ia64/xen-unstable

view linux-2.6-xen-sparse/drivers/xen/usbfront/usbfront.c @ 6742:ac6605bceb9d

remove pointless NULL check before calling kfree

Signed-off-by: Vincent Hanquez <vincent@xensource.com>
author vh249@arcadians.cl.cam.ac.uk
date Sat Sep 10 14:41:16 2005 +0000 (2005-09-10)
parents 7d0fb56b4a91
children 9ead08216805
line source
1 /*
2 * Xen Virtual USB Frontend Driver
3 *
4 * This file contains the first version of the Xen virtual USB hub
5 * that I've managed not to delete by mistake (3rd time lucky!).
6 *
7 * Based on Linux's uhci.c, original copyright notices are displayed
8 * below. Portions also (c) 2004 Intel Research Cambridge
9 * and (c) 2004, 2005 Mark Williamson
10 *
11 * Contact <mark.williamson@cl.cam.ac.uk> or
12 * <xen-devel@lists.sourceforge.net> regarding this code.
13 *
14 * Still to be (maybe) implemented:
15 * - migration / backend restart support?
16 * - support for building / using as a module
17 */
19 /*
20 * Universal Host Controller Interface driver for USB.
21 *
22 * Maintainer: Johannes Erdfelt <johannes@erdfelt.com>
23 *
24 * (C) Copyright 1999 Linus Torvalds
25 * (C) Copyright 1999-2002 Johannes Erdfelt, johannes@erdfelt.com
26 * (C) Copyright 1999 Randy Dunlap
27 * (C) Copyright 1999 Georg Acher, acher@in.tum.de
28 * (C) Copyright 1999 Deti Fliegl, deti@fliegl.de
29 * (C) Copyright 1999 Thomas Sailer, sailer@ife.ee.ethz.ch
30 * (C) Copyright 1999 Roman Weissgaerber, weissg@vienna.at
31 * (C) Copyright 2000 Yggdrasil Computing, Inc. (port of new PCI interface
32 * support from usb-ohci.c by Adam Richter, adam@yggdrasil.com).
33 * (C) Copyright 1999 Gregory P. Smith (from usb-ohci.c)
34 *
35 * Intel documents this fairly well, and as far as I know there
36 * are no royalties or anything like that, but even so there are
37 * people who decided that they want to do the same thing in a
38 * completely different way.
39 *
40 * WARNING! The USB documentation is downright evil. Most of it
41 * is just crap, written by a committee. You're better off ignoring
42 * most of it, the important stuff is:
43 * - the low-level protocol (fairly simple but lots of small details)
44 * - working around the horridness of the rest
45 */
47 #include <linux/config.h>
48 #include <linux/module.h>
49 #include <linux/kernel.h>
50 #include <linux/init.h>
51 #include <linux/sched.h>
52 #include <linux/delay.h>
53 #include <linux/slab.h>
54 #include <linux/smp_lock.h>
55 #include <linux/errno.h>
56 #include <linux/interrupt.h>
57 #include <linux/spinlock.h>
58 #ifdef CONFIG_USB_DEBUG
59 #define DEBUG
60 #else
61 #undef DEBUG
62 #endif
63 #include <linux/usb.h>
65 #include <asm/irq.h>
66 #include <asm/system.h>
68 #include "xhci.h"
70 #include "../../../../../drivers/usb/hcd.h"
72 #include <asm-xen/xen-public/io/usbif.h>
73 #include <asm/xen-public/io/domain_controller.h>
75 /*
76 * Version Information
77 */
78 #define DRIVER_VERSION "v1.0"
79 #define DRIVER_AUTHOR "Linus 'Frodo Rabbit' Torvalds, Johannes Erdfelt, " \
80 "Randy Dunlap, Georg Acher, Deti Fliegl, " \
81 "Thomas Sailer, Roman Weissgaerber, Mark Williamson"
82 #define DRIVER_DESC "Xen Virtual USB Host Controller Interface"
84 /*
85 * debug = 0, no debugging messages
86 * debug = 1, dump failed URB's except for stalls
87 * debug = 2, dump all failed URB's (including stalls)
88 */
89 #ifdef DEBUG
90 static int debug = 1;
91 #else
92 static int debug = 0;
93 #endif
94 MODULE_PARM(debug, "i");
95 MODULE_PARM_DESC(debug, "Debug level");
96 static char *errbuf;
97 #define ERRBUF_LEN (PAGE_SIZE * 8)
99 static int rh_submit_urb(struct urb *urb);
100 static int rh_unlink_urb(struct urb *urb);
101 static int xhci_unlink_urb(struct urb *urb);
102 static void xhci_call_completion(struct urb *urb);
103 static void xhci_drain_ring(void);
104 static void xhci_transfer_result(struct xhci *xhci, struct urb *urb);
105 static void xhci_finish_completion(void);
107 #define MAX_URB_LOOP 2048 /* Maximum number of linked URB's */
109 static kmem_cache_t *xhci_up_cachep; /* urb_priv cache */
110 static struct xhci *xhci; /* XHCI structure for the interface */
112 /******************************************************************************
113 * DEBUGGING
114 */
116 #ifdef DEBUG
118 static void dump_urb(struct urb *urb)
119 {
120 printk(KERN_DEBUG "dumping urb @ %p\n"
121 " hcpriv = %p\n"
122 " next = %p\n"
123 " dev = %p\n"
124 " pipe = 0x%lx\n"
125 " status = %d\n"
126 " transfer_flags = 0x%lx\n"
127 " transfer_buffer = %p\n"
128 " transfer_buffer_length = %d\n"
129 " actual_length = %d\n"
130 " bandwidth = %d\n"
131 " setup_packet = %p\n",
132 urb, urb->hcpriv, urb->next, urb->dev, urb->pipe, urb->status,
133 urb->transfer_flags, urb->transfer_buffer,
134 urb->transfer_buffer_length, urb->actual_length, urb->bandwidth,
135 urb->setup_packet);
136 if ( urb->setup_packet != NULL )
137 printk(KERN_DEBUG
138 "setup = { 0x%x, 0x%x, 0x%x, 0x%x, 0x%x, 0x%x, 0x%x, 0x%x }\n",
139 urb->setup_packet[0], urb->setup_packet[1],
140 urb->setup_packet[2], urb->setup_packet[3],
141 urb->setup_packet[4], urb->setup_packet[5],
142 urb->setup_packet[6], urb->setup_packet[7]);
143 printk(KERN_DEBUG "complete = %p\n"
144 "interval = %d\n", urb->complete, urb->interval);
146 }
148 static void xhci_show_resp(usbif_response_t *r)
149 {
150 printk(KERN_DEBUG "dumping response @ %p\n"
151 " id=0x%lx\n"
152 " op=0x%x\n"
153 " data=0x%x\n"
154 " status=0x%x\n"
155 " length=0x%lx\n",
156 r->id, r->operation, r->data, r->status, r->length);
157 }
159 #define DPRINK(...) printk(KERN_DEBUG __VA_ARGS__)
161 #else /* DEBUG */
163 #define dump_urb(blah) ((void)0)
164 #define xhci_show_resp(blah) ((void)0)
165 #define DPRINTK(blah,...) ((void)0)
167 #endif /* DEBUG */
169 /******************************************************************************
170 * RING REQUEST HANDLING
171 */
173 #define RING_PLUGGED(_hc) ( RING_FULL(&_hc->usb_ring) || _hc->recovery )
175 /**
176 * xhci_construct_isoc - add isochronous information to a request
177 */
178 static int xhci_construct_isoc(usbif_request_t *req, struct urb *urb)
179 {
180 usbif_iso_t *schedule;
181 int i;
182 struct urb_priv *urb_priv = urb->hcpriv;
184 req->num_iso = urb->number_of_packets;
185 schedule = (usbif_iso_t *)__get_free_page(GFP_KERNEL);
187 if ( schedule == NULL )
188 return -ENOMEM;
190 for ( i = 0; i < req->num_iso; i++ )
191 {
192 schedule[i].buffer_offset = urb->iso_frame_desc[i].offset;
193 schedule[i].length = urb->iso_frame_desc[i].length;
194 }
196 urb_priv->schedule = schedule;
197 req->iso_schedule = virt_to_mfn(schedule) << PAGE_SHIFT;
199 return 0;
200 }
202 /**
203 * xhci_queue_req - construct and queue request for an URB
204 */
205 static int xhci_queue_req(struct urb *urb)
206 {
207 unsigned long flags;
208 usbif_request_t *req;
209 usbif_front_ring_t *usb_ring = &xhci->usb_ring;
211 #if DEBUG
212 printk(KERN_DEBUG
213 "usbif = %p, req_prod = %d (@ 0x%lx), resp_prod = %d, resp_cons = %d\n",
214 usbif, usbif->req_prod, virt_to_mfn(&usbif->req_prod),
215 usbif->resp_prod, xhci->usb_resp_cons);
216 #endif
218 spin_lock_irqsave(&xhci->ring_lock, flags);
220 if ( RING_PLUGGED(xhci) )
221 {
222 printk(KERN_WARNING
223 "xhci_queue_req(): USB ring plugged, not queuing request\n");
224 spin_unlock_irqrestore(&xhci->ring_lock, flags);
225 return -ENOBUFS;
226 }
228 /* Stick something in the shared communications ring. */
229 req = RING_GET_REQUEST(usb_ring, usb_ring->req_prod_pvt);
231 req->operation = USBIF_OP_IO;
232 req->port = 0; /* We don't care what the port is. */
233 req->id = (unsigned long) urb->hcpriv;
234 req->transfer_buffer = virt_to_mfn(urb->transfer_buffer) << PAGE_SHIFT;
235 req->devnum = usb_pipedevice(urb->pipe);
236 req->direction = usb_pipein(urb->pipe);
237 req->speed = usb_pipeslow(urb->pipe);
238 req->pipe_type = usb_pipetype(urb->pipe);
239 req->length = urb->transfer_buffer_length;
240 req->transfer_flags = urb->transfer_flags;
241 req->endpoint = usb_pipeendpoint(urb->pipe);
242 req->speed = usb_pipeslow(urb->pipe);
243 req->timeout = urb->timeout * (1000 / HZ);
245 if ( usb_pipetype(urb->pipe) == 0 ) /* ISO */
246 {
247 int ret = xhci_construct_isoc(req, urb);
248 if ( ret != 0 )
249 return ret;
250 }
252 if(urb->setup_packet != NULL)
253 memcpy(req->setup, urb->setup_packet, 8);
254 else
255 memset(req->setup, 0, 8);
257 usb_ring->req_prod_pvt++;
258 RING_PUSH_REQUESTS(usb_ring);
260 spin_unlock_irqrestore(&xhci->ring_lock, flags);
262 notify_via_evtchn(xhci->evtchn);
264 DPRINTK("Queued request for an URB.\n");
265 dump_urb(urb);
267 return -EINPROGRESS;
268 }
270 /**
271 * xhci_queue_probe - queue a probe request for a particular port
272 */
273 static inline usbif_request_t *xhci_queue_probe(usbif_vdev_t port)
274 {
275 usbif_request_t *req;
276 usbif_front_ring_t *usb_ring = &xhci->usb_ring;
278 #if DEBUG
279 printk(KERN_DEBUG
280 "queuing probe: req_prod = %d (@ 0x%lx), resp_prod = %d, "
281 "resp_cons = %d\n", usbif->req_prod,
282 virt_to_mfn(&usbif->req_prod),
283 usbif->resp_prod, xhci->usb_resp_cons);
284 #endif
286 /* This is always called from the timer interrupt. */
287 spin_lock(&xhci->ring_lock);
289 if ( RING_PLUGGED(xhci) )
290 {
291 printk(KERN_WARNING
292 "xhci_queue_probe(): ring full, not queuing request\n");
293 spin_unlock(&xhci->ring_lock);
294 return NULL;
295 }
297 /* Stick something in the shared communications ring. */
298 req = RING_GET_REQUEST(usb_ring, usb_ring->req_prod_pvt);
300 memset(req, 0, sizeof(*req));
302 req->operation = USBIF_OP_PROBE;
303 req->port = port;
305 usb_ring->req_prod_pvt++;
306 RING_PUSH_REQUESTS(usb_ring);
308 spin_unlock(&xhci->ring_lock);
310 notify_via_evtchn(xhci->evtchn);
312 return req;
313 }
315 /**
316 * xhci_port_reset - queue a reset request for a particular port
317 */
318 static int xhci_port_reset(usbif_vdev_t port)
319 {
320 usbif_request_t *req;
321 usbif_front_ring_t *usb_ring = &xhci->usb_ring;
323 /* Only ever happens from process context (hub thread). */
324 spin_lock_irq(&xhci->ring_lock);
326 if ( RING_PLUGGED(xhci) )
327 {
328 printk(KERN_WARNING
329 "xhci_port_reset(): ring plugged, not queuing request\n");
330 spin_unlock_irq(&xhci->ring_lock);
331 return -ENOBUFS;
332 }
334 /* We only reset one port at a time, so we only need one variable per
335 * hub. */
336 xhci->awaiting_reset = 1;
338 /* Stick something in the shared communications ring. */
339 req = RING_GET_REQUEST(usb_ring, usb_ring->req_prod_pvt);
341 memset(req, 0, sizeof(*req));
343 req->operation = USBIF_OP_RESET;
344 req->port = port;
346 usb_ring->req_prod_pvt++;
347 RING_PUSH_REQUESTS(usb_ring);
349 spin_unlock_irq(&xhci->ring_lock);
351 notify_via_evtchn(xhci->evtchn);
353 while ( xhci->awaiting_reset > 0 )
354 {
355 mdelay(1);
356 xhci_drain_ring();
357 }
359 xhci->rh.ports[port].pe = 1;
360 xhci->rh.ports[port].pe_chg = 1;
362 return xhci->awaiting_reset;
363 }
366 /******************************************************************************
367 * RING RESPONSE HANDLING
368 */
370 static void receive_usb_reset(usbif_response_t *resp)
371 {
372 xhci->awaiting_reset = resp->status;
373 rmb();
375 }
377 static void receive_usb_probe(usbif_response_t *resp)
378 {
379 spin_lock(&xhci->rh.port_state_lock);
381 if ( resp->status >= 0 )
382 {
383 if ( resp->status == 1 )
384 {
385 /* If theres a device there and there wasn't one before there must
386 * have been a connection status change. */
387 if( xhci->rh.ports[resp->data].cs == 0 )
388 {
389 xhci->rh.ports[resp->data].cs = 1;
390 xhci->rh.ports[resp->data].cs_chg = 1;
391 }
392 }
393 else if ( resp->status == 0 )
394 {
395 if(xhci->rh.ports[resp->data].cs == 1 )
396 {
397 xhci->rh.ports[resp->data].cs = 0;
398 xhci->rh.ports[resp->data].cs_chg = 1;
399 xhci->rh.ports[resp->data].pe = 0;
400 /* According to USB Spec v2.0, 11.24.2.7.2.2, we don't need
401 * to set pe_chg since an error has not occurred. */
402 }
403 }
404 else
405 printk(KERN_WARNING "receive_usb_probe(): unexpected status %d "
406 "for port %d\n", resp->status, resp->data);
407 }
408 else if ( resp->status < 0)
409 printk(KERN_WARNING "receive_usb_probe(): got error status %d\n",
410 resp->status);
412 spin_unlock(&xhci->rh.port_state_lock);
413 }
415 static void receive_usb_io(usbif_response_t *resp)
416 {
417 struct urb_priv *urbp = (struct urb_priv *)resp->id;
418 struct urb *urb = urbp->urb;
420 urb->actual_length = resp->length;
421 urbp->in_progress = 0;
423 if( usb_pipetype(urb->pipe) == 0 ) /* ISO */
424 {
425 int i;
427 /* Copy ISO schedule results back in. */
428 for ( i = 0; i < urb->number_of_packets; i++ )
429 {
430 urb->iso_frame_desc[i].status
431 = urbp->schedule[i].status;
432 urb->iso_frame_desc[i].actual_length
433 = urbp->schedule[i].length;
434 }
435 free_page((unsigned long)urbp->schedule);
436 }
438 /* Only set status if it's not been changed since submission. It might
439 * have been changed if the URB has been unlinked asynchronously, for
440 * instance. */
441 if ( urb->status == -EINPROGRESS )
442 urbp->status = urb->status = resp->status;
443 }
445 /**
446 * xhci_drain_ring - drain responses from the ring, calling handlers
447 *
448 * This may be called from interrupt context when an event is received from the
449 * backend domain, or sometimes in process context whilst waiting for a port
450 * reset or URB completion.
451 */
452 static void xhci_drain_ring(void)
453 {
454 struct list_head *tmp, *head;
455 usbif_front_ring_t *usb_ring = &xhci->usb_ring;
456 usbif_response_t *resp;
457 RING_IDX i, rp;
459 /* Walk the ring here to get responses, updating URBs to show what
460 * completed. */
462 rp = usb_ring->sring->rsp_prod;
463 rmb(); /* Ensure we see queued requests up to 'rp'. */
465 /* Take items off the comms ring, taking care not to overflow. */
466 for ( i = usb_ring->rsp_cons; i != rp; i++ )
467 {
468 resp = RING_GET_RESPONSE(usb_ring, i);
470 /* May need to deal with batching and with putting a ceiling on
471 the number dispatched for performance and anti-dos reasons */
473 xhci_show_resp(resp);
475 switch ( resp->operation )
476 {
477 case USBIF_OP_PROBE:
478 receive_usb_probe(resp);
479 break;
481 case USBIF_OP_IO:
482 receive_usb_io(resp);
483 break;
485 case USBIF_OP_RESET:
486 receive_usb_reset(resp);
487 break;
489 default:
490 printk(KERN_WARNING
491 "error: unknown USB io operation response [%d]\n",
492 resp->operation);
493 break;
494 }
495 }
497 usb_ring->rsp_cons = i;
499 /* Walk the list of pending URB's to see which ones completed and do
500 * callbacks, etc. */
501 spin_lock(&xhci->urb_list_lock);
502 head = &xhci->urb_list;
503 tmp = head->next;
504 while (tmp != head) {
505 struct urb *urb = list_entry(tmp, struct urb, urb_list);
507 tmp = tmp->next;
509 /* Checks the status and does all of the magic necessary */
510 xhci_transfer_result(xhci, urb);
511 }
512 spin_unlock(&xhci->urb_list_lock);
514 xhci_finish_completion();
515 }
518 static void xhci_interrupt(int irq, void *__xhci, struct pt_regs *regs)
519 {
520 xhci_drain_ring();
521 }
523 /******************************************************************************
524 * HOST CONTROLLER FUNCTIONALITY
525 */
527 /**
528 * no-op implementation of private device alloc / free routines
529 */
530 static int xhci_do_nothing_dev(struct usb_device *dev)
531 {
532 return 0;
533 }
535 static inline void xhci_add_complete(struct urb *urb)
536 {
537 struct urb_priv *urbp = (struct urb_priv *)urb->hcpriv;
538 unsigned long flags;
540 spin_lock_irqsave(&xhci->complete_list_lock, flags);
541 list_add_tail(&urbp->complete_list, &xhci->complete_list);
542 spin_unlock_irqrestore(&xhci->complete_list_lock, flags);
543 }
545 /* When this returns, the owner of the URB may free its
546 * storage.
547 *
548 * We spin and wait for the URB to complete before returning.
549 *
550 * Call with urb->lock acquired.
551 */
552 static void xhci_delete_urb(struct urb *urb)
553 {
554 struct urb_priv *urbp;
556 urbp = urb->hcpriv;
558 /* If there's no urb_priv structure for this URB then it can't have
559 * been submitted at all. */
560 if ( urbp == NULL )
561 return;
563 /* For now we just spin until the URB completes. It shouldn't take too
564 * long and we don't expect to have to do this very often. */
565 while ( urb->status == -EINPROGRESS )
566 {
567 xhci_drain_ring();
568 mdelay(1);
569 }
571 /* Now we know that further transfers to the buffer won't
572 * occur, so we can safely return. */
573 }
575 static struct urb_priv *xhci_alloc_urb_priv(struct urb *urb)
576 {
577 struct urb_priv *urbp;
579 urbp = kmem_cache_alloc(xhci_up_cachep, SLAB_ATOMIC);
580 if (!urbp) {
581 err("xhci_alloc_urb_priv: couldn't allocate memory for urb_priv\n");
582 return NULL;
583 }
585 memset((void *)urbp, 0, sizeof(*urbp));
587 urbp->inserttime = jiffies;
588 urbp->urb = urb;
589 urbp->dev = urb->dev;
591 INIT_LIST_HEAD(&urbp->complete_list);
593 urb->hcpriv = urbp;
595 return urbp;
596 }
598 /*
599 * MUST be called with urb->lock acquired
600 */
601 /* When is this called? Do we need to stop the transfer (as we
602 * currently do)? */
603 static void xhci_destroy_urb_priv(struct urb *urb)
604 {
605 struct urb_priv *urbp;
607 urbp = (struct urb_priv *)urb->hcpriv;
608 if (!urbp)
609 return;
611 if (!list_empty(&urb->urb_list))
612 warn("xhci_destroy_urb_priv: urb %p still on xhci->urb_list", urb);
614 if (!list_empty(&urbp->complete_list))
615 warn("xhci_destroy_urb_priv: urb %p still on xhci->complete_list", urb);
617 kmem_cache_free(xhci_up_cachep, urb->hcpriv);
619 urb->hcpriv = NULL;
620 }
622 /**
623 * Try to find URBs in progress on the same pipe to the same device.
624 *
625 * MUST be called with xhci->urb_list_lock acquired
626 */
627 static struct urb *xhci_find_urb_ep(struct xhci *xhci, struct urb *urb)
628 {
629 struct list_head *tmp, *head;
631 /* We don't match Isoc transfers since they are special */
632 if (usb_pipeisoc(urb->pipe))
633 return NULL;
635 head = &xhci->urb_list;
636 tmp = head->next;
637 while (tmp != head) {
638 struct urb *u = list_entry(tmp, struct urb, urb_list);
640 tmp = tmp->next;
642 if (u->dev == urb->dev && u->pipe == urb->pipe &&
643 u->status == -EINPROGRESS)
644 return u;
645 }
647 return NULL;
648 }
650 static int xhci_submit_urb(struct urb *urb)
651 {
652 int ret = -EINVAL;
653 unsigned long flags;
654 struct urb *eurb;
655 int bustime;
657 DPRINTK("URB submitted to XHCI driver.\n");
658 dump_urb(urb);
660 if (!urb)
661 return -EINVAL;
663 if (!urb->dev || !urb->dev->bus || !urb->dev->bus->hcpriv) {
664 warn("xhci_submit_urb: urb %p belongs to disconnected device or bus?", urb);
665 return -ENODEV;
666 }
668 if ( urb->dev->devpath == NULL )
669 BUG();
671 usb_inc_dev_use(urb->dev);
673 spin_lock_irqsave(&xhci->urb_list_lock, flags);
674 spin_lock(&urb->lock);
676 if (urb->status == -EINPROGRESS || urb->status == -ECONNRESET ||
677 urb->status == -ECONNABORTED) {
678 dbg("xhci_submit_urb: urb not available to submit (status = %d)", urb->status);
679 /* Since we can have problems on the out path */
680 spin_unlock(&urb->lock);
681 spin_unlock_irqrestore(&xhci->urb_list_lock, flags);
682 usb_dec_dev_use(urb->dev);
684 return ret;
685 }
687 INIT_LIST_HEAD(&urb->urb_list);
688 if (!xhci_alloc_urb_priv(urb)) {
689 ret = -ENOMEM;
691 goto out;
692 }
694 ( (struct urb_priv *)urb->hcpriv )->in_progress = 1;
696 eurb = xhci_find_urb_ep(xhci, urb);
697 if (eurb && !(urb->transfer_flags & USB_QUEUE_BULK)) {
698 ret = -ENXIO;
700 goto out;
701 }
703 /* Short circuit the virtual root hub */
704 if (urb->dev == xhci->rh.dev) {
705 ret = rh_submit_urb(urb);
707 goto out;
708 }
710 switch (usb_pipetype(urb->pipe)) {
711 case PIPE_CONTROL:
712 case PIPE_BULK:
713 ret = xhci_queue_req(urb);
714 break;
716 case PIPE_INTERRUPT:
717 if (urb->bandwidth == 0) { /* not yet checked/allocated */
718 bustime = usb_check_bandwidth(urb->dev, urb);
719 if (bustime < 0)
720 ret = bustime;
721 else {
722 ret = xhci_queue_req(urb);
723 if (ret == -EINPROGRESS)
724 usb_claim_bandwidth(urb->dev, urb,
725 bustime, 0);
726 }
727 } else /* bandwidth is already set */
728 ret = xhci_queue_req(urb);
729 break;
731 case PIPE_ISOCHRONOUS:
732 if (urb->bandwidth == 0) { /* not yet checked/allocated */
733 if (urb->number_of_packets <= 0) {
734 ret = -EINVAL;
735 break;
736 }
737 bustime = usb_check_bandwidth(urb->dev, urb);
738 if (bustime < 0) {
739 ret = bustime;
740 break;
741 }
743 ret = xhci_queue_req(urb);
744 if (ret == -EINPROGRESS)
745 usb_claim_bandwidth(urb->dev, urb, bustime, 1);
746 } else /* bandwidth is already set */
747 ret = xhci_queue_req(urb);
748 break;
749 }
750 out:
751 urb->status = ret;
753 if (ret == -EINPROGRESS) {
754 /* We use _tail to make find_urb_ep more efficient */
755 list_add_tail(&urb->urb_list, &xhci->urb_list);
757 spin_unlock(&urb->lock);
758 spin_unlock_irqrestore(&xhci->urb_list_lock, flags);
760 return 0;
761 }
763 xhci_delete_urb(urb);
765 spin_unlock(&urb->lock);
766 spin_unlock_irqrestore(&xhci->urb_list_lock, flags);
768 /* Only call completion if it was successful */
769 if (!ret)
770 xhci_call_completion(urb);
772 return ret;
773 }
775 /*
776 * Return the result of a transfer
777 *
778 * MUST be called with urb_list_lock acquired
779 */
780 static void xhci_transfer_result(struct xhci *xhci, struct urb *urb)
781 {
782 int ret = 0;
783 unsigned long flags;
784 struct urb_priv *urbp;
786 /* The root hub is special */
787 if (urb->dev == xhci->rh.dev)
788 return;
790 spin_lock_irqsave(&urb->lock, flags);
792 urbp = (struct urb_priv *)urb->hcpriv;
794 if ( ( (struct urb_priv *)urb->hcpriv )->in_progress )
795 ret = -EINPROGRESS;
797 if (urb->actual_length < urb->transfer_buffer_length) {
798 if (urb->transfer_flags & USB_DISABLE_SPD) {
799 ret = -EREMOTEIO;
800 }
801 }
803 if (urb->status == -EPIPE)
804 {
805 ret = urb->status;
806 /* endpoint has stalled - mark it halted */
807 usb_endpoint_halt(urb->dev, usb_pipeendpoint(urb->pipe),
808 usb_pipeout(urb->pipe));
809 }
811 if ((debug == 1 && ret != 0 && ret != -EPIPE) ||
812 (ret != 0 && debug > 1)) {
813 /* Some debugging code */
814 dbg("xhci_result_interrupt/bulk() failed with status %x",
815 status);
816 }
818 if (ret == -EINPROGRESS)
819 goto out;
821 switch (usb_pipetype(urb->pipe)) {
822 case PIPE_CONTROL:
823 case PIPE_BULK:
824 case PIPE_ISOCHRONOUS:
825 /* Release bandwidth for Interrupt or Isoc. transfers */
826 /* Spinlock needed ? */
827 if (urb->bandwidth)
828 usb_release_bandwidth(urb->dev, urb, 1);
829 xhci_delete_urb(urb);
830 break;
831 case PIPE_INTERRUPT:
832 /* Interrupts are an exception */
833 if (urb->interval)
834 goto out_complete;
836 /* Release bandwidth for Interrupt or Isoc. transfers */
837 /* Spinlock needed ? */
838 if (urb->bandwidth)
839 usb_release_bandwidth(urb->dev, urb, 0);
840 xhci_delete_urb(urb);
841 break;
842 default:
843 info("xhci_transfer_result: unknown pipe type %d for urb %p\n",
844 usb_pipetype(urb->pipe), urb);
845 }
847 /* Remove it from xhci->urb_list */
848 list_del_init(&urb->urb_list);
850 out_complete:
851 xhci_add_complete(urb);
853 out:
854 spin_unlock_irqrestore(&urb->lock, flags);
855 }
857 static int xhci_unlink_urb(struct urb *urb)
858 {
859 unsigned long flags;
860 struct urb_priv *urbp = urb->hcpriv;
862 if (!urb)
863 return -EINVAL;
865 if (!urb->dev || !urb->dev->bus || !urb->dev->bus->hcpriv)
866 return -ENODEV;
868 spin_lock_irqsave(&xhci->urb_list_lock, flags);
869 spin_lock(&urb->lock);
871 /* Release bandwidth for Interrupt or Isoc. transfers */
872 /* Spinlock needed ? */
873 if (urb->bandwidth) {
874 switch (usb_pipetype(urb->pipe)) {
875 case PIPE_INTERRUPT:
876 usb_release_bandwidth(urb->dev, urb, 0);
877 break;
878 case PIPE_ISOCHRONOUS:
879 usb_release_bandwidth(urb->dev, urb, 1);
880 break;
881 default:
882 break;
883 }
884 }
886 if (urb->status != -EINPROGRESS) {
887 spin_unlock(&urb->lock);
888 spin_unlock_irqrestore(&xhci->urb_list_lock, flags);
889 return 0;
890 }
892 list_del_init(&urb->urb_list);
894 /* Short circuit the virtual root hub */
895 if (urb->dev == xhci->rh.dev) {
896 rh_unlink_urb(urb);
898 spin_unlock(&urb->lock);
899 spin_unlock_irqrestore(&xhci->urb_list_lock, flags);
901 xhci_call_completion(urb);
902 } else {
903 if (urb->transfer_flags & USB_ASYNC_UNLINK) {
904 /* We currently don't currently attempt to cancel URBs
905 * that have been queued in the ring. We handle async
906 * unlinked URBs when they complete. */
907 urbp->status = urb->status = -ECONNABORTED;
908 spin_unlock(&urb->lock);
909 spin_unlock_irqrestore(&xhci->urb_list_lock, flags);
910 } else {
911 urb->status = -ENOENT;
913 spin_unlock(&urb->lock);
914 spin_unlock_irqrestore(&xhci->urb_list_lock, flags);
916 if (in_interrupt()) { /* wait at least 1 frame */
917 static int errorcount = 10;
919 if (errorcount--)
920 dbg("xhci_unlink_urb called from interrupt for urb %p", urb);
921 udelay(1000);
922 } else
923 schedule_timeout(1+1*HZ/1000);
925 xhci_delete_urb(urb);
927 xhci_call_completion(urb);
928 }
929 }
931 return 0;
932 }
934 static void xhci_call_completion(struct urb *urb)
935 {
936 struct urb_priv *urbp;
937 struct usb_device *dev = urb->dev;
938 int is_ring = 0, killed, resubmit_interrupt, status;
939 struct urb *nurb;
940 unsigned long flags;
942 spin_lock_irqsave(&urb->lock, flags);
944 urbp = (struct urb_priv *)urb->hcpriv;
945 if (!urbp || !urb->dev) {
946 spin_unlock_irqrestore(&urb->lock, flags);
947 return;
948 }
950 killed = (urb->status == -ENOENT || urb->status == -ECONNABORTED ||
951 urb->status == -ECONNRESET);
952 resubmit_interrupt = (usb_pipetype(urb->pipe) == PIPE_INTERRUPT &&
953 urb->interval);
955 nurb = urb->next;
956 if (nurb && !killed) {
957 int count = 0;
959 while (nurb && nurb != urb && count < MAX_URB_LOOP) {
960 if (nurb->status == -ENOENT ||
961 nurb->status == -ECONNABORTED ||
962 nurb->status == -ECONNRESET) {
963 killed = 1;
964 break;
965 }
967 nurb = nurb->next;
968 count++;
969 }
971 if (count == MAX_URB_LOOP)
972 err("xhci_call_completion: too many linked URB's, loop? (first loop)");
974 /* Check to see if chain is a ring */
975 is_ring = (nurb == urb);
976 }
978 status = urbp->status;
979 if (!resubmit_interrupt || killed)
980 /* We don't need urb_priv anymore */
981 xhci_destroy_urb_priv(urb);
983 if (!killed)
984 urb->status = status;
986 spin_unlock_irqrestore(&urb->lock, flags);
988 if (urb->complete)
989 urb->complete(urb);
991 if (resubmit_interrupt)
992 /* Recheck the status. The completion handler may have */
993 /* unlinked the resubmitting interrupt URB */
994 killed = (urb->status == -ENOENT ||
995 urb->status == -ECONNABORTED ||
996 urb->status == -ECONNRESET);
998 if (resubmit_interrupt && !killed) {
999 if ( urb->dev != xhci->rh.dev )
1000 xhci_queue_req(urb); /* XXX What if this fails? */
1001 /* Don't need to resubmit URBs for the virtual root dev. */
1002 } else {
1003 if (is_ring && !killed) {
1004 urb->dev = dev;
1005 xhci_submit_urb(urb);
1006 } else {
1007 /* We decrement the usage count after we're done */
1008 /* with everything */
1009 usb_dec_dev_use(dev);
1014 static void xhci_finish_completion(void)
1016 struct list_head *tmp, *head;
1017 unsigned long flags;
1019 spin_lock_irqsave(&xhci->complete_list_lock, flags);
1020 head = &xhci->complete_list;
1021 tmp = head->next;
1022 while (tmp != head) {
1023 struct urb_priv *urbp = list_entry(tmp, struct urb_priv,
1024 complete_list);
1025 struct urb *urb = urbp->urb;
1027 list_del_init(&urbp->complete_list);
1028 spin_unlock_irqrestore(&xhci->complete_list_lock, flags);
1030 xhci_call_completion(urb);
1032 spin_lock_irqsave(&xhci->complete_list_lock, flags);
1033 head = &xhci->complete_list;
1034 tmp = head->next;
1036 spin_unlock_irqrestore(&xhci->complete_list_lock, flags);
1039 static struct usb_operations xhci_device_operations = {
1040 .allocate = xhci_do_nothing_dev,
1041 .deallocate = xhci_do_nothing_dev,
1042 /* It doesn't look like any drivers actually care what the frame number
1043 * is at the moment! If necessary, we could approximate the current
1044 * frame nubmer by passing it from the backend in response messages. */
1045 .get_frame_number = NULL,
1046 .submit_urb = xhci_submit_urb,
1047 .unlink_urb = xhci_unlink_urb
1048 };
1050 /******************************************************************************
1051 * VIRTUAL ROOT HUB EMULATION
1052 */
1054 static __u8 root_hub_dev_des[] =
1056 0x12, /* __u8 bLength; */
1057 0x01, /* __u8 bDescriptorType; Device */
1058 0x00, /* __u16 bcdUSB; v1.0 */
1059 0x01,
1060 0x09, /* __u8 bDeviceClass; HUB_CLASSCODE */
1061 0x00, /* __u8 bDeviceSubClass; */
1062 0x00, /* __u8 bDeviceProtocol; */
1063 0x08, /* __u8 bMaxPacketSize0; 8 Bytes */
1064 0x00, /* __u16 idVendor; */
1065 0x00,
1066 0x00, /* __u16 idProduct; */
1067 0x00,
1068 0x00, /* __u16 bcdDevice; */
1069 0x00,
1070 0x00, /* __u8 iManufacturer; */
1071 0x02, /* __u8 iProduct; */
1072 0x01, /* __u8 iSerialNumber; */
1073 0x01 /* __u8 bNumConfigurations; */
1074 };
1077 /* Configuration descriptor */
1078 static __u8 root_hub_config_des[] =
1080 0x09, /* __u8 bLength; */
1081 0x02, /* __u8 bDescriptorType; Configuration */
1082 0x19, /* __u16 wTotalLength; */
1083 0x00,
1084 0x01, /* __u8 bNumInterfaces; */
1085 0x01, /* __u8 bConfigurationValue; */
1086 0x00, /* __u8 iConfiguration; */
1087 0x40, /* __u8 bmAttributes;
1088 Bit 7: Bus-powered, 6: Self-powered,
1089 Bit 5 Remote-wakeup, 4..0: resvd */
1090 0x00, /* __u8 MaxPower; */
1092 /* interface */
1093 0x09, /* __u8 if_bLength; */
1094 0x04, /* __u8 if_bDescriptorType; Interface */
1095 0x00, /* __u8 if_bInterfaceNumber; */
1096 0x00, /* __u8 if_bAlternateSetting; */
1097 0x01, /* __u8 if_bNumEndpoints; */
1098 0x09, /* __u8 if_bInterfaceClass; HUB_CLASSCODE */
1099 0x00, /* __u8 if_bInterfaceSubClass; */
1100 0x00, /* __u8 if_bInterfaceProtocol; */
1101 0x00, /* __u8 if_iInterface; */
1103 /* endpoint */
1104 0x07, /* __u8 ep_bLength; */
1105 0x05, /* __u8 ep_bDescriptorType; Endpoint */
1106 0x81, /* __u8 ep_bEndpointAddress; IN Endpoint 1 */
1107 0x03, /* __u8 ep_bmAttributes; Interrupt */
1108 0x08, /* __u16 ep_wMaxPacketSize; 8 Bytes */
1109 0x00,
1110 0xff /* __u8 ep_bInterval; 255 ms */
1111 };
1113 static __u8 root_hub_hub_des[] =
1115 0x09, /* __u8 bLength; */
1116 0x29, /* __u8 bDescriptorType; Hub-descriptor */
1117 0x02, /* __u8 bNbrPorts; */
1118 0x00, /* __u16 wHubCharacteristics; */
1119 0x00,
1120 0x01, /* __u8 bPwrOn2pwrGood; 2ms */
1121 0x00, /* __u8 bHubContrCurrent; 0 mA */
1122 0x00, /* __u8 DeviceRemovable; *** 7 Ports max *** */
1123 0xff /* __u8 PortPwrCtrlMask; *** 7 ports max *** */
1124 };
1126 /* prepare Interrupt pipe transaction data; HUB INTERRUPT ENDPOINT */
1127 static int rh_send_irq(struct urb *urb)
1129 struct urb_priv *urbp = (struct urb_priv *)urb->hcpriv;
1130 xhci_port_t *ports = xhci->rh.ports;
1131 unsigned long flags;
1132 int i, len = 1;
1133 __u16 data = 0;
1135 spin_lock_irqsave(&urb->lock, flags);
1136 for (i = 0; i < xhci->rh.numports; i++) {
1137 /* Set a bit if anything at all has changed on the port, as per
1138 * USB spec 11.12 */
1139 data |= (ports[i].cs_chg || ports[i].pe_chg )
1140 ? (1 << (i + 1))
1141 : 0;
1143 len = (i + 1) / 8 + 1;
1146 *(__u16 *) urb->transfer_buffer = cpu_to_le16(data);
1147 urb->actual_length = len;
1148 urbp->status = 0;
1150 spin_unlock_irqrestore(&urb->lock, flags);
1152 if ((data > 0) && (xhci->rh.send != 0)) {
1153 dbg("root-hub INT complete: data: %x", data);
1154 xhci_call_completion(urb);
1157 return 0;
1160 /* Virtual Root Hub INTs are polled by this timer every "interval" ms */
1161 static int rh_init_int_timer(struct urb *urb);
1163 static void rh_int_timer_do(unsigned long ptr)
1165 struct urb *urb = (struct urb *)ptr;
1166 struct list_head list, *tmp, *head;
1167 unsigned long flags;
1168 int i;
1170 for ( i = 0; i < xhci->rh.numports; i++)
1171 xhci_queue_probe(i);
1173 if (xhci->rh.send)
1174 rh_send_irq(urb);
1176 INIT_LIST_HEAD(&list);
1178 spin_lock_irqsave(&xhci->urb_list_lock, flags);
1179 head = &xhci->urb_list;
1180 tmp = head->next;
1181 while (tmp != head) {
1182 struct urb *u = list_entry(tmp, struct urb, urb_list);
1183 struct urb_priv *up = (struct urb_priv *)u->hcpriv;
1185 tmp = tmp->next;
1187 spin_lock(&u->lock);
1189 /* Check if the URB timed out */
1190 if (u->timeout && time_after_eq(jiffies,
1191 up->inserttime + u->timeout)) {
1192 list_del(&u->urb_list);
1193 list_add_tail(&u->urb_list, &list);
1196 spin_unlock(&u->lock);
1198 spin_unlock_irqrestore(&xhci->urb_list_lock, flags);
1200 head = &list;
1201 tmp = head->next;
1202 while (tmp != head) {
1203 struct urb *u = list_entry(tmp, struct urb, urb_list);
1205 tmp = tmp->next;
1207 u->transfer_flags |= USB_ASYNC_UNLINK | USB_TIMEOUT_KILLED;
1208 xhci_unlink_urb(u);
1211 rh_init_int_timer(urb);
1214 /* Root Hub INTs are polled by this timer */
1215 static int rh_init_int_timer(struct urb *urb)
1217 xhci->rh.interval = urb->interval;
1218 init_timer(&xhci->rh.rh_int_timer);
1219 xhci->rh.rh_int_timer.function = rh_int_timer_do;
1220 xhci->rh.rh_int_timer.data = (unsigned long)urb;
1221 xhci->rh.rh_int_timer.expires = jiffies
1222 + (HZ * (urb->interval < 30 ? 30 : urb->interval)) / 1000;
1223 add_timer(&xhci->rh.rh_int_timer);
1225 return 0;
1228 #define OK(x) len = (x); break
1230 /* Root Hub Control Pipe */
1231 static int rh_submit_urb(struct urb *urb)
1233 unsigned int pipe = urb->pipe;
1234 struct usb_ctrlrequest *cmd =
1235 (struct usb_ctrlrequest *)urb->setup_packet;
1236 void *data = urb->transfer_buffer;
1237 int leni = urb->transfer_buffer_length;
1238 int len = 0;
1239 xhci_port_t *status;
1240 int stat = 0;
1241 int i;
1242 int retstatus;
1243 unsigned long flags;
1245 __u16 cstatus;
1246 __u16 bmRType_bReq;
1247 __u16 wValue;
1248 __u16 wIndex;
1249 __u16 wLength;
1251 if (usb_pipetype(pipe) == PIPE_INTERRUPT) {
1252 xhci->rh.urb = urb;
1253 xhci->rh.send = 1;
1254 xhci->rh.interval = urb->interval;
1255 rh_init_int_timer(urb);
1257 return -EINPROGRESS;
1260 bmRType_bReq = cmd->bRequestType | cmd->bRequest << 8;
1261 wValue = le16_to_cpu(cmd->wValue);
1262 wIndex = le16_to_cpu(cmd->wIndex);
1263 wLength = le16_to_cpu(cmd->wLength);
1265 for (i = 0; i < 8; i++)
1266 xhci->rh.c_p_r[i] = 0;
1268 status = &xhci->rh.ports[wIndex - 1];
1270 spin_lock_irqsave(&xhci->rh.port_state_lock, flags);
1272 switch (bmRType_bReq) {
1273 /* Request Destination:
1274 without flags: Device,
1275 RH_INTERFACE: interface,
1276 RH_ENDPOINT: endpoint,
1277 RH_CLASS means HUB here,
1278 RH_OTHER | RH_CLASS almost ever means HUB_PORT here
1279 */
1281 case RH_GET_STATUS:
1282 *(__u16 *)data = cpu_to_le16(1);
1283 OK(2);
1284 case RH_GET_STATUS | RH_INTERFACE:
1285 *(__u16 *)data = cpu_to_le16(0);
1286 OK(2);
1287 case RH_GET_STATUS | RH_ENDPOINT:
1288 *(__u16 *)data = cpu_to_le16(0);
1289 OK(2);
1290 case RH_GET_STATUS | RH_CLASS:
1291 *(__u32 *)data = cpu_to_le32(0);
1292 OK(4); /* hub power */
1293 case RH_GET_STATUS | RH_OTHER | RH_CLASS:
1294 cstatus = (status->cs_chg) |
1295 (status->pe_chg << 1) |
1296 (xhci->rh.c_p_r[wIndex - 1] << 4);
1297 retstatus = (status->cs) |
1298 (status->pe << 1) |
1299 (status->susp << 2) |
1300 (1 << 8) | /* power on */
1301 (status->lsda << 9);
1302 *(__u16 *)data = cpu_to_le16(retstatus);
1303 *(__u16 *)(data + 2) = cpu_to_le16(cstatus);
1304 OK(4);
1305 case RH_CLEAR_FEATURE | RH_ENDPOINT:
1306 switch (wValue) {
1307 case RH_ENDPOINT_STALL:
1308 OK(0);
1310 break;
1311 case RH_CLEAR_FEATURE | RH_CLASS:
1312 switch (wValue) {
1313 case RH_C_HUB_OVER_CURRENT:
1314 OK(0); /* hub power over current */
1316 break;
1317 case RH_CLEAR_FEATURE | RH_OTHER | RH_CLASS:
1318 switch (wValue) {
1319 case RH_PORT_ENABLE:
1320 status->pe = 0;
1321 OK(0);
1322 case RH_PORT_SUSPEND:
1323 status->susp = 0;
1324 OK(0);
1325 case RH_PORT_POWER:
1326 OK(0); /* port power */
1327 case RH_C_PORT_CONNECTION:
1328 status->cs_chg = 0;
1329 OK(0);
1330 case RH_C_PORT_ENABLE:
1331 status->pe_chg = 0;
1332 OK(0);
1333 case RH_C_PORT_SUSPEND:
1334 /*** WR_RH_PORTSTAT(RH_PS_PSSC); */
1335 OK(0);
1336 case RH_C_PORT_OVER_CURRENT:
1337 OK(0); /* port power over current */
1338 case RH_C_PORT_RESET:
1339 xhci->rh.c_p_r[wIndex - 1] = 0;
1340 OK(0);
1342 break;
1343 case RH_SET_FEATURE | RH_OTHER | RH_CLASS:
1344 switch (wValue) {
1345 case RH_PORT_SUSPEND:
1346 status->susp = 1;
1347 OK(0);
1348 case RH_PORT_RESET:
1350 int ret;
1351 xhci->rh.c_p_r[wIndex - 1] = 1;
1352 status->pr = 0;
1353 status->pe = 1;
1354 ret = xhci_port_reset(wIndex - 1);
1355 /* XXX MAW: should probably cancel queued transfers during reset... *\/ */
1356 if ( ret == 0 ) { OK(0); }
1357 else { return ret; }
1359 break;
1360 case RH_PORT_POWER:
1361 OK(0); /* port power ** */
1362 case RH_PORT_ENABLE:
1363 status->pe = 1;
1364 OK(0);
1366 break;
1367 case RH_SET_ADDRESS:
1368 xhci->rh.devnum = wValue;
1369 OK(0);
1370 case RH_GET_DESCRIPTOR:
1371 switch ((wValue & 0xff00) >> 8) {
1372 case 0x01: /* device descriptor */
1373 len = min_t(unsigned int, leni,
1374 min_t(unsigned int,
1375 sizeof(root_hub_dev_des), wLength));
1376 memcpy(data, root_hub_dev_des, len);
1377 OK(len);
1378 case 0x02: /* configuration descriptor */
1379 len = min_t(unsigned int, leni,
1380 min_t(unsigned int,
1381 sizeof(root_hub_config_des), wLength));
1382 memcpy (data, root_hub_config_des, len);
1383 OK(len);
1384 case 0x03: /* string descriptors */
1385 len = usb_root_hub_string (wValue & 0xff,
1386 0, "XHCI-alt",
1387 data, wLength);
1388 if (len > 0) {
1389 OK(min_t(int, leni, len));
1390 } else
1391 stat = -EPIPE;
1393 break;
1394 case RH_GET_DESCRIPTOR | RH_CLASS:
1395 root_hub_hub_des[2] = xhci->rh.numports;
1396 len = min_t(unsigned int, leni,
1397 min_t(unsigned int, sizeof(root_hub_hub_des), wLength));
1398 memcpy(data, root_hub_hub_des, len);
1399 OK(len);
1400 case RH_GET_CONFIGURATION:
1401 *(__u8 *)data = 0x01;
1402 OK(1);
1403 case RH_SET_CONFIGURATION:
1404 OK(0);
1405 case RH_GET_INTERFACE | RH_INTERFACE:
1406 *(__u8 *)data = 0x00;
1407 OK(1);
1408 case RH_SET_INTERFACE | RH_INTERFACE:
1409 OK(0);
1410 default:
1411 stat = -EPIPE;
1414 spin_unlock_irqrestore(&xhci->rh.port_state_lock, flags);
1416 urb->actual_length = len;
1418 return stat;
1421 /*
1422 * MUST be called with urb->lock acquired
1423 */
1424 static int rh_unlink_urb(struct urb *urb)
1426 if (xhci->rh.urb == urb) {
1427 urb->status = -ENOENT;
1428 xhci->rh.send = 0;
1429 xhci->rh.urb = NULL;
1430 del_timer(&xhci->rh.rh_int_timer);
1432 return 0;
1435 /******************************************************************************
1436 * CONTROL PLANE FUNCTIONALITY
1437 */
1439 /**
1440 * alloc_xhci - initialise a new virtual root hub for a new USB device channel
1441 */
1442 static int alloc_xhci(void)
1444 int retval;
1445 struct usb_bus *bus;
1447 retval = -EBUSY;
1449 xhci = kmalloc(sizeof(*xhci), GFP_KERNEL);
1450 if (!xhci) {
1451 err("couldn't allocate xhci structure");
1452 retval = -ENOMEM;
1453 goto err_alloc_xhci;
1456 xhci->state = USBIF_STATE_CLOSED;
1458 spin_lock_init(&xhci->urb_list_lock);
1459 INIT_LIST_HEAD(&xhci->urb_list);
1461 spin_lock_init(&xhci->complete_list_lock);
1462 INIT_LIST_HEAD(&xhci->complete_list);
1464 spin_lock_init(&xhci->frame_list_lock);
1466 bus = usb_alloc_bus(&xhci_device_operations);
1468 if (!bus) {
1469 err("unable to allocate bus");
1470 goto err_alloc_bus;
1473 xhci->bus = bus;
1474 bus->bus_name = "XHCI";
1475 bus->hcpriv = xhci;
1477 usb_register_bus(xhci->bus);
1479 /* Initialize the root hub */
1481 xhci->rh.numports = 0;
1483 xhci->bus->root_hub = xhci->rh.dev = usb_alloc_dev(NULL, xhci->bus);
1484 if (!xhci->rh.dev) {
1485 err("unable to allocate root hub");
1486 goto err_alloc_root_hub;
1489 xhci->state = 0;
1491 return 0;
1493 /*
1494 * error exits:
1495 */
1496 err_alloc_root_hub:
1497 usb_deregister_bus(xhci->bus);
1498 usb_free_bus(xhci->bus);
1499 xhci->bus = NULL;
1501 err_alloc_bus:
1502 kfree(xhci);
1504 err_alloc_xhci:
1505 return retval;
1508 /**
1509 * usbif_status_change - deal with an incoming USB_INTERFACE_STATUS_ message
1510 */
1511 static void usbif_status_change(usbif_fe_interface_status_changed_t *status)
1513 ctrl_msg_t cmsg;
1514 usbif_fe_interface_connect_t up;
1515 long rc;
1516 usbif_sring_t *sring;
1518 switch ( status->status )
1520 case USBIF_INTERFACE_STATUS_DESTROYED:
1521 printk(KERN_WARNING "Unexpected usbif-DESTROYED message in state %d\n",
1522 xhci->state);
1523 break;
1525 case USBIF_INTERFACE_STATUS_DISCONNECTED:
1526 if ( xhci->state != USBIF_STATE_CLOSED )
1528 printk(KERN_WARNING "Unexpected usbif-DISCONNECTED message"
1529 " in state %d\n", xhci->state);
1530 break;
1531 /* Not bothering to do recovery here for now. Keep things
1532 * simple. */
1534 spin_lock_irq(&xhci->ring_lock);
1536 /* Clean up resources. */
1537 free_page((unsigned long)xhci->usb_ring.sring);
1538 unbind_evtchn_from_irqhandler(xhci->evtchn, xhci);
1540 /* Plug the ring. */
1541 xhci->recovery = 1;
1542 wmb();
1544 spin_unlock_irq(&xhci->ring_lock);
1547 /* Move from CLOSED to DISCONNECTED state. */
1548 sring = (usbif_sring_t *)__get_free_page(GFP_KERNEL);
1549 SHARED_RING_INIT(sring);
1550 FRONT_RING_INIT(&xhci->usb_ring, sring, PAGE_SIZE);
1551 xhci->state = USBIF_STATE_DISCONNECTED;
1553 /* Construct an interface-CONNECT message for the domain controller. */
1554 cmsg.type = CMSG_USBIF_FE;
1555 cmsg.subtype = CMSG_USBIF_FE_INTERFACE_CONNECT;
1556 cmsg.length = sizeof(usbif_fe_interface_connect_t);
1557 up.shmem_frame = virt_to_mfn(sring);
1558 memcpy(cmsg.msg, &up, sizeof(up));
1560 /* Tell the controller to bring up the interface. */
1561 ctrl_if_send_message_block(&cmsg, NULL, 0, TASK_UNINTERRUPTIBLE);
1562 break;
1564 case USBIF_INTERFACE_STATUS_CONNECTED:
1565 if ( xhci->state == USBIF_STATE_CLOSED )
1567 printk(KERN_WARNING "Unexpected usbif-CONNECTED message"
1568 " in state %d\n", xhci->state);
1569 break;
1572 xhci->evtchn = status->evtchn;
1573 xhci->bandwidth = status->bandwidth;
1574 xhci->rh.numports = status->num_ports;
1576 xhci->rh.ports = kmalloc (sizeof(xhci_port_t) * xhci->rh.numports, GFP_KERNEL);
1578 if ( xhci->rh.ports == NULL )
1579 goto alloc_ports_nomem;
1581 memset(xhci->rh.ports, 0, sizeof(xhci_port_t) * xhci->rh.numports);
1583 usb_connect(xhci->rh.dev);
1585 if (usb_new_device(xhci->rh.dev) != 0) {
1586 err("unable to start root hub");
1589 /* Allocate the appropriate USB bandwidth here... Need to
1590 * somehow know what the total available is thought to be so we
1591 * can calculate the reservation correctly. */
1592 usb_claim_bandwidth(xhci->rh.dev, xhci->rh.urb,
1593 1000 - xhci->bandwidth, 0);
1595 if ( (rc = bind_evtchn_to_irqhandler(xhci->evtchn, xhci_interrupt,
1596 SA_SAMPLE_RANDOM, "usbif", xhci)) )
1597 printk(KERN_ALERT"usbfront request_irq failed (%ld)\n",rc);
1599 DPRINTK(KERN_INFO __FILE__
1600 ": USB XHCI: SHM at %p (0x%lx), EVTCHN %d\n",
1601 xhci->usb_ring.sring, virt_to_mfn(xhci->usbif),
1602 xhci->evtchn);
1604 xhci->state = USBIF_STATE_CONNECTED;
1606 break;
1608 default:
1609 printk(KERN_WARNING "Status change to unknown value %d\n",
1610 status->status);
1611 break;
1614 return;
1616 alloc_ports_nomem:
1617 printk(KERN_WARNING "Failed to allocate port memory, XHCI failed to connect.\n");
1618 return;
1621 /**
1622 * usbif_ctrlif_rx - demux control messages by subtype
1623 */
1624 static void usbif_ctrlif_rx(ctrl_msg_t *msg, unsigned long id)
1626 switch ( msg->subtype )
1628 case CMSG_USBIF_FE_INTERFACE_STATUS_CHANGED:
1629 usbif_status_change((usbif_fe_interface_status_changed_t *)
1630 &msg->msg[0]);
1631 break;
1633 /* New interface...? */
1634 default:
1635 msg->length = 0;
1636 break;
1639 ctrl_if_send_response(msg);
1642 static void send_driver_up(void)
1644 control_msg_t cmsg;
1645 usbif_fe_interface_status_changed_t st;
1647 /* Send a driver-UP notification to the domain controller. */
1648 cmsg.type = CMSG_USBIF_FE;
1649 cmsg.subtype = CMSG_USBIF_FE_DRIVER_STATUS_CHANGED;
1650 cmsg.length = sizeof(usbif_fe_driver_status_changed_t);
1651 st.status = USBIF_DRIVER_STATUS_UP;
1652 memcpy(cmsg.msg, &st, sizeof(st));
1653 ctrl_if_send_message_block(&cmsg, NULL, 0, TASK_UNINTERRUPTIBLE);
1656 void usbif_resume(void)
1658 int i;
1660 /* Fake disconnection on all virtual USB ports (suspending / migrating
1661 * will destroy hard state associated will the USB devices anyhow). */
1662 /* No need to lock here. */
1663 for ( i = 0; i < xhci->rh.numports; i++ )
1665 xhci->rh.ports[i].cs = 0;
1666 xhci->rh.ports[i].cs_chg = 1;
1667 xhci->rh.ports[i].pe = 0;
1670 send_driver_up();
1673 static int __init xhci_hcd_init(void)
1675 int retval = -ENOMEM, i;
1677 if ( (xen_start_info->flags & SIF_INITDOMAIN) ||
1678 (xen_start_info->flags & SIF_USB_BE_DOMAIN) )
1679 return 0;
1681 info(DRIVER_DESC " " DRIVER_VERSION);
1683 if (debug) {
1684 errbuf = kmalloc(ERRBUF_LEN, GFP_KERNEL);
1685 if (!errbuf)
1686 goto errbuf_failed;
1689 xhci_up_cachep = kmem_cache_create("xhci_urb_priv",
1690 sizeof(struct urb_priv), 0, 0, NULL, NULL);
1691 if (!xhci_up_cachep)
1692 goto up_failed;
1694 /* Let the domain controller know we're here. For now we wait until
1695 * connection, as for the block and net drivers. This is only strictly
1696 * necessary if we're going to boot off a USB device. */
1697 printk(KERN_INFO "Initialising Xen virtual USB hub\n");
1699 (void)ctrl_if_register_receiver(CMSG_USBIF_FE, usbif_ctrlif_rx,
1700 CALLBACK_IN_BLOCKING_CONTEXT);
1702 alloc_xhci();
1704 send_driver_up();
1706 /*
1707 * We should read 'nr_interfaces' from response message and wait
1708 * for notifications before proceeding. For now we assume that we
1709 * will be notified of exactly one interface.
1710 */
1711 for ( i=0; (xhci->state != USBIF_STATE_CONNECTED) && (i < 10*HZ); i++ )
1713 set_current_state(TASK_INTERRUPTIBLE);
1714 schedule_timeout(1);
1717 if (xhci->state != USBIF_STATE_CONNECTED)
1718 printk(KERN_WARNING "Timeout connecting USB frontend driver!\n");
1720 return 0;
1722 up_failed:
1723 kfree(errbuf);
1725 errbuf_failed:
1726 return retval;
1729 module_init(xhci_hcd_init);
1731 MODULE_AUTHOR(DRIVER_AUTHOR);
1732 MODULE_DESCRIPTION(DRIVER_DESC);
1733 MODULE_LICENSE("GPL");