_phy_initialization = hcd->primary_hcd->skip_phy_initialization;
2803
2804 if (!skip_phy_initialization) {
2805 if (usb_hcd_is_primary_hcd(hcd)) {
2806 hcd->phy_roothub = usb_phy_roothub_alloc(hcd->self.sysdev);
2807 if (IS_ERR(hcd->phy_roothub))
2808 return PTR_ERR(hcd->phy_roothub);
2809 } else {
2810 hcd->phy_roothub = usb_phy_roothub_alloc_usb3_phy(hcd->self.sysdev);
2811 if (IS_ERR(hcd->phy_roothub))
2812 return PTR_ERR(hcd->phy_roothub);
2813 }
2814
2815 retval = usb_phy_roothub_init(hcd->phy_roothub);
2816 if (retval)
2817 return retval;
2818
2819 retval = usb_phy_roothub_set_mode(hcd->phy_roothub,
2820 PHY_MODE_USB_HOST_SS);
2821 if (retval)
2822 retval = usb_phy_roothub_set_mode(hcd->phy_roothub,
2823 PHY_MODE_USB_HOST);
2824 if (retval)
2825 goto err_usb_phy_roothub_power_on;
2826
2827 retval = usb_phy_roothub_power_on(hcd->phy_roothub);
2828 if (retval)
2829 goto err_usb_phy_roothub_power_on;
2830 }
2831
2832 dev_info(hcd->self.controller, "%s\n", hcd->product_desc);
2833
2834 switch (authorized_default) {
2835 case USB_AUTHORIZE_NONE:
2836 hcd->dev_policy = USB_DEVICE_AUTHORIZE_NONE;
2837 break;
2838
2839 case USB_AUTHORIZE_INTERNAL:
2840 hcd->dev_policy = USB_DEVICE_AUTHORIZE_INTERNAL;
2841 break;
2842
2843 case USB_AUTHORIZE_ALL:
2844 case USB_AUTHORIZE_WIRED:
2845 default:
2846 hcd->dev_policy = USB_DEVICE_AUTHORIZE_ALL;
2847 break;
2848 }
2849
2850 set_bit(HCD_FLAG_HW_ACCESSIBLE, &hcd->flags);
2851
2852 /* per default all interfaces are authorized */
2853 set_bit(HCD_FLAG_INTF_AUTHORIZED, &hcd->flags);
2854
2855 /* HC is in reset state, but accessible. Now do the one-time init,
2856 * bottom up so that hcds can customize the root hubs before hub_wq
2857 * starts talking to them. (Note, bus id is assigned early too.)
2858 */
2859 retval = hcd_buffer_create(hcd);
2860 if (retval != 0) {
2861 dev_dbg(hcd->self.sysdev, "pool alloc failed\n");
2862 goto err_create_buf;
2863 }
2864
2865 retval = usb_register_bus(&hcd->self);
2866 if (retval < 0)
2867 goto err_register_bus;
2868
2869 rhdev = usb_alloc_dev(NULL, &hcd->self, 0);
2870 if (rhdev == NULL) {
2871 dev_err(hcd->self.sysdev, "unable to allocate root hub\n");
2872 retval = -ENOMEM;
2873 goto err_allocate_root_hub;
2874 }
2875 mutex_lock(&usb_port_peer_mutex);
2876 hcd->self.root_hub = rhdev;
2877 mutex_unlock(&usb_port_peer_mutex);
2878
2879 rhdev->rx_lanes = 1;
2880 rhdev->tx_lanes = 1;
2881 rhdev->ssp_rate = USB_SSP_GEN_UNKNOWN;
2882
2883 switch (hcd->speed) {
2884 case HCD_USB11:
2885 rhdev->speed = USB_SPEED_FULL;
2886 break;
2887 case HCD_USB2:
2888 rhdev->speed = USB_SPEED_HIGH;
2889 break;
2890 case HCD_USB3:
2891 rhdev->speed = USB_SPEED_SUPER;
2892 break;
2893 case HCD_USB32:
2894 rhdev->rx_lanes = 2;
2895 rhdev->tx_lanes = 2;
2896 rhdev->ssp_rate = USB_SSP_GEN_2x2;
2897 rhdev->speed = USB_SPEED_SUPER_PLUS;
2898 break;
2899 case HCD_USB31:
2900 rhdev->ssp_rate = USB_SSP_GEN_2x1;
2901 rhdev->speed = USB_SPEED_SUPER_PLUS;
2902 break;
2903 default:
2904 retval = -EINVAL;
2905 goto err_set_rh_speed;
2906 }
2907
2908 /* wakeup flag init defaults to "everything works" for root hubs,
2909 * but drivers can override it in reset() if needed, along with
2910 * recording the overall controller's system wakeup capability.
2911 */
2912 device_set_wakeup_capable(&rhdev->dev, 1);
2913
2914 /* HCD_FLAG_RH_RUNNING doesn't matter until the root hub is
2915 * registered. But since the controller can die at any time,
2916 * let's initialize the flag before touching the hardware.
2917 */
2918 set_bit(HCD_FLAG_RH_RUNNING, &hcd->flags);
2919
2920 /* "reset" is misnamed; its role is now one-time init. the controller
2921 * should already have been reset (and boot firmware kicked off etc).
2922 */
2923 if (hcd->driver->reset) {
2924 retval = hcd->driver->reset(hcd);
2925 if (retval < 0) {
2926 dev_err(hcd->self.controller, "can't setup: %d\n",
2927 retval);
2928 goto err_hcd_driver_setup;
2929 }
2930 }
2931 hcd->rh_pollable = 1;
2932
2933 retval = usb_phy_roothub_calibrate(hcd->phy_roothub);
2934 if (retval)
2935 goto err_hcd_driver_setup;
2936
2937 /* NOTE: root hub and controller capabilities may not be the same */
2938 if (device_can_wakeup(hcd->self.controller)
2939 && device_can_wakeup(&hcd->self.root_hub->dev))
2940 dev_dbg(hcd->self.controller, "supports USB remote wakeup\n");
2941
2942 /* initialize BHs */
2943 init_giveback_urb_bh(&hcd->high_prio_bh);
2944 hcd->high_prio_bh.high_prio = true;
2945 init_giveback_urb_bh(&hcd->low_prio_bh);
2946
2947 /* enable irqs just before we start the controller,
2948 * if the BIOS provides legacy PCI irqs.
2949 */
2950 if (usb_hcd_is_primary_hcd(hcd) && irqnum) {
2951 retval = usb_hcd_request_irqs(hcd, irqnum, irqflags);
2952 if (retval)
2953 goto err_request_irq;
2954 }
2955
2956 hcd->state = HC_STATE_RUNNING;
2957 retval = hcd->driver->start(hcd);
2958 if (retval < 0) {
2959 dev_err(hcd->self.controller, "startup error %d\n", retval);
2960 goto err_hcd_driver_start;
2961 }
2962
2963 /* starting here, usbcore will pay attention to the shared HCD roothub */
2964 shared_hcd = hcd->shared_hcd;
2965 if (!usb_hcd_is_primary_hcd(hcd) && shared_hcd && HCD_DEFER_RH_REGISTER(shared_hcd)) {
2966 retval = register_root_hub(shared_hcd);
2967 if (retval != 0)
2968 goto err_register_root_hub;
2969
2970 if (shared_hcd->uses_new_polling && HCD_POLL_RH(shared_hcd))
2971 usb_hcd_poll_rh_status(shared_hcd);
2972 }
2973
2974 /* starting here, usbcore will pay attention to this root hub */
2975 if (!HCD_DEFER_RH_REGISTER(hcd)) {
2976 retval = register_root_hub(hcd);
2977 if (retval != 0)
2978 goto err_register_root_hub;
2979
2980 if (hcd->uses_new_polling && HCD_POLL_RH(hcd))
2981 usb_hcd_poll_rh_status(hcd);
2982 }
2983
2984 return retval;
2985
2986err_register_root_hub:
2987 usb_stop_hcd(hcd);
2988err_hcd_driver_start:
2989 if (usb_hcd_is_primary_hcd(hcd) && hcd->irq > 0)
2990 free_irq(irqnum, hcd);
2991err_request_irq:
2992err_hcd_driver_setup:
2993err_set_rh_speed:
2994 usb_put_invalidate_rhdev(hcd);
2995err_allocate_root_hub:
2996 usb_deregister_bus(&hcd->self);
2997err_register_bus:
2998 hcd_buffer_destroy(hcd);
2999err_create_buf:
3000 usb_phy_roothub_power_off(hcd->phy_roothub);
3001err_usb_phy_roothub_power_on:
3002 usb_phy_roothub_exit(hcd->phy_roothub);
3003
3004 return retval;
3005}
3006EXPORT_SYMBOL_GPL(usb_add_hcd);
3007
3008/**
3009 * usb_remove_hcd - shutdown processing for generic HCDs
3010 * @hcd: the usb_hcd structure to remove
3011 *
3012 * Context: task context, might sleep.
3013 *
3014 * Disconnects the root hub, then reverses the effects of usb_add_hcd(),
3015 * invoking the HCD's stop() method.
3016 */
3017void usb_remove_hcd(struct usb_hcd *hcd)
3018{
3019 struct usb_device *rhdev;
3020 bool rh_registered;
3021
3022 if (!hcd) {
3023 pr_debug("%s: hcd is NULL\n", __func__);
3024 return;
3025 }
3026 rhdev = hcd->self.root_hub;
3027
3028 dev_info(hcd->self.controller, "remove, state %x\n", hcd->state);
3029
3030 usb_get_dev(rhdev);
3031 clear_bit(HCD_FLAG_RH_RUNNING, &hcd->flags);
3032 if (HC_IS_RUNNING (hcd->state))
3033 hcd->state = HC_STATE_QUIESCING;
3034
3035 dev_dbg(hcd->self.controller, "roothub graceful disconnect\n");
3036 spin_lock_irq (&hcd_root_hub_lock);
3037 rh_registered = hcd->rh_registered;
3038 hcd->rh_registered = 0;
3039 spin_unlock_irq (&hcd_root_hub_lock);
3040
3041#ifdef CONFIG_PM
3042 cancel_work_sync(&hcd->wakeup_work);
3043#endif
3044 cancel_work_sync(&hcd->died_work);
3045
3046 mutex_lock(&usb_bus_idr_lock);
3047 if (rh_registered)
3048 usb_disconnect(&rhdev); /* Sets rhdev to NULL */
3049 mutex_unlock(&usb_bus_idr_lock);
3050
3051 /*
3052 * flush_work() isn't needed here because:
3053 * - driver's disconnect() called from usb_disconnect() should
3054 * make sure its URBs are completed during the disconnect()
3055 * callback
3056 *
3057 * - it is too late to run complete() here since driver may have
3058 * been removed already now
3059 */
3060
3061 /* Prevent any more root-hub status calls from the timer.
3062 * The HCD might still restart the timer (if a port status change
3063 * interrupt occurs), but usb_hcd_poll_rh_status() won't invoke
3064 * the hub_status_data() callback.
3065 */
3066 usb_stop_hcd(hcd);
3067
3068 if (usb_hcd_is_primary_hcd(hcd)) {
3069 if (hcd->irq > 0)
3070 free_irq(hcd->irq, hcd);
3071 }
3072
3073 usb_deregister_bus(&hcd->self);
3074 hcd_buffer_destroy(hcd);
3075
3076 usb_phy_roothub_power_off(hcd->phy_roothub);
3077 usb_phy_roothub_exit(hcd->phy_roothub);
3078
3079 usb_put_invalidate_rhdev(hcd);
3080 hcd->flags = 0;
3081}
3082EXPORT_SYMBOL_GPL(usb_remove_hcd);
3083
3084void
3085usb_hcd_platform_shutdown(struct platform_device *dev)
3086{
3087 struct usb_hcd *hcd = platform_get_drvdata(dev);
3088
3089 /* No need for pm_runtime_put(), we're shutting down */
3090 pm_runtime_get_sync(&dev->dev);
3091
3092 if (hcd->driver->shutdown)
3093 hcd->driver->shutdown(hcd);
3094}
3095EXPORT_SYMBOL_GPL(usb_hcd_platform_shutdown);
3096
3097int usb_hcd_setup_local_mem(struct usb_hcd *hcd, phys_addr_t phys_addr,
3098 dma_addr_t dma, size_t size)
3099{
3100 int err;
3101 void *local_mem;
3102
3103 hcd->localmem_pool = devm_gen_pool_create(hcd->self.sysdev, 4,
3104 dev_to_node(hcd->self.sysdev),
3105 dev_name(hcd->self.sysdev));
3106 if (IS_ERR(hcd->localmem_pool))
3107 return PTR_ERR(hcd->localmem_pool);
3108
3109 /*
3110 * if a physical SRAM address was passed, map it, otherwise
3111 * allocate system memory as a buffer.
3112 */
3113 if (phys_addr)
3114 local_mem = devm_memremap(hcd->self.sysdev, phys_addr,
3115 size, MEMREMAP_WC);
3116 else
3117 local_mem = dmam_alloc_attrs(hcd->self.sysdev, size, &dma,
3118 GFP_KERNEL,
3119 DMA_ATTR_WRITE_COMBINE);
3120
3121 if (IS_ERR_OR_NULL(local_mem)) {
3122 if (!local_mem)
3123 return -ENOMEM;
3124
3125 return PTR_ERR(local_mem);
3126 }
3127
3128 /*
3129 * Here we pass a dma_addr_t but the arg type is a phys_addr_t.
3130 * It's not backed by system memory and thus there's no kernel mapping
3131 * for it.
3132 */
3133 err = gen_pool_add_virt(hcd->localmem_pool, (unsigned long)local_mem,
3134 dma, size, dev_to_node(hcd->self.sysdev));
3135 if (err < 0) {
3136 dev_err(hcd->self.sysdev, "gen_pool_add_virt failed with %d\n",
3137 err);
3138 return err;
3139 }
3140
3141 return 0;
3142}
3143EXPORT_SYMBOL_GPL(usb_hcd_setup_local_mem);
3144
3145/*-------------------------------------------------------------------------*/
3146
3147#if IS_ENABLED(CONFIG_USB_MON)
3148
3149const struct usb_mon_operations *mon_ops;
3150
3151/*
3152 * The registration is unlocked.
3153 * We do it this way because we do not want to lock in hot paths.
3154 *
3155 * Notice that the code is minimally error-proof. Because usbmon needs
3156 * symbols from usbcore, usbcore gets referenced and cannot be unloaded first.
3157 */
3158
3159int usb_mon_register(const struct usb_mon_operations *ops)
3160{
3161
3162 if (mon_ops)
3163 return -EBUSY;
3164
3165 mon_ops = ops;
3166 mb();
3167 return 0;
3168}
3169EXPORT_SYMBOL_GPL (usb_mon_register);
3170
3171void usb_mon_deregister (void)
3172{
3173
3174 if (mon_ops == NULL) {
3175 printk(KERN_ERR "USB: monitor was not registered\n");
3176 return;
3177 }
3178 mon_ops = NULL;
3179 mb();
3180}
3181EXPORT_SYMBOL_GPL (usb_mon_deregister);
3182
3183#endif /* CONFIG_USB_MON || CONFIG_USB_MON_MODULE */
1// SPDX-License-Identifier: GPL-2.0+
2/*
3 * (C) Copyright Linus Torvalds 1999
4 * (C) Copyright Johannes Erdfelt 1999-2001
5 * (C) Copyright Andreas Gal 1999
6 * (C) Copyright Gregory P. Smith 1999
7 * (C) Copyright Deti Fliegl 1999
8 * (C) Copyright Randy Dunlap 2000
9 * (C) Copyright David Brownell 2000-2002
10 */
11
12#include <linux/bcd.h>
13#include <linux/module.h>
14#include <linux/version.h>
15#include <linux/kernel.h>
16#include <linux/sched/task_stack.h>
17#include <linux/slab.h>
18#include <linux/completion.h>
19#include <linux/utsname.h>
20#include <linux/mm.h>
21#include <asm/io.h>
22#include <linux/device.h>
23#include <linux/dma-mapping.h>
24#include <linux/mutex.h>
25#include <asm/irq.h>
26#include <asm/byteorder.h>
27#include <asm/unaligned.h>
28#include <linux/platform_device.h>
29#include <linux/workqueue.h>
30#include <linux/pm_runtime.h>
31#include <linux/types.h>
32#include <linux/genalloc.h>
33#include <linux/io.h>
34#include <linux/kcov.h>
35
36#include <linux/phy/phy.h>
37#include <linux/usb.h>
38#include <linux/usb/hcd.h>
39#include <linux/usb/otg.h>
40
41#include "usb.h"
42#include "phy.h"
43
44
45/*-------------------------------------------------------------------------*/
46
47/*
48 * USB Host Controller Driver framework
49 *
50 * Plugs into usbcore (usb_bus) and lets HCDs share code, minimizing
51 * HCD-specific behaviors/bugs.
52 *
53 * This does error checks, tracks devices and urbs, and delegates to a
54 * "hc_driver" only for code (and data) that really needs to know about
55 * hardware differences. That includes root hub registers, i/o queues,
56 * and so on ... but as little else as possible.
57 *
58 * Shared code includes most of the "root hub" code (these are emulated,
59 * though each HC's hardware works differently) and PCI glue, plus request
60 * tracking overhead. The HCD code should only block on spinlocks or on
61 * hardware handshaking; blocking on software events (such as other kernel
62 * threads releasing resources, or completing actions) is all generic.
63 *
64 * Happens the USB 2.0 spec says this would be invisible inside the "USBD",
65 * and includes mostly a "HCDI" (HCD Interface) along with some APIs used
66 * only by the hub driver ... and that neither should be seen or used by
67 * usb client device drivers.
68 *
69 * Contributors of ideas or unattributed patches include: David Brownell,
70 * Roman Weissgaerber, Rory Bolt, Greg Kroah-Hartman, ...
71 *
72 * HISTORY:
73 * 2002-02-21 Pull in most of the usb_bus support from usb.c; some
74 * associated cleanup. "usb_hcd" still != "usb_bus".
75 * 2001-12-12 Initial patch version for Linux 2.5.1 kernel.
76 */
77
78/*-------------------------------------------------------------------------*/
79
80/* Keep track of which host controller drivers are loaded */
81unsigned long usb_hcds_loaded;
82EXPORT_SYMBOL_GPL(usb_hcds_loaded);
83
84/* host controllers we manage */
85DEFINE_IDR (usb_bus_idr);
86EXPORT_SYMBOL_GPL (usb_bus_idr);
87
88/* used when allocating bus numbers */
89#define USB_MAXBUS 64
90
91/* used when updating list of hcds */
92DEFINE_MUTEX(usb_bus_idr_lock); /* exported only for usbfs */
93EXPORT_SYMBOL_GPL (usb_bus_idr_lock);
94
95/* used for controlling access to virtual root hubs */
96static DEFINE_SPINLOCK(hcd_root_hub_lock);
97
98/* used when updating an endpoint's URB list */
99static DEFINE_SPINLOCK(hcd_urb_list_lock);
100
101/* used to protect against unlinking URBs after the device is gone */
102static DEFINE_SPINLOCK(hcd_urb_unlink_lock);
103
104/* wait queue for synchronous unlinks */
105DECLARE_WAIT_QUEUE_HEAD(usb_kill_urb_queue);
106
107/*-------------------------------------------------------------------------*/
108
109/*
110 * Sharable chunks of root hub code.
111 */
112
113/*-------------------------------------------------------------------------*/
114#define KERNEL_REL bin2bcd(((LINUX_VERSION_CODE >> 16) & 0x0ff))
115#define KERNEL_VER bin2bcd(((LINUX_VERSION_CODE >> 8) & 0x0ff))
116
117/* usb 3.1 root hub device descriptor */
118static const u8 usb31_rh_dev_descriptor[18] = {
119 0x12, /* __u8 bLength; */
120 USB_DT_DEVICE, /* __u8 bDescriptorType; Device */
121 0x10, 0x03, /* __le16 bcdUSB; v3.1 */
122
123 0x09, /* __u8 bDeviceClass; HUB_CLASSCODE */
124 0x00, /* __u8 bDeviceSubClass; */
125 0x03, /* __u8 bDeviceProtocol; USB 3 hub */
126 0x09, /* __u8 bMaxPacketSize0; 2^9 = 512 Bytes */
127
128 0x6b, 0x1d, /* __le16 idVendor; Linux Foundation 0x1d6b */
129 0x03, 0x00, /* __le16 idProduct; device 0x0003 */
130 KERNEL_VER, KERNEL_REL, /* __le16 bcdDevice */
131
132 0x03, /* __u8 iManufacturer; */
133 0x02, /* __u8 iProduct; */
134 0x01, /* __u8 iSerialNumber; */
135 0x01 /* __u8 bNumConfigurations; */
136};
137
138/* usb 3.0 root hub device descriptor */
139static const u8 usb3_rh_dev_descriptor[18] = {
140 0x12, /* __u8 bLength; */
141 USB_DT_DEVICE, /* __u8 bDescriptorType; Device */
142 0x00, 0x03, /* __le16 bcdUSB; v3.0 */
143
144 0x09, /* __u8 bDeviceClass; HUB_CLASSCODE */
145 0x00, /* __u8 bDeviceSubClass; */
146 0x03, /* __u8 bDeviceProtocol; USB 3.0 hub */
147 0x09, /* __u8 bMaxPacketSize0; 2^9 = 512 Bytes */
148
149 0x6b, 0x1d, /* __le16 idVendor; Linux Foundation 0x1d6b */
150 0x03, 0x00, /* __le16 idProduct; device 0x0003 */
151 KERNEL_VER, KERNEL_REL, /* __le16 bcdDevice */
152
153 0x03, /* __u8 iManufacturer; */
154 0x02, /* __u8 iProduct; */
155 0x01, /* __u8 iSerialNumber; */
156 0x01 /* __u8 bNumConfigurations; */
157};
158
159/* usb 2.5 (wireless USB 1.0) root hub device descriptor */
160static const u8 usb25_rh_dev_descriptor[18] = {
161 0x12, /* __u8 bLength; */
162 USB_DT_DEVICE, /* __u8 bDescriptorType; Device */
163 0x50, 0x02, /* __le16 bcdUSB; v2.5 */
164
165 0x09, /* __u8 bDeviceClass; HUB_CLASSCODE */
166 0x00, /* __u8 bDeviceSubClass; */
167 0x00, /* __u8 bDeviceProtocol; [ usb 2.0 no TT ] */
168 0xFF, /* __u8 bMaxPacketSize0; always 0xFF (WUSB Spec 7.4.1). */
169
170 0x6b, 0x1d, /* __le16 idVendor; Linux Foundation 0x1d6b */
171 0x02, 0x00, /* __le16 idProduct; device 0x0002 */
172 KERNEL_VER, KERNEL_REL, /* __le16 bcdDevice */
173
174 0x03, /* __u8 iManufacturer; */
175 0x02, /* __u8 iProduct; */
176 0x01, /* __u8 iSerialNumber; */
177 0x01 /* __u8 bNumConfigurations; */
178};
179
180/* usb 2.0 root hub device descriptor */
181static const u8 usb2_rh_dev_descriptor[18] = {
182 0x12, /* __u8 bLength; */
183 USB_DT_DEVICE, /* __u8 bDescriptorType; Device */
184 0x00, 0x02, /* __le16 bcdUSB; v2.0 */
185
186 0x09, /* __u8 bDeviceClass; HUB_CLASSCODE */
187 0x00, /* __u8 bDeviceSubClass; */
188 0x00, /* __u8 bDeviceProtocol; [ usb 2.0 no TT ] */
189 0x40, /* __u8 bMaxPacketSize0; 64 Bytes */
190
191 0x6b, 0x1d, /* __le16 idVendor; Linux Foundation 0x1d6b */
192 0x02, 0x00, /* __le16 idProduct; device 0x0002 */
193 KERNEL_VER, KERNEL_REL, /* __le16 bcdDevice */
194
195 0x03, /* __u8 iManufacturer; */
196 0x02, /* __u8 iProduct; */
197 0x01, /* __u8 iSerialNumber; */
198 0x01 /* __u8 bNumConfigurations; */
199};
200
201/* no usb 2.0 root hub "device qualifier" descriptor: one speed only */
202
203/* usb 1.1 root hub device descriptor */
204static const u8 usb11_rh_dev_descriptor[18] = {
205 0x12, /* __u8 bLength; */
206 USB_DT_DEVICE, /* __u8 bDescriptorType; Device */
207 0x10, 0x01, /* __le16 bcdUSB; v1.1 */
208
209 0x09, /* __u8 bDeviceClass; HUB_CLASSCODE */
210 0x00, /* __u8 bDeviceSubClass; */
211 0x00, /* __u8 bDeviceProtocol; [ low/full speeds only ] */
212 0x40, /* __u8 bMaxPacketSize0; 64 Bytes */
213
214 0x6b, 0x1d, /* __le16 idVendor; Linux Foundation 0x1d6b */
215 0x01, 0x00, /* __le16 idProduct; device 0x0001 */
216 KERNEL_VER, KERNEL_REL, /* __le16 bcdDevice */
217
218 0x03, /* __u8 iManufacturer; */
219 0x02, /* __u8 iProduct; */
220 0x01, /* __u8 iSerialNumber; */
221 0x01 /* __u8 bNumConfigurations; */
222};
223
224
225/*-------------------------------------------------------------------------*/
226
227/* Configuration descriptors for our root hubs */
228
229static const u8 fs_rh_config_descriptor[] = {
230
231 /* one configuration */
232 0x09, /* __u8 bLength; */
233 USB_DT_CONFIG, /* __u8 bDescriptorType; Configuration */
234 0x19, 0x00, /* __le16 wTotalLength; */
235 0x01, /* __u8 bNumInterfaces; (1) */
236 0x01, /* __u8 bConfigurationValue; */
237 0x00, /* __u8 iConfiguration; */
238 0xc0, /* __u8 bmAttributes;
239 Bit 7: must be set,
240 6: Self-powered,
241 5: Remote wakeup,
242 4..0: resvd */
243 0x00, /* __u8 MaxPower; */
244
245 /* USB 1.1:
246 * USB 2.0, single TT organization (mandatory):
247 * one interface, protocol 0
248 *
249 * USB 2.0, multiple TT organization (optional):
250 * two interfaces, protocols 1 (like single TT)
251 * and 2 (multiple TT mode) ... config is
252 * sometimes settable
253 * NOT IMPLEMENTED
254 */
255
256 /* one interface */
257 0x09, /* __u8 if_bLength; */
258 USB_DT_INTERFACE, /* __u8 if_bDescriptorType; Interface */
259 0x00, /* __u8 if_bInterfaceNumber; */
260 0x00, /* __u8 if_bAlternateSetting; */
261 0x01, /* __u8 if_bNumEndpoints; */
262 0x09, /* __u8 if_bInterfaceClass; HUB_CLASSCODE */
263 0x00, /* __u8 if_bInterfaceSubClass; */
264 0x00, /* __u8 if_bInterfaceProtocol; [usb1.1 or single tt] */
265 0x00, /* __u8 if_iInterface; */
266
267 /* one endpoint (status change endpoint) */
268 0x07, /* __u8 ep_bLength; */
269 USB_DT_ENDPOINT, /* __u8 ep_bDescriptorType; Endpoint */
270 0x81, /* __u8 ep_bEndpointAddress; IN Endpoint 1 */
271 0x03, /* __u8 ep_bmAttributes; Interrupt */
272 0x02, 0x00, /* __le16 ep_wMaxPacketSize; 1 + (MAX_ROOT_PORTS / 8) */
273 0xff /* __u8 ep_bInterval; (255ms -- usb 2.0 spec) */
274};
275
276static const u8 hs_rh_config_descriptor[] = {
277
278 /* one configuration */
279 0x09, /* __u8 bLength; */
280 USB_DT_CONFIG, /* __u8 bDescriptorType; Configuration */
281 0x19, 0x00, /* __le16 wTotalLength; */
282 0x01, /* __u8 bNumInterfaces; (1) */
283 0x01, /* __u8 bConfigurationValue; */
284 0x00, /* __u8 iConfiguration; */
285 0xc0, /* __u8 bmAttributes;
286 Bit 7: must be set,
287 6: Self-powered,
288 5: Remote wakeup,
289 4..0: resvd */
290 0x00, /* __u8 MaxPower; */
291
292 /* USB 1.1:
293 * USB 2.0, single TT organization (mandatory):
294 * one interface, protocol 0
295 *
296 * USB 2.0, multiple TT organization (optional):
297 * two interfaces, protocols 1 (like single TT)
298 * and 2 (multiple TT mode) ... config is
299 * sometimes settable
300 * NOT IMPLEMENTED
301 */
302
303 /* one interface */
304 0x09, /* __u8 if_bLength; */
305 USB_DT_INTERFACE, /* __u8 if_bDescriptorType; Interface */
306 0x00, /* __u8 if_bInterfaceNumber; */
307 0x00, /* __u8 if_bAlternateSetting; */
308 0x01, /* __u8 if_bNumEndpoints; */
309 0x09, /* __u8 if_bInterfaceClass; HUB_CLASSCODE */
310 0x00, /* __u8 if_bInterfaceSubClass; */
311 0x00, /* __u8 if_bInterfaceProtocol; [usb1.1 or single tt] */
312 0x00, /* __u8 if_iInterface; */
313
314 /* one endpoint (status change endpoint) */
315 0x07, /* __u8 ep_bLength; */
316 USB_DT_ENDPOINT, /* __u8 ep_bDescriptorType; Endpoint */
317 0x81, /* __u8 ep_bEndpointAddress; IN Endpoint 1 */
318 0x03, /* __u8 ep_bmAttributes; Interrupt */
319 /* __le16 ep_wMaxPacketSize; 1 + (MAX_ROOT_PORTS / 8)
320 * see hub.c:hub_configure() for details. */
321 (USB_MAXCHILDREN + 1 + 7) / 8, 0x00,
322 0x0c /* __u8 ep_bInterval; (256ms -- usb 2.0 spec) */
323};
324
325static const u8 ss_rh_config_descriptor[] = {
326 /* one configuration */
327 0x09, /* __u8 bLength; */
328 USB_DT_CONFIG, /* __u8 bDescriptorType; Configuration */
329 0x1f, 0x00, /* __le16 wTotalLength; */
330 0x01, /* __u8 bNumInterfaces; (1) */
331 0x01, /* __u8 bConfigurationValue; */
332 0x00, /* __u8 iConfiguration; */
333 0xc0, /* __u8 bmAttributes;
334 Bit 7: must be set,
335 6: Self-powered,
336 5: Remote wakeup,
337 4..0: resvd */
338 0x00, /* __u8 MaxPower; */
339
340 /* one interface */
341 0x09, /* __u8 if_bLength; */
342 USB_DT_INTERFACE, /* __u8 if_bDescriptorType; Interface */
343 0x00, /* __u8 if_bInterfaceNumber; */
344 0x00, /* __u8 if_bAlternateSetting; */
345 0x01, /* __u8 if_bNumEndpoints; */
346 0x09, /* __u8 if_bInterfaceClass; HUB_CLASSCODE */
347 0x00, /* __u8 if_bInterfaceSubClass; */
348 0x00, /* __u8 if_bInterfaceProtocol; */
349 0x00, /* __u8 if_iInterface; */
350
351 /* one endpoint (status change endpoint) */
352 0x07, /* __u8 ep_bLength; */
353 USB_DT_ENDPOINT, /* __u8 ep_bDescriptorType; Endpoint */
354 0x81, /* __u8 ep_bEndpointAddress; IN Endpoint 1 */
355 0x03, /* __u8 ep_bmAttributes; Interrupt */
356 /* __le16 ep_wMaxPacketSize; 1 + (MAX_ROOT_PORTS / 8)
357 * see hub.c:hub_configure() for details. */
358 (USB_MAXCHILDREN + 1 + 7) / 8, 0x00,
359 0x0c, /* __u8 ep_bInterval; (256ms -- usb 2.0 spec) */
360
361 /* one SuperSpeed endpoint companion descriptor */
362 0x06, /* __u8 ss_bLength */
363 USB_DT_SS_ENDPOINT_COMP, /* __u8 ss_bDescriptorType; SuperSpeed EP */
364 /* Companion */
365 0x00, /* __u8 ss_bMaxBurst; allows 1 TX between ACKs */
366 0x00, /* __u8 ss_bmAttributes; 1 packet per service interval */
367 0x02, 0x00 /* __le16 ss_wBytesPerInterval; 15 bits for max 15 ports */
368};
369
370/* authorized_default behaviour:
371 * -1 is authorized for all devices except wireless (old behaviour)
372 * 0 is unauthorized for all devices
373 * 1 is authorized for all devices
374 * 2 is authorized for internal devices
375 */
376#define USB_AUTHORIZE_WIRED -1
377#define USB_AUTHORIZE_NONE 0
378#define USB_AUTHORIZE_ALL 1
379#define USB_AUTHORIZE_INTERNAL 2
380
381static int authorized_default = USB_AUTHORIZE_WIRED;
382module_param(authorized_default, int, S_IRUGO|S_IWUSR);
383MODULE_PARM_DESC(authorized_default,
384 "Default USB device authorization: 0 is not authorized, 1 is "
385 "authorized, 2 is authorized for internal devices, -1 is "
386 "authorized except for wireless USB (default, old behaviour)");
387/*-------------------------------------------------------------------------*/
388
389/**
390 * ascii2desc() - Helper routine for producing UTF-16LE string descriptors
391 * @s: Null-terminated ASCII (actually ISO-8859-1) string
392 * @buf: Buffer for USB string descriptor (header + UTF-16LE)
393 * @len: Length (in bytes; may be odd) of descriptor buffer.
394 *
395 * Return: The number of bytes filled in: 2 + 2*strlen(s) or @len,
396 * whichever is less.
397 *
398 * Note:
399 * USB String descriptors can contain at most 126 characters; input
400 * strings longer than that are truncated.
401 */
402static unsigned
403ascii2desc(char const *s, u8 *buf, unsigned len)
404{
405 unsigned n, t = 2 + 2*strlen(s);
406
407 if (t > 254)
408 t = 254; /* Longest possible UTF string descriptor */
409 if (len > t)
410 len = t;
411
412 t += USB_DT_STRING << 8; /* Now t is first 16 bits to store */
413
414 n = len;
415 while (n--) {
416 *buf++ = t;
417 if (!n--)
418 break;
419 *buf++ = t >> 8;
420 t = (unsigned char)*s++;
421 }
422 return len;
423}
424
425/**
426 * rh_string() - provides string descriptors for root hub
427 * @id: the string ID number (0: langids, 1: serial #, 2: product, 3: vendor)
428 * @hcd: the host controller for this root hub
429 * @data: buffer for output packet
430 * @len: length of the provided buffer
431 *
432 * Produces either a manufacturer, product or serial number string for the
433 * virtual root hub device.
434 *
435 * Return: The number of bytes filled in: the length of the descriptor or
436 * of the provided buffer, whichever is less.
437 */
438static unsigned
439rh_string(int id, struct usb_hcd const *hcd, u8 *data, unsigned len)
440{
441 char buf[100];
442 char const *s;
443 static char const langids[4] = {4, USB_DT_STRING, 0x09, 0x04};
444
445 /* language ids */
446 switch (id) {
447 case 0:
448 /* Array of LANGID codes (0x0409 is MSFT-speak for "en-us") */
449 /* See http://www.usb.org/developers/docs/USB_LANGIDs.pdf */
450 if (len > 4)
451 len = 4;
452 memcpy(data, langids, len);
453 return len;
454 case 1:
455 /* Serial number */
456 s = hcd->self.bus_name;
457 break;
458 case 2:
459 /* Product name */
460 s = hcd->product_desc;
461 break;
462 case 3:
463 /* Manufacturer */
464 snprintf (buf, sizeof buf, "%s %s %s", init_utsname()->sysname,
465 init_utsname()->release, hcd->driver->description);
466 s = buf;
467 break;
468 default:
469 /* Can't happen; caller guarantees it */
470 return 0;
471 }
472
473 return ascii2desc(s, data, len);
474}
475
476
477/* Root hub control transfers execute synchronously */
478static int rh_call_control (struct usb_hcd *hcd, struct urb *urb)
479{
480 struct usb_ctrlrequest *cmd;
481 u16 typeReq, wValue, wIndex, wLength;
482 u8 *ubuf = urb->transfer_buffer;
483 unsigned len = 0;
484 int status;
485 u8 patch_wakeup = 0;
486 u8 patch_protocol = 0;
487 u16 tbuf_size;
488 u8 *tbuf = NULL;
489 const u8 *bufp;
490
491 might_sleep();
492
493 spin_lock_irq(&hcd_root_hub_lock);
494 status = usb_hcd_link_urb_to_ep(hcd, urb);
495 spin_unlock_irq(&hcd_root_hub_lock);
496 if (status)
497 return status;
498 urb->hcpriv = hcd; /* Indicate it's queued */
499
500 cmd = (struct usb_ctrlrequest *) urb->setup_packet;
501 typeReq = (cmd->bRequestType << 8) | cmd->bRequest;
502 wValue = le16_to_cpu (cmd->wValue);
503 wIndex = le16_to_cpu (cmd->wIndex);
504 wLength = le16_to_cpu (cmd->wLength);
505
506 if (wLength > urb->transfer_buffer_length)
507 goto error;
508
509 /*
510 * tbuf should be at least as big as the
511 * USB hub descriptor.
512 */
513 tbuf_size = max_t(u16, sizeof(struct usb_hub_descriptor), wLength);
514 tbuf = kzalloc(tbuf_size, GFP_KERNEL);
515 if (!tbuf) {
516 status = -ENOMEM;
517 goto err_alloc;
518 }
519
520 bufp = tbuf;
521
522
523 urb->actual_length = 0;
524 switch (typeReq) {
525
526 /* DEVICE REQUESTS */
527
528 /* The root hub's remote wakeup enable bit is implemented using
529 * driver model wakeup flags. If this system supports wakeup
530 * through USB, userspace may change the default "allow wakeup"
531 * policy through sysfs or these calls.
532 *
533 * Most root hubs support wakeup from downstream devices, for
534 * runtime power management (disabling USB clocks and reducing
535 * VBUS power usage). However, not all of them do so; silicon,
536 * board, and BIOS bugs here are not uncommon, so these can't
537 * be treated quite like external hubs.
538 *
539 * Likewise, not all root hubs will pass wakeup events upstream,
540 * to wake up the whole system. So don't assume root hub and
541 * controller capabilities are identical.
542 */
543
544 case DeviceRequest | USB_REQ_GET_STATUS:
545 tbuf[0] = (device_may_wakeup(&hcd->self.root_hub->dev)
546 << USB_DEVICE_REMOTE_WAKEUP)
547 | (1 << USB_DEVICE_SELF_POWERED);
548 tbuf[1] = 0;
549 len = 2;
550 break;
551 case DeviceOutRequest | USB_REQ_CLEAR_FEATURE:
552 if (wValue == USB_DEVICE_REMOTE_WAKEUP)
553 device_set_wakeup_enable(&hcd->self.root_hub->dev, 0);
554 else
555 goto error;
556 break;
557 case DeviceOutRequest | USB_REQ_SET_FEATURE:
558 if (device_can_wakeup(&hcd->self.root_hub->dev)
559 && wValue == USB_DEVICE_REMOTE_WAKEUP)
560 device_set_wakeup_enable(&hcd->self.root_hub->dev, 1);
561 else
562 goto error;
563 break;
564 case DeviceRequest | USB_REQ_GET_CONFIGURATION:
565 tbuf[0] = 1;
566 len = 1;
567 fallthrough;
568 case DeviceOutRequest | USB_REQ_SET_CONFIGURATION:
569 break;
570 case DeviceRequest | USB_REQ_GET_DESCRIPTOR:
571 switch (wValue & 0xff00) {
572 case USB_DT_DEVICE << 8:
573 switch (hcd->speed) {
574 case HCD_USB32:
575 case HCD_USB31:
576 bufp = usb31_rh_dev_descriptor;
577 break;
578 case HCD_USB3:
579 bufp = usb3_rh_dev_descriptor;
580 break;
581 case HCD_USB25:
582 bufp = usb25_rh_dev_descriptor;
583 break;
584 case HCD_USB2:
585 bufp = usb2_rh_dev_descriptor;
586 break;
587 case HCD_USB11:
588 bufp = usb11_rh_dev_descriptor;
589 break;
590 default:
591 goto error;
592 }
593 len = 18;
594 if (hcd->has_tt)
595 patch_protocol = 1;
596 break;
597 case USB_DT_CONFIG << 8:
598 switch (hcd->speed) {
599 case HCD_USB32:
600 case HCD_USB31:
601 case HCD_USB3:
602 bufp = ss_rh_config_descriptor;
603 len = sizeof ss_rh_config_descriptor;
604 break;
605 case HCD_USB25:
606 case HCD_USB2:
607 bufp = hs_rh_config_descriptor;
608 len = sizeof hs_rh_config_descriptor;
609 break;
610 case HCD_USB11:
611 bufp = fs_rh_config_descriptor;
612 len = sizeof fs_rh_config_descriptor;
613 break;
614 default:
615 goto error;
616 }
617 if (device_can_wakeup(&hcd->self.root_hub->dev))
618 patch_wakeup = 1;
619 break;
620 case USB_DT_STRING << 8:
621 if ((wValue & 0xff) < 4)
622 urb->actual_length = rh_string(wValue & 0xff,
623 hcd, ubuf, wLength);
624 else /* unsupported IDs --> "protocol stall" */
625 goto error;
626 break;
627 case USB_DT_BOS << 8:
628 goto nongeneric;
629 default:
630 goto error;
631 }
632 break;
633 case DeviceRequest | USB_REQ_GET_INTERFACE:
634 tbuf[0] = 0;
635 len = 1;
636 fallthrough;
637 case DeviceOutRequest | USB_REQ_SET_INTERFACE:
638 break;
639 case DeviceOutRequest | USB_REQ_SET_ADDRESS:
640 /* wValue == urb->dev->devaddr */
641 dev_dbg (hcd->self.controller, "root hub device address %d\n",
642 wValue);
643 break;
644
645 /* INTERFACE REQUESTS (no defined feature/status flags) */
646
647 /* ENDPOINT REQUESTS */
648
649 case EndpointRequest | USB_REQ_GET_STATUS:
650 /* ENDPOINT_HALT flag */
651 tbuf[0] = 0;
652 tbuf[1] = 0;
653 len = 2;
654 fallthrough;
655 case EndpointOutRequest | USB_REQ_CLEAR_FEATURE:
656 case EndpointOutRequest | USB_REQ_SET_FEATURE:
657 dev_dbg (hcd->self.controller, "no endpoint features yet\n");
658 break;
659
660 /* CLASS REQUESTS (and errors) */
661
662 default:
663nongeneric:
664 /* non-generic request */
665 switch (typeReq) {
666 case GetHubStatus:
667 len = 4;
668 break;
669 case GetPortStatus:
670 if (wValue == HUB_PORT_STATUS)
671 len = 4;
672 else
673 /* other port status types return 8 bytes */
674 len = 8;
675 break;
676 case GetHubDescriptor:
677 len = sizeof (struct usb_hub_descriptor);
678 break;
679 case DeviceRequest | USB_REQ_GET_DESCRIPTOR:
680 /* len is returned by hub_control */
681 break;
682 }
683 status = hcd->driver->hub_control (hcd,
684 typeReq, wValue, wIndex,
685 tbuf, wLength);
686
687 if (typeReq == GetHubDescriptor)
688 usb_hub_adjust_deviceremovable(hcd->self.root_hub,
689 (struct usb_hub_descriptor *)tbuf);
690 break;
691error:
692 /* "protocol stall" on error */
693 status = -EPIPE;
694 }
695
696 if (status < 0) {
697 len = 0;
698 if (status != -EPIPE) {
699 dev_dbg (hcd->self.controller,
700 "CTRL: TypeReq=0x%x val=0x%x "
701 "idx=0x%x len=%d ==> %d\n",
702 typeReq, wValue, wIndex,
703 wLength, status);
704 }
705 } else if (status > 0) {
706 /* hub_control may return the length of data copied. */
707 len = status;
708 status = 0;
709 }
710 if (len) {
711 if (urb->transfer_buffer_length < len)
712 len = urb->transfer_buffer_length;
713 urb->actual_length = len;
714 /* always USB_DIR_IN, toward host */
715 memcpy (ubuf, bufp, len);
716
717 /* report whether RH hardware supports remote wakeup */
718 if (patch_wakeup &&
719 len > offsetof (struct usb_config_descriptor,
720 bmAttributes))
721 ((struct usb_config_descriptor *)ubuf)->bmAttributes
722 |= USB_CONFIG_ATT_WAKEUP;
723
724 /* report whether RH hardware has an integrated TT */
725 if (patch_protocol &&
726 len > offsetof(struct usb_device_descriptor,
727 bDeviceProtocol))
728 ((struct usb_device_descriptor *) ubuf)->
729 bDeviceProtocol = USB_HUB_PR_HS_SINGLE_TT;
730 }
731
732 kfree(tbuf);
733 err_alloc:
734
735 /* any errors get returned through the urb completion */
736 spin_lock_irq(&hcd_root_hub_lock);
737 usb_hcd_unlink_urb_from_ep(hcd, urb);
738 usb_hcd_giveback_urb(hcd, urb, status);
739 spin_unlock_irq(&hcd_root_hub_lock);
740 return 0;
741}
742
743/*-------------------------------------------------------------------------*/
744
745/*
746 * Root Hub interrupt transfers are polled using a timer if the
747 * driver requests it; otherwise the driver is responsible for
748 * calling usb_hcd_poll_rh_status() when an event occurs.
749 *
750 * Completions are called in_interrupt(), but they may or may not
751 * be in_irq().
752 */
753void usb_hcd_poll_rh_status(struct usb_hcd *hcd)
754{
755 struct urb *urb;
756 int length;
757 unsigned long flags;
758 char buffer[6]; /* Any root hubs with > 31 ports? */
759
760 if (unlikely(!hcd->rh_pollable))
761 return;
762 if (!hcd->uses_new_polling && !hcd->status_urb)
763 return;
764
765 length = hcd->driver->hub_status_data(hcd, buffer);
766 if (length > 0) {
767
768 /* try to complete the status urb */
769 spin_lock_irqsave(&hcd_root_hub_lock, flags);
770 urb = hcd->status_urb;
771 if (urb) {
772 clear_bit(HCD_FLAG_POLL_PENDING, &hcd->flags);
773 hcd->status_urb = NULL;
774 urb->actual_length = length;
775 memcpy(urb->transfer_buffer, buffer, length);
776
777 usb_hcd_unlink_urb_from_ep(hcd, urb);
778 usb_hcd_giveback_urb(hcd, urb, 0);
779 } else {
780 length = 0;
781 set_bit(HCD_FLAG_POLL_PENDING, &hcd->flags);
782 }
783 spin_unlock_irqrestore(&hcd_root_hub_lock, flags);
784 }
785
786 /* The USB 2.0 spec says 256 ms. This is close enough and won't
787 * exceed that limit if HZ is 100. The math is more clunky than
788 * maybe expected, this is to make sure that all timers for USB devices
789 * fire at the same time to give the CPU a break in between */
790 if (hcd->uses_new_polling ? HCD_POLL_RH(hcd) :
791 (length == 0 && hcd->status_urb != NULL))
792 mod_timer (&hcd->rh_timer, (jiffies/(HZ/4) + 1) * (HZ/4));
793}
794EXPORT_SYMBOL_GPL(usb_hcd_poll_rh_status);
795
796/* timer callback */
797static void rh_timer_func (struct timer_list *t)
798{
799 struct usb_hcd *_hcd = from_timer(_hcd, t, rh_timer);
800
801 usb_hcd_poll_rh_status(_hcd);
802}
803
804/*-------------------------------------------------------------------------*/
805
806static int rh_queue_status (struct usb_hcd *hcd, struct urb *urb)
807{
808 int retval;
809 unsigned long flags;
810 unsigned len = 1 + (urb->dev->maxchild / 8);
811
812 spin_lock_irqsave (&hcd_root_hub_lock, flags);
813 if (hcd->status_urb || urb->transfer_buffer_length < len) {
814 dev_dbg (hcd->self.controller, "not queuing rh status urb\n");
815 retval = -EINVAL;
816 goto done;
817 }
818
819 retval = usb_hcd_link_urb_to_ep(hcd, urb);
820 if (retval)
821 goto done;
822
823 hcd->status_urb = urb;
824 urb->hcpriv = hcd; /* indicate it's queued */
825 if (!hcd->uses_new_polling)
826 mod_timer(&hcd->rh_timer, (jiffies/(HZ/4) + 1) * (HZ/4));
827
828 /* If a status change has already occurred, report it ASAP */
829 else if (HCD_POLL_PENDING(hcd))
830 mod_timer(&hcd->rh_timer, jiffies);
831 retval = 0;
832 done:
833 spin_unlock_irqrestore (&hcd_root_hub_lock, flags);
834 return retval;
835}
836
837static int rh_urb_enqueue (struct usb_hcd *hcd, struct urb *urb)
838{
839 if (usb_endpoint_xfer_int(&urb->ep->desc))
840 return rh_queue_status (hcd, urb);
841 if (usb_endpoint_xfer_control(&urb->ep->desc))
842 return rh_call_control (hcd, urb);
843 return -EINVAL;
844}
845
846/*-------------------------------------------------------------------------*/
847
848/* Unlinks of root-hub control URBs are legal, but they don't do anything
849 * since these URBs always execute synchronously.
850 */
851static int usb_rh_urb_dequeue(struct usb_hcd *hcd, struct urb *urb, int status)
852{
853 unsigned long flags;
854 int rc;
855
856 spin_lock_irqsave(&hcd_root_hub_lock, flags);
857 rc = usb_hcd_check_unlink_urb(hcd, urb, status);
858 if (rc)
859 goto done;
860
861 if (usb_endpoint_num(&urb->ep->desc) == 0) { /* Control URB */
862 ; /* Do nothing */
863
864 } else { /* Status URB */
865 if (!hcd->uses_new_polling)
866 del_timer (&hcd->rh_timer);
867 if (urb == hcd->status_urb) {
868 hcd->status_urb = NULL;
869 usb_hcd_unlink_urb_from_ep(hcd, urb);
870 usb_hcd_giveback_urb(hcd, urb, status);
871 }
872 }
873 done:
874 spin_unlock_irqrestore(&hcd_root_hub_lock, flags);
875 return rc;
876}
877
878
879/*-------------------------------------------------------------------------*/
880
881/**
882 * usb_bus_init - shared initialization code
883 * @bus: the bus structure being initialized
884 *
885 * This code is used to initialize a usb_bus structure, memory for which is
886 * separately managed.
887 */
888static void usb_bus_init (struct usb_bus *bus)
889{
890 memset (&bus->devmap, 0, sizeof(struct usb_devmap));
891
892 bus->devnum_next = 1;
893
894 bus->root_hub = NULL;
895 bus->busnum = -1;
896 bus->bandwidth_allocated = 0;
897 bus->bandwidth_int_reqs = 0;
898 bus->bandwidth_isoc_reqs = 0;
899 mutex_init(&bus->devnum_next_mutex);
900}
901
902/*-------------------------------------------------------------------------*/
903
904/**
905 * usb_register_bus - registers the USB host controller with the usb core
906 * @bus: pointer to the bus to register
907 * Context: !in_interrupt()
908 *
909 * Assigns a bus number, and links the controller into usbcore data
910 * structures so that it can be seen by scanning the bus list.
911 *
912 * Return: 0 if successful. A negative error code otherwise.
913 */
914static int usb_register_bus(struct usb_bus *bus)
915{
916 int result = -E2BIG;
917 int busnum;
918
919 mutex_lock(&usb_bus_idr_lock);
920 busnum = idr_alloc(&usb_bus_idr, bus, 1, USB_MAXBUS, GFP_KERNEL);
921 if (busnum < 0) {
922 pr_err("%s: failed to get bus number\n", usbcore_name);
923 goto error_find_busnum;
924 }
925 bus->busnum = busnum;
926 mutex_unlock(&usb_bus_idr_lock);
927
928 usb_notify_add_bus(bus);
929
930 dev_info (bus->controller, "new USB bus registered, assigned bus "
931 "number %d\n", bus->busnum);
932 return 0;
933
934error_find_busnum:
935 mutex_unlock(&usb_bus_idr_lock);
936 return result;
937}
938
939/**
940 * usb_deregister_bus - deregisters the USB host controller
941 * @bus: pointer to the bus to deregister
942 * Context: !in_interrupt()
943 *
944 * Recycles the bus number, and unlinks the controller from usbcore data
945 * structures so that it won't be seen by scanning the bus list.
946 */
947static void usb_deregister_bus (struct usb_bus *bus)
948{
949 dev_info (bus->controller, "USB bus %d deregistered\n", bus->busnum);
950
951 /*
952 * NOTE: make sure that all the devices are removed by the
953 * controller code, as well as having it call this when cleaning
954 * itself up
955 */
956 mutex_lock(&usb_bus_idr_lock);
957 idr_remove(&usb_bus_idr, bus->busnum);
958 mutex_unlock(&usb_bus_idr_lock);
959
960 usb_notify_remove_bus(bus);
961}
962
963/**
964 * register_root_hub - called by usb_add_hcd() to register a root hub
965 * @hcd: host controller for this root hub
966 *
967 * This function registers the root hub with the USB subsystem. It sets up
968 * the device properly in the device tree and then calls usb_new_device()
969 * to register the usb device. It also assigns the root hub's USB address
970 * (always 1).
971 *
972 * Return: 0 if successful. A negative error code otherwise.
973 */
974static int register_root_hub(struct usb_hcd *hcd)
975{
976 struct device *parent_dev = hcd->self.controller;
977 struct usb_device *usb_dev = hcd->self.root_hub;
978 const int devnum = 1;
979 int retval;
980
981 usb_dev->devnum = devnum;
982 usb_dev->bus->devnum_next = devnum + 1;
983 set_bit (devnum, usb_dev->bus->devmap.devicemap);
984 usb_set_device_state(usb_dev, USB_STATE_ADDRESS);
985
986 mutex_lock(&usb_bus_idr_lock);
987
988 usb_dev->ep0.desc.wMaxPacketSize = cpu_to_le16(64);
989 retval = usb_get_device_descriptor(usb_dev, USB_DT_DEVICE_SIZE);
990 if (retval != sizeof usb_dev->descriptor) {
991 mutex_unlock(&usb_bus_idr_lock);
992 dev_dbg (parent_dev, "can't read %s device descriptor %d\n",
993 dev_name(&usb_dev->dev), retval);
994 return (retval < 0) ? retval : -EMSGSIZE;
995 }
996
997 if (le16_to_cpu(usb_dev->descriptor.bcdUSB) >= 0x0201) {
998 retval = usb_get_bos_descriptor(usb_dev);
999 if (!retval) {
1000 usb_dev->lpm_capable = usb_device_supports_lpm(usb_dev);
1001 } else if (usb_dev->speed >= USB_SPEED_SUPER) {
1002 mutex_unlock(&usb_bus_idr_lock);
1003 dev_dbg(parent_dev, "can't read %s bos descriptor %d\n",
1004 dev_name(&usb_dev->dev), retval);
1005 return retval;
1006 }
1007 }
1008
1009 retval = usb_new_device (usb_dev);
1010 if (retval) {
1011 dev_err (parent_dev, "can't register root hub for %s, %d\n",
1012 dev_name(&usb_dev->dev), retval);
1013 } else {
1014 spin_lock_irq (&hcd_root_hub_lock);
1015 hcd->rh_registered = 1;
1016 spin_unlock_irq (&hcd_root_hub_lock);
1017
1018 /* Did the HC die before the root hub was registered? */
1019 if (HCD_DEAD(hcd))
1020 usb_hc_died (hcd); /* This time clean up */
1021 }
1022 mutex_unlock(&usb_bus_idr_lock);
1023
1024 return retval;
1025}
1026
1027/*
1028 * usb_hcd_start_port_resume - a root-hub port is sending a resume signal
1029 * @bus: the bus which the root hub belongs to
1030 * @portnum: the port which is being resumed
1031 *
1032 * HCDs should call this function when they know that a resume signal is
1033 * being sent to a root-hub port. The root hub will be prevented from
1034 * going into autosuspend until usb_hcd_end_port_resume() is called.
1035 *
1036 * The bus's private lock must be held by the caller.
1037 */
1038void usb_hcd_start_port_resume(struct usb_bus *bus, int portnum)
1039{
1040 unsigned bit = 1 << portnum;
1041
1042 if (!(bus->resuming_ports & bit)) {
1043 bus->resuming_ports |= bit;
1044 pm_runtime_get_noresume(&bus->root_hub->dev);
1045 }
1046}
1047EXPORT_SYMBOL_GPL(usb_hcd_start_port_resume);
1048
1049/*
1050 * usb_hcd_end_port_resume - a root-hub port has stopped sending a resume signal
1051 * @bus: the bus which the root hub belongs to
1052 * @portnum: the port which is being resumed
1053 *
1054 * HCDs should call this function when they know that a resume signal has
1055 * stopped being sent to a root-hub port. The root hub will be allowed to
1056 * autosuspend again.
1057 *
1058 * The bus's private lock must be held by the caller.
1059 */
1060void usb_hcd_end_port_resume(struct usb_bus *bus, int portnum)
1061{
1062 unsigned bit = 1 << portnum;
1063
1064 if (bus->resuming_ports & bit) {
1065 bus->resuming_ports &= ~bit;
1066 pm_runtime_put_noidle(&bus->root_hub->dev);
1067 }
1068}
1069EXPORT_SYMBOL_GPL(usb_hcd_end_port_resume);
1070
1071/*-------------------------------------------------------------------------*/
1072
1073/**
1074 * usb_calc_bus_time - approximate periodic transaction time in nanoseconds
1075 * @speed: from dev->speed; USB_SPEED_{LOW,FULL,HIGH}
1076 * @is_input: true iff the transaction sends data to the host
1077 * @isoc: true for isochronous transactions, false for interrupt ones
1078 * @bytecount: how many bytes in the transaction.
1079 *
1080 * Return: Approximate bus time in nanoseconds for a periodic transaction.
1081 *
1082 * Note:
1083 * See USB 2.0 spec section 5.11.3; only periodic transfers need to be
1084 * scheduled in software, this function is only used for such scheduling.
1085 */
1086long usb_calc_bus_time (int speed, int is_input, int isoc, int bytecount)
1087{
1088 unsigned long tmp;
1089
1090 switch (speed) {
1091 case USB_SPEED_LOW: /* INTR only */
1092 if (is_input) {
1093 tmp = (67667L * (31L + 10L * BitTime (bytecount))) / 1000L;
1094 return 64060L + (2 * BW_HUB_LS_SETUP) + BW_HOST_DELAY + tmp;
1095 } else {
1096 tmp = (66700L * (31L + 10L * BitTime (bytecount))) / 1000L;
1097 return 64107L + (2 * BW_HUB_LS_SETUP) + BW_HOST_DELAY + tmp;
1098 }
1099 case USB_SPEED_FULL: /* ISOC or INTR */
1100 if (isoc) {
1101 tmp = (8354L * (31L + 10L * BitTime (bytecount))) / 1000L;
1102 return ((is_input) ? 7268L : 6265L) + BW_HOST_DELAY + tmp;
1103 } else {
1104 tmp = (8354L * (31L + 10L * BitTime (bytecount))) / 1000L;
1105 return 9107L + BW_HOST_DELAY + tmp;
1106 }
1107 case USB_SPEED_HIGH: /* ISOC or INTR */
1108 /* FIXME adjust for input vs output */
1109 if (isoc)
1110 tmp = HS_NSECS_ISO (bytecount);
1111 else
1112 tmp = HS_NSECS (bytecount);
1113 return tmp;
1114 default:
1115 pr_debug ("%s: bogus device speed!\n", usbcore_name);
1116 return -1;
1117 }
1118}
1119EXPORT_SYMBOL_GPL(usb_calc_bus_time);
1120
1121
1122/*-------------------------------------------------------------------------*/
1123
1124/*
1125 * Generic HC operations.
1126 */
1127
1128/*-------------------------------------------------------------------------*/
1129
1130/**
1131 * usb_hcd_link_urb_to_ep - add an URB to its endpoint queue
1132 * @hcd: host controller to which @urb was submitted
1133 * @urb: URB being submitted
1134 *
1135 * Host controller drivers should call this routine in their enqueue()
1136 * method. The HCD's private spinlock must be held and interrupts must
1137 * be disabled. The actions carried out here are required for URB
1138 * submission, as well as for endpoint shutdown and for usb_kill_urb.
1139 *
1140 * Return: 0 for no error, otherwise a negative error code (in which case
1141 * the enqueue() method must fail). If no error occurs but enqueue() fails
1142 * anyway, it must call usb_hcd_unlink_urb_from_ep() before releasing
1143 * the private spinlock and returning.
1144 */
1145int usb_hcd_link_urb_to_ep(struct usb_hcd *hcd, struct urb *urb)
1146{
1147 int rc = 0;
1148
1149 spin_lock(&hcd_urb_list_lock);
1150
1151 /* Check that the URB isn't being killed */
1152 if (unlikely(atomic_read(&urb->reject))) {
1153 rc = -EPERM;
1154 goto done;
1155 }
1156
1157 if (unlikely(!urb->ep->enabled)) {
1158 rc = -ENOENT;
1159 goto done;
1160 }
1161
1162 if (unlikely(!urb->dev->can_submit)) {
1163 rc = -EHOSTUNREACH;
1164 goto done;
1165 }
1166
1167 /*
1168 * Check the host controller's state and add the URB to the
1169 * endpoint's queue.
1170 */
1171 if (HCD_RH_RUNNING(hcd)) {
1172 urb->unlinked = 0;
1173 list_add_tail(&urb->urb_list, &urb->ep->urb_list);
1174 } else {
1175 rc = -ESHUTDOWN;
1176 goto done;
1177 }
1178 done:
1179 spin_unlock(&hcd_urb_list_lock);
1180 return rc;
1181}
1182EXPORT_SYMBOL_GPL(usb_hcd_link_urb_to_ep);
1183
1184/**
1185 * usb_hcd_check_unlink_urb - check whether an URB may be unlinked
1186 * @hcd: host controller to which @urb was submitted
1187 * @urb: URB being checked for unlinkability
1188 * @status: error code to store in @urb if the unlink succeeds
1189 *
1190 * Host controller drivers should call this routine in their dequeue()
1191 * method. The HCD's private spinlock must be held and interrupts must
1192 * be disabled. The actions carried out here are required for making
1193 * sure than an unlink is valid.
1194 *
1195 * Return: 0 for no error, otherwise a negative error code (in which case
1196 * the dequeue() method must fail). The possible error codes are:
1197 *
1198 * -EIDRM: @urb was not submitted or has already completed.
1199 * The completion function may not have been called yet.
1200 *
1201 * -EBUSY: @urb has already been unlinked.
1202 */
1203int usb_hcd_check_unlink_urb(struct usb_hcd *hcd, struct urb *urb,
1204 int status)
1205{
1206 struct list_head *tmp;
1207
1208 /* insist the urb is still queued */
1209 list_for_each(tmp, &urb->ep->urb_list) {
1210 if (tmp == &urb->urb_list)
1211 break;
1212 }
1213 if (tmp != &urb->urb_list)
1214 return -EIDRM;
1215
1216 /* Any status except -EINPROGRESS means something already started to
1217 * unlink this URB from the hardware. So there's no more work to do.
1218 */
1219 if (urb->unlinked)
1220 return -EBUSY;
1221 urb->unlinked = status;
1222 return 0;
1223}
1224EXPORT_SYMBOL_GPL(usb_hcd_check_unlink_urb);
1225
1226/**
1227 * usb_hcd_unlink_urb_from_ep - remove an URB from its endpoint queue
1228 * @hcd: host controller to which @urb was submitted
1229 * @urb: URB being unlinked
1230 *
1231 * Host controller drivers should call this routine before calling
1232 * usb_hcd_giveback_urb(). The HCD's private spinlock must be held and
1233 * interrupts must be disabled. The actions carried out here are required
1234 * for URB completion.
1235 */
1236void usb_hcd_unlink_urb_from_ep(struct usb_hcd *hcd, struct urb *urb)
1237{
1238 /* clear all state linking urb to this dev (and hcd) */
1239 spin_lock(&hcd_urb_list_lock);
1240 list_del_init(&urb->urb_list);
1241 spin_unlock(&hcd_urb_list_lock);
1242}
1243EXPORT_SYMBOL_GPL(usb_hcd_unlink_urb_from_ep);
1244
1245/*
1246 * Some usb host controllers can only perform dma using a small SRAM area.
1247 * The usb core itself is however optimized for host controllers that can dma
1248 * using regular system memory - like pci devices doing bus mastering.
1249 *
1250 * To support host controllers with limited dma capabilities we provide dma
1251 * bounce buffers. This feature can be enabled by initializing
1252 * hcd->localmem_pool using usb_hcd_setup_local_mem().
1253 *
1254 * The initialized hcd->localmem_pool then tells the usb code to allocate all
1255 * data for dma using the genalloc API.
1256 *
1257 * So, to summarize...
1258 *
1259 * - We need "local" memory, canonical example being
1260 * a small SRAM on a discrete controller being the
1261 * only memory that the controller can read ...
1262 * (a) "normal" kernel memory is no good, and
1263 * (b) there's not enough to share
1264 *
1265 * - So we use that, even though the primary requirement
1266 * is that the memory be "local" (hence addressable
1267 * by that device), not "coherent".
1268 *
1269 */
1270
1271static int hcd_alloc_coherent(struct usb_bus *bus,
1272 gfp_t mem_flags, dma_addr_t *dma_handle,
1273 void **vaddr_handle, size_t size,
1274 enum dma_data_direction dir)
1275{
1276 unsigned char *vaddr;
1277
1278 if (*vaddr_handle == NULL) {
1279 WARN_ON_ONCE(1);
1280 return -EFAULT;
1281 }
1282
1283 vaddr = hcd_buffer_alloc(bus, size + sizeof(vaddr),
1284 mem_flags, dma_handle);
1285 if (!vaddr)
1286 return -ENOMEM;
1287
1288 /*
1289 * Store the virtual address of the buffer at the end
1290 * of the allocated dma buffer. The size of the buffer
1291 * may be uneven so use unaligned functions instead
1292 * of just rounding up. It makes sense to optimize for
1293 * memory footprint over access speed since the amount
1294 * of memory available for dma may be limited.
1295 */
1296 put_unaligned((unsigned long)*vaddr_handle,
1297 (unsigned long *)(vaddr + size));
1298
1299 if (dir == DMA_TO_DEVICE)
1300 memcpy(vaddr, *vaddr_handle, size);
1301
1302 *vaddr_handle = vaddr;
1303 return 0;
1304}
1305
1306static void hcd_free_coherent(struct usb_bus *bus, dma_addr_t *dma_handle,
1307 void **vaddr_handle, size_t size,
1308 enum dma_data_direction dir)
1309{
1310 unsigned char *vaddr = *vaddr_handle;
1311
1312 vaddr = (void *)get_unaligned((unsigned long *)(vaddr + size));
1313
1314 if (dir == DMA_FROM_DEVICE)
1315 memcpy(vaddr, *vaddr_handle, size);
1316
1317 hcd_buffer_free(bus, size + sizeof(vaddr), *vaddr_handle, *dma_handle);
1318
1319 *vaddr_handle = vaddr;
1320 *dma_handle = 0;
1321}
1322
1323void usb_hcd_unmap_urb_setup_for_dma(struct usb_hcd *hcd, struct urb *urb)
1324{
1325 if (IS_ENABLED(CONFIG_HAS_DMA) &&
1326 (urb->transfer_flags & URB_SETUP_MAP_SINGLE))
1327 dma_unmap_single(hcd->self.sysdev,
1328 urb->setup_dma,
1329 sizeof(struct usb_ctrlrequest),
1330 DMA_TO_DEVICE);
1331 else if (urb->transfer_flags & URB_SETUP_MAP_LOCAL)
1332 hcd_free_coherent(urb->dev->bus,
1333 &urb->setup_dma,
1334 (void **) &urb->setup_packet,
1335 sizeof(struct usb_ctrlrequest),
1336 DMA_TO_DEVICE);
1337
1338 /* Make it safe to call this routine more than once */
1339 urb->transfer_flags &= ~(URB_SETUP_MAP_SINGLE | URB_SETUP_MAP_LOCAL);
1340}
1341EXPORT_SYMBOL_GPL(usb_hcd_unmap_urb_setup_for_dma);
1342
1343static void unmap_urb_for_dma(struct usb_hcd *hcd, struct urb *urb)
1344{
1345 if (hcd->driver->unmap_urb_for_dma)
1346 hcd->driver->unmap_urb_for_dma(hcd, urb);
1347 else
1348 usb_hcd_unmap_urb_for_dma(hcd, urb);
1349}
1350
1351void usb_hcd_unmap_urb_for_dma(struct usb_hcd *hcd, struct urb *urb)
1352{
1353 enum dma_data_direction dir;
1354
1355 usb_hcd_unmap_urb_setup_for_dma(hcd, urb);
1356
1357 dir = usb_urb_dir_in(urb) ? DMA_FROM_DEVICE : DMA_TO_DEVICE;
1358 if (IS_ENABLED(CONFIG_HAS_DMA) &&
1359 (urb->transfer_flags & URB_DMA_MAP_SG))
1360 dma_unmap_sg(hcd->self.sysdev,
1361 urb->sg,
1362 urb->num_sgs,
1363 dir);
1364 else if (IS_ENABLED(CONFIG_HAS_DMA) &&
1365 (urb->transfer_flags & URB_DMA_MAP_PAGE))
1366 dma_unmap_page(hcd->self.sysdev,
1367 urb->transfer_dma,
1368 urb->transfer_buffer_length,
1369 dir);
1370 else if (IS_ENABLED(CONFIG_HAS_DMA) &&
1371 (urb->transfer_flags & URB_DMA_MAP_SINGLE))
1372 dma_unmap_single(hcd->self.sysdev,
1373 urb->transfer_dma,
1374 urb->transfer_buffer_length,
1375 dir);
1376 else if (urb->transfer_flags & URB_MAP_LOCAL)
1377 hcd_free_coherent(urb->dev->bus,
1378 &urb->transfer_dma,
1379 &urb->transfer_buffer,
1380 urb->transfer_buffer_length,
1381 dir);
1382
1383 /* Make it safe to call this routine more than once */
1384 urb->transfer_flags &= ~(URB_DMA_MAP_SG | URB_DMA_MAP_PAGE |
1385 URB_DMA_MAP_SINGLE | URB_MAP_LOCAL);
1386}
1387EXPORT_SYMBOL_GPL(usb_hcd_unmap_urb_for_dma);
1388
1389static int map_urb_for_dma(struct usb_hcd *hcd, struct urb *urb,
1390 gfp_t mem_flags)
1391{
1392 if (hcd->driver->map_urb_for_dma)
1393 return hcd->driver->map_urb_for_dma(hcd, urb, mem_flags);
1394 else
1395 return usb_hcd_map_urb_for_dma(hcd, urb, mem_flags);
1396}
1397
1398int usb_hcd_map_urb_for_dma(struct usb_hcd *hcd, struct urb *urb,
1399 gfp_t mem_flags)
1400{
1401 enum dma_data_direction dir;
1402 int ret = 0;
1403
1404 /* Map the URB's buffers for DMA access.
1405 * Lower level HCD code should use *_dma exclusively,
1406 * unless it uses pio or talks to another transport,
1407 * or uses the provided scatter gather list for bulk.
1408 */
1409
1410 if (usb_endpoint_xfer_control(&urb->ep->desc)) {
1411 if (hcd->self.uses_pio_for_control)
1412 return ret;
1413 if (hcd->localmem_pool) {
1414 ret = hcd_alloc_coherent(
1415 urb->dev->bus, mem_flags,
1416 &urb->setup_dma,
1417 (void **)&urb->setup_packet,
1418 sizeof(struct usb_ctrlrequest),
1419 DMA_TO_DEVICE);
1420 if (ret)
1421 return ret;
1422 urb->transfer_flags |= URB_SETUP_MAP_LOCAL;
1423 } else if (hcd_uses_dma(hcd)) {
1424 if (object_is_on_stack(urb->setup_packet)) {
1425 WARN_ONCE(1, "setup packet is on stack\n");
1426 return -EAGAIN;
1427 }
1428
1429 urb->setup_dma = dma_map_single(
1430 hcd->self.sysdev,
1431 urb->setup_packet,
1432 sizeof(struct usb_ctrlrequest),
1433 DMA_TO_DEVICE);
1434 if (dma_mapping_error(hcd->self.sysdev,
1435 urb->setup_dma))
1436 return -EAGAIN;
1437 urb->transfer_flags |= URB_SETUP_MAP_SINGLE;
1438 }
1439 }
1440
1441 dir = usb_urb_dir_in(urb) ? DMA_FROM_DEVICE : DMA_TO_DEVICE;
1442 if (urb->transfer_buffer_length != 0
1443 && !(urb->transfer_flags & URB_NO_TRANSFER_DMA_MAP)) {
1444 if (hcd->localmem_pool) {
1445 ret = hcd_alloc_coherent(
1446 urb->dev->bus, mem_flags,
1447 &urb->transfer_dma,
1448 &urb->transfer_buffer,
1449 urb->transfer_buffer_length,
1450 dir);
1451 if (ret == 0)
1452 urb->transfer_flags |= URB_MAP_LOCAL;
1453 } else if (hcd_uses_dma(hcd)) {
1454 if (urb->num_sgs) {
1455 int n;
1456
1457 /* We don't support sg for isoc transfers ! */
1458 if (usb_endpoint_xfer_isoc(&urb->ep->desc)) {
1459 WARN_ON(1);
1460 return -EINVAL;
1461 }
1462
1463 n = dma_map_sg(
1464 hcd->self.sysdev,
1465 urb->sg,
1466 urb->num_sgs,
1467 dir);
1468 if (n <= 0)
1469 ret = -EAGAIN;
1470 else
1471 urb->transfer_flags |= URB_DMA_MAP_SG;
1472 urb->num_mapped_sgs = n;
1473 if (n != urb->num_sgs)
1474 urb->transfer_flags |=
1475 URB_DMA_SG_COMBINED;
1476 } else if (urb->sg) {
1477 struct scatterlist *sg = urb->sg;
1478 urb->transfer_dma = dma_map_page(
1479 hcd->self.sysdev,
1480 sg_page(sg),
1481 sg->offset,
1482 urb->transfer_buffer_length,
1483 dir);
1484 if (dma_mapping_error(hcd->self.sysdev,
1485 urb->transfer_dma))
1486 ret = -EAGAIN;
1487 else
1488 urb->transfer_flags |= URB_DMA_MAP_PAGE;
1489 } else if (object_is_on_stack(urb->transfer_buffer)) {
1490 WARN_ONCE(1, "transfer buffer is on stack\n");
1491 ret = -EAGAIN;
1492 } else {
1493 urb->transfer_dma = dma_map_single(
1494 hcd->self.sysdev,
1495 urb->transfer_buffer,
1496 urb->transfer_buffer_length,
1497 dir);
1498 if (dma_mapping_error(hcd->self.sysdev,
1499 urb->transfer_dma))
1500 ret = -EAGAIN;
1501 else
1502 urb->transfer_flags |= URB_DMA_MAP_SINGLE;
1503 }
1504 }
1505 if (ret && (urb->transfer_flags & (URB_SETUP_MAP_SINGLE |
1506 URB_SETUP_MAP_LOCAL)))
1507 usb_hcd_unmap_urb_for_dma(hcd, urb);
1508 }
1509 return ret;
1510}
1511EXPORT_SYMBOL_GPL(usb_hcd_map_urb_for_dma);
1512
1513/*-------------------------------------------------------------------------*/
1514
1515/* may be called in any context with a valid urb->dev usecount
1516 * caller surrenders "ownership" of urb
1517 * expects usb_submit_urb() to have sanity checked and conditioned all
1518 * inputs in the urb
1519 */
1520int usb_hcd_submit_urb (struct urb *urb, gfp_t mem_flags)
1521{
1522 int status;
1523 struct usb_hcd *hcd = bus_to_hcd(urb->dev->bus);
1524
1525 /* increment urb's reference count as part of giving it to the HCD
1526 * (which will control it). HCD guarantees that it either returns
1527 * an error or calls giveback(), but not both.
1528 */
1529 usb_get_urb(urb);
1530 atomic_inc(&urb->use_count);
1531 atomic_inc(&urb->dev->urbnum);
1532 usbmon_urb_submit(&hcd->self, urb);
1533
1534 /* NOTE requirements on root-hub callers (usbfs and the hub
1535 * driver, for now): URBs' urb->transfer_buffer must be
1536 * valid and usb_buffer_{sync,unmap}() not be needed, since
1537 * they could clobber root hub response data. Also, control
1538 * URBs must be submitted in process context with interrupts
1539 * enabled.
1540 */
1541
1542 if (is_root_hub(urb->dev)) {
1543 status = rh_urb_enqueue(hcd, urb);
1544 } else {
1545 status = map_urb_for_dma(hcd, urb, mem_flags);
1546 if (likely(status == 0)) {
1547 status = hcd->driver->urb_enqueue(hcd, urb, mem_flags);
1548 if (unlikely(status))
1549 unmap_urb_for_dma(hcd, urb);
1550 }
1551 }
1552
1553 if (unlikely(status)) {
1554 usbmon_urb_submit_error(&hcd->self, urb, status);
1555 urb->hcpriv = NULL;
1556 INIT_LIST_HEAD(&urb->urb_list);
1557 atomic_dec(&urb->use_count);
1558 atomic_dec(&urb->dev->urbnum);
1559 if (atomic_read(&urb->reject))
1560 wake_up(&usb_kill_urb_queue);
1561 usb_put_urb(urb);
1562 }
1563 return status;
1564}
1565
1566/*-------------------------------------------------------------------------*/
1567
1568/* this makes the hcd giveback() the urb more quickly, by kicking it
1569 * off hardware queues (which may take a while) and returning it as
1570 * soon as practical. we've already set up the urb's return status,
1571 * but we can't know if the callback completed already.
1572 */
1573static int unlink1(struct usb_hcd *hcd, struct urb *urb, int status)
1574{
1575 int value;
1576
1577 if (is_root_hub(urb->dev))
1578 value = usb_rh_urb_dequeue(hcd, urb, status);
1579 else {
1580
1581 /* The only reason an HCD might fail this call is if
1582 * it has not yet fully queued the urb to begin with.
1583 * Such failures should be harmless. */
1584 value = hcd->driver->urb_dequeue(hcd, urb, status);
1585 }
1586 return value;
1587}
1588
1589/*
1590 * called in any context
1591 *
1592 * caller guarantees urb won't be recycled till both unlink()
1593 * and the urb's completion function return
1594 */
1595int usb_hcd_unlink_urb (struct urb *urb, int status)
1596{
1597 struct usb_hcd *hcd;
1598 struct usb_device *udev = urb->dev;
1599 int retval = -EIDRM;
1600 unsigned long flags;
1601
1602 /* Prevent the device and bus from going away while
1603 * the unlink is carried out. If they are already gone
1604 * then urb->use_count must be 0, since disconnected
1605 * devices can't have any active URBs.
1606 */
1607 spin_lock_irqsave(&hcd_urb_unlink_lock, flags);
1608 if (atomic_read(&urb->use_count) > 0) {
1609 retval = 0;
1610 usb_get_dev(udev);
1611 }
1612 spin_unlock_irqrestore(&hcd_urb_unlink_lock, flags);
1613 if (retval == 0) {
1614 hcd = bus_to_hcd(urb->dev->bus);
1615 retval = unlink1(hcd, urb, status);
1616 if (retval == 0)
1617 retval = -EINPROGRESS;
1618 else if (retval != -EIDRM && retval != -EBUSY)
1619 dev_dbg(&udev->dev, "hcd_unlink_urb %pK fail %d\n",
1620 urb, retval);
1621 usb_put_dev(udev);
1622 }
1623 return retval;
1624}
1625
1626/*-------------------------------------------------------------------------*/
1627
1628static void __usb_hcd_giveback_urb(struct urb *urb)
1629{
1630 struct usb_hcd *hcd = bus_to_hcd(urb->dev->bus);
1631 struct usb_anchor *anchor = urb->anchor;
1632 int status = urb->unlinked;
1633
1634 urb->hcpriv = NULL;
1635 if (unlikely((urb->transfer_flags & URB_SHORT_NOT_OK) &&
1636 urb->actual_length < urb->transfer_buffer_length &&
1637 !status))
1638 status = -EREMOTEIO;
1639
1640 unmap_urb_for_dma(hcd, urb);
1641 usbmon_urb_complete(&hcd->self, urb, status);
1642 usb_anchor_suspend_wakeups(anchor);
1643 usb_unanchor_urb(urb);
1644 if (likely(status == 0))
1645 usb_led_activity(USB_LED_EVENT_HOST);
1646
1647 /* pass ownership to the completion handler */
1648 urb->status = status;
1649 kcov_remote_start_usb((u64)urb->dev->bus->busnum);
1650 urb->complete(urb);
1651 kcov_remote_stop();
1652
1653 usb_anchor_resume_wakeups(anchor);
1654 atomic_dec(&urb->use_count);
1655 if (unlikely(atomic_read(&urb->reject)))
1656 wake_up(&usb_kill_urb_queue);
1657 usb_put_urb(urb);
1658}
1659
1660static void usb_giveback_urb_bh(unsigned long param)
1661{
1662 struct giveback_urb_bh *bh = (struct giveback_urb_bh *)param;
1663 struct list_head local_list;
1664
1665 spin_lock_irq(&bh->lock);
1666 bh->running = true;
1667 restart:
1668 list_replace_init(&bh->head, &local_list);
1669 spin_unlock_irq(&bh->lock);
1670
1671 while (!list_empty(&local_list)) {
1672 struct urb *urb;
1673
1674 urb = list_entry(local_list.next, struct urb, urb_list);
1675 list_del_init(&urb->urb_list);
1676 bh->completing_ep = urb->ep;
1677 __usb_hcd_giveback_urb(urb);
1678 bh->completing_ep = NULL;
1679 }
1680
1681 /* check if there are new URBs to giveback */
1682 spin_lock_irq(&bh->lock);
1683 if (!list_empty(&bh->head))
1684 goto restart;
1685 bh->running = false;
1686 spin_unlock_irq(&bh->lock);
1687}
1688
1689/**
1690 * usb_hcd_giveback_urb - return URB from HCD to device driver
1691 * @hcd: host controller returning the URB
1692 * @urb: urb being returned to the USB device driver.
1693 * @status: completion status code for the URB.
1694 * Context: in_interrupt()
1695 *
1696 * This hands the URB from HCD to its USB device driver, using its
1697 * completion function. The HCD has freed all per-urb resources
1698 * (and is done using urb->hcpriv). It also released all HCD locks;
1699 * the device driver won't cause problems if it frees, modifies,
1700 * or resubmits this URB.
1701 *
1702 * If @urb was unlinked, the value of @status will be overridden by
1703 * @urb->unlinked. Erroneous short transfers are detected in case
1704 * the HCD hasn't checked for them.
1705 */
1706void usb_hcd_giveback_urb(struct usb_hcd *hcd, struct urb *urb, int status)
1707{
1708 struct giveback_urb_bh *bh;
1709 bool running, high_prio_bh;
1710
1711 /* pass status to tasklet via unlinked */
1712 if (likely(!urb->unlinked))
1713 urb->unlinked = status;
1714
1715 if (!hcd_giveback_urb_in_bh(hcd) && !is_root_hub(urb->dev)) {
1716 __usb_hcd_giveback_urb(urb);
1717 return;
1718 }
1719
1720 if (usb_pipeisoc(urb->pipe) || usb_pipeint(urb->pipe)) {
1721 bh = &hcd->high_prio_bh;
1722 high_prio_bh = true;
1723 } else {
1724 bh = &hcd->low_prio_bh;
1725 high_prio_bh = false;
1726 }
1727
1728 spin_lock(&bh->lock);
1729 list_add_tail(&urb->urb_list, &bh->head);
1730 running = bh->running;
1731 spin_unlock(&bh->lock);
1732
1733 if (running)
1734 ;
1735 else if (high_prio_bh)
1736 tasklet_hi_schedule(&bh->bh);
1737 else
1738 tasklet_schedule(&bh->bh);
1739}
1740EXPORT_SYMBOL_GPL(usb_hcd_giveback_urb);
1741
1742/*-------------------------------------------------------------------------*/
1743
1744/* Cancel all URBs pending on this endpoint and wait for the endpoint's
1745 * queue to drain completely. The caller must first insure that no more
1746 * URBs can be submitted for this endpoint.
1747 */
1748void usb_hcd_flush_endpoint(struct usb_device *udev,
1749 struct usb_host_endpoint *ep)
1750{
1751 struct usb_hcd *hcd;
1752 struct urb *urb;
1753
1754 if (!ep)
1755 return;
1756 might_sleep();
1757 hcd = bus_to_hcd(udev->bus);
1758
1759 /* No more submits can occur */
1760 spin_lock_irq(&hcd_urb_list_lock);
1761rescan:
1762 list_for_each_entry_reverse(urb, &ep->urb_list, urb_list) {
1763 int is_in;
1764
1765 if (urb->unlinked)
1766 continue;
1767 usb_get_urb (urb);
1768 is_in = usb_urb_dir_in(urb);
1769 spin_unlock(&hcd_urb_list_lock);
1770
1771 /* kick hcd */
1772 unlink1(hcd, urb, -ESHUTDOWN);
1773 dev_dbg (hcd->self.controller,
1774 "shutdown urb %pK ep%d%s-%s\n",
1775 urb, usb_endpoint_num(&ep->desc),
1776 is_in ? "in" : "out",
1777 usb_ep_type_string(usb_endpoint_type(&ep->desc)));
1778 usb_put_urb (urb);
1779
1780 /* list contents may have changed */
1781 spin_lock(&hcd_urb_list_lock);
1782 goto rescan;
1783 }
1784 spin_unlock_irq(&hcd_urb_list_lock);
1785
1786 /* Wait until the endpoint queue is completely empty */
1787 while (!list_empty (&ep->urb_list)) {
1788 spin_lock_irq(&hcd_urb_list_lock);
1789
1790 /* The list may have changed while we acquired the spinlock */
1791 urb = NULL;
1792 if (!list_empty (&ep->urb_list)) {
1793 urb = list_entry (ep->urb_list.prev, struct urb,
1794 urb_list);
1795 usb_get_urb (urb);
1796 }
1797 spin_unlock_irq(&hcd_urb_list_lock);
1798
1799 if (urb) {
1800 usb_kill_urb (urb);
1801 usb_put_urb (urb);
1802 }
1803 }
1804}
1805
1806/**
1807 * usb_hcd_alloc_bandwidth - check whether a new bandwidth setting exceeds
1808 * the bus bandwidth
1809 * @udev: target &usb_device
1810 * @new_config: new configuration to install
1811 * @cur_alt: the current alternate interface setting
1812 * @new_alt: alternate interface setting that is being installed
1813 *
1814 * To change configurations, pass in the new configuration in new_config,
1815 * and pass NULL for cur_alt and new_alt.
1816 *
1817 * To reset a device's configuration (put the device in the ADDRESSED state),
1818 * pass in NULL for new_config, cur_alt, and new_alt.
1819 *
1820 * To change alternate interface settings, pass in NULL for new_config,
1821 * pass in the current alternate interface setting in cur_alt,
1822 * and pass in the new alternate interface setting in new_alt.
1823 *
1824 * Return: An error if the requested bandwidth change exceeds the
1825 * bus bandwidth or host controller internal resources.
1826 */
1827int usb_hcd_alloc_bandwidth(struct usb_device *udev,
1828 struct usb_host_config *new_config,
1829 struct usb_host_interface *cur_alt,
1830 struct usb_host_interface *new_alt)
1831{
1832 int num_intfs, i, j;
1833 struct usb_host_interface *alt = NULL;
1834 int ret = 0;
1835 struct usb_hcd *hcd;
1836 struct usb_host_endpoint *ep;
1837
1838 hcd = bus_to_hcd(udev->bus);
1839 if (!hcd->driver->check_bandwidth)
1840 return 0;
1841
1842 /* Configuration is being removed - set configuration 0 */
1843 if (!new_config && !cur_alt) {
1844 for (i = 1; i < 16; ++i) {
1845 ep = udev->ep_out[i];
1846 if (ep)
1847 hcd->driver->drop_endpoint(hcd, udev, ep);
1848 ep = udev->ep_in[i];
1849 if (ep)
1850 hcd->driver->drop_endpoint(hcd, udev, ep);
1851 }
1852 hcd->driver->check_bandwidth(hcd, udev);
1853 return 0;
1854 }
1855 /* Check if the HCD says there's enough bandwidth. Enable all endpoints
1856 * each interface's alt setting 0 and ask the HCD to check the bandwidth
1857 * of the bus. There will always be bandwidth for endpoint 0, so it's
1858 * ok to exclude it.
1859 */
1860 if (new_config) {
1861 num_intfs = new_config->desc.bNumInterfaces;
1862 /* Remove endpoints (except endpoint 0, which is always on the
1863 * schedule) from the old config from the schedule
1864 */
1865 for (i = 1; i < 16; ++i) {
1866 ep = udev->ep_out[i];
1867 if (ep) {
1868 ret = hcd->driver->drop_endpoint(hcd, udev, ep);
1869 if (ret < 0)
1870 goto reset;
1871 }
1872 ep = udev->ep_in[i];
1873 if (ep) {
1874 ret = hcd->driver->drop_endpoint(hcd, udev, ep);
1875 if (ret < 0)
1876 goto reset;
1877 }
1878 }
1879 for (i = 0; i < num_intfs; ++i) {
1880 struct usb_host_interface *first_alt;
1881 int iface_num;
1882
1883 first_alt = &new_config->intf_cache[i]->altsetting[0];
1884 iface_num = first_alt->desc.bInterfaceNumber;
1885 /* Set up endpoints for alternate interface setting 0 */
1886 alt = usb_find_alt_setting(new_config, iface_num, 0);
1887 if (!alt)
1888 /* No alt setting 0? Pick the first setting. */
1889 alt = first_alt;
1890
1891 for (j = 0; j < alt->desc.bNumEndpoints; j++) {
1892 ret = hcd->driver->add_endpoint(hcd, udev, &alt->endpoint[j]);
1893 if (ret < 0)
1894 goto reset;
1895 }
1896 }
1897 }
1898 if (cur_alt && new_alt) {
1899 struct usb_interface *iface = usb_ifnum_to_if(udev,
1900 cur_alt->desc.bInterfaceNumber);
1901
1902 if (!iface)
1903 return -EINVAL;
1904 if (iface->resetting_device) {
1905 /*
1906 * The USB core just reset the device, so the xHCI host
1907 * and the device will think alt setting 0 is installed.
1908 * However, the USB core will pass in the alternate
1909 * setting installed before the reset as cur_alt. Dig
1910 * out the alternate setting 0 structure, or the first
1911 * alternate setting if a broken device doesn't have alt
1912 * setting 0.
1913 */
1914 cur_alt = usb_altnum_to_altsetting(iface, 0);
1915 if (!cur_alt)
1916 cur_alt = &iface->altsetting[0];
1917 }
1918
1919 /* Drop all the endpoints in the current alt setting */
1920 for (i = 0; i < cur_alt->desc.bNumEndpoints; i++) {
1921 ret = hcd->driver->drop_endpoint(hcd, udev,
1922 &cur_alt->endpoint[i]);
1923 if (ret < 0)
1924 goto reset;
1925 }
1926 /* Add all the endpoints in the new alt setting */
1927 for (i = 0; i < new_alt->desc.bNumEndpoints; i++) {
1928 ret = hcd->driver->add_endpoint(hcd, udev,
1929 &new_alt->endpoint[i]);
1930 if (ret < 0)
1931 goto reset;
1932 }
1933 }
1934 ret = hcd->driver->check_bandwidth(hcd, udev);
1935reset:
1936 if (ret < 0)
1937 hcd->driver->reset_bandwidth(hcd, udev);
1938 return ret;
1939}
1940
1941/* Disables the endpoint: synchronizes with the hcd to make sure all
1942 * endpoint state is gone from hardware. usb_hcd_flush_endpoint() must
1943 * have been called previously. Use for set_configuration, set_interface,
1944 * driver removal, physical disconnect.
1945 *
1946 * example: a qh stored in ep->hcpriv, holding state related to endpoint
1947 * type, maxpacket size, toggle, halt status, and scheduling.
1948 */
1949void usb_hcd_disable_endpoint(struct usb_device *udev,
1950 struct usb_host_endpoint *ep)
1951{
1952 struct usb_hcd *hcd;
1953
1954 might_sleep();
1955 hcd = bus_to_hcd(udev->bus);
1956 if (hcd->driver->endpoint_disable)
1957 hcd->driver->endpoint_disable(hcd, ep);
1958}
1959
1960/**
1961 * usb_hcd_reset_endpoint - reset host endpoint state
1962 * @udev: USB device.
1963 * @ep: the endpoint to reset.
1964 *
1965 * Resets any host endpoint state such as the toggle bit, sequence
1966 * number and current window.
1967 */
1968void usb_hcd_reset_endpoint(struct usb_device *udev,
1969 struct usb_host_endpoint *ep)
1970{
1971 struct usb_hcd *hcd = bus_to_hcd(udev->bus);
1972
1973 if (hcd->driver->endpoint_reset)
1974 hcd->driver->endpoint_reset(hcd, ep);
1975 else {
1976 int epnum = usb_endpoint_num(&ep->desc);
1977 int is_out = usb_endpoint_dir_out(&ep->desc);
1978 int is_control = usb_endpoint_xfer_control(&ep->desc);
1979
1980 usb_settoggle(udev, epnum, is_out, 0);
1981 if (is_control)
1982 usb_settoggle(udev, epnum, !is_out, 0);
1983 }
1984}
1985
1986/**
1987 * usb_alloc_streams - allocate bulk endpoint stream IDs.
1988 * @interface: alternate setting that includes all endpoints.
1989 * @eps: array of endpoints that need streams.
1990 * @num_eps: number of endpoints in the array.
1991 * @num_streams: number of streams to allocate.
1992 * @mem_flags: flags hcd should use to allocate memory.
1993 *
1994 * Sets up a group of bulk endpoints to have @num_streams stream IDs available.
1995 * Drivers may queue multiple transfers to different stream IDs, which may
1996 * complete in a different order than they were queued.
1997 *
1998 * Return: On success, the number of allocated streams. On failure, a negative
1999 * error code.
2000 */
2001int usb_alloc_streams(struct usb_interface *interface,
2002 struct usb_host_endpoint **eps, unsigned int num_eps,
2003 unsigned int num_streams, gfp_t mem_flags)
2004{
2005 struct usb_hcd *hcd;
2006 struct usb_device *dev;
2007 int i, ret;
2008
2009 dev = interface_to_usbdev(interface);
2010 hcd = bus_to_hcd(dev->bus);
2011 if (!hcd->driver->alloc_streams || !hcd->driver->free_streams)
2012 return -EINVAL;
2013 if (dev->speed < USB_SPEED_SUPER)
2014 return -EINVAL;
2015 if (dev->state < USB_STATE_CONFIGURED)
2016 return -ENODEV;
2017
2018 for (i = 0; i < num_eps; i++) {
2019 /* Streams only apply to bulk endpoints. */
2020 if (!usb_endpoint_xfer_bulk(&eps[i]->desc))
2021 return -EINVAL;
2022 /* Re-alloc is not allowed */
2023 if (eps[i]->streams)
2024 return -EINVAL;
2025 }
2026
2027 ret = hcd->driver->alloc_streams(hcd, dev, eps, num_eps,
2028 num_streams, mem_flags);
2029 if (ret < 0)
2030 return ret;
2031
2032 for (i = 0; i < num_eps; i++)
2033 eps[i]->streams = ret;
2034
2035 return ret;
2036}
2037EXPORT_SYMBOL_GPL(usb_alloc_streams);
2038
2039/**
2040 * usb_free_streams - free bulk endpoint stream IDs.
2041 * @interface: alternate setting that includes all endpoints.
2042 * @eps: array of endpoints to remove streams from.
2043 * @num_eps: number of endpoints in the array.
2044 * @mem_flags: flags hcd should use to allocate memory.
2045 *
2046 * Reverts a group of bulk endpoints back to not using stream IDs.
2047 * Can fail if we are given bad arguments, or HCD is broken.
2048 *
2049 * Return: 0 on success. On failure, a negative error code.
2050 */
2051int usb_free_streams(struct usb_interface *interface,
2052 struct usb_host_endpoint **eps, unsigned int num_eps,
2053 gfp_t mem_flags)
2054{
2055 struct usb_hcd *hcd;
2056 struct usb_device *dev;
2057 int i, ret;
2058
2059 dev = interface_to_usbdev(interface);
2060 hcd = bus_to_hcd(dev->bus);
2061 if (dev->speed < USB_SPEED_SUPER)
2062 return -EINVAL;
2063
2064 /* Double-free is not allowed */
2065 for (i = 0; i < num_eps; i++)
2066 if (!eps[i] || !eps[i]->streams)
2067 return -EINVAL;
2068
2069 ret = hcd->driver->free_streams(hcd, dev, eps, num_eps, mem_flags);
2070 if (ret < 0)
2071 return ret;
2072
2073 for (i = 0; i < num_eps; i++)
2074 eps[i]->streams = 0;
2075
2076 return ret;
2077}
2078EXPORT_SYMBOL_GPL(usb_free_streams);
2079
2080/* Protect against drivers that try to unlink URBs after the device
2081 * is gone, by waiting until all unlinks for @udev are finished.
2082 * Since we don't currently track URBs by device, simply wait until
2083 * nothing is running in the locked region of usb_hcd_unlink_urb().
2084 */
2085void usb_hcd_synchronize_unlinks(struct usb_device *udev)
2086{
2087 spin_lock_irq(&hcd_urb_unlink_lock);
2088 spin_unlock_irq(&hcd_urb_unlink_lock);
2089}
2090
2091/*-------------------------------------------------------------------------*/
2092
2093/* called in any context */
2094int usb_hcd_get_frame_number (struct usb_device *udev)
2095{
2096 struct usb_hcd *hcd = bus_to_hcd(udev->bus);
2097
2098 if (!HCD_RH_RUNNING(hcd))
2099 return -ESHUTDOWN;
2100 return hcd->driver->get_frame_number (hcd);
2101}
2102
2103/*-------------------------------------------------------------------------*/
2104
2105#ifdef CONFIG_PM
2106
2107int hcd_bus_suspend(struct usb_device *rhdev, pm_message_t msg)
2108{
2109 struct usb_hcd *hcd = bus_to_hcd(rhdev->bus);
2110 int status;
2111 int old_state = hcd->state;
2112
2113 dev_dbg(&rhdev->dev, "bus %ssuspend, wakeup %d\n",
2114 (PMSG_IS_AUTO(msg) ? "auto-" : ""),
2115 rhdev->do_remote_wakeup);
2116 if (HCD_DEAD(hcd)) {
2117 dev_dbg(&rhdev->dev, "skipped %s of dead bus\n", "suspend");
2118 return 0;
2119 }
2120
2121 if (!hcd->driver->bus_suspend) {
2122 status = -ENOENT;
2123 } else {
2124 clear_bit(HCD_FLAG_RH_RUNNING, &hcd->flags);
2125 hcd->state = HC_STATE_QUIESCING;
2126 status = hcd->driver->bus_suspend(hcd);
2127 }
2128 if (status == 0) {
2129 usb_set_device_state(rhdev, USB_STATE_SUSPENDED);
2130 hcd->state = HC_STATE_SUSPENDED;
2131
2132 if (!PMSG_IS_AUTO(msg))
2133 usb_phy_roothub_suspend(hcd->self.sysdev,
2134 hcd->phy_roothub);
2135
2136 /* Did we race with a root-hub wakeup event? */
2137 if (rhdev->do_remote_wakeup) {
2138 char buffer[6];
2139
2140 status = hcd->driver->hub_status_data(hcd, buffer);
2141 if (status != 0) {
2142 dev_dbg(&rhdev->dev, "suspend raced with wakeup event\n");
2143 hcd_bus_resume(rhdev, PMSG_AUTO_RESUME);
2144 status = -EBUSY;
2145 }
2146 }
2147 } else {
2148 spin_lock_irq(&hcd_root_hub_lock);
2149 if (!HCD_DEAD(hcd)) {
2150 set_bit(HCD_FLAG_RH_RUNNING, &hcd->flags);
2151 hcd->state = old_state;
2152 }
2153 spin_unlock_irq(&hcd_root_hub_lock);
2154 dev_dbg(&rhdev->dev, "bus %s fail, err %d\n",
2155 "suspend", status);
2156 }
2157 return status;
2158}
2159
2160int hcd_bus_resume(struct usb_device *rhdev, pm_message_t msg)
2161{
2162 struct usb_hcd *hcd = bus_to_hcd(rhdev->bus);
2163 int status;
2164 int old_state = hcd->state;
2165
2166 dev_dbg(&rhdev->dev, "usb %sresume\n",
2167 (PMSG_IS_AUTO(msg) ? "auto-" : ""));
2168 if (HCD_DEAD(hcd)) {
2169 dev_dbg(&rhdev->dev, "skipped %s of dead bus\n", "resume");
2170 return 0;
2171 }
2172
2173 if (!PMSG_IS_AUTO(msg)) {
2174 status = usb_phy_roothub_resume(hcd->self.sysdev,
2175 hcd->phy_roothub);
2176 if (status)
2177 return status;
2178 }
2179
2180 if (!hcd->driver->bus_resume)
2181 return -ENOENT;
2182 if (HCD_RH_RUNNING(hcd))
2183 return 0;
2184
2185 hcd->state = HC_STATE_RESUMING;
2186 status = hcd->driver->bus_resume(hcd);
2187 clear_bit(HCD_FLAG_WAKEUP_PENDING, &hcd->flags);
2188 if (status == 0)
2189 status = usb_phy_roothub_calibrate(hcd->phy_roothub);
2190
2191 if (status == 0) {
2192 struct usb_device *udev;
2193 int port1;
2194
2195 spin_lock_irq(&hcd_root_hub_lock);
2196 if (!HCD_DEAD(hcd)) {
2197 usb_set_device_state(rhdev, rhdev->actconfig
2198 ? USB_STATE_CONFIGURED
2199 : USB_STATE_ADDRESS);
2200 set_bit(HCD_FLAG_RH_RUNNING, &hcd->flags);
2201 hcd->state = HC_STATE_RUNNING;
2202 }
2203 spin_unlock_irq(&hcd_root_hub_lock);
2204
2205 /*
2206 * Check whether any of the enabled ports on the root hub are
2207 * unsuspended. If they are then a TRSMRCY delay is needed
2208 * (this is what the USB-2 spec calls a "global resume").
2209 * Otherwise we can skip the delay.
2210 */
2211 usb_hub_for_each_child(rhdev, port1, udev) {
2212 if (udev->state != USB_STATE_NOTATTACHED &&
2213 !udev->port_is_suspended) {
2214 usleep_range(10000, 11000); /* TRSMRCY */
2215 break;
2216 }
2217 }
2218 } else {
2219 hcd->state = old_state;
2220 usb_phy_roothub_suspend(hcd->self.sysdev, hcd->phy_roothub);
2221 dev_dbg(&rhdev->dev, "bus %s fail, err %d\n",
2222 "resume", status);
2223 if (status != -ESHUTDOWN)
2224 usb_hc_died(hcd);
2225 }
2226 return status;
2227}
2228
2229/* Workqueue routine for root-hub remote wakeup */
2230static void hcd_resume_work(struct work_struct *work)
2231{
2232 struct usb_hcd *hcd = container_of(work, struct usb_hcd, wakeup_work);
2233 struct usb_device *udev = hcd->self.root_hub;
2234
2235 usb_remote_wakeup(udev);
2236}
2237
2238/**
2239 * usb_hcd_resume_root_hub - called by HCD to resume its root hub
2240 * @hcd: host controller for this root hub
2241 *
2242 * The USB host controller calls this function when its root hub is
2243 * suspended (with the remote wakeup feature enabled) and a remote
2244 * wakeup request is received. The routine submits a workqueue request
2245 * to resume the root hub (that is, manage its downstream ports again).
2246 */
2247void usb_hcd_resume_root_hub (struct usb_hcd *hcd)
2248{
2249 unsigned long flags;
2250
2251 spin_lock_irqsave (&hcd_root_hub_lock, flags);
2252 if (hcd->rh_registered) {
2253 pm_wakeup_event(&hcd->self.root_hub->dev, 0);
2254 set_bit(HCD_FLAG_WAKEUP_PENDING, &hcd->flags);
2255 queue_work(pm_wq, &hcd->wakeup_work);
2256 }
2257 spin_unlock_irqrestore (&hcd_root_hub_lock, flags);
2258}
2259EXPORT_SYMBOL_GPL(usb_hcd_resume_root_hub);
2260
2261#endif /* CONFIG_PM */
2262
2263/*-------------------------------------------------------------------------*/
2264
2265#ifdef CONFIG_USB_OTG
2266
2267/**
2268 * usb_bus_start_enum - start immediate enumeration (for OTG)
2269 * @bus: the bus (must use hcd framework)
2270 * @port_num: 1-based number of port; usually bus->otg_port
2271 * Context: in_interrupt()
2272 *
2273 * Starts enumeration, with an immediate reset followed later by
2274 * hub_wq identifying and possibly configuring the device.
2275 * This is needed by OTG controller drivers, where it helps meet
2276 * HNP protocol timing requirements for starting a port reset.
2277 *
2278 * Return: 0 if successful.
2279 */
2280int usb_bus_start_enum(struct usb_bus *bus, unsigned port_num)
2281{
2282 struct usb_hcd *hcd;
2283 int status = -EOPNOTSUPP;
2284
2285 /* NOTE: since HNP can't start by grabbing the bus's address0_sem,
2286 * boards with root hubs hooked up to internal devices (instead of
2287 * just the OTG port) may need more attention to resetting...
2288 */
2289 hcd = bus_to_hcd(bus);
2290 if (port_num && hcd->driver->start_port_reset)
2291 status = hcd->driver->start_port_reset(hcd, port_num);
2292
2293 /* allocate hub_wq shortly after (first) root port reset finishes;
2294 * it may issue others, until at least 50 msecs have passed.
2295 */
2296 if (status == 0)
2297 mod_timer(&hcd->rh_timer, jiffies + msecs_to_jiffies(10));
2298 return status;
2299}
2300EXPORT_SYMBOL_GPL(usb_bus_start_enum);
2301
2302#endif
2303
2304/*-------------------------------------------------------------------------*/
2305
2306/**
2307 * usb_hcd_irq - hook IRQs to HCD framework (bus glue)
2308 * @irq: the IRQ being raised
2309 * @__hcd: pointer to the HCD whose IRQ is being signaled
2310 *
2311 * If the controller isn't HALTed, calls the driver's irq handler.
2312 * Checks whether the controller is now dead.
2313 *
2314 * Return: %IRQ_HANDLED if the IRQ was handled. %IRQ_NONE otherwise.
2315 */
2316irqreturn_t usb_hcd_irq (int irq, void *__hcd)
2317{
2318 struct usb_hcd *hcd = __hcd;
2319 irqreturn_t rc;
2320
2321 if (unlikely(HCD_DEAD(hcd) || !HCD_HW_ACCESSIBLE(hcd)))
2322 rc = IRQ_NONE;
2323 else if (hcd->driver->irq(hcd) == IRQ_NONE)
2324 rc = IRQ_NONE;
2325 else
2326 rc = IRQ_HANDLED;
2327
2328 return rc;
2329}
2330EXPORT_SYMBOL_GPL(usb_hcd_irq);
2331
2332/*-------------------------------------------------------------------------*/
2333
2334/* Workqueue routine for when the root-hub has died. */
2335static void hcd_died_work(struct work_struct *work)
2336{
2337 struct usb_hcd *hcd = container_of(work, struct usb_hcd, died_work);
2338 static char *env[] = {
2339 "ERROR=DEAD",
2340 NULL
2341 };
2342
2343 /* Notify user space that the host controller has died */
2344 kobject_uevent_env(&hcd->self.root_hub->dev.kobj, KOBJ_OFFLINE, env);
2345}
2346
2347/**
2348 * usb_hc_died - report abnormal shutdown of a host controller (bus glue)
2349 * @hcd: pointer to the HCD representing the controller
2350 *
2351 * This is called by bus glue to report a USB host controller that died
2352 * while operations may still have been pending. It's called automatically
2353 * by the PCI glue, so only glue for non-PCI busses should need to call it.
2354 *
2355 * Only call this function with the primary HCD.
2356 */
2357void usb_hc_died (struct usb_hcd *hcd)
2358{
2359 unsigned long flags;
2360
2361 dev_err (hcd->self.controller, "HC died; cleaning up\n");
2362
2363 spin_lock_irqsave (&hcd_root_hub_lock, flags);
2364 clear_bit(HCD_FLAG_RH_RUNNING, &hcd->flags);
2365 set_bit(HCD_FLAG_DEAD, &hcd->flags);
2366 if (hcd->rh_registered) {
2367 clear_bit(HCD_FLAG_POLL_RH, &hcd->flags);
2368
2369 /* make hub_wq clean up old urbs and devices */
2370 usb_set_device_state (hcd->self.root_hub,
2371 USB_STATE_NOTATTACHED);
2372 usb_kick_hub_wq(hcd->self.root_hub);
2373 }
2374 if (usb_hcd_is_primary_hcd(hcd) && hcd->shared_hcd) {
2375 hcd = hcd->shared_hcd;
2376 clear_bit(HCD_FLAG_RH_RUNNING, &hcd->flags);
2377 set_bit(HCD_FLAG_DEAD, &hcd->flags);
2378 if (hcd->rh_registered) {
2379 clear_bit(HCD_FLAG_POLL_RH, &hcd->flags);
2380
2381 /* make hub_wq clean up old urbs and devices */
2382 usb_set_device_state(hcd->self.root_hub,
2383 USB_STATE_NOTATTACHED);
2384 usb_kick_hub_wq(hcd->self.root_hub);
2385 }
2386 }
2387
2388 /* Handle the case where this function gets called with a shared HCD */
2389 if (usb_hcd_is_primary_hcd(hcd))
2390 schedule_work(&hcd->died_work);
2391 else
2392 schedule_work(&hcd->primary_hcd->died_work);
2393
2394 spin_unlock_irqrestore (&hcd_root_hub_lock, flags);
2395 /* Make sure that the other roothub is also deallocated. */
2396}
2397EXPORT_SYMBOL_GPL (usb_hc_died);
2398
2399/*-------------------------------------------------------------------------*/
2400
2401static void init_giveback_urb_bh(struct giveback_urb_bh *bh)
2402{
2403
2404 spin_lock_init(&bh->lock);
2405 INIT_LIST_HEAD(&bh->head);
2406 tasklet_init(&bh->bh, usb_giveback_urb_bh, (unsigned long)bh);
2407}
2408
2409struct usb_hcd *__usb_create_hcd(const struct hc_driver *driver,
2410 struct device *sysdev, struct device *dev, const char *bus_name,
2411 struct usb_hcd *primary_hcd)
2412{
2413 struct usb_hcd *hcd;
2414
2415 hcd = kzalloc(sizeof(*hcd) + driver->hcd_priv_size, GFP_KERNEL);
2416 if (!hcd)
2417 return NULL;
2418 if (primary_hcd == NULL) {
2419 hcd->address0_mutex = kmalloc(sizeof(*hcd->address0_mutex),
2420 GFP_KERNEL);
2421 if (!hcd->address0_mutex) {
2422 kfree(hcd);
2423 dev_dbg(dev, "hcd address0 mutex alloc failed\n");
2424 return NULL;
2425 }
2426 mutex_init(hcd->address0_mutex);
2427 hcd->bandwidth_mutex = kmalloc(sizeof(*hcd->bandwidth_mutex),
2428 GFP_KERNEL);
2429 if (!hcd->bandwidth_mutex) {
2430 kfree(hcd->address0_mutex);
2431 kfree(hcd);
2432 dev_dbg(dev, "hcd bandwidth mutex alloc failed\n");
2433 return NULL;
2434 }
2435 mutex_init(hcd->bandwidth_mutex);
2436 dev_set_drvdata(dev, hcd);
2437 } else {
2438 mutex_lock(&usb_port_peer_mutex);
2439 hcd->address0_mutex = primary_hcd->address0_mutex;
2440 hcd->bandwidth_mutex = primary_hcd->bandwidth_mutex;
2441 hcd->primary_hcd = primary_hcd;
2442 primary_hcd->primary_hcd = primary_hcd;
2443 hcd->shared_hcd = primary_hcd;
2444 primary_hcd->shared_hcd = hcd;
2445 mutex_unlock(&usb_port_peer_mutex);
2446 }
2447
2448 kref_init(&hcd->kref);
2449
2450 usb_bus_init(&hcd->self);
2451 hcd->self.controller = dev;
2452 hcd->self.sysdev = sysdev;
2453 hcd->self.bus_name = bus_name;
2454
2455 timer_setup(&hcd->rh_timer, rh_timer_func, 0);
2456#ifdef CONFIG_PM
2457 INIT_WORK(&hcd->wakeup_work, hcd_resume_work);
2458#endif
2459
2460 INIT_WORK(&hcd->died_work, hcd_died_work);
2461
2462 hcd->driver = driver;
2463 hcd->speed = driver->flags & HCD_MASK;
2464 hcd->product_desc = (driver->product_desc) ? driver->product_desc :
2465 "USB Host Controller";
2466 return hcd;
2467}
2468EXPORT_SYMBOL_GPL(__usb_create_hcd);
2469
2470/**
2471 * usb_create_shared_hcd - create and initialize an HCD structure
2472 * @driver: HC driver that will use this hcd
2473 * @dev: device for this HC, stored in hcd->self.controller
2474 * @bus_name: value to store in hcd->self.bus_name
2475 * @primary_hcd: a pointer to the usb_hcd structure that is sharing the
2476 * PCI device. Only allocate certain resources for the primary HCD
2477 * Context: !in_interrupt()
2478 *
2479 * Allocate a struct usb_hcd, with extra space at the end for the
2480 * HC driver's private data. Initialize the generic members of the
2481 * hcd structure.
2482 *
2483 * Return: On success, a pointer to the created and initialized HCD structure.
2484 * On failure (e.g. if memory is unavailable), %NULL.
2485 */
2486struct usb_hcd *usb_create_shared_hcd(const struct hc_driver *driver,
2487 struct device *dev, const char *bus_name,
2488 struct usb_hcd *primary_hcd)
2489{
2490 return __usb_create_hcd(driver, dev, dev, bus_name, primary_hcd);
2491}
2492EXPORT_SYMBOL_GPL(usb_create_shared_hcd);
2493
2494/**
2495 * usb_create_hcd - create and initialize an HCD structure
2496 * @driver: HC driver that will use this hcd
2497 * @dev: device for this HC, stored in hcd->self.controller
2498 * @bus_name: value to store in hcd->self.bus_name
2499 * Context: !in_interrupt()
2500 *
2501 * Allocate a struct usb_hcd, with extra space at the end for the
2502 * HC driver's private data. Initialize the generic members of the
2503 * hcd structure.
2504 *
2505 * Return: On success, a pointer to the created and initialized HCD
2506 * structure. On failure (e.g. if memory is unavailable), %NULL.
2507 */
2508struct usb_hcd *usb_create_hcd(const struct hc_driver *driver,
2509 struct device *dev, const char *bus_name)
2510{
2511 return __usb_create_hcd(driver, dev, dev, bus_name, NULL);
2512}
2513EXPORT_SYMBOL_GPL(usb_create_hcd);
2514
2515/*
2516 * Roothubs that share one PCI device must also share the bandwidth mutex.
2517 * Don't deallocate the bandwidth_mutex until the last shared usb_hcd is
2518 * deallocated.
2519 *
2520 * Make sure to deallocate the bandwidth_mutex only when the last HCD is
2521 * freed. When hcd_release() is called for either hcd in a peer set,
2522 * invalidate the peer's ->shared_hcd and ->primary_hcd pointers.
2523 */
2524static void hcd_release(struct kref *kref)
2525{
2526 struct usb_hcd *hcd = container_of (kref, struct usb_hcd, kref);
2527
2528 mutex_lock(&usb_port_peer_mutex);
2529 if (hcd->shared_hcd) {
2530 struct usb_hcd *peer = hcd->shared_hcd;
2531
2532 peer->shared_hcd = NULL;
2533 peer->primary_hcd = NULL;
2534 } else {
2535 kfree(hcd->address0_mutex);
2536 kfree(hcd->bandwidth_mutex);
2537 }
2538 mutex_unlock(&usb_port_peer_mutex);
2539 kfree(hcd);
2540}
2541
2542struct usb_hcd *usb_get_hcd (struct usb_hcd *hcd)
2543{
2544 if (hcd)
2545 kref_get (&hcd->kref);
2546 return hcd;
2547}
2548EXPORT_SYMBOL_GPL(usb_get_hcd);
2549
2550void usb_put_hcd (struct usb_hcd *hcd)
2551{
2552 if (hcd)
2553 kref_put (&hcd->kref, hcd_release);
2554}
2555EXPORT_SYMBOL_GPL(usb_put_hcd);
2556
2557int usb_hcd_is_primary_hcd(struct usb_hcd *hcd)
2558{
2559 if (!hcd->primary_hcd)
2560 return 1;
2561 return hcd == hcd->primary_hcd;
2562}
2563EXPORT_SYMBOL_GPL(usb_hcd_is_primary_hcd);
2564
2565int usb_hcd_find_raw_port_number(struct usb_hcd *hcd, int port1)
2566{
2567 if (!hcd->driver->find_raw_port_number)
2568 return port1;
2569
2570 return hcd->driver->find_raw_port_number(hcd, port1);
2571}
2572
2573static int usb_hcd_request_irqs(struct usb_hcd *hcd,
2574 unsigned int irqnum, unsigned long irqflags)
2575{
2576 int retval;
2577
2578 if (hcd->driver->irq) {
2579
2580 snprintf(hcd->irq_descr, sizeof(hcd->irq_descr), "%s:usb%d",
2581 hcd->driver->description, hcd->self.busnum);
2582 retval = request_irq(irqnum, &usb_hcd_irq, irqflags,
2583 hcd->irq_descr, hcd);
2584 if (retval != 0) {
2585 dev_err(hcd->self.controller,
2586 "request interrupt %d failed\n",
2587 irqnum);
2588 return retval;
2589 }
2590 hcd->irq = irqnum;
2591 dev_info(hcd->self.controller, "irq %d, %s 0x%08llx\n", irqnum,
2592 (hcd->driver->flags & HCD_MEMORY) ?
2593 "io mem" : "io base",
2594 (unsigned long long)hcd->rsrc_start);
2595 } else {
2596 hcd->irq = 0;
2597 if (hcd->rsrc_start)
2598 dev_info(hcd->self.controller, "%s 0x%08llx\n",
2599 (hcd->driver->flags & HCD_MEMORY) ?
2600 "io mem" : "io base",
2601 (unsigned long long)hcd->rsrc_start);
2602 }
2603 return 0;
2604}
2605
2606/*
2607 * Before we free this root hub, flush in-flight peering attempts
2608 * and disable peer lookups
2609 */
2610static void usb_put_invalidate_rhdev(struct usb_hcd *hcd)
2611{
2612 struct usb_device *rhdev;
2613
2614 mutex_lock(&usb_port_peer_mutex);
2615 rhdev = hcd->self.root_hub;
2616 hcd->self.root_hub = NULL;
2617 mutex_unlock(&usb_port_peer_mutex);
2618 usb_put_dev(rhdev);
2619}
2620
2621/**
2622 * usb_add_hcd - finish generic HCD structure initialization and register
2623 * @hcd: the usb_hcd structure to initialize
2624 * @irqnum: Interrupt line to allocate
2625 * @irqflags: Interrupt type flags
2626 *
2627 * Finish the remaining parts of generic HCD initialization: allocate the
2628 * buffers of consistent memory, register the bus, request the IRQ line,
2629 * and call the driver's reset() and start() routines.
2630 */
2631int usb_add_hcd(struct usb_hcd *hcd,
2632 unsigned int irqnum, unsigned long irqflags)
2633{
2634 int retval;
2635 struct usb_device *rhdev;
2636
2637 if (!hcd->skip_phy_initialization && usb_hcd_is_primary_hcd(hcd)) {
2638 hcd->phy_roothub = usb_phy_roothub_alloc(hcd->self.sysdev);
2639 if (IS_ERR(hcd->phy_roothub))
2640 return PTR_ERR(hcd->phy_roothub);
2641
2642 retval = usb_phy_roothub_init(hcd->phy_roothub);
2643 if (retval)
2644 return retval;
2645
2646 retval = usb_phy_roothub_set_mode(hcd->phy_roothub,
2647 PHY_MODE_USB_HOST_SS);
2648 if (retval)
2649 retval = usb_phy_roothub_set_mode(hcd->phy_roothub,
2650 PHY_MODE_USB_HOST);
2651 if (retval)
2652 goto err_usb_phy_roothub_power_on;
2653
2654 retval = usb_phy_roothub_power_on(hcd->phy_roothub);
2655 if (retval)
2656 goto err_usb_phy_roothub_power_on;
2657 }
2658
2659 dev_info(hcd->self.controller, "%s\n", hcd->product_desc);
2660
2661 switch (authorized_default) {
2662 case USB_AUTHORIZE_NONE:
2663 hcd->dev_policy = USB_DEVICE_AUTHORIZE_NONE;
2664 break;
2665
2666 case USB_AUTHORIZE_ALL:
2667 hcd->dev_policy = USB_DEVICE_AUTHORIZE_ALL;
2668 break;
2669
2670 case USB_AUTHORIZE_INTERNAL:
2671 hcd->dev_policy = USB_DEVICE_AUTHORIZE_INTERNAL;
2672 break;
2673
2674 case USB_AUTHORIZE_WIRED:
2675 default:
2676 hcd->dev_policy = hcd->wireless ?
2677 USB_DEVICE_AUTHORIZE_NONE : USB_DEVICE_AUTHORIZE_ALL;
2678 break;
2679 }
2680
2681 set_bit(HCD_FLAG_HW_ACCESSIBLE, &hcd->flags);
2682
2683 /* per default all interfaces are authorized */
2684 set_bit(HCD_FLAG_INTF_AUTHORIZED, &hcd->flags);
2685
2686 /* HC is in reset state, but accessible. Now do the one-time init,
2687 * bottom up so that hcds can customize the root hubs before hub_wq
2688 * starts talking to them. (Note, bus id is assigned early too.)
2689 */
2690 retval = hcd_buffer_create(hcd);
2691 if (retval != 0) {
2692 dev_dbg(hcd->self.sysdev, "pool alloc failed\n");
2693 goto err_create_buf;
2694 }
2695
2696 retval = usb_register_bus(&hcd->self);
2697 if (retval < 0)
2698 goto err_register_bus;
2699
2700 rhdev = usb_alloc_dev(NULL, &hcd->self, 0);
2701 if (rhdev == NULL) {
2702 dev_err(hcd->self.sysdev, "unable to allocate root hub\n");
2703 retval = -ENOMEM;
2704 goto err_allocate_root_hub;
2705 }
2706 mutex_lock(&usb_port_peer_mutex);
2707 hcd->self.root_hub = rhdev;
2708 mutex_unlock(&usb_port_peer_mutex);
2709
2710 rhdev->rx_lanes = 1;
2711 rhdev->tx_lanes = 1;
2712
2713 switch (hcd->speed) {
2714 case HCD_USB11:
2715 rhdev->speed = USB_SPEED_FULL;
2716 break;
2717 case HCD_USB2:
2718 rhdev->speed = USB_SPEED_HIGH;
2719 break;
2720 case HCD_USB25:
2721 rhdev->speed = USB_SPEED_WIRELESS;
2722 break;
2723 case HCD_USB3:
2724 rhdev->speed = USB_SPEED_SUPER;
2725 break;
2726 case HCD_USB32:
2727 rhdev->rx_lanes = 2;
2728 rhdev->tx_lanes = 2;
2729 fallthrough;
2730 case HCD_USB31:
2731 rhdev->speed = USB_SPEED_SUPER_PLUS;
2732 break;
2733 default:
2734 retval = -EINVAL;
2735 goto err_set_rh_speed;
2736 }
2737
2738 /* wakeup flag init defaults to "everything works" for root hubs,
2739 * but drivers can override it in reset() if needed, along with
2740 * recording the overall controller's system wakeup capability.
2741 */
2742 device_set_wakeup_capable(&rhdev->dev, 1);
2743
2744 /* HCD_FLAG_RH_RUNNING doesn't matter until the root hub is
2745 * registered. But since the controller can die at any time,
2746 * let's initialize the flag before touching the hardware.
2747 */
2748 set_bit(HCD_FLAG_RH_RUNNING, &hcd->flags);
2749
2750 /* "reset" is misnamed; its role is now one-time init. the controller
2751 * should already have been reset (and boot firmware kicked off etc).
2752 */
2753 if (hcd->driver->reset) {
2754 retval = hcd->driver->reset(hcd);
2755 if (retval < 0) {
2756 dev_err(hcd->self.controller, "can't setup: %d\n",
2757 retval);
2758 goto err_hcd_driver_setup;
2759 }
2760 }
2761 hcd->rh_pollable = 1;
2762
2763 retval = usb_phy_roothub_calibrate(hcd->phy_roothub);
2764 if (retval)
2765 goto err_hcd_driver_setup;
2766
2767 /* NOTE: root hub and controller capabilities may not be the same */
2768 if (device_can_wakeup(hcd->self.controller)
2769 && device_can_wakeup(&hcd->self.root_hub->dev))
2770 dev_dbg(hcd->self.controller, "supports USB remote wakeup\n");
2771
2772 /* initialize tasklets */
2773 init_giveback_urb_bh(&hcd->high_prio_bh);
2774 init_giveback_urb_bh(&hcd->low_prio_bh);
2775
2776 /* enable irqs just before we start the controller,
2777 * if the BIOS provides legacy PCI irqs.
2778 */
2779 if (usb_hcd_is_primary_hcd(hcd) && irqnum) {
2780 retval = usb_hcd_request_irqs(hcd, irqnum, irqflags);
2781 if (retval)
2782 goto err_request_irq;
2783 }
2784
2785 hcd->state = HC_STATE_RUNNING;
2786 retval = hcd->driver->start(hcd);
2787 if (retval < 0) {
2788 dev_err(hcd->self.controller, "startup error %d\n", retval);
2789 goto err_hcd_driver_start;
2790 }
2791
2792 /* starting here, usbcore will pay attention to this root hub */
2793 retval = register_root_hub(hcd);
2794 if (retval != 0)
2795 goto err_register_root_hub;
2796
2797 if (hcd->uses_new_polling && HCD_POLL_RH(hcd))
2798 usb_hcd_poll_rh_status(hcd);
2799
2800 return retval;
2801
2802err_register_root_hub:
2803 hcd->rh_pollable = 0;
2804 clear_bit(HCD_FLAG_POLL_RH, &hcd->flags);
2805 del_timer_sync(&hcd->rh_timer);
2806 hcd->driver->stop(hcd);
2807 hcd->state = HC_STATE_HALT;
2808 clear_bit(HCD_FLAG_POLL_RH, &hcd->flags);
2809 del_timer_sync(&hcd->rh_timer);
2810err_hcd_driver_start:
2811 if (usb_hcd_is_primary_hcd(hcd) && hcd->irq > 0)
2812 free_irq(irqnum, hcd);
2813err_request_irq:
2814err_hcd_driver_setup:
2815err_set_rh_speed:
2816 usb_put_invalidate_rhdev(hcd);
2817err_allocate_root_hub:
2818 usb_deregister_bus(&hcd->self);
2819err_register_bus:
2820 hcd_buffer_destroy(hcd);
2821err_create_buf:
2822 usb_phy_roothub_power_off(hcd->phy_roothub);
2823err_usb_phy_roothub_power_on:
2824 usb_phy_roothub_exit(hcd->phy_roothub);
2825
2826 return retval;
2827}
2828EXPORT_SYMBOL_GPL(usb_add_hcd);
2829
2830/**
2831 * usb_remove_hcd - shutdown processing for generic HCDs
2832 * @hcd: the usb_hcd structure to remove
2833 * Context: !in_interrupt()
2834 *
2835 * Disconnects the root hub, then reverses the effects of usb_add_hcd(),
2836 * invoking the HCD's stop() method.
2837 */
2838void usb_remove_hcd(struct usb_hcd *hcd)
2839{
2840 struct usb_device *rhdev = hcd->self.root_hub;
2841
2842 dev_info(hcd->self.controller, "remove, state %x\n", hcd->state);
2843
2844 usb_get_dev(rhdev);
2845 clear_bit(HCD_FLAG_RH_RUNNING, &hcd->flags);
2846 if (HC_IS_RUNNING (hcd->state))
2847 hcd->state = HC_STATE_QUIESCING;
2848
2849 dev_dbg(hcd->self.controller, "roothub graceful disconnect\n");
2850 spin_lock_irq (&hcd_root_hub_lock);
2851 hcd->rh_registered = 0;
2852 spin_unlock_irq (&hcd_root_hub_lock);
2853
2854#ifdef CONFIG_PM
2855 cancel_work_sync(&hcd->wakeup_work);
2856#endif
2857 cancel_work_sync(&hcd->died_work);
2858
2859 mutex_lock(&usb_bus_idr_lock);
2860 usb_disconnect(&rhdev); /* Sets rhdev to NULL */
2861 mutex_unlock(&usb_bus_idr_lock);
2862
2863 /*
2864 * tasklet_kill() isn't needed here because:
2865 * - driver's disconnect() called from usb_disconnect() should
2866 * make sure its URBs are completed during the disconnect()
2867 * callback
2868 *
2869 * - it is too late to run complete() here since driver may have
2870 * been removed already now
2871 */
2872
2873 /* Prevent any more root-hub status calls from the timer.
2874 * The HCD might still restart the timer (if a port status change
2875 * interrupt occurs), but usb_hcd_poll_rh_status() won't invoke
2876 * the hub_status_data() callback.
2877 */
2878 hcd->rh_pollable = 0;
2879 clear_bit(HCD_FLAG_POLL_RH, &hcd->flags);
2880 del_timer_sync(&hcd->rh_timer);
2881
2882 hcd->driver->stop(hcd);
2883 hcd->state = HC_STATE_HALT;
2884
2885 /* In case the HCD restarted the timer, stop it again. */
2886 clear_bit(HCD_FLAG_POLL_RH, &hcd->flags);
2887 del_timer_sync(&hcd->rh_timer);
2888
2889 if (usb_hcd_is_primary_hcd(hcd)) {
2890 if (hcd->irq > 0)
2891 free_irq(hcd->irq, hcd);
2892 }
2893
2894 usb_deregister_bus(&hcd->self);
2895 hcd_buffer_destroy(hcd);
2896
2897 usb_phy_roothub_power_off(hcd->phy_roothub);
2898 usb_phy_roothub_exit(hcd->phy_roothub);
2899
2900 usb_put_invalidate_rhdev(hcd);
2901 hcd->flags = 0;
2902}
2903EXPORT_SYMBOL_GPL(usb_remove_hcd);
2904
2905void
2906usb_hcd_platform_shutdown(struct platform_device *dev)
2907{
2908 struct usb_hcd *hcd = platform_get_drvdata(dev);
2909
2910 /* No need for pm_runtime_put(), we're shutting down */
2911 pm_runtime_get_sync(&dev->dev);
2912
2913 if (hcd->driver->shutdown)
2914 hcd->driver->shutdown(hcd);
2915}
2916EXPORT_SYMBOL_GPL(usb_hcd_platform_shutdown);
2917
2918int usb_hcd_setup_local_mem(struct usb_hcd *hcd, phys_addr_t phys_addr,
2919 dma_addr_t dma, size_t size)
2920{
2921 int err;
2922 void *local_mem;
2923
2924 hcd->localmem_pool = devm_gen_pool_create(hcd->self.sysdev, 4,
2925 dev_to_node(hcd->self.sysdev),
2926 dev_name(hcd->self.sysdev));
2927 if (IS_ERR(hcd->localmem_pool))
2928 return PTR_ERR(hcd->localmem_pool);
2929
2930 local_mem = devm_memremap(hcd->self.sysdev, phys_addr,
2931 size, MEMREMAP_WC);
2932 if (IS_ERR(local_mem))
2933 return PTR_ERR(local_mem);
2934
2935 /*
2936 * Here we pass a dma_addr_t but the arg type is a phys_addr_t.
2937 * It's not backed by system memory and thus there's no kernel mapping
2938 * for it.
2939 */
2940 err = gen_pool_add_virt(hcd->localmem_pool, (unsigned long)local_mem,
2941 dma, size, dev_to_node(hcd->self.sysdev));
2942 if (err < 0) {
2943 dev_err(hcd->self.sysdev, "gen_pool_add_virt failed with %d\n",
2944 err);
2945 return err;
2946 }
2947
2948 return 0;
2949}
2950EXPORT_SYMBOL_GPL(usb_hcd_setup_local_mem);
2951
2952/*-------------------------------------------------------------------------*/
2953
2954#if IS_ENABLED(CONFIG_USB_MON)
2955
2956const struct usb_mon_operations *mon_ops;
2957
2958/*
2959 * The registration is unlocked.
2960 * We do it this way because we do not want to lock in hot paths.
2961 *
2962 * Notice that the code is minimally error-proof. Because usbmon needs
2963 * symbols from usbcore, usbcore gets referenced and cannot be unloaded first.
2964 */
2965
2966int usb_mon_register(const struct usb_mon_operations *ops)
2967{
2968
2969 if (mon_ops)
2970 return -EBUSY;
2971
2972 mon_ops = ops;
2973 mb();
2974 return 0;
2975}
2976EXPORT_SYMBOL_GPL (usb_mon_register);
2977
2978void usb_mon_deregister (void)
2979{
2980
2981 if (mon_ops == NULL) {
2982 printk(KERN_ERR "USB: monitor was not registered\n");
2983 return;
2984 }
2985 mon_ops = NULL;
2986 mb();
2987}
2988EXPORT_SYMBOL_GPL (usb_mon_deregister);
2989
2990#endif /* CONFIG_USB_MON || CONFIG_USB_MON_MODULE */