Avoid reading past buffer when calling GETACL
[zen-stable.git] / drivers / net / wireless / libertas / main.c
blob957681dede1776b1a9ee94ab87626bb9e0f9ee63
1 /*
2 * This file contains the major functions in WLAN
3 * driver. It includes init, exit, open, close and main
4 * thread etc..
5 */
7 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
9 #include <linux/module.h>
10 #include <linux/delay.h>
11 #include <linux/etherdevice.h>
12 #include <linux/hardirq.h>
13 #include <linux/netdevice.h>
14 #include <linux/if_arp.h>
15 #include <linux/kthread.h>
16 #include <linux/kfifo.h>
17 #include <linux/slab.h>
18 #include <net/cfg80211.h>
20 #include "host.h"
21 #include "decl.h"
22 #include "dev.h"
23 #include "cfg.h"
24 #include "debugfs.h"
25 #include "cmd.h"
26 #include "mesh.h"
28 #define DRIVER_RELEASE_VERSION "323.p0"
29 const char lbs_driver_version[] = "COMM-USB8388-" DRIVER_RELEASE_VERSION
30 #ifdef DEBUG
31 "-dbg"
32 #endif
33 "";
36 /* Module parameters */
37 unsigned int lbs_debug;
38 EXPORT_SYMBOL_GPL(lbs_debug);
39 module_param_named(libertas_debug, lbs_debug, int, 0644);
41 unsigned int lbs_disablemesh;
42 EXPORT_SYMBOL_GPL(lbs_disablemesh);
43 module_param_named(libertas_disablemesh, lbs_disablemesh, int, 0644);
47 * This global structure is used to send the confirm_sleep command as
48 * fast as possible down to the firmware.
50 struct cmd_confirm_sleep confirm_sleep;
54 * the table to keep region code
56 u16 lbs_region_code_to_index[MRVDRV_MAX_REGION_CODE] =
57 { 0x10, 0x20, 0x30, 0x31, 0x32, 0x40 };
60 * FW rate table. FW refers to rates by their index in this table, not by the
61 * rate value itself. Values of 0x00 are
62 * reserved positions.
64 static u8 fw_data_rates[MAX_RATES] =
65 { 0x02, 0x04, 0x0B, 0x16, 0x00, 0x0C, 0x12,
66 0x18, 0x24, 0x30, 0x48, 0x60, 0x6C, 0x00
69 /**
70 * lbs_fw_index_to_data_rate - use index to get the data rate
72 * @idx: The index of data rate
73 * returns: data rate or 0
75 u32 lbs_fw_index_to_data_rate(u8 idx)
77 if (idx >= sizeof(fw_data_rates))
78 idx = 0;
79 return fw_data_rates[idx];
82 /**
83 * lbs_data_rate_to_fw_index - use rate to get the index
85 * @rate: data rate
86 * returns: index or 0
88 u8 lbs_data_rate_to_fw_index(u32 rate)
90 u8 i;
92 if (!rate)
93 return 0;
95 for (i = 0; i < sizeof(fw_data_rates); i++) {
96 if (rate == fw_data_rates[i])
97 return i;
99 return 0;
102 int lbs_set_iface_type(struct lbs_private *priv, enum nl80211_iftype type)
104 int ret = 0;
106 switch (type) {
107 case NL80211_IFTYPE_MONITOR:
108 ret = lbs_set_monitor_mode(priv, 1);
109 break;
110 case NL80211_IFTYPE_STATION:
111 if (priv->wdev->iftype == NL80211_IFTYPE_MONITOR)
112 ret = lbs_set_monitor_mode(priv, 0);
113 if (!ret)
114 ret = lbs_set_snmp_mib(priv, SNMP_MIB_OID_BSS_TYPE, 1);
115 break;
116 case NL80211_IFTYPE_ADHOC:
117 if (priv->wdev->iftype == NL80211_IFTYPE_MONITOR)
118 ret = lbs_set_monitor_mode(priv, 0);
119 if (!ret)
120 ret = lbs_set_snmp_mib(priv, SNMP_MIB_OID_BSS_TYPE, 2);
121 break;
122 default:
123 ret = -ENOTSUPP;
125 return ret;
128 int lbs_start_iface(struct lbs_private *priv)
130 struct cmd_ds_802_11_mac_address cmd;
131 int ret;
133 if (priv->power_restore) {
134 ret = priv->power_restore(priv);
135 if (ret)
136 return ret;
139 cmd.hdr.size = cpu_to_le16(sizeof(cmd));
140 cmd.action = cpu_to_le16(CMD_ACT_SET);
141 memcpy(cmd.macadd, priv->current_addr, ETH_ALEN);
143 ret = lbs_cmd_with_response(priv, CMD_802_11_MAC_ADDRESS, &cmd);
144 if (ret) {
145 lbs_deb_net("set MAC address failed\n");
146 goto err;
149 ret = lbs_set_iface_type(priv, priv->wdev->iftype);
150 if (ret) {
151 lbs_deb_net("set iface type failed\n");
152 goto err;
155 lbs_update_channel(priv);
157 priv->iface_running = true;
158 return 0;
160 err:
161 if (priv->power_save)
162 priv->power_save(priv);
163 return ret;
167 * lbs_dev_open - open the ethX interface
169 * @dev: A pointer to &net_device structure
170 * returns: 0 or -EBUSY if monitor mode active
172 static int lbs_dev_open(struct net_device *dev)
174 struct lbs_private *priv = dev->ml_priv;
175 int ret = 0;
177 lbs_deb_enter(LBS_DEB_NET);
178 if (!priv->iface_running) {
179 ret = lbs_start_iface(priv);
180 if (ret)
181 goto out;
184 spin_lock_irq(&priv->driver_lock);
186 netif_carrier_off(dev);
188 if (!priv->tx_pending_len)
189 netif_wake_queue(dev);
191 spin_unlock_irq(&priv->driver_lock);
193 out:
194 lbs_deb_leave_args(LBS_DEB_NET, "ret %d", ret);
195 return ret;
198 static bool lbs_command_queue_empty(struct lbs_private *priv)
200 unsigned long flags;
201 bool ret;
202 spin_lock_irqsave(&priv->driver_lock, flags);
203 ret = priv->cur_cmd == NULL && list_empty(&priv->cmdpendingq);
204 spin_unlock_irqrestore(&priv->driver_lock, flags);
205 return ret;
208 int lbs_stop_iface(struct lbs_private *priv)
210 unsigned long flags;
211 int ret = 0;
213 lbs_deb_enter(LBS_DEB_MAIN);
215 spin_lock_irqsave(&priv->driver_lock, flags);
216 priv->iface_running = false;
217 kfree_skb(priv->currenttxskb);
218 priv->currenttxskb = NULL;
219 priv->tx_pending_len = 0;
220 spin_unlock_irqrestore(&priv->driver_lock, flags);
222 cancel_work_sync(&priv->mcast_work);
223 del_timer_sync(&priv->tx_lockup_timer);
225 /* Disable command processing, and wait for all commands to complete */
226 lbs_deb_main("waiting for commands to complete\n");
227 wait_event(priv->waitq, lbs_command_queue_empty(priv));
228 lbs_deb_main("all commands completed\n");
230 if (priv->power_save)
231 ret = priv->power_save(priv);
233 lbs_deb_leave(LBS_DEB_MAIN);
234 return ret;
238 * lbs_eth_stop - close the ethX interface
240 * @dev: A pointer to &net_device structure
241 * returns: 0
243 static int lbs_eth_stop(struct net_device *dev)
245 struct lbs_private *priv = dev->ml_priv;
247 lbs_deb_enter(LBS_DEB_NET);
249 if (priv->connect_status == LBS_CONNECTED)
250 lbs_disconnect(priv, WLAN_REASON_DEAUTH_LEAVING);
252 spin_lock_irq(&priv->driver_lock);
253 netif_stop_queue(dev);
254 spin_unlock_irq(&priv->driver_lock);
256 lbs_update_mcast(priv);
257 cancel_delayed_work_sync(&priv->scan_work);
258 if (priv->scan_req)
259 lbs_scan_done(priv);
261 netif_carrier_off(priv->dev);
263 if (!lbs_iface_active(priv))
264 lbs_stop_iface(priv);
266 lbs_deb_leave(LBS_DEB_NET);
267 return 0;
270 void lbs_host_to_card_done(struct lbs_private *priv)
272 unsigned long flags;
274 lbs_deb_enter(LBS_DEB_THREAD);
276 spin_lock_irqsave(&priv->driver_lock, flags);
277 del_timer(&priv->tx_lockup_timer);
279 priv->dnld_sent = DNLD_RES_RECEIVED;
281 /* Wake main thread if commands are pending */
282 if (!priv->cur_cmd || priv->tx_pending_len > 0) {
283 if (!priv->wakeup_dev_required)
284 wake_up(&priv->waitq);
287 spin_unlock_irqrestore(&priv->driver_lock, flags);
288 lbs_deb_leave(LBS_DEB_THREAD);
290 EXPORT_SYMBOL_GPL(lbs_host_to_card_done);
292 int lbs_set_mac_address(struct net_device *dev, void *addr)
294 int ret = 0;
295 struct lbs_private *priv = dev->ml_priv;
296 struct sockaddr *phwaddr = addr;
298 lbs_deb_enter(LBS_DEB_NET);
301 * Can only set MAC address when all interfaces are down, to be written
302 * to the hardware when one of them is brought up.
304 if (lbs_iface_active(priv))
305 return -EBUSY;
307 /* In case it was called from the mesh device */
308 dev = priv->dev;
310 memcpy(priv->current_addr, phwaddr->sa_data, ETH_ALEN);
311 memcpy(dev->dev_addr, phwaddr->sa_data, ETH_ALEN);
312 if (priv->mesh_dev)
313 memcpy(priv->mesh_dev->dev_addr, phwaddr->sa_data, ETH_ALEN);
315 lbs_deb_leave_args(LBS_DEB_NET, "ret %d", ret);
316 return ret;
320 static inline int mac_in_list(unsigned char *list, int list_len,
321 unsigned char *mac)
323 while (list_len) {
324 if (!memcmp(list, mac, ETH_ALEN))
325 return 1;
326 list += ETH_ALEN;
327 list_len--;
329 return 0;
333 static int lbs_add_mcast_addrs(struct cmd_ds_mac_multicast_adr *cmd,
334 struct net_device *dev, int nr_addrs)
336 int i = nr_addrs;
337 struct netdev_hw_addr *ha;
338 int cnt;
340 if ((dev->flags & (IFF_UP|IFF_MULTICAST)) != (IFF_UP|IFF_MULTICAST))
341 return nr_addrs;
343 netif_addr_lock_bh(dev);
344 cnt = netdev_mc_count(dev);
345 netdev_for_each_mc_addr(ha, dev) {
346 if (mac_in_list(cmd->maclist, nr_addrs, ha->addr)) {
347 lbs_deb_net("mcast address %s:%pM skipped\n", dev->name,
348 ha->addr);
349 cnt--;
350 continue;
353 if (i == MRVDRV_MAX_MULTICAST_LIST_SIZE)
354 break;
355 memcpy(&cmd->maclist[6*i], ha->addr, ETH_ALEN);
356 lbs_deb_net("mcast address %s:%pM added to filter\n", dev->name,
357 ha->addr);
358 i++;
359 cnt--;
361 netif_addr_unlock_bh(dev);
362 if (cnt)
363 return -EOVERFLOW;
365 return i;
368 void lbs_update_mcast(struct lbs_private *priv)
370 struct cmd_ds_mac_multicast_adr mcast_cmd;
371 int dev_flags = 0;
372 int nr_addrs;
373 int old_mac_control = priv->mac_control;
375 lbs_deb_enter(LBS_DEB_NET);
377 if (netif_running(priv->dev))
378 dev_flags |= priv->dev->flags;
379 if (priv->mesh_dev && netif_running(priv->mesh_dev))
380 dev_flags |= priv->mesh_dev->flags;
382 if (dev_flags & IFF_PROMISC) {
383 priv->mac_control |= CMD_ACT_MAC_PROMISCUOUS_ENABLE;
384 priv->mac_control &= ~(CMD_ACT_MAC_ALL_MULTICAST_ENABLE |
385 CMD_ACT_MAC_MULTICAST_ENABLE);
386 goto out_set_mac_control;
387 } else if (dev_flags & IFF_ALLMULTI) {
388 do_allmulti:
389 priv->mac_control |= CMD_ACT_MAC_ALL_MULTICAST_ENABLE;
390 priv->mac_control &= ~(CMD_ACT_MAC_PROMISCUOUS_ENABLE |
391 CMD_ACT_MAC_MULTICAST_ENABLE);
392 goto out_set_mac_control;
395 /* Once for priv->dev, again for priv->mesh_dev if it exists */
396 nr_addrs = lbs_add_mcast_addrs(&mcast_cmd, priv->dev, 0);
397 if (nr_addrs >= 0 && priv->mesh_dev)
398 nr_addrs = lbs_add_mcast_addrs(&mcast_cmd, priv->mesh_dev, nr_addrs);
399 if (nr_addrs < 0)
400 goto do_allmulti;
402 if (nr_addrs) {
403 int size = offsetof(struct cmd_ds_mac_multicast_adr,
404 maclist[6*nr_addrs]);
406 mcast_cmd.action = cpu_to_le16(CMD_ACT_SET);
407 mcast_cmd.hdr.size = cpu_to_le16(size);
408 mcast_cmd.nr_of_adrs = cpu_to_le16(nr_addrs);
410 lbs_cmd_async(priv, CMD_MAC_MULTICAST_ADR, &mcast_cmd.hdr, size);
412 priv->mac_control |= CMD_ACT_MAC_MULTICAST_ENABLE;
413 } else
414 priv->mac_control &= ~CMD_ACT_MAC_MULTICAST_ENABLE;
416 priv->mac_control &= ~(CMD_ACT_MAC_PROMISCUOUS_ENABLE |
417 CMD_ACT_MAC_ALL_MULTICAST_ENABLE);
418 out_set_mac_control:
419 if (priv->mac_control != old_mac_control)
420 lbs_set_mac_control(priv);
422 lbs_deb_leave(LBS_DEB_NET);
425 static void lbs_set_mcast_worker(struct work_struct *work)
427 struct lbs_private *priv = container_of(work, struct lbs_private, mcast_work);
428 lbs_update_mcast(priv);
431 void lbs_set_multicast_list(struct net_device *dev)
433 struct lbs_private *priv = dev->ml_priv;
435 schedule_work(&priv->mcast_work);
439 * lbs_thread - handles the major jobs in the LBS driver.
440 * It handles all events generated by firmware, RX data received
441 * from firmware and TX data sent from kernel.
443 * @data: A pointer to &lbs_thread structure
444 * returns: 0
446 static int lbs_thread(void *data)
448 struct net_device *dev = data;
449 struct lbs_private *priv = dev->ml_priv;
450 wait_queue_t wait;
452 lbs_deb_enter(LBS_DEB_THREAD);
454 init_waitqueue_entry(&wait, current);
456 for (;;) {
457 int shouldsleep;
458 u8 resp_idx;
460 lbs_deb_thread("1: currenttxskb %p, dnld_sent %d\n",
461 priv->currenttxskb, priv->dnld_sent);
463 add_wait_queue(&priv->waitq, &wait);
464 set_current_state(TASK_INTERRUPTIBLE);
465 spin_lock_irq(&priv->driver_lock);
467 if (kthread_should_stop())
468 shouldsleep = 0; /* Bye */
469 else if (priv->surpriseremoved)
470 shouldsleep = 1; /* We need to wait until we're _told_ to die */
471 else if (priv->psstate == PS_STATE_SLEEP)
472 shouldsleep = 1; /* Sleep mode. Nothing we can do till it wakes */
473 else if (priv->cmd_timed_out)
474 shouldsleep = 0; /* Command timed out. Recover */
475 else if (!priv->fw_ready)
476 shouldsleep = 1; /* Firmware not ready. We're waiting for it */
477 else if (priv->dnld_sent)
478 shouldsleep = 1; /* Something is en route to the device already */
479 else if (priv->tx_pending_len > 0)
480 shouldsleep = 0; /* We've a packet to send */
481 else if (priv->resp_len[priv->resp_idx])
482 shouldsleep = 0; /* We have a command response */
483 else if (priv->cur_cmd)
484 shouldsleep = 1; /* Can't send a command; one already running */
485 else if (!list_empty(&priv->cmdpendingq) &&
486 !(priv->wakeup_dev_required))
487 shouldsleep = 0; /* We have a command to send */
488 else if (kfifo_len(&priv->event_fifo))
489 shouldsleep = 0; /* We have an event to process */
490 else
491 shouldsleep = 1; /* No command */
493 if (shouldsleep) {
494 lbs_deb_thread("sleeping, connect_status %d, "
495 "psmode %d, psstate %d\n",
496 priv->connect_status,
497 priv->psmode, priv->psstate);
498 spin_unlock_irq(&priv->driver_lock);
499 schedule();
500 } else
501 spin_unlock_irq(&priv->driver_lock);
503 lbs_deb_thread("2: currenttxskb %p, dnld_send %d\n",
504 priv->currenttxskb, priv->dnld_sent);
506 set_current_state(TASK_RUNNING);
507 remove_wait_queue(&priv->waitq, &wait);
509 lbs_deb_thread("3: currenttxskb %p, dnld_sent %d\n",
510 priv->currenttxskb, priv->dnld_sent);
512 if (kthread_should_stop()) {
513 lbs_deb_thread("break from main thread\n");
514 break;
517 if (priv->surpriseremoved) {
518 lbs_deb_thread("adapter removed; waiting to die...\n");
519 continue;
522 lbs_deb_thread("4: currenttxskb %p, dnld_sent %d\n",
523 priv->currenttxskb, priv->dnld_sent);
525 /* Process any pending command response */
526 spin_lock_irq(&priv->driver_lock);
527 resp_idx = priv->resp_idx;
528 if (priv->resp_len[resp_idx]) {
529 spin_unlock_irq(&priv->driver_lock);
530 lbs_process_command_response(priv,
531 priv->resp_buf[resp_idx],
532 priv->resp_len[resp_idx]);
533 spin_lock_irq(&priv->driver_lock);
534 priv->resp_len[resp_idx] = 0;
536 spin_unlock_irq(&priv->driver_lock);
538 /* Process hardware events, e.g. card removed, link lost */
539 spin_lock_irq(&priv->driver_lock);
540 while (kfifo_len(&priv->event_fifo)) {
541 u32 event;
543 if (kfifo_out(&priv->event_fifo,
544 (unsigned char *) &event, sizeof(event)) !=
545 sizeof(event))
546 break;
547 spin_unlock_irq(&priv->driver_lock);
548 lbs_process_event(priv, event);
549 spin_lock_irq(&priv->driver_lock);
551 spin_unlock_irq(&priv->driver_lock);
553 if (priv->wakeup_dev_required) {
554 lbs_deb_thread("Waking up device...\n");
555 /* Wake up device */
556 if (priv->exit_deep_sleep(priv))
557 lbs_deb_thread("Wakeup device failed\n");
558 continue;
561 /* command timeout stuff */
562 if (priv->cmd_timed_out && priv->cur_cmd) {
563 struct cmd_ctrl_node *cmdnode = priv->cur_cmd;
565 netdev_info(dev, "Timeout submitting command 0x%04x\n",
566 le16_to_cpu(cmdnode->cmdbuf->command));
567 lbs_complete_command(priv, cmdnode, -ETIMEDOUT);
568 if (priv->reset_card)
569 priv->reset_card(priv);
571 priv->cmd_timed_out = 0;
573 if (!priv->fw_ready)
574 continue;
576 /* Check if we need to confirm Sleep Request received previously */
577 if (priv->psstate == PS_STATE_PRE_SLEEP &&
578 !priv->dnld_sent && !priv->cur_cmd) {
579 if (priv->connect_status == LBS_CONNECTED) {
580 lbs_deb_thread("pre-sleep, currenttxskb %p, "
581 "dnld_sent %d, cur_cmd %p\n",
582 priv->currenttxskb, priv->dnld_sent,
583 priv->cur_cmd);
585 lbs_ps_confirm_sleep(priv);
586 } else {
587 /* workaround for firmware sending
588 * deauth/linkloss event immediately
589 * after sleep request; remove this
590 * after firmware fixes it
592 priv->psstate = PS_STATE_AWAKE;
593 netdev_alert(dev,
594 "ignore PS_SleepConfirm in non-connected state\n");
598 /* The PS state is changed during processing of Sleep Request
599 * event above
601 if ((priv->psstate == PS_STATE_SLEEP) ||
602 (priv->psstate == PS_STATE_PRE_SLEEP))
603 continue;
605 if (priv->is_deep_sleep)
606 continue;
608 /* Execute the next command */
609 if (!priv->dnld_sent && !priv->cur_cmd)
610 lbs_execute_next_command(priv);
612 spin_lock_irq(&priv->driver_lock);
613 if (!priv->dnld_sent && priv->tx_pending_len > 0) {
614 int ret = priv->hw_host_to_card(priv, MVMS_DAT,
615 priv->tx_pending_buf,
616 priv->tx_pending_len);
617 if (ret) {
618 lbs_deb_tx("host_to_card failed %d\n", ret);
619 priv->dnld_sent = DNLD_RES_RECEIVED;
620 } else {
621 mod_timer(&priv->tx_lockup_timer,
622 jiffies + (HZ * 5));
624 priv->tx_pending_len = 0;
625 if (!priv->currenttxskb) {
626 /* We can wake the queues immediately if we aren't
627 waiting for TX feedback */
628 if (priv->connect_status == LBS_CONNECTED)
629 netif_wake_queue(priv->dev);
630 if (priv->mesh_dev &&
631 netif_running(priv->mesh_dev))
632 netif_wake_queue(priv->mesh_dev);
635 spin_unlock_irq(&priv->driver_lock);
638 del_timer(&priv->command_timer);
639 del_timer(&priv->tx_lockup_timer);
640 del_timer(&priv->auto_deepsleep_timer);
642 lbs_deb_leave(LBS_DEB_THREAD);
643 return 0;
647 * lbs_setup_firmware - gets the HW spec from the firmware and sets
648 * some basic parameters
650 * @priv: A pointer to &struct lbs_private structure
651 * returns: 0 or -1
653 static int lbs_setup_firmware(struct lbs_private *priv)
655 int ret = -1;
656 s16 curlevel = 0, minlevel = 0, maxlevel = 0;
658 lbs_deb_enter(LBS_DEB_FW);
660 /* Read MAC address from firmware */
661 memset(priv->current_addr, 0xff, ETH_ALEN);
662 ret = lbs_update_hw_spec(priv);
663 if (ret)
664 goto done;
666 /* Read power levels if available */
667 ret = lbs_get_tx_power(priv, &curlevel, &minlevel, &maxlevel);
668 if (ret == 0) {
669 priv->txpower_cur = curlevel;
670 priv->txpower_min = minlevel;
671 priv->txpower_max = maxlevel;
674 /* Send cmd to FW to enable 11D function */
675 ret = lbs_set_snmp_mib(priv, SNMP_MIB_OID_11D_ENABLE, 1);
677 lbs_set_mac_control(priv);
678 done:
679 lbs_deb_leave_args(LBS_DEB_FW, "ret %d", ret);
680 return ret;
683 int lbs_suspend(struct lbs_private *priv)
685 int ret;
687 lbs_deb_enter(LBS_DEB_FW);
689 if (priv->is_deep_sleep) {
690 ret = lbs_set_deep_sleep(priv, 0);
691 if (ret) {
692 netdev_err(priv->dev,
693 "deep sleep cancellation failed: %d\n", ret);
694 return ret;
696 priv->deep_sleep_required = 1;
699 ret = lbs_set_host_sleep(priv, 1);
701 netif_device_detach(priv->dev);
702 if (priv->mesh_dev)
703 netif_device_detach(priv->mesh_dev);
705 lbs_deb_leave_args(LBS_DEB_FW, "ret %d", ret);
706 return ret;
708 EXPORT_SYMBOL_GPL(lbs_suspend);
710 int lbs_resume(struct lbs_private *priv)
712 int ret;
714 lbs_deb_enter(LBS_DEB_FW);
716 ret = lbs_set_host_sleep(priv, 0);
718 netif_device_attach(priv->dev);
719 if (priv->mesh_dev)
720 netif_device_attach(priv->mesh_dev);
722 if (priv->deep_sleep_required) {
723 priv->deep_sleep_required = 0;
724 ret = lbs_set_deep_sleep(priv, 1);
725 if (ret)
726 netdev_err(priv->dev,
727 "deep sleep activation failed: %d\n", ret);
730 if (priv->setup_fw_on_resume)
731 ret = lbs_setup_firmware(priv);
733 lbs_deb_leave_args(LBS_DEB_FW, "ret %d", ret);
734 return ret;
736 EXPORT_SYMBOL_GPL(lbs_resume);
739 * lbs_cmd_timeout_handler - handles the timeout of command sending.
740 * It will re-send the same command again.
742 * @data: &struct lbs_private pointer
744 static void lbs_cmd_timeout_handler(unsigned long data)
746 struct lbs_private *priv = (struct lbs_private *)data;
747 unsigned long flags;
749 lbs_deb_enter(LBS_DEB_CMD);
750 spin_lock_irqsave(&priv->driver_lock, flags);
752 if (!priv->cur_cmd)
753 goto out;
755 netdev_info(priv->dev, "command 0x%04x timed out\n",
756 le16_to_cpu(priv->cur_cmd->cmdbuf->command));
758 priv->cmd_timed_out = 1;
761 * If the device didn't even acknowledge the command, reset the state
762 * so that we don't block all future commands due to this one timeout.
764 if (priv->dnld_sent == DNLD_CMD_SENT)
765 priv->dnld_sent = DNLD_RES_RECEIVED;
767 wake_up(&priv->waitq);
768 out:
769 spin_unlock_irqrestore(&priv->driver_lock, flags);
770 lbs_deb_leave(LBS_DEB_CMD);
774 * lbs_tx_lockup_handler - handles the timeout of the passing of TX frames
775 * to the hardware. This is known to frequently happen with SD8686 when
776 * waking up after a Wake-on-WLAN-triggered resume.
778 * @data: &struct lbs_private pointer
780 static void lbs_tx_lockup_handler(unsigned long data)
782 struct lbs_private *priv = (struct lbs_private *)data;
783 unsigned long flags;
785 lbs_deb_enter(LBS_DEB_TX);
786 spin_lock_irqsave(&priv->driver_lock, flags);
788 netdev_info(priv->dev, "TX lockup detected\n");
789 if (priv->reset_card)
790 priv->reset_card(priv);
792 priv->dnld_sent = DNLD_RES_RECEIVED;
793 wake_up_interruptible(&priv->waitq);
795 spin_unlock_irqrestore(&priv->driver_lock, flags);
796 lbs_deb_leave(LBS_DEB_TX);
800 * auto_deepsleep_timer_fn - put the device back to deep sleep mode when
801 * timer expires and no activity (command, event, data etc.) is detected.
802 * @data: &struct lbs_private pointer
803 * returns: N/A
805 static void auto_deepsleep_timer_fn(unsigned long data)
807 struct lbs_private *priv = (struct lbs_private *)data;
809 lbs_deb_enter(LBS_DEB_CMD);
811 if (priv->is_activity_detected) {
812 priv->is_activity_detected = 0;
813 } else {
814 if (priv->is_auto_deep_sleep_enabled &&
815 (!priv->wakeup_dev_required) &&
816 (priv->connect_status != LBS_CONNECTED)) {
817 struct cmd_header cmd;
819 lbs_deb_main("Entering auto deep sleep mode...\n");
820 memset(&cmd, 0, sizeof(cmd));
821 cmd.size = cpu_to_le16(sizeof(cmd));
822 lbs_cmd_async(priv, CMD_802_11_DEEP_SLEEP, &cmd,
823 sizeof(cmd));
826 mod_timer(&priv->auto_deepsleep_timer , jiffies +
827 (priv->auto_deep_sleep_timeout * HZ)/1000);
828 lbs_deb_leave(LBS_DEB_CMD);
831 int lbs_enter_auto_deep_sleep(struct lbs_private *priv)
833 lbs_deb_enter(LBS_DEB_SDIO);
835 priv->is_auto_deep_sleep_enabled = 1;
836 if (priv->is_deep_sleep)
837 priv->wakeup_dev_required = 1;
838 mod_timer(&priv->auto_deepsleep_timer ,
839 jiffies + (priv->auto_deep_sleep_timeout * HZ)/1000);
841 lbs_deb_leave(LBS_DEB_SDIO);
842 return 0;
845 int lbs_exit_auto_deep_sleep(struct lbs_private *priv)
847 lbs_deb_enter(LBS_DEB_SDIO);
849 priv->is_auto_deep_sleep_enabled = 0;
850 priv->auto_deep_sleep_timeout = 0;
851 del_timer(&priv->auto_deepsleep_timer);
853 lbs_deb_leave(LBS_DEB_SDIO);
854 return 0;
857 static int lbs_init_adapter(struct lbs_private *priv)
859 int ret;
861 lbs_deb_enter(LBS_DEB_MAIN);
863 memset(priv->current_addr, 0xff, ETH_ALEN);
865 priv->connect_status = LBS_DISCONNECTED;
866 priv->channel = DEFAULT_AD_HOC_CHANNEL;
867 priv->mac_control = CMD_ACT_MAC_RX_ON | CMD_ACT_MAC_TX_ON;
868 priv->radio_on = 1;
869 priv->psmode = LBS802_11POWERMODECAM;
870 priv->psstate = PS_STATE_FULL_POWER;
871 priv->is_deep_sleep = 0;
872 priv->is_auto_deep_sleep_enabled = 0;
873 priv->deep_sleep_required = 0;
874 priv->wakeup_dev_required = 0;
875 init_waitqueue_head(&priv->ds_awake_q);
876 init_waitqueue_head(&priv->scan_q);
877 priv->authtype_auto = 1;
878 priv->is_host_sleep_configured = 0;
879 priv->is_host_sleep_activated = 0;
880 init_waitqueue_head(&priv->host_sleep_q);
881 mutex_init(&priv->lock);
883 setup_timer(&priv->command_timer, lbs_cmd_timeout_handler,
884 (unsigned long)priv);
885 setup_timer(&priv->tx_lockup_timer, lbs_tx_lockup_handler,
886 (unsigned long)priv);
887 setup_timer(&priv->auto_deepsleep_timer, auto_deepsleep_timer_fn,
888 (unsigned long)priv);
890 INIT_LIST_HEAD(&priv->cmdfreeq);
891 INIT_LIST_HEAD(&priv->cmdpendingq);
893 spin_lock_init(&priv->driver_lock);
895 /* Allocate the command buffers */
896 if (lbs_allocate_cmd_buffer(priv)) {
897 pr_err("Out of memory allocating command buffers\n");
898 ret = -ENOMEM;
899 goto out;
901 priv->resp_idx = 0;
902 priv->resp_len[0] = priv->resp_len[1] = 0;
904 /* Create the event FIFO */
905 ret = kfifo_alloc(&priv->event_fifo, sizeof(u32) * 16, GFP_KERNEL);
906 if (ret) {
907 pr_err("Out of memory allocating event FIFO buffer\n");
908 goto out;
911 out:
912 lbs_deb_leave_args(LBS_DEB_MAIN, "ret %d", ret);
914 return ret;
917 static void lbs_free_adapter(struct lbs_private *priv)
919 lbs_deb_enter(LBS_DEB_MAIN);
921 lbs_free_cmd_buffer(priv);
922 kfifo_free(&priv->event_fifo);
923 del_timer(&priv->command_timer);
924 del_timer(&priv->tx_lockup_timer);
925 del_timer(&priv->auto_deepsleep_timer);
927 lbs_deb_leave(LBS_DEB_MAIN);
930 static const struct net_device_ops lbs_netdev_ops = {
931 .ndo_open = lbs_dev_open,
932 .ndo_stop = lbs_eth_stop,
933 .ndo_start_xmit = lbs_hard_start_xmit,
934 .ndo_set_mac_address = lbs_set_mac_address,
935 .ndo_set_rx_mode = lbs_set_multicast_list,
936 .ndo_change_mtu = eth_change_mtu,
937 .ndo_validate_addr = eth_validate_addr,
941 * lbs_add_card - adds the card. It will probe the
942 * card, allocate the lbs_priv and initialize the device.
944 * @card: A pointer to card
945 * @dmdev: A pointer to &struct device
946 * returns: A pointer to &struct lbs_private structure
948 struct lbs_private *lbs_add_card(void *card, struct device *dmdev)
950 struct net_device *dev;
951 struct wireless_dev *wdev;
952 struct lbs_private *priv = NULL;
954 lbs_deb_enter(LBS_DEB_MAIN);
956 /* Allocate an Ethernet device and register it */
957 wdev = lbs_cfg_alloc(dmdev);
958 if (IS_ERR(wdev)) {
959 pr_err("cfg80211 init failed\n");
960 goto done;
963 wdev->iftype = NL80211_IFTYPE_STATION;
964 priv = wdev_priv(wdev);
965 priv->wdev = wdev;
967 if (lbs_init_adapter(priv)) {
968 pr_err("failed to initialize adapter structure\n");
969 goto err_wdev;
972 dev = alloc_netdev(0, "wlan%d", ether_setup);
973 if (!dev) {
974 dev_err(dmdev, "no memory for network device instance\n");
975 goto err_adapter;
978 dev->ieee80211_ptr = wdev;
979 dev->ml_priv = priv;
980 SET_NETDEV_DEV(dev, dmdev);
981 wdev->netdev = dev;
982 priv->dev = dev;
984 dev->netdev_ops = &lbs_netdev_ops;
985 dev->watchdog_timeo = 5 * HZ;
986 dev->ethtool_ops = &lbs_ethtool_ops;
987 dev->flags |= IFF_BROADCAST | IFF_MULTICAST;
989 priv->card = card;
991 strcpy(dev->name, "wlan%d");
993 lbs_deb_thread("Starting main thread...\n");
994 init_waitqueue_head(&priv->waitq);
995 priv->main_thread = kthread_run(lbs_thread, dev, "lbs_main");
996 if (IS_ERR(priv->main_thread)) {
997 lbs_deb_thread("Error creating main thread.\n");
998 goto err_ndev;
1001 priv->work_thread = create_singlethread_workqueue("lbs_worker");
1002 INIT_WORK(&priv->mcast_work, lbs_set_mcast_worker);
1004 priv->wol_criteria = EHS_REMOVE_WAKEUP;
1005 priv->wol_gpio = 0xff;
1006 priv->wol_gap = 20;
1007 priv->ehs_remove_supported = true;
1009 goto done;
1011 err_ndev:
1012 free_netdev(dev);
1014 err_adapter:
1015 lbs_free_adapter(priv);
1017 err_wdev:
1018 lbs_cfg_free(priv);
1020 priv = NULL;
1022 done:
1023 lbs_deb_leave_args(LBS_DEB_MAIN, "priv %p", priv);
1024 return priv;
1026 EXPORT_SYMBOL_GPL(lbs_add_card);
1029 void lbs_remove_card(struct lbs_private *priv)
1031 struct net_device *dev = priv->dev;
1033 lbs_deb_enter(LBS_DEB_MAIN);
1035 lbs_remove_mesh(priv);
1036 lbs_scan_deinit(priv);
1038 /* worker thread destruction blocks on the in-flight command which
1039 * should have been cleared already in lbs_stop_card().
1041 lbs_deb_main("destroying worker thread\n");
1042 destroy_workqueue(priv->work_thread);
1043 lbs_deb_main("done destroying worker thread\n");
1045 if (priv->psmode == LBS802_11POWERMODEMAX_PSP) {
1046 priv->psmode = LBS802_11POWERMODECAM;
1047 lbs_set_ps_mode(priv, PS_MODE_ACTION_EXIT_PS, true);
1050 if (priv->is_deep_sleep) {
1051 priv->is_deep_sleep = 0;
1052 wake_up_interruptible(&priv->ds_awake_q);
1055 priv->is_host_sleep_configured = 0;
1056 priv->is_host_sleep_activated = 0;
1057 wake_up_interruptible(&priv->host_sleep_q);
1059 /* Stop the thread servicing the interrupts */
1060 priv->surpriseremoved = 1;
1061 kthread_stop(priv->main_thread);
1063 lbs_free_adapter(priv);
1064 lbs_cfg_free(priv);
1065 free_netdev(dev);
1067 lbs_deb_leave(LBS_DEB_MAIN);
1069 EXPORT_SYMBOL_GPL(lbs_remove_card);
1072 int lbs_rtap_supported(struct lbs_private *priv)
1074 if (MRVL_FW_MAJOR_REV(priv->fwrelease) == MRVL_FW_V5)
1075 return 1;
1077 /* newer firmware use a capability mask */
1078 return ((MRVL_FW_MAJOR_REV(priv->fwrelease) >= MRVL_FW_V10) &&
1079 (priv->fwcapinfo & MESH_CAPINFO_ENABLE_MASK));
1083 int lbs_start_card(struct lbs_private *priv)
1085 struct net_device *dev = priv->dev;
1086 int ret = -1;
1088 lbs_deb_enter(LBS_DEB_MAIN);
1090 /* poke the firmware */
1091 ret = lbs_setup_firmware(priv);
1092 if (ret)
1093 goto done;
1095 if (!lbs_disablemesh)
1096 lbs_init_mesh(priv);
1097 else
1098 pr_info("%s: mesh disabled\n", dev->name);
1100 if (lbs_cfg_register(priv)) {
1101 pr_err("cannot register device\n");
1102 goto done;
1105 if (lbs_mesh_activated(priv))
1106 lbs_start_mesh(priv);
1108 lbs_debugfs_init_one(priv, dev);
1110 netdev_info(dev, "Marvell WLAN 802.11 adapter\n");
1112 ret = 0;
1114 done:
1115 lbs_deb_leave_args(LBS_DEB_MAIN, "ret %d", ret);
1116 return ret;
1118 EXPORT_SYMBOL_GPL(lbs_start_card);
1121 void lbs_stop_card(struct lbs_private *priv)
1123 struct net_device *dev;
1125 lbs_deb_enter(LBS_DEB_MAIN);
1127 if (!priv)
1128 goto out;
1129 dev = priv->dev;
1131 netif_stop_queue(dev);
1132 netif_carrier_off(dev);
1134 lbs_debugfs_remove_one(priv);
1135 lbs_deinit_mesh(priv);
1136 unregister_netdev(dev);
1138 out:
1139 lbs_deb_leave(LBS_DEB_MAIN);
1141 EXPORT_SYMBOL_GPL(lbs_stop_card);
1144 void lbs_queue_event(struct lbs_private *priv, u32 event)
1146 unsigned long flags;
1148 lbs_deb_enter(LBS_DEB_THREAD);
1149 spin_lock_irqsave(&priv->driver_lock, flags);
1151 if (priv->psstate == PS_STATE_SLEEP)
1152 priv->psstate = PS_STATE_AWAKE;
1154 kfifo_in(&priv->event_fifo, (unsigned char *) &event, sizeof(u32));
1156 wake_up(&priv->waitq);
1158 spin_unlock_irqrestore(&priv->driver_lock, flags);
1159 lbs_deb_leave(LBS_DEB_THREAD);
1161 EXPORT_SYMBOL_GPL(lbs_queue_event);
1163 void lbs_notify_command_response(struct lbs_private *priv, u8 resp_idx)
1165 lbs_deb_enter(LBS_DEB_THREAD);
1167 if (priv->psstate == PS_STATE_SLEEP)
1168 priv->psstate = PS_STATE_AWAKE;
1170 /* Swap buffers by flipping the response index */
1171 BUG_ON(resp_idx > 1);
1172 priv->resp_idx = resp_idx;
1174 wake_up(&priv->waitq);
1176 lbs_deb_leave(LBS_DEB_THREAD);
1178 EXPORT_SYMBOL_GPL(lbs_notify_command_response);
1181 * lbs_get_firmware - Retrieves two-stage firmware
1183 * @dev: A pointer to &device structure
1184 * @user_helper: User-defined helper firmware file
1185 * @user_mainfw: User-defined main firmware file
1186 * @card_model: Bus-specific card model ID used to filter firmware table
1187 * elements
1188 * @fw_table: Table of firmware file names and device model numbers
1189 * terminated by an entry with a NULL helper name
1190 * @helper: On success, the helper firmware; caller must free
1191 * @mainfw: On success, the main firmware; caller must free
1193 * returns: 0 on success, non-zero on failure
1195 int lbs_get_firmware(struct device *dev, const char *user_helper,
1196 const char *user_mainfw, u32 card_model,
1197 const struct lbs_fw_table *fw_table,
1198 const struct firmware **helper,
1199 const struct firmware **mainfw)
1201 const struct lbs_fw_table *iter;
1202 int ret;
1204 BUG_ON(helper == NULL);
1205 BUG_ON(mainfw == NULL);
1207 /* Try user-specified firmware first */
1208 if (user_helper) {
1209 ret = request_firmware(helper, user_helper, dev);
1210 if (ret) {
1211 dev_err(dev, "couldn't find helper firmware %s\n",
1212 user_helper);
1213 goto fail;
1216 if (user_mainfw) {
1217 ret = request_firmware(mainfw, user_mainfw, dev);
1218 if (ret) {
1219 dev_err(dev, "couldn't find main firmware %s\n",
1220 user_mainfw);
1221 goto fail;
1225 if (*helper && *mainfw)
1226 return 0;
1228 /* Otherwise search for firmware to use. If neither the helper or
1229 * the main firmware were specified by the user, then we need to
1230 * make sure that found helper & main are from the same entry in
1231 * fw_table.
1233 iter = fw_table;
1234 while (iter && iter->helper) {
1235 if (iter->model != card_model)
1236 goto next;
1238 if (*helper == NULL) {
1239 ret = request_firmware(helper, iter->helper, dev);
1240 if (ret)
1241 goto next;
1243 /* If the device has one-stage firmware (ie cf8305) and
1244 * we've got it then we don't need to bother with the
1245 * main firmware.
1247 if (iter->fwname == NULL)
1248 return 0;
1251 if (*mainfw == NULL) {
1252 ret = request_firmware(mainfw, iter->fwname, dev);
1253 if (ret && !user_helper) {
1254 /* Clear the helper if it wasn't user-specified
1255 * and the main firmware load failed, to ensure
1256 * we don't have mismatched firmware pairs.
1258 release_firmware(*helper);
1259 *helper = NULL;
1263 if (*helper && *mainfw)
1264 return 0;
1266 next:
1267 iter++;
1270 fail:
1271 /* Failed */
1272 if (*helper) {
1273 release_firmware(*helper);
1274 *helper = NULL;
1276 if (*mainfw) {
1277 release_firmware(*mainfw);
1278 *mainfw = NULL;
1281 return -ENOENT;
1283 EXPORT_SYMBOL_GPL(lbs_get_firmware);
1285 static int __init lbs_init_module(void)
1287 lbs_deb_enter(LBS_DEB_MAIN);
1288 memset(&confirm_sleep, 0, sizeof(confirm_sleep));
1289 confirm_sleep.hdr.command = cpu_to_le16(CMD_802_11_PS_MODE);
1290 confirm_sleep.hdr.size = cpu_to_le16(sizeof(confirm_sleep));
1291 confirm_sleep.action = cpu_to_le16(PS_MODE_ACTION_SLEEP_CONFIRMED);
1292 lbs_debugfs_init();
1293 lbs_deb_leave(LBS_DEB_MAIN);
1294 return 0;
1297 static void __exit lbs_exit_module(void)
1299 lbs_deb_enter(LBS_DEB_MAIN);
1300 lbs_debugfs_remove();
1301 lbs_deb_leave(LBS_DEB_MAIN);
1304 module_init(lbs_init_module);
1305 module_exit(lbs_exit_module);
1307 MODULE_DESCRIPTION("Libertas WLAN Driver Library");
1308 MODULE_AUTHOR("Marvell International Ltd.");
1309 MODULE_LICENSE("GPL");