projects / linux-block.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Staging: wlan-ng: Replace WLAN_LOG_DEBUG() with printk(KERN_DEBUG
[linux-block.git] / drivers / staging / wlan-ng / hfa384x_usb.c
CommitLineData
00b3ed16
GKH		 1/* src/prism2/driver/hfa384x_usb.c
2*
3* Functions that talk to the USB variantof the Intersil hfa384x MAC
4*
5* Copyright (C) 1999 AbsoluteValue Systems, Inc. All Rights Reserved.
6* --------------------------------------------------------------------
7*
8* linux-wlan
9*
10* The contents of this file are subject to the Mozilla Public
11* License Version 1.1 (the "License"); you may not use this file
12* except in compliance with the License. You may obtain a copy of
13* the License at http://www.mozilla.org/MPL/
14*
15* Software distributed under the License is distributed on an "AS
16* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
17* implied. See the License for the specific language governing
18* rights and limitations under the License.
19*
20* Alternatively, the contents of this file may be used under the
21* terms of the GNU Public License version 2 (the "GPL"), in which
22* case the provisions of the GPL are applicable instead of the
23* above. If you wish to allow the use of your version of this file
24* only under the terms of the GPL and not to allow others to use
25* your version of this file under the MPL, indicate your decision
26* by deleting the provisions above and replace them with the notice
27* and other provisions required by the GPL. If you do not delete
28* the provisions above, a recipient may use your version of this
29* file under either the MPL or the GPL.
30*
31* --------------------------------------------------------------------
32*
33* Inquiries regarding the linux-wlan Open Source project can be
34* made directly to:
35*
36* AbsoluteValue Systems Inc.
37* info@linux-wlan.com
38* http://www.linux-wlan.com
39*
40* --------------------------------------------------------------------
41*
42* Portions of the development of this software were funded by
43* Intersil Corporation as part of PRISM(R) chipset product development.
44*
45* --------------------------------------------------------------------
46*
47* This file implements functions that correspond to the prism2/hfa384x
48* 802.11 MAC hardware and firmware host interface.
49*
50* The functions can be considered to represent several levels of
51* abstraction. The lowest level functions are simply C-callable wrappers
52* around the register accesses. The next higher level represents C-callable
53* prism2 API functions that match the Intersil documentation as closely
54* as is reasonable. The next higher layer implements common sequences
55* of invokations of the API layer (e.g. write to bap, followed by cmd).
56*
57* Common sequences:
58* hfa384x_drvr_xxx Highest level abstractions provided by the
59* hfa384x code. They are driver defined wrappers
60* for common sequences. These functions generally
61* use the services of the lower levels.
62*
63* hfa384x_drvr_xxxconfig An example of the drvr level abstraction. These
64* functions are wrappers for the RID get/set
65* sequence. They call copy_[to|from]_bap() and
66* cmd_access(). These functions operate on the
67* RIDs and buffers without validation. The caller
68* is responsible for that.
69*
70* API wrapper functions:
71* hfa384x_cmd_xxx functions that provide access to the f/w commands.
72* The function arguments correspond to each command
73* argument, even command arguments that get packed
74* into single registers. These functions _just_
75* issue the command by setting the cmd/parm regs
76* & reading the status/resp regs. Additional
77* activities required to fully use a command
78* (read/write from/to bap, get/set int status etc.)
79* are implemented separately. Think of these as
80* C-callable prism2 commands.
81*
82* Lowest Layer Functions:
83* hfa384x_docmd_xxx These functions implement the sequence required
84* to issue any prism2 command. Primarily used by the
85* hfa384x_cmd_xxx functions.
86*
87* hfa384x_bap_xxx BAP read/write access functions.
88* Note: we usually use BAP0 for non-interrupt context
89* and BAP1 for interrupt context.
90*
91* hfa384x_dl_xxx download related functions.
92*
93* Driver State Issues:
94* Note that there are two pairs of functions that manage the
95* 'initialized' and 'running' states of the hw/MAC combo. The four
96* functions are create(), destroy(), start(), and stop(). create()
97* sets up the data structures required to support the hfa384x_*
98* functions and destroy() cleans them up. The start() function gets
99* the actual hardware running and enables the interrupts. The stop()
100* function shuts the hardware down. The sequence should be:
101* create()
102* start()
103* .
104* . Do interesting things w/ the hardware
105* .
106* stop()
107* destroy()
108*
109* Note that destroy() can be called without calling stop() first.
110* --------------------------------------------------------------------
111*/
112
113/*================================================================*/
114/* System Includes */
00b3ed16 115
00b3ed16
GKH		 116#include <linux/version.h>
117
118#include <linux/module.h>
119#include <linux/kernel.h>
120#include <linux/sched.h>
121#include <linux/types.h>
122#include <linux/slab.h>
123#include <linux/wireless.h>
124#include <linux/netdevice.h>
125#include <linux/timer.h>
126#include <asm/io.h>
127#include <linux/delay.h>
128#include <asm/byteorder.h>
129#include <asm/bitops.h>
130#include <linux/list.h>
131#include <linux/usb.h>
ae26230b 132#include <linux/byteorder/generic.h>
00b3ed16
GKH		 133
134#include "wlan_compat.h"
135
68a193e4 136#define SUBMIT_URB(u,f) usb_submit_urb(u,f)
00b3ed16
GKH		 137
138/*================================================================*/
139/* Project Includes */
140
141#include "p80211types.h"
142#include "p80211hdr.h"
143#include "p80211mgmt.h"
144#include "p80211conv.h"
145#include "p80211msg.h"
146#include "p80211netdev.h"
147#include "p80211req.h"
148#include "p80211metadef.h"
149#include "p80211metastruct.h"
150#include "hfa384x.h"
151#include "prism2mgmt.h"
152
153/*================================================================*/
154/* Local Constants */
155
156enum cmd_mode
157{
158 DOWAIT = 0,
159 DOASYNC
160};
161typedef enum cmd_mode CMD_MODE;
162
163#define THROTTLE_JIFFIES (HZ/8)
2d200d9f
MM		 164#define URB_ASYNC_UNLINK 0
165#define USB_QUEUE_BULK 0
00b3ed16
GKH		 166
167/*================================================================*/
168/* Local Macros */
169
170#define ROUNDUP64(a) (((a)+63)&~63)
171
00b3ed16
GKH		 172/*================================================================*/
173/* Local Function Declarations */
174
175#ifdef DEBUG_USB
176static void
177dbprint_urb(struct urb* urb);
178#endif
179
180static void
181hfa384x_int_rxmonitor(
182 wlandevice_t *wlandev,
183 hfa384x_usb_rxfrm_t *rxfrm);
184
185static void
186hfa384x_usb_defer(struct work_struct *data);
187
188static int
189submit_rx_urb(hfa384x_t *hw, gfp_t flags);
190
191static int
192submit_tx_urb(hfa384x_t *hw, struct urb *tx_urb, gfp_t flags);
193
194/*---------------------------------------------------*/
195/* Callbacks */
00b3ed16
GKH		 196static void
197hfa384x_usbout_callback(struct urb *urb);
198static void
199hfa384x_ctlxout_callback(struct urb *urb);
200static void
201hfa384x_usbin_callback(struct urb *urb);
00b3ed16
GKH		 202
203static void
204hfa384x_usbin_txcompl(wlandevice_t *wlandev, hfa384x_usbin_t *usbin);
205
206static void
207hfa384x_usbin_rx(wlandevice_t *wlandev, struct sk_buff *skb);
208
209static void
210hfa384x_usbin_info(wlandevice_t *wlandev, hfa384x_usbin_t *usbin);
211
212static void
213hfa384x_usbout_tx(wlandevice_t *wlandev, hfa384x_usbout_t *usbout);
214
215static void hfa384x_usbin_ctlx(hfa384x_t *hw, hfa384x_usbin_t *usbin,
216 int urb_status);
217
218/*---------------------------------------------------*/
219/* Functions to support the prism2 usb command queue */
220
221static void
222hfa384x_usbctlxq_run(hfa384x_t *hw);
223
224static void
225hfa384x_usbctlx_reqtimerfn(unsigned long data);
226
227static void
228hfa384x_usbctlx_resptimerfn(unsigned long data);
229
230static void
231hfa384x_usb_throttlefn(unsigned long data);
232
233static void
234hfa384x_usbctlx_completion_task(unsigned long data);
235
236static void
237hfa384x_usbctlx_reaper_task(unsigned long data);
238
239static int
240hfa384x_usbctlx_submit(hfa384x_t *hw, hfa384x_usbctlx_t *ctlx);
241
242static void
243unlocked_usbctlx_complete(hfa384x_t *hw, hfa384x_usbctlx_t *ctlx);
244
245struct usbctlx_completor
246{
247 int (*complete)(struct usbctlx_completor*);
248};
249typedef struct usbctlx_completor usbctlx_completor_t;
250
251static int
252hfa384x_usbctlx_complete_sync(hfa384x_t *hw,
253 hfa384x_usbctlx_t *ctlx,
254 usbctlx_completor_t *completor);
255
256static int
257unlocked_usbctlx_cancel_async(hfa384x_t *hw, hfa384x_usbctlx_t *ctlx);
258
259static void
260hfa384x_cb_status(hfa384x_t *hw, const hfa384x_usbctlx_t *ctlx);
261
262static void
263hfa384x_cb_rrid(hfa384x_t *hw, const hfa384x_usbctlx_t *ctlx);
264
265static int
266usbctlx_get_status(const hfa384x_usb_cmdresp_t *cmdresp,
267 hfa384x_cmdresult_t *result);
268
269static void
270usbctlx_get_rridresult(const hfa384x_usb_rridresp_t *rridresp,
271 hfa384x_rridresult_t *result);
272
273/*---------------------------------------------------*/
274/* Low level req/resp CTLX formatters and submitters */
275static int
276hfa384x_docmd(
277 hfa384x_t *hw,
278 CMD_MODE mode,
279 hfa384x_metacmd_t *cmd,
280 ctlx_cmdcb_t cmdcb,
281 ctlx_usercb_t usercb,
282 void *usercb_data);
283
284static int
285hfa384x_dorrid(
286 hfa384x_t *hw,
287 CMD_MODE mode,
aaad4303 288 u16 rid,
00b3ed16 289 void *riddata,
aaad4303 290 unsigned int riddatalen,
00b3ed16
GKH		 291 ctlx_cmdcb_t cmdcb,
292 ctlx_usercb_t usercb,
293 void *usercb_data);
294
295static int
296hfa384x_dowrid(
297 hfa384x_t *hw,
298 CMD_MODE mode,
aaad4303 299 u16 rid,
00b3ed16 300 void *riddata,
aaad4303 301 unsigned int riddatalen,
00b3ed16
GKH		 302 ctlx_cmdcb_t cmdcb,
303 ctlx_usercb_t usercb,
304 void *usercb_data);
305
306static int
307hfa384x_dormem(
308 hfa384x_t *hw,
309 CMD_MODE mode,
aaad4303
SP		 310 u16 page,
311 u16 offset,
00b3ed16 312 void *data,
aaad4303 313 unsigned int len,
00b3ed16
GKH		 314 ctlx_cmdcb_t cmdcb,
315 ctlx_usercb_t usercb,
316 void *usercb_data);
317
318static int
319hfa384x_dowmem(
320 hfa384x_t *hw,
321 CMD_MODE mode,
aaad4303
SP		 322 u16 page,
323 u16 offset,
00b3ed16 324 void *data,
aaad4303 325 unsigned int len,
00b3ed16
GKH		 326 ctlx_cmdcb_t cmdcb,
327 ctlx_usercb_t usercb,
328 void *usercb_data);
329
330static int
aaad4303 331hfa384x_isgood_pdrcode(u16 pdrcode);
00b3ed16
GKH		 332
333/*================================================================*/
334/* Function Definitions */
335static inline const char* ctlxstr(CTLX_STATE s)
336{
337 static const char* ctlx_str[] = {
338 "Initial state",
339 "Complete",
340 "Request failed",
341 "Request pending",
342 "Request packet submitted",
343 "Request packet completed",
344 "Response packet completed"
345 };
346
347 return ctlx_str[s];
348};
349
350
351static inline hfa384x_usbctlx_t*
352get_active_ctlx(hfa384x_t *hw)
353{
354 return list_entry(hw->ctlxq.active.next, hfa384x_usbctlx_t, list);
355}
356
357
358#ifdef DEBUG_USB
359void
360dbprint_urb(struct urb* urb)
361{
a7cf7bae
MM		 362 pr_debug("urb->pipe=0x%08x\n", urb->pipe);
363 pr_debug("urb->status=0x%08x\n", urb->status);
364 pr_debug("urb->transfer_flags=0x%08x\n", urb->transfer_flags);
365 pr_debug("urb->transfer_buffer=0x%08x\n", (unsigned int)urb->transfer_buffer);
366 pr_debug("urb->transfer_buffer_length=0x%08x\n", urb->transfer_buffer_length);
367 pr_debug("urb->actual_length=0x%08x\n", urb->actual_length);
368 pr_debug("urb->bandwidth=0x%08x\n", urb->bandwidth);
369 pr_debug("urb->setup_packet(ctl)=0x%08x\n", (unsigned int)urb->setup_packet);
370 pr_debug("urb->start_frame(iso/irq)=0x%08x\n", urb->start_frame);
371 pr_debug("urb->interval(irq)=0x%08x\n", urb->interval);
372 pr_debug("urb->error_count(iso)=0x%08x\n", urb->error_count);
373 pr_debug("urb->timeout=0x%08x\n", urb->timeout);
374 pr_debug("urb->context=0x%08x\n", (unsigned int)urb->context);
375 pr_debug("urb->complete=0x%08x\n", (unsigned int)urb->complete);
00b3ed16
GKH		 376}
377#endif
378
379
380/*----------------------------------------------------------------
381* submit_rx_urb
382*
383* Listen for input data on the BULK-IN pipe. If the pipe has
384* stalled then schedule it to be reset.
385*
386* Arguments:
387* hw device struct
388* memflags memory allocation flags
389*
390* Returns:
391* error code from submission
392*
393* Call context:
394* Any
395----------------------------------------------------------------*/
396static int
397submit_rx_urb(hfa384x_t *hw, gfp_t memflags)
398{
399 struct sk_buff *skb;
400 int result;
401
00b3ed16
GKH		 402 skb = dev_alloc_skb(sizeof(hfa384x_usbin_t));
403 if (skb == NULL) {
404 result = -ENOMEM;
405 goto done;
406 }
407
408 /* Post the IN urb */
409 usb_fill_bulk_urb(&hw->rx_urb, hw->usb,
410 hw->endp_in,
411 skb->data, sizeof(hfa384x_usbin_t),
412 hfa384x_usbin_callback, hw->wlandev);
413
414 hw->rx_urb_skb = skb;
415
416 result = -ENOLINK;
417 if ( !hw->wlandev->hwremoved && !test_bit(WORK_RX_HALT, &hw->usb_flags)) {
418 result = SUBMIT_URB(&hw->rx_urb, memflags);
419
420 /* Check whether we need to reset the RX pipe */
421 if (result == -EPIPE) {
9b9556ec 422 printk(KERN_WARNING "%s rx pipe stalled: requesting reset\n",
00b3ed16
GKH		 423 hw->wlandev->netdev->name);
424 if ( !test_and_set_bit(WORK_RX_HALT, &hw->usb_flags) )
425 schedule_work(&hw->usb_work);
426 }
427 }
428
429 /* Don't leak memory if anything should go wrong */
430 if (result != 0) {
431 dev_kfree_skb(skb);
432 hw->rx_urb_skb = NULL;
433 }
434
435 done:
00b3ed16
GKH		 436 return result;
437}
438
439/*----------------------------------------------------------------
440* submit_tx_urb
441*
442* Prepares and submits the URB of transmitted data. If the
443* submission fails then it will schedule the output pipe to
444* be reset.
445*
446* Arguments:
447* hw device struct
448* tx_urb URB of data for tranmission
449* memflags memory allocation flags
450*
451* Returns:
452* error code from submission
453*
454* Call context:
455* Any
456----------------------------------------------------------------*/
457static int
458submit_tx_urb(hfa384x_t *hw, struct urb *tx_urb, gfp_t memflags)
459{
460 struct net_device *netdev = hw->wlandev->netdev;
461 int result;
462
00b3ed16
GKH		 463 result = -ENOLINK;
464 if ( netif_running(netdev) ) {
465
466 if ( !hw->wlandev->hwremoved && !test_bit(WORK_TX_HALT, &hw->usb_flags) ) {
467 result = SUBMIT_URB(tx_urb, memflags);
468
469 /* Test whether we need to reset the TX pipe */
470 if (result == -EPIPE) {
9b9556ec 471 printk(KERN_WARNING "%s tx pipe stalled: requesting reset\n",
00b3ed16
GKH		 472 netdev->name);
473 set_bit(WORK_TX_HALT, &hw->usb_flags);
474 schedule_work(&hw->usb_work);
475 } else if (result == 0) {
476 netif_stop_queue(netdev);
477 }
478 }
479 }
480
00b3ed16
GKH		 481 return result;
482}
483
484/*----------------------------------------------------------------
485* hfa394x_usb_defer
486*
487* There are some things that the USB stack cannot do while
488* in interrupt context, so we arrange this function to run
489* in process context.
490*
491* Arguments:
492* hw device structure
493*
494* Returns:
495* nothing
496*
497* Call context:
498* process (by design)
499----------------------------------------------------------------*/
500static void
501hfa384x_usb_defer(struct work_struct *data)
502{
503 hfa384x_t *hw = container_of(data, struct hfa384x, usb_work);
504 struct net_device *netdev = hw->wlandev->netdev;
505
00b3ed16
GKH		 506 /* Don't bother trying to reset anything if the plug
507 * has been pulled ...
508 */
509 if ( hw->wlandev->hwremoved ) {
00b3ed16
GKH		 510 return;
511 }
512
513 /* Reception has stopped: try to reset the input pipe */
514 if (test_bit(WORK_RX_HALT, &hw->usb_flags)) {
515 int ret;
516
517 usb_kill_urb(&hw->rx_urb); /* Cannot be holding spinlock! */
518
519 ret = usb_clear_halt(hw->usb, hw->endp_in);
520 if (ret != 0) {
521 printk(KERN_ERR
522 "Failed to clear rx pipe for %s: err=%d\n",
523 netdev->name, ret);
524 } else {
525 printk(KERN_INFO "%s rx pipe reset complete.\n",
526 netdev->name);
527 clear_bit(WORK_RX_HALT, &hw->usb_flags);
528 set_bit(WORK_RX_RESUME, &hw->usb_flags);
529 }
530 }
531
532 /* Resume receiving data back from the device. */
533 if ( test_bit(WORK_RX_RESUME, &hw->usb_flags) ) {
534 int ret;
535
536 ret = submit_rx_urb(hw, GFP_KERNEL);
537 if (ret != 0) {
538 printk(KERN_ERR
539 "Failed to resume %s rx pipe.\n", netdev->name);
540 } else {
541 clear_bit(WORK_RX_RESUME, &hw->usb_flags);
542 }
543 }
544
545 /* Transmission has stopped: try to reset the output pipe */
546 if (test_bit(WORK_TX_HALT, &hw->usb_flags)) {
547 int ret;
548
549 usb_kill_urb(&hw->tx_urb);
550 ret = usb_clear_halt(hw->usb, hw->endp_out);
551 if (ret != 0) {
552 printk(KERN_ERR
553 "Failed to clear tx pipe for %s: err=%d\n",
554 netdev->name, ret);
555 } else {
556 printk(KERN_INFO "%s tx pipe reset complete.\n",
557 netdev->name);
558 clear_bit(WORK_TX_HALT, &hw->usb_flags);
559 set_bit(WORK_TX_RESUME, &hw->usb_flags);
560
561 /* Stopping the BULK-OUT pipe also blocked
562 * us from sending any more CTLX URBs, so
563 * we need to re-run our queue ...
564 */
565 hfa384x_usbctlxq_run(hw);
566 }
567 }
568
569 /* Resume transmitting. */
570 if ( test_and_clear_bit(WORK_TX_RESUME, &hw->usb_flags) ) {
cbec30c4 571 netif_wake_queue(hw->wlandev->netdev);
00b3ed16 572 }
00b3ed16
GKH		 573}
574
575
576/*----------------------------------------------------------------
577* hfa384x_create
578*
579* Sets up the hfa384x_t data structure for use. Note this
580* does _not_ intialize the actual hardware, just the data structures
581* we use to keep track of its state.
582*
583* Arguments:
584* hw device structure
585* irq device irq number
586* iobase i/o base address for register access
587* membase memory base address for register access
588*
589* Returns:
590* nothing
591*
592* Side effects:
593*
594* Call context:
595* process
596----------------------------------------------------------------*/
597void
598hfa384x_create( hfa384x_t *hw, struct usb_device *usb)
599{
00b3ed16
GKH		 600 memset(hw, 0, sizeof(hfa384x_t));
601 hw->usb = usb;
602
603 /* set up the endpoints */
604 hw->endp_in = usb_rcvbulkpipe(usb, 1);
605 hw->endp_out = usb_sndbulkpipe(usb, 2);
606
607 /* Set up the waitq */
608 init_waitqueue_head(&hw->cmdq);
609
610 /* Initialize the command queue */
611 spin_lock_init(&hw->ctlxq.lock);
612 INIT_LIST_HEAD(&hw->ctlxq.pending);
613 INIT_LIST_HEAD(&hw->ctlxq.active);
614 INIT_LIST_HEAD(&hw->ctlxq.completing);
615 INIT_LIST_HEAD(&hw->ctlxq.reapable);
616
617 /* Initialize the authentication queue */
618 skb_queue_head_init(&hw->authq);
619
620 tasklet_init(&hw->reaper_bh,
621 hfa384x_usbctlx_reaper_task,
622 (unsigned long)hw);
623 tasklet_init(&hw->completion_bh,
624 hfa384x_usbctlx_completion_task,
625 (unsigned long)hw);
575a8a5c
SP		 626 INIT_WORK(&hw->link_bh, prism2sta_processing_defer);
627 INIT_WORK(&hw->usb_work, hfa384x_usb_defer);
00b3ed16
GKH		 628
629 init_timer(&hw->throttle);
630 hw->throttle.function = hfa384x_usb_throttlefn;
631 hw->throttle.data = (unsigned long)hw;
632
633 init_timer(&hw->resptimer);
634 hw->resptimer.function = hfa384x_usbctlx_resptimerfn;
635 hw->resptimer.data = (unsigned long)hw;
636
637 init_timer(&hw->reqtimer);
638 hw->reqtimer.function = hfa384x_usbctlx_reqtimerfn;
639 hw->reqtimer.data = (unsigned long)hw;
640
641 usb_init_urb(&hw->rx_urb);
642 usb_init_urb(&hw->tx_urb);
643 usb_init_urb(&hw->ctlx_urb);
644
645 hw->link_status = HFA384x_LINK_NOTCONNECTED;
646 hw->state = HFA384x_STATE_INIT;
647
575a8a5c 648 INIT_WORK(&hw->commsqual_bh, prism2sta_commsqual_defer);
00b3ed16
GKH		 649 init_timer(&hw->commsqual_timer);
650 hw->commsqual_timer.data = (unsigned long) hw;
651 hw->commsqual_timer.function = prism2sta_commsqual_timer;
00b3ed16
GKH		 652}
653
654
655/*----------------------------------------------------------------
656* hfa384x_destroy
657*
658* Partner to hfa384x_create(). This function cleans up the hw
659* structure so that it can be freed by the caller using a simple
660* kfree. Currently, this function is just a placeholder. If, at some
661* point in the future, an hw in the 'shutdown' state requires a 'deep'
662* kfree, this is where it should be done. Note that if this function
663* is called on a _running_ hw structure, the drvr_stop() function is
664* called.
665*
666* Arguments:
667* hw device structure
668*
669* Returns:
670* nothing, this function is not allowed to fail.
671*
672* Side effects:
673*
674* Call context:
675* process
676----------------------------------------------------------------*/
677void
678hfa384x_destroy( hfa384x_t *hw)
679{
680 struct sk_buff *skb;
681
00b3ed16
GKH		 682 if ( hw->state == HFA384x_STATE_RUNNING ) {
683 hfa384x_drvr_stop(hw);
684 }
685 hw->state = HFA384x_STATE_PREINIT;
686
687 if (hw->scanresults) {
688 kfree(hw->scanresults);
689 hw->scanresults = NULL;
690 }
691
692 /* Now to clean out the auth queue */
693 while ( (skb = skb_dequeue(&hw->authq)) ) {
694 dev_kfree_skb(skb);
695 }
00b3ed16
GKH		 696}
697
698
699/*----------------------------------------------------------------
700 */
701static hfa384x_usbctlx_t* usbctlx_alloc(void)
702{
703 hfa384x_usbctlx_t *ctlx;
704
705 ctlx = kmalloc(sizeof(*ctlx), in_interrupt() ? GFP_ATOMIC : GFP_KERNEL);
706 if (ctlx != NULL)
707 {
708 memset(ctlx, 0, sizeof(*ctlx));
709 init_completion(&ctlx->done);
710 }
711
712 return ctlx;
713}
714
715
716/*----------------------------------------------------------------
717 *
718----------------------------------------------------------------*/
719static int
720usbctlx_get_status(const hfa384x_usb_cmdresp_t *cmdresp,
721 hfa384x_cmdresult_t *result)
722{
00b3ed16
GKH		 723 result->status = hfa384x2host_16(cmdresp->status);
724 result->resp0 = hfa384x2host_16(cmdresp->resp0);
725 result->resp1 = hfa384x2host_16(cmdresp->resp1);
726 result->resp2 = hfa384x2host_16(cmdresp->resp2);
727
a7cf7bae 728 pr_debug("cmdresult:status=0x%04x "
00b3ed16
GKH		 729 "resp0=0x%04x resp1=0x%04x resp2=0x%04x\n",
730 result->status,
731 result->resp0,
732 result->resp1,
733 result->resp2);
734
00b3ed16
GKH		 735 return (result->status & HFA384x_STATUS_RESULT);
736}
737
738static void
739usbctlx_get_rridresult(const hfa384x_usb_rridresp_t *rridresp,
740 hfa384x_rridresult_t *result)
741{
00b3ed16
GKH		 742 result->rid = hfa384x2host_16(rridresp->rid);
743 result->riddata = rridresp->data;
744 result->riddata_len = ((hfa384x2host_16(rridresp->frmlen) - 1) * 2);
745
00b3ed16
GKH		 746}
747
748
749/*----------------------------------------------------------------
750* Completor object:
751* This completor must be passed to hfa384x_usbctlx_complete_sync()
752* when processing a CTLX that returns a hfa384x_cmdresult_t structure.
753----------------------------------------------------------------*/
754struct usbctlx_cmd_completor
755{
756 usbctlx_completor_t head;
757
758 const hfa384x_usb_cmdresp_t *cmdresp;
759 hfa384x_cmdresult_t *result;
760};
761typedef struct usbctlx_cmd_completor usbctlx_cmd_completor_t;
762
763static int usbctlx_cmd_completor_fn(usbctlx_completor_t *head)
764{
765 usbctlx_cmd_completor_t *complete = (usbctlx_cmd_completor_t*)head;
766 return usbctlx_get_status(complete->cmdresp, complete->result);
767}
768
769static inline usbctlx_completor_t*
770init_cmd_completor(usbctlx_cmd_completor_t *completor,
771 const hfa384x_usb_cmdresp_t *cmdresp,
772 hfa384x_cmdresult_t *result)
773{
774 completor->head.complete = usbctlx_cmd_completor_fn;
775 completor->cmdresp = cmdresp;
776 completor->result = result;
777 return &(completor->head);
778}
779
780/*----------------------------------------------------------------
781* Completor object:
782* This completor must be passed to hfa384x_usbctlx_complete_sync()
783* when processing a CTLX that reads a RID.
784----------------------------------------------------------------*/
785struct usbctlx_rrid_completor
786{
787 usbctlx_completor_t head;
788
789 const hfa384x_usb_rridresp_t *rridresp;
790 void *riddata;
aaad4303 791 unsigned int riddatalen;
00b3ed16
GKH		 792};
793typedef struct usbctlx_rrid_completor usbctlx_rrid_completor_t;
794
795static int usbctlx_rrid_completor_fn(usbctlx_completor_t *head)
796{
797 usbctlx_rrid_completor_t *complete = (usbctlx_rrid_completor_t*)head;
798 hfa384x_rridresult_t rridresult;
799
800 usbctlx_get_rridresult(complete->rridresp, &rridresult);
801
802 /* Validate the length, note body len calculation in bytes */
803 if ( rridresult.riddata_len != complete->riddatalen ) {
9b9556ec 804 printk(KERN_WARNING
00b3ed16
GKH		 805 "RID len mismatch, rid=0x%04x hlen=%d fwlen=%d\n",
806 rridresult.rid,
807 complete->riddatalen,
808 rridresult.riddata_len);
809 return -ENODATA;
810 }
811
812 memcpy(complete->riddata,
813 rridresult.riddata,
814 complete->riddatalen);
815 return 0;
816}
817
818static inline usbctlx_completor_t*
819init_rrid_completor(usbctlx_rrid_completor_t *completor,
820 const hfa384x_usb_rridresp_t *rridresp,
821 void *riddata,
aaad4303 822 unsigned int riddatalen)
00b3ed16
GKH		 823{
824 completor->head.complete = usbctlx_rrid_completor_fn;
825 completor->rridresp = rridresp;
826 completor->riddata = riddata;
827 completor->riddatalen = riddatalen;
828 return &(completor->head);
829}
830
831/*----------------------------------------------------------------
832* Completor object:
833* Interprets the results of a synchronous RID-write
834----------------------------------------------------------------*/
835typedef usbctlx_cmd_completor_t usbctlx_wrid_completor_t;
836#define init_wrid_completor init_cmd_completor
837
838/*----------------------------------------------------------------
839* Completor object:
840* Interprets the results of a synchronous memory-write
841----------------------------------------------------------------*/
842typedef usbctlx_cmd_completor_t usbctlx_wmem_completor_t;
843#define init_wmem_completor init_cmd_completor
844
845/*----------------------------------------------------------------
846* Completor object:
847* Interprets the results of a synchronous memory-read
848----------------------------------------------------------------*/
849struct usbctlx_rmem_completor
850{
851 usbctlx_completor_t head;
852
853 const hfa384x_usb_rmemresp_t *rmemresp;
854 void *data;
aaad4303 855 unsigned int len;
00b3ed16
GKH		 856};
857typedef struct usbctlx_rmem_completor usbctlx_rmem_completor_t;
858
859static int usbctlx_rmem_completor_fn(usbctlx_completor_t *head)
860{
861 usbctlx_rmem_completor_t *complete = (usbctlx_rmem_completor_t*)head;
862
a7cf7bae 863 pr_debug("rmemresp:len=%d\n", complete->rmemresp->frmlen);
00b3ed16
GKH		 864 memcpy(complete->data, complete->rmemresp->data, complete->len);
865 return 0;
866}
867
868static inline usbctlx_completor_t*
869init_rmem_completor(usbctlx_rmem_completor_t *completor,
870 hfa384x_usb_rmemresp_t *rmemresp,
871 void *data,
aaad4303 872 unsigned int len)
00b3ed16
GKH		 873{
874 completor->head.complete = usbctlx_rmem_completor_fn;
875 completor->rmemresp = rmemresp;
876 completor->data = data;
877 completor->len = len;
878 return &(completor->head);
879}
880
881/*----------------------------------------------------------------
882* hfa384x_cb_status
883*
884* Ctlx_complete handler for async CMD type control exchanges.
885* mark the hw struct as such.
886*
887* Note: If the handling is changed here, it should probably be
888* changed in docmd as well.
889*
890* Arguments:
891* hw hw struct
892* ctlx completed CTLX
893*
894* Returns:
895* nothing
896*
897* Side effects:
898*
899* Call context:
900* interrupt
901----------------------------------------------------------------*/
902static void
903hfa384x_cb_status(hfa384x_t *hw, const hfa384x_usbctlx_t *ctlx)
904{
00b3ed16
GKH		 905 if ( ctlx->usercb != NULL ) {
906 hfa384x_cmdresult_t cmdresult;
907
908 if (ctlx->state != CTLX_COMPLETE) {
909 memset(&cmdresult, 0, sizeof(cmdresult));
910 cmdresult.status = HFA384x_STATUS_RESULT_SET(HFA384x_CMD_ERR);
911 } else {
912 usbctlx_get_status(&ctlx->inbuf.cmdresp, &cmdresult);
913 }
914
915 ctlx->usercb(hw, &cmdresult, ctlx->usercb_data);
916 }
00b3ed16
GKH		 917}
918
919
920/*----------------------------------------------------------------
921* hfa384x_cb_rrid
922*
923* CTLX completion handler for async RRID type control exchanges.
924*
925* Note: If the handling is changed here, it should probably be
926* changed in dorrid as well.
927*
928* Arguments:
929* hw hw struct
930* ctlx completed CTLX
931*
932* Returns:
933* nothing
934*
935* Side effects:
936*
937* Call context:
938* interrupt
939----------------------------------------------------------------*/
940static void
941hfa384x_cb_rrid(hfa384x_t *hw, const hfa384x_usbctlx_t *ctlx)
942{
00b3ed16
GKH		 943 if ( ctlx->usercb != NULL ) {
944 hfa384x_rridresult_t rridresult;
945
946 if (ctlx->state != CTLX_COMPLETE) {
947 memset(&rridresult, 0, sizeof(rridresult));
948 rridresult.rid = hfa384x2host_16(ctlx->outbuf.rridreq.rid);
949 } else {
950 usbctlx_get_rridresult(&ctlx->inbuf.rridresp, &rridresult);
951 }
952
953 ctlx->usercb(hw, &rridresult, ctlx->usercb_data);
954 }
00b3ed16
GKH		 955}
956
957static inline int
958hfa384x_docmd_wait(hfa384x_t *hw, hfa384x_metacmd_t *cmd)
959{
960 return hfa384x_docmd(hw, DOWAIT, cmd, NULL, NULL, NULL);
961}
962
963static inline int
964hfa384x_docmd_async(hfa384x_t *hw,
965 hfa384x_metacmd_t *cmd,
966 ctlx_cmdcb_t cmdcb,
967 ctlx_usercb_t usercb,
968 void *usercb_data)
969{
970 return hfa384x_docmd(hw, DOASYNC, cmd,
971 cmdcb, usercb, usercb_data);
972}
973
974static inline int
aaad4303 975hfa384x_dorrid_wait(hfa384x_t *hw, u16 rid, void *riddata, unsigned int riddatalen)
00b3ed16
GKH		 976{
977 return hfa384x_dorrid(hw, DOWAIT,
978 rid, riddata, riddatalen,
979 NULL, NULL, NULL);
980}
981
982static inline int
983hfa384x_dorrid_async(hfa384x_t *hw,
aaad4303 984 u16 rid, void *riddata, unsigned int riddatalen,
00b3ed16
GKH		 985 ctlx_cmdcb_t cmdcb,
986 ctlx_usercb_t usercb,
987 void *usercb_data)
988{
989 return hfa384x_dorrid(hw, DOASYNC,
990 rid, riddata, riddatalen,
991 cmdcb, usercb, usercb_data);
992}
993
994static inline int
aaad4303 995hfa384x_dowrid_wait(hfa384x_t *hw, u16 rid, void *riddata, unsigned int riddatalen)
00b3ed16
GKH		 996{
997 return hfa384x_dowrid(hw, DOWAIT,
998 rid, riddata, riddatalen,
999 NULL, NULL, NULL);
1000}
1001
1002static inline int
1003hfa384x_dowrid_async(hfa384x_t *hw,
aaad4303 1004 u16 rid, void *riddata, unsigned int riddatalen,
00b3ed16
GKH		 1005 ctlx_cmdcb_t cmdcb,
1006 ctlx_usercb_t usercb,
1007 void *usercb_data)
1008{
1009 return hfa384x_dowrid(hw, DOASYNC,
1010 rid, riddata, riddatalen,
1011 cmdcb, usercb, usercb_data);
1012}
1013
1014static inline int
1015hfa384x_dormem_wait(hfa384x_t *hw,
aaad4303 1016 u16 page, u16 offset, void *data, unsigned int len)
00b3ed16
GKH		 1017{
1018 return hfa384x_dormem(hw, DOWAIT,
1019 page, offset, data, len,
1020 NULL, NULL, NULL);
1021}
1022
1023static inline int
1024hfa384x_dormem_async(hfa384x_t *hw,
aaad4303 1025 u16 page, u16 offset, void *data, unsigned int len,
00b3ed16
GKH		 1026 ctlx_cmdcb_t cmdcb,
1027 ctlx_usercb_t usercb,
1028 void *usercb_data)
1029{
1030 return hfa384x_dormem(hw, DOASYNC,
1031 page, offset, data, len,
1032 cmdcb, usercb, usercb_data);
1033}
1034
1035static inline int
1036hfa384x_dowmem_wait(
1037 hfa384x_t *hw,
aaad4303
SP		 1038 u16 page,
1039 u16 offset,
00b3ed16 1040 void *data,
aaad4303 1041 unsigned int len)
00b3ed16
GKH		 1042{
1043 return hfa384x_dowmem(hw, DOWAIT,
1044 page, offset, data, len,
1045 NULL, NULL, NULL);
1046}
1047
1048static inline int
1049hfa384x_dowmem_async(
1050 hfa384x_t *hw,
aaad4303
SP		 1051 u16 page,
1052 u16 offset,
00b3ed16 1053 void *data,
aaad4303 1054 unsigned int len,
00b3ed16
GKH		 1055 ctlx_cmdcb_t cmdcb,
1056 ctlx_usercb_t usercb,
1057 void *usercb_data)
1058{
1059 return hfa384x_dowmem(hw, DOASYNC,
1060 page, offset, data, len,
1061 cmdcb, usercb, usercb_data);
1062}
1063
1064/*----------------------------------------------------------------
1065* hfa384x_cmd_initialize
1066*
1067* Issues the initialize command and sets the hw->state based
1068* on the result.
1069*
1070* Arguments:
1071* hw device structure
1072*
1073* Returns:
1074* 0 success
1075* >0 f/w reported error - f/w status code
1076* <0 driver reported error
1077*
1078* Side effects:
1079*
1080* Call context:
1081* process
1082----------------------------------------------------------------*/
1083int
1084hfa384x_cmd_initialize(hfa384x_t *hw)
1085{
1086 int result = 0;
1087 int i;
1088 hfa384x_metacmd_t cmd;
1089
00b3ed16
GKH		 1090 cmd.cmd = HFA384x_CMDCODE_INIT;
1091 cmd.parm0 = 0;
1092 cmd.parm1 = 0;
1093 cmd.parm2 = 0;
1094
1095 result = hfa384x_docmd_wait(hw, &cmd);
1096
1097
a7cf7bae 1098 pr_debug("cmdresp.init: "
00b3ed16
GKH		 1099 "status=0x%04x, resp0=0x%04x, "
1100 "resp1=0x%04x, resp2=0x%04x\n",
1101 cmd.result.status,
1102 cmd.result.resp0,
1103 cmd.result.resp1,
1104 cmd.result.resp2);
1105 if ( result == 0 ) {
1106 for ( i = 0; i < HFA384x_NUMPORTS_MAX; i++) {
1107 hw->port_enabled[i] = 0;
1108 }
1109 }
1110
1111 hw->link_status = HFA384x_LINK_NOTCONNECTED;
1112
00b3ed16
GKH		 1113 return result;
1114}
1115
1116
1117/*----------------------------------------------------------------
1118* hfa384x_cmd_disable
1119*
1120* Issues the disable command to stop communications on one of
1121* the MACs 'ports'.
1122*
1123* Arguments:
1124* hw device structure
1125* macport MAC port number (host order)
1126*
1127* Returns:
1128* 0 success
1129* >0 f/w reported failure - f/w status code
1130* <0 driver reported error (timeout|bad arg)
1131*
1132* Side effects:
1133*
1134* Call context:
1135* process
1136----------------------------------------------------------------*/
aaad4303 1137int hfa384x_cmd_disable(hfa384x_t *hw, u16 macport)
00b3ed16
GKH		 1138{
1139 int result = 0;
1140 hfa384x_metacmd_t cmd;
1141
00b3ed16
GKH		 1142 cmd.cmd = HFA384x_CMD_CMDCODE_SET(HFA384x_CMDCODE_DISABLE) |
1143 HFA384x_CMD_MACPORT_SET(macport);
1144 cmd.parm0 = 0;
1145 cmd.parm1 = 0;
1146 cmd.parm2 = 0;
1147
1148 result = hfa384x_docmd_wait(hw, &cmd);
1149
00b3ed16
GKH		 1150 return result;
1151}
1152
1153
1154/*----------------------------------------------------------------
1155* hfa384x_cmd_enable
1156*
1157* Issues the enable command to enable communications on one of
1158* the MACs 'ports'.
1159*
1160* Arguments:
1161* hw device structure
1162* macport MAC port number
1163*
1164* Returns:
1165* 0 success
1166* >0 f/w reported failure - f/w status code
1167* <0 driver reported error (timeout|bad arg)
1168*
1169* Side effects:
1170*
1171* Call context:
1172* process
1173----------------------------------------------------------------*/
aaad4303 1174int hfa384x_cmd_enable(hfa384x_t *hw, u16 macport)
00b3ed16
GKH		 1175{
1176 int result = 0;
1177 hfa384x_metacmd_t cmd;
1178
00b3ed16
GKH		 1179 cmd.cmd = HFA384x_CMD_CMDCODE_SET(HFA384x_CMDCODE_ENABLE) |
1180 HFA384x_CMD_MACPORT_SET(macport);
1181 cmd.parm0 = 0;
1182 cmd.parm1 = 0;
1183 cmd.parm2 = 0;
1184
1185 result = hfa384x_docmd_wait(hw, &cmd);
1186
00b3ed16
GKH		 1187 return result;
1188}
1189
00b3ed16
GKH		 1190/*----------------------------------------------------------------
1191* hfa384x_cmd_monitor
1192*
1193* Enables the 'monitor mode' of the MAC. Here's the description of
1194* monitor mode that I've received thus far:
1195*
1196* "The "monitor mode" of operation is that the MAC passes all
1197* frames for which the PLCP checks are correct. All received
1198* MPDUs are passed to the host with MAC Port = 7, with a
1199* receive status of good, FCS error, or undecryptable. Passing
1200* certain MPDUs is a violation of the 802.11 standard, but useful
1201* for a debugging tool." Normal communication is not possible
1202* while monitor mode is enabled.
1203*
1204* Arguments:
1205* hw device structure
1206* enable a code (0x0b|0x0f) that enables/disables
1207* monitor mode. (host order)
1208*
1209* Returns:
1210* 0 success
1211* >0 f/w reported failure - f/w status code
1212* <0 driver reported error (timeout|bad arg)
1213*
1214* Side effects:
1215*
1216* Call context:
1217* process
1218----------------------------------------------------------------*/
aaad4303 1219int hfa384x_cmd_monitor(hfa384x_t *hw, u16 enable)
00b3ed16
GKH		 1220{
1221 int result = 0;
1222 hfa384x_metacmd_t cmd;
1223
00b3ed16
GKH		 1224 cmd.cmd = HFA384x_CMD_CMDCODE_SET(HFA384x_CMDCODE_MONITOR) |
1225 HFA384x_CMD_AINFO_SET(enable);
1226 cmd.parm0 = 0;
1227 cmd.parm1 = 0;
1228 cmd.parm2 = 0;
1229
1230 result = hfa384x_docmd_wait(hw, &cmd);
1231
00b3ed16
GKH		 1232 return result;
1233}
1234
1235
1236/*----------------------------------------------------------------
1237* hfa384x_cmd_download
1238*
1239* Sets the controls for the MAC controller code/data download
1240* process. The arguments set the mode and address associated
1241* with a download. Note that the aux registers should be enabled
1242* prior to setting one of the download enable modes.
1243*
1244* Arguments:
1245* hw device structure
1246* mode 0 - Disable programming and begin code exec
1247* 1 - Enable volatile mem programming
1248* 2 - Enable non-volatile mem programming
1249* 3 - Program non-volatile section from NV download
1250* buffer.
1251* (host order)
1252* lowaddr
1253* highaddr For mode 1, sets the high & low order bits of
1254* the "destination address". This address will be
1255* the execution start address when download is
1256* subsequently disabled.
1257* For mode 2, sets the high & low order bits of
1258* the destination in NV ram.
1259* For modes 0 & 3, should be zero. (host order)
1260* NOTE: these are CMD format.
1261* codelen Length of the data to write in mode 2,
1262* zero otherwise. (host order)
1263*
1264* Returns:
1265* 0 success
1266* >0 f/w reported failure - f/w status code
1267* <0 driver reported error (timeout|bad arg)
1268*
1269* Side effects:
1270*
1271* Call context:
1272* process
1273----------------------------------------------------------------*/
aaad4303
SP		 1274int hfa384x_cmd_download(hfa384x_t *hw, u16 mode, u16 lowaddr,
1275 u16 highaddr, u16 codelen)
00b3ed16
GKH		 1276{
1277 int result = 0;
1278 hfa384x_metacmd_t cmd;
1279
a7cf7bae 1280 printk(KERN_DEBUG
00b3ed16
GKH		 1281 "mode=%d, lowaddr=0x%04x, highaddr=0x%04x, codelen=%d\n",
1282 mode, lowaddr, highaddr, codelen);
1283
1284 cmd.cmd = (HFA384x_CMD_CMDCODE_SET(HFA384x_CMDCODE_DOWNLD) |
1285 HFA384x_CMD_PROGMODE_SET(mode));
1286
1287 cmd.parm0 = lowaddr;
1288 cmd.parm1 = highaddr;
1289 cmd.parm2 = codelen;
1290
1291 result = hfa384x_docmd_wait(hw, &cmd);
1292
00b3ed16
GKH		 1293 return result;
1294}
1295
1296
1297/*----------------------------------------------------------------
1298* hfa384x_copy_from_aux
1299*
1300* Copies a collection of bytes from the controller memory. The
1301* Auxiliary port MUST be enabled prior to calling this function.
1302* We _might_ be in a download state.
1303*
1304* Arguments:
1305* hw device structure
1306* cardaddr address in hfa384x data space to read
1307* auxctl address space select
1308* buf ptr to destination host buffer
1309* len length of data to transfer (in bytes)
1310*
1311* Returns:
1312* nothing
1313*
1314* Side effects:
1315* buf contains the data copied
1316*
1317* Call context:
1318* process
1319* interrupt
1320----------------------------------------------------------------*/
1321void
1322hfa384x_copy_from_aux(
aaad4303 1323 hfa384x_t *hw, u32 cardaddr, u32 auxctl, void *buf, unsigned int len)
00b3ed16 1324{
edbd606c 1325 printk(KERN_ERR "not used in USB.\n");
00b3ed16
GKH		 1326}
1327
1328
1329/*----------------------------------------------------------------
1330* hfa384x_copy_to_aux
1331*
1332* Copies a collection of bytes to the controller memory. The
1333* Auxiliary port MUST be enabled prior to calling this function.
1334* We _might_ be in a download state.
1335*
1336* Arguments:
1337* hw device structure
1338* cardaddr address in hfa384x data space to read
1339* auxctl address space select
1340* buf ptr to destination host buffer
1341* len length of data to transfer (in bytes)
1342*
1343* Returns:
1344* nothing
1345*
1346* Side effects:
1347* Controller memory now contains a copy of buf
1348*
1349* Call context:
1350* process
1351* interrupt
1352----------------------------------------------------------------*/
1353void
1354hfa384x_copy_to_aux(
aaad4303 1355 hfa384x_t *hw, u32 cardaddr, u32 auxctl, void *buf, unsigned int len)
00b3ed16 1356{
edbd606c 1357 printk(KERN_ERR "not used in USB.\n");
00b3ed16
GKH		 1358}
1359
1360
1361/*----------------------------------------------------------------
1362* hfa384x_corereset
1363*
1364* Perform a reset of the hfa38xx MAC core. We assume that the hw
1365* structure is in its "created" state. That is, it is initialized
1366* with proper values. Note that if a reset is done after the
1367* device has been active for awhile, the caller might have to clean
1368* up some leftover cruft in the hw structure.
1369*
1370* Arguments:
1371* hw device structure
1372* holdtime how long (in ms) to hold the reset
1373* settletime how long (in ms) to wait after releasing
1374* the reset
1375*
1376* Returns:
1377* nothing
1378*
1379* Side effects:
1380*
1381* Call context:
1382* process
1383----------------------------------------------------------------*/
1384int hfa384x_corereset(hfa384x_t *hw, int holdtime, int settletime, int genesis)
1385{
00b3ed16
GKH		 1386 int result = 0;
1387
00b3ed16
GKH		 1388 result=usb_reset_device(hw->usb);
1389 if(result<0) {
edbd606c 1390 printk(KERN_ERR "usb_reset_device() failed, result=%d.\n",result);
00b3ed16
GKH		 1391 }
1392
00b3ed16
GKH		 1393 return result;
1394}
1395
1396
1397/*----------------------------------------------------------------
1398* hfa384x_usbctlx_complete_sync
1399*
1400* Waits for a synchronous CTLX object to complete,
1401* and then handles the response.
1402*
1403* Arguments:
1404* hw device structure
1405* ctlx CTLX ptr
1406* completor functor object to decide what to
1407* do with the CTLX's result.
1408*
1409* Returns:
1410* 0 Success
1411* -ERESTARTSYS Interrupted by a signal
1412* -EIO CTLX failed
1413* -ENODEV Adapter was unplugged
1414* ??? Result from completor
1415*
1416* Side effects:
1417*
1418* Call context:
1419* process
1420----------------------------------------------------------------*/
1421static int hfa384x_usbctlx_complete_sync(hfa384x_t *hw,
1422 hfa384x_usbctlx_t *ctlx,
1423 usbctlx_completor_t *completor)
1424{
1425 unsigned long flags;
1426 int result;
1427
00b3ed16
GKH		 1428 result = wait_for_completion_interruptible(&ctlx->done);
1429
1430 spin_lock_irqsave(&hw->ctlxq.lock, flags);
1431
1432 /*
1433 * We can only handle the CTLX if the USB disconnect
1434 * function has not run yet ...
1435 */
1436 cleanup:
1437 if ( hw->wlandev->hwremoved )
1438 {
1439 spin_unlock_irqrestore(&hw->ctlxq.lock, flags);
1440 result = -ENODEV;
1441 }
1442 else if ( result != 0 )
1443 {
1444 int runqueue = 0;
1445
1446 /*
1447 * We were probably interrupted, so delete
1448 * this CTLX asynchronously, kill the timers
1449 * and the URB, and then start the next
1450 * pending CTLX.
1451 *
1452 * NOTE: We can only delete the timers and
1453 * the URB if this CTLX is active.
1454 */
1455 if (ctlx == get_active_ctlx(hw))
1456 {
1457 spin_unlock_irqrestore(&hw->ctlxq.lock, flags);
1458
1459 del_singleshot_timer_sync(&hw->reqtimer);
1460 del_singleshot_timer_sync(&hw->resptimer);
1461 hw->req_timer_done = 1;
1462 hw->resp_timer_done = 1;
1463 usb_kill_urb(&hw->ctlx_urb);
1464
1465 spin_lock_irqsave(&hw->ctlxq.lock, flags);
1466
1467 runqueue = 1;
1468
1469 /*
1470 * This scenario is so unlikely that I'm
1471 * happy with a grubby "goto" solution ...
1472 */
1473 if ( hw->wlandev->hwremoved )
1474 goto cleanup;
1475 }
1476
1477 /*
1478 * The completion task will send this CTLX
1479 * to the reaper the next time it runs. We
1480 * are no longer in a hurry.
1481 */
1482 ctlx->reapable = 1;
1483 ctlx->state = CTLX_REQ_FAILED;
1484 list_move_tail(&ctlx->list, &hw->ctlxq.completing);
1485
1486 spin_unlock_irqrestore(&hw->ctlxq.lock, flags);
1487
1488 if (runqueue)
1489 hfa384x_usbctlxq_run(hw);
1490 } else {
1491 if (ctlx->state == CTLX_COMPLETE) {
1492 result = completor->complete(completor);
1493 } else {
9b9556ec 1494 printk(KERN_WARNING "CTLX[%d] error: state(%s)\n",
00b3ed16
GKH		 1495 hfa384x2host_16(ctlx->outbuf.type),
1496 ctlxstr(ctlx->state));
1497 result = -EIO;
1498 }
1499
1500 list_del(&ctlx->list);
1501 spin_unlock_irqrestore(&hw->ctlxq.lock, flags);
1502 kfree(ctlx);
1503 }
1504
00b3ed16
GKH		 1505 return result;
1506}
1507
1508/*----------------------------------------------------------------
1509* hfa384x_docmd
1510*
1511* Constructs a command CTLX and submits it.
1512*
1513* NOTE: Any changes to the 'post-submit' code in this function
1514* need to be carried over to hfa384x_cbcmd() since the handling
1515* is virtually identical.
1516*
1517* Arguments:
1518* hw device structure
1519* mode DOWAIT or DOASYNC
1520* cmd cmd structure. Includes all arguments and result
1521* data points. All in host order. in host order
1522* cmdcb command-specific callback
1523* usercb user callback for async calls, NULL for DOWAIT calls
1524* usercb_data user supplied data pointer for async calls, NULL
1525* for DOASYNC calls
1526*
1527* Returns:
1528* 0 success
1529* -EIO CTLX failure
1530* -ERESTARTSYS Awakened on signal
1531* >0 command indicated error, Status and Resp0-2 are
1532* in hw structure.
1533*
1534* Side effects:
1535*
1536*
1537* Call context:
1538* process
1539----------------------------------------------------------------*/
1540static int
1541hfa384x_docmd(
1542 hfa384x_t *hw,
1543 CMD_MODE mode,
1544 hfa384x_metacmd_t *cmd,
1545 ctlx_cmdcb_t cmdcb,
1546 ctlx_usercb_t usercb,
1547 void *usercb_data)
1548{
1549 int result;
1550 hfa384x_usbctlx_t *ctlx;
1551
00b3ed16
GKH		 1552 ctlx = usbctlx_alloc();
1553 if ( ctlx == NULL ) {
1554 result = -ENOMEM;
1555 goto done;
1556 }
1557
1558 /* Initialize the command */
1559 ctlx->outbuf.cmdreq.type = host2hfa384x_16(HFA384x_USB_CMDREQ);
1560 ctlx->outbuf.cmdreq.cmd = host2hfa384x_16(cmd->cmd);
1561 ctlx->outbuf.cmdreq.parm0 = host2hfa384x_16(cmd->parm0);
1562 ctlx->outbuf.cmdreq.parm1 = host2hfa384x_16(cmd->parm1);
1563 ctlx->outbuf.cmdreq.parm2 = host2hfa384x_16(cmd->parm2);
1564
1565 ctlx->outbufsize = sizeof(ctlx->outbuf.cmdreq);
1566
a7cf7bae 1567 pr_debug("cmdreq: cmd=0x%04x "
00b3ed16
GKH		 1568 "parm0=0x%04x parm1=0x%04x parm2=0x%04x\n",
1569 cmd->cmd,
1570 cmd->parm0,
1571 cmd->parm1,
1572 cmd->parm2);
1573
1574 ctlx->reapable = mode;
1575 ctlx->cmdcb = cmdcb;
1576 ctlx->usercb = usercb;
1577 ctlx->usercb_data = usercb_data;
1578
1579 result = hfa384x_usbctlx_submit(hw, ctlx);
1580 if (result != 0) {
1581 kfree(ctlx);
1582 } else if (mode == DOWAIT) {
1583 usbctlx_cmd_completor_t completor;
1584
1585 result = hfa384x_usbctlx_complete_sync(
1586 hw, ctlx, init_cmd_completor(&completor,
1587 &ctlx->inbuf.cmdresp,
1588 &cmd->result) );
1589 }
1590
1591done:
00b3ed16
GKH		 1592 return result;
1593}
1594
1595
1596/*----------------------------------------------------------------
1597* hfa384x_dorrid
1598*
1599* Constructs a read rid CTLX and issues it.
1600*
1601* NOTE: Any changes to the 'post-submit' code in this function
1602* need to be carried over to hfa384x_cbrrid() since the handling
1603* is virtually identical.
1604*
1605* Arguments:
1606* hw device structure
1607* mode DOWAIT or DOASYNC
1608* rid Read RID number (host order)
1609* riddata Caller supplied buffer that MAC formatted RID.data
1610* record will be written to for DOWAIT calls. Should
1611* be NULL for DOASYNC calls.
1612* riddatalen Buffer length for DOWAIT calls. Zero for DOASYNC calls.
1613* cmdcb command callback for async calls, NULL for DOWAIT calls
1614* usercb user callback for async calls, NULL for DOWAIT calls
1615* usercb_data user supplied data pointer for async calls, NULL
1616* for DOWAIT calls
1617*
1618* Returns:
1619* 0 success
1620* -EIO CTLX failure
1621* -ERESTARTSYS Awakened on signal
1622* -ENODATA riddatalen != macdatalen
1623* >0 command indicated error, Status and Resp0-2 are
1624* in hw structure.
1625*
1626* Side effects:
1627*
1628* Call context:
1629* interrupt (DOASYNC)
1630* process (DOWAIT or DOASYNC)
1631----------------------------------------------------------------*/
1632static int
1633hfa384x_dorrid(
1634 hfa384x_t *hw,
1635 CMD_MODE mode,
aaad4303 1636 u16 rid,
00b3ed16 1637 void *riddata,
aaad4303 1638 unsigned int riddatalen,
00b3ed16
GKH		 1639 ctlx_cmdcb_t cmdcb,
1640 ctlx_usercb_t usercb,
1641 void *usercb_data)
1642{
1643 int result;
1644 hfa384x_usbctlx_t *ctlx;
1645
00b3ed16
GKH		 1646 ctlx = usbctlx_alloc();
1647 if ( ctlx == NULL ) {
1648 result = -ENOMEM;
1649 goto done;
1650 }
1651
1652 /* Initialize the command */
1653 ctlx->outbuf.rridreq.type = host2hfa384x_16(HFA384x_USB_RRIDREQ);
1654 ctlx->outbuf.rridreq.frmlen =
1655 host2hfa384x_16(sizeof(ctlx->outbuf.rridreq.rid));
1656 ctlx->outbuf.rridreq.rid = host2hfa384x_16(rid);
1657
1658 ctlx->outbufsize = sizeof(ctlx->outbuf.rridreq);
1659
1660 ctlx->reapable = mode;
1661 ctlx->cmdcb = cmdcb;
1662 ctlx->usercb = usercb;
1663 ctlx->usercb_data = usercb_data;
1664
1665 /* Submit the CTLX */
1666 result = hfa384x_usbctlx_submit(hw, ctlx);
1667 if (result != 0) {
1668 kfree(ctlx);
1669 } else if (mode == DOWAIT) {
1670 usbctlx_rrid_completor_t completor;
1671
1672 result = hfa384x_usbctlx_complete_sync(
1673 hw, ctlx, init_rrid_completor(&completor,
1674 &ctlx->inbuf.rridresp,
1675 riddata,
1676 riddatalen) );
1677 }
1678
1679done:
00b3ed16
GKH		 1680 return result;
1681}
1682
1683
1684/*----------------------------------------------------------------
1685* hfa384x_dowrid
1686*
1687* Constructs a write rid CTLX and issues it.
1688*
1689* NOTE: Any changes to the 'post-submit' code in this function
1690* need to be carried over to hfa384x_cbwrid() since the handling
1691* is virtually identical.
1692*
1693* Arguments:
1694* hw device structure
1695* CMD_MODE DOWAIT or DOASYNC
1696* rid RID code
1697* riddata Data portion of RID formatted for MAC
1698* riddatalen Length of the data portion in bytes
1699* cmdcb command callback for async calls, NULL for DOWAIT calls
1700* usercb user callback for async calls, NULL for DOWAIT calls
1701* usercb_data user supplied data pointer for async calls
1702*
1703* Returns:
1704* 0 success
1705* -ETIMEDOUT timed out waiting for register ready or
1706* command completion
1707* >0 command indicated error, Status and Resp0-2 are
1708* in hw structure.
1709*
1710* Side effects:
1711*
1712* Call context:
1713* interrupt (DOASYNC)
1714* process (DOWAIT or DOASYNC)
1715----------------------------------------------------------------*/
1716static int
1717hfa384x_dowrid(
1718 hfa384x_t *hw,
1719 CMD_MODE mode,
aaad4303 1720 u16 rid,
00b3ed16 1721 void *riddata,
aaad4303 1722 unsigned int riddatalen,
00b3ed16
GKH		 1723 ctlx_cmdcb_t cmdcb,
1724 ctlx_usercb_t usercb,
1725 void *usercb_data)
1726{
1727 int result;
1728 hfa384x_usbctlx_t *ctlx;
1729
00b3ed16
GKH		 1730 ctlx = usbctlx_alloc();
1731 if ( ctlx == NULL ) {
1732 result = -ENOMEM;
1733 goto done;
1734 }
1735
1736 /* Initialize the command */
1737 ctlx->outbuf.wridreq.type = host2hfa384x_16(HFA384x_USB_WRIDREQ);
1738 ctlx->outbuf.wridreq.frmlen = host2hfa384x_16(
1739 (sizeof(ctlx->outbuf.wridreq.rid) +
1740 riddatalen + 1) / 2);
1741 ctlx->outbuf.wridreq.rid = host2hfa384x_16(rid);
1742 memcpy(ctlx->outbuf.wridreq.data, riddata, riddatalen);
1743
1744 ctlx->outbufsize = sizeof(ctlx->outbuf.wridreq.type) +
1745 sizeof(ctlx->outbuf.wridreq.frmlen) +
1746 sizeof(ctlx->outbuf.wridreq.rid) +
1747 riddatalen;
1748
1749 ctlx->reapable = mode;
1750 ctlx->cmdcb = cmdcb;
1751 ctlx->usercb = usercb;
1752 ctlx->usercb_data = usercb_data;
1753
1754 /* Submit the CTLX */
1755 result = hfa384x_usbctlx_submit(hw, ctlx);
1756 if (result != 0) {
1757 kfree(ctlx);
1758 } else if (mode == DOWAIT) {
1759 usbctlx_wrid_completor_t completor;
1760 hfa384x_cmdresult_t wridresult;
1761
1762 result = hfa384x_usbctlx_complete_sync(
1763 hw,
1764 ctlx,
1765 init_wrid_completor(&completor,
1766 &ctlx->inbuf.wridresp,
1767 &wridresult) );
1768 }
1769
1770done:
00b3ed16
GKH		 1771 return result;
1772}
1773
1774/*----------------------------------------------------------------
1775* hfa384x_dormem
1776*
1777* Constructs a readmem CTLX and issues it.
1778*
1779* NOTE: Any changes to the 'post-submit' code in this function
1780* need to be carried over to hfa384x_cbrmem() since the handling
1781* is virtually identical.
1782*
1783* Arguments:
1784* hw device structure
1785* mode DOWAIT or DOASYNC
1786* page MAC address space page (CMD format)
1787* offset MAC address space offset
1788* data Ptr to data buffer to receive read
1789* len Length of the data to read (max == 2048)
1790* cmdcb command callback for async calls, NULL for DOWAIT calls
1791* usercb user callback for async calls, NULL for DOWAIT calls
1792* usercb_data user supplied data pointer for async calls
1793*
1794* Returns:
1795* 0 success
1796* -ETIMEDOUT timed out waiting for register ready or
1797* command completion
1798* >0 command indicated error, Status and Resp0-2 are
1799* in hw structure.
1800*
1801* Side effects:
1802*
1803* Call context:
1804* interrupt (DOASYNC)
1805* process (DOWAIT or DOASYNC)
1806----------------------------------------------------------------*/
1807static int
1808hfa384x_dormem(
1809 hfa384x_t *hw,
1810 CMD_MODE mode,
aaad4303
SP		 1811 u16 page,
1812 u16 offset,
00b3ed16 1813 void *data,
aaad4303 1814 unsigned int len,
00b3ed16
GKH		 1815 ctlx_cmdcb_t cmdcb,
1816 ctlx_usercb_t usercb,
1817 void *usercb_data)
1818{
1819 int result;
1820 hfa384x_usbctlx_t *ctlx;
1821
00b3ed16
GKH		 1822 ctlx = usbctlx_alloc();
1823 if ( ctlx == NULL ) {
1824 result = -ENOMEM;
1825 goto done;
1826 }
1827
1828 /* Initialize the command */
1829 ctlx->outbuf.rmemreq.type = host2hfa384x_16(HFA384x_USB_RMEMREQ);
1830 ctlx->outbuf.rmemreq.frmlen = host2hfa384x_16(
1831 sizeof(ctlx->outbuf.rmemreq.offset) +
1832 sizeof(ctlx->outbuf.rmemreq.page) +
1833 len);
1834 ctlx->outbuf.rmemreq.offset = host2hfa384x_16(offset);
1835 ctlx->outbuf.rmemreq.page = host2hfa384x_16(page);
1836
1837 ctlx->outbufsize = sizeof(ctlx->outbuf.rmemreq);
1838
a7cf7bae 1839 pr_debug(
00b3ed16
GKH		 1840 "type=0x%04x frmlen=%d offset=0x%04x page=0x%04x\n",
1841 ctlx->outbuf.rmemreq.type,
1842 ctlx->outbuf.rmemreq.frmlen,
1843 ctlx->outbuf.rmemreq.offset,
1844 ctlx->outbuf.rmemreq.page);
1845
a7cf7bae 1846 pr_debug("pktsize=%zd\n",
00b3ed16
GKH		 1847 ROUNDUP64(sizeof(ctlx->outbuf.rmemreq)));
1848
1849 ctlx->reapable = mode;
1850 ctlx->cmdcb = cmdcb;
1851 ctlx->usercb = usercb;
1852 ctlx->usercb_data = usercb_data;
1853
1854 result = hfa384x_usbctlx_submit(hw, ctlx);
1855 if (result != 0) {
1856 kfree(ctlx);
1857 } else if ( mode == DOWAIT ) {
1858 usbctlx_rmem_completor_t completor;
1859
1860 result = hfa384x_usbctlx_complete_sync(
1861 hw, ctlx, init_rmem_completor(&completor,
1862 &ctlx->inbuf.rmemresp,
1863 data,
1864 len) );
1865 }
1866
1867done:
00b3ed16
GKH		 1868 return result;
1869}
1870
1871
1872
1873/*----------------------------------------------------------------
1874* hfa384x_dowmem
1875*
1876* Constructs a writemem CTLX and issues it.
1877*
1878* NOTE: Any changes to the 'post-submit' code in this function
1879* need to be carried over to hfa384x_cbwmem() since the handling
1880* is virtually identical.
1881*
1882* Arguments:
1883* hw device structure
1884* mode DOWAIT or DOASYNC
1885* page MAC address space page (CMD format)
1886* offset MAC address space offset
1887* data Ptr to data buffer containing write data
1888* len Length of the data to read (max == 2048)
1889* cmdcb command callback for async calls, NULL for DOWAIT calls
1890* usercb user callback for async calls, NULL for DOWAIT calls
1891* usercb_data user supplied data pointer for async calls.
1892*
1893* Returns:
1894* 0 success
1895* -ETIMEDOUT timed out waiting for register ready or
1896* command completion
1897* >0 command indicated error, Status and Resp0-2 are
1898* in hw structure.
1899*
1900* Side effects:
1901*
1902* Call context:
1903* interrupt (DOWAIT)
1904* process (DOWAIT or DOASYNC)
1905----------------------------------------------------------------*/
1906static int
1907hfa384x_dowmem(
1908 hfa384x_t *hw,
1909 CMD_MODE mode,
aaad4303
SP		 1910 u16 page,
1911 u16 offset,
00b3ed16 1912 void *data,
aaad4303 1913 unsigned int len,
00b3ed16
GKH		 1914 ctlx_cmdcb_t cmdcb,
1915 ctlx_usercb_t usercb,
1916 void *usercb_data)
1917{
1918 int result;
1919 hfa384x_usbctlx_t *ctlx;
1920
a7cf7bae 1921 pr_debug("page=0x%04x offset=0x%04x len=%d\n",
00b3ed16
GKH		 1922 page,offset,len);
1923
1924 ctlx = usbctlx_alloc();
1925 if ( ctlx == NULL ) {
1926 result = -ENOMEM;
1927 goto done;
1928 }
1929
1930 /* Initialize the command */
1931 ctlx->outbuf.wmemreq.type = host2hfa384x_16(HFA384x_USB_WMEMREQ);
1932 ctlx->outbuf.wmemreq.frmlen = host2hfa384x_16(
1933 sizeof(ctlx->outbuf.wmemreq.offset) +
1934 sizeof(ctlx->outbuf.wmemreq.page) +
1935 len);
1936 ctlx->outbuf.wmemreq.offset = host2hfa384x_16(offset);
1937 ctlx->outbuf.wmemreq.page = host2hfa384x_16(page);
1938 memcpy(ctlx->outbuf.wmemreq.data, data, len);
1939
1940 ctlx->outbufsize = sizeof(ctlx->outbuf.wmemreq.type) +
1941 sizeof(ctlx->outbuf.wmemreq.frmlen) +
1942 sizeof(ctlx->outbuf.wmemreq.offset) +
1943 sizeof(ctlx->outbuf.wmemreq.page) +
1944 len;
1945
1946 ctlx->reapable = mode;
1947 ctlx->cmdcb = cmdcb;
1948 ctlx->usercb = usercb;
1949 ctlx->usercb_data = usercb_data;
1950
1951 result = hfa384x_usbctlx_submit(hw, ctlx);
1952 if (result != 0) {
1953 kfree(ctlx);
1954 } else if ( mode == DOWAIT ) {
1955 usbctlx_wmem_completor_t completor;
1956 hfa384x_cmdresult_t wmemresult;
1957
1958 result = hfa384x_usbctlx_complete_sync(
1959 hw,
1960 ctlx,
1961 init_wmem_completor(&completor,
1962 &ctlx->inbuf.wmemresp,
1963 &wmemresult) );
1964 }
1965
1966done:
00b3ed16
GKH		 1967 return result;
1968}
1969
1970
1971/*----------------------------------------------------------------
1972* hfa384x_drvr_commtallies
1973*
1974* Send a commtallies inquiry to the MAC. Note that this is an async
1975* call that will result in an info frame arriving sometime later.
1976*
1977* Arguments:
1978* hw device structure
1979*
1980* Returns:
1981* zero success.
1982*
1983* Side effects:
1984*
1985* Call context:
1986* process
1987----------------------------------------------------------------*/
1988int hfa384x_drvr_commtallies( hfa384x_t *hw )
1989{
1990 hfa384x_metacmd_t cmd;
1991
00b3ed16
GKH		 1992 cmd.cmd = HFA384x_CMDCODE_INQ;
1993 cmd.parm0 = HFA384x_IT_COMMTALLIES;
1994 cmd.parm1 = 0;
1995 cmd.parm2 = 0;
1996
1997 hfa384x_docmd_async(hw, &cmd, NULL, NULL, NULL);
1998
00b3ed16
GKH		 1999 return 0;
2000}
2001
2002
2003/*----------------------------------------------------------------
2004* hfa384x_drvr_disable
2005*
2006* Issues the disable command to stop communications on one of
2007* the MACs 'ports'. Only macport 0 is valid for stations.
2008* APs may also disable macports 1-6. Only ports that have been
2009* previously enabled may be disabled.
2010*
2011* Arguments:
2012* hw device structure
2013* macport MAC port number (host order)
2014*
2015* Returns:
2016* 0 success
2017* >0 f/w reported failure - f/w status code
2018* <0 driver reported error (timeout|bad arg)
2019*
2020* Side effects:
2021*
2022* Call context:
2023* process
2024----------------------------------------------------------------*/
aaad4303 2025int hfa384x_drvr_disable(hfa384x_t *hw, u16 macport)
00b3ed16
GKH		 2026{
2027 int result = 0;
2028
00b3ed16
GKH		 2029 if ((!hw->isap && macport != 0) ||
2030 (hw->isap && !(macport <= HFA384x_PORTID_MAX)) ||
2031 !(hw->port_enabled[macport]) ){
2032 result = -EINVAL;
2033 } else {
2034 result = hfa384x_cmd_disable(hw, macport);
2035 if ( result == 0 ) {
2036 hw->port_enabled[macport] = 0;
2037 }
2038 }
00b3ed16
GKH		 2039 return result;
2040}
2041
2042
2043/*----------------------------------------------------------------
2044* hfa384x_drvr_enable
2045*
2046* Issues the enable command to enable communications on one of
2047* the MACs 'ports'. Only macport 0 is valid for stations.
2048* APs may also enable macports 1-6. Only ports that are currently
2049* disabled may be enabled.
2050*
2051* Arguments:
2052* hw device structure
2053* macport MAC port number
2054*
2055* Returns:
2056* 0 success
2057* >0 f/w reported failure - f/w status code
2058* <0 driver reported error (timeout|bad arg)
2059*
2060* Side effects:
2061*
2062* Call context:
2063* process
2064----------------------------------------------------------------*/
aaad4303 2065int hfa384x_drvr_enable(hfa384x_t *hw, u16 macport)
00b3ed16
GKH		 2066{
2067 int result = 0;
2068
00b3ed16
GKH		 2069 if ((!hw->isap && macport != 0) ||
2070 (hw->isap && !(macport <= HFA384x_PORTID_MAX)) ||
2071 (hw->port_enabled[macport]) ){
2072 result = -EINVAL;
2073 } else {
2074 result = hfa384x_cmd_enable(hw, macport);
2075 if ( result == 0 ) {
2076 hw->port_enabled[macport] = 1;
2077 }
2078 }
00b3ed16
GKH		 2079 return result;
2080}
2081
2082
2083/*----------------------------------------------------------------
2084* hfa384x_drvr_flashdl_enable
2085*
2086* Begins the flash download state. Checks to see that we're not
2087* already in a download state and that a port isn't enabled.
2088* Sets the download state and retrieves the flash download
2089* buffer location, buffer size, and timeout length.
2090*
2091* Arguments:
2092* hw device structure
2093*
2094* Returns:
2095* 0 success
2096* >0 f/w reported error - f/w status code
2097* <0 driver reported error
2098*
2099* Side effects:
2100*
2101* Call context:
2102* process
2103----------------------------------------------------------------*/
2104int hfa384x_drvr_flashdl_enable(hfa384x_t *hw)
2105{
2106 int result = 0;
2107 int i;
2108
00b3ed16
GKH		 2109 /* Check that a port isn't active */
2110 for ( i = 0; i < HFA384x_PORTID_MAX; i++) {
2111 if ( hw->port_enabled[i] ) {
a7cf7bae 2112 pr_debug("called when port enabled.\n");
00b3ed16
GKH		 2113 return -EINVAL;
2114 }
2115 }
2116
2117 /* Check that we're not already in a download state */
2118 if ( hw->dlstate != HFA384x_DLSTATE_DISABLED ) {
2119 return -EINVAL;
2120 }
2121
2122 /* Retrieve the buffer loc&size and timeout */
2123 if ( (result = hfa384x_drvr_getconfig(hw, HFA384x_RID_DOWNLOADBUFFER,
2124 &(hw->bufinfo), sizeof(hw->bufinfo))) ) {
2125 return result;
2126 }
2127 hw->bufinfo.page = hfa384x2host_16(hw->bufinfo.page);
2128 hw->bufinfo.offset = hfa384x2host_16(hw->bufinfo.offset);
2129 hw->bufinfo.len = hfa384x2host_16(hw->bufinfo.len);
2130 if ( (result = hfa384x_drvr_getconfig16(hw, HFA384x_RID_MAXLOADTIME,
2131 &(hw->dltimeout))) ) {
2132 return result;
2133 }
2134 hw->dltimeout = hfa384x2host_16(hw->dltimeout);
2135
a7cf7bae 2136 pr_debug("flashdl_enable\n");
00b3ed16
GKH		 2137
2138 hw->dlstate = HFA384x_DLSTATE_FLASHENABLED;
8a251b55 2139
00b3ed16
GKH		 2140 return result;
2141}
2142
2143
2144/*----------------------------------------------------------------
2145* hfa384x_drvr_flashdl_disable
2146*
2147* Ends the flash download state. Note that this will cause the MAC
2148* firmware to restart.
2149*
2150* Arguments:
2151* hw device structure
2152*
2153* Returns:
2154* 0 success
2155* >0 f/w reported error - f/w status code
2156* <0 driver reported error
2157*
2158* Side effects:
2159*
2160* Call context:
2161* process
2162----------------------------------------------------------------*/
2163int hfa384x_drvr_flashdl_disable(hfa384x_t *hw)
2164{
00b3ed16
GKH		 2165 /* Check that we're already in the download state */
2166 if ( hw->dlstate != HFA384x_DLSTATE_FLASHENABLED ) {
2167 return -EINVAL;
2168 }
2169
a7cf7bae 2170 pr_debug("flashdl_enable\n");
00b3ed16
GKH		 2171
2172 /* There isn't much we can do at this point, so I don't */
2173 /* bother w/ the return value */
2174 hfa384x_cmd_download(hw, HFA384x_PROGMODE_DISABLE, 0, 0 , 0);
2175 hw->dlstate = HFA384x_DLSTATE_DISABLED;
2176
00b3ed16
GKH		 2177 return 0;
2178}
2179
2180
2181/*----------------------------------------------------------------
2182* hfa384x_drvr_flashdl_write
2183*
2184* Performs a FLASH download of a chunk of data. First checks to see
2185* that we're in the FLASH download state, then sets the download
2186* mode, uses the aux functions to 1) copy the data to the flash
2187* buffer, 2) sets the download 'write flash' mode, 3) readback and
2188* compare. Lather rinse, repeat as many times an necessary to get
2189* all the given data into flash.
2190* When all data has been written using this function (possibly
2191* repeatedly), call drvr_flashdl_disable() to end the download state
2192* and restart the MAC.
2193*
2194* Arguments:
2195* hw device structure
2196* daddr Card address to write to. (host order)
2197* buf Ptr to data to write.
2198* len Length of data (host order).
2199*
2200* Returns:
2201* 0 success
2202* >0 f/w reported error - f/w status code
2203* <0 driver reported error
2204*
2205* Side effects:
2206*
2207* Call context:
2208* process
2209----------------------------------------------------------------*/
2210int
2211hfa384x_drvr_flashdl_write(
2212 hfa384x_t *hw,
aaad4303 2213 u32 daddr,
00b3ed16 2214 void *buf,
aaad4303 2215 u32 len)
00b3ed16
GKH		 2216{
2217 int result = 0;
aaad4303 2218 u32 dlbufaddr;
00b3ed16 2219 int nburns;
aaad4303
SP		 2220 u32 burnlen;
2221 u32 burndaddr;
2222 u16 burnlo;
2223 u16 burnhi;
00b3ed16 2224 int nwrites;
aaad4303
SP		 2225 u8 *writebuf;
2226 u16 writepage;
2227 u16 writeoffset;
2228 u32 writelen;
00b3ed16
GKH		 2229 int i;
2230 int j;
2231
a7cf7bae 2232 pr_debug("daddr=0x%08x len=%d\n", daddr, len);
00b3ed16
GKH		 2233
2234 /* Check that we're in the flash download state */
2235 if ( hw->dlstate != HFA384x_DLSTATE_FLASHENABLED ) {
2236 return -EINVAL;
2237 }
2238
350f2f4b 2239 printk(KERN_INFO "Download %d bytes to flash @0x%06x\n", len, daddr);
00b3ed16
GKH		 2240
2241 /* Convert to flat address for arithmetic */
2242 /* NOTE: dlbuffer RID stores the address in AUX format */
2243 dlbufaddr = HFA384x_ADDR_AUX_MKFLAT(
2244 hw->bufinfo.page, hw->bufinfo.offset);
a7cf7bae 2245 pr_debug(
00b3ed16
GKH		 2246 "dlbuf.page=0x%04x dlbuf.offset=0x%04x dlbufaddr=0x%08x\n",
2247 hw->bufinfo.page, hw->bufinfo.offset, dlbufaddr);
2248
2249#if 0
9b9556ec 2250printk(KERN_WARNING "dlbuf@0x%06lx len=%d to=%d\n", dlbufaddr, hw->bufinfo.len, hw->dltimeout);
00b3ed16
GKH		 2251#endif
2252 /* Calculations to determine how many fills of the dlbuffer to do
2253 * and how many USB wmemreq's to do for each fill. At this point
2254 * in time, the dlbuffer size and the wmemreq size are the same.
2255 * Therefore, nwrites should always be 1. The extra complexity
2256 * here is a hedge against future changes.
2257 */
2258
2259 /* Figure out how many times to do the flash programming */
2260 nburns = len / hw->bufinfo.len;
2261 nburns += (len % hw->bufinfo.len) ? 1 : 0;
2262
2263 /* For each flash program cycle, how many USB wmemreq's are needed? */
2264 nwrites = hw->bufinfo.len / HFA384x_USB_RWMEM_MAXLEN;
2265 nwrites += (hw->bufinfo.len % HFA384x_USB_RWMEM_MAXLEN) ? 1 : 0;
2266
2267 /* For each burn */
2268 for ( i = 0; i < nburns; i++) {
2269 /* Get the dest address and len */
2270 burnlen = (len - (hw->bufinfo.len * i)) > hw->bufinfo.len ?
2271 hw->bufinfo.len :
2272 (len - (hw->bufinfo.len * i));
2273 burndaddr = daddr + (hw->bufinfo.len * i);
2274 burnlo = HFA384x_ADDR_CMD_MKOFF(burndaddr);
2275 burnhi = HFA384x_ADDR_CMD_MKPAGE(burndaddr);
2276
350f2f4b 2277 printk(KERN_INFO "Writing %d bytes to flash @0x%06x\n",
00b3ed16
GKH		 2278 burnlen, burndaddr);
2279
2280 /* Set the download mode */
2281 result = hfa384x_cmd_download(hw, HFA384x_PROGMODE_NV,
2282 burnlo, burnhi, burnlen);
2283 if ( result ) {
edbd606c 2284 printk(KERN_ERR "download(NV,lo=%x,hi=%x,len=%x) "
00b3ed16
GKH		 2285 "cmd failed, result=%d. Aborting d/l\n",
2286 burnlo, burnhi, burnlen, result);
2287 goto exit_proc;
2288 }
2289
2290 /* copy the data to the flash download buffer */
2291 for ( j=0; j < nwrites; j++) {
2292 writebuf = buf +
2293 (i*hw->bufinfo.len) +
2294 (j*HFA384x_USB_RWMEM_MAXLEN);
2295
2296 writepage = HFA384x_ADDR_CMD_MKPAGE(
2297 dlbufaddr +
2298 (j*HFA384x_USB_RWMEM_MAXLEN));
2299 writeoffset = HFA384x_ADDR_CMD_MKOFF(
2300 dlbufaddr +
2301 (j*HFA384x_USB_RWMEM_MAXLEN));
2302
2303 writelen = burnlen-(j*HFA384x_USB_RWMEM_MAXLEN);
2304 writelen = writelen > HFA384x_USB_RWMEM_MAXLEN ?
2305 HFA384x_USB_RWMEM_MAXLEN :
2306 writelen;
2307
2308 result = hfa384x_dowmem_wait( hw,
2309 writepage,
2310 writeoffset,
2311 writebuf,
2312 writelen );
00b3ed16
GKH		 2313 }
2314
2315 /* set the download 'write flash' mode */
2316 result = hfa384x_cmd_download(hw,
2317 HFA384x_PROGMODE_NVWRITE,
2318 0,0,0);
2319 if ( result ) {
edbd606c 2320 printk(KERN_ERR
00b3ed16
GKH		 2321 "download(NVWRITE,lo=%x,hi=%x,len=%x) "
2322 "cmd failed, result=%d. Aborting d/l\n",
2323 burnlo, burnhi, burnlen, result);
2324 goto exit_proc;
2325 }
2326
2327 /* TODO: We really should do a readback and compare. */
2328 }
2329
2330exit_proc:
2331
2332 /* Leave the firmware in the 'post-prog' mode. flashdl_disable will */
2333 /* actually disable programming mode. Remember, that will cause the */
2334 /* the firmware to effectively reset itself. */
2335
00b3ed16
GKH		 2336 return result;
2337}
2338
2339
2340/*----------------------------------------------------------------
2341* hfa384x_drvr_getconfig
2342*
2343* Performs the sequence necessary to read a config/info item.
2344*
2345* Arguments:
2346* hw device structure
2347* rid config/info record id (host order)
2348* buf host side record buffer. Upon return it will
2349* contain the body portion of the record (minus the
2350* RID and len).
2351* len buffer length (in bytes, should match record length)
2352*
2353* Returns:
2354* 0 success
2355* >0 f/w reported error - f/w status code
2356* <0 driver reported error
2357* -ENODATA length mismatch between argument and retrieved
2358* record.
2359*
2360* Side effects:
2361*
2362* Call context:
2363* process
2364----------------------------------------------------------------*/
aaad4303 2365int hfa384x_drvr_getconfig(hfa384x_t *hw, u16 rid, void *buf, u16 len)
00b3ed16
GKH		 2366{
2367 int result;
00b3ed16
GKH		 2368
2369 result = hfa384x_dorrid_wait(hw, rid, buf, len);
2370
00b3ed16
GKH		 2371 return result;
2372}
2373
2374/*----------------------------------------------------------------
2375 * hfa384x_drvr_getconfig_async
2376 *
2377 * Performs the sequence necessary to perform an async read of
2378 * of a config/info item.
2379 *
2380 * Arguments:
2381 * hw device structure
2382 * rid config/info record id (host order)
2383 * buf host side record buffer. Upon return it will
2384 * contain the body portion of the record (minus the
2385 * RID and len).
2386 * len buffer length (in bytes, should match record length)
2387 * cbfn caller supplied callback, called when the command
2388 * is done (successful or not).
2389 * cbfndata pointer to some caller supplied data that will be
2390 * passed in as an argument to the cbfn.
2391 *
2392 * Returns:
2393 * nothing the cbfn gets a status argument identifying if
2394 * any errors occur.
2395 * Side effects:
2396 * Queues an hfa384x_usbcmd_t for subsequent execution.
2397 *
2398 * Call context:
2399 * Any
2400 ----------------------------------------------------------------*/
2401int
2402hfa384x_drvr_getconfig_async(
2403 hfa384x_t *hw,
aaad4303 2404 u16 rid,
00b3ed16
GKH		 2405 ctlx_usercb_t usercb,
2406 void *usercb_data)
2407{
2408 return hfa384x_dorrid_async(hw, rid, NULL, 0,
2409 hfa384x_cb_rrid, usercb, usercb_data);
2410}
2411
2412/*----------------------------------------------------------------
2413 * hfa384x_drvr_setconfig_async
2414 *
2415 * Performs the sequence necessary to write a config/info item.
2416 *
2417 * Arguments:
2418 * hw device structure
2419 * rid config/info record id (in host order)
2420 * buf host side record buffer
2421 * len buffer length (in bytes)
2422 * usercb completion callback
2423 * usercb_data completion callback argument
2424 *
2425 * Returns:
2426 * 0 success
2427 * >0 f/w reported error - f/w status code
2428 * <0 driver reported error
2429 *
2430 * Side effects:
2431 *
2432 * Call context:
2433 * process
2434 ----------------------------------------------------------------*/
2435int
2436hfa384x_drvr_setconfig_async(
2437 hfa384x_t *hw,
aaad4303 2438 u16 rid,
00b3ed16 2439 void *buf,
aaad4303 2440 u16 len,
00b3ed16
GKH		 2441 ctlx_usercb_t usercb,
2442 void *usercb_data)
2443{
2444 return hfa384x_dowrid_async(hw, rid, buf, len,
2445 hfa384x_cb_status, usercb, usercb_data);
2446}
2447
2448/*----------------------------------------------------------------
2449* hfa384x_drvr_handover
2450*
2451* Sends a handover notification to the MAC.
2452*
2453* Arguments:
2454* hw device structure
2455* addr address of station that's left
2456*
2457* Returns:
2458* zero success.
2459* -ERESTARTSYS received signal while waiting for semaphore.
2460* -EIO failed to write to bap, or failed in cmd.
2461*
2462* Side effects:
2463*
2464* Call context:
2465* process
2466----------------------------------------------------------------*/
aaad4303 2467int hfa384x_drvr_handover( hfa384x_t *hw, u8 *addr)
00b3ed16 2468{
edbd606c 2469 printk(KERN_ERR "Not currently supported in USB!\n");
00b3ed16
GKH		 2470 return -EIO;
2471}
00b3ed16 2472
00b3ed16
GKH		 2473/*----------------------------------------------------------------
2474* hfa384x_drvr_ramdl_disable
2475*
2476* Ends the ram download state.
2477*
2478* Arguments:
2479* hw device structure
2480*
2481* Returns:
2482* 0 success
2483* >0 f/w reported error - f/w status code
2484* <0 driver reported error
2485*
2486* Side effects:
2487*
2488* Call context:
2489* process
2490----------------------------------------------------------------*/
2491int
2492hfa384x_drvr_ramdl_disable(hfa384x_t *hw)
2493{
00b3ed16
GKH		 2494 /* Check that we're already in the download state */
2495 if ( hw->dlstate != HFA384x_DLSTATE_RAMENABLED ) {
2496 return -EINVAL;
2497 }
2498
a7cf7bae 2499 pr_debug("ramdl_disable()\n");
00b3ed16
GKH		 2500
2501 /* There isn't much we can do at this point, so I don't */
2502 /* bother w/ the return value */
2503 hfa384x_cmd_download(hw, HFA384x_PROGMODE_DISABLE, 0, 0 , 0);
2504 hw->dlstate = HFA384x_DLSTATE_DISABLED;
2505
00b3ed16
GKH		 2506 return 0;
2507}
2508
2509
2510/*----------------------------------------------------------------
2511* hfa384x_drvr_ramdl_enable
2512*
2513* Begins the ram download state. Checks to see that we're not
2514* already in a download state and that a port isn't enabled.
2515* Sets the download state and calls cmd_download with the
2516* ENABLE_VOLATILE subcommand and the exeaddr argument.
2517*
2518* Arguments:
2519* hw device structure
2520* exeaddr the card execution address that will be
2521* jumped to when ramdl_disable() is called
2522* (host order).
2523*
2524* Returns:
2525* 0 success
2526* >0 f/w reported error - f/w status code
2527* <0 driver reported error
2528*
2529* Side effects:
2530*
2531* Call context:
2532* process
2533----------------------------------------------------------------*/
2534int
aaad4303 2535hfa384x_drvr_ramdl_enable(hfa384x_t *hw, u32 exeaddr)
00b3ed16
GKH		 2536{
2537 int result = 0;
aaad4303
SP		 2538 u16 lowaddr;
2539 u16 hiaddr;
00b3ed16 2540 int i;
8a251b55 2541
00b3ed16
GKH		 2542 /* Check that a port isn't active */
2543 for ( i = 0; i < HFA384x_PORTID_MAX; i++) {
2544 if ( hw->port_enabled[i] ) {
edbd606c 2545 printk(KERN_ERR
00b3ed16
GKH		 2546 "Can't download with a macport enabled.\n");
2547 return -EINVAL;
2548 }
2549 }
2550
2551 /* Check that we're not already in a download state */
2552 if ( hw->dlstate != HFA384x_DLSTATE_DISABLED ) {
edbd606c 2553 printk(KERN_ERR
00b3ed16
GKH		 2554 "Download state not disabled.\n");
2555 return -EINVAL;
2556 }
2557
a7cf7bae 2558 pr_debug("ramdl_enable, exeaddr=0x%08x\n", exeaddr);
00b3ed16
GKH		 2559
2560 /* Call the download(1,addr) function */
2561 lowaddr = HFA384x_ADDR_CMD_MKOFF(exeaddr);
2562 hiaddr = HFA384x_ADDR_CMD_MKPAGE(exeaddr);
2563
2564 result = hfa384x_cmd_download(hw, HFA384x_PROGMODE_RAM,
2565 lowaddr, hiaddr, 0);
2566
2567 if ( result == 0) {
2568 /* Set the download state */
2569 hw->dlstate = HFA384x_DLSTATE_RAMENABLED;
2570 } else {
a7cf7bae 2571 pr_debug(
00b3ed16
GKH		 2572 "cmd_download(0x%04x, 0x%04x) failed, result=%d.\n",
2573 lowaddr,
2574 hiaddr,
2575 result);
2576 }
2577
00b3ed16
GKH		 2578 return result;
2579}
2580
2581
2582/*----------------------------------------------------------------
2583* hfa384x_drvr_ramdl_write
2584*
2585* Performs a RAM download of a chunk of data. First checks to see
2586* that we're in the RAM download state, then uses the [read|write]mem USB
2587* commands to 1) copy the data, 2) readback and compare. The download
2588* state is unaffected. When all data has been written using
2589* this function, call drvr_ramdl_disable() to end the download state
2590* and restart the MAC.
2591*
2592* Arguments:
2593* hw device structure
2594* daddr Card address to write to. (host order)
2595* buf Ptr to data to write.
2596* len Length of data (host order).
2597*
2598* Returns:
2599* 0 success
2600* >0 f/w reported error - f/w status code
2601* <0 driver reported error
2602*
2603* Side effects:
2604*
2605* Call context:
2606* process
2607----------------------------------------------------------------*/
2608int
aaad4303 2609hfa384x_drvr_ramdl_write(hfa384x_t *hw, u32 daddr, void* buf, u32 len)
00b3ed16
GKH		 2610{
2611 int result = 0;
2612 int nwrites;
aaad4303 2613 u8 *data = buf;
00b3ed16 2614 int i;
aaad4303
SP		 2615 u32 curraddr;
2616 u16 currpage;
2617 u16 curroffset;
2618 u16 currlen;
8a251b55 2619
00b3ed16
GKH		 2620 /* Check that we're in the ram download state */
2621 if ( hw->dlstate != HFA384x_DLSTATE_RAMENABLED ) {
2622 return -EINVAL;
2623 }
2624
350f2f4b 2625 printk(KERN_INFO "Writing %d bytes to ram @0x%06x\n", len, daddr);
00b3ed16
GKH		 2626
2627 /* How many dowmem calls? */
2628 nwrites = len / HFA384x_USB_RWMEM_MAXLEN;
2629 nwrites += len % HFA384x_USB_RWMEM_MAXLEN ? 1 : 0;
2630
2631 /* Do blocking wmem's */
2632 for(i=0; i < nwrites; i++) {
2633 /* make address args */
2634 curraddr = daddr + (i * HFA384x_USB_RWMEM_MAXLEN);
2635 currpage = HFA384x_ADDR_CMD_MKPAGE(curraddr);
2636 curroffset = HFA384x_ADDR_CMD_MKOFF(curraddr);
2637 currlen = len - (i * HFA384x_USB_RWMEM_MAXLEN);
2638 if ( currlen > HFA384x_USB_RWMEM_MAXLEN) {
2639 currlen = HFA384x_USB_RWMEM_MAXLEN;
2640 }
2641
2642 /* Do blocking ctlx */
2643 result = hfa384x_dowmem_wait( hw,
2644 currpage,
2645 curroffset,
2646 data + (i*HFA384x_USB_RWMEM_MAXLEN),
2647 currlen );
2648
2649 if (result) break;
2650
2651 /* TODO: We really should have a readback. */
2652 }
2653
00b3ed16
GKH		 2654 return result;
2655}
2656
2657
2658/*----------------------------------------------------------------
2659* hfa384x_drvr_readpda
2660*
2661* Performs the sequence to read the PDA space. Note there is no
2662* drvr_writepda() function. Writing a PDA is
2663* generally implemented by a calling component via calls to
2664* cmd_download and writing to the flash download buffer via the
2665* aux regs.
2666*
2667* Arguments:
2668* hw device structure
2669* buf buffer to store PDA in
2670* len buffer length
2671*
2672* Returns:
2673* 0 success
2674* >0 f/w reported error - f/w status code
2675* <0 driver reported error
2676* -ETIMEOUT timout waiting for the cmd regs to become
2677* available, or waiting for the control reg
2678* to indicate the Aux port is enabled.
2679* -ENODATA the buffer does NOT contain a valid PDA.
2680* Either the card PDA is bad, or the auxdata
2681* reads are giving us garbage.
2682
2683*
2684* Side effects:
2685*
2686* Call context:
2687* process or non-card interrupt.
2688----------------------------------------------------------------*/
aaad4303 2689int hfa384x_drvr_readpda(hfa384x_t *hw, void *buf, unsigned int len)
00b3ed16
GKH		 2690{
2691 int result = 0;
aaad4303 2692 u16 *pda = buf;
00b3ed16
GKH		 2693 int pdaok = 0;
2694 int morepdrs = 1;
2695 int currpdr = 0; /* word offset of the current pdr */
2696 size_t i;
aaad4303
SP		 2697 u16 pdrlen; /* pdr length in bytes, host order */
2698 u16 pdrcode; /* pdr code, host order */
2699 u16 currpage;
2700 u16 curroffset;
00b3ed16 2701 struct pdaloc {
aaad4303
SP		 2702 u32 cardaddr;
2703 u16 auxctl;
00b3ed16
GKH		 2704 } pdaloc[] =
2705 {
2706 { HFA3842_PDA_BASE, 0},
2707 { HFA3841_PDA_BASE, 0},
2708 { HFA3841_PDA_BOGUS_BASE, 0}
2709 };
2710
00b3ed16
GKH		 2711 /* Read the pda from each known address. */
2712 for ( i = 0; i < ARRAY_SIZE(pdaloc); i++) {
2713 /* Make address */
2714 currpage = HFA384x_ADDR_CMD_MKPAGE(pdaloc[i].cardaddr);
2715 curroffset = HFA384x_ADDR_CMD_MKOFF(pdaloc[i].cardaddr);
2716
2717 result = hfa384x_dormem_wait(hw,
2718 currpage,
2719 curroffset,
2720 buf,
2721 len); /* units of bytes */
2722
2723 if (result) {
9b9556ec 2724 printk(KERN_WARNING
00b3ed16
GKH		 2725 "Read from index %zd failed, continuing\n",
2726 i );
2727 continue;
2728 }
2729
2730 /* Test for garbage */
2731 pdaok = 1; /* initially assume good */
2732 morepdrs = 1;
2733 while ( pdaok && morepdrs ) {
2734 pdrlen = hfa384x2host_16(pda[currpdr]) * 2;
2735 pdrcode = hfa384x2host_16(pda[currpdr+1]);
2736 /* Test the record length */
2737 if ( pdrlen > HFA384x_PDR_LEN_MAX || pdrlen == 0) {
edbd606c 2738 printk(KERN_ERR "pdrlen invalid=%d\n",
00b3ed16
GKH		 2739 pdrlen);
2740 pdaok = 0;
2741 break;
2742 }
2743 /* Test the code */
2744 if ( !hfa384x_isgood_pdrcode(pdrcode) ) {
edbd606c 2745 printk(KERN_ERR "pdrcode invalid=%d\n",
00b3ed16
GKH		 2746 pdrcode);
2747 pdaok = 0;
2748 break;
2749 }
2750 /* Test for completion */
2751 if ( pdrcode == HFA384x_PDR_END_OF_PDA) {
2752 morepdrs = 0;
2753 }
2754
2755 /* Move to the next pdr (if necessary) */
2756 if ( morepdrs ) {
2757 /* note the access to pda[], need words here */
2758 currpdr += hfa384x2host_16(pda[currpdr]) + 1;
2759 }
2760 }
2761 if ( pdaok ) {
350f2f4b 2762 printk(KERN_INFO
00b3ed16
GKH		 2763 "PDA Read from 0x%08x in %s space.\n",
2764 pdaloc[i].cardaddr,
2765 pdaloc[i].auxctl == 0 ? "EXTDS" :
2766 pdaloc[i].auxctl == 1 ? "NV" :
2767 pdaloc[i].auxctl == 2 ? "PHY" :
2768 pdaloc[i].auxctl == 3 ? "ICSRAM" :
2769 "<bogus auxctl>");
2770 break;
2771 }
2772 }
2773 result = pdaok ? 0 : -ENODATA;
2774
2775 if ( result ) {
a7cf7bae 2776 pr_debug("Failure: pda is not okay\n");
00b3ed16
GKH		 2777 }
2778
00b3ed16
GKH		 2779 return result;
2780}
2781
2782
2783/*----------------------------------------------------------------
2784* hfa384x_drvr_setconfig
2785*
2786* Performs the sequence necessary to write a config/info item.
2787*
2788* Arguments:
2789* hw device structure
2790* rid config/info record id (in host order)
2791* buf host side record buffer
2792* len buffer length (in bytes)
2793*
2794* Returns:
2795* 0 success
2796* >0 f/w reported error - f/w status code
2797* <0 driver reported error
2798*
2799* Side effects:
2800*
2801* Call context:
2802* process
2803----------------------------------------------------------------*/
aaad4303 2804int hfa384x_drvr_setconfig(hfa384x_t *hw, u16 rid, void *buf, u16 len)
00b3ed16
GKH		 2805{
2806 return hfa384x_dowrid_wait(hw, rid, buf, len);
2807}
2808
2809/*----------------------------------------------------------------
2810* hfa384x_drvr_start
2811*
2812* Issues the MAC initialize command, sets up some data structures,
2813* and enables the interrupts. After this function completes, the
2814* low-level stuff should be ready for any/all commands.
2815*
2816* Arguments:
2817* hw device structure
2818* Returns:
2819* 0 success
2820* >0 f/w reported error - f/w status code
2821* <0 driver reported error
2822*
2823* Side effects:
2824*
2825* Call context:
2826* process
2827----------------------------------------------------------------*/
7b7e7e84 2828
00b3ed16
GKH		 2829int hfa384x_drvr_start(hfa384x_t *hw)
2830{
7b7e7e84
RK		 2831 int result, result1, result2;
2832 u16 status;
00b3ed16
GKH		 2833
2834 might_sleep();
2835
7b7e7e84
RK		 2836 /* Clear endpoint stalls - but only do this if the endpoint
2837 * is showing a stall status. Some prism2 cards seem to behave
2838 * badly if a clear_halt is called when the endpoint is already
2839 * ok
2840 */
2841 result = usb_get_status(hw->usb, USB_RECIP_ENDPOINT, hw->endp_in, &status);
2842 if (result < 0) {
edbd606c 2843 printk(KERN_ERR
7b7e7e84
RK		 2844 "Cannot get bulk in endpoint status.\n");
2845 goto done;
2846 }
2847 if ((status == 1) && usb_clear_halt(hw->usb, hw->endp_in)) {
edbd606c 2848 printk(KERN_ERR
00b3ed16
GKH		 2849 "Failed to reset bulk in endpoint.\n");
2850 }
2851
7b7e7e84
RK		 2852 result = usb_get_status(hw->usb, USB_RECIP_ENDPOINT, hw->endp_out, &status);
2853 if (result < 0) {
edbd606c 2854 printk(KERN_ERR
7b7e7e84
RK		 2855 "Cannot get bulk out endpoint status.\n");
2856 goto done;
2857 }
2858 if ((status == 1) && usb_clear_halt(hw->usb, hw->endp_out)) {
edbd606c 2859 printk(KERN_ERR
00b3ed16
GKH		 2860 "Failed to reset bulk out endpoint.\n");
2861 }
2862
2863 /* Synchronous unlink, in case we're trying to restart the driver */
2864 usb_kill_urb(&hw->rx_urb);
2865
2866 /* Post the IN urb */
2867 result = submit_rx_urb(hw, GFP_KERNEL);
2868 if (result != 0) {
edbd606c 2869 printk(KERN_ERR
00b3ed16
GKH		 2870 "Fatal, failed to submit RX URB, result=%d\n",
2871 result);
2872 goto done;
2873 }
2874
7b7e7e84
RK		 2875 /* Call initialize twice, with a 1 second sleep in between.
2876 * This is a nasty work-around since many prism2 cards seem to
2877 * need time to settle after an init from cold. The second
2878 * call to initialize in theory is not necessary - but we call
2879 * it anyway as a double insurance policy:
2880 * 1) If the first init should fail, the second may well succeed
2881 * and the card can still be used
2882 * 2) It helps ensures all is well with the card after the first
2883 * init and settle time.
2884 */
2885 result1 = hfa384x_cmd_initialize(hw);
2886 msleep(1000);
2887 result = result2 = hfa384x_cmd_initialize(hw);
2888 if (result1 != 0) {
2889 if (result2 != 0) {
edbd606c 2890 printk(KERN_ERR
7b7e7e84
RK		 2891 "cmd_initialize() failed on two attempts, results %d and %d\n",
2892 result1, result2);
2893 usb_kill_urb(&hw->rx_urb);
2894 goto done;
2895 } else {
a7cf7bae 2896 pr_debug("First cmd_initialize() failed (result %d),\n",
7b7e7e84 2897 result1);
a7cf7bae 2898 pr_debug("but second attempt succeeded. All should be ok\n");
7b7e7e84
RK		 2899 }
2900 } else if (result2 != 0) {
9b9556ec 2901 printk(KERN_WARNING
7b7e7e84
RK		 2902 "First cmd_initialize() succeeded, but second attempt failed (result=%d)\n",
2903 result2);
9b9556ec 2904 printk(KERN_WARNING "Most likely the card will be functional\n");
7b7e7e84 2905 goto done;
00b3ed16
GKH		 2906 }
2907
2908 hw->state = HFA384x_STATE_RUNNING;
2909
2910done:
00b3ed16
GKH		 2911 return result;
2912}
2913
2914
2915/*----------------------------------------------------------------
2916* hfa384x_drvr_stop
2917*
2918* Shuts down the MAC to the point where it is safe to unload the
2919* driver. Any subsystem that may be holding a data or function
2920* ptr into the driver must be cleared/deinitialized.
2921*
2922* Arguments:
2923* hw device structure
2924* Returns:
2925* 0 success
2926* >0 f/w reported error - f/w status code
2927* <0 driver reported error
2928*
2929* Side effects:
2930*
2931* Call context:
2932* process
2933----------------------------------------------------------------*/
2934int
2935hfa384x_drvr_stop(hfa384x_t *hw)
2936{
2937 int result = 0;
2938 int i;
00b3ed16
GKH		 2939
2940 might_sleep();
2941
2942 /* There's no need for spinlocks here. The USB "disconnect"
2943 * function sets this "removed" flag and then calls us.
2944 */
2945 if ( !hw->wlandev->hwremoved ) {
2946 /* Call initialize to leave the MAC in its 'reset' state */
2947 hfa384x_cmd_initialize(hw);
2948
2949 /* Cancel the rxurb */
2950 usb_kill_urb(&hw->rx_urb);
2951 }
2952
2953 hw->link_status = HFA384x_LINK_NOTCONNECTED;
2954 hw->state = HFA384x_STATE_INIT;
2955
2956 del_timer_sync(&hw->commsqual_timer);
2957
2958 /* Clear all the port status */
2959 for ( i = 0; i < HFA384x_NUMPORTS_MAX; i++) {
2960 hw->port_enabled[i] = 0;
2961 }
2962
00b3ed16
GKH		 2963 return result;
2964}
2965
2966/*----------------------------------------------------------------
2967* hfa384x_drvr_txframe
2968*
2969* Takes a frame from prism2sta and queues it for transmission.
2970*
2971* Arguments:
2972* hw device structure
2973* skb packet buffer struct. Contains an 802.11
2974* data frame.
2975* p80211_hdr points to the 802.11 header for the packet.
2976* Returns:
2977* 0 Success and more buffs available
2978* 1 Success but no more buffs
2979* 2 Allocation failure
2980* 4 Buffer full or queue busy
2981*
2982* Side effects:
2983*
2984* Call context:
2985* interrupt
2986----------------------------------------------------------------*/
2987int hfa384x_drvr_txframe(hfa384x_t *hw, struct sk_buff *skb, p80211_hdr_t *p80211_hdr, p80211_metawep_t *p80211_wep)
2988
2989{
2990 int usbpktlen = sizeof(hfa384x_tx_frame_t);
2991 int result;
2992 int ret;
2993 char *ptr;
2994
00b3ed16 2995 if (hw->tx_urb.status == -EINPROGRESS) {
9b9556ec 2996 printk(KERN_WARNING "TX URB already in use\n");
00b3ed16
GKH		 2997 result = 3;
2998 goto exit;
2999 }
3000
3001 /* Build Tx frame structure */
3002 /* Set up the control field */
3003 memset(&hw->txbuff.txfrm.desc, 0, sizeof(hw->txbuff.txfrm.desc));
3004
3005 /* Setup the usb type field */
3006 hw->txbuff.type = host2hfa384x_16(HFA384x_USB_TXFRM);
3007
3008 /* Set up the sw_support field to identify this frame */
3009 hw->txbuff.txfrm.desc.sw_support = 0x0123;
3010
3011/* Tx complete and Tx exception disable per dleach. Might be causing
3012 * buf depletion
3013 */
3014//#define DOEXC SLP -- doboth breaks horribly under load, doexc less so.
3015#if defined(DOBOTH)
3016 hw->txbuff.txfrm.desc.tx_control =
3017 HFA384x_TX_MACPORT_SET(0) | HFA384x_TX_STRUCTYPE_SET(1) |
3018 HFA384x_TX_TXEX_SET(1) | HFA384x_TX_TXOK_SET(1);
3019#elif defined(DOEXC)
3020 hw->txbuff.txfrm.desc.tx_control =
3021 HFA384x_TX_MACPORT_SET(0) | HFA384x_TX_STRUCTYPE_SET(1) |
3022 HFA384x_TX_TXEX_SET(1) | HFA384x_TX_TXOK_SET(0);
3023#else
3024 hw->txbuff.txfrm.desc.tx_control =
3025 HFA384x_TX_MACPORT_SET(0) | HFA384x_TX_STRUCTYPE_SET(1) |
3026 HFA384x_TX_TXEX_SET(0) | HFA384x_TX_TXOK_SET(0);
3027#endif
3028 hw->txbuff.txfrm.desc.tx_control =
3029 host2hfa384x_16(hw->txbuff.txfrm.desc.tx_control);
3030
3031 /* copy the header over to the txdesc */
3032 memcpy(&(hw->txbuff.txfrm.desc.frame_control), p80211_hdr, sizeof(p80211_hdr_t));
3033
3034 /* if we're using host WEP, increase size by IV+ICV */
3035 if (p80211_wep->data) {
3036 hw->txbuff.txfrm.desc.data_len = host2hfa384x_16(skb->len+8);
00b3ed16
GKH		 3037 usbpktlen+=8;
3038 } else {
3039 hw->txbuff.txfrm.desc.data_len = host2hfa384x_16(skb->len);
3040 }
3041
3042 usbpktlen += skb->len;
3043
3044 /* copy over the WEP IV if we are using host WEP */
3045 ptr = hw->txbuff.txfrm.data;
3046 if (p80211_wep->data) {
3047 memcpy(ptr, p80211_wep->iv, sizeof(p80211_wep->iv));
3048 ptr+= sizeof(p80211_wep->iv);
3049 memcpy(ptr, p80211_wep->data, skb->len);
3050 } else {
3051 memcpy(ptr, skb->data, skb->len);
3052 }
3053 /* copy over the packet data */
3054 ptr+= skb->len;
3055
3056 /* copy over the WEP ICV if we are using host WEP */
3057 if (p80211_wep->data) {
3058 memcpy(ptr, p80211_wep->icv, sizeof(p80211_wep->icv));
3059 }
3060
3061 /* Send the USB packet */
3062 usb_fill_bulk_urb( &(hw->tx_urb), hw->usb,
3063 hw->endp_out,
3064 &(hw->txbuff), ROUNDUP64(usbpktlen),
3065 hfa384x_usbout_callback, hw->wlandev );
3066 hw->tx_urb.transfer_flags |= USB_QUEUE_BULK;
3067
3068 result = 1;
3069 ret = submit_tx_urb(hw, &hw->tx_urb, GFP_ATOMIC);
3070 if ( ret != 0 ) {
edbd606c 3071 printk(KERN_ERR
00b3ed16
GKH		 3072 "submit_tx_urb() failed, error=%d\n", ret);
3073 result = 3;
3074 }
3075
3076 exit:
00b3ed16
GKH		 3077 return result;
3078}
3079
3080void hfa384x_tx_timeout(wlandevice_t *wlandev)
3081{
3082 hfa384x_t *hw = wlandev->priv;
3083 unsigned long flags;
3084
00b3ed16
GKH		 3085 spin_lock_irqsave(&hw->ctlxq.lock, flags);
3086
3087 if ( !hw->wlandev->hwremoved &&
3088 /* Note the bitwise OR, not the logical OR. */
3089 ( !test_and_set_bit(WORK_TX_HALT, &hw->usb_flags) |
3090 !test_and_set_bit(WORK_RX_HALT, &hw->usb_flags) ) )
3091 {
3092 schedule_work(&hw->usb_work);
3093 }
3094
3095 spin_unlock_irqrestore(&hw->ctlxq.lock, flags);
00b3ed16
GKH		 3096}
3097
3098/*----------------------------------------------------------------
3099* hfa384x_usbctlx_reaper_task
3100*
3101* Tasklet to delete dead CTLX objects
3102*
3103* Arguments:
3104* data ptr to a hfa384x_t
3105*
3106* Returns:
3107*
3108* Call context:
3109* Interrupt
3110----------------------------------------------------------------*/
3111static void hfa384x_usbctlx_reaper_task(unsigned long data)
3112{
3113 hfa384x_t *hw = (hfa384x_t*)data;
3114 struct list_head *entry;
3115 struct list_head *temp;
3116 unsigned long flags;
3117
00b3ed16
GKH		 3118 spin_lock_irqsave(&hw->ctlxq.lock, flags);
3119
3120 /* This list is guaranteed to be empty if someone
3121 * has unplugged the adapter.
3122 */
3123 list_for_each_safe(entry, temp, &hw->ctlxq.reapable) {
3124 hfa384x_usbctlx_t *ctlx;
3125
3126 ctlx = list_entry(entry, hfa384x_usbctlx_t, list);
3127 list_del(&ctlx->list);
3128 kfree(ctlx);
3129 }
3130
3131 spin_unlock_irqrestore(&hw->ctlxq.lock, flags);
3132
00b3ed16
GKH		 3133}
3134
3135/*----------------------------------------------------------------
3136* hfa384x_usbctlx_completion_task
3137*
3138* Tasklet to call completion handlers for returned CTLXs
3139*
3140* Arguments:
3141* data ptr to hfa384x_t
3142*
3143* Returns:
3144* Nothing
3145*
3146* Call context:
3147* Interrupt
3148----------------------------------------------------------------*/
3149static void hfa384x_usbctlx_completion_task(unsigned long data)
3150{
3151 hfa384x_t *hw = (hfa384x_t*)data;
3152 struct list_head *entry;
3153 struct list_head *temp;
3154 unsigned long flags;
3155
3156 int reap = 0;
3157
00b3ed16
GKH		 3158 spin_lock_irqsave(&hw->ctlxq.lock, flags);
3159
3160 /* This list is guaranteed to be empty if someone
3161 * has unplugged the adapter ...
3162 */
3163 list_for_each_safe(entry, temp, &hw->ctlxq.completing) {
3164 hfa384x_usbctlx_t *ctlx;
3165
3166 ctlx = list_entry(entry, hfa384x_usbctlx_t, list);
3167
3168 /* Call the completion function that this
3169 * command was assigned, assuming it has one.
3170 */
3171 if ( ctlx->cmdcb != NULL ) {
3172 spin_unlock_irqrestore(&hw->ctlxq.lock, flags);
3173 ctlx->cmdcb(hw, ctlx);
3174 spin_lock_irqsave(&hw->ctlxq.lock, flags);
3175
3176 /* Make sure we don't try and complete
3177 * this CTLX more than once!
3178 */
3179 ctlx->cmdcb = NULL;
3180
3181 /* Did someone yank the adapter out
3182 * while our list was (briefly) unlocked?
3183 */
3184 if ( hw->wlandev->hwremoved )
3185 {
3186 reap = 0;
3187 break;
3188 }
3189 }
3190
3191 /*
3192 * "Reapable" CTLXs are ones which don't have any
3193 * threads waiting for them to die. Hence they must
3194 * be delivered to The Reaper!
3195 */
3196 if ( ctlx->reapable ) {
3197 /* Move the CTLX off the "completing" list (hopefully)
3198 * on to the "reapable" list where the reaper task
3199 * can find it. And "reapable" means that this CTLX
3200 * isn't sitting on a wait-queue somewhere.
3201 */
3202 list_move_tail(&ctlx->list, &hw->ctlxq.reapable);
3203 reap = 1;
3204 }
3205
3206 complete(&ctlx->done);
3207 }
3208 spin_unlock_irqrestore(&hw->ctlxq.lock, flags);
3209
3210 if (reap)
3211 tasklet_schedule(&hw->reaper_bh);
00b3ed16
GKH		 3212}
3213
3214/*----------------------------------------------------------------
3215* unlocked_usbctlx_cancel_async
3216*
3217* Mark the CTLX dead asynchronously, and ensure that the
3218* next command on the queue is run afterwards.
3219*
3220* Arguments:
3221* hw ptr to the hfa384x_t structure
3222* ctlx ptr to a CTLX structure
3223*
3224* Returns:
3225* 0 the CTLX's URB is inactive
3226* -EINPROGRESS the URB is currently being unlinked
3227*
3228* Call context:
3229* Either process or interrupt, but presumably interrupt
3230----------------------------------------------------------------*/
3231static int unlocked_usbctlx_cancel_async(hfa384x_t *hw, hfa384x_usbctlx_t *ctlx)
3232{
3233 int ret;
3234
00b3ed16
GKH		 3235 /*
3236 * Try to delete the URB containing our request packet.
3237 * If we succeed, then its completion handler will be
3238 * called with a status of -ECONNRESET.
3239 */
3240 hw->ctlx_urb.transfer_flags |= URB_ASYNC_UNLINK;
3241 ret = usb_unlink_urb(&hw->ctlx_urb);
3242
3243 if (ret != -EINPROGRESS) {
3244 /*
3245 * The OUT URB had either already completed
3246 * or was still in the pending queue, so the
3247 * URB's completion function will not be called.
3248 * We will have to complete the CTLX ourselves.
3249 */
3250 ctlx->state = CTLX_REQ_FAILED;
3251 unlocked_usbctlx_complete(hw, ctlx);
3252 ret = 0;
3253 }
3254
00b3ed16
GKH		 3255 return ret;
3256}
3257
3258/*----------------------------------------------------------------
3259* unlocked_usbctlx_complete
3260*
3261* A CTLX has completed. It may have been successful, it may not
3262* have been. At this point, the CTLX should be quiescent. The URBs
3263* aren't active and the timers should have been stopped.
3264*
3265* The CTLX is migrated to the "completing" queue, and the completing
3266* tasklet is scheduled.
3267*
3268* Arguments:
3269* hw ptr to a hfa384x_t structure
3270* ctlx ptr to a ctlx structure
3271*
3272* Returns:
3273* nothing
3274*
3275* Side effects:
3276*
3277* Call context:
3278* Either, assume interrupt
3279----------------------------------------------------------------*/
3280static void unlocked_usbctlx_complete(hfa384x_t *hw, hfa384x_usbctlx_t *ctlx)
3281{
00b3ed16
GKH		 3282 /* Timers have been stopped, and ctlx should be in
3283 * a terminal state. Retire it from the "active"
3284 * queue.
3285 */
3286 list_move_tail(&ctlx->list, &hw->ctlxq.completing);
3287 tasklet_schedule(&hw->completion_bh);
3288
3289 switch (ctlx->state) {
3290 case CTLX_COMPLETE:
3291 case CTLX_REQ_FAILED:
3292 /* This are the correct terminating states. */
3293 break;
3294
3295 default:
edbd606c 3296 printk(KERN_ERR "CTLX[%d] not in a terminating state(%s)\n",
00b3ed16
GKH		 3297 hfa384x2host_16(ctlx->outbuf.type),
3298 ctlxstr(ctlx->state));
3299 break;
3300 } /* switch */
00b3ed16
GKH		 3301}
3302
3303/*----------------------------------------------------------------
3304* hfa384x_usbctlxq_run
3305*
3306* Checks to see if the head item is running. If not, starts it.
3307*
3308* Arguments:
3309* hw ptr to hfa384x_t
3310*
3311* Returns:
3312* nothing
3313*
3314* Side effects:
3315*
3316* Call context:
3317* any
3318----------------------------------------------------------------*/
3319static void
3320hfa384x_usbctlxq_run(hfa384x_t *hw)
3321{
3322 unsigned long flags;
00b3ed16
GKH		 3323
3324 /* acquire lock */
3325 spin_lock_irqsave(&hw->ctlxq.lock, flags);
3326
3327 /* Only one active CTLX at any one time, because there's no
3328 * other (reliable) way to match the response URB to the
3329 * correct CTLX.
3330 *
3331 * Don't touch any of these CTLXs if the hardware
3332 * has been removed or the USB subsystem is stalled.
3333 */
3334 if ( !list_empty(&hw->ctlxq.active) ||
3335 test_bit(WORK_TX_HALT, &hw->usb_flags) ||
3336 hw->wlandev->hwremoved )
3337 goto unlock;
3338
3339 while ( !list_empty(&hw->ctlxq.pending) ) {
3340 hfa384x_usbctlx_t *head;
3341 int result;
3342
3343 /* This is the first pending command */
3344 head = list_entry(hw->ctlxq.pending.next,
3345 hfa384x_usbctlx_t,
3346 list);
3347
3348 /* We need to split this off to avoid a race condition */
3349 list_move_tail(&head->list, &hw->ctlxq.active);
3350
3351 /* Fill the out packet */
3352 usb_fill_bulk_urb( &(hw->ctlx_urb), hw->usb,
3353 hw->endp_out,
3354 &(head->outbuf), ROUNDUP64(head->outbufsize),
3355 hfa384x_ctlxout_callback, hw);
3356 hw->ctlx_urb.transfer_flags |= USB_QUEUE_BULK;
3357
3358 /* Now submit the URB and update the CTLX's state
3359 */
3360 if ((result = SUBMIT_URB(&hw->ctlx_urb, GFP_ATOMIC)) == 0) {
3361 /* This CTLX is now running on the active queue */
3362 head->state = CTLX_REQ_SUBMITTED;
3363
3364 /* Start the OUT wait timer */
3365 hw->req_timer_done = 0;
3366 hw->reqtimer.expires = jiffies + HZ;
3367 add_timer(&hw->reqtimer);
3368
3369 /* Start the IN wait timer */
3370 hw->resp_timer_done = 0;
3371 hw->resptimer.expires = jiffies + 2*HZ;
3372 add_timer(&hw->resptimer);
3373
3374 break;
3375 }
3376
3377 if (result == -EPIPE) {
3378 /* The OUT pipe needs resetting, so put
3379 * this CTLX back in the "pending" queue
3380 * and schedule a reset ...
3381 */
9b9556ec 3382 printk(KERN_WARNING "%s tx pipe stalled: requesting reset\n",
00b3ed16
GKH		 3383 hw->wlandev->netdev->name);
3384 list_move(&head->list, &hw->ctlxq.pending);
3385 set_bit(WORK_TX_HALT, &hw->usb_flags);
3386 schedule_work(&hw->usb_work);
3387 break;
3388 }
3389
3390 if (result == -ESHUTDOWN) {
9b9556ec 3391 printk(KERN_WARNING "%s urb shutdown!\n",
00b3ed16
GKH		 3392 hw->wlandev->netdev->name);
3393 break;
3394 }
3395
edbd606c 3396 printk(KERN_ERR "Failed to submit CTLX[%d]: error=%d\n",
00b3ed16
GKH		 3397 hfa384x2host_16(head->outbuf.type), result);
3398 unlocked_usbctlx_complete(hw, head);
3399 } /* while */
3400
3401 unlock:
3402 spin_unlock_irqrestore(&hw->ctlxq.lock, flags);
00b3ed16
GKH		 3403}
3404
3405
3406/*----------------------------------------------------------------
3407* hfa384x_usbin_callback
3408*
3409* Callback for URBs on the BULKIN endpoint.
3410*
3411* Arguments:
3412* urb ptr to the completed urb
3413*
3414* Returns:
3415* nothing
3416*
3417* Side effects:
3418*
3419* Call context:
3420* interrupt
3421----------------------------------------------------------------*/
00b3ed16 3422static void hfa384x_usbin_callback(struct urb *urb)
00b3ed16
GKH		 3423{
3424 wlandevice_t *wlandev = urb->context;
3425 hfa384x_t *hw;
3426 hfa384x_usbin_t *usbin = (hfa384x_usbin_t *) urb->transfer_buffer;
3427 struct sk_buff *skb = NULL;
3428 int result;
3429 int urb_status;
aaad4303 3430 u16 type;
00b3ed16
GKH		 3431
3432 enum USBIN_ACTION {
3433 HANDLE,
3434 RESUBMIT,
3435 ABORT
3436 } action;
3437
00b3ed16
GKH		 3438 if ( !wlandev ||
3439 !wlandev->netdev ||
8636cded 3440 wlandev->hwremoved )
00b3ed16
GKH		 3441 goto exit;
3442
3443 hw = wlandev->priv;
3444 if (!hw)
3445 goto exit;
3446
3447 skb = hw->rx_urb_skb;
3448 if (!skb || (skb->data != urb->transfer_buffer)) {
3449 BUG();
3450 }
3451 hw->rx_urb_skb = NULL;
3452
3453 /* Check for error conditions within the URB */
3454 switch (urb->status) {
3455 case 0:
3456 action = HANDLE;
3457
3458 /* Check for short packet */
3459 if ( urb->actual_length == 0 ) {
3460 ++(wlandev->linux_stats.rx_errors);
3461 ++(wlandev->linux_stats.rx_length_errors);
3462 action = RESUBMIT;
3463 }
3464 break;
3465
3466 case -EPIPE:
9b9556ec 3467 printk(KERN_WARNING "%s rx pipe stalled: requesting reset\n",
00b3ed16
GKH		 3468 wlandev->netdev->name);
3469 if ( !test_and_set_bit(WORK_RX_HALT, &hw->usb_flags) )
3470 schedule_work(&hw->usb_work);
3471 ++(wlandev->linux_stats.rx_errors);
3472 action = ABORT;
3473 break;
3474
3475 case -EILSEQ:
3476 case -ETIMEDOUT:
3477 case -EPROTO:
3478 if ( !test_and_set_bit(THROTTLE_RX, &hw->usb_flags) &&
3479 !timer_pending(&hw->throttle) ) {
3480 mod_timer(&hw->throttle, jiffies + THROTTLE_JIFFIES);
3481 }
3482 ++(wlandev->linux_stats.rx_errors);
3483 action = ABORT;
3484 break;
3485
3486 case -EOVERFLOW:
3487 ++(wlandev->linux_stats.rx_over_errors);
3488 action = RESUBMIT;
3489 break;
3490
3491 case -ENODEV:
3492 case -ESHUTDOWN:
a7cf7bae 3493 pr_debug("status=%d, device removed.\n", urb->status);
00b3ed16
GKH		 3494 action = ABORT;
3495 break;
3496
3497 case -ENOENT:
3498 case -ECONNRESET:
a7cf7bae 3499 pr_debug("status=%d, urb explicitly unlinked.\n", urb->status);
00b3ed16
GKH		 3500 action = ABORT;
3501 break;
3502
3503 default:
a7cf7bae 3504 pr_debug("urb status=%d, transfer flags=0x%x\n",
00b3ed16
GKH		 3505 urb->status, urb->transfer_flags);
3506 ++(wlandev->linux_stats.rx_errors);
3507 action = RESUBMIT;
3508 break;
3509 }
3510
3511 urb_status = urb->status;
3512
3513 if (action != ABORT) {
3514 /* Repost the RX URB */
3515 result = submit_rx_urb(hw, GFP_ATOMIC);
3516
3517 if (result != 0) {
edbd606c 3518 printk(KERN_ERR
00b3ed16
GKH		 3519 "Fatal, failed to resubmit rx_urb. error=%d\n",
3520 result);
3521 }
3522 }
3523
3524 /* Handle any USB-IN packet */
3525 /* Note: the check of the sw_support field, the type field doesn't
3526 * have bit 12 set like the docs suggest.
3527 */
3528 type = hfa384x2host_16(usbin->type);
3529 if (HFA384x_USB_ISRXFRM(type)) {
3530 if (action == HANDLE) {
3531 if (usbin->txfrm.desc.sw_support == 0x0123) {
3532 hfa384x_usbin_txcompl(wlandev, usbin);
3533 } else {
3534 skb_put(skb, sizeof(*usbin));
3535 hfa384x_usbin_rx(wlandev, skb);
3536 skb = NULL;
3537 }
3538 }
3539 goto exit;
3540 }
3541 if (HFA384x_USB_ISTXFRM(type)) {
3542 if (action == HANDLE)
3543 hfa384x_usbin_txcompl(wlandev, usbin);
3544 goto exit;
3545 }
3546 switch (type) {
3547 case HFA384x_USB_INFOFRM:
3548 if (action == ABORT)
3549 goto exit;
3550 if (action == HANDLE)
3551 hfa384x_usbin_info(wlandev, usbin);
3552 break;
3553
3554 case HFA384x_USB_CMDRESP:
3555 case HFA384x_USB_WRIDRESP:
3556 case HFA384x_USB_RRIDRESP:
3557 case HFA384x_USB_WMEMRESP:
3558 case HFA384x_USB_RMEMRESP:
3559 /* ALWAYS, ALWAYS, ALWAYS handle this CTLX!!!! */
3560 hfa384x_usbin_ctlx(hw, usbin, urb_status);
3561 break;
3562
3563 case HFA384x_USB_BUFAVAIL:
a7cf7bae 3564 pr_debug("Received BUFAVAIL packet, frmlen=%d\n",
00b3ed16
GKH		 3565 usbin->bufavail.frmlen);
3566 break;
3567
3568 case HFA384x_USB_ERROR:
a7cf7bae 3569 pr_debug("Received USB_ERROR packet, errortype=%d\n",
00b3ed16
GKH		 3570 usbin->usberror.errortype);
3571 break;
3572
3573 default:
a7cf7bae 3574 pr_debug("Unrecognized USBIN packet, type=%x, status=%d\n",
00b3ed16
GKH		 3575 usbin->type, urb_status);
3576 break;
3577 } /* switch */
3578
3579exit:
3580
3581 if (skb)
3582 dev_kfree_skb(skb);
00b3ed16
GKH		 3583}
3584
3585
3586/*----------------------------------------------------------------
3587* hfa384x_usbin_ctlx
3588*
3589* We've received a URB containing a Prism2 "response" message.
3590* This message needs to be matched up with a CTLX on the active
3591* queue and our state updated accordingly.
3592*
3593* Arguments:
3594* hw ptr to hfa384x_t
3595* usbin ptr to USB IN packet
3596* urb_status status of this Bulk-In URB
3597*
3598* Returns:
3599* nothing
3600*
3601* Side effects:
3602*
3603* Call context:
3604* interrupt
3605----------------------------------------------------------------*/
3606static void hfa384x_usbin_ctlx(hfa384x_t *hw, hfa384x_usbin_t *usbin,
3607 int urb_status)
3608{
3609 hfa384x_usbctlx_t *ctlx;
3610 int run_queue = 0;
3611 unsigned long flags;
3612
00b3ed16
GKH		 3613retry:
3614 spin_lock_irqsave(&hw->ctlxq.lock, flags);
3615
3616 /* There can be only one CTLX on the active queue
3617 * at any one time, and this is the CTLX that the
3618 * timers are waiting for.
3619 */
3620 if ( list_empty(&hw->ctlxq.active) ) {
3621 goto unlock;
3622 }
3623
3624 /* Remove the "response timeout". It's possible that
3625 * we are already too late, and that the timeout is
3626 * already running. And that's just too bad for us,
3627 * because we could lose our CTLX from the active
3628 * queue here ...
3629 */
3630 if (del_timer(&hw->resptimer) == 0) {
3631 if (hw->resp_timer_done == 0) {
3632 spin_unlock_irqrestore(&hw->ctlxq.lock, flags);
3633 goto retry;
3634 }
3635 }
3636 else {
3637 hw->resp_timer_done = 1;
3638 }
3639
3640 ctlx = get_active_ctlx(hw);
3641
3642 if (urb_status != 0) {
3643 /*
3644 * Bad CTLX, so get rid of it. But we only
3645 * remove it from the active queue if we're no
3646 * longer expecting the OUT URB to complete.
3647 */
3648 if (unlocked_usbctlx_cancel_async(hw, ctlx) == 0)
3649 run_queue = 1;
3650 } else {
aaad4303 3651 const u16 intype = (usbin->type&~host2hfa384x_16(0x8000));
00b3ed16
GKH		 3652
3653 /*
3654 * Check that our message is what we're expecting ...
3655 */
3656 if (ctlx->outbuf.type != intype) {
9b9556ec 3657 printk(KERN_WARNING "Expected IN[%d], received IN[%d] - ignored.\n",
00b3ed16
GKH		 3658 hfa384x2host_16(ctlx->outbuf.type),
3659 hfa384x2host_16(intype));
3660 goto unlock;
3661 }
3662
3663 /* This URB has succeeded, so grab the data ... */
3664 memcpy(&ctlx->inbuf, usbin, sizeof(ctlx->inbuf));
3665
3666 switch (ctlx->state) {
3667 case CTLX_REQ_SUBMITTED:
3668 /*
3669 * We have received our response URB before
3670 * our request has been acknowledged. Odd,
3671 * but our OUT URB is still alive...
3672 */
a7cf7bae 3673 pr_debug("Causality violation: please reboot Universe, or email linux-wlan-devel@lists.linux-wlan.com\n");
00b3ed16
GKH		 3674 ctlx->state = CTLX_RESP_COMPLETE;
3675 break;
3676
3677 case CTLX_REQ_COMPLETE:
3678 /*
3679 * This is the usual path: our request
3680 * has already been acknowledged, and
3681 * now we have received the reply too.
3682 */
3683 ctlx->state = CTLX_COMPLETE;
3684 unlocked_usbctlx_complete(hw, ctlx);
3685 run_queue = 1;
3686 break;
3687
3688 default:
3689 /*
3690 * Throw this CTLX away ...
3691 */
edbd606c 3692 printk(KERN_ERR "Matched IN URB, CTLX[%d] in invalid state(%s)."
00b3ed16
GKH		 3693 " Discarded.\n",
3694 hfa384x2host_16(ctlx->outbuf.type),
3695 ctlxstr(ctlx->state));
3696 if (unlocked_usbctlx_cancel_async(hw, ctlx) == 0)
3697 run_queue = 1;
3698 break;
3699 } /* switch */
3700 }
3701
3702unlock:
3703 spin_unlock_irqrestore(&hw->ctlxq.lock, flags);
3704
3705 if (run_queue)
3706 hfa384x_usbctlxq_run(hw);
00b3ed16
GKH		 3707}
3708
3709
3710/*----------------------------------------------------------------
3711* hfa384x_usbin_txcompl
3712*
3713* At this point we have the results of a previous transmit.
3714*
3715* Arguments:
3716* wlandev wlan device
3717* usbin ptr to the usb transfer buffer
3718*
3719* Returns:
3720* nothing
3721*
3722* Side effects:
3723*
3724* Call context:
3725* interrupt
3726----------------------------------------------------------------*/
3727static void hfa384x_usbin_txcompl(wlandevice_t *wlandev, hfa384x_usbin_t *usbin)
3728{
aaad4303 3729 u16 status;
00b3ed16
GKH		 3730
3731 status = hfa384x2host_16(usbin->type); /* yeah I know it says type...*/
3732
3733 /* Was there an error? */
3734 if (HFA384x_TXSTATUS_ISERROR(status)) {
3735 prism2sta_ev_txexc(wlandev, status);
3736 } else {
3737 prism2sta_ev_tx(wlandev, status);
3738 }
3739 // prism2sta_ev_alloc(wlandev);
00b3ed16
GKH		 3740}
3741
3742
3743/*----------------------------------------------------------------
3744* hfa384x_usbin_rx
3745*
3746* At this point we have a successful received a rx frame packet.
3747*
3748* Arguments:
3749* wlandev wlan device
3750* usbin ptr to the usb transfer buffer
3751*
3752* Returns:
3753* nothing
3754*
3755* Side effects:
3756*
3757* Call context:
3758* interrupt
3759----------------------------------------------------------------*/
3760static void hfa384x_usbin_rx(wlandevice_t *wlandev, struct sk_buff *skb)
3761{
3762 hfa384x_usbin_t *usbin = (hfa384x_usbin_t *) skb->data;
3763 hfa384x_t *hw = wlandev->priv;
3764 int hdrlen;
3765 p80211_rxmeta_t *rxmeta;
aaad4303
SP		 3766 u16 data_len;
3767 u16 fc;
00b3ed16 3768
00b3ed16
GKH		 3769 /* Byte order convert once up front. */
3770 usbin->rxfrm.desc.status =
3771 hfa384x2host_16(usbin->rxfrm.desc.status);
3772 usbin->rxfrm.desc.time =
3773 hfa384x2host_32(usbin->rxfrm.desc.time);
3774
3775 /* Now handle frame based on port# */
3776 switch( HFA384x_RXSTATUS_MACPORT_GET(usbin->rxfrm.desc.status) )
3777 {
3778 case 0:
ae26230b 3779 fc = le16_to_cpu(usbin->rxfrm.desc.frame_control);
00b3ed16
GKH		 3780
3781 /* If exclude and we receive an unencrypted, drop it */
3782 if ( (wlandev->hostwep & HOSTWEP_EXCLUDEUNENCRYPTED) &&
3783 !WLAN_GET_FC_ISWEP(fc)){
3784 goto done;
3785 }
3786
3787 data_len = hfa384x2host_16(usbin->rxfrm.desc.data_len);
3788
3789 /* How much header data do we have? */
3790 hdrlen = p80211_headerlen(fc);
3791
3792 /* Pull off the descriptor */
3793 skb_pull(skb, sizeof(hfa384x_rx_frame_t));
3794
3795 /* Now shunt the header block up against the data block
3796 * with an "overlapping" copy
3797 */
3798 memmove(skb_push(skb, hdrlen),
3799 &usbin->rxfrm.desc.frame_control,
3800 hdrlen);
3801
3802 skb->dev = wlandev->netdev;
3803 skb->dev->last_rx = jiffies;
3804
3805 /* And set the frame length properly */
3806 skb_trim(skb, data_len + hdrlen);
3807
3808 /* The prism2 series does not return the CRC */
3809 memset(skb_put(skb, WLAN_CRC_LEN), 0xff, WLAN_CRC_LEN);
3810
3811 skb_reset_mac_header(skb);
3812
3813 /* Attach the rxmeta, set some stuff */
3814 p80211skb_rxmeta_attach(wlandev, skb);
3815 rxmeta = P80211SKB_RXMETA(skb);
3816 rxmeta->mactime = usbin->rxfrm.desc.time;
3817 rxmeta->rxrate = usbin->rxfrm.desc.rate;
3818 rxmeta->signal = usbin->rxfrm.desc.signal - hw->dbmadjust;
3819 rxmeta->noise = usbin->rxfrm.desc.silence - hw->dbmadjust;
3820
3821 prism2sta_ev_rx(wlandev, skb);
3822
3823 break;
3824
3825 case 7:
3826 if ( ! HFA384x_RXSTATUS_ISFCSERR(usbin->rxfrm.desc.status) ) {
3827 /* Copy to wlansnif skb */
3828 hfa384x_int_rxmonitor( wlandev, &usbin->rxfrm);
3829 dev_kfree_skb(skb);
3830 } else {
a7cf7bae 3831 pr_debug("Received monitor frame: FCSerr set\n");
00b3ed16
GKH		 3832 }
3833 break;
3834
3835 default:
9b9556ec 3836 printk(KERN_WARNING "Received frame on unsupported port=%d\n",
00b3ed16
GKH		 3837 HFA384x_RXSTATUS_MACPORT_GET(usbin->rxfrm.desc.status) );
3838 goto done;
3839 break;
3840 }
3841
3842done:
00b3ed16
GKH		 3843 return;
3844}
3845
3846/*----------------------------------------------------------------
3847* hfa384x_int_rxmonitor
3848*
3849* Helper function for int_rx. Handles monitor frames.
3850* Note that this function allocates space for the FCS and sets it
3851* to 0xffffffff. The hfa384x doesn't give us the FCS value but the
3852* higher layers expect it. 0xffffffff is used as a flag to indicate
3853* the FCS is bogus.
3854*
3855* Arguments:
3856* wlandev wlan device structure
3857* rxfrm rx descriptor read from card in int_rx
3858*
3859* Returns:
3860* nothing
3861*
3862* Side effects:
3863* Allocates an skb and passes it up via the PF_PACKET interface.
3864* Call context:
3865* interrupt
3866----------------------------------------------------------------*/
3867static void hfa384x_int_rxmonitor( wlandevice_t *wlandev, hfa384x_usb_rxfrm_t *rxfrm)
3868{
3869 hfa384x_rx_frame_t *rxdesc = &(rxfrm->desc);
aaad4303
SP		 3870 unsigned int hdrlen = 0;
3871 unsigned int datalen = 0;
3872 unsigned int skblen = 0;
aaad4303
SP		 3873 u8 *datap;
3874 u16 fc;
00b3ed16
GKH		 3875 struct sk_buff *skb;
3876 hfa384x_t *hw = wlandev->priv;
3877
00b3ed16
GKH		 3878 /* Don't forget the status, time, and data_len fields are in host order */
3879 /* Figure out how big the frame is */
ae26230b 3880 fc = le16_to_cpu(rxdesc->frame_control);
00b3ed16
GKH		 3881 hdrlen = p80211_headerlen(fc);
3882 datalen = hfa384x2host_16(rxdesc->data_len);
3883
3884 /* Allocate an ind message+framesize skb */
cbec30c4 3885 skblen = sizeof(p80211_caphdr_t) +
00b3ed16
GKH		 3886 hdrlen + datalen + WLAN_CRC_LEN;
3887
3888 /* sanity check the length */
3889 if ( skblen >
cbec30c4
SP		 3890 (sizeof(p80211_caphdr_t) +
3891 WLAN_HDR_A4_LEN + WLAN_DATA_MAXLEN + WLAN_CRC_LEN) ) {
a7cf7bae 3892 pr_debug("overlen frm: len=%zd\n",
cbec30c4 3893 skblen - sizeof(p80211_caphdr_t));
00b3ed16
GKH		 3894 }
3895
3896 if ( (skb = dev_alloc_skb(skblen)) == NULL ) {
edbd606c 3897 printk(KERN_ERR "alloc_skb failed trying to allocate %d bytes\n", skblen);
00b3ed16
GKH		 3898 return;
3899 }
3900
3901 /* only prepend the prism header if in the right mode */
3902 if ((wlandev->netdev->type == ARPHRD_IEEE80211_PRISM) &&
cbec30c4 3903 (hw->sniffhdr != 0)) {
00b3ed16
GKH		 3904 p80211_caphdr_t *caphdr;
3905 /* The NEW header format! */
3906 datap = skb_put(skb, sizeof(p80211_caphdr_t));
3907 caphdr = (p80211_caphdr_t*) datap;
3908
3909 caphdr->version = htonl(P80211CAPTURE_VERSION);
3910 caphdr->length = htonl(sizeof(p80211_caphdr_t));
3911 caphdr->mactime = __cpu_to_be64(rxdesc->time) * 1000;
3912 caphdr->hosttime = __cpu_to_be64(jiffies);
3913 caphdr->phytype = htonl(4); /* dss_dot11_b */
3914 caphdr->channel = htonl(hw->sniff_channel);
3915 caphdr->datarate = htonl(rxdesc->rate);
3916 caphdr->antenna = htonl(0); /* unknown */
3917 caphdr->priority = htonl(0); /* unknown */
3918 caphdr->ssi_type = htonl(3); /* rssi_raw */
3919 caphdr->ssi_signal = htonl(rxdesc->signal);
3920 caphdr->ssi_noise = htonl(rxdesc->silence);
3921 caphdr->preamble = htonl(0); /* unknown */
3922 caphdr->encoding = htonl(1); /* cck */
3923 }
3924
3925 /* Copy the 802.11 header to the skb (ctl frames may be less than a full header) */
3926 datap = skb_put(skb, hdrlen);
3927 memcpy( datap, &(rxdesc->frame_control), hdrlen);
3928
3929 /* If any, copy the data from the card to the skb */
3930 if ( datalen > 0 )
3931 {
3932 datap = skb_put(skb, datalen);
3933 memcpy(datap, rxfrm->data, datalen);
3934
3935 /* check for unencrypted stuff if WEP bit set. */
3936 if (*(datap - hdrlen + 1) & 0x40) // wep set
3937 if ((*(datap) == 0xaa) && (*(datap+1) == 0xaa))
3938 *(datap - hdrlen + 1) &= 0xbf; // clear wep; it's the 802.2 header!
3939 }
3940
3941 if (hw->sniff_fcs) {
3942 /* Set the FCS */
3943 datap = skb_put(skb, WLAN_CRC_LEN);
3944 memset( datap, 0xff, WLAN_CRC_LEN);
3945 }
3946
3947 /* pass it back up */
3948 prism2sta_ev_rx(wlandev, skb);
3949
00b3ed16
GKH		 3950 return;
3951}
3952
3953
3954
3955/*----------------------------------------------------------------
3956* hfa384x_usbin_info
3957*
3958* At this point we have a successful received a Prism2 info frame.
3959*
3960* Arguments:
3961* wlandev wlan device
3962* usbin ptr to the usb transfer buffer
3963*
3964* Returns:
3965* nothing
3966*
3967* Side effects:
3968*
3969* Call context:
3970* interrupt
3971----------------------------------------------------------------*/
3972static void hfa384x_usbin_info(wlandevice_t *wlandev, hfa384x_usbin_t *usbin)
3973{
00b3ed16
GKH		 3974 usbin->infofrm.info.framelen = hfa384x2host_16(usbin->infofrm.info.framelen);
3975 prism2sta_ev_info(wlandev, &usbin->infofrm.info);
00b3ed16
GKH		 3976}
3977
3978
3979
3980/*----------------------------------------------------------------
3981* hfa384x_usbout_callback
3982*
3983* Callback for URBs on the BULKOUT endpoint.
3984*
3985* Arguments:
3986* urb ptr to the completed urb
3987*
3988* Returns:
3989* nothing
3990*
3991* Side effects:
3992*
3993* Call context:
3994* interrupt
3995----------------------------------------------------------------*/
00b3ed16 3996static void hfa384x_usbout_callback(struct urb *urb)
00b3ed16
GKH		 3997{
3998 wlandevice_t *wlandev = urb->context;
3999 hfa384x_usbout_t *usbout = urb->transfer_buffer;
00b3ed16
GKH		 4000
4001#ifdef DEBUG_USB
4002 dbprint_urb(urb);
4003#endif
4004
4005 if ( wlandev &&
4006 wlandev->netdev ) {
4007
4008 switch(urb->status) {
4009 case 0:
4010 hfa384x_usbout_tx(wlandev, usbout);
4011 break;
4012
4013 case -EPIPE:
4014 {
4015 hfa384x_t *hw = wlandev->priv;
9b9556ec 4016 printk(KERN_WARNING "%s tx pipe stalled: requesting reset\n",
00b3ed16
GKH		 4017 wlandev->netdev->name);
4018 if ( !test_and_set_bit(WORK_TX_HALT, &hw->usb_flags) )
4019 schedule_work(&hw->usb_work);
4020 ++(wlandev->linux_stats.tx_errors);
4021 break;
4022 }
4023
4024 case -EPROTO:
4025 case -ETIMEDOUT:
4026 case -EILSEQ:
4027 {
4028 hfa384x_t *hw = wlandev->priv;
4029
4030 if ( !test_and_set_bit(THROTTLE_TX, &hw->usb_flags)
4031 && !timer_pending(&hw->throttle) ) {
4032 mod_timer(&hw->throttle,
4033 jiffies + THROTTLE_JIFFIES);
4034 }
4035 ++(wlandev->linux_stats.tx_errors);
4036 netif_stop_queue(wlandev->netdev);
4037 break;
4038 }
4039
4040 case -ENOENT:
4041 case -ESHUTDOWN:
4042 /* Ignorable errors */
4043 break;
4044
4045 default:
350f2f4b 4046 printk(KERN_INFO "unknown urb->status=%d\n", urb->status);
00b3ed16
GKH		 4047 ++(wlandev->linux_stats.tx_errors);
4048 break;
4049 } /* switch */
4050 }
00b3ed16
GKH		 4051}
4052
4053
4054/*----------------------------------------------------------------
4055* hfa384x_ctlxout_callback
4056*
4057* Callback for control data on the BULKOUT endpoint.
4058*
4059* Arguments:
4060* urb ptr to the completed urb
4061*
4062* Returns:
4063* nothing
4064*
4065* Side effects:
4066*
4067* Call context:
4068* interrupt
4069----------------------------------------------------------------*/
00b3ed16 4070static void hfa384x_ctlxout_callback(struct urb *urb)
00b3ed16
GKH		 4071{
4072 hfa384x_t *hw = urb->context;
4073 int delete_resptimer = 0;
4074 int timer_ok = 1;
4075 int run_queue = 0;
4076 hfa384x_usbctlx_t *ctlx;
4077 unsigned long flags;
4078
a7cf7bae 4079 pr_debug("urb->status=%d\n", urb->status);
00b3ed16
GKH		 4080#ifdef DEBUG_USB
4081 dbprint_urb(urb);
4082#endif
4083 if ( (urb->status == -ESHUTDOWN) ||
4084 (urb->status == -ENODEV) ||
4085 (hw == NULL) )
4086 goto done;
4087
4088retry:
4089 spin_lock_irqsave(&hw->ctlxq.lock, flags);
4090
4091 /*
4092 * Only one CTLX at a time on the "active" list, and
4093 * none at all if we are unplugged. However, we can
4094 * rely on the disconnect function to clean everything
4095 * up if someone unplugged the adapter.
4096 */
4097 if ( list_empty(&hw->ctlxq.active) ) {
4098 spin_unlock_irqrestore(&hw->ctlxq.lock, flags);
4099 goto done;
4100 }
4101
4102 /*
4103 * Having something on the "active" queue means
4104 * that we have timers to worry about ...
4105 */
4106 if (del_timer(&hw->reqtimer) == 0) {
4107 if (hw->req_timer_done == 0) {
4108 /*
4109 * This timer was actually running while we
4110 * were trying to delete it. Let it terminate
4111 * gracefully instead.
4112 */
4113 spin_unlock_irqrestore(&hw->ctlxq.lock, flags);
4114 goto retry;
4115 }
4116 }
4117 else {
4118 hw->req_timer_done = 1;
4119 }
4120
4121 ctlx = get_active_ctlx(hw);
4122
4123 if ( urb->status == 0 ) {
4124 /* Request portion of a CTLX is successful */
4125 switch ( ctlx->state ) {
4126 case CTLX_REQ_SUBMITTED:
4127 /* This OUT-ACK received before IN */
4128 ctlx->state = CTLX_REQ_COMPLETE;
4129 break;
4130
4131 case CTLX_RESP_COMPLETE:
4132 /* IN already received before this OUT-ACK,
4133 * so this command must now be complete.
4134 */
4135 ctlx->state = CTLX_COMPLETE;
4136 unlocked_usbctlx_complete(hw, ctlx);
4137 run_queue = 1;
4138 break;
4139
4140 default:
4141 /* This is NOT a valid CTLX "success" state! */
edbd606c 4142 printk(KERN_ERR
00b3ed16
GKH		 4143 "Illegal CTLX[%d] success state(%s, %d) in OUT URB\n",
4144 hfa384x2host_16(ctlx->outbuf.type),
4145 ctlxstr(ctlx->state), urb->status);
4146 break;
4147 } /* switch */
4148 } else {
4149 /* If the pipe has stalled then we need to reset it */
4150 if ( (urb->status == -EPIPE) &&
4151 !test_and_set_bit(WORK_TX_HALT, &hw->usb_flags) ) {
9b9556ec 4152 printk(KERN_WARNING "%s tx pipe stalled: requesting reset\n",
00b3ed16
GKH		 4153 hw->wlandev->netdev->name);
4154 schedule_work(&hw->usb_work);
4155 }
4156
4157 /* If someone cancels the OUT URB then its status
4158 * should be either -ECONNRESET or -ENOENT.
4159 */
4160 ctlx->state = CTLX_REQ_FAILED;
4161 unlocked_usbctlx_complete(hw, ctlx);
4162 delete_resptimer = 1;
4163 run_queue = 1;
4164 }
4165
4166 delresp:
4167 if (delete_resptimer) {
4168 if ((timer_ok = del_timer(&hw->resptimer)) != 0) {
4169 hw->resp_timer_done = 1;
4170 }
4171 }
4172
4173 spin_unlock_irqrestore(&hw->ctlxq.lock, flags);
4174
4175 if ( !timer_ok && (hw->resp_timer_done == 0) ) {
4176 spin_lock_irqsave(&hw->ctlxq.lock, flags);
4177 goto delresp;
4178 }
4179
4180 if (run_queue)
4181 hfa384x_usbctlxq_run(hw);
4182
4183 done:
8a251b55 4184 ;
00b3ed16
GKH		 4185}
4186
4187
4188/*----------------------------------------------------------------
4189* hfa384x_usbctlx_reqtimerfn
4190*
4191* Timer response function for CTLX request timeouts. If this
4192* function is called, it means that the callback for the OUT
4193* URB containing a Prism2.x XXX_Request was never called.
4194*
4195* Arguments:
4196* data a ptr to the hfa384x_t
4197*
4198* Returns:
4199* nothing
4200*
4201* Side effects:
4202*
4203* Call context:
4204* interrupt
4205----------------------------------------------------------------*/
4206static void
4207hfa384x_usbctlx_reqtimerfn(unsigned long data)
4208{
4209 hfa384x_t *hw = (hfa384x_t*)data;
4210 unsigned long flags;
00b3ed16
GKH		 4211
4212 spin_lock_irqsave(&hw->ctlxq.lock, flags);
4213
4214 hw->req_timer_done = 1;
4215
4216 /* Removing the hardware automatically empties
4217 * the active list ...
4218 */
4219 if ( !list_empty(&hw->ctlxq.active) )
4220 {
4221 /*
4222 * We must ensure that our URB is removed from
4223 * the system, if it hasn't already expired.
4224 */
4225 hw->ctlx_urb.transfer_flags |= URB_ASYNC_UNLINK;
4226 if (usb_unlink_urb(&hw->ctlx_urb) == -EINPROGRESS)
4227 {
4228 hfa384x_usbctlx_t *ctlx = get_active_ctlx(hw);
4229
4230 ctlx->state = CTLX_REQ_FAILED;
4231
4232 /* This URB was active, but has now been
4233 * cancelled. It will now have a status of
4234 * -ECONNRESET in the callback function.
4235 *
4236 * We are cancelling this CTLX, so we're
4237 * not going to need to wait for a response.
4238 * The URB's callback function will check
4239 * that this timer is truly dead.
4240 */
4241 if (del_timer(&hw->resptimer) != 0)
4242 hw->resp_timer_done = 1;
4243 }
4244 }
4245
4246 spin_unlock_irqrestore(&hw->ctlxq.lock, flags);
00b3ed16
GKH		 4247}
4248
4249
4250/*----------------------------------------------------------------
4251* hfa384x_usbctlx_resptimerfn
4252*
4253* Timer response function for CTLX response timeouts. If this
4254* function is called, it means that the callback for the IN
4255* URB containing a Prism2.x XXX_Response was never called.
4256*
4257* Arguments:
4258* data a ptr to the hfa384x_t
4259*
4260* Returns:
4261* nothing
4262*
4263* Side effects:
4264*
4265* Call context:
4266* interrupt
4267----------------------------------------------------------------*/
4268static void
4269hfa384x_usbctlx_resptimerfn(unsigned long data)
4270{
4271 hfa384x_t *hw = (hfa384x_t*)data;
4272 unsigned long flags;
4273
00b3ed16
GKH		 4274 spin_lock_irqsave(&hw->ctlxq.lock, flags);
4275
4276 hw->resp_timer_done = 1;
4277
4278 /* The active list will be empty if the
4279 * adapter has been unplugged ...
4280 */
4281 if ( !list_empty(&hw->ctlxq.active) )
4282 {
4283 hfa384x_usbctlx_t *ctlx = get_active_ctlx(hw);
4284
4285 if ( unlocked_usbctlx_cancel_async(hw, ctlx) == 0 )
4286 {
4287 spin_unlock_irqrestore(&hw->ctlxq.lock, flags);
4288 hfa384x_usbctlxq_run(hw);
4289 goto done;
4290 }
4291 }
4292
4293 spin_unlock_irqrestore(&hw->ctlxq.lock, flags);
4294
4295 done:
8a251b55
MM		 4296 ;
4297
00b3ed16
GKH		 4298}
4299
4300/*----------------------------------------------------------------
4301* hfa384x_usb_throttlefn
4302*
4303*
4304* Arguments:
4305* data ptr to hw
4306*
4307* Returns:
4308* Nothing
4309*
4310* Side effects:
4311*
4312* Call context:
4313* Interrupt
4314----------------------------------------------------------------*/
4315static void
4316hfa384x_usb_throttlefn(unsigned long data)
4317{
4318 hfa384x_t *hw = (hfa384x_t*)data;
4319 unsigned long flags;
4320
00b3ed16
GKH		 4321 spin_lock_irqsave(&hw->ctlxq.lock, flags);
4322
4323 /*
4324 * We need to check BOTH the RX and the TX throttle controls,
4325 * so we use the bitwise OR instead of the logical OR.
4326 */
a7cf7bae 4327 pr_debug("flags=0x%lx\n", hw->usb_flags);
00b3ed16
GKH		 4328 if ( !hw->wlandev->hwremoved &&
4329 (
4330 (test_and_clear_bit(THROTTLE_RX, &hw->usb_flags) &&
4331 !test_and_set_bit(WORK_RX_RESUME, &hw->usb_flags))
4332 |
4333 (test_and_clear_bit(THROTTLE_TX, &hw->usb_flags) &&
4334 !test_and_set_bit(WORK_TX_RESUME, &hw->usb_flags))
4335 ) )
4336 {
4337 schedule_work(&hw->usb_work);
4338 }
4339
4340 spin_unlock_irqrestore(&hw->ctlxq.lock, flags);
00b3ed16
GKH		 4341}
4342
4343
4344/*----------------------------------------------------------------
4345* hfa384x_usbctlx_submit
4346*
4347* Called from the doxxx functions to submit a CTLX to the queue
4348*
4349* Arguments:
4350* hw ptr to the hw struct
4351* ctlx ctlx structure to enqueue
4352*
4353* Returns:
4354* -ENODEV if the adapter is unplugged
4355* 0
4356*
4357* Side effects:
4358*
4359* Call context:
4360* process or interrupt
4361----------------------------------------------------------------*/
4362static int
4363hfa384x_usbctlx_submit(
4364 hfa384x_t *hw,
4365 hfa384x_usbctlx_t *ctlx)
4366{
4367 unsigned long flags;
4368 int ret;
4369
00b3ed16
GKH		 4370 spin_lock_irqsave(&hw->ctlxq.lock, flags);
4371
4372 if (hw->wlandev->hwremoved) {
4373 spin_unlock_irqrestore(&hw->ctlxq.lock, flags);
4374 ret = -ENODEV;
4375 } else {
4376 ctlx->state = CTLX_PENDING;
4377 list_add_tail(&ctlx->list, &hw->ctlxq.pending);
4378
4379 spin_unlock_irqrestore(&hw->ctlxq.lock, flags);
4380 hfa384x_usbctlxq_run(hw);
4381 ret = 0;
4382 }
4383
00b3ed16
GKH		 4384 return ret;
4385}
4386
4387
4388/*----------------------------------------------------------------
4389* hfa384x_usbout_tx
4390*
4391* At this point we have finished a send of a frame. Mark the URB
4392* as available and call ev_alloc to notify higher layers we're
4393* ready for more.
4394*
4395* Arguments:
4396* wlandev wlan device
4397* usbout ptr to the usb transfer buffer
4398*
4399* Returns:
4400* nothing
4401*
4402* Side effects:
4403*
4404* Call context:
4405* interrupt
4406----------------------------------------------------------------*/
4407static void hfa384x_usbout_tx(wlandevice_t *wlandev, hfa384x_usbout_t *usbout)
4408{
00b3ed16 4409 prism2sta_ev_alloc(wlandev);
00b3ed16
GKH		 4410}
4411
4412/*----------------------------------------------------------------
4413* hfa384x_isgood_pdrcore
4414*
4415* Quick check of PDR codes.
4416*
4417* Arguments:
4418* pdrcode PDR code number (host order)
4419*
4420* Returns:
4421* zero not good.
4422* one is good.
4423*
4424* Side effects:
4425*
4426* Call context:
4427----------------------------------------------------------------*/
4428static int
aaad4303 4429hfa384x_isgood_pdrcode(u16 pdrcode)
00b3ed16
GKH		 4430{
4431 switch(pdrcode) {
4432 case HFA384x_PDR_END_OF_PDA:
4433 case HFA384x_PDR_PCB_PARTNUM:
4434 case HFA384x_PDR_PDAVER:
4435 case HFA384x_PDR_NIC_SERIAL:
4436 case HFA384x_PDR_MKK_MEASUREMENTS:
4437 case HFA384x_PDR_NIC_RAMSIZE:
4438 case HFA384x_PDR_MFISUPRANGE:
4439 case HFA384x_PDR_CFISUPRANGE:
4440 case HFA384x_PDR_NICID:
4441 case HFA384x_PDR_MAC_ADDRESS:
4442 case HFA384x_PDR_REGDOMAIN:
4443 case HFA384x_PDR_ALLOWED_CHANNEL:
4444 case HFA384x_PDR_DEFAULT_CHANNEL:
4445 case HFA384x_PDR_TEMPTYPE:
4446 case HFA384x_PDR_IFR_SETTING:
4447 case HFA384x_PDR_RFR_SETTING:
4448 case HFA384x_PDR_HFA3861_BASELINE:
4449 case HFA384x_PDR_HFA3861_SHADOW:
4450 case HFA384x_PDR_HFA3861_IFRF:
4451 case HFA384x_PDR_HFA3861_CHCALSP:
4452 case HFA384x_PDR_HFA3861_CHCALI:
4453 case HFA384x_PDR_3842_NIC_CONFIG:
4454 case HFA384x_PDR_USB_ID:
4455 case HFA384x_PDR_PCI_ID:
4456 case HFA384x_PDR_PCI_IFCONF:
4457 case HFA384x_PDR_PCI_PMCONF:
4458 case HFA384x_PDR_RFENRGY:
4459 case HFA384x_PDR_HFA3861_MANF_TESTSP:
4460 case HFA384x_PDR_HFA3861_MANF_TESTI:
4461 /* code is OK */
4462 return 1;
4463 break;
4464 default:
4465 if ( pdrcode < 0x1000 ) {
4466 /* code is OK, but we don't know exactly what it is */
a7cf7bae 4467 pr_debug(
00b3ed16
GKH		 4468 "Encountered unknown PDR#=0x%04x, "
4469 "assuming it's ok.\n",
4470 pdrcode);
4471 return 1;
4472 } else {
4473 /* bad code */
a7cf7bae 4474 pr_debug(
00b3ed16
GKH		 4475 "Encountered unknown PDR#=0x%04x, "
4476 "(>=0x1000), assuming it's bad.\n",
4477 pdrcode);
4478 return 0;
4479 }
4480 break;
4481 }
4482 return 0; /* avoid compiler warnings */
4483}
4484
Linux 6.x block layer and io_uring tree(s)