1/* 2 * Intel Wireless WiMAX Connection 2400m 3 * Miscellaneous control functions for managing the device 4 * 5 * 6 * Copyright (C) 2007-2008 Intel Corporation. All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 12 * * Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * * Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in 16 * the documentation and/or other materials provided with the 17 * distribution. 18 * * Neither the name of Intel Corporation nor the names of its 19 * contributors may be used to endorse or promote products derived 20 * from this software without specific prior written permission. 21 * 22 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 23 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 24 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 25 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 26 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 27 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 28 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 29 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 30 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 31 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 32 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 33 * 34 * 35 * Intel Corporation <linux-wimax@intel.com> 36 * Inaky Perez-Gonzalez <inaky.perez-gonzalez@intel.com> 37 * - Initial implementation 38 * 39 * This is a collection of functions used to control the device (plus 40 * a few helpers). 41 * 42 * There are utilities for handling TLV buffers, hooks on the device's 43 * reports to act on device changes of state [i2400m_report_hook()], 44 * on acks to commands [i2400m_msg_ack_hook()], a helper for sending 45 * commands to the device and blocking until a reply arrives 46 * [i2400m_msg_to_dev()], a few high level commands for manipulating 47 * the device state, powersving mode and configuration plus the 48 * routines to setup the device once communication is stablished with 49 * it [i2400m_dev_initialize()]. 50 * 51 * ROADMAP 52 * 53 * i2400m_dev_initialize() Called by i2400m_dev_start() 54 * i2400m_set_init_config() 55 * i2400m_cmd_get_state() 56 * i2400m_dev_shutdown() Called by i2400m_dev_stop() 57 * i2400m_reset() 58 * 59 * i2400m_{cmd,get,set}_*() 60 * i2400m_msg_to_dev() 61 * i2400m_msg_check_status() 62 * 63 * i2400m_report_hook() Called on reception of an event 64 * i2400m_report_state_hook() 65 * i2400m_tlv_buffer_walk() 66 * i2400m_tlv_match() 67 * i2400m_report_tlv_system_state() 68 * i2400m_report_tlv_rf_switches_status() 69 * i2400m_report_tlv_media_status() 70 * i2400m_cmd_enter_powersave() 71 * 72 * i2400m_msg_ack_hook() Called on reception of a reply to a 73 * command, get or set 74 */ 75 76#include <stdarg.h> 77#include "i2400m.h" 78#include <linux/kernel.h> 79#include <linux/slab.h> 80#include <linux/wimax/i2400m.h> 81 82 83#define D_SUBMODULE control 84#include "debug-levels.h" 85 86static int i2400m_idle_mode_disabled;/* 0 (idle mode enabled) by default */ 87module_param_named(idle_mode_disabled, i2400m_idle_mode_disabled, int, 0644); 88MODULE_PARM_DESC(idle_mode_disabled, 89 "If true, the device will not enable idle mode negotiation " 90 "with the base station (when connected) to save power."); 91 92/* 0 (power saving enabled) by default */ 93static int i2400m_power_save_disabled; 94module_param_named(power_save_disabled, i2400m_power_save_disabled, int, 0644); 95MODULE_PARM_DESC(power_save_disabled, 96 "If true, the driver will not tell the device to enter " 97 "power saving mode when it reports it is ready for it. " 98 "False by default (so the device is told to do power " 99 "saving)."); 100 101int i2400m_passive_mode; /* 0 (passive mode disabled) by default */ 102module_param_named(passive_mode, i2400m_passive_mode, int, 0644); 103MODULE_PARM_DESC(passive_mode, 104 "If true, the driver will not do any device setup " 105 "and leave it up to user space, who must be properly " 106 "setup."); 107 108 109/* 110 * Return if a TLV is of a give type and size 111 * 112 * @tlv_hdr: pointer to the TLV 113 * @tlv_type: type of the TLV we are looking for 114 * @tlv_size: expected size of the TLV we are looking for (if -1, 115 * don't check the size). This includes the header 116 * Returns: 0 if the TLV matches 117 * < 0 if it doesn't match at all 118 * > 0 total TLV + payload size, if the type matches, but not 119 * the size 120 */ 121static 122ssize_t i2400m_tlv_match(const struct i2400m_tlv_hdr *tlv, 123 enum i2400m_tlv tlv_type, ssize_t tlv_size) 124{ 125 if (le16_to_cpu(tlv->type) != tlv_type) /* Not our type? skip */ 126 return -1; 127 if (tlv_size != -1 128 && le16_to_cpu(tlv->length) + sizeof(*tlv) != tlv_size) { 129 size_t size = le16_to_cpu(tlv->length) + sizeof(*tlv); 130 printk(KERN_WARNING "W: tlv type 0x%x mismatched because of " 131 "size (got %zu vs %zu expected)\n", 132 tlv_type, size, tlv_size); 133 return size; 134 } 135 return 0; 136} 137 138 139/* 140 * Given a buffer of TLVs, iterate over them 141 * 142 * @i2400m: device instance 143 * @tlv_buf: pointer to the beginning of the TLV buffer 144 * @buf_size: buffer size in bytes 145 * @tlv_pos: seek position; this is assumed to be a pointer returned 146 * by i2400m_tlv_buffer_walk() [and thus, validated]. The 147 * TLV returned will be the one following this one. 148 * 149 * Usage: 150 * 151 * tlv_itr = NULL; 152 * while (tlv_itr = i2400m_tlv_buffer_walk(i2400m, buf, size, tlv_itr)) { 153 * ... 154 * // Do stuff with tlv_itr, DON'T MODIFY IT 155 * ... 156 * } 157 */ 158static 159const struct i2400m_tlv_hdr *i2400m_tlv_buffer_walk( 160 struct i2400m *i2400m, 161 const void *tlv_buf, size_t buf_size, 162 const struct i2400m_tlv_hdr *tlv_pos) 163{ 164 struct device *dev = i2400m_dev(i2400m); 165 const struct i2400m_tlv_hdr *tlv_top = tlv_buf + buf_size; 166 size_t offset, length, avail_size; 167 unsigned type; 168 169 if (tlv_pos == NULL) /* Take the first one? */ 170 tlv_pos = tlv_buf; 171 else /* Nope, the next one */ 172 tlv_pos = (void *) tlv_pos 173 + le16_to_cpu(tlv_pos->length) + sizeof(*tlv_pos); 174 if (tlv_pos == tlv_top) { /* buffer done */ 175 tlv_pos = NULL; 176 goto error_beyond_end; 177 } 178 if (tlv_pos > tlv_top) { 179 tlv_pos = NULL; 180 WARN_ON(1); 181 goto error_beyond_end; 182 } 183 offset = (void *) tlv_pos - (void *) tlv_buf; 184 avail_size = buf_size - offset; 185 if (avail_size < sizeof(*tlv_pos)) { 186 dev_err(dev, "HW BUG? tlv_buf %p [%zu bytes], tlv @%zu: " 187 "short header\n", tlv_buf, buf_size, offset); 188 goto error_short_header; 189 } 190 type = le16_to_cpu(tlv_pos->type); 191 length = le16_to_cpu(tlv_pos->length); 192 if (avail_size < sizeof(*tlv_pos) + length) { 193 dev_err(dev, "HW BUG? tlv_buf %p [%zu bytes], " 194 "tlv type 0x%04x @%zu: " 195 "short data (%zu bytes vs %zu needed)\n", 196 tlv_buf, buf_size, type, offset, avail_size, 197 sizeof(*tlv_pos) + length); 198 goto error_short_header; 199 } 200error_short_header: 201error_beyond_end: 202 return tlv_pos; 203} 204 205 206/* 207 * Find a TLV in a buffer of sequential TLVs 208 * 209 * @i2400m: device descriptor 210 * @tlv_hdr: pointer to the first TLV in the sequence 211 * @size: size of the buffer in bytes; all TLVs are assumed to fit 212 * fully in the buffer (otherwise we'll complain). 213 * @tlv_type: type of the TLV we are looking for 214 * @tlv_size: expected size of the TLV we are looking for (if -1, 215 * don't check the size). This includes the header 216 * 217 * Returns: NULL if the TLV is not found, otherwise a pointer to 218 * it. If the sizes don't match, an error is printed and NULL 219 * returned. 220 */ 221static 222const struct i2400m_tlv_hdr *i2400m_tlv_find( 223 struct i2400m *i2400m, 224 const struct i2400m_tlv_hdr *tlv_hdr, size_t size, 225 enum i2400m_tlv tlv_type, ssize_t tlv_size) 226{ 227 ssize_t match; 228 struct device *dev = i2400m_dev(i2400m); 229 const struct i2400m_tlv_hdr *tlv = NULL; 230 while ((tlv = i2400m_tlv_buffer_walk(i2400m, tlv_hdr, size, tlv))) { 231 match = i2400m_tlv_match(tlv, tlv_type, tlv_size); 232 if (match == 0) /* found it :) */ 233 break; 234 if (match > 0) 235 dev_warn(dev, "TLV type 0x%04x found with size " 236 "mismatch (%zu vs %zu needed)\n", 237 tlv_type, match, tlv_size); 238 } 239 return tlv; 240} 241 242 243static const struct 244{ 245 char *msg; 246 int errno; 247} ms_to_errno[I2400M_MS_MAX] = { 248 [I2400M_MS_DONE_OK] = { "", 0 }, 249 [I2400M_MS_DONE_IN_PROGRESS] = { "", 0 }, 250 [I2400M_MS_INVALID_OP] = { "invalid opcode", -ENOSYS }, 251 [I2400M_MS_BAD_STATE] = { "invalid state", -EILSEQ }, 252 [I2400M_MS_ILLEGAL_VALUE] = { "illegal value", -EINVAL }, 253 [I2400M_MS_MISSING_PARAMS] = { "missing parameters", -ENOMSG }, 254 [I2400M_MS_VERSION_ERROR] = { "bad version", -EIO }, 255 [I2400M_MS_ACCESSIBILITY_ERROR] = { "accesibility error", -EIO }, 256 [I2400M_MS_BUSY] = { "busy", -EBUSY }, 257 [I2400M_MS_CORRUPTED_TLV] = { "corrupted TLV", -EILSEQ }, 258 [I2400M_MS_UNINITIALIZED] = { "not unitialized", -EILSEQ }, 259 [I2400M_MS_UNKNOWN_ERROR] = { "unknown error", -EIO }, 260 [I2400M_MS_PRODUCTION_ERROR] = { "production error", -EIO }, 261 [I2400M_MS_NO_RF] = { "no RF", -EIO }, 262 [I2400M_MS_NOT_READY_FOR_POWERSAVE] = 263 { "not ready for powersave", -EACCES }, 264 [I2400M_MS_THERMAL_CRITICAL] = { "thermal critical", -EL3HLT }, 265}; 266 267 268/* 269 * i2400m_msg_check_status - translate a message's status code 270 * 271 * @i2400m: device descriptor 272 * @l3l4_hdr: message header 273 * @strbuf: buffer to place a formatted error message (unless NULL). 274 * @strbuf_size: max amount of available space; larger messages will 275 * be truncated. 276 * 277 * Returns: errno code corresponding to the status code in @l3l4_hdr 278 * and a message in @strbuf describing the error. 279 */ 280int i2400m_msg_check_status(const struct i2400m_l3l4_hdr *l3l4_hdr, 281 char *strbuf, size_t strbuf_size) 282{ 283 int result; 284 enum i2400m_ms status = le16_to_cpu(l3l4_hdr->status); 285 const char *str; 286 287 if (status == 0) 288 return 0; 289 if (status >= ARRAY_SIZE(ms_to_errno)) { 290 str = "unknown status code"; 291 result = -EBADR; 292 } else { 293 str = ms_to_errno[status].msg; 294 result = ms_to_errno[status].errno; 295 } 296 if (strbuf) 297 snprintf(strbuf, strbuf_size, "%s (%d)", str, status); 298 return result; 299} 300 301 302/* 303 * Act on a TLV System State reported by the device 304 * 305 * @i2400m: device descriptor 306 * @ss: validated System State TLV 307 */ 308static 309void i2400m_report_tlv_system_state(struct i2400m *i2400m, 310 const struct i2400m_tlv_system_state *ss) 311{ 312 struct device *dev = i2400m_dev(i2400m); 313 struct wimax_dev *wimax_dev = &i2400m->wimax_dev; 314 enum i2400m_system_state i2400m_state = le32_to_cpu(ss->state); 315 316 d_fnstart(3, dev, "(i2400m %p ss %p [%u])\n", i2400m, ss, i2400m_state); 317 318 if (i2400m->state != i2400m_state) { 319 i2400m->state = i2400m_state; 320 wake_up_all(&i2400m->state_wq); 321 } 322 switch (i2400m_state) { 323 case I2400M_SS_UNINITIALIZED: 324 case I2400M_SS_INIT: 325 case I2400M_SS_CONFIG: 326 case I2400M_SS_PRODUCTION: 327 wimax_state_change(wimax_dev, WIMAX_ST_UNINITIALIZED); 328 break; 329 330 case I2400M_SS_RF_OFF: 331 case I2400M_SS_RF_SHUTDOWN: 332 wimax_state_change(wimax_dev, WIMAX_ST_RADIO_OFF); 333 break; 334 335 case I2400M_SS_READY: 336 case I2400M_SS_STANDBY: 337 case I2400M_SS_SLEEPACTIVE: 338 wimax_state_change(wimax_dev, WIMAX_ST_READY); 339 break; 340 341 case I2400M_SS_CONNECTING: 342 case I2400M_SS_WIMAX_CONNECTED: 343 wimax_state_change(wimax_dev, WIMAX_ST_READY); 344 break; 345 346 case I2400M_SS_SCAN: 347 case I2400M_SS_OUT_OF_ZONE: 348 wimax_state_change(wimax_dev, WIMAX_ST_SCANNING); 349 break; 350 351 case I2400M_SS_IDLE: 352 d_printf(1, dev, "entering BS-negotiated idle mode\n"); 353 case I2400M_SS_DISCONNECTING: 354 case I2400M_SS_DATA_PATH_CONNECTED: 355 wimax_state_change(wimax_dev, WIMAX_ST_CONNECTED); 356 break; 357 358 default: 359 /* Huh? just in case, shut it down */ 360 dev_err(dev, "HW BUG? unknown state %u: shutting down\n", 361 i2400m_state); 362 i2400m_reset(i2400m, I2400M_RT_WARM); 363 break; 364 } 365 d_fnend(3, dev, "(i2400m %p ss %p [%u]) = void\n", 366 i2400m, ss, i2400m_state); 367} 368 369 370/* 371 * Parse and act on a TLV Media Status sent by the device 372 * 373 * @i2400m: device descriptor 374 * @ms: validated Media Status TLV 375 * 376 * This will set the carrier up on down based on the device's link 377 * report. This is done asides of what the WiMAX stack does based on 378 * the device's state as sometimes we need to do a link-renew (the BS 379 * wants us to renew a DHCP lease, for example). 380 * 381 * In fact, doc says that everytime we get a link-up, we should do a 382 * DHCP negotiation... 383 */ 384static 385void i2400m_report_tlv_media_status(struct i2400m *i2400m, 386 const struct i2400m_tlv_media_status *ms) 387{ 388 struct device *dev = i2400m_dev(i2400m); 389 struct wimax_dev *wimax_dev = &i2400m->wimax_dev; 390 struct net_device *net_dev = wimax_dev->net_dev; 391 enum i2400m_media_status status = le32_to_cpu(ms->media_status); 392 393 d_fnstart(3, dev, "(i2400m %p ms %p [%u])\n", i2400m, ms, status); 394 395 switch (status) { 396 case I2400M_MEDIA_STATUS_LINK_UP: 397 netif_carrier_on(net_dev); 398 break; 399 case I2400M_MEDIA_STATUS_LINK_DOWN: 400 netif_carrier_off(net_dev); 401 break; 402 /* 403 * This is the network telling us we need to retrain the DHCP 404 * lease -- so far, we are trusting the WiMAX Network Service 405 * in user space to pick this up and poke the DHCP client. 406 */ 407 case I2400M_MEDIA_STATUS_LINK_RENEW: 408 netif_carrier_on(net_dev); 409 break; 410 default: 411 dev_err(dev, "HW BUG? unknown media status %u\n", 412 status); 413 } 414 d_fnend(3, dev, "(i2400m %p ms %p [%u]) = void\n", 415 i2400m, ms, status); 416} 417 418 419/* 420 * Process a TLV from a 'state report' 421 * 422 * @i2400m: device descriptor 423 * @tlv: pointer to the TLV header; it has been already validated for 424 * consistent size. 425 * @tag: for error messages 426 * 427 * Act on the TLVs from a 'state report'. 428 */ 429static 430void i2400m_report_state_parse_tlv(struct i2400m *i2400m, 431 const struct i2400m_tlv_hdr *tlv, 432 const char *tag) 433{ 434 struct device *dev = i2400m_dev(i2400m); 435 const struct i2400m_tlv_media_status *ms; 436 const struct i2400m_tlv_system_state *ss; 437 const struct i2400m_tlv_rf_switches_status *rfss; 438 439 if (0 == i2400m_tlv_match(tlv, I2400M_TLV_SYSTEM_STATE, sizeof(*ss))) { 440 ss = container_of(tlv, typeof(*ss), hdr); 441 d_printf(2, dev, "%s: system state TLV " 442 "found (0x%04x), state 0x%08x\n", 443 tag, I2400M_TLV_SYSTEM_STATE, 444 le32_to_cpu(ss->state)); 445 i2400m_report_tlv_system_state(i2400m, ss); 446 } 447 if (0 == i2400m_tlv_match(tlv, I2400M_TLV_RF_STATUS, sizeof(*rfss))) { 448 rfss = container_of(tlv, typeof(*rfss), hdr); 449 d_printf(2, dev, "%s: RF status TLV " 450 "found (0x%04x), sw 0x%02x hw 0x%02x\n", 451 tag, I2400M_TLV_RF_STATUS, 452 le32_to_cpu(rfss->sw_rf_switch), 453 le32_to_cpu(rfss->hw_rf_switch)); 454 i2400m_report_tlv_rf_switches_status(i2400m, rfss); 455 } 456 if (0 == i2400m_tlv_match(tlv, I2400M_TLV_MEDIA_STATUS, sizeof(*ms))) { 457 ms = container_of(tlv, typeof(*ms), hdr); 458 d_printf(2, dev, "%s: Media Status TLV: %u\n", 459 tag, le32_to_cpu(ms->media_status)); 460 i2400m_report_tlv_media_status(i2400m, ms); 461 } 462} 463 464 465/* 466 * Parse a 'state report' and extract information 467 * 468 * @i2400m: device descriptor 469 * @l3l4_hdr: pointer to message; it has been already validated for 470 * consistent size. 471 * @size: size of the message (header + payload). The header length 472 * declaration is assumed to be congruent with @size (as in 473 * sizeof(*l3l4_hdr) + l3l4_hdr->length == size) 474 * 475 * Walk over the TLVs in a report state and act on them. 476 */ 477static 478void i2400m_report_state_hook(struct i2400m *i2400m, 479 const struct i2400m_l3l4_hdr *l3l4_hdr, 480 size_t size, const char *tag) 481{ 482 struct device *dev = i2400m_dev(i2400m); 483 const struct i2400m_tlv_hdr *tlv; 484 size_t tlv_size = le16_to_cpu(l3l4_hdr->length); 485 486 d_fnstart(4, dev, "(i2400m %p, l3l4_hdr %p, size %zu, %s)\n", 487 i2400m, l3l4_hdr, size, tag); 488 tlv = NULL; 489 490 while ((tlv = i2400m_tlv_buffer_walk(i2400m, &l3l4_hdr->pl, 491 tlv_size, tlv))) 492 i2400m_report_state_parse_tlv(i2400m, tlv, tag); 493 d_fnend(4, dev, "(i2400m %p, l3l4_hdr %p, size %zu, %s) = void\n", 494 i2400m, l3l4_hdr, size, tag); 495} 496 497 498/* 499 * i2400m_report_hook - (maybe) act on a report 500 * 501 * @i2400m: device descriptor 502 * @l3l4_hdr: pointer to message; it has been already validated for 503 * consistent size. 504 * @size: size of the message (header + payload). The header length 505 * declaration is assumed to be congruent with @size (as in 506 * sizeof(*l3l4_hdr) + l3l4_hdr->length == size) 507 * 508 * Extract information we might need (like carrien on/off) from a 509 * device report. 510 */ 511void i2400m_report_hook(struct i2400m *i2400m, 512 const struct i2400m_l3l4_hdr *l3l4_hdr, size_t size) 513{ 514 struct device *dev = i2400m_dev(i2400m); 515 unsigned msg_type; 516 517 d_fnstart(3, dev, "(i2400m %p l3l4_hdr %p size %zu)\n", 518 i2400m, l3l4_hdr, size); 519 /* Chew on the message, we might need some information from 520 * here */ 521 msg_type = le16_to_cpu(l3l4_hdr->type); 522 switch (msg_type) { 523 case I2400M_MT_REPORT_STATE: /* carrier detection... */ 524 i2400m_report_state_hook(i2400m, 525 l3l4_hdr, size, "REPORT STATE"); 526 break; 527 /* If the device is ready for power save, then ask it to do 528 * it. */ 529 case I2400M_MT_REPORT_POWERSAVE_READY: /* zzzzz */ 530 if (l3l4_hdr->status == cpu_to_le16(I2400M_MS_DONE_OK)) { 531 if (i2400m_power_save_disabled) 532 d_printf(1, dev, "ready for powersave, " 533 "not requesting (disabled by module " 534 "parameter)\n"); 535 else { 536 d_printf(1, dev, "ready for powersave, " 537 "requesting\n"); 538 i2400m_cmd_enter_powersave(i2400m); 539 } 540 } 541 break; 542 } 543 d_fnend(3, dev, "(i2400m %p l3l4_hdr %p size %zu) = void\n", 544 i2400m, l3l4_hdr, size); 545} 546 547 548/* 549 * i2400m_msg_ack_hook - process cmd/set/get ack for internal status 550 * 551 * @i2400m: device descriptor 552 * @l3l4_hdr: pointer to message; it has been already validated for 553 * consistent size. 554 * @size: size of the message 555 * 556 * Extract information we might need from acks to commands and act on 557 * it. This is akin to i2400m_report_hook(). Note most of this 558 * processing should be done in the function that calls the 559 * command. This is here for some cases where it can't happen... 560 */ 561void i2400m_msg_ack_hook(struct i2400m *i2400m, 562 const struct i2400m_l3l4_hdr *l3l4_hdr, size_t size) 563{ 564 int result; 565 struct device *dev = i2400m_dev(i2400m); 566 unsigned ack_type, ack_status; 567 char strerr[32]; 568 569 /* Chew on the message, we might need some information from 570 * here */ 571 ack_type = le16_to_cpu(l3l4_hdr->type); 572 ack_status = le16_to_cpu(l3l4_hdr->status); 573 switch (ack_type) { 574 case I2400M_MT_CMD_ENTER_POWERSAVE: 575 /* This is just left here for the sake of example, as 576 * the processing is done somewhere else. */ 577 if (0) { 578 result = i2400m_msg_check_status( 579 l3l4_hdr, strerr, sizeof(strerr)); 580 if (result >= 0) 581 d_printf(1, dev, "ready for power save: %zd\n", 582 size); 583 } 584 break; 585 } 586} 587 588 589/* 590 * i2400m_msg_size_check() - verify message size and header are congruent 591 * 592 * It is ok if the total message size is larger than the expected 593 * size, as there can be padding. 594 */ 595int i2400m_msg_size_check(struct i2400m *i2400m, 596 const struct i2400m_l3l4_hdr *l3l4_hdr, 597 size_t msg_size) 598{ 599 int result; 600 struct device *dev = i2400m_dev(i2400m); 601 size_t expected_size; 602 d_fnstart(4, dev, "(i2400m %p l3l4_hdr %p msg_size %zu)\n", 603 i2400m, l3l4_hdr, msg_size); 604 if (msg_size < sizeof(*l3l4_hdr)) { 605 dev_err(dev, "bad size for message header " 606 "(expected at least %zu, got %zu)\n", 607 (size_t) sizeof(*l3l4_hdr), msg_size); 608 result = -EIO; 609 goto error_hdr_size; 610 } 611 expected_size = le16_to_cpu(l3l4_hdr->length) + sizeof(*l3l4_hdr); 612 if (msg_size < expected_size) { 613 dev_err(dev, "bad size for message code 0x%04x (expected %zu, " 614 "got %zu)\n", le16_to_cpu(l3l4_hdr->type), 615 expected_size, msg_size); 616 result = -EIO; 617 } else 618 result = 0; 619error_hdr_size: 620 d_fnend(4, dev, 621 "(i2400m %p l3l4_hdr %p msg_size %zu) = %d\n", 622 i2400m, l3l4_hdr, msg_size, result); 623 return result; 624} 625 626 627 628/* 629 * Cancel a wait for a command ACK 630 * 631 * @i2400m: device descriptor 632 * @code: [negative] errno code to cancel with (don't use 633 * -EINPROGRESS) 634 * 635 * If there is an ack already filled out, free it. 636 */ 637void i2400m_msg_to_dev_cancel_wait(struct i2400m *i2400m, int code) 638{ 639 struct sk_buff *ack_skb; 640 unsigned long flags; 641 642 spin_lock_irqsave(&i2400m->rx_lock, flags); 643 ack_skb = i2400m->ack_skb; 644 if (ack_skb && !IS_ERR(ack_skb)) 645 kfree_skb(ack_skb); 646 i2400m->ack_skb = ERR_PTR(code); 647 spin_unlock_irqrestore(&i2400m->rx_lock, flags); 648} 649 650 651/** 652 * i2400m_msg_to_dev - Send a control message to the device and get a response 653 * 654 * @i2400m: device descriptor 655 * 656 * @msg_skb: an skb * 657 * 658 * @buf: pointer to the buffer containing the message to be sent; it 659 * has to start with a &struct i2400M_l3l4_hdr and then 660 * followed by the payload. Once this function returns, the 661 * buffer can be reused. 662 * 663 * @buf_len: buffer size 664 * 665 * Returns: 666 * 667 * Pointer to skb containing the ack message. You need to check the 668 * pointer with IS_ERR(), as it might be an error code. Error codes 669 * could happen because: 670 * 671 * - the message wasn't formatted correctly 672 * - couldn't send the message 673 * - failed waiting for a response 674 * - the ack message wasn't formatted correctly 675 * 676 * The returned skb has been allocated with wimax_msg_to_user_alloc(), 677 * it contains the reponse in a netlink attribute and is ready to be 678 * passed up to user space with wimax_msg_to_user_send(). To access 679 * the payload and its length, use wimax_msg_{data,len}() on the skb. 680 * 681 * The skb has to be freed with kfree_skb() once done. 682 * 683 * Description: 684 * 685 * This function delivers a message/command to the device and waits 686 * for an ack to be received. The format is described in 687 * linux/wimax/i2400m.h. In summary, a command/get/set is followed by an 688 * ack. 689 * 690 * This function will not check the ack status, that's left up to the 691 * caller. Once done with the ack skb, it has to be kfree_skb()ed. 692 * 693 * The i2400m handles only one message at the same time, thus we need 694 * the mutex to exclude other players. 695 * 696 * We write the message and then wait for an answer to come back. The 697 * RX path intercepts control messages and handles them in 698 * i2400m_rx_ctl(). Reports (notifications) are (maybe) processed 699 * locally and then forwarded (as needed) to user space on the WiMAX 700 * stack message pipe. Acks are saved and passed back to us through an 701 * skb in i2400m->ack_skb which is ready to be given to generic 702 * netlink if need be. 703 */ 704struct sk_buff *i2400m_msg_to_dev(struct i2400m *i2400m, 705 const void *buf, size_t buf_len) 706{ 707 int result; 708 struct device *dev = i2400m_dev(i2400m); 709 const struct i2400m_l3l4_hdr *msg_l3l4_hdr; 710 struct sk_buff *ack_skb; 711 const struct i2400m_l3l4_hdr *ack_l3l4_hdr; 712 size_t ack_len; 713 int ack_timeout; 714 unsigned msg_type; 715 unsigned long flags; 716 717 d_fnstart(3, dev, "(i2400m %p buf %p len %zu)\n", 718 i2400m, buf, buf_len); 719 720 rmb(); /* Make sure we see what i2400m_dev_reset_handle() */ 721 if (i2400m->boot_mode) 722 return ERR_PTR(-EL3RST); 723 724 msg_l3l4_hdr = buf; 725 /* Check msg & payload consistency */ 726 result = i2400m_msg_size_check(i2400m, msg_l3l4_hdr, buf_len); 727 if (result < 0) 728 goto error_bad_msg; 729 msg_type = le16_to_cpu(msg_l3l4_hdr->type); 730 d_printf(1, dev, "CMD/GET/SET 0x%04x %zu bytes\n", 731 msg_type, buf_len); 732 d_dump(2, dev, buf, buf_len); 733 734 /* Setup the completion, ack_skb ("we are waiting") and send 735 * the message to the device */ 736 mutex_lock(&i2400m->msg_mutex); 737 spin_lock_irqsave(&i2400m->rx_lock, flags); 738 i2400m->ack_skb = ERR_PTR(-EINPROGRESS); 739 spin_unlock_irqrestore(&i2400m->rx_lock, flags); 740 init_completion(&i2400m->msg_completion); 741 result = i2400m_tx(i2400m, buf, buf_len, I2400M_PT_CTRL); 742 if (result < 0) { 743 dev_err(dev, "can't send message 0x%04x: %d\n", 744 le16_to_cpu(msg_l3l4_hdr->type), result); 745 goto error_tx; 746 } 747 748 /* Some commands take longer to execute because of crypto ops, 749 * so we give them some more leeway on timeout */ 750 switch (msg_type) { 751 case I2400M_MT_GET_TLS_OPERATION_RESULT: 752 case I2400M_MT_CMD_SEND_EAP_RESPONSE: 753 ack_timeout = 5 * HZ; 754 break; 755 default: 756 ack_timeout = HZ; 757 } 758 759 if (unlikely(i2400m->trace_msg_from_user)) 760 wimax_msg(&i2400m->wimax_dev, "echo", buf, buf_len, GFP_KERNEL); 761 /* The RX path in rx.c will put any response for this message 762 * in i2400m->ack_skb and wake us up. If we cancel the wait, 763 * we need to change the value of i2400m->ack_skb to something 764 * not -EINPROGRESS so RX knows there is no one waiting. */ 765 result = wait_for_completion_interruptible_timeout( 766 &i2400m->msg_completion, ack_timeout); 767 if (result == 0) { 768 dev_err(dev, "timeout waiting for reply to message 0x%04x\n", 769 msg_type); 770 result = -ETIMEDOUT; 771 i2400m_msg_to_dev_cancel_wait(i2400m, result); 772 goto error_wait_for_completion; 773 } else if (result < 0) { 774 dev_err(dev, "error waiting for reply to message 0x%04x: %d\n", 775 msg_type, result); 776 i2400m_msg_to_dev_cancel_wait(i2400m, result); 777 goto error_wait_for_completion; 778 } 779 780 /* Pull out the ack data from i2400m->ack_skb -- see if it is 781 * an error and act accordingly */ 782 spin_lock_irqsave(&i2400m->rx_lock, flags); 783 ack_skb = i2400m->ack_skb; 784 if (IS_ERR(ack_skb)) 785 result = PTR_ERR(ack_skb); 786 else 787 result = 0; 788 i2400m->ack_skb = NULL; 789 spin_unlock_irqrestore(&i2400m->rx_lock, flags); 790 if (result < 0) 791 goto error_ack_status; 792 ack_l3l4_hdr = wimax_msg_data_len(ack_skb, &ack_len); 793 794 /* Check the ack and deliver it if it is ok */ 795 if (unlikely(i2400m->trace_msg_from_user)) 796 wimax_msg(&i2400m->wimax_dev, "echo", 797 ack_l3l4_hdr, ack_len, GFP_KERNEL); 798 result = i2400m_msg_size_check(i2400m, ack_l3l4_hdr, ack_len); 799 if (result < 0) { 800 dev_err(dev, "HW BUG? reply to message 0x%04x: %d\n", 801 msg_type, result); 802 goto error_bad_ack_len; 803 } 804 if (msg_type != le16_to_cpu(ack_l3l4_hdr->type)) { 805 dev_err(dev, "HW BUG? bad reply 0x%04x to message 0x%04x\n", 806 le16_to_cpu(ack_l3l4_hdr->type), msg_type); 807 result = -EIO; 808 goto error_bad_ack_type; 809 } 810 i2400m_msg_ack_hook(i2400m, ack_l3l4_hdr, ack_len); 811 mutex_unlock(&i2400m->msg_mutex); 812 d_fnend(3, dev, "(i2400m %p buf %p len %zu) = %p\n", 813 i2400m, buf, buf_len, ack_skb); 814 return ack_skb; 815 816error_bad_ack_type: 817error_bad_ack_len: 818 kfree_skb(ack_skb); 819error_ack_status: 820error_wait_for_completion: 821error_tx: 822 mutex_unlock(&i2400m->msg_mutex); 823error_bad_msg: 824 d_fnend(3, dev, "(i2400m %p buf %p len %zu) = %d\n", 825 i2400m, buf, buf_len, result); 826 return ERR_PTR(result); 827} 828 829 830/* 831 * Definitions for the Enter Power Save command 832 * 833 * The Enter Power Save command requests the device to go into power 834 * saving mode. The device will ack or nak the command depending on it 835 * being ready for it. If it acks, we tell the USB subsystem to 836 * 837 * As well, the device might request to go into power saving mode by 838 * sending a report (REPORT_POWERSAVE_READY), in which case, we issue 839 * this command. The hookups in the RX coder allow 840 */ 841enum { 842 I2400M_WAKEUP_ENABLED = 0x01, 843 I2400M_WAKEUP_DISABLED = 0x02, 844 I2400M_TLV_TYPE_WAKEUP_MODE = 144, 845}; 846 847struct i2400m_cmd_enter_power_save { 848 struct i2400m_l3l4_hdr hdr; 849 struct i2400m_tlv_hdr tlv; 850 __le32 val; 851} __packed; 852 853 854/* 855 * Request entering power save 856 * 857 * This command is (mainly) executed when the device indicates that it 858 * is ready to go into powersave mode via a REPORT_POWERSAVE_READY. 859 */ 860int i2400m_cmd_enter_powersave(struct i2400m *i2400m) 861{ 862 int result; 863 struct device *dev = i2400m_dev(i2400m); 864 struct sk_buff *ack_skb; 865 struct i2400m_cmd_enter_power_save *cmd; 866 char strerr[32]; 867 868 result = -ENOMEM; 869 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL); 870 if (cmd == NULL) 871 goto error_alloc; 872 cmd->hdr.type = cpu_to_le16(I2400M_MT_CMD_ENTER_POWERSAVE); 873 cmd->hdr.length = cpu_to_le16(sizeof(*cmd) - sizeof(cmd->hdr)); 874 cmd->hdr.version = cpu_to_le16(I2400M_L3L4_VERSION); 875 cmd->tlv.type = cpu_to_le16(I2400M_TLV_TYPE_WAKEUP_MODE); 876 cmd->tlv.length = cpu_to_le16(sizeof(cmd->val)); 877 cmd->val = cpu_to_le32(I2400M_WAKEUP_ENABLED); 878 879 ack_skb = i2400m_msg_to_dev(i2400m, cmd, sizeof(*cmd)); 880 result = PTR_ERR(ack_skb); 881 if (IS_ERR(ack_skb)) { 882 dev_err(dev, "Failed to issue 'Enter power save' command: %d\n", 883 result); 884 goto error_msg_to_dev; 885 } 886 result = i2400m_msg_check_status(wimax_msg_data(ack_skb), 887 strerr, sizeof(strerr)); 888 if (result == -EACCES) 889 d_printf(1, dev, "Cannot enter power save mode\n"); 890 else if (result < 0) 891 dev_err(dev, "'Enter power save' (0x%04x) command failed: " 892 "%d - %s\n", I2400M_MT_CMD_ENTER_POWERSAVE, 893 result, strerr); 894 else 895 d_printf(1, dev, "device ready to power save\n"); 896 kfree_skb(ack_skb); 897error_msg_to_dev: 898 kfree(cmd); 899error_alloc: 900 return result; 901} 902EXPORT_SYMBOL_GPL(i2400m_cmd_enter_powersave); 903 904 905/* 906 * Definitions for getting device information 907 */ 908enum { 909 I2400M_TLV_DETAILED_DEVICE_INFO = 140 910}; 911 912/** 913 * i2400m_get_device_info - Query the device for detailed device information 914 * 915 * @i2400m: device descriptor 916 * 917 * Returns: an skb whose skb->data points to a 'struct 918 * i2400m_tlv_detailed_device_info'. When done, kfree_skb() it. The 919 * skb is *guaranteed* to contain the whole TLV data structure. 920 * 921 * On error, IS_ERR(skb) is true and ERR_PTR(skb) is the error 922 * code. 923 */ 924struct sk_buff *i2400m_get_device_info(struct i2400m *i2400m) 925{ 926 int result; 927 struct device *dev = i2400m_dev(i2400m); 928 struct sk_buff *ack_skb; 929 struct i2400m_l3l4_hdr *cmd; 930 const struct i2400m_l3l4_hdr *ack; 931 size_t ack_len; 932 const struct i2400m_tlv_hdr *tlv; 933 const struct i2400m_tlv_detailed_device_info *ddi; 934 char strerr[32]; 935 936 ack_skb = ERR_PTR(-ENOMEM); 937 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL); 938 if (cmd == NULL) 939 goto error_alloc; 940 cmd->type = cpu_to_le16(I2400M_MT_GET_DEVICE_INFO); 941 cmd->length = 0; 942 cmd->version = cpu_to_le16(I2400M_L3L4_VERSION); 943 944 ack_skb = i2400m_msg_to_dev(i2400m, cmd, sizeof(*cmd)); 945 if (IS_ERR(ack_skb)) { 946 dev_err(dev, "Failed to issue 'get device info' command: %ld\n", 947 PTR_ERR(ack_skb)); 948 goto error_msg_to_dev; 949 } 950 ack = wimax_msg_data_len(ack_skb, &ack_len); 951 result = i2400m_msg_check_status(ack, strerr, sizeof(strerr)); 952 if (result < 0) { 953 dev_err(dev, "'get device info' (0x%04x) command failed: " 954 "%d - %s\n", I2400M_MT_GET_DEVICE_INFO, result, 955 strerr); 956 goto error_cmd_failed; 957 } 958 tlv = i2400m_tlv_find(i2400m, ack->pl, ack_len - sizeof(*ack), 959 I2400M_TLV_DETAILED_DEVICE_INFO, sizeof(*ddi)); 960 if (tlv == NULL) { 961 dev_err(dev, "GET DEVICE INFO: " 962 "detailed device info TLV not found (0x%04x)\n", 963 I2400M_TLV_DETAILED_DEVICE_INFO); 964 result = -EIO; 965 goto error_no_tlv; 966 } 967 skb_pull(ack_skb, (void *) tlv - (void *) ack_skb->data); 968error_msg_to_dev: 969 kfree(cmd); 970error_alloc: 971 return ack_skb; 972 973error_no_tlv: 974error_cmd_failed: 975 kfree_skb(ack_skb); 976 kfree(cmd); 977 return ERR_PTR(result); 978} 979 980 981/* Firmware interface versions we support */ 982enum { 983 I2400M_HDIv_MAJOR = 9, 984 I2400M_HDIv_MINOR = 1, 985 I2400M_HDIv_MINOR_2 = 2, 986}; 987 988 989/** 990 * i2400m_firmware_check - check firmware versions are compatible with 991 * the driver 992 * 993 * @i2400m: device descriptor 994 * 995 * Returns: 0 if ok, < 0 errno code an error and a message in the 996 * kernel log. 997 * 998 * Long function, but quite simple; first chunk launches the command 999 * and double checks the reply for the right TLV. Then we process the 1000 * TLV (where the meat is). 1001 * 1002 * Once we process the TLV that gives us the firmware's interface 1003 * version, we encode it and save it in i2400m->fw_version for future 1004 * reference. 1005 */ 1006int i2400m_firmware_check(struct i2400m *i2400m) 1007{ 1008 int result; 1009 struct device *dev = i2400m_dev(i2400m); 1010 struct sk_buff *ack_skb; 1011 struct i2400m_l3l4_hdr *cmd; 1012 const struct i2400m_l3l4_hdr *ack; 1013 size_t ack_len; 1014 const struct i2400m_tlv_hdr *tlv; 1015 const struct i2400m_tlv_l4_message_versions *l4mv; 1016 char strerr[32]; 1017 unsigned major, minor, branch; 1018 1019 result = -ENOMEM; 1020 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL); 1021 if (cmd == NULL) 1022 goto error_alloc; 1023 cmd->type = cpu_to_le16(I2400M_MT_GET_LM_VERSION); 1024 cmd->length = 0; 1025 cmd->version = cpu_to_le16(I2400M_L3L4_VERSION); 1026 1027 ack_skb = i2400m_msg_to_dev(i2400m, cmd, sizeof(*cmd)); 1028 if (IS_ERR(ack_skb)) { 1029 result = PTR_ERR(ack_skb); 1030 dev_err(dev, "Failed to issue 'get lm version' command: %-d\n", 1031 result); 1032 goto error_msg_to_dev; 1033 } 1034 ack = wimax_msg_data_len(ack_skb, &ack_len); 1035 result = i2400m_msg_check_status(ack, strerr, sizeof(strerr)); 1036 if (result < 0) { 1037 dev_err(dev, "'get lm version' (0x%04x) command failed: " 1038 "%d - %s\n", I2400M_MT_GET_LM_VERSION, result, 1039 strerr); 1040 goto error_cmd_failed; 1041 } 1042 tlv = i2400m_tlv_find(i2400m, ack->pl, ack_len - sizeof(*ack), 1043 I2400M_TLV_L4_MESSAGE_VERSIONS, sizeof(*l4mv)); 1044 if (tlv == NULL) { 1045 dev_err(dev, "get lm version: TLV not found (0x%04x)\n", 1046 I2400M_TLV_L4_MESSAGE_VERSIONS); 1047 result = -EIO; 1048 goto error_no_tlv; 1049 } 1050 l4mv = container_of(tlv, typeof(*l4mv), hdr); 1051 major = le16_to_cpu(l4mv->major); 1052 minor = le16_to_cpu(l4mv->minor); 1053 branch = le16_to_cpu(l4mv->branch); 1054 result = -EINVAL; 1055 if (major != I2400M_HDIv_MAJOR) { 1056 dev_err(dev, "unsupported major fw version " 1057 "%u.%u.%u\n", major, minor, branch); 1058 goto error_bad_major; 1059 } 1060 result = 0; 1061 if (minor < I2400M_HDIv_MINOR_2 && minor > I2400M_HDIv_MINOR) 1062 dev_warn(dev, "untested minor fw version %u.%u.%u\n", 1063 major, minor, branch); 1064 /* Yes, we ignore the branch -- we don't have to track it */ 1065 i2400m->fw_version = major << 16 | minor; 1066 dev_info(dev, "firmware interface version %u.%u.%u\n", 1067 major, minor, branch); 1068error_bad_major: 1069error_no_tlv: 1070error_cmd_failed: 1071 kfree_skb(ack_skb); 1072error_msg_to_dev: 1073 kfree(cmd); 1074error_alloc: 1075 return result; 1076} 1077 1078 1079/* 1080 * Send an DoExitIdle command to the device to ask it to go out of 1081 * basestation-idle mode. 1082 * 1083 * @i2400m: device descriptor 1084 * 1085 * This starts a renegotiation with the basestation that might involve 1086 * another crypto handshake with user space. 1087 * 1088 * Returns: 0 if ok, < 0 errno code on error. 1089 */ 1090int i2400m_cmd_exit_idle(struct i2400m *i2400m) 1091{ 1092 int result; 1093 struct device *dev = i2400m_dev(i2400m); 1094 struct sk_buff *ack_skb; 1095 struct i2400m_l3l4_hdr *cmd; 1096 char strerr[32]; 1097 1098 result = -ENOMEM; 1099 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL); 1100 if (cmd == NULL) 1101 goto error_alloc; 1102 cmd->type = cpu_to_le16(I2400M_MT_CMD_EXIT_IDLE); 1103 cmd->length = 0; 1104 cmd->version = cpu_to_le16(I2400M_L3L4_VERSION); 1105 1106 ack_skb = i2400m_msg_to_dev(i2400m, cmd, sizeof(*cmd)); 1107 result = PTR_ERR(ack_skb); 1108 if (IS_ERR(ack_skb)) { 1109 dev_err(dev, "Failed to issue 'exit idle' command: %d\n", 1110 result); 1111 goto error_msg_to_dev; 1112 } 1113 result = i2400m_msg_check_status(wimax_msg_data(ack_skb), 1114 strerr, sizeof(strerr)); 1115 kfree_skb(ack_skb); 1116error_msg_to_dev: 1117 kfree(cmd); 1118error_alloc: 1119 return result; 1120 1121} 1122 1123 1124/* 1125 * Query the device for its state, update the WiMAX stack's idea of it 1126 * 1127 * @i2400m: device descriptor 1128 * 1129 * Returns: 0 if ok, < 0 errno code on error. 1130 * 1131 * Executes a 'Get State' command and parses the returned 1132 * TLVs. 1133 * 1134 * Because this is almost identical to a 'Report State', we use 1135 * i2400m_report_state_hook() to parse the answer. This will set the 1136 * carrier state, as well as the RF Kill switches state. 1137 */ 1138int i2400m_cmd_get_state(struct i2400m *i2400m) 1139{ 1140 int result; 1141 struct device *dev = i2400m_dev(i2400m); 1142 struct sk_buff *ack_skb; 1143 struct i2400m_l3l4_hdr *cmd; 1144 const struct i2400m_l3l4_hdr *ack; 1145 size_t ack_len; 1146 char strerr[32]; 1147 1148 result = -ENOMEM; 1149 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL); 1150 if (cmd == NULL) 1151 goto error_alloc; 1152 cmd->type = cpu_to_le16(I2400M_MT_GET_STATE); 1153 cmd->length = 0; 1154 cmd->version = cpu_to_le16(I2400M_L3L4_VERSION); 1155 1156 ack_skb = i2400m_msg_to_dev(i2400m, cmd, sizeof(*cmd)); 1157 if (IS_ERR(ack_skb)) { 1158 dev_err(dev, "Failed to issue 'get state' command: %ld\n", 1159 PTR_ERR(ack_skb)); 1160 result = PTR_ERR(ack_skb); 1161 goto error_msg_to_dev; 1162 } 1163 ack = wimax_msg_data_len(ack_skb, &ack_len); 1164 result = i2400m_msg_check_status(ack, strerr, sizeof(strerr)); 1165 if (result < 0) { 1166 dev_err(dev, "'get state' (0x%04x) command failed: " 1167 "%d - %s\n", I2400M_MT_GET_STATE, result, strerr); 1168 goto error_cmd_failed; 1169 } 1170 i2400m_report_state_hook(i2400m, ack, ack_len - sizeof(*ack), 1171 "GET STATE"); 1172 result = 0; 1173 kfree_skb(ack_skb); 1174error_cmd_failed: 1175error_msg_to_dev: 1176 kfree(cmd); 1177error_alloc: 1178 return result; 1179} 1180EXPORT_SYMBOL_GPL(i2400m_cmd_get_state); 1181 1182 1183/** 1184 * Set basic configuration settings 1185 * 1186 * @i2400m: device descriptor 1187 * @args: array of pointers to the TLV headers to send for 1188 * configuration (each followed by its payload). 1189 * TLV headers and payloads must be properly initialized, with the 1190 * right endianess (LE). 1191 * @arg_size: number of pointers in the @args array 1192 */ 1193int i2400m_set_init_config(struct i2400m *i2400m, 1194 const struct i2400m_tlv_hdr **arg, size_t args) 1195{ 1196 int result; 1197 struct device *dev = i2400m_dev(i2400m); 1198 struct sk_buff *ack_skb; 1199 struct i2400m_l3l4_hdr *cmd; 1200 char strerr[32]; 1201 unsigned argc, argsize, tlv_size; 1202 const struct i2400m_tlv_hdr *tlv_hdr; 1203 void *buf, *itr; 1204 1205 d_fnstart(3, dev, "(i2400m %p arg %p args %zu)\n", i2400m, arg, args); 1206 result = 0; 1207 if (args == 0) 1208 goto none; 1209 /* Compute the size of all the TLVs, so we can alloc a 1210 * contiguous command block to copy them. */ 1211 argsize = 0; 1212 for (argc = 0; argc < args; argc++) { 1213 tlv_hdr = arg[argc]; 1214 argsize += sizeof(*tlv_hdr) + le16_to_cpu(tlv_hdr->length); 1215 } 1216 WARN_ON(argc >= 9); /* As per hw spec */ 1217 1218 /* Alloc the space for the command and TLVs*/ 1219 result = -ENOMEM; 1220 buf = kzalloc(sizeof(*cmd) + argsize, GFP_KERNEL); 1221 if (buf == NULL) 1222 goto error_alloc; 1223 cmd = buf; 1224 cmd->type = cpu_to_le16(I2400M_MT_SET_INIT_CONFIG); 1225 cmd->length = cpu_to_le16(argsize); 1226 cmd->version = cpu_to_le16(I2400M_L3L4_VERSION); 1227 1228 /* Copy the TLVs */ 1229 itr = buf + sizeof(*cmd); 1230 for (argc = 0; argc < args; argc++) { 1231 tlv_hdr = arg[argc]; 1232 tlv_size = sizeof(*tlv_hdr) + le16_to_cpu(tlv_hdr->length); 1233 memcpy(itr, tlv_hdr, tlv_size); 1234 itr += tlv_size; 1235 } 1236 1237 /* Send the message! */ 1238 ack_skb = i2400m_msg_to_dev(i2400m, buf, sizeof(*cmd) + argsize); 1239 result = PTR_ERR(ack_skb); 1240 if (IS_ERR(ack_skb)) { 1241 dev_err(dev, "Failed to issue 'init config' command: %d\n", 1242 result); 1243 1244 goto error_msg_to_dev; 1245 } 1246 result = i2400m_msg_check_status(wimax_msg_data(ack_skb), 1247 strerr, sizeof(strerr)); 1248 if (result < 0) 1249 dev_err(dev, "'init config' (0x%04x) command failed: %d - %s\n", 1250 I2400M_MT_SET_INIT_CONFIG, result, strerr); 1251 kfree_skb(ack_skb); 1252error_msg_to_dev: 1253 kfree(buf); 1254error_alloc: 1255none: 1256 d_fnend(3, dev, "(i2400m %p arg %p args %zu) = %d\n", 1257 i2400m, arg, args, result); 1258 return result; 1259 1260} 1261EXPORT_SYMBOL_GPL(i2400m_set_init_config); 1262 1263 1264/** 1265 * i2400m_set_idle_timeout - Set the device's idle mode timeout 1266 * 1267 * @i2400m: i2400m device descriptor 1268 * 1269 * @msecs: milliseconds for the timeout to enter idle mode. Between 1270 * 100 to 300000 (5m); 0 to disable. In increments of 100. 1271 * 1272 * After this @msecs of the link being idle (no data being sent or 1273 * received), the device will negotiate with the basestation entering 1274 * idle mode for saving power. The connection is maintained, but 1275 * getting out of it (done in tx.c) will require some negotiation, 1276 * possible crypto re-handshake and a possible DHCP re-lease. 1277 * 1278 * Only available if fw_version >= 0x00090002. 1279 * 1280 * Returns: 0 if ok, < 0 errno code on error. 1281 */ 1282int i2400m_set_idle_timeout(struct i2400m *i2400m, unsigned msecs) 1283{ 1284 int result; 1285 struct device *dev = i2400m_dev(i2400m); 1286 struct sk_buff *ack_skb; 1287 struct { 1288 struct i2400m_l3l4_hdr hdr; 1289 struct i2400m_tlv_config_idle_timeout cit; 1290 } *cmd; 1291 const struct i2400m_l3l4_hdr *ack; 1292 size_t ack_len; 1293 char strerr[32]; 1294 1295 result = -ENOSYS; 1296 if (i2400m_le_v1_3(i2400m)) 1297 goto error_alloc; 1298 result = -ENOMEM; 1299 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL); 1300 if (cmd == NULL) 1301 goto error_alloc; 1302 cmd->hdr.type = cpu_to_le16(I2400M_MT_GET_STATE); 1303 cmd->hdr.length = cpu_to_le16(sizeof(*cmd) - sizeof(cmd->hdr)); 1304 cmd->hdr.version = cpu_to_le16(I2400M_L3L4_VERSION); 1305 1306 cmd->cit.hdr.type = 1307 cpu_to_le16(I2400M_TLV_CONFIG_IDLE_TIMEOUT); 1308 cmd->cit.hdr.length = cpu_to_le16(sizeof(cmd->cit.timeout)); 1309 cmd->cit.timeout = cpu_to_le32(msecs); 1310 1311 ack_skb = i2400m_msg_to_dev(i2400m, cmd, sizeof(*cmd)); 1312 if (IS_ERR(ack_skb)) { 1313 dev_err(dev, "Failed to issue 'set idle timeout' command: " 1314 "%ld\n", PTR_ERR(ack_skb)); 1315 result = PTR_ERR(ack_skb); 1316 goto error_msg_to_dev; 1317 } 1318 ack = wimax_msg_data_len(ack_skb, &ack_len); 1319 result = i2400m_msg_check_status(ack, strerr, sizeof(strerr)); 1320 if (result < 0) { 1321 dev_err(dev, "'set idle timeout' (0x%04x) command failed: " 1322 "%d - %s\n", I2400M_MT_GET_STATE, result, strerr); 1323 goto error_cmd_failed; 1324 } 1325 result = 0; 1326 kfree_skb(ack_skb); 1327error_cmd_failed: 1328error_msg_to_dev: 1329 kfree(cmd); 1330error_alloc: 1331 return result; 1332} 1333 1334 1335/** 1336 * i2400m_dev_initialize - Initialize the device once communications are ready 1337 * 1338 * @i2400m: device descriptor 1339 * 1340 * Returns: 0 if ok, < 0 errno code on error. 1341 * 1342 * Configures the device to work the way we like it. 1343 * 1344 * At the point of this call, the device is registered with the WiMAX 1345 * and netdev stacks, firmware is uploaded and we can talk to the 1346 * device normally. 1347 */ 1348int i2400m_dev_initialize(struct i2400m *i2400m) 1349{ 1350 int result; 1351 struct device *dev = i2400m_dev(i2400m); 1352 struct i2400m_tlv_config_idle_parameters idle_params; 1353 struct i2400m_tlv_config_idle_timeout idle_timeout; 1354 struct i2400m_tlv_config_d2h_data_format df; 1355 struct i2400m_tlv_config_dl_host_reorder dlhr; 1356 const struct i2400m_tlv_hdr *args[9]; 1357 unsigned argc = 0; 1358 1359 d_fnstart(3, dev, "(i2400m %p)\n", i2400m); 1360 if (i2400m_passive_mode) 1361 goto out_passive; 1362 /* Disable idle mode? (enabled by default) */ 1363 if (i2400m_idle_mode_disabled) { 1364 if (i2400m_le_v1_3(i2400m)) { 1365 idle_params.hdr.type = 1366 cpu_to_le16(I2400M_TLV_CONFIG_IDLE_PARAMETERS); 1367 idle_params.hdr.length = cpu_to_le16( 1368 sizeof(idle_params) - sizeof(idle_params.hdr)); 1369 idle_params.idle_timeout = 0; 1370 idle_params.idle_paging_interval = 0; 1371 args[argc++] = &idle_params.hdr; 1372 } else { 1373 idle_timeout.hdr.type = 1374 cpu_to_le16(I2400M_TLV_CONFIG_IDLE_TIMEOUT); 1375 idle_timeout.hdr.length = cpu_to_le16( 1376 sizeof(idle_timeout) - sizeof(idle_timeout.hdr)); 1377 idle_timeout.timeout = 0; 1378 args[argc++] = &idle_timeout.hdr; 1379 } 1380 } 1381 if (i2400m_ge_v1_4(i2400m)) { 1382 /* Enable extended RX data format? */ 1383 df.hdr.type = 1384 cpu_to_le16(I2400M_TLV_CONFIG_D2H_DATA_FORMAT); 1385 df.hdr.length = cpu_to_le16( 1386 sizeof(df) - sizeof(df.hdr)); 1387 df.format = 1; 1388 args[argc++] = &df.hdr; 1389 1390 /* Enable RX data reordering? 1391 * (switch flipped in rx.c:i2400m_rx_setup() after fw upload) */ 1392 if (i2400m->rx_reorder) { 1393 dlhr.hdr.type = 1394 cpu_to_le16(I2400M_TLV_CONFIG_DL_HOST_REORDER); 1395 dlhr.hdr.length = cpu_to_le16( 1396 sizeof(dlhr) - sizeof(dlhr.hdr)); 1397 dlhr.reorder = 1; 1398 args[argc++] = &dlhr.hdr; 1399 } 1400 } 1401 result = i2400m_set_init_config(i2400m, args, argc); 1402 if (result < 0) 1403 goto error; 1404out_passive: 1405 /* 1406 * Update state: Here it just calls a get state; parsing the 1407 * result (System State TLV and RF Status TLV [done in the rx 1408 * path hooks]) will set the hardware and software RF-Kill 1409 * status. 1410 */ 1411 result = i2400m_cmd_get_state(i2400m); 1412error: 1413 if (result < 0) 1414 dev_err(dev, "failed to initialize the device: %d\n", result); 1415 d_fnend(3, dev, "(i2400m %p) = %d\n", i2400m, result); 1416 return result; 1417} 1418 1419 1420/** 1421 * i2400m_dev_shutdown - Shutdown a running device 1422 * 1423 * @i2400m: device descriptor 1424 * 1425 * Release resources acquired during the running of the device; in 1426 * theory, should also tell the device to go to sleep, switch off the 1427 * radio, all that, but at this point, in most cases (driver 1428 * disconnection, reset handling) we can't even talk to the device. 1429 */ 1430void i2400m_dev_shutdown(struct i2400m *i2400m) 1431{ 1432 struct device *dev = i2400m_dev(i2400m); 1433 1434 d_fnstart(3, dev, "(i2400m %p)\n", i2400m); 1435 d_fnend(3, dev, "(i2400m %p) = void\n", i2400m); 1436} 1437