1 /* ZD1211 USB-WLAN driver for Linux 2 * 3 * Copyright (C) 2005-2007 Ulrich Kunitz <kune@deine-taler.de> 4 * Copyright (C) 2006-2007 Daniel Drake <dsd@gentoo.org> 5 * Copyright (C) 2006-2007 Michael Wu <flamingice@sourmilk.net> 6 * 7 * This program is free software; you can redistribute it and/or modify 8 * it under the terms of the GNU General Public License as published by 9 * the Free Software Foundation; either version 2 of the License, or 10 * (at your option) any later version. 11 * 12 * This program is distributed in the hope that it will be useful, 13 * but WITHOUT ANY WARRANTY; without even the implied warranty of 14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 15 * GNU General Public License for more details. 16 * 17 * You should have received a copy of the GNU General Public License 18 * along with this program; if not, see <http://www.gnu.org/licenses/>. 19 */ 20 21 #include <linux/kernel.h> 22 #include <linux/init.h> 23 #include <linux/firmware.h> 24 #include <linux/device.h> 25 #include <linux/errno.h> 26 #include <linux/slab.h> 27 #include <linux/skbuff.h> 28 #include <linux/usb.h> 29 #include <linux/workqueue.h> 30 #include <linux/module.h> 31 #include <net/mac80211.h> 32 #include <asm/unaligned.h> 33 34 #include "zd_def.h" 35 #include "zd_mac.h" 36 #include "zd_usb.h" 37 38 static struct usb_device_id usb_ids[] = { 39 /* ZD1211 */ 40 { USB_DEVICE(0x0105, 0x145f), .driver_info = DEVICE_ZD1211 }, 41 { USB_DEVICE(0x0586, 0x3401), .driver_info = DEVICE_ZD1211 }, 42 { USB_DEVICE(0x0586, 0x3402), .driver_info = DEVICE_ZD1211 }, 43 { USB_DEVICE(0x0586, 0x3407), .driver_info = DEVICE_ZD1211 }, 44 { USB_DEVICE(0x0586, 0x3409), .driver_info = DEVICE_ZD1211 }, 45 { USB_DEVICE(0x079b, 0x004a), .driver_info = DEVICE_ZD1211 }, 46 { USB_DEVICE(0x07b8, 0x6001), .driver_info = DEVICE_ZD1211 }, 47 { USB_DEVICE(0x0ace, 0x1211), .driver_info = DEVICE_ZD1211 }, 48 { USB_DEVICE(0x0ace, 0xa211), .driver_info = DEVICE_ZD1211 }, 49 { USB_DEVICE(0x0b05, 0x170c), .driver_info = DEVICE_ZD1211 }, 50 { USB_DEVICE(0x0b3b, 0x1630), .driver_info = DEVICE_ZD1211 }, 51 { USB_DEVICE(0x0b3b, 0x5630), .driver_info = DEVICE_ZD1211 }, 52 { USB_DEVICE(0x0df6, 0x9071), .driver_info = DEVICE_ZD1211 }, 53 { USB_DEVICE(0x0df6, 0x9075), .driver_info = DEVICE_ZD1211 }, 54 { USB_DEVICE(0x126f, 0xa006), .driver_info = DEVICE_ZD1211 }, 55 { USB_DEVICE(0x129b, 0x1666), .driver_info = DEVICE_ZD1211 }, 56 { USB_DEVICE(0x13b1, 0x001e), .driver_info = DEVICE_ZD1211 }, 57 { USB_DEVICE(0x1435, 0x0711), .driver_info = DEVICE_ZD1211 }, 58 { USB_DEVICE(0x14ea, 0xab10), .driver_info = DEVICE_ZD1211 }, 59 { USB_DEVICE(0x14ea, 0xab13), .driver_info = DEVICE_ZD1211 }, 60 { USB_DEVICE(0x157e, 0x300a), .driver_info = DEVICE_ZD1211 }, 61 { USB_DEVICE(0x157e, 0x300b), .driver_info = DEVICE_ZD1211 }, 62 { USB_DEVICE(0x157e, 0x3204), .driver_info = DEVICE_ZD1211 }, 63 { USB_DEVICE(0x157e, 0x3207), .driver_info = DEVICE_ZD1211 }, 64 { USB_DEVICE(0x1740, 0x2000), .driver_info = DEVICE_ZD1211 }, 65 { USB_DEVICE(0x6891, 0xa727), .driver_info = DEVICE_ZD1211 }, 66 /* ZD1211B */ 67 { USB_DEVICE(0x0053, 0x5301), .driver_info = DEVICE_ZD1211B }, 68 { USB_DEVICE(0x0409, 0x0248), .driver_info = DEVICE_ZD1211B }, 69 { USB_DEVICE(0x0411, 0x00da), .driver_info = DEVICE_ZD1211B }, 70 { USB_DEVICE(0x0471, 0x1236), .driver_info = DEVICE_ZD1211B }, 71 { USB_DEVICE(0x0471, 0x1237), .driver_info = DEVICE_ZD1211B }, 72 { USB_DEVICE(0x050d, 0x705c), .driver_info = DEVICE_ZD1211B }, 73 { USB_DEVICE(0x054c, 0x0257), .driver_info = DEVICE_ZD1211B }, 74 { USB_DEVICE(0x0586, 0x340a), .driver_info = DEVICE_ZD1211B }, 75 { USB_DEVICE(0x0586, 0x340f), .driver_info = DEVICE_ZD1211B }, 76 { USB_DEVICE(0x0586, 0x3410), .driver_info = DEVICE_ZD1211B }, 77 { USB_DEVICE(0x0586, 0x3412), .driver_info = DEVICE_ZD1211B }, 78 { USB_DEVICE(0x0586, 0x3413), .driver_info = DEVICE_ZD1211B }, 79 { USB_DEVICE(0x079b, 0x0062), .driver_info = DEVICE_ZD1211B }, 80 { USB_DEVICE(0x07b8, 0x6001), .driver_info = DEVICE_ZD1211B }, 81 { USB_DEVICE(0x07fa, 0x1196), .driver_info = DEVICE_ZD1211B }, 82 { USB_DEVICE(0x083a, 0x4505), .driver_info = DEVICE_ZD1211B }, 83 { USB_DEVICE(0x083a, 0xe501), .driver_info = DEVICE_ZD1211B }, 84 { USB_DEVICE(0x083a, 0xe503), .driver_info = DEVICE_ZD1211B }, 85 { USB_DEVICE(0x083a, 0xe506), .driver_info = DEVICE_ZD1211B }, 86 { USB_DEVICE(0x0ace, 0x1215), .driver_info = DEVICE_ZD1211B }, 87 { USB_DEVICE(0x0ace, 0xb215), .driver_info = DEVICE_ZD1211B }, 88 { USB_DEVICE(0x0b05, 0x171b), .driver_info = DEVICE_ZD1211B }, 89 { USB_DEVICE(0x0baf, 0x0121), .driver_info = DEVICE_ZD1211B }, 90 { USB_DEVICE(0x0cde, 0x001a), .driver_info = DEVICE_ZD1211B }, 91 { USB_DEVICE(0x0df6, 0x0036), .driver_info = DEVICE_ZD1211B }, 92 { USB_DEVICE(0x129b, 0x1667), .driver_info = DEVICE_ZD1211B }, 93 { USB_DEVICE(0x13b1, 0x0024), .driver_info = DEVICE_ZD1211B }, 94 { USB_DEVICE(0x157e, 0x300d), .driver_info = DEVICE_ZD1211B }, 95 { USB_DEVICE(0x1582, 0x6003), .driver_info = DEVICE_ZD1211B }, 96 { USB_DEVICE(0x2019, 0x5303), .driver_info = DEVICE_ZD1211B }, 97 { USB_DEVICE(0x2019, 0xed01), .driver_info = DEVICE_ZD1211B }, 98 /* "Driverless" devices that need ejecting */ 99 { USB_DEVICE(0x0ace, 0x2011), .driver_info = DEVICE_INSTALLER }, 100 { USB_DEVICE(0x0ace, 0x20ff), .driver_info = DEVICE_INSTALLER }, 101 {} 102 }; 103 104 MODULE_LICENSE("GPL"); 105 MODULE_DESCRIPTION("USB driver for devices with the ZD1211 chip."); 106 MODULE_AUTHOR("Ulrich Kunitz"); 107 MODULE_AUTHOR("Daniel Drake"); 108 MODULE_VERSION("1.0"); 109 MODULE_DEVICE_TABLE(usb, usb_ids); 110 111 #define FW_ZD1211_PREFIX "zd1211/zd1211_" 112 #define FW_ZD1211B_PREFIX "zd1211/zd1211b_" 113 114 static bool check_read_regs(struct zd_usb *usb, struct usb_req_read_regs *req, 115 unsigned int count); 116 117 /* USB device initialization */ 118 static void int_urb_complete(struct urb *urb); 119 120 static int request_fw_file( 121 const struct firmware **fw, const char *name, struct device *device) 122 { 123 int r; 124 125 dev_dbg_f(device, "fw name %s\n", name); 126 127 r = request_firmware(fw, name, device); 128 if (r) 129 dev_err(device, 130 "Could not load firmware file %s. Error number %d\n", 131 name, r); 132 return r; 133 } 134 135 static inline u16 get_bcdDevice(const struct usb_device *udev) 136 { 137 return le16_to_cpu(udev->descriptor.bcdDevice); 138 } 139 140 enum upload_code_flags { 141 REBOOT = 1, 142 }; 143 144 /* Ensures that MAX_TRANSFER_SIZE is even. */ 145 #define MAX_TRANSFER_SIZE (USB_MAX_TRANSFER_SIZE & ~1) 146 147 static int upload_code(struct usb_device *udev, 148 const u8 *data, size_t size, u16 code_offset, int flags) 149 { 150 u8 *p; 151 int r; 152 153 /* USB request blocks need "kmalloced" buffers. 154 */ 155 p = kmalloc(MAX_TRANSFER_SIZE, GFP_KERNEL); 156 if (!p) { 157 r = -ENOMEM; 158 goto error; 159 } 160 161 size &= ~1; 162 while (size > 0) { 163 size_t transfer_size = size <= MAX_TRANSFER_SIZE ? 164 size : MAX_TRANSFER_SIZE; 165 166 dev_dbg_f(&udev->dev, "transfer size %zu\n", transfer_size); 167 168 memcpy(p, data, transfer_size); 169 r = usb_control_msg(udev, usb_sndctrlpipe(udev, 0), 170 USB_REQ_FIRMWARE_DOWNLOAD, 171 USB_DIR_OUT | USB_TYPE_VENDOR, 172 code_offset, 0, p, transfer_size, 1000 /* ms */); 173 if (r < 0) { 174 dev_err(&udev->dev, 175 "USB control request for firmware upload" 176 " failed. Error number %d\n", r); 177 goto error; 178 } 179 transfer_size = r & ~1; 180 181 size -= transfer_size; 182 data += transfer_size; 183 code_offset += transfer_size/sizeof(u16); 184 } 185 186 if (flags & REBOOT) { 187 u8 ret; 188 189 /* Use "DMA-aware" buffer. */ 190 r = usb_control_msg(udev, usb_rcvctrlpipe(udev, 0), 191 USB_REQ_FIRMWARE_CONFIRM, 192 USB_DIR_IN | USB_TYPE_VENDOR, 193 0, 0, p, sizeof(ret), 5000 /* ms */); 194 if (r != sizeof(ret)) { 195 dev_err(&udev->dev, 196 "control request firmware confirmation failed." 197 " Return value %d\n", r); 198 if (r >= 0) 199 r = -ENODEV; 200 goto error; 201 } 202 ret = p[0]; 203 if (ret & 0x80) { 204 dev_err(&udev->dev, 205 "Internal error while downloading." 206 " Firmware confirm return value %#04x\n", 207 (unsigned int)ret); 208 r = -ENODEV; 209 goto error; 210 } 211 dev_dbg_f(&udev->dev, "firmware confirm return value %#04x\n", 212 (unsigned int)ret); 213 } 214 215 r = 0; 216 error: 217 kfree(p); 218 return r; 219 } 220 221 static u16 get_word(const void *data, u16 offset) 222 { 223 const __le16 *p = data; 224 return le16_to_cpu(p[offset]); 225 } 226 227 static char *get_fw_name(struct zd_usb *usb, char *buffer, size_t size, 228 const char* postfix) 229 { 230 scnprintf(buffer, size, "%s%s", 231 usb->is_zd1211b ? 232 FW_ZD1211B_PREFIX : FW_ZD1211_PREFIX, 233 postfix); 234 return buffer; 235 } 236 237 static int handle_version_mismatch(struct zd_usb *usb, 238 const struct firmware *ub_fw) 239 { 240 struct usb_device *udev = zd_usb_to_usbdev(usb); 241 const struct firmware *ur_fw = NULL; 242 int offset; 243 int r = 0; 244 char fw_name[128]; 245 246 r = request_fw_file(&ur_fw, 247 get_fw_name(usb, fw_name, sizeof(fw_name), "ur"), 248 &udev->dev); 249 if (r) 250 goto error; 251 252 r = upload_code(udev, ur_fw->data, ur_fw->size, FW_START, REBOOT); 253 if (r) 254 goto error; 255 256 offset = (E2P_BOOT_CODE_OFFSET * sizeof(u16)); 257 r = upload_code(udev, ub_fw->data + offset, ub_fw->size - offset, 258 E2P_START + E2P_BOOT_CODE_OFFSET, REBOOT); 259 260 /* At this point, the vendor driver downloads the whole firmware 261 * image, hacks around with version IDs, and uploads it again, 262 * completely overwriting the boot code. We do not do this here as 263 * it is not required on any tested devices, and it is suspected to 264 * cause problems. */ 265 error: 266 release_firmware(ur_fw); 267 return r; 268 } 269 270 static int upload_firmware(struct zd_usb *usb) 271 { 272 int r; 273 u16 fw_bcdDevice; 274 u16 bcdDevice; 275 struct usb_device *udev = zd_usb_to_usbdev(usb); 276 const struct firmware *ub_fw = NULL; 277 const struct firmware *uph_fw = NULL; 278 char fw_name[128]; 279 280 bcdDevice = get_bcdDevice(udev); 281 282 r = request_fw_file(&ub_fw, 283 get_fw_name(usb, fw_name, sizeof(fw_name), "ub"), 284 &udev->dev); 285 if (r) 286 goto error; 287 288 fw_bcdDevice = get_word(ub_fw->data, E2P_DATA_OFFSET); 289 290 if (fw_bcdDevice != bcdDevice) { 291 dev_info(&udev->dev, 292 "firmware version %#06x and device bootcode version " 293 "%#06x differ\n", fw_bcdDevice, bcdDevice); 294 if (bcdDevice <= 0x4313) 295 dev_warn(&udev->dev, "device has old bootcode, please " 296 "report success or failure\n"); 297 298 r = handle_version_mismatch(usb, ub_fw); 299 if (r) 300 goto error; 301 } else { 302 dev_dbg_f(&udev->dev, 303 "firmware device id %#06x is equal to the " 304 "actual device id\n", fw_bcdDevice); 305 } 306 307 308 r = request_fw_file(&uph_fw, 309 get_fw_name(usb, fw_name, sizeof(fw_name), "uphr"), 310 &udev->dev); 311 if (r) 312 goto error; 313 314 r = upload_code(udev, uph_fw->data, uph_fw->size, FW_START, REBOOT); 315 if (r) { 316 dev_err(&udev->dev, 317 "Could not upload firmware code uph. Error number %d\n", 318 r); 319 } 320 321 /* FALL-THROUGH */ 322 error: 323 release_firmware(ub_fw); 324 release_firmware(uph_fw); 325 return r; 326 } 327 328 MODULE_FIRMWARE(FW_ZD1211B_PREFIX "ur"); 329 MODULE_FIRMWARE(FW_ZD1211_PREFIX "ur"); 330 MODULE_FIRMWARE(FW_ZD1211B_PREFIX "ub"); 331 MODULE_FIRMWARE(FW_ZD1211_PREFIX "ub"); 332 MODULE_FIRMWARE(FW_ZD1211B_PREFIX "uphr"); 333 MODULE_FIRMWARE(FW_ZD1211_PREFIX "uphr"); 334 335 /* Read data from device address space using "firmware interface" which does 336 * not require firmware to be loaded. */ 337 int zd_usb_read_fw(struct zd_usb *usb, zd_addr_t addr, u8 *data, u16 len) 338 { 339 int r; 340 struct usb_device *udev = zd_usb_to_usbdev(usb); 341 u8 *buf; 342 343 /* Use "DMA-aware" buffer. */ 344 buf = kmalloc(len, GFP_KERNEL); 345 if (!buf) 346 return -ENOMEM; 347 r = usb_control_msg(udev, usb_rcvctrlpipe(udev, 0), 348 USB_REQ_FIRMWARE_READ_DATA, USB_DIR_IN | 0x40, addr, 0, 349 buf, len, 5000); 350 if (r < 0) { 351 dev_err(&udev->dev, 352 "read over firmware interface failed: %d\n", r); 353 goto exit; 354 } else if (r != len) { 355 dev_err(&udev->dev, 356 "incomplete read over firmware interface: %d/%d\n", 357 r, len); 358 r = -EIO; 359 goto exit; 360 } 361 r = 0; 362 memcpy(data, buf, len); 363 exit: 364 kfree(buf); 365 return r; 366 } 367 368 #define urb_dev(urb) (&(urb)->dev->dev) 369 370 static inline void handle_regs_int_override(struct urb *urb) 371 { 372 struct zd_usb *usb = urb->context; 373 struct zd_usb_interrupt *intr = &usb->intr; 374 375 spin_lock(&intr->lock); 376 if (atomic_read(&intr->read_regs_enabled)) { 377 atomic_set(&intr->read_regs_enabled, 0); 378 intr->read_regs_int_overridden = 1; 379 complete(&intr->read_regs.completion); 380 } 381 spin_unlock(&intr->lock); 382 } 383 384 static inline void handle_regs_int(struct urb *urb) 385 { 386 struct zd_usb *usb = urb->context; 387 struct zd_usb_interrupt *intr = &usb->intr; 388 int len; 389 u16 int_num; 390 391 ZD_ASSERT(in_interrupt()); 392 spin_lock(&intr->lock); 393 394 int_num = le16_to_cpu(*(__le16 *)(urb->transfer_buffer+2)); 395 if (int_num == CR_INTERRUPT) { 396 struct zd_mac *mac = zd_hw_mac(zd_usb_to_hw(urb->context)); 397 spin_lock(&mac->lock); 398 memcpy(&mac->intr_buffer, urb->transfer_buffer, 399 USB_MAX_EP_INT_BUFFER); 400 spin_unlock(&mac->lock); 401 schedule_work(&mac->process_intr); 402 } else if (atomic_read(&intr->read_regs_enabled)) { 403 len = urb->actual_length; 404 intr->read_regs.length = urb->actual_length; 405 if (len > sizeof(intr->read_regs.buffer)) 406 len = sizeof(intr->read_regs.buffer); 407 408 memcpy(intr->read_regs.buffer, urb->transfer_buffer, len); 409 410 /* Sometimes USB_INT_ID_REGS is not overridden, but comes after 411 * USB_INT_ID_RETRY_FAILED. Read-reg retry then gets this 412 * delayed USB_INT_ID_REGS, but leaves USB_INT_ID_REGS of 413 * retry unhandled. Next read-reg command then might catch 414 * this wrong USB_INT_ID_REGS. Fix by ignoring wrong reads. 415 */ 416 if (!check_read_regs(usb, intr->read_regs.req, 417 intr->read_regs.req_count)) 418 goto out; 419 420 atomic_set(&intr->read_regs_enabled, 0); 421 intr->read_regs_int_overridden = 0; 422 complete(&intr->read_regs.completion); 423 424 goto out; 425 } 426 427 out: 428 spin_unlock(&intr->lock); 429 430 /* CR_INTERRUPT might override read_reg too. */ 431 if (int_num == CR_INTERRUPT && atomic_read(&intr->read_regs_enabled)) 432 handle_regs_int_override(urb); 433 } 434 435 static void int_urb_complete(struct urb *urb) 436 { 437 int r; 438 struct usb_int_header *hdr; 439 struct zd_usb *usb; 440 struct zd_usb_interrupt *intr; 441 442 switch (urb->status) { 443 case 0: 444 break; 445 case -ESHUTDOWN: 446 case -EINVAL: 447 case -ENODEV: 448 case -ENOENT: 449 case -ECONNRESET: 450 case -EPIPE: 451 dev_dbg_f(urb_dev(urb), "urb %p error %d\n", urb, urb->status); 452 return; 453 default: 454 dev_dbg_f(urb_dev(urb), "urb %p error %d\n", urb, urb->status); 455 goto resubmit; 456 } 457 458 if (urb->actual_length < sizeof(hdr)) { 459 dev_dbg_f(urb_dev(urb), "error: urb %p to small\n", urb); 460 goto resubmit; 461 } 462 463 hdr = urb->transfer_buffer; 464 if (hdr->type != USB_INT_TYPE) { 465 dev_dbg_f(urb_dev(urb), "error: urb %p wrong type\n", urb); 466 goto resubmit; 467 } 468 469 /* USB_INT_ID_RETRY_FAILED triggered by tx-urb submit can override 470 * pending USB_INT_ID_REGS causing read command timeout. 471 */ 472 usb = urb->context; 473 intr = &usb->intr; 474 if (hdr->id != USB_INT_ID_REGS && atomic_read(&intr->read_regs_enabled)) 475 handle_regs_int_override(urb); 476 477 switch (hdr->id) { 478 case USB_INT_ID_REGS: 479 handle_regs_int(urb); 480 break; 481 case USB_INT_ID_RETRY_FAILED: 482 zd_mac_tx_failed(urb); 483 break; 484 default: 485 dev_dbg_f(urb_dev(urb), "error: urb %p unknown id %x\n", urb, 486 (unsigned int)hdr->id); 487 goto resubmit; 488 } 489 490 resubmit: 491 r = usb_submit_urb(urb, GFP_ATOMIC); 492 if (r) { 493 dev_dbg_f(urb_dev(urb), "error: resubmit urb %p err code %d\n", 494 urb, r); 495 /* TODO: add worker to reset intr->urb */ 496 } 497 return; 498 } 499 500 static inline int int_urb_interval(struct usb_device *udev) 501 { 502 switch (udev->speed) { 503 case USB_SPEED_HIGH: 504 return 4; 505 case USB_SPEED_LOW: 506 return 10; 507 case USB_SPEED_FULL: 508 default: 509 return 1; 510 } 511 } 512 513 static inline int usb_int_enabled(struct zd_usb *usb) 514 { 515 unsigned long flags; 516 struct zd_usb_interrupt *intr = &usb->intr; 517 struct urb *urb; 518 519 spin_lock_irqsave(&intr->lock, flags); 520 urb = intr->urb; 521 spin_unlock_irqrestore(&intr->lock, flags); 522 return urb != NULL; 523 } 524 525 int zd_usb_enable_int(struct zd_usb *usb) 526 { 527 int r; 528 struct usb_device *udev = zd_usb_to_usbdev(usb); 529 struct zd_usb_interrupt *intr = &usb->intr; 530 struct urb *urb; 531 532 dev_dbg_f(zd_usb_dev(usb), "\n"); 533 534 urb = usb_alloc_urb(0, GFP_KERNEL); 535 if (!urb) { 536 r = -ENOMEM; 537 goto out; 538 } 539 540 ZD_ASSERT(!irqs_disabled()); 541 spin_lock_irq(&intr->lock); 542 if (intr->urb) { 543 spin_unlock_irq(&intr->lock); 544 r = 0; 545 goto error_free_urb; 546 } 547 intr->urb = urb; 548 spin_unlock_irq(&intr->lock); 549 550 r = -ENOMEM; 551 intr->buffer = usb_alloc_coherent(udev, USB_MAX_EP_INT_BUFFER, 552 GFP_KERNEL, &intr->buffer_dma); 553 if (!intr->buffer) { 554 dev_dbg_f(zd_usb_dev(usb), 555 "couldn't allocate transfer_buffer\n"); 556 goto error_set_urb_null; 557 } 558 559 usb_fill_int_urb(urb, udev, usb_rcvintpipe(udev, EP_INT_IN), 560 intr->buffer, USB_MAX_EP_INT_BUFFER, 561 int_urb_complete, usb, 562 intr->interval); 563 urb->transfer_dma = intr->buffer_dma; 564 urb->transfer_flags |= URB_NO_TRANSFER_DMA_MAP; 565 566 dev_dbg_f(zd_usb_dev(usb), "submit urb %p\n", intr->urb); 567 r = usb_submit_urb(urb, GFP_KERNEL); 568 if (r) { 569 dev_dbg_f(zd_usb_dev(usb), 570 "Couldn't submit urb. Error number %d\n", r); 571 goto error; 572 } 573 574 return 0; 575 error: 576 usb_free_coherent(udev, USB_MAX_EP_INT_BUFFER, 577 intr->buffer, intr->buffer_dma); 578 error_set_urb_null: 579 spin_lock_irq(&intr->lock); 580 intr->urb = NULL; 581 spin_unlock_irq(&intr->lock); 582 error_free_urb: 583 usb_free_urb(urb); 584 out: 585 return r; 586 } 587 588 void zd_usb_disable_int(struct zd_usb *usb) 589 { 590 unsigned long flags; 591 struct usb_device *udev = zd_usb_to_usbdev(usb); 592 struct zd_usb_interrupt *intr = &usb->intr; 593 struct urb *urb; 594 void *buffer; 595 dma_addr_t buffer_dma; 596 597 spin_lock_irqsave(&intr->lock, flags); 598 urb = intr->urb; 599 if (!urb) { 600 spin_unlock_irqrestore(&intr->lock, flags); 601 return; 602 } 603 intr->urb = NULL; 604 buffer = intr->buffer; 605 buffer_dma = intr->buffer_dma; 606 intr->buffer = NULL; 607 spin_unlock_irqrestore(&intr->lock, flags); 608 609 usb_kill_urb(urb); 610 dev_dbg_f(zd_usb_dev(usb), "urb %p killed\n", urb); 611 usb_free_urb(urb); 612 613 if (buffer) 614 usb_free_coherent(udev, USB_MAX_EP_INT_BUFFER, 615 buffer, buffer_dma); 616 } 617 618 static void handle_rx_packet(struct zd_usb *usb, const u8 *buffer, 619 unsigned int length) 620 { 621 int i; 622 const struct rx_length_info *length_info; 623 624 if (length < sizeof(struct rx_length_info)) { 625 /* It's not a complete packet anyhow. */ 626 dev_dbg_f(zd_usb_dev(usb), "invalid, small RX packet : %d\n", 627 length); 628 return; 629 } 630 length_info = (struct rx_length_info *) 631 (buffer + length - sizeof(struct rx_length_info)); 632 633 /* It might be that three frames are merged into a single URB 634 * transaction. We have to check for the length info tag. 635 * 636 * While testing we discovered that length_info might be unaligned, 637 * because if USB transactions are merged, the last packet will not 638 * be padded. Unaligned access might also happen if the length_info 639 * structure is not present. 640 */ 641 if (get_unaligned_le16(&length_info->tag) == RX_LENGTH_INFO_TAG) 642 { 643 unsigned int l, k, n; 644 for (i = 0, l = 0;; i++) { 645 k = get_unaligned_le16(&length_info->length[i]); 646 if (k == 0) 647 return; 648 n = l+k; 649 if (n > length) 650 return; 651 zd_mac_rx(zd_usb_to_hw(usb), buffer+l, k); 652 if (i >= 2) 653 return; 654 l = (n+3) & ~3; 655 } 656 } else { 657 zd_mac_rx(zd_usb_to_hw(usb), buffer, length); 658 } 659 } 660 661 static void rx_urb_complete(struct urb *urb) 662 { 663 int r; 664 struct zd_usb *usb; 665 struct zd_usb_rx *rx; 666 const u8 *buffer; 667 unsigned int length; 668 669 switch (urb->status) { 670 case 0: 671 break; 672 case -ESHUTDOWN: 673 case -EINVAL: 674 case -ENODEV: 675 case -ENOENT: 676 case -ECONNRESET: 677 case -EPIPE: 678 dev_dbg_f(urb_dev(urb), "urb %p error %d\n", urb, urb->status); 679 return; 680 default: 681 dev_dbg_f(urb_dev(urb), "urb %p error %d\n", urb, urb->status); 682 goto resubmit; 683 } 684 685 buffer = urb->transfer_buffer; 686 length = urb->actual_length; 687 usb = urb->context; 688 rx = &usb->rx; 689 690 tasklet_schedule(&rx->reset_timer_tasklet); 691 692 if (length%rx->usb_packet_size > rx->usb_packet_size-4) { 693 /* If there is an old first fragment, we don't care. */ 694 dev_dbg_f(urb_dev(urb), "*** first fragment ***\n"); 695 ZD_ASSERT(length <= ARRAY_SIZE(rx->fragment)); 696 spin_lock(&rx->lock); 697 memcpy(rx->fragment, buffer, length); 698 rx->fragment_length = length; 699 spin_unlock(&rx->lock); 700 goto resubmit; 701 } 702 703 spin_lock(&rx->lock); 704 if (rx->fragment_length > 0) { 705 /* We are on a second fragment, we believe */ 706 ZD_ASSERT(length + rx->fragment_length <= 707 ARRAY_SIZE(rx->fragment)); 708 dev_dbg_f(urb_dev(urb), "*** second fragment ***\n"); 709 memcpy(rx->fragment+rx->fragment_length, buffer, length); 710 handle_rx_packet(usb, rx->fragment, 711 rx->fragment_length + length); 712 rx->fragment_length = 0; 713 spin_unlock(&rx->lock); 714 } else { 715 spin_unlock(&rx->lock); 716 handle_rx_packet(usb, buffer, length); 717 } 718 719 resubmit: 720 r = usb_submit_urb(urb, GFP_ATOMIC); 721 if (r) 722 dev_dbg_f(urb_dev(urb), "urb %p resubmit error %d\n", urb, r); 723 } 724 725 static struct urb *alloc_rx_urb(struct zd_usb *usb) 726 { 727 struct usb_device *udev = zd_usb_to_usbdev(usb); 728 struct urb *urb; 729 void *buffer; 730 731 urb = usb_alloc_urb(0, GFP_KERNEL); 732 if (!urb) 733 return NULL; 734 buffer = usb_alloc_coherent(udev, USB_MAX_RX_SIZE, GFP_KERNEL, 735 &urb->transfer_dma); 736 if (!buffer) { 737 usb_free_urb(urb); 738 return NULL; 739 } 740 741 usb_fill_bulk_urb(urb, udev, usb_rcvbulkpipe(udev, EP_DATA_IN), 742 buffer, USB_MAX_RX_SIZE, 743 rx_urb_complete, usb); 744 urb->transfer_flags |= URB_NO_TRANSFER_DMA_MAP; 745 746 return urb; 747 } 748 749 static void free_rx_urb(struct urb *urb) 750 { 751 if (!urb) 752 return; 753 usb_free_coherent(urb->dev, urb->transfer_buffer_length, 754 urb->transfer_buffer, urb->transfer_dma); 755 usb_free_urb(urb); 756 } 757 758 static int __zd_usb_enable_rx(struct zd_usb *usb) 759 { 760 int i, r; 761 struct zd_usb_rx *rx = &usb->rx; 762 struct urb **urbs; 763 764 dev_dbg_f(zd_usb_dev(usb), "\n"); 765 766 r = -ENOMEM; 767 urbs = kcalloc(RX_URBS_COUNT, sizeof(struct urb *), GFP_KERNEL); 768 if (!urbs) 769 goto error; 770 for (i = 0; i < RX_URBS_COUNT; i++) { 771 urbs[i] = alloc_rx_urb(usb); 772 if (!urbs[i]) 773 goto error; 774 } 775 776 ZD_ASSERT(!irqs_disabled()); 777 spin_lock_irq(&rx->lock); 778 if (rx->urbs) { 779 spin_unlock_irq(&rx->lock); 780 r = 0; 781 goto error; 782 } 783 rx->urbs = urbs; 784 rx->urbs_count = RX_URBS_COUNT; 785 spin_unlock_irq(&rx->lock); 786 787 for (i = 0; i < RX_URBS_COUNT; i++) { 788 r = usb_submit_urb(urbs[i], GFP_KERNEL); 789 if (r) 790 goto error_submit; 791 } 792 793 return 0; 794 error_submit: 795 for (i = 0; i < RX_URBS_COUNT; i++) { 796 usb_kill_urb(urbs[i]); 797 } 798 spin_lock_irq(&rx->lock); 799 rx->urbs = NULL; 800 rx->urbs_count = 0; 801 spin_unlock_irq(&rx->lock); 802 error: 803 if (urbs) { 804 for (i = 0; i < RX_URBS_COUNT; i++) 805 free_rx_urb(urbs[i]); 806 } 807 return r; 808 } 809 810 int zd_usb_enable_rx(struct zd_usb *usb) 811 { 812 int r; 813 struct zd_usb_rx *rx = &usb->rx; 814 815 mutex_lock(&rx->setup_mutex); 816 r = __zd_usb_enable_rx(usb); 817 mutex_unlock(&rx->setup_mutex); 818 819 zd_usb_reset_rx_idle_timer(usb); 820 821 return r; 822 } 823 824 static void __zd_usb_disable_rx(struct zd_usb *usb) 825 { 826 int i; 827 unsigned long flags; 828 struct urb **urbs; 829 unsigned int count; 830 struct zd_usb_rx *rx = &usb->rx; 831 832 spin_lock_irqsave(&rx->lock, flags); 833 urbs = rx->urbs; 834 count = rx->urbs_count; 835 spin_unlock_irqrestore(&rx->lock, flags); 836 if (!urbs) 837 return; 838 839 for (i = 0; i < count; i++) { 840 usb_kill_urb(urbs[i]); 841 free_rx_urb(urbs[i]); 842 } 843 kfree(urbs); 844 845 spin_lock_irqsave(&rx->lock, flags); 846 rx->urbs = NULL; 847 rx->urbs_count = 0; 848 spin_unlock_irqrestore(&rx->lock, flags); 849 } 850 851 void zd_usb_disable_rx(struct zd_usb *usb) 852 { 853 struct zd_usb_rx *rx = &usb->rx; 854 855 mutex_lock(&rx->setup_mutex); 856 __zd_usb_disable_rx(usb); 857 mutex_unlock(&rx->setup_mutex); 858 859 tasklet_kill(&rx->reset_timer_tasklet); 860 cancel_delayed_work_sync(&rx->idle_work); 861 } 862 863 static void zd_usb_reset_rx(struct zd_usb *usb) 864 { 865 bool do_reset; 866 struct zd_usb_rx *rx = &usb->rx; 867 unsigned long flags; 868 869 mutex_lock(&rx->setup_mutex); 870 871 spin_lock_irqsave(&rx->lock, flags); 872 do_reset = rx->urbs != NULL; 873 spin_unlock_irqrestore(&rx->lock, flags); 874 875 if (do_reset) { 876 __zd_usb_disable_rx(usb); 877 __zd_usb_enable_rx(usb); 878 } 879 880 mutex_unlock(&rx->setup_mutex); 881 882 if (do_reset) 883 zd_usb_reset_rx_idle_timer(usb); 884 } 885 886 /** 887 * zd_usb_disable_tx - disable transmission 888 * @usb: the zd1211rw-private USB structure 889 * 890 * Frees all URBs in the free list and marks the transmission as disabled. 891 */ 892 void zd_usb_disable_tx(struct zd_usb *usb) 893 { 894 struct zd_usb_tx *tx = &usb->tx; 895 unsigned long flags; 896 897 atomic_set(&tx->enabled, 0); 898 899 /* kill all submitted tx-urbs */ 900 usb_kill_anchored_urbs(&tx->submitted); 901 902 spin_lock_irqsave(&tx->lock, flags); 903 WARN_ON(!skb_queue_empty(&tx->submitted_skbs)); 904 WARN_ON(tx->submitted_urbs != 0); 905 tx->submitted_urbs = 0; 906 spin_unlock_irqrestore(&tx->lock, flags); 907 908 /* The stopped state is ignored, relying on ieee80211_wake_queues() 909 * in a potentionally following zd_usb_enable_tx(). 910 */ 911 } 912 913 /** 914 * zd_usb_enable_tx - enables transmission 915 * @usb: a &struct zd_usb pointer 916 * 917 * This function enables transmission and prepares the &zd_usb_tx data 918 * structure. 919 */ 920 void zd_usb_enable_tx(struct zd_usb *usb) 921 { 922 unsigned long flags; 923 struct zd_usb_tx *tx = &usb->tx; 924 925 spin_lock_irqsave(&tx->lock, flags); 926 atomic_set(&tx->enabled, 1); 927 tx->submitted_urbs = 0; 928 ieee80211_wake_queues(zd_usb_to_hw(usb)); 929 tx->stopped = 0; 930 spin_unlock_irqrestore(&tx->lock, flags); 931 } 932 933 static void tx_dec_submitted_urbs(struct zd_usb *usb) 934 { 935 struct zd_usb_tx *tx = &usb->tx; 936 unsigned long flags; 937 938 spin_lock_irqsave(&tx->lock, flags); 939 --tx->submitted_urbs; 940 if (tx->stopped && tx->submitted_urbs <= ZD_USB_TX_LOW) { 941 ieee80211_wake_queues(zd_usb_to_hw(usb)); 942 tx->stopped = 0; 943 } 944 spin_unlock_irqrestore(&tx->lock, flags); 945 } 946 947 static void tx_inc_submitted_urbs(struct zd_usb *usb) 948 { 949 struct zd_usb_tx *tx = &usb->tx; 950 unsigned long flags; 951 952 spin_lock_irqsave(&tx->lock, flags); 953 ++tx->submitted_urbs; 954 if (!tx->stopped && tx->submitted_urbs > ZD_USB_TX_HIGH) { 955 ieee80211_stop_queues(zd_usb_to_hw(usb)); 956 tx->stopped = 1; 957 } 958 spin_unlock_irqrestore(&tx->lock, flags); 959 } 960 961 /** 962 * tx_urb_complete - completes the execution of an URB 963 * @urb: a URB 964 * 965 * This function is called if the URB has been transferred to a device or an 966 * error has happened. 967 */ 968 static void tx_urb_complete(struct urb *urb) 969 { 970 int r; 971 struct sk_buff *skb; 972 struct ieee80211_tx_info *info; 973 struct zd_usb *usb; 974 struct zd_usb_tx *tx; 975 976 skb = (struct sk_buff *)urb->context; 977 info = IEEE80211_SKB_CB(skb); 978 /* 979 * grab 'usb' pointer before handing off the skb (since 980 * it might be freed by zd_mac_tx_to_dev or mac80211) 981 */ 982 usb = &zd_hw_mac(info->rate_driver_data[0])->chip.usb; 983 tx = &usb->tx; 984 985 switch (urb->status) { 986 case 0: 987 break; 988 case -ESHUTDOWN: 989 case -EINVAL: 990 case -ENODEV: 991 case -ENOENT: 992 case -ECONNRESET: 993 case -EPIPE: 994 dev_dbg_f(urb_dev(urb), "urb %p error %d\n", urb, urb->status); 995 break; 996 default: 997 dev_dbg_f(urb_dev(urb), "urb %p error %d\n", urb, urb->status); 998 goto resubmit; 999 } 1000 free_urb: 1001 skb_unlink(skb, &usb->tx.submitted_skbs); 1002 zd_mac_tx_to_dev(skb, urb->status); 1003 usb_free_urb(urb); 1004 tx_dec_submitted_urbs(usb); 1005 return; 1006 resubmit: 1007 usb_anchor_urb(urb, &tx->submitted); 1008 r = usb_submit_urb(urb, GFP_ATOMIC); 1009 if (r) { 1010 usb_unanchor_urb(urb); 1011 dev_dbg_f(urb_dev(urb), "error resubmit urb %p %d\n", urb, r); 1012 goto free_urb; 1013 } 1014 } 1015 1016 /** 1017 * zd_usb_tx: initiates transfer of a frame of the device 1018 * 1019 * @usb: the zd1211rw-private USB structure 1020 * @skb: a &struct sk_buff pointer 1021 * 1022 * This function tranmits a frame to the device. It doesn't wait for 1023 * completion. The frame must contain the control set and have all the 1024 * control set information available. 1025 * 1026 * The function returns 0 if the transfer has been successfully initiated. 1027 */ 1028 int zd_usb_tx(struct zd_usb *usb, struct sk_buff *skb) 1029 { 1030 int r; 1031 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb); 1032 struct usb_device *udev = zd_usb_to_usbdev(usb); 1033 struct urb *urb; 1034 struct zd_usb_tx *tx = &usb->tx; 1035 1036 if (!atomic_read(&tx->enabled)) { 1037 r = -ENOENT; 1038 goto out; 1039 } 1040 1041 urb = usb_alloc_urb(0, GFP_ATOMIC); 1042 if (!urb) { 1043 r = -ENOMEM; 1044 goto out; 1045 } 1046 1047 usb_fill_bulk_urb(urb, udev, usb_sndbulkpipe(udev, EP_DATA_OUT), 1048 skb->data, skb->len, tx_urb_complete, skb); 1049 1050 info->rate_driver_data[1] = (void *)jiffies; 1051 skb_queue_tail(&tx->submitted_skbs, skb); 1052 usb_anchor_urb(urb, &tx->submitted); 1053 1054 r = usb_submit_urb(urb, GFP_ATOMIC); 1055 if (r) { 1056 dev_dbg_f(zd_usb_dev(usb), "error submit urb %p %d\n", urb, r); 1057 usb_unanchor_urb(urb); 1058 skb_unlink(skb, &tx->submitted_skbs); 1059 goto error; 1060 } 1061 tx_inc_submitted_urbs(usb); 1062 return 0; 1063 error: 1064 usb_free_urb(urb); 1065 out: 1066 return r; 1067 } 1068 1069 static bool zd_tx_timeout(struct zd_usb *usb) 1070 { 1071 struct zd_usb_tx *tx = &usb->tx; 1072 struct sk_buff_head *q = &tx->submitted_skbs; 1073 struct sk_buff *skb, *skbnext; 1074 struct ieee80211_tx_info *info; 1075 unsigned long flags, trans_start; 1076 bool have_timedout = false; 1077 1078 spin_lock_irqsave(&q->lock, flags); 1079 skb_queue_walk_safe(q, skb, skbnext) { 1080 info = IEEE80211_SKB_CB(skb); 1081 trans_start = (unsigned long)info->rate_driver_data[1]; 1082 1083 if (time_is_before_jiffies(trans_start + ZD_TX_TIMEOUT)) { 1084 have_timedout = true; 1085 break; 1086 } 1087 } 1088 spin_unlock_irqrestore(&q->lock, flags); 1089 1090 return have_timedout; 1091 } 1092 1093 static void zd_tx_watchdog_handler(struct work_struct *work) 1094 { 1095 struct zd_usb *usb = 1096 container_of(work, struct zd_usb, tx.watchdog_work.work); 1097 struct zd_usb_tx *tx = &usb->tx; 1098 1099 if (!atomic_read(&tx->enabled) || !tx->watchdog_enabled) 1100 goto out; 1101 if (!zd_tx_timeout(usb)) 1102 goto out; 1103 1104 /* TX halted, try reset */ 1105 dev_warn(zd_usb_dev(usb), "TX-stall detected, resetting device..."); 1106 1107 usb_queue_reset_device(usb->intf); 1108 1109 /* reset will stop this worker, don't rearm */ 1110 return; 1111 out: 1112 queue_delayed_work(zd_workqueue, &tx->watchdog_work, 1113 ZD_TX_WATCHDOG_INTERVAL); 1114 } 1115 1116 void zd_tx_watchdog_enable(struct zd_usb *usb) 1117 { 1118 struct zd_usb_tx *tx = &usb->tx; 1119 1120 if (!tx->watchdog_enabled) { 1121 dev_dbg_f(zd_usb_dev(usb), "\n"); 1122 queue_delayed_work(zd_workqueue, &tx->watchdog_work, 1123 ZD_TX_WATCHDOG_INTERVAL); 1124 tx->watchdog_enabled = 1; 1125 } 1126 } 1127 1128 void zd_tx_watchdog_disable(struct zd_usb *usb) 1129 { 1130 struct zd_usb_tx *tx = &usb->tx; 1131 1132 if (tx->watchdog_enabled) { 1133 dev_dbg_f(zd_usb_dev(usb), "\n"); 1134 tx->watchdog_enabled = 0; 1135 cancel_delayed_work_sync(&tx->watchdog_work); 1136 } 1137 } 1138 1139 static void zd_rx_idle_timer_handler(struct work_struct *work) 1140 { 1141 struct zd_usb *usb = 1142 container_of(work, struct zd_usb, rx.idle_work.work); 1143 struct zd_mac *mac = zd_usb_to_mac(usb); 1144 1145 if (!test_bit(ZD_DEVICE_RUNNING, &mac->flags)) 1146 return; 1147 1148 dev_dbg_f(zd_usb_dev(usb), "\n"); 1149 1150 /* 30 seconds since last rx, reset rx */ 1151 zd_usb_reset_rx(usb); 1152 } 1153 1154 static void zd_usb_reset_rx_idle_timer_tasklet(unsigned long param) 1155 { 1156 struct zd_usb *usb = (struct zd_usb *)param; 1157 1158 zd_usb_reset_rx_idle_timer(usb); 1159 } 1160 1161 void zd_usb_reset_rx_idle_timer(struct zd_usb *usb) 1162 { 1163 struct zd_usb_rx *rx = &usb->rx; 1164 1165 mod_delayed_work(zd_workqueue, &rx->idle_work, ZD_RX_IDLE_INTERVAL); 1166 } 1167 1168 static inline void init_usb_interrupt(struct zd_usb *usb) 1169 { 1170 struct zd_usb_interrupt *intr = &usb->intr; 1171 1172 spin_lock_init(&intr->lock); 1173 intr->interval = int_urb_interval(zd_usb_to_usbdev(usb)); 1174 init_completion(&intr->read_regs.completion); 1175 atomic_set(&intr->read_regs_enabled, 0); 1176 intr->read_regs.cr_int_addr = cpu_to_le16((u16)CR_INTERRUPT); 1177 } 1178 1179 static inline void init_usb_rx(struct zd_usb *usb) 1180 { 1181 struct zd_usb_rx *rx = &usb->rx; 1182 1183 spin_lock_init(&rx->lock); 1184 mutex_init(&rx->setup_mutex); 1185 if (interface_to_usbdev(usb->intf)->speed == USB_SPEED_HIGH) { 1186 rx->usb_packet_size = 512; 1187 } else { 1188 rx->usb_packet_size = 64; 1189 } 1190 ZD_ASSERT(rx->fragment_length == 0); 1191 INIT_DELAYED_WORK(&rx->idle_work, zd_rx_idle_timer_handler); 1192 rx->reset_timer_tasklet.func = zd_usb_reset_rx_idle_timer_tasklet; 1193 rx->reset_timer_tasklet.data = (unsigned long)usb; 1194 } 1195 1196 static inline void init_usb_tx(struct zd_usb *usb) 1197 { 1198 struct zd_usb_tx *tx = &usb->tx; 1199 1200 spin_lock_init(&tx->lock); 1201 atomic_set(&tx->enabled, 0); 1202 tx->stopped = 0; 1203 skb_queue_head_init(&tx->submitted_skbs); 1204 init_usb_anchor(&tx->submitted); 1205 tx->submitted_urbs = 0; 1206 tx->watchdog_enabled = 0; 1207 INIT_DELAYED_WORK(&tx->watchdog_work, zd_tx_watchdog_handler); 1208 } 1209 1210 void zd_usb_init(struct zd_usb *usb, struct ieee80211_hw *hw, 1211 struct usb_interface *intf) 1212 { 1213 memset(usb, 0, sizeof(*usb)); 1214 usb->intf = usb_get_intf(intf); 1215 usb_set_intfdata(usb->intf, hw); 1216 init_usb_anchor(&usb->submitted_cmds); 1217 init_usb_interrupt(usb); 1218 init_usb_tx(usb); 1219 init_usb_rx(usb); 1220 } 1221 1222 void zd_usb_clear(struct zd_usb *usb) 1223 { 1224 usb_set_intfdata(usb->intf, NULL); 1225 usb_put_intf(usb->intf); 1226 ZD_MEMCLEAR(usb, sizeof(*usb)); 1227 /* FIXME: usb_interrupt, usb_tx, usb_rx? */ 1228 } 1229 1230 static const char *speed(enum usb_device_speed speed) 1231 { 1232 switch (speed) { 1233 case USB_SPEED_LOW: 1234 return "low"; 1235 case USB_SPEED_FULL: 1236 return "full"; 1237 case USB_SPEED_HIGH: 1238 return "high"; 1239 default: 1240 return "unknown speed"; 1241 } 1242 } 1243 1244 static int scnprint_id(struct usb_device *udev, char *buffer, size_t size) 1245 { 1246 return scnprintf(buffer, size, "%04hx:%04hx v%04hx %s", 1247 le16_to_cpu(udev->descriptor.idVendor), 1248 le16_to_cpu(udev->descriptor.idProduct), 1249 get_bcdDevice(udev), 1250 speed(udev->speed)); 1251 } 1252 1253 int zd_usb_scnprint_id(struct zd_usb *usb, char *buffer, size_t size) 1254 { 1255 struct usb_device *udev = interface_to_usbdev(usb->intf); 1256 return scnprint_id(udev, buffer, size); 1257 } 1258 1259 #ifdef DEBUG 1260 static void print_id(struct usb_device *udev) 1261 { 1262 char buffer[40]; 1263 1264 scnprint_id(udev, buffer, sizeof(buffer)); 1265 buffer[sizeof(buffer)-1] = 0; 1266 dev_dbg_f(&udev->dev, "%s\n", buffer); 1267 } 1268 #else 1269 #define print_id(udev) do { } while (0) 1270 #endif 1271 1272 static int eject_installer(struct usb_interface *intf) 1273 { 1274 struct usb_device *udev = interface_to_usbdev(intf); 1275 struct usb_host_interface *iface_desc = &intf->altsetting[0]; 1276 struct usb_endpoint_descriptor *endpoint; 1277 unsigned char *cmd; 1278 u8 bulk_out_ep; 1279 int r; 1280 1281 if (iface_desc->desc.bNumEndpoints < 2) 1282 return -ENODEV; 1283 1284 /* Find bulk out endpoint */ 1285 for (r = 1; r >= 0; r--) { 1286 endpoint = &iface_desc->endpoint[r].desc; 1287 if (usb_endpoint_dir_out(endpoint) && 1288 usb_endpoint_xfer_bulk(endpoint)) { 1289 bulk_out_ep = endpoint->bEndpointAddress; 1290 break; 1291 } 1292 } 1293 if (r == -1) { 1294 dev_err(&udev->dev, 1295 "zd1211rw: Could not find bulk out endpoint\n"); 1296 return -ENODEV; 1297 } 1298 1299 cmd = kzalloc(31, GFP_KERNEL); 1300 if (cmd == NULL) 1301 return -ENODEV; 1302 1303 /* USB bulk command block */ 1304 cmd[0] = 0x55; /* bulk command signature */ 1305 cmd[1] = 0x53; /* bulk command signature */ 1306 cmd[2] = 0x42; /* bulk command signature */ 1307 cmd[3] = 0x43; /* bulk command signature */ 1308 cmd[14] = 6; /* command length */ 1309 1310 cmd[15] = 0x1b; /* SCSI command: START STOP UNIT */ 1311 cmd[19] = 0x2; /* eject disc */ 1312 1313 dev_info(&udev->dev, "Ejecting virtual installer media...\n"); 1314 r = usb_bulk_msg(udev, usb_sndbulkpipe(udev, bulk_out_ep), 1315 cmd, 31, NULL, 2000); 1316 kfree(cmd); 1317 if (r) 1318 return r; 1319 1320 /* At this point, the device disconnects and reconnects with the real 1321 * ID numbers. */ 1322 1323 usb_set_intfdata(intf, NULL); 1324 return 0; 1325 } 1326 1327 int zd_usb_init_hw(struct zd_usb *usb) 1328 { 1329 int r; 1330 struct zd_mac *mac = zd_usb_to_mac(usb); 1331 1332 dev_dbg_f(zd_usb_dev(usb), "\n"); 1333 1334 r = upload_firmware(usb); 1335 if (r) { 1336 dev_err(zd_usb_dev(usb), 1337 "couldn't load firmware. Error number %d\n", r); 1338 return r; 1339 } 1340 1341 r = usb_reset_configuration(zd_usb_to_usbdev(usb)); 1342 if (r) { 1343 dev_dbg_f(zd_usb_dev(usb), 1344 "couldn't reset configuration. Error number %d\n", r); 1345 return r; 1346 } 1347 1348 r = zd_mac_init_hw(mac->hw); 1349 if (r) { 1350 dev_dbg_f(zd_usb_dev(usb), 1351 "couldn't initialize mac. Error number %d\n", r); 1352 return r; 1353 } 1354 1355 usb->initialized = 1; 1356 return 0; 1357 } 1358 1359 static int probe(struct usb_interface *intf, const struct usb_device_id *id) 1360 { 1361 int r; 1362 struct usb_device *udev = interface_to_usbdev(intf); 1363 struct zd_usb *usb; 1364 struct ieee80211_hw *hw = NULL; 1365 1366 print_id(udev); 1367 1368 if (id->driver_info & DEVICE_INSTALLER) 1369 return eject_installer(intf); 1370 1371 switch (udev->speed) { 1372 case USB_SPEED_LOW: 1373 case USB_SPEED_FULL: 1374 case USB_SPEED_HIGH: 1375 break; 1376 default: 1377 dev_dbg_f(&intf->dev, "Unknown USB speed\n"); 1378 r = -ENODEV; 1379 goto error; 1380 } 1381 1382 r = usb_reset_device(udev); 1383 if (r) { 1384 dev_err(&intf->dev, 1385 "couldn't reset usb device. Error number %d\n", r); 1386 goto error; 1387 } 1388 1389 hw = zd_mac_alloc_hw(intf); 1390 if (hw == NULL) { 1391 r = -ENOMEM; 1392 goto error; 1393 } 1394 1395 usb = &zd_hw_mac(hw)->chip.usb; 1396 usb->is_zd1211b = (id->driver_info == DEVICE_ZD1211B) != 0; 1397 1398 r = zd_mac_preinit_hw(hw); 1399 if (r) { 1400 dev_dbg_f(&intf->dev, 1401 "couldn't initialize mac. Error number %d\n", r); 1402 goto error; 1403 } 1404 1405 r = ieee80211_register_hw(hw); 1406 if (r) { 1407 dev_dbg_f(&intf->dev, 1408 "couldn't register device. Error number %d\n", r); 1409 goto error; 1410 } 1411 1412 dev_dbg_f(&intf->dev, "successful\n"); 1413 dev_info(&intf->dev, "%s\n", wiphy_name(hw->wiphy)); 1414 return 0; 1415 error: 1416 usb_reset_device(interface_to_usbdev(intf)); 1417 if (hw) { 1418 zd_mac_clear(zd_hw_mac(hw)); 1419 ieee80211_free_hw(hw); 1420 } 1421 return r; 1422 } 1423 1424 static void disconnect(struct usb_interface *intf) 1425 { 1426 struct ieee80211_hw *hw = zd_intf_to_hw(intf); 1427 struct zd_mac *mac; 1428 struct zd_usb *usb; 1429 1430 /* Either something really bad happened, or we're just dealing with 1431 * a DEVICE_INSTALLER. */ 1432 if (hw == NULL) 1433 return; 1434 1435 mac = zd_hw_mac(hw); 1436 usb = &mac->chip.usb; 1437 1438 dev_dbg_f(zd_usb_dev(usb), "\n"); 1439 1440 ieee80211_unregister_hw(hw); 1441 1442 /* Just in case something has gone wrong! */ 1443 zd_usb_disable_tx(usb); 1444 zd_usb_disable_rx(usb); 1445 zd_usb_disable_int(usb); 1446 1447 /* If the disconnect has been caused by a removal of the 1448 * driver module, the reset allows reloading of the driver. If the 1449 * reset will not be executed here, the upload of the firmware in the 1450 * probe function caused by the reloading of the driver will fail. 1451 */ 1452 usb_reset_device(interface_to_usbdev(intf)); 1453 1454 zd_mac_clear(mac); 1455 ieee80211_free_hw(hw); 1456 dev_dbg(&intf->dev, "disconnected\n"); 1457 } 1458 1459 static void zd_usb_resume(struct zd_usb *usb) 1460 { 1461 struct zd_mac *mac = zd_usb_to_mac(usb); 1462 int r; 1463 1464 dev_dbg_f(zd_usb_dev(usb), "\n"); 1465 1466 r = zd_op_start(zd_usb_to_hw(usb)); 1467 if (r < 0) { 1468 dev_warn(zd_usb_dev(usb), "Device resume failed " 1469 "with error code %d. Retrying...\n", r); 1470 if (usb->was_running) 1471 set_bit(ZD_DEVICE_RUNNING, &mac->flags); 1472 usb_queue_reset_device(usb->intf); 1473 return; 1474 } 1475 1476 if (mac->type != NL80211_IFTYPE_UNSPECIFIED) { 1477 r = zd_restore_settings(mac); 1478 if (r < 0) { 1479 dev_dbg(zd_usb_dev(usb), 1480 "failed to restore settings, %d\n", r); 1481 return; 1482 } 1483 } 1484 } 1485 1486 static void zd_usb_stop(struct zd_usb *usb) 1487 { 1488 dev_dbg_f(zd_usb_dev(usb), "\n"); 1489 1490 zd_op_stop(zd_usb_to_hw(usb)); 1491 1492 zd_usb_disable_tx(usb); 1493 zd_usb_disable_rx(usb); 1494 zd_usb_disable_int(usb); 1495 1496 usb->initialized = 0; 1497 } 1498 1499 static int pre_reset(struct usb_interface *intf) 1500 { 1501 struct ieee80211_hw *hw = usb_get_intfdata(intf); 1502 struct zd_mac *mac; 1503 struct zd_usb *usb; 1504 1505 if (!hw || intf->condition != USB_INTERFACE_BOUND) 1506 return 0; 1507 1508 mac = zd_hw_mac(hw); 1509 usb = &mac->chip.usb; 1510 1511 usb->was_running = test_bit(ZD_DEVICE_RUNNING, &mac->flags); 1512 1513 zd_usb_stop(usb); 1514 1515 mutex_lock(&mac->chip.mutex); 1516 return 0; 1517 } 1518 1519 static int post_reset(struct usb_interface *intf) 1520 { 1521 struct ieee80211_hw *hw = usb_get_intfdata(intf); 1522 struct zd_mac *mac; 1523 struct zd_usb *usb; 1524 1525 if (!hw || intf->condition != USB_INTERFACE_BOUND) 1526 return 0; 1527 1528 mac = zd_hw_mac(hw); 1529 usb = &mac->chip.usb; 1530 1531 mutex_unlock(&mac->chip.mutex); 1532 1533 if (usb->was_running) 1534 zd_usb_resume(usb); 1535 return 0; 1536 } 1537 1538 static struct usb_driver driver = { 1539 .name = KBUILD_MODNAME, 1540 .id_table = usb_ids, 1541 .probe = probe, 1542 .disconnect = disconnect, 1543 .pre_reset = pre_reset, 1544 .post_reset = post_reset, 1545 .disable_hub_initiated_lpm = 1, 1546 }; 1547 1548 struct workqueue_struct *zd_workqueue; 1549 1550 static int __init usb_init(void) 1551 { 1552 int r; 1553 1554 pr_debug("%s usb_init()\n", driver.name); 1555 1556 zd_workqueue = create_singlethread_workqueue(driver.name); 1557 if (zd_workqueue == NULL) { 1558 printk(KERN_ERR "%s couldn't create workqueue\n", driver.name); 1559 return -ENOMEM; 1560 } 1561 1562 r = usb_register(&driver); 1563 if (r) { 1564 destroy_workqueue(zd_workqueue); 1565 printk(KERN_ERR "%s usb_register() failed. Error number %d\n", 1566 driver.name, r); 1567 return r; 1568 } 1569 1570 pr_debug("%s initialized\n", driver.name); 1571 return 0; 1572 } 1573 1574 static void __exit usb_exit(void) 1575 { 1576 pr_debug("%s usb_exit()\n", driver.name); 1577 usb_deregister(&driver); 1578 destroy_workqueue(zd_workqueue); 1579 } 1580 1581 module_init(usb_init); 1582 module_exit(usb_exit); 1583 1584 static int zd_ep_regs_out_msg(struct usb_device *udev, void *data, int len, 1585 int *actual_length, int timeout) 1586 { 1587 /* In USB 2.0 mode EP_REGS_OUT endpoint is interrupt type. However in 1588 * USB 1.1 mode endpoint is bulk. Select correct type URB by endpoint 1589 * descriptor. 1590 */ 1591 struct usb_host_endpoint *ep; 1592 unsigned int pipe; 1593 1594 pipe = usb_sndintpipe(udev, EP_REGS_OUT); 1595 ep = usb_pipe_endpoint(udev, pipe); 1596 if (!ep) 1597 return -EINVAL; 1598 1599 if (usb_endpoint_xfer_int(&ep->desc)) { 1600 return usb_interrupt_msg(udev, pipe, data, len, 1601 actual_length, timeout); 1602 } else { 1603 pipe = usb_sndbulkpipe(udev, EP_REGS_OUT); 1604 return usb_bulk_msg(udev, pipe, data, len, actual_length, 1605 timeout); 1606 } 1607 } 1608 1609 static int usb_int_regs_length(unsigned int count) 1610 { 1611 return sizeof(struct usb_int_regs) + count * sizeof(struct reg_data); 1612 } 1613 1614 static void prepare_read_regs_int(struct zd_usb *usb, 1615 struct usb_req_read_regs *req, 1616 unsigned int count) 1617 { 1618 struct zd_usb_interrupt *intr = &usb->intr; 1619 1620 spin_lock_irq(&intr->lock); 1621 atomic_set(&intr->read_regs_enabled, 1); 1622 intr->read_regs.req = req; 1623 intr->read_regs.req_count = count; 1624 reinit_completion(&intr->read_regs.completion); 1625 spin_unlock_irq(&intr->lock); 1626 } 1627 1628 static void disable_read_regs_int(struct zd_usb *usb) 1629 { 1630 struct zd_usb_interrupt *intr = &usb->intr; 1631 1632 spin_lock_irq(&intr->lock); 1633 atomic_set(&intr->read_regs_enabled, 0); 1634 spin_unlock_irq(&intr->lock); 1635 } 1636 1637 static bool check_read_regs(struct zd_usb *usb, struct usb_req_read_regs *req, 1638 unsigned int count) 1639 { 1640 int i; 1641 struct zd_usb_interrupt *intr = &usb->intr; 1642 struct read_regs_int *rr = &intr->read_regs; 1643 struct usb_int_regs *regs = (struct usb_int_regs *)rr->buffer; 1644 1645 /* The created block size seems to be larger than expected. 1646 * However results appear to be correct. 1647 */ 1648 if (rr->length < usb_int_regs_length(count)) { 1649 dev_dbg_f(zd_usb_dev(usb), 1650 "error: actual length %d less than expected %d\n", 1651 rr->length, usb_int_regs_length(count)); 1652 return false; 1653 } 1654 1655 if (rr->length > sizeof(rr->buffer)) { 1656 dev_dbg_f(zd_usb_dev(usb), 1657 "error: actual length %d exceeds buffer size %zu\n", 1658 rr->length, sizeof(rr->buffer)); 1659 return false; 1660 } 1661 1662 for (i = 0; i < count; i++) { 1663 struct reg_data *rd = ®s->regs[i]; 1664 if (rd->addr != req->addr[i]) { 1665 dev_dbg_f(zd_usb_dev(usb), 1666 "rd[%d] addr %#06hx expected %#06hx\n", i, 1667 le16_to_cpu(rd->addr), 1668 le16_to_cpu(req->addr[i])); 1669 return false; 1670 } 1671 } 1672 1673 return true; 1674 } 1675 1676 static int get_results(struct zd_usb *usb, u16 *values, 1677 struct usb_req_read_regs *req, unsigned int count, 1678 bool *retry) 1679 { 1680 int r; 1681 int i; 1682 struct zd_usb_interrupt *intr = &usb->intr; 1683 struct read_regs_int *rr = &intr->read_regs; 1684 struct usb_int_regs *regs = (struct usb_int_regs *)rr->buffer; 1685 1686 spin_lock_irq(&intr->lock); 1687 1688 r = -EIO; 1689 1690 /* Read failed because firmware bug? */ 1691 *retry = !!intr->read_regs_int_overridden; 1692 if (*retry) 1693 goto error_unlock; 1694 1695 if (!check_read_regs(usb, req, count)) { 1696 dev_dbg_f(zd_usb_dev(usb), "error: invalid read regs\n"); 1697 goto error_unlock; 1698 } 1699 1700 for (i = 0; i < count; i++) { 1701 struct reg_data *rd = ®s->regs[i]; 1702 values[i] = le16_to_cpu(rd->value); 1703 } 1704 1705 r = 0; 1706 error_unlock: 1707 spin_unlock_irq(&intr->lock); 1708 return r; 1709 } 1710 1711 int zd_usb_ioread16v(struct zd_usb *usb, u16 *values, 1712 const zd_addr_t *addresses, unsigned int count) 1713 { 1714 int r, i, req_len, actual_req_len, try_count = 0; 1715 struct usb_device *udev; 1716 struct usb_req_read_regs *req = NULL; 1717 unsigned long timeout; 1718 bool retry = false; 1719 1720 if (count < 1) { 1721 dev_dbg_f(zd_usb_dev(usb), "error: count is zero\n"); 1722 return -EINVAL; 1723 } 1724 if (count > USB_MAX_IOREAD16_COUNT) { 1725 dev_dbg_f(zd_usb_dev(usb), 1726 "error: count %u exceeds possible max %u\n", 1727 count, USB_MAX_IOREAD16_COUNT); 1728 return -EINVAL; 1729 } 1730 if (in_atomic()) { 1731 dev_dbg_f(zd_usb_dev(usb), 1732 "error: io in atomic context not supported\n"); 1733 return -EWOULDBLOCK; 1734 } 1735 if (!usb_int_enabled(usb)) { 1736 dev_dbg_f(zd_usb_dev(usb), 1737 "error: usb interrupt not enabled\n"); 1738 return -EWOULDBLOCK; 1739 } 1740 1741 ZD_ASSERT(mutex_is_locked(&zd_usb_to_chip(usb)->mutex)); 1742 BUILD_BUG_ON(sizeof(struct usb_req_read_regs) + USB_MAX_IOREAD16_COUNT * 1743 sizeof(__le16) > sizeof(usb->req_buf)); 1744 BUG_ON(sizeof(struct usb_req_read_regs) + count * sizeof(__le16) > 1745 sizeof(usb->req_buf)); 1746 1747 req_len = sizeof(struct usb_req_read_regs) + count * sizeof(__le16); 1748 req = (void *)usb->req_buf; 1749 1750 req->id = cpu_to_le16(USB_REQ_READ_REGS); 1751 for (i = 0; i < count; i++) 1752 req->addr[i] = cpu_to_le16((u16)addresses[i]); 1753 1754 retry_read: 1755 try_count++; 1756 udev = zd_usb_to_usbdev(usb); 1757 prepare_read_regs_int(usb, req, count); 1758 r = zd_ep_regs_out_msg(udev, req, req_len, &actual_req_len, 50 /*ms*/); 1759 if (r) { 1760 dev_dbg_f(zd_usb_dev(usb), 1761 "error in zd_ep_regs_out_msg(). Error number %d\n", r); 1762 goto error; 1763 } 1764 if (req_len != actual_req_len) { 1765 dev_dbg_f(zd_usb_dev(usb), "error in zd_ep_regs_out_msg()\n" 1766 " req_len %d != actual_req_len %d\n", 1767 req_len, actual_req_len); 1768 r = -EIO; 1769 goto error; 1770 } 1771 1772 timeout = wait_for_completion_timeout(&usb->intr.read_regs.completion, 1773 msecs_to_jiffies(50)); 1774 if (!timeout) { 1775 disable_read_regs_int(usb); 1776 dev_dbg_f(zd_usb_dev(usb), "read timed out\n"); 1777 r = -ETIMEDOUT; 1778 goto error; 1779 } 1780 1781 r = get_results(usb, values, req, count, &retry); 1782 if (retry && try_count < 20) { 1783 dev_dbg_f(zd_usb_dev(usb), "read retry, tries so far: %d\n", 1784 try_count); 1785 goto retry_read; 1786 } 1787 error: 1788 return r; 1789 } 1790 1791 static void iowrite16v_urb_complete(struct urb *urb) 1792 { 1793 struct zd_usb *usb = urb->context; 1794 1795 if (urb->status && !usb->cmd_error) 1796 usb->cmd_error = urb->status; 1797 1798 if (!usb->cmd_error && 1799 urb->actual_length != urb->transfer_buffer_length) 1800 usb->cmd_error = -EIO; 1801 } 1802 1803 static int zd_submit_waiting_urb(struct zd_usb *usb, bool last) 1804 { 1805 int r = 0; 1806 struct urb *urb = usb->urb_async_waiting; 1807 1808 if (!urb) 1809 return 0; 1810 1811 usb->urb_async_waiting = NULL; 1812 1813 if (!last) 1814 urb->transfer_flags |= URB_NO_INTERRUPT; 1815 1816 usb_anchor_urb(urb, &usb->submitted_cmds); 1817 r = usb_submit_urb(urb, GFP_KERNEL); 1818 if (r) { 1819 usb_unanchor_urb(urb); 1820 dev_dbg_f(zd_usb_dev(usb), 1821 "error in usb_submit_urb(). Error number %d\n", r); 1822 goto error; 1823 } 1824 1825 /* fall-through with r == 0 */ 1826 error: 1827 usb_free_urb(urb); 1828 return r; 1829 } 1830 1831 void zd_usb_iowrite16v_async_start(struct zd_usb *usb) 1832 { 1833 ZD_ASSERT(usb_anchor_empty(&usb->submitted_cmds)); 1834 ZD_ASSERT(usb->urb_async_waiting == NULL); 1835 ZD_ASSERT(!usb->in_async); 1836 1837 ZD_ASSERT(mutex_is_locked(&zd_usb_to_chip(usb)->mutex)); 1838 1839 usb->in_async = 1; 1840 usb->cmd_error = 0; 1841 usb->urb_async_waiting = NULL; 1842 } 1843 1844 int zd_usb_iowrite16v_async_end(struct zd_usb *usb, unsigned int timeout) 1845 { 1846 int r; 1847 1848 ZD_ASSERT(mutex_is_locked(&zd_usb_to_chip(usb)->mutex)); 1849 ZD_ASSERT(usb->in_async); 1850 1851 /* Submit last iowrite16v URB */ 1852 r = zd_submit_waiting_urb(usb, true); 1853 if (r) { 1854 dev_dbg_f(zd_usb_dev(usb), 1855 "error in zd_submit_waiting_usb(). " 1856 "Error number %d\n", r); 1857 1858 usb_kill_anchored_urbs(&usb->submitted_cmds); 1859 goto error; 1860 } 1861 1862 if (timeout) 1863 timeout = usb_wait_anchor_empty_timeout(&usb->submitted_cmds, 1864 timeout); 1865 if (!timeout) { 1866 usb_kill_anchored_urbs(&usb->submitted_cmds); 1867 if (usb->cmd_error == -ENOENT) { 1868 dev_dbg_f(zd_usb_dev(usb), "timed out"); 1869 r = -ETIMEDOUT; 1870 goto error; 1871 } 1872 } 1873 1874 r = usb->cmd_error; 1875 error: 1876 usb->in_async = 0; 1877 return r; 1878 } 1879 1880 int zd_usb_iowrite16v_async(struct zd_usb *usb, const struct zd_ioreq16 *ioreqs, 1881 unsigned int count) 1882 { 1883 int r; 1884 struct usb_device *udev; 1885 struct usb_req_write_regs *req = NULL; 1886 int i, req_len; 1887 struct urb *urb; 1888 struct usb_host_endpoint *ep; 1889 1890 ZD_ASSERT(mutex_is_locked(&zd_usb_to_chip(usb)->mutex)); 1891 ZD_ASSERT(usb->in_async); 1892 1893 if (count == 0) 1894 return 0; 1895 if (count > USB_MAX_IOWRITE16_COUNT) { 1896 dev_dbg_f(zd_usb_dev(usb), 1897 "error: count %u exceeds possible max %u\n", 1898 count, USB_MAX_IOWRITE16_COUNT); 1899 return -EINVAL; 1900 } 1901 if (in_atomic()) { 1902 dev_dbg_f(zd_usb_dev(usb), 1903 "error: io in atomic context not supported\n"); 1904 return -EWOULDBLOCK; 1905 } 1906 1907 udev = zd_usb_to_usbdev(usb); 1908 1909 ep = usb_pipe_endpoint(udev, usb_sndintpipe(udev, EP_REGS_OUT)); 1910 if (!ep) 1911 return -ENOENT; 1912 1913 urb = usb_alloc_urb(0, GFP_KERNEL); 1914 if (!urb) 1915 return -ENOMEM; 1916 1917 req_len = sizeof(struct usb_req_write_regs) + 1918 count * sizeof(struct reg_data); 1919 req = kmalloc(req_len, GFP_KERNEL); 1920 if (!req) { 1921 r = -ENOMEM; 1922 goto error; 1923 } 1924 1925 req->id = cpu_to_le16(USB_REQ_WRITE_REGS); 1926 for (i = 0; i < count; i++) { 1927 struct reg_data *rw = &req->reg_writes[i]; 1928 rw->addr = cpu_to_le16((u16)ioreqs[i].addr); 1929 rw->value = cpu_to_le16(ioreqs[i].value); 1930 } 1931 1932 /* In USB 2.0 mode endpoint is interrupt type. However in USB 1.1 mode 1933 * endpoint is bulk. Select correct type URB by endpoint descriptor. 1934 */ 1935 if (usb_endpoint_xfer_int(&ep->desc)) 1936 usb_fill_int_urb(urb, udev, usb_sndintpipe(udev, EP_REGS_OUT), 1937 req, req_len, iowrite16v_urb_complete, usb, 1938 ep->desc.bInterval); 1939 else 1940 usb_fill_bulk_urb(urb, udev, usb_sndbulkpipe(udev, EP_REGS_OUT), 1941 req, req_len, iowrite16v_urb_complete, usb); 1942 1943 urb->transfer_flags |= URB_FREE_BUFFER; 1944 1945 /* Submit previous URB */ 1946 r = zd_submit_waiting_urb(usb, false); 1947 if (r) { 1948 dev_dbg_f(zd_usb_dev(usb), 1949 "error in zd_submit_waiting_usb(). " 1950 "Error number %d\n", r); 1951 goto error; 1952 } 1953 1954 /* Delay submit so that URB_NO_INTERRUPT flag can be set for all URBs 1955 * of currect batch except for very last. 1956 */ 1957 usb->urb_async_waiting = urb; 1958 return 0; 1959 error: 1960 usb_free_urb(urb); 1961 return r; 1962 } 1963 1964 int zd_usb_iowrite16v(struct zd_usb *usb, const struct zd_ioreq16 *ioreqs, 1965 unsigned int count) 1966 { 1967 int r; 1968 1969 zd_usb_iowrite16v_async_start(usb); 1970 r = zd_usb_iowrite16v_async(usb, ioreqs, count); 1971 if (r) { 1972 zd_usb_iowrite16v_async_end(usb, 0); 1973 return r; 1974 } 1975 return zd_usb_iowrite16v_async_end(usb, 50 /* ms */); 1976 } 1977 1978 int zd_usb_rfwrite(struct zd_usb *usb, u32 value, u8 bits) 1979 { 1980 int r; 1981 struct usb_device *udev; 1982 struct usb_req_rfwrite *req = NULL; 1983 int i, req_len, actual_req_len; 1984 u16 bit_value_template; 1985 1986 if (in_atomic()) { 1987 dev_dbg_f(zd_usb_dev(usb), 1988 "error: io in atomic context not supported\n"); 1989 return -EWOULDBLOCK; 1990 } 1991 if (bits < USB_MIN_RFWRITE_BIT_COUNT) { 1992 dev_dbg_f(zd_usb_dev(usb), 1993 "error: bits %d are smaller than" 1994 " USB_MIN_RFWRITE_BIT_COUNT %d\n", 1995 bits, USB_MIN_RFWRITE_BIT_COUNT); 1996 return -EINVAL; 1997 } 1998 if (bits > USB_MAX_RFWRITE_BIT_COUNT) { 1999 dev_dbg_f(zd_usb_dev(usb), 2000 "error: bits %d exceed USB_MAX_RFWRITE_BIT_COUNT %d\n", 2001 bits, USB_MAX_RFWRITE_BIT_COUNT); 2002 return -EINVAL; 2003 } 2004 #ifdef DEBUG 2005 if (value & (~0UL << bits)) { 2006 dev_dbg_f(zd_usb_dev(usb), 2007 "error: value %#09x has bits >= %d set\n", 2008 value, bits); 2009 return -EINVAL; 2010 } 2011 #endif /* DEBUG */ 2012 2013 dev_dbg_f(zd_usb_dev(usb), "value %#09x bits %d\n", value, bits); 2014 2015 r = zd_usb_ioread16(usb, &bit_value_template, ZD_CR203); 2016 if (r) { 2017 dev_dbg_f(zd_usb_dev(usb), 2018 "error %d: Couldn't read ZD_CR203\n", r); 2019 return r; 2020 } 2021 bit_value_template &= ~(RF_IF_LE|RF_CLK|RF_DATA); 2022 2023 ZD_ASSERT(mutex_is_locked(&zd_usb_to_chip(usb)->mutex)); 2024 BUILD_BUG_ON(sizeof(struct usb_req_rfwrite) + 2025 USB_MAX_RFWRITE_BIT_COUNT * sizeof(__le16) > 2026 sizeof(usb->req_buf)); 2027 BUG_ON(sizeof(struct usb_req_rfwrite) + bits * sizeof(__le16) > 2028 sizeof(usb->req_buf)); 2029 2030 req_len = sizeof(struct usb_req_rfwrite) + bits * sizeof(__le16); 2031 req = (void *)usb->req_buf; 2032 2033 req->id = cpu_to_le16(USB_REQ_WRITE_RF); 2034 /* 1: 3683a, but not used in ZYDAS driver */ 2035 req->value = cpu_to_le16(2); 2036 req->bits = cpu_to_le16(bits); 2037 2038 for (i = 0; i < bits; i++) { 2039 u16 bv = bit_value_template; 2040 if (value & (1 << (bits-1-i))) 2041 bv |= RF_DATA; 2042 req->bit_values[i] = cpu_to_le16(bv); 2043 } 2044 2045 udev = zd_usb_to_usbdev(usb); 2046 r = zd_ep_regs_out_msg(udev, req, req_len, &actual_req_len, 50 /*ms*/); 2047 if (r) { 2048 dev_dbg_f(zd_usb_dev(usb), 2049 "error in zd_ep_regs_out_msg(). Error number %d\n", r); 2050 goto out; 2051 } 2052 if (req_len != actual_req_len) { 2053 dev_dbg_f(zd_usb_dev(usb), "error in zd_ep_regs_out_msg()" 2054 " req_len %d != actual_req_len %d\n", 2055 req_len, actual_req_len); 2056 r = -EIO; 2057 goto out; 2058 } 2059 2060 /* FALL-THROUGH with r == 0 */ 2061 out: 2062 return r; 2063 } 2064