1 // SPDX-License-Identifier: GPL-2.0-or-later 2 /* ZD1211 USB-WLAN driver for Linux 3 * 4 * Copyright (C) 2005-2007 Ulrich Kunitz <kune@deine-taler.de> 5 * Copyright (C) 2006-2007 Daniel Drake <dsd@gentoo.org> 6 * Copyright (C) 2006-2007 Michael Wu <flamingice@sourmilk.net> 7 */ 8 9 #include <linux/kernel.h> 10 #include <linux/init.h> 11 #include <linux/firmware.h> 12 #include <linux/device.h> 13 #include <linux/errno.h> 14 #include <linux/slab.h> 15 #include <linux/skbuff.h> 16 #include <linux/usb.h> 17 #include <linux/workqueue.h> 18 #include <linux/module.h> 19 #include <net/mac80211.h> 20 #include <linux/unaligned.h> 21 22 #include "zd_def.h" 23 #include "zd_mac.h" 24 #include "zd_usb.h" 25 26 static const struct usb_device_id usb_ids[] = { 27 /* ZD1211 */ 28 { USB_DEVICE(0x0105, 0x145f), .driver_info = DEVICE_ZD1211 }, 29 { USB_DEVICE(0x0586, 0x3401), .driver_info = DEVICE_ZD1211 }, 30 { USB_DEVICE(0x0586, 0x3402), .driver_info = DEVICE_ZD1211 }, 31 { USB_DEVICE(0x0586, 0x3407), .driver_info = DEVICE_ZD1211 }, 32 { USB_DEVICE(0x0586, 0x3409), .driver_info = DEVICE_ZD1211 }, 33 { USB_DEVICE(0x079b, 0x004a), .driver_info = DEVICE_ZD1211 }, 34 { USB_DEVICE(0x07b8, 0x6001), .driver_info = DEVICE_ZD1211 }, 35 { USB_DEVICE(0x0ace, 0x1211), .driver_info = DEVICE_ZD1211 }, 36 { USB_DEVICE(0x0ace, 0xa211), .driver_info = DEVICE_ZD1211 }, 37 { USB_DEVICE(0x0b05, 0x170c), .driver_info = DEVICE_ZD1211 }, 38 { USB_DEVICE(0x0b3b, 0x1630), .driver_info = DEVICE_ZD1211 }, 39 { USB_DEVICE(0x0b3b, 0x5630), .driver_info = DEVICE_ZD1211 }, 40 { USB_DEVICE(0x0df6, 0x9071), .driver_info = DEVICE_ZD1211 }, 41 { USB_DEVICE(0x0df6, 0x9075), .driver_info = DEVICE_ZD1211 }, 42 { USB_DEVICE(0x126f, 0xa006), .driver_info = DEVICE_ZD1211 }, 43 { USB_DEVICE(0x129b, 0x1666), .driver_info = DEVICE_ZD1211 }, 44 { USB_DEVICE(0x13b1, 0x001e), .driver_info = DEVICE_ZD1211 }, 45 { USB_DEVICE(0x1435, 0x0711), .driver_info = DEVICE_ZD1211 }, 46 { USB_DEVICE(0x14ea, 0xab10), .driver_info = DEVICE_ZD1211 }, 47 { USB_DEVICE(0x14ea, 0xab13), .driver_info = DEVICE_ZD1211 }, 48 { USB_DEVICE(0x157e, 0x300a), .driver_info = DEVICE_ZD1211 }, 49 { USB_DEVICE(0x157e, 0x300b), .driver_info = DEVICE_ZD1211 }, 50 { USB_DEVICE(0x157e, 0x3204), .driver_info = DEVICE_ZD1211 }, 51 { USB_DEVICE(0x157e, 0x3207), .driver_info = DEVICE_ZD1211 }, 52 { USB_DEVICE(0x1740, 0x2000), .driver_info = DEVICE_ZD1211 }, 53 { USB_DEVICE(0x6891, 0xa727), .driver_info = DEVICE_ZD1211 }, 54 /* ZD1211B */ 55 { USB_DEVICE(0x0053, 0x5301), .driver_info = DEVICE_ZD1211B }, 56 { USB_DEVICE(0x0409, 0x0248), .driver_info = DEVICE_ZD1211B }, 57 { USB_DEVICE(0x0411, 0x00da), .driver_info = DEVICE_ZD1211B }, 58 { USB_DEVICE(0x0471, 0x1236), .driver_info = DEVICE_ZD1211B }, 59 { USB_DEVICE(0x0471, 0x1237), .driver_info = DEVICE_ZD1211B }, 60 { USB_DEVICE(0x050d, 0x705c), .driver_info = DEVICE_ZD1211B }, 61 { USB_DEVICE(0x054c, 0x0257), .driver_info = DEVICE_ZD1211B }, 62 { USB_DEVICE(0x0586, 0x340a), .driver_info = DEVICE_ZD1211B }, 63 { USB_DEVICE(0x0586, 0x340f), .driver_info = DEVICE_ZD1211B }, 64 { USB_DEVICE(0x0586, 0x3410), .driver_info = DEVICE_ZD1211B }, 65 { USB_DEVICE(0x0586, 0x3412), .driver_info = DEVICE_ZD1211B }, 66 { USB_DEVICE(0x0586, 0x3413), .driver_info = DEVICE_ZD1211B }, 67 { USB_DEVICE(0x079b, 0x0062), .driver_info = DEVICE_ZD1211B }, 68 { USB_DEVICE(0x07fa, 0x1196), .driver_info = DEVICE_ZD1211B }, 69 { USB_DEVICE(0x083a, 0x4505), .driver_info = DEVICE_ZD1211B }, 70 { USB_DEVICE(0x083a, 0xe501), .driver_info = DEVICE_ZD1211B }, 71 { USB_DEVICE(0x083a, 0xe503), .driver_info = DEVICE_ZD1211B }, 72 { USB_DEVICE(0x083a, 0xe506), .driver_info = DEVICE_ZD1211B }, 73 { USB_DEVICE(0x0ace, 0x1215), .driver_info = DEVICE_ZD1211B }, 74 { USB_DEVICE(0x0ace, 0xb215), .driver_info = DEVICE_ZD1211B }, 75 { USB_DEVICE(0x0b05, 0x171b), .driver_info = DEVICE_ZD1211B }, 76 { USB_DEVICE(0x0baf, 0x0121), .driver_info = DEVICE_ZD1211B }, 77 { USB_DEVICE(0x0cde, 0x001a), .driver_info = DEVICE_ZD1211B }, 78 { USB_DEVICE(0x0df6, 0x0036), .driver_info = DEVICE_ZD1211B }, 79 { USB_DEVICE(0x129b, 0x1667), .driver_info = DEVICE_ZD1211B }, 80 { USB_DEVICE(0x13b1, 0x0024), .driver_info = DEVICE_ZD1211B }, 81 { USB_DEVICE(0x157e, 0x300d), .driver_info = DEVICE_ZD1211B }, 82 { USB_DEVICE(0x1582, 0x6003), .driver_info = DEVICE_ZD1211B }, 83 { USB_DEVICE(0x2019, 0x5303), .driver_info = DEVICE_ZD1211B }, 84 { USB_DEVICE(0x2019, 0xed01), .driver_info = DEVICE_ZD1211B }, 85 /* "Driverless" devices that need ejecting */ 86 { USB_DEVICE(0x0ace, 0x2011), .driver_info = DEVICE_INSTALLER }, 87 { USB_DEVICE(0x0ace, 0x20ff), .driver_info = DEVICE_INSTALLER }, 88 {} 89 }; 90 91 MODULE_LICENSE("GPL"); 92 MODULE_DESCRIPTION("USB driver for devices with the ZD1211 chip."); 93 MODULE_AUTHOR("Ulrich Kunitz"); 94 MODULE_AUTHOR("Daniel Drake"); 95 MODULE_VERSION("1.0"); 96 MODULE_DEVICE_TABLE(usb, usb_ids); 97 98 #define FW_ZD1211_PREFIX "zd1211/zd1211_" 99 #define FW_ZD1211B_PREFIX "zd1211/zd1211b_" 100 101 static bool check_read_regs(struct zd_usb *usb, struct usb_req_read_regs *req, 102 unsigned int count); 103 104 /* USB device initialization */ 105 static void int_urb_complete(struct urb *urb); 106 request_fw_file(const struct firmware ** fw,const char * name,struct device * device)107 static int request_fw_file( 108 const struct firmware **fw, const char *name, struct device *device) 109 { 110 int r; 111 112 dev_dbg_f(device, "fw name %s\n", name); 113 114 r = request_firmware(fw, name, device); 115 if (r) 116 dev_err(device, 117 "Could not load firmware file %s. Error number %d\n", 118 name, r); 119 return r; 120 } 121 get_bcdDevice(const struct usb_device * udev)122 static inline u16 get_bcdDevice(const struct usb_device *udev) 123 { 124 return le16_to_cpu(udev->descriptor.bcdDevice); 125 } 126 127 enum upload_code_flags { 128 REBOOT = 1, 129 }; 130 131 /* Ensures that MAX_TRANSFER_SIZE is even. */ 132 #define MAX_TRANSFER_SIZE (USB_MAX_TRANSFER_SIZE & ~1) 133 upload_code(struct usb_device * udev,const u8 * data,size_t size,u16 code_offset,int flags)134 static int upload_code(struct usb_device *udev, 135 const u8 *data, size_t size, u16 code_offset, int flags) 136 { 137 u8 *p; 138 int r; 139 140 /* USB request blocks need "kmalloced" buffers. 141 */ 142 p = kmalloc(MAX_TRANSFER_SIZE, GFP_KERNEL); 143 if (!p) { 144 r = -ENOMEM; 145 goto error; 146 } 147 148 size &= ~1; 149 while (size > 0) { 150 size_t transfer_size = size <= MAX_TRANSFER_SIZE ? 151 size : MAX_TRANSFER_SIZE; 152 153 dev_dbg_f(&udev->dev, "transfer size %zu\n", transfer_size); 154 155 memcpy(p, data, transfer_size); 156 r = usb_control_msg(udev, usb_sndctrlpipe(udev, 0), 157 USB_REQ_FIRMWARE_DOWNLOAD, 158 USB_DIR_OUT | USB_TYPE_VENDOR, 159 code_offset, 0, p, transfer_size, 1000 /* ms */); 160 if (r < 0) { 161 dev_err(&udev->dev, 162 "USB control request for firmware upload" 163 " failed. Error number %d\n", r); 164 goto error; 165 } 166 transfer_size = r & ~1; 167 168 size -= transfer_size; 169 data += transfer_size; 170 code_offset += transfer_size/sizeof(u16); 171 } 172 173 if (flags & REBOOT) { 174 u8 ret; 175 176 /* Use "DMA-aware" buffer. */ 177 r = usb_control_msg(udev, usb_rcvctrlpipe(udev, 0), 178 USB_REQ_FIRMWARE_CONFIRM, 179 USB_DIR_IN | USB_TYPE_VENDOR, 180 0, 0, p, sizeof(ret), 5000 /* ms */); 181 if (r != sizeof(ret)) { 182 dev_err(&udev->dev, 183 "control request firmware confirmation failed." 184 " Return value %d\n", r); 185 if (r >= 0) 186 r = -ENODEV; 187 goto error; 188 } 189 ret = p[0]; 190 if (ret & 0x80) { 191 dev_err(&udev->dev, 192 "Internal error while downloading." 193 " Firmware confirm return value %#04x\n", 194 (unsigned int)ret); 195 r = -ENODEV; 196 goto error; 197 } 198 dev_dbg_f(&udev->dev, "firmware confirm return value %#04x\n", 199 (unsigned int)ret); 200 } 201 202 r = 0; 203 error: 204 kfree(p); 205 return r; 206 } 207 get_word(const void * data,u16 offset)208 static u16 get_word(const void *data, u16 offset) 209 { 210 const __le16 *p = data; 211 return le16_to_cpu(p[offset]); 212 } 213 get_fw_name(struct zd_usb * usb,char * buffer,size_t size,const char * postfix)214 static char *get_fw_name(struct zd_usb *usb, char *buffer, size_t size, 215 const char* postfix) 216 { 217 scnprintf(buffer, size, "%s%s", 218 usb->is_zd1211b ? 219 FW_ZD1211B_PREFIX : FW_ZD1211_PREFIX, 220 postfix); 221 return buffer; 222 } 223 handle_version_mismatch(struct zd_usb * usb,const struct firmware * ub_fw)224 static int handle_version_mismatch(struct zd_usb *usb, 225 const struct firmware *ub_fw) 226 { 227 struct usb_device *udev = zd_usb_to_usbdev(usb); 228 const struct firmware *ur_fw = NULL; 229 int offset; 230 int r = 0; 231 char fw_name[128]; 232 233 r = request_fw_file(&ur_fw, 234 get_fw_name(usb, fw_name, sizeof(fw_name), "ur"), 235 &udev->dev); 236 if (r) 237 goto error; 238 239 r = upload_code(udev, ur_fw->data, ur_fw->size, FW_START, REBOOT); 240 if (r) 241 goto error; 242 243 offset = (E2P_BOOT_CODE_OFFSET * sizeof(u16)); 244 r = upload_code(udev, ub_fw->data + offset, ub_fw->size - offset, 245 E2P_START + E2P_BOOT_CODE_OFFSET, REBOOT); 246 247 /* At this point, the vendor driver downloads the whole firmware 248 * image, hacks around with version IDs, and uploads it again, 249 * completely overwriting the boot code. We do not do this here as 250 * it is not required on any tested devices, and it is suspected to 251 * cause problems. */ 252 error: 253 release_firmware(ur_fw); 254 return r; 255 } 256 upload_firmware(struct zd_usb * usb)257 static int upload_firmware(struct zd_usb *usb) 258 { 259 int r; 260 u16 fw_bcdDevice; 261 u16 bcdDevice; 262 struct usb_device *udev = zd_usb_to_usbdev(usb); 263 const struct firmware *ub_fw = NULL; 264 const struct firmware *uph_fw = NULL; 265 char fw_name[128]; 266 267 bcdDevice = get_bcdDevice(udev); 268 269 r = request_fw_file(&ub_fw, 270 get_fw_name(usb, fw_name, sizeof(fw_name), "ub"), 271 &udev->dev); 272 if (r) 273 goto error; 274 275 fw_bcdDevice = get_word(ub_fw->data, E2P_DATA_OFFSET); 276 277 if (fw_bcdDevice != bcdDevice) { 278 dev_info(&udev->dev, 279 "firmware version %#06x and device bootcode version " 280 "%#06x differ\n", fw_bcdDevice, bcdDevice); 281 if (bcdDevice <= 0x4313) 282 dev_warn(&udev->dev, "device has old bootcode, please " 283 "report success or failure\n"); 284 285 r = handle_version_mismatch(usb, ub_fw); 286 if (r) 287 goto error; 288 } else { 289 dev_dbg_f(&udev->dev, 290 "firmware device id %#06x is equal to the " 291 "actual device id\n", fw_bcdDevice); 292 } 293 294 295 r = request_fw_file(&uph_fw, 296 get_fw_name(usb, fw_name, sizeof(fw_name), "uphr"), 297 &udev->dev); 298 if (r) 299 goto error; 300 301 r = upload_code(udev, uph_fw->data, uph_fw->size, FW_START, REBOOT); 302 if (r) { 303 dev_err(&udev->dev, 304 "Could not upload firmware code uph. Error number %d\n", 305 r); 306 } 307 308 /* FALL-THROUGH */ 309 error: 310 release_firmware(ub_fw); 311 release_firmware(uph_fw); 312 return r; 313 } 314 315 MODULE_FIRMWARE(FW_ZD1211B_PREFIX "ur"); 316 MODULE_FIRMWARE(FW_ZD1211_PREFIX "ur"); 317 MODULE_FIRMWARE(FW_ZD1211B_PREFIX "ub"); 318 MODULE_FIRMWARE(FW_ZD1211_PREFIX "ub"); 319 MODULE_FIRMWARE(FW_ZD1211B_PREFIX "uphr"); 320 MODULE_FIRMWARE(FW_ZD1211_PREFIX "uphr"); 321 322 /* Read data from device address space using "firmware interface" which does 323 * not require firmware to be loaded. */ zd_usb_read_fw(struct zd_usb * usb,zd_addr_t addr,u8 * data,u16 len)324 int zd_usb_read_fw(struct zd_usb *usb, zd_addr_t addr, u8 *data, u16 len) 325 { 326 int r; 327 struct usb_device *udev = zd_usb_to_usbdev(usb); 328 u8 *buf; 329 330 /* Use "DMA-aware" buffer. */ 331 buf = kmalloc(len, GFP_KERNEL); 332 if (!buf) 333 return -ENOMEM; 334 r = usb_control_msg(udev, usb_rcvctrlpipe(udev, 0), 335 USB_REQ_FIRMWARE_READ_DATA, USB_DIR_IN | 0x40, addr, 0, 336 buf, len, 5000); 337 if (r < 0) { 338 dev_err(&udev->dev, 339 "read over firmware interface failed: %d\n", r); 340 goto exit; 341 } else if (r != len) { 342 dev_err(&udev->dev, 343 "incomplete read over firmware interface: %d/%d\n", 344 r, len); 345 r = -EIO; 346 goto exit; 347 } 348 r = 0; 349 memcpy(data, buf, len); 350 exit: 351 kfree(buf); 352 return r; 353 } 354 355 #define urb_dev(urb) (&(urb)->dev->dev) 356 handle_regs_int_override(struct urb * urb)357 static inline void handle_regs_int_override(struct urb *urb) 358 { 359 struct zd_usb *usb = urb->context; 360 struct zd_usb_interrupt *intr = &usb->intr; 361 unsigned long flags; 362 363 spin_lock_irqsave(&intr->lock, flags); 364 if (atomic_read(&intr->read_regs_enabled)) { 365 atomic_set(&intr->read_regs_enabled, 0); 366 intr->read_regs_int_overridden = 1; 367 complete(&intr->read_regs.completion); 368 } 369 spin_unlock_irqrestore(&intr->lock, flags); 370 } 371 handle_regs_int(struct urb * urb)372 static inline void handle_regs_int(struct urb *urb) 373 { 374 struct zd_usb *usb = urb->context; 375 struct zd_usb_interrupt *intr = &usb->intr; 376 unsigned long flags; 377 int len; 378 u16 int_num; 379 380 spin_lock_irqsave(&intr->lock, flags); 381 382 int_num = le16_to_cpu(*(__le16 *)(urb->transfer_buffer+2)); 383 if (int_num == (u16)CR_INTERRUPT) { 384 struct zd_mac *mac = zd_hw_mac(zd_usb_to_hw(urb->context)); 385 spin_lock(&mac->lock); 386 memcpy(&mac->intr_buffer, urb->transfer_buffer, 387 USB_MAX_EP_INT_BUFFER); 388 spin_unlock(&mac->lock); 389 schedule_work(&mac->process_intr); 390 } else if (atomic_read(&intr->read_regs_enabled)) { 391 len = urb->actual_length; 392 intr->read_regs.length = urb->actual_length; 393 if (len > sizeof(intr->read_regs.buffer)) 394 len = sizeof(intr->read_regs.buffer); 395 396 memcpy(intr->read_regs.buffer, urb->transfer_buffer, len); 397 398 /* Sometimes USB_INT_ID_REGS is not overridden, but comes after 399 * USB_INT_ID_RETRY_FAILED. Read-reg retry then gets this 400 * delayed USB_INT_ID_REGS, but leaves USB_INT_ID_REGS of 401 * retry unhandled. Next read-reg command then might catch 402 * this wrong USB_INT_ID_REGS. Fix by ignoring wrong reads. 403 */ 404 if (!check_read_regs(usb, intr->read_regs.req, 405 intr->read_regs.req_count)) 406 goto out; 407 408 atomic_set(&intr->read_regs_enabled, 0); 409 intr->read_regs_int_overridden = 0; 410 complete(&intr->read_regs.completion); 411 412 goto out; 413 } 414 415 out: 416 spin_unlock_irqrestore(&intr->lock, flags); 417 418 /* CR_INTERRUPT might override read_reg too. */ 419 if (int_num == (u16)CR_INTERRUPT && 420 atomic_read(&intr->read_regs_enabled)) 421 handle_regs_int_override(urb); 422 } 423 int_urb_complete(struct urb * urb)424 static void int_urb_complete(struct urb *urb) 425 { 426 int r; 427 struct usb_int_header *hdr; 428 struct zd_usb *usb; 429 struct zd_usb_interrupt *intr; 430 431 switch (urb->status) { 432 case 0: 433 break; 434 case -ESHUTDOWN: 435 case -EINVAL: 436 case -ENODEV: 437 case -ENOENT: 438 case -ECONNRESET: 439 case -EPIPE: 440 dev_dbg_f(urb_dev(urb), "urb %p error %d\n", urb, urb->status); 441 return; 442 default: 443 dev_dbg_f(urb_dev(urb), "urb %p error %d\n", urb, urb->status); 444 goto resubmit; 445 } 446 447 if (urb->actual_length < sizeof(hdr)) { 448 dev_dbg_f(urb_dev(urb), "error: urb %p to small\n", urb); 449 goto resubmit; 450 } 451 452 hdr = urb->transfer_buffer; 453 if (hdr->type != USB_INT_TYPE) { 454 dev_dbg_f(urb_dev(urb), "error: urb %p wrong type\n", urb); 455 goto resubmit; 456 } 457 458 /* USB_INT_ID_RETRY_FAILED triggered by tx-urb submit can override 459 * pending USB_INT_ID_REGS causing read command timeout. 460 */ 461 usb = urb->context; 462 intr = &usb->intr; 463 if (hdr->id != USB_INT_ID_REGS && atomic_read(&intr->read_regs_enabled)) 464 handle_regs_int_override(urb); 465 466 switch (hdr->id) { 467 case USB_INT_ID_REGS: 468 handle_regs_int(urb); 469 break; 470 case USB_INT_ID_RETRY_FAILED: 471 zd_mac_tx_failed(urb); 472 break; 473 default: 474 dev_dbg_f(urb_dev(urb), "error: urb %p unknown id %x\n", urb, 475 (unsigned int)hdr->id); 476 goto resubmit; 477 } 478 479 resubmit: 480 r = usb_submit_urb(urb, GFP_ATOMIC); 481 if (r) { 482 dev_dbg_f(urb_dev(urb), "error: resubmit urb %p err code %d\n", 483 urb, r); 484 /* TODO: add worker to reset intr->urb */ 485 } 486 return; 487 } 488 int_urb_interval(struct usb_device * udev)489 static inline int int_urb_interval(struct usb_device *udev) 490 { 491 switch (udev->speed) { 492 case USB_SPEED_HIGH: 493 return 4; 494 case USB_SPEED_LOW: 495 return 10; 496 case USB_SPEED_FULL: 497 default: 498 return 1; 499 } 500 } 501 usb_int_enabled(struct zd_usb * usb)502 static inline int usb_int_enabled(struct zd_usb *usb) 503 { 504 unsigned long flags; 505 struct zd_usb_interrupt *intr = &usb->intr; 506 struct urb *urb; 507 508 spin_lock_irqsave(&intr->lock, flags); 509 urb = intr->urb; 510 spin_unlock_irqrestore(&intr->lock, flags); 511 return urb != NULL; 512 } 513 zd_usb_enable_int(struct zd_usb * usb)514 int zd_usb_enable_int(struct zd_usb *usb) 515 { 516 int r; 517 struct usb_device *udev = zd_usb_to_usbdev(usb); 518 struct zd_usb_interrupt *intr = &usb->intr; 519 struct urb *urb; 520 521 dev_dbg_f(zd_usb_dev(usb), "\n"); 522 523 urb = usb_alloc_urb(0, GFP_KERNEL); 524 if (!urb) { 525 r = -ENOMEM; 526 goto out; 527 } 528 529 ZD_ASSERT(!irqs_disabled()); 530 spin_lock_irq(&intr->lock); 531 if (intr->urb) { 532 spin_unlock_irq(&intr->lock); 533 r = 0; 534 goto error_free_urb; 535 } 536 intr->urb = urb; 537 spin_unlock_irq(&intr->lock); 538 539 r = -ENOMEM; 540 intr->buffer = usb_alloc_coherent(udev, USB_MAX_EP_INT_BUFFER, 541 GFP_KERNEL, &intr->buffer_dma); 542 if (!intr->buffer) { 543 dev_dbg_f(zd_usb_dev(usb), 544 "couldn't allocate transfer_buffer\n"); 545 goto error_set_urb_null; 546 } 547 548 usb_fill_int_urb(urb, udev, usb_rcvintpipe(udev, EP_INT_IN), 549 intr->buffer, USB_MAX_EP_INT_BUFFER, 550 int_urb_complete, usb, 551 intr->interval); 552 urb->transfer_dma = intr->buffer_dma; 553 urb->transfer_flags |= URB_NO_TRANSFER_DMA_MAP; 554 555 dev_dbg_f(zd_usb_dev(usb), "submit urb %p\n", intr->urb); 556 r = usb_submit_urb(urb, GFP_KERNEL); 557 if (r) { 558 dev_dbg_f(zd_usb_dev(usb), 559 "Couldn't submit urb. Error number %d\n", r); 560 goto error; 561 } 562 563 return 0; 564 error: 565 usb_free_coherent(udev, USB_MAX_EP_INT_BUFFER, 566 intr->buffer, intr->buffer_dma); 567 error_set_urb_null: 568 spin_lock_irq(&intr->lock); 569 intr->urb = NULL; 570 spin_unlock_irq(&intr->lock); 571 error_free_urb: 572 usb_free_urb(urb); 573 out: 574 return r; 575 } 576 zd_usb_disable_int(struct zd_usb * usb)577 void zd_usb_disable_int(struct zd_usb *usb) 578 { 579 unsigned long flags; 580 struct usb_device *udev = zd_usb_to_usbdev(usb); 581 struct zd_usb_interrupt *intr = &usb->intr; 582 struct urb *urb; 583 void *buffer; 584 dma_addr_t buffer_dma; 585 586 spin_lock_irqsave(&intr->lock, flags); 587 urb = intr->urb; 588 if (!urb) { 589 spin_unlock_irqrestore(&intr->lock, flags); 590 return; 591 } 592 intr->urb = NULL; 593 buffer = intr->buffer; 594 buffer_dma = intr->buffer_dma; 595 intr->buffer = NULL; 596 spin_unlock_irqrestore(&intr->lock, flags); 597 598 usb_kill_urb(urb); 599 dev_dbg_f(zd_usb_dev(usb), "urb %p killed\n", urb); 600 usb_free_urb(urb); 601 602 usb_free_coherent(udev, USB_MAX_EP_INT_BUFFER, buffer, buffer_dma); 603 } 604 handle_rx_packet(struct zd_usb * usb,const u8 * buffer,unsigned int length)605 static void handle_rx_packet(struct zd_usb *usb, const u8 *buffer, 606 unsigned int length) 607 { 608 int i; 609 const struct rx_length_info *length_info; 610 611 if (length < sizeof(struct rx_length_info)) { 612 /* It's not a complete packet anyhow. */ 613 dev_dbg_f(zd_usb_dev(usb), "invalid, small RX packet : %d\n", 614 length); 615 return; 616 } 617 length_info = (struct rx_length_info *) 618 (buffer + length - sizeof(struct rx_length_info)); 619 620 /* It might be that three frames are merged into a single URB 621 * transaction. We have to check for the length info tag. 622 * 623 * While testing we discovered that length_info might be unaligned, 624 * because if USB transactions are merged, the last packet will not 625 * be padded. Unaligned access might also happen if the length_info 626 * structure is not present. 627 */ 628 if (get_unaligned_le16(&length_info->tag) == RX_LENGTH_INFO_TAG) 629 { 630 unsigned int l, k, n; 631 for (i = 0, l = 0;; i++) { 632 k = get_unaligned_le16(&length_info->length[i]); 633 if (k == 0) 634 return; 635 n = l+k; 636 if (n > length) 637 return; 638 zd_mac_rx(zd_usb_to_hw(usb), buffer+l, k); 639 if (i >= 2) 640 return; 641 l = (n+3) & ~3; 642 } 643 } else { 644 zd_mac_rx(zd_usb_to_hw(usb), buffer, length); 645 } 646 } 647 rx_urb_complete(struct urb * urb)648 static void rx_urb_complete(struct urb *urb) 649 { 650 int r; 651 struct zd_usb *usb; 652 struct zd_usb_rx *rx; 653 const u8 *buffer; 654 unsigned int length; 655 unsigned long flags; 656 657 switch (urb->status) { 658 case 0: 659 break; 660 case -ESHUTDOWN: 661 case -EINVAL: 662 case -ENODEV: 663 case -ENOENT: 664 case -ECONNRESET: 665 case -EPIPE: 666 dev_dbg_f(urb_dev(urb), "urb %p error %d\n", urb, urb->status); 667 return; 668 default: 669 dev_dbg_f(urb_dev(urb), "urb %p error %d\n", urb, urb->status); 670 goto resubmit; 671 } 672 673 buffer = urb->transfer_buffer; 674 length = urb->actual_length; 675 usb = urb->context; 676 rx = &usb->rx; 677 678 tasklet_schedule(&rx->reset_timer_tasklet); 679 680 if (length%rx->usb_packet_size > rx->usb_packet_size-4) { 681 /* If there is an old first fragment, we don't care. */ 682 dev_dbg_f(urb_dev(urb), "*** first fragment ***\n"); 683 ZD_ASSERT(length <= ARRAY_SIZE(rx->fragment)); 684 spin_lock_irqsave(&rx->lock, flags); 685 memcpy(rx->fragment, buffer, length); 686 rx->fragment_length = length; 687 spin_unlock_irqrestore(&rx->lock, flags); 688 goto resubmit; 689 } 690 691 spin_lock_irqsave(&rx->lock, flags); 692 if (rx->fragment_length > 0) { 693 /* We are on a second fragment, we believe */ 694 ZD_ASSERT(length + rx->fragment_length <= 695 ARRAY_SIZE(rx->fragment)); 696 dev_dbg_f(urb_dev(urb), "*** second fragment ***\n"); 697 memcpy(rx->fragment+rx->fragment_length, buffer, length); 698 handle_rx_packet(usb, rx->fragment, 699 rx->fragment_length + length); 700 rx->fragment_length = 0; 701 spin_unlock_irqrestore(&rx->lock, flags); 702 } else { 703 spin_unlock_irqrestore(&rx->lock, flags); 704 handle_rx_packet(usb, buffer, length); 705 } 706 707 resubmit: 708 r = usb_submit_urb(urb, GFP_ATOMIC); 709 if (r) 710 dev_dbg_f(urb_dev(urb), "urb %p resubmit error %d\n", urb, r); 711 } 712 alloc_rx_urb(struct zd_usb * usb)713 static struct urb *alloc_rx_urb(struct zd_usb *usb) 714 { 715 struct usb_device *udev = zd_usb_to_usbdev(usb); 716 struct urb *urb; 717 void *buffer; 718 719 urb = usb_alloc_urb(0, GFP_KERNEL); 720 if (!urb) 721 return NULL; 722 buffer = usb_alloc_coherent(udev, USB_MAX_RX_SIZE, GFP_KERNEL, 723 &urb->transfer_dma); 724 if (!buffer) { 725 usb_free_urb(urb); 726 return NULL; 727 } 728 729 usb_fill_bulk_urb(urb, udev, usb_rcvbulkpipe(udev, EP_DATA_IN), 730 buffer, USB_MAX_RX_SIZE, 731 rx_urb_complete, usb); 732 urb->transfer_flags |= URB_NO_TRANSFER_DMA_MAP; 733 734 return urb; 735 } 736 free_rx_urb(struct urb * urb)737 static void free_rx_urb(struct urb *urb) 738 { 739 if (!urb) 740 return; 741 usb_free_coherent(urb->dev, urb->transfer_buffer_length, 742 urb->transfer_buffer, urb->transfer_dma); 743 usb_free_urb(urb); 744 } 745 __zd_usb_enable_rx(struct zd_usb * usb)746 static int __zd_usb_enable_rx(struct zd_usb *usb) 747 { 748 int i, r; 749 struct zd_usb_rx *rx = &usb->rx; 750 struct urb **urbs; 751 752 dev_dbg_f(zd_usb_dev(usb), "\n"); 753 754 r = -ENOMEM; 755 urbs = kcalloc(RX_URBS_COUNT, sizeof(struct urb *), GFP_KERNEL); 756 if (!urbs) 757 goto error; 758 for (i = 0; i < RX_URBS_COUNT; i++) { 759 urbs[i] = alloc_rx_urb(usb); 760 if (!urbs[i]) 761 goto error; 762 } 763 764 ZD_ASSERT(!irqs_disabled()); 765 spin_lock_irq(&rx->lock); 766 if (rx->urbs) { 767 spin_unlock_irq(&rx->lock); 768 r = 0; 769 goto error; 770 } 771 rx->urbs = urbs; 772 rx->urbs_count = RX_URBS_COUNT; 773 spin_unlock_irq(&rx->lock); 774 775 for (i = 0; i < RX_URBS_COUNT; i++) { 776 r = usb_submit_urb(urbs[i], GFP_KERNEL); 777 if (r) 778 goto error_submit; 779 } 780 781 return 0; 782 error_submit: 783 for (i = 0; i < RX_URBS_COUNT; i++) { 784 usb_kill_urb(urbs[i]); 785 } 786 spin_lock_irq(&rx->lock); 787 rx->urbs = NULL; 788 rx->urbs_count = 0; 789 spin_unlock_irq(&rx->lock); 790 error: 791 if (urbs) { 792 for (i = 0; i < RX_URBS_COUNT; i++) 793 free_rx_urb(urbs[i]); 794 } 795 return r; 796 } 797 zd_usb_enable_rx(struct zd_usb * usb)798 int zd_usb_enable_rx(struct zd_usb *usb) 799 { 800 int r; 801 struct zd_usb_rx *rx = &usb->rx; 802 803 mutex_lock(&rx->setup_mutex); 804 r = __zd_usb_enable_rx(usb); 805 mutex_unlock(&rx->setup_mutex); 806 807 zd_usb_reset_rx_idle_timer(usb); 808 809 return r; 810 } 811 __zd_usb_disable_rx(struct zd_usb * usb)812 static void __zd_usb_disable_rx(struct zd_usb *usb) 813 { 814 int i; 815 unsigned long flags; 816 struct urb **urbs; 817 unsigned int count; 818 struct zd_usb_rx *rx = &usb->rx; 819 820 spin_lock_irqsave(&rx->lock, flags); 821 urbs = rx->urbs; 822 count = rx->urbs_count; 823 spin_unlock_irqrestore(&rx->lock, flags); 824 if (!urbs) 825 return; 826 827 for (i = 0; i < count; i++) { 828 usb_kill_urb(urbs[i]); 829 free_rx_urb(urbs[i]); 830 } 831 kfree(urbs); 832 833 spin_lock_irqsave(&rx->lock, flags); 834 rx->urbs = NULL; 835 rx->urbs_count = 0; 836 spin_unlock_irqrestore(&rx->lock, flags); 837 } 838 zd_usb_disable_rx(struct zd_usb * usb)839 void zd_usb_disable_rx(struct zd_usb *usb) 840 { 841 struct zd_usb_rx *rx = &usb->rx; 842 843 mutex_lock(&rx->setup_mutex); 844 __zd_usb_disable_rx(usb); 845 mutex_unlock(&rx->setup_mutex); 846 847 tasklet_kill(&rx->reset_timer_tasklet); 848 cancel_delayed_work_sync(&rx->idle_work); 849 } 850 zd_usb_reset_rx(struct zd_usb * usb)851 static void zd_usb_reset_rx(struct zd_usb *usb) 852 { 853 bool do_reset; 854 struct zd_usb_rx *rx = &usb->rx; 855 unsigned long flags; 856 857 mutex_lock(&rx->setup_mutex); 858 859 spin_lock_irqsave(&rx->lock, flags); 860 do_reset = rx->urbs != NULL; 861 spin_unlock_irqrestore(&rx->lock, flags); 862 863 if (do_reset) { 864 __zd_usb_disable_rx(usb); 865 __zd_usb_enable_rx(usb); 866 } 867 868 mutex_unlock(&rx->setup_mutex); 869 870 if (do_reset) 871 zd_usb_reset_rx_idle_timer(usb); 872 } 873 874 /** 875 * zd_usb_disable_tx - disable transmission 876 * @usb: the zd1211rw-private USB structure 877 * 878 * Frees all URBs in the free list and marks the transmission as disabled. 879 */ zd_usb_disable_tx(struct zd_usb * usb)880 void zd_usb_disable_tx(struct zd_usb *usb) 881 { 882 struct zd_usb_tx *tx = &usb->tx; 883 unsigned long flags; 884 885 atomic_set(&tx->enabled, 0); 886 887 /* kill all submitted tx-urbs */ 888 usb_kill_anchored_urbs(&tx->submitted); 889 890 spin_lock_irqsave(&tx->lock, flags); 891 WARN_ON(!skb_queue_empty(&tx->submitted_skbs)); 892 WARN_ON(tx->submitted_urbs != 0); 893 tx->submitted_urbs = 0; 894 spin_unlock_irqrestore(&tx->lock, flags); 895 896 /* The stopped state is ignored, relying on ieee80211_wake_queues() 897 * in a potentionally following zd_usb_enable_tx(). 898 */ 899 } 900 901 /** 902 * zd_usb_enable_tx - enables transmission 903 * @usb: a &struct zd_usb pointer 904 * 905 * This function enables transmission and prepares the &zd_usb_tx data 906 * structure. 907 */ zd_usb_enable_tx(struct zd_usb * usb)908 void zd_usb_enable_tx(struct zd_usb *usb) 909 { 910 unsigned long flags; 911 struct zd_usb_tx *tx = &usb->tx; 912 913 spin_lock_irqsave(&tx->lock, flags); 914 atomic_set(&tx->enabled, 1); 915 tx->submitted_urbs = 0; 916 ieee80211_wake_queues(zd_usb_to_hw(usb)); 917 tx->stopped = 0; 918 spin_unlock_irqrestore(&tx->lock, flags); 919 } 920 tx_dec_submitted_urbs(struct zd_usb * usb)921 static void tx_dec_submitted_urbs(struct zd_usb *usb) 922 { 923 struct zd_usb_tx *tx = &usb->tx; 924 unsigned long flags; 925 926 spin_lock_irqsave(&tx->lock, flags); 927 --tx->submitted_urbs; 928 if (tx->stopped && tx->submitted_urbs <= ZD_USB_TX_LOW) { 929 ieee80211_wake_queues(zd_usb_to_hw(usb)); 930 tx->stopped = 0; 931 } 932 spin_unlock_irqrestore(&tx->lock, flags); 933 } 934 tx_inc_submitted_urbs(struct zd_usb * usb)935 static void tx_inc_submitted_urbs(struct zd_usb *usb) 936 { 937 struct zd_usb_tx *tx = &usb->tx; 938 unsigned long flags; 939 940 spin_lock_irqsave(&tx->lock, flags); 941 ++tx->submitted_urbs; 942 if (!tx->stopped && tx->submitted_urbs > ZD_USB_TX_HIGH) { 943 ieee80211_stop_queues(zd_usb_to_hw(usb)); 944 tx->stopped = 1; 945 } 946 spin_unlock_irqrestore(&tx->lock, flags); 947 } 948 949 /** 950 * tx_urb_complete - completes the execution of an URB 951 * @urb: a URB 952 * 953 * This function is called if the URB has been transferred to a device or an 954 * error has happened. 955 */ tx_urb_complete(struct urb * urb)956 static void tx_urb_complete(struct urb *urb) 957 { 958 int r; 959 struct sk_buff *skb; 960 struct ieee80211_tx_info *info; 961 struct zd_usb *usb; 962 struct zd_usb_tx *tx; 963 964 skb = (struct sk_buff *)urb->context; 965 info = IEEE80211_SKB_CB(skb); 966 /* 967 * grab 'usb' pointer before handing off the skb (since 968 * it might be freed by zd_mac_tx_to_dev or mac80211) 969 */ 970 usb = &zd_hw_mac(info->rate_driver_data[0])->chip.usb; 971 tx = &usb->tx; 972 973 switch (urb->status) { 974 case 0: 975 break; 976 case -ESHUTDOWN: 977 case -EINVAL: 978 case -ENODEV: 979 case -ENOENT: 980 case -ECONNRESET: 981 case -EPIPE: 982 dev_dbg_f(urb_dev(urb), "urb %p error %d\n", urb, urb->status); 983 break; 984 default: 985 dev_dbg_f(urb_dev(urb), "urb %p error %d\n", urb, urb->status); 986 goto resubmit; 987 } 988 free_urb: 989 skb_unlink(skb, &usb->tx.submitted_skbs); 990 zd_mac_tx_to_dev(skb, urb->status); 991 usb_free_urb(urb); 992 tx_dec_submitted_urbs(usb); 993 return; 994 resubmit: 995 usb_anchor_urb(urb, &tx->submitted); 996 r = usb_submit_urb(urb, GFP_ATOMIC); 997 if (r) { 998 usb_unanchor_urb(urb); 999 dev_dbg_f(urb_dev(urb), "error resubmit urb %p %d\n", urb, r); 1000 goto free_urb; 1001 } 1002 } 1003 1004 /** 1005 * zd_usb_tx: initiates transfer of a frame of the device 1006 * 1007 * @usb: the zd1211rw-private USB structure 1008 * @skb: a &struct sk_buff pointer 1009 * 1010 * This function transmits a frame to the device. It doesn't wait for 1011 * completion. The frame must contain the control set and have all the 1012 * control set information available. 1013 * 1014 * The function returns 0 if the transfer has been successfully initiated. 1015 */ zd_usb_tx(struct zd_usb * usb,struct sk_buff * skb)1016 int zd_usb_tx(struct zd_usb *usb, struct sk_buff *skb) 1017 { 1018 int r; 1019 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb); 1020 struct usb_device *udev = zd_usb_to_usbdev(usb); 1021 struct urb *urb; 1022 struct zd_usb_tx *tx = &usb->tx; 1023 1024 if (!atomic_read(&tx->enabled)) { 1025 r = -ENOENT; 1026 goto out; 1027 } 1028 1029 urb = usb_alloc_urb(0, GFP_ATOMIC); 1030 if (!urb) { 1031 r = -ENOMEM; 1032 goto out; 1033 } 1034 1035 usb_fill_bulk_urb(urb, udev, usb_sndbulkpipe(udev, EP_DATA_OUT), 1036 skb->data, skb->len, tx_urb_complete, skb); 1037 1038 info->rate_driver_data[1] = (void *)jiffies; 1039 skb_queue_tail(&tx->submitted_skbs, skb); 1040 usb_anchor_urb(urb, &tx->submitted); 1041 1042 r = usb_submit_urb(urb, GFP_ATOMIC); 1043 if (r) { 1044 dev_dbg_f(zd_usb_dev(usb), "error submit urb %p %d\n", urb, r); 1045 usb_unanchor_urb(urb); 1046 skb_unlink(skb, &tx->submitted_skbs); 1047 goto error; 1048 } 1049 tx_inc_submitted_urbs(usb); 1050 return 0; 1051 error: 1052 usb_free_urb(urb); 1053 out: 1054 return r; 1055 } 1056 zd_tx_timeout(struct zd_usb * usb)1057 static bool zd_tx_timeout(struct zd_usb *usb) 1058 { 1059 struct zd_usb_tx *tx = &usb->tx; 1060 struct sk_buff_head *q = &tx->submitted_skbs; 1061 struct sk_buff *skb, *skbnext; 1062 struct ieee80211_tx_info *info; 1063 unsigned long flags, trans_start; 1064 bool have_timedout = false; 1065 1066 spin_lock_irqsave(&q->lock, flags); 1067 skb_queue_walk_safe(q, skb, skbnext) { 1068 info = IEEE80211_SKB_CB(skb); 1069 trans_start = (unsigned long)info->rate_driver_data[1]; 1070 1071 if (time_is_before_jiffies(trans_start + ZD_TX_TIMEOUT)) { 1072 have_timedout = true; 1073 break; 1074 } 1075 } 1076 spin_unlock_irqrestore(&q->lock, flags); 1077 1078 return have_timedout; 1079 } 1080 zd_tx_watchdog_handler(struct work_struct * work)1081 static void zd_tx_watchdog_handler(struct work_struct *work) 1082 { 1083 struct zd_usb *usb = 1084 container_of(work, struct zd_usb, tx.watchdog_work.work); 1085 struct zd_usb_tx *tx = &usb->tx; 1086 1087 if (!atomic_read(&tx->enabled) || !tx->watchdog_enabled) 1088 goto out; 1089 if (!zd_tx_timeout(usb)) 1090 goto out; 1091 1092 /* TX halted, try reset */ 1093 dev_warn(zd_usb_dev(usb), "TX-stall detected, resetting device..."); 1094 1095 usb_queue_reset_device(usb->intf); 1096 1097 /* reset will stop this worker, don't rearm */ 1098 return; 1099 out: 1100 queue_delayed_work(zd_workqueue, &tx->watchdog_work, 1101 ZD_TX_WATCHDOG_INTERVAL); 1102 } 1103 zd_tx_watchdog_enable(struct zd_usb * usb)1104 void zd_tx_watchdog_enable(struct zd_usb *usb) 1105 { 1106 struct zd_usb_tx *tx = &usb->tx; 1107 1108 if (!tx->watchdog_enabled) { 1109 dev_dbg_f(zd_usb_dev(usb), "\n"); 1110 queue_delayed_work(zd_workqueue, &tx->watchdog_work, 1111 ZD_TX_WATCHDOG_INTERVAL); 1112 tx->watchdog_enabled = 1; 1113 } 1114 } 1115 zd_tx_watchdog_disable(struct zd_usb * usb)1116 void zd_tx_watchdog_disable(struct zd_usb *usb) 1117 { 1118 struct zd_usb_tx *tx = &usb->tx; 1119 1120 if (tx->watchdog_enabled) { 1121 dev_dbg_f(zd_usb_dev(usb), "\n"); 1122 tx->watchdog_enabled = 0; 1123 cancel_delayed_work_sync(&tx->watchdog_work); 1124 } 1125 } 1126 zd_rx_idle_timer_handler(struct work_struct * work)1127 static void zd_rx_idle_timer_handler(struct work_struct *work) 1128 { 1129 struct zd_usb *usb = 1130 container_of(work, struct zd_usb, rx.idle_work.work); 1131 struct zd_mac *mac = zd_usb_to_mac(usb); 1132 1133 if (!test_bit(ZD_DEVICE_RUNNING, &mac->flags)) 1134 return; 1135 1136 dev_dbg_f(zd_usb_dev(usb), "\n"); 1137 1138 /* 30 seconds since last rx, reset rx */ 1139 zd_usb_reset_rx(usb); 1140 } 1141 zd_usb_reset_rx_idle_timer_tasklet(struct tasklet_struct * t)1142 static void zd_usb_reset_rx_idle_timer_tasklet(struct tasklet_struct *t) 1143 { 1144 struct zd_usb *usb = from_tasklet(usb, t, rx.reset_timer_tasklet); 1145 1146 zd_usb_reset_rx_idle_timer(usb); 1147 } 1148 zd_usb_reset_rx_idle_timer(struct zd_usb * usb)1149 void zd_usb_reset_rx_idle_timer(struct zd_usb *usb) 1150 { 1151 struct zd_usb_rx *rx = &usb->rx; 1152 1153 mod_delayed_work(zd_workqueue, &rx->idle_work, ZD_RX_IDLE_INTERVAL); 1154 } 1155 init_usb_interrupt(struct zd_usb * usb)1156 static inline void init_usb_interrupt(struct zd_usb *usb) 1157 { 1158 struct zd_usb_interrupt *intr = &usb->intr; 1159 1160 spin_lock_init(&intr->lock); 1161 intr->interval = int_urb_interval(zd_usb_to_usbdev(usb)); 1162 init_completion(&intr->read_regs.completion); 1163 atomic_set(&intr->read_regs_enabled, 0); 1164 intr->read_regs.cr_int_addr = cpu_to_le16((u16)CR_INTERRUPT); 1165 } 1166 init_usb_rx(struct zd_usb * usb)1167 static inline void init_usb_rx(struct zd_usb *usb) 1168 { 1169 struct zd_usb_rx *rx = &usb->rx; 1170 1171 spin_lock_init(&rx->lock); 1172 mutex_init(&rx->setup_mutex); 1173 if (interface_to_usbdev(usb->intf)->speed == USB_SPEED_HIGH) { 1174 rx->usb_packet_size = 512; 1175 } else { 1176 rx->usb_packet_size = 64; 1177 } 1178 ZD_ASSERT(rx->fragment_length == 0); 1179 INIT_DELAYED_WORK(&rx->idle_work, zd_rx_idle_timer_handler); 1180 rx->reset_timer_tasklet.func = (void (*)) 1181 zd_usb_reset_rx_idle_timer_tasklet; 1182 rx->reset_timer_tasklet.data = (unsigned long)&rx->reset_timer_tasklet; 1183 } 1184 init_usb_tx(struct zd_usb * usb)1185 static inline void init_usb_tx(struct zd_usb *usb) 1186 { 1187 struct zd_usb_tx *tx = &usb->tx; 1188 1189 spin_lock_init(&tx->lock); 1190 atomic_set(&tx->enabled, 0); 1191 tx->stopped = 0; 1192 skb_queue_head_init(&tx->submitted_skbs); 1193 init_usb_anchor(&tx->submitted); 1194 tx->submitted_urbs = 0; 1195 tx->watchdog_enabled = 0; 1196 INIT_DELAYED_WORK(&tx->watchdog_work, zd_tx_watchdog_handler); 1197 } 1198 zd_usb_init(struct zd_usb * usb,struct ieee80211_hw * hw,struct usb_interface * intf)1199 void zd_usb_init(struct zd_usb *usb, struct ieee80211_hw *hw, 1200 struct usb_interface *intf) 1201 { 1202 memset(usb, 0, sizeof(*usb)); 1203 usb->intf = usb_get_intf(intf); 1204 usb_set_intfdata(usb->intf, hw); 1205 init_usb_anchor(&usb->submitted_cmds); 1206 init_usb_interrupt(usb); 1207 init_usb_tx(usb); 1208 init_usb_rx(usb); 1209 } 1210 zd_usb_clear(struct zd_usb * usb)1211 void zd_usb_clear(struct zd_usb *usb) 1212 { 1213 usb_set_intfdata(usb->intf, NULL); 1214 usb_put_intf(usb->intf); 1215 ZD_MEMCLEAR(usb, sizeof(*usb)); 1216 /* FIXME: usb_interrupt, usb_tx, usb_rx? */ 1217 } 1218 speed(enum usb_device_speed speed)1219 static const char *speed(enum usb_device_speed speed) 1220 { 1221 switch (speed) { 1222 case USB_SPEED_LOW: 1223 return "low"; 1224 case USB_SPEED_FULL: 1225 return "full"; 1226 case USB_SPEED_HIGH: 1227 return "high"; 1228 default: 1229 return "unknown speed"; 1230 } 1231 } 1232 scnprint_id(struct usb_device * udev,char * buffer,size_t size)1233 static int scnprint_id(struct usb_device *udev, char *buffer, size_t size) 1234 { 1235 return scnprintf(buffer, size, "%04hx:%04hx v%04hx %s", 1236 le16_to_cpu(udev->descriptor.idVendor), 1237 le16_to_cpu(udev->descriptor.idProduct), 1238 get_bcdDevice(udev), 1239 speed(udev->speed)); 1240 } 1241 zd_usb_scnprint_id(struct zd_usb * usb,char * buffer,size_t size)1242 int zd_usb_scnprint_id(struct zd_usb *usb, char *buffer, size_t size) 1243 { 1244 struct usb_device *udev = interface_to_usbdev(usb->intf); 1245 return scnprint_id(udev, buffer, size); 1246 } 1247 1248 #ifdef DEBUG print_id(struct usb_device * udev)1249 static void print_id(struct usb_device *udev) 1250 { 1251 char buffer[40]; 1252 1253 scnprint_id(udev, buffer, sizeof(buffer)); 1254 buffer[sizeof(buffer)-1] = 0; 1255 dev_dbg_f(&udev->dev, "%s\n", buffer); 1256 } 1257 #else 1258 #define print_id(udev) do { } while (0) 1259 #endif 1260 eject_installer(struct usb_interface * intf)1261 static int eject_installer(struct usb_interface *intf) 1262 { 1263 struct usb_device *udev = interface_to_usbdev(intf); 1264 struct usb_host_interface *iface_desc = intf->cur_altsetting; 1265 struct usb_endpoint_descriptor *endpoint; 1266 unsigned char *cmd; 1267 u8 bulk_out_ep; 1268 int r; 1269 1270 if (iface_desc->desc.bNumEndpoints < 2) 1271 return -ENODEV; 1272 1273 /* Find bulk out endpoint */ 1274 for (r = 1; r >= 0; r--) { 1275 endpoint = &iface_desc->endpoint[r].desc; 1276 if (usb_endpoint_dir_out(endpoint) && 1277 usb_endpoint_xfer_bulk(endpoint)) { 1278 bulk_out_ep = endpoint->bEndpointAddress; 1279 break; 1280 } 1281 } 1282 if (r == -1) { 1283 dev_err(&udev->dev, 1284 "zd1211rw: Could not find bulk out endpoint\n"); 1285 return -ENODEV; 1286 } 1287 1288 cmd = kzalloc(31, GFP_KERNEL); 1289 if (cmd == NULL) 1290 return -ENODEV; 1291 1292 /* USB bulk command block */ 1293 cmd[0] = 0x55; /* bulk command signature */ 1294 cmd[1] = 0x53; /* bulk command signature */ 1295 cmd[2] = 0x42; /* bulk command signature */ 1296 cmd[3] = 0x43; /* bulk command signature */ 1297 cmd[14] = 6; /* command length */ 1298 1299 cmd[15] = 0x1b; /* SCSI command: START STOP UNIT */ 1300 cmd[19] = 0x2; /* eject disc */ 1301 1302 dev_info(&udev->dev, "Ejecting virtual installer media...\n"); 1303 r = usb_bulk_msg(udev, usb_sndbulkpipe(udev, bulk_out_ep), 1304 cmd, 31, NULL, 2000); 1305 kfree(cmd); 1306 if (r) 1307 return r; 1308 1309 /* At this point, the device disconnects and reconnects with the real 1310 * ID numbers. */ 1311 1312 usb_set_intfdata(intf, NULL); 1313 return 0; 1314 } 1315 zd_usb_init_hw(struct zd_usb * usb)1316 int zd_usb_init_hw(struct zd_usb *usb) 1317 { 1318 int r; 1319 struct zd_mac *mac = zd_usb_to_mac(usb); 1320 1321 dev_dbg_f(zd_usb_dev(usb), "\n"); 1322 1323 r = upload_firmware(usb); 1324 if (r) { 1325 dev_err(zd_usb_dev(usb), 1326 "couldn't load firmware. Error number %d\n", r); 1327 return r; 1328 } 1329 1330 r = usb_reset_configuration(zd_usb_to_usbdev(usb)); 1331 if (r) { 1332 dev_dbg_f(zd_usb_dev(usb), 1333 "couldn't reset configuration. Error number %d\n", r); 1334 return r; 1335 } 1336 1337 r = zd_mac_init_hw(mac->hw); 1338 if (r) { 1339 dev_dbg_f(zd_usb_dev(usb), 1340 "couldn't initialize mac. Error number %d\n", r); 1341 return r; 1342 } 1343 1344 usb->initialized = 1; 1345 return 0; 1346 } 1347 probe(struct usb_interface * intf,const struct usb_device_id * id)1348 static int probe(struct usb_interface *intf, const struct usb_device_id *id) 1349 { 1350 int r; 1351 struct usb_device *udev = interface_to_usbdev(intf); 1352 struct zd_usb *usb; 1353 struct ieee80211_hw *hw = NULL; 1354 1355 print_id(udev); 1356 1357 if (id->driver_info & DEVICE_INSTALLER) 1358 return eject_installer(intf); 1359 1360 switch (udev->speed) { 1361 case USB_SPEED_LOW: 1362 case USB_SPEED_FULL: 1363 case USB_SPEED_HIGH: 1364 break; 1365 default: 1366 dev_dbg_f(&intf->dev, "Unknown USB speed\n"); 1367 r = -ENODEV; 1368 goto error; 1369 } 1370 1371 r = usb_reset_device(udev); 1372 if (r) { 1373 dev_err(&intf->dev, 1374 "couldn't reset usb device. Error number %d\n", r); 1375 goto error; 1376 } 1377 1378 hw = zd_mac_alloc_hw(intf); 1379 if (hw == NULL) { 1380 r = -ENOMEM; 1381 goto error; 1382 } 1383 1384 usb = &zd_hw_mac(hw)->chip.usb; 1385 usb->is_zd1211b = (id->driver_info == DEVICE_ZD1211B) != 0; 1386 1387 r = zd_mac_preinit_hw(hw); 1388 if (r) { 1389 dev_dbg_f(&intf->dev, 1390 "couldn't initialize mac. Error number %d\n", r); 1391 goto error; 1392 } 1393 1394 r = ieee80211_register_hw(hw); 1395 if (r) { 1396 dev_dbg_f(&intf->dev, 1397 "couldn't register device. Error number %d\n", r); 1398 goto error; 1399 } 1400 1401 dev_dbg_f(&intf->dev, "successful\n"); 1402 dev_info(&intf->dev, "%s\n", wiphy_name(hw->wiphy)); 1403 return 0; 1404 error: 1405 usb_reset_device(interface_to_usbdev(intf)); 1406 if (hw) { 1407 zd_mac_clear(zd_hw_mac(hw)); 1408 ieee80211_free_hw(hw); 1409 } 1410 return r; 1411 } 1412 disconnect(struct usb_interface * intf)1413 static void disconnect(struct usb_interface *intf) 1414 { 1415 struct ieee80211_hw *hw = zd_intf_to_hw(intf); 1416 struct zd_mac *mac; 1417 struct zd_usb *usb; 1418 1419 /* Either something really bad happened, or we're just dealing with 1420 * a DEVICE_INSTALLER. */ 1421 if (hw == NULL) 1422 return; 1423 1424 mac = zd_hw_mac(hw); 1425 usb = &mac->chip.usb; 1426 1427 dev_dbg_f(zd_usb_dev(usb), "\n"); 1428 1429 ieee80211_unregister_hw(hw); 1430 1431 /* Just in case something has gone wrong! */ 1432 zd_usb_disable_tx(usb); 1433 zd_usb_disable_rx(usb); 1434 zd_usb_disable_int(usb); 1435 1436 /* If the disconnect has been caused by a removal of the 1437 * driver module, the reset allows reloading of the driver. If the 1438 * reset will not be executed here, the upload of the firmware in the 1439 * probe function caused by the reloading of the driver will fail. 1440 */ 1441 usb_reset_device(interface_to_usbdev(intf)); 1442 1443 zd_mac_clear(mac); 1444 ieee80211_free_hw(hw); 1445 dev_dbg(&intf->dev, "disconnected\n"); 1446 } 1447 zd_usb_resume(struct zd_usb * usb)1448 static void zd_usb_resume(struct zd_usb *usb) 1449 { 1450 struct zd_mac *mac = zd_usb_to_mac(usb); 1451 int r; 1452 1453 dev_dbg_f(zd_usb_dev(usb), "\n"); 1454 1455 r = zd_op_start(zd_usb_to_hw(usb)); 1456 if (r < 0) { 1457 dev_warn(zd_usb_dev(usb), "Device resume failed " 1458 "with error code %d. Retrying...\n", r); 1459 if (usb->was_running) 1460 set_bit(ZD_DEVICE_RUNNING, &mac->flags); 1461 usb_queue_reset_device(usb->intf); 1462 return; 1463 } 1464 1465 if (mac->type != NL80211_IFTYPE_UNSPECIFIED) { 1466 r = zd_restore_settings(mac); 1467 if (r < 0) { 1468 dev_dbg(zd_usb_dev(usb), 1469 "failed to restore settings, %d\n", r); 1470 return; 1471 } 1472 } 1473 } 1474 zd_usb_stop(struct zd_usb * usb)1475 static void zd_usb_stop(struct zd_usb *usb) 1476 { 1477 dev_dbg_f(zd_usb_dev(usb), "\n"); 1478 1479 zd_op_stop(zd_usb_to_hw(usb), false); 1480 1481 zd_usb_disable_tx(usb); 1482 zd_usb_disable_rx(usb); 1483 zd_usb_disable_int(usb); 1484 1485 usb->initialized = 0; 1486 } 1487 pre_reset(struct usb_interface * intf)1488 static int pre_reset(struct usb_interface *intf) 1489 { 1490 struct ieee80211_hw *hw = usb_get_intfdata(intf); 1491 struct zd_mac *mac; 1492 struct zd_usb *usb; 1493 1494 if (!hw || intf->condition != USB_INTERFACE_BOUND) 1495 return 0; 1496 1497 mac = zd_hw_mac(hw); 1498 usb = &mac->chip.usb; 1499 1500 usb->was_running = test_bit(ZD_DEVICE_RUNNING, &mac->flags); 1501 1502 zd_usb_stop(usb); 1503 1504 mutex_lock(&mac->chip.mutex); 1505 return 0; 1506 } 1507 post_reset(struct usb_interface * intf)1508 static int post_reset(struct usb_interface *intf) 1509 { 1510 struct ieee80211_hw *hw = usb_get_intfdata(intf); 1511 struct zd_mac *mac; 1512 struct zd_usb *usb; 1513 1514 if (!hw || intf->condition != USB_INTERFACE_BOUND) 1515 return 0; 1516 1517 mac = zd_hw_mac(hw); 1518 usb = &mac->chip.usb; 1519 1520 mutex_unlock(&mac->chip.mutex); 1521 1522 if (usb->was_running) 1523 zd_usb_resume(usb); 1524 return 0; 1525 } 1526 1527 static struct usb_driver driver = { 1528 .name = KBUILD_MODNAME, 1529 .id_table = usb_ids, 1530 .probe = probe, 1531 .disconnect = disconnect, 1532 .pre_reset = pre_reset, 1533 .post_reset = post_reset, 1534 .disable_hub_initiated_lpm = 1, 1535 }; 1536 1537 struct workqueue_struct *zd_workqueue; 1538 usb_init(void)1539 static int __init usb_init(void) 1540 { 1541 int r; 1542 1543 pr_debug("%s usb_init()\n", driver.name); 1544 1545 zd_workqueue = create_singlethread_workqueue(driver.name); 1546 if (zd_workqueue == NULL) { 1547 pr_err("%s couldn't create workqueue\n", driver.name); 1548 return -ENOMEM; 1549 } 1550 1551 r = usb_register(&driver); 1552 if (r) { 1553 destroy_workqueue(zd_workqueue); 1554 pr_err("%s usb_register() failed. Error number %d\n", 1555 driver.name, r); 1556 return r; 1557 } 1558 1559 pr_debug("%s initialized\n", driver.name); 1560 return 0; 1561 } 1562 usb_exit(void)1563 static void __exit usb_exit(void) 1564 { 1565 pr_debug("%s usb_exit()\n", driver.name); 1566 usb_deregister(&driver); 1567 destroy_workqueue(zd_workqueue); 1568 } 1569 1570 module_init(usb_init); 1571 module_exit(usb_exit); 1572 zd_ep_regs_out_msg(struct usb_device * udev,void * data,int len,int * actual_length,int timeout)1573 static int zd_ep_regs_out_msg(struct usb_device *udev, void *data, int len, 1574 int *actual_length, int timeout) 1575 { 1576 /* In USB 2.0 mode EP_REGS_OUT endpoint is interrupt type. However in 1577 * USB 1.1 mode endpoint is bulk. Select correct type URB by endpoint 1578 * descriptor. 1579 */ 1580 struct usb_host_endpoint *ep; 1581 unsigned int pipe; 1582 1583 pipe = usb_sndintpipe(udev, EP_REGS_OUT); 1584 ep = usb_pipe_endpoint(udev, pipe); 1585 if (!ep) 1586 return -EINVAL; 1587 1588 if (usb_endpoint_xfer_int(&ep->desc)) { 1589 return usb_interrupt_msg(udev, pipe, data, len, 1590 actual_length, timeout); 1591 } else { 1592 pipe = usb_sndbulkpipe(udev, EP_REGS_OUT); 1593 return usb_bulk_msg(udev, pipe, data, len, actual_length, 1594 timeout); 1595 } 1596 } 1597 prepare_read_regs_int(struct zd_usb * usb,struct usb_req_read_regs * req,unsigned int count)1598 static void prepare_read_regs_int(struct zd_usb *usb, 1599 struct usb_req_read_regs *req, 1600 unsigned int count) 1601 { 1602 struct zd_usb_interrupt *intr = &usb->intr; 1603 1604 spin_lock_irq(&intr->lock); 1605 atomic_set(&intr->read_regs_enabled, 1); 1606 intr->read_regs.req = req; 1607 intr->read_regs.req_count = count; 1608 reinit_completion(&intr->read_regs.completion); 1609 spin_unlock_irq(&intr->lock); 1610 } 1611 disable_read_regs_int(struct zd_usb * usb)1612 static void disable_read_regs_int(struct zd_usb *usb) 1613 { 1614 struct zd_usb_interrupt *intr = &usb->intr; 1615 1616 spin_lock_irq(&intr->lock); 1617 atomic_set(&intr->read_regs_enabled, 0); 1618 spin_unlock_irq(&intr->lock); 1619 } 1620 check_read_regs(struct zd_usb * usb,struct usb_req_read_regs * req,unsigned int count)1621 static bool check_read_regs(struct zd_usb *usb, struct usb_req_read_regs *req, 1622 unsigned int count) 1623 { 1624 int i; 1625 struct zd_usb_interrupt *intr = &usb->intr; 1626 struct read_regs_int *rr = &intr->read_regs; 1627 struct usb_int_regs *regs = (struct usb_int_regs *)rr->buffer; 1628 1629 /* The created block size seems to be larger than expected. 1630 * However results appear to be correct. 1631 */ 1632 if (rr->length < struct_size(regs, regs, count)) { 1633 dev_dbg_f(zd_usb_dev(usb), 1634 "error: actual length %d less than expected %zu\n", 1635 rr->length, struct_size(regs, regs, count)); 1636 return false; 1637 } 1638 1639 if (rr->length > sizeof(rr->buffer)) { 1640 dev_dbg_f(zd_usb_dev(usb), 1641 "error: actual length %d exceeds buffer size %zu\n", 1642 rr->length, sizeof(rr->buffer)); 1643 return false; 1644 } 1645 1646 for (i = 0; i < count; i++) { 1647 struct reg_data *rd = ®s->regs[i]; 1648 if (rd->addr != req->addr[i]) { 1649 dev_dbg_f(zd_usb_dev(usb), 1650 "rd[%d] addr %#06hx expected %#06hx\n", i, 1651 le16_to_cpu(rd->addr), 1652 le16_to_cpu(req->addr[i])); 1653 return false; 1654 } 1655 } 1656 1657 return true; 1658 } 1659 get_results(struct zd_usb * usb,u16 * values,struct usb_req_read_regs * req,unsigned int count,bool * retry)1660 static int get_results(struct zd_usb *usb, u16 *values, 1661 struct usb_req_read_regs *req, unsigned int count, 1662 bool *retry) 1663 { 1664 int r; 1665 int i; 1666 struct zd_usb_interrupt *intr = &usb->intr; 1667 struct read_regs_int *rr = &intr->read_regs; 1668 struct usb_int_regs *regs = (struct usb_int_regs *)rr->buffer; 1669 1670 spin_lock_irq(&intr->lock); 1671 1672 r = -EIO; 1673 1674 /* Read failed because firmware bug? */ 1675 *retry = !!intr->read_regs_int_overridden; 1676 if (*retry) 1677 goto error_unlock; 1678 1679 if (!check_read_regs(usb, req, count)) { 1680 dev_dbg_f(zd_usb_dev(usb), "error: invalid read regs\n"); 1681 goto error_unlock; 1682 } 1683 1684 for (i = 0; i < count; i++) { 1685 struct reg_data *rd = ®s->regs[i]; 1686 values[i] = le16_to_cpu(rd->value); 1687 } 1688 1689 r = 0; 1690 error_unlock: 1691 spin_unlock_irq(&intr->lock); 1692 return r; 1693 } 1694 zd_usb_ioread16v(struct zd_usb * usb,u16 * values,const zd_addr_t * addresses,unsigned int count)1695 int zd_usb_ioread16v(struct zd_usb *usb, u16 *values, 1696 const zd_addr_t *addresses, unsigned int count) 1697 { 1698 int r, i, req_len, actual_req_len, try_count = 0; 1699 struct usb_device *udev; 1700 struct usb_req_read_regs *req = NULL; 1701 unsigned long time_left; 1702 bool retry = false; 1703 1704 if (count < 1) { 1705 dev_dbg_f(zd_usb_dev(usb), "error: count is zero\n"); 1706 return -EINVAL; 1707 } 1708 if (count > USB_MAX_IOREAD16_COUNT) { 1709 dev_dbg_f(zd_usb_dev(usb), 1710 "error: count %u exceeds possible max %u\n", 1711 count, USB_MAX_IOREAD16_COUNT); 1712 return -EINVAL; 1713 } 1714 if (!usb_int_enabled(usb)) { 1715 dev_dbg_f(zd_usb_dev(usb), 1716 "error: usb interrupt not enabled\n"); 1717 return -EWOULDBLOCK; 1718 } 1719 1720 ZD_ASSERT(mutex_is_locked(&zd_usb_to_chip(usb)->mutex)); 1721 BUILD_BUG_ON(sizeof(struct usb_req_read_regs) + USB_MAX_IOREAD16_COUNT * 1722 sizeof(__le16) > sizeof(usb->req_buf)); 1723 BUG_ON(sizeof(struct usb_req_read_regs) + count * sizeof(__le16) > 1724 sizeof(usb->req_buf)); 1725 1726 req_len = sizeof(struct usb_req_read_regs) + count * sizeof(__le16); 1727 req = (void *)usb->req_buf; 1728 1729 req->id = cpu_to_le16(USB_REQ_READ_REGS); 1730 for (i = 0; i < count; i++) 1731 req->addr[i] = cpu_to_le16((u16)addresses[i]); 1732 1733 retry_read: 1734 try_count++; 1735 udev = zd_usb_to_usbdev(usb); 1736 prepare_read_regs_int(usb, req, count); 1737 r = zd_ep_regs_out_msg(udev, req, req_len, &actual_req_len, 50 /*ms*/); 1738 if (r) { 1739 dev_dbg_f(zd_usb_dev(usb), 1740 "error in zd_ep_regs_out_msg(). Error number %d\n", r); 1741 goto error; 1742 } 1743 if (req_len != actual_req_len) { 1744 dev_dbg_f(zd_usb_dev(usb), "error in zd_ep_regs_out_msg()\n" 1745 " req_len %d != actual_req_len %d\n", 1746 req_len, actual_req_len); 1747 r = -EIO; 1748 goto error; 1749 } 1750 1751 time_left = wait_for_completion_timeout(&usb->intr.read_regs.completion, 1752 msecs_to_jiffies(50)); 1753 if (!time_left) { 1754 disable_read_regs_int(usb); 1755 dev_dbg_f(zd_usb_dev(usb), "read timed out\n"); 1756 r = -ETIMEDOUT; 1757 goto error; 1758 } 1759 1760 r = get_results(usb, values, req, count, &retry); 1761 if (retry && try_count < 20) { 1762 dev_dbg_f(zd_usb_dev(usb), "read retry, tries so far: %d\n", 1763 try_count); 1764 goto retry_read; 1765 } 1766 error: 1767 return r; 1768 } 1769 iowrite16v_urb_complete(struct urb * urb)1770 static void iowrite16v_urb_complete(struct urb *urb) 1771 { 1772 struct zd_usb *usb = urb->context; 1773 1774 if (urb->status && !usb->cmd_error) 1775 usb->cmd_error = urb->status; 1776 1777 if (!usb->cmd_error && 1778 urb->actual_length != urb->transfer_buffer_length) 1779 usb->cmd_error = -EIO; 1780 } 1781 zd_submit_waiting_urb(struct zd_usb * usb,bool last)1782 static int zd_submit_waiting_urb(struct zd_usb *usb, bool last) 1783 { 1784 int r = 0; 1785 struct urb *urb = usb->urb_async_waiting; 1786 1787 if (!urb) 1788 return 0; 1789 1790 usb->urb_async_waiting = NULL; 1791 1792 if (!last) 1793 urb->transfer_flags |= URB_NO_INTERRUPT; 1794 1795 usb_anchor_urb(urb, &usb->submitted_cmds); 1796 r = usb_submit_urb(urb, GFP_KERNEL); 1797 if (r) { 1798 usb_unanchor_urb(urb); 1799 dev_dbg_f(zd_usb_dev(usb), 1800 "error in usb_submit_urb(). Error number %d\n", r); 1801 goto error; 1802 } 1803 1804 /* fall-through with r == 0 */ 1805 error: 1806 usb_free_urb(urb); 1807 return r; 1808 } 1809 zd_usb_iowrite16v_async_start(struct zd_usb * usb)1810 void zd_usb_iowrite16v_async_start(struct zd_usb *usb) 1811 { 1812 ZD_ASSERT(usb_anchor_empty(&usb->submitted_cmds)); 1813 ZD_ASSERT(usb->urb_async_waiting == NULL); 1814 ZD_ASSERT(!usb->in_async); 1815 1816 ZD_ASSERT(mutex_is_locked(&zd_usb_to_chip(usb)->mutex)); 1817 1818 usb->in_async = 1; 1819 usb->cmd_error = 0; 1820 usb->urb_async_waiting = NULL; 1821 } 1822 zd_usb_iowrite16v_async_end(struct zd_usb * usb,unsigned int timeout)1823 int zd_usb_iowrite16v_async_end(struct zd_usb *usb, unsigned int timeout) 1824 { 1825 int r; 1826 1827 ZD_ASSERT(mutex_is_locked(&zd_usb_to_chip(usb)->mutex)); 1828 ZD_ASSERT(usb->in_async); 1829 1830 /* Submit last iowrite16v URB */ 1831 r = zd_submit_waiting_urb(usb, true); 1832 if (r) { 1833 dev_dbg_f(zd_usb_dev(usb), 1834 "error in zd_submit_waiting_usb(). " 1835 "Error number %d\n", r); 1836 1837 usb_kill_anchored_urbs(&usb->submitted_cmds); 1838 goto error; 1839 } 1840 1841 if (timeout) 1842 timeout = usb_wait_anchor_empty_timeout(&usb->submitted_cmds, 1843 timeout); 1844 if (!timeout) { 1845 usb_kill_anchored_urbs(&usb->submitted_cmds); 1846 if (usb->cmd_error == -ENOENT) { 1847 dev_dbg_f(zd_usb_dev(usb), "timed out"); 1848 r = -ETIMEDOUT; 1849 goto error; 1850 } 1851 } 1852 1853 r = usb->cmd_error; 1854 error: 1855 usb->in_async = 0; 1856 return r; 1857 } 1858 zd_usb_iowrite16v_async(struct zd_usb * usb,const struct zd_ioreq16 * ioreqs,unsigned int count)1859 int zd_usb_iowrite16v_async(struct zd_usb *usb, const struct zd_ioreq16 *ioreqs, 1860 unsigned int count) 1861 { 1862 int r; 1863 struct usb_device *udev; 1864 struct usb_req_write_regs *req = NULL; 1865 int i, req_len; 1866 struct urb *urb; 1867 struct usb_host_endpoint *ep; 1868 1869 ZD_ASSERT(mutex_is_locked(&zd_usb_to_chip(usb)->mutex)); 1870 ZD_ASSERT(usb->in_async); 1871 1872 if (count == 0) 1873 return 0; 1874 if (count > USB_MAX_IOWRITE16_COUNT) { 1875 dev_dbg_f(zd_usb_dev(usb), 1876 "error: count %u exceeds possible max %u\n", 1877 count, USB_MAX_IOWRITE16_COUNT); 1878 return -EINVAL; 1879 } 1880 1881 udev = zd_usb_to_usbdev(usb); 1882 1883 ep = usb_pipe_endpoint(udev, usb_sndintpipe(udev, EP_REGS_OUT)); 1884 if (!ep) 1885 return -ENOENT; 1886 1887 urb = usb_alloc_urb(0, GFP_KERNEL); 1888 if (!urb) 1889 return -ENOMEM; 1890 1891 req_len = struct_size(req, reg_writes, count); 1892 req = kmalloc(req_len, GFP_KERNEL); 1893 if (!req) { 1894 r = -ENOMEM; 1895 goto error; 1896 } 1897 1898 req->id = cpu_to_le16(USB_REQ_WRITE_REGS); 1899 for (i = 0; i < count; i++) { 1900 struct reg_data *rw = &req->reg_writes[i]; 1901 rw->addr = cpu_to_le16((u16)ioreqs[i].addr); 1902 rw->value = cpu_to_le16(ioreqs[i].value); 1903 } 1904 1905 /* In USB 2.0 mode endpoint is interrupt type. However in USB 1.1 mode 1906 * endpoint is bulk. Select correct type URB by endpoint descriptor. 1907 */ 1908 if (usb_endpoint_xfer_int(&ep->desc)) 1909 usb_fill_int_urb(urb, udev, usb_sndintpipe(udev, EP_REGS_OUT), 1910 req, req_len, iowrite16v_urb_complete, usb, 1911 ep->desc.bInterval); 1912 else 1913 usb_fill_bulk_urb(urb, udev, usb_sndbulkpipe(udev, EP_REGS_OUT), 1914 req, req_len, iowrite16v_urb_complete, usb); 1915 1916 urb->transfer_flags |= URB_FREE_BUFFER; 1917 1918 /* Submit previous URB */ 1919 r = zd_submit_waiting_urb(usb, false); 1920 if (r) { 1921 dev_dbg_f(zd_usb_dev(usb), 1922 "error in zd_submit_waiting_usb(). " 1923 "Error number %d\n", r); 1924 goto error; 1925 } 1926 1927 /* Delay submit so that URB_NO_INTERRUPT flag can be set for all URBs 1928 * of currect batch except for very last. 1929 */ 1930 usb->urb_async_waiting = urb; 1931 return 0; 1932 error: 1933 usb_free_urb(urb); 1934 return r; 1935 } 1936 zd_usb_iowrite16v(struct zd_usb * usb,const struct zd_ioreq16 * ioreqs,unsigned int count)1937 int zd_usb_iowrite16v(struct zd_usb *usb, const struct zd_ioreq16 *ioreqs, 1938 unsigned int count) 1939 { 1940 int r; 1941 1942 zd_usb_iowrite16v_async_start(usb); 1943 r = zd_usb_iowrite16v_async(usb, ioreqs, count); 1944 if (r) { 1945 zd_usb_iowrite16v_async_end(usb, 0); 1946 return r; 1947 } 1948 return zd_usb_iowrite16v_async_end(usb, 50 /* ms */); 1949 } 1950 zd_usb_rfwrite(struct zd_usb * usb,u32 value,u8 bits)1951 int zd_usb_rfwrite(struct zd_usb *usb, u32 value, u8 bits) 1952 { 1953 int r; 1954 struct usb_device *udev; 1955 struct usb_req_rfwrite *req = NULL; 1956 int i, req_len, actual_req_len; 1957 u16 bit_value_template; 1958 1959 if (bits < USB_MIN_RFWRITE_BIT_COUNT) { 1960 dev_dbg_f(zd_usb_dev(usb), 1961 "error: bits %d are smaller than" 1962 " USB_MIN_RFWRITE_BIT_COUNT %d\n", 1963 bits, USB_MIN_RFWRITE_BIT_COUNT); 1964 return -EINVAL; 1965 } 1966 if (bits > USB_MAX_RFWRITE_BIT_COUNT) { 1967 dev_dbg_f(zd_usb_dev(usb), 1968 "error: bits %d exceed USB_MAX_RFWRITE_BIT_COUNT %d\n", 1969 bits, USB_MAX_RFWRITE_BIT_COUNT); 1970 return -EINVAL; 1971 } 1972 #ifdef DEBUG 1973 if (value & (~0UL << bits)) { 1974 dev_dbg_f(zd_usb_dev(usb), 1975 "error: value %#09x has bits >= %d set\n", 1976 value, bits); 1977 return -EINVAL; 1978 } 1979 #endif /* DEBUG */ 1980 1981 dev_dbg_f(zd_usb_dev(usb), "value %#09x bits %d\n", value, bits); 1982 1983 r = zd_usb_ioread16(usb, &bit_value_template, ZD_CR203); 1984 if (r) { 1985 dev_dbg_f(zd_usb_dev(usb), 1986 "error %d: Couldn't read ZD_CR203\n", r); 1987 return r; 1988 } 1989 bit_value_template &= ~(RF_IF_LE|RF_CLK|RF_DATA); 1990 1991 ZD_ASSERT(mutex_is_locked(&zd_usb_to_chip(usb)->mutex)); 1992 BUILD_BUG_ON(sizeof(struct usb_req_rfwrite) + 1993 USB_MAX_RFWRITE_BIT_COUNT * sizeof(__le16) > 1994 sizeof(usb->req_buf)); 1995 BUG_ON(sizeof(struct usb_req_rfwrite) + bits * sizeof(__le16) > 1996 sizeof(usb->req_buf)); 1997 1998 req_len = sizeof(struct usb_req_rfwrite) + bits * sizeof(__le16); 1999 req = (void *)usb->req_buf; 2000 2001 req->id = cpu_to_le16(USB_REQ_WRITE_RF); 2002 /* 1: 3683a, but not used in ZYDAS driver */ 2003 req->value = cpu_to_le16(2); 2004 req->bits = cpu_to_le16(bits); 2005 2006 for (i = 0; i < bits; i++) { 2007 u16 bv = bit_value_template; 2008 if (value & (1 << (bits-1-i))) 2009 bv |= RF_DATA; 2010 req->bit_values[i] = cpu_to_le16(bv); 2011 } 2012 2013 udev = zd_usb_to_usbdev(usb); 2014 r = zd_ep_regs_out_msg(udev, req, req_len, &actual_req_len, 50 /*ms*/); 2015 if (r) { 2016 dev_dbg_f(zd_usb_dev(usb), 2017 "error in zd_ep_regs_out_msg(). Error number %d\n", r); 2018 goto out; 2019 } 2020 if (req_len != actual_req_len) { 2021 dev_dbg_f(zd_usb_dev(usb), "error in zd_ep_regs_out_msg()" 2022 " req_len %d != actual_req_len %d\n", 2023 req_len, actual_req_len); 2024 r = -EIO; 2025 goto out; 2026 } 2027 2028 /* FALL-THROUGH with r == 0 */ 2029 out: 2030 return r; 2031 } 2032