projects / linux-2.6-block.git / blame_incremental
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (non-incremental) | history | HEAD
mwifiex: pcie: fix cmd_buf use-after-free in remove/reset
[linux-2.6-block.git] / drivers / net / wireless / marvell / mwifiex / main.c
... / ...
CommitLineData
1/*
2 * Marvell Wireless LAN device driver: major functions
3 *
4 * Copyright (C) 2011-2014, Marvell International Ltd.
5 *
6 * This software file (the "File") is distributed by Marvell International
7 * Ltd. under the terms of the GNU General Public License Version 2, June 1991
8 * (the "License"). You may use, redistribute and/or modify this File in
9 * accordance with the terms and conditions of the License, a copy of which
10 * is available by writing to the Free Software Foundation, Inc.,
11 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA or on the
12 * worldwide web at http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt.
13 *
14 * THE FILE IS DISTRIBUTED AS-IS, WITHOUT WARRANTY OF ANY KIND, AND THE
15 * IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE
16 * ARE EXPRESSLY DISCLAIMED. The License provides additional details about
17 * this warranty disclaimer.
18 */
19
20#include <linux/suspend.h>
21
22#include "main.h"
23#include "wmm.h"
24#include "cfg80211.h"
25#include "11n.h"
26
27#define VERSION "1.0"
28#define MFG_FIRMWARE "mwifiex_mfg.bin"
29
30static unsigned int debug_mask = MWIFIEX_DEFAULT_DEBUG_MASK;
31module_param(debug_mask, uint, 0);
32MODULE_PARM_DESC(debug_mask, "bitmap for debug flags");
33
34const char driver_version[] = "mwifiex " VERSION " (%s) ";
35static char *cal_data_cfg;
36module_param(cal_data_cfg, charp, 0);
37
38static unsigned short driver_mode;
39module_param(driver_mode, ushort, 0);
40MODULE_PARM_DESC(driver_mode,
41 "station=0x1(default), ap-sta=0x3, station-p2p=0x5, ap-sta-p2p=0x7");
42
43bool mfg_mode;
44module_param(mfg_mode, bool, 0);
45MODULE_PARM_DESC(mfg_mode, "manufacturing mode enable:1, disable:0");
46
47/*
48 * This function registers the device and performs all the necessary
49 * initializations.
50 *
51 * The following initialization operations are performed -
52 * - Allocate adapter structure
53 * - Save interface specific operations table in adapter
54 * - Call interface specific initialization routine
55 * - Allocate private structures
56 * - Set default adapter structure parameters
57 * - Initialize locks
58 *
59 * In case of any errors during inittialization, this function also ensures
60 * proper cleanup before exiting.
61 */
62static int mwifiex_register(void *card, struct device *dev,
63 struct mwifiex_if_ops *if_ops, void **padapter)
64{
65 struct mwifiex_adapter *adapter;
66 int i;
67
68 adapter = kzalloc(sizeof(struct mwifiex_adapter), GFP_KERNEL);
69 if (!adapter)
70 return -ENOMEM;
71
72 *padapter = adapter;
73 adapter->dev = dev;
74 adapter->card = card;
75
76 /* Save interface specific operations in adapter */
77 memmove(&adapter->if_ops, if_ops, sizeof(struct mwifiex_if_ops));
78 adapter->debug_mask = debug_mask;
79
80 /* card specific initialization has been deferred until now .. */
81 if (adapter->if_ops.init_if)
82 if (adapter->if_ops.init_if(adapter))
83 goto error;
84
85 adapter->priv_num = 0;
86
87 for (i = 0; i < MWIFIEX_MAX_BSS_NUM; i++) {
88 /* Allocate memory for private structure */
89 adapter->priv[i] =
90 kzalloc(sizeof(struct mwifiex_private), GFP_KERNEL);
91 if (!adapter->priv[i])
92 goto error;
93
94 adapter->priv[i]->adapter = adapter;
95 adapter->priv_num++;
96 }
97 mwifiex_init_lock_list(adapter);
98
99 setup_timer(&adapter->cmd_timer, mwifiex_cmd_timeout_func,
100 (unsigned long)adapter);
101
102 return 0;
103
104error:
105 mwifiex_dbg(adapter, ERROR,
106 "info: leave mwifiex_register with error\n");
107
108 for (i = 0; i < adapter->priv_num; i++)
109 kfree(adapter->priv[i]);
110
111 kfree(adapter);
112
113 return -1;
114}
115
116/*
117 * This function unregisters the device and performs all the necessary
118 * cleanups.
119 *
120 * The following cleanup operations are performed -
121 * - Free the timers
122 * - Free beacon buffers
123 * - Free private structures
124 * - Free adapter structure
125 */
126static int mwifiex_unregister(struct mwifiex_adapter *adapter)
127{
128 s32 i;
129
130 if (adapter->if_ops.cleanup_if)
131 adapter->if_ops.cleanup_if(adapter);
132
133 del_timer_sync(&adapter->cmd_timer);
134
135 /* Free private structures */
136 for (i = 0; i < adapter->priv_num; i++) {
137 if (adapter->priv[i]) {
138 mwifiex_free_curr_bcn(adapter->priv[i]);
139 kfree(adapter->priv[i]);
140 }
141 }
142
143 if (adapter->nd_info) {
144 for (i = 0 ; i < adapter->nd_info->n_matches ; i++)
145 kfree(adapter->nd_info->matches[i]);
146 kfree(adapter->nd_info);
147 adapter->nd_info = NULL;
148 }
149
150 kfree(adapter->regd);
151
152 vfree(adapter->chan_stats);
153 kfree(adapter);
154 return 0;
155}
156
157void mwifiex_queue_main_work(struct mwifiex_adapter *adapter)
158{
159 unsigned long flags;
160
161 spin_lock_irqsave(&adapter->main_proc_lock, flags);
162 if (adapter->mwifiex_processing) {
163 adapter->more_task_flag = true;
164 spin_unlock_irqrestore(&adapter->main_proc_lock, flags);
165 } else {
166 spin_unlock_irqrestore(&adapter->main_proc_lock, flags);
167 queue_work(adapter->workqueue, &adapter->main_work);
168 }
169}
170EXPORT_SYMBOL_GPL(mwifiex_queue_main_work);
171
172static void mwifiex_queue_rx_work(struct mwifiex_adapter *adapter)
173{
174 unsigned long flags;
175
176 spin_lock_irqsave(&adapter->rx_proc_lock, flags);
177 if (adapter->rx_processing) {
178 spin_unlock_irqrestore(&adapter->rx_proc_lock, flags);
179 } else {
180 spin_unlock_irqrestore(&adapter->rx_proc_lock, flags);
181 queue_work(adapter->rx_workqueue, &adapter->rx_work);
182 }
183}
184
185static int mwifiex_process_rx(struct mwifiex_adapter *adapter)
186{
187 unsigned long flags;
188 struct sk_buff *skb;
189 struct mwifiex_rxinfo *rx_info;
190
191 spin_lock_irqsave(&adapter->rx_proc_lock, flags);
192 if (adapter->rx_processing || adapter->rx_locked) {
193 spin_unlock_irqrestore(&adapter->rx_proc_lock, flags);
194 goto exit_rx_proc;
195 } else {
196 adapter->rx_processing = true;
197 spin_unlock_irqrestore(&adapter->rx_proc_lock, flags);
198 }
199
200 /* Check for Rx data */
201 while ((skb = skb_dequeue(&adapter->rx_data_q))) {
202 atomic_dec(&adapter->rx_pending);
203 if ((adapter->delay_main_work ||
204 adapter->iface_type == MWIFIEX_USB) &&
205 (atomic_read(&adapter->rx_pending) < LOW_RX_PENDING)) {
206 if (adapter->if_ops.submit_rem_rx_urbs)
207 adapter->if_ops.submit_rem_rx_urbs(adapter);
208 adapter->delay_main_work = false;
209 mwifiex_queue_main_work(adapter);
210 }
211 rx_info = MWIFIEX_SKB_RXCB(skb);
212 if (rx_info->buf_type == MWIFIEX_TYPE_AGGR_DATA) {
213 if (adapter->if_ops.deaggr_pkt)
214 adapter->if_ops.deaggr_pkt(adapter, skb);
215 dev_kfree_skb_any(skb);
216 } else {
217 mwifiex_handle_rx_packet(adapter, skb);
218 }
219 }
220 spin_lock_irqsave(&adapter->rx_proc_lock, flags);
221 adapter->rx_processing = false;
222 spin_unlock_irqrestore(&adapter->rx_proc_lock, flags);
223
224exit_rx_proc:
225 return 0;
226}
227
228/*
229 * The main process.
230 *
231 * This function is the main procedure of the driver and handles various driver
232 * operations. It runs in a loop and provides the core functionalities.
233 *
234 * The main responsibilities of this function are -
235 * - Ensure concurrency control
236 * - Handle pending interrupts and call interrupt handlers
237 * - Wake up the card if required
238 * - Handle command responses and call response handlers
239 * - Handle events and call event handlers
240 * - Execute pending commands
241 * - Transmit pending data packets
242 */
243int mwifiex_main_process(struct mwifiex_adapter *adapter)
244{
245 int ret = 0;
246 unsigned long flags;
247
248 spin_lock_irqsave(&adapter->main_proc_lock, flags);
249
250 /* Check if already processing */
251 if (adapter->mwifiex_processing || adapter->main_locked) {
252 adapter->more_task_flag = true;
253 spin_unlock_irqrestore(&adapter->main_proc_lock, flags);
254 return 0;
255 } else {
256 adapter->mwifiex_processing = true;
257 spin_unlock_irqrestore(&adapter->main_proc_lock, flags);
258 }
259process_start:
260 do {
261 if (adapter->hw_status == MWIFIEX_HW_STATUS_NOT_READY)
262 break;
263
264 /* For non-USB interfaces, If we process interrupts first, it
265 * would increase RX pending even further. Avoid this by
266 * checking if rx_pending has crossed high threshold and
267 * schedule rx work queue and then process interrupts.
268 * For USB interface, there are no interrupts. We already have
269 * HIGH_RX_PENDING check in usb.c
270 */
271 if (atomic_read(&adapter->rx_pending) >= HIGH_RX_PENDING &&
272 adapter->iface_type != MWIFIEX_USB) {
273 adapter->delay_main_work = true;
274 mwifiex_queue_rx_work(adapter);
275 break;
276 }
277
278 /* Handle pending interrupt if any */
279 if (adapter->int_status) {
280 if (adapter->hs_activated)
281 mwifiex_process_hs_config(adapter);
282 if (adapter->if_ops.process_int_status)
283 adapter->if_ops.process_int_status(adapter);
284 }
285
286 if (adapter->rx_work_enabled && adapter->data_received)
287 mwifiex_queue_rx_work(adapter);
288
289 /* Need to wake up the card ? */
290 if ((adapter->ps_state == PS_STATE_SLEEP) &&
291 (adapter->pm_wakeup_card_req &&
292 !adapter->pm_wakeup_fw_try) &&
293 (is_command_pending(adapter) ||
294 !skb_queue_empty(&adapter->tx_data_q) ||
295 !mwifiex_bypass_txlist_empty(adapter) ||
296 !mwifiex_wmm_lists_empty(adapter))) {
297 adapter->pm_wakeup_fw_try = true;
298 mod_timer(&adapter->wakeup_timer, jiffies + (HZ*3));
299 adapter->if_ops.wakeup(adapter);
300 continue;
301 }
302
303 if (IS_CARD_RX_RCVD(adapter)) {
304 adapter->data_received = false;
305 adapter->pm_wakeup_fw_try = false;
306 del_timer(&adapter->wakeup_timer);
307 if (adapter->ps_state == PS_STATE_SLEEP)
308 adapter->ps_state = PS_STATE_AWAKE;
309 } else {
310 /* We have tried to wakeup the card already */
311 if (adapter->pm_wakeup_fw_try)
312 break;
313 if (adapter->ps_state == PS_STATE_PRE_SLEEP)
314 mwifiex_check_ps_cond(adapter);
315
316 if (adapter->ps_state != PS_STATE_AWAKE)
317 break;
318 if (adapter->tx_lock_flag) {
319 if (adapter->iface_type == MWIFIEX_USB) {
320 if (!adapter->usb_mc_setup)
321 break;
322 } else
323 break;
324 }
325
326 if ((!adapter->scan_chan_gap_enabled &&
327 adapter->scan_processing) || adapter->data_sent ||
328 mwifiex_is_tdls_chan_switching
329 (mwifiex_get_priv(adapter,
330 MWIFIEX_BSS_ROLE_STA)) ||
331 (mwifiex_wmm_lists_empty(adapter) &&
332 mwifiex_bypass_txlist_empty(adapter) &&
333 skb_queue_empty(&adapter->tx_data_q))) {
334 if (adapter->cmd_sent || adapter->curr_cmd ||
335 !mwifiex_is_send_cmd_allowed
336 (mwifiex_get_priv(adapter,
337 MWIFIEX_BSS_ROLE_STA)) ||
338 (!is_command_pending(adapter)))
339 break;
340 }
341 }
342
343 /* Check for event */
344 if (adapter->event_received) {
345 adapter->event_received = false;
346 mwifiex_process_event(adapter);
347 }
348
349 /* Check for Cmd Resp */
350 if (adapter->cmd_resp_received) {
351 adapter->cmd_resp_received = false;
352 mwifiex_process_cmdresp(adapter);
353
354 /* call mwifiex back when init_fw is done */
355 if (adapter->hw_status == MWIFIEX_HW_STATUS_INIT_DONE) {
356 adapter->hw_status = MWIFIEX_HW_STATUS_READY;
357 mwifiex_init_fw_complete(adapter);
358 }
359 }
360
361 /* Check if we need to confirm Sleep Request
362 received previously */
363 if (adapter->ps_state == PS_STATE_PRE_SLEEP)
364 mwifiex_check_ps_cond(adapter);
365
366 /* * The ps_state may have been changed during processing of
367 * Sleep Request event.
368 */
369 if ((adapter->ps_state == PS_STATE_SLEEP) ||
370 (adapter->ps_state == PS_STATE_PRE_SLEEP) ||
371 (adapter->ps_state == PS_STATE_SLEEP_CFM)) {
372 continue;
373 }
374
375 if (adapter->tx_lock_flag) {
376 if (adapter->iface_type == MWIFIEX_USB) {
377 if (!adapter->usb_mc_setup)
378 continue;
379 } else
380 continue;
381 }
382
383 if (!adapter->cmd_sent && !adapter->curr_cmd &&
384 mwifiex_is_send_cmd_allowed
385 (mwifiex_get_priv(adapter, MWIFIEX_BSS_ROLE_STA))) {
386 if (mwifiex_exec_next_cmd(adapter) == -1) {
387 ret = -1;
388 break;
389 }
390 }
391
392 /** If USB Multi channel setup ongoing,
393 * wait for ready to tx data.
394 */
395 if (adapter->iface_type == MWIFIEX_USB &&
396 adapter->usb_mc_setup)
397 continue;
398
399 if ((adapter->scan_chan_gap_enabled ||
400 !adapter->scan_processing) &&
401 !adapter->data_sent &&
402 !skb_queue_empty(&adapter->tx_data_q)) {
403 mwifiex_process_tx_queue(adapter);
404 if (adapter->hs_activated) {
405 adapter->is_hs_configured = false;
406 mwifiex_hs_activated_event
407 (mwifiex_get_priv
408 (adapter, MWIFIEX_BSS_ROLE_ANY),
409 false);
410 }
411 }
412
413 if ((adapter->scan_chan_gap_enabled ||
414 !adapter->scan_processing) &&
415 !adapter->data_sent &&
416 !mwifiex_bypass_txlist_empty(adapter) &&
417 !mwifiex_is_tdls_chan_switching
418 (mwifiex_get_priv(adapter, MWIFIEX_BSS_ROLE_STA))) {
419 mwifiex_process_bypass_tx(adapter);
420 if (adapter->hs_activated) {
421 adapter->is_hs_configured = false;
422 mwifiex_hs_activated_event
423 (mwifiex_get_priv
424 (adapter, MWIFIEX_BSS_ROLE_ANY),
425 false);
426 }
427 }
428
429 if ((adapter->scan_chan_gap_enabled ||
430 !adapter->scan_processing) &&
431 !adapter->data_sent && !mwifiex_wmm_lists_empty(adapter) &&
432 !mwifiex_is_tdls_chan_switching
433 (mwifiex_get_priv(adapter, MWIFIEX_BSS_ROLE_STA))) {
434 mwifiex_wmm_process_tx(adapter);
435 if (adapter->hs_activated) {
436 adapter->is_hs_configured = false;
437 mwifiex_hs_activated_event
438 (mwifiex_get_priv
439 (adapter, MWIFIEX_BSS_ROLE_ANY),
440 false);
441 }
442 }
443
444 if (adapter->delay_null_pkt && !adapter->cmd_sent &&
445 !adapter->curr_cmd && !is_command_pending(adapter) &&
446 (mwifiex_wmm_lists_empty(adapter) &&
447 mwifiex_bypass_txlist_empty(adapter) &&
448 skb_queue_empty(&adapter->tx_data_q))) {
449 if (!mwifiex_send_null_packet
450 (mwifiex_get_priv(adapter, MWIFIEX_BSS_ROLE_STA),
451 MWIFIEX_TxPD_POWER_MGMT_NULL_PACKET |
452 MWIFIEX_TxPD_POWER_MGMT_LAST_PACKET)) {
453 adapter->delay_null_pkt = false;
454 adapter->ps_state = PS_STATE_SLEEP;
455 }
456 break;
457 }
458 } while (true);
459
460 spin_lock_irqsave(&adapter->main_proc_lock, flags);
461 if (adapter->more_task_flag) {
462 adapter->more_task_flag = false;
463 spin_unlock_irqrestore(&adapter->main_proc_lock, flags);
464 goto process_start;
465 }
466 adapter->mwifiex_processing = false;
467 spin_unlock_irqrestore(&adapter->main_proc_lock, flags);
468
469 return ret;
470}
471EXPORT_SYMBOL_GPL(mwifiex_main_process);
472
473/*
474 * This function frees the adapter structure.
475 *
476 * Additionally, this closes the netlink socket, frees the timers
477 * and private structures.
478 */
479static void mwifiex_free_adapter(struct mwifiex_adapter *adapter)
480{
481 if (!adapter) {
482 pr_err("%s: adapter is NULL\n", __func__);
483 return;
484 }
485
486 mwifiex_unregister(adapter);
487 pr_debug("info: %s: free adapter\n", __func__);
488}
489
490/*
491 * This function cancels all works in the queue and destroys
492 * the main workqueue.
493 */
494static void mwifiex_terminate_workqueue(struct mwifiex_adapter *adapter)
495{
496 if (adapter->workqueue) {
497 flush_workqueue(adapter->workqueue);
498 destroy_workqueue(adapter->workqueue);
499 adapter->workqueue = NULL;
500 }
501
502 if (adapter->rx_workqueue) {
503 flush_workqueue(adapter->rx_workqueue);
504 destroy_workqueue(adapter->rx_workqueue);
505 adapter->rx_workqueue = NULL;
506 }
507}
508
509/*
510 * This function gets firmware and initializes it.
511 *
512 * The main initialization steps followed are -
513 * - Download the correct firmware to card
514 * - Issue the init commands to firmware
515 */
516static int _mwifiex_fw_dpc(const struct firmware *firmware, void *context)
517{
518 int ret;
519 char fmt[64];
520 struct mwifiex_adapter *adapter = context;
521 struct mwifiex_fw_image fw;
522 bool init_failed = false;
523 struct wireless_dev *wdev;
524 struct completion *fw_done = adapter->fw_done;
525
526 if (!firmware) {
527 mwifiex_dbg(adapter, ERROR,
528 "Failed to get firmware %s\n", adapter->fw_name);
529 goto err_dnld_fw;
530 }
531
532 memset(&fw, 0, sizeof(struct mwifiex_fw_image));
533 adapter->firmware = firmware;
534 fw.fw_buf = (u8 *) adapter->firmware->data;
535 fw.fw_len = adapter->firmware->size;
536
537 if (adapter->if_ops.dnld_fw) {
538 ret = adapter->if_ops.dnld_fw(adapter, &fw);
539 } else {
540 ret = mwifiex_dnld_fw(adapter, &fw);
541 }
542
543 if (ret == -1)
544 goto err_dnld_fw;
545
546 mwifiex_dbg(adapter, MSG, "WLAN FW is active\n");
547
548 if (cal_data_cfg) {
549 if ((request_firmware(&adapter->cal_data, cal_data_cfg,
550 adapter->dev)) < 0)
551 mwifiex_dbg(adapter, ERROR,
552 "Cal data request_firmware() failed\n");
553 }
554
555 /* enable host interrupt after fw dnld is successful */
556 if (adapter->if_ops.enable_int) {
557 if (adapter->if_ops.enable_int(adapter))
558 goto err_dnld_fw;
559 }
560
561 adapter->init_wait_q_woken = false;
562 ret = mwifiex_init_fw(adapter);
563 if (ret == -1) {
564 goto err_init_fw;
565 } else if (!ret) {
566 adapter->hw_status = MWIFIEX_HW_STATUS_READY;
567 goto done;
568 }
569 /* Wait for mwifiex_init to complete */
570 if (!adapter->mfg_mode) {
571 wait_event_interruptible(adapter->init_wait_q,
572 adapter->init_wait_q_woken);
573 if (adapter->hw_status != MWIFIEX_HW_STATUS_READY)
574 goto err_init_fw;
575 }
576
577 if (!adapter->wiphy) {
578 if (mwifiex_register_cfg80211(adapter)) {
579 mwifiex_dbg(adapter, ERROR,
580 "cannot register with cfg80211\n");
581 goto err_init_fw;
582 }
583 }
584
585 if (mwifiex_init_channel_scan_gap(adapter)) {
586 mwifiex_dbg(adapter, ERROR,
587 "could not init channel stats table\n");
588 goto err_init_fw;
589 }
590
591 if (driver_mode) {
592 driver_mode &= MWIFIEX_DRIVER_MODE_BITMASK;
593 driver_mode |= MWIFIEX_DRIVER_MODE_STA;
594 }
595
596 rtnl_lock();
597 /* Create station interface by default */
598 wdev = mwifiex_add_virtual_intf(adapter->wiphy, "mlan%d", NET_NAME_ENUM,
599 NL80211_IFTYPE_STATION, NULL, NULL);
600 if (IS_ERR(wdev)) {
601 mwifiex_dbg(adapter, ERROR,
602 "cannot create default STA interface\n");
603 rtnl_unlock();
604 goto err_add_intf;
605 }
606
607 if (driver_mode & MWIFIEX_DRIVER_MODE_UAP) {
608 wdev = mwifiex_add_virtual_intf(adapter->wiphy, "uap%d", NET_NAME_ENUM,
609 NL80211_IFTYPE_AP, NULL, NULL);
610 if (IS_ERR(wdev)) {
611 mwifiex_dbg(adapter, ERROR,
612 "cannot create AP interface\n");
613 rtnl_unlock();
614 goto err_add_intf;
615 }
616 }
617
618 if (driver_mode & MWIFIEX_DRIVER_MODE_P2P) {
619 wdev = mwifiex_add_virtual_intf(adapter->wiphy, "p2p%d", NET_NAME_ENUM,
620 NL80211_IFTYPE_P2P_CLIENT, NULL,
621 NULL);
622 if (IS_ERR(wdev)) {
623 mwifiex_dbg(adapter, ERROR,
624 "cannot create p2p client interface\n");
625 rtnl_unlock();
626 goto err_add_intf;
627 }
628 }
629 rtnl_unlock();
630
631 mwifiex_drv_get_driver_version(adapter, fmt, sizeof(fmt) - 1);
632 mwifiex_dbg(adapter, MSG, "driver_version = %s\n", fmt);
633 goto done;
634
635err_add_intf:
636 wiphy_unregister(adapter->wiphy);
637 wiphy_free(adapter->wiphy);
638err_init_fw:
639 if (adapter->if_ops.disable_int)
640 adapter->if_ops.disable_int(adapter);
641err_dnld_fw:
642 mwifiex_dbg(adapter, ERROR,
643 "info: %s: unregister device\n", __func__);
644 if (adapter->if_ops.unregister_dev)
645 adapter->if_ops.unregister_dev(adapter);
646
647 adapter->surprise_removed = true;
648 mwifiex_terminate_workqueue(adapter);
649
650 if (adapter->hw_status == MWIFIEX_HW_STATUS_READY) {
651 pr_debug("info: %s: shutdown mwifiex\n", __func__);
652 mwifiex_shutdown_drv(adapter);
653 }
654
655 init_failed = true;
656done:
657 if (adapter->cal_data) {
658 release_firmware(adapter->cal_data);
659 adapter->cal_data = NULL;
660 }
661 if (adapter->firmware) {
662 release_firmware(adapter->firmware);
663 adapter->firmware = NULL;
664 }
665 if (init_failed)
666 mwifiex_free_adapter(adapter);
667 /* Tell all current and future waiters we're finished */
668 complete_all(fw_done);
669
670 return init_failed ? -EIO : 0;
671}
672
673static void mwifiex_fw_dpc(const struct firmware *firmware, void *context)
674{
675 _mwifiex_fw_dpc(firmware, context);
676}
677
678/*
679 * This function gets the firmware and (if called asynchronously) kicks off the
680 * HW init when done.
681 */
682static int mwifiex_init_hw_fw(struct mwifiex_adapter *adapter,
683 bool req_fw_nowait)
684{
685 int ret;
686
687 /* Override default firmware with manufacturing one if
688 * manufacturing mode is enabled
689 */
690 if (mfg_mode) {
691 if (strlcpy(adapter->fw_name, MFG_FIRMWARE,
692 sizeof(adapter->fw_name)) >=
693 sizeof(adapter->fw_name)) {
694 pr_err("%s: fw_name too long!\n", __func__);
695 return -1;
696 }
697 }
698
699 if (req_fw_nowait) {
700 ret = request_firmware_nowait(THIS_MODULE, 1, adapter->fw_name,
701 adapter->dev, GFP_KERNEL, adapter,
702 mwifiex_fw_dpc);
703 } else {
704 ret = request_firmware(&adapter->firmware,
705 adapter->fw_name,
706 adapter->dev);
707 }
708
709 if (ret < 0)
710 mwifiex_dbg(adapter, ERROR, "request_firmware%s error %d\n",
711 req_fw_nowait ? "_nowait" : "", ret);
712 return ret;
713}
714
715/*
716 * CFG802.11 network device handler for open.
717 *
718 * Starts the data queue.
719 */
720static int
721mwifiex_open(struct net_device *dev)
722{
723 netif_carrier_off(dev);
724
725 return 0;
726}
727
728/*
729 * CFG802.11 network device handler for close.
730 */
731static int
732mwifiex_close(struct net_device *dev)
733{
734 struct mwifiex_private *priv = mwifiex_netdev_get_priv(dev);
735
736 if (priv->scan_request) {
737 struct cfg80211_scan_info info = {
738 .aborted = true,
739 };
740
741 mwifiex_dbg(priv->adapter, INFO,
742 "aborting scan on ndo_stop\n");
743 cfg80211_scan_done(priv->scan_request, &info);
744 priv->scan_request = NULL;
745 priv->scan_aborting = true;
746 }
747
748 if (priv->sched_scanning) {
749 mwifiex_dbg(priv->adapter, INFO,
750 "aborting bgscan on ndo_stop\n");
751 mwifiex_stop_bg_scan(priv);
752 cfg80211_sched_scan_stopped(priv->wdev.wiphy);
753 }
754
755 return 0;
756}
757
758static bool
759mwifiex_bypass_tx_queue(struct mwifiex_private *priv,
760 struct sk_buff *skb)
761{
762 struct ethhdr *eth_hdr = (struct ethhdr *)skb->data;
763
764 if (ntohs(eth_hdr->h_proto) == ETH_P_PAE ||
765 mwifiex_is_skb_mgmt_frame(skb) ||
766 (GET_BSS_ROLE(priv) == MWIFIEX_BSS_ROLE_STA &&
767 ISSUPP_TDLS_ENABLED(priv->adapter->fw_cap_info) &&
768 (ntohs(eth_hdr->h_proto) == ETH_P_TDLS))) {
769 mwifiex_dbg(priv->adapter, DATA,
770 "bypass txqueue; eth type %#x, mgmt %d\n",
771 ntohs(eth_hdr->h_proto),
772 mwifiex_is_skb_mgmt_frame(skb));
773 return true;
774 }
775
776 return false;
777}
778/*
779 * Add buffer into wmm tx queue and queue work to transmit it.
780 */
781int mwifiex_queue_tx_pkt(struct mwifiex_private *priv, struct sk_buff *skb)
782{
783 struct netdev_queue *txq;
784 int index = mwifiex_1d_to_wmm_queue[skb->priority];
785
786 if (atomic_inc_return(&priv->wmm_tx_pending[index]) >= MAX_TX_PENDING) {
787 txq = netdev_get_tx_queue(priv->netdev, index);
788 if (!netif_tx_queue_stopped(txq)) {
789 netif_tx_stop_queue(txq);
790 mwifiex_dbg(priv->adapter, DATA,
791 "stop queue: %d\n", index);
792 }
793 }
794
795 if (mwifiex_bypass_tx_queue(priv, skb)) {
796 atomic_inc(&priv->adapter->tx_pending);
797 atomic_inc(&priv->adapter->bypass_tx_pending);
798 mwifiex_wmm_add_buf_bypass_txqueue(priv, skb);
799 } else {
800 atomic_inc(&priv->adapter->tx_pending);
801 mwifiex_wmm_add_buf_txqueue(priv, skb);
802 }
803
804 mwifiex_queue_main_work(priv->adapter);
805
806 return 0;
807}
808
809struct sk_buff *
810mwifiex_clone_skb_for_tx_status(struct mwifiex_private *priv,
811 struct sk_buff *skb, u8 flag, u64 *cookie)
812{
813 struct sk_buff *orig_skb = skb;
814 struct mwifiex_txinfo *tx_info, *orig_tx_info;
815
816 skb = skb_clone(skb, GFP_ATOMIC);
817 if (skb) {
818 unsigned long flags;
819 int id;
820
821 spin_lock_irqsave(&priv->ack_status_lock, flags);
822 id = idr_alloc(&priv->ack_status_frames, orig_skb,
823 1, 0x10, GFP_ATOMIC);
824 spin_unlock_irqrestore(&priv->ack_status_lock, flags);
825
826 if (id >= 0) {
827 tx_info = MWIFIEX_SKB_TXCB(skb);
828 tx_info->ack_frame_id = id;
829 tx_info->flags |= flag;
830 orig_tx_info = MWIFIEX_SKB_TXCB(orig_skb);
831 orig_tx_info->ack_frame_id = id;
832 orig_tx_info->flags |= flag;
833
834 if (flag == MWIFIEX_BUF_FLAG_ACTION_TX_STATUS && cookie)
835 orig_tx_info->cookie = *cookie;
836
837 } else if (skb_shared(skb)) {
838 kfree_skb(orig_skb);
839 } else {
840 kfree_skb(skb);
841 skb = orig_skb;
842 }
843 } else {
844 /* couldn't clone -- lose tx status ... */
845 skb = orig_skb;
846 }
847
848 return skb;
849}
850
851/*
852 * CFG802.11 network device handler for data transmission.
853 */
854static int
855mwifiex_hard_start_xmit(struct sk_buff *skb, struct net_device *dev)
856{
857 struct mwifiex_private *priv = mwifiex_netdev_get_priv(dev);
858 struct sk_buff *new_skb;
859 struct mwifiex_txinfo *tx_info;
860 bool multicast;
861
862 mwifiex_dbg(priv->adapter, DATA,
863 "data: %lu BSS(%d-%d): Data <= kernel\n",
864 jiffies, priv->bss_type, priv->bss_num);
865
866 if (priv->adapter->surprise_removed) {
867 kfree_skb(skb);
868 priv->stats.tx_dropped++;
869 return 0;
870 }
871 if (!skb->len || (skb->len > ETH_FRAME_LEN)) {
872 mwifiex_dbg(priv->adapter, ERROR,
873 "Tx: bad skb len %d\n", skb->len);
874 kfree_skb(skb);
875 priv->stats.tx_dropped++;
876 return 0;
877 }
878 if (skb_headroom(skb) < MWIFIEX_MIN_DATA_HEADER_LEN) {
879 mwifiex_dbg(priv->adapter, DATA,
880 "data: Tx: insufficient skb headroom %d\n",
881 skb_headroom(skb));
882 /* Insufficient skb headroom - allocate a new skb */
883 new_skb =
884 skb_realloc_headroom(skb, MWIFIEX_MIN_DATA_HEADER_LEN);
885 if (unlikely(!new_skb)) {
886 mwifiex_dbg(priv->adapter, ERROR,
887 "Tx: cannot alloca new_skb\n");
888 kfree_skb(skb);
889 priv->stats.tx_dropped++;
890 return 0;
891 }
892 kfree_skb(skb);
893 skb = new_skb;
894 mwifiex_dbg(priv->adapter, INFO,
895 "info: new skb headroomd %d\n",
896 skb_headroom(skb));
897 }
898
899 tx_info = MWIFIEX_SKB_TXCB(skb);
900 memset(tx_info, 0, sizeof(*tx_info));
901 tx_info->bss_num = priv->bss_num;
902 tx_info->bss_type = priv->bss_type;
903 tx_info->pkt_len = skb->len;
904
905 multicast = is_multicast_ether_addr(skb->data);
906
907 if (unlikely(!multicast && skb->sk &&
908 skb_shinfo(skb)->tx_flags & SKBTX_WIFI_STATUS &&
909 priv->adapter->fw_api_ver == MWIFIEX_FW_V15))
910 skb = mwifiex_clone_skb_for_tx_status(priv,
911 skb,
912 MWIFIEX_BUF_FLAG_EAPOL_TX_STATUS, NULL);
913
914 /* Record the current time the packet was queued; used to
915 * determine the amount of time the packet was queued in
916 * the driver before it was sent to the firmware.
917 * The delay is then sent along with the packet to the
918 * firmware for aggregate delay calculation for stats and
919 * MSDU lifetime expiry.
920 */
921 __net_timestamp(skb);
922
923 if (ISSUPP_TDLS_ENABLED(priv->adapter->fw_cap_info) &&
924 priv->bss_type == MWIFIEX_BSS_TYPE_STA &&
925 !ether_addr_equal_unaligned(priv->cfg_bssid, skb->data)) {
926 if (priv->adapter->auto_tdls && priv->check_tdls_tx)
927 mwifiex_tdls_check_tx(priv, skb);
928 }
929
930 mwifiex_queue_tx_pkt(priv, skb);
931
932 return 0;
933}
934
935/*
936 * CFG802.11 network device handler for setting MAC address.
937 */
938static int
939mwifiex_set_mac_address(struct net_device *dev, void *addr)
940{
941 struct mwifiex_private *priv = mwifiex_netdev_get_priv(dev);
942 struct sockaddr *hw_addr = addr;
943 int ret;
944
945 memcpy(priv->curr_addr, hw_addr->sa_data, ETH_ALEN);
946
947 /* Send request to firmware */
948 ret = mwifiex_send_cmd(priv, HostCmd_CMD_802_11_MAC_ADDRESS,
949 HostCmd_ACT_GEN_SET, 0, NULL, true);
950
951 if (!ret)
952 memcpy(priv->netdev->dev_addr, priv->curr_addr, ETH_ALEN);
953 else
954 mwifiex_dbg(priv->adapter, ERROR,
955 "set mac address failed: ret=%d\n", ret);
956
957 memcpy(dev->dev_addr, priv->curr_addr, ETH_ALEN);
958
959 return ret;
960}
961
962/*
963 * CFG802.11 network device handler for setting multicast list.
964 */
965static void mwifiex_set_multicast_list(struct net_device *dev)
966{
967 struct mwifiex_private *priv = mwifiex_netdev_get_priv(dev);
968 struct mwifiex_multicast_list mcast_list;
969
970 if (dev->flags & IFF_PROMISC) {
971 mcast_list.mode = MWIFIEX_PROMISC_MODE;
972 } else if (dev->flags & IFF_ALLMULTI ||
973 netdev_mc_count(dev) > MWIFIEX_MAX_MULTICAST_LIST_SIZE) {
974 mcast_list.mode = MWIFIEX_ALL_MULTI_MODE;
975 } else {
976 mcast_list.mode = MWIFIEX_MULTICAST_MODE;
977 mcast_list.num_multicast_addr =
978 mwifiex_copy_mcast_addr(&mcast_list, dev);
979 }
980 mwifiex_request_set_multicast_list(priv, &mcast_list);
981}
982
983/*
984 * CFG802.11 network device handler for transmission timeout.
985 */
986static void
987mwifiex_tx_timeout(struct net_device *dev)
988{
989 struct mwifiex_private *priv = mwifiex_netdev_get_priv(dev);
990
991 priv->num_tx_timeout++;
992 priv->tx_timeout_cnt++;
993 mwifiex_dbg(priv->adapter, ERROR,
994 "%lu : Tx timeout(#%d), bss_type-num = %d-%d\n",
995 jiffies, priv->tx_timeout_cnt, priv->bss_type,
996 priv->bss_num);
997 mwifiex_set_trans_start(dev);
998
999 if (priv->tx_timeout_cnt > TX_TIMEOUT_THRESHOLD &&
1000 priv->adapter->if_ops.card_reset) {
1001 mwifiex_dbg(priv->adapter, ERROR,
1002 "tx_timeout_cnt exceeds threshold.\t"
1003 "Triggering card reset!\n");
1004 priv->adapter->if_ops.card_reset(priv->adapter);
1005 }
1006}
1007
1008void mwifiex_multi_chan_resync(struct mwifiex_adapter *adapter)
1009{
1010 struct usb_card_rec *card = adapter->card;
1011 struct mwifiex_private *priv;
1012 u16 tx_buf_size;
1013 int i, ret;
1014
1015 card->mc_resync_flag = true;
1016 for (i = 0; i < MWIFIEX_TX_DATA_PORT; i++) {
1017 if (atomic_read(&card->port[i].tx_data_urb_pending)) {
1018 mwifiex_dbg(adapter, WARN, "pending data urb in sys\n");
1019 return;
1020 }
1021 }
1022
1023 card->mc_resync_flag = false;
1024 tx_buf_size = 0xffff;
1025 priv = mwifiex_get_priv(adapter, MWIFIEX_BSS_ROLE_ANY);
1026 ret = mwifiex_send_cmd(priv, HostCmd_CMD_RECONFIGURE_TX_BUFF,
1027 HostCmd_ACT_GEN_SET, 0, &tx_buf_size, false);
1028 if (ret)
1029 mwifiex_dbg(adapter, ERROR,
1030 "send reconfig tx buf size cmd err\n");
1031}
1032EXPORT_SYMBOL_GPL(mwifiex_multi_chan_resync);
1033
1034int mwifiex_drv_info_dump(struct mwifiex_adapter *adapter, void **drv_info)
1035{
1036 void *p;
1037 char drv_version[64];
1038 struct usb_card_rec *cardp;
1039 struct sdio_mmc_card *sdio_card;
1040 struct mwifiex_private *priv;
1041 int i, idx;
1042 struct netdev_queue *txq;
1043 struct mwifiex_debug_info *debug_info;
1044 void *drv_info_dump;
1045
1046 mwifiex_dbg(adapter, MSG, "===mwifiex driverinfo dump start===\n");
1047
1048 /* memory allocate here should be free in mwifiex_upload_device_dump*/
1049 drv_info_dump = vzalloc(MWIFIEX_DRV_INFO_SIZE_MAX);
1050
1051 if (!drv_info_dump)
1052 return 0;
1053
1054 p = (char *)(drv_info_dump);
1055 p += sprintf(p, "driver_name = " "\"mwifiex\"\n");
1056
1057 mwifiex_drv_get_driver_version(adapter, drv_version,
1058 sizeof(drv_version) - 1);
1059 p += sprintf(p, "driver_version = %s\n", drv_version);
1060
1061 if (adapter->iface_type == MWIFIEX_USB) {
1062 cardp = (struct usb_card_rec *)adapter->card;
1063 p += sprintf(p, "tx_cmd_urb_pending = %d\n",
1064 atomic_read(&cardp->tx_cmd_urb_pending));
1065 p += sprintf(p, "tx_data_urb_pending_port_0 = %d\n",
1066 atomic_read(&cardp->port[0].tx_data_urb_pending));
1067 p += sprintf(p, "tx_data_urb_pending_port_1 = %d\n",
1068 atomic_read(&cardp->port[1].tx_data_urb_pending));
1069 p += sprintf(p, "rx_cmd_urb_pending = %d\n",
1070 atomic_read(&cardp->rx_cmd_urb_pending));
1071 p += sprintf(p, "rx_data_urb_pending = %d\n",
1072 atomic_read(&cardp->rx_data_urb_pending));
1073 }
1074
1075 p += sprintf(p, "tx_pending = %d\n",
1076 atomic_read(&adapter->tx_pending));
1077 p += sprintf(p, "rx_pending = %d\n",
1078 atomic_read(&adapter->rx_pending));
1079
1080 if (adapter->iface_type == MWIFIEX_SDIO) {
1081 sdio_card = (struct sdio_mmc_card *)adapter->card;
1082 p += sprintf(p, "\nmp_rd_bitmap=0x%x curr_rd_port=0x%x\n",
1083 sdio_card->mp_rd_bitmap, sdio_card->curr_rd_port);
1084 p += sprintf(p, "mp_wr_bitmap=0x%x curr_wr_port=0x%x\n",
1085 sdio_card->mp_wr_bitmap, sdio_card->curr_wr_port);
1086 }
1087
1088 for (i = 0; i < adapter->priv_num; i++) {
1089 if (!adapter->priv[i] || !adapter->priv[i]->netdev)
1090 continue;
1091 priv = adapter->priv[i];
1092 p += sprintf(p, "\n[interface : \"%s\"]\n",
1093 priv->netdev->name);
1094 p += sprintf(p, "wmm_tx_pending[0] = %d\n",
1095 atomic_read(&priv->wmm_tx_pending[0]));
1096 p += sprintf(p, "wmm_tx_pending[1] = %d\n",
1097 atomic_read(&priv->wmm_tx_pending[1]));
1098 p += sprintf(p, "wmm_tx_pending[2] = %d\n",
1099 atomic_read(&priv->wmm_tx_pending[2]));
1100 p += sprintf(p, "wmm_tx_pending[3] = %d\n",
1101 atomic_read(&priv->wmm_tx_pending[3]));
1102 p += sprintf(p, "media_state=\"%s\"\n", !priv->media_connected ?
1103 "Disconnected" : "Connected");
1104 p += sprintf(p, "carrier %s\n", (netif_carrier_ok(priv->netdev)
1105 ? "on" : "off"));
1106 for (idx = 0; idx < priv->netdev->num_tx_queues; idx++) {
1107 txq = netdev_get_tx_queue(priv->netdev, idx);
1108 p += sprintf(p, "tx queue %d:%s ", idx,
1109 netif_tx_queue_stopped(txq) ?
1110 "stopped" : "started");
1111 }
1112 p += sprintf(p, "\n%s: num_tx_timeout = %d\n",
1113 priv->netdev->name, priv->num_tx_timeout);
1114 }
1115
1116 if (adapter->iface_type == MWIFIEX_SDIO ||
1117 adapter->iface_type == MWIFIEX_PCIE) {
1118 p += sprintf(p, "\n=== %s register dump===\n",
1119 adapter->iface_type == MWIFIEX_SDIO ?
1120 "SDIO" : "PCIE");
1121 if (adapter->if_ops.reg_dump)
1122 p += adapter->if_ops.reg_dump(adapter, p);
1123 }
1124 p += sprintf(p, "\n=== more debug information\n");
1125 debug_info = kzalloc(sizeof(*debug_info), GFP_KERNEL);
1126 if (debug_info) {
1127 for (i = 0; i < adapter->priv_num; i++) {
1128 if (!adapter->priv[i] || !adapter->priv[i]->netdev)
1129 continue;
1130 priv = adapter->priv[i];
1131 mwifiex_get_debug_info(priv, debug_info);
1132 p += mwifiex_debug_info_to_buffer(priv, p, debug_info);
1133 break;
1134 }
1135 kfree(debug_info);
1136 }
1137
1138 mwifiex_dbg(adapter, MSG, "===mwifiex driverinfo dump end===\n");
1139 *drv_info = drv_info_dump;
1140 return p - drv_info_dump;
1141}
1142EXPORT_SYMBOL_GPL(mwifiex_drv_info_dump);
1143
1144void mwifiex_upload_device_dump(struct mwifiex_adapter *adapter, void *drv_info,
1145 int drv_info_size)
1146{
1147 u8 idx, *dump_data, *fw_dump_ptr;
1148 u32 dump_len;
1149
1150 dump_len = (strlen("========Start dump driverinfo========\n") +
1151 drv_info_size +
1152 strlen("\n========End dump========\n"));
1153
1154 for (idx = 0; idx < adapter->num_mem_types; idx++) {
1155 struct memory_type_mapping *entry =
1156 &adapter->mem_type_mapping_tbl[idx];
1157
1158 if (entry->mem_ptr) {
1159 dump_len += (strlen("========Start dump ") +
1160 strlen(entry->mem_name) +
1161 strlen("========\n") +
1162 (entry->mem_size + 1) +
1163 strlen("\n========End dump========\n"));
1164 }
1165 }
1166
1167 dump_data = vzalloc(dump_len + 1);
1168 if (!dump_data)
1169 goto done;
1170
1171 fw_dump_ptr = dump_data;
1172
1173 /* Dump all the memory data into single file, a userspace script will
1174 * be used to split all the memory data to multiple files
1175 */
1176 mwifiex_dbg(adapter, MSG,
1177 "== mwifiex dump information to /sys/class/devcoredump start");
1178
1179 strcpy(fw_dump_ptr, "========Start dump driverinfo========\n");
1180 fw_dump_ptr += strlen("========Start dump driverinfo========\n");
1181 memcpy(fw_dump_ptr, drv_info, drv_info_size);
1182 fw_dump_ptr += drv_info_size;
1183 strcpy(fw_dump_ptr, "\n========End dump========\n");
1184 fw_dump_ptr += strlen("\n========End dump========\n");
1185
1186 for (idx = 0; idx < adapter->num_mem_types; idx++) {
1187 struct memory_type_mapping *entry =
1188 &adapter->mem_type_mapping_tbl[idx];
1189
1190 if (entry->mem_ptr) {
1191 strcpy(fw_dump_ptr, "========Start dump ");
1192 fw_dump_ptr += strlen("========Start dump ");
1193
1194 strcpy(fw_dump_ptr, entry->mem_name);
1195 fw_dump_ptr += strlen(entry->mem_name);
1196
1197 strcpy(fw_dump_ptr, "========\n");
1198 fw_dump_ptr += strlen("========\n");
1199
1200 memcpy(fw_dump_ptr, entry->mem_ptr, entry->mem_size);
1201 fw_dump_ptr += entry->mem_size;
1202
1203 strcpy(fw_dump_ptr, "\n========End dump========\n");
1204 fw_dump_ptr += strlen("\n========End dump========\n");
1205 }
1206 }
1207
1208 /* device dump data will be free in device coredump release function
1209 * after 5 min
1210 */
1211 dev_coredumpv(adapter->dev, dump_data, dump_len, GFP_KERNEL);
1212 mwifiex_dbg(adapter, MSG,
1213 "== mwifiex dump information to /sys/class/devcoredump end");
1214
1215done:
1216 for (idx = 0; idx < adapter->num_mem_types; idx++) {
1217 struct memory_type_mapping *entry =
1218 &adapter->mem_type_mapping_tbl[idx];
1219
1220 vfree(entry->mem_ptr);
1221 entry->mem_ptr = NULL;
1222 entry->mem_size = 0;
1223 }
1224
1225 vfree(drv_info);
1226}
1227EXPORT_SYMBOL_GPL(mwifiex_upload_device_dump);
1228
1229/*
1230 * CFG802.11 network device handler for statistics retrieval.
1231 */
1232static struct net_device_stats *mwifiex_get_stats(struct net_device *dev)
1233{
1234 struct mwifiex_private *priv = mwifiex_netdev_get_priv(dev);
1235
1236 return &priv->stats;
1237}
1238
1239static u16
1240mwifiex_netdev_select_wmm_queue(struct net_device *dev, struct sk_buff *skb,
1241 void *accel_priv, select_queue_fallback_t fallback)
1242{
1243 skb->priority = cfg80211_classify8021d(skb, NULL);
1244 return mwifiex_1d_to_wmm_queue[skb->priority];
1245}
1246
1247/* Network device handlers */
1248static const struct net_device_ops mwifiex_netdev_ops = {
1249 .ndo_open = mwifiex_open,
1250 .ndo_stop = mwifiex_close,
1251 .ndo_start_xmit = mwifiex_hard_start_xmit,
1252 .ndo_set_mac_address = mwifiex_set_mac_address,
1253 .ndo_validate_addr = eth_validate_addr,
1254 .ndo_tx_timeout = mwifiex_tx_timeout,
1255 .ndo_get_stats = mwifiex_get_stats,
1256 .ndo_set_rx_mode = mwifiex_set_multicast_list,
1257 .ndo_select_queue = mwifiex_netdev_select_wmm_queue,
1258};
1259
1260/*
1261 * This function initializes the private structure parameters.
1262 *
1263 * The following wait queues are initialized -
1264 * - IOCTL wait queue
1265 * - Command wait queue
1266 * - Statistics wait queue
1267 *
1268 * ...and the following default parameters are set -
1269 * - Current key index : Set to 0
1270 * - Rate index : Set to auto
1271 * - Media connected : Set to disconnected
1272 * - Adhoc link sensed : Set to false
1273 * - Nick name : Set to null
1274 * - Number of Tx timeout : Set to 0
1275 * - Device address : Set to current address
1276 * - Rx histogram statistc : Set to 0
1277 *
1278 * In addition, the CFG80211 work queue is also created.
1279 */
1280void mwifiex_init_priv_params(struct mwifiex_private *priv,
1281 struct net_device *dev)
1282{
1283 dev->netdev_ops = &mwifiex_netdev_ops;
1284 dev->destructor = free_netdev;
1285 /* Initialize private structure */
1286 priv->current_key_index = 0;
1287 priv->media_connected = false;
1288 memset(priv->mgmt_ie, 0,
1289 sizeof(struct mwifiex_ie) * MAX_MGMT_IE_INDEX);
1290 priv->beacon_idx = MWIFIEX_AUTO_IDX_MASK;
1291 priv->proberesp_idx = MWIFIEX_AUTO_IDX_MASK;
1292 priv->assocresp_idx = MWIFIEX_AUTO_IDX_MASK;
1293 priv->gen_idx = MWIFIEX_AUTO_IDX_MASK;
1294 priv->num_tx_timeout = 0;
1295 ether_addr_copy(priv->curr_addr, priv->adapter->perm_addr);
1296 memcpy(dev->dev_addr, priv->curr_addr, ETH_ALEN);
1297
1298 if (GET_BSS_ROLE(priv) == MWIFIEX_BSS_ROLE_STA ||
1299 GET_BSS_ROLE(priv) == MWIFIEX_BSS_ROLE_UAP) {
1300 priv->hist_data = kmalloc(sizeof(*priv->hist_data), GFP_KERNEL);
1301 if (priv->hist_data)
1302 mwifiex_hist_data_reset(priv);
1303 }
1304}
1305
1306/*
1307 * This function check if command is pending.
1308 */
1309int is_command_pending(struct mwifiex_adapter *adapter)
1310{
1311 unsigned long flags;
1312 int is_cmd_pend_q_empty;
1313
1314 spin_lock_irqsave(&adapter->cmd_pending_q_lock, flags);
1315 is_cmd_pend_q_empty = list_empty(&adapter->cmd_pending_q);
1316 spin_unlock_irqrestore(&adapter->cmd_pending_q_lock, flags);
1317
1318 return !is_cmd_pend_q_empty;
1319}
1320
1321/*
1322 * This is the RX work queue function.
1323 *
1324 * It handles the RX operations.
1325 */
1326static void mwifiex_rx_work_queue(struct work_struct *work)
1327{
1328 struct mwifiex_adapter *adapter =
1329 container_of(work, struct mwifiex_adapter, rx_work);
1330
1331 if (adapter->surprise_removed)
1332 return;
1333 mwifiex_process_rx(adapter);
1334}
1335
1336/*
1337 * This is the main work queue function.
1338 *
1339 * It handles the main process, which in turn handles the complete
1340 * driver operations.
1341 */
1342static void mwifiex_main_work_queue(struct work_struct *work)
1343{
1344 struct mwifiex_adapter *adapter =
1345 container_of(work, struct mwifiex_adapter, main_work);
1346
1347 if (adapter->surprise_removed)
1348 return;
1349 mwifiex_main_process(adapter);
1350}
1351
1352/*
1353 * This function gets called during PCIe function level reset. Required
1354 * code is extracted from mwifiex_remove_card()
1355 */
1356int
1357mwifiex_shutdown_sw(struct mwifiex_adapter *adapter)
1358{
1359 struct mwifiex_private *priv;
1360 int i;
1361
1362 if (!adapter)
1363 goto exit_return;
1364
1365 wait_for_completion(adapter->fw_done);
1366 /* Caller should ensure we aren't suspending while this happens */
1367 reinit_completion(adapter->fw_done);
1368
1369 priv = mwifiex_get_priv(adapter, MWIFIEX_BSS_ROLE_ANY);
1370 mwifiex_deauthenticate(priv, NULL);
1371
1372 /* We can no longer handle interrupts once we start doing the teardown
1373 * below.
1374 */
1375 if (adapter->if_ops.disable_int)
1376 adapter->if_ops.disable_int(adapter);
1377
1378 adapter->surprise_removed = true;
1379 mwifiex_terminate_workqueue(adapter);
1380
1381 /* Stop data */
1382 for (i = 0; i < adapter->priv_num; i++) {
1383 priv = adapter->priv[i];
1384 if (priv && priv->netdev) {
1385 mwifiex_stop_net_dev_queue(priv->netdev, adapter);
1386 if (netif_carrier_ok(priv->netdev))
1387 netif_carrier_off(priv->netdev);
1388 netif_device_detach(priv->netdev);
1389 }
1390 }
1391
1392 mwifiex_dbg(adapter, CMD, "cmd: calling mwifiex_shutdown_drv...\n");
1393
1394 mwifiex_shutdown_drv(adapter);
1395 if (adapter->if_ops.down_dev)
1396 adapter->if_ops.down_dev(adapter);
1397
1398 mwifiex_dbg(adapter, CMD, "cmd: mwifiex_shutdown_drv done\n");
1399 if (atomic_read(&adapter->rx_pending) ||
1400 atomic_read(&adapter->tx_pending) ||
1401 atomic_read(&adapter->cmd_pending)) {
1402 mwifiex_dbg(adapter, ERROR,
1403 "rx_pending=%d, tx_pending=%d,\t"
1404 "cmd_pending=%d\n",
1405 atomic_read(&adapter->rx_pending),
1406 atomic_read(&adapter->tx_pending),
1407 atomic_read(&adapter->cmd_pending));
1408 }
1409
1410 for (i = 0; i < adapter->priv_num; i++) {
1411 priv = adapter->priv[i];
1412 if (!priv)
1413 continue;
1414 rtnl_lock();
1415 if (priv->netdev &&
1416 priv->wdev.iftype != NL80211_IFTYPE_UNSPECIFIED)
1417 mwifiex_del_virtual_intf(adapter->wiphy, &priv->wdev);
1418 rtnl_unlock();
1419 }
1420
1421 mwifiex_dbg(adapter, INFO, "%s, successful\n", __func__);
1422exit_return:
1423 return 0;
1424}
1425EXPORT_SYMBOL_GPL(mwifiex_shutdown_sw);
1426
1427/* This function gets called during PCIe function level reset. Required
1428 * code is extracted from mwifiex_add_card()
1429 */
1430int
1431mwifiex_reinit_sw(struct mwifiex_adapter *adapter)
1432{
1433 int ret;
1434
1435 mwifiex_init_lock_list(adapter);
1436 if (adapter->if_ops.up_dev)
1437 adapter->if_ops.up_dev(adapter);
1438
1439 adapter->hw_status = MWIFIEX_HW_STATUS_INITIALIZING;
1440 adapter->surprise_removed = false;
1441 init_waitqueue_head(&adapter->init_wait_q);
1442 adapter->is_suspended = false;
1443 adapter->hs_activated = false;
1444 init_waitqueue_head(&adapter->hs_activate_wait_q);
1445 init_waitqueue_head(&adapter->cmd_wait_q.wait);
1446 adapter->cmd_wait_q.status = 0;
1447 adapter->scan_wait_q_woken = false;
1448
1449 if ((num_possible_cpus() > 1) || adapter->iface_type == MWIFIEX_USB)
1450 adapter->rx_work_enabled = true;
1451
1452 adapter->workqueue =
1453 alloc_workqueue("MWIFIEX_WORK_QUEUE",
1454 WQ_HIGHPRI | WQ_MEM_RECLAIM | WQ_UNBOUND, 1);
1455 if (!adapter->workqueue)
1456 goto err_kmalloc;
1457
1458 INIT_WORK(&adapter->main_work, mwifiex_main_work_queue);
1459
1460 if (adapter->rx_work_enabled) {
1461 adapter->rx_workqueue = alloc_workqueue("MWIFIEX_RX_WORK_QUEUE",
1462 WQ_HIGHPRI |
1463 WQ_MEM_RECLAIM |
1464 WQ_UNBOUND, 1);
1465 if (!adapter->rx_workqueue)
1466 goto err_kmalloc;
1467 INIT_WORK(&adapter->rx_work, mwifiex_rx_work_queue);
1468 }
1469
1470 /* Register the device. Fill up the private data structure with
1471 * relevant information from the card. Some code extracted from
1472 * mwifiex_register_dev()
1473 */
1474 mwifiex_dbg(adapter, INFO, "%s, mwifiex_init_hw_fw()...\n", __func__);
1475
1476 if (mwifiex_init_hw_fw(adapter, false)) {
1477 mwifiex_dbg(adapter, ERROR,
1478 "%s: firmware init failed\n", __func__);
1479 goto err_init_fw;
1480 }
1481
1482 /* _mwifiex_fw_dpc() does its own cleanup */
1483 ret = _mwifiex_fw_dpc(adapter->firmware, adapter);
1484 if (ret) {
1485 pr_err("Failed to bring up adapter: %d\n", ret);
1486 return ret;
1487 }
1488 mwifiex_dbg(adapter, INFO, "%s, successful\n", __func__);
1489
1490 return 0;
1491
1492err_init_fw:
1493 mwifiex_dbg(adapter, ERROR, "info: %s: unregister device\n", __func__);
1494 if (adapter->if_ops.unregister_dev)
1495 adapter->if_ops.unregister_dev(adapter);
1496
1497err_kmalloc:
1498 adapter->surprise_removed = true;
1499 mwifiex_terminate_workqueue(adapter);
1500 if (adapter->hw_status == MWIFIEX_HW_STATUS_READY) {
1501 mwifiex_dbg(adapter, ERROR,
1502 "info: %s: shutdown mwifiex\n", __func__);
1503 mwifiex_shutdown_drv(adapter);
1504 }
1505
1506 complete_all(adapter->fw_done);
1507 mwifiex_dbg(adapter, INFO, "%s, error\n", __func__);
1508
1509 return -1;
1510}
1511EXPORT_SYMBOL_GPL(mwifiex_reinit_sw);
1512
1513static irqreturn_t mwifiex_irq_wakeup_handler(int irq, void *priv)
1514{
1515 struct mwifiex_adapter *adapter = priv;
1516
1517 dev_dbg(adapter->dev, "%s: wake by wifi", __func__);
1518 adapter->wake_by_wifi = true;
1519 disable_irq_nosync(irq);
1520
1521 /* Notify PM core we are wakeup source */
1522 pm_wakeup_event(adapter->dev, 0);
1523 pm_system_wakeup();
1524
1525 return IRQ_HANDLED;
1526}
1527
1528static void mwifiex_probe_of(struct mwifiex_adapter *adapter)
1529{
1530 int ret;
1531 struct device *dev = adapter->dev;
1532
1533 if (!dev->of_node)
1534 goto err_exit;
1535
1536 adapter->dt_node = dev->of_node;
1537 adapter->irq_wakeup = irq_of_parse_and_map(adapter->dt_node, 0);
1538 if (!adapter->irq_wakeup) {
1539 dev_dbg(dev, "fail to parse irq_wakeup from device tree\n");
1540 goto err_exit;
1541 }
1542
1543 ret = devm_request_irq(dev, adapter->irq_wakeup,
1544 mwifiex_irq_wakeup_handler, IRQF_TRIGGER_LOW,
1545 "wifi_wake", adapter);
1546 if (ret) {
1547 dev_err(dev, "Failed to request irq_wakeup %d (%d)\n",
1548 adapter->irq_wakeup, ret);
1549 goto err_exit;
1550 }
1551
1552 disable_irq(adapter->irq_wakeup);
1553 if (device_init_wakeup(dev, true)) {
1554 dev_err(dev, "fail to init wakeup for mwifiex\n");
1555 goto err_exit;
1556 }
1557 return;
1558
1559err_exit:
1560 adapter->irq_wakeup = -1;
1561}
1562
1563/*
1564 * This function adds the card.
1565 *
1566 * This function follows the following major steps to set up the device -
1567 * - Initialize software. This includes probing the card, registering
1568 * the interface operations table, and allocating/initializing the
1569 * adapter structure
1570 * - Set up the netlink socket
1571 * - Create and start the main work queue
1572 * - Register the device
1573 * - Initialize firmware and hardware
1574 * - Add logical interfaces
1575 */
1576int
1577mwifiex_add_card(void *card, struct completion *fw_done,
1578 struct mwifiex_if_ops *if_ops, u8 iface_type,
1579 struct device *dev)
1580{
1581 struct mwifiex_adapter *adapter;
1582
1583 if (mwifiex_register(card, dev, if_ops, (void **)&adapter)) {
1584 pr_err("%s: software init failed\n", __func__);
1585 goto err_init_sw;
1586 }
1587
1588 mwifiex_probe_of(adapter);
1589
1590 adapter->iface_type = iface_type;
1591 adapter->fw_done = fw_done;
1592
1593 adapter->hw_status = MWIFIEX_HW_STATUS_INITIALIZING;
1594 adapter->surprise_removed = false;
1595 init_waitqueue_head(&adapter->init_wait_q);
1596 adapter->is_suspended = false;
1597 adapter->hs_activated = false;
1598 init_waitqueue_head(&adapter->hs_activate_wait_q);
1599 init_waitqueue_head(&adapter->cmd_wait_q.wait);
1600 adapter->cmd_wait_q.status = 0;
1601 adapter->scan_wait_q_woken = false;
1602
1603 if ((num_possible_cpus() > 1) || adapter->iface_type == MWIFIEX_USB) {
1604 adapter->rx_work_enabled = true;
1605 pr_notice("rx work enabled, cpus %d\n", num_possible_cpus());
1606 }
1607
1608 adapter->workqueue =
1609 alloc_workqueue("MWIFIEX_WORK_QUEUE",
1610 WQ_HIGHPRI | WQ_MEM_RECLAIM | WQ_UNBOUND, 1);
1611 if (!adapter->workqueue)
1612 goto err_kmalloc;
1613
1614 INIT_WORK(&adapter->main_work, mwifiex_main_work_queue);
1615
1616 if (adapter->rx_work_enabled) {
1617 adapter->rx_workqueue = alloc_workqueue("MWIFIEX_RX_WORK_QUEUE",
1618 WQ_HIGHPRI |
1619 WQ_MEM_RECLAIM |
1620 WQ_UNBOUND, 1);
1621 if (!adapter->rx_workqueue)
1622 goto err_kmalloc;
1623
1624 INIT_WORK(&adapter->rx_work, mwifiex_rx_work_queue);
1625 }
1626
1627 /* Register the device. Fill up the private data structure with relevant
1628 information from the card. */
1629 if (adapter->if_ops.register_dev(adapter)) {
1630 pr_err("%s: failed to register mwifiex device\n", __func__);
1631 goto err_registerdev;
1632 }
1633
1634 if (mwifiex_init_hw_fw(adapter, true)) {
1635 pr_err("%s: firmware init failed\n", __func__);
1636 goto err_init_fw;
1637 }
1638
1639 return 0;
1640
1641err_init_fw:
1642 pr_debug("info: %s: unregister device\n", __func__);
1643 if (adapter->if_ops.unregister_dev)
1644 adapter->if_ops.unregister_dev(adapter);
1645err_registerdev:
1646 adapter->surprise_removed = true;
1647 mwifiex_terminate_workqueue(adapter);
1648 if (adapter->hw_status == MWIFIEX_HW_STATUS_READY) {
1649 pr_debug("info: %s: shutdown mwifiex\n", __func__);
1650 mwifiex_shutdown_drv(adapter);
1651 }
1652err_kmalloc:
1653 mwifiex_free_adapter(adapter);
1654
1655err_init_sw:
1656
1657 return -1;
1658}
1659EXPORT_SYMBOL_GPL(mwifiex_add_card);
1660
1661/*
1662 * This function removes the card.
1663 *
1664 * This function follows the following major steps to remove the device -
1665 * - Stop data traffic
1666 * - Shutdown firmware
1667 * - Remove the logical interfaces
1668 * - Terminate the work queue
1669 * - Unregister the device
1670 * - Free the adapter structure
1671 */
1672int mwifiex_remove_card(struct mwifiex_adapter *adapter)
1673{
1674 struct mwifiex_private *priv = NULL;
1675 int i;
1676
1677 if (!adapter)
1678 goto exit_remove;
1679
1680 /* We can no longer handle interrupts once we start doing the teardown
1681 * below. */
1682 if (adapter->if_ops.disable_int)
1683 adapter->if_ops.disable_int(adapter);
1684
1685 adapter->surprise_removed = true;
1686
1687 mwifiex_terminate_workqueue(adapter);
1688
1689 /* Stop data */
1690 for (i = 0; i < adapter->priv_num; i++) {
1691 priv = adapter->priv[i];
1692 if (priv && priv->netdev) {
1693 mwifiex_stop_net_dev_queue(priv->netdev, adapter);
1694 if (netif_carrier_ok(priv->netdev))
1695 netif_carrier_off(priv->netdev);
1696 }
1697 }
1698
1699 mwifiex_dbg(adapter, CMD,
1700 "cmd: calling mwifiex_shutdown_drv...\n");
1701
1702 mwifiex_shutdown_drv(adapter);
1703 mwifiex_dbg(adapter, CMD,
1704 "cmd: mwifiex_shutdown_drv done\n");
1705 if (atomic_read(&adapter->rx_pending) ||
1706 atomic_read(&adapter->tx_pending) ||
1707 atomic_read(&adapter->cmd_pending)) {
1708 mwifiex_dbg(adapter, ERROR,
1709 "rx_pending=%d, tx_pending=%d,\t"
1710 "cmd_pending=%d\n",
1711 atomic_read(&adapter->rx_pending),
1712 atomic_read(&adapter->tx_pending),
1713 atomic_read(&adapter->cmd_pending));
1714 }
1715
1716 for (i = 0; i < adapter->priv_num; i++) {
1717 priv = adapter->priv[i];
1718
1719 if (!priv)
1720 continue;
1721
1722 rtnl_lock();
1723 if (priv->netdev &&
1724 priv->wdev.iftype != NL80211_IFTYPE_UNSPECIFIED)
1725 mwifiex_del_virtual_intf(adapter->wiphy, &priv->wdev);
1726 rtnl_unlock();
1727 }
1728
1729 wiphy_unregister(adapter->wiphy);
1730 wiphy_free(adapter->wiphy);
1731
1732 if (adapter->irq_wakeup >= 0)
1733 device_init_wakeup(adapter->dev, false);
1734
1735 /* Unregister device */
1736 mwifiex_dbg(adapter, INFO,
1737 "info: unregister device\n");
1738 if (adapter->if_ops.unregister_dev)
1739 adapter->if_ops.unregister_dev(adapter);
1740 /* Free adapter structure */
1741 mwifiex_dbg(adapter, INFO,
1742 "info: free adapter\n");
1743 mwifiex_free_adapter(adapter);
1744
1745exit_remove:
1746 return 0;
1747}
1748EXPORT_SYMBOL_GPL(mwifiex_remove_card);
1749
1750void _mwifiex_dbg(const struct mwifiex_adapter *adapter, int mask,
1751 const char *fmt, ...)
1752{
1753 struct va_format vaf;
1754 va_list args;
1755
1756 if (!(adapter->debug_mask & mask))
1757 return;
1758
1759 va_start(args, fmt);
1760
1761 vaf.fmt = fmt;
1762 vaf.va = &args;
1763
1764 if (adapter->dev)
1765 dev_info(adapter->dev, "%pV", &vaf);
1766 else
1767 pr_info("%pV", &vaf);
1768
1769 va_end(args);
1770}
1771EXPORT_SYMBOL_GPL(_mwifiex_dbg);
1772
1773/*
1774 * This function initializes the module.
1775 *
1776 * The debug FS is also initialized if configured.
1777 */
1778static int
1779mwifiex_init_module(void)
1780{
1781#ifdef CONFIG_DEBUG_FS
1782 mwifiex_debugfs_init();
1783#endif
1784 return 0;
1785}
1786
1787/*
1788 * This function cleans up the module.
1789 *
1790 * The debug FS is removed if available.
1791 */
1792static void
1793mwifiex_cleanup_module(void)
1794{
1795#ifdef CONFIG_DEBUG_FS
1796 mwifiex_debugfs_remove();
1797#endif
1798}
1799
1800module_init(mwifiex_init_module);
1801module_exit(mwifiex_cleanup_module);
1802
1803MODULE_AUTHOR("Marvell International Ltd.");
1804MODULE_DESCRIPTION("Marvell WiFi-Ex Driver version " VERSION);
1805MODULE_VERSION(VERSION);
1806MODULE_LICENSE("GPL v2");
Linux 6.x block layer and io_uring tree(s)