1 // SPDX-License-Identifier: GPL-2.0-or-later 2 /* ZD1211 USB-WLAN driver for Linux 3 * 4 * Copyright (C) 2005-2007 Ulrich Kunitz <kune@deine-taler.de> 5 * Copyright (C) 2006-2007 Daniel Drake <dsd@gentoo.org> 6 * Copyright (C) 2006-2007 Michael Wu <flamingice@sourmilk.net> 7 */ 8 9 #include <linux/kernel.h> 10 #include <linux/init.h> 11 #include <linux/firmware.h> 12 #include <linux/device.h> 13 #include <linux/errno.h> 14 #include <linux/slab.h> 15 #include <linux/skbuff.h> 16 #include <linux/usb.h> 17 #include <linux/workqueue.h> 18 #include <linux/module.h> 19 #include <net/mac80211.h> 20 #include <asm/unaligned.h> 21 22 #include "zd_def.h" 23 #include "zd_mac.h" 24 #include "zd_usb.h" 25 26 static const struct usb_device_id usb_ids[] = { 27 /* ZD1211 */ 28 { USB_DEVICE(0x0105, 0x145f), .driver_info = DEVICE_ZD1211 }, 29 { USB_DEVICE(0x0586, 0x3401), .driver_info = DEVICE_ZD1211 }, 30 { USB_DEVICE(0x0586, 0x3402), .driver_info = DEVICE_ZD1211 }, 31 { USB_DEVICE(0x0586, 0x3407), .driver_info = DEVICE_ZD1211 }, 32 { USB_DEVICE(0x0586, 0x3409), .driver_info = DEVICE_ZD1211 }, 33 { USB_DEVICE(0x079b, 0x004a), .driver_info = DEVICE_ZD1211 }, 34 { USB_DEVICE(0x07b8, 0x6001), .driver_info = DEVICE_ZD1211 }, 35 { USB_DEVICE(0x0ace, 0x1211), .driver_info = DEVICE_ZD1211 }, 36 { USB_DEVICE(0x0ace, 0xa211), .driver_info = DEVICE_ZD1211 }, 37 { USB_DEVICE(0x0b05, 0x170c), .driver_info = DEVICE_ZD1211 }, 38 { USB_DEVICE(0x0b3b, 0x1630), .driver_info = DEVICE_ZD1211 }, 39 { USB_DEVICE(0x0b3b, 0x5630), .driver_info = DEVICE_ZD1211 }, 40 { USB_DEVICE(0x0df6, 0x9071), .driver_info = DEVICE_ZD1211 }, 41 { USB_DEVICE(0x0df6, 0x9075), .driver_info = DEVICE_ZD1211 }, 42 { USB_DEVICE(0x126f, 0xa006), .driver_info = DEVICE_ZD1211 }, 43 { USB_DEVICE(0x129b, 0x1666), .driver_info = DEVICE_ZD1211 }, 44 { USB_DEVICE(0x13b1, 0x001e), .driver_info = DEVICE_ZD1211 }, 45 { USB_DEVICE(0x1435, 0x0711), .driver_info = DEVICE_ZD1211 }, 46 { USB_DEVICE(0x14ea, 0xab10), .driver_info = DEVICE_ZD1211 }, 47 { USB_DEVICE(0x14ea, 0xab13), .driver_info = DEVICE_ZD1211 }, 48 { USB_DEVICE(0x157e, 0x300a), .driver_info = DEVICE_ZD1211 }, 49 { USB_DEVICE(0x157e, 0x300b), .driver_info = DEVICE_ZD1211 }, 50 { USB_DEVICE(0x157e, 0x3204), .driver_info = DEVICE_ZD1211 }, 51 { USB_DEVICE(0x157e, 0x3207), .driver_info = DEVICE_ZD1211 }, 52 { USB_DEVICE(0x1740, 0x2000), .driver_info = DEVICE_ZD1211 }, 53 { USB_DEVICE(0x6891, 0xa727), .driver_info = DEVICE_ZD1211 }, 54 /* ZD1211B */ 55 { USB_DEVICE(0x0053, 0x5301), .driver_info = DEVICE_ZD1211B }, 56 { USB_DEVICE(0x0409, 0x0248), .driver_info = DEVICE_ZD1211B }, 57 { USB_DEVICE(0x0411, 0x00da), .driver_info = DEVICE_ZD1211B }, 58 { USB_DEVICE(0x0471, 0x1236), .driver_info = DEVICE_ZD1211B }, 59 { USB_DEVICE(0x0471, 0x1237), .driver_info = DEVICE_ZD1211B }, 60 { USB_DEVICE(0x050d, 0x705c), .driver_info = DEVICE_ZD1211B }, 61 { USB_DEVICE(0x054c, 0x0257), .driver_info = DEVICE_ZD1211B }, 62 { USB_DEVICE(0x0586, 0x340a), .driver_info = DEVICE_ZD1211B }, 63 { USB_DEVICE(0x0586, 0x340f), .driver_info = DEVICE_ZD1211B }, 64 { USB_DEVICE(0x0586, 0x3410), .driver_info = DEVICE_ZD1211B }, 65 { USB_DEVICE(0x0586, 0x3412), .driver_info = DEVICE_ZD1211B }, 66 { USB_DEVICE(0x0586, 0x3413), .driver_info = DEVICE_ZD1211B }, 67 { USB_DEVICE(0x079b, 0x0062), .driver_info = DEVICE_ZD1211B }, 68 { USB_DEVICE(0x07fa, 0x1196), .driver_info = DEVICE_ZD1211B }, 69 { USB_DEVICE(0x083a, 0x4505), .driver_info = DEVICE_ZD1211B }, 70 { USB_DEVICE(0x083a, 0xe501), .driver_info = DEVICE_ZD1211B }, 71 { USB_DEVICE(0x083a, 0xe503), .driver_info = DEVICE_ZD1211B }, 72 { USB_DEVICE(0x083a, 0xe506), .driver_info = DEVICE_ZD1211B }, 73 { USB_DEVICE(0x0ace, 0x1215), .driver_info = DEVICE_ZD1211B }, 74 { USB_DEVICE(0x0ace, 0xb215), .driver_info = DEVICE_ZD1211B }, 75 { USB_DEVICE(0x0b05, 0x171b), .driver_info = DEVICE_ZD1211B }, 76 { USB_DEVICE(0x0baf, 0x0121), .driver_info = DEVICE_ZD1211B }, 77 { USB_DEVICE(0x0cde, 0x001a), .driver_info = DEVICE_ZD1211B }, 78 { USB_DEVICE(0x0df6, 0x0036), .driver_info = DEVICE_ZD1211B }, 79 { USB_DEVICE(0x129b, 0x1667), .driver_info = DEVICE_ZD1211B }, 80 { USB_DEVICE(0x13b1, 0x0024), .driver_info = DEVICE_ZD1211B }, 81 { USB_DEVICE(0x157e, 0x300d), .driver_info = DEVICE_ZD1211B }, 82 { USB_DEVICE(0x1582, 0x6003), .driver_info = DEVICE_ZD1211B }, 83 { USB_DEVICE(0x2019, 0x5303), .driver_info = DEVICE_ZD1211B }, 84 { USB_DEVICE(0x2019, 0xed01), .driver_info = DEVICE_ZD1211B }, 85 /* "Driverless" devices that need ejecting */ 86 { USB_DEVICE(0x0ace, 0x2011), .driver_info = DEVICE_INSTALLER }, 87 { USB_DEVICE(0x0ace, 0x20ff), .driver_info = DEVICE_INSTALLER }, 88 {} 89 }; 90 91 MODULE_LICENSE("GPL"); 92 MODULE_DESCRIPTION("USB driver for devices with the ZD1211 chip."); 93 MODULE_AUTHOR("Ulrich Kunitz"); 94 MODULE_AUTHOR("Daniel Drake"); 95 MODULE_VERSION("1.0"); 96 MODULE_DEVICE_TABLE(usb, usb_ids); 97 98 #define FW_ZD1211_PREFIX "zd1211/zd1211_" 99 #define FW_ZD1211B_PREFIX "zd1211/zd1211b_" 100 101 static bool check_read_regs(struct zd_usb *usb, struct usb_req_read_regs *req, 102 unsigned int count); 103 104 /* USB device initialization */ 105 static void int_urb_complete(struct urb *urb); 106 107 static int request_fw_file( 108 const struct firmware **fw, const char *name, struct device *device) 109 { 110 int r; 111 112 dev_dbg_f(device, "fw name %s\n", name); 113 114 r = request_firmware(fw, name, device); 115 if (r) 116 dev_err(device, 117 "Could not load firmware file %s. Error number %d\n", 118 name, r); 119 return r; 120 } 121 122 static inline u16 get_bcdDevice(const struct usb_device *udev) 123 { 124 return le16_to_cpu(udev->descriptor.bcdDevice); 125 } 126 127 enum upload_code_flags { 128 REBOOT = 1, 129 }; 130 131 /* Ensures that MAX_TRANSFER_SIZE is even. */ 132 #define MAX_TRANSFER_SIZE (USB_MAX_TRANSFER_SIZE & ~1) 133 134 static int upload_code(struct usb_device *udev, 135 const u8 *data, size_t size, u16 code_offset, int flags) 136 { 137 u8 *p; 138 int r; 139 140 /* USB request blocks need "kmalloced" buffers. 141 */ 142 p = kmalloc(MAX_TRANSFER_SIZE, GFP_KERNEL); 143 if (!p) { 144 r = -ENOMEM; 145 goto error; 146 } 147 148 size &= ~1; 149 while (size > 0) { 150 size_t transfer_size = size <= MAX_TRANSFER_SIZE ? 151 size : MAX_TRANSFER_SIZE; 152 153 dev_dbg_f(&udev->dev, "transfer size %zu\n", transfer_size); 154 155 memcpy(p, data, transfer_size); 156 r = usb_control_msg(udev, usb_sndctrlpipe(udev, 0), 157 USB_REQ_FIRMWARE_DOWNLOAD, 158 USB_DIR_OUT | USB_TYPE_VENDOR, 159 code_offset, 0, p, transfer_size, 1000 /* ms */); 160 if (r < 0) { 161 dev_err(&udev->dev, 162 "USB control request for firmware upload" 163 " failed. Error number %d\n", r); 164 goto error; 165 } 166 transfer_size = r & ~1; 167 168 size -= transfer_size; 169 data += transfer_size; 170 code_offset += transfer_size/sizeof(u16); 171 } 172 173 if (flags & REBOOT) { 174 u8 ret; 175 176 /* Use "DMA-aware" buffer. */ 177 r = usb_control_msg(udev, usb_rcvctrlpipe(udev, 0), 178 USB_REQ_FIRMWARE_CONFIRM, 179 USB_DIR_IN | USB_TYPE_VENDOR, 180 0, 0, p, sizeof(ret), 5000 /* ms */); 181 if (r != sizeof(ret)) { 182 dev_err(&udev->dev, 183 "control request firmware confirmation failed." 184 " Return value %d\n", r); 185 if (r >= 0) 186 r = -ENODEV; 187 goto error; 188 } 189 ret = p[0]; 190 if (ret & 0x80) { 191 dev_err(&udev->dev, 192 "Internal error while downloading." 193 " Firmware confirm return value %#04x\n", 194 (unsigned int)ret); 195 r = -ENODEV; 196 goto error; 197 } 198 dev_dbg_f(&udev->dev, "firmware confirm return value %#04x\n", 199 (unsigned int)ret); 200 } 201 202 r = 0; 203 error: 204 kfree(p); 205 return r; 206 } 207 208 static u16 get_word(const void *data, u16 offset) 209 { 210 const __le16 *p = data; 211 return le16_to_cpu(p[offset]); 212 } 213 214 static char *get_fw_name(struct zd_usb *usb, char *buffer, size_t size, 215 const char* postfix) 216 { 217 scnprintf(buffer, size, "%s%s", 218 usb->is_zd1211b ? 219 FW_ZD1211B_PREFIX : FW_ZD1211_PREFIX, 220 postfix); 221 return buffer; 222 } 223 224 static int handle_version_mismatch(struct zd_usb *usb, 225 const struct firmware *ub_fw) 226 { 227 struct usb_device *udev = zd_usb_to_usbdev(usb); 228 const struct firmware *ur_fw = NULL; 229 int offset; 230 int r = 0; 231 char fw_name[128]; 232 233 r = request_fw_file(&ur_fw, 234 get_fw_name(usb, fw_name, sizeof(fw_name), "ur"), 235 &udev->dev); 236 if (r) 237 goto error; 238 239 r = upload_code(udev, ur_fw->data, ur_fw->size, FW_START, REBOOT); 240 if (r) 241 goto error; 242 243 offset = (E2P_BOOT_CODE_OFFSET * sizeof(u16)); 244 r = upload_code(udev, ub_fw->data + offset, ub_fw->size - offset, 245 E2P_START + E2P_BOOT_CODE_OFFSET, REBOOT); 246 247 /* At this point, the vendor driver downloads the whole firmware 248 * image, hacks around with version IDs, and uploads it again, 249 * completely overwriting the boot code. We do not do this here as 250 * it is not required on any tested devices, and it is suspected to 251 * cause problems. */ 252 error: 253 release_firmware(ur_fw); 254 return r; 255 } 256 257 static int upload_firmware(struct zd_usb *usb) 258 { 259 int r; 260 u16 fw_bcdDevice; 261 u16 bcdDevice; 262 struct usb_device *udev = zd_usb_to_usbdev(usb); 263 const struct firmware *ub_fw = NULL; 264 const struct firmware *uph_fw = NULL; 265 char fw_name[128]; 266 267 bcdDevice = get_bcdDevice(udev); 268 269 r = request_fw_file(&ub_fw, 270 get_fw_name(usb, fw_name, sizeof(fw_name), "ub"), 271 &udev->dev); 272 if (r) 273 goto error; 274 275 fw_bcdDevice = get_word(ub_fw->data, E2P_DATA_OFFSET); 276 277 if (fw_bcdDevice != bcdDevice) { 278 dev_info(&udev->dev, 279 "firmware version %#06x and device bootcode version " 280 "%#06x differ\n", fw_bcdDevice, bcdDevice); 281 if (bcdDevice <= 0x4313) 282 dev_warn(&udev->dev, "device has old bootcode, please " 283 "report success or failure\n"); 284 285 r = handle_version_mismatch(usb, ub_fw); 286 if (r) 287 goto error; 288 } else { 289 dev_dbg_f(&udev->dev, 290 "firmware device id %#06x is equal to the " 291 "actual device id\n", fw_bcdDevice); 292 } 293 294 295 r = request_fw_file(&uph_fw, 296 get_fw_name(usb, fw_name, sizeof(fw_name), "uphr"), 297 &udev->dev); 298 if (r) 299 goto error; 300 301 r = upload_code(udev, uph_fw->data, uph_fw->size, FW_START, REBOOT); 302 if (r) { 303 dev_err(&udev->dev, 304 "Could not upload firmware code uph. Error number %d\n", 305 r); 306 } 307 308 /* FALL-THROUGH */ 309 error: 310 release_firmware(ub_fw); 311 release_firmware(uph_fw); 312 return r; 313 } 314 315 MODULE_FIRMWARE(FW_ZD1211B_PREFIX "ur"); 316 MODULE_FIRMWARE(FW_ZD1211_PREFIX "ur"); 317 MODULE_FIRMWARE(FW_ZD1211B_PREFIX "ub"); 318 MODULE_FIRMWARE(FW_ZD1211_PREFIX "ub"); 319 MODULE_FIRMWARE(FW_ZD1211B_PREFIX "uphr"); 320 MODULE_FIRMWARE(FW_ZD1211_PREFIX "uphr"); 321 322 /* Read data from device address space using "firmware interface" which does 323 * not require firmware to be loaded. */ 324 int zd_usb_read_fw(struct zd_usb *usb, zd_addr_t addr, u8 *data, u16 len) 325 { 326 int r; 327 struct usb_device *udev = zd_usb_to_usbdev(usb); 328 u8 *buf; 329 330 /* Use "DMA-aware" buffer. */ 331 buf = kmalloc(len, GFP_KERNEL); 332 if (!buf) 333 return -ENOMEM; 334 r = usb_control_msg(udev, usb_rcvctrlpipe(udev, 0), 335 USB_REQ_FIRMWARE_READ_DATA, USB_DIR_IN | 0x40, addr, 0, 336 buf, len, 5000); 337 if (r < 0) { 338 dev_err(&udev->dev, 339 "read over firmware interface failed: %d\n", r); 340 goto exit; 341 } else if (r != len) { 342 dev_err(&udev->dev, 343 "incomplete read over firmware interface: %d/%d\n", 344 r, len); 345 r = -EIO; 346 goto exit; 347 } 348 r = 0; 349 memcpy(data, buf, len); 350 exit: 351 kfree(buf); 352 return r; 353 } 354 355 #define urb_dev(urb) (&(urb)->dev->dev) 356 357 static inline void handle_regs_int_override(struct urb *urb) 358 { 359 struct zd_usb *usb = urb->context; 360 struct zd_usb_interrupt *intr = &usb->intr; 361 unsigned long flags; 362 363 spin_lock_irqsave(&intr->lock, flags); 364 if (atomic_read(&intr->read_regs_enabled)) { 365 atomic_set(&intr->read_regs_enabled, 0); 366 intr->read_regs_int_overridden = 1; 367 complete(&intr->read_regs.completion); 368 } 369 spin_unlock_irqrestore(&intr->lock, flags); 370 } 371 372 static inline void handle_regs_int(struct urb *urb) 373 { 374 struct zd_usb *usb = urb->context; 375 struct zd_usb_interrupt *intr = &usb->intr; 376 unsigned long flags; 377 int len; 378 u16 int_num; 379 380 spin_lock_irqsave(&intr->lock, flags); 381 382 int_num = le16_to_cpu(*(__le16 *)(urb->transfer_buffer+2)); 383 if (int_num == CR_INTERRUPT) { 384 struct zd_mac *mac = zd_hw_mac(zd_usb_to_hw(urb->context)); 385 spin_lock(&mac->lock); 386 memcpy(&mac->intr_buffer, urb->transfer_buffer, 387 USB_MAX_EP_INT_BUFFER); 388 spin_unlock(&mac->lock); 389 schedule_work(&mac->process_intr); 390 } else if (atomic_read(&intr->read_regs_enabled)) { 391 len = urb->actual_length; 392 intr->read_regs.length = urb->actual_length; 393 if (len > sizeof(intr->read_regs.buffer)) 394 len = sizeof(intr->read_regs.buffer); 395 396 memcpy(intr->read_regs.buffer, urb->transfer_buffer, len); 397 398 /* Sometimes USB_INT_ID_REGS is not overridden, but comes after 399 * USB_INT_ID_RETRY_FAILED. Read-reg retry then gets this 400 * delayed USB_INT_ID_REGS, but leaves USB_INT_ID_REGS of 401 * retry unhandled. Next read-reg command then might catch 402 * this wrong USB_INT_ID_REGS. Fix by ignoring wrong reads. 403 */ 404 if (!check_read_regs(usb, intr->read_regs.req, 405 intr->read_regs.req_count)) 406 goto out; 407 408 atomic_set(&intr->read_regs_enabled, 0); 409 intr->read_regs_int_overridden = 0; 410 complete(&intr->read_regs.completion); 411 412 goto out; 413 } 414 415 out: 416 spin_unlock_irqrestore(&intr->lock, flags); 417 418 /* CR_INTERRUPT might override read_reg too. */ 419 if (int_num == CR_INTERRUPT && atomic_read(&intr->read_regs_enabled)) 420 handle_regs_int_override(urb); 421 } 422 423 static void int_urb_complete(struct urb *urb) 424 { 425 int r; 426 struct usb_int_header *hdr; 427 struct zd_usb *usb; 428 struct zd_usb_interrupt *intr; 429 430 switch (urb->status) { 431 case 0: 432 break; 433 case -ESHUTDOWN: 434 case -EINVAL: 435 case -ENODEV: 436 case -ENOENT: 437 case -ECONNRESET: 438 case -EPIPE: 439 dev_dbg_f(urb_dev(urb), "urb %p error %d\n", urb, urb->status); 440 return; 441 default: 442 dev_dbg_f(urb_dev(urb), "urb %p error %d\n", urb, urb->status); 443 goto resubmit; 444 } 445 446 if (urb->actual_length < sizeof(hdr)) { 447 dev_dbg_f(urb_dev(urb), "error: urb %p to small\n", urb); 448 goto resubmit; 449 } 450 451 hdr = urb->transfer_buffer; 452 if (hdr->type != USB_INT_TYPE) { 453 dev_dbg_f(urb_dev(urb), "error: urb %p wrong type\n", urb); 454 goto resubmit; 455 } 456 457 /* USB_INT_ID_RETRY_FAILED triggered by tx-urb submit can override 458 * pending USB_INT_ID_REGS causing read command timeout. 459 */ 460 usb = urb->context; 461 intr = &usb->intr; 462 if (hdr->id != USB_INT_ID_REGS && atomic_read(&intr->read_regs_enabled)) 463 handle_regs_int_override(urb); 464 465 switch (hdr->id) { 466 case USB_INT_ID_REGS: 467 handle_regs_int(urb); 468 break; 469 case USB_INT_ID_RETRY_FAILED: 470 zd_mac_tx_failed(urb); 471 break; 472 default: 473 dev_dbg_f(urb_dev(urb), "error: urb %p unknown id %x\n", urb, 474 (unsigned int)hdr->id); 475 goto resubmit; 476 } 477 478 resubmit: 479 r = usb_submit_urb(urb, GFP_ATOMIC); 480 if (r) { 481 dev_dbg_f(urb_dev(urb), "error: resubmit urb %p err code %d\n", 482 urb, r); 483 /* TODO: add worker to reset intr->urb */ 484 } 485 return; 486 } 487 488 static inline int int_urb_interval(struct usb_device *udev) 489 { 490 switch (udev->speed) { 491 case USB_SPEED_HIGH: 492 return 4; 493 case USB_SPEED_LOW: 494 return 10; 495 case USB_SPEED_FULL: 496 default: 497 return 1; 498 } 499 } 500 501 static inline int usb_int_enabled(struct zd_usb *usb) 502 { 503 unsigned long flags; 504 struct zd_usb_interrupt *intr = &usb->intr; 505 struct urb *urb; 506 507 spin_lock_irqsave(&intr->lock, flags); 508 urb = intr->urb; 509 spin_unlock_irqrestore(&intr->lock, flags); 510 return urb != NULL; 511 } 512 513 int zd_usb_enable_int(struct zd_usb *usb) 514 { 515 int r; 516 struct usb_device *udev = zd_usb_to_usbdev(usb); 517 struct zd_usb_interrupt *intr = &usb->intr; 518 struct urb *urb; 519 520 dev_dbg_f(zd_usb_dev(usb), "\n"); 521 522 urb = usb_alloc_urb(0, GFP_KERNEL); 523 if (!urb) { 524 r = -ENOMEM; 525 goto out; 526 } 527 528 ZD_ASSERT(!irqs_disabled()); 529 spin_lock_irq(&intr->lock); 530 if (intr->urb) { 531 spin_unlock_irq(&intr->lock); 532 r = 0; 533 goto error_free_urb; 534 } 535 intr->urb = urb; 536 spin_unlock_irq(&intr->lock); 537 538 r = -ENOMEM; 539 intr->buffer = usb_alloc_coherent(udev, USB_MAX_EP_INT_BUFFER, 540 GFP_KERNEL, &intr->buffer_dma); 541 if (!intr->buffer) { 542 dev_dbg_f(zd_usb_dev(usb), 543 "couldn't allocate transfer_buffer\n"); 544 goto error_set_urb_null; 545 } 546 547 usb_fill_int_urb(urb, udev, usb_rcvintpipe(udev, EP_INT_IN), 548 intr->buffer, USB_MAX_EP_INT_BUFFER, 549 int_urb_complete, usb, 550 intr->interval); 551 urb->transfer_dma = intr->buffer_dma; 552 urb->transfer_flags |= URB_NO_TRANSFER_DMA_MAP; 553 554 dev_dbg_f(zd_usb_dev(usb), "submit urb %p\n", intr->urb); 555 r = usb_submit_urb(urb, GFP_KERNEL); 556 if (r) { 557 dev_dbg_f(zd_usb_dev(usb), 558 "Couldn't submit urb. Error number %d\n", r); 559 goto error; 560 } 561 562 return 0; 563 error: 564 usb_free_coherent(udev, USB_MAX_EP_INT_BUFFER, 565 intr->buffer, intr->buffer_dma); 566 error_set_urb_null: 567 spin_lock_irq(&intr->lock); 568 intr->urb = NULL; 569 spin_unlock_irq(&intr->lock); 570 error_free_urb: 571 usb_free_urb(urb); 572 out: 573 return r; 574 } 575 576 void zd_usb_disable_int(struct zd_usb *usb) 577 { 578 unsigned long flags; 579 struct usb_device *udev = zd_usb_to_usbdev(usb); 580 struct zd_usb_interrupt *intr = &usb->intr; 581 struct urb *urb; 582 void *buffer; 583 dma_addr_t buffer_dma; 584 585 spin_lock_irqsave(&intr->lock, flags); 586 urb = intr->urb; 587 if (!urb) { 588 spin_unlock_irqrestore(&intr->lock, flags); 589 return; 590 } 591 intr->urb = NULL; 592 buffer = intr->buffer; 593 buffer_dma = intr->buffer_dma; 594 intr->buffer = NULL; 595 spin_unlock_irqrestore(&intr->lock, flags); 596 597 usb_kill_urb(urb); 598 dev_dbg_f(zd_usb_dev(usb), "urb %p killed\n", urb); 599 usb_free_urb(urb); 600 601 usb_free_coherent(udev, USB_MAX_EP_INT_BUFFER, buffer, buffer_dma); 602 } 603 604 static void handle_rx_packet(struct zd_usb *usb, const u8 *buffer, 605 unsigned int length) 606 { 607 int i; 608 const struct rx_length_info *length_info; 609 610 if (length < sizeof(struct rx_length_info)) { 611 /* It's not a complete packet anyhow. */ 612 dev_dbg_f(zd_usb_dev(usb), "invalid, small RX packet : %d\n", 613 length); 614 return; 615 } 616 length_info = (struct rx_length_info *) 617 (buffer + length - sizeof(struct rx_length_info)); 618 619 /* It might be that three frames are merged into a single URB 620 * transaction. We have to check for the length info tag. 621 * 622 * While testing we discovered that length_info might be unaligned, 623 * because if USB transactions are merged, the last packet will not 624 * be padded. Unaligned access might also happen if the length_info 625 * structure is not present. 626 */ 627 if (get_unaligned_le16(&length_info->tag) == RX_LENGTH_INFO_TAG) 628 { 629 unsigned int l, k, n; 630 for (i = 0, l = 0;; i++) { 631 k = get_unaligned_le16(&length_info->length[i]); 632 if (k == 0) 633 return; 634 n = l+k; 635 if (n > length) 636 return; 637 zd_mac_rx(zd_usb_to_hw(usb), buffer+l, k); 638 if (i >= 2) 639 return; 640 l = (n+3) & ~3; 641 } 642 } else { 643 zd_mac_rx(zd_usb_to_hw(usb), buffer, length); 644 } 645 } 646 647 static void rx_urb_complete(struct urb *urb) 648 { 649 int r; 650 struct zd_usb *usb; 651 struct zd_usb_rx *rx; 652 const u8 *buffer; 653 unsigned int length; 654 unsigned long flags; 655 656 switch (urb->status) { 657 case 0: 658 break; 659 case -ESHUTDOWN: 660 case -EINVAL: 661 case -ENODEV: 662 case -ENOENT: 663 case -ECONNRESET: 664 case -EPIPE: 665 dev_dbg_f(urb_dev(urb), "urb %p error %d\n", urb, urb->status); 666 return; 667 default: 668 dev_dbg_f(urb_dev(urb), "urb %p error %d\n", urb, urb->status); 669 goto resubmit; 670 } 671 672 buffer = urb->transfer_buffer; 673 length = urb->actual_length; 674 usb = urb->context; 675 rx = &usb->rx; 676 677 tasklet_schedule(&rx->reset_timer_tasklet); 678 679 if (length%rx->usb_packet_size > rx->usb_packet_size-4) { 680 /* If there is an old first fragment, we don't care. */ 681 dev_dbg_f(urb_dev(urb), "*** first fragment ***\n"); 682 ZD_ASSERT(length <= ARRAY_SIZE(rx->fragment)); 683 spin_lock_irqsave(&rx->lock, flags); 684 memcpy(rx->fragment, buffer, length); 685 rx->fragment_length = length; 686 spin_unlock_irqrestore(&rx->lock, flags); 687 goto resubmit; 688 } 689 690 spin_lock_irqsave(&rx->lock, flags); 691 if (rx->fragment_length > 0) { 692 /* We are on a second fragment, we believe */ 693 ZD_ASSERT(length + rx->fragment_length <= 694 ARRAY_SIZE(rx->fragment)); 695 dev_dbg_f(urb_dev(urb), "*** second fragment ***\n"); 696 memcpy(rx->fragment+rx->fragment_length, buffer, length); 697 handle_rx_packet(usb, rx->fragment, 698 rx->fragment_length + length); 699 rx->fragment_length = 0; 700 spin_unlock_irqrestore(&rx->lock, flags); 701 } else { 702 spin_unlock_irqrestore(&rx->lock, flags); 703 handle_rx_packet(usb, buffer, length); 704 } 705 706 resubmit: 707 r = usb_submit_urb(urb, GFP_ATOMIC); 708 if (r) 709 dev_dbg_f(urb_dev(urb), "urb %p resubmit error %d\n", urb, r); 710 } 711 712 static struct urb *alloc_rx_urb(struct zd_usb *usb) 713 { 714 struct usb_device *udev = zd_usb_to_usbdev(usb); 715 struct urb *urb; 716 void *buffer; 717 718 urb = usb_alloc_urb(0, GFP_KERNEL); 719 if (!urb) 720 return NULL; 721 buffer = usb_alloc_coherent(udev, USB_MAX_RX_SIZE, GFP_KERNEL, 722 &urb->transfer_dma); 723 if (!buffer) { 724 usb_free_urb(urb); 725 return NULL; 726 } 727 728 usb_fill_bulk_urb(urb, udev, usb_rcvbulkpipe(udev, EP_DATA_IN), 729 buffer, USB_MAX_RX_SIZE, 730 rx_urb_complete, usb); 731 urb->transfer_flags |= URB_NO_TRANSFER_DMA_MAP; 732 733 return urb; 734 } 735 736 static void free_rx_urb(struct urb *urb) 737 { 738 if (!urb) 739 return; 740 usb_free_coherent(urb->dev, urb->transfer_buffer_length, 741 urb->transfer_buffer, urb->transfer_dma); 742 usb_free_urb(urb); 743 } 744 745 static int __zd_usb_enable_rx(struct zd_usb *usb) 746 { 747 int i, r; 748 struct zd_usb_rx *rx = &usb->rx; 749 struct urb **urbs; 750 751 dev_dbg_f(zd_usb_dev(usb), "\n"); 752 753 r = -ENOMEM; 754 urbs = kcalloc(RX_URBS_COUNT, sizeof(struct urb *), GFP_KERNEL); 755 if (!urbs) 756 goto error; 757 for (i = 0; i < RX_URBS_COUNT; i++) { 758 urbs[i] = alloc_rx_urb(usb); 759 if (!urbs[i]) 760 goto error; 761 } 762 763 ZD_ASSERT(!irqs_disabled()); 764 spin_lock_irq(&rx->lock); 765 if (rx->urbs) { 766 spin_unlock_irq(&rx->lock); 767 r = 0; 768 goto error; 769 } 770 rx->urbs = urbs; 771 rx->urbs_count = RX_URBS_COUNT; 772 spin_unlock_irq(&rx->lock); 773 774 for (i = 0; i < RX_URBS_COUNT; i++) { 775 r = usb_submit_urb(urbs[i], GFP_KERNEL); 776 if (r) 777 goto error_submit; 778 } 779 780 return 0; 781 error_submit: 782 for (i = 0; i < RX_URBS_COUNT; i++) { 783 usb_kill_urb(urbs[i]); 784 } 785 spin_lock_irq(&rx->lock); 786 rx->urbs = NULL; 787 rx->urbs_count = 0; 788 spin_unlock_irq(&rx->lock); 789 error: 790 if (urbs) { 791 for (i = 0; i < RX_URBS_COUNT; i++) 792 free_rx_urb(urbs[i]); 793 } 794 return r; 795 } 796 797 int zd_usb_enable_rx(struct zd_usb *usb) 798 { 799 int r; 800 struct zd_usb_rx *rx = &usb->rx; 801 802 mutex_lock(&rx->setup_mutex); 803 r = __zd_usb_enable_rx(usb); 804 mutex_unlock(&rx->setup_mutex); 805 806 zd_usb_reset_rx_idle_timer(usb); 807 808 return r; 809 } 810 811 static void __zd_usb_disable_rx(struct zd_usb *usb) 812 { 813 int i; 814 unsigned long flags; 815 struct urb **urbs; 816 unsigned int count; 817 struct zd_usb_rx *rx = &usb->rx; 818 819 spin_lock_irqsave(&rx->lock, flags); 820 urbs = rx->urbs; 821 count = rx->urbs_count; 822 spin_unlock_irqrestore(&rx->lock, flags); 823 if (!urbs) 824 return; 825 826 for (i = 0; i < count; i++) { 827 usb_kill_urb(urbs[i]); 828 free_rx_urb(urbs[i]); 829 } 830 kfree(urbs); 831 832 spin_lock_irqsave(&rx->lock, flags); 833 rx->urbs = NULL; 834 rx->urbs_count = 0; 835 spin_unlock_irqrestore(&rx->lock, flags); 836 } 837 838 void zd_usb_disable_rx(struct zd_usb *usb) 839 { 840 struct zd_usb_rx *rx = &usb->rx; 841 842 mutex_lock(&rx->setup_mutex); 843 __zd_usb_disable_rx(usb); 844 mutex_unlock(&rx->setup_mutex); 845 846 tasklet_kill(&rx->reset_timer_tasklet); 847 cancel_delayed_work_sync(&rx->idle_work); 848 } 849 850 static void zd_usb_reset_rx(struct zd_usb *usb) 851 { 852 bool do_reset; 853 struct zd_usb_rx *rx = &usb->rx; 854 unsigned long flags; 855 856 mutex_lock(&rx->setup_mutex); 857 858 spin_lock_irqsave(&rx->lock, flags); 859 do_reset = rx->urbs != NULL; 860 spin_unlock_irqrestore(&rx->lock, flags); 861 862 if (do_reset) { 863 __zd_usb_disable_rx(usb); 864 __zd_usb_enable_rx(usb); 865 } 866 867 mutex_unlock(&rx->setup_mutex); 868 869 if (do_reset) 870 zd_usb_reset_rx_idle_timer(usb); 871 } 872 873 /** 874 * zd_usb_disable_tx - disable transmission 875 * @usb: the zd1211rw-private USB structure 876 * 877 * Frees all URBs in the free list and marks the transmission as disabled. 878 */ 879 void zd_usb_disable_tx(struct zd_usb *usb) 880 { 881 struct zd_usb_tx *tx = &usb->tx; 882 unsigned long flags; 883 884 atomic_set(&tx->enabled, 0); 885 886 /* kill all submitted tx-urbs */ 887 usb_kill_anchored_urbs(&tx->submitted); 888 889 spin_lock_irqsave(&tx->lock, flags); 890 WARN_ON(!skb_queue_empty(&tx->submitted_skbs)); 891 WARN_ON(tx->submitted_urbs != 0); 892 tx->submitted_urbs = 0; 893 spin_unlock_irqrestore(&tx->lock, flags); 894 895 /* The stopped state is ignored, relying on ieee80211_wake_queues() 896 * in a potentionally following zd_usb_enable_tx(). 897 */ 898 } 899 900 /** 901 * zd_usb_enable_tx - enables transmission 902 * @usb: a &struct zd_usb pointer 903 * 904 * This function enables transmission and prepares the &zd_usb_tx data 905 * structure. 906 */ 907 void zd_usb_enable_tx(struct zd_usb *usb) 908 { 909 unsigned long flags; 910 struct zd_usb_tx *tx = &usb->tx; 911 912 spin_lock_irqsave(&tx->lock, flags); 913 atomic_set(&tx->enabled, 1); 914 tx->submitted_urbs = 0; 915 ieee80211_wake_queues(zd_usb_to_hw(usb)); 916 tx->stopped = 0; 917 spin_unlock_irqrestore(&tx->lock, flags); 918 } 919 920 static void tx_dec_submitted_urbs(struct zd_usb *usb) 921 { 922 struct zd_usb_tx *tx = &usb->tx; 923 unsigned long flags; 924 925 spin_lock_irqsave(&tx->lock, flags); 926 --tx->submitted_urbs; 927 if (tx->stopped && tx->submitted_urbs <= ZD_USB_TX_LOW) { 928 ieee80211_wake_queues(zd_usb_to_hw(usb)); 929 tx->stopped = 0; 930 } 931 spin_unlock_irqrestore(&tx->lock, flags); 932 } 933 934 static void tx_inc_submitted_urbs(struct zd_usb *usb) 935 { 936 struct zd_usb_tx *tx = &usb->tx; 937 unsigned long flags; 938 939 spin_lock_irqsave(&tx->lock, flags); 940 ++tx->submitted_urbs; 941 if (!tx->stopped && tx->submitted_urbs > ZD_USB_TX_HIGH) { 942 ieee80211_stop_queues(zd_usb_to_hw(usb)); 943 tx->stopped = 1; 944 } 945 spin_unlock_irqrestore(&tx->lock, flags); 946 } 947 948 /** 949 * tx_urb_complete - completes the execution of an URB 950 * @urb: a URB 951 * 952 * This function is called if the URB has been transferred to a device or an 953 * error has happened. 954 */ 955 static void tx_urb_complete(struct urb *urb) 956 { 957 int r; 958 struct sk_buff *skb; 959 struct ieee80211_tx_info *info; 960 struct zd_usb *usb; 961 struct zd_usb_tx *tx; 962 963 skb = (struct sk_buff *)urb->context; 964 info = IEEE80211_SKB_CB(skb); 965 /* 966 * grab 'usb' pointer before handing off the skb (since 967 * it might be freed by zd_mac_tx_to_dev or mac80211) 968 */ 969 usb = &zd_hw_mac(info->rate_driver_data[0])->chip.usb; 970 tx = &usb->tx; 971 972 switch (urb->status) { 973 case 0: 974 break; 975 case -ESHUTDOWN: 976 case -EINVAL: 977 case -ENODEV: 978 case -ENOENT: 979 case -ECONNRESET: 980 case -EPIPE: 981 dev_dbg_f(urb_dev(urb), "urb %p error %d\n", urb, urb->status); 982 break; 983 default: 984 dev_dbg_f(urb_dev(urb), "urb %p error %d\n", urb, urb->status); 985 goto resubmit; 986 } 987 free_urb: 988 skb_unlink(skb, &usb->tx.submitted_skbs); 989 zd_mac_tx_to_dev(skb, urb->status); 990 usb_free_urb(urb); 991 tx_dec_submitted_urbs(usb); 992 return; 993 resubmit: 994 usb_anchor_urb(urb, &tx->submitted); 995 r = usb_submit_urb(urb, GFP_ATOMIC); 996 if (r) { 997 usb_unanchor_urb(urb); 998 dev_dbg_f(urb_dev(urb), "error resubmit urb %p %d\n", urb, r); 999 goto free_urb; 1000 } 1001 } 1002 1003 /** 1004 * zd_usb_tx: initiates transfer of a frame of the device 1005 * 1006 * @usb: the zd1211rw-private USB structure 1007 * @skb: a &struct sk_buff pointer 1008 * 1009 * This function tranmits a frame to the device. It doesn't wait for 1010 * completion. The frame must contain the control set and have all the 1011 * control set information available. 1012 * 1013 * The function returns 0 if the transfer has been successfully initiated. 1014 */ 1015 int zd_usb_tx(struct zd_usb *usb, struct sk_buff *skb) 1016 { 1017 int r; 1018 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb); 1019 struct usb_device *udev = zd_usb_to_usbdev(usb); 1020 struct urb *urb; 1021 struct zd_usb_tx *tx = &usb->tx; 1022 1023 if (!atomic_read(&tx->enabled)) { 1024 r = -ENOENT; 1025 goto out; 1026 } 1027 1028 urb = usb_alloc_urb(0, GFP_ATOMIC); 1029 if (!urb) { 1030 r = -ENOMEM; 1031 goto out; 1032 } 1033 1034 usb_fill_bulk_urb(urb, udev, usb_sndbulkpipe(udev, EP_DATA_OUT), 1035 skb->data, skb->len, tx_urb_complete, skb); 1036 1037 info->rate_driver_data[1] = (void *)jiffies; 1038 skb_queue_tail(&tx->submitted_skbs, skb); 1039 usb_anchor_urb(urb, &tx->submitted); 1040 1041 r = usb_submit_urb(urb, GFP_ATOMIC); 1042 if (r) { 1043 dev_dbg_f(zd_usb_dev(usb), "error submit urb %p %d\n", urb, r); 1044 usb_unanchor_urb(urb); 1045 skb_unlink(skb, &tx->submitted_skbs); 1046 goto error; 1047 } 1048 tx_inc_submitted_urbs(usb); 1049 return 0; 1050 error: 1051 usb_free_urb(urb); 1052 out: 1053 return r; 1054 } 1055 1056 static bool zd_tx_timeout(struct zd_usb *usb) 1057 { 1058 struct zd_usb_tx *tx = &usb->tx; 1059 struct sk_buff_head *q = &tx->submitted_skbs; 1060 struct sk_buff *skb, *skbnext; 1061 struct ieee80211_tx_info *info; 1062 unsigned long flags, trans_start; 1063 bool have_timedout = false; 1064 1065 spin_lock_irqsave(&q->lock, flags); 1066 skb_queue_walk_safe(q, skb, skbnext) { 1067 info = IEEE80211_SKB_CB(skb); 1068 trans_start = (unsigned long)info->rate_driver_data[1]; 1069 1070 if (time_is_before_jiffies(trans_start + ZD_TX_TIMEOUT)) { 1071 have_timedout = true; 1072 break; 1073 } 1074 } 1075 spin_unlock_irqrestore(&q->lock, flags); 1076 1077 return have_timedout; 1078 } 1079 1080 static void zd_tx_watchdog_handler(struct work_struct *work) 1081 { 1082 struct zd_usb *usb = 1083 container_of(work, struct zd_usb, tx.watchdog_work.work); 1084 struct zd_usb_tx *tx = &usb->tx; 1085 1086 if (!atomic_read(&tx->enabled) || !tx->watchdog_enabled) 1087 goto out; 1088 if (!zd_tx_timeout(usb)) 1089 goto out; 1090 1091 /* TX halted, try reset */ 1092 dev_warn(zd_usb_dev(usb), "TX-stall detected, resetting device..."); 1093 1094 usb_queue_reset_device(usb->intf); 1095 1096 /* reset will stop this worker, don't rearm */ 1097 return; 1098 out: 1099 queue_delayed_work(zd_workqueue, &tx->watchdog_work, 1100 ZD_TX_WATCHDOG_INTERVAL); 1101 } 1102 1103 void zd_tx_watchdog_enable(struct zd_usb *usb) 1104 { 1105 struct zd_usb_tx *tx = &usb->tx; 1106 1107 if (!tx->watchdog_enabled) { 1108 dev_dbg_f(zd_usb_dev(usb), "\n"); 1109 queue_delayed_work(zd_workqueue, &tx->watchdog_work, 1110 ZD_TX_WATCHDOG_INTERVAL); 1111 tx->watchdog_enabled = 1; 1112 } 1113 } 1114 1115 void zd_tx_watchdog_disable(struct zd_usb *usb) 1116 { 1117 struct zd_usb_tx *tx = &usb->tx; 1118 1119 if (tx->watchdog_enabled) { 1120 dev_dbg_f(zd_usb_dev(usb), "\n"); 1121 tx->watchdog_enabled = 0; 1122 cancel_delayed_work_sync(&tx->watchdog_work); 1123 } 1124 } 1125 1126 static void zd_rx_idle_timer_handler(struct work_struct *work) 1127 { 1128 struct zd_usb *usb = 1129 container_of(work, struct zd_usb, rx.idle_work.work); 1130 struct zd_mac *mac = zd_usb_to_mac(usb); 1131 1132 if (!test_bit(ZD_DEVICE_RUNNING, &mac->flags)) 1133 return; 1134 1135 dev_dbg_f(zd_usb_dev(usb), "\n"); 1136 1137 /* 30 seconds since last rx, reset rx */ 1138 zd_usb_reset_rx(usb); 1139 } 1140 1141 static void zd_usb_reset_rx_idle_timer_tasklet(struct tasklet_struct *t) 1142 { 1143 struct zd_usb *usb = from_tasklet(usb, t, rx.reset_timer_tasklet); 1144 1145 zd_usb_reset_rx_idle_timer(usb); 1146 } 1147 1148 void zd_usb_reset_rx_idle_timer(struct zd_usb *usb) 1149 { 1150 struct zd_usb_rx *rx = &usb->rx; 1151 1152 mod_delayed_work(zd_workqueue, &rx->idle_work, ZD_RX_IDLE_INTERVAL); 1153 } 1154 1155 static inline void init_usb_interrupt(struct zd_usb *usb) 1156 { 1157 struct zd_usb_interrupt *intr = &usb->intr; 1158 1159 spin_lock_init(&intr->lock); 1160 intr->interval = int_urb_interval(zd_usb_to_usbdev(usb)); 1161 init_completion(&intr->read_regs.completion); 1162 atomic_set(&intr->read_regs_enabled, 0); 1163 intr->read_regs.cr_int_addr = cpu_to_le16((u16)CR_INTERRUPT); 1164 } 1165 1166 static inline void init_usb_rx(struct zd_usb *usb) 1167 { 1168 struct zd_usb_rx *rx = &usb->rx; 1169 1170 spin_lock_init(&rx->lock); 1171 mutex_init(&rx->setup_mutex); 1172 if (interface_to_usbdev(usb->intf)->speed == USB_SPEED_HIGH) { 1173 rx->usb_packet_size = 512; 1174 } else { 1175 rx->usb_packet_size = 64; 1176 } 1177 ZD_ASSERT(rx->fragment_length == 0); 1178 INIT_DELAYED_WORK(&rx->idle_work, zd_rx_idle_timer_handler); 1179 rx->reset_timer_tasklet.func = (void (*)) 1180 zd_usb_reset_rx_idle_timer_tasklet; 1181 rx->reset_timer_tasklet.data = (unsigned long)&rx->reset_timer_tasklet; 1182 } 1183 1184 static inline void init_usb_tx(struct zd_usb *usb) 1185 { 1186 struct zd_usb_tx *tx = &usb->tx; 1187 1188 spin_lock_init(&tx->lock); 1189 atomic_set(&tx->enabled, 0); 1190 tx->stopped = 0; 1191 skb_queue_head_init(&tx->submitted_skbs); 1192 init_usb_anchor(&tx->submitted); 1193 tx->submitted_urbs = 0; 1194 tx->watchdog_enabled = 0; 1195 INIT_DELAYED_WORK(&tx->watchdog_work, zd_tx_watchdog_handler); 1196 } 1197 1198 void zd_usb_init(struct zd_usb *usb, struct ieee80211_hw *hw, 1199 struct usb_interface *intf) 1200 { 1201 memset(usb, 0, sizeof(*usb)); 1202 usb->intf = usb_get_intf(intf); 1203 usb_set_intfdata(usb->intf, hw); 1204 init_usb_anchor(&usb->submitted_cmds); 1205 init_usb_interrupt(usb); 1206 init_usb_tx(usb); 1207 init_usb_rx(usb); 1208 } 1209 1210 void zd_usb_clear(struct zd_usb *usb) 1211 { 1212 usb_set_intfdata(usb->intf, NULL); 1213 usb_put_intf(usb->intf); 1214 ZD_MEMCLEAR(usb, sizeof(*usb)); 1215 /* FIXME: usb_interrupt, usb_tx, usb_rx? */ 1216 } 1217 1218 static const char *speed(enum usb_device_speed speed) 1219 { 1220 switch (speed) { 1221 case USB_SPEED_LOW: 1222 return "low"; 1223 case USB_SPEED_FULL: 1224 return "full"; 1225 case USB_SPEED_HIGH: 1226 return "high"; 1227 default: 1228 return "unknown speed"; 1229 } 1230 } 1231 1232 static int scnprint_id(struct usb_device *udev, char *buffer, size_t size) 1233 { 1234 return scnprintf(buffer, size, "%04hx:%04hx v%04hx %s", 1235 le16_to_cpu(udev->descriptor.idVendor), 1236 le16_to_cpu(udev->descriptor.idProduct), 1237 get_bcdDevice(udev), 1238 speed(udev->speed)); 1239 } 1240 1241 int zd_usb_scnprint_id(struct zd_usb *usb, char *buffer, size_t size) 1242 { 1243 struct usb_device *udev = interface_to_usbdev(usb->intf); 1244 return scnprint_id(udev, buffer, size); 1245 } 1246 1247 #ifdef DEBUG 1248 static void print_id(struct usb_device *udev) 1249 { 1250 char buffer[40]; 1251 1252 scnprint_id(udev, buffer, sizeof(buffer)); 1253 buffer[sizeof(buffer)-1] = 0; 1254 dev_dbg_f(&udev->dev, "%s\n", buffer); 1255 } 1256 #else 1257 #define print_id(udev) do { } while (0) 1258 #endif 1259 1260 static int eject_installer(struct usb_interface *intf) 1261 { 1262 struct usb_device *udev = interface_to_usbdev(intf); 1263 struct usb_host_interface *iface_desc = intf->cur_altsetting; 1264 struct usb_endpoint_descriptor *endpoint; 1265 unsigned char *cmd; 1266 u8 bulk_out_ep; 1267 int r; 1268 1269 if (iface_desc->desc.bNumEndpoints < 2) 1270 return -ENODEV; 1271 1272 /* Find bulk out endpoint */ 1273 for (r = 1; r >= 0; r--) { 1274 endpoint = &iface_desc->endpoint[r].desc; 1275 if (usb_endpoint_dir_out(endpoint) && 1276 usb_endpoint_xfer_bulk(endpoint)) { 1277 bulk_out_ep = endpoint->bEndpointAddress; 1278 break; 1279 } 1280 } 1281 if (r == -1) { 1282 dev_err(&udev->dev, 1283 "zd1211rw: Could not find bulk out endpoint\n"); 1284 return -ENODEV; 1285 } 1286 1287 cmd = kzalloc(31, GFP_KERNEL); 1288 if (cmd == NULL) 1289 return -ENODEV; 1290 1291 /* USB bulk command block */ 1292 cmd[0] = 0x55; /* bulk command signature */ 1293 cmd[1] = 0x53; /* bulk command signature */ 1294 cmd[2] = 0x42; /* bulk command signature */ 1295 cmd[3] = 0x43; /* bulk command signature */ 1296 cmd[14] = 6; /* command length */ 1297 1298 cmd[15] = 0x1b; /* SCSI command: START STOP UNIT */ 1299 cmd[19] = 0x2; /* eject disc */ 1300 1301 dev_info(&udev->dev, "Ejecting virtual installer media...\n"); 1302 r = usb_bulk_msg(udev, usb_sndbulkpipe(udev, bulk_out_ep), 1303 cmd, 31, NULL, 2000); 1304 kfree(cmd); 1305 if (r) 1306 return r; 1307 1308 /* At this point, the device disconnects and reconnects with the real 1309 * ID numbers. */ 1310 1311 usb_set_intfdata(intf, NULL); 1312 return 0; 1313 } 1314 1315 int zd_usb_init_hw(struct zd_usb *usb) 1316 { 1317 int r; 1318 struct zd_mac *mac = zd_usb_to_mac(usb); 1319 1320 dev_dbg_f(zd_usb_dev(usb), "\n"); 1321 1322 r = upload_firmware(usb); 1323 if (r) { 1324 dev_err(zd_usb_dev(usb), 1325 "couldn't load firmware. Error number %d\n", r); 1326 return r; 1327 } 1328 1329 r = usb_reset_configuration(zd_usb_to_usbdev(usb)); 1330 if (r) { 1331 dev_dbg_f(zd_usb_dev(usb), 1332 "couldn't reset configuration. Error number %d\n", r); 1333 return r; 1334 } 1335 1336 r = zd_mac_init_hw(mac->hw); 1337 if (r) { 1338 dev_dbg_f(zd_usb_dev(usb), 1339 "couldn't initialize mac. Error number %d\n", r); 1340 return r; 1341 } 1342 1343 usb->initialized = 1; 1344 return 0; 1345 } 1346 1347 static int probe(struct usb_interface *intf, const struct usb_device_id *id) 1348 { 1349 int r; 1350 struct usb_device *udev = interface_to_usbdev(intf); 1351 struct zd_usb *usb; 1352 struct ieee80211_hw *hw = NULL; 1353 1354 print_id(udev); 1355 1356 if (id->driver_info & DEVICE_INSTALLER) 1357 return eject_installer(intf); 1358 1359 switch (udev->speed) { 1360 case USB_SPEED_LOW: 1361 case USB_SPEED_FULL: 1362 case USB_SPEED_HIGH: 1363 break; 1364 default: 1365 dev_dbg_f(&intf->dev, "Unknown USB speed\n"); 1366 r = -ENODEV; 1367 goto error; 1368 } 1369 1370 r = usb_reset_device(udev); 1371 if (r) { 1372 dev_err(&intf->dev, 1373 "couldn't reset usb device. Error number %d\n", r); 1374 goto error; 1375 } 1376 1377 hw = zd_mac_alloc_hw(intf); 1378 if (hw == NULL) { 1379 r = -ENOMEM; 1380 goto error; 1381 } 1382 1383 usb = &zd_hw_mac(hw)->chip.usb; 1384 usb->is_zd1211b = (id->driver_info == DEVICE_ZD1211B) != 0; 1385 1386 r = zd_mac_preinit_hw(hw); 1387 if (r) { 1388 dev_dbg_f(&intf->dev, 1389 "couldn't initialize mac. Error number %d\n", r); 1390 goto error; 1391 } 1392 1393 r = ieee80211_register_hw(hw); 1394 if (r) { 1395 dev_dbg_f(&intf->dev, 1396 "couldn't register device. Error number %d\n", r); 1397 goto error; 1398 } 1399 1400 dev_dbg_f(&intf->dev, "successful\n"); 1401 dev_info(&intf->dev, "%s\n", wiphy_name(hw->wiphy)); 1402 return 0; 1403 error: 1404 usb_reset_device(interface_to_usbdev(intf)); 1405 if (hw) { 1406 zd_mac_clear(zd_hw_mac(hw)); 1407 ieee80211_free_hw(hw); 1408 } 1409 return r; 1410 } 1411 1412 static void disconnect(struct usb_interface *intf) 1413 { 1414 struct ieee80211_hw *hw = zd_intf_to_hw(intf); 1415 struct zd_mac *mac; 1416 struct zd_usb *usb; 1417 1418 /* Either something really bad happened, or we're just dealing with 1419 * a DEVICE_INSTALLER. */ 1420 if (hw == NULL) 1421 return; 1422 1423 mac = zd_hw_mac(hw); 1424 usb = &mac->chip.usb; 1425 1426 dev_dbg_f(zd_usb_dev(usb), "\n"); 1427 1428 ieee80211_unregister_hw(hw); 1429 1430 /* Just in case something has gone wrong! */ 1431 zd_usb_disable_tx(usb); 1432 zd_usb_disable_rx(usb); 1433 zd_usb_disable_int(usb); 1434 1435 /* If the disconnect has been caused by a removal of the 1436 * driver module, the reset allows reloading of the driver. If the 1437 * reset will not be executed here, the upload of the firmware in the 1438 * probe function caused by the reloading of the driver will fail. 1439 */ 1440 usb_reset_device(interface_to_usbdev(intf)); 1441 1442 zd_mac_clear(mac); 1443 ieee80211_free_hw(hw); 1444 dev_dbg(&intf->dev, "disconnected\n"); 1445 } 1446 1447 static void zd_usb_resume(struct zd_usb *usb) 1448 { 1449 struct zd_mac *mac = zd_usb_to_mac(usb); 1450 int r; 1451 1452 dev_dbg_f(zd_usb_dev(usb), "\n"); 1453 1454 r = zd_op_start(zd_usb_to_hw(usb)); 1455 if (r < 0) { 1456 dev_warn(zd_usb_dev(usb), "Device resume failed " 1457 "with error code %d. Retrying...\n", r); 1458 if (usb->was_running) 1459 set_bit(ZD_DEVICE_RUNNING, &mac->flags); 1460 usb_queue_reset_device(usb->intf); 1461 return; 1462 } 1463 1464 if (mac->type != NL80211_IFTYPE_UNSPECIFIED) { 1465 r = zd_restore_settings(mac); 1466 if (r < 0) { 1467 dev_dbg(zd_usb_dev(usb), 1468 "failed to restore settings, %d\n", r); 1469 return; 1470 } 1471 } 1472 } 1473 1474 static void zd_usb_stop(struct zd_usb *usb) 1475 { 1476 dev_dbg_f(zd_usb_dev(usb), "\n"); 1477 1478 zd_op_stop(zd_usb_to_hw(usb)); 1479 1480 zd_usb_disable_tx(usb); 1481 zd_usb_disable_rx(usb); 1482 zd_usb_disable_int(usb); 1483 1484 usb->initialized = 0; 1485 } 1486 1487 static int pre_reset(struct usb_interface *intf) 1488 { 1489 struct ieee80211_hw *hw = usb_get_intfdata(intf); 1490 struct zd_mac *mac; 1491 struct zd_usb *usb; 1492 1493 if (!hw || intf->condition != USB_INTERFACE_BOUND) 1494 return 0; 1495 1496 mac = zd_hw_mac(hw); 1497 usb = &mac->chip.usb; 1498 1499 usb->was_running = test_bit(ZD_DEVICE_RUNNING, &mac->flags); 1500 1501 zd_usb_stop(usb); 1502 1503 mutex_lock(&mac->chip.mutex); 1504 return 0; 1505 } 1506 1507 static int post_reset(struct usb_interface *intf) 1508 { 1509 struct ieee80211_hw *hw = usb_get_intfdata(intf); 1510 struct zd_mac *mac; 1511 struct zd_usb *usb; 1512 1513 if (!hw || intf->condition != USB_INTERFACE_BOUND) 1514 return 0; 1515 1516 mac = zd_hw_mac(hw); 1517 usb = &mac->chip.usb; 1518 1519 mutex_unlock(&mac->chip.mutex); 1520 1521 if (usb->was_running) 1522 zd_usb_resume(usb); 1523 return 0; 1524 } 1525 1526 static struct usb_driver driver = { 1527 .name = KBUILD_MODNAME, 1528 .id_table = usb_ids, 1529 .probe = probe, 1530 .disconnect = disconnect, 1531 .pre_reset = pre_reset, 1532 .post_reset = post_reset, 1533 .disable_hub_initiated_lpm = 1, 1534 }; 1535 1536 struct workqueue_struct *zd_workqueue; 1537 1538 static int __init usb_init(void) 1539 { 1540 int r; 1541 1542 pr_debug("%s usb_init()\n", driver.name); 1543 1544 zd_workqueue = create_singlethread_workqueue(driver.name); 1545 if (zd_workqueue == NULL) { 1546 pr_err("%s couldn't create workqueue\n", driver.name); 1547 return -ENOMEM; 1548 } 1549 1550 r = usb_register(&driver); 1551 if (r) { 1552 destroy_workqueue(zd_workqueue); 1553 pr_err("%s usb_register() failed. Error number %d\n", 1554 driver.name, r); 1555 return r; 1556 } 1557 1558 pr_debug("%s initialized\n", driver.name); 1559 return 0; 1560 } 1561 1562 static void __exit usb_exit(void) 1563 { 1564 pr_debug("%s usb_exit()\n", driver.name); 1565 usb_deregister(&driver); 1566 destroy_workqueue(zd_workqueue); 1567 } 1568 1569 module_init(usb_init); 1570 module_exit(usb_exit); 1571 1572 static int zd_ep_regs_out_msg(struct usb_device *udev, void *data, int len, 1573 int *actual_length, int timeout) 1574 { 1575 /* In USB 2.0 mode EP_REGS_OUT endpoint is interrupt type. However in 1576 * USB 1.1 mode endpoint is bulk. Select correct type URB by endpoint 1577 * descriptor. 1578 */ 1579 struct usb_host_endpoint *ep; 1580 unsigned int pipe; 1581 1582 pipe = usb_sndintpipe(udev, EP_REGS_OUT); 1583 ep = usb_pipe_endpoint(udev, pipe); 1584 if (!ep) 1585 return -EINVAL; 1586 1587 if (usb_endpoint_xfer_int(&ep->desc)) { 1588 return usb_interrupt_msg(udev, pipe, data, len, 1589 actual_length, timeout); 1590 } else { 1591 pipe = usb_sndbulkpipe(udev, EP_REGS_OUT); 1592 return usb_bulk_msg(udev, pipe, data, len, actual_length, 1593 timeout); 1594 } 1595 } 1596 1597 static void prepare_read_regs_int(struct zd_usb *usb, 1598 struct usb_req_read_regs *req, 1599 unsigned int count) 1600 { 1601 struct zd_usb_interrupt *intr = &usb->intr; 1602 1603 spin_lock_irq(&intr->lock); 1604 atomic_set(&intr->read_regs_enabled, 1); 1605 intr->read_regs.req = req; 1606 intr->read_regs.req_count = count; 1607 reinit_completion(&intr->read_regs.completion); 1608 spin_unlock_irq(&intr->lock); 1609 } 1610 1611 static void disable_read_regs_int(struct zd_usb *usb) 1612 { 1613 struct zd_usb_interrupt *intr = &usb->intr; 1614 1615 spin_lock_irq(&intr->lock); 1616 atomic_set(&intr->read_regs_enabled, 0); 1617 spin_unlock_irq(&intr->lock); 1618 } 1619 1620 static bool check_read_regs(struct zd_usb *usb, struct usb_req_read_regs *req, 1621 unsigned int count) 1622 { 1623 int i; 1624 struct zd_usb_interrupt *intr = &usb->intr; 1625 struct read_regs_int *rr = &intr->read_regs; 1626 struct usb_int_regs *regs = (struct usb_int_regs *)rr->buffer; 1627 1628 /* The created block size seems to be larger than expected. 1629 * However results appear to be correct. 1630 */ 1631 if (rr->length < struct_size(regs, regs, count)) { 1632 dev_dbg_f(zd_usb_dev(usb), 1633 "error: actual length %d less than expected %zu\n", 1634 rr->length, struct_size(regs, regs, count)); 1635 return false; 1636 } 1637 1638 if (rr->length > sizeof(rr->buffer)) { 1639 dev_dbg_f(zd_usb_dev(usb), 1640 "error: actual length %d exceeds buffer size %zu\n", 1641 rr->length, sizeof(rr->buffer)); 1642 return false; 1643 } 1644 1645 for (i = 0; i < count; i++) { 1646 struct reg_data *rd = ®s->regs[i]; 1647 if (rd->addr != req->addr[i]) { 1648 dev_dbg_f(zd_usb_dev(usb), 1649 "rd[%d] addr %#06hx expected %#06hx\n", i, 1650 le16_to_cpu(rd->addr), 1651 le16_to_cpu(req->addr[i])); 1652 return false; 1653 } 1654 } 1655 1656 return true; 1657 } 1658 1659 static int get_results(struct zd_usb *usb, u16 *values, 1660 struct usb_req_read_regs *req, unsigned int count, 1661 bool *retry) 1662 { 1663 int r; 1664 int i; 1665 struct zd_usb_interrupt *intr = &usb->intr; 1666 struct read_regs_int *rr = &intr->read_regs; 1667 struct usb_int_regs *regs = (struct usb_int_regs *)rr->buffer; 1668 1669 spin_lock_irq(&intr->lock); 1670 1671 r = -EIO; 1672 1673 /* Read failed because firmware bug? */ 1674 *retry = !!intr->read_regs_int_overridden; 1675 if (*retry) 1676 goto error_unlock; 1677 1678 if (!check_read_regs(usb, req, count)) { 1679 dev_dbg_f(zd_usb_dev(usb), "error: invalid read regs\n"); 1680 goto error_unlock; 1681 } 1682 1683 for (i = 0; i < count; i++) { 1684 struct reg_data *rd = ®s->regs[i]; 1685 values[i] = le16_to_cpu(rd->value); 1686 } 1687 1688 r = 0; 1689 error_unlock: 1690 spin_unlock_irq(&intr->lock); 1691 return r; 1692 } 1693 1694 int zd_usb_ioread16v(struct zd_usb *usb, u16 *values, 1695 const zd_addr_t *addresses, unsigned int count) 1696 { 1697 int r, i, req_len, actual_req_len, try_count = 0; 1698 struct usb_device *udev; 1699 struct usb_req_read_regs *req = NULL; 1700 unsigned long timeout; 1701 bool retry = false; 1702 1703 if (count < 1) { 1704 dev_dbg_f(zd_usb_dev(usb), "error: count is zero\n"); 1705 return -EINVAL; 1706 } 1707 if (count > USB_MAX_IOREAD16_COUNT) { 1708 dev_dbg_f(zd_usb_dev(usb), 1709 "error: count %u exceeds possible max %u\n", 1710 count, USB_MAX_IOREAD16_COUNT); 1711 return -EINVAL; 1712 } 1713 if (!usb_int_enabled(usb)) { 1714 dev_dbg_f(zd_usb_dev(usb), 1715 "error: usb interrupt not enabled\n"); 1716 return -EWOULDBLOCK; 1717 } 1718 1719 ZD_ASSERT(mutex_is_locked(&zd_usb_to_chip(usb)->mutex)); 1720 BUILD_BUG_ON(sizeof(struct usb_req_read_regs) + USB_MAX_IOREAD16_COUNT * 1721 sizeof(__le16) > sizeof(usb->req_buf)); 1722 BUG_ON(sizeof(struct usb_req_read_regs) + count * sizeof(__le16) > 1723 sizeof(usb->req_buf)); 1724 1725 req_len = sizeof(struct usb_req_read_regs) + count * sizeof(__le16); 1726 req = (void *)usb->req_buf; 1727 1728 req->id = cpu_to_le16(USB_REQ_READ_REGS); 1729 for (i = 0; i < count; i++) 1730 req->addr[i] = cpu_to_le16((u16)addresses[i]); 1731 1732 retry_read: 1733 try_count++; 1734 udev = zd_usb_to_usbdev(usb); 1735 prepare_read_regs_int(usb, req, count); 1736 r = zd_ep_regs_out_msg(udev, req, req_len, &actual_req_len, 50 /*ms*/); 1737 if (r) { 1738 dev_dbg_f(zd_usb_dev(usb), 1739 "error in zd_ep_regs_out_msg(). Error number %d\n", r); 1740 goto error; 1741 } 1742 if (req_len != actual_req_len) { 1743 dev_dbg_f(zd_usb_dev(usb), "error in zd_ep_regs_out_msg()\n" 1744 " req_len %d != actual_req_len %d\n", 1745 req_len, actual_req_len); 1746 r = -EIO; 1747 goto error; 1748 } 1749 1750 timeout = wait_for_completion_timeout(&usb->intr.read_regs.completion, 1751 msecs_to_jiffies(50)); 1752 if (!timeout) { 1753 disable_read_regs_int(usb); 1754 dev_dbg_f(zd_usb_dev(usb), "read timed out\n"); 1755 r = -ETIMEDOUT; 1756 goto error; 1757 } 1758 1759 r = get_results(usb, values, req, count, &retry); 1760 if (retry && try_count < 20) { 1761 dev_dbg_f(zd_usb_dev(usb), "read retry, tries so far: %d\n", 1762 try_count); 1763 goto retry_read; 1764 } 1765 error: 1766 return r; 1767 } 1768 1769 static void iowrite16v_urb_complete(struct urb *urb) 1770 { 1771 struct zd_usb *usb = urb->context; 1772 1773 if (urb->status && !usb->cmd_error) 1774 usb->cmd_error = urb->status; 1775 1776 if (!usb->cmd_error && 1777 urb->actual_length != urb->transfer_buffer_length) 1778 usb->cmd_error = -EIO; 1779 } 1780 1781 static int zd_submit_waiting_urb(struct zd_usb *usb, bool last) 1782 { 1783 int r = 0; 1784 struct urb *urb = usb->urb_async_waiting; 1785 1786 if (!urb) 1787 return 0; 1788 1789 usb->urb_async_waiting = NULL; 1790 1791 if (!last) 1792 urb->transfer_flags |= URB_NO_INTERRUPT; 1793 1794 usb_anchor_urb(urb, &usb->submitted_cmds); 1795 r = usb_submit_urb(urb, GFP_KERNEL); 1796 if (r) { 1797 usb_unanchor_urb(urb); 1798 dev_dbg_f(zd_usb_dev(usb), 1799 "error in usb_submit_urb(). Error number %d\n", r); 1800 goto error; 1801 } 1802 1803 /* fall-through with r == 0 */ 1804 error: 1805 usb_free_urb(urb); 1806 return r; 1807 } 1808 1809 void zd_usb_iowrite16v_async_start(struct zd_usb *usb) 1810 { 1811 ZD_ASSERT(usb_anchor_empty(&usb->submitted_cmds)); 1812 ZD_ASSERT(usb->urb_async_waiting == NULL); 1813 ZD_ASSERT(!usb->in_async); 1814 1815 ZD_ASSERT(mutex_is_locked(&zd_usb_to_chip(usb)->mutex)); 1816 1817 usb->in_async = 1; 1818 usb->cmd_error = 0; 1819 usb->urb_async_waiting = NULL; 1820 } 1821 1822 int zd_usb_iowrite16v_async_end(struct zd_usb *usb, unsigned int timeout) 1823 { 1824 int r; 1825 1826 ZD_ASSERT(mutex_is_locked(&zd_usb_to_chip(usb)->mutex)); 1827 ZD_ASSERT(usb->in_async); 1828 1829 /* Submit last iowrite16v URB */ 1830 r = zd_submit_waiting_urb(usb, true); 1831 if (r) { 1832 dev_dbg_f(zd_usb_dev(usb), 1833 "error in zd_submit_waiting_usb(). " 1834 "Error number %d\n", r); 1835 1836 usb_kill_anchored_urbs(&usb->submitted_cmds); 1837 goto error; 1838 } 1839 1840 if (timeout) 1841 timeout = usb_wait_anchor_empty_timeout(&usb->submitted_cmds, 1842 timeout); 1843 if (!timeout) { 1844 usb_kill_anchored_urbs(&usb->submitted_cmds); 1845 if (usb->cmd_error == -ENOENT) { 1846 dev_dbg_f(zd_usb_dev(usb), "timed out"); 1847 r = -ETIMEDOUT; 1848 goto error; 1849 } 1850 } 1851 1852 r = usb->cmd_error; 1853 error: 1854 usb->in_async = 0; 1855 return r; 1856 } 1857 1858 int zd_usb_iowrite16v_async(struct zd_usb *usb, const struct zd_ioreq16 *ioreqs, 1859 unsigned int count) 1860 { 1861 int r; 1862 struct usb_device *udev; 1863 struct usb_req_write_regs *req = NULL; 1864 int i, req_len; 1865 struct urb *urb; 1866 struct usb_host_endpoint *ep; 1867 1868 ZD_ASSERT(mutex_is_locked(&zd_usb_to_chip(usb)->mutex)); 1869 ZD_ASSERT(usb->in_async); 1870 1871 if (count == 0) 1872 return 0; 1873 if (count > USB_MAX_IOWRITE16_COUNT) { 1874 dev_dbg_f(zd_usb_dev(usb), 1875 "error: count %u exceeds possible max %u\n", 1876 count, USB_MAX_IOWRITE16_COUNT); 1877 return -EINVAL; 1878 } 1879 1880 udev = zd_usb_to_usbdev(usb); 1881 1882 ep = usb_pipe_endpoint(udev, usb_sndintpipe(udev, EP_REGS_OUT)); 1883 if (!ep) 1884 return -ENOENT; 1885 1886 urb = usb_alloc_urb(0, GFP_KERNEL); 1887 if (!urb) 1888 return -ENOMEM; 1889 1890 req_len = struct_size(req, reg_writes, count); 1891 req = kmalloc(req_len, GFP_KERNEL); 1892 if (!req) { 1893 r = -ENOMEM; 1894 goto error; 1895 } 1896 1897 req->id = cpu_to_le16(USB_REQ_WRITE_REGS); 1898 for (i = 0; i < count; i++) { 1899 struct reg_data *rw = &req->reg_writes[i]; 1900 rw->addr = cpu_to_le16((u16)ioreqs[i].addr); 1901 rw->value = cpu_to_le16(ioreqs[i].value); 1902 } 1903 1904 /* In USB 2.0 mode endpoint is interrupt type. However in USB 1.1 mode 1905 * endpoint is bulk. Select correct type URB by endpoint descriptor. 1906 */ 1907 if (usb_endpoint_xfer_int(&ep->desc)) 1908 usb_fill_int_urb(urb, udev, usb_sndintpipe(udev, EP_REGS_OUT), 1909 req, req_len, iowrite16v_urb_complete, usb, 1910 ep->desc.bInterval); 1911 else 1912 usb_fill_bulk_urb(urb, udev, usb_sndbulkpipe(udev, EP_REGS_OUT), 1913 req, req_len, iowrite16v_urb_complete, usb); 1914 1915 urb->transfer_flags |= URB_FREE_BUFFER; 1916 1917 /* Submit previous URB */ 1918 r = zd_submit_waiting_urb(usb, false); 1919 if (r) { 1920 dev_dbg_f(zd_usb_dev(usb), 1921 "error in zd_submit_waiting_usb(). " 1922 "Error number %d\n", r); 1923 goto error; 1924 } 1925 1926 /* Delay submit so that URB_NO_INTERRUPT flag can be set for all URBs 1927 * of currect batch except for very last. 1928 */ 1929 usb->urb_async_waiting = urb; 1930 return 0; 1931 error: 1932 usb_free_urb(urb); 1933 return r; 1934 } 1935 1936 int zd_usb_iowrite16v(struct zd_usb *usb, const struct zd_ioreq16 *ioreqs, 1937 unsigned int count) 1938 { 1939 int r; 1940 1941 zd_usb_iowrite16v_async_start(usb); 1942 r = zd_usb_iowrite16v_async(usb, ioreqs, count); 1943 if (r) { 1944 zd_usb_iowrite16v_async_end(usb, 0); 1945 return r; 1946 } 1947 return zd_usb_iowrite16v_async_end(usb, 50 /* ms */); 1948 } 1949 1950 int zd_usb_rfwrite(struct zd_usb *usb, u32 value, u8 bits) 1951 { 1952 int r; 1953 struct usb_device *udev; 1954 struct usb_req_rfwrite *req = NULL; 1955 int i, req_len, actual_req_len; 1956 u16 bit_value_template; 1957 1958 if (bits < USB_MIN_RFWRITE_BIT_COUNT) { 1959 dev_dbg_f(zd_usb_dev(usb), 1960 "error: bits %d are smaller than" 1961 " USB_MIN_RFWRITE_BIT_COUNT %d\n", 1962 bits, USB_MIN_RFWRITE_BIT_COUNT); 1963 return -EINVAL; 1964 } 1965 if (bits > USB_MAX_RFWRITE_BIT_COUNT) { 1966 dev_dbg_f(zd_usb_dev(usb), 1967 "error: bits %d exceed USB_MAX_RFWRITE_BIT_COUNT %d\n", 1968 bits, USB_MAX_RFWRITE_BIT_COUNT); 1969 return -EINVAL; 1970 } 1971 #ifdef DEBUG 1972 if (value & (~0UL << bits)) { 1973 dev_dbg_f(zd_usb_dev(usb), 1974 "error: value %#09x has bits >= %d set\n", 1975 value, bits); 1976 return -EINVAL; 1977 } 1978 #endif /* DEBUG */ 1979 1980 dev_dbg_f(zd_usb_dev(usb), "value %#09x bits %d\n", value, bits); 1981 1982 r = zd_usb_ioread16(usb, &bit_value_template, ZD_CR203); 1983 if (r) { 1984 dev_dbg_f(zd_usb_dev(usb), 1985 "error %d: Couldn't read ZD_CR203\n", r); 1986 return r; 1987 } 1988 bit_value_template &= ~(RF_IF_LE|RF_CLK|RF_DATA); 1989 1990 ZD_ASSERT(mutex_is_locked(&zd_usb_to_chip(usb)->mutex)); 1991 BUILD_BUG_ON(sizeof(struct usb_req_rfwrite) + 1992 USB_MAX_RFWRITE_BIT_COUNT * sizeof(__le16) > 1993 sizeof(usb->req_buf)); 1994 BUG_ON(sizeof(struct usb_req_rfwrite) + bits * sizeof(__le16) > 1995 sizeof(usb->req_buf)); 1996 1997 req_len = sizeof(struct usb_req_rfwrite) + bits * sizeof(__le16); 1998 req = (void *)usb->req_buf; 1999 2000 req->id = cpu_to_le16(USB_REQ_WRITE_RF); 2001 /* 1: 3683a, but not used in ZYDAS driver */ 2002 req->value = cpu_to_le16(2); 2003 req->bits = cpu_to_le16(bits); 2004 2005 for (i = 0; i < bits; i++) { 2006 u16 bv = bit_value_template; 2007 if (value & (1 << (bits-1-i))) 2008 bv |= RF_DATA; 2009 req->bit_values[i] = cpu_to_le16(bv); 2010 } 2011 2012 udev = zd_usb_to_usbdev(usb); 2013 r = zd_ep_regs_out_msg(udev, req, req_len, &actual_req_len, 50 /*ms*/); 2014 if (r) { 2015 dev_dbg_f(zd_usb_dev(usb), 2016 "error in zd_ep_regs_out_msg(). Error number %d\n", r); 2017 goto out; 2018 } 2019 if (req_len != actual_req_len) { 2020 dev_dbg_f(zd_usb_dev(usb), "error in zd_ep_regs_out_msg()" 2021 " req_len %d != actual_req_len %d\n", 2022 req_len, actual_req_len); 2023 r = -EIO; 2024 goto out; 2025 } 2026 2027 /* FALL-THROUGH with r == 0 */ 2028 out: 2029 return r; 2030 } 2031