Loading...
1/*
2 * Copyright (c) 2010-2011 Atheros Communications Inc.
3 *
4 * Permission to use, copy, modify, and/or distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice appear in all copies.
7 *
8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15 */
16
17#include <asm/unaligned.h>
18#include "htc.h"
19
20MODULE_FIRMWARE(HTC_7010_MODULE_FW);
21MODULE_FIRMWARE(HTC_9271_MODULE_FW);
22
23static const struct usb_device_id ath9k_hif_usb_ids[] = {
24 { USB_DEVICE(0x0cf3, 0x9271) }, /* Atheros */
25 { USB_DEVICE(0x0cf3, 0x1006) }, /* Atheros */
26 { USB_DEVICE(0x0846, 0x9030) }, /* Netgear N150 */
27 { USB_DEVICE(0x07b8, 0x9271) }, /* Altai WA1011N-GU */
28 { USB_DEVICE(0x07D1, 0x3A10) }, /* Dlink Wireless 150 */
29 { USB_DEVICE(0x13D3, 0x3327) }, /* Azurewave */
30 { USB_DEVICE(0x13D3, 0x3328) }, /* Azurewave */
31 { USB_DEVICE(0x13D3, 0x3346) }, /* IMC Networks */
32 { USB_DEVICE(0x13D3, 0x3348) }, /* Azurewave */
33 { USB_DEVICE(0x13D3, 0x3349) }, /* Azurewave */
34 { USB_DEVICE(0x13D3, 0x3350) }, /* Azurewave */
35 { USB_DEVICE(0x04CA, 0x4605) }, /* Liteon */
36 { USB_DEVICE(0x040D, 0x3801) }, /* VIA */
37 { USB_DEVICE(0x0cf3, 0xb003) }, /* Ubiquiti WifiStation Ext */
38 { USB_DEVICE(0x0cf3, 0xb002) }, /* Ubiquiti WifiStation */
39 { USB_DEVICE(0x057c, 0x8403) }, /* AVM FRITZ!WLAN 11N v2 USB */
40 { USB_DEVICE(0x0471, 0x209e) }, /* Philips (or NXP) PTA01 */
41 { USB_DEVICE(0x1eda, 0x2315) }, /* AirTies */
42
43 { USB_DEVICE(0x0cf3, 0x7015),
44 .driver_info = AR9287_USB }, /* Atheros */
45
46 { USB_DEVICE(0x0cf3, 0x7010),
47 .driver_info = AR9280_USB }, /* Atheros */
48 { USB_DEVICE(0x0846, 0x9018),
49 .driver_info = AR9280_USB }, /* Netgear WNDA3200 */
50 { USB_DEVICE(0x083A, 0xA704),
51 .driver_info = AR9280_USB }, /* SMC Networks */
52 { USB_DEVICE(0x0411, 0x017f),
53 .driver_info = AR9280_USB }, /* Sony UWA-BR100 */
54 { USB_DEVICE(0x0411, 0x0197),
55 .driver_info = AR9280_USB }, /* Buffalo WLI-UV-AG300P */
56 { USB_DEVICE(0x04da, 0x3904),
57 .driver_info = AR9280_USB },
58 { USB_DEVICE(0x0930, 0x0a08),
59 .driver_info = AR9280_USB }, /* Toshiba WLM-20U2 and GN-1080 */
60
61 { USB_DEVICE(0x0cf3, 0x20ff),
62 .driver_info = STORAGE_DEVICE },
63
64 { },
65};
66
67MODULE_DEVICE_TABLE(usb, ath9k_hif_usb_ids);
68
69static int __hif_usb_tx(struct hif_device_usb *hif_dev);
70
71static void hif_usb_regout_cb(struct urb *urb)
72{
73 struct cmd_buf *cmd = urb->context;
74
75 switch (urb->status) {
76 case 0:
77 break;
78 case -ENOENT:
79 case -ECONNRESET:
80 case -ENODEV:
81 case -ESHUTDOWN:
82 goto free;
83 default:
84 break;
85 }
86
87 if (cmd) {
88 ath9k_htc_txcompletion_cb(cmd->hif_dev->htc_handle,
89 cmd->skb, true);
90 kfree(cmd);
91 }
92
93 return;
94free:
95 kfree_skb(cmd->skb);
96 kfree(cmd);
97}
98
99static int hif_usb_send_regout(struct hif_device_usb *hif_dev,
100 struct sk_buff *skb)
101{
102 struct urb *urb;
103 struct cmd_buf *cmd;
104 int ret = 0;
105
106 urb = usb_alloc_urb(0, GFP_KERNEL);
107 if (urb == NULL)
108 return -ENOMEM;
109
110 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
111 if (cmd == NULL) {
112 usb_free_urb(urb);
113 return -ENOMEM;
114 }
115
116 cmd->skb = skb;
117 cmd->hif_dev = hif_dev;
118
119 usb_fill_int_urb(urb, hif_dev->udev,
120 usb_sndintpipe(hif_dev->udev, USB_REG_OUT_PIPE),
121 skb->data, skb->len,
122 hif_usb_regout_cb, cmd, 1);
123
124 usb_anchor_urb(urb, &hif_dev->regout_submitted);
125 ret = usb_submit_urb(urb, GFP_KERNEL);
126 if (ret) {
127 usb_unanchor_urb(urb);
128 kfree(cmd);
129 }
130 usb_free_urb(urb);
131
132 return ret;
133}
134
135static void hif_usb_mgmt_cb(struct urb *urb)
136{
137 struct cmd_buf *cmd = urb->context;
138 struct hif_device_usb *hif_dev;
139 unsigned long flags;
140 bool txok = true;
141
142 if (!cmd || !cmd->skb || !cmd->hif_dev)
143 return;
144
145 hif_dev = cmd->hif_dev;
146
147 switch (urb->status) {
148 case 0:
149 break;
150 case -ENOENT:
151 case -ECONNRESET:
152 case -ENODEV:
153 case -ESHUTDOWN:
154 txok = false;
155
156 /*
157 * If the URBs are being flushed, no need to complete
158 * this packet.
159 */
160 spin_lock_irqsave(&hif_dev->tx.tx_lock, flags);
161 if (hif_dev->tx.flags & HIF_USB_TX_FLUSH) {
162 spin_unlock_irqrestore(&hif_dev->tx.tx_lock, flags);
163 dev_kfree_skb_any(cmd->skb);
164 kfree(cmd);
165 return;
166 }
167 spin_unlock_irqrestore(&hif_dev->tx.tx_lock, flags);
168
169 break;
170 default:
171 txok = false;
172 break;
173 }
174
175 skb_pull(cmd->skb, 4);
176 ath9k_htc_txcompletion_cb(cmd->hif_dev->htc_handle,
177 cmd->skb, txok);
178 kfree(cmd);
179}
180
181static int hif_usb_send_mgmt(struct hif_device_usb *hif_dev,
182 struct sk_buff *skb)
183{
184 struct urb *urb;
185 struct cmd_buf *cmd;
186 int ret = 0;
187 __le16 *hdr;
188
189 urb = usb_alloc_urb(0, GFP_ATOMIC);
190 if (urb == NULL)
191 return -ENOMEM;
192
193 cmd = kzalloc(sizeof(*cmd), GFP_ATOMIC);
194 if (cmd == NULL) {
195 usb_free_urb(urb);
196 return -ENOMEM;
197 }
198
199 cmd->skb = skb;
200 cmd->hif_dev = hif_dev;
201
202 hdr = skb_push(skb, 4);
203 *hdr++ = cpu_to_le16(skb->len - 4);
204 *hdr++ = cpu_to_le16(ATH_USB_TX_STREAM_MODE_TAG);
205
206 usb_fill_bulk_urb(urb, hif_dev->udev,
207 usb_sndbulkpipe(hif_dev->udev, USB_WLAN_TX_PIPE),
208 skb->data, skb->len,
209 hif_usb_mgmt_cb, cmd);
210
211 usb_anchor_urb(urb, &hif_dev->mgmt_submitted);
212 ret = usb_submit_urb(urb, GFP_ATOMIC);
213 if (ret) {
214 usb_unanchor_urb(urb);
215 kfree(cmd);
216 }
217 usb_free_urb(urb);
218
219 return ret;
220}
221
222static inline void ath9k_skb_queue_purge(struct hif_device_usb *hif_dev,
223 struct sk_buff_head *list)
224{
225 struct sk_buff *skb;
226
227 while ((skb = __skb_dequeue(list)) != NULL) {
228 dev_kfree_skb_any(skb);
229 }
230}
231
232static inline void ath9k_skb_queue_complete(struct hif_device_usb *hif_dev,
233 struct sk_buff_head *queue,
234 bool txok)
235{
236 struct sk_buff *skb;
237
238 while ((skb = __skb_dequeue(queue)) != NULL) {
239#ifdef CONFIG_ATH9K_HTC_DEBUGFS
240 int ln = skb->len;
241#endif
242 ath9k_htc_txcompletion_cb(hif_dev->htc_handle,
243 skb, txok);
244 if (txok) {
245 TX_STAT_INC(hif_dev, skb_success);
246 TX_STAT_ADD(hif_dev, skb_success_bytes, ln);
247 }
248 else
249 TX_STAT_INC(hif_dev, skb_failed);
250 }
251}
252
253static void hif_usb_tx_cb(struct urb *urb)
254{
255 struct tx_buf *tx_buf = urb->context;
256 struct hif_device_usb *hif_dev;
257 bool txok = true;
258
259 if (!tx_buf || !tx_buf->hif_dev)
260 return;
261
262 hif_dev = tx_buf->hif_dev;
263
264 switch (urb->status) {
265 case 0:
266 break;
267 case -ENOENT:
268 case -ECONNRESET:
269 case -ENODEV:
270 case -ESHUTDOWN:
271 txok = false;
272
273 /*
274 * If the URBs are being flushed, no need to add this
275 * URB to the free list.
276 */
277 spin_lock(&hif_dev->tx.tx_lock);
278 if (hif_dev->tx.flags & HIF_USB_TX_FLUSH) {
279 spin_unlock(&hif_dev->tx.tx_lock);
280 ath9k_skb_queue_purge(hif_dev, &tx_buf->skb_queue);
281 return;
282 }
283 spin_unlock(&hif_dev->tx.tx_lock);
284
285 break;
286 default:
287 txok = false;
288 break;
289 }
290
291 ath9k_skb_queue_complete(hif_dev, &tx_buf->skb_queue, txok);
292
293 /* Re-initialize the SKB queue */
294 tx_buf->len = tx_buf->offset = 0;
295 __skb_queue_head_init(&tx_buf->skb_queue);
296
297 /* Add this TX buffer to the free list */
298 spin_lock(&hif_dev->tx.tx_lock);
299 list_move_tail(&tx_buf->list, &hif_dev->tx.tx_buf);
300 hif_dev->tx.tx_buf_cnt++;
301 if (!(hif_dev->tx.flags & HIF_USB_TX_STOP))
302 __hif_usb_tx(hif_dev); /* Check for pending SKBs */
303 TX_STAT_INC(hif_dev, buf_completed);
304 spin_unlock(&hif_dev->tx.tx_lock);
305}
306
307/* TX lock has to be taken */
308static int __hif_usb_tx(struct hif_device_usb *hif_dev)
309{
310 struct tx_buf *tx_buf = NULL;
311 struct sk_buff *nskb = NULL;
312 int ret = 0, i;
313 u16 tx_skb_cnt = 0;
314 u8 *buf;
315 __le16 *hdr;
316
317 if (hif_dev->tx.tx_skb_cnt == 0)
318 return 0;
319
320 /* Check if a free TX buffer is available */
321 if (list_empty(&hif_dev->tx.tx_buf))
322 return 0;
323
324 tx_buf = list_first_entry(&hif_dev->tx.tx_buf, struct tx_buf, list);
325 list_move_tail(&tx_buf->list, &hif_dev->tx.tx_pending);
326 hif_dev->tx.tx_buf_cnt--;
327
328 tx_skb_cnt = min_t(u16, hif_dev->tx.tx_skb_cnt, MAX_TX_AGGR_NUM);
329
330 for (i = 0; i < tx_skb_cnt; i++) {
331 nskb = __skb_dequeue(&hif_dev->tx.tx_skb_queue);
332
333 /* Should never be NULL */
334 BUG_ON(!nskb);
335
336 hif_dev->tx.tx_skb_cnt--;
337
338 buf = tx_buf->buf;
339 buf += tx_buf->offset;
340 hdr = (__le16 *)buf;
341 *hdr++ = cpu_to_le16(nskb->len);
342 *hdr++ = cpu_to_le16(ATH_USB_TX_STREAM_MODE_TAG);
343 buf += 4;
344 memcpy(buf, nskb->data, nskb->len);
345 tx_buf->len = nskb->len + 4;
346
347 if (i < (tx_skb_cnt - 1))
348 tx_buf->offset += (((tx_buf->len - 1) / 4) + 1) * 4;
349
350 if (i == (tx_skb_cnt - 1))
351 tx_buf->len += tx_buf->offset;
352
353 __skb_queue_tail(&tx_buf->skb_queue, nskb);
354 TX_STAT_INC(hif_dev, skb_queued);
355 }
356
357 usb_fill_bulk_urb(tx_buf->urb, hif_dev->udev,
358 usb_sndbulkpipe(hif_dev->udev, USB_WLAN_TX_PIPE),
359 tx_buf->buf, tx_buf->len,
360 hif_usb_tx_cb, tx_buf);
361
362 ret = usb_submit_urb(tx_buf->urb, GFP_ATOMIC);
363 if (ret) {
364 tx_buf->len = tx_buf->offset = 0;
365 ath9k_skb_queue_complete(hif_dev, &tx_buf->skb_queue, false);
366 __skb_queue_head_init(&tx_buf->skb_queue);
367 list_move_tail(&tx_buf->list, &hif_dev->tx.tx_buf);
368 hif_dev->tx.tx_buf_cnt++;
369 } else {
370 TX_STAT_INC(hif_dev, buf_queued);
371 }
372
373 return ret;
374}
375
376static int hif_usb_send_tx(struct hif_device_usb *hif_dev, struct sk_buff *skb)
377{
378 struct ath9k_htc_tx_ctl *tx_ctl;
379 unsigned long flags;
380 int ret = 0;
381
382 spin_lock_irqsave(&hif_dev->tx.tx_lock, flags);
383
384 if (hif_dev->tx.flags & HIF_USB_TX_STOP) {
385 spin_unlock_irqrestore(&hif_dev->tx.tx_lock, flags);
386 return -ENODEV;
387 }
388
389 /* Check if the max queue count has been reached */
390 if (hif_dev->tx.tx_skb_cnt > MAX_TX_BUF_NUM) {
391 spin_unlock_irqrestore(&hif_dev->tx.tx_lock, flags);
392 return -ENOMEM;
393 }
394
395 spin_unlock_irqrestore(&hif_dev->tx.tx_lock, flags);
396
397 tx_ctl = HTC_SKB_CB(skb);
398
399 /* Mgmt/Beacon frames don't use the TX buffer pool */
400 if ((tx_ctl->type == ATH9K_HTC_MGMT) ||
401 (tx_ctl->type == ATH9K_HTC_BEACON)) {
402 ret = hif_usb_send_mgmt(hif_dev, skb);
403 }
404
405 spin_lock_irqsave(&hif_dev->tx.tx_lock, flags);
406
407 if ((tx_ctl->type == ATH9K_HTC_NORMAL) ||
408 (tx_ctl->type == ATH9K_HTC_AMPDU)) {
409 __skb_queue_tail(&hif_dev->tx.tx_skb_queue, skb);
410 hif_dev->tx.tx_skb_cnt++;
411 }
412
413 /* Check if AMPDUs have to be sent immediately */
414 if ((hif_dev->tx.tx_buf_cnt == MAX_TX_URB_NUM) &&
415 (hif_dev->tx.tx_skb_cnt < 2)) {
416 __hif_usb_tx(hif_dev);
417 }
418
419 spin_unlock_irqrestore(&hif_dev->tx.tx_lock, flags);
420
421 return ret;
422}
423
424static void hif_usb_start(void *hif_handle)
425{
426 struct hif_device_usb *hif_dev = hif_handle;
427 unsigned long flags;
428
429 hif_dev->flags |= HIF_USB_START;
430
431 spin_lock_irqsave(&hif_dev->tx.tx_lock, flags);
432 hif_dev->tx.flags &= ~HIF_USB_TX_STOP;
433 spin_unlock_irqrestore(&hif_dev->tx.tx_lock, flags);
434}
435
436static void hif_usb_stop(void *hif_handle)
437{
438 struct hif_device_usb *hif_dev = hif_handle;
439 struct tx_buf *tx_buf = NULL, *tx_buf_tmp = NULL;
440 unsigned long flags;
441
442 spin_lock_irqsave(&hif_dev->tx.tx_lock, flags);
443 ath9k_skb_queue_complete(hif_dev, &hif_dev->tx.tx_skb_queue, false);
444 hif_dev->tx.tx_skb_cnt = 0;
445 hif_dev->tx.flags |= HIF_USB_TX_STOP;
446 spin_unlock_irqrestore(&hif_dev->tx.tx_lock, flags);
447
448 /* The pending URBs have to be canceled. */
449 spin_lock_irqsave(&hif_dev->tx.tx_lock, flags);
450 list_for_each_entry_safe(tx_buf, tx_buf_tmp,
451 &hif_dev->tx.tx_pending, list) {
452 usb_get_urb(tx_buf->urb);
453 spin_unlock_irqrestore(&hif_dev->tx.tx_lock, flags);
454 usb_kill_urb(tx_buf->urb);
455 list_del(&tx_buf->list);
456 usb_free_urb(tx_buf->urb);
457 kfree(tx_buf->buf);
458 kfree(tx_buf);
459 spin_lock_irqsave(&hif_dev->tx.tx_lock, flags);
460 }
461 spin_unlock_irqrestore(&hif_dev->tx.tx_lock, flags);
462
463 usb_kill_anchored_urbs(&hif_dev->mgmt_submitted);
464}
465
466static int hif_usb_send(void *hif_handle, u8 pipe_id, struct sk_buff *skb)
467{
468 struct hif_device_usb *hif_dev = hif_handle;
469 int ret = 0;
470
471 switch (pipe_id) {
472 case USB_WLAN_TX_PIPE:
473 ret = hif_usb_send_tx(hif_dev, skb);
474 break;
475 case USB_REG_OUT_PIPE:
476 ret = hif_usb_send_regout(hif_dev, skb);
477 break;
478 default:
479 dev_err(&hif_dev->udev->dev,
480 "ath9k_htc: Invalid TX pipe: %d\n", pipe_id);
481 ret = -EINVAL;
482 break;
483 }
484
485 return ret;
486}
487
488static inline bool check_index(struct sk_buff *skb, u8 idx)
489{
490 struct ath9k_htc_tx_ctl *tx_ctl;
491
492 tx_ctl = HTC_SKB_CB(skb);
493
494 if ((tx_ctl->type == ATH9K_HTC_AMPDU) &&
495 (tx_ctl->sta_idx == idx))
496 return true;
497
498 return false;
499}
500
501static void hif_usb_sta_drain(void *hif_handle, u8 idx)
502{
503 struct hif_device_usb *hif_dev = hif_handle;
504 struct sk_buff *skb, *tmp;
505 unsigned long flags;
506
507 spin_lock_irqsave(&hif_dev->tx.tx_lock, flags);
508
509 skb_queue_walk_safe(&hif_dev->tx.tx_skb_queue, skb, tmp) {
510 if (check_index(skb, idx)) {
511 __skb_unlink(skb, &hif_dev->tx.tx_skb_queue);
512 ath9k_htc_txcompletion_cb(hif_dev->htc_handle,
513 skb, false);
514 hif_dev->tx.tx_skb_cnt--;
515 TX_STAT_INC(hif_dev, skb_failed);
516 }
517 }
518
519 spin_unlock_irqrestore(&hif_dev->tx.tx_lock, flags);
520}
521
522static struct ath9k_htc_hif hif_usb = {
523 .transport = ATH9K_HIF_USB,
524 .name = "ath9k_hif_usb",
525
526 .control_ul_pipe = USB_REG_OUT_PIPE,
527 .control_dl_pipe = USB_REG_IN_PIPE,
528
529 .start = hif_usb_start,
530 .stop = hif_usb_stop,
531 .sta_drain = hif_usb_sta_drain,
532 .send = hif_usb_send,
533};
534
535/* Need to free remain_skb allocated in ath9k_hif_usb_rx_stream
536 * in case ath9k_hif_usb_rx_stream wasn't called next time to
537 * process the buffer and subsequently free it.
538 */
539static void ath9k_hif_usb_free_rx_remain_skb(struct hif_device_usb *hif_dev)
540{
541 unsigned long flags;
542
543 spin_lock_irqsave(&hif_dev->rx_lock, flags);
544 if (hif_dev->remain_skb) {
545 dev_kfree_skb_any(hif_dev->remain_skb);
546 hif_dev->remain_skb = NULL;
547 hif_dev->rx_remain_len = 0;
548 RX_STAT_INC(hif_dev, skb_dropped);
549 }
550 spin_unlock_irqrestore(&hif_dev->rx_lock, flags);
551}
552
553static void ath9k_hif_usb_rx_stream(struct hif_device_usb *hif_dev,
554 struct sk_buff *skb)
555{
556 struct sk_buff *nskb, *skb_pool[MAX_PKT_NUM_IN_TRANSFER];
557 int index = 0, i, len = skb->len;
558 int rx_remain_len, rx_pkt_len;
559 u16 pool_index = 0;
560 u8 *ptr;
561
562 spin_lock(&hif_dev->rx_lock);
563
564 rx_remain_len = hif_dev->rx_remain_len;
565 rx_pkt_len = hif_dev->rx_transfer_len;
566
567 if (rx_remain_len != 0) {
568 struct sk_buff *remain_skb = hif_dev->remain_skb;
569
570 if (remain_skb) {
571 ptr = (u8 *) remain_skb->data;
572
573 index = rx_remain_len;
574 rx_remain_len -= hif_dev->rx_pad_len;
575 ptr += rx_pkt_len;
576
577 memcpy(ptr, skb->data, rx_remain_len);
578
579 rx_pkt_len += rx_remain_len;
580 skb_put(remain_skb, rx_pkt_len);
581
582 skb_pool[pool_index++] = remain_skb;
583 hif_dev->remain_skb = NULL;
584 hif_dev->rx_remain_len = 0;
585 } else {
586 index = rx_remain_len;
587 }
588 }
589
590 spin_unlock(&hif_dev->rx_lock);
591
592 while (index < len) {
593 u16 pkt_len;
594 u16 pkt_tag;
595 u16 pad_len;
596 int chk_idx;
597
598 ptr = (u8 *) skb->data;
599
600 pkt_len = get_unaligned_le16(ptr + index);
601 pkt_tag = get_unaligned_le16(ptr + index + 2);
602
603 /* It is supposed that if we have an invalid pkt_tag or
604 * pkt_len then the whole input SKB is considered invalid
605 * and dropped; the associated packets already in skb_pool
606 * are dropped, too.
607 */
608 if (pkt_tag != ATH_USB_RX_STREAM_MODE_TAG) {
609 RX_STAT_INC(hif_dev, skb_dropped);
610 goto invalid_pkt;
611 }
612
613 if (pkt_len > 2 * MAX_RX_BUF_SIZE) {
614 dev_err(&hif_dev->udev->dev,
615 "ath9k_htc: invalid pkt_len (%x)\n", pkt_len);
616 RX_STAT_INC(hif_dev, skb_dropped);
617 goto invalid_pkt;
618 }
619
620 pad_len = 4 - (pkt_len & 0x3);
621 if (pad_len == 4)
622 pad_len = 0;
623
624 chk_idx = index;
625 index = index + 4 + pkt_len + pad_len;
626
627 if (index > MAX_RX_BUF_SIZE) {
628 spin_lock(&hif_dev->rx_lock);
629 nskb = __dev_alloc_skb(pkt_len + 32, GFP_ATOMIC);
630 if (!nskb) {
631 dev_err(&hif_dev->udev->dev,
632 "ath9k_htc: RX memory allocation error\n");
633 spin_unlock(&hif_dev->rx_lock);
634 goto err;
635 }
636
637 hif_dev->rx_remain_len = index - MAX_RX_BUF_SIZE;
638 hif_dev->rx_transfer_len =
639 MAX_RX_BUF_SIZE - chk_idx - 4;
640 hif_dev->rx_pad_len = pad_len;
641
642 skb_reserve(nskb, 32);
643 RX_STAT_INC(hif_dev, skb_allocated);
644
645 memcpy(nskb->data, &(skb->data[chk_idx+4]),
646 hif_dev->rx_transfer_len);
647
648 /* Record the buffer pointer */
649 hif_dev->remain_skb = nskb;
650 spin_unlock(&hif_dev->rx_lock);
651 } else {
652 if (pool_index == MAX_PKT_NUM_IN_TRANSFER) {
653 dev_err(&hif_dev->udev->dev,
654 "ath9k_htc: over RX MAX_PKT_NUM\n");
655 goto err;
656 }
657 nskb = __dev_alloc_skb(pkt_len + 32, GFP_ATOMIC);
658 if (!nskb) {
659 dev_err(&hif_dev->udev->dev,
660 "ath9k_htc: RX memory allocation error\n");
661 goto err;
662 }
663 skb_reserve(nskb, 32);
664 RX_STAT_INC(hif_dev, skb_allocated);
665
666 memcpy(nskb->data, &(skb->data[chk_idx+4]), pkt_len);
667 skb_put(nskb, pkt_len);
668 skb_pool[pool_index++] = nskb;
669 }
670 }
671
672err:
673 for (i = 0; i < pool_index; i++) {
674 RX_STAT_ADD(hif_dev, skb_completed_bytes, skb_pool[i]->len);
675 ath9k_htc_rx_msg(hif_dev->htc_handle, skb_pool[i],
676 skb_pool[i]->len, USB_WLAN_RX_PIPE);
677 RX_STAT_INC(hif_dev, skb_completed);
678 }
679 return;
680invalid_pkt:
681 for (i = 0; i < pool_index; i++) {
682 dev_kfree_skb_any(skb_pool[i]);
683 RX_STAT_INC(hif_dev, skb_dropped);
684 }
685 return;
686}
687
688static void ath9k_hif_usb_rx_cb(struct urb *urb)
689{
690 struct rx_buf *rx_buf = urb->context;
691 struct hif_device_usb *hif_dev = rx_buf->hif_dev;
692 struct sk_buff *skb = rx_buf->skb;
693 int ret;
694
695 if (!skb)
696 return;
697
698 if (!hif_dev)
699 goto free;
700
701 switch (urb->status) {
702 case 0:
703 break;
704 case -ENOENT:
705 case -ECONNRESET:
706 case -ENODEV:
707 case -ESHUTDOWN:
708 goto free;
709 default:
710 goto resubmit;
711 }
712
713 if (likely(urb->actual_length != 0)) {
714 skb_put(skb, urb->actual_length);
715 ath9k_hif_usb_rx_stream(hif_dev, skb);
716 }
717
718resubmit:
719 skb_reset_tail_pointer(skb);
720 skb_trim(skb, 0);
721
722 usb_anchor_urb(urb, &hif_dev->rx_submitted);
723 ret = usb_submit_urb(urb, GFP_ATOMIC);
724 if (ret) {
725 usb_unanchor_urb(urb);
726 goto free;
727 }
728
729 return;
730free:
731 kfree_skb(skb);
732 kfree(rx_buf);
733}
734
735static void ath9k_hif_usb_reg_in_cb(struct urb *urb)
736{
737 struct rx_buf *rx_buf = urb->context;
738 struct hif_device_usb *hif_dev = rx_buf->hif_dev;
739 struct sk_buff *skb = rx_buf->skb;
740 int ret;
741
742 if (!skb)
743 return;
744
745 if (!hif_dev)
746 goto free_skb;
747
748 switch (urb->status) {
749 case 0:
750 break;
751 case -ENOENT:
752 case -ECONNRESET:
753 case -ENODEV:
754 case -ESHUTDOWN:
755 goto free_skb;
756 default:
757 skb_reset_tail_pointer(skb);
758 skb_trim(skb, 0);
759
760 goto resubmit;
761 }
762
763 if (likely(urb->actual_length != 0)) {
764 skb_put(skb, urb->actual_length);
765
766 /*
767 * Process the command first.
768 * skb is either freed here or passed to be
769 * managed to another callback function.
770 */
771 ath9k_htc_rx_msg(hif_dev->htc_handle, skb,
772 skb->len, USB_REG_IN_PIPE);
773
774 skb = alloc_skb(MAX_REG_IN_BUF_SIZE, GFP_ATOMIC);
775 if (!skb) {
776 dev_err(&hif_dev->udev->dev,
777 "ath9k_htc: REG_IN memory allocation failure\n");
778 goto free_rx_buf;
779 }
780
781 rx_buf->skb = skb;
782
783 usb_fill_int_urb(urb, hif_dev->udev,
784 usb_rcvintpipe(hif_dev->udev,
785 USB_REG_IN_PIPE),
786 skb->data, MAX_REG_IN_BUF_SIZE,
787 ath9k_hif_usb_reg_in_cb, rx_buf, 1);
788 }
789
790resubmit:
791 usb_anchor_urb(urb, &hif_dev->reg_in_submitted);
792 ret = usb_submit_urb(urb, GFP_ATOMIC);
793 if (ret) {
794 usb_unanchor_urb(urb);
795 goto free_skb;
796 }
797
798 return;
799free_skb:
800 kfree_skb(skb);
801free_rx_buf:
802 kfree(rx_buf);
803 urb->context = NULL;
804}
805
806static void ath9k_hif_usb_dealloc_tx_urbs(struct hif_device_usb *hif_dev)
807{
808 struct tx_buf *tx_buf = NULL, *tx_buf_tmp = NULL;
809 unsigned long flags;
810
811 spin_lock_irqsave(&hif_dev->tx.tx_lock, flags);
812 list_for_each_entry_safe(tx_buf, tx_buf_tmp,
813 &hif_dev->tx.tx_buf, list) {
814 list_del(&tx_buf->list);
815 usb_free_urb(tx_buf->urb);
816 kfree(tx_buf->buf);
817 kfree(tx_buf);
818 }
819 spin_unlock_irqrestore(&hif_dev->tx.tx_lock, flags);
820
821 spin_lock_irqsave(&hif_dev->tx.tx_lock, flags);
822 hif_dev->tx.flags |= HIF_USB_TX_FLUSH;
823 spin_unlock_irqrestore(&hif_dev->tx.tx_lock, flags);
824
825 spin_lock_irqsave(&hif_dev->tx.tx_lock, flags);
826 list_for_each_entry_safe(tx_buf, tx_buf_tmp,
827 &hif_dev->tx.tx_pending, list) {
828 usb_get_urb(tx_buf->urb);
829 spin_unlock_irqrestore(&hif_dev->tx.tx_lock, flags);
830 usb_kill_urb(tx_buf->urb);
831 list_del(&tx_buf->list);
832 usb_free_urb(tx_buf->urb);
833 kfree(tx_buf->buf);
834 kfree(tx_buf);
835 spin_lock_irqsave(&hif_dev->tx.tx_lock, flags);
836 }
837 spin_unlock_irqrestore(&hif_dev->tx.tx_lock, flags);
838
839 usb_kill_anchored_urbs(&hif_dev->mgmt_submitted);
840}
841
842static int ath9k_hif_usb_alloc_tx_urbs(struct hif_device_usb *hif_dev)
843{
844 struct tx_buf *tx_buf;
845 int i;
846
847 INIT_LIST_HEAD(&hif_dev->tx.tx_buf);
848 INIT_LIST_HEAD(&hif_dev->tx.tx_pending);
849 spin_lock_init(&hif_dev->tx.tx_lock);
850 __skb_queue_head_init(&hif_dev->tx.tx_skb_queue);
851 init_usb_anchor(&hif_dev->mgmt_submitted);
852
853 for (i = 0; i < MAX_TX_URB_NUM; i++) {
854 tx_buf = kzalloc(sizeof(*tx_buf), GFP_KERNEL);
855 if (!tx_buf)
856 goto err;
857
858 tx_buf->buf = kzalloc(MAX_TX_BUF_SIZE, GFP_KERNEL);
859 if (!tx_buf->buf)
860 goto err;
861
862 tx_buf->urb = usb_alloc_urb(0, GFP_KERNEL);
863 if (!tx_buf->urb)
864 goto err;
865
866 tx_buf->hif_dev = hif_dev;
867 __skb_queue_head_init(&tx_buf->skb_queue);
868
869 list_add_tail(&tx_buf->list, &hif_dev->tx.tx_buf);
870 }
871
872 hif_dev->tx.tx_buf_cnt = MAX_TX_URB_NUM;
873
874 return 0;
875err:
876 if (tx_buf) {
877 kfree(tx_buf->buf);
878 kfree(tx_buf);
879 }
880 ath9k_hif_usb_dealloc_tx_urbs(hif_dev);
881 return -ENOMEM;
882}
883
884static void ath9k_hif_usb_dealloc_rx_urbs(struct hif_device_usb *hif_dev)
885{
886 usb_kill_anchored_urbs(&hif_dev->rx_submitted);
887 ath9k_hif_usb_free_rx_remain_skb(hif_dev);
888}
889
890static int ath9k_hif_usb_alloc_rx_urbs(struct hif_device_usb *hif_dev)
891{
892 struct rx_buf *rx_buf = NULL;
893 struct sk_buff *skb = NULL;
894 struct urb *urb = NULL;
895 int i, ret;
896
897 init_usb_anchor(&hif_dev->rx_submitted);
898 spin_lock_init(&hif_dev->rx_lock);
899
900 for (i = 0; i < MAX_RX_URB_NUM; i++) {
901
902 rx_buf = kzalloc(sizeof(*rx_buf), GFP_KERNEL);
903 if (!rx_buf) {
904 ret = -ENOMEM;
905 goto err_rxb;
906 }
907
908 /* Allocate URB */
909 urb = usb_alloc_urb(0, GFP_KERNEL);
910 if (urb == NULL) {
911 ret = -ENOMEM;
912 goto err_urb;
913 }
914
915 /* Allocate buffer */
916 skb = alloc_skb(MAX_RX_BUF_SIZE, GFP_KERNEL);
917 if (!skb) {
918 ret = -ENOMEM;
919 goto err_skb;
920 }
921
922 rx_buf->hif_dev = hif_dev;
923 rx_buf->skb = skb;
924
925 usb_fill_bulk_urb(urb, hif_dev->udev,
926 usb_rcvbulkpipe(hif_dev->udev,
927 USB_WLAN_RX_PIPE),
928 skb->data, MAX_RX_BUF_SIZE,
929 ath9k_hif_usb_rx_cb, rx_buf);
930
931 /* Anchor URB */
932 usb_anchor_urb(urb, &hif_dev->rx_submitted);
933
934 /* Submit URB */
935 ret = usb_submit_urb(urb, GFP_KERNEL);
936 if (ret) {
937 usb_unanchor_urb(urb);
938 goto err_submit;
939 }
940
941 /*
942 * Drop reference count.
943 * This ensures that the URB is freed when killing them.
944 */
945 usb_free_urb(urb);
946 }
947
948 return 0;
949
950err_submit:
951 kfree_skb(skb);
952err_skb:
953 usb_free_urb(urb);
954err_urb:
955 kfree(rx_buf);
956err_rxb:
957 ath9k_hif_usb_dealloc_rx_urbs(hif_dev);
958 return ret;
959}
960
961static void ath9k_hif_usb_dealloc_reg_in_urbs(struct hif_device_usb *hif_dev)
962{
963 usb_kill_anchored_urbs(&hif_dev->reg_in_submitted);
964}
965
966static int ath9k_hif_usb_alloc_reg_in_urbs(struct hif_device_usb *hif_dev)
967{
968 struct rx_buf *rx_buf = NULL;
969 struct sk_buff *skb = NULL;
970 struct urb *urb = NULL;
971 int i, ret;
972
973 init_usb_anchor(&hif_dev->reg_in_submitted);
974
975 for (i = 0; i < MAX_REG_IN_URB_NUM; i++) {
976
977 rx_buf = kzalloc(sizeof(*rx_buf), GFP_KERNEL);
978 if (!rx_buf) {
979 ret = -ENOMEM;
980 goto err_rxb;
981 }
982
983 /* Allocate URB */
984 urb = usb_alloc_urb(0, GFP_KERNEL);
985 if (urb == NULL) {
986 ret = -ENOMEM;
987 goto err_urb;
988 }
989
990 /* Allocate buffer */
991 skb = alloc_skb(MAX_REG_IN_BUF_SIZE, GFP_KERNEL);
992 if (!skb) {
993 ret = -ENOMEM;
994 goto err_skb;
995 }
996
997 rx_buf->hif_dev = hif_dev;
998 rx_buf->skb = skb;
999
1000 usb_fill_int_urb(urb, hif_dev->udev,
1001 usb_rcvintpipe(hif_dev->udev,
1002 USB_REG_IN_PIPE),
1003 skb->data, MAX_REG_IN_BUF_SIZE,
1004 ath9k_hif_usb_reg_in_cb, rx_buf, 1);
1005
1006 /* Anchor URB */
1007 usb_anchor_urb(urb, &hif_dev->reg_in_submitted);
1008
1009 /* Submit URB */
1010 ret = usb_submit_urb(urb, GFP_KERNEL);
1011 if (ret) {
1012 usb_unanchor_urb(urb);
1013 goto err_submit;
1014 }
1015
1016 /*
1017 * Drop reference count.
1018 * This ensures that the URB is freed when killing them.
1019 */
1020 usb_free_urb(urb);
1021 }
1022
1023 return 0;
1024
1025err_submit:
1026 kfree_skb(skb);
1027err_skb:
1028 usb_free_urb(urb);
1029err_urb:
1030 kfree(rx_buf);
1031err_rxb:
1032 ath9k_hif_usb_dealloc_reg_in_urbs(hif_dev);
1033 return ret;
1034}
1035
1036static int ath9k_hif_usb_alloc_urbs(struct hif_device_usb *hif_dev)
1037{
1038 /* Register Write */
1039 init_usb_anchor(&hif_dev->regout_submitted);
1040
1041 /* TX */
1042 if (ath9k_hif_usb_alloc_tx_urbs(hif_dev) < 0)
1043 goto err;
1044
1045 /* RX */
1046 if (ath9k_hif_usb_alloc_rx_urbs(hif_dev) < 0)
1047 goto err_rx;
1048
1049 /* Register Read */
1050 if (ath9k_hif_usb_alloc_reg_in_urbs(hif_dev) < 0)
1051 goto err_reg;
1052
1053 return 0;
1054err_reg:
1055 ath9k_hif_usb_dealloc_rx_urbs(hif_dev);
1056err_rx:
1057 ath9k_hif_usb_dealloc_tx_urbs(hif_dev);
1058err:
1059 return -ENOMEM;
1060}
1061
1062void ath9k_hif_usb_dealloc_urbs(struct hif_device_usb *hif_dev)
1063{
1064 usb_kill_anchored_urbs(&hif_dev->regout_submitted);
1065 ath9k_hif_usb_dealloc_reg_in_urbs(hif_dev);
1066 ath9k_hif_usb_dealloc_tx_urbs(hif_dev);
1067 ath9k_hif_usb_dealloc_rx_urbs(hif_dev);
1068}
1069
1070static int ath9k_hif_usb_download_fw(struct hif_device_usb *hif_dev)
1071{
1072 int transfer, err;
1073 const void *data = hif_dev->fw_data;
1074 size_t len = hif_dev->fw_size;
1075 u32 addr = AR9271_FIRMWARE;
1076 u8 *buf = kzalloc(4096, GFP_KERNEL);
1077 u32 firm_offset;
1078
1079 if (!buf)
1080 return -ENOMEM;
1081
1082 while (len) {
1083 transfer = min_t(size_t, len, 4096);
1084 memcpy(buf, data, transfer);
1085
1086 err = usb_control_msg(hif_dev->udev,
1087 usb_sndctrlpipe(hif_dev->udev, 0),
1088 FIRMWARE_DOWNLOAD, 0x40 | USB_DIR_OUT,
1089 addr >> 8, 0, buf, transfer,
1090 USB_MSG_TIMEOUT);
1091 if (err < 0) {
1092 kfree(buf);
1093 return err;
1094 }
1095
1096 len -= transfer;
1097 data += transfer;
1098 addr += transfer;
1099 }
1100 kfree(buf);
1101
1102 if (IS_AR7010_DEVICE(hif_dev->usb_device_id->driver_info))
1103 firm_offset = AR7010_FIRMWARE_TEXT;
1104 else
1105 firm_offset = AR9271_FIRMWARE_TEXT;
1106
1107 /*
1108 * Issue FW download complete command to firmware.
1109 */
1110 err = usb_control_msg(hif_dev->udev, usb_sndctrlpipe(hif_dev->udev, 0),
1111 FIRMWARE_DOWNLOAD_COMP,
1112 0x40 | USB_DIR_OUT,
1113 firm_offset >> 8, 0, NULL, 0, USB_MSG_TIMEOUT);
1114 if (err)
1115 return -EIO;
1116
1117 dev_info(&hif_dev->udev->dev, "ath9k_htc: Transferred FW: %s, size: %ld\n",
1118 hif_dev->fw_name, (unsigned long) hif_dev->fw_size);
1119
1120 return 0;
1121}
1122
1123static int ath9k_hif_usb_dev_init(struct hif_device_usb *hif_dev)
1124{
1125 int ret;
1126
1127 ret = ath9k_hif_usb_download_fw(hif_dev);
1128 if (ret) {
1129 dev_err(&hif_dev->udev->dev,
1130 "ath9k_htc: Firmware - %s download failed\n",
1131 hif_dev->fw_name);
1132 return ret;
1133 }
1134
1135 /* Alloc URBs */
1136 ret = ath9k_hif_usb_alloc_urbs(hif_dev);
1137 if (ret) {
1138 dev_err(&hif_dev->udev->dev,
1139 "ath9k_htc: Unable to allocate URBs\n");
1140 return ret;
1141 }
1142
1143 return 0;
1144}
1145
1146static void ath9k_hif_usb_dev_deinit(struct hif_device_usb *hif_dev)
1147{
1148 ath9k_hif_usb_dealloc_urbs(hif_dev);
1149}
1150
1151/*
1152 * If initialization fails or the FW cannot be retrieved,
1153 * detach the device.
1154 */
1155static void ath9k_hif_usb_firmware_fail(struct hif_device_usb *hif_dev)
1156{
1157 struct device *dev = &hif_dev->udev->dev;
1158 struct device *parent = dev->parent;
1159
1160 complete_all(&hif_dev->fw_done);
1161
1162 if (parent)
1163 device_lock(parent);
1164
1165 device_release_driver(dev);
1166
1167 if (parent)
1168 device_unlock(parent);
1169}
1170
1171static void ath9k_hif_usb_firmware_cb(const struct firmware *fw, void *context);
1172
1173/* taken from iwlwifi */
1174static int ath9k_hif_request_firmware(struct hif_device_usb *hif_dev,
1175 bool first)
1176{
1177 char index[8], *chip;
1178 int ret;
1179
1180 if (first) {
1181 if (htc_use_dev_fw) {
1182 hif_dev->fw_minor_index = FIRMWARE_MINOR_IDX_MAX + 1;
1183 sprintf(index, "%s", "dev");
1184 } else {
1185 hif_dev->fw_minor_index = FIRMWARE_MINOR_IDX_MAX;
1186 sprintf(index, "%d", hif_dev->fw_minor_index);
1187 }
1188 } else {
1189 hif_dev->fw_minor_index--;
1190 sprintf(index, "%d", hif_dev->fw_minor_index);
1191 }
1192
1193 /* test for FW 1.3 */
1194 if (MAJOR_VERSION_REQ == 1 && hif_dev->fw_minor_index == 3) {
1195 const char *filename;
1196
1197 if (IS_AR7010_DEVICE(hif_dev->usb_device_id->driver_info))
1198 filename = FIRMWARE_AR7010_1_1;
1199 else
1200 filename = FIRMWARE_AR9271;
1201
1202 /* expected fw locations:
1203 * - htc_9271.fw (stable version 1.3, depricated)
1204 */
1205 snprintf(hif_dev->fw_name, sizeof(hif_dev->fw_name),
1206 "%s", filename);
1207
1208 } else if (hif_dev->fw_minor_index < FIRMWARE_MINOR_IDX_MIN) {
1209 dev_err(&hif_dev->udev->dev, "no suitable firmware found!\n");
1210
1211 return -ENOENT;
1212 } else {
1213 if (IS_AR7010_DEVICE(hif_dev->usb_device_id->driver_info))
1214 chip = "7010";
1215 else
1216 chip = "9271";
1217
1218 /* expected fw locations:
1219 * - ath9k_htc/htc_9271-1.dev.0.fw (development version)
1220 * - ath9k_htc/htc_9271-1.4.0.fw (stable version)
1221 */
1222 snprintf(hif_dev->fw_name, sizeof(hif_dev->fw_name),
1223 "%s/htc_%s-%d.%s.0.fw", HTC_FW_PATH,
1224 chip, MAJOR_VERSION_REQ, index);
1225 }
1226
1227 ret = request_firmware_nowait(THIS_MODULE, true, hif_dev->fw_name,
1228 &hif_dev->udev->dev, GFP_KERNEL,
1229 hif_dev, ath9k_hif_usb_firmware_cb);
1230 if (ret) {
1231 dev_err(&hif_dev->udev->dev,
1232 "ath9k_htc: Async request for firmware %s failed\n",
1233 hif_dev->fw_name);
1234 return ret;
1235 }
1236
1237 dev_info(&hif_dev->udev->dev, "ath9k_htc: Firmware %s requested\n",
1238 hif_dev->fw_name);
1239
1240 return ret;
1241}
1242
1243static void ath9k_hif_usb_firmware_cb(const struct firmware *fw, void *context)
1244{
1245 struct hif_device_usb *hif_dev = context;
1246 int ret;
1247
1248 if (!fw) {
1249 ret = ath9k_hif_request_firmware(hif_dev, false);
1250 if (!ret)
1251 return;
1252
1253 dev_err(&hif_dev->udev->dev,
1254 "ath9k_htc: Failed to get firmware %s\n",
1255 hif_dev->fw_name);
1256 goto err_fw;
1257 }
1258
1259 hif_dev->htc_handle = ath9k_htc_hw_alloc(hif_dev, &hif_usb,
1260 &hif_dev->udev->dev);
1261 if (hif_dev->htc_handle == NULL)
1262 goto err_dev_alloc;
1263
1264 hif_dev->fw_data = fw->data;
1265 hif_dev->fw_size = fw->size;
1266
1267 /* Proceed with initialization */
1268
1269 ret = ath9k_hif_usb_dev_init(hif_dev);
1270 if (ret)
1271 goto err_dev_init;
1272
1273 ret = ath9k_htc_hw_init(hif_dev->htc_handle,
1274 &hif_dev->interface->dev,
1275 hif_dev->usb_device_id->idProduct,
1276 hif_dev->udev->product,
1277 hif_dev->usb_device_id->driver_info);
1278 if (ret) {
1279 ret = -EINVAL;
1280 goto err_htc_hw_init;
1281 }
1282
1283 release_firmware(fw);
1284 hif_dev->flags |= HIF_USB_READY;
1285 complete_all(&hif_dev->fw_done);
1286
1287 return;
1288
1289err_htc_hw_init:
1290 ath9k_hif_usb_dev_deinit(hif_dev);
1291err_dev_init:
1292 ath9k_htc_hw_free(hif_dev->htc_handle);
1293err_dev_alloc:
1294 release_firmware(fw);
1295err_fw:
1296 ath9k_hif_usb_firmware_fail(hif_dev);
1297}
1298
1299/*
1300 * An exact copy of the function from zd1211rw.
1301 */
1302static int send_eject_command(struct usb_interface *interface)
1303{
1304 struct usb_device *udev = interface_to_usbdev(interface);
1305 struct usb_host_interface *iface_desc = interface->cur_altsetting;
1306 struct usb_endpoint_descriptor *endpoint;
1307 unsigned char *cmd;
1308 u8 bulk_out_ep;
1309 int r;
1310
1311 if (iface_desc->desc.bNumEndpoints < 2)
1312 return -ENODEV;
1313
1314 /* Find bulk out endpoint */
1315 for (r = 1; r >= 0; r--) {
1316 endpoint = &iface_desc->endpoint[r].desc;
1317 if (usb_endpoint_dir_out(endpoint) &&
1318 usb_endpoint_xfer_bulk(endpoint)) {
1319 bulk_out_ep = endpoint->bEndpointAddress;
1320 break;
1321 }
1322 }
1323 if (r == -1) {
1324 dev_err(&udev->dev,
1325 "ath9k_htc: Could not find bulk out endpoint\n");
1326 return -ENODEV;
1327 }
1328
1329 cmd = kzalloc(31, GFP_KERNEL);
1330 if (cmd == NULL)
1331 return -ENODEV;
1332
1333 /* USB bulk command block */
1334 cmd[0] = 0x55; /* bulk command signature */
1335 cmd[1] = 0x53; /* bulk command signature */
1336 cmd[2] = 0x42; /* bulk command signature */
1337 cmd[3] = 0x43; /* bulk command signature */
1338 cmd[14] = 6; /* command length */
1339
1340 cmd[15] = 0x1b; /* SCSI command: START STOP UNIT */
1341 cmd[19] = 0x2; /* eject disc */
1342
1343 dev_info(&udev->dev, "Ejecting storage device...\n");
1344 r = usb_bulk_msg(udev, usb_sndbulkpipe(udev, bulk_out_ep),
1345 cmd, 31, NULL, 2 * USB_MSG_TIMEOUT);
1346 kfree(cmd);
1347 if (r)
1348 return r;
1349
1350 /* At this point, the device disconnects and reconnects with the real
1351 * ID numbers. */
1352
1353 usb_set_intfdata(interface, NULL);
1354 return 0;
1355}
1356
1357static int ath9k_hif_usb_probe(struct usb_interface *interface,
1358 const struct usb_device_id *id)
1359{
1360 struct usb_endpoint_descriptor *bulk_in, *bulk_out, *int_in, *int_out;
1361 struct usb_device *udev = interface_to_usbdev(interface);
1362 struct usb_host_interface *alt;
1363 struct hif_device_usb *hif_dev;
1364 int ret = 0;
1365
1366 /* Verify the expected endpoints are present */
1367 alt = interface->cur_altsetting;
1368 if (usb_find_common_endpoints(alt, &bulk_in, &bulk_out, &int_in, &int_out) < 0 ||
1369 usb_endpoint_num(bulk_in) != USB_WLAN_RX_PIPE ||
1370 usb_endpoint_num(bulk_out) != USB_WLAN_TX_PIPE ||
1371 usb_endpoint_num(int_in) != USB_REG_IN_PIPE ||
1372 usb_endpoint_num(int_out) != USB_REG_OUT_PIPE) {
1373 dev_err(&udev->dev,
1374 "ath9k_htc: Device endpoint numbers are not the expected ones\n");
1375 return -ENODEV;
1376 }
1377
1378 if (id->driver_info == STORAGE_DEVICE)
1379 return send_eject_command(interface);
1380
1381 hif_dev = kzalloc(sizeof(struct hif_device_usb), GFP_KERNEL);
1382 if (!hif_dev) {
1383 ret = -ENOMEM;
1384 goto err_alloc;
1385 }
1386
1387 usb_get_dev(udev);
1388
1389 hif_dev->udev = udev;
1390 hif_dev->interface = interface;
1391 hif_dev->usb_device_id = id;
1392#ifdef CONFIG_PM
1393 udev->reset_resume = 1;
1394#endif
1395 usb_set_intfdata(interface, hif_dev);
1396
1397 init_completion(&hif_dev->fw_done);
1398
1399 ret = ath9k_hif_request_firmware(hif_dev, true);
1400 if (ret)
1401 goto err_fw_req;
1402
1403 return ret;
1404
1405err_fw_req:
1406 usb_set_intfdata(interface, NULL);
1407 kfree(hif_dev);
1408 usb_put_dev(udev);
1409err_alloc:
1410 return ret;
1411}
1412
1413static void ath9k_hif_usb_reboot(struct usb_device *udev)
1414{
1415 u32 reboot_cmd = 0xffffffff;
1416 void *buf;
1417 int ret;
1418
1419 buf = kmemdup(&reboot_cmd, 4, GFP_KERNEL);
1420 if (!buf)
1421 return;
1422
1423 ret = usb_interrupt_msg(udev, usb_sndintpipe(udev, USB_REG_OUT_PIPE),
1424 buf, 4, NULL, USB_MSG_TIMEOUT);
1425 if (ret)
1426 dev_err(&udev->dev, "ath9k_htc: USB reboot failed\n");
1427
1428 kfree(buf);
1429}
1430
1431static void ath9k_hif_usb_disconnect(struct usb_interface *interface)
1432{
1433 struct usb_device *udev = interface_to_usbdev(interface);
1434 struct hif_device_usb *hif_dev = usb_get_intfdata(interface);
1435 bool unplugged = udev->state == USB_STATE_NOTATTACHED;
1436
1437 if (!hif_dev)
1438 return;
1439
1440 wait_for_completion(&hif_dev->fw_done);
1441
1442 if (hif_dev->flags & HIF_USB_READY) {
1443 ath9k_htc_hw_deinit(hif_dev->htc_handle, unplugged);
1444 ath9k_htc_hw_free(hif_dev->htc_handle);
1445 }
1446
1447 usb_set_intfdata(interface, NULL);
1448
1449 /* If firmware was loaded we should drop it
1450 * go back to first stage bootloader. */
1451 if (!unplugged && (hif_dev->flags & HIF_USB_READY))
1452 ath9k_hif_usb_reboot(udev);
1453
1454 kfree(hif_dev);
1455 dev_info(&udev->dev, "ath9k_htc: USB layer deinitialized\n");
1456 usb_put_dev(udev);
1457}
1458
1459#ifdef CONFIG_PM
1460static int ath9k_hif_usb_suspend(struct usb_interface *interface,
1461 pm_message_t message)
1462{
1463 struct hif_device_usb *hif_dev = usb_get_intfdata(interface);
1464
1465 /*
1466 * The device has to be set to FULLSLEEP mode in case no
1467 * interface is up.
1468 */
1469 if (!(hif_dev->flags & HIF_USB_START))
1470 ath9k_htc_suspend(hif_dev->htc_handle);
1471
1472 wait_for_completion(&hif_dev->fw_done);
1473
1474 if (hif_dev->flags & HIF_USB_READY)
1475 ath9k_hif_usb_dealloc_urbs(hif_dev);
1476
1477 return 0;
1478}
1479
1480static int ath9k_hif_usb_resume(struct usb_interface *interface)
1481{
1482 struct hif_device_usb *hif_dev = usb_get_intfdata(interface);
1483 struct htc_target *htc_handle = hif_dev->htc_handle;
1484 const struct firmware *fw;
1485 int ret;
1486
1487 ret = ath9k_hif_usb_alloc_urbs(hif_dev);
1488 if (ret)
1489 return ret;
1490
1491 if (!(hif_dev->flags & HIF_USB_READY)) {
1492 ret = -EIO;
1493 goto fail_resume;
1494 }
1495
1496 /* request cached firmware during suspend/resume cycle */
1497 ret = request_firmware(&fw, hif_dev->fw_name,
1498 &hif_dev->udev->dev);
1499 if (ret)
1500 goto fail_resume;
1501
1502 hif_dev->fw_data = fw->data;
1503 hif_dev->fw_size = fw->size;
1504 ret = ath9k_hif_usb_download_fw(hif_dev);
1505 release_firmware(fw);
1506 if (ret)
1507 goto fail_resume;
1508
1509 mdelay(100);
1510
1511 ret = ath9k_htc_resume(htc_handle);
1512
1513 if (ret)
1514 goto fail_resume;
1515
1516 return 0;
1517
1518fail_resume:
1519 ath9k_hif_usb_dealloc_urbs(hif_dev);
1520
1521 return ret;
1522}
1523#endif
1524
1525static struct usb_driver ath9k_hif_usb_driver = {
1526 .name = KBUILD_MODNAME,
1527 .probe = ath9k_hif_usb_probe,
1528 .disconnect = ath9k_hif_usb_disconnect,
1529#ifdef CONFIG_PM
1530 .suspend = ath9k_hif_usb_suspend,
1531 .resume = ath9k_hif_usb_resume,
1532 .reset_resume = ath9k_hif_usb_resume,
1533#endif
1534 .id_table = ath9k_hif_usb_ids,
1535 .soft_unbind = 1,
1536 .disable_hub_initiated_lpm = 1,
1537};
1538
1539int ath9k_hif_usb_init(void)
1540{
1541 return usb_register(&ath9k_hif_usb_driver);
1542}
1543
1544void ath9k_hif_usb_exit(void)
1545{
1546 usb_deregister(&ath9k_hif_usb_driver);
1547}
1/*
2 * Copyright (c) 2010-2011 Atheros Communications Inc.
3 *
4 * Permission to use, copy, modify, and/or distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice appear in all copies.
7 *
8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15 */
16
17#include <asm/unaligned.h>
18#include "htc.h"
19
20MODULE_FIRMWARE(HTC_7010_MODULE_FW);
21MODULE_FIRMWARE(HTC_9271_MODULE_FW);
22
23static const struct usb_device_id ath9k_hif_usb_ids[] = {
24 { USB_DEVICE(0x0cf3, 0x9271) }, /* Atheros */
25 { USB_DEVICE(0x0cf3, 0x1006) }, /* Atheros */
26 { USB_DEVICE(0x0846, 0x9030) }, /* Netgear N150 */
27 { USB_DEVICE(0x07b8, 0x9271) }, /* Altai WA1011N-GU */
28 { USB_DEVICE(0x07D1, 0x3A10) }, /* Dlink Wireless 150 */
29 { USB_DEVICE(0x13D3, 0x3327) }, /* Azurewave */
30 { USB_DEVICE(0x13D3, 0x3328) }, /* Azurewave */
31 { USB_DEVICE(0x13D3, 0x3346) }, /* IMC Networks */
32 { USB_DEVICE(0x13D3, 0x3348) }, /* Azurewave */
33 { USB_DEVICE(0x13D3, 0x3349) }, /* Azurewave */
34 { USB_DEVICE(0x13D3, 0x3350) }, /* Azurewave */
35 { USB_DEVICE(0x04CA, 0x4605) }, /* Liteon */
36 { USB_DEVICE(0x040D, 0x3801) }, /* VIA */
37 { USB_DEVICE(0x0cf3, 0xb003) }, /* Ubiquiti WifiStation Ext */
38 { USB_DEVICE(0x0cf3, 0xb002) }, /* Ubiquiti WifiStation */
39 { USB_DEVICE(0x057c, 0x8403) }, /* AVM FRITZ!WLAN 11N v2 USB */
40 { USB_DEVICE(0x0471, 0x209e) }, /* Philips (or NXP) PTA01 */
41 { USB_DEVICE(0x1eda, 0x2315) }, /* AirTies */
42
43 { USB_DEVICE(0x0cf3, 0x7015),
44 .driver_info = AR9287_USB }, /* Atheros */
45
46 { USB_DEVICE(0x0cf3, 0x7010),
47 .driver_info = AR9280_USB }, /* Atheros */
48 { USB_DEVICE(0x0846, 0x9018),
49 .driver_info = AR9280_USB }, /* Netgear WNDA3200 */
50 { USB_DEVICE(0x083A, 0xA704),
51 .driver_info = AR9280_USB }, /* SMC Networks */
52 { USB_DEVICE(0x0411, 0x017f),
53 .driver_info = AR9280_USB }, /* Sony UWA-BR100 */
54 { USB_DEVICE(0x0411, 0x0197),
55 .driver_info = AR9280_USB }, /* Buffalo WLI-UV-AG300P */
56 { USB_DEVICE(0x04da, 0x3904),
57 .driver_info = AR9280_USB },
58 { USB_DEVICE(0x0930, 0x0a08),
59 .driver_info = AR9280_USB }, /* Toshiba WLM-20U2 and GN-1080 */
60
61 { USB_DEVICE(0x0cf3, 0x20ff),
62 .driver_info = STORAGE_DEVICE },
63
64 { },
65};
66
67MODULE_DEVICE_TABLE(usb, ath9k_hif_usb_ids);
68
69static int __hif_usb_tx(struct hif_device_usb *hif_dev);
70
71static void hif_usb_regout_cb(struct urb *urb)
72{
73 struct cmd_buf *cmd = urb->context;
74
75 switch (urb->status) {
76 case 0:
77 break;
78 case -ENOENT:
79 case -ECONNRESET:
80 case -ENODEV:
81 case -ESHUTDOWN:
82 goto free;
83 default:
84 break;
85 }
86
87 if (cmd) {
88 ath9k_htc_txcompletion_cb(cmd->hif_dev->htc_handle,
89 cmd->skb, true);
90 kfree(cmd);
91 }
92
93 return;
94free:
95 kfree_skb(cmd->skb);
96 kfree(cmd);
97}
98
99static int hif_usb_send_regout(struct hif_device_usb *hif_dev,
100 struct sk_buff *skb)
101{
102 struct urb *urb;
103 struct cmd_buf *cmd;
104 int ret = 0;
105
106 urb = usb_alloc_urb(0, GFP_KERNEL);
107 if (urb == NULL)
108 return -ENOMEM;
109
110 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
111 if (cmd == NULL) {
112 usb_free_urb(urb);
113 return -ENOMEM;
114 }
115
116 cmd->skb = skb;
117 cmd->hif_dev = hif_dev;
118
119 usb_fill_int_urb(urb, hif_dev->udev,
120 usb_sndintpipe(hif_dev->udev, USB_REG_OUT_PIPE),
121 skb->data, skb->len,
122 hif_usb_regout_cb, cmd, 1);
123
124 usb_anchor_urb(urb, &hif_dev->regout_submitted);
125 ret = usb_submit_urb(urb, GFP_KERNEL);
126 if (ret) {
127 usb_unanchor_urb(urb);
128 kfree(cmd);
129 }
130 usb_free_urb(urb);
131
132 return ret;
133}
134
135static void hif_usb_mgmt_cb(struct urb *urb)
136{
137 struct cmd_buf *cmd = urb->context;
138 struct hif_device_usb *hif_dev;
139 unsigned long flags;
140 bool txok = true;
141
142 if (!cmd || !cmd->skb || !cmd->hif_dev)
143 return;
144
145 hif_dev = cmd->hif_dev;
146
147 switch (urb->status) {
148 case 0:
149 break;
150 case -ENOENT:
151 case -ECONNRESET:
152 case -ENODEV:
153 case -ESHUTDOWN:
154 txok = false;
155
156 /*
157 * If the URBs are being flushed, no need to complete
158 * this packet.
159 */
160 spin_lock_irqsave(&hif_dev->tx.tx_lock, flags);
161 if (hif_dev->tx.flags & HIF_USB_TX_FLUSH) {
162 spin_unlock_irqrestore(&hif_dev->tx.tx_lock, flags);
163 dev_kfree_skb_any(cmd->skb);
164 kfree(cmd);
165 return;
166 }
167 spin_unlock_irqrestore(&hif_dev->tx.tx_lock, flags);
168
169 break;
170 default:
171 txok = false;
172 break;
173 }
174
175 skb_pull(cmd->skb, 4);
176 ath9k_htc_txcompletion_cb(cmd->hif_dev->htc_handle,
177 cmd->skb, txok);
178 kfree(cmd);
179}
180
181static int hif_usb_send_mgmt(struct hif_device_usb *hif_dev,
182 struct sk_buff *skb)
183{
184 struct urb *urb;
185 struct cmd_buf *cmd;
186 int ret = 0;
187 __le16 *hdr;
188
189 urb = usb_alloc_urb(0, GFP_ATOMIC);
190 if (urb == NULL)
191 return -ENOMEM;
192
193 cmd = kzalloc(sizeof(*cmd), GFP_ATOMIC);
194 if (cmd == NULL) {
195 usb_free_urb(urb);
196 return -ENOMEM;
197 }
198
199 cmd->skb = skb;
200 cmd->hif_dev = hif_dev;
201
202 hdr = skb_push(skb, 4);
203 *hdr++ = cpu_to_le16(skb->len - 4);
204 *hdr++ = cpu_to_le16(ATH_USB_TX_STREAM_MODE_TAG);
205
206 usb_fill_bulk_urb(urb, hif_dev->udev,
207 usb_sndbulkpipe(hif_dev->udev, USB_WLAN_TX_PIPE),
208 skb->data, skb->len,
209 hif_usb_mgmt_cb, cmd);
210
211 usb_anchor_urb(urb, &hif_dev->mgmt_submitted);
212 ret = usb_submit_urb(urb, GFP_ATOMIC);
213 if (ret) {
214 usb_unanchor_urb(urb);
215 kfree(cmd);
216 }
217 usb_free_urb(urb);
218
219 return ret;
220}
221
222static inline void ath9k_skb_queue_purge(struct hif_device_usb *hif_dev,
223 struct sk_buff_head *list)
224{
225 struct sk_buff *skb;
226
227 while ((skb = __skb_dequeue(list)) != NULL) {
228 dev_kfree_skb_any(skb);
229 }
230}
231
232static inline void ath9k_skb_queue_complete(struct hif_device_usb *hif_dev,
233 struct sk_buff_head *queue,
234 bool txok)
235{
236 struct sk_buff *skb;
237
238 while ((skb = __skb_dequeue(queue)) != NULL) {
239#ifdef CONFIG_ATH9K_HTC_DEBUGFS
240 int ln = skb->len;
241#endif
242 ath9k_htc_txcompletion_cb(hif_dev->htc_handle,
243 skb, txok);
244 if (txok) {
245 TX_STAT_INC(hif_dev, skb_success);
246 TX_STAT_ADD(hif_dev, skb_success_bytes, ln);
247 }
248 else
249 TX_STAT_INC(hif_dev, skb_failed);
250 }
251}
252
253static void hif_usb_tx_cb(struct urb *urb)
254{
255 struct tx_buf *tx_buf = urb->context;
256 struct hif_device_usb *hif_dev;
257 bool txok = true;
258
259 if (!tx_buf || !tx_buf->hif_dev)
260 return;
261
262 hif_dev = tx_buf->hif_dev;
263
264 switch (urb->status) {
265 case 0:
266 break;
267 case -ENOENT:
268 case -ECONNRESET:
269 case -ENODEV:
270 case -ESHUTDOWN:
271 txok = false;
272
273 /*
274 * If the URBs are being flushed, no need to add this
275 * URB to the free list.
276 */
277 spin_lock(&hif_dev->tx.tx_lock);
278 if (hif_dev->tx.flags & HIF_USB_TX_FLUSH) {
279 spin_unlock(&hif_dev->tx.tx_lock);
280 ath9k_skb_queue_purge(hif_dev, &tx_buf->skb_queue);
281 return;
282 }
283 spin_unlock(&hif_dev->tx.tx_lock);
284
285 break;
286 default:
287 txok = false;
288 break;
289 }
290
291 ath9k_skb_queue_complete(hif_dev, &tx_buf->skb_queue, txok);
292
293 /* Re-initialize the SKB queue */
294 tx_buf->len = tx_buf->offset = 0;
295 __skb_queue_head_init(&tx_buf->skb_queue);
296
297 /* Add this TX buffer to the free list */
298 spin_lock(&hif_dev->tx.tx_lock);
299 list_move_tail(&tx_buf->list, &hif_dev->tx.tx_buf);
300 hif_dev->tx.tx_buf_cnt++;
301 if (!(hif_dev->tx.flags & HIF_USB_TX_STOP))
302 __hif_usb_tx(hif_dev); /* Check for pending SKBs */
303 TX_STAT_INC(hif_dev, buf_completed);
304 spin_unlock(&hif_dev->tx.tx_lock);
305}
306
307/* TX lock has to be taken */
308static int __hif_usb_tx(struct hif_device_usb *hif_dev)
309{
310 struct tx_buf *tx_buf = NULL;
311 struct sk_buff *nskb = NULL;
312 int ret = 0, i;
313 u16 tx_skb_cnt = 0;
314 u8 *buf;
315 __le16 *hdr;
316
317 if (hif_dev->tx.tx_skb_cnt == 0)
318 return 0;
319
320 /* Check if a free TX buffer is available */
321 if (list_empty(&hif_dev->tx.tx_buf))
322 return 0;
323
324 tx_buf = list_first_entry(&hif_dev->tx.tx_buf, struct tx_buf, list);
325 list_move_tail(&tx_buf->list, &hif_dev->tx.tx_pending);
326 hif_dev->tx.tx_buf_cnt--;
327
328 tx_skb_cnt = min_t(u16, hif_dev->tx.tx_skb_cnt, MAX_TX_AGGR_NUM);
329
330 for (i = 0; i < tx_skb_cnt; i++) {
331 nskb = __skb_dequeue(&hif_dev->tx.tx_skb_queue);
332
333 /* Should never be NULL */
334 BUG_ON(!nskb);
335
336 hif_dev->tx.tx_skb_cnt--;
337
338 buf = tx_buf->buf;
339 buf += tx_buf->offset;
340 hdr = (__le16 *)buf;
341 *hdr++ = cpu_to_le16(nskb->len);
342 *hdr++ = cpu_to_le16(ATH_USB_TX_STREAM_MODE_TAG);
343 buf += 4;
344 memcpy(buf, nskb->data, nskb->len);
345 tx_buf->len = nskb->len + 4;
346
347 if (i < (tx_skb_cnt - 1))
348 tx_buf->offset += (((tx_buf->len - 1) / 4) + 1) * 4;
349
350 if (i == (tx_skb_cnt - 1))
351 tx_buf->len += tx_buf->offset;
352
353 __skb_queue_tail(&tx_buf->skb_queue, nskb);
354 TX_STAT_INC(hif_dev, skb_queued);
355 }
356
357 usb_fill_bulk_urb(tx_buf->urb, hif_dev->udev,
358 usb_sndbulkpipe(hif_dev->udev, USB_WLAN_TX_PIPE),
359 tx_buf->buf, tx_buf->len,
360 hif_usb_tx_cb, tx_buf);
361
362 ret = usb_submit_urb(tx_buf->urb, GFP_ATOMIC);
363 if (ret) {
364 tx_buf->len = tx_buf->offset = 0;
365 ath9k_skb_queue_complete(hif_dev, &tx_buf->skb_queue, false);
366 __skb_queue_head_init(&tx_buf->skb_queue);
367 list_move_tail(&tx_buf->list, &hif_dev->tx.tx_buf);
368 hif_dev->tx.tx_buf_cnt++;
369 } else {
370 TX_STAT_INC(hif_dev, buf_queued);
371 }
372
373 return ret;
374}
375
376static int hif_usb_send_tx(struct hif_device_usb *hif_dev, struct sk_buff *skb)
377{
378 struct ath9k_htc_tx_ctl *tx_ctl;
379 unsigned long flags;
380 int ret = 0;
381
382 spin_lock_irqsave(&hif_dev->tx.tx_lock, flags);
383
384 if (hif_dev->tx.flags & HIF_USB_TX_STOP) {
385 spin_unlock_irqrestore(&hif_dev->tx.tx_lock, flags);
386 return -ENODEV;
387 }
388
389 /* Check if the max queue count has been reached */
390 if (hif_dev->tx.tx_skb_cnt > MAX_TX_BUF_NUM) {
391 spin_unlock_irqrestore(&hif_dev->tx.tx_lock, flags);
392 return -ENOMEM;
393 }
394
395 spin_unlock_irqrestore(&hif_dev->tx.tx_lock, flags);
396
397 tx_ctl = HTC_SKB_CB(skb);
398
399 /* Mgmt/Beacon frames don't use the TX buffer pool */
400 if ((tx_ctl->type == ATH9K_HTC_MGMT) ||
401 (tx_ctl->type == ATH9K_HTC_BEACON)) {
402 ret = hif_usb_send_mgmt(hif_dev, skb);
403 }
404
405 spin_lock_irqsave(&hif_dev->tx.tx_lock, flags);
406
407 if ((tx_ctl->type == ATH9K_HTC_NORMAL) ||
408 (tx_ctl->type == ATH9K_HTC_AMPDU)) {
409 __skb_queue_tail(&hif_dev->tx.tx_skb_queue, skb);
410 hif_dev->tx.tx_skb_cnt++;
411 }
412
413 /* Check if AMPDUs have to be sent immediately */
414 if ((hif_dev->tx.tx_buf_cnt == MAX_TX_URB_NUM) &&
415 (hif_dev->tx.tx_skb_cnt < 2)) {
416 __hif_usb_tx(hif_dev);
417 }
418
419 spin_unlock_irqrestore(&hif_dev->tx.tx_lock, flags);
420
421 return ret;
422}
423
424static void hif_usb_start(void *hif_handle)
425{
426 struct hif_device_usb *hif_dev = hif_handle;
427 unsigned long flags;
428
429 hif_dev->flags |= HIF_USB_START;
430
431 spin_lock_irqsave(&hif_dev->tx.tx_lock, flags);
432 hif_dev->tx.flags &= ~HIF_USB_TX_STOP;
433 spin_unlock_irqrestore(&hif_dev->tx.tx_lock, flags);
434}
435
436static void hif_usb_stop(void *hif_handle)
437{
438 struct hif_device_usb *hif_dev = hif_handle;
439 struct tx_buf *tx_buf = NULL, *tx_buf_tmp = NULL;
440 unsigned long flags;
441
442 spin_lock_irqsave(&hif_dev->tx.tx_lock, flags);
443 ath9k_skb_queue_complete(hif_dev, &hif_dev->tx.tx_skb_queue, false);
444 hif_dev->tx.tx_skb_cnt = 0;
445 hif_dev->tx.flags |= HIF_USB_TX_STOP;
446 spin_unlock_irqrestore(&hif_dev->tx.tx_lock, flags);
447
448 /* The pending URBs have to be canceled. */
449 spin_lock_irqsave(&hif_dev->tx.tx_lock, flags);
450 list_for_each_entry_safe(tx_buf, tx_buf_tmp,
451 &hif_dev->tx.tx_pending, list) {
452 usb_get_urb(tx_buf->urb);
453 spin_unlock_irqrestore(&hif_dev->tx.tx_lock, flags);
454 usb_kill_urb(tx_buf->urb);
455 list_del(&tx_buf->list);
456 usb_free_urb(tx_buf->urb);
457 kfree(tx_buf->buf);
458 kfree(tx_buf);
459 spin_lock_irqsave(&hif_dev->tx.tx_lock, flags);
460 }
461 spin_unlock_irqrestore(&hif_dev->tx.tx_lock, flags);
462
463 usb_kill_anchored_urbs(&hif_dev->mgmt_submitted);
464}
465
466static int hif_usb_send(void *hif_handle, u8 pipe_id, struct sk_buff *skb)
467{
468 struct hif_device_usb *hif_dev = hif_handle;
469 int ret = 0;
470
471 switch (pipe_id) {
472 case USB_WLAN_TX_PIPE:
473 ret = hif_usb_send_tx(hif_dev, skb);
474 break;
475 case USB_REG_OUT_PIPE:
476 ret = hif_usb_send_regout(hif_dev, skb);
477 break;
478 default:
479 dev_err(&hif_dev->udev->dev,
480 "ath9k_htc: Invalid TX pipe: %d\n", pipe_id);
481 ret = -EINVAL;
482 break;
483 }
484
485 return ret;
486}
487
488static inline bool check_index(struct sk_buff *skb, u8 idx)
489{
490 struct ath9k_htc_tx_ctl *tx_ctl;
491
492 tx_ctl = HTC_SKB_CB(skb);
493
494 if ((tx_ctl->type == ATH9K_HTC_AMPDU) &&
495 (tx_ctl->sta_idx == idx))
496 return true;
497
498 return false;
499}
500
501static void hif_usb_sta_drain(void *hif_handle, u8 idx)
502{
503 struct hif_device_usb *hif_dev = hif_handle;
504 struct sk_buff *skb, *tmp;
505 unsigned long flags;
506
507 spin_lock_irqsave(&hif_dev->tx.tx_lock, flags);
508
509 skb_queue_walk_safe(&hif_dev->tx.tx_skb_queue, skb, tmp) {
510 if (check_index(skb, idx)) {
511 __skb_unlink(skb, &hif_dev->tx.tx_skb_queue);
512 ath9k_htc_txcompletion_cb(hif_dev->htc_handle,
513 skb, false);
514 hif_dev->tx.tx_skb_cnt--;
515 TX_STAT_INC(hif_dev, skb_failed);
516 }
517 }
518
519 spin_unlock_irqrestore(&hif_dev->tx.tx_lock, flags);
520}
521
522static struct ath9k_htc_hif hif_usb = {
523 .transport = ATH9K_HIF_USB,
524 .name = "ath9k_hif_usb",
525
526 .control_ul_pipe = USB_REG_OUT_PIPE,
527 .control_dl_pipe = USB_REG_IN_PIPE,
528
529 .start = hif_usb_start,
530 .stop = hif_usb_stop,
531 .sta_drain = hif_usb_sta_drain,
532 .send = hif_usb_send,
533};
534
535/* Need to free remain_skb allocated in ath9k_hif_usb_rx_stream
536 * in case ath9k_hif_usb_rx_stream wasn't called next time to
537 * process the buffer and subsequently free it.
538 */
539static void ath9k_hif_usb_free_rx_remain_skb(struct hif_device_usb *hif_dev)
540{
541 unsigned long flags;
542
543 spin_lock_irqsave(&hif_dev->rx_lock, flags);
544 if (hif_dev->remain_skb) {
545 dev_kfree_skb_any(hif_dev->remain_skb);
546 hif_dev->remain_skb = NULL;
547 hif_dev->rx_remain_len = 0;
548 RX_STAT_INC(hif_dev, skb_dropped);
549 }
550 spin_unlock_irqrestore(&hif_dev->rx_lock, flags);
551}
552
553static void ath9k_hif_usb_rx_stream(struct hif_device_usb *hif_dev,
554 struct sk_buff *skb)
555{
556 struct sk_buff *nskb, *skb_pool[MAX_PKT_NUM_IN_TRANSFER];
557 int index = 0, i, len = skb->len;
558 int rx_remain_len, rx_pkt_len;
559 u16 pool_index = 0;
560 u8 *ptr;
561
562 spin_lock(&hif_dev->rx_lock);
563
564 rx_remain_len = hif_dev->rx_remain_len;
565 rx_pkt_len = hif_dev->rx_transfer_len;
566
567 if (rx_remain_len != 0) {
568 struct sk_buff *remain_skb = hif_dev->remain_skb;
569
570 if (remain_skb) {
571 ptr = (u8 *) remain_skb->data;
572
573 index = rx_remain_len;
574 rx_remain_len -= hif_dev->rx_pad_len;
575 ptr += rx_pkt_len;
576
577 memcpy(ptr, skb->data, rx_remain_len);
578
579 rx_pkt_len += rx_remain_len;
580 skb_put(remain_skb, rx_pkt_len);
581
582 skb_pool[pool_index++] = remain_skb;
583 hif_dev->remain_skb = NULL;
584 hif_dev->rx_remain_len = 0;
585 } else {
586 index = rx_remain_len;
587 }
588 }
589
590 spin_unlock(&hif_dev->rx_lock);
591
592 while (index < len) {
593 u16 pkt_len;
594 u16 pkt_tag;
595 u16 pad_len;
596 int chk_idx;
597
598 ptr = (u8 *) skb->data;
599
600 pkt_len = get_unaligned_le16(ptr + index);
601 pkt_tag = get_unaligned_le16(ptr + index + 2);
602
603 /* It is supposed that if we have an invalid pkt_tag or
604 * pkt_len then the whole input SKB is considered invalid
605 * and dropped; the associated packets already in skb_pool
606 * are dropped, too.
607 */
608 if (pkt_tag != ATH_USB_RX_STREAM_MODE_TAG) {
609 RX_STAT_INC(hif_dev, skb_dropped);
610 goto invalid_pkt;
611 }
612
613 if (pkt_len > 2 * MAX_RX_BUF_SIZE) {
614 dev_err(&hif_dev->udev->dev,
615 "ath9k_htc: invalid pkt_len (%x)\n", pkt_len);
616 RX_STAT_INC(hif_dev, skb_dropped);
617 goto invalid_pkt;
618 }
619
620 pad_len = 4 - (pkt_len & 0x3);
621 if (pad_len == 4)
622 pad_len = 0;
623
624 chk_idx = index;
625 index = index + 4 + pkt_len + pad_len;
626
627 if (index > MAX_RX_BUF_SIZE) {
628 spin_lock(&hif_dev->rx_lock);
629 nskb = __dev_alloc_skb(pkt_len + 32, GFP_ATOMIC);
630 if (!nskb) {
631 dev_err(&hif_dev->udev->dev,
632 "ath9k_htc: RX memory allocation error\n");
633 spin_unlock(&hif_dev->rx_lock);
634 goto err;
635 }
636
637 hif_dev->rx_remain_len = index - MAX_RX_BUF_SIZE;
638 hif_dev->rx_transfer_len =
639 MAX_RX_BUF_SIZE - chk_idx - 4;
640 hif_dev->rx_pad_len = pad_len;
641
642 skb_reserve(nskb, 32);
643 RX_STAT_INC(hif_dev, skb_allocated);
644
645 memcpy(nskb->data, &(skb->data[chk_idx+4]),
646 hif_dev->rx_transfer_len);
647
648 /* Record the buffer pointer */
649 hif_dev->remain_skb = nskb;
650 spin_unlock(&hif_dev->rx_lock);
651 } else {
652 if (pool_index == MAX_PKT_NUM_IN_TRANSFER) {
653 dev_err(&hif_dev->udev->dev,
654 "ath9k_htc: over RX MAX_PKT_NUM\n");
655 goto err;
656 }
657 nskb = __dev_alloc_skb(pkt_len + 32, GFP_ATOMIC);
658 if (!nskb) {
659 dev_err(&hif_dev->udev->dev,
660 "ath9k_htc: RX memory allocation error\n");
661 goto err;
662 }
663 skb_reserve(nskb, 32);
664 RX_STAT_INC(hif_dev, skb_allocated);
665
666 memcpy(nskb->data, &(skb->data[chk_idx+4]), pkt_len);
667 skb_put(nskb, pkt_len);
668 skb_pool[pool_index++] = nskb;
669 }
670 }
671
672err:
673 for (i = 0; i < pool_index; i++) {
674 RX_STAT_ADD(hif_dev, skb_completed_bytes, skb_pool[i]->len);
675 ath9k_htc_rx_msg(hif_dev->htc_handle, skb_pool[i],
676 skb_pool[i]->len, USB_WLAN_RX_PIPE);
677 RX_STAT_INC(hif_dev, skb_completed);
678 }
679 return;
680invalid_pkt:
681 for (i = 0; i < pool_index; i++) {
682 dev_kfree_skb_any(skb_pool[i]);
683 RX_STAT_INC(hif_dev, skb_dropped);
684 }
685 return;
686}
687
688static void ath9k_hif_usb_rx_cb(struct urb *urb)
689{
690 struct rx_buf *rx_buf = urb->context;
691 struct hif_device_usb *hif_dev = rx_buf->hif_dev;
692 struct sk_buff *skb = rx_buf->skb;
693 int ret;
694
695 if (!skb)
696 return;
697
698 if (!hif_dev)
699 goto free;
700
701 switch (urb->status) {
702 case 0:
703 break;
704 case -ENOENT:
705 case -ECONNRESET:
706 case -ENODEV:
707 case -ESHUTDOWN:
708 goto free;
709 default:
710 goto resubmit;
711 }
712
713 if (likely(urb->actual_length != 0)) {
714 skb_put(skb, urb->actual_length);
715 ath9k_hif_usb_rx_stream(hif_dev, skb);
716 }
717
718resubmit:
719 skb_reset_tail_pointer(skb);
720 skb_trim(skb, 0);
721
722 usb_anchor_urb(urb, &hif_dev->rx_submitted);
723 ret = usb_submit_urb(urb, GFP_ATOMIC);
724 if (ret) {
725 usb_unanchor_urb(urb);
726 goto free;
727 }
728
729 return;
730free:
731 kfree_skb(skb);
732 kfree(rx_buf);
733}
734
735static void ath9k_hif_usb_reg_in_cb(struct urb *urb)
736{
737 struct rx_buf *rx_buf = urb->context;
738 struct hif_device_usb *hif_dev = rx_buf->hif_dev;
739 struct sk_buff *skb = rx_buf->skb;
740 int ret;
741
742 if (!skb)
743 return;
744
745 if (!hif_dev)
746 goto free_skb;
747
748 switch (urb->status) {
749 case 0:
750 break;
751 case -ENOENT:
752 case -ECONNRESET:
753 case -ENODEV:
754 case -ESHUTDOWN:
755 goto free_skb;
756 default:
757 skb_reset_tail_pointer(skb);
758 skb_trim(skb, 0);
759
760 goto resubmit;
761 }
762
763 if (likely(urb->actual_length != 0)) {
764 skb_put(skb, urb->actual_length);
765
766 /*
767 * Process the command first.
768 * skb is either freed here or passed to be
769 * managed to another callback function.
770 */
771 ath9k_htc_rx_msg(hif_dev->htc_handle, skb,
772 skb->len, USB_REG_IN_PIPE);
773
774 skb = alloc_skb(MAX_REG_IN_BUF_SIZE, GFP_ATOMIC);
775 if (!skb) {
776 dev_err(&hif_dev->udev->dev,
777 "ath9k_htc: REG_IN memory allocation failure\n");
778 goto free_rx_buf;
779 }
780
781 rx_buf->skb = skb;
782
783 usb_fill_int_urb(urb, hif_dev->udev,
784 usb_rcvintpipe(hif_dev->udev,
785 USB_REG_IN_PIPE),
786 skb->data, MAX_REG_IN_BUF_SIZE,
787 ath9k_hif_usb_reg_in_cb, rx_buf, 1);
788 }
789
790resubmit:
791 usb_anchor_urb(urb, &hif_dev->reg_in_submitted);
792 ret = usb_submit_urb(urb, GFP_ATOMIC);
793 if (ret) {
794 usb_unanchor_urb(urb);
795 goto free_skb;
796 }
797
798 return;
799free_skb:
800 kfree_skb(skb);
801free_rx_buf:
802 kfree(rx_buf);
803 urb->context = NULL;
804}
805
806static void ath9k_hif_usb_dealloc_tx_urbs(struct hif_device_usb *hif_dev)
807{
808 struct tx_buf *tx_buf = NULL, *tx_buf_tmp = NULL;
809 unsigned long flags;
810
811 spin_lock_irqsave(&hif_dev->tx.tx_lock, flags);
812 list_for_each_entry_safe(tx_buf, tx_buf_tmp,
813 &hif_dev->tx.tx_buf, list) {
814 list_del(&tx_buf->list);
815 usb_free_urb(tx_buf->urb);
816 kfree(tx_buf->buf);
817 kfree(tx_buf);
818 }
819 spin_unlock_irqrestore(&hif_dev->tx.tx_lock, flags);
820
821 spin_lock_irqsave(&hif_dev->tx.tx_lock, flags);
822 hif_dev->tx.flags |= HIF_USB_TX_FLUSH;
823 spin_unlock_irqrestore(&hif_dev->tx.tx_lock, flags);
824
825 spin_lock_irqsave(&hif_dev->tx.tx_lock, flags);
826 list_for_each_entry_safe(tx_buf, tx_buf_tmp,
827 &hif_dev->tx.tx_pending, list) {
828 usb_get_urb(tx_buf->urb);
829 spin_unlock_irqrestore(&hif_dev->tx.tx_lock, flags);
830 usb_kill_urb(tx_buf->urb);
831 list_del(&tx_buf->list);
832 usb_free_urb(tx_buf->urb);
833 kfree(tx_buf->buf);
834 kfree(tx_buf);
835 spin_lock_irqsave(&hif_dev->tx.tx_lock, flags);
836 }
837 spin_unlock_irqrestore(&hif_dev->tx.tx_lock, flags);
838
839 usb_kill_anchored_urbs(&hif_dev->mgmt_submitted);
840}
841
842static int ath9k_hif_usb_alloc_tx_urbs(struct hif_device_usb *hif_dev)
843{
844 struct tx_buf *tx_buf;
845 int i;
846
847 INIT_LIST_HEAD(&hif_dev->tx.tx_buf);
848 INIT_LIST_HEAD(&hif_dev->tx.tx_pending);
849 spin_lock_init(&hif_dev->tx.tx_lock);
850 __skb_queue_head_init(&hif_dev->tx.tx_skb_queue);
851 init_usb_anchor(&hif_dev->mgmt_submitted);
852
853 for (i = 0; i < MAX_TX_URB_NUM; i++) {
854 tx_buf = kzalloc(sizeof(*tx_buf), GFP_KERNEL);
855 if (!tx_buf)
856 goto err;
857
858 tx_buf->buf = kzalloc(MAX_TX_BUF_SIZE, GFP_KERNEL);
859 if (!tx_buf->buf)
860 goto err;
861
862 tx_buf->urb = usb_alloc_urb(0, GFP_KERNEL);
863 if (!tx_buf->urb)
864 goto err;
865
866 tx_buf->hif_dev = hif_dev;
867 __skb_queue_head_init(&tx_buf->skb_queue);
868
869 list_add_tail(&tx_buf->list, &hif_dev->tx.tx_buf);
870 }
871
872 hif_dev->tx.tx_buf_cnt = MAX_TX_URB_NUM;
873
874 return 0;
875err:
876 if (tx_buf) {
877 kfree(tx_buf->buf);
878 kfree(tx_buf);
879 }
880 ath9k_hif_usb_dealloc_tx_urbs(hif_dev);
881 return -ENOMEM;
882}
883
884static void ath9k_hif_usb_dealloc_rx_urbs(struct hif_device_usb *hif_dev)
885{
886 usb_kill_anchored_urbs(&hif_dev->rx_submitted);
887 ath9k_hif_usb_free_rx_remain_skb(hif_dev);
888}
889
890static int ath9k_hif_usb_alloc_rx_urbs(struct hif_device_usb *hif_dev)
891{
892 struct rx_buf *rx_buf = NULL;
893 struct sk_buff *skb = NULL;
894 struct urb *urb = NULL;
895 int i, ret;
896
897 init_usb_anchor(&hif_dev->rx_submitted);
898 spin_lock_init(&hif_dev->rx_lock);
899
900 for (i = 0; i < MAX_RX_URB_NUM; i++) {
901
902 rx_buf = kzalloc(sizeof(*rx_buf), GFP_KERNEL);
903 if (!rx_buf) {
904 ret = -ENOMEM;
905 goto err_rxb;
906 }
907
908 /* Allocate URB */
909 urb = usb_alloc_urb(0, GFP_KERNEL);
910 if (urb == NULL) {
911 ret = -ENOMEM;
912 goto err_urb;
913 }
914
915 /* Allocate buffer */
916 skb = alloc_skb(MAX_RX_BUF_SIZE, GFP_KERNEL);
917 if (!skb) {
918 ret = -ENOMEM;
919 goto err_skb;
920 }
921
922 rx_buf->hif_dev = hif_dev;
923 rx_buf->skb = skb;
924
925 usb_fill_bulk_urb(urb, hif_dev->udev,
926 usb_rcvbulkpipe(hif_dev->udev,
927 USB_WLAN_RX_PIPE),
928 skb->data, MAX_RX_BUF_SIZE,
929 ath9k_hif_usb_rx_cb, rx_buf);
930
931 /* Anchor URB */
932 usb_anchor_urb(urb, &hif_dev->rx_submitted);
933
934 /* Submit URB */
935 ret = usb_submit_urb(urb, GFP_KERNEL);
936 if (ret) {
937 usb_unanchor_urb(urb);
938 goto err_submit;
939 }
940
941 /*
942 * Drop reference count.
943 * This ensures that the URB is freed when killing them.
944 */
945 usb_free_urb(urb);
946 }
947
948 return 0;
949
950err_submit:
951 kfree_skb(skb);
952err_skb:
953 usb_free_urb(urb);
954err_urb:
955 kfree(rx_buf);
956err_rxb:
957 ath9k_hif_usb_dealloc_rx_urbs(hif_dev);
958 return ret;
959}
960
961static void ath9k_hif_usb_dealloc_reg_in_urbs(struct hif_device_usb *hif_dev)
962{
963 usb_kill_anchored_urbs(&hif_dev->reg_in_submitted);
964}
965
966static int ath9k_hif_usb_alloc_reg_in_urbs(struct hif_device_usb *hif_dev)
967{
968 struct rx_buf *rx_buf = NULL;
969 struct sk_buff *skb = NULL;
970 struct urb *urb = NULL;
971 int i, ret;
972
973 init_usb_anchor(&hif_dev->reg_in_submitted);
974
975 for (i = 0; i < MAX_REG_IN_URB_NUM; i++) {
976
977 rx_buf = kzalloc(sizeof(*rx_buf), GFP_KERNEL);
978 if (!rx_buf) {
979 ret = -ENOMEM;
980 goto err_rxb;
981 }
982
983 /* Allocate URB */
984 urb = usb_alloc_urb(0, GFP_KERNEL);
985 if (urb == NULL) {
986 ret = -ENOMEM;
987 goto err_urb;
988 }
989
990 /* Allocate buffer */
991 skb = alloc_skb(MAX_REG_IN_BUF_SIZE, GFP_KERNEL);
992 if (!skb) {
993 ret = -ENOMEM;
994 goto err_skb;
995 }
996
997 rx_buf->hif_dev = hif_dev;
998 rx_buf->skb = skb;
999
1000 usb_fill_int_urb(urb, hif_dev->udev,
1001 usb_rcvintpipe(hif_dev->udev,
1002 USB_REG_IN_PIPE),
1003 skb->data, MAX_REG_IN_BUF_SIZE,
1004 ath9k_hif_usb_reg_in_cb, rx_buf, 1);
1005
1006 /* Anchor URB */
1007 usb_anchor_urb(urb, &hif_dev->reg_in_submitted);
1008
1009 /* Submit URB */
1010 ret = usb_submit_urb(urb, GFP_KERNEL);
1011 if (ret) {
1012 usb_unanchor_urb(urb);
1013 goto err_submit;
1014 }
1015
1016 /*
1017 * Drop reference count.
1018 * This ensures that the URB is freed when killing them.
1019 */
1020 usb_free_urb(urb);
1021 }
1022
1023 return 0;
1024
1025err_submit:
1026 kfree_skb(skb);
1027err_skb:
1028 usb_free_urb(urb);
1029err_urb:
1030 kfree(rx_buf);
1031err_rxb:
1032 ath9k_hif_usb_dealloc_reg_in_urbs(hif_dev);
1033 return ret;
1034}
1035
1036static int ath9k_hif_usb_alloc_urbs(struct hif_device_usb *hif_dev)
1037{
1038 /* Register Write */
1039 init_usb_anchor(&hif_dev->regout_submitted);
1040
1041 /* TX */
1042 if (ath9k_hif_usb_alloc_tx_urbs(hif_dev) < 0)
1043 goto err;
1044
1045 /* RX */
1046 if (ath9k_hif_usb_alloc_rx_urbs(hif_dev) < 0)
1047 goto err_rx;
1048
1049 /* Register Read */
1050 if (ath9k_hif_usb_alloc_reg_in_urbs(hif_dev) < 0)
1051 goto err_reg;
1052
1053 return 0;
1054err_reg:
1055 ath9k_hif_usb_dealloc_rx_urbs(hif_dev);
1056err_rx:
1057 ath9k_hif_usb_dealloc_tx_urbs(hif_dev);
1058err:
1059 return -ENOMEM;
1060}
1061
1062void ath9k_hif_usb_dealloc_urbs(struct hif_device_usb *hif_dev)
1063{
1064 usb_kill_anchored_urbs(&hif_dev->regout_submitted);
1065 ath9k_hif_usb_dealloc_reg_in_urbs(hif_dev);
1066 ath9k_hif_usb_dealloc_tx_urbs(hif_dev);
1067 ath9k_hif_usb_dealloc_rx_urbs(hif_dev);
1068}
1069
1070static int ath9k_hif_usb_download_fw(struct hif_device_usb *hif_dev)
1071{
1072 int transfer, err;
1073 const void *data = hif_dev->fw_data;
1074 size_t len = hif_dev->fw_size;
1075 u32 addr = AR9271_FIRMWARE;
1076 u8 *buf = kzalloc(4096, GFP_KERNEL);
1077 u32 firm_offset;
1078
1079 if (!buf)
1080 return -ENOMEM;
1081
1082 while (len) {
1083 transfer = min_t(size_t, len, 4096);
1084 memcpy(buf, data, transfer);
1085
1086 err = usb_control_msg(hif_dev->udev,
1087 usb_sndctrlpipe(hif_dev->udev, 0),
1088 FIRMWARE_DOWNLOAD, 0x40 | USB_DIR_OUT,
1089 addr >> 8, 0, buf, transfer,
1090 USB_MSG_TIMEOUT);
1091 if (err < 0) {
1092 kfree(buf);
1093 return err;
1094 }
1095
1096 len -= transfer;
1097 data += transfer;
1098 addr += transfer;
1099 }
1100 kfree(buf);
1101
1102 if (IS_AR7010_DEVICE(hif_dev->usb_device_id->driver_info))
1103 firm_offset = AR7010_FIRMWARE_TEXT;
1104 else
1105 firm_offset = AR9271_FIRMWARE_TEXT;
1106
1107 /*
1108 * Issue FW download complete command to firmware.
1109 */
1110 err = usb_control_msg(hif_dev->udev, usb_sndctrlpipe(hif_dev->udev, 0),
1111 FIRMWARE_DOWNLOAD_COMP,
1112 0x40 | USB_DIR_OUT,
1113 firm_offset >> 8, 0, NULL, 0, USB_MSG_TIMEOUT);
1114 if (err)
1115 return -EIO;
1116
1117 dev_info(&hif_dev->udev->dev, "ath9k_htc: Transferred FW: %s, size: %ld\n",
1118 hif_dev->fw_name, (unsigned long) hif_dev->fw_size);
1119
1120 return 0;
1121}
1122
1123static int ath9k_hif_usb_dev_init(struct hif_device_usb *hif_dev)
1124{
1125 int ret;
1126
1127 ret = ath9k_hif_usb_download_fw(hif_dev);
1128 if (ret) {
1129 dev_err(&hif_dev->udev->dev,
1130 "ath9k_htc: Firmware - %s download failed\n",
1131 hif_dev->fw_name);
1132 return ret;
1133 }
1134
1135 /* Alloc URBs */
1136 ret = ath9k_hif_usb_alloc_urbs(hif_dev);
1137 if (ret) {
1138 dev_err(&hif_dev->udev->dev,
1139 "ath9k_htc: Unable to allocate URBs\n");
1140 return ret;
1141 }
1142
1143 return 0;
1144}
1145
1146static void ath9k_hif_usb_dev_deinit(struct hif_device_usb *hif_dev)
1147{
1148 ath9k_hif_usb_dealloc_urbs(hif_dev);
1149}
1150
1151/*
1152 * If initialization fails or the FW cannot be retrieved,
1153 * detach the device.
1154 */
1155static void ath9k_hif_usb_firmware_fail(struct hif_device_usb *hif_dev)
1156{
1157 struct device *dev = &hif_dev->udev->dev;
1158 struct device *parent = dev->parent;
1159
1160 complete_all(&hif_dev->fw_done);
1161
1162 if (parent)
1163 device_lock(parent);
1164
1165 device_release_driver(dev);
1166
1167 if (parent)
1168 device_unlock(parent);
1169}
1170
1171static void ath9k_hif_usb_firmware_cb(const struct firmware *fw, void *context);
1172
1173/* taken from iwlwifi */
1174static int ath9k_hif_request_firmware(struct hif_device_usb *hif_dev,
1175 bool first)
1176{
1177 char index[8], *chip;
1178 int ret;
1179
1180 if (first) {
1181 if (htc_use_dev_fw) {
1182 hif_dev->fw_minor_index = FIRMWARE_MINOR_IDX_MAX + 1;
1183 sprintf(index, "%s", "dev");
1184 } else {
1185 hif_dev->fw_minor_index = FIRMWARE_MINOR_IDX_MAX;
1186 sprintf(index, "%d", hif_dev->fw_minor_index);
1187 }
1188 } else {
1189 hif_dev->fw_minor_index--;
1190 sprintf(index, "%d", hif_dev->fw_minor_index);
1191 }
1192
1193 /* test for FW 1.3 */
1194 if (MAJOR_VERSION_REQ == 1 && hif_dev->fw_minor_index == 3) {
1195 const char *filename;
1196
1197 if (IS_AR7010_DEVICE(hif_dev->usb_device_id->driver_info))
1198 filename = FIRMWARE_AR7010_1_1;
1199 else
1200 filename = FIRMWARE_AR9271;
1201
1202 /* expected fw locations:
1203 * - htc_9271.fw (stable version 1.3, depricated)
1204 */
1205 snprintf(hif_dev->fw_name, sizeof(hif_dev->fw_name),
1206 "%s", filename);
1207
1208 } else if (hif_dev->fw_minor_index < FIRMWARE_MINOR_IDX_MIN) {
1209 dev_err(&hif_dev->udev->dev, "no suitable firmware found!\n");
1210
1211 return -ENOENT;
1212 } else {
1213 if (IS_AR7010_DEVICE(hif_dev->usb_device_id->driver_info))
1214 chip = "7010";
1215 else
1216 chip = "9271";
1217
1218 /* expected fw locations:
1219 * - ath9k_htc/htc_9271-1.dev.0.fw (development version)
1220 * - ath9k_htc/htc_9271-1.4.0.fw (stable version)
1221 */
1222 snprintf(hif_dev->fw_name, sizeof(hif_dev->fw_name),
1223 "%s/htc_%s-%d.%s.0.fw", HTC_FW_PATH,
1224 chip, MAJOR_VERSION_REQ, index);
1225 }
1226
1227 ret = request_firmware_nowait(THIS_MODULE, true, hif_dev->fw_name,
1228 &hif_dev->udev->dev, GFP_KERNEL,
1229 hif_dev, ath9k_hif_usb_firmware_cb);
1230 if (ret) {
1231 dev_err(&hif_dev->udev->dev,
1232 "ath9k_htc: Async request for firmware %s failed\n",
1233 hif_dev->fw_name);
1234 return ret;
1235 }
1236
1237 dev_info(&hif_dev->udev->dev, "ath9k_htc: Firmware %s requested\n",
1238 hif_dev->fw_name);
1239
1240 return ret;
1241}
1242
1243static void ath9k_hif_usb_firmware_cb(const struct firmware *fw, void *context)
1244{
1245 struct hif_device_usb *hif_dev = context;
1246 int ret;
1247
1248 if (!fw) {
1249 ret = ath9k_hif_request_firmware(hif_dev, false);
1250 if (!ret)
1251 return;
1252
1253 dev_err(&hif_dev->udev->dev,
1254 "ath9k_htc: Failed to get firmware %s\n",
1255 hif_dev->fw_name);
1256 goto err_fw;
1257 }
1258
1259 hif_dev->htc_handle = ath9k_htc_hw_alloc(hif_dev, &hif_usb,
1260 &hif_dev->udev->dev);
1261 if (hif_dev->htc_handle == NULL)
1262 goto err_dev_alloc;
1263
1264 hif_dev->fw_data = fw->data;
1265 hif_dev->fw_size = fw->size;
1266
1267 /* Proceed with initialization */
1268
1269 ret = ath9k_hif_usb_dev_init(hif_dev);
1270 if (ret)
1271 goto err_dev_init;
1272
1273 ret = ath9k_htc_hw_init(hif_dev->htc_handle,
1274 &hif_dev->interface->dev,
1275 hif_dev->usb_device_id->idProduct,
1276 hif_dev->udev->product,
1277 hif_dev->usb_device_id->driver_info);
1278 if (ret) {
1279 ret = -EINVAL;
1280 goto err_htc_hw_init;
1281 }
1282
1283 release_firmware(fw);
1284 hif_dev->flags |= HIF_USB_READY;
1285 complete_all(&hif_dev->fw_done);
1286
1287 return;
1288
1289err_htc_hw_init:
1290 ath9k_hif_usb_dev_deinit(hif_dev);
1291err_dev_init:
1292 ath9k_htc_hw_free(hif_dev->htc_handle);
1293err_dev_alloc:
1294 release_firmware(fw);
1295err_fw:
1296 ath9k_hif_usb_firmware_fail(hif_dev);
1297}
1298
1299/*
1300 * An exact copy of the function from zd1211rw.
1301 */
1302static int send_eject_command(struct usb_interface *interface)
1303{
1304 struct usb_device *udev = interface_to_usbdev(interface);
1305 struct usb_host_interface *iface_desc = interface->cur_altsetting;
1306 struct usb_endpoint_descriptor *endpoint;
1307 unsigned char *cmd;
1308 u8 bulk_out_ep;
1309 int r;
1310
1311 if (iface_desc->desc.bNumEndpoints < 2)
1312 return -ENODEV;
1313
1314 /* Find bulk out endpoint */
1315 for (r = 1; r >= 0; r--) {
1316 endpoint = &iface_desc->endpoint[r].desc;
1317 if (usb_endpoint_dir_out(endpoint) &&
1318 usb_endpoint_xfer_bulk(endpoint)) {
1319 bulk_out_ep = endpoint->bEndpointAddress;
1320 break;
1321 }
1322 }
1323 if (r == -1) {
1324 dev_err(&udev->dev,
1325 "ath9k_htc: Could not find bulk out endpoint\n");
1326 return -ENODEV;
1327 }
1328
1329 cmd = kzalloc(31, GFP_KERNEL);
1330 if (cmd == NULL)
1331 return -ENODEV;
1332
1333 /* USB bulk command block */
1334 cmd[0] = 0x55; /* bulk command signature */
1335 cmd[1] = 0x53; /* bulk command signature */
1336 cmd[2] = 0x42; /* bulk command signature */
1337 cmd[3] = 0x43; /* bulk command signature */
1338 cmd[14] = 6; /* command length */
1339
1340 cmd[15] = 0x1b; /* SCSI command: START STOP UNIT */
1341 cmd[19] = 0x2; /* eject disc */
1342
1343 dev_info(&udev->dev, "Ejecting storage device...\n");
1344 r = usb_bulk_msg(udev, usb_sndbulkpipe(udev, bulk_out_ep),
1345 cmd, 31, NULL, 2 * USB_MSG_TIMEOUT);
1346 kfree(cmd);
1347 if (r)
1348 return r;
1349
1350 /* At this point, the device disconnects and reconnects with the real
1351 * ID numbers. */
1352
1353 usb_set_intfdata(interface, NULL);
1354 return 0;
1355}
1356
1357static int ath9k_hif_usb_probe(struct usb_interface *interface,
1358 const struct usb_device_id *id)
1359{
1360 struct usb_endpoint_descriptor *bulk_in, *bulk_out, *int_in, *int_out;
1361 struct usb_device *udev = interface_to_usbdev(interface);
1362 struct usb_host_interface *alt;
1363 struct hif_device_usb *hif_dev;
1364 int ret = 0;
1365
1366 /* Verify the expected endpoints are present */
1367 alt = interface->cur_altsetting;
1368 if (usb_find_common_endpoints(alt, &bulk_in, &bulk_out, &int_in, &int_out) < 0 ||
1369 usb_endpoint_num(bulk_in) != USB_WLAN_RX_PIPE ||
1370 usb_endpoint_num(bulk_out) != USB_WLAN_TX_PIPE ||
1371 usb_endpoint_num(int_in) != USB_REG_IN_PIPE ||
1372 usb_endpoint_num(int_out) != USB_REG_OUT_PIPE) {
1373 dev_err(&udev->dev,
1374 "ath9k_htc: Device endpoint numbers are not the expected ones\n");
1375 return -ENODEV;
1376 }
1377
1378 if (id->driver_info == STORAGE_DEVICE)
1379 return send_eject_command(interface);
1380
1381 hif_dev = kzalloc(sizeof(struct hif_device_usb), GFP_KERNEL);
1382 if (!hif_dev) {
1383 ret = -ENOMEM;
1384 goto err_alloc;
1385 }
1386
1387 usb_get_dev(udev);
1388
1389 hif_dev->udev = udev;
1390 hif_dev->interface = interface;
1391 hif_dev->usb_device_id = id;
1392#ifdef CONFIG_PM
1393 udev->reset_resume = 1;
1394#endif
1395 usb_set_intfdata(interface, hif_dev);
1396
1397 init_completion(&hif_dev->fw_done);
1398
1399 ret = ath9k_hif_request_firmware(hif_dev, true);
1400 if (ret)
1401 goto err_fw_req;
1402
1403 return ret;
1404
1405err_fw_req:
1406 usb_set_intfdata(interface, NULL);
1407 kfree(hif_dev);
1408 usb_put_dev(udev);
1409err_alloc:
1410 return ret;
1411}
1412
1413static void ath9k_hif_usb_reboot(struct usb_device *udev)
1414{
1415 u32 reboot_cmd = 0xffffffff;
1416 void *buf;
1417 int ret;
1418
1419 buf = kmemdup(&reboot_cmd, 4, GFP_KERNEL);
1420 if (!buf)
1421 return;
1422
1423 ret = usb_interrupt_msg(udev, usb_sndintpipe(udev, USB_REG_OUT_PIPE),
1424 buf, 4, NULL, USB_MSG_TIMEOUT);
1425 if (ret)
1426 dev_err(&udev->dev, "ath9k_htc: USB reboot failed\n");
1427
1428 kfree(buf);
1429}
1430
1431static void ath9k_hif_usb_disconnect(struct usb_interface *interface)
1432{
1433 struct usb_device *udev = interface_to_usbdev(interface);
1434 struct hif_device_usb *hif_dev = usb_get_intfdata(interface);
1435 bool unplugged = udev->state == USB_STATE_NOTATTACHED;
1436
1437 if (!hif_dev)
1438 return;
1439
1440 wait_for_completion(&hif_dev->fw_done);
1441
1442 if (hif_dev->flags & HIF_USB_READY) {
1443 ath9k_htc_hw_deinit(hif_dev->htc_handle, unplugged);
1444 ath9k_htc_hw_free(hif_dev->htc_handle);
1445 }
1446
1447 usb_set_intfdata(interface, NULL);
1448
1449 /* If firmware was loaded we should drop it
1450 * go back to first stage bootloader. */
1451 if (!unplugged && (hif_dev->flags & HIF_USB_READY))
1452 ath9k_hif_usb_reboot(udev);
1453
1454 kfree(hif_dev);
1455 dev_info(&udev->dev, "ath9k_htc: USB layer deinitialized\n");
1456 usb_put_dev(udev);
1457}
1458
1459#ifdef CONFIG_PM
1460static int ath9k_hif_usb_suspend(struct usb_interface *interface,
1461 pm_message_t message)
1462{
1463 struct hif_device_usb *hif_dev = usb_get_intfdata(interface);
1464
1465 /*
1466 * The device has to be set to FULLSLEEP mode in case no
1467 * interface is up.
1468 */
1469 if (!(hif_dev->flags & HIF_USB_START))
1470 ath9k_htc_suspend(hif_dev->htc_handle);
1471
1472 wait_for_completion(&hif_dev->fw_done);
1473
1474 if (hif_dev->flags & HIF_USB_READY)
1475 ath9k_hif_usb_dealloc_urbs(hif_dev);
1476
1477 return 0;
1478}
1479
1480static int ath9k_hif_usb_resume(struct usb_interface *interface)
1481{
1482 struct hif_device_usb *hif_dev = usb_get_intfdata(interface);
1483 struct htc_target *htc_handle = hif_dev->htc_handle;
1484 const struct firmware *fw;
1485 int ret;
1486
1487 ret = ath9k_hif_usb_alloc_urbs(hif_dev);
1488 if (ret)
1489 return ret;
1490
1491 if (!(hif_dev->flags & HIF_USB_READY)) {
1492 ret = -EIO;
1493 goto fail_resume;
1494 }
1495
1496 /* request cached firmware during suspend/resume cycle */
1497 ret = request_firmware(&fw, hif_dev->fw_name,
1498 &hif_dev->udev->dev);
1499 if (ret)
1500 goto fail_resume;
1501
1502 hif_dev->fw_data = fw->data;
1503 hif_dev->fw_size = fw->size;
1504 ret = ath9k_hif_usb_download_fw(hif_dev);
1505 release_firmware(fw);
1506 if (ret)
1507 goto fail_resume;
1508
1509 mdelay(100);
1510
1511 ret = ath9k_htc_resume(htc_handle);
1512
1513 if (ret)
1514 goto fail_resume;
1515
1516 return 0;
1517
1518fail_resume:
1519 ath9k_hif_usb_dealloc_urbs(hif_dev);
1520
1521 return ret;
1522}
1523#endif
1524
1525static struct usb_driver ath9k_hif_usb_driver = {
1526 .name = KBUILD_MODNAME,
1527 .probe = ath9k_hif_usb_probe,
1528 .disconnect = ath9k_hif_usb_disconnect,
1529#ifdef CONFIG_PM
1530 .suspend = ath9k_hif_usb_suspend,
1531 .resume = ath9k_hif_usb_resume,
1532 .reset_resume = ath9k_hif_usb_resume,
1533#endif
1534 .id_table = ath9k_hif_usb_ids,
1535 .soft_unbind = 1,
1536 .disable_hub_initiated_lpm = 1,
1537};
1538
1539int ath9k_hif_usb_init(void)
1540{
1541 return usb_register(&ath9k_hif_usb_driver);
1542}
1543
1544void ath9k_hif_usb_exit(void)
1545{
1546 usb_deregister(&ath9k_hif_usb_driver);
1547}