search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
inet: frag: enforce memory limits earlier
[linux/fpc-iii.git] / drivers / usb / usbip / vudc_transfer.c
blobbc0296d937d0f628c16a04a544b14321a281af8c
1 /*
2 * Copyright (C) 2015 Karol Kosik <karo9@interia.eu>
3 * Copyright (C) 2015-2016 Samsung Electronics
4 * Igor Kotrasinski <i.kotrasinsk@samsung.com>
5 *
6 * Based on dummy_hcd.c, which is:
7 * Copyright (C) 2003 David Brownell
8 * Copyright (C) 2003-2005 Alan Stern
9 *
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
14 *
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU General Public License for more details.
19 *
20 * You should have received a copy of the GNU General Public License
21 * along with this program. If not, see <http://www.gnu.org/licenses/>.
22 */
23
24 #include <linux/usb.h>
25 #include <linux/timer.h>
26 #include <linux/usb/ch9.h>
27
28 #include "vudc.h"
29
30 #define DEV_REQUEST (USB_TYPE_STANDARD | USB_RECIP_DEVICE)
31 #define DEV_INREQUEST (DEV_REQUEST | USB_DIR_IN)
32 #define INTF_REQUEST (USB_TYPE_STANDARD | USB_RECIP_INTERFACE)
33 #define INTF_INREQUEST (INTF_REQUEST | USB_DIR_IN)
34 #define EP_REQUEST (USB_TYPE_STANDARD | USB_RECIP_ENDPOINT)
35 #define EP_INREQUEST (EP_REQUEST | USB_DIR_IN)
36
37 static int get_frame_limit(enum usb_device_speed speed)
38 {
39 switch (speed) {
40 case USB_SPEED_LOW:
41 return 8 /*bytes*/ * 12 /*packets*/;
42 case USB_SPEED_FULL:
43 return 64 /*bytes*/ * 19 /*packets*/;
44 case USB_SPEED_HIGH:
45 return 512 /*bytes*/ * 13 /*packets*/ * 8 /*uframes*/;
46 case USB_SPEED_SUPER:
47 /* Bus speed is 500000 bytes/ms, so use a little less */
48 return 490000;
49 default:
50 /* error */
51 return -1;
52 }
53
54 }
55
56 /*
57 * handle_control_request() - handles all control transfers
58 * @udc: pointer to vudc
59 * @urb: the urb request to handle
60 * @setup: pointer to the setup data for a USB device control
61 * request
62 * @status: pointer to request handling status
63 *
64 * Return 0 - if the request was handled
65 * 1 - if the request wasn't handles
66 * error code on error
67 *
68 * Adapted from drivers/usb/gadget/udc/dummy_hcd.c
69 */
70 static int handle_control_request(struct vudc *udc, struct urb *urb,
71 struct usb_ctrlrequest *setup,
72 int *status)
73 {
74 struct vep *ep2;
75 int ret_val = 1;
76 unsigned w_index;
77 unsigned w_value;
78
79 w_index = le16_to_cpu(setup->wIndex);
80 w_value = le16_to_cpu(setup->wValue);
81 switch (setup->bRequest) {
82 case USB_REQ_SET_ADDRESS:
83 if (setup->bRequestType != DEV_REQUEST)
84 break;
85 udc->address = w_value;
86 ret_val = 0;
87 *status = 0;
88 break;
89 case USB_REQ_SET_FEATURE:
90 if (setup->bRequestType == DEV_REQUEST) {
91 ret_val = 0;
92 switch (w_value) {
93 case USB_DEVICE_REMOTE_WAKEUP:
94 break;
95 case USB_DEVICE_B_HNP_ENABLE:
96 udc->gadget.b_hnp_enable = 1;
97 break;
98 case USB_DEVICE_A_HNP_SUPPORT:
99 udc->gadget.a_hnp_support = 1;
100 break;
101 case USB_DEVICE_A_ALT_HNP_SUPPORT:
102 udc->gadget.a_alt_hnp_support = 1;
103 break;
104 default:
105 ret_val = -EOPNOTSUPP;
106 }
107 if (ret_val == 0) {
108 udc->devstatus |= (1 << w_value);
109 *status = 0;
110 }
111 } else if (setup->bRequestType == EP_REQUEST) {
112 /* endpoint halt */
113 ep2 = vudc_find_endpoint(udc, w_index);
114 if (!ep2 || ep2->ep.name == udc->ep[0].ep.name) {
115 ret_val = -EOPNOTSUPP;
116 break;
117 }
118 ep2->halted = 1;
119 ret_val = 0;
120 *status = 0;
121 }
122 break;
123 case USB_REQ_CLEAR_FEATURE:
124 if (setup->bRequestType == DEV_REQUEST) {
125 ret_val = 0;
126 switch (w_value) {
127 case USB_DEVICE_REMOTE_WAKEUP:
128 w_value = USB_DEVICE_REMOTE_WAKEUP;
129 break;
130
131 case USB_DEVICE_U1_ENABLE:
132 case USB_DEVICE_U2_ENABLE:
133 case USB_DEVICE_LTM_ENABLE:
134 ret_val = -EOPNOTSUPP;
135 break;
136 default:
137 ret_val = -EOPNOTSUPP;
138 break;
139 }
140 if (ret_val == 0) {
141 udc->devstatus &= ~(1 << w_value);
142 *status = 0;
143 }
144 } else if (setup->bRequestType == EP_REQUEST) {
145 /* endpoint halt */
146 ep2 = vudc_find_endpoint(udc, w_index);
147 if (!ep2) {
148 ret_val = -EOPNOTSUPP;
149 break;
150 }
151 if (!ep2->wedged)
152 ep2->halted = 0;
153 ret_val = 0;
154 *status = 0;
155 }
156 break;
157 case USB_REQ_GET_STATUS:
158 if (setup->bRequestType == DEV_INREQUEST
159 || setup->bRequestType == INTF_INREQUEST
160 || setup->bRequestType == EP_INREQUEST) {
161 char *buf;
162 /*
163 * device: remote wakeup, selfpowered
164 * interface: nothing
165 * endpoint: halt
166 */
167 buf = (char *)urb->transfer_buffer;
168 if (urb->transfer_buffer_length > 0) {
169 if (setup->bRequestType == EP_INREQUEST) {
170 ep2 = vudc_find_endpoint(udc, w_index);
171 if (!ep2) {
172 ret_val = -EOPNOTSUPP;
173 break;
174 }
175 buf[0] = ep2->halted;
176 } else if (setup->bRequestType ==
177 DEV_INREQUEST) {
178 buf[0] = (u8)udc->devstatus;
179 } else
180 buf[0] = 0;
181 }
182 if (urb->transfer_buffer_length > 1)
183 buf[1] = 0;
184 urb->actual_length = min_t(u32, 2,
185 urb->transfer_buffer_length);
186 ret_val = 0;
187 *status = 0;
188 }
189 break;
190 }
191 return ret_val;
192 }
193
194 /* Adapted from dummy_hcd.c ; caller must hold lock */
195 static int transfer(struct vudc *udc,
196 struct urb *urb, struct vep *ep, int limit)
197 {
198 struct vrequest *req;
199 int sent = 0;
200 top:
201 /* if there's no request queued, the device is NAKing; return */
202 list_for_each_entry(req, &ep->req_queue, req_entry) {
203 unsigned host_len, dev_len, len;
204 void *ubuf_pos, *rbuf_pos;
205 int is_short, to_host;
206 int rescan = 0;
207
208 /*
209 * 1..N packets of ep->ep.maxpacket each ... the last one
210 * may be short (including zero length).
211 *
212 * writer can send a zlp explicitly (length 0) or implicitly
213 * (length mod maxpacket zero, and 'zero' flag); they always
214 * terminate reads.
215 */
216 host_len = urb->transfer_buffer_length - urb->actual_length;
217 dev_len = req->req.length - req->req.actual;
218 len = min(host_len, dev_len);
219
220 to_host = usb_pipein(urb->pipe);
221 if (unlikely(len == 0))
222 is_short = 1;
223 else {
224 /* send multiple of maxpacket first, then remainder */
225 if (len >= ep->ep.maxpacket) {
226 is_short = 0;
227 if (len % ep->ep.maxpacket > 0)
228 rescan = 1;
229 len -= len % ep->ep.maxpacket;
230 } else {
231 is_short = 1;
232 }
233
234 ubuf_pos = urb->transfer_buffer + urb->actual_length;
235 rbuf_pos = req->req.buf + req->req.actual;
236
237 if (urb->pipe & USB_DIR_IN)
238 memcpy(ubuf_pos, rbuf_pos, len);
239 else
240 memcpy(rbuf_pos, ubuf_pos, len);
241
242 urb->actual_length += len;
243 req->req.actual += len;
244 sent += len;
245 }
246
247 /*
248 * short packets terminate, maybe with overflow/underflow.
249 * it's only really an error to write too much.
250 *
251 * partially filling a buffer optionally blocks queue advances
252 * (so completion handlers can clean up the queue) but we don't
253 * need to emulate such data-in-flight.
254 */
255 if (is_short) {
256 if (host_len == dev_len) {
257 req->req.status = 0;
258 urb->status = 0;
259 } else if (to_host) {
260 req->req.status = 0;
261 if (dev_len > host_len)
262 urb->status = -EOVERFLOW;
263 else
264 urb->status = 0;
265 } else {
266 urb->status = 0;
267 if (host_len > dev_len)
268 req->req.status = -EOVERFLOW;
269 else
270 req->req.status = 0;
271 }
272
273 /* many requests terminate without a short packet */
274 /* also check if we need to send zlp */
275 } else {
276 if (req->req.length == req->req.actual) {
277 if (req->req.zero && to_host)
278 rescan = 1;
279 else
280 req->req.status = 0;
281 }
282 if (urb->transfer_buffer_length == urb->actual_length) {
283 if (urb->transfer_flags & URB_ZERO_PACKET &&
284 !to_host)
285 rescan = 1;
286 else
287 urb->status = 0;
288 }
289 }
290
291 /* device side completion --> continuable */
292 if (req->req.status != -EINPROGRESS) {
293
294 list_del_init(&req->req_entry);
295 spin_unlock(&udc->lock);
296 usb_gadget_giveback_request(&ep->ep, &req->req);
297 spin_lock(&udc->lock);
298
299 /* requests might have been unlinked... */
300 rescan = 1;
301 }
302
303 /* host side completion --> terminate */
304 if (urb->status != -EINPROGRESS)
305 break;
306
307 /* rescan to continue with any other queued i/o */
308 if (rescan)
309 goto top;
310 }
311 return sent;
312 }
313
314 static void v_timer(unsigned long _vudc)
315 {
316 struct vudc *udc = (struct vudc *) _vudc;
317 struct transfer_timer *timer = &udc->tr_timer;
318 struct urbp *urb_p, *tmp;
319 unsigned long flags;
320 struct usb_ep *_ep;
321 struct vep *ep;
322 int ret = 0;
323 int total, limit;
324
325 spin_lock_irqsave(&udc->lock, flags);
326
327 total = get_frame_limit(udc->gadget.speed);
328 if (total < 0) { /* unknown speed, or not set yet */
329 timer->state = VUDC_TR_IDLE;
330 spin_unlock_irqrestore(&udc->lock, flags);
331 return;
332 }
333 /* is it next frame now? */
334 if (time_after(jiffies, timer->frame_start + msecs_to_jiffies(1))) {
335 timer->frame_limit = total;
336 /* FIXME: how to make it accurate? */
337 timer->frame_start = jiffies;
338 } else {
339 total = timer->frame_limit;
340 }
341
342 /* We have to clear ep0 flags separately as it's not on the list */
343 udc->ep[0].already_seen = 0;
344 list_for_each_entry(_ep, &udc->gadget.ep_list, ep_list) {
345 ep = to_vep(_ep);
346 ep->already_seen = 0;
347 }
348
349 restart:
350 list_for_each_entry_safe(urb_p, tmp, &udc->urb_queue, urb_entry) {
351 struct urb *urb = urb_p->urb;
352
353 ep = urb_p->ep;
354 if (urb->unlinked)
355 goto return_urb;
356 if (timer->state != VUDC_TR_RUNNING)
357 continue;
358
359 if (!ep) {
360 urb->status = -EPROTO;
361 goto return_urb;
362 }
363
364 /* Used up bandwidth? */
365 if (total <= 0 && ep->type == USB_ENDPOINT_XFER_BULK)
366 continue;
367
368 if (ep->already_seen)
369 continue;
370 ep->already_seen = 1;
371 if (ep == &udc->ep[0] && urb_p->new) {
372 ep->setup_stage = 1;
373 urb_p->new = 0;
374 }
375 if (ep->halted && !ep->setup_stage) {
376 urb->status = -EPIPE;
377 goto return_urb;
378 }
379
380 if (ep == &udc->ep[0] && ep->setup_stage) {
381 /* TODO - flush any stale requests */
382 ep->setup_stage = 0;
383 ep->halted = 0;
384
385 ret = handle_control_request(udc, urb,
386 (struct usb_ctrlrequest *) urb->setup_packet,
387 (&urb->status));
388 if (ret > 0) {
389 spin_unlock(&udc->lock);
390 ret = udc->driver->setup(&udc->gadget,
391 (struct usb_ctrlrequest *)
392 urb->setup_packet);
393 spin_lock(&udc->lock);
394 }
395 if (ret >= 0) {
396 /* no delays (max 64kb data stage) */
397 limit = 64 * 1024;
398 goto treat_control_like_bulk;
399 } else {
400 urb->status = -EPIPE;
401 urb->actual_length = 0;
402 goto return_urb;
403 }
404 }
405
406 limit = total;
407 switch (ep->type) {
408 case USB_ENDPOINT_XFER_ISOC:
409 /* TODO: support */
410 urb->status = -EXDEV;
411 break;
412
413 case USB_ENDPOINT_XFER_INT:
414 /*
415 * TODO: figure out bandwidth guarantees
416 * for now, give unlimited bandwidth
417 */
418 limit += urb->transfer_buffer_length;
419 /* fallthrough */
420 default:
421 treat_control_like_bulk:
422 total -= transfer(udc, urb, ep, limit);
423 }
424 if (urb->status == -EINPROGRESS)
425 continue;
426
427 return_urb:
428 if (ep)
429 ep->already_seen = ep->setup_stage = 0;
430
431 spin_lock(&udc->lock_tx);
432 list_del(&urb_p->urb_entry);
433 if (!urb->unlinked) {
434 v_enqueue_ret_submit(udc, urb_p);
435 } else {
436 v_enqueue_ret_unlink(udc, urb_p->seqnum,
437 urb->unlinked);
438 free_urbp_and_urb(urb_p);
439 }
440 wake_up(&udc->tx_waitq);
441 spin_unlock(&udc->lock_tx);
442
443 goto restart;
444 }
445
446 /* TODO - also wait on empty usb_request queues? */
447 if (list_empty(&udc->urb_queue))
448 timer->state = VUDC_TR_IDLE;
449 else
450 mod_timer(&timer->timer,
451 timer->frame_start + msecs_to_jiffies(1));
452
453 spin_unlock_irqrestore(&udc->lock, flags);
454 }
455
456 /* All timer functions are run with udc->lock held */
457
458 void v_init_timer(struct vudc *udc)
459 {
460 struct transfer_timer *t = &udc->tr_timer;
461
462 setup_timer(&t->timer, v_timer, (unsigned long) udc);
463 t->state = VUDC_TR_STOPPED;
464 }
465
466 void v_start_timer(struct vudc *udc)
467 {
468 struct transfer_timer *t = &udc->tr_timer;
469
470 dev_dbg(&udc->pdev->dev, "timer start");
471 switch (t->state) {
472 case VUDC_TR_RUNNING:
473 return;
474 case VUDC_TR_IDLE:
475 return v_kick_timer(udc, jiffies);
476 case VUDC_TR_STOPPED:
477 t->state = VUDC_TR_IDLE;
478 t->frame_start = jiffies;
479 t->frame_limit = get_frame_limit(udc->gadget.speed);
480 return v_kick_timer(udc, jiffies);
481 }
482 }
483
484 void v_kick_timer(struct vudc *udc, unsigned long time)
485 {
486 struct transfer_timer *t = &udc->tr_timer;
487
488 dev_dbg(&udc->pdev->dev, "timer kick");
489 switch (t->state) {
490 case VUDC_TR_RUNNING:
491 return;
492 case VUDC_TR_IDLE:
493 t->state = VUDC_TR_RUNNING;
494 /* fallthrough */
495 case VUDC_TR_STOPPED:
496 /* we may want to kick timer to unqueue urbs */
497 mod_timer(&t->timer, time);
498 }
499 }
500
501 void v_stop_timer(struct vudc *udc)
502 {
503 struct transfer_timer *t = &udc->tr_timer;
504
505 /* timer itself will take care of stopping */
506 dev_dbg(&udc->pdev->dev, "timer stop");
507 t->state = VUDC_TR_STOPPED;
508 }
Linux with added FPC-III support