aboutsummaryrefslogtreecommitdiffstats
path: root/drivers/net/wireless/orinoco/orinoco_usb.c
diff options
context:
space:
mode:
authorDavid Kilroy <kilroyd@googlemail.com>2010-05-01 09:05:41 -0400
committerJohn W. Linville <linville@tuxdriver.com>2010-05-03 14:53:08 -0400
commit9afac70a7305817b22327ac23cf2d0eb72388229 (patch)
treebdd8fe617d4c2fa5b8fd06379f387b5fa1563b65 /drivers/net/wireless/orinoco/orinoco_usb.c
parentbcad6e80f3fb0d6724c3814cf32258bbcf1d67db (diff)
orinoco: add orinoco_usb driver
This driver uses the core orinoco modules for the bulk of the functionality. The low level hermes routines (for local bus cards) are replaced, the driver supplies its own ndo_xmit_start function, and locking is done with the _bh variant. Some recent functionality is not available to the USB cards yet (firmware loading and WPA). Out-of-tree driver originally written by Manuel Estrada Sainz. Thanks to Mark Davis for supplying hardware to test the updates. Signed-off-by: David Kilroy <kilroyd@googlemail.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
Diffstat (limited to 'drivers/net/wireless/orinoco/orinoco_usb.c')
-rw-r--r--drivers/net/wireless/orinoco/orinoco_usb.c1680
1 files changed, 1680 insertions, 0 deletions
diff --git a/drivers/net/wireless/orinoco/orinoco_usb.c b/drivers/net/wireless/orinoco/orinoco_usb.c
new file mode 100644
index 00000000000..ce0069de5c4
--- /dev/null
+++ b/drivers/net/wireless/orinoco/orinoco_usb.c
@@ -0,0 +1,1680 @@
1/*
2 * USB Orinoco driver
3 *
4 * Copyright (c) 2003 Manuel Estrada Sainz
5 *
6 * The contents of this file are subject to the Mozilla Public License
7 * Version 1.1 (the "License"); you may not use this file except in
8 * compliance with the License. You may obtain a copy of the License
9 * at http://www.mozilla.org/MPL/
10 *
11 * Software distributed under the License is distributed on an "AS IS"
12 * basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
13 * the License for the specific language governing rights and
14 * limitations under the License.
15 *
16 * Alternatively, the contents of this file may be used under the
17 * terms of the GNU General Public License version 2 (the "GPL"), in
18 * which case the provisions of the GPL are applicable instead of the
19 * above. If you wish to allow the use of your version of this file
20 * only under the terms of the GPL and not to allow others to use your
21 * version of this file under the MPL, indicate your decision by
22 * deleting the provisions above and replace them with the notice and
23 * other provisions required by the GPL. If you do not delete the
24 * provisions above, a recipient may use your version of this file
25 * under either the MPL or the GPL.
26 *
27 * Queueing code based on linux-wlan-ng 0.2.1-pre5
28 *
29 * Copyright (C) 1999 AbsoluteValue Systems, Inc. All Rights Reserved.
30 *
31 * The license is the same as above.
32 *
33 * Initialy based on USB Skeleton driver - 0.7
34 *
35 * Copyright (c) 2001 Greg Kroah-Hartman (greg@kroah.com)
36 *
37 * This program is free software; you can redistribute it and/or
38 * modify it under the terms of the GNU General Public License as
39 * published by the Free Software Foundation; either version 2 of
40 * the License, or (at your option) any later version.
41 *
42 * NOTE: The original USB Skeleton driver is GPL, but all that code is
43 * gone so MPL/GPL applies.
44 */
45
46#define DRIVER_NAME "orinoco_usb"
47#define PFX DRIVER_NAME ": "
48
49#include <linux/module.h>
50#include <linux/kernel.h>
51#include <linux/sched.h>
52#include <linux/signal.h>
53#include <linux/errno.h>
54#include <linux/poll.h>
55#include <linux/init.h>
56#include <linux/slab.h>
57#include <linux/fcntl.h>
58#include <linux/spinlock.h>
59#include <linux/list.h>
60#include <linux/smp_lock.h>
61#include <linux/usb.h>
62#include <linux/timer.h>
63
64#include <linux/netdevice.h>
65#include <linux/if_arp.h>
66#include <linux/etherdevice.h>
67#include <linux/wireless.h>
68#include <linux/firmware.h>
69
70#include "orinoco.h"
71
72#ifndef URB_ASYNC_UNLINK
73#define URB_ASYNC_UNLINK 0
74#endif
75
76/* 802.2 LLC/SNAP header used for Ethernet encapsulation over 802.11 */
77static const u8 encaps_hdr[] = {0xaa, 0xaa, 0x03, 0x00, 0x00, 0x00};
78#define ENCAPS_OVERHEAD (sizeof(encaps_hdr) + 2)
79
80struct header_struct {
81 /* 802.3 */
82 u8 dest[ETH_ALEN];
83 u8 src[ETH_ALEN];
84 __be16 len;
85 /* 802.2 */
86 u8 dsap;
87 u8 ssap;
88 u8 ctrl;
89 /* SNAP */
90 u8 oui[3];
91 __be16 ethertype;
92} __attribute__ ((packed));
93
94struct ez_usb_fw {
95 u16 size;
96 const u8 *code;
97};
98
99static struct ez_usb_fw firmware = {
100 .size = 0,
101 .code = NULL,
102};
103
104#ifdef CONFIG_USB_DEBUG
105static int debug = 1;
106#else
107static int debug;
108#endif
109
110/* Debugging macros */
111#undef dbg
112#define dbg(format, arg...) \
113 do { if (debug) printk(KERN_DEBUG PFX "%s: " format "\n", \
114 __func__ , ## arg); } while (0)
115#undef err
116#define err(format, arg...) \
117 do { printk(KERN_ERR PFX format "\n", ## arg); } while (0)
118
119/* Module paramaters */
120module_param(debug, int, 0644);
121MODULE_PARM_DESC(debug, "Debug enabled or not");
122
123MODULE_FIRMWARE("orinoco_ezusb_fw");
124
125/*
126 * Under some conditions, the card gets stuck and stops paying attention
127 * to the world (i.e. data communication stalls) until we do something to
128 * it. Sending an INQ_TALLIES command seems to be enough and should be
129 * harmless otherwise. This behaviour has been observed when using the
130 * driver on a systemimager client during installation. In the past a
131 * timer was used to send INQ_TALLIES commands when there was no other
132 * activity, but it was troublesome and was removed.
133 */
134
135#define USB_COMPAQ_VENDOR_ID 0x049f /* Compaq Computer Corp. */
136#define USB_COMPAQ_WL215_ID 0x001f /* Compaq WL215 USB Adapter */
137#define USB_COMPAQ_W200_ID 0x0076 /* Compaq W200 USB Adapter */
138#define USB_HP_WL215_ID 0x0082 /* Compaq WL215 USB Adapter */
139
140#define USB_MELCO_VENDOR_ID 0x0411
141#define USB_BUFFALO_L11_ID 0x0006 /* BUFFALO WLI-USB-L11 */
142#define USB_BUFFALO_L11G_WR_ID 0x000B /* BUFFALO WLI-USB-L11G-WR */
143#define USB_BUFFALO_L11G_ID 0x000D /* BUFFALO WLI-USB-L11G */
144
145#define USB_LUCENT_VENDOR_ID 0x047E /* Lucent Technologies */
146#define USB_LUCENT_ORINOCO_ID 0x0300 /* Lucent/Agere Orinoco USB Client */
147
148#define USB_AVAYA8_VENDOR_ID 0x0D98
149#define USB_AVAYAE_VENDOR_ID 0x0D9E
150#define USB_AVAYA_WIRELESS_ID 0x0300 /* Avaya Wireless USB Card */
151
152#define USB_AGERE_VENDOR_ID 0x0D4E /* Agere Systems */
153#define USB_AGERE_MODEL0801_ID 0x1000 /* Wireless USB Card Model 0801 */
154#define USB_AGERE_MODEL0802_ID 0x1001 /* Wireless USB Card Model 0802 */
155#define USB_AGERE_REBRANDED_ID 0x047A /* WLAN USB Card */
156
157#define USB_ELSA_VENDOR_ID 0x05CC
158#define USB_ELSA_AIRLANCER_ID 0x3100 /* ELSA AirLancer USB-11 */
159
160#define USB_LEGEND_VENDOR_ID 0x0E7C
161#define USB_LEGEND_JOYNET_ID 0x0300 /* Joynet WLAN USB Card */
162
163#define USB_SAMSUNG_VENDOR_ID 0x04E8
164#define USB_SAMSUNG_SEW2001U1_ID 0x5002 /* Samsung SEW-2001u Card */
165#define USB_SAMSUNG_SEW2001U2_ID 0x5B11 /* Samsung SEW-2001u Card */
166#define USB_SAMSUNG_SEW2003U_ID 0x7011 /* Samsung SEW-2003U Card */
167
168#define USB_IGATE_VENDOR_ID 0x0681
169#define USB_IGATE_IGATE_11M_ID 0x0012 /* I-GATE 11M USB Card */
170
171#define USB_FUJITSU_VENDOR_ID 0x0BF8
172#define USB_FUJITSU_E1100_ID 0x1002 /* connect2AIR WLAN E-1100 USB */
173
174#define USB_2WIRE_VENDOR_ID 0x1630
175#define USB_2WIRE_WIRELESS_ID 0xff81 /* 2Wire Wireless USB adapter */
176
177
178#define EZUSB_REQUEST_FW_TRANS 0xA0
179#define EZUSB_REQUEST_TRIGER 0xAA
180#define EZUSB_REQUEST_TRIG_AC 0xAC
181#define EZUSB_CPUCS_REG 0x7F92
182
183#define EZUSB_RID_TX 0x0700
184#define EZUSB_RID_RX 0x0701
185#define EZUSB_RID_INIT1 0x0702
186#define EZUSB_RID_ACK 0x0710
187#define EZUSB_RID_DOCMD 0x0860
188
189/* Recognize info frames */
190#define EZUSB_IS_INFO(id) ((id >= 0xF000) && (id <= 0xF2FF))
191
192#define EZUSB_MAGIC 0x0210
193
194#define EZUSB_FRAME_DATA 1
195#define EZUSB_FRAME_CONTROL 2
196
197#define DEF_TIMEOUT (3*HZ)
198
199#define BULK_BUF_SIZE 2048
200
201#define FW_BUF_SIZE 64
202#define FW_VAR_OFFSET_PTR 0x359
203#define FW_VAR_VALUE 0
204#define FW_HOLE_START 0x100
205#define FW_HOLE_END 0x300
206
207struct ezusb_packet {
208 __le16 magic; /* 0x0210 */
209 u8 req_reply_count;
210 u8 ans_reply_count;
211 __le16 frame_type; /* 0x01 for data frames, 0x02 otherwise */
212 __le16 size; /* transport size */
213 __le16 crc; /* CRC up to here */
214 __le16 hermes_len;
215 __le16 hermes_rid;
216 u8 data[0];
217} __attribute__ ((packed));
218
219/* Table of devices that work or may work with this driver */
220static struct usb_device_id ezusb_table[] = {
221 {USB_DEVICE(USB_COMPAQ_VENDOR_ID, USB_COMPAQ_WL215_ID)},
222 {USB_DEVICE(USB_COMPAQ_VENDOR_ID, USB_HP_WL215_ID)},
223 {USB_DEVICE(USB_COMPAQ_VENDOR_ID, USB_COMPAQ_W200_ID)},
224 {USB_DEVICE(USB_MELCO_VENDOR_ID, USB_BUFFALO_L11_ID)},
225 {USB_DEVICE(USB_MELCO_VENDOR_ID, USB_BUFFALO_L11G_WR_ID)},
226 {USB_DEVICE(USB_MELCO_VENDOR_ID, USB_BUFFALO_L11G_ID)},
227 {USB_DEVICE(USB_LUCENT_VENDOR_ID, USB_LUCENT_ORINOCO_ID)},
228 {USB_DEVICE(USB_AVAYA8_VENDOR_ID, USB_AVAYA_WIRELESS_ID)},
229 {USB_DEVICE(USB_AVAYAE_VENDOR_ID, USB_AVAYA_WIRELESS_ID)},
230 {USB_DEVICE(USB_AGERE_VENDOR_ID, USB_AGERE_MODEL0801_ID)},
231 {USB_DEVICE(USB_AGERE_VENDOR_ID, USB_AGERE_MODEL0802_ID)},
232 {USB_DEVICE(USB_ELSA_VENDOR_ID, USB_ELSA_AIRLANCER_ID)},
233 {USB_DEVICE(USB_LEGEND_VENDOR_ID, USB_LEGEND_JOYNET_ID)},
234 {USB_DEVICE_VER(USB_SAMSUNG_VENDOR_ID, USB_SAMSUNG_SEW2001U1_ID,
235 0, 0)},
236 {USB_DEVICE(USB_SAMSUNG_VENDOR_ID, USB_SAMSUNG_SEW2001U2_ID)},
237 {USB_DEVICE(USB_SAMSUNG_VENDOR_ID, USB_SAMSUNG_SEW2003U_ID)},
238 {USB_DEVICE(USB_IGATE_VENDOR_ID, USB_IGATE_IGATE_11M_ID)},
239 {USB_DEVICE(USB_FUJITSU_VENDOR_ID, USB_FUJITSU_E1100_ID)},
240 {USB_DEVICE(USB_2WIRE_VENDOR_ID, USB_2WIRE_WIRELESS_ID)},
241 {USB_DEVICE(USB_AGERE_VENDOR_ID, USB_AGERE_REBRANDED_ID)},
242 {} /* Terminating entry */
243};
244
245MODULE_DEVICE_TABLE(usb, ezusb_table);
246
247/* Structure to hold all of our device specific stuff */
248struct ezusb_priv {
249 struct usb_device *udev;
250 struct net_device *dev;
251 struct mutex mtx;
252 spinlock_t req_lock;
253 struct list_head req_pending;
254 struct list_head req_active;
255 spinlock_t reply_count_lock;
256 u16 hermes_reg_fake[0x40];
257 u8 *bap_buf;
258 struct urb *read_urb;
259 int read_pipe;
260 int write_pipe;
261 u8 reply_count;
262};
263
264enum ezusb_state {
265 EZUSB_CTX_START,
266 EZUSB_CTX_QUEUED,
267 EZUSB_CTX_REQ_SUBMITTED,
268 EZUSB_CTX_REQ_COMPLETE,
269 EZUSB_CTX_RESP_RECEIVED,
270 EZUSB_CTX_REQ_TIMEOUT,
271 EZUSB_CTX_REQ_FAILED,
272 EZUSB_CTX_RESP_TIMEOUT,
273 EZUSB_CTX_REQSUBMIT_FAIL,
274 EZUSB_CTX_COMPLETE,
275};
276
277struct request_context {
278 struct list_head list;
279 atomic_t refcount;
280 struct completion done; /* Signals that CTX is dead */
281 int killed;
282 struct urb *outurb; /* OUT for req pkt */
283 struct ezusb_priv *upriv;
284 struct ezusb_packet *buf;
285 int buf_length;
286 struct timer_list timer; /* Timeout handling */
287 enum ezusb_state state; /* Current state */
288 /* the RID that we will wait for */
289 u16 out_rid;
290 u16 in_rid;
291};
292
293
294/* Forward declarations */
295static void ezusb_ctx_complete(struct request_context *ctx);
296static void ezusb_req_queue_run(struct ezusb_priv *upriv);
297static void ezusb_bulk_in_callback(struct urb *urb);
298
299static inline u8 ezusb_reply_inc(u8 count)
300{
301 if (count < 0x7F)
302 return count + 1;
303 else
304 return 1;
305}
306
307static void ezusb_request_context_put(struct request_context *ctx)
308{
309 if (!atomic_dec_and_test(&ctx->refcount))
310 return;
311
312 WARN_ON(!ctx->done.done);
313 BUG_ON(ctx->outurb->status == -EINPROGRESS);
314 BUG_ON(timer_pending(&ctx->timer));
315 usb_free_urb(ctx->outurb);
316 kfree(ctx->buf);
317 kfree(ctx);
318}
319
320static inline void ezusb_mod_timer(struct ezusb_priv *upriv,
321 struct timer_list *timer,
322 unsigned long expire)
323{
324 if (!upriv->udev)
325 return;
326 mod_timer(timer, expire);
327}
328
329static void ezusb_request_timerfn(u_long _ctx)
330{
331 struct request_context *ctx = (void *) _ctx;
332
333 ctx->outurb->transfer_flags |= URB_ASYNC_UNLINK;
334 if (usb_unlink_urb(ctx->outurb) == -EINPROGRESS) {
335 ctx->state = EZUSB_CTX_REQ_TIMEOUT;
336 } else {
337 ctx->state = EZUSB_CTX_RESP_TIMEOUT;
338 dbg("couldn't unlink");
339 atomic_inc(&ctx->refcount);
340 ctx->killed = 1;
341 ezusb_ctx_complete(ctx);
342 ezusb_request_context_put(ctx);
343 }
344};
345
346static struct request_context *ezusb_alloc_ctx(struct ezusb_priv *upriv,
347 u16 out_rid, u16 in_rid)
348{
349 struct request_context *ctx;
350
351 ctx = kmalloc(sizeof(*ctx), GFP_ATOMIC);
352 if (!ctx)
353 return NULL;
354
355 memset(ctx, 0, sizeof(*ctx));
356
357 ctx->buf = kmalloc(BULK_BUF_SIZE, GFP_ATOMIC);
358 if (!ctx->buf) {
359 kfree(ctx);
360 return NULL;
361 }
362 ctx->outurb = usb_alloc_urb(0, GFP_ATOMIC);
363 if (!ctx->outurb) {
364 kfree(ctx->buf);
365 kfree(ctx);
366 return NULL;
367 }
368
369 ctx->upriv = upriv;
370 ctx->state = EZUSB_CTX_START;
371 ctx->out_rid = out_rid;
372 ctx->in_rid = in_rid;
373
374 atomic_set(&ctx->refcount, 1);
375 init_completion(&ctx->done);
376
377 init_timer(&ctx->timer);
378 ctx->timer.function = ezusb_request_timerfn;
379 ctx->timer.data = (u_long) ctx;
380 return ctx;
381}
382
383
384/* Hopefully the real complete_all will soon be exported, in the mean
385 * while this should work. */
386static inline void ezusb_complete_all(struct completion *comp)
387{
388 complete(comp);
389 complete(comp);
390 complete(comp);
391 complete(comp);
392}
393
394static void ezusb_ctx_complete(struct request_context *ctx)
395{
396 struct ezusb_priv *upriv = ctx->upriv;
397 unsigned long flags;
398
399 spin_lock_irqsave(&upriv->req_lock, flags);
400
401 list_del_init(&ctx->list);
402 if (upriv->udev) {
403 spin_unlock_irqrestore(&upriv->req_lock, flags);
404 ezusb_req_queue_run(upriv);
405 spin_lock_irqsave(&upriv->req_lock, flags);
406 }
407
408 switch (ctx->state) {
409 case EZUSB_CTX_COMPLETE:
410 case EZUSB_CTX_REQSUBMIT_FAIL:
411 case EZUSB_CTX_REQ_FAILED:
412 case EZUSB_CTX_REQ_TIMEOUT:
413 case EZUSB_CTX_RESP_TIMEOUT:
414 spin_unlock_irqrestore(&upriv->req_lock, flags);
415
416 if ((ctx->out_rid == EZUSB_RID_TX) && upriv->dev) {
417 struct net_device *dev = upriv->dev;
418 struct orinoco_private *priv = ndev_priv(dev);
419 struct net_device_stats *stats = &priv->stats;
420
421 if (ctx->state != EZUSB_CTX_COMPLETE)
422 stats->tx_errors++;
423 else
424 stats->tx_packets++;
425
426 netif_wake_queue(dev);
427 }
428 ezusb_complete_all(&ctx->done);
429 ezusb_request_context_put(ctx);
430 break;
431
432 default:
433 spin_unlock_irqrestore(&upriv->req_lock, flags);
434 if (!upriv->udev) {
435 /* This is normal, as all request contexts get flushed
436 * when the device is disconnected */
437 err("Called, CTX not terminating, but device gone");
438 ezusb_complete_all(&ctx->done);
439 ezusb_request_context_put(ctx);
440 break;
441 }
442
443 err("Called, CTX not in terminating state.");
444 /* Things are really bad if this happens. Just leak
445 * the CTX because it may still be linked to the
446 * queue or the OUT urb may still be active.
447 * Just leaking at least prevents an Oops or Panic.
448 */
449 break;
450 }
451}
452
453/**
454 * ezusb_req_queue_run:
455 * Description:
456 * Note: Only one active CTX at any one time, because there's no
457 * other (reliable) way to match the response URB to the correct
458 * CTX.
459 **/
460static void ezusb_req_queue_run(struct ezusb_priv *upriv)
461{
462 unsigned long flags;
463 struct request_context *ctx;
464 int result;
465
466 spin_lock_irqsave(&upriv->req_lock, flags);
467
468 if (!list_empty(&upriv->req_active))
469 goto unlock;
470
471 if (list_empty(&upriv->req_pending))
472 goto unlock;
473
474 ctx =
475 list_entry(upriv->req_pending.next, struct request_context,
476 list);
477
478 if (!ctx->upriv->udev)
479 goto unlock;
480
481 /* We need to split this off to avoid a race condition */
482 list_move_tail(&ctx->list, &upriv->req_active);
483
484 if (ctx->state == EZUSB_CTX_QUEUED) {
485 atomic_inc(&ctx->refcount);
486 result = usb_submit_urb(ctx->outurb, GFP_ATOMIC);
487 if (result) {
488 ctx->state = EZUSB_CTX_REQSUBMIT_FAIL;
489
490 spin_unlock_irqrestore(&upriv->req_lock, flags);
491
492 err("Fatal, failed to submit command urb."
493 " error=%d\n", result);
494
495 ezusb_ctx_complete(ctx);
496 ezusb_request_context_put(ctx);
497 goto done;
498 }
499
500 ctx->state = EZUSB_CTX_REQ_SUBMITTED;
501 ezusb_mod_timer(ctx->upriv, &ctx->timer,
502 jiffies + DEF_TIMEOUT);
503 }
504
505 unlock:
506 spin_unlock_irqrestore(&upriv->req_lock, flags);
507
508 done:
509 return;
510}
511
512static void ezusb_req_enqueue_run(struct ezusb_priv *upriv,
513 struct request_context *ctx)
514{
515 unsigned long flags;
516
517 spin_lock_irqsave(&upriv->req_lock, flags);
518
519 if (!ctx->upriv->udev) {
520 spin_unlock_irqrestore(&upriv->req_lock, flags);
521 goto done;
522 }
523 atomic_inc(&ctx->refcount);
524 list_add_tail(&ctx->list, &upriv->req_pending);
525 spin_unlock_irqrestore(&upriv->req_lock, flags);
526
527 ctx->state = EZUSB_CTX_QUEUED;
528 ezusb_req_queue_run(upriv);
529
530 done:
531 return;
532}
533
534static void ezusb_request_out_callback(struct urb *urb)
535{
536 unsigned long flags;
537 enum ezusb_state state;
538 struct request_context *ctx = urb->context;
539 struct ezusb_priv *upriv = ctx->upriv;
540
541 spin_lock_irqsave(&upriv->req_lock, flags);
542
543 del_timer(&ctx->timer);
544
545 if (ctx->killed) {
546 spin_unlock_irqrestore(&upriv->req_lock, flags);
547 pr_warning("interrupt called with dead ctx");
548 goto out;
549 }
550
551 state = ctx->state;
552
553 if (urb->status == 0) {
554 switch (state) {
555 case EZUSB_CTX_REQ_SUBMITTED:
556 if (ctx->in_rid) {
557 ctx->state = EZUSB_CTX_REQ_COMPLETE;
558 /* reply URB still pending */
559 ezusb_mod_timer(upriv, &ctx->timer,
560 jiffies + DEF_TIMEOUT);
561 spin_unlock_irqrestore(&upriv->req_lock,
562 flags);
563 break;
564 }
565 /* fall through */
566 case EZUSB_CTX_RESP_RECEIVED:
567 /* IN already received before this OUT-ACK */
568 ctx->state = EZUSB_CTX_COMPLETE;
569 spin_unlock_irqrestore(&upriv->req_lock, flags);
570 ezusb_ctx_complete(ctx);
571 break;
572
573 default:
574 spin_unlock_irqrestore(&upriv->req_lock, flags);
575 err("Unexpected state(0x%x, %d) in OUT URB",
576 state, urb->status);
577 break;
578 }
579 } else {
580 /* If someone cancels the OUT URB then its status
581 * should be either -ECONNRESET or -ENOENT.
582 */
583 switch (state) {
584 case EZUSB_CTX_REQ_SUBMITTED:
585 case EZUSB_CTX_RESP_RECEIVED:
586 ctx->state = EZUSB_CTX_REQ_FAILED;
587 /* fall through */
588
589 case EZUSB_CTX_REQ_FAILED:
590 case EZUSB_CTX_REQ_TIMEOUT:
591 spin_unlock_irqrestore(&upriv->req_lock, flags);
592
593 ezusb_ctx_complete(ctx);
594 break;
595
596 default:
597 spin_unlock_irqrestore(&upriv->req_lock, flags);
598
599 err("Unexpected state(0x%x, %d) in OUT URB",
600 state, urb->status);
601 break;
602 }
603 }
604 out:
605 ezusb_request_context_put(ctx);
606}
607
608static void ezusb_request_in_callback(struct ezusb_priv *upriv,
609 struct urb *urb)
610{
611 struct ezusb_packet *ans = urb->transfer_buffer;
612 struct request_context *ctx = NULL;
613 enum ezusb_state state;
614 unsigned long flags;
615
616 /* Find the CTX on the active queue that requested this URB */
617 spin_lock_irqsave(&upriv->req_lock, flags);
618 if (upriv->udev) {
619 struct list_head *item;
620
621 list_for_each(item, &upriv->req_active) {
622 struct request_context *c;
623 int reply_count;
624
625 c = list_entry(item, struct request_context, list);
626 reply_count =
627 ezusb_reply_inc(c->buf->req_reply_count);
628 if ((ans->ans_reply_count == reply_count)
629 && (le16_to_cpu(ans->hermes_rid) == c->in_rid)) {
630 ctx = c;
631 break;
632 }
633 dbg("Skipped (0x%x/0x%x) (%d/%d)",
634 le16_to_cpu(ans->hermes_rid),
635 c->in_rid, ans->ans_reply_count, reply_count);
636 }
637 }
638
639 if (ctx == NULL) {
640 spin_unlock_irqrestore(&upriv->req_lock, flags);
641 err("%s: got unexpected RID: 0x%04X", __func__,
642 le16_to_cpu(ans->hermes_rid));
643 ezusb_req_queue_run(upriv);
644 return;
645 }
646
647 /* The data we want is in the in buffer, exchange */
648 urb->transfer_buffer = ctx->buf;
649 ctx->buf = (void *) ans;
650 ctx->buf_length = urb->actual_length;
651
652 state = ctx->state;
653 switch (state) {
654 case EZUSB_CTX_REQ_SUBMITTED:
655 /* We have received our response URB before
656 * our request has been acknowledged. Do NOT
657 * destroy our CTX yet, because our OUT URB
658 * is still alive ...
659 */
660 ctx->state = EZUSB_CTX_RESP_RECEIVED;
661 spin_unlock_irqrestore(&upriv->req_lock, flags);
662
663 /* Let the machine continue running. */
664 break;
665
666 case EZUSB_CTX_REQ_COMPLETE:
667 /* This is the usual path: our request
668 * has already been acknowledged, and
669 * we have now received the reply.
670 */
671 ctx->state = EZUSB_CTX_COMPLETE;
672
673 /* Stop the intimer */
674 del_timer(&ctx->timer);
675 spin_unlock_irqrestore(&upriv->req_lock, flags);
676
677 /* Call the completion handler */
678 ezusb_ctx_complete(ctx);
679 break;
680
681 default:
682 spin_unlock_irqrestore(&upriv->req_lock, flags);
683
684 pr_warning("Matched IN URB, unexpected context state(0x%x)",
685 state);
686 /* Throw this CTX away and try submitting another */
687 del_timer(&ctx->timer);
688 ctx->outurb->transfer_flags |= URB_ASYNC_UNLINK;
689 usb_unlink_urb(ctx->outurb);
690 ezusb_req_queue_run(upriv);
691 break;
692 } /* switch */
693}
694
695
696static void ezusb_req_ctx_wait(struct ezusb_priv *upriv,
697 struct request_context *ctx)
698{
699 switch (ctx->state) {
700 case EZUSB_CTX_QUEUED:
701 case EZUSB_CTX_REQ_SUBMITTED:
702 case EZUSB_CTX_REQ_COMPLETE:
703 case EZUSB_CTX_RESP_RECEIVED:
704 if (in_atomic()) {
705 /* If we get called from a timer, timeout timers don't
706 * get the chance to run themselves. So we make sure
707 * that we don't sleep for ever */
708 int msecs = DEF_TIMEOUT * (1000 / HZ);
709 while (!ctx->done.done && msecs--)
710 udelay(1000);
711 } else {
712 wait_event_interruptible(ctx->done.wait,
713 ctx->done.done);
714 }
715 break;
716 default:
717 /* Done or failed - nothing to wait for */
718 break;
719 }
720}
721
722static inline u16 build_crc(struct ezusb_packet *data)
723{
724 u16 crc = 0;
725 u8 *bytes = (u8 *)data;
726 int i;
727
728 for (i = 0; i < 8; i++)
729 crc = (crc << 1) + bytes[i];
730
731 return crc;
732}
733
734/**
735 * ezusb_fill_req:
736 *
737 * if data == NULL and length > 0 the data is assumed to be already in
738 * the target buffer and only the header is filled.
739 *
740 */
741static int ezusb_fill_req(struct ezusb_packet *req, u16 length, u16 rid,
742 const void *data, u16 frame_type, u8 reply_count)
743{
744 int total_size = sizeof(*req) + length;
745
746 BUG_ON(total_size > BULK_BUF_SIZE);
747
748 req->magic = cpu_to_le16(EZUSB_MAGIC);
749 req->req_reply_count = reply_count;
750 req->ans_reply_count = 0;
751 req->frame_type = cpu_to_le16(frame_type);
752 req->size = cpu_to_le16(length + 4);
753 req->crc = cpu_to_le16(build_crc(req));
754 req->hermes_len = cpu_to_le16(HERMES_BYTES_TO_RECLEN(length));
755 req->hermes_rid = cpu_to_le16(rid);
756 if (data)
757 memcpy(req->data, data, length);
758 return total_size;
759}
760
761static int ezusb_submit_in_urb(struct ezusb_priv *upriv)
762{
763 int retval = 0;
764 void *cur_buf = upriv->read_urb->transfer_buffer;
765
766 if (upriv->read_urb->status == -EINPROGRESS) {
767 dbg("urb busy, not resubmiting");
768 retval = -EBUSY;
769 goto exit;
770 }
771 usb_fill_bulk_urb(upriv->read_urb, upriv->udev, upriv->read_pipe,
772 cur_buf, BULK_BUF_SIZE,
773 ezusb_bulk_in_callback, upriv);
774 upriv->read_urb->transfer_flags = 0;
775 retval = usb_submit_urb(upriv->read_urb, GFP_ATOMIC);
776 if (retval)
777 err("%s submit failed %d", __func__, retval);
778
779 exit:
780 return retval;
781}
782
783static inline int ezusb_8051_cpucs(struct ezusb_priv *upriv, int reset)
784{
785 u8 res_val = reset; /* avoid argument promotion */
786
787 if (!upriv->udev) {
788 err("%s: !upriv->udev", __func__);
789 return -EFAULT;
790 }
791 return usb_control_msg(upriv->udev,
792 usb_sndctrlpipe(upriv->udev, 0),
793 EZUSB_REQUEST_FW_TRANS,
794 USB_TYPE_VENDOR | USB_RECIP_DEVICE |
795 USB_DIR_OUT, EZUSB_CPUCS_REG, 0, &res_val,
796 sizeof(res_val), DEF_TIMEOUT);
797}
798
799static int ezusb_firmware_download(struct ezusb_priv *upriv,
800 struct ez_usb_fw *fw)
801{
802 u8 fw_buffer[FW_BUF_SIZE];
803 int retval, addr;
804 int variant_offset;
805
806 /*
807 * This byte is 1 and should be replaced with 0. The offset is
808 * 0x10AD in version 0.0.6. The byte in question should follow
809 * the end of the code pointed to by the jump in the beginning
810 * of the firmware. Also, it is read by code located at 0x358.
811 */
812 variant_offset = be16_to_cpup((__be16 *) &fw->code[FW_VAR_OFFSET_PTR]);
813 if (variant_offset >= fw->size) {
814 printk(KERN_ERR PFX "Invalid firmware variant offset: "
815 "0x%04x\n", variant_offset);
816 retval = -EINVAL;
817 goto fail;
818 }
819
820 retval = ezusb_8051_cpucs(upriv, 1);
821 if (retval < 0)
822 goto fail;
823 for (addr = 0; addr < fw->size; addr += FW_BUF_SIZE) {
824 /* 0x100-0x300 should be left alone, it contains card
825 * specific data, like USB enumeration information */
826 if ((addr >= FW_HOLE_START) && (addr < FW_HOLE_END))
827 continue;
828
829 memcpy(fw_buffer, &fw->code[addr], FW_BUF_SIZE);
830 if (variant_offset >= addr &&
831 variant_offset < addr + FW_BUF_SIZE) {
832 dbg("Patching card_variant byte at 0x%04X",
833 variant_offset);
834 fw_buffer[variant_offset - addr] = FW_VAR_VALUE;
835 }
836 retval = usb_control_msg(upriv->udev,
837 usb_sndctrlpipe(upriv->udev, 0),
838 EZUSB_REQUEST_FW_TRANS,
839 USB_TYPE_VENDOR | USB_RECIP_DEVICE
840 | USB_DIR_OUT,
841 addr, 0x0,
842 fw_buffer, FW_BUF_SIZE,
843 DEF_TIMEOUT);
844
845 if (retval < 0)
846 goto fail;
847 }
848 retval = ezusb_8051_cpucs(upriv, 0);
849 if (retval < 0)
850 goto fail;
851
852 goto exit;
853 fail:
854 printk(KERN_ERR PFX "Firmware download failed, error %d\n",
855 retval);
856 exit:
857 return retval;
858}
859
860static int ezusb_access_ltv(struct ezusb_priv *upriv,
861 struct request_context *ctx,
862 u16 length, const void *data, u16 frame_type,
863 void *ans_buff, int ans_size, u16 *ans_length)
864{
865 int req_size;
866 int retval = 0;
867 enum ezusb_state state;
868
869 BUG_ON(in_irq());
870
871 if (!upriv->udev) {
872 dbg("Device disconnected");
873 return -ENODEV;
874 }
875
876 if (upriv->read_urb->status != -EINPROGRESS)
877 err("%s: in urb not pending", __func__);
878
879 /* protect upriv->reply_count, guarantee sequential numbers */
880 spin_lock_bh(&upriv->reply_count_lock);
881 req_size = ezusb_fill_req(ctx->buf, length, ctx->out_rid, data,
882 frame_type, upriv->reply_count);
883 usb_fill_bulk_urb(ctx->outurb, upriv->udev, upriv->write_pipe,
884 ctx->buf, req_size,
885 ezusb_request_out_callback, ctx);
886
887 if (ctx->in_rid)
888 upriv->reply_count = ezusb_reply_inc(upriv->reply_count);
889
890 ezusb_req_enqueue_run(upriv, ctx);
891
892 spin_unlock_bh(&upriv->reply_count_lock);
893
894 if (ctx->in_rid)
895 ezusb_req_ctx_wait(upriv, ctx);
896
897 state = ctx->state;
898 switch (state) {
899 case EZUSB_CTX_COMPLETE:
900 retval = ctx->outurb->status;
901 break;
902
903 case EZUSB_CTX_QUEUED:
904 case EZUSB_CTX_REQ_SUBMITTED:
905 if (!ctx->in_rid)
906 break;
907 default:
908 err("%s: Unexpected context state %d", __func__,
909 state);
910 /* fall though */
911 case EZUSB_CTX_REQ_TIMEOUT:
912 case EZUSB_CTX_REQ_FAILED:
913 case EZUSB_CTX_RESP_TIMEOUT:
914 case EZUSB_CTX_REQSUBMIT_FAIL:
915 printk(KERN_ERR PFX "Access failed, resetting (state %d,"
916 " reply_count %d)\n", state, upriv->reply_count);
917 upriv->reply_count = 0;
918 if (state == EZUSB_CTX_REQ_TIMEOUT
919 || state == EZUSB_CTX_RESP_TIMEOUT) {
920 printk(KERN_ERR PFX "ctx timed out\n");
921 retval = -ETIMEDOUT;
922 } else {
923 printk(KERN_ERR PFX "ctx failed\n");
924 retval = -EFAULT;
925 }
926 goto exit;
927 break;
928 }
929 if (ctx->in_rid) {
930 struct ezusb_packet *ans = ctx->buf;
931 int exp_len;
932
933 if (ans->hermes_len != 0)
934 exp_len = le16_to_cpu(ans->hermes_len) * 2 + 12;
935 else
936 exp_len = 14;
937
938 if (exp_len != ctx->buf_length) {
939 err("%s: length mismatch for RID 0x%04x: "
940 "expected %d, got %d", __func__,
941 ctx->in_rid, exp_len, ctx->buf_length);
942 retval = -EIO;
943 goto exit;
944 }
945
946 if (ans_buff)
947 memcpy(ans_buff, ans->data,
948 min_t(int, exp_len, ans_size));
949 if (ans_length)
950 *ans_length = le16_to_cpu(ans->hermes_len);
951 }
952 exit:
953 ezusb_request_context_put(ctx);
954 return retval;
955}
956
957static int ezusb_write_ltv(hermes_t *hw, int bap, u16 rid,
958 u16 length, const void *data)
959{
960 struct ezusb_priv *upriv = hw->priv;
961 u16 frame_type;
962 struct request_context *ctx;
963
964 if (length == 0)
965 return -EINVAL;
966
967 length = HERMES_RECLEN_TO_BYTES(length);
968
969 /* On memory mapped devices HERMES_RID_CNFGROUPADDRESSES can be
970 * set to be empty, but the USB bridge doesn't like it */
971 if (length == 0)
972 return 0;
973
974 ctx = ezusb_alloc_ctx(upriv, rid, EZUSB_RID_ACK);
975 if (!ctx)
976 return -ENOMEM;
977
978 if (rid == EZUSB_RID_TX)
979 frame_type = EZUSB_FRAME_DATA;
980 else
981 frame_type = EZUSB_FRAME_CONTROL;
982
983 return ezusb_access_ltv(upriv, ctx, length, data, frame_type,
984 NULL, 0, NULL);
985}
986
987static int ezusb_read_ltv(hermes_t *hw, int bap, u16 rid,
988 unsigned bufsize, u16 *length, void *buf)
989{
990 struct ezusb_priv *upriv = hw->priv;
991 struct request_context *ctx;
992
993 if ((bufsize < 0) || (bufsize % 2))
994 return -EINVAL;
995
996 ctx = ezusb_alloc_ctx(upriv, rid, rid);
997 if (!ctx)
998 return -ENOMEM;
999
1000 return ezusb_access_ltv(upriv, ctx, 0, NULL, EZUSB_FRAME_CONTROL,
1001 buf, bufsize, length);
1002}
1003
1004static int ezusb_doicmd_wait(hermes_t *hw, u16 cmd, u16 parm0, u16 parm1,
1005 u16 parm2, struct hermes_response *resp)
1006{
1007 struct ezusb_priv *upriv = hw->priv;
1008 struct request_context *ctx;
1009
1010 __le16 data[4] = {
1011 cpu_to_le16(cmd),
1012 cpu_to_le16(parm0),
1013 cpu_to_le16(parm1),
1014 cpu_to_le16(parm2),
1015 };
1016 dbg("0x%04X, parm0 0x%04X, parm1 0x%04X, parm2 0x%04X",
1017 cmd, parm0, parm1, parm2);
1018 ctx = ezusb_alloc_ctx(upriv, EZUSB_RID_DOCMD, EZUSB_RID_ACK);
1019 if (!ctx)
1020 return -ENOMEM;
1021
1022 return ezusb_access_ltv(upriv, ctx, sizeof(data), &data,
1023 EZUSB_FRAME_CONTROL, NULL, 0, NULL);
1024}
1025
1026static int ezusb_docmd_wait(hermes_t *hw, u16 cmd, u16 parm0,
1027 struct hermes_response *resp)
1028{
1029 struct ezusb_priv *upriv = hw->priv;
1030 struct request_context *ctx;
1031
1032 __le16 data[4] = {
1033 cpu_to_le16(cmd),
1034 cpu_to_le16(parm0),
1035 0,
1036 0,
1037 };
1038 dbg("0x%04X, parm0 0x%04X", cmd, parm0);
1039 ctx = ezusb_alloc_ctx(upriv, EZUSB_RID_DOCMD, EZUSB_RID_ACK);
1040 if (!ctx)
1041 return -ENOMEM;
1042
1043 return ezusb_access_ltv(upriv, ctx, sizeof(data), &data,
1044 EZUSB_FRAME_CONTROL, NULL, 0, NULL);
1045}
1046
1047static int ezusb_bap_pread(struct hermes *hw, int bap,
1048 void *buf, int len, u16 id, u16 offset)
1049{
1050 struct ezusb_priv *upriv = hw->priv;
1051 struct ezusb_packet *ans = (void *) upriv->read_urb->transfer_buffer;
1052 int actual_length = upriv->read_urb->actual_length;
1053
1054 if (id == EZUSB_RID_RX) {
1055 if ((sizeof(*ans) + offset + len) > actual_length) {
1056 printk(KERN_ERR PFX "BAP read beyond buffer end "
1057 "in rx frame\n");
1058 return -EINVAL;
1059 }
1060 memcpy(buf, ans->data + offset, len);
1061 return 0;
1062 }
1063
1064 if (EZUSB_IS_INFO(id)) {
1065 /* Include 4 bytes for length/type */
1066 if ((sizeof(*ans) + offset + len - 4) > actual_length) {
1067 printk(KERN_ERR PFX "BAP read beyond buffer end "
1068 "in info frame\n");
1069 return -EFAULT;
1070 }
1071 memcpy(buf, ans->data + offset - 4, len);
1072 } else {
1073 printk(KERN_ERR PFX "Unexpected fid 0x%04x\n", id);
1074 return -EINVAL;
1075 }
1076
1077 return 0;
1078}
1079
1080static netdev_tx_t ezusb_xmit(struct sk_buff *skb, struct net_device *dev)
1081{
1082 struct orinoco_private *priv = ndev_priv(dev);
1083 struct net_device_stats *stats = &priv->stats;
1084 struct ezusb_priv *upriv = priv->card;
1085 int err = 0;
1086 char *p;
1087 struct ethhdr *eh;
1088 int len, data_len, data_off;
1089 __le16 tx_control;
1090 unsigned long flags;
1091 struct request_context *ctx;
1092 u8 *buf;
1093 int tx_size;
1094
1095 if (!netif_running(dev)) {
1096 printk(KERN_ERR "%s: Tx on stopped device!\n",
1097 dev->name);
1098 return NETDEV_TX_BUSY;
1099 }
1100
1101 if (netif_queue_stopped(dev)) {
1102 printk(KERN_DEBUG "%s: Tx while transmitter busy!\n",
1103 dev->name);
1104 return NETDEV_TX_BUSY;
1105 }
1106
1107 if (orinoco_lock(priv, &flags) != 0) {
1108 printk(KERN_ERR
1109 "%s: orinoco_xmit() called while hw_unavailable\n",
1110 dev->name);
1111 return NETDEV_TX_BUSY;
1112 }
1113
1114 if (!netif_carrier_ok(dev) ||
1115 (priv->iw_mode == NL80211_IFTYPE_MONITOR)) {
1116 /* Oops, the firmware hasn't established a connection,
1117 silently drop the packet (this seems to be the
1118 safest approach). */
1119 stats->tx_errors++;
1120 orinoco_unlock(priv, &flags);
1121 dev_kfree_skb(skb);
1122 return NETDEV_TX_OK;
1123 }
1124
1125 ctx = ezusb_alloc_ctx(upriv, EZUSB_RID_TX, 0);
1126 if (!ctx)
1127 goto fail;
1128
1129 memset(ctx->buf, 0, BULK_BUF_SIZE);
1130 buf = ctx->buf->data;
1131
1132 /* Length of the packet body */
1133 /* FIXME: what if the skb is smaller than this? */
1134 len = max_t(int, skb->len - ETH_HLEN, ETH_ZLEN - ETH_HLEN);
1135
1136 eh = (struct ethhdr *) skb->data;
1137
1138 tx_control = cpu_to_le16(0);
1139 memcpy(buf, &tx_control, sizeof(tx_control));
1140 buf += sizeof(tx_control);
1141 /* Encapsulate Ethernet-II frames */
1142 if (ntohs(eh->h_proto) > ETH_DATA_LEN) { /* Ethernet-II frame */
1143 struct header_struct *hdr = (void *) buf;
1144 buf += sizeof(*hdr);
1145 data_len = len;
1146 data_off = sizeof(tx_control) + sizeof(*hdr);
1147 p = skb->data + ETH_HLEN;
1148
1149 /* 802.3 header */
1150 memcpy(hdr->dest, eh->h_dest, ETH_ALEN);
1151 memcpy(hdr->src, eh->h_source, ETH_ALEN);
1152 hdr->len = htons(data_len + ENCAPS_OVERHEAD);
1153
1154 /* 802.2 header */
1155 memcpy(&hdr->dsap, &encaps_hdr, sizeof(encaps_hdr));
1156
1157 hdr->ethertype = eh->h_proto;
1158 } else { /* IEEE 802.3 frame */
1159 data_len = len + ETH_HLEN;
1160 data_off = sizeof(tx_control);
1161 p = skb->data;
1162 }
1163
1164 memcpy(buf, p, data_len);
1165 buf += data_len;
1166
1167 /* Finally, we actually initiate the send */
1168 netif_stop_queue(dev);
1169
1170 /* The card may behave better if we send evenly sized usb transfers */
1171 tx_size = ALIGN(buf - ctx->buf->data, 2);
1172
1173 err = ezusb_access_ltv(upriv, ctx, tx_size, NULL,
1174 EZUSB_FRAME_DATA, NULL, 0, NULL);
1175
1176 if (err) {
1177 netif_start_queue(dev);
1178 if (net_ratelimit())
1179 printk(KERN_ERR "%s: Error %d transmitting packet\n",
1180 dev->name, err);
1181 stats->tx_errors++;
1182 goto fail;
1183 }
1184
1185 dev->trans_start = jiffies;
1186 stats->tx_bytes += data_off + data_len;
1187
1188 orinoco_unlock(priv, &flags);
1189
1190 dev_kfree_skb(skb);
1191
1192 return NETDEV_TX_OK;
1193
1194 fail:
1195 orinoco_unlock(priv, &flags);
1196 return NETDEV_TX_BUSY;
1197}
1198
1199static int ezusb_allocate(struct hermes *hw, u16 size, u16 *fid)
1200{
1201 *fid = EZUSB_RID_TX;
1202 return 0;
1203}
1204
1205
1206static int ezusb_hard_reset(struct orinoco_private *priv)
1207{
1208 struct ezusb_priv *upriv = priv->card;
1209 int retval = ezusb_8051_cpucs(upriv, 1);
1210
1211 if (retval < 0) {
1212 err("Failed to reset");
1213 return retval;
1214 }
1215
1216 retval = ezusb_8051_cpucs(upriv, 0);
1217 if (retval < 0) {
1218 err("Failed to unreset");
1219 return retval;
1220 }
1221
1222 dbg("sending control message");
1223 retval = usb_control_msg(upriv->udev,
1224 usb_sndctrlpipe(upriv->udev, 0),
1225 EZUSB_REQUEST_TRIGER,
1226 USB_TYPE_VENDOR | USB_RECIP_DEVICE |
1227 USB_DIR_OUT, 0x0, 0x0, NULL, 0,
1228 DEF_TIMEOUT);
1229 if (retval < 0) {
1230 err("EZUSB_REQUEST_TRIGER failed retval %d", retval);
1231 return retval;
1232 }
1233#if 0
1234 dbg("Sending EZUSB_REQUEST_TRIG_AC");
1235 retval = usb_control_msg(upriv->udev,
1236 usb_sndctrlpipe(upriv->udev, 0),
1237 EZUSB_REQUEST_TRIG_AC,
1238 USB_TYPE_VENDOR | USB_RECIP_DEVICE |
1239 USB_DIR_OUT, 0x00FA, 0x0, NULL, 0,
1240 DEF_TIMEOUT);
1241 if (retval < 0) {
1242 err("EZUSB_REQUEST_TRIG_AC failed retval %d", retval);
1243 return retval;
1244 }
1245#endif
1246
1247 return 0;
1248}
1249
1250
1251static int ezusb_init(hermes_t *hw)
1252{
1253 struct ezusb_priv *upriv = hw->priv;
1254 int retval;
1255
1256 BUG_ON(in_interrupt());
1257 BUG_ON(!upriv);
1258
1259 upriv->reply_count = 0;
1260 /* Write the MAGIC number on the simulated registers to keep
1261 * orinoco.c happy */
1262 hermes_write_regn(hw, SWSUPPORT0, HERMES_MAGIC);
1263 hermes_write_regn(hw, RXFID, EZUSB_RID_RX);
1264
1265 usb_kill_urb(upriv->read_urb);
1266 ezusb_submit_in_urb(upriv);
1267
1268 retval = ezusb_write_ltv(hw, 0, EZUSB_RID_INIT1,
1269 HERMES_BYTES_TO_RECLEN(2), "\x10\x00");
1270 if (retval < 0) {
1271 printk(KERN_ERR PFX "EZUSB_RID_INIT1 error %d\n", retval);
1272 return retval;
1273 }
1274
1275 retval = ezusb_docmd_wait(hw, HERMES_CMD_INIT, 0, NULL);
1276 if (retval < 0) {
1277 printk(KERN_ERR PFX "HERMES_CMD_INIT error %d\n", retval);
1278 return retval;
1279 }
1280
1281 return 0;
1282}
1283
1284static void ezusb_bulk_in_callback(struct urb *urb)
1285{
1286 struct ezusb_priv *upriv = (struct ezusb_priv *) urb->context;
1287 struct ezusb_packet *ans = urb->transfer_buffer;
1288 u16 crc;
1289 u16 hermes_rid;
1290
1291 if (upriv->udev == NULL) {
1292 dbg("disconnected");
1293 return;
1294 }
1295
1296 if (urb->status == -ETIMEDOUT) {
1297 /* When a device gets unplugged we get this every time
1298 * we resubmit, flooding the logs. Since we don't use
1299 * USB timeouts, it shouldn't happen any other time*/
1300 pr_warning("%s: urb timed out, not resubmiting", __func__);
1301 return;
1302 }
1303 if (urb->status == -ECONNABORTED) {
1304 pr_warning("%s: connection abort, resubmiting urb",
1305 __func__);
1306 goto resubmit;
1307 }
1308 if ((urb->status == -EILSEQ)
1309 || (urb->status == -ENOENT)
1310 || (urb->status == -ECONNRESET)) {
1311 dbg("status %d, not resubmiting", urb->status);
1312 return;
1313 }
1314 if (urb->status)
1315 dbg("status: %d length: %d",
1316 urb->status, urb->actual_length);
1317 if (urb->actual_length < sizeof(*ans)) {
1318 err("%s: short read, ignoring", __func__);
1319 goto resubmit;
1320 }
1321 crc = build_crc(ans);
1322 if (le16_to_cpu(ans->crc) != crc) {
1323 err("CRC error, ignoring packet");
1324 goto resubmit;
1325 }
1326
1327 hermes_rid = le16_to_cpu(ans->hermes_rid);
1328 if ((hermes_rid != EZUSB_RID_RX) && !EZUSB_IS_INFO(hermes_rid)) {
1329 ezusb_request_in_callback(upriv, urb);
1330 } else if (upriv->dev) {
1331 struct net_device *dev = upriv->dev;
1332 struct orinoco_private *priv = ndev_priv(dev);
1333 hermes_t *hw = &priv->hw;
1334
1335 if (hermes_rid == EZUSB_RID_RX) {
1336 __orinoco_ev_rx(dev, hw);
1337 } else {
1338 hermes_write_regn(hw, INFOFID,
1339 le16_to_cpu(ans->hermes_rid));
1340 __orinoco_ev_info(dev, hw);
1341 }
1342 }
1343
1344 resubmit:
1345 if (upriv->udev)
1346 ezusb_submit_in_urb(upriv);
1347}
1348
1349static inline void ezusb_delete(struct ezusb_priv *upriv)
1350{
1351 struct net_device *dev;
1352 struct list_head *item;
1353 struct list_head *tmp_item;
1354 unsigned long flags;
1355
1356 BUG_ON(in_interrupt());
1357 BUG_ON(!upriv);
1358
1359 dev = upriv->dev;
1360 mutex_lock(&upriv->mtx);
1361
1362 upriv->udev = NULL; /* No timer will be rearmed from here */
1363
1364 usb_kill_urb(upriv->read_urb);
1365
1366 spin_lock_irqsave(&upriv->req_lock, flags);
1367 list_for_each_safe(item, tmp_item, &upriv->req_active) {
1368 struct request_context *ctx;
1369 int err;
1370
1371 ctx = list_entry(item, struct request_context, list);
1372 atomic_inc(&ctx->refcount);
1373
1374 ctx->outurb->transfer_flags |= URB_ASYNC_UNLINK;
1375 err = usb_unlink_urb(ctx->outurb);
1376
1377 spin_unlock_irqrestore(&upriv->req_lock, flags);
1378 if (err == -EINPROGRESS)
1379 wait_for_completion(&ctx->done);
1380
1381 del_timer_sync(&ctx->timer);
1382 /* FIXME: there is an slight chance for the irq handler to
1383 * be running */
1384 if (!list_empty(&ctx->list))
1385 ezusb_ctx_complete(ctx);
1386
1387 ezusb_request_context_put(ctx);
1388 spin_lock_irqsave(&upriv->req_lock, flags);
1389 }
1390 spin_unlock_irqrestore(&upriv->req_lock, flags);
1391
1392 list_for_each_safe(item, tmp_item, &upriv->req_pending)
1393 ezusb_ctx_complete(list_entry(item,
1394 struct request_context, list));
1395
1396 if (upriv->read_urb->status == -EINPROGRESS)
1397 printk(KERN_ERR PFX "Some URB in progress\n");
1398
1399 mutex_unlock(&upriv->mtx);
1400
1401 kfree(upriv->read_urb->transfer_buffer);
1402 if (upriv->bap_buf != NULL)
1403 kfree(upriv->bap_buf);
1404 if (upriv->read_urb != NULL)
1405 usb_free_urb(upriv->read_urb);
1406 if (upriv->dev) {
1407 struct orinoco_private *priv = ndev_priv(upriv->dev);
1408 orinoco_if_del(priv);
1409 free_orinocodev(priv);
1410 }
1411}
1412
1413static void ezusb_lock_irqsave(spinlock_t *lock,
1414 unsigned long *flags) __acquires(lock)
1415{
1416 spin_lock_bh(lock);
1417}
1418
1419static void ezusb_unlock_irqrestore(spinlock_t *lock,
1420 unsigned long *flags) __releases(lock)
1421{
1422 spin_unlock_bh(lock);
1423}
1424
1425static void ezusb_lock_irq(spinlock_t *lock) __acquires(lock)
1426{
1427 spin_lock_bh(lock);
1428}
1429
1430static void ezusb_unlock_irq(spinlock_t *lock) __releases(lock)
1431{
1432 spin_unlock_bh(lock);
1433}
1434
1435static const struct hermes_ops ezusb_ops = {
1436 .init = ezusb_init,
1437 .cmd_wait = ezusb_docmd_wait,
1438 .init_cmd_wait = ezusb_doicmd_wait,
1439 .allocate = ezusb_allocate,
1440 .read_ltv = ezusb_read_ltv,
1441 .write_ltv = ezusb_write_ltv,
1442 .bap_pread = ezusb_bap_pread,
1443 .lock_irqsave = ezusb_lock_irqsave,
1444 .unlock_irqrestore = ezusb_unlock_irqrestore,
1445 .lock_irq = ezusb_lock_irq,
1446 .unlock_irq = ezusb_unlock_irq,
1447};
1448
1449static const struct net_device_ops ezusb_netdev_ops = {
1450 .ndo_open = orinoco_open,
1451 .ndo_stop = orinoco_stop,
1452 .ndo_start_xmit = ezusb_xmit,
1453 .ndo_set_multicast_list = orinoco_set_multicast_list,
1454 .ndo_change_mtu = orinoco_change_mtu,
1455 .ndo_set_mac_address = eth_mac_addr,
1456 .ndo_validate_addr = eth_validate_addr,
1457 .ndo_tx_timeout = orinoco_tx_timeout,
1458 .ndo_get_stats = orinoco_get_stats,
1459};
1460
1461static int ezusb_probe(struct usb_interface *interface,
1462 const struct usb_device_id *id)
1463{
1464 struct usb_device *udev = interface_to_usbdev(interface);
1465 struct orinoco_private *priv;
1466 hermes_t *hw;
1467 struct ezusb_priv *upriv = NULL;
1468 struct usb_interface_descriptor *iface_desc;
1469 struct usb_endpoint_descriptor *ep;
1470 const struct firmware *fw_entry;
1471 int retval = 0;
1472 int i;
1473
1474 priv = alloc_orinocodev(sizeof(*upriv), &udev->dev,
1475 ezusb_hard_reset, NULL);
1476 if (!priv) {
1477 err("Couldn't allocate orinocodev");
1478 goto exit;
1479 }
1480
1481 hw = &priv->hw;
1482
1483 upriv = priv->card;
1484
1485 mutex_init(&upriv->mtx);
1486 spin_lock_init(&upriv->reply_count_lock);
1487
1488 spin_lock_init(&upriv->req_lock);
1489 INIT_LIST_HEAD(&upriv->req_pending);
1490 INIT_LIST_HEAD(&upriv->req_active);
1491
1492 upriv->udev = udev;
1493
1494 hw->iobase = (void __force __iomem *) &upriv->hermes_reg_fake;
1495 hw->reg_spacing = HERMES_16BIT_REGSPACING;
1496 hw->priv = upriv;
1497 hw->ops = &ezusb_ops;
1498
1499 /* set up the endpoint information */
1500 /* check out the endpoints */
1501
1502 iface_desc = &interface->altsetting[0].desc;
1503 for (i = 0; i < iface_desc->bNumEndpoints; ++i) {
1504 ep = &interface->altsetting[0].endpoint[i].desc;
1505
1506 if (((ep->bEndpointAddress & USB_ENDPOINT_DIR_MASK)
1507 == USB_DIR_IN) &&
1508 ((ep->bmAttributes & USB_ENDPOINT_XFERTYPE_MASK)
1509 == USB_ENDPOINT_XFER_BULK)) {
1510 /* we found a bulk in endpoint */
1511 if (upriv->read_urb != NULL) {
1512 pr_warning("Found a second bulk in ep, ignored");
1513 continue;
1514 }
1515
1516 upriv->read_urb = usb_alloc_urb(0, GFP_KERNEL);
1517 if (!upriv->read_urb) {
1518 err("No free urbs available");
1519 goto error;
1520 }
1521 if (le16_to_cpu(ep->wMaxPacketSize) != 64)
1522 pr_warning("bulk in: wMaxPacketSize!= 64");
1523 if (ep->bEndpointAddress != (2 | USB_DIR_IN))
1524 pr_warning("bulk in: bEndpointAddress: %d",
1525 ep->bEndpointAddress);
1526 upriv->read_pipe = usb_rcvbulkpipe(udev,
1527 ep->
1528 bEndpointAddress);
1529 upriv->read_urb->transfer_buffer =
1530 kmalloc(BULK_BUF_SIZE, GFP_KERNEL);
1531 if (!upriv->read_urb->transfer_buffer) {
1532 err("Couldn't allocate IN buffer");
1533 goto error;
1534 }
1535 }
1536
1537 if (((ep->bEndpointAddress & USB_ENDPOINT_DIR_MASK)
1538 == USB_DIR_OUT) &&
1539 ((ep->bmAttributes & USB_ENDPOINT_XFERTYPE_MASK)
1540 == USB_ENDPOINT_XFER_BULK)) {
1541 /* we found a bulk out endpoint */
1542 if (upriv->bap_buf != NULL) {
1543 pr_warning("Found a second bulk out ep, ignored");
1544 continue;
1545 }
1546
1547 if (le16_to_cpu(ep->wMaxPacketSize) != 64)
1548 pr_warning("bulk out: wMaxPacketSize != 64");
1549 if (ep->bEndpointAddress != 2)
1550 pr_warning("bulk out: bEndpointAddress: %d",
1551 ep->bEndpointAddress);
1552 upriv->write_pipe = usb_sndbulkpipe(udev,
1553 ep->
1554 bEndpointAddress);
1555 upriv->bap_buf = kmalloc(BULK_BUF_SIZE, GFP_KERNEL);
1556 if (!upriv->bap_buf) {
1557 err("Couldn't allocate bulk_out_buffer");
1558 goto error;
1559 }
1560 }
1561 }
1562 if (!upriv->bap_buf || !upriv->read_urb) {
1563 err("Didn't find the required bulk endpoints");
1564 goto error;
1565 }
1566
1567 if (request_firmware(&fw_entry, "orinoco_ezusb_fw",
1568 &interface->dev) == 0) {
1569 firmware.size = fw_entry->size;
1570 firmware.code = fw_entry->data;
1571 }
1572 if (firmware.size && firmware.code) {
1573 ezusb_firmware_download(upriv, &firmware);
1574 } else {
1575 err("No firmware to download");
1576 goto error;
1577 }
1578
1579 if (ezusb_hard_reset(priv) < 0) {
1580 err("Cannot reset the device");
1581 goto error;
1582 }
1583
1584 /* If the firmware is already downloaded orinoco.c will call
1585 * ezusb_init but if the firmware is not already there, that will make
1586 * the kernel very unstable, so we try initializing here and quit in
1587 * case of error */
1588 if (ezusb_init(hw) < 0) {
1589 err("Couldn't initialize the device");
1590 err("Firmware may not be downloaded or may be wrong.");
1591 goto error;
1592 }
1593
1594 /* Initialise the main driver */
1595 if (orinoco_init(priv) != 0) {
1596 err("orinoco_init() failed\n");
1597 goto error;
1598 }
1599
1600 if (orinoco_if_add(priv, 0, 0, &ezusb_netdev_ops) != 0) {
1601 upriv->dev = NULL;
1602 err("%s: orinoco_if_add() failed", __func__);
1603 goto error;
1604 }
1605 upriv->dev = priv->ndev;
1606
1607 goto exit;
1608
1609 error:
1610 ezusb_delete(upriv);
1611 if (upriv->dev) {
1612 /* upriv->dev was 0, so ezusb_delete() didn't free it */
1613 free_orinocodev(priv);
1614 }
1615 upriv = NULL;
1616 retval = -EFAULT;
1617 exit:
1618 if (fw_entry) {
1619 firmware.code = NULL;
1620 firmware.size = 0;
1621 release_firmware(fw_entry);
1622 }
1623 usb_set_intfdata(interface, upriv);
1624 return retval;
1625}
1626
1627
1628static void ezusb_disconnect(struct usb_interface *intf)
1629{
1630 struct ezusb_priv *upriv = usb_get_intfdata(intf);
1631 usb_set_intfdata(intf, NULL);
1632 ezusb_delete(upriv);
1633 printk(KERN_INFO PFX "Disconnected\n");
1634}
1635
1636
1637/* usb specific object needed to register this driver with the usb subsystem */
1638static struct usb_driver orinoco_driver = {
1639 .name = DRIVER_NAME,
1640 .probe = ezusb_probe,
1641 .disconnect = ezusb_disconnect,
1642 .id_table = ezusb_table,
1643};
1644
1645/* Can't be declared "const" or the whole __initdata section will
1646 * become const */
1647static char version[] __initdata = DRIVER_NAME " " DRIVER_VERSION
1648 " (Manuel Estrada Sainz)";
1649
1650static int __init ezusb_module_init(void)
1651{
1652 int err;
1653
1654 printk(KERN_DEBUG "%s\n", version);
1655
1656 /* register this driver with the USB subsystem */
1657 err = usb_register(&orinoco_driver);
1658 if (err < 0) {
1659 printk(KERN_ERR PFX "usb_register failed, error %d\n",
1660 err);
1661 return err;
1662 }
1663
1664 return 0;
1665}
1666
1667static void __exit ezusb_module_exit(void)
1668{
1669 /* deregister this driver with the USB subsystem */
1670 usb_deregister(&orinoco_driver);
1671}
1672
1673
1674module_init(ezusb_module_init);
1675module_exit(ezusb_module_exit);
1676
1677MODULE_AUTHOR("Manuel Estrada Sainz");
1678MODULE_DESCRIPTION
1679 ("Driver for Orinoco wireless LAN cards using EZUSB bridge");
1680MODULE_LICENSE("Dual MPL/GPL");
generated by cgit v1.2.2 (git 2.25.0) at 2024-10-22 04:21:23 -0400