1 /* ZD1211 USB-WLAN driver for Linux
2 *
3 * Copyright (C) 2005-2007 Ulrich Kunitz <kune@deine-taler.de>
4 * Copyright (C) 2006-2007 Daniel Drake <dsd@gentoo.org>
5 * Copyright (C) 2006-2007 Michael Wu <flamingice@sourmilk.net>
6 *
7 * This program is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 2 of the License, or
10 * (at your option) any later version.
11 *
12 * This program is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License
18 * along with this program; if not, write to the Free Software
19 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
20 */
21
22 #include <linux/kernel.h>
23 #include <linux/init.h>
24 #include <linux/firmware.h>
25 #include <linux/device.h>
26 #include <linux/errno.h>
27 #include <linux/slab.h>
28 #include <linux/skbuff.h>
29 #include <linux/usb.h>
30 #include <linux/workqueue.h>
31 #include <linux/module.h>
32 #include <net/mac80211.h>
33 #include <asm/unaligned.h>
34
35 #include "zd_def.h"
36 #include "zd_mac.h"
37 #include "zd_usb.h"
38
39 static struct usb_device_id usb_ids[] = {
40 /* ZD1211 */
41 { USB_DEVICE(0x0105, 0x145f), .driver_info = DEVICE_ZD1211 },
42 { USB_DEVICE(0x0586, 0x3401), .driver_info = DEVICE_ZD1211 },
43 { USB_DEVICE(0x0586, 0x3402), .driver_info = DEVICE_ZD1211 },
44 { USB_DEVICE(0x0586, 0x3407), .driver_info = DEVICE_ZD1211 },
45 { USB_DEVICE(0x0586, 0x3409), .driver_info = DEVICE_ZD1211 },
46 { USB_DEVICE(0x079b, 0x004a), .driver_info = DEVICE_ZD1211 },
47 { USB_DEVICE(0x07b8, 0x6001), .driver_info = DEVICE_ZD1211 },
48 { USB_DEVICE(0x0ace, 0x1211), .driver_info = DEVICE_ZD1211 },
49 { USB_DEVICE(0x0ace, 0xa211), .driver_info = DEVICE_ZD1211 },
50 { USB_DEVICE(0x0b05, 0x170c), .driver_info = DEVICE_ZD1211 },
51 { USB_DEVICE(0x0b3b, 0x1630), .driver_info = DEVICE_ZD1211 },
52 { USB_DEVICE(0x0b3b, 0x5630), .driver_info = DEVICE_ZD1211 },
53 { USB_DEVICE(0x0df6, 0x9071), .driver_info = DEVICE_ZD1211 },
54 { USB_DEVICE(0x0df6, 0x9075), .driver_info = DEVICE_ZD1211 },
55 { USB_DEVICE(0x126f, 0xa006), .driver_info = DEVICE_ZD1211 },
56 { USB_DEVICE(0x129b, 0x1666), .driver_info = DEVICE_ZD1211 },
57 { USB_DEVICE(0x13b1, 0x001e), .driver_info = DEVICE_ZD1211 },
58 { USB_DEVICE(0x1435, 0x0711), .driver_info = DEVICE_ZD1211 },
59 { USB_DEVICE(0x14ea, 0xab10), .driver_info = DEVICE_ZD1211 },
60 { USB_DEVICE(0x14ea, 0xab13), .driver_info = DEVICE_ZD1211 },
61 { USB_DEVICE(0x157e, 0x300a), .driver_info = DEVICE_ZD1211 },
62 { USB_DEVICE(0x157e, 0x300b), .driver_info = DEVICE_ZD1211 },
63 { USB_DEVICE(0x157e, 0x3204), .driver_info = DEVICE_ZD1211 },
64 { USB_DEVICE(0x157e, 0x3207), .driver_info = DEVICE_ZD1211 },
65 { USB_DEVICE(0x1740, 0x2000), .driver_info = DEVICE_ZD1211 },
66 { USB_DEVICE(0x6891, 0xa727), .driver_info = DEVICE_ZD1211 },
67 /* ZD1211B */
68 { USB_DEVICE(0x0053, 0x5301), .driver_info = DEVICE_ZD1211B },
69 { USB_DEVICE(0x0409, 0x0248), .driver_info = DEVICE_ZD1211B },
70 { USB_DEVICE(0x0411, 0x00da), .driver_info = DEVICE_ZD1211B },
71 { USB_DEVICE(0x0471, 0x1236), .driver_info = DEVICE_ZD1211B },
72 { USB_DEVICE(0x0471, 0x1237), .driver_info = DEVICE_ZD1211B },
73 { USB_DEVICE(0x050d, 0x705c), .driver_info = DEVICE_ZD1211B },
74 { USB_DEVICE(0x054c, 0x0257), .driver_info = DEVICE_ZD1211B },
75 { USB_DEVICE(0x0586, 0x340a), .driver_info = DEVICE_ZD1211B },
76 { USB_DEVICE(0x0586, 0x340f), .driver_info = DEVICE_ZD1211B },
77 { USB_DEVICE(0x0586, 0x3410), .driver_info = DEVICE_ZD1211B },
78 { USB_DEVICE(0x0586, 0x3412), .driver_info = DEVICE_ZD1211B },
79 { USB_DEVICE(0x0586, 0x3413), .driver_info = DEVICE_ZD1211B },
80 { USB_DEVICE(0x079b, 0x0062), .driver_info = DEVICE_ZD1211B },
81 { USB_DEVICE(0x07b8, 0x6001), .driver_info = DEVICE_ZD1211B },
82 { USB_DEVICE(0x07fa, 0x1196), .driver_info = DEVICE_ZD1211B },
83 { USB_DEVICE(0x083a, 0x4505), .driver_info = DEVICE_ZD1211B },
84 { USB_DEVICE(0x083a, 0xe501), .driver_info = DEVICE_ZD1211B },
85 { USB_DEVICE(0x083a, 0xe503), .driver_info = DEVICE_ZD1211B },
86 { USB_DEVICE(0x083a, 0xe506), .driver_info = DEVICE_ZD1211B },
87 { USB_DEVICE(0x0ace, 0x1215), .driver_info = DEVICE_ZD1211B },
88 { USB_DEVICE(0x0ace, 0xb215), .driver_info = DEVICE_ZD1211B },
89 { USB_DEVICE(0x0b05, 0x171b), .driver_info = DEVICE_ZD1211B },
90 { USB_DEVICE(0x0baf, 0x0121), .driver_info = DEVICE_ZD1211B },
91 { USB_DEVICE(0x0cde, 0x001a), .driver_info = DEVICE_ZD1211B },
92 { USB_DEVICE(0x0df6, 0x0036), .driver_info = DEVICE_ZD1211B },
93 { USB_DEVICE(0x129b, 0x1667), .driver_info = DEVICE_ZD1211B },
94 { USB_DEVICE(0x13b1, 0x0024), .driver_info = DEVICE_ZD1211B },
95 { USB_DEVICE(0x157e, 0x300d), .driver_info = DEVICE_ZD1211B },
96 { USB_DEVICE(0x1582, 0x6003), .driver_info = DEVICE_ZD1211B },
97 { USB_DEVICE(0x2019, 0x5303), .driver_info = DEVICE_ZD1211B },
98 { USB_DEVICE(0x2019, 0xed01), .driver_info = DEVICE_ZD1211B },
99 /* "Driverless" devices that need ejecting */
100 { USB_DEVICE(0x0ace, 0x2011), .driver_info = DEVICE_INSTALLER },
101 { USB_DEVICE(0x0ace, 0x20ff), .driver_info = DEVICE_INSTALLER },
102 {}
103 };
104
105 MODULE_LICENSE("GPL");
106 MODULE_DESCRIPTION("USB driver for devices with the ZD1211 chip.");
107 MODULE_AUTHOR("Ulrich Kunitz");
108 MODULE_AUTHOR("Daniel Drake");
109 MODULE_VERSION("1.0");
110 MODULE_DEVICE_TABLE(usb, usb_ids);
111
112 #define FW_ZD1211_PREFIX "zd1211/zd1211_"
113 #define FW_ZD1211B_PREFIX "zd1211/zd1211b_"
114
115 static bool check_read_regs(struct zd_usb *usb, struct usb_req_read_regs *req,
116 unsigned int count);
117
118 /* USB device initialization */
119 static void int_urb_complete(struct urb *urb);
120
request_fw_file(const struct firmware ** fw,const char * name,struct device * device)121 static int request_fw_file(
122 const struct firmware **fw, const char *name, struct device *device)
123 {
124 int r;
125
126 dev_dbg_f(device, "fw name %s\n", name);
127
128 r = request_firmware(fw, name, device);
129 if (r)
130 dev_err(device,
131 "Could not load firmware file %s. Error number %d\n",
132 name, r);
133 return r;
134 }
135
get_bcdDevice(const struct usb_device * udev)136 static inline u16 get_bcdDevice(const struct usb_device *udev)
137 {
138 return le16_to_cpu(udev->descriptor.bcdDevice);
139 }
140
141 enum upload_code_flags {
142 REBOOT = 1,
143 };
144
145 /* Ensures that MAX_TRANSFER_SIZE is even. */
146 #define MAX_TRANSFER_SIZE (USB_MAX_TRANSFER_SIZE & ~1)
147
upload_code(struct usb_device * udev,const u8 * data,size_t size,u16 code_offset,int flags)148 static int upload_code(struct usb_device *udev,
149 const u8 *data, size_t size, u16 code_offset, int flags)
150 {
151 u8 *p;
152 int r;
153
154 /* USB request blocks need "kmalloced" buffers.
155 */
156 p = kmalloc(MAX_TRANSFER_SIZE, GFP_KERNEL);
157 if (!p) {
158 r = -ENOMEM;
159 goto error;
160 }
161
162 size &= ~1;
163 while (size > 0) {
164 size_t transfer_size = size <= MAX_TRANSFER_SIZE ?
165 size : MAX_TRANSFER_SIZE;
166
167 dev_dbg_f(&udev->dev, "transfer size %zu\n", transfer_size);
168
169 memcpy(p, data, transfer_size);
170 r = usb_control_msg(udev, usb_sndctrlpipe(udev, 0),
171 USB_REQ_FIRMWARE_DOWNLOAD,
172 USB_DIR_OUT | USB_TYPE_VENDOR,
173 code_offset, 0, p, transfer_size, 1000 /* ms */);
174 if (r < 0) {
175 dev_err(&udev->dev,
176 "USB control request for firmware upload"
177 " failed. Error number %d\n", r);
178 goto error;
179 }
180 transfer_size = r & ~1;
181
182 size -= transfer_size;
183 data += transfer_size;
184 code_offset += transfer_size/sizeof(u16);
185 }
186
187 if (flags & REBOOT) {
188 u8 ret;
189
190 /* Use "DMA-aware" buffer. */
191 r = usb_control_msg(udev, usb_rcvctrlpipe(udev, 0),
192 USB_REQ_FIRMWARE_CONFIRM,
193 USB_DIR_IN | USB_TYPE_VENDOR,
194 0, 0, p, sizeof(ret), 5000 /* ms */);
195 if (r != sizeof(ret)) {
196 dev_err(&udev->dev,
197 "control request firmeware confirmation failed."
198 " Return value %d\n", r);
199 if (r >= 0)
200 r = -ENODEV;
201 goto error;
202 }
203 ret = p[0];
204 if (ret & 0x80) {
205 dev_err(&udev->dev,
206 "Internal error while downloading."
207 " Firmware confirm return value %#04x\n",
208 (unsigned int)ret);
209 r = -ENODEV;
210 goto error;
211 }
212 dev_dbg_f(&udev->dev, "firmware confirm return value %#04x\n",
213 (unsigned int)ret);
214 }
215
216 r = 0;
217 error:
218 kfree(p);
219 return r;
220 }
221
get_word(const void * data,u16 offset)222 static u16 get_word(const void *data, u16 offset)
223 {
224 const __le16 *p = data;
225 return le16_to_cpu(p[offset]);
226 }
227
get_fw_name(struct zd_usb * usb,char * buffer,size_t size,const char * postfix)228 static char *get_fw_name(struct zd_usb *usb, char *buffer, size_t size,
229 const char* postfix)
230 {
231 scnprintf(buffer, size, "%s%s",
232 usb->is_zd1211b ?
233 FW_ZD1211B_PREFIX : FW_ZD1211_PREFIX,
234 postfix);
235 return buffer;
236 }
237
handle_version_mismatch(struct zd_usb * usb,const struct firmware * ub_fw)238 static int handle_version_mismatch(struct zd_usb *usb,
239 const struct firmware *ub_fw)
240 {
241 struct usb_device *udev = zd_usb_to_usbdev(usb);
242 const struct firmware *ur_fw = NULL;
243 int offset;
244 int r = 0;
245 char fw_name[128];
246
247 r = request_fw_file(&ur_fw,
248 get_fw_name(usb, fw_name, sizeof(fw_name), "ur"),
249 &udev->dev);
250 if (r)
251 goto error;
252
253 r = upload_code(udev, ur_fw->data, ur_fw->size, FW_START, REBOOT);
254 if (r)
255 goto error;
256
257 offset = (E2P_BOOT_CODE_OFFSET * sizeof(u16));
258 r = upload_code(udev, ub_fw->data + offset, ub_fw->size - offset,
259 E2P_START + E2P_BOOT_CODE_OFFSET, REBOOT);
260
261 /* At this point, the vendor driver downloads the whole firmware
262 * image, hacks around with version IDs, and uploads it again,
263 * completely overwriting the boot code. We do not do this here as
264 * it is not required on any tested devices, and it is suspected to
265 * cause problems. */
266 error:
267 release_firmware(ur_fw);
268 return r;
269 }
270
upload_firmware(struct zd_usb * usb)271 static int upload_firmware(struct zd_usb *usb)
272 {
273 int r;
274 u16 fw_bcdDevice;
275 u16 bcdDevice;
276 struct usb_device *udev = zd_usb_to_usbdev(usb);
277 const struct firmware *ub_fw = NULL;
278 const struct firmware *uph_fw = NULL;
279 char fw_name[128];
280
281 bcdDevice = get_bcdDevice(udev);
282
283 r = request_fw_file(&ub_fw,
284 get_fw_name(usb, fw_name, sizeof(fw_name), "ub"),
285 &udev->dev);
286 if (r)
287 goto error;
288
289 fw_bcdDevice = get_word(ub_fw->data, E2P_DATA_OFFSET);
290
291 if (fw_bcdDevice != bcdDevice) {
292 dev_info(&udev->dev,
293 "firmware version %#06x and device bootcode version "
294 "%#06x differ\n", fw_bcdDevice, bcdDevice);
295 if (bcdDevice <= 0x4313)
296 dev_warn(&udev->dev, "device has old bootcode, please "
297 "report success or failure\n");
298
299 r = handle_version_mismatch(usb, ub_fw);
300 if (r)
301 goto error;
302 } else {
303 dev_dbg_f(&udev->dev,
304 "firmware device id %#06x is equal to the "
305 "actual device id\n", fw_bcdDevice);
306 }
307
308
309 r = request_fw_file(&uph_fw,
310 get_fw_name(usb, fw_name, sizeof(fw_name), "uphr"),
311 &udev->dev);
312 if (r)
313 goto error;
314
315 r = upload_code(udev, uph_fw->data, uph_fw->size, FW_START, REBOOT);
316 if (r) {
317 dev_err(&udev->dev,
318 "Could not upload firmware code uph. Error number %d\n",
319 r);
320 }
321
322 /* FALL-THROUGH */
323 error:
324 release_firmware(ub_fw);
325 release_firmware(uph_fw);
326 return r;
327 }
328
329 MODULE_FIRMWARE(FW_ZD1211B_PREFIX "ur");
330 MODULE_FIRMWARE(FW_ZD1211_PREFIX "ur");
331 MODULE_FIRMWARE(FW_ZD1211B_PREFIX "ub");
332 MODULE_FIRMWARE(FW_ZD1211_PREFIX "ub");
333 MODULE_FIRMWARE(FW_ZD1211B_PREFIX "uphr");
334 MODULE_FIRMWARE(FW_ZD1211_PREFIX "uphr");
335
336 /* Read data from device address space using "firmware interface" which does
337 * not require firmware to be loaded. */
zd_usb_read_fw(struct zd_usb * usb,zd_addr_t addr,u8 * data,u16 len)338 int zd_usb_read_fw(struct zd_usb *usb, zd_addr_t addr, u8 *data, u16 len)
339 {
340 int r;
341 struct usb_device *udev = zd_usb_to_usbdev(usb);
342 u8 *buf;
343
344 /* Use "DMA-aware" buffer. */
345 buf = kmalloc(len, GFP_KERNEL);
346 if (!buf)
347 return -ENOMEM;
348 r = usb_control_msg(udev, usb_rcvctrlpipe(udev, 0),
349 USB_REQ_FIRMWARE_READ_DATA, USB_DIR_IN | 0x40, addr, 0,
350 buf, len, 5000);
351 if (r < 0) {
352 dev_err(&udev->dev,
353 "read over firmware interface failed: %d\n", r);
354 goto exit;
355 } else if (r != len) {
356 dev_err(&udev->dev,
357 "incomplete read over firmware interface: %d/%d\n",
358 r, len);
359 r = -EIO;
360 goto exit;
361 }
362 r = 0;
363 memcpy(data, buf, len);
364 exit:
365 kfree(buf);
366 return r;
367 }
368
369 #define urb_dev(urb) (&(urb)->dev->dev)
370
handle_regs_int_override(struct urb * urb)371 static inline void handle_regs_int_override(struct urb *urb)
372 {
373 struct zd_usb *usb = urb->context;
374 struct zd_usb_interrupt *intr = &usb->intr;
375
376 spin_lock(&intr->lock);
377 if (atomic_read(&intr->read_regs_enabled)) {
378 atomic_set(&intr->read_regs_enabled, 0);
379 intr->read_regs_int_overridden = 1;
380 complete(&intr->read_regs.completion);
381 }
382 spin_unlock(&intr->lock);
383 }
384
handle_regs_int(struct urb * urb)385 static inline void handle_regs_int(struct urb *urb)
386 {
387 struct zd_usb *usb = urb->context;
388 struct zd_usb_interrupt *intr = &usb->intr;
389 int len;
390 u16 int_num;
391
392 ZD_ASSERT(in_interrupt());
393 spin_lock(&intr->lock);
394
395 int_num = le16_to_cpu(*(__le16 *)(urb->transfer_buffer+2));
396 if (int_num == CR_INTERRUPT) {
397 struct zd_mac *mac = zd_hw_mac(zd_usb_to_hw(urb->context));
398 spin_lock(&mac->lock);
399 memcpy(&mac->intr_buffer, urb->transfer_buffer,
400 USB_MAX_EP_INT_BUFFER);
401 spin_unlock(&mac->lock);
402 schedule_work(&mac->process_intr);
403 } else if (atomic_read(&intr->read_regs_enabled)) {
404 len = urb->actual_length;
405 intr->read_regs.length = urb->actual_length;
406 if (len > sizeof(intr->read_regs.buffer))
407 len = sizeof(intr->read_regs.buffer);
408
409 memcpy(intr->read_regs.buffer, urb->transfer_buffer, len);
410
411 /* Sometimes USB_INT_ID_REGS is not overridden, but comes after
412 * USB_INT_ID_RETRY_FAILED. Read-reg retry then gets this
413 * delayed USB_INT_ID_REGS, but leaves USB_INT_ID_REGS of
414 * retry unhandled. Next read-reg command then might catch
415 * this wrong USB_INT_ID_REGS. Fix by ignoring wrong reads.
416 */
417 if (!check_read_regs(usb, intr->read_regs.req,
418 intr->read_regs.req_count))
419 goto out;
420
421 atomic_set(&intr->read_regs_enabled, 0);
422 intr->read_regs_int_overridden = 0;
423 complete(&intr->read_regs.completion);
424
425 goto out;
426 }
427
428 out:
429 spin_unlock(&intr->lock);
430
431 /* CR_INTERRUPT might override read_reg too. */
432 if (int_num == CR_INTERRUPT && atomic_read(&intr->read_regs_enabled))
433 handle_regs_int_override(urb);
434 }
435
int_urb_complete(struct urb * urb)436 static void int_urb_complete(struct urb *urb)
437 {
438 int r;
439 struct usb_int_header *hdr;
440 struct zd_usb *usb;
441 struct zd_usb_interrupt *intr;
442
443 switch (urb->status) {
444 case 0:
445 break;
446 case -ESHUTDOWN:
447 case -EINVAL:
448 case -ENODEV:
449 case -ENOENT:
450 case -ECONNRESET:
451 case -EPIPE:
452 dev_dbg_f(urb_dev(urb), "urb %p error %d\n", urb, urb->status);
453 return;
454 default:
455 dev_dbg_f(urb_dev(urb), "urb %p error %d\n", urb, urb->status);
456 goto resubmit;
457 }
458
459 if (urb->actual_length < sizeof(hdr)) {
460 dev_dbg_f(urb_dev(urb), "error: urb %p to small\n", urb);
461 goto resubmit;
462 }
463
464 hdr = urb->transfer_buffer;
465 if (hdr->type != USB_INT_TYPE) {
466 dev_dbg_f(urb_dev(urb), "error: urb %p wrong type\n", urb);
467 goto resubmit;
468 }
469
470 /* USB_INT_ID_RETRY_FAILED triggered by tx-urb submit can override
471 * pending USB_INT_ID_REGS causing read command timeout.
472 */
473 usb = urb->context;
474 intr = &usb->intr;
475 if (hdr->id != USB_INT_ID_REGS && atomic_read(&intr->read_regs_enabled))
476 handle_regs_int_override(urb);
477
478 switch (hdr->id) {
479 case USB_INT_ID_REGS:
480 handle_regs_int(urb);
481 break;
482 case USB_INT_ID_RETRY_FAILED:
483 zd_mac_tx_failed(urb);
484 break;
485 default:
486 dev_dbg_f(urb_dev(urb), "error: urb %p unknown id %x\n", urb,
487 (unsigned int)hdr->id);
488 goto resubmit;
489 }
490
491 resubmit:
492 r = usb_submit_urb(urb, GFP_ATOMIC);
493 if (r) {
494 dev_dbg_f(urb_dev(urb), "error: resubmit urb %p err code %d\n",
495 urb, r);
496 /* TODO: add worker to reset intr->urb */
497 }
498 return;
499 }
500
int_urb_interval(struct usb_device * udev)501 static inline int int_urb_interval(struct usb_device *udev)
502 {
503 switch (udev->speed) {
504 case USB_SPEED_HIGH:
505 return 4;
506 case USB_SPEED_LOW:
507 return 10;
508 case USB_SPEED_FULL:
509 default:
510 return 1;
511 }
512 }
513
usb_int_enabled(struct zd_usb * usb)514 static inline int usb_int_enabled(struct zd_usb *usb)
515 {
516 unsigned long flags;
517 struct zd_usb_interrupt *intr = &usb->intr;
518 struct urb *urb;
519
520 spin_lock_irqsave(&intr->lock, flags);
521 urb = intr->urb;
522 spin_unlock_irqrestore(&intr->lock, flags);
523 return urb != NULL;
524 }
525
zd_usb_enable_int(struct zd_usb * usb)526 int zd_usb_enable_int(struct zd_usb *usb)
527 {
528 int r;
529 struct usb_device *udev = zd_usb_to_usbdev(usb);
530 struct zd_usb_interrupt *intr = &usb->intr;
531 struct urb *urb;
532
533 dev_dbg_f(zd_usb_dev(usb), "\n");
534
535 urb = usb_alloc_urb(0, GFP_KERNEL);
536 if (!urb) {
537 r = -ENOMEM;
538 goto out;
539 }
540
541 ZD_ASSERT(!irqs_disabled());
542 spin_lock_irq(&intr->lock);
543 if (intr->urb) {
544 spin_unlock_irq(&intr->lock);
545 r = 0;
546 goto error_free_urb;
547 }
548 intr->urb = urb;
549 spin_unlock_irq(&intr->lock);
550
551 r = -ENOMEM;
552 intr->buffer = usb_alloc_coherent(udev, USB_MAX_EP_INT_BUFFER,
553 GFP_KERNEL, &intr->buffer_dma);
554 if (!intr->buffer) {
555 dev_dbg_f(zd_usb_dev(usb),
556 "couldn't allocate transfer_buffer\n");
557 goto error_set_urb_null;
558 }
559
560 usb_fill_int_urb(urb, udev, usb_rcvintpipe(udev, EP_INT_IN),
561 intr->buffer, USB_MAX_EP_INT_BUFFER,
562 int_urb_complete, usb,
563 intr->interval);
564 urb->transfer_dma = intr->buffer_dma;
565 urb->transfer_flags |= URB_NO_TRANSFER_DMA_MAP;
566
567 dev_dbg_f(zd_usb_dev(usb), "submit urb %p\n", intr->urb);
568 r = usb_submit_urb(urb, GFP_KERNEL);
569 if (r) {
570 dev_dbg_f(zd_usb_dev(usb),
571 "Couldn't submit urb. Error number %d\n", r);
572 goto error;
573 }
574
575 return 0;
576 error:
577 usb_free_coherent(udev, USB_MAX_EP_INT_BUFFER,
578 intr->buffer, intr->buffer_dma);
579 error_set_urb_null:
580 spin_lock_irq(&intr->lock);
581 intr->urb = NULL;
582 spin_unlock_irq(&intr->lock);
583 error_free_urb:
584 usb_free_urb(urb);
585 out:
586 return r;
587 }
588
zd_usb_disable_int(struct zd_usb * usb)589 void zd_usb_disable_int(struct zd_usb *usb)
590 {
591 unsigned long flags;
592 struct usb_device *udev = zd_usb_to_usbdev(usb);
593 struct zd_usb_interrupt *intr = &usb->intr;
594 struct urb *urb;
595 void *buffer;
596 dma_addr_t buffer_dma;
597
598 spin_lock_irqsave(&intr->lock, flags);
599 urb = intr->urb;
600 if (!urb) {
601 spin_unlock_irqrestore(&intr->lock, flags);
602 return;
603 }
604 intr->urb = NULL;
605 buffer = intr->buffer;
606 buffer_dma = intr->buffer_dma;
607 intr->buffer = NULL;
608 spin_unlock_irqrestore(&intr->lock, flags);
609
610 usb_kill_urb(urb);
611 dev_dbg_f(zd_usb_dev(usb), "urb %p killed\n", urb);
612 usb_free_urb(urb);
613
614 if (buffer)
615 usb_free_coherent(udev, USB_MAX_EP_INT_BUFFER,
616 buffer, buffer_dma);
617 }
618
handle_rx_packet(struct zd_usb * usb,const u8 * buffer,unsigned int length)619 static void handle_rx_packet(struct zd_usb *usb, const u8 *buffer,
620 unsigned int length)
621 {
622 int i;
623 const struct rx_length_info *length_info;
624
625 if (length < sizeof(struct rx_length_info)) {
626 /* It's not a complete packet anyhow. */
627 dev_dbg_f(zd_usb_dev(usb), "invalid, small RX packet : %d\n",
628 length);
629 return;
630 }
631 length_info = (struct rx_length_info *)
632 (buffer + length - sizeof(struct rx_length_info));
633
634 /* It might be that three frames are merged into a single URB
635 * transaction. We have to check for the length info tag.
636 *
637 * While testing we discovered that length_info might be unaligned,
638 * because if USB transactions are merged, the last packet will not
639 * be padded. Unaligned access might also happen if the length_info
640 * structure is not present.
641 */
642 if (get_unaligned_le16(&length_info->tag) == RX_LENGTH_INFO_TAG)
643 {
644 unsigned int l, k, n;
645 for (i = 0, l = 0;; i++) {
646 k = get_unaligned_le16(&length_info->length[i]);
647 if (k == 0)
648 return;
649 n = l+k;
650 if (n > length)
651 return;
652 zd_mac_rx(zd_usb_to_hw(usb), buffer+l, k);
653 if (i >= 2)
654 return;
655 l = (n+3) & ~3;
656 }
657 } else {
658 zd_mac_rx(zd_usb_to_hw(usb), buffer, length);
659 }
660 }
661
rx_urb_complete(struct urb * urb)662 static void rx_urb_complete(struct urb *urb)
663 {
664 int r;
665 struct zd_usb *usb;
666 struct zd_usb_rx *rx;
667 const u8 *buffer;
668 unsigned int length;
669
670 switch (urb->status) {
671 case 0:
672 break;
673 case -ESHUTDOWN:
674 case -EINVAL:
675 case -ENODEV:
676 case -ENOENT:
677 case -ECONNRESET:
678 case -EPIPE:
679 dev_dbg_f(urb_dev(urb), "urb %p error %d\n", urb, urb->status);
680 return;
681 default:
682 dev_dbg_f(urb_dev(urb), "urb %p error %d\n", urb, urb->status);
683 goto resubmit;
684 }
685
686 buffer = urb->transfer_buffer;
687 length = urb->actual_length;
688 usb = urb->context;
689 rx = &usb->rx;
690
691 tasklet_schedule(&rx->reset_timer_tasklet);
692
693 if (length%rx->usb_packet_size > rx->usb_packet_size-4) {
694 /* If there is an old first fragment, we don't care. */
695 dev_dbg_f(urb_dev(urb), "*** first fragment ***\n");
696 ZD_ASSERT(length <= ARRAY_SIZE(rx->fragment));
697 spin_lock(&rx->lock);
698 memcpy(rx->fragment, buffer, length);
699 rx->fragment_length = length;
700 spin_unlock(&rx->lock);
701 goto resubmit;
702 }
703
704 spin_lock(&rx->lock);
705 if (rx->fragment_length > 0) {
706 /* We are on a second fragment, we believe */
707 ZD_ASSERT(length + rx->fragment_length <=
708 ARRAY_SIZE(rx->fragment));
709 dev_dbg_f(urb_dev(urb), "*** second fragment ***\n");
710 memcpy(rx->fragment+rx->fragment_length, buffer, length);
711 handle_rx_packet(usb, rx->fragment,
712 rx->fragment_length + length);
713 rx->fragment_length = 0;
714 spin_unlock(&rx->lock);
715 } else {
716 spin_unlock(&rx->lock);
717 handle_rx_packet(usb, buffer, length);
718 }
719
720 resubmit:
721 r = usb_submit_urb(urb, GFP_ATOMIC);
722 if (r)
723 dev_dbg_f(urb_dev(urb), "urb %p resubmit error %d\n", urb, r);
724 }
725
alloc_rx_urb(struct zd_usb * usb)726 static struct urb *alloc_rx_urb(struct zd_usb *usb)
727 {
728 struct usb_device *udev = zd_usb_to_usbdev(usb);
729 struct urb *urb;
730 void *buffer;
731
732 urb = usb_alloc_urb(0, GFP_KERNEL);
733 if (!urb)
734 return NULL;
735 buffer = usb_alloc_coherent(udev, USB_MAX_RX_SIZE, GFP_KERNEL,
736 &urb->transfer_dma);
737 if (!buffer) {
738 usb_free_urb(urb);
739 return NULL;
740 }
741
742 usb_fill_bulk_urb(urb, udev, usb_rcvbulkpipe(udev, EP_DATA_IN),
743 buffer, USB_MAX_RX_SIZE,
744 rx_urb_complete, usb);
745 urb->transfer_flags |= URB_NO_TRANSFER_DMA_MAP;
746
747 return urb;
748 }
749
free_rx_urb(struct urb * urb)750 static void free_rx_urb(struct urb *urb)
751 {
752 if (!urb)
753 return;
754 usb_free_coherent(urb->dev, urb->transfer_buffer_length,
755 urb->transfer_buffer, urb->transfer_dma);
756 usb_free_urb(urb);
757 }
758
__zd_usb_enable_rx(struct zd_usb * usb)759 static int __zd_usb_enable_rx(struct zd_usb *usb)
760 {
761 int i, r;
762 struct zd_usb_rx *rx = &usb->rx;
763 struct urb **urbs;
764
765 dev_dbg_f(zd_usb_dev(usb), "\n");
766
767 r = -ENOMEM;
768 urbs = kcalloc(RX_URBS_COUNT, sizeof(struct urb *), GFP_KERNEL);
769 if (!urbs)
770 goto error;
771 for (i = 0; i < RX_URBS_COUNT; i++) {
772 urbs[i] = alloc_rx_urb(usb);
773 if (!urbs[i])
774 goto error;
775 }
776
777 ZD_ASSERT(!irqs_disabled());
778 spin_lock_irq(&rx->lock);
779 if (rx->urbs) {
780 spin_unlock_irq(&rx->lock);
781 r = 0;
782 goto error;
783 }
784 rx->urbs = urbs;
785 rx->urbs_count = RX_URBS_COUNT;
786 spin_unlock_irq(&rx->lock);
787
788 for (i = 0; i < RX_URBS_COUNT; i++) {
789 r = usb_submit_urb(urbs[i], GFP_KERNEL);
790 if (r)
791 goto error_submit;
792 }
793
794 return 0;
795 error_submit:
796 for (i = 0; i < RX_URBS_COUNT; i++) {
797 usb_kill_urb(urbs[i]);
798 }
799 spin_lock_irq(&rx->lock);
800 rx->urbs = NULL;
801 rx->urbs_count = 0;
802 spin_unlock_irq(&rx->lock);
803 error:
804 if (urbs) {
805 for (i = 0; i < RX_URBS_COUNT; i++)
806 free_rx_urb(urbs[i]);
807 }
808 return r;
809 }
810
zd_usb_enable_rx(struct zd_usb * usb)811 int zd_usb_enable_rx(struct zd_usb *usb)
812 {
813 int r;
814 struct zd_usb_rx *rx = &usb->rx;
815
816 mutex_lock(&rx->setup_mutex);
817 r = __zd_usb_enable_rx(usb);
818 mutex_unlock(&rx->setup_mutex);
819
820 zd_usb_reset_rx_idle_timer(usb);
821
822 return r;
823 }
824
__zd_usb_disable_rx(struct zd_usb * usb)825 static void __zd_usb_disable_rx(struct zd_usb *usb)
826 {
827 int i;
828 unsigned long flags;
829 struct urb **urbs;
830 unsigned int count;
831 struct zd_usb_rx *rx = &usb->rx;
832
833 spin_lock_irqsave(&rx->lock, flags);
834 urbs = rx->urbs;
835 count = rx->urbs_count;
836 spin_unlock_irqrestore(&rx->lock, flags);
837 if (!urbs)
838 return;
839
840 for (i = 0; i < count; i++) {
841 usb_kill_urb(urbs[i]);
842 free_rx_urb(urbs[i]);
843 }
844 kfree(urbs);
845
846 spin_lock_irqsave(&rx->lock, flags);
847 rx->urbs = NULL;
848 rx->urbs_count = 0;
849 spin_unlock_irqrestore(&rx->lock, flags);
850 }
851
zd_usb_disable_rx(struct zd_usb * usb)852 void zd_usb_disable_rx(struct zd_usb *usb)
853 {
854 struct zd_usb_rx *rx = &usb->rx;
855
856 mutex_lock(&rx->setup_mutex);
857 __zd_usb_disable_rx(usb);
858 mutex_unlock(&rx->setup_mutex);
859
860 tasklet_kill(&rx->reset_timer_tasklet);
861 cancel_delayed_work_sync(&rx->idle_work);
862 }
863
zd_usb_reset_rx(struct zd_usb * usb)864 static void zd_usb_reset_rx(struct zd_usb *usb)
865 {
866 bool do_reset;
867 struct zd_usb_rx *rx = &usb->rx;
868 unsigned long flags;
869
870 mutex_lock(&rx->setup_mutex);
871
872 spin_lock_irqsave(&rx->lock, flags);
873 do_reset = rx->urbs != NULL;
874 spin_unlock_irqrestore(&rx->lock, flags);
875
876 if (do_reset) {
877 __zd_usb_disable_rx(usb);
878 __zd_usb_enable_rx(usb);
879 }
880
881 mutex_unlock(&rx->setup_mutex);
882
883 if (do_reset)
884 zd_usb_reset_rx_idle_timer(usb);
885 }
886
887 /**
888 * zd_usb_disable_tx - disable transmission
889 * @usb: the zd1211rw-private USB structure
890 *
891 * Frees all URBs in the free list and marks the transmission as disabled.
892 */
zd_usb_disable_tx(struct zd_usb * usb)893 void zd_usb_disable_tx(struct zd_usb *usb)
894 {
895 struct zd_usb_tx *tx = &usb->tx;
896 unsigned long flags;
897
898 atomic_set(&tx->enabled, 0);
899
900 /* kill all submitted tx-urbs */
901 usb_kill_anchored_urbs(&tx->submitted);
902
903 spin_lock_irqsave(&tx->lock, flags);
904 WARN_ON(!skb_queue_empty(&tx->submitted_skbs));
905 WARN_ON(tx->submitted_urbs != 0);
906 tx->submitted_urbs = 0;
907 spin_unlock_irqrestore(&tx->lock, flags);
908
909 /* The stopped state is ignored, relying on ieee80211_wake_queues()
910 * in a potentionally following zd_usb_enable_tx().
911 */
912 }
913
914 /**
915 * zd_usb_enable_tx - enables transmission
916 * @usb: a &struct zd_usb pointer
917 *
918 * This function enables transmission and prepares the &zd_usb_tx data
919 * structure.
920 */
zd_usb_enable_tx(struct zd_usb * usb)921 void zd_usb_enable_tx(struct zd_usb *usb)
922 {
923 unsigned long flags;
924 struct zd_usb_tx *tx = &usb->tx;
925
926 spin_lock_irqsave(&tx->lock, flags);
927 atomic_set(&tx->enabled, 1);
928 tx->submitted_urbs = 0;
929 ieee80211_wake_queues(zd_usb_to_hw(usb));
930 tx->stopped = 0;
931 spin_unlock_irqrestore(&tx->lock, flags);
932 }
933
tx_dec_submitted_urbs(struct zd_usb * usb)934 static void tx_dec_submitted_urbs(struct zd_usb *usb)
935 {
936 struct zd_usb_tx *tx = &usb->tx;
937 unsigned long flags;
938
939 spin_lock_irqsave(&tx->lock, flags);
940 --tx->submitted_urbs;
941 if (tx->stopped && tx->submitted_urbs <= ZD_USB_TX_LOW) {
942 ieee80211_wake_queues(zd_usb_to_hw(usb));
943 tx->stopped = 0;
944 }
945 spin_unlock_irqrestore(&tx->lock, flags);
946 }
947
tx_inc_submitted_urbs(struct zd_usb * usb)948 static void tx_inc_submitted_urbs(struct zd_usb *usb)
949 {
950 struct zd_usb_tx *tx = &usb->tx;
951 unsigned long flags;
952
953 spin_lock_irqsave(&tx->lock, flags);
954 ++tx->submitted_urbs;
955 if (!tx->stopped && tx->submitted_urbs > ZD_USB_TX_HIGH) {
956 ieee80211_stop_queues(zd_usb_to_hw(usb));
957 tx->stopped = 1;
958 }
959 spin_unlock_irqrestore(&tx->lock, flags);
960 }
961
962 /**
963 * tx_urb_complete - completes the execution of an URB
964 * @urb: a URB
965 *
966 * This function is called if the URB has been transferred to a device or an
967 * error has happened.
968 */
tx_urb_complete(struct urb * urb)969 static void tx_urb_complete(struct urb *urb)
970 {
971 int r;
972 struct sk_buff *skb;
973 struct ieee80211_tx_info *info;
974 struct zd_usb *usb;
975 struct zd_usb_tx *tx;
976
977 skb = (struct sk_buff *)urb->context;
978 info = IEEE80211_SKB_CB(skb);
979 /*
980 * grab 'usb' pointer before handing off the skb (since
981 * it might be freed by zd_mac_tx_to_dev or mac80211)
982 */
983 usb = &zd_hw_mac(info->rate_driver_data[0])->chip.usb;
984 tx = &usb->tx;
985
986 switch (urb->status) {
987 case 0:
988 break;
989 case -ESHUTDOWN:
990 case -EINVAL:
991 case -ENODEV:
992 case -ENOENT:
993 case -ECONNRESET:
994 case -EPIPE:
995 dev_dbg_f(urb_dev(urb), "urb %p error %d\n", urb, urb->status);
996 break;
997 default:
998 dev_dbg_f(urb_dev(urb), "urb %p error %d\n", urb, urb->status);
999 goto resubmit;
1000 }
1001 free_urb:
1002 skb_unlink(skb, &usb->tx.submitted_skbs);
1003 zd_mac_tx_to_dev(skb, urb->status);
1004 usb_free_urb(urb);
1005 tx_dec_submitted_urbs(usb);
1006 return;
1007 resubmit:
1008 usb_anchor_urb(urb, &tx->submitted);
1009 r = usb_submit_urb(urb, GFP_ATOMIC);
1010 if (r) {
1011 usb_unanchor_urb(urb);
1012 dev_dbg_f(urb_dev(urb), "error resubmit urb %p %d\n", urb, r);
1013 goto free_urb;
1014 }
1015 }
1016
1017 /**
1018 * zd_usb_tx: initiates transfer of a frame of the device
1019 *
1020 * @usb: the zd1211rw-private USB structure
1021 * @skb: a &struct sk_buff pointer
1022 *
1023 * This function tranmits a frame to the device. It doesn't wait for
1024 * completion. The frame must contain the control set and have all the
1025 * control set information available.
1026 *
1027 * The function returns 0 if the transfer has been successfully initiated.
1028 */
zd_usb_tx(struct zd_usb * usb,struct sk_buff * skb)1029 int zd_usb_tx(struct zd_usb *usb, struct sk_buff *skb)
1030 {
1031 int r;
1032 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
1033 struct usb_device *udev = zd_usb_to_usbdev(usb);
1034 struct urb *urb;
1035 struct zd_usb_tx *tx = &usb->tx;
1036
1037 if (!atomic_read(&tx->enabled)) {
1038 r = -ENOENT;
1039 goto out;
1040 }
1041
1042 urb = usb_alloc_urb(0, GFP_ATOMIC);
1043 if (!urb) {
1044 r = -ENOMEM;
1045 goto out;
1046 }
1047
1048 usb_fill_bulk_urb(urb, udev, usb_sndbulkpipe(udev, EP_DATA_OUT),
1049 skb->data, skb->len, tx_urb_complete, skb);
1050
1051 info->rate_driver_data[1] = (void *)jiffies;
1052 skb_queue_tail(&tx->submitted_skbs, skb);
1053 usb_anchor_urb(urb, &tx->submitted);
1054
1055 r = usb_submit_urb(urb, GFP_ATOMIC);
1056 if (r) {
1057 dev_dbg_f(zd_usb_dev(usb), "error submit urb %p %d\n", urb, r);
1058 usb_unanchor_urb(urb);
1059 skb_unlink(skb, &tx->submitted_skbs);
1060 goto error;
1061 }
1062 tx_inc_submitted_urbs(usb);
1063 return 0;
1064 error:
1065 usb_free_urb(urb);
1066 out:
1067 return r;
1068 }
1069
zd_tx_timeout(struct zd_usb * usb)1070 static bool zd_tx_timeout(struct zd_usb *usb)
1071 {
1072 struct zd_usb_tx *tx = &usb->tx;
1073 struct sk_buff_head *q = &tx->submitted_skbs;
1074 struct sk_buff *skb, *skbnext;
1075 struct ieee80211_tx_info *info;
1076 unsigned long flags, trans_start;
1077 bool have_timedout = false;
1078
1079 spin_lock_irqsave(&q->lock, flags);
1080 skb_queue_walk_safe(q, skb, skbnext) {
1081 info = IEEE80211_SKB_CB(skb);
1082 trans_start = (unsigned long)info->rate_driver_data[1];
1083
1084 if (time_is_before_jiffies(trans_start + ZD_TX_TIMEOUT)) {
1085 have_timedout = true;
1086 break;
1087 }
1088 }
1089 spin_unlock_irqrestore(&q->lock, flags);
1090
1091 return have_timedout;
1092 }
1093
zd_tx_watchdog_handler(struct work_struct * work)1094 static void zd_tx_watchdog_handler(struct work_struct *work)
1095 {
1096 struct zd_usb *usb =
1097 container_of(work, struct zd_usb, tx.watchdog_work.work);
1098 struct zd_usb_tx *tx = &usb->tx;
1099
1100 if (!atomic_read(&tx->enabled) || !tx->watchdog_enabled)
1101 goto out;
1102 if (!zd_tx_timeout(usb))
1103 goto out;
1104
1105 /* TX halted, try reset */
1106 dev_warn(zd_usb_dev(usb), "TX-stall detected, resetting device...");
1107
1108 usb_queue_reset_device(usb->intf);
1109
1110 /* reset will stop this worker, don't rearm */
1111 return;
1112 out:
1113 queue_delayed_work(zd_workqueue, &tx->watchdog_work,
1114 ZD_TX_WATCHDOG_INTERVAL);
1115 }
1116
zd_tx_watchdog_enable(struct zd_usb * usb)1117 void zd_tx_watchdog_enable(struct zd_usb *usb)
1118 {
1119 struct zd_usb_tx *tx = &usb->tx;
1120
1121 if (!tx->watchdog_enabled) {
1122 dev_dbg_f(zd_usb_dev(usb), "\n");
1123 queue_delayed_work(zd_workqueue, &tx->watchdog_work,
1124 ZD_TX_WATCHDOG_INTERVAL);
1125 tx->watchdog_enabled = 1;
1126 }
1127 }
1128
zd_tx_watchdog_disable(struct zd_usb * usb)1129 void zd_tx_watchdog_disable(struct zd_usb *usb)
1130 {
1131 struct zd_usb_tx *tx = &usb->tx;
1132
1133 if (tx->watchdog_enabled) {
1134 dev_dbg_f(zd_usb_dev(usb), "\n");
1135 tx->watchdog_enabled = 0;
1136 cancel_delayed_work_sync(&tx->watchdog_work);
1137 }
1138 }
1139
zd_rx_idle_timer_handler(struct work_struct * work)1140 static void zd_rx_idle_timer_handler(struct work_struct *work)
1141 {
1142 struct zd_usb *usb =
1143 container_of(work, struct zd_usb, rx.idle_work.work);
1144 struct zd_mac *mac = zd_usb_to_mac(usb);
1145
1146 if (!test_bit(ZD_DEVICE_RUNNING, &mac->flags))
1147 return;
1148
1149 dev_dbg_f(zd_usb_dev(usb), "\n");
1150
1151 /* 30 seconds since last rx, reset rx */
1152 zd_usb_reset_rx(usb);
1153 }
1154
zd_usb_reset_rx_idle_timer_tasklet(unsigned long param)1155 static void zd_usb_reset_rx_idle_timer_tasklet(unsigned long param)
1156 {
1157 struct zd_usb *usb = (struct zd_usb *)param;
1158
1159 zd_usb_reset_rx_idle_timer(usb);
1160 }
1161
zd_usb_reset_rx_idle_timer(struct zd_usb * usb)1162 void zd_usb_reset_rx_idle_timer(struct zd_usb *usb)
1163 {
1164 struct zd_usb_rx *rx = &usb->rx;
1165
1166 mod_delayed_work(zd_workqueue, &rx->idle_work, ZD_RX_IDLE_INTERVAL);
1167 }
1168
init_usb_interrupt(struct zd_usb * usb)1169 static inline void init_usb_interrupt(struct zd_usb *usb)
1170 {
1171 struct zd_usb_interrupt *intr = &usb->intr;
1172
1173 spin_lock_init(&intr->lock);
1174 intr->interval = int_urb_interval(zd_usb_to_usbdev(usb));
1175 init_completion(&intr->read_regs.completion);
1176 atomic_set(&intr->read_regs_enabled, 0);
1177 intr->read_regs.cr_int_addr = cpu_to_le16((u16)CR_INTERRUPT);
1178 }
1179
init_usb_rx(struct zd_usb * usb)1180 static inline void init_usb_rx(struct zd_usb *usb)
1181 {
1182 struct zd_usb_rx *rx = &usb->rx;
1183
1184 spin_lock_init(&rx->lock);
1185 mutex_init(&rx->setup_mutex);
1186 if (interface_to_usbdev(usb->intf)->speed == USB_SPEED_HIGH) {
1187 rx->usb_packet_size = 512;
1188 } else {
1189 rx->usb_packet_size = 64;
1190 }
1191 ZD_ASSERT(rx->fragment_length == 0);
1192 INIT_DELAYED_WORK(&rx->idle_work, zd_rx_idle_timer_handler);
1193 rx->reset_timer_tasklet.func = zd_usb_reset_rx_idle_timer_tasklet;
1194 rx->reset_timer_tasklet.data = (unsigned long)usb;
1195 }
1196
init_usb_tx(struct zd_usb * usb)1197 static inline void init_usb_tx(struct zd_usb *usb)
1198 {
1199 struct zd_usb_tx *tx = &usb->tx;
1200
1201 spin_lock_init(&tx->lock);
1202 atomic_set(&tx->enabled, 0);
1203 tx->stopped = 0;
1204 skb_queue_head_init(&tx->submitted_skbs);
1205 init_usb_anchor(&tx->submitted);
1206 tx->submitted_urbs = 0;
1207 tx->watchdog_enabled = 0;
1208 INIT_DELAYED_WORK(&tx->watchdog_work, zd_tx_watchdog_handler);
1209 }
1210
zd_usb_init(struct zd_usb * usb,struct ieee80211_hw * hw,struct usb_interface * intf)1211 void zd_usb_init(struct zd_usb *usb, struct ieee80211_hw *hw,
1212 struct usb_interface *intf)
1213 {
1214 memset(usb, 0, sizeof(*usb));
1215 usb->intf = usb_get_intf(intf);
1216 usb_set_intfdata(usb->intf, hw);
1217 init_usb_anchor(&usb->submitted_cmds);
1218 init_usb_interrupt(usb);
1219 init_usb_tx(usb);
1220 init_usb_rx(usb);
1221 }
1222
zd_usb_clear(struct zd_usb * usb)1223 void zd_usb_clear(struct zd_usb *usb)
1224 {
1225 usb_set_intfdata(usb->intf, NULL);
1226 usb_put_intf(usb->intf);
1227 ZD_MEMCLEAR(usb, sizeof(*usb));
1228 /* FIXME: usb_interrupt, usb_tx, usb_rx? */
1229 }
1230
speed(enum usb_device_speed speed)1231 static const char *speed(enum usb_device_speed speed)
1232 {
1233 switch (speed) {
1234 case USB_SPEED_LOW:
1235 return "low";
1236 case USB_SPEED_FULL:
1237 return "full";
1238 case USB_SPEED_HIGH:
1239 return "high";
1240 default:
1241 return "unknown speed";
1242 }
1243 }
1244
scnprint_id(struct usb_device * udev,char * buffer,size_t size)1245 static int scnprint_id(struct usb_device *udev, char *buffer, size_t size)
1246 {
1247 return scnprintf(buffer, size, "%04hx:%04hx v%04hx %s",
1248 le16_to_cpu(udev->descriptor.idVendor),
1249 le16_to_cpu(udev->descriptor.idProduct),
1250 get_bcdDevice(udev),
1251 speed(udev->speed));
1252 }
1253
zd_usb_scnprint_id(struct zd_usb * usb,char * buffer,size_t size)1254 int zd_usb_scnprint_id(struct zd_usb *usb, char *buffer, size_t size)
1255 {
1256 struct usb_device *udev = interface_to_usbdev(usb->intf);
1257 return scnprint_id(udev, buffer, size);
1258 }
1259
1260 #ifdef DEBUG
print_id(struct usb_device * udev)1261 static void print_id(struct usb_device *udev)
1262 {
1263 char buffer[40];
1264
1265 scnprint_id(udev, buffer, sizeof(buffer));
1266 buffer[sizeof(buffer)-1] = 0;
1267 dev_dbg_f(&udev->dev, "%s\n", buffer);
1268 }
1269 #else
1270 #define print_id(udev) do { } while (0)
1271 #endif
1272
eject_installer(struct usb_interface * intf)1273 static int eject_installer(struct usb_interface *intf)
1274 {
1275 struct usb_device *udev = interface_to_usbdev(intf);
1276 struct usb_host_interface *iface_desc = &intf->altsetting[0];
1277 struct usb_endpoint_descriptor *endpoint;
1278 unsigned char *cmd;
1279 u8 bulk_out_ep;
1280 int r;
1281
1282 /* Find bulk out endpoint */
1283 for (r = 1; r >= 0; r--) {
1284 endpoint = &iface_desc->endpoint[r].desc;
1285 if (usb_endpoint_dir_out(endpoint) &&
1286 usb_endpoint_xfer_bulk(endpoint)) {
1287 bulk_out_ep = endpoint->bEndpointAddress;
1288 break;
1289 }
1290 }
1291 if (r == -1) {
1292 dev_err(&udev->dev,
1293 "zd1211rw: Could not find bulk out endpoint\n");
1294 return -ENODEV;
1295 }
1296
1297 cmd = kzalloc(31, GFP_KERNEL);
1298 if (cmd == NULL)
1299 return -ENODEV;
1300
1301 /* USB bulk command block */
1302 cmd[0] = 0x55; /* bulk command signature */
1303 cmd[1] = 0x53; /* bulk command signature */
1304 cmd[2] = 0x42; /* bulk command signature */
1305 cmd[3] = 0x43; /* bulk command signature */
1306 cmd[14] = 6; /* command length */
1307
1308 cmd[15] = 0x1b; /* SCSI command: START STOP UNIT */
1309 cmd[19] = 0x2; /* eject disc */
1310
1311 dev_info(&udev->dev, "Ejecting virtual installer media...\n");
1312 r = usb_bulk_msg(udev, usb_sndbulkpipe(udev, bulk_out_ep),
1313 cmd, 31, NULL, 2000);
1314 kfree(cmd);
1315 if (r)
1316 return r;
1317
1318 /* At this point, the device disconnects and reconnects with the real
1319 * ID numbers. */
1320
1321 usb_set_intfdata(intf, NULL);
1322 return 0;
1323 }
1324
zd_usb_init_hw(struct zd_usb * usb)1325 int zd_usb_init_hw(struct zd_usb *usb)
1326 {
1327 int r;
1328 struct zd_mac *mac = zd_usb_to_mac(usb);
1329
1330 dev_dbg_f(zd_usb_dev(usb), "\n");
1331
1332 r = upload_firmware(usb);
1333 if (r) {
1334 dev_err(zd_usb_dev(usb),
1335 "couldn't load firmware. Error number %d\n", r);
1336 return r;
1337 }
1338
1339 r = usb_reset_configuration(zd_usb_to_usbdev(usb));
1340 if (r) {
1341 dev_dbg_f(zd_usb_dev(usb),
1342 "couldn't reset configuration. Error number %d\n", r);
1343 return r;
1344 }
1345
1346 r = zd_mac_init_hw(mac->hw);
1347 if (r) {
1348 dev_dbg_f(zd_usb_dev(usb),
1349 "couldn't initialize mac. Error number %d\n", r);
1350 return r;
1351 }
1352
1353 usb->initialized = 1;
1354 return 0;
1355 }
1356
probe(struct usb_interface * intf,const struct usb_device_id * id)1357 static int probe(struct usb_interface *intf, const struct usb_device_id *id)
1358 {
1359 int r;
1360 struct usb_device *udev = interface_to_usbdev(intf);
1361 struct zd_usb *usb;
1362 struct ieee80211_hw *hw = NULL;
1363
1364 print_id(udev);
1365
1366 if (id->driver_info & DEVICE_INSTALLER)
1367 return eject_installer(intf);
1368
1369 switch (udev->speed) {
1370 case USB_SPEED_LOW:
1371 case USB_SPEED_FULL:
1372 case USB_SPEED_HIGH:
1373 break;
1374 default:
1375 dev_dbg_f(&intf->dev, "Unknown USB speed\n");
1376 r = -ENODEV;
1377 goto error;
1378 }
1379
1380 r = usb_reset_device(udev);
1381 if (r) {
1382 dev_err(&intf->dev,
1383 "couldn't reset usb device. Error number %d\n", r);
1384 goto error;
1385 }
1386
1387 hw = zd_mac_alloc_hw(intf);
1388 if (hw == NULL) {
1389 r = -ENOMEM;
1390 goto error;
1391 }
1392
1393 usb = &zd_hw_mac(hw)->chip.usb;
1394 usb->is_zd1211b = (id->driver_info == DEVICE_ZD1211B) != 0;
1395
1396 r = zd_mac_preinit_hw(hw);
1397 if (r) {
1398 dev_dbg_f(&intf->dev,
1399 "couldn't initialize mac. Error number %d\n", r);
1400 goto error;
1401 }
1402
1403 r = ieee80211_register_hw(hw);
1404 if (r) {
1405 dev_dbg_f(&intf->dev,
1406 "couldn't register device. Error number %d\n", r);
1407 goto error;
1408 }
1409
1410 dev_dbg_f(&intf->dev, "successful\n");
1411 dev_info(&intf->dev, "%s\n", wiphy_name(hw->wiphy));
1412 return 0;
1413 error:
1414 usb_reset_device(interface_to_usbdev(intf));
1415 if (hw) {
1416 zd_mac_clear(zd_hw_mac(hw));
1417 ieee80211_free_hw(hw);
1418 }
1419 return r;
1420 }
1421
disconnect(struct usb_interface * intf)1422 static void disconnect(struct usb_interface *intf)
1423 {
1424 struct ieee80211_hw *hw = zd_intf_to_hw(intf);
1425 struct zd_mac *mac;
1426 struct zd_usb *usb;
1427
1428 /* Either something really bad happened, or we're just dealing with
1429 * a DEVICE_INSTALLER. */
1430 if (hw == NULL)
1431 return;
1432
1433 mac = zd_hw_mac(hw);
1434 usb = &mac->chip.usb;
1435
1436 dev_dbg_f(zd_usb_dev(usb), "\n");
1437
1438 ieee80211_unregister_hw(hw);
1439
1440 /* Just in case something has gone wrong! */
1441 zd_usb_disable_tx(usb);
1442 zd_usb_disable_rx(usb);
1443 zd_usb_disable_int(usb);
1444
1445 /* If the disconnect has been caused by a removal of the
1446 * driver module, the reset allows reloading of the driver. If the
1447 * reset will not be executed here, the upload of the firmware in the
1448 * probe function caused by the reloading of the driver will fail.
1449 */
1450 usb_reset_device(interface_to_usbdev(intf));
1451
1452 zd_mac_clear(mac);
1453 ieee80211_free_hw(hw);
1454 dev_dbg(&intf->dev, "disconnected\n");
1455 }
1456
zd_usb_resume(struct zd_usb * usb)1457 static void zd_usb_resume(struct zd_usb *usb)
1458 {
1459 struct zd_mac *mac = zd_usb_to_mac(usb);
1460 int r;
1461
1462 dev_dbg_f(zd_usb_dev(usb), "\n");
1463
1464 r = zd_op_start(zd_usb_to_hw(usb));
1465 if (r < 0) {
1466 dev_warn(zd_usb_dev(usb), "Device resume failed "
1467 "with error code %d. Retrying...\n", r);
1468 if (usb->was_running)
1469 set_bit(ZD_DEVICE_RUNNING, &mac->flags);
1470 usb_queue_reset_device(usb->intf);
1471 return;
1472 }
1473
1474 if (mac->type != NL80211_IFTYPE_UNSPECIFIED) {
1475 r = zd_restore_settings(mac);
1476 if (r < 0) {
1477 dev_dbg(zd_usb_dev(usb),
1478 "failed to restore settings, %d\n", r);
1479 return;
1480 }
1481 }
1482 }
1483
zd_usb_stop(struct zd_usb * usb)1484 static void zd_usb_stop(struct zd_usb *usb)
1485 {
1486 dev_dbg_f(zd_usb_dev(usb), "\n");
1487
1488 zd_op_stop(zd_usb_to_hw(usb));
1489
1490 zd_usb_disable_tx(usb);
1491 zd_usb_disable_rx(usb);
1492 zd_usb_disable_int(usb);
1493
1494 usb->initialized = 0;
1495 }
1496
pre_reset(struct usb_interface * intf)1497 static int pre_reset(struct usb_interface *intf)
1498 {
1499 struct ieee80211_hw *hw = usb_get_intfdata(intf);
1500 struct zd_mac *mac;
1501 struct zd_usb *usb;
1502
1503 if (!hw || intf->condition != USB_INTERFACE_BOUND)
1504 return 0;
1505
1506 mac = zd_hw_mac(hw);
1507 usb = &mac->chip.usb;
1508
1509 usb->was_running = test_bit(ZD_DEVICE_RUNNING, &mac->flags);
1510
1511 zd_usb_stop(usb);
1512
1513 mutex_lock(&mac->chip.mutex);
1514 return 0;
1515 }
1516
post_reset(struct usb_interface * intf)1517 static int post_reset(struct usb_interface *intf)
1518 {
1519 struct ieee80211_hw *hw = usb_get_intfdata(intf);
1520 struct zd_mac *mac;
1521 struct zd_usb *usb;
1522
1523 if (!hw || intf->condition != USB_INTERFACE_BOUND)
1524 return 0;
1525
1526 mac = zd_hw_mac(hw);
1527 usb = &mac->chip.usb;
1528
1529 mutex_unlock(&mac->chip.mutex);
1530
1531 if (usb->was_running)
1532 zd_usb_resume(usb);
1533 return 0;
1534 }
1535
1536 static struct usb_driver driver = {
1537 .name = KBUILD_MODNAME,
1538 .id_table = usb_ids,
1539 .probe = probe,
1540 .disconnect = disconnect,
1541 .pre_reset = pre_reset,
1542 .post_reset = post_reset,
1543 .disable_hub_initiated_lpm = 1,
1544 };
1545
1546 struct workqueue_struct *zd_workqueue;
1547
usb_init(void)1548 static int __init usb_init(void)
1549 {
1550 int r;
1551
1552 pr_debug("%s usb_init()\n", driver.name);
1553
1554 zd_workqueue = create_singlethread_workqueue(driver.name);
1555 if (zd_workqueue == NULL) {
1556 printk(KERN_ERR "%s couldn't create workqueue\n", driver.name);
1557 return -ENOMEM;
1558 }
1559
1560 r = usb_register(&driver);
1561 if (r) {
1562 destroy_workqueue(zd_workqueue);
1563 printk(KERN_ERR "%s usb_register() failed. Error number %d\n",
1564 driver.name, r);
1565 return r;
1566 }
1567
1568 pr_debug("%s initialized\n", driver.name);
1569 return 0;
1570 }
1571
usb_exit(void)1572 static void __exit usb_exit(void)
1573 {
1574 pr_debug("%s usb_exit()\n", driver.name);
1575 usb_deregister(&driver);
1576 destroy_workqueue(zd_workqueue);
1577 }
1578
1579 module_init(usb_init);
1580 module_exit(usb_exit);
1581
zd_ep_regs_out_msg(struct usb_device * udev,void * data,int len,int * actual_length,int timeout)1582 static int zd_ep_regs_out_msg(struct usb_device *udev, void *data, int len,
1583 int *actual_length, int timeout)
1584 {
1585 /* In USB 2.0 mode EP_REGS_OUT endpoint is interrupt type. However in
1586 * USB 1.1 mode endpoint is bulk. Select correct type URB by endpoint
1587 * descriptor.
1588 */
1589 struct usb_host_endpoint *ep;
1590 unsigned int pipe;
1591
1592 pipe = usb_sndintpipe(udev, EP_REGS_OUT);
1593 ep = usb_pipe_endpoint(udev, pipe);
1594 if (!ep)
1595 return -EINVAL;
1596
1597 if (usb_endpoint_xfer_int(&ep->desc)) {
1598 return usb_interrupt_msg(udev, pipe, data, len,
1599 actual_length, timeout);
1600 } else {
1601 pipe = usb_sndbulkpipe(udev, EP_REGS_OUT);
1602 return usb_bulk_msg(udev, pipe, data, len, actual_length,
1603 timeout);
1604 }
1605 }
1606
usb_int_regs_length(unsigned int count)1607 static int usb_int_regs_length(unsigned int count)
1608 {
1609 return sizeof(struct usb_int_regs) + count * sizeof(struct reg_data);
1610 }
1611
prepare_read_regs_int(struct zd_usb * usb,struct usb_req_read_regs * req,unsigned int count)1612 static void prepare_read_regs_int(struct zd_usb *usb,
1613 struct usb_req_read_regs *req,
1614 unsigned int count)
1615 {
1616 struct zd_usb_interrupt *intr = &usb->intr;
1617
1618 spin_lock_irq(&intr->lock);
1619 atomic_set(&intr->read_regs_enabled, 1);
1620 intr->read_regs.req = req;
1621 intr->read_regs.req_count = count;
1622 INIT_COMPLETION(intr->read_regs.completion);
1623 spin_unlock_irq(&intr->lock);
1624 }
1625
disable_read_regs_int(struct zd_usb * usb)1626 static void disable_read_regs_int(struct zd_usb *usb)
1627 {
1628 struct zd_usb_interrupt *intr = &usb->intr;
1629
1630 spin_lock_irq(&intr->lock);
1631 atomic_set(&intr->read_regs_enabled, 0);
1632 spin_unlock_irq(&intr->lock);
1633 }
1634
check_read_regs(struct zd_usb * usb,struct usb_req_read_regs * req,unsigned int count)1635 static bool check_read_regs(struct zd_usb *usb, struct usb_req_read_regs *req,
1636 unsigned int count)
1637 {
1638 int i;
1639 struct zd_usb_interrupt *intr = &usb->intr;
1640 struct read_regs_int *rr = &intr->read_regs;
1641 struct usb_int_regs *regs = (struct usb_int_regs *)rr->buffer;
1642
1643 /* The created block size seems to be larger than expected.
1644 * However results appear to be correct.
1645 */
1646 if (rr->length < usb_int_regs_length(count)) {
1647 dev_dbg_f(zd_usb_dev(usb),
1648 "error: actual length %d less than expected %d\n",
1649 rr->length, usb_int_regs_length(count));
1650 return false;
1651 }
1652
1653 if (rr->length > sizeof(rr->buffer)) {
1654 dev_dbg_f(zd_usb_dev(usb),
1655 "error: actual length %d exceeds buffer size %zu\n",
1656 rr->length, sizeof(rr->buffer));
1657 return false;
1658 }
1659
1660 for (i = 0; i < count; i++) {
1661 struct reg_data *rd = ®s->regs[i];
1662 if (rd->addr != req->addr[i]) {
1663 dev_dbg_f(zd_usb_dev(usb),
1664 "rd[%d] addr %#06hx expected %#06hx\n", i,
1665 le16_to_cpu(rd->addr),
1666 le16_to_cpu(req->addr[i]));
1667 return false;
1668 }
1669 }
1670
1671 return true;
1672 }
1673
get_results(struct zd_usb * usb,u16 * values,struct usb_req_read_regs * req,unsigned int count,bool * retry)1674 static int get_results(struct zd_usb *usb, u16 *values,
1675 struct usb_req_read_regs *req, unsigned int count,
1676 bool *retry)
1677 {
1678 int r;
1679 int i;
1680 struct zd_usb_interrupt *intr = &usb->intr;
1681 struct read_regs_int *rr = &intr->read_regs;
1682 struct usb_int_regs *regs = (struct usb_int_regs *)rr->buffer;
1683
1684 spin_lock_irq(&intr->lock);
1685
1686 r = -EIO;
1687
1688 /* Read failed because firmware bug? */
1689 *retry = !!intr->read_regs_int_overridden;
1690 if (*retry)
1691 goto error_unlock;
1692
1693 if (!check_read_regs(usb, req, count)) {
1694 dev_dbg_f(zd_usb_dev(usb), "error: invalid read regs\n");
1695 goto error_unlock;
1696 }
1697
1698 for (i = 0; i < count; i++) {
1699 struct reg_data *rd = ®s->regs[i];
1700 values[i] = le16_to_cpu(rd->value);
1701 }
1702
1703 r = 0;
1704 error_unlock:
1705 spin_unlock_irq(&intr->lock);
1706 return r;
1707 }
1708
zd_usb_ioread16v(struct zd_usb * usb,u16 * values,const zd_addr_t * addresses,unsigned int count)1709 int zd_usb_ioread16v(struct zd_usb *usb, u16 *values,
1710 const zd_addr_t *addresses, unsigned int count)
1711 {
1712 int r, i, req_len, actual_req_len, try_count = 0;
1713 struct usb_device *udev;
1714 struct usb_req_read_regs *req = NULL;
1715 unsigned long timeout;
1716 bool retry = false;
1717
1718 if (count < 1) {
1719 dev_dbg_f(zd_usb_dev(usb), "error: count is zero\n");
1720 return -EINVAL;
1721 }
1722 if (count > USB_MAX_IOREAD16_COUNT) {
1723 dev_dbg_f(zd_usb_dev(usb),
1724 "error: count %u exceeds possible max %u\n",
1725 count, USB_MAX_IOREAD16_COUNT);
1726 return -EINVAL;
1727 }
1728 if (in_atomic()) {
1729 dev_dbg_f(zd_usb_dev(usb),
1730 "error: io in atomic context not supported\n");
1731 return -EWOULDBLOCK;
1732 }
1733 if (!usb_int_enabled(usb)) {
1734 dev_dbg_f(zd_usb_dev(usb),
1735 "error: usb interrupt not enabled\n");
1736 return -EWOULDBLOCK;
1737 }
1738
1739 ZD_ASSERT(mutex_is_locked(&zd_usb_to_chip(usb)->mutex));
1740 BUILD_BUG_ON(sizeof(struct usb_req_read_regs) + USB_MAX_IOREAD16_COUNT *
1741 sizeof(__le16) > sizeof(usb->req_buf));
1742 BUG_ON(sizeof(struct usb_req_read_regs) + count * sizeof(__le16) >
1743 sizeof(usb->req_buf));
1744
1745 req_len = sizeof(struct usb_req_read_regs) + count * sizeof(__le16);
1746 req = (void *)usb->req_buf;
1747
1748 req->id = cpu_to_le16(USB_REQ_READ_REGS);
1749 for (i = 0; i < count; i++)
1750 req->addr[i] = cpu_to_le16((u16)addresses[i]);
1751
1752 retry_read:
1753 try_count++;
1754 udev = zd_usb_to_usbdev(usb);
1755 prepare_read_regs_int(usb, req, count);
1756 r = zd_ep_regs_out_msg(udev, req, req_len, &actual_req_len, 50 /*ms*/);
1757 if (r) {
1758 dev_dbg_f(zd_usb_dev(usb),
1759 "error in zd_ep_regs_out_msg(). Error number %d\n", r);
1760 goto error;
1761 }
1762 if (req_len != actual_req_len) {
1763 dev_dbg_f(zd_usb_dev(usb), "error in zd_ep_regs_out_msg()\n"
1764 " req_len %d != actual_req_len %d\n",
1765 req_len, actual_req_len);
1766 r = -EIO;
1767 goto error;
1768 }
1769
1770 timeout = wait_for_completion_timeout(&usb->intr.read_regs.completion,
1771 msecs_to_jiffies(50));
1772 if (!timeout) {
1773 disable_read_regs_int(usb);
1774 dev_dbg_f(zd_usb_dev(usb), "read timed out\n");
1775 r = -ETIMEDOUT;
1776 goto error;
1777 }
1778
1779 r = get_results(usb, values, req, count, &retry);
1780 if (retry && try_count < 20) {
1781 dev_dbg_f(zd_usb_dev(usb), "read retry, tries so far: %d\n",
1782 try_count);
1783 goto retry_read;
1784 }
1785 error:
1786 return r;
1787 }
1788
iowrite16v_urb_complete(struct urb * urb)1789 static void iowrite16v_urb_complete(struct urb *urb)
1790 {
1791 struct zd_usb *usb = urb->context;
1792
1793 if (urb->status && !usb->cmd_error)
1794 usb->cmd_error = urb->status;
1795
1796 if (!usb->cmd_error &&
1797 urb->actual_length != urb->transfer_buffer_length)
1798 usb->cmd_error = -EIO;
1799 }
1800
zd_submit_waiting_urb(struct zd_usb * usb,bool last)1801 static int zd_submit_waiting_urb(struct zd_usb *usb, bool last)
1802 {
1803 int r = 0;
1804 struct urb *urb = usb->urb_async_waiting;
1805
1806 if (!urb)
1807 return 0;
1808
1809 usb->urb_async_waiting = NULL;
1810
1811 if (!last)
1812 urb->transfer_flags |= URB_NO_INTERRUPT;
1813
1814 usb_anchor_urb(urb, &usb->submitted_cmds);
1815 r = usb_submit_urb(urb, GFP_KERNEL);
1816 if (r) {
1817 usb_unanchor_urb(urb);
1818 dev_dbg_f(zd_usb_dev(usb),
1819 "error in usb_submit_urb(). Error number %d\n", r);
1820 goto error;
1821 }
1822
1823 /* fall-through with r == 0 */
1824 error:
1825 usb_free_urb(urb);
1826 return r;
1827 }
1828
zd_usb_iowrite16v_async_start(struct zd_usb * usb)1829 void zd_usb_iowrite16v_async_start(struct zd_usb *usb)
1830 {
1831 ZD_ASSERT(usb_anchor_empty(&usb->submitted_cmds));
1832 ZD_ASSERT(usb->urb_async_waiting == NULL);
1833 ZD_ASSERT(!usb->in_async);
1834
1835 ZD_ASSERT(mutex_is_locked(&zd_usb_to_chip(usb)->mutex));
1836
1837 usb->in_async = 1;
1838 usb->cmd_error = 0;
1839 usb->urb_async_waiting = NULL;
1840 }
1841
zd_usb_iowrite16v_async_end(struct zd_usb * usb,unsigned int timeout)1842 int zd_usb_iowrite16v_async_end(struct zd_usb *usb, unsigned int timeout)
1843 {
1844 int r;
1845
1846 ZD_ASSERT(mutex_is_locked(&zd_usb_to_chip(usb)->mutex));
1847 ZD_ASSERT(usb->in_async);
1848
1849 /* Submit last iowrite16v URB */
1850 r = zd_submit_waiting_urb(usb, true);
1851 if (r) {
1852 dev_dbg_f(zd_usb_dev(usb),
1853 "error in zd_submit_waiting_usb(). "
1854 "Error number %d\n", r);
1855
1856 usb_kill_anchored_urbs(&usb->submitted_cmds);
1857 goto error;
1858 }
1859
1860 if (timeout)
1861 timeout = usb_wait_anchor_empty_timeout(&usb->submitted_cmds,
1862 timeout);
1863 if (!timeout) {
1864 usb_kill_anchored_urbs(&usb->submitted_cmds);
1865 if (usb->cmd_error == -ENOENT) {
1866 dev_dbg_f(zd_usb_dev(usb), "timed out");
1867 r = -ETIMEDOUT;
1868 goto error;
1869 }
1870 }
1871
1872 r = usb->cmd_error;
1873 error:
1874 usb->in_async = 0;
1875 return r;
1876 }
1877
zd_usb_iowrite16v_async(struct zd_usb * usb,const struct zd_ioreq16 * ioreqs,unsigned int count)1878 int zd_usb_iowrite16v_async(struct zd_usb *usb, const struct zd_ioreq16 *ioreqs,
1879 unsigned int count)
1880 {
1881 int r;
1882 struct usb_device *udev;
1883 struct usb_req_write_regs *req = NULL;
1884 int i, req_len;
1885 struct urb *urb;
1886 struct usb_host_endpoint *ep;
1887
1888 ZD_ASSERT(mutex_is_locked(&zd_usb_to_chip(usb)->mutex));
1889 ZD_ASSERT(usb->in_async);
1890
1891 if (count == 0)
1892 return 0;
1893 if (count > USB_MAX_IOWRITE16_COUNT) {
1894 dev_dbg_f(zd_usb_dev(usb),
1895 "error: count %u exceeds possible max %u\n",
1896 count, USB_MAX_IOWRITE16_COUNT);
1897 return -EINVAL;
1898 }
1899 if (in_atomic()) {
1900 dev_dbg_f(zd_usb_dev(usb),
1901 "error: io in atomic context not supported\n");
1902 return -EWOULDBLOCK;
1903 }
1904
1905 udev = zd_usb_to_usbdev(usb);
1906
1907 ep = usb_pipe_endpoint(udev, usb_sndintpipe(udev, EP_REGS_OUT));
1908 if (!ep)
1909 return -ENOENT;
1910
1911 urb = usb_alloc_urb(0, GFP_KERNEL);
1912 if (!urb)
1913 return -ENOMEM;
1914
1915 req_len = sizeof(struct usb_req_write_regs) +
1916 count * sizeof(struct reg_data);
1917 req = kmalloc(req_len, GFP_KERNEL);
1918 if (!req) {
1919 r = -ENOMEM;
1920 goto error;
1921 }
1922
1923 req->id = cpu_to_le16(USB_REQ_WRITE_REGS);
1924 for (i = 0; i < count; i++) {
1925 struct reg_data *rw = &req->reg_writes[i];
1926 rw->addr = cpu_to_le16((u16)ioreqs[i].addr);
1927 rw->value = cpu_to_le16(ioreqs[i].value);
1928 }
1929
1930 /* In USB 2.0 mode endpoint is interrupt type. However in USB 1.1 mode
1931 * endpoint is bulk. Select correct type URB by endpoint descriptor.
1932 */
1933 if (usb_endpoint_xfer_int(&ep->desc))
1934 usb_fill_int_urb(urb, udev, usb_sndintpipe(udev, EP_REGS_OUT),
1935 req, req_len, iowrite16v_urb_complete, usb,
1936 ep->desc.bInterval);
1937 else
1938 usb_fill_bulk_urb(urb, udev, usb_sndbulkpipe(udev, EP_REGS_OUT),
1939 req, req_len, iowrite16v_urb_complete, usb);
1940
1941 urb->transfer_flags |= URB_FREE_BUFFER;
1942
1943 /* Submit previous URB */
1944 r = zd_submit_waiting_urb(usb, false);
1945 if (r) {
1946 dev_dbg_f(zd_usb_dev(usb),
1947 "error in zd_submit_waiting_usb(). "
1948 "Error number %d\n", r);
1949 goto error;
1950 }
1951
1952 /* Delay submit so that URB_NO_INTERRUPT flag can be set for all URBs
1953 * of currect batch except for very last.
1954 */
1955 usb->urb_async_waiting = urb;
1956 return 0;
1957 error:
1958 usb_free_urb(urb);
1959 return r;
1960 }
1961
zd_usb_iowrite16v(struct zd_usb * usb,const struct zd_ioreq16 * ioreqs,unsigned int count)1962 int zd_usb_iowrite16v(struct zd_usb *usb, const struct zd_ioreq16 *ioreqs,
1963 unsigned int count)
1964 {
1965 int r;
1966
1967 zd_usb_iowrite16v_async_start(usb);
1968 r = zd_usb_iowrite16v_async(usb, ioreqs, count);
1969 if (r) {
1970 zd_usb_iowrite16v_async_end(usb, 0);
1971 return r;
1972 }
1973 return zd_usb_iowrite16v_async_end(usb, 50 /* ms */);
1974 }
1975
zd_usb_rfwrite(struct zd_usb * usb,u32 value,u8 bits)1976 int zd_usb_rfwrite(struct zd_usb *usb, u32 value, u8 bits)
1977 {
1978 int r;
1979 struct usb_device *udev;
1980 struct usb_req_rfwrite *req = NULL;
1981 int i, req_len, actual_req_len;
1982 u16 bit_value_template;
1983
1984 if (in_atomic()) {
1985 dev_dbg_f(zd_usb_dev(usb),
1986 "error: io in atomic context not supported\n");
1987 return -EWOULDBLOCK;
1988 }
1989 if (bits < USB_MIN_RFWRITE_BIT_COUNT) {
1990 dev_dbg_f(zd_usb_dev(usb),
1991 "error: bits %d are smaller than"
1992 " USB_MIN_RFWRITE_BIT_COUNT %d\n",
1993 bits, USB_MIN_RFWRITE_BIT_COUNT);
1994 return -EINVAL;
1995 }
1996 if (bits > USB_MAX_RFWRITE_BIT_COUNT) {
1997 dev_dbg_f(zd_usb_dev(usb),
1998 "error: bits %d exceed USB_MAX_RFWRITE_BIT_COUNT %d\n",
1999 bits, USB_MAX_RFWRITE_BIT_COUNT);
2000 return -EINVAL;
2001 }
2002 #ifdef DEBUG
2003 if (value & (~0UL << bits)) {
2004 dev_dbg_f(zd_usb_dev(usb),
2005 "error: value %#09x has bits >= %d set\n",
2006 value, bits);
2007 return -EINVAL;
2008 }
2009 #endif /* DEBUG */
2010
2011 dev_dbg_f(zd_usb_dev(usb), "value %#09x bits %d\n", value, bits);
2012
2013 r = zd_usb_ioread16(usb, &bit_value_template, ZD_CR203);
2014 if (r) {
2015 dev_dbg_f(zd_usb_dev(usb),
2016 "error %d: Couldn't read ZD_CR203\n", r);
2017 return r;
2018 }
2019 bit_value_template &= ~(RF_IF_LE|RF_CLK|RF_DATA);
2020
2021 ZD_ASSERT(mutex_is_locked(&zd_usb_to_chip(usb)->mutex));
2022 BUILD_BUG_ON(sizeof(struct usb_req_rfwrite) +
2023 USB_MAX_RFWRITE_BIT_COUNT * sizeof(__le16) >
2024 sizeof(usb->req_buf));
2025 BUG_ON(sizeof(struct usb_req_rfwrite) + bits * sizeof(__le16) >
2026 sizeof(usb->req_buf));
2027
2028 req_len = sizeof(struct usb_req_rfwrite) + bits * sizeof(__le16);
2029 req = (void *)usb->req_buf;
2030
2031 req->id = cpu_to_le16(USB_REQ_WRITE_RF);
2032 /* 1: 3683a, but not used in ZYDAS driver */
2033 req->value = cpu_to_le16(2);
2034 req->bits = cpu_to_le16(bits);
2035
2036 for (i = 0; i < bits; i++) {
2037 u16 bv = bit_value_template;
2038 if (value & (1 << (bits-1-i)))
2039 bv |= RF_DATA;
2040 req->bit_values[i] = cpu_to_le16(bv);
2041 }
2042
2043 udev = zd_usb_to_usbdev(usb);
2044 r = zd_ep_regs_out_msg(udev, req, req_len, &actual_req_len, 50 /*ms*/);
2045 if (r) {
2046 dev_dbg_f(zd_usb_dev(usb),
2047 "error in zd_ep_regs_out_msg(). Error number %d\n", r);
2048 goto out;
2049 }
2050 if (req_len != actual_req_len) {
2051 dev_dbg_f(zd_usb_dev(usb), "error in zd_ep_regs_out_msg()"
2052 " req_len %d != actual_req_len %d\n",
2053 req_len, actual_req_len);
2054 r = -EIO;
2055 goto out;
2056 }
2057
2058 /* FALL-THROUGH with r == 0 */
2059 out:
2060 return r;
2061 }
2062