1/* 2 * Intel Wireless WiMAX Connection 2400m 3 * Miscellaneous control functions for managing the device 4 * 5 * 6 * Copyright (C) 2007-2008 Intel Corporation. All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 12 * * Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * * Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in 16 * the documentation and/or other materials provided with the 17 * distribution. 18 * * Neither the name of Intel Corporation nor the names of its 19 * contributors may be used to endorse or promote products derived 20 * from this software without specific prior written permission. 21 * 22 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 23 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 24 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 25 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 26 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 27 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 28 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 29 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 30 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 31 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 32 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 33 * 34 * 35 * Intel Corporation <linux-wimax@intel.com> 36 * Inaky Perez-Gonzalez <inaky.perez-gonzalez@intel.com> 37 * - Initial implementation 38 * 39 * This is a collection of functions used to control the device (plus 40 * a few helpers). 41 * 42 * There are utilities for handling TLV buffers, hooks on the device's 43 * reports to act on device changes of state [i2400m_report_hook()], 44 * on acks to commands [i2400m_msg_ack_hook()], a helper for sending 45 * commands to the device and blocking until a reply arrives 46 * [i2400m_msg_to_dev()], a few high level commands for manipulating 47 * the device state, powersving mode and configuration plus the 48 * routines to setup the device once communication is stablished with 49 * it [i2400m_dev_initialize()]. 50 * 51 * ROADMAP 52 * 53 * i2400m_dev_initialize() Called by i2400m_dev_start() 54 * i2400m_set_init_config() 55 * i2400m_cmd_get_state() 56 * i2400m_dev_shutdown() Called by i2400m_dev_stop() 57 * i2400m_reset() 58 * 59 * i2400m_{cmd,get,set}_*() 60 * i2400m_msg_to_dev() 61 * i2400m_msg_check_status() 62 * 63 * i2400m_report_hook() Called on reception of an event 64 * i2400m_report_state_hook() 65 * i2400m_tlv_buffer_walk() 66 * i2400m_tlv_match() 67 * i2400m_report_tlv_system_state() 68 * i2400m_report_tlv_rf_switches_status() 69 * i2400m_report_tlv_media_status() 70 * i2400m_cmd_enter_powersave() 71 * 72 * i2400m_msg_ack_hook() Called on reception of a reply to a 73 * command, get or set 74 */ 75 76#include <stdarg.h> 77#include "i2400m.h" 78#include <linux/kernel.h> 79#include <linux/slab.h> 80#include <linux/wimax/i2400m.h> 81#include <linux/export.h> 82#include <linux/moduleparam.h> 83 84 85#define D_SUBMODULE control 86#include "debug-levels.h" 87 88static int i2400m_idle_mode_disabled;/* 0 (idle mode enabled) by default */ 89module_param_named(idle_mode_disabled, i2400m_idle_mode_disabled, int, 0644); 90MODULE_PARM_DESC(idle_mode_disabled, 91 "If true, the device will not enable idle mode negotiation " 92 "with the base station (when connected) to save power."); 93 94/* 0 (power saving enabled) by default */ 95static int i2400m_power_save_disabled; 96module_param_named(power_save_disabled, i2400m_power_save_disabled, int, 0644); 97MODULE_PARM_DESC(power_save_disabled, 98 "If true, the driver will not tell the device to enter " 99 "power saving mode when it reports it is ready for it. " 100 "False by default (so the device is told to do power " 101 "saving)."); 102 103static int i2400m_passive_mode; /* 0 (passive mode disabled) by default */ 104module_param_named(passive_mode, i2400m_passive_mode, int, 0644); 105MODULE_PARM_DESC(passive_mode, 106 "If true, the driver will not do any device setup " 107 "and leave it up to user space, who must be properly " 108 "setup."); 109 110 111/* 112 * Return if a TLV is of a give type and size 113 * 114 * @tlv_hdr: pointer to the TLV 115 * @tlv_type: type of the TLV we are looking for 116 * @tlv_size: expected size of the TLV we are looking for (if -1, 117 * don't check the size). This includes the header 118 * Returns: 0 if the TLV matches 119 * < 0 if it doesn't match at all 120 * > 0 total TLV + payload size, if the type matches, but not 121 * the size 122 */ 123static 124ssize_t i2400m_tlv_match(const struct i2400m_tlv_hdr *tlv, 125 enum i2400m_tlv tlv_type, ssize_t tlv_size) 126{ 127 if (le16_to_cpu(tlv->type) != tlv_type) /* Not our type? skip */ 128 return -1; 129 if (tlv_size != -1 130 && le16_to_cpu(tlv->length) + sizeof(*tlv) != tlv_size) { 131 size_t size = le16_to_cpu(tlv->length) + sizeof(*tlv); 132 printk(KERN_WARNING "W: tlv type 0x%x mismatched because of " 133 "size (got %zu vs %zd expected)\n", 134 tlv_type, size, tlv_size); 135 return size; 136 } 137 return 0; 138} 139 140 141/* 142 * Given a buffer of TLVs, iterate over them 143 * 144 * @i2400m: device instance 145 * @tlv_buf: pointer to the beginning of the TLV buffer 146 * @buf_size: buffer size in bytes 147 * @tlv_pos: seek position; this is assumed to be a pointer returned 148 * by i2400m_tlv_buffer_walk() [and thus, validated]. The 149 * TLV returned will be the one following this one. 150 * 151 * Usage: 152 * 153 * tlv_itr = NULL; 154 * while (tlv_itr = i2400m_tlv_buffer_walk(i2400m, buf, size, tlv_itr)) { 155 * ... 156 * // Do stuff with tlv_itr, DON'T MODIFY IT 157 * ... 158 * } 159 */ 160static 161const struct i2400m_tlv_hdr *i2400m_tlv_buffer_walk( 162 struct i2400m *i2400m, 163 const void *tlv_buf, size_t buf_size, 164 const struct i2400m_tlv_hdr *tlv_pos) 165{ 166 struct device *dev = i2400m_dev(i2400m); 167 const struct i2400m_tlv_hdr *tlv_top = tlv_buf + buf_size; 168 size_t offset, length, avail_size; 169 unsigned type; 170 171 if (tlv_pos == NULL) /* Take the first one? */ 172 tlv_pos = tlv_buf; 173 else /* Nope, the next one */ 174 tlv_pos = (void *) tlv_pos 175 + le16_to_cpu(tlv_pos->length) + sizeof(*tlv_pos); 176 if (tlv_pos == tlv_top) { /* buffer done */ 177 tlv_pos = NULL; 178 goto error_beyond_end; 179 } 180 if (tlv_pos > tlv_top) { 181 tlv_pos = NULL; 182 WARN_ON(1); 183 goto error_beyond_end; 184 } 185 offset = (void *) tlv_pos - (void *) tlv_buf; 186 avail_size = buf_size - offset; 187 if (avail_size < sizeof(*tlv_pos)) { 188 dev_err(dev, "HW BUG? tlv_buf %p [%zu bytes], tlv @%zu: " 189 "short header\n", tlv_buf, buf_size, offset); 190 goto error_short_header; 191 } 192 type = le16_to_cpu(tlv_pos->type); 193 length = le16_to_cpu(tlv_pos->length); 194 if (avail_size < sizeof(*tlv_pos) + length) { 195 dev_err(dev, "HW BUG? tlv_buf %p [%zu bytes], " 196 "tlv type 0x%04x @%zu: " 197 "short data (%zu bytes vs %zu needed)\n", 198 tlv_buf, buf_size, type, offset, avail_size, 199 sizeof(*tlv_pos) + length); 200 goto error_short_header; 201 } 202error_short_header: 203error_beyond_end: 204 return tlv_pos; 205} 206 207 208/* 209 * Find a TLV in a buffer of sequential TLVs 210 * 211 * @i2400m: device descriptor 212 * @tlv_hdr: pointer to the first TLV in the sequence 213 * @size: size of the buffer in bytes; all TLVs are assumed to fit 214 * fully in the buffer (otherwise we'll complain). 215 * @tlv_type: type of the TLV we are looking for 216 * @tlv_size: expected size of the TLV we are looking for (if -1, 217 * don't check the size). This includes the header 218 * 219 * Returns: NULL if the TLV is not found, otherwise a pointer to 220 * it. If the sizes don't match, an error is printed and NULL 221 * returned. 222 */ 223static 224const struct i2400m_tlv_hdr *i2400m_tlv_find( 225 struct i2400m *i2400m, 226 const struct i2400m_tlv_hdr *tlv_hdr, size_t size, 227 enum i2400m_tlv tlv_type, ssize_t tlv_size) 228{ 229 ssize_t match; 230 struct device *dev = i2400m_dev(i2400m); 231 const struct i2400m_tlv_hdr *tlv = NULL; 232 while ((tlv = i2400m_tlv_buffer_walk(i2400m, tlv_hdr, size, tlv))) { 233 match = i2400m_tlv_match(tlv, tlv_type, tlv_size); 234 if (match == 0) /* found it :) */ 235 break; 236 if (match > 0) 237 dev_warn(dev, "TLV type 0x%04x found with size " 238 "mismatch (%zu vs %zd needed)\n", 239 tlv_type, match, tlv_size); 240 } 241 return tlv; 242} 243 244 245static const struct 246{ 247 char *msg; 248 int errno; 249} ms_to_errno[I2400M_MS_MAX] = { 250 [I2400M_MS_DONE_OK] = { "", 0 }, 251 [I2400M_MS_DONE_IN_PROGRESS] = { "", 0 }, 252 [I2400M_MS_INVALID_OP] = { "invalid opcode", -ENOSYS }, 253 [I2400M_MS_BAD_STATE] = { "invalid state", -EILSEQ }, 254 [I2400M_MS_ILLEGAL_VALUE] = { "illegal value", -EINVAL }, 255 [I2400M_MS_MISSING_PARAMS] = { "missing parameters", -ENOMSG }, 256 [I2400M_MS_VERSION_ERROR] = { "bad version", -EIO }, 257 [I2400M_MS_ACCESSIBILITY_ERROR] = { "accesibility error", -EIO }, 258 [I2400M_MS_BUSY] = { "busy", -EBUSY }, 259 [I2400M_MS_CORRUPTED_TLV] = { "corrupted TLV", -EILSEQ }, 260 [I2400M_MS_UNINITIALIZED] = { "uninitialized", -EILSEQ }, 261 [I2400M_MS_UNKNOWN_ERROR] = { "unknown error", -EIO }, 262 [I2400M_MS_PRODUCTION_ERROR] = { "production error", -EIO }, 263 [I2400M_MS_NO_RF] = { "no RF", -EIO }, 264 [I2400M_MS_NOT_READY_FOR_POWERSAVE] = 265 { "not ready for powersave", -EACCES }, 266 [I2400M_MS_THERMAL_CRITICAL] = { "thermal critical", -EL3HLT }, 267}; 268 269 270/* 271 * i2400m_msg_check_status - translate a message's status code 272 * 273 * @i2400m: device descriptor 274 * @l3l4_hdr: message header 275 * @strbuf: buffer to place a formatted error message (unless NULL). 276 * @strbuf_size: max amount of available space; larger messages will 277 * be truncated. 278 * 279 * Returns: errno code corresponding to the status code in @l3l4_hdr 280 * and a message in @strbuf describing the error. 281 */ 282int i2400m_msg_check_status(const struct i2400m_l3l4_hdr *l3l4_hdr, 283 char *strbuf, size_t strbuf_size) 284{ 285 int result; 286 enum i2400m_ms status = le16_to_cpu(l3l4_hdr->status); 287 const char *str; 288 289 if (status == 0) 290 return 0; 291 if (status >= ARRAY_SIZE(ms_to_errno)) { 292 str = "unknown status code"; 293 result = -EBADR; 294 } else { 295 str = ms_to_errno[status].msg; 296 result = ms_to_errno[status].errno; 297 } 298 if (strbuf) 299 snprintf(strbuf, strbuf_size, "%s (%d)", str, status); 300 return result; 301} 302 303 304/* 305 * Act on a TLV System State reported by the device 306 * 307 * @i2400m: device descriptor 308 * @ss: validated System State TLV 309 */ 310static 311void i2400m_report_tlv_system_state(struct i2400m *i2400m, 312 const struct i2400m_tlv_system_state *ss) 313{ 314 struct device *dev = i2400m_dev(i2400m); 315 struct wimax_dev *wimax_dev = &i2400m->wimax_dev; 316 enum i2400m_system_state i2400m_state = le32_to_cpu(ss->state); 317 318 d_fnstart(3, dev, "(i2400m %p ss %p [%u])\n", i2400m, ss, i2400m_state); 319 320 if (i2400m->state != i2400m_state) { 321 i2400m->state = i2400m_state; 322 wake_up_all(&i2400m->state_wq); 323 } 324 switch (i2400m_state) { 325 case I2400M_SS_UNINITIALIZED: 326 case I2400M_SS_INIT: 327 case I2400M_SS_CONFIG: 328 case I2400M_SS_PRODUCTION: 329 wimax_state_change(wimax_dev, WIMAX_ST_UNINITIALIZED); 330 break; 331 332 case I2400M_SS_RF_OFF: 333 case I2400M_SS_RF_SHUTDOWN: 334 wimax_state_change(wimax_dev, WIMAX_ST_RADIO_OFF); 335 break; 336 337 case I2400M_SS_READY: 338 case I2400M_SS_STANDBY: 339 case I2400M_SS_SLEEPACTIVE: 340 wimax_state_change(wimax_dev, WIMAX_ST_READY); 341 break; 342 343 case I2400M_SS_CONNECTING: 344 case I2400M_SS_WIMAX_CONNECTED: 345 wimax_state_change(wimax_dev, WIMAX_ST_READY); 346 break; 347 348 case I2400M_SS_SCAN: 349 case I2400M_SS_OUT_OF_ZONE: 350 wimax_state_change(wimax_dev, WIMAX_ST_SCANNING); 351 break; 352 353 case I2400M_SS_IDLE: 354 d_printf(1, dev, "entering BS-negotiated idle mode\n"); 355 fallthrough; 356 case I2400M_SS_DISCONNECTING: 357 case I2400M_SS_DATA_PATH_CONNECTED: 358 wimax_state_change(wimax_dev, WIMAX_ST_CONNECTED); 359 break; 360 361 default: 362 /* Huh? just in case, shut it down */ 363 dev_err(dev, "HW BUG? unknown state %u: shutting down\n", 364 i2400m_state); 365 i2400m_reset(i2400m, I2400M_RT_WARM); 366 break; 367 } 368 d_fnend(3, dev, "(i2400m %p ss %p [%u]) = void\n", 369 i2400m, ss, i2400m_state); 370} 371 372 373/* 374 * Parse and act on a TLV Media Status sent by the device 375 * 376 * @i2400m: device descriptor 377 * @ms: validated Media Status TLV 378 * 379 * This will set the carrier up on down based on the device's link 380 * report. This is done asides of what the WiMAX stack does based on 381 * the device's state as sometimes we need to do a link-renew (the BS 382 * wants us to renew a DHCP lease, for example). 383 * 384 * In fact, doc says that every time we get a link-up, we should do a 385 * DHCP negotiation... 386 */ 387static 388void i2400m_report_tlv_media_status(struct i2400m *i2400m, 389 const struct i2400m_tlv_media_status *ms) 390{ 391 struct device *dev = i2400m_dev(i2400m); 392 struct wimax_dev *wimax_dev = &i2400m->wimax_dev; 393 struct net_device *net_dev = wimax_dev->net_dev; 394 enum i2400m_media_status status = le32_to_cpu(ms->media_status); 395 396 d_fnstart(3, dev, "(i2400m %p ms %p [%u])\n", i2400m, ms, status); 397 398 switch (status) { 399 case I2400M_MEDIA_STATUS_LINK_UP: 400 netif_carrier_on(net_dev); 401 break; 402 case I2400M_MEDIA_STATUS_LINK_DOWN: 403 netif_carrier_off(net_dev); 404 break; 405 /* 406 * This is the network telling us we need to retrain the DHCP 407 * lease -- so far, we are trusting the WiMAX Network Service 408 * in user space to pick this up and poke the DHCP client. 409 */ 410 case I2400M_MEDIA_STATUS_LINK_RENEW: 411 netif_carrier_on(net_dev); 412 break; 413 default: 414 dev_err(dev, "HW BUG? unknown media status %u\n", 415 status); 416 } 417 d_fnend(3, dev, "(i2400m %p ms %p [%u]) = void\n", 418 i2400m, ms, status); 419} 420 421 422/* 423 * Process a TLV from a 'state report' 424 * 425 * @i2400m: device descriptor 426 * @tlv: pointer to the TLV header; it has been already validated for 427 * consistent size. 428 * @tag: for error messages 429 * 430 * Act on the TLVs from a 'state report'. 431 */ 432static 433void i2400m_report_state_parse_tlv(struct i2400m *i2400m, 434 const struct i2400m_tlv_hdr *tlv, 435 const char *tag) 436{ 437 struct device *dev = i2400m_dev(i2400m); 438 const struct i2400m_tlv_media_status *ms; 439 const struct i2400m_tlv_system_state *ss; 440 const struct i2400m_tlv_rf_switches_status *rfss; 441 442 if (0 == i2400m_tlv_match(tlv, I2400M_TLV_SYSTEM_STATE, sizeof(*ss))) { 443 ss = container_of(tlv, typeof(*ss), hdr); 444 d_printf(2, dev, "%s: system state TLV " 445 "found (0x%04x), state 0x%08x\n", 446 tag, I2400M_TLV_SYSTEM_STATE, 447 le32_to_cpu(ss->state)); 448 i2400m_report_tlv_system_state(i2400m, ss); 449 } 450 if (0 == i2400m_tlv_match(tlv, I2400M_TLV_RF_STATUS, sizeof(*rfss))) { 451 rfss = container_of(tlv, typeof(*rfss), hdr); 452 d_printf(2, dev, "%s: RF status TLV " 453 "found (0x%04x), sw 0x%02x hw 0x%02x\n", 454 tag, I2400M_TLV_RF_STATUS, 455 le32_to_cpu(rfss->sw_rf_switch), 456 le32_to_cpu(rfss->hw_rf_switch)); 457 i2400m_report_tlv_rf_switches_status(i2400m, rfss); 458 } 459 if (0 == i2400m_tlv_match(tlv, I2400M_TLV_MEDIA_STATUS, sizeof(*ms))) { 460 ms = container_of(tlv, typeof(*ms), hdr); 461 d_printf(2, dev, "%s: Media Status TLV: %u\n", 462 tag, le32_to_cpu(ms->media_status)); 463 i2400m_report_tlv_media_status(i2400m, ms); 464 } 465} 466 467 468/* 469 * Parse a 'state report' and extract information 470 * 471 * @i2400m: device descriptor 472 * @l3l4_hdr: pointer to message; it has been already validated for 473 * consistent size. 474 * @size: size of the message (header + payload). The header length 475 * declaration is assumed to be congruent with @size (as in 476 * sizeof(*l3l4_hdr) + l3l4_hdr->length == size) 477 * 478 * Walk over the TLVs in a report state and act on them. 479 */ 480static 481void i2400m_report_state_hook(struct i2400m *i2400m, 482 const struct i2400m_l3l4_hdr *l3l4_hdr, 483 size_t size, const char *tag) 484{ 485 struct device *dev = i2400m_dev(i2400m); 486 const struct i2400m_tlv_hdr *tlv; 487 size_t tlv_size = le16_to_cpu(l3l4_hdr->length); 488 489 d_fnstart(4, dev, "(i2400m %p, l3l4_hdr %p, size %zu, %s)\n", 490 i2400m, l3l4_hdr, size, tag); 491 tlv = NULL; 492 493 while ((tlv = i2400m_tlv_buffer_walk(i2400m, &l3l4_hdr->pl, 494 tlv_size, tlv))) 495 i2400m_report_state_parse_tlv(i2400m, tlv, tag); 496 d_fnend(4, dev, "(i2400m %p, l3l4_hdr %p, size %zu, %s) = void\n", 497 i2400m, l3l4_hdr, size, tag); 498} 499 500 501/* 502 * i2400m_report_hook - (maybe) act on a report 503 * 504 * @i2400m: device descriptor 505 * @l3l4_hdr: pointer to message; it has been already validated for 506 * consistent size. 507 * @size: size of the message (header + payload). The header length 508 * declaration is assumed to be congruent with @size (as in 509 * sizeof(*l3l4_hdr) + l3l4_hdr->length == size) 510 * 511 * Extract information we might need (like carrien on/off) from a 512 * device report. 513 */ 514void i2400m_report_hook(struct i2400m *i2400m, 515 const struct i2400m_l3l4_hdr *l3l4_hdr, size_t size) 516{ 517 struct device *dev = i2400m_dev(i2400m); 518 unsigned msg_type; 519 520 d_fnstart(3, dev, "(i2400m %p l3l4_hdr %p size %zu)\n", 521 i2400m, l3l4_hdr, size); 522 /* Chew on the message, we might need some information from 523 * here */ 524 msg_type = le16_to_cpu(l3l4_hdr->type); 525 switch (msg_type) { 526 case I2400M_MT_REPORT_STATE: /* carrier detection... */ 527 i2400m_report_state_hook(i2400m, 528 l3l4_hdr, size, "REPORT STATE"); 529 break; 530 /* If the device is ready for power save, then ask it to do 531 * it. */ 532 case I2400M_MT_REPORT_POWERSAVE_READY: /* zzzzz */ 533 if (l3l4_hdr->status == cpu_to_le16(I2400M_MS_DONE_OK)) { 534 if (i2400m_power_save_disabled) 535 d_printf(1, dev, "ready for powersave, " 536 "not requesting (disabled by module " 537 "parameter)\n"); 538 else { 539 d_printf(1, dev, "ready for powersave, " 540 "requesting\n"); 541 i2400m_cmd_enter_powersave(i2400m); 542 } 543 } 544 break; 545 } 546 d_fnend(3, dev, "(i2400m %p l3l4_hdr %p size %zu) = void\n", 547 i2400m, l3l4_hdr, size); 548} 549 550 551/* 552 * i2400m_msg_ack_hook - process cmd/set/get ack for internal status 553 * 554 * @i2400m: device descriptor 555 * @l3l4_hdr: pointer to message; it has been already validated for 556 * consistent size. 557 * @size: size of the message 558 * 559 * Extract information we might need from acks to commands and act on 560 * it. This is akin to i2400m_report_hook(). Note most of this 561 * processing should be done in the function that calls the 562 * command. This is here for some cases where it can't happen... 563 */ 564static void i2400m_msg_ack_hook(struct i2400m *i2400m, 565 const struct i2400m_l3l4_hdr *l3l4_hdr, 566 size_t size) 567{ 568 int result; 569 struct device *dev = i2400m_dev(i2400m); 570 unsigned int ack_type; 571 char strerr[32]; 572 573 /* Chew on the message, we might need some information from 574 * here */ 575 ack_type = le16_to_cpu(l3l4_hdr->type); 576 switch (ack_type) { 577 case I2400M_MT_CMD_ENTER_POWERSAVE: 578 /* This is just left here for the sake of example, as 579 * the processing is done somewhere else. */ 580 if (0) { 581 result = i2400m_msg_check_status( 582 l3l4_hdr, strerr, sizeof(strerr)); 583 if (result >= 0) 584 d_printf(1, dev, "ready for power save: %zd\n", 585 size); 586 } 587 break; 588 } 589} 590 591 592/* 593 * i2400m_msg_size_check() - verify message size and header are congruent 594 * 595 * It is ok if the total message size is larger than the expected 596 * size, as there can be padding. 597 */ 598int i2400m_msg_size_check(struct i2400m *i2400m, 599 const struct i2400m_l3l4_hdr *l3l4_hdr, 600 size_t msg_size) 601{ 602 int result; 603 struct device *dev = i2400m_dev(i2400m); 604 size_t expected_size; 605 d_fnstart(4, dev, "(i2400m %p l3l4_hdr %p msg_size %zu)\n", 606 i2400m, l3l4_hdr, msg_size); 607 if (msg_size < sizeof(*l3l4_hdr)) { 608 dev_err(dev, "bad size for message header " 609 "(expected at least %zu, got %zu)\n", 610 (size_t) sizeof(*l3l4_hdr), msg_size); 611 result = -EIO; 612 goto error_hdr_size; 613 } 614 expected_size = le16_to_cpu(l3l4_hdr->length) + sizeof(*l3l4_hdr); 615 if (msg_size < expected_size) { 616 dev_err(dev, "bad size for message code 0x%04x (expected %zu, " 617 "got %zu)\n", le16_to_cpu(l3l4_hdr->type), 618 expected_size, msg_size); 619 result = -EIO; 620 } else 621 result = 0; 622error_hdr_size: 623 d_fnend(4, dev, 624 "(i2400m %p l3l4_hdr %p msg_size %zu) = %d\n", 625 i2400m, l3l4_hdr, msg_size, result); 626 return result; 627} 628 629 630 631/* 632 * Cancel a wait for a command ACK 633 * 634 * @i2400m: device descriptor 635 * @code: [negative] errno code to cancel with (don't use 636 * -EINPROGRESS) 637 * 638 * If there is an ack already filled out, free it. 639 */ 640void i2400m_msg_to_dev_cancel_wait(struct i2400m *i2400m, int code) 641{ 642 struct sk_buff *ack_skb; 643 unsigned long flags; 644 645 spin_lock_irqsave(&i2400m->rx_lock, flags); 646 ack_skb = i2400m->ack_skb; 647 if (ack_skb && !IS_ERR(ack_skb)) 648 kfree_skb(ack_skb); 649 i2400m->ack_skb = ERR_PTR(code); 650 spin_unlock_irqrestore(&i2400m->rx_lock, flags); 651} 652 653 654/** 655 * i2400m_msg_to_dev - Send a control message to the device and get a response 656 * 657 * @i2400m: device descriptor 658 * 659 * @buf: pointer to the buffer containing the message to be sent; it 660 * has to start with a &struct i2400M_l3l4_hdr and then 661 * followed by the payload. Once this function returns, the 662 * buffer can be reused. 663 * 664 * @buf_len: buffer size 665 * 666 * Returns: 667 * 668 * Pointer to skb containing the ack message. You need to check the 669 * pointer with IS_ERR(), as it might be an error code. Error codes 670 * could happen because: 671 * 672 * - the message wasn't formatted correctly 673 * - couldn't send the message 674 * - failed waiting for a response 675 * - the ack message wasn't formatted correctly 676 * 677 * The returned skb has been allocated with wimax_msg_to_user_alloc(), 678 * it contains the response in a netlink attribute and is ready to be 679 * passed up to user space with wimax_msg_to_user_send(). To access 680 * the payload and its length, use wimax_msg_{data,len}() on the skb. 681 * 682 * The skb has to be freed with kfree_skb() once done. 683 * 684 * Description: 685 * 686 * This function delivers a message/command to the device and waits 687 * for an ack to be received. The format is described in 688 * linux/wimax/i2400m.h. In summary, a command/get/set is followed by an 689 * ack. 690 * 691 * This function will not check the ack status, that's left up to the 692 * caller. Once done with the ack skb, it has to be kfree_skb()ed. 693 * 694 * The i2400m handles only one message at the same time, thus we need 695 * the mutex to exclude other players. 696 * 697 * We write the message and then wait for an answer to come back. The 698 * RX path intercepts control messages and handles them in 699 * i2400m_rx_ctl(). Reports (notifications) are (maybe) processed 700 * locally and then forwarded (as needed) to user space on the WiMAX 701 * stack message pipe. Acks are saved and passed back to us through an 702 * skb in i2400m->ack_skb which is ready to be given to generic 703 * netlink if need be. 704 */ 705struct sk_buff *i2400m_msg_to_dev(struct i2400m *i2400m, 706 const void *buf, size_t buf_len) 707{ 708 int result; 709 struct device *dev = i2400m_dev(i2400m); 710 const struct i2400m_l3l4_hdr *msg_l3l4_hdr; 711 struct sk_buff *ack_skb; 712 const struct i2400m_l3l4_hdr *ack_l3l4_hdr; 713 size_t ack_len; 714 int ack_timeout; 715 unsigned msg_type; 716 unsigned long flags; 717 718 d_fnstart(3, dev, "(i2400m %p buf %p len %zu)\n", 719 i2400m, buf, buf_len); 720 721 rmb(); /* Make sure we see what i2400m_dev_reset_handle() */ 722 if (i2400m->boot_mode) 723 return ERR_PTR(-EL3RST); 724 725 msg_l3l4_hdr = buf; 726 /* Check msg & payload consistency */ 727 result = i2400m_msg_size_check(i2400m, msg_l3l4_hdr, buf_len); 728 if (result < 0) 729 goto error_bad_msg; 730 msg_type = le16_to_cpu(msg_l3l4_hdr->type); 731 d_printf(1, dev, "CMD/GET/SET 0x%04x %zu bytes\n", 732 msg_type, buf_len); 733 d_dump(2, dev, buf, buf_len); 734 735 /* Setup the completion, ack_skb ("we are waiting") and send 736 * the message to the device */ 737 mutex_lock(&i2400m->msg_mutex); 738 spin_lock_irqsave(&i2400m->rx_lock, flags); 739 i2400m->ack_skb = ERR_PTR(-EINPROGRESS); 740 spin_unlock_irqrestore(&i2400m->rx_lock, flags); 741 init_completion(&i2400m->msg_completion); 742 result = i2400m_tx(i2400m, buf, buf_len, I2400M_PT_CTRL); 743 if (result < 0) { 744 dev_err(dev, "can't send message 0x%04x: %d\n", 745 le16_to_cpu(msg_l3l4_hdr->type), result); 746 goto error_tx; 747 } 748 749 /* Some commands take longer to execute because of crypto ops, 750 * so we give them some more leeway on timeout */ 751 switch (msg_type) { 752 case I2400M_MT_GET_TLS_OPERATION_RESULT: 753 case I2400M_MT_CMD_SEND_EAP_RESPONSE: 754 ack_timeout = 5 * HZ; 755 break; 756 default: 757 ack_timeout = HZ; 758 } 759 760 if (unlikely(i2400m->trace_msg_from_user)) 761 wimax_msg(&i2400m->wimax_dev, "echo", buf, buf_len, GFP_KERNEL); 762 /* The RX path in rx.c will put any response for this message 763 * in i2400m->ack_skb and wake us up. If we cancel the wait, 764 * we need to change the value of i2400m->ack_skb to something 765 * not -EINPROGRESS so RX knows there is no one waiting. */ 766 result = wait_for_completion_interruptible_timeout( 767 &i2400m->msg_completion, ack_timeout); 768 if (result == 0) { 769 dev_err(dev, "timeout waiting for reply to message 0x%04x\n", 770 msg_type); 771 result = -ETIMEDOUT; 772 i2400m_msg_to_dev_cancel_wait(i2400m, result); 773 goto error_wait_for_completion; 774 } else if (result < 0) { 775 dev_err(dev, "error waiting for reply to message 0x%04x: %d\n", 776 msg_type, result); 777 i2400m_msg_to_dev_cancel_wait(i2400m, result); 778 goto error_wait_for_completion; 779 } 780 781 /* Pull out the ack data from i2400m->ack_skb -- see if it is 782 * an error and act accordingly */ 783 spin_lock_irqsave(&i2400m->rx_lock, flags); 784 ack_skb = i2400m->ack_skb; 785 if (IS_ERR(ack_skb)) 786 result = PTR_ERR(ack_skb); 787 else 788 result = 0; 789 i2400m->ack_skb = NULL; 790 spin_unlock_irqrestore(&i2400m->rx_lock, flags); 791 if (result < 0) 792 goto error_ack_status; 793 ack_l3l4_hdr = wimax_msg_data_len(ack_skb, &ack_len); 794 795 /* Check the ack and deliver it if it is ok */ 796 if (unlikely(i2400m->trace_msg_from_user)) 797 wimax_msg(&i2400m->wimax_dev, "echo", 798 ack_l3l4_hdr, ack_len, GFP_KERNEL); 799 result = i2400m_msg_size_check(i2400m, ack_l3l4_hdr, ack_len); 800 if (result < 0) { 801 dev_err(dev, "HW BUG? reply to message 0x%04x: %d\n", 802 msg_type, result); 803 goto error_bad_ack_len; 804 } 805 if (msg_type != le16_to_cpu(ack_l3l4_hdr->type)) { 806 dev_err(dev, "HW BUG? bad reply 0x%04x to message 0x%04x\n", 807 le16_to_cpu(ack_l3l4_hdr->type), msg_type); 808 result = -EIO; 809 goto error_bad_ack_type; 810 } 811 i2400m_msg_ack_hook(i2400m, ack_l3l4_hdr, ack_len); 812 mutex_unlock(&i2400m->msg_mutex); 813 d_fnend(3, dev, "(i2400m %p buf %p len %zu) = %p\n", 814 i2400m, buf, buf_len, ack_skb); 815 return ack_skb; 816 817error_bad_ack_type: 818error_bad_ack_len: 819 kfree_skb(ack_skb); 820error_ack_status: 821error_wait_for_completion: 822error_tx: 823 mutex_unlock(&i2400m->msg_mutex); 824error_bad_msg: 825 d_fnend(3, dev, "(i2400m %p buf %p len %zu) = %d\n", 826 i2400m, buf, buf_len, result); 827 return ERR_PTR(result); 828} 829 830 831/* 832 * Definitions for the Enter Power Save command 833 * 834 * The Enter Power Save command requests the device to go into power 835 * saving mode. The device will ack or nak the command depending on it 836 * being ready for it. If it acks, we tell the USB subsystem to 837 * 838 * As well, the device might request to go into power saving mode by 839 * sending a report (REPORT_POWERSAVE_READY), in which case, we issue 840 * this command. The hookups in the RX coder allow 841 */ 842enum { 843 I2400M_WAKEUP_ENABLED = 0x01, 844 I2400M_WAKEUP_DISABLED = 0x02, 845 I2400M_TLV_TYPE_WAKEUP_MODE = 144, 846}; 847 848struct i2400m_cmd_enter_power_save { 849 struct i2400m_l3l4_hdr hdr; 850 struct i2400m_tlv_hdr tlv; 851 __le32 val; 852} __packed; 853 854 855/* 856 * Request entering power save 857 * 858 * This command is (mainly) executed when the device indicates that it 859 * is ready to go into powersave mode via a REPORT_POWERSAVE_READY. 860 */ 861int i2400m_cmd_enter_powersave(struct i2400m *i2400m) 862{ 863 int result; 864 struct device *dev = i2400m_dev(i2400m); 865 struct sk_buff *ack_skb; 866 struct i2400m_cmd_enter_power_save *cmd; 867 char strerr[32]; 868 869 result = -ENOMEM; 870 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL); 871 if (cmd == NULL) 872 goto error_alloc; 873 cmd->hdr.type = cpu_to_le16(I2400M_MT_CMD_ENTER_POWERSAVE); 874 cmd->hdr.length = cpu_to_le16(sizeof(*cmd) - sizeof(cmd->hdr)); 875 cmd->hdr.version = cpu_to_le16(I2400M_L3L4_VERSION); 876 cmd->tlv.type = cpu_to_le16(I2400M_TLV_TYPE_WAKEUP_MODE); 877 cmd->tlv.length = cpu_to_le16(sizeof(cmd->val)); 878 cmd->val = cpu_to_le32(I2400M_WAKEUP_ENABLED); 879 880 ack_skb = i2400m_msg_to_dev(i2400m, cmd, sizeof(*cmd)); 881 result = PTR_ERR(ack_skb); 882 if (IS_ERR(ack_skb)) { 883 dev_err(dev, "Failed to issue 'Enter power save' command: %d\n", 884 result); 885 goto error_msg_to_dev; 886 } 887 result = i2400m_msg_check_status(wimax_msg_data(ack_skb), 888 strerr, sizeof(strerr)); 889 if (result == -EACCES) 890 d_printf(1, dev, "Cannot enter power save mode\n"); 891 else if (result < 0) 892 dev_err(dev, "'Enter power save' (0x%04x) command failed: " 893 "%d - %s\n", I2400M_MT_CMD_ENTER_POWERSAVE, 894 result, strerr); 895 else 896 d_printf(1, dev, "device ready to power save\n"); 897 kfree_skb(ack_skb); 898error_msg_to_dev: 899 kfree(cmd); 900error_alloc: 901 return result; 902} 903EXPORT_SYMBOL_GPL(i2400m_cmd_enter_powersave); 904 905 906/* 907 * Definitions for getting device information 908 */ 909enum { 910 I2400M_TLV_DETAILED_DEVICE_INFO = 140 911}; 912 913/** 914 * i2400m_get_device_info - Query the device for detailed device information 915 * 916 * @i2400m: device descriptor 917 * 918 * Returns: an skb whose skb->data points to a 'struct 919 * i2400m_tlv_detailed_device_info'. When done, kfree_skb() it. The 920 * skb is *guaranteed* to contain the whole TLV data structure. 921 * 922 * On error, IS_ERR(skb) is true and ERR_PTR(skb) is the error 923 * code. 924 */ 925struct sk_buff *i2400m_get_device_info(struct i2400m *i2400m) 926{ 927 int result; 928 struct device *dev = i2400m_dev(i2400m); 929 struct sk_buff *ack_skb; 930 struct i2400m_l3l4_hdr *cmd; 931 const struct i2400m_l3l4_hdr *ack; 932 size_t ack_len; 933 const struct i2400m_tlv_hdr *tlv; 934 const struct i2400m_tlv_detailed_device_info *ddi; 935 char strerr[32]; 936 937 ack_skb = ERR_PTR(-ENOMEM); 938 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL); 939 if (cmd == NULL) 940 goto error_alloc; 941 cmd->type = cpu_to_le16(I2400M_MT_GET_DEVICE_INFO); 942 cmd->length = 0; 943 cmd->version = cpu_to_le16(I2400M_L3L4_VERSION); 944 945 ack_skb = i2400m_msg_to_dev(i2400m, cmd, sizeof(*cmd)); 946 if (IS_ERR(ack_skb)) { 947 dev_err(dev, "Failed to issue 'get device info' command: %ld\n", 948 PTR_ERR(ack_skb)); 949 goto error_msg_to_dev; 950 } 951 ack = wimax_msg_data_len(ack_skb, &ack_len); 952 result = i2400m_msg_check_status(ack, strerr, sizeof(strerr)); 953 if (result < 0) { 954 dev_err(dev, "'get device info' (0x%04x) command failed: " 955 "%d - %s\n", I2400M_MT_GET_DEVICE_INFO, result, 956 strerr); 957 goto error_cmd_failed; 958 } 959 tlv = i2400m_tlv_find(i2400m, ack->pl, ack_len - sizeof(*ack), 960 I2400M_TLV_DETAILED_DEVICE_INFO, sizeof(*ddi)); 961 if (tlv == NULL) { 962 dev_err(dev, "GET DEVICE INFO: " 963 "detailed device info TLV not found (0x%04x)\n", 964 I2400M_TLV_DETAILED_DEVICE_INFO); 965 result = -EIO; 966 goto error_no_tlv; 967 } 968 skb_pull(ack_skb, (void *) tlv - (void *) ack_skb->data); 969error_msg_to_dev: 970 kfree(cmd); 971error_alloc: 972 return ack_skb; 973 974error_no_tlv: 975error_cmd_failed: 976 kfree_skb(ack_skb); 977 kfree(cmd); 978 return ERR_PTR(result); 979} 980 981 982/* Firmware interface versions we support */ 983enum { 984 I2400M_HDIv_MAJOR = 9, 985 I2400M_HDIv_MINOR = 1, 986 I2400M_HDIv_MINOR_2 = 2, 987}; 988 989 990/** 991 * i2400m_firmware_check - check firmware versions are compatible with 992 * the driver 993 * 994 * @i2400m: device descriptor 995 * 996 * Returns: 0 if ok, < 0 errno code an error and a message in the 997 * kernel log. 998 * 999 * Long function, but quite simple; first chunk launches the command 1000 * and double checks the reply for the right TLV. Then we process the 1001 * TLV (where the meat is). 1002 * 1003 * Once we process the TLV that gives us the firmware's interface 1004 * version, we encode it and save it in i2400m->fw_version for future 1005 * reference. 1006 */ 1007int i2400m_firmware_check(struct i2400m *i2400m) 1008{ 1009 int result; 1010 struct device *dev = i2400m_dev(i2400m); 1011 struct sk_buff *ack_skb; 1012 struct i2400m_l3l4_hdr *cmd; 1013 const struct i2400m_l3l4_hdr *ack; 1014 size_t ack_len; 1015 const struct i2400m_tlv_hdr *tlv; 1016 const struct i2400m_tlv_l4_message_versions *l4mv; 1017 char strerr[32]; 1018 unsigned major, minor, branch; 1019 1020 result = -ENOMEM; 1021 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL); 1022 if (cmd == NULL) 1023 goto error_alloc; 1024 cmd->type = cpu_to_le16(I2400M_MT_GET_LM_VERSION); 1025 cmd->length = 0; 1026 cmd->version = cpu_to_le16(I2400M_L3L4_VERSION); 1027 1028 ack_skb = i2400m_msg_to_dev(i2400m, cmd, sizeof(*cmd)); 1029 if (IS_ERR(ack_skb)) { 1030 result = PTR_ERR(ack_skb); 1031 dev_err(dev, "Failed to issue 'get lm version' command: %-d\n", 1032 result); 1033 goto error_msg_to_dev; 1034 } 1035 ack = wimax_msg_data_len(ack_skb, &ack_len); 1036 result = i2400m_msg_check_status(ack, strerr, sizeof(strerr)); 1037 if (result < 0) { 1038 dev_err(dev, "'get lm version' (0x%04x) command failed: " 1039 "%d - %s\n", I2400M_MT_GET_LM_VERSION, result, 1040 strerr); 1041 goto error_cmd_failed; 1042 } 1043 tlv = i2400m_tlv_find(i2400m, ack->pl, ack_len - sizeof(*ack), 1044 I2400M_TLV_L4_MESSAGE_VERSIONS, sizeof(*l4mv)); 1045 if (tlv == NULL) { 1046 dev_err(dev, "get lm version: TLV not found (0x%04x)\n", 1047 I2400M_TLV_L4_MESSAGE_VERSIONS); 1048 result = -EIO; 1049 goto error_no_tlv; 1050 } 1051 l4mv = container_of(tlv, typeof(*l4mv), hdr); 1052 major = le16_to_cpu(l4mv->major); 1053 minor = le16_to_cpu(l4mv->minor); 1054 branch = le16_to_cpu(l4mv->branch); 1055 result = -EINVAL; 1056 if (major != I2400M_HDIv_MAJOR) { 1057 dev_err(dev, "unsupported major fw version " 1058 "%u.%u.%u\n", major, minor, branch); 1059 goto error_bad_major; 1060 } 1061 result = 0; 1062 if (minor > I2400M_HDIv_MINOR_2 || minor < I2400M_HDIv_MINOR) 1063 dev_warn(dev, "untested minor fw version %u.%u.%u\n", 1064 major, minor, branch); 1065 /* Yes, we ignore the branch -- we don't have to track it */ 1066 i2400m->fw_version = major << 16 | minor; 1067 dev_info(dev, "firmware interface version %u.%u.%u\n", 1068 major, minor, branch); 1069error_bad_major: 1070error_no_tlv: 1071error_cmd_failed: 1072 kfree_skb(ack_skb); 1073error_msg_to_dev: 1074 kfree(cmd); 1075error_alloc: 1076 return result; 1077} 1078 1079 1080/* 1081 * Send an DoExitIdle command to the device to ask it to go out of 1082 * basestation-idle mode. 1083 * 1084 * @i2400m: device descriptor 1085 * 1086 * This starts a renegotiation with the basestation that might involve 1087 * another crypto handshake with user space. 1088 * 1089 * Returns: 0 if ok, < 0 errno code on error. 1090 */ 1091int i2400m_cmd_exit_idle(struct i2400m *i2400m) 1092{ 1093 int result; 1094 struct device *dev = i2400m_dev(i2400m); 1095 struct sk_buff *ack_skb; 1096 struct i2400m_l3l4_hdr *cmd; 1097 char strerr[32]; 1098 1099 result = -ENOMEM; 1100 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL); 1101 if (cmd == NULL) 1102 goto error_alloc; 1103 cmd->type = cpu_to_le16(I2400M_MT_CMD_EXIT_IDLE); 1104 cmd->length = 0; 1105 cmd->version = cpu_to_le16(I2400M_L3L4_VERSION); 1106 1107 ack_skb = i2400m_msg_to_dev(i2400m, cmd, sizeof(*cmd)); 1108 result = PTR_ERR(ack_skb); 1109 if (IS_ERR(ack_skb)) { 1110 dev_err(dev, "Failed to issue 'exit idle' command: %d\n", 1111 result); 1112 goto error_msg_to_dev; 1113 } 1114 result = i2400m_msg_check_status(wimax_msg_data(ack_skb), 1115 strerr, sizeof(strerr)); 1116 kfree_skb(ack_skb); 1117error_msg_to_dev: 1118 kfree(cmd); 1119error_alloc: 1120 return result; 1121 1122} 1123 1124 1125/* 1126 * Query the device for its state, update the WiMAX stack's idea of it 1127 * 1128 * @i2400m: device descriptor 1129 * 1130 * Returns: 0 if ok, < 0 errno code on error. 1131 * 1132 * Executes a 'Get State' command and parses the returned 1133 * TLVs. 1134 * 1135 * Because this is almost identical to a 'Report State', we use 1136 * i2400m_report_state_hook() to parse the answer. This will set the 1137 * carrier state, as well as the RF Kill switches state. 1138 */ 1139static int i2400m_cmd_get_state(struct i2400m *i2400m) 1140{ 1141 int result; 1142 struct device *dev = i2400m_dev(i2400m); 1143 struct sk_buff *ack_skb; 1144 struct i2400m_l3l4_hdr *cmd; 1145 const struct i2400m_l3l4_hdr *ack; 1146 size_t ack_len; 1147 char strerr[32]; 1148 1149 result = -ENOMEM; 1150 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL); 1151 if (cmd == NULL) 1152 goto error_alloc; 1153 cmd->type = cpu_to_le16(I2400M_MT_GET_STATE); 1154 cmd->length = 0; 1155 cmd->version = cpu_to_le16(I2400M_L3L4_VERSION); 1156 1157 ack_skb = i2400m_msg_to_dev(i2400m, cmd, sizeof(*cmd)); 1158 if (IS_ERR(ack_skb)) { 1159 dev_err(dev, "Failed to issue 'get state' command: %ld\n", 1160 PTR_ERR(ack_skb)); 1161 result = PTR_ERR(ack_skb); 1162 goto error_msg_to_dev; 1163 } 1164 ack = wimax_msg_data_len(ack_skb, &ack_len); 1165 result = i2400m_msg_check_status(ack, strerr, sizeof(strerr)); 1166 if (result < 0) { 1167 dev_err(dev, "'get state' (0x%04x) command failed: " 1168 "%d - %s\n", I2400M_MT_GET_STATE, result, strerr); 1169 goto error_cmd_failed; 1170 } 1171 i2400m_report_state_hook(i2400m, ack, ack_len - sizeof(*ack), 1172 "GET STATE"); 1173 result = 0; 1174 kfree_skb(ack_skb); 1175error_cmd_failed: 1176error_msg_to_dev: 1177 kfree(cmd); 1178error_alloc: 1179 return result; 1180} 1181 1182/** 1183 * Set basic configuration settings 1184 * 1185 * @i2400m: device descriptor 1186 * @args: array of pointers to the TLV headers to send for 1187 * configuration (each followed by its payload). 1188 * TLV headers and payloads must be properly initialized, with the 1189 * right endianess (LE). 1190 * @arg_size: number of pointers in the @args array 1191 */ 1192static int i2400m_set_init_config(struct i2400m *i2400m, 1193 const struct i2400m_tlv_hdr **arg, 1194 size_t args) 1195{ 1196 int result; 1197 struct device *dev = i2400m_dev(i2400m); 1198 struct sk_buff *ack_skb; 1199 struct i2400m_l3l4_hdr *cmd; 1200 char strerr[32]; 1201 unsigned argc, argsize, tlv_size; 1202 const struct i2400m_tlv_hdr *tlv_hdr; 1203 void *buf, *itr; 1204 1205 d_fnstart(3, dev, "(i2400m %p arg %p args %zu)\n", i2400m, arg, args); 1206 result = 0; 1207 if (args == 0) 1208 goto none; 1209 /* Compute the size of all the TLVs, so we can alloc a 1210 * contiguous command block to copy them. */ 1211 argsize = 0; 1212 for (argc = 0; argc < args; argc++) { 1213 tlv_hdr = arg[argc]; 1214 argsize += sizeof(*tlv_hdr) + le16_to_cpu(tlv_hdr->length); 1215 } 1216 WARN_ON(argc >= 9); /* As per hw spec */ 1217 1218 /* Alloc the space for the command and TLVs*/ 1219 result = -ENOMEM; 1220 buf = kzalloc(sizeof(*cmd) + argsize, GFP_KERNEL); 1221 if (buf == NULL) 1222 goto error_alloc; 1223 cmd = buf; 1224 cmd->type = cpu_to_le16(I2400M_MT_SET_INIT_CONFIG); 1225 cmd->length = cpu_to_le16(argsize); 1226 cmd->version = cpu_to_le16(I2400M_L3L4_VERSION); 1227 1228 /* Copy the TLVs */ 1229 itr = buf + sizeof(*cmd); 1230 for (argc = 0; argc < args; argc++) { 1231 tlv_hdr = arg[argc]; 1232 tlv_size = sizeof(*tlv_hdr) + le16_to_cpu(tlv_hdr->length); 1233 memcpy(itr, tlv_hdr, tlv_size); 1234 itr += tlv_size; 1235 } 1236 1237 /* Send the message! */ 1238 ack_skb = i2400m_msg_to_dev(i2400m, buf, sizeof(*cmd) + argsize); 1239 result = PTR_ERR(ack_skb); 1240 if (IS_ERR(ack_skb)) { 1241 dev_err(dev, "Failed to issue 'init config' command: %d\n", 1242 result); 1243 1244 goto error_msg_to_dev; 1245 } 1246 result = i2400m_msg_check_status(wimax_msg_data(ack_skb), 1247 strerr, sizeof(strerr)); 1248 if (result < 0) 1249 dev_err(dev, "'init config' (0x%04x) command failed: %d - %s\n", 1250 I2400M_MT_SET_INIT_CONFIG, result, strerr); 1251 kfree_skb(ack_skb); 1252error_msg_to_dev: 1253 kfree(buf); 1254error_alloc: 1255none: 1256 d_fnend(3, dev, "(i2400m %p arg %p args %zu) = %d\n", 1257 i2400m, arg, args, result); 1258 return result; 1259 1260} 1261 1262/** 1263 * i2400m_set_idle_timeout - Set the device's idle mode timeout 1264 * 1265 * @i2400m: i2400m device descriptor 1266 * 1267 * @msecs: milliseconds for the timeout to enter idle mode. Between 1268 * 100 to 300000 (5m); 0 to disable. In increments of 100. 1269 * 1270 * After this @msecs of the link being idle (no data being sent or 1271 * received), the device will negotiate with the basestation entering 1272 * idle mode for saving power. The connection is maintained, but 1273 * getting out of it (done in tx.c) will require some negotiation, 1274 * possible crypto re-handshake and a possible DHCP re-lease. 1275 * 1276 * Only available if fw_version >= 0x00090002. 1277 * 1278 * Returns: 0 if ok, < 0 errno code on error. 1279 */ 1280int i2400m_set_idle_timeout(struct i2400m *i2400m, unsigned msecs) 1281{ 1282 int result; 1283 struct device *dev = i2400m_dev(i2400m); 1284 struct sk_buff *ack_skb; 1285 struct { 1286 struct i2400m_l3l4_hdr hdr; 1287 struct i2400m_tlv_config_idle_timeout cit; 1288 } *cmd; 1289 const struct i2400m_l3l4_hdr *ack; 1290 size_t ack_len; 1291 char strerr[32]; 1292 1293 result = -ENOSYS; 1294 if (i2400m_le_v1_3(i2400m)) 1295 goto error_alloc; 1296 result = -ENOMEM; 1297 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL); 1298 if (cmd == NULL) 1299 goto error_alloc; 1300 cmd->hdr.type = cpu_to_le16(I2400M_MT_GET_STATE); 1301 cmd->hdr.length = cpu_to_le16(sizeof(*cmd) - sizeof(cmd->hdr)); 1302 cmd->hdr.version = cpu_to_le16(I2400M_L3L4_VERSION); 1303 1304 cmd->cit.hdr.type = 1305 cpu_to_le16(I2400M_TLV_CONFIG_IDLE_TIMEOUT); 1306 cmd->cit.hdr.length = cpu_to_le16(sizeof(cmd->cit.timeout)); 1307 cmd->cit.timeout = cpu_to_le32(msecs); 1308 1309 ack_skb = i2400m_msg_to_dev(i2400m, cmd, sizeof(*cmd)); 1310 if (IS_ERR(ack_skb)) { 1311 dev_err(dev, "Failed to issue 'set idle timeout' command: " 1312 "%ld\n", PTR_ERR(ack_skb)); 1313 result = PTR_ERR(ack_skb); 1314 goto error_msg_to_dev; 1315 } 1316 ack = wimax_msg_data_len(ack_skb, &ack_len); 1317 result = i2400m_msg_check_status(ack, strerr, sizeof(strerr)); 1318 if (result < 0) { 1319 dev_err(dev, "'set idle timeout' (0x%04x) command failed: " 1320 "%d - %s\n", I2400M_MT_GET_STATE, result, strerr); 1321 goto error_cmd_failed; 1322 } 1323 result = 0; 1324 kfree_skb(ack_skb); 1325error_cmd_failed: 1326error_msg_to_dev: 1327 kfree(cmd); 1328error_alloc: 1329 return result; 1330} 1331 1332 1333/** 1334 * i2400m_dev_initialize - Initialize the device once communications are ready 1335 * 1336 * @i2400m: device descriptor 1337 * 1338 * Returns: 0 if ok, < 0 errno code on error. 1339 * 1340 * Configures the device to work the way we like it. 1341 * 1342 * At the point of this call, the device is registered with the WiMAX 1343 * and netdev stacks, firmware is uploaded and we can talk to the 1344 * device normally. 1345 */ 1346int i2400m_dev_initialize(struct i2400m *i2400m) 1347{ 1348 int result; 1349 struct device *dev = i2400m_dev(i2400m); 1350 struct i2400m_tlv_config_idle_parameters idle_params; 1351 struct i2400m_tlv_config_idle_timeout idle_timeout; 1352 struct i2400m_tlv_config_d2h_data_format df; 1353 struct i2400m_tlv_config_dl_host_reorder dlhr; 1354 const struct i2400m_tlv_hdr *args[9]; 1355 unsigned argc = 0; 1356 1357 d_fnstart(3, dev, "(i2400m %p)\n", i2400m); 1358 if (i2400m_passive_mode) 1359 goto out_passive; 1360 /* Disable idle mode? (enabled by default) */ 1361 if (i2400m_idle_mode_disabled) { 1362 if (i2400m_le_v1_3(i2400m)) { 1363 idle_params.hdr.type = 1364 cpu_to_le16(I2400M_TLV_CONFIG_IDLE_PARAMETERS); 1365 idle_params.hdr.length = cpu_to_le16( 1366 sizeof(idle_params) - sizeof(idle_params.hdr)); 1367 idle_params.idle_timeout = 0; 1368 idle_params.idle_paging_interval = 0; 1369 args[argc++] = &idle_params.hdr; 1370 } else { 1371 idle_timeout.hdr.type = 1372 cpu_to_le16(I2400M_TLV_CONFIG_IDLE_TIMEOUT); 1373 idle_timeout.hdr.length = cpu_to_le16( 1374 sizeof(idle_timeout) - sizeof(idle_timeout.hdr)); 1375 idle_timeout.timeout = 0; 1376 args[argc++] = &idle_timeout.hdr; 1377 } 1378 } 1379 if (i2400m_ge_v1_4(i2400m)) { 1380 /* Enable extended RX data format? */ 1381 df.hdr.type = 1382 cpu_to_le16(I2400M_TLV_CONFIG_D2H_DATA_FORMAT); 1383 df.hdr.length = cpu_to_le16( 1384 sizeof(df) - sizeof(df.hdr)); 1385 df.format = 1; 1386 args[argc++] = &df.hdr; 1387 1388 /* Enable RX data reordering? 1389 * (switch flipped in rx.c:i2400m_rx_setup() after fw upload) */ 1390 if (i2400m->rx_reorder) { 1391 dlhr.hdr.type = 1392 cpu_to_le16(I2400M_TLV_CONFIG_DL_HOST_REORDER); 1393 dlhr.hdr.length = cpu_to_le16( 1394 sizeof(dlhr) - sizeof(dlhr.hdr)); 1395 dlhr.reorder = 1; 1396 args[argc++] = &dlhr.hdr; 1397 } 1398 } 1399 result = i2400m_set_init_config(i2400m, args, argc); 1400 if (result < 0) 1401 goto error; 1402out_passive: 1403 /* 1404 * Update state: Here it just calls a get state; parsing the 1405 * result (System State TLV and RF Status TLV [done in the rx 1406 * path hooks]) will set the hardware and software RF-Kill 1407 * status. 1408 */ 1409 result = i2400m_cmd_get_state(i2400m); 1410error: 1411 if (result < 0) 1412 dev_err(dev, "failed to initialize the device: %d\n", result); 1413 d_fnend(3, dev, "(i2400m %p) = %d\n", i2400m, result); 1414 return result; 1415} 1416 1417 1418/** 1419 * i2400m_dev_shutdown - Shutdown a running device 1420 * 1421 * @i2400m: device descriptor 1422 * 1423 * Release resources acquired during the running of the device; in 1424 * theory, should also tell the device to go to sleep, switch off the 1425 * radio, all that, but at this point, in most cases (driver 1426 * disconnection, reset handling) we can't even talk to the device. 1427 */ 1428void i2400m_dev_shutdown(struct i2400m *i2400m) 1429{ 1430 struct device *dev = i2400m_dev(i2400m); 1431 1432 d_fnstart(3, dev, "(i2400m %p)\n", i2400m); 1433 d_fnend(3, dev, "(i2400m %p) = void\n", i2400m); 1434} 1435