root/drivers/net/wimax/i2400m/control.c

/* [<][>][^][v][top][bottom][index][help] */

DEFINITIONS

This source file includes following definitions.
  1. i2400m_tlv_match
  2. i2400m_tlv_buffer_walk
  3. i2400m_tlv_find
  4. i2400m_msg_check_status
  5. i2400m_report_tlv_system_state
  6. i2400m_report_tlv_media_status
  7. i2400m_report_state_parse_tlv
  8. i2400m_report_state_hook
  9. i2400m_report_hook
  10. i2400m_msg_ack_hook
  11. i2400m_msg_size_check
  12. i2400m_msg_to_dev_cancel_wait
  13. i2400m_msg_to_dev
  14. i2400m_cmd_enter_powersave
  15. i2400m_get_device_info
  16. i2400m_firmware_check
  17. i2400m_cmd_exit_idle
  18. i2400m_cmd_get_state
  19. i2400m_set_init_config
  20. i2400m_set_idle_timeout
  21. i2400m_dev_initialize
  22. i2400m_dev_shutdown
   1 /*
   2  * Intel Wireless WiMAX Connection 2400m
   3  * Miscellaneous control functions for managing the device
   4  *
   5  *
   6  * Copyright (C) 2007-2008 Intel Corporation. All rights reserved.
   7  *
   8  * Redistribution and use in source and binary forms, with or without
   9  * modification, are permitted provided that the following conditions
  10  * are met:
  11  *
  12  *   * Redistributions of source code must retain the above copyright
  13  *     notice, this list of conditions and the following disclaimer.
  14  *   * Redistributions in binary form must reproduce the above copyright
  15  *     notice, this list of conditions and the following disclaimer in
  16  *     the documentation and/or other materials provided with the
  17  *     distribution.
  18  *   * Neither the name of Intel Corporation nor the names of its
  19  *     contributors may be used to endorse or promote products derived
  20  *     from this software without specific prior written permission.
  21  *
  22  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
  23  * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
  24  * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
  25  * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
  26  * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  27  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
  28  * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
  29  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
  30  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
  31  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
  32  * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  33  *
  34  *
  35  * Intel Corporation <linux-wimax@intel.com>
  36  * Inaky Perez-Gonzalez <inaky.perez-gonzalez@intel.com>
  37  *  - Initial implementation
  38  *
  39  * This is a collection of functions used to control the device (plus
  40  * a few helpers).
  41  *
  42  * There are utilities for handling TLV buffers, hooks on the device's
  43  * reports to act on device changes of state [i2400m_report_hook()],
  44  * on acks to commands [i2400m_msg_ack_hook()], a helper for sending
  45  * commands to the device and blocking until a reply arrives
  46  * [i2400m_msg_to_dev()], a few high level commands for manipulating
  47  * the device state, powersving mode and configuration plus the
  48  * routines to setup the device once communication is stablished with
  49  * it [i2400m_dev_initialize()].
  50  *
  51  * ROADMAP
  52  *
  53  * i2400m_dev_initialize()       Called by i2400m_dev_start()
  54  *   i2400m_set_init_config()
  55  *   i2400m_cmd_get_state()
  56  * i2400m_dev_shutdown()        Called by i2400m_dev_stop()
  57  *   i2400m_reset()
  58  *
  59  * i2400m_{cmd,get,set}_*()
  60  *   i2400m_msg_to_dev()
  61  *   i2400m_msg_check_status()
  62  *
  63  * i2400m_report_hook()         Called on reception of an event
  64  *   i2400m_report_state_hook()
  65  *     i2400m_tlv_buffer_walk()
  66  *     i2400m_tlv_match()
  67  *     i2400m_report_tlv_system_state()
  68  *     i2400m_report_tlv_rf_switches_status()
  69  *     i2400m_report_tlv_media_status()
  70  *   i2400m_cmd_enter_powersave()
  71  *
  72  * i2400m_msg_ack_hook()        Called on reception of a reply to a
  73  *                              command, get or set
  74  */
  75 
  76 #include <stdarg.h>
  77 #include "i2400m.h"
  78 #include <linux/kernel.h>
  79 #include <linux/slab.h>
  80 #include <linux/wimax/i2400m.h>
  81 #include <linux/export.h>
  82 #include <linux/moduleparam.h>
  83 
  84 
  85 #define D_SUBMODULE control
  86 #include "debug-levels.h"
  87 
  88 static int i2400m_idle_mode_disabled;/* 0 (idle mode enabled) by default */
  89 module_param_named(idle_mode_disabled, i2400m_idle_mode_disabled, int, 0644);
  90 MODULE_PARM_DESC(idle_mode_disabled,
  91                  "If true, the device will not enable idle mode negotiation "
  92                  "with the base station (when connected) to save power.");
  93 
  94 /* 0 (power saving enabled) by default */
  95 static int i2400m_power_save_disabled;
  96 module_param_named(power_save_disabled, i2400m_power_save_disabled, int, 0644);
  97 MODULE_PARM_DESC(power_save_disabled,
  98                  "If true, the driver will not tell the device to enter "
  99                  "power saving mode when it reports it is ready for it. "
 100                  "False by default (so the device is told to do power "
 101                  "saving).");
 102 
 103 static int i2400m_passive_mode; /* 0 (passive mode disabled) by default */
 104 module_param_named(passive_mode, i2400m_passive_mode, int, 0644);
 105 MODULE_PARM_DESC(passive_mode,
 106                  "If true, the driver will not do any device setup "
 107                  "and leave it up to user space, who must be properly "
 108                  "setup.");
 109 
 110 
 111 /*
 112  * Return if a TLV is of a give type and size
 113  *
 114  * @tlv_hdr: pointer to the TLV
 115  * @tlv_type: type of the TLV we are looking for
 116  * @tlv_size: expected size of the TLV we are looking for (if -1,
 117  *            don't check the size). This includes the header
 118  * Returns: 0 if the TLV matches
 119  *          < 0 if it doesn't match at all
 120  *          > 0 total TLV + payload size, if the type matches, but not
 121  *              the size
 122  */
 123 static
 124 ssize_t i2400m_tlv_match(const struct i2400m_tlv_hdr *tlv,
 125                      enum i2400m_tlv tlv_type, ssize_t tlv_size)
 126 {
 127         if (le16_to_cpu(tlv->type) != tlv_type) /* Not our type? skip */
 128                 return -1;
 129         if (tlv_size != -1
 130             && le16_to_cpu(tlv->length) + sizeof(*tlv) != tlv_size) {
 131                 size_t size = le16_to_cpu(tlv->length) + sizeof(*tlv);
 132                 printk(KERN_WARNING "W: tlv type 0x%x mismatched because of "
 133                        "size (got %zu vs %zd expected)\n",
 134                        tlv_type, size, tlv_size);
 135                 return size;
 136         }
 137         return 0;
 138 }
 139 
 140 
 141 /*
 142  * Given a buffer of TLVs, iterate over them
 143  *
 144  * @i2400m: device instance
 145  * @tlv_buf: pointer to the beginning of the TLV buffer
 146  * @buf_size: buffer size in bytes
 147  * @tlv_pos: seek position; this is assumed to be a pointer returned
 148  *           by i2400m_tlv_buffer_walk() [and thus, validated]. The
 149  *           TLV returned will be the one following this one.
 150  *
 151  * Usage:
 152  *
 153  * tlv_itr = NULL;
 154  * while (tlv_itr = i2400m_tlv_buffer_walk(i2400m, buf, size, tlv_itr))  {
 155  *         ...
 156  *         // Do stuff with tlv_itr, DON'T MODIFY IT
 157  *         ...
 158  * }
 159  */
 160 static
 161 const struct i2400m_tlv_hdr *i2400m_tlv_buffer_walk(
 162         struct i2400m *i2400m,
 163         const void *tlv_buf, size_t buf_size,
 164         const struct i2400m_tlv_hdr *tlv_pos)
 165 {
 166         struct device *dev = i2400m_dev(i2400m);
 167         const struct i2400m_tlv_hdr *tlv_top = tlv_buf + buf_size;
 168         size_t offset, length, avail_size;
 169         unsigned type;
 170 
 171         if (tlv_pos == NULL)    /* Take the first one? */
 172                 tlv_pos = tlv_buf;
 173         else                    /* Nope, the next one */
 174                 tlv_pos = (void *) tlv_pos
 175                         + le16_to_cpu(tlv_pos->length) + sizeof(*tlv_pos);
 176         if (tlv_pos == tlv_top) {       /* buffer done */
 177                 tlv_pos = NULL;
 178                 goto error_beyond_end;
 179         }
 180         if (tlv_pos > tlv_top) {
 181                 tlv_pos = NULL;
 182                 WARN_ON(1);
 183                 goto error_beyond_end;
 184         }
 185         offset = (void *) tlv_pos - (void *) tlv_buf;
 186         avail_size = buf_size - offset;
 187         if (avail_size < sizeof(*tlv_pos)) {
 188                 dev_err(dev, "HW BUG? tlv_buf %p [%zu bytes], tlv @%zu: "
 189                         "short header\n", tlv_buf, buf_size, offset);
 190                 goto error_short_header;
 191         }
 192         type = le16_to_cpu(tlv_pos->type);
 193         length = le16_to_cpu(tlv_pos->length);
 194         if (avail_size < sizeof(*tlv_pos) + length) {
 195                 dev_err(dev, "HW BUG? tlv_buf %p [%zu bytes], "
 196                         "tlv type 0x%04x @%zu: "
 197                         "short data (%zu bytes vs %zu needed)\n",
 198                         tlv_buf, buf_size, type, offset, avail_size,
 199                         sizeof(*tlv_pos) + length);
 200                 goto error_short_header;
 201         }
 202 error_short_header:
 203 error_beyond_end:
 204         return tlv_pos;
 205 }
 206 
 207 
 208 /*
 209  * Find a TLV in a buffer of sequential TLVs
 210  *
 211  * @i2400m: device descriptor
 212  * @tlv_hdr: pointer to the first TLV in the sequence
 213  * @size: size of the buffer in bytes; all TLVs are assumed to fit
 214  *        fully in the buffer (otherwise we'll complain).
 215  * @tlv_type: type of the TLV we are looking for
 216  * @tlv_size: expected size of the TLV we are looking for (if -1,
 217  *            don't check the size). This includes the header
 218  *
 219  * Returns: NULL if the TLV is not found, otherwise a pointer to
 220  *          it. If the sizes don't match, an error is printed and NULL
 221  *          returned.
 222  */
 223 static
 224 const struct i2400m_tlv_hdr *i2400m_tlv_find(
 225         struct i2400m *i2400m,
 226         const struct i2400m_tlv_hdr *tlv_hdr, size_t size,
 227         enum i2400m_tlv tlv_type, ssize_t tlv_size)
 228 {
 229         ssize_t match;
 230         struct device *dev = i2400m_dev(i2400m);
 231         const struct i2400m_tlv_hdr *tlv = NULL;
 232         while ((tlv = i2400m_tlv_buffer_walk(i2400m, tlv_hdr, size, tlv))) {
 233                 match = i2400m_tlv_match(tlv, tlv_type, tlv_size);
 234                 if (match == 0)         /* found it :) */
 235                         break;
 236                 if (match > 0)
 237                         dev_warn(dev, "TLV type 0x%04x found with size "
 238                                  "mismatch (%zu vs %zd needed)\n",
 239                                  tlv_type, match, tlv_size);
 240         }
 241         return tlv;
 242 }
 243 
 244 
 245 static const struct
 246 {
 247         char *msg;
 248         int errno;
 249 } ms_to_errno[I2400M_MS_MAX] = {
 250         [I2400M_MS_DONE_OK] = { "", 0 },
 251         [I2400M_MS_DONE_IN_PROGRESS] = { "", 0 },
 252         [I2400M_MS_INVALID_OP] = { "invalid opcode", -ENOSYS },
 253         [I2400M_MS_BAD_STATE] = { "invalid state", -EILSEQ },
 254         [I2400M_MS_ILLEGAL_VALUE] = { "illegal value", -EINVAL },
 255         [I2400M_MS_MISSING_PARAMS] = { "missing parameters", -ENOMSG },
 256         [I2400M_MS_VERSION_ERROR] = { "bad version", -EIO },
 257         [I2400M_MS_ACCESSIBILITY_ERROR] = { "accesibility error", -EIO },
 258         [I2400M_MS_BUSY] = { "busy", -EBUSY },
 259         [I2400M_MS_CORRUPTED_TLV] = { "corrupted TLV", -EILSEQ },
 260         [I2400M_MS_UNINITIALIZED] = { "uninitialized", -EILSEQ },
 261         [I2400M_MS_UNKNOWN_ERROR] = { "unknown error", -EIO },
 262         [I2400M_MS_PRODUCTION_ERROR] = { "production error", -EIO },
 263         [I2400M_MS_NO_RF] = { "no RF", -EIO },
 264         [I2400M_MS_NOT_READY_FOR_POWERSAVE] =
 265                 { "not ready for powersave", -EACCES },
 266         [I2400M_MS_THERMAL_CRITICAL] = { "thermal critical", -EL3HLT },
 267 };
 268 
 269 
 270 /*
 271  * i2400m_msg_check_status - translate a message's status code
 272  *
 273  * @i2400m: device descriptor
 274  * @l3l4_hdr: message header
 275  * @strbuf: buffer to place a formatted error message (unless NULL).
 276  * @strbuf_size: max amount of available space; larger messages will
 277  * be truncated.
 278  *
 279  * Returns: errno code corresponding to the status code in @l3l4_hdr
 280  *          and a message in @strbuf describing the error.
 281  */
 282 int i2400m_msg_check_status(const struct i2400m_l3l4_hdr *l3l4_hdr,
 283                             char *strbuf, size_t strbuf_size)
 284 {
 285         int result;
 286         enum i2400m_ms status = le16_to_cpu(l3l4_hdr->status);
 287         const char *str;
 288 
 289         if (status == 0)
 290                 return 0;
 291         if (status >= ARRAY_SIZE(ms_to_errno)) {
 292                 str = "unknown status code";
 293                 result = -EBADR;
 294         } else {
 295                 str = ms_to_errno[status].msg;
 296                 result = ms_to_errno[status].errno;
 297         }
 298         if (strbuf)
 299                 snprintf(strbuf, strbuf_size, "%s (%d)", str, status);
 300         return result;
 301 }
 302 
 303 
 304 /*
 305  * Act on a TLV System State reported by the device
 306  *
 307  * @i2400m: device descriptor
 308  * @ss: validated System State TLV
 309  */
 310 static
 311 void i2400m_report_tlv_system_state(struct i2400m *i2400m,
 312                                     const struct i2400m_tlv_system_state *ss)
 313 {
 314         struct device *dev = i2400m_dev(i2400m);
 315         struct wimax_dev *wimax_dev = &i2400m->wimax_dev;
 316         enum i2400m_system_state i2400m_state = le32_to_cpu(ss->state);
 317 
 318         d_fnstart(3, dev, "(i2400m %p ss %p [%u])\n", i2400m, ss, i2400m_state);
 319 
 320         if (i2400m->state != i2400m_state) {
 321                 i2400m->state = i2400m_state;
 322                 wake_up_all(&i2400m->state_wq);
 323         }
 324         switch (i2400m_state) {
 325         case I2400M_SS_UNINITIALIZED:
 326         case I2400M_SS_INIT:
 327         case I2400M_SS_CONFIG:
 328         case I2400M_SS_PRODUCTION:
 329                 wimax_state_change(wimax_dev, WIMAX_ST_UNINITIALIZED);
 330                 break;
 331 
 332         case I2400M_SS_RF_OFF:
 333         case I2400M_SS_RF_SHUTDOWN:
 334                 wimax_state_change(wimax_dev, WIMAX_ST_RADIO_OFF);
 335                 break;
 336 
 337         case I2400M_SS_READY:
 338         case I2400M_SS_STANDBY:
 339         case I2400M_SS_SLEEPACTIVE:
 340                 wimax_state_change(wimax_dev, WIMAX_ST_READY);
 341                 break;
 342 
 343         case I2400M_SS_CONNECTING:
 344         case I2400M_SS_WIMAX_CONNECTED:
 345                 wimax_state_change(wimax_dev, WIMAX_ST_READY);
 346                 break;
 347 
 348         case I2400M_SS_SCAN:
 349         case I2400M_SS_OUT_OF_ZONE:
 350                 wimax_state_change(wimax_dev, WIMAX_ST_SCANNING);
 351                 break;
 352 
 353         case I2400M_SS_IDLE:
 354                 d_printf(1, dev, "entering BS-negotiated idle mode\n");
 355                 /* Fall through */
 356         case I2400M_SS_DISCONNECTING:
 357         case I2400M_SS_DATA_PATH_CONNECTED:
 358                 wimax_state_change(wimax_dev, WIMAX_ST_CONNECTED);
 359                 break;
 360 
 361         default:
 362                 /* Huh? just in case, shut it down */
 363                 dev_err(dev, "HW BUG? unknown state %u: shutting down\n",
 364                         i2400m_state);
 365                 i2400m_reset(i2400m, I2400M_RT_WARM);
 366                 break;
 367         }
 368         d_fnend(3, dev, "(i2400m %p ss %p [%u]) = void\n",
 369                 i2400m, ss, i2400m_state);
 370 }
 371 
 372 
 373 /*
 374  * Parse and act on a TLV Media Status sent by the device
 375  *
 376  * @i2400m: device descriptor
 377  * @ms: validated Media Status TLV
 378  *
 379  * This will set the carrier up on down based on the device's link
 380  * report. This is done asides of what the WiMAX stack does based on
 381  * the device's state as sometimes we need to do a link-renew (the BS
 382  * wants us to renew a DHCP lease, for example).
 383  *
 384  * In fact, doc says that every time we get a link-up, we should do a
 385  * DHCP negotiation...
 386  */
 387 static
 388 void i2400m_report_tlv_media_status(struct i2400m *i2400m,
 389                                     const struct i2400m_tlv_media_status *ms)
 390 {
 391         struct device *dev = i2400m_dev(i2400m);
 392         struct wimax_dev *wimax_dev = &i2400m->wimax_dev;
 393         struct net_device *net_dev = wimax_dev->net_dev;
 394         enum i2400m_media_status status = le32_to_cpu(ms->media_status);
 395 
 396         d_fnstart(3, dev, "(i2400m %p ms %p [%u])\n", i2400m, ms, status);
 397 
 398         switch (status) {
 399         case I2400M_MEDIA_STATUS_LINK_UP:
 400                 netif_carrier_on(net_dev);
 401                 break;
 402         case I2400M_MEDIA_STATUS_LINK_DOWN:
 403                 netif_carrier_off(net_dev);
 404                 break;
 405         /*
 406          * This is the network telling us we need to retrain the DHCP
 407          * lease -- so far, we are trusting the WiMAX Network Service
 408          * in user space to pick this up and poke the DHCP client.
 409          */
 410         case I2400M_MEDIA_STATUS_LINK_RENEW:
 411                 netif_carrier_on(net_dev);
 412                 break;
 413         default:
 414                 dev_err(dev, "HW BUG? unknown media status %u\n",
 415                         status);
 416         }
 417         d_fnend(3, dev, "(i2400m %p ms %p [%u]) = void\n",
 418                 i2400m, ms, status);
 419 }
 420 
 421 
 422 /*
 423  * Process a TLV from a 'state report'
 424  *
 425  * @i2400m: device descriptor
 426  * @tlv: pointer to the TLV header; it has been already validated for
 427  *     consistent size.
 428  * @tag: for error messages
 429  *
 430  * Act on the TLVs from a 'state report'.
 431  */
 432 static
 433 void i2400m_report_state_parse_tlv(struct i2400m *i2400m,
 434                                    const struct i2400m_tlv_hdr *tlv,
 435                                    const char *tag)
 436 {
 437         struct device *dev = i2400m_dev(i2400m);
 438         const struct i2400m_tlv_media_status *ms;
 439         const struct i2400m_tlv_system_state *ss;
 440         const struct i2400m_tlv_rf_switches_status *rfss;
 441 
 442         if (0 == i2400m_tlv_match(tlv, I2400M_TLV_SYSTEM_STATE, sizeof(*ss))) {
 443                 ss = container_of(tlv, typeof(*ss), hdr);
 444                 d_printf(2, dev, "%s: system state TLV "
 445                          "found (0x%04x), state 0x%08x\n",
 446                          tag, I2400M_TLV_SYSTEM_STATE,
 447                          le32_to_cpu(ss->state));
 448                 i2400m_report_tlv_system_state(i2400m, ss);
 449         }
 450         if (0 == i2400m_tlv_match(tlv, I2400M_TLV_RF_STATUS, sizeof(*rfss))) {
 451                 rfss = container_of(tlv, typeof(*rfss), hdr);
 452                 d_printf(2, dev, "%s: RF status TLV "
 453                          "found (0x%04x), sw 0x%02x hw 0x%02x\n",
 454                          tag, I2400M_TLV_RF_STATUS,
 455                          le32_to_cpu(rfss->sw_rf_switch),
 456                          le32_to_cpu(rfss->hw_rf_switch));
 457                 i2400m_report_tlv_rf_switches_status(i2400m, rfss);
 458         }
 459         if (0 == i2400m_tlv_match(tlv, I2400M_TLV_MEDIA_STATUS, sizeof(*ms))) {
 460                 ms = container_of(tlv, typeof(*ms), hdr);
 461                 d_printf(2, dev, "%s: Media Status TLV: %u\n",
 462                          tag, le32_to_cpu(ms->media_status));
 463                 i2400m_report_tlv_media_status(i2400m, ms);
 464         }
 465 }
 466 
 467 
 468 /*
 469  * Parse a 'state report' and extract information
 470  *
 471  * @i2400m: device descriptor
 472  * @l3l4_hdr: pointer to message; it has been already validated for
 473  *            consistent size.
 474  * @size: size of the message (header + payload). The header length
 475  *        declaration is assumed to be congruent with @size (as in
 476  *        sizeof(*l3l4_hdr) + l3l4_hdr->length == size)
 477  *
 478  * Walk over the TLVs in a report state and act on them.
 479  */
 480 static
 481 void i2400m_report_state_hook(struct i2400m *i2400m,
 482                               const struct i2400m_l3l4_hdr *l3l4_hdr,
 483                               size_t size, const char *tag)
 484 {
 485         struct device *dev = i2400m_dev(i2400m);
 486         const struct i2400m_tlv_hdr *tlv;
 487         size_t tlv_size = le16_to_cpu(l3l4_hdr->length);
 488 
 489         d_fnstart(4, dev, "(i2400m %p, l3l4_hdr %p, size %zu, %s)\n",
 490                   i2400m, l3l4_hdr, size, tag);
 491         tlv = NULL;
 492 
 493         while ((tlv = i2400m_tlv_buffer_walk(i2400m, &l3l4_hdr->pl,
 494                                              tlv_size, tlv)))
 495                 i2400m_report_state_parse_tlv(i2400m, tlv, tag);
 496         d_fnend(4, dev, "(i2400m %p, l3l4_hdr %p, size %zu, %s) = void\n",
 497                 i2400m, l3l4_hdr, size, tag);
 498 }
 499 
 500 
 501 /*
 502  * i2400m_report_hook - (maybe) act on a report
 503  *
 504  * @i2400m: device descriptor
 505  * @l3l4_hdr: pointer to message; it has been already validated for
 506  *            consistent size.
 507  * @size: size of the message (header + payload). The header length
 508  *        declaration is assumed to be congruent with @size (as in
 509  *        sizeof(*l3l4_hdr) + l3l4_hdr->length == size)
 510  *
 511  * Extract information we might need (like carrien on/off) from a
 512  * device report.
 513  */
 514 void i2400m_report_hook(struct i2400m *i2400m,
 515                         const struct i2400m_l3l4_hdr *l3l4_hdr, size_t size)
 516 {
 517         struct device *dev = i2400m_dev(i2400m);
 518         unsigned msg_type;
 519 
 520         d_fnstart(3, dev, "(i2400m %p l3l4_hdr %p size %zu)\n",
 521                   i2400m, l3l4_hdr, size);
 522         /* Chew on the message, we might need some information from
 523          * here */
 524         msg_type = le16_to_cpu(l3l4_hdr->type);
 525         switch (msg_type) {
 526         case I2400M_MT_REPORT_STATE:    /* carrier detection... */
 527                 i2400m_report_state_hook(i2400m,
 528                                          l3l4_hdr, size, "REPORT STATE");
 529                 break;
 530         /* If the device is ready for power save, then ask it to do
 531          * it. */
 532         case I2400M_MT_REPORT_POWERSAVE_READY:  /* zzzzz */
 533                 if (l3l4_hdr->status == cpu_to_le16(I2400M_MS_DONE_OK)) {
 534                         if (i2400m_power_save_disabled)
 535                                 d_printf(1, dev, "ready for powersave, "
 536                                          "not requesting (disabled by module "
 537                                          "parameter)\n");
 538                         else {
 539                                 d_printf(1, dev, "ready for powersave, "
 540                                          "requesting\n");
 541                                 i2400m_cmd_enter_powersave(i2400m);
 542                         }
 543                 }
 544                 break;
 545         }
 546         d_fnend(3, dev, "(i2400m %p l3l4_hdr %p size %zu) = void\n",
 547                 i2400m, l3l4_hdr, size);
 548 }
 549 
 550 
 551 /*
 552  * i2400m_msg_ack_hook - process cmd/set/get ack for internal status
 553  *
 554  * @i2400m: device descriptor
 555  * @l3l4_hdr: pointer to message; it has been already validated for
 556  *            consistent size.
 557  * @size: size of the message
 558  *
 559  * Extract information we might need from acks to commands and act on
 560  * it. This is akin to i2400m_report_hook(). Note most of this
 561  * processing should be done in the function that calls the
 562  * command. This is here for some cases where it can't happen...
 563  */
 564 static void i2400m_msg_ack_hook(struct i2400m *i2400m,
 565                                  const struct i2400m_l3l4_hdr *l3l4_hdr,
 566                                  size_t size)
 567 {
 568         int result;
 569         struct device *dev = i2400m_dev(i2400m);
 570         unsigned int ack_type;
 571         char strerr[32];
 572 
 573         /* Chew on the message, we might need some information from
 574          * here */
 575         ack_type = le16_to_cpu(l3l4_hdr->type);
 576         switch (ack_type) {
 577         case I2400M_MT_CMD_ENTER_POWERSAVE:
 578                 /* This is just left here for the sake of example, as
 579                  * the processing is done somewhere else. */
 580                 if (0) {
 581                         result = i2400m_msg_check_status(
 582                                 l3l4_hdr, strerr, sizeof(strerr));
 583                         if (result >= 0)
 584                                 d_printf(1, dev, "ready for power save: %zd\n",
 585                                          size);
 586                 }
 587                 break;
 588         }
 589 }
 590 
 591 
 592 /*
 593  * i2400m_msg_size_check() - verify message size and header are congruent
 594  *
 595  * It is ok if the total message size is larger than the expected
 596  * size, as there can be padding.
 597  */
 598 int i2400m_msg_size_check(struct i2400m *i2400m,
 599                           const struct i2400m_l3l4_hdr *l3l4_hdr,
 600                           size_t msg_size)
 601 {
 602         int result;
 603         struct device *dev = i2400m_dev(i2400m);
 604         size_t expected_size;
 605         d_fnstart(4, dev, "(i2400m %p l3l4_hdr %p msg_size %zu)\n",
 606                   i2400m, l3l4_hdr, msg_size);
 607         if (msg_size < sizeof(*l3l4_hdr)) {
 608                 dev_err(dev, "bad size for message header "
 609                         "(expected at least %zu, got %zu)\n",
 610                         (size_t) sizeof(*l3l4_hdr), msg_size);
 611                 result = -EIO;
 612                 goto error_hdr_size;
 613         }
 614         expected_size = le16_to_cpu(l3l4_hdr->length) + sizeof(*l3l4_hdr);
 615         if (msg_size < expected_size) {
 616                 dev_err(dev, "bad size for message code 0x%04x (expected %zu, "
 617                         "got %zu)\n", le16_to_cpu(l3l4_hdr->type),
 618                         expected_size, msg_size);
 619                 result = -EIO;
 620         } else
 621                 result = 0;
 622 error_hdr_size:
 623         d_fnend(4, dev,
 624                 "(i2400m %p l3l4_hdr %p msg_size %zu) = %d\n",
 625                 i2400m, l3l4_hdr, msg_size, result);
 626         return result;
 627 }
 628 
 629 
 630 
 631 /*
 632  * Cancel a wait for a command ACK
 633  *
 634  * @i2400m: device descriptor
 635  * @code: [negative] errno code to cancel with (don't use
 636  *     -EINPROGRESS)
 637  *
 638  * If there is an ack already filled out, free it.
 639  */
 640 void i2400m_msg_to_dev_cancel_wait(struct i2400m *i2400m, int code)
 641 {
 642         struct sk_buff *ack_skb;
 643         unsigned long flags;
 644 
 645         spin_lock_irqsave(&i2400m->rx_lock, flags);
 646         ack_skb = i2400m->ack_skb;
 647         if (ack_skb && !IS_ERR(ack_skb))
 648                 kfree_skb(ack_skb);
 649         i2400m->ack_skb = ERR_PTR(code);
 650         spin_unlock_irqrestore(&i2400m->rx_lock, flags);
 651 }
 652 
 653 
 654 /**
 655  * i2400m_msg_to_dev - Send a control message to the device and get a response
 656  *
 657  * @i2400m: device descriptor
 658  *
 659  * @msg_skb: an skb  *
 660  *
 661  * @buf: pointer to the buffer containing the message to be sent; it
 662  *           has to start with a &struct i2400M_l3l4_hdr and then
 663  *           followed by the payload. Once this function returns, the
 664  *           buffer can be reused.
 665  *
 666  * @buf_len: buffer size
 667  *
 668  * Returns:
 669  *
 670  * Pointer to skb containing the ack message. You need to check the
 671  * pointer with IS_ERR(), as it might be an error code. Error codes
 672  * could happen because:
 673  *
 674  *  - the message wasn't formatted correctly
 675  *  - couldn't send the message
 676  *  - failed waiting for a response
 677  *  - the ack message wasn't formatted correctly
 678  *
 679  * The returned skb has been allocated with wimax_msg_to_user_alloc(),
 680  * it contains the response in a netlink attribute and is ready to be
 681  * passed up to user space with wimax_msg_to_user_send(). To access
 682  * the payload and its length, use wimax_msg_{data,len}() on the skb.
 683  *
 684  * The skb has to be freed with kfree_skb() once done.
 685  *
 686  * Description:
 687  *
 688  * This function delivers a message/command to the device and waits
 689  * for an ack to be received. The format is described in
 690  * linux/wimax/i2400m.h. In summary, a command/get/set is followed by an
 691  * ack.
 692  *
 693  * This function will not check the ack status, that's left up to the
 694  * caller.  Once done with the ack skb, it has to be kfree_skb()ed.
 695  *
 696  * The i2400m handles only one message at the same time, thus we need
 697  * the mutex to exclude other players.
 698  *
 699  * We write the message and then wait for an answer to come back. The
 700  * RX path intercepts control messages and handles them in
 701  * i2400m_rx_ctl(). Reports (notifications) are (maybe) processed
 702  * locally and then forwarded (as needed) to user space on the WiMAX
 703  * stack message pipe. Acks are saved and passed back to us through an
 704  * skb in i2400m->ack_skb which is ready to be given to generic
 705  * netlink if need be.
 706  */
 707 struct sk_buff *i2400m_msg_to_dev(struct i2400m *i2400m,
 708                                   const void *buf, size_t buf_len)
 709 {
 710         int result;
 711         struct device *dev = i2400m_dev(i2400m);
 712         const struct i2400m_l3l4_hdr *msg_l3l4_hdr;
 713         struct sk_buff *ack_skb;
 714         const struct i2400m_l3l4_hdr *ack_l3l4_hdr;
 715         size_t ack_len;
 716         int ack_timeout;
 717         unsigned msg_type;
 718         unsigned long flags;
 719 
 720         d_fnstart(3, dev, "(i2400m %p buf %p len %zu)\n",
 721                   i2400m, buf, buf_len);
 722 
 723         rmb();          /* Make sure we see what i2400m_dev_reset_handle() */
 724         if (i2400m->boot_mode)
 725                 return ERR_PTR(-EL3RST);
 726 
 727         msg_l3l4_hdr = buf;
 728         /* Check msg & payload consistency */
 729         result = i2400m_msg_size_check(i2400m, msg_l3l4_hdr, buf_len);
 730         if (result < 0)
 731                 goto error_bad_msg;
 732         msg_type = le16_to_cpu(msg_l3l4_hdr->type);
 733         d_printf(1, dev, "CMD/GET/SET 0x%04x %zu bytes\n",
 734                  msg_type, buf_len);
 735         d_dump(2, dev, buf, buf_len);
 736 
 737         /* Setup the completion, ack_skb ("we are waiting") and send
 738          * the message to the device */
 739         mutex_lock(&i2400m->msg_mutex);
 740         spin_lock_irqsave(&i2400m->rx_lock, flags);
 741         i2400m->ack_skb = ERR_PTR(-EINPROGRESS);
 742         spin_unlock_irqrestore(&i2400m->rx_lock, flags);
 743         init_completion(&i2400m->msg_completion);
 744         result = i2400m_tx(i2400m, buf, buf_len, I2400M_PT_CTRL);
 745         if (result < 0) {
 746                 dev_err(dev, "can't send message 0x%04x: %d\n",
 747                         le16_to_cpu(msg_l3l4_hdr->type), result);
 748                 goto error_tx;
 749         }
 750 
 751         /* Some commands take longer to execute because of crypto ops,
 752          * so we give them some more leeway on timeout */
 753         switch (msg_type) {
 754         case I2400M_MT_GET_TLS_OPERATION_RESULT:
 755         case I2400M_MT_CMD_SEND_EAP_RESPONSE:
 756                 ack_timeout = 5 * HZ;
 757                 break;
 758         default:
 759                 ack_timeout = HZ;
 760         }
 761 
 762         if (unlikely(i2400m->trace_msg_from_user))
 763                 wimax_msg(&i2400m->wimax_dev, "echo", buf, buf_len, GFP_KERNEL);
 764         /* The RX path in rx.c will put any response for this message
 765          * in i2400m->ack_skb and wake us up. If we cancel the wait,
 766          * we need to change the value of i2400m->ack_skb to something
 767          * not -EINPROGRESS so RX knows there is no one waiting. */
 768         result = wait_for_completion_interruptible_timeout(
 769                 &i2400m->msg_completion, ack_timeout);
 770         if (result == 0) {
 771                 dev_err(dev, "timeout waiting for reply to message 0x%04x\n",
 772                         msg_type);
 773                 result = -ETIMEDOUT;
 774                 i2400m_msg_to_dev_cancel_wait(i2400m, result);
 775                 goto error_wait_for_completion;
 776         } else if (result < 0) {
 777                 dev_err(dev, "error waiting for reply to message 0x%04x: %d\n",
 778                         msg_type, result);
 779                 i2400m_msg_to_dev_cancel_wait(i2400m, result);
 780                 goto error_wait_for_completion;
 781         }
 782 
 783         /* Pull out the ack data from i2400m->ack_skb -- see if it is
 784          * an error and act accordingly */
 785         spin_lock_irqsave(&i2400m->rx_lock, flags);
 786         ack_skb = i2400m->ack_skb;
 787         if (IS_ERR(ack_skb))
 788                 result = PTR_ERR(ack_skb);
 789         else
 790                 result = 0;
 791         i2400m->ack_skb = NULL;
 792         spin_unlock_irqrestore(&i2400m->rx_lock, flags);
 793         if (result < 0)
 794                 goto error_ack_status;
 795         ack_l3l4_hdr = wimax_msg_data_len(ack_skb, &ack_len);
 796 
 797         /* Check the ack and deliver it if it is ok */
 798         if (unlikely(i2400m->trace_msg_from_user))
 799                 wimax_msg(&i2400m->wimax_dev, "echo",
 800                           ack_l3l4_hdr, ack_len, GFP_KERNEL);
 801         result = i2400m_msg_size_check(i2400m, ack_l3l4_hdr, ack_len);
 802         if (result < 0) {
 803                 dev_err(dev, "HW BUG? reply to message 0x%04x: %d\n",
 804                         msg_type, result);
 805                 goto error_bad_ack_len;
 806         }
 807         if (msg_type != le16_to_cpu(ack_l3l4_hdr->type)) {
 808                 dev_err(dev, "HW BUG? bad reply 0x%04x to message 0x%04x\n",
 809                         le16_to_cpu(ack_l3l4_hdr->type), msg_type);
 810                 result = -EIO;
 811                 goto error_bad_ack_type;
 812         }
 813         i2400m_msg_ack_hook(i2400m, ack_l3l4_hdr, ack_len);
 814         mutex_unlock(&i2400m->msg_mutex);
 815         d_fnend(3, dev, "(i2400m %p buf %p len %zu) = %p\n",
 816                 i2400m, buf, buf_len, ack_skb);
 817         return ack_skb;
 818 
 819 error_bad_ack_type:
 820 error_bad_ack_len:
 821         kfree_skb(ack_skb);
 822 error_ack_status:
 823 error_wait_for_completion:
 824 error_tx:
 825         mutex_unlock(&i2400m->msg_mutex);
 826 error_bad_msg:
 827         d_fnend(3, dev, "(i2400m %p buf %p len %zu) = %d\n",
 828                 i2400m, buf, buf_len, result);
 829         return ERR_PTR(result);
 830 }
 831 
 832 
 833 /*
 834  * Definitions for the Enter Power Save command
 835  *
 836  * The Enter Power Save command requests the device to go into power
 837  * saving mode. The device will ack or nak the command depending on it
 838  * being ready for it. If it acks, we tell the USB subsystem to
 839  *
 840  * As well, the device might request to go into power saving mode by
 841  * sending a report (REPORT_POWERSAVE_READY), in which case, we issue
 842  * this command. The hookups in the RX coder allow
 843  */
 844 enum {
 845         I2400M_WAKEUP_ENABLED  = 0x01,
 846         I2400M_WAKEUP_DISABLED = 0x02,
 847         I2400M_TLV_TYPE_WAKEUP_MODE = 144,
 848 };
 849 
 850 struct i2400m_cmd_enter_power_save {
 851         struct i2400m_l3l4_hdr hdr;
 852         struct i2400m_tlv_hdr tlv;
 853         __le32 val;
 854 } __packed;
 855 
 856 
 857 /*
 858  * Request entering power save
 859  *
 860  * This command is (mainly) executed when the device indicates that it
 861  * is ready to go into powersave mode via a REPORT_POWERSAVE_READY.
 862  */
 863 int i2400m_cmd_enter_powersave(struct i2400m *i2400m)
 864 {
 865         int result;
 866         struct device *dev = i2400m_dev(i2400m);
 867         struct sk_buff *ack_skb;
 868         struct i2400m_cmd_enter_power_save *cmd;
 869         char strerr[32];
 870 
 871         result = -ENOMEM;
 872         cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
 873         if (cmd == NULL)
 874                 goto error_alloc;
 875         cmd->hdr.type = cpu_to_le16(I2400M_MT_CMD_ENTER_POWERSAVE);
 876         cmd->hdr.length = cpu_to_le16(sizeof(*cmd) - sizeof(cmd->hdr));
 877         cmd->hdr.version = cpu_to_le16(I2400M_L3L4_VERSION);
 878         cmd->tlv.type = cpu_to_le16(I2400M_TLV_TYPE_WAKEUP_MODE);
 879         cmd->tlv.length = cpu_to_le16(sizeof(cmd->val));
 880         cmd->val = cpu_to_le32(I2400M_WAKEUP_ENABLED);
 881 
 882         ack_skb = i2400m_msg_to_dev(i2400m, cmd, sizeof(*cmd));
 883         result = PTR_ERR(ack_skb);
 884         if (IS_ERR(ack_skb)) {
 885                 dev_err(dev, "Failed to issue 'Enter power save' command: %d\n",
 886                         result);
 887                 goto error_msg_to_dev;
 888         }
 889         result = i2400m_msg_check_status(wimax_msg_data(ack_skb),
 890                                          strerr, sizeof(strerr));
 891         if (result == -EACCES)
 892                 d_printf(1, dev, "Cannot enter power save mode\n");
 893         else if (result < 0)
 894                 dev_err(dev, "'Enter power save' (0x%04x) command failed: "
 895                         "%d - %s\n", I2400M_MT_CMD_ENTER_POWERSAVE,
 896                         result, strerr);
 897         else
 898                 d_printf(1, dev, "device ready to power save\n");
 899         kfree_skb(ack_skb);
 900 error_msg_to_dev:
 901         kfree(cmd);
 902 error_alloc:
 903         return result;
 904 }
 905 EXPORT_SYMBOL_GPL(i2400m_cmd_enter_powersave);
 906 
 907 
 908 /*
 909  * Definitions for getting device information
 910  */
 911 enum {
 912         I2400M_TLV_DETAILED_DEVICE_INFO = 140
 913 };
 914 
 915 /**
 916  * i2400m_get_device_info - Query the device for detailed device information
 917  *
 918  * @i2400m: device descriptor
 919  *
 920  * Returns: an skb whose skb->data points to a 'struct
 921  *    i2400m_tlv_detailed_device_info'. When done, kfree_skb() it. The
 922  *    skb is *guaranteed* to contain the whole TLV data structure.
 923  *
 924  *    On error, IS_ERR(skb) is true and ERR_PTR(skb) is the error
 925  *    code.
 926  */
 927 struct sk_buff *i2400m_get_device_info(struct i2400m *i2400m)
 928 {
 929         int result;
 930         struct device *dev = i2400m_dev(i2400m);
 931         struct sk_buff *ack_skb;
 932         struct i2400m_l3l4_hdr *cmd;
 933         const struct i2400m_l3l4_hdr *ack;
 934         size_t ack_len;
 935         const struct i2400m_tlv_hdr *tlv;
 936         const struct i2400m_tlv_detailed_device_info *ddi;
 937         char strerr[32];
 938 
 939         ack_skb = ERR_PTR(-ENOMEM);
 940         cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
 941         if (cmd == NULL)
 942                 goto error_alloc;
 943         cmd->type = cpu_to_le16(I2400M_MT_GET_DEVICE_INFO);
 944         cmd->length = 0;
 945         cmd->version = cpu_to_le16(I2400M_L3L4_VERSION);
 946 
 947         ack_skb = i2400m_msg_to_dev(i2400m, cmd, sizeof(*cmd));
 948         if (IS_ERR(ack_skb)) {
 949                 dev_err(dev, "Failed to issue 'get device info' command: %ld\n",
 950                         PTR_ERR(ack_skb));
 951                 goto error_msg_to_dev;
 952         }
 953         ack = wimax_msg_data_len(ack_skb, &ack_len);
 954         result = i2400m_msg_check_status(ack, strerr, sizeof(strerr));
 955         if (result < 0) {
 956                 dev_err(dev, "'get device info' (0x%04x) command failed: "
 957                         "%d - %s\n", I2400M_MT_GET_DEVICE_INFO, result,
 958                         strerr);
 959                 goto error_cmd_failed;
 960         }
 961         tlv = i2400m_tlv_find(i2400m, ack->pl, ack_len - sizeof(*ack),
 962                               I2400M_TLV_DETAILED_DEVICE_INFO, sizeof(*ddi));
 963         if (tlv == NULL) {
 964                 dev_err(dev, "GET DEVICE INFO: "
 965                         "detailed device info TLV not found (0x%04x)\n",
 966                         I2400M_TLV_DETAILED_DEVICE_INFO);
 967                 result = -EIO;
 968                 goto error_no_tlv;
 969         }
 970         skb_pull(ack_skb, (void *) tlv - (void *) ack_skb->data);
 971 error_msg_to_dev:
 972         kfree(cmd);
 973 error_alloc:
 974         return ack_skb;
 975 
 976 error_no_tlv:
 977 error_cmd_failed:
 978         kfree_skb(ack_skb);
 979         kfree(cmd);
 980         return ERR_PTR(result);
 981 }
 982 
 983 
 984 /* Firmware interface versions we support */
 985 enum {
 986         I2400M_HDIv_MAJOR = 9,
 987         I2400M_HDIv_MINOR = 1,
 988         I2400M_HDIv_MINOR_2 = 2,
 989 };
 990 
 991 
 992 /**
 993  * i2400m_firmware_check - check firmware versions are compatible with
 994  * the driver
 995  *
 996  * @i2400m: device descriptor
 997  *
 998  * Returns: 0 if ok, < 0 errno code an error and a message in the
 999  *    kernel log.
1000  *
1001  * Long function, but quite simple; first chunk launches the command
1002  * and double checks the reply for the right TLV. Then we process the
1003  * TLV (where the meat is).
1004  *
1005  * Once we process the TLV that gives us the firmware's interface
1006  * version, we encode it and save it in i2400m->fw_version for future
1007  * reference.
1008  */
1009 int i2400m_firmware_check(struct i2400m *i2400m)
1010 {
1011         int result;
1012         struct device *dev = i2400m_dev(i2400m);
1013         struct sk_buff *ack_skb;
1014         struct i2400m_l3l4_hdr *cmd;
1015         const struct i2400m_l3l4_hdr *ack;
1016         size_t ack_len;
1017         const struct i2400m_tlv_hdr *tlv;
1018         const struct i2400m_tlv_l4_message_versions *l4mv;
1019         char strerr[32];
1020         unsigned major, minor, branch;
1021 
1022         result = -ENOMEM;
1023         cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
1024         if (cmd == NULL)
1025                 goto error_alloc;
1026         cmd->type = cpu_to_le16(I2400M_MT_GET_LM_VERSION);
1027         cmd->length = 0;
1028         cmd->version = cpu_to_le16(I2400M_L3L4_VERSION);
1029 
1030         ack_skb = i2400m_msg_to_dev(i2400m, cmd, sizeof(*cmd));
1031         if (IS_ERR(ack_skb)) {
1032                 result = PTR_ERR(ack_skb);
1033                 dev_err(dev, "Failed to issue 'get lm version' command: %-d\n",
1034                         result);
1035                 goto error_msg_to_dev;
1036         }
1037         ack = wimax_msg_data_len(ack_skb, &ack_len);
1038         result = i2400m_msg_check_status(ack, strerr, sizeof(strerr));
1039         if (result < 0) {
1040                 dev_err(dev, "'get lm version' (0x%04x) command failed: "
1041                         "%d - %s\n", I2400M_MT_GET_LM_VERSION, result,
1042                         strerr);
1043                 goto error_cmd_failed;
1044         }
1045         tlv = i2400m_tlv_find(i2400m, ack->pl, ack_len - sizeof(*ack),
1046                               I2400M_TLV_L4_MESSAGE_VERSIONS, sizeof(*l4mv));
1047         if (tlv == NULL) {
1048                 dev_err(dev, "get lm version: TLV not found (0x%04x)\n",
1049                         I2400M_TLV_L4_MESSAGE_VERSIONS);
1050                 result = -EIO;
1051                 goto error_no_tlv;
1052         }
1053         l4mv = container_of(tlv, typeof(*l4mv), hdr);
1054         major = le16_to_cpu(l4mv->major);
1055         minor = le16_to_cpu(l4mv->minor);
1056         branch = le16_to_cpu(l4mv->branch);
1057         result = -EINVAL;
1058         if (major != I2400M_HDIv_MAJOR) {
1059                 dev_err(dev, "unsupported major fw version "
1060                         "%u.%u.%u\n", major, minor, branch);
1061                 goto error_bad_major;
1062         }
1063         result = 0;
1064         if (minor > I2400M_HDIv_MINOR_2 || minor < I2400M_HDIv_MINOR)
1065                 dev_warn(dev, "untested minor fw version %u.%u.%u\n",
1066                          major, minor, branch);
1067         /* Yes, we ignore the branch -- we don't have to track it */
1068         i2400m->fw_version = major << 16 | minor;
1069         dev_info(dev, "firmware interface version %u.%u.%u\n",
1070                  major, minor, branch);
1071 error_bad_major:
1072 error_no_tlv:
1073 error_cmd_failed:
1074         kfree_skb(ack_skb);
1075 error_msg_to_dev:
1076         kfree(cmd);
1077 error_alloc:
1078         return result;
1079 }
1080 
1081 
1082 /*
1083  * Send an DoExitIdle command to the device to ask it to go out of
1084  * basestation-idle mode.
1085  *
1086  * @i2400m: device descriptor
1087  *
1088  * This starts a renegotiation with the basestation that might involve
1089  * another crypto handshake with user space.
1090  *
1091  * Returns: 0 if ok, < 0 errno code on error.
1092  */
1093 int i2400m_cmd_exit_idle(struct i2400m *i2400m)
1094 {
1095         int result;
1096         struct device *dev = i2400m_dev(i2400m);
1097         struct sk_buff *ack_skb;
1098         struct i2400m_l3l4_hdr *cmd;
1099         char strerr[32];
1100 
1101         result = -ENOMEM;
1102         cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
1103         if (cmd == NULL)
1104                 goto error_alloc;
1105         cmd->type = cpu_to_le16(I2400M_MT_CMD_EXIT_IDLE);
1106         cmd->length = 0;
1107         cmd->version = cpu_to_le16(I2400M_L3L4_VERSION);
1108 
1109         ack_skb = i2400m_msg_to_dev(i2400m, cmd, sizeof(*cmd));
1110         result = PTR_ERR(ack_skb);
1111         if (IS_ERR(ack_skb)) {
1112                 dev_err(dev, "Failed to issue 'exit idle' command: %d\n",
1113                         result);
1114                 goto error_msg_to_dev;
1115         }
1116         result = i2400m_msg_check_status(wimax_msg_data(ack_skb),
1117                                          strerr, sizeof(strerr));
1118         kfree_skb(ack_skb);
1119 error_msg_to_dev:
1120         kfree(cmd);
1121 error_alloc:
1122         return result;
1123 
1124 }
1125 
1126 
1127 /*
1128  * Query the device for its state, update the WiMAX stack's idea of it
1129  *
1130  * @i2400m: device descriptor
1131  *
1132  * Returns: 0 if ok, < 0 errno code on error.
1133  *
1134  * Executes a 'Get State' command and parses the returned
1135  * TLVs.
1136  *
1137  * Because this is almost identical to a 'Report State', we use
1138  * i2400m_report_state_hook() to parse the answer. This will set the
1139  * carrier state, as well as the RF Kill switches state.
1140  */
1141 static int i2400m_cmd_get_state(struct i2400m *i2400m)
1142 {
1143         int result;
1144         struct device *dev = i2400m_dev(i2400m);
1145         struct sk_buff *ack_skb;
1146         struct i2400m_l3l4_hdr *cmd;
1147         const struct i2400m_l3l4_hdr *ack;
1148         size_t ack_len;
1149         char strerr[32];
1150 
1151         result = -ENOMEM;
1152         cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
1153         if (cmd == NULL)
1154                 goto error_alloc;
1155         cmd->type = cpu_to_le16(I2400M_MT_GET_STATE);
1156         cmd->length = 0;
1157         cmd->version = cpu_to_le16(I2400M_L3L4_VERSION);
1158 
1159         ack_skb = i2400m_msg_to_dev(i2400m, cmd, sizeof(*cmd));
1160         if (IS_ERR(ack_skb)) {
1161                 dev_err(dev, "Failed to issue 'get state' command: %ld\n",
1162                         PTR_ERR(ack_skb));
1163                 result = PTR_ERR(ack_skb);
1164                 goto error_msg_to_dev;
1165         }
1166         ack = wimax_msg_data_len(ack_skb, &ack_len);
1167         result = i2400m_msg_check_status(ack, strerr, sizeof(strerr));
1168         if (result < 0) {
1169                 dev_err(dev, "'get state' (0x%04x) command failed: "
1170                         "%d - %s\n", I2400M_MT_GET_STATE, result, strerr);
1171                 goto error_cmd_failed;
1172         }
1173         i2400m_report_state_hook(i2400m, ack, ack_len - sizeof(*ack),
1174                                  "GET STATE");
1175         result = 0;
1176         kfree_skb(ack_skb);
1177 error_cmd_failed:
1178 error_msg_to_dev:
1179         kfree(cmd);
1180 error_alloc:
1181         return result;
1182 }
1183 
1184 /**
1185  * Set basic configuration settings
1186  *
1187  * @i2400m: device descriptor
1188  * @args: array of pointers to the TLV headers to send for
1189  *     configuration (each followed by its payload).
1190  *     TLV headers and payloads must be properly initialized, with the
1191  *     right endianess (LE).
1192  * @arg_size: number of pointers in the @args array
1193  */
1194 static int i2400m_set_init_config(struct i2400m *i2400m,
1195                                   const struct i2400m_tlv_hdr **arg,
1196                                   size_t args)
1197 {
1198         int result;
1199         struct device *dev = i2400m_dev(i2400m);
1200         struct sk_buff *ack_skb;
1201         struct i2400m_l3l4_hdr *cmd;
1202         char strerr[32];
1203         unsigned argc, argsize, tlv_size;
1204         const struct i2400m_tlv_hdr *tlv_hdr;
1205         void *buf, *itr;
1206 
1207         d_fnstart(3, dev, "(i2400m %p arg %p args %zu)\n", i2400m, arg, args);
1208         result = 0;
1209         if (args == 0)
1210                 goto none;
1211         /* Compute the size of all the TLVs, so we can alloc a
1212          * contiguous command block to copy them. */
1213         argsize = 0;
1214         for (argc = 0; argc < args; argc++) {
1215                 tlv_hdr = arg[argc];
1216                 argsize += sizeof(*tlv_hdr) + le16_to_cpu(tlv_hdr->length);
1217         }
1218         WARN_ON(argc >= 9);     /* As per hw spec */
1219 
1220         /* Alloc the space for the command and TLVs*/
1221         result = -ENOMEM;
1222         buf = kzalloc(sizeof(*cmd) + argsize, GFP_KERNEL);
1223         if (buf == NULL)
1224                 goto error_alloc;
1225         cmd = buf;
1226         cmd->type = cpu_to_le16(I2400M_MT_SET_INIT_CONFIG);
1227         cmd->length = cpu_to_le16(argsize);
1228         cmd->version = cpu_to_le16(I2400M_L3L4_VERSION);
1229 
1230         /* Copy the TLVs */
1231         itr = buf + sizeof(*cmd);
1232         for (argc = 0; argc < args; argc++) {
1233                 tlv_hdr = arg[argc];
1234                 tlv_size = sizeof(*tlv_hdr) + le16_to_cpu(tlv_hdr->length);
1235                 memcpy(itr, tlv_hdr, tlv_size);
1236                 itr += tlv_size;
1237         }
1238 
1239         /* Send the message! */
1240         ack_skb = i2400m_msg_to_dev(i2400m, buf, sizeof(*cmd) + argsize);
1241         result = PTR_ERR(ack_skb);
1242         if (IS_ERR(ack_skb)) {
1243                 dev_err(dev, "Failed to issue 'init config' command: %d\n",
1244                         result);
1245 
1246                 goto error_msg_to_dev;
1247         }
1248         result = i2400m_msg_check_status(wimax_msg_data(ack_skb),
1249                                          strerr, sizeof(strerr));
1250         if (result < 0)
1251                 dev_err(dev, "'init config' (0x%04x) command failed: %d - %s\n",
1252                         I2400M_MT_SET_INIT_CONFIG, result, strerr);
1253         kfree_skb(ack_skb);
1254 error_msg_to_dev:
1255         kfree(buf);
1256 error_alloc:
1257 none:
1258         d_fnend(3, dev, "(i2400m %p arg %p args %zu) = %d\n",
1259                 i2400m, arg, args, result);
1260         return result;
1261 
1262 }
1263 
1264 /**
1265  * i2400m_set_idle_timeout - Set the device's idle mode timeout
1266  *
1267  * @i2400m: i2400m device descriptor
1268  *
1269  * @msecs: milliseconds for the timeout to enter idle mode. Between
1270  *     100 to 300000 (5m); 0 to disable. In increments of 100.
1271  *
1272  * After this @msecs of the link being idle (no data being sent or
1273  * received), the device will negotiate with the basestation entering
1274  * idle mode for saving power. The connection is maintained, but
1275  * getting out of it (done in tx.c) will require some negotiation,
1276  * possible crypto re-handshake and a possible DHCP re-lease.
1277  *
1278  * Only available if fw_version >= 0x00090002.
1279  *
1280  * Returns: 0 if ok, < 0 errno code on error.
1281  */
1282 int i2400m_set_idle_timeout(struct i2400m *i2400m, unsigned msecs)
1283 {
1284         int result;
1285         struct device *dev = i2400m_dev(i2400m);
1286         struct sk_buff *ack_skb;
1287         struct {
1288                 struct i2400m_l3l4_hdr hdr;
1289                 struct i2400m_tlv_config_idle_timeout cit;
1290         } *cmd;
1291         const struct i2400m_l3l4_hdr *ack;
1292         size_t ack_len;
1293         char strerr[32];
1294 
1295         result = -ENOSYS;
1296         if (i2400m_le_v1_3(i2400m))
1297                 goto error_alloc;
1298         result = -ENOMEM;
1299         cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
1300         if (cmd == NULL)
1301                 goto error_alloc;
1302         cmd->hdr.type = cpu_to_le16(I2400M_MT_GET_STATE);
1303         cmd->hdr.length = cpu_to_le16(sizeof(*cmd) - sizeof(cmd->hdr));
1304         cmd->hdr.version = cpu_to_le16(I2400M_L3L4_VERSION);
1305 
1306         cmd->cit.hdr.type =
1307                 cpu_to_le16(I2400M_TLV_CONFIG_IDLE_TIMEOUT);
1308         cmd->cit.hdr.length = cpu_to_le16(sizeof(cmd->cit.timeout));
1309         cmd->cit.timeout = cpu_to_le32(msecs);
1310 
1311         ack_skb = i2400m_msg_to_dev(i2400m, cmd, sizeof(*cmd));
1312         if (IS_ERR(ack_skb)) {
1313                 dev_err(dev, "Failed to issue 'set idle timeout' command: "
1314                         "%ld\n", PTR_ERR(ack_skb));
1315                 result = PTR_ERR(ack_skb);
1316                 goto error_msg_to_dev;
1317         }
1318         ack = wimax_msg_data_len(ack_skb, &ack_len);
1319         result = i2400m_msg_check_status(ack, strerr, sizeof(strerr));
1320         if (result < 0) {
1321                 dev_err(dev, "'set idle timeout' (0x%04x) command failed: "
1322                         "%d - %s\n", I2400M_MT_GET_STATE, result, strerr);
1323                 goto error_cmd_failed;
1324         }
1325         result = 0;
1326         kfree_skb(ack_skb);
1327 error_cmd_failed:
1328 error_msg_to_dev:
1329         kfree(cmd);
1330 error_alloc:
1331         return result;
1332 }
1333 
1334 
1335 /**
1336  * i2400m_dev_initialize - Initialize the device once communications are ready
1337  *
1338  * @i2400m: device descriptor
1339  *
1340  * Returns: 0 if ok, < 0 errno code on error.
1341  *
1342  * Configures the device to work the way we like it.
1343  *
1344  * At the point of this call, the device is registered with the WiMAX
1345  * and netdev stacks, firmware is uploaded and we can talk to the
1346  * device normally.
1347  */
1348 int i2400m_dev_initialize(struct i2400m *i2400m)
1349 {
1350         int result;
1351         struct device *dev = i2400m_dev(i2400m);
1352         struct i2400m_tlv_config_idle_parameters idle_params;
1353         struct i2400m_tlv_config_idle_timeout idle_timeout;
1354         struct i2400m_tlv_config_d2h_data_format df;
1355         struct i2400m_tlv_config_dl_host_reorder dlhr;
1356         const struct i2400m_tlv_hdr *args[9];
1357         unsigned argc = 0;
1358 
1359         d_fnstart(3, dev, "(i2400m %p)\n", i2400m);
1360         if (i2400m_passive_mode)
1361                 goto out_passive;
1362         /* Disable idle mode? (enabled by default) */
1363         if (i2400m_idle_mode_disabled) {
1364                 if (i2400m_le_v1_3(i2400m)) {
1365                         idle_params.hdr.type =
1366                                 cpu_to_le16(I2400M_TLV_CONFIG_IDLE_PARAMETERS);
1367                         idle_params.hdr.length = cpu_to_le16(
1368                                 sizeof(idle_params) - sizeof(idle_params.hdr));
1369                         idle_params.idle_timeout = 0;
1370                         idle_params.idle_paging_interval = 0;
1371                         args[argc++] = &idle_params.hdr;
1372                 } else {
1373                         idle_timeout.hdr.type =
1374                                 cpu_to_le16(I2400M_TLV_CONFIG_IDLE_TIMEOUT);
1375                         idle_timeout.hdr.length = cpu_to_le16(
1376                                 sizeof(idle_timeout) - sizeof(idle_timeout.hdr));
1377                         idle_timeout.timeout = 0;
1378                         args[argc++] = &idle_timeout.hdr;
1379                 }
1380         }
1381         if (i2400m_ge_v1_4(i2400m)) {
1382                 /* Enable extended RX data format? */
1383                 df.hdr.type =
1384                         cpu_to_le16(I2400M_TLV_CONFIG_D2H_DATA_FORMAT);
1385                 df.hdr.length = cpu_to_le16(
1386                         sizeof(df) - sizeof(df.hdr));
1387                 df.format = 1;
1388                 args[argc++] = &df.hdr;
1389 
1390                 /* Enable RX data reordering?
1391                  * (switch flipped in rx.c:i2400m_rx_setup() after fw upload) */
1392                 if (i2400m->rx_reorder) {
1393                         dlhr.hdr.type =
1394                                 cpu_to_le16(I2400M_TLV_CONFIG_DL_HOST_REORDER);
1395                         dlhr.hdr.length = cpu_to_le16(
1396                                 sizeof(dlhr) - sizeof(dlhr.hdr));
1397                         dlhr.reorder = 1;
1398                         args[argc++] = &dlhr.hdr;
1399                 }
1400         }
1401         result = i2400m_set_init_config(i2400m, args, argc);
1402         if (result < 0)
1403                 goto error;
1404 out_passive:
1405         /*
1406          * Update state: Here it just calls a get state; parsing the
1407          * result (System State TLV and RF Status TLV [done in the rx
1408          * path hooks]) will set the hardware and software RF-Kill
1409          * status.
1410          */
1411         result = i2400m_cmd_get_state(i2400m);
1412 error:
1413         if (result < 0)
1414                 dev_err(dev, "failed to initialize the device: %d\n", result);
1415         d_fnend(3, dev, "(i2400m %p) = %d\n", i2400m, result);
1416         return result;
1417 }
1418 
1419 
1420 /**
1421  * i2400m_dev_shutdown - Shutdown a running device
1422  *
1423  * @i2400m: device descriptor
1424  *
1425  * Release resources acquired during the running of the device; in
1426  * theory, should also tell the device to go to sleep, switch off the
1427  * radio, all that, but at this point, in most cases (driver
1428  * disconnection, reset handling) we can't even talk to the device.
1429  */
1430 void i2400m_dev_shutdown(struct i2400m *i2400m)
1431 {
1432         struct device *dev = i2400m_dev(i2400m);
1433 
1434         d_fnstart(3, dev, "(i2400m %p)\n", i2400m);
1435         d_fnend(3, dev, "(i2400m %p) = void\n", i2400m);
1436 }
/* [<][>][^][v][top][bottom][index][help] */