1 /*
2 * Intel Wireless WiMAX Connection 2400m
3 * Miscellaneous control functions for managing the device
4 *
5 *
6 * Copyright (C) 2007-2008 Intel Corporation. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * * Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 * * Redistributions in binary form must reproduce the above copyright
15 * notice, this list of conditions and the following disclaimer in
16 * the documentation and/or other materials provided with the
17 * distribution.
18 * * Neither the name of Intel Corporation nor the names of its
19 * contributors may be used to endorse or promote products derived
20 * from this software without specific prior written permission.
21 *
22 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
23 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
24 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
25 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
26 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
27 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
28 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
29 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
30 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
31 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
32 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
33 *
34 *
35 * Intel Corporation <linux-wimax@intel.com>
36 * Inaky Perez-Gonzalez <inaky.perez-gonzalez@intel.com>
37 * - Initial implementation
38 *
39 * This is a collection of functions used to control the device (plus
40 * a few helpers).
41 *
42 * There are utilities for handling TLV buffers, hooks on the device's
43 * reports to act on device changes of state [i2400m_report_hook()],
44 * on acks to commands [i2400m_msg_ack_hook()], a helper for sending
45 * commands to the device and blocking until a reply arrives
46 * [i2400m_msg_to_dev()], a few high level commands for manipulating
47 * the device state, powersving mode and configuration plus the
48 * routines to setup the device once communication is stablished with
49 * it [i2400m_dev_initialize()].
50 *
51 * ROADMAP
52 *
53 * i2400m_dev_initialize() Called by i2400m_dev_start()
54 * i2400m_set_init_config()
55 * i2400m_cmd_get_state()
56 * i2400m_dev_shutdown() Called by i2400m_dev_stop()
57 * i2400m_reset()
58 *
59 * i2400m_{cmd,get,set}_*()
60 * i2400m_msg_to_dev()
61 * i2400m_msg_check_status()
62 *
63 * i2400m_report_hook() Called on reception of an event
64 * i2400m_report_state_hook()
65 * i2400m_tlv_buffer_walk()
66 * i2400m_tlv_match()
67 * i2400m_report_tlv_system_state()
68 * i2400m_report_tlv_rf_switches_status()
69 * i2400m_report_tlv_media_status()
70 * i2400m_cmd_enter_powersave()
71 *
72 * i2400m_msg_ack_hook() Called on reception of a reply to a
73 * command, get or set
74 */
75
76 #include <stdarg.h>
77 #include "i2400m.h"
78 #include <linux/kernel.h>
79 #include <linux/slab.h>
80 #include <linux/wimax/i2400m.h>
81
82
83 #define D_SUBMODULE control
84 #include "debug-levels.h"
85
86 static int i2400m_idle_mode_disabled;/* 0 (idle mode enabled) by default */
87 module_param_named(idle_mode_disabled, i2400m_idle_mode_disabled, int, 0644);
88 MODULE_PARM_DESC(idle_mode_disabled,
89 "If true, the device will not enable idle mode negotiation "
90 "with the base station (when connected) to save power.");
91
92 /* 0 (power saving enabled) by default */
93 static int i2400m_power_save_disabled;
94 module_param_named(power_save_disabled, i2400m_power_save_disabled, int, 0644);
95 MODULE_PARM_DESC(power_save_disabled,
96 "If true, the driver will not tell the device to enter "
97 "power saving mode when it reports it is ready for it. "
98 "False by default (so the device is told to do power "
99 "saving).");
100
101 static int i2400m_passive_mode; /* 0 (passive mode disabled) by default */
102 module_param_named(passive_mode, i2400m_passive_mode, int, 0644);
103 MODULE_PARM_DESC(passive_mode,
104 "If true, the driver will not do any device setup "
105 "and leave it up to user space, who must be properly "
106 "setup.");
107
108
109 /*
110 * Return if a TLV is of a give type and size
111 *
112 * @tlv_hdr: pointer to the TLV
113 * @tlv_type: type of the TLV we are looking for
114 * @tlv_size: expected size of the TLV we are looking for (if -1,
115 * don't check the size). This includes the header
116 * Returns: 0 if the TLV matches
117 * < 0 if it doesn't match at all
118 * > 0 total TLV + payload size, if the type matches, but not
119 * the size
120 */
121 static
i2400m_tlv_match(const struct i2400m_tlv_hdr * tlv,enum i2400m_tlv tlv_type,ssize_t tlv_size)122 ssize_t i2400m_tlv_match(const struct i2400m_tlv_hdr *tlv,
123 enum i2400m_tlv tlv_type, ssize_t tlv_size)
124 {
125 if (le16_to_cpu(tlv->type) != tlv_type) /* Not our type? skip */
126 return -1;
127 if (tlv_size != -1
128 && le16_to_cpu(tlv->length) + sizeof(*tlv) != tlv_size) {
129 size_t size = le16_to_cpu(tlv->length) + sizeof(*tlv);
130 printk(KERN_WARNING "W: tlv type 0x%x mismatched because of "
131 "size (got %zu vs %zu expected)\n",
132 tlv_type, size, tlv_size);
133 return size;
134 }
135 return 0;
136 }
137
138
139 /*
140 * Given a buffer of TLVs, iterate over them
141 *
142 * @i2400m: device instance
143 * @tlv_buf: pointer to the beginning of the TLV buffer
144 * @buf_size: buffer size in bytes
145 * @tlv_pos: seek position; this is assumed to be a pointer returned
146 * by i2400m_tlv_buffer_walk() [and thus, validated]. The
147 * TLV returned will be the one following this one.
148 *
149 * Usage:
150 *
151 * tlv_itr = NULL;
152 * while (tlv_itr = i2400m_tlv_buffer_walk(i2400m, buf, size, tlv_itr)) {
153 * ...
154 * // Do stuff with tlv_itr, DON'T MODIFY IT
155 * ...
156 * }
157 */
158 static
i2400m_tlv_buffer_walk(struct i2400m * i2400m,const void * tlv_buf,size_t buf_size,const struct i2400m_tlv_hdr * tlv_pos)159 const struct i2400m_tlv_hdr *i2400m_tlv_buffer_walk(
160 struct i2400m *i2400m,
161 const void *tlv_buf, size_t buf_size,
162 const struct i2400m_tlv_hdr *tlv_pos)
163 {
164 struct device *dev = i2400m_dev(i2400m);
165 const struct i2400m_tlv_hdr *tlv_top = tlv_buf + buf_size;
166 size_t offset, length, avail_size;
167 unsigned type;
168
169 if (tlv_pos == NULL) /* Take the first one? */
170 tlv_pos = tlv_buf;
171 else /* Nope, the next one */
172 tlv_pos = (void *) tlv_pos
173 + le16_to_cpu(tlv_pos->length) + sizeof(*tlv_pos);
174 if (tlv_pos == tlv_top) { /* buffer done */
175 tlv_pos = NULL;
176 goto error_beyond_end;
177 }
178 if (tlv_pos > tlv_top) {
179 tlv_pos = NULL;
180 WARN_ON(1);
181 goto error_beyond_end;
182 }
183 offset = (void *) tlv_pos - (void *) tlv_buf;
184 avail_size = buf_size - offset;
185 if (avail_size < sizeof(*tlv_pos)) {
186 dev_err(dev, "HW BUG? tlv_buf %p [%zu bytes], tlv @%zu: "
187 "short header\n", tlv_buf, buf_size, offset);
188 goto error_short_header;
189 }
190 type = le16_to_cpu(tlv_pos->type);
191 length = le16_to_cpu(tlv_pos->length);
192 if (avail_size < sizeof(*tlv_pos) + length) {
193 dev_err(dev, "HW BUG? tlv_buf %p [%zu bytes], "
194 "tlv type 0x%04x @%zu: "
195 "short data (%zu bytes vs %zu needed)\n",
196 tlv_buf, buf_size, type, offset, avail_size,
197 sizeof(*tlv_pos) + length);
198 goto error_short_header;
199 }
200 error_short_header:
201 error_beyond_end:
202 return tlv_pos;
203 }
204
205
206 /*
207 * Find a TLV in a buffer of sequential TLVs
208 *
209 * @i2400m: device descriptor
210 * @tlv_hdr: pointer to the first TLV in the sequence
211 * @size: size of the buffer in bytes; all TLVs are assumed to fit
212 * fully in the buffer (otherwise we'll complain).
213 * @tlv_type: type of the TLV we are looking for
214 * @tlv_size: expected size of the TLV we are looking for (if -1,
215 * don't check the size). This includes the header
216 *
217 * Returns: NULL if the TLV is not found, otherwise a pointer to
218 * it. If the sizes don't match, an error is printed and NULL
219 * returned.
220 */
221 static
i2400m_tlv_find(struct i2400m * i2400m,const struct i2400m_tlv_hdr * tlv_hdr,size_t size,enum i2400m_tlv tlv_type,ssize_t tlv_size)222 const struct i2400m_tlv_hdr *i2400m_tlv_find(
223 struct i2400m *i2400m,
224 const struct i2400m_tlv_hdr *tlv_hdr, size_t size,
225 enum i2400m_tlv tlv_type, ssize_t tlv_size)
226 {
227 ssize_t match;
228 struct device *dev = i2400m_dev(i2400m);
229 const struct i2400m_tlv_hdr *tlv = NULL;
230 while ((tlv = i2400m_tlv_buffer_walk(i2400m, tlv_hdr, size, tlv))) {
231 match = i2400m_tlv_match(tlv, tlv_type, tlv_size);
232 if (match == 0) /* found it :) */
233 break;
234 if (match > 0)
235 dev_warn(dev, "TLV type 0x%04x found with size "
236 "mismatch (%zu vs %zu needed)\n",
237 tlv_type, match, tlv_size);
238 }
239 return tlv;
240 }
241
242
243 static const struct
244 {
245 char *msg;
246 int errno;
247 } ms_to_errno[I2400M_MS_MAX] = {
248 [I2400M_MS_DONE_OK] = { "", 0 },
249 [I2400M_MS_DONE_IN_PROGRESS] = { "", 0 },
250 [I2400M_MS_INVALID_OP] = { "invalid opcode", -ENOSYS },
251 [I2400M_MS_BAD_STATE] = { "invalid state", -EILSEQ },
252 [I2400M_MS_ILLEGAL_VALUE] = { "illegal value", -EINVAL },
253 [I2400M_MS_MISSING_PARAMS] = { "missing parameters", -ENOMSG },
254 [I2400M_MS_VERSION_ERROR] = { "bad version", -EIO },
255 [I2400M_MS_ACCESSIBILITY_ERROR] = { "accesibility error", -EIO },
256 [I2400M_MS_BUSY] = { "busy", -EBUSY },
257 [I2400M_MS_CORRUPTED_TLV] = { "corrupted TLV", -EILSEQ },
258 [I2400M_MS_UNINITIALIZED] = { "not unitialized", -EILSEQ },
259 [I2400M_MS_UNKNOWN_ERROR] = { "unknown error", -EIO },
260 [I2400M_MS_PRODUCTION_ERROR] = { "production error", -EIO },
261 [I2400M_MS_NO_RF] = { "no RF", -EIO },
262 [I2400M_MS_NOT_READY_FOR_POWERSAVE] =
263 { "not ready for powersave", -EACCES },
264 [I2400M_MS_THERMAL_CRITICAL] = { "thermal critical", -EL3HLT },
265 };
266
267
268 /*
269 * i2400m_msg_check_status - translate a message's status code
270 *
271 * @i2400m: device descriptor
272 * @l3l4_hdr: message header
273 * @strbuf: buffer to place a formatted error message (unless NULL).
274 * @strbuf_size: max amount of available space; larger messages will
275 * be truncated.
276 *
277 * Returns: errno code corresponding to the status code in @l3l4_hdr
278 * and a message in @strbuf describing the error.
279 */
i2400m_msg_check_status(const struct i2400m_l3l4_hdr * l3l4_hdr,char * strbuf,size_t strbuf_size)280 int i2400m_msg_check_status(const struct i2400m_l3l4_hdr *l3l4_hdr,
281 char *strbuf, size_t strbuf_size)
282 {
283 int result;
284 enum i2400m_ms status = le16_to_cpu(l3l4_hdr->status);
285 const char *str;
286
287 if (status == 0)
288 return 0;
289 if (status >= ARRAY_SIZE(ms_to_errno)) {
290 str = "unknown status code";
291 result = -EBADR;
292 } else {
293 str = ms_to_errno[status].msg;
294 result = ms_to_errno[status].errno;
295 }
296 if (strbuf)
297 snprintf(strbuf, strbuf_size, "%s (%d)", str, status);
298 return result;
299 }
300
301
302 /*
303 * Act on a TLV System State reported by the device
304 *
305 * @i2400m: device descriptor
306 * @ss: validated System State TLV
307 */
308 static
i2400m_report_tlv_system_state(struct i2400m * i2400m,const struct i2400m_tlv_system_state * ss)309 void i2400m_report_tlv_system_state(struct i2400m *i2400m,
310 const struct i2400m_tlv_system_state *ss)
311 {
312 struct device *dev = i2400m_dev(i2400m);
313 struct wimax_dev *wimax_dev = &i2400m->wimax_dev;
314 enum i2400m_system_state i2400m_state = le32_to_cpu(ss->state);
315
316 d_fnstart(3, dev, "(i2400m %p ss %p [%u])\n", i2400m, ss, i2400m_state);
317
318 if (i2400m->state != i2400m_state) {
319 i2400m->state = i2400m_state;
320 wake_up_all(&i2400m->state_wq);
321 }
322 switch (i2400m_state) {
323 case I2400M_SS_UNINITIALIZED:
324 case I2400M_SS_INIT:
325 case I2400M_SS_CONFIG:
326 case I2400M_SS_PRODUCTION:
327 wimax_state_change(wimax_dev, WIMAX_ST_UNINITIALIZED);
328 break;
329
330 case I2400M_SS_RF_OFF:
331 case I2400M_SS_RF_SHUTDOWN:
332 wimax_state_change(wimax_dev, WIMAX_ST_RADIO_OFF);
333 break;
334
335 case I2400M_SS_READY:
336 case I2400M_SS_STANDBY:
337 case I2400M_SS_SLEEPACTIVE:
338 wimax_state_change(wimax_dev, WIMAX_ST_READY);
339 break;
340
341 case I2400M_SS_CONNECTING:
342 case I2400M_SS_WIMAX_CONNECTED:
343 wimax_state_change(wimax_dev, WIMAX_ST_READY);
344 break;
345
346 case I2400M_SS_SCAN:
347 case I2400M_SS_OUT_OF_ZONE:
348 wimax_state_change(wimax_dev, WIMAX_ST_SCANNING);
349 break;
350
351 case I2400M_SS_IDLE:
352 d_printf(1, dev, "entering BS-negotiated idle mode\n");
353 case I2400M_SS_DISCONNECTING:
354 case I2400M_SS_DATA_PATH_CONNECTED:
355 wimax_state_change(wimax_dev, WIMAX_ST_CONNECTED);
356 break;
357
358 default:
359 /* Huh? just in case, shut it down */
360 dev_err(dev, "HW BUG? unknown state %u: shutting down\n",
361 i2400m_state);
362 i2400m_reset(i2400m, I2400M_RT_WARM);
363 break;
364 }
365 d_fnend(3, dev, "(i2400m %p ss %p [%u]) = void\n",
366 i2400m, ss, i2400m_state);
367 }
368
369
370 /*
371 * Parse and act on a TLV Media Status sent by the device
372 *
373 * @i2400m: device descriptor
374 * @ms: validated Media Status TLV
375 *
376 * This will set the carrier up on down based on the device's link
377 * report. This is done asides of what the WiMAX stack does based on
378 * the device's state as sometimes we need to do a link-renew (the BS
379 * wants us to renew a DHCP lease, for example).
380 *
381 * In fact, doc says that every time we get a link-up, we should do a
382 * DHCP negotiation...
383 */
384 static
i2400m_report_tlv_media_status(struct i2400m * i2400m,const struct i2400m_tlv_media_status * ms)385 void i2400m_report_tlv_media_status(struct i2400m *i2400m,
386 const struct i2400m_tlv_media_status *ms)
387 {
388 struct device *dev = i2400m_dev(i2400m);
389 struct wimax_dev *wimax_dev = &i2400m->wimax_dev;
390 struct net_device *net_dev = wimax_dev->net_dev;
391 enum i2400m_media_status status = le32_to_cpu(ms->media_status);
392
393 d_fnstart(3, dev, "(i2400m %p ms %p [%u])\n", i2400m, ms, status);
394
395 switch (status) {
396 case I2400M_MEDIA_STATUS_LINK_UP:
397 netif_carrier_on(net_dev);
398 break;
399 case I2400M_MEDIA_STATUS_LINK_DOWN:
400 netif_carrier_off(net_dev);
401 break;
402 /*
403 * This is the network telling us we need to retrain the DHCP
404 * lease -- so far, we are trusting the WiMAX Network Service
405 * in user space to pick this up and poke the DHCP client.
406 */
407 case I2400M_MEDIA_STATUS_LINK_RENEW:
408 netif_carrier_on(net_dev);
409 break;
410 default:
411 dev_err(dev, "HW BUG? unknown media status %u\n",
412 status);
413 }
414 d_fnend(3, dev, "(i2400m %p ms %p [%u]) = void\n",
415 i2400m, ms, status);
416 }
417
418
419 /*
420 * Process a TLV from a 'state report'
421 *
422 * @i2400m: device descriptor
423 * @tlv: pointer to the TLV header; it has been already validated for
424 * consistent size.
425 * @tag: for error messages
426 *
427 * Act on the TLVs from a 'state report'.
428 */
429 static
i2400m_report_state_parse_tlv(struct i2400m * i2400m,const struct i2400m_tlv_hdr * tlv,const char * tag)430 void i2400m_report_state_parse_tlv(struct i2400m *i2400m,
431 const struct i2400m_tlv_hdr *tlv,
432 const char *tag)
433 {
434 struct device *dev = i2400m_dev(i2400m);
435 const struct i2400m_tlv_media_status *ms;
436 const struct i2400m_tlv_system_state *ss;
437 const struct i2400m_tlv_rf_switches_status *rfss;
438
439 if (0 == i2400m_tlv_match(tlv, I2400M_TLV_SYSTEM_STATE, sizeof(*ss))) {
440 ss = container_of(tlv, typeof(*ss), hdr);
441 d_printf(2, dev, "%s: system state TLV "
442 "found (0x%04x), state 0x%08x\n",
443 tag, I2400M_TLV_SYSTEM_STATE,
444 le32_to_cpu(ss->state));
445 i2400m_report_tlv_system_state(i2400m, ss);
446 }
447 if (0 == i2400m_tlv_match(tlv, I2400M_TLV_RF_STATUS, sizeof(*rfss))) {
448 rfss = container_of(tlv, typeof(*rfss), hdr);
449 d_printf(2, dev, "%s: RF status TLV "
450 "found (0x%04x), sw 0x%02x hw 0x%02x\n",
451 tag, I2400M_TLV_RF_STATUS,
452 le32_to_cpu(rfss->sw_rf_switch),
453 le32_to_cpu(rfss->hw_rf_switch));
454 i2400m_report_tlv_rf_switches_status(i2400m, rfss);
455 }
456 if (0 == i2400m_tlv_match(tlv, I2400M_TLV_MEDIA_STATUS, sizeof(*ms))) {
457 ms = container_of(tlv, typeof(*ms), hdr);
458 d_printf(2, dev, "%s: Media Status TLV: %u\n",
459 tag, le32_to_cpu(ms->media_status));
460 i2400m_report_tlv_media_status(i2400m, ms);
461 }
462 }
463
464
465 /*
466 * Parse a 'state report' and extract information
467 *
468 * @i2400m: device descriptor
469 * @l3l4_hdr: pointer to message; it has been already validated for
470 * consistent size.
471 * @size: size of the message (header + payload). The header length
472 * declaration is assumed to be congruent with @size (as in
473 * sizeof(*l3l4_hdr) + l3l4_hdr->length == size)
474 *
475 * Walk over the TLVs in a report state and act on them.
476 */
477 static
i2400m_report_state_hook(struct i2400m * i2400m,const struct i2400m_l3l4_hdr * l3l4_hdr,size_t size,const char * tag)478 void i2400m_report_state_hook(struct i2400m *i2400m,
479 const struct i2400m_l3l4_hdr *l3l4_hdr,
480 size_t size, const char *tag)
481 {
482 struct device *dev = i2400m_dev(i2400m);
483 const struct i2400m_tlv_hdr *tlv;
484 size_t tlv_size = le16_to_cpu(l3l4_hdr->length);
485
486 d_fnstart(4, dev, "(i2400m %p, l3l4_hdr %p, size %zu, %s)\n",
487 i2400m, l3l4_hdr, size, tag);
488 tlv = NULL;
489
490 while ((tlv = i2400m_tlv_buffer_walk(i2400m, &l3l4_hdr->pl,
491 tlv_size, tlv)))
492 i2400m_report_state_parse_tlv(i2400m, tlv, tag);
493 d_fnend(4, dev, "(i2400m %p, l3l4_hdr %p, size %zu, %s) = void\n",
494 i2400m, l3l4_hdr, size, tag);
495 }
496
497
498 /*
499 * i2400m_report_hook - (maybe) act on a report
500 *
501 * @i2400m: device descriptor
502 * @l3l4_hdr: pointer to message; it has been already validated for
503 * consistent size.
504 * @size: size of the message (header + payload). The header length
505 * declaration is assumed to be congruent with @size (as in
506 * sizeof(*l3l4_hdr) + l3l4_hdr->length == size)
507 *
508 * Extract information we might need (like carrien on/off) from a
509 * device report.
510 */
i2400m_report_hook(struct i2400m * i2400m,const struct i2400m_l3l4_hdr * l3l4_hdr,size_t size)511 void i2400m_report_hook(struct i2400m *i2400m,
512 const struct i2400m_l3l4_hdr *l3l4_hdr, size_t size)
513 {
514 struct device *dev = i2400m_dev(i2400m);
515 unsigned msg_type;
516
517 d_fnstart(3, dev, "(i2400m %p l3l4_hdr %p size %zu)\n",
518 i2400m, l3l4_hdr, size);
519 /* Chew on the message, we might need some information from
520 * here */
521 msg_type = le16_to_cpu(l3l4_hdr->type);
522 switch (msg_type) {
523 case I2400M_MT_REPORT_STATE: /* carrier detection... */
524 i2400m_report_state_hook(i2400m,
525 l3l4_hdr, size, "REPORT STATE");
526 break;
527 /* If the device is ready for power save, then ask it to do
528 * it. */
529 case I2400M_MT_REPORT_POWERSAVE_READY: /* zzzzz */
530 if (l3l4_hdr->status == cpu_to_le16(I2400M_MS_DONE_OK)) {
531 if (i2400m_power_save_disabled)
532 d_printf(1, dev, "ready for powersave, "
533 "not requesting (disabled by module "
534 "parameter)\n");
535 else {
536 d_printf(1, dev, "ready for powersave, "
537 "requesting\n");
538 i2400m_cmd_enter_powersave(i2400m);
539 }
540 }
541 break;
542 }
543 d_fnend(3, dev, "(i2400m %p l3l4_hdr %p size %zu) = void\n",
544 i2400m, l3l4_hdr, size);
545 }
546
547
548 /*
549 * i2400m_msg_ack_hook - process cmd/set/get ack for internal status
550 *
551 * @i2400m: device descriptor
552 * @l3l4_hdr: pointer to message; it has been already validated for
553 * consistent size.
554 * @size: size of the message
555 *
556 * Extract information we might need from acks to commands and act on
557 * it. This is akin to i2400m_report_hook(). Note most of this
558 * processing should be done in the function that calls the
559 * command. This is here for some cases where it can't happen...
560 */
i2400m_msg_ack_hook(struct i2400m * i2400m,const struct i2400m_l3l4_hdr * l3l4_hdr,size_t size)561 static void i2400m_msg_ack_hook(struct i2400m *i2400m,
562 const struct i2400m_l3l4_hdr *l3l4_hdr,
563 size_t size)
564 {
565 int result;
566 struct device *dev = i2400m_dev(i2400m);
567 unsigned ack_type, ack_status;
568 char strerr[32];
569
570 /* Chew on the message, we might need some information from
571 * here */
572 ack_type = le16_to_cpu(l3l4_hdr->type);
573 ack_status = le16_to_cpu(l3l4_hdr->status);
574 switch (ack_type) {
575 case I2400M_MT_CMD_ENTER_POWERSAVE:
576 /* This is just left here for the sake of example, as
577 * the processing is done somewhere else. */
578 if (0) {
579 result = i2400m_msg_check_status(
580 l3l4_hdr, strerr, sizeof(strerr));
581 if (result >= 0)
582 d_printf(1, dev, "ready for power save: %zd\n",
583 size);
584 }
585 break;
586 }
587 }
588
589
590 /*
591 * i2400m_msg_size_check() - verify message size and header are congruent
592 *
593 * It is ok if the total message size is larger than the expected
594 * size, as there can be padding.
595 */
i2400m_msg_size_check(struct i2400m * i2400m,const struct i2400m_l3l4_hdr * l3l4_hdr,size_t msg_size)596 int i2400m_msg_size_check(struct i2400m *i2400m,
597 const struct i2400m_l3l4_hdr *l3l4_hdr,
598 size_t msg_size)
599 {
600 int result;
601 struct device *dev = i2400m_dev(i2400m);
602 size_t expected_size;
603 d_fnstart(4, dev, "(i2400m %p l3l4_hdr %p msg_size %zu)\n",
604 i2400m, l3l4_hdr, msg_size);
605 if (msg_size < sizeof(*l3l4_hdr)) {
606 dev_err(dev, "bad size for message header "
607 "(expected at least %zu, got %zu)\n",
608 (size_t) sizeof(*l3l4_hdr), msg_size);
609 result = -EIO;
610 goto error_hdr_size;
611 }
612 expected_size = le16_to_cpu(l3l4_hdr->length) + sizeof(*l3l4_hdr);
613 if (msg_size < expected_size) {
614 dev_err(dev, "bad size for message code 0x%04x (expected %zu, "
615 "got %zu)\n", le16_to_cpu(l3l4_hdr->type),
616 expected_size, msg_size);
617 result = -EIO;
618 } else
619 result = 0;
620 error_hdr_size:
621 d_fnend(4, dev,
622 "(i2400m %p l3l4_hdr %p msg_size %zu) = %d\n",
623 i2400m, l3l4_hdr, msg_size, result);
624 return result;
625 }
626
627
628
629 /*
630 * Cancel a wait for a command ACK
631 *
632 * @i2400m: device descriptor
633 * @code: [negative] errno code to cancel with (don't use
634 * -EINPROGRESS)
635 *
636 * If there is an ack already filled out, free it.
637 */
i2400m_msg_to_dev_cancel_wait(struct i2400m * i2400m,int code)638 void i2400m_msg_to_dev_cancel_wait(struct i2400m *i2400m, int code)
639 {
640 struct sk_buff *ack_skb;
641 unsigned long flags;
642
643 spin_lock_irqsave(&i2400m->rx_lock, flags);
644 ack_skb = i2400m->ack_skb;
645 if (ack_skb && !IS_ERR(ack_skb))
646 kfree_skb(ack_skb);
647 i2400m->ack_skb = ERR_PTR(code);
648 spin_unlock_irqrestore(&i2400m->rx_lock, flags);
649 }
650
651
652 /**
653 * i2400m_msg_to_dev - Send a control message to the device and get a response
654 *
655 * @i2400m: device descriptor
656 *
657 * @msg_skb: an skb *
658 *
659 * @buf: pointer to the buffer containing the message to be sent; it
660 * has to start with a &struct i2400M_l3l4_hdr and then
661 * followed by the payload. Once this function returns, the
662 * buffer can be reused.
663 *
664 * @buf_len: buffer size
665 *
666 * Returns:
667 *
668 * Pointer to skb containing the ack message. You need to check the
669 * pointer with IS_ERR(), as it might be an error code. Error codes
670 * could happen because:
671 *
672 * - the message wasn't formatted correctly
673 * - couldn't send the message
674 * - failed waiting for a response
675 * - the ack message wasn't formatted correctly
676 *
677 * The returned skb has been allocated with wimax_msg_to_user_alloc(),
678 * it contains the response in a netlink attribute and is ready to be
679 * passed up to user space with wimax_msg_to_user_send(). To access
680 * the payload and its length, use wimax_msg_{data,len}() on the skb.
681 *
682 * The skb has to be freed with kfree_skb() once done.
683 *
684 * Description:
685 *
686 * This function delivers a message/command to the device and waits
687 * for an ack to be received. The format is described in
688 * linux/wimax/i2400m.h. In summary, a command/get/set is followed by an
689 * ack.
690 *
691 * This function will not check the ack status, that's left up to the
692 * caller. Once done with the ack skb, it has to be kfree_skb()ed.
693 *
694 * The i2400m handles only one message at the same time, thus we need
695 * the mutex to exclude other players.
696 *
697 * We write the message and then wait for an answer to come back. The
698 * RX path intercepts control messages and handles them in
699 * i2400m_rx_ctl(). Reports (notifications) are (maybe) processed
700 * locally and then forwarded (as needed) to user space on the WiMAX
701 * stack message pipe. Acks are saved and passed back to us through an
702 * skb in i2400m->ack_skb which is ready to be given to generic
703 * netlink if need be.
704 */
i2400m_msg_to_dev(struct i2400m * i2400m,const void * buf,size_t buf_len)705 struct sk_buff *i2400m_msg_to_dev(struct i2400m *i2400m,
706 const void *buf, size_t buf_len)
707 {
708 int result;
709 struct device *dev = i2400m_dev(i2400m);
710 const struct i2400m_l3l4_hdr *msg_l3l4_hdr;
711 struct sk_buff *ack_skb;
712 const struct i2400m_l3l4_hdr *ack_l3l4_hdr;
713 size_t ack_len;
714 int ack_timeout;
715 unsigned msg_type;
716 unsigned long flags;
717
718 d_fnstart(3, dev, "(i2400m %p buf %p len %zu)\n",
719 i2400m, buf, buf_len);
720
721 rmb(); /* Make sure we see what i2400m_dev_reset_handle() */
722 if (i2400m->boot_mode)
723 return ERR_PTR(-EL3RST);
724
725 msg_l3l4_hdr = buf;
726 /* Check msg & payload consistency */
727 result = i2400m_msg_size_check(i2400m, msg_l3l4_hdr, buf_len);
728 if (result < 0)
729 goto error_bad_msg;
730 msg_type = le16_to_cpu(msg_l3l4_hdr->type);
731 d_printf(1, dev, "CMD/GET/SET 0x%04x %zu bytes\n",
732 msg_type, buf_len);
733 d_dump(2, dev, buf, buf_len);
734
735 /* Setup the completion, ack_skb ("we are waiting") and send
736 * the message to the device */
737 mutex_lock(&i2400m->msg_mutex);
738 spin_lock_irqsave(&i2400m->rx_lock, flags);
739 i2400m->ack_skb = ERR_PTR(-EINPROGRESS);
740 spin_unlock_irqrestore(&i2400m->rx_lock, flags);
741 init_completion(&i2400m->msg_completion);
742 result = i2400m_tx(i2400m, buf, buf_len, I2400M_PT_CTRL);
743 if (result < 0) {
744 dev_err(dev, "can't send message 0x%04x: %d\n",
745 le16_to_cpu(msg_l3l4_hdr->type), result);
746 goto error_tx;
747 }
748
749 /* Some commands take longer to execute because of crypto ops,
750 * so we give them some more leeway on timeout */
751 switch (msg_type) {
752 case I2400M_MT_GET_TLS_OPERATION_RESULT:
753 case I2400M_MT_CMD_SEND_EAP_RESPONSE:
754 ack_timeout = 5 * HZ;
755 break;
756 default:
757 ack_timeout = HZ;
758 }
759
760 if (unlikely(i2400m->trace_msg_from_user))
761 wimax_msg(&i2400m->wimax_dev, "echo", buf, buf_len, GFP_KERNEL);
762 /* The RX path in rx.c will put any response for this message
763 * in i2400m->ack_skb and wake us up. If we cancel the wait,
764 * we need to change the value of i2400m->ack_skb to something
765 * not -EINPROGRESS so RX knows there is no one waiting. */
766 result = wait_for_completion_interruptible_timeout(
767 &i2400m->msg_completion, ack_timeout);
768 if (result == 0) {
769 dev_err(dev, "timeout waiting for reply to message 0x%04x\n",
770 msg_type);
771 result = -ETIMEDOUT;
772 i2400m_msg_to_dev_cancel_wait(i2400m, result);
773 goto error_wait_for_completion;
774 } else if (result < 0) {
775 dev_err(dev, "error waiting for reply to message 0x%04x: %d\n",
776 msg_type, result);
777 i2400m_msg_to_dev_cancel_wait(i2400m, result);
778 goto error_wait_for_completion;
779 }
780
781 /* Pull out the ack data from i2400m->ack_skb -- see if it is
782 * an error and act accordingly */
783 spin_lock_irqsave(&i2400m->rx_lock, flags);
784 ack_skb = i2400m->ack_skb;
785 if (IS_ERR(ack_skb))
786 result = PTR_ERR(ack_skb);
787 else
788 result = 0;
789 i2400m->ack_skb = NULL;
790 spin_unlock_irqrestore(&i2400m->rx_lock, flags);
791 if (result < 0)
792 goto error_ack_status;
793 ack_l3l4_hdr = wimax_msg_data_len(ack_skb, &ack_len);
794
795 /* Check the ack and deliver it if it is ok */
796 if (unlikely(i2400m->trace_msg_from_user))
797 wimax_msg(&i2400m->wimax_dev, "echo",
798 ack_l3l4_hdr, ack_len, GFP_KERNEL);
799 result = i2400m_msg_size_check(i2400m, ack_l3l4_hdr, ack_len);
800 if (result < 0) {
801 dev_err(dev, "HW BUG? reply to message 0x%04x: %d\n",
802 msg_type, result);
803 goto error_bad_ack_len;
804 }
805 if (msg_type != le16_to_cpu(ack_l3l4_hdr->type)) {
806 dev_err(dev, "HW BUG? bad reply 0x%04x to message 0x%04x\n",
807 le16_to_cpu(ack_l3l4_hdr->type), msg_type);
808 result = -EIO;
809 goto error_bad_ack_type;
810 }
811 i2400m_msg_ack_hook(i2400m, ack_l3l4_hdr, ack_len);
812 mutex_unlock(&i2400m->msg_mutex);
813 d_fnend(3, dev, "(i2400m %p buf %p len %zu) = %p\n",
814 i2400m, buf, buf_len, ack_skb);
815 return ack_skb;
816
817 error_bad_ack_type:
818 error_bad_ack_len:
819 kfree_skb(ack_skb);
820 error_ack_status:
821 error_wait_for_completion:
822 error_tx:
823 mutex_unlock(&i2400m->msg_mutex);
824 error_bad_msg:
825 d_fnend(3, dev, "(i2400m %p buf %p len %zu) = %d\n",
826 i2400m, buf, buf_len, result);
827 return ERR_PTR(result);
828 }
829
830
831 /*
832 * Definitions for the Enter Power Save command
833 *
834 * The Enter Power Save command requests the device to go into power
835 * saving mode. The device will ack or nak the command depending on it
836 * being ready for it. If it acks, we tell the USB subsystem to
837 *
838 * As well, the device might request to go into power saving mode by
839 * sending a report (REPORT_POWERSAVE_READY), in which case, we issue
840 * this command. The hookups in the RX coder allow
841 */
842 enum {
843 I2400M_WAKEUP_ENABLED = 0x01,
844 I2400M_WAKEUP_DISABLED = 0x02,
845 I2400M_TLV_TYPE_WAKEUP_MODE = 144,
846 };
847
848 struct i2400m_cmd_enter_power_save {
849 struct i2400m_l3l4_hdr hdr;
850 struct i2400m_tlv_hdr tlv;
851 __le32 val;
852 } __packed;
853
854
855 /*
856 * Request entering power save
857 *
858 * This command is (mainly) executed when the device indicates that it
859 * is ready to go into powersave mode via a REPORT_POWERSAVE_READY.
860 */
i2400m_cmd_enter_powersave(struct i2400m * i2400m)861 int i2400m_cmd_enter_powersave(struct i2400m *i2400m)
862 {
863 int result;
864 struct device *dev = i2400m_dev(i2400m);
865 struct sk_buff *ack_skb;
866 struct i2400m_cmd_enter_power_save *cmd;
867 char strerr[32];
868
869 result = -ENOMEM;
870 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
871 if (cmd == NULL)
872 goto error_alloc;
873 cmd->hdr.type = cpu_to_le16(I2400M_MT_CMD_ENTER_POWERSAVE);
874 cmd->hdr.length = cpu_to_le16(sizeof(*cmd) - sizeof(cmd->hdr));
875 cmd->hdr.version = cpu_to_le16(I2400M_L3L4_VERSION);
876 cmd->tlv.type = cpu_to_le16(I2400M_TLV_TYPE_WAKEUP_MODE);
877 cmd->tlv.length = cpu_to_le16(sizeof(cmd->val));
878 cmd->val = cpu_to_le32(I2400M_WAKEUP_ENABLED);
879
880 ack_skb = i2400m_msg_to_dev(i2400m, cmd, sizeof(*cmd));
881 result = PTR_ERR(ack_skb);
882 if (IS_ERR(ack_skb)) {
883 dev_err(dev, "Failed to issue 'Enter power save' command: %d\n",
884 result);
885 goto error_msg_to_dev;
886 }
887 result = i2400m_msg_check_status(wimax_msg_data(ack_skb),
888 strerr, sizeof(strerr));
889 if (result == -EACCES)
890 d_printf(1, dev, "Cannot enter power save mode\n");
891 else if (result < 0)
892 dev_err(dev, "'Enter power save' (0x%04x) command failed: "
893 "%d - %s\n", I2400M_MT_CMD_ENTER_POWERSAVE,
894 result, strerr);
895 else
896 d_printf(1, dev, "device ready to power save\n");
897 kfree_skb(ack_skb);
898 error_msg_to_dev:
899 kfree(cmd);
900 error_alloc:
901 return result;
902 }
903 EXPORT_SYMBOL_GPL(i2400m_cmd_enter_powersave);
904
905
906 /*
907 * Definitions for getting device information
908 */
909 enum {
910 I2400M_TLV_DETAILED_DEVICE_INFO = 140
911 };
912
913 /**
914 * i2400m_get_device_info - Query the device for detailed device information
915 *
916 * @i2400m: device descriptor
917 *
918 * Returns: an skb whose skb->data points to a 'struct
919 * i2400m_tlv_detailed_device_info'. When done, kfree_skb() it. The
920 * skb is *guaranteed* to contain the whole TLV data structure.
921 *
922 * On error, IS_ERR(skb) is true and ERR_PTR(skb) is the error
923 * code.
924 */
i2400m_get_device_info(struct i2400m * i2400m)925 struct sk_buff *i2400m_get_device_info(struct i2400m *i2400m)
926 {
927 int result;
928 struct device *dev = i2400m_dev(i2400m);
929 struct sk_buff *ack_skb;
930 struct i2400m_l3l4_hdr *cmd;
931 const struct i2400m_l3l4_hdr *ack;
932 size_t ack_len;
933 const struct i2400m_tlv_hdr *tlv;
934 const struct i2400m_tlv_detailed_device_info *ddi;
935 char strerr[32];
936
937 ack_skb = ERR_PTR(-ENOMEM);
938 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
939 if (cmd == NULL)
940 goto error_alloc;
941 cmd->type = cpu_to_le16(I2400M_MT_GET_DEVICE_INFO);
942 cmd->length = 0;
943 cmd->version = cpu_to_le16(I2400M_L3L4_VERSION);
944
945 ack_skb = i2400m_msg_to_dev(i2400m, cmd, sizeof(*cmd));
946 if (IS_ERR(ack_skb)) {
947 dev_err(dev, "Failed to issue 'get device info' command: %ld\n",
948 PTR_ERR(ack_skb));
949 goto error_msg_to_dev;
950 }
951 ack = wimax_msg_data_len(ack_skb, &ack_len);
952 result = i2400m_msg_check_status(ack, strerr, sizeof(strerr));
953 if (result < 0) {
954 dev_err(dev, "'get device info' (0x%04x) command failed: "
955 "%d - %s\n", I2400M_MT_GET_DEVICE_INFO, result,
956 strerr);
957 goto error_cmd_failed;
958 }
959 tlv = i2400m_tlv_find(i2400m, ack->pl, ack_len - sizeof(*ack),
960 I2400M_TLV_DETAILED_DEVICE_INFO, sizeof(*ddi));
961 if (tlv == NULL) {
962 dev_err(dev, "GET DEVICE INFO: "
963 "detailed device info TLV not found (0x%04x)\n",
964 I2400M_TLV_DETAILED_DEVICE_INFO);
965 result = -EIO;
966 goto error_no_tlv;
967 }
968 skb_pull(ack_skb, (void *) tlv - (void *) ack_skb->data);
969 error_msg_to_dev:
970 kfree(cmd);
971 error_alloc:
972 return ack_skb;
973
974 error_no_tlv:
975 error_cmd_failed:
976 kfree_skb(ack_skb);
977 kfree(cmd);
978 return ERR_PTR(result);
979 }
980
981
982 /* Firmware interface versions we support */
983 enum {
984 I2400M_HDIv_MAJOR = 9,
985 I2400M_HDIv_MINOR = 1,
986 I2400M_HDIv_MINOR_2 = 2,
987 };
988
989
990 /**
991 * i2400m_firmware_check - check firmware versions are compatible with
992 * the driver
993 *
994 * @i2400m: device descriptor
995 *
996 * Returns: 0 if ok, < 0 errno code an error and a message in the
997 * kernel log.
998 *
999 * Long function, but quite simple; first chunk launches the command
1000 * and double checks the reply for the right TLV. Then we process the
1001 * TLV (where the meat is).
1002 *
1003 * Once we process the TLV that gives us the firmware's interface
1004 * version, we encode it and save it in i2400m->fw_version for future
1005 * reference.
1006 */
i2400m_firmware_check(struct i2400m * i2400m)1007 int i2400m_firmware_check(struct i2400m *i2400m)
1008 {
1009 int result;
1010 struct device *dev = i2400m_dev(i2400m);
1011 struct sk_buff *ack_skb;
1012 struct i2400m_l3l4_hdr *cmd;
1013 const struct i2400m_l3l4_hdr *ack;
1014 size_t ack_len;
1015 const struct i2400m_tlv_hdr *tlv;
1016 const struct i2400m_tlv_l4_message_versions *l4mv;
1017 char strerr[32];
1018 unsigned major, minor, branch;
1019
1020 result = -ENOMEM;
1021 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
1022 if (cmd == NULL)
1023 goto error_alloc;
1024 cmd->type = cpu_to_le16(I2400M_MT_GET_LM_VERSION);
1025 cmd->length = 0;
1026 cmd->version = cpu_to_le16(I2400M_L3L4_VERSION);
1027
1028 ack_skb = i2400m_msg_to_dev(i2400m, cmd, sizeof(*cmd));
1029 if (IS_ERR(ack_skb)) {
1030 result = PTR_ERR(ack_skb);
1031 dev_err(dev, "Failed to issue 'get lm version' command: %-d\n",
1032 result);
1033 goto error_msg_to_dev;
1034 }
1035 ack = wimax_msg_data_len(ack_skb, &ack_len);
1036 result = i2400m_msg_check_status(ack, strerr, sizeof(strerr));
1037 if (result < 0) {
1038 dev_err(dev, "'get lm version' (0x%04x) command failed: "
1039 "%d - %s\n", I2400M_MT_GET_LM_VERSION, result,
1040 strerr);
1041 goto error_cmd_failed;
1042 }
1043 tlv = i2400m_tlv_find(i2400m, ack->pl, ack_len - sizeof(*ack),
1044 I2400M_TLV_L4_MESSAGE_VERSIONS, sizeof(*l4mv));
1045 if (tlv == NULL) {
1046 dev_err(dev, "get lm version: TLV not found (0x%04x)\n",
1047 I2400M_TLV_L4_MESSAGE_VERSIONS);
1048 result = -EIO;
1049 goto error_no_tlv;
1050 }
1051 l4mv = container_of(tlv, typeof(*l4mv), hdr);
1052 major = le16_to_cpu(l4mv->major);
1053 minor = le16_to_cpu(l4mv->minor);
1054 branch = le16_to_cpu(l4mv->branch);
1055 result = -EINVAL;
1056 if (major != I2400M_HDIv_MAJOR) {
1057 dev_err(dev, "unsupported major fw version "
1058 "%u.%u.%u\n", major, minor, branch);
1059 goto error_bad_major;
1060 }
1061 result = 0;
1062 if (minor < I2400M_HDIv_MINOR_2 && minor > I2400M_HDIv_MINOR)
1063 dev_warn(dev, "untested minor fw version %u.%u.%u\n",
1064 major, minor, branch);
1065 /* Yes, we ignore the branch -- we don't have to track it */
1066 i2400m->fw_version = major << 16 | minor;
1067 dev_info(dev, "firmware interface version %u.%u.%u\n",
1068 major, minor, branch);
1069 error_bad_major:
1070 error_no_tlv:
1071 error_cmd_failed:
1072 kfree_skb(ack_skb);
1073 error_msg_to_dev:
1074 kfree(cmd);
1075 error_alloc:
1076 return result;
1077 }
1078
1079
1080 /*
1081 * Send an DoExitIdle command to the device to ask it to go out of
1082 * basestation-idle mode.
1083 *
1084 * @i2400m: device descriptor
1085 *
1086 * This starts a renegotiation with the basestation that might involve
1087 * another crypto handshake with user space.
1088 *
1089 * Returns: 0 if ok, < 0 errno code on error.
1090 */
i2400m_cmd_exit_idle(struct i2400m * i2400m)1091 int i2400m_cmd_exit_idle(struct i2400m *i2400m)
1092 {
1093 int result;
1094 struct device *dev = i2400m_dev(i2400m);
1095 struct sk_buff *ack_skb;
1096 struct i2400m_l3l4_hdr *cmd;
1097 char strerr[32];
1098
1099 result = -ENOMEM;
1100 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
1101 if (cmd == NULL)
1102 goto error_alloc;
1103 cmd->type = cpu_to_le16(I2400M_MT_CMD_EXIT_IDLE);
1104 cmd->length = 0;
1105 cmd->version = cpu_to_le16(I2400M_L3L4_VERSION);
1106
1107 ack_skb = i2400m_msg_to_dev(i2400m, cmd, sizeof(*cmd));
1108 result = PTR_ERR(ack_skb);
1109 if (IS_ERR(ack_skb)) {
1110 dev_err(dev, "Failed to issue 'exit idle' command: %d\n",
1111 result);
1112 goto error_msg_to_dev;
1113 }
1114 result = i2400m_msg_check_status(wimax_msg_data(ack_skb),
1115 strerr, sizeof(strerr));
1116 kfree_skb(ack_skb);
1117 error_msg_to_dev:
1118 kfree(cmd);
1119 error_alloc:
1120 return result;
1121
1122 }
1123
1124
1125 /*
1126 * Query the device for its state, update the WiMAX stack's idea of it
1127 *
1128 * @i2400m: device descriptor
1129 *
1130 * Returns: 0 if ok, < 0 errno code on error.
1131 *
1132 * Executes a 'Get State' command and parses the returned
1133 * TLVs.
1134 *
1135 * Because this is almost identical to a 'Report State', we use
1136 * i2400m_report_state_hook() to parse the answer. This will set the
1137 * carrier state, as well as the RF Kill switches state.
1138 */
i2400m_cmd_get_state(struct i2400m * i2400m)1139 static int i2400m_cmd_get_state(struct i2400m *i2400m)
1140 {
1141 int result;
1142 struct device *dev = i2400m_dev(i2400m);
1143 struct sk_buff *ack_skb;
1144 struct i2400m_l3l4_hdr *cmd;
1145 const struct i2400m_l3l4_hdr *ack;
1146 size_t ack_len;
1147 char strerr[32];
1148
1149 result = -ENOMEM;
1150 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
1151 if (cmd == NULL)
1152 goto error_alloc;
1153 cmd->type = cpu_to_le16(I2400M_MT_GET_STATE);
1154 cmd->length = 0;
1155 cmd->version = cpu_to_le16(I2400M_L3L4_VERSION);
1156
1157 ack_skb = i2400m_msg_to_dev(i2400m, cmd, sizeof(*cmd));
1158 if (IS_ERR(ack_skb)) {
1159 dev_err(dev, "Failed to issue 'get state' command: %ld\n",
1160 PTR_ERR(ack_skb));
1161 result = PTR_ERR(ack_skb);
1162 goto error_msg_to_dev;
1163 }
1164 ack = wimax_msg_data_len(ack_skb, &ack_len);
1165 result = i2400m_msg_check_status(ack, strerr, sizeof(strerr));
1166 if (result < 0) {
1167 dev_err(dev, "'get state' (0x%04x) command failed: "
1168 "%d - %s\n", I2400M_MT_GET_STATE, result, strerr);
1169 goto error_cmd_failed;
1170 }
1171 i2400m_report_state_hook(i2400m, ack, ack_len - sizeof(*ack),
1172 "GET STATE");
1173 result = 0;
1174 kfree_skb(ack_skb);
1175 error_cmd_failed:
1176 error_msg_to_dev:
1177 kfree(cmd);
1178 error_alloc:
1179 return result;
1180 }
1181
1182 /**
1183 * Set basic configuration settings
1184 *
1185 * @i2400m: device descriptor
1186 * @args: array of pointers to the TLV headers to send for
1187 * configuration (each followed by its payload).
1188 * TLV headers and payloads must be properly initialized, with the
1189 * right endianess (LE).
1190 * @arg_size: number of pointers in the @args array
1191 */
i2400m_set_init_config(struct i2400m * i2400m,const struct i2400m_tlv_hdr ** arg,size_t args)1192 static int i2400m_set_init_config(struct i2400m *i2400m,
1193 const struct i2400m_tlv_hdr **arg,
1194 size_t args)
1195 {
1196 int result;
1197 struct device *dev = i2400m_dev(i2400m);
1198 struct sk_buff *ack_skb;
1199 struct i2400m_l3l4_hdr *cmd;
1200 char strerr[32];
1201 unsigned argc, argsize, tlv_size;
1202 const struct i2400m_tlv_hdr *tlv_hdr;
1203 void *buf, *itr;
1204
1205 d_fnstart(3, dev, "(i2400m %p arg %p args %zu)\n", i2400m, arg, args);
1206 result = 0;
1207 if (args == 0)
1208 goto none;
1209 /* Compute the size of all the TLVs, so we can alloc a
1210 * contiguous command block to copy them. */
1211 argsize = 0;
1212 for (argc = 0; argc < args; argc++) {
1213 tlv_hdr = arg[argc];
1214 argsize += sizeof(*tlv_hdr) + le16_to_cpu(tlv_hdr->length);
1215 }
1216 WARN_ON(argc >= 9); /* As per hw spec */
1217
1218 /* Alloc the space for the command and TLVs*/
1219 result = -ENOMEM;
1220 buf = kzalloc(sizeof(*cmd) + argsize, GFP_KERNEL);
1221 if (buf == NULL)
1222 goto error_alloc;
1223 cmd = buf;
1224 cmd->type = cpu_to_le16(I2400M_MT_SET_INIT_CONFIG);
1225 cmd->length = cpu_to_le16(argsize);
1226 cmd->version = cpu_to_le16(I2400M_L3L4_VERSION);
1227
1228 /* Copy the TLVs */
1229 itr = buf + sizeof(*cmd);
1230 for (argc = 0; argc < args; argc++) {
1231 tlv_hdr = arg[argc];
1232 tlv_size = sizeof(*tlv_hdr) + le16_to_cpu(tlv_hdr->length);
1233 memcpy(itr, tlv_hdr, tlv_size);
1234 itr += tlv_size;
1235 }
1236
1237 /* Send the message! */
1238 ack_skb = i2400m_msg_to_dev(i2400m, buf, sizeof(*cmd) + argsize);
1239 result = PTR_ERR(ack_skb);
1240 if (IS_ERR(ack_skb)) {
1241 dev_err(dev, "Failed to issue 'init config' command: %d\n",
1242 result);
1243
1244 goto error_msg_to_dev;
1245 }
1246 result = i2400m_msg_check_status(wimax_msg_data(ack_skb),
1247 strerr, sizeof(strerr));
1248 if (result < 0)
1249 dev_err(dev, "'init config' (0x%04x) command failed: %d - %s\n",
1250 I2400M_MT_SET_INIT_CONFIG, result, strerr);
1251 kfree_skb(ack_skb);
1252 error_msg_to_dev:
1253 kfree(buf);
1254 error_alloc:
1255 none:
1256 d_fnend(3, dev, "(i2400m %p arg %p args %zu) = %d\n",
1257 i2400m, arg, args, result);
1258 return result;
1259
1260 }
1261
1262 /**
1263 * i2400m_set_idle_timeout - Set the device's idle mode timeout
1264 *
1265 * @i2400m: i2400m device descriptor
1266 *
1267 * @msecs: milliseconds for the timeout to enter idle mode. Between
1268 * 100 to 300000 (5m); 0 to disable. In increments of 100.
1269 *
1270 * After this @msecs of the link being idle (no data being sent or
1271 * received), the device will negotiate with the basestation entering
1272 * idle mode for saving power. The connection is maintained, but
1273 * getting out of it (done in tx.c) will require some negotiation,
1274 * possible crypto re-handshake and a possible DHCP re-lease.
1275 *
1276 * Only available if fw_version >= 0x00090002.
1277 *
1278 * Returns: 0 if ok, < 0 errno code on error.
1279 */
i2400m_set_idle_timeout(struct i2400m * i2400m,unsigned msecs)1280 int i2400m_set_idle_timeout(struct i2400m *i2400m, unsigned msecs)
1281 {
1282 int result;
1283 struct device *dev = i2400m_dev(i2400m);
1284 struct sk_buff *ack_skb;
1285 struct {
1286 struct i2400m_l3l4_hdr hdr;
1287 struct i2400m_tlv_config_idle_timeout cit;
1288 } *cmd;
1289 const struct i2400m_l3l4_hdr *ack;
1290 size_t ack_len;
1291 char strerr[32];
1292
1293 result = -ENOSYS;
1294 if (i2400m_le_v1_3(i2400m))
1295 goto error_alloc;
1296 result = -ENOMEM;
1297 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
1298 if (cmd == NULL)
1299 goto error_alloc;
1300 cmd->hdr.type = cpu_to_le16(I2400M_MT_GET_STATE);
1301 cmd->hdr.length = cpu_to_le16(sizeof(*cmd) - sizeof(cmd->hdr));
1302 cmd->hdr.version = cpu_to_le16(I2400M_L3L4_VERSION);
1303
1304 cmd->cit.hdr.type =
1305 cpu_to_le16(I2400M_TLV_CONFIG_IDLE_TIMEOUT);
1306 cmd->cit.hdr.length = cpu_to_le16(sizeof(cmd->cit.timeout));
1307 cmd->cit.timeout = cpu_to_le32(msecs);
1308
1309 ack_skb = i2400m_msg_to_dev(i2400m, cmd, sizeof(*cmd));
1310 if (IS_ERR(ack_skb)) {
1311 dev_err(dev, "Failed to issue 'set idle timeout' command: "
1312 "%ld\n", PTR_ERR(ack_skb));
1313 result = PTR_ERR(ack_skb);
1314 goto error_msg_to_dev;
1315 }
1316 ack = wimax_msg_data_len(ack_skb, &ack_len);
1317 result = i2400m_msg_check_status(ack, strerr, sizeof(strerr));
1318 if (result < 0) {
1319 dev_err(dev, "'set idle timeout' (0x%04x) command failed: "
1320 "%d - %s\n", I2400M_MT_GET_STATE, result, strerr);
1321 goto error_cmd_failed;
1322 }
1323 result = 0;
1324 kfree_skb(ack_skb);
1325 error_cmd_failed:
1326 error_msg_to_dev:
1327 kfree(cmd);
1328 error_alloc:
1329 return result;
1330 }
1331
1332
1333 /**
1334 * i2400m_dev_initialize - Initialize the device once communications are ready
1335 *
1336 * @i2400m: device descriptor
1337 *
1338 * Returns: 0 if ok, < 0 errno code on error.
1339 *
1340 * Configures the device to work the way we like it.
1341 *
1342 * At the point of this call, the device is registered with the WiMAX
1343 * and netdev stacks, firmware is uploaded and we can talk to the
1344 * device normally.
1345 */
i2400m_dev_initialize(struct i2400m * i2400m)1346 int i2400m_dev_initialize(struct i2400m *i2400m)
1347 {
1348 int result;
1349 struct device *dev = i2400m_dev(i2400m);
1350 struct i2400m_tlv_config_idle_parameters idle_params;
1351 struct i2400m_tlv_config_idle_timeout idle_timeout;
1352 struct i2400m_tlv_config_d2h_data_format df;
1353 struct i2400m_tlv_config_dl_host_reorder dlhr;
1354 const struct i2400m_tlv_hdr *args[9];
1355 unsigned argc = 0;
1356
1357 d_fnstart(3, dev, "(i2400m %p)\n", i2400m);
1358 if (i2400m_passive_mode)
1359 goto out_passive;
1360 /* Disable idle mode? (enabled by default) */
1361 if (i2400m_idle_mode_disabled) {
1362 if (i2400m_le_v1_3(i2400m)) {
1363 idle_params.hdr.type =
1364 cpu_to_le16(I2400M_TLV_CONFIG_IDLE_PARAMETERS);
1365 idle_params.hdr.length = cpu_to_le16(
1366 sizeof(idle_params) - sizeof(idle_params.hdr));
1367 idle_params.idle_timeout = 0;
1368 idle_params.idle_paging_interval = 0;
1369 args[argc++] = &idle_params.hdr;
1370 } else {
1371 idle_timeout.hdr.type =
1372 cpu_to_le16(I2400M_TLV_CONFIG_IDLE_TIMEOUT);
1373 idle_timeout.hdr.length = cpu_to_le16(
1374 sizeof(idle_timeout) - sizeof(idle_timeout.hdr));
1375 idle_timeout.timeout = 0;
1376 args[argc++] = &idle_timeout.hdr;
1377 }
1378 }
1379 if (i2400m_ge_v1_4(i2400m)) {
1380 /* Enable extended RX data format? */
1381 df.hdr.type =
1382 cpu_to_le16(I2400M_TLV_CONFIG_D2H_DATA_FORMAT);
1383 df.hdr.length = cpu_to_le16(
1384 sizeof(df) - sizeof(df.hdr));
1385 df.format = 1;
1386 args[argc++] = &df.hdr;
1387
1388 /* Enable RX data reordering?
1389 * (switch flipped in rx.c:i2400m_rx_setup() after fw upload) */
1390 if (i2400m->rx_reorder) {
1391 dlhr.hdr.type =
1392 cpu_to_le16(I2400M_TLV_CONFIG_DL_HOST_REORDER);
1393 dlhr.hdr.length = cpu_to_le16(
1394 sizeof(dlhr) - sizeof(dlhr.hdr));
1395 dlhr.reorder = 1;
1396 args[argc++] = &dlhr.hdr;
1397 }
1398 }
1399 result = i2400m_set_init_config(i2400m, args, argc);
1400 if (result < 0)
1401 goto error;
1402 out_passive:
1403 /*
1404 * Update state: Here it just calls a get state; parsing the
1405 * result (System State TLV and RF Status TLV [done in the rx
1406 * path hooks]) will set the hardware and software RF-Kill
1407 * status.
1408 */
1409 result = i2400m_cmd_get_state(i2400m);
1410 error:
1411 if (result < 0)
1412 dev_err(dev, "failed to initialize the device: %d\n", result);
1413 d_fnend(3, dev, "(i2400m %p) = %d\n", i2400m, result);
1414 return result;
1415 }
1416
1417
1418 /**
1419 * i2400m_dev_shutdown - Shutdown a running device
1420 *
1421 * @i2400m: device descriptor
1422 *
1423 * Release resources acquired during the running of the device; in
1424 * theory, should also tell the device to go to sleep, switch off the
1425 * radio, all that, but at this point, in most cases (driver
1426 * disconnection, reset handling) we can't even talk to the device.
1427 */
i2400m_dev_shutdown(struct i2400m * i2400m)1428 void i2400m_dev_shutdown(struct i2400m *i2400m)
1429 {
1430 struct device *dev = i2400m_dev(i2400m);
1431
1432 d_fnstart(3, dev, "(i2400m %p)\n", i2400m);
1433 d_fnend(3, dev, "(i2400m %p) = void\n", i2400m);
1434 }
1435