qemu-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Bug 1859378] Re: xhci Control Transfer requiring a Status TRB before st

From: Benjamin David Lunt
Subject: [Bug 1859378] Re: xhci Control Transfer requiring a Status TRB before starting transfer
Date: Mon, 13 Jan 2020 00:48:47 -0000 
Just a little more information.

In section 4.11.2.2, page 159 of version 1.0 of the xHCI specification,
it states:

<start quote>
• The xHC shall NOT check for the following Control transfer error conditions.
  • If a Data Stage TD follows a Setup Stage TD, where wLength = ‘0’.
  • If a Status Stage TD does not follow a Setup Stage TD, where wLength = ‘0’.
  • If a Data Stage TD does not follow a Setup Stage TD, where wLength > ‘0’21.
  • If the total size of the Data Stage TD is not equal to wLength.
  • If the Data Stage TRB Direction (DIR) flag does not correspond to the 
definition in Table 7.
  • If the Status Stage TRB Direction (DIR) flag does not correspond to the 
definition in Table 7.
• The xHC is NOT required to check for the following Control transfer error 
conditions. 
  If system software is properly designed these error conditions will never 
occur. However 
  if the xHC does check for these conditions it shall generate a Transfer Event 
for the TRB
  that the error was detected on with the Completion Code set to TRB Error.
  • If a Status Stage TD does not follow a Data Stage TD.
  • If the Setup Stage TRB defines a Length not = 8.
  • If the Status Stage TRB defines a Length > 0.
<end quote>

I take the first bullet in the second set as it is not required that the
STATUS TRB be on the ring at this point in time.  However, if the
controller (xHC) does check, it must place an event TRB on the Event
ring indicating an error at the SETUP TRB.

Thank you for your time,
Ben

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1859378

Title:
  xhci Control Transfer requiring a Status TRB before starting transfer

Status in QEMU:
  New

Bug description:
  This may not necessarily be a bug, but more of a change.

  A little background may need to be in order.

  With all USB Control transfers, there is a SETUP transfer, zero or
  more DATA transfers, and if successful, a STATUS transfer.  This
  STATUS transfer is used to indicate to the recipient that the previous
  transfers were successful.  For example, in a CONTROL IN transfer, the
  host sends a SETUP packet to the device, receives zero or more DATA
  packets, and then on successful transfer, the HOST sends the STATUS
  packet indicating to the device that all was received.

  If no DATA packets are received, the HOST is not to send a STATUS
  packet.  This could be due to a STALL or other error.

  With this in mind, the STATUS transfer, in this case an xHCI STATUS
  TRB, may not even be on the transfer ring yet.  The HOST software may
  be waiting for a successful transfer before it submits the STATUS
  transfer.

  However, if you look at the test at line 1701
  (https://git.qemu.org/?p=qemu.git;a=blob;f=hw/usb/hcd-xhci.c#l1701),
  the current code will not start the CONTROL transfer at all if it
  doesn't see that STATUS TRB on the ring.

  In my opinion, this is in error.  It is not required that a STATUS TRB
  be on the ring to start the CONTROL transfer.  This STATUS TRB can be
  placed on the ring after a successful SETUP and zero or more DATA
  transfers followed by a ring to the door bell.  Then after a
  successful transfer to this point, placing this STATUS TRB on the ring
  and another ring to the door bell.

  In my opinion, the check at line 1701 should be removed.

  Thank you,
  Ben

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1859378/+subscriptions
reply via email to
[Prev in Thread] Current Thread [Next in Thread]