1 /* 2 * Copyright (c) 2007-2011 Atheros Communications Inc. 3 * 4 * Permission to use, copy, modify, and/or distribute this software for any 5 * purpose with or without fee is hereby granted, provided that the above 6 * copyright notice and this permission notice appear in all copies. 7 * 8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 15 */ 16 17 #include "core.h" 18 #include "debug.h" 19 #include "hif-ops.h" 20 21 #define HTC_PACKET_CONTAINER_ALLOCATION 32 22 #define HTC_CONTROL_BUFFER_SIZE (HTC_MAX_CTRL_MSG_LEN + HTC_HDR_LENGTH) 23 24 static int ath6kl_htc_pipe_tx(struct htc_target *handle, 25 struct htc_packet *packet); 26 static void ath6kl_htc_pipe_cleanup(struct htc_target *handle); 27 28 /* htc pipe tx path */ 29 static inline void restore_tx_packet(struct htc_packet *packet) 30 { 31 if (packet->info.tx.flags & HTC_FLAGS_TX_FIXUP_NETBUF) { 32 skb_pull(packet->skb, sizeof(struct htc_frame_hdr)); 33 packet->info.tx.flags &= ~HTC_FLAGS_TX_FIXUP_NETBUF; 34 } 35 } 36 37 static void do_send_completion(struct htc_endpoint *ep, 38 struct list_head *queue_to_indicate) 39 { 40 struct htc_packet *packet; 41 42 if (list_empty(queue_to_indicate)) { 43 /* nothing to indicate */ 44 return; 45 } 46 47 if (ep->ep_cb.tx_comp_multi != NULL) { 48 ath6kl_dbg(ATH6KL_DBG_HTC, 49 "%s: calling ep %d, send complete multiple callback (%d pkts)\n", 50 __func__, ep->eid, 51 get_queue_depth(queue_to_indicate)); 52 /* 53 * a multiple send complete handler is being used, 54 * pass the queue to the handler 55 */ 56 ep->ep_cb.tx_comp_multi(ep->target, queue_to_indicate); 57 /* 58 * all packets are now owned by the callback, 59 * reset queue to be safe 60 */ 61 INIT_LIST_HEAD(queue_to_indicate); 62 } else { 63 /* using legacy EpTxComplete */ 64 do { 65 packet = list_first_entry(queue_to_indicate, 66 struct htc_packet, list); 67 68 list_del(&packet->list); 69 ath6kl_dbg(ATH6KL_DBG_HTC, 70 "%s: calling ep %d send complete callback on packet 0x%p\n", 71 __func__, ep->eid, packet); 72 ep->ep_cb.tx_complete(ep->target, packet); 73 } while (!list_empty(queue_to_indicate)); 74 } 75 } 76 77 static void send_packet_completion(struct htc_target *target, 78 struct htc_packet *packet) 79 { 80 struct htc_endpoint *ep = &target->endpoint[packet->endpoint]; 81 struct list_head container; 82 83 restore_tx_packet(packet); 84 INIT_LIST_HEAD(&container); 85 list_add_tail(&packet->list, &container); 86 87 /* do completion */ 88 do_send_completion(ep, &container); 89 } 90 91 static void get_htc_packet_credit_based(struct htc_target *target, 92 struct htc_endpoint *ep, 93 struct list_head *queue) 94 { 95 int credits_required; 96 int remainder; 97 u8 send_flags; 98 struct htc_packet *packet; 99 unsigned int transfer_len; 100 101 /* NOTE : the TX lock is held when this function is called */ 102 103 /* loop until we can grab as many packets out of the queue as we can */ 104 while (true) { 105 send_flags = 0; 106 if (list_empty(&ep->txq)) 107 break; 108 109 /* get packet at head, but don't remove it */ 110 packet = list_first_entry(&ep->txq, struct htc_packet, list); 111 112 ath6kl_dbg(ATH6KL_DBG_HTC, 113 "%s: got head packet:0x%p , queue depth: %d\n", 114 __func__, packet, get_queue_depth(&ep->txq)); 115 116 transfer_len = packet->act_len + HTC_HDR_LENGTH; 117 118 if (transfer_len <= target->tgt_cred_sz) { 119 credits_required = 1; 120 } else { 121 /* figure out how many credits this message requires */ 122 credits_required = transfer_len / target->tgt_cred_sz; 123 remainder = transfer_len % target->tgt_cred_sz; 124 125 if (remainder) 126 credits_required++; 127 } 128 129 ath6kl_dbg(ATH6KL_DBG_HTC, "%s: creds required:%d got:%d\n", 130 __func__, credits_required, ep->cred_dist.credits); 131 132 if (ep->eid == ENDPOINT_0) { 133 /* 134 * endpoint 0 is special, it always has a credit and 135 * does not require credit based flow control 136 */ 137 credits_required = 0; 138 139 } else { 140 141 if (ep->cred_dist.credits < credits_required) 142 break; 143 144 ep->cred_dist.credits -= credits_required; 145 ep->ep_st.cred_cosumd += credits_required; 146 147 /* check if we need credits back from the target */ 148 if (ep->cred_dist.credits < 149 ep->cred_dist.cred_per_msg) { 150 /* tell the target we need credits ASAP! */ 151 send_flags |= HTC_FLAGS_NEED_CREDIT_UPDATE; 152 ep->ep_st.cred_low_indicate += 1; 153 ath6kl_dbg(ATH6KL_DBG_HTC, 154 "%s: host needs credits\n", 155 __func__); 156 } 157 } 158 159 /* now we can fully dequeue */ 160 packet = list_first_entry(&ep->txq, struct htc_packet, list); 161 162 list_del(&packet->list); 163 /* save the number of credits this packet consumed */ 164 packet->info.tx.cred_used = credits_required; 165 /* save send flags */ 166 packet->info.tx.flags = send_flags; 167 packet->info.tx.seqno = ep->seqno; 168 ep->seqno++; 169 /* queue this packet into the caller's queue */ 170 list_add_tail(&packet->list, queue); 171 } 172 173 } 174 175 static void get_htc_packet(struct htc_target *target, 176 struct htc_endpoint *ep, 177 struct list_head *queue, int resources) 178 { 179 struct htc_packet *packet; 180 181 /* NOTE : the TX lock is held when this function is called */ 182 183 /* loop until we can grab as many packets out of the queue as we can */ 184 while (resources) { 185 if (list_empty(&ep->txq)) 186 break; 187 188 packet = list_first_entry(&ep->txq, struct htc_packet, list); 189 list_del(&packet->list); 190 191 ath6kl_dbg(ATH6KL_DBG_HTC, 192 "%s: got packet:0x%p , new queue depth: %d\n", 193 __func__, packet, get_queue_depth(&ep->txq)); 194 packet->info.tx.seqno = ep->seqno; 195 packet->info.tx.flags = 0; 196 packet->info.tx.cred_used = 0; 197 ep->seqno++; 198 199 /* queue this packet into the caller's queue */ 200 list_add_tail(&packet->list, queue); 201 resources--; 202 } 203 } 204 205 static int htc_issue_packets(struct htc_target *target, 206 struct htc_endpoint *ep, 207 struct list_head *pkt_queue) 208 { 209 int status = 0; 210 u16 payload_len; 211 struct sk_buff *skb; 212 struct htc_frame_hdr *htc_hdr; 213 struct htc_packet *packet; 214 215 ath6kl_dbg(ATH6KL_DBG_HTC, 216 "%s: queue: 0x%p, pkts %d\n", __func__, 217 pkt_queue, get_queue_depth(pkt_queue)); 218 219 while (!list_empty(pkt_queue)) { 220 packet = list_first_entry(pkt_queue, struct htc_packet, list); 221 list_del(&packet->list); 222 223 skb = packet->skb; 224 if (!skb) { 225 WARN_ON_ONCE(1); 226 status = -EINVAL; 227 break; 228 } 229 230 payload_len = packet->act_len; 231 232 /* setup HTC frame header */ 233 htc_hdr = (struct htc_frame_hdr *) skb_push(skb, 234 sizeof(*htc_hdr)); 235 if (!htc_hdr) { 236 WARN_ON_ONCE(1); 237 status = -EINVAL; 238 break; 239 } 240 241 packet->info.tx.flags |= HTC_FLAGS_TX_FIXUP_NETBUF; 242 243 /* Endianess? */ 244 put_unaligned((u16) payload_len, &htc_hdr->payld_len); 245 htc_hdr->flags = packet->info.tx.flags; 246 htc_hdr->eid = (u8) packet->endpoint; 247 htc_hdr->ctrl[0] = 0; 248 htc_hdr->ctrl[1] = (u8) packet->info.tx.seqno; 249 250 spin_lock_bh(&target->tx_lock); 251 252 /* store in look up queue to match completions */ 253 list_add_tail(&packet->list, &ep->pipe.tx_lookup_queue); 254 ep->ep_st.tx_issued += 1; 255 spin_unlock_bh(&target->tx_lock); 256 257 status = ath6kl_hif_pipe_send(target->dev->ar, 258 ep->pipe.pipeid_ul, NULL, skb); 259 260 if (status != 0) { 261 if (status != -ENOMEM) { 262 /* TODO: if more than 1 endpoint maps to the 263 * same PipeID, it is possible to run out of 264 * resources in the HIF layer. 265 * Don't emit the error 266 */ 267 ath6kl_dbg(ATH6KL_DBG_HTC, 268 "%s: failed status:%d\n", 269 __func__, status); 270 } 271 spin_lock_bh(&target->tx_lock); 272 list_del(&packet->list); 273 274 /* reclaim credits */ 275 ep->cred_dist.credits += packet->info.tx.cred_used; 276 spin_unlock_bh(&target->tx_lock); 277 278 /* put it back into the callers queue */ 279 list_add(&packet->list, pkt_queue); 280 break; 281 } 282 283 } 284 285 if (status != 0) { 286 while (!list_empty(pkt_queue)) { 287 if (status != -ENOMEM) { 288 ath6kl_dbg(ATH6KL_DBG_HTC, 289 "%s: failed pkt:0x%p status:%d\n", 290 __func__, packet, status); 291 } 292 293 packet = list_first_entry(pkt_queue, 294 struct htc_packet, list); 295 list_del(&packet->list); 296 packet->status = status; 297 send_packet_completion(target, packet); 298 } 299 } 300 301 return status; 302 } 303 304 static enum htc_send_queue_result htc_try_send(struct htc_target *target, 305 struct htc_endpoint *ep, 306 struct list_head *txq) 307 { 308 struct list_head send_queue; /* temp queue to hold packets */ 309 struct htc_packet *packet, *tmp_pkt; 310 struct ath6kl *ar = target->dev->ar; 311 enum htc_send_full_action action; 312 int tx_resources, overflow, txqueue_depth, i, good_pkts; 313 u8 pipeid; 314 315 ath6kl_dbg(ATH6KL_DBG_HTC, "%s: (queue:0x%p depth:%d)\n", 316 __func__, txq, 317 (txq == NULL) ? 0 : get_queue_depth(txq)); 318 319 /* init the local send queue */ 320 INIT_LIST_HEAD(&send_queue); 321 322 /* 323 * txq equals to NULL means 324 * caller didn't provide a queue, just wants us to 325 * check queues and send 326 */ 327 if (txq != NULL) { 328 if (list_empty(txq)) { 329 /* empty queue */ 330 return HTC_SEND_QUEUE_DROP; 331 } 332 333 spin_lock_bh(&target->tx_lock); 334 txqueue_depth = get_queue_depth(&ep->txq); 335 spin_unlock_bh(&target->tx_lock); 336 337 if (txqueue_depth >= ep->max_txq_depth) { 338 /* we've already overflowed */ 339 overflow = get_queue_depth(txq); 340 } else { 341 /* get how much we will overflow by */ 342 overflow = txqueue_depth; 343 overflow += get_queue_depth(txq); 344 /* get how much we will overflow the TX queue by */ 345 overflow -= ep->max_txq_depth; 346 } 347 348 /* if overflow is negative or zero, we are okay */ 349 if (overflow > 0) { 350 ath6kl_dbg(ATH6KL_DBG_HTC, 351 "%s: Endpoint %d, TX queue will overflow :%d, Tx Depth:%d, Max:%d\n", 352 __func__, ep->eid, overflow, txqueue_depth, 353 ep->max_txq_depth); 354 } 355 if ((overflow <= 0) || 356 (ep->ep_cb.tx_full == NULL)) { 357 /* 358 * all packets will fit or caller did not provide send 359 * full indication handler -- just move all of them 360 * to the local send_queue object 361 */ 362 list_splice_tail_init(txq, &send_queue); 363 } else { 364 good_pkts = get_queue_depth(txq) - overflow; 365 if (good_pkts < 0) { 366 WARN_ON_ONCE(1); 367 return HTC_SEND_QUEUE_DROP; 368 } 369 370 /* we have overflowed, and a callback is provided */ 371 /* dequeue all non-overflow packets to the sendqueue */ 372 for (i = 0; i < good_pkts; i++) { 373 /* pop off caller's queue */ 374 packet = list_first_entry(txq, 375 struct htc_packet, 376 list); 377 /* move to local queue */ 378 list_move_tail(&packet->list, &send_queue); 379 } 380 381 /* 382 * the caller's queue has all the packets that won't fit 383 * walk through the caller's queue and indicate each to 384 * the send full handler 385 */ 386 list_for_each_entry_safe(packet, tmp_pkt, 387 txq, list) { 388 389 ath6kl_dbg(ATH6KL_DBG_HTC, 390 "%s: Indicat overflowed TX pkts: %p\n", 391 __func__, packet); 392 action = ep->ep_cb.tx_full(ep->target, packet); 393 if (action == HTC_SEND_FULL_DROP) { 394 /* callback wants the packet dropped */ 395 ep->ep_st.tx_dropped += 1; 396 397 /* leave this one in the caller's queue 398 * for cleanup */ 399 } else { 400 /* callback wants to keep this packet, 401 * move from caller's queue to the send 402 * queue */ 403 list_move_tail(&packet->list, 404 &send_queue); 405 } 406 407 } 408 409 if (list_empty(&send_queue)) { 410 /* no packets made it in, caller will cleanup */ 411 return HTC_SEND_QUEUE_DROP; 412 } 413 } 414 } 415 416 if (!ep->pipe.tx_credit_flow_enabled) { 417 tx_resources = 418 ath6kl_hif_pipe_get_free_queue_number(ar, 419 ep->pipe.pipeid_ul); 420 } else { 421 tx_resources = 0; 422 } 423 424 spin_lock_bh(&target->tx_lock); 425 if (!list_empty(&send_queue)) { 426 /* transfer packets to tail */ 427 list_splice_tail_init(&send_queue, &ep->txq); 428 if (!list_empty(&send_queue)) { 429 WARN_ON_ONCE(1); 430 spin_unlock_bh(&target->tx_lock); 431 return HTC_SEND_QUEUE_DROP; 432 } 433 INIT_LIST_HEAD(&send_queue); 434 } 435 436 /* increment tx processing count on entry */ 437 ep->tx_proc_cnt++; 438 439 if (ep->tx_proc_cnt > 1) { 440 /* 441 * Another thread or task is draining the TX queues on this 442 * endpoint that thread will reset the tx processing count 443 * when the queue is drained. 444 */ 445 ep->tx_proc_cnt--; 446 spin_unlock_bh(&target->tx_lock); 447 return HTC_SEND_QUEUE_OK; 448 } 449 450 /***** beyond this point only 1 thread may enter ******/ 451 452 /* 453 * Now drain the endpoint TX queue for transmission as long as we have 454 * enough transmit resources. 455 */ 456 while (true) { 457 458 if (get_queue_depth(&ep->txq) == 0) 459 break; 460 461 if (ep->pipe.tx_credit_flow_enabled) { 462 /* 463 * Credit based mechanism provides flow control 464 * based on target transmit resource availability, 465 * we assume that the HIF layer will always have 466 * bus resources greater than target transmit 467 * resources. 468 */ 469 get_htc_packet_credit_based(target, ep, &send_queue); 470 } else { 471 /* 472 * Get all packets for this endpoint that we can 473 * for this pass. 474 */ 475 get_htc_packet(target, ep, &send_queue, tx_resources); 476 } 477 478 if (get_queue_depth(&send_queue) == 0) { 479 /* 480 * Didn't get packets due to out of resources or TX 481 * queue was drained. 482 */ 483 break; 484 } 485 486 spin_unlock_bh(&target->tx_lock); 487 488 /* send what we can */ 489 htc_issue_packets(target, ep, &send_queue); 490 491 if (!ep->pipe.tx_credit_flow_enabled) { 492 pipeid = ep->pipe.pipeid_ul; 493 tx_resources = 494 ath6kl_hif_pipe_get_free_queue_number(ar, pipeid); 495 } 496 497 spin_lock_bh(&target->tx_lock); 498 499 } 500 /* done with this endpoint, we can clear the count */ 501 ep->tx_proc_cnt = 0; 502 spin_unlock_bh(&target->tx_lock); 503 504 return HTC_SEND_QUEUE_OK; 505 } 506 507 /* htc control packet manipulation */ 508 static void destroy_htc_txctrl_packet(struct htc_packet *packet) 509 { 510 struct sk_buff *skb; 511 skb = packet->skb; 512 dev_kfree_skb(skb); 513 kfree(packet); 514 } 515 516 static struct htc_packet *build_htc_txctrl_packet(void) 517 { 518 struct htc_packet *packet = NULL; 519 struct sk_buff *skb; 520 521 packet = kzalloc(sizeof(struct htc_packet), GFP_KERNEL); 522 if (packet == NULL) 523 return NULL; 524 525 skb = __dev_alloc_skb(HTC_CONTROL_BUFFER_SIZE, GFP_KERNEL); 526 527 if (skb == NULL) { 528 kfree(packet); 529 return NULL; 530 } 531 packet->skb = skb; 532 533 return packet; 534 } 535 536 static void htc_free_txctrl_packet(struct htc_target *target, 537 struct htc_packet *packet) 538 { 539 destroy_htc_txctrl_packet(packet); 540 } 541 542 static struct htc_packet *htc_alloc_txctrl_packet(struct htc_target *target) 543 { 544 return build_htc_txctrl_packet(); 545 } 546 547 static void htc_txctrl_complete(struct htc_target *target, 548 struct htc_packet *packet) 549 { 550 htc_free_txctrl_packet(target, packet); 551 } 552 553 #define MAX_MESSAGE_SIZE 1536 554 555 static int htc_setup_target_buffer_assignments(struct htc_target *target) 556 { 557 int status, credits, credit_per_maxmsg, i; 558 struct htc_pipe_txcredit_alloc *entry; 559 unsigned int hif_usbaudioclass = 0; 560 561 credit_per_maxmsg = MAX_MESSAGE_SIZE / target->tgt_cred_sz; 562 if (MAX_MESSAGE_SIZE % target->tgt_cred_sz) 563 credit_per_maxmsg++; 564 565 /* TODO, this should be configured by the caller! */ 566 567 credits = target->tgt_creds; 568 entry = &target->pipe.txcredit_alloc[0]; 569 570 status = -ENOMEM; 571 572 /* FIXME: hif_usbaudioclass is always zero */ 573 if (hif_usbaudioclass) { 574 ath6kl_dbg(ATH6KL_DBG_HTC, 575 "%s: For USB Audio Class- Total:%d\n", 576 __func__, credits); 577 entry++; 578 entry++; 579 /* Setup VO Service To have Max Credits */ 580 entry->service_id = WMI_DATA_VO_SVC; 581 entry->credit_alloc = (credits - 6); 582 if (entry->credit_alloc == 0) 583 entry->credit_alloc++; 584 585 credits -= (int) entry->credit_alloc; 586 if (credits <= 0) 587 return status; 588 589 entry++; 590 entry->service_id = WMI_CONTROL_SVC; 591 entry->credit_alloc = credit_per_maxmsg; 592 credits -= (int) entry->credit_alloc; 593 if (credits <= 0) 594 return status; 595 596 /* leftovers go to best effort */ 597 entry++; 598 entry++; 599 entry->service_id = WMI_DATA_BE_SVC; 600 entry->credit_alloc = (u8) credits; 601 status = 0; 602 } else { 603 entry++; 604 entry->service_id = WMI_DATA_VI_SVC; 605 entry->credit_alloc = credits / 4; 606 if (entry->credit_alloc == 0) 607 entry->credit_alloc++; 608 609 credits -= (int) entry->credit_alloc; 610 if (credits <= 0) 611 return status; 612 613 entry++; 614 entry->service_id = WMI_DATA_VO_SVC; 615 entry->credit_alloc = credits / 4; 616 if (entry->credit_alloc == 0) 617 entry->credit_alloc++; 618 619 credits -= (int) entry->credit_alloc; 620 if (credits <= 0) 621 return status; 622 623 entry++; 624 entry->service_id = WMI_CONTROL_SVC; 625 entry->credit_alloc = credit_per_maxmsg; 626 credits -= (int) entry->credit_alloc; 627 if (credits <= 0) 628 return status; 629 630 entry++; 631 entry->service_id = WMI_DATA_BK_SVC; 632 entry->credit_alloc = credit_per_maxmsg; 633 credits -= (int) entry->credit_alloc; 634 if (credits <= 0) 635 return status; 636 637 /* leftovers go to best effort */ 638 entry++; 639 entry->service_id = WMI_DATA_BE_SVC; 640 entry->credit_alloc = (u8) credits; 641 status = 0; 642 } 643 644 if (status == 0) { 645 for (i = 0; i < ENDPOINT_MAX; i++) { 646 if (target->pipe.txcredit_alloc[i].service_id != 0) { 647 ath6kl_dbg(ATH6KL_DBG_HTC, 648 "HTC Service Index : %d TX : 0x%2.2X : alloc:%d\n", 649 i, 650 target->pipe.txcredit_alloc[i]. 651 service_id, 652 target->pipe.txcredit_alloc[i]. 653 credit_alloc); 654 } 655 } 656 } 657 return status; 658 } 659 660 /* process credit reports and call distribution function */ 661 static void htc_process_credit_report(struct htc_target *target, 662 struct htc_credit_report *rpt, 663 int num_entries, 664 enum htc_endpoint_id from_ep) 665 { 666 int total_credits = 0, i; 667 struct htc_endpoint *ep; 668 669 /* lock out TX while we update credits */ 670 spin_lock_bh(&target->tx_lock); 671 672 for (i = 0; i < num_entries; i++, rpt++) { 673 if (rpt->eid >= ENDPOINT_MAX) { 674 WARN_ON_ONCE(1); 675 spin_unlock_bh(&target->tx_lock); 676 return; 677 } 678 679 ep = &target->endpoint[rpt->eid]; 680 ep->cred_dist.credits += rpt->credits; 681 682 if (ep->cred_dist.credits && get_queue_depth(&ep->txq)) { 683 spin_unlock_bh(&target->tx_lock); 684 htc_try_send(target, ep, NULL); 685 spin_lock_bh(&target->tx_lock); 686 } 687 688 total_credits += rpt->credits; 689 } 690 ath6kl_dbg(ATH6KL_DBG_HTC, 691 "Report indicated %d credits to distribute\n", 692 total_credits); 693 694 spin_unlock_bh(&target->tx_lock); 695 } 696 697 /* flush endpoint TX queue */ 698 static void htc_flush_tx_endpoint(struct htc_target *target, 699 struct htc_endpoint *ep, u16 tag) 700 { 701 struct htc_packet *packet; 702 703 spin_lock_bh(&target->tx_lock); 704 while (get_queue_depth(&ep->txq)) { 705 packet = list_first_entry(&ep->txq, struct htc_packet, list); 706 list_del(&packet->list); 707 packet->status = 0; 708 send_packet_completion(target, packet); 709 } 710 spin_unlock_bh(&target->tx_lock); 711 } 712 713 /* 714 * In the adapted HIF layer, struct sk_buff * are passed between HIF and HTC, 715 * since upper layers expects struct htc_packet containers we use the completed 716 * skb and lookup it's corresponding HTC packet buffer from a lookup list. 717 * This is extra overhead that can be fixed by re-aligning HIF interfaces with 718 * HTC. 719 */ 720 static struct htc_packet *htc_lookup_tx_packet(struct htc_target *target, 721 struct htc_endpoint *ep, 722 struct sk_buff *skb) 723 { 724 struct htc_packet *packet, *tmp_pkt, *found_packet = NULL; 725 726 spin_lock_bh(&target->tx_lock); 727 728 /* 729 * interate from the front of tx lookup queue 730 * this lookup should be fast since lower layers completes in-order and 731 * so the completed packet should be at the head of the list generally 732 */ 733 list_for_each_entry_safe(packet, tmp_pkt, &ep->pipe.tx_lookup_queue, 734 list) { 735 /* check for removal */ 736 if (skb == packet->skb) { 737 /* found it */ 738 list_del(&packet->list); 739 found_packet = packet; 740 break; 741 } 742 } 743 744 spin_unlock_bh(&target->tx_lock); 745 746 return found_packet; 747 } 748 749 static int ath6kl_htc_pipe_tx_complete(struct ath6kl *ar, struct sk_buff *skb) 750 { 751 struct htc_target *target = ar->htc_target; 752 struct htc_frame_hdr *htc_hdr; 753 struct htc_endpoint *ep; 754 struct htc_packet *packet; 755 u8 ep_id, *netdata; 756 u32 netlen; 757 758 netdata = skb->data; 759 netlen = skb->len; 760 761 htc_hdr = (struct htc_frame_hdr *) netdata; 762 763 ep_id = htc_hdr->eid; 764 ep = &target->endpoint[ep_id]; 765 766 packet = htc_lookup_tx_packet(target, ep, skb); 767 if (packet == NULL) { 768 /* may have already been flushed and freed */ 769 ath6kl_err("HTC TX lookup failed!\n"); 770 } else { 771 /* will be giving this buffer back to upper layers */ 772 packet->status = 0; 773 send_packet_completion(target, packet); 774 } 775 skb = NULL; 776 777 if (!ep->pipe.tx_credit_flow_enabled) { 778 /* 779 * note: when using TX credit flow, the re-checking of queues 780 * happens when credits flow back from the target. in the 781 * non-TX credit case, we recheck after the packet completes 782 */ 783 htc_try_send(target, ep, NULL); 784 } 785 786 return 0; 787 } 788 789 static int htc_send_packets_multiple(struct htc_target *target, 790 struct list_head *pkt_queue) 791 { 792 struct htc_endpoint *ep; 793 struct htc_packet *packet, *tmp_pkt; 794 795 if (list_empty(pkt_queue)) 796 return -EINVAL; 797 798 /* get first packet to find out which ep the packets will go into */ 799 packet = list_first_entry(pkt_queue, struct htc_packet, list); 800 801 if (packet->endpoint >= ENDPOINT_MAX) { 802 WARN_ON_ONCE(1); 803 return -EINVAL; 804 } 805 ep = &target->endpoint[packet->endpoint]; 806 807 htc_try_send(target, ep, pkt_queue); 808 809 /* do completion on any packets that couldn't get in */ 810 if (!list_empty(pkt_queue)) { 811 list_for_each_entry_safe(packet, tmp_pkt, pkt_queue, list) { 812 packet->status = -ENOMEM; 813 } 814 815 do_send_completion(ep, pkt_queue); 816 } 817 818 return 0; 819 } 820 821 /* htc pipe rx path */ 822 static struct htc_packet *alloc_htc_packet_container(struct htc_target *target) 823 { 824 struct htc_packet *packet; 825 spin_lock_bh(&target->rx_lock); 826 827 if (target->pipe.htc_packet_pool == NULL) { 828 spin_unlock_bh(&target->rx_lock); 829 return NULL; 830 } 831 832 packet = target->pipe.htc_packet_pool; 833 target->pipe.htc_packet_pool = (struct htc_packet *) packet->list.next; 834 835 spin_unlock_bh(&target->rx_lock); 836 837 packet->list.next = NULL; 838 return packet; 839 } 840 841 static void free_htc_packet_container(struct htc_target *target, 842 struct htc_packet *packet) 843 { 844 struct list_head *lh; 845 846 spin_lock_bh(&target->rx_lock); 847 848 if (target->pipe.htc_packet_pool == NULL) { 849 target->pipe.htc_packet_pool = packet; 850 packet->list.next = NULL; 851 } else { 852 lh = (struct list_head *) target->pipe.htc_packet_pool; 853 packet->list.next = lh; 854 target->pipe.htc_packet_pool = packet; 855 } 856 857 spin_unlock_bh(&target->rx_lock); 858 } 859 860 static int htc_process_trailer(struct htc_target *target, u8 *buffer, 861 int len, enum htc_endpoint_id from_ep) 862 { 863 struct htc_credit_report *report; 864 struct htc_record_hdr *record; 865 u8 *record_buf, *orig_buf; 866 int orig_len, status; 867 868 orig_buf = buffer; 869 orig_len = len; 870 status = 0; 871 872 while (len > 0) { 873 if (len < sizeof(struct htc_record_hdr)) { 874 status = -EINVAL; 875 break; 876 } 877 878 /* these are byte aligned structs */ 879 record = (struct htc_record_hdr *) buffer; 880 len -= sizeof(struct htc_record_hdr); 881 buffer += sizeof(struct htc_record_hdr); 882 883 if (record->len > len) { 884 /* no room left in buffer for record */ 885 ath6kl_dbg(ATH6KL_DBG_HTC, 886 "invalid length: %d (id:%d) buffer has: %d bytes left\n", 887 record->len, record->rec_id, len); 888 status = -EINVAL; 889 break; 890 } 891 892 /* start of record follows the header */ 893 record_buf = buffer; 894 895 switch (record->rec_id) { 896 case HTC_RECORD_CREDITS: 897 if (record->len < sizeof(struct htc_credit_report)) { 898 WARN_ON_ONCE(1); 899 return -EINVAL; 900 } 901 902 report = (struct htc_credit_report *) record_buf; 903 htc_process_credit_report(target, report, 904 record->len / sizeof(*report), 905 from_ep); 906 break; 907 default: 908 ath6kl_dbg(ATH6KL_DBG_HTC, 909 "unhandled record: id:%d length:%d\n", 910 record->rec_id, record->len); 911 break; 912 } 913 914 if (status != 0) 915 break; 916 917 /* advance buffer past this record for next time around */ 918 buffer += record->len; 919 len -= record->len; 920 } 921 922 return status; 923 } 924 925 static void do_recv_completion(struct htc_endpoint *ep, 926 struct list_head *queue_to_indicate) 927 { 928 struct htc_packet *packet; 929 930 if (list_empty(queue_to_indicate)) { 931 /* nothing to indicate */ 932 return; 933 } 934 935 /* using legacy EpRecv */ 936 while (!list_empty(queue_to_indicate)) { 937 packet = list_first_entry(queue_to_indicate, 938 struct htc_packet, list); 939 list_del(&packet->list); 940 ep->ep_cb.rx(ep->target, packet); 941 } 942 943 return; 944 } 945 946 static void recv_packet_completion(struct htc_target *target, 947 struct htc_endpoint *ep, 948 struct htc_packet *packet) 949 { 950 struct list_head container; 951 INIT_LIST_HEAD(&container); 952 list_add_tail(&packet->list, &container); 953 954 /* do completion */ 955 do_recv_completion(ep, &container); 956 } 957 958 static int ath6kl_htc_pipe_rx_complete(struct ath6kl *ar, struct sk_buff *skb, 959 u8 pipeid) 960 { 961 struct htc_target *target = ar->htc_target; 962 u8 *netdata, *trailer, hdr_info; 963 struct htc_frame_hdr *htc_hdr; 964 u32 netlen, trailerlen = 0; 965 struct htc_packet *packet; 966 struct htc_endpoint *ep; 967 u16 payload_len; 968 int status = 0; 969 970 /* 971 * ar->htc_target can be NULL due to a race condition that can occur 972 * during driver initialization(we do 'ath6kl_hif_power_on' before 973 * initializing 'ar->htc_target' via 'ath6kl_htc_create'). 974 * 'ath6kl_hif_power_on' assigns 'ath6kl_recv_complete' as 975 * usb_complete_t/callback function for 'usb_fill_bulk_urb'. 976 * Thus the possibility of ar->htc_target being NULL 977 * via ath6kl_recv_complete -> ath6kl_usb_io_comp_work. 978 */ 979 if (WARN_ON_ONCE(!target)) { 980 ath6kl_err("Target not yet initialized\n"); 981 status = -EINVAL; 982 goto free_skb; 983 } 984 985 986 netdata = skb->data; 987 netlen = skb->len; 988 989 htc_hdr = (struct htc_frame_hdr *) netdata; 990 991 if (htc_hdr->eid >= ENDPOINT_MAX) { 992 ath6kl_dbg(ATH6KL_DBG_HTC, 993 "HTC Rx: invalid EndpointID=%d\n", 994 htc_hdr->eid); 995 status = -EINVAL; 996 goto free_skb; 997 } 998 ep = &target->endpoint[htc_hdr->eid]; 999 1000 payload_len = le16_to_cpu(get_unaligned(&htc_hdr->payld_len)); 1001 1002 if (netlen < (payload_len + HTC_HDR_LENGTH)) { 1003 ath6kl_dbg(ATH6KL_DBG_HTC, 1004 "HTC Rx: insufficient length, got:%d expected =%u\n", 1005 netlen, payload_len + HTC_HDR_LENGTH); 1006 status = -EINVAL; 1007 goto free_skb; 1008 } 1009 1010 /* get flags to check for trailer */ 1011 hdr_info = htc_hdr->flags; 1012 if (hdr_info & HTC_FLG_RX_TRAILER) { 1013 /* extract the trailer length */ 1014 hdr_info = htc_hdr->ctrl[0]; 1015 if ((hdr_info < sizeof(struct htc_record_hdr)) || 1016 (hdr_info > payload_len)) { 1017 ath6kl_dbg(ATH6KL_DBG_HTC, 1018 "invalid header: payloadlen should be %d, CB[0]: %d\n", 1019 payload_len, hdr_info); 1020 status = -EINVAL; 1021 goto free_skb; 1022 } 1023 1024 trailerlen = hdr_info; 1025 /* process trailer after hdr/apps payload */ 1026 trailer = (u8 *) htc_hdr + HTC_HDR_LENGTH + 1027 payload_len - hdr_info; 1028 status = htc_process_trailer(target, trailer, hdr_info, 1029 htc_hdr->eid); 1030 if (status != 0) 1031 goto free_skb; 1032 } 1033 1034 if (((int) payload_len - (int) trailerlen) <= 0) { 1035 /* zero length packet with trailer, just drop these */ 1036 goto free_skb; 1037 } 1038 1039 if (htc_hdr->eid == ENDPOINT_0) { 1040 /* handle HTC control message */ 1041 if (target->htc_flags & HTC_OP_STATE_SETUP_COMPLETE) { 1042 /* 1043 * fatal: target should not send unsolicited 1044 * messageson the endpoint 0 1045 */ 1046 ath6kl_dbg(ATH6KL_DBG_HTC, 1047 "HTC ignores Rx Ctrl after setup complete\n"); 1048 status = -EINVAL; 1049 goto free_skb; 1050 } 1051 1052 /* remove HTC header */ 1053 skb_pull(skb, HTC_HDR_LENGTH); 1054 1055 netdata = skb->data; 1056 netlen = skb->len; 1057 1058 spin_lock_bh(&target->rx_lock); 1059 1060 target->pipe.ctrl_response_valid = true; 1061 target->pipe.ctrl_response_len = min_t(int, netlen, 1062 HTC_MAX_CTRL_MSG_LEN); 1063 memcpy(target->pipe.ctrl_response_buf, netdata, 1064 target->pipe.ctrl_response_len); 1065 1066 spin_unlock_bh(&target->rx_lock); 1067 1068 dev_kfree_skb(skb); 1069 skb = NULL; 1070 1071 goto free_skb; 1072 } 1073 1074 /* 1075 * TODO: the message based HIF architecture allocates net bufs 1076 * for recv packets since it bridges that HIF to upper layers, 1077 * which expects HTC packets, we form the packets here 1078 */ 1079 packet = alloc_htc_packet_container(target); 1080 if (packet == NULL) { 1081 status = -ENOMEM; 1082 goto free_skb; 1083 } 1084 1085 packet->status = 0; 1086 packet->endpoint = htc_hdr->eid; 1087 packet->pkt_cntxt = skb; 1088 1089 /* TODO: for backwards compatibility */ 1090 packet->buf = skb_push(skb, 0) + HTC_HDR_LENGTH; 1091 packet->act_len = netlen - HTC_HDR_LENGTH - trailerlen; 1092 1093 /* 1094 * TODO: this is a hack because the driver layer will set the 1095 * actual len of the skb again which will just double the len 1096 */ 1097 skb_trim(skb, 0); 1098 1099 recv_packet_completion(target, ep, packet); 1100 1101 /* recover the packet container */ 1102 free_htc_packet_container(target, packet); 1103 skb = NULL; 1104 1105 free_skb: 1106 dev_kfree_skb(skb); 1107 1108 return status; 1109 1110 } 1111 1112 static void htc_flush_rx_queue(struct htc_target *target, 1113 struct htc_endpoint *ep) 1114 { 1115 struct list_head container; 1116 struct htc_packet *packet; 1117 1118 spin_lock_bh(&target->rx_lock); 1119 1120 while (1) { 1121 if (list_empty(&ep->rx_bufq)) 1122 break; 1123 1124 packet = list_first_entry(&ep->rx_bufq, 1125 struct htc_packet, list); 1126 list_del(&packet->list); 1127 1128 spin_unlock_bh(&target->rx_lock); 1129 packet->status = -ECANCELED; 1130 packet->act_len = 0; 1131 1132 ath6kl_dbg(ATH6KL_DBG_HTC, 1133 "Flushing RX packet:0x%p, length:%d, ep:%d\n", 1134 packet, packet->buf_len, 1135 packet->endpoint); 1136 1137 INIT_LIST_HEAD(&container); 1138 list_add_tail(&packet->list, &container); 1139 1140 /* give the packet back */ 1141 do_recv_completion(ep, &container); 1142 spin_lock_bh(&target->rx_lock); 1143 } 1144 1145 spin_unlock_bh(&target->rx_lock); 1146 } 1147 1148 /* polling routine to wait for a control packet to be received */ 1149 static int htc_wait_recv_ctrl_message(struct htc_target *target) 1150 { 1151 int count = HTC_TARGET_RESPONSE_POLL_COUNT; 1152 1153 while (count > 0) { 1154 spin_lock_bh(&target->rx_lock); 1155 1156 if (target->pipe.ctrl_response_valid) { 1157 target->pipe.ctrl_response_valid = false; 1158 spin_unlock_bh(&target->rx_lock); 1159 break; 1160 } 1161 1162 spin_unlock_bh(&target->rx_lock); 1163 1164 count--; 1165 1166 msleep_interruptible(HTC_TARGET_RESPONSE_POLL_WAIT); 1167 } 1168 1169 if (count <= 0) { 1170 ath6kl_warn("htc pipe control receive timeout!\n"); 1171 return -ETIMEDOUT; 1172 } 1173 1174 return 0; 1175 } 1176 1177 static void htc_rxctrl_complete(struct htc_target *context, 1178 struct htc_packet *packet) 1179 { 1180 /* TODO, can't really receive HTC control messages yet.... */ 1181 ath6kl_dbg(ATH6KL_DBG_HTC, "%s: invalid call function\n", __func__); 1182 } 1183 1184 /* htc pipe initialization */ 1185 static void reset_endpoint_states(struct htc_target *target) 1186 { 1187 struct htc_endpoint *ep; 1188 int i; 1189 1190 for (i = ENDPOINT_0; i < ENDPOINT_MAX; i++) { 1191 ep = &target->endpoint[i]; 1192 ep->svc_id = 0; 1193 ep->len_max = 0; 1194 ep->max_txq_depth = 0; 1195 ep->eid = i; 1196 INIT_LIST_HEAD(&ep->txq); 1197 INIT_LIST_HEAD(&ep->pipe.tx_lookup_queue); 1198 INIT_LIST_HEAD(&ep->rx_bufq); 1199 ep->target = target; 1200 ep->pipe.tx_credit_flow_enabled = true; 1201 } 1202 } 1203 1204 /* start HTC, this is called after all services are connected */ 1205 static int htc_config_target_hif_pipe(struct htc_target *target) 1206 { 1207 return 0; 1208 } 1209 1210 /* htc service functions */ 1211 static u8 htc_get_credit_alloc(struct htc_target *target, u16 service_id) 1212 { 1213 u8 allocation = 0; 1214 int i; 1215 1216 for (i = 0; i < ENDPOINT_MAX; i++) { 1217 if (target->pipe.txcredit_alloc[i].service_id == service_id) 1218 allocation = 1219 target->pipe.txcredit_alloc[i].credit_alloc; 1220 } 1221 1222 if (allocation == 0) { 1223 ath6kl_dbg(ATH6KL_DBG_HTC, 1224 "HTC Service TX : 0x%2.2X : allocation is zero!\n", 1225 service_id); 1226 } 1227 1228 return allocation; 1229 } 1230 1231 static int ath6kl_htc_pipe_conn_service(struct htc_target *target, 1232 struct htc_service_connect_req *conn_req, 1233 struct htc_service_connect_resp *conn_resp) 1234 { 1235 struct ath6kl *ar = target->dev->ar; 1236 struct htc_packet *packet = NULL; 1237 struct htc_conn_service_resp *resp_msg; 1238 struct htc_conn_service_msg *conn_msg; 1239 enum htc_endpoint_id assigned_epid = ENDPOINT_MAX; 1240 bool disable_credit_flowctrl = false; 1241 unsigned int max_msg_size = 0; 1242 struct htc_endpoint *ep; 1243 int length, status = 0; 1244 struct sk_buff *skb; 1245 u8 tx_alloc; 1246 u16 flags; 1247 1248 if (conn_req->svc_id == 0) { 1249 WARN_ON_ONCE(1); 1250 status = -EINVAL; 1251 goto free_packet; 1252 } 1253 1254 if (conn_req->svc_id == HTC_CTRL_RSVD_SVC) { 1255 /* special case for pseudo control service */ 1256 assigned_epid = ENDPOINT_0; 1257 max_msg_size = HTC_MAX_CTRL_MSG_LEN; 1258 tx_alloc = 0; 1259 1260 } else { 1261 1262 tx_alloc = htc_get_credit_alloc(target, conn_req->svc_id); 1263 if (tx_alloc == 0) { 1264 status = -ENOMEM; 1265 goto free_packet; 1266 } 1267 1268 /* allocate a packet to send to the target */ 1269 packet = htc_alloc_txctrl_packet(target); 1270 1271 if (packet == NULL) { 1272 WARN_ON_ONCE(1); 1273 status = -ENOMEM; 1274 goto free_packet; 1275 } 1276 1277 skb = packet->skb; 1278 length = sizeof(struct htc_conn_service_msg); 1279 1280 /* assemble connect service message */ 1281 conn_msg = (struct htc_conn_service_msg *) skb_put(skb, 1282 length); 1283 if (conn_msg == NULL) { 1284 WARN_ON_ONCE(1); 1285 status = -EINVAL; 1286 goto free_packet; 1287 } 1288 1289 memset(conn_msg, 0, 1290 sizeof(struct htc_conn_service_msg)); 1291 conn_msg->msg_id = cpu_to_le16(HTC_MSG_CONN_SVC_ID); 1292 conn_msg->svc_id = cpu_to_le16(conn_req->svc_id); 1293 conn_msg->conn_flags = cpu_to_le16(conn_req->conn_flags & 1294 ~HTC_CONN_FLGS_SET_RECV_ALLOC_MASK); 1295 1296 /* tell target desired recv alloc for this ep */ 1297 flags = tx_alloc << HTC_CONN_FLGS_SET_RECV_ALLOC_SHIFT; 1298 conn_msg->conn_flags |= cpu_to_le16(flags); 1299 1300 if (conn_req->conn_flags & 1301 HTC_CONN_FLGS_DISABLE_CRED_FLOW_CTRL) { 1302 disable_credit_flowctrl = true; 1303 } 1304 1305 set_htc_pkt_info(packet, NULL, (u8 *) conn_msg, 1306 length, 1307 ENDPOINT_0, HTC_SERVICE_TX_PACKET_TAG); 1308 1309 status = ath6kl_htc_pipe_tx(target, packet); 1310 1311 /* we don't own it anymore */ 1312 packet = NULL; 1313 if (status != 0) 1314 goto free_packet; 1315 1316 /* wait for response */ 1317 status = htc_wait_recv_ctrl_message(target); 1318 if (status != 0) 1319 goto free_packet; 1320 1321 /* we controlled the buffer creation so it has to be 1322 * properly aligned 1323 */ 1324 resp_msg = (struct htc_conn_service_resp *) 1325 target->pipe.ctrl_response_buf; 1326 1327 if (resp_msg->msg_id != cpu_to_le16(HTC_MSG_CONN_SVC_RESP_ID) || 1328 (target->pipe.ctrl_response_len < sizeof(*resp_msg))) { 1329 /* this message is not valid */ 1330 WARN_ON_ONCE(1); 1331 status = -EINVAL; 1332 goto free_packet; 1333 } 1334 1335 ath6kl_dbg(ATH6KL_DBG_TRC, 1336 "%s: service 0x%X conn resp: status: %d ep: %d\n", 1337 __func__, resp_msg->svc_id, resp_msg->status, 1338 resp_msg->eid); 1339 1340 conn_resp->resp_code = resp_msg->status; 1341 /* check response status */ 1342 if (resp_msg->status != HTC_SERVICE_SUCCESS) { 1343 ath6kl_dbg(ATH6KL_DBG_HTC, 1344 "Target failed service 0x%X connect request (status:%d)\n", 1345 resp_msg->svc_id, resp_msg->status); 1346 status = -EINVAL; 1347 goto free_packet; 1348 } 1349 1350 assigned_epid = (enum htc_endpoint_id) resp_msg->eid; 1351 max_msg_size = le16_to_cpu(resp_msg->max_msg_sz); 1352 } 1353 1354 /* the rest are parameter checks so set the error status */ 1355 status = -EINVAL; 1356 1357 if (assigned_epid >= ENDPOINT_MAX) { 1358 WARN_ON_ONCE(1); 1359 goto free_packet; 1360 } 1361 1362 if (max_msg_size == 0) { 1363 WARN_ON_ONCE(1); 1364 goto free_packet; 1365 } 1366 1367 ep = &target->endpoint[assigned_epid]; 1368 ep->eid = assigned_epid; 1369 if (ep->svc_id != 0) { 1370 /* endpoint already in use! */ 1371 WARN_ON_ONCE(1); 1372 goto free_packet; 1373 } 1374 1375 /* return assigned endpoint to caller */ 1376 conn_resp->endpoint = assigned_epid; 1377 conn_resp->len_max = max_msg_size; 1378 1379 /* setup the endpoint */ 1380 ep->svc_id = conn_req->svc_id; /* this marks ep in use */ 1381 ep->max_txq_depth = conn_req->max_txq_depth; 1382 ep->len_max = max_msg_size; 1383 ep->cred_dist.credits = tx_alloc; 1384 ep->cred_dist.cred_sz = target->tgt_cred_sz; 1385 ep->cred_dist.cred_per_msg = max_msg_size / target->tgt_cred_sz; 1386 if (max_msg_size % target->tgt_cred_sz) 1387 ep->cred_dist.cred_per_msg++; 1388 1389 /* copy all the callbacks */ 1390 ep->ep_cb = conn_req->ep_cb; 1391 1392 /* initialize tx_drop_packet_threshold */ 1393 ep->tx_drop_packet_threshold = MAX_HI_COOKIE_NUM; 1394 1395 status = ath6kl_hif_pipe_map_service(ar, ep->svc_id, 1396 &ep->pipe.pipeid_ul, 1397 &ep->pipe.pipeid_dl); 1398 if (status != 0) 1399 goto free_packet; 1400 1401 ath6kl_dbg(ATH6KL_DBG_HTC, 1402 "SVC Ready: 0x%4.4X: ULpipe:%d DLpipe:%d id:%d\n", 1403 ep->svc_id, ep->pipe.pipeid_ul, 1404 ep->pipe.pipeid_dl, ep->eid); 1405 1406 if (disable_credit_flowctrl && ep->pipe.tx_credit_flow_enabled) { 1407 ep->pipe.tx_credit_flow_enabled = false; 1408 ath6kl_dbg(ATH6KL_DBG_HTC, 1409 "SVC: 0x%4.4X ep:%d TX flow control off\n", 1410 ep->svc_id, assigned_epid); 1411 } 1412 1413 free_packet: 1414 if (packet != NULL) 1415 htc_free_txctrl_packet(target, packet); 1416 return status; 1417 } 1418 1419 /* htc export functions */ 1420 static void *ath6kl_htc_pipe_create(struct ath6kl *ar) 1421 { 1422 int status = 0; 1423 struct htc_endpoint *ep = NULL; 1424 struct htc_target *target = NULL; 1425 struct htc_packet *packet; 1426 int i; 1427 1428 target = kzalloc(sizeof(struct htc_target), GFP_KERNEL); 1429 if (target == NULL) { 1430 ath6kl_err("htc create unable to allocate memory\n"); 1431 status = -ENOMEM; 1432 goto fail_htc_create; 1433 } 1434 1435 spin_lock_init(&target->htc_lock); 1436 spin_lock_init(&target->rx_lock); 1437 spin_lock_init(&target->tx_lock); 1438 1439 reset_endpoint_states(target); 1440 1441 for (i = 0; i < HTC_PACKET_CONTAINER_ALLOCATION; i++) { 1442 packet = kzalloc(sizeof(struct htc_packet), GFP_KERNEL); 1443 1444 if (packet != NULL) 1445 free_htc_packet_container(target, packet); 1446 } 1447 1448 target->dev = kzalloc(sizeof(*target->dev), GFP_KERNEL); 1449 if (!target->dev) { 1450 ath6kl_err("unable to allocate memory\n"); 1451 status = -ENOMEM; 1452 goto fail_htc_create; 1453 } 1454 target->dev->ar = ar; 1455 target->dev->htc_cnxt = target; 1456 1457 /* Get HIF default pipe for HTC message exchange */ 1458 ep = &target->endpoint[ENDPOINT_0]; 1459 1460 ath6kl_hif_pipe_get_default(ar, &ep->pipe.pipeid_ul, 1461 &ep->pipe.pipeid_dl); 1462 1463 return target; 1464 1465 fail_htc_create: 1466 if (status != 0) { 1467 if (target != NULL) 1468 ath6kl_htc_pipe_cleanup(target); 1469 1470 target = NULL; 1471 } 1472 return target; 1473 } 1474 1475 /* cleanup the HTC instance */ 1476 static void ath6kl_htc_pipe_cleanup(struct htc_target *target) 1477 { 1478 struct htc_packet *packet; 1479 1480 while (true) { 1481 packet = alloc_htc_packet_container(target); 1482 if (packet == NULL) 1483 break; 1484 kfree(packet); 1485 } 1486 1487 kfree(target->dev); 1488 1489 /* kfree our instance */ 1490 kfree(target); 1491 } 1492 1493 static int ath6kl_htc_pipe_start(struct htc_target *target) 1494 { 1495 struct sk_buff *skb; 1496 struct htc_setup_comp_ext_msg *setup; 1497 struct htc_packet *packet; 1498 1499 htc_config_target_hif_pipe(target); 1500 1501 /* allocate a buffer to send */ 1502 packet = htc_alloc_txctrl_packet(target); 1503 if (packet == NULL) { 1504 WARN_ON_ONCE(1); 1505 return -ENOMEM; 1506 } 1507 1508 skb = packet->skb; 1509 1510 /* assemble setup complete message */ 1511 setup = (struct htc_setup_comp_ext_msg *) skb_put(skb, 1512 sizeof(*setup)); 1513 memset(setup, 0, sizeof(struct htc_setup_comp_ext_msg)); 1514 setup->msg_id = cpu_to_le16(HTC_MSG_SETUP_COMPLETE_EX_ID); 1515 1516 ath6kl_dbg(ATH6KL_DBG_HTC, "HTC using TX credit flow control\n"); 1517 1518 set_htc_pkt_info(packet, NULL, (u8 *) setup, 1519 sizeof(struct htc_setup_comp_ext_msg), 1520 ENDPOINT_0, HTC_SERVICE_TX_PACKET_TAG); 1521 1522 target->htc_flags |= HTC_OP_STATE_SETUP_COMPLETE; 1523 1524 return ath6kl_htc_pipe_tx(target, packet); 1525 } 1526 1527 static void ath6kl_htc_pipe_stop(struct htc_target *target) 1528 { 1529 int i; 1530 struct htc_endpoint *ep; 1531 1532 /* cleanup endpoints */ 1533 for (i = 0; i < ENDPOINT_MAX; i++) { 1534 ep = &target->endpoint[i]; 1535 htc_flush_rx_queue(target, ep); 1536 htc_flush_tx_endpoint(target, ep, HTC_TX_PACKET_TAG_ALL); 1537 } 1538 1539 reset_endpoint_states(target); 1540 target->htc_flags &= ~HTC_OP_STATE_SETUP_COMPLETE; 1541 } 1542 1543 static int ath6kl_htc_pipe_get_rxbuf_num(struct htc_target *target, 1544 enum htc_endpoint_id endpoint) 1545 { 1546 int num; 1547 1548 spin_lock_bh(&target->rx_lock); 1549 num = get_queue_depth(&(target->endpoint[endpoint].rx_bufq)); 1550 spin_unlock_bh(&target->rx_lock); 1551 1552 return num; 1553 } 1554 1555 static int ath6kl_htc_pipe_tx(struct htc_target *target, 1556 struct htc_packet *packet) 1557 { 1558 struct list_head queue; 1559 1560 ath6kl_dbg(ATH6KL_DBG_HTC, 1561 "%s: endPointId: %d, buffer: 0x%p, length: %d\n", 1562 __func__, packet->endpoint, packet->buf, 1563 packet->act_len); 1564 1565 INIT_LIST_HEAD(&queue); 1566 list_add_tail(&packet->list, &queue); 1567 1568 return htc_send_packets_multiple(target, &queue); 1569 } 1570 1571 static int ath6kl_htc_pipe_wait_target(struct htc_target *target) 1572 { 1573 struct htc_ready_ext_msg *ready_msg; 1574 struct htc_service_connect_req connect; 1575 struct htc_service_connect_resp resp; 1576 int status = 0; 1577 1578 status = htc_wait_recv_ctrl_message(target); 1579 1580 if (status != 0) 1581 return status; 1582 1583 if (target->pipe.ctrl_response_len < sizeof(*ready_msg)) { 1584 ath6kl_warn("invalid htc pipe ready msg len: %d\n", 1585 target->pipe.ctrl_response_len); 1586 return -ECOMM; 1587 } 1588 1589 ready_msg = (struct htc_ready_ext_msg *) target->pipe.ctrl_response_buf; 1590 1591 if (ready_msg->ver2_0_info.msg_id != cpu_to_le16(HTC_MSG_READY_ID)) { 1592 ath6kl_warn("invalid htc pipe ready msg: 0x%x\n", 1593 ready_msg->ver2_0_info.msg_id); 1594 return -ECOMM; 1595 } 1596 1597 ath6kl_dbg(ATH6KL_DBG_HTC, 1598 "Target Ready! : transmit resources : %d size:%d\n", 1599 ready_msg->ver2_0_info.cred_cnt, 1600 ready_msg->ver2_0_info.cred_sz); 1601 1602 target->tgt_creds = le16_to_cpu(ready_msg->ver2_0_info.cred_cnt); 1603 target->tgt_cred_sz = le16_to_cpu(ready_msg->ver2_0_info.cred_sz); 1604 1605 if ((target->tgt_creds == 0) || (target->tgt_cred_sz == 0)) 1606 return -ECOMM; 1607 1608 htc_setup_target_buffer_assignments(target); 1609 1610 /* setup our pseudo HTC control endpoint connection */ 1611 memset(&connect, 0, sizeof(connect)); 1612 memset(&resp, 0, sizeof(resp)); 1613 connect.ep_cb.tx_complete = htc_txctrl_complete; 1614 connect.ep_cb.rx = htc_rxctrl_complete; 1615 connect.max_txq_depth = NUM_CONTROL_TX_BUFFERS; 1616 connect.svc_id = HTC_CTRL_RSVD_SVC; 1617 1618 /* connect fake service */ 1619 status = ath6kl_htc_pipe_conn_service(target, &connect, &resp); 1620 1621 return status; 1622 } 1623 1624 static void ath6kl_htc_pipe_flush_txep(struct htc_target *target, 1625 enum htc_endpoint_id endpoint, u16 tag) 1626 { 1627 struct htc_endpoint *ep = &target->endpoint[endpoint]; 1628 1629 if (ep->svc_id == 0) { 1630 WARN_ON_ONCE(1); 1631 /* not in use.. */ 1632 return; 1633 } 1634 1635 htc_flush_tx_endpoint(target, ep, tag); 1636 } 1637 1638 static int ath6kl_htc_pipe_add_rxbuf_multiple(struct htc_target *target, 1639 struct list_head *pkt_queue) 1640 { 1641 struct htc_packet *packet, *tmp_pkt, *first; 1642 struct htc_endpoint *ep; 1643 int status = 0; 1644 1645 if (list_empty(pkt_queue)) 1646 return -EINVAL; 1647 1648 first = list_first_entry(pkt_queue, struct htc_packet, list); 1649 1650 if (first->endpoint >= ENDPOINT_MAX) { 1651 WARN_ON_ONCE(1); 1652 return -EINVAL; 1653 } 1654 1655 ath6kl_dbg(ATH6KL_DBG_HTC, "%s: epid: %d, cnt:%d, len: %d\n", 1656 __func__, first->endpoint, get_queue_depth(pkt_queue), 1657 first->buf_len); 1658 1659 ep = &target->endpoint[first->endpoint]; 1660 1661 spin_lock_bh(&target->rx_lock); 1662 1663 /* store receive packets */ 1664 list_splice_tail_init(pkt_queue, &ep->rx_bufq); 1665 1666 spin_unlock_bh(&target->rx_lock); 1667 1668 if (status != 0) { 1669 /* walk through queue and mark each one canceled */ 1670 list_for_each_entry_safe(packet, tmp_pkt, pkt_queue, list) { 1671 packet->status = -ECANCELED; 1672 } 1673 1674 do_recv_completion(ep, pkt_queue); 1675 } 1676 1677 return status; 1678 } 1679 1680 static void ath6kl_htc_pipe_activity_changed(struct htc_target *target, 1681 enum htc_endpoint_id ep, 1682 bool active) 1683 { 1684 /* TODO */ 1685 } 1686 1687 static void ath6kl_htc_pipe_flush_rx_buf(struct htc_target *target) 1688 { 1689 /* TODO */ 1690 } 1691 1692 static int ath6kl_htc_pipe_credit_setup(struct htc_target *target, 1693 struct ath6kl_htc_credit_info *info) 1694 { 1695 return 0; 1696 } 1697 1698 static const struct ath6kl_htc_ops ath6kl_htc_pipe_ops = { 1699 .create = ath6kl_htc_pipe_create, 1700 .wait_target = ath6kl_htc_pipe_wait_target, 1701 .start = ath6kl_htc_pipe_start, 1702 .conn_service = ath6kl_htc_pipe_conn_service, 1703 .tx = ath6kl_htc_pipe_tx, 1704 .stop = ath6kl_htc_pipe_stop, 1705 .cleanup = ath6kl_htc_pipe_cleanup, 1706 .flush_txep = ath6kl_htc_pipe_flush_txep, 1707 .flush_rx_buf = ath6kl_htc_pipe_flush_rx_buf, 1708 .activity_changed = ath6kl_htc_pipe_activity_changed, 1709 .get_rxbuf_num = ath6kl_htc_pipe_get_rxbuf_num, 1710 .add_rxbuf_multiple = ath6kl_htc_pipe_add_rxbuf_multiple, 1711 .credit_setup = ath6kl_htc_pipe_credit_setup, 1712 .tx_complete = ath6kl_htc_pipe_tx_complete, 1713 .rx_complete = ath6kl_htc_pipe_rx_complete, 1714 }; 1715 1716 void ath6kl_htc_pipe_attach(struct ath6kl *ar) 1717 { 1718 ar->htc_ops = &ath6kl_htc_pipe_ops; 1719 } 1720