1 // SPDX-License-Identifier: GPL-2.0-only 2 3 /* 4 * Linux device driver for USB based Prism54 5 * 6 * Copyright (c) 2006, Michael Wu <flamingice@sourmilk.net> 7 * 8 * Based on the islsm (softmac prism54) driver, which is: 9 * Copyright 2004-2006 Jean-Baptiste Note <jbnote@gmail.com>, et al. 10 */ 11 12 #include <linux/usb.h> 13 #include <linux/pci.h> 14 #include <linux/slab.h> 15 #include <linux/firmware.h> 16 #include <linux/etherdevice.h> 17 #include <linux/delay.h> 18 #include <linux/crc32.h> 19 #include <linux/module.h> 20 #include <net/mac80211.h> 21 22 #include "p54.h" 23 #include "lmac.h" 24 #include "p54usb.h" 25 26 MODULE_AUTHOR("Michael Wu <flamingice@sourmilk.net>"); 27 MODULE_DESCRIPTION("Prism54 USB wireless driver"); 28 MODULE_LICENSE("GPL"); 29 MODULE_ALIAS("prism54usb"); 30 MODULE_FIRMWARE("isl3886usb"); 31 MODULE_FIRMWARE("isl3887usb"); 32 33 /* 34 * Note: 35 * 36 * Always update our wiki's device list (located at: 37 * http://wireless.kernel.org/en/users/Drivers/p54/devices ), 38 * whenever you add a new device. 39 */ 40 41 static const struct usb_device_id p54u_table[] = { 42 /* Version 1 devices (pci chip + net2280) */ 43 {USB_DEVICE(0x0411, 0x0050)}, /* Buffalo WLI2-USB2-G54 */ 44 {USB_DEVICE(0x045e, 0x00c2)}, /* Microsoft MN-710 */ 45 {USB_DEVICE(0x0506, 0x0a11)}, /* 3COM 3CRWE254G72 */ 46 {USB_DEVICE(0x0675, 0x0530)}, /* DrayTek Vigor 530 */ 47 {USB_DEVICE(0x06b9, 0x0120)}, /* Thomson SpeedTouch 120g */ 48 {USB_DEVICE(0x0707, 0xee06)}, /* SMC 2862W-G */ 49 {USB_DEVICE(0x07aa, 0x001c)}, /* Corega CG-WLUSB2GT */ 50 {USB_DEVICE(0x083a, 0x4501)}, /* Accton 802.11g WN4501 USB */ 51 {USB_DEVICE(0x083a, 0x4502)}, /* Siemens Gigaset USB Adapter */ 52 {USB_DEVICE(0x083a, 0x5501)}, /* Phillips CPWUA054 */ 53 {USB_DEVICE(0x0846, 0x4200)}, /* Netgear WG121 */ 54 {USB_DEVICE(0x0846, 0x4210)}, /* Netgear WG121 the second ? */ 55 {USB_DEVICE(0x0846, 0x4220)}, /* Netgear WG111 */ 56 {USB_DEVICE(0x09aa, 0x1000)}, /* Spinnaker Proto board */ 57 {USB_DEVICE(0x0bf8, 0x1007)}, /* Fujitsu E-5400 USB */ 58 {USB_DEVICE(0x0cde, 0x0006)}, /* Medion 40900, Roper Europe */ 59 {USB_DEVICE(0x0db0, 0x6826)}, /* MSI UB54G (MS-6826) */ 60 {USB_DEVICE(0x107b, 0x55f2)}, /* Gateway WGU-210 (Gemtek) */ 61 {USB_DEVICE(0x124a, 0x4023)}, /* Shuttle PN15, Airvast WM168g, IOGear GWU513 */ 62 {USB_DEVICE(0x1435, 0x0210)}, /* Inventel UR054G */ 63 {USB_DEVICE(0x15a9, 0x0002)}, /* Gemtek WUBI-100GW 802.11g */ 64 {USB_DEVICE(0x1630, 0x0005)}, /* 2Wire 802.11g USB (v1) / Z-Com */ 65 {USB_DEVICE(0x182d, 0x096b)}, /* Sitecom WL-107 */ 66 {USB_DEVICE(0x1915, 0x2234)}, /* Linksys WUSB54G OEM */ 67 {USB_DEVICE(0x1915, 0x2235)}, /* Linksys WUSB54G Portable OEM */ 68 {USB_DEVICE(0x2001, 0x3701)}, /* DLink DWL-G120 Spinnaker */ 69 {USB_DEVICE(0x2001, 0x3703)}, /* DLink DWL-G122 */ 70 {USB_DEVICE(0x2001, 0x3762)}, /* Conceptronic C54U */ 71 {USB_DEVICE(0x5041, 0x2234)}, /* Linksys WUSB54G */ 72 {USB_DEVICE(0x5041, 0x2235)}, /* Linksys WUSB54G Portable */ 73 74 /* Version 2 devices (3887) */ 75 {USB_DEVICE(0x0471, 0x1230)}, /* Philips CPWUA054/00 */ 76 {USB_DEVICE(0x050d, 0x7050)}, /* Belkin F5D7050 ver 1000 */ 77 {USB_DEVICE(0x0572, 0x2000)}, /* Cohiba Proto board */ 78 {USB_DEVICE(0x0572, 0x2002)}, /* Cohiba Proto board */ 79 {USB_DEVICE(0x06a9, 0x000e)}, /* Westell 802.11g USB (A90-211WG-01) */ 80 {USB_DEVICE(0x06b9, 0x0121)}, /* Thomson SpeedTouch 121g */ 81 {USB_DEVICE(0x0707, 0xee13)}, /* SMC 2862W-G version 2 */ 82 {USB_DEVICE(0x07aa, 0x0020)}, /* Corega WLUSB2GTST USB */ 83 {USB_DEVICE(0x0803, 0x4310)}, /* Zoom 4410a */ 84 {USB_DEVICE(0x083a, 0x4521)}, /* Siemens Gigaset USB Adapter 54 version 2 */ 85 {USB_DEVICE(0x083a, 0x4531)}, /* T-Com Sinus 154 data II */ 86 {USB_DEVICE(0x083a, 0xc501)}, /* Zoom Wireless-G 4410 */ 87 {USB_DEVICE(0x083a, 0xf503)}, /* Accton FD7050E ver 1010ec */ 88 {USB_DEVICE(0x0846, 0x4240)}, /* Netgear WG111 (v2) */ 89 {USB_DEVICE(0x0915, 0x2000)}, /* Cohiba Proto board */ 90 {USB_DEVICE(0x0915, 0x2002)}, /* Cohiba Proto board */ 91 {USB_DEVICE(0x0baf, 0x0118)}, /* U.S. Robotics U5 802.11g Adapter*/ 92 {USB_DEVICE(0x0bf8, 0x1009)}, /* FUJITSU E-5400 USB D1700*/ 93 /* {USB_DEVICE(0x0cde, 0x0006)}, * Medion MD40900 already listed above, 94 * just noting it here for clarity */ 95 {USB_DEVICE(0x0cde, 0x0008)}, /* Sagem XG703A */ 96 {USB_DEVICE(0x0cde, 0x0015)}, /* Zcomax XG-705A */ 97 {USB_DEVICE(0x0d8e, 0x3762)}, /* DLink DWL-G120 Cohiba */ 98 {USB_DEVICE(0x124a, 0x4025)}, /* IOGear GWU513 (GW3887IK chip) */ 99 {USB_DEVICE(0x1260, 0xee22)}, /* SMC 2862W-G version 2 */ 100 {USB_DEVICE(0x13b1, 0x000a)}, /* Linksys WUSB54G ver 2 */ 101 {USB_DEVICE(0x13B1, 0x000C)}, /* Linksys WUSB54AG */ 102 {USB_DEVICE(0x1413, 0x5400)}, /* Telsey 802.11g USB2.0 Adapter */ 103 {USB_DEVICE(0x1435, 0x0427)}, /* Inventel UR054G */ 104 /* {USB_DEVICE(0x15a9, 0x0002)}, * Also SparkLAN WL-682 with 3887 */ 105 {USB_DEVICE(0x1668, 0x1050)}, /* Actiontec 802UIG-1 */ 106 {USB_DEVICE(0x1740, 0x1000)}, /* Senao NUB-350 */ 107 {USB_DEVICE(0x2001, 0x3704)}, /* DLink DWL-G122 rev A2 */ 108 {USB_DEVICE(0x2001, 0x3705)}, /* D-Link DWL-G120 rev C1 */ 109 {USB_DEVICE(0x413c, 0x5513)}, /* Dell WLA3310 USB Wireless Adapter */ 110 {USB_DEVICE(0x413c, 0x8102)}, /* Spinnaker DUT */ 111 {USB_DEVICE(0x413c, 0x8104)}, /* Cohiba Proto board */ 112 {} 113 }; 114 115 MODULE_DEVICE_TABLE(usb, p54u_table); 116 117 static const struct { 118 u32 intf; 119 enum p54u_hw_type type; 120 const char *fw; 121 char hw[20]; 122 } p54u_fwlist[__NUM_P54U_HWTYPES] = { 123 { 124 .type = P54U_NET2280, 125 .intf = FW_LM86, 126 .fw = "isl3886usb", 127 .hw = "ISL3886 + net2280", 128 }, 129 { 130 .type = P54U_3887, 131 .intf = FW_LM87, 132 .fw = "isl3887usb", 133 .hw = "ISL3887", 134 }, 135 }; 136 137 static void p54u_rx_cb(struct urb *urb) 138 { 139 struct sk_buff *skb = (struct sk_buff *) urb->context; 140 struct p54u_rx_info *info = (struct p54u_rx_info *)skb->cb; 141 struct ieee80211_hw *dev = info->dev; 142 struct p54u_priv *priv = dev->priv; 143 144 skb_unlink(skb, &priv->rx_queue); 145 146 if (unlikely(urb->status)) { 147 dev_kfree_skb_irq(skb); 148 return; 149 } 150 151 skb_put(skb, urb->actual_length); 152 153 if (priv->hw_type == P54U_NET2280) 154 skb_pull(skb, priv->common.tx_hdr_len); 155 if (priv->common.fw_interface == FW_LM87) { 156 skb_pull(skb, 4); 157 skb_put(skb, 4); 158 } 159 160 if (p54_rx(dev, skb)) { 161 skb = dev_alloc_skb(priv->common.rx_mtu + 32); 162 if (unlikely(!skb)) { 163 /* TODO check rx queue length and refill *somewhere* */ 164 return; 165 } 166 167 info = (struct p54u_rx_info *) skb->cb; 168 info->urb = urb; 169 info->dev = dev; 170 urb->transfer_buffer = skb_tail_pointer(skb); 171 urb->context = skb; 172 } else { 173 if (priv->hw_type == P54U_NET2280) 174 skb_push(skb, priv->common.tx_hdr_len); 175 if (priv->common.fw_interface == FW_LM87) { 176 skb_push(skb, 4); 177 skb_put(skb, 4); 178 } 179 skb_reset_tail_pointer(skb); 180 skb_trim(skb, 0); 181 urb->transfer_buffer = skb_tail_pointer(skb); 182 } 183 skb_queue_tail(&priv->rx_queue, skb); 184 usb_anchor_urb(urb, &priv->submitted); 185 if (usb_submit_urb(urb, GFP_ATOMIC)) { 186 skb_unlink(skb, &priv->rx_queue); 187 usb_unanchor_urb(urb); 188 dev_kfree_skb_irq(skb); 189 } 190 } 191 192 static void p54u_tx_cb(struct urb *urb) 193 { 194 struct sk_buff *skb = urb->context; 195 struct ieee80211_hw *dev = 196 usb_get_intfdata(usb_ifnum_to_if(urb->dev, 0)); 197 198 p54_free_skb(dev, skb); 199 } 200 201 static void p54u_tx_dummy_cb(struct urb *urb) { } 202 203 static void p54u_free_urbs(struct ieee80211_hw *dev) 204 { 205 struct p54u_priv *priv = dev->priv; 206 usb_kill_anchored_urbs(&priv->submitted); 207 } 208 209 static void p54u_stop(struct ieee80211_hw *dev) 210 { 211 /* 212 * TODO: figure out how to reliably stop the 3887 and net2280 so 213 * the hardware is still usable next time we want to start it. 214 * until then, we just stop listening to the hardware.. 215 */ 216 p54u_free_urbs(dev); 217 } 218 219 static int p54u_init_urbs(struct ieee80211_hw *dev) 220 { 221 struct p54u_priv *priv = dev->priv; 222 struct urb *entry = NULL; 223 struct sk_buff *skb; 224 struct p54u_rx_info *info; 225 int ret = 0; 226 227 while (skb_queue_len(&priv->rx_queue) < 32) { 228 skb = __dev_alloc_skb(priv->common.rx_mtu + 32, GFP_KERNEL); 229 if (!skb) { 230 ret = -ENOMEM; 231 goto err; 232 } 233 entry = usb_alloc_urb(0, GFP_KERNEL); 234 if (!entry) { 235 ret = -ENOMEM; 236 goto err; 237 } 238 239 usb_fill_bulk_urb(entry, priv->udev, 240 usb_rcvbulkpipe(priv->udev, P54U_PIPE_DATA), 241 skb_tail_pointer(skb), 242 priv->common.rx_mtu + 32, p54u_rx_cb, skb); 243 info = (struct p54u_rx_info *) skb->cb; 244 info->urb = entry; 245 info->dev = dev; 246 skb_queue_tail(&priv->rx_queue, skb); 247 248 usb_anchor_urb(entry, &priv->submitted); 249 ret = usb_submit_urb(entry, GFP_KERNEL); 250 if (ret) { 251 skb_unlink(skb, &priv->rx_queue); 252 usb_unanchor_urb(entry); 253 goto err; 254 } 255 usb_free_urb(entry); 256 entry = NULL; 257 } 258 259 return 0; 260 261 err: 262 usb_free_urb(entry); 263 kfree_skb(skb); 264 p54u_free_urbs(dev); 265 return ret; 266 } 267 268 static int p54u_open(struct ieee80211_hw *dev) 269 { 270 /* 271 * TODO: Because we don't know how to reliably stop the 3887 and 272 * the isl3886+net2280, other than brutally cut off all 273 * communications. We have to reinitialize the urbs on every start. 274 */ 275 return p54u_init_urbs(dev); 276 } 277 278 static __le32 p54u_lm87_chksum(const __le32 *data, size_t length) 279 { 280 u32 chk = 0; 281 282 length >>= 2; 283 while (length--) { 284 chk ^= le32_to_cpu(*data++); 285 chk = (chk >> 5) ^ (chk << 3); 286 } 287 288 return cpu_to_le32(chk); 289 } 290 291 static void p54u_tx_lm87(struct ieee80211_hw *dev, struct sk_buff *skb) 292 { 293 struct p54u_priv *priv = dev->priv; 294 struct urb *data_urb; 295 struct lm87_tx_hdr *hdr = (void *)skb->data - sizeof(*hdr); 296 297 data_urb = usb_alloc_urb(0, GFP_ATOMIC); 298 if (!data_urb) { 299 p54_free_skb(dev, skb); 300 return; 301 } 302 303 hdr->chksum = p54u_lm87_chksum((__le32 *)skb->data, skb->len); 304 hdr->device_addr = ((struct p54_hdr *)skb->data)->req_id; 305 306 usb_fill_bulk_urb(data_urb, priv->udev, 307 usb_sndbulkpipe(priv->udev, P54U_PIPE_DATA), 308 hdr, skb->len + sizeof(*hdr), FREE_AFTER_TX(skb) ? 309 p54u_tx_cb : p54u_tx_dummy_cb, skb); 310 data_urb->transfer_flags |= URB_ZERO_PACKET; 311 312 usb_anchor_urb(data_urb, &priv->submitted); 313 if (usb_submit_urb(data_urb, GFP_ATOMIC)) { 314 usb_unanchor_urb(data_urb); 315 p54_free_skb(dev, skb); 316 } 317 usb_free_urb(data_urb); 318 } 319 320 static void p54u_tx_net2280(struct ieee80211_hw *dev, struct sk_buff *skb) 321 { 322 struct p54u_priv *priv = dev->priv; 323 struct urb *int_urb = NULL, *data_urb = NULL; 324 struct net2280_tx_hdr *hdr = (void *)skb->data - sizeof(*hdr); 325 struct net2280_reg_write *reg = NULL; 326 int err = -ENOMEM; 327 328 reg = kmalloc(sizeof(*reg), GFP_ATOMIC); 329 if (!reg) 330 goto out; 331 332 int_urb = usb_alloc_urb(0, GFP_ATOMIC); 333 if (!int_urb) 334 goto out; 335 336 data_urb = usb_alloc_urb(0, GFP_ATOMIC); 337 if (!data_urb) 338 goto out; 339 340 reg->port = cpu_to_le16(NET2280_DEV_U32); 341 reg->addr = cpu_to_le32(P54U_DEV_BASE); 342 reg->val = cpu_to_le32(ISL38XX_DEV_INT_DATA); 343 344 memset(hdr, 0, sizeof(*hdr)); 345 hdr->len = cpu_to_le16(skb->len); 346 hdr->device_addr = ((struct p54_hdr *) skb->data)->req_id; 347 348 usb_fill_bulk_urb(int_urb, priv->udev, 349 usb_sndbulkpipe(priv->udev, P54U_PIPE_DEV), reg, sizeof(*reg), 350 p54u_tx_dummy_cb, dev); 351 352 /* 353 * URB_FREE_BUFFER triggers a code path in the USB subsystem that will 354 * free what is inside the transfer_buffer after the last reference to 355 * the int_urb is dropped. 356 */ 357 int_urb->transfer_flags |= URB_FREE_BUFFER | URB_ZERO_PACKET; 358 reg = NULL; 359 360 usb_fill_bulk_urb(data_urb, priv->udev, 361 usb_sndbulkpipe(priv->udev, P54U_PIPE_DATA), 362 hdr, skb->len + sizeof(*hdr), FREE_AFTER_TX(skb) ? 363 p54u_tx_cb : p54u_tx_dummy_cb, skb); 364 data_urb->transfer_flags |= URB_ZERO_PACKET; 365 366 usb_anchor_urb(int_urb, &priv->submitted); 367 err = usb_submit_urb(int_urb, GFP_ATOMIC); 368 if (err) { 369 usb_unanchor_urb(int_urb); 370 goto out; 371 } 372 373 usb_anchor_urb(data_urb, &priv->submitted); 374 err = usb_submit_urb(data_urb, GFP_ATOMIC); 375 if (err) { 376 usb_unanchor_urb(data_urb); 377 goto out; 378 } 379 out: 380 usb_free_urb(int_urb); 381 usb_free_urb(data_urb); 382 383 if (err) { 384 kfree(reg); 385 p54_free_skb(dev, skb); 386 } 387 } 388 389 static int p54u_write(struct p54u_priv *priv, 390 struct net2280_reg_write *buf, 391 enum net2280_op_type type, 392 __le32 addr, __le32 val) 393 { 394 unsigned int ep; 395 int alen; 396 397 if (type & 0x0800) 398 ep = usb_sndbulkpipe(priv->udev, P54U_PIPE_DEV); 399 else 400 ep = usb_sndbulkpipe(priv->udev, P54U_PIPE_BRG); 401 402 buf->port = cpu_to_le16(type); 403 buf->addr = addr; 404 buf->val = val; 405 406 return usb_bulk_msg(priv->udev, ep, buf, sizeof(*buf), &alen, 1000); 407 } 408 409 static int p54u_read(struct p54u_priv *priv, void *buf, 410 enum net2280_op_type type, 411 __le32 addr, __le32 *val) 412 { 413 struct net2280_reg_read *read = buf; 414 __le32 *reg = buf; 415 unsigned int ep; 416 int alen, err; 417 418 if (type & 0x0800) 419 ep = P54U_PIPE_DEV; 420 else 421 ep = P54U_PIPE_BRG; 422 423 read->port = cpu_to_le16(type); 424 read->addr = addr; 425 426 err = usb_bulk_msg(priv->udev, usb_sndbulkpipe(priv->udev, ep), 427 read, sizeof(*read), &alen, 1000); 428 if (err) 429 return err; 430 431 err = usb_bulk_msg(priv->udev, usb_rcvbulkpipe(priv->udev, ep), 432 reg, sizeof(*reg), &alen, 1000); 433 if (err) 434 return err; 435 436 *val = *reg; 437 return 0; 438 } 439 440 static int p54u_bulk_msg(struct p54u_priv *priv, unsigned int ep, 441 void *data, size_t len) 442 { 443 int alen; 444 return usb_bulk_msg(priv->udev, usb_sndbulkpipe(priv->udev, ep), 445 data, len, &alen, 2000); 446 } 447 448 static int p54u_device_reset(struct ieee80211_hw *dev) 449 { 450 struct p54u_priv *priv = dev->priv; 451 int ret, lock = (priv->intf->condition != USB_INTERFACE_BINDING); 452 453 if (lock) { 454 ret = usb_lock_device_for_reset(priv->udev, priv->intf); 455 if (ret < 0) { 456 dev_err(&priv->udev->dev, "(p54usb) unable to lock " 457 "device for reset (%d)!\n", ret); 458 return ret; 459 } 460 } 461 462 ret = usb_reset_device(priv->udev); 463 if (lock) 464 usb_unlock_device(priv->udev); 465 466 if (ret) 467 dev_err(&priv->udev->dev, "(p54usb) unable to reset " 468 "device (%d)!\n", ret); 469 470 return ret; 471 } 472 473 static const char p54u_romboot_3887[] = "~~~~"; 474 static int p54u_firmware_reset_3887(struct ieee80211_hw *dev) 475 { 476 struct p54u_priv *priv = dev->priv; 477 u8 *buf; 478 int ret; 479 480 buf = kmemdup(p54u_romboot_3887, 4, GFP_KERNEL); 481 if (!buf) 482 return -ENOMEM; 483 ret = p54u_bulk_msg(priv, P54U_PIPE_DATA, 484 buf, 4); 485 kfree(buf); 486 if (ret) 487 dev_err(&priv->udev->dev, "(p54usb) unable to jump to " 488 "boot ROM (%d)!\n", ret); 489 490 return ret; 491 } 492 493 static const char p54u_firmware_upload_3887[] = "<\r"; 494 static int p54u_upload_firmware_3887(struct ieee80211_hw *dev) 495 { 496 struct p54u_priv *priv = dev->priv; 497 int err, alen; 498 u8 carry = 0; 499 u8 *buf, *tmp; 500 const u8 *data; 501 unsigned int left, remains, block_size; 502 struct x2_header *hdr; 503 unsigned long timeout; 504 505 err = p54u_firmware_reset_3887(dev); 506 if (err) 507 return err; 508 509 tmp = buf = kmalloc(P54U_FW_BLOCK, GFP_KERNEL); 510 if (!buf) 511 return -ENOMEM; 512 513 left = block_size = min_t(size_t, P54U_FW_BLOCK, priv->fw->size); 514 strcpy(buf, p54u_firmware_upload_3887); 515 left -= strlen(p54u_firmware_upload_3887); 516 tmp += strlen(p54u_firmware_upload_3887); 517 518 data = priv->fw->data; 519 remains = priv->fw->size; 520 521 hdr = (struct x2_header *)(buf + strlen(p54u_firmware_upload_3887)); 522 memcpy(hdr->signature, X2_SIGNATURE, X2_SIGNATURE_SIZE); 523 hdr->fw_load_addr = cpu_to_le32(ISL38XX_DEV_FIRMWARE_ADDR); 524 hdr->fw_length = cpu_to_le32(priv->fw->size); 525 hdr->crc = cpu_to_le32(~crc32_le(~0, (void *)&hdr->fw_load_addr, 526 sizeof(u32)*2)); 527 left -= sizeof(*hdr); 528 tmp += sizeof(*hdr); 529 530 while (remains) { 531 while (left--) { 532 if (carry) { 533 *tmp++ = carry; 534 carry = 0; 535 remains--; 536 continue; 537 } 538 switch (*data) { 539 case '~': 540 *tmp++ = '}'; 541 carry = '^'; 542 break; 543 case '}': 544 *tmp++ = '}'; 545 carry = ']'; 546 break; 547 default: 548 *tmp++ = *data; 549 remains--; 550 break; 551 } 552 data++; 553 } 554 555 err = p54u_bulk_msg(priv, P54U_PIPE_DATA, buf, block_size); 556 if (err) { 557 dev_err(&priv->udev->dev, "(p54usb) firmware " 558 "upload failed!\n"); 559 goto err_upload_failed; 560 } 561 562 tmp = buf; 563 left = block_size = min((unsigned int)P54U_FW_BLOCK, remains); 564 } 565 566 *((__le32 *)buf) = cpu_to_le32(~crc32_le(~0, priv->fw->data, 567 priv->fw->size)); 568 err = p54u_bulk_msg(priv, P54U_PIPE_DATA, buf, sizeof(u32)); 569 if (err) { 570 dev_err(&priv->udev->dev, "(p54usb) firmware upload failed!\n"); 571 goto err_upload_failed; 572 } 573 timeout = jiffies + msecs_to_jiffies(1000); 574 while (!(err = usb_bulk_msg(priv->udev, 575 usb_rcvbulkpipe(priv->udev, P54U_PIPE_DATA), buf, 128, &alen, 1000))) { 576 if (alen > 2 && !memcmp(buf, "OK", 2)) 577 break; 578 579 if (alen > 5 && !memcmp(buf, "ERROR", 5)) { 580 err = -EINVAL; 581 break; 582 } 583 584 if (time_after(jiffies, timeout)) { 585 dev_err(&priv->udev->dev, "(p54usb) firmware boot " 586 "timed out!\n"); 587 err = -ETIMEDOUT; 588 break; 589 } 590 } 591 if (err) { 592 dev_err(&priv->udev->dev, "(p54usb) firmware upload failed!\n"); 593 goto err_upload_failed; 594 } 595 596 buf[0] = 'g'; 597 buf[1] = '\r'; 598 err = p54u_bulk_msg(priv, P54U_PIPE_DATA, buf, 2); 599 if (err) { 600 dev_err(&priv->udev->dev, "(p54usb) firmware boot failed!\n"); 601 goto err_upload_failed; 602 } 603 604 timeout = jiffies + msecs_to_jiffies(1000); 605 while (!(err = usb_bulk_msg(priv->udev, 606 usb_rcvbulkpipe(priv->udev, P54U_PIPE_DATA), buf, 128, &alen, 1000))) { 607 if (alen > 0 && buf[0] == 'g') 608 break; 609 610 if (time_after(jiffies, timeout)) { 611 err = -ETIMEDOUT; 612 break; 613 } 614 } 615 if (err) 616 goto err_upload_failed; 617 618 err_upload_failed: 619 kfree(buf); 620 return err; 621 } 622 623 static int p54u_upload_firmware_net2280(struct ieee80211_hw *dev) 624 { 625 struct p54u_priv *priv = dev->priv; 626 const struct p54p_csr *devreg = (const struct p54p_csr *) P54U_DEV_BASE; 627 int err, alen; 628 void *buf; 629 __le32 reg; 630 unsigned int remains, offset; 631 const u8 *data; 632 633 buf = kmalloc(512, GFP_KERNEL); 634 if (!buf) 635 return -ENOMEM; 636 637 #define P54U_WRITE(type, addr, data) \ 638 do {\ 639 err = p54u_write(priv, buf, type,\ 640 cpu_to_le32((u32)(unsigned long)addr), data);\ 641 if (err) \ 642 goto fail;\ 643 } while (0) 644 645 #define P54U_READ(type, addr) \ 646 do {\ 647 err = p54u_read(priv, buf, type,\ 648 cpu_to_le32((u32)(unsigned long)addr), ®);\ 649 if (err)\ 650 goto fail;\ 651 } while (0) 652 653 /* power down net2280 bridge */ 654 P54U_READ(NET2280_BRG_U32, NET2280_GPIOCTL); 655 reg |= cpu_to_le32(P54U_BRG_POWER_DOWN); 656 reg &= cpu_to_le32(~P54U_BRG_POWER_UP); 657 P54U_WRITE(NET2280_BRG_U32, NET2280_GPIOCTL, reg); 658 659 mdelay(100); 660 661 /* power up bridge */ 662 reg |= cpu_to_le32(P54U_BRG_POWER_UP); 663 reg &= cpu_to_le32(~P54U_BRG_POWER_DOWN); 664 P54U_WRITE(NET2280_BRG_U32, NET2280_GPIOCTL, reg); 665 666 mdelay(100); 667 668 P54U_WRITE(NET2280_BRG_U32, NET2280_DEVINIT, 669 cpu_to_le32(NET2280_CLK_30Mhz | 670 NET2280_PCI_ENABLE | 671 NET2280_PCI_SOFT_RESET)); 672 673 mdelay(20); 674 675 P54U_WRITE(NET2280_BRG_CFG_U16, PCI_COMMAND, 676 cpu_to_le32(PCI_COMMAND_MEMORY | 677 PCI_COMMAND_MASTER)); 678 679 P54U_WRITE(NET2280_BRG_CFG_U32, PCI_BASE_ADDRESS_0, 680 cpu_to_le32(NET2280_BASE)); 681 682 P54U_READ(NET2280_BRG_CFG_U16, PCI_STATUS); 683 reg |= cpu_to_le32(PCI_STATUS_REC_MASTER_ABORT); 684 P54U_WRITE(NET2280_BRG_CFG_U16, PCI_STATUS, reg); 685 686 // TODO: we really need this? 687 P54U_READ(NET2280_BRG_U32, NET2280_RELNUM); 688 689 P54U_WRITE(NET2280_BRG_U32, NET2280_EPA_RSP, 690 cpu_to_le32(NET2280_CLEAR_NAK_OUT_PACKETS_MODE)); 691 P54U_WRITE(NET2280_BRG_U32, NET2280_EPC_RSP, 692 cpu_to_le32(NET2280_CLEAR_NAK_OUT_PACKETS_MODE)); 693 694 P54U_WRITE(NET2280_BRG_CFG_U32, PCI_BASE_ADDRESS_2, 695 cpu_to_le32(NET2280_BASE2)); 696 697 /* finally done setting up the bridge */ 698 699 P54U_WRITE(NET2280_DEV_CFG_U16, 0x10000 | PCI_COMMAND, 700 cpu_to_le32(PCI_COMMAND_MEMORY | 701 PCI_COMMAND_MASTER)); 702 703 P54U_WRITE(NET2280_DEV_CFG_U16, 0x10000 | 0x40 /* TRDY timeout */, 0); 704 P54U_WRITE(NET2280_DEV_CFG_U32, 0x10000 | PCI_BASE_ADDRESS_0, 705 cpu_to_le32(P54U_DEV_BASE)); 706 707 P54U_WRITE(NET2280_BRG_U32, NET2280_USBIRQENB1, 0); 708 P54U_WRITE(NET2280_BRG_U32, NET2280_IRQSTAT1, 709 cpu_to_le32(NET2280_PCI_INTA_INTERRUPT)); 710 711 /* do romboot */ 712 P54U_WRITE(NET2280_DEV_U32, &devreg->int_enable, 0); 713 714 P54U_READ(NET2280_DEV_U32, &devreg->ctrl_stat); 715 reg &= cpu_to_le32(~ISL38XX_CTRL_STAT_RESET); 716 reg &= cpu_to_le32(~ISL38XX_CTRL_STAT_RAMBOOT); 717 reg &= cpu_to_le32(~ISL38XX_CTRL_STAT_CLKRUN); 718 P54U_WRITE(NET2280_DEV_U32, &devreg->ctrl_stat, reg); 719 720 mdelay(20); 721 722 reg |= cpu_to_le32(ISL38XX_CTRL_STAT_RESET); 723 P54U_WRITE(NET2280_DEV_U32, &devreg->ctrl_stat, reg); 724 725 mdelay(20); 726 727 reg &= cpu_to_le32(~ISL38XX_CTRL_STAT_RESET); 728 P54U_WRITE(NET2280_DEV_U32, &devreg->ctrl_stat, reg); 729 730 mdelay(100); 731 732 P54U_READ(NET2280_DEV_U32, &devreg->int_ident); 733 P54U_WRITE(NET2280_DEV_U32, &devreg->int_ack, reg); 734 735 /* finally, we can upload firmware now! */ 736 remains = priv->fw->size; 737 data = priv->fw->data; 738 offset = ISL38XX_DEV_FIRMWARE_ADDR; 739 740 while (remains) { 741 unsigned int block_len = min(remains, (unsigned int)512); 742 memcpy(buf, data, block_len); 743 744 err = p54u_bulk_msg(priv, P54U_PIPE_DATA, buf, block_len); 745 if (err) { 746 dev_err(&priv->udev->dev, "(p54usb) firmware block " 747 "upload failed\n"); 748 goto fail; 749 } 750 751 P54U_WRITE(NET2280_DEV_U32, &devreg->direct_mem_base, 752 cpu_to_le32(0xc0000f00)); 753 754 P54U_WRITE(NET2280_DEV_U32, 755 0x0020 | (unsigned long)&devreg->direct_mem_win, 0); 756 P54U_WRITE(NET2280_DEV_U32, 757 0x0020 | (unsigned long)&devreg->direct_mem_win, 758 cpu_to_le32(1)); 759 760 P54U_WRITE(NET2280_DEV_U32, 761 0x0024 | (unsigned long)&devreg->direct_mem_win, 762 cpu_to_le32(block_len)); 763 P54U_WRITE(NET2280_DEV_U32, 764 0x0028 | (unsigned long)&devreg->direct_mem_win, 765 cpu_to_le32(offset)); 766 767 P54U_WRITE(NET2280_DEV_U32, &devreg->dma_addr, 768 cpu_to_le32(NET2280_EPA_FIFO_PCI_ADDR)); 769 P54U_WRITE(NET2280_DEV_U32, &devreg->dma_len, 770 cpu_to_le32(block_len >> 2)); 771 P54U_WRITE(NET2280_DEV_U32, &devreg->dma_ctrl, 772 cpu_to_le32(ISL38XX_DMA_MASTER_CONTROL_TRIGGER)); 773 774 mdelay(10); 775 776 P54U_READ(NET2280_DEV_U32, 777 0x002C | (unsigned long)&devreg->direct_mem_win); 778 if (!(reg & cpu_to_le32(ISL38XX_DMA_STATUS_DONE)) || 779 !(reg & cpu_to_le32(ISL38XX_DMA_STATUS_READY))) { 780 dev_err(&priv->udev->dev, "(p54usb) firmware DMA " 781 "transfer failed\n"); 782 goto fail; 783 } 784 785 P54U_WRITE(NET2280_BRG_U32, NET2280_EPA_STAT, 786 cpu_to_le32(NET2280_FIFO_FLUSH)); 787 788 remains -= block_len; 789 data += block_len; 790 offset += block_len; 791 } 792 793 /* do ramboot */ 794 P54U_READ(NET2280_DEV_U32, &devreg->ctrl_stat); 795 reg &= cpu_to_le32(~ISL38XX_CTRL_STAT_RESET); 796 reg &= cpu_to_le32(~ISL38XX_CTRL_STAT_CLKRUN); 797 reg |= cpu_to_le32(ISL38XX_CTRL_STAT_RAMBOOT); 798 P54U_WRITE(NET2280_DEV_U32, &devreg->ctrl_stat, reg); 799 800 mdelay(20); 801 802 reg |= cpu_to_le32(ISL38XX_CTRL_STAT_RESET); 803 P54U_WRITE(NET2280_DEV_U32, &devreg->ctrl_stat, reg); 804 805 reg &= cpu_to_le32(~ISL38XX_CTRL_STAT_RESET); 806 P54U_WRITE(NET2280_DEV_U32, &devreg->ctrl_stat, reg); 807 808 mdelay(100); 809 810 P54U_READ(NET2280_DEV_U32, &devreg->int_ident); 811 P54U_WRITE(NET2280_DEV_U32, &devreg->int_ack, reg); 812 813 /* start up the firmware */ 814 P54U_WRITE(NET2280_DEV_U32, &devreg->int_enable, 815 cpu_to_le32(ISL38XX_INT_IDENT_INIT)); 816 817 P54U_WRITE(NET2280_BRG_U32, NET2280_IRQSTAT1, 818 cpu_to_le32(NET2280_PCI_INTA_INTERRUPT)); 819 820 P54U_WRITE(NET2280_BRG_U32, NET2280_USBIRQENB1, 821 cpu_to_le32(NET2280_PCI_INTA_INTERRUPT_ENABLE | 822 NET2280_USB_INTERRUPT_ENABLE)); 823 824 P54U_WRITE(NET2280_DEV_U32, &devreg->dev_int, 825 cpu_to_le32(ISL38XX_DEV_INT_RESET)); 826 827 err = usb_interrupt_msg(priv->udev, 828 usb_rcvbulkpipe(priv->udev, P54U_PIPE_INT), 829 buf, sizeof(__le32), &alen, 1000); 830 if (err || alen != sizeof(__le32)) 831 goto fail; 832 833 P54U_READ(NET2280_DEV_U32, &devreg->int_ident); 834 P54U_WRITE(NET2280_DEV_U32, &devreg->int_ack, reg); 835 836 if (!(reg & cpu_to_le32(ISL38XX_INT_IDENT_INIT))) 837 err = -EINVAL; 838 839 P54U_WRITE(NET2280_BRG_U32, NET2280_USBIRQENB1, 0); 840 P54U_WRITE(NET2280_BRG_U32, NET2280_IRQSTAT1, 841 cpu_to_le32(NET2280_PCI_INTA_INTERRUPT)); 842 843 #undef P54U_WRITE 844 #undef P54U_READ 845 846 fail: 847 kfree(buf); 848 return err; 849 } 850 851 static int p54_find_type(struct p54u_priv *priv) 852 { 853 int i; 854 855 for (i = 0; i < __NUM_P54U_HWTYPES; i++) 856 if (p54u_fwlist[i].type == priv->hw_type) 857 break; 858 if (i == __NUM_P54U_HWTYPES) 859 return -EOPNOTSUPP; 860 861 return i; 862 } 863 864 static int p54u_start_ops(struct p54u_priv *priv) 865 { 866 struct ieee80211_hw *dev = priv->common.hw; 867 int ret; 868 869 ret = p54_parse_firmware(dev, priv->fw); 870 if (ret) 871 goto err_out; 872 873 ret = p54_find_type(priv); 874 if (ret < 0) 875 goto err_out; 876 877 if (priv->common.fw_interface != p54u_fwlist[ret].intf) { 878 dev_err(&priv->udev->dev, "wrong firmware, please get " 879 "a firmware for \"%s\" and try again.\n", 880 p54u_fwlist[ret].hw); 881 ret = -ENODEV; 882 goto err_out; 883 } 884 885 ret = priv->upload_fw(dev); 886 if (ret) 887 goto err_out; 888 889 ret = p54u_open(dev); 890 if (ret) 891 goto err_out; 892 893 ret = p54_read_eeprom(dev); 894 if (ret) 895 goto err_stop; 896 897 p54u_stop(dev); 898 899 ret = p54_register_common(dev, &priv->udev->dev); 900 if (ret) 901 goto err_stop; 902 903 return 0; 904 905 err_stop: 906 p54u_stop(dev); 907 908 err_out: 909 /* 910 * p54u_disconnect will do the rest of the 911 * cleanup 912 */ 913 return ret; 914 } 915 916 static void p54u_load_firmware_cb(const struct firmware *firmware, 917 void *context) 918 { 919 struct p54u_priv *priv = context; 920 struct usb_device *udev = priv->udev; 921 int err; 922 923 complete(&priv->fw_wait_load); 924 if (firmware) { 925 priv->fw = firmware; 926 err = p54u_start_ops(priv); 927 } else { 928 err = -ENOENT; 929 dev_err(&udev->dev, "Firmware not found.\n"); 930 } 931 932 if (err) { 933 struct device *parent = priv->udev->dev.parent; 934 935 dev_err(&udev->dev, "failed to initialize device (%d)\n", err); 936 937 if (parent) 938 device_lock(parent); 939 940 device_release_driver(&udev->dev); 941 /* 942 * At this point p54u_disconnect has already freed 943 * the "priv" context. Do not use it anymore! 944 */ 945 priv = NULL; 946 947 if (parent) 948 device_unlock(parent); 949 } 950 951 usb_put_dev(udev); 952 } 953 954 static int p54u_load_firmware(struct ieee80211_hw *dev, 955 struct usb_interface *intf) 956 { 957 struct usb_device *udev = interface_to_usbdev(intf); 958 struct p54u_priv *priv = dev->priv; 959 struct device *device = &udev->dev; 960 int err, i; 961 962 BUILD_BUG_ON(ARRAY_SIZE(p54u_fwlist) != __NUM_P54U_HWTYPES); 963 964 init_completion(&priv->fw_wait_load); 965 i = p54_find_type(priv); 966 if (i < 0) 967 return i; 968 969 dev_info(&priv->udev->dev, "Loading firmware file %s\n", 970 p54u_fwlist[i].fw); 971 972 usb_get_dev(udev); 973 err = request_firmware_nowait(THIS_MODULE, 1, p54u_fwlist[i].fw, 974 device, GFP_KERNEL, priv, 975 p54u_load_firmware_cb); 976 if (err) { 977 dev_err(&priv->udev->dev, "(p54usb) cannot load firmware %s " 978 "(%d)!\n", p54u_fwlist[i].fw, err); 979 usb_put_dev(udev); 980 } 981 982 return err; 983 } 984 985 static int p54u_probe(struct usb_interface *intf, 986 const struct usb_device_id *id) 987 { 988 struct usb_device *udev = interface_to_usbdev(intf); 989 struct ieee80211_hw *dev; 990 struct p54u_priv *priv; 991 int err; 992 unsigned int i, recognized_pipes; 993 994 dev = p54_init_common(sizeof(*priv)); 995 996 if (!dev) { 997 dev_err(&udev->dev, "(p54usb) ieee80211 alloc failed\n"); 998 return -ENOMEM; 999 } 1000 1001 priv = dev->priv; 1002 priv->hw_type = P54U_INVALID_HW; 1003 1004 SET_IEEE80211_DEV(dev, &intf->dev); 1005 usb_set_intfdata(intf, dev); 1006 priv->udev = udev; 1007 priv->intf = intf; 1008 skb_queue_head_init(&priv->rx_queue); 1009 init_usb_anchor(&priv->submitted); 1010 1011 usb_get_dev(udev); 1012 1013 /* really lazy and simple way of figuring out if we're a 3887 */ 1014 /* TODO: should just stick the identification in the device table */ 1015 i = intf->altsetting->desc.bNumEndpoints; 1016 recognized_pipes = 0; 1017 while (i--) { 1018 switch (intf->altsetting->endpoint[i].desc.bEndpointAddress) { 1019 case P54U_PIPE_DATA: 1020 case P54U_PIPE_MGMT: 1021 case P54U_PIPE_BRG: 1022 case P54U_PIPE_DEV: 1023 case P54U_PIPE_DATA | USB_DIR_IN: 1024 case P54U_PIPE_MGMT | USB_DIR_IN: 1025 case P54U_PIPE_BRG | USB_DIR_IN: 1026 case P54U_PIPE_DEV | USB_DIR_IN: 1027 case P54U_PIPE_INT | USB_DIR_IN: 1028 recognized_pipes++; 1029 } 1030 } 1031 priv->common.open = p54u_open; 1032 priv->common.stop = p54u_stop; 1033 if (recognized_pipes < P54U_PIPE_NUMBER) { 1034 #ifdef CONFIG_PM 1035 /* ISL3887 needs a full reset on resume */ 1036 udev->reset_resume = 1; 1037 #endif /* CONFIG_PM */ 1038 err = p54u_device_reset(dev); 1039 1040 priv->hw_type = P54U_3887; 1041 dev->extra_tx_headroom += sizeof(struct lm87_tx_hdr); 1042 priv->common.tx_hdr_len = sizeof(struct lm87_tx_hdr); 1043 priv->common.tx = p54u_tx_lm87; 1044 priv->upload_fw = p54u_upload_firmware_3887; 1045 } else { 1046 priv->hw_type = P54U_NET2280; 1047 dev->extra_tx_headroom += sizeof(struct net2280_tx_hdr); 1048 priv->common.tx_hdr_len = sizeof(struct net2280_tx_hdr); 1049 priv->common.tx = p54u_tx_net2280; 1050 priv->upload_fw = p54u_upload_firmware_net2280; 1051 } 1052 err = p54u_load_firmware(dev, intf); 1053 if (err) { 1054 usb_put_dev(udev); 1055 p54_free_common(dev); 1056 } 1057 return err; 1058 } 1059 1060 static void p54u_disconnect(struct usb_interface *intf) 1061 { 1062 struct ieee80211_hw *dev = usb_get_intfdata(intf); 1063 struct p54u_priv *priv; 1064 1065 if (!dev) 1066 return; 1067 1068 priv = dev->priv; 1069 wait_for_completion(&priv->fw_wait_load); 1070 p54_unregister_common(dev); 1071 1072 usb_put_dev(interface_to_usbdev(intf)); 1073 release_firmware(priv->fw); 1074 p54_free_common(dev); 1075 } 1076 1077 static int p54u_pre_reset(struct usb_interface *intf) 1078 { 1079 struct ieee80211_hw *dev = usb_get_intfdata(intf); 1080 1081 if (!dev) 1082 return -ENODEV; 1083 1084 p54u_stop(dev); 1085 return 0; 1086 } 1087 1088 static int p54u_resume(struct usb_interface *intf) 1089 { 1090 struct ieee80211_hw *dev = usb_get_intfdata(intf); 1091 struct p54u_priv *priv; 1092 1093 if (!dev) 1094 return -ENODEV; 1095 1096 priv = dev->priv; 1097 if (unlikely(!(priv->upload_fw && priv->fw))) 1098 return 0; 1099 1100 return priv->upload_fw(dev); 1101 } 1102 1103 static int p54u_post_reset(struct usb_interface *intf) 1104 { 1105 struct ieee80211_hw *dev = usb_get_intfdata(intf); 1106 struct p54u_priv *priv; 1107 int err; 1108 1109 err = p54u_resume(intf); 1110 if (err) 1111 return err; 1112 1113 /* reinitialize old device state */ 1114 priv = dev->priv; 1115 if (priv->common.mode != NL80211_IFTYPE_UNSPECIFIED) 1116 ieee80211_restart_hw(dev); 1117 1118 return 0; 1119 } 1120 1121 #ifdef CONFIG_PM 1122 1123 static int p54u_suspend(struct usb_interface *intf, pm_message_t message) 1124 { 1125 return p54u_pre_reset(intf); 1126 } 1127 1128 #endif /* CONFIG_PM */ 1129 1130 static struct usb_driver p54u_driver = { 1131 .name = "p54usb", 1132 .id_table = p54u_table, 1133 .probe = p54u_probe, 1134 .disconnect = p54u_disconnect, 1135 .pre_reset = p54u_pre_reset, 1136 .post_reset = p54u_post_reset, 1137 #ifdef CONFIG_PM 1138 .suspend = p54u_suspend, 1139 .resume = p54u_resume, 1140 .reset_resume = p54u_resume, 1141 #endif /* CONFIG_PM */ 1142 .soft_unbind = 1, 1143 .disable_hub_initiated_lpm = 1, 1144 }; 1145 1146 module_usb_driver(p54u_driver); 1147