1 // SPDX-License-Identifier: GPL-2.0-or-later 2 /* ZD1211 USB-WLAN driver for Linux 3 * 4 * Copyright (C) 2005-2007 Ulrich Kunitz <kune@deine-taler.de> 5 * Copyright (C) 2006-2007 Daniel Drake <dsd@gentoo.org> 6 * Copyright (C) 2006-2007 Michael Wu <flamingice@sourmilk.net> 7 */ 8 9 #include <linux/kernel.h> 10 #include <linux/init.h> 11 #include <linux/firmware.h> 12 #include <linux/device.h> 13 #include <linux/errno.h> 14 #include <linux/slab.h> 15 #include <linux/skbuff.h> 16 #include <linux/usb.h> 17 #include <linux/workqueue.h> 18 #include <linux/module.h> 19 #include <net/mac80211.h> 20 #include <linux/unaligned.h> 21 22 #include "zd_def.h" 23 #include "zd_mac.h" 24 #include "zd_usb.h" 25 26 static const struct usb_device_id usb_ids[] = { 27 /* ZD1211 */ 28 { USB_DEVICE(0x0105, 0x145f), .driver_info = DEVICE_ZD1211 }, 29 { USB_DEVICE(0x0586, 0x3401), .driver_info = DEVICE_ZD1211 }, 30 { USB_DEVICE(0x0586, 0x3402), .driver_info = DEVICE_ZD1211 }, 31 { USB_DEVICE(0x0586, 0x3407), .driver_info = DEVICE_ZD1211 }, 32 { USB_DEVICE(0x0586, 0x3409), .driver_info = DEVICE_ZD1211 }, 33 { USB_DEVICE(0x079b, 0x004a), .driver_info = DEVICE_ZD1211 }, 34 { USB_DEVICE(0x07b8, 0x6001), .driver_info = DEVICE_ZD1211 }, 35 { USB_DEVICE(0x0ace, 0x1211), .driver_info = DEVICE_ZD1211 }, 36 { USB_DEVICE(0x0ace, 0xa211), .driver_info = DEVICE_ZD1211 }, 37 { USB_DEVICE(0x0b05, 0x170c), .driver_info = DEVICE_ZD1211 }, 38 { USB_DEVICE(0x0b3b, 0x1630), .driver_info = DEVICE_ZD1211 }, 39 { USB_DEVICE(0x0b3b, 0x5630), .driver_info = DEVICE_ZD1211 }, 40 { USB_DEVICE(0x0df6, 0x9071), .driver_info = DEVICE_ZD1211 }, 41 { USB_DEVICE(0x0df6, 0x9075), .driver_info = DEVICE_ZD1211 }, 42 { USB_DEVICE(0x126f, 0xa006), .driver_info = DEVICE_ZD1211 }, 43 { USB_DEVICE(0x129b, 0x1666), .driver_info = DEVICE_ZD1211 }, 44 { USB_DEVICE(0x13b1, 0x001e), .driver_info = DEVICE_ZD1211 }, 45 { USB_DEVICE(0x1435, 0x0711), .driver_info = DEVICE_ZD1211 }, 46 { USB_DEVICE(0x14ea, 0xab10), .driver_info = DEVICE_ZD1211 }, 47 { USB_DEVICE(0x14ea, 0xab13), .driver_info = DEVICE_ZD1211 }, 48 { USB_DEVICE(0x157e, 0x300a), .driver_info = DEVICE_ZD1211 }, 49 { USB_DEVICE(0x157e, 0x300b), .driver_info = DEVICE_ZD1211 }, 50 { USB_DEVICE(0x157e, 0x3204), .driver_info = DEVICE_ZD1211 }, 51 { USB_DEVICE(0x157e, 0x3207), .driver_info = DEVICE_ZD1211 }, 52 { USB_DEVICE(0x1740, 0x2000), .driver_info = DEVICE_ZD1211 }, 53 { USB_DEVICE(0x6891, 0xa727), .driver_info = DEVICE_ZD1211 }, 54 /* ZD1211B */ 55 { USB_DEVICE(0x0053, 0x5301), .driver_info = DEVICE_ZD1211B }, 56 { USB_DEVICE(0x0409, 0x0248), .driver_info = DEVICE_ZD1211B }, 57 { USB_DEVICE(0x0411, 0x00da), .driver_info = DEVICE_ZD1211B }, 58 { USB_DEVICE(0x0471, 0x1236), .driver_info = DEVICE_ZD1211B }, 59 { USB_DEVICE(0x0471, 0x1237), .driver_info = DEVICE_ZD1211B }, 60 { USB_DEVICE(0x050d, 0x705c), .driver_info = DEVICE_ZD1211B }, 61 { USB_DEVICE(0x054c, 0x0257), .driver_info = DEVICE_ZD1211B }, 62 { USB_DEVICE(0x0586, 0x340a), .driver_info = DEVICE_ZD1211B }, 63 { USB_DEVICE(0x0586, 0x340f), .driver_info = DEVICE_ZD1211B }, 64 { USB_DEVICE(0x0586, 0x3410), .driver_info = DEVICE_ZD1211B }, 65 { USB_DEVICE(0x0586, 0x3412), .driver_info = DEVICE_ZD1211B }, 66 { USB_DEVICE(0x0586, 0x3413), .driver_info = DEVICE_ZD1211B }, 67 { USB_DEVICE(0x079b, 0x0062), .driver_info = DEVICE_ZD1211B }, 68 { USB_DEVICE(0x07fa, 0x1196), .driver_info = DEVICE_ZD1211B }, 69 { USB_DEVICE(0x083a, 0x4505), .driver_info = DEVICE_ZD1211B }, 70 { USB_DEVICE(0x083a, 0xe501), .driver_info = DEVICE_ZD1211B }, 71 { USB_DEVICE(0x083a, 0xe503), .driver_info = DEVICE_ZD1211B }, 72 { USB_DEVICE(0x083a, 0xe506), .driver_info = DEVICE_ZD1211B }, 73 { USB_DEVICE(0x0ace, 0x1215), .driver_info = DEVICE_ZD1211B }, 74 { USB_DEVICE(0x0ace, 0xb215), .driver_info = DEVICE_ZD1211B }, 75 { USB_DEVICE(0x0b05, 0x171b), .driver_info = DEVICE_ZD1211B }, 76 { USB_DEVICE(0x0baf, 0x0121), .driver_info = DEVICE_ZD1211B }, 77 { USB_DEVICE(0x0cde, 0x001a), .driver_info = DEVICE_ZD1211B }, 78 { USB_DEVICE(0x0df6, 0x0036), .driver_info = DEVICE_ZD1211B }, 79 { USB_DEVICE(0x129b, 0x1667), .driver_info = DEVICE_ZD1211B }, 80 { USB_DEVICE(0x13b1, 0x0024), .driver_info = DEVICE_ZD1211B }, 81 { USB_DEVICE(0x157e, 0x300d), .driver_info = DEVICE_ZD1211B }, 82 { USB_DEVICE(0x1582, 0x6003), .driver_info = DEVICE_ZD1211B }, 83 { USB_DEVICE(0x2019, 0x5303), .driver_info = DEVICE_ZD1211B }, 84 { USB_DEVICE(0x2019, 0xed01), .driver_info = DEVICE_ZD1211B }, 85 /* "Driverless" devices that need ejecting */ 86 { USB_DEVICE(0x0ace, 0x2011), .driver_info = DEVICE_INSTALLER }, 87 { USB_DEVICE(0x0ace, 0x20ff), .driver_info = DEVICE_INSTALLER }, 88 {} 89 }; 90 91 MODULE_LICENSE("GPL"); 92 MODULE_DESCRIPTION("USB driver for devices with the ZD1211 chip."); 93 MODULE_AUTHOR("Ulrich Kunitz"); 94 MODULE_AUTHOR("Daniel Drake"); 95 MODULE_VERSION("1.0"); 96 MODULE_DEVICE_TABLE(usb, usb_ids); 97 98 #define FW_ZD1211_PREFIX "zd1211/zd1211_" 99 #define FW_ZD1211B_PREFIX "zd1211/zd1211b_" 100 101 static bool check_read_regs(struct zd_usb *usb, struct usb_req_read_regs *req, 102 unsigned int count); 103 104 /* USB device initialization */ 105 static void int_urb_complete(struct urb *urb); 106 107 static int request_fw_file( 108 const struct firmware **fw, const char *name, struct device *device) 109 { 110 int r; 111 112 dev_dbg_f(device, "fw name %s\n", name); 113 114 r = request_firmware(fw, name, device); 115 if (r) 116 dev_err(device, 117 "Could not load firmware file %s. Error number %d\n", 118 name, r); 119 return r; 120 } 121 122 static inline u16 get_bcdDevice(const struct usb_device *udev) 123 { 124 return le16_to_cpu(udev->descriptor.bcdDevice); 125 } 126 127 enum upload_code_flags { 128 REBOOT = 1, 129 }; 130 131 /* Ensures that MAX_TRANSFER_SIZE is even. */ 132 #define MAX_TRANSFER_SIZE (USB_MAX_TRANSFER_SIZE & ~1) 133 134 static int upload_code(struct usb_device *udev, 135 const u8 *data, size_t size, u16 code_offset, int flags) 136 { 137 u8 *p; 138 int r; 139 140 /* USB request blocks need "kmalloced" buffers. 141 */ 142 p = kmalloc(MAX_TRANSFER_SIZE, GFP_KERNEL); 143 if (!p) { 144 r = -ENOMEM; 145 goto error; 146 } 147 148 size &= ~1; 149 while (size > 0) { 150 size_t transfer_size = size <= MAX_TRANSFER_SIZE ? 151 size : MAX_TRANSFER_SIZE; 152 153 dev_dbg_f(&udev->dev, "transfer size %zu\n", transfer_size); 154 155 memcpy(p, data, transfer_size); 156 r = usb_control_msg(udev, usb_sndctrlpipe(udev, 0), 157 USB_REQ_FIRMWARE_DOWNLOAD, 158 USB_DIR_OUT | USB_TYPE_VENDOR, 159 code_offset, 0, p, transfer_size, 1000 /* ms */); 160 if (r < 0) { 161 dev_err(&udev->dev, 162 "USB control request for firmware upload" 163 " failed. Error number %d\n", r); 164 goto error; 165 } 166 transfer_size = r & ~1; 167 168 size -= transfer_size; 169 data += transfer_size; 170 code_offset += transfer_size/sizeof(u16); 171 } 172 173 if (flags & REBOOT) { 174 u8 ret; 175 176 /* Use "DMA-aware" buffer. */ 177 r = usb_control_msg(udev, usb_rcvctrlpipe(udev, 0), 178 USB_REQ_FIRMWARE_CONFIRM, 179 USB_DIR_IN | USB_TYPE_VENDOR, 180 0, 0, p, sizeof(ret), 5000 /* ms */); 181 if (r != sizeof(ret)) { 182 dev_err(&udev->dev, 183 "control request firmware confirmation failed." 184 " Return value %d\n", r); 185 if (r >= 0) 186 r = -ENODEV; 187 goto error; 188 } 189 ret = p[0]; 190 if (ret & 0x80) { 191 dev_err(&udev->dev, 192 "Internal error while downloading." 193 " Firmware confirm return value %#04x\n", 194 (unsigned int)ret); 195 r = -ENODEV; 196 goto error; 197 } 198 dev_dbg_f(&udev->dev, "firmware confirm return value %#04x\n", 199 (unsigned int)ret); 200 } 201 202 r = 0; 203 error: 204 kfree(p); 205 return r; 206 } 207 208 static u16 get_word(const void *data, u16 offset) 209 { 210 const __le16 *p = data; 211 return le16_to_cpu(p[offset]); 212 } 213 214 static char *get_fw_name(struct zd_usb *usb, char *buffer, size_t size, 215 const char* postfix) 216 { 217 scnprintf(buffer, size, "%s%s", 218 usb->is_zd1211b ? 219 FW_ZD1211B_PREFIX : FW_ZD1211_PREFIX, 220 postfix); 221 return buffer; 222 } 223 224 static int handle_version_mismatch(struct zd_usb *usb, 225 const struct firmware *ub_fw) 226 { 227 struct usb_device *udev = zd_usb_to_usbdev(usb); 228 const struct firmware *ur_fw = NULL; 229 int offset; 230 int r = 0; 231 char fw_name[128]; 232 233 r = request_fw_file(&ur_fw, 234 get_fw_name(usb, fw_name, sizeof(fw_name), "ur"), 235 &udev->dev); 236 if (r) 237 goto error; 238 239 r = upload_code(udev, ur_fw->data, ur_fw->size, FW_START, REBOOT); 240 if (r) 241 goto error; 242 243 offset = (E2P_BOOT_CODE_OFFSET * sizeof(u16)); 244 r = upload_code(udev, ub_fw->data + offset, ub_fw->size - offset, 245 E2P_START + E2P_BOOT_CODE_OFFSET, REBOOT); 246 247 /* At this point, the vendor driver downloads the whole firmware 248 * image, hacks around with version IDs, and uploads it again, 249 * completely overwriting the boot code. We do not do this here as 250 * it is not required on any tested devices, and it is suspected to 251 * cause problems. */ 252 error: 253 release_firmware(ur_fw); 254 return r; 255 } 256 257 static int upload_firmware(struct zd_usb *usb) 258 { 259 int r; 260 u16 fw_bcdDevice; 261 u16 bcdDevice; 262 struct usb_device *udev = zd_usb_to_usbdev(usb); 263 const struct firmware *ub_fw = NULL; 264 const struct firmware *uph_fw = NULL; 265 char fw_name[128]; 266 267 bcdDevice = get_bcdDevice(udev); 268 269 r = request_fw_file(&ub_fw, 270 get_fw_name(usb, fw_name, sizeof(fw_name), "ub"), 271 &udev->dev); 272 if (r) 273 goto error; 274 275 fw_bcdDevice = get_word(ub_fw->data, E2P_DATA_OFFSET); 276 277 if (fw_bcdDevice != bcdDevice) { 278 dev_info(&udev->dev, 279 "firmware version %#06x and device bootcode version " 280 "%#06x differ\n", fw_bcdDevice, bcdDevice); 281 if (bcdDevice <= 0x4313) 282 dev_warn(&udev->dev, "device has old bootcode, please " 283 "report success or failure\n"); 284 285 r = handle_version_mismatch(usb, ub_fw); 286 if (r) 287 goto error; 288 } else { 289 dev_dbg_f(&udev->dev, 290 "firmware device id %#06x is equal to the " 291 "actual device id\n", fw_bcdDevice); 292 } 293 294 295 r = request_fw_file(&uph_fw, 296 get_fw_name(usb, fw_name, sizeof(fw_name), "uphr"), 297 &udev->dev); 298 if (r) 299 goto error; 300 301 r = upload_code(udev, uph_fw->data, uph_fw->size, FW_START, REBOOT); 302 if (r) { 303 dev_err(&udev->dev, 304 "Could not upload firmware code uph. Error number %d\n", 305 r); 306 } 307 308 /* FALL-THROUGH */ 309 error: 310 release_firmware(ub_fw); 311 release_firmware(uph_fw); 312 return r; 313 } 314 315 MODULE_FIRMWARE(FW_ZD1211B_PREFIX "ur"); 316 MODULE_FIRMWARE(FW_ZD1211_PREFIX "ur"); 317 MODULE_FIRMWARE(FW_ZD1211B_PREFIX "ub"); 318 MODULE_FIRMWARE(FW_ZD1211_PREFIX "ub"); 319 MODULE_FIRMWARE(FW_ZD1211B_PREFIX "uphr"); 320 MODULE_FIRMWARE(FW_ZD1211_PREFIX "uphr"); 321 322 /* Read data from device address space using "firmware interface" which does 323 * not require firmware to be loaded. */ 324 int zd_usb_read_fw(struct zd_usb *usb, zd_addr_t addr, u8 *data, u16 len) 325 { 326 int r; 327 struct usb_device *udev = zd_usb_to_usbdev(usb); 328 u8 *buf; 329 330 /* Use "DMA-aware" buffer. */ 331 buf = kmalloc(len, GFP_KERNEL); 332 if (!buf) 333 return -ENOMEM; 334 r = usb_control_msg(udev, usb_rcvctrlpipe(udev, 0), 335 USB_REQ_FIRMWARE_READ_DATA, USB_DIR_IN | 0x40, addr, 0, 336 buf, len, 5000); 337 if (r < 0) { 338 dev_err(&udev->dev, 339 "read over firmware interface failed: %d\n", r); 340 goto exit; 341 } else if (r != len) { 342 dev_err(&udev->dev, 343 "incomplete read over firmware interface: %d/%d\n", 344 r, len); 345 r = -EIO; 346 goto exit; 347 } 348 r = 0; 349 memcpy(data, buf, len); 350 exit: 351 kfree(buf); 352 return r; 353 } 354 355 #define urb_dev(urb) (&(urb)->dev->dev) 356 357 static inline void handle_regs_int_override(struct urb *urb) 358 { 359 struct zd_usb *usb = urb->context; 360 struct zd_usb_interrupt *intr = &usb->intr; 361 unsigned long flags; 362 363 spin_lock_irqsave(&intr->lock, flags); 364 if (atomic_read(&intr->read_regs_enabled)) { 365 atomic_set(&intr->read_regs_enabled, 0); 366 intr->read_regs_int_overridden = 1; 367 complete(&intr->read_regs.completion); 368 } 369 spin_unlock_irqrestore(&intr->lock, flags); 370 } 371 372 static inline void handle_regs_int(struct urb *urb) 373 { 374 struct zd_usb *usb = urb->context; 375 struct zd_usb_interrupt *intr = &usb->intr; 376 unsigned long flags; 377 int len; 378 u16 int_num; 379 380 spin_lock_irqsave(&intr->lock, flags); 381 382 int_num = le16_to_cpu(*(__le16 *)(urb->transfer_buffer+2)); 383 if (int_num == (u16)CR_INTERRUPT) { 384 struct zd_mac *mac = zd_hw_mac(zd_usb_to_hw(urb->context)); 385 spin_lock(&mac->lock); 386 memcpy(&mac->intr_buffer, urb->transfer_buffer, 387 USB_MAX_EP_INT_BUFFER); 388 spin_unlock(&mac->lock); 389 schedule_work(&mac->process_intr); 390 } else if (atomic_read(&intr->read_regs_enabled)) { 391 len = urb->actual_length; 392 intr->read_regs.length = urb->actual_length; 393 if (len > sizeof(intr->read_regs.buffer)) 394 len = sizeof(intr->read_regs.buffer); 395 396 memcpy(intr->read_regs.buffer, urb->transfer_buffer, len); 397 398 /* Sometimes USB_INT_ID_REGS is not overridden, but comes after 399 * USB_INT_ID_RETRY_FAILED. Read-reg retry then gets this 400 * delayed USB_INT_ID_REGS, but leaves USB_INT_ID_REGS of 401 * retry unhandled. Next read-reg command then might catch 402 * this wrong USB_INT_ID_REGS. Fix by ignoring wrong reads. 403 */ 404 if (!check_read_regs(usb, intr->read_regs.req, 405 intr->read_regs.req_count)) 406 goto out; 407 408 atomic_set(&intr->read_regs_enabled, 0); 409 intr->read_regs_int_overridden = 0; 410 complete(&intr->read_regs.completion); 411 412 goto out; 413 } 414 415 out: 416 spin_unlock_irqrestore(&intr->lock, flags); 417 418 /* CR_INTERRUPT might override read_reg too. */ 419 if (int_num == (u16)CR_INTERRUPT && 420 atomic_read(&intr->read_regs_enabled)) 421 handle_regs_int_override(urb); 422 } 423 424 static void int_urb_complete(struct urb *urb) 425 { 426 int r; 427 struct usb_int_header *hdr; 428 struct zd_usb *usb; 429 struct zd_usb_interrupt *intr; 430 431 switch (urb->status) { 432 case 0: 433 break; 434 case -ESHUTDOWN: 435 case -EINVAL: 436 case -ENODEV: 437 case -ENOENT: 438 case -ECONNRESET: 439 case -EPIPE: 440 dev_dbg_f(urb_dev(urb), "urb %p error %d\n", urb, urb->status); 441 return; 442 default: 443 dev_dbg_f(urb_dev(urb), "urb %p error %d\n", urb, urb->status); 444 goto resubmit; 445 } 446 447 if (urb->actual_length < sizeof(hdr)) { 448 dev_dbg_f(urb_dev(urb), "error: urb %p too small\n", urb); 449 goto resubmit; 450 } 451 452 hdr = urb->transfer_buffer; 453 if (hdr->type != USB_INT_TYPE) { 454 dev_dbg_f(urb_dev(urb), "error: urb %p wrong type\n", urb); 455 goto resubmit; 456 } 457 458 /* USB_INT_ID_RETRY_FAILED triggered by tx-urb submit can override 459 * pending USB_INT_ID_REGS causing read command timeout. 460 */ 461 usb = urb->context; 462 intr = &usb->intr; 463 if (hdr->id != USB_INT_ID_REGS && atomic_read(&intr->read_regs_enabled)) 464 handle_regs_int_override(urb); 465 466 switch (hdr->id) { 467 case USB_INT_ID_REGS: 468 handle_regs_int(urb); 469 break; 470 case USB_INT_ID_RETRY_FAILED: 471 zd_mac_tx_failed(urb); 472 break; 473 default: 474 dev_dbg_f(urb_dev(urb), "error: urb %p unknown id %x\n", urb, 475 (unsigned int)hdr->id); 476 goto resubmit; 477 } 478 479 resubmit: 480 r = usb_submit_urb(urb, GFP_ATOMIC); 481 if (r) { 482 dev_dbg_f(urb_dev(urb), "error: resubmit urb %p err code %d\n", 483 urb, r); 484 /* TODO: add worker to reset intr->urb */ 485 } 486 return; 487 } 488 489 static inline int int_urb_interval(struct usb_device *udev) 490 { 491 switch (udev->speed) { 492 case USB_SPEED_HIGH: 493 return 4; 494 case USB_SPEED_LOW: 495 return 10; 496 case USB_SPEED_FULL: 497 default: 498 return 1; 499 } 500 } 501 502 static inline int usb_int_enabled(struct zd_usb *usb) 503 { 504 unsigned long flags; 505 struct zd_usb_interrupt *intr = &usb->intr; 506 struct urb *urb; 507 508 spin_lock_irqsave(&intr->lock, flags); 509 urb = intr->urb; 510 spin_unlock_irqrestore(&intr->lock, flags); 511 return urb != NULL; 512 } 513 514 int zd_usb_enable_int(struct zd_usb *usb) 515 { 516 int r; 517 struct usb_device *udev = zd_usb_to_usbdev(usb); 518 struct zd_usb_interrupt *intr = &usb->intr; 519 struct urb *urb; 520 521 dev_dbg_f(zd_usb_dev(usb), "\n"); 522 523 urb = usb_alloc_urb(0, GFP_KERNEL); 524 if (!urb) { 525 r = -ENOMEM; 526 goto out; 527 } 528 529 ZD_ASSERT(!irqs_disabled()); 530 spin_lock_irq(&intr->lock); 531 if (intr->urb) { 532 spin_unlock_irq(&intr->lock); 533 r = 0; 534 goto error_free_urb; 535 } 536 intr->urb = urb; 537 spin_unlock_irq(&intr->lock); 538 539 r = -ENOMEM; 540 intr->buffer = usb_alloc_coherent(udev, USB_MAX_EP_INT_BUFFER, 541 GFP_KERNEL, &intr->buffer_dma); 542 if (!intr->buffer) { 543 dev_dbg_f(zd_usb_dev(usb), 544 "couldn't allocate transfer_buffer\n"); 545 goto error_set_urb_null; 546 } 547 548 usb_fill_int_urb(urb, udev, usb_rcvintpipe(udev, EP_INT_IN), 549 intr->buffer, USB_MAX_EP_INT_BUFFER, 550 int_urb_complete, usb, 551 intr->interval); 552 urb->transfer_dma = intr->buffer_dma; 553 urb->transfer_flags |= URB_NO_TRANSFER_DMA_MAP; 554 555 dev_dbg_f(zd_usb_dev(usb), "submit urb %p\n", intr->urb); 556 r = usb_submit_urb(urb, GFP_KERNEL); 557 if (r) { 558 dev_dbg_f(zd_usb_dev(usb), 559 "Couldn't submit urb. Error number %d\n", r); 560 goto error; 561 } 562 563 return 0; 564 error: 565 usb_free_coherent(udev, USB_MAX_EP_INT_BUFFER, 566 intr->buffer, intr->buffer_dma); 567 error_set_urb_null: 568 spin_lock_irq(&intr->lock); 569 intr->urb = NULL; 570 spin_unlock_irq(&intr->lock); 571 error_free_urb: 572 usb_free_urb(urb); 573 out: 574 return r; 575 } 576 577 void zd_usb_disable_int(struct zd_usb *usb) 578 { 579 unsigned long flags; 580 struct usb_device *udev = zd_usb_to_usbdev(usb); 581 struct zd_usb_interrupt *intr = &usb->intr; 582 struct urb *urb; 583 void *buffer; 584 dma_addr_t buffer_dma; 585 586 spin_lock_irqsave(&intr->lock, flags); 587 urb = intr->urb; 588 if (!urb) { 589 spin_unlock_irqrestore(&intr->lock, flags); 590 return; 591 } 592 intr->urb = NULL; 593 buffer = intr->buffer; 594 buffer_dma = intr->buffer_dma; 595 intr->buffer = NULL; 596 spin_unlock_irqrestore(&intr->lock, flags); 597 598 usb_kill_urb(urb); 599 dev_dbg_f(zd_usb_dev(usb), "urb %p killed\n", urb); 600 usb_free_urb(urb); 601 602 usb_free_coherent(udev, USB_MAX_EP_INT_BUFFER, buffer, buffer_dma); 603 } 604 605 static void handle_rx_packet(struct zd_usb *usb, const u8 *buffer, 606 unsigned int length) 607 { 608 int i; 609 const struct rx_length_info *length_info; 610 611 if (length < sizeof(struct rx_length_info)) { 612 /* It's not a complete packet anyhow. */ 613 dev_dbg_f(zd_usb_dev(usb), "invalid, small RX packet : %d\n", 614 length); 615 return; 616 } 617 length_info = (struct rx_length_info *) 618 (buffer + length - sizeof(struct rx_length_info)); 619 620 /* It might be that three frames are merged into a single URB 621 * transaction. We have to check for the length info tag. 622 * 623 * While testing we discovered that length_info might be unaligned, 624 * because if USB transactions are merged, the last packet will not 625 * be padded. Unaligned access might also happen if the length_info 626 * structure is not present. 627 */ 628 if (get_unaligned_le16(&length_info->tag) == RX_LENGTH_INFO_TAG) 629 { 630 unsigned int l, k, n; 631 for (i = 0, l = 0;; i++) { 632 k = get_unaligned_le16(&length_info->length[i]); 633 if (k == 0) 634 return; 635 n = l+k; 636 if (n > length) 637 return; 638 zd_mac_rx(zd_usb_to_hw(usb), buffer+l, k); 639 if (i >= 2) 640 return; 641 l = (n+3) & ~3; 642 } 643 } else { 644 zd_mac_rx(zd_usb_to_hw(usb), buffer, length); 645 } 646 } 647 648 static void rx_urb_complete(struct urb *urb) 649 { 650 int r; 651 struct zd_usb *usb; 652 struct zd_usb_rx *rx; 653 const u8 *buffer; 654 unsigned int length; 655 unsigned long flags; 656 657 switch (urb->status) { 658 case 0: 659 break; 660 case -ESHUTDOWN: 661 case -EINVAL: 662 case -ENODEV: 663 case -ENOENT: 664 case -ECONNRESET: 665 case -EPIPE: 666 dev_dbg_f(urb_dev(urb), "urb %p error %d\n", urb, urb->status); 667 return; 668 default: 669 dev_dbg_f(urb_dev(urb), "urb %p error %d\n", urb, urb->status); 670 goto resubmit; 671 } 672 673 buffer = urb->transfer_buffer; 674 length = urb->actual_length; 675 usb = urb->context; 676 rx = &usb->rx; 677 678 tasklet_schedule(&rx->reset_timer_tasklet); 679 680 if (length%rx->usb_packet_size > rx->usb_packet_size-4) { 681 /* If there is an old first fragment, we don't care. */ 682 dev_dbg_f(urb_dev(urb), "*** first fragment ***\n"); 683 ZD_ASSERT(length <= ARRAY_SIZE(rx->fragment)); 684 spin_lock_irqsave(&rx->lock, flags); 685 memcpy(rx->fragment, buffer, length); 686 rx->fragment_length = length; 687 spin_unlock_irqrestore(&rx->lock, flags); 688 goto resubmit; 689 } 690 691 spin_lock_irqsave(&rx->lock, flags); 692 if (rx->fragment_length > 0) { 693 /* We are on a second fragment, we believe */ 694 ZD_ASSERT(length + rx->fragment_length <= 695 ARRAY_SIZE(rx->fragment)); 696 dev_dbg_f(urb_dev(urb), "*** second fragment ***\n"); 697 memcpy(rx->fragment+rx->fragment_length, buffer, length); 698 handle_rx_packet(usb, rx->fragment, 699 rx->fragment_length + length); 700 rx->fragment_length = 0; 701 spin_unlock_irqrestore(&rx->lock, flags); 702 } else { 703 spin_unlock_irqrestore(&rx->lock, flags); 704 handle_rx_packet(usb, buffer, length); 705 } 706 707 resubmit: 708 r = usb_submit_urb(urb, GFP_ATOMIC); 709 if (r) 710 dev_dbg_f(urb_dev(urb), "urb %p resubmit error %d\n", urb, r); 711 } 712 713 static struct urb *alloc_rx_urb(struct zd_usb *usb) 714 { 715 struct usb_device *udev = zd_usb_to_usbdev(usb); 716 struct urb *urb; 717 void *buffer; 718 719 urb = usb_alloc_urb(0, GFP_KERNEL); 720 if (!urb) 721 return NULL; 722 buffer = usb_alloc_coherent(udev, USB_MAX_RX_SIZE, GFP_KERNEL, 723 &urb->transfer_dma); 724 if (!buffer) { 725 usb_free_urb(urb); 726 return NULL; 727 } 728 729 usb_fill_bulk_urb(urb, udev, usb_rcvbulkpipe(udev, EP_DATA_IN), 730 buffer, USB_MAX_RX_SIZE, 731 rx_urb_complete, usb); 732 urb->transfer_flags |= URB_NO_TRANSFER_DMA_MAP; 733 734 return urb; 735 } 736 737 static void free_rx_urb(struct urb *urb) 738 { 739 if (!urb) 740 return; 741 usb_free_coherent(urb->dev, urb->transfer_buffer_length, 742 urb->transfer_buffer, urb->transfer_dma); 743 usb_free_urb(urb); 744 } 745 746 static int __zd_usb_enable_rx(struct zd_usb *usb) 747 { 748 int i, r; 749 struct zd_usb_rx *rx = &usb->rx; 750 struct urb **urbs; 751 752 dev_dbg_f(zd_usb_dev(usb), "\n"); 753 754 r = -ENOMEM; 755 urbs = kcalloc(RX_URBS_COUNT, sizeof(struct urb *), GFP_KERNEL); 756 if (!urbs) 757 goto error; 758 for (i = 0; i < RX_URBS_COUNT; i++) { 759 urbs[i] = alloc_rx_urb(usb); 760 if (!urbs[i]) 761 goto error; 762 } 763 764 ZD_ASSERT(!irqs_disabled()); 765 spin_lock_irq(&rx->lock); 766 if (rx->urbs) { 767 spin_unlock_irq(&rx->lock); 768 r = 0; 769 goto error; 770 } 771 rx->urbs = urbs; 772 rx->urbs_count = RX_URBS_COUNT; 773 spin_unlock_irq(&rx->lock); 774 775 for (i = 0; i < RX_URBS_COUNT; i++) { 776 r = usb_submit_urb(urbs[i], GFP_KERNEL); 777 if (r) 778 goto error_submit; 779 } 780 781 return 0; 782 error_submit: 783 for (i = 0; i < RX_URBS_COUNT; i++) { 784 usb_kill_urb(urbs[i]); 785 } 786 spin_lock_irq(&rx->lock); 787 rx->urbs = NULL; 788 rx->urbs_count = 0; 789 spin_unlock_irq(&rx->lock); 790 error: 791 if (urbs) { 792 for (i = 0; i < RX_URBS_COUNT; i++) 793 free_rx_urb(urbs[i]); 794 kfree(urbs); 795 } 796 return r; 797 } 798 799 int zd_usb_enable_rx(struct zd_usb *usb) 800 { 801 int r; 802 struct zd_usb_rx *rx = &usb->rx; 803 804 mutex_lock(&rx->setup_mutex); 805 r = __zd_usb_enable_rx(usb); 806 mutex_unlock(&rx->setup_mutex); 807 808 zd_usb_reset_rx_idle_timer(usb); 809 810 return r; 811 } 812 813 static void __zd_usb_disable_rx(struct zd_usb *usb) 814 { 815 int i; 816 unsigned long flags; 817 struct urb **urbs; 818 unsigned int count; 819 struct zd_usb_rx *rx = &usb->rx; 820 821 spin_lock_irqsave(&rx->lock, flags); 822 urbs = rx->urbs; 823 count = rx->urbs_count; 824 spin_unlock_irqrestore(&rx->lock, flags); 825 if (!urbs) 826 return; 827 828 for (i = 0; i < count; i++) { 829 usb_kill_urb(urbs[i]); 830 free_rx_urb(urbs[i]); 831 } 832 kfree(urbs); 833 834 spin_lock_irqsave(&rx->lock, flags); 835 rx->urbs = NULL; 836 rx->urbs_count = 0; 837 spin_unlock_irqrestore(&rx->lock, flags); 838 } 839 840 void zd_usb_disable_rx(struct zd_usb *usb) 841 { 842 struct zd_usb_rx *rx = &usb->rx; 843 844 mutex_lock(&rx->setup_mutex); 845 __zd_usb_disable_rx(usb); 846 mutex_unlock(&rx->setup_mutex); 847 848 tasklet_kill(&rx->reset_timer_tasklet); 849 cancel_delayed_work_sync(&rx->idle_work); 850 } 851 852 static void zd_usb_reset_rx(struct zd_usb *usb) 853 { 854 bool do_reset; 855 struct zd_usb_rx *rx = &usb->rx; 856 unsigned long flags; 857 858 mutex_lock(&rx->setup_mutex); 859 860 spin_lock_irqsave(&rx->lock, flags); 861 do_reset = rx->urbs != NULL; 862 spin_unlock_irqrestore(&rx->lock, flags); 863 864 if (do_reset) { 865 __zd_usb_disable_rx(usb); 866 __zd_usb_enable_rx(usb); 867 } 868 869 mutex_unlock(&rx->setup_mutex); 870 871 if (do_reset) 872 zd_usb_reset_rx_idle_timer(usb); 873 } 874 875 /** 876 * zd_usb_disable_tx - disable transmission 877 * @usb: the zd1211rw-private USB structure 878 * 879 * Frees all URBs in the free list and marks the transmission as disabled. 880 */ 881 void zd_usb_disable_tx(struct zd_usb *usb) 882 { 883 struct zd_usb_tx *tx = &usb->tx; 884 unsigned long flags; 885 886 atomic_set(&tx->enabled, 0); 887 888 /* kill all submitted tx-urbs */ 889 usb_kill_anchored_urbs(&tx->submitted); 890 891 spin_lock_irqsave(&tx->lock, flags); 892 WARN_ON(!skb_queue_empty(&tx->submitted_skbs)); 893 WARN_ON(tx->submitted_urbs != 0); 894 tx->submitted_urbs = 0; 895 spin_unlock_irqrestore(&tx->lock, flags); 896 897 /* The stopped state is ignored, relying on ieee80211_wake_queues() 898 * in a potentionally following zd_usb_enable_tx(). 899 */ 900 } 901 902 /** 903 * zd_usb_enable_tx - enables transmission 904 * @usb: a &struct zd_usb pointer 905 * 906 * This function enables transmission and prepares the &zd_usb_tx data 907 * structure. 908 */ 909 void zd_usb_enable_tx(struct zd_usb *usb) 910 { 911 unsigned long flags; 912 struct zd_usb_tx *tx = &usb->tx; 913 914 spin_lock_irqsave(&tx->lock, flags); 915 atomic_set(&tx->enabled, 1); 916 tx->submitted_urbs = 0; 917 ieee80211_wake_queues(zd_usb_to_hw(usb)); 918 tx->stopped = 0; 919 spin_unlock_irqrestore(&tx->lock, flags); 920 } 921 922 static void tx_dec_submitted_urbs(struct zd_usb *usb) 923 { 924 struct zd_usb_tx *tx = &usb->tx; 925 unsigned long flags; 926 927 spin_lock_irqsave(&tx->lock, flags); 928 --tx->submitted_urbs; 929 if (tx->stopped && tx->submitted_urbs <= ZD_USB_TX_LOW) { 930 ieee80211_wake_queues(zd_usb_to_hw(usb)); 931 tx->stopped = 0; 932 } 933 spin_unlock_irqrestore(&tx->lock, flags); 934 } 935 936 static void tx_inc_submitted_urbs(struct zd_usb *usb) 937 { 938 struct zd_usb_tx *tx = &usb->tx; 939 unsigned long flags; 940 941 spin_lock_irqsave(&tx->lock, flags); 942 ++tx->submitted_urbs; 943 if (!tx->stopped && tx->submitted_urbs > ZD_USB_TX_HIGH) { 944 ieee80211_stop_queues(zd_usb_to_hw(usb)); 945 tx->stopped = 1; 946 } 947 spin_unlock_irqrestore(&tx->lock, flags); 948 } 949 950 /** 951 * tx_urb_complete - completes the execution of an URB 952 * @urb: a URB 953 * 954 * This function is called if the URB has been transferred to a device or an 955 * error has happened. 956 */ 957 static void tx_urb_complete(struct urb *urb) 958 { 959 int r; 960 struct sk_buff *skb; 961 struct ieee80211_tx_info *info; 962 struct zd_usb *usb; 963 struct zd_usb_tx *tx; 964 965 skb = (struct sk_buff *)urb->context; 966 info = IEEE80211_SKB_CB(skb); 967 /* 968 * grab 'usb' pointer before handing off the skb (since 969 * it might be freed by zd_mac_tx_to_dev or mac80211) 970 */ 971 usb = &zd_hw_mac(info->rate_driver_data[0])->chip.usb; 972 tx = &usb->tx; 973 974 switch (urb->status) { 975 case 0: 976 break; 977 case -ESHUTDOWN: 978 case -EINVAL: 979 case -ENODEV: 980 case -ENOENT: 981 case -ECONNRESET: 982 case -EPIPE: 983 dev_dbg_f(urb_dev(urb), "urb %p error %d\n", urb, urb->status); 984 break; 985 default: 986 dev_dbg_f(urb_dev(urb), "urb %p error %d\n", urb, urb->status); 987 goto resubmit; 988 } 989 free_urb: 990 skb_unlink(skb, &usb->tx.submitted_skbs); 991 zd_mac_tx_to_dev(skb, urb->status); 992 usb_free_urb(urb); 993 tx_dec_submitted_urbs(usb); 994 return; 995 resubmit: 996 usb_anchor_urb(urb, &tx->submitted); 997 r = usb_submit_urb(urb, GFP_ATOMIC); 998 if (r) { 999 usb_unanchor_urb(urb); 1000 dev_dbg_f(urb_dev(urb), "error resubmit urb %p %d\n", urb, r); 1001 goto free_urb; 1002 } 1003 } 1004 1005 /** 1006 * zd_usb_tx: initiates transfer of a frame of the device 1007 * 1008 * @usb: the zd1211rw-private USB structure 1009 * @skb: a &struct sk_buff pointer 1010 * 1011 * This function transmits a frame to the device. It doesn't wait for 1012 * completion. The frame must contain the control set and have all the 1013 * control set information available. 1014 * 1015 * The function returns 0 if the transfer has been successfully initiated. 1016 */ 1017 int zd_usb_tx(struct zd_usb *usb, struct sk_buff *skb) 1018 { 1019 int r; 1020 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb); 1021 struct usb_device *udev = zd_usb_to_usbdev(usb); 1022 struct urb *urb; 1023 struct zd_usb_tx *tx = &usb->tx; 1024 1025 if (!atomic_read(&tx->enabled)) { 1026 r = -ENOENT; 1027 goto out; 1028 } 1029 1030 urb = usb_alloc_urb(0, GFP_ATOMIC); 1031 if (!urb) { 1032 r = -ENOMEM; 1033 goto out; 1034 } 1035 1036 usb_fill_bulk_urb(urb, udev, usb_sndbulkpipe(udev, EP_DATA_OUT), 1037 skb->data, skb->len, tx_urb_complete, skb); 1038 1039 info->rate_driver_data[1] = (void *)jiffies; 1040 skb_queue_tail(&tx->submitted_skbs, skb); 1041 usb_anchor_urb(urb, &tx->submitted); 1042 1043 r = usb_submit_urb(urb, GFP_ATOMIC); 1044 if (r) { 1045 dev_dbg_f(zd_usb_dev(usb), "error submit urb %p %d\n", urb, r); 1046 usb_unanchor_urb(urb); 1047 skb_unlink(skb, &tx->submitted_skbs); 1048 goto error; 1049 } 1050 tx_inc_submitted_urbs(usb); 1051 return 0; 1052 error: 1053 usb_free_urb(urb); 1054 out: 1055 return r; 1056 } 1057 1058 static bool zd_tx_timeout(struct zd_usb *usb) 1059 { 1060 struct zd_usb_tx *tx = &usb->tx; 1061 struct sk_buff_head *q = &tx->submitted_skbs; 1062 struct sk_buff *skb, *skbnext; 1063 struct ieee80211_tx_info *info; 1064 unsigned long flags, trans_start; 1065 bool have_timedout = false; 1066 1067 spin_lock_irqsave(&q->lock, flags); 1068 skb_queue_walk_safe(q, skb, skbnext) { 1069 info = IEEE80211_SKB_CB(skb); 1070 trans_start = (unsigned long)info->rate_driver_data[1]; 1071 1072 if (time_is_before_jiffies(trans_start + ZD_TX_TIMEOUT)) { 1073 have_timedout = true; 1074 break; 1075 } 1076 } 1077 spin_unlock_irqrestore(&q->lock, flags); 1078 1079 return have_timedout; 1080 } 1081 1082 static void zd_tx_watchdog_handler(struct work_struct *work) 1083 { 1084 struct zd_usb *usb = 1085 container_of(work, struct zd_usb, tx.watchdog_work.work); 1086 struct zd_usb_tx *tx = &usb->tx; 1087 1088 if (!atomic_read(&tx->enabled) || !tx->watchdog_enabled) 1089 goto out; 1090 if (!zd_tx_timeout(usb)) 1091 goto out; 1092 1093 /* TX halted, try reset */ 1094 dev_warn(zd_usb_dev(usb), "TX-stall detected, resetting device..."); 1095 1096 usb_queue_reset_device(usb->intf); 1097 1098 /* reset will stop this worker, don't rearm */ 1099 return; 1100 out: 1101 queue_delayed_work(zd_workqueue, &tx->watchdog_work, 1102 ZD_TX_WATCHDOG_INTERVAL); 1103 } 1104 1105 void zd_tx_watchdog_enable(struct zd_usb *usb) 1106 { 1107 struct zd_usb_tx *tx = &usb->tx; 1108 1109 if (!tx->watchdog_enabled) { 1110 dev_dbg_f(zd_usb_dev(usb), "\n"); 1111 queue_delayed_work(zd_workqueue, &tx->watchdog_work, 1112 ZD_TX_WATCHDOG_INTERVAL); 1113 tx->watchdog_enabled = 1; 1114 } 1115 } 1116 1117 void zd_tx_watchdog_disable(struct zd_usb *usb) 1118 { 1119 struct zd_usb_tx *tx = &usb->tx; 1120 1121 if (tx->watchdog_enabled) { 1122 dev_dbg_f(zd_usb_dev(usb), "\n"); 1123 tx->watchdog_enabled = 0; 1124 cancel_delayed_work_sync(&tx->watchdog_work); 1125 } 1126 } 1127 1128 static void zd_rx_idle_timer_handler(struct work_struct *work) 1129 { 1130 struct zd_usb *usb = 1131 container_of(work, struct zd_usb, rx.idle_work.work); 1132 struct zd_mac *mac = zd_usb_to_mac(usb); 1133 1134 if (!test_bit(ZD_DEVICE_RUNNING, &mac->flags)) 1135 return; 1136 1137 dev_dbg_f(zd_usb_dev(usb), "\n"); 1138 1139 /* 30 seconds since last rx, reset rx */ 1140 zd_usb_reset_rx(usb); 1141 } 1142 1143 static void zd_usb_reset_rx_idle_timer_tasklet(struct tasklet_struct *t) 1144 { 1145 struct zd_usb *usb = from_tasklet(usb, t, rx.reset_timer_tasklet); 1146 1147 zd_usb_reset_rx_idle_timer(usb); 1148 } 1149 1150 void zd_usb_reset_rx_idle_timer(struct zd_usb *usb) 1151 { 1152 struct zd_usb_rx *rx = &usb->rx; 1153 1154 mod_delayed_work(zd_workqueue, &rx->idle_work, ZD_RX_IDLE_INTERVAL); 1155 } 1156 1157 static inline void init_usb_interrupt(struct zd_usb *usb) 1158 { 1159 struct zd_usb_interrupt *intr = &usb->intr; 1160 1161 spin_lock_init(&intr->lock); 1162 intr->interval = int_urb_interval(zd_usb_to_usbdev(usb)); 1163 init_completion(&intr->read_regs.completion); 1164 atomic_set(&intr->read_regs_enabled, 0); 1165 intr->read_regs.cr_int_addr = cpu_to_le16((u16)CR_INTERRUPT); 1166 } 1167 1168 static inline void init_usb_rx(struct zd_usb *usb) 1169 { 1170 struct zd_usb_rx *rx = &usb->rx; 1171 1172 spin_lock_init(&rx->lock); 1173 mutex_init(&rx->setup_mutex); 1174 if (interface_to_usbdev(usb->intf)->speed == USB_SPEED_HIGH) { 1175 rx->usb_packet_size = 512; 1176 } else { 1177 rx->usb_packet_size = 64; 1178 } 1179 ZD_ASSERT(rx->fragment_length == 0); 1180 INIT_DELAYED_WORK(&rx->idle_work, zd_rx_idle_timer_handler); 1181 rx->reset_timer_tasklet.func = (void (*)) 1182 zd_usb_reset_rx_idle_timer_tasklet; 1183 rx->reset_timer_tasklet.data = (unsigned long)&rx->reset_timer_tasklet; 1184 } 1185 1186 static inline void init_usb_tx(struct zd_usb *usb) 1187 { 1188 struct zd_usb_tx *tx = &usb->tx; 1189 1190 spin_lock_init(&tx->lock); 1191 atomic_set(&tx->enabled, 0); 1192 tx->stopped = 0; 1193 skb_queue_head_init(&tx->submitted_skbs); 1194 init_usb_anchor(&tx->submitted); 1195 tx->submitted_urbs = 0; 1196 tx->watchdog_enabled = 0; 1197 INIT_DELAYED_WORK(&tx->watchdog_work, zd_tx_watchdog_handler); 1198 } 1199 1200 void zd_usb_init(struct zd_usb *usb, struct ieee80211_hw *hw, 1201 struct usb_interface *intf) 1202 { 1203 memset(usb, 0, sizeof(*usb)); 1204 usb->intf = usb_get_intf(intf); 1205 usb_set_intfdata(usb->intf, hw); 1206 init_usb_anchor(&usb->submitted_cmds); 1207 init_usb_interrupt(usb); 1208 init_usb_tx(usb); 1209 init_usb_rx(usb); 1210 } 1211 1212 void zd_usb_clear(struct zd_usb *usb) 1213 { 1214 usb_set_intfdata(usb->intf, NULL); 1215 usb_put_intf(usb->intf); 1216 ZD_MEMCLEAR(usb, sizeof(*usb)); 1217 /* FIXME: usb_interrupt, usb_tx, usb_rx? */ 1218 } 1219 1220 static const char *speed(enum usb_device_speed speed) 1221 { 1222 switch (speed) { 1223 case USB_SPEED_LOW: 1224 return "low"; 1225 case USB_SPEED_FULL: 1226 return "full"; 1227 case USB_SPEED_HIGH: 1228 return "high"; 1229 default: 1230 return "unknown speed"; 1231 } 1232 } 1233 1234 static int scnprint_id(struct usb_device *udev, char *buffer, size_t size) 1235 { 1236 return scnprintf(buffer, size, "%04hx:%04hx v%04hx %s", 1237 le16_to_cpu(udev->descriptor.idVendor), 1238 le16_to_cpu(udev->descriptor.idProduct), 1239 get_bcdDevice(udev), 1240 speed(udev->speed)); 1241 } 1242 1243 int zd_usb_scnprint_id(struct zd_usb *usb, char *buffer, size_t size) 1244 { 1245 struct usb_device *udev = interface_to_usbdev(usb->intf); 1246 return scnprint_id(udev, buffer, size); 1247 } 1248 1249 #ifdef DEBUG 1250 static void print_id(struct usb_device *udev) 1251 { 1252 char buffer[40]; 1253 1254 scnprint_id(udev, buffer, sizeof(buffer)); 1255 buffer[sizeof(buffer)-1] = 0; 1256 dev_dbg_f(&udev->dev, "%s\n", buffer); 1257 } 1258 #else 1259 #define print_id(udev) do { } while (0) 1260 #endif 1261 1262 static int eject_installer(struct usb_interface *intf) 1263 { 1264 struct usb_device *udev = interface_to_usbdev(intf); 1265 struct usb_host_interface *iface_desc = intf->cur_altsetting; 1266 struct usb_endpoint_descriptor *endpoint; 1267 unsigned char *cmd; 1268 u8 bulk_out_ep; 1269 int r; 1270 1271 if (iface_desc->desc.bNumEndpoints < 2) 1272 return -ENODEV; 1273 1274 /* Find bulk out endpoint */ 1275 for (r = 1; r >= 0; r--) { 1276 endpoint = &iface_desc->endpoint[r].desc; 1277 if (usb_endpoint_dir_out(endpoint) && 1278 usb_endpoint_xfer_bulk(endpoint)) { 1279 bulk_out_ep = endpoint->bEndpointAddress; 1280 break; 1281 } 1282 } 1283 if (r == -1) { 1284 dev_err(&udev->dev, 1285 "zd1211rw: Could not find bulk out endpoint\n"); 1286 return -ENODEV; 1287 } 1288 1289 cmd = kzalloc(31, GFP_KERNEL); 1290 if (cmd == NULL) 1291 return -ENODEV; 1292 1293 /* USB bulk command block */ 1294 cmd[0] = 0x55; /* bulk command signature */ 1295 cmd[1] = 0x53; /* bulk command signature */ 1296 cmd[2] = 0x42; /* bulk command signature */ 1297 cmd[3] = 0x43; /* bulk command signature */ 1298 cmd[14] = 6; /* command length */ 1299 1300 cmd[15] = 0x1b; /* SCSI command: START STOP UNIT */ 1301 cmd[19] = 0x2; /* eject disc */ 1302 1303 dev_info(&udev->dev, "Ejecting virtual installer media...\n"); 1304 r = usb_bulk_msg(udev, usb_sndbulkpipe(udev, bulk_out_ep), 1305 cmd, 31, NULL, 2000); 1306 kfree(cmd); 1307 if (r) 1308 return r; 1309 1310 /* At this point, the device disconnects and reconnects with the real 1311 * ID numbers. */ 1312 1313 usb_set_intfdata(intf, NULL); 1314 return 0; 1315 } 1316 1317 int zd_usb_init_hw(struct zd_usb *usb) 1318 { 1319 int r; 1320 struct zd_mac *mac = zd_usb_to_mac(usb); 1321 1322 dev_dbg_f(zd_usb_dev(usb), "\n"); 1323 1324 r = upload_firmware(usb); 1325 if (r) { 1326 dev_err(zd_usb_dev(usb), 1327 "couldn't load firmware. Error number %d\n", r); 1328 return r; 1329 } 1330 1331 r = usb_reset_configuration(zd_usb_to_usbdev(usb)); 1332 if (r) { 1333 dev_dbg_f(zd_usb_dev(usb), 1334 "couldn't reset configuration. Error number %d\n", r); 1335 return r; 1336 } 1337 1338 r = zd_mac_init_hw(mac->hw); 1339 if (r) { 1340 dev_dbg_f(zd_usb_dev(usb), 1341 "couldn't initialize mac. Error number %d\n", r); 1342 return r; 1343 } 1344 1345 usb->initialized = 1; 1346 return 0; 1347 } 1348 1349 static int probe(struct usb_interface *intf, const struct usb_device_id *id) 1350 { 1351 int r; 1352 struct usb_device *udev = interface_to_usbdev(intf); 1353 struct zd_usb *usb; 1354 struct ieee80211_hw *hw = NULL; 1355 1356 print_id(udev); 1357 1358 if (id->driver_info & DEVICE_INSTALLER) 1359 return eject_installer(intf); 1360 1361 switch (udev->speed) { 1362 case USB_SPEED_LOW: 1363 case USB_SPEED_FULL: 1364 case USB_SPEED_HIGH: 1365 break; 1366 default: 1367 dev_dbg_f(&intf->dev, "Unknown USB speed\n"); 1368 r = -ENODEV; 1369 goto error; 1370 } 1371 1372 r = usb_reset_device(udev); 1373 if (r) { 1374 dev_err(&intf->dev, 1375 "couldn't reset usb device. Error number %d\n", r); 1376 goto error; 1377 } 1378 1379 hw = zd_mac_alloc_hw(intf); 1380 if (hw == NULL) { 1381 r = -ENOMEM; 1382 goto error; 1383 } 1384 1385 usb = &zd_hw_mac(hw)->chip.usb; 1386 usb->is_zd1211b = (id->driver_info == DEVICE_ZD1211B) != 0; 1387 1388 r = zd_mac_preinit_hw(hw); 1389 if (r) { 1390 dev_dbg_f(&intf->dev, 1391 "couldn't initialize mac. Error number %d\n", r); 1392 goto error; 1393 } 1394 1395 r = ieee80211_register_hw(hw); 1396 if (r) { 1397 dev_dbg_f(&intf->dev, 1398 "couldn't register device. Error number %d\n", r); 1399 goto error; 1400 } 1401 1402 dev_dbg_f(&intf->dev, "successful\n"); 1403 dev_info(&intf->dev, "%s\n", wiphy_name(hw->wiphy)); 1404 return 0; 1405 error: 1406 usb_reset_device(interface_to_usbdev(intf)); 1407 if (hw) { 1408 zd_mac_clear(zd_hw_mac(hw)); 1409 ieee80211_free_hw(hw); 1410 } 1411 return r; 1412 } 1413 1414 static void disconnect(struct usb_interface *intf) 1415 { 1416 struct ieee80211_hw *hw = zd_intf_to_hw(intf); 1417 struct zd_mac *mac; 1418 struct zd_usb *usb; 1419 1420 /* Either something really bad happened, or we're just dealing with 1421 * a DEVICE_INSTALLER. */ 1422 if (hw == NULL) 1423 return; 1424 1425 mac = zd_hw_mac(hw); 1426 usb = &mac->chip.usb; 1427 1428 dev_dbg_f(zd_usb_dev(usb), "\n"); 1429 1430 ieee80211_unregister_hw(hw); 1431 1432 /* Just in case something has gone wrong! */ 1433 zd_usb_disable_tx(usb); 1434 zd_usb_disable_rx(usb); 1435 zd_usb_disable_int(usb); 1436 1437 /* If the disconnect has been caused by a removal of the 1438 * driver module, the reset allows reloading of the driver. If the 1439 * reset will not be executed here, the upload of the firmware in the 1440 * probe function caused by the reloading of the driver will fail. 1441 */ 1442 usb_reset_device(interface_to_usbdev(intf)); 1443 1444 zd_mac_clear(mac); 1445 ieee80211_free_hw(hw); 1446 dev_dbg(&intf->dev, "disconnected\n"); 1447 } 1448 1449 static void zd_usb_resume(struct zd_usb *usb) 1450 { 1451 struct zd_mac *mac = zd_usb_to_mac(usb); 1452 int r; 1453 1454 dev_dbg_f(zd_usb_dev(usb), "\n"); 1455 1456 r = zd_op_start(zd_usb_to_hw(usb)); 1457 if (r < 0) { 1458 dev_warn(zd_usb_dev(usb), "Device resume failed " 1459 "with error code %d. Retrying...\n", r); 1460 if (usb->was_running) 1461 set_bit(ZD_DEVICE_RUNNING, &mac->flags); 1462 usb_queue_reset_device(usb->intf); 1463 return; 1464 } 1465 1466 if (mac->type != NL80211_IFTYPE_UNSPECIFIED) { 1467 r = zd_restore_settings(mac); 1468 if (r < 0) { 1469 dev_dbg(zd_usb_dev(usb), 1470 "failed to restore settings, %d\n", r); 1471 return; 1472 } 1473 } 1474 } 1475 1476 static void zd_usb_stop(struct zd_usb *usb) 1477 { 1478 dev_dbg_f(zd_usb_dev(usb), "\n"); 1479 1480 zd_op_stop(zd_usb_to_hw(usb), false); 1481 1482 zd_usb_disable_tx(usb); 1483 zd_usb_disable_rx(usb); 1484 zd_usb_disable_int(usb); 1485 1486 usb->initialized = 0; 1487 } 1488 1489 static int pre_reset(struct usb_interface *intf) 1490 { 1491 struct ieee80211_hw *hw = usb_get_intfdata(intf); 1492 struct zd_mac *mac; 1493 struct zd_usb *usb; 1494 1495 if (!hw || intf->condition != USB_INTERFACE_BOUND) 1496 return 0; 1497 1498 mac = zd_hw_mac(hw); 1499 usb = &mac->chip.usb; 1500 1501 usb->was_running = test_bit(ZD_DEVICE_RUNNING, &mac->flags); 1502 1503 zd_usb_stop(usb); 1504 1505 mutex_lock(&mac->chip.mutex); 1506 return 0; 1507 } 1508 1509 static int post_reset(struct usb_interface *intf) 1510 { 1511 struct ieee80211_hw *hw = usb_get_intfdata(intf); 1512 struct zd_mac *mac; 1513 struct zd_usb *usb; 1514 1515 if (!hw || intf->condition != USB_INTERFACE_BOUND) 1516 return 0; 1517 1518 mac = zd_hw_mac(hw); 1519 usb = &mac->chip.usb; 1520 1521 mutex_unlock(&mac->chip.mutex); 1522 1523 if (usb->was_running) 1524 zd_usb_resume(usb); 1525 return 0; 1526 } 1527 1528 static struct usb_driver driver = { 1529 .name = KBUILD_MODNAME, 1530 .id_table = usb_ids, 1531 .probe = probe, 1532 .disconnect = disconnect, 1533 .pre_reset = pre_reset, 1534 .post_reset = post_reset, 1535 .disable_hub_initiated_lpm = 1, 1536 }; 1537 1538 struct workqueue_struct *zd_workqueue; 1539 1540 static int __init usb_init(void) 1541 { 1542 int r; 1543 1544 pr_debug("%s usb_init()\n", driver.name); 1545 1546 zd_workqueue = create_singlethread_workqueue(driver.name); 1547 if (zd_workqueue == NULL) { 1548 pr_err("%s couldn't create workqueue\n", driver.name); 1549 return -ENOMEM; 1550 } 1551 1552 r = usb_register(&driver); 1553 if (r) { 1554 destroy_workqueue(zd_workqueue); 1555 pr_err("%s usb_register() failed. Error number %d\n", 1556 driver.name, r); 1557 return r; 1558 } 1559 1560 pr_debug("%s initialized\n", driver.name); 1561 return 0; 1562 } 1563 1564 static void __exit usb_exit(void) 1565 { 1566 pr_debug("%s usb_exit()\n", driver.name); 1567 usb_deregister(&driver); 1568 destroy_workqueue(zd_workqueue); 1569 } 1570 1571 module_init(usb_init); 1572 module_exit(usb_exit); 1573 1574 static int zd_ep_regs_out_msg(struct usb_device *udev, void *data, int len, 1575 int *actual_length, int timeout) 1576 { 1577 /* In USB 2.0 mode EP_REGS_OUT endpoint is interrupt type. However in 1578 * USB 1.1 mode endpoint is bulk. Select correct type URB by endpoint 1579 * descriptor. 1580 */ 1581 struct usb_host_endpoint *ep; 1582 unsigned int pipe; 1583 1584 pipe = usb_sndintpipe(udev, EP_REGS_OUT); 1585 ep = usb_pipe_endpoint(udev, pipe); 1586 if (!ep) 1587 return -EINVAL; 1588 1589 if (usb_endpoint_xfer_int(&ep->desc)) { 1590 return usb_interrupt_msg(udev, pipe, data, len, 1591 actual_length, timeout); 1592 } else { 1593 pipe = usb_sndbulkpipe(udev, EP_REGS_OUT); 1594 return usb_bulk_msg(udev, pipe, data, len, actual_length, 1595 timeout); 1596 } 1597 } 1598 1599 static void prepare_read_regs_int(struct zd_usb *usb, 1600 struct usb_req_read_regs *req, 1601 unsigned int count) 1602 { 1603 struct zd_usb_interrupt *intr = &usb->intr; 1604 1605 spin_lock_irq(&intr->lock); 1606 atomic_set(&intr->read_regs_enabled, 1); 1607 intr->read_regs.req = req; 1608 intr->read_regs.req_count = count; 1609 reinit_completion(&intr->read_regs.completion); 1610 spin_unlock_irq(&intr->lock); 1611 } 1612 1613 static void disable_read_regs_int(struct zd_usb *usb) 1614 { 1615 struct zd_usb_interrupt *intr = &usb->intr; 1616 1617 spin_lock_irq(&intr->lock); 1618 atomic_set(&intr->read_regs_enabled, 0); 1619 spin_unlock_irq(&intr->lock); 1620 } 1621 1622 static bool check_read_regs(struct zd_usb *usb, struct usb_req_read_regs *req, 1623 unsigned int count) 1624 { 1625 int i; 1626 struct zd_usb_interrupt *intr = &usb->intr; 1627 struct read_regs_int *rr = &intr->read_regs; 1628 struct usb_int_regs *regs = (struct usb_int_regs *)rr->buffer; 1629 1630 /* The created block size seems to be larger than expected. 1631 * However results appear to be correct. 1632 */ 1633 if (rr->length < struct_size(regs, regs, count)) { 1634 dev_dbg_f(zd_usb_dev(usb), 1635 "error: actual length %d less than expected %zu\n", 1636 rr->length, struct_size(regs, regs, count)); 1637 return false; 1638 } 1639 1640 if (rr->length > sizeof(rr->buffer)) { 1641 dev_dbg_f(zd_usb_dev(usb), 1642 "error: actual length %d exceeds buffer size %zu\n", 1643 rr->length, sizeof(rr->buffer)); 1644 return false; 1645 } 1646 1647 for (i = 0; i < count; i++) { 1648 struct reg_data *rd = ®s->regs[i]; 1649 if (rd->addr != req->addr[i]) { 1650 dev_dbg_f(zd_usb_dev(usb), 1651 "rd[%d] addr %#06hx expected %#06hx\n", i, 1652 le16_to_cpu(rd->addr), 1653 le16_to_cpu(req->addr[i])); 1654 return false; 1655 } 1656 } 1657 1658 return true; 1659 } 1660 1661 static int get_results(struct zd_usb *usb, u16 *values, 1662 struct usb_req_read_regs *req, unsigned int count, 1663 bool *retry) 1664 { 1665 int r; 1666 int i; 1667 struct zd_usb_interrupt *intr = &usb->intr; 1668 struct read_regs_int *rr = &intr->read_regs; 1669 struct usb_int_regs *regs = (struct usb_int_regs *)rr->buffer; 1670 1671 spin_lock_irq(&intr->lock); 1672 1673 r = -EIO; 1674 1675 /* Read failed because firmware bug? */ 1676 *retry = !!intr->read_regs_int_overridden; 1677 if (*retry) 1678 goto error_unlock; 1679 1680 if (!check_read_regs(usb, req, count)) { 1681 dev_dbg_f(zd_usb_dev(usb), "error: invalid read regs\n"); 1682 goto error_unlock; 1683 } 1684 1685 for (i = 0; i < count; i++) { 1686 struct reg_data *rd = ®s->regs[i]; 1687 values[i] = le16_to_cpu(rd->value); 1688 } 1689 1690 r = 0; 1691 error_unlock: 1692 spin_unlock_irq(&intr->lock); 1693 return r; 1694 } 1695 1696 int zd_usb_ioread16v(struct zd_usb *usb, u16 *values, 1697 const zd_addr_t *addresses, unsigned int count) 1698 { 1699 int r, i, req_len, actual_req_len, try_count = 0; 1700 struct usb_device *udev; 1701 struct usb_req_read_regs *req = NULL; 1702 unsigned long time_left; 1703 bool retry = false; 1704 1705 if (count < 1) { 1706 dev_dbg_f(zd_usb_dev(usb), "error: count is zero\n"); 1707 return -EINVAL; 1708 } 1709 if (count > USB_MAX_IOREAD16_COUNT) { 1710 dev_dbg_f(zd_usb_dev(usb), 1711 "error: count %u exceeds possible max %u\n", 1712 count, USB_MAX_IOREAD16_COUNT); 1713 return -EINVAL; 1714 } 1715 if (!usb_int_enabled(usb)) { 1716 dev_dbg_f(zd_usb_dev(usb), 1717 "error: usb interrupt not enabled\n"); 1718 return -EWOULDBLOCK; 1719 } 1720 1721 ZD_ASSERT(mutex_is_locked(&zd_usb_to_chip(usb)->mutex)); 1722 BUILD_BUG_ON(sizeof(struct usb_req_read_regs) + USB_MAX_IOREAD16_COUNT * 1723 sizeof(__le16) > sizeof(usb->req_buf)); 1724 BUG_ON(sizeof(struct usb_req_read_regs) + count * sizeof(__le16) > 1725 sizeof(usb->req_buf)); 1726 1727 req_len = sizeof(struct usb_req_read_regs) + count * sizeof(__le16); 1728 req = (void *)usb->req_buf; 1729 1730 req->id = cpu_to_le16(USB_REQ_READ_REGS); 1731 for (i = 0; i < count; i++) 1732 req->addr[i] = cpu_to_le16((u16)addresses[i]); 1733 1734 retry_read: 1735 try_count++; 1736 udev = zd_usb_to_usbdev(usb); 1737 prepare_read_regs_int(usb, req, count); 1738 r = zd_ep_regs_out_msg(udev, req, req_len, &actual_req_len, 50 /*ms*/); 1739 if (r) { 1740 dev_dbg_f(zd_usb_dev(usb), 1741 "error in zd_ep_regs_out_msg(). Error number %d\n", r); 1742 goto error; 1743 } 1744 if (req_len != actual_req_len) { 1745 dev_dbg_f(zd_usb_dev(usb), "error in zd_ep_regs_out_msg()\n" 1746 " req_len %d != actual_req_len %d\n", 1747 req_len, actual_req_len); 1748 r = -EIO; 1749 goto error; 1750 } 1751 1752 time_left = wait_for_completion_timeout(&usb->intr.read_regs.completion, 1753 msecs_to_jiffies(50)); 1754 if (!time_left) { 1755 disable_read_regs_int(usb); 1756 dev_dbg_f(zd_usb_dev(usb), "read timed out\n"); 1757 r = -ETIMEDOUT; 1758 goto error; 1759 } 1760 1761 r = get_results(usb, values, req, count, &retry); 1762 if (retry && try_count < 20) { 1763 dev_dbg_f(zd_usb_dev(usb), "read retry, tries so far: %d\n", 1764 try_count); 1765 goto retry_read; 1766 } 1767 error: 1768 return r; 1769 } 1770 1771 static void iowrite16v_urb_complete(struct urb *urb) 1772 { 1773 struct zd_usb *usb = urb->context; 1774 1775 if (urb->status && !usb->cmd_error) 1776 usb->cmd_error = urb->status; 1777 1778 if (!usb->cmd_error && 1779 urb->actual_length != urb->transfer_buffer_length) 1780 usb->cmd_error = -EIO; 1781 } 1782 1783 static int zd_submit_waiting_urb(struct zd_usb *usb, bool last) 1784 { 1785 int r = 0; 1786 struct urb *urb = usb->urb_async_waiting; 1787 1788 if (!urb) 1789 return 0; 1790 1791 usb->urb_async_waiting = NULL; 1792 1793 if (!last) 1794 urb->transfer_flags |= URB_NO_INTERRUPT; 1795 1796 usb_anchor_urb(urb, &usb->submitted_cmds); 1797 r = usb_submit_urb(urb, GFP_KERNEL); 1798 if (r) { 1799 usb_unanchor_urb(urb); 1800 dev_dbg_f(zd_usb_dev(usb), 1801 "error in usb_submit_urb(). Error number %d\n", r); 1802 goto error; 1803 } 1804 1805 /* fall-through with r == 0 */ 1806 error: 1807 usb_free_urb(urb); 1808 return r; 1809 } 1810 1811 void zd_usb_iowrite16v_async_start(struct zd_usb *usb) 1812 { 1813 ZD_ASSERT(usb_anchor_empty(&usb->submitted_cmds)); 1814 ZD_ASSERT(usb->urb_async_waiting == NULL); 1815 ZD_ASSERT(!usb->in_async); 1816 1817 ZD_ASSERT(mutex_is_locked(&zd_usb_to_chip(usb)->mutex)); 1818 1819 usb->in_async = 1; 1820 usb->cmd_error = 0; 1821 usb->urb_async_waiting = NULL; 1822 } 1823 1824 int zd_usb_iowrite16v_async_end(struct zd_usb *usb, unsigned int timeout) 1825 { 1826 int r; 1827 1828 ZD_ASSERT(mutex_is_locked(&zd_usb_to_chip(usb)->mutex)); 1829 ZD_ASSERT(usb->in_async); 1830 1831 /* Submit last iowrite16v URB */ 1832 r = zd_submit_waiting_urb(usb, true); 1833 if (r) { 1834 dev_dbg_f(zd_usb_dev(usb), 1835 "error in zd_submit_waiting_usb(). " 1836 "Error number %d\n", r); 1837 1838 usb_kill_anchored_urbs(&usb->submitted_cmds); 1839 goto error; 1840 } 1841 1842 if (timeout) 1843 timeout = usb_wait_anchor_empty_timeout(&usb->submitted_cmds, 1844 timeout); 1845 if (!timeout) { 1846 usb_kill_anchored_urbs(&usb->submitted_cmds); 1847 if (usb->cmd_error == -ENOENT) { 1848 dev_dbg_f(zd_usb_dev(usb), "timed out"); 1849 r = -ETIMEDOUT; 1850 goto error; 1851 } 1852 } 1853 1854 r = usb->cmd_error; 1855 error: 1856 usb->in_async = 0; 1857 return r; 1858 } 1859 1860 int zd_usb_iowrite16v_async(struct zd_usb *usb, const struct zd_ioreq16 *ioreqs, 1861 unsigned int count) 1862 { 1863 int r; 1864 struct usb_device *udev; 1865 struct usb_req_write_regs *req = NULL; 1866 int i, req_len; 1867 struct urb *urb; 1868 struct usb_host_endpoint *ep; 1869 1870 ZD_ASSERT(mutex_is_locked(&zd_usb_to_chip(usb)->mutex)); 1871 ZD_ASSERT(usb->in_async); 1872 1873 if (count == 0) 1874 return 0; 1875 if (count > USB_MAX_IOWRITE16_COUNT) { 1876 dev_dbg_f(zd_usb_dev(usb), 1877 "error: count %u exceeds possible max %u\n", 1878 count, USB_MAX_IOWRITE16_COUNT); 1879 return -EINVAL; 1880 } 1881 1882 udev = zd_usb_to_usbdev(usb); 1883 1884 ep = usb_pipe_endpoint(udev, usb_sndintpipe(udev, EP_REGS_OUT)); 1885 if (!ep) 1886 return -ENOENT; 1887 1888 urb = usb_alloc_urb(0, GFP_KERNEL); 1889 if (!urb) 1890 return -ENOMEM; 1891 1892 req_len = struct_size(req, reg_writes, count); 1893 req = kmalloc(req_len, GFP_KERNEL); 1894 if (!req) { 1895 r = -ENOMEM; 1896 goto error; 1897 } 1898 1899 req->id = cpu_to_le16(USB_REQ_WRITE_REGS); 1900 for (i = 0; i < count; i++) { 1901 struct reg_data *rw = &req->reg_writes[i]; 1902 rw->addr = cpu_to_le16((u16)ioreqs[i].addr); 1903 rw->value = cpu_to_le16(ioreqs[i].value); 1904 } 1905 1906 /* In USB 2.0 mode endpoint is interrupt type. However in USB 1.1 mode 1907 * endpoint is bulk. Select correct type URB by endpoint descriptor. 1908 */ 1909 if (usb_endpoint_xfer_int(&ep->desc)) 1910 usb_fill_int_urb(urb, udev, usb_sndintpipe(udev, EP_REGS_OUT), 1911 req, req_len, iowrite16v_urb_complete, usb, 1912 ep->desc.bInterval); 1913 else 1914 usb_fill_bulk_urb(urb, udev, usb_sndbulkpipe(udev, EP_REGS_OUT), 1915 req, req_len, iowrite16v_urb_complete, usb); 1916 1917 urb->transfer_flags |= URB_FREE_BUFFER; 1918 1919 /* Submit previous URB */ 1920 r = zd_submit_waiting_urb(usb, false); 1921 if (r) { 1922 dev_dbg_f(zd_usb_dev(usb), 1923 "error in zd_submit_waiting_usb(). " 1924 "Error number %d\n", r); 1925 goto error; 1926 } 1927 1928 /* Delay submit so that URB_NO_INTERRUPT flag can be set for all URBs 1929 * of currect batch except for very last. 1930 */ 1931 usb->urb_async_waiting = urb; 1932 return 0; 1933 error: 1934 usb_free_urb(urb); 1935 return r; 1936 } 1937 1938 int zd_usb_iowrite16v(struct zd_usb *usb, const struct zd_ioreq16 *ioreqs, 1939 unsigned int count) 1940 { 1941 int r; 1942 1943 zd_usb_iowrite16v_async_start(usb); 1944 r = zd_usb_iowrite16v_async(usb, ioreqs, count); 1945 if (r) { 1946 zd_usb_iowrite16v_async_end(usb, 0); 1947 return r; 1948 } 1949 return zd_usb_iowrite16v_async_end(usb, 50 /* ms */); 1950 } 1951 1952 int zd_usb_rfwrite(struct zd_usb *usb, u32 value, u8 bits) 1953 { 1954 int r; 1955 struct usb_device *udev; 1956 struct usb_req_rfwrite *req = NULL; 1957 int i, req_len, actual_req_len; 1958 u16 bit_value_template; 1959 1960 if (bits < USB_MIN_RFWRITE_BIT_COUNT) { 1961 dev_dbg_f(zd_usb_dev(usb), 1962 "error: bits %d are smaller than" 1963 " USB_MIN_RFWRITE_BIT_COUNT %d\n", 1964 bits, USB_MIN_RFWRITE_BIT_COUNT); 1965 return -EINVAL; 1966 } 1967 if (bits > USB_MAX_RFWRITE_BIT_COUNT) { 1968 dev_dbg_f(zd_usb_dev(usb), 1969 "error: bits %d exceed USB_MAX_RFWRITE_BIT_COUNT %d\n", 1970 bits, USB_MAX_RFWRITE_BIT_COUNT); 1971 return -EINVAL; 1972 } 1973 #ifdef DEBUG 1974 if (value & (~0UL << bits)) { 1975 dev_dbg_f(zd_usb_dev(usb), 1976 "error: value %#09x has bits >= %d set\n", 1977 value, bits); 1978 return -EINVAL; 1979 } 1980 #endif /* DEBUG */ 1981 1982 dev_dbg_f(zd_usb_dev(usb), "value %#09x bits %d\n", value, bits); 1983 1984 r = zd_usb_ioread16(usb, &bit_value_template, ZD_CR203); 1985 if (r) { 1986 dev_dbg_f(zd_usb_dev(usb), 1987 "error %d: Couldn't read ZD_CR203\n", r); 1988 return r; 1989 } 1990 bit_value_template &= ~(RF_IF_LE|RF_CLK|RF_DATA); 1991 1992 ZD_ASSERT(mutex_is_locked(&zd_usb_to_chip(usb)->mutex)); 1993 BUILD_BUG_ON(sizeof(struct usb_req_rfwrite) + 1994 USB_MAX_RFWRITE_BIT_COUNT * sizeof(__le16) > 1995 sizeof(usb->req_buf)); 1996 BUG_ON(sizeof(struct usb_req_rfwrite) + bits * sizeof(__le16) > 1997 sizeof(usb->req_buf)); 1998 1999 req_len = sizeof(struct usb_req_rfwrite) + bits * sizeof(__le16); 2000 req = (void *)usb->req_buf; 2001 2002 req->id = cpu_to_le16(USB_REQ_WRITE_RF); 2003 /* 1: 3683a, but not used in ZYDAS driver */ 2004 req->value = cpu_to_le16(2); 2005 req->bits = cpu_to_le16(bits); 2006 2007 for (i = 0; i < bits; i++) { 2008 u16 bv = bit_value_template; 2009 if (value & (1 << (bits-1-i))) 2010 bv |= RF_DATA; 2011 req->bit_values[i] = cpu_to_le16(bv); 2012 } 2013 2014 udev = zd_usb_to_usbdev(usb); 2015 r = zd_ep_regs_out_msg(udev, req, req_len, &actual_req_len, 50 /*ms*/); 2016 if (r) { 2017 dev_dbg_f(zd_usb_dev(usb), 2018 "error in zd_ep_regs_out_msg(). Error number %d\n", r); 2019 goto out; 2020 } 2021 if (req_len != actual_req_len) { 2022 dev_dbg_f(zd_usb_dev(usb), "error in zd_ep_regs_out_msg()" 2023 " req_len %d != actual_req_len %d\n", 2024 req_len, actual_req_len); 2025 r = -EIO; 2026 goto out; 2027 } 2028 2029 /* FALL-THROUGH with r == 0 */ 2030 out: 2031 return r; 2032 } 2033