usb: dwc2: Fix out-of-bounds access, fix chunk size
Fix two errors in transfer len calculation, move loop invariant code out
of loop.
If xfer_len is equal to CONFIG_DWC2_MAX_TRANSFER_SIZE (or slightly
smaller), the xfer_len will be to large, e.g.:
xfer_len = MAX_TRANSFER_SIZE = 65535
max packet size = 512
=> num_packets = 128
=> IN xfer_len = 65536
For OUT transactions larger than (65536 - mps) bytes, the xfer_len
determination is quite awkward, it is only correct due to:
- max_packet_size for control/bulk/interrupt is required to be
power-of-two.
- (CONFIG_DWC2_MAX_TRANSFER_SIZE + 1) % max-packet-size is zero
for all allowed (2^3 ... 2^9) packet sizes
As the max xfer len is loop invariant, it can be moved out of the loop.
Signed-off-by: Stefan Brüns <stefan.bruens@rwth-aachen.de>
projects / platform / kernel / u-boot.git / commit