x86/xen: resume timer irqs early
[linux/fpc-iii.git] / drivers / net / wireless / cw1200 / wsm.c
blob9e0ca3048657533df52055ac8c30e01006e95048
1 /*
2 * WSM host interface (HI) implementation for
3 * ST-Ericsson CW1200 mac80211 drivers.
5 * Copyright (c) 2010, ST-Ericsson
6 * Author: Dmitry Tarnyagin <dmitry.tarnyagin@lockless.no>
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License version 2 as
10 * published by the Free Software Foundation.
13 #include <linux/skbuff.h>
14 #include <linux/wait.h>
15 #include <linux/delay.h>
16 #include <linux/sched.h>
17 #include <linux/random.h>
19 #include "cw1200.h"
20 #include "wsm.h"
21 #include "bh.h"
22 #include "sta.h"
23 #include "debug.h"
25 #define WSM_CMD_TIMEOUT (2 * HZ) /* With respect to interrupt loss */
26 #define WSM_CMD_START_TIMEOUT (7 * HZ)
27 #define WSM_CMD_RESET_TIMEOUT (3 * HZ) /* 2 sec. timeout was observed. */
28 #define WSM_CMD_MAX_TIMEOUT (3 * HZ)
30 #define WSM_SKIP(buf, size) \
31 do { \
32 if ((buf)->data + size > (buf)->end) \
33 goto underflow; \
34 (buf)->data += size; \
35 } while (0)
37 #define WSM_GET(buf, ptr, size) \
38 do { \
39 if ((buf)->data + size > (buf)->end) \
40 goto underflow; \
41 memcpy(ptr, (buf)->data, size); \
42 (buf)->data += size; \
43 } while (0)
45 #define __WSM_GET(buf, type, type2, cvt) \
46 ({ \
47 type val; \
48 if ((buf)->data + sizeof(type) > (buf)->end) \
49 goto underflow; \
50 val = cvt(*(type2 *)(buf)->data); \
51 (buf)->data += sizeof(type); \
52 val; \
55 #define WSM_GET8(buf) __WSM_GET(buf, u8, u8, (u8))
56 #define WSM_GET16(buf) __WSM_GET(buf, u16, __le16, __le16_to_cpu)
57 #define WSM_GET32(buf) __WSM_GET(buf, u32, __le32, __le32_to_cpu)
59 #define WSM_PUT(buf, ptr, size) \
60 do { \
61 if ((buf)->data + size > (buf)->end) \
62 if (wsm_buf_reserve((buf), size)) \
63 goto nomem; \
64 memcpy((buf)->data, ptr, size); \
65 (buf)->data += size; \
66 } while (0)
68 #define __WSM_PUT(buf, val, type, type2, cvt) \
69 do { \
70 if ((buf)->data + sizeof(type) > (buf)->end) \
71 if (wsm_buf_reserve((buf), sizeof(type))) \
72 goto nomem; \
73 *(type2 *)(buf)->data = cvt(val); \
74 (buf)->data += sizeof(type); \
75 } while (0)
77 #define WSM_PUT8(buf, val) __WSM_PUT(buf, val, u8, u8, (u8))
78 #define WSM_PUT16(buf, val) __WSM_PUT(buf, val, u16, __le16, __cpu_to_le16)
79 #define WSM_PUT32(buf, val) __WSM_PUT(buf, val, u32, __le32, __cpu_to_le32)
81 static void wsm_buf_reset(struct wsm_buf *buf);
82 static int wsm_buf_reserve(struct wsm_buf *buf, size_t extra_size);
84 static int wsm_cmd_send(struct cw1200_common *priv,
85 struct wsm_buf *buf,
86 void *arg, u16 cmd, long tmo);
88 #define wsm_cmd_lock(__priv) mutex_lock(&((__priv)->wsm_cmd_mux))
89 #define wsm_cmd_unlock(__priv) mutex_unlock(&((__priv)->wsm_cmd_mux))
91 /* ******************************************************************** */
92 /* WSM API implementation */
94 static int wsm_generic_confirm(struct cw1200_common *priv,
95 void *arg,
96 struct wsm_buf *buf)
98 u32 status = WSM_GET32(buf);
99 if (status != WSM_STATUS_SUCCESS)
100 return -EINVAL;
101 return 0;
103 underflow:
104 WARN_ON(1);
105 return -EINVAL;
108 int wsm_configuration(struct cw1200_common *priv, struct wsm_configuration *arg)
110 int ret;
111 struct wsm_buf *buf = &priv->wsm_cmd_buf;
113 wsm_cmd_lock(priv);
115 WSM_PUT32(buf, arg->dot11MaxTransmitMsduLifeTime);
116 WSM_PUT32(buf, arg->dot11MaxReceiveLifeTime);
117 WSM_PUT32(buf, arg->dot11RtsThreshold);
119 /* DPD block. */
120 WSM_PUT16(buf, arg->dpdData_size + 12);
121 WSM_PUT16(buf, 1); /* DPD version */
122 WSM_PUT(buf, arg->dot11StationId, ETH_ALEN);
123 WSM_PUT16(buf, 5); /* DPD flags */
124 WSM_PUT(buf, arg->dpdData, arg->dpdData_size);
126 ret = wsm_cmd_send(priv, buf, arg,
127 WSM_CONFIGURATION_REQ_ID, WSM_CMD_TIMEOUT);
129 wsm_cmd_unlock(priv);
130 return ret;
132 nomem:
133 wsm_cmd_unlock(priv);
134 return -ENOMEM;
137 static int wsm_configuration_confirm(struct cw1200_common *priv,
138 struct wsm_configuration *arg,
139 struct wsm_buf *buf)
141 int i;
142 int status;
144 status = WSM_GET32(buf);
145 if (WARN_ON(status != WSM_STATUS_SUCCESS))
146 return -EINVAL;
148 WSM_GET(buf, arg->dot11StationId, ETH_ALEN);
149 arg->dot11FrequencyBandsSupported = WSM_GET8(buf);
150 WSM_SKIP(buf, 1);
151 arg->supportedRateMask = WSM_GET32(buf);
152 for (i = 0; i < 2; ++i) {
153 arg->txPowerRange[i].min_power_level = WSM_GET32(buf);
154 arg->txPowerRange[i].max_power_level = WSM_GET32(buf);
155 arg->txPowerRange[i].stepping = WSM_GET32(buf);
157 return 0;
159 underflow:
160 WARN_ON(1);
161 return -EINVAL;
164 /* ******************************************************************** */
166 int wsm_reset(struct cw1200_common *priv, const struct wsm_reset *arg)
168 int ret;
169 struct wsm_buf *buf = &priv->wsm_cmd_buf;
170 u16 cmd = WSM_RESET_REQ_ID | WSM_TX_LINK_ID(arg->link_id);
172 wsm_cmd_lock(priv);
174 WSM_PUT32(buf, arg->reset_statistics ? 0 : 1);
175 ret = wsm_cmd_send(priv, buf, NULL, cmd, WSM_CMD_RESET_TIMEOUT);
176 wsm_cmd_unlock(priv);
177 return ret;
179 nomem:
180 wsm_cmd_unlock(priv);
181 return -ENOMEM;
184 /* ******************************************************************** */
186 struct wsm_mib {
187 u16 mib_id;
188 void *buf;
189 size_t buf_size;
192 int wsm_read_mib(struct cw1200_common *priv, u16 mib_id, void *_buf,
193 size_t buf_size)
195 int ret;
196 struct wsm_buf *buf = &priv->wsm_cmd_buf;
197 struct wsm_mib mib_buf = {
198 .mib_id = mib_id,
199 .buf = _buf,
200 .buf_size = buf_size,
202 wsm_cmd_lock(priv);
204 WSM_PUT16(buf, mib_id);
205 WSM_PUT16(buf, 0);
207 ret = wsm_cmd_send(priv, buf, &mib_buf,
208 WSM_READ_MIB_REQ_ID, WSM_CMD_TIMEOUT);
209 wsm_cmd_unlock(priv);
210 return ret;
212 nomem:
213 wsm_cmd_unlock(priv);
214 return -ENOMEM;
217 static int wsm_read_mib_confirm(struct cw1200_common *priv,
218 struct wsm_mib *arg,
219 struct wsm_buf *buf)
221 u16 size;
222 if (WARN_ON(WSM_GET32(buf) != WSM_STATUS_SUCCESS))
223 return -EINVAL;
225 if (WARN_ON(WSM_GET16(buf) != arg->mib_id))
226 return -EINVAL;
228 size = WSM_GET16(buf);
229 if (size > arg->buf_size)
230 size = arg->buf_size;
232 WSM_GET(buf, arg->buf, size);
233 arg->buf_size = size;
234 return 0;
236 underflow:
237 WARN_ON(1);
238 return -EINVAL;
241 /* ******************************************************************** */
243 int wsm_write_mib(struct cw1200_common *priv, u16 mib_id, void *_buf,
244 size_t buf_size)
246 int ret;
247 struct wsm_buf *buf = &priv->wsm_cmd_buf;
248 struct wsm_mib mib_buf = {
249 .mib_id = mib_id,
250 .buf = _buf,
251 .buf_size = buf_size,
254 wsm_cmd_lock(priv);
256 WSM_PUT16(buf, mib_id);
257 WSM_PUT16(buf, buf_size);
258 WSM_PUT(buf, _buf, buf_size);
260 ret = wsm_cmd_send(priv, buf, &mib_buf,
261 WSM_WRITE_MIB_REQ_ID, WSM_CMD_TIMEOUT);
262 wsm_cmd_unlock(priv);
263 return ret;
265 nomem:
266 wsm_cmd_unlock(priv);
267 return -ENOMEM;
270 static int wsm_write_mib_confirm(struct cw1200_common *priv,
271 struct wsm_mib *arg,
272 struct wsm_buf *buf)
274 int ret;
276 ret = wsm_generic_confirm(priv, arg, buf);
277 if (ret)
278 return ret;
280 if (arg->mib_id == WSM_MIB_ID_OPERATIONAL_POWER_MODE) {
281 /* OperationalMode: update PM status. */
282 const char *p = arg->buf;
283 cw1200_enable_powersave(priv, (p[0] & 0x0F) ? true : false);
285 return 0;
288 /* ******************************************************************** */
290 int wsm_scan(struct cw1200_common *priv, const struct wsm_scan *arg)
292 int i;
293 int ret;
294 struct wsm_buf *buf = &priv->wsm_cmd_buf;
296 if (arg->num_channels > 48)
297 return -EINVAL;
299 if (arg->num_ssids > 2)
300 return -EINVAL;
302 if (arg->band > 1)
303 return -EINVAL;
305 wsm_cmd_lock(priv);
307 WSM_PUT8(buf, arg->band);
308 WSM_PUT8(buf, arg->type);
309 WSM_PUT8(buf, arg->flags);
310 WSM_PUT8(buf, arg->max_tx_rate);
311 WSM_PUT32(buf, arg->auto_scan_interval);
312 WSM_PUT8(buf, arg->num_probes);
313 WSM_PUT8(buf, arg->num_channels);
314 WSM_PUT8(buf, arg->num_ssids);
315 WSM_PUT8(buf, arg->probe_delay);
317 for (i = 0; i < arg->num_channels; ++i) {
318 WSM_PUT16(buf, arg->ch[i].number);
319 WSM_PUT16(buf, 0);
320 WSM_PUT32(buf, arg->ch[i].min_chan_time);
321 WSM_PUT32(buf, arg->ch[i].max_chan_time);
322 WSM_PUT32(buf, 0);
325 for (i = 0; i < arg->num_ssids; ++i) {
326 WSM_PUT32(buf, arg->ssids[i].length);
327 WSM_PUT(buf, &arg->ssids[i].ssid[0],
328 sizeof(arg->ssids[i].ssid));
331 ret = wsm_cmd_send(priv, buf, NULL,
332 WSM_START_SCAN_REQ_ID, WSM_CMD_TIMEOUT);
333 wsm_cmd_unlock(priv);
334 return ret;
336 nomem:
337 wsm_cmd_unlock(priv);
338 return -ENOMEM;
341 /* ******************************************************************** */
343 int wsm_stop_scan(struct cw1200_common *priv)
345 int ret;
346 struct wsm_buf *buf = &priv->wsm_cmd_buf;
347 wsm_cmd_lock(priv);
348 ret = wsm_cmd_send(priv, buf, NULL,
349 WSM_STOP_SCAN_REQ_ID, WSM_CMD_TIMEOUT);
350 wsm_cmd_unlock(priv);
351 return ret;
355 static int wsm_tx_confirm(struct cw1200_common *priv,
356 struct wsm_buf *buf,
357 int link_id)
359 struct wsm_tx_confirm tx_confirm;
361 tx_confirm.packet_id = WSM_GET32(buf);
362 tx_confirm.status = WSM_GET32(buf);
363 tx_confirm.tx_rate = WSM_GET8(buf);
364 tx_confirm.ack_failures = WSM_GET8(buf);
365 tx_confirm.flags = WSM_GET16(buf);
366 tx_confirm.media_delay = WSM_GET32(buf);
367 tx_confirm.tx_queue_delay = WSM_GET32(buf);
369 cw1200_tx_confirm_cb(priv, link_id, &tx_confirm);
370 return 0;
372 underflow:
373 WARN_ON(1);
374 return -EINVAL;
377 static int wsm_multi_tx_confirm(struct cw1200_common *priv,
378 struct wsm_buf *buf, int link_id)
380 int ret;
381 int count;
382 int i;
384 count = WSM_GET32(buf);
385 if (WARN_ON(count <= 0))
386 return -EINVAL;
388 if (count > 1) {
389 /* We already released one buffer, now for the rest */
390 ret = wsm_release_tx_buffer(priv, count - 1);
391 if (ret < 0)
392 return ret;
393 else if (ret > 0)
394 cw1200_bh_wakeup(priv);
397 cw1200_debug_txed_multi(priv, count);
398 for (i = 0; i < count; ++i) {
399 ret = wsm_tx_confirm(priv, buf, link_id);
400 if (ret)
401 return ret;
403 return ret;
405 underflow:
406 WARN_ON(1);
407 return -EINVAL;
410 /* ******************************************************************** */
412 static int wsm_join_confirm(struct cw1200_common *priv,
413 struct wsm_join_cnf *arg,
414 struct wsm_buf *buf)
416 arg->status = WSM_GET32(buf);
417 if (WARN_ON(arg->status) != WSM_STATUS_SUCCESS)
418 return -EINVAL;
420 arg->min_power_level = WSM_GET32(buf);
421 arg->max_power_level = WSM_GET32(buf);
423 return 0;
425 underflow:
426 WARN_ON(1);
427 return -EINVAL;
430 int wsm_join(struct cw1200_common *priv, struct wsm_join *arg)
432 int ret;
433 struct wsm_buf *buf = &priv->wsm_cmd_buf;
434 struct wsm_join_cnf resp;
435 wsm_cmd_lock(priv);
437 WSM_PUT8(buf, arg->mode);
438 WSM_PUT8(buf, arg->band);
439 WSM_PUT16(buf, arg->channel_number);
440 WSM_PUT(buf, &arg->bssid[0], sizeof(arg->bssid));
441 WSM_PUT16(buf, arg->atim_window);
442 WSM_PUT8(buf, arg->preamble_type);
443 WSM_PUT8(buf, arg->probe_for_join);
444 WSM_PUT8(buf, arg->dtim_period);
445 WSM_PUT8(buf, arg->flags);
446 WSM_PUT32(buf, arg->ssid_len);
447 WSM_PUT(buf, &arg->ssid[0], sizeof(arg->ssid));
448 WSM_PUT32(buf, arg->beacon_interval);
449 WSM_PUT32(buf, arg->basic_rate_set);
451 priv->tx_burst_idx = -1;
452 ret = wsm_cmd_send(priv, buf, &resp,
453 WSM_JOIN_REQ_ID, WSM_CMD_TIMEOUT);
454 /* TODO: Update state based on resp.min|max_power_level */
456 priv->join_complete_status = resp.status;
458 wsm_cmd_unlock(priv);
459 return ret;
461 nomem:
462 wsm_cmd_unlock(priv);
463 return -ENOMEM;
466 /* ******************************************************************** */
468 int wsm_set_bss_params(struct cw1200_common *priv,
469 const struct wsm_set_bss_params *arg)
471 int ret;
472 struct wsm_buf *buf = &priv->wsm_cmd_buf;
474 wsm_cmd_lock(priv);
476 WSM_PUT8(buf, (arg->reset_beacon_loss ? 0x1 : 0));
477 WSM_PUT8(buf, arg->beacon_lost_count);
478 WSM_PUT16(buf, arg->aid);
479 WSM_PUT32(buf, arg->operational_rate_set);
481 ret = wsm_cmd_send(priv, buf, NULL,
482 WSM_SET_BSS_PARAMS_REQ_ID, WSM_CMD_TIMEOUT);
484 wsm_cmd_unlock(priv);
485 return ret;
487 nomem:
488 wsm_cmd_unlock(priv);
489 return -ENOMEM;
492 /* ******************************************************************** */
494 int wsm_add_key(struct cw1200_common *priv, const struct wsm_add_key *arg)
496 int ret;
497 struct wsm_buf *buf = &priv->wsm_cmd_buf;
499 wsm_cmd_lock(priv);
501 WSM_PUT(buf, arg, sizeof(*arg));
503 ret = wsm_cmd_send(priv, buf, NULL,
504 WSM_ADD_KEY_REQ_ID, WSM_CMD_TIMEOUT);
506 wsm_cmd_unlock(priv);
507 return ret;
509 nomem:
510 wsm_cmd_unlock(priv);
511 return -ENOMEM;
514 /* ******************************************************************** */
516 int wsm_remove_key(struct cw1200_common *priv, const struct wsm_remove_key *arg)
518 int ret;
519 struct wsm_buf *buf = &priv->wsm_cmd_buf;
521 wsm_cmd_lock(priv);
523 WSM_PUT8(buf, arg->index);
524 WSM_PUT8(buf, 0);
525 WSM_PUT16(buf, 0);
527 ret = wsm_cmd_send(priv, buf, NULL,
528 WSM_REMOVE_KEY_REQ_ID, WSM_CMD_TIMEOUT);
530 wsm_cmd_unlock(priv);
531 return ret;
533 nomem:
534 wsm_cmd_unlock(priv);
535 return -ENOMEM;
538 /* ******************************************************************** */
540 int wsm_set_tx_queue_params(struct cw1200_common *priv,
541 const struct wsm_set_tx_queue_params *arg, u8 id)
543 int ret;
544 struct wsm_buf *buf = &priv->wsm_cmd_buf;
545 u8 queue_id_to_wmm_aci[] = {3, 2, 0, 1};
547 wsm_cmd_lock(priv);
549 WSM_PUT8(buf, queue_id_to_wmm_aci[id]);
550 WSM_PUT8(buf, 0);
551 WSM_PUT8(buf, arg->ackPolicy);
552 WSM_PUT8(buf, 0);
553 WSM_PUT32(buf, arg->maxTransmitLifetime);
554 WSM_PUT16(buf, arg->allowedMediumTime);
555 WSM_PUT16(buf, 0);
557 ret = wsm_cmd_send(priv, buf, NULL, 0x0012, WSM_CMD_TIMEOUT);
559 wsm_cmd_unlock(priv);
560 return ret;
562 nomem:
563 wsm_cmd_unlock(priv);
564 return -ENOMEM;
567 /* ******************************************************************** */
569 int wsm_set_edca_params(struct cw1200_common *priv,
570 const struct wsm_edca_params *arg)
572 int ret;
573 struct wsm_buf *buf = &priv->wsm_cmd_buf;
575 wsm_cmd_lock(priv);
577 /* Implemented according to specification. */
579 WSM_PUT16(buf, arg->params[3].cwmin);
580 WSM_PUT16(buf, arg->params[2].cwmin);
581 WSM_PUT16(buf, arg->params[1].cwmin);
582 WSM_PUT16(buf, arg->params[0].cwmin);
584 WSM_PUT16(buf, arg->params[3].cwmax);
585 WSM_PUT16(buf, arg->params[2].cwmax);
586 WSM_PUT16(buf, arg->params[1].cwmax);
587 WSM_PUT16(buf, arg->params[0].cwmax);
589 WSM_PUT8(buf, arg->params[3].aifns);
590 WSM_PUT8(buf, arg->params[2].aifns);
591 WSM_PUT8(buf, arg->params[1].aifns);
592 WSM_PUT8(buf, arg->params[0].aifns);
594 WSM_PUT16(buf, arg->params[3].txop_limit);
595 WSM_PUT16(buf, arg->params[2].txop_limit);
596 WSM_PUT16(buf, arg->params[1].txop_limit);
597 WSM_PUT16(buf, arg->params[0].txop_limit);
599 WSM_PUT32(buf, arg->params[3].max_rx_lifetime);
600 WSM_PUT32(buf, arg->params[2].max_rx_lifetime);
601 WSM_PUT32(buf, arg->params[1].max_rx_lifetime);
602 WSM_PUT32(buf, arg->params[0].max_rx_lifetime);
604 ret = wsm_cmd_send(priv, buf, NULL,
605 WSM_EDCA_PARAMS_REQ_ID, WSM_CMD_TIMEOUT);
606 wsm_cmd_unlock(priv);
607 return ret;
609 nomem:
610 wsm_cmd_unlock(priv);
611 return -ENOMEM;
614 /* ******************************************************************** */
616 int wsm_switch_channel(struct cw1200_common *priv,
617 const struct wsm_switch_channel *arg)
619 int ret;
620 struct wsm_buf *buf = &priv->wsm_cmd_buf;
622 wsm_cmd_lock(priv);
624 WSM_PUT8(buf, arg->mode);
625 WSM_PUT8(buf, arg->switch_count);
626 WSM_PUT16(buf, arg->channel_number);
628 priv->channel_switch_in_progress = 1;
630 ret = wsm_cmd_send(priv, buf, NULL,
631 WSM_SWITCH_CHANNEL_REQ_ID, WSM_CMD_TIMEOUT);
632 if (ret)
633 priv->channel_switch_in_progress = 0;
635 wsm_cmd_unlock(priv);
636 return ret;
638 nomem:
639 wsm_cmd_unlock(priv);
640 return -ENOMEM;
643 /* ******************************************************************** */
645 int wsm_set_pm(struct cw1200_common *priv, const struct wsm_set_pm *arg)
647 int ret;
648 struct wsm_buf *buf = &priv->wsm_cmd_buf;
649 priv->ps_mode_switch_in_progress = 1;
651 wsm_cmd_lock(priv);
653 WSM_PUT8(buf, arg->mode);
654 WSM_PUT8(buf, arg->fast_psm_idle_period);
655 WSM_PUT8(buf, arg->ap_psm_change_period);
656 WSM_PUT8(buf, arg->min_auto_pspoll_period);
658 ret = wsm_cmd_send(priv, buf, NULL,
659 WSM_SET_PM_REQ_ID, WSM_CMD_TIMEOUT);
661 wsm_cmd_unlock(priv);
662 return ret;
664 nomem:
665 wsm_cmd_unlock(priv);
666 return -ENOMEM;
669 /* ******************************************************************** */
671 int wsm_start(struct cw1200_common *priv, const struct wsm_start *arg)
673 int ret;
674 struct wsm_buf *buf = &priv->wsm_cmd_buf;
676 wsm_cmd_lock(priv);
678 WSM_PUT8(buf, arg->mode);
679 WSM_PUT8(buf, arg->band);
680 WSM_PUT16(buf, arg->channel_number);
681 WSM_PUT32(buf, arg->ct_window);
682 WSM_PUT32(buf, arg->beacon_interval);
683 WSM_PUT8(buf, arg->dtim_period);
684 WSM_PUT8(buf, arg->preamble);
685 WSM_PUT8(buf, arg->probe_delay);
686 WSM_PUT8(buf, arg->ssid_len);
687 WSM_PUT(buf, arg->ssid, sizeof(arg->ssid));
688 WSM_PUT32(buf, arg->basic_rate_set);
690 priv->tx_burst_idx = -1;
691 ret = wsm_cmd_send(priv, buf, NULL,
692 WSM_START_REQ_ID, WSM_CMD_START_TIMEOUT);
694 wsm_cmd_unlock(priv);
695 return ret;
697 nomem:
698 wsm_cmd_unlock(priv);
699 return -ENOMEM;
702 /* ******************************************************************** */
704 int wsm_beacon_transmit(struct cw1200_common *priv,
705 const struct wsm_beacon_transmit *arg)
707 int ret;
708 struct wsm_buf *buf = &priv->wsm_cmd_buf;
710 wsm_cmd_lock(priv);
712 WSM_PUT32(buf, arg->enable_beaconing ? 1 : 0);
714 ret = wsm_cmd_send(priv, buf, NULL,
715 WSM_BEACON_TRANSMIT_REQ_ID, WSM_CMD_TIMEOUT);
717 wsm_cmd_unlock(priv);
718 return ret;
720 nomem:
721 wsm_cmd_unlock(priv);
722 return -ENOMEM;
725 /* ******************************************************************** */
727 int wsm_start_find(struct cw1200_common *priv)
729 int ret;
730 struct wsm_buf *buf = &priv->wsm_cmd_buf;
732 wsm_cmd_lock(priv);
733 ret = wsm_cmd_send(priv, buf, NULL, 0x0019, WSM_CMD_TIMEOUT);
734 wsm_cmd_unlock(priv);
735 return ret;
738 /* ******************************************************************** */
740 int wsm_stop_find(struct cw1200_common *priv)
742 int ret;
743 struct wsm_buf *buf = &priv->wsm_cmd_buf;
745 wsm_cmd_lock(priv);
746 ret = wsm_cmd_send(priv, buf, NULL, 0x001A, WSM_CMD_TIMEOUT);
747 wsm_cmd_unlock(priv);
748 return ret;
751 /* ******************************************************************** */
753 int wsm_map_link(struct cw1200_common *priv, const struct wsm_map_link *arg)
755 int ret;
756 struct wsm_buf *buf = &priv->wsm_cmd_buf;
757 u16 cmd = 0x001C | WSM_TX_LINK_ID(arg->link_id);
759 wsm_cmd_lock(priv);
761 WSM_PUT(buf, &arg->mac_addr[0], sizeof(arg->mac_addr));
762 WSM_PUT16(buf, 0);
764 ret = wsm_cmd_send(priv, buf, NULL, cmd, WSM_CMD_TIMEOUT);
766 wsm_cmd_unlock(priv);
767 return ret;
769 nomem:
770 wsm_cmd_unlock(priv);
771 return -ENOMEM;
774 /* ******************************************************************** */
776 int wsm_update_ie(struct cw1200_common *priv,
777 const struct wsm_update_ie *arg)
779 int ret;
780 struct wsm_buf *buf = &priv->wsm_cmd_buf;
782 wsm_cmd_lock(priv);
784 WSM_PUT16(buf, arg->what);
785 WSM_PUT16(buf, arg->count);
786 WSM_PUT(buf, arg->ies, arg->length);
788 ret = wsm_cmd_send(priv, buf, NULL, 0x001B, WSM_CMD_TIMEOUT);
790 wsm_cmd_unlock(priv);
791 return ret;
793 nomem:
794 wsm_cmd_unlock(priv);
795 return -ENOMEM;
798 /* ******************************************************************** */
799 int wsm_set_probe_responder(struct cw1200_common *priv, bool enable)
801 priv->rx_filter.probeResponder = enable;
802 return wsm_set_rx_filter(priv, &priv->rx_filter);
805 /* ******************************************************************** */
806 /* WSM indication events implementation */
807 const char * const cw1200_fw_types[] = {
808 "ETF",
809 "WFM",
810 "WSM",
811 "HI test",
812 "Platform test"
815 static int wsm_startup_indication(struct cw1200_common *priv,
816 struct wsm_buf *buf)
818 priv->wsm_caps.input_buffers = WSM_GET16(buf);
819 priv->wsm_caps.input_buffer_size = WSM_GET16(buf);
820 priv->wsm_caps.hw_id = WSM_GET16(buf);
821 priv->wsm_caps.hw_subid = WSM_GET16(buf);
822 priv->wsm_caps.status = WSM_GET16(buf);
823 priv->wsm_caps.fw_cap = WSM_GET16(buf);
824 priv->wsm_caps.fw_type = WSM_GET16(buf);
825 priv->wsm_caps.fw_api = WSM_GET16(buf);
826 priv->wsm_caps.fw_build = WSM_GET16(buf);
827 priv->wsm_caps.fw_ver = WSM_GET16(buf);
828 WSM_GET(buf, priv->wsm_caps.fw_label, sizeof(priv->wsm_caps.fw_label));
829 priv->wsm_caps.fw_label[sizeof(priv->wsm_caps.fw_label) - 1] = 0; /* Do not trust FW too much... */
831 if (WARN_ON(priv->wsm_caps.status))
832 return -EINVAL;
834 if (WARN_ON(priv->wsm_caps.fw_type > 4))
835 return -EINVAL;
837 pr_info("CW1200 WSM init done.\n"
838 " Input buffers: %d x %d bytes\n"
839 " Hardware: %d.%d\n"
840 " %s firmware [%s], ver: %d, build: %d,"
841 " api: %d, cap: 0x%.4X\n",
842 priv->wsm_caps.input_buffers,
843 priv->wsm_caps.input_buffer_size,
844 priv->wsm_caps.hw_id, priv->wsm_caps.hw_subid,
845 cw1200_fw_types[priv->wsm_caps.fw_type],
846 priv->wsm_caps.fw_label, priv->wsm_caps.fw_ver,
847 priv->wsm_caps.fw_build,
848 priv->wsm_caps.fw_api, priv->wsm_caps.fw_cap);
850 /* Disable unsupported frequency bands */
851 if (!(priv->wsm_caps.fw_cap & 0x1))
852 priv->hw->wiphy->bands[IEEE80211_BAND_2GHZ] = NULL;
853 if (!(priv->wsm_caps.fw_cap & 0x2))
854 priv->hw->wiphy->bands[IEEE80211_BAND_5GHZ] = NULL;
856 priv->firmware_ready = 1;
857 wake_up(&priv->wsm_startup_done);
858 return 0;
860 underflow:
861 WARN_ON(1);
862 return -EINVAL;
865 static int wsm_receive_indication(struct cw1200_common *priv,
866 int link_id,
867 struct wsm_buf *buf,
868 struct sk_buff **skb_p)
870 struct wsm_rx rx;
871 struct ieee80211_hdr *hdr;
872 size_t hdr_len;
873 __le16 fctl;
875 rx.status = WSM_GET32(buf);
876 rx.channel_number = WSM_GET16(buf);
877 rx.rx_rate = WSM_GET8(buf);
878 rx.rcpi_rssi = WSM_GET8(buf);
879 rx.flags = WSM_GET32(buf);
881 /* FW Workaround: Drop probe resp or
882 beacon when RSSI is 0
884 hdr = (struct ieee80211_hdr *)(*skb_p)->data;
886 if (!rx.rcpi_rssi &&
887 (ieee80211_is_probe_resp(hdr->frame_control) ||
888 ieee80211_is_beacon(hdr->frame_control)))
889 return 0;
891 /* If no RSSI subscription has been made,
892 * convert RCPI to RSSI here
894 if (!priv->cqm_use_rssi)
895 rx.rcpi_rssi = rx.rcpi_rssi / 2 - 110;
897 fctl = *(__le16 *)buf->data;
898 hdr_len = buf->data - buf->begin;
899 skb_pull(*skb_p, hdr_len);
900 if (!rx.status && ieee80211_is_deauth(fctl)) {
901 if (priv->join_status == CW1200_JOIN_STATUS_STA) {
902 /* Shedule unjoin work */
903 pr_debug("[WSM] Issue unjoin command (RX).\n");
904 wsm_lock_tx_async(priv);
905 if (queue_work(priv->workqueue,
906 &priv->unjoin_work) <= 0)
907 wsm_unlock_tx(priv);
910 cw1200_rx_cb(priv, &rx, link_id, skb_p);
911 if (*skb_p)
912 skb_push(*skb_p, hdr_len);
914 return 0;
916 underflow:
917 return -EINVAL;
920 static int wsm_event_indication(struct cw1200_common *priv, struct wsm_buf *buf)
922 int first;
923 struct cw1200_wsm_event *event;
925 if (priv->mode == NL80211_IFTYPE_UNSPECIFIED) {
926 /* STA is stopped. */
927 return 0;
930 event = kzalloc(sizeof(struct cw1200_wsm_event), GFP_KERNEL);
931 if (!event)
932 return -ENOMEM;
934 event->evt.id = WSM_GET32(buf);
935 event->evt.data = WSM_GET32(buf);
937 pr_debug("[WSM] Event: %d(%d)\n",
938 event->evt.id, event->evt.data);
940 spin_lock(&priv->event_queue_lock);
941 first = list_empty(&priv->event_queue);
942 list_add_tail(&event->link, &priv->event_queue);
943 spin_unlock(&priv->event_queue_lock);
945 if (first)
946 queue_work(priv->workqueue, &priv->event_handler);
948 return 0;
950 underflow:
951 kfree(event);
952 return -EINVAL;
955 static int wsm_channel_switch_indication(struct cw1200_common *priv,
956 struct wsm_buf *buf)
958 WARN_ON(WSM_GET32(buf));
960 priv->channel_switch_in_progress = 0;
961 wake_up(&priv->channel_switch_done);
963 wsm_unlock_tx(priv);
965 return 0;
967 underflow:
968 return -EINVAL;
971 static int wsm_set_pm_indication(struct cw1200_common *priv,
972 struct wsm_buf *buf)
974 /* TODO: Check buf (struct wsm_set_pm_complete) for validity */
975 if (priv->ps_mode_switch_in_progress) {
976 priv->ps_mode_switch_in_progress = 0;
977 wake_up(&priv->ps_mode_switch_done);
979 return 0;
982 static int wsm_scan_started(struct cw1200_common *priv, void *arg,
983 struct wsm_buf *buf)
985 u32 status = WSM_GET32(buf);
986 if (status != WSM_STATUS_SUCCESS) {
987 cw1200_scan_failed_cb(priv);
988 return -EINVAL;
990 return 0;
992 underflow:
993 WARN_ON(1);
994 return -EINVAL;
997 static int wsm_scan_complete_indication(struct cw1200_common *priv,
998 struct wsm_buf *buf)
1000 struct wsm_scan_complete arg;
1001 arg.status = WSM_GET32(buf);
1002 arg.psm = WSM_GET8(buf);
1003 arg.num_channels = WSM_GET8(buf);
1004 cw1200_scan_complete_cb(priv, &arg);
1006 return 0;
1008 underflow:
1009 return -EINVAL;
1012 static int wsm_join_complete_indication(struct cw1200_common *priv,
1013 struct wsm_buf *buf)
1015 struct wsm_join_complete arg;
1016 arg.status = WSM_GET32(buf);
1017 pr_debug("[WSM] Join complete indication, status: %d\n", arg.status);
1018 cw1200_join_complete_cb(priv, &arg);
1020 return 0;
1022 underflow:
1023 return -EINVAL;
1026 static int wsm_find_complete_indication(struct cw1200_common *priv,
1027 struct wsm_buf *buf)
1029 pr_warn("Implement find_complete_indication\n");
1030 return 0;
1033 static int wsm_ba_timeout_indication(struct cw1200_common *priv,
1034 struct wsm_buf *buf)
1036 u32 dummy;
1037 u8 tid;
1038 u8 dummy2;
1039 u8 addr[ETH_ALEN];
1041 dummy = WSM_GET32(buf);
1042 tid = WSM_GET8(buf);
1043 dummy2 = WSM_GET8(buf);
1044 WSM_GET(buf, addr, ETH_ALEN);
1046 pr_info("BlockACK timeout, tid %d, addr %pM\n",
1047 tid, addr);
1049 return 0;
1051 underflow:
1052 return -EINVAL;
1055 static int wsm_suspend_resume_indication(struct cw1200_common *priv,
1056 int link_id, struct wsm_buf *buf)
1058 u32 flags;
1059 struct wsm_suspend_resume arg;
1061 flags = WSM_GET32(buf);
1062 arg.link_id = link_id;
1063 arg.stop = !(flags & 1);
1064 arg.multicast = !!(flags & 8);
1065 arg.queue = (flags >> 1) & 3;
1067 cw1200_suspend_resume(priv, &arg);
1069 return 0;
1071 underflow:
1072 return -EINVAL;
1076 /* ******************************************************************** */
1077 /* WSM TX */
1079 static int wsm_cmd_send(struct cw1200_common *priv,
1080 struct wsm_buf *buf,
1081 void *arg, u16 cmd, long tmo)
1083 size_t buf_len = buf->data - buf->begin;
1084 int ret;
1086 /* Don't bother if we're dead. */
1087 if (priv->bh_error) {
1088 ret = 0;
1089 goto done;
1092 /* Block until the cmd buffer is completed. Tortuous. */
1093 spin_lock(&priv->wsm_cmd.lock);
1094 while (!priv->wsm_cmd.done) {
1095 spin_unlock(&priv->wsm_cmd.lock);
1096 spin_lock(&priv->wsm_cmd.lock);
1098 priv->wsm_cmd.done = 0;
1099 spin_unlock(&priv->wsm_cmd.lock);
1101 if (cmd == WSM_WRITE_MIB_REQ_ID ||
1102 cmd == WSM_READ_MIB_REQ_ID)
1103 pr_debug("[WSM] >>> 0x%.4X [MIB: 0x%.4X] (%zu)\n",
1104 cmd, __le16_to_cpu(((__le16 *)buf->begin)[2]),
1105 buf_len);
1106 else
1107 pr_debug("[WSM] >>> 0x%.4X (%zu)\n", cmd, buf_len);
1109 /* Due to buggy SPI on CW1200, we need to
1110 * pad the message by a few bytes to ensure
1111 * that it's completely received.
1113 buf_len += 4;
1115 /* Fill HI message header */
1116 /* BH will add sequence number */
1117 ((__le16 *)buf->begin)[0] = __cpu_to_le16(buf_len);
1118 ((__le16 *)buf->begin)[1] = __cpu_to_le16(cmd);
1120 spin_lock(&priv->wsm_cmd.lock);
1121 BUG_ON(priv->wsm_cmd.ptr);
1122 priv->wsm_cmd.ptr = buf->begin;
1123 priv->wsm_cmd.len = buf_len;
1124 priv->wsm_cmd.arg = arg;
1125 priv->wsm_cmd.cmd = cmd;
1126 spin_unlock(&priv->wsm_cmd.lock);
1128 cw1200_bh_wakeup(priv);
1130 /* Wait for command completion */
1131 ret = wait_event_timeout(priv->wsm_cmd_wq,
1132 priv->wsm_cmd.done, tmo);
1134 if (!ret && !priv->wsm_cmd.done) {
1135 spin_lock(&priv->wsm_cmd.lock);
1136 priv->wsm_cmd.done = 1;
1137 priv->wsm_cmd.ptr = NULL;
1138 spin_unlock(&priv->wsm_cmd.lock);
1139 if (priv->bh_error) {
1140 /* Return ok to help system cleanup */
1141 ret = 0;
1142 } else {
1143 pr_err("CMD req (0x%04x) stuck in firmware, killing BH\n", priv->wsm_cmd.cmd);
1144 print_hex_dump_bytes("REQDUMP: ", DUMP_PREFIX_NONE,
1145 buf->begin, buf_len);
1146 pr_err("Outstanding outgoing frames: %d\n", priv->hw_bufs_used);
1148 /* Kill BH thread to report the error to the top layer. */
1149 atomic_add(1, &priv->bh_term);
1150 wake_up(&priv->bh_wq);
1151 ret = -ETIMEDOUT;
1153 } else {
1154 spin_lock(&priv->wsm_cmd.lock);
1155 BUG_ON(!priv->wsm_cmd.done);
1156 ret = priv->wsm_cmd.ret;
1157 spin_unlock(&priv->wsm_cmd.lock);
1159 done:
1160 wsm_buf_reset(buf);
1161 return ret;
1164 /* ******************************************************************** */
1165 /* WSM TX port control */
1167 void wsm_lock_tx(struct cw1200_common *priv)
1169 wsm_cmd_lock(priv);
1170 if (atomic_add_return(1, &priv->tx_lock) == 1) {
1171 if (wsm_flush_tx(priv))
1172 pr_debug("[WSM] TX is locked.\n");
1174 wsm_cmd_unlock(priv);
1177 void wsm_lock_tx_async(struct cw1200_common *priv)
1179 if (atomic_add_return(1, &priv->tx_lock) == 1)
1180 pr_debug("[WSM] TX is locked (async).\n");
1183 bool wsm_flush_tx(struct cw1200_common *priv)
1185 unsigned long timestamp = jiffies;
1186 bool pending = false;
1187 long timeout;
1188 int i;
1190 /* Flush must be called with TX lock held. */
1191 BUG_ON(!atomic_read(&priv->tx_lock));
1193 /* First check if we really need to do something.
1194 * It is safe to use unprotected access, as hw_bufs_used
1195 * can only decrements.
1197 if (!priv->hw_bufs_used)
1198 return true;
1200 if (priv->bh_error) {
1201 /* In case of failure do not wait for magic. */
1202 pr_err("[WSM] Fatal error occurred, will not flush TX.\n");
1203 return false;
1204 } else {
1205 /* Get a timestamp of "oldest" frame */
1206 for (i = 0; i < 4; ++i)
1207 pending |= cw1200_queue_get_xmit_timestamp(
1208 &priv->tx_queue[i],
1209 &timestamp, 0xffffffff);
1210 /* If there's nothing pending, we're good */
1211 if (!pending)
1212 return true;
1214 timeout = timestamp + WSM_CMD_LAST_CHANCE_TIMEOUT - jiffies;
1215 if (timeout < 0 || wait_event_timeout(priv->bh_evt_wq,
1216 !priv->hw_bufs_used,
1217 timeout) <= 0) {
1218 /* Hmmm... Not good. Frame had stuck in firmware. */
1219 priv->bh_error = 1;
1220 wiphy_err(priv->hw->wiphy, "[WSM] TX Frames (%d) stuck in firmware, killing BH\n", priv->hw_bufs_used);
1221 wake_up(&priv->bh_wq);
1222 return false;
1225 /* Ok, everything is flushed. */
1226 return true;
1230 void wsm_unlock_tx(struct cw1200_common *priv)
1232 int tx_lock;
1233 tx_lock = atomic_sub_return(1, &priv->tx_lock);
1234 BUG_ON(tx_lock < 0);
1236 if (tx_lock == 0) {
1237 if (!priv->bh_error)
1238 cw1200_bh_wakeup(priv);
1239 pr_debug("[WSM] TX is unlocked.\n");
1243 /* ******************************************************************** */
1244 /* WSM RX */
1246 int wsm_handle_exception(struct cw1200_common *priv, u8 *data, size_t len)
1248 struct wsm_buf buf;
1249 u32 reason;
1250 u32 reg[18];
1251 char fname[48];
1252 unsigned int i;
1254 static const char * const reason_str[] = {
1255 "undefined instruction",
1256 "prefetch abort",
1257 "data abort",
1258 "unknown error",
1261 buf.begin = buf.data = data;
1262 buf.end = &buf.begin[len];
1264 reason = WSM_GET32(&buf);
1265 for (i = 0; i < ARRAY_SIZE(reg); ++i)
1266 reg[i] = WSM_GET32(&buf);
1267 WSM_GET(&buf, fname, sizeof(fname));
1269 if (reason < 4)
1270 wiphy_err(priv->hw->wiphy,
1271 "Firmware exception: %s.\n",
1272 reason_str[reason]);
1273 else
1274 wiphy_err(priv->hw->wiphy,
1275 "Firmware assert at %.*s, line %d\n",
1276 (int) sizeof(fname), fname, reg[1]);
1278 for (i = 0; i < 12; i += 4)
1279 wiphy_err(priv->hw->wiphy,
1280 "R%d: 0x%.8X, R%d: 0x%.8X, R%d: 0x%.8X, R%d: 0x%.8X,\n",
1281 i + 0, reg[i + 0], i + 1, reg[i + 1],
1282 i + 2, reg[i + 2], i + 3, reg[i + 3]);
1283 wiphy_err(priv->hw->wiphy,
1284 "R12: 0x%.8X, SP: 0x%.8X, LR: 0x%.8X, PC: 0x%.8X,\n",
1285 reg[i + 0], reg[i + 1], reg[i + 2], reg[i + 3]);
1286 i += 4;
1287 wiphy_err(priv->hw->wiphy,
1288 "CPSR: 0x%.8X, SPSR: 0x%.8X\n",
1289 reg[i + 0], reg[i + 1]);
1291 print_hex_dump_bytes("R1: ", DUMP_PREFIX_NONE,
1292 fname, sizeof(fname));
1293 return 0;
1295 underflow:
1296 wiphy_err(priv->hw->wiphy, "Firmware exception.\n");
1297 print_hex_dump_bytes("Exception: ", DUMP_PREFIX_NONE,
1298 data, len);
1299 return -EINVAL;
1302 int wsm_handle_rx(struct cw1200_common *priv, u16 id,
1303 struct wsm_hdr *wsm, struct sk_buff **skb_p)
1305 int ret = 0;
1306 struct wsm_buf wsm_buf;
1307 int link_id = (id >> 6) & 0x0F;
1309 /* Strip link id. */
1310 id &= ~WSM_TX_LINK_ID(WSM_TX_LINK_ID_MAX);
1312 wsm_buf.begin = (u8 *)&wsm[0];
1313 wsm_buf.data = (u8 *)&wsm[1];
1314 wsm_buf.end = &wsm_buf.begin[__le16_to_cpu(wsm->len)];
1316 pr_debug("[WSM] <<< 0x%.4X (%td)\n", id,
1317 wsm_buf.end - wsm_buf.begin);
1319 if (id == WSM_TX_CONFIRM_IND_ID) {
1320 ret = wsm_tx_confirm(priv, &wsm_buf, link_id);
1321 } else if (id == WSM_MULTI_TX_CONFIRM_ID) {
1322 ret = wsm_multi_tx_confirm(priv, &wsm_buf, link_id);
1323 } else if (id & 0x0400) {
1324 void *wsm_arg;
1325 u16 wsm_cmd;
1327 /* Do not trust FW too much. Protection against repeated
1328 * response and race condition removal (see above).
1330 spin_lock(&priv->wsm_cmd.lock);
1331 wsm_arg = priv->wsm_cmd.arg;
1332 wsm_cmd = priv->wsm_cmd.cmd &
1333 ~WSM_TX_LINK_ID(WSM_TX_LINK_ID_MAX);
1334 priv->wsm_cmd.cmd = 0xFFFF;
1335 spin_unlock(&priv->wsm_cmd.lock);
1337 if (WARN_ON((id & ~0x0400) != wsm_cmd)) {
1338 /* Note that any non-zero is a fatal retcode. */
1339 ret = -EINVAL;
1340 goto out;
1343 /* Note that wsm_arg can be NULL in case of timeout in
1344 * wsm_cmd_send().
1347 switch (id) {
1348 case WSM_READ_MIB_RESP_ID:
1349 if (wsm_arg)
1350 ret = wsm_read_mib_confirm(priv, wsm_arg,
1351 &wsm_buf);
1352 break;
1353 case WSM_WRITE_MIB_RESP_ID:
1354 if (wsm_arg)
1355 ret = wsm_write_mib_confirm(priv, wsm_arg,
1356 &wsm_buf);
1357 break;
1358 case WSM_START_SCAN_RESP_ID:
1359 if (wsm_arg)
1360 ret = wsm_scan_started(priv, wsm_arg, &wsm_buf);
1361 break;
1362 case WSM_CONFIGURATION_RESP_ID:
1363 if (wsm_arg)
1364 ret = wsm_configuration_confirm(priv, wsm_arg,
1365 &wsm_buf);
1366 break;
1367 case WSM_JOIN_RESP_ID:
1368 if (wsm_arg)
1369 ret = wsm_join_confirm(priv, wsm_arg, &wsm_buf);
1370 break;
1371 case WSM_STOP_SCAN_RESP_ID:
1372 case WSM_RESET_RESP_ID:
1373 case WSM_ADD_KEY_RESP_ID:
1374 case WSM_REMOVE_KEY_RESP_ID:
1375 case WSM_SET_PM_RESP_ID:
1376 case WSM_SET_BSS_PARAMS_RESP_ID:
1377 case 0x0412: /* set_tx_queue_params */
1378 case WSM_EDCA_PARAMS_RESP_ID:
1379 case WSM_SWITCH_CHANNEL_RESP_ID:
1380 case WSM_START_RESP_ID:
1381 case WSM_BEACON_TRANSMIT_RESP_ID:
1382 case 0x0419: /* start_find */
1383 case 0x041A: /* stop_find */
1384 case 0x041B: /* update_ie */
1385 case 0x041C: /* map_link */
1386 WARN_ON(wsm_arg != NULL);
1387 ret = wsm_generic_confirm(priv, wsm_arg, &wsm_buf);
1388 if (ret) {
1389 wiphy_warn(priv->hw->wiphy,
1390 "wsm_generic_confirm failed for request 0x%04x.\n",
1391 id & ~0x0400);
1393 /* often 0x407 and 0x410 occur, this means we're dead.. */
1394 if (priv->join_status >= CW1200_JOIN_STATUS_JOINING) {
1395 wsm_lock_tx(priv);
1396 if (queue_work(priv->workqueue, &priv->unjoin_work) <= 0)
1397 wsm_unlock_tx(priv);
1400 break;
1401 default:
1402 wiphy_warn(priv->hw->wiphy,
1403 "Unrecognized confirmation 0x%04x\n",
1404 id & ~0x0400);
1407 spin_lock(&priv->wsm_cmd.lock);
1408 priv->wsm_cmd.ret = ret;
1409 priv->wsm_cmd.done = 1;
1410 spin_unlock(&priv->wsm_cmd.lock);
1412 ret = 0; /* Error response from device should ne stop BH. */
1414 wake_up(&priv->wsm_cmd_wq);
1415 } else if (id & 0x0800) {
1416 switch (id) {
1417 case WSM_STARTUP_IND_ID:
1418 ret = wsm_startup_indication(priv, &wsm_buf);
1419 break;
1420 case WSM_RECEIVE_IND_ID:
1421 ret = wsm_receive_indication(priv, link_id,
1422 &wsm_buf, skb_p);
1423 break;
1424 case 0x0805:
1425 ret = wsm_event_indication(priv, &wsm_buf);
1426 break;
1427 case WSM_SCAN_COMPLETE_IND_ID:
1428 ret = wsm_scan_complete_indication(priv, &wsm_buf);
1429 break;
1430 case 0x0808:
1431 ret = wsm_ba_timeout_indication(priv, &wsm_buf);
1432 break;
1433 case 0x0809:
1434 ret = wsm_set_pm_indication(priv, &wsm_buf);
1435 break;
1436 case 0x080A:
1437 ret = wsm_channel_switch_indication(priv, &wsm_buf);
1438 break;
1439 case 0x080B:
1440 ret = wsm_find_complete_indication(priv, &wsm_buf);
1441 break;
1442 case 0x080C:
1443 ret = wsm_suspend_resume_indication(priv,
1444 link_id, &wsm_buf);
1445 break;
1446 case 0x080F:
1447 ret = wsm_join_complete_indication(priv, &wsm_buf);
1448 break;
1449 default:
1450 pr_warn("Unrecognised WSM ID %04x\n", id);
1452 } else {
1453 WARN_ON(1);
1454 ret = -EINVAL;
1456 out:
1457 return ret;
1460 static bool wsm_handle_tx_data(struct cw1200_common *priv,
1461 struct wsm_tx *wsm,
1462 const struct ieee80211_tx_info *tx_info,
1463 const struct cw1200_txpriv *txpriv,
1464 struct cw1200_queue *queue)
1466 bool handled = false;
1467 const struct ieee80211_hdr *frame =
1468 (struct ieee80211_hdr *)&((u8 *)wsm)[txpriv->offset];
1469 __le16 fctl = frame->frame_control;
1470 enum {
1471 do_probe,
1472 do_drop,
1473 do_wep,
1474 do_tx,
1475 } action = do_tx;
1477 switch (priv->mode) {
1478 case NL80211_IFTYPE_STATION:
1479 if (priv->join_status == CW1200_JOIN_STATUS_MONITOR)
1480 action = do_tx;
1481 else if (priv->join_status < CW1200_JOIN_STATUS_PRE_STA)
1482 action = do_drop;
1483 break;
1484 case NL80211_IFTYPE_AP:
1485 if (!priv->join_status) {
1486 action = do_drop;
1487 } else if (!(BIT(txpriv->raw_link_id) &
1488 (BIT(0) | priv->link_id_map))) {
1489 wiphy_warn(priv->hw->wiphy,
1490 "A frame with expired link id is dropped.\n");
1491 action = do_drop;
1493 if (cw1200_queue_get_generation(wsm->packet_id) >
1494 CW1200_MAX_REQUEUE_ATTEMPTS) {
1495 /* HACK!!! WSM324 firmware has tendency to requeue
1496 * multicast frames in a loop, causing performance
1497 * drop and high power consumption of the driver.
1498 * In this situation it is better just to drop
1499 * the problematic frame.
1501 wiphy_warn(priv->hw->wiphy,
1502 "Too many attempts to requeue a frame; dropped.\n");
1503 action = do_drop;
1505 break;
1506 case NL80211_IFTYPE_ADHOC:
1507 if (priv->join_status != CW1200_JOIN_STATUS_IBSS)
1508 action = do_drop;
1509 break;
1510 case NL80211_IFTYPE_MESH_POINT:
1511 action = do_tx; /* TODO: Test me! */
1512 break;
1513 case NL80211_IFTYPE_MONITOR:
1514 default:
1515 action = do_drop;
1516 break;
1519 if (action == do_tx) {
1520 if (ieee80211_is_nullfunc(fctl)) {
1521 spin_lock(&priv->bss_loss_lock);
1522 if (priv->bss_loss_state) {
1523 priv->bss_loss_confirm_id = wsm->packet_id;
1524 wsm->queue_id = WSM_QUEUE_VOICE;
1526 spin_unlock(&priv->bss_loss_lock);
1527 } else if (ieee80211_is_probe_req(fctl)) {
1528 action = do_probe;
1529 } else if (ieee80211_is_deauth(fctl) &&
1530 priv->mode != NL80211_IFTYPE_AP) {
1531 pr_debug("[WSM] Issue unjoin command due to tx deauth.\n");
1532 wsm_lock_tx_async(priv);
1533 if (queue_work(priv->workqueue,
1534 &priv->unjoin_work) <= 0)
1535 wsm_unlock_tx(priv);
1536 } else if (ieee80211_has_protected(fctl) &&
1537 tx_info->control.hw_key &&
1538 tx_info->control.hw_key->keyidx != priv->wep_default_key_id &&
1539 (tx_info->control.hw_key->cipher == WLAN_CIPHER_SUITE_WEP40 ||
1540 tx_info->control.hw_key->cipher == WLAN_CIPHER_SUITE_WEP104)) {
1541 action = do_wep;
1545 switch (action) {
1546 case do_probe:
1547 /* An interesting FW "feature". Device filters probe responses.
1548 * The easiest way to get it back is to convert
1549 * probe request into WSM start_scan command.
1551 pr_debug("[WSM] Convert probe request to scan.\n");
1552 wsm_lock_tx_async(priv);
1553 priv->pending_frame_id = wsm->packet_id;
1554 if (queue_delayed_work(priv->workqueue,
1555 &priv->scan.probe_work, 0) <= 0)
1556 wsm_unlock_tx(priv);
1557 handled = true;
1558 break;
1559 case do_drop:
1560 pr_debug("[WSM] Drop frame (0x%.4X).\n", fctl);
1561 BUG_ON(cw1200_queue_remove(queue, wsm->packet_id));
1562 handled = true;
1563 break;
1564 case do_wep:
1565 pr_debug("[WSM] Issue set_default_wep_key.\n");
1566 wsm_lock_tx_async(priv);
1567 priv->wep_default_key_id = tx_info->control.hw_key->keyidx;
1568 priv->pending_frame_id = wsm->packet_id;
1569 if (queue_work(priv->workqueue, &priv->wep_key_work) <= 0)
1570 wsm_unlock_tx(priv);
1571 handled = true;
1572 break;
1573 case do_tx:
1574 pr_debug("[WSM] Transmit frame.\n");
1575 break;
1576 default:
1577 /* Do nothing */
1578 break;
1580 return handled;
1583 static int cw1200_get_prio_queue(struct cw1200_common *priv,
1584 u32 link_id_map, int *total)
1586 static const int urgent = BIT(CW1200_LINK_ID_AFTER_DTIM) |
1587 BIT(CW1200_LINK_ID_UAPSD);
1588 struct wsm_edca_queue_params *edca;
1589 unsigned score, best = -1;
1590 int winner = -1;
1591 int queued;
1592 int i;
1594 /* search for a winner using edca params */
1595 for (i = 0; i < 4; ++i) {
1596 queued = cw1200_queue_get_num_queued(&priv->tx_queue[i],
1597 link_id_map);
1598 if (!queued)
1599 continue;
1600 *total += queued;
1601 edca = &priv->edca.params[i];
1602 score = ((edca->aifns + edca->cwmin) << 16) +
1603 ((edca->cwmax - edca->cwmin) *
1604 (get_random_int() & 0xFFFF));
1605 if (score < best && (winner < 0 || i != 3)) {
1606 best = score;
1607 winner = i;
1611 /* override winner if bursting */
1612 if (winner >= 0 && priv->tx_burst_idx >= 0 &&
1613 winner != priv->tx_burst_idx &&
1614 !cw1200_queue_get_num_queued(
1615 &priv->tx_queue[winner],
1616 link_id_map & urgent) &&
1617 cw1200_queue_get_num_queued(
1618 &priv->tx_queue[priv->tx_burst_idx],
1619 link_id_map))
1620 winner = priv->tx_burst_idx;
1622 return winner;
1625 static int wsm_get_tx_queue_and_mask(struct cw1200_common *priv,
1626 struct cw1200_queue **queue_p,
1627 u32 *tx_allowed_mask_p,
1628 bool *more)
1630 int idx;
1631 u32 tx_allowed_mask;
1632 int total = 0;
1634 /* Search for a queue with multicast frames buffered */
1635 if (priv->tx_multicast) {
1636 tx_allowed_mask = BIT(CW1200_LINK_ID_AFTER_DTIM);
1637 idx = cw1200_get_prio_queue(priv,
1638 tx_allowed_mask, &total);
1639 if (idx >= 0) {
1640 *more = total > 1;
1641 goto found;
1645 /* Search for unicast traffic */
1646 tx_allowed_mask = ~priv->sta_asleep_mask;
1647 tx_allowed_mask |= BIT(CW1200_LINK_ID_UAPSD);
1648 if (priv->sta_asleep_mask) {
1649 tx_allowed_mask |= priv->pspoll_mask;
1650 tx_allowed_mask &= ~BIT(CW1200_LINK_ID_AFTER_DTIM);
1651 } else {
1652 tx_allowed_mask |= BIT(CW1200_LINK_ID_AFTER_DTIM);
1654 idx = cw1200_get_prio_queue(priv,
1655 tx_allowed_mask, &total);
1656 if (idx < 0)
1657 return -ENOENT;
1659 found:
1660 *queue_p = &priv->tx_queue[idx];
1661 *tx_allowed_mask_p = tx_allowed_mask;
1662 return 0;
1665 int wsm_get_tx(struct cw1200_common *priv, u8 **data,
1666 size_t *tx_len, int *burst)
1668 struct wsm_tx *wsm = NULL;
1669 struct ieee80211_tx_info *tx_info;
1670 struct cw1200_queue *queue = NULL;
1671 int queue_num;
1672 u32 tx_allowed_mask = 0;
1673 const struct cw1200_txpriv *txpriv = NULL;
1674 int count = 0;
1676 /* More is used only for broadcasts. */
1677 bool more = false;
1679 if (priv->wsm_cmd.ptr) { /* CMD request */
1680 ++count;
1681 spin_lock(&priv->wsm_cmd.lock);
1682 BUG_ON(!priv->wsm_cmd.ptr);
1683 *data = priv->wsm_cmd.ptr;
1684 *tx_len = priv->wsm_cmd.len;
1685 *burst = 1;
1686 spin_unlock(&priv->wsm_cmd.lock);
1687 } else {
1688 for (;;) {
1689 int ret;
1691 if (atomic_add_return(0, &priv->tx_lock))
1692 break;
1694 spin_lock_bh(&priv->ps_state_lock);
1696 ret = wsm_get_tx_queue_and_mask(priv, &queue,
1697 &tx_allowed_mask, &more);
1698 queue_num = queue - priv->tx_queue;
1700 if (priv->buffered_multicasts &&
1701 (ret || !more) &&
1702 (priv->tx_multicast || !priv->sta_asleep_mask)) {
1703 priv->buffered_multicasts = false;
1704 if (priv->tx_multicast) {
1705 priv->tx_multicast = false;
1706 queue_work(priv->workqueue,
1707 &priv->multicast_stop_work);
1711 spin_unlock_bh(&priv->ps_state_lock);
1713 if (ret)
1714 break;
1716 if (cw1200_queue_get(queue,
1717 tx_allowed_mask,
1718 &wsm, &tx_info, &txpriv))
1719 continue;
1721 if (wsm_handle_tx_data(priv, wsm,
1722 tx_info, txpriv, queue))
1723 continue; /* Handled by WSM */
1725 wsm->hdr.id &= __cpu_to_le16(
1726 ~WSM_TX_LINK_ID(WSM_TX_LINK_ID_MAX));
1727 wsm->hdr.id |= cpu_to_le16(
1728 WSM_TX_LINK_ID(txpriv->raw_link_id));
1729 priv->pspoll_mask &= ~BIT(txpriv->raw_link_id);
1731 *data = (u8 *)wsm;
1732 *tx_len = __le16_to_cpu(wsm->hdr.len);
1734 /* allow bursting if txop is set */
1735 if (priv->edca.params[queue_num].txop_limit)
1736 *burst = min(*burst,
1737 (int)cw1200_queue_get_num_queued(queue, tx_allowed_mask) + 1);
1738 else
1739 *burst = 1;
1741 /* store index of bursting queue */
1742 if (*burst > 1)
1743 priv->tx_burst_idx = queue_num;
1744 else
1745 priv->tx_burst_idx = -1;
1747 if (more) {
1748 struct ieee80211_hdr *hdr =
1749 (struct ieee80211_hdr *)
1750 &((u8 *)wsm)[txpriv->offset];
1751 /* more buffered multicast/broadcast frames
1752 * ==> set MoreData flag in IEEE 802.11 header
1753 * to inform PS STAs
1755 hdr->frame_control |=
1756 cpu_to_le16(IEEE80211_FCTL_MOREDATA);
1759 pr_debug("[WSM] >>> 0x%.4X (%zu) %p %c\n",
1760 0x0004, *tx_len, *data,
1761 wsm->more ? 'M' : ' ');
1762 ++count;
1763 break;
1767 return count;
1770 void wsm_txed(struct cw1200_common *priv, u8 *data)
1772 if (data == priv->wsm_cmd.ptr) {
1773 spin_lock(&priv->wsm_cmd.lock);
1774 priv->wsm_cmd.ptr = NULL;
1775 spin_unlock(&priv->wsm_cmd.lock);
1779 /* ******************************************************************** */
1780 /* WSM buffer */
1782 void wsm_buf_init(struct wsm_buf *buf)
1784 BUG_ON(buf->begin);
1785 buf->begin = kmalloc(FWLOAD_BLOCK_SIZE, GFP_KERNEL | GFP_DMA);
1786 buf->end = buf->begin ? &buf->begin[FWLOAD_BLOCK_SIZE] : buf->begin;
1787 wsm_buf_reset(buf);
1790 void wsm_buf_deinit(struct wsm_buf *buf)
1792 kfree(buf->begin);
1793 buf->begin = buf->data = buf->end = NULL;
1796 static void wsm_buf_reset(struct wsm_buf *buf)
1798 if (buf->begin) {
1799 buf->data = &buf->begin[4];
1800 *(u32 *)buf->begin = 0;
1801 } else {
1802 buf->data = buf->begin;
1806 static int wsm_buf_reserve(struct wsm_buf *buf, size_t extra_size)
1808 size_t pos = buf->data - buf->begin;
1809 size_t size = pos + extra_size;
1811 size = round_up(size, FWLOAD_BLOCK_SIZE);
1813 buf->begin = krealloc(buf->begin, size, GFP_KERNEL | GFP_DMA);
1814 if (buf->begin) {
1815 buf->data = &buf->begin[pos];
1816 buf->end = &buf->begin[size];
1817 return 0;
1818 } else {
1819 buf->end = buf->data = buf->begin;
1820 return -ENOMEM;