Re: Explicit status phase for DWC3

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, Feb 02, 2023 at 03:45:24PM +0000, Dan Scally wrote:
> 
> On 02/02/2023 14:52, Alan Stern wrote:
> > On Thu, Feb 02, 2023 at 10:12:45AM +0000, Dan Scally wrote:
> > > (+CC roger as the author of the USB_GADGET_DELAYED_STATUS mechanism)
> > > 
> > > On 26/01/2023 23:57, Thinh Nguyen wrote:
> > > > We should already have this mechanism in place to do protocol STALL.
> > > > Please look into delayed_status and set halt.
> > > 
> > > Thanks; I tried this by returning USB_GADGET_DELAYED_STATUS from the
> > > function's .setup() callback and later (after userspace checks the data
> > > packet) either calling usb_ep_queue() or usb_ep_set_halt() and it does seem
> > > to be working. This surprises me, as my understanding was that the purpose
> > > of USB_GADGET_DELAYED_STATUS  is to pause all control transfers including
> > > the data phase to give the function driver enough time to queue a request
> > > (and possibly only for specific requests). Regardless though I think the
> > > conclusion from previous discussions on this topic (see [1] for example) was
> > > that we don't want to rely on USB_GADGET_DELAYED_STATUS to do this which is
> > > why I had avoided it in the first place. A colleague made a series [2] some
> > > time ago that adds a flag to usb_request which function drivers can set when
> > > queuing the data phase request. UDC drivers then read that flag to decide
> > > whether to delay the status phase until after another usb_ep_queue(), and
> > > that's what I'm trying to implement here.
> > > 
> > > 
> > > [1] https://lkml.org/lkml/2018/10/10/138
> > > 
> > > [2] https://patchwork.kernel.org/project/linux-usb/patch/20190124030228.19840-5-paul.elder@xxxxxxxxxxxxxxxx/
> > I'm in favor of the explicit_status approach from [2].  In fact, there
> > was a whole series of patches impementing this, and I don't think any of
> > them were merged.
> 
> 
> Yep, I'm picking that series up and want to get it merged.
> 
> > Keep in mind that there are two separate issues here:
> > 
> > 	Status/data stage for a control-IN or 0-length control-OUT
> > 	transfer.
> > 
> > 	Status stage for a non-0-length control-OUT transfer.
> > 
> > The USB_GADGET_DELAYED_STATUS mechanism was meant to help with the
> > first, not the second.  explicit_status was meant to help with the
> > second; it may be able to help with both.
> 
> Ack - thanks. That thread I linked was very informative, I wish I'd found it
> sooner!

There is still a race in the gadget layer's handling of control 
requests.  The host can send a SETUP packet at any time.  So when a 
function driver queues a usb_request for ep0, how does the UDC driver 
know whether it is in response to the SETUP packet that just now arrived 
or in response to one that arrived earlier (and is now superseded)?

This race exists even at the hardware level, and I'm pretty sure that a 
lot of UDC controllers don't handle it properly.  But there's nothing we 
can do about that...

My thought (and this goes back almost 20 years!) was that a UDC driver 
should associate a different tag value with each incoming SETUP packet.  
This tag would get passed to the function driver in its ->setup() 
callback, and the function driver would copy the value into a new 
.control_tag field of the usb_request structure it queues as part of the 
control transfer.

Then the UDC driver could inspect the control_tag value when it is asked 
to queue a request for ep0, and it could return failure if the value 
doesn't match the UDC's current tag.  This can be done while holding the 
UDC's spinlock, so it will be free of races.

The right way to do this would be to add a new argument to the ->setup() 
callback, for the tag value.  But this would mean changing the gadget 
API, and it would require simultaneously updating every UDC driver and 
every gadget/function driver.

Alternatively, there could be a .current_tag field added to the 
usb_gadget structure, which is also passed to ->setup().  It would be 
more awkward, but drivers not converted to the new mechanism would 
simply leave the field permanently set to 0.  Provided all genuine tags 
are nonzero, the mechanism would be backward compatible with existing 
code.

Of course, this is all independent of the explicit_status changes.

Alan Stern



[Index of Archives]     [Linux Media]     [Linux Input]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]     [Old Linux USB Devel Archive]

  Powered by Linux