projects / linux-2.6-block.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit...
[linux-2.6-block.git] / drivers / net / wimax / i2400m / control.c
CommitLineData
3a35a1d0
IPG		 1/*
2 * Intel Wireless WiMAX Connection 2400m
3 * Miscellaneous control functions for managing the device
4 *
5 *
6 * Copyright (C) 2007-2008 Intel Corporation. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * * Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 * * Redistributions in binary form must reproduce the above copyright
15 * notice, this list of conditions and the following disclaimer in
16 * the documentation and/or other materials provided with the
17 * distribution.
18 * * Neither the name of Intel Corporation nor the names of its
19 * contributors may be used to endorse or promote products derived
20 * from this software without specific prior written permission.
21 *
22 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
23 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
24 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
25 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
26 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
27 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
28 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
29 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
30 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
31 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
32 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
33 *
34 *
35 * Intel Corporation <linux-wimax@intel.com>
36 * Inaky Perez-Gonzalez <inaky.perez-gonzalez@intel.com>
37 * - Initial implementation
38 *
39 * This is a collection of functions used to control the device (plus
40 * a few helpers).
41 *
42 * There are utilities for handling TLV buffers, hooks on the device's
43 * reports to act on device changes of state [i2400m_report_hook()],
44 * on acks to commands [i2400m_msg_ack_hook()], a helper for sending
45 * commands to the device and blocking until a reply arrives
46 * [i2400m_msg_to_dev()], a few high level commands for manipulating
47 * the device state, powersving mode and configuration plus the
48 * routines to setup the device once communication is stablished with
49 * it [i2400m_dev_initialize()].
50 *
51 * ROADMAP
52 *
53 * i2400m_dev_initalize() Called by i2400m_dev_start()
54 * i2400m_set_init_config()
3a35a1d0
IPG		 55 * i2400m_cmd_get_state()
56 * i2400m_dev_shutdown() Called by i2400m_dev_stop()
c931ceeb 57 * i2400m_reset()
3a35a1d0
IPG		 58 *
59 * i2400m_{cmd,get,set}_*()
60 * i2400m_msg_to_dev()
61 * i2400m_msg_check_status()
62 *
63 * i2400m_report_hook() Called on reception of an event
64 * i2400m_report_state_hook()
65 * i2400m_tlv_buffer_walk()
66 * i2400m_tlv_match()
67 * i2400m_report_tlv_system_state()
68 * i2400m_report_tlv_rf_switches_status()
69 * i2400m_report_tlv_media_status()
70 * i2400m_cmd_enter_powersave()
71 *
72 * i2400m_msg_ack_hook() Called on reception of a reply to a
73 * command, get or set
74 */
75
76#include <stdarg.h>
77#include "i2400m.h"
78#include <linux/kernel.h>
5a0e3ad6 79#include <linux/slab.h>
3a35a1d0
IPG		 80#include <linux/wimax/i2400m.h>
81
82
83#define D_SUBMODULE control
84#include "debug-levels.h"
85
55a662d6
IPG		 86int i2400m_passive_mode; /* 0 (passive mode disabled) by default */
87module_param_named(passive_mode, i2400m_passive_mode, int, 0644);
88MODULE_PARM_DESC(passive_mode,
89 "If true, the driver will not do any device setup "
90 "and leave it up to user space, who must be properly "
91 "setup.");
92
3a35a1d0
IPG		 93
94/*
95 * Return if a TLV is of a give type and size
96 *
97 * @tlv_hdr: pointer to the TLV
98 * @tlv_type: type of the TLV we are looking for
99 * @tlv_size: expected size of the TLV we are looking for (if -1,
100 * don't check the size). This includes the header
101 * Returns: 0 if the TLV matches
102 * < 0 if it doesn't match at all
103 * > 0 total TLV + payload size, if the type matches, but not
104 * the size
105 */
106static
107ssize_t i2400m_tlv_match(const struct i2400m_tlv_hdr *tlv,
108 enum i2400m_tlv tlv_type, ssize_t tlv_size)
109{
110 if (le16_to_cpu(tlv->type) != tlv_type) /* Not our type? skip */
111 return -1;
112 if (tlv_size != -1
113 && le16_to_cpu(tlv->length) + sizeof(*tlv) != tlv_size) {
114 size_t size = le16_to_cpu(tlv->length) + sizeof(*tlv);
115 printk(KERN_WARNING "W: tlv type 0x%x mismatched because of "
116 "size (got %zu vs %zu expected)\n",
117 tlv_type, size, tlv_size);
118 return size;
119 }
120 return 0;
121}
122
123
124/*
125 * Given a buffer of TLVs, iterate over them
126 *
127 * @i2400m: device instance
128 * @tlv_buf: pointer to the beginning of the TLV buffer
129 * @buf_size: buffer size in bytes
130 * @tlv_pos: seek position; this is assumed to be a pointer returned
131 * by i2400m_tlv_buffer_walk() [and thus, validated]. The
132 * TLV returned will be the one following this one.
133 *
134 * Usage:
135 *
136 * tlv_itr = NULL;
137 * while (tlv_itr = i2400m_tlv_buffer_walk(i2400m, buf, size, tlv_itr)) {
138 * ...
139 * // Do stuff with tlv_itr, DON'T MODIFY IT
140 * ...
141 * }
142 */
143static
144const struct i2400m_tlv_hdr *i2400m_tlv_buffer_walk(
145 struct i2400m *i2400m,
146 const void *tlv_buf, size_t buf_size,
147 const struct i2400m_tlv_hdr *tlv_pos)
148{
149 struct device *dev = i2400m_dev(i2400m);
150 const struct i2400m_tlv_hdr *tlv_top = tlv_buf + buf_size;
151 size_t offset, length, avail_size;
152 unsigned type;
153
154 if (tlv_pos == NULL) /* Take the first one? */
155 tlv_pos = tlv_buf;
156 else /* Nope, the next one */
157 tlv_pos = (void *) tlv_pos
158 + le16_to_cpu(tlv_pos->length) + sizeof(*tlv_pos);
159 if (tlv_pos == tlv_top) { /* buffer done */
160 tlv_pos = NULL;
161 goto error_beyond_end;
162 }
163 if (tlv_pos > tlv_top) {
164 tlv_pos = NULL;
165 WARN_ON(1);
166 goto error_beyond_end;
167 }
168 offset = (void *) tlv_pos - (void *) tlv_buf;
169 avail_size = buf_size - offset;
170 if (avail_size < sizeof(*tlv_pos)) {
171 dev_err(dev, "HW BUG? tlv_buf %p [%zu bytes], tlv @%zu: "
172 "short header\n", tlv_buf, buf_size, offset);
173 goto error_short_header;
174 }
175 type = le16_to_cpu(tlv_pos->type);
176 length = le16_to_cpu(tlv_pos->length);
177 if (avail_size < sizeof(*tlv_pos) + length) {
178 dev_err(dev, "HW BUG? tlv_buf %p [%zu bytes], "
179 "tlv type 0x%04x @%zu: "
180 "short data (%zu bytes vs %zu needed)\n",
181 tlv_buf, buf_size, type, offset, avail_size,
182 sizeof(*tlv_pos) + length);
183 goto error_short_header;
184 }
185error_short_header:
186error_beyond_end:
187 return tlv_pos;
188}
189
190
191/*
192 * Find a TLV in a buffer of sequential TLVs
193 *
194 * @i2400m: device descriptor
195 * @tlv_hdr: pointer to the first TLV in the sequence
196 * @size: size of the buffer in bytes; all TLVs are assumed to fit
197 * fully in the buffer (otherwise we'll complain).
198 * @tlv_type: type of the TLV we are looking for
199 * @tlv_size: expected size of the TLV we are looking for (if -1,
200 * don't check the size). This includes the header
201 *
202 * Returns: NULL if the TLV is not found, otherwise a pointer to
203 * it. If the sizes don't match, an error is printed and NULL
204 * returned.
205 */
206static
207const struct i2400m_tlv_hdr *i2400m_tlv_find(
208 struct i2400m *i2400m,
209 const struct i2400m_tlv_hdr *tlv_hdr, size_t size,
210 enum i2400m_tlv tlv_type, ssize_t tlv_size)
211{
212 ssize_t match;
213 struct device *dev = i2400m_dev(i2400m);
214 const struct i2400m_tlv_hdr *tlv = NULL;
215 while ((tlv = i2400m_tlv_buffer_walk(i2400m, tlv_hdr, size, tlv))) {
216 match = i2400m_tlv_match(tlv, tlv_type, tlv_size);
217 if (match == 0) /* found it :) */
218 break;
219 if (match > 0)
220 dev_warn(dev, "TLV type 0x%04x found with size "
221 "mismatch (%zu vs %zu needed)\n",
222 tlv_type, match, tlv_size);
223 }
224 return tlv;
225}
226
227
228static const struct
229{
230 char *msg;
231 int errno;
232} ms_to_errno[I2400M_MS_MAX] = {
233 [I2400M_MS_DONE_OK] = { "", 0 },
234 [I2400M_MS_DONE_IN_PROGRESS] = { "", 0 },
235 [I2400M_MS_INVALID_OP] = { "invalid opcode", -ENOSYS },
236 [I2400M_MS_BAD_STATE] = { "invalid state", -EILSEQ },
237 [I2400M_MS_ILLEGAL_VALUE] = { "illegal value", -EINVAL },
238 [I2400M_MS_MISSING_PARAMS] = { "missing parameters", -ENOMSG },
239 [I2400M_MS_VERSION_ERROR] = { "bad version", -EIO },
240 [I2400M_MS_ACCESSIBILITY_ERROR] = { "accesibility error", -EIO },
241 [I2400M_MS_BUSY] = { "busy", -EBUSY },
242 [I2400M_MS_CORRUPTED_TLV] = { "corrupted TLV", -EILSEQ },
243 [I2400M_MS_UNINITIALIZED] = { "not unitialized", -EILSEQ },
244 [I2400M_MS_UNKNOWN_ERROR] = { "unknown error", -EIO },
245 [I2400M_MS_PRODUCTION_ERROR] = { "production error", -EIO },
246 [I2400M_MS_NO_RF] = { "no RF", -EIO },
247 [I2400M_MS_NOT_READY_FOR_POWERSAVE] =
248 { "not ready for powersave", -EACCES },
249 [I2400M_MS_THERMAL_CRITICAL] = { "thermal critical", -EL3HLT },
250};
251
252
253/*
254 * i2400m_msg_check_status - translate a message's status code
255 *
256 * @i2400m: device descriptor
257 * @l3l4_hdr: message header
258 * @strbuf: buffer to place a formatted error message (unless NULL).
259 * @strbuf_size: max amount of available space; larger messages will
260 * be truncated.
261 *
262 * Returns: errno code corresponding to the status code in @l3l4_hdr
263 * and a message in @strbuf describing the error.
264 */
265int i2400m_msg_check_status(const struct i2400m_l3l4_hdr *l3l4_hdr,
266 char *strbuf, size_t strbuf_size)
267{
268 int result;
269 enum i2400m_ms status = le16_to_cpu(l3l4_hdr->status);
270 const char *str;
271
272 if (status == 0)
273 return 0;
a6346fa5 274 if (status >= ARRAY_SIZE(ms_to_errno)) {
3a35a1d0
IPG		 275 str = "unknown status code";
276 result = -EBADR;
277 } else {
278 str = ms_to_errno[status].msg;
279 result = ms_to_errno[status].errno;
280 }
281 if (strbuf)
282 snprintf(strbuf, strbuf_size, "%s (%d)", str, status);
283 return result;
284}
285
286
287/*
288 * Act on a TLV System State reported by the device
289 *
290 * @i2400m: device descriptor
291 * @ss: validated System State TLV
292 */
293static
294void i2400m_report_tlv_system_state(struct i2400m *i2400m,
295 const struct i2400m_tlv_system_state *ss)
296{
297 struct device *dev = i2400m_dev(i2400m);
298 struct wimax_dev *wimax_dev = &i2400m->wimax_dev;
299 enum i2400m_system_state i2400m_state = le32_to_cpu(ss->state);
300
301 d_fnstart(3, dev, "(i2400m %p ss %p [%u])\n", i2400m, ss, i2400m_state);
302
3a35a1d0
IPG		 303 if (i2400m->state != i2400m_state) {
304 i2400m->state = i2400m_state;
305 wake_up_all(&i2400m->state_wq);
306 }
307 switch (i2400m_state) {
308 case I2400M_SS_UNINITIALIZED:
309 case I2400M_SS_INIT:
310 case I2400M_SS_CONFIG:
311 case I2400M_SS_PRODUCTION:
312 wimax_state_change(wimax_dev, WIMAX_ST_UNINITIALIZED);
313 break;
314
315 case I2400M_SS_RF_OFF:
316 case I2400M_SS_RF_SHUTDOWN:
317 wimax_state_change(wimax_dev, WIMAX_ST_RADIO_OFF);
318 break;
319
320 case I2400M_SS_READY:
321 case I2400M_SS_STANDBY:
322 case I2400M_SS_SLEEPACTIVE:
323 wimax_state_change(wimax_dev, WIMAX_ST_READY);
324 break;
325
326 case I2400M_SS_CONNECTING:
327 case I2400M_SS_WIMAX_CONNECTED:
328 wimax_state_change(wimax_dev, WIMAX_ST_READY);
329 break;
330
331 case I2400M_SS_SCAN:
332 case I2400M_SS_OUT_OF_ZONE:
333 wimax_state_change(wimax_dev, WIMAX_ST_SCANNING);
334 break;
335
336 case I2400M_SS_IDLE:
337 d_printf(1, dev, "entering BS-negotiated idle mode\n");
338 case I2400M_SS_DISCONNECTING:
339 case I2400M_SS_DATA_PATH_CONNECTED:
340 wimax_state_change(wimax_dev, WIMAX_ST_CONNECTED);
341 break;
342
343 default:
344 /* Huh? just in case, shut it down */
345 dev_err(dev, "HW BUG? unknown state %u: shutting down\n",
346 i2400m_state);
c931ceeb 347 i2400m_reset(i2400m, I2400M_RT_WARM);
3a35a1d0
IPG		 348 break;
349 };
3a35a1d0
IPG		 350 d_fnend(3, dev, "(i2400m %p ss %p [%u]) = void\n",
351 i2400m, ss, i2400m_state);
352}
353
354
355/*
356 * Parse and act on a TLV Media Status sent by the device
357 *
358 * @i2400m: device descriptor
359 * @ms: validated Media Status TLV
360 *
361 * This will set the carrier up on down based on the device's link
362 * report. This is done asides of what the WiMAX stack does based on
363 * the device's state as sometimes we need to do a link-renew (the BS
364 * wants us to renew a DHCP lease, for example).
365 *
366 * In fact, doc says that everytime we get a link-up, we should do a
367 * DHCP negotiation...
368 */
369static
370void i2400m_report_tlv_media_status(struct i2400m *i2400m,
371 const struct i2400m_tlv_media_status *ms)
372{
373 struct device *dev = i2400m_dev(i2400m);
374 struct wimax_dev *wimax_dev = &i2400m->wimax_dev;
375 struct net_device *net_dev = wimax_dev->net_dev;
376 enum i2400m_media_status status = le32_to_cpu(ms->media_status);
377
378 d_fnstart(3, dev, "(i2400m %p ms %p [%u])\n", i2400m, ms, status);
379
3a35a1d0
IPG		 380 switch (status) {
381 case I2400M_MEDIA_STATUS_LINK_UP:
382 netif_carrier_on(net_dev);
383 break;
384 case I2400M_MEDIA_STATUS_LINK_DOWN:
385 netif_carrier_off(net_dev);
386 break;
387 /*
388 * This is the network telling us we need to retrain the DHCP
389 * lease -- so far, we are trusting the WiMAX Network Service
390 * in user space to pick this up and poke the DHCP client.
391 */
392 case I2400M_MEDIA_STATUS_LINK_RENEW:
393 netif_carrier_on(net_dev);
394 break;
395 default:
396 dev_err(dev, "HW BUG? unknown media status %u\n",
397 status);
398 };
3a35a1d0
IPG		 399 d_fnend(3, dev, "(i2400m %p ms %p [%u]) = void\n",
400 i2400m, ms, status);
401}
402
403
404/*
8ac1101f
IPG		 405 * Process a TLV from a 'state report'
406 *
407 * @i2400m: device descriptor
408 * @tlv: pointer to the TLV header; it has been already validated for
409 * consistent size.
410 * @tag: for error messages
411 *
412 * Act on the TLVs from a 'state report'.
413 */
414static
415void i2400m_report_state_parse_tlv(struct i2400m *i2400m,
416 const struct i2400m_tlv_hdr *tlv,
417 const char *tag)
418{
419 struct device *dev = i2400m_dev(i2400m);
420 const struct i2400m_tlv_media_status *ms;
421 const struct i2400m_tlv_system_state *ss;
422 const struct i2400m_tlv_rf_switches_status *rfss;
423
424 if (0 == i2400m_tlv_match(tlv, I2400M_TLV_SYSTEM_STATE, sizeof(*ss))) {
425 ss = container_of(tlv, typeof(*ss), hdr);
426 d_printf(2, dev, "%s: system state TLV "
427 "found (0x%04x), state 0x%08x\n",
428 tag, I2400M_TLV_SYSTEM_STATE,
429 le32_to_cpu(ss->state));
430 i2400m_report_tlv_system_state(i2400m, ss);
431 }
432 if (0 == i2400m_tlv_match(tlv, I2400M_TLV_RF_STATUS, sizeof(*rfss))) {
433 rfss = container_of(tlv, typeof(*rfss), hdr);
434 d_printf(2, dev, "%s: RF status TLV "
435 "found (0x%04x), sw 0x%02x hw 0x%02x\n",
436 tag, I2400M_TLV_RF_STATUS,
437 le32_to_cpu(rfss->sw_rf_switch),
438 le32_to_cpu(rfss->hw_rf_switch));
439 i2400m_report_tlv_rf_switches_status(i2400m, rfss);
440 }
441 if (0 == i2400m_tlv_match(tlv, I2400M_TLV_MEDIA_STATUS, sizeof(*ms))) {
442 ms = container_of(tlv, typeof(*ms), hdr);
443 d_printf(2, dev, "%s: Media Status TLV: %u\n",
444 tag, le32_to_cpu(ms->media_status));
445 i2400m_report_tlv_media_status(i2400m, ms);
446 }
447}
448
449
450/*
451 * Parse a 'state report' and extract information
3a35a1d0
IPG		 452 *
453 * @i2400m: device descriptor
454 * @l3l4_hdr: pointer to message; it has been already validated for
455 * consistent size.
456 * @size: size of the message (header + payload). The header length
457 * declaration is assumed to be congruent with @size (as in
458 * sizeof(*l3l4_hdr) + l3l4_hdr->length == size)
459 *
8ac1101f 460 * Walk over the TLVs in a report state and act on them.
3a35a1d0
IPG		 461 */
462static
463void i2400m_report_state_hook(struct i2400m *i2400m,
464 const struct i2400m_l3l4_hdr *l3l4_hdr,
465 size_t size, const char *tag)
466{
467 struct device *dev = i2400m_dev(i2400m);
468 const struct i2400m_tlv_hdr *tlv;
3a35a1d0
IPG		 469 size_t tlv_size = le16_to_cpu(l3l4_hdr->length);
470
471 d_fnstart(4, dev, "(i2400m %p, l3l4_hdr %p, size %zu, %s)\n",
472 i2400m, l3l4_hdr, size, tag);
473 tlv = NULL;
474
475 while ((tlv = i2400m_tlv_buffer_walk(i2400m, &l3l4_hdr->pl,
8ac1101f
IPG		 476 tlv_size, tlv)))
477 i2400m_report_state_parse_tlv(i2400m, tlv, tag);
3a35a1d0
IPG		 478 d_fnend(4, dev, "(i2400m %p, l3l4_hdr %p, size %zu, %s) = void\n",
479 i2400m, l3l4_hdr, size, tag);
480}
481
482
483/*
484 * i2400m_report_hook - (maybe) act on a report
485 *
486 * @i2400m: device descriptor
487 * @l3l4_hdr: pointer to message; it has been already validated for
488 * consistent size.
489 * @size: size of the message (header + payload). The header length
490 * declaration is assumed to be congruent with @size (as in
491 * sizeof(*l3l4_hdr) + l3l4_hdr->length == size)
492 *
493 * Extract information we might need (like carrien on/off) from a
494 * device report.
495 */
496void i2400m_report_hook(struct i2400m *i2400m,
497 const struct i2400m_l3l4_hdr *l3l4_hdr, size_t size)
498{
499 struct device *dev = i2400m_dev(i2400m);
500 unsigned msg_type;
501
502 d_fnstart(3, dev, "(i2400m %p l3l4_hdr %p size %zu)\n",
503 i2400m, l3l4_hdr, size);
504 /* Chew on the message, we might need some information from
505 * here */
506 msg_type = le16_to_cpu(l3l4_hdr->type);
507 switch (msg_type) {
508 case I2400M_MT_REPORT_STATE: /* carrier detection... */
509 i2400m_report_state_hook(i2400m,
510 l3l4_hdr, size, "REPORT STATE");
511 break;
512 /* If the device is ready for power save, then ask it to do
513 * it. */
514 case I2400M_MT_REPORT_POWERSAVE_READY: /* zzzzz */
515 if (l3l4_hdr->status == cpu_to_le16(I2400M_MS_DONE_OK)) {
fb101674
IPG		 516 if (i2400m_power_save_disabled)
517 d_printf(1, dev, "ready for powersave, "
518 "not requesting (disabled by module "
519 "parameter)\n");
520 else {
521 d_printf(1, dev, "ready for powersave, "
522 "requesting\n");
523 i2400m_cmd_enter_powersave(i2400m);
524 }
3a35a1d0
IPG		 525 }
526 break;
527 };
528 d_fnend(3, dev, "(i2400m %p l3l4_hdr %p size %zu) = void\n",
529 i2400m, l3l4_hdr, size);
530}
531
532
533/*
534 * i2400m_msg_ack_hook - process cmd/set/get ack for internal status
535 *
536 * @i2400m: device descriptor
537 * @l3l4_hdr: pointer to message; it has been already validated for
538 * consistent size.
539 * @size: size of the message
540 *
541 * Extract information we might need from acks to commands and act on
542 * it. This is akin to i2400m_report_hook(). Note most of this
543 * processing should be done in the function that calls the
544 * command. This is here for some cases where it can't happen...
545 */
546void i2400m_msg_ack_hook(struct i2400m *i2400m,
547 const struct i2400m_l3l4_hdr *l3l4_hdr, size_t size)
548{
549 int result;
550 struct device *dev = i2400m_dev(i2400m);
551 unsigned ack_type, ack_status;
552 char strerr[32];
553
554 /* Chew on the message, we might need some information from
555 * here */
556 ack_type = le16_to_cpu(l3l4_hdr->type);
557 ack_status = le16_to_cpu(l3l4_hdr->status);
558 switch (ack_type) {
559 case I2400M_MT_CMD_ENTER_POWERSAVE:
560 /* This is just left here for the sake of example, as
561 * the processing is done somewhere else. */
562 if (0) {
563 result = i2400m_msg_check_status(
564 l3l4_hdr, strerr, sizeof(strerr));
565 if (result >= 0)
566 d_printf(1, dev, "ready for power save: %zd\n",
567 size);
568 }
569 break;
570 };
571 return;
572}
573
574
575/*
576 * i2400m_msg_size_check() - verify message size and header are congruent
577 *
578 * It is ok if the total message size is larger than the expected
579 * size, as there can be padding.
580 */
581int i2400m_msg_size_check(struct i2400m *i2400m,
582 const struct i2400m_l3l4_hdr *l3l4_hdr,
583 size_t msg_size)
584{
585 int result;
586 struct device *dev = i2400m_dev(i2400m);
587 size_t expected_size;
588 d_fnstart(4, dev, "(i2400m %p l3l4_hdr %p msg_size %zu)\n",
589 i2400m, l3l4_hdr, msg_size);
590 if (msg_size < sizeof(*l3l4_hdr)) {
591 dev_err(dev, "bad size for message header "
592 "(expected at least %zu, got %zu)\n",
593 (size_t) sizeof(*l3l4_hdr), msg_size);
594 result = -EIO;
595 goto error_hdr_size;
596 }
597 expected_size = le16_to_cpu(l3l4_hdr->length) + sizeof(*l3l4_hdr);
598 if (msg_size < expected_size) {
599 dev_err(dev, "bad size for message code 0x%04x (expected %zu, "
600 "got %zu)\n", le16_to_cpu(l3l4_hdr->type),
601 expected_size, msg_size);
602 result = -EIO;
603 } else
604 result = 0;
605error_hdr_size:
606 d_fnend(4, dev,
607 "(i2400m %p l3l4_hdr %p msg_size %zu) = %d\n",
608 i2400m, l3l4_hdr, msg_size, result);
609 return result;
610}
611
612
613
614/*
615 * Cancel a wait for a command ACK
616 *
617 * @i2400m: device descriptor
618 * @code: [negative] errno code to cancel with (don't use
619 * -EINPROGRESS)
620 *
621 * If there is an ack already filled out, free it.
622 */
623void i2400m_msg_to_dev_cancel_wait(struct i2400m *i2400m, int code)
624{
625 struct sk_buff *ack_skb;
626 unsigned long flags;
627
628 spin_lock_irqsave(&i2400m->rx_lock, flags);
629 ack_skb = i2400m->ack_skb;
630 if (ack_skb && !IS_ERR(ack_skb))
f4895b8b 631 kfree_skb(ack_skb);
3a35a1d0
IPG		 632 i2400m->ack_skb = ERR_PTR(code);
633 spin_unlock_irqrestore(&i2400m->rx_lock, flags);
634}
635
636
637/**
638 * i2400m_msg_to_dev - Send a control message to the device and get a response
639 *
640 * @i2400m: device descriptor
641 *
642 * @msg_skb: an skb *
643 *
644 * @buf: pointer to the buffer containing the message to be sent; it
645 * has to start with a &struct i2400M_l3l4_hdr and then
646 * followed by the payload. Once this function returns, the
647 * buffer can be reused.
648 *
649 * @buf_len: buffer size
650 *
651 * Returns:
652 *
653 * Pointer to skb containing the ack message. You need to check the
654 * pointer with IS_ERR(), as it might be an error code. Error codes
655 * could happen because:
656 *
657 * - the message wasn't formatted correctly
658 * - couldn't send the message
659 * - failed waiting for a response
660 * - the ack message wasn't formatted correctly
661 *
662 * The returned skb has been allocated with wimax_msg_to_user_alloc(),
663 * it contains the reponse in a netlink attribute and is ready to be
664 * passed up to user space with wimax_msg_to_user_send(). To access
665 * the payload and its length, use wimax_msg_{data,len}() on the skb.
666 *
667 * The skb has to be freed with kfree_skb() once done.
668 *
669 * Description:
670 *
671 * This function delivers a message/command to the device and waits
672 * for an ack to be received. The format is described in
673 * linux/wimax/i2400m.h. In summary, a command/get/set is followed by an
674 * ack.
675 *
676 * This function will not check the ack status, that's left up to the
677 * caller. Once done with the ack skb, it has to be kfree_skb()ed.
678 *
679 * The i2400m handles only one message at the same time, thus we need
680 * the mutex to exclude other players.
681 *
682 * We write the message and then wait for an answer to come back. The
683 * RX path intercepts control messages and handles them in
684 * i2400m_rx_ctl(). Reports (notifications) are (maybe) processed
685 * locally and then forwarded (as needed) to user space on the WiMAX
686 * stack message pipe. Acks are saved and passed back to us through an
687 * skb in i2400m->ack_skb which is ready to be given to generic
688 * netlink if need be.
689 */
690struct sk_buff *i2400m_msg_to_dev(struct i2400m *i2400m,
691 const void *buf, size_t buf_len)
692{
693 int result;
694 struct device *dev = i2400m_dev(i2400m);
695 const struct i2400m_l3l4_hdr *msg_l3l4_hdr;
696 struct sk_buff *ack_skb;
697 const struct i2400m_l3l4_hdr *ack_l3l4_hdr;
698 size_t ack_len;
699 int ack_timeout;
700 unsigned msg_type;
701 unsigned long flags;
702
703 d_fnstart(3, dev, "(i2400m %p buf %p len %zu)\n",
704 i2400m, buf, buf_len);
705
b4013f91 706 rmb(); /* Make sure we see what i2400m_dev_reset_handle() */
3a35a1d0 707 if (i2400m->boot_mode)
0bcfc5ef 708 return ERR_PTR(-EL3RST);
3a35a1d0
IPG		 709
710 msg_l3l4_hdr = buf;
711 /* Check msg & payload consistency */
712 result = i2400m_msg_size_check(i2400m, msg_l3l4_hdr, buf_len);
713 if (result < 0)
714 goto error_bad_msg;
715 msg_type = le16_to_cpu(msg_l3l4_hdr->type);
716 d_printf(1, dev, "CMD/GET/SET 0x%04x %zu bytes\n",
717 msg_type, buf_len);
718 d_dump(2, dev, buf, buf_len);
719
720 /* Setup the completion, ack_skb ("we are waiting") and send
721 * the message to the device */
722 mutex_lock(&i2400m->msg_mutex);
723 spin_lock_irqsave(&i2400m->rx_lock, flags);
724 i2400m->ack_skb = ERR_PTR(-EINPROGRESS);
725 spin_unlock_irqrestore(&i2400m->rx_lock, flags);
726 init_completion(&i2400m->msg_completion);
727 result = i2400m_tx(i2400m, buf, buf_len, I2400M_PT_CTRL);
728 if (result < 0) {
729 dev_err(dev, "can't send message 0x%04x: %d\n",
730 le16_to_cpu(msg_l3l4_hdr->type), result);
731 goto error_tx;
732 }
733
734 /* Some commands take longer to execute because of crypto ops,
735 * so we give them some more leeway on timeout */
736 switch (msg_type) {
737 case I2400M_MT_GET_TLS_OPERATION_RESULT:
738 case I2400M_MT_CMD_SEND_EAP_RESPONSE:
739 ack_timeout = 5 * HZ;
740 break;
741 default:
742 ack_timeout = HZ;
743 };
744
223beea2
IPG		 745 if (unlikely(i2400m->trace_msg_from_user))
746 wimax_msg(&i2400m->wimax_dev, "echo", buf, buf_len, GFP_KERNEL);
3a35a1d0
IPG		 747 /* The RX path in rx.c will put any response for this message
748 * in i2400m->ack_skb and wake us up. If we cancel the wait,
749 * we need to change the value of i2400m->ack_skb to something
750 * not -EINPROGRESS so RX knows there is no one waiting. */
751 result = wait_for_completion_interruptible_timeout(
752 &i2400m->msg_completion, ack_timeout);
753 if (result == 0) {
754 dev_err(dev, "timeout waiting for reply to message 0x%04x\n",
755 msg_type);
756 result = -ETIMEDOUT;
757 i2400m_msg_to_dev_cancel_wait(i2400m, result);
758 goto error_wait_for_completion;
759 } else if (result < 0) {
760 dev_err(dev, "error waiting for reply to message 0x%04x: %d\n",
761 msg_type, result);
762 i2400m_msg_to_dev_cancel_wait(i2400m, result);
763 goto error_wait_for_completion;
764 }
765
766 /* Pull out the ack data from i2400m->ack_skb -- see if it is
767 * an error and act accordingly */
768 spin_lock_irqsave(&i2400m->rx_lock, flags);
769 ack_skb = i2400m->ack_skb;
770 if (IS_ERR(ack_skb))
771 result = PTR_ERR(ack_skb);
772 else
773 result = 0;
774 i2400m->ack_skb = NULL;
775 spin_unlock_irqrestore(&i2400m->rx_lock, flags);
776 if (result < 0)
777 goto error_ack_status;
778 ack_l3l4_hdr = wimax_msg_data_len(ack_skb, &ack_len);
779
780 /* Check the ack and deliver it if it is ok */
223beea2
IPG		 781 if (unlikely(i2400m->trace_msg_from_user))
782 wimax_msg(&i2400m->wimax_dev, "echo",
783 ack_l3l4_hdr, ack_len, GFP_KERNEL);
3a35a1d0
IPG		 784 result = i2400m_msg_size_check(i2400m, ack_l3l4_hdr, ack_len);
785 if (result < 0) {
786 dev_err(dev, "HW BUG? reply to message 0x%04x: %d\n",
787 msg_type, result);
788 goto error_bad_ack_len;
789 }
790 if (msg_type != le16_to_cpu(ack_l3l4_hdr->type)) {
791 dev_err(dev, "HW BUG? bad reply 0x%04x to message 0x%04x\n",
792 le16_to_cpu(ack_l3l4_hdr->type), msg_type);
793 result = -EIO;
794 goto error_bad_ack_type;
795 }
796 i2400m_msg_ack_hook(i2400m, ack_l3l4_hdr, ack_len);
797 mutex_unlock(&i2400m->msg_mutex);
798 d_fnend(3, dev, "(i2400m %p buf %p len %zu) = %p\n",
799 i2400m, buf, buf_len, ack_skb);
800 return ack_skb;
801
802error_bad_ack_type:
803error_bad_ack_len:
804 kfree_skb(ack_skb);
805error_ack_status:
806error_wait_for_completion:
807error_tx:
808 mutex_unlock(&i2400m->msg_mutex);
809error_bad_msg:
810 d_fnend(3, dev, "(i2400m %p buf %p len %zu) = %d\n",
811 i2400m, buf, buf_len, result);
812 return ERR_PTR(result);
813}
814
815
816/*
817 * Definitions for the Enter Power Save command
818 *
819 * The Enter Power Save command requests the device to go into power
820 * saving mode. The device will ack or nak the command depending on it
821 * being ready for it. If it acks, we tell the USB subsystem to
822 *
823 * As well, the device might request to go into power saving mode by
824 * sending a report (REPORT_POWERSAVE_READY), in which case, we issue
825 * this command. The hookups in the RX coder allow
826 */
827enum {
828 I2400M_WAKEUP_ENABLED = 0x01,
829 I2400M_WAKEUP_DISABLED = 0x02,
830 I2400M_TLV_TYPE_WAKEUP_MODE = 144,
831};
832
833struct i2400m_cmd_enter_power_save {
834 struct i2400m_l3l4_hdr hdr;
835 struct i2400m_tlv_hdr tlv;
836 __le32 val;
837} __attribute__((packed));
838
839
840/*
841 * Request entering power save
842 *
843 * This command is (mainly) executed when the device indicates that it
844 * is ready to go into powersave mode via a REPORT_POWERSAVE_READY.
845 */
846int i2400m_cmd_enter_powersave(struct i2400m *i2400m)
847{
848 int result;
849 struct device *dev = i2400m_dev(i2400m);
850 struct sk_buff *ack_skb;
851 struct i2400m_cmd_enter_power_save *cmd;
852 char strerr[32];
853
854 result = -ENOMEM;
855 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
856 if (cmd == NULL)
857 goto error_alloc;
858 cmd->hdr.type = cpu_to_le16(I2400M_MT_CMD_ENTER_POWERSAVE);
859 cmd->hdr.length = cpu_to_le16(sizeof(*cmd) - sizeof(cmd->hdr));
860 cmd->hdr.version = cpu_to_le16(I2400M_L3L4_VERSION);
861 cmd->tlv.type = cpu_to_le16(I2400M_TLV_TYPE_WAKEUP_MODE);
862 cmd->tlv.length = cpu_to_le16(sizeof(cmd->val));
863 cmd->val = cpu_to_le32(I2400M_WAKEUP_ENABLED);
864
865 ack_skb = i2400m_msg_to_dev(i2400m, cmd, sizeof(*cmd));
866 result = PTR_ERR(ack_skb);
867 if (IS_ERR(ack_skb)) {
868 dev_err(dev, "Failed to issue 'Enter power save' command: %d\n",
869 result);
870 goto error_msg_to_dev;
871 }
872 result = i2400m_msg_check_status(wimax_msg_data(ack_skb),
873 strerr, sizeof(strerr));
874 if (result == -EACCES)
875 d_printf(1, dev, "Cannot enter power save mode\n");
876 else if (result < 0)
877 dev_err(dev, "'Enter power save' (0x%04x) command failed: "
878 "%d - %s\n", I2400M_MT_CMD_ENTER_POWERSAVE,
879 result, strerr);
880 else
881 d_printf(1, dev, "device ready to power save\n");
882 kfree_skb(ack_skb);
883error_msg_to_dev:
884 kfree(cmd);
885error_alloc:
886 return result;
887}
888EXPORT_SYMBOL_GPL(i2400m_cmd_enter_powersave);
889
890
891/*
892 * Definitions for getting device information
893 */
894enum {
895 I2400M_TLV_DETAILED_DEVICE_INFO = 140
896};
897
898/**
899 * i2400m_get_device_info - Query the device for detailed device information
900 *
901 * @i2400m: device descriptor
902 *
903 * Returns: an skb whose skb->data points to a 'struct
904 * i2400m_tlv_detailed_device_info'. When done, kfree_skb() it. The
905 * skb is *guaranteed* to contain the whole TLV data structure.
906 *
907 * On error, IS_ERR(skb) is true and ERR_PTR(skb) is the error
908 * code.
909 */
910struct sk_buff *i2400m_get_device_info(struct i2400m *i2400m)
911{
912 int result;
913 struct device *dev = i2400m_dev(i2400m);
914 struct sk_buff *ack_skb;
915 struct i2400m_l3l4_hdr *cmd;
916 const struct i2400m_l3l4_hdr *ack;
917 size_t ack_len;
918 const struct i2400m_tlv_hdr *tlv;
919 const struct i2400m_tlv_detailed_device_info *ddi;
920 char strerr[32];
921
922 ack_skb = ERR_PTR(-ENOMEM);
923 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
924 if (cmd == NULL)
925 goto error_alloc;
926 cmd->type = cpu_to_le16(I2400M_MT_GET_DEVICE_INFO);
927 cmd->length = 0;
928 cmd->version = cpu_to_le16(I2400M_L3L4_VERSION);
929
930 ack_skb = i2400m_msg_to_dev(i2400m, cmd, sizeof(*cmd));
931 if (IS_ERR(ack_skb)) {
932 dev_err(dev, "Failed to issue 'get device info' command: %ld\n",
933 PTR_ERR(ack_skb));
934 goto error_msg_to_dev;
935 }
936 ack = wimax_msg_data_len(ack_skb, &ack_len);
937 result = i2400m_msg_check_status(ack, strerr, sizeof(strerr));
938 if (result < 0) {
939 dev_err(dev, "'get device info' (0x%04x) command failed: "
940 "%d - %s\n", I2400M_MT_GET_DEVICE_INFO, result,
941 strerr);
942 goto error_cmd_failed;
943 }
944 tlv = i2400m_tlv_find(i2400m, ack->pl, ack_len - sizeof(*ack),
945 I2400M_TLV_DETAILED_DEVICE_INFO, sizeof(*ddi));
946 if (tlv == NULL) {
947 dev_err(dev, "GET DEVICE INFO: "
948 "detailed device info TLV not found (0x%04x)\n",
949 I2400M_TLV_DETAILED_DEVICE_INFO);
950 result = -EIO;
951 goto error_no_tlv;
952 }
953 skb_pull(ack_skb, (void *) tlv - (void *) ack_skb->data);
954error_msg_to_dev:
955 kfree(cmd);
956error_alloc:
957 return ack_skb;
958
959error_no_tlv:
960error_cmd_failed:
961 kfree_skb(ack_skb);
962 kfree(cmd);
963 return ERR_PTR(result);
964}
965
966
967/* Firmware interface versions we support */
968enum {
969 I2400M_HDIv_MAJOR = 9,
3a35a1d0 970 I2400M_HDIv_MINOR = 1,
efa05d0f 971 I2400M_HDIv_MINOR_2 = 2,
3a35a1d0
IPG		 972};
973
974
975/**
976 * i2400m_firmware_check - check firmware versions are compatible with
977 * the driver
978 *
979 * @i2400m: device descriptor
980 *
981 * Returns: 0 if ok, < 0 errno code an error and a message in the
982 * kernel log.
983 *
984 * Long function, but quite simple; first chunk launches the command
985 * and double checks the reply for the right TLV. Then we process the
986 * TLV (where the meat is).
6a0f7ab8
IPG		 987 *
988 * Once we process the TLV that gives us the firmware's interface
989 * version, we encode it and save it in i2400m->fw_version for future
990 * reference.
3a35a1d0
IPG		 991 */
992int i2400m_firmware_check(struct i2400m *i2400m)
993{
994 int result;
995 struct device *dev = i2400m_dev(i2400m);
996 struct sk_buff *ack_skb;
997 struct i2400m_l3l4_hdr *cmd;
998 const struct i2400m_l3l4_hdr *ack;
999 size_t ack_len;
1000 const struct i2400m_tlv_hdr *tlv;
1001 const struct i2400m_tlv_l4_message_versions *l4mv;
1002 char strerr[32];
1003 unsigned major, minor, branch;
1004
1005 result = -ENOMEM;
1006 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
1007 if (cmd == NULL)
1008 goto error_alloc;
1009 cmd->type = cpu_to_le16(I2400M_MT_GET_LM_VERSION);
1010 cmd->length = 0;
1011 cmd->version = cpu_to_le16(I2400M_L3L4_VERSION);
1012
1013 ack_skb = i2400m_msg_to_dev(i2400m, cmd, sizeof(*cmd));
1014 if (IS_ERR(ack_skb)) {
1015 result = PTR_ERR(ack_skb);
1016 dev_err(dev, "Failed to issue 'get lm version' command: %-d\n",
1017 result);
1018 goto error_msg_to_dev;
1019 }
1020 ack = wimax_msg_data_len(ack_skb, &ack_len);
1021 result = i2400m_msg_check_status(ack, strerr, sizeof(strerr));
1022 if (result < 0) {
1023 dev_err(dev, "'get lm version' (0x%04x) command failed: "
1024 "%d - %s\n", I2400M_MT_GET_LM_VERSION, result,
1025 strerr);
1026 goto error_cmd_failed;
1027 }
1028 tlv = i2400m_tlv_find(i2400m, ack->pl, ack_len - sizeof(*ack),
1029 I2400M_TLV_L4_MESSAGE_VERSIONS, sizeof(*l4mv));
1030 if (tlv == NULL) {
1031 dev_err(dev, "get lm version: TLV not found (0x%04x)\n",
1032 I2400M_TLV_L4_MESSAGE_VERSIONS);
1033 result = -EIO;
1034 goto error_no_tlv;
1035 }
1036 l4mv = container_of(tlv, typeof(*l4mv), hdr);
1037 major = le16_to_cpu(l4mv->major);
1038 minor = le16_to_cpu(l4mv->minor);
1039 branch = le16_to_cpu(l4mv->branch);
1040 result = -EINVAL;
efa05d0f
IPG		 1041 if (major != I2400M_HDIv_MAJOR) {
1042 dev_err(dev, "unsupported major fw version "
3a35a1d0
IPG		 1043 "%u.%u.%u\n", major, minor, branch);
1044 goto error_bad_major;
1045 }
3a35a1d0 1046 result = 0;
efa05d0f
IPG		 1047 if (minor < I2400M_HDIv_MINOR_2 && minor > I2400M_HDIv_MINOR)
1048 dev_warn(dev, "untested minor fw version %u.%u.%u\n",
3a35a1d0 1049 major, minor, branch);
6a0f7ab8
IPG		 1050 /* Yes, we ignore the branch -- we don't have to track it */
1051 i2400m->fw_version = major << 16 | minor;
3a35a1d0
IPG		 1052 dev_info(dev, "firmware interface version %u.%u.%u\n",
1053 major, minor, branch);
6a0f7ab8 1054error_bad_major:
3a35a1d0
IPG		 1055error_no_tlv:
1056error_cmd_failed:
1057 kfree_skb(ack_skb);
1058error_msg_to_dev:
1059 kfree(cmd);
1060error_alloc:
1061 return result;
1062}
1063
1064
1065/*
1066 * Send an DoExitIdle command to the device to ask it to go out of
1067 * basestation-idle mode.
1068 *
1069 * @i2400m: device descriptor
1070 *
1071 * This starts a renegotiation with the basestation that might involve
1072 * another crypto handshake with user space.
1073 *
1074 * Returns: 0 if ok, < 0 errno code on error.
1075 */
1076int i2400m_cmd_exit_idle(struct i2400m *i2400m)
1077{
1078 int result;
1079 struct device *dev = i2400m_dev(i2400m);
1080 struct sk_buff *ack_skb;
1081 struct i2400m_l3l4_hdr *cmd;
1082 char strerr[32];
1083
1084 result = -ENOMEM;
1085 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
1086 if (cmd == NULL)
1087 goto error_alloc;
1088 cmd->type = cpu_to_le16(I2400M_MT_CMD_EXIT_IDLE);
1089 cmd->length = 0;
1090 cmd->version = cpu_to_le16(I2400M_L3L4_VERSION);
1091
1092 ack_skb = i2400m_msg_to_dev(i2400m, cmd, sizeof(*cmd));
1093 result = PTR_ERR(ack_skb);
1094 if (IS_ERR(ack_skb)) {
1095 dev_err(dev, "Failed to issue 'exit idle' command: %d\n",
1096 result);
1097 goto error_msg_to_dev;
1098 }
1099 result = i2400m_msg_check_status(wimax_msg_data(ack_skb),
1100 strerr, sizeof(strerr));
1101 kfree_skb(ack_skb);
1102error_msg_to_dev:
1103 kfree(cmd);
1104error_alloc:
1105 return result;
1106
1107}
1108
1109
1110/*
1111 * Query the device for its state, update the WiMAX stack's idea of it
1112 *
1113 * @i2400m: device descriptor
1114 *
1115 * Returns: 0 if ok, < 0 errno code on error.
1116 *
1117 * Executes a 'Get State' command and parses the returned
1118 * TLVs.
1119 *
1120 * Because this is almost identical to a 'Report State', we use
1121 * i2400m_report_state_hook() to parse the answer. This will set the
1122 * carrier state, as well as the RF Kill switches state.
1123 */
1124int i2400m_cmd_get_state(struct i2400m *i2400m)
1125{
1126 int result;
1127 struct device *dev = i2400m_dev(i2400m);
1128 struct sk_buff *ack_skb;
1129 struct i2400m_l3l4_hdr *cmd;
1130 const struct i2400m_l3l4_hdr *ack;
1131 size_t ack_len;
1132 char strerr[32];
1133
1134 result = -ENOMEM;
1135 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
1136 if (cmd == NULL)
1137 goto error_alloc;
1138 cmd->type = cpu_to_le16(I2400M_MT_GET_STATE);
1139 cmd->length = 0;
1140 cmd->version = cpu_to_le16(I2400M_L3L4_VERSION);
1141
1142 ack_skb = i2400m_msg_to_dev(i2400m, cmd, sizeof(*cmd));
1143 if (IS_ERR(ack_skb)) {
1144 dev_err(dev, "Failed to issue 'get state' command: %ld\n",
1145 PTR_ERR(ack_skb));
1146 result = PTR_ERR(ack_skb);
1147 goto error_msg_to_dev;
1148 }
1149 ack = wimax_msg_data_len(ack_skb, &ack_len);
1150 result = i2400m_msg_check_status(ack, strerr, sizeof(strerr));
1151 if (result < 0) {
1152 dev_err(dev, "'get state' (0x%04x) command failed: "
1153 "%d - %s\n", I2400M_MT_GET_STATE, result, strerr);
1154 goto error_cmd_failed;
1155 }
1156 i2400m_report_state_hook(i2400m, ack, ack_len - sizeof(*ack),
1157 "GET STATE");
1158 result = 0;
1159 kfree_skb(ack_skb);
1160error_cmd_failed:
1161error_msg_to_dev:
1162 kfree(cmd);
1163error_alloc:
1164 return result;
1165}
1166EXPORT_SYMBOL_GPL(i2400m_cmd_get_state);
1167
1168
1169/**
1170 * Set basic configuration settings
1171 *
1172 * @i2400m: device descriptor
1173 * @args: array of pointers to the TLV headers to send for
1174 * configuration (each followed by its payload).
1175 * TLV headers and payloads must be properly initialized, with the
1176 * right endianess (LE).
1177 * @arg_size: number of pointers in the @args array
1178 */
1179int i2400m_set_init_config(struct i2400m *i2400m,
1180 const struct i2400m_tlv_hdr **arg, size_t args)
1181{
1182 int result;
1183 struct device *dev = i2400m_dev(i2400m);
1184 struct sk_buff *ack_skb;
1185 struct i2400m_l3l4_hdr *cmd;
1186 char strerr[32];
1187 unsigned argc, argsize, tlv_size;
1188 const struct i2400m_tlv_hdr *tlv_hdr;
1189 void *buf, *itr;
1190
1191 d_fnstart(3, dev, "(i2400m %p arg %p args %zu)\n", i2400m, arg, args);
1192 result = 0;
1193 if (args == 0)
1194 goto none;
1195 /* Compute the size of all the TLVs, so we can alloc a
1196 * contiguous command block to copy them. */
1197 argsize = 0;
1198 for (argc = 0; argc < args; argc++) {
1199 tlv_hdr = arg[argc];
1200 argsize += sizeof(*tlv_hdr) + le16_to_cpu(tlv_hdr->length);
1201 }
1202 WARN_ON(argc >= 9); /* As per hw spec */
1203
1204 /* Alloc the space for the command and TLVs*/
1205 result = -ENOMEM;
1206 buf = kzalloc(sizeof(*cmd) + argsize, GFP_KERNEL);
1207 if (buf == NULL)
1208 goto error_alloc;
1209 cmd = buf;
1210 cmd->type = cpu_to_le16(I2400M_MT_SET_INIT_CONFIG);
1211 cmd->length = cpu_to_le16(argsize);
1212 cmd->version = cpu_to_le16(I2400M_L3L4_VERSION);
1213
1214 /* Copy the TLVs */
1215 itr = buf + sizeof(*cmd);
1216 for (argc = 0; argc < args; argc++) {
1217 tlv_hdr = arg[argc];
1218 tlv_size = sizeof(*tlv_hdr) + le16_to_cpu(tlv_hdr->length);
1219 memcpy(itr, tlv_hdr, tlv_size);
1220 itr += tlv_size;
1221 }
1222
1223 /* Send the message! */
1224 ack_skb = i2400m_msg_to_dev(i2400m, buf, sizeof(*cmd) + argsize);
1225 result = PTR_ERR(ack_skb);
1226 if (IS_ERR(ack_skb)) {
1227 dev_err(dev, "Failed to issue 'init config' command: %d\n",
1228 result);
1229
1230 goto error_msg_to_dev;
1231 }
1232 result = i2400m_msg_check_status(wimax_msg_data(ack_skb),
1233 strerr, sizeof(strerr));
1234 if (result < 0)
1235 dev_err(dev, "'init config' (0x%04x) command failed: %d - %s\n",
1236 I2400M_MT_SET_INIT_CONFIG, result, strerr);
1237 kfree_skb(ack_skb);
1238error_msg_to_dev:
1239 kfree(buf);
1240error_alloc:
1241none:
1242 d_fnend(3, dev, "(i2400m %p arg %p args %zu) = %d\n",
1243 i2400m, arg, args, result);
1244 return result;
1245
1246}
1247EXPORT_SYMBOL_GPL(i2400m_set_init_config);
1248
1249
8987691a
IPG		 1250/**
1251 * i2400m_set_idle_timeout - Set the device's idle mode timeout
1252 *
1253 * @i2400m: i2400m device descriptor
1254 *
1255 * @msecs: milliseconds for the timeout to enter idle mode. Between
1256 * 100 to 300000 (5m); 0 to disable. In increments of 100.
1257 *
1258 * After this @msecs of the link being idle (no data being sent or
1259 * received), the device will negotiate with the basestation entering
1260 * idle mode for saving power. The connection is maintained, but
1261 * getting out of it (done in tx.c) will require some negotiation,
1262 * possible crypto re-handshake and a possible DHCP re-lease.
1263 *
1264 * Only available if fw_version >= 0x00090002.
1265 *
1266 * Returns: 0 if ok, < 0 errno code on error.
1267 */
1268int i2400m_set_idle_timeout(struct i2400m *i2400m, unsigned msecs)
1269{
1270 int result;
1271 struct device *dev = i2400m_dev(i2400m);
1272 struct sk_buff *ack_skb;
1273 struct {
1274 struct i2400m_l3l4_hdr hdr;
1275 struct i2400m_tlv_config_idle_timeout cit;
1276 } *cmd;
1277 const struct i2400m_l3l4_hdr *ack;
1278 size_t ack_len;
1279 char strerr[32];
1280
1281 result = -ENOSYS;
1282 if (i2400m_le_v1_3(i2400m))
1283 goto error_alloc;
1284 result = -ENOMEM;
1285 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
1286 if (cmd == NULL)
1287 goto error_alloc;
1288 cmd->hdr.type = cpu_to_le16(I2400M_MT_GET_STATE);
1289 cmd->hdr.length = cpu_to_le16(sizeof(*cmd) - sizeof(cmd->hdr));
1290 cmd->hdr.version = cpu_to_le16(I2400M_L3L4_VERSION);
1291
1292 cmd->cit.hdr.type =
1293 cpu_to_le16(I2400M_TLV_CONFIG_IDLE_TIMEOUT);
1294 cmd->cit.hdr.length = cpu_to_le16(sizeof(cmd->cit.timeout));
1295 cmd->cit.timeout = cpu_to_le32(msecs);
1296
1297 ack_skb = i2400m_msg_to_dev(i2400m, cmd, sizeof(*cmd));
1298 if (IS_ERR(ack_skb)) {
1299 dev_err(dev, "Failed to issue 'set idle timeout' command: "
1300 "%ld\n", PTR_ERR(ack_skb));
1301 result = PTR_ERR(ack_skb);
1302 goto error_msg_to_dev;
1303 }
1304 ack = wimax_msg_data_len(ack_skb, &ack_len);
1305 result = i2400m_msg_check_status(ack, strerr, sizeof(strerr));
1306 if (result < 0) {
1307 dev_err(dev, "'set idle timeout' (0x%04x) command failed: "
1308 "%d - %s\n", I2400M_MT_GET_STATE, result, strerr);
1309 goto error_cmd_failed;
1310 }
1311 result = 0;
1312 kfree_skb(ack_skb);
1313error_cmd_failed:
1314error_msg_to_dev:
1315 kfree(cmd);
1316error_alloc:
1317 return result;
1318}
1319
1320
3a35a1d0
IPG		 1321/**
1322 * i2400m_dev_initialize - Initialize the device once communications are ready
1323 *
1324 * @i2400m: device descriptor
1325 *
1326 * Returns: 0 if ok, < 0 errno code on error.
1327 *
1328 * Configures the device to work the way we like it.
1329 *
1330 * At the point of this call, the device is registered with the WiMAX
1331 * and netdev stacks, firmware is uploaded and we can talk to the
1332 * device normally.
1333 */
1334int i2400m_dev_initialize(struct i2400m *i2400m)
1335{
1336 int result;
1337 struct device *dev = i2400m_dev(i2400m);
1338 struct i2400m_tlv_config_idle_parameters idle_params;
8987691a 1339 struct i2400m_tlv_config_idle_timeout idle_timeout;
fd5c565c 1340 struct i2400m_tlv_config_d2h_data_format df;
c747583d 1341 struct i2400m_tlv_config_dl_host_reorder dlhr;
3a35a1d0
IPG		 1342 const struct i2400m_tlv_hdr *args[9];
1343 unsigned argc = 0;
1344
1345 d_fnstart(3, dev, "(i2400m %p)\n", i2400m);
55a662d6
IPG		 1346 if (i2400m_passive_mode)
1347 goto out_passive;
c747583d 1348 /* Disable idle mode? (enabled by default) */
3a35a1d0 1349 if (i2400m_idle_mode_disabled) {
8987691a
IPG		 1350 if (i2400m_le_v1_3(i2400m)) {
1351 idle_params.hdr.type =
1352 cpu_to_le16(I2400M_TLV_CONFIG_IDLE_PARAMETERS);
1353 idle_params.hdr.length = cpu_to_le16(
1354 sizeof(idle_params) - sizeof(idle_params.hdr));
1355 idle_params.idle_timeout = 0;
1356 idle_params.idle_paging_interval = 0;
1357 args[argc++] = &idle_params.hdr;
1358 } else {
1359 idle_timeout.hdr.type =
1360 cpu_to_le16(I2400M_TLV_CONFIG_IDLE_TIMEOUT);
1361 idle_timeout.hdr.length = cpu_to_le16(
1362 sizeof(idle_timeout) - sizeof(idle_timeout.hdr));
1363 idle_timeout.timeout = 0;
1364 args[argc++] = &idle_timeout.hdr;
1365 }
3a35a1d0 1366 }
fd5c565c 1367 if (i2400m_ge_v1_4(i2400m)) {
c747583d 1368 /* Enable extended RX data format? */
fd5c565c
IPG		 1369 df.hdr.type =
1370 cpu_to_le16(I2400M_TLV_CONFIG_D2H_DATA_FORMAT);
1371 df.hdr.length = cpu_to_le16(
1372 sizeof(df) - sizeof(df.hdr));
1373 df.format = 1;
1374 args[argc++] = &df.hdr;
c747583d
IPG		 1375
1376 /* Enable RX data reordering?
1377 * (switch flipped in rx.c:i2400m_rx_setup() after fw upload) */
1378 if (i2400m->rx_reorder) {
1379 dlhr.hdr.type =
1380 cpu_to_le16(I2400M_TLV_CONFIG_DL_HOST_REORDER);
1381 dlhr.hdr.length = cpu_to_le16(
1382 sizeof(dlhr) - sizeof(dlhr.hdr));
1383 dlhr.reorder = 1;
1384 args[argc++] = &dlhr.hdr;
1385 }
fd5c565c 1386 }
3a35a1d0 1387 result = i2400m_set_init_config(i2400m, args, argc);
3a35a1d0
IPG		 1388 if (result < 0)
1389 goto error;
55a662d6 1390out_passive:
3a35a1d0
IPG		 1391 /*
1392 * Update state: Here it just calls a get state; parsing the
1393 * result (System State TLV and RF Status TLV [done in the rx
1394 * path hooks]) will set the hardware and software RF-Kill
1395 * status.
1396 */
1397 result = i2400m_cmd_get_state(i2400m);
1398error:
8987691a
IPG		 1399 if (result < 0)
1400 dev_err(dev, "failed to initialize the device: %d\n", result);
3a35a1d0
IPG		 1401 d_fnend(3, dev, "(i2400m %p) = %d\n", i2400m, result);
1402 return result;
1403}
1404
1405
1406/**
1407 * i2400m_dev_shutdown - Shutdown a running device
1408 *
1409 * @i2400m: device descriptor
1410 *
b4bd07e3
IPG		 1411 * Release resources acquired during the running of the device; in
1412 * theory, should also tell the device to go to sleep, switch off the
1413 * radio, all that, but at this point, in most cases (driver
1414 * disconnection, reset handling) we can't even talk to the device.
3a35a1d0
IPG		 1415 */
1416void i2400m_dev_shutdown(struct i2400m *i2400m)
1417{
3a35a1d0
IPG		 1418 struct device *dev = i2400m_dev(i2400m);
1419
1420 d_fnstart(3, dev, "(i2400m %p)\n", i2400m);
b4bd07e3 1421 d_fnend(3, dev, "(i2400m %p) = void\n", i2400m);
3a35a1d0
IPG		 1422 return;
1423}
Linux 6.x block layer and io_uring tree(s)