Hello,
I was trying to create FunctionFS based, WinUSB gadget driver on EBV
SoCrates board (Altera Cyclone V SoC, dwc2 UDC), running 4.0-rc3
Kernel, but this attempt ultimately failed with 'Oops'.
I ran FunctionFS gadget (with ffs-test) using following set of
commands (without strings etc. to keep it short):
modprobe usb_f_fs
mount -t configfs none /sys/kernel/config
mkdir /sys/kernel/config/usb_gadget/test_gadget
cd /sys/kernel/config/usb_gadget/test_gadget
mkdir functions/ffs.test_ffs
mkdir configs/c.1
ln -s functions/ffs.test_ffs configs/c.1
mkdir -p /dev/functionfs/test_ffs
mount -t functionfs test_ffs /dev/functionfs/test_ffs
cd /dev/functionfs/test_ffs/
/home/root/ffs-test &
sleep 1
echo 'ffb40000.usb' > /sys/kernel/config/usb_gadget/test_gadget/UDC
This worked and allowed gadget to be enumerated by host (checked with
usbview.exe on Windows).
Running dmesg afterwards allowed me to see FunctionFS descriptor:
[ 205.249774] Buffer from user space:
[ 205.249785] : 03 00 00 00 42 00 00 00 03 00 00 00 03 00 00 00
....B...........
[ 205.249793] : 03 00 00 00 09 04 00 00 02 ff 00 00 01 07 05 81
................
[ 205.249801] : 02 00 00 00 07 05 02 02 00 00 00 09 04 00 00 02
................
[ 205.249808] : ff 00 00 01 07 05 81 02 00 02 00 07 05 02 02 00
................
[ 205.249815] : 02 01 ..
..
Which can be broken down into:
03 00 00 00 - Magic number
42 00 00 00 - Length
03 00 00 00 - Flags (FS, HS)
03 00 00 00 - FS descriptor count
03 00 00 00 - HS descriptor count
09 04 00 00 02 ff 00 00 01 - FS interface
07 05 81 02 00 00 00 - FS ep1
07 05 02 02 00 00 00 - FS ep2
09 04 00 00 02 ff 00 00 01 - HS interface
07 05 81 02 00 02 00 - HS ep1
07 05 02 02 00 02 01 - HS ep2
I wrote my own application for FunctionFS handling, starting with the
same set of descriptors (with minor changes to EP types, etc.).
This also worked as expected, but adding MS OS descriptors (using
functionfs.h structures) afterwards, did not.
Descriptors are accepted on ep0 write, but binding UDC causes the following:
[ 563.185116] ffs_do_os_descs()
[ 563.185122] ffs_do_single_os_desc()
[ 563.185137] Unable to handle kernel paging request at virtual
address 00ffff02
[ 563.195396] pgd = eee68000
[ 563.199727] [00ffff02] *pgd=00000000
[ 563.203304] Internal error: Oops: 5 [#1] SMP ARM
[ 563.207902] Modules linked in: usb_f_fs libcomposite
[ 563.212885] CPU: 0 PID: 636 Comm: NGEGadgetDriver Not tainted 4.0.0-rc3 #1
[ 563.219728] Hardware name: Altera SOCFPGA
[ 563.223721] task: eee29c80 ti: eeefc000 task.ti: eeefc000
[ 563.229116] PC is at __ffs_func_bind_do_os_desc+0x5c/0x1ac [usb_f_fs]
[ 563.235533] LR is at ffs_do_os_descs+0x108/0x220 [usb_f_fs]
[ 563.241084] pc : [<bf0110e8>] lr : [<bf010768>] psr: 60000013
[ 563.241084] sp : eeefddc0 ip : 00004253 fp : eef43515
[ 563.252508] r10: eeea9c00 r9 : 00000018 r8 : bf01108c
[ 563.257711] r7 : 00000001 r6 : eef4350a r5 : eef43517 r4 : 554e4957
[ 563.264209] r3 : 00ffff02 r2 : 00000000 r1 : eef434dc r0 : 00000018
[ 563.270708] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment user
[ 563.277811] Control: 10c5387d Table: 2ee6804a DAC: 00000015
[ 563.283532] Process NGEGadgetDriver (pid: 636, stack limit = 0xeeefc218)
[ 563.290203] Stack: (0xeeefddc0 to 0xeeefe000)
[ 563.294546] ddc0: 00000018 00000000 00000018 eef4350a 00000001
bf01108c eeea9c00 bf010768
[ 563.302690] dde0: eeea9c00 bf0104b4 eef4350a 00000007 00000000
eef43515 00000001 00000023
[ 563.310834] de00: eed9db00 eed9db00 eef43480 0000003a 00000017
00000000 eef434dc eef434dc
[ 563.318978] de20: eeea9c24 bf0116c4 eeea9c00 00200200 eef20cbc
00000051 00000001 00000000
[ 563.327122] de40: eeea9c00 0000005c eef20c98 0000005c 00000038
00000048 00000058 0000005c
[ 563.335265] de60: 0000005c 0000005c eef20d0c eeea9c24 eef20c98
bf011238 eed2ee60 00200200
[ 563.343409] de80: eef20cbc 00100100 eeea9c74 bf000f90 eeea9c24
ee44cdc0 eef20c98 eef1e600
[ 563.351552] dea0: eeea9c24 eef20c98 eef20d0c bf0051f8 eed2edc8
eed2ee28 eef82900 00000000
[ 563.359696] dec0: eef8f600 eef1e600 eed2edc8 eef8f600 eef1e608
0000000c eeefc000 eef43cc0
[ 563.367839] dee0: 00000000 c02ef2a4 00000000 eef1e600 c0639e00
eef8f600 eed2edc8 c02ef3c4
[ 563.375983] df00: 00000000 eef8f600 eed2ec00 eed2ed68 eeefdf80
bf0055e4 0000000c eef8fd00
[ 563.384126] df20: eef8fd18 eeefdf80 befafebc bf003a60 0000000c
c0151214 eeefdf80 eef43cc0
[ 563.392269] df40: 0000000c befafebc eeefdf80 0000000c befafebc
c00f4868 00000000 00000000
[ 563.400412] df60: 00000020 00000000 00000000 eef43cc0 eef43cc0
0000000c befafebc c00f4b88
[ 563.408556] df80: 00000000 00000000 ffffffff befafebc befafbe8
00008455 00000004 c000e724
[ 563.416699] dfa0: 00000000 c000e5a0 befafebc befafbe8 00000004
befafebc 0000000c 00000000
[ 563.424843] dfc0: befafebc befafbe8 00008455 00000004 00000000
00000000 b6f36000 00000000
[ 563.432987] dfe0: 00000000 befafb5c 00008715 b6eba25c 60000010
00000004 03000000 19029c23
[ 563.441148] [<bf0110e8>] (__ffs_func_bind_do_os_desc [usb_f_fs])
from [<bf010768>] (ffs_do_os_descs+0x108/0x220 [usb_f_fs])
[ 563.452239] [<bf010768>] (ffs_do_os_descs [usb_f_fs]) from
[<bf0116c4>] (ffs_func_bind+0x48c/0x6a8 [usb_f_fs])
[ 563.462222] [<bf0116c4>] (ffs_func_bind [usb_f_fs]) from
[<bf000f90>] (usb_add_function+0x8c/0x170 [libcomposite])
[ 563.472548] [<bf000f90>] (usb_add_function [libcomposite]) from
[<bf0051f8>] (configfs_composite_bind+0x22c/0x358 [libcomposite])
[ 563.484172] [<bf0051f8>] (configfs_composite_bind [libcomposite])
from [<c02ef2a4>] (udc_bind_to_driver+0x48/0xf4)
[ 563.494485] [<c02ef2a4>] (udc_bind_to_driver) from [<c02ef3c4>]
(usb_udc_attach_driver+0x74/0x94)
[ 563.503333] [<c02ef3c4>] (usb_udc_attach_driver) from [<bf0055e4>]
(gadget_dev_desc_UDC_store+0xa4/0xbc [libcomposite])
[ 563.514086] [<bf0055e4>] (gadget_dev_desc_UDC_store [libcomposite])
from [<bf003a60>] (gadget_info_attr_store+0x1c/0x28 [libcomposite])
[ 563.526219] [<bf003a60>] (gadget_info_attr_store [libcomposite])
from [<c0151214>] (configfs_write_file+0x15c/0x178)
[ 563.536708] [<c0151214>] (configfs_write_file) from [<c00f4868>]
(vfs_write+0xa0/0x1a8)
[ 563.544684] [<c00f4868>] (vfs_write) from [<c00f4b88>] (SyS_write+0x40/0x8c)
[ 563.551712] [<c00f4b88>] (SyS_write) from [<c000e5a0>]
(ret_fast_syscall+0x0/0x34)
[ 563.559252] Code: e783c182 e5b54002 e5913004 e595c004 (e5933000)
[ 563.565343] ---[ end trace e2ca87aac9bcd6fe ]---
The recovered descriptor that was written earlier is:
[ 509.130735] Buffer from user space:
[ 509.130747] : 03 00 00 00 69 00 00 00 0b 00 00 00 03 00 00 00
....i...........
[ 509.130755] : 03 00 00 00 01 00 00 00 09 04 00 00 02 ff ff 00
................
[ 509.130763] : 01 07 05 81 03 00 00 00 07 05 02 03 00 00 00 09
................
[ 509.130771] : 04 00 00 02 ff ff 00 01 07 05 81 03 00 00 00 07
................
[ 509.130778] : 05 02 03 00 00 00 00 23 00 00 00 01 00 04 00 01
.......#........
[ 509.130785] : 00 00 00 57 49 4e 55 53 42 00 00 00 00 00 00 00
...WINUSB.......
[ 509.130792] : 00 00 00 00 00 00 00 00 00 .........
Which means:
03 00 00 00 - Magic
69 00 00 00 - Length
0b 00 00 00 - Flags (FS, HS, OS) (Added OS flag!)
03 00 00 00 - FS count
03 00 00 00 - HS count
01 00 00 00 - OS count (Added OS count!)
09 04 00 00 02 ff ff 00 01 - FS interface
07 05 81 03 00 00 00 - FS ep1
07 05 02 03 00 00 00 - FS ep2
09 04 00 00 02 ff ff 00 01 - HS interface
07 05 81 03 00 00 00 - HS ep1
07 05 02 03 00 00 00 - HS ep2
00 - OS desc interface (OS header and descriptor starts here!)
23 00 00 00 - OS desc dwLength
01 00 - OS desc bcdVersion
04 00 - OS desc wIndex
01 - OS desc bCount
00 - OS desc Reserved
00 - ExtCompat bFirstInterfaceNumber
00 - ExtCompat Reserved
57 49 4e 55 53 42 00 00 - ExtCompat CompatibleID ("WINUSB")
00 00 00 00 00 00 00 00 - ExtCompat SubCompatibleID
00 00 00 00 00 00 - ExtCompat Reserved
I am not sure if this approach is a correct way of using OS
descriptors (what about MS string descriptor?) with FunctionFS, but
nontheless the 'Oops' happens after binding something that FFS
previously accepted.
Best regards,
Wojtek
--
To unsubscribe from this list: send the line "unsubscribe linux-usb" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
