1 /* $NetBSD: usbdi.c,v 1.220 2021/12/21 09:51:22 skrll Exp $ */ 2 3 /* 4 * Copyright (c) 1998, 2012, 2015 The NetBSD Foundation, Inc. 5 * All rights reserved. 6 * 7 * This code is derived from software contributed to The NetBSD Foundation 8 * by Lennart Augustsson (lennart@augustsson.net) at 9 * Carlstedt Research & Technology, Matthew R. Green (mrg@eterna.com.au), 10 * and Nick Hudson. 11 * 12 * Redistribution and use in source and binary forms, with or without 13 * modification, are permitted provided that the following conditions 14 * are met: 15 * 1. Redistributions of source code must retain the above copyright 16 * notice, this list of conditions and the following disclaimer. 17 * 2. Redistributions in binary form must reproduce the above copyright 18 * notice, this list of conditions and the following disclaimer in the 19 * documentation and/or other materials provided with the distribution. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 22 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 23 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 24 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 25 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 26 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 27 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 28 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 29 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 30 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 31 * POSSIBILITY OF SUCH DAMAGE. 32 */ 33 34 #include <sys/cdefs.h> 35 __KERNEL_RCSID(0, "$NetBSD: usbdi.c,v 1.220 2021/12/21 09:51:22 skrll Exp $"); 36 37 #ifdef _KERNEL_OPT 38 #include "opt_usb.h" 39 #include "opt_compat_netbsd.h" 40 #include "usb_dma.h" 41 #endif 42 43 #include <sys/param.h> 44 #include <sys/systm.h> 45 #include <sys/kernel.h> 46 #include <sys/device.h> 47 #include <sys/kmem.h> 48 #include <sys/proc.h> 49 #include <sys/bus.h> 50 #include <sys/cpu.h> 51 52 #include <dev/usb/usb.h> 53 #include <dev/usb/usbdi.h> 54 #include <dev/usb/usbdi_util.h> 55 #include <dev/usb/usbdivar.h> 56 #include <dev/usb/usb_mem.h> 57 #include <dev/usb/usb_quirks.h> 58 #include <dev/usb/usb_sdt.h> 59 #include <dev/usb/usbhist.h> 60 61 /* UTF-8 encoding stuff */ 62 #include <fs/unicode.h> 63 64 extern int usbdebug; 65 66 SDT_PROBE_DEFINE5(usb, device, pipe, open, 67 "struct usbd_interface *"/*iface*/, 68 "uint8_t"/*address*/, 69 "uint8_t"/*flags*/, 70 "int"/*ival*/, 71 "struct usbd_pipe *"/*pipe*/); 72 73 SDT_PROBE_DEFINE7(usb, device, pipe, open__intr, 74 "struct usbd_interface *"/*iface*/, 75 "uint8_t"/*address*/, 76 "uint8_t"/*flags*/, 77 "int"/*ival*/, 78 "usbd_callback"/*cb*/, 79 "void *"/*cookie*/, 80 "struct usbd_pipe *"/*pipe*/); 81 82 SDT_PROBE_DEFINE2(usb, device, pipe, transfer__start, 83 "struct usbd_pipe *"/*pipe*/, 84 "struct usbd_xfer *"/*xfer*/); 85 SDT_PROBE_DEFINE3(usb, device, pipe, transfer__done, 86 "struct usbd_pipe *"/*pipe*/, 87 "struct usbd_xfer *"/*xfer*/, 88 "usbd_status"/*err*/); 89 SDT_PROBE_DEFINE2(usb, device, pipe, start, 90 "struct usbd_pipe *"/*pipe*/, 91 "struct usbd_xfer *"/*xfer*/); 92 93 SDT_PROBE_DEFINE1(usb, device, pipe, close, "struct usbd_pipe *"/*pipe*/); 94 SDT_PROBE_DEFINE1(usb, device, pipe, abort__start, 95 "struct usbd_pipe *"/*pipe*/); 96 SDT_PROBE_DEFINE1(usb, device, pipe, abort__done, 97 "struct usbd_pipe *"/*pipe*/); 98 SDT_PROBE_DEFINE1(usb, device, pipe, clear__endpoint__stall, 99 "struct usbd_pipe *"/*pipe*/); 100 SDT_PROBE_DEFINE1(usb, device, pipe, clear__endpoint__toggle, 101 "struct usbd_pipe *"/*pipe*/); 102 103 SDT_PROBE_DEFINE5(usb, device, xfer, create, 104 "struct usbd_xfer *"/*xfer*/, 105 "struct usbd_pipe *"/*pipe*/, 106 "size_t"/*len*/, 107 "unsigned int"/*flags*/, 108 "unsigned int"/*nframes*/); 109 SDT_PROBE_DEFINE1(usb, device, xfer, start, "struct usbd_xfer *"/*xfer*/); 110 SDT_PROBE_DEFINE1(usb, device, xfer, preabort, "struct usbd_xfer *"/*xfer*/); 111 SDT_PROBE_DEFINE1(usb, device, xfer, abort, "struct usbd_xfer *"/*xfer*/); 112 SDT_PROBE_DEFINE1(usb, device, xfer, timeout, "struct usbd_xfer *"/*xfer*/); 113 SDT_PROBE_DEFINE2(usb, device, xfer, done, 114 "struct usbd_xfer *"/*xfer*/, 115 "usbd_status"/*status*/); 116 SDT_PROBE_DEFINE1(usb, device, xfer, destroy, "struct usbd_xfer *"/*xfer*/); 117 118 Static usbd_status usbd_ar_pipe(struct usbd_pipe *); 119 Static void usbd_start_next(struct usbd_pipe *); 120 Static usbd_status usbd_open_pipe_ival 121 (struct usbd_interface *, uint8_t, uint8_t, struct usbd_pipe **, int); 122 static void *usbd_alloc_buffer(struct usbd_xfer *, uint32_t); 123 static void usbd_free_buffer(struct usbd_xfer *); 124 static struct usbd_xfer *usbd_alloc_xfer(struct usbd_device *, unsigned int); 125 static usbd_status usbd_free_xfer(struct usbd_xfer *); 126 static void usbd_request_async_cb(struct usbd_xfer *, void *, usbd_status); 127 static void usbd_xfer_timeout(void *); 128 static void usbd_xfer_timeout_task(void *); 129 static bool usbd_xfer_probe_timeout(struct usbd_xfer *); 130 static void usbd_xfer_cancel_timeout_async(struct usbd_xfer *); 131 132 #if defined(USB_DEBUG) 133 void 134 usbd_dump_iface(struct usbd_interface *iface) 135 { 136 USBHIST_FUNC(); 137 USBHIST_CALLARGS(usbdebug, "iface %#jx", (uintptr_t)iface, 0, 0, 0); 138 139 if (iface == NULL) 140 return; 141 USBHIST_LOG(usbdebug, " device = %#jx idesc = %#jx index = %jd", 142 (uintptr_t)iface->ui_dev, (uintptr_t)iface->ui_idesc, 143 iface->ui_index, 0); 144 USBHIST_LOG(usbdebug, " altindex=%jd", 145 iface->ui_altindex, 0, 0, 0); 146 } 147 148 void 149 usbd_dump_device(struct usbd_device *dev) 150 { 151 USBHIST_FUNC(); 152 USBHIST_CALLARGS(usbdebug, "dev = %#jx", (uintptr_t)dev, 0, 0, 0); 153 154 if (dev == NULL) 155 return; 156 USBHIST_LOG(usbdebug, " bus = %#jx default_pipe = %#jx", 157 (uintptr_t)dev->ud_bus, (uintptr_t)dev->ud_pipe0, 0, 0); 158 USBHIST_LOG(usbdebug, " address = %jd config = %jd depth = %jd ", 159 dev->ud_addr, dev->ud_config, dev->ud_depth, 0); 160 USBHIST_LOG(usbdebug, " speed = %jd self_powered = %jd " 161 "power = %jd langid = %jd", 162 dev->ud_speed, dev->ud_selfpowered, dev->ud_power, dev->ud_langid); 163 } 164 165 void 166 usbd_dump_endpoint(struct usbd_endpoint *endp) 167 { 168 USBHIST_FUNC(); 169 USBHIST_CALLARGS(usbdebug, "endp = %#jx", (uintptr_t)endp, 0, 0, 0); 170 171 if (endp == NULL) 172 return; 173 USBHIST_LOG(usbdebug, " edesc = %#jx refcnt = %jd", 174 (uintptr_t)endp->ue_edesc, endp->ue_refcnt, 0, 0); 175 if (endp->ue_edesc) 176 USBHIST_LOG(usbdebug, " bEndpointAddress=0x%02jx", 177 endp->ue_edesc->bEndpointAddress, 0, 0, 0); 178 } 179 180 void 181 usbd_dump_queue(struct usbd_pipe *pipe) 182 { 183 struct usbd_xfer *xfer; 184 185 USBHIST_FUNC(); 186 USBHIST_CALLARGS(usbdebug, "pipe = %#jx", (uintptr_t)pipe, 0, 0, 0); 187 188 SIMPLEQ_FOREACH(xfer, &pipe->up_queue, ux_next) { 189 USBHIST_LOG(usbdebug, " xfer = %#jx", (uintptr_t)xfer, 190 0, 0, 0); 191 } 192 } 193 194 void 195 usbd_dump_pipe(struct usbd_pipe *pipe) 196 { 197 USBHIST_FUNC(); 198 USBHIST_CALLARGS(usbdebug, "pipe = %#jx", (uintptr_t)pipe, 0, 0, 0); 199 200 if (pipe == NULL) 201 return; 202 usbd_dump_iface(pipe->up_iface); 203 usbd_dump_device(pipe->up_dev); 204 usbd_dump_endpoint(pipe->up_endpoint); 205 USBHIST_LOG(usbdebug, "(usbd_dump_pipe)", 0, 0, 0, 0); 206 USBHIST_LOG(usbdebug, " running = %jd aborting = %jd", 207 pipe->up_running, pipe->up_aborting, 0, 0); 208 USBHIST_LOG(usbdebug, " intrxfer = %#jx, repeat = %jd, " 209 "interval = %jd", (uintptr_t)pipe->up_intrxfer, pipe->up_repeat, 210 pipe->up_interval, 0); 211 } 212 #endif 213 214 usbd_status 215 usbd_open_pipe(struct usbd_interface *iface, uint8_t address, 216 uint8_t flags, struct usbd_pipe **pipe) 217 { 218 return (usbd_open_pipe_ival(iface, address, flags, pipe, 219 USBD_DEFAULT_INTERVAL)); 220 } 221 222 usbd_status 223 usbd_open_pipe_ival(struct usbd_interface *iface, uint8_t address, 224 uint8_t flags, struct usbd_pipe **pipe, int ival) 225 { 226 struct usbd_pipe *p = NULL; 227 struct usbd_endpoint *ep = NULL /* XXXGCC */; 228 bool piperef = false; 229 usbd_status err; 230 int i; 231 232 USBHIST_FUNC(); 233 USBHIST_CALLARGS(usbdebug, "iface = %#jx address = %#jx flags = %#jx", 234 (uintptr_t)iface, address, flags, 0); 235 236 /* 237 * Block usbd_set_interface so we have a snapshot of the 238 * interface endpoints. They will remain stable until we drop 239 * the reference in usbd_close_pipe (or on failure here). 240 */ 241 err = usbd_iface_piperef(iface); 242 if (err) 243 goto out; 244 piperef = true; 245 246 /* Find the endpoint at this address. */ 247 for (i = 0; i < iface->ui_idesc->bNumEndpoints; i++) { 248 ep = &iface->ui_endpoints[i]; 249 if (ep->ue_edesc == NULL) { 250 err = USBD_IOERROR; 251 goto out; 252 } 253 if (ep->ue_edesc->bEndpointAddress == address) 254 break; 255 } 256 if (i == iface->ui_idesc->bNumEndpoints) { 257 err = USBD_BAD_ADDRESS; 258 goto out; 259 } 260 261 /* Set up the pipe with this endpoint. */ 262 err = usbd_setup_pipe_flags(iface->ui_dev, iface, ep, ival, &p, flags); 263 if (err) 264 goto out; 265 266 /* Success! */ 267 *pipe = p; 268 p = NULL; /* handed off to caller */ 269 piperef = false; /* handed off to pipe */ 270 SDT_PROBE5(usb, device, pipe, open, 271 iface, address, flags, ival, p); 272 err = USBD_NORMAL_COMPLETION; 273 274 out: if (p) 275 usbd_close_pipe(p); 276 if (piperef) 277 usbd_iface_pipeunref(iface); 278 return err; 279 } 280 281 usbd_status 282 usbd_open_pipe_intr(struct usbd_interface *iface, uint8_t address, 283 uint8_t flags, struct usbd_pipe **pipe, 284 void *priv, void *buffer, uint32_t len, 285 usbd_callback cb, int ival) 286 { 287 usbd_status err; 288 struct usbd_xfer *xfer; 289 struct usbd_pipe *ipipe; 290 291 USBHIST_FUNC(); 292 USBHIST_CALLARGS(usbdebug, "address = %#jx flags = %#jx len = %jd", 293 address, flags, len, 0); 294 295 err = usbd_open_pipe_ival(iface, address, 296 USBD_EXCLUSIVE_USE | (flags & USBD_MPSAFE), 297 &ipipe, ival); 298 if (err) 299 return err; 300 err = usbd_create_xfer(ipipe, len, flags, 0, &xfer); 301 if (err) 302 goto bad1; 303 304 usbd_setup_xfer(xfer, priv, buffer, len, flags, USBD_NO_TIMEOUT, cb); 305 ipipe->up_intrxfer = xfer; 306 ipipe->up_repeat = 1; 307 err = usbd_transfer(xfer); 308 *pipe = ipipe; 309 if (err != USBD_IN_PROGRESS) 310 goto bad3; 311 SDT_PROBE7(usb, device, pipe, open__intr, 312 iface, address, flags, ival, cb, priv, ipipe); 313 return USBD_NORMAL_COMPLETION; 314 315 bad3: 316 ipipe->up_intrxfer = NULL; 317 ipipe->up_repeat = 0; 318 319 usbd_destroy_xfer(xfer); 320 bad1: 321 usbd_close_pipe(ipipe); 322 return err; 323 } 324 325 usbd_status 326 usbd_close_pipe(struct usbd_pipe *pipe) 327 { 328 USBHIST_FUNC(); USBHIST_CALLED(usbdebug); 329 330 KASSERT(pipe != NULL); 331 332 usbd_lock_pipe(pipe); 333 SDT_PROBE1(usb, device, pipe, close, pipe); 334 if (!SIMPLEQ_EMPTY(&pipe->up_queue)) { 335 printf("WARNING: pipe closed with active xfers on addr %d\n", 336 pipe->up_dev->ud_addr); 337 usbd_ar_pipe(pipe); 338 } 339 KASSERT(SIMPLEQ_EMPTY(&pipe->up_queue)); 340 pipe->up_methods->upm_close(pipe); 341 usbd_unlock_pipe(pipe); 342 343 cv_destroy(&pipe->up_callingcv); 344 if (pipe->up_intrxfer) 345 usbd_destroy_xfer(pipe->up_intrxfer); 346 usb_rem_task_wait(pipe->up_dev, &pipe->up_async_task, USB_TASKQ_DRIVER, 347 NULL); 348 usbd_endpoint_release(pipe->up_dev, pipe->up_endpoint); 349 if (pipe->up_iface) 350 usbd_iface_pipeunref(pipe->up_iface); 351 kmem_free(pipe, pipe->up_dev->ud_bus->ub_pipesize); 352 353 return USBD_NORMAL_COMPLETION; 354 } 355 356 usbd_status 357 usbd_transfer(struct usbd_xfer *xfer) 358 { 359 struct usbd_pipe *pipe = xfer->ux_pipe; 360 usbd_status err; 361 unsigned int size, flags; 362 363 USBHIST_FUNC(); USBHIST_CALLARGS(usbdebug, 364 "xfer = %#jx, flags = %#jx, pipe = %#jx, running = %jd", 365 (uintptr_t)xfer, xfer->ux_flags, (uintptr_t)pipe, pipe->up_running); 366 KASSERT(xfer->ux_status == USBD_NOT_STARTED); 367 SDT_PROBE1(usb, device, xfer, start, xfer); 368 369 #ifdef USB_DEBUG 370 if (usbdebug > 5) 371 usbd_dump_queue(pipe); 372 #endif 373 xfer->ux_done = 0; 374 375 if (pipe->up_aborting) { 376 USBHIST_LOG(usbdebug, "<- done xfer %#jx, aborting", 377 (uintptr_t)xfer, 0, 0, 0); 378 SDT_PROBE2(usb, device, xfer, done, xfer, USBD_CANCELLED); 379 return USBD_CANCELLED; 380 } 381 382 KASSERT(xfer->ux_length == 0 || xfer->ux_buf != NULL); 383 384 size = xfer->ux_length; 385 flags = xfer->ux_flags; 386 387 if (size != 0) { 388 /* 389 * Use the xfer buffer if none specified in transfer setup. 390 * isoc transfers always use the xfer buffer, i.e. 391 * ux_buffer is always NULL for isoc. 392 */ 393 if (xfer->ux_buffer == NULL) { 394 xfer->ux_buffer = xfer->ux_buf; 395 } 396 397 /* 398 * If not using the xfer buffer copy data to the 399 * xfer buffer for OUT transfers of >0 length 400 */ 401 if (xfer->ux_buffer != xfer->ux_buf) { 402 KASSERT(xfer->ux_buf); 403 if (!usbd_xfer_isread(xfer)) { 404 memcpy(xfer->ux_buf, xfer->ux_buffer, size); 405 } 406 } 407 } 408 409 /* xfer is not valid after the transfer method unless synchronous */ 410 SDT_PROBE2(usb, device, pipe, transfer__start, pipe, xfer); 411 err = pipe->up_methods->upm_transfer(xfer); 412 SDT_PROBE3(usb, device, pipe, transfer__done, pipe, xfer, err); 413 414 if (err != USBD_IN_PROGRESS && err) { 415 /* 416 * The transfer made it onto the pipe queue, but didn't get 417 * accepted by the HCD for some reason. It needs removing 418 * from the pipe queue. 419 */ 420 USBHIST_LOG(usbdebug, "xfer failed: %jd, reinserting", 421 err, 0, 0, 0); 422 usbd_lock_pipe(pipe); 423 SDT_PROBE1(usb, device, xfer, preabort, xfer); 424 #ifdef DIAGNOSTIC 425 xfer->ux_state = XFER_BUSY; 426 #endif 427 SIMPLEQ_REMOVE_HEAD(&pipe->up_queue, ux_next); 428 if (pipe->up_serialise) 429 usbd_start_next(pipe); 430 usbd_unlock_pipe(pipe); 431 } 432 433 if (!(flags & USBD_SYNCHRONOUS)) { 434 USBHIST_LOG(usbdebug, "<- done xfer %#jx, not sync (err %jd)", 435 (uintptr_t)xfer, err, 0, 0); 436 if (err != USBD_IN_PROGRESS) /* XXX Possible? */ 437 SDT_PROBE2(usb, device, xfer, done, xfer, err); 438 return err; 439 } 440 441 if (err != USBD_IN_PROGRESS) { 442 USBHIST_LOG(usbdebug, "<- done xfer %#jx, sync (err %jd)", 443 (uintptr_t)xfer, err, 0, 0); 444 SDT_PROBE2(usb, device, xfer, done, xfer, err); 445 return err; 446 } 447 448 /* Sync transfer, wait for completion. */ 449 usbd_lock_pipe(pipe); 450 while (!xfer->ux_done) { 451 if (pipe->up_dev->ud_bus->ub_usepolling) 452 panic("usbd_transfer: not done"); 453 USBHIST_LOG(usbdebug, "<- sleeping on xfer %#jx", 454 (uintptr_t)xfer, 0, 0, 0); 455 456 err = 0; 457 if ((flags & USBD_SYNCHRONOUS_SIG) != 0) { 458 err = cv_wait_sig(&xfer->ux_cv, pipe->up_dev->ud_bus->ub_lock); 459 } else { 460 cv_wait(&xfer->ux_cv, pipe->up_dev->ud_bus->ub_lock); 461 } 462 if (err) { 463 if (!xfer->ux_done) { 464 SDT_PROBE1(usb, device, xfer, abort, xfer); 465 pipe->up_methods->upm_abort(xfer); 466 } 467 break; 468 } 469 } 470 SDT_PROBE2(usb, device, xfer, done, xfer, xfer->ux_status); 471 /* XXX Race to read xfer->ux_status? */ 472 usbd_unlock_pipe(pipe); 473 return xfer->ux_status; 474 } 475 476 /* Like usbd_transfer(), but waits for completion. */ 477 usbd_status 478 usbd_sync_transfer(struct usbd_xfer *xfer) 479 { 480 xfer->ux_flags |= USBD_SYNCHRONOUS; 481 return usbd_transfer(xfer); 482 } 483 484 /* Like usbd_transfer(), but waits for completion and listens for signals. */ 485 usbd_status 486 usbd_sync_transfer_sig(struct usbd_xfer *xfer) 487 { 488 xfer->ux_flags |= USBD_SYNCHRONOUS | USBD_SYNCHRONOUS_SIG; 489 return usbd_transfer(xfer); 490 } 491 492 static void * 493 usbd_alloc_buffer(struct usbd_xfer *xfer, uint32_t size) 494 { 495 KASSERT(xfer->ux_buf == NULL); 496 KASSERT(size != 0); 497 498 xfer->ux_bufsize = 0; 499 #if NUSB_DMA > 0 500 struct usbd_bus *bus = xfer->ux_bus; 501 502 if (bus->ub_usedma) { 503 usb_dma_t *dmap = &xfer->ux_dmabuf; 504 505 KASSERT((bus->ub_dmaflags & USBMALLOC_COHERENT) == 0); 506 int err = usb_allocmem(bus->ub_dmatag, size, 0, bus->ub_dmaflags, dmap); 507 if (err) { 508 return NULL; 509 } 510 xfer->ux_buf = KERNADDR(&xfer->ux_dmabuf, 0); 511 xfer->ux_bufsize = size; 512 513 return xfer->ux_buf; 514 } 515 #endif 516 KASSERT(xfer->ux_bus->ub_usedma == false); 517 xfer->ux_buf = kmem_alloc(size, KM_SLEEP); 518 xfer->ux_bufsize = size; 519 return xfer->ux_buf; 520 } 521 522 static void 523 usbd_free_buffer(struct usbd_xfer *xfer) 524 { 525 KASSERT(xfer->ux_buf != NULL); 526 KASSERT(xfer->ux_bufsize != 0); 527 528 void *buf = xfer->ux_buf; 529 uint32_t size = xfer->ux_bufsize; 530 531 xfer->ux_buf = NULL; 532 xfer->ux_bufsize = 0; 533 534 #if NUSB_DMA > 0 535 struct usbd_bus *bus = xfer->ux_bus; 536 537 if (bus->ub_usedma) { 538 usb_dma_t *dmap = &xfer->ux_dmabuf; 539 540 usb_freemem(dmap); 541 return; 542 } 543 #endif 544 KASSERT(xfer->ux_bus->ub_usedma == false); 545 546 kmem_free(buf, size); 547 } 548 549 void * 550 usbd_get_buffer(struct usbd_xfer *xfer) 551 { 552 return xfer->ux_buf; 553 } 554 555 struct usbd_pipe * 556 usbd_get_pipe0(struct usbd_device *dev) 557 { 558 559 return dev->ud_pipe0; 560 } 561 562 static struct usbd_xfer * 563 usbd_alloc_xfer(struct usbd_device *dev, unsigned int nframes) 564 { 565 struct usbd_xfer *xfer; 566 567 USBHIST_FUNC(); 568 569 ASSERT_SLEEPABLE(); 570 571 xfer = dev->ud_bus->ub_methods->ubm_allocx(dev->ud_bus, nframes); 572 if (xfer == NULL) 573 goto out; 574 xfer->ux_bus = dev->ud_bus; 575 callout_init(&xfer->ux_callout, CALLOUT_MPSAFE); 576 callout_setfunc(&xfer->ux_callout, usbd_xfer_timeout, xfer); 577 cv_init(&xfer->ux_cv, "usbxfer"); 578 usb_init_task(&xfer->ux_aborttask, usbd_xfer_timeout_task, xfer, 579 USB_TASKQ_MPSAFE); 580 581 out: 582 USBHIST_CALLARGS(usbdebug, "returns %#jx", (uintptr_t)xfer, 0, 0, 0); 583 584 return xfer; 585 } 586 587 static usbd_status 588 usbd_free_xfer(struct usbd_xfer *xfer) 589 { 590 USBHIST_FUNC(); 591 USBHIST_CALLARGS(usbdebug, "%#jx", (uintptr_t)xfer, 0, 0, 0); 592 593 if (xfer->ux_buf) { 594 usbd_free_buffer(xfer); 595 } 596 597 /* Wait for any straggling timeout to complete. */ 598 mutex_enter(xfer->ux_bus->ub_lock); 599 xfer->ux_timeout_reset = false; /* do not resuscitate */ 600 callout_halt(&xfer->ux_callout, xfer->ux_bus->ub_lock); 601 usb_rem_task_wait(xfer->ux_pipe->up_dev, &xfer->ux_aborttask, 602 USB_TASKQ_HC, xfer->ux_bus->ub_lock); 603 mutex_exit(xfer->ux_bus->ub_lock); 604 605 cv_destroy(&xfer->ux_cv); 606 xfer->ux_bus->ub_methods->ubm_freex(xfer->ux_bus, xfer); 607 return USBD_NORMAL_COMPLETION; 608 } 609 610 int 611 usbd_create_xfer(struct usbd_pipe *pipe, size_t len, unsigned int flags, 612 unsigned int nframes, struct usbd_xfer **xp) 613 { 614 KASSERT(xp != NULL); 615 void *buf = NULL; 616 617 struct usbd_xfer *xfer = usbd_alloc_xfer(pipe->up_dev, nframes); 618 if (xfer == NULL) 619 return ENOMEM; 620 621 xfer->ux_pipe = pipe; 622 xfer->ux_flags = flags; 623 xfer->ux_nframes = nframes; 624 xfer->ux_methods = pipe->up_methods; 625 626 if (len) { 627 buf = usbd_alloc_buffer(xfer, len); 628 if (!buf) { 629 usbd_free_xfer(xfer); 630 return ENOMEM; 631 } 632 } 633 634 if (xfer->ux_methods->upm_init) { 635 int err = xfer->ux_methods->upm_init(xfer); 636 if (err) { 637 usbd_free_xfer(xfer); 638 return err; 639 } 640 } 641 642 *xp = xfer; 643 SDT_PROBE5(usb, device, xfer, create, 644 xfer, pipe, len, flags, nframes); 645 return 0; 646 } 647 648 void 649 usbd_destroy_xfer(struct usbd_xfer *xfer) 650 { 651 652 SDT_PROBE1(usb, device, xfer, destroy, xfer); 653 if (xfer->ux_methods->upm_fini) 654 xfer->ux_methods->upm_fini(xfer); 655 656 usbd_free_xfer(xfer); 657 } 658 659 void 660 usbd_setup_xfer(struct usbd_xfer *xfer, void *priv, void *buffer, 661 uint32_t length, uint16_t flags, uint32_t timeout, usbd_callback callback) 662 { 663 KASSERT(xfer->ux_pipe); 664 665 xfer->ux_priv = priv; 666 xfer->ux_buffer = buffer; 667 xfer->ux_length = length; 668 xfer->ux_actlen = 0; 669 xfer->ux_flags = flags; 670 xfer->ux_timeout = timeout; 671 xfer->ux_status = USBD_NOT_STARTED; 672 xfer->ux_callback = callback; 673 xfer->ux_rqflags &= ~URQ_REQUEST; 674 xfer->ux_nframes = 0; 675 } 676 677 void 678 usbd_setup_default_xfer(struct usbd_xfer *xfer, struct usbd_device *dev, 679 void *priv, uint32_t timeout, usb_device_request_t *req, void *buffer, 680 uint32_t length, uint16_t flags, usbd_callback callback) 681 { 682 KASSERT(xfer->ux_pipe == dev->ud_pipe0); 683 684 xfer->ux_priv = priv; 685 xfer->ux_buffer = buffer; 686 xfer->ux_length = length; 687 xfer->ux_actlen = 0; 688 xfer->ux_flags = flags; 689 xfer->ux_timeout = timeout; 690 xfer->ux_status = USBD_NOT_STARTED; 691 xfer->ux_callback = callback; 692 xfer->ux_request = *req; 693 xfer->ux_rqflags |= URQ_REQUEST; 694 xfer->ux_nframes = 0; 695 } 696 697 void 698 usbd_setup_isoc_xfer(struct usbd_xfer *xfer, void *priv, uint16_t *frlengths, 699 uint32_t nframes, uint16_t flags, usbd_callback callback) 700 { 701 xfer->ux_priv = priv; 702 xfer->ux_buffer = NULL; 703 xfer->ux_length = 0; 704 xfer->ux_actlen = 0; 705 xfer->ux_flags = flags; 706 xfer->ux_timeout = USBD_NO_TIMEOUT; 707 xfer->ux_status = USBD_NOT_STARTED; 708 xfer->ux_callback = callback; 709 xfer->ux_rqflags &= ~URQ_REQUEST; 710 xfer->ux_frlengths = frlengths; 711 xfer->ux_nframes = nframes; 712 713 for (size_t i = 0; i < xfer->ux_nframes; i++) 714 xfer->ux_length += xfer->ux_frlengths[i]; 715 } 716 717 void 718 usbd_get_xfer_status(struct usbd_xfer *xfer, void **priv, 719 void **buffer, uint32_t *count, usbd_status *status) 720 { 721 if (priv != NULL) 722 *priv = xfer->ux_priv; 723 if (buffer != NULL) 724 *buffer = xfer->ux_buffer; 725 if (count != NULL) 726 *count = xfer->ux_actlen; 727 if (status != NULL) 728 *status = xfer->ux_status; 729 } 730 731 usb_config_descriptor_t * 732 usbd_get_config_descriptor(struct usbd_device *dev) 733 { 734 KASSERT(dev != NULL); 735 736 return dev->ud_cdesc; 737 } 738 739 usb_interface_descriptor_t * 740 usbd_get_interface_descriptor(struct usbd_interface *iface) 741 { 742 KASSERT(iface != NULL); 743 744 return iface->ui_idesc; 745 } 746 747 usb_device_descriptor_t * 748 usbd_get_device_descriptor(struct usbd_device *dev) 749 { 750 KASSERT(dev != NULL); 751 752 return &dev->ud_ddesc; 753 } 754 755 usb_endpoint_descriptor_t * 756 usbd_interface2endpoint_descriptor(struct usbd_interface *iface, uint8_t index) 757 { 758 759 if (index >= iface->ui_idesc->bNumEndpoints) 760 return NULL; 761 return iface->ui_endpoints[index].ue_edesc; 762 } 763 764 /* Some drivers may wish to abort requests on the default pipe, * 765 * but there is no mechanism for getting a handle on it. */ 766 usbd_status 767 usbd_abort_default_pipe(struct usbd_device *device) 768 { 769 return usbd_abort_pipe(device->ud_pipe0); 770 } 771 772 usbd_status 773 usbd_abort_pipe(struct usbd_pipe *pipe) 774 { 775 usbd_status err; 776 777 KASSERT(pipe != NULL); 778 779 usbd_lock_pipe(pipe); 780 err = usbd_ar_pipe(pipe); 781 usbd_unlock_pipe(pipe); 782 return err; 783 } 784 785 usbd_status 786 usbd_clear_endpoint_stall(struct usbd_pipe *pipe) 787 { 788 struct usbd_device *dev = pipe->up_dev; 789 usbd_status err; 790 791 USBHIST_FUNC(); USBHIST_CALLED(usbdebug); 792 SDT_PROBE1(usb, device, pipe, clear__endpoint__stall, pipe); 793 794 /* 795 * Clearing en endpoint stall resets the endpoint toggle, so 796 * do the same to the HC toggle. 797 */ 798 SDT_PROBE1(usb, device, pipe, clear__endpoint__toggle, pipe); 799 pipe->up_methods->upm_cleartoggle(pipe); 800 801 err = usbd_clear_endpoint_feature(dev, 802 pipe->up_endpoint->ue_edesc->bEndpointAddress, UF_ENDPOINT_HALT); 803 #if 0 804 XXX should we do this? 805 if (!err) { 806 pipe->state = USBD_PIPE_ACTIVE; 807 /* XXX activate pipe */ 808 } 809 #endif 810 return err; 811 } 812 813 void 814 usbd_clear_endpoint_stall_task(void *arg) 815 { 816 struct usbd_pipe *pipe = arg; 817 struct usbd_device *dev = pipe->up_dev; 818 819 SDT_PROBE1(usb, device, pipe, clear__endpoint__stall, pipe); 820 SDT_PROBE1(usb, device, pipe, clear__endpoint__toggle, pipe); 821 pipe->up_methods->upm_cleartoggle(pipe); 822 823 (void)usbd_clear_endpoint_feature(dev, 824 pipe->up_endpoint->ue_edesc->bEndpointAddress, UF_ENDPOINT_HALT); 825 } 826 827 void 828 usbd_clear_endpoint_stall_async(struct usbd_pipe *pipe) 829 { 830 usb_add_task(pipe->up_dev, &pipe->up_async_task, USB_TASKQ_DRIVER); 831 } 832 833 void 834 usbd_clear_endpoint_toggle(struct usbd_pipe *pipe) 835 { 836 837 SDT_PROBE1(usb, device, pipe, clear__endpoint__toggle, pipe); 838 pipe->up_methods->upm_cleartoggle(pipe); 839 } 840 841 usbd_status 842 usbd_endpoint_count(struct usbd_interface *iface, uint8_t *count) 843 { 844 KASSERT(iface != NULL); 845 KASSERT(iface->ui_idesc != NULL); 846 847 *count = iface->ui_idesc->bNumEndpoints; 848 return USBD_NORMAL_COMPLETION; 849 } 850 851 usbd_status 852 usbd_interface_count(struct usbd_device *dev, uint8_t *count) 853 { 854 855 if (dev->ud_cdesc == NULL) 856 return USBD_NOT_CONFIGURED; 857 *count = dev->ud_cdesc->bNumInterface; 858 return USBD_NORMAL_COMPLETION; 859 } 860 861 void 862 usbd_interface2device_handle(struct usbd_interface *iface, 863 struct usbd_device **dev) 864 { 865 866 *dev = iface->ui_dev; 867 } 868 869 usbd_status 870 usbd_device2interface_handle(struct usbd_device *dev, 871 uint8_t ifaceno, struct usbd_interface **iface) 872 { 873 874 if (dev->ud_cdesc == NULL) 875 return USBD_NOT_CONFIGURED; 876 if (ifaceno >= dev->ud_cdesc->bNumInterface) 877 return USBD_INVAL; 878 *iface = &dev->ud_ifaces[ifaceno]; 879 return USBD_NORMAL_COMPLETION; 880 } 881 882 struct usbd_device * 883 usbd_pipe2device_handle(struct usbd_pipe *pipe) 884 { 885 KASSERT(pipe != NULL); 886 887 return pipe->up_dev; 888 } 889 890 /* XXXX use altno */ 891 usbd_status 892 usbd_set_interface(struct usbd_interface *iface, int altidx) 893 { 894 bool locked = false; 895 usb_device_request_t req; 896 usbd_status err; 897 898 USBHIST_FUNC(); 899 USBHIST_CALLARGS(usbdebug, "iface %#jx", (uintptr_t)iface, 0, 0, 0); 900 901 err = usbd_iface_lock(iface); 902 if (err) 903 goto out; 904 locked = true; 905 906 err = usbd_fill_iface_data(iface->ui_dev, iface->ui_index, altidx); 907 if (err) 908 goto out; 909 910 req.bmRequestType = UT_WRITE_INTERFACE; 911 req.bRequest = UR_SET_INTERFACE; 912 USETW(req.wValue, iface->ui_idesc->bAlternateSetting); 913 USETW(req.wIndex, iface->ui_idesc->bInterfaceNumber); 914 USETW(req.wLength, 0); 915 err = usbd_do_request(iface->ui_dev, &req, 0); 916 917 out: /* XXX back out iface data? */ 918 if (locked) 919 usbd_iface_unlock(iface); 920 return err; 921 } 922 923 int 924 usbd_get_no_alts(usb_config_descriptor_t *cdesc, int ifaceno) 925 { 926 char *p = (char *)cdesc; 927 char *end = p + UGETW(cdesc->wTotalLength); 928 usb_interface_descriptor_t *d; 929 int n; 930 931 for (n = 0; p < end; p += d->bLength) { 932 d = (usb_interface_descriptor_t *)p; 933 if (p + d->bLength <= end && 934 d->bDescriptorType == UDESC_INTERFACE && 935 d->bInterfaceNumber == ifaceno) 936 n++; 937 } 938 return n; 939 } 940 941 int 942 usbd_get_interface_altindex(struct usbd_interface *iface) 943 { 944 return iface->ui_altindex; 945 } 946 947 usbd_status 948 usbd_get_interface(struct usbd_interface *iface, uint8_t *aiface) 949 { 950 usb_device_request_t req; 951 952 req.bmRequestType = UT_READ_INTERFACE; 953 req.bRequest = UR_GET_INTERFACE; 954 USETW(req.wValue, 0); 955 USETW(req.wIndex, iface->ui_idesc->bInterfaceNumber); 956 USETW(req.wLength, 1); 957 return usbd_do_request(iface->ui_dev, &req, aiface); 958 } 959 960 /*** Internal routines ***/ 961 962 /* Dequeue all pipe operations, called with bus lock held. */ 963 Static usbd_status 964 usbd_ar_pipe(struct usbd_pipe *pipe) 965 { 966 struct usbd_xfer *xfer; 967 968 USBHIST_FUNC(); 969 USBHIST_CALLARGS(usbdebug, "pipe = %#jx", (uintptr_t)pipe, 0, 0, 0); 970 SDT_PROBE1(usb, device, pipe, abort__start, pipe); 971 972 KASSERT(mutex_owned(pipe->up_dev->ud_bus->ub_lock)); 973 974 #ifdef USB_DEBUG 975 if (usbdebug > 5) 976 usbd_dump_queue(pipe); 977 #endif 978 pipe->up_repeat = 0; 979 pipe->up_running = 0; 980 pipe->up_aborting = 1; 981 while ((xfer = SIMPLEQ_FIRST(&pipe->up_queue)) != NULL) { 982 USBHIST_LOG(usbdebug, "pipe = %#jx xfer = %#jx " 983 "(methods = %#jx)", (uintptr_t)pipe, (uintptr_t)xfer, 984 (uintptr_t)pipe->up_methods, 0); 985 if (xfer->ux_status == USBD_NOT_STARTED) { 986 SDT_PROBE1(usb, device, xfer, preabort, xfer); 987 #ifdef DIAGNOSTIC 988 xfer->ux_state = XFER_BUSY; 989 #endif 990 SIMPLEQ_REMOVE_HEAD(&pipe->up_queue, ux_next); 991 } else { 992 /* Make the HC abort it (and invoke the callback). */ 993 SDT_PROBE1(usb, device, xfer, abort, xfer); 994 pipe->up_methods->upm_abort(xfer); 995 while (pipe->up_callingxfer == xfer) { 996 USBHIST_LOG(usbdebug, "wait for callback" 997 "pipe = %#jx xfer = %#jx", 998 (uintptr_t)pipe, (uintptr_t)xfer, 0, 0); 999 cv_wait(&pipe->up_callingcv, 1000 pipe->up_dev->ud_bus->ub_lock); 1001 } 1002 /* XXX only for non-0 usbd_clear_endpoint_stall(pipe); */ 1003 } 1004 } 1005 pipe->up_aborting = 0; 1006 SDT_PROBE1(usb, device, pipe, abort__done, pipe); 1007 return USBD_NORMAL_COMPLETION; 1008 } 1009 1010 /* Called with USB lock held. */ 1011 void 1012 usb_transfer_complete(struct usbd_xfer *xfer) 1013 { 1014 struct usbd_pipe *pipe = xfer->ux_pipe; 1015 struct usbd_bus *bus = pipe->up_dev->ud_bus; 1016 int sync = xfer->ux_flags & USBD_SYNCHRONOUS; 1017 int erred; 1018 int polling = bus->ub_usepolling; 1019 int repeat = pipe->up_repeat; 1020 1021 USBHIST_FUNC(); 1022 USBHIST_CALLARGS(usbdebug, "pipe = %#jx xfer = %#jx status = %jd " 1023 "actlen = %jd", (uintptr_t)pipe, (uintptr_t)xfer, xfer->ux_status, 1024 xfer->ux_actlen); 1025 1026 KASSERT(polling || mutex_owned(pipe->up_dev->ud_bus->ub_lock)); 1027 KASSERTMSG(xfer->ux_state == XFER_ONQU, "xfer %p state is %x", xfer, 1028 xfer->ux_state); 1029 KASSERT(pipe != NULL); 1030 1031 /* 1032 * If device is known to miss out ack, then pretend that 1033 * output timeout is a success. Userland should handle 1034 * the logic to verify that the operation succeeded. 1035 */ 1036 if (pipe->up_dev->ud_quirks && 1037 pipe->up_dev->ud_quirks->uq_flags & UQ_MISS_OUT_ACK && 1038 xfer->ux_status == USBD_TIMEOUT && 1039 !usbd_xfer_isread(xfer)) { 1040 USBHIST_LOG(usbdebug, "Possible output ack miss for xfer %#jx: " 1041 "hiding write timeout to %jd.%jd for %ju bytes written", 1042 (uintptr_t)xfer, curlwp->l_proc->p_pid, curlwp->l_lid, 1043 xfer->ux_length); 1044 1045 xfer->ux_status = USBD_NORMAL_COMPLETION; 1046 xfer->ux_actlen = xfer->ux_length; 1047 } 1048 1049 erred = xfer->ux_status == USBD_CANCELLED || 1050 xfer->ux_status == USBD_TIMEOUT; 1051 1052 if (!repeat) { 1053 /* Remove request from queue. */ 1054 1055 KASSERTMSG(!SIMPLEQ_EMPTY(&pipe->up_queue), 1056 "pipe %p is empty, but xfer %p wants to complete", pipe, 1057 xfer); 1058 KASSERTMSG(xfer == SIMPLEQ_FIRST(&pipe->up_queue), 1059 "xfer %p is not start of queue (%p is at start)", xfer, 1060 SIMPLEQ_FIRST(&pipe->up_queue)); 1061 1062 #ifdef DIAGNOSTIC 1063 xfer->ux_state = XFER_BUSY; 1064 #endif 1065 SIMPLEQ_REMOVE_HEAD(&pipe->up_queue, ux_next); 1066 } 1067 USBHIST_LOG(usbdebug, "xfer %#jx: repeat %jd new head = %#jx", 1068 (uintptr_t)xfer, repeat, (uintptr_t)SIMPLEQ_FIRST(&pipe->up_queue), 1069 0); 1070 1071 /* Count completed transfers. */ 1072 ++pipe->up_dev->ud_bus->ub_stats.uds_requests 1073 [pipe->up_endpoint->ue_edesc->bmAttributes & UE_XFERTYPE]; 1074 1075 xfer->ux_done = 1; 1076 if (!xfer->ux_status && xfer->ux_actlen < xfer->ux_length && 1077 !(xfer->ux_flags & USBD_SHORT_XFER_OK)) { 1078 USBHIST_LOG(usbdebug, "short transfer %jd < %jd", 1079 xfer->ux_actlen, xfer->ux_length, 0, 0); 1080 xfer->ux_status = USBD_SHORT_XFER; 1081 } 1082 1083 USBHIST_LOG(usbdebug, "xfer %#jx doing done %#jx", (uintptr_t)xfer, 1084 (uintptr_t)pipe->up_methods->upm_done, 0, 0); 1085 SDT_PROBE2(usb, device, xfer, done, xfer, xfer->ux_status); 1086 pipe->up_methods->upm_done(xfer); 1087 1088 if (xfer->ux_length != 0 && xfer->ux_buffer != xfer->ux_buf) { 1089 KDASSERTMSG(xfer->ux_actlen <= xfer->ux_length, 1090 "actlen %d length %d",xfer->ux_actlen, xfer->ux_length); 1091 1092 /* Only if IN transfer */ 1093 if (usbd_xfer_isread(xfer)) { 1094 memcpy(xfer->ux_buffer, xfer->ux_buf, xfer->ux_actlen); 1095 } 1096 } 1097 1098 USBHIST_LOG(usbdebug, "xfer %#jx doing callback %#jx status %jd", 1099 (uintptr_t)xfer, (uintptr_t)xfer->ux_callback, xfer->ux_status, 0); 1100 1101 if (xfer->ux_callback) { 1102 if (!polling) { 1103 KASSERT(pipe->up_callingxfer == NULL); 1104 pipe->up_callingxfer = xfer; 1105 mutex_exit(pipe->up_dev->ud_bus->ub_lock); 1106 if (!(pipe->up_flags & USBD_MPSAFE)) 1107 KERNEL_LOCK(1, curlwp); 1108 } 1109 1110 xfer->ux_callback(xfer, xfer->ux_priv, xfer->ux_status); 1111 1112 if (!polling) { 1113 if (!(pipe->up_flags & USBD_MPSAFE)) 1114 KERNEL_UNLOCK_ONE(curlwp); 1115 mutex_enter(pipe->up_dev->ud_bus->ub_lock); 1116 KASSERT(pipe->up_callingxfer == xfer); 1117 pipe->up_callingxfer = NULL; 1118 cv_broadcast(&pipe->up_callingcv); 1119 } 1120 } 1121 1122 if (sync && !polling) { 1123 USBHIST_LOG(usbdebug, "<- done xfer %#jx, wakeup", 1124 (uintptr_t)xfer, 0, 0, 0); 1125 cv_broadcast(&xfer->ux_cv); 1126 } 1127 1128 if (repeat) { 1129 xfer->ux_actlen = 0; 1130 xfer->ux_status = USBD_NOT_STARTED; 1131 } else { 1132 /* XXX should we stop the queue on all errors? */ 1133 if (erred && pipe->up_iface != NULL) /* not control pipe */ 1134 pipe->up_running = 0; 1135 } 1136 if (pipe->up_running && pipe->up_serialise) 1137 usbd_start_next(pipe); 1138 } 1139 1140 /* Called with USB lock held. */ 1141 usbd_status 1142 usb_insert_transfer(struct usbd_xfer *xfer) 1143 { 1144 struct usbd_pipe *pipe = xfer->ux_pipe; 1145 usbd_status err; 1146 1147 USBHIST_FUNC(); USBHIST_CALLARGS(usbdebug, 1148 "xfer = %#jx pipe = %#jx running = %jd timeout = %jd", 1149 (uintptr_t)xfer, (uintptr_t)pipe, 1150 pipe->up_running, xfer->ux_timeout); 1151 1152 KASSERT(mutex_owned(pipe->up_dev->ud_bus->ub_lock)); 1153 KASSERTMSG(xfer->ux_state == XFER_BUSY, "xfer %p state is %x", xfer, 1154 xfer->ux_state); 1155 1156 #ifdef DIAGNOSTIC 1157 xfer->ux_state = XFER_ONQU; 1158 #endif 1159 SIMPLEQ_INSERT_TAIL(&pipe->up_queue, xfer, ux_next); 1160 if (pipe->up_running && pipe->up_serialise) 1161 err = USBD_IN_PROGRESS; 1162 else { 1163 pipe->up_running = 1; 1164 err = USBD_NORMAL_COMPLETION; 1165 } 1166 USBHIST_LOG(usbdebug, "<- done xfer %#jx, err %jd", (uintptr_t)xfer, 1167 err, 0, 0); 1168 return err; 1169 } 1170 1171 /* Called with USB lock held. */ 1172 void 1173 usbd_start_next(struct usbd_pipe *pipe) 1174 { 1175 struct usbd_xfer *xfer; 1176 usbd_status err; 1177 1178 USBHIST_FUNC(); 1179 1180 KASSERT(pipe != NULL); 1181 KASSERT(pipe->up_methods != NULL); 1182 KASSERT(pipe->up_methods->upm_start != NULL); 1183 KASSERT(pipe->up_serialise == true); 1184 1185 int polling = pipe->up_dev->ud_bus->ub_usepolling; 1186 KASSERT(polling || mutex_owned(pipe->up_dev->ud_bus->ub_lock)); 1187 1188 /* Get next request in queue. */ 1189 xfer = SIMPLEQ_FIRST(&pipe->up_queue); 1190 USBHIST_CALLARGS(usbdebug, "pipe = %#jx, xfer = %#jx", (uintptr_t)pipe, 1191 (uintptr_t)xfer, 0, 0); 1192 if (xfer == NULL) { 1193 pipe->up_running = 0; 1194 } else { 1195 if (!polling) 1196 mutex_exit(pipe->up_dev->ud_bus->ub_lock); 1197 SDT_PROBE2(usb, device, pipe, start, pipe, xfer); 1198 err = pipe->up_methods->upm_start(xfer); 1199 if (!polling) 1200 mutex_enter(pipe->up_dev->ud_bus->ub_lock); 1201 1202 if (err != USBD_IN_PROGRESS) { 1203 USBHIST_LOG(usbdebug, "error = %jd", err, 0, 0, 0); 1204 pipe->up_running = 0; 1205 /* XXX do what? */ 1206 } 1207 } 1208 1209 KASSERT(polling || mutex_owned(pipe->up_dev->ud_bus->ub_lock)); 1210 } 1211 1212 usbd_status 1213 usbd_do_request(struct usbd_device *dev, usb_device_request_t *req, void *data) 1214 { 1215 1216 return usbd_do_request_flags(dev, req, data, 0, 0, 1217 USBD_DEFAULT_TIMEOUT); 1218 } 1219 1220 usbd_status 1221 usbd_do_request_flags(struct usbd_device *dev, usb_device_request_t *req, 1222 void *data, uint16_t flags, int *actlen, uint32_t timeout) 1223 { 1224 size_t len = UGETW(req->wLength); 1225 1226 return usbd_do_request_len(dev, req, len, data, flags, actlen, timeout); 1227 } 1228 1229 usbd_status 1230 usbd_do_request_len(struct usbd_device *dev, usb_device_request_t *req, 1231 size_t len, void *data, uint16_t flags, int *actlen, uint32_t timeout) 1232 { 1233 struct usbd_xfer *xfer; 1234 usbd_status err; 1235 1236 KASSERT(len >= UGETW(req->wLength)); 1237 1238 USBHIST_FUNC(); 1239 USBHIST_CALLARGS(usbdebug, "dev=%#jx req=%jx flags=%jx len=%jx", 1240 (uintptr_t)dev, (uintptr_t)req, flags, len); 1241 1242 ASSERT_SLEEPABLE(); 1243 1244 int error = usbd_create_xfer(dev->ud_pipe0, len, 0, 0, &xfer); 1245 if (error) 1246 return error; 1247 1248 usbd_setup_default_xfer(xfer, dev, 0, timeout, req, data, 1249 UGETW(req->wLength), flags, NULL); 1250 KASSERT(xfer->ux_pipe == dev->ud_pipe0); 1251 err = usbd_sync_transfer(xfer); 1252 #if defined(USB_DEBUG) || defined(DIAGNOSTIC) 1253 if (xfer->ux_actlen > xfer->ux_length) { 1254 USBHIST_LOG(usbdebug, "overrun addr = %jd type = 0x%02jx", 1255 dev->ud_addr, xfer->ux_request.bmRequestType, 0, 0); 1256 USBHIST_LOG(usbdebug, " req = 0x%02jx val = %jd " 1257 "index = %jd", 1258 xfer->ux_request.bRequest, UGETW(xfer->ux_request.wValue), 1259 UGETW(xfer->ux_request.wIndex), 0); 1260 USBHIST_LOG(usbdebug, " rlen = %jd length = %jd " 1261 "actlen = %jd", 1262 UGETW(xfer->ux_request.wLength), 1263 xfer->ux_length, xfer->ux_actlen, 0); 1264 } 1265 #endif 1266 if (actlen != NULL) 1267 *actlen = xfer->ux_actlen; 1268 1269 usbd_destroy_xfer(xfer); 1270 1271 if (err) { 1272 USBHIST_LOG(usbdebug, "returning err = %jd", err, 0, 0, 0); 1273 } 1274 return err; 1275 } 1276 1277 static void 1278 usbd_request_async_cb(struct usbd_xfer *xfer, void *priv, usbd_status status) 1279 { 1280 usbd_destroy_xfer(xfer); 1281 } 1282 1283 /* 1284 * Execute a request without waiting for completion. 1285 * Can be used from interrupt context. 1286 */ 1287 usbd_status 1288 usbd_request_async(struct usbd_device *dev, struct usbd_xfer *xfer, 1289 usb_device_request_t *req, void *priv, usbd_callback callback) 1290 { 1291 usbd_status err; 1292 1293 if (callback == NULL) 1294 callback = usbd_request_async_cb; 1295 1296 usbd_setup_default_xfer(xfer, dev, priv, 1297 USBD_DEFAULT_TIMEOUT, req, NULL, UGETW(req->wLength), 0, 1298 callback); 1299 err = usbd_transfer(xfer); 1300 if (err != USBD_IN_PROGRESS) { 1301 usbd_destroy_xfer(xfer); 1302 return (err); 1303 } 1304 return (USBD_NORMAL_COMPLETION); 1305 } 1306 1307 const struct usbd_quirks * 1308 usbd_get_quirks(struct usbd_device *dev) 1309 { 1310 #ifdef DIAGNOSTIC 1311 if (dev == NULL) { 1312 printf("usbd_get_quirks: dev == NULL\n"); 1313 return 0; 1314 } 1315 #endif 1316 return dev->ud_quirks; 1317 } 1318 1319 /* XXX do periodic free() of free list */ 1320 1321 /* 1322 * Called from keyboard driver when in polling mode. 1323 */ 1324 void 1325 usbd_dopoll(struct usbd_interface *iface) 1326 { 1327 iface->ui_dev->ud_bus->ub_methods->ubm_dopoll(iface->ui_dev->ud_bus); 1328 } 1329 1330 /* 1331 * This is for keyboard driver as well, which only operates in polling 1332 * mode from the ask root, etc., prompt and from DDB. 1333 */ 1334 void 1335 usbd_set_polling(struct usbd_device *dev, int on) 1336 { 1337 if (on) 1338 dev->ud_bus->ub_usepolling++; 1339 else 1340 dev->ud_bus->ub_usepolling--; 1341 1342 /* Kick the host controller when switching modes */ 1343 mutex_enter(dev->ud_bus->ub_lock); 1344 dev->ud_bus->ub_methods->ubm_softint(dev->ud_bus); 1345 mutex_exit(dev->ud_bus->ub_lock); 1346 } 1347 1348 1349 usb_endpoint_descriptor_t * 1350 usbd_get_endpoint_descriptor(struct usbd_interface *iface, uint8_t address) 1351 { 1352 struct usbd_endpoint *ep; 1353 int i; 1354 1355 for (i = 0; i < iface->ui_idesc->bNumEndpoints; i++) { 1356 ep = &iface->ui_endpoints[i]; 1357 if (ep->ue_edesc->bEndpointAddress == address) 1358 return iface->ui_endpoints[i].ue_edesc; 1359 } 1360 return NULL; 1361 } 1362 1363 /* 1364 * usbd_ratecheck() can limit the number of error messages that occurs. 1365 * When a device is unplugged it may take up to 0.25s for the hub driver 1366 * to notice it. If the driver continuously tries to do I/O operations 1367 * this can generate a large number of messages. 1368 */ 1369 int 1370 usbd_ratecheck(struct timeval *last) 1371 { 1372 static struct timeval errinterval = { 0, 250000 }; /* 0.25 s*/ 1373 1374 return ratecheck(last, &errinterval); 1375 } 1376 1377 /* 1378 * Search for a vendor/product pair in an array. The item size is 1379 * given as an argument. 1380 */ 1381 const struct usb_devno * 1382 usb_match_device(const struct usb_devno *tbl, u_int nentries, u_int sz, 1383 uint16_t vendor, uint16_t product) 1384 { 1385 while (nentries-- > 0) { 1386 uint16_t tproduct = tbl->ud_product; 1387 if (tbl->ud_vendor == vendor && 1388 (tproduct == product || tproduct == USB_PRODUCT_ANY)) 1389 return tbl; 1390 tbl = (const struct usb_devno *)((const char *)tbl + sz); 1391 } 1392 return NULL; 1393 } 1394 1395 usbd_status 1396 usbd_get_string(struct usbd_device *dev, int si, char *buf) 1397 { 1398 return usbd_get_string0(dev, si, buf, 1); 1399 } 1400 1401 usbd_status 1402 usbd_get_string0(struct usbd_device *dev, int si, char *buf, int unicode) 1403 { 1404 int swap = dev->ud_quirks->uq_flags & UQ_SWAP_UNICODE; 1405 usb_string_descriptor_t us; 1406 char *s; 1407 int i, n; 1408 uint16_t c; 1409 usbd_status err; 1410 int size; 1411 1412 USBHIST_FUNC(); USBHIST_CALLED(usbdebug); 1413 1414 buf[0] = '\0'; 1415 if (si == 0) 1416 return USBD_INVAL; 1417 if (dev->ud_quirks->uq_flags & UQ_NO_STRINGS) 1418 return USBD_STALLED; 1419 if (dev->ud_langid == USBD_NOLANG) { 1420 /* Set up default language */ 1421 err = usbd_get_string_desc(dev, USB_LANGUAGE_TABLE, 0, &us, 1422 &size); 1423 if (err || size < 4) { 1424 USBHIST_LOG(usbdebug, "getting lang failed, using 0", 1425 0, 0, 0, 0); 1426 dev->ud_langid = 0; /* Well, just pick something then */ 1427 } else { 1428 /* Pick the first language as the default. */ 1429 dev->ud_langid = UGETW(us.bString[0]); 1430 } 1431 } 1432 err = usbd_get_string_desc(dev, si, dev->ud_langid, &us, &size); 1433 if (err) 1434 return err; 1435 s = buf; 1436 n = size / 2 - 1; 1437 if (unicode) { 1438 for (i = 0; i < n; i++) { 1439 c = UGETW(us.bString[i]); 1440 if (swap) 1441 c = (c >> 8) | (c << 8); 1442 s += wput_utf8(s, 3, c); 1443 } 1444 *s++ = 0; 1445 } 1446 #ifdef COMPAT_30 1447 else { 1448 for (i = 0; i < n; i++) { 1449 c = UGETW(us.bString[i]); 1450 if (swap) 1451 c = (c >> 8) | (c << 8); 1452 *s++ = (c < 0x80) ? c : '?'; 1453 } 1454 *s++ = 0; 1455 } 1456 #endif 1457 return USBD_NORMAL_COMPLETION; 1458 } 1459 1460 /* 1461 * usbd_xfer_trycomplete(xfer) 1462 * 1463 * Try to claim xfer for completion. Return true if successful, 1464 * false if the xfer has been synchronously aborted or has timed 1465 * out. 1466 * 1467 * If this returns true, caller is responsible for setting 1468 * xfer->ux_status and calling usb_transfer_complete. To be used 1469 * in a host controller interrupt handler. 1470 * 1471 * Caller must either hold the bus lock or have the bus in polling 1472 * mode. 1473 */ 1474 bool 1475 usbd_xfer_trycomplete(struct usbd_xfer *xfer) 1476 { 1477 struct usbd_bus *bus __diagused = xfer->ux_bus; 1478 1479 KASSERT(bus->ub_usepolling || mutex_owned(bus->ub_lock)); 1480 1481 /* 1482 * If software has completed it, either by synchronous abort or 1483 * by timeout, too late. 1484 */ 1485 if (xfer->ux_status != USBD_IN_PROGRESS) 1486 return false; 1487 1488 /* 1489 * We are completing the xfer. Cancel the timeout if we can, 1490 * but only asynchronously. See usbd_xfer_cancel_timeout_async 1491 * for why we need not wait for the callout or task here. 1492 */ 1493 usbd_xfer_cancel_timeout_async(xfer); 1494 1495 /* Success! Note: Caller must set xfer->ux_status afterwar. */ 1496 return true; 1497 } 1498 1499 /* 1500 * usbd_xfer_abort(xfer) 1501 * 1502 * Try to claim xfer to abort. If successful, mark it completed 1503 * with USBD_CANCELLED and call the bus-specific method to abort 1504 * at the hardware level. 1505 * 1506 * To be called in thread context from struct 1507 * usbd_pipe_methods::upm_abort. 1508 * 1509 * Caller must hold the bus lock. 1510 */ 1511 void 1512 usbd_xfer_abort(struct usbd_xfer *xfer) 1513 { 1514 struct usbd_bus *bus = xfer->ux_bus; 1515 1516 KASSERT(mutex_owned(bus->ub_lock)); 1517 1518 /* 1519 * If host controller interrupt or timer interrupt has 1520 * completed it, too late. But the xfer cannot be 1521 * cancelled already -- only one caller can synchronously 1522 * abort. 1523 */ 1524 KASSERT(xfer->ux_status != USBD_CANCELLED); 1525 if (xfer->ux_status != USBD_IN_PROGRESS) 1526 return; 1527 1528 /* 1529 * Cancel the timeout if we can, but only asynchronously; see 1530 * usbd_xfer_cancel_timeout_async for why we need not wait for 1531 * the callout or task here. 1532 */ 1533 usbd_xfer_cancel_timeout_async(xfer); 1534 1535 /* 1536 * We beat everyone else. Claim the status as cancelled and do 1537 * the bus-specific dance to abort the hardware. 1538 */ 1539 xfer->ux_status = USBD_CANCELLED; 1540 bus->ub_methods->ubm_abortx(xfer); 1541 } 1542 1543 /* 1544 * usbd_xfer_timeout(xfer) 1545 * 1546 * Called at IPL_SOFTCLOCK when too much time has elapsed waiting 1547 * for xfer to complete. Since we can't abort the xfer at 1548 * IPL_SOFTCLOCK, defer to a usb_task to run it in thread context, 1549 * unless the xfer has completed or aborted concurrently -- and if 1550 * the xfer has also been resubmitted, take care of rescheduling 1551 * the callout. 1552 */ 1553 static void 1554 usbd_xfer_timeout(void *cookie) 1555 { 1556 struct usbd_xfer *xfer = cookie; 1557 struct usbd_bus *bus = xfer->ux_bus; 1558 struct usbd_device *dev = xfer->ux_pipe->up_dev; 1559 1560 /* Acquire the lock so we can transition the timeout state. */ 1561 mutex_enter(bus->ub_lock); 1562 1563 /* 1564 * Use usbd_xfer_probe_timeout to check whether the timeout is 1565 * still valid, or to reschedule the callout if necessary. If 1566 * it is still valid, schedule the task. 1567 */ 1568 if (usbd_xfer_probe_timeout(xfer)) 1569 usb_add_task(dev, &xfer->ux_aborttask, USB_TASKQ_HC); 1570 1571 /* 1572 * Notify usbd_xfer_cancel_timeout_async that we may have 1573 * scheduled the task. This causes callout_invoking to return 1574 * false in usbd_xfer_cancel_timeout_async so that it can tell 1575 * which stage in the callout->task->abort process we're at. 1576 */ 1577 callout_ack(&xfer->ux_callout); 1578 1579 /* All done -- release the lock. */ 1580 mutex_exit(bus->ub_lock); 1581 } 1582 1583 /* 1584 * usbd_xfer_timeout_task(xfer) 1585 * 1586 * Called in thread context when too much time has elapsed waiting 1587 * for xfer to complete. Abort the xfer with USBD_TIMEOUT, unless 1588 * it has completed or aborted concurrently -- and if the xfer has 1589 * also been resubmitted, take care of rescheduling the callout. 1590 */ 1591 static void 1592 usbd_xfer_timeout_task(void *cookie) 1593 { 1594 struct usbd_xfer *xfer = cookie; 1595 struct usbd_bus *bus = xfer->ux_bus; 1596 1597 /* Acquire the lock so we can transition the timeout state. */ 1598 mutex_enter(bus->ub_lock); 1599 1600 /* 1601 * Use usbd_xfer_probe_timeout to check whether the timeout is 1602 * still valid, or to reschedule the callout if necessary. If 1603 * it is not valid -- the timeout has been asynchronously 1604 * cancelled, or the xfer has already been resubmitted -- then 1605 * we're done here. 1606 */ 1607 if (!usbd_xfer_probe_timeout(xfer)) 1608 goto out; 1609 1610 /* 1611 * May have completed or been aborted, but we're the only one 1612 * who can time it out. If it has completed or been aborted, 1613 * no need to timeout. 1614 */ 1615 KASSERT(xfer->ux_status != USBD_TIMEOUT); 1616 if (xfer->ux_status != USBD_IN_PROGRESS) 1617 goto out; 1618 1619 /* 1620 * We beat everyone else. Claim the status as timed out and do 1621 * the bus-specific dance to abort the hardware. 1622 */ 1623 xfer->ux_status = USBD_TIMEOUT; 1624 bus->ub_methods->ubm_abortx(xfer); 1625 1626 out: /* All done -- release the lock. */ 1627 mutex_exit(bus->ub_lock); 1628 } 1629 1630 /* 1631 * usbd_xfer_probe_timeout(xfer) 1632 * 1633 * Probe the status of xfer's timeout. Acknowledge and process a 1634 * request to reschedule. Return true if the timeout is still 1635 * valid and the caller should take further action (queueing a 1636 * task or aborting the xfer), false if it must stop here. 1637 */ 1638 static bool 1639 usbd_xfer_probe_timeout(struct usbd_xfer *xfer) 1640 { 1641 struct usbd_bus *bus = xfer->ux_bus; 1642 bool valid; 1643 1644 KASSERT(bus->ub_usepolling || mutex_owned(bus->ub_lock)); 1645 1646 /* The timeout must be set. */ 1647 KASSERT(xfer->ux_timeout_set); 1648 1649 /* 1650 * Neither callout nor task may be pending; they execute 1651 * alternately in lock step. 1652 */ 1653 KASSERT(!callout_pending(&xfer->ux_callout)); 1654 KASSERT(!usb_task_pending(xfer->ux_pipe->up_dev, &xfer->ux_aborttask)); 1655 1656 /* There are a few cases... */ 1657 if (bus->ub_methods->ubm_dying(bus)) { 1658 /* Host controller dying. Drop it all on the floor. */ 1659 xfer->ux_timeout_set = false; 1660 xfer->ux_timeout_reset = false; 1661 valid = false; 1662 } else if (xfer->ux_timeout_reset) { 1663 /* 1664 * The xfer completed _and_ got resubmitted while we 1665 * waited for the lock. Acknowledge the request to 1666 * reschedule, and reschedule it if there is a timeout 1667 * and the bus is not polling. 1668 */ 1669 xfer->ux_timeout_reset = false; 1670 if (xfer->ux_timeout && !bus->ub_usepolling) { 1671 KASSERT(xfer->ux_timeout_set); 1672 callout_schedule(&xfer->ux_callout, 1673 mstohz(xfer->ux_timeout)); 1674 } else { 1675 /* No more callout or task scheduled. */ 1676 xfer->ux_timeout_set = false; 1677 } 1678 valid = false; 1679 } else if (xfer->ux_status != USBD_IN_PROGRESS) { 1680 /* 1681 * The xfer has completed by hardware completion or by 1682 * software abort, and has not been resubmitted, so the 1683 * timeout must be unset, and is no longer valid for 1684 * the caller. 1685 */ 1686 xfer->ux_timeout_set = false; 1687 valid = false; 1688 } else { 1689 /* 1690 * The xfer has not yet completed, so the timeout is 1691 * valid. 1692 */ 1693 valid = true; 1694 } 1695 1696 /* Any reset must have been processed. */ 1697 KASSERT(!xfer->ux_timeout_reset); 1698 1699 /* 1700 * Either we claim the timeout is set, or the callout is idle. 1701 * If the timeout is still set, we may be handing off to the 1702 * task instead, so this is an if but not an iff. 1703 */ 1704 KASSERT(xfer->ux_timeout_set || !callout_pending(&xfer->ux_callout)); 1705 1706 /* 1707 * The task must be idle now. 1708 * 1709 * - If the caller is the callout, _and_ the timeout is still 1710 * valid, the caller will schedule it, but it hasn't been 1711 * scheduled yet. (If the timeout is not valid, the task 1712 * should not be scheduled.) 1713 * 1714 * - If the caller is the task, it cannot be scheduled again 1715 * until the callout runs again, which won't happen until we 1716 * next release the lock. 1717 */ 1718 KASSERT(!usb_task_pending(xfer->ux_pipe->up_dev, &xfer->ux_aborttask)); 1719 1720 KASSERT(bus->ub_usepolling || mutex_owned(bus->ub_lock)); 1721 1722 return valid; 1723 } 1724 1725 /* 1726 * usbd_xfer_schedule_timeout(xfer) 1727 * 1728 * Ensure that xfer has a timeout. If the callout is already 1729 * queued or the task is already running, request that they 1730 * reschedule the callout. If not, and if we're not polling, 1731 * schedule the callout anew. 1732 * 1733 * To be called in thread context from struct 1734 * usbd_pipe_methods::upm_start. 1735 */ 1736 void 1737 usbd_xfer_schedule_timeout(struct usbd_xfer *xfer) 1738 { 1739 struct usbd_bus *bus = xfer->ux_bus; 1740 1741 KASSERT(bus->ub_usepolling || mutex_owned(bus->ub_lock)); 1742 1743 if (xfer->ux_timeout_set) { 1744 /* 1745 * Callout or task has fired from a prior completed 1746 * xfer but has not yet noticed that the xfer is done. 1747 * Ask it to reschedule itself to ux_timeout. 1748 */ 1749 xfer->ux_timeout_reset = true; 1750 } else if (xfer->ux_timeout && !bus->ub_usepolling) { 1751 /* Callout is not scheduled. Schedule it. */ 1752 KASSERT(!callout_pending(&xfer->ux_callout)); 1753 callout_schedule(&xfer->ux_callout, mstohz(xfer->ux_timeout)); 1754 xfer->ux_timeout_set = true; 1755 } 1756 1757 KASSERT(bus->ub_usepolling || mutex_owned(bus->ub_lock)); 1758 } 1759 1760 /* 1761 * usbd_xfer_cancel_timeout_async(xfer) 1762 * 1763 * Cancel the callout and the task of xfer, which have not yet run 1764 * to completion, but don't wait for the callout or task to finish 1765 * running. 1766 * 1767 * If they have already fired, at worst they are waiting for the 1768 * bus lock. They will see that the xfer is no longer in progress 1769 * and give up, or they will see that the xfer has been 1770 * resubmitted with a new timeout and reschedule the callout. 1771 * 1772 * If a resubmitted request completed so fast that the callout 1773 * didn't have time to process a timer reset, just cancel the 1774 * timer reset. 1775 */ 1776 static void 1777 usbd_xfer_cancel_timeout_async(struct usbd_xfer *xfer) 1778 { 1779 struct usbd_bus *bus __diagused = xfer->ux_bus; 1780 1781 KASSERT(bus->ub_usepolling || mutex_owned(bus->ub_lock)); 1782 1783 /* 1784 * If the timer wasn't running anyway, forget about it. This 1785 * can happen if we are completing an isochronous transfer 1786 * which doesn't use the same timeout logic. 1787 */ 1788 if (!xfer->ux_timeout_set) 1789 return; 1790 1791 xfer->ux_timeout_reset = false; 1792 if (!callout_stop(&xfer->ux_callout)) { 1793 /* 1794 * We stopped the callout before it ran. The timeout 1795 * is no longer set. 1796 */ 1797 xfer->ux_timeout_set = false; 1798 } else if (callout_invoking(&xfer->ux_callout)) { 1799 /* 1800 * The callout has begun to run but it has not yet 1801 * acquired the lock and called callout_ack. The task 1802 * cannot be queued yet, and the callout cannot have 1803 * been rescheduled yet. 1804 * 1805 * By the time the callout acquires the lock, we will 1806 * have transitioned from USBD_IN_PROGRESS to a 1807 * completed status, and possibly also resubmitted the 1808 * xfer and set xfer->ux_timeout_reset = true. In both 1809 * cases, the callout will DTRT, so no further action 1810 * is needed here. 1811 */ 1812 } else if (usb_rem_task(xfer->ux_pipe->up_dev, &xfer->ux_aborttask)) { 1813 /* 1814 * The callout had fired and scheduled the task, but we 1815 * stopped the task before it could run. The timeout 1816 * is therefore no longer set -- the next resubmission 1817 * of the xfer must schedule a new timeout. 1818 * 1819 * The callout should not be pending at this point: 1820 * it is scheduled only under the lock, and only when 1821 * xfer->ux_timeout_set is false, or by the callout or 1822 * task itself when xfer->ux_timeout_reset is true. 1823 */ 1824 xfer->ux_timeout_set = false; 1825 } 1826 1827 /* 1828 * The callout cannot be scheduled and the task cannot be 1829 * queued at this point. Either we cancelled them, or they are 1830 * already running and waiting for the bus lock. 1831 */ 1832 KASSERT(!callout_pending(&xfer->ux_callout)); 1833 KASSERT(!usb_task_pending(xfer->ux_pipe->up_dev, &xfer->ux_aborttask)); 1834 1835 KASSERT(bus->ub_usepolling || mutex_owned(bus->ub_lock)); 1836 } 1837