1/* $NetBSD: usbdi.c,v 1.253 2024/04/05 18:57:10 riastradh Exp $ */ 2 3/* 4 * Copyright (c) 1998, 2012, 2015 The NetBSD Foundation, Inc. 5 * All rights reserved. 6 * 7 * This code is derived from software contributed to The NetBSD Foundation 8 * by Lennart Augustsson (lennart@augustsson.net) at 9 * Carlstedt Research & Technology, Matthew R. Green (mrg@eterna23.net), 10 * and Nick Hudson. 11 * 12 * Redistribution and use in source and binary forms, with or without 13 * modification, are permitted provided that the following conditions 14 * are met: 15 * 1. Redistributions of source code must retain the above copyright 16 * notice, this list of conditions and the following disclaimer. 17 * 2. Redistributions in binary form must reproduce the above copyright 18 * notice, this list of conditions and the following disclaimer in the 19 * documentation and/or other materials provided with the distribution. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 22 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 23 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 24 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 25 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 26 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 27 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 28 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 29 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 30 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 31 * POSSIBILITY OF SUCH DAMAGE. 32 */ 33 34#include <sys/cdefs.h> 35__KERNEL_RCSID(0, "$NetBSD: usbdi.c,v 1.253 2024/04/05 18:57:10 riastradh Exp $"); 36 37#ifdef _KERNEL_OPT 38#include "opt_usb.h" 39#include "opt_compat_netbsd.h" 40#include "usb_dma.h" 41#endif 42 43#include <sys/param.h> 44#include <sys/systm.h> 45#include <sys/kernel.h> 46#include <sys/device.h> 47#include <sys/kmem.h> 48#include <sys/proc.h> 49#include <sys/bus.h> 50#include <sys/cpu.h> 51 52#include <dev/usb/usb.h> 53#include <dev/usb/usbdi.h> 54#include <dev/usb/usbdi_util.h> 55#include <dev/usb/usbdivar.h> 56#include <dev/usb/usb_mem.h> 57#include <dev/usb/usb_quirks.h> 58#include <dev/usb/usb_sdt.h> 59#include <dev/usb/usbhist.h> 60 61/* UTF-8 encoding stuff */ 62#include <fs/unicode.h> 63 64SDT_PROBE_DEFINE5(usb, device, pipe, open, 65 "struct usbd_interface *"/*iface*/, 66 "uint8_t"/*address*/, 67 "uint8_t"/*flags*/, 68 "int"/*ival*/, 69 "struct usbd_pipe *"/*pipe*/); 70 71SDT_PROBE_DEFINE7(usb, device, pipe, open__intr, 72 "struct usbd_interface *"/*iface*/, 73 "uint8_t"/*address*/, 74 "uint8_t"/*flags*/, 75 "int"/*ival*/, 76 "usbd_callback"/*cb*/, 77 "void *"/*cookie*/, 78 "struct usbd_pipe *"/*pipe*/); 79 80SDT_PROBE_DEFINE2(usb, device, pipe, transfer__start, 81 "struct usbd_pipe *"/*pipe*/, 82 "struct usbd_xfer *"/*xfer*/); 83SDT_PROBE_DEFINE3(usb, device, pipe, transfer__done, 84 "struct usbd_pipe *"/*pipe*/, 85 "struct usbd_xfer *"/*xfer*/, 86 "usbd_status"/*err*/); 87SDT_PROBE_DEFINE2(usb, device, pipe, start, 88 "struct usbd_pipe *"/*pipe*/, 89 "struct usbd_xfer *"/*xfer*/); 90 91SDT_PROBE_DEFINE1(usb, device, pipe, close, "struct usbd_pipe *"/*pipe*/); 92SDT_PROBE_DEFINE1(usb, device, pipe, abort__start, 93 "struct usbd_pipe *"/*pipe*/); 94SDT_PROBE_DEFINE1(usb, device, pipe, abort__done, 95 "struct usbd_pipe *"/*pipe*/); 96SDT_PROBE_DEFINE1(usb, device, pipe, clear__endpoint__stall, 97 "struct usbd_pipe *"/*pipe*/); 98SDT_PROBE_DEFINE1(usb, device, pipe, clear__endpoint__toggle, 99 "struct usbd_pipe *"/*pipe*/); 100 101SDT_PROBE_DEFINE5(usb, device, xfer, create, 102 "struct usbd_xfer *"/*xfer*/, 103 "struct usbd_pipe *"/*pipe*/, 104 "size_t"/*len*/, 105 "unsigned int"/*flags*/, 106 "unsigned int"/*nframes*/); 107SDT_PROBE_DEFINE1(usb, device, xfer, start, "struct usbd_xfer *"/*xfer*/); 108SDT_PROBE_DEFINE1(usb, device, xfer, preabort, "struct usbd_xfer *"/*xfer*/); 109SDT_PROBE_DEFINE1(usb, device, xfer, abort, "struct usbd_xfer *"/*xfer*/); 110SDT_PROBE_DEFINE1(usb, device, xfer, timeout, "struct usbd_xfer *"/*xfer*/); 111SDT_PROBE_DEFINE2(usb, device, xfer, done, 112 "struct usbd_xfer *"/*xfer*/, 113 "usbd_status"/*status*/); 114SDT_PROBE_DEFINE1(usb, device, xfer, destroy, "struct usbd_xfer *"/*xfer*/); 115 116SDT_PROBE_DEFINE5(usb, device, request, start, 117 "struct usbd_device *"/*dev*/, 118 "usb_device_request_t *"/*req*/, 119 "size_t"/*len*/, 120 "int"/*flags*/, 121 "uint32_t"/*timeout*/); 122 123SDT_PROBE_DEFINE7(usb, device, request, done, 124 "struct usbd_device *"/*dev*/, 125 "usb_device_request_t *"/*req*/, 126 "size_t"/*actlen*/, 127 "int"/*flags*/, 128 "uint32_t"/*timeout*/, 129 "void *"/*data*/, 130 "usbd_status"/*status*/); 131 132Static void usbd_ar_pipe(struct usbd_pipe *); 133Static void usbd_start_next(struct usbd_pipe *); 134Static usbd_status usbd_open_pipe_ival 135 (struct usbd_interface *, uint8_t, uint8_t, struct usbd_pipe **, int); 136static void *usbd_alloc_buffer(struct usbd_xfer *, uint32_t); 137static void usbd_free_buffer(struct usbd_xfer *); 138static struct usbd_xfer *usbd_alloc_xfer(struct usbd_device *, unsigned int); 139static void usbd_free_xfer(struct usbd_xfer *); 140static void usbd_xfer_timeout(void *); 141static void usbd_xfer_timeout_task(void *); 142static bool usbd_xfer_probe_timeout(struct usbd_xfer *); 143static void usbd_xfer_cancel_timeout_async(struct usbd_xfer *); 144 145#if defined(USB_DEBUG) 146void 147usbd_dump_iface(struct usbd_interface *iface) 148{ 149 USBHIST_FUNC(); 150 USBHIST_CALLARGS(usbdebug, "iface %#jx", (uintptr_t)iface, 0, 0, 0); 151 152 if (iface == NULL) 153 return; 154 USBHIST_LOG(usbdebug, " device = %#jx idesc = %#jx index = %jd", 155 (uintptr_t)iface->ui_dev, (uintptr_t)iface->ui_idesc, 156 iface->ui_index, 0); 157 USBHIST_LOG(usbdebug, " altindex=%jd", 158 iface->ui_altindex, 0, 0, 0); 159} 160 161void 162usbd_dump_device(struct usbd_device *dev) 163{ 164 USBHIST_FUNC(); 165 USBHIST_CALLARGS(usbdebug, "dev = %#jx", (uintptr_t)dev, 0, 0, 0); 166 167 if (dev == NULL) 168 return; 169 USBHIST_LOG(usbdebug, " bus = %#jx default_pipe = %#jx", 170 (uintptr_t)dev->ud_bus, (uintptr_t)dev->ud_pipe0, 0, 0); 171 USBHIST_LOG(usbdebug, " address = %jd config = %jd depth = %jd ", 172 dev->ud_addr, dev->ud_config, dev->ud_depth, 0); 173 USBHIST_LOG(usbdebug, " speed = %jd self_powered = %jd " 174 "power = %jd langid = %jd", 175 dev->ud_speed, dev->ud_selfpowered, dev->ud_power, dev->ud_langid); 176} 177 178void 179usbd_dump_endpoint(struct usbd_endpoint *endp) 180{ 181 USBHIST_FUNC(); 182 USBHIST_CALLARGS(usbdebug, "endp = %#jx", (uintptr_t)endp, 0, 0, 0); 183 184 if (endp == NULL) 185 return; 186 USBHIST_LOG(usbdebug, " edesc = %#jx refcnt = %jd", 187 (uintptr_t)endp->ue_edesc, endp->ue_refcnt, 0, 0); 188 if (endp->ue_edesc) 189 USBHIST_LOG(usbdebug, " bEndpointAddress=0x%02jx", 190 endp->ue_edesc->bEndpointAddress, 0, 0, 0); 191} 192 193void 194usbd_dump_queue(struct usbd_pipe *pipe) 195{ 196 struct usbd_xfer *xfer; 197 198 USBHIST_FUNC(); 199 USBHIST_CALLARGS(usbdebug, "pipe = %#jx", (uintptr_t)pipe, 0, 0, 0); 200 201 SIMPLEQ_FOREACH(xfer, &pipe->up_queue, ux_next) { 202 USBHIST_LOG(usbdebug, " xfer = %#jx", (uintptr_t)xfer, 203 0, 0, 0); 204 } 205} 206 207void 208usbd_dump_pipe(struct usbd_pipe *pipe) 209{ 210 USBHIST_FUNC(); 211 USBHIST_CALLARGS(usbdebug, "pipe = %#jx", (uintptr_t)pipe, 0, 0, 0); 212 213 if (pipe == NULL) 214 return; 215 usbd_dump_iface(pipe->up_iface); 216 usbd_dump_device(pipe->up_dev); 217 usbd_dump_endpoint(pipe->up_endpoint); 218 USBHIST_LOG(usbdebug, "(usbd_dump_pipe)", 0, 0, 0, 0); 219 USBHIST_LOG(usbdebug, " running = %jd aborting = %jd", 220 pipe->up_running, pipe->up_aborting, 0, 0); 221 USBHIST_LOG(usbdebug, " intrxfer = %#jx, repeat = %jd, " 222 "interval = %jd", (uintptr_t)pipe->up_intrxfer, pipe->up_repeat, 223 pipe->up_interval, 0); 224} 225#endif 226 227usbd_status 228usbd_open_pipe(struct usbd_interface *iface, uint8_t address, 229 uint8_t flags, struct usbd_pipe **pipe) 230{ 231 return (usbd_open_pipe_ival(iface, address, flags, pipe, 232 USBD_DEFAULT_INTERVAL)); 233} 234 235usbd_status 236usbd_open_pipe_ival(struct usbd_interface *iface, uint8_t address, 237 uint8_t flags, struct usbd_pipe **pipe, int ival) 238{ 239 struct usbd_pipe *p = NULL; 240 struct usbd_endpoint *ep = NULL /* XXXGCC */; 241 bool piperef = false; 242 usbd_status err; 243 int i; 244 245 USBHIST_FUNC(); 246 USBHIST_CALLARGS(usbdebug, "iface = %#jx address = %#jx flags = %#jx", 247 (uintptr_t)iface, address, flags, 0); 248 249 /* 250 * Block usbd_set_interface so we have a snapshot of the 251 * interface endpoints. They will remain stable until we drop 252 * the reference in usbd_close_pipe (or on failure here). 253 */ 254 err = usbd_iface_piperef(iface); 255 if (err) 256 goto out; 257 piperef = true; 258 259 /* Find the endpoint at this address. */ 260 for (i = 0; i < iface->ui_idesc->bNumEndpoints; i++) { 261 ep = &iface->ui_endpoints[i]; 262 if (ep->ue_edesc == NULL) { 263 err = USBD_IOERROR; 264 goto out; 265 } 266 if (ep->ue_edesc->bEndpointAddress == address) 267 break; 268 } 269 if (i == iface->ui_idesc->bNumEndpoints) { 270 err = USBD_BAD_ADDRESS; 271 goto out; 272 } 273 274 /* Set up the pipe with this endpoint. */ 275 err = usbd_setup_pipe_flags(iface->ui_dev, iface, ep, ival, &p, flags); 276 if (err) 277 goto out; 278 279 /* Success! */ 280 *pipe = p; 281 p = NULL; /* handed off to caller */ 282 piperef = false; /* handed off to pipe */ 283 SDT_PROBE5(usb, device, pipe, open, 284 iface, address, flags, ival, p); 285 err = USBD_NORMAL_COMPLETION; 286 287out: if (p) 288 usbd_close_pipe(p); 289 if (piperef) 290 usbd_iface_pipeunref(iface); 291 return err; 292} 293 294usbd_status 295usbd_open_pipe_intr(struct usbd_interface *iface, uint8_t address, 296 uint8_t flags, struct usbd_pipe **pipe, 297 void *priv, void *buffer, uint32_t len, 298 usbd_callback cb, int ival) 299{ 300 usbd_status err; 301 struct usbd_xfer *xfer; 302 struct usbd_pipe *ipipe; 303 304 USBHIST_FUNC(); 305 USBHIST_CALLARGS(usbdebug, "address = %#jx flags = %#jx len = %jd", 306 address, flags, len, 0); 307 308 err = usbd_open_pipe_ival(iface, address, 309 USBD_EXCLUSIVE_USE | (flags & USBD_MPSAFE), 310 &ipipe, ival); 311 if (err) 312 return err; 313 err = usbd_create_xfer(ipipe, len, flags, 0, &xfer); 314 if (err) 315 goto bad1; 316 317 usbd_setup_xfer(xfer, priv, buffer, len, flags, USBD_NO_TIMEOUT, cb); 318 ipipe->up_intrxfer = xfer; 319 ipipe->up_repeat = 1; 320 err = usbd_transfer(xfer); 321 *pipe = ipipe; 322 if (err != USBD_IN_PROGRESS) 323 goto bad3; 324 SDT_PROBE7(usb, device, pipe, open__intr, 325 iface, address, flags, ival, cb, priv, ipipe); 326 return USBD_NORMAL_COMPLETION; 327 328 bad3: 329 ipipe->up_intrxfer = NULL; 330 ipipe->up_repeat = 0; 331 332 usbd_destroy_xfer(xfer); 333 bad1: 334 usbd_close_pipe(ipipe); 335 return err; 336} 337 338void 339usbd_close_pipe(struct usbd_pipe *pipe) 340{ 341 USBHIST_FUNC(); USBHIST_CALLED(usbdebug); 342 343 KASSERT(pipe != NULL); 344 345 usbd_lock_pipe(pipe); 346 SDT_PROBE1(usb, device, pipe, close, pipe); 347 if (!SIMPLEQ_EMPTY(&pipe->up_queue)) { 348 printf("WARNING: pipe closed with active xfers on addr %d\n", 349 pipe->up_dev->ud_addr); 350 usbd_ar_pipe(pipe); 351 } 352 KASSERT(SIMPLEQ_EMPTY(&pipe->up_queue)); 353 pipe->up_methods->upm_close(pipe); 354 usbd_unlock_pipe(pipe); 355 356 cv_destroy(&pipe->up_callingcv); 357 if (pipe->up_intrxfer) 358 usbd_destroy_xfer(pipe->up_intrxfer); 359 usb_rem_task_wait(pipe->up_dev, &pipe->up_async_task, USB_TASKQ_DRIVER, 360 NULL); 361 usbd_endpoint_release(pipe->up_dev, pipe->up_endpoint); 362 if (pipe->up_iface) 363 usbd_iface_pipeunref(pipe->up_iface); 364 kmem_free(pipe, pipe->up_dev->ud_bus->ub_pipesize); 365} 366 367usbd_status 368usbd_transfer(struct usbd_xfer *xfer) 369{ 370 struct usbd_pipe *pipe = xfer->ux_pipe; 371 usbd_status err; 372 unsigned int size, flags; 373 374 USBHIST_FUNC(); USBHIST_CALLARGS(usbdebug, 375 "xfer = %#jx, flags = %#jx, pipe = %#jx, running = %jd", 376 (uintptr_t)xfer, xfer->ux_flags, (uintptr_t)pipe, pipe->up_running); 377 KASSERT(xfer->ux_status == USBD_NOT_STARTED); 378 SDT_PROBE1(usb, device, xfer, start, xfer); 379 380#ifdef USB_DEBUG 381 if (usbdebug > 5) 382 usbd_dump_queue(pipe); 383#endif 384 xfer->ux_done = 0; 385 386 KASSERT(xfer->ux_length == 0 || xfer->ux_buf != NULL); 387 388 size = xfer->ux_length; 389 flags = xfer->ux_flags; 390 391 if (size != 0) { 392 /* 393 * Use the xfer buffer if none specified in transfer setup. 394 * isoc transfers always use the xfer buffer, i.e. 395 * ux_buffer is always NULL for isoc. 396 */ 397 if (xfer->ux_buffer == NULL) { 398 xfer->ux_buffer = xfer->ux_buf; 399 } 400 401 /* 402 * If not using the xfer buffer copy data to the 403 * xfer buffer for OUT transfers of >0 length 404 */ 405 if (xfer->ux_buffer != xfer->ux_buf) { 406 KASSERT(xfer->ux_buf); 407 if (!usbd_xfer_isread(xfer)) { 408 memcpy(xfer->ux_buf, xfer->ux_buffer, size); 409 } 410 } 411 } 412 413 if (pipe->up_dev->ud_bus->ub_usepolling == 0) 414 usbd_lock_pipe(pipe); 415 if (pipe->up_aborting) { 416 /* 417 * XXX For synchronous transfers this is fine. What to 418 * do for asynchronous transfers? The callback is 419 * never run, not even with status USBD_CANCELLED. 420 */ 421 KASSERT(pipe->up_dev->ud_bus->ub_usepolling == 0); 422 usbd_unlock_pipe(pipe); 423 USBHIST_LOG(usbdebug, "<- done xfer %#jx, aborting", 424 (uintptr_t)xfer, 0, 0, 0); 425 SDT_PROBE2(usb, device, xfer, done, xfer, USBD_CANCELLED); 426 return USBD_CANCELLED; 427 } 428 429 /* xfer is not valid after the transfer method unless synchronous */ 430 SDT_PROBE2(usb, device, pipe, transfer__start, pipe, xfer); 431 do { 432#ifdef DIAGNOSTIC 433 xfer->ux_state = XFER_ONQU; 434#endif 435 SIMPLEQ_INSERT_TAIL(&pipe->up_queue, xfer, ux_next); 436 if (pipe->up_running && pipe->up_serialise) { 437 err = USBD_IN_PROGRESS; 438 } else { 439 pipe->up_running = 1; 440 err = USBD_NORMAL_COMPLETION; 441 } 442 if (err) 443 break; 444 err = pipe->up_methods->upm_transfer(xfer); 445 } while (0); 446 SDT_PROBE3(usb, device, pipe, transfer__done, pipe, xfer, err); 447 448 if (pipe->up_dev->ud_bus->ub_usepolling == 0) 449 usbd_unlock_pipe(pipe); 450 451 if (err != USBD_IN_PROGRESS && err) { 452 /* 453 * The transfer made it onto the pipe queue, but didn't get 454 * accepted by the HCD for some reason. It needs removing 455 * from the pipe queue. 456 */ 457 USBHIST_LOG(usbdebug, "xfer failed: %jd, reinserting", 458 err, 0, 0, 0); 459 if (pipe->up_dev->ud_bus->ub_usepolling == 0) 460 usbd_lock_pipe(pipe); 461 SDT_PROBE1(usb, device, xfer, preabort, xfer); 462#ifdef DIAGNOSTIC 463 xfer->ux_state = XFER_BUSY; 464#endif 465 SIMPLEQ_REMOVE_HEAD(&pipe->up_queue, ux_next); 466 if (pipe->up_serialise) 467 usbd_start_next(pipe); 468 if (pipe->up_dev->ud_bus->ub_usepolling == 0) 469 usbd_unlock_pipe(pipe); 470 } 471 472 if (!(flags & USBD_SYNCHRONOUS)) { 473 USBHIST_LOG(usbdebug, "<- done xfer %#jx, not sync (err %jd)", 474 (uintptr_t)xfer, err, 0, 0); 475 KASSERTMSG(err != USBD_NORMAL_COMPLETION, 476 "asynchronous xfer %p completed synchronously", xfer); 477 return err; 478 } 479 480 if (err != USBD_IN_PROGRESS) { 481 USBHIST_LOG(usbdebug, "<- done xfer %#jx, sync (err %jd)", 482 (uintptr_t)xfer, err, 0, 0); 483 SDT_PROBE2(usb, device, xfer, done, xfer, err); 484 return err; 485 } 486 487 /* Sync transfer, wait for completion. */ 488 if (pipe->up_dev->ud_bus->ub_usepolling == 0) 489 usbd_lock_pipe(pipe); 490 while (!xfer->ux_done) { 491 if (pipe->up_dev->ud_bus->ub_usepolling) 492 panic("usbd_transfer: not done"); 493 USBHIST_LOG(usbdebug, "<- sleeping on xfer %#jx", 494 (uintptr_t)xfer, 0, 0, 0); 495 496 err = 0; 497 if ((flags & USBD_SYNCHRONOUS_SIG) != 0) { 498 err = cv_wait_sig(&xfer->ux_cv, pipe->up_dev->ud_bus->ub_lock); 499 } else { 500 cv_wait(&xfer->ux_cv, pipe->up_dev->ud_bus->ub_lock); 501 } 502 if (err) { 503 if (!xfer->ux_done) { 504 SDT_PROBE1(usb, device, xfer, abort, xfer); 505 pipe->up_methods->upm_abort(xfer); 506 } 507 break; 508 } 509 } 510 err = xfer->ux_status; 511 SDT_PROBE2(usb, device, xfer, done, xfer, err); 512 if (pipe->up_dev->ud_bus->ub_usepolling == 0) 513 usbd_unlock_pipe(pipe); 514 return err; 515} 516 517/* Like usbd_transfer(), but waits for completion. */ 518usbd_status 519usbd_sync_transfer(struct usbd_xfer *xfer) 520{ 521 xfer->ux_flags |= USBD_SYNCHRONOUS; 522 return usbd_transfer(xfer); 523} 524 525/* Like usbd_transfer(), but waits for completion and listens for signals. */ 526usbd_status 527usbd_sync_transfer_sig(struct usbd_xfer *xfer) 528{ 529 xfer->ux_flags |= USBD_SYNCHRONOUS | USBD_SYNCHRONOUS_SIG; 530 return usbd_transfer(xfer); 531} 532 533static void * 534usbd_alloc_buffer(struct usbd_xfer *xfer, uint32_t size) 535{ 536 KASSERT(xfer->ux_buf == NULL); 537 KASSERT(size != 0); 538 539 xfer->ux_bufsize = 0; 540#if NUSB_DMA > 0 541 struct usbd_bus *bus = xfer->ux_bus; 542 543 if (bus->ub_usedma) { 544 usb_dma_t *dmap = &xfer->ux_dmabuf; 545 546 KASSERT((bus->ub_dmaflags & USBMALLOC_COHERENT) == 0); 547 int err = usb_allocmem(bus->ub_dmatag, size, 0, bus->ub_dmaflags, dmap); 548 if (err) { 549 return NULL; 550 } 551 xfer->ux_buf = KERNADDR(&xfer->ux_dmabuf, 0); 552 xfer->ux_bufsize = size; 553 554 return xfer->ux_buf; 555 } 556#endif 557 KASSERT(xfer->ux_bus->ub_usedma == false); 558 xfer->ux_buf = kmem_alloc(size, KM_SLEEP); 559 xfer->ux_bufsize = size; 560 return xfer->ux_buf; 561} 562 563static void 564usbd_free_buffer(struct usbd_xfer *xfer) 565{ 566 KASSERT(xfer->ux_buf != NULL); 567 KASSERT(xfer->ux_bufsize != 0); 568 569 void *buf = xfer->ux_buf; 570 uint32_t size = xfer->ux_bufsize; 571 572 xfer->ux_buf = NULL; 573 xfer->ux_bufsize = 0; 574 575#if NUSB_DMA > 0 576 struct usbd_bus *bus = xfer->ux_bus; 577 578 if (bus->ub_usedma) { 579 usb_dma_t *dmap = &xfer->ux_dmabuf; 580 581 usb_freemem(dmap); 582 return; 583 } 584#endif 585 KASSERT(xfer->ux_bus->ub_usedma == false); 586 587 kmem_free(buf, size); 588} 589 590void * 591usbd_get_buffer(struct usbd_xfer *xfer) 592{ 593 return xfer->ux_buf; 594} 595 596struct usbd_pipe * 597usbd_get_pipe0(struct usbd_device *dev) 598{ 599 600 return dev->ud_pipe0; 601} 602 603static struct usbd_xfer * 604usbd_alloc_xfer(struct usbd_device *dev, unsigned int nframes) 605{ 606 struct usbd_xfer *xfer; 607 608 USBHIST_FUNC(); 609 610 ASSERT_SLEEPABLE(); 611 612 xfer = dev->ud_bus->ub_methods->ubm_allocx(dev->ud_bus, nframes); 613 if (xfer == NULL) 614 goto out; 615 xfer->ux_bus = dev->ud_bus; 616 callout_init(&xfer->ux_callout, CALLOUT_MPSAFE); 617 callout_setfunc(&xfer->ux_callout, usbd_xfer_timeout, xfer); 618 cv_init(&xfer->ux_cv, "usbxfer"); 619 usb_init_task(&xfer->ux_aborttask, usbd_xfer_timeout_task, xfer, 620 USB_TASKQ_MPSAFE); 621 622out: 623 USBHIST_CALLARGS(usbdebug, "returns %#jx", (uintptr_t)xfer, 0, 0, 0); 624 625 return xfer; 626} 627 628static void 629usbd_free_xfer(struct usbd_xfer *xfer) 630{ 631 USBHIST_FUNC(); 632 USBHIST_CALLARGS(usbdebug, "%#jx", (uintptr_t)xfer, 0, 0, 0); 633 634 if (xfer->ux_buf) { 635 usbd_free_buffer(xfer); 636 } 637 638 /* Wait for any straggling timeout to complete. */ 639 mutex_enter(xfer->ux_bus->ub_lock); 640 xfer->ux_timeout_reset = false; /* do not resuscitate */ 641 callout_halt(&xfer->ux_callout, xfer->ux_bus->ub_lock); 642 usb_rem_task_wait(xfer->ux_pipe->up_dev, &xfer->ux_aborttask, 643 USB_TASKQ_HC, xfer->ux_bus->ub_lock); 644 mutex_exit(xfer->ux_bus->ub_lock); 645 646 cv_destroy(&xfer->ux_cv); 647 xfer->ux_bus->ub_methods->ubm_freex(xfer->ux_bus, xfer); 648} 649 650int 651usbd_create_xfer(struct usbd_pipe *pipe, size_t len, unsigned int flags, 652 unsigned int nframes, struct usbd_xfer **xp) 653{ 654 KASSERT(xp != NULL); 655 void *buf = NULL; 656 657 struct usbd_xfer *xfer = usbd_alloc_xfer(pipe->up_dev, nframes); 658 if (xfer == NULL) 659 return ENOMEM; 660 661 xfer->ux_pipe = pipe; 662 xfer->ux_flags = flags; 663 xfer->ux_nframes = nframes; 664 xfer->ux_methods = pipe->up_methods; 665 666 if (len) { 667 buf = usbd_alloc_buffer(xfer, len); 668 if (!buf) { 669 usbd_free_xfer(xfer); 670 return ENOMEM; 671 } 672 } 673 674 if (xfer->ux_methods->upm_init) { 675 int err = xfer->ux_methods->upm_init(xfer); 676 if (err) { 677 usbd_free_xfer(xfer); 678 return err; 679 } 680 } 681 682 *xp = xfer; 683 SDT_PROBE5(usb, device, xfer, create, 684 xfer, pipe, len, flags, nframes); 685 return 0; 686} 687 688void 689usbd_destroy_xfer(struct usbd_xfer *xfer) 690{ 691 692 SDT_PROBE1(usb, device, xfer, destroy, xfer); 693 if (xfer->ux_methods->upm_fini) 694 xfer->ux_methods->upm_fini(xfer); 695 696 usbd_free_xfer(xfer); 697} 698 699void 700usbd_setup_xfer(struct usbd_xfer *xfer, void *priv, void *buffer, 701 uint32_t length, uint16_t flags, uint32_t timeout, usbd_callback callback) 702{ 703 KASSERT(xfer->ux_pipe); 704 705 xfer->ux_priv = priv; 706 xfer->ux_buffer = buffer; 707 xfer->ux_length = length; 708 xfer->ux_actlen = 0; 709 xfer->ux_flags = flags; 710 xfer->ux_timeout = timeout; 711 xfer->ux_status = USBD_NOT_STARTED; 712 xfer->ux_callback = callback; 713 xfer->ux_rqflags &= ~URQ_REQUEST; 714 xfer->ux_nframes = 0; 715} 716 717void 718usbd_setup_default_xfer(struct usbd_xfer *xfer, struct usbd_device *dev, 719 void *priv, uint32_t timeout, usb_device_request_t *req, void *buffer, 720 uint32_t length, uint16_t flags, usbd_callback callback) 721{ 722 KASSERT(xfer->ux_pipe == dev->ud_pipe0); 723 724 xfer->ux_priv = priv; 725 xfer->ux_buffer = buffer; 726 xfer->ux_length = length; 727 xfer->ux_actlen = 0; 728 xfer->ux_flags = flags; 729 xfer->ux_timeout = timeout; 730 xfer->ux_status = USBD_NOT_STARTED; 731 xfer->ux_callback = callback; 732 xfer->ux_request = *req; 733 xfer->ux_rqflags |= URQ_REQUEST; 734 xfer->ux_nframes = 0; 735} 736 737void 738usbd_setup_isoc_xfer(struct usbd_xfer *xfer, void *priv, uint16_t *frlengths, 739 uint32_t nframes, uint16_t flags, usbd_callback callback) 740{ 741 xfer->ux_priv = priv; 742 xfer->ux_buffer = NULL; 743 xfer->ux_length = 0; 744 xfer->ux_actlen = 0; 745 xfer->ux_flags = flags; 746 xfer->ux_timeout = USBD_NO_TIMEOUT; 747 xfer->ux_status = USBD_NOT_STARTED; 748 xfer->ux_callback = callback; 749 xfer->ux_rqflags &= ~URQ_REQUEST; 750 xfer->ux_frlengths = frlengths; 751 xfer->ux_nframes = nframes; 752 753 for (size_t i = 0; i < xfer->ux_nframes; i++) 754 xfer->ux_length += xfer->ux_frlengths[i]; 755} 756 757void 758usbd_get_xfer_status(struct usbd_xfer *xfer, void **priv, 759 void **buffer, uint32_t *count, usbd_status *status) 760{ 761 if (priv != NULL) 762 *priv = xfer->ux_priv; 763 if (buffer != NULL) 764 *buffer = xfer->ux_buffer; 765 if (count != NULL) 766 *count = xfer->ux_actlen; 767 if (status != NULL) 768 *status = xfer->ux_status; 769} 770 771usb_config_descriptor_t * 772usbd_get_config_descriptor(struct usbd_device *dev) 773{ 774 KASSERT(dev != NULL); 775 776 return dev->ud_cdesc; 777} 778 779usb_interface_descriptor_t * 780usbd_get_interface_descriptor(struct usbd_interface *iface) 781{ 782 KASSERT(iface != NULL); 783 784 return iface->ui_idesc; 785} 786 787usb_device_descriptor_t * 788usbd_get_device_descriptor(struct usbd_device *dev) 789{ 790 KASSERT(dev != NULL); 791 792 return &dev->ud_ddesc; 793} 794 795usb_endpoint_descriptor_t * 796usbd_interface2endpoint_descriptor(struct usbd_interface *iface, uint8_t index) 797{ 798 799 if (index >= iface->ui_idesc->bNumEndpoints) 800 return NULL; 801 return iface->ui_endpoints[index].ue_edesc; 802} 803 804/* Some drivers may wish to abort requests on the default pipe, * 805 * but there is no mechanism for getting a handle on it. */ 806void 807usbd_abort_default_pipe(struct usbd_device *device) 808{ 809 usbd_abort_pipe(device->ud_pipe0); 810} 811 812void 813usbd_abort_pipe(struct usbd_pipe *pipe) 814{ 815 816 usbd_suspend_pipe(pipe); 817 usbd_resume_pipe(pipe); 818} 819 820void 821usbd_suspend_pipe(struct usbd_pipe *pipe) 822{ 823 824 usbd_lock_pipe(pipe); 825 usbd_ar_pipe(pipe); 826 usbd_unlock_pipe(pipe); 827} 828 829void 830usbd_resume_pipe(struct usbd_pipe *pipe) 831{ 832 833 usbd_lock_pipe(pipe); 834 KASSERT(SIMPLEQ_EMPTY(&pipe->up_queue)); 835 pipe->up_aborting = 0; 836 usbd_unlock_pipe(pipe); 837} 838 839usbd_status 840usbd_clear_endpoint_stall(struct usbd_pipe *pipe) 841{ 842 struct usbd_device *dev = pipe->up_dev; 843 usbd_status err; 844 845 USBHIST_FUNC(); USBHIST_CALLED(usbdebug); 846 SDT_PROBE1(usb, device, pipe, clear__endpoint__stall, pipe); 847 848 /* 849 * Clearing en endpoint stall resets the endpoint toggle, so 850 * do the same to the HC toggle. 851 */ 852 SDT_PROBE1(usb, device, pipe, clear__endpoint__toggle, pipe); 853 pipe->up_methods->upm_cleartoggle(pipe); 854 855 err = usbd_clear_endpoint_feature(dev, 856 pipe->up_endpoint->ue_edesc->bEndpointAddress, UF_ENDPOINT_HALT); 857#if 0 858XXX should we do this? 859 if (!err) { 860 pipe->state = USBD_PIPE_ACTIVE; 861 /* XXX activate pipe */ 862 } 863#endif 864 return err; 865} 866 867void 868usbd_clear_endpoint_stall_task(void *arg) 869{ 870 struct usbd_pipe *pipe = arg; 871 struct usbd_device *dev = pipe->up_dev; 872 873 SDT_PROBE1(usb, device, pipe, clear__endpoint__stall, pipe); 874 SDT_PROBE1(usb, device, pipe, clear__endpoint__toggle, pipe); 875 pipe->up_methods->upm_cleartoggle(pipe); 876 877 (void)usbd_clear_endpoint_feature(dev, 878 pipe->up_endpoint->ue_edesc->bEndpointAddress, UF_ENDPOINT_HALT); 879} 880 881void 882usbd_clear_endpoint_stall_async(struct usbd_pipe *pipe) 883{ 884 usb_add_task(pipe->up_dev, &pipe->up_async_task, USB_TASKQ_DRIVER); 885} 886 887void 888usbd_clear_endpoint_toggle(struct usbd_pipe *pipe) 889{ 890 891 SDT_PROBE1(usb, device, pipe, clear__endpoint__toggle, pipe); 892 pipe->up_methods->upm_cleartoggle(pipe); 893} 894 895usbd_status 896usbd_endpoint_count(struct usbd_interface *iface, uint8_t *count) 897{ 898 KASSERT(iface != NULL); 899 KASSERT(iface->ui_idesc != NULL); 900 901 *count = iface->ui_idesc->bNumEndpoints; 902 return USBD_NORMAL_COMPLETION; 903} 904 905usbd_status 906usbd_interface_count(struct usbd_device *dev, uint8_t *count) 907{ 908 909 if (dev->ud_cdesc == NULL) 910 return USBD_NOT_CONFIGURED; 911 *count = dev->ud_cdesc->bNumInterface; 912 return USBD_NORMAL_COMPLETION; 913} 914 915void 916usbd_interface2device_handle(struct usbd_interface *iface, 917 struct usbd_device **dev) 918{ 919 920 *dev = iface->ui_dev; 921} 922 923usbd_status 924usbd_device2interface_handle(struct usbd_device *dev, 925 uint8_t ifaceno, struct usbd_interface **iface) 926{ 927 928 if (dev->ud_cdesc == NULL) 929 return USBD_NOT_CONFIGURED; 930 if (ifaceno >= dev->ud_cdesc->bNumInterface) 931 return USBD_INVAL; 932 *iface = &dev->ud_ifaces[ifaceno]; 933 return USBD_NORMAL_COMPLETION; 934} 935 936struct usbd_device * 937usbd_pipe2device_handle(struct usbd_pipe *pipe) 938{ 939 KASSERT(pipe != NULL); 940 941 return pipe->up_dev; 942} 943 944/* XXXX use altno */ 945usbd_status 946usbd_set_interface(struct usbd_interface *iface, int altidx) 947{ 948 bool locked = false; 949 usb_device_request_t req; 950 usbd_status err; 951 952 USBHIST_FUNC(); 953 USBHIST_CALLARGS(usbdebug, "iface %#jx", (uintptr_t)iface, 0, 0, 0); 954 955 err = usbd_iface_lock(iface); 956 if (err) 957 goto out; 958 locked = true; 959 960 err = usbd_fill_iface_data(iface->ui_dev, iface->ui_index, altidx); 961 if (err) 962 goto out; 963 964 req.bmRequestType = UT_WRITE_INTERFACE; 965 req.bRequest = UR_SET_INTERFACE; 966 USETW(req.wValue, iface->ui_idesc->bAlternateSetting); 967 USETW(req.wIndex, iface->ui_idesc->bInterfaceNumber); 968 USETW(req.wLength, 0); 969 err = usbd_do_request(iface->ui_dev, &req, 0); 970 971out: /* XXX back out iface data? */ 972 if (locked) 973 usbd_iface_unlock(iface); 974 return err; 975} 976 977int 978usbd_get_no_alts(usb_config_descriptor_t *cdesc, int ifaceno) 979{ 980 char *p = (char *)cdesc; 981 char *end = p + UGETW(cdesc->wTotalLength); 982 usb_descriptor_t *desc; 983 usb_interface_descriptor_t *idesc; 984 int n; 985 986 for (n = 0; end - p >= sizeof(*desc); p += desc->bLength) { 987 desc = (usb_descriptor_t *)p; 988 if (desc->bLength < sizeof(*desc) || desc->bLength > end - p) 989 break; 990 if (desc->bDescriptorType != UDESC_INTERFACE) 991 continue; 992 if (desc->bLength < sizeof(*idesc)) 993 break; 994 idesc = (usb_interface_descriptor_t *)desc; 995 if (idesc->bInterfaceNumber == ifaceno) { 996 n++; 997 if (n == INT_MAX) 998 break; 999 } 1000 } 1001 return n; 1002} 1003 1004int 1005usbd_get_interface_altindex(struct usbd_interface *iface) 1006{ 1007 return iface->ui_altindex; 1008} 1009 1010usbd_status 1011usbd_get_interface(struct usbd_interface *iface, uint8_t *aiface) 1012{ 1013 usb_device_request_t req; 1014 1015 req.bmRequestType = UT_READ_INTERFACE; 1016 req.bRequest = UR_GET_INTERFACE; 1017 USETW(req.wValue, 0); 1018 USETW(req.wIndex, iface->ui_idesc->bInterfaceNumber); 1019 USETW(req.wLength, 1); 1020 return usbd_do_request(iface->ui_dev, &req, aiface); 1021} 1022 1023/*** Internal routines ***/ 1024 1025/* Dequeue all pipe operations, called with bus lock held. */ 1026Static void 1027usbd_ar_pipe(struct usbd_pipe *pipe) 1028{ 1029 struct usbd_xfer *xfer; 1030 1031 USBHIST_FUNC(); 1032 USBHIST_CALLARGS(usbdebug, "pipe = %#jx", (uintptr_t)pipe, 0, 0, 0); 1033 SDT_PROBE1(usb, device, pipe, abort__start, pipe); 1034 1035 ASSERT_SLEEPABLE(); 1036 KASSERT(mutex_owned(pipe->up_dev->ud_bus->ub_lock)); 1037 KASSERT(pipe->up_dev->ud_bus->ub_usepolling == 0); 1038 1039 /* 1040 * Allow only one thread at a time to abort the pipe, so we 1041 * don't get confused if upm_abort drops the lock in the middle 1042 * of the abort to wait for hardware completion softints to 1043 * stop using the xfer before returning. 1044 */ 1045 KASSERTMSG(pipe->up_abortlwp == NULL, "pipe->up_abortlwp=%p", 1046 pipe->up_abortlwp); 1047 pipe->up_abortlwp = curlwp; 1048 1049#ifdef USB_DEBUG 1050 if (usbdebug > 5) 1051 usbd_dump_queue(pipe); 1052#endif 1053 pipe->up_repeat = 0; 1054 pipe->up_running = 0; 1055 pipe->up_aborting = 1; 1056 while ((xfer = SIMPLEQ_FIRST(&pipe->up_queue)) != NULL) { 1057 USBHIST_LOG(usbdebug, "pipe = %#jx xfer = %#jx " 1058 "(methods = %#jx)", (uintptr_t)pipe, (uintptr_t)xfer, 1059 (uintptr_t)pipe->up_methods, 0); 1060 if (xfer->ux_status == USBD_NOT_STARTED) { 1061 SDT_PROBE1(usb, device, xfer, preabort, xfer); 1062#ifdef DIAGNOSTIC 1063 xfer->ux_state = XFER_BUSY; 1064#endif 1065 SIMPLEQ_REMOVE_HEAD(&pipe->up_queue, ux_next); 1066 } else { 1067 /* Make the HC abort it (and invoke the callback). */ 1068 SDT_PROBE1(usb, device, xfer, abort, xfer); 1069 pipe->up_methods->upm_abort(xfer); 1070 while (pipe->up_callingxfer == xfer) { 1071 USBHIST_LOG(usbdebug, "wait for callback" 1072 "pipe = %#jx xfer = %#jx", 1073 (uintptr_t)pipe, (uintptr_t)xfer, 0, 0); 1074 cv_wait(&pipe->up_callingcv, 1075 pipe->up_dev->ud_bus->ub_lock); 1076 } 1077 /* XXX only for non-0 usbd_clear_endpoint_stall(pipe); */ 1078 } 1079 } 1080 1081 /* 1082 * There may be an xfer callback already in progress which was 1083 * taken off the queue before we got to it. We must wait for 1084 * the callback to finish before returning control to the 1085 * caller. 1086 */ 1087 while (pipe->up_callingxfer) { 1088 USBHIST_LOG(usbdebug, "wait for callback" 1089 "pipe = %#jx xfer = %#jx", 1090 (uintptr_t)pipe, (uintptr_t)pipe->up_callingxfer, 0, 0); 1091 cv_wait(&pipe->up_callingcv, pipe->up_dev->ud_bus->ub_lock); 1092 } 1093 1094 KASSERT(mutex_owned(pipe->up_dev->ud_bus->ub_lock)); 1095 KASSERTMSG(pipe->up_abortlwp == curlwp, "pipe->up_abortlwp=%p", 1096 pipe->up_abortlwp); 1097 pipe->up_abortlwp = NULL; 1098 1099 SDT_PROBE1(usb, device, pipe, abort__done, pipe); 1100} 1101 1102/* Called with USB lock held. */ 1103void 1104usb_transfer_complete(struct usbd_xfer *xfer) 1105{ 1106 struct usbd_pipe *pipe = xfer->ux_pipe; 1107 struct usbd_bus *bus = pipe->up_dev->ud_bus; 1108 int sync = xfer->ux_flags & USBD_SYNCHRONOUS; 1109 int erred; 1110 int polling = bus->ub_usepolling; 1111 int repeat = pipe->up_repeat; 1112 1113 USBHIST_FUNC(); 1114 USBHIST_CALLARGS(usbdebug, "pipe = %#jx xfer = %#jx status = %jd " 1115 "actlen = %jd", (uintptr_t)pipe, (uintptr_t)xfer, xfer->ux_status, 1116 xfer->ux_actlen); 1117 1118 KASSERT(polling || mutex_owned(pipe->up_dev->ud_bus->ub_lock)); 1119 KASSERTMSG(xfer->ux_state == XFER_ONQU, "xfer %p state is %x", xfer, 1120 xfer->ux_state); 1121 KASSERT(pipe != NULL); 1122 1123 /* 1124 * If device is known to miss out ack, then pretend that 1125 * output timeout is a success. Userland should handle 1126 * the logic to verify that the operation succeeded. 1127 */ 1128 if (pipe->up_dev->ud_quirks && 1129 pipe->up_dev->ud_quirks->uq_flags & UQ_MISS_OUT_ACK && 1130 xfer->ux_status == USBD_TIMEOUT && 1131 !usbd_xfer_isread(xfer)) { 1132 USBHIST_LOG(usbdebug, "Possible output ack miss for xfer %#jx: " 1133 "hiding write timeout to %jd.%jd for %ju bytes written", 1134 (uintptr_t)xfer, curlwp->l_proc->p_pid, curlwp->l_lid, 1135 xfer->ux_length); 1136 1137 xfer->ux_status = USBD_NORMAL_COMPLETION; 1138 xfer->ux_actlen = xfer->ux_length; 1139 } 1140 1141 erred = xfer->ux_status == USBD_CANCELLED || 1142 xfer->ux_status == USBD_TIMEOUT; 1143 1144 if (!repeat) { 1145 /* Remove request from queue. */ 1146 1147 KASSERTMSG(!SIMPLEQ_EMPTY(&pipe->up_queue), 1148 "pipe %p is empty, but xfer %p wants to complete", pipe, 1149 xfer); 1150 KASSERTMSG(xfer == SIMPLEQ_FIRST(&pipe->up_queue), 1151 "xfer %p is not start of queue (%p is at start)", xfer, 1152 SIMPLEQ_FIRST(&pipe->up_queue)); 1153 1154#ifdef DIAGNOSTIC 1155 xfer->ux_state = XFER_BUSY; 1156#endif 1157 SIMPLEQ_REMOVE_HEAD(&pipe->up_queue, ux_next); 1158 } 1159 USBHIST_LOG(usbdebug, "xfer %#jx: repeat %jd new head = %#jx", 1160 (uintptr_t)xfer, repeat, (uintptr_t)SIMPLEQ_FIRST(&pipe->up_queue), 1161 0); 1162 1163 /* Count completed transfers. */ 1164 ++pipe->up_dev->ud_bus->ub_stats.uds_requests 1165 [pipe->up_endpoint->ue_edesc->bmAttributes & UE_XFERTYPE]; 1166 1167 xfer->ux_done = 1; 1168 if (!xfer->ux_status && xfer->ux_actlen < xfer->ux_length && 1169 !(xfer->ux_flags & USBD_SHORT_XFER_OK)) { 1170 USBHIST_LOG(usbdebug, "short transfer %jd < %jd", 1171 xfer->ux_actlen, xfer->ux_length, 0, 0); 1172 xfer->ux_status = USBD_SHORT_XFER; 1173 } 1174 1175 USBHIST_LOG(usbdebug, "xfer %#jx doing done %#jx", (uintptr_t)xfer, 1176 (uintptr_t)pipe->up_methods->upm_done, 0, 0); 1177 SDT_PROBE2(usb, device, xfer, done, xfer, xfer->ux_status); 1178 pipe->up_methods->upm_done(xfer); 1179 1180 if (xfer->ux_length != 0 && xfer->ux_buffer != xfer->ux_buf) { 1181 KDASSERTMSG(xfer->ux_actlen <= xfer->ux_length, 1182 "actlen %d length %d",xfer->ux_actlen, xfer->ux_length); 1183 1184 /* Only if IN transfer */ 1185 if (usbd_xfer_isread(xfer)) { 1186 memcpy(xfer->ux_buffer, xfer->ux_buf, xfer->ux_actlen); 1187 } 1188 } 1189 1190 USBHIST_LOG(usbdebug, "xfer %#jx doing callback %#jx status %jd", 1191 (uintptr_t)xfer, (uintptr_t)xfer->ux_callback, xfer->ux_status, 0); 1192 1193 if (xfer->ux_callback) { 1194 if (!polling) { 1195 KASSERT(pipe->up_callingxfer == NULL); 1196 pipe->up_callingxfer = xfer; 1197 mutex_exit(pipe->up_dev->ud_bus->ub_lock); 1198 if (!(pipe->up_flags & USBD_MPSAFE)) 1199 KERNEL_LOCK(1, curlwp); 1200 } 1201 1202 xfer->ux_callback(xfer, xfer->ux_priv, xfer->ux_status); 1203 1204 if (!polling) { 1205 if (!(pipe->up_flags & USBD_MPSAFE)) 1206 KERNEL_UNLOCK_ONE(curlwp); 1207 mutex_enter(pipe->up_dev->ud_bus->ub_lock); 1208 KASSERT(pipe->up_callingxfer == xfer); 1209 pipe->up_callingxfer = NULL; 1210 cv_broadcast(&pipe->up_callingcv); 1211 } 1212 } 1213 1214 if (sync && !polling) { 1215 USBHIST_LOG(usbdebug, "<- done xfer %#jx, wakeup", 1216 (uintptr_t)xfer, 0, 0, 0); 1217 cv_broadcast(&xfer->ux_cv); 1218 } 1219 1220 if (repeat) { 1221 xfer->ux_actlen = 0; 1222 xfer->ux_status = USBD_NOT_STARTED; 1223 } else { 1224 /* XXX should we stop the queue on all errors? */ 1225 if (erred && pipe->up_iface != NULL) /* not control pipe */ 1226 pipe->up_running = 0; 1227 } 1228 if (pipe->up_running && pipe->up_serialise) 1229 usbd_start_next(pipe); 1230} 1231 1232/* Called with USB lock held. */ 1233void 1234usbd_start_next(struct usbd_pipe *pipe) 1235{ 1236 struct usbd_xfer *xfer; 1237 usbd_status err; 1238 1239 USBHIST_FUNC(); 1240 1241 KASSERT(pipe != NULL); 1242 KASSERT(pipe->up_methods != NULL); 1243 KASSERT(pipe->up_methods->upm_start != NULL); 1244 KASSERT(pipe->up_serialise == true); 1245 1246 int polling = pipe->up_dev->ud_bus->ub_usepolling; 1247 KASSERT(polling || mutex_owned(pipe->up_dev->ud_bus->ub_lock)); 1248 1249 /* Get next request in queue. */ 1250 xfer = SIMPLEQ_FIRST(&pipe->up_queue); 1251 USBHIST_CALLARGS(usbdebug, "pipe = %#jx, xfer = %#jx", (uintptr_t)pipe, 1252 (uintptr_t)xfer, 0, 0); 1253 if (xfer == NULL) { 1254 pipe->up_running = 0; 1255 } else { 1256 SDT_PROBE2(usb, device, pipe, start, pipe, xfer); 1257 err = pipe->up_methods->upm_start(xfer); 1258 1259 if (err != USBD_IN_PROGRESS) { 1260 USBHIST_LOG(usbdebug, "error = %jd", err, 0, 0, 0); 1261 pipe->up_running = 0; 1262 /* XXX do what? */ 1263 } 1264 } 1265 1266 KASSERT(polling || mutex_owned(pipe->up_dev->ud_bus->ub_lock)); 1267} 1268 1269usbd_status 1270usbd_do_request(struct usbd_device *dev, usb_device_request_t *req, void *data) 1271{ 1272 1273 return usbd_do_request_flags(dev, req, data, 0, 0, 1274 USBD_DEFAULT_TIMEOUT); 1275} 1276 1277usbd_status 1278usbd_do_request_flags(struct usbd_device *dev, usb_device_request_t *req, 1279 void *data, uint16_t flags, int *actlen, uint32_t timeout) 1280{ 1281 size_t len = UGETW(req->wLength); 1282 1283 return usbd_do_request_len(dev, req, len, data, flags, actlen, timeout); 1284} 1285 1286usbd_status 1287usbd_do_request_len(struct usbd_device *dev, usb_device_request_t *req, 1288 size_t len, void *data, uint16_t flags, int *actlen, uint32_t timeout) 1289{ 1290 struct usbd_xfer *xfer; 1291 usbd_status err; 1292 1293 KASSERT(len >= UGETW(req->wLength)); 1294 1295 USBHIST_FUNC(); 1296 USBHIST_CALLARGS(usbdebug, "dev=%#jx req=%jx flags=%jx len=%jx", 1297 (uintptr_t)dev, (uintptr_t)req, flags, len); 1298 1299 ASSERT_SLEEPABLE(); 1300 1301 SDT_PROBE5(usb, device, request, start, 1302 dev, req, len, flags, timeout); 1303 1304 int error = usbd_create_xfer(dev->ud_pipe0, len, 0, 0, &xfer); 1305 if (error) { 1306 SDT_PROBE7(usb, device, request, done, 1307 dev, req, /*actlen*/0, flags, timeout, data, USBD_NOMEM); 1308 return USBD_NOMEM; 1309 } 1310 1311 usbd_setup_default_xfer(xfer, dev, 0, timeout, req, data, 1312 UGETW(req->wLength), flags, NULL); 1313 KASSERT(xfer->ux_pipe == dev->ud_pipe0); 1314 err = usbd_sync_transfer(xfer); 1315#if defined(USB_DEBUG) || defined(DIAGNOSTIC) 1316 if (xfer->ux_actlen > xfer->ux_length) { 1317 USBHIST_LOG(usbdebug, "overrun addr = %jd type = 0x%02jx", 1318 dev->ud_addr, xfer->ux_request.bmRequestType, 0, 0); 1319 USBHIST_LOG(usbdebug, " req = 0x%02jx val = %jd " 1320 "index = %jd", 1321 xfer->ux_request.bRequest, UGETW(xfer->ux_request.wValue), 1322 UGETW(xfer->ux_request.wIndex), 0); 1323 USBHIST_LOG(usbdebug, " rlen = %jd length = %jd " 1324 "actlen = %jd", 1325 UGETW(xfer->ux_request.wLength), 1326 xfer->ux_length, xfer->ux_actlen, 0); 1327 } 1328#endif 1329 if (actlen != NULL) 1330 *actlen = xfer->ux_actlen; 1331 1332 usbd_destroy_xfer(xfer); 1333 1334 SDT_PROBE7(usb, device, request, done, 1335 dev, req, xfer->ux_actlen, flags, timeout, data, err); 1336 1337 if (err) { 1338 USBHIST_LOG(usbdebug, "returning err = %jd", err, 0, 0, 0); 1339 } 1340 return err; 1341} 1342 1343const struct usbd_quirks * 1344usbd_get_quirks(struct usbd_device *dev) 1345{ 1346#ifdef DIAGNOSTIC 1347 if (dev == NULL) { 1348 printf("usbd_get_quirks: dev == NULL\n"); 1349 return 0; 1350 } 1351#endif 1352 return dev->ud_quirks; 1353} 1354 1355/* XXX do periodic free() of free list */ 1356 1357/* 1358 * Called from keyboard driver when in polling mode. 1359 */ 1360void 1361usbd_dopoll(struct usbd_interface *iface) 1362{ 1363 iface->ui_dev->ud_bus->ub_methods->ubm_dopoll(iface->ui_dev->ud_bus); 1364} 1365 1366/* 1367 * This is for keyboard driver as well, which only operates in polling 1368 * mode from the ask root, etc., prompt and from DDB. 1369 */ 1370void 1371usbd_set_polling(struct usbd_device *dev, int on) 1372{ 1373 1374 mutex_enter(dev->ud_bus->ub_lock); 1375 if (on) { 1376 /* 1377 * Enabling polling. If we're enabling for the first 1378 * time, call the softint routine on transition while 1379 * we hold the lock and polling is still disabled, and 1380 * then enable polling -- once polling is enabled, we 1381 * must not hold the lock when we call the softint 1382 * routine. 1383 */ 1384 KASSERT(dev->ud_bus->ub_usepolling < __type_max(char)); 1385 if (dev->ud_bus->ub_usepolling == 0) 1386 dev->ud_bus->ub_methods->ubm_softint(dev->ud_bus); 1387 dev->ud_bus->ub_usepolling++; 1388 } else { 1389 /* 1390 * Disabling polling. If we're disabling polling for 1391 * the last time, disable polling first and then call 1392 * the softint routine while we hold the lock -- until 1393 * polling is disabled, we must not hold the lock when 1394 * we call the softint routine. 1395 */ 1396 KASSERT(dev->ud_bus->ub_usepolling > 0); 1397 dev->ud_bus->ub_usepolling--; 1398 if (dev->ud_bus->ub_usepolling == 0) 1399 dev->ud_bus->ub_methods->ubm_softint(dev->ud_bus); 1400 } 1401 mutex_exit(dev->ud_bus->ub_lock); 1402} 1403 1404 1405usb_endpoint_descriptor_t * 1406usbd_get_endpoint_descriptor(struct usbd_interface *iface, uint8_t address) 1407{ 1408 struct usbd_endpoint *ep; 1409 int i; 1410 1411 for (i = 0; i < iface->ui_idesc->bNumEndpoints; i++) { 1412 ep = &iface->ui_endpoints[i]; 1413 if (ep->ue_edesc->bEndpointAddress == address) 1414 return iface->ui_endpoints[i].ue_edesc; 1415 } 1416 return NULL; 1417} 1418 1419/* 1420 * usbd_ratecheck() can limit the number of error messages that occurs. 1421 * When a device is unplugged it may take up to 0.25s for the hub driver 1422 * to notice it. If the driver continuously tries to do I/O operations 1423 * this can generate a large number of messages. 1424 */ 1425int 1426usbd_ratecheck(struct timeval *last) 1427{ 1428 static struct timeval errinterval = { 0, 250000 }; /* 0.25 s*/ 1429 1430 return ratecheck(last, &errinterval); 1431} 1432 1433/* 1434 * Search for a vendor/product pair in an array. The item size is 1435 * given as an argument. 1436 */ 1437const struct usb_devno * 1438usb_match_device(const struct usb_devno *tbl, u_int nentries, u_int sz, 1439 uint16_t vendor, uint16_t product) 1440{ 1441 while (nentries-- > 0) { 1442 uint16_t tproduct = tbl->ud_product; 1443 if (tbl->ud_vendor == vendor && 1444 (tproduct == product || tproduct == USB_PRODUCT_ANY)) 1445 return tbl; 1446 tbl = (const struct usb_devno *)((const char *)tbl + sz); 1447 } 1448 return NULL; 1449} 1450 1451usbd_status 1452usbd_get_string(struct usbd_device *dev, int si, char *buf) 1453{ 1454 return usbd_get_string0(dev, si, buf, 1); 1455} 1456 1457usbd_status 1458usbd_get_string0(struct usbd_device *dev, int si, char *buf, int unicode) 1459{ 1460 int swap = dev->ud_quirks->uq_flags & UQ_SWAP_UNICODE; 1461 usb_string_descriptor_t us; 1462 char *s; 1463 int i, n; 1464 uint16_t c; 1465 usbd_status err; 1466 int size; 1467 1468 USBHIST_FUNC(); USBHIST_CALLED(usbdebug); 1469 1470 buf[0] = '\0'; 1471 if (si == 0) 1472 return USBD_INVAL; 1473 if (dev->ud_quirks->uq_flags & UQ_NO_STRINGS) 1474 return USBD_STALLED; 1475 if (dev->ud_langid == USBD_NOLANG) { 1476 /* Set up default language */ 1477 err = usbd_get_string_desc(dev, USB_LANGUAGE_TABLE, 0, &us, 1478 &size); 1479 if (err || size < 4) { 1480 USBHIST_LOG(usbdebug, "getting lang failed, using 0", 1481 0, 0, 0, 0); 1482 dev->ud_langid = 0; /* Well, just pick something then */ 1483 } else { 1484 /* Pick the first language as the default. */ 1485 dev->ud_langid = UGETW(us.bString[0]); 1486 } 1487 } 1488 err = usbd_get_string_desc(dev, si, dev->ud_langid, &us, &size); 1489 if (err) 1490 return err; 1491 s = buf; 1492 n = size / 2 - 1; 1493 if (unicode) { 1494 for (i = 0; i < n; i++) { 1495 c = UGETW(us.bString[i]); 1496 if (swap) 1497 c = (c >> 8) | (c << 8); 1498 s += wput_utf8(s, 3, c); 1499 } 1500 *s++ = 0; 1501 } 1502#ifdef COMPAT_30 1503 else { 1504 for (i = 0; i < n; i++) { 1505 c = UGETW(us.bString[i]); 1506 if (swap) 1507 c = (c >> 8) | (c << 8); 1508 *s++ = (c < 0x80) ? c : '?'; 1509 } 1510 *s++ = 0; 1511 } 1512#endif 1513 return USBD_NORMAL_COMPLETION; 1514} 1515 1516/* 1517 * usbd_xfer_trycomplete(xfer) 1518 * 1519 * Try to claim xfer for completion. Return true if successful, 1520 * false if the xfer has been synchronously aborted or has timed 1521 * out. 1522 * 1523 * If this returns true, caller is responsible for setting 1524 * xfer->ux_status and calling usb_transfer_complete. To be used 1525 * in a host controller interrupt handler. 1526 * 1527 * Caller must either hold the bus lock or have the bus in polling 1528 * mode. If this succeeds, caller must proceed to call 1529 * usb_complete_transfer under the bus lock or with polling 1530 * enabled -- must not release and reacquire the bus lock in the 1531 * meantime. Failing to heed this rule may lead to catastrophe 1532 * with abort or timeout. 1533 */ 1534bool 1535usbd_xfer_trycomplete(struct usbd_xfer *xfer) 1536{ 1537 struct usbd_bus *bus __diagused = xfer->ux_bus; 1538 1539 KASSERT(bus->ub_usepolling || mutex_owned(bus->ub_lock)); 1540 1541 USBHIST_FUNC(); 1542 USBHIST_CALLARGS(usbdebug, "xfer %#jx status %jd", 1543 (uintptr_t)xfer, xfer->ux_status, 0, 0); 1544 1545 /* 1546 * If software has completed it, either by synchronous abort or 1547 * by timeout, too late. 1548 */ 1549 if (xfer->ux_status != USBD_IN_PROGRESS) 1550 return false; 1551 1552 /* 1553 * We are completing the xfer. Cancel the timeout if we can, 1554 * but only asynchronously. See usbd_xfer_cancel_timeout_async 1555 * for why we need not wait for the callout or task here. 1556 */ 1557 usbd_xfer_cancel_timeout_async(xfer); 1558 1559 /* Success! Note: Caller must set xfer->ux_status afterwar. */ 1560 return true; 1561} 1562 1563/* 1564 * usbd_xfer_abort(xfer) 1565 * 1566 * Try to claim xfer to abort. If successful, mark it completed 1567 * with USBD_CANCELLED and call the bus-specific method to abort 1568 * at the hardware level. 1569 * 1570 * To be called in thread context from struct 1571 * usbd_pipe_methods::upm_abort. 1572 * 1573 * Caller must hold the bus lock. 1574 */ 1575void 1576usbd_xfer_abort(struct usbd_xfer *xfer) 1577{ 1578 struct usbd_bus *bus = xfer->ux_bus; 1579 1580 KASSERT(mutex_owned(bus->ub_lock)); 1581 1582 USBHIST_FUNC(); 1583 USBHIST_CALLARGS(usbdebug, "xfer %#jx status %jd", 1584 (uintptr_t)xfer, xfer->ux_status, 0, 0); 1585 1586 /* 1587 * If host controller interrupt or timer interrupt has 1588 * completed it, too late. But the xfer cannot be 1589 * cancelled already -- only one caller can synchronously 1590 * abort. 1591 */ 1592 KASSERT(xfer->ux_status != USBD_CANCELLED); 1593 if (xfer->ux_status != USBD_IN_PROGRESS) 1594 return; 1595 1596 /* 1597 * Cancel the timeout if we can, but only asynchronously; see 1598 * usbd_xfer_cancel_timeout_async for why we need not wait for 1599 * the callout or task here. 1600 */ 1601 usbd_xfer_cancel_timeout_async(xfer); 1602 1603 /* 1604 * We beat everyone else. Claim the status as cancelled, do 1605 * the bus-specific dance to abort the hardware, and complete 1606 * the xfer. 1607 */ 1608 xfer->ux_status = USBD_CANCELLED; 1609 bus->ub_methods->ubm_abortx(xfer); 1610 usb_transfer_complete(xfer); 1611} 1612 1613/* 1614 * usbd_xfer_timeout(xfer) 1615 * 1616 * Called at IPL_SOFTCLOCK when too much time has elapsed waiting 1617 * for xfer to complete. Since we can't abort the xfer at 1618 * IPL_SOFTCLOCK, defer to a usb_task to run it in thread context, 1619 * unless the xfer has completed or aborted concurrently -- and if 1620 * the xfer has also been resubmitted, take care of rescheduling 1621 * the callout. 1622 */ 1623static void 1624usbd_xfer_timeout(void *cookie) 1625{ 1626 struct usbd_xfer *xfer = cookie; 1627 struct usbd_bus *bus = xfer->ux_bus; 1628 struct usbd_device *dev = xfer->ux_pipe->up_dev; 1629 1630 /* Acquire the lock so we can transition the timeout state. */ 1631 mutex_enter(bus->ub_lock); 1632 1633 USBHIST_FUNC(); 1634 USBHIST_CALLARGS(usbdebug, "xfer %#jx status %jd", 1635 (uintptr_t)xfer, xfer->ux_status, 0, 0); 1636 1637 /* 1638 * Use usbd_xfer_probe_timeout to check whether the timeout is 1639 * still valid, or to reschedule the callout if necessary. If 1640 * it is still valid, schedule the task. 1641 */ 1642 if (usbd_xfer_probe_timeout(xfer)) { 1643 USBHIST_LOG(usbdebug, "xfer %#jx schedule timeout task", 1644 (uintptr_t)xfer, 0, 0, 0); 1645 usb_add_task(dev, &xfer->ux_aborttask, USB_TASKQ_HC); 1646 } else { 1647 USBHIST_LOG(usbdebug, "xfer %#jx timeout cancelled", 1648 (uintptr_t)xfer, 0, 0, 0); 1649 } 1650 1651 /* 1652 * Notify usbd_xfer_cancel_timeout_async that we may have 1653 * scheduled the task. This causes callout_invoking to return 1654 * false in usbd_xfer_cancel_timeout_async so that it can tell 1655 * which stage in the callout->task->abort process we're at. 1656 */ 1657 callout_ack(&xfer->ux_callout); 1658 1659 /* All done -- release the lock. */ 1660 mutex_exit(bus->ub_lock); 1661} 1662 1663/* 1664 * usbd_xfer_timeout_task(xfer) 1665 * 1666 * Called in thread context when too much time has elapsed waiting 1667 * for xfer to complete. Abort the xfer with USBD_TIMEOUT, unless 1668 * it has completed or aborted concurrently -- and if the xfer has 1669 * also been resubmitted, take care of rescheduling the callout. 1670 */ 1671static void 1672usbd_xfer_timeout_task(void *cookie) 1673{ 1674 struct usbd_xfer *xfer = cookie; 1675 struct usbd_bus *bus = xfer->ux_bus; 1676 1677 /* Acquire the lock so we can transition the timeout state. */ 1678 mutex_enter(bus->ub_lock); 1679 1680 USBHIST_FUNC(); 1681 USBHIST_CALLARGS(usbdebug, "xfer %#jx status %jd", 1682 (uintptr_t)xfer, xfer->ux_status, 0, 0); 1683 1684 /* 1685 * Use usbd_xfer_probe_timeout to check whether the timeout is 1686 * still valid, or to reschedule the callout if necessary. If 1687 * it is not valid -- the timeout has been asynchronously 1688 * cancelled, or the xfer has already been resubmitted -- then 1689 * we're done here. 1690 */ 1691 if (!usbd_xfer_probe_timeout(xfer)) { 1692 USBHIST_LOG(usbdebug, "xfer %#jx timeout cancelled", 1693 (uintptr_t)xfer, 0, 0, 0); 1694 goto out; 1695 } 1696 1697 /* 1698 * After this point, no further timeout probing will happen for 1699 * the current incarnation of the timeout, so make the next 1700 * usbd_xfer_schedule_timeout schedule a new callout. 1701 * usbd_xfer_probe_timeout has already processed any reset. 1702 */ 1703 KASSERT(!xfer->ux_timeout_reset); 1704 xfer->ux_timeout_set = false; 1705 1706 /* 1707 * May have completed or been aborted, but we're the only one 1708 * who can time it out. If it has completed or been aborted, 1709 * no need to timeout. 1710 */ 1711 KASSERT(xfer->ux_status != USBD_TIMEOUT); 1712 if (xfer->ux_status != USBD_IN_PROGRESS) { 1713 USBHIST_LOG(usbdebug, "xfer %#jx timeout raced", 1714 (uintptr_t)xfer, 0, 0, 0); 1715 goto out; 1716 } 1717 1718 /* 1719 * We beat everyone else. Claim the status as timed out, do 1720 * the bus-specific dance to abort the hardware, and complete 1721 * the xfer. 1722 */ 1723 USBHIST_LOG(usbdebug, "xfer %#jx timed out", 1724 (uintptr_t)xfer, 0, 0, 0); 1725 xfer->ux_status = USBD_TIMEOUT; 1726 bus->ub_methods->ubm_abortx(xfer); 1727 usb_transfer_complete(xfer); 1728 1729out: /* All done -- release the lock. */ 1730 mutex_exit(bus->ub_lock); 1731} 1732 1733/* 1734 * usbd_xfer_probe_timeout(xfer) 1735 * 1736 * Probe the status of xfer's timeout. Acknowledge and process a 1737 * request to reschedule. Return true if the timeout is still 1738 * valid and the caller should take further action (queueing a 1739 * task or aborting the xfer), false if it must stop here. 1740 */ 1741static bool 1742usbd_xfer_probe_timeout(struct usbd_xfer *xfer) 1743{ 1744 struct usbd_bus *bus = xfer->ux_bus; 1745 bool valid; 1746 1747 USBHIST_FUNC(); 1748 USBHIST_CALLARGS(usbdebug, "xfer %#jx timeout %jdms" 1749 " set %jd reset %jd", 1750 (uintptr_t)xfer, xfer->ux_timeout, 1751 xfer->ux_timeout_set, xfer->ux_timeout_reset); 1752 1753 KASSERT(bus->ub_usepolling || mutex_owned(bus->ub_lock)); 1754 1755 /* The timeout must be set. */ 1756 KASSERT(xfer->ux_timeout_set); 1757 1758 /* 1759 * Neither callout nor task may be pending; they execute 1760 * alternately in lock step. 1761 */ 1762 KASSERT(!callout_pending(&xfer->ux_callout)); 1763 KASSERT(!usb_task_pending(xfer->ux_pipe->up_dev, &xfer->ux_aborttask)); 1764 1765 /* There are a few cases... */ 1766 if (bus->ub_methods->ubm_dying(bus)) { 1767 /* Host controller dying. Drop it all on the floor. */ 1768 USBHIST_LOG(usbdebug, "xfer %#jx bus dying, not rescheduling", 1769 (uintptr_t)xfer, 0, 0, 0); 1770 xfer->ux_timeout_set = false; 1771 xfer->ux_timeout_reset = false; 1772 valid = false; 1773 } else if (xfer->ux_timeout_reset) { 1774 /* 1775 * The xfer completed _and_ got resubmitted while we 1776 * waited for the lock. Acknowledge the request to 1777 * reschedule, and reschedule it if there is a timeout 1778 * and the bus is not polling. 1779 */ 1780 xfer->ux_timeout_reset = false; 1781 if (xfer->ux_timeout && !bus->ub_usepolling) { 1782 USBHIST_LOG(usbdebug, "xfer %#jx resubmitted," 1783 " rescheduling timer for %jdms", 1784 (uintptr_t)xfer, xfer->ux_timeout, 0, 0); 1785 KASSERT(xfer->ux_timeout_set); 1786 callout_schedule(&xfer->ux_callout, 1787 mstohz(xfer->ux_timeout)); 1788 } else { 1789 /* No more callout or task scheduled. */ 1790 USBHIST_LOG(usbdebug, "xfer %#jx resubmitted" 1791 " and completed, not rescheduling", 1792 (uintptr_t)xfer, 0, 0, 0); 1793 xfer->ux_timeout_set = false; 1794 } 1795 valid = false; 1796 } else if (xfer->ux_status != USBD_IN_PROGRESS) { 1797 /* 1798 * The xfer has completed by hardware completion or by 1799 * software abort, and has not been resubmitted, so the 1800 * timeout must be unset, and is no longer valid for 1801 * the caller. 1802 */ 1803 USBHIST_LOG(usbdebug, "xfer %#jx timeout lost race," 1804 " status=%jd, not rescheduling", 1805 (uintptr_t)xfer, xfer->ux_status, 0, 0); 1806 xfer->ux_timeout_set = false; 1807 valid = false; 1808 } else { 1809 /* 1810 * The xfer has not yet completed, so the timeout is 1811 * valid. 1812 */ 1813 USBHIST_LOG(usbdebug, "xfer %#jx timing out", 1814 (uintptr_t)xfer, 0, 0, 0); 1815 valid = true; 1816 } 1817 1818 /* Any reset must have been processed. */ 1819 KASSERT(!xfer->ux_timeout_reset); 1820 1821 /* 1822 * Either we claim the timeout is set, or the callout is idle. 1823 * If the timeout is still set, we may be handing off to the 1824 * task instead, so this is an if but not an iff. 1825 */ 1826 KASSERT(xfer->ux_timeout_set || !callout_pending(&xfer->ux_callout)); 1827 1828 /* 1829 * The task must be idle now. 1830 * 1831 * - If the caller is the callout, _and_ the timeout is still 1832 * valid, the caller will schedule it, but it hasn't been 1833 * scheduled yet. (If the timeout is not valid, the task 1834 * should not be scheduled.) 1835 * 1836 * - If the caller is the task, it cannot be scheduled again 1837 * until the callout runs again, which won't happen until we 1838 * next release the lock. 1839 */ 1840 KASSERT(!usb_task_pending(xfer->ux_pipe->up_dev, &xfer->ux_aborttask)); 1841 1842 KASSERT(bus->ub_usepolling || mutex_owned(bus->ub_lock)); 1843 1844 return valid; 1845} 1846 1847/* 1848 * usbd_xfer_schedule_timeout(xfer) 1849 * 1850 * Ensure that xfer has a timeout. If the callout is already 1851 * queued or the task is already running, request that they 1852 * reschedule the callout. If not, and if we're not polling, 1853 * schedule the callout anew. 1854 * 1855 * To be called in thread context from struct 1856 * usbd_pipe_methods::upm_start. 1857 */ 1858void 1859usbd_xfer_schedule_timeout(struct usbd_xfer *xfer) 1860{ 1861 struct usbd_bus *bus = xfer->ux_bus; 1862 1863 USBHIST_FUNC(); 1864 USBHIST_CALLARGS(usbdebug, "xfer %#jx timeout %jdms" 1865 " set %jd reset %jd", 1866 (uintptr_t)xfer, xfer->ux_timeout, 1867 xfer->ux_timeout_set, xfer->ux_timeout_reset); 1868 1869 KASSERT(bus->ub_usepolling || mutex_owned(bus->ub_lock)); 1870 KASSERTMSG(xfer->ux_status == USBD_IN_PROGRESS, "xfer=%p status=%d", 1871 xfer, xfer->ux_status); 1872 1873 if (xfer->ux_timeout_set) { 1874 /* 1875 * Callout or task has fired from a prior completed 1876 * xfer but has not yet noticed that the xfer is done. 1877 * Ask it to reschedule itself to ux_timeout. 1878 */ 1879 xfer->ux_timeout_reset = true; 1880 } else if (xfer->ux_timeout && !bus->ub_usepolling) { 1881 /* Callout is not scheduled. Schedule it. */ 1882 KASSERT(!callout_pending(&xfer->ux_callout)); 1883 callout_schedule(&xfer->ux_callout, mstohz(xfer->ux_timeout)); 1884 xfer->ux_timeout_set = true; 1885 } 1886 1887 KASSERT(bus->ub_usepolling || mutex_owned(bus->ub_lock)); 1888} 1889 1890/* 1891 * usbd_xfer_cancel_timeout_async(xfer) 1892 * 1893 * Cancel the callout and the task of xfer, which have not yet run 1894 * to completion, but don't wait for the callout or task to finish 1895 * running. 1896 * 1897 * If they have already fired, at worst they are waiting for the 1898 * bus lock. They will see that the xfer is no longer in progress 1899 * and give up, or they will see that the xfer has been 1900 * resubmitted with a new timeout and reschedule the callout. 1901 * 1902 * If a resubmitted request completed so fast that the callout 1903 * didn't have time to process a timer reset, just cancel the 1904 * timer reset. 1905 */ 1906static void 1907usbd_xfer_cancel_timeout_async(struct usbd_xfer *xfer) 1908{ 1909 struct usbd_bus *bus __diagused = xfer->ux_bus; 1910 1911 KASSERT(bus->ub_usepolling || mutex_owned(bus->ub_lock)); 1912 1913 USBHIST_FUNC(); 1914 USBHIST_CALLARGS(usbdebug, "xfer %#jx timeout %jdms" 1915 " set %jd reset %jd", 1916 (uintptr_t)xfer, xfer->ux_timeout, 1917 xfer->ux_timeout_set, xfer->ux_timeout_reset); 1918 1919 /* 1920 * If the timer wasn't running anyway, forget about it. This 1921 * can happen if we are completing an isochronous transfer 1922 * which doesn't use the same timeout logic. 1923 */ 1924 if (!xfer->ux_timeout_set) { 1925 USBHIST_LOG(usbdebug, "xfer %#jx timer not running", 1926 (uintptr_t)xfer, 0, 0, 0); 1927 return; 1928 } 1929 1930 xfer->ux_timeout_reset = false; 1931 if (!callout_stop(&xfer->ux_callout)) { 1932 /* 1933 * We stopped the callout before it ran. The timeout 1934 * is no longer set. 1935 */ 1936 USBHIST_LOG(usbdebug, "xfer %#jx timer stopped", 1937 (uintptr_t)xfer, 0, 0, 0); 1938 xfer->ux_timeout_set = false; 1939 } else if (callout_invoking(&xfer->ux_callout)) { 1940 /* 1941 * The callout has begun to run but it has not yet 1942 * acquired the lock and called callout_ack. The task 1943 * cannot be queued yet, and the callout cannot have 1944 * been rescheduled yet. 1945 * 1946 * By the time the callout acquires the lock, we will 1947 * have transitioned from USBD_IN_PROGRESS to a 1948 * completed status, and possibly also resubmitted the 1949 * xfer and set xfer->ux_timeout_reset = true. In both 1950 * cases, the callout will DTRT, so no further action 1951 * is needed here. 1952 */ 1953 USBHIST_LOG(usbdebug, "xfer %#jx timer fired", 1954 (uintptr_t)xfer, 0, 0, 0); 1955 } else if (usb_rem_task(xfer->ux_pipe->up_dev, &xfer->ux_aborttask)) { 1956 /* 1957 * The callout had fired and scheduled the task, but we 1958 * stopped the task before it could run. The timeout 1959 * is therefore no longer set -- the next resubmission 1960 * of the xfer must schedule a new timeout. 1961 * 1962 * The callout should not be pending at this point: 1963 * it is scheduled only under the lock, and only when 1964 * xfer->ux_timeout_set is false, or by the callout or 1965 * task itself when xfer->ux_timeout_reset is true. 1966 */ 1967 USBHIST_LOG(usbdebug, "xfer %#jx task fired", 1968 (uintptr_t)xfer, 0, 0, 0); 1969 xfer->ux_timeout_set = false; 1970 } else { 1971 USBHIST_LOG(usbdebug, "xfer %#jx task stopped", 1972 (uintptr_t)xfer, 0, 0, 0); 1973 } 1974 1975 /* 1976 * The callout cannot be scheduled and the task cannot be 1977 * queued at this point. Either we cancelled them, or they are 1978 * already running and waiting for the bus lock. 1979 */ 1980 KASSERT(!callout_pending(&xfer->ux_callout)); 1981 KASSERT(!usb_task_pending(xfer->ux_pipe->up_dev, &xfer->ux_aborttask)); 1982 1983 KASSERT(bus->ub_usepolling || mutex_owned(bus->ub_lock)); 1984} 1985