1/* 2 * Copyright (c) 2007-2011 Atheros Communications Inc. 3 * 4 * Permission to use, copy, modify, and/or distribute this software for any 5 * purpose with or without fee is hereby granted, provided that the above 6 * copyright notice and this permission notice appear in all copies. 7 * 8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 15 */ 16 17#include "core.h" 18#include "debug.h" 19#include "hif-ops.h" 20 21#define HTC_PACKET_CONTAINER_ALLOCATION 32 22#define HTC_CONTROL_BUFFER_SIZE (HTC_MAX_CTRL_MSG_LEN + HTC_HDR_LENGTH) 23 24static int ath6kl_htc_pipe_tx(struct htc_target *handle, 25 struct htc_packet *packet); 26static void ath6kl_htc_pipe_cleanup(struct htc_target *handle); 27 28/* htc pipe tx path */ 29static inline void restore_tx_packet(struct htc_packet *packet) 30{ 31 if (packet->info.tx.flags & HTC_FLAGS_TX_FIXUP_NETBUF) { 32 skb_pull(packet->skb, sizeof(struct htc_frame_hdr)); 33 packet->info.tx.flags &= ~HTC_FLAGS_TX_FIXUP_NETBUF; 34 } 35} 36 37static void do_send_completion(struct htc_endpoint *ep, 38 struct list_head *queue_to_indicate) 39{ 40 struct htc_packet *packet; 41 42 if (list_empty(queue_to_indicate)) { 43 /* nothing to indicate */ 44 return; 45 } 46 47 if (ep->ep_cb.tx_comp_multi != NULL) { 48 ath6kl_dbg(ATH6KL_DBG_HTC, 49 "%s: calling ep %d, send complete multiple callback (%d pkts)\n", 50 __func__, ep->eid, 51 get_queue_depth(queue_to_indicate)); 52 /* 53 * a multiple send complete handler is being used, 54 * pass the queue to the handler 55 */ 56 ep->ep_cb.tx_comp_multi(ep->target, queue_to_indicate); 57 /* 58 * all packets are now owned by the callback, 59 * reset queue to be safe 60 */ 61 INIT_LIST_HEAD(queue_to_indicate); 62 } else { 63 /* using legacy EpTxComplete */ 64 do { 65 packet = list_first_entry(queue_to_indicate, 66 struct htc_packet, list); 67 68 list_del(&packet->list); 69 ath6kl_dbg(ATH6KL_DBG_HTC, 70 "%s: calling ep %d send complete callback on packet 0x%p\n", 71 __func__, ep->eid, packet); 72 ep->ep_cb.tx_complete(ep->target, packet); 73 } while (!list_empty(queue_to_indicate)); 74 } 75} 76 77static void send_packet_completion(struct htc_target *target, 78 struct htc_packet *packet) 79{ 80 struct htc_endpoint *ep = &target->endpoint[packet->endpoint]; 81 struct list_head container; 82 83 restore_tx_packet(packet); 84 INIT_LIST_HEAD(&container); 85 list_add_tail(&packet->list, &container); 86 87 /* do completion */ 88 do_send_completion(ep, &container); 89} 90 91static void get_htc_packet_credit_based(struct htc_target *target, 92 struct htc_endpoint *ep, 93 struct list_head *queue) 94{ 95 int credits_required; 96 int remainder; 97 u8 send_flags; 98 struct htc_packet *packet; 99 unsigned int transfer_len; 100 101 /* NOTE : the TX lock is held when this function is called */ 102 103 /* loop until we can grab as many packets out of the queue as we can */ 104 while (true) { 105 send_flags = 0; 106 if (list_empty(&ep->txq)) 107 break; 108 109 /* get packet at head, but don't remove it */ 110 packet = list_first_entry(&ep->txq, struct htc_packet, list); 111 112 ath6kl_dbg(ATH6KL_DBG_HTC, 113 "%s: got head packet:0x%p , queue depth: %d\n", 114 __func__, packet, get_queue_depth(&ep->txq)); 115 116 transfer_len = packet->act_len + HTC_HDR_LENGTH; 117 118 if (transfer_len <= target->tgt_cred_sz) { 119 credits_required = 1; 120 } else { 121 /* figure out how many credits this message requires */ 122 credits_required = transfer_len / target->tgt_cred_sz; 123 remainder = transfer_len % target->tgt_cred_sz; 124 125 if (remainder) 126 credits_required++; 127 } 128 129 ath6kl_dbg(ATH6KL_DBG_HTC, "%s: creds required:%d got:%d\n", 130 __func__, credits_required, ep->cred_dist.credits); 131 132 if (ep->eid == ENDPOINT_0) { 133 /* 134 * endpoint 0 is special, it always has a credit and 135 * does not require credit based flow control 136 */ 137 credits_required = 0; 138 139 } else { 140 if (ep->cred_dist.credits < credits_required) 141 break; 142 143 ep->cred_dist.credits -= credits_required; 144 ep->ep_st.cred_cosumd += credits_required; 145 146 /* check if we need credits back from the target */ 147 if (ep->cred_dist.credits < 148 ep->cred_dist.cred_per_msg) { 149 /* tell the target we need credits ASAP! */ 150 send_flags |= HTC_FLAGS_NEED_CREDIT_UPDATE; 151 ep->ep_st.cred_low_indicate += 1; 152 ath6kl_dbg(ATH6KL_DBG_HTC, 153 "%s: host needs credits\n", 154 __func__); 155 } 156 } 157 158 /* now we can fully dequeue */ 159 packet = list_first_entry(&ep->txq, struct htc_packet, list); 160 161 list_del(&packet->list); 162 /* save the number of credits this packet consumed */ 163 packet->info.tx.cred_used = credits_required; 164 /* save send flags */ 165 packet->info.tx.flags = send_flags; 166 packet->info.tx.seqno = ep->seqno; 167 ep->seqno++; 168 /* queue this packet into the caller's queue */ 169 list_add_tail(&packet->list, queue); 170 } 171} 172 173static void get_htc_packet(struct htc_target *target, 174 struct htc_endpoint *ep, 175 struct list_head *queue, int resources) 176{ 177 struct htc_packet *packet; 178 179 /* NOTE : the TX lock is held when this function is called */ 180 181 /* loop until we can grab as many packets out of the queue as we can */ 182 while (resources) { 183 if (list_empty(&ep->txq)) 184 break; 185 186 packet = list_first_entry(&ep->txq, struct htc_packet, list); 187 list_del(&packet->list); 188 189 ath6kl_dbg(ATH6KL_DBG_HTC, 190 "%s: got packet:0x%p , new queue depth: %d\n", 191 __func__, packet, get_queue_depth(&ep->txq)); 192 packet->info.tx.seqno = ep->seqno; 193 packet->info.tx.flags = 0; 194 packet->info.tx.cred_used = 0; 195 ep->seqno++; 196 197 /* queue this packet into the caller's queue */ 198 list_add_tail(&packet->list, queue); 199 resources--; 200 } 201} 202 203static int htc_issue_packets(struct htc_target *target, 204 struct htc_endpoint *ep, 205 struct list_head *pkt_queue) 206{ 207 int status = 0; 208 u16 payload_len; 209 struct sk_buff *skb; 210 struct htc_frame_hdr *htc_hdr; 211 struct htc_packet *packet; 212 213 ath6kl_dbg(ATH6KL_DBG_HTC, 214 "%s: queue: 0x%p, pkts %d\n", __func__, 215 pkt_queue, get_queue_depth(pkt_queue)); 216 217 while (!list_empty(pkt_queue)) { 218 packet = list_first_entry(pkt_queue, struct htc_packet, list); 219 list_del(&packet->list); 220 221 skb = packet->skb; 222 if (!skb) { 223 WARN_ON_ONCE(1); 224 status = -EINVAL; 225 break; 226 } 227 228 payload_len = packet->act_len; 229 230 /* setup HTC frame header */ 231 htc_hdr = skb_push(skb, sizeof(*htc_hdr)); 232 if (!htc_hdr) { 233 WARN_ON_ONCE(1); 234 status = -EINVAL; 235 break; 236 } 237 238 packet->info.tx.flags |= HTC_FLAGS_TX_FIXUP_NETBUF; 239 240 /* Endianess? */ 241 put_unaligned((u16) payload_len, &htc_hdr->payld_len); 242 htc_hdr->flags = packet->info.tx.flags; 243 htc_hdr->eid = (u8) packet->endpoint; 244 htc_hdr->ctrl[0] = 0; 245 htc_hdr->ctrl[1] = (u8) packet->info.tx.seqno; 246 247 spin_lock_bh(&target->tx_lock); 248 249 /* store in look up queue to match completions */ 250 list_add_tail(&packet->list, &ep->pipe.tx_lookup_queue); 251 ep->ep_st.tx_issued += 1; 252 spin_unlock_bh(&target->tx_lock); 253 254 status = ath6kl_hif_pipe_send(target->dev->ar, 255 ep->pipe.pipeid_ul, NULL, skb); 256 257 if (status != 0) { 258 if (status != -ENOMEM) { 259 /* TODO: if more than 1 endpoint maps to the 260 * same PipeID, it is possible to run out of 261 * resources in the HIF layer. 262 * Don't emit the error 263 */ 264 ath6kl_dbg(ATH6KL_DBG_HTC, 265 "%s: failed status:%d\n", 266 __func__, status); 267 } 268 spin_lock_bh(&target->tx_lock); 269 list_del(&packet->list); 270 271 /* reclaim credits */ 272 ep->cred_dist.credits += packet->info.tx.cred_used; 273 spin_unlock_bh(&target->tx_lock); 274 275 /* put it back into the callers queue */ 276 list_add(&packet->list, pkt_queue); 277 break; 278 } 279 } 280 281 if (status != 0) { 282 while (!list_empty(pkt_queue)) { 283 if (status != -ENOMEM) { 284 ath6kl_dbg(ATH6KL_DBG_HTC, 285 "%s: failed pkt:0x%p status:%d\n", 286 __func__, packet, status); 287 } 288 289 packet = list_first_entry(pkt_queue, 290 struct htc_packet, list); 291 list_del(&packet->list); 292 packet->status = status; 293 send_packet_completion(target, packet); 294 } 295 } 296 297 return status; 298} 299 300static enum htc_send_queue_result htc_try_send(struct htc_target *target, 301 struct htc_endpoint *ep, 302 struct list_head *txq) 303{ 304 struct list_head send_queue; /* temp queue to hold packets */ 305 struct htc_packet *packet, *tmp_pkt; 306 struct ath6kl *ar = target->dev->ar; 307 enum htc_send_full_action action; 308 int tx_resources, overflow, txqueue_depth, i, good_pkts; 309 u8 pipeid; 310 311 ath6kl_dbg(ATH6KL_DBG_HTC, "%s: (queue:0x%p depth:%d)\n", 312 __func__, txq, 313 (txq == NULL) ? 0 : get_queue_depth(txq)); 314 315 /* init the local send queue */ 316 INIT_LIST_HEAD(&send_queue); 317 318 /* 319 * txq equals to NULL means 320 * caller didn't provide a queue, just wants us to 321 * check queues and send 322 */ 323 if (txq != NULL) { 324 if (list_empty(txq)) { 325 /* empty queue */ 326 return HTC_SEND_QUEUE_DROP; 327 } 328 329 spin_lock_bh(&target->tx_lock); 330 txqueue_depth = get_queue_depth(&ep->txq); 331 spin_unlock_bh(&target->tx_lock); 332 333 if (txqueue_depth >= ep->max_txq_depth) { 334 /* we've already overflowed */ 335 overflow = get_queue_depth(txq); 336 } else { 337 /* get how much we will overflow by */ 338 overflow = txqueue_depth; 339 overflow += get_queue_depth(txq); 340 /* get how much we will overflow the TX queue by */ 341 overflow -= ep->max_txq_depth; 342 } 343 344 /* if overflow is negative or zero, we are okay */ 345 if (overflow > 0) { 346 ath6kl_dbg(ATH6KL_DBG_HTC, 347 "%s: Endpoint %d, TX queue will overflow :%d, Tx Depth:%d, Max:%d\n", 348 __func__, ep->eid, overflow, txqueue_depth, 349 ep->max_txq_depth); 350 } 351 if ((overflow <= 0) || 352 (ep->ep_cb.tx_full == NULL)) { 353 /* 354 * all packets will fit or caller did not provide send 355 * full indication handler -- just move all of them 356 * to the local send_queue object 357 */ 358 list_splice_tail_init(txq, &send_queue); 359 } else { 360 good_pkts = get_queue_depth(txq) - overflow; 361 if (good_pkts < 0) { 362 WARN_ON_ONCE(1); 363 return HTC_SEND_QUEUE_DROP; 364 } 365 366 /* we have overflowed, and a callback is provided */ 367 /* dequeue all non-overflow packets to the sendqueue */ 368 for (i = 0; i < good_pkts; i++) { 369 /* pop off caller's queue */ 370 packet = list_first_entry(txq, 371 struct htc_packet, 372 list); 373 /* move to local queue */ 374 list_move_tail(&packet->list, &send_queue); 375 } 376 377 /* 378 * the caller's queue has all the packets that won't fit 379 * walk through the caller's queue and indicate each to 380 * the send full handler 381 */ 382 list_for_each_entry_safe(packet, tmp_pkt, 383 txq, list) { 384 ath6kl_dbg(ATH6KL_DBG_HTC, 385 "%s: Indicate overflowed TX pkts: %p\n", 386 __func__, packet); 387 action = ep->ep_cb.tx_full(ep->target, packet); 388 if (action == HTC_SEND_FULL_DROP) { 389 /* callback wants the packet dropped */ 390 ep->ep_st.tx_dropped += 1; 391 392 /* leave this one in the caller's queue 393 * for cleanup */ 394 } else { 395 /* callback wants to keep this packet, 396 * move from caller's queue to the send 397 * queue */ 398 list_move_tail(&packet->list, 399 &send_queue); 400 } 401 } 402 403 if (list_empty(&send_queue)) { 404 /* no packets made it in, caller will cleanup */ 405 return HTC_SEND_QUEUE_DROP; 406 } 407 } 408 } 409 410 if (!ep->pipe.tx_credit_flow_enabled) { 411 tx_resources = 412 ath6kl_hif_pipe_get_free_queue_number(ar, 413 ep->pipe.pipeid_ul); 414 } else { 415 tx_resources = 0; 416 } 417 418 spin_lock_bh(&target->tx_lock); 419 if (!list_empty(&send_queue)) { 420 /* transfer packets to tail */ 421 list_splice_tail_init(&send_queue, &ep->txq); 422 if (!list_empty(&send_queue)) { 423 WARN_ON_ONCE(1); 424 spin_unlock_bh(&target->tx_lock); 425 return HTC_SEND_QUEUE_DROP; 426 } 427 INIT_LIST_HEAD(&send_queue); 428 } 429 430 /* increment tx processing count on entry */ 431 ep->tx_proc_cnt++; 432 433 if (ep->tx_proc_cnt > 1) { 434 /* 435 * Another thread or task is draining the TX queues on this 436 * endpoint that thread will reset the tx processing count 437 * when the queue is drained. 438 */ 439 ep->tx_proc_cnt--; 440 spin_unlock_bh(&target->tx_lock); 441 return HTC_SEND_QUEUE_OK; 442 } 443 444 /***** beyond this point only 1 thread may enter ******/ 445 446 /* 447 * Now drain the endpoint TX queue for transmission as long as we have 448 * enough transmit resources. 449 */ 450 while (true) { 451 if (get_queue_depth(&ep->txq) == 0) 452 break; 453 454 if (ep->pipe.tx_credit_flow_enabled) { 455 /* 456 * Credit based mechanism provides flow control 457 * based on target transmit resource availability, 458 * we assume that the HIF layer will always have 459 * bus resources greater than target transmit 460 * resources. 461 */ 462 get_htc_packet_credit_based(target, ep, &send_queue); 463 } else { 464 /* 465 * Get all packets for this endpoint that we can 466 * for this pass. 467 */ 468 get_htc_packet(target, ep, &send_queue, tx_resources); 469 } 470 471 if (get_queue_depth(&send_queue) == 0) { 472 /* 473 * Didn't get packets due to out of resources or TX 474 * queue was drained. 475 */ 476 break; 477 } 478 479 spin_unlock_bh(&target->tx_lock); 480 481 /* send what we can */ 482 htc_issue_packets(target, ep, &send_queue); 483 484 if (!ep->pipe.tx_credit_flow_enabled) { 485 pipeid = ep->pipe.pipeid_ul; 486 tx_resources = 487 ath6kl_hif_pipe_get_free_queue_number(ar, pipeid); 488 } 489 490 spin_lock_bh(&target->tx_lock); 491 } 492 493 /* done with this endpoint, we can clear the count */ 494 ep->tx_proc_cnt = 0; 495 spin_unlock_bh(&target->tx_lock); 496 497 return HTC_SEND_QUEUE_OK; 498} 499 500/* htc control packet manipulation */ 501static void destroy_htc_txctrl_packet(struct htc_packet *packet) 502{ 503 struct sk_buff *skb; 504 skb = packet->skb; 505 dev_kfree_skb(skb); 506 kfree(packet); 507} 508 509static struct htc_packet *build_htc_txctrl_packet(void) 510{ 511 struct htc_packet *packet = NULL; 512 struct sk_buff *skb; 513 514 packet = kzalloc(sizeof(struct htc_packet), GFP_KERNEL); 515 if (packet == NULL) 516 return NULL; 517 518 skb = __dev_alloc_skb(HTC_CONTROL_BUFFER_SIZE, GFP_KERNEL); 519 520 if (skb == NULL) { 521 kfree(packet); 522 return NULL; 523 } 524 packet->skb = skb; 525 526 return packet; 527} 528 529static void htc_free_txctrl_packet(struct htc_target *target, 530 struct htc_packet *packet) 531{ 532 destroy_htc_txctrl_packet(packet); 533} 534 535static struct htc_packet *htc_alloc_txctrl_packet(struct htc_target *target) 536{ 537 return build_htc_txctrl_packet(); 538} 539 540static void htc_txctrl_complete(struct htc_target *target, 541 struct htc_packet *packet) 542{ 543 htc_free_txctrl_packet(target, packet); 544} 545 546#define MAX_MESSAGE_SIZE 1536 547 548static int htc_setup_target_buffer_assignments(struct htc_target *target) 549{ 550 int status, credits, credit_per_maxmsg, i; 551 struct htc_pipe_txcredit_alloc *entry; 552 unsigned int hif_usbaudioclass = 0; 553 554 credit_per_maxmsg = MAX_MESSAGE_SIZE / target->tgt_cred_sz; 555 if (MAX_MESSAGE_SIZE % target->tgt_cred_sz) 556 credit_per_maxmsg++; 557 558 /* TODO, this should be configured by the caller! */ 559 560 credits = target->tgt_creds; 561 entry = &target->pipe.txcredit_alloc[0]; 562 563 status = -ENOMEM; 564 565 /* FIXME: hif_usbaudioclass is always zero */ 566 if (hif_usbaudioclass) { 567 ath6kl_dbg(ATH6KL_DBG_HTC, 568 "%s: For USB Audio Class- Total:%d\n", 569 __func__, credits); 570 entry++; 571 entry++; 572 /* Setup VO Service To have Max Credits */ 573 entry->service_id = WMI_DATA_VO_SVC; 574 entry->credit_alloc = (credits - 6); 575 if (entry->credit_alloc == 0) 576 entry->credit_alloc++; 577 578 credits -= (int) entry->credit_alloc; 579 if (credits <= 0) 580 return status; 581 582 entry++; 583 entry->service_id = WMI_CONTROL_SVC; 584 entry->credit_alloc = credit_per_maxmsg; 585 credits -= (int) entry->credit_alloc; 586 if (credits <= 0) 587 return status; 588 589 /* leftovers go to best effort */ 590 entry++; 591 entry++; 592 entry->service_id = WMI_DATA_BE_SVC; 593 entry->credit_alloc = (u8) credits; 594 status = 0; 595 } else { 596 entry++; 597 entry->service_id = WMI_DATA_VI_SVC; 598 entry->credit_alloc = credits / 4; 599 if (entry->credit_alloc == 0) 600 entry->credit_alloc++; 601 602 credits -= (int) entry->credit_alloc; 603 if (credits <= 0) 604 return status; 605 606 entry++; 607 entry->service_id = WMI_DATA_VO_SVC; 608 entry->credit_alloc = credits / 4; 609 if (entry->credit_alloc == 0) 610 entry->credit_alloc++; 611 612 credits -= (int) entry->credit_alloc; 613 if (credits <= 0) 614 return status; 615 616 entry++; 617 entry->service_id = WMI_CONTROL_SVC; 618 entry->credit_alloc = credit_per_maxmsg; 619 credits -= (int) entry->credit_alloc; 620 if (credits <= 0) 621 return status; 622 623 entry++; 624 entry->service_id = WMI_DATA_BK_SVC; 625 entry->credit_alloc = credit_per_maxmsg; 626 credits -= (int) entry->credit_alloc; 627 if (credits <= 0) 628 return status; 629 630 /* leftovers go to best effort */ 631 entry++; 632 entry->service_id = WMI_DATA_BE_SVC; 633 entry->credit_alloc = (u8) credits; 634 status = 0; 635 } 636 637 if (status == 0) { 638 for (i = 0; i < ENDPOINT_MAX; i++) { 639 if (target->pipe.txcredit_alloc[i].service_id != 0) { 640 ath6kl_dbg(ATH6KL_DBG_HTC, 641 "HTC Service Index : %d TX : 0x%2.2X : alloc:%d\n", 642 i, 643 target->pipe.txcredit_alloc[i]. 644 service_id, 645 target->pipe.txcredit_alloc[i]. 646 credit_alloc); 647 } 648 } 649 } 650 return status; 651} 652 653/* process credit reports and call distribution function */ 654static void htc_process_credit_report(struct htc_target *target, 655 struct htc_credit_report *rpt, 656 int num_entries, 657 enum htc_endpoint_id from_ep) 658{ 659 int total_credits = 0, i; 660 struct htc_endpoint *ep; 661 662 /* lock out TX while we update credits */ 663 spin_lock_bh(&target->tx_lock); 664 665 for (i = 0; i < num_entries; i++, rpt++) { 666 if (rpt->eid >= ENDPOINT_MAX) { 667 WARN_ON_ONCE(1); 668 spin_unlock_bh(&target->tx_lock); 669 return; 670 } 671 672 ep = &target->endpoint[rpt->eid]; 673 ep->cred_dist.credits += rpt->credits; 674 675 if (ep->cred_dist.credits && get_queue_depth(&ep->txq)) { 676 spin_unlock_bh(&target->tx_lock); 677 htc_try_send(target, ep, NULL); 678 spin_lock_bh(&target->tx_lock); 679 } 680 681 total_credits += rpt->credits; 682 } 683 ath6kl_dbg(ATH6KL_DBG_HTC, 684 "Report indicated %d credits to distribute\n", 685 total_credits); 686 687 spin_unlock_bh(&target->tx_lock); 688} 689 690/* flush endpoint TX queue */ 691static void htc_flush_tx_endpoint(struct htc_target *target, 692 struct htc_endpoint *ep, u16 tag) 693{ 694 struct htc_packet *packet; 695 696 spin_lock_bh(&target->tx_lock); 697 while (get_queue_depth(&ep->txq)) { 698 packet = list_first_entry(&ep->txq, struct htc_packet, list); 699 list_del(&packet->list); 700 packet->status = 0; 701 send_packet_completion(target, packet); 702 } 703 spin_unlock_bh(&target->tx_lock); 704} 705 706/* 707 * In the adapted HIF layer, struct sk_buff * are passed between HIF and HTC, 708 * since upper layers expects struct htc_packet containers we use the completed 709 * skb and lookup it's corresponding HTC packet buffer from a lookup list. 710 * This is extra overhead that can be fixed by re-aligning HIF interfaces with 711 * HTC. 712 */ 713static struct htc_packet *htc_lookup_tx_packet(struct htc_target *target, 714 struct htc_endpoint *ep, 715 struct sk_buff *skb) 716{ 717 struct htc_packet *packet, *tmp_pkt, *found_packet = NULL; 718 719 spin_lock_bh(&target->tx_lock); 720 721 /* 722 * interate from the front of tx lookup queue 723 * this lookup should be fast since lower layers completes in-order and 724 * so the completed packet should be at the head of the list generally 725 */ 726 list_for_each_entry_safe(packet, tmp_pkt, &ep->pipe.tx_lookup_queue, 727 list) { 728 /* check for removal */ 729 if (skb == packet->skb) { 730 /* found it */ 731 list_del(&packet->list); 732 found_packet = packet; 733 break; 734 } 735 } 736 737 spin_unlock_bh(&target->tx_lock); 738 739 return found_packet; 740} 741 742static int ath6kl_htc_pipe_tx_complete(struct ath6kl *ar, struct sk_buff *skb) 743{ 744 struct htc_target *target = ar->htc_target; 745 struct htc_frame_hdr *htc_hdr; 746 struct htc_endpoint *ep; 747 struct htc_packet *packet; 748 u8 ep_id, *netdata; 749 750 netdata = skb->data; 751 752 htc_hdr = (struct htc_frame_hdr *) netdata; 753 754 ep_id = htc_hdr->eid; 755 ep = &target->endpoint[ep_id]; 756 757 packet = htc_lookup_tx_packet(target, ep, skb); 758 if (packet == NULL) { 759 /* may have already been flushed and freed */ 760 ath6kl_err("HTC TX lookup failed!\n"); 761 } else { 762 /* will be giving this buffer back to upper layers */ 763 packet->status = 0; 764 send_packet_completion(target, packet); 765 } 766 skb = NULL; 767 768 if (!ep->pipe.tx_credit_flow_enabled) { 769 /* 770 * note: when using TX credit flow, the re-checking of queues 771 * happens when credits flow back from the target. in the 772 * non-TX credit case, we recheck after the packet completes 773 */ 774 htc_try_send(target, ep, NULL); 775 } 776 777 return 0; 778} 779 780static int htc_send_packets_multiple(struct htc_target *target, 781 struct list_head *pkt_queue) 782{ 783 struct htc_endpoint *ep; 784 struct htc_packet *packet, *tmp_pkt; 785 786 if (list_empty(pkt_queue)) 787 return -EINVAL; 788 789 /* get first packet to find out which ep the packets will go into */ 790 packet = list_first_entry(pkt_queue, struct htc_packet, list); 791 792 if (packet->endpoint >= ENDPOINT_MAX) { 793 WARN_ON_ONCE(1); 794 return -EINVAL; 795 } 796 ep = &target->endpoint[packet->endpoint]; 797 798 htc_try_send(target, ep, pkt_queue); 799 800 /* do completion on any packets that couldn't get in */ 801 if (!list_empty(pkt_queue)) { 802 list_for_each_entry_safe(packet, tmp_pkt, pkt_queue, list) { 803 packet->status = -ENOMEM; 804 } 805 806 do_send_completion(ep, pkt_queue); 807 } 808 809 return 0; 810} 811 812/* htc pipe rx path */ 813static struct htc_packet *alloc_htc_packet_container(struct htc_target *target) 814{ 815 struct htc_packet *packet; 816 spin_lock_bh(&target->rx_lock); 817 818 if (target->pipe.htc_packet_pool == NULL) { 819 spin_unlock_bh(&target->rx_lock); 820 return NULL; 821 } 822 823 packet = target->pipe.htc_packet_pool; 824 target->pipe.htc_packet_pool = (struct htc_packet *) packet->list.next; 825 826 spin_unlock_bh(&target->rx_lock); 827 828 packet->list.next = NULL; 829 return packet; 830} 831 832static void free_htc_packet_container(struct htc_target *target, 833 struct htc_packet *packet) 834{ 835 struct list_head *lh; 836 837 spin_lock_bh(&target->rx_lock); 838 839 if (target->pipe.htc_packet_pool == NULL) { 840 target->pipe.htc_packet_pool = packet; 841 packet->list.next = NULL; 842 } else { 843 lh = (struct list_head *) target->pipe.htc_packet_pool; 844 packet->list.next = lh; 845 target->pipe.htc_packet_pool = packet; 846 } 847 848 spin_unlock_bh(&target->rx_lock); 849} 850 851static int htc_process_trailer(struct htc_target *target, u8 *buffer, 852 int len, enum htc_endpoint_id from_ep) 853{ 854 struct htc_credit_report *report; 855 struct htc_record_hdr *record; 856 u8 *record_buf; 857 int status = 0; 858 859 while (len > 0) { 860 if (len < sizeof(struct htc_record_hdr)) { 861 status = -EINVAL; 862 break; 863 } 864 865 /* these are byte aligned structs */ 866 record = (struct htc_record_hdr *) buffer; 867 len -= sizeof(struct htc_record_hdr); 868 buffer += sizeof(struct htc_record_hdr); 869 870 if (record->len > len) { 871 /* no room left in buffer for record */ 872 ath6kl_dbg(ATH6KL_DBG_HTC, 873 "invalid length: %d (id:%d) buffer has: %d bytes left\n", 874 record->len, record->rec_id, len); 875 status = -EINVAL; 876 break; 877 } 878 879 /* start of record follows the header */ 880 record_buf = buffer; 881 882 switch (record->rec_id) { 883 case HTC_RECORD_CREDITS: 884 if (record->len < sizeof(struct htc_credit_report)) { 885 WARN_ON_ONCE(1); 886 return -EINVAL; 887 } 888 889 report = (struct htc_credit_report *) record_buf; 890 htc_process_credit_report(target, report, 891 record->len / sizeof(*report), 892 from_ep); 893 break; 894 default: 895 ath6kl_dbg(ATH6KL_DBG_HTC, 896 "unhandled record: id:%d length:%d\n", 897 record->rec_id, record->len); 898 break; 899 } 900 901 /* advance buffer past this record for next time around */ 902 buffer += record->len; 903 len -= record->len; 904 } 905 906 return status; 907} 908 909static void do_recv_completion(struct htc_endpoint *ep, 910 struct list_head *queue_to_indicate) 911{ 912 struct htc_packet *packet; 913 914 if (list_empty(queue_to_indicate)) { 915 /* nothing to indicate */ 916 return; 917 } 918 919 /* using legacy EpRecv */ 920 while (!list_empty(queue_to_indicate)) { 921 packet = list_first_entry(queue_to_indicate, 922 struct htc_packet, list); 923 list_del(&packet->list); 924 ep->ep_cb.rx(ep->target, packet); 925 } 926 927 return; 928} 929 930static void recv_packet_completion(struct htc_target *target, 931 struct htc_endpoint *ep, 932 struct htc_packet *packet) 933{ 934 struct list_head container; 935 INIT_LIST_HEAD(&container); 936 list_add_tail(&packet->list, &container); 937 938 /* do completion */ 939 do_recv_completion(ep, &container); 940} 941 942static int ath6kl_htc_pipe_rx_complete(struct ath6kl *ar, struct sk_buff *skb, 943 u8 pipeid) 944{ 945 struct htc_target *target = ar->htc_target; 946 u8 *netdata, *trailer, hdr_info; 947 struct htc_frame_hdr *htc_hdr; 948 u32 netlen, trailerlen = 0; 949 struct htc_packet *packet; 950 struct htc_endpoint *ep; 951 u16 payload_len; 952 int status = 0; 953 954 /* 955 * ar->htc_target can be NULL due to a race condition that can occur 956 * during driver initialization(we do 'ath6kl_hif_power_on' before 957 * initializing 'ar->htc_target' via 'ath6kl_htc_create'). 958 * 'ath6kl_hif_power_on' assigns 'ath6kl_recv_complete' as 959 * usb_complete_t/callback function for 'usb_fill_bulk_urb'. 960 * Thus the possibility of ar->htc_target being NULL 961 * via ath6kl_recv_complete -> ath6kl_usb_io_comp_work. 962 */ 963 if (!target) { 964 ath6kl_dbg(ATH6KL_DBG_HTC, "Target not yet initialized\n"); 965 status = -EINVAL; 966 goto free_skb; 967 } 968 969 970 netdata = skb->data; 971 netlen = skb->len; 972 973 htc_hdr = (struct htc_frame_hdr *) netdata; 974 975 if (htc_hdr->eid >= ENDPOINT_MAX) { 976 ath6kl_dbg(ATH6KL_DBG_HTC, 977 "HTC Rx: invalid EndpointID=%d\n", 978 htc_hdr->eid); 979 status = -EINVAL; 980 goto free_skb; 981 } 982 ep = &target->endpoint[htc_hdr->eid]; 983 984 payload_len = le16_to_cpu(get_unaligned(&htc_hdr->payld_len)); 985 986 if (netlen < (payload_len + HTC_HDR_LENGTH)) { 987 ath6kl_dbg(ATH6KL_DBG_HTC, 988 "HTC Rx: insufficient length, got:%d expected =%zu\n", 989 netlen, payload_len + HTC_HDR_LENGTH); 990 status = -EINVAL; 991 goto free_skb; 992 } 993 994 /* get flags to check for trailer */ 995 hdr_info = htc_hdr->flags; 996 if (hdr_info & HTC_FLG_RX_TRAILER) { 997 /* extract the trailer length */ 998 hdr_info = htc_hdr->ctrl[0]; 999 if ((hdr_info < sizeof(struct htc_record_hdr)) || 1000 (hdr_info > payload_len)) { 1001 ath6kl_dbg(ATH6KL_DBG_HTC, 1002 "invalid header: payloadlen should be %d, CB[0]: %d\n", 1003 payload_len, hdr_info); 1004 status = -EINVAL; 1005 goto free_skb; 1006 } 1007 1008 trailerlen = hdr_info; 1009 /* process trailer after hdr/apps payload */ 1010 trailer = (u8 *) htc_hdr + HTC_HDR_LENGTH + 1011 payload_len - hdr_info; 1012 status = htc_process_trailer(target, trailer, hdr_info, 1013 htc_hdr->eid); 1014 if (status != 0) 1015 goto free_skb; 1016 } 1017 1018 if (((int) payload_len - (int) trailerlen) <= 0) { 1019 /* zero length packet with trailer, just drop these */ 1020 goto free_skb; 1021 } 1022 1023 if (htc_hdr->eid == ENDPOINT_0) { 1024 /* handle HTC control message */ 1025 if (target->htc_flags & HTC_OP_STATE_SETUP_COMPLETE) { 1026 /* 1027 * fatal: target should not send unsolicited 1028 * messageson the endpoint 0 1029 */ 1030 ath6kl_dbg(ATH6KL_DBG_HTC, 1031 "HTC ignores Rx Ctrl after setup complete\n"); 1032 status = -EINVAL; 1033 goto free_skb; 1034 } 1035 1036 /* remove HTC header */ 1037 skb_pull(skb, HTC_HDR_LENGTH); 1038 1039 netdata = skb->data; 1040 netlen = skb->len; 1041 1042 spin_lock_bh(&target->rx_lock); 1043 1044 target->pipe.ctrl_response_valid = true; 1045 target->pipe.ctrl_response_len = min_t(int, netlen, 1046 HTC_MAX_CTRL_MSG_LEN); 1047 memcpy(target->pipe.ctrl_response_buf, netdata, 1048 target->pipe.ctrl_response_len); 1049 1050 spin_unlock_bh(&target->rx_lock); 1051 1052 dev_kfree_skb(skb); 1053 skb = NULL; 1054 1055 goto free_skb; 1056 } 1057 1058 /* 1059 * TODO: the message based HIF architecture allocates net bufs 1060 * for recv packets since it bridges that HIF to upper layers, 1061 * which expects HTC packets, we form the packets here 1062 */ 1063 packet = alloc_htc_packet_container(target); 1064 if (packet == NULL) { 1065 status = -ENOMEM; 1066 goto free_skb; 1067 } 1068 1069 packet->status = 0; 1070 packet->endpoint = htc_hdr->eid; 1071 packet->pkt_cntxt = skb; 1072 1073 /* TODO: for backwards compatibility */ 1074 packet->buf = skb_push(skb, 0) + HTC_HDR_LENGTH; 1075 packet->act_len = netlen - HTC_HDR_LENGTH - trailerlen; 1076 1077 /* 1078 * TODO: this is a hack because the driver layer will set the 1079 * actual len of the skb again which will just double the len 1080 */ 1081 skb_trim(skb, 0); 1082 1083 recv_packet_completion(target, ep, packet); 1084 1085 /* recover the packet container */ 1086 free_htc_packet_container(target, packet); 1087 skb = NULL; 1088 1089free_skb: 1090 dev_kfree_skb(skb); 1091 1092 return status; 1093} 1094 1095static void htc_flush_rx_queue(struct htc_target *target, 1096 struct htc_endpoint *ep) 1097{ 1098 struct list_head container; 1099 struct htc_packet *packet; 1100 1101 spin_lock_bh(&target->rx_lock); 1102 1103 while (1) { 1104 if (list_empty(&ep->rx_bufq)) 1105 break; 1106 1107 packet = list_first_entry(&ep->rx_bufq, 1108 struct htc_packet, list); 1109 list_del(&packet->list); 1110 1111 spin_unlock_bh(&target->rx_lock); 1112 packet->status = -ECANCELED; 1113 packet->act_len = 0; 1114 1115 ath6kl_dbg(ATH6KL_DBG_HTC, 1116 "Flushing RX packet:0x%p, length:%d, ep:%d\n", 1117 packet, packet->buf_len, 1118 packet->endpoint); 1119 1120 INIT_LIST_HEAD(&container); 1121 list_add_tail(&packet->list, &container); 1122 1123 /* give the packet back */ 1124 do_recv_completion(ep, &container); 1125 spin_lock_bh(&target->rx_lock); 1126 } 1127 1128 spin_unlock_bh(&target->rx_lock); 1129} 1130 1131/* polling routine to wait for a control packet to be received */ 1132static int htc_wait_recv_ctrl_message(struct htc_target *target) 1133{ 1134 int count = HTC_TARGET_RESPONSE_POLL_COUNT; 1135 1136 while (count > 0) { 1137 spin_lock_bh(&target->rx_lock); 1138 1139 if (target->pipe.ctrl_response_valid) { 1140 target->pipe.ctrl_response_valid = false; 1141 spin_unlock_bh(&target->rx_lock); 1142 break; 1143 } 1144 1145 spin_unlock_bh(&target->rx_lock); 1146 1147 count--; 1148 1149 msleep_interruptible(HTC_TARGET_RESPONSE_POLL_WAIT); 1150 } 1151 1152 if (count <= 0) { 1153 ath6kl_warn("htc pipe control receive timeout!\n"); 1154 return -ETIMEDOUT; 1155 } 1156 1157 return 0; 1158} 1159 1160static void htc_rxctrl_complete(struct htc_target *context, 1161 struct htc_packet *packet) 1162{ 1163 struct sk_buff *skb = packet->skb; 1164 1165 if (packet->endpoint == ENDPOINT_0 && 1166 packet->status == -ECANCELED && 1167 skb != NULL) 1168 dev_kfree_skb(skb); 1169} 1170 1171/* htc pipe initialization */ 1172static void reset_endpoint_states(struct htc_target *target) 1173{ 1174 struct htc_endpoint *ep; 1175 int i; 1176 1177 for (i = ENDPOINT_0; i < ENDPOINT_MAX; i++) { 1178 ep = &target->endpoint[i]; 1179 ep->svc_id = 0; 1180 ep->len_max = 0; 1181 ep->max_txq_depth = 0; 1182 ep->eid = i; 1183 INIT_LIST_HEAD(&ep->txq); 1184 INIT_LIST_HEAD(&ep->pipe.tx_lookup_queue); 1185 INIT_LIST_HEAD(&ep->rx_bufq); 1186 ep->target = target; 1187 ep->pipe.tx_credit_flow_enabled = true; 1188 } 1189} 1190 1191/* start HTC, this is called after all services are connected */ 1192static int htc_config_target_hif_pipe(struct htc_target *target) 1193{ 1194 return 0; 1195} 1196 1197/* htc service functions */ 1198static u8 htc_get_credit_alloc(struct htc_target *target, u16 service_id) 1199{ 1200 u8 allocation = 0; 1201 int i; 1202 1203 for (i = 0; i < ENDPOINT_MAX; i++) { 1204 if (target->pipe.txcredit_alloc[i].service_id == service_id) 1205 allocation = 1206 target->pipe.txcredit_alloc[i].credit_alloc; 1207 } 1208 1209 if (allocation == 0) { 1210 ath6kl_dbg(ATH6KL_DBG_HTC, 1211 "HTC Service TX : 0x%2.2X : allocation is zero!\n", 1212 service_id); 1213 } 1214 1215 return allocation; 1216} 1217 1218static int ath6kl_htc_pipe_conn_service(struct htc_target *target, 1219 struct htc_service_connect_req *conn_req, 1220 struct htc_service_connect_resp *conn_resp) 1221{ 1222 struct ath6kl *ar = target->dev->ar; 1223 struct htc_packet *packet = NULL; 1224 struct htc_conn_service_resp *resp_msg; 1225 struct htc_conn_service_msg *conn_msg; 1226 enum htc_endpoint_id assigned_epid = ENDPOINT_MAX; 1227 bool disable_credit_flowctrl = false; 1228 unsigned int max_msg_size = 0; 1229 struct htc_endpoint *ep; 1230 int length, status = 0; 1231 struct sk_buff *skb; 1232 u8 tx_alloc; 1233 u16 flags; 1234 1235 if (conn_req->svc_id == 0) { 1236 WARN_ON_ONCE(1); 1237 status = -EINVAL; 1238 goto free_packet; 1239 } 1240 1241 if (conn_req->svc_id == HTC_CTRL_RSVD_SVC) { 1242 /* special case for pseudo control service */ 1243 assigned_epid = ENDPOINT_0; 1244 max_msg_size = HTC_MAX_CTRL_MSG_LEN; 1245 tx_alloc = 0; 1246 1247 } else { 1248 tx_alloc = htc_get_credit_alloc(target, conn_req->svc_id); 1249 if (tx_alloc == 0) { 1250 status = -ENOMEM; 1251 goto free_packet; 1252 } 1253 1254 /* allocate a packet to send to the target */ 1255 packet = htc_alloc_txctrl_packet(target); 1256 1257 if (packet == NULL) { 1258 WARN_ON_ONCE(1); 1259 status = -ENOMEM; 1260 goto free_packet; 1261 } 1262 1263 skb = packet->skb; 1264 length = sizeof(struct htc_conn_service_msg); 1265 1266 /* assemble connect service message */ 1267 conn_msg = skb_put(skb, length); 1268 if (conn_msg == NULL) { 1269 WARN_ON_ONCE(1); 1270 status = -EINVAL; 1271 goto free_packet; 1272 } 1273 1274 memset(conn_msg, 0, 1275 sizeof(struct htc_conn_service_msg)); 1276 conn_msg->msg_id = cpu_to_le16(HTC_MSG_CONN_SVC_ID); 1277 conn_msg->svc_id = cpu_to_le16(conn_req->svc_id); 1278 conn_msg->conn_flags = cpu_to_le16(conn_req->conn_flags & 1279 ~HTC_CONN_FLGS_SET_RECV_ALLOC_MASK); 1280 1281 /* tell target desired recv alloc for this ep */ 1282 flags = tx_alloc << HTC_CONN_FLGS_SET_RECV_ALLOC_SHIFT; 1283 conn_msg->conn_flags |= cpu_to_le16(flags); 1284 1285 if (conn_req->conn_flags & 1286 HTC_CONN_FLGS_DISABLE_CRED_FLOW_CTRL) { 1287 disable_credit_flowctrl = true; 1288 } 1289 1290 set_htc_pkt_info(packet, NULL, (u8 *) conn_msg, 1291 length, 1292 ENDPOINT_0, HTC_SERVICE_TX_PACKET_TAG); 1293 1294 status = ath6kl_htc_pipe_tx(target, packet); 1295 1296 /* we don't own it anymore */ 1297 packet = NULL; 1298 if (status != 0) 1299 goto free_packet; 1300 1301 /* wait for response */ 1302 status = htc_wait_recv_ctrl_message(target); 1303 if (status != 0) 1304 goto free_packet; 1305 1306 /* we controlled the buffer creation so it has to be 1307 * properly aligned 1308 */ 1309 resp_msg = (struct htc_conn_service_resp *) 1310 target->pipe.ctrl_response_buf; 1311 1312 if (resp_msg->msg_id != cpu_to_le16(HTC_MSG_CONN_SVC_RESP_ID) || 1313 (target->pipe.ctrl_response_len < sizeof(*resp_msg))) { 1314 /* this message is not valid */ 1315 WARN_ON_ONCE(1); 1316 status = -EINVAL; 1317 goto free_packet; 1318 } 1319 1320 ath6kl_dbg(ATH6KL_DBG_TRC, 1321 "%s: service 0x%X conn resp: status: %d ep: %d\n", 1322 __func__, resp_msg->svc_id, resp_msg->status, 1323 resp_msg->eid); 1324 1325 conn_resp->resp_code = resp_msg->status; 1326 /* check response status */ 1327 if (resp_msg->status != HTC_SERVICE_SUCCESS) { 1328 ath6kl_dbg(ATH6KL_DBG_HTC, 1329 "Target failed service 0x%X connect request (status:%d)\n", 1330 resp_msg->svc_id, resp_msg->status); 1331 status = -EINVAL; 1332 goto free_packet; 1333 } 1334 1335 assigned_epid = (enum htc_endpoint_id) resp_msg->eid; 1336 max_msg_size = le16_to_cpu(resp_msg->max_msg_sz); 1337 } 1338 1339 /* the rest are parameter checks so set the error status */ 1340 status = -EINVAL; 1341 1342 if (assigned_epid >= ENDPOINT_MAX) { 1343 WARN_ON_ONCE(1); 1344 goto free_packet; 1345 } 1346 1347 if (max_msg_size == 0) { 1348 WARN_ON_ONCE(1); 1349 goto free_packet; 1350 } 1351 1352 ep = &target->endpoint[assigned_epid]; 1353 ep->eid = assigned_epid; 1354 if (ep->svc_id != 0) { 1355 /* endpoint already in use! */ 1356 WARN_ON_ONCE(1); 1357 goto free_packet; 1358 } 1359 1360 /* return assigned endpoint to caller */ 1361 conn_resp->endpoint = assigned_epid; 1362 conn_resp->len_max = max_msg_size; 1363 1364 /* setup the endpoint */ 1365 ep->svc_id = conn_req->svc_id; /* this marks ep in use */ 1366 ep->max_txq_depth = conn_req->max_txq_depth; 1367 ep->len_max = max_msg_size; 1368 ep->cred_dist.credits = tx_alloc; 1369 ep->cred_dist.cred_sz = target->tgt_cred_sz; 1370 ep->cred_dist.cred_per_msg = max_msg_size / target->tgt_cred_sz; 1371 if (max_msg_size % target->tgt_cred_sz) 1372 ep->cred_dist.cred_per_msg++; 1373 1374 /* copy all the callbacks */ 1375 ep->ep_cb = conn_req->ep_cb; 1376 1377 /* initialize tx_drop_packet_threshold */ 1378 ep->tx_drop_packet_threshold = MAX_HI_COOKIE_NUM; 1379 1380 status = ath6kl_hif_pipe_map_service(ar, ep->svc_id, 1381 &ep->pipe.pipeid_ul, 1382 &ep->pipe.pipeid_dl); 1383 if (status != 0) 1384 goto free_packet; 1385 1386 ath6kl_dbg(ATH6KL_DBG_HTC, 1387 "SVC Ready: 0x%4.4X: ULpipe:%d DLpipe:%d id:%d\n", 1388 ep->svc_id, ep->pipe.pipeid_ul, 1389 ep->pipe.pipeid_dl, ep->eid); 1390 1391 if (disable_credit_flowctrl && ep->pipe.tx_credit_flow_enabled) { 1392 ep->pipe.tx_credit_flow_enabled = false; 1393 ath6kl_dbg(ATH6KL_DBG_HTC, 1394 "SVC: 0x%4.4X ep:%d TX flow control off\n", 1395 ep->svc_id, assigned_epid); 1396 } 1397 1398free_packet: 1399 if (packet != NULL) 1400 htc_free_txctrl_packet(target, packet); 1401 return status; 1402} 1403 1404/* htc export functions */ 1405static void *ath6kl_htc_pipe_create(struct ath6kl *ar) 1406{ 1407 int status = 0; 1408 struct htc_endpoint *ep = NULL; 1409 struct htc_target *target = NULL; 1410 struct htc_packet *packet; 1411 int i; 1412 1413 target = kzalloc(sizeof(struct htc_target), GFP_KERNEL); 1414 if (target == NULL) { 1415 ath6kl_err("htc create unable to allocate memory\n"); 1416 status = -ENOMEM; 1417 goto fail_htc_create; 1418 } 1419 1420 spin_lock_init(&target->htc_lock); 1421 spin_lock_init(&target->rx_lock); 1422 spin_lock_init(&target->tx_lock); 1423 1424 reset_endpoint_states(target); 1425 1426 for (i = 0; i < HTC_PACKET_CONTAINER_ALLOCATION; i++) { 1427 packet = kzalloc(sizeof(struct htc_packet), GFP_KERNEL); 1428 1429 if (packet != NULL) 1430 free_htc_packet_container(target, packet); 1431 } 1432 1433 target->dev = kzalloc(sizeof(*target->dev), GFP_KERNEL); 1434 if (!target->dev) { 1435 ath6kl_err("unable to allocate memory\n"); 1436 status = -ENOMEM; 1437 goto fail_htc_create; 1438 } 1439 target->dev->ar = ar; 1440 target->dev->htc_cnxt = target; 1441 1442 /* Get HIF default pipe for HTC message exchange */ 1443 ep = &target->endpoint[ENDPOINT_0]; 1444 1445 ath6kl_hif_pipe_get_default(ar, &ep->pipe.pipeid_ul, 1446 &ep->pipe.pipeid_dl); 1447 1448 return target; 1449 1450fail_htc_create: 1451 if (status != 0) { 1452 if (target != NULL) 1453 ath6kl_htc_pipe_cleanup(target); 1454 1455 target = NULL; 1456 } 1457 return target; 1458} 1459 1460/* cleanup the HTC instance */ 1461static void ath6kl_htc_pipe_cleanup(struct htc_target *target) 1462{ 1463 struct htc_packet *packet; 1464 1465 while (true) { 1466 packet = alloc_htc_packet_container(target); 1467 if (packet == NULL) 1468 break; 1469 kfree(packet); 1470 } 1471 1472 kfree(target->dev); 1473 1474 /* kfree our instance */ 1475 kfree(target); 1476} 1477 1478static int ath6kl_htc_pipe_start(struct htc_target *target) 1479{ 1480 struct sk_buff *skb; 1481 struct htc_setup_comp_ext_msg *setup; 1482 struct htc_packet *packet; 1483 1484 htc_config_target_hif_pipe(target); 1485 1486 /* allocate a buffer to send */ 1487 packet = htc_alloc_txctrl_packet(target); 1488 if (packet == NULL) { 1489 WARN_ON_ONCE(1); 1490 return -ENOMEM; 1491 } 1492 1493 skb = packet->skb; 1494 1495 /* assemble setup complete message */ 1496 setup = skb_put(skb, sizeof(*setup)); 1497 memset(setup, 0, sizeof(struct htc_setup_comp_ext_msg)); 1498 setup->msg_id = cpu_to_le16(HTC_MSG_SETUP_COMPLETE_EX_ID); 1499 1500 ath6kl_dbg(ATH6KL_DBG_HTC, "HTC using TX credit flow control\n"); 1501 1502 set_htc_pkt_info(packet, NULL, (u8 *) setup, 1503 sizeof(struct htc_setup_comp_ext_msg), 1504 ENDPOINT_0, HTC_SERVICE_TX_PACKET_TAG); 1505 1506 target->htc_flags |= HTC_OP_STATE_SETUP_COMPLETE; 1507 1508 return ath6kl_htc_pipe_tx(target, packet); 1509} 1510 1511static void ath6kl_htc_pipe_stop(struct htc_target *target) 1512{ 1513 int i; 1514 struct htc_endpoint *ep; 1515 1516 /* cleanup endpoints */ 1517 for (i = 0; i < ENDPOINT_MAX; i++) { 1518 ep = &target->endpoint[i]; 1519 htc_flush_rx_queue(target, ep); 1520 htc_flush_tx_endpoint(target, ep, HTC_TX_PACKET_TAG_ALL); 1521 } 1522 1523 reset_endpoint_states(target); 1524 target->htc_flags &= ~HTC_OP_STATE_SETUP_COMPLETE; 1525} 1526 1527static int ath6kl_htc_pipe_get_rxbuf_num(struct htc_target *target, 1528 enum htc_endpoint_id endpoint) 1529{ 1530 int num; 1531 1532 spin_lock_bh(&target->rx_lock); 1533 num = get_queue_depth(&(target->endpoint[endpoint].rx_bufq)); 1534 spin_unlock_bh(&target->rx_lock); 1535 1536 return num; 1537} 1538 1539static int ath6kl_htc_pipe_tx(struct htc_target *target, 1540 struct htc_packet *packet) 1541{ 1542 struct list_head queue; 1543 1544 ath6kl_dbg(ATH6KL_DBG_HTC, 1545 "%s: endPointId: %d, buffer: 0x%p, length: %d\n", 1546 __func__, packet->endpoint, packet->buf, 1547 packet->act_len); 1548 1549 INIT_LIST_HEAD(&queue); 1550 list_add_tail(&packet->list, &queue); 1551 1552 return htc_send_packets_multiple(target, &queue); 1553} 1554 1555static int ath6kl_htc_pipe_wait_target(struct htc_target *target) 1556{ 1557 struct htc_ready_ext_msg *ready_msg; 1558 struct htc_service_connect_req connect; 1559 struct htc_service_connect_resp resp; 1560 int status = 0; 1561 1562 status = htc_wait_recv_ctrl_message(target); 1563 1564 if (status != 0) 1565 return status; 1566 1567 if (target->pipe.ctrl_response_len < sizeof(*ready_msg)) { 1568 ath6kl_warn("invalid htc pipe ready msg len: %d\n", 1569 target->pipe.ctrl_response_len); 1570 return -ECOMM; 1571 } 1572 1573 ready_msg = (struct htc_ready_ext_msg *) target->pipe.ctrl_response_buf; 1574 1575 if (ready_msg->ver2_0_info.msg_id != cpu_to_le16(HTC_MSG_READY_ID)) { 1576 ath6kl_warn("invalid htc pipe ready msg: 0x%x\n", 1577 ready_msg->ver2_0_info.msg_id); 1578 return -ECOMM; 1579 } 1580 1581 ath6kl_dbg(ATH6KL_DBG_HTC, 1582 "Target Ready! : transmit resources : %d size:%d\n", 1583 ready_msg->ver2_0_info.cred_cnt, 1584 ready_msg->ver2_0_info.cred_sz); 1585 1586 target->tgt_creds = le16_to_cpu(ready_msg->ver2_0_info.cred_cnt); 1587 target->tgt_cred_sz = le16_to_cpu(ready_msg->ver2_0_info.cred_sz); 1588 1589 if ((target->tgt_creds == 0) || (target->tgt_cred_sz == 0)) 1590 return -ECOMM; 1591 1592 htc_setup_target_buffer_assignments(target); 1593 1594 /* setup our pseudo HTC control endpoint connection */ 1595 memset(&connect, 0, sizeof(connect)); 1596 memset(&resp, 0, sizeof(resp)); 1597 connect.ep_cb.tx_complete = htc_txctrl_complete; 1598 connect.ep_cb.rx = htc_rxctrl_complete; 1599 connect.max_txq_depth = NUM_CONTROL_TX_BUFFERS; 1600 connect.svc_id = HTC_CTRL_RSVD_SVC; 1601 1602 /* connect fake service */ 1603 status = ath6kl_htc_pipe_conn_service(target, &connect, &resp); 1604 1605 return status; 1606} 1607 1608static void ath6kl_htc_pipe_flush_txep(struct htc_target *target, 1609 enum htc_endpoint_id endpoint, u16 tag) 1610{ 1611 struct htc_endpoint *ep = &target->endpoint[endpoint]; 1612 1613 if (ep->svc_id == 0) { 1614 WARN_ON_ONCE(1); 1615 /* not in use.. */ 1616 return; 1617 } 1618 1619 htc_flush_tx_endpoint(target, ep, tag); 1620} 1621 1622static int ath6kl_htc_pipe_add_rxbuf_multiple(struct htc_target *target, 1623 struct list_head *pkt_queue) 1624{ 1625 struct htc_packet *packet, *tmp_pkt, *first; 1626 struct htc_endpoint *ep; 1627 int status = 0; 1628 1629 if (list_empty(pkt_queue)) 1630 return -EINVAL; 1631 1632 first = list_first_entry(pkt_queue, struct htc_packet, list); 1633 1634 if (first->endpoint >= ENDPOINT_MAX) { 1635 WARN_ON_ONCE(1); 1636 return -EINVAL; 1637 } 1638 1639 ath6kl_dbg(ATH6KL_DBG_HTC, "%s: epid: %d, cnt:%d, len: %d\n", 1640 __func__, first->endpoint, get_queue_depth(pkt_queue), 1641 first->buf_len); 1642 1643 ep = &target->endpoint[first->endpoint]; 1644 1645 spin_lock_bh(&target->rx_lock); 1646 1647 /* store receive packets */ 1648 list_splice_tail_init(pkt_queue, &ep->rx_bufq); 1649 1650 spin_unlock_bh(&target->rx_lock); 1651 1652 if (status != 0) { 1653 /* walk through queue and mark each one canceled */ 1654 list_for_each_entry_safe(packet, tmp_pkt, pkt_queue, list) { 1655 packet->status = -ECANCELED; 1656 } 1657 1658 do_recv_completion(ep, pkt_queue); 1659 } 1660 1661 return status; 1662} 1663 1664static void ath6kl_htc_pipe_activity_changed(struct htc_target *target, 1665 enum htc_endpoint_id ep, 1666 bool active) 1667{ 1668 /* TODO */ 1669} 1670 1671static void ath6kl_htc_pipe_flush_rx_buf(struct htc_target *target) 1672{ 1673 struct htc_endpoint *endpoint; 1674 struct htc_packet *packet, *tmp_pkt; 1675 int i; 1676 1677 for (i = ENDPOINT_0; i < ENDPOINT_MAX; i++) { 1678 endpoint = &target->endpoint[i]; 1679 1680 spin_lock_bh(&target->rx_lock); 1681 1682 list_for_each_entry_safe(packet, tmp_pkt, 1683 &endpoint->rx_bufq, list) { 1684 list_del(&packet->list); 1685 spin_unlock_bh(&target->rx_lock); 1686 ath6kl_dbg(ATH6KL_DBG_HTC, 1687 "htc rx flush pkt 0x%p len %d ep %d\n", 1688 packet, packet->buf_len, 1689 packet->endpoint); 1690 dev_kfree_skb(packet->pkt_cntxt); 1691 spin_lock_bh(&target->rx_lock); 1692 } 1693 1694 spin_unlock_bh(&target->rx_lock); 1695 } 1696} 1697 1698static int ath6kl_htc_pipe_credit_setup(struct htc_target *target, 1699 struct ath6kl_htc_credit_info *info) 1700{ 1701 return 0; 1702} 1703 1704static const struct ath6kl_htc_ops ath6kl_htc_pipe_ops = { 1705 .create = ath6kl_htc_pipe_create, 1706 .wait_target = ath6kl_htc_pipe_wait_target, 1707 .start = ath6kl_htc_pipe_start, 1708 .conn_service = ath6kl_htc_pipe_conn_service, 1709 .tx = ath6kl_htc_pipe_tx, 1710 .stop = ath6kl_htc_pipe_stop, 1711 .cleanup = ath6kl_htc_pipe_cleanup, 1712 .flush_txep = ath6kl_htc_pipe_flush_txep, 1713 .flush_rx_buf = ath6kl_htc_pipe_flush_rx_buf, 1714 .activity_changed = ath6kl_htc_pipe_activity_changed, 1715 .get_rxbuf_num = ath6kl_htc_pipe_get_rxbuf_num, 1716 .add_rxbuf_multiple = ath6kl_htc_pipe_add_rxbuf_multiple, 1717 .credit_setup = ath6kl_htc_pipe_credit_setup, 1718 .tx_complete = ath6kl_htc_pipe_tx_complete, 1719 .rx_complete = ath6kl_htc_pipe_rx_complete, 1720}; 1721 1722void ath6kl_htc_pipe_attach(struct ath6kl *ar) 1723{ 1724 ar->htc_ops = &ath6kl_htc_pipe_ops; 1725} 1726