1/* 2 * Copyright 2011-2021, Haiku, Inc. All rights reserved. 3 * Distributed under the terms of the MIT License. 4 * 5 * Authors: 6 * Augustin Cavalier <waddlesplash> 7 * Jian Chiang <j.jian.chiang@gmail.com> 8 * J��r��me Duval <jerome.duval@gmail.com> 9 * Akshay Jaggi <akshay1994.leo@gmail.com> 10 * Michael Lotz <mmlr@mlotz.ch> 11 * Alexander von Gluck <kallisti5@unixzen.com> 12 */ 13 14 15#include <stdio.h> 16 17#include <bus/PCI.h> 18#include <USB3.h> 19#include <KernelExport.h> 20 21#include <ByteOrder.h> 22#include <util/AutoLock.h> 23 24#include "xhci.h" 25 26 27#define CALLED(x...) TRACE_MODULE("CALLED %s\n", __PRETTY_FUNCTION__) 28 29 30#define USB_MODULE_NAME "xhci" 31 32device_manager_info* gDeviceManager; 33static usb_for_controller_interface* gUSB; 34 35 36#define XHCI_PCI_DEVICE_MODULE_NAME "busses/usb/xhci/pci/driver_v1" 37#define XHCI_PCI_USB_BUS_MODULE_NAME "busses/usb/xhci/device_v1" 38 39 40typedef struct { 41 XHCI* xhci; 42 pci_device_module_info* pci; 43 pci_device* device; 44 45 pci_info pciinfo; 46 47 device_node* node; 48 device_node* driver_node; 49} xhci_pci_sim_info; 50 51 52// #pragma mark - 53 54 55static status_t 56init_bus(device_node* node, void** bus_cookie) 57{ 58 CALLED(); 59 60 driver_module_info* driver; 61 xhci_pci_sim_info* bus; 62 device_node* parent = gDeviceManager->get_parent_node(node); 63 gDeviceManager->get_driver(parent, &driver, (void**)&bus); 64 gDeviceManager->put_node(parent); 65 66 Stack *stack; 67 if (gUSB->get_stack((void**)&stack) != B_OK) 68 return B_ERROR; 69 70 XHCI *xhci = new(std::nothrow) XHCI(&bus->pciinfo, bus->pci, bus->device, stack, node); 71 if (xhci == NULL) { 72 return B_NO_MEMORY; 73 } 74 75 if (xhci->InitCheck() < B_OK) { 76 TRACE_MODULE_ERROR("bus failed init check\n"); 77 delete xhci; 78 return B_ERROR; 79 } 80 81 if (xhci->Start() != B_OK) { 82 delete xhci; 83 return B_ERROR; 84 } 85 86 *bus_cookie = xhci; 87 88 return B_OK; 89} 90 91 92static void 93uninit_bus(void* bus_cookie) 94{ 95 CALLED(); 96 XHCI* xhci = (XHCI*)bus_cookie; 97 delete xhci; 98} 99 100 101static status_t 102register_child_devices(void* cookie) 103{ 104 CALLED(); 105 xhci_pci_sim_info* bus = (xhci_pci_sim_info*)cookie; 106 device_node* node = bus->driver_node; 107 108 char prettyName[25]; 109 sprintf(prettyName, "XHCI Controller %" B_PRIu16, 0); 110 111 device_attr attrs[] = { 112 // properties of this controller for the usb bus manager 113 { B_DEVICE_PRETTY_NAME, B_STRING_TYPE, 114 { .string = prettyName }}, 115 { B_DEVICE_FIXED_CHILD, B_STRING_TYPE, 116 { .string = USB_FOR_CONTROLLER_MODULE_NAME }}, 117 118 // private data to identify the device 119 { NULL } 120 }; 121 122 return gDeviceManager->register_node(node, XHCI_PCI_USB_BUS_MODULE_NAME, 123 attrs, NULL, NULL); 124} 125 126 127static status_t 128init_device(device_node* node, void** device_cookie) 129{ 130 CALLED(); 131 xhci_pci_sim_info* bus = (xhci_pci_sim_info*)calloc(1, 132 sizeof(xhci_pci_sim_info)); 133 if (bus == NULL) 134 return B_NO_MEMORY; 135 136 pci_device_module_info* pci; 137 pci_device* device; 138 { 139 device_node* pciParent = gDeviceManager->get_parent_node(node); 140 gDeviceManager->get_driver(pciParent, (driver_module_info**)&pci, 141 (void**)&device); 142 gDeviceManager->put_node(pciParent); 143 } 144 145 bus->pci = pci; 146 bus->device = device; 147 bus->driver_node = node; 148 149 pci_info *pciInfo = &bus->pciinfo; 150 pci->get_pci_info(device, pciInfo); 151 152 *device_cookie = bus; 153 return B_OK; 154} 155 156 157static void 158uninit_device(void* device_cookie) 159{ 160 CALLED(); 161 xhci_pci_sim_info* bus = (xhci_pci_sim_info*)device_cookie; 162 free(bus); 163} 164 165 166static status_t 167register_device(device_node* parent) 168{ 169 CALLED(); 170 device_attr attrs[] = { 171 {B_DEVICE_PRETTY_NAME, B_STRING_TYPE, {.string = "XHCI PCI"}}, 172 {} 173 }; 174 175 return gDeviceManager->register_node(parent, 176 XHCI_PCI_DEVICE_MODULE_NAME, attrs, NULL, NULL); 177} 178 179 180static float 181supports_device(device_node* parent) 182{ 183 CALLED(); 184 const char* bus; 185 uint16 type, subType, api; 186 187 // make sure parent is a XHCI PCI device node 188 if (gDeviceManager->get_attr_string(parent, B_DEVICE_BUS, &bus, false) 189 < B_OK) { 190 return -1; 191 } 192 193 if (strcmp(bus, "pci") != 0) 194 return 0.0f; 195 196 if (gDeviceManager->get_attr_uint16(parent, B_DEVICE_SUB_TYPE, &subType, 197 false) < B_OK 198 || gDeviceManager->get_attr_uint16(parent, B_DEVICE_TYPE, &type, 199 false) < B_OK 200 || gDeviceManager->get_attr_uint16(parent, B_DEVICE_INTERFACE, &api, 201 false) < B_OK) { 202 TRACE_MODULE("Could not find type/subtype/interface attributes\n"); 203 return -1; 204 } 205 206 if (type == PCI_serial_bus && subType == PCI_usb && api == PCI_usb_xhci) { 207 pci_device_module_info* pci; 208 pci_device* device; 209 gDeviceManager->get_driver(parent, (driver_module_info**)&pci, 210 (void**)&device); 211 TRACE_MODULE("XHCI Device found!\n"); 212 213 return 0.8f; 214 } 215 216 return 0.0f; 217} 218 219 220static const char* 221xhci_error_string(uint32 error) 222{ 223 switch (error) { 224 case COMP_INVALID: return "Invalid"; 225 case COMP_SUCCESS: return "Success"; 226 case COMP_DATA_BUFFER: return "Data buffer"; 227 case COMP_BABBLE: return "Babble detected"; 228 case COMP_USB_TRANSACTION: return "USB transaction"; 229 case COMP_TRB: return "TRB"; 230 case COMP_STALL: return "Stall"; 231 case COMP_RESOURCE: return "Resource"; 232 case COMP_BANDWIDTH: return "Bandwidth"; 233 case COMP_NO_SLOTS: return "No slots"; 234 case COMP_INVALID_STREAM: return "Invalid stream"; 235 case COMP_SLOT_NOT_ENABLED: return "Slot not enabled"; 236 case COMP_ENDPOINT_NOT_ENABLED: return "Endpoint not enabled"; 237 case COMP_SHORT_PACKET: return "Short packet"; 238 case COMP_RING_UNDERRUN: return "Ring underrun"; 239 case COMP_RING_OVERRUN: return "Ring overrun"; 240 case COMP_VF_RING_FULL: return "VF Event Ring Full"; 241 case COMP_PARAMETER: return "Parameter"; 242 case COMP_BANDWIDTH_OVERRUN: return "Bandwidth overrun"; 243 case COMP_CONTEXT_STATE: return "Context state"; 244 case COMP_NO_PING_RESPONSE: return "No ping response"; 245 case COMP_EVENT_RING_FULL: return "Event ring full"; 246 case COMP_INCOMPATIBLE_DEVICE: return "Incompatible device"; 247 case COMP_MISSED_SERVICE: return "Missed service"; 248 case COMP_COMMAND_RING_STOPPED: return "Command ring stopped"; 249 case COMP_COMMAND_ABORTED: return "Command aborted"; 250 case COMP_STOPPED: return "Stopped"; 251 case COMP_STOPPED_LENGTH_INVALID: return "Stopped (length invalid)"; 252 case COMP_MAX_EXIT_LATENCY: return "Max exit latency too large"; 253 case COMP_ISOC_OVERRUN: return "Isoch buffer overrun"; 254 case COMP_EVENT_LOST: return "Event lost"; 255 case COMP_UNDEFINED: return "Undefined"; 256 case COMP_INVALID_STREAM_ID: return "Invalid stream ID"; 257 case COMP_SECONDARY_BANDWIDTH: return "Secondary bandwidth"; 258 case COMP_SPLIT_TRANSACTION: return "Split transaction"; 259 260 default: return "Undefined"; 261 } 262} 263 264 265static status_t 266xhci_error_status(uint32 error, bool directionIn) 267{ 268 switch (error) { 269 case COMP_SHORT_PACKET: 270 case COMP_SUCCESS: 271 return B_OK; 272 case COMP_DATA_BUFFER: 273 return directionIn ? B_DEV_WRITE_ERROR : B_DEV_READ_ERROR; 274 case COMP_BABBLE: 275 return directionIn ? B_DEV_DATA_OVERRUN : B_DEV_DATA_UNDERRUN; 276 case COMP_RING_UNDERRUN: 277 return B_DEV_FIFO_UNDERRUN; 278 case COMP_RING_OVERRUN: 279 return B_DEV_FIFO_OVERRUN; 280 case COMP_MISSED_SERVICE: 281 return B_DEV_TOO_LATE; 282 case COMP_USB_TRANSACTION: 283 return B_DEV_CRC_ERROR; 284 case COMP_STALL: 285 return B_DEV_STALLED; 286 default: 287 return B_DEV_STALLED; 288 } 289} 290 291 292module_dependency module_dependencies[] = { 293 { USB_FOR_CONTROLLER_MODULE_NAME, (module_info**)&gUSB }, 294 { B_DEVICE_MANAGER_MODULE_NAME, (module_info**)&gDeviceManager }, 295 {} 296}; 297 298 299static usb_bus_interface gXHCIPCIDeviceModule = { 300 { 301 { 302 XHCI_PCI_USB_BUS_MODULE_NAME, 303 0, 304 NULL 305 }, 306 NULL, // supports device 307 NULL, // register device 308 init_bus, 309 uninit_bus, 310 NULL, // register child devices 311 NULL, // rescan 312 NULL, // device removed 313 }, 314}; 315 316// Root device that binds to the PCI bus. It will register an usb_bus_interface 317// node for each device. 318static driver_module_info sXHCIDevice = { 319 { 320 XHCI_PCI_DEVICE_MODULE_NAME, 321 0, 322 NULL 323 }, 324 supports_device, 325 register_device, 326 init_device, 327 uninit_device, 328 register_child_devices, 329 NULL, // rescan 330 NULL, // device removed 331}; 332 333module_info* modules[] = { 334 (module_info* )&sXHCIDevice, 335 (module_info* )&gXHCIPCIDeviceModule, 336 NULL 337}; 338 339 340XHCI::XHCI(pci_info *info, pci_device_module_info* pci, pci_device* device, Stack *stack, 341 device_node* node) 342 : BusManager(stack, node), 343 fRegisterArea(-1), 344 fRegisters(NULL), 345 fPCIInfo(info), 346 fPci(pci), 347 fDevice(device), 348 fStack(stack), 349 fIRQ(0), 350 fUseMSI(false), 351 fErstArea(-1), 352 fDcbaArea(-1), 353 fCmdCompSem(-1), 354 fStopThreads(false), 355 fRootHub(NULL), 356 fPortCount(0), 357 fSlotCount(0), 358 fScratchpadCount(0), 359 fContextSizeShift(0), 360 fFinishedHead(NULL), 361 fFinishTransfersSem(-1), 362 fFinishThread(-1), 363 fEventSem(-1), 364 fEventThread(-1), 365 fEventIdx(0), 366 fCmdIdx(0), 367 fEventCcs(1), 368 fCmdCcs(1) 369{ 370 B_INITIALIZE_SPINLOCK(&fSpinlock); 371 mutex_init(&fFinishedLock, "XHCI finished transfers"); 372 mutex_init(&fEventLock, "XHCI event handler"); 373 374 if (BusManager::InitCheck() < B_OK) { 375 TRACE_ERROR("bus manager failed to init\n"); 376 return; 377 } 378 379 TRACE("constructing new XHCI host controller driver\n"); 380 fInitOK = false; 381 382 // enable busmaster and memory mapped access 383 uint16 command = fPci->read_pci_config(fDevice, PCI_command, 2); 384 command &= ~(PCI_command_io | PCI_command_int_disable); 385 command |= PCI_command_master | PCI_command_memory; 386 387 fPci->write_pci_config(fDevice, PCI_command, 2, command); 388 389 // map the registers (low + high for 64-bit when requested) 390 phys_addr_t physicalAddress = fPCIInfo->u.h0.base_registers[0]; 391 if ((fPCIInfo->u.h0.base_register_flags[0] & PCI_address_type) 392 == PCI_address_type_64) { 393 physicalAddress |= (uint64)fPCIInfo->u.h0.base_registers[1] << 32; 394 } 395 396 size_t mapSize = fPCIInfo->u.h0.base_register_sizes[0]; 397 398 TRACE("map registers %08" B_PRIxPHYSADDR ", size: %" B_PRIuSIZE "\n", 399 physicalAddress, mapSize); 400 401 fRegisterArea = map_physical_memory("XHCI memory mapped registers", 402 physicalAddress, mapSize, B_ANY_KERNEL_BLOCK_ADDRESS, 403 B_KERNEL_READ_AREA | B_KERNEL_WRITE_AREA, 404 (void **)&fRegisters); 405 if (fRegisterArea < B_OK) { 406 TRACE_ERROR("failed to map register memory\n"); 407 return; 408 } 409 410 // determine the register offsets 411 fCapabilityRegisterOffset = 0; 412 fOperationalRegisterOffset = HCI_CAPLENGTH(ReadCapReg32(XHCI_HCI_CAPLENGTH)); 413 fRuntimeRegisterOffset = ReadCapReg32(XHCI_RTSOFF) & ~0x1F; 414 fDoorbellRegisterOffset = ReadCapReg32(XHCI_DBOFF) & ~0x3; 415 416 TRACE("mapped registers: %p\n", fRegisters); 417 TRACE("operational register offset: %" B_PRId32 "\n", fOperationalRegisterOffset); 418 TRACE("runtime register offset: %" B_PRId32 "\n", fRuntimeRegisterOffset); 419 TRACE("doorbell register offset: %" B_PRId32 "\n", fDoorbellRegisterOffset); 420 421 int32 interfaceVersion = HCI_VERSION(ReadCapReg32(XHCI_HCI_VERSION)); 422 if (interfaceVersion < 0x0090 || interfaceVersion > 0x0120) { 423 TRACE_ERROR("unsupported interface version: 0x%04" B_PRIx32 "\n", 424 interfaceVersion); 425 return; 426 } 427 TRACE_ALWAYS("interface version: 0x%04" B_PRIx32 "\n", interfaceVersion); 428 429 TRACE_ALWAYS("structural parameters: 1:0x%08" B_PRIx32 " 2:0x%08" 430 B_PRIx32 " 3:0x%08" B_PRIx32 "\n", ReadCapReg32(XHCI_HCSPARAMS1), 431 ReadCapReg32(XHCI_HCSPARAMS2), ReadCapReg32(XHCI_HCSPARAMS3)); 432 433 uint32 cparams = ReadCapReg32(XHCI_HCCPARAMS); 434 if (cparams == 0xffffffff) 435 return; 436 TRACE_ALWAYS("capability parameters: 0x%08" B_PRIx32 "\n", cparams); 437 438 // if 64 bytes context structures, then 1 439 fContextSizeShift = HCC_CSZ(cparams); 440 441 // Assume ownership of the controller from the BIOS. 442 uint32 eec = 0xffffffff; 443 uint32 eecp = HCS0_XECP(cparams) << 2; 444 for (; eecp != 0 && XECP_NEXT(eec); eecp += XECP_NEXT(eec) << 2) { 445 TRACE("eecp register: 0x%08" B_PRIx32 "\n", eecp); 446 447 eec = ReadCapReg32(eecp); 448 if (XECP_ID(eec) != XHCI_LEGSUP_CAPID) 449 continue; 450 451 if (eec & XHCI_LEGSUP_BIOSOWNED) { 452 TRACE_ALWAYS("the host controller is bios owned, claiming" 453 " ownership\n"); 454 WriteCapReg32(eecp, eec | XHCI_LEGSUP_OSOWNED); 455 456 for (int32 i = 0; i < 20; i++) { 457 eec = ReadCapReg32(eecp); 458 459 if ((eec & XHCI_LEGSUP_BIOSOWNED) == 0) 460 break; 461 462 TRACE_ALWAYS("controller is still bios owned, waiting\n"); 463 snooze(50000); 464 } 465 466 if (eec & XHCI_LEGSUP_BIOSOWNED) { 467 TRACE_ERROR("bios won't give up control over the host " 468 "controller (ignoring)\n"); 469 } else if (eec & XHCI_LEGSUP_OSOWNED) { 470 TRACE_ALWAYS("successfully took ownership of the host " 471 "controller\n"); 472 } 473 474 // Force off the BIOS owned flag, and clear all SMIs. Some BIOSes 475 // do indicate a successful handover but do not remove their SMIs 476 // and then freeze the system when interrupts are generated. 477 WriteCapReg32(eecp, eec & ~XHCI_LEGSUP_BIOSOWNED); 478 } 479 break; 480 } 481 uint32 legctlsts = ReadCapReg32(eecp + XHCI_LEGCTLSTS); 482 legctlsts &= XHCI_LEGCTLSTS_DISABLE_SMI; 483 legctlsts |= XHCI_LEGCTLSTS_EVENTS_SMI; 484 WriteCapReg32(eecp + XHCI_LEGCTLSTS, legctlsts); 485 486 // We need to explicitly take ownership of EHCI ports on earlier Intel chipsets. 487 if (fPCIInfo->vendor_id == PCI_VENDOR_INTEL) { 488 switch (fPCIInfo->device_id) { 489 case PCI_DEVICE_INTEL_PANTHER_POINT_XHCI: 490 case PCI_DEVICE_INTEL_LYNX_POINT_XHCI: 491 case PCI_DEVICE_INTEL_LYNX_POINT_LP_XHCI: 492 case PCI_DEVICE_INTEL_BAYTRAIL_XHCI: 493 case PCI_DEVICE_INTEL_WILDCAT_POINT_XHCI: 494 case PCI_DEVICE_INTEL_WILDCAT_POINT_LP_XHCI: 495 _SwitchIntelPorts(); 496 break; 497 } 498 } 499 500 // halt the host controller 501 if (ControllerHalt() < B_OK) { 502 return; 503 } 504 505 // reset the host controller 506 if (ControllerReset() < B_OK) { 507 TRACE_ERROR("host controller failed to reset\n"); 508 return; 509 } 510 511 fCmdCompSem = create_sem(0, "XHCI Command Complete"); 512 fFinishTransfersSem = create_sem(0, "XHCI Finish Transfers"); 513 fEventSem = create_sem(0, "XHCI Event"); 514 if (fFinishTransfersSem < B_OK || fCmdCompSem < B_OK || fEventSem < B_OK) { 515 TRACE_ERROR("failed to create semaphores\n"); 516 return; 517 } 518 519 // create event handler thread 520 fEventThread = spawn_kernel_thread(EventThread, "xhci event thread", 521 B_URGENT_PRIORITY, (void *)this); 522 resume_thread(fEventThread); 523 524 // create finisher service thread 525 fFinishThread = spawn_kernel_thread(FinishThread, "xhci finish thread", 526 B_URGENT_PRIORITY - 1, (void *)this); 527 resume_thread(fFinishThread); 528 529 // Find the right interrupt vector, using MSIs if available. 530 fIRQ = fPCIInfo->u.h0.interrupt_line; 531 if (fIRQ == 0xFF) 532 fIRQ = 0; 533 534#if 0 535 if (fPci->get_msix_count(fDevice) >= 1) { 536 uint8 msiVector = 0; 537 if (fPci->configure_msix(fDevice, 1, &msiVector) == B_OK 538 && fPci->enable_msix(fDevice) == B_OK) { 539 TRACE_ALWAYS("using MSI-X\n"); 540 fIRQ = msiVector; 541 fUseMSI = true; 542 } 543 } else 544#endif 545 if (fPci->get_msi_count(fDevice) >= 1) { 546 uint32 msiVector = 0; 547 if (fPci->configure_msi(fDevice, 1, &msiVector) == B_OK 548 && fPci->enable_msi(fDevice) == B_OK) { 549 TRACE_ALWAYS("using message signaled interrupts\n"); 550 fIRQ = msiVector; 551 fUseMSI = true; 552 } 553 } 554 555 if (fIRQ == 0) { 556 TRACE_MODULE_ERROR("device PCI:%d:%d:%d was assigned an invalid IRQ\n", 557 fPCIInfo->bus, fPCIInfo->device, fPCIInfo->function); 558 return; 559 } 560 561 // Install the interrupt handler 562 TRACE("installing interrupt handler\n"); 563 install_io_interrupt_handler(fIRQ, InterruptHandler, (void *)this, 0); 564 565 memset(fPortSpeeds, 0, sizeof(fPortSpeeds)); 566 memset(fDevices, 0, sizeof(fDevices)); 567 568 fInitOK = true; 569 TRACE("driver construction successful\n"); 570} 571 572 573XHCI::~XHCI() 574{ 575 TRACE("tear down XHCI host controller driver\n"); 576 577 WriteOpReg(XHCI_CMD, 0); 578 579 int32 result = 0; 580 fStopThreads = true; 581 delete_sem(fCmdCompSem); 582 delete_sem(fFinishTransfersSem); 583 delete_sem(fEventSem); 584 wait_for_thread(fFinishThread, &result); 585 wait_for_thread(fEventThread, &result); 586 587 mutex_destroy(&fFinishedLock); 588 mutex_destroy(&fEventLock); 589 590 remove_io_interrupt_handler(fIRQ, InterruptHandler, (void *)this); 591 592 delete_area(fRegisterArea); 593 delete_area(fErstArea); 594 for (uint32 i = 0; i < fScratchpadCount; i++) 595 delete_area(fScratchpadArea[i]); 596 delete_area(fDcbaArea); 597 598 if (fUseMSI) { 599 fPci->disable_msi(fDevice); 600 fPci->unconfigure_msi(fDevice); 601 } 602} 603 604 605void 606XHCI::_SwitchIntelPorts() 607{ 608 TRACE("Looking for EHCI owned ports\n"); 609 uint32 ports = fPci->read_pci_config(fDevice, XHCI_INTEL_USB3PRM, 4); 610 TRACE("Superspeed Ports: 0x%" B_PRIx32 "\n", ports); 611 fPci->write_pci_config(fDevice, XHCI_INTEL_USB3_PSSEN, 4, ports); 612 ports = fPci->read_pci_config(fDevice, XHCI_INTEL_USB3_PSSEN, 4); 613 TRACE("Superspeed ports now under XHCI : 0x%" B_PRIx32 "\n", ports); 614 ports = fPci->read_pci_config(fDevice, XHCI_INTEL_USB2PRM, 4); 615 TRACE("USB 2.0 Ports : 0x%" B_PRIx32 "\n", ports); 616 fPci->write_pci_config(fDevice, XHCI_INTEL_XUSB2PR, 4, ports); 617 ports = fPci->read_pci_config(fDevice, XHCI_INTEL_XUSB2PR, 4); 618 TRACE("USB 2.0 ports now under XHCI: 0x%" B_PRIx32 "\n", ports); 619} 620 621 622status_t 623XHCI::Start() 624{ 625 TRACE_ALWAYS("starting XHCI host controller\n"); 626 TRACE("usbcmd: 0x%08" B_PRIx32 "; usbsts: 0x%08" B_PRIx32 "\n", 627 ReadOpReg(XHCI_CMD), ReadOpReg(XHCI_STS)); 628 629 if (WaitOpBits(XHCI_STS, STS_CNR, 0) != B_OK) { 630 TRACE("Start() failed STS_CNR\n"); 631 } 632 633 if ((ReadOpReg(XHCI_CMD) & CMD_RUN) != 0) { 634 TRACE_ERROR("Start() warning, starting running XHCI controller!\n"); 635 } 636 637 if ((ReadOpReg(XHCI_PAGESIZE) & (1 << 0)) == 0) { 638 TRACE_ERROR("controller does not support 4K page size\n"); 639 return B_ERROR; 640 } 641 642 // read port count from capability register 643 uint32 capabilities = ReadCapReg32(XHCI_HCSPARAMS1); 644 fPortCount = HCS_MAX_PORTS(capabilities); 645 if (fPortCount == 0) { 646 TRACE_ERROR("invalid number of ports: %u\n", fPortCount); 647 return B_ERROR; 648 } 649 650 fSlotCount = HCS_MAX_SLOTS(capabilities); 651 if (fSlotCount > XHCI_MAX_DEVICES) 652 fSlotCount = XHCI_MAX_DEVICES; 653 WriteOpReg(XHCI_CONFIG, fSlotCount); 654 655 // find out which protocol is used for each port 656 uint8 portFound = 0; 657 uint32 cparams = ReadCapReg32(XHCI_HCCPARAMS); 658 uint32 eec = 0xffffffff; 659 uint32 eecp = HCS0_XECP(cparams) << 2; 660 for (; eecp != 0 && XECP_NEXT(eec) && portFound < fPortCount; 661 eecp += XECP_NEXT(eec) << 2) { 662 eec = ReadCapReg32(eecp); 663 if (XECP_ID(eec) != XHCI_SUPPORTED_PROTOCOLS_CAPID) 664 continue; 665 if (XHCI_SUPPORTED_PROTOCOLS_0_MAJOR(eec) > 3) 666 continue; 667 uint32 temp = ReadCapReg32(eecp + 8); 668 uint32 offset = XHCI_SUPPORTED_PROTOCOLS_1_OFFSET(temp); 669 uint32 count = XHCI_SUPPORTED_PROTOCOLS_1_COUNT(temp); 670 if (offset == 0 || count == 0) 671 continue; 672 offset--; 673 for (uint32 i = offset; i < offset + count; i++) { 674 if (XHCI_SUPPORTED_PROTOCOLS_0_MAJOR(eec) == 0x3) 675 fPortSpeeds[i] = USB_SPEED_SUPERSPEED; 676 else 677 fPortSpeeds[i] = USB_SPEED_HIGHSPEED; 678 679 TRACE("speed for port %" B_PRId32 " is %s\n", i, 680 fPortSpeeds[i] == USB_SPEED_SUPERSPEED ? "super" : "high"); 681 } 682 portFound += count; 683 } 684 685 uint32 params2 = ReadCapReg32(XHCI_HCSPARAMS2); 686 fScratchpadCount = HCS_MAX_SC_BUFFERS(params2); 687 if (fScratchpadCount > XHCI_MAX_SCRATCHPADS) { 688 TRACE_ERROR("invalid number of scratchpads: %" B_PRIu32 "\n", 689 fScratchpadCount); 690 return B_ERROR; 691 } 692 693 uint32 params3 = ReadCapReg32(XHCI_HCSPARAMS3); 694 fExitLatMax = HCS_U1_DEVICE_LATENCY(params3) 695 + HCS_U2_DEVICE_LATENCY(params3); 696 697 // clear interrupts & disable device notifications 698 WriteOpReg(XHCI_STS, ReadOpReg(XHCI_STS)); 699 WriteOpReg(XHCI_DNCTRL, 0); 700 701 // allocate Device Context Base Address array 702 phys_addr_t dmaAddress; 703 fDcbaArea = fStack->AllocateArea((void **)&fDcba, &dmaAddress, 704 sizeof(*fDcba), "DCBA Area"); 705 if (fDcbaArea < B_OK) { 706 TRACE_ERROR("unable to create the DCBA area\n"); 707 return B_ERROR; 708 } 709 memset(fDcba, 0, sizeof(*fDcba)); 710 memset(fScratchpadArea, 0, sizeof(fScratchpadArea)); 711 memset(fScratchpad, 0, sizeof(fScratchpad)); 712 713 // setting the first address to the scratchpad array address 714 fDcba->baseAddress[0] = dmaAddress 715 + offsetof(struct xhci_device_context_array, scratchpad); 716 717 // fill up the scratchpad array with scratchpad pages 718 for (uint32 i = 0; i < fScratchpadCount; i++) { 719 phys_addr_t scratchDmaAddress; 720 fScratchpadArea[i] = fStack->AllocateArea((void **)&fScratchpad[i], 721 &scratchDmaAddress, B_PAGE_SIZE, "Scratchpad Area"); 722 if (fScratchpadArea[i] < B_OK) { 723 TRACE_ERROR("unable to create the scratchpad area\n"); 724 return B_ERROR; 725 } 726 fDcba->scratchpad[i] = scratchDmaAddress; 727 } 728 729 TRACE("setting DCBAAP %" B_PRIxPHYSADDR "\n", dmaAddress); 730 WriteOpReg(XHCI_DCBAAP_LO, (uint32)dmaAddress); 731 WriteOpReg(XHCI_DCBAAP_HI, (uint32)(dmaAddress >> 32)); 732 733 // allocate Event Ring Segment Table 734 uint8 *addr; 735 fErstArea = fStack->AllocateArea((void **)&addr, &dmaAddress, 736 (XHCI_MAX_COMMANDS + XHCI_MAX_EVENTS) * sizeof(xhci_trb) 737 + sizeof(xhci_erst_element), 738 "USB XHCI ERST CMD_RING and EVENT_RING Area"); 739 740 if (fErstArea < B_OK) { 741 TRACE_ERROR("unable to create the ERST AND RING area\n"); 742 delete_area(fDcbaArea); 743 return B_ERROR; 744 } 745 fErst = (xhci_erst_element *)addr; 746 memset(fErst, 0, (XHCI_MAX_COMMANDS + XHCI_MAX_EVENTS) * sizeof(xhci_trb) 747 + sizeof(xhci_erst_element)); 748 749 // fill with Event Ring Segment Base Address and Event Ring Segment Size 750 fErst->rs_addr = dmaAddress + sizeof(xhci_erst_element); 751 fErst->rs_size = XHCI_MAX_EVENTS; 752 fErst->rsvdz = 0; 753 754 addr += sizeof(xhci_erst_element); 755 fEventRing = (xhci_trb *)addr; 756 addr += XHCI_MAX_EVENTS * sizeof(xhci_trb); 757 fCmdRing = (xhci_trb *)addr; 758 759 TRACE("setting ERST size\n"); 760 WriteRunReg32(XHCI_ERSTSZ(0), XHCI_ERSTS_SET(1)); 761 762 TRACE("setting ERDP addr = 0x%" B_PRIx64 "\n", fErst->rs_addr); 763 WriteRunReg32(XHCI_ERDP_LO(0), (uint32)fErst->rs_addr); 764 WriteRunReg32(XHCI_ERDP_HI(0), (uint32)(fErst->rs_addr >> 32)); 765 766 TRACE("setting ERST base addr = 0x%" B_PRIxPHYSADDR "\n", dmaAddress); 767 WriteRunReg32(XHCI_ERSTBA_LO(0), (uint32)dmaAddress); 768 WriteRunReg32(XHCI_ERSTBA_HI(0), (uint32)(dmaAddress >> 32)); 769 770 dmaAddress += sizeof(xhci_erst_element) + XHCI_MAX_EVENTS 771 * sizeof(xhci_trb); 772 773 // Make sure the Command Ring is stopped 774 if ((ReadOpReg(XHCI_CRCR_LO) & CRCR_CRR) != 0) { 775 TRACE_ALWAYS("Command Ring is running, send stop/cancel\n"); 776 WriteOpReg(XHCI_CRCR_LO, CRCR_CS); 777 WriteOpReg(XHCI_CRCR_HI, 0); 778 WriteOpReg(XHCI_CRCR_LO, CRCR_CA); 779 WriteOpReg(XHCI_CRCR_HI, 0); 780 snooze(1000); 781 if ((ReadOpReg(XHCI_CRCR_LO) & CRCR_CRR) != 0) { 782 TRACE_ERROR("Command Ring still running after stop/cancel\n"); 783 } 784 } 785 TRACE("setting CRCR addr = 0x%" B_PRIxPHYSADDR "\n", dmaAddress); 786 WriteOpReg(XHCI_CRCR_LO, (uint32)dmaAddress | CRCR_RCS); 787 WriteOpReg(XHCI_CRCR_HI, (uint32)(dmaAddress >> 32)); 788 // link trb 789 fCmdRing[XHCI_MAX_COMMANDS - 1].address = dmaAddress; 790 791 TRACE("setting interrupt rate\n"); 792 793 // Setting IMOD below 0x3F8 on Intel Lynx Point can cause IRQ lockups 794 if (fPCIInfo->vendor_id == PCI_VENDOR_INTEL 795 && (fPCIInfo->device_id == PCI_DEVICE_INTEL_PANTHER_POINT_XHCI 796 || fPCIInfo->device_id == PCI_DEVICE_INTEL_LYNX_POINT_XHCI 797 || fPCIInfo->device_id == PCI_DEVICE_INTEL_LYNX_POINT_LP_XHCI 798 || fPCIInfo->device_id == PCI_DEVICE_INTEL_BAYTRAIL_XHCI 799 || fPCIInfo->device_id == PCI_DEVICE_INTEL_WILDCAT_POINT_XHCI)) { 800 WriteRunReg32(XHCI_IMOD(0), 0x000003f8); // 4000 irq/s 801 } else { 802 WriteRunReg32(XHCI_IMOD(0), 0x000001f4); // 8000 irq/s 803 } 804 805 TRACE("enabling interrupt\n"); 806 WriteRunReg32(XHCI_IMAN(0), ReadRunReg32(XHCI_IMAN(0)) | IMAN_INTR_ENA); 807 808 WriteOpReg(XHCI_CMD, CMD_RUN | CMD_INTE | CMD_HSEE); 809 810 // wait for start up state 811 if (WaitOpBits(XHCI_STS, STS_HCH, 0) != B_OK) { 812 TRACE_ERROR("HCH start up timeout\n"); 813 } 814 815 fRootHub = new(std::nothrow) XHCIRootHub(RootObject(), 1); 816 if (!fRootHub) { 817 TRACE_ERROR("no memory to allocate root hub\n"); 818 return B_NO_MEMORY; 819 } 820 821 if (fRootHub->InitCheck() < B_OK) { 822 TRACE_ERROR("root hub failed init check\n"); 823 return fRootHub->InitCheck(); 824 } 825 826 SetRootHub(fRootHub); 827 828 fRootHub->RegisterNode(Node()); 829 830 TRACE_ALWAYS("successfully started the controller\n"); 831 832#ifdef TRACE_USB 833 TRACE("No-Op test...\n"); 834 Noop(); 835#endif 836 837 return BusManager::Start(); 838} 839 840 841status_t 842XHCI::SubmitTransfer(Transfer *transfer) 843{ 844 // short circuit the root hub 845 if (transfer->TransferPipe()->DeviceAddress() == 1) 846 return fRootHub->ProcessTransfer(this, transfer); 847 848 TRACE("SubmitTransfer(%p)\n", transfer); 849 Pipe *pipe = transfer->TransferPipe(); 850 if ((pipe->Type() & USB_OBJECT_CONTROL_PIPE) != 0) 851 return SubmitControlRequest(transfer); 852 return SubmitNormalRequest(transfer); 853} 854 855 856status_t 857XHCI::SubmitControlRequest(Transfer *transfer) 858{ 859 Pipe *pipe = transfer->TransferPipe(); 860 usb_request_data *requestData = transfer->RequestData(); 861 bool directionIn = (requestData->RequestType & USB_REQTYPE_DEVICE_IN) != 0; 862 863 TRACE("SubmitControlRequest() length %d\n", requestData->Length); 864 865 xhci_endpoint *endpoint = (xhci_endpoint *)pipe->ControllerCookie(); 866 if (endpoint == NULL) { 867 TRACE_ERROR("control pipe has no endpoint!\n"); 868 return B_BAD_VALUE; 869 } 870 if (endpoint->device == NULL) { 871 panic("endpoint is not initialized!"); 872 return B_NO_INIT; 873 } 874 875 status_t status = transfer->InitKernelAccess(); 876 if (status != B_OK) 877 return status; 878 879 xhci_td *descriptor = CreateDescriptor(3, 1, requestData->Length); 880 if (descriptor == NULL) 881 return B_NO_MEMORY; 882 descriptor->transfer = transfer; 883 884 // Setup Stage 885 uint8 index = 0; 886 memcpy(&descriptor->trbs[index].address, requestData, 887 sizeof(usb_request_data)); 888 descriptor->trbs[index].status = TRB_2_IRQ(0) | TRB_2_BYTES(8); 889 descriptor->trbs[index].flags 890 = TRB_3_TYPE(TRB_TYPE_SETUP_STAGE) | TRB_3_IDT_BIT | TRB_3_CYCLE_BIT; 891 if (requestData->Length > 0) { 892 descriptor->trbs[index].flags |= 893 directionIn ? TRB_3_TRT_IN : TRB_3_TRT_OUT; 894 } 895 896 index++; 897 898 // Data Stage (if any) 899 if (requestData->Length > 0) { 900 descriptor->trbs[index].address = descriptor->buffer_addrs[0]; 901 descriptor->trbs[index].status = TRB_2_IRQ(0) 902 | TRB_2_BYTES(requestData->Length) 903 | TRB_2_TD_SIZE(0); 904 descriptor->trbs[index].flags = TRB_3_TYPE(TRB_TYPE_DATA_STAGE) 905 | (directionIn ? TRB_3_DIR_IN : 0) 906 | TRB_3_CYCLE_BIT; 907 908 if (!directionIn) { 909 transfer->PrepareKernelAccess(); 910 WriteDescriptor(descriptor, transfer->Vector(), 911 transfer->VectorCount(), transfer->IsPhysical()); 912 } 913 914 index++; 915 } 916 917 // Status Stage 918 descriptor->trbs[index].address = 0; 919 descriptor->trbs[index].status = TRB_2_IRQ(0); 920 descriptor->trbs[index].flags = TRB_3_TYPE(TRB_TYPE_STATUS_STAGE) 921 | TRB_3_CHAIN_BIT | TRB_3_ENT_BIT | TRB_3_CYCLE_BIT; 922 // The CHAIN bit must be set when using an Event Data TRB 923 // (XHCI 1.2 �� 6.4.1.2.3 Table 6-31 p472). 924 925 // Status Stage is an OUT transfer when the device is sending data 926 // (XHCI 1.2 �� 4.11.2.2 Table 4-7 p213), otherwise set the IN bit. 927 if (requestData->Length == 0 || !directionIn) 928 descriptor->trbs[index].flags |= TRB_3_DIR_IN; 929 930 descriptor->trb_used = index + 1; 931 932 status = _LinkDescriptorForPipe(descriptor, endpoint); 933 if (status != B_OK) { 934 FreeDescriptor(descriptor); 935 return status; 936 } 937 938 return B_OK; 939} 940 941 942status_t 943XHCI::SubmitNormalRequest(Transfer *transfer) 944{ 945 TRACE("SubmitNormalRequest() length %" B_PRIuSIZE "\n", transfer->FragmentLength()); 946 947 Pipe *pipe = transfer->TransferPipe(); 948 usb_isochronous_data *isochronousData = transfer->IsochronousData(); 949 bool directionIn = (pipe->Direction() == Pipe::In); 950 951 xhci_endpoint *endpoint = (xhci_endpoint *)pipe->ControllerCookie(); 952 if (endpoint == NULL) { 953 TRACE_ERROR("pipe has no endpoint!\n"); 954 return B_BAD_VALUE; 955 } 956 if (endpoint->device == NULL) { 957 panic("endpoint is not initialized!"); 958 return B_NO_INIT; 959 } 960 961 status_t status = transfer->InitKernelAccess(); 962 if (status != B_OK) 963 return status; 964 965 // TRBs within a TD must be "grouped" into TD Fragments, which mostly means 966 // that a max_burst_payload boundary cannot be crossed within a TRB, but 967 // only between TRBs. More than one TRB can be in a TD Fragment, but we keep 968 // things simple by setting trbSize to the MBP. (XHCI 1.2 �� 4.11.7.1 p235.) 969 size_t trbSize = endpoint->max_burst_payload; 970 971 if (isochronousData != NULL) { 972 if (isochronousData->packet_count == 0) 973 return B_BAD_VALUE; 974 975 // Isochronous transfers use more specifically sized packets. 976 trbSize = transfer->DataLength() / isochronousData->packet_count; 977 if (trbSize == 0 || trbSize > pipe->MaxPacketSize() || trbSize 978 != (size_t)isochronousData->packet_descriptors[0].request_length) 979 return B_BAD_VALUE; 980 } 981 982 // Now that we know trbSize, compute the count. 983 const int32 trbCount = (transfer->FragmentLength() + trbSize - 1) / trbSize; 984 985 xhci_td *td = CreateDescriptor(trbCount, trbCount, trbSize); 986 if (td == NULL) 987 return B_NO_MEMORY; 988 989 // Normal Stage 990 const size_t maxPacketSize = pipe->MaxPacketSize(); 991 size_t remaining = transfer->FragmentLength(); 992 for (int32 i = 0; i < trbCount; i++) { 993 int32 trbLength = (remaining < trbSize) ? remaining : trbSize; 994 remaining -= trbLength; 995 996 // The "TD Size" field of a transfer TRB indicates the number of 997 // remaining maximum-size *packets* in this TD, *not* including the 998 // packets in the current TRB, and capped at 31 if there are more 999 // than 31 packets remaining in the TD. (XHCI 1.2 �� 4.11.2.4 p218.) 1000 int32 tdSize = (remaining + maxPacketSize - 1) / maxPacketSize; 1001 if (tdSize > 31) 1002 tdSize = 31; 1003 1004 td->trbs[i].address = td->buffer_addrs[i]; 1005 td->trbs[i].status = TRB_2_IRQ(0) 1006 | TRB_2_BYTES(trbLength) 1007 | TRB_2_TD_SIZE(tdSize); 1008 td->trbs[i].flags = TRB_3_TYPE(TRB_TYPE_NORMAL) 1009 | TRB_3_CYCLE_BIT | TRB_3_CHAIN_BIT; 1010 1011 td->trb_used++; 1012 } 1013 1014 // Isochronous-specific. 1015 if (isochronousData != NULL) { 1016 // This is an isochronous transfer; it should have one TD per packet. 1017 for (uint32 i = 0; i < isochronousData->packet_count; i++) { 1018 td->trbs[i].flags &= ~(TRB_3_TYPE(TRB_TYPE_NORMAL)); 1019 td->trbs[i].flags |= TRB_3_TYPE(TRB_TYPE_ISOCH); 1020 1021 if (i != (isochronousData->packet_count - 1)) { 1022 // For all but the last TD, generate events (but not interrupts) on short packets. 1023 // (The last TD uses the regular Event Data TRB.) 1024 td->trbs[i].flags |= TRB_3_ISP_BIT | TRB_3_BEI_BIT; 1025 td->trbs[i].flags &= ~TRB_3_CHAIN_BIT; 1026 } 1027 } 1028 1029 // TODO: We do not currently take Mult into account at all! 1030 // How are we supposed to do that here? 1031 1032 // Determine the (starting) frame number: if ISO_ASAP is set, 1033 // we are queueing this "right away", and so want to reset 1034 // the starting_frame_number. Otherwise we use the passed one. 1035 uint32 frame; 1036 if ((isochronousData->flags & USB_ISO_ASAP) != 0 1037 || isochronousData->starting_frame_number == NULL) { 1038 // All reads from the microframe index register must be 1039 // incremented by 1. (XHCI 1.2 �� 4.14.2.1.4 p265.) 1040 frame = (ReadRunReg32(XHCI_MFINDEX) + 1) >> 3; 1041 td->trbs[0].flags |= TRB_3_ISO_SIA_BIT; 1042 } else { 1043 frame = *isochronousData->starting_frame_number; 1044 td->trbs[0].flags |= TRB_3_FRID(frame); 1045 } 1046 if (isochronousData->starting_frame_number != NULL) 1047 *isochronousData->starting_frame_number = frame; 1048 } 1049 1050 // Set the ENT (Evaluate Next TRB) bit, so that the HC will not switch 1051 // contexts before evaluating the Link TRB that _LinkDescriptorForPipe 1052 // will insert, as otherwise there would be a race between us freeing 1053 // and unlinking the descriptor, and the controller evaluating the Link TRB 1054 // and thus getting back onto the main ring and executing the Event Data 1055 // TRB that generates the interrupt for this transfer. 1056 // 1057 // Note that we *do not* unset the CHAIN bit in this TRB, thus including 1058 // the Link TRB in this TD formally, which is required when using the 1059 // ENT bit. (XHCI 1.2 �� 4.12.3 p250.) 1060 td->trbs[td->trb_used - 1].flags |= TRB_3_ENT_BIT; 1061 1062 if (!directionIn) { 1063 TRACE("copying out iov count %ld\n", transfer->VectorCount()); 1064 status_t status = transfer->PrepareKernelAccess(); 1065 if (status != B_OK) { 1066 FreeDescriptor(td); 1067 return status; 1068 } 1069 WriteDescriptor(td, transfer->Vector(), 1070 transfer->VectorCount(), transfer->IsPhysical()); 1071 } 1072 1073 td->transfer = transfer; 1074 status = _LinkDescriptorForPipe(td, endpoint); 1075 if (status != B_OK) { 1076 FreeDescriptor(td); 1077 return status; 1078 } 1079 1080 return B_OK; 1081} 1082 1083 1084status_t 1085XHCI::CancelQueuedTransfers(Pipe *pipe, bool force) 1086{ 1087 xhci_endpoint* endpoint = (xhci_endpoint*)pipe->ControllerCookie(); 1088 if (endpoint == NULL || endpoint->trbs == NULL) { 1089 // Someone's de-allocated this pipe or endpoint in the meantime. 1090 // (Possibly AllocateDevice failed, and we were the temporary pipe.) 1091 return B_NO_INIT; 1092 } 1093 1094#ifndef TRACE_USB 1095 if (force) 1096#endif 1097 { 1098 TRACE_ALWAYS("cancel queued transfers (%" B_PRId8 ") for pipe %p (%d)\n", 1099 endpoint->used, pipe, pipe->EndpointAddress()); 1100 } 1101 1102 MutexLocker endpointLocker(endpoint->lock); 1103 1104 if (endpoint->td_head == NULL) { 1105 // There aren't any currently pending transfers to cancel. 1106 return B_OK; 1107 } 1108 1109 // Calling the callbacks while holding the endpoint lock could potentially 1110 // cause deadlocks, so we instead store them in a pointer array. We need 1111 // to do this separately from freeing the TDs, for in the case we fail 1112 // to stop the endpoint, we cancel the transfers but do not free the TDs. 1113 Transfer* transfers[XHCI_MAX_TRANSFERS]; 1114 int32 transfersCount = 0; 1115 1116 for (xhci_td* td = endpoint->td_head; td != NULL; td = td->next) { 1117 if (td->transfer == NULL) 1118 continue; 1119 1120 // We can't cancel or delete transfers under "force", as they probably 1121 // are not safe to use anymore. 1122 if (!force) { 1123 transfers[transfersCount] = td->transfer; 1124 transfersCount++; 1125 } 1126 td->transfer = NULL; 1127 } 1128 1129 // It is possible that while waiting for the stop-endpoint command to 1130 // complete, one of the queued transfers posts a completion event, so in 1131 // order to avoid a deadlock, we must unlock the endpoint. 1132 endpointLocker.Unlock(); 1133 status_t status = StopEndpoint(false, endpoint); 1134 if (status != B_OK && status != B_DEV_STALLED) { 1135 // It is possible that the endpoint was stopped by the controller at the 1136 // same time our STOP command was in progress, causing a "Context State" 1137 // error. In that case, try again; if the endpoint is already stopped, 1138 // StopEndpoint will notice this. (XHCI 1.2 �� 4.6.9 p137.) 1139 status = StopEndpoint(false, endpoint); 1140 } 1141 if (status == B_DEV_STALLED) { 1142 // Only exit from a Halted state is a RESET. (XHCI 1.2 �� 4.8.3 p163.) 1143 TRACE_ERROR("cancel queued transfers: halted endpoint, reset!\n"); 1144 status = ResetEndpoint(false, endpoint); 1145 } 1146 endpointLocker.Lock(); 1147 1148 // Detach the head TD from the endpoint. 1149 xhci_td* td_head = endpoint->td_head; 1150 endpoint->td_head = NULL; 1151 1152 if (status == B_OK) { 1153 // Clear the endpoint's TRBs. 1154 memset(endpoint->trbs, 0, sizeof(xhci_trb) * XHCI_ENDPOINT_RING_SIZE); 1155 endpoint->used = 0; 1156 endpoint->next = 0; 1157 1158 // Set dequeue pointer location to the beginning of the ring. 1159 SetTRDequeue(endpoint->trb_addr, 0, endpoint->id + 1, 1160 endpoint->device->slot); 1161 1162 // We don't need to do anything else to restart the ring, as it will resume 1163 // operation as normal upon the next doorbell. (XHCI 1.2 �� 4.6.9 p136.) 1164 } else { 1165 // We couldn't stop the endpoint. Most likely the device has been 1166 // removed and the endpoint was stopped by the hardware, or is 1167 // for some reason busy and cannot be stopped. 1168 TRACE_ERROR("cancel queued transfers: could not stop endpoint: %s!\n", 1169 strerror(status)); 1170 1171 // Instead of freeing the TDs, we want to leave them in the endpoint 1172 // so that when/if the hardware returns, they can be properly unlinked, 1173 // as otherwise the endpoint could get "stuck" by having the "used" 1174 // slowly accumulate due to "dead" transfers. 1175 endpoint->td_head = td_head; 1176 td_head = NULL; 1177 } 1178 1179 endpointLocker.Unlock(); 1180 1181 for (int32 i = 0; i < transfersCount; i++) { 1182 transfers[i]->Finished(B_CANCELED, 0); 1183 delete transfers[i]; 1184 } 1185 1186 // This loop looks a bit strange because we need to store the "next" 1187 // pointer before freeing the descriptor. 1188 xhci_td* td; 1189 while ((td = td_head) != NULL) { 1190 td_head = td_head->next; 1191 FreeDescriptor(td); 1192 } 1193 1194 return B_OK; 1195} 1196 1197 1198status_t 1199XHCI::StartDebugTransfer(Transfer *transfer) 1200{ 1201 Pipe *pipe = transfer->TransferPipe(); 1202 xhci_endpoint *endpoint = (xhci_endpoint *)pipe->ControllerCookie(); 1203 if (endpoint == NULL) 1204 return B_BAD_VALUE; 1205 1206 // Check all locks that we are going to hit when running transfers. 1207 if (mutex_trylock(&endpoint->lock) != B_OK) 1208 return B_WOULD_BLOCK; 1209 if (mutex_trylock(&fFinishedLock) != B_OK) { 1210 mutex_unlock(&endpoint->lock); 1211 return B_WOULD_BLOCK; 1212 } 1213 if (mutex_trylock(&fEventLock) != B_OK) { 1214 mutex_unlock(&endpoint->lock); 1215 mutex_unlock(&fFinishedLock); 1216 return B_WOULD_BLOCK; 1217 } 1218 mutex_unlock(&endpoint->lock); 1219 mutex_unlock(&fFinishedLock); 1220 mutex_unlock(&fEventLock); 1221 1222 status_t status = SubmitTransfer(transfer); 1223 if (status != B_OK) 1224 return status; 1225 1226 // The endpoint's head TD is the TD of the just-submitted transfer. 1227 // Just like EHCI, abuse the callback cookie to hold the TD pointer. 1228 transfer->SetCallback(NULL, endpoint->td_head); 1229 1230 return B_OK; 1231} 1232 1233 1234status_t 1235XHCI::CheckDebugTransfer(Transfer *transfer) 1236{ 1237 xhci_td *transfer_td = (xhci_td *)transfer->CallbackCookie(); 1238 if (transfer_td == NULL) 1239 return B_NO_INIT; 1240 1241 // Process events once, and then look for it in the finished list. 1242 ProcessEvents(); 1243 xhci_td *previous = NULL; 1244 for (xhci_td *td = fFinishedHead; td != NULL; td = td->next) { 1245 if (td != transfer_td) { 1246 previous = td; 1247 continue; 1248 } 1249 1250 // We've found it! 1251 if (previous == NULL) { 1252 fFinishedHead = fFinishedHead->next; 1253 } else { 1254 previous->next = td->next; 1255 } 1256 1257 bool directionIn = (transfer->TransferPipe()->Direction() != Pipe::Out); 1258 status_t status = (td->trb_completion_code == COMP_SUCCESS 1259 || td->trb_completion_code == COMP_SHORT_PACKET) ? B_OK : B_ERROR; 1260 1261 if (status == B_OK && directionIn) { 1262 ReadDescriptor(td, transfer->Vector(), transfer->VectorCount(), 1263 transfer->IsPhysical()); 1264 } 1265 1266 FreeDescriptor(td); 1267 transfer->SetCallback(NULL, NULL); 1268 return status; 1269 } 1270 1271 // We didn't find it. 1272 spin(75); 1273 return B_DEV_PENDING; 1274} 1275 1276 1277void 1278XHCI::CancelDebugTransfer(Transfer *transfer) 1279{ 1280 while (CheckDebugTransfer(transfer) == B_DEV_PENDING) 1281 spin(100); 1282} 1283 1284 1285status_t 1286XHCI::NotifyPipeChange(Pipe *pipe, usb_change change) 1287{ 1288 TRACE("pipe change %d for pipe %p (%d)\n", change, pipe, 1289 pipe->EndpointAddress()); 1290 1291 switch (change) { 1292 case USB_CHANGE_CREATED: 1293 return _InsertEndpointForPipe(pipe); 1294 case USB_CHANGE_DESTROYED: 1295 return _RemoveEndpointForPipe(pipe); 1296 1297 case USB_CHANGE_PIPE_POLICY_CHANGED: 1298 // We don't care about these, at least for now. 1299 return B_OK; 1300 } 1301 1302 TRACE_ERROR("unknown pipe change!\n"); 1303 return B_UNSUPPORTED; 1304} 1305 1306 1307xhci_td * 1308XHCI::CreateDescriptor(uint32 trbCount, uint32 bufferCount, size_t bufferSize) 1309{ 1310 const bool inKDL = debug_debugger_running(); 1311 1312 xhci_td *result; 1313 if (!inKDL) { 1314 result = (xhci_td*)calloc(1, sizeof(xhci_td)); 1315 } else { 1316 // Just use the physical memory allocator while in KDL; it's less 1317 // secure than using the regular heap, but it's easier to deal with. 1318 phys_addr_t dummy; 1319 fStack->AllocateChunk((void **)&result, &dummy, sizeof(xhci_td)); 1320 } 1321 1322 if (result == NULL) { 1323 TRACE_ERROR("failed to allocate a transfer descriptor\n"); 1324 return NULL; 1325 } 1326 1327 // We always allocate 1 more TRB than requested, so that 1328 // _LinkDescriptorForPipe() has room to insert a link TRB. 1329 trbCount++; 1330 if (fStack->AllocateChunk((void **)&result->trbs, &result->trb_addr, 1331 (trbCount * sizeof(xhci_trb))) < B_OK) { 1332 TRACE_ERROR("failed to allocate TRBs\n"); 1333 FreeDescriptor(result); 1334 return NULL; 1335 } 1336 result->trb_count = trbCount; 1337 result->trb_used = 0; 1338 1339 if (bufferSize > 0) { 1340 // Due to how the USB stack allocates physical memory, we can't just 1341 // request one large chunk the size of the transfer, and so instead we 1342 // create a series of buffers as requested by our caller. 1343 1344 // We store the buffer pointers and addresses in one memory block. 1345 if (!inKDL) { 1346 result->buffers = (void**)calloc(bufferCount, 1347 (sizeof(void*) + sizeof(phys_addr_t))); 1348 } else { 1349 phys_addr_t dummy; 1350 fStack->AllocateChunk((void **)&result->buffers, &dummy, 1351 bufferCount * (sizeof(void*) + sizeof(phys_addr_t))); 1352 } 1353 if (result->buffers == NULL) { 1354 TRACE_ERROR("unable to allocate space for buffer infos\n"); 1355 FreeDescriptor(result); 1356 return NULL; 1357 } 1358 result->buffer_addrs = (phys_addr_t*)&result->buffers[bufferCount]; 1359 result->buffer_size = bufferSize; 1360 result->buffer_count = bufferCount; 1361 1362 // Optimization: If the requested total size of all buffers is less 1363 // than 32*B_PAGE_SIZE (the maximum size that the physical memory 1364 // allocator can handle), we allocate only one buffer and segment it. 1365 size_t totalSize = bufferSize * bufferCount; 1366 if (totalSize < (32 * B_PAGE_SIZE)) { 1367 if (fStack->AllocateChunk(&result->buffers[0], 1368 &result->buffer_addrs[0], totalSize) < B_OK) { 1369 TRACE_ERROR("unable to allocate space for large buffer (size %ld)\n", 1370 totalSize); 1371 FreeDescriptor(result); 1372 return NULL; 1373 } 1374 for (uint32 i = 1; i < bufferCount; i++) { 1375 result->buffers[i] = (void*)((addr_t)(result->buffers[i - 1]) 1376 + bufferSize); 1377 result->buffer_addrs[i] = result->buffer_addrs[i - 1] 1378 + bufferSize; 1379 } 1380 } else { 1381 // Otherwise, we allocate each buffer individually. 1382 for (uint32 i = 0; i < bufferCount; i++) { 1383 if (fStack->AllocateChunk(&result->buffers[i], 1384 &result->buffer_addrs[i], bufferSize) < B_OK) { 1385 TRACE_ERROR("unable to allocate space for a buffer (size " 1386 "%" B_PRIuSIZE ", count %" B_PRIu32 ")\n", 1387 bufferSize, bufferCount); 1388 FreeDescriptor(result); 1389 return NULL; 1390 } 1391 } 1392 } 1393 } else { 1394 result->buffers = NULL; 1395 result->buffer_addrs = NULL; 1396 } 1397 1398 // Initialize all other fields. 1399 result->transfer = NULL; 1400 result->trb_completion_code = 0; 1401 result->trb_left = 0; 1402 result->next = NULL; 1403 1404 TRACE("CreateDescriptor allocated %p, buffer_size %ld, buffer_count %" B_PRIu32 "\n", 1405 result, result->buffer_size, result->buffer_count); 1406 1407 return result; 1408} 1409 1410 1411void 1412XHCI::FreeDescriptor(xhci_td *descriptor) 1413{ 1414 if (descriptor == NULL) 1415 return; 1416 1417 const bool inKDL = debug_debugger_running(); 1418 1419 if (descriptor->trbs != NULL) { 1420 fStack->FreeChunk(descriptor->trbs, descriptor->trb_addr, 1421 (descriptor->trb_count * sizeof(xhci_trb))); 1422 } 1423 if (descriptor->buffers != NULL) { 1424 size_t totalSize = descriptor->buffer_size * descriptor->buffer_count; 1425 if (totalSize < (32 * B_PAGE_SIZE)) { 1426 // This was allocated as one contiguous buffer. 1427 fStack->FreeChunk(descriptor->buffers[0], descriptor->buffer_addrs[0], 1428 totalSize); 1429 } else { 1430 for (uint32 i = 0; i < descriptor->buffer_count; i++) { 1431 if (descriptor->buffers[i] == NULL) 1432 continue; 1433 fStack->FreeChunk(descriptor->buffers[i], descriptor->buffer_addrs[i], 1434 descriptor->buffer_size); 1435 } 1436 } 1437 1438 if (!inKDL) { 1439 free(descriptor->buffers); 1440 } else { 1441 fStack->FreeChunk(descriptor->buffers, 0, 1442 descriptor->buffer_count * (sizeof(void*) + sizeof(phys_addr_t))); 1443 } 1444 } 1445 1446 if (!inKDL) 1447 free(descriptor); 1448 else 1449 fStack->FreeChunk(descriptor, 0, sizeof(xhci_td)); 1450} 1451 1452 1453size_t 1454XHCI::WriteDescriptor(xhci_td *descriptor, generic_io_vec *vector, size_t vectorCount, bool physical) 1455{ 1456 size_t written = 0; 1457 1458 size_t bufIdx = 0, bufUsed = 0; 1459 for (size_t vecIdx = 0; vecIdx < vectorCount; vecIdx++) { 1460 size_t length = vector[vecIdx].length; 1461 1462 while (length > 0 && bufIdx < descriptor->buffer_count) { 1463 size_t toCopy = min_c(length, descriptor->buffer_size - bufUsed); 1464 status_t status = generic_memcpy( 1465 (generic_addr_t)descriptor->buffers[bufIdx] + bufUsed, false, 1466 vector[vecIdx].base + (vector[vecIdx].length - length), physical, 1467 toCopy); 1468 ASSERT(status == B_OK); 1469 1470 written += toCopy; 1471 bufUsed += toCopy; 1472 length -= toCopy; 1473 if (bufUsed == descriptor->buffer_size) { 1474 bufIdx++; 1475 bufUsed = 0; 1476 } 1477 } 1478 } 1479 1480 TRACE("wrote descriptor (%" B_PRIuSIZE " bytes)\n", written); 1481 return written; 1482} 1483 1484 1485size_t 1486XHCI::ReadDescriptor(xhci_td *descriptor, generic_io_vec *vector, size_t vectorCount, bool physical) 1487{ 1488 size_t read = 0; 1489 1490 size_t bufIdx = 0, bufUsed = 0; 1491 for (size_t vecIdx = 0; vecIdx < vectorCount; vecIdx++) { 1492 size_t length = vector[vecIdx].length; 1493 1494 while (length > 0 && bufIdx < descriptor->buffer_count) { 1495 size_t toCopy = min_c(length, descriptor->buffer_size - bufUsed); 1496 status_t status = generic_memcpy( 1497 vector[vecIdx].base + (vector[vecIdx].length - length), physical, 1498 (generic_addr_t)descriptor->buffers[bufIdx] + bufUsed, false, toCopy); 1499 ASSERT(status == B_OK); 1500 1501 read += toCopy; 1502 bufUsed += toCopy; 1503 length -= toCopy; 1504 if (bufUsed == descriptor->buffer_size) { 1505 bufIdx++; 1506 bufUsed = 0; 1507 } 1508 } 1509 } 1510 1511 TRACE("read descriptor (%" B_PRIuSIZE " bytes)\n", read); 1512 return read; 1513} 1514 1515 1516Device * 1517XHCI::AllocateDevice(Hub *parent, int8 hubAddress, uint8 hubPort, 1518 usb_speed speed) 1519{ 1520 TRACE("AllocateDevice hubAddress %d hubPort %d speed %d\n", hubAddress, 1521 hubPort, speed); 1522 1523 uint8 slot = XHCI_MAX_SLOTS; 1524 status_t status = EnableSlot(&slot); 1525 if (status != B_OK) { 1526 TRACE_ERROR("failed to enable slot: %s\n", strerror(status)); 1527 return NULL; 1528 } 1529 1530 if (slot == 0 || slot > fSlotCount) { 1531 TRACE_ERROR("AllocateDevice: bad slot\n"); 1532 return NULL; 1533 } 1534 1535 if (fDevices[slot].slot != 0) { 1536 TRACE_ERROR("AllocateDevice: slot already used\n"); 1537 return NULL; 1538 } 1539 1540 struct xhci_device *device = &fDevices[slot]; 1541 device->slot = slot; 1542 1543 device->input_ctx_area = fStack->AllocateArea((void **)&device->input_ctx, 1544 &device->input_ctx_addr, sizeof(*device->input_ctx) << fContextSizeShift, 1545 "XHCI input context"); 1546 if (device->input_ctx_area < B_OK) { 1547 TRACE_ERROR("unable to create a input context area\n"); 1548 CleanupDevice(device); 1549 return NULL; 1550 } 1551 if (fContextSizeShift == 1) { 1552 // 64-byte contexts have to be page-aligned in order for 1553 // _OffsetContextAddr to function properly. 1554 ASSERT((((addr_t)device->input_ctx) % B_PAGE_SIZE) == 0); 1555 } 1556 1557 memset(device->input_ctx, 0, sizeof(*device->input_ctx) << fContextSizeShift); 1558 _WriteContext(&device->input_ctx->input.dropFlags, 0); 1559 _WriteContext(&device->input_ctx->input.addFlags, 3); 1560 1561 uint8 rhPort = hubPort; 1562 uint32 route = 0; 1563 for (Device *hubDevice = parent; hubDevice != RootObject(); 1564 hubDevice = (Device *)hubDevice->Parent()) { 1565 if (hubDevice->Parent() == RootObject()) 1566 break; 1567 1568 if (rhPort > 15) 1569 rhPort = 15; 1570 route = route << 4; 1571 route |= rhPort; 1572 1573 rhPort = hubDevice->HubPort(); 1574 } 1575 1576 uint32 dwslot0 = SLOT_0_NUM_ENTRIES(1) | SLOT_0_ROUTE(route); 1577 1578 // Get speed of port, only if device connected to root hub port 1579 // else we have to rely on value reported by the Hub Explore thread 1580 if (route == 0) { 1581 GetPortSpeed(hubPort - 1, &speed); 1582 TRACE("speed updated %d\n", speed); 1583 } 1584 1585 // add the speed 1586 switch (speed) { 1587 case USB_SPEED_LOWSPEED: 1588 dwslot0 |= SLOT_0_SPEED(2); 1589 break; 1590 case USB_SPEED_FULLSPEED: 1591 dwslot0 |= SLOT_0_SPEED(1); 1592 break; 1593 case USB_SPEED_HIGHSPEED: 1594 dwslot0 |= SLOT_0_SPEED(3); 1595 break; 1596 case USB_SPEED_SUPERSPEED: 1597 dwslot0 |= SLOT_0_SPEED(4); 1598 break; 1599 default: 1600 TRACE_ERROR("unknown usb speed\n"); 1601 break; 1602 } 1603 1604 _WriteContext(&device->input_ctx->slot.dwslot0, dwslot0); 1605 // TODO enable power save 1606 _WriteContext(&device->input_ctx->slot.dwslot1, SLOT_1_RH_PORT(rhPort)); 1607 uint32 dwslot2 = SLOT_2_IRQ_TARGET(0); 1608 1609 // If LS/FS device connected to non-root HS device 1610 if (route != 0 && parent->Speed() == USB_SPEED_HIGHSPEED 1611 && (speed == USB_SPEED_LOWSPEED || speed == USB_SPEED_FULLSPEED)) { 1612 struct xhci_device *parenthub = (struct xhci_device *) 1613 parent->ControllerCookie(); 1614 dwslot2 |= SLOT_2_PORT_NUM(hubPort); 1615 dwslot2 |= SLOT_2_TT_HUB_SLOT(parenthub->slot); 1616 } 1617 1618 _WriteContext(&device->input_ctx->slot.dwslot2, dwslot2); 1619 1620 _WriteContext(&device->input_ctx->slot.dwslot3, SLOT_3_SLOT_STATE(0) 1621 | SLOT_3_DEVICE_ADDRESS(0)); 1622 1623 TRACE("slot 0x%08" B_PRIx32 " 0x%08" B_PRIx32 " 0x%08" B_PRIx32 " 0x%08" B_PRIx32 1624 "\n", _ReadContext(&device->input_ctx->slot.dwslot0), 1625 _ReadContext(&device->input_ctx->slot.dwslot1), 1626 _ReadContext(&device->input_ctx->slot.dwslot2), 1627 _ReadContext(&device->input_ctx->slot.dwslot3)); 1628 1629 device->device_ctx_area = fStack->AllocateArea((void **)&device->device_ctx, 1630 &device->device_ctx_addr, sizeof(*device->device_ctx) << fContextSizeShift, 1631 "XHCI device context"); 1632 if (device->device_ctx_area < B_OK) { 1633 TRACE_ERROR("unable to create a device context area\n"); 1634 CleanupDevice(device); 1635 return NULL; 1636 } 1637 memset(device->device_ctx, 0, sizeof(*device->device_ctx) << fContextSizeShift); 1638 1639 device->trb_area = fStack->AllocateArea((void **)&device->trbs, 1640 &device->trb_addr, sizeof(xhci_trb) * (XHCI_MAX_ENDPOINTS - 1) 1641 * XHCI_ENDPOINT_RING_SIZE, "XHCI endpoint trbs"); 1642 if (device->trb_area < B_OK) { 1643 TRACE_ERROR("unable to create a device trbs area\n"); 1644 CleanupDevice(device); 1645 return NULL; 1646 } 1647 1648 // set up slot pointer to device context 1649 fDcba->baseAddress[slot] = device->device_ctx_addr; 1650 1651 size_t maxPacketSize; 1652 switch (speed) { 1653 case USB_SPEED_LOWSPEED: 1654 case USB_SPEED_FULLSPEED: 1655 maxPacketSize = 8; 1656 break; 1657 case USB_SPEED_HIGHSPEED: 1658 maxPacketSize = 64; 1659 break; 1660 default: 1661 maxPacketSize = 512; 1662 break; 1663 } 1664 1665 xhci_endpoint* endpoint0 = &device->endpoints[0]; 1666 mutex_init(&endpoint0->lock, "xhci endpoint lock"); 1667 endpoint0->device = device; 1668 endpoint0->id = 0; 1669 endpoint0->status = 0; 1670 endpoint0->td_head = NULL; 1671 endpoint0->used = 0; 1672 endpoint0->next = 0; 1673 endpoint0->trbs = device->trbs; 1674 endpoint0->trb_addr = device->trb_addr; 1675 1676 // configure the Control endpoint 0 1677 if (ConfigureEndpoint(endpoint0, slot, 0, USB_OBJECT_CONTROL_PIPE, false, 1678 0, maxPacketSize, speed, 0, 0) != B_OK) { 1679 TRACE_ERROR("unable to configure default control endpoint\n"); 1680 CleanupDevice(device); 1681 return NULL; 1682 } 1683 1684 // device should get to addressed state (bsr = 0) 1685 status = SetAddress(device->input_ctx_addr, false, slot); 1686 if (status != B_OK) { 1687 TRACE_ERROR("unable to set address: %s\n", strerror(status)); 1688 CleanupDevice(device); 1689 return NULL; 1690 } 1691 1692 device->address = SLOT_3_DEVICE_ADDRESS_GET(_ReadContext( 1693 &device->device_ctx->slot.dwslot3)); 1694 1695 TRACE("device: address 0x%x state 0x%08" B_PRIx32 "\n", device->address, 1696 SLOT_3_SLOT_STATE_GET(_ReadContext( 1697 &device->device_ctx->slot.dwslot3))); 1698 TRACE("endpoint0 state 0x%08" B_PRIx32 "\n", 1699 ENDPOINT_0_STATE_GET(_ReadContext( 1700 &device->device_ctx->endpoints[0].dwendpoint0))); 1701 1702 // Wait a bit for the device to complete addressing 1703 snooze(USB_DELAY_SET_ADDRESS); 1704 1705 // Create a temporary pipe with the new address 1706 ControlPipe pipe(parent); 1707 pipe.SetControllerCookie(endpoint0); 1708 pipe.InitCommon(device->address + 1, 0, speed, Pipe::Default, maxPacketSize, 0, 1709 hubAddress, hubPort); 1710 1711 // Get the device descriptor 1712 // Just retrieve the first 8 bytes of the descriptor -> minimum supported 1713 // size of any device. It is enough because it includes the device type. 1714 1715 size_t actualLength = 0; 1716 usb_device_descriptor deviceDescriptor; 1717 1718 TRACE("getting the device descriptor\n"); 1719 status = pipe.SendRequest( 1720 USB_REQTYPE_DEVICE_IN | USB_REQTYPE_STANDARD, // type 1721 USB_REQUEST_GET_DESCRIPTOR, // request 1722 USB_DESCRIPTOR_DEVICE << 8, // value 1723 0, // index 1724 8, // length 1725 (void *)&deviceDescriptor, // buffer 1726 8, // buffer length 1727 &actualLength); // actual length 1728 1729 if (actualLength != 8) { 1730 TRACE_ERROR("failed to get the device descriptor: %s\n", 1731 strerror(status)); 1732 CleanupDevice(device); 1733 return NULL; 1734 } 1735 1736 TRACE("device_class: %d device_subclass %d device_protocol %d\n", 1737 deviceDescriptor.device_class, deviceDescriptor.device_subclass, 1738 deviceDescriptor.device_protocol); 1739 1740 if (speed == USB_SPEED_FULLSPEED && deviceDescriptor.max_packet_size_0 != 8) { 1741 TRACE("Full speed device with different max packet size for Endpoint 0\n"); 1742 uint32 dwendpoint1 = _ReadContext( 1743 &device->input_ctx->endpoints[0].dwendpoint1); 1744 dwendpoint1 &= ~ENDPOINT_1_MAXPACKETSIZE(0xffff); 1745 dwendpoint1 |= ENDPOINT_1_MAXPACKETSIZE( 1746 deviceDescriptor.max_packet_size_0); 1747 _WriteContext(&device->input_ctx->endpoints[0].dwendpoint1, 1748 dwendpoint1); 1749 _WriteContext(&device->input_ctx->input.dropFlags, 0); 1750 _WriteContext(&device->input_ctx->input.addFlags, (1 << 1)); 1751 EvaluateContext(device->input_ctx_addr, device->slot); 1752 } 1753 1754 Device *deviceObject = NULL; 1755 if (deviceDescriptor.device_class == 0x09) { 1756 TRACE("creating new Hub\n"); 1757 TRACE("getting the hub descriptor\n"); 1758 size_t actualLength = 0; 1759 usb_hub_descriptor hubDescriptor; 1760 status = pipe.SendRequest( 1761 USB_REQTYPE_DEVICE_IN | USB_REQTYPE_CLASS, // type 1762 USB_REQUEST_GET_DESCRIPTOR, // request 1763 USB_DESCRIPTOR_HUB << 8, // value 1764 0, // index 1765 sizeof(usb_hub_descriptor), // length 1766 (void *)&hubDescriptor, // buffer 1767 sizeof(usb_hub_descriptor), // buffer length 1768 &actualLength); 1769 1770 if (actualLength != sizeof(usb_hub_descriptor)) { 1771 TRACE_ERROR("error while getting the hub descriptor: %s\n", 1772 strerror(status)); 1773 CleanupDevice(device); 1774 return NULL; 1775 } 1776 1777 uint32 dwslot0 = _ReadContext(&device->input_ctx->slot.dwslot0); 1778 dwslot0 |= SLOT_0_HUB_BIT; 1779 _WriteContext(&device->input_ctx->slot.dwslot0, dwslot0); 1780 uint32 dwslot1 = _ReadContext(&device->input_ctx->slot.dwslot1); 1781 dwslot1 |= SLOT_1_NUM_PORTS(hubDescriptor.num_ports); 1782 _WriteContext(&device->input_ctx->slot.dwslot1, dwslot1); 1783 if (speed == USB_SPEED_HIGHSPEED) { 1784 uint32 dwslot2 = _ReadContext(&device->input_ctx->slot.dwslot2); 1785 dwslot2 |= SLOT_2_TT_TIME(HUB_TTT_GET(hubDescriptor.characteristics)); 1786 _WriteContext(&device->input_ctx->slot.dwslot2, dwslot2); 1787 } 1788 1789 deviceObject = new(std::nothrow) Hub(parent, hubAddress, hubPort, 1790 deviceDescriptor, device->address + 1, speed, false, device); 1791 } else { 1792 TRACE("creating new device\n"); 1793 deviceObject = new(std::nothrow) Device(parent, hubAddress, hubPort, 1794 deviceDescriptor, device->address + 1, speed, false, device); 1795 } 1796 if (deviceObject == NULL || deviceObject->InitCheck() != B_OK) { 1797 if (deviceObject == NULL) { 1798 TRACE_ERROR("no memory to allocate device\n"); 1799 } else { 1800 TRACE_ERROR("device object failed to initialize\n"); 1801 } 1802 CleanupDevice(device); 1803 return NULL; 1804 } 1805 1806 // We don't want to disable the default endpoint, naturally, which would 1807 // otherwise happen when this Pipe object is destroyed. 1808 pipe.SetControllerCookie(NULL); 1809 1810 deviceObject->RegisterNode(); 1811 1812 TRACE("AllocateDevice() port %d slot %d\n", hubPort, slot); 1813 return deviceObject; 1814} 1815 1816 1817void 1818XHCI::FreeDevice(Device *usbDevice) 1819{ 1820 xhci_device* device = (xhci_device*)usbDevice->ControllerCookie(); 1821 TRACE("FreeDevice() slot %d\n", device->slot); 1822 1823 // Delete the device first, so it cleans up its pipes and tells us 1824 // what we need to destroy before we tear down our internal state. 1825 delete usbDevice; 1826 1827 CleanupDevice(device); 1828} 1829 1830 1831void 1832XHCI::CleanupDevice(xhci_device *device) 1833{ 1834 if (device->slot != 0) { 1835 DisableSlot(device->slot); 1836 fDcba->baseAddress[device->slot] = 0; 1837 } 1838 1839 if (device->trb_addr != 0) 1840 delete_area(device->trb_area); 1841 if (device->input_ctx_addr != 0) 1842 delete_area(device->input_ctx_area); 1843 if (device->device_ctx_addr != 0) 1844 delete_area(device->device_ctx_area); 1845 1846 memset(device, 0, sizeof(xhci_device)); 1847} 1848 1849 1850uint8 1851XHCI::_GetEndpointState(xhci_endpoint* endpoint) 1852{ 1853 struct xhci_device_ctx* device_ctx = endpoint->device->device_ctx; 1854 return ENDPOINT_0_STATE_GET( 1855 _ReadContext(&device_ctx->endpoints[endpoint->id].dwendpoint0)); 1856} 1857 1858 1859status_t 1860XHCI::_InsertEndpointForPipe(Pipe *pipe) 1861{ 1862 TRACE("insert endpoint for pipe %p (%d)\n", pipe, pipe->EndpointAddress()); 1863 1864 if (pipe->ControllerCookie() != NULL 1865 || pipe->Parent()->Type() != USB_OBJECT_DEVICE) { 1866 // default pipe is already referenced 1867 return B_OK; 1868 } 1869 1870 Device* usbDevice = (Device *)pipe->Parent(); 1871 if (usbDevice->Parent() == RootObject()) { 1872 // root hub needs no initialization 1873 return B_OK; 1874 } 1875 1876 struct xhci_device *device = (struct xhci_device *) 1877 usbDevice->ControllerCookie(); 1878 if (device == NULL) { 1879 panic("device is NULL\n"); 1880 return B_NO_INIT; 1881 } 1882 1883 const uint8 id = (2 * pipe->EndpointAddress() 1884 + (pipe->Direction() != Pipe::Out ? 1 : 0)) - 1; 1885 if (id >= XHCI_MAX_ENDPOINTS - 1) 1886 return B_BAD_VALUE; 1887 1888 if (id > 0) { 1889 uint32 devicedwslot0 = _ReadContext(&device->device_ctx->slot.dwslot0); 1890 if (SLOT_0_NUM_ENTRIES_GET(devicedwslot0) == 1) { 1891 uint32 inputdwslot0 = _ReadContext(&device->input_ctx->slot.dwslot0); 1892 inputdwslot0 &= ~(SLOT_0_NUM_ENTRIES(0x1f)); 1893 inputdwslot0 |= SLOT_0_NUM_ENTRIES(XHCI_MAX_ENDPOINTS - 1); 1894 _WriteContext(&device->input_ctx->slot.dwslot0, inputdwslot0); 1895 EvaluateContext(device->input_ctx_addr, device->slot); 1896 } 1897 1898 xhci_endpoint* endpoint = &device->endpoints[id]; 1899 mutex_init(&endpoint->lock, "xhci endpoint lock"); 1900 MutexLocker endpointLocker(endpoint->lock); 1901 1902 endpoint->device = device; 1903 endpoint->id = id; 1904 endpoint->td_head = NULL; 1905 endpoint->used = 0; 1906 endpoint->next = 0; 1907 1908 endpoint->trbs = device->trbs + id * XHCI_ENDPOINT_RING_SIZE; 1909 endpoint->trb_addr = device->trb_addr 1910 + id * XHCI_ENDPOINT_RING_SIZE * sizeof(xhci_trb); 1911 memset(endpoint->trbs, 0, 1912 sizeof(xhci_trb) * XHCI_ENDPOINT_RING_SIZE); 1913 1914 TRACE("insert endpoint for pipe: trbs, device %p endpoint %p\n", 1915 device->trbs, endpoint->trbs); 1916 TRACE("insert endpoint for pipe: trb_addr, device 0x%" B_PRIxPHYSADDR 1917 " endpoint 0x%" B_PRIxPHYSADDR "\n", device->trb_addr, 1918 endpoint->trb_addr); 1919 1920 const uint8 endpointNum = id + 1; 1921 1922 status_t status = ConfigureEndpoint(endpoint, device->slot, id, pipe->Type(), 1923 pipe->Direction() == Pipe::In, pipe->Interval(), pipe->MaxPacketSize(), 1924 usbDevice->Speed(), pipe->MaxBurst(), pipe->BytesPerInterval()); 1925 if (status != B_OK) { 1926 TRACE_ERROR("unable to configure endpoint: %s\n", strerror(status)); 1927 return status; 1928 } 1929 1930 _WriteContext(&device->input_ctx->input.dropFlags, 0); 1931 _WriteContext(&device->input_ctx->input.addFlags, 1932 (1 << endpointNum) | (1 << 0)); 1933 1934 ConfigureEndpoint(device->input_ctx_addr, false, device->slot); 1935 1936 TRACE("device: address 0x%x state 0x%08" B_PRIx32 "\n", 1937 device->address, SLOT_3_SLOT_STATE_GET(_ReadContext( 1938 &device->device_ctx->slot.dwslot3))); 1939 TRACE("endpoint[0] state 0x%08" B_PRIx32 "\n", 1940 ENDPOINT_0_STATE_GET(_ReadContext( 1941 &device->device_ctx->endpoints[0].dwendpoint0))); 1942 TRACE("endpoint[%d] state 0x%08" B_PRIx32 "\n", id, 1943 ENDPOINT_0_STATE_GET(_ReadContext( 1944 &device->device_ctx->endpoints[id].dwendpoint0))); 1945 } 1946 pipe->SetControllerCookie(&device->endpoints[id]); 1947 1948 return B_OK; 1949} 1950 1951 1952status_t 1953XHCI::_RemoveEndpointForPipe(Pipe *pipe) 1954{ 1955 TRACE("remove endpoint for pipe %p (%d)\n", pipe, pipe->EndpointAddress()); 1956 1957 if (pipe->Parent()->Type() != USB_OBJECT_DEVICE) 1958 return B_OK; 1959 Device* usbDevice = (Device *)pipe->Parent(); 1960 if (usbDevice->Parent() == RootObject()) 1961 return B_BAD_VALUE; 1962 1963 xhci_endpoint *endpoint = (xhci_endpoint *)pipe->ControllerCookie(); 1964 if (endpoint == NULL || endpoint->trbs == NULL) 1965 return B_NO_INIT; 1966 1967 pipe->SetControllerCookie(NULL); 1968 1969 if (endpoint->id > 0) { 1970 xhci_device *device = endpoint->device; 1971 uint8 epNumber = endpoint->id + 1; 1972 StopEndpoint(true, endpoint); 1973 1974 mutex_lock(&endpoint->lock); 1975 1976 // See comment in CancelQueuedTransfers. 1977 xhci_td* td; 1978 while ((td = endpoint->td_head) != NULL) { 1979 endpoint->td_head = endpoint->td_head->next; 1980 FreeDescriptor(td); 1981 } 1982 1983 mutex_destroy(&endpoint->lock); 1984 memset(endpoint, 0, sizeof(xhci_endpoint)); 1985 1986 _WriteContext(&device->input_ctx->input.dropFlags, (1 << epNumber)); 1987 _WriteContext(&device->input_ctx->input.addFlags, (1 << 0)); 1988 1989 // The Deconfigure bit in the Configure Endpoint command indicates 1990 // that *all* endpoints are to be deconfigured, and not just the ones 1991 // specified in the context flags. (XHCI 1.2 �� 4.6.6 p115.) 1992 ConfigureEndpoint(device->input_ctx_addr, false, device->slot); 1993 } 1994 1995 return B_OK; 1996} 1997 1998 1999status_t 2000XHCI::_LinkDescriptorForPipe(xhci_td *descriptor, xhci_endpoint *endpoint) 2001{ 2002 TRACE("link descriptor for pipe\n"); 2003 2004 // Use mutex_trylock first, in case we are in KDL. 2005 MutexLocker endpointLocker(&endpoint->lock, mutex_trylock(&endpoint->lock) == B_OK); 2006 2007 // "used" refers to the number of currently linked TDs, not the number of 2008 // used TRBs on the ring (we use 2 TRBs on the ring per transfer.) 2009 // Furthermore, we have to leave an empty item between the head and tail. 2010 if (endpoint->used >= (XHCI_MAX_TRANSFERS - 1)) { 2011 TRACE_ERROR("link descriptor for pipe: max transfers count exceeded\n"); 2012 return B_BAD_VALUE; 2013 } 2014 2015 // We do not support queuing other transfers in tandem with a fragmented one. 2016 if (endpoint->td_head != NULL && endpoint->td_head->transfer != NULL 2017 && endpoint->td_head->transfer->IsFragmented()) { 2018 TRACE_ERROR("cannot submit transfer: a fragmented transfer is queued\n"); 2019 return B_DEV_RESOURCE_CONFLICT; 2020 } 2021 2022 endpoint->used++; 2023 descriptor->next = endpoint->td_head; 2024 endpoint->td_head = descriptor; 2025 2026 uint32 link = endpoint->next, eventdata = link + 1, next = eventdata + 1; 2027 if (eventdata == XHCI_ENDPOINT_RING_SIZE || next == XHCI_ENDPOINT_RING_SIZE) { 2028 // If it's "next" not "eventdata" that got us here, we will be leaving 2029 // one TRB at the end of the ring unused. 2030 eventdata = 0; 2031 next = 1; 2032 } 2033 2034 TRACE("link descriptor for pipe: link %d, next %d\n", link, next); 2035 2036 // Add a Link TRB to the end of the descriptor. 2037 phys_addr_t addr = endpoint->trb_addr + (eventdata * sizeof(xhci_trb)); 2038 descriptor->trbs[descriptor->trb_used].address = addr; 2039 descriptor->trbs[descriptor->trb_used].status = TRB_2_IRQ(0); 2040 descriptor->trbs[descriptor->trb_used].flags = TRB_3_TYPE(TRB_TYPE_LINK) 2041 | TRB_3_CHAIN_BIT | TRB_3_CYCLE_BIT; 2042 // It is specified that (XHCI 1.2 �� 4.12.3 Note 2 p251) if the TRB 2043 // following one with the ENT bit set is a Link TRB, the Link TRB 2044 // shall be evaluated *and* the subsequent TRB shall be. Thus a 2045 // TRB_3_ENT_BIT is unnecessary here; and from testing seems to 2046 // break all transfers on a (very) small number of controllers. 2047 2048#if !B_HOST_IS_LENDIAN 2049 // Convert endianness. 2050 for (uint32 i = 0; i <= descriptor->trb_used; i++) { 2051 descriptor->trbs[i].address = 2052 B_HOST_TO_LENDIAN_INT64(descriptor->trbs[i].address); 2053 descriptor->trbs[i].status = 2054 B_HOST_TO_LENDIAN_INT32(descriptor->trbs[i].status); 2055 descriptor->trbs[i].flags = 2056 B_HOST_TO_LENDIAN_INT32(descriptor->trbs[i].flags); 2057 } 2058#endif 2059 2060 // Link the descriptor. 2061 endpoint->trbs[link].address = 2062 B_HOST_TO_LENDIAN_INT64(descriptor->trb_addr); 2063 endpoint->trbs[link].status = 2064 B_HOST_TO_LENDIAN_INT32(TRB_2_IRQ(0)); 2065 endpoint->trbs[link].flags = 2066 B_HOST_TO_LENDIAN_INT32(TRB_3_TYPE(TRB_TYPE_LINK)); 2067 2068 // Set up the Event Data TRB (XHCI 1.2 �� 4.11.5.2 p230.) 2069 // 2070 // We do this on the main ring for two reasons: first, to avoid a small 2071 // potential race between the interrupt and the controller evaluating 2072 // the link TRB to get back onto the ring; and second, because many 2073 // controllers throw errors if the target of a Link TRB is not valid 2074 // (i.e. does not have its Cycle Bit set.) 2075 // 2076 // We also set the "address" field, which the controller will copy 2077 // verbatim into the TRB it posts to the event ring, to be the last 2078 // "real" TRB in the TD; this will allow us to determine what transfer 2079 // the resulting Transfer Event TRB refers to. 2080 endpoint->trbs[eventdata].address = 2081 B_HOST_TO_LENDIAN_INT64(descriptor->trb_addr 2082 + (descriptor->trb_used - 1) * sizeof(xhci_trb)); 2083 endpoint->trbs[eventdata].status = 2084 B_HOST_TO_LENDIAN_INT32(TRB_2_IRQ(0)); 2085 endpoint->trbs[eventdata].flags = 2086 B_HOST_TO_LENDIAN_INT32(TRB_3_TYPE(TRB_TYPE_EVENT_DATA) 2087 | TRB_3_IOC_BIT | TRB_3_CYCLE_BIT); 2088 2089 endpoint->trbs[next].address = 0; 2090 endpoint->trbs[next].status = 0; 2091 endpoint->trbs[next].flags = 0; 2092 2093 memory_write_barrier(); 2094 2095 // Everything is ready, so write the cycle bit. 2096 endpoint->trbs[link].flags |= B_HOST_TO_LENDIAN_INT32(TRB_3_CYCLE_BIT); 2097 2098 TRACE("_LinkDescriptorForPipe pLink %p phys 0x%" B_PRIxPHYSADDR 2099 " 0x%" B_PRIxPHYSADDR " 0x%08" B_PRIx32 "\n", &endpoint->trbs[link], 2100 endpoint->trb_addr + link * sizeof(struct xhci_trb), 2101 endpoint->trbs[link].address, 2102 B_LENDIAN_TO_HOST_INT32(endpoint->trbs[link].flags)); 2103 2104 endpoint->next = next; 2105 endpointLocker.Unlock(); 2106 2107 TRACE("Endpoint status 0x%08" B_PRIx32 " 0x%08" B_PRIx32 " 0x%016" B_PRIx64 "\n", 2108 _ReadContext(&endpoint->device->device_ctx->endpoints[endpoint->id].dwendpoint0), 2109 _ReadContext(&endpoint->device->device_ctx->endpoints[endpoint->id].dwendpoint1), 2110 _ReadContext(&endpoint->device->device_ctx->endpoints[endpoint->id].qwendpoint2)); 2111 2112 Ring(endpoint->device->slot, endpoint->id + 1); 2113 2114 TRACE("Endpoint status 0x%08" B_PRIx32 " 0x%08" B_PRIx32 " 0x%016" B_PRIx64 "\n", 2115 _ReadContext(&endpoint->device->device_ctx->endpoints[endpoint->id].dwendpoint0), 2116 _ReadContext(&endpoint->device->device_ctx->endpoints[endpoint->id].dwendpoint1), 2117 _ReadContext(&endpoint->device->device_ctx->endpoints[endpoint->id].qwendpoint2)); 2118 2119 return B_OK; 2120} 2121 2122 2123status_t 2124XHCI::_UnlinkDescriptorForPipe(xhci_td *descriptor, xhci_endpoint *endpoint) 2125{ 2126 TRACE("unlink descriptor for pipe\n"); 2127 // We presume that the caller has already locked or owns the endpoint. 2128 2129 endpoint->used--; 2130 if (descriptor == endpoint->td_head) { 2131 endpoint->td_head = descriptor->next; 2132 descriptor->next = NULL; 2133 return B_OK; 2134 } else { 2135 for (xhci_td *td = endpoint->td_head; td->next != NULL; td = td->next) { 2136 if (td->next == descriptor) { 2137 td->next = descriptor->next; 2138 descriptor->next = NULL; 2139 return B_OK; 2140 } 2141 } 2142 } 2143 2144 endpoint->used++; 2145 return B_ERROR; 2146} 2147 2148 2149status_t 2150XHCI::ConfigureEndpoint(xhci_endpoint* ep, uint8 slot, uint8 number, uint8 type, 2151 bool directionIn, uint16 interval, uint16 maxPacketSize, usb_speed speed, 2152 uint8 maxBurst, uint16 bytesPerInterval) 2153{ 2154 struct xhci_device* device = &fDevices[slot]; 2155 2156 uint32 dwendpoint0 = 0; 2157 uint32 dwendpoint1 = 0; 2158 uint64 qwendpoint2 = 0; 2159 uint32 dwendpoint4 = 0; 2160 2161 // Compute and assign the endpoint type. (XHCI 1.2 �� 6.2.3 Table 6-9 p452.) 2162 uint8 xhciType = 4; 2163 if ((type & USB_OBJECT_INTERRUPT_PIPE) != 0) 2164 xhciType = 3; 2165 if ((type & USB_OBJECT_BULK_PIPE) != 0) 2166 xhciType = 2; 2167 if ((type & USB_OBJECT_ISO_PIPE) != 0) 2168 xhciType = 1; 2169 xhciType |= directionIn ? (1 << 2) : 0; 2170 dwendpoint1 |= ENDPOINT_1_EPTYPE(xhciType); 2171 2172 // Compute and assign interval. (XHCI 1.2 �� 6.2.3.6 p456.) 2173 uint16 calcInterval; 2174 if ((type & USB_OBJECT_BULK_PIPE) != 0 2175 || (type & USB_OBJECT_CONTROL_PIPE) != 0) { 2176 // Bulk and Control endpoints never issue NAKs. 2177 calcInterval = 0; 2178 } else { 2179 switch (speed) { 2180 case USB_SPEED_FULLSPEED: 2181 if ((type & USB_OBJECT_ISO_PIPE) != 0) { 2182 // Convert 1-16 into 3-18. 2183 calcInterval = min_c(max_c(interval, 1), 16) + 2; 2184 break; 2185 } 2186 2187 // fall through 2188 case USB_SPEED_LOWSPEED: { 2189 // Convert 1ms-255ms into 3-10. 2190 2191 // Find the index of the highest set bit in "interval". 2192 uint32 temp = min_c(max_c(interval, 1), 255); 2193 for (calcInterval = 0; temp != 1; calcInterval++) 2194 temp = temp >> 1; 2195 calcInterval += 3; 2196 break; 2197 } 2198 2199 case USB_SPEED_HIGHSPEED: 2200 case USB_SPEED_SUPERSPEED: 2201 default: 2202 // Convert 1-16 into 0-15. 2203 calcInterval = min_c(max_c(interval, 1), 16) - 1; 2204 break; 2205 } 2206 } 2207 dwendpoint0 |= ENDPOINT_0_INTERVAL(calcInterval); 2208 2209 // For non-isochronous endpoints, we want the controller to retry failed 2210 // transfers, if possible. (XHCI 1.2 �� 4.10.2.3 p197.) 2211 if ((type & USB_OBJECT_ISO_PIPE) == 0) 2212 dwendpoint1 |= ENDPOINT_1_CERR(3); 2213 2214 // Assign maximum burst size. For USB3 devices this is passed in; for 2215 // all other devices we compute it. (XHCI 1.2 �� 4.8.2 p161.) 2216 if (speed == USB_SPEED_HIGHSPEED && (type & (USB_OBJECT_INTERRUPT_PIPE 2217 | USB_OBJECT_ISO_PIPE)) != 0) { 2218 maxBurst = (maxPacketSize & 0x1800) >> 11; 2219 } else if (speed != USB_SPEED_SUPERSPEED) { 2220 maxBurst = 0; 2221 } 2222 dwendpoint1 |= ENDPOINT_1_MAXBURST(maxBurst); 2223 2224 // Assign maximum packet size, set the ring address, and set the 2225 // "Dequeue Cycle State" bit. (XHCI 1.2 �� 6.2.3 Table 6-10 p453.) 2226 dwendpoint1 |= ENDPOINT_1_MAXPACKETSIZE(maxPacketSize); 2227 qwendpoint2 |= ENDPOINT_2_DCS_BIT | ep->trb_addr; 2228 2229 // The Max Burst Payload is the number of bytes moved by a 2230 // maximum sized burst. (XHCI 1.2 �� 4.11.7.1 p236.) 2231 ep->max_burst_payload = (maxBurst + 1) * maxPacketSize; 2232 if (ep->max_burst_payload == 0) { 2233 TRACE_ERROR("ConfigureEndpoint() failed invalid max_burst_payload\n"); 2234 return B_BAD_VALUE; 2235 } 2236 2237 // Assign average TRB length. 2238 if ((type & USB_OBJECT_CONTROL_PIPE) != 0) { 2239 // Control pipes are a special case, as they rarely have 2240 // outbound transfers of any substantial size. 2241 dwendpoint4 |= ENDPOINT_4_AVGTRBLENGTH(8); 2242 } else if ((type & USB_OBJECT_ISO_PIPE) != 0) { 2243 // Isochronous pipes are another special case: the TRB size will be 2244 // one packet (which is normally smaller than the max packet size, 2245 // but we don't know what it is here.) 2246 dwendpoint4 |= ENDPOINT_4_AVGTRBLENGTH(maxPacketSize); 2247 } else { 2248 // Under all other circumstances, we put max_burst_payload in a TRB. 2249 dwendpoint4 |= ENDPOINT_4_AVGTRBLENGTH(ep->max_burst_payload); 2250 } 2251 2252 // Assign maximum ESIT payload. (XHCI 1.2 �� 4.14.2 p259.) 2253 if ((type & (USB_OBJECT_INTERRUPT_PIPE | USB_OBJECT_ISO_PIPE)) != 0) { 2254 // TODO: For SuperSpeedPlus endpoints, there is yet another descriptor 2255 // for isochronous endpoints that specifies the maximum ESIT payload. 2256 // We don't fetch this yet, so just fall back to the USB2 computation 2257 // method if bytesPerInterval is 0. 2258 if (speed == USB_SPEED_SUPERSPEED && bytesPerInterval != 0) 2259 dwendpoint4 |= ENDPOINT_4_MAXESITPAYLOAD(bytesPerInterval); 2260 else if (speed >= USB_SPEED_HIGHSPEED) 2261 dwendpoint4 |= ENDPOINT_4_MAXESITPAYLOAD((maxBurst + 1) * maxPacketSize); 2262 } 2263 2264 _WriteContext(&device->input_ctx->endpoints[number].dwendpoint0, 2265 dwendpoint0); 2266 _WriteContext(&device->input_ctx->endpoints[number].dwendpoint1, 2267 dwendpoint1); 2268 _WriteContext(&device->input_ctx->endpoints[number].qwendpoint2, 2269 qwendpoint2); 2270 _WriteContext(&device->input_ctx->endpoints[number].dwendpoint4, 2271 dwendpoint4); 2272 2273 TRACE("endpoint 0x%" B_PRIx32 " 0x%" B_PRIx32 " 0x%" B_PRIx64 " 0x%" 2274 B_PRIx32 "\n", 2275 _ReadContext(&device->input_ctx->endpoints[number].dwendpoint0), 2276 _ReadContext(&device->input_ctx->endpoints[number].dwendpoint1), 2277 _ReadContext(&device->input_ctx->endpoints[number].qwendpoint2), 2278 _ReadContext(&device->input_ctx->endpoints[number].dwendpoint4)); 2279 2280 return B_OK; 2281} 2282 2283 2284status_t 2285XHCI::GetPortSpeed(uint8 index, usb_speed* speed) 2286{ 2287 if (index >= fPortCount) 2288 return B_BAD_INDEX; 2289 2290 uint32 portStatus = ReadOpReg(XHCI_PORTSC(index)); 2291 2292 switch (PS_SPEED_GET(portStatus)) { 2293 case 2: 2294 *speed = USB_SPEED_LOWSPEED; 2295 break; 2296 case 1: 2297 *speed = USB_SPEED_FULLSPEED; 2298 break; 2299 case 3: 2300 *speed = USB_SPEED_HIGHSPEED; 2301 break; 2302 case 4: 2303 *speed = USB_SPEED_SUPERSPEED; 2304 break; 2305 default: 2306 TRACE_ALWAYS("nonstandard port speed %" B_PRId32 ", assuming SuperSpeed\n", 2307 PS_SPEED_GET(portStatus)); 2308 *speed = USB_SPEED_SUPERSPEED; 2309 break; 2310 } 2311 2312 return B_OK; 2313} 2314 2315 2316status_t 2317XHCI::GetPortStatus(uint8 index, usb_port_status* status) 2318{ 2319 if (index >= fPortCount) 2320 return B_BAD_INDEX; 2321 2322 status->status = status->change = 0; 2323 uint32 portStatus = ReadOpReg(XHCI_PORTSC(index)); 2324 TRACE("port %" B_PRId8 " status=0x%08" B_PRIx32 "\n", index, portStatus); 2325 2326 // build the status 2327 switch (PS_SPEED_GET(portStatus)) { 2328 case 3: 2329 status->status |= PORT_STATUS_HIGH_SPEED; 2330 break; 2331 case 2: 2332 status->status |= PORT_STATUS_LOW_SPEED; 2333 break; 2334 default: 2335 break; 2336 } 2337 2338 if (portStatus & PS_CCS) 2339 status->status |= PORT_STATUS_CONNECTION; 2340 if (portStatus & PS_PED) 2341 status->status |= PORT_STATUS_ENABLE; 2342 if (portStatus & PS_OCA) 2343 status->status |= PORT_STATUS_OVER_CURRENT; 2344 if (portStatus & PS_PR) 2345 status->status |= PORT_STATUS_RESET; 2346 if (portStatus & PS_PP) { 2347 if (fPortSpeeds[index] == USB_SPEED_SUPERSPEED) 2348 status->status |= PORT_STATUS_SS_POWER; 2349 else 2350 status->status |= PORT_STATUS_POWER; 2351 } 2352 if (fPortSpeeds[index] == USB_SPEED_SUPERSPEED) 2353 status->status |= portStatus & PS_PLS_MASK; 2354 2355 // build the change 2356 if (portStatus & PS_CSC) 2357 status->change |= PORT_STATUS_CONNECTION; 2358 if (portStatus & PS_PEC) 2359 status->change |= PORT_STATUS_ENABLE; 2360 if (portStatus & PS_OCC) 2361 status->change |= PORT_STATUS_OVER_CURRENT; 2362 if (portStatus & PS_PRC) 2363 status->change |= PORT_STATUS_RESET; 2364 2365 if (fPortSpeeds[index] == USB_SPEED_SUPERSPEED) { 2366 if (portStatus & PS_PLC) 2367 status->change |= PORT_CHANGE_LINK_STATE; 2368 if (portStatus & PS_WRC) 2369 status->change |= PORT_CHANGE_BH_PORT_RESET; 2370 } 2371 2372 return B_OK; 2373} 2374 2375 2376status_t 2377XHCI::SetPortFeature(uint8 index, uint16 feature) 2378{ 2379 TRACE("set port feature index %u feature %u\n", index, feature); 2380 if (index >= fPortCount) 2381 return B_BAD_INDEX; 2382 2383 uint32 portRegister = XHCI_PORTSC(index); 2384 uint32 portStatus = ReadOpReg(portRegister) & ~PS_CLEAR; 2385 2386 switch (feature) { 2387 case PORT_SUSPEND: 2388 if ((portStatus & PS_PED) == 0 || (portStatus & PS_PR) 2389 || (portStatus & PS_PLS_MASK) >= PS_XDEV_U3) { 2390 TRACE_ERROR("USB core suspending device not in U0/U1/U2.\n"); 2391 return B_BAD_VALUE; 2392 } 2393 portStatus &= ~PS_PLS_MASK; 2394 WriteOpReg(portRegister, portStatus | PS_LWS | PS_XDEV_U3); 2395 break; 2396 2397 case PORT_RESET: 2398 WriteOpReg(portRegister, portStatus | PS_PR); 2399 break; 2400 2401 case PORT_POWER: 2402 WriteOpReg(portRegister, portStatus | PS_PP); 2403 break; 2404 default: 2405 return B_BAD_VALUE; 2406 } 2407 ReadOpReg(portRegister); 2408 return B_OK; 2409} 2410 2411 2412status_t 2413XHCI::ClearPortFeature(uint8 index, uint16 feature) 2414{ 2415 TRACE("clear port feature index %u feature %u\n", index, feature); 2416 if (index >= fPortCount) 2417 return B_BAD_INDEX; 2418 2419 uint32 portRegister = XHCI_PORTSC(index); 2420 uint32 portStatus = ReadOpReg(portRegister) & ~PS_CLEAR; 2421 2422 switch (feature) { 2423 case PORT_SUSPEND: 2424 portStatus = ReadOpReg(portRegister); 2425 if (portStatus & PS_PR) 2426 return B_BAD_VALUE; 2427 if (portStatus & PS_XDEV_U3) { 2428 if ((portStatus & PS_PED) == 0) 2429 return B_BAD_VALUE; 2430 portStatus &= ~PS_PLS_MASK; 2431 WriteOpReg(portRegister, portStatus | PS_XDEV_U0 | PS_LWS); 2432 } 2433 break; 2434 case PORT_ENABLE: 2435 WriteOpReg(portRegister, portStatus | PS_PED); 2436 break; 2437 case PORT_POWER: 2438 WriteOpReg(portRegister, portStatus & ~PS_PP); 2439 break; 2440 case C_PORT_CONNECTION: 2441 WriteOpReg(portRegister, portStatus | PS_CSC); 2442 break; 2443 case C_PORT_ENABLE: 2444 WriteOpReg(portRegister, portStatus | PS_PEC); 2445 break; 2446 case C_PORT_OVER_CURRENT: 2447 WriteOpReg(portRegister, portStatus | PS_OCC); 2448 break; 2449 case C_PORT_RESET: 2450 WriteOpReg(portRegister, portStatus | PS_PRC); 2451 break; 2452 case C_PORT_BH_PORT_RESET: 2453 WriteOpReg(portRegister, portStatus | PS_WRC); 2454 break; 2455 case C_PORT_LINK_STATE: 2456 WriteOpReg(portRegister, portStatus | PS_PLC); 2457 break; 2458 default: 2459 return B_BAD_VALUE; 2460 } 2461 2462 ReadOpReg(portRegister); 2463 return B_OK; 2464} 2465 2466 2467status_t 2468XHCI::ControllerHalt() 2469{ 2470 // Mask off run state 2471 WriteOpReg(XHCI_CMD, ReadOpReg(XHCI_CMD) & ~CMD_RUN); 2472 2473 // wait for shutdown state 2474 if (WaitOpBits(XHCI_STS, STS_HCH, STS_HCH) != B_OK) { 2475 TRACE_ERROR("HCH shutdown timeout\n"); 2476 return B_ERROR; 2477 } 2478 return B_OK; 2479} 2480 2481 2482status_t 2483XHCI::ControllerReset() 2484{ 2485 TRACE("ControllerReset() cmd: 0x%" B_PRIx32 " sts: 0x%" B_PRIx32 "\n", 2486 ReadOpReg(XHCI_CMD), ReadOpReg(XHCI_STS)); 2487 WriteOpReg(XHCI_CMD, ReadOpReg(XHCI_CMD) | CMD_HCRST); 2488 2489 if (WaitOpBits(XHCI_CMD, CMD_HCRST, 0) != B_OK) { 2490 TRACE_ERROR("ControllerReset() failed CMD_HCRST\n"); 2491 return B_ERROR; 2492 } 2493 2494 if (WaitOpBits(XHCI_STS, STS_CNR, 0) != B_OK) { 2495 TRACE_ERROR("ControllerReset() failed STS_CNR\n"); 2496 return B_ERROR; 2497 } 2498 2499 return B_OK; 2500} 2501 2502 2503int32 2504XHCI::InterruptHandler(void* data) 2505{ 2506 return ((XHCI*)data)->Interrupt(); 2507} 2508 2509 2510int32 2511XHCI::Interrupt() 2512{ 2513 SpinLocker _(&fSpinlock); 2514 2515 uint32 status = ReadOpReg(XHCI_STS); 2516 uint32 temp = ReadRunReg32(XHCI_IMAN(0)); 2517 WriteOpReg(XHCI_STS, status); 2518 WriteRunReg32(XHCI_IMAN(0), temp); 2519 2520 int32 result = B_HANDLED_INTERRUPT; 2521 2522 if ((status & STS_HCH) != 0) { 2523 TRACE_ERROR("Host Controller halted\n"); 2524 return result; 2525 } 2526 if ((status & STS_HSE) != 0) { 2527 TRACE_ERROR("Host System Error\n"); 2528 return result; 2529 } 2530 if ((status & STS_HCE) != 0) { 2531 TRACE_ERROR("Host Controller Error\n"); 2532 return result; 2533 } 2534 2535 if ((status & STS_EINT) == 0) { 2536 TRACE("STS: 0x%" B_PRIx32 " IRQ_PENDING: 0x%" B_PRIx32 "\n", 2537 status, temp); 2538 return B_UNHANDLED_INTERRUPT; 2539 } 2540 2541 TRACE("Event Interrupt\n"); 2542 release_sem_etc(fEventSem, 1, B_DO_NOT_RESCHEDULE); 2543 return B_INVOKE_SCHEDULER; 2544} 2545 2546 2547void 2548XHCI::Ring(uint8 slot, uint8 endpoint) 2549{ 2550 TRACE("Ding Dong! slot:%d endpoint %d\n", slot, endpoint) 2551 if ((slot == 0 && endpoint > 0) || (slot > 0 && endpoint == 0)) 2552 panic("Ring() invalid slot/endpoint combination\n"); 2553 if (slot > fSlotCount || endpoint >= XHCI_MAX_ENDPOINTS) 2554 panic("Ring() invalid slot or endpoint\n"); 2555 2556 WriteDoorReg32(XHCI_DOORBELL(slot), XHCI_DOORBELL_TARGET(endpoint) 2557 | XHCI_DOORBELL_STREAMID(0)); 2558 ReadDoorReg32(XHCI_DOORBELL(slot)); 2559 // Flush PCI writes 2560} 2561 2562 2563void 2564XHCI::QueueCommand(xhci_trb* trb) 2565{ 2566 uint8 i, j; 2567 uint32 temp; 2568 2569 i = fCmdIdx; 2570 j = fCmdCcs; 2571 2572 TRACE("command[%u] = %" B_PRId32 " (0x%016" B_PRIx64 ", 0x%08" B_PRIx32 2573 ", 0x%08" B_PRIx32 ")\n", i, TRB_3_TYPE_GET(trb->flags), trb->address, 2574 trb->status, trb->flags); 2575 2576 fCmdRing[i].address = trb->address; 2577 fCmdRing[i].status = trb->status; 2578 temp = trb->flags; 2579 2580 if (j) 2581 temp |= TRB_3_CYCLE_BIT; 2582 else 2583 temp &= ~TRB_3_CYCLE_BIT; 2584 temp &= ~TRB_3_TC_BIT; 2585 fCmdRing[i].flags = B_HOST_TO_LENDIAN_INT32(temp); 2586 2587 fCmdAddr = fErst->rs_addr + (XHCI_MAX_EVENTS + i) * sizeof(xhci_trb); 2588 2589 i++; 2590 2591 if (i == (XHCI_MAX_COMMANDS - 1)) { 2592 temp = TRB_3_TYPE(TRB_TYPE_LINK) | TRB_3_TC_BIT; 2593 if (j) 2594 temp |= TRB_3_CYCLE_BIT; 2595 fCmdRing[i].flags = B_HOST_TO_LENDIAN_INT32(temp); 2596 2597 i = 0; 2598 j ^= 1; 2599 } 2600 2601 fCmdIdx = i; 2602 fCmdCcs = j; 2603} 2604 2605 2606void 2607XHCI::HandleCmdComplete(xhci_trb* trb) 2608{ 2609 if (fCmdAddr == trb->address) { 2610 TRACE("Received command event\n"); 2611 fCmdResult[0] = trb->status; 2612 fCmdResult[1] = B_LENDIAN_TO_HOST_INT32(trb->flags); 2613 release_sem_etc(fCmdCompSem, 1, B_DO_NOT_RESCHEDULE); 2614 } else 2615 TRACE_ERROR("received command event for unknown command!\n") 2616} 2617 2618 2619void 2620XHCI::HandleTransferComplete(xhci_trb* trb) 2621{ 2622 const uint32 flags = B_LENDIAN_TO_HOST_INT32(trb->flags); 2623 const uint8 endpointNumber = TRB_3_ENDPOINT_GET(flags), 2624 slot = TRB_3_SLOT_GET(flags); 2625 2626 if (slot > fSlotCount) 2627 TRACE_ERROR("invalid slot\n"); 2628 if (endpointNumber == 0 || endpointNumber >= XHCI_MAX_ENDPOINTS) { 2629 TRACE_ERROR("invalid endpoint\n"); 2630 return; 2631 } 2632 2633 xhci_device *device = &fDevices[slot]; 2634 xhci_endpoint *endpoint = &device->endpoints[endpointNumber - 1]; 2635 2636 if (endpoint->trbs == NULL) { 2637 TRACE_ERROR("got TRB but endpoint is not allocated!\n"); 2638 return; 2639 } 2640 2641 // Use mutex_trylock first, in case we are in KDL. 2642 MutexLocker endpointLocker(endpoint->lock, mutex_trylock(&endpoint->lock) == B_OK); 2643 if (!endpointLocker.IsLocked()) { 2644 // We failed to get the lock. Most likely it was destroyed 2645 // while we were waiting for it. 2646 return; 2647 } 2648 2649 TRACE("HandleTransferComplete: ed %" B_PRIu32 ", status %" B_PRId32 "\n", 2650 (flags & TRB_3_EVENT_DATA_BIT), trb->status); 2651 2652 uint8 completionCode = TRB_2_COMP_CODE_GET(trb->status); 2653 2654 if (completionCode == COMP_RING_OVERRUN || completionCode == COMP_RING_UNDERRUN) { 2655 // These occur on isochronous endpoints when there is no TRB ready to be 2656 // executed at the appropriate time. (XHCI 1.2 �� 4.10.3.1 p204.) 2657 endpoint->status = completionCode; 2658 return; 2659 } 2660 2661 int32 remainder = TRB_2_REM_GET(trb->status), transferred = -1; 2662 if ((flags & TRB_3_EVENT_DATA_BIT) != 0) { 2663 // In the case of an Event Data TRB, value in the status field refers 2664 // to the actual number of bytes transferred across the whole TD. 2665 // (XHCI 1.2 �� 6.4.2.1 Table 6-38 p478.) 2666 transferred = remainder; 2667 remainder = -1; 2668 } else { 2669 // This should only occur under error conditions, or for isochronous transfers. 2670 TRACE("got transfer event for a non-Event Data TRB!\n"); 2671 2672 if (completionCode == COMP_STOPPED_LENGTH_INVALID) 2673 remainder = -1; 2674 } 2675 2676 if (completionCode != COMP_SUCCESS && completionCode != COMP_SHORT_PACKET 2677 && completionCode != COMP_STOPPED && completionCode != COMP_STOPPED_LENGTH_INVALID) { 2678 TRACE_ALWAYS("transfer error on slot %" B_PRId8 " endpoint %" B_PRId8 2679 ": %s\n", slot, endpointNumber, xhci_error_string(completionCode)); 2680 } 2681 2682 phys_addr_t source = B_LENDIAN_TO_HOST_INT64(trb->address); 2683 if (source >= endpoint->trb_addr 2684 && (source - endpoint->trb_addr) < (XHCI_ENDPOINT_RING_SIZE * sizeof(xhci_trb))) { 2685 // The "source" address points to a TRB on the ring. 2686 // See if we can figure out what it really corresponds to. 2687 const int64 offset = (source - endpoint->trb_addr) / sizeof(xhci_trb); 2688 const int32 type = TRB_3_TYPE_GET(endpoint->trbs[offset].flags); 2689 if (type == TRB_TYPE_EVENT_DATA || type == TRB_TYPE_LINK) 2690 source = B_LENDIAN_TO_HOST_INT64(endpoint->trbs[offset].address); 2691 } 2692 2693 for (xhci_td *td = endpoint->td_head; td != NULL; td = td->next) { 2694 int64 offset = (source - td->trb_addr) / sizeof(xhci_trb); 2695 if (offset < 0 || offset >= td->trb_count) 2696 continue; 2697 2698 TRACE("HandleTransferComplete td %p trb %" B_PRId64 " found\n", 2699 td, offset); 2700 2701 if (td->transfer != NULL && td->transfer->IsochronousData() != NULL) { 2702 usb_isochronous_data* isochronousData = td->transfer->IsochronousData(); 2703 usb_iso_packet_descriptor& descriptor = isochronousData->packet_descriptors[offset]; 2704 if (transferred < 0) 2705 transferred = (TRB_2_BYTES_GET(td->trbs[offset].status) - remainder); 2706 descriptor.actual_length = transferred; 2707 descriptor.status = xhci_error_status(completionCode, 2708 (td->transfer->TransferPipe()->Direction() != Pipe::Out)); 2709 2710 // Don't double-report completion status. 2711 completionCode = COMP_SUCCESS; 2712 2713 if (offset != (td->trb_used - 1)) { 2714 // We'll be sent here again. 2715 return; 2716 } 2717 2718 // Compute the real transferred length. 2719 transferred = 0; 2720 for (int32 i = 0; i < offset; i++) { 2721 usb_iso_packet_descriptor& descriptor = isochronousData->packet_descriptors[i]; 2722 if (descriptor.status == B_NO_INIT) { 2723 // Assume success. 2724 descriptor.actual_length = descriptor.request_length; 2725 descriptor.status = B_OK; 2726 } 2727 transferred += descriptor.actual_length; 2728 } 2729 2730 // Report the endpoint status (if any.) 2731 if (endpoint->status != 0) { 2732 completionCode = endpoint->status; 2733 endpoint->status = 0; 2734 } 2735 } else if (completionCode == COMP_STOPPED_LENGTH_INVALID) { 2736 // To determine transferred length, sum up the lengths of all TRBs 2737 // prior to the referenced one. (XHCI 1.2 �� 4.6.9 p136.) 2738 transferred = 0; 2739 for (int32 i = 0; i < offset; i++) 2740 transferred += TRB_2_BYTES_GET(td->trbs[i].status); 2741 } 2742 2743 // The TRB at offset trb_used will be the link TRB, which we do not 2744 // care about (and should not generate an interrupt at all.) We really 2745 // care about the properly last TRB, at index "count - 1", which the 2746 // Event Data TRB that _LinkDescriptorForPipe creates points to. 2747 // 2748 // But if we have an unsuccessful completion code, the transfer 2749 // likely failed midway; so just accept it anyway. 2750 if (offset == (td->trb_used - 1) || completionCode != COMP_SUCCESS) { 2751 _UnlinkDescriptorForPipe(td, endpoint); 2752 endpointLocker.Unlock(); 2753 2754 td->trb_completion_code = completionCode; 2755 td->td_transferred = transferred; 2756 td->trb_left = remainder; 2757 2758 // add descriptor to finished list 2759 if (mutex_trylock(&fFinishedLock) != B_OK) 2760 mutex_lock(&fFinishedLock); 2761 td->next = fFinishedHead; 2762 fFinishedHead = td; 2763 mutex_unlock(&fFinishedLock); 2764 2765 release_sem_etc(fFinishTransfersSem, 1, B_DO_NOT_RESCHEDULE); 2766 TRACE("HandleTransferComplete td %p done\n", td); 2767 } else { 2768 TRACE_ERROR("successful TRB 0x%" B_PRIxPHYSADDR " was found, but it wasn't " 2769 "the last in the TD!\n", source); 2770 } 2771 return; 2772 } 2773 TRACE_ERROR("TRB 0x%" B_PRIxPHYSADDR " was not found in the endpoint!\n", source); 2774} 2775 2776 2777void 2778XHCI::DumpRing(xhci_trb *trbs, uint32 size) 2779{ 2780 if (!Lock()) { 2781 TRACE("Unable to get lock!\n"); 2782 return; 2783 } 2784 2785 for (uint32 i = 0; i < size; i++) { 2786 TRACE("command[%" B_PRId32 "] = %" B_PRId32 " (0x%016" B_PRIx64 "," 2787 " 0x%08" B_PRIx32 ", 0x%08" B_PRIx32 ")\n", i, 2788 TRB_3_TYPE_GET(B_LENDIAN_TO_HOST_INT32(trbs[i].flags)), 2789 trbs[i].address, trbs[i].status, trbs[i].flags); 2790 } 2791 2792 Unlock(); 2793} 2794 2795 2796status_t 2797XHCI::DoCommand(xhci_trb* trb) 2798{ 2799 if (!Lock()) { 2800 TRACE("Unable to get lock!\n"); 2801 return B_ERROR; 2802 } 2803 2804 QueueCommand(trb); 2805 Ring(0, 0); 2806 2807 // Begin with a 50ms timeout. 2808 if (acquire_sem_etc(fCmdCompSem, 1, B_RELATIVE_TIMEOUT, 50 * 1000) != B_OK) { 2809 // We've hit the timeout. In some error cases, interrupts are not 2810 // generated; so here we force the event ring to be polled once. 2811 release_sem(fEventSem); 2812 2813 // Now try again, this time with a 750ms timeout. 2814 if (acquire_sem_etc(fCmdCompSem, 1, B_RELATIVE_TIMEOUT, 2815 750 * 1000) != B_OK) { 2816 TRACE("Unable to obtain fCmdCompSem!\n"); 2817 fCmdAddr = 0; 2818 Unlock(); 2819 return B_TIMED_OUT; 2820 } 2821 } 2822 2823 // eat up sems that have been released by multiple interrupts 2824 int32 semCount = 0; 2825 get_sem_count(fCmdCompSem, &semCount); 2826 if (semCount > 0) 2827 acquire_sem_etc(fCmdCompSem, semCount, B_RELATIVE_TIMEOUT, 0); 2828 2829 status_t status = B_OK; 2830 uint32 completionCode = TRB_2_COMP_CODE_GET(fCmdResult[0]); 2831 TRACE("command complete\n"); 2832 if (completionCode != COMP_SUCCESS) { 2833 TRACE_ERROR("unsuccessful command %" B_PRId32 ", error %s (%" B_PRId32 ")\n", 2834 TRB_3_TYPE_GET(trb->flags), xhci_error_string(completionCode), 2835 completionCode); 2836 status = B_IO_ERROR; 2837 } 2838 2839 trb->status = fCmdResult[0]; 2840 trb->flags = fCmdResult[1]; 2841 2842 fCmdAddr = 0; 2843 Unlock(); 2844 return status; 2845} 2846 2847 2848status_t 2849XHCI::Noop() 2850{ 2851 TRACE("Issue No-Op\n"); 2852 xhci_trb trb; 2853 trb.address = 0; 2854 trb.status = 0; 2855 trb.flags = TRB_3_TYPE(TRB_TYPE_CMD_NOOP); 2856 2857 return DoCommand(&trb); 2858} 2859 2860 2861status_t 2862XHCI::EnableSlot(uint8* slot) 2863{ 2864 TRACE("Enable Slot\n"); 2865 xhci_trb trb; 2866 trb.address = 0; 2867 trb.status = 0; 2868 trb.flags = TRB_3_TYPE(TRB_TYPE_ENABLE_SLOT); 2869 2870 status_t status = DoCommand(&trb); 2871 if (status != B_OK) 2872 return status; 2873 2874 *slot = TRB_3_SLOT_GET(trb.flags); 2875 return *slot != 0 ? B_OK : B_BAD_VALUE; 2876} 2877 2878 2879status_t 2880XHCI::DisableSlot(uint8 slot) 2881{ 2882 TRACE("Disable Slot\n"); 2883 xhci_trb trb; 2884 trb.address = 0; 2885 trb.status = 0; 2886 trb.flags = TRB_3_TYPE(TRB_TYPE_DISABLE_SLOT) | TRB_3_SLOT(slot); 2887 2888 return DoCommand(&trb); 2889} 2890 2891 2892status_t 2893XHCI::SetAddress(uint64 inputContext, bool bsr, uint8 slot) 2894{ 2895 TRACE("Set Address\n"); 2896 xhci_trb trb; 2897 trb.address = inputContext; 2898 trb.status = 0; 2899 trb.flags = TRB_3_TYPE(TRB_TYPE_ADDRESS_DEVICE) | TRB_3_SLOT(slot); 2900 2901 if (bsr) 2902 trb.flags |= TRB_3_BSR_BIT; 2903 2904 return DoCommand(&trb); 2905} 2906 2907 2908status_t 2909XHCI::ConfigureEndpoint(uint64 inputContext, bool deconfigure, uint8 slot) 2910{ 2911 TRACE("Configure Endpoint\n"); 2912 xhci_trb trb; 2913 trb.address = inputContext; 2914 trb.status = 0; 2915 trb.flags = TRB_3_TYPE(TRB_TYPE_CONFIGURE_ENDPOINT) | TRB_3_SLOT(slot); 2916 2917 if (deconfigure) 2918 trb.flags |= TRB_3_DCEP_BIT; 2919 2920 return DoCommand(&trb); 2921} 2922 2923 2924status_t 2925XHCI::EvaluateContext(uint64 inputContext, uint8 slot) 2926{ 2927 TRACE("Evaluate Context\n"); 2928 xhci_trb trb; 2929 trb.address = inputContext; 2930 trb.status = 0; 2931 trb.flags = TRB_3_TYPE(TRB_TYPE_EVALUATE_CONTEXT) | TRB_3_SLOT(slot); 2932 2933 return DoCommand(&trb); 2934} 2935 2936 2937status_t 2938XHCI::ResetEndpoint(bool preserve, xhci_endpoint* endpoint) 2939{ 2940 TRACE("Reset Endpoint\n"); 2941 2942 switch (_GetEndpointState(endpoint)) { 2943 case ENDPOINT_STATE_STOPPED: 2944 TRACE("Reset Endpoint: already stopped"); 2945 return B_OK; 2946 case ENDPOINT_STATE_HALTED: 2947 TRACE("Reset Endpoint: warning, weird state!"); 2948 default: 2949 break; 2950 } 2951 2952 xhci_trb trb; 2953 trb.address = 0; 2954 trb.status = 0; 2955 trb.flags = TRB_3_TYPE(TRB_TYPE_RESET_ENDPOINT) 2956 | TRB_3_SLOT(endpoint->device->slot) | TRB_3_ENDPOINT(endpoint->id + 1); 2957 if (preserve) 2958 trb.flags |= TRB_3_PRSV_BIT; 2959 2960 return DoCommand(&trb); 2961} 2962 2963 2964status_t 2965XHCI::StopEndpoint(bool suspend, xhci_endpoint* endpoint) 2966{ 2967 TRACE("Stop Endpoint\n"); 2968 2969 switch (_GetEndpointState(endpoint)) { 2970 case ENDPOINT_STATE_HALTED: 2971 TRACE("Stop Endpoint: error, halted"); 2972 return B_DEV_STALLED; 2973 case ENDPOINT_STATE_STOPPED: 2974 TRACE("Stop Endpoint: already stopped"); 2975 return B_OK; 2976 default: 2977 break; 2978 } 2979 2980 xhci_trb trb; 2981 trb.address = 0; 2982 trb.status = 0; 2983 trb.flags = TRB_3_TYPE(TRB_TYPE_STOP_ENDPOINT) 2984 | TRB_3_SLOT(endpoint->device->slot) | TRB_3_ENDPOINT(endpoint->id + 1); 2985 if (suspend) 2986 trb.flags |= TRB_3_SUSPEND_ENDPOINT_BIT; 2987 2988 return DoCommand(&trb); 2989} 2990 2991 2992status_t 2993XHCI::SetTRDequeue(uint64 dequeue, uint16 stream, uint8 endpoint, uint8 slot) 2994{ 2995 TRACE("Set TR Dequeue\n"); 2996 xhci_trb trb; 2997 trb.address = dequeue | ENDPOINT_2_DCS_BIT; 2998 // The DCS bit is copied from the address field as in ConfigureEndpoint. 2999 // (XHCI 1.2 �� 4.6.10 p142.) 3000 trb.status = TRB_2_STREAM(stream); 3001 trb.flags = TRB_3_TYPE(TRB_TYPE_SET_TR_DEQUEUE) 3002 | TRB_3_SLOT(slot) | TRB_3_ENDPOINT(endpoint); 3003 3004 return DoCommand(&trb); 3005} 3006 3007 3008status_t 3009XHCI::ResetDevice(uint8 slot) 3010{ 3011 TRACE("Reset Device\n"); 3012 xhci_trb trb; 3013 trb.address = 0; 3014 trb.status = 0; 3015 trb.flags = TRB_3_TYPE(TRB_TYPE_RESET_DEVICE) | TRB_3_SLOT(slot); 3016 3017 return DoCommand(&trb); 3018} 3019 3020 3021int32 3022XHCI::EventThread(void* data) 3023{ 3024 ((XHCI *)data)->CompleteEvents(); 3025 return B_OK; 3026} 3027 3028 3029void 3030XHCI::CompleteEvents() 3031{ 3032 while (!fStopThreads) { 3033 if (acquire_sem(fEventSem) < B_OK) 3034 continue; 3035 3036 // eat up sems that have been released by multiple interrupts 3037 int32 semCount = 0; 3038 get_sem_count(fEventSem, &semCount); 3039 if (semCount > 0) 3040 acquire_sem_etc(fEventSem, semCount, B_RELATIVE_TIMEOUT, 0); 3041 3042 ProcessEvents(); 3043 } 3044} 3045 3046 3047void 3048XHCI::ProcessEvents() 3049{ 3050 // Use mutex_trylock first, in case we are in KDL. 3051 MutexLocker locker(fEventLock, mutex_trylock(&fEventLock) == B_OK); 3052 if (!locker.IsLocked()) { 3053 // We failed to get the lock. This really should not happen. 3054 TRACE_ERROR("failed to acquire event lock!\n"); 3055 return; 3056 } 3057 3058 uint16 i = fEventIdx; 3059 uint8 j = fEventCcs; 3060 uint8 t = 2; 3061 3062 while (1) { 3063 uint32 temp = B_LENDIAN_TO_HOST_INT32(fEventRing[i].flags); 3064 uint8 event = TRB_3_TYPE_GET(temp); 3065 TRACE("event[%u] = %u (0x%016" B_PRIx64 " 0x%08" B_PRIx32 " 0x%08" 3066 B_PRIx32 ")\n", i, event, fEventRing[i].address, 3067 fEventRing[i].status, B_LENDIAN_TO_HOST_INT32(fEventRing[i].flags)); 3068 uint8 k = (temp & TRB_3_CYCLE_BIT) ? 1 : 0; 3069 if (j != k) 3070 break; 3071 3072 switch (event) { 3073 case TRB_TYPE_COMMAND_COMPLETION: 3074 HandleCmdComplete(&fEventRing[i]); 3075 break; 3076 case TRB_TYPE_TRANSFER: 3077 HandleTransferComplete(&fEventRing[i]); 3078 break; 3079 case TRB_TYPE_PORT_STATUS_CHANGE: 3080 TRACE("port change detected\n"); 3081 break; 3082 default: 3083 TRACE_ERROR("Unhandled event = %u\n", event); 3084 break; 3085 } 3086 3087 i++; 3088 if (i == XHCI_MAX_EVENTS) { 3089 i = 0; 3090 j ^= 1; 3091 if (!--t) 3092 break; 3093 } 3094 } 3095 3096 fEventIdx = i; 3097 fEventCcs = j; 3098 3099 uint64 addr = fErst->rs_addr + i * sizeof(xhci_trb); 3100 WriteRunReg32(XHCI_ERDP_LO(0), (uint32)addr | ERDP_BUSY); 3101 WriteRunReg32(XHCI_ERDP_HI(0), (uint32)(addr >> 32)); 3102} 3103 3104 3105int32 3106XHCI::FinishThread(void* data) 3107{ 3108 ((XHCI *)data)->FinishTransfers(); 3109 return B_OK; 3110} 3111 3112 3113void 3114XHCI::FinishTransfers() 3115{ 3116 while (!fStopThreads) { 3117 if (acquire_sem(fFinishTransfersSem) < B_OK) 3118 continue; 3119 3120 // eat up sems that have been released by multiple interrupts 3121 int32 semCount = 0; 3122 get_sem_count(fFinishTransfersSem, &semCount); 3123 if (semCount > 0) 3124 acquire_sem_etc(fFinishTransfersSem, semCount, B_RELATIVE_TIMEOUT, 0); 3125 3126 mutex_lock(&fFinishedLock); 3127 TRACE("finishing transfers\n"); 3128 while (fFinishedHead != NULL) { 3129 xhci_td* td = fFinishedHead; 3130 fFinishedHead = td->next; 3131 td->next = NULL; 3132 mutex_unlock(&fFinishedLock); 3133 3134 TRACE("finishing transfer td %p\n", td); 3135 3136 Transfer* transfer = td->transfer; 3137 if (transfer == NULL) { 3138 // No transfer? Quick way out. 3139 FreeDescriptor(td); 3140 mutex_lock(&fFinishedLock); 3141 continue; 3142 } 3143 3144 bool directionIn = (transfer->TransferPipe()->Direction() != Pipe::Out); 3145 3146 const uint8 completionCode = td->trb_completion_code; 3147 status_t callbackStatus = xhci_error_status(completionCode, directionIn); 3148 3149 size_t actualLength = transfer->FragmentLength(); 3150 if (completionCode != COMP_SUCCESS) { 3151 actualLength = td->td_transferred; 3152 if (td->td_transferred == -1) 3153 actualLength = transfer->FragmentLength() - td->trb_left; 3154 TRACE("transfer not successful, actualLength=%" B_PRIuSIZE "\n", 3155 actualLength); 3156 } 3157 3158 if (directionIn && actualLength > 0) { 3159 TRACE("copying in iov count %ld\n", transfer->VectorCount()); 3160 status_t status = transfer->PrepareKernelAccess(); 3161 if (status == B_OK) { 3162 ReadDescriptor(td, transfer->Vector(), 3163 transfer->VectorCount(), transfer->IsPhysical()); 3164 } else { 3165 callbackStatus = status; 3166 } 3167 } 3168 3169 FreeDescriptor(td); 3170 3171 // this transfer may still have data left 3172 bool finished = true; 3173 transfer->AdvanceByFragment(actualLength); 3174 if (completionCode == COMP_SUCCESS 3175 && transfer->FragmentLength() > 0) { 3176 TRACE("still %" B_PRIuSIZE " bytes left on transfer\n", 3177 transfer->FragmentLength()); 3178 callbackStatus = SubmitTransfer(transfer); 3179 finished = (callbackStatus != B_OK); 3180 } 3181 if (finished) { 3182 // The actualLength was already handled in AdvanceByFragment. 3183 transfer->Finished(callbackStatus, 0); 3184 delete transfer; 3185 } 3186 3187 mutex_lock(&fFinishedLock); 3188 } 3189 mutex_unlock(&fFinishedLock); 3190 } 3191} 3192 3193 3194inline void 3195XHCI::WriteOpReg(uint32 reg, uint32 value) 3196{ 3197 *(volatile uint32 *)(fRegisters + fOperationalRegisterOffset + reg) = value; 3198} 3199 3200 3201inline uint32 3202XHCI::ReadOpReg(uint32 reg) 3203{ 3204 return *(volatile uint32 *)(fRegisters + fOperationalRegisterOffset + reg); 3205} 3206 3207 3208inline status_t 3209XHCI::WaitOpBits(uint32 reg, uint32 mask, uint32 expected) 3210{ 3211 int loops = 0; 3212 uint32 value = ReadOpReg(reg); 3213 while ((value & mask) != expected) { 3214 snooze(1000); 3215 value = ReadOpReg(reg); 3216 if (loops == 100) { 3217 TRACE("delay waiting on reg 0x%" B_PRIX32 " match 0x%" B_PRIX32 3218 " (0x%" B_PRIX32 ")\n", reg, expected, mask); 3219 } else if (loops > 250) { 3220 TRACE_ERROR("timeout waiting on reg 0x%" B_PRIX32 3221 " match 0x%" B_PRIX32 " (0x%" B_PRIX32 ")\n", reg, expected, 3222 mask); 3223 return B_ERROR; 3224 } 3225 loops++; 3226 } 3227 return B_OK; 3228} 3229 3230 3231inline uint32 3232XHCI::ReadCapReg32(uint32 reg) 3233{ 3234 return *(volatile uint32 *)(fRegisters + fCapabilityRegisterOffset + reg); 3235} 3236 3237 3238inline void 3239XHCI::WriteCapReg32(uint32 reg, uint32 value) 3240{ 3241 *(volatile uint32 *)(fRegisters + fCapabilityRegisterOffset + reg) = value; 3242} 3243 3244 3245inline uint32 3246XHCI::ReadRunReg32(uint32 reg) 3247{ 3248 return *(volatile uint32 *)(fRegisters + fRuntimeRegisterOffset + reg); 3249} 3250 3251 3252inline void 3253XHCI::WriteRunReg32(uint32 reg, uint32 value) 3254{ 3255 *(volatile uint32 *)(fRegisters + fRuntimeRegisterOffset + reg) = value; 3256} 3257 3258 3259inline uint32 3260XHCI::ReadDoorReg32(uint32 reg) 3261{ 3262 return *(volatile uint32 *)(fRegisters + fDoorbellRegisterOffset + reg); 3263} 3264 3265 3266inline void 3267XHCI::WriteDoorReg32(uint32 reg, uint32 value) 3268{ 3269 *(volatile uint32 *)(fRegisters + fDoorbellRegisterOffset + reg) = value; 3270} 3271 3272 3273inline addr_t 3274XHCI::_OffsetContextAddr(addr_t p) 3275{ 3276 if (fContextSizeShift == 1) { 3277 // each structure is page aligned, each pointer is 32 bits aligned 3278 uint32 offset = p & ((B_PAGE_SIZE - 1) & ~31U); 3279 p += offset; 3280 } 3281 return p; 3282} 3283 3284inline uint32 3285XHCI::_ReadContext(uint32* p) 3286{ 3287 p = (uint32*)_OffsetContextAddr((addr_t)p); 3288 return *p; 3289} 3290 3291 3292inline void 3293XHCI::_WriteContext(uint32* p, uint32 value) 3294{ 3295 p = (uint32*)_OffsetContextAddr((addr_t)p); 3296 *p = value; 3297} 3298 3299 3300inline uint64 3301XHCI::_ReadContext(uint64* p) 3302{ 3303 p = (uint64*)_OffsetContextAddr((addr_t)p); 3304 return *p; 3305} 3306 3307 3308inline void 3309XHCI::_WriteContext(uint64* p, uint64 value) 3310{ 3311 p = (uint64*)_OffsetContextAddr((addr_t)p); 3312 *p = value; 3313} 3314