Bug
[В начало]
Ошибка # 121
Показать/спрятать трассу ошибок Error trace
/*Is true unsafe:*/ /*Number of usage points:2*/ /*Number of usages :2*/ /*Two examples:*/ /*_____________________*/ /*mutex_lock(char *"_mutex_of_ath9k_htc_priv")[1]*/ { return ; } { /*_____________________*/ 323 unsigned int ldvarg104; 324 int *ldvarg105; 325 u16 *ldvarg103; 326 int tmp; 327 int tmp___0; 328 int tmp___1; 329 int tmp___2; 322 ldv_initialize() { /* Function call is skipped due to function is undefined */} 328 ldv_state_variable_6 = 0; 329 ldv_state_variable_11 = 0; 330 ldv_state_variable_3 = 0; 331 ldv_state_variable_7 = 0; 332 ldv_state_variable_9 = 0; 333 ldv_state_variable_12 = 0; 334 ldv_state_variable_2 = 0; 335 ldv_state_variable_14 = 0; 336 ldv_state_variable_8 = 0; 340 ldv_state_variable_1 = 1; 341 ldv_state_variable_4 = 0; 342 ref_cnt = 0; 343 ldv_state_variable_0 = 1; 344 ldv_state_variable_13 = 0; 345 ldv_state_variable_10 = 0; 346 ldv_state_variable_5 = 0; 347 ldv_57990:; 348 tmp = __VERIFIER_nondet_int() { /* Function call is skipped due to function is undefined */} 348 switch (tmp); { 147 struct ieee80211_vif *ldvarg75; 148 struct ieee80211_tx_control *ldvarg52; 149 int ldvarg74; 150 struct ieee80211_vif *ldvarg22; 151 struct ieee80211_vif *ldvarg25; 152 struct ieee80211_bss_conf *ldvarg61; 153 struct ieee80211_vif *ldvarg54; 154 struct ieee80211_sta *ldvarg21; 155 unsigned int ldvarg30; 156 struct ieee80211_vif *ldvarg68; 157 const struct cfg80211_bitrate_mask *ldvarg70; 158 struct ieee80211_vif *ldvarg73; 159 unsigned int ldvarg26; 160 u8 *ldvarg27; 161 unsigned int ldvarg63; 162 unsigned short ldvarg45; 163 enum ieee80211_ampdu_mlme_action ldvarg40; 164 u64 *ldvarg36; 165 struct ieee80211_vif *ldvarg55; 166 struct ieee80211_sta *ldvarg66; 167 struct ieee80211_vif *ldvarg57; 168 enum set_key_cmd ldvarg65; 169 struct ieee80211_vif *ldvarg62; 170 unsigned long long ldvarg49; 171 u32 *ldvarg59; 172 unsigned char ldvarg41; 173 u32 *ldvarg60; 174 struct ieee80211_vif *ldvarg31; 175 struct ieee80211_vif *ldvarg20; 176 u16 *ldvarg39; 177 struct ieee80211_vif *ldvarg47; 178 unsigned int *ldvarg34; 179 struct ieee80211_vif *ldvarg28; 180 unsigned int ldvarg48; 181 unsigned long long ldvarg33; 182 short ldvarg69; 183 struct ieee80211_vif *ldvarg38; 184 unsigned int ldvarg35; 185 struct ieee80211_vif *ldvarg24; 186 struct ieee80211_sta *ldvarg44; 187 u8 *ldvarg29; 188 struct ieee80211_vif *ldvarg64; 189 struct ieee80211_sta *ldvarg53; 190 struct ethtool_stats *ldvarg37; 191 const struct ieee80211_tx_queue_params *ldvarg58; 192 struct ieee80211_sta *ldvarg46; 193 struct ieee80211_vif *ldvarg50; 194 unsigned short ldvarg56; 195 unsigned int ldvarg72; 196 struct ieee80211_vif *ldvarg71; 197 struct ieee80211_vif *ldvarg42; 198 _Bool ldvarg43; 199 struct cfg80211_chan_def *ldvarg23; 200 struct ieee80211_key_conf *ldvarg67; 201 struct ieee80211_low_level_stats *ldvarg32; 202 struct sk_buff *ldvarg51; 203 int tmp; 204 int tmp___0; 205 int tmp___1; 206 int tmp___2; 207 int tmp___3; 208 int tmp___4; 209 int tmp___5; 203 tmp = __VERIFIER_nondet_int() { /* Function call is skipped due to function is undefined */} 203 switch (tmp); { 1180 struct ath9k_htc_priv *priv; 1181 struct ath_common *common; 1182 struct ath_common *tmp; 1183 struct ieee80211_conf *conf; 1184 _Bool chip_reset; 1185 int ret; 1186 struct ieee80211_channel *curchan; 1187 int pos; 1188 int tmp___0; 1180 struct ath9k_htc_priv *__CPAchecker_TMP_0 = (struct ath9k_htc_priv *)(hw->priv); 1180 priv = __CPAchecker_TMP_0; 1181 common = tmp; 1182 conf = &(hw->conf); 1183 chip_reset = 0; 1184 ret = 0; { /*Change states for locks mutex_lock(char *"_mutex_of_ath9k_htc_priv")*/ 1257 ldv_mutex_lock(ldv_func_arg1, (char *)"_mutex_of_ath9k_htc_priv") { /* Function call is skipped due to function is undefined */} } { { /*Change states for locks mutex_lock(char *"_htc_pm_lock_of_ath9k_htc_priv")*/ 1059 ldv_mutex_lock(ldv_func_arg1, (char *)"_htc_pm_lock_of_ath9k_htc_priv") { /* Function call is skipped due to function is undefined */} } 48 priv->ps_usecount = (priv->ps_usecount) + 1UL; 50 ath9k_hw_setpower(priv->ah, 0) { /* Function call is skipped due to function is undefined */} 51 unlock:; { }/*Change states for locks mutex_lock(char *"_htc_pm_lock_of_ath9k_htc_priv")*/ 1065 ldv_mutex_unlock(ldv_func_arg1, (char *)"_htc_pm_lock_of_ath9k_htc_priv") { /* Function call is skipped due to function is undefined */} } 1204 int __CPAchecker_TMP_1 = (int)(conf->flags); { 355 struct ath_common *common; 356 struct ath_common *tmp; 357 struct ath9k_htc_target_vif hvif; 358 struct ath9k_htc_target_sta tsta; 359 int ret; 360 int sta_idx; 361 unsigned char cmd_rsp; 362 unsigned long tmp___0; 363 unsigned long tmp___1; 355 common = tmp; 358 ret = 0; 361 unsigned int __CPAchecker_TMP_0 = (unsigned int)(priv->nvifs); 361 unsigned int __CPAchecker_TMP_1 = (unsigned int)(priv->nstations); 367 unsigned long __CPAchecker_TMP_2 = (unsigned long)(priv->sta_slot); { 362 Ignored inline assembler code 365 return word;; } 367 sta_idx = (int)tmp___0; 376 __memset((void *)(&hvif), 0, 12UL) { /* Function call is skipped due to function is undefined */} 377 __memcpy((void *)(&(hvif.myaddr)), (const void *)(&(common->macaddr)), 6UL) { /* Function call is skipped due to function is undefined */} 379 hvif.opmode = 8U; 380 unsigned long __CPAchecker_TMP_3 = (unsigned long)(priv->vif_slot); { 362 Ignored inline assembler code 365 return word;; } 380 hvif.index = (u8 )tmp___1; { 294 struct ath_hw *ah; 295 struct ath_common *common; 296 struct ath_common *tmp; 297 unsigned short headroom; 298 struct sk_buff *skb; 299 u8 *data; 300 unsigned long time_left; 301 int ret; 302 unsigned char *tmp___0; 303 long tmp___1; 304 const char *tmp___2; 305 const char *tmp___3; 296 ah = wmi->drv_priv->ah; 297 common = tmp; 298 headroom = 12U; 303 ret = 0; { 894 struct sk_buff *tmp; 895 tmp = __alloc_skb(size, priority, 0, -1) { /* Function call is skipped due to function is undefined */} 895 return tmp;; } { 1984 skb->data = (skb->data) + ((unsigned long)len); 1985 skb->tail = (skb->tail) + ((sk_buff_data_t )len); 1986 return ;; } 315 tmp___0 = skb_put(skb, cmd_len) { /* Function call is skipped due to function is undefined */} 315 data = tmp___0; 316 __memcpy((void *)data, (const void *)cmd_buf, (size_t )cmd_len) { /* Function call is skipped due to function is undefined */} { /*Change states for locks mutex_lock(char *"_op_mutex_of_wmi")*/ 610 ldv_mutex_lock(ldv_func_arg1, (char *)"_op_mutex_of_wmi") { /* Function call is skipped due to function is undefined */} } 322 long __CPAchecker_TMP_0 = (long)(wmi->stopped); 328 wmi->cmd_rsp_buf = rsp_buf; 329 wmi->cmd_rsp_len = rsp_len; { 276 struct wmi_cmd_hdr *hdr; 277 unsigned long flags; 278 unsigned char *tmp; 279 unsigned short tmp___0; 280 unsigned short tmp___1; 281 int tmp___2; 280 tmp = skb_push(skb, 4U) { /* Function call is skipped due to function is undefined */} 280 hdr = (struct wmi_cmd_hdr *)tmp; { 53 return (__u16 )(((int)((short)(((int)val) << 8))) | ((int)((short)(((int)val) >> 8))));; } 281 hdr->command_id = tmp___0; 282 int __CPAchecker_TMP_0 = (int)(wmi->tx_seq_id); 282 wmi->tx_seq_id = (u16 )(__CPAchecker_TMP_0 + 1); 282 int __CPAchecker_TMP_1 = (int)(wmi->tx_seq_id); { 53 return (__u16 )(((int)((short)(((int)val) << 8))) | ((int)((short)(((int)val) >> 8))));; } 282 hdr->seq_no = tmp___1; { /*Change states for locks spin_lock(char *"_wmi_lock_of_wmi")*/ 598 ldv_spin_lock(ldv_func_arg1, (char *)"_wmi_lock_of_wmi") { /* Function call is skipped due to function is undefined */} } 285 wmi->last_seq_id = wmi->tx_seq_id; { /*Change states for locks spin_lock(char *"_wmi_lock_of_wmi")*/ 526 ldv_spin_unlock(lock, (char *)"_wmi_lock_of_wmi") { /* Function call is skipped due to function is undefined */} } { } 304 int tmp; 305 u16 __CPAchecker_TMP_0 = (u16 )(skb->len); { } 24 struct htc_frame_hdr *hdr; 25 struct htc_endpoint *endpoint; 26 int status; 27 unsigned char *tmp; 28 unsigned short tmp___0; 26 endpoint = ((struct htc_endpoint *)(&(target->endpoint))) + ((unsigned long)epid); 29 tmp = skb_push(skb, 8U) { /* Function call is skipped due to function is undefined */} 29 hdr = (struct htc_frame_hdr *)tmp; 31 hdr->endpoint_id = epid; 32 hdr->flags = flags; { 53 return (__u16 )(((int)((short)(((int)val) << 8))) | ((int)((short)(((int)val) >> 8))));; } 33 hdr->payload_len = tmp___0; 35 int __CPAchecker_TMP_0 = (int)(endpoint->ul_pipeid); 35 status = (*(target->hif->send))(target->hif_dev, __CPAchecker_TMP_0, skb); } 335 time_left = wait_for_completion_timeout(&(wmi->cmd_wait), (unsigned long)timeout) { /* Function call is skipped due to function is undefined */} { }/*Change states for locks mutex_lock(char *"_op_mutex_of_wmi")*/ 622 ldv_mutex_unlock(ldv_func_arg1, (char *)"_op_mutex_of_wmi") { /* Function call is skipped due to function is undefined */} } 390 priv->mon_vif_idx = hvif.index; 391 signed char __CPAchecker_TMP_4 = (signed char)(priv->vif_slot); 391 priv->vif_slot = (u8 )(((int)__CPAchecker_TMP_4) | ((int)((signed char)(1 << ((int)(hvif.index)))))); 397 unsigned int __CPAchecker_TMP_5 = (unsigned int)(priv->nvifs); 400 int __CPAchecker_TMP_6 = (int)(priv->nvifs); 400 priv->nvifs = (u16 )(__CPAchecker_TMP_6 + 1); 405 __memset((void *)(&tsta), 0, 22UL) { /* Function call is skipped due to function is undefined */} 407 __memcpy((void *)(&(tsta.macaddr)), (const void *)(&(common->macaddr)), 6UL) { /* Function call is skipped due to function is undefined */} 409 tsta.is_vif_sta = 1U; 410 tsta.sta_index = (u8 )sta_idx; 411 tsta.vif_index = hvif.index; 412 tsta.maxampdu = 65535U; { 294 struct ath_hw *ah; 295 struct ath_common *common; 296 struct ath_common *tmp; 297 unsigned short headroom; 298 struct sk_buff *skb; 299 u8 *data; 300 unsigned long time_left; 301 int ret; 302 unsigned char *tmp___0; 303 long tmp___1; 304 const char *tmp___2; 305 const char *tmp___3; 296 ah = wmi->drv_priv->ah; 297 common = tmp; 298 headroom = 12U; 303 ret = 0; { 894 struct sk_buff *tmp; 895 tmp = __alloc_skb(size, priority, 0, -1) { /* Function call is skipped due to function is undefined */} 895 return tmp;; } { 1984 skb->data = (skb->data) + ((unsigned long)len); 1985 skb->tail = (skb->tail) + ((sk_buff_data_t )len); 1986 return ;; } 315 tmp___0 = skb_put(skb, cmd_len) { /* Function call is skipped due to function is undefined */} 315 data = tmp___0; 316 __memcpy((void *)data, (const void *)cmd_buf, (size_t )cmd_len) { /* Function call is skipped due to function is undefined */} { /*Change states for locks mutex_lock(char *"_op_mutex_of_wmi")*/ 610 ldv_mutex_lock(ldv_func_arg1, (char *)"_op_mutex_of_wmi") { /* Function call is skipped due to function is undefined */} } 322 long __CPAchecker_TMP_0 = (long)(wmi->stopped); 328 wmi->cmd_rsp_buf = rsp_buf; 329 wmi->cmd_rsp_len = rsp_len; { 276 struct wmi_cmd_hdr *hdr; 277 unsigned long flags; 278 unsigned char *tmp; 279 unsigned short tmp___0; 280 unsigned short tmp___1; 281 int tmp___2; 280 tmp = skb_push(skb, 4U) { /* Function call is skipped due to function is undefined */} 280 hdr = (struct wmi_cmd_hdr *)tmp; { 53 return (__u16 )(((int)((short)(((int)val) << 8))) | ((int)((short)(((int)val) >> 8))));; } 281 hdr->command_id = tmp___0; 282 int __CPAchecker_TMP_0 = (int)(wmi->tx_seq_id); 282 wmi->tx_seq_id = (u16 )(__CPAchecker_TMP_0 + 1); 282 int __CPAchecker_TMP_1 = (int)(wmi->tx_seq_id); { 53 return (__u16 )(((int)((short)(((int)val) << 8))) | ((int)((short)(((int)val) >> 8))));; } 282 hdr->seq_no = tmp___1; { /*Change states for locks spin_lock(char *"_wmi_lock_of_wmi")*/ 598 ldv_spin_lock(ldv_func_arg1, (char *)"_wmi_lock_of_wmi") { /* Function call is skipped due to function is undefined */} } 285 wmi->last_seq_id = wmi->tx_seq_id; { /*Change states for locks spin_lock(char *"_wmi_lock_of_wmi")*/ 526 ldv_spin_unlock(lock, (char *)"_wmi_lock_of_wmi") { /* Function call is skipped due to function is undefined */} } { } 304 int tmp; 305 u16 __CPAchecker_TMP_0 = (u16 )(skb->len); { } 24 struct htc_frame_hdr *hdr; 25 struct htc_endpoint *endpoint; 26 int status; 27 unsigned char *tmp; 28 unsigned short tmp___0; 26 endpoint = ((struct htc_endpoint *)(&(target->endpoint))) + ((unsigned long)epid); 29 tmp = skb_push(skb, 8U) { /* Function call is skipped due to function is undefined */} 29 hdr = (struct htc_frame_hdr *)tmp; 31 hdr->endpoint_id = epid; 32 hdr->flags = flags; { 53 return (__u16 )(((int)((short)(((int)val) << 8))) | ((int)((short)(((int)val) >> 8))));; } 33 hdr->payload_len = tmp___0; 35 int __CPAchecker_TMP_0 = (int)(endpoint->ul_pipeid); 35 status = (*(target->hif->send))(target->hif_dev, __CPAchecker_TMP_0, skb); } 335 time_left = wait_for_completion_timeout(&(wmi->cmd_wait), (unsigned long)timeout) { /* Function call is skipped due to function is undefined */} { }/*Change states for locks mutex_lock(char *"_op_mutex_of_wmi")*/ 622 ldv_mutex_unlock(ldv_func_arg1, (char *)"_op_mutex_of_wmi") { /* Function call is skipped due to function is undefined */} } 420 signed char __CPAchecker_TMP_7 = (signed char)(priv->sta_slot); 420 priv->sta_slot = (u8 )(((int)__CPAchecker_TMP_7) | ((int)((signed char)(1 << sta_idx)))); 421 int __CPAchecker_TMP_8 = (int)(priv->nstations); 421 priv->nstations = (u16 )(__CPAchecker_TMP_8 + 1); 422 int __CPAchecker_TMP_9 = (int)(priv->mon_vif_idx); 422 (priv->vif_sta_pos)[__CPAchecker_TMP_9] = (u8 )sta_idx; 423 priv->ah->is_monitoring = 1; return ;; } return ;; } return ;; } return ;; }/*Without locks*/ { return ; } { 323 unsigned int ldvarg104; 324 int *ldvarg105; 325 u16 *ldvarg103; 326 int tmp; 327 int tmp___0; 328 int tmp___1; 329 int tmp___2; 322 ldv_initialize() { /* Function call is skipped due to function is undefined */} 328 ldv_state_variable_6 = 0; 329 ldv_state_variable_11 = 0; 330 ldv_state_variable_3 = 0; 331 ldv_state_variable_7 = 0; 332 ldv_state_variable_9 = 0; 333 ldv_state_variable_12 = 0; 334 ldv_state_variable_2 = 0; 335 ldv_state_variable_14 = 0; 336 ldv_state_variable_8 = 0; 340 ldv_state_variable_1 = 1; 341 ldv_state_variable_4 = 0; 342 ref_cnt = 0; 343 ldv_state_variable_0 = 1; 344 ldv_state_variable_13 = 0; 345 ldv_state_variable_10 = 0; 346 ldv_state_variable_5 = 0; 347 ldv_57990:; 348 tmp = __VERIFIER_nondet_int() { /* Function call is skipped due to function is undefined */} 348 switch (tmp); { 147 struct ieee80211_vif *ldvarg75; 148 struct ieee80211_tx_control *ldvarg52; 149 int ldvarg74; 150 struct ieee80211_vif *ldvarg22; 151 struct ieee80211_vif *ldvarg25; 152 struct ieee80211_bss_conf *ldvarg61; 153 struct ieee80211_vif *ldvarg54; 154 struct ieee80211_sta *ldvarg21; 155 unsigned int ldvarg30; 156 struct ieee80211_vif *ldvarg68; 157 const struct cfg80211_bitrate_mask *ldvarg70; 158 struct ieee80211_vif *ldvarg73; 159 unsigned int ldvarg26; 160 u8 *ldvarg27; 161 unsigned int ldvarg63; 162 unsigned short ldvarg45; 163 enum ieee80211_ampdu_mlme_action ldvarg40; 164 u64 *ldvarg36; 165 struct ieee80211_vif *ldvarg55; 166 struct ieee80211_sta *ldvarg66; 167 struct ieee80211_vif *ldvarg57; 168 enum set_key_cmd ldvarg65; 169 struct ieee80211_vif *ldvarg62; 170 unsigned long long ldvarg49; 171 u32 *ldvarg59; 172 unsigned char ldvarg41; 173 u32 *ldvarg60; 174 struct ieee80211_vif *ldvarg31; 175 struct ieee80211_vif *ldvarg20; 176 u16 *ldvarg39; 177 struct ieee80211_vif *ldvarg47; 178 unsigned int *ldvarg34; 179 struct ieee80211_vif *ldvarg28; 180 unsigned int ldvarg48; 181 unsigned long long ldvarg33; 182 short ldvarg69; 183 struct ieee80211_vif *ldvarg38; 184 unsigned int ldvarg35; 185 struct ieee80211_vif *ldvarg24; 186 struct ieee80211_sta *ldvarg44; 187 u8 *ldvarg29; 188 struct ieee80211_vif *ldvarg64; 189 struct ieee80211_sta *ldvarg53; 190 struct ethtool_stats *ldvarg37; 191 const struct ieee80211_tx_queue_params *ldvarg58; 192 struct ieee80211_sta *ldvarg46; 193 struct ieee80211_vif *ldvarg50; 194 unsigned short ldvarg56; 195 unsigned int ldvarg72; 196 struct ieee80211_vif *ldvarg71; 197 struct ieee80211_vif *ldvarg42; 198 _Bool ldvarg43; 199 struct cfg80211_chan_def *ldvarg23; 200 struct ieee80211_key_conf *ldvarg67; 201 struct ieee80211_low_level_stats *ldvarg32; 202 struct sk_buff *ldvarg51; 203 int tmp; 204 int tmp___0; 205 int tmp___1; 206 int tmp___2; 207 int tmp___3; 208 int tmp___4; 209 int tmp___5; 203 tmp = __VERIFIER_nondet_int() { /* Function call is skipped due to function is undefined */} 203 switch (tmp); { 868 struct ieee80211_hdr *hdr; 869 struct ath9k_htc_priv *priv; 870 struct ath_common *common; 871 struct ath_common *tmp; 872 int padpos; 873 int padsize; 874 int ret; 875 int slot; 876 unsigned int tmp___0; 877 unsigned int tmp___1; 870 struct ath9k_htc_priv *__CPAchecker_TMP_0 = (struct ath9k_htc_priv *)(hw->priv); 870 priv = __CPAchecker_TMP_0; 871 common = tmp; 874 struct ieee80211_hdr *__CPAchecker_TMP_1 = (struct ieee80211_hdr *)(skb->data); 874 hdr = __CPAchecker_TMP_1; 877 int __CPAchecker_TMP_2 = (int)(hdr->frame_control); 877 tmp___0 = ieee80211_hdrlen(__CPAchecker_TMP_2) { /* Function call is skipped due to function is undefined */} 877 padpos = (int)tmp___0; 878 padsize = padpos & 3; { 81 int slot; 82 unsigned long tmp; { /*Change states for locks spin_lock(char *"_tx_lock_of_ath9k_htc_tx")*/ 550 ldv_spin_lock(lock, (char *)"_tx_lock_of_ath9k_htc_tx") { /* Function call is skipped due to function is undefined */} } 84 tmp = find_first_zero_bit((const unsigned long *)(&(priv->tx.tx_slot)), 256UL) { /* Function call is skipped due to function is undefined */} 84 slot = (int)tmp; { 96 Ignored inline assembler code 97 return ;; } { }/*Change states for locks spin_lock(char *"_tx_lock_of_ath9k_htc_tx")*/ 556 ldv_spin_unlock(lock, (char *)"_tx_lock_of_ath9k_htc_tx") { /* Function call is skipped due to function is undefined */} } { 338 struct ieee80211_hdr *hdr; 339 struct ieee80211_tx_info *tx_info; 340 struct ieee80211_tx_info *tmp; 341 struct ieee80211_vif *vif; 342 struct ath9k_htc_sta *ista; 343 struct ath9k_htc_vif *avp; 344 unsigned char sta_idx; 345 unsigned char vif_idx; 346 struct ath_common *tmp___0; 347 struct ath_common *tmp___1; 348 _Bool tmp___2; 349 int tmp___3; { 925 return (struct ieee80211_tx_info *)(&(skb->cb));; } 341 tx_info = tmp; 342 vif = tx_info->__annonCompField107.control.vif; 344 avp = (struct ath9k_htc_vif *)0; 347 struct ieee80211_hdr *__CPAchecker_TMP_0 = (struct ieee80211_hdr *)(skb->data); 347 hdr = __CPAchecker_TMP_0; 363 vif_idx = priv->mon_vif_idx; 373 sta_idx = (priv->vif_sta_pos)[(int)vif_idx]; return ;; } return ;; } return ;; } return ;; } | Source code
1 /*
2 * Copyright (c) 2010-2011 Atheros Communications Inc.
3 *
4 * Permission to use, copy, modify, and/or distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice appear in all copies.
7 *
8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15 */
16
17 #include <asm/unaligned.h>
18 #include "htc.h"
19
20 MODULE_FIRMWARE(HTC_7010_MODULE_FW);
21 MODULE_FIRMWARE(HTC_9271_MODULE_FW);
22
23 static struct usb_device_id ath9k_hif_usb_ids[] = {
24 { USB_DEVICE(0x0cf3, 0x9271) }, /* Atheros */
25 { USB_DEVICE(0x0cf3, 0x1006) }, /* Atheros */
26 { USB_DEVICE(0x0846, 0x9030) }, /* Netgear N150 */
27 { USB_DEVICE(0x07D1, 0x3A10) }, /* Dlink Wireless 150 */
28 { USB_DEVICE(0x13D3, 0x3327) }, /* Azurewave */
29 { USB_DEVICE(0x13D3, 0x3328) }, /* Azurewave */
30 { USB_DEVICE(0x13D3, 0x3346) }, /* IMC Networks */
31 { USB_DEVICE(0x13D3, 0x3348) }, /* Azurewave */
32 { USB_DEVICE(0x13D3, 0x3349) }, /* Azurewave */
33 { USB_DEVICE(0x13D3, 0x3350) }, /* Azurewave */
34 { USB_DEVICE(0x04CA, 0x4605) }, /* Liteon */
35 { USB_DEVICE(0x040D, 0x3801) }, /* VIA */
36 { USB_DEVICE(0x0cf3, 0xb003) }, /* Ubiquiti WifiStation Ext */
37 { USB_DEVICE(0x0cf3, 0xb002) }, /* Ubiquiti WifiStation */
38 { USB_DEVICE(0x057c, 0x8403) }, /* AVM FRITZ!WLAN 11N v2 USB */
39 { USB_DEVICE(0x0471, 0x209e) }, /* Philips (or NXP) PTA01 */
40
41 { USB_DEVICE(0x0cf3, 0x7015),
42 .driver_info = AR9287_USB }, /* Atheros */
43 { USB_DEVICE(0x1668, 0x1200),
44 .driver_info = AR9287_USB }, /* Verizon */
45
46 { USB_DEVICE(0x0cf3, 0x7010),
47 .driver_info = AR9280_USB }, /* Atheros */
48 { USB_DEVICE(0x0846, 0x9018),
49 .driver_info = AR9280_USB }, /* Netgear WNDA3200 */
50 { USB_DEVICE(0x083A, 0xA704),
51 .driver_info = AR9280_USB }, /* SMC Networks */
52 { USB_DEVICE(0x0411, 0x017f),
53 .driver_info = AR9280_USB }, /* Sony UWA-BR100 */
54 { USB_DEVICE(0x0411, 0x0197),
55 .driver_info = AR9280_USB }, /* Buffalo WLI-UV-AG300P */
56 { USB_DEVICE(0x04da, 0x3904),
57 .driver_info = AR9280_USB },
58
59 { USB_DEVICE(0x0cf3, 0x20ff),
60 .driver_info = STORAGE_DEVICE },
61
62 { },
63 };
64
65 MODULE_DEVICE_TABLE(usb, ath9k_hif_usb_ids);
66
67 static int __hif_usb_tx(struct hif_device_usb *hif_dev);
68
69 static void hif_usb_regout_cb(struct urb *urb)
70 {
71 struct cmd_buf *cmd = (struct cmd_buf *)urb->context;
72
73 switch (urb->status) {
74 case 0:
75 break;
76 case -ENOENT:
77 case -ECONNRESET:
78 case -ENODEV:
79 case -ESHUTDOWN:
80 goto free;
81 default:
82 break;
83 }
84
85 if (cmd) {
86 ath9k_htc_txcompletion_cb(cmd->hif_dev->htc_handle,
87 cmd->skb, true);
88 kfree(cmd);
89 }
90
91 return;
92 free:
93 kfree_skb(cmd->skb);
94 kfree(cmd);
95 }
96
97 static int hif_usb_send_regout(struct hif_device_usb *hif_dev,
98 struct sk_buff *skb)
99 {
100 struct urb *urb;
101 struct cmd_buf *cmd;
102 int ret = 0;
103
104 urb = usb_alloc_urb(0, GFP_KERNEL);
105 if (urb == NULL)
106 return -ENOMEM;
107
108 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
109 if (cmd == NULL) {
110 usb_free_urb(urb);
111 return -ENOMEM;
112 }
113
114 cmd->skb = skb;
115 cmd->hif_dev = hif_dev;
116
117 usb_fill_int_urb(urb, hif_dev->udev,
118 usb_sndintpipe(hif_dev->udev, USB_REG_OUT_PIPE),
119 skb->data, skb->len,
120 hif_usb_regout_cb, cmd, 1);
121
122 usb_anchor_urb(urb, &hif_dev->regout_submitted);
123 ret = usb_submit_urb(urb, GFP_KERNEL);
124 if (ret) {
125 usb_unanchor_urb(urb);
126 kfree(cmd);
127 }
128 usb_free_urb(urb);
129
130 return ret;
131 }
132
133 static void hif_usb_mgmt_cb(struct urb *urb)
134 {
135 struct cmd_buf *cmd = (struct cmd_buf *)urb->context;
136 struct hif_device_usb *hif_dev;
137 bool txok = true;
138
139 if (!cmd || !cmd->skb || !cmd->hif_dev)
140 return;
141
142 hif_dev = cmd->hif_dev;
143
144 switch (urb->status) {
145 case 0:
146 break;
147 case -ENOENT:
148 case -ECONNRESET:
149 case -ENODEV:
150 case -ESHUTDOWN:
151 txok = false;
152
153 /*
154 * If the URBs are being flushed, no need to complete
155 * this packet.
156 */
157 spin_lock(&hif_dev->tx.tx_lock);
158 if (hif_dev->tx.flags & HIF_USB_TX_FLUSH) {
159 spin_unlock(&hif_dev->tx.tx_lock);
160 dev_kfree_skb_any(cmd->skb);
161 kfree(cmd);
162 return;
163 }
164 spin_unlock(&hif_dev->tx.tx_lock);
165
166 break;
167 default:
168 txok = false;
169 break;
170 }
171
172 skb_pull(cmd->skb, 4);
173 ath9k_htc_txcompletion_cb(cmd->hif_dev->htc_handle,
174 cmd->skb, txok);
175 kfree(cmd);
176 }
177
178 static int hif_usb_send_mgmt(struct hif_device_usb *hif_dev,
179 struct sk_buff *skb)
180 {
181 struct urb *urb;
182 struct cmd_buf *cmd;
183 int ret = 0;
184 __le16 *hdr;
185
186 urb = usb_alloc_urb(0, GFP_ATOMIC);
187 if (urb == NULL)
188 return -ENOMEM;
189
190 cmd = kzalloc(sizeof(*cmd), GFP_ATOMIC);
191 if (cmd == NULL) {
192 usb_free_urb(urb);
193 return -ENOMEM;
194 }
195
196 cmd->skb = skb;
197 cmd->hif_dev = hif_dev;
198
199 hdr = (__le16 *) skb_push(skb, 4);
200 *hdr++ = cpu_to_le16(skb->len - 4);
201 *hdr++ = cpu_to_le16(ATH_USB_TX_STREAM_MODE_TAG);
202
203 usb_fill_bulk_urb(urb, hif_dev->udev,
204 usb_sndbulkpipe(hif_dev->udev, USB_WLAN_TX_PIPE),
205 skb->data, skb->len,
206 hif_usb_mgmt_cb, cmd);
207
208 usb_anchor_urb(urb, &hif_dev->mgmt_submitted);
209 ret = usb_submit_urb(urb, GFP_ATOMIC);
210 if (ret) {
211 usb_unanchor_urb(urb);
212 kfree(cmd);
213 }
214 usb_free_urb(urb);
215
216 return ret;
217 }
218
219 static inline void ath9k_skb_queue_purge(struct hif_device_usb *hif_dev,
220 struct sk_buff_head *list)
221 {
222 struct sk_buff *skb;
223
224 while ((skb = __skb_dequeue(list)) != NULL) {
225 dev_kfree_skb_any(skb);
226 }
227 }
228
229 static inline void ath9k_skb_queue_complete(struct hif_device_usb *hif_dev,
230 struct sk_buff_head *queue,
231 bool txok)
232 {
233 struct sk_buff *skb;
234
235 while ((skb = __skb_dequeue(queue)) != NULL) {
236 #ifdef CONFIG_ATH9K_HTC_DEBUGFS
237 int ln = skb->len;
238 #endif
239 ath9k_htc_txcompletion_cb(hif_dev->htc_handle,
240 skb, txok);
241 if (txok) {
242 TX_STAT_INC(skb_success);
243 TX_STAT_ADD(skb_success_bytes, ln);
244 }
245 else
246 TX_STAT_INC(skb_failed);
247 }
248 }
249
250 static void hif_usb_tx_cb(struct urb *urb)
251 {
252 struct tx_buf *tx_buf = (struct tx_buf *) urb->context;
253 struct hif_device_usb *hif_dev;
254 bool txok = true;
255
256 if (!tx_buf || !tx_buf->hif_dev)
257 return;
258
259 hif_dev = tx_buf->hif_dev;
260
261 switch (urb->status) {
262 case 0:
263 break;
264 case -ENOENT:
265 case -ECONNRESET:
266 case -ENODEV:
267 case -ESHUTDOWN:
268 txok = false;
269
270 /*
271 * If the URBs are being flushed, no need to add this
272 * URB to the free list.
273 */
274 spin_lock(&hif_dev->tx.tx_lock);
275 if (hif_dev->tx.flags & HIF_USB_TX_FLUSH) {
276 spin_unlock(&hif_dev->tx.tx_lock);
277 ath9k_skb_queue_purge(hif_dev, &tx_buf->skb_queue);
278 return;
279 }
280 spin_unlock(&hif_dev->tx.tx_lock);
281
282 break;
283 default:
284 txok = false;
285 break;
286 }
287
288 ath9k_skb_queue_complete(hif_dev, &tx_buf->skb_queue, txok);
289
290 /* Re-initialize the SKB queue */
291 tx_buf->len = tx_buf->offset = 0;
292 __skb_queue_head_init(&tx_buf->skb_queue);
293
294 /* Add this TX buffer to the free list */
295 spin_lock(&hif_dev->tx.tx_lock);
296 list_move_tail(&tx_buf->list, &hif_dev->tx.tx_buf);
297 hif_dev->tx.tx_buf_cnt++;
298 if (!(hif_dev->tx.flags & HIF_USB_TX_STOP))
299 __hif_usb_tx(hif_dev); /* Check for pending SKBs */
300 TX_STAT_INC(buf_completed);
301 spin_unlock(&hif_dev->tx.tx_lock);
302 }
303
304 /* TX lock has to be taken */
305 static int __hif_usb_tx(struct hif_device_usb *hif_dev)
306 {
307 struct tx_buf *tx_buf = NULL;
308 struct sk_buff *nskb = NULL;
309 int ret = 0, i;
310 u16 tx_skb_cnt = 0;
311 u8 *buf;
312 __le16 *hdr;
313
314 if (hif_dev->tx.tx_skb_cnt == 0)
315 return 0;
316
317 /* Check if a free TX buffer is available */
318 if (list_empty(&hif_dev->tx.tx_buf))
319 return 0;
320
321 tx_buf = list_first_entry(&hif_dev->tx.tx_buf, struct tx_buf, list);
322 list_move_tail(&tx_buf->list, &hif_dev->tx.tx_pending);
323 hif_dev->tx.tx_buf_cnt--;
324
325 tx_skb_cnt = min_t(u16, hif_dev->tx.tx_skb_cnt, MAX_TX_AGGR_NUM);
326
327 for (i = 0; i < tx_skb_cnt; i++) {
328 nskb = __skb_dequeue(&hif_dev->tx.tx_skb_queue);
329
330 /* Should never be NULL */
331 BUG_ON(!nskb);
332
333 hif_dev->tx.tx_skb_cnt--;
334
335 buf = tx_buf->buf;
336 buf += tx_buf->offset;
337 hdr = (__le16 *)buf;
338 *hdr++ = cpu_to_le16(nskb->len);
339 *hdr++ = cpu_to_le16(ATH_USB_TX_STREAM_MODE_TAG);
340 buf += 4;
341 memcpy(buf, nskb->data, nskb->len);
342 tx_buf->len = nskb->len + 4;
343
344 if (i < (tx_skb_cnt - 1))
345 tx_buf->offset += (((tx_buf->len - 1) / 4) + 1) * 4;
346
347 if (i == (tx_skb_cnt - 1))
348 tx_buf->len += tx_buf->offset;
349
350 __skb_queue_tail(&tx_buf->skb_queue, nskb);
351 TX_STAT_INC(skb_queued);
352 }
353
354 usb_fill_bulk_urb(tx_buf->urb, hif_dev->udev,
355 usb_sndbulkpipe(hif_dev->udev, USB_WLAN_TX_PIPE),
356 tx_buf->buf, tx_buf->len,
357 hif_usb_tx_cb, tx_buf);
358
359 ret = usb_submit_urb(tx_buf->urb, GFP_ATOMIC);
360 if (ret) {
361 tx_buf->len = tx_buf->offset = 0;
362 ath9k_skb_queue_complete(hif_dev, &tx_buf->skb_queue, false);
363 __skb_queue_head_init(&tx_buf->skb_queue);
364 list_move_tail(&tx_buf->list, &hif_dev->tx.tx_buf);
365 hif_dev->tx.tx_buf_cnt++;
366 }
367
368 if (!ret)
369 TX_STAT_INC(buf_queued);
370
371 return ret;
372 }
373
374 static int hif_usb_send_tx(struct hif_device_usb *hif_dev, struct sk_buff *skb)
375 {
376 struct ath9k_htc_tx_ctl *tx_ctl;
377 unsigned long flags;
378 int ret = 0;
379
380 spin_lock_irqsave(&hif_dev->tx.tx_lock, flags);
381
382 if (hif_dev->tx.flags & HIF_USB_TX_STOP) {
383 spin_unlock_irqrestore(&hif_dev->tx.tx_lock, flags);
384 return -ENODEV;
385 }
386
387 /* Check if the max queue count has been reached */
388 if (hif_dev->tx.tx_skb_cnt > MAX_TX_BUF_NUM) {
389 spin_unlock_irqrestore(&hif_dev->tx.tx_lock, flags);
390 return -ENOMEM;
391 }
392
393 spin_unlock_irqrestore(&hif_dev->tx.tx_lock, flags);
394
395 tx_ctl = HTC_SKB_CB(skb);
396
397 /* Mgmt/Beacon frames don't use the TX buffer pool */
398 if ((tx_ctl->type == ATH9K_HTC_MGMT) ||
399 (tx_ctl->type == ATH9K_HTC_BEACON)) {
400 ret = hif_usb_send_mgmt(hif_dev, skb);
401 }
402
403 spin_lock_irqsave(&hif_dev->tx.tx_lock, flags);
404
405 if ((tx_ctl->type == ATH9K_HTC_NORMAL) ||
406 (tx_ctl->type == ATH9K_HTC_AMPDU)) {
407 __skb_queue_tail(&hif_dev->tx.tx_skb_queue, skb);
408 hif_dev->tx.tx_skb_cnt++;
409 }
410
411 /* Check if AMPDUs have to be sent immediately */
412 if ((hif_dev->tx.tx_buf_cnt == MAX_TX_URB_NUM) &&
413 (hif_dev->tx.tx_skb_cnt < 2)) {
414 __hif_usb_tx(hif_dev);
415 }
416
417 spin_unlock_irqrestore(&hif_dev->tx.tx_lock, flags);
418
419 return ret;
420 }
421
422 static void hif_usb_start(void *hif_handle)
423 {
424 struct hif_device_usb *hif_dev = (struct hif_device_usb *)hif_handle;
425 unsigned long flags;
426
427 hif_dev->flags |= HIF_USB_START;
428
429 spin_lock_irqsave(&hif_dev->tx.tx_lock, flags);
430 hif_dev->tx.flags &= ~HIF_USB_TX_STOP;
431 spin_unlock_irqrestore(&hif_dev->tx.tx_lock, flags);
432 }
433
434 static void hif_usb_stop(void *hif_handle)
435 {
436 struct hif_device_usb *hif_dev = (struct hif_device_usb *)hif_handle;
437 struct tx_buf *tx_buf = NULL, *tx_buf_tmp = NULL;
438 unsigned long flags;
439
440 spin_lock_irqsave(&hif_dev->tx.tx_lock, flags);
441 ath9k_skb_queue_complete(hif_dev, &hif_dev->tx.tx_skb_queue, false);
442 hif_dev->tx.tx_skb_cnt = 0;
443 hif_dev->tx.flags |= HIF_USB_TX_STOP;
444 spin_unlock_irqrestore(&hif_dev->tx.tx_lock, flags);
445
446 /* The pending URBs have to be canceled. */
447 list_for_each_entry_safe(tx_buf, tx_buf_tmp,
448 &hif_dev->tx.tx_pending, list) {
449 usb_kill_urb(tx_buf->urb);
450 }
451
452 usb_kill_anchored_urbs(&hif_dev->mgmt_submitted);
453 }
454
455 static int hif_usb_send(void *hif_handle, u8 pipe_id, struct sk_buff *skb)
456 {
457 struct hif_device_usb *hif_dev = (struct hif_device_usb *)hif_handle;
458 int ret = 0;
459
460 switch (pipe_id) {
461 case USB_WLAN_TX_PIPE:
462 ret = hif_usb_send_tx(hif_dev, skb);
463 break;
464 case USB_REG_OUT_PIPE:
465 ret = hif_usb_send_regout(hif_dev, skb);
466 break;
467 default:
468 dev_err(&hif_dev->udev->dev,
469 "ath9k_htc: Invalid TX pipe: %d\n", pipe_id);
470 ret = -EINVAL;
471 break;
472 }
473
474 return ret;
475 }
476
477 static inline bool check_index(struct sk_buff *skb, u8 idx)
478 {
479 struct ath9k_htc_tx_ctl *tx_ctl;
480
481 tx_ctl = HTC_SKB_CB(skb);
482
483 if ((tx_ctl->type == ATH9K_HTC_AMPDU) &&
484 (tx_ctl->sta_idx == idx))
485 return true;
486
487 return false;
488 }
489
490 static void hif_usb_sta_drain(void *hif_handle, u8 idx)
491 {
492 struct hif_device_usb *hif_dev = (struct hif_device_usb *)hif_handle;
493 struct sk_buff *skb, *tmp;
494 unsigned long flags;
495
496 spin_lock_irqsave(&hif_dev->tx.tx_lock, flags);
497
498 skb_queue_walk_safe(&hif_dev->tx.tx_skb_queue, skb, tmp) {
499 if (check_index(skb, idx)) {
500 __skb_unlink(skb, &hif_dev->tx.tx_skb_queue);
501 ath9k_htc_txcompletion_cb(hif_dev->htc_handle,
502 skb, false);
503 hif_dev->tx.tx_skb_cnt--;
504 TX_STAT_INC(skb_failed);
505 }
506 }
507
508 spin_unlock_irqrestore(&hif_dev->tx.tx_lock, flags);
509 }
510
511 static struct ath9k_htc_hif hif_usb = {
512 .transport = ATH9K_HIF_USB,
513 .name = "ath9k_hif_usb",
514
515 .control_ul_pipe = USB_REG_OUT_PIPE,
516 .control_dl_pipe = USB_REG_IN_PIPE,
517
518 .start = hif_usb_start,
519 .stop = hif_usb_stop,
520 .sta_drain = hif_usb_sta_drain,
521 .send = hif_usb_send,
522 };
523
524 static void ath9k_hif_usb_rx_stream(struct hif_device_usb *hif_dev,
525 struct sk_buff *skb)
526 {
527 struct sk_buff *nskb, *skb_pool[MAX_PKT_NUM_IN_TRANSFER];
528 int index = 0, i = 0, len = skb->len;
529 int rx_remain_len, rx_pkt_len;
530 u16 pool_index = 0;
531 u8 *ptr;
532
533 spin_lock(&hif_dev->rx_lock);
534
535 rx_remain_len = hif_dev->rx_remain_len;
536 rx_pkt_len = hif_dev->rx_transfer_len;
537
538 if (rx_remain_len != 0) {
539 struct sk_buff *remain_skb = hif_dev->remain_skb;
540
541 if (remain_skb) {
542 ptr = (u8 *) remain_skb->data;
543
544 index = rx_remain_len;
545 rx_remain_len -= hif_dev->rx_pad_len;
546 ptr += rx_pkt_len;
547
548 memcpy(ptr, skb->data, rx_remain_len);
549
550 rx_pkt_len += rx_remain_len;
551 hif_dev->rx_remain_len = 0;
552 skb_put(remain_skb, rx_pkt_len);
553
554 skb_pool[pool_index++] = remain_skb;
555
556 } else {
557 index = rx_remain_len;
558 }
559 }
560
561 spin_unlock(&hif_dev->rx_lock);
562
563 while (index < len) {
564 u16 pkt_len;
565 u16 pkt_tag;
566 u16 pad_len;
567 int chk_idx;
568
569 ptr = (u8 *) skb->data;
570
571 pkt_len = get_unaligned_le16(ptr + index);
572 pkt_tag = get_unaligned_le16(ptr + index + 2);
573
574 if (pkt_tag != ATH_USB_RX_STREAM_MODE_TAG) {
575 RX_STAT_INC(skb_dropped);
576 return;
577 }
578
579 pad_len = 4 - (pkt_len & 0x3);
580 if (pad_len == 4)
581 pad_len = 0;
582
583 chk_idx = index;
584 index = index + 4 + pkt_len + pad_len;
585
586 if (index > MAX_RX_BUF_SIZE) {
587 spin_lock(&hif_dev->rx_lock);
588 hif_dev->rx_remain_len = index - MAX_RX_BUF_SIZE;
589 hif_dev->rx_transfer_len =
590 MAX_RX_BUF_SIZE - chk_idx - 4;
591 hif_dev->rx_pad_len = pad_len;
592
593 nskb = __dev_alloc_skb(pkt_len + 32, GFP_ATOMIC);
594 if (!nskb) {
595 dev_err(&hif_dev->udev->dev,
596 "ath9k_htc: RX memory allocation error\n");
597 spin_unlock(&hif_dev->rx_lock);
598 goto err;
599 }
600 skb_reserve(nskb, 32);
601 RX_STAT_INC(skb_allocated);
602
603 memcpy(nskb->data, &(skb->data[chk_idx+4]),
604 hif_dev->rx_transfer_len);
605
606 /* Record the buffer pointer */
607 hif_dev->remain_skb = nskb;
608 spin_unlock(&hif_dev->rx_lock);
609 } else {
610 nskb = __dev_alloc_skb(pkt_len + 32, GFP_ATOMIC);
611 if (!nskb) {
612 dev_err(&hif_dev->udev->dev,
613 "ath9k_htc: RX memory allocation error\n");
614 goto err;
615 }
616 skb_reserve(nskb, 32);
617 RX_STAT_INC(skb_allocated);
618
619 memcpy(nskb->data, &(skb->data[chk_idx+4]), pkt_len);
620 skb_put(nskb, pkt_len);
621 skb_pool[pool_index++] = nskb;
622 }
623 }
624
625 err:
626 for (i = 0; i < pool_index; i++) {
627 RX_STAT_ADD(skb_completed_bytes, skb_pool[i]->len);
628 ath9k_htc_rx_msg(hif_dev->htc_handle, skb_pool[i],
629 skb_pool[i]->len, USB_WLAN_RX_PIPE);
630 RX_STAT_INC(skb_completed);
631 }
632 }
633
634 static void ath9k_hif_usb_rx_cb(struct urb *urb)
635 {
636 struct sk_buff *skb = (struct sk_buff *) urb->context;
637 struct hif_device_usb *hif_dev =
638 usb_get_intfdata(usb_ifnum_to_if(urb->dev, 0));
639 int ret;
640
641 if (!skb)
642 return;
643
644 if (!hif_dev)
645 goto free;
646
647 switch (urb->status) {
648 case 0:
649 break;
650 case -ENOENT:
651 case -ECONNRESET:
652 case -ENODEV:
653 case -ESHUTDOWN:
654 goto free;
655 default:
656 goto resubmit;
657 }
658
659 if (likely(urb->actual_length != 0)) {
660 skb_put(skb, urb->actual_length);
661 ath9k_hif_usb_rx_stream(hif_dev, skb);
662 }
663
664 resubmit:
665 skb_reset_tail_pointer(skb);
666 skb_trim(skb, 0);
667
668 usb_anchor_urb(urb, &hif_dev->rx_submitted);
669 ret = usb_submit_urb(urb, GFP_ATOMIC);
670 if (ret) {
671 usb_unanchor_urb(urb);
672 goto free;
673 }
674
675 return;
676 free:
677 kfree_skb(skb);
678 }
679
680 static void ath9k_hif_usb_reg_in_cb(struct urb *urb)
681 {
682 struct sk_buff *skb = (struct sk_buff *) urb->context;
683 struct sk_buff *nskb;
684 struct hif_device_usb *hif_dev =
685 usb_get_intfdata(usb_ifnum_to_if(urb->dev, 0));
686 int ret;
687
688 if (!skb)
689 return;
690
691 if (!hif_dev)
692 goto free;
693
694 switch (urb->status) {
695 case 0:
696 break;
697 case -ENOENT:
698 case -ECONNRESET:
699 case -ENODEV:
700 case -ESHUTDOWN:
701 goto free;
702 default:
703 skb_reset_tail_pointer(skb);
704 skb_trim(skb, 0);
705
706 goto resubmit;
707 }
708
709 if (likely(urb->actual_length != 0)) {
710 skb_put(skb, urb->actual_length);
711
712 /* Process the command first */
713 ath9k_htc_rx_msg(hif_dev->htc_handle, skb,
714 skb->len, USB_REG_IN_PIPE);
715
716
717 nskb = alloc_skb(MAX_REG_IN_BUF_SIZE, GFP_ATOMIC);
718 if (!nskb) {
719 dev_err(&hif_dev->udev->dev,
720 "ath9k_htc: REG_IN memory allocation failure\n");
721 urb->context = NULL;
722 return;
723 }
724
725 usb_fill_int_urb(urb, hif_dev->udev,
726 usb_rcvintpipe(hif_dev->udev,
727 USB_REG_IN_PIPE),
728 nskb->data, MAX_REG_IN_BUF_SIZE,
729 ath9k_hif_usb_reg_in_cb, nskb, 1);
730 }
731
732 resubmit:
733 usb_anchor_urb(urb, &hif_dev->reg_in_submitted);
734 ret = usb_submit_urb(urb, GFP_ATOMIC);
735 if (ret) {
736 usb_unanchor_urb(urb);
737 goto free;
738 }
739
740 return;
741 free:
742 kfree_skb(skb);
743 urb->context = NULL;
744 }
745
746 static void ath9k_hif_usb_dealloc_tx_urbs(struct hif_device_usb *hif_dev)
747 {
748 struct tx_buf *tx_buf = NULL, *tx_buf_tmp = NULL;
749 unsigned long flags;
750
751 list_for_each_entry_safe(tx_buf, tx_buf_tmp,
752 &hif_dev->tx.tx_buf, list) {
753 usb_kill_urb(tx_buf->urb);
754 list_del(&tx_buf->list);
755 usb_free_urb(tx_buf->urb);
756 kfree(tx_buf->buf);
757 kfree(tx_buf);
758 }
759
760 spin_lock_irqsave(&hif_dev->tx.tx_lock, flags);
761 hif_dev->tx.flags |= HIF_USB_TX_FLUSH;
762 spin_unlock_irqrestore(&hif_dev->tx.tx_lock, flags);
763
764 list_for_each_entry_safe(tx_buf, tx_buf_tmp,
765 &hif_dev->tx.tx_pending, list) {
766 usb_kill_urb(tx_buf->urb);
767 list_del(&tx_buf->list);
768 usb_free_urb(tx_buf->urb);
769 kfree(tx_buf->buf);
770 kfree(tx_buf);
771 }
772
773 usb_kill_anchored_urbs(&hif_dev->mgmt_submitted);
774 }
775
776 static int ath9k_hif_usb_alloc_tx_urbs(struct hif_device_usb *hif_dev)
777 {
778 struct tx_buf *tx_buf;
779 int i;
780
781 INIT_LIST_HEAD(&hif_dev->tx.tx_buf);
782 INIT_LIST_HEAD(&hif_dev->tx.tx_pending);
783 spin_lock_init(&hif_dev->tx.tx_lock);
784 __skb_queue_head_init(&hif_dev->tx.tx_skb_queue);
785 init_usb_anchor(&hif_dev->mgmt_submitted);
786
787 for (i = 0; i < MAX_TX_URB_NUM; i++) {
788 tx_buf = kzalloc(sizeof(struct tx_buf), GFP_KERNEL);
789 if (!tx_buf)
790 goto err;
791
792 tx_buf->buf = kzalloc(MAX_TX_BUF_SIZE, GFP_KERNEL);
793 if (!tx_buf->buf)
794 goto err;
795
796 tx_buf->urb = usb_alloc_urb(0, GFP_KERNEL);
797 if (!tx_buf->urb)
798 goto err;
799
800 tx_buf->hif_dev = hif_dev;
801 __skb_queue_head_init(&tx_buf->skb_queue);
802
803 list_add_tail(&tx_buf->list, &hif_dev->tx.tx_buf);
804 }
805
806 hif_dev->tx.tx_buf_cnt = MAX_TX_URB_NUM;
807
808 return 0;
809 err:
810 if (tx_buf) {
811 kfree(tx_buf->buf);
812 kfree(tx_buf);
813 }
814 ath9k_hif_usb_dealloc_tx_urbs(hif_dev);
815 return -ENOMEM;
816 }
817
818 static void ath9k_hif_usb_dealloc_rx_urbs(struct hif_device_usb *hif_dev)
819 {
820 usb_kill_anchored_urbs(&hif_dev->rx_submitted);
821 }
822
823 static int ath9k_hif_usb_alloc_rx_urbs(struct hif_device_usb *hif_dev)
824 {
825 struct urb *urb = NULL;
826 struct sk_buff *skb = NULL;
827 int i, ret;
828
829 init_usb_anchor(&hif_dev->rx_submitted);
830 spin_lock_init(&hif_dev->rx_lock);
831
832 for (i = 0; i < MAX_RX_URB_NUM; i++) {
833
834 /* Allocate URB */
835 urb = usb_alloc_urb(0, GFP_KERNEL);
836 if (urb == NULL) {
837 ret = -ENOMEM;
838 goto err_urb;
839 }
840
841 /* Allocate buffer */
842 skb = alloc_skb(MAX_RX_BUF_SIZE, GFP_KERNEL);
843 if (!skb) {
844 ret = -ENOMEM;
845 goto err_skb;
846 }
847
848 usb_fill_bulk_urb(urb, hif_dev->udev,
849 usb_rcvbulkpipe(hif_dev->udev,
850 USB_WLAN_RX_PIPE),
851 skb->data, MAX_RX_BUF_SIZE,
852 ath9k_hif_usb_rx_cb, skb);
853
854 /* Anchor URB */
855 usb_anchor_urb(urb, &hif_dev->rx_submitted);
856
857 /* Submit URB */
858 ret = usb_submit_urb(urb, GFP_KERNEL);
859 if (ret) {
860 usb_unanchor_urb(urb);
861 goto err_submit;
862 }
863
864 /*
865 * Drop reference count.
866 * This ensures that the URB is freed when killing them.
867 */
868 usb_free_urb(urb);
869 }
870
871 return 0;
872
873 err_submit:
874 kfree_skb(skb);
875 err_skb:
876 usb_free_urb(urb);
877 err_urb:
878 ath9k_hif_usb_dealloc_rx_urbs(hif_dev);
879 return ret;
880 }
881
882 static void ath9k_hif_usb_dealloc_reg_in_urbs(struct hif_device_usb *hif_dev)
883 {
884 usb_kill_anchored_urbs(&hif_dev->reg_in_submitted);
885 }
886
887 static int ath9k_hif_usb_alloc_reg_in_urbs(struct hif_device_usb *hif_dev)
888 {
889 struct urb *urb = NULL;
890 struct sk_buff *skb = NULL;
891 int i, ret;
892
893 init_usb_anchor(&hif_dev->reg_in_submitted);
894
895 for (i = 0; i < MAX_REG_IN_URB_NUM; i++) {
896
897 /* Allocate URB */
898 urb = usb_alloc_urb(0, GFP_KERNEL);
899 if (urb == NULL) {
900 ret = -ENOMEM;
901 goto err_urb;
902 }
903
904 /* Allocate buffer */
905 skb = alloc_skb(MAX_REG_IN_BUF_SIZE, GFP_KERNEL);
906 if (!skb) {
907 ret = -ENOMEM;
908 goto err_skb;
909 }
910
911 usb_fill_int_urb(urb, hif_dev->udev,
912 usb_rcvintpipe(hif_dev->udev,
913 USB_REG_IN_PIPE),
914 skb->data, MAX_REG_IN_BUF_SIZE,
915 ath9k_hif_usb_reg_in_cb, skb, 1);
916
917 /* Anchor URB */
918 usb_anchor_urb(urb, &hif_dev->reg_in_submitted);
919
920 /* Submit URB */
921 ret = usb_submit_urb(urb, GFP_KERNEL);
922 if (ret) {
923 usb_unanchor_urb(urb);
924 goto err_submit;
925 }
926
927 /*
928 * Drop reference count.
929 * This ensures that the URB is freed when killing them.
930 */
931 usb_free_urb(urb);
932 }
933
934 return 0;
935
936 err_submit:
937 kfree_skb(skb);
938 err_skb:
939 usb_free_urb(urb);
940 err_urb:
941 ath9k_hif_usb_dealloc_reg_in_urbs(hif_dev);
942 return ret;
943 }
944
945 static int ath9k_hif_usb_alloc_urbs(struct hif_device_usb *hif_dev)
946 {
947 /* Register Write */
948 init_usb_anchor(&hif_dev->regout_submitted);
949
950 /* TX */
951 if (ath9k_hif_usb_alloc_tx_urbs(hif_dev) < 0)
952 goto err;
953
954 /* RX */
955 if (ath9k_hif_usb_alloc_rx_urbs(hif_dev) < 0)
956 goto err_rx;
957
958 /* Register Read */
959 if (ath9k_hif_usb_alloc_reg_in_urbs(hif_dev) < 0)
960 goto err_reg;
961
962 return 0;
963 err_reg:
964 ath9k_hif_usb_dealloc_rx_urbs(hif_dev);
965 err_rx:
966 ath9k_hif_usb_dealloc_tx_urbs(hif_dev);
967 err:
968 return -ENOMEM;
969 }
970
971 static void ath9k_hif_usb_dealloc_urbs(struct hif_device_usb *hif_dev)
972 {
973 usb_kill_anchored_urbs(&hif_dev->regout_submitted);
974 ath9k_hif_usb_dealloc_reg_in_urbs(hif_dev);
975 ath9k_hif_usb_dealloc_tx_urbs(hif_dev);
976 ath9k_hif_usb_dealloc_rx_urbs(hif_dev);
977 }
978
979 static int ath9k_hif_usb_download_fw(struct hif_device_usb *hif_dev)
980 {
981 int transfer, err;
982 const void *data = hif_dev->fw_data;
983 size_t len = hif_dev->fw_size;
984 u32 addr = AR9271_FIRMWARE;
985 u8 *buf = kzalloc(4096, GFP_KERNEL);
986 u32 firm_offset;
987
988 if (!buf)
989 return -ENOMEM;
990
991 while (len) {
992 transfer = min_t(size_t, len, 4096);
993 memcpy(buf, data, transfer);
994
995 err = usb_control_msg(hif_dev->udev,
996 usb_sndctrlpipe(hif_dev->udev, 0),
997 FIRMWARE_DOWNLOAD, 0x40 | USB_DIR_OUT,
998 addr >> 8, 0, buf, transfer, HZ);
999 if (err < 0) {
1000 kfree(buf);
1001 return err;
1002 }
1003
1004 len -= transfer;
1005 data += transfer;
1006 addr += transfer;
1007 }
1008 kfree(buf);
1009
1010 if (IS_AR7010_DEVICE(hif_dev->usb_device_id->driver_info))
1011 firm_offset = AR7010_FIRMWARE_TEXT;
1012 else
1013 firm_offset = AR9271_FIRMWARE_TEXT;
1014
1015 /*
1016 * Issue FW download complete command to firmware.
1017 */
1018 err = usb_control_msg(hif_dev->udev, usb_sndctrlpipe(hif_dev->udev, 0),
1019 FIRMWARE_DOWNLOAD_COMP,
1020 0x40 | USB_DIR_OUT,
1021 firm_offset >> 8, 0, NULL, 0, HZ);
1022 if (err)
1023 return -EIO;
1024
1025 dev_info(&hif_dev->udev->dev, "ath9k_htc: Transferred FW: %s, size: %ld\n",
1026 hif_dev->fw_name, (unsigned long) hif_dev->fw_size);
1027
1028 return 0;
1029 }
1030
1031 static int ath9k_hif_usb_dev_init(struct hif_device_usb *hif_dev)
1032 {
1033 int ret;
1034
1035 ret = ath9k_hif_usb_download_fw(hif_dev);
1036 if (ret) {
1037 dev_err(&hif_dev->udev->dev,
1038 "ath9k_htc: Firmware - %s download failed\n",
1039 hif_dev->fw_name);
1040 return ret;
1041 }
1042
1043 /* Alloc URBs */
1044 ret = ath9k_hif_usb_alloc_urbs(hif_dev);
1045 if (ret) {
1046 dev_err(&hif_dev->udev->dev,
1047 "ath9k_htc: Unable to allocate URBs\n");
1048 return ret;
1049 }
1050
1051 return 0;
1052 }
1053
1054 static void ath9k_hif_usb_dev_deinit(struct hif_device_usb *hif_dev)
1055 {
1056 ath9k_hif_usb_dealloc_urbs(hif_dev);
1057 }
1058
1059 /*
1060 * If initialization fails or the FW cannot be retrieved,
1061 * detach the device.
1062 */
1063 static void ath9k_hif_usb_firmware_fail(struct hif_device_usb *hif_dev)
1064 {
1065 struct device *dev = &hif_dev->udev->dev;
1066 struct device *parent = dev->parent;
1067
1068 complete_all(&hif_dev->fw_done);
1069
1070 if (parent)
1071 device_lock(parent);
1072
1073 device_release_driver(dev);
1074
1075 if (parent)
1076 device_unlock(parent);
1077 }
1078
1079 static void ath9k_hif_usb_firmware_cb(const struct firmware *fw, void *context);
1080
1081 /* taken from iwlwifi */
1082 static int ath9k_hif_request_firmware(struct hif_device_usb *hif_dev,
1083 bool first)
1084 {
1085 char index[8], *chip;
1086 int ret;
1087
1088 if (first) {
1089 if (htc_use_dev_fw) {
1090 hif_dev->fw_minor_index = FIRMWARE_MINOR_IDX_MAX + 1;
1091 sprintf(index, "%s", "dev");
1092 } else {
1093 hif_dev->fw_minor_index = FIRMWARE_MINOR_IDX_MAX;
1094 sprintf(index, "%d", hif_dev->fw_minor_index);
1095 }
1096 } else {
1097 hif_dev->fw_minor_index--;
1098 sprintf(index, "%d", hif_dev->fw_minor_index);
1099 }
1100
1101 /* test for FW 1.3 */
1102 if (MAJOR_VERSION_REQ == 1 && hif_dev->fw_minor_index == 3) {
1103 const char *filename;
1104
1105 if (IS_AR7010_DEVICE(hif_dev->usb_device_id->driver_info))
1106 filename = FIRMWARE_AR7010_1_1;
1107 else
1108 filename = FIRMWARE_AR9271;
1109
1110 /* expected fw locations:
1111 * - htc_9271.fw (stable version 1.3, depricated)
1112 */
1113 snprintf(hif_dev->fw_name, sizeof(hif_dev->fw_name),
1114 "%s", filename);
1115
1116 } else if (hif_dev->fw_minor_index < FIRMWARE_MINOR_IDX_MIN) {
1117 dev_err(&hif_dev->udev->dev, "no suitable firmware found!\n");
1118
1119 return -ENOENT;
1120 } else {
1121 if (IS_AR7010_DEVICE(hif_dev->usb_device_id->driver_info))
1122 chip = "7010";
1123 else
1124 chip = "9271";
1125
1126 /* expected fw locations:
1127 * - ath9k_htc/htc_9271-1.dev.0.fw (development version)
1128 * - ath9k_htc/htc_9271-1.4.0.fw (stable version)
1129 */
1130 snprintf(hif_dev->fw_name, sizeof(hif_dev->fw_name),
1131 "%s/htc_%s-%d.%s.0.fw", HTC_FW_PATH,
1132 chip, MAJOR_VERSION_REQ, index);
1133 }
1134
1135 ret = request_firmware_nowait(THIS_MODULE, true, hif_dev->fw_name,
1136 &hif_dev->udev->dev, GFP_KERNEL,
1137 hif_dev, ath9k_hif_usb_firmware_cb);
1138 if (ret) {
1139 dev_err(&hif_dev->udev->dev,
1140 "ath9k_htc: Async request for firmware %s failed\n",
1141 hif_dev->fw_name);
1142 return ret;
1143 }
1144
1145 dev_info(&hif_dev->udev->dev, "ath9k_htc: Firmware %s requested\n",
1146 hif_dev->fw_name);
1147
1148 return ret;
1149 }
1150
1151 static void ath9k_hif_usb_firmware_cb(const struct firmware *fw, void *context)
1152 {
1153 struct hif_device_usb *hif_dev = context;
1154 int ret;
1155
1156 if (!fw) {
1157 ret = ath9k_hif_request_firmware(hif_dev, false);
1158 if (!ret)
1159 return;
1160
1161 dev_err(&hif_dev->udev->dev,
1162 "ath9k_htc: Failed to get firmware %s\n",
1163 hif_dev->fw_name);
1164 goto err_fw;
1165 }
1166
1167 hif_dev->htc_handle = ath9k_htc_hw_alloc(hif_dev, &hif_usb,
1168 &hif_dev->udev->dev);
1169 if (hif_dev->htc_handle == NULL)
1170 goto err_dev_alloc;
1171
1172 hif_dev->fw_data = fw->data;
1173 hif_dev->fw_size = fw->size;
1174
1175 /* Proceed with initialization */
1176
1177 ret = ath9k_hif_usb_dev_init(hif_dev);
1178 if (ret)
1179 goto err_dev_init;
1180
1181 ret = ath9k_htc_hw_init(hif_dev->htc_handle,
1182 &hif_dev->interface->dev,
1183 hif_dev->usb_device_id->idProduct,
1184 hif_dev->udev->product,
1185 hif_dev->usb_device_id->driver_info);
1186 if (ret) {
1187 ret = -EINVAL;
1188 goto err_htc_hw_init;
1189 }
1190
1191 release_firmware(fw);
1192 hif_dev->flags |= HIF_USB_READY;
1193 complete_all(&hif_dev->fw_done);
1194
1195 return;
1196
1197 err_htc_hw_init:
1198 ath9k_hif_usb_dev_deinit(hif_dev);
1199 err_dev_init:
1200 ath9k_htc_hw_free(hif_dev->htc_handle);
1201 err_dev_alloc:
1202 release_firmware(fw);
1203 err_fw:
1204 ath9k_hif_usb_firmware_fail(hif_dev);
1205 }
1206
1207 /*
1208 * An exact copy of the function from zd1211rw.
1209 */
1210 static int send_eject_command(struct usb_interface *interface)
1211 {
1212 struct usb_device *udev = interface_to_usbdev(interface);
1213 struct usb_host_interface *iface_desc = &interface->altsetting[0];
1214 struct usb_endpoint_descriptor *endpoint;
1215 unsigned char *cmd;
1216 u8 bulk_out_ep;
1217 int r;
1218
1219 /* Find bulk out endpoint */
1220 for (r = 1; r >= 0; r--) {
1221 endpoint = &iface_desc->endpoint[r].desc;
1222 if (usb_endpoint_dir_out(endpoint) &&
1223 usb_endpoint_xfer_bulk(endpoint)) {
1224 bulk_out_ep = endpoint->bEndpointAddress;
1225 break;
1226 }
1227 }
1228 if (r == -1) {
1229 dev_err(&udev->dev,
1230 "ath9k_htc: Could not find bulk out endpoint\n");
1231 return -ENODEV;
1232 }
1233
1234 cmd = kzalloc(31, GFP_KERNEL);
1235 if (cmd == NULL)
1236 return -ENODEV;
1237
1238 /* USB bulk command block */
1239 cmd[0] = 0x55; /* bulk command signature */
1240 cmd[1] = 0x53; /* bulk command signature */
1241 cmd[2] = 0x42; /* bulk command signature */
1242 cmd[3] = 0x43; /* bulk command signature */
1243 cmd[14] = 6; /* command length */
1244
1245 cmd[15] = 0x1b; /* SCSI command: START STOP UNIT */
1246 cmd[19] = 0x2; /* eject disc */
1247
1248 dev_info(&udev->dev, "Ejecting storage device...\n");
1249 r = usb_bulk_msg(udev, usb_sndbulkpipe(udev, bulk_out_ep),
1250 cmd, 31, NULL, 2000);
1251 kfree(cmd);
1252 if (r)
1253 return r;
1254
1255 /* At this point, the device disconnects and reconnects with the real
1256 * ID numbers. */
1257
1258 usb_set_intfdata(interface, NULL);
1259 return 0;
1260 }
1261
1262 static int ath9k_hif_usb_probe(struct usb_interface *interface,
1263 const struct usb_device_id *id)
1264 {
1265 struct usb_device *udev = interface_to_usbdev(interface);
1266 struct hif_device_usb *hif_dev;
1267 int ret = 0;
1268
1269 if (id->driver_info == STORAGE_DEVICE)
1270 return send_eject_command(interface);
1271
1272 hif_dev = kzalloc(sizeof(struct hif_device_usb), GFP_KERNEL);
1273 if (!hif_dev) {
1274 ret = -ENOMEM;
1275 goto err_alloc;
1276 }
1277
1278 usb_get_dev(udev);
1279
1280 hif_dev->udev = udev;
1281 hif_dev->interface = interface;
1282 hif_dev->usb_device_id = id;
1283 #ifdef CONFIG_PM
1284 udev->reset_resume = 1;
1285 #endif
1286 usb_set_intfdata(interface, hif_dev);
1287
1288 init_completion(&hif_dev->fw_done);
1289
1290 ret = ath9k_hif_request_firmware(hif_dev, true);
1291 if (ret)
1292 goto err_fw_req;
1293
1294 return ret;
1295
1296 err_fw_req:
1297 usb_set_intfdata(interface, NULL);
1298 kfree(hif_dev);
1299 usb_put_dev(udev);
1300 err_alloc:
1301 return ret;
1302 }
1303
1304 static void ath9k_hif_usb_reboot(struct usb_device *udev)
1305 {
1306 u32 reboot_cmd = 0xffffffff;
1307 void *buf;
1308 int ret;
1309
1310 buf = kmemdup(&reboot_cmd, 4, GFP_KERNEL);
1311 if (!buf)
1312 return;
1313
1314 ret = usb_interrupt_msg(udev, usb_sndintpipe(udev, USB_REG_OUT_PIPE),
1315 buf, 4, NULL, HZ);
1316 if (ret)
1317 dev_err(&udev->dev, "ath9k_htc: USB reboot failed\n");
1318
1319 kfree(buf);
1320 }
1321
1322 static void ath9k_hif_usb_disconnect(struct usb_interface *interface)
1323 {
1324 struct usb_device *udev = interface_to_usbdev(interface);
1325 struct hif_device_usb *hif_dev = usb_get_intfdata(interface);
1326 bool unplugged = (udev->state == USB_STATE_NOTATTACHED) ? true : false;
1327
1328 if (!hif_dev)
1329 return;
1330
1331 wait_for_completion(&hif_dev->fw_done);
1332
1333 if (hif_dev->flags & HIF_USB_READY) {
1334 ath9k_htc_hw_deinit(hif_dev->htc_handle, unplugged);
1335 ath9k_htc_hw_free(hif_dev->htc_handle);
1336 ath9k_hif_usb_dev_deinit(hif_dev);
1337 }
1338
1339 usb_set_intfdata(interface, NULL);
1340
1341 /* If firmware was loaded we should drop it
1342 * go back to first stage bootloader. */
1343 if (!unplugged && (hif_dev->flags & HIF_USB_READY))
1344 ath9k_hif_usb_reboot(udev);
1345
1346 kfree(hif_dev);
1347 dev_info(&udev->dev, "ath9k_htc: USB layer deinitialized\n");
1348 usb_put_dev(udev);
1349 }
1350
1351 #ifdef CONFIG_PM
1352 static int ath9k_hif_usb_suspend(struct usb_interface *interface,
1353 pm_message_t message)
1354 {
1355 struct hif_device_usb *hif_dev = usb_get_intfdata(interface);
1356
1357 /*
1358 * The device has to be set to FULLSLEEP mode in case no
1359 * interface is up.
1360 */
1361 if (!(hif_dev->flags & HIF_USB_START))
1362 ath9k_htc_suspend(hif_dev->htc_handle);
1363
1364 wait_for_completion(&hif_dev->fw_done);
1365
1366 if (hif_dev->flags & HIF_USB_READY)
1367 ath9k_hif_usb_dealloc_urbs(hif_dev);
1368
1369 return 0;
1370 }
1371
1372 static int ath9k_hif_usb_resume(struct usb_interface *interface)
1373 {
1374 struct hif_device_usb *hif_dev = usb_get_intfdata(interface);
1375 struct htc_target *htc_handle = hif_dev->htc_handle;
1376 int ret;
1377 const struct firmware *fw;
1378
1379 ret = ath9k_hif_usb_alloc_urbs(hif_dev);
1380 if (ret)
1381 return ret;
1382
1383 if (hif_dev->flags & HIF_USB_READY) {
1384 /* request cached firmware during suspend/resume cycle */
1385 ret = request_firmware(&fw, hif_dev->fw_name,
1386 &hif_dev->udev->dev);
1387 if (ret)
1388 goto fail_resume;
1389
1390 hif_dev->fw_data = fw->data;
1391 hif_dev->fw_size = fw->size;
1392 ret = ath9k_hif_usb_download_fw(hif_dev);
1393 release_firmware(fw);
1394 if (ret)
1395 goto fail_resume;
1396 } else {
1397 ath9k_hif_usb_dealloc_urbs(hif_dev);
1398 return -EIO;
1399 }
1400
1401 mdelay(100);
1402
1403 ret = ath9k_htc_resume(htc_handle);
1404
1405 if (ret)
1406 goto fail_resume;
1407
1408 return 0;
1409
1410 fail_resume:
1411 ath9k_hif_usb_dealloc_urbs(hif_dev);
1412
1413 return ret;
1414 }
1415 #endif
1416
1417 static struct usb_driver ath9k_hif_usb_driver = {
1418 .name = KBUILD_MODNAME,
1419 .probe = ath9k_hif_usb_probe,
1420 .disconnect = ath9k_hif_usb_disconnect,
1421 #ifdef CONFIG_PM
1422 .suspend = ath9k_hif_usb_suspend,
1423 .resume = ath9k_hif_usb_resume,
1424 .reset_resume = ath9k_hif_usb_resume,
1425 #endif
1426 .id_table = ath9k_hif_usb_ids,
1427 .soft_unbind = 1,
1428 .disable_hub_initiated_lpm = 1,
1429 };
1430
1431 int ath9k_hif_usb_init(void)
1432 {
1433 return usb_register(&ath9k_hif_usb_driver);
1434 }
1435
1436 void ath9k_hif_usb_exit(void)
1437 {
1438 usb_deregister(&ath9k_hif_usb_driver);
1439 } 1
2 #include <linux/kernel.h>
3 #include <linux/mutex.h>
4 #include <linux/spinlock.h>
5 #include <linux/errno.h>
6 #include <verifier/rcv.h>
7 #include <linux/list.h>
8
9 /* mutexes */
10 extern int mutex_lock_interruptible(struct mutex *lock);
11 extern int mutex_lock_killable(struct mutex *lock);
12 extern void mutex_lock(struct mutex *lock);
13
14 /* mutex model functions */
15 extern void ldv_mutex_lock(struct mutex *lock, char *sign);
16 extern int ldv_mutex_is_locked(struct mutex *lock, char *sign);
17 extern void ldv_mutex_unlock(struct mutex *lock, char *sign);
18
19
20 /* Spin locks */
21 extern void __ldv_spin_lock(spinlock_t *lock);
22 extern void __ldv_spin_unlock(spinlock_t *lock);
23 extern int __ldv_spin_trylock(spinlock_t *lock);
24 extern void __ldv_spin_unlock_wait(spinlock_t *lock);
25 extern void __ldv_spin_can_lock(spinlock_t *lock);
26 extern int __ldv_atomic_dec_and_lock(spinlock_t *lock);
27
28 /* spin model functions */
29 extern void ldv_spin_lock(spinlock_t *lock, char *sign);
30 extern void ldv_spin_unlock(spinlock_t *lock, char *sign);
31 extern int ldv_spin_is_locked(spinlock_t *lock, char *sign);
32
33 /* Support for list binder functions */
34 static inline struct list_head *ldv_list_get_first(struct list_head *head) {
35 return head->next;
36 }
37
38 static inline int ldv_list_is_stop(struct list_head *pos, struct list_head *head) {
39 return pos==head;
40 }
41
42 static inline struct list_head *ldv_list_get_next(struct list_head *pos) {
43 return pos->next;
44 }
45
46 #include <linux/mutex.h>
47 #include <linux/slab.h>
48 #include <verifier/rcv.h>
49 #include <linux/timer.h>
50 #include <linux/rtnetlink.h>
51 #include <linux/gfp.h>
52 extern struct file *fops_xmit_group2;
53 extern int ldv_state_variable_8;
54 extern int ldv_timer_1_3;
55 extern struct ath_common *ath9k_usb_bus_ops_group0;
56 extern struct inode *fops_debug_group1;
57 extern struct inode *fops_queue_group1;
58 extern struct ath_common *ath9k_htc_ps_ops_group0;
59 extern int ldv_state_variable_0;
60 extern int ldv_state_variable_5;
61 extern int ldv_state_variable_13;
62 extern int ldv_state_variable_12;
63 extern struct file *fops_tgt_tx_stats_group2;
64 extern struct file *fops_queue_group2;
65 extern int ldv_state_variable_14;
66 extern int ldv_timer_1_0;
67 extern int ldv_state_variable_9;
68 extern struct inode *fops_tgt_tx_stats_group1;
69 extern struct file *fops_debug_group2;
70 extern int ref_cnt;
71 extern struct mutex key_mtx;
72 extern int ldv_state_variable_1;
73 extern int ldv_state_variable_7;
74 extern struct inode *fops_xmit_group1;
75 extern struct inode *fops_skb_rx_group1;
76 extern struct file *fops_tgt_int_stats_group2;
77 extern struct usb_interface *ath9k_hif_usb_driver_group1;
78 extern struct timer_list * ldv_timer_list_1_3;
79 extern int ldv_state_variable_10;
80 extern struct timer_list * ldv_timer_list_1_1;
81 extern struct timer_list * ldv_timer_list_1_0;
82 extern int ldv_state_variable_6;
83 extern int ldv_timer_1_2;
84 extern int ldv_timer_1_1;
85 extern int ldv_state_variable_2;
86 extern struct timer_list * ldv_timer_list_1_2;
87 extern struct inode *fops_tgt_int_stats_group1;
88 extern struct ieee80211_hw *ath9k_htc_ops_group0;
89 extern int usb_counter;
90 extern int ldv_state_variable_11;
91 extern struct file *fops_slot_group2;
92 extern int LDV_IN_INTERRUPT = 1;
93 extern struct inode *fops_slot_group1;
94 extern struct inode *fops_tgt_rx_stats_group1;
95 extern struct file *fops_tgt_rx_stats_group2;
96 extern struct mutex fs_mutex;
97 extern int ldv_state_variable_3;
98 extern struct mutex ar_mutex;
99 extern struct file *fops_skb_rx_group2;
100 extern int ldv_state_variable_4;
101 extern void ldv_file_operations_7(void);
102 extern void ldv_file_operations_6(void);
103 extern void ldv_file_operations_2(void);
104 extern void activate_pending_timer_1(struct timer_list * timer, unsigned long data, int pending_flag);
105 extern void ldv_initialyze_ath_bus_ops_10(void);
106 extern int evil_hack_12(void);
107 extern void timer_init_1(void);
108 extern void ldv_file_operations_9(void);
109 extern void ldv_usb_driver_13(void);
110 extern void ldv_file_operations_3(void);
111 extern void ldv_file_operations_8(void);
112 extern int reg_timer_1(struct timer_list * timer, void (*function)(unsigned long), unsigned long data);
113 extern void ldv_initialyze_ath_ps_ops_11(void);
114 extern int evil_hack_key_12(void);
115 extern void ldv_initialyze_ieee80211_ops_12(void);
116 extern void disable_suitable_timer_1(struct timer_list * timer);
117 extern void activate_suitable_timer_1(struct timer_list * timer, unsigned long data);
118 extern int evil_hack_fs_lock(void);
119 extern int __VERIFIER_nondet_int(void);
120 extern void ldv_file_operations_5(void);
121 extern void choose_timer_1(void);
122 extern void ldv_timer_1(int state, struct timer_list * timer);
123 extern int evil_hack_ar_lock(void);
124 extern void ldv_file_operations_4(void);
125 #line 1 "/work/ldvuser/andrianov/work/current--X--drivers/net/wireless/ath/ath9k/--X--defaultlinux-4.5-rc7--X--races--X--cpachecker/linux-4.5-rc7/csd_deg_dscv/74/dscv_tempdir/dscv/ri/races/drivers/net/wireless/ath/ath9k/hif_usb.c"
126 /*
127 * Copyright (c) 2010-2011 Atheros Communications Inc.
128 *
129 * Permission to use, copy, modify, and/or distribute this software for any
130 * purpose with or without fee is hereby granted, provided that the above
131 * copyright notice and this permission notice appear in all copies.
132 *
133 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
134 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
135 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
136 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
137 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
138 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
139 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
140 */
141
142 #include <asm/unaligned.h>
143 #include "htc.h"
144
145 MODULE_FIRMWARE(HTC_7010_MODULE_FW);
146 MODULE_FIRMWARE(HTC_9271_MODULE_FW);
147
148 static struct usb_device_id ath9k_hif_usb_ids[] = {
149 { USB_DEVICE(0x0cf3, 0x9271) }, /* Atheros */
150 { USB_DEVICE(0x0cf3, 0x1006) }, /* Atheros */
151 { USB_DEVICE(0x0846, 0x9030) }, /* Netgear N150 */
152 { USB_DEVICE(0x07D1, 0x3A10) }, /* Dlink Wireless 150 */
153 { USB_DEVICE(0x13D3, 0x3327) }, /* Azurewave */
154 { USB_DEVICE(0x13D3, 0x3328) }, /* Azurewave */
155 { USB_DEVICE(0x13D3, 0x3346) }, /* IMC Networks */
156 { USB_DEVICE(0x13D3, 0x3348) }, /* Azurewave */
157 { USB_DEVICE(0x13D3, 0x3349) }, /* Azurewave */
158 { USB_DEVICE(0x13D3, 0x3350) }, /* Azurewave */
159 { USB_DEVICE(0x04CA, 0x4605) }, /* Liteon */
160 { USB_DEVICE(0x040D, 0x3801) }, /* VIA */
161 { USB_DEVICE(0x0cf3, 0xb003) }, /* Ubiquiti WifiStation Ext */
162 { USB_DEVICE(0x0cf3, 0xb002) }, /* Ubiquiti WifiStation */
163 { USB_DEVICE(0x057c, 0x8403) }, /* AVM FRITZ!WLAN 11N v2 USB */
164 { USB_DEVICE(0x0471, 0x209e) }, /* Philips (or NXP) PTA01 */
165
166 { USB_DEVICE(0x0cf3, 0x7015),
167 .driver_info = AR9287_USB }, /* Atheros */
168 { USB_DEVICE(0x1668, 0x1200),
169 .driver_info = AR9287_USB }, /* Verizon */
170
171 { USB_DEVICE(0x0cf3, 0x7010),
172 .driver_info = AR9280_USB }, /* Atheros */
173 { USB_DEVICE(0x0846, 0x9018),
174 .driver_info = AR9280_USB }, /* Netgear WNDA3200 */
175 { USB_DEVICE(0x083A, 0xA704),
176 .driver_info = AR9280_USB }, /* SMC Networks */
177 { USB_DEVICE(0x0411, 0x017f),
178 .driver_info = AR9280_USB }, /* Sony UWA-BR100 */
179 { USB_DEVICE(0x0411, 0x0197),
180 .driver_info = AR9280_USB }, /* Buffalo WLI-UV-AG300P */
181 { USB_DEVICE(0x04da, 0x3904),
182 .driver_info = AR9280_USB },
183
184 { USB_DEVICE(0x0cf3, 0x20ff),
185 .driver_info = STORAGE_DEVICE },
186
187 { },
188 };
189
190 MODULE_DEVICE_TABLE(usb, ath9k_hif_usb_ids);
191
192 static int __hif_usb_tx(struct hif_device_usb *hif_dev);
193
194 static void hif_usb_regout_cb(struct urb *urb)
195 {
196 struct cmd_buf *cmd = (struct cmd_buf *)urb->context;
197
198 switch (urb->status) {
199 case 0:
200 break;
201 case -ENOENT:
202 case -ECONNRESET:
203 case -ENODEV:
204 case -ESHUTDOWN:
205 goto free;
206 default:
207 break;
208 }
209
210 if (cmd) {
211 ath9k_htc_txcompletion_cb(cmd->hif_dev->htc_handle,
212 cmd->skb, true);
213 kfree(cmd);
214 }
215
216 return;
217 free:
218 kfree_skb(cmd->skb);
219 kfree(cmd);
220 }
221
222 static int hif_usb_send_regout(struct hif_device_usb *hif_dev,
223 struct sk_buff *skb)
224 {
225 struct urb *urb;
226 struct cmd_buf *cmd;
227 int ret = 0;
228
229 urb = usb_alloc_urb(0, GFP_KERNEL);
230 if (urb == NULL)
231 return -ENOMEM;
232
233 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
234 if (cmd == NULL) {
235 usb_free_urb(urb);
236 return -ENOMEM;
237 }
238
239 cmd->skb = skb;
240 cmd->hif_dev = hif_dev;
241
242 usb_fill_int_urb(urb, hif_dev->udev,
243 usb_sndintpipe(hif_dev->udev, USB_REG_OUT_PIPE),
244 skb->data, skb->len,
245 hif_usb_regout_cb, cmd, 1);
246
247 usb_anchor_urb(urb, &hif_dev->regout_submitted);
248 ret = usb_submit_urb(urb, GFP_KERNEL);
249 if (ret) {
250 usb_unanchor_urb(urb);
251 kfree(cmd);
252 }
253 usb_free_urb(urb);
254
255 return ret;
256 }
257
258 static void hif_usb_mgmt_cb(struct urb *urb)
259 {
260 struct cmd_buf *cmd = (struct cmd_buf *)urb->context;
261 struct hif_device_usb *hif_dev;
262 bool txok = true;
263
264 if (!cmd || !cmd->skb || !cmd->hif_dev)
265 return;
266
267 hif_dev = cmd->hif_dev;
268
269 switch (urb->status) {
270 case 0:
271 break;
272 case -ENOENT:
273 case -ECONNRESET:
274 case -ENODEV:
275 case -ESHUTDOWN:
276 txok = false;
277
278 /*
279 * If the URBs are being flushed, no need to complete
280 * this packet.
281 */
282 spin_lock(&hif_dev->tx.tx_lock);
283 if (hif_dev->tx.flags & HIF_USB_TX_FLUSH) {
284 spin_unlock(&hif_dev->tx.tx_lock);
285 dev_kfree_skb_any(cmd->skb);
286 kfree(cmd);
287 return;
288 }
289 spin_unlock(&hif_dev->tx.tx_lock);
290
291 break;
292 default:
293 txok = false;
294 break;
295 }
296
297 skb_pull(cmd->skb, 4);
298 ath9k_htc_txcompletion_cb(cmd->hif_dev->htc_handle,
299 cmd->skb, txok);
300 kfree(cmd);
301 }
302
303 static int hif_usb_send_mgmt(struct hif_device_usb *hif_dev,
304 struct sk_buff *skb)
305 {
306 struct urb *urb;
307 struct cmd_buf *cmd;
308 int ret = 0;
309 __le16 *hdr;
310
311 urb = usb_alloc_urb(0, GFP_ATOMIC);
312 if (urb == NULL)
313 return -ENOMEM;
314
315 cmd = kzalloc(sizeof(*cmd), GFP_ATOMIC);
316 if (cmd == NULL) {
317 usb_free_urb(urb);
318 return -ENOMEM;
319 }
320
321 cmd->skb = skb;
322 cmd->hif_dev = hif_dev;
323
324 hdr = (__le16 *) skb_push(skb, 4);
325 *hdr++ = cpu_to_le16(skb->len - 4);
326 *hdr++ = cpu_to_le16(ATH_USB_TX_STREAM_MODE_TAG);
327
328 usb_fill_bulk_urb(urb, hif_dev->udev,
329 usb_sndbulkpipe(hif_dev->udev, USB_WLAN_TX_PIPE),
330 skb->data, skb->len,
331 hif_usb_mgmt_cb, cmd);
332
333 usb_anchor_urb(urb, &hif_dev->mgmt_submitted);
334 ret = usb_submit_urb(urb, GFP_ATOMIC);
335 if (ret) {
336 usb_unanchor_urb(urb);
337 kfree(cmd);
338 }
339 usb_free_urb(urb);
340
341 return ret;
342 }
343
344 static inline void ath9k_skb_queue_purge(struct hif_device_usb *hif_dev,
345 struct sk_buff_head *list)
346 {
347 struct sk_buff *skb;
348
349 while ((skb = __skb_dequeue(list)) != NULL) {
350 dev_kfree_skb_any(skb);
351 }
352 }
353
354 static inline void ath9k_skb_queue_complete(struct hif_device_usb *hif_dev,
355 struct sk_buff_head *queue,
356 bool txok)
357 {
358 struct sk_buff *skb;
359
360 while ((skb = __skb_dequeue(queue)) != NULL) {
361 #ifdef CONFIG_ATH9K_HTC_DEBUGFS
362 int ln = skb->len;
363 #endif
364 ath9k_htc_txcompletion_cb(hif_dev->htc_handle,
365 skb, txok);
366 if (txok) {
367 TX_STAT_INC(skb_success);
368 TX_STAT_ADD(skb_success_bytes, ln);
369 }
370 else
371 TX_STAT_INC(skb_failed);
372 }
373 }
374
375 static void hif_usb_tx_cb(struct urb *urb)
376 {
377 struct tx_buf *tx_buf = (struct tx_buf *) urb->context;
378 struct hif_device_usb *hif_dev;
379 bool txok = true;
380
381 if (!tx_buf || !tx_buf->hif_dev)
382 return;
383
384 hif_dev = tx_buf->hif_dev;
385
386 switch (urb->status) {
387 case 0:
388 break;
389 case -ENOENT:
390 case -ECONNRESET:
391 case -ENODEV:
392 case -ESHUTDOWN:
393 txok = false;
394
395 /*
396 * If the URBs are being flushed, no need to add this
397 * URB to the free list.
398 */
399 spin_lock(&hif_dev->tx.tx_lock);
400 if (hif_dev->tx.flags & HIF_USB_TX_FLUSH) {
401 spin_unlock(&hif_dev->tx.tx_lock);
402 ath9k_skb_queue_purge(hif_dev, &tx_buf->skb_queue);
403 return;
404 }
405 spin_unlock(&hif_dev->tx.tx_lock);
406
407 break;
408 default:
409 txok = false;
410 break;
411 }
412
413 ath9k_skb_queue_complete(hif_dev, &tx_buf->skb_queue, txok);
414
415 /* Re-initialize the SKB queue */
416 tx_buf->len = tx_buf->offset = 0;
417 __skb_queue_head_init(&tx_buf->skb_queue);
418
419 /* Add this TX buffer to the free list */
420 spin_lock(&hif_dev->tx.tx_lock);
421 list_move_tail(&tx_buf->list, &hif_dev->tx.tx_buf);
422 hif_dev->tx.tx_buf_cnt++;
423 if (!(hif_dev->tx.flags & HIF_USB_TX_STOP))
424 __hif_usb_tx(hif_dev); /* Check for pending SKBs */
425 TX_STAT_INC(buf_completed);
426 spin_unlock(&hif_dev->tx.tx_lock);
427 }
428
429 /* TX lock has to be taken */
430 static int __hif_usb_tx(struct hif_device_usb *hif_dev)
431 {
432 struct tx_buf *tx_buf = NULL;
433 struct sk_buff *nskb = NULL;
434 int ret = 0, i;
435 u16 tx_skb_cnt = 0;
436 u8 *buf;
437 __le16 *hdr;
438
439 if (hif_dev->tx.tx_skb_cnt == 0)
440 return 0;
441
442 /* Check if a free TX buffer is available */
443 if (list_empty(&hif_dev->tx.tx_buf))
444 return 0;
445
446 tx_buf = list_first_entry(&hif_dev->tx.tx_buf, struct tx_buf, list);
447 list_move_tail(&tx_buf->list, &hif_dev->tx.tx_pending);
448 hif_dev->tx.tx_buf_cnt--;
449
450 tx_skb_cnt = min_t(u16, hif_dev->tx.tx_skb_cnt, MAX_TX_AGGR_NUM);
451
452 for (i = 0; i < tx_skb_cnt; i++) {
453 nskb = __skb_dequeue(&hif_dev->tx.tx_skb_queue);
454
455 /* Should never be NULL */
456 BUG_ON(!nskb);
457
458 hif_dev->tx.tx_skb_cnt--;
459
460 buf = tx_buf->buf;
461 buf += tx_buf->offset;
462 hdr = (__le16 *)buf;
463 *hdr++ = cpu_to_le16(nskb->len);
464 *hdr++ = cpu_to_le16(ATH_USB_TX_STREAM_MODE_TAG);
465 buf += 4;
466 memcpy(buf, nskb->data, nskb->len);
467 tx_buf->len = nskb->len + 4;
468
469 if (i < (tx_skb_cnt - 1))
470 tx_buf->offset += (((tx_buf->len - 1) / 4) + 1) * 4;
471
472 if (i == (tx_skb_cnt - 1))
473 tx_buf->len += tx_buf->offset;
474
475 __skb_queue_tail(&tx_buf->skb_queue, nskb);
476 TX_STAT_INC(skb_queued);
477 }
478
479 usb_fill_bulk_urb(tx_buf->urb, hif_dev->udev,
480 usb_sndbulkpipe(hif_dev->udev, USB_WLAN_TX_PIPE),
481 tx_buf->buf, tx_buf->len,
482 hif_usb_tx_cb, tx_buf);
483
484 ret = usb_submit_urb(tx_buf->urb, GFP_ATOMIC);
485 if (ret) {
486 tx_buf->len = tx_buf->offset = 0;
487 ath9k_skb_queue_complete(hif_dev, &tx_buf->skb_queue, false);
488 __skb_queue_head_init(&tx_buf->skb_queue);
489 list_move_tail(&tx_buf->list, &hif_dev->tx.tx_buf);
490 hif_dev->tx.tx_buf_cnt++;
491 }
492
493 if (!ret)
494 TX_STAT_INC(buf_queued);
495
496 return ret;
497 }
498
499 static int hif_usb_send_tx(struct hif_device_usb *hif_dev, struct sk_buff *skb)
500 {
501 struct ath9k_htc_tx_ctl *tx_ctl;
502 unsigned long flags;
503 int ret = 0;
504
505 spin_lock_irqsave(&hif_dev->tx.tx_lock, flags);
506
507 if (hif_dev->tx.flags & HIF_USB_TX_STOP) {
508 spin_unlock_irqrestore(&hif_dev->tx.tx_lock, flags);
509 return -ENODEV;
510 }
511
512 /* Check if the max queue count has been reached */
513 if (hif_dev->tx.tx_skb_cnt > MAX_TX_BUF_NUM) {
514 spin_unlock_irqrestore(&hif_dev->tx.tx_lock, flags);
515 return -ENOMEM;
516 }
517
518 spin_unlock_irqrestore(&hif_dev->tx.tx_lock, flags);
519
520 tx_ctl = HTC_SKB_CB(skb);
521
522 /* Mgmt/Beacon frames don't use the TX buffer pool */
523 if ((tx_ctl->type == ATH9K_HTC_MGMT) ||
524 (tx_ctl->type == ATH9K_HTC_BEACON)) {
525 ret = hif_usb_send_mgmt(hif_dev, skb);
526 }
527
528 spin_lock_irqsave(&hif_dev->tx.tx_lock, flags);
529
530 if ((tx_ctl->type == ATH9K_HTC_NORMAL) ||
531 (tx_ctl->type == ATH9K_HTC_AMPDU)) {
532 __skb_queue_tail(&hif_dev->tx.tx_skb_queue, skb);
533 hif_dev->tx.tx_skb_cnt++;
534 }
535
536 /* Check if AMPDUs have to be sent immediately */
537 if ((hif_dev->tx.tx_buf_cnt == MAX_TX_URB_NUM) &&
538 (hif_dev->tx.tx_skb_cnt < 2)) {
539 __hif_usb_tx(hif_dev);
540 }
541
542 spin_unlock_irqrestore(&hif_dev->tx.tx_lock, flags);
543
544 return ret;
545 }
546
547 static void hif_usb_start(void *hif_handle)
548 {
549 struct hif_device_usb *hif_dev = (struct hif_device_usb *)hif_handle;
550 unsigned long flags;
551
552 hif_dev->flags |= HIF_USB_START;
553
554 spin_lock_irqsave(&hif_dev->tx.tx_lock, flags);
555 hif_dev->tx.flags &= ~HIF_USB_TX_STOP;
556 spin_unlock_irqrestore(&hif_dev->tx.tx_lock, flags);
557 }
558
559 static void hif_usb_stop(void *hif_handle)
560 {
561 struct hif_device_usb *hif_dev = (struct hif_device_usb *)hif_handle;
562 struct tx_buf *tx_buf = NULL, *tx_buf_tmp = NULL;
563 unsigned long flags;
564
565 spin_lock_irqsave(&hif_dev->tx.tx_lock, flags);
566 ath9k_skb_queue_complete(hif_dev, &hif_dev->tx.tx_skb_queue, false);
567 hif_dev->tx.tx_skb_cnt = 0;
568 hif_dev->tx.flags |= HIF_USB_TX_STOP;
569 spin_unlock_irqrestore(&hif_dev->tx.tx_lock, flags);
570
571 /* The pending URBs have to be canceled. */
572 list_for_each_entry_safe(tx_buf, tx_buf_tmp,
573 &hif_dev->tx.tx_pending, list) {
574 usb_kill_urb(tx_buf->urb);
575 }
576
577 usb_kill_anchored_urbs(&hif_dev->mgmt_submitted);
578 }
579
580 static int hif_usb_send(void *hif_handle, u8 pipe_id, struct sk_buff *skb)
581 {
582 struct hif_device_usb *hif_dev = (struct hif_device_usb *)hif_handle;
583 int ret = 0;
584
585 switch (pipe_id) {
586 case USB_WLAN_TX_PIPE:
587 ret = hif_usb_send_tx(hif_dev, skb);
588 break;
589 case USB_REG_OUT_PIPE:
590 ret = hif_usb_send_regout(hif_dev, skb);
591 break;
592 default:
593 dev_err(&hif_dev->udev->dev,
594 "ath9k_htc: Invalid TX pipe: %d\n", pipe_id);
595 ret = -EINVAL;
596 break;
597 }
598
599 return ret;
600 }
601
602 static inline bool check_index(struct sk_buff *skb, u8 idx)
603 {
604 struct ath9k_htc_tx_ctl *tx_ctl;
605
606 tx_ctl = HTC_SKB_CB(skb);
607
608 if ((tx_ctl->type == ATH9K_HTC_AMPDU) &&
609 (tx_ctl->sta_idx == idx))
610 return true;
611
612 return false;
613 }
614
615 static void hif_usb_sta_drain(void *hif_handle, u8 idx)
616 {
617 struct hif_device_usb *hif_dev = (struct hif_device_usb *)hif_handle;
618 struct sk_buff *skb, *tmp;
619 unsigned long flags;
620
621 spin_lock_irqsave(&hif_dev->tx.tx_lock, flags);
622
623 skb_queue_walk_safe(&hif_dev->tx.tx_skb_queue, skb, tmp) {
624 if (check_index(skb, idx)) {
625 __skb_unlink(skb, &hif_dev->tx.tx_skb_queue);
626 ath9k_htc_txcompletion_cb(hif_dev->htc_handle,
627 skb, false);
628 hif_dev->tx.tx_skb_cnt--;
629 TX_STAT_INC(skb_failed);
630 }
631 }
632
633 spin_unlock_irqrestore(&hif_dev->tx.tx_lock, flags);
634 }
635
636 static struct ath9k_htc_hif hif_usb = {
637 .transport = ATH9K_HIF_USB,
638 .name = "ath9k_hif_usb",
639
640 .control_ul_pipe = USB_REG_OUT_PIPE,
641 .control_dl_pipe = USB_REG_IN_PIPE,
642
643 .start = hif_usb_start,
644 .stop = hif_usb_stop,
645 .sta_drain = hif_usb_sta_drain,
646 .send = hif_usb_send,
647 };
648
649 static void ath9k_hif_usb_rx_stream(struct hif_device_usb *hif_dev,
650 struct sk_buff *skb)
651 {
652 struct sk_buff *nskb, *skb_pool[MAX_PKT_NUM_IN_TRANSFER];
653 int index = 0, i = 0, len = skb->len;
654 int rx_remain_len, rx_pkt_len;
655 u16 pool_index = 0;
656 u8 *ptr;
657
658 spin_lock(&hif_dev->rx_lock);
659
660 rx_remain_len = hif_dev->rx_remain_len;
661 rx_pkt_len = hif_dev->rx_transfer_len;
662
663 if (rx_remain_len != 0) {
664 struct sk_buff *remain_skb = hif_dev->remain_skb;
665
666 if (remain_skb) {
667 ptr = (u8 *) remain_skb->data;
668
669 index = rx_remain_len;
670 rx_remain_len -= hif_dev->rx_pad_len;
671 ptr += rx_pkt_len;
672
673 memcpy(ptr, skb->data, rx_remain_len);
674
675 rx_pkt_len += rx_remain_len;
676 hif_dev->rx_remain_len = 0;
677 skb_put(remain_skb, rx_pkt_len);
678
679 skb_pool[pool_index++] = remain_skb;
680
681 } else {
682 index = rx_remain_len;
683 }
684 }
685
686 spin_unlock(&hif_dev->rx_lock);
687
688 while (index < len) {
689 u16 pkt_len;
690 u16 pkt_tag;
691 u16 pad_len;
692 int chk_idx;
693
694 ptr = (u8 *) skb->data;
695
696 pkt_len = get_unaligned_le16(ptr + index);
697 pkt_tag = get_unaligned_le16(ptr + index + 2);
698
699 if (pkt_tag != ATH_USB_RX_STREAM_MODE_TAG) {
700 RX_STAT_INC(skb_dropped);
701 return;
702 }
703
704 pad_len = 4 - (pkt_len & 0x3);
705 if (pad_len == 4)
706 pad_len = 0;
707
708 chk_idx = index;
709 index = index + 4 + pkt_len + pad_len;
710
711 if (index > MAX_RX_BUF_SIZE) {
712 spin_lock(&hif_dev->rx_lock);
713 hif_dev->rx_remain_len = index - MAX_RX_BUF_SIZE;
714 hif_dev->rx_transfer_len =
715 MAX_RX_BUF_SIZE - chk_idx - 4;
716 hif_dev->rx_pad_len = pad_len;
717
718 nskb = __dev_alloc_skb(pkt_len + 32, GFP_ATOMIC);
719 if (!nskb) {
720 dev_err(&hif_dev->udev->dev,
721 "ath9k_htc: RX memory allocation error\n");
722 spin_unlock(&hif_dev->rx_lock);
723 goto err;
724 }
725 skb_reserve(nskb, 32);
726 RX_STAT_INC(skb_allocated);
727
728 memcpy(nskb->data, &(skb->data[chk_idx+4]),
729 hif_dev->rx_transfer_len);
730
731 /* Record the buffer pointer */
732 hif_dev->remain_skb = nskb;
733 spin_unlock(&hif_dev->rx_lock);
734 } else {
735 nskb = __dev_alloc_skb(pkt_len + 32, GFP_ATOMIC);
736 if (!nskb) {
737 dev_err(&hif_dev->udev->dev,
738 "ath9k_htc: RX memory allocation error\n");
739 goto err;
740 }
741 skb_reserve(nskb, 32);
742 RX_STAT_INC(skb_allocated);
743
744 memcpy(nskb->data, &(skb->data[chk_idx+4]), pkt_len);
745 skb_put(nskb, pkt_len);
746 skb_pool[pool_index++] = nskb;
747 }
748 }
749
750 err:
751 for (i = 0; i < pool_index; i++) {
752 RX_STAT_ADD(skb_completed_bytes, skb_pool[i]->len);
753 ath9k_htc_rx_msg(hif_dev->htc_handle, skb_pool[i],
754 skb_pool[i]->len, USB_WLAN_RX_PIPE);
755 RX_STAT_INC(skb_completed);
756 }
757 }
758
759 static void ath9k_hif_usb_rx_cb(struct urb *urb)
760 {
761 struct sk_buff *skb = (struct sk_buff *) urb->context;
762 struct hif_device_usb *hif_dev =
763 usb_get_intfdata(usb_ifnum_to_if(urb->dev, 0));
764 int ret;
765
766 if (!skb)
767 return;
768
769 if (!hif_dev)
770 goto free;
771
772 switch (urb->status) {
773 case 0:
774 break;
775 case -ENOENT:
776 case -ECONNRESET:
777 case -ENODEV:
778 case -ESHUTDOWN:
779 goto free;
780 default:
781 goto resubmit;
782 }
783
784 if (likely(urb->actual_length != 0)) {
785 skb_put(skb, urb->actual_length);
786 ath9k_hif_usb_rx_stream(hif_dev, skb);
787 }
788
789 resubmit:
790 skb_reset_tail_pointer(skb);
791 skb_trim(skb, 0);
792
793 usb_anchor_urb(urb, &hif_dev->rx_submitted);
794 ret = usb_submit_urb(urb, GFP_ATOMIC);
795 if (ret) {
796 usb_unanchor_urb(urb);
797 goto free;
798 }
799
800 return;
801 free:
802 kfree_skb(skb);
803 }
804
805 static void ath9k_hif_usb_reg_in_cb(struct urb *urb)
806 {
807 struct sk_buff *skb = (struct sk_buff *) urb->context;
808 struct sk_buff *nskb;
809 struct hif_device_usb *hif_dev =
810 usb_get_intfdata(usb_ifnum_to_if(urb->dev, 0));
811 int ret;
812
813 if (!skb)
814 return;
815
816 if (!hif_dev)
817 goto free;
818
819 switch (urb->status) {
820 case 0:
821 break;
822 case -ENOENT:
823 case -ECONNRESET:
824 case -ENODEV:
825 case -ESHUTDOWN:
826 goto free;
827 default:
828 skb_reset_tail_pointer(skb);
829 skb_trim(skb, 0);
830
831 goto resubmit;
832 }
833
834 if (likely(urb->actual_length != 0)) {
835 skb_put(skb, urb->actual_length);
836
837 /* Process the command first */
838 ath9k_htc_rx_msg(hif_dev->htc_handle, skb,
839 skb->len, USB_REG_IN_PIPE);
840
841
842 nskb = alloc_skb(MAX_REG_IN_BUF_SIZE, GFP_ATOMIC);
843 if (!nskb) {
844 dev_err(&hif_dev->udev->dev,
845 "ath9k_htc: REG_IN memory allocation failure\n");
846 urb->context = NULL;
847 return;
848 }
849
850 usb_fill_int_urb(urb, hif_dev->udev,
851 usb_rcvintpipe(hif_dev->udev,
852 USB_REG_IN_PIPE),
853 nskb->data, MAX_REG_IN_BUF_SIZE,
854 ath9k_hif_usb_reg_in_cb, nskb, 1);
855 }
856
857 resubmit:
858 usb_anchor_urb(urb, &hif_dev->reg_in_submitted);
859 ret = usb_submit_urb(urb, GFP_ATOMIC);
860 if (ret) {
861 usb_unanchor_urb(urb);
862 goto free;
863 }
864
865 return;
866 free:
867 kfree_skb(skb);
868 urb->context = NULL;
869 }
870
871 static void ath9k_hif_usb_dealloc_tx_urbs(struct hif_device_usb *hif_dev)
872 {
873 struct tx_buf *tx_buf = NULL, *tx_buf_tmp = NULL;
874 unsigned long flags;
875
876 list_for_each_entry_safe(tx_buf, tx_buf_tmp,
877 &hif_dev->tx.tx_buf, list) {
878 usb_kill_urb(tx_buf->urb);
879 list_del(&tx_buf->list);
880 usb_free_urb(tx_buf->urb);
881 kfree(tx_buf->buf);
882 kfree(tx_buf);
883 }
884
885 spin_lock_irqsave(&hif_dev->tx.tx_lock, flags);
886 hif_dev->tx.flags |= HIF_USB_TX_FLUSH;
887 spin_unlock_irqrestore(&hif_dev->tx.tx_lock, flags);
888
889 list_for_each_entry_safe(tx_buf, tx_buf_tmp,
890 &hif_dev->tx.tx_pending, list) {
891 usb_kill_urb(tx_buf->urb);
892 list_del(&tx_buf->list);
893 usb_free_urb(tx_buf->urb);
894 kfree(tx_buf->buf);
895 kfree(tx_buf);
896 }
897
898 usb_kill_anchored_urbs(&hif_dev->mgmt_submitted);
899 }
900
901 static int ath9k_hif_usb_alloc_tx_urbs(struct hif_device_usb *hif_dev)
902 {
903 struct tx_buf *tx_buf;
904 int i;
905
906 INIT_LIST_HEAD(&hif_dev->tx.tx_buf);
907 INIT_LIST_HEAD(&hif_dev->tx.tx_pending);
908 spin_lock_init(&hif_dev->tx.tx_lock);
909 __skb_queue_head_init(&hif_dev->tx.tx_skb_queue);
910 init_usb_anchor(&hif_dev->mgmt_submitted);
911
912 for (i = 0; i < MAX_TX_URB_NUM; i++) {
913 tx_buf = kzalloc(sizeof(struct tx_buf), GFP_KERNEL);
914 if (!tx_buf)
915 goto err;
916
917 tx_buf->buf = kzalloc(MAX_TX_BUF_SIZE, GFP_KERNEL);
918 if (!tx_buf->buf)
919 goto err;
920
921 tx_buf->urb = usb_alloc_urb(0, GFP_KERNEL);
922 if (!tx_buf->urb)
923 goto err;
924
925 tx_buf->hif_dev = hif_dev;
926 __skb_queue_head_init(&tx_buf->skb_queue);
927
928 list_add_tail(&tx_buf->list, &hif_dev->tx.tx_buf);
929 }
930
931 hif_dev->tx.tx_buf_cnt = MAX_TX_URB_NUM;
932
933 return 0;
934 err:
935 if (tx_buf) {
936 kfree(tx_buf->buf);
937 kfree(tx_buf);
938 }
939 ath9k_hif_usb_dealloc_tx_urbs(hif_dev);
940 return -ENOMEM;
941 }
942
943 static void ath9k_hif_usb_dealloc_rx_urbs(struct hif_device_usb *hif_dev)
944 {
945 usb_kill_anchored_urbs(&hif_dev->rx_submitted);
946 }
947
948 static int ath9k_hif_usb_alloc_rx_urbs(struct hif_device_usb *hif_dev)
949 {
950 struct urb *urb = NULL;
951 struct sk_buff *skb = NULL;
952 int i, ret;
953
954 init_usb_anchor(&hif_dev->rx_submitted);
955 spin_lock_init(&hif_dev->rx_lock);
956
957 for (i = 0; i < MAX_RX_URB_NUM; i++) {
958
959 /* Allocate URB */
960 urb = usb_alloc_urb(0, GFP_KERNEL);
961 if (urb == NULL) {
962 ret = -ENOMEM;
963 goto err_urb;
964 }
965
966 /* Allocate buffer */
967 skb = alloc_skb(MAX_RX_BUF_SIZE, GFP_KERNEL);
968 if (!skb) {
969 ret = -ENOMEM;
970 goto err_skb;
971 }
972
973 usb_fill_bulk_urb(urb, hif_dev->udev,
974 usb_rcvbulkpipe(hif_dev->udev,
975 USB_WLAN_RX_PIPE),
976 skb->data, MAX_RX_BUF_SIZE,
977 ath9k_hif_usb_rx_cb, skb);
978
979 /* Anchor URB */
980 usb_anchor_urb(urb, &hif_dev->rx_submitted);
981
982 /* Submit URB */
983 ret = usb_submit_urb(urb, GFP_KERNEL);
984 if (ret) {
985 usb_unanchor_urb(urb);
986 goto err_submit;
987 }
988
989 /*
990 * Drop reference count.
991 * This ensures that the URB is freed when killing them.
992 */
993 usb_free_urb(urb);
994 }
995
996 return 0;
997
998 err_submit:
999 kfree_skb(skb);
1000 err_skb:
1001 usb_free_urb(urb);
1002 err_urb:
1003 ath9k_hif_usb_dealloc_rx_urbs(hif_dev);
1004 return ret;
1005 }
1006
1007 static void ath9k_hif_usb_dealloc_reg_in_urbs(struct hif_device_usb *hif_dev)
1008 {
1009 usb_kill_anchored_urbs(&hif_dev->reg_in_submitted);
1010 }
1011
1012 static int ath9k_hif_usb_alloc_reg_in_urbs(struct hif_device_usb *hif_dev)
1013 {
1014 struct urb *urb = NULL;
1015 struct sk_buff *skb = NULL;
1016 int i, ret;
1017
1018 init_usb_anchor(&hif_dev->reg_in_submitted);
1019
1020 for (i = 0; i < MAX_REG_IN_URB_NUM; i++) {
1021
1022 /* Allocate URB */
1023 urb = usb_alloc_urb(0, GFP_KERNEL);
1024 if (urb == NULL) {
1025 ret = -ENOMEM;
1026 goto err_urb;
1027 }
1028
1029 /* Allocate buffer */
1030 skb = alloc_skb(MAX_REG_IN_BUF_SIZE, GFP_KERNEL);
1031 if (!skb) {
1032 ret = -ENOMEM;
1033 goto err_skb;
1034 }
1035
1036 usb_fill_int_urb(urb, hif_dev->udev,
1037 usb_rcvintpipe(hif_dev->udev,
1038 USB_REG_IN_PIPE),
1039 skb->data, MAX_REG_IN_BUF_SIZE,
1040 ath9k_hif_usb_reg_in_cb, skb, 1);
1041
1042 /* Anchor URB */
1043 usb_anchor_urb(urb, &hif_dev->reg_in_submitted);
1044
1045 /* Submit URB */
1046 ret = usb_submit_urb(urb, GFP_KERNEL);
1047 if (ret) {
1048 usb_unanchor_urb(urb);
1049 goto err_submit;
1050 }
1051
1052 /*
1053 * Drop reference count.
1054 * This ensures that the URB is freed when killing them.
1055 */
1056 usb_free_urb(urb);
1057 }
1058
1059 return 0;
1060
1061 err_submit:
1062 kfree_skb(skb);
1063 err_skb:
1064 usb_free_urb(urb);
1065 err_urb:
1066 ath9k_hif_usb_dealloc_reg_in_urbs(hif_dev);
1067 return ret;
1068 }
1069
1070 static int ath9k_hif_usb_alloc_urbs(struct hif_device_usb *hif_dev)
1071 {
1072 /* Register Write */
1073 init_usb_anchor(&hif_dev->regout_submitted);
1074
1075 /* TX */
1076 if (ath9k_hif_usb_alloc_tx_urbs(hif_dev) < 0)
1077 goto err;
1078
1079 /* RX */
1080 if (ath9k_hif_usb_alloc_rx_urbs(hif_dev) < 0)
1081 goto err_rx;
1082
1083 /* Register Read */
1084 if (ath9k_hif_usb_alloc_reg_in_urbs(hif_dev) < 0)
1085 goto err_reg;
1086
1087 return 0;
1088 err_reg:
1089 ath9k_hif_usb_dealloc_rx_urbs(hif_dev);
1090 err_rx:
1091 ath9k_hif_usb_dealloc_tx_urbs(hif_dev);
1092 err:
1093 return -ENOMEM;
1094 }
1095
1096 static void ath9k_hif_usb_dealloc_urbs(struct hif_device_usb *hif_dev)
1097 {
1098 usb_kill_anchored_urbs(&hif_dev->regout_submitted);
1099 ath9k_hif_usb_dealloc_reg_in_urbs(hif_dev);
1100 ath9k_hif_usb_dealloc_tx_urbs(hif_dev);
1101 ath9k_hif_usb_dealloc_rx_urbs(hif_dev);
1102 }
1103
1104 static int ath9k_hif_usb_download_fw(struct hif_device_usb *hif_dev)
1105 {
1106 int transfer, err;
1107 const void *data = hif_dev->fw_data;
1108 size_t len = hif_dev->fw_size;
1109 u32 addr = AR9271_FIRMWARE;
1110 u8 *buf = kzalloc(4096, GFP_KERNEL);
1111 u32 firm_offset;
1112
1113 if (!buf)
1114 return -ENOMEM;
1115
1116 while (len) {
1117 transfer = min_t(size_t, len, 4096);
1118 memcpy(buf, data, transfer);
1119
1120 err = usb_control_msg(hif_dev->udev,
1121 usb_sndctrlpipe(hif_dev->udev, 0),
1122 FIRMWARE_DOWNLOAD, 0x40 | USB_DIR_OUT,
1123 addr >> 8, 0, buf, transfer, HZ);
1124 if (err < 0) {
1125 kfree(buf);
1126 return err;
1127 }
1128
1129 len -= transfer;
1130 data += transfer;
1131 addr += transfer;
1132 }
1133 kfree(buf);
1134
1135 if (IS_AR7010_DEVICE(hif_dev->usb_device_id->driver_info))
1136 firm_offset = AR7010_FIRMWARE_TEXT;
1137 else
1138 firm_offset = AR9271_FIRMWARE_TEXT;
1139
1140 /*
1141 * Issue FW download complete command to firmware.
1142 */
1143 err = usb_control_msg(hif_dev->udev, usb_sndctrlpipe(hif_dev->udev, 0),
1144 FIRMWARE_DOWNLOAD_COMP,
1145 0x40 | USB_DIR_OUT,
1146 firm_offset >> 8, 0, NULL, 0, HZ);
1147 if (err)
1148 return -EIO;
1149
1150 dev_info(&hif_dev->udev->dev, "ath9k_htc: Transferred FW: %s, size: %ld\n",
1151 hif_dev->fw_name, (unsigned long) hif_dev->fw_size);
1152
1153 return 0;
1154 }
1155
1156 static int ath9k_hif_usb_dev_init(struct hif_device_usb *hif_dev)
1157 {
1158 int ret;
1159
1160 ret = ath9k_hif_usb_download_fw(hif_dev);
1161 if (ret) {
1162 dev_err(&hif_dev->udev->dev,
1163 "ath9k_htc: Firmware - %s download failed\n",
1164 hif_dev->fw_name);
1165 return ret;
1166 }
1167
1168 /* Alloc URBs */
1169 ret = ath9k_hif_usb_alloc_urbs(hif_dev);
1170 if (ret) {
1171 dev_err(&hif_dev->udev->dev,
1172 "ath9k_htc: Unable to allocate URBs\n");
1173 return ret;
1174 }
1175
1176 return 0;
1177 }
1178
1179 static void ath9k_hif_usb_dev_deinit(struct hif_device_usb *hif_dev)
1180 {
1181 ath9k_hif_usb_dealloc_urbs(hif_dev);
1182 }
1183
1184 /*
1185 * If initialization fails or the FW cannot be retrieved,
1186 * detach the device.
1187 */
1188 static void ath9k_hif_usb_firmware_fail(struct hif_device_usb *hif_dev)
1189 {
1190 struct device *dev = &hif_dev->udev->dev;
1191 struct device *parent = dev->parent;
1192
1193 complete_all(&hif_dev->fw_done);
1194
1195 if (parent)
1196 device_lock(parent);
1197
1198 device_release_driver(dev);
1199
1200 if (parent)
1201 device_unlock(parent);
1202 }
1203
1204 static void ath9k_hif_usb_firmware_cb(const struct firmware *fw, void *context);
1205
1206 /* taken from iwlwifi */
1207 static int ath9k_hif_request_firmware(struct hif_device_usb *hif_dev,
1208 bool first)
1209 {
1210 char index[8], *chip;
1211 int ret;
1212
1213 if (first) {
1214 if (htc_use_dev_fw) {
1215 hif_dev->fw_minor_index = FIRMWARE_MINOR_IDX_MAX + 1;
1216 sprintf(index, "%s", "dev");
1217 } else {
1218 hif_dev->fw_minor_index = FIRMWARE_MINOR_IDX_MAX;
1219 sprintf(index, "%d", hif_dev->fw_minor_index);
1220 }
1221 } else {
1222 hif_dev->fw_minor_index--;
1223 sprintf(index, "%d", hif_dev->fw_minor_index);
1224 }
1225
1226 /* test for FW 1.3 */
1227 if (MAJOR_VERSION_REQ == 1 && hif_dev->fw_minor_index == 3) {
1228 const char *filename;
1229
1230 if (IS_AR7010_DEVICE(hif_dev->usb_device_id->driver_info))
1231 filename = FIRMWARE_AR7010_1_1;
1232 else
1233 filename = FIRMWARE_AR9271;
1234
1235 /* expected fw locations:
1236 * - htc_9271.fw (stable version 1.3, depricated)
1237 */
1238 snprintf(hif_dev->fw_name, sizeof(hif_dev->fw_name),
1239 "%s", filename);
1240
1241 } else if (hif_dev->fw_minor_index < FIRMWARE_MINOR_IDX_MIN) {
1242 dev_err(&hif_dev->udev->dev, "no suitable firmware found!\n");
1243
1244 return -ENOENT;
1245 } else {
1246 if (IS_AR7010_DEVICE(hif_dev->usb_device_id->driver_info))
1247 chip = "7010";
1248 else
1249 chip = "9271";
1250
1251 /* expected fw locations:
1252 * - ath9k_htc/htc_9271-1.dev.0.fw (development version)
1253 * - ath9k_htc/htc_9271-1.4.0.fw (stable version)
1254 */
1255 snprintf(hif_dev->fw_name, sizeof(hif_dev->fw_name),
1256 "%s/htc_%s-%d.%s.0.fw", HTC_FW_PATH,
1257 chip, MAJOR_VERSION_REQ, index);
1258 }
1259
1260 ret = request_firmware_nowait(THIS_MODULE, true, hif_dev->fw_name,
1261 &hif_dev->udev->dev, GFP_KERNEL,
1262 hif_dev, ath9k_hif_usb_firmware_cb);
1263 if (ret) {
1264 dev_err(&hif_dev->udev->dev,
1265 "ath9k_htc: Async request for firmware %s failed\n",
1266 hif_dev->fw_name);
1267 return ret;
1268 }
1269
1270 dev_info(&hif_dev->udev->dev, "ath9k_htc: Firmware %s requested\n",
1271 hif_dev->fw_name);
1272
1273 return ret;
1274 }
1275
1276 static void ath9k_hif_usb_firmware_cb(const struct firmware *fw, void *context)
1277 {
1278 struct hif_device_usb *hif_dev = context;
1279 int ret;
1280
1281 if (!fw) {
1282 ret = ath9k_hif_request_firmware(hif_dev, false);
1283 if (!ret)
1284 return;
1285
1286 dev_err(&hif_dev->udev->dev,
1287 "ath9k_htc: Failed to get firmware %s\n",
1288 hif_dev->fw_name);
1289 goto err_fw;
1290 }
1291
1292 hif_dev->htc_handle = ath9k_htc_hw_alloc(hif_dev, &hif_usb,
1293 &hif_dev->udev->dev);
1294 if (hif_dev->htc_handle == NULL)
1295 goto err_dev_alloc;
1296
1297 hif_dev->fw_data = fw->data;
1298 hif_dev->fw_size = fw->size;
1299
1300 /* Proceed with initialization */
1301
1302 ret = ath9k_hif_usb_dev_init(hif_dev);
1303 if (ret)
1304 goto err_dev_init;
1305
1306 ret = ath9k_htc_hw_init(hif_dev->htc_handle,
1307 &hif_dev->interface->dev,
1308 hif_dev->usb_device_id->idProduct,
1309 hif_dev->udev->product,
1310 hif_dev->usb_device_id->driver_info);
1311 if (ret) {
1312 ret = -EINVAL;
1313 goto err_htc_hw_init;
1314 }
1315
1316 release_firmware(fw);
1317 hif_dev->flags |= HIF_USB_READY;
1318 complete_all(&hif_dev->fw_done);
1319
1320 return;
1321
1322 err_htc_hw_init:
1323 ath9k_hif_usb_dev_deinit(hif_dev);
1324 err_dev_init:
1325 ath9k_htc_hw_free(hif_dev->htc_handle);
1326 err_dev_alloc:
1327 release_firmware(fw);
1328 err_fw:
1329 ath9k_hif_usb_firmware_fail(hif_dev);
1330 }
1331
1332 /*
1333 * An exact copy of the function from zd1211rw.
1334 */
1335 static int send_eject_command(struct usb_interface *interface)
1336 {
1337 struct usb_device *udev = interface_to_usbdev(interface);
1338 struct usb_host_interface *iface_desc = &interface->altsetting[0];
1339 struct usb_endpoint_descriptor *endpoint;
1340 unsigned char *cmd;
1341 u8 bulk_out_ep;
1342 int r;
1343
1344 /* Find bulk out endpoint */
1345 for (r = 1; r >= 0; r--) {
1346 endpoint = &iface_desc->endpoint[r].desc;
1347 if (usb_endpoint_dir_out(endpoint) &&
1348 usb_endpoint_xfer_bulk(endpoint)) {
1349 bulk_out_ep = endpoint->bEndpointAddress;
1350 break;
1351 }
1352 }
1353 if (r == -1) {
1354 dev_err(&udev->dev,
1355 "ath9k_htc: Could not find bulk out endpoint\n");
1356 return -ENODEV;
1357 }
1358
1359 cmd = kzalloc(31, GFP_KERNEL);
1360 if (cmd == NULL)
1361 return -ENODEV;
1362
1363 /* USB bulk command block */
1364 cmd[0] = 0x55; /* bulk command signature */
1365 cmd[1] = 0x53; /* bulk command signature */
1366 cmd[2] = 0x42; /* bulk command signature */
1367 cmd[3] = 0x43; /* bulk command signature */
1368 cmd[14] = 6; /* command length */
1369
1370 cmd[15] = 0x1b; /* SCSI command: START STOP UNIT */
1371 cmd[19] = 0x2; /* eject disc */
1372
1373 dev_info(&udev->dev, "Ejecting storage device...\n");
1374 r = usb_bulk_msg(udev, usb_sndbulkpipe(udev, bulk_out_ep),
1375 cmd, 31, NULL, 2000);
1376 kfree(cmd);
1377 if (r)
1378 return r;
1379
1380 /* At this point, the device disconnects and reconnects with the real
1381 * ID numbers. */
1382
1383 usb_set_intfdata(interface, NULL);
1384 return 0;
1385 }
1386
1387 static int ath9k_hif_usb_probe(struct usb_interface *interface,
1388 const struct usb_device_id *id)
1389 {
1390 struct usb_device *udev = interface_to_usbdev(interface);
1391 struct hif_device_usb *hif_dev;
1392 int ret = 0;
1393
1394 if (id->driver_info == STORAGE_DEVICE)
1395 return send_eject_command(interface);
1396
1397 hif_dev = kzalloc(sizeof(struct hif_device_usb), GFP_KERNEL);
1398 if (!hif_dev) {
1399 ret = -ENOMEM;
1400 goto err_alloc;
1401 }
1402
1403 usb_get_dev(udev);
1404
1405 hif_dev->udev = udev;
1406 hif_dev->interface = interface;
1407 hif_dev->usb_device_id = id;
1408 #ifdef CONFIG_PM
1409 udev->reset_resume = 1;
1410 #endif
1411 usb_set_intfdata(interface, hif_dev);
1412
1413 init_completion(&hif_dev->fw_done);
1414
1415 ret = ath9k_hif_request_firmware(hif_dev, true);
1416 if (ret)
1417 goto err_fw_req;
1418
1419 return ret;
1420
1421 err_fw_req:
1422 usb_set_intfdata(interface, NULL);
1423 kfree(hif_dev);
1424 usb_put_dev(udev);
1425 err_alloc:
1426 return ret;
1427 }
1428
1429 static void ath9k_hif_usb_reboot(struct usb_device *udev)
1430 {
1431 u32 reboot_cmd = 0xffffffff;
1432 void *buf;
1433 int ret;
1434
1435 buf = kmemdup(&reboot_cmd, 4, GFP_KERNEL);
1436 if (!buf)
1437 return;
1438
1439 ret = usb_interrupt_msg(udev, usb_sndintpipe(udev, USB_REG_OUT_PIPE),
1440 buf, 4, NULL, HZ);
1441 if (ret)
1442 dev_err(&udev->dev, "ath9k_htc: USB reboot failed\n");
1443
1444 kfree(buf);
1445 }
1446
1447 static void ath9k_hif_usb_disconnect(struct usb_interface *interface)
1448 {
1449 struct usb_device *udev = interface_to_usbdev(interface);
1450 struct hif_device_usb *hif_dev = usb_get_intfdata(interface);
1451 bool unplugged = (udev->state == USB_STATE_NOTATTACHED) ? true : false;
1452
1453 if (!hif_dev)
1454 return;
1455
1456 wait_for_completion(&hif_dev->fw_done);
1457
1458 if (hif_dev->flags & HIF_USB_READY) {
1459 ath9k_htc_hw_deinit(hif_dev->htc_handle, unplugged);
1460 ath9k_htc_hw_free(hif_dev->htc_handle);
1461 ath9k_hif_usb_dev_deinit(hif_dev);
1462 }
1463
1464 usb_set_intfdata(interface, NULL);
1465
1466 /* If firmware was loaded we should drop it
1467 * go back to first stage bootloader. */
1468 if (!unplugged && (hif_dev->flags & HIF_USB_READY))
1469 ath9k_hif_usb_reboot(udev);
1470
1471 kfree(hif_dev);
1472 dev_info(&udev->dev, "ath9k_htc: USB layer deinitialized\n");
1473 usb_put_dev(udev);
1474 }
1475
1476 #ifdef CONFIG_PM
1477 static int ath9k_hif_usb_suspend(struct usb_interface *interface,
1478 pm_message_t message)
1479 {
1480 struct hif_device_usb *hif_dev = usb_get_intfdata(interface);
1481
1482 /*
1483 * The device has to be set to FULLSLEEP mode in case no
1484 * interface is up.
1485 */
1486 if (!(hif_dev->flags & HIF_USB_START))
1487 ath9k_htc_suspend(hif_dev->htc_handle);
1488
1489 wait_for_completion(&hif_dev->fw_done);
1490
1491 if (hif_dev->flags & HIF_USB_READY)
1492 ath9k_hif_usb_dealloc_urbs(hif_dev);
1493
1494 return 0;
1495 }
1496
1497 static int ath9k_hif_usb_resume(struct usb_interface *interface)
1498 {
1499 struct hif_device_usb *hif_dev = usb_get_intfdata(interface);
1500 struct htc_target *htc_handle = hif_dev->htc_handle;
1501 int ret;
1502 const struct firmware *fw;
1503
1504 ret = ath9k_hif_usb_alloc_urbs(hif_dev);
1505 if (ret)
1506 return ret;
1507
1508 if (hif_dev->flags & HIF_USB_READY) {
1509 /* request cached firmware during suspend/resume cycle */
1510 ret = request_firmware(&fw, hif_dev->fw_name,
1511 &hif_dev->udev->dev);
1512 if (ret)
1513 goto fail_resume;
1514
1515 hif_dev->fw_data = fw->data;
1516 hif_dev->fw_size = fw->size;
1517 ret = ath9k_hif_usb_download_fw(hif_dev);
1518 release_firmware(fw);
1519 if (ret)
1520 goto fail_resume;
1521 } else {
1522 ath9k_hif_usb_dealloc_urbs(hif_dev);
1523 return -EIO;
1524 }
1525
1526 mdelay(100);
1527
1528 ret = ath9k_htc_resume(htc_handle);
1529
1530 if (ret)
1531 goto fail_resume;
1532
1533 return 0;
1534
1535 fail_resume:
1536 ath9k_hif_usb_dealloc_urbs(hif_dev);
1537
1538 return ret;
1539 }
1540 #endif
1541
1542 static struct usb_driver ath9k_hif_usb_driver = {
1543 .name = KBUILD_MODNAME,
1544 .probe = ath9k_hif_usb_probe,
1545 .disconnect = ath9k_hif_usb_disconnect,
1546 #ifdef CONFIG_PM
1547 .suspend = ath9k_hif_usb_suspend,
1548 .resume = ath9k_hif_usb_resume,
1549 .reset_resume = ath9k_hif_usb_resume,
1550 #endif
1551 .id_table = ath9k_hif_usb_ids,
1552 .soft_unbind = 1,
1553 .disable_hub_initiated_lpm = 1,
1554 };
1555
1556 int ath9k_hif_usb_init(void)
1557 {
1558 return usb_register(&ath9k_hif_usb_driver);
1559 }
1560
1561 void ath9k_hif_usb_exit(void)
1562 {
1563 usb_deregister(&ath9k_hif_usb_driver);
1564 }
1565
1566 #line 125 "/work/ldvuser/andrianov/work/current--X--drivers/net/wireless/ath/ath9k/--X--defaultlinux-4.5-rc7--X--races--X--cpachecker/linux-4.5-rc7/csd_deg_dscv/74/dscv_tempdir/dscv/ri/races/drivers/net/wireless/ath/ath9k/hif_usb.o.c.prepared"
1567
1568 int ldv_retval_11;
1569 int ldv_retval_10;
1570 int ldv_retval_9;
1571
1572
1573 void ldv_usb_driver_13(void){
1574 ath9k_hif_usb_driver_group1 = ldv_undef_ptr();
1575 }
1576
1577
1578 void ldv_main_exported_13(void){
1579 pm_message_t ldvarg101;
1580 struct usb_device_id const *ldvarg102;
1581 /*DEG-struct: handlers from structure ath9k_hif_usb_driver*/
1582 switch(__VERIFIER_nondet_int()){
1583 case 0:{
1584 /*DEG-state: state 1 (look at corresponding state-chart diagram for details)*/
1585 if(ldv_state_variable_13 == 1){
1586 /*DEG-CALL: handler probe from ath9k_hif_usb_driver*/
1587 ldv_retval_11=(& ath9k_hif_usb_probe)(ath9k_hif_usb_driver_group1,ldvarg102);
1588 if(ldv_retval_11==0){
1589 ldv_state_variable_13 = 2;
1590 ref_cnt++;
1591 }
1592 }
1593 }
1594 break;
1595 case 1:{
1596 /*DEG-state: state 3 (look at corresponding state-chart diagram for details)*/
1597 if(ldv_state_variable_13 == 3){
1598 /*DEG-CALL: handler reset_resume from ath9k_hif_usb_driver*/
1599 ldv_retval_10=(& ath9k_hif_usb_resume)(ath9k_hif_usb_driver_group1);
1600 if(ldv_retval_10==0){
1601 ldv_state_variable_13 = 2;
1602 }
1603 }
1604 }
1605 break;
1606 case 2:{
1607 /*DEG-state: state 3 (look at corresponding state-chart diagram for details)*/
1608 if(ldv_state_variable_13 == 3 && usb_counter==0){
1609 /*DEG-CALL: handler disconnect from ath9k_hif_usb_driver*/
1610 (& ath9k_hif_usb_disconnect)(ath9k_hif_usb_driver_group1);
1611 ldv_state_variable_13 = 1;
1612 ref_cnt--;
1613 }
1614 /*DEG-state: state 2 (look at corresponding state-chart diagram for details)*/
1615 if(ldv_state_variable_13 == 2 && usb_counter==0){
1616 /*DEG-CALL: handler disconnect from ath9k_hif_usb_driver*/
1617 (& ath9k_hif_usb_disconnect)(ath9k_hif_usb_driver_group1);
1618 ldv_state_variable_13 = 1;
1619 ref_cnt--;
1620 }
1621 }
1622 break;
1623 case 3:{
1624 /*DEG-state: state 2 (look at corresponding state-chart diagram for details)*/
1625 if(ldv_state_variable_13 == 2){
1626 /*DEG-CALL: handler suspend from ath9k_hif_usb_driver*/
1627 (& ath9k_hif_usb_suspend)(ath9k_hif_usb_driver_group1,ldvarg101);
1628 ldv_state_variable_13 = 3;
1629 }
1630 }
1631 break;
1632 case 4:{
1633 /*DEG-state: state 3 (look at corresponding state-chart diagram for details)*/
1634 if(ldv_state_variable_13 == 3){
1635 /*DEG-CALL: handler resume from ath9k_hif_usb_driver*/
1636 ldv_retval_9=(& ath9k_hif_usb_resume)(ath9k_hif_usb_driver_group1);
1637 if(ldv_retval_9==0){
1638 ldv_state_variable_13 = 2;
1639 }
1640 }
1641 }
1642 break;
1643 default: ldv_assume(0);
1644 }
1645
1646 };
1647
1648
1649 void ldv_main_exported_14(void){
1650 void *ldvarg86;
1651 struct sk_buff *ldvarg87;
1652 void *ldvarg90;
1653 void *ldvarg89;
1654 u8 ldvarg88;
1655 u8 ldvarg84;
1656 void *ldvarg85;
1657 /*DEG-struct: handlers from structure hif_usb*/
1658 switch(__VERIFIER_nondet_int()){
1659 case 0:{
1660 /*DEG-state: state 1 (look at corresponding state-chart diagram for details)*/
1661 if(ldv_state_variable_14 == 1){
1662 /*DEG-CALL: handler start from hif_usb*/
1663 (& hif_usb_start)(ldvarg90);
1664 /*DEG-postcall: get module*/
1665 ldv_state_variable_14 = 2;
1666 ref_cnt++;
1667 }
1668 }
1669 break;
1670 case 1:{
1671 /*DEG-state: state 1 (look at corresponding state-chart diagram for details)*/
1672 if(ldv_state_variable_14 == 1){
1673 /*DEG-CALL: handler send from hif_usb*/
1674 (& hif_usb_send)(ldvarg89,ldvarg88,ldvarg87);
1675 /*DEG-postcall: default*/
1676 ldv_state_variable_14 = 1;
1677 }
1678 /*DEG-state: state 2 (look at corresponding state-chart diagram for details)*/
1679 if(ldv_state_variable_14 == 2){
1680 /*DEG-CALL: handler send from hif_usb*/
1681 (& hif_usb_send)(ldvarg89,ldvarg88,ldvarg87);
1682 /*DEG-postcall: default*/
1683 ldv_state_variable_14 = 2;
1684 }
1685 }
1686 break;
1687 case 2:{
1688 /*DEG-state: state 2 (look at corresponding state-chart diagram for details)*/
1689 if(ldv_state_variable_14 == 2){
1690 /*DEG-CALL: handler stop from hif_usb*/
1691 (& hif_usb_stop)(ldvarg86);
1692 /*DEG-postcall: module put*/
1693 ldv_state_variable_14 = 1;
1694 ref_cnt--;
1695 }
1696 }
1697 break;
1698 case 3:{
1699 /*DEG-state: state 1 (look at corresponding state-chart diagram for details)*/
1700 if(ldv_state_variable_14 == 1){
1701 /*DEG-CALL: handler sta_drain from hif_usb*/
1702 (& hif_usb_sta_drain)(ldvarg85,ldvarg84);
1703 /*DEG-postcall: default*/
1704 ldv_state_variable_14 = 1;
1705 }
1706 /*DEG-state: state 2 (look at corresponding state-chart diagram for details)*/
1707 if(ldv_state_variable_14 == 2){
1708 /*DEG-CALL: handler sta_drain from hif_usb*/
1709 (& hif_usb_sta_drain)(ldvarg85,ldvarg84);
1710 /*DEG-postcall: default*/
1711 ldv_state_variable_14 = 2;
1712 }
1713 }
1714 break;
1715 default: ldv_assume(0);
1716 }
1717
1718 }; 1 /*
2 * Copyright (c) 2010-2011 Atheros Communications Inc.
3 *
4 * Permission to use, copy, modify, and/or distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice appear in all copies.
7 *
8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15 */
16
17 #include "htc.h"
18
19 #define FUDGE 2
20
21 void ath9k_htc_beaconq_config(struct ath9k_htc_priv *priv)
22 {
23 struct ath_hw *ah = priv->ah;
24 struct ath9k_tx_queue_info qi, qi_be;
25
26 memset(&qi, 0, sizeof(struct ath9k_tx_queue_info));
27 memset(&qi_be, 0, sizeof(struct ath9k_tx_queue_info));
28
29 ath9k_hw_get_txq_props(ah, priv->beacon.beaconq, &qi);
30
31 if (priv->ah->opmode == NL80211_IFTYPE_AP ||
32 priv->ah->opmode == NL80211_IFTYPE_MESH_POINT) {
33 qi.tqi_aifs = 1;
34 qi.tqi_cwmin = 0;
35 qi.tqi_cwmax = 0;
36 } else if (priv->ah->opmode == NL80211_IFTYPE_ADHOC) {
37 int qnum = priv->hwq_map[IEEE80211_AC_BE];
38
39 ath9k_hw_get_txq_props(ah, qnum, &qi_be);
40
41 qi.tqi_aifs = qi_be.tqi_aifs;
42
43 /*
44 * For WIFI Beacon Distribution
45 * Long slot time : 2x cwmin
46 * Short slot time : 4x cwmin
47 */
48 if (ah->slottime == ATH9K_SLOT_TIME_20)
49 qi.tqi_cwmin = 2*qi_be.tqi_cwmin;
50 else
51 qi.tqi_cwmin = 4*qi_be.tqi_cwmin;
52
53 qi.tqi_cwmax = qi_be.tqi_cwmax;
54
55 }
56
57 if (!ath9k_hw_set_txq_props(ah, priv->beacon.beaconq, &qi)) {
58 ath_err(ath9k_hw_common(ah),
59 "Unable to update beacon queue %u!\n", priv->beacon.beaconq);
60 } else {
61 ath9k_hw_resettxqueue(ah, priv->beacon.beaconq);
62 }
63 }
64
65 /*
66 * Both nexttbtt and intval have to be in usecs.
67 */
68 static void ath9k_htc_beacon_init(struct ath9k_htc_priv *priv,
69 struct ath_beacon_config *conf,
70 bool reset_tsf)
71 {
72 struct ath_hw *ah = priv->ah;
73 int ret __attribute__ ((unused));
74 __be32 htc_imask = 0;
75 u8 cmd_rsp;
76
77 if (conf->intval >= TU_TO_USEC(DEFAULT_SWBA_RESPONSE))
78 ah->config.sw_beacon_response_time = DEFAULT_SWBA_RESPONSE;
79 else
80 ah->config.sw_beacon_response_time = MIN_SWBA_RESPONSE;
81
82 WMI_CMD(WMI_DISABLE_INTR_CMDID);
83 if (reset_tsf)
84 ath9k_hw_reset_tsf(ah);
85 ath9k_htc_beaconq_config(priv);
86 ath9k_hw_beaconinit(ah, conf->nexttbtt, conf->intval);
87 priv->beacon.bmisscnt = 0;
88 htc_imask = cpu_to_be32(ah->imask);
89 WMI_CMD_BUF(WMI_ENABLE_INTR_CMDID, &htc_imask);
90 }
91
92 static void ath9k_htc_beacon_config_sta(struct ath9k_htc_priv *priv,
93 struct ath_beacon_config *bss_conf)
94 {
95 struct ath9k_beacon_state bs;
96 enum ath9k_int imask = 0;
97 __be32 htc_imask = 0;
98 int ret __attribute__ ((unused));
99 u8 cmd_rsp;
100
101 if (ath9k_cmn_beacon_config_sta(priv->ah, bss_conf, &bs) == -EPERM)
102 return;
103
104 WMI_CMD(WMI_DISABLE_INTR_CMDID);
105 ath9k_hw_set_sta_beacon_timers(priv->ah, &bs);
106 imask |= ATH9K_INT_BMISS;
107 htc_imask = cpu_to_be32(imask);
108 WMI_CMD_BUF(WMI_ENABLE_INTR_CMDID, &htc_imask);
109 }
110
111 static void ath9k_htc_beacon_config_ap(struct ath9k_htc_priv *priv,
112 struct ath_beacon_config *conf)
113 {
114 struct ath_hw *ah = priv->ah;
115 ah->imask = 0;
116
117 ath9k_cmn_beacon_config_ap(ah, conf, ATH9K_HTC_MAX_BCN_VIF);
118 ath9k_htc_beacon_init(priv, conf, false);
119 }
120
121 static void ath9k_htc_beacon_config_adhoc(struct ath9k_htc_priv *priv,
122 struct ath_beacon_config *conf)
123 {
124 struct ath_hw *ah = priv->ah;
125 ah->imask = 0;
126
127 ath9k_cmn_beacon_config_adhoc(ah, conf);
128 ath9k_htc_beacon_init(priv, conf, conf->ibss_creator);
129 }
130
131 void ath9k_htc_beaconep(void *drv_priv, struct sk_buff *skb,
132 enum htc_endpoint_id ep_id, bool txok)
133 {
134 dev_kfree_skb_any(skb);
135 }
136
137 static void ath9k_htc_send_buffered(struct ath9k_htc_priv *priv,
138 int slot)
139 {
140 struct ath_common *common = ath9k_hw_common(priv->ah);
141 struct ieee80211_vif *vif;
142 struct sk_buff *skb;
143 struct ieee80211_hdr *hdr;
144 int padpos, padsize, ret, tx_slot;
145
146 spin_lock_bh(&priv->beacon_lock);
147
148 vif = priv->beacon.bslot[slot];
149
150 skb = ieee80211_get_buffered_bc(priv->hw, vif);
151
152 while(skb) {
153 hdr = (struct ieee80211_hdr *) skb->data;
154
155 padpos = ieee80211_hdrlen(hdr->frame_control);
156 padsize = padpos & 3;
157 if (padsize && skb->len > padpos) {
158 if (skb_headroom(skb) < padsize) {
159 dev_kfree_skb_any(skb);
160 goto next;
161 }
162 skb_push(skb, padsize);
163 memmove(skb->data, skb->data + padsize, padpos);
164 }
165
166 tx_slot = ath9k_htc_tx_get_slot(priv);
167 if (tx_slot < 0) {
168 ath_dbg(common, XMIT, "No free CAB slot\n");
169 dev_kfree_skb_any(skb);
170 goto next;
171 }
172
173 ret = ath9k_htc_tx_start(priv, NULL, skb, tx_slot, true);
174 if (ret != 0) {
175 ath9k_htc_tx_clear_slot(priv, tx_slot);
176 dev_kfree_skb_any(skb);
177
178 ath_dbg(common, XMIT, "Failed to send CAB frame\n");
179 } else {
180 spin_lock_bh(&priv->tx.tx_lock);
181 priv->tx.queued_cnt++;
182 spin_unlock_bh(&priv->tx.tx_lock);
183 }
184 next:
185 skb = ieee80211_get_buffered_bc(priv->hw, vif);
186 }
187
188 spin_unlock_bh(&priv->beacon_lock);
189 }
190
191 static void ath9k_htc_send_beacon(struct ath9k_htc_priv *priv,
192 int slot)
193 {
194 struct ath_common *common = ath9k_hw_common(priv->ah);
195 struct ieee80211_vif *vif;
196 struct ath9k_htc_vif *avp;
197 struct tx_beacon_header beacon_hdr;
198 struct ath9k_htc_tx_ctl *tx_ctl;
199 struct ieee80211_tx_info *info;
200 struct ieee80211_mgmt *mgmt;
201 struct sk_buff *beacon;
202 u8 *tx_fhdr;
203 int ret;
204
205 memset(&beacon_hdr, 0, sizeof(struct tx_beacon_header));
206
207 spin_lock_bh(&priv->beacon_lock);
208
209 vif = priv->beacon.bslot[slot];
210 avp = (struct ath9k_htc_vif *)vif->drv_priv;
211
212 if (unlikely(test_bit(ATH_OP_SCANNING, &common->op_flags))) {
213 spin_unlock_bh(&priv->beacon_lock);
214 return;
215 }
216
217 /* Get a new beacon */
218 beacon = ieee80211_beacon_get(priv->hw, vif);
219 if (!beacon) {
220 spin_unlock_bh(&priv->beacon_lock);
221 return;
222 }
223
224 /*
225 * Update the TSF adjust value here, the HW will
226 * add this value for every beacon.
227 */
228 mgmt = (struct ieee80211_mgmt *)beacon->data;
229 mgmt->u.beacon.timestamp = avp->tsfadjust;
230
231 info = IEEE80211_SKB_CB(beacon);
232 if (info->flags & IEEE80211_TX_CTL_ASSIGN_SEQ) {
233 struct ieee80211_hdr *hdr =
234 (struct ieee80211_hdr *) beacon->data;
235 avp->seq_no += 0x10;
236 hdr->seq_ctrl &= cpu_to_le16(IEEE80211_SCTL_FRAG);
237 hdr->seq_ctrl |= cpu_to_le16(avp->seq_no);
238 }
239
240 tx_ctl = HTC_SKB_CB(beacon);
241 memset(tx_ctl, 0, sizeof(*tx_ctl));
242
243 tx_ctl->type = ATH9K_HTC_BEACON;
244 tx_ctl->epid = priv->beacon_ep;
245
246 beacon_hdr.vif_index = avp->index;
247 tx_fhdr = skb_push(beacon, sizeof(beacon_hdr));
248 memcpy(tx_fhdr, (u8 *) &beacon_hdr, sizeof(beacon_hdr));
249
250 ret = htc_send(priv->htc, beacon);
251 if (ret != 0) {
252 if (ret == -ENOMEM) {
253 ath_dbg(common, BSTUCK,
254 "Failed to send beacon, no free TX buffer\n");
255 }
256 dev_kfree_skb_any(beacon);
257 }
258
259 spin_unlock_bh(&priv->beacon_lock);
260
261 ath9k_htc_csa_is_finished(priv);
262 }
263
264 static int ath9k_htc_choose_bslot(struct ath9k_htc_priv *priv,
265 struct wmi_event_swba *swba)
266 {
267 struct ath_common *common = ath9k_hw_common(priv->ah);
268 u64 tsf;
269 u32 tsftu;
270 u16 intval;
271 int slot;
272
273 intval = priv->cur_beacon_conf.beacon_interval;
274
275 tsf = be64_to_cpu(swba->tsf);
276 tsftu = TSF_TO_TU(tsf >> 32, tsf);
277 slot = ((tsftu % intval) * ATH9K_HTC_MAX_BCN_VIF) / intval;
278 slot = ATH9K_HTC_MAX_BCN_VIF - slot - 1;
279
280 ath_dbg(common, BEACON,
281 "Choose slot: %d, tsf: %llu, tsftu: %u, intval: %u\n",
282 slot, tsf, tsftu, intval);
283
284 return slot;
285 }
286
287 void ath9k_htc_swba(struct ath9k_htc_priv *priv,
288 struct wmi_event_swba *swba)
289 {
290 struct ath_common *common = ath9k_hw_common(priv->ah);
291 int slot;
292
293 if (swba->beacon_pending != 0) {
294 priv->beacon.bmisscnt++;
295 if (priv->beacon.bmisscnt > BSTUCK_THRESHOLD) {
296 ath_dbg(common, BSTUCK, "Beacon stuck, HW reset\n");
297 ieee80211_queue_work(priv->hw,
298 &priv->fatal_work);
299 }
300 return;
301 }
302
303 if (priv->beacon.bmisscnt) {
304 ath_dbg(common, BSTUCK,
305 "Resuming beacon xmit after %u misses\n",
306 priv->beacon.bmisscnt);
307 priv->beacon.bmisscnt = 0;
308 }
309
310 slot = ath9k_htc_choose_bslot(priv, swba);
311 spin_lock_bh(&priv->beacon_lock);
312 if (priv->beacon.bslot[slot] == NULL) {
313 spin_unlock_bh(&priv->beacon_lock);
314 return;
315 }
316 spin_unlock_bh(&priv->beacon_lock);
317
318 ath9k_htc_send_buffered(priv, slot);
319 ath9k_htc_send_beacon(priv, slot);
320 }
321
322 void ath9k_htc_assign_bslot(struct ath9k_htc_priv *priv,
323 struct ieee80211_vif *vif)
324 {
325 struct ath_common *common = ath9k_hw_common(priv->ah);
326 struct ath9k_htc_vif *avp = (struct ath9k_htc_vif *)vif->drv_priv;
327 int i = 0;
328
329 spin_lock_bh(&priv->beacon_lock);
330 for (i = 0; i < ATH9K_HTC_MAX_BCN_VIF; i++) {
331 if (priv->beacon.bslot[i] == NULL) {
332 avp->bslot = i;
333 break;
334 }
335 }
336
337 priv->beacon.bslot[avp->bslot] = vif;
338 spin_unlock_bh(&priv->beacon_lock);
339
340 ath_dbg(common, CONFIG, "Added interface at beacon slot: %d\n",
341 avp->bslot);
342 }
343
344 void ath9k_htc_remove_bslot(struct ath9k_htc_priv *priv,
345 struct ieee80211_vif *vif)
346 {
347 struct ath_common *common = ath9k_hw_common(priv->ah);
348 struct ath9k_htc_vif *avp = (struct ath9k_htc_vif *)vif->drv_priv;
349
350 spin_lock_bh(&priv->beacon_lock);
351 priv->beacon.bslot[avp->bslot] = NULL;
352 spin_unlock_bh(&priv->beacon_lock);
353
354 ath_dbg(common, CONFIG, "Removed interface at beacon slot: %d\n",
355 avp->bslot);
356 }
357
358 /*
359 * Calculate the TSF adjustment value for all slots
360 * other than zero.
361 */
362 void ath9k_htc_set_tsfadjust(struct ath9k_htc_priv *priv,
363 struct ieee80211_vif *vif)
364 {
365 struct ath_common *common = ath9k_hw_common(priv->ah);
366 struct ath9k_htc_vif *avp = (struct ath9k_htc_vif *)vif->drv_priv;
367 struct ath_beacon_config *cur_conf = &priv->cur_beacon_conf;
368 u64 tsfadjust;
369
370 if (avp->bslot == 0)
371 return;
372
373 /*
374 * The beacon interval cannot be different for multi-AP mode,
375 * and we reach here only for VIF slots greater than zero,
376 * so beacon_interval is guaranteed to be set in cur_conf.
377 */
378 tsfadjust = cur_conf->beacon_interval * avp->bslot / ATH9K_HTC_MAX_BCN_VIF;
379 avp->tsfadjust = cpu_to_le64(TU_TO_USEC(tsfadjust));
380
381 ath_dbg(common, CONFIG, "tsfadjust is: %llu for bslot: %d\n",
382 (unsigned long long)tsfadjust, avp->bslot);
383 }
384
385 static void ath9k_htc_beacon_iter(void *data, u8 *mac, struct ieee80211_vif *vif)
386 {
387 bool *beacon_configured = (bool *)data;
388 struct ath9k_htc_vif *avp = (struct ath9k_htc_vif *) vif->drv_priv;
389
390 if (vif->type == NL80211_IFTYPE_STATION &&
391 avp->beacon_configured)
392 *beacon_configured = true;
393 }
394
395 static bool ath9k_htc_check_beacon_config(struct ath9k_htc_priv *priv,
396 struct ieee80211_vif *vif)
397 {
398 struct ath_common *common = ath9k_hw_common(priv->ah);
399 struct ath_beacon_config *cur_conf = &priv->cur_beacon_conf;
400 struct ieee80211_bss_conf *bss_conf = &vif->bss_conf;
401 bool beacon_configured;
402
403 /*
404 * Changing the beacon interval when multiple AP interfaces
405 * are configured will affect beacon transmission of all
406 * of them.
407 */
408 if ((priv->ah->opmode == NL80211_IFTYPE_AP) &&
409 (priv->num_ap_vif > 1) &&
410 (vif->type == NL80211_IFTYPE_AP) &&
411 (cur_conf->beacon_interval != bss_conf->beacon_int)) {
412 ath_dbg(common, CONFIG,
413 "Changing beacon interval of multiple AP interfaces !\n");
414 return false;
415 }
416
417 /*
418 * If the HW is operating in AP mode, any new station interfaces that
419 * are added cannot change the beacon parameters.
420 */
421 if (priv->num_ap_vif &&
422 (vif->type != NL80211_IFTYPE_AP)) {
423 ath_dbg(common, CONFIG,
424 "HW in AP mode, cannot set STA beacon parameters\n");
425 return false;
426 }
427
428 /*
429 * The beacon parameters are configured only for the first
430 * station interface.
431 */
432 if ((priv->ah->opmode == NL80211_IFTYPE_STATION) &&
433 (priv->num_sta_vif > 1) &&
434 (vif->type == NL80211_IFTYPE_STATION)) {
435 beacon_configured = false;
436 ieee80211_iterate_active_interfaces_atomic(
437 priv->hw, IEEE80211_IFACE_ITER_RESUME_ALL,
438 ath9k_htc_beacon_iter, &beacon_configured);
439
440 if (beacon_configured) {
441 ath_dbg(common, CONFIG,
442 "Beacon already configured for a station interface\n");
443 return false;
444 }
445 }
446
447 return true;
448 }
449
450 void ath9k_htc_beacon_config(struct ath9k_htc_priv *priv,
451 struct ieee80211_vif *vif)
452 {
453 struct ath_common *common = ath9k_hw_common(priv->ah);
454 struct ath_beacon_config *cur_conf = &priv->cur_beacon_conf;
455 struct ieee80211_bss_conf *bss_conf = &vif->bss_conf;
456 struct ath9k_htc_vif *avp = (struct ath9k_htc_vif *) vif->drv_priv;
457
458 if (!ath9k_htc_check_beacon_config(priv, vif))
459 return;
460
461 cur_conf->beacon_interval = bss_conf->beacon_int;
462 if (cur_conf->beacon_interval == 0)
463 cur_conf->beacon_interval = 100;
464
465 cur_conf->dtim_period = bss_conf->dtim_period;
466 cur_conf->bmiss_timeout =
467 ATH_DEFAULT_BMISS_LIMIT * cur_conf->beacon_interval;
468
469 switch (vif->type) {
470 case NL80211_IFTYPE_STATION:
471 ath9k_htc_beacon_config_sta(priv, cur_conf);
472 avp->beacon_configured = true;
473 break;
474 case NL80211_IFTYPE_ADHOC:
475 ath9k_htc_beacon_config_adhoc(priv, cur_conf);
476 break;
477 case NL80211_IFTYPE_MESH_POINT:
478 case NL80211_IFTYPE_AP:
479 ath9k_htc_beacon_config_ap(priv, cur_conf);
480 break;
481 default:
482 ath_dbg(common, CONFIG, "Unsupported beaconing mode\n");
483 return;
484 }
485 }
486
487 void ath9k_htc_beacon_reconfig(struct ath9k_htc_priv *priv)
488 {
489 struct ath_common *common = ath9k_hw_common(priv->ah);
490 struct ath_beacon_config *cur_conf = &priv->cur_beacon_conf;
491
492 switch (priv->ah->opmode) {
493 case NL80211_IFTYPE_STATION:
494 ath9k_htc_beacon_config_sta(priv, cur_conf);
495 break;
496 case NL80211_IFTYPE_ADHOC:
497 ath9k_htc_beacon_config_adhoc(priv, cur_conf);
498 break;
499 case NL80211_IFTYPE_MESH_POINT:
500 case NL80211_IFTYPE_AP:
501 ath9k_htc_beacon_config_ap(priv, cur_conf);
502 break;
503 default:
504 ath_dbg(common, CONFIG, "Unsupported beaconing mode\n");
505 return;
506 }
507 }
508
509 bool ath9k_htc_csa_is_finished(struct ath9k_htc_priv *priv)
510 {
511 struct ieee80211_vif *vif;
512
513 vif = priv->csa_vif;
514 if (!vif || !vif->csa_active)
515 return false;
516
517 if (!ieee80211_csa_is_complete(vif))
518 return false;
519
520 ieee80211_csa_finish(vif);
521
522 priv->csa_vif = NULL;
523 return true;
524 } 1 /*
2 * Copyright (c) 2010-2011 Atheros Communications Inc.
3 *
4 * Permission to use, copy, modify, and/or distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice appear in all copies.
7 *
8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15 */
16
17 #include "htc.h"
18
19 static ssize_t read_file_tgt_int_stats(struct file *file, char __user *user_buf,
20 size_t count, loff_t *ppos)
21 {
22 struct ath9k_htc_priv *priv = file->private_data;
23 struct ath9k_htc_target_int_stats cmd_rsp;
24 char buf[512];
25 unsigned int len = 0;
26 int ret = 0;
27
28 memset(&cmd_rsp, 0, sizeof(cmd_rsp));
29
30 ath9k_htc_ps_wakeup(priv);
31
32 WMI_CMD(WMI_INT_STATS_CMDID);
33 if (ret) {
34 ath9k_htc_ps_restore(priv);
35 return -EINVAL;
36 }
37
38 ath9k_htc_ps_restore(priv);
39
40 len += scnprintf(buf + len, sizeof(buf) - len,
41 "%20s : %10u\n", "RX",
42 be32_to_cpu(cmd_rsp.rx));
43
44 len += scnprintf(buf + len, sizeof(buf) - len,
45 "%20s : %10u\n", "RXORN",
46 be32_to_cpu(cmd_rsp.rxorn));
47
48 len += scnprintf(buf + len, sizeof(buf) - len,
49 "%20s : %10u\n", "RXEOL",
50 be32_to_cpu(cmd_rsp.rxeol));
51
52 len += scnprintf(buf + len, sizeof(buf) - len,
53 "%20s : %10u\n", "TXURN",
54 be32_to_cpu(cmd_rsp.txurn));
55
56 len += scnprintf(buf + len, sizeof(buf) - len,
57 "%20s : %10u\n", "TXTO",
58 be32_to_cpu(cmd_rsp.txto));
59
60 len += scnprintf(buf + len, sizeof(buf) - len,
61 "%20s : %10u\n", "CST",
62 be32_to_cpu(cmd_rsp.cst));
63
64 if (len > sizeof(buf))
65 len = sizeof(buf);
66
67 return simple_read_from_buffer(user_buf, count, ppos, buf, len);
68 }
69
70 static const struct file_operations fops_tgt_int_stats = {
71 .read = read_file_tgt_int_stats,
72 .open = simple_open,
73 .owner = THIS_MODULE,
74 .llseek = default_llseek,
75 };
76
77 static ssize_t read_file_tgt_tx_stats(struct file *file, char __user *user_buf,
78 size_t count, loff_t *ppos)
79 {
80 struct ath9k_htc_priv *priv = file->private_data;
81 struct ath9k_htc_target_tx_stats cmd_rsp;
82 char buf[512];
83 unsigned int len = 0;
84 int ret = 0;
85
86 memset(&cmd_rsp, 0, sizeof(cmd_rsp));
87
88 ath9k_htc_ps_wakeup(priv);
89
90 WMI_CMD(WMI_TX_STATS_CMDID);
91 if (ret) {
92 ath9k_htc_ps_restore(priv);
93 return -EINVAL;
94 }
95
96 ath9k_htc_ps_restore(priv);
97
98 len += scnprintf(buf + len, sizeof(buf) - len,
99 "%20s : %10u\n", "Xretries",
100 be32_to_cpu(cmd_rsp.xretries));
101
102 len += scnprintf(buf + len, sizeof(buf) - len,
103 "%20s : %10u\n", "FifoErr",
104 be32_to_cpu(cmd_rsp.fifoerr));
105
106 len += scnprintf(buf + len, sizeof(buf) - len,
107 "%20s : %10u\n", "Filtered",
108 be32_to_cpu(cmd_rsp.filtered));
109
110 len += scnprintf(buf + len, sizeof(buf) - len,
111 "%20s : %10u\n", "TimerExp",
112 be32_to_cpu(cmd_rsp.timer_exp));
113
114 len += scnprintf(buf + len, sizeof(buf) - len,
115 "%20s : %10u\n", "ShortRetries",
116 be32_to_cpu(cmd_rsp.shortretries));
117
118 len += scnprintf(buf + len, sizeof(buf) - len,
119 "%20s : %10u\n", "LongRetries",
120 be32_to_cpu(cmd_rsp.longretries));
121
122 len += scnprintf(buf + len, sizeof(buf) - len,
123 "%20s : %10u\n", "QueueNull",
124 be32_to_cpu(cmd_rsp.qnull));
125
126 len += scnprintf(buf + len, sizeof(buf) - len,
127 "%20s : %10u\n", "EncapFail",
128 be32_to_cpu(cmd_rsp.encap_fail));
129
130 len += scnprintf(buf + len, sizeof(buf) - len,
131 "%20s : %10u\n", "NoBuf",
132 be32_to_cpu(cmd_rsp.nobuf));
133
134 if (len > sizeof(buf))
135 len = sizeof(buf);
136
137 return simple_read_from_buffer(user_buf, count, ppos, buf, len);
138 }
139
140 static const struct file_operations fops_tgt_tx_stats = {
141 .read = read_file_tgt_tx_stats,
142 .open = simple_open,
143 .owner = THIS_MODULE,
144 .llseek = default_llseek,
145 };
146
147 static ssize_t read_file_tgt_rx_stats(struct file *file, char __user *user_buf,
148 size_t count, loff_t *ppos)
149 {
150 struct ath9k_htc_priv *priv = file->private_data;
151 struct ath9k_htc_target_rx_stats cmd_rsp;
152 char buf[512];
153 unsigned int len = 0;
154 int ret = 0;
155
156 memset(&cmd_rsp, 0, sizeof(cmd_rsp));
157
158 ath9k_htc_ps_wakeup(priv);
159
160 WMI_CMD(WMI_RX_STATS_CMDID);
161 if (ret) {
162 ath9k_htc_ps_restore(priv);
163 return -EINVAL;
164 }
165
166 ath9k_htc_ps_restore(priv);
167
168 len += scnprintf(buf + len, sizeof(buf) - len,
169 "%20s : %10u\n", "NoBuf",
170 be32_to_cpu(cmd_rsp.nobuf));
171
172 len += scnprintf(buf + len, sizeof(buf) - len,
173 "%20s : %10u\n", "HostSend",
174 be32_to_cpu(cmd_rsp.host_send));
175
176 len += scnprintf(buf + len, sizeof(buf) - len,
177 "%20s : %10u\n", "HostDone",
178 be32_to_cpu(cmd_rsp.host_done));
179
180 if (len > sizeof(buf))
181 len = sizeof(buf);
182
183 return simple_read_from_buffer(user_buf, count, ppos, buf, len);
184 }
185
186 static const struct file_operations fops_tgt_rx_stats = {
187 .read = read_file_tgt_rx_stats,
188 .open = simple_open,
189 .owner = THIS_MODULE,
190 .llseek = default_llseek,
191 };
192
193 static ssize_t read_file_xmit(struct file *file, char __user *user_buf,
194 size_t count, loff_t *ppos)
195 {
196 struct ath9k_htc_priv *priv = file->private_data;
197 char buf[512];
198 unsigned int len = 0;
199
200 len += scnprintf(buf + len, sizeof(buf) - len,
201 "%20s : %10u\n", "Buffers queued",
202 priv->debug.tx_stats.buf_queued);
203 len += scnprintf(buf + len, sizeof(buf) - len,
204 "%20s : %10u\n", "Buffers completed",
205 priv->debug.tx_stats.buf_completed);
206 len += scnprintf(buf + len, sizeof(buf) - len,
207 "%20s : %10u\n", "SKBs queued",
208 priv->debug.tx_stats.skb_queued);
209 len += scnprintf(buf + len, sizeof(buf) - len,
210 "%20s : %10u\n", "SKBs success",
211 priv->debug.tx_stats.skb_success);
212 len += scnprintf(buf + len, sizeof(buf) - len,
213 "%20s : %10u\n", "SKBs failed",
214 priv->debug.tx_stats.skb_failed);
215 len += scnprintf(buf + len, sizeof(buf) - len,
216 "%20s : %10u\n", "CAB queued",
217 priv->debug.tx_stats.cab_queued);
218
219 len += scnprintf(buf + len, sizeof(buf) - len,
220 "%20s : %10u\n", "BE queued",
221 priv->debug.tx_stats.queue_stats[IEEE80211_AC_BE]);
222 len += scnprintf(buf + len, sizeof(buf) - len,
223 "%20s : %10u\n", "BK queued",
224 priv->debug.tx_stats.queue_stats[IEEE80211_AC_BK]);
225 len += scnprintf(buf + len, sizeof(buf) - len,
226 "%20s : %10u\n", "VI queued",
227 priv->debug.tx_stats.queue_stats[IEEE80211_AC_VI]);
228 len += scnprintf(buf + len, sizeof(buf) - len,
229 "%20s : %10u\n", "VO queued",
230 priv->debug.tx_stats.queue_stats[IEEE80211_AC_VO]);
231
232 if (len > sizeof(buf))
233 len = sizeof(buf);
234
235 return simple_read_from_buffer(user_buf, count, ppos, buf, len);
236 }
237
238 static const struct file_operations fops_xmit = {
239 .read = read_file_xmit,
240 .open = simple_open,
241 .owner = THIS_MODULE,
242 .llseek = default_llseek,
243 };
244
245 void ath9k_htc_err_stat_rx(struct ath9k_htc_priv *priv,
246 struct ath_rx_status *rs)
247 {
248 ath9k_cmn_debug_stat_rx(&priv->debug.rx_stats, rs);
249 }
250
251 static ssize_t read_file_skb_rx(struct file *file, char __user *user_buf,
252 size_t count, loff_t *ppos)
253 {
254 struct ath9k_htc_priv *priv = file->private_data;
255 char *buf;
256 unsigned int len = 0, size = 1500;
257 ssize_t retval = 0;
258
259 buf = kzalloc(size, GFP_KERNEL);
260 if (buf == NULL)
261 return -ENOMEM;
262
263 len += scnprintf(buf + len, size - len,
264 "%20s : %10u\n", "SKBs allocated",
265 priv->debug.skbrx_stats.skb_allocated);
266 len += scnprintf(buf + len, size - len,
267 "%20s : %10u\n", "SKBs completed",
268 priv->debug.skbrx_stats.skb_completed);
269 len += scnprintf(buf + len, size - len,
270 "%20s : %10u\n", "SKBs Dropped",
271 priv->debug.skbrx_stats.skb_dropped);
272
273 if (len > size)
274 len = size;
275
276 retval = simple_read_from_buffer(user_buf, count, ppos, buf, len);
277 kfree(buf);
278
279 return retval;
280 }
281
282 static const struct file_operations fops_skb_rx = {
283 .read = read_file_skb_rx,
284 .open = simple_open,
285 .owner = THIS_MODULE,
286 .llseek = default_llseek,
287 };
288
289 static ssize_t read_file_slot(struct file *file, char __user *user_buf,
290 size_t count, loff_t *ppos)
291 {
292 struct ath9k_htc_priv *priv = file->private_data;
293 char buf[512];
294 unsigned int len;
295
296 spin_lock_bh(&priv->tx.tx_lock);
297 len = scnprintf(buf, sizeof(buf),
298 "TX slot bitmap : %*pb\n"
299 "Used slots : %d\n",
300 MAX_TX_BUF_NUM, priv->tx.tx_slot,
301 bitmap_weight(priv->tx.tx_slot, MAX_TX_BUF_NUM));
302 spin_unlock_bh(&priv->tx.tx_lock);
303 return simple_read_from_buffer(user_buf, count, ppos, buf, len);
304 }
305
306 static const struct file_operations fops_slot = {
307 .read = read_file_slot,
308 .open = simple_open,
309 .owner = THIS_MODULE,
310 .llseek = default_llseek,
311 };
312
313 static ssize_t read_file_queue(struct file *file, char __user *user_buf,
314 size_t count, loff_t *ppos)
315 {
316 struct ath9k_htc_priv *priv = file->private_data;
317 char buf[512];
318 unsigned int len = 0;
319
320 len += scnprintf(buf + len, sizeof(buf) - len, "%20s : %10u\n",
321 "Mgmt endpoint", skb_queue_len(&priv->tx.mgmt_ep_queue));
322
323 len += scnprintf(buf + len, sizeof(buf) - len, "%20s : %10u\n",
324 "Cab endpoint", skb_queue_len(&priv->tx.cab_ep_queue));
325
326 len += scnprintf(buf + len, sizeof(buf) - len, "%20s : %10u\n",
327 "Data BE endpoint", skb_queue_len(&priv->tx.data_be_queue));
328
329 len += scnprintf(buf + len, sizeof(buf) - len, "%20s : %10u\n",
330 "Data BK endpoint", skb_queue_len(&priv->tx.data_bk_queue));
331
332 len += scnprintf(buf + len, sizeof(buf) - len, "%20s : %10u\n",
333 "Data VI endpoint", skb_queue_len(&priv->tx.data_vi_queue));
334
335 len += scnprintf(buf + len, sizeof(buf) - len, "%20s : %10u\n",
336 "Data VO endpoint", skb_queue_len(&priv->tx.data_vo_queue));
337
338 len += scnprintf(buf + len, sizeof(buf) - len, "%20s : %10u\n",
339 "Failed queue", skb_queue_len(&priv->tx.tx_failed));
340
341 spin_lock_bh(&priv->tx.tx_lock);
342 len += scnprintf(buf + len, sizeof(buf) - len, "%20s : %10u\n",
343 "Queued count", priv->tx.queued_cnt);
344 spin_unlock_bh(&priv->tx.tx_lock);
345
346 if (len > sizeof(buf))
347 len = sizeof(buf);
348
349 return simple_read_from_buffer(user_buf, count, ppos, buf, len);
350
351 }
352
353 static const struct file_operations fops_queue = {
354 .read = read_file_queue,
355 .open = simple_open,
356 .owner = THIS_MODULE,
357 .llseek = default_llseek,
358 };
359
360 static ssize_t read_file_debug(struct file *file, char __user *user_buf,
361 size_t count, loff_t *ppos)
362 {
363 struct ath9k_htc_priv *priv = file->private_data;
364 struct ath_common *common = ath9k_hw_common(priv->ah);
365 char buf[32];
366 unsigned int len;
367
368 len = sprintf(buf, "0x%08x\n", common->debug_mask);
369 return simple_read_from_buffer(user_buf, count, ppos, buf, len);
370 }
371
372 static ssize_t write_file_debug(struct file *file, const char __user *user_buf,
373 size_t count, loff_t *ppos)
374 {
375 struct ath9k_htc_priv *priv = file->private_data;
376 struct ath_common *common = ath9k_hw_common(priv->ah);
377 unsigned long mask;
378 char buf[32];
379 ssize_t len;
380
381 len = min(count, sizeof(buf) - 1);
382 if (copy_from_user(buf, user_buf, len))
383 return -EFAULT;
384
385 buf[len] = '\0';
386 if (kstrtoul(buf, 0, &mask))
387 return -EINVAL;
388
389 common->debug_mask = mask;
390 return count;
391 }
392
393 static const struct file_operations fops_debug = {
394 .read = read_file_debug,
395 .write = write_file_debug,
396 .open = simple_open,
397 .owner = THIS_MODULE,
398 .llseek = default_llseek,
399 };
400
401 /* Ethtool support for get-stats */
402 #define AMKSTR(nm) #nm "_BE", #nm "_BK", #nm "_VI", #nm "_VO"
403 static const char ath9k_htc_gstrings_stats[][ETH_GSTRING_LEN] = {
404 "tx_pkts_nic",
405 "tx_bytes_nic",
406 "rx_pkts_nic",
407 "rx_bytes_nic",
408
409 AMKSTR(d_tx_pkts),
410
411 "d_rx_crc_err",
412 "d_rx_decrypt_crc_err",
413 "d_rx_phy_err",
414 "d_rx_mic_err",
415 "d_rx_pre_delim_crc_err",
416 "d_rx_post_delim_crc_err",
417 "d_rx_decrypt_busy_err",
418
419 "d_rx_phyerr_radar",
420 "d_rx_phyerr_ofdm_timing",
421 "d_rx_phyerr_cck_timing",
422
423 };
424 #define ATH9K_HTC_SSTATS_LEN ARRAY_SIZE(ath9k_htc_gstrings_stats)
425
426 void ath9k_htc_get_et_strings(struct ieee80211_hw *hw,
427 struct ieee80211_vif *vif,
428 u32 sset, u8 *data)
429 {
430 if (sset == ETH_SS_STATS)
431 memcpy(data, *ath9k_htc_gstrings_stats,
432 sizeof(ath9k_htc_gstrings_stats));
433 }
434
435 int ath9k_htc_get_et_sset_count(struct ieee80211_hw *hw,
436 struct ieee80211_vif *vif, int sset)
437 {
438 if (sset == ETH_SS_STATS)
439 return ATH9K_HTC_SSTATS_LEN;
440 return 0;
441 }
442
443 #define STXBASE priv->debug.tx_stats
444 #define SRXBASE priv->debug.rx_stats
445 #define SKBTXBASE priv->debug.tx_stats
446 #define SKBRXBASE priv->debug.skbrx_stats
447 #define ASTXQ(a) \
448 data[i++] = STXBASE.a[IEEE80211_AC_BE]; \
449 data[i++] = STXBASE.a[IEEE80211_AC_BK]; \
450 data[i++] = STXBASE.a[IEEE80211_AC_VI]; \
451 data[i++] = STXBASE.a[IEEE80211_AC_VO]
452
453 void ath9k_htc_get_et_stats(struct ieee80211_hw *hw,
454 struct ieee80211_vif *vif,
455 struct ethtool_stats *stats, u64 *data)
456 {
457 struct ath9k_htc_priv *priv = hw->priv;
458 int i = 0;
459
460 data[i++] = SKBTXBASE.skb_success;
461 data[i++] = SKBTXBASE.skb_success_bytes;
462 data[i++] = SKBRXBASE.skb_completed;
463 data[i++] = SKBRXBASE.skb_completed_bytes;
464
465 ASTXQ(queue_stats);
466
467 data[i++] = SRXBASE.crc_err;
468 data[i++] = SRXBASE.decrypt_crc_err;
469 data[i++] = SRXBASE.phy_err;
470 data[i++] = SRXBASE.mic_err;
471 data[i++] = SRXBASE.pre_delim_crc_err;
472 data[i++] = SRXBASE.post_delim_crc_err;
473 data[i++] = SRXBASE.decrypt_busy_err;
474
475 data[i++] = SRXBASE.phy_err_stats[ATH9K_PHYERR_RADAR];
476 data[i++] = SRXBASE.phy_err_stats[ATH9K_PHYERR_OFDM_TIMING];
477 data[i++] = SRXBASE.phy_err_stats[ATH9K_PHYERR_CCK_TIMING];
478
479 WARN_ON(i != ATH9K_HTC_SSTATS_LEN);
480 }
481
482 void ath9k_htc_deinit_debug(struct ath9k_htc_priv *priv)
483 {
484 ath9k_cmn_spectral_deinit_debug(&priv->spec_priv);
485 }
486
487 int ath9k_htc_init_debug(struct ath_hw *ah)
488 {
489 struct ath_common *common = ath9k_hw_common(ah);
490 struct ath9k_htc_priv *priv = (struct ath9k_htc_priv *) common->priv;
491
492 priv->debug.debugfs_phy = debugfs_create_dir(KBUILD_MODNAME,
493 priv->hw->wiphy->debugfsdir);
494 if (!priv->debug.debugfs_phy)
495 return -ENOMEM;
496
497 ath9k_cmn_spectral_init_debug(&priv->spec_priv, priv->debug.debugfs_phy);
498
499 debugfs_create_file("tgt_int_stats", S_IRUSR, priv->debug.debugfs_phy,
500 priv, &fops_tgt_int_stats);
501 debugfs_create_file("tgt_tx_stats", S_IRUSR, priv->debug.debugfs_phy,
502 priv, &fops_tgt_tx_stats);
503 debugfs_create_file("tgt_rx_stats", S_IRUSR, priv->debug.debugfs_phy,
504 priv, &fops_tgt_rx_stats);
505 debugfs_create_file("xmit", S_IRUSR, priv->debug.debugfs_phy,
506 priv, &fops_xmit);
507 debugfs_create_file("skb_rx", S_IRUSR, priv->debug.debugfs_phy,
508 priv, &fops_skb_rx);
509
510 ath9k_cmn_debug_recv(priv->debug.debugfs_phy, &priv->debug.rx_stats);
511 ath9k_cmn_debug_phy_err(priv->debug.debugfs_phy, &priv->debug.rx_stats);
512
513 debugfs_create_file("slot", S_IRUSR, priv->debug.debugfs_phy,
514 priv, &fops_slot);
515 debugfs_create_file("queue", S_IRUSR, priv->debug.debugfs_phy,
516 priv, &fops_queue);
517 debugfs_create_file("debug", S_IRUSR | S_IWUSR, priv->debug.debugfs_phy,
518 priv, &fops_debug);
519
520 ath9k_cmn_debug_base_eeprom(priv->debug.debugfs_phy, priv->ah);
521 ath9k_cmn_debug_modal_eeprom(priv->debug.debugfs_phy, priv->ah);
522
523 return 0;
524 } 1
2 #include <linux/kernel.h>
3 #include <linux/mutex.h>
4 #include <linux/spinlock.h>
5 #include <linux/errno.h>
6 #include <verifier/rcv.h>
7 #include <linux/list.h>
8
9 /* mutexes */
10 extern int mutex_lock_interruptible(struct mutex *lock);
11 extern int mutex_lock_killable(struct mutex *lock);
12 extern void mutex_lock(struct mutex *lock);
13
14 /* mutex model functions */
15 extern void ldv_mutex_lock(struct mutex *lock, char *sign);
16 extern int ldv_mutex_is_locked(struct mutex *lock, char *sign);
17 extern void ldv_mutex_unlock(struct mutex *lock, char *sign);
18
19
20 /* Spin locks */
21 extern void __ldv_spin_lock(spinlock_t *lock);
22 extern void __ldv_spin_unlock(spinlock_t *lock);
23 extern int __ldv_spin_trylock(spinlock_t *lock);
24 extern void __ldv_spin_unlock_wait(spinlock_t *lock);
25 extern void __ldv_spin_can_lock(spinlock_t *lock);
26 extern int __ldv_atomic_dec_and_lock(spinlock_t *lock);
27
28 /* spin model functions */
29 extern void ldv_spin_lock(spinlock_t *lock, char *sign);
30 extern void ldv_spin_unlock(spinlock_t *lock, char *sign);
31 extern int ldv_spin_is_locked(spinlock_t *lock, char *sign);
32
33 /* Support for list binder functions */
34 static inline struct list_head *ldv_list_get_first(struct list_head *head) {
35 return head->next;
36 }
37
38 static inline int ldv_list_is_stop(struct list_head *pos, struct list_head *head) {
39 return pos==head;
40 }
41
42 static inline struct list_head *ldv_list_get_next(struct list_head *pos) {
43 return pos->next;
44 }
45
46 #include <linux/mutex.h>
47 #include <linux/slab.h>
48 #include <verifier/rcv.h>
49 #include <linux/timer.h>
50 #include <linux/rtnetlink.h>
51 #include <linux/gfp.h>
52 extern struct file *fops_xmit_group2;
53 extern int ldv_state_variable_8;
54 extern int ldv_timer_1_3;
55 extern struct ath_common *ath9k_usb_bus_ops_group0;
56 extern struct inode *fops_debug_group1;
57 extern struct inode *fops_queue_group1;
58 extern struct ath_common *ath9k_htc_ps_ops_group0;
59 extern int ldv_state_variable_0;
60 extern int ldv_state_variable_5;
61 extern int ldv_state_variable_13;
62 extern int ldv_state_variable_12;
63 extern struct file *fops_tgt_tx_stats_group2;
64 extern struct file *fops_queue_group2;
65 extern int ldv_state_variable_14;
66 extern int ldv_timer_1_0;
67 extern int ldv_state_variable_9;
68 extern struct inode *fops_tgt_tx_stats_group1;
69 extern struct file *fops_debug_group2;
70 extern int ref_cnt;
71 extern struct mutex key_mtx;
72 extern int ldv_state_variable_1;
73 extern int ldv_state_variable_7;
74 extern struct inode *fops_xmit_group1;
75 extern struct inode *fops_skb_rx_group1;
76 extern struct file *fops_tgt_int_stats_group2;
77 extern struct usb_interface *ath9k_hif_usb_driver_group1;
78 extern struct timer_list * ldv_timer_list_1_3;
79 extern int ldv_state_variable_10;
80 extern struct timer_list * ldv_timer_list_1_1;
81 extern struct timer_list * ldv_timer_list_1_0;
82 extern int ldv_state_variable_6;
83 extern int ldv_timer_1_2;
84 extern int ldv_timer_1_1;
85 extern int ldv_state_variable_2;
86 extern struct timer_list * ldv_timer_list_1_2;
87 extern struct inode *fops_tgt_int_stats_group1;
88 extern struct ieee80211_hw *ath9k_htc_ops_group0;
89 extern int usb_counter;
90 extern int ldv_state_variable_11;
91 extern struct file *fops_slot_group2;
92 extern int LDV_IN_INTERRUPT = 1;
93 extern struct inode *fops_slot_group1;
94 extern struct inode *fops_tgt_rx_stats_group1;
95 extern struct file *fops_tgt_rx_stats_group2;
96 extern struct mutex fs_mutex;
97 extern int ldv_state_variable_3;
98 extern struct mutex ar_mutex;
99 extern struct file *fops_skb_rx_group2;
100 extern int ldv_state_variable_4;
101 extern void ldv_file_operations_7(void);
102 extern void ldv_file_operations_6(void);
103 extern void ldv_file_operations_2(void);
104 extern void activate_pending_timer_1(struct timer_list * timer, unsigned long data, int pending_flag);
105 extern void ldv_initialyze_ath_bus_ops_10(void);
106 extern int evil_hack_12(void);
107 extern void timer_init_1(void);
108 extern void ldv_file_operations_9(void);
109 extern void ldv_usb_driver_13(void);
110 extern void ldv_file_operations_3(void);
111 extern void ldv_file_operations_8(void);
112 extern int reg_timer_1(struct timer_list * timer, void (*function)(unsigned long), unsigned long data);
113 extern void ldv_initialyze_ath_ps_ops_11(void);
114 extern int evil_hack_key_12(void);
115 extern void ldv_initialyze_ieee80211_ops_12(void);
116 extern void disable_suitable_timer_1(struct timer_list * timer);
117 extern void activate_suitable_timer_1(struct timer_list * timer, unsigned long data);
118 extern int evil_hack_fs_lock(void);
119 extern int __VERIFIER_nondet_int(void);
120 extern void ldv_file_operations_5(void);
121 extern void choose_timer_1(void);
122 extern void ldv_timer_1(int state, struct timer_list * timer);
123 extern int evil_hack_ar_lock(void);
124 extern void ldv_file_operations_4(void);
125 #line 1 "/work/ldvuser/andrianov/work/current--X--drivers/net/wireless/ath/ath9k/--X--defaultlinux-4.5-rc7--X--races--X--cpachecker/linux-4.5-rc7/csd_deg_dscv/74/dscv_tempdir/dscv/ri/races/drivers/net/wireless/ath/ath9k/htc_drv_debug.c"
126 /*
127 * Copyright (c) 2010-2011 Atheros Communications Inc.
128 *
129 * Permission to use, copy, modify, and/or distribute this software for any
130 * purpose with or without fee is hereby granted, provided that the above
131 * copyright notice and this permission notice appear in all copies.
132 *
133 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
134 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
135 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
136 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
137 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
138 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
139 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
140 */
141
142 #include "htc.h"
143
144 static ssize_t read_file_tgt_int_stats(struct file *file, char __user *user_buf,
145 size_t count, loff_t *ppos)
146 {
147 struct ath9k_htc_priv *priv = file->private_data;
148 struct ath9k_htc_target_int_stats cmd_rsp;
149 char buf[512];
150 unsigned int len = 0;
151 int ret = 0;
152
153 memset(&cmd_rsp, 0, sizeof(cmd_rsp));
154
155 ath9k_htc_ps_wakeup(priv);
156
157 WMI_CMD(WMI_INT_STATS_CMDID);
158 if (ret) {
159 ath9k_htc_ps_restore(priv);
160 return -EINVAL;
161 }
162
163 ath9k_htc_ps_restore(priv);
164
165 len += scnprintf(buf + len, sizeof(buf) - len,
166 "%20s : %10u\n", "RX",
167 be32_to_cpu(cmd_rsp.rx));
168
169 len += scnprintf(buf + len, sizeof(buf) - len,
170 "%20s : %10u\n", "RXORN",
171 be32_to_cpu(cmd_rsp.rxorn));
172
173 len += scnprintf(buf + len, sizeof(buf) - len,
174 "%20s : %10u\n", "RXEOL",
175 be32_to_cpu(cmd_rsp.rxeol));
176
177 len += scnprintf(buf + len, sizeof(buf) - len,
178 "%20s : %10u\n", "TXURN",
179 be32_to_cpu(cmd_rsp.txurn));
180
181 len += scnprintf(buf + len, sizeof(buf) - len,
182 "%20s : %10u\n", "TXTO",
183 be32_to_cpu(cmd_rsp.txto));
184
185 len += scnprintf(buf + len, sizeof(buf) - len,
186 "%20s : %10u\n", "CST",
187 be32_to_cpu(cmd_rsp.cst));
188
189 if (len > sizeof(buf))
190 len = sizeof(buf);
191
192 return simple_read_from_buffer(user_buf, count, ppos, buf, len);
193 }
194
195 static const struct file_operations fops_tgt_int_stats = {
196 .read = read_file_tgt_int_stats,
197 .open = simple_open,
198 .owner = THIS_MODULE,
199 .llseek = default_llseek,
200 };
201
202 static ssize_t read_file_tgt_tx_stats(struct file *file, char __user *user_buf,
203 size_t count, loff_t *ppos)
204 {
205 struct ath9k_htc_priv *priv = file->private_data;
206 struct ath9k_htc_target_tx_stats cmd_rsp;
207 char buf[512];
208 unsigned int len = 0;
209 int ret = 0;
210
211 memset(&cmd_rsp, 0, sizeof(cmd_rsp));
212
213 ath9k_htc_ps_wakeup(priv);
214
215 WMI_CMD(WMI_TX_STATS_CMDID);
216 if (ret) {
217 ath9k_htc_ps_restore(priv);
218 return -EINVAL;
219 }
220
221 ath9k_htc_ps_restore(priv);
222
223 len += scnprintf(buf + len, sizeof(buf) - len,
224 "%20s : %10u\n", "Xretries",
225 be32_to_cpu(cmd_rsp.xretries));
226
227 len += scnprintf(buf + len, sizeof(buf) - len,
228 "%20s : %10u\n", "FifoErr",
229 be32_to_cpu(cmd_rsp.fifoerr));
230
231 len += scnprintf(buf + len, sizeof(buf) - len,
232 "%20s : %10u\n", "Filtered",
233 be32_to_cpu(cmd_rsp.filtered));
234
235 len += scnprintf(buf + len, sizeof(buf) - len,
236 "%20s : %10u\n", "TimerExp",
237 be32_to_cpu(cmd_rsp.timer_exp));
238
239 len += scnprintf(buf + len, sizeof(buf) - len,
240 "%20s : %10u\n", "ShortRetries",
241 be32_to_cpu(cmd_rsp.shortretries));
242
243 len += scnprintf(buf + len, sizeof(buf) - len,
244 "%20s : %10u\n", "LongRetries",
245 be32_to_cpu(cmd_rsp.longretries));
246
247 len += scnprintf(buf + len, sizeof(buf) - len,
248 "%20s : %10u\n", "QueueNull",
249 be32_to_cpu(cmd_rsp.qnull));
250
251 len += scnprintf(buf + len, sizeof(buf) - len,
252 "%20s : %10u\n", "EncapFail",
253 be32_to_cpu(cmd_rsp.encap_fail));
254
255 len += scnprintf(buf + len, sizeof(buf) - len,
256 "%20s : %10u\n", "NoBuf",
257 be32_to_cpu(cmd_rsp.nobuf));
258
259 if (len > sizeof(buf))
260 len = sizeof(buf);
261
262 return simple_read_from_buffer(user_buf, count, ppos, buf, len);
263 }
264
265 static const struct file_operations fops_tgt_tx_stats = {
266 .read = read_file_tgt_tx_stats,
267 .open = simple_open,
268 .owner = THIS_MODULE,
269 .llseek = default_llseek,
270 };
271
272 static ssize_t read_file_tgt_rx_stats(struct file *file, char __user *user_buf,
273 size_t count, loff_t *ppos)
274 {
275 struct ath9k_htc_priv *priv = file->private_data;
276 struct ath9k_htc_target_rx_stats cmd_rsp;
277 char buf[512];
278 unsigned int len = 0;
279 int ret = 0;
280
281 memset(&cmd_rsp, 0, sizeof(cmd_rsp));
282
283 ath9k_htc_ps_wakeup(priv);
284
285 WMI_CMD(WMI_RX_STATS_CMDID);
286 if (ret) {
287 ath9k_htc_ps_restore(priv);
288 return -EINVAL;
289 }
290
291 ath9k_htc_ps_restore(priv);
292
293 len += scnprintf(buf + len, sizeof(buf) - len,
294 "%20s : %10u\n", "NoBuf",
295 be32_to_cpu(cmd_rsp.nobuf));
296
297 len += scnprintf(buf + len, sizeof(buf) - len,
298 "%20s : %10u\n", "HostSend",
299 be32_to_cpu(cmd_rsp.host_send));
300
301 len += scnprintf(buf + len, sizeof(buf) - len,
302 "%20s : %10u\n", "HostDone",
303 be32_to_cpu(cmd_rsp.host_done));
304
305 if (len > sizeof(buf))
306 len = sizeof(buf);
307
308 return simple_read_from_buffer(user_buf, count, ppos, buf, len);
309 }
310
311 static const struct file_operations fops_tgt_rx_stats = {
312 .read = read_file_tgt_rx_stats,
313 .open = simple_open,
314 .owner = THIS_MODULE,
315 .llseek = default_llseek,
316 };
317
318 static ssize_t read_file_xmit(struct file *file, char __user *user_buf,
319 size_t count, loff_t *ppos)
320 {
321 struct ath9k_htc_priv *priv = file->private_data;
322 char buf[512];
323 unsigned int len = 0;
324
325 len += scnprintf(buf + len, sizeof(buf) - len,
326 "%20s : %10u\n", "Buffers queued",
327 priv->debug.tx_stats.buf_queued);
328 len += scnprintf(buf + len, sizeof(buf) - len,
329 "%20s : %10u\n", "Buffers completed",
330 priv->debug.tx_stats.buf_completed);
331 len += scnprintf(buf + len, sizeof(buf) - len,
332 "%20s : %10u\n", "SKBs queued",
333 priv->debug.tx_stats.skb_queued);
334 len += scnprintf(buf + len, sizeof(buf) - len,
335 "%20s : %10u\n", "SKBs success",
336 priv->debug.tx_stats.skb_success);
337 len += scnprintf(buf + len, sizeof(buf) - len,
338 "%20s : %10u\n", "SKBs failed",
339 priv->debug.tx_stats.skb_failed);
340 len += scnprintf(buf + len, sizeof(buf) - len,
341 "%20s : %10u\n", "CAB queued",
342 priv->debug.tx_stats.cab_queued);
343
344 len += scnprintf(buf + len, sizeof(buf) - len,
345 "%20s : %10u\n", "BE queued",
346 priv->debug.tx_stats.queue_stats[IEEE80211_AC_BE]);
347 len += scnprintf(buf + len, sizeof(buf) - len,
348 "%20s : %10u\n", "BK queued",
349 priv->debug.tx_stats.queue_stats[IEEE80211_AC_BK]);
350 len += scnprintf(buf + len, sizeof(buf) - len,
351 "%20s : %10u\n", "VI queued",
352 priv->debug.tx_stats.queue_stats[IEEE80211_AC_VI]);
353 len += scnprintf(buf + len, sizeof(buf) - len,
354 "%20s : %10u\n", "VO queued",
355 priv->debug.tx_stats.queue_stats[IEEE80211_AC_VO]);
356
357 if (len > sizeof(buf))
358 len = sizeof(buf);
359
360 return simple_read_from_buffer(user_buf, count, ppos, buf, len);
361 }
362
363 static const struct file_operations fops_xmit = {
364 .read = read_file_xmit,
365 .open = simple_open,
366 .owner = THIS_MODULE,
367 .llseek = default_llseek,
368 };
369
370 void ath9k_htc_err_stat_rx(struct ath9k_htc_priv *priv,
371 struct ath_rx_status *rs)
372 {
373 ath9k_cmn_debug_stat_rx(&priv->debug.rx_stats, rs);
374 }
375
376 static ssize_t read_file_skb_rx(struct file *file, char __user *user_buf,
377 size_t count, loff_t *ppos)
378 {
379 struct ath9k_htc_priv *priv = file->private_data;
380 char *buf;
381 unsigned int len = 0, size = 1500;
382 ssize_t retval = 0;
383
384 buf = kzalloc(size, GFP_KERNEL);
385 if (buf == NULL)
386 return -ENOMEM;
387
388 len += scnprintf(buf + len, size - len,
389 "%20s : %10u\n", "SKBs allocated",
390 priv->debug.skbrx_stats.skb_allocated);
391 len += scnprintf(buf + len, size - len,
392 "%20s : %10u\n", "SKBs completed",
393 priv->debug.skbrx_stats.skb_completed);
394 len += scnprintf(buf + len, size - len,
395 "%20s : %10u\n", "SKBs Dropped",
396 priv->debug.skbrx_stats.skb_dropped);
397
398 if (len > size)
399 len = size;
400
401 retval = simple_read_from_buffer(user_buf, count, ppos, buf, len);
402 kfree(buf);
403
404 return retval;
405 }
406
407 static const struct file_operations fops_skb_rx = {
408 .read = read_file_skb_rx,
409 .open = simple_open,
410 .owner = THIS_MODULE,
411 .llseek = default_llseek,
412 };
413
414 static ssize_t read_file_slot(struct file *file, char __user *user_buf,
415 size_t count, loff_t *ppos)
416 {
417 struct ath9k_htc_priv *priv = file->private_data;
418 char buf[512];
419 unsigned int len;
420
421 spin_lock_bh(&priv->tx.tx_lock);
422 len = scnprintf(buf, sizeof(buf),
423 "TX slot bitmap : %*pb\n"
424 "Used slots : %d\n",
425 MAX_TX_BUF_NUM, priv->tx.tx_slot,
426 bitmap_weight(priv->tx.tx_slot, MAX_TX_BUF_NUM));
427 spin_unlock_bh(&priv->tx.tx_lock);
428 return simple_read_from_buffer(user_buf, count, ppos, buf, len);
429 }
430
431 static const struct file_operations fops_slot = {
432 .read = read_file_slot,
433 .open = simple_open,
434 .owner = THIS_MODULE,
435 .llseek = default_llseek,
436 };
437
438 static ssize_t read_file_queue(struct file *file, char __user *user_buf,
439 size_t count, loff_t *ppos)
440 {
441 struct ath9k_htc_priv *priv = file->private_data;
442 char buf[512];
443 unsigned int len = 0;
444
445 len += scnprintf(buf + len, sizeof(buf) - len, "%20s : %10u\n",
446 "Mgmt endpoint", skb_queue_len(&priv->tx.mgmt_ep_queue));
447
448 len += scnprintf(buf + len, sizeof(buf) - len, "%20s : %10u\n",
449 "Cab endpoint", skb_queue_len(&priv->tx.cab_ep_queue));
450
451 len += scnprintf(buf + len, sizeof(buf) - len, "%20s : %10u\n",
452 "Data BE endpoint", skb_queue_len(&priv->tx.data_be_queue));
453
454 len += scnprintf(buf + len, sizeof(buf) - len, "%20s : %10u\n",
455 "Data BK endpoint", skb_queue_len(&priv->tx.data_bk_queue));
456
457 len += scnprintf(buf + len, sizeof(buf) - len, "%20s : %10u\n",
458 "Data VI endpoint", skb_queue_len(&priv->tx.data_vi_queue));
459
460 len += scnprintf(buf + len, sizeof(buf) - len, "%20s : %10u\n",
461 "Data VO endpoint", skb_queue_len(&priv->tx.data_vo_queue));
462
463 len += scnprintf(buf + len, sizeof(buf) - len, "%20s : %10u\n",
464 "Failed queue", skb_queue_len(&priv->tx.tx_failed));
465
466 spin_lock_bh(&priv->tx.tx_lock);
467 len += scnprintf(buf + len, sizeof(buf) - len, "%20s : %10u\n",
468 "Queued count", priv->tx.queued_cnt);
469 spin_unlock_bh(&priv->tx.tx_lock);
470
471 if (len > sizeof(buf))
472 len = sizeof(buf);
473
474 return simple_read_from_buffer(user_buf, count, ppos, buf, len);
475
476 }
477
478 static const struct file_operations fops_queue = {
479 .read = read_file_queue,
480 .open = simple_open,
481 .owner = THIS_MODULE,
482 .llseek = default_llseek,
483 };
484
485 static ssize_t read_file_debug(struct file *file, char __user *user_buf,
486 size_t count, loff_t *ppos)
487 {
488 struct ath9k_htc_priv *priv = file->private_data;
489 struct ath_common *common = ath9k_hw_common(priv->ah);
490 char buf[32];
491 unsigned int len;
492
493 len = sprintf(buf, "0x%08x\n", common->debug_mask);
494 return simple_read_from_buffer(user_buf, count, ppos, buf, len);
495 }
496
497 static ssize_t write_file_debug(struct file *file, const char __user *user_buf,
498 size_t count, loff_t *ppos)
499 {
500 struct ath9k_htc_priv *priv = file->private_data;
501 struct ath_common *common = ath9k_hw_common(priv->ah);
502 unsigned long mask;
503 char buf[32];
504 ssize_t len;
505
506 len = min(count, sizeof(buf) - 1);
507 if (copy_from_user(buf, user_buf, len))
508 return -EFAULT;
509
510 buf[len] = '\0';
511 if (kstrtoul(buf, 0, &mask))
512 return -EINVAL;
513
514 common->debug_mask = mask;
515 return count;
516 }
517
518 static const struct file_operations fops_debug = {
519 .read = read_file_debug,
520 .write = write_file_debug,
521 .open = simple_open,
522 .owner = THIS_MODULE,
523 .llseek = default_llseek,
524 };
525
526 /* Ethtool support for get-stats */
527 #define AMKSTR(nm) #nm "_BE", #nm "_BK", #nm "_VI", #nm "_VO"
528 static const char ath9k_htc_gstrings_stats[][ETH_GSTRING_LEN] = {
529 "tx_pkts_nic",
530 "tx_bytes_nic",
531 "rx_pkts_nic",
532 "rx_bytes_nic",
533
534 AMKSTR(d_tx_pkts),
535
536 "d_rx_crc_err",
537 "d_rx_decrypt_crc_err",
538 "d_rx_phy_err",
539 "d_rx_mic_err",
540 "d_rx_pre_delim_crc_err",
541 "d_rx_post_delim_crc_err",
542 "d_rx_decrypt_busy_err",
543
544 "d_rx_phyerr_radar",
545 "d_rx_phyerr_ofdm_timing",
546 "d_rx_phyerr_cck_timing",
547
548 };
549 #define ATH9K_HTC_SSTATS_LEN ARRAY_SIZE(ath9k_htc_gstrings_stats)
550
551 void ath9k_htc_get_et_strings(struct ieee80211_hw *hw,
552 struct ieee80211_vif *vif,
553 u32 sset, u8 *data)
554 {
555 if (sset == ETH_SS_STATS)
556 memcpy(data, *ath9k_htc_gstrings_stats,
557 sizeof(ath9k_htc_gstrings_stats));
558 }
559
560 int ath9k_htc_get_et_sset_count(struct ieee80211_hw *hw,
561 struct ieee80211_vif *vif, int sset)
562 {
563 if (sset == ETH_SS_STATS)
564 return ATH9K_HTC_SSTATS_LEN;
565 return 0;
566 }
567
568 #define STXBASE priv->debug.tx_stats
569 #define SRXBASE priv->debug.rx_stats
570 #define SKBTXBASE priv->debug.tx_stats
571 #define SKBRXBASE priv->debug.skbrx_stats
572 #define ASTXQ(a) \
573 data[i++] = STXBASE.a[IEEE80211_AC_BE]; \
574 data[i++] = STXBASE.a[IEEE80211_AC_BK]; \
575 data[i++] = STXBASE.a[IEEE80211_AC_VI]; \
576 data[i++] = STXBASE.a[IEEE80211_AC_VO]
577
578 void ath9k_htc_get_et_stats(struct ieee80211_hw *hw,
579 struct ieee80211_vif *vif,
580 struct ethtool_stats *stats, u64 *data)
581 {
582 struct ath9k_htc_priv *priv = hw->priv;
583 int i = 0;
584
585 data[i++] = SKBTXBASE.skb_success;
586 data[i++] = SKBTXBASE.skb_success_bytes;
587 data[i++] = SKBRXBASE.skb_completed;
588 data[i++] = SKBRXBASE.skb_completed_bytes;
589
590 ASTXQ(queue_stats);
591
592 data[i++] = SRXBASE.crc_err;
593 data[i++] = SRXBASE.decrypt_crc_err;
594 data[i++] = SRXBASE.phy_err;
595 data[i++] = SRXBASE.mic_err;
596 data[i++] = SRXBASE.pre_delim_crc_err;
597 data[i++] = SRXBASE.post_delim_crc_err;
598 data[i++] = SRXBASE.decrypt_busy_err;
599
600 data[i++] = SRXBASE.phy_err_stats[ATH9K_PHYERR_RADAR];
601 data[i++] = SRXBASE.phy_err_stats[ATH9K_PHYERR_OFDM_TIMING];
602 data[i++] = SRXBASE.phy_err_stats[ATH9K_PHYERR_CCK_TIMING];
603
604 WARN_ON(i != ATH9K_HTC_SSTATS_LEN);
605 }
606
607 void ath9k_htc_deinit_debug(struct ath9k_htc_priv *priv)
608 {
609 ath9k_cmn_spectral_deinit_debug(&priv->spec_priv);
610 }
611
612 int ath9k_htc_init_debug(struct ath_hw *ah)
613 {
614 struct ath_common *common = ath9k_hw_common(ah);
615 struct ath9k_htc_priv *priv = (struct ath9k_htc_priv *) common->priv;
616
617 priv->debug.debugfs_phy = debugfs_create_dir(KBUILD_MODNAME,
618 priv->hw->wiphy->debugfsdir);
619 if (!priv->debug.debugfs_phy)
620 return -ENOMEM;
621
622 ath9k_cmn_spectral_init_debug(&priv->spec_priv, priv->debug.debugfs_phy);
623
624 debugfs_create_file("tgt_int_stats", S_IRUSR, priv->debug.debugfs_phy,
625 priv, &fops_tgt_int_stats);
626 debugfs_create_file("tgt_tx_stats", S_IRUSR, priv->debug.debugfs_phy,
627 priv, &fops_tgt_tx_stats);
628 debugfs_create_file("tgt_rx_stats", S_IRUSR, priv->debug.debugfs_phy,
629 priv, &fops_tgt_rx_stats);
630 debugfs_create_file("xmit", S_IRUSR, priv->debug.debugfs_phy,
631 priv, &fops_xmit);
632 debugfs_create_file("skb_rx", S_IRUSR, priv->debug.debugfs_phy,
633 priv, &fops_skb_rx);
634
635 ath9k_cmn_debug_recv(priv->debug.debugfs_phy, &priv->debug.rx_stats);
636 ath9k_cmn_debug_phy_err(priv->debug.debugfs_phy, &priv->debug.rx_stats);
637
638 debugfs_create_file("slot", S_IRUSR, priv->debug.debugfs_phy,
639 priv, &fops_slot);
640 debugfs_create_file("queue", S_IRUSR, priv->debug.debugfs_phy,
641 priv, &fops_queue);
642 debugfs_create_file("debug", S_IRUSR | S_IWUSR, priv->debug.debugfs_phy,
643 priv, &fops_debug);
644
645 ath9k_cmn_debug_base_eeprom(priv->debug.debugfs_phy, priv->ah);
646 ath9k_cmn_debug_modal_eeprom(priv->debug.debugfs_phy, priv->ah);
647
648 return 0;
649 }
650
651 #line 125 "/work/ldvuser/andrianov/work/current--X--drivers/net/wireless/ath/ath9k/--X--defaultlinux-4.5-rc7--X--races--X--cpachecker/linux-4.5-rc7/csd_deg_dscv/74/dscv_tempdir/dscv/ri/races/drivers/net/wireless/ath/ath9k/htc_drv_debug.o.c.prepared"
652
653 int ldv_release_9(void);
654 int ldv_retval_2;
655 int ldv_release_8(void);
656 int ldv_retval_12;
657 int ldv_retval_5;
658 int ldv_retval_0;
659 int ldv_retval_6;
660 int ldv_retval_1;
661 int ldv_release_4(void);
662 int ldv_release_6(void);
663 int ldv_release_5(void);
664 int ldv_release_2(void);
665 int ldv_release_3(void);
666 int ldv_release_7(void);
667 int ldv_retval_3;
668 int ldv_retval_7;
669
670
671 void ldv_file_operations_7(void){
672 fops_tgt_rx_stats_group1 = ldv_undef_ptr();
673 fops_tgt_rx_stats_group2 = ldv_undef_ptr();
674 }
675
676
677 void ldv_file_operations_6(void){
678 fops_xmit_group1 = ldv_undef_ptr();
679 fops_xmit_group2 = ldv_undef_ptr();
680 }
681
682
683 void ldv_file_operations_2(void){
684 fops_debug_group1 = ldv_undef_ptr();
685 fops_debug_group2 = ldv_undef_ptr();
686 }
687
688
689 void ldv_file_operations_9(void){
690 fops_tgt_int_stats_group1 = ldv_undef_ptr();
691 fops_tgt_int_stats_group2 = ldv_undef_ptr();
692 }
693
694
695 void ldv_file_operations_3(void){
696 fops_queue_group1 = ldv_undef_ptr();
697 fops_queue_group2 = ldv_undef_ptr();
698 }
699
700
701 void ldv_file_operations_8(void){
702 fops_tgt_tx_stats_group1 = ldv_undef_ptr();
703 fops_tgt_tx_stats_group2 = ldv_undef_ptr();
704 }
705
706
707 void ldv_file_operations_5(void){
708 fops_skb_rx_group1 = ldv_undef_ptr();
709 fops_skb_rx_group2 = ldv_undef_ptr();
710 }
711
712
713 void ldv_file_operations_4(void){
714 fops_slot_group1 = ldv_undef_ptr();
715 fops_slot_group2 = ldv_undef_ptr();
716 }
717
718
719 void ldv_main_exported_6(void){
720 loff_t *ldvarg2;
721 int ldvarg0;
722 size_t ldvarg3;
723 char *ldvarg4;
724 loff_t ldvarg1;
725 /*DEG-struct: handlers from structure fops_xmit*/
726 switch(__VERIFIER_nondet_int()){
727 case 0:{
728 /*DEG-state: state 1 (look at corresponding state-chart diagram for details)*/
729 if(ldv_state_variable_6 == 1){
730 /*DEG-CALL: handler open from fops_xmit*/
731 ldv_retval_0=(& simple_open)(fops_xmit_group1,fops_xmit_group2);
732 if(ldv_retval_0==0){
733 ldv_state_variable_6 = 2;
734 ref_cnt++;
735 }
736 }
737 }
738 break;
739 case 1:{
740 /*DEG-state: state 2 (look at corresponding state-chart diagram for details)*/
741 if(ldv_state_variable_6 == 2){
742 /*DEG-CALL: handler read from fops_xmit*/
743 (& read_file_xmit)(fops_xmit_group2,ldvarg4,ldvarg3,ldvarg2);
744 /*DEG-postcall: default*/
745 ldv_state_variable_6 = 2;
746 }
747 }
748 break;
749 case 2:{
750 /*DEG-state: state 2 (look at corresponding state-chart diagram for details)*/
751 if(ldv_state_variable_6 == 2){
752 /*DEG-CALL: handler llseek from fops_xmit*/
753 (& default_llseek)(fops_xmit_group2,ldvarg1,ldvarg0);
754 /*DEG-postcall: default*/
755 ldv_state_variable_6 = 2;
756 }
757 }
758 break;
759 case 3:{
760 /*DEG-state: state 2 (look at corresponding state-chart diagram for details)*/
761 if(ldv_state_variable_6 == 2){
762 /*DEG-CALL: handler release from fops_xmit*/
763 ldv_release_6();
764 ldv_state_variable_6 = 1;
765 ref_cnt--;
766 }
767 }
768 break;
769 default: ldv_assume(0);
770 }
771
772 };
773
774
775 void ldv_main_exported_3(void){
776 loff_t ldvarg6;
777 int ldvarg5;
778 char *ldvarg9;
779 loff_t *ldvarg7;
780 size_t ldvarg8;
781 /*DEG-struct: handlers from structure fops_queue*/
782 switch(__VERIFIER_nondet_int()){
783 case 0:{
784 /*DEG-state: state 1 (look at corresponding state-chart diagram for details)*/
785 if(ldv_state_variable_3 == 1){
786 /*DEG-CALL: handler open from fops_queue*/
787 ldv_retval_1=(& simple_open)(fops_queue_group1,fops_queue_group2);
788 if(ldv_retval_1==0){
789 ldv_state_variable_3 = 2;
790 ref_cnt++;
791 }
792 }
793 }
794 break;
795 case 1:{
796 /*DEG-state: state 2 (look at corresponding state-chart diagram for details)*/
797 if(ldv_state_variable_3 == 2){
798 /*DEG-CALL: handler read from fops_queue*/
799 (& read_file_queue)(fops_queue_group2,ldvarg9,ldvarg8,ldvarg7);
800 /*DEG-postcall: default*/
801 ldv_state_variable_3 = 2;
802 }
803 }
804 break;
805 case 2:{
806 /*DEG-state: state 2 (look at corresponding state-chart diagram for details)*/
807 if(ldv_state_variable_3 == 2){
808 /*DEG-CALL: handler llseek from fops_queue*/
809 (& default_llseek)(fops_queue_group2,ldvarg6,ldvarg5);
810 /*DEG-postcall: default*/
811 ldv_state_variable_3 = 2;
812 }
813 }
814 break;
815 case 3:{
816 /*DEG-state: state 2 (look at corresponding state-chart diagram for details)*/
817 if(ldv_state_variable_3 == 2){
818 /*DEG-CALL: handler release from fops_queue*/
819 ldv_release_3();
820 ldv_state_variable_3 = 1;
821 ref_cnt--;
822 }
823 }
824 break;
825 default: ldv_assume(0);
826 }
827
828 };
829
830
831 void ldv_main_exported_7(void){
832 loff_t *ldvarg12;
833 int ldvarg10;
834 size_t ldvarg13;
835 char *ldvarg14;
836 loff_t ldvarg11;
837 /*DEG-struct: handlers from structure fops_tgt_rx_stats*/
838 switch(__VERIFIER_nondet_int()){
839 case 0:{
840 /*DEG-state: state 1 (look at corresponding state-chart diagram for details)*/
841 if(ldv_state_variable_7 == 1){
842 /*DEG-CALL: handler open from fops_tgt_rx_stats*/
843 ldv_retval_2=(& simple_open)(fops_tgt_rx_stats_group1,fops_tgt_rx_stats_group2);
844 if(ldv_retval_2==0){
845 ldv_state_variable_7 = 2;
846 ref_cnt++;
847 }
848 }
849 }
850 break;
851 case 1:{
852 /*DEG-state: state 2 (look at corresponding state-chart diagram for details)*/
853 if(ldv_state_variable_7 == 2){
854 /*DEG-CALL: handler read from fops_tgt_rx_stats*/
855 (& read_file_tgt_rx_stats)(fops_tgt_rx_stats_group2,ldvarg14,ldvarg13,ldvarg12);
856 /*DEG-postcall: default*/
857 ldv_state_variable_7 = 2;
858 }
859 }
860 break;
861 case 2:{
862 /*DEG-state: state 2 (look at corresponding state-chart diagram for details)*/
863 if(ldv_state_variable_7 == 2){
864 /*DEG-CALL: handler llseek from fops_tgt_rx_stats*/
865 (& default_llseek)(fops_tgt_rx_stats_group2,ldvarg11,ldvarg10);
866 /*DEG-postcall: default*/
867 ldv_state_variable_7 = 2;
868 }
869 }
870 break;
871 case 3:{
872 /*DEG-state: state 2 (look at corresponding state-chart diagram for details)*/
873 if(ldv_state_variable_7 == 2){
874 /*DEG-CALL: handler release from fops_tgt_rx_stats*/
875 ldv_release_7();
876 ldv_state_variable_7 = 1;
877 ref_cnt--;
878 }
879 }
880 break;
881 default: ldv_assume(0);
882 }
883
884 };
885
886
887 void ldv_main_exported_9(void){
888 int ldvarg15;
889 loff_t ldvarg16;
890 char *ldvarg19;
891 loff_t *ldvarg17;
892 size_t ldvarg18;
893 /*DEG-struct: handlers from structure fops_tgt_int_stats*/
894 switch(__VERIFIER_nondet_int()){
895 case 0:{
896 /*DEG-state: state 1 (look at corresponding state-chart diagram for details)*/
897 if(ldv_state_variable_9 == 1){
898 /*DEG-CALL: handler open from fops_tgt_int_stats*/
899 ldv_retval_3=(& simple_open)(fops_tgt_int_stats_group1,fops_tgt_int_stats_group2);
900 if(ldv_retval_3==0){
901 ldv_state_variable_9 = 2;
902 ref_cnt++;
903 }
904 }
905 }
906 break;
907 case 1:{
908 /*DEG-state: state 2 (look at corresponding state-chart diagram for details)*/
909 if(ldv_state_variable_9 == 2){
910 /*DEG-CALL: handler read from fops_tgt_int_stats*/
911 (& read_file_tgt_int_stats)(fops_tgt_int_stats_group2,ldvarg19,ldvarg18,ldvarg17);
912 /*DEG-postcall: default*/
913 ldv_state_variable_9 = 2;
914 }
915 }
916 break;
917 case 2:{
918 /*DEG-state: state 2 (look at corresponding state-chart diagram for details)*/
919 if(ldv_state_variable_9 == 2){
920 /*DEG-CALL: handler llseek from fops_tgt_int_stats*/
921 (& default_llseek)(fops_tgt_int_stats_group2,ldvarg16,ldvarg15);
922 /*DEG-postcall: default*/
923 ldv_state_variable_9 = 2;
924 }
925 }
926 break;
927 case 3:{
928 /*DEG-state: state 2 (look at corresponding state-chart diagram for details)*/
929 if(ldv_state_variable_9 == 2){
930 /*DEG-CALL: handler release from fops_tgt_int_stats*/
931 ldv_release_9();
932 ldv_state_variable_9 = 1;
933 ref_cnt--;
934 }
935 }
936 break;
937 default: ldv_assume(0);
938 }
939
940 };
941
942
943 void ldv_main_exported_2(void){
944 loff_t *ldvarg83;
945 char const *ldvarg82;
946 int ldvarg76;
947 char *ldvarg79;
948 size_t ldvarg78;
949 loff_t *ldvarg80;
950 loff_t ldvarg77;
951 size_t ldvarg81;
952 /*DEG-struct: handlers from structure fops_debug*/
953 switch(__VERIFIER_nondet_int()){
954 case 0:{
955 /*DEG-state: state 1 (look at corresponding state-chart diagram for details)*/
956 if(ldv_state_variable_2 == 1){
957 /*DEG-CALL: handler open from fops_debug*/
958 ldv_retval_5=(& simple_open)(fops_debug_group1,fops_debug_group2);
959 if(ldv_retval_5==0){
960 ldv_state_variable_2 = 2;
961 ref_cnt++;
962 }
963 }
964 }
965 break;
966 case 1:{
967 /*DEG-state: state 1 (look at corresponding state-chart diagram for details)*/
968 if(ldv_state_variable_2 == 1){
969 /*DEG-CALL: handler write from fops_debug*/
970 (& write_file_debug)(fops_debug_group2,ldvarg82,ldvarg81,ldvarg83);
971 /*DEG-postcall: default*/
972 ldv_state_variable_2 = 1;
973 }
974 /*DEG-state: state 2 (look at corresponding state-chart diagram for details)*/
975 if(ldv_state_variable_2 == 2){
976 /*DEG-CALL: handler write from fops_debug*/
977 (& write_file_debug)(fops_debug_group2,ldvarg82,ldvarg81,ldvarg83);
978 /*DEG-postcall: default*/
979 ldv_state_variable_2 = 2;
980 }
981 }
982 break;
983 case 2:{
984 /*DEG-state: state 2 (look at corresponding state-chart diagram for details)*/
985 if(ldv_state_variable_2 == 2){
986 /*DEG-CALL: handler read from fops_debug*/
987 (& read_file_debug)(fops_debug_group2,ldvarg79,ldvarg78,ldvarg80);
988 /*DEG-postcall: default*/
989 ldv_state_variable_2 = 2;
990 }
991 }
992 break;
993 case 3:{
994 /*DEG-state: state 2 (look at corresponding state-chart diagram for details)*/
995 if(ldv_state_variable_2 == 2){
996 /*DEG-CALL: handler llseek from fops_debug*/
997 (& default_llseek)(fops_debug_group2,ldvarg77,ldvarg76);
998 /*DEG-postcall: default*/
999 ldv_state_variable_2 = 2;
1000 }
1001 }
1002 break;
1003 case 4:{
1004 /*DEG-state: state 2 (look at corresponding state-chart diagram for details)*/
1005 if(ldv_state_variable_2 == 2){
1006 /*DEG-CALL: handler release from fops_debug*/
1007 ldv_release_2();
1008 ldv_state_variable_2 = 1;
1009 ref_cnt--;
1010 }
1011 }
1012 break;
1013 default: ldv_assume(0);
1014 }
1015
1016 };
1017
1018
1019 void ldv_main_exported_8(void){
1020 loff_t ldvarg92;
1021 int ldvarg91;
1022 char *ldvarg94;
1023 loff_t *ldvarg95;
1024 size_t ldvarg93;
1025 /*DEG-struct: handlers from structure fops_tgt_tx_stats*/
1026 switch(__VERIFIER_nondet_int()){
1027 case 0:{
1028 /*DEG-state: state 1 (look at corresponding state-chart diagram for details)*/
1029 if(ldv_state_variable_8 == 1){
1030 /*DEG-CALL: handler open from fops_tgt_tx_stats*/
1031 ldv_retval_6=(& simple_open)(fops_tgt_tx_stats_group1,fops_tgt_tx_stats_group2);
1032 if(ldv_retval_6==0){
1033 ldv_state_variable_8 = 2;
1034 ref_cnt++;
1035 }
1036 }
1037 }
1038 break;
1039 case 1:{
1040 /*DEG-state: state 2 (look at corresponding state-chart diagram for details)*/
1041 if(ldv_state_variable_8 == 2){
1042 /*DEG-CALL: handler read from fops_tgt_tx_stats*/
1043 (& read_file_tgt_tx_stats)(fops_tgt_tx_stats_group2,ldvarg94,ldvarg93,ldvarg95);
1044 /*DEG-postcall: default*/
1045 ldv_state_variable_8 = 2;
1046 }
1047 }
1048 break;
1049 case 2:{
1050 /*DEG-state: state 2 (look at corresponding state-chart diagram for details)*/
1051 if(ldv_state_variable_8 == 2){
1052 /*DEG-CALL: handler llseek from fops_tgt_tx_stats*/
1053 (& default_llseek)(fops_tgt_tx_stats_group2,ldvarg92,ldvarg91);
1054 /*DEG-postcall: default*/
1055 ldv_state_variable_8 = 2;
1056 }
1057 }
1058 break;
1059 case 3:{
1060 /*DEG-state: state 2 (look at corresponding state-chart diagram for details)*/
1061 if(ldv_state_variable_8 == 2){
1062 /*DEG-CALL: handler release from fops_tgt_tx_stats*/
1063 ldv_release_8();
1064 ldv_state_variable_8 = 1;
1065 ref_cnt--;
1066 }
1067 }
1068 break;
1069 default: ldv_assume(0);
1070 }
1071
1072 };
1073
1074
1075 void ldv_main_exported_4(void){
1076 char *ldvarg99;
1077 int ldvarg96;
1078 loff_t *ldvarg100;
1079 loff_t ldvarg97;
1080 size_t ldvarg98;
1081 /*DEG-struct: handlers from structure fops_slot*/
1082 switch(__VERIFIER_nondet_int()){
1083 case 0:{
1084 /*DEG-state: state 1 (look at corresponding state-chart diagram for details)*/
1085 if(ldv_state_variable_4 == 1){
1086 /*DEG-CALL: handler open from fops_slot*/
1087 ldv_retval_7=(& simple_open)(fops_slot_group1,fops_slot_group2);
1088 if(ldv_retval_7==0){
1089 ldv_state_variable_4 = 2;
1090 ref_cnt++;
1091 }
1092 }
1093 }
1094 break;
1095 case 1:{
1096 /*DEG-state: state 2 (look at corresponding state-chart diagram for details)*/
1097 if(ldv_state_variable_4 == 2){
1098 /*DEG-CALL: handler read from fops_slot*/
1099 (& read_file_slot)(fops_slot_group2,ldvarg99,ldvarg98,ldvarg100);
1100 /*DEG-postcall: default*/
1101 ldv_state_variable_4 = 2;
1102 }
1103 }
1104 break;
1105 case 2:{
1106 /*DEG-state: state 2 (look at corresponding state-chart diagram for details)*/
1107 if(ldv_state_variable_4 == 2){
1108 /*DEG-CALL: handler llseek from fops_slot*/
1109 (& default_llseek)(fops_slot_group2,ldvarg97,ldvarg96);
1110 /*DEG-postcall: default*/
1111 ldv_state_variable_4 = 2;
1112 }
1113 }
1114 break;
1115 case 3:{
1116 /*DEG-state: state 2 (look at corresponding state-chart diagram for details)*/
1117 if(ldv_state_variable_4 == 2){
1118 /*DEG-CALL: handler release from fops_slot*/
1119 ldv_release_4();
1120 ldv_state_variable_4 = 1;
1121 ref_cnt--;
1122 }
1123 }
1124 break;
1125 default: ldv_assume(0);
1126 }
1127
1128 };
1129
1130
1131 void ldv_main_exported_5(void){
1132 char *ldvarg109;
1133 loff_t ldvarg107;
1134 int ldvarg106;
1135 size_t ldvarg108;
1136 loff_t *ldvarg110;
1137 /*DEG-struct: handlers from structure fops_skb_rx*/
1138 switch(__VERIFIER_nondet_int()){
1139 case 0:{
1140 /*DEG-state: state 1 (look at corresponding state-chart diagram for details)*/
1141 if(ldv_state_variable_5 == 1){
1142 /*DEG-CALL: handler open from fops_skb_rx*/
1143 ldv_retval_12=(& simple_open)(fops_skb_rx_group1,fops_skb_rx_group2);
1144 if(ldv_retval_12==0){
1145 ldv_state_variable_5 = 2;
1146 ref_cnt++;
1147 }
1148 }
1149 }
1150 break;
1151 case 1:{
1152 /*DEG-state: state 2 (look at corresponding state-chart diagram for details)*/
1153 if(ldv_state_variable_5 == 2){
1154 /*DEG-CALL: handler read from fops_skb_rx*/
1155 (& read_file_skb_rx)(fops_skb_rx_group2,ldvarg109,ldvarg108,ldvarg110);
1156 /*DEG-postcall: default*/
1157 ldv_state_variable_5 = 2;
1158 }
1159 }
1160 break;
1161 case 2:{
1162 /*DEG-state: state 2 (look at corresponding state-chart diagram for details)*/
1163 if(ldv_state_variable_5 == 2){
1164 /*DEG-CALL: handler llseek from fops_skb_rx*/
1165 (& default_llseek)(fops_skb_rx_group2,ldvarg107,ldvarg106);
1166 /*DEG-postcall: default*/
1167 ldv_state_variable_5 = 2;
1168 }
1169 }
1170 break;
1171 case 3:{
1172 /*DEG-state: state 2 (look at corresponding state-chart diagram for details)*/
1173 if(ldv_state_variable_5 == 2){
1174 /*DEG-CALL: handler release from fops_skb_rx*/
1175 ldv_release_5();
1176 ldv_state_variable_5 = 1;
1177 ref_cnt--;
1178 }
1179 }
1180 break;
1181 default: ldv_assume(0);
1182 }
1183
1184 }; 1 /*
2 * Copyright (c) 2010-2011 Atheros Communications Inc.
3 *
4 * Permission to use, copy, modify, and/or distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice appear in all copies.
7 *
8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15 */
16
17 #include "htc.h"
18
19 /******************/
20 /* BTCOEX */
21 /******************/
22
23 #define ATH_HTC_BTCOEX_PRODUCT_ID "wb193"
24
25 #ifdef CONFIG_ATH9K_BTCOEX_SUPPORT
26
27 /*
28 * Detects if there is any priority bt traffic
29 */
30 static void ath_detect_bt_priority(struct ath9k_htc_priv *priv)
31 {
32 struct ath_btcoex *btcoex = &priv->btcoex;
33 struct ath_hw *ah = priv->ah;
34
35 if (ath9k_hw_gpio_get(ah, ah->btcoex_hw.btpriority_gpio))
36 btcoex->bt_priority_cnt++;
37
38 if (time_after(jiffies, btcoex->bt_priority_time +
39 msecs_to_jiffies(ATH_BT_PRIORITY_TIME_THRESHOLD))) {
40 clear_bit(OP_BT_PRIORITY_DETECTED, &priv->op_flags);
41 clear_bit(OP_BT_SCAN, &priv->op_flags);
42 /* Detect if colocated bt started scanning */
43 if (btcoex->bt_priority_cnt >= ATH_BT_CNT_SCAN_THRESHOLD) {
44 ath_dbg(ath9k_hw_common(ah), BTCOEX,
45 "BT scan detected\n");
46 set_bit(OP_BT_PRIORITY_DETECTED, &priv->op_flags);
47 set_bit(OP_BT_SCAN, &priv->op_flags);
48 } else if (btcoex->bt_priority_cnt >= ATH_BT_CNT_THRESHOLD) {
49 ath_dbg(ath9k_hw_common(ah), BTCOEX,
50 "BT priority traffic detected\n");
51 set_bit(OP_BT_PRIORITY_DETECTED, &priv->op_flags);
52 }
53
54 btcoex->bt_priority_cnt = 0;
55 btcoex->bt_priority_time = jiffies;
56 }
57 }
58
59 /*
60 * This is the master bt coex work which runs for every
61 * 45ms, bt traffic will be given priority during 55% of this
62 * period while wlan gets remaining 45%
63 */
64 static void ath_btcoex_period_work(struct work_struct *work)
65 {
66 struct ath9k_htc_priv *priv = container_of(work, struct ath9k_htc_priv,
67 coex_period_work.work);
68 struct ath_btcoex *btcoex = &priv->btcoex;
69 struct ath_common *common = ath9k_hw_common(priv->ah);
70 u32 timer_period;
71 int ret;
72
73 ath_detect_bt_priority(priv);
74
75 ret = ath9k_htc_update_cap_target(priv,
76 test_bit(OP_BT_PRIORITY_DETECTED, &priv->op_flags));
77 if (ret) {
78 ath_err(common, "Unable to set BTCOEX parameters\n");
79 return;
80 }
81
82 ath9k_hw_btcoex_bt_stomp(priv->ah, test_bit(OP_BT_SCAN, &priv->op_flags) ?
83 ATH_BTCOEX_STOMP_ALL : btcoex->bt_stomp_type);
84
85 ath9k_hw_btcoex_enable(priv->ah);
86 timer_period = test_bit(OP_BT_SCAN, &priv->op_flags) ?
87 btcoex->btscan_no_stomp : btcoex->btcoex_no_stomp;
88 ieee80211_queue_delayed_work(priv->hw, &priv->duty_cycle_work,
89 msecs_to_jiffies(timer_period));
90 ieee80211_queue_delayed_work(priv->hw, &priv->coex_period_work,
91 msecs_to_jiffies(btcoex->btcoex_period));
92 }
93
94 /*
95 * Work to time slice between wlan and bt traffic and
96 * configure weight registers
97 */
98 static void ath_btcoex_duty_cycle_work(struct work_struct *work)
99 {
100 struct ath9k_htc_priv *priv = container_of(work, struct ath9k_htc_priv,
101 duty_cycle_work.work);
102 struct ath_hw *ah = priv->ah;
103 struct ath_btcoex *btcoex = &priv->btcoex;
104 struct ath_common *common = ath9k_hw_common(ah);
105
106 ath_dbg(common, BTCOEX, "time slice work for bt and wlan\n");
107
108 if (btcoex->bt_stomp_type == ATH_BTCOEX_STOMP_LOW ||
109 test_bit(OP_BT_SCAN, &priv->op_flags))
110 ath9k_hw_btcoex_bt_stomp(ah, ATH_BTCOEX_STOMP_NONE);
111 else if (btcoex->bt_stomp_type == ATH_BTCOEX_STOMP_ALL)
112 ath9k_hw_btcoex_bt_stomp(ah, ATH_BTCOEX_STOMP_LOW);
113
114 ath9k_hw_btcoex_enable(priv->ah);
115 }
116
117 static void ath_htc_init_btcoex_work(struct ath9k_htc_priv *priv)
118 {
119 struct ath_btcoex *btcoex = &priv->btcoex;
120
121 btcoex->btcoex_period = ATH_BTCOEX_DEF_BT_PERIOD;
122 btcoex->btcoex_no_stomp = (100 - ATH_BTCOEX_DEF_DUTY_CYCLE) *
123 btcoex->btcoex_period / 100;
124 btcoex->btscan_no_stomp = (100 - ATH_BTCOEX_BTSCAN_DUTY_CYCLE) *
125 btcoex->btcoex_period / 100;
126 INIT_DELAYED_WORK(&priv->coex_period_work, ath_btcoex_period_work);
127 INIT_DELAYED_WORK(&priv->duty_cycle_work, ath_btcoex_duty_cycle_work);
128 }
129
130 /*
131 * (Re)start btcoex work
132 */
133
134 static void ath_htc_resume_btcoex_work(struct ath9k_htc_priv *priv)
135 {
136 struct ath_btcoex *btcoex = &priv->btcoex;
137 struct ath_hw *ah = priv->ah;
138
139 ath_dbg(ath9k_hw_common(ah), BTCOEX, "Starting btcoex work\n");
140
141 btcoex->bt_priority_cnt = 0;
142 btcoex->bt_priority_time = jiffies;
143 clear_bit(OP_BT_PRIORITY_DETECTED, &priv->op_flags);
144 clear_bit(OP_BT_SCAN, &priv->op_flags);
145 ieee80211_queue_delayed_work(priv->hw, &priv->coex_period_work, 0);
146 }
147
148
149 /*
150 * Cancel btcoex and bt duty cycle work.
151 */
152 static void ath_htc_cancel_btcoex_work(struct ath9k_htc_priv *priv)
153 {
154 cancel_delayed_work_sync(&priv->coex_period_work);
155 cancel_delayed_work_sync(&priv->duty_cycle_work);
156 }
157
158 void ath9k_htc_start_btcoex(struct ath9k_htc_priv *priv)
159 {
160 struct ath_hw *ah = priv->ah;
161
162 if (ath9k_hw_get_btcoex_scheme(ah) == ATH_BTCOEX_CFG_3WIRE) {
163 ath9k_hw_btcoex_set_weight(ah, AR_BT_COEX_WGHT,
164 AR_STOMP_LOW_WLAN_WGHT, 0);
165 ath9k_hw_btcoex_enable(ah);
166 ath_htc_resume_btcoex_work(priv);
167 }
168 }
169
170 void ath9k_htc_stop_btcoex(struct ath9k_htc_priv *priv)
171 {
172 struct ath_hw *ah = priv->ah;
173
174 if (ah->btcoex_hw.enabled &&
175 ath9k_hw_get_btcoex_scheme(ah) != ATH_BTCOEX_CFG_NONE) {
176 if (ah->btcoex_hw.scheme == ATH_BTCOEX_CFG_3WIRE)
177 ath_htc_cancel_btcoex_work(priv);
178 ath9k_hw_btcoex_disable(ah);
179 }
180 }
181
182 void ath9k_htc_init_btcoex(struct ath9k_htc_priv *priv, char *product)
183 {
184 struct ath_hw *ah = priv->ah;
185 struct ath_common *common = ath9k_hw_common(ah);
186 int qnum;
187
188 /*
189 * Check if BTCOEX is globally disabled.
190 */
191 if (!common->btcoex_enabled) {
192 ah->btcoex_hw.scheme = ATH_BTCOEX_CFG_NONE;
193 return;
194 }
195
196 if (product && strncmp(product, ATH_HTC_BTCOEX_PRODUCT_ID, 5) == 0) {
197 ah->btcoex_hw.scheme = ATH_BTCOEX_CFG_3WIRE;
198 }
199
200 switch (ath9k_hw_get_btcoex_scheme(priv->ah)) {
201 case ATH_BTCOEX_CFG_NONE:
202 break;
203 case ATH_BTCOEX_CFG_3WIRE:
204 priv->ah->btcoex_hw.btactive_gpio = 7;
205 priv->ah->btcoex_hw.btpriority_gpio = 6;
206 priv->ah->btcoex_hw.wlanactive_gpio = 8;
207 priv->btcoex.bt_stomp_type = ATH_BTCOEX_STOMP_LOW;
208 ath9k_hw_btcoex_init_3wire(priv->ah);
209 ath_htc_init_btcoex_work(priv);
210 qnum = priv->hwq_map[IEEE80211_AC_BE];
211 ath9k_hw_init_btcoex_hw(priv->ah, qnum);
212 break;
213 default:
214 WARN_ON(1);
215 break;
216 }
217 }
218
219 #endif /* CONFIG_ATH9K_BTCOEX_SUPPORT */
220
221 /*******/
222 /* LED */
223 /*******/
224
225 #ifdef CONFIG_MAC80211_LEDS
226 void ath9k_led_work(struct work_struct *work)
227 {
228 struct ath9k_htc_priv *priv = container_of(work,
229 struct ath9k_htc_priv,
230 led_work);
231
232 ath9k_hw_set_gpio(priv->ah, priv->ah->led_pin,
233 (priv->brightness == LED_OFF));
234 }
235
236 static void ath9k_led_brightness(struct led_classdev *led_cdev,
237 enum led_brightness brightness)
238 {
239 struct ath9k_htc_priv *priv = container_of(led_cdev,
240 struct ath9k_htc_priv,
241 led_cdev);
242
243 /* Not locked, but it's just a tiny green light..*/
244 priv->brightness = brightness;
245 ieee80211_queue_work(priv->hw, &priv->led_work);
246 }
247
248 void ath9k_deinit_leds(struct ath9k_htc_priv *priv)
249 {
250 if (!priv->led_registered)
251 return;
252
253 ath9k_led_brightness(&priv->led_cdev, LED_OFF);
254 led_classdev_unregister(&priv->led_cdev);
255 cancel_work_sync(&priv->led_work);
256 }
257
258
259 void ath9k_configure_leds(struct ath9k_htc_priv *priv)
260 {
261 /* Configure gpio 1 for output */
262 ath9k_hw_cfg_output(priv->ah, priv->ah->led_pin,
263 AR_GPIO_OUTPUT_MUX_AS_OUTPUT);
264 /* LED off, active low */
265 ath9k_hw_set_gpio(priv->ah, priv->ah->led_pin, 1);
266
267 }
268
269 void ath9k_init_leds(struct ath9k_htc_priv *priv)
270 {
271 int ret;
272
273 if (AR_SREV_9287(priv->ah))
274 priv->ah->led_pin = ATH_LED_PIN_9287;
275 else if (AR_SREV_9271(priv->ah))
276 priv->ah->led_pin = ATH_LED_PIN_9271;
277 else if (AR_DEVID_7010(priv->ah))
278 priv->ah->led_pin = ATH_LED_PIN_7010;
279 else
280 priv->ah->led_pin = ATH_LED_PIN_DEF;
281
282 if (!ath9k_htc_led_blink)
283 priv->led_cdev.default_trigger =
284 ieee80211_get_radio_led_name(priv->hw);
285
286 ath9k_configure_leds(priv);
287
288 snprintf(priv->led_name, sizeof(priv->led_name),
289 "ath9k_htc-%s", wiphy_name(priv->hw->wiphy));
290 priv->led_cdev.name = priv->led_name;
291 priv->led_cdev.brightness_set = ath9k_led_brightness;
292
293 ret = led_classdev_register(wiphy_dev(priv->hw->wiphy), &priv->led_cdev);
294 if (ret < 0)
295 return;
296
297 INIT_WORK(&priv->led_work, ath9k_led_work);
298 priv->led_registered = true;
299
300 return;
301 }
302 #endif
303
304 /*******************/
305 /* Rfkill */
306 /*******************/
307
308 static bool ath_is_rfkill_set(struct ath9k_htc_priv *priv)
309 {
310 bool is_blocked;
311
312 ath9k_htc_ps_wakeup(priv);
313 is_blocked = ath9k_hw_gpio_get(priv->ah, priv->ah->rfkill_gpio) ==
314 priv->ah->rfkill_polarity;
315 ath9k_htc_ps_restore(priv);
316
317 return is_blocked;
318 }
319
320 void ath9k_htc_rfkill_poll_state(struct ieee80211_hw *hw)
321 {
322 struct ath9k_htc_priv *priv = hw->priv;
323 bool blocked = !!ath_is_rfkill_set(priv);
324
325 wiphy_rfkill_set_hw_state(hw->wiphy, blocked);
326 }
327
328 void ath9k_start_rfkill_poll(struct ath9k_htc_priv *priv)
329 {
330 if (priv->ah->caps.hw_caps & ATH9K_HW_CAP_RFSILENT)
331 wiphy_rfkill_start_polling(priv->hw->wiphy);
332 } 1 /*
2 * Copyright (c) 2010-2011 Atheros Communications Inc.
3 *
4 * Permission to use, copy, modify, and/or distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice appear in all copies.
7 *
8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15 */
16
17 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
18
19 #include "htc.h"
20
21 MODULE_AUTHOR("Atheros Communications");
22 MODULE_LICENSE("Dual BSD/GPL");
23 MODULE_DESCRIPTION("Atheros driver 802.11n HTC based wireless devices");
24
25 static unsigned int ath9k_debug = ATH_DBG_DEFAULT;
26 module_param_named(debug, ath9k_debug, uint, 0);
27 MODULE_PARM_DESC(debug, "Debugging mask");
28
29 int htc_modparam_nohwcrypt;
30 module_param_named(nohwcrypt, htc_modparam_nohwcrypt, int, 0444);
31 MODULE_PARM_DESC(nohwcrypt, "Disable hardware encryption");
32
33 static int ath9k_htc_btcoex_enable;
34 module_param_named(btcoex_enable, ath9k_htc_btcoex_enable, int, 0444);
35 MODULE_PARM_DESC(btcoex_enable, "Enable wifi-BT coexistence");
36
37 static int ath9k_ps_enable;
38 module_param_named(ps_enable, ath9k_ps_enable, int, 0444);
39 MODULE_PARM_DESC(ps_enable, "Enable WLAN PowerSave");
40
41 int htc_use_dev_fw = 0;
42 module_param_named(use_dev_fw, htc_use_dev_fw, int, 0444);
43 MODULE_PARM_DESC(use_dev_fw, "Use development FW version");
44
45 #ifdef CONFIG_MAC80211_LEDS
46 int ath9k_htc_led_blink = 1;
47 module_param_named(blink, ath9k_htc_led_blink, int, 0444);
48 MODULE_PARM_DESC(blink, "Enable LED blink on activity");
49
50 static const struct ieee80211_tpt_blink ath9k_htc_tpt_blink[] = {
51 { .throughput = 0 * 1024, .blink_time = 334 },
52 { .throughput = 1 * 1024, .blink_time = 260 },
53 { .throughput = 5 * 1024, .blink_time = 220 },
54 { .throughput = 10 * 1024, .blink_time = 190 },
55 { .throughput = 20 * 1024, .blink_time = 170 },
56 { .throughput = 50 * 1024, .blink_time = 150 },
57 { .throughput = 70 * 1024, .blink_time = 130 },
58 { .throughput = 100 * 1024, .blink_time = 110 },
59 { .throughput = 200 * 1024, .blink_time = 80 },
60 { .throughput = 300 * 1024, .blink_time = 50 },
61 };
62 #endif
63
64 static void ath9k_htc_op_ps_wakeup(struct ath_common *common)
65 {
66 ath9k_htc_ps_wakeup((struct ath9k_htc_priv *) common->priv);
67 }
68
69 static void ath9k_htc_op_ps_restore(struct ath_common *common)
70 {
71 ath9k_htc_ps_restore((struct ath9k_htc_priv *) common->priv);
72 }
73
74 static struct ath_ps_ops ath9k_htc_ps_ops = {
75 .wakeup = ath9k_htc_op_ps_wakeup,
76 .restore = ath9k_htc_op_ps_restore,
77 };
78
79 static int ath9k_htc_wait_for_target(struct ath9k_htc_priv *priv)
80 {
81 unsigned long time_left;
82
83 if (atomic_read(&priv->htc->tgt_ready) > 0) {
84 atomic_dec(&priv->htc->tgt_ready);
85 return 0;
86 }
87
88 /* Firmware can take up to 50ms to get ready, to be safe use 1 second */
89 time_left = wait_for_completion_timeout(&priv->htc->target_wait, HZ);
90 if (!time_left) {
91 dev_err(priv->dev, "ath9k_htc: Target is unresponsive\n");
92 return -ETIMEDOUT;
93 }
94
95 atomic_dec(&priv->htc->tgt_ready);
96
97 return 0;
98 }
99
100 static void ath9k_deinit_priv(struct ath9k_htc_priv *priv)
101 {
102 ath9k_hw_deinit(priv->ah);
103 kfree(priv->ah);
104 priv->ah = NULL;
105 }
106
107 static void ath9k_deinit_device(struct ath9k_htc_priv *priv)
108 {
109 struct ieee80211_hw *hw = priv->hw;
110
111 wiphy_rfkill_stop_polling(hw->wiphy);
112 ath9k_deinit_leds(priv);
113 ath9k_htc_deinit_debug(priv);
114 ieee80211_unregister_hw(hw);
115 ath9k_rx_cleanup(priv);
116 ath9k_tx_cleanup(priv);
117 ath9k_deinit_priv(priv);
118 }
119
120 static inline int ath9k_htc_connect_svc(struct ath9k_htc_priv *priv,
121 u16 service_id,
122 void (*tx) (void *,
123 struct sk_buff *,
124 enum htc_endpoint_id,
125 bool txok),
126 enum htc_endpoint_id *ep_id)
127 {
128 struct htc_service_connreq req;
129
130 memset(&req, 0, sizeof(struct htc_service_connreq));
131
132 req.service_id = service_id;
133 req.ep_callbacks.priv = priv;
134 req.ep_callbacks.rx = ath9k_htc_rxep;
135 req.ep_callbacks.tx = tx;
136
137 return htc_connect_service(priv->htc, &req, ep_id);
138 }
139
140 static int ath9k_init_htc_services(struct ath9k_htc_priv *priv, u16 devid,
141 u32 drv_info)
142 {
143 int ret;
144
145 /* WMI CMD*/
146 ret = ath9k_wmi_connect(priv->htc, priv->wmi, &priv->wmi_cmd_ep);
147 if (ret)
148 goto err;
149
150 /* Beacon */
151 ret = ath9k_htc_connect_svc(priv, WMI_BEACON_SVC, ath9k_htc_beaconep,
152 &priv->beacon_ep);
153 if (ret)
154 goto err;
155
156 /* CAB */
157 ret = ath9k_htc_connect_svc(priv, WMI_CAB_SVC, ath9k_htc_txep,
158 &priv->cab_ep);
159 if (ret)
160 goto err;
161
162
163 /* UAPSD */
164 ret = ath9k_htc_connect_svc(priv, WMI_UAPSD_SVC, ath9k_htc_txep,
165 &priv->uapsd_ep);
166 if (ret)
167 goto err;
168
169 /* MGMT */
170 ret = ath9k_htc_connect_svc(priv, WMI_MGMT_SVC, ath9k_htc_txep,
171 &priv->mgmt_ep);
172 if (ret)
173 goto err;
174
175 /* DATA BE */
176 ret = ath9k_htc_connect_svc(priv, WMI_DATA_BE_SVC, ath9k_htc_txep,
177 &priv->data_be_ep);
178 if (ret)
179 goto err;
180
181 /* DATA BK */
182 ret = ath9k_htc_connect_svc(priv, WMI_DATA_BK_SVC, ath9k_htc_txep,
183 &priv->data_bk_ep);
184 if (ret)
185 goto err;
186
187 /* DATA VI */
188 ret = ath9k_htc_connect_svc(priv, WMI_DATA_VI_SVC, ath9k_htc_txep,
189 &priv->data_vi_ep);
190 if (ret)
191 goto err;
192
193 /* DATA VO */
194 ret = ath9k_htc_connect_svc(priv, WMI_DATA_VO_SVC, ath9k_htc_txep,
195 &priv->data_vo_ep);
196 if (ret)
197 goto err;
198
199 /*
200 * Setup required credits before initializing HTC.
201 * This is a bit hacky, but, since queuing is done in
202 * the HIF layer, shouldn't matter much.
203 */
204
205 if (IS_AR7010_DEVICE(drv_info))
206 priv->htc->credits = 45;
207 else
208 priv->htc->credits = 33;
209
210 ret = htc_init(priv->htc);
211 if (ret)
212 goto err;
213
214 dev_info(priv->dev, "ath9k_htc: HTC initialized with %d credits\n",
215 priv->htc->credits);
216
217 return 0;
218
219 err:
220 dev_err(priv->dev, "ath9k_htc: Unable to initialize HTC services\n");
221 return ret;
222 }
223
224 static void ath9k_reg_notifier(struct wiphy *wiphy,
225 struct regulatory_request *request)
226 {
227 struct ieee80211_hw *hw = wiphy_to_ieee80211_hw(wiphy);
228 struct ath9k_htc_priv *priv = hw->priv;
229
230 ath_reg_notifier_apply(wiphy, request,
231 ath9k_hw_regulatory(priv->ah));
232 }
233
234 static unsigned int ath9k_regread(void *hw_priv, u32 reg_offset)
235 {
236 struct ath_hw *ah = (struct ath_hw *) hw_priv;
237 struct ath_common *common = ath9k_hw_common(ah);
238 struct ath9k_htc_priv *priv = (struct ath9k_htc_priv *) common->priv;
239 __be32 val, reg = cpu_to_be32(reg_offset);
240 int r;
241
242 r = ath9k_wmi_cmd(priv->wmi, WMI_REG_READ_CMDID,
243 (u8 *) ®, sizeof(reg),
244 (u8 *) &val, sizeof(val),
245 100);
246 if (unlikely(r)) {
247 ath_dbg(common, WMI, "REGISTER READ FAILED: (0x%04x, %d)\n",
248 reg_offset, r);
249 return -EIO;
250 }
251
252 return be32_to_cpu(val);
253 }
254
255 static void ath9k_multi_regread(void *hw_priv, u32 *addr,
256 u32 *val, u16 count)
257 {
258 struct ath_hw *ah = (struct ath_hw *) hw_priv;
259 struct ath_common *common = ath9k_hw_common(ah);
260 struct ath9k_htc_priv *priv = (struct ath9k_htc_priv *) common->priv;
261 __be32 tmpaddr[8];
262 __be32 tmpval[8];
263 int i, ret;
264
265 for (i = 0; i < count; i++) {
266 tmpaddr[i] = cpu_to_be32(addr[i]);
267 }
268
269 ret = ath9k_wmi_cmd(priv->wmi, WMI_REG_READ_CMDID,
270 (u8 *)tmpaddr , sizeof(u32) * count,
271 (u8 *)tmpval, sizeof(u32) * count,
272 100);
273 if (unlikely(ret)) {
274 ath_dbg(common, WMI,
275 "Multiple REGISTER READ FAILED (count: %d)\n", count);
276 }
277
278 for (i = 0; i < count; i++) {
279 val[i] = be32_to_cpu(tmpval[i]);
280 }
281 }
282
283 static void ath9k_regwrite_multi(struct ath_common *common)
284 {
285 struct ath9k_htc_priv *priv = (struct ath9k_htc_priv *) common->priv;
286 u32 rsp_status;
287 int r;
288
289 r = ath9k_wmi_cmd(priv->wmi, WMI_REG_WRITE_CMDID,
290 (u8 *) &priv->wmi->multi_write,
291 sizeof(struct register_write) * priv->wmi->multi_write_idx,
292 (u8 *) &rsp_status, sizeof(rsp_status),
293 100);
294 if (unlikely(r)) {
295 ath_dbg(common, WMI,
296 "REGISTER WRITE FAILED, multi len: %d\n",
297 priv->wmi->multi_write_idx);
298 }
299 priv->wmi->multi_write_idx = 0;
300 }
301
302 static void ath9k_regwrite_single(void *hw_priv, u32 val, u32 reg_offset)
303 {
304 struct ath_hw *ah = (struct ath_hw *) hw_priv;
305 struct ath_common *common = ath9k_hw_common(ah);
306 struct ath9k_htc_priv *priv = (struct ath9k_htc_priv *) common->priv;
307 const __be32 buf[2] = {
308 cpu_to_be32(reg_offset),
309 cpu_to_be32(val),
310 };
311 int r;
312
313 r = ath9k_wmi_cmd(priv->wmi, WMI_REG_WRITE_CMDID,
314 (u8 *) &buf, sizeof(buf),
315 (u8 *) &val, sizeof(val),
316 100);
317 if (unlikely(r)) {
318 ath_dbg(common, WMI, "REGISTER WRITE FAILED:(0x%04x, %d)\n",
319 reg_offset, r);
320 }
321 }
322
323 static void ath9k_regwrite_buffer(void *hw_priv, u32 val, u32 reg_offset)
324 {
325 struct ath_hw *ah = (struct ath_hw *) hw_priv;
326 struct ath_common *common = ath9k_hw_common(ah);
327 struct ath9k_htc_priv *priv = (struct ath9k_htc_priv *) common->priv;
328
329 mutex_lock(&priv->wmi->multi_write_mutex);
330
331 /* Store the register/value */
332 priv->wmi->multi_write[priv->wmi->multi_write_idx].reg =
333 cpu_to_be32(reg_offset);
334 priv->wmi->multi_write[priv->wmi->multi_write_idx].val =
335 cpu_to_be32(val);
336
337 priv->wmi->multi_write_idx++;
338
339 /* If the buffer is full, send it out. */
340 if (priv->wmi->multi_write_idx == MAX_CMD_NUMBER)
341 ath9k_regwrite_multi(common);
342
343 mutex_unlock(&priv->wmi->multi_write_mutex);
344 }
345
346 static void ath9k_regwrite(void *hw_priv, u32 val, u32 reg_offset)
347 {
348 struct ath_hw *ah = (struct ath_hw *) hw_priv;
349 struct ath_common *common = ath9k_hw_common(ah);
350 struct ath9k_htc_priv *priv = (struct ath9k_htc_priv *) common->priv;
351
352 if (atomic_read(&priv->wmi->mwrite_cnt))
353 ath9k_regwrite_buffer(hw_priv, val, reg_offset);
354 else
355 ath9k_regwrite_single(hw_priv, val, reg_offset);
356 }
357
358 static void ath9k_enable_regwrite_buffer(void *hw_priv)
359 {
360 struct ath_hw *ah = (struct ath_hw *) hw_priv;
361 struct ath_common *common = ath9k_hw_common(ah);
362 struct ath9k_htc_priv *priv = (struct ath9k_htc_priv *) common->priv;
363
364 atomic_inc(&priv->wmi->mwrite_cnt);
365 }
366
367 static void ath9k_regwrite_flush(void *hw_priv)
368 {
369 struct ath_hw *ah = (struct ath_hw *) hw_priv;
370 struct ath_common *common = ath9k_hw_common(ah);
371 struct ath9k_htc_priv *priv = (struct ath9k_htc_priv *) common->priv;
372
373 atomic_dec(&priv->wmi->mwrite_cnt);
374
375 mutex_lock(&priv->wmi->multi_write_mutex);
376
377 if (priv->wmi->multi_write_idx)
378 ath9k_regwrite_multi(common);
379
380 mutex_unlock(&priv->wmi->multi_write_mutex);
381 }
382
383 static void ath9k_reg_rmw_buffer(void *hw_priv,
384 u32 reg_offset, u32 set, u32 clr)
385 {
386 struct ath_hw *ah = (struct ath_hw *) hw_priv;
387 struct ath_common *common = ath9k_hw_common(ah);
388 struct ath9k_htc_priv *priv = (struct ath9k_htc_priv *) common->priv;
389 u32 rsp_status;
390 int r;
391
392 mutex_lock(&priv->wmi->multi_rmw_mutex);
393
394 /* Store the register/value */
395 priv->wmi->multi_rmw[priv->wmi->multi_rmw_idx].reg =
396 cpu_to_be32(reg_offset);
397 priv->wmi->multi_rmw[priv->wmi->multi_rmw_idx].set =
398 cpu_to_be32(set);
399 priv->wmi->multi_rmw[priv->wmi->multi_rmw_idx].clr =
400 cpu_to_be32(clr);
401
402 priv->wmi->multi_rmw_idx++;
403
404 /* If the buffer is full, send it out. */
405 if (priv->wmi->multi_rmw_idx == MAX_RMW_CMD_NUMBER) {
406 r = ath9k_wmi_cmd(priv->wmi, WMI_REG_RMW_CMDID,
407 (u8 *) &priv->wmi->multi_rmw,
408 sizeof(struct register_write) * priv->wmi->multi_rmw_idx,
409 (u8 *) &rsp_status, sizeof(rsp_status),
410 100);
411 if (unlikely(r)) {
412 ath_dbg(common, WMI,
413 "REGISTER RMW FAILED, multi len: %d\n",
414 priv->wmi->multi_rmw_idx);
415 }
416 priv->wmi->multi_rmw_idx = 0;
417 }
418
419 mutex_unlock(&priv->wmi->multi_rmw_mutex);
420 }
421
422 static void ath9k_reg_rmw_flush(void *hw_priv)
423 {
424 struct ath_hw *ah = (struct ath_hw *) hw_priv;
425 struct ath_common *common = ath9k_hw_common(ah);
426 struct ath9k_htc_priv *priv = (struct ath9k_htc_priv *) common->priv;
427 u32 rsp_status;
428 int r;
429
430 if (test_bit(HTC_FWFLAG_NO_RMW, &priv->fw_flags))
431 return;
432
433 atomic_dec(&priv->wmi->m_rmw_cnt);
434
435 mutex_lock(&priv->wmi->multi_rmw_mutex);
436
437 if (priv->wmi->multi_rmw_idx) {
438 r = ath9k_wmi_cmd(priv->wmi, WMI_REG_RMW_CMDID,
439 (u8 *) &priv->wmi->multi_rmw,
440 sizeof(struct register_rmw) * priv->wmi->multi_rmw_idx,
441 (u8 *) &rsp_status, sizeof(rsp_status),
442 100);
443 if (unlikely(r)) {
444 ath_dbg(common, WMI,
445 "REGISTER RMW FAILED, multi len: %d\n",
446 priv->wmi->multi_rmw_idx);
447 }
448 priv->wmi->multi_rmw_idx = 0;
449 }
450
451 mutex_unlock(&priv->wmi->multi_rmw_mutex);
452 }
453
454 static void ath9k_enable_rmw_buffer(void *hw_priv)
455 {
456 struct ath_hw *ah = (struct ath_hw *) hw_priv;
457 struct ath_common *common = ath9k_hw_common(ah);
458 struct ath9k_htc_priv *priv = (struct ath9k_htc_priv *) common->priv;
459
460 if (test_bit(HTC_FWFLAG_NO_RMW, &priv->fw_flags))
461 return;
462
463 atomic_inc(&priv->wmi->m_rmw_cnt);
464 }
465
466 static u32 ath9k_reg_rmw_single(void *hw_priv,
467 u32 reg_offset, u32 set, u32 clr)
468 {
469 struct ath_hw *ah = (struct ath_hw *) hw_priv;
470 struct ath_common *common = ath9k_hw_common(ah);
471 struct ath9k_htc_priv *priv = (struct ath9k_htc_priv *) common->priv;
472 struct register_rmw buf, buf_ret;
473 int ret;
474 u32 val = 0;
475
476 buf.reg = cpu_to_be32(reg_offset);
477 buf.set = cpu_to_be32(set);
478 buf.clr = cpu_to_be32(clr);
479
480 ret = ath9k_wmi_cmd(priv->wmi, WMI_REG_RMW_CMDID,
481 (u8 *) &buf, sizeof(buf),
482 (u8 *) &buf_ret, sizeof(buf_ret),
483 100);
484 if (unlikely(ret)) {
485 ath_dbg(common, WMI, "REGISTER RMW FAILED:(0x%04x, %d)\n",
486 reg_offset, ret);
487 }
488 return val;
489 }
490
491 static u32 ath9k_reg_rmw(void *hw_priv, u32 reg_offset, u32 set, u32 clr)
492 {
493 struct ath_hw *ah = (struct ath_hw *) hw_priv;
494 struct ath_common *common = ath9k_hw_common(ah);
495 struct ath9k_htc_priv *priv = (struct ath9k_htc_priv *) common->priv;
496
497 if (test_bit(HTC_FWFLAG_NO_RMW, &priv->fw_flags)) {
498 u32 val;
499
500 val = REG_READ(ah, reg_offset);
501 val &= ~clr;
502 val |= set;
503 REG_WRITE(ah, reg_offset, val);
504
505 return 0;
506 }
507
508 if (atomic_read(&priv->wmi->m_rmw_cnt))
509 ath9k_reg_rmw_buffer(hw_priv, reg_offset, set, clr);
510 else
511 ath9k_reg_rmw_single(hw_priv, reg_offset, set, clr);
512
513 return 0;
514 }
515
516 static void ath_usb_read_cachesize(struct ath_common *common, int *csz)
517 {
518 *csz = L1_CACHE_BYTES >> 2;
519 }
520
521 static bool ath_usb_eeprom_read(struct ath_common *common, u32 off, u16 *data)
522 {
523 struct ath_hw *ah = (struct ath_hw *) common->ah;
524
525 (void)REG_READ(ah, AR5416_EEPROM_OFFSET + (off << AR5416_EEPROM_S));
526
527 if (!ath9k_hw_wait(ah,
528 AR_EEPROM_STATUS_DATA,
529 AR_EEPROM_STATUS_DATA_BUSY |
530 AR_EEPROM_STATUS_DATA_PROT_ACCESS, 0,
531 AH_WAIT_TIMEOUT))
532 return false;
533
534 *data = MS(REG_READ(ah, AR_EEPROM_STATUS_DATA),
535 AR_EEPROM_STATUS_DATA_VAL);
536
537 return true;
538 }
539
540 static const struct ath_bus_ops ath9k_usb_bus_ops = {
541 .ath_bus_type = ATH_USB,
542 .read_cachesize = ath_usb_read_cachesize,
543 .eeprom_read = ath_usb_eeprom_read,
544 };
545
546 static int ath9k_init_queues(struct ath9k_htc_priv *priv)
547 {
548 struct ath_common *common = ath9k_hw_common(priv->ah);
549 int i;
550
551 for (i = 0; i < ARRAY_SIZE(priv->hwq_map); i++)
552 priv->hwq_map[i] = -1;
553
554 priv->beacon.beaconq = ath9k_hw_beaconq_setup(priv->ah);
555 if (priv->beacon.beaconq == -1) {
556 ath_err(common, "Unable to setup BEACON xmit queue\n");
557 goto err;
558 }
559
560 priv->cabq = ath9k_htc_cabq_setup(priv);
561 if (priv->cabq == -1) {
562 ath_err(common, "Unable to setup CAB xmit queue\n");
563 goto err;
564 }
565
566 if (!ath9k_htc_txq_setup(priv, IEEE80211_AC_BE)) {
567 ath_err(common, "Unable to setup xmit queue for BE traffic\n");
568 goto err;
569 }
570
571 if (!ath9k_htc_txq_setup(priv, IEEE80211_AC_BK)) {
572 ath_err(common, "Unable to setup xmit queue for BK traffic\n");
573 goto err;
574 }
575 if (!ath9k_htc_txq_setup(priv, IEEE80211_AC_VI)) {
576 ath_err(common, "Unable to setup xmit queue for VI traffic\n");
577 goto err;
578 }
579 if (!ath9k_htc_txq_setup(priv, IEEE80211_AC_VO)) {
580 ath_err(common, "Unable to setup xmit queue for VO traffic\n");
581 goto err;
582 }
583
584 return 0;
585
586 err:
587 return -EINVAL;
588 }
589
590 static void ath9k_init_misc(struct ath9k_htc_priv *priv)
591 {
592 struct ath_common *common = ath9k_hw_common(priv->ah);
593
594 memcpy(common->bssidmask, ath_bcast_mac, ETH_ALEN);
595
596 common->last_rssi = ATH_RSSI_DUMMY_MARKER;
597 priv->ah->opmode = NL80211_IFTYPE_STATION;
598
599 priv->spec_priv.ah = priv->ah;
600 priv->spec_priv.spec_config.enabled = 0;
601 priv->spec_priv.spec_config.short_repeat = true;
602 priv->spec_priv.spec_config.count = 8;
603 priv->spec_priv.spec_config.endless = false;
604 priv->spec_priv.spec_config.period = 0x12;
605 priv->spec_priv.spec_config.fft_period = 0x02;
606 }
607
608 static int ath9k_init_priv(struct ath9k_htc_priv *priv,
609 u16 devid, char *product,
610 u32 drv_info)
611 {
612 struct ath_hw *ah = NULL;
613 struct ath_common *common;
614 int i, ret = 0, csz = 0;
615
616 ah = kzalloc(sizeof(struct ath_hw), GFP_KERNEL);
617 if (!ah)
618 return -ENOMEM;
619
620 ah->dev = priv->dev;
621 ah->hw = priv->hw;
622 ah->hw_version.devid = devid;
623 ah->hw_version.usbdev = drv_info;
624 ah->ah_flags |= AH_USE_EEPROM;
625 ah->reg_ops.read = ath9k_regread;
626 ah->reg_ops.multi_read = ath9k_multi_regread;
627 ah->reg_ops.write = ath9k_regwrite;
628 ah->reg_ops.enable_write_buffer = ath9k_enable_regwrite_buffer;
629 ah->reg_ops.write_flush = ath9k_regwrite_flush;
630 ah->reg_ops.enable_rmw_buffer = ath9k_enable_rmw_buffer;
631 ah->reg_ops.rmw_flush = ath9k_reg_rmw_flush;
632 ah->reg_ops.rmw = ath9k_reg_rmw;
633 priv->ah = ah;
634
635 common = ath9k_hw_common(ah);
636 common->ops = &ah->reg_ops;
637 common->ps_ops = &ath9k_htc_ps_ops;
638 common->bus_ops = &ath9k_usb_bus_ops;
639 common->ah = ah;
640 common->hw = priv->hw;
641 common->priv = priv;
642 common->debug_mask = ath9k_debug;
643 common->btcoex_enabled = ath9k_htc_btcoex_enable == 1;
644 set_bit(ATH_OP_INVALID, &common->op_flags);
645
646 spin_lock_init(&priv->beacon_lock);
647 spin_lock_init(&priv->tx.tx_lock);
648 mutex_init(&priv->mutex);
649 mutex_init(&priv->htc_pm_lock);
650 tasklet_init(&priv->rx_tasklet, ath9k_rx_tasklet,
651 (unsigned long)priv);
652 tasklet_init(&priv->tx_failed_tasklet, ath9k_tx_failed_tasklet,
653 (unsigned long)priv);
654 INIT_DELAYED_WORK(&priv->ani_work, ath9k_htc_ani_work);
655 INIT_WORK(&priv->ps_work, ath9k_ps_work);
656 INIT_WORK(&priv->fatal_work, ath9k_fatal_work);
657 setup_timer(&priv->tx.cleanup_timer, ath9k_htc_tx_cleanup_timer,
658 (unsigned long)priv);
659
660 /*
661 * Cache line size is used to size and align various
662 * structures used to communicate with the hardware.
663 */
664 ath_read_cachesize(common, &csz);
665 common->cachelsz = csz << 2; /* convert to bytes */
666
667 ret = ath9k_hw_init(ah);
668 if (ret) {
669 ath_err(common,
670 "Unable to initialize hardware; initialization status: %d\n",
671 ret);
672 goto err_hw;
673 }
674
675 ret = ath9k_init_queues(priv);
676 if (ret)
677 goto err_queues;
678
679 for (i = 0; i < ATH9K_HTC_MAX_BCN_VIF; i++)
680 priv->beacon.bslot[i] = NULL;
681 priv->beacon.slottime = ATH9K_SLOT_TIME_9;
682
683 ath9k_cmn_init_channels_rates(common);
684 ath9k_cmn_init_crypto(ah);
685 ath9k_init_misc(priv);
686 ath9k_htc_init_btcoex(priv, product);
687
688 return 0;
689
690 err_queues:
691 ath9k_hw_deinit(ah);
692 err_hw:
693
694 kfree(ah);
695 priv->ah = NULL;
696
697 return ret;
698 }
699
700 static const struct ieee80211_iface_limit if_limits[] = {
701 { .max = 2, .types = BIT(NL80211_IFTYPE_STATION) |
702 BIT(NL80211_IFTYPE_P2P_CLIENT) },
703 { .max = 2, .types = BIT(NL80211_IFTYPE_AP) |
704 #ifdef CONFIG_MAC80211_MESH
705 BIT(NL80211_IFTYPE_MESH_POINT) |
706 #endif
707 BIT(NL80211_IFTYPE_P2P_GO) },
708 };
709
710 static const struct ieee80211_iface_combination if_comb = {
711 .limits = if_limits,
712 .n_limits = ARRAY_SIZE(if_limits),
713 .max_interfaces = 2,
714 .num_different_channels = 1,
715 };
716
717 static void ath9k_set_hw_capab(struct ath9k_htc_priv *priv,
718 struct ieee80211_hw *hw)
719 {
720 struct ath_hw *ah = priv->ah;
721 struct ath_common *common = ath9k_hw_common(priv->ah);
722 struct base_eep_header *pBase;
723
724 ieee80211_hw_set(hw, HOST_BROADCAST_PS_BUFFERING);
725 ieee80211_hw_set(hw, MFP_CAPABLE);
726 ieee80211_hw_set(hw, REPORTS_TX_ACK_STATUS);
727 ieee80211_hw_set(hw, PS_NULLFUNC_STACK);
728 ieee80211_hw_set(hw, RX_INCLUDES_FCS);
729 ieee80211_hw_set(hw, HAS_RATE_CONTROL);
730 ieee80211_hw_set(hw, SPECTRUM_MGMT);
731 ieee80211_hw_set(hw, SIGNAL_DBM);
732 ieee80211_hw_set(hw, AMPDU_AGGREGATION);
733
734 if (ath9k_ps_enable)
735 ieee80211_hw_set(hw, SUPPORTS_PS);
736
737 hw->wiphy->interface_modes =
738 BIT(NL80211_IFTYPE_STATION) |
739 BIT(NL80211_IFTYPE_ADHOC) |
740 BIT(NL80211_IFTYPE_AP) |
741 BIT(NL80211_IFTYPE_P2P_GO) |
742 BIT(NL80211_IFTYPE_P2P_CLIENT) |
743 BIT(NL80211_IFTYPE_MESH_POINT) |
744 BIT(NL80211_IFTYPE_OCB);
745
746 hw->wiphy->iface_combinations = &if_comb;
747 hw->wiphy->n_iface_combinations = 1;
748
749 hw->wiphy->flags &= ~WIPHY_FLAG_PS_ON_BY_DEFAULT;
750
751 hw->wiphy->flags |= WIPHY_FLAG_IBSS_RSN |
752 WIPHY_FLAG_HAS_REMAIN_ON_CHANNEL |
753 WIPHY_FLAG_HAS_CHANNEL_SWITCH;
754
755 hw->wiphy->flags |= WIPHY_FLAG_SUPPORTS_TDLS;
756
757 hw->queues = 4;
758 hw->max_listen_interval = 1;
759
760 hw->vif_data_size = sizeof(struct ath9k_htc_vif);
761 hw->sta_data_size = sizeof(struct ath9k_htc_sta);
762
763 /* tx_frame_hdr is larger than tx_mgmt_hdr anyway */
764 hw->extra_tx_headroom = sizeof(struct tx_frame_hdr) +
765 sizeof(struct htc_frame_hdr) + 4;
766
767 if (priv->ah->caps.hw_caps & ATH9K_HW_CAP_2GHZ)
768 hw->wiphy->bands[IEEE80211_BAND_2GHZ] =
769 &common->sbands[IEEE80211_BAND_2GHZ];
770 if (priv->ah->caps.hw_caps & ATH9K_HW_CAP_5GHZ)
771 hw->wiphy->bands[IEEE80211_BAND_5GHZ] =
772 &common->sbands[IEEE80211_BAND_5GHZ];
773
774 ath9k_cmn_reload_chainmask(ah);
775
776 pBase = ath9k_htc_get_eeprom_base(priv);
777 if (pBase) {
778 hw->wiphy->available_antennas_rx = pBase->rxMask;
779 hw->wiphy->available_antennas_tx = pBase->txMask;
780 }
781
782 SET_IEEE80211_PERM_ADDR(hw, common->macaddr);
783 }
784
785 static int ath9k_init_firmware_version(struct ath9k_htc_priv *priv)
786 {
787 struct ieee80211_hw *hw = priv->hw;
788 struct wmi_fw_version cmd_rsp;
789 int ret;
790
791 memset(&cmd_rsp, 0, sizeof(cmd_rsp));
792
793 WMI_CMD(WMI_GET_FW_VERSION);
794 if (ret)
795 return -EINVAL;
796
797 priv->fw_version_major = be16_to_cpu(cmd_rsp.major);
798 priv->fw_version_minor = be16_to_cpu(cmd_rsp.minor);
799
800 snprintf(hw->wiphy->fw_version, sizeof(hw->wiphy->fw_version), "%d.%d",
801 priv->fw_version_major,
802 priv->fw_version_minor);
803
804 dev_info(priv->dev, "ath9k_htc: FW Version: %d.%d\n",
805 priv->fw_version_major,
806 priv->fw_version_minor);
807
808 /*
809 * Check if the available FW matches the driver's
810 * required version.
811 */
812 if (priv->fw_version_major != MAJOR_VERSION_REQ ||
813 priv->fw_version_minor < MINOR_VERSION_REQ) {
814 dev_err(priv->dev, "ath9k_htc: Please upgrade to FW version %d.%d\n",
815 MAJOR_VERSION_REQ, MINOR_VERSION_REQ);
816 return -EINVAL;
817 }
818
819 if (priv->fw_version_major == 1 && priv->fw_version_minor < 4)
820 set_bit(HTC_FWFLAG_NO_RMW, &priv->fw_flags);
821
822 dev_info(priv->dev, "FW RMW support: %s\n",
823 test_bit(HTC_FWFLAG_NO_RMW, &priv->fw_flags) ? "Off" : "On");
824
825 return 0;
826 }
827
828 static int ath9k_init_device(struct ath9k_htc_priv *priv,
829 u16 devid, char *product, u32 drv_info)
830 {
831 struct ieee80211_hw *hw = priv->hw;
832 struct ath_common *common;
833 struct ath_hw *ah;
834 int error = 0;
835 struct ath_regulatory *reg;
836 char hw_name[64];
837
838 /* Bring up device */
839 error = ath9k_init_priv(priv, devid, product, drv_info);
840 if (error != 0)
841 goto err_init;
842
843 ah = priv->ah;
844 common = ath9k_hw_common(ah);
845 ath9k_set_hw_capab(priv, hw);
846
847 error = ath9k_init_firmware_version(priv);
848 if (error != 0)
849 goto err_fw;
850
851 /* Initialize regulatory */
852 error = ath_regd_init(&common->regulatory, priv->hw->wiphy,
853 ath9k_reg_notifier);
854 if (error)
855 goto err_regd;
856
857 reg = &common->regulatory;
858
859 /* Setup TX */
860 error = ath9k_tx_init(priv);
861 if (error != 0)
862 goto err_tx;
863
864 /* Setup RX */
865 error = ath9k_rx_init(priv);
866 if (error != 0)
867 goto err_rx;
868
869 ath9k_hw_disable(priv->ah);
870 #ifdef CONFIG_MAC80211_LEDS
871 /* must be initialized before ieee80211_register_hw */
872 priv->led_cdev.default_trigger = ieee80211_create_tpt_led_trigger(priv->hw,
873 IEEE80211_TPT_LEDTRIG_FL_RADIO, ath9k_htc_tpt_blink,
874 ARRAY_SIZE(ath9k_htc_tpt_blink));
875 #endif
876
877 /* Register with mac80211 */
878 error = ieee80211_register_hw(hw);
879 if (error)
880 goto err_register;
881
882 /* Handle world regulatory */
883 if (!ath_is_world_regd(reg)) {
884 error = regulatory_hint(hw->wiphy, reg->alpha2);
885 if (error)
886 goto err_world;
887 }
888
889 error = ath9k_htc_init_debug(priv->ah);
890 if (error) {
891 ath_err(common, "Unable to create debugfs files\n");
892 goto err_world;
893 }
894
895 ath_dbg(common, CONFIG,
896 "WMI:%d, BCN:%d, CAB:%d, UAPSD:%d, MGMT:%d, BE:%d, BK:%d, VI:%d, VO:%d\n",
897 priv->wmi_cmd_ep,
898 priv->beacon_ep,
899 priv->cab_ep,
900 priv->uapsd_ep,
901 priv->mgmt_ep,
902 priv->data_be_ep,
903 priv->data_bk_ep,
904 priv->data_vi_ep,
905 priv->data_vo_ep);
906
907 ath9k_hw_name(priv->ah, hw_name, sizeof(hw_name));
908 wiphy_info(hw->wiphy, "%s\n", hw_name);
909
910 ath9k_init_leds(priv);
911 ath9k_start_rfkill_poll(priv);
912
913 return 0;
914
915 err_world:
916 ieee80211_unregister_hw(hw);
917 err_register:
918 ath9k_rx_cleanup(priv);
919 err_rx:
920 ath9k_tx_cleanup(priv);
921 err_tx:
922 /* Nothing */
923 err_regd:
924 /* Nothing */
925 err_fw:
926 ath9k_deinit_priv(priv);
927 err_init:
928 return error;
929 }
930
931 int ath9k_htc_probe_device(struct htc_target *htc_handle, struct device *dev,
932 u16 devid, char *product, u32 drv_info)
933 {
934 struct ieee80211_hw *hw;
935 struct ath9k_htc_priv *priv;
936 int ret;
937
938 hw = ieee80211_alloc_hw(sizeof(struct ath9k_htc_priv), &ath9k_htc_ops);
939 if (!hw)
940 return -ENOMEM;
941
942 priv = hw->priv;
943 priv->hw = hw;
944 priv->htc = htc_handle;
945 priv->dev = dev;
946 htc_handle->drv_priv = priv;
947 SET_IEEE80211_DEV(hw, priv->dev);
948
949 ret = ath9k_htc_wait_for_target(priv);
950 if (ret)
951 goto err_free;
952
953 priv->wmi = ath9k_init_wmi(priv);
954 if (!priv->wmi) {
955 ret = -EINVAL;
956 goto err_free;
957 }
958
959 ret = ath9k_init_htc_services(priv, devid, drv_info);
960 if (ret)
961 goto err_init;
962
963 ret = ath9k_init_device(priv, devid, product, drv_info);
964 if (ret)
965 goto err_init;
966
967 return 0;
968
969 err_init:
970 ath9k_deinit_wmi(priv);
971 err_free:
972 ieee80211_free_hw(hw);
973 return ret;
974 }
975
976 void ath9k_htc_disconnect_device(struct htc_target *htc_handle, bool hotunplug)
977 {
978 if (htc_handle->drv_priv) {
979
980 /* Check if the device has been yanked out. */
981 if (hotunplug)
982 htc_handle->drv_priv->ah->ah_flags |= AH_UNPLUGGED;
983
984 ath9k_deinit_device(htc_handle->drv_priv);
985 ath9k_deinit_wmi(htc_handle->drv_priv);
986 ieee80211_free_hw(htc_handle->drv_priv->hw);
987 }
988 }
989
990 #ifdef CONFIG_PM
991
992 void ath9k_htc_suspend(struct htc_target *htc_handle)
993 {
994 ath9k_htc_setpower(htc_handle->drv_priv, ATH9K_PM_FULL_SLEEP);
995 }
996
997 int ath9k_htc_resume(struct htc_target *htc_handle)
998 {
999 struct ath9k_htc_priv *priv = htc_handle->drv_priv;
1000 int ret;
1001
1002 ret = ath9k_htc_wait_for_target(priv);
1003 if (ret)
1004 return ret;
1005
1006 ret = ath9k_init_htc_services(priv, priv->ah->hw_version.devid,
1007 priv->ah->hw_version.usbdev);
1008 ath9k_configure_leds(priv);
1009
1010 return ret;
1011 }
1012 #endif
1013
1014 static int __init ath9k_htc_init(void)
1015 {
1016 if (ath9k_hif_usb_init() < 0) {
1017 pr_err("No USB devices found, driver not installed\n");
1018 return -ENODEV;
1019 }
1020
1021 return 0;
1022 }
1023 module_init(ath9k_htc_init);
1024
1025 static void __exit ath9k_htc_exit(void)
1026 {
1027 ath9k_hif_usb_exit();
1028 pr_info("Driver unloaded\n");
1029 }
1030 module_exit(ath9k_htc_exit); 1
2 #include <linux/kernel.h>
3 #include <linux/mutex.h>
4 #include <linux/spinlock.h>
5 #include <linux/errno.h>
6 #include <verifier/rcv.h>
7 #include <linux/list.h>
8
9 /* mutexes */
10 extern int mutex_lock_interruptible(struct mutex *lock);
11 extern int mutex_lock_killable(struct mutex *lock);
12 extern void mutex_lock(struct mutex *lock);
13
14 /* mutex model functions */
15 extern void ldv_mutex_lock(struct mutex *lock, char *sign);
16 extern int ldv_mutex_is_locked(struct mutex *lock, char *sign);
17 extern void ldv_mutex_unlock(struct mutex *lock, char *sign);
18
19
20 /* Spin locks */
21 extern void __ldv_spin_lock(spinlock_t *lock);
22 extern void __ldv_spin_unlock(spinlock_t *lock);
23 extern int __ldv_spin_trylock(spinlock_t *lock);
24 extern void __ldv_spin_unlock_wait(spinlock_t *lock);
25 extern void __ldv_spin_can_lock(spinlock_t *lock);
26 extern int __ldv_atomic_dec_and_lock(spinlock_t *lock);
27
28 /* spin model functions */
29 extern void ldv_spin_lock(spinlock_t *lock, char *sign);
30 extern void ldv_spin_unlock(spinlock_t *lock, char *sign);
31 extern int ldv_spin_is_locked(spinlock_t *lock, char *sign);
32
33 /* Support for list binder functions */
34 static inline struct list_head *ldv_list_get_first(struct list_head *head) {
35 return head->next;
36 }
37
38 static inline int ldv_list_is_stop(struct list_head *pos, struct list_head *head) {
39 return pos==head;
40 }
41
42 static inline struct list_head *ldv_list_get_next(struct list_head *pos) {
43 return pos->next;
44 }
45
46 #include <linux/mutex.h>
47 #include <linux/slab.h>
48 #include <verifier/rcv.h>
49 #include <linux/timer.h>
50 #include <linux/rtnetlink.h>
51 #include <linux/gfp.h>
52 struct file *fops_xmit_group2;
53 int ldv_state_variable_8;
54 int ldv_timer_1_3;
55 struct ath_common *ath9k_usb_bus_ops_group0;
56 struct inode *fops_debug_group1;
57 struct inode *fops_queue_group1;
58 struct ath_common *ath9k_htc_ps_ops_group0;
59 int ldv_state_variable_0;
60 int ldv_state_variable_5;
61 int ldv_state_variable_13;
62 int ldv_state_variable_12;
63 struct file *fops_tgt_tx_stats_group2;
64 struct file *fops_queue_group2;
65 int ldv_state_variable_14;
66 int ldv_timer_1_0;
67 int ldv_state_variable_9;
68 struct inode *fops_tgt_tx_stats_group1;
69 struct file *fops_debug_group2;
70 int ref_cnt;
71 struct mutex key_mtx;
72 int ldv_state_variable_1;
73 int ldv_state_variable_7;
74 struct inode *fops_xmit_group1;
75 struct inode *fops_skb_rx_group1;
76 struct file *fops_tgt_int_stats_group2;
77 struct usb_interface *ath9k_hif_usb_driver_group1;
78 struct timer_list * ldv_timer_list_1_3;
79 int ldv_state_variable_10;
80 struct timer_list * ldv_timer_list_1_1;
81 struct timer_list * ldv_timer_list_1_0;
82 int ldv_state_variable_6;
83 int ldv_timer_1_2;
84 int ldv_timer_1_1;
85 int ldv_state_variable_2;
86 struct timer_list * ldv_timer_list_1_2;
87 struct inode *fops_tgt_int_stats_group1;
88 struct ieee80211_hw *ath9k_htc_ops_group0;
89 int usb_counter;
90 int ldv_state_variable_11;
91 struct file *fops_slot_group2;
92 int LDV_IN_INTERRUPT = 1;
93 struct inode *fops_slot_group1;
94 struct inode *fops_tgt_rx_stats_group1;
95 int __VERIFIER_nondet_int(void);
96 struct file *fops_tgt_rx_stats_group2;
97 struct mutex fs_mutex;
98 int ldv_state_variable_3;
99 struct mutex ar_mutex;
100 struct file *fops_skb_rx_group2;
101 int ldv_state_variable_4;
102 void ldv_file_operations_7(void);
103 void ldv_file_operations_6(void);
104 void ldv_file_operations_2(void);
105 void activate_pending_timer_1(struct timer_list * timer, unsigned long data, int pending_flag);
106 void ldv_initialyze_ath_bus_ops_10(void);
107 int evil_hack_12(void);
108 void timer_init_1(void);
109 void ldv_file_operations_9(void);
110 void ldv_usb_driver_13(void);
111 void ldv_file_operations_3(void);
112 void ldv_file_operations_8(void);
113 int reg_timer_1(struct timer_list * timer, void (*function)(unsigned long), unsigned long data);
114 void ldv_initialyze_ath_ps_ops_11(void);
115 int evil_hack_key_12(void);
116 void ldv_initialyze_ieee80211_ops_12(void);
117 void disable_suitable_timer_1(struct timer_list * timer);
118 void activate_suitable_timer_1(struct timer_list * timer, unsigned long data);
119 int evil_hack_fs_lock(void);
120 int __VERIFIER_nondet_int(void);
121 void ldv_file_operations_5(void);
122 void choose_timer_1(void);
123 void ldv_timer_1(int state, struct timer_list * timer);
124 int evil_hack_ar_lock(void);
125 void ldv_file_operations_4(void);
126 #line 1 "/work/ldvuser/andrianov/work/current--X--drivers/net/wireless/ath/ath9k/--X--defaultlinux-4.5-rc7--X--races--X--cpachecker/linux-4.5-rc7/csd_deg_dscv/74/dscv_tempdir/dscv/ri/races/drivers/net/wireless/ath/ath9k/htc_drv_init.c"
127 /*
128 * Copyright (c) 2010-2011 Atheros Communications Inc.
129 *
130 * Permission to use, copy, modify, and/or distribute this software for any
131 * purpose with or without fee is hereby granted, provided that the above
132 * copyright notice and this permission notice appear in all copies.
133 *
134 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
135 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
136 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
137 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
138 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
139 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
140 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
141 */
142
143 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
144
145 #include "htc.h"
146
147 MODULE_AUTHOR("Atheros Communications");
148 MODULE_LICENSE("Dual BSD/GPL");
149 MODULE_DESCRIPTION("Atheros driver 802.11n HTC based wireless devices");
150
151 static unsigned int ath9k_debug = ATH_DBG_DEFAULT;
152 module_param_named(debug, ath9k_debug, uint, 0);
153 MODULE_PARM_DESC(debug, "Debugging mask");
154
155 int htc_modparam_nohwcrypt;
156 module_param_named(nohwcrypt, htc_modparam_nohwcrypt, int, 0444);
157 MODULE_PARM_DESC(nohwcrypt, "Disable hardware encryption");
158
159 static int ath9k_htc_btcoex_enable;
160 module_param_named(btcoex_enable, ath9k_htc_btcoex_enable, int, 0444);
161 MODULE_PARM_DESC(btcoex_enable, "Enable wifi-BT coexistence");
162
163 static int ath9k_ps_enable;
164 module_param_named(ps_enable, ath9k_ps_enable, int, 0444);
165 MODULE_PARM_DESC(ps_enable, "Enable WLAN PowerSave");
166
167 int htc_use_dev_fw = 0;
168 module_param_named(use_dev_fw, htc_use_dev_fw, int, 0444);
169 MODULE_PARM_DESC(use_dev_fw, "Use development FW version");
170
171 #ifdef CONFIG_MAC80211_LEDS
172 int ath9k_htc_led_blink = 1;
173 module_param_named(blink, ath9k_htc_led_blink, int, 0444);
174 MODULE_PARM_DESC(blink, "Enable LED blink on activity");
175
176 static const struct ieee80211_tpt_blink ath9k_htc_tpt_blink[] = {
177 { .throughput = 0 * 1024, .blink_time = 334 },
178 { .throughput = 1 * 1024, .blink_time = 260 },
179 { .throughput = 5 * 1024, .blink_time = 220 },
180 { .throughput = 10 * 1024, .blink_time = 190 },
181 { .throughput = 20 * 1024, .blink_time = 170 },
182 { .throughput = 50 * 1024, .blink_time = 150 },
183 { .throughput = 70 * 1024, .blink_time = 130 },
184 { .throughput = 100 * 1024, .blink_time = 110 },
185 { .throughput = 200 * 1024, .blink_time = 80 },
186 { .throughput = 300 * 1024, .blink_time = 50 },
187 };
188 #endif
189
190 static void ath9k_htc_op_ps_wakeup(struct ath_common *common)
191 {
192 ath9k_htc_ps_wakeup((struct ath9k_htc_priv *) common->priv);
193 }
194
195 static void ath9k_htc_op_ps_restore(struct ath_common *common)
196 {
197 ath9k_htc_ps_restore((struct ath9k_htc_priv *) common->priv);
198 }
199
200 static struct ath_ps_ops ath9k_htc_ps_ops = {
201 .wakeup = ath9k_htc_op_ps_wakeup,
202 .restore = ath9k_htc_op_ps_restore,
203 };
204
205 static int ath9k_htc_wait_for_target(struct ath9k_htc_priv *priv)
206 {
207 unsigned long time_left;
208
209 if (atomic_read(&priv->htc->tgt_ready) > 0) {
210 atomic_dec(&priv->htc->tgt_ready);
211 return 0;
212 }
213
214 /* Firmware can take up to 50ms to get ready, to be safe use 1 second */
215 time_left = wait_for_completion_timeout(&priv->htc->target_wait, HZ);
216 if (!time_left) {
217 dev_err(priv->dev, "ath9k_htc: Target is unresponsive\n");
218 return -ETIMEDOUT;
219 }
220
221 atomic_dec(&priv->htc->tgt_ready);
222
223 return 0;
224 }
225
226 static void ath9k_deinit_priv(struct ath9k_htc_priv *priv)
227 {
228 ath9k_hw_deinit(priv->ah);
229 kfree(priv->ah);
230 priv->ah = NULL;
231 }
232
233 static void ath9k_deinit_device(struct ath9k_htc_priv *priv)
234 {
235 struct ieee80211_hw *hw = priv->hw;
236
237 wiphy_rfkill_stop_polling(hw->wiphy);
238 ath9k_deinit_leds(priv);
239 ath9k_htc_deinit_debug(priv);
240 ieee80211_unregister_hw(hw);
241 ath9k_rx_cleanup(priv);
242 ath9k_tx_cleanup(priv);
243 ath9k_deinit_priv(priv);
244 }
245
246 static inline int ath9k_htc_connect_svc(struct ath9k_htc_priv *priv,
247 u16 service_id,
248 void (*tx) (void *,
249 struct sk_buff *,
250 enum htc_endpoint_id,
251 bool txok),
252 enum htc_endpoint_id *ep_id)
253 {
254 struct htc_service_connreq req;
255
256 memset(&req, 0, sizeof(struct htc_service_connreq));
257
258 req.service_id = service_id;
259 req.ep_callbacks.priv = priv;
260 req.ep_callbacks.rx = ath9k_htc_rxep;
261 req.ep_callbacks.tx = tx;
262
263 return htc_connect_service(priv->htc, &req, ep_id);
264 }
265
266 static int ath9k_init_htc_services(struct ath9k_htc_priv *priv, u16 devid,
267 u32 drv_info)
268 {
269 int ret;
270
271 /* WMI CMD*/
272 ret = ath9k_wmi_connect(priv->htc, priv->wmi, &priv->wmi_cmd_ep);
273 if (ret)
274 goto err;
275
276 /* Beacon */
277 ret = ath9k_htc_connect_svc(priv, WMI_BEACON_SVC, ath9k_htc_beaconep,
278 &priv->beacon_ep);
279 if (ret)
280 goto err;
281
282 /* CAB */
283 ret = ath9k_htc_connect_svc(priv, WMI_CAB_SVC, ath9k_htc_txep,
284 &priv->cab_ep);
285 if (ret)
286 goto err;
287
288
289 /* UAPSD */
290 ret = ath9k_htc_connect_svc(priv, WMI_UAPSD_SVC, ath9k_htc_txep,
291 &priv->uapsd_ep);
292 if (ret)
293 goto err;
294
295 /* MGMT */
296 ret = ath9k_htc_connect_svc(priv, WMI_MGMT_SVC, ath9k_htc_txep,
297 &priv->mgmt_ep);
298 if (ret)
299 goto err;
300
301 /* DATA BE */
302 ret = ath9k_htc_connect_svc(priv, WMI_DATA_BE_SVC, ath9k_htc_txep,
303 &priv->data_be_ep);
304 if (ret)
305 goto err;
306
307 /* DATA BK */
308 ret = ath9k_htc_connect_svc(priv, WMI_DATA_BK_SVC, ath9k_htc_txep,
309 &priv->data_bk_ep);
310 if (ret)
311 goto err;
312
313 /* DATA VI */
314 ret = ath9k_htc_connect_svc(priv, WMI_DATA_VI_SVC, ath9k_htc_txep,
315 &priv->data_vi_ep);
316 if (ret)
317 goto err;
318
319 /* DATA VO */
320 ret = ath9k_htc_connect_svc(priv, WMI_DATA_VO_SVC, ath9k_htc_txep,
321 &priv->data_vo_ep);
322 if (ret)
323 goto err;
324
325 /*
326 * Setup required credits before initializing HTC.
327 * This is a bit hacky, but, since queuing is done in
328 * the HIF layer, shouldn't matter much.
329 */
330
331 if (IS_AR7010_DEVICE(drv_info))
332 priv->htc->credits = 45;
333 else
334 priv->htc->credits = 33;
335
336 ret = htc_init(priv->htc);
337 if (ret)
338 goto err;
339
340 dev_info(priv->dev, "ath9k_htc: HTC initialized with %d credits\n",
341 priv->htc->credits);
342
343 return 0;
344
345 err:
346 dev_err(priv->dev, "ath9k_htc: Unable to initialize HTC services\n");
347 return ret;
348 }
349
350 static void ath9k_reg_notifier(struct wiphy *wiphy,
351 struct regulatory_request *request)
352 {
353 struct ieee80211_hw *hw = wiphy_to_ieee80211_hw(wiphy);
354 struct ath9k_htc_priv *priv = hw->priv;
355
356 ath_reg_notifier_apply(wiphy, request,
357 ath9k_hw_regulatory(priv->ah));
358 }
359
360 static unsigned int ath9k_regread(void *hw_priv, u32 reg_offset)
361 {
362 struct ath_hw *ah = (struct ath_hw *) hw_priv;
363 struct ath_common *common = ath9k_hw_common(ah);
364 struct ath9k_htc_priv *priv = (struct ath9k_htc_priv *) common->priv;
365 __be32 val, reg = cpu_to_be32(reg_offset);
366 int r;
367
368 r = ath9k_wmi_cmd(priv->wmi, WMI_REG_READ_CMDID,
369 (u8 *) ®, sizeof(reg),
370 (u8 *) &val, sizeof(val),
371 100);
372 if (unlikely(r)) {
373 ath_dbg(common, WMI, "REGISTER READ FAILED: (0x%04x, %d)\n",
374 reg_offset, r);
375 return -EIO;
376 }
377
378 return be32_to_cpu(val);
379 }
380
381 static void ath9k_multi_regread(void *hw_priv, u32 *addr,
382 u32 *val, u16 count)
383 {
384 struct ath_hw *ah = (struct ath_hw *) hw_priv;
385 struct ath_common *common = ath9k_hw_common(ah);
386 struct ath9k_htc_priv *priv = (struct ath9k_htc_priv *) common->priv;
387 __be32 tmpaddr[8];
388 __be32 tmpval[8];
389 int i, ret;
390
391 for (i = 0; i < count; i++) {
392 tmpaddr[i] = cpu_to_be32(addr[i]);
393 }
394
395 ret = ath9k_wmi_cmd(priv->wmi, WMI_REG_READ_CMDID,
396 (u8 *)tmpaddr , sizeof(u32) * count,
397 (u8 *)tmpval, sizeof(u32) * count,
398 100);
399 if (unlikely(ret)) {
400 ath_dbg(common, WMI,
401 "Multiple REGISTER READ FAILED (count: %d)\n", count);
402 }
403
404 for (i = 0; i < count; i++) {
405 val[i] = be32_to_cpu(tmpval[i]);
406 }
407 }
408
409 static void ath9k_regwrite_multi(struct ath_common *common)
410 {
411 struct ath9k_htc_priv *priv = (struct ath9k_htc_priv *) common->priv;
412 u32 rsp_status;
413 int r;
414
415 r = ath9k_wmi_cmd(priv->wmi, WMI_REG_WRITE_CMDID,
416 (u8 *) &priv->wmi->multi_write,
417 sizeof(struct register_write) * priv->wmi->multi_write_idx,
418 (u8 *) &rsp_status, sizeof(rsp_status),
419 100);
420 if (unlikely(r)) {
421 ath_dbg(common, WMI,
422 "REGISTER WRITE FAILED, multi len: %d\n",
423 priv->wmi->multi_write_idx);
424 }
425 priv->wmi->multi_write_idx = 0;
426 }
427
428 static void ath9k_regwrite_single(void *hw_priv, u32 val, u32 reg_offset)
429 {
430 struct ath_hw *ah = (struct ath_hw *) hw_priv;
431 struct ath_common *common = ath9k_hw_common(ah);
432 struct ath9k_htc_priv *priv = (struct ath9k_htc_priv *) common->priv;
433 const __be32 buf[2] = {
434 cpu_to_be32(reg_offset),
435 cpu_to_be32(val),
436 };
437 int r;
438
439 r = ath9k_wmi_cmd(priv->wmi, WMI_REG_WRITE_CMDID,
440 (u8 *) &buf, sizeof(buf),
441 (u8 *) &val, sizeof(val),
442 100);
443 if (unlikely(r)) {
444 ath_dbg(common, WMI, "REGISTER WRITE FAILED:(0x%04x, %d)\n",
445 reg_offset, r);
446 }
447 }
448
449 static void ath9k_regwrite_buffer(void *hw_priv, u32 val, u32 reg_offset)
450 {
451 struct ath_hw *ah = (struct ath_hw *) hw_priv;
452 struct ath_common *common = ath9k_hw_common(ah);
453 struct ath9k_htc_priv *priv = (struct ath9k_htc_priv *) common->priv;
454
455 mutex_lock(&priv->wmi->multi_write_mutex);
456
457 /* Store the register/value */
458 priv->wmi->multi_write[priv->wmi->multi_write_idx].reg =
459 cpu_to_be32(reg_offset);
460 priv->wmi->multi_write[priv->wmi->multi_write_idx].val =
461 cpu_to_be32(val);
462
463 priv->wmi->multi_write_idx++;
464
465 /* If the buffer is full, send it out. */
466 if (priv->wmi->multi_write_idx == MAX_CMD_NUMBER)
467 ath9k_regwrite_multi(common);
468
469 mutex_unlock(&priv->wmi->multi_write_mutex);
470 }
471
472 static void ath9k_regwrite(void *hw_priv, u32 val, u32 reg_offset)
473 {
474 struct ath_hw *ah = (struct ath_hw *) hw_priv;
475 struct ath_common *common = ath9k_hw_common(ah);
476 struct ath9k_htc_priv *priv = (struct ath9k_htc_priv *) common->priv;
477
478 if (atomic_read(&priv->wmi->mwrite_cnt))
479 ath9k_regwrite_buffer(hw_priv, val, reg_offset);
480 else
481 ath9k_regwrite_single(hw_priv, val, reg_offset);
482 }
483
484 static void ath9k_enable_regwrite_buffer(void *hw_priv)
485 {
486 struct ath_hw *ah = (struct ath_hw *) hw_priv;
487 struct ath_common *common = ath9k_hw_common(ah);
488 struct ath9k_htc_priv *priv = (struct ath9k_htc_priv *) common->priv;
489
490 atomic_inc(&priv->wmi->mwrite_cnt);
491 }
492
493 static void ath9k_regwrite_flush(void *hw_priv)
494 {
495 struct ath_hw *ah = (struct ath_hw *) hw_priv;
496 struct ath_common *common = ath9k_hw_common(ah);
497 struct ath9k_htc_priv *priv = (struct ath9k_htc_priv *) common->priv;
498
499 atomic_dec(&priv->wmi->mwrite_cnt);
500
501 mutex_lock(&priv->wmi->multi_write_mutex);
502
503 if (priv->wmi->multi_write_idx)
504 ath9k_regwrite_multi(common);
505
506 mutex_unlock(&priv->wmi->multi_write_mutex);
507 }
508
509 static void ath9k_reg_rmw_buffer(void *hw_priv,
510 u32 reg_offset, u32 set, u32 clr)
511 {
512 struct ath_hw *ah = (struct ath_hw *) hw_priv;
513 struct ath_common *common = ath9k_hw_common(ah);
514 struct ath9k_htc_priv *priv = (struct ath9k_htc_priv *) common->priv;
515 u32 rsp_status;
516 int r;
517
518 mutex_lock(&priv->wmi->multi_rmw_mutex);
519
520 /* Store the register/value */
521 priv->wmi->multi_rmw[priv->wmi->multi_rmw_idx].reg =
522 cpu_to_be32(reg_offset);
523 priv->wmi->multi_rmw[priv->wmi->multi_rmw_idx].set =
524 cpu_to_be32(set);
525 priv->wmi->multi_rmw[priv->wmi->multi_rmw_idx].clr =
526 cpu_to_be32(clr);
527
528 priv->wmi->multi_rmw_idx++;
529
530 /* If the buffer is full, send it out. */
531 if (priv->wmi->multi_rmw_idx == MAX_RMW_CMD_NUMBER) {
532 r = ath9k_wmi_cmd(priv->wmi, WMI_REG_RMW_CMDID,
533 (u8 *) &priv->wmi->multi_rmw,
534 sizeof(struct register_write) * priv->wmi->multi_rmw_idx,
535 (u8 *) &rsp_status, sizeof(rsp_status),
536 100);
537 if (unlikely(r)) {
538 ath_dbg(common, WMI,
539 "REGISTER RMW FAILED, multi len: %d\n",
540 priv->wmi->multi_rmw_idx);
541 }
542 priv->wmi->multi_rmw_idx = 0;
543 }
544
545 mutex_unlock(&priv->wmi->multi_rmw_mutex);
546 }
547
548 static void ath9k_reg_rmw_flush(void *hw_priv)
549 {
550 struct ath_hw *ah = (struct ath_hw *) hw_priv;
551 struct ath_common *common = ath9k_hw_common(ah);
552 struct ath9k_htc_priv *priv = (struct ath9k_htc_priv *) common->priv;
553 u32 rsp_status;
554 int r;
555
556 if (test_bit(HTC_FWFLAG_NO_RMW, &priv->fw_flags))
557 return;
558
559 atomic_dec(&priv->wmi->m_rmw_cnt);
560
561 mutex_lock(&priv->wmi->multi_rmw_mutex);
562
563 if (priv->wmi->multi_rmw_idx) {
564 r = ath9k_wmi_cmd(priv->wmi, WMI_REG_RMW_CMDID,
565 (u8 *) &priv->wmi->multi_rmw,
566 sizeof(struct register_rmw) * priv->wmi->multi_rmw_idx,
567 (u8 *) &rsp_status, sizeof(rsp_status),
568 100);
569 if (unlikely(r)) {
570 ath_dbg(common, WMI,
571 "REGISTER RMW FAILED, multi len: %d\n",
572 priv->wmi->multi_rmw_idx);
573 }
574 priv->wmi->multi_rmw_idx = 0;
575 }
576
577 mutex_unlock(&priv->wmi->multi_rmw_mutex);
578 }
579
580 static void ath9k_enable_rmw_buffer(void *hw_priv)
581 {
582 struct ath_hw *ah = (struct ath_hw *) hw_priv;
583 struct ath_common *common = ath9k_hw_common(ah);
584 struct ath9k_htc_priv *priv = (struct ath9k_htc_priv *) common->priv;
585
586 if (test_bit(HTC_FWFLAG_NO_RMW, &priv->fw_flags))
587 return;
588
589 atomic_inc(&priv->wmi->m_rmw_cnt);
590 }
591
592 static u32 ath9k_reg_rmw_single(void *hw_priv,
593 u32 reg_offset, u32 set, u32 clr)
594 {
595 struct ath_hw *ah = (struct ath_hw *) hw_priv;
596 struct ath_common *common = ath9k_hw_common(ah);
597 struct ath9k_htc_priv *priv = (struct ath9k_htc_priv *) common->priv;
598 struct register_rmw buf, buf_ret;
599 int ret;
600 u32 val = 0;
601
602 buf.reg = cpu_to_be32(reg_offset);
603 buf.set = cpu_to_be32(set);
604 buf.clr = cpu_to_be32(clr);
605
606 ret = ath9k_wmi_cmd(priv->wmi, WMI_REG_RMW_CMDID,
607 (u8 *) &buf, sizeof(buf),
608 (u8 *) &buf_ret, sizeof(buf_ret),
609 100);
610 if (unlikely(ret)) {
611 ath_dbg(common, WMI, "REGISTER RMW FAILED:(0x%04x, %d)\n",
612 reg_offset, ret);
613 }
614 return val;
615 }
616
617 static u32 ath9k_reg_rmw(void *hw_priv, u32 reg_offset, u32 set, u32 clr)
618 {
619 struct ath_hw *ah = (struct ath_hw *) hw_priv;
620 struct ath_common *common = ath9k_hw_common(ah);
621 struct ath9k_htc_priv *priv = (struct ath9k_htc_priv *) common->priv;
622
623 if (test_bit(HTC_FWFLAG_NO_RMW, &priv->fw_flags)) {
624 u32 val;
625
626 val = REG_READ(ah, reg_offset);
627 val &= ~clr;
628 val |= set;
629 REG_WRITE(ah, reg_offset, val);
630
631 return 0;
632 }
633
634 if (atomic_read(&priv->wmi->m_rmw_cnt))
635 ath9k_reg_rmw_buffer(hw_priv, reg_offset, set, clr);
636 else
637 ath9k_reg_rmw_single(hw_priv, reg_offset, set, clr);
638
639 return 0;
640 }
641
642 static void ath_usb_read_cachesize(struct ath_common *common, int *csz)
643 {
644 *csz = L1_CACHE_BYTES >> 2;
645 }
646
647 static bool ath_usb_eeprom_read(struct ath_common *common, u32 off, u16 *data)
648 {
649 struct ath_hw *ah = (struct ath_hw *) common->ah;
650
651 (void)REG_READ(ah, AR5416_EEPROM_OFFSET + (off << AR5416_EEPROM_S));
652
653 if (!ath9k_hw_wait(ah,
654 AR_EEPROM_STATUS_DATA,
655 AR_EEPROM_STATUS_DATA_BUSY |
656 AR_EEPROM_STATUS_DATA_PROT_ACCESS, 0,
657 AH_WAIT_TIMEOUT))
658 return false;
659
660 *data = MS(REG_READ(ah, AR_EEPROM_STATUS_DATA),
661 AR_EEPROM_STATUS_DATA_VAL);
662
663 return true;
664 }
665
666 static const struct ath_bus_ops ath9k_usb_bus_ops = {
667 .ath_bus_type = ATH_USB,
668 .read_cachesize = ath_usb_read_cachesize,
669 .eeprom_read = ath_usb_eeprom_read,
670 };
671
672 static int ath9k_init_queues(struct ath9k_htc_priv *priv)
673 {
674 struct ath_common *common = ath9k_hw_common(priv->ah);
675 int i;
676
677 for (i = 0; i < ARRAY_SIZE(priv->hwq_map); i++)
678 priv->hwq_map[i] = -1;
679
680 priv->beacon.beaconq = ath9k_hw_beaconq_setup(priv->ah);
681 if (priv->beacon.beaconq == -1) {
682 ath_err(common, "Unable to setup BEACON xmit queue\n");
683 goto err;
684 }
685
686 priv->cabq = ath9k_htc_cabq_setup(priv);
687 if (priv->cabq == -1) {
688 ath_err(common, "Unable to setup CAB xmit queue\n");
689 goto err;
690 }
691
692 if (!ath9k_htc_txq_setup(priv, IEEE80211_AC_BE)) {
693 ath_err(common, "Unable to setup xmit queue for BE traffic\n");
694 goto err;
695 }
696
697 if (!ath9k_htc_txq_setup(priv, IEEE80211_AC_BK)) {
698 ath_err(common, "Unable to setup xmit queue for BK traffic\n");
699 goto err;
700 }
701 if (!ath9k_htc_txq_setup(priv, IEEE80211_AC_VI)) {
702 ath_err(common, "Unable to setup xmit queue for VI traffic\n");
703 goto err;
704 }
705 if (!ath9k_htc_txq_setup(priv, IEEE80211_AC_VO)) {
706 ath_err(common, "Unable to setup xmit queue for VO traffic\n");
707 goto err;
708 }
709
710 return 0;
711
712 err:
713 return -EINVAL;
714 }
715
716 static void ath9k_init_misc(struct ath9k_htc_priv *priv)
717 {
718 struct ath_common *common = ath9k_hw_common(priv->ah);
719
720 memcpy(common->bssidmask, ath_bcast_mac, ETH_ALEN);
721
722 common->last_rssi = ATH_RSSI_DUMMY_MARKER;
723 priv->ah->opmode = NL80211_IFTYPE_STATION;
724
725 priv->spec_priv.ah = priv->ah;
726 priv->spec_priv.spec_config.enabled = 0;
727 priv->spec_priv.spec_config.short_repeat = true;
728 priv->spec_priv.spec_config.count = 8;
729 priv->spec_priv.spec_config.endless = false;
730 priv->spec_priv.spec_config.period = 0x12;
731 priv->spec_priv.spec_config.fft_period = 0x02;
732 }
733
734 static int ath9k_init_priv(struct ath9k_htc_priv *priv,
735 u16 devid, char *product,
736 u32 drv_info)
737 {
738 struct ath_hw *ah = NULL;
739 struct ath_common *common;
740 int i, ret = 0, csz = 0;
741
742 ah = kzalloc(sizeof(struct ath_hw), GFP_KERNEL);
743 if (!ah)
744 return -ENOMEM;
745
746 ah->dev = priv->dev;
747 ah->hw = priv->hw;
748 ah->hw_version.devid = devid;
749 ah->hw_version.usbdev = drv_info;
750 ah->ah_flags |= AH_USE_EEPROM;
751 ah->reg_ops.read = ath9k_regread;
752 ah->reg_ops.multi_read = ath9k_multi_regread;
753 ah->reg_ops.write = ath9k_regwrite;
754 ah->reg_ops.enable_write_buffer = ath9k_enable_regwrite_buffer;
755 ah->reg_ops.write_flush = ath9k_regwrite_flush;
756 ah->reg_ops.enable_rmw_buffer = ath9k_enable_rmw_buffer;
757 ah->reg_ops.rmw_flush = ath9k_reg_rmw_flush;
758 ah->reg_ops.rmw = ath9k_reg_rmw;
759 priv->ah = ah;
760
761 common = ath9k_hw_common(ah);
762 common->ops = &ah->reg_ops;
763 common->ps_ops = &ath9k_htc_ps_ops;
764 common->bus_ops = &ath9k_usb_bus_ops;
765 common->ah = ah;
766 common->hw = priv->hw;
767 common->priv = priv;
768 common->debug_mask = ath9k_debug;
769 common->btcoex_enabled = ath9k_htc_btcoex_enable == 1;
770 set_bit(ATH_OP_INVALID, &common->op_flags);
771
772 spin_lock_init(&priv->beacon_lock);
773 spin_lock_init(&priv->tx.tx_lock);
774 mutex_init(&priv->mutex);
775 mutex_init(&priv->htc_pm_lock);
776 tasklet_init(&priv->rx_tasklet, ath9k_rx_tasklet,
777 (unsigned long)priv);
778 tasklet_init(&priv->tx_failed_tasklet, ath9k_tx_failed_tasklet,
779 (unsigned long)priv);
780 INIT_DELAYED_WORK(&priv->ani_work, ath9k_htc_ani_work);
781 INIT_WORK(&priv->ps_work, ath9k_ps_work);
782 INIT_WORK(&priv->fatal_work, ath9k_fatal_work);
783 setup_timer(&priv->tx.cleanup_timer, ath9k_htc_tx_cleanup_timer,
784 (unsigned long)priv);
785
786 /*
787 * Cache line size is used to size and align various
788 * structures used to communicate with the hardware.
789 */
790 ath_read_cachesize(common, &csz);
791 common->cachelsz = csz << 2; /* convert to bytes */
792
793 ret = ath9k_hw_init(ah);
794 if (ret) {
795 ath_err(common,
796 "Unable to initialize hardware; initialization status: %d\n",
797 ret);
798 goto err_hw;
799 }
800
801 ret = ath9k_init_queues(priv);
802 if (ret)
803 goto err_queues;
804
805 for (i = 0; i < ATH9K_HTC_MAX_BCN_VIF; i++)
806 priv->beacon.bslot[i] = NULL;
807 priv->beacon.slottime = ATH9K_SLOT_TIME_9;
808
809 ath9k_cmn_init_channels_rates(common);
810 ath9k_cmn_init_crypto(ah);
811 ath9k_init_misc(priv);
812 ath9k_htc_init_btcoex(priv, product);
813
814 return 0;
815
816 err_queues:
817 ath9k_hw_deinit(ah);
818 err_hw:
819
820 kfree(ah);
821 priv->ah = NULL;
822
823 return ret;
824 }
825
826 static const struct ieee80211_iface_limit if_limits[] = {
827 { .max = 2, .types = BIT(NL80211_IFTYPE_STATION) |
828 BIT(NL80211_IFTYPE_P2P_CLIENT) },
829 { .max = 2, .types = BIT(NL80211_IFTYPE_AP) |
830 #ifdef CONFIG_MAC80211_MESH
831 BIT(NL80211_IFTYPE_MESH_POINT) |
832 #endif
833 BIT(NL80211_IFTYPE_P2P_GO) },
834 };
835
836 static const struct ieee80211_iface_combination if_comb = {
837 .limits = if_limits,
838 .n_limits = ARRAY_SIZE(if_limits),
839 .max_interfaces = 2,
840 .num_different_channels = 1,
841 };
842
843 static void ath9k_set_hw_capab(struct ath9k_htc_priv *priv,
844 struct ieee80211_hw *hw)
845 {
846 struct ath_hw *ah = priv->ah;
847 struct ath_common *common = ath9k_hw_common(priv->ah);
848 struct base_eep_header *pBase;
849
850 ieee80211_hw_set(hw, HOST_BROADCAST_PS_BUFFERING);
851 ieee80211_hw_set(hw, MFP_CAPABLE);
852 ieee80211_hw_set(hw, REPORTS_TX_ACK_STATUS);
853 ieee80211_hw_set(hw, PS_NULLFUNC_STACK);
854 ieee80211_hw_set(hw, RX_INCLUDES_FCS);
855 ieee80211_hw_set(hw, HAS_RATE_CONTROL);
856 ieee80211_hw_set(hw, SPECTRUM_MGMT);
857 ieee80211_hw_set(hw, SIGNAL_DBM);
858 ieee80211_hw_set(hw, AMPDU_AGGREGATION);
859
860 if (ath9k_ps_enable)
861 ieee80211_hw_set(hw, SUPPORTS_PS);
862
863 hw->wiphy->interface_modes =
864 BIT(NL80211_IFTYPE_STATION) |
865 BIT(NL80211_IFTYPE_ADHOC) |
866 BIT(NL80211_IFTYPE_AP) |
867 BIT(NL80211_IFTYPE_P2P_GO) |
868 BIT(NL80211_IFTYPE_P2P_CLIENT) |
869 BIT(NL80211_IFTYPE_MESH_POINT) |
870 BIT(NL80211_IFTYPE_OCB);
871
872 hw->wiphy->iface_combinations = &if_comb;
873 hw->wiphy->n_iface_combinations = 1;
874
875 hw->wiphy->flags &= ~WIPHY_FLAG_PS_ON_BY_DEFAULT;
876
877 hw->wiphy->flags |= WIPHY_FLAG_IBSS_RSN |
878 WIPHY_FLAG_HAS_REMAIN_ON_CHANNEL |
879 WIPHY_FLAG_HAS_CHANNEL_SWITCH;
880
881 hw->wiphy->flags |= WIPHY_FLAG_SUPPORTS_TDLS;
882
883 hw->queues = 4;
884 hw->max_listen_interval = 1;
885
886 hw->vif_data_size = sizeof(struct ath9k_htc_vif);
887 hw->sta_data_size = sizeof(struct ath9k_htc_sta);
888
889 /* tx_frame_hdr is larger than tx_mgmt_hdr anyway */
890 hw->extra_tx_headroom = sizeof(struct tx_frame_hdr) +
891 sizeof(struct htc_frame_hdr) + 4;
892
893 if (priv->ah->caps.hw_caps & ATH9K_HW_CAP_2GHZ)
894 hw->wiphy->bands[IEEE80211_BAND_2GHZ] =
895 &common->sbands[IEEE80211_BAND_2GHZ];
896 if (priv->ah->caps.hw_caps & ATH9K_HW_CAP_5GHZ)
897 hw->wiphy->bands[IEEE80211_BAND_5GHZ] =
898 &common->sbands[IEEE80211_BAND_5GHZ];
899
900 ath9k_cmn_reload_chainmask(ah);
901
902 pBase = ath9k_htc_get_eeprom_base(priv);
903 if (pBase) {
904 hw->wiphy->available_antennas_rx = pBase->rxMask;
905 hw->wiphy->available_antennas_tx = pBase->txMask;
906 }
907
908 SET_IEEE80211_PERM_ADDR(hw, common->macaddr);
909 }
910
911 static int ath9k_init_firmware_version(struct ath9k_htc_priv *priv)
912 {
913 struct ieee80211_hw *hw = priv->hw;
914 struct wmi_fw_version cmd_rsp;
915 int ret;
916
917 memset(&cmd_rsp, 0, sizeof(cmd_rsp));
918
919 WMI_CMD(WMI_GET_FW_VERSION);
920 if (ret)
921 return -EINVAL;
922
923 priv->fw_version_major = be16_to_cpu(cmd_rsp.major);
924 priv->fw_version_minor = be16_to_cpu(cmd_rsp.minor);
925
926 snprintf(hw->wiphy->fw_version, sizeof(hw->wiphy->fw_version), "%d.%d",
927 priv->fw_version_major,
928 priv->fw_version_minor);
929
930 dev_info(priv->dev, "ath9k_htc: FW Version: %d.%d\n",
931 priv->fw_version_major,
932 priv->fw_version_minor);
933
934 /*
935 * Check if the available FW matches the driver's
936 * required version.
937 */
938 if (priv->fw_version_major != MAJOR_VERSION_REQ ||
939 priv->fw_version_minor < MINOR_VERSION_REQ) {
940 dev_err(priv->dev, "ath9k_htc: Please upgrade to FW version %d.%d\n",
941 MAJOR_VERSION_REQ, MINOR_VERSION_REQ);
942 return -EINVAL;
943 }
944
945 if (priv->fw_version_major == 1 && priv->fw_version_minor < 4)
946 set_bit(HTC_FWFLAG_NO_RMW, &priv->fw_flags);
947
948 dev_info(priv->dev, "FW RMW support: %s\n",
949 test_bit(HTC_FWFLAG_NO_RMW, &priv->fw_flags) ? "Off" : "On");
950
951 return 0;
952 }
953
954 static int ath9k_init_device(struct ath9k_htc_priv *priv,
955 u16 devid, char *product, u32 drv_info)
956 {
957 struct ieee80211_hw *hw = priv->hw;
958 struct ath_common *common;
959 struct ath_hw *ah;
960 int error = 0;
961 struct ath_regulatory *reg;
962 char hw_name[64];
963
964 /* Bring up device */
965 error = ath9k_init_priv(priv, devid, product, drv_info);
966 if (error != 0)
967 goto err_init;
968
969 ah = priv->ah;
970 common = ath9k_hw_common(ah);
971 ath9k_set_hw_capab(priv, hw);
972
973 error = ath9k_init_firmware_version(priv);
974 if (error != 0)
975 goto err_fw;
976
977 /* Initialize regulatory */
978 error = ath_regd_init(&common->regulatory, priv->hw->wiphy,
979 ath9k_reg_notifier);
980 if (error)
981 goto err_regd;
982
983 reg = &common->regulatory;
984
985 /* Setup TX */
986 error = ath9k_tx_init(priv);
987 if (error != 0)
988 goto err_tx;
989
990 /* Setup RX */
991 error = ath9k_rx_init(priv);
992 if (error != 0)
993 goto err_rx;
994
995 ath9k_hw_disable(priv->ah);
996 #ifdef CONFIG_MAC80211_LEDS
997 /* must be initialized before ieee80211_register_hw */
998 priv->led_cdev.default_trigger = ieee80211_create_tpt_led_trigger(priv->hw,
999 IEEE80211_TPT_LEDTRIG_FL_RADIO, ath9k_htc_tpt_blink,
1000 ARRAY_SIZE(ath9k_htc_tpt_blink));
1001 #endif
1002
1003 /* Register with mac80211 */
1004 error = ieee80211_register_hw(hw);
1005 if (error)
1006 goto err_register;
1007
1008 /* Handle world regulatory */
1009 if (!ath_is_world_regd(reg)) {
1010 error = regulatory_hint(hw->wiphy, reg->alpha2);
1011 if (error)
1012 goto err_world;
1013 }
1014
1015 error = ath9k_htc_init_debug(priv->ah);
1016 if (error) {
1017 ath_err(common, "Unable to create debugfs files\n");
1018 goto err_world;
1019 }
1020
1021 ath_dbg(common, CONFIG,
1022 "WMI:%d, BCN:%d, CAB:%d, UAPSD:%d, MGMT:%d, BE:%d, BK:%d, VI:%d, VO:%d\n",
1023 priv->wmi_cmd_ep,
1024 priv->beacon_ep,
1025 priv->cab_ep,
1026 priv->uapsd_ep,
1027 priv->mgmt_ep,
1028 priv->data_be_ep,
1029 priv->data_bk_ep,
1030 priv->data_vi_ep,
1031 priv->data_vo_ep);
1032
1033 ath9k_hw_name(priv->ah, hw_name, sizeof(hw_name));
1034 wiphy_info(hw->wiphy, "%s\n", hw_name);
1035
1036 ath9k_init_leds(priv);
1037 ath9k_start_rfkill_poll(priv);
1038
1039 return 0;
1040
1041 err_world:
1042 ieee80211_unregister_hw(hw);
1043 err_register:
1044 ath9k_rx_cleanup(priv);
1045 err_rx:
1046 ath9k_tx_cleanup(priv);
1047 err_tx:
1048 /* Nothing */
1049 err_regd:
1050 /* Nothing */
1051 err_fw:
1052 ath9k_deinit_priv(priv);
1053 err_init:
1054 return error;
1055 }
1056
1057 int ath9k_htc_probe_device(struct htc_target *htc_handle, struct device *dev,
1058 u16 devid, char *product, u32 drv_info)
1059 {
1060 struct ieee80211_hw *hw;
1061 struct ath9k_htc_priv *priv;
1062 int ret;
1063
1064 hw = ieee80211_alloc_hw(sizeof(struct ath9k_htc_priv), &ath9k_htc_ops);
1065 if (!hw)
1066 return -ENOMEM;
1067
1068 priv = hw->priv;
1069 priv->hw = hw;
1070 priv->htc = htc_handle;
1071 priv->dev = dev;
1072 htc_handle->drv_priv = priv;
1073 SET_IEEE80211_DEV(hw, priv->dev);
1074
1075 ret = ath9k_htc_wait_for_target(priv);
1076 if (ret)
1077 goto err_free;
1078
1079 priv->wmi = ath9k_init_wmi(priv);
1080 if (!priv->wmi) {
1081 ret = -EINVAL;
1082 goto err_free;
1083 }
1084
1085 ret = ath9k_init_htc_services(priv, devid, drv_info);
1086 if (ret)
1087 goto err_init;
1088
1089 ret = ath9k_init_device(priv, devid, product, drv_info);
1090 if (ret)
1091 goto err_init;
1092
1093 return 0;
1094
1095 err_init:
1096 ath9k_deinit_wmi(priv);
1097 err_free:
1098 ieee80211_free_hw(hw);
1099 return ret;
1100 }
1101
1102 void ath9k_htc_disconnect_device(struct htc_target *htc_handle, bool hotunplug)
1103 {
1104 if (htc_handle->drv_priv) {
1105
1106 /* Check if the device has been yanked out. */
1107 if (hotunplug)
1108 htc_handle->drv_priv->ah->ah_flags |= AH_UNPLUGGED;
1109
1110 ath9k_deinit_device(htc_handle->drv_priv);
1111 ath9k_deinit_wmi(htc_handle->drv_priv);
1112 ieee80211_free_hw(htc_handle->drv_priv->hw);
1113 }
1114 }
1115
1116 #ifdef CONFIG_PM
1117
1118 void ath9k_htc_suspend(struct htc_target *htc_handle)
1119 {
1120 ath9k_htc_setpower(htc_handle->drv_priv, ATH9K_PM_FULL_SLEEP);
1121 }
1122
1123 int ath9k_htc_resume(struct htc_target *htc_handle)
1124 {
1125 struct ath9k_htc_priv *priv = htc_handle->drv_priv;
1126 int ret;
1127
1128 ret = ath9k_htc_wait_for_target(priv);
1129 if (ret)
1130 return ret;
1131
1132 ret = ath9k_init_htc_services(priv, priv->ah->hw_version.devid,
1133 priv->ah->hw_version.usbdev);
1134 ath9k_configure_leds(priv);
1135
1136 return ret;
1137 }
1138 #endif
1139
1140 static int __init ath9k_htc_init(void)
1141 {
1142 if (ath9k_hif_usb_init() < 0) {
1143 pr_err("No USB devices found, driver not installed\n");
1144 return -ENODEV;
1145 }
1146
1147 return 0;
1148 }
1149 module_init(ath9k_htc_init);
1150
1151 static void __exit ath9k_htc_exit(void)
1152 {
1153 ath9k_hif_usb_exit();
1154 pr_info("Driver unloaded\n");
1155 }
1156 module_exit(ath9k_htc_exit);
1157
1158 #line 126 "/work/ldvuser/andrianov/work/current--X--drivers/net/wireless/ath/ath9k/--X--defaultlinux-4.5-rc7--X--races--X--cpachecker/linux-4.5-rc7/csd_deg_dscv/74/dscv_tempdir/dscv/ri/races/drivers/net/wireless/ath/ath9k/htc_drv_init.o.c.prepared"
1159
1160 int ldv_probe_10(void);
1161 void ldv_initialize(void);
1162 void ldv_check_final_state(void);
1163 int ldv_retval_8;
1164 int ldv_release_10(void);
1165
1166
1167 void activate_pending_timer_1(struct timer_list * timer, unsigned long data, int pending_flag){
1168 if(ldv_timer_list_1_0 == timer){
1169 if(ldv_timer_1_0 == 2 || pending_flag){
1170 ldv_timer_list_1_0 = timer;
1171 ldv_timer_list_1_0->data = data;
1172 ldv_timer_1_0 = 1;
1173 }
1174 return;
1175 }
1176
1177 if(ldv_timer_list_1_1 == timer){
1178 if(ldv_timer_1_1 == 2 || pending_flag){
1179 ldv_timer_list_1_1 = timer;
1180 ldv_timer_list_1_1->data = data;
1181 ldv_timer_1_1 = 1;
1182 }
1183 return;
1184 }
1185
1186 if(ldv_timer_list_1_2 == timer){
1187 if(ldv_timer_1_2 == 2 || pending_flag){
1188 ldv_timer_list_1_2 = timer;
1189 ldv_timer_list_1_2->data = data;
1190 ldv_timer_1_2= 1;
1191 }
1192 return;
1193 }
1194
1195 if(ldv_timer_list_1_3 == timer){
1196 if(ldv_timer_1_3 == 2 || pending_flag){
1197 ldv_timer_list_1_3 = timer;
1198 ldv_timer_list_1_3->data = data;
1199 ldv_timer_1_3 = 1;
1200 }
1201 return;
1202 }
1203 activate_suitable_timer_1(timer, data);
1204 }
1205
1206
1207 void ldv_initialyze_ath_bus_ops_10(void){
1208 ath9k_usb_bus_ops_group0 = ldv_undef_ptr();
1209 }
1210
1211 void timer_init_1(void){
1212 ldv_timer_1_0 = 0;
1213 ldv_timer_1_1 = 0;
1214 ldv_timer_1_2 = 0;
1215 ldv_timer_1_3 = 0;
1216 }
1217
1218
1219 int reg_timer_1(struct timer_list * timer, void (*function)(unsigned long), unsigned long data){
1220 if(function == ath9k_htc_tx_cleanup_timer){
1221 activate_suitable_timer_1(timer, data);
1222 }
1223 }
1224
1225
1226 void ldv_initialyze_ath_ps_ops_11(void){
1227 ath9k_htc_ps_ops_group0 = ldv_undef_ptr();
1228 }
1229
1230 void disable_suitable_timer_1(struct timer_list * timer){
1231 if(ldv_timer_1_0 != 0 && timer == ldv_timer_list_1_0){
1232 ldv_timer_1_0 = 0;
1233 return;
1234 }
1235 if(ldv_timer_1_1 != 0 && timer == ldv_timer_list_1_1){
1236 ldv_timer_1_1 = 0;
1237 return;
1238 }
1239 if(ldv_timer_1_2 != 0 && timer == ldv_timer_list_1_2){
1240 ldv_timer_1_2 = 0;
1241 return;
1242 }
1243 if(ldv_timer_1_3 != 0 && timer == ldv_timer_list_1_3){
1244 ldv_timer_1_3 = 0;
1245 return;
1246 }
1247 return;
1248 }
1249
1250
1251 void activate_suitable_timer_1(struct timer_list * timer, unsigned long data){
1252 if(ldv_timer_1_0 == 0 || ldv_timer_1_0 == 2){
1253 ldv_timer_list_1_0 = timer;
1254 ldv_timer_list_1_0->data = data;
1255 ldv_timer_1_0 = 1;
1256 return;
1257 }
1258 if(ldv_timer_1_1 == 0 || ldv_timer_1_1 == 2){
1259 ldv_timer_list_1_1 = timer;
1260 ldv_timer_list_1_1->data = data;
1261 ldv_timer_1_1 = 1;
1262 return;
1263 }
1264 if(ldv_timer_1_2 == 0 || ldv_timer_1_2 == 2){
1265 ldv_timer_list_1_2 = timer;
1266 ldv_timer_list_1_2->data = data;
1267 ldv_timer_1_2 = 1;
1268 return;
1269 }
1270 if(ldv_timer_1_3 == 0 || ldv_timer_1_3 == 2){
1271 ldv_timer_list_1_3 = timer;
1272 ldv_timer_list_1_3->data = data;
1273 ldv_timer_1_3 = 1;
1274 return;
1275 }
1276 return;
1277 }
1278
1279
1280 int evil_hack_fs_lock(void){
1281 mutex_lock(&fs_mutex);
1282 return 1;
1283 }
1284
1285 int __VERIFIER_nondet_int(void);
1286
1287 void choose_timer_1(void){
1288 switch(__VERIFIER_nondet_int()){
1289 case 0: {
1290 if(ldv_timer_1_0 == 1){
1291 ldv_timer_1_0 = 2;
1292 ldv_timer_1(ldv_timer_1_0, ldv_timer_list_1_0);
1293 }
1294 }
1295 break;
1296 case 1: {
1297 if(ldv_timer_1_1 == 1){
1298 ldv_timer_1_1 = 2;
1299 ldv_timer_1(ldv_timer_1_1, ldv_timer_list_1_1);
1300 }
1301 }
1302 break;
1303 case 2: {
1304 if(ldv_timer_1_2 == 1){
1305 ldv_timer_1_2 = 2;
1306 ldv_timer_1(ldv_timer_1_2, ldv_timer_list_1_2);
1307 }
1308 }
1309 break;
1310 case 3: {
1311 if(ldv_timer_1_3 == 1){
1312 ldv_timer_1_3 = 2;
1313 ldv_timer_1(ldv_timer_1_3, ldv_timer_list_1_3);
1314 }
1315 }
1316 break;
1317 default: ldv_assume(0);
1318 }
1319 return;
1320 }
1321
1322
1323 void ldv_timer_1(int state, struct timer_list * timer){
1324 LDV_IN_INTERRUPT=2;
1325 (ath9k_htc_tx_cleanup_timer)(timer->data);
1326 LDV_IN_INTERRUPT=1;
1327 }
1328
1329
1330 int evil_hack_ar_lock(void){
1331 mutex_lock(&ar_mutex);
1332 return 1;
1333 }
1334
1335
1336 /* DEG-ENVIRONMENT-BEGIN */
1337 extern void ldv_main_exported_12(void);
1338 extern void ldv_main_exported_11(void);
1339 extern void ldv_main_exported_0(void);
1340 extern void ldv_main_exported_10(void);
1341 extern void ldv_main_exported_13(void);
1342 extern void ldv_main_exported_14(void);
1343 extern void ldv_main_exported_6(void);
1344 extern void ldv_main_exported_3(void);
1345 extern void ldv_main_exported_7(void);
1346 extern void ldv_main_exported_9(void);
1347 extern void ldv_main_exported_2(void);
1348 extern void ldv_main_exported_8(void);
1349 extern void ldv_main_exported_4(void);
1350 extern void ldv_main_exported_5(void);
1351
1352 //********************* LDV MAIN *********************
1353 //main
1354 void entry_point(void){
1355 ldv_initialize();
1356 //args for callbacks
1357 u32 ldvarg104;
1358 int *ldvarg105;
1359 u16 *ldvarg103;
1360 //initialization of machine states
1361 ldv_state_variable_6=0;
1362 ldv_state_variable_11=0;
1363 ldv_state_variable_3=0;
1364 ldv_state_variable_7=0;
1365 ldv_state_variable_9=0;
1366 ldv_state_variable_12=0;
1367 ldv_state_variable_2=0;
1368 ldv_state_variable_14=0;
1369 ldv_state_variable_8=0;
1370
1371 timer_init_1();
1372
1373 ldv_state_variable_1=1;
1374 ldv_state_variable_4=0;
1375 ref_cnt=0;
1376 ldv_state_variable_0=1;
1377 ldv_state_variable_13=0;
1378 ldv_state_variable_10=0;
1379 ldv_state_variable_5=0;
1380 while(1){
1381 switch(__VERIFIER_nondet_int()){
1382 case 0:{
1383 /*DEG-struct: handlers from structure fops_xmit*/
1384 /*DEG-CHECK: checking registration of fops_xmit structure*/
1385 if(ldv_state_variable_6 != 0){
1386 ldv_main_exported_6();
1387 }
1388 }
1389 break;
1390 case 1:{
1391 /*DEG-struct: handlers from structure ath9k_htc_ps_ops*/
1392 /*DEG-CHECK: checking registration of ath9k_htc_ps_ops structure*/
1393 if(ldv_state_variable_11 != 0){
1394 switch(__VERIFIER_nondet_int()){
1395 case 0:{
1396 /*DEG-state: state 1 (look at corresponding state-chart diagram for details)*/
1397 if(ldv_state_variable_11 == 1){
1398 /*DEG-CALL: handler restore from ath9k_htc_ps_ops*/
1399 (& ath9k_htc_op_ps_restore)(ath9k_htc_ps_ops_group0);
1400 /*DEG-postcall: default*/
1401 ldv_state_variable_11 = 1;
1402 }
1403 }
1404 break;
1405 case 1:{
1406 /*DEG-state: state 1 (look at corresponding state-chart diagram for details)*/
1407 if(ldv_state_variable_11 == 1){
1408 /*DEG-CALL: handler wakeup from ath9k_htc_ps_ops*/
1409 (& ath9k_htc_op_ps_wakeup)(ath9k_htc_ps_ops_group0);
1410 /*DEG-postcall: default*/
1411 ldv_state_variable_11 = 1;
1412 }
1413 }
1414 break;
1415 default: ldv_assume(0);
1416 }
1417 }
1418 }
1419 break;
1420 case 2:{
1421 /*DEG-struct: handlers from structure fops_queue*/
1422 /*DEG-CHECK: checking registration of fops_queue structure*/
1423 if(ldv_state_variable_3 != 0){
1424 ldv_main_exported_3();
1425 }
1426 }
1427 break;
1428 case 3:{
1429 /*DEG-struct: handlers from structure fops_tgt_rx_stats*/
1430 /*DEG-CHECK: checking registration of fops_tgt_rx_stats structure*/
1431 if(ldv_state_variable_7 != 0){
1432 ldv_main_exported_7();
1433 }
1434 }
1435 break;
1436 case 4:{
1437 /*DEG-struct: handlers from structure fops_tgt_int_stats*/
1438 /*DEG-CHECK: checking registration of fops_tgt_int_stats structure*/
1439 if(ldv_state_variable_9 != 0){
1440 ldv_main_exported_9();
1441 }
1442 }
1443 break;
1444 case 5:{
1445 /*DEG-struct: handlers from structure ath9k_htc_ops*/
1446 /*DEG-CHECK: checking registration of ath9k_htc_ops structure*/
1447 if(ldv_state_variable_12 != 0){
1448 ldv_main_exported_12();
1449 }
1450 }
1451 break;
1452 case 6:{
1453 /*DEG-struct: handlers from structure fops_debug*/
1454 /*DEG-CHECK: checking registration of fops_debug structure*/
1455 if(ldv_state_variable_2 != 0){
1456 ldv_main_exported_2();
1457 }
1458 }
1459 break;
1460 case 7:{
1461 /*DEG-struct: handlers from structure hif_usb*/
1462 /*DEG-CHECK: checking registration of hif_usb structure*/
1463 if(ldv_state_variable_14 != 0){
1464 ldv_main_exported_14();
1465 }
1466 }
1467 break;
1468 case 8:{
1469 /*DEG-struct: handlers from structure fops_tgt_tx_stats*/
1470 /*DEG-CHECK: checking registration of fops_tgt_tx_stats structure*/
1471 if(ldv_state_variable_8 != 0){
1472 ldv_main_exported_8();
1473 }
1474 }
1475 break;
1476 case 9:{
1477 /*DEG-struct: handlers from structure ldv_setup_timer_0*/
1478 /*DEG-CHECK: checking registration of ldv_setup_timer_0 structure*/
1479 if(ldv_state_variable_1 != 0){
1480 choose_timer_1();
1481 }
1482 }
1483 break;
1484 case 10:{
1485 /*DEG-struct: handlers from structure fops_slot*/
1486 /*DEG-CHECK: checking registration of fops_slot structure*/
1487 if(ldv_state_variable_4 != 0){
1488 ldv_main_exported_4();
1489 }
1490 }
1491 break;
1492 case 11:{
1493 /*DEG-struct: handlers from structure module*/
1494 /*DEG-CHECK: checking registration of module structure*/
1495 if(ldv_state_variable_0 != 0){
1496 switch(__VERIFIER_nondet_int()){
1497 case 0:{
1498 /*DEG-state: state 2 (look at corresponding state-chart diagram for details)*/
1499 if(ldv_state_variable_0 == 2 && ref_cnt==0){
1500 /*DEG-CALL: handler module_exit from module*/
1501 ath9k_htc_exit();
1502 ldv_state_variable_0 = 3;
1503 goto ldv_final;
1504 }
1505 }
1506 break;
1507 case 1:{
1508 /*DEG-state: state 1 (look at corresponding state-chart diagram for details)*/
1509 if(ldv_state_variable_0 == 1){
1510 /*DEG-CALL: handler module_init from module*/
1511 ldv_retval_8=ath9k_htc_init();
1512 if(ldv_retval_8!=0){
1513 ldv_state_variable_0 = 3;
1514 goto ldv_final;
1515 }
1516 /*DEG-postcall: if success*/
1517 if(ldv_retval_8==0){
1518 ldv_state_variable_0 = 2;
1519 ldv_state_variable_5 = 1;
1520 ldv_file_operations_5();
1521 ldv_state_variable_10 = 1;
1522 ldv_initialyze_ath_bus_ops_10();
1523 ldv_state_variable_4 = 1;
1524 ldv_file_operations_4();
1525 ldv_state_variable_8 = 1;
1526 ldv_file_operations_8();
1527 ldv_state_variable_14 = 1;
1528 ldv_state_variable_2 = 1;
1529 ldv_file_operations_2();
1530 ldv_state_variable_9 = 1;
1531 ldv_file_operations_9();
1532 ldv_state_variable_7 = 1;
1533 ldv_file_operations_7();
1534 ldv_state_variable_3 = 1;
1535 ldv_file_operations_3();
1536 ldv_state_variable_11 = 1;
1537 ldv_initialyze_ath_ps_ops_11();
1538 ldv_state_variable_6 = 1;
1539 ldv_file_operations_6();
1540 }
1541 }
1542 }
1543 break;
1544 default: ldv_assume(0);
1545 }
1546 }
1547 }
1548 break;
1549 case 12:{
1550 /*DEG-struct: handlers from structure ath9k_hif_usb_driver*/
1551 /*DEG-CHECK: checking registration of ath9k_hif_usb_driver structure*/
1552 if(ldv_state_variable_13 != 0){
1553 ldv_main_exported_13();
1554 }
1555 }
1556 break;
1557 case 13:{
1558 /*DEG-struct: handlers from structure ath9k_usb_bus_ops*/
1559 /*DEG-CHECK: checking registration of ath9k_usb_bus_ops structure*/
1560 if(ldv_state_variable_10 != 0){
1561 switch(__VERIFIER_nondet_int()){
1562 case 0:{
1563 /*DEG-state: state 2 (look at corresponding state-chart diagram for details)*/
1564 if(ldv_state_variable_10 == 2){
1565 /*DEG-CALL: handler read_cachesize from ath9k_usb_bus_ops*/
1566 (& ath_usb_read_cachesize)(ath9k_usb_bus_ops_group0,ldvarg105);
1567 /*DEG-postcall: default*/
1568 ldv_state_variable_10 = 2;
1569 }
1570 }
1571 break;
1572 case 1:{
1573 /*DEG-state: state 1 (look at corresponding state-chart diagram for details)*/
1574 if(ldv_state_variable_10 == 1){
1575 /*DEG-CALL: handler eeprom_read from ath9k_usb_bus_ops*/
1576 (& ath_usb_eeprom_read)(ath9k_usb_bus_ops_group0,ldvarg104,ldvarg103);
1577 /*DEG-postcall: default*/
1578 ldv_state_variable_10 = 1;
1579 }
1580 /*DEG-state: state 2 (look at corresponding state-chart diagram for details)*/
1581 if(ldv_state_variable_10 == 2){
1582 /*DEG-CALL: handler eeprom_read from ath9k_usb_bus_ops*/
1583 (& ath_usb_eeprom_read)(ath9k_usb_bus_ops_group0,ldvarg104,ldvarg103);
1584 /*DEG-postcall: default*/
1585 ldv_state_variable_10 = 2;
1586 }
1587 }
1588 break;
1589 case 2:{
1590 /*DEG-state: state 2 (look at corresponding state-chart diagram for details)*/
1591 if(ldv_state_variable_10 == 2){
1592 /*DEG-CALL: handler release from ath9k_usb_bus_ops*/
1593 ldv_release_10();
1594 /*DEG-postcall: module put*/
1595 ldv_state_variable_10 = 1;
1596 ref_cnt--;
1597 }
1598 }
1599 break;
1600 case 3:{
1601 /*DEG-state: state 1 (look at corresponding state-chart diagram for details)*/
1602 if(ldv_state_variable_10 == 1){
1603 /*DEG-CALL: handler probe from ath9k_usb_bus_ops*/
1604 ldv_probe_10();
1605 /*DEG-postcall: get module*/
1606 ldv_state_variable_10 = 2;
1607 ref_cnt++;
1608 }
1609 }
1610 break;
1611 default: ldv_assume(0);
1612 }
1613 }
1614 }
1615 break;
1616 case 14:{
1617 /*DEG-struct: handlers from structure fops_skb_rx*/
1618 /*DEG-CHECK: checking registration of fops_skb_rx structure*/
1619 if(ldv_state_variable_5 != 0){
1620 ldv_main_exported_5();
1621 }
1622 }
1623 break;
1624 default: ldv_assume(0);
1625 }
1626 }
1627 ldv_final:
1628 ldv_check_final_state();
1629 return;
1630 }
1631 /* DEG-ENVIRONMENT-END */ 1 /*
2 * Copyright (c) 2010-2011 Atheros Communications Inc.
3 *
4 * Permission to use, copy, modify, and/or distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice appear in all copies.
7 *
8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15 */
16
17 #include "htc.h"
18
19 /*************/
20 /* Utilities */
21 /*************/
22
23 /* HACK Alert: Use 11NG for 2.4, use 11NA for 5 */
24 static enum htc_phymode ath9k_htc_get_curmode(struct ath9k_htc_priv *priv,
25 struct ath9k_channel *ichan)
26 {
27 if (IS_CHAN_5GHZ(ichan))
28 return HTC_MODE_11NA;
29
30 return HTC_MODE_11NG;
31 }
32
33 bool ath9k_htc_setpower(struct ath9k_htc_priv *priv,
34 enum ath9k_power_mode mode)
35 {
36 bool ret;
37
38 mutex_lock(&priv->htc_pm_lock);
39 ret = ath9k_hw_setpower(priv->ah, mode);
40 mutex_unlock(&priv->htc_pm_lock);
41
42 return ret;
43 }
44
45 void ath9k_htc_ps_wakeup(struct ath9k_htc_priv *priv)
46 {
47 mutex_lock(&priv->htc_pm_lock);
48 if (++priv->ps_usecount != 1)
49 goto unlock;
50 ath9k_hw_setpower(priv->ah, ATH9K_PM_AWAKE);
51
52 unlock:
53 mutex_unlock(&priv->htc_pm_lock);
54 }
55
56 void ath9k_htc_ps_restore(struct ath9k_htc_priv *priv)
57 {
58 bool reset;
59
60 mutex_lock(&priv->htc_pm_lock);
61 if (--priv->ps_usecount != 0)
62 goto unlock;
63
64 if (priv->ps_idle) {
65 ath9k_hw_setrxabort(priv->ah, true);
66 ath9k_hw_stopdmarecv(priv->ah, &reset);
67 ath9k_hw_setpower(priv->ah, ATH9K_PM_FULL_SLEEP);
68 } else if (priv->ps_enabled) {
69 ath9k_hw_setpower(priv->ah, ATH9K_PM_NETWORK_SLEEP);
70 }
71
72 unlock:
73 mutex_unlock(&priv->htc_pm_lock);
74 }
75
76 void ath9k_ps_work(struct work_struct *work)
77 {
78 struct ath9k_htc_priv *priv =
79 container_of(work, struct ath9k_htc_priv,
80 ps_work);
81 ath9k_htc_setpower(priv, ATH9K_PM_AWAKE);
82
83 /* The chip wakes up after receiving the first beacon
84 while network sleep is enabled. For the driver to
85 be in sync with the hw, set the chip to awake and
86 only then set it to sleep.
87 */
88 ath9k_htc_setpower(priv, ATH9K_PM_NETWORK_SLEEP);
89 }
90
91 static void ath9k_htc_vif_iter(void *data, u8 *mac, struct ieee80211_vif *vif)
92 {
93 struct ath9k_htc_priv *priv = data;
94 struct ieee80211_bss_conf *bss_conf = &vif->bss_conf;
95
96 if ((vif->type == NL80211_IFTYPE_AP ||
97 vif->type == NL80211_IFTYPE_MESH_POINT) &&
98 bss_conf->enable_beacon) {
99 priv->reconfig_beacon = true;
100 priv->rearm_ani = true;
101 }
102
103 if (bss_conf->assoc) {
104 priv->rearm_ani = true;
105 priv->reconfig_beacon = true;
106 }
107 }
108
109 static void ath9k_htc_vif_reconfig(struct ath9k_htc_priv *priv)
110 {
111 priv->rearm_ani = false;
112 priv->reconfig_beacon = false;
113
114 ieee80211_iterate_active_interfaces_atomic(
115 priv->hw, IEEE80211_IFACE_ITER_RESUME_ALL,
116 ath9k_htc_vif_iter, priv);
117 if (priv->rearm_ani)
118 ath9k_htc_start_ani(priv);
119
120 if (priv->reconfig_beacon) {
121 ath9k_htc_ps_wakeup(priv);
122 ath9k_htc_beacon_reconfig(priv);
123 ath9k_htc_ps_restore(priv);
124 }
125 }
126
127 static void ath9k_htc_bssid_iter(void *data, u8 *mac, struct ieee80211_vif *vif)
128 {
129 struct ath9k_vif_iter_data *iter_data = data;
130 int i;
131
132 if (iter_data->hw_macaddr != NULL) {
133 for (i = 0; i < ETH_ALEN; i++)
134 iter_data->mask[i] &= ~(iter_data->hw_macaddr[i] ^ mac[i]);
135 } else {
136 iter_data->hw_macaddr = mac;
137 }
138 }
139
140 static void ath9k_htc_set_mac_bssid_mask(struct ath9k_htc_priv *priv,
141 struct ieee80211_vif *vif)
142 {
143 struct ath_common *common = ath9k_hw_common(priv->ah);
144 struct ath9k_vif_iter_data iter_data;
145
146 /*
147 * Pick the MAC address of the first interface as the new hardware
148 * MAC address. The hardware will use it together with the BSSID mask
149 * when matching addresses.
150 */
151 iter_data.hw_macaddr = NULL;
152 eth_broadcast_addr(iter_data.mask);
153
154 if (vif)
155 ath9k_htc_bssid_iter(&iter_data, vif->addr, vif);
156
157 /* Get list of all active MAC addresses */
158 ieee80211_iterate_active_interfaces_atomic(
159 priv->hw, IEEE80211_IFACE_ITER_RESUME_ALL,
160 ath9k_htc_bssid_iter, &iter_data);
161
162 memcpy(common->bssidmask, iter_data.mask, ETH_ALEN);
163
164 if (iter_data.hw_macaddr)
165 memcpy(common->macaddr, iter_data.hw_macaddr, ETH_ALEN);
166
167 ath_hw_setbssidmask(common);
168 }
169
170 static void ath9k_htc_set_opmode(struct ath9k_htc_priv *priv)
171 {
172 if (priv->num_ibss_vif)
173 priv->ah->opmode = NL80211_IFTYPE_ADHOC;
174 else if (priv->num_ap_vif)
175 priv->ah->opmode = NL80211_IFTYPE_AP;
176 else if (priv->num_mbss_vif)
177 priv->ah->opmode = NL80211_IFTYPE_MESH_POINT;
178 else
179 priv->ah->opmode = NL80211_IFTYPE_STATION;
180
181 ath9k_hw_setopmode(priv->ah);
182 }
183
184 void ath9k_htc_reset(struct ath9k_htc_priv *priv)
185 {
186 struct ath_hw *ah = priv->ah;
187 struct ath_common *common = ath9k_hw_common(ah);
188 struct ieee80211_channel *channel = priv->hw->conf.chandef.chan;
189 struct ath9k_hw_cal_data *caldata = NULL;
190 enum htc_phymode mode;
191 __be16 htc_mode;
192 u8 cmd_rsp;
193 int ret;
194
195 mutex_lock(&priv->mutex);
196 ath9k_htc_ps_wakeup(priv);
197
198 ath9k_htc_stop_ani(priv);
199 ieee80211_stop_queues(priv->hw);
200
201 del_timer_sync(&priv->tx.cleanup_timer);
202 ath9k_htc_tx_drain(priv);
203
204 WMI_CMD(WMI_DISABLE_INTR_CMDID);
205 WMI_CMD(WMI_DRAIN_TXQ_ALL_CMDID);
206 WMI_CMD(WMI_STOP_RECV_CMDID);
207
208 ath9k_wmi_event_drain(priv);
209
210 caldata = &priv->caldata;
211 ret = ath9k_hw_reset(ah, ah->curchan, caldata, false);
212 if (ret) {
213 ath_err(common,
214 "Unable to reset device (%u Mhz) reset status %d\n",
215 channel->center_freq, ret);
216 }
217
218 ath9k_cmn_update_txpow(ah, priv->curtxpow, priv->txpowlimit,
219 &priv->curtxpow);
220
221 WMI_CMD(WMI_START_RECV_CMDID);
222 ath9k_host_rx_init(priv);
223
224 mode = ath9k_htc_get_curmode(priv, ah->curchan);
225 htc_mode = cpu_to_be16(mode);
226 WMI_CMD_BUF(WMI_SET_MODE_CMDID, &htc_mode);
227
228 WMI_CMD(WMI_ENABLE_INTR_CMDID);
229 htc_start(priv->htc);
230 ath9k_htc_vif_reconfig(priv);
231 ieee80211_wake_queues(priv->hw);
232
233 mod_timer(&priv->tx.cleanup_timer,
234 jiffies + msecs_to_jiffies(ATH9K_HTC_TX_CLEANUP_INTERVAL));
235
236 ath9k_htc_ps_restore(priv);
237 mutex_unlock(&priv->mutex);
238 }
239
240 static int ath9k_htc_set_channel(struct ath9k_htc_priv *priv,
241 struct ieee80211_hw *hw,
242 struct ath9k_channel *hchan)
243 {
244 struct ath_hw *ah = priv->ah;
245 struct ath_common *common = ath9k_hw_common(ah);
246 struct ieee80211_conf *conf = &common->hw->conf;
247 bool fastcc;
248 struct ieee80211_channel *channel = hw->conf.chandef.chan;
249 struct ath9k_hw_cal_data *caldata = NULL;
250 enum htc_phymode mode;
251 __be16 htc_mode;
252 u8 cmd_rsp;
253 int ret;
254
255 if (test_bit(ATH_OP_INVALID, &common->op_flags))
256 return -EIO;
257
258 fastcc = !!(hw->conf.flags & IEEE80211_CONF_OFFCHANNEL);
259
260 ath9k_htc_ps_wakeup(priv);
261
262 ath9k_htc_stop_ani(priv);
263 del_timer_sync(&priv->tx.cleanup_timer);
264 ath9k_htc_tx_drain(priv);
265
266 WMI_CMD(WMI_DISABLE_INTR_CMDID);
267 WMI_CMD(WMI_DRAIN_TXQ_ALL_CMDID);
268 WMI_CMD(WMI_STOP_RECV_CMDID);
269
270 ath9k_wmi_event_drain(priv);
271
272 ath_dbg(common, CONFIG,
273 "(%u MHz) -> (%u MHz), HT: %d, HT40: %d fastcc: %d\n",
274 priv->ah->curchan->channel,
275 channel->center_freq, conf_is_ht(conf), conf_is_ht40(conf),
276 fastcc);
277
278 if (!fastcc)
279 caldata = &priv->caldata;
280
281 ret = ath9k_hw_reset(ah, hchan, caldata, fastcc);
282 if (ret) {
283 ath_err(common,
284 "Unable to reset channel (%u Mhz) reset status %d\n",
285 channel->center_freq, ret);
286 goto err;
287 }
288
289 ath9k_cmn_update_txpow(ah, priv->curtxpow, priv->txpowlimit,
290 &priv->curtxpow);
291
292 WMI_CMD(WMI_START_RECV_CMDID);
293 if (ret)
294 goto err;
295
296 ath9k_host_rx_init(priv);
297
298 mode = ath9k_htc_get_curmode(priv, hchan);
299 htc_mode = cpu_to_be16(mode);
300 WMI_CMD_BUF(WMI_SET_MODE_CMDID, &htc_mode);
301 if (ret)
302 goto err;
303
304 WMI_CMD(WMI_ENABLE_INTR_CMDID);
305 if (ret)
306 goto err;
307
308 htc_start(priv->htc);
309
310 if (!test_bit(ATH_OP_SCANNING, &common->op_flags) &&
311 !(hw->conf.flags & IEEE80211_CONF_OFFCHANNEL))
312 ath9k_htc_vif_reconfig(priv);
313
314 mod_timer(&priv->tx.cleanup_timer,
315 jiffies + msecs_to_jiffies(ATH9K_HTC_TX_CLEANUP_INTERVAL));
316
317 /* perform spectral scan if requested. */
318 if (test_bit(ATH_OP_SCANNING, &common->op_flags) &&
319 priv->spec_priv.spectral_mode == SPECTRAL_CHANSCAN)
320 ath9k_cmn_spectral_scan_trigger(common, &priv->spec_priv);
321 err:
322 ath9k_htc_ps_restore(priv);
323 return ret;
324 }
325
326 /*
327 * Monitor mode handling is a tad complicated because the firmware requires
328 * an interface to be created exclusively, while mac80211 doesn't associate
329 * an interface with the mode.
330 *
331 * So, for now, only one monitor interface can be configured.
332 */
333 static void __ath9k_htc_remove_monitor_interface(struct ath9k_htc_priv *priv)
334 {
335 struct ath_common *common = ath9k_hw_common(priv->ah);
336 struct ath9k_htc_target_vif hvif;
337 int ret = 0;
338 u8 cmd_rsp;
339
340 memset(&hvif, 0, sizeof(struct ath9k_htc_target_vif));
341 memcpy(&hvif.myaddr, common->macaddr, ETH_ALEN);
342 hvif.index = priv->mon_vif_idx;
343 WMI_CMD_BUF(WMI_VAP_REMOVE_CMDID, &hvif);
344 if (ret) {
345 ath_err(common, "Unable to remove monitor interface at idx: %d\n",
346 priv->mon_vif_idx);
347 }
348
349 priv->nvifs--;
350 priv->vif_slot &= ~(1 << priv->mon_vif_idx);
351 }
352
353 static int ath9k_htc_add_monitor_interface(struct ath9k_htc_priv *priv)
354 {
355 struct ath_common *common = ath9k_hw_common(priv->ah);
356 struct ath9k_htc_target_vif hvif;
357 struct ath9k_htc_target_sta tsta;
358 int ret = 0, sta_idx;
359 u8 cmd_rsp;
360
361 if ((priv->nvifs >= ATH9K_HTC_MAX_VIF) ||
362 (priv->nstations >= ATH9K_HTC_MAX_STA)) {
363 ret = -ENOBUFS;
364 goto err_vif;
365 }
366
367 sta_idx = ffz(priv->sta_slot);
368 if ((sta_idx < 0) || (sta_idx > ATH9K_HTC_MAX_STA)) {
369 ret = -ENOBUFS;
370 goto err_vif;
371 }
372
373 /*
374 * Add an interface.
375 */
376 memset(&hvif, 0, sizeof(struct ath9k_htc_target_vif));
377 memcpy(&hvif.myaddr, common->macaddr, ETH_ALEN);
378
379 hvif.opmode = HTC_M_MONITOR;
380 hvif.index = ffz(priv->vif_slot);
381
382 WMI_CMD_BUF(WMI_VAP_CREATE_CMDID, &hvif);
383 if (ret)
384 goto err_vif;
385
386 /*
387 * Assign the monitor interface index as a special case here.
388 * This is needed when the interface is brought down.
389 */
390 priv->mon_vif_idx = hvif.index;
391 priv->vif_slot |= (1 << hvif.index);
392
393 /*
394 * Set the hardware mode to monitor only if there are no
395 * other interfaces.
396 */
397 if (!priv->nvifs)
398 priv->ah->opmode = NL80211_IFTYPE_MONITOR;
399
400 priv->nvifs++;
401
402 /*
403 * Associate a station with the interface for packet injection.
404 */
405 memset(&tsta, 0, sizeof(struct ath9k_htc_target_sta));
406
407 memcpy(&tsta.macaddr, common->macaddr, ETH_ALEN);
408
409 tsta.is_vif_sta = 1;
410 tsta.sta_index = sta_idx;
411 tsta.vif_index = hvif.index;
412 tsta.maxampdu = cpu_to_be16(0xffff);
413
414 WMI_CMD_BUF(WMI_NODE_CREATE_CMDID, &tsta);
415 if (ret) {
416 ath_err(common, "Unable to add station entry for monitor mode\n");
417 goto err_sta;
418 }
419
420 priv->sta_slot |= (1 << sta_idx);
421 priv->nstations++;
422 priv->vif_sta_pos[priv->mon_vif_idx] = sta_idx;
423 priv->ah->is_monitoring = true;
424
425 ath_dbg(common, CONFIG,
426 "Attached a monitor interface at idx: %d, sta idx: %d\n",
427 priv->mon_vif_idx, sta_idx);
428
429 return 0;
430
431 err_sta:
432 /*
433 * Remove the interface from the target.
434 */
435 __ath9k_htc_remove_monitor_interface(priv);
436 err_vif:
437 ath_dbg(common, FATAL, "Unable to attach a monitor interface\n");
438
439 return ret;
440 }
441
442 static int ath9k_htc_remove_monitor_interface(struct ath9k_htc_priv *priv)
443 {
444 struct ath_common *common = ath9k_hw_common(priv->ah);
445 int ret = 0;
446 u8 cmd_rsp, sta_idx;
447
448 __ath9k_htc_remove_monitor_interface(priv);
449
450 sta_idx = priv->vif_sta_pos[priv->mon_vif_idx];
451
452 WMI_CMD_BUF(WMI_NODE_REMOVE_CMDID, &sta_idx);
453 if (ret) {
454 ath_err(common, "Unable to remove station entry for monitor mode\n");
455 return ret;
456 }
457
458 priv->sta_slot &= ~(1 << sta_idx);
459 priv->nstations--;
460 priv->ah->is_monitoring = false;
461
462 ath_dbg(common, CONFIG,
463 "Removed a monitor interface at idx: %d, sta idx: %d\n",
464 priv->mon_vif_idx, sta_idx);
465
466 return 0;
467 }
468
469 static int ath9k_htc_add_station(struct ath9k_htc_priv *priv,
470 struct ieee80211_vif *vif,
471 struct ieee80211_sta *sta)
472 {
473 struct ath_common *common = ath9k_hw_common(priv->ah);
474 struct ath9k_htc_target_sta tsta;
475 struct ath9k_htc_vif *avp = (struct ath9k_htc_vif *) vif->drv_priv;
476 struct ath9k_htc_sta *ista;
477 int ret, sta_idx;
478 u8 cmd_rsp;
479 u16 maxampdu;
480
481 if (priv->nstations >= ATH9K_HTC_MAX_STA)
482 return -ENOBUFS;
483
484 sta_idx = ffz(priv->sta_slot);
485 if ((sta_idx < 0) || (sta_idx > ATH9K_HTC_MAX_STA))
486 return -ENOBUFS;
487
488 memset(&tsta, 0, sizeof(struct ath9k_htc_target_sta));
489
490 if (sta) {
491 ista = (struct ath9k_htc_sta *) sta->drv_priv;
492 memcpy(&tsta.macaddr, sta->addr, ETH_ALEN);
493 memcpy(&tsta.bssid, common->curbssid, ETH_ALEN);
494 ista->index = sta_idx;
495 tsta.is_vif_sta = 0;
496 maxampdu = 1 << (IEEE80211_HT_MAX_AMPDU_FACTOR +
497 sta->ht_cap.ampdu_factor);
498 tsta.maxampdu = cpu_to_be16(maxampdu);
499 } else {
500 memcpy(&tsta.macaddr, vif->addr, ETH_ALEN);
501 tsta.is_vif_sta = 1;
502 tsta.maxampdu = cpu_to_be16(0xffff);
503 }
504
505 tsta.sta_index = sta_idx;
506 tsta.vif_index = avp->index;
507
508 WMI_CMD_BUF(WMI_NODE_CREATE_CMDID, &tsta);
509 if (ret) {
510 if (sta)
511 ath_err(common,
512 "Unable to add station entry for: %pM\n",
513 sta->addr);
514 return ret;
515 }
516
517 if (sta) {
518 ath_dbg(common, CONFIG,
519 "Added a station entry for: %pM (idx: %d)\n",
520 sta->addr, tsta.sta_index);
521 } else {
522 ath_dbg(common, CONFIG,
523 "Added a station entry for VIF %d (idx: %d)\n",
524 avp->index, tsta.sta_index);
525 }
526
527 priv->sta_slot |= (1 << sta_idx);
528 priv->nstations++;
529 if (!sta)
530 priv->vif_sta_pos[avp->index] = sta_idx;
531
532 return 0;
533 }
534
535 static int ath9k_htc_remove_station(struct ath9k_htc_priv *priv,
536 struct ieee80211_vif *vif,
537 struct ieee80211_sta *sta)
538 {
539 struct ath_common *common = ath9k_hw_common(priv->ah);
540 struct ath9k_htc_vif *avp = (struct ath9k_htc_vif *) vif->drv_priv;
541 struct ath9k_htc_sta *ista;
542 int ret;
543 u8 cmd_rsp, sta_idx;
544
545 if (sta) {
546 ista = (struct ath9k_htc_sta *) sta->drv_priv;
547 sta_idx = ista->index;
548 } else {
549 sta_idx = priv->vif_sta_pos[avp->index];
550 }
551
552 WMI_CMD_BUF(WMI_NODE_REMOVE_CMDID, &sta_idx);
553 if (ret) {
554 if (sta)
555 ath_err(common,
556 "Unable to remove station entry for: %pM\n",
557 sta->addr);
558 return ret;
559 }
560
561 if (sta) {
562 ath_dbg(common, CONFIG,
563 "Removed a station entry for: %pM (idx: %d)\n",
564 sta->addr, sta_idx);
565 } else {
566 ath_dbg(common, CONFIG,
567 "Removed a station entry for VIF %d (idx: %d)\n",
568 avp->index, sta_idx);
569 }
570
571 priv->sta_slot &= ~(1 << sta_idx);
572 priv->nstations--;
573
574 return 0;
575 }
576
577 int ath9k_htc_update_cap_target(struct ath9k_htc_priv *priv,
578 u8 enable_coex)
579 {
580 struct ath9k_htc_cap_target tcap;
581 int ret;
582 u8 cmd_rsp;
583
584 memset(&tcap, 0, sizeof(struct ath9k_htc_cap_target));
585
586 tcap.ampdu_limit = cpu_to_be32(0xffff);
587 tcap.ampdu_subframes = 0xff;
588 tcap.enable_coex = enable_coex;
589 tcap.tx_chainmask = priv->ah->caps.tx_chainmask;
590
591 WMI_CMD_BUF(WMI_TARGET_IC_UPDATE_CMDID, &tcap);
592
593 return ret;
594 }
595
596 static void ath9k_htc_setup_rate(struct ath9k_htc_priv *priv,
597 struct ieee80211_sta *sta,
598 struct ath9k_htc_target_rate *trate)
599 {
600 struct ath9k_htc_sta *ista = (struct ath9k_htc_sta *) sta->drv_priv;
601 struct ieee80211_supported_band *sband;
602 u32 caps = 0;
603 int i, j;
604
605 sband = priv->hw->wiphy->bands[priv->hw->conf.chandef.chan->band];
606
607 for (i = 0, j = 0; i < sband->n_bitrates; i++) {
608 if (sta->supp_rates[sband->band] & BIT(i)) {
609 trate->rates.legacy_rates.rs_rates[j]
610 = (sband->bitrates[i].bitrate * 2) / 10;
611 j++;
612 }
613 }
614 trate->rates.legacy_rates.rs_nrates = j;
615
616 if (sta->ht_cap.ht_supported) {
617 for (i = 0, j = 0; i < 77; i++) {
618 if (sta->ht_cap.mcs.rx_mask[i/8] & (1<<(i%8)))
619 trate->rates.ht_rates.rs_rates[j++] = i;
620 if (j == ATH_HTC_RATE_MAX)
621 break;
622 }
623 trate->rates.ht_rates.rs_nrates = j;
624
625 caps = WLAN_RC_HT_FLAG;
626 if (sta->ht_cap.cap & IEEE80211_HT_CAP_RX_STBC)
627 caps |= ATH_RC_TX_STBC_FLAG;
628 if (sta->ht_cap.mcs.rx_mask[1])
629 caps |= WLAN_RC_DS_FLAG;
630 if ((sta->ht_cap.cap & IEEE80211_HT_CAP_SUP_WIDTH_20_40) &&
631 (conf_is_ht40(&priv->hw->conf)))
632 caps |= WLAN_RC_40_FLAG;
633 if (conf_is_ht40(&priv->hw->conf) &&
634 (sta->ht_cap.cap & IEEE80211_HT_CAP_SGI_40))
635 caps |= WLAN_RC_SGI_FLAG;
636 else if (conf_is_ht20(&priv->hw->conf) &&
637 (sta->ht_cap.cap & IEEE80211_HT_CAP_SGI_20))
638 caps |= WLAN_RC_SGI_FLAG;
639 }
640
641 trate->sta_index = ista->index;
642 trate->isnew = 1;
643 trate->capflags = cpu_to_be32(caps);
644 }
645
646 static int ath9k_htc_send_rate_cmd(struct ath9k_htc_priv *priv,
647 struct ath9k_htc_target_rate *trate)
648 {
649 struct ath_common *common = ath9k_hw_common(priv->ah);
650 int ret;
651 u8 cmd_rsp;
652
653 WMI_CMD_BUF(WMI_RC_RATE_UPDATE_CMDID, trate);
654 if (ret) {
655 ath_err(common,
656 "Unable to initialize Rate information on target\n");
657 }
658
659 return ret;
660 }
661
662 static void ath9k_htc_init_rate(struct ath9k_htc_priv *priv,
663 struct ieee80211_sta *sta)
664 {
665 struct ath_common *common = ath9k_hw_common(priv->ah);
666 struct ath9k_htc_target_rate trate;
667 int ret;
668
669 memset(&trate, 0, sizeof(struct ath9k_htc_target_rate));
670 ath9k_htc_setup_rate(priv, sta, &trate);
671 ret = ath9k_htc_send_rate_cmd(priv, &trate);
672 if (!ret)
673 ath_dbg(common, CONFIG,
674 "Updated target sta: %pM, rate caps: 0x%X\n",
675 sta->addr, be32_to_cpu(trate.capflags));
676 }
677
678 static void ath9k_htc_update_rate(struct ath9k_htc_priv *priv,
679 struct ieee80211_vif *vif,
680 struct ieee80211_bss_conf *bss_conf)
681 {
682 struct ath_common *common = ath9k_hw_common(priv->ah);
683 struct ath9k_htc_target_rate trate;
684 struct ieee80211_sta *sta;
685 int ret;
686
687 memset(&trate, 0, sizeof(struct ath9k_htc_target_rate));
688
689 rcu_read_lock();
690 sta = ieee80211_find_sta(vif, bss_conf->bssid);
691 if (!sta) {
692 rcu_read_unlock();
693 return;
694 }
695 ath9k_htc_setup_rate(priv, sta, &trate);
696 rcu_read_unlock();
697
698 ret = ath9k_htc_send_rate_cmd(priv, &trate);
699 if (!ret)
700 ath_dbg(common, CONFIG,
701 "Updated target sta: %pM, rate caps: 0x%X\n",
702 bss_conf->bssid, be32_to_cpu(trate.capflags));
703 }
704
705 static int ath9k_htc_tx_aggr_oper(struct ath9k_htc_priv *priv,
706 struct ieee80211_vif *vif,
707 struct ieee80211_sta *sta,
708 enum ieee80211_ampdu_mlme_action action,
709 u16 tid)
710 {
711 struct ath_common *common = ath9k_hw_common(priv->ah);
712 struct ath9k_htc_target_aggr aggr;
713 struct ath9k_htc_sta *ista;
714 int ret = 0;
715 u8 cmd_rsp;
716
717 if (tid >= ATH9K_HTC_MAX_TID)
718 return -EINVAL;
719
720 memset(&aggr, 0, sizeof(struct ath9k_htc_target_aggr));
721 ista = (struct ath9k_htc_sta *) sta->drv_priv;
722
723 aggr.sta_index = ista->index;
724 aggr.tidno = tid & 0xf;
725 aggr.aggr_enable = (action == IEEE80211_AMPDU_TX_START) ? true : false;
726
727 WMI_CMD_BUF(WMI_TX_AGGR_ENABLE_CMDID, &aggr);
728 if (ret)
729 ath_dbg(common, CONFIG,
730 "Unable to %s TX aggregation for (%pM, %d)\n",
731 (aggr.aggr_enable) ? "start" : "stop", sta->addr, tid);
732 else
733 ath_dbg(common, CONFIG,
734 "%s TX aggregation for (%pM, %d)\n",
735 (aggr.aggr_enable) ? "Starting" : "Stopping",
736 sta->addr, tid);
737
738 spin_lock_bh(&priv->tx.tx_lock);
739 ista->tid_state[tid] = (aggr.aggr_enable && !ret) ? AGGR_START : AGGR_STOP;
740 spin_unlock_bh(&priv->tx.tx_lock);
741
742 return ret;
743 }
744
745 /*******/
746 /* ANI */
747 /*******/
748
749 void ath9k_htc_start_ani(struct ath9k_htc_priv *priv)
750 {
751 struct ath_common *common = ath9k_hw_common(priv->ah);
752 unsigned long timestamp = jiffies_to_msecs(jiffies);
753
754 common->ani.longcal_timer = timestamp;
755 common->ani.shortcal_timer = timestamp;
756 common->ani.checkani_timer = timestamp;
757
758 set_bit(ATH_OP_ANI_RUN, &common->op_flags);
759
760 ieee80211_queue_delayed_work(common->hw, &priv->ani_work,
761 msecs_to_jiffies(ATH_ANI_POLLINTERVAL));
762 }
763
764 void ath9k_htc_stop_ani(struct ath9k_htc_priv *priv)
765 {
766 struct ath_common *common = ath9k_hw_common(priv->ah);
767 cancel_delayed_work_sync(&priv->ani_work);
768 clear_bit(ATH_OP_ANI_RUN, &common->op_flags);
769 }
770
771 void ath9k_htc_ani_work(struct work_struct *work)
772 {
773 struct ath9k_htc_priv *priv =
774 container_of(work, struct ath9k_htc_priv, ani_work.work);
775 struct ath_hw *ah = priv->ah;
776 struct ath_common *common = ath9k_hw_common(ah);
777 bool longcal = false;
778 bool shortcal = false;
779 bool aniflag = false;
780 unsigned int timestamp = jiffies_to_msecs(jiffies);
781 u32 cal_interval, short_cal_interval;
782
783 short_cal_interval = (ah->opmode == NL80211_IFTYPE_AP) ?
784 ATH_AP_SHORT_CALINTERVAL : ATH_STA_SHORT_CALINTERVAL;
785
786 /* Only calibrate if awake */
787 if (ah->power_mode != ATH9K_PM_AWAKE)
788 goto set_timer;
789
790 /* Long calibration runs independently of short calibration. */
791 if ((timestamp - common->ani.longcal_timer) >= ATH_LONG_CALINTERVAL) {
792 longcal = true;
793 ath_dbg(common, ANI, "longcal @%lu\n", jiffies);
794 common->ani.longcal_timer = timestamp;
795 }
796
797 /*
798 * Short calibration applies only while caldone
799 * is false or -ETIMEDOUT
800 */
801 if (common->ani.caldone <= 0) {
802 if ((timestamp - common->ani.shortcal_timer) >=
803 short_cal_interval) {
804 shortcal = true;
805 ath_dbg(common, ANI, "shortcal @%lu\n", jiffies);
806 common->ani.shortcal_timer = timestamp;
807 common->ani.resetcal_timer = timestamp;
808 }
809 } else {
810 if ((timestamp - common->ani.resetcal_timer) >=
811 ATH_RESTART_CALINTERVAL) {
812 common->ani.caldone = ath9k_hw_reset_calvalid(ah);
813 if (common->ani.caldone)
814 common->ani.resetcal_timer = timestamp;
815 }
816 }
817
818 /* Verify whether we must check ANI */
819 if ((timestamp - common->ani.checkani_timer) >= ATH_ANI_POLLINTERVAL) {
820 aniflag = true;
821 common->ani.checkani_timer = timestamp;
822 }
823
824 /* Skip all processing if there's nothing to do. */
825 if (longcal || shortcal || aniflag) {
826
827 ath9k_htc_ps_wakeup(priv);
828
829 /* Call ANI routine if necessary */
830 if (aniflag)
831 ath9k_hw_ani_monitor(ah, ah->curchan);
832
833 /* Perform calibration if necessary */
834 if (longcal || shortcal)
835 common->ani.caldone =
836 ath9k_hw_calibrate(ah, ah->curchan,
837 ah->rxchainmask, longcal) > 0;
838
839 ath9k_htc_ps_restore(priv);
840 }
841
842 set_timer:
843 /*
844 * Set timer interval based on previous results.
845 * The interval must be the shortest necessary to satisfy ANI,
846 * short calibration and long calibration.
847 */
848 cal_interval = ATH_LONG_CALINTERVAL;
849 cal_interval = min(cal_interval, (u32)ATH_ANI_POLLINTERVAL);
850 /*
851 * Short calibration applies only while caldone
852 * is false or -ETIMEDOUT
853 */
854 if (common->ani.caldone <= 0)
855 cal_interval = min(cal_interval, (u32)short_cal_interval);
856
857 ieee80211_queue_delayed_work(common->hw, &priv->ani_work,
858 msecs_to_jiffies(cal_interval));
859 }
860
861 /**********************/
862 /* mac80211 Callbacks */
863 /**********************/
864
865 static void ath9k_htc_tx(struct ieee80211_hw *hw,
866 struct ieee80211_tx_control *control,
867 struct sk_buff *skb)
868 {
869 struct ieee80211_hdr *hdr;
870 struct ath9k_htc_priv *priv = hw->priv;
871 struct ath_common *common = ath9k_hw_common(priv->ah);
872 int padpos, padsize, ret, slot;
873
874 hdr = (struct ieee80211_hdr *) skb->data;
875
876 /* Add the padding after the header if this is not already done */
877 padpos = ieee80211_hdrlen(hdr->frame_control);
878 padsize = padpos & 3;
879 if (padsize && skb->len > padpos) {
880 if (skb_headroom(skb) < padsize) {
881 ath_dbg(common, XMIT, "No room for padding\n");
882 goto fail_tx;
883 }
884 skb_push(skb, padsize);
885 memmove(skb->data, skb->data + padsize, padpos);
886 }
887
888 slot = ath9k_htc_tx_get_slot(priv);
889 if (slot < 0) {
890 ath_dbg(common, XMIT, "No free TX slot\n");
891 goto fail_tx;
892 }
893
894 ret = ath9k_htc_tx_start(priv, control->sta, skb, slot, false);
895 if (ret != 0) {
896 ath_dbg(common, XMIT, "Tx failed\n");
897 goto clear_slot;
898 }
899
900 ath9k_htc_check_stop_queues(priv);
901
902 return;
903
904 clear_slot:
905 ath9k_htc_tx_clear_slot(priv, slot);
906 fail_tx:
907 dev_kfree_skb_any(skb);
908 }
909
910 static int ath9k_htc_start(struct ieee80211_hw *hw)
911 {
912 struct ath9k_htc_priv *priv = hw->priv;
913 struct ath_hw *ah = priv->ah;
914 struct ath_common *common = ath9k_hw_common(ah);
915 struct ieee80211_channel *curchan = hw->conf.chandef.chan;
916 struct ath9k_channel *init_channel;
917 int ret = 0;
918 enum htc_phymode mode;
919 __be16 htc_mode;
920 u8 cmd_rsp;
921
922 mutex_lock(&priv->mutex);
923
924 ath_dbg(common, CONFIG,
925 "Starting driver with initial channel: %d MHz\n",
926 curchan->center_freq);
927
928 /* Ensure that HW is awake before flushing RX */
929 ath9k_htc_setpower(priv, ATH9K_PM_AWAKE);
930 WMI_CMD(WMI_FLUSH_RECV_CMDID);
931
932 /* setup initial channel */
933 init_channel = ath9k_cmn_get_channel(hw, ah, &hw->conf.chandef);
934
935 ret = ath9k_hw_reset(ah, init_channel, ah->caldata, false);
936 if (ret) {
937 ath_err(common,
938 "Unable to reset hardware; reset status %d (freq %u MHz)\n",
939 ret, curchan->center_freq);
940 mutex_unlock(&priv->mutex);
941 return ret;
942 }
943
944 ath9k_cmn_update_txpow(ah, priv->curtxpow, priv->txpowlimit,
945 &priv->curtxpow);
946
947 mode = ath9k_htc_get_curmode(priv, init_channel);
948 htc_mode = cpu_to_be16(mode);
949 WMI_CMD_BUF(WMI_SET_MODE_CMDID, &htc_mode);
950 WMI_CMD(WMI_ATH_INIT_CMDID);
951 WMI_CMD(WMI_START_RECV_CMDID);
952
953 ath9k_host_rx_init(priv);
954
955 ret = ath9k_htc_update_cap_target(priv, 0);
956 if (ret)
957 ath_dbg(common, CONFIG,
958 "Failed to update capability in target\n");
959
960 clear_bit(ATH_OP_INVALID, &common->op_flags);
961 htc_start(priv->htc);
962
963 spin_lock_bh(&priv->tx.tx_lock);
964 priv->tx.flags &= ~ATH9K_HTC_OP_TX_QUEUES_STOP;
965 spin_unlock_bh(&priv->tx.tx_lock);
966
967 ieee80211_wake_queues(hw);
968
969 mod_timer(&priv->tx.cleanup_timer,
970 jiffies + msecs_to_jiffies(ATH9K_HTC_TX_CLEANUP_INTERVAL));
971
972 ath9k_htc_start_btcoex(priv);
973
974 mutex_unlock(&priv->mutex);
975
976 return ret;
977 }
978
979 static void ath9k_htc_stop(struct ieee80211_hw *hw)
980 {
981 struct ath9k_htc_priv *priv = hw->priv;
982 struct ath_hw *ah = priv->ah;
983 struct ath_common *common = ath9k_hw_common(ah);
984 int ret __attribute__ ((unused));
985 u8 cmd_rsp;
986
987 mutex_lock(&priv->mutex);
988
989 if (test_bit(ATH_OP_INVALID, &common->op_flags)) {
990 ath_dbg(common, ANY, "Device not present\n");
991 mutex_unlock(&priv->mutex);
992 return;
993 }
994
995 ath9k_htc_ps_wakeup(priv);
996
997 WMI_CMD(WMI_DISABLE_INTR_CMDID);
998 WMI_CMD(WMI_DRAIN_TXQ_ALL_CMDID);
999 WMI_CMD(WMI_STOP_RECV_CMDID);
1000
1001 tasklet_kill(&priv->rx_tasklet);
1002
1003 del_timer_sync(&priv->tx.cleanup_timer);
1004 ath9k_htc_tx_drain(priv);
1005 ath9k_wmi_event_drain(priv);
1006
1007 mutex_unlock(&priv->mutex);
1008
1009 /* Cancel all the running timers/work .. */
1010 cancel_work_sync(&priv->fatal_work);
1011 cancel_work_sync(&priv->ps_work);
1012
1013 #ifdef CONFIG_MAC80211_LEDS
1014 cancel_work_sync(&priv->led_work);
1015 #endif
1016 ath9k_htc_stop_ani(priv);
1017
1018 mutex_lock(&priv->mutex);
1019
1020 ath9k_htc_stop_btcoex(priv);
1021
1022 /* Remove a monitor interface if it's present. */
1023 if (priv->ah->is_monitoring)
1024 ath9k_htc_remove_monitor_interface(priv);
1025
1026 ath9k_hw_phy_disable(ah);
1027 ath9k_hw_disable(ah);
1028 ath9k_htc_ps_restore(priv);
1029 ath9k_htc_setpower(priv, ATH9K_PM_FULL_SLEEP);
1030
1031 set_bit(ATH_OP_INVALID, &common->op_flags);
1032
1033 ath_dbg(common, CONFIG, "Driver halt\n");
1034 mutex_unlock(&priv->mutex);
1035 }
1036
1037 static int ath9k_htc_add_interface(struct ieee80211_hw *hw,
1038 struct ieee80211_vif *vif)
1039 {
1040 struct ath9k_htc_priv *priv = hw->priv;
1041 struct ath9k_htc_vif *avp = (void *)vif->drv_priv;
1042 struct ath_common *common = ath9k_hw_common(priv->ah);
1043 struct ath9k_htc_target_vif hvif;
1044 int ret = 0;
1045 u8 cmd_rsp;
1046
1047 mutex_lock(&priv->mutex);
1048
1049 ath9k_htc_ps_wakeup(priv);
1050 memset(&hvif, 0, sizeof(struct ath9k_htc_target_vif));
1051 memcpy(&hvif.myaddr, vif->addr, ETH_ALEN);
1052
1053 switch (vif->type) {
1054 case NL80211_IFTYPE_STATION:
1055 hvif.opmode = HTC_M_STA;
1056 break;
1057 case NL80211_IFTYPE_ADHOC:
1058 hvif.opmode = HTC_M_IBSS;
1059 break;
1060 case NL80211_IFTYPE_AP:
1061 hvif.opmode = HTC_M_HOSTAP;
1062 break;
1063 case NL80211_IFTYPE_MESH_POINT:
1064 hvif.opmode = HTC_M_WDS; /* close enough */
1065 break;
1066 default:
1067 ath_err(common,
1068 "Interface type %d not yet supported\n", vif->type);
1069 ret = -EOPNOTSUPP;
1070 goto out;
1071 }
1072
1073 /* Index starts from zero on the target */
1074 avp->index = hvif.index = ffz(priv->vif_slot);
1075 hvif.rtsthreshold = cpu_to_be16(2304);
1076 WMI_CMD_BUF(WMI_VAP_CREATE_CMDID, &hvif);
1077 if (ret)
1078 goto out;
1079
1080 /*
1081 * We need a node in target to tx mgmt frames
1082 * before association.
1083 */
1084 ret = ath9k_htc_add_station(priv, vif, NULL);
1085 if (ret) {
1086 WMI_CMD_BUF(WMI_VAP_REMOVE_CMDID, &hvif);
1087 goto out;
1088 }
1089
1090 ath9k_htc_set_mac_bssid_mask(priv, vif);
1091
1092 priv->vif_slot |= (1 << avp->index);
1093 priv->nvifs++;
1094
1095 INC_VIF(priv, vif->type);
1096
1097 if ((vif->type == NL80211_IFTYPE_AP) ||
1098 (vif->type == NL80211_IFTYPE_MESH_POINT) ||
1099 (vif->type == NL80211_IFTYPE_ADHOC))
1100 ath9k_htc_assign_bslot(priv, vif);
1101
1102 ath9k_htc_set_opmode(priv);
1103
1104 if ((priv->ah->opmode == NL80211_IFTYPE_AP) &&
1105 !test_bit(ATH_OP_ANI_RUN, &common->op_flags)) {
1106 ath9k_hw_set_tsfadjust(priv->ah, true);
1107 ath9k_htc_start_ani(priv);
1108 }
1109
1110 ath_dbg(common, CONFIG, "Attach a VIF of type: %d at idx: %d\n",
1111 vif->type, avp->index);
1112
1113 out:
1114 ath9k_htc_ps_restore(priv);
1115 mutex_unlock(&priv->mutex);
1116
1117 return ret;
1118 }
1119
1120 static void ath9k_htc_remove_interface(struct ieee80211_hw *hw,
1121 struct ieee80211_vif *vif)
1122 {
1123 struct ath9k_htc_priv *priv = hw->priv;
1124 struct ath_common *common = ath9k_hw_common(priv->ah);
1125 struct ath9k_htc_vif *avp = (void *)vif->drv_priv;
1126 struct ath9k_htc_target_vif hvif;
1127 int ret = 0;
1128 u8 cmd_rsp;
1129
1130 mutex_lock(&priv->mutex);
1131 ath9k_htc_ps_wakeup(priv);
1132
1133 memset(&hvif, 0, sizeof(struct ath9k_htc_target_vif));
1134 memcpy(&hvif.myaddr, vif->addr, ETH_ALEN);
1135 hvif.index = avp->index;
1136 WMI_CMD_BUF(WMI_VAP_REMOVE_CMDID, &hvif);
1137 if (ret) {
1138 ath_err(common, "Unable to remove interface at idx: %d\n",
1139 avp->index);
1140 }
1141 priv->nvifs--;
1142 priv->vif_slot &= ~(1 << avp->index);
1143
1144 if (priv->csa_vif == vif)
1145 priv->csa_vif = NULL;
1146
1147 ath9k_htc_remove_station(priv, vif, NULL);
1148
1149 DEC_VIF(priv, vif->type);
1150
1151 if ((vif->type == NL80211_IFTYPE_AP) ||
1152 vif->type == NL80211_IFTYPE_MESH_POINT ||
1153 (vif->type == NL80211_IFTYPE_ADHOC))
1154 ath9k_htc_remove_bslot(priv, vif);
1155
1156 ath9k_htc_set_opmode(priv);
1157
1158 ath9k_htc_set_mac_bssid_mask(priv, vif);
1159
1160 /*
1161 * Stop ANI only if there are no associated station interfaces.
1162 */
1163 if ((vif->type == NL80211_IFTYPE_AP) && (priv->num_ap_vif == 0)) {
1164 priv->rearm_ani = false;
1165 ieee80211_iterate_active_interfaces_atomic(
1166 priv->hw, IEEE80211_IFACE_ITER_RESUME_ALL,
1167 ath9k_htc_vif_iter, priv);
1168 if (!priv->rearm_ani)
1169 ath9k_htc_stop_ani(priv);
1170 }
1171
1172 ath_dbg(common, CONFIG, "Detach Interface at idx: %d\n", avp->index);
1173
1174 ath9k_htc_ps_restore(priv);
1175 mutex_unlock(&priv->mutex);
1176 }
1177
1178 static int ath9k_htc_config(struct ieee80211_hw *hw, u32 changed)
1179 {
1180 struct ath9k_htc_priv *priv = hw->priv;
1181 struct ath_common *common = ath9k_hw_common(priv->ah);
1182 struct ieee80211_conf *conf = &hw->conf;
1183 bool chip_reset = false;
1184 int ret = 0;
1185
1186 mutex_lock(&priv->mutex);
1187 ath9k_htc_ps_wakeup(priv);
1188
1189 if (changed & IEEE80211_CONF_CHANGE_IDLE) {
1190 mutex_lock(&priv->htc_pm_lock);
1191
1192 priv->ps_idle = !!(conf->flags & IEEE80211_CONF_IDLE);
1193 if (!priv->ps_idle)
1194 chip_reset = true;
1195
1196 mutex_unlock(&priv->htc_pm_lock);
1197 }
1198
1199 /*
1200 * Monitor interface should be added before
1201 * IEEE80211_CONF_CHANGE_CHANNEL is handled.
1202 */
1203 if (changed & IEEE80211_CONF_CHANGE_MONITOR) {
1204 if ((conf->flags & IEEE80211_CONF_MONITOR) &&
1205 !priv->ah->is_monitoring)
1206 ath9k_htc_add_monitor_interface(priv);
1207 else if (priv->ah->is_monitoring)
1208 ath9k_htc_remove_monitor_interface(priv);
1209 }
1210
1211 if ((changed & IEEE80211_CONF_CHANGE_CHANNEL) || chip_reset) {
1212 struct ieee80211_channel *curchan = hw->conf.chandef.chan;
1213 int pos = curchan->hw_value;
1214
1215 ath_dbg(common, CONFIG, "Set channel: %d MHz\n",
1216 curchan->center_freq);
1217
1218 ath9k_cmn_get_channel(hw, priv->ah, &hw->conf.chandef);
1219 if (ath9k_htc_set_channel(priv, hw, &priv->ah->channels[pos]) < 0) {
1220 ath_err(common, "Unable to set channel\n");
1221 ret = -EINVAL;
1222 goto out;
1223 }
1224
1225 }
1226
1227 if (changed & IEEE80211_CONF_CHANGE_PS) {
1228 if (conf->flags & IEEE80211_CONF_PS) {
1229 ath9k_htc_setpower(priv, ATH9K_PM_NETWORK_SLEEP);
1230 priv->ps_enabled = true;
1231 } else {
1232 priv->ps_enabled = false;
1233 cancel_work_sync(&priv->ps_work);
1234 ath9k_htc_setpower(priv, ATH9K_PM_AWAKE);
1235 }
1236 }
1237
1238 if (changed & IEEE80211_CONF_CHANGE_POWER) {
1239 priv->txpowlimit = 2 * conf->power_level;
1240 ath9k_cmn_update_txpow(priv->ah, priv->curtxpow,
1241 priv->txpowlimit, &priv->curtxpow);
1242 }
1243
1244 out:
1245 ath9k_htc_ps_restore(priv);
1246 mutex_unlock(&priv->mutex);
1247 return ret;
1248 }
1249
1250 #define SUPPORTED_FILTERS \
1251 (FIF_ALLMULTI | \
1252 FIF_CONTROL | \
1253 FIF_PSPOLL | \
1254 FIF_OTHER_BSS | \
1255 FIF_BCN_PRBRESP_PROMISC | \
1256 FIF_PROBE_REQ | \
1257 FIF_FCSFAIL)
1258
1259 static void ath9k_htc_configure_filter(struct ieee80211_hw *hw,
1260 unsigned int changed_flags,
1261 unsigned int *total_flags,
1262 u64 multicast)
1263 {
1264 struct ath9k_htc_priv *priv = hw->priv;
1265 struct ath_common *common = ath9k_hw_common(priv->ah);
1266 u32 rfilt;
1267
1268 mutex_lock(&priv->mutex);
1269 changed_flags &= SUPPORTED_FILTERS;
1270 *total_flags &= SUPPORTED_FILTERS;
1271
1272 if (test_bit(ATH_OP_INVALID, &common->op_flags)) {
1273 ath_dbg(ath9k_hw_common(priv->ah), ANY,
1274 "Unable to configure filter on invalid state\n");
1275 mutex_unlock(&priv->mutex);
1276 return;
1277 }
1278 ath9k_htc_ps_wakeup(priv);
1279
1280 priv->rxfilter = *total_flags;
1281 rfilt = ath9k_htc_calcrxfilter(priv);
1282 ath9k_hw_setrxfilter(priv->ah, rfilt);
1283
1284 ath_dbg(ath9k_hw_common(priv->ah), CONFIG, "Set HW RX filter: 0x%x\n",
1285 rfilt);
1286
1287 ath9k_htc_ps_restore(priv);
1288 mutex_unlock(&priv->mutex);
1289 }
1290
1291 static void ath9k_htc_sta_rc_update_work(struct work_struct *work)
1292 {
1293 struct ath9k_htc_sta *ista =
1294 container_of(work, struct ath9k_htc_sta, rc_update_work);
1295 struct ieee80211_sta *sta =
1296 container_of((void *)ista, struct ieee80211_sta, drv_priv);
1297 struct ath9k_htc_priv *priv = ista->htc_priv;
1298 struct ath_common *common = ath9k_hw_common(priv->ah);
1299 struct ath9k_htc_target_rate trate;
1300
1301 mutex_lock(&priv->mutex);
1302 ath9k_htc_ps_wakeup(priv);
1303
1304 memset(&trate, 0, sizeof(struct ath9k_htc_target_rate));
1305 ath9k_htc_setup_rate(priv, sta, &trate);
1306 if (!ath9k_htc_send_rate_cmd(priv, &trate))
1307 ath_dbg(common, CONFIG,
1308 "Supported rates for sta: %pM updated, rate caps: 0x%X\n",
1309 sta->addr, be32_to_cpu(trate.capflags));
1310 else
1311 ath_dbg(common, CONFIG,
1312 "Unable to update supported rates for sta: %pM\n",
1313 sta->addr);
1314
1315 ath9k_htc_ps_restore(priv);
1316 mutex_unlock(&priv->mutex);
1317 }
1318
1319 static int ath9k_htc_sta_add(struct ieee80211_hw *hw,
1320 struct ieee80211_vif *vif,
1321 struct ieee80211_sta *sta)
1322 {
1323 struct ath9k_htc_priv *priv = hw->priv;
1324 struct ath9k_htc_sta *ista = (struct ath9k_htc_sta *) sta->drv_priv;
1325 int ret;
1326
1327 mutex_lock(&priv->mutex);
1328 ath9k_htc_ps_wakeup(priv);
1329 ret = ath9k_htc_add_station(priv, vif, sta);
1330 if (!ret) {
1331 INIT_WORK(&ista->rc_update_work, ath9k_htc_sta_rc_update_work);
1332 ista->htc_priv = priv;
1333 ath9k_htc_init_rate(priv, sta);
1334 }
1335 ath9k_htc_ps_restore(priv);
1336 mutex_unlock(&priv->mutex);
1337
1338 return ret;
1339 }
1340
1341 static int ath9k_htc_sta_remove(struct ieee80211_hw *hw,
1342 struct ieee80211_vif *vif,
1343 struct ieee80211_sta *sta)
1344 {
1345 struct ath9k_htc_priv *priv = hw->priv;
1346 struct ath9k_htc_sta *ista = (struct ath9k_htc_sta *) sta->drv_priv;
1347 int ret;
1348
1349 cancel_work_sync(&ista->rc_update_work);
1350
1351 mutex_lock(&priv->mutex);
1352 ath9k_htc_ps_wakeup(priv);
1353 htc_sta_drain(priv->htc, ista->index);
1354 ret = ath9k_htc_remove_station(priv, vif, sta);
1355 ath9k_htc_ps_restore(priv);
1356 mutex_unlock(&priv->mutex);
1357
1358 return ret;
1359 }
1360
1361 static void ath9k_htc_sta_rc_update(struct ieee80211_hw *hw,
1362 struct ieee80211_vif *vif,
1363 struct ieee80211_sta *sta, u32 changed)
1364 {
1365 struct ath9k_htc_sta *ista = (struct ath9k_htc_sta *) sta->drv_priv;
1366
1367 if (!(changed & IEEE80211_RC_SUPP_RATES_CHANGED))
1368 return;
1369
1370 schedule_work(&ista->rc_update_work);
1371 }
1372
1373 static int ath9k_htc_conf_tx(struct ieee80211_hw *hw,
1374 struct ieee80211_vif *vif, u16 queue,
1375 const struct ieee80211_tx_queue_params *params)
1376 {
1377 struct ath9k_htc_priv *priv = hw->priv;
1378 struct ath_common *common = ath9k_hw_common(priv->ah);
1379 struct ath9k_tx_queue_info qi;
1380 int ret = 0, qnum;
1381
1382 if (queue >= IEEE80211_NUM_ACS)
1383 return 0;
1384
1385 mutex_lock(&priv->mutex);
1386 ath9k_htc_ps_wakeup(priv);
1387
1388 memset(&qi, 0, sizeof(struct ath9k_tx_queue_info));
1389
1390 qi.tqi_aifs = params->aifs;
1391 qi.tqi_cwmin = params->cw_min;
1392 qi.tqi_cwmax = params->cw_max;
1393 qi.tqi_burstTime = params->txop * 32;
1394
1395 qnum = get_hw_qnum(queue, priv->hwq_map);
1396
1397 ath_dbg(common, CONFIG,
1398 "Configure tx [queue/hwq] [%d/%d], aifs: %d, cw_min: %d, cw_max: %d, txop: %d\n",
1399 queue, qnum, params->aifs, params->cw_min,
1400 params->cw_max, params->txop);
1401
1402 ret = ath_htc_txq_update(priv, qnum, &qi);
1403 if (ret) {
1404 ath_err(common, "TXQ Update failed\n");
1405 goto out;
1406 }
1407
1408 if ((priv->ah->opmode == NL80211_IFTYPE_ADHOC) &&
1409 (qnum == priv->hwq_map[IEEE80211_AC_BE]))
1410 ath9k_htc_beaconq_config(priv);
1411 out:
1412 ath9k_htc_ps_restore(priv);
1413 mutex_unlock(&priv->mutex);
1414
1415 return ret;
1416 }
1417
1418 static int ath9k_htc_set_key(struct ieee80211_hw *hw,
1419 enum set_key_cmd cmd,
1420 struct ieee80211_vif *vif,
1421 struct ieee80211_sta *sta,
1422 struct ieee80211_key_conf *key)
1423 {
1424 struct ath9k_htc_priv *priv = hw->priv;
1425 struct ath_common *common = ath9k_hw_common(priv->ah);
1426 int ret = 0;
1427
1428 if (htc_modparam_nohwcrypt)
1429 return -ENOSPC;
1430
1431 if ((vif->type == NL80211_IFTYPE_ADHOC ||
1432 vif->type == NL80211_IFTYPE_MESH_POINT) &&
1433 (key->cipher == WLAN_CIPHER_SUITE_TKIP ||
1434 key->cipher == WLAN_CIPHER_SUITE_CCMP) &&
1435 !(key->flags & IEEE80211_KEY_FLAG_PAIRWISE)) {
1436 /*
1437 * For now, disable hw crypto for the RSN IBSS group keys. This
1438 * could be optimized in the future to use a modified key cache
1439 * design to support per-STA RX GTK, but until that gets
1440 * implemented, use of software crypto for group addressed
1441 * frames is a acceptable to allow RSN IBSS to be used.
1442 */
1443 return -EOPNOTSUPP;
1444 }
1445
1446 mutex_lock(&priv->mutex);
1447 ath_dbg(common, CONFIG, "Set HW Key\n");
1448 ath9k_htc_ps_wakeup(priv);
1449
1450 switch (cmd) {
1451 case SET_KEY:
1452 ret = ath_key_config(common, vif, sta, key);
1453 if (ret >= 0) {
1454 key->hw_key_idx = ret;
1455 /* push IV and Michael MIC generation to stack */
1456 key->flags |= IEEE80211_KEY_FLAG_GENERATE_IV;
1457 if (key->cipher == WLAN_CIPHER_SUITE_TKIP)
1458 key->flags |= IEEE80211_KEY_FLAG_GENERATE_MMIC;
1459 if (priv->ah->sw_mgmt_crypto_tx &&
1460 key->cipher == WLAN_CIPHER_SUITE_CCMP)
1461 key->flags |= IEEE80211_KEY_FLAG_SW_MGMT_TX;
1462 ret = 0;
1463 }
1464 break;
1465 case DISABLE_KEY:
1466 ath_key_delete(common, key);
1467 break;
1468 default:
1469 ret = -EINVAL;
1470 }
1471
1472 ath9k_htc_ps_restore(priv);
1473 mutex_unlock(&priv->mutex);
1474
1475 return ret;
1476 }
1477
1478 static void ath9k_htc_set_bssid(struct ath9k_htc_priv *priv)
1479 {
1480 struct ath_common *common = ath9k_hw_common(priv->ah);
1481
1482 ath9k_hw_write_associd(priv->ah);
1483 ath_dbg(common, CONFIG, "BSSID: %pM aid: 0x%x\n",
1484 common->curbssid, common->curaid);
1485 }
1486
1487 static void ath9k_htc_bss_iter(void *data, u8 *mac, struct ieee80211_vif *vif)
1488 {
1489 struct ath9k_htc_priv *priv = (struct ath9k_htc_priv *)data;
1490 struct ath_common *common = ath9k_hw_common(priv->ah);
1491 struct ieee80211_bss_conf *bss_conf = &vif->bss_conf;
1492
1493 if ((vif->type == NL80211_IFTYPE_STATION) && bss_conf->assoc) {
1494 common->curaid = bss_conf->aid;
1495 common->last_rssi = ATH_RSSI_DUMMY_MARKER;
1496 memcpy(common->curbssid, bss_conf->bssid, ETH_ALEN);
1497 set_bit(ATH_OP_PRIM_STA_VIF, &common->op_flags);
1498 }
1499 }
1500
1501 static void ath9k_htc_choose_set_bssid(struct ath9k_htc_priv *priv)
1502 {
1503 if (priv->num_sta_assoc_vif == 1) {
1504 ieee80211_iterate_active_interfaces_atomic(
1505 priv->hw, IEEE80211_IFACE_ITER_RESUME_ALL,
1506 ath9k_htc_bss_iter, priv);
1507 ath9k_htc_set_bssid(priv);
1508 }
1509 }
1510
1511 static void ath9k_htc_bss_info_changed(struct ieee80211_hw *hw,
1512 struct ieee80211_vif *vif,
1513 struct ieee80211_bss_conf *bss_conf,
1514 u32 changed)
1515 {
1516 struct ath9k_htc_priv *priv = hw->priv;
1517 struct ath_hw *ah = priv->ah;
1518 struct ath_common *common = ath9k_hw_common(ah);
1519 int slottime;
1520
1521 mutex_lock(&priv->mutex);
1522 ath9k_htc_ps_wakeup(priv);
1523
1524 if (changed & BSS_CHANGED_ASSOC) {
1525 ath_dbg(common, CONFIG, "BSS Changed ASSOC %d\n",
1526 bss_conf->assoc);
1527
1528 bss_conf->assoc ?
1529 priv->num_sta_assoc_vif++ : priv->num_sta_assoc_vif--;
1530
1531 if (!bss_conf->assoc)
1532 clear_bit(ATH_OP_PRIM_STA_VIF, &common->op_flags);
1533
1534 if (priv->ah->opmode == NL80211_IFTYPE_STATION) {
1535 ath9k_htc_choose_set_bssid(priv);
1536 if (bss_conf->assoc && (priv->num_sta_assoc_vif == 1))
1537 ath9k_htc_start_ani(priv);
1538 else if (priv->num_sta_assoc_vif == 0)
1539 ath9k_htc_stop_ani(priv);
1540 }
1541 }
1542
1543 if (changed & BSS_CHANGED_IBSS) {
1544 if (priv->ah->opmode == NL80211_IFTYPE_ADHOC) {
1545 common->curaid = bss_conf->aid;
1546 memcpy(common->curbssid, bss_conf->bssid, ETH_ALEN);
1547 ath9k_htc_set_bssid(priv);
1548 }
1549 }
1550
1551 if ((changed & BSS_CHANGED_BEACON_ENABLED) && bss_conf->enable_beacon) {
1552 ath_dbg(common, CONFIG, "Beacon enabled for BSS: %pM\n",
1553 bss_conf->bssid);
1554 ath9k_htc_set_tsfadjust(priv, vif);
1555 priv->cur_beacon_conf.enable_beacon = 1;
1556 ath9k_htc_beacon_config(priv, vif);
1557 }
1558
1559 if ((changed & BSS_CHANGED_BEACON_ENABLED) && !bss_conf->enable_beacon) {
1560 /*
1561 * Disable SWBA interrupt only if there are no
1562 * concurrent AP/mesh or IBSS interfaces.
1563 */
1564 if ((priv->num_ap_vif + priv->num_mbss_vif <= 1) ||
1565 priv->num_ibss_vif) {
1566 ath_dbg(common, CONFIG,
1567 "Beacon disabled for BSS: %pM\n",
1568 bss_conf->bssid);
1569 priv->cur_beacon_conf.enable_beacon = 0;
1570 ath9k_htc_beacon_config(priv, vif);
1571 }
1572 }
1573
1574 if (changed & BSS_CHANGED_BEACON_INT) {
1575 /*
1576 * Reset the HW TSF for the first AP or mesh interface.
1577 */
1578 if (priv->nvifs == 1 &&
1579 ((priv->ah->opmode == NL80211_IFTYPE_AP &&
1580 vif->type == NL80211_IFTYPE_AP &&
1581 priv->num_ap_vif == 1) ||
1582 (priv->ah->opmode == NL80211_IFTYPE_MESH_POINT &&
1583 vif->type == NL80211_IFTYPE_MESH_POINT &&
1584 priv->num_mbss_vif == 1))) {
1585 set_bit(OP_TSF_RESET, &priv->op_flags);
1586 }
1587 ath_dbg(common, CONFIG,
1588 "Beacon interval changed for BSS: %pM\n",
1589 bss_conf->bssid);
1590 ath9k_htc_beacon_config(priv, vif);
1591 }
1592
1593 if (changed & BSS_CHANGED_ERP_SLOT) {
1594 if (bss_conf->use_short_slot)
1595 slottime = 9;
1596 else
1597 slottime = 20;
1598 if (vif->type == NL80211_IFTYPE_AP) {
1599 /*
1600 * Defer update, so that connected stations can adjust
1601 * their settings at the same time.
1602 * See beacon.c for more details
1603 */
1604 priv->beacon.slottime = slottime;
1605 priv->beacon.updateslot = UPDATE;
1606 } else {
1607 ah->slottime = slottime;
1608 ath9k_hw_init_global_settings(ah);
1609 }
1610 }
1611
1612 if (changed & BSS_CHANGED_HT)
1613 ath9k_htc_update_rate(priv, vif, bss_conf);
1614
1615 ath9k_htc_ps_restore(priv);
1616 mutex_unlock(&priv->mutex);
1617 }
1618
1619 static u64 ath9k_htc_get_tsf(struct ieee80211_hw *hw,
1620 struct ieee80211_vif *vif)
1621 {
1622 struct ath9k_htc_priv *priv = hw->priv;
1623 u64 tsf;
1624
1625 mutex_lock(&priv->mutex);
1626 ath9k_htc_ps_wakeup(priv);
1627 tsf = ath9k_hw_gettsf64(priv->ah);
1628 ath9k_htc_ps_restore(priv);
1629 mutex_unlock(&priv->mutex);
1630
1631 return tsf;
1632 }
1633
1634 static void ath9k_htc_set_tsf(struct ieee80211_hw *hw,
1635 struct ieee80211_vif *vif, u64 tsf)
1636 {
1637 struct ath9k_htc_priv *priv = hw->priv;
1638
1639 mutex_lock(&priv->mutex);
1640 ath9k_htc_ps_wakeup(priv);
1641 ath9k_hw_settsf64(priv->ah, tsf);
1642 ath9k_htc_ps_restore(priv);
1643 mutex_unlock(&priv->mutex);
1644 }
1645
1646 static void ath9k_htc_reset_tsf(struct ieee80211_hw *hw,
1647 struct ieee80211_vif *vif)
1648 {
1649 struct ath9k_htc_priv *priv = hw->priv;
1650
1651 mutex_lock(&priv->mutex);
1652 ath9k_htc_ps_wakeup(priv);
1653 ath9k_hw_reset_tsf(priv->ah);
1654 ath9k_htc_ps_restore(priv);
1655 mutex_unlock(&priv->mutex);
1656 }
1657
1658 static int ath9k_htc_ampdu_action(struct ieee80211_hw *hw,
1659 struct ieee80211_vif *vif,
1660 enum ieee80211_ampdu_mlme_action action,
1661 struct ieee80211_sta *sta,
1662 u16 tid, u16 *ssn, u8 buf_size, bool amsdu)
1663 {
1664 struct ath9k_htc_priv *priv = hw->priv;
1665 struct ath9k_htc_sta *ista;
1666 int ret = 0;
1667
1668 mutex_lock(&priv->mutex);
1669 ath9k_htc_ps_wakeup(priv);
1670
1671 switch (action) {
1672 case IEEE80211_AMPDU_RX_START:
1673 break;
1674 case IEEE80211_AMPDU_RX_STOP:
1675 break;
1676 case IEEE80211_AMPDU_TX_START:
1677 ret = ath9k_htc_tx_aggr_oper(priv, vif, sta, action, tid);
1678 if (!ret)
1679 ieee80211_start_tx_ba_cb_irqsafe(vif, sta->addr, tid);
1680 break;
1681 case IEEE80211_AMPDU_TX_STOP_CONT:
1682 case IEEE80211_AMPDU_TX_STOP_FLUSH:
1683 case IEEE80211_AMPDU_TX_STOP_FLUSH_CONT:
1684 ath9k_htc_tx_aggr_oper(priv, vif, sta, action, tid);
1685 ieee80211_stop_tx_ba_cb_irqsafe(vif, sta->addr, tid);
1686 break;
1687 case IEEE80211_AMPDU_TX_OPERATIONAL:
1688 ista = (struct ath9k_htc_sta *) sta->drv_priv;
1689 spin_lock_bh(&priv->tx.tx_lock);
1690 ista->tid_state[tid] = AGGR_OPERATIONAL;
1691 spin_unlock_bh(&priv->tx.tx_lock);
1692 break;
1693 default:
1694 ath_err(ath9k_hw_common(priv->ah), "Unknown AMPDU action\n");
1695 }
1696
1697 ath9k_htc_ps_restore(priv);
1698 mutex_unlock(&priv->mutex);
1699
1700 return ret;
1701 }
1702
1703 static void ath9k_htc_sw_scan_start(struct ieee80211_hw *hw,
1704 struct ieee80211_vif *vif,
1705 const u8 *mac_addr)
1706 {
1707 struct ath9k_htc_priv *priv = hw->priv;
1708 struct ath_common *common = ath9k_hw_common(priv->ah);
1709
1710 mutex_lock(&priv->mutex);
1711 spin_lock_bh(&priv->beacon_lock);
1712 set_bit(ATH_OP_SCANNING, &common->op_flags);
1713 spin_unlock_bh(&priv->beacon_lock);
1714 cancel_work_sync(&priv->ps_work);
1715 ath9k_htc_stop_ani(priv);
1716 mutex_unlock(&priv->mutex);
1717 }
1718
1719 static void ath9k_htc_sw_scan_complete(struct ieee80211_hw *hw,
1720 struct ieee80211_vif *vif)
1721 {
1722 struct ath9k_htc_priv *priv = hw->priv;
1723 struct ath_common *common = ath9k_hw_common(priv->ah);
1724
1725 mutex_lock(&priv->mutex);
1726 spin_lock_bh(&priv->beacon_lock);
1727 clear_bit(ATH_OP_SCANNING, &common->op_flags);
1728 spin_unlock_bh(&priv->beacon_lock);
1729 ath9k_htc_ps_wakeup(priv);
1730 ath9k_htc_vif_reconfig(priv);
1731 ath9k_htc_ps_restore(priv);
1732 mutex_unlock(&priv->mutex);
1733 }
1734
1735 static int ath9k_htc_set_rts_threshold(struct ieee80211_hw *hw, u32 value)
1736 {
1737 return 0;
1738 }
1739
1740 static void ath9k_htc_set_coverage_class(struct ieee80211_hw *hw,
1741 s16 coverage_class)
1742 {
1743 struct ath9k_htc_priv *priv = hw->priv;
1744
1745 mutex_lock(&priv->mutex);
1746 ath9k_htc_ps_wakeup(priv);
1747 priv->ah->coverage_class = coverage_class;
1748 ath9k_hw_init_global_settings(priv->ah);
1749 ath9k_htc_ps_restore(priv);
1750 mutex_unlock(&priv->mutex);
1751 }
1752
1753 /*
1754 * Currently, this is used only for selecting the minimum rate
1755 * for management frames, rate selection for data frames remain
1756 * unaffected.
1757 */
1758 static int ath9k_htc_set_bitrate_mask(struct ieee80211_hw *hw,
1759 struct ieee80211_vif *vif,
1760 const struct cfg80211_bitrate_mask *mask)
1761 {
1762 struct ath9k_htc_priv *priv = hw->priv;
1763 struct ath_common *common = ath9k_hw_common(priv->ah);
1764 struct ath9k_htc_target_rate_mask tmask;
1765 struct ath9k_htc_vif *avp = (void *)vif->drv_priv;
1766 int ret = 0;
1767 u8 cmd_rsp;
1768
1769 memset(&tmask, 0, sizeof(struct ath9k_htc_target_rate_mask));
1770
1771 tmask.vif_index = avp->index;
1772 tmask.band = IEEE80211_BAND_2GHZ;
1773 tmask.mask = cpu_to_be32(mask->control[IEEE80211_BAND_2GHZ].legacy);
1774
1775 WMI_CMD_BUF(WMI_BITRATE_MASK_CMDID, &tmask);
1776 if (ret) {
1777 ath_err(common,
1778 "Unable to set 2G rate mask for "
1779 "interface at idx: %d\n", avp->index);
1780 goto out;
1781 }
1782
1783 tmask.band = IEEE80211_BAND_5GHZ;
1784 tmask.mask = cpu_to_be32(mask->control[IEEE80211_BAND_5GHZ].legacy);
1785
1786 WMI_CMD_BUF(WMI_BITRATE_MASK_CMDID, &tmask);
1787 if (ret) {
1788 ath_err(common,
1789 "Unable to set 5G rate mask for "
1790 "interface at idx: %d\n", avp->index);
1791 goto out;
1792 }
1793
1794 ath_dbg(common, CONFIG, "Set bitrate masks: 0x%x, 0x%x\n",
1795 mask->control[IEEE80211_BAND_2GHZ].legacy,
1796 mask->control[IEEE80211_BAND_5GHZ].legacy);
1797 out:
1798 return ret;
1799 }
1800
1801
1802 static int ath9k_htc_get_stats(struct ieee80211_hw *hw,
1803 struct ieee80211_low_level_stats *stats)
1804 {
1805 struct ath9k_htc_priv *priv = hw->priv;
1806 struct ath_hw *ah = priv->ah;
1807 struct ath9k_mib_stats *mib_stats = &ah->ah_mibStats;
1808
1809 stats->dot11ACKFailureCount = mib_stats->ackrcv_bad;
1810 stats->dot11RTSFailureCount = mib_stats->rts_bad;
1811 stats->dot11FCSErrorCount = mib_stats->fcs_bad;
1812 stats->dot11RTSSuccessCount = mib_stats->rts_good;
1813
1814 return 0;
1815 }
1816
1817 struct base_eep_header *ath9k_htc_get_eeprom_base(struct ath9k_htc_priv *priv)
1818 {
1819 struct base_eep_header *pBase = NULL;
1820 /*
1821 * This can be done since all the 3 EEPROM families have the
1822 * same base header upto a certain point, and we are interested in
1823 * the data only upto that point.
1824 */
1825
1826 if (AR_SREV_9271(priv->ah))
1827 pBase = (struct base_eep_header *)
1828 &priv->ah->eeprom.map4k.baseEepHeader;
1829 else if (priv->ah->hw_version.usbdev == AR9280_USB)
1830 pBase = (struct base_eep_header *)
1831 &priv->ah->eeprom.def.baseEepHeader;
1832 else if (priv->ah->hw_version.usbdev == AR9287_USB)
1833 pBase = (struct base_eep_header *)
1834 &priv->ah->eeprom.map9287.baseEepHeader;
1835 return pBase;
1836 }
1837
1838
1839 static int ath9k_htc_get_antenna(struct ieee80211_hw *hw, u32 *tx_ant,
1840 u32 *rx_ant)
1841 {
1842 struct ath9k_htc_priv *priv = hw->priv;
1843 struct base_eep_header *pBase = ath9k_htc_get_eeprom_base(priv);
1844 if (pBase) {
1845 *tx_ant = pBase->txMask;
1846 *rx_ant = pBase->rxMask;
1847 } else {
1848 *tx_ant = 0;
1849 *rx_ant = 0;
1850 }
1851 return 0;
1852 }
1853
1854 static void ath9k_htc_channel_switch_beacon(struct ieee80211_hw *hw,
1855 struct ieee80211_vif *vif,
1856 struct cfg80211_chan_def *chandef)
1857 {
1858 struct ath9k_htc_priv *priv = hw->priv;
1859
1860 /* mac80211 does not support CSA in multi-if cases (yet) */
1861 if (WARN_ON(priv->csa_vif))
1862 return;
1863
1864 priv->csa_vif = vif;
1865 }
1866
1867 struct ieee80211_ops ath9k_htc_ops = {
1868 .tx = ath9k_htc_tx,
1869 .start = ath9k_htc_start,
1870 .stop = ath9k_htc_stop,
1871 .add_interface = ath9k_htc_add_interface,
1872 .remove_interface = ath9k_htc_remove_interface,
1873 .config = ath9k_htc_config,
1874 .configure_filter = ath9k_htc_configure_filter,
1875 .sta_add = ath9k_htc_sta_add,
1876 .sta_remove = ath9k_htc_sta_remove,
1877 .conf_tx = ath9k_htc_conf_tx,
1878 .sta_rc_update = ath9k_htc_sta_rc_update,
1879 .bss_info_changed = ath9k_htc_bss_info_changed,
1880 .set_key = ath9k_htc_set_key,
1881 .get_tsf = ath9k_htc_get_tsf,
1882 .set_tsf = ath9k_htc_set_tsf,
1883 .reset_tsf = ath9k_htc_reset_tsf,
1884 .ampdu_action = ath9k_htc_ampdu_action,
1885 .sw_scan_start = ath9k_htc_sw_scan_start,
1886 .sw_scan_complete = ath9k_htc_sw_scan_complete,
1887 .set_rts_threshold = ath9k_htc_set_rts_threshold,
1888 .rfkill_poll = ath9k_htc_rfkill_poll_state,
1889 .set_coverage_class = ath9k_htc_set_coverage_class,
1890 .set_bitrate_mask = ath9k_htc_set_bitrate_mask,
1891 .get_stats = ath9k_htc_get_stats,
1892 .get_antenna = ath9k_htc_get_antenna,
1893 .channel_switch_beacon = ath9k_htc_channel_switch_beacon,
1894
1895 #ifdef CONFIG_ATH9K_HTC_DEBUGFS
1896 .get_et_sset_count = ath9k_htc_get_et_sset_count,
1897 .get_et_stats = ath9k_htc_get_et_stats,
1898 .get_et_strings = ath9k_htc_get_et_strings,
1899 #endif
1900 }; 1
2 #include <linux/kernel.h>
3 #include <linux/mutex.h>
4 #include <linux/spinlock.h>
5 #include <linux/errno.h>
6 #include <verifier/rcv.h>
7 #include <linux/list.h>
8
9 /* mutexes */
10 extern int mutex_lock_interruptible(struct mutex *lock);
11 extern int mutex_lock_killable(struct mutex *lock);
12 extern void mutex_lock(struct mutex *lock);
13
14 /* mutex model functions */
15 extern void ldv_mutex_lock(struct mutex *lock, char *sign);
16 extern int ldv_mutex_is_locked(struct mutex *lock, char *sign);
17 extern void ldv_mutex_unlock(struct mutex *lock, char *sign);
18
19
20 /* Spin locks */
21 extern void __ldv_spin_lock(spinlock_t *lock);
22 extern void __ldv_spin_unlock(spinlock_t *lock);
23 extern int __ldv_spin_trylock(spinlock_t *lock);
24 extern void __ldv_spin_unlock_wait(spinlock_t *lock);
25 extern void __ldv_spin_can_lock(spinlock_t *lock);
26 extern int __ldv_atomic_dec_and_lock(spinlock_t *lock);
27
28 /* spin model functions */
29 extern void ldv_spin_lock(spinlock_t *lock, char *sign);
30 extern void ldv_spin_unlock(spinlock_t *lock, char *sign);
31 extern int ldv_spin_is_locked(spinlock_t *lock, char *sign);
32
33 /* Support for list binder functions */
34 static inline struct list_head *ldv_list_get_first(struct list_head *head) {
35 return head->next;
36 }
37
38 static inline int ldv_list_is_stop(struct list_head *pos, struct list_head *head) {
39 return pos==head;
40 }
41
42 static inline struct list_head *ldv_list_get_next(struct list_head *pos) {
43 return pos->next;
44 }
45
46 #include <linux/mutex.h>
47 #include <linux/slab.h>
48 #include <verifier/rcv.h>
49 #include <linux/timer.h>
50 #include <linux/rtnetlink.h>
51 #include <linux/gfp.h>
52 extern struct file *fops_xmit_group2;
53 extern int ldv_state_variable_8;
54 extern int ldv_timer_1_3;
55 extern struct ath_common *ath9k_usb_bus_ops_group0;
56 extern struct inode *fops_debug_group1;
57 extern struct inode *fops_queue_group1;
58 extern struct ath_common *ath9k_htc_ps_ops_group0;
59 extern int ldv_state_variable_0;
60 extern int ldv_state_variable_5;
61 extern int ldv_state_variable_13;
62 extern int ldv_state_variable_12;
63 extern struct file *fops_tgt_tx_stats_group2;
64 extern struct file *fops_queue_group2;
65 extern int ldv_state_variable_14;
66 extern int ldv_timer_1_0;
67 extern int ldv_state_variable_9;
68 extern struct inode *fops_tgt_tx_stats_group1;
69 extern struct file *fops_debug_group2;
70 extern int ref_cnt;
71 extern struct mutex key_mtx;
72 extern int ldv_state_variable_1;
73 extern int ldv_state_variable_7;
74 extern struct inode *fops_xmit_group1;
75 extern struct inode *fops_skb_rx_group1;
76 extern struct file *fops_tgt_int_stats_group2;
77 extern struct usb_interface *ath9k_hif_usb_driver_group1;
78 extern struct timer_list * ldv_timer_list_1_3;
79 extern int ldv_state_variable_10;
80 extern struct timer_list * ldv_timer_list_1_1;
81 extern struct timer_list * ldv_timer_list_1_0;
82 extern int ldv_state_variable_6;
83 extern int ldv_timer_1_2;
84 extern int ldv_timer_1_1;
85 extern int ldv_state_variable_2;
86 extern struct timer_list * ldv_timer_list_1_2;
87 extern struct inode *fops_tgt_int_stats_group1;
88 extern struct ieee80211_hw *ath9k_htc_ops_group0;
89 extern int usb_counter;
90 extern int ldv_state_variable_11;
91 extern struct file *fops_slot_group2;
92 extern int LDV_IN_INTERRUPT = 1;
93 extern struct inode *fops_slot_group1;
94 extern struct inode *fops_tgt_rx_stats_group1;
95 extern struct file *fops_tgt_rx_stats_group2;
96 extern struct mutex fs_mutex;
97 extern int ldv_state_variable_3;
98 extern struct mutex ar_mutex;
99 extern struct file *fops_skb_rx_group2;
100 extern int ldv_state_variable_4;
101 extern void ldv_file_operations_7(void);
102 extern void ldv_file_operations_6(void);
103 extern void ldv_file_operations_2(void);
104 extern void activate_pending_timer_1(struct timer_list * timer, unsigned long data, int pending_flag);
105 extern void ldv_initialyze_ath_bus_ops_10(void);
106 extern int evil_hack_12(void);
107 extern void timer_init_1(void);
108 extern void ldv_file_operations_9(void);
109 extern void ldv_usb_driver_13(void);
110 extern void ldv_file_operations_3(void);
111 extern void ldv_file_operations_8(void);
112 extern int reg_timer_1(struct timer_list * timer, void (*function)(unsigned long), unsigned long data);
113 extern void ldv_initialyze_ath_ps_ops_11(void);
114 extern int evil_hack_key_12(void);
115 extern void ldv_initialyze_ieee80211_ops_12(void);
116 extern void disable_suitable_timer_1(struct timer_list * timer);
117 extern void activate_suitable_timer_1(struct timer_list * timer, unsigned long data);
118 extern int evil_hack_fs_lock(void);
119 extern int __VERIFIER_nondet_int(void);
120 extern void ldv_file_operations_5(void);
121 extern void choose_timer_1(void);
122 extern void ldv_timer_1(int state, struct timer_list * timer);
123 extern int evil_hack_ar_lock(void);
124 extern void ldv_file_operations_4(void);
125 #line 1 "/work/ldvuser/andrianov/work/current--X--drivers/net/wireless/ath/ath9k/--X--defaultlinux-4.5-rc7--X--races--X--cpachecker/linux-4.5-rc7/csd_deg_dscv/74/dscv_tempdir/dscv/ri/races/drivers/net/wireless/ath/ath9k/htc_drv_main.c"
126 /*
127 * Copyright (c) 2010-2011 Atheros Communications Inc.
128 *
129 * Permission to use, copy, modify, and/or distribute this software for any
130 * purpose with or without fee is hereby granted, provided that the above
131 * copyright notice and this permission notice appear in all copies.
132 *
133 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
134 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
135 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
136 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
137 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
138 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
139 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
140 */
141
142 #include "htc.h"
143
144 /*************/
145 /* Utilities */
146 /*************/
147
148 /* HACK Alert: Use 11NG for 2.4, use 11NA for 5 */
149 static enum htc_phymode ath9k_htc_get_curmode(struct ath9k_htc_priv *priv,
150 struct ath9k_channel *ichan)
151 {
152 if (IS_CHAN_5GHZ(ichan))
153 return HTC_MODE_11NA;
154
155 return HTC_MODE_11NG;
156 }
157
158 bool ath9k_htc_setpower(struct ath9k_htc_priv *priv,
159 enum ath9k_power_mode mode)
160 {
161 bool ret;
162
163 mutex_lock(&priv->htc_pm_lock);
164 ret = ath9k_hw_setpower(priv->ah, mode);
165 mutex_unlock(&priv->htc_pm_lock);
166
167 return ret;
168 }
169
170 void ath9k_htc_ps_wakeup(struct ath9k_htc_priv *priv)
171 {
172 mutex_lock(&priv->htc_pm_lock);
173 if (++priv->ps_usecount != 1)
174 goto unlock;
175 ath9k_hw_setpower(priv->ah, ATH9K_PM_AWAKE);
176
177 unlock:
178 mutex_unlock(&priv->htc_pm_lock);
179 }
180
181 void ath9k_htc_ps_restore(struct ath9k_htc_priv *priv)
182 {
183 bool reset;
184
185 mutex_lock(&priv->htc_pm_lock);
186 if (--priv->ps_usecount != 0)
187 goto unlock;
188
189 if (priv->ps_idle) {
190 ath9k_hw_setrxabort(priv->ah, true);
191 ath9k_hw_stopdmarecv(priv->ah, &reset);
192 ath9k_hw_setpower(priv->ah, ATH9K_PM_FULL_SLEEP);
193 } else if (priv->ps_enabled) {
194 ath9k_hw_setpower(priv->ah, ATH9K_PM_NETWORK_SLEEP);
195 }
196
197 unlock:
198 mutex_unlock(&priv->htc_pm_lock);
199 }
200
201 void ath9k_ps_work(struct work_struct *work)
202 {
203 struct ath9k_htc_priv *priv =
204 container_of(work, struct ath9k_htc_priv,
205 ps_work);
206 ath9k_htc_setpower(priv, ATH9K_PM_AWAKE);
207
208 /* The chip wakes up after receiving the first beacon
209 while network sleep is enabled. For the driver to
210 be in sync with the hw, set the chip to awake and
211 only then set it to sleep.
212 */
213 ath9k_htc_setpower(priv, ATH9K_PM_NETWORK_SLEEP);
214 }
215
216 static void ath9k_htc_vif_iter(void *data, u8 *mac, struct ieee80211_vif *vif)
217 {
218 struct ath9k_htc_priv *priv = data;
219 struct ieee80211_bss_conf *bss_conf = &vif->bss_conf;
220
221 if ((vif->type == NL80211_IFTYPE_AP ||
222 vif->type == NL80211_IFTYPE_MESH_POINT) &&
223 bss_conf->enable_beacon) {
224 priv->reconfig_beacon = true;
225 priv->rearm_ani = true;
226 }
227
228 if (bss_conf->assoc) {
229 priv->rearm_ani = true;
230 priv->reconfig_beacon = true;
231 }
232 }
233
234 static void ath9k_htc_vif_reconfig(struct ath9k_htc_priv *priv)
235 {
236 priv->rearm_ani = false;
237 priv->reconfig_beacon = false;
238
239 ieee80211_iterate_active_interfaces_atomic(
240 priv->hw, IEEE80211_IFACE_ITER_RESUME_ALL,
241 ath9k_htc_vif_iter, priv);
242 if (priv->rearm_ani)
243 ath9k_htc_start_ani(priv);
244
245 if (priv->reconfig_beacon) {
246 ath9k_htc_ps_wakeup(priv);
247 ath9k_htc_beacon_reconfig(priv);
248 ath9k_htc_ps_restore(priv);
249 }
250 }
251
252 static void ath9k_htc_bssid_iter(void *data, u8 *mac, struct ieee80211_vif *vif)
253 {
254 struct ath9k_vif_iter_data *iter_data = data;
255 int i;
256
257 if (iter_data->hw_macaddr != NULL) {
258 for (i = 0; i < ETH_ALEN; i++)
259 iter_data->mask[i] &= ~(iter_data->hw_macaddr[i] ^ mac[i]);
260 } else {
261 iter_data->hw_macaddr = mac;
262 }
263 }
264
265 static void ath9k_htc_set_mac_bssid_mask(struct ath9k_htc_priv *priv,
266 struct ieee80211_vif *vif)
267 {
268 struct ath_common *common = ath9k_hw_common(priv->ah);
269 struct ath9k_vif_iter_data iter_data;
270
271 /*
272 * Pick the MAC address of the first interface as the new hardware
273 * MAC address. The hardware will use it together with the BSSID mask
274 * when matching addresses.
275 */
276 iter_data.hw_macaddr = NULL;
277 eth_broadcast_addr(iter_data.mask);
278
279 if (vif)
280 ath9k_htc_bssid_iter(&iter_data, vif->addr, vif);
281
282 /* Get list of all active MAC addresses */
283 ieee80211_iterate_active_interfaces_atomic(
284 priv->hw, IEEE80211_IFACE_ITER_RESUME_ALL,
285 ath9k_htc_bssid_iter, &iter_data);
286
287 memcpy(common->bssidmask, iter_data.mask, ETH_ALEN);
288
289 if (iter_data.hw_macaddr)
290 memcpy(common->macaddr, iter_data.hw_macaddr, ETH_ALEN);
291
292 ath_hw_setbssidmask(common);
293 }
294
295 static void ath9k_htc_set_opmode(struct ath9k_htc_priv *priv)
296 {
297 if (priv->num_ibss_vif)
298 priv->ah->opmode = NL80211_IFTYPE_ADHOC;
299 else if (priv->num_ap_vif)
300 priv->ah->opmode = NL80211_IFTYPE_AP;
301 else if (priv->num_mbss_vif)
302 priv->ah->opmode = NL80211_IFTYPE_MESH_POINT;
303 else
304 priv->ah->opmode = NL80211_IFTYPE_STATION;
305
306 ath9k_hw_setopmode(priv->ah);
307 }
308
309 void ath9k_htc_reset(struct ath9k_htc_priv *priv)
310 {
311 struct ath_hw *ah = priv->ah;
312 struct ath_common *common = ath9k_hw_common(ah);
313 struct ieee80211_channel *channel = priv->hw->conf.chandef.chan;
314 struct ath9k_hw_cal_data *caldata = NULL;
315 enum htc_phymode mode;
316 __be16 htc_mode;
317 u8 cmd_rsp;
318 int ret;
319
320 mutex_lock(&priv->mutex);
321 ath9k_htc_ps_wakeup(priv);
322
323 ath9k_htc_stop_ani(priv);
324 ieee80211_stop_queues(priv->hw);
325
326 del_timer_sync(&priv->tx.cleanup_timer);
327 ath9k_htc_tx_drain(priv);
328
329 WMI_CMD(WMI_DISABLE_INTR_CMDID);
330 WMI_CMD(WMI_DRAIN_TXQ_ALL_CMDID);
331 WMI_CMD(WMI_STOP_RECV_CMDID);
332
333 ath9k_wmi_event_drain(priv);
334
335 caldata = &priv->caldata;
336 ret = ath9k_hw_reset(ah, ah->curchan, caldata, false);
337 if (ret) {
338 ath_err(common,
339 "Unable to reset device (%u Mhz) reset status %d\n",
340 channel->center_freq, ret);
341 }
342
343 ath9k_cmn_update_txpow(ah, priv->curtxpow, priv->txpowlimit,
344 &priv->curtxpow);
345
346 WMI_CMD(WMI_START_RECV_CMDID);
347 ath9k_host_rx_init(priv);
348
349 mode = ath9k_htc_get_curmode(priv, ah->curchan);
350 htc_mode = cpu_to_be16(mode);
351 WMI_CMD_BUF(WMI_SET_MODE_CMDID, &htc_mode);
352
353 WMI_CMD(WMI_ENABLE_INTR_CMDID);
354 htc_start(priv->htc);
355 ath9k_htc_vif_reconfig(priv);
356 ieee80211_wake_queues(priv->hw);
357
358 mod_timer(&priv->tx.cleanup_timer,
359 jiffies + msecs_to_jiffies(ATH9K_HTC_TX_CLEANUP_INTERVAL));
360
361 ath9k_htc_ps_restore(priv);
362 mutex_unlock(&priv->mutex);
363 }
364
365 static int ath9k_htc_set_channel(struct ath9k_htc_priv *priv,
366 struct ieee80211_hw *hw,
367 struct ath9k_channel *hchan)
368 {
369 struct ath_hw *ah = priv->ah;
370 struct ath_common *common = ath9k_hw_common(ah);
371 struct ieee80211_conf *conf = &common->hw->conf;
372 bool fastcc;
373 struct ieee80211_channel *channel = hw->conf.chandef.chan;
374 struct ath9k_hw_cal_data *caldata = NULL;
375 enum htc_phymode mode;
376 __be16 htc_mode;
377 u8 cmd_rsp;
378 int ret;
379
380 if (test_bit(ATH_OP_INVALID, &common->op_flags))
381 return -EIO;
382
383 fastcc = !!(hw->conf.flags & IEEE80211_CONF_OFFCHANNEL);
384
385 ath9k_htc_ps_wakeup(priv);
386
387 ath9k_htc_stop_ani(priv);
388 del_timer_sync(&priv->tx.cleanup_timer);
389 ath9k_htc_tx_drain(priv);
390
391 WMI_CMD(WMI_DISABLE_INTR_CMDID);
392 WMI_CMD(WMI_DRAIN_TXQ_ALL_CMDID);
393 WMI_CMD(WMI_STOP_RECV_CMDID);
394
395 ath9k_wmi_event_drain(priv);
396
397 ath_dbg(common, CONFIG,
398 "(%u MHz) -> (%u MHz), HT: %d, HT40: %d fastcc: %d\n",
399 priv->ah->curchan->channel,
400 channel->center_freq, conf_is_ht(conf), conf_is_ht40(conf),
401 fastcc);
402
403 if (!fastcc)
404 caldata = &priv->caldata;
405
406 ret = ath9k_hw_reset(ah, hchan, caldata, fastcc);
407 if (ret) {
408 ath_err(common,
409 "Unable to reset channel (%u Mhz) reset status %d\n",
410 channel->center_freq, ret);
411 goto err;
412 }
413
414 ath9k_cmn_update_txpow(ah, priv->curtxpow, priv->txpowlimit,
415 &priv->curtxpow);
416
417 WMI_CMD(WMI_START_RECV_CMDID);
418 if (ret)
419 goto err;
420
421 ath9k_host_rx_init(priv);
422
423 mode = ath9k_htc_get_curmode(priv, hchan);
424 htc_mode = cpu_to_be16(mode);
425 WMI_CMD_BUF(WMI_SET_MODE_CMDID, &htc_mode);
426 if (ret)
427 goto err;
428
429 WMI_CMD(WMI_ENABLE_INTR_CMDID);
430 if (ret)
431 goto err;
432
433 htc_start(priv->htc);
434
435 if (!test_bit(ATH_OP_SCANNING, &common->op_flags) &&
436 !(hw->conf.flags & IEEE80211_CONF_OFFCHANNEL))
437 ath9k_htc_vif_reconfig(priv);
438
439 mod_timer(&priv->tx.cleanup_timer,
440 jiffies + msecs_to_jiffies(ATH9K_HTC_TX_CLEANUP_INTERVAL));
441
442 /* perform spectral scan if requested. */
443 if (test_bit(ATH_OP_SCANNING, &common->op_flags) &&
444 priv->spec_priv.spectral_mode == SPECTRAL_CHANSCAN)
445 ath9k_cmn_spectral_scan_trigger(common, &priv->spec_priv);
446 err:
447 ath9k_htc_ps_restore(priv);
448 return ret;
449 }
450
451 /*
452 * Monitor mode handling is a tad complicated because the firmware requires
453 * an interface to be created exclusively, while mac80211 doesn't associate
454 * an interface with the mode.
455 *
456 * So, for now, only one monitor interface can be configured.
457 */
458 static void __ath9k_htc_remove_monitor_interface(struct ath9k_htc_priv *priv)
459 {
460 struct ath_common *common = ath9k_hw_common(priv->ah);
461 struct ath9k_htc_target_vif hvif;
462 int ret = 0;
463 u8 cmd_rsp;
464
465 memset(&hvif, 0, sizeof(struct ath9k_htc_target_vif));
466 memcpy(&hvif.myaddr, common->macaddr, ETH_ALEN);
467 hvif.index = priv->mon_vif_idx;
468 WMI_CMD_BUF(WMI_VAP_REMOVE_CMDID, &hvif);
469 if (ret) {
470 ath_err(common, "Unable to remove monitor interface at idx: %d\n",
471 priv->mon_vif_idx);
472 }
473
474 priv->nvifs--;
475 priv->vif_slot &= ~(1 << priv->mon_vif_idx);
476 }
477
478 static int ath9k_htc_add_monitor_interface(struct ath9k_htc_priv *priv)
479 {
480 struct ath_common *common = ath9k_hw_common(priv->ah);
481 struct ath9k_htc_target_vif hvif;
482 struct ath9k_htc_target_sta tsta;
483 int ret = 0, sta_idx;
484 u8 cmd_rsp;
485
486 if ((priv->nvifs >= ATH9K_HTC_MAX_VIF) ||
487 (priv->nstations >= ATH9K_HTC_MAX_STA)) {
488 ret = -ENOBUFS;
489 goto err_vif;
490 }
491
492 sta_idx = ffz(priv->sta_slot);
493 if ((sta_idx < 0) || (sta_idx > ATH9K_HTC_MAX_STA)) {
494 ret = -ENOBUFS;
495 goto err_vif;
496 }
497
498 /*
499 * Add an interface.
500 */
501 memset(&hvif, 0, sizeof(struct ath9k_htc_target_vif));
502 memcpy(&hvif.myaddr, common->macaddr, ETH_ALEN);
503
504 hvif.opmode = HTC_M_MONITOR;
505 hvif.index = ffz(priv->vif_slot);
506
507 WMI_CMD_BUF(WMI_VAP_CREATE_CMDID, &hvif);
508 if (ret)
509 goto err_vif;
510
511 /*
512 * Assign the monitor interface index as a special case here.
513 * This is needed when the interface is brought down.
514 */
515 priv->mon_vif_idx = hvif.index;
516 priv->vif_slot |= (1 << hvif.index);
517
518 /*
519 * Set the hardware mode to monitor only if there are no
520 * other interfaces.
521 */
522 if (!priv->nvifs)
523 priv->ah->opmode = NL80211_IFTYPE_MONITOR;
524
525 priv->nvifs++;
526
527 /*
528 * Associate a station with the interface for packet injection.
529 */
530 memset(&tsta, 0, sizeof(struct ath9k_htc_target_sta));
531
532 memcpy(&tsta.macaddr, common->macaddr, ETH_ALEN);
533
534 tsta.is_vif_sta = 1;
535 tsta.sta_index = sta_idx;
536 tsta.vif_index = hvif.index;
537 tsta.maxampdu = cpu_to_be16(0xffff);
538
539 WMI_CMD_BUF(WMI_NODE_CREATE_CMDID, &tsta);
540 if (ret) {
541 ath_err(common, "Unable to add station entry for monitor mode\n");
542 goto err_sta;
543 }
544
545 priv->sta_slot |= (1 << sta_idx);
546 priv->nstations++;
547 priv->vif_sta_pos[priv->mon_vif_idx] = sta_idx;
548 priv->ah->is_monitoring = true;
549
550 ath_dbg(common, CONFIG,
551 "Attached a monitor interface at idx: %d, sta idx: %d\n",
552 priv->mon_vif_idx, sta_idx);
553
554 return 0;
555
556 err_sta:
557 /*
558 * Remove the interface from the target.
559 */
560 __ath9k_htc_remove_monitor_interface(priv);
561 err_vif:
562 ath_dbg(common, FATAL, "Unable to attach a monitor interface\n");
563
564 return ret;
565 }
566
567 static int ath9k_htc_remove_monitor_interface(struct ath9k_htc_priv *priv)
568 {
569 struct ath_common *common = ath9k_hw_common(priv->ah);
570 int ret = 0;
571 u8 cmd_rsp, sta_idx;
572
573 __ath9k_htc_remove_monitor_interface(priv);
574
575 sta_idx = priv->vif_sta_pos[priv->mon_vif_idx];
576
577 WMI_CMD_BUF(WMI_NODE_REMOVE_CMDID, &sta_idx);
578 if (ret) {
579 ath_err(common, "Unable to remove station entry for monitor mode\n");
580 return ret;
581 }
582
583 priv->sta_slot &= ~(1 << sta_idx);
584 priv->nstations--;
585 priv->ah->is_monitoring = false;
586
587 ath_dbg(common, CONFIG,
588 "Removed a monitor interface at idx: %d, sta idx: %d\n",
589 priv->mon_vif_idx, sta_idx);
590
591 return 0;
592 }
593
594 static int ath9k_htc_add_station(struct ath9k_htc_priv *priv,
595 struct ieee80211_vif *vif,
596 struct ieee80211_sta *sta)
597 {
598 struct ath_common *common = ath9k_hw_common(priv->ah);
599 struct ath9k_htc_target_sta tsta;
600 struct ath9k_htc_vif *avp = (struct ath9k_htc_vif *) vif->drv_priv;
601 struct ath9k_htc_sta *ista;
602 int ret, sta_idx;
603 u8 cmd_rsp;
604 u16 maxampdu;
605
606 if (priv->nstations >= ATH9K_HTC_MAX_STA)
607 return -ENOBUFS;
608
609 sta_idx = ffz(priv->sta_slot);
610 if ((sta_idx < 0) || (sta_idx > ATH9K_HTC_MAX_STA))
611 return -ENOBUFS;
612
613 memset(&tsta, 0, sizeof(struct ath9k_htc_target_sta));
614
615 if (sta) {
616 ista = (struct ath9k_htc_sta *) sta->drv_priv;
617 memcpy(&tsta.macaddr, sta->addr, ETH_ALEN);
618 memcpy(&tsta.bssid, common->curbssid, ETH_ALEN);
619 ista->index = sta_idx;
620 tsta.is_vif_sta = 0;
621 maxampdu = 1 << (IEEE80211_HT_MAX_AMPDU_FACTOR +
622 sta->ht_cap.ampdu_factor);
623 tsta.maxampdu = cpu_to_be16(maxampdu);
624 } else {
625 memcpy(&tsta.macaddr, vif->addr, ETH_ALEN);
626 tsta.is_vif_sta = 1;
627 tsta.maxampdu = cpu_to_be16(0xffff);
628 }
629
630 tsta.sta_index = sta_idx;
631 tsta.vif_index = avp->index;
632
633 WMI_CMD_BUF(WMI_NODE_CREATE_CMDID, &tsta);
634 if (ret) {
635 if (sta)
636 ath_err(common,
637 "Unable to add station entry for: %pM\n",
638 sta->addr);
639 return ret;
640 }
641
642 if (sta) {
643 ath_dbg(common, CONFIG,
644 "Added a station entry for: %pM (idx: %d)\n",
645 sta->addr, tsta.sta_index);
646 } else {
647 ath_dbg(common, CONFIG,
648 "Added a station entry for VIF %d (idx: %d)\n",
649 avp->index, tsta.sta_index);
650 }
651
652 priv->sta_slot |= (1 << sta_idx);
653 priv->nstations++;
654 if (!sta)
655 priv->vif_sta_pos[avp->index] = sta_idx;
656
657 return 0;
658 }
659
660 static int ath9k_htc_remove_station(struct ath9k_htc_priv *priv,
661 struct ieee80211_vif *vif,
662 struct ieee80211_sta *sta)
663 {
664 struct ath_common *common = ath9k_hw_common(priv->ah);
665 struct ath9k_htc_vif *avp = (struct ath9k_htc_vif *) vif->drv_priv;
666 struct ath9k_htc_sta *ista;
667 int ret;
668 u8 cmd_rsp, sta_idx;
669
670 if (sta) {
671 ista = (struct ath9k_htc_sta *) sta->drv_priv;
672 sta_idx = ista->index;
673 } else {
674 sta_idx = priv->vif_sta_pos[avp->index];
675 }
676
677 WMI_CMD_BUF(WMI_NODE_REMOVE_CMDID, &sta_idx);
678 if (ret) {
679 if (sta)
680 ath_err(common,
681 "Unable to remove station entry for: %pM\n",
682 sta->addr);
683 return ret;
684 }
685
686 if (sta) {
687 ath_dbg(common, CONFIG,
688 "Removed a station entry for: %pM (idx: %d)\n",
689 sta->addr, sta_idx);
690 } else {
691 ath_dbg(common, CONFIG,
692 "Removed a station entry for VIF %d (idx: %d)\n",
693 avp->index, sta_idx);
694 }
695
696 priv->sta_slot &= ~(1 << sta_idx);
697 priv->nstations--;
698
699 return 0;
700 }
701
702 int ath9k_htc_update_cap_target(struct ath9k_htc_priv *priv,
703 u8 enable_coex)
704 {
705 struct ath9k_htc_cap_target tcap;
706 int ret;
707 u8 cmd_rsp;
708
709 memset(&tcap, 0, sizeof(struct ath9k_htc_cap_target));
710
711 tcap.ampdu_limit = cpu_to_be32(0xffff);
712 tcap.ampdu_subframes = 0xff;
713 tcap.enable_coex = enable_coex;
714 tcap.tx_chainmask = priv->ah->caps.tx_chainmask;
715
716 WMI_CMD_BUF(WMI_TARGET_IC_UPDATE_CMDID, &tcap);
717
718 return ret;
719 }
720
721 static void ath9k_htc_setup_rate(struct ath9k_htc_priv *priv,
722 struct ieee80211_sta *sta,
723 struct ath9k_htc_target_rate *trate)
724 {
725 struct ath9k_htc_sta *ista = (struct ath9k_htc_sta *) sta->drv_priv;
726 struct ieee80211_supported_band *sband;
727 u32 caps = 0;
728 int i, j;
729
730 sband = priv->hw->wiphy->bands[priv->hw->conf.chandef.chan->band];
731
732 for (i = 0, j = 0; i < sband->n_bitrates; i++) {
733 if (sta->supp_rates[sband->band] & BIT(i)) {
734 trate->rates.legacy_rates.rs_rates[j]
735 = (sband->bitrates[i].bitrate * 2) / 10;
736 j++;
737 }
738 }
739 trate->rates.legacy_rates.rs_nrates = j;
740
741 if (sta->ht_cap.ht_supported) {
742 for (i = 0, j = 0; i < 77; i++) {
743 if (sta->ht_cap.mcs.rx_mask[i/8] & (1<<(i%8)))
744 trate->rates.ht_rates.rs_rates[j++] = i;
745 if (j == ATH_HTC_RATE_MAX)
746 break;
747 }
748 trate->rates.ht_rates.rs_nrates = j;
749
750 caps = WLAN_RC_HT_FLAG;
751 if (sta->ht_cap.cap & IEEE80211_HT_CAP_RX_STBC)
752 caps |= ATH_RC_TX_STBC_FLAG;
753 if (sta->ht_cap.mcs.rx_mask[1])
754 caps |= WLAN_RC_DS_FLAG;
755 if ((sta->ht_cap.cap & IEEE80211_HT_CAP_SUP_WIDTH_20_40) &&
756 (conf_is_ht40(&priv->hw->conf)))
757 caps |= WLAN_RC_40_FLAG;
758 if (conf_is_ht40(&priv->hw->conf) &&
759 (sta->ht_cap.cap & IEEE80211_HT_CAP_SGI_40))
760 caps |= WLAN_RC_SGI_FLAG;
761 else if (conf_is_ht20(&priv->hw->conf) &&
762 (sta->ht_cap.cap & IEEE80211_HT_CAP_SGI_20))
763 caps |= WLAN_RC_SGI_FLAG;
764 }
765
766 trate->sta_index = ista->index;
767 trate->isnew = 1;
768 trate->capflags = cpu_to_be32(caps);
769 }
770
771 static int ath9k_htc_send_rate_cmd(struct ath9k_htc_priv *priv,
772 struct ath9k_htc_target_rate *trate)
773 {
774 struct ath_common *common = ath9k_hw_common(priv->ah);
775 int ret;
776 u8 cmd_rsp;
777
778 WMI_CMD_BUF(WMI_RC_RATE_UPDATE_CMDID, trate);
779 if (ret) {
780 ath_err(common,
781 "Unable to initialize Rate information on target\n");
782 }
783
784 return ret;
785 }
786
787 static void ath9k_htc_init_rate(struct ath9k_htc_priv *priv,
788 struct ieee80211_sta *sta)
789 {
790 struct ath_common *common = ath9k_hw_common(priv->ah);
791 struct ath9k_htc_target_rate trate;
792 int ret;
793
794 memset(&trate, 0, sizeof(struct ath9k_htc_target_rate));
795 ath9k_htc_setup_rate(priv, sta, &trate);
796 ret = ath9k_htc_send_rate_cmd(priv, &trate);
797 if (!ret)
798 ath_dbg(common, CONFIG,
799 "Updated target sta: %pM, rate caps: 0x%X\n",
800 sta->addr, be32_to_cpu(trate.capflags));
801 }
802
803 static void ath9k_htc_update_rate(struct ath9k_htc_priv *priv,
804 struct ieee80211_vif *vif,
805 struct ieee80211_bss_conf *bss_conf)
806 {
807 struct ath_common *common = ath9k_hw_common(priv->ah);
808 struct ath9k_htc_target_rate trate;
809 struct ieee80211_sta *sta;
810 int ret;
811
812 memset(&trate, 0, sizeof(struct ath9k_htc_target_rate));
813
814 rcu_read_lock();
815 sta = ieee80211_find_sta(vif, bss_conf->bssid);
816 if (!sta) {
817 rcu_read_unlock();
818 return;
819 }
820 ath9k_htc_setup_rate(priv, sta, &trate);
821 rcu_read_unlock();
822
823 ret = ath9k_htc_send_rate_cmd(priv, &trate);
824 if (!ret)
825 ath_dbg(common, CONFIG,
826 "Updated target sta: %pM, rate caps: 0x%X\n",
827 bss_conf->bssid, be32_to_cpu(trate.capflags));
828 }
829
830 static int ath9k_htc_tx_aggr_oper(struct ath9k_htc_priv *priv,
831 struct ieee80211_vif *vif,
832 struct ieee80211_sta *sta,
833 enum ieee80211_ampdu_mlme_action action,
834 u16 tid)
835 {
836 struct ath_common *common = ath9k_hw_common(priv->ah);
837 struct ath9k_htc_target_aggr aggr;
838 struct ath9k_htc_sta *ista;
839 int ret = 0;
840 u8 cmd_rsp;
841
842 if (tid >= ATH9K_HTC_MAX_TID)
843 return -EINVAL;
844
845 memset(&aggr, 0, sizeof(struct ath9k_htc_target_aggr));
846 ista = (struct ath9k_htc_sta *) sta->drv_priv;
847
848 aggr.sta_index = ista->index;
849 aggr.tidno = tid & 0xf;
850 aggr.aggr_enable = (action == IEEE80211_AMPDU_TX_START) ? true : false;
851
852 WMI_CMD_BUF(WMI_TX_AGGR_ENABLE_CMDID, &aggr);
853 if (ret)
854 ath_dbg(common, CONFIG,
855 "Unable to %s TX aggregation for (%pM, %d)\n",
856 (aggr.aggr_enable) ? "start" : "stop", sta->addr, tid);
857 else
858 ath_dbg(common, CONFIG,
859 "%s TX aggregation for (%pM, %d)\n",
860 (aggr.aggr_enable) ? "Starting" : "Stopping",
861 sta->addr, tid);
862
863 spin_lock_bh(&priv->tx.tx_lock);
864 ista->tid_state[tid] = (aggr.aggr_enable && !ret) ? AGGR_START : AGGR_STOP;
865 spin_unlock_bh(&priv->tx.tx_lock);
866
867 return ret;
868 }
869
870 /*******/
871 /* ANI */
872 /*******/
873
874 void ath9k_htc_start_ani(struct ath9k_htc_priv *priv)
875 {
876 struct ath_common *common = ath9k_hw_common(priv->ah);
877 unsigned long timestamp = jiffies_to_msecs(jiffies);
878
879 common->ani.longcal_timer = timestamp;
880 common->ani.shortcal_timer = timestamp;
881 common->ani.checkani_timer = timestamp;
882
883 set_bit(ATH_OP_ANI_RUN, &common->op_flags);
884
885 ieee80211_queue_delayed_work(common->hw, &priv->ani_work,
886 msecs_to_jiffies(ATH_ANI_POLLINTERVAL));
887 }
888
889 void ath9k_htc_stop_ani(struct ath9k_htc_priv *priv)
890 {
891 struct ath_common *common = ath9k_hw_common(priv->ah);
892 cancel_delayed_work_sync(&priv->ani_work);
893 clear_bit(ATH_OP_ANI_RUN, &common->op_flags);
894 }
895
896 void ath9k_htc_ani_work(struct work_struct *work)
897 {
898 struct ath9k_htc_priv *priv =
899 container_of(work, struct ath9k_htc_priv, ani_work.work);
900 struct ath_hw *ah = priv->ah;
901 struct ath_common *common = ath9k_hw_common(ah);
902 bool longcal = false;
903 bool shortcal = false;
904 bool aniflag = false;
905 unsigned int timestamp = jiffies_to_msecs(jiffies);
906 u32 cal_interval, short_cal_interval;
907
908 short_cal_interval = (ah->opmode == NL80211_IFTYPE_AP) ?
909 ATH_AP_SHORT_CALINTERVAL : ATH_STA_SHORT_CALINTERVAL;
910
911 /* Only calibrate if awake */
912 if (ah->power_mode != ATH9K_PM_AWAKE)
913 goto set_timer;
914
915 /* Long calibration runs independently of short calibration. */
916 if ((timestamp - common->ani.longcal_timer) >= ATH_LONG_CALINTERVAL) {
917 longcal = true;
918 ath_dbg(common, ANI, "longcal @%lu\n", jiffies);
919 common->ani.longcal_timer = timestamp;
920 }
921
922 /*
923 * Short calibration applies only while caldone
924 * is false or -ETIMEDOUT
925 */
926 if (common->ani.caldone <= 0) {
927 if ((timestamp - common->ani.shortcal_timer) >=
928 short_cal_interval) {
929 shortcal = true;
930 ath_dbg(common, ANI, "shortcal @%lu\n", jiffies);
931 common->ani.shortcal_timer = timestamp;
932 common->ani.resetcal_timer = timestamp;
933 }
934 } else {
935 if ((timestamp - common->ani.resetcal_timer) >=
936 ATH_RESTART_CALINTERVAL) {
937 common->ani.caldone = ath9k_hw_reset_calvalid(ah);
938 if (common->ani.caldone)
939 common->ani.resetcal_timer = timestamp;
940 }
941 }
942
943 /* Verify whether we must check ANI */
944 if ((timestamp - common->ani.checkani_timer) >= ATH_ANI_POLLINTERVAL) {
945 aniflag = true;
946 common->ani.checkani_timer = timestamp;
947 }
948
949 /* Skip all processing if there's nothing to do. */
950 if (longcal || shortcal || aniflag) {
951
952 ath9k_htc_ps_wakeup(priv);
953
954 /* Call ANI routine if necessary */
955 if (aniflag)
956 ath9k_hw_ani_monitor(ah, ah->curchan);
957
958 /* Perform calibration if necessary */
959 if (longcal || shortcal)
960 common->ani.caldone =
961 ath9k_hw_calibrate(ah, ah->curchan,
962 ah->rxchainmask, longcal) > 0;
963
964 ath9k_htc_ps_restore(priv);
965 }
966
967 set_timer:
968 /*
969 * Set timer interval based on previous results.
970 * The interval must be the shortest necessary to satisfy ANI,
971 * short calibration and long calibration.
972 */
973 cal_interval = ATH_LONG_CALINTERVAL;
974 cal_interval = min(cal_interval, (u32)ATH_ANI_POLLINTERVAL);
975 /*
976 * Short calibration applies only while caldone
977 * is false or -ETIMEDOUT
978 */
979 if (common->ani.caldone <= 0)
980 cal_interval = min(cal_interval, (u32)short_cal_interval);
981
982 ieee80211_queue_delayed_work(common->hw, &priv->ani_work,
983 msecs_to_jiffies(cal_interval));
984 }
985
986 /**********************/
987 /* mac80211 Callbacks */
988 /**********************/
989
990 static void ath9k_htc_tx(struct ieee80211_hw *hw,
991 struct ieee80211_tx_control *control,
992 struct sk_buff *skb)
993 {
994 struct ieee80211_hdr *hdr;
995 struct ath9k_htc_priv *priv = hw->priv;
996 struct ath_common *common = ath9k_hw_common(priv->ah);
997 int padpos, padsize, ret, slot;
998
999 hdr = (struct ieee80211_hdr *) skb->data;
1000
1001 /* Add the padding after the header if this is not already done */
1002 padpos = ieee80211_hdrlen(hdr->frame_control);
1003 padsize = padpos & 3;
1004 if (padsize && skb->len > padpos) {
1005 if (skb_headroom(skb) < padsize) {
1006 ath_dbg(common, XMIT, "No room for padding\n");
1007 goto fail_tx;
1008 }
1009 skb_push(skb, padsize);
1010 memmove(skb->data, skb->data + padsize, padpos);
1011 }
1012
1013 slot = ath9k_htc_tx_get_slot(priv);
1014 if (slot < 0) {
1015 ath_dbg(common, XMIT, "No free TX slot\n");
1016 goto fail_tx;
1017 }
1018
1019 ret = ath9k_htc_tx_start(priv, control->sta, skb, slot, false);
1020 if (ret != 0) {
1021 ath_dbg(common, XMIT, "Tx failed\n");
1022 goto clear_slot;
1023 }
1024
1025 ath9k_htc_check_stop_queues(priv);
1026
1027 return;
1028
1029 clear_slot:
1030 ath9k_htc_tx_clear_slot(priv, slot);
1031 fail_tx:
1032 dev_kfree_skb_any(skb);
1033 }
1034
1035 static int ath9k_htc_start(struct ieee80211_hw *hw)
1036 {
1037 struct ath9k_htc_priv *priv = hw->priv;
1038 struct ath_hw *ah = priv->ah;
1039 struct ath_common *common = ath9k_hw_common(ah);
1040 struct ieee80211_channel *curchan = hw->conf.chandef.chan;
1041 struct ath9k_channel *init_channel;
1042 int ret = 0;
1043 enum htc_phymode mode;
1044 __be16 htc_mode;
1045 u8 cmd_rsp;
1046
1047 mutex_lock(&priv->mutex);
1048
1049 ath_dbg(common, CONFIG,
1050 "Starting driver with initial channel: %d MHz\n",
1051 curchan->center_freq);
1052
1053 /* Ensure that HW is awake before flushing RX */
1054 ath9k_htc_setpower(priv, ATH9K_PM_AWAKE);
1055 WMI_CMD(WMI_FLUSH_RECV_CMDID);
1056
1057 /* setup initial channel */
1058 init_channel = ath9k_cmn_get_channel(hw, ah, &hw->conf.chandef);
1059
1060 ret = ath9k_hw_reset(ah, init_channel, ah->caldata, false);
1061 if (ret) {
1062 ath_err(common,
1063 "Unable to reset hardware; reset status %d (freq %u MHz)\n",
1064 ret, curchan->center_freq);
1065 mutex_unlock(&priv->mutex);
1066 return ret;
1067 }
1068
1069 ath9k_cmn_update_txpow(ah, priv->curtxpow, priv->txpowlimit,
1070 &priv->curtxpow);
1071
1072 mode = ath9k_htc_get_curmode(priv, init_channel);
1073 htc_mode = cpu_to_be16(mode);
1074 WMI_CMD_BUF(WMI_SET_MODE_CMDID, &htc_mode);
1075 WMI_CMD(WMI_ATH_INIT_CMDID);
1076 WMI_CMD(WMI_START_RECV_CMDID);
1077
1078 ath9k_host_rx_init(priv);
1079
1080 ret = ath9k_htc_update_cap_target(priv, 0);
1081 if (ret)
1082 ath_dbg(common, CONFIG,
1083 "Failed to update capability in target\n");
1084
1085 clear_bit(ATH_OP_INVALID, &common->op_flags);
1086 htc_start(priv->htc);
1087
1088 spin_lock_bh(&priv->tx.tx_lock);
1089 priv->tx.flags &= ~ATH9K_HTC_OP_TX_QUEUES_STOP;
1090 spin_unlock_bh(&priv->tx.tx_lock);
1091
1092 ieee80211_wake_queues(hw);
1093
1094 mod_timer(&priv->tx.cleanup_timer,
1095 jiffies + msecs_to_jiffies(ATH9K_HTC_TX_CLEANUP_INTERVAL));
1096
1097 ath9k_htc_start_btcoex(priv);
1098
1099 mutex_unlock(&priv->mutex);
1100
1101 return ret;
1102 }
1103
1104 static void ath9k_htc_stop(struct ieee80211_hw *hw)
1105 {
1106 struct ath9k_htc_priv *priv = hw->priv;
1107 struct ath_hw *ah = priv->ah;
1108 struct ath_common *common = ath9k_hw_common(ah);
1109 int ret __attribute__ ((unused));
1110 u8 cmd_rsp;
1111
1112 mutex_lock(&priv->mutex);
1113
1114 if (test_bit(ATH_OP_INVALID, &common->op_flags)) {
1115 ath_dbg(common, ANY, "Device not present\n");
1116 mutex_unlock(&priv->mutex);
1117 return;
1118 }
1119
1120 ath9k_htc_ps_wakeup(priv);
1121
1122 WMI_CMD(WMI_DISABLE_INTR_CMDID);
1123 WMI_CMD(WMI_DRAIN_TXQ_ALL_CMDID);
1124 WMI_CMD(WMI_STOP_RECV_CMDID);
1125
1126 tasklet_kill(&priv->rx_tasklet);
1127
1128 del_timer_sync(&priv->tx.cleanup_timer);
1129 ath9k_htc_tx_drain(priv);
1130 ath9k_wmi_event_drain(priv);
1131
1132 mutex_unlock(&priv->mutex);
1133
1134 /* Cancel all the running timers/work .. */
1135 cancel_work_sync(&priv->fatal_work);
1136 cancel_work_sync(&priv->ps_work);
1137
1138 #ifdef CONFIG_MAC80211_LEDS
1139 cancel_work_sync(&priv->led_work);
1140 #endif
1141 ath9k_htc_stop_ani(priv);
1142
1143 mutex_lock(&priv->mutex);
1144
1145 ath9k_htc_stop_btcoex(priv);
1146
1147 /* Remove a monitor interface if it's present. */
1148 if (priv->ah->is_monitoring)
1149 ath9k_htc_remove_monitor_interface(priv);
1150
1151 ath9k_hw_phy_disable(ah);
1152 ath9k_hw_disable(ah);
1153 ath9k_htc_ps_restore(priv);
1154 ath9k_htc_setpower(priv, ATH9K_PM_FULL_SLEEP);
1155
1156 set_bit(ATH_OP_INVALID, &common->op_flags);
1157
1158 ath_dbg(common, CONFIG, "Driver halt\n");
1159 mutex_unlock(&priv->mutex);
1160 }
1161
1162 static int ath9k_htc_add_interface(struct ieee80211_hw *hw,
1163 struct ieee80211_vif *vif)
1164 {
1165 struct ath9k_htc_priv *priv = hw->priv;
1166 struct ath9k_htc_vif *avp = (void *)vif->drv_priv;
1167 struct ath_common *common = ath9k_hw_common(priv->ah);
1168 struct ath9k_htc_target_vif hvif;
1169 int ret = 0;
1170 u8 cmd_rsp;
1171
1172 mutex_lock(&priv->mutex);
1173
1174 ath9k_htc_ps_wakeup(priv);
1175 memset(&hvif, 0, sizeof(struct ath9k_htc_target_vif));
1176 memcpy(&hvif.myaddr, vif->addr, ETH_ALEN);
1177
1178 switch (vif->type) {
1179 case NL80211_IFTYPE_STATION:
1180 hvif.opmode = HTC_M_STA;
1181 break;
1182 case NL80211_IFTYPE_ADHOC:
1183 hvif.opmode = HTC_M_IBSS;
1184 break;
1185 case NL80211_IFTYPE_AP:
1186 hvif.opmode = HTC_M_HOSTAP;
1187 break;
1188 case NL80211_IFTYPE_MESH_POINT:
1189 hvif.opmode = HTC_M_WDS; /* close enough */
1190 break;
1191 default:
1192 ath_err(common,
1193 "Interface type %d not yet supported\n", vif->type);
1194 ret = -EOPNOTSUPP;
1195 goto out;
1196 }
1197
1198 /* Index starts from zero on the target */
1199 avp->index = hvif.index = ffz(priv->vif_slot);
1200 hvif.rtsthreshold = cpu_to_be16(2304);
1201 WMI_CMD_BUF(WMI_VAP_CREATE_CMDID, &hvif);
1202 if (ret)
1203 goto out;
1204
1205 /*
1206 * We need a node in target to tx mgmt frames
1207 * before association.
1208 */
1209 ret = ath9k_htc_add_station(priv, vif, NULL);
1210 if (ret) {
1211 WMI_CMD_BUF(WMI_VAP_REMOVE_CMDID, &hvif);
1212 goto out;
1213 }
1214
1215 ath9k_htc_set_mac_bssid_mask(priv, vif);
1216
1217 priv->vif_slot |= (1 << avp->index);
1218 priv->nvifs++;
1219
1220 INC_VIF(priv, vif->type);
1221
1222 if ((vif->type == NL80211_IFTYPE_AP) ||
1223 (vif->type == NL80211_IFTYPE_MESH_POINT) ||
1224 (vif->type == NL80211_IFTYPE_ADHOC))
1225 ath9k_htc_assign_bslot(priv, vif);
1226
1227 ath9k_htc_set_opmode(priv);
1228
1229 if ((priv->ah->opmode == NL80211_IFTYPE_AP) &&
1230 !test_bit(ATH_OP_ANI_RUN, &common->op_flags)) {
1231 ath9k_hw_set_tsfadjust(priv->ah, true);
1232 ath9k_htc_start_ani(priv);
1233 }
1234
1235 ath_dbg(common, CONFIG, "Attach a VIF of type: %d at idx: %d\n",
1236 vif->type, avp->index);
1237
1238 out:
1239 ath9k_htc_ps_restore(priv);
1240 mutex_unlock(&priv->mutex);
1241
1242 return ret;
1243 }
1244
1245 static void ath9k_htc_remove_interface(struct ieee80211_hw *hw,
1246 struct ieee80211_vif *vif)
1247 {
1248 struct ath9k_htc_priv *priv = hw->priv;
1249 struct ath_common *common = ath9k_hw_common(priv->ah);
1250 struct ath9k_htc_vif *avp = (void *)vif->drv_priv;
1251 struct ath9k_htc_target_vif hvif;
1252 int ret = 0;
1253 u8 cmd_rsp;
1254
1255 mutex_lock(&priv->mutex);
1256 ath9k_htc_ps_wakeup(priv);
1257
1258 memset(&hvif, 0, sizeof(struct ath9k_htc_target_vif));
1259 memcpy(&hvif.myaddr, vif->addr, ETH_ALEN);
1260 hvif.index = avp->index;
1261 WMI_CMD_BUF(WMI_VAP_REMOVE_CMDID, &hvif);
1262 if (ret) {
1263 ath_err(common, "Unable to remove interface at idx: %d\n",
1264 avp->index);
1265 }
1266 priv->nvifs--;
1267 priv->vif_slot &= ~(1 << avp->index);
1268
1269 if (priv->csa_vif == vif)
1270 priv->csa_vif = NULL;
1271
1272 ath9k_htc_remove_station(priv, vif, NULL);
1273
1274 DEC_VIF(priv, vif->type);
1275
1276 if ((vif->type == NL80211_IFTYPE_AP) ||
1277 vif->type == NL80211_IFTYPE_MESH_POINT ||
1278 (vif->type == NL80211_IFTYPE_ADHOC))
1279 ath9k_htc_remove_bslot(priv, vif);
1280
1281 ath9k_htc_set_opmode(priv);
1282
1283 ath9k_htc_set_mac_bssid_mask(priv, vif);
1284
1285 /*
1286 * Stop ANI only if there are no associated station interfaces.
1287 */
1288 if ((vif->type == NL80211_IFTYPE_AP) && (priv->num_ap_vif == 0)) {
1289 priv->rearm_ani = false;
1290 ieee80211_iterate_active_interfaces_atomic(
1291 priv->hw, IEEE80211_IFACE_ITER_RESUME_ALL,
1292 ath9k_htc_vif_iter, priv);
1293 if (!priv->rearm_ani)
1294 ath9k_htc_stop_ani(priv);
1295 }
1296
1297 ath_dbg(common, CONFIG, "Detach Interface at idx: %d\n", avp->index);
1298
1299 ath9k_htc_ps_restore(priv);
1300 mutex_unlock(&priv->mutex);
1301 }
1302
1303 static int ath9k_htc_config(struct ieee80211_hw *hw, u32 changed)
1304 {
1305 struct ath9k_htc_priv *priv = hw->priv;
1306 struct ath_common *common = ath9k_hw_common(priv->ah);
1307 struct ieee80211_conf *conf = &hw->conf;
1308 bool chip_reset = false;
1309 int ret = 0;
1310
1311 mutex_lock(&priv->mutex);
1312 ath9k_htc_ps_wakeup(priv);
1313
1314 if (changed & IEEE80211_CONF_CHANGE_IDLE) {
1315 mutex_lock(&priv->htc_pm_lock);
1316
1317 priv->ps_idle = !!(conf->flags & IEEE80211_CONF_IDLE);
1318 if (!priv->ps_idle)
1319 chip_reset = true;
1320
1321 mutex_unlock(&priv->htc_pm_lock);
1322 }
1323
1324 /*
1325 * Monitor interface should be added before
1326 * IEEE80211_CONF_CHANGE_CHANNEL is handled.
1327 */
1328 if (changed & IEEE80211_CONF_CHANGE_MONITOR) {
1329 if ((conf->flags & IEEE80211_CONF_MONITOR) &&
1330 !priv->ah->is_monitoring)
1331 ath9k_htc_add_monitor_interface(priv);
1332 else if (priv->ah->is_monitoring)
1333 ath9k_htc_remove_monitor_interface(priv);
1334 }
1335
1336 if ((changed & IEEE80211_CONF_CHANGE_CHANNEL) || chip_reset) {
1337 struct ieee80211_channel *curchan = hw->conf.chandef.chan;
1338 int pos = curchan->hw_value;
1339
1340 ath_dbg(common, CONFIG, "Set channel: %d MHz\n",
1341 curchan->center_freq);
1342
1343 ath9k_cmn_get_channel(hw, priv->ah, &hw->conf.chandef);
1344 if (ath9k_htc_set_channel(priv, hw, &priv->ah->channels[pos]) < 0) {
1345 ath_err(common, "Unable to set channel\n");
1346 ret = -EINVAL;
1347 goto out;
1348 }
1349
1350 }
1351
1352 if (changed & IEEE80211_CONF_CHANGE_PS) {
1353 if (conf->flags & IEEE80211_CONF_PS) {
1354 ath9k_htc_setpower(priv, ATH9K_PM_NETWORK_SLEEP);
1355 priv->ps_enabled = true;
1356 } else {
1357 priv->ps_enabled = false;
1358 cancel_work_sync(&priv->ps_work);
1359 ath9k_htc_setpower(priv, ATH9K_PM_AWAKE);
1360 }
1361 }
1362
1363 if (changed & IEEE80211_CONF_CHANGE_POWER) {
1364 priv->txpowlimit = 2 * conf->power_level;
1365 ath9k_cmn_update_txpow(priv->ah, priv->curtxpow,
1366 priv->txpowlimit, &priv->curtxpow);
1367 }
1368
1369 out:
1370 ath9k_htc_ps_restore(priv);
1371 mutex_unlock(&priv->mutex);
1372 return ret;
1373 }
1374
1375 #define SUPPORTED_FILTERS \
1376 (FIF_ALLMULTI | \
1377 FIF_CONTROL | \
1378 FIF_PSPOLL | \
1379 FIF_OTHER_BSS | \
1380 FIF_BCN_PRBRESP_PROMISC | \
1381 FIF_PROBE_REQ | \
1382 FIF_FCSFAIL)
1383
1384 static void ath9k_htc_configure_filter(struct ieee80211_hw *hw,
1385 unsigned int changed_flags,
1386 unsigned int *total_flags,
1387 u64 multicast)
1388 {
1389 struct ath9k_htc_priv *priv = hw->priv;
1390 struct ath_common *common = ath9k_hw_common(priv->ah);
1391 u32 rfilt;
1392
1393 mutex_lock(&priv->mutex);
1394 changed_flags &= SUPPORTED_FILTERS;
1395 *total_flags &= SUPPORTED_FILTERS;
1396
1397 if (test_bit(ATH_OP_INVALID, &common->op_flags)) {
1398 ath_dbg(ath9k_hw_common(priv->ah), ANY,
1399 "Unable to configure filter on invalid state\n");
1400 mutex_unlock(&priv->mutex);
1401 return;
1402 }
1403 ath9k_htc_ps_wakeup(priv);
1404
1405 priv->rxfilter = *total_flags;
1406 rfilt = ath9k_htc_calcrxfilter(priv);
1407 ath9k_hw_setrxfilter(priv->ah, rfilt);
1408
1409 ath_dbg(ath9k_hw_common(priv->ah), CONFIG, "Set HW RX filter: 0x%x\n",
1410 rfilt);
1411
1412 ath9k_htc_ps_restore(priv);
1413 mutex_unlock(&priv->mutex);
1414 }
1415
1416 static void ath9k_htc_sta_rc_update_work(struct work_struct *work)
1417 {
1418 struct ath9k_htc_sta *ista =
1419 container_of(work, struct ath9k_htc_sta, rc_update_work);
1420 struct ieee80211_sta *sta =
1421 container_of((void *)ista, struct ieee80211_sta, drv_priv);
1422 struct ath9k_htc_priv *priv = ista->htc_priv;
1423 struct ath_common *common = ath9k_hw_common(priv->ah);
1424 struct ath9k_htc_target_rate trate;
1425
1426 mutex_lock(&priv->mutex);
1427 ath9k_htc_ps_wakeup(priv);
1428
1429 memset(&trate, 0, sizeof(struct ath9k_htc_target_rate));
1430 ath9k_htc_setup_rate(priv, sta, &trate);
1431 if (!ath9k_htc_send_rate_cmd(priv, &trate))
1432 ath_dbg(common, CONFIG,
1433 "Supported rates for sta: %pM updated, rate caps: 0x%X\n",
1434 sta->addr, be32_to_cpu(trate.capflags));
1435 else
1436 ath_dbg(common, CONFIG,
1437 "Unable to update supported rates for sta: %pM\n",
1438 sta->addr);
1439
1440 ath9k_htc_ps_restore(priv);
1441 mutex_unlock(&priv->mutex);
1442 }
1443
1444 static int ath9k_htc_sta_add(struct ieee80211_hw *hw,
1445 struct ieee80211_vif *vif,
1446 struct ieee80211_sta *sta)
1447 {
1448 struct ath9k_htc_priv *priv = hw->priv;
1449 struct ath9k_htc_sta *ista = (struct ath9k_htc_sta *) sta->drv_priv;
1450 int ret;
1451
1452 mutex_lock(&priv->mutex);
1453 ath9k_htc_ps_wakeup(priv);
1454 ret = ath9k_htc_add_station(priv, vif, sta);
1455 if (!ret) {
1456 INIT_WORK(&ista->rc_update_work, ath9k_htc_sta_rc_update_work);
1457 ista->htc_priv = priv;
1458 ath9k_htc_init_rate(priv, sta);
1459 }
1460 ath9k_htc_ps_restore(priv);
1461 mutex_unlock(&priv->mutex);
1462
1463 return ret;
1464 }
1465
1466 static int ath9k_htc_sta_remove(struct ieee80211_hw *hw,
1467 struct ieee80211_vif *vif,
1468 struct ieee80211_sta *sta)
1469 {
1470 struct ath9k_htc_priv *priv = hw->priv;
1471 struct ath9k_htc_sta *ista = (struct ath9k_htc_sta *) sta->drv_priv;
1472 int ret;
1473
1474 cancel_work_sync(&ista->rc_update_work);
1475
1476 mutex_lock(&priv->mutex);
1477 ath9k_htc_ps_wakeup(priv);
1478 htc_sta_drain(priv->htc, ista->index);
1479 ret = ath9k_htc_remove_station(priv, vif, sta);
1480 ath9k_htc_ps_restore(priv);
1481 mutex_unlock(&priv->mutex);
1482
1483 return ret;
1484 }
1485
1486 static void ath9k_htc_sta_rc_update(struct ieee80211_hw *hw,
1487 struct ieee80211_vif *vif,
1488 struct ieee80211_sta *sta, u32 changed)
1489 {
1490 struct ath9k_htc_sta *ista = (struct ath9k_htc_sta *) sta->drv_priv;
1491
1492 if (!(changed & IEEE80211_RC_SUPP_RATES_CHANGED))
1493 return;
1494
1495 schedule_work(&ista->rc_update_work);
1496 }
1497
1498 static int ath9k_htc_conf_tx(struct ieee80211_hw *hw,
1499 struct ieee80211_vif *vif, u16 queue,
1500 const struct ieee80211_tx_queue_params *params)
1501 {
1502 struct ath9k_htc_priv *priv = hw->priv;
1503 struct ath_common *common = ath9k_hw_common(priv->ah);
1504 struct ath9k_tx_queue_info qi;
1505 int ret = 0, qnum;
1506
1507 if (queue >= IEEE80211_NUM_ACS)
1508 return 0;
1509
1510 mutex_lock(&priv->mutex);
1511 ath9k_htc_ps_wakeup(priv);
1512
1513 memset(&qi, 0, sizeof(struct ath9k_tx_queue_info));
1514
1515 qi.tqi_aifs = params->aifs;
1516 qi.tqi_cwmin = params->cw_min;
1517 qi.tqi_cwmax = params->cw_max;
1518 qi.tqi_burstTime = params->txop * 32;
1519
1520 qnum = get_hw_qnum(queue, priv->hwq_map);
1521
1522 ath_dbg(common, CONFIG,
1523 "Configure tx [queue/hwq] [%d/%d], aifs: %d, cw_min: %d, cw_max: %d, txop: %d\n",
1524 queue, qnum, params->aifs, params->cw_min,
1525 params->cw_max, params->txop);
1526
1527 ret = ath_htc_txq_update(priv, qnum, &qi);
1528 if (ret) {
1529 ath_err(common, "TXQ Update failed\n");
1530 goto out;
1531 }
1532
1533 if ((priv->ah->opmode == NL80211_IFTYPE_ADHOC) &&
1534 (qnum == priv->hwq_map[IEEE80211_AC_BE]))
1535 ath9k_htc_beaconq_config(priv);
1536 out:
1537 ath9k_htc_ps_restore(priv);
1538 mutex_unlock(&priv->mutex);
1539
1540 return ret;
1541 }
1542
1543 static int ath9k_htc_set_key(struct ieee80211_hw *hw,
1544 enum set_key_cmd cmd,
1545 struct ieee80211_vif *vif,
1546 struct ieee80211_sta *sta,
1547 struct ieee80211_key_conf *key)
1548 {
1549 struct ath9k_htc_priv *priv = hw->priv;
1550 struct ath_common *common = ath9k_hw_common(priv->ah);
1551 int ret = 0;
1552
1553 if (htc_modparam_nohwcrypt)
1554 return -ENOSPC;
1555
1556 if ((vif->type == NL80211_IFTYPE_ADHOC ||
1557 vif->type == NL80211_IFTYPE_MESH_POINT) &&
1558 (key->cipher == WLAN_CIPHER_SUITE_TKIP ||
1559 key->cipher == WLAN_CIPHER_SUITE_CCMP) &&
1560 !(key->flags & IEEE80211_KEY_FLAG_PAIRWISE)) {
1561 /*
1562 * For now, disable hw crypto for the RSN IBSS group keys. This
1563 * could be optimized in the future to use a modified key cache
1564 * design to support per-STA RX GTK, but until that gets
1565 * implemented, use of software crypto for group addressed
1566 * frames is a acceptable to allow RSN IBSS to be used.
1567 */
1568 return -EOPNOTSUPP;
1569 }
1570
1571 mutex_lock(&priv->mutex);
1572 ath_dbg(common, CONFIG, "Set HW Key\n");
1573 ath9k_htc_ps_wakeup(priv);
1574
1575 switch (cmd) {
1576 case SET_KEY:
1577 ret = ath_key_config(common, vif, sta, key);
1578 if (ret >= 0) {
1579 key->hw_key_idx = ret;
1580 /* push IV and Michael MIC generation to stack */
1581 key->flags |= IEEE80211_KEY_FLAG_GENERATE_IV;
1582 if (key->cipher == WLAN_CIPHER_SUITE_TKIP)
1583 key->flags |= IEEE80211_KEY_FLAG_GENERATE_MMIC;
1584 if (priv->ah->sw_mgmt_crypto_tx &&
1585 key->cipher == WLAN_CIPHER_SUITE_CCMP)
1586 key->flags |= IEEE80211_KEY_FLAG_SW_MGMT_TX;
1587 ret = 0;
1588 }
1589 break;
1590 case DISABLE_KEY:
1591 ath_key_delete(common, key);
1592 break;
1593 default:
1594 ret = -EINVAL;
1595 }
1596
1597 ath9k_htc_ps_restore(priv);
1598 mutex_unlock(&priv->mutex);
1599
1600 return ret;
1601 }
1602
1603 static void ath9k_htc_set_bssid(struct ath9k_htc_priv *priv)
1604 {
1605 struct ath_common *common = ath9k_hw_common(priv->ah);
1606
1607 ath9k_hw_write_associd(priv->ah);
1608 ath_dbg(common, CONFIG, "BSSID: %pM aid: 0x%x\n",
1609 common->curbssid, common->curaid);
1610 }
1611
1612 static void ath9k_htc_bss_iter(void *data, u8 *mac, struct ieee80211_vif *vif)
1613 {
1614 struct ath9k_htc_priv *priv = (struct ath9k_htc_priv *)data;
1615 struct ath_common *common = ath9k_hw_common(priv->ah);
1616 struct ieee80211_bss_conf *bss_conf = &vif->bss_conf;
1617
1618 if ((vif->type == NL80211_IFTYPE_STATION) && bss_conf->assoc) {
1619 common->curaid = bss_conf->aid;
1620 common->last_rssi = ATH_RSSI_DUMMY_MARKER;
1621 memcpy(common->curbssid, bss_conf->bssid, ETH_ALEN);
1622 set_bit(ATH_OP_PRIM_STA_VIF, &common->op_flags);
1623 }
1624 }
1625
1626 static void ath9k_htc_choose_set_bssid(struct ath9k_htc_priv *priv)
1627 {
1628 if (priv->num_sta_assoc_vif == 1) {
1629 ieee80211_iterate_active_interfaces_atomic(
1630 priv->hw, IEEE80211_IFACE_ITER_RESUME_ALL,
1631 ath9k_htc_bss_iter, priv);
1632 ath9k_htc_set_bssid(priv);
1633 }
1634 }
1635
1636 static void ath9k_htc_bss_info_changed(struct ieee80211_hw *hw,
1637 struct ieee80211_vif *vif,
1638 struct ieee80211_bss_conf *bss_conf,
1639 u32 changed)
1640 {
1641 struct ath9k_htc_priv *priv = hw->priv;
1642 struct ath_hw *ah = priv->ah;
1643 struct ath_common *common = ath9k_hw_common(ah);
1644 int slottime;
1645
1646 mutex_lock(&priv->mutex);
1647 ath9k_htc_ps_wakeup(priv);
1648
1649 if (changed & BSS_CHANGED_ASSOC) {
1650 ath_dbg(common, CONFIG, "BSS Changed ASSOC %d\n",
1651 bss_conf->assoc);
1652
1653 bss_conf->assoc ?
1654 priv->num_sta_assoc_vif++ : priv->num_sta_assoc_vif--;
1655
1656 if (!bss_conf->assoc)
1657 clear_bit(ATH_OP_PRIM_STA_VIF, &common->op_flags);
1658
1659 if (priv->ah->opmode == NL80211_IFTYPE_STATION) {
1660 ath9k_htc_choose_set_bssid(priv);
1661 if (bss_conf->assoc && (priv->num_sta_assoc_vif == 1))
1662 ath9k_htc_start_ani(priv);
1663 else if (priv->num_sta_assoc_vif == 0)
1664 ath9k_htc_stop_ani(priv);
1665 }
1666 }
1667
1668 if (changed & BSS_CHANGED_IBSS) {
1669 if (priv->ah->opmode == NL80211_IFTYPE_ADHOC) {
1670 common->curaid = bss_conf->aid;
1671 memcpy(common->curbssid, bss_conf->bssid, ETH_ALEN);
1672 ath9k_htc_set_bssid(priv);
1673 }
1674 }
1675
1676 if ((changed & BSS_CHANGED_BEACON_ENABLED) && bss_conf->enable_beacon) {
1677 ath_dbg(common, CONFIG, "Beacon enabled for BSS: %pM\n",
1678 bss_conf->bssid);
1679 ath9k_htc_set_tsfadjust(priv, vif);
1680 priv->cur_beacon_conf.enable_beacon = 1;
1681 ath9k_htc_beacon_config(priv, vif);
1682 }
1683
1684 if ((changed & BSS_CHANGED_BEACON_ENABLED) && !bss_conf->enable_beacon) {
1685 /*
1686 * Disable SWBA interrupt only if there are no
1687 * concurrent AP/mesh or IBSS interfaces.
1688 */
1689 if ((priv->num_ap_vif + priv->num_mbss_vif <= 1) ||
1690 priv->num_ibss_vif) {
1691 ath_dbg(common, CONFIG,
1692 "Beacon disabled for BSS: %pM\n",
1693 bss_conf->bssid);
1694 priv->cur_beacon_conf.enable_beacon = 0;
1695 ath9k_htc_beacon_config(priv, vif);
1696 }
1697 }
1698
1699 if (changed & BSS_CHANGED_BEACON_INT) {
1700 /*
1701 * Reset the HW TSF for the first AP or mesh interface.
1702 */
1703 if (priv->nvifs == 1 &&
1704 ((priv->ah->opmode == NL80211_IFTYPE_AP &&
1705 vif->type == NL80211_IFTYPE_AP &&
1706 priv->num_ap_vif == 1) ||
1707 (priv->ah->opmode == NL80211_IFTYPE_MESH_POINT &&
1708 vif->type == NL80211_IFTYPE_MESH_POINT &&
1709 priv->num_mbss_vif == 1))) {
1710 set_bit(OP_TSF_RESET, &priv->op_flags);
1711 }
1712 ath_dbg(common, CONFIG,
1713 "Beacon interval changed for BSS: %pM\n",
1714 bss_conf->bssid);
1715 ath9k_htc_beacon_config(priv, vif);
1716 }
1717
1718 if (changed & BSS_CHANGED_ERP_SLOT) {
1719 if (bss_conf->use_short_slot)
1720 slottime = 9;
1721 else
1722 slottime = 20;
1723 if (vif->type == NL80211_IFTYPE_AP) {
1724 /*
1725 * Defer update, so that connected stations can adjust
1726 * their settings at the same time.
1727 * See beacon.c for more details
1728 */
1729 priv->beacon.slottime = slottime;
1730 priv->beacon.updateslot = UPDATE;
1731 } else {
1732 ah->slottime = slottime;
1733 ath9k_hw_init_global_settings(ah);
1734 }
1735 }
1736
1737 if (changed & BSS_CHANGED_HT)
1738 ath9k_htc_update_rate(priv, vif, bss_conf);
1739
1740 ath9k_htc_ps_restore(priv);
1741 mutex_unlock(&priv->mutex);
1742 }
1743
1744 static u64 ath9k_htc_get_tsf(struct ieee80211_hw *hw,
1745 struct ieee80211_vif *vif)
1746 {
1747 struct ath9k_htc_priv *priv = hw->priv;
1748 u64 tsf;
1749
1750 mutex_lock(&priv->mutex);
1751 ath9k_htc_ps_wakeup(priv);
1752 tsf = ath9k_hw_gettsf64(priv->ah);
1753 ath9k_htc_ps_restore(priv);
1754 mutex_unlock(&priv->mutex);
1755
1756 return tsf;
1757 }
1758
1759 static void ath9k_htc_set_tsf(struct ieee80211_hw *hw,
1760 struct ieee80211_vif *vif, u64 tsf)
1761 {
1762 struct ath9k_htc_priv *priv = hw->priv;
1763
1764 mutex_lock(&priv->mutex);
1765 ath9k_htc_ps_wakeup(priv);
1766 ath9k_hw_settsf64(priv->ah, tsf);
1767 ath9k_htc_ps_restore(priv);
1768 mutex_unlock(&priv->mutex);
1769 }
1770
1771 static void ath9k_htc_reset_tsf(struct ieee80211_hw *hw,
1772 struct ieee80211_vif *vif)
1773 {
1774 struct ath9k_htc_priv *priv = hw->priv;
1775
1776 mutex_lock(&priv->mutex);
1777 ath9k_htc_ps_wakeup(priv);
1778 ath9k_hw_reset_tsf(priv->ah);
1779 ath9k_htc_ps_restore(priv);
1780 mutex_unlock(&priv->mutex);
1781 }
1782
1783 static int ath9k_htc_ampdu_action(struct ieee80211_hw *hw,
1784 struct ieee80211_vif *vif,
1785 enum ieee80211_ampdu_mlme_action action,
1786 struct ieee80211_sta *sta,
1787 u16 tid, u16 *ssn, u8 buf_size, bool amsdu)
1788 {
1789 struct ath9k_htc_priv *priv = hw->priv;
1790 struct ath9k_htc_sta *ista;
1791 int ret = 0;
1792
1793 mutex_lock(&priv->mutex);
1794 ath9k_htc_ps_wakeup(priv);
1795
1796 switch (action) {
1797 case IEEE80211_AMPDU_RX_START:
1798 break;
1799 case IEEE80211_AMPDU_RX_STOP:
1800 break;
1801 case IEEE80211_AMPDU_TX_START:
1802 ret = ath9k_htc_tx_aggr_oper(priv, vif, sta, action, tid);
1803 if (!ret)
1804 ieee80211_start_tx_ba_cb_irqsafe(vif, sta->addr, tid);
1805 break;
1806 case IEEE80211_AMPDU_TX_STOP_CONT:
1807 case IEEE80211_AMPDU_TX_STOP_FLUSH:
1808 case IEEE80211_AMPDU_TX_STOP_FLUSH_CONT:
1809 ath9k_htc_tx_aggr_oper(priv, vif, sta, action, tid);
1810 ieee80211_stop_tx_ba_cb_irqsafe(vif, sta->addr, tid);
1811 break;
1812 case IEEE80211_AMPDU_TX_OPERATIONAL:
1813 ista = (struct ath9k_htc_sta *) sta->drv_priv;
1814 spin_lock_bh(&priv->tx.tx_lock);
1815 ista->tid_state[tid] = AGGR_OPERATIONAL;
1816 spin_unlock_bh(&priv->tx.tx_lock);
1817 break;
1818 default:
1819 ath_err(ath9k_hw_common(priv->ah), "Unknown AMPDU action\n");
1820 }
1821
1822 ath9k_htc_ps_restore(priv);
1823 mutex_unlock(&priv->mutex);
1824
1825 return ret;
1826 }
1827
1828 static void ath9k_htc_sw_scan_start(struct ieee80211_hw *hw,
1829 struct ieee80211_vif *vif,
1830 const u8 *mac_addr)
1831 {
1832 struct ath9k_htc_priv *priv = hw->priv;
1833 struct ath_common *common = ath9k_hw_common(priv->ah);
1834
1835 mutex_lock(&priv->mutex);
1836 spin_lock_bh(&priv->beacon_lock);
1837 set_bit(ATH_OP_SCANNING, &common->op_flags);
1838 spin_unlock_bh(&priv->beacon_lock);
1839 cancel_work_sync(&priv->ps_work);
1840 ath9k_htc_stop_ani(priv);
1841 mutex_unlock(&priv->mutex);
1842 }
1843
1844 static void ath9k_htc_sw_scan_complete(struct ieee80211_hw *hw,
1845 struct ieee80211_vif *vif)
1846 {
1847 struct ath9k_htc_priv *priv = hw->priv;
1848 struct ath_common *common = ath9k_hw_common(priv->ah);
1849
1850 mutex_lock(&priv->mutex);
1851 spin_lock_bh(&priv->beacon_lock);
1852 clear_bit(ATH_OP_SCANNING, &common->op_flags);
1853 spin_unlock_bh(&priv->beacon_lock);
1854 ath9k_htc_ps_wakeup(priv);
1855 ath9k_htc_vif_reconfig(priv);
1856 ath9k_htc_ps_restore(priv);
1857 mutex_unlock(&priv->mutex);
1858 }
1859
1860 static int ath9k_htc_set_rts_threshold(struct ieee80211_hw *hw, u32 value)
1861 {
1862 return 0;
1863 }
1864
1865 static void ath9k_htc_set_coverage_class(struct ieee80211_hw *hw,
1866 s16 coverage_class)
1867 {
1868 struct ath9k_htc_priv *priv = hw->priv;
1869
1870 mutex_lock(&priv->mutex);
1871 ath9k_htc_ps_wakeup(priv);
1872 priv->ah->coverage_class = coverage_class;
1873 ath9k_hw_init_global_settings(priv->ah);
1874 ath9k_htc_ps_restore(priv);
1875 mutex_unlock(&priv->mutex);
1876 }
1877
1878 /*
1879 * Currently, this is used only for selecting the minimum rate
1880 * for management frames, rate selection for data frames remain
1881 * unaffected.
1882 */
1883 static int ath9k_htc_set_bitrate_mask(struct ieee80211_hw *hw,
1884 struct ieee80211_vif *vif,
1885 const struct cfg80211_bitrate_mask *mask)
1886 {
1887 struct ath9k_htc_priv *priv = hw->priv;
1888 struct ath_common *common = ath9k_hw_common(priv->ah);
1889 struct ath9k_htc_target_rate_mask tmask;
1890 struct ath9k_htc_vif *avp = (void *)vif->drv_priv;
1891 int ret = 0;
1892 u8 cmd_rsp;
1893
1894 memset(&tmask, 0, sizeof(struct ath9k_htc_target_rate_mask));
1895
1896 tmask.vif_index = avp->index;
1897 tmask.band = IEEE80211_BAND_2GHZ;
1898 tmask.mask = cpu_to_be32(mask->control[IEEE80211_BAND_2GHZ].legacy);
1899
1900 WMI_CMD_BUF(WMI_BITRATE_MASK_CMDID, &tmask);
1901 if (ret) {
1902 ath_err(common,
1903 "Unable to set 2G rate mask for "
1904 "interface at idx: %d\n", avp->index);
1905 goto out;
1906 }
1907
1908 tmask.band = IEEE80211_BAND_5GHZ;
1909 tmask.mask = cpu_to_be32(mask->control[IEEE80211_BAND_5GHZ].legacy);
1910
1911 WMI_CMD_BUF(WMI_BITRATE_MASK_CMDID, &tmask);
1912 if (ret) {
1913 ath_err(common,
1914 "Unable to set 5G rate mask for "
1915 "interface at idx: %d\n", avp->index);
1916 goto out;
1917 }
1918
1919 ath_dbg(common, CONFIG, "Set bitrate masks: 0x%x, 0x%x\n",
1920 mask->control[IEEE80211_BAND_2GHZ].legacy,
1921 mask->control[IEEE80211_BAND_5GHZ].legacy);
1922 out:
1923 return ret;
1924 }
1925
1926
1927 static int ath9k_htc_get_stats(struct ieee80211_hw *hw,
1928 struct ieee80211_low_level_stats *stats)
1929 {
1930 struct ath9k_htc_priv *priv = hw->priv;
1931 struct ath_hw *ah = priv->ah;
1932 struct ath9k_mib_stats *mib_stats = &ah->ah_mibStats;
1933
1934 stats->dot11ACKFailureCount = mib_stats->ackrcv_bad;
1935 stats->dot11RTSFailureCount = mib_stats->rts_bad;
1936 stats->dot11FCSErrorCount = mib_stats->fcs_bad;
1937 stats->dot11RTSSuccessCount = mib_stats->rts_good;
1938
1939 return 0;
1940 }
1941
1942 struct base_eep_header *ath9k_htc_get_eeprom_base(struct ath9k_htc_priv *priv)
1943 {
1944 struct base_eep_header *pBase = NULL;
1945 /*
1946 * This can be done since all the 3 EEPROM families have the
1947 * same base header upto a certain point, and we are interested in
1948 * the data only upto that point.
1949 */
1950
1951 if (AR_SREV_9271(priv->ah))
1952 pBase = (struct base_eep_header *)
1953 &priv->ah->eeprom.map4k.baseEepHeader;
1954 else if (priv->ah->hw_version.usbdev == AR9280_USB)
1955 pBase = (struct base_eep_header *)
1956 &priv->ah->eeprom.def.baseEepHeader;
1957 else if (priv->ah->hw_version.usbdev == AR9287_USB)
1958 pBase = (struct base_eep_header *)
1959 &priv->ah->eeprom.map9287.baseEepHeader;
1960 return pBase;
1961 }
1962
1963
1964 static int ath9k_htc_get_antenna(struct ieee80211_hw *hw, u32 *tx_ant,
1965 u32 *rx_ant)
1966 {
1967 struct ath9k_htc_priv *priv = hw->priv;
1968 struct base_eep_header *pBase = ath9k_htc_get_eeprom_base(priv);
1969 if (pBase) {
1970 *tx_ant = pBase->txMask;
1971 *rx_ant = pBase->rxMask;
1972 } else {
1973 *tx_ant = 0;
1974 *rx_ant = 0;
1975 }
1976 return 0;
1977 }
1978
1979 static void ath9k_htc_channel_switch_beacon(struct ieee80211_hw *hw,
1980 struct ieee80211_vif *vif,
1981 struct cfg80211_chan_def *chandef)
1982 {
1983 struct ath9k_htc_priv *priv = hw->priv;
1984
1985 /* mac80211 does not support CSA in multi-if cases (yet) */
1986 if (WARN_ON(priv->csa_vif))
1987 return;
1988
1989 priv->csa_vif = vif;
1990 }
1991
1992 struct ieee80211_ops ath9k_htc_ops = {
1993 .tx = ath9k_htc_tx,
1994 .start = ath9k_htc_start,
1995 .stop = ath9k_htc_stop,
1996 .add_interface = ath9k_htc_add_interface,
1997 .remove_interface = ath9k_htc_remove_interface,
1998 .config = ath9k_htc_config,
1999 .configure_filter = ath9k_htc_configure_filter,
2000 .sta_add = ath9k_htc_sta_add,
2001 .sta_remove = ath9k_htc_sta_remove,
2002 .conf_tx = ath9k_htc_conf_tx,
2003 .sta_rc_update = ath9k_htc_sta_rc_update,
2004 .bss_info_changed = ath9k_htc_bss_info_changed,
2005 .set_key = ath9k_htc_set_key,
2006 .get_tsf = ath9k_htc_get_tsf,
2007 .set_tsf = ath9k_htc_set_tsf,
2008 .reset_tsf = ath9k_htc_reset_tsf,
2009 .ampdu_action = ath9k_htc_ampdu_action,
2010 .sw_scan_start = ath9k_htc_sw_scan_start,
2011 .sw_scan_complete = ath9k_htc_sw_scan_complete,
2012 .set_rts_threshold = ath9k_htc_set_rts_threshold,
2013 .rfkill_poll = ath9k_htc_rfkill_poll_state,
2014 .set_coverage_class = ath9k_htc_set_coverage_class,
2015 .set_bitrate_mask = ath9k_htc_set_bitrate_mask,
2016 .get_stats = ath9k_htc_get_stats,
2017 .get_antenna = ath9k_htc_get_antenna,
2018 .channel_switch_beacon = ath9k_htc_channel_switch_beacon,
2019
2020 #ifdef CONFIG_ATH9K_HTC_DEBUGFS
2021 .get_et_sset_count = ath9k_htc_get_et_sset_count,
2022 .get_et_stats = ath9k_htc_get_et_stats,
2023 .get_et_strings = ath9k_htc_get_et_strings,
2024 #endif
2025 };
2026
2027 #line 125 "/work/ldvuser/andrianov/work/current--X--drivers/net/wireless/ath/ath9k/--X--defaultlinux-4.5-rc7--X--races--X--cpachecker/linux-4.5-rc7/csd_deg_dscv/74/dscv_tempdir/dscv/ri/races/drivers/net/wireless/ath/ath9k/htc_drv_main.o.c.prepared"
2028
2029 int ldv_retval_4;
2030
2031
2032 int evil_hack_12(void){
2033 rtnl_lock();
2034 return 1;
2035 }
2036
2037
2038 int evil_hack_key_12(void){
2039 mutex_lock(&key_mtx);
2040 return 1;
2041 }
2042
2043
2044 void ldv_initialyze_ieee80211_ops_12(void){
2045 ath9k_htc_ops_group0 = ldv_undef_ptr();
2046 }
2047
2048 void ldv_main_exported_12(void){
2049 struct ieee80211_vif *ldvarg75;
2050 struct ieee80211_tx_control *ldvarg52;
2051 int ldvarg74;
2052 struct ieee80211_vif *ldvarg22;
2053 struct ieee80211_vif *ldvarg25;
2054 struct ieee80211_bss_conf *ldvarg61;
2055 struct ieee80211_vif *ldvarg54;
2056 struct ieee80211_sta *ldvarg21;
2057 u32 ldvarg30;
2058 struct ieee80211_vif *ldvarg68;
2059 struct cfg80211_bitrate_mask const *ldvarg70;
2060 struct ieee80211_vif *ldvarg73;
2061 u32 ldvarg26;
2062 u8 const *ldvarg27;
2063 u32 ldvarg63;
2064 u16 ldvarg45;
2065 enum ieee80211_ampdu_mlme_action ldvarg40;
2066 u64 *ldvarg36;
2067 struct ieee80211_vif *ldvarg55;
2068 struct ieee80211_sta *ldvarg66;
2069 struct ieee80211_vif *ldvarg57;
2070 enum set_key_cmd ldvarg65;
2071 struct ieee80211_vif *ldvarg62;
2072 u64 ldvarg49;
2073 u32 *ldvarg59;
2074 u8 ldvarg41;
2075 u32 *ldvarg60;
2076 struct ieee80211_vif *ldvarg31;
2077 struct ieee80211_vif *ldvarg20;
2078 u16 *ldvarg39;
2079 struct ieee80211_vif *ldvarg47;
2080 unsigned int *ldvarg34;
2081 struct ieee80211_vif *ldvarg28;
2082 u32 ldvarg48;
2083 u64 ldvarg33;
2084 s16 ldvarg69;
2085 struct ieee80211_vif *ldvarg38;
2086 unsigned int ldvarg35;
2087 struct ieee80211_vif *ldvarg24;
2088 struct ieee80211_sta *ldvarg44;
2089 u8 *ldvarg29;
2090 struct ieee80211_vif *ldvarg64;
2091 struct ieee80211_sta *ldvarg53;
2092 struct ethtool_stats *ldvarg37;
2093 struct ieee80211_tx_queue_params const *ldvarg58;
2094 struct ieee80211_sta *ldvarg46;
2095 struct ieee80211_vif *ldvarg50;
2096 u16 ldvarg56;
2097 u32 ldvarg72;
2098 struct ieee80211_vif *ldvarg71;
2099 struct ieee80211_vif *ldvarg42;
2100 bool ldvarg43;
2101 struct cfg80211_chan_def *ldvarg23;
2102 struct ieee80211_key_conf *ldvarg67;
2103 struct ieee80211_low_level_stats *ldvarg32;
2104 struct sk_buff *ldvarg51;
2105 /*DEG-struct: handlers from structure ath9k_htc_ops*/
2106 switch(__VERIFIER_nondet_int()){
2107 case 0:{
2108 /*DEG-state: state 1 (look at corresponding state-chart diagram for details)*/
2109 if(ldv_state_variable_12 == 1){
2110 /*DEG-CALL: handler get_et_sset_count from ath9k_htc_ops*/
2111 (& ath9k_htc_get_et_sset_count)(ath9k_htc_ops_group0,ldvarg75,ldvarg74);
2112 /*DEG-postcall: default*/
2113 ldv_state_variable_12 = 1;
2114 }
2115 /*DEG-state: state 2 (look at corresponding state-chart diagram for details)*/
2116 if(ldv_state_variable_12 == 2){
2117 /*DEG-CALL: handler get_et_sset_count from ath9k_htc_ops*/
2118 (& ath9k_htc_get_et_sset_count)(ath9k_htc_ops_group0,ldvarg75,ldvarg74);
2119 /*DEG-postcall: default*/
2120 ldv_state_variable_12 = 2;
2121 }
2122 }
2123 break;
2124 case 1:{
2125 /*DEG-state: state 1 (look at corresponding state-chart diagram for details)*/
2126 if(ldv_state_variable_12 == 1){
2127 /*DEG-CALL: handler reset_tsf from ath9k_htc_ops*/
2128 (& ath9k_htc_reset_tsf)(ath9k_htc_ops_group0,ldvarg73);
2129 /*DEG-postcall: default*/
2130 ldv_state_variable_12 = 1;
2131 }
2132 /*DEG-state: state 2 (look at corresponding state-chart diagram for details)*/
2133 if(ldv_state_variable_12 == 2){
2134 /*DEG-CALL: handler reset_tsf from ath9k_htc_ops*/
2135 (& ath9k_htc_reset_tsf)(ath9k_htc_ops_group0,ldvarg73);
2136 /*DEG-postcall: default*/
2137 ldv_state_variable_12 = 2;
2138 }
2139 }
2140 break;
2141 case 2:{
2142 /*DEG-state: state 1 (look at corresponding state-chart diagram for details)*/
2143 if(ldv_state_variable_12 == 1 && evil_hack_12()){
2144 /*DEG-CALL: handler start from ath9k_htc_ops*/
2145 ldv_retval_4=(& ath9k_htc_start)(ath9k_htc_ops_group0);
2146 /*DEG-postcall: Invoke callback with role ieee80211_ops.start*/
2147 if(ldv_retval_4==0){
2148 ldv_state_variable_12 = 2;
2149 ref_cnt++;
2150 }
2151 }
2152 }
2153 break;
2154 case 3:{
2155 /*DEG-state: state 1 (look at corresponding state-chart diagram for details)*/
2156 if(ldv_state_variable_12 == 1){
2157 /*DEG-CALL: handler config from ath9k_htc_ops*/
2158 (& ath9k_htc_config)(ath9k_htc_ops_group0,ldvarg72);
2159 /*DEG-postcall: default*/
2160 ldv_state_variable_12 = 1;
2161 }
2162 /*DEG-state: state 2 (look at corresponding state-chart diagram for details)*/
2163 if(ldv_state_variable_12 == 2){
2164 /*DEG-CALL: handler config from ath9k_htc_ops*/
2165 (& ath9k_htc_config)(ath9k_htc_ops_group0,ldvarg72);
2166 /*DEG-postcall: default*/
2167 ldv_state_variable_12 = 2;
2168 }
2169 }
2170 break;
2171 case 4:{
2172 /*DEG-state: state 1 (look at corresponding state-chart diagram for details)*/
2173 if(ldv_state_variable_12 == 1){
2174 /*DEG-CALL: handler set_bitrate_mask from ath9k_htc_ops*/
2175 (& ath9k_htc_set_bitrate_mask)(ath9k_htc_ops_group0,ldvarg71,ldvarg70);
2176 /*DEG-postcall: default*/
2177 ldv_state_variable_12 = 1;
2178 }
2179 /*DEG-state: state 2 (look at corresponding state-chart diagram for details)*/
2180 if(ldv_state_variable_12 == 2){
2181 /*DEG-CALL: handler set_bitrate_mask from ath9k_htc_ops*/
2182 (& ath9k_htc_set_bitrate_mask)(ath9k_htc_ops_group0,ldvarg71,ldvarg70);
2183 /*DEG-postcall: default*/
2184 ldv_state_variable_12 = 2;
2185 }
2186 }
2187 break;
2188 case 5:{
2189 /*DEG-state: state 1 (look at corresponding state-chart diagram for details)*/
2190 if(ldv_state_variable_12 == 1){
2191 /*DEG-CALL: handler set_coverage_class from ath9k_htc_ops*/
2192 (& ath9k_htc_set_coverage_class)(ath9k_htc_ops_group0,ldvarg69);
2193 /*DEG-postcall: default*/
2194 ldv_state_variable_12 = 1;
2195 }
2196 /*DEG-state: state 2 (look at corresponding state-chart diagram for details)*/
2197 if(ldv_state_variable_12 == 2){
2198 /*DEG-CALL: handler set_coverage_class from ath9k_htc_ops*/
2199 (& ath9k_htc_set_coverage_class)(ath9k_htc_ops_group0,ldvarg69);
2200 /*DEG-postcall: default*/
2201 ldv_state_variable_12 = 2;
2202 }
2203 }
2204 break;
2205 case 6:{
2206 /*DEG-state: state 1 (look at corresponding state-chart diagram for details)*/
2207 if(ldv_state_variable_12 == 1){
2208 /*DEG-CALL: handler get_tsf from ath9k_htc_ops*/
2209 (& ath9k_htc_get_tsf)(ath9k_htc_ops_group0,ldvarg68);
2210 /*DEG-postcall: default*/
2211 ldv_state_variable_12 = 1;
2212 }
2213 /*DEG-state: state 2 (look at corresponding state-chart diagram for details)*/
2214 if(ldv_state_variable_12 == 2){
2215 /*DEG-CALL: handler get_tsf from ath9k_htc_ops*/
2216 (& ath9k_htc_get_tsf)(ath9k_htc_ops_group0,ldvarg68);
2217 /*DEG-postcall: default*/
2218 ldv_state_variable_12 = 2;
2219 }
2220 }
2221 break;
2222 case 7:{
2223 /*DEG-state: state 2 (look at corresponding state-chart diagram for details)*/
2224 if(ldv_state_variable_12 == 2 && evil_hack_key_12()){
2225 /*DEG-CALL: handler set_key from ath9k_htc_ops*/
2226 (& ath9k_htc_set_key)(ath9k_htc_ops_group0,ldvarg65,ldvarg64,ldvarg66,ldvarg67);
2227 ldv_state_variable_12 = 2;
2228 mutex_unlock(&key_mtx);
2229 }
2230 }
2231 break;
2232 case 8:{
2233 /*DEG-state: state 1 (look at corresponding state-chart diagram for details)*/
2234 if(ldv_state_variable_12 == 1){
2235 /*DEG-CALL: handler bss_info_changed from ath9k_htc_ops*/
2236 (& ath9k_htc_bss_info_changed)(ath9k_htc_ops_group0,ldvarg62,ldvarg61,ldvarg63);
2237 /*DEG-postcall: default*/
2238 ldv_state_variable_12 = 1;
2239 }
2240 /*DEG-state: state 2 (look at corresponding state-chart diagram for details)*/
2241 if(ldv_state_variable_12 == 2){
2242 /*DEG-CALL: handler bss_info_changed from ath9k_htc_ops*/
2243 (& ath9k_htc_bss_info_changed)(ath9k_htc_ops_group0,ldvarg62,ldvarg61,ldvarg63);
2244 /*DEG-postcall: default*/
2245 ldv_state_variable_12 = 2;
2246 }
2247 }
2248 break;
2249 case 9:{
2250 /*DEG-state: state 1 (look at corresponding state-chart diagram for details)*/
2251 if(ldv_state_variable_12 == 1){
2252 /*DEG-CALL: handler get_antenna from ath9k_htc_ops*/
2253 (& ath9k_htc_get_antenna)(ath9k_htc_ops_group0,ldvarg60,ldvarg59);
2254 /*DEG-postcall: default*/
2255 ldv_state_variable_12 = 1;
2256 }
2257 /*DEG-state: state 2 (look at corresponding state-chart diagram for details)*/
2258 if(ldv_state_variable_12 == 2){
2259 /*DEG-CALL: handler get_antenna from ath9k_htc_ops*/
2260 (& ath9k_htc_get_antenna)(ath9k_htc_ops_group0,ldvarg60,ldvarg59);
2261 /*DEG-postcall: default*/
2262 ldv_state_variable_12 = 2;
2263 }
2264 }
2265 break;
2266 case 10:{
2267 /*DEG-state: state 1 (look at corresponding state-chart diagram for details)*/
2268 if(ldv_state_variable_12 == 1){
2269 /*DEG-CALL: handler conf_tx from ath9k_htc_ops*/
2270 (& ath9k_htc_conf_tx)(ath9k_htc_ops_group0,ldvarg57,ldvarg56,ldvarg58);
2271 /*DEG-postcall: default*/
2272 ldv_state_variable_12 = 1;
2273 }
2274 /*DEG-state: state 2 (look at corresponding state-chart diagram for details)*/
2275 if(ldv_state_variable_12 == 2){
2276 /*DEG-CALL: handler conf_tx from ath9k_htc_ops*/
2277 (& ath9k_htc_conf_tx)(ath9k_htc_ops_group0,ldvarg57,ldvarg56,ldvarg58);
2278 /*DEG-postcall: default*/
2279 ldv_state_variable_12 = 2;
2280 }
2281 }
2282 break;
2283 case 11:{
2284 /*DEG-state: state 1 (look at corresponding state-chart diagram for details)*/
2285 if(ldv_state_variable_12 == 1){
2286 /*DEG-CALL: handler sw_scan_complete from ath9k_htc_ops*/
2287 (& ath9k_htc_sw_scan_complete)(ath9k_htc_ops_group0,ldvarg55);
2288 /*DEG-postcall: default*/
2289 ldv_state_variable_12 = 1;
2290 }
2291 /*DEG-state: state 2 (look at corresponding state-chart diagram for details)*/
2292 if(ldv_state_variable_12 == 2){
2293 /*DEG-CALL: handler sw_scan_complete from ath9k_htc_ops*/
2294 (& ath9k_htc_sw_scan_complete)(ath9k_htc_ops_group0,ldvarg55);
2295 /*DEG-postcall: default*/
2296 ldv_state_variable_12 = 2;
2297 }
2298 }
2299 break;
2300 case 12:{
2301 /*DEG-state: state 2 (look at corresponding state-chart diagram for details)*/
2302 if(ldv_state_variable_12 == 2 && evil_hack_12()){
2303 /*DEG-CALL: handler stop from ath9k_htc_ops*/
2304 (& ath9k_htc_stop)(ath9k_htc_ops_group0);
2305 /*DEG-postcall: Invoke callback with role ieee80211_ops.stop*/
2306 ldv_state_variable_12 = 1;
2307 ref_cnt--;
2308 rtnl_unlock();
2309 }
2310 }
2311 break;
2312 case 13:{
2313 /*DEG-state: state 1 (look at corresponding state-chart diagram for details)*/
2314 if(ldv_state_variable_12 == 1){
2315 /*DEG-CALL: handler sta_add from ath9k_htc_ops*/
2316 (& ath9k_htc_sta_add)(ath9k_htc_ops_group0,ldvarg54,ldvarg53);
2317 /*DEG-postcall: default*/
2318 ldv_state_variable_12 = 1;
2319 }
2320 /*DEG-state: state 2 (look at corresponding state-chart diagram for details)*/
2321 if(ldv_state_variable_12 == 2){
2322 /*DEG-CALL: handler sta_add from ath9k_htc_ops*/
2323 (& ath9k_htc_sta_add)(ath9k_htc_ops_group0,ldvarg54,ldvarg53);
2324 /*DEG-postcall: default*/
2325 ldv_state_variable_12 = 2;
2326 }
2327 }
2328 break;
2329 case 14:{
2330 /*DEG-state: state 1 (look at corresponding state-chart diagram for details)*/
2331 if(ldv_state_variable_12 == 1){
2332 /*DEG-CALL: handler tx from ath9k_htc_ops*/
2333 (& ath9k_htc_tx)(ath9k_htc_ops_group0,ldvarg52,ldvarg51);
2334 /*DEG-postcall: default*/
2335 ldv_state_variable_12 = 1;
2336 }
2337 /*DEG-state: state 2 (look at corresponding state-chart diagram for details)*/
2338 if(ldv_state_variable_12 == 2){
2339 /*DEG-CALL: handler tx from ath9k_htc_ops*/
2340 (& ath9k_htc_tx)(ath9k_htc_ops_group0,ldvarg52,ldvarg51);
2341 /*DEG-postcall: default*/
2342 ldv_state_variable_12 = 2;
2343 }
2344 }
2345 break;
2346 case 15:{
2347 /*DEG-state: state 1 (look at corresponding state-chart diagram for details)*/
2348 if(ldv_state_variable_12 == 1){
2349 /*DEG-CALL: handler set_tsf from ath9k_htc_ops*/
2350 (& ath9k_htc_set_tsf)(ath9k_htc_ops_group0,ldvarg50,ldvarg49);
2351 /*DEG-postcall: default*/
2352 ldv_state_variable_12 = 1;
2353 }
2354 /*DEG-state: state 2 (look at corresponding state-chart diagram for details)*/
2355 if(ldv_state_variable_12 == 2){
2356 /*DEG-CALL: handler set_tsf from ath9k_htc_ops*/
2357 (& ath9k_htc_set_tsf)(ath9k_htc_ops_group0,ldvarg50,ldvarg49);
2358 /*DEG-postcall: default*/
2359 ldv_state_variable_12 = 2;
2360 }
2361 }
2362 break;
2363 case 16:{
2364 /*DEG-state: state 1 (look at corresponding state-chart diagram for details)*/
2365 if(ldv_state_variable_12 == 1){
2366 /*DEG-CALL: handler sta_rc_update from ath9k_htc_ops*/
2367 (& ath9k_htc_sta_rc_update)(ath9k_htc_ops_group0,ldvarg47,ldvarg46,ldvarg48);
2368 /*DEG-postcall: default*/
2369 ldv_state_variable_12 = 1;
2370 }
2371 /*DEG-state: state 2 (look at corresponding state-chart diagram for details)*/
2372 if(ldv_state_variable_12 == 2){
2373 /*DEG-CALL: handler sta_rc_update from ath9k_htc_ops*/
2374 (& ath9k_htc_sta_rc_update)(ath9k_htc_ops_group0,ldvarg47,ldvarg46,ldvarg48);
2375 /*DEG-postcall: default*/
2376 ldv_state_variable_12 = 2;
2377 }
2378 }
2379 break;
2380 case 17:{
2381 /*DEG-state: state 1 (look at corresponding state-chart diagram for details)*/
2382 if(ldv_state_variable_12 == 1){
2383 /*DEG-CALL: handler ampdu_action from ath9k_htc_ops*/
2384 (& ath9k_htc_ampdu_action)(ath9k_htc_ops_group0,ldvarg42,ldvarg40,ldvarg44,ldvarg45,ldvarg39,ldvarg41,ldvarg43);
2385 /*DEG-postcall: default*/
2386 ldv_state_variable_12 = 1;
2387 }
2388 /*DEG-state: state 2 (look at corresponding state-chart diagram for details)*/
2389 if(ldv_state_variable_12 == 2){
2390 /*DEG-CALL: handler ampdu_action from ath9k_htc_ops*/
2391 (& ath9k_htc_ampdu_action)(ath9k_htc_ops_group0,ldvarg42,ldvarg40,ldvarg44,ldvarg45,ldvarg39,ldvarg41,ldvarg43);
2392 /*DEG-postcall: default*/
2393 ldv_state_variable_12 = 2;
2394 }
2395 }
2396 break;
2397 case 18:{
2398 /*DEG-state: state 1 (look at corresponding state-chart diagram for details)*/
2399 if(ldv_state_variable_12 == 1){
2400 /*DEG-CALL: handler get_et_stats from ath9k_htc_ops*/
2401 (& ath9k_htc_get_et_stats)(ath9k_htc_ops_group0,ldvarg38,ldvarg37,ldvarg36);
2402 /*DEG-postcall: default*/
2403 ldv_state_variable_12 = 1;
2404 }
2405 /*DEG-state: state 2 (look at corresponding state-chart diagram for details)*/
2406 if(ldv_state_variable_12 == 2){
2407 /*DEG-CALL: handler get_et_stats from ath9k_htc_ops*/
2408 (& ath9k_htc_get_et_stats)(ath9k_htc_ops_group0,ldvarg38,ldvarg37,ldvarg36);
2409 /*DEG-postcall: default*/
2410 ldv_state_variable_12 = 2;
2411 }
2412 }
2413 break;
2414 case 19:{
2415 /*DEG-state: state 2 (look at corresponding state-chart diagram for details)*/
2416 if(ldv_state_variable_12 == 2 && evil_hack_12()){
2417 /*DEG-CALL: handler configure_filter from ath9k_htc_ops*/
2418 (& ath9k_htc_configure_filter)(ath9k_htc_ops_group0,ldvarg35,ldvarg34,ldvarg33);
2419 ldv_state_variable_12 = 2;
2420 rtnl_unlock();
2421 }
2422 }
2423 break;
2424 case 20:{
2425 /*DEG-state: state 1 (look at corresponding state-chart diagram for details)*/
2426 if(ldv_state_variable_12 == 1){
2427 /*DEG-CALL: handler get_stats from ath9k_htc_ops*/
2428 (& ath9k_htc_get_stats)(ath9k_htc_ops_group0,ldvarg32);
2429 /*DEG-postcall: default*/
2430 ldv_state_variable_12 = 1;
2431 }
2432 /*DEG-state: state 2 (look at corresponding state-chart diagram for details)*/
2433 if(ldv_state_variable_12 == 2){
2434 /*DEG-CALL: handler get_stats from ath9k_htc_ops*/
2435 (& ath9k_htc_get_stats)(ath9k_htc_ops_group0,ldvarg32);
2436 /*DEG-postcall: default*/
2437 ldv_state_variable_12 = 2;
2438 }
2439 }
2440 break;
2441 case 21:{
2442 /*DEG-state: state 1 (look at corresponding state-chart diagram for details)*/
2443 if(ldv_state_variable_12 == 1){
2444 /*DEG-CALL: handler rfkill_poll from ath9k_htc_ops*/
2445 (& ath9k_htc_rfkill_poll_state)(ath9k_htc_ops_group0);
2446 /*DEG-postcall: default*/
2447 ldv_state_variable_12 = 1;
2448 }
2449 /*DEG-state: state 2 (look at corresponding state-chart diagram for details)*/
2450 if(ldv_state_variable_12 == 2){
2451 /*DEG-CALL: handler rfkill_poll from ath9k_htc_ops*/
2452 (& ath9k_htc_rfkill_poll_state)(ath9k_htc_ops_group0);
2453 /*DEG-postcall: default*/
2454 ldv_state_variable_12 = 2;
2455 }
2456 }
2457 break;
2458 case 22:{
2459 /*DEG-state: state 1 (look at corresponding state-chart diagram for details)*/
2460 if(ldv_state_variable_12 == 1){
2461 /*DEG-CALL: handler get_et_strings from ath9k_htc_ops*/
2462 (& ath9k_htc_get_et_strings)(ath9k_htc_ops_group0,ldvarg31,ldvarg30,ldvarg29);
2463 /*DEG-postcall: default*/
2464 ldv_state_variable_12 = 1;
2465 }
2466 /*DEG-state: state 2 (look at corresponding state-chart diagram for details)*/
2467 if(ldv_state_variable_12 == 2){
2468 /*DEG-CALL: handler get_et_strings from ath9k_htc_ops*/
2469 (& ath9k_htc_get_et_strings)(ath9k_htc_ops_group0,ldvarg31,ldvarg30,ldvarg29);
2470 /*DEG-postcall: default*/
2471 ldv_state_variable_12 = 2;
2472 }
2473 }
2474 break;
2475 case 23:{
2476 /*DEG-state: state 1 (look at corresponding state-chart diagram for details)*/
2477 if(ldv_state_variable_12 == 1){
2478 /*DEG-CALL: handler sw_scan_start from ath9k_htc_ops*/
2479 (& ath9k_htc_sw_scan_start)(ath9k_htc_ops_group0,ldvarg28,ldvarg27);
2480 /*DEG-postcall: default*/
2481 ldv_state_variable_12 = 1;
2482 }
2483 /*DEG-state: state 2 (look at corresponding state-chart diagram for details)*/
2484 if(ldv_state_variable_12 == 2){
2485 /*DEG-CALL: handler sw_scan_start from ath9k_htc_ops*/
2486 (& ath9k_htc_sw_scan_start)(ath9k_htc_ops_group0,ldvarg28,ldvarg27);
2487 /*DEG-postcall: default*/
2488 ldv_state_variable_12 = 2;
2489 }
2490 }
2491 break;
2492 case 24:{
2493 /*DEG-state: state 1 (look at corresponding state-chart diagram for details)*/
2494 if(ldv_state_variable_12 == 1){
2495 /*DEG-CALL: handler set_rts_threshold from ath9k_htc_ops*/
2496 (& ath9k_htc_set_rts_threshold)(ath9k_htc_ops_group0,ldvarg26);
2497 /*DEG-postcall: default*/
2498 ldv_state_variable_12 = 1;
2499 }
2500 /*DEG-state: state 2 (look at corresponding state-chart diagram for details)*/
2501 if(ldv_state_variable_12 == 2){
2502 /*DEG-CALL: handler set_rts_threshold from ath9k_htc_ops*/
2503 (& ath9k_htc_set_rts_threshold)(ath9k_htc_ops_group0,ldvarg26);
2504 /*DEG-postcall: default*/
2505 ldv_state_variable_12 = 2;
2506 }
2507 }
2508 break;
2509 case 25:{
2510 /*DEG-state: state 2 (look at corresponding state-chart diagram for details)*/
2511 if(ldv_state_variable_12 == 2 && evil_hack_12()){
2512 /*DEG-CALL: handler add_interface from ath9k_htc_ops*/
2513 (& ath9k_htc_add_interface)(ath9k_htc_ops_group0,ldvarg25);
2514 ldv_state_variable_12 = 2;
2515 rtnl_unlock();
2516 }
2517 }
2518 break;
2519 case 26:{
2520 /*DEG-state: state 1 (look at corresponding state-chart diagram for details)*/
2521 if(ldv_state_variable_12 == 1){
2522 /*DEG-CALL: handler channel_switch_beacon from ath9k_htc_ops*/
2523 (& ath9k_htc_channel_switch_beacon)(ath9k_htc_ops_group0,ldvarg24,ldvarg23);
2524 /*DEG-postcall: default*/
2525 ldv_state_variable_12 = 1;
2526 }
2527 /*DEG-state: state 2 (look at corresponding state-chart diagram for details)*/
2528 if(ldv_state_variable_12 == 2){
2529 /*DEG-CALL: handler channel_switch_beacon from ath9k_htc_ops*/
2530 (& ath9k_htc_channel_switch_beacon)(ath9k_htc_ops_group0,ldvarg24,ldvarg23);
2531 /*DEG-postcall: default*/
2532 ldv_state_variable_12 = 2;
2533 }
2534 }
2535 break;
2536 case 27:{
2537 /*DEG-state: state 1 (look at corresponding state-chart diagram for details)*/
2538 if(ldv_state_variable_12 == 1){
2539 /*DEG-CALL: handler sta_remove from ath9k_htc_ops*/
2540 (& ath9k_htc_sta_remove)(ath9k_htc_ops_group0,ldvarg22,ldvarg21);
2541 /*DEG-postcall: default*/
2542 ldv_state_variable_12 = 1;
2543 }
2544 /*DEG-state: state 2 (look at corresponding state-chart diagram for details)*/
2545 if(ldv_state_variable_12 == 2){
2546 /*DEG-CALL: handler sta_remove from ath9k_htc_ops*/
2547 (& ath9k_htc_sta_remove)(ath9k_htc_ops_group0,ldvarg22,ldvarg21);
2548 /*DEG-postcall: default*/
2549 ldv_state_variable_12 = 2;
2550 }
2551 }
2552 break;
2553 case 28:{
2554 /*DEG-state: state 2 (look at corresponding state-chart diagram for details)*/
2555 if(ldv_state_variable_12 == 2 && evil_hack_12()){
2556 /*DEG-CALL: handler remove_interface from ath9k_htc_ops*/
2557 (& ath9k_htc_remove_interface)(ath9k_htc_ops_group0,ldvarg20);
2558 ldv_state_variable_12 = 2;
2559 rtnl_unlock();
2560 }
2561 }
2562 break;
2563 default: ldv_assume(0);
2564 }
2565
2566 }; 1 /*
2 * Copyright (c) 2010-2011 Atheros Communications Inc.
3 *
4 * Permission to use, copy, modify, and/or distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice appear in all copies.
7 *
8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15 */
16
17 #include "htc.h"
18
19 /******/
20 /* TX */
21 /******/
22
23 static const int subtype_txq_to_hwq[] = {
24 [IEEE80211_AC_BE] = ATH_TXQ_AC_BE,
25 [IEEE80211_AC_BK] = ATH_TXQ_AC_BK,
26 [IEEE80211_AC_VI] = ATH_TXQ_AC_VI,
27 [IEEE80211_AC_VO] = ATH_TXQ_AC_VO,
28 };
29
30 #define ATH9K_HTC_INIT_TXQ(subtype) do { \
31 qi.tqi_subtype = subtype_txq_to_hwq[subtype]; \
32 qi.tqi_aifs = ATH9K_TXQ_USEDEFAULT; \
33 qi.tqi_cwmin = ATH9K_TXQ_USEDEFAULT; \
34 qi.tqi_cwmax = ATH9K_TXQ_USEDEFAULT; \
35 qi.tqi_physCompBuf = 0; \
36 qi.tqi_qflags = TXQ_FLAG_TXEOLINT_ENABLE | \
37 TXQ_FLAG_TXDESCINT_ENABLE; \
38 } while (0)
39
40 int get_hw_qnum(u16 queue, int *hwq_map)
41 {
42 switch (queue) {
43 case 0:
44 return hwq_map[IEEE80211_AC_VO];
45 case 1:
46 return hwq_map[IEEE80211_AC_VI];
47 case 2:
48 return hwq_map[IEEE80211_AC_BE];
49 case 3:
50 return hwq_map[IEEE80211_AC_BK];
51 default:
52 return hwq_map[IEEE80211_AC_BE];
53 }
54 }
55
56 void ath9k_htc_check_stop_queues(struct ath9k_htc_priv *priv)
57 {
58 spin_lock_bh(&priv->tx.tx_lock);
59 priv->tx.queued_cnt++;
60 if ((priv->tx.queued_cnt >= ATH9K_HTC_TX_THRESHOLD) &&
61 !(priv->tx.flags & ATH9K_HTC_OP_TX_QUEUES_STOP)) {
62 priv->tx.flags |= ATH9K_HTC_OP_TX_QUEUES_STOP;
63 ieee80211_stop_queues(priv->hw);
64 }
65 spin_unlock_bh(&priv->tx.tx_lock);
66 }
67
68 void ath9k_htc_check_wake_queues(struct ath9k_htc_priv *priv)
69 {
70 spin_lock_bh(&priv->tx.tx_lock);
71 if ((priv->tx.queued_cnt < ATH9K_HTC_TX_THRESHOLD) &&
72 (priv->tx.flags & ATH9K_HTC_OP_TX_QUEUES_STOP)) {
73 priv->tx.flags &= ~ATH9K_HTC_OP_TX_QUEUES_STOP;
74 ieee80211_wake_queues(priv->hw);
75 }
76 spin_unlock_bh(&priv->tx.tx_lock);
77 }
78
79 int ath9k_htc_tx_get_slot(struct ath9k_htc_priv *priv)
80 {
81 int slot;
82
83 spin_lock_bh(&priv->tx.tx_lock);
84 slot = find_first_zero_bit(priv->tx.tx_slot, MAX_TX_BUF_NUM);
85 if (slot >= MAX_TX_BUF_NUM) {
86 spin_unlock_bh(&priv->tx.tx_lock);
87 return -ENOBUFS;
88 }
89 __set_bit(slot, priv->tx.tx_slot);
90 spin_unlock_bh(&priv->tx.tx_lock);
91
92 return slot;
93 }
94
95 void ath9k_htc_tx_clear_slot(struct ath9k_htc_priv *priv, int slot)
96 {
97 spin_lock_bh(&priv->tx.tx_lock);
98 __clear_bit(slot, priv->tx.tx_slot);
99 spin_unlock_bh(&priv->tx.tx_lock);
100 }
101
102 static inline enum htc_endpoint_id get_htc_epid(struct ath9k_htc_priv *priv,
103 u16 qnum)
104 {
105 enum htc_endpoint_id epid;
106
107 switch (qnum) {
108 case 0:
109 TX_QSTAT_INC(IEEE80211_AC_VO);
110 epid = priv->data_vo_ep;
111 break;
112 case 1:
113 TX_QSTAT_INC(IEEE80211_AC_VI);
114 epid = priv->data_vi_ep;
115 break;
116 case 2:
117 TX_QSTAT_INC(IEEE80211_AC_BE);
118 epid = priv->data_be_ep;
119 break;
120 case 3:
121 default:
122 TX_QSTAT_INC(IEEE80211_AC_BK);
123 epid = priv->data_bk_ep;
124 break;
125 }
126
127 return epid;
128 }
129
130 static inline struct sk_buff_head*
131 get_htc_epid_queue(struct ath9k_htc_priv *priv, u8 epid)
132 {
133 struct ath_common *common = ath9k_hw_common(priv->ah);
134 struct sk_buff_head *epid_queue = NULL;
135
136 if (epid == priv->mgmt_ep)
137 epid_queue = &priv->tx.mgmt_ep_queue;
138 else if (epid == priv->cab_ep)
139 epid_queue = &priv->tx.cab_ep_queue;
140 else if (epid == priv->data_be_ep)
141 epid_queue = &priv->tx.data_be_queue;
142 else if (epid == priv->data_bk_ep)
143 epid_queue = &priv->tx.data_bk_queue;
144 else if (epid == priv->data_vi_ep)
145 epid_queue = &priv->tx.data_vi_queue;
146 else if (epid == priv->data_vo_ep)
147 epid_queue = &priv->tx.data_vo_queue;
148 else
149 ath_err(common, "Invalid EPID: %d\n", epid);
150
151 return epid_queue;
152 }
153
154 /*
155 * Removes the driver header and returns the TX slot number
156 */
157 static inline int strip_drv_header(struct ath9k_htc_priv *priv,
158 struct sk_buff *skb)
159 {
160 struct ath_common *common = ath9k_hw_common(priv->ah);
161 struct ath9k_htc_tx_ctl *tx_ctl;
162 int slot;
163
164 tx_ctl = HTC_SKB_CB(skb);
165
166 if (tx_ctl->epid == priv->mgmt_ep) {
167 struct tx_mgmt_hdr *tx_mhdr =
168 (struct tx_mgmt_hdr *)skb->data;
169 slot = tx_mhdr->cookie;
170 skb_pull(skb, sizeof(struct tx_mgmt_hdr));
171 } else if ((tx_ctl->epid == priv->data_bk_ep) ||
172 (tx_ctl->epid == priv->data_be_ep) ||
173 (tx_ctl->epid == priv->data_vi_ep) ||
174 (tx_ctl->epid == priv->data_vo_ep) ||
175 (tx_ctl->epid == priv->cab_ep)) {
176 struct tx_frame_hdr *tx_fhdr =
177 (struct tx_frame_hdr *)skb->data;
178 slot = tx_fhdr->cookie;
179 skb_pull(skb, sizeof(struct tx_frame_hdr));
180 } else {
181 ath_err(common, "Unsupported EPID: %d\n", tx_ctl->epid);
182 slot = -EINVAL;
183 }
184
185 return slot;
186 }
187
188 int ath_htc_txq_update(struct ath9k_htc_priv *priv, int qnum,
189 struct ath9k_tx_queue_info *qinfo)
190 {
191 struct ath_hw *ah = priv->ah;
192 int error = 0;
193 struct ath9k_tx_queue_info qi;
194
195 ath9k_hw_get_txq_props(ah, qnum, &qi);
196
197 qi.tqi_aifs = qinfo->tqi_aifs;
198 qi.tqi_cwmin = qinfo->tqi_cwmin / 2; /* XXX */
199 qi.tqi_cwmax = qinfo->tqi_cwmax;
200 qi.tqi_burstTime = qinfo->tqi_burstTime;
201 qi.tqi_readyTime = qinfo->tqi_readyTime;
202
203 if (!ath9k_hw_set_txq_props(ah, qnum, &qi)) {
204 ath_err(ath9k_hw_common(ah),
205 "Unable to update hardware queue %u!\n", qnum);
206 error = -EIO;
207 } else {
208 ath9k_hw_resettxqueue(ah, qnum);
209 }
210
211 return error;
212 }
213
214 static void ath9k_htc_tx_mgmt(struct ath9k_htc_priv *priv,
215 struct ath9k_htc_vif *avp,
216 struct sk_buff *skb,
217 u8 sta_idx, u8 vif_idx, u8 slot)
218 {
219 struct ieee80211_tx_info *tx_info = IEEE80211_SKB_CB(skb);
220 struct ieee80211_mgmt *mgmt;
221 struct ieee80211_hdr *hdr;
222 struct tx_mgmt_hdr mgmt_hdr;
223 struct ath9k_htc_tx_ctl *tx_ctl;
224 u8 *tx_fhdr;
225
226 tx_ctl = HTC_SKB_CB(skb);
227 hdr = (struct ieee80211_hdr *) skb->data;
228
229 memset(tx_ctl, 0, sizeof(*tx_ctl));
230 memset(&mgmt_hdr, 0, sizeof(struct tx_mgmt_hdr));
231
232 /*
233 * Set the TSF adjust value for probe response
234 * frame also.
235 */
236 if (avp && unlikely(ieee80211_is_probe_resp(hdr->frame_control))) {
237 mgmt = (struct ieee80211_mgmt *)skb->data;
238 mgmt->u.probe_resp.timestamp = avp->tsfadjust;
239 }
240
241 tx_ctl->type = ATH9K_HTC_MGMT;
242
243 mgmt_hdr.node_idx = sta_idx;
244 mgmt_hdr.vif_idx = vif_idx;
245 mgmt_hdr.tidno = 0;
246 mgmt_hdr.flags = 0;
247 mgmt_hdr.cookie = slot;
248
249 mgmt_hdr.key_type = ath9k_cmn_get_hw_crypto_keytype(skb);
250 if (mgmt_hdr.key_type == ATH9K_KEY_TYPE_CLEAR)
251 mgmt_hdr.keyix = (u8) ATH9K_TXKEYIX_INVALID;
252 else
253 mgmt_hdr.keyix = tx_info->control.hw_key->hw_key_idx;
254
255 tx_fhdr = skb_push(skb, sizeof(mgmt_hdr));
256 memcpy(tx_fhdr, (u8 *) &mgmt_hdr, sizeof(mgmt_hdr));
257 tx_ctl->epid = priv->mgmt_ep;
258 }
259
260 static void ath9k_htc_tx_data(struct ath9k_htc_priv *priv,
261 struct ieee80211_vif *vif,
262 struct sk_buff *skb,
263 u8 sta_idx, u8 vif_idx, u8 slot,
264 bool is_cab)
265 {
266 struct ieee80211_tx_info *tx_info = IEEE80211_SKB_CB(skb);
267 struct ieee80211_hdr *hdr;
268 struct ath9k_htc_tx_ctl *tx_ctl;
269 struct tx_frame_hdr tx_hdr;
270 u32 flags = 0;
271 u8 *qc, *tx_fhdr;
272 u16 qnum;
273
274 tx_ctl = HTC_SKB_CB(skb);
275 hdr = (struct ieee80211_hdr *) skb->data;
276
277 memset(tx_ctl, 0, sizeof(*tx_ctl));
278 memset(&tx_hdr, 0, sizeof(struct tx_frame_hdr));
279
280 tx_hdr.node_idx = sta_idx;
281 tx_hdr.vif_idx = vif_idx;
282 tx_hdr.cookie = slot;
283
284 /*
285 * This is a bit redundant but it helps to get
286 * the per-packet index quickly when draining the
287 * TX queue in the HIF layer. Otherwise we would
288 * have to parse the packet contents ...
289 */
290 tx_ctl->sta_idx = sta_idx;
291
292 if (tx_info->flags & IEEE80211_TX_CTL_AMPDU) {
293 tx_ctl->type = ATH9K_HTC_AMPDU;
294 tx_hdr.data_type = ATH9K_HTC_AMPDU;
295 } else {
296 tx_ctl->type = ATH9K_HTC_NORMAL;
297 tx_hdr.data_type = ATH9K_HTC_NORMAL;
298 }
299
300 if (ieee80211_is_data_qos(hdr->frame_control)) {
301 qc = ieee80211_get_qos_ctl(hdr);
302 tx_hdr.tidno = qc[0] & IEEE80211_QOS_CTL_TID_MASK;
303 }
304
305 /* Check for RTS protection */
306 if (priv->hw->wiphy->rts_threshold != (u32) -1)
307 if (skb->len > priv->hw->wiphy->rts_threshold)
308 flags |= ATH9K_HTC_TX_RTSCTS;
309
310 /* CTS-to-self */
311 if (!(flags & ATH9K_HTC_TX_RTSCTS) &&
312 (vif && vif->bss_conf.use_cts_prot))
313 flags |= ATH9K_HTC_TX_CTSONLY;
314
315 tx_hdr.flags = cpu_to_be32(flags);
316 tx_hdr.key_type = ath9k_cmn_get_hw_crypto_keytype(skb);
317 if (tx_hdr.key_type == ATH9K_KEY_TYPE_CLEAR)
318 tx_hdr.keyix = (u8) ATH9K_TXKEYIX_INVALID;
319 else
320 tx_hdr.keyix = tx_info->control.hw_key->hw_key_idx;
321
322 tx_fhdr = skb_push(skb, sizeof(tx_hdr));
323 memcpy(tx_fhdr, (u8 *) &tx_hdr, sizeof(tx_hdr));
324
325 if (is_cab) {
326 CAB_STAT_INC;
327 tx_ctl->epid = priv->cab_ep;
328 return;
329 }
330
331 qnum = skb_get_queue_mapping(skb);
332 tx_ctl->epid = get_htc_epid(priv, qnum);
333 }
334
335 int ath9k_htc_tx_start(struct ath9k_htc_priv *priv,
336 struct ieee80211_sta *sta,
337 struct sk_buff *skb,
338 u8 slot, bool is_cab)
339 {
340 struct ieee80211_hdr *hdr;
341 struct ieee80211_tx_info *tx_info = IEEE80211_SKB_CB(skb);
342 struct ieee80211_vif *vif = tx_info->control.vif;
343 struct ath9k_htc_sta *ista;
344 struct ath9k_htc_vif *avp = NULL;
345 u8 sta_idx, vif_idx;
346
347 hdr = (struct ieee80211_hdr *) skb->data;
348
349 /*
350 * Find out on which interface this packet has to be
351 * sent out.
352 */
353 if (vif) {
354 avp = (struct ath9k_htc_vif *) vif->drv_priv;
355 vif_idx = avp->index;
356 } else {
357 if (!priv->ah->is_monitoring) {
358 ath_dbg(ath9k_hw_common(priv->ah), XMIT,
359 "VIF is null, but no monitor interface !\n");
360 return -EINVAL;
361 }
362
363 vif_idx = priv->mon_vif_idx;
364 }
365
366 /*
367 * Find out which station this packet is destined for.
368 */
369 if (sta) {
370 ista = (struct ath9k_htc_sta *) sta->drv_priv;
371 sta_idx = ista->index;
372 } else {
373 sta_idx = priv->vif_sta_pos[vif_idx];
374 }
375
376 if (ieee80211_is_data(hdr->frame_control))
377 ath9k_htc_tx_data(priv, vif, skb,
378 sta_idx, vif_idx, slot, is_cab);
379 else
380 ath9k_htc_tx_mgmt(priv, avp, skb,
381 sta_idx, vif_idx, slot);
382
383
384 return htc_send(priv->htc, skb);
385 }
386
387 static inline bool __ath9k_htc_check_tx_aggr(struct ath9k_htc_priv *priv,
388 struct ath9k_htc_sta *ista, u8 tid)
389 {
390 bool ret = false;
391
392 spin_lock_bh(&priv->tx.tx_lock);
393 if ((tid < ATH9K_HTC_MAX_TID) && (ista->tid_state[tid] == AGGR_STOP))
394 ret = true;
395 spin_unlock_bh(&priv->tx.tx_lock);
396
397 return ret;
398 }
399
400 static void ath9k_htc_check_tx_aggr(struct ath9k_htc_priv *priv,
401 struct ieee80211_vif *vif,
402 struct sk_buff *skb)
403 {
404 struct ieee80211_sta *sta;
405 struct ieee80211_hdr *hdr;
406 __le16 fc;
407
408 hdr = (struct ieee80211_hdr *) skb->data;
409 fc = hdr->frame_control;
410
411 rcu_read_lock();
412
413 sta = ieee80211_find_sta(vif, hdr->addr1);
414 if (!sta) {
415 rcu_read_unlock();
416 return;
417 }
418
419 if (sta && conf_is_ht(&priv->hw->conf) &&
420 !(skb->protocol == cpu_to_be16(ETH_P_PAE))) {
421 if (ieee80211_is_data_qos(fc)) {
422 u8 *qc, tid;
423 struct ath9k_htc_sta *ista;
424
425 qc = ieee80211_get_qos_ctl(hdr);
426 tid = qc[0] & 0xf;
427 ista = (struct ath9k_htc_sta *)sta->drv_priv;
428 if (__ath9k_htc_check_tx_aggr(priv, ista, tid)) {
429 ieee80211_start_tx_ba_session(sta, tid, 0);
430 spin_lock_bh(&priv->tx.tx_lock);
431 ista->tid_state[tid] = AGGR_PROGRESS;
432 spin_unlock_bh(&priv->tx.tx_lock);
433 }
434 }
435 }
436
437 rcu_read_unlock();
438 }
439
440 static void ath9k_htc_tx_process(struct ath9k_htc_priv *priv,
441 struct sk_buff *skb,
442 struct __wmi_event_txstatus *txs)
443 {
444 struct ieee80211_vif *vif;
445 struct ath9k_htc_tx_ctl *tx_ctl;
446 struct ieee80211_tx_info *tx_info;
447 struct ieee80211_tx_rate *rate;
448 struct ieee80211_conf *cur_conf = &priv->hw->conf;
449 bool txok;
450 int slot;
451 int hdrlen, padsize;
452
453 slot = strip_drv_header(priv, skb);
454 if (slot < 0) {
455 dev_kfree_skb_any(skb);
456 return;
457 }
458
459 tx_ctl = HTC_SKB_CB(skb);
460 txok = tx_ctl->txok;
461 tx_info = IEEE80211_SKB_CB(skb);
462 vif = tx_info->control.vif;
463 rate = &tx_info->status.rates[0];
464
465 memset(&tx_info->status, 0, sizeof(tx_info->status));
466
467 /*
468 * URB submission failed for this frame, it never reached
469 * the target.
470 */
471 if (!txok || !vif || !txs)
472 goto send_mac80211;
473
474 if (txs->ts_flags & ATH9K_HTC_TXSTAT_ACK) {
475 tx_info->flags |= IEEE80211_TX_STAT_ACK;
476 if (tx_info->flags & IEEE80211_TX_CTL_AMPDU)
477 tx_info->flags |= IEEE80211_TX_STAT_AMPDU;
478 }
479
480 if (txs->ts_flags & ATH9K_HTC_TXSTAT_FILT)
481 tx_info->flags |= IEEE80211_TX_STAT_TX_FILTERED;
482
483 if (txs->ts_flags & ATH9K_HTC_TXSTAT_RTC_CTS)
484 rate->flags |= IEEE80211_TX_RC_USE_RTS_CTS;
485
486 rate->count = 1;
487 rate->idx = MS(txs->ts_rate, ATH9K_HTC_TXSTAT_RATE);
488
489 if (txs->ts_flags & ATH9K_HTC_TXSTAT_MCS) {
490 rate->flags |= IEEE80211_TX_RC_MCS;
491
492 if (txs->ts_flags & ATH9K_HTC_TXSTAT_CW40)
493 rate->flags |= IEEE80211_TX_RC_40_MHZ_WIDTH;
494 if (txs->ts_flags & ATH9K_HTC_TXSTAT_SGI)
495 rate->flags |= IEEE80211_TX_RC_SHORT_GI;
496 } else {
497 if (cur_conf->chandef.chan->band == IEEE80211_BAND_5GHZ)
498 rate->idx += 4; /* No CCK rates */
499 }
500
501 ath9k_htc_check_tx_aggr(priv, vif, skb);
502
503 send_mac80211:
504 spin_lock_bh(&priv->tx.tx_lock);
505 if (WARN_ON(--priv->tx.queued_cnt < 0))
506 priv->tx.queued_cnt = 0;
507 spin_unlock_bh(&priv->tx.tx_lock);
508
509 ath9k_htc_tx_clear_slot(priv, slot);
510
511 /* Remove padding before handing frame back to mac80211 */
512 hdrlen = ieee80211_get_hdrlen_from_skb(skb);
513
514 padsize = hdrlen & 3;
515 if (padsize && skb->len > hdrlen + padsize) {
516 memmove(skb->data + padsize, skb->data, hdrlen);
517 skb_pull(skb, padsize);
518 }
519
520 /* Send status to mac80211 */
521 ieee80211_tx_status(priv->hw, skb);
522 }
523
524 static inline void ath9k_htc_tx_drainq(struct ath9k_htc_priv *priv,
525 struct sk_buff_head *queue)
526 {
527 struct sk_buff *skb;
528
529 while ((skb = skb_dequeue(queue)) != NULL) {
530 ath9k_htc_tx_process(priv, skb, NULL);
531 }
532 }
533
534 void ath9k_htc_tx_drain(struct ath9k_htc_priv *priv)
535 {
536 struct ath9k_htc_tx_event *event, *tmp;
537
538 spin_lock_bh(&priv->tx.tx_lock);
539 priv->tx.flags |= ATH9K_HTC_OP_TX_DRAIN;
540 spin_unlock_bh(&priv->tx.tx_lock);
541
542 /*
543 * Ensure that all pending TX frames are flushed,
544 * and that the TX completion/failed tasklets is killed.
545 */
546 htc_stop(priv->htc);
547 tasklet_kill(&priv->wmi->wmi_event_tasklet);
548 tasklet_kill(&priv->tx_failed_tasklet);
549
550 ath9k_htc_tx_drainq(priv, &priv->tx.mgmt_ep_queue);
551 ath9k_htc_tx_drainq(priv, &priv->tx.cab_ep_queue);
552 ath9k_htc_tx_drainq(priv, &priv->tx.data_be_queue);
553 ath9k_htc_tx_drainq(priv, &priv->tx.data_bk_queue);
554 ath9k_htc_tx_drainq(priv, &priv->tx.data_vi_queue);
555 ath9k_htc_tx_drainq(priv, &priv->tx.data_vo_queue);
556 ath9k_htc_tx_drainq(priv, &priv->tx.tx_failed);
557
558 /*
559 * The TX cleanup timer has already been killed.
560 */
561 spin_lock_bh(&priv->wmi->event_lock);
562 list_for_each_entry_safe(event, tmp, &priv->wmi->pending_tx_events, list) {
563 list_del(&event->list);
564 kfree(event);
565 }
566 spin_unlock_bh(&priv->wmi->event_lock);
567
568 spin_lock_bh(&priv->tx.tx_lock);
569 priv->tx.flags &= ~ATH9K_HTC_OP_TX_DRAIN;
570 spin_unlock_bh(&priv->tx.tx_lock);
571 }
572
573 void ath9k_tx_failed_tasklet(unsigned long data)
574 {
575 struct ath9k_htc_priv *priv = (struct ath9k_htc_priv *)data;
576
577 spin_lock_bh(&priv->tx.tx_lock);
578 if (priv->tx.flags & ATH9K_HTC_OP_TX_DRAIN) {
579 spin_unlock_bh(&priv->tx.tx_lock);
580 return;
581 }
582 spin_unlock_bh(&priv->tx.tx_lock);
583
584 ath9k_htc_tx_drainq(priv, &priv->tx.tx_failed);
585 }
586
587 static inline bool check_cookie(struct ath9k_htc_priv *priv,
588 struct sk_buff *skb,
589 u8 cookie, u8 epid)
590 {
591 u8 fcookie = 0;
592
593 if (epid == priv->mgmt_ep) {
594 struct tx_mgmt_hdr *hdr;
595 hdr = (struct tx_mgmt_hdr *) skb->data;
596 fcookie = hdr->cookie;
597 } else if ((epid == priv->data_bk_ep) ||
598 (epid == priv->data_be_ep) ||
599 (epid == priv->data_vi_ep) ||
600 (epid == priv->data_vo_ep) ||
601 (epid == priv->cab_ep)) {
602 struct tx_frame_hdr *hdr;
603 hdr = (struct tx_frame_hdr *) skb->data;
604 fcookie = hdr->cookie;
605 }
606
607 if (fcookie == cookie)
608 return true;
609
610 return false;
611 }
612
613 static struct sk_buff* ath9k_htc_tx_get_packet(struct ath9k_htc_priv *priv,
614 struct __wmi_event_txstatus *txs)
615 {
616 struct ath_common *common = ath9k_hw_common(priv->ah);
617 struct sk_buff_head *epid_queue;
618 struct sk_buff *skb, *tmp;
619 unsigned long flags;
620 u8 epid = MS(txs->ts_rate, ATH9K_HTC_TXSTAT_EPID);
621
622 epid_queue = get_htc_epid_queue(priv, epid);
623 if (!epid_queue)
624 return NULL;
625
626 spin_lock_irqsave(&epid_queue->lock, flags);
627 skb_queue_walk_safe(epid_queue, skb, tmp) {
628 if (check_cookie(priv, skb, txs->cookie, epid)) {
629 __skb_unlink(skb, epid_queue);
630 spin_unlock_irqrestore(&epid_queue->lock, flags);
631 return skb;
632 }
633 }
634 spin_unlock_irqrestore(&epid_queue->lock, flags);
635
636 ath_dbg(common, XMIT, "No matching packet for cookie: %d, epid: %d\n",
637 txs->cookie, epid);
638
639 return NULL;
640 }
641
642 void ath9k_htc_txstatus(struct ath9k_htc_priv *priv, void *wmi_event)
643 {
644 struct wmi_event_txstatus *txs = (struct wmi_event_txstatus *)wmi_event;
645 struct __wmi_event_txstatus *__txs;
646 struct sk_buff *skb;
647 struct ath9k_htc_tx_event *tx_pend;
648 int i;
649
650 for (i = 0; i < txs->cnt; i++) {
651 WARN_ON(txs->cnt > HTC_MAX_TX_STATUS);
652
653 __txs = &txs->txstatus[i];
654
655 skb = ath9k_htc_tx_get_packet(priv, __txs);
656 if (!skb) {
657 /*
658 * Store this event, so that the TX cleanup
659 * routine can check later for the needed packet.
660 */
661 tx_pend = kzalloc(sizeof(struct ath9k_htc_tx_event),
662 GFP_ATOMIC);
663 if (!tx_pend)
664 continue;
665
666 memcpy(&tx_pend->txs, __txs,
667 sizeof(struct __wmi_event_txstatus));
668
669 spin_lock(&priv->wmi->event_lock);
670 list_add_tail(&tx_pend->list,
671 &priv->wmi->pending_tx_events);
672 spin_unlock(&priv->wmi->event_lock);
673
674 continue;
675 }
676
677 ath9k_htc_tx_process(priv, skb, __txs);
678 }
679
680 /* Wake TX queues if needed */
681 ath9k_htc_check_wake_queues(priv);
682 }
683
684 void ath9k_htc_txep(void *drv_priv, struct sk_buff *skb,
685 enum htc_endpoint_id ep_id, bool txok)
686 {
687 struct ath9k_htc_priv *priv = (struct ath9k_htc_priv *) drv_priv;
688 struct ath9k_htc_tx_ctl *tx_ctl;
689 struct sk_buff_head *epid_queue;
690
691 tx_ctl = HTC_SKB_CB(skb);
692 tx_ctl->txok = txok;
693 tx_ctl->timestamp = jiffies;
694
695 if (!txok) {
696 skb_queue_tail(&priv->tx.tx_failed, skb);
697 tasklet_schedule(&priv->tx_failed_tasklet);
698 return;
699 }
700
701 epid_queue = get_htc_epid_queue(priv, ep_id);
702 if (!epid_queue) {
703 dev_kfree_skb_any(skb);
704 return;
705 }
706
707 skb_queue_tail(epid_queue, skb);
708 }
709
710 static inline bool check_packet(struct ath9k_htc_priv *priv, struct sk_buff *skb)
711 {
712 struct ath_common *common = ath9k_hw_common(priv->ah);
713 struct ath9k_htc_tx_ctl *tx_ctl;
714
715 tx_ctl = HTC_SKB_CB(skb);
716
717 if (time_after(jiffies,
718 tx_ctl->timestamp +
719 msecs_to_jiffies(ATH9K_HTC_TX_TIMEOUT_INTERVAL))) {
720 ath_dbg(common, XMIT, "Dropping a packet due to TX timeout\n");
721 return true;
722 }
723
724 return false;
725 }
726
727 static void ath9k_htc_tx_cleanup_queue(struct ath9k_htc_priv *priv,
728 struct sk_buff_head *epid_queue)
729 {
730 bool process = false;
731 unsigned long flags;
732 struct sk_buff *skb, *tmp;
733 struct sk_buff_head queue;
734
735 skb_queue_head_init(&queue);
736
737 spin_lock_irqsave(&epid_queue->lock, flags);
738 skb_queue_walk_safe(epid_queue, skb, tmp) {
739 if (check_packet(priv, skb)) {
740 __skb_unlink(skb, epid_queue);
741 __skb_queue_tail(&queue, skb);
742 process = true;
743 }
744 }
745 spin_unlock_irqrestore(&epid_queue->lock, flags);
746
747 if (process) {
748 skb_queue_walk_safe(&queue, skb, tmp) {
749 __skb_unlink(skb, &queue);
750 ath9k_htc_tx_process(priv, skb, NULL);
751 }
752 }
753 }
754
755 void ath9k_htc_tx_cleanup_timer(unsigned long data)
756 {
757 struct ath9k_htc_priv *priv = (struct ath9k_htc_priv *) data;
758 struct ath_common *common = ath9k_hw_common(priv->ah);
759 struct ath9k_htc_tx_event *event, *tmp;
760 struct sk_buff *skb;
761
762 spin_lock(&priv->wmi->event_lock);
763 list_for_each_entry_safe(event, tmp, &priv->wmi->pending_tx_events, list) {
764
765 skb = ath9k_htc_tx_get_packet(priv, &event->txs);
766 if (skb) {
767 ath_dbg(common, XMIT,
768 "Found packet for cookie: %d, epid: %d\n",
769 event->txs.cookie,
770 MS(event->txs.ts_rate, ATH9K_HTC_TXSTAT_EPID));
771
772 ath9k_htc_tx_process(priv, skb, &event->txs);
773 list_del(&event->list);
774 kfree(event);
775 continue;
776 }
777
778 if (++event->count >= ATH9K_HTC_TX_TIMEOUT_COUNT) {
779 list_del(&event->list);
780 kfree(event);
781 }
782 }
783 spin_unlock(&priv->wmi->event_lock);
784
785 /*
786 * Check if status-pending packets have to be cleaned up.
787 */
788 ath9k_htc_tx_cleanup_queue(priv, &priv->tx.mgmt_ep_queue);
789 ath9k_htc_tx_cleanup_queue(priv, &priv->tx.cab_ep_queue);
790 ath9k_htc_tx_cleanup_queue(priv, &priv->tx.data_be_queue);
791 ath9k_htc_tx_cleanup_queue(priv, &priv->tx.data_bk_queue);
792 ath9k_htc_tx_cleanup_queue(priv, &priv->tx.data_vi_queue);
793 ath9k_htc_tx_cleanup_queue(priv, &priv->tx.data_vo_queue);
794
795 /* Wake TX queues if needed */
796 ath9k_htc_check_wake_queues(priv);
797
798 mod_timer(&priv->tx.cleanup_timer,
799 jiffies + msecs_to_jiffies(ATH9K_HTC_TX_CLEANUP_INTERVAL));
800 }
801
802 int ath9k_tx_init(struct ath9k_htc_priv *priv)
803 {
804 skb_queue_head_init(&priv->tx.mgmt_ep_queue);
805 skb_queue_head_init(&priv->tx.cab_ep_queue);
806 skb_queue_head_init(&priv->tx.data_be_queue);
807 skb_queue_head_init(&priv->tx.data_bk_queue);
808 skb_queue_head_init(&priv->tx.data_vi_queue);
809 skb_queue_head_init(&priv->tx.data_vo_queue);
810 skb_queue_head_init(&priv->tx.tx_failed);
811 return 0;
812 }
813
814 void ath9k_tx_cleanup(struct ath9k_htc_priv *priv)
815 {
816
817 }
818
819 bool ath9k_htc_txq_setup(struct ath9k_htc_priv *priv, int subtype)
820 {
821 struct ath_hw *ah = priv->ah;
822 struct ath_common *common = ath9k_hw_common(ah);
823 struct ath9k_tx_queue_info qi;
824 int qnum;
825
826 memset(&qi, 0, sizeof(qi));
827 ATH9K_HTC_INIT_TXQ(subtype);
828
829 qnum = ath9k_hw_setuptxqueue(priv->ah, ATH9K_TX_QUEUE_DATA, &qi);
830 if (qnum == -1)
831 return false;
832
833 if (qnum >= ARRAY_SIZE(priv->hwq_map)) {
834 ath_err(common, "qnum %u out of range, max %zu!\n",
835 qnum, ARRAY_SIZE(priv->hwq_map));
836 ath9k_hw_releasetxqueue(ah, qnum);
837 return false;
838 }
839
840 priv->hwq_map[subtype] = qnum;
841 return true;
842 }
843
844 int ath9k_htc_cabq_setup(struct ath9k_htc_priv *priv)
845 {
846 struct ath9k_tx_queue_info qi;
847
848 memset(&qi, 0, sizeof(qi));
849 ATH9K_HTC_INIT_TXQ(0);
850
851 return ath9k_hw_setuptxqueue(priv->ah, ATH9K_TX_QUEUE_CAB, &qi);
852 }
853
854 /******/
855 /* RX */
856 /******/
857
858 /*
859 * Calculate the RX filter to be set in the HW.
860 */
861 u32 ath9k_htc_calcrxfilter(struct ath9k_htc_priv *priv)
862 {
863 #define RX_FILTER_PRESERVE (ATH9K_RX_FILTER_PHYERR | ATH9K_RX_FILTER_PHYRADAR)
864
865 struct ath_hw *ah = priv->ah;
866 u32 rfilt;
867
868 rfilt = (ath9k_hw_getrxfilter(ah) & RX_FILTER_PRESERVE)
869 | ATH9K_RX_FILTER_UCAST | ATH9K_RX_FILTER_BCAST
870 | ATH9K_RX_FILTER_MCAST;
871
872 if (priv->rxfilter & FIF_PROBE_REQ)
873 rfilt |= ATH9K_RX_FILTER_PROBEREQ;
874
875 if (ah->is_monitoring)
876 rfilt |= ATH9K_RX_FILTER_PROM;
877
878 if (priv->rxfilter & FIF_CONTROL)
879 rfilt |= ATH9K_RX_FILTER_CONTROL;
880
881 if ((ah->opmode == NL80211_IFTYPE_STATION) &&
882 (priv->nvifs <= 1) &&
883 !(priv->rxfilter & FIF_BCN_PRBRESP_PROMISC))
884 rfilt |= ATH9K_RX_FILTER_MYBEACON;
885 else
886 rfilt |= ATH9K_RX_FILTER_BEACON;
887
888 if (conf_is_ht(&priv->hw->conf)) {
889 rfilt |= ATH9K_RX_FILTER_COMP_BAR;
890 rfilt |= ATH9K_RX_FILTER_UNCOMP_BA_BAR;
891 }
892
893 if (priv->rxfilter & FIF_PSPOLL)
894 rfilt |= ATH9K_RX_FILTER_PSPOLL;
895
896 if (priv->nvifs > 1 || priv->rxfilter & FIF_OTHER_BSS)
897 rfilt |= ATH9K_RX_FILTER_MCAST_BCAST_ALL;
898
899 return rfilt;
900
901 #undef RX_FILTER_PRESERVE
902 }
903
904 /*
905 * Recv initialization for opmode change.
906 */
907 static void ath9k_htc_opmode_init(struct ath9k_htc_priv *priv)
908 {
909 struct ath_hw *ah = priv->ah;
910 u32 rfilt, mfilt[2];
911
912 /* configure rx filter */
913 rfilt = ath9k_htc_calcrxfilter(priv);
914 ath9k_hw_setrxfilter(ah, rfilt);
915
916 /* calculate and install multicast filter */
917 mfilt[0] = mfilt[1] = ~0;
918 ath9k_hw_setmcastfilter(ah, mfilt[0], mfilt[1]);
919 }
920
921 void ath9k_host_rx_init(struct ath9k_htc_priv *priv)
922 {
923 struct ath_common *common = ath9k_hw_common(priv->ah);
924 ath9k_hw_rxena(priv->ah);
925 ath9k_htc_opmode_init(priv);
926 ath9k_hw_startpcureceive(priv->ah, test_bit(ATH_OP_SCANNING, &common->op_flags));
927 }
928
929 static inline void convert_htc_flag(struct ath_rx_status *rx_stats,
930 struct ath_htc_rx_status *rxstatus)
931 {
932 rx_stats->flag = 0;
933 if (rxstatus->rs_flags & ATH9K_RX_2040)
934 rx_stats->flag |= RX_FLAG_40MHZ;
935 if (rxstatus->rs_flags & ATH9K_RX_GI)
936 rx_stats->flag |= RX_FLAG_SHORT_GI;
937 }
938
939 static void rx_status_htc_to_ath(struct ath_rx_status *rx_stats,
940 struct ath_htc_rx_status *rxstatus)
941 {
942 rx_stats->rs_datalen = be16_to_cpu(rxstatus->rs_datalen);
943 rx_stats->rs_status = rxstatus->rs_status;
944 rx_stats->rs_phyerr = rxstatus->rs_phyerr;
945 rx_stats->rs_rssi = rxstatus->rs_rssi;
946 rx_stats->rs_keyix = rxstatus->rs_keyix;
947 rx_stats->rs_rate = rxstatus->rs_rate;
948 rx_stats->rs_antenna = rxstatus->rs_antenna;
949 rx_stats->rs_more = rxstatus->rs_more;
950
951 memcpy(rx_stats->rs_rssi_ctl, rxstatus->rs_rssi_ctl,
952 sizeof(rx_stats->rs_rssi_ctl));
953 memcpy(rx_stats->rs_rssi_ext, rxstatus->rs_rssi_ext,
954 sizeof(rx_stats->rs_rssi_ext));
955
956 rx_stats->rs_isaggr = rxstatus->rs_isaggr;
957 rx_stats->rs_moreaggr = rxstatus->rs_moreaggr;
958 rx_stats->rs_num_delims = rxstatus->rs_num_delims;
959 convert_htc_flag(rx_stats, rxstatus);
960 }
961
962 static bool ath9k_rx_prepare(struct ath9k_htc_priv *priv,
963 struct ath9k_htc_rxbuf *rxbuf,
964 struct ieee80211_rx_status *rx_status)
965
966 {
967 struct ieee80211_hdr *hdr;
968 struct ieee80211_hw *hw = priv->hw;
969 struct sk_buff *skb = rxbuf->skb;
970 struct ath_common *common = ath9k_hw_common(priv->ah);
971 struct ath_hw *ah = common->ah;
972 struct ath_htc_rx_status *rxstatus;
973 struct ath_rx_status rx_stats;
974 bool decrypt_error = false;
975
976 if (skb->len < HTC_RX_FRAME_HEADER_SIZE) {
977 ath_err(common, "Corrupted RX frame, dropping (len: %d)\n",
978 skb->len);
979 goto rx_next;
980 }
981
982 rxstatus = (struct ath_htc_rx_status *)skb->data;
983
984 if (be16_to_cpu(rxstatus->rs_datalen) -
985 (skb->len - HTC_RX_FRAME_HEADER_SIZE) != 0) {
986 ath_err(common,
987 "Corrupted RX data len, dropping (dlen: %d, skblen: %d)\n",
988 rxstatus->rs_datalen, skb->len);
989 goto rx_next;
990 }
991
992 /* Get the RX status information */
993
994 memset(rx_status, 0, sizeof(struct ieee80211_rx_status));
995
996 /* Copy everything from ath_htc_rx_status (HTC_RX_FRAME_HEADER).
997 * After this, we can drop this part of skb. */
998 rx_status_htc_to_ath(&rx_stats, rxstatus);
999 ath9k_htc_err_stat_rx(priv, &rx_stats);
1000 rx_status->mactime = be64_to_cpu(rxstatus->rs_tstamp);
1001 skb_pull(skb, HTC_RX_FRAME_HEADER_SIZE);
1002
1003 /*
1004 * everything but the rate is checked here, the rate check is done
1005 * separately to avoid doing two lookups for a rate for each frame.
1006 */
1007 hdr = (struct ieee80211_hdr *)skb->data;
1008
1009 /*
1010 * Process PHY errors and return so that the packet
1011 * can be dropped.
1012 */
1013 if (rx_stats.rs_status & ATH9K_RXERR_PHY) {
1014 /* TODO: Not using DFS processing now. */
1015 if (ath_cmn_process_fft(&priv->spec_priv, hdr,
1016 &rx_stats, rx_status->mactime)) {
1017 /* TODO: Code to collect spectral scan statistics */
1018 }
1019 goto rx_next;
1020 }
1021
1022 if (!ath9k_cmn_rx_accept(common, hdr, rx_status, &rx_stats,
1023 &decrypt_error, priv->rxfilter))
1024 goto rx_next;
1025
1026 ath9k_cmn_rx_skb_postprocess(common, skb, &rx_stats,
1027 rx_status, decrypt_error);
1028
1029 if (ath9k_cmn_process_rate(common, hw, &rx_stats, rx_status))
1030 goto rx_next;
1031
1032 rx_stats.is_mybeacon = ath_is_mybeacon(common, hdr);
1033 ath9k_cmn_process_rssi(common, hw, &rx_stats, rx_status);
1034
1035 rx_status->band = ah->curchan->chan->band;
1036 rx_status->freq = ah->curchan->chan->center_freq;
1037 rx_status->antenna = rx_stats.rs_antenna;
1038 rx_status->flag |= RX_FLAG_MACTIME_END;
1039
1040 return true;
1041 rx_next:
1042 return false;
1043 }
1044
1045 /*
1046 * FIXME: Handle FLUSH later on.
1047 */
1048 void ath9k_rx_tasklet(unsigned long data)
1049 {
1050 struct ath9k_htc_priv *priv = (struct ath9k_htc_priv *)data;
1051 struct ath9k_htc_rxbuf *rxbuf = NULL, *tmp_buf = NULL;
1052 struct ieee80211_rx_status rx_status;
1053 struct sk_buff *skb;
1054 unsigned long flags;
1055 struct ieee80211_hdr *hdr;
1056
1057 do {
1058 spin_lock_irqsave(&priv->rx.rxbuflock, flags);
1059 list_for_each_entry(tmp_buf, &priv->rx.rxbuf, list) {
1060 if (tmp_buf->in_process) {
1061 rxbuf = tmp_buf;
1062 break;
1063 }
1064 }
1065
1066 if (rxbuf == NULL) {
1067 spin_unlock_irqrestore(&priv->rx.rxbuflock, flags);
1068 break;
1069 }
1070
1071 if (!rxbuf->skb)
1072 goto requeue;
1073
1074 if (!ath9k_rx_prepare(priv, rxbuf, &rx_status)) {
1075 dev_kfree_skb_any(rxbuf->skb);
1076 goto requeue;
1077 }
1078
1079 memcpy(IEEE80211_SKB_RXCB(rxbuf->skb), &rx_status,
1080 sizeof(struct ieee80211_rx_status));
1081 skb = rxbuf->skb;
1082 hdr = (struct ieee80211_hdr *) skb->data;
1083
1084 if (ieee80211_is_beacon(hdr->frame_control) && priv->ps_enabled)
1085 ieee80211_queue_work(priv->hw, &priv->ps_work);
1086
1087 spin_unlock_irqrestore(&priv->rx.rxbuflock, flags);
1088
1089 ieee80211_rx(priv->hw, skb);
1090
1091 spin_lock_irqsave(&priv->rx.rxbuflock, flags);
1092 requeue:
1093 rxbuf->in_process = false;
1094 rxbuf->skb = NULL;
1095 list_move_tail(&rxbuf->list, &priv->rx.rxbuf);
1096 rxbuf = NULL;
1097 spin_unlock_irqrestore(&priv->rx.rxbuflock, flags);
1098 } while (1);
1099
1100 }
1101
1102 void ath9k_htc_rxep(void *drv_priv, struct sk_buff *skb,
1103 enum htc_endpoint_id ep_id)
1104 {
1105 struct ath9k_htc_priv *priv = (struct ath9k_htc_priv *)drv_priv;
1106 struct ath_hw *ah = priv->ah;
1107 struct ath_common *common = ath9k_hw_common(ah);
1108 struct ath9k_htc_rxbuf *rxbuf = NULL, *tmp_buf = NULL;
1109
1110 spin_lock(&priv->rx.rxbuflock);
1111 list_for_each_entry(tmp_buf, &priv->rx.rxbuf, list) {
1112 if (!tmp_buf->in_process) {
1113 rxbuf = tmp_buf;
1114 break;
1115 }
1116 }
1117 spin_unlock(&priv->rx.rxbuflock);
1118
1119 if (rxbuf == NULL) {
1120 ath_dbg(common, ANY, "No free RX buffer\n");
1121 goto err;
1122 }
1123
1124 spin_lock(&priv->rx.rxbuflock);
1125 rxbuf->skb = skb;
1126 rxbuf->in_process = true;
1127 spin_unlock(&priv->rx.rxbuflock);
1128
1129 tasklet_schedule(&priv->rx_tasklet);
1130 return;
1131 err:
1132 dev_kfree_skb_any(skb);
1133 }
1134
1135 /* FIXME: Locking for cleanup/init */
1136
1137 void ath9k_rx_cleanup(struct ath9k_htc_priv *priv)
1138 {
1139 struct ath9k_htc_rxbuf *rxbuf, *tbuf;
1140
1141 list_for_each_entry_safe(rxbuf, tbuf, &priv->rx.rxbuf, list) {
1142 list_del(&rxbuf->list);
1143 if (rxbuf->skb)
1144 dev_kfree_skb_any(rxbuf->skb);
1145 kfree(rxbuf);
1146 }
1147 }
1148
1149 int ath9k_rx_init(struct ath9k_htc_priv *priv)
1150 {
1151 int i = 0;
1152
1153 INIT_LIST_HEAD(&priv->rx.rxbuf);
1154 spin_lock_init(&priv->rx.rxbuflock);
1155
1156 for (i = 0; i < ATH9K_HTC_RXBUF; i++) {
1157 struct ath9k_htc_rxbuf *rxbuf =
1158 kzalloc(sizeof(struct ath9k_htc_rxbuf), GFP_KERNEL);
1159 if (rxbuf == NULL)
1160 goto err;
1161
1162 list_add_tail(&rxbuf->list, &priv->rx.rxbuf);
1163 }
1164
1165 return 0;
1166
1167 err:
1168 ath9k_rx_cleanup(priv);
1169 return -ENOMEM;
1170 } 1
2 #include <linux/kernel.h>
3 #include <linux/mutex.h>
4 #include <linux/spinlock.h>
5 #include <linux/errno.h>
6 #include <verifier/rcv.h>
7 #include <linux/list.h>
8
9 /* mutexes */
10 extern int mutex_lock_interruptible(struct mutex *lock);
11 extern int mutex_lock_killable(struct mutex *lock);
12 extern void mutex_lock(struct mutex *lock);
13
14 /* mutex model functions */
15 extern void ldv_mutex_lock(struct mutex *lock, char *sign);
16 extern int ldv_mutex_is_locked(struct mutex *lock, char *sign);
17 extern void ldv_mutex_unlock(struct mutex *lock, char *sign);
18
19
20 /* Spin locks */
21 extern void __ldv_spin_lock(spinlock_t *lock);
22 extern void __ldv_spin_unlock(spinlock_t *lock);
23 extern int __ldv_spin_trylock(spinlock_t *lock);
24 extern void __ldv_spin_unlock_wait(spinlock_t *lock);
25 extern void __ldv_spin_can_lock(spinlock_t *lock);
26 extern int __ldv_atomic_dec_and_lock(spinlock_t *lock);
27
28 /* spin model functions */
29 extern void ldv_spin_lock(spinlock_t *lock, char *sign);
30 extern void ldv_spin_unlock(spinlock_t *lock, char *sign);
31 extern int ldv_spin_is_locked(spinlock_t *lock, char *sign);
32
33 /* Support for list binder functions */
34 static inline struct list_head *ldv_list_get_first(struct list_head *head) {
35 return head->next;
36 }
37
38 static inline int ldv_list_is_stop(struct list_head *pos, struct list_head *head) {
39 return pos==head;
40 }
41
42 static inline struct list_head *ldv_list_get_next(struct list_head *pos) {
43 return pos->next;
44 }
45
46 #include <linux/mutex.h>
47 #include <linux/slab.h>
48 #include <verifier/rcv.h>
49 #include <linux/timer.h>
50 #include <linux/rtnetlink.h>
51 #include <linux/gfp.h>
52 extern struct file *fops_xmit_group2;
53 extern int ldv_state_variable_8;
54 extern int ldv_timer_1_3;
55 extern struct ath_common *ath9k_usb_bus_ops_group0;
56 extern struct inode *fops_debug_group1;
57 extern struct inode *fops_queue_group1;
58 extern struct ath_common *ath9k_htc_ps_ops_group0;
59 extern int ldv_state_variable_0;
60 extern int ldv_state_variable_5;
61 extern int ldv_state_variable_13;
62 extern int ldv_state_variable_12;
63 extern struct file *fops_tgt_tx_stats_group2;
64 extern struct file *fops_queue_group2;
65 extern int ldv_state_variable_14;
66 extern int ldv_timer_1_0;
67 extern int ldv_state_variable_9;
68 extern struct inode *fops_tgt_tx_stats_group1;
69 extern struct file *fops_debug_group2;
70 extern int ref_cnt;
71 extern struct mutex key_mtx;
72 extern int ldv_state_variable_1;
73 extern int ldv_state_variable_7;
74 extern struct inode *fops_xmit_group1;
75 extern struct inode *fops_skb_rx_group1;
76 extern struct file *fops_tgt_int_stats_group2;
77 extern struct usb_interface *ath9k_hif_usb_driver_group1;
78 extern struct timer_list * ldv_timer_list_1_3;
79 extern int ldv_state_variable_10;
80 extern struct timer_list * ldv_timer_list_1_1;
81 extern struct timer_list * ldv_timer_list_1_0;
82 extern int ldv_state_variable_6;
83 extern int ldv_timer_1_2;
84 extern int ldv_timer_1_1;
85 extern int ldv_state_variable_2;
86 extern struct timer_list * ldv_timer_list_1_2;
87 extern struct inode *fops_tgt_int_stats_group1;
88 extern struct ieee80211_hw *ath9k_htc_ops_group0;
89 extern int usb_counter;
90 extern int ldv_state_variable_11;
91 extern struct file *fops_slot_group2;
92 extern int LDV_IN_INTERRUPT = 1;
93 extern struct inode *fops_slot_group1;
94 extern struct inode *fops_tgt_rx_stats_group1;
95 extern struct file *fops_tgt_rx_stats_group2;
96 extern struct mutex fs_mutex;
97 extern int ldv_state_variable_3;
98 extern struct mutex ar_mutex;
99 extern struct file *fops_skb_rx_group2;
100 extern int ldv_state_variable_4;
101 extern void ldv_file_operations_7(void);
102 extern void ldv_file_operations_6(void);
103 extern void ldv_file_operations_2(void);
104 extern void activate_pending_timer_1(struct timer_list * timer, unsigned long data, int pending_flag);
105 extern void ldv_initialyze_ath_bus_ops_10(void);
106 extern int evil_hack_12(void);
107 extern void timer_init_1(void);
108 extern void ldv_file_operations_9(void);
109 extern void ldv_usb_driver_13(void);
110 extern void ldv_file_operations_3(void);
111 extern void ldv_file_operations_8(void);
112 extern int reg_timer_1(struct timer_list * timer, void (*function)(unsigned long), unsigned long data);
113 extern void ldv_initialyze_ath_ps_ops_11(void);
114 extern int evil_hack_key_12(void);
115 extern void ldv_initialyze_ieee80211_ops_12(void);
116 extern void disable_suitable_timer_1(struct timer_list * timer);
117 extern void activate_suitable_timer_1(struct timer_list * timer, unsigned long data);
118 extern int evil_hack_fs_lock(void);
119 extern int __VERIFIER_nondet_int(void);
120 extern void ldv_file_operations_5(void);
121 extern void choose_timer_1(void);
122 extern void ldv_timer_1(int state, struct timer_list * timer);
123 extern int evil_hack_ar_lock(void);
124 extern void ldv_file_operations_4(void);
125 #line 1 "/work/ldvuser/andrianov/work/current--X--drivers/net/wireless/ath/ath9k/--X--defaultlinux-4.5-rc7--X--races--X--cpachecker/linux-4.5-rc7/csd_deg_dscv/74/dscv_tempdir/dscv/ri/races/drivers/net/wireless/ath/ath9k/htc_drv_txrx.c"
126 /*
127 * Copyright (c) 2010-2011 Atheros Communications Inc.
128 *
129 * Permission to use, copy, modify, and/or distribute this software for any
130 * purpose with or without fee is hereby granted, provided that the above
131 * copyright notice and this permission notice appear in all copies.
132 *
133 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
134 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
135 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
136 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
137 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
138 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
139 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
140 */
141
142 #include "htc.h"
143
144 /******/
145 /* TX */
146 /******/
147
148 static const int subtype_txq_to_hwq[] = {
149 [IEEE80211_AC_BE] = ATH_TXQ_AC_BE,
150 [IEEE80211_AC_BK] = ATH_TXQ_AC_BK,
151 [IEEE80211_AC_VI] = ATH_TXQ_AC_VI,
152 [IEEE80211_AC_VO] = ATH_TXQ_AC_VO,
153 };
154
155 #define ATH9K_HTC_INIT_TXQ(subtype) do { \
156 qi.tqi_subtype = subtype_txq_to_hwq[subtype]; \
157 qi.tqi_aifs = ATH9K_TXQ_USEDEFAULT; \
158 qi.tqi_cwmin = ATH9K_TXQ_USEDEFAULT; \
159 qi.tqi_cwmax = ATH9K_TXQ_USEDEFAULT; \
160 qi.tqi_physCompBuf = 0; \
161 qi.tqi_qflags = TXQ_FLAG_TXEOLINT_ENABLE | \
162 TXQ_FLAG_TXDESCINT_ENABLE; \
163 } while (0)
164
165 int get_hw_qnum(u16 queue, int *hwq_map)
166 {
167 switch (queue) {
168 case 0:
169 return hwq_map[IEEE80211_AC_VO];
170 case 1:
171 return hwq_map[IEEE80211_AC_VI];
172 case 2:
173 return hwq_map[IEEE80211_AC_BE];
174 case 3:
175 return hwq_map[IEEE80211_AC_BK];
176 default:
177 return hwq_map[IEEE80211_AC_BE];
178 }
179 }
180
181 void ath9k_htc_check_stop_queues(struct ath9k_htc_priv *priv)
182 {
183 spin_lock_bh(&priv->tx.tx_lock);
184 priv->tx.queued_cnt++;
185 if ((priv->tx.queued_cnt >= ATH9K_HTC_TX_THRESHOLD) &&
186 !(priv->tx.flags & ATH9K_HTC_OP_TX_QUEUES_STOP)) {
187 priv->tx.flags |= ATH9K_HTC_OP_TX_QUEUES_STOP;
188 ieee80211_stop_queues(priv->hw);
189 }
190 spin_unlock_bh(&priv->tx.tx_lock);
191 }
192
193 void ath9k_htc_check_wake_queues(struct ath9k_htc_priv *priv)
194 {
195 spin_lock_bh(&priv->tx.tx_lock);
196 if ((priv->tx.queued_cnt < ATH9K_HTC_TX_THRESHOLD) &&
197 (priv->tx.flags & ATH9K_HTC_OP_TX_QUEUES_STOP)) {
198 priv->tx.flags &= ~ATH9K_HTC_OP_TX_QUEUES_STOP;
199 ieee80211_wake_queues(priv->hw);
200 }
201 spin_unlock_bh(&priv->tx.tx_lock);
202 }
203
204 int ath9k_htc_tx_get_slot(struct ath9k_htc_priv *priv)
205 {
206 int slot;
207
208 spin_lock_bh(&priv->tx.tx_lock);
209 slot = find_first_zero_bit(priv->tx.tx_slot, MAX_TX_BUF_NUM);
210 if (slot >= MAX_TX_BUF_NUM) {
211 spin_unlock_bh(&priv->tx.tx_lock);
212 return -ENOBUFS;
213 }
214 __set_bit(slot, priv->tx.tx_slot);
215 spin_unlock_bh(&priv->tx.tx_lock);
216
217 return slot;
218 }
219
220 void ath9k_htc_tx_clear_slot(struct ath9k_htc_priv *priv, int slot)
221 {
222 spin_lock_bh(&priv->tx.tx_lock);
223 __clear_bit(slot, priv->tx.tx_slot);
224 spin_unlock_bh(&priv->tx.tx_lock);
225 }
226
227 static inline enum htc_endpoint_id get_htc_epid(struct ath9k_htc_priv *priv,
228 u16 qnum)
229 {
230 enum htc_endpoint_id epid;
231
232 switch (qnum) {
233 case 0:
234 TX_QSTAT_INC(IEEE80211_AC_VO);
235 epid = priv->data_vo_ep;
236 break;
237 case 1:
238 TX_QSTAT_INC(IEEE80211_AC_VI);
239 epid = priv->data_vi_ep;
240 break;
241 case 2:
242 TX_QSTAT_INC(IEEE80211_AC_BE);
243 epid = priv->data_be_ep;
244 break;
245 case 3:
246 default:
247 TX_QSTAT_INC(IEEE80211_AC_BK);
248 epid = priv->data_bk_ep;
249 break;
250 }
251
252 return epid;
253 }
254
255 static inline struct sk_buff_head*
256 get_htc_epid_queue(struct ath9k_htc_priv *priv, u8 epid)
257 {
258 struct ath_common *common = ath9k_hw_common(priv->ah);
259 struct sk_buff_head *epid_queue = NULL;
260
261 if (epid == priv->mgmt_ep)
262 epid_queue = &priv->tx.mgmt_ep_queue;
263 else if (epid == priv->cab_ep)
264 epid_queue = &priv->tx.cab_ep_queue;
265 else if (epid == priv->data_be_ep)
266 epid_queue = &priv->tx.data_be_queue;
267 else if (epid == priv->data_bk_ep)
268 epid_queue = &priv->tx.data_bk_queue;
269 else if (epid == priv->data_vi_ep)
270 epid_queue = &priv->tx.data_vi_queue;
271 else if (epid == priv->data_vo_ep)
272 epid_queue = &priv->tx.data_vo_queue;
273 else
274 ath_err(common, "Invalid EPID: %d\n", epid);
275
276 return epid_queue;
277 }
278
279 /*
280 * Removes the driver header and returns the TX slot number
281 */
282 static inline int strip_drv_header(struct ath9k_htc_priv *priv,
283 struct sk_buff *skb)
284 {
285 struct ath_common *common = ath9k_hw_common(priv->ah);
286 struct ath9k_htc_tx_ctl *tx_ctl;
287 int slot;
288
289 tx_ctl = HTC_SKB_CB(skb);
290
291 if (tx_ctl->epid == priv->mgmt_ep) {
292 struct tx_mgmt_hdr *tx_mhdr =
293 (struct tx_mgmt_hdr *)skb->data;
294 slot = tx_mhdr->cookie;
295 skb_pull(skb, sizeof(struct tx_mgmt_hdr));
296 } else if ((tx_ctl->epid == priv->data_bk_ep) ||
297 (tx_ctl->epid == priv->data_be_ep) ||
298 (tx_ctl->epid == priv->data_vi_ep) ||
299 (tx_ctl->epid == priv->data_vo_ep) ||
300 (tx_ctl->epid == priv->cab_ep)) {
301 struct tx_frame_hdr *tx_fhdr =
302 (struct tx_frame_hdr *)skb->data;
303 slot = tx_fhdr->cookie;
304 skb_pull(skb, sizeof(struct tx_frame_hdr));
305 } else {
306 ath_err(common, "Unsupported EPID: %d\n", tx_ctl->epid);
307 slot = -EINVAL;
308 }
309
310 return slot;
311 }
312
313 int ath_htc_txq_update(struct ath9k_htc_priv *priv, int qnum,
314 struct ath9k_tx_queue_info *qinfo)
315 {
316 struct ath_hw *ah = priv->ah;
317 int error = 0;
318 struct ath9k_tx_queue_info qi;
319
320 ath9k_hw_get_txq_props(ah, qnum, &qi);
321
322 qi.tqi_aifs = qinfo->tqi_aifs;
323 qi.tqi_cwmin = qinfo->tqi_cwmin / 2; /* XXX */
324 qi.tqi_cwmax = qinfo->tqi_cwmax;
325 qi.tqi_burstTime = qinfo->tqi_burstTime;
326 qi.tqi_readyTime = qinfo->tqi_readyTime;
327
328 if (!ath9k_hw_set_txq_props(ah, qnum, &qi)) {
329 ath_err(ath9k_hw_common(ah),
330 "Unable to update hardware queue %u!\n", qnum);
331 error = -EIO;
332 } else {
333 ath9k_hw_resettxqueue(ah, qnum);
334 }
335
336 return error;
337 }
338
339 static void ath9k_htc_tx_mgmt(struct ath9k_htc_priv *priv,
340 struct ath9k_htc_vif *avp,
341 struct sk_buff *skb,
342 u8 sta_idx, u8 vif_idx, u8 slot)
343 {
344 struct ieee80211_tx_info *tx_info = IEEE80211_SKB_CB(skb);
345 struct ieee80211_mgmt *mgmt;
346 struct ieee80211_hdr *hdr;
347 struct tx_mgmt_hdr mgmt_hdr;
348 struct ath9k_htc_tx_ctl *tx_ctl;
349 u8 *tx_fhdr;
350
351 tx_ctl = HTC_SKB_CB(skb);
352 hdr = (struct ieee80211_hdr *) skb->data;
353
354 memset(tx_ctl, 0, sizeof(*tx_ctl));
355 memset(&mgmt_hdr, 0, sizeof(struct tx_mgmt_hdr));
356
357 /*
358 * Set the TSF adjust value for probe response
359 * frame also.
360 */
361 if (avp && unlikely(ieee80211_is_probe_resp(hdr->frame_control))) {
362 mgmt = (struct ieee80211_mgmt *)skb->data;
363 mgmt->u.probe_resp.timestamp = avp->tsfadjust;
364 }
365
366 tx_ctl->type = ATH9K_HTC_MGMT;
367
368 mgmt_hdr.node_idx = sta_idx;
369 mgmt_hdr.vif_idx = vif_idx;
370 mgmt_hdr.tidno = 0;
371 mgmt_hdr.flags = 0;
372 mgmt_hdr.cookie = slot;
373
374 mgmt_hdr.key_type = ath9k_cmn_get_hw_crypto_keytype(skb);
375 if (mgmt_hdr.key_type == ATH9K_KEY_TYPE_CLEAR)
376 mgmt_hdr.keyix = (u8) ATH9K_TXKEYIX_INVALID;
377 else
378 mgmt_hdr.keyix = tx_info->control.hw_key->hw_key_idx;
379
380 tx_fhdr = skb_push(skb, sizeof(mgmt_hdr));
381 memcpy(tx_fhdr, (u8 *) &mgmt_hdr, sizeof(mgmt_hdr));
382 tx_ctl->epid = priv->mgmt_ep;
383 }
384
385 static void ath9k_htc_tx_data(struct ath9k_htc_priv *priv,
386 struct ieee80211_vif *vif,
387 struct sk_buff *skb,
388 u8 sta_idx, u8 vif_idx, u8 slot,
389 bool is_cab)
390 {
391 struct ieee80211_tx_info *tx_info = IEEE80211_SKB_CB(skb);
392 struct ieee80211_hdr *hdr;
393 struct ath9k_htc_tx_ctl *tx_ctl;
394 struct tx_frame_hdr tx_hdr;
395 u32 flags = 0;
396 u8 *qc, *tx_fhdr;
397 u16 qnum;
398
399 tx_ctl = HTC_SKB_CB(skb);
400 hdr = (struct ieee80211_hdr *) skb->data;
401
402 memset(tx_ctl, 0, sizeof(*tx_ctl));
403 memset(&tx_hdr, 0, sizeof(struct tx_frame_hdr));
404
405 tx_hdr.node_idx = sta_idx;
406 tx_hdr.vif_idx = vif_idx;
407 tx_hdr.cookie = slot;
408
409 /*
410 * This is a bit redundant but it helps to get
411 * the per-packet index quickly when draining the
412 * TX queue in the HIF layer. Otherwise we would
413 * have to parse the packet contents ...
414 */
415 tx_ctl->sta_idx = sta_idx;
416
417 if (tx_info->flags & IEEE80211_TX_CTL_AMPDU) {
418 tx_ctl->type = ATH9K_HTC_AMPDU;
419 tx_hdr.data_type = ATH9K_HTC_AMPDU;
420 } else {
421 tx_ctl->type = ATH9K_HTC_NORMAL;
422 tx_hdr.data_type = ATH9K_HTC_NORMAL;
423 }
424
425 if (ieee80211_is_data_qos(hdr->frame_control)) {
426 qc = ieee80211_get_qos_ctl(hdr);
427 tx_hdr.tidno = qc[0] & IEEE80211_QOS_CTL_TID_MASK;
428 }
429
430 /* Check for RTS protection */
431 if (priv->hw->wiphy->rts_threshold != (u32) -1)
432 if (skb->len > priv->hw->wiphy->rts_threshold)
433 flags |= ATH9K_HTC_TX_RTSCTS;
434
435 /* CTS-to-self */
436 if (!(flags & ATH9K_HTC_TX_RTSCTS) &&
437 (vif && vif->bss_conf.use_cts_prot))
438 flags |= ATH9K_HTC_TX_CTSONLY;
439
440 tx_hdr.flags = cpu_to_be32(flags);
441 tx_hdr.key_type = ath9k_cmn_get_hw_crypto_keytype(skb);
442 if (tx_hdr.key_type == ATH9K_KEY_TYPE_CLEAR)
443 tx_hdr.keyix = (u8) ATH9K_TXKEYIX_INVALID;
444 else
445 tx_hdr.keyix = tx_info->control.hw_key->hw_key_idx;
446
447 tx_fhdr = skb_push(skb, sizeof(tx_hdr));
448 memcpy(tx_fhdr, (u8 *) &tx_hdr, sizeof(tx_hdr));
449
450 if (is_cab) {
451 CAB_STAT_INC;
452 tx_ctl->epid = priv->cab_ep;
453 return;
454 }
455
456 qnum = skb_get_queue_mapping(skb);
457 tx_ctl->epid = get_htc_epid(priv, qnum);
458 }
459
460 int ath9k_htc_tx_start(struct ath9k_htc_priv *priv,
461 struct ieee80211_sta *sta,
462 struct sk_buff *skb,
463 u8 slot, bool is_cab)
464 {
465 struct ieee80211_hdr *hdr;
466 struct ieee80211_tx_info *tx_info = IEEE80211_SKB_CB(skb);
467 struct ieee80211_vif *vif = tx_info->control.vif;
468 struct ath9k_htc_sta *ista;
469 struct ath9k_htc_vif *avp = NULL;
470 u8 sta_idx, vif_idx;
471
472 hdr = (struct ieee80211_hdr *) skb->data;
473
474 /*
475 * Find out on which interface this packet has to be
476 * sent out.
477 */
478 if (vif) {
479 avp = (struct ath9k_htc_vif *) vif->drv_priv;
480 vif_idx = avp->index;
481 } else {
482 if (!priv->ah->is_monitoring) {
483 ath_dbg(ath9k_hw_common(priv->ah), XMIT,
484 "VIF is null, but no monitor interface !\n");
485 return -EINVAL;
486 }
487
488 vif_idx = priv->mon_vif_idx;
489 }
490
491 /*
492 * Find out which station this packet is destined for.
493 */
494 if (sta) {
495 ista = (struct ath9k_htc_sta *) sta->drv_priv;
496 sta_idx = ista->index;
497 } else {
498 sta_idx = priv->vif_sta_pos[vif_idx];
499 }
500
501 if (ieee80211_is_data(hdr->frame_control))
502 ath9k_htc_tx_data(priv, vif, skb,
503 sta_idx, vif_idx, slot, is_cab);
504 else
505 ath9k_htc_tx_mgmt(priv, avp, skb,
506 sta_idx, vif_idx, slot);
507
508
509 return htc_send(priv->htc, skb);
510 }
511
512 static inline bool __ath9k_htc_check_tx_aggr(struct ath9k_htc_priv *priv,
513 struct ath9k_htc_sta *ista, u8 tid)
514 {
515 bool ret = false;
516
517 spin_lock_bh(&priv->tx.tx_lock);
518 if ((tid < ATH9K_HTC_MAX_TID) && (ista->tid_state[tid] == AGGR_STOP))
519 ret = true;
520 spin_unlock_bh(&priv->tx.tx_lock);
521
522 return ret;
523 }
524
525 static void ath9k_htc_check_tx_aggr(struct ath9k_htc_priv *priv,
526 struct ieee80211_vif *vif,
527 struct sk_buff *skb)
528 {
529 struct ieee80211_sta *sta;
530 struct ieee80211_hdr *hdr;
531 __le16 fc;
532
533 hdr = (struct ieee80211_hdr *) skb->data;
534 fc = hdr->frame_control;
535
536 rcu_read_lock();
537
538 sta = ieee80211_find_sta(vif, hdr->addr1);
539 if (!sta) {
540 rcu_read_unlock();
541 return;
542 }
543
544 if (sta && conf_is_ht(&priv->hw->conf) &&
545 !(skb->protocol == cpu_to_be16(ETH_P_PAE))) {
546 if (ieee80211_is_data_qos(fc)) {
547 u8 *qc, tid;
548 struct ath9k_htc_sta *ista;
549
550 qc = ieee80211_get_qos_ctl(hdr);
551 tid = qc[0] & 0xf;
552 ista = (struct ath9k_htc_sta *)sta->drv_priv;
553 if (__ath9k_htc_check_tx_aggr(priv, ista, tid)) {
554 ieee80211_start_tx_ba_session(sta, tid, 0);
555 spin_lock_bh(&priv->tx.tx_lock);
556 ista->tid_state[tid] = AGGR_PROGRESS;
557 spin_unlock_bh(&priv->tx.tx_lock);
558 }
559 }
560 }
561
562 rcu_read_unlock();
563 }
564
565 static void ath9k_htc_tx_process(struct ath9k_htc_priv *priv,
566 struct sk_buff *skb,
567 struct __wmi_event_txstatus *txs)
568 {
569 struct ieee80211_vif *vif;
570 struct ath9k_htc_tx_ctl *tx_ctl;
571 struct ieee80211_tx_info *tx_info;
572 struct ieee80211_tx_rate *rate;
573 struct ieee80211_conf *cur_conf = &priv->hw->conf;
574 bool txok;
575 int slot;
576 int hdrlen, padsize;
577
578 slot = strip_drv_header(priv, skb);
579 if (slot < 0) {
580 dev_kfree_skb_any(skb);
581 return;
582 }
583
584 tx_ctl = HTC_SKB_CB(skb);
585 txok = tx_ctl->txok;
586 tx_info = IEEE80211_SKB_CB(skb);
587 vif = tx_info->control.vif;
588 rate = &tx_info->status.rates[0];
589
590 memset(&tx_info->status, 0, sizeof(tx_info->status));
591
592 /*
593 * URB submission failed for this frame, it never reached
594 * the target.
595 */
596 if (!txok || !vif || !txs)
597 goto send_mac80211;
598
599 if (txs->ts_flags & ATH9K_HTC_TXSTAT_ACK) {
600 tx_info->flags |= IEEE80211_TX_STAT_ACK;
601 if (tx_info->flags & IEEE80211_TX_CTL_AMPDU)
602 tx_info->flags |= IEEE80211_TX_STAT_AMPDU;
603 }
604
605 if (txs->ts_flags & ATH9K_HTC_TXSTAT_FILT)
606 tx_info->flags |= IEEE80211_TX_STAT_TX_FILTERED;
607
608 if (txs->ts_flags & ATH9K_HTC_TXSTAT_RTC_CTS)
609 rate->flags |= IEEE80211_TX_RC_USE_RTS_CTS;
610
611 rate->count = 1;
612 rate->idx = MS(txs->ts_rate, ATH9K_HTC_TXSTAT_RATE);
613
614 if (txs->ts_flags & ATH9K_HTC_TXSTAT_MCS) {
615 rate->flags |= IEEE80211_TX_RC_MCS;
616
617 if (txs->ts_flags & ATH9K_HTC_TXSTAT_CW40)
618 rate->flags |= IEEE80211_TX_RC_40_MHZ_WIDTH;
619 if (txs->ts_flags & ATH9K_HTC_TXSTAT_SGI)
620 rate->flags |= IEEE80211_TX_RC_SHORT_GI;
621 } else {
622 if (cur_conf->chandef.chan->band == IEEE80211_BAND_5GHZ)
623 rate->idx += 4; /* No CCK rates */
624 }
625
626 ath9k_htc_check_tx_aggr(priv, vif, skb);
627
628 send_mac80211:
629 spin_lock_bh(&priv->tx.tx_lock);
630 if (WARN_ON(--priv->tx.queued_cnt < 0))
631 priv->tx.queued_cnt = 0;
632 spin_unlock_bh(&priv->tx.tx_lock);
633
634 ath9k_htc_tx_clear_slot(priv, slot);
635
636 /* Remove padding before handing frame back to mac80211 */
637 hdrlen = ieee80211_get_hdrlen_from_skb(skb);
638
639 padsize = hdrlen & 3;
640 if (padsize && skb->len > hdrlen + padsize) {
641 memmove(skb->data + padsize, skb->data, hdrlen);
642 skb_pull(skb, padsize);
643 }
644
645 /* Send status to mac80211 */
646 ieee80211_tx_status(priv->hw, skb);
647 }
648
649 static inline void ath9k_htc_tx_drainq(struct ath9k_htc_priv *priv,
650 struct sk_buff_head *queue)
651 {
652 struct sk_buff *skb;
653
654 while ((skb = skb_dequeue(queue)) != NULL) {
655 ath9k_htc_tx_process(priv, skb, NULL);
656 }
657 }
658
659 void ath9k_htc_tx_drain(struct ath9k_htc_priv *priv)
660 {
661 struct ath9k_htc_tx_event *event, *tmp;
662
663 spin_lock_bh(&priv->tx.tx_lock);
664 priv->tx.flags |= ATH9K_HTC_OP_TX_DRAIN;
665 spin_unlock_bh(&priv->tx.tx_lock);
666
667 /*
668 * Ensure that all pending TX frames are flushed,
669 * and that the TX completion/failed tasklets is killed.
670 */
671 htc_stop(priv->htc);
672 tasklet_kill(&priv->wmi->wmi_event_tasklet);
673 tasklet_kill(&priv->tx_failed_tasklet);
674
675 ath9k_htc_tx_drainq(priv, &priv->tx.mgmt_ep_queue);
676 ath9k_htc_tx_drainq(priv, &priv->tx.cab_ep_queue);
677 ath9k_htc_tx_drainq(priv, &priv->tx.data_be_queue);
678 ath9k_htc_tx_drainq(priv, &priv->tx.data_bk_queue);
679 ath9k_htc_tx_drainq(priv, &priv->tx.data_vi_queue);
680 ath9k_htc_tx_drainq(priv, &priv->tx.data_vo_queue);
681 ath9k_htc_tx_drainq(priv, &priv->tx.tx_failed);
682
683 /*
684 * The TX cleanup timer has already been killed.
685 */
686 spin_lock_bh(&priv->wmi->event_lock);
687 list_for_each_entry_safe(event, tmp, &priv->wmi->pending_tx_events, list) {
688 list_del(&event->list);
689 kfree(event);
690 }
691 spin_unlock_bh(&priv->wmi->event_lock);
692
693 spin_lock_bh(&priv->tx.tx_lock);
694 priv->tx.flags &= ~ATH9K_HTC_OP_TX_DRAIN;
695 spin_unlock_bh(&priv->tx.tx_lock);
696 }
697
698 void ath9k_tx_failed_tasklet(unsigned long data)
699 {
700 struct ath9k_htc_priv *priv = (struct ath9k_htc_priv *)data;
701
702 spin_lock_bh(&priv->tx.tx_lock);
703 if (priv->tx.flags & ATH9K_HTC_OP_TX_DRAIN) {
704 spin_unlock_bh(&priv->tx.tx_lock);
705 return;
706 }
707 spin_unlock_bh(&priv->tx.tx_lock);
708
709 ath9k_htc_tx_drainq(priv, &priv->tx.tx_failed);
710 }
711
712 static inline bool check_cookie(struct ath9k_htc_priv *priv,
713 struct sk_buff *skb,
714 u8 cookie, u8 epid)
715 {
716 u8 fcookie = 0;
717
718 if (epid == priv->mgmt_ep) {
719 struct tx_mgmt_hdr *hdr;
720 hdr = (struct tx_mgmt_hdr *) skb->data;
721 fcookie = hdr->cookie;
722 } else if ((epid == priv->data_bk_ep) ||
723 (epid == priv->data_be_ep) ||
724 (epid == priv->data_vi_ep) ||
725 (epid == priv->data_vo_ep) ||
726 (epid == priv->cab_ep)) {
727 struct tx_frame_hdr *hdr;
728 hdr = (struct tx_frame_hdr *) skb->data;
729 fcookie = hdr->cookie;
730 }
731
732 if (fcookie == cookie)
733 return true;
734
735 return false;
736 }
737
738 static struct sk_buff* ath9k_htc_tx_get_packet(struct ath9k_htc_priv *priv,
739 struct __wmi_event_txstatus *txs)
740 {
741 struct ath_common *common = ath9k_hw_common(priv->ah);
742 struct sk_buff_head *epid_queue;
743 struct sk_buff *skb, *tmp;
744 unsigned long flags;
745 u8 epid = MS(txs->ts_rate, ATH9K_HTC_TXSTAT_EPID);
746
747 epid_queue = get_htc_epid_queue(priv, epid);
748 if (!epid_queue)
749 return NULL;
750
751 spin_lock_irqsave(&epid_queue->lock, flags);
752 skb_queue_walk_safe(epid_queue, skb, tmp) {
753 if (check_cookie(priv, skb, txs->cookie, epid)) {
754 __skb_unlink(skb, epid_queue);
755 spin_unlock_irqrestore(&epid_queue->lock, flags);
756 return skb;
757 }
758 }
759 spin_unlock_irqrestore(&epid_queue->lock, flags);
760
761 ath_dbg(common, XMIT, "No matching packet for cookie: %d, epid: %d\n",
762 txs->cookie, epid);
763
764 return NULL;
765 }
766
767 void ath9k_htc_txstatus(struct ath9k_htc_priv *priv, void *wmi_event)
768 {
769 struct wmi_event_txstatus *txs = (struct wmi_event_txstatus *)wmi_event;
770 struct __wmi_event_txstatus *__txs;
771 struct sk_buff *skb;
772 struct ath9k_htc_tx_event *tx_pend;
773 int i;
774
775 for (i = 0; i < txs->cnt; i++) {
776 WARN_ON(txs->cnt > HTC_MAX_TX_STATUS);
777
778 __txs = &txs->txstatus[i];
779
780 skb = ath9k_htc_tx_get_packet(priv, __txs);
781 if (!skb) {
782 /*
783 * Store this event, so that the TX cleanup
784 * routine can check later for the needed packet.
785 */
786 tx_pend = kzalloc(sizeof(struct ath9k_htc_tx_event),
787 GFP_ATOMIC);
788 if (!tx_pend)
789 continue;
790
791 memcpy(&tx_pend->txs, __txs,
792 sizeof(struct __wmi_event_txstatus));
793
794 spin_lock(&priv->wmi->event_lock);
795 list_add_tail(&tx_pend->list,
796 &priv->wmi->pending_tx_events);
797 spin_unlock(&priv->wmi->event_lock);
798
799 continue;
800 }
801
802 ath9k_htc_tx_process(priv, skb, __txs);
803 }
804
805 /* Wake TX queues if needed */
806 ath9k_htc_check_wake_queues(priv);
807 }
808
809 void ath9k_htc_txep(void *drv_priv, struct sk_buff *skb,
810 enum htc_endpoint_id ep_id, bool txok)
811 {
812 struct ath9k_htc_priv *priv = (struct ath9k_htc_priv *) drv_priv;
813 struct ath9k_htc_tx_ctl *tx_ctl;
814 struct sk_buff_head *epid_queue;
815
816 tx_ctl = HTC_SKB_CB(skb);
817 tx_ctl->txok = txok;
818 tx_ctl->timestamp = jiffies;
819
820 if (!txok) {
821 skb_queue_tail(&priv->tx.tx_failed, skb);
822 tasklet_schedule(&priv->tx_failed_tasklet);
823 return;
824 }
825
826 epid_queue = get_htc_epid_queue(priv, ep_id);
827 if (!epid_queue) {
828 dev_kfree_skb_any(skb);
829 return;
830 }
831
832 skb_queue_tail(epid_queue, skb);
833 }
834
835 static inline bool check_packet(struct ath9k_htc_priv *priv, struct sk_buff *skb)
836 {
837 struct ath_common *common = ath9k_hw_common(priv->ah);
838 struct ath9k_htc_tx_ctl *tx_ctl;
839
840 tx_ctl = HTC_SKB_CB(skb);
841
842 if (time_after(jiffies,
843 tx_ctl->timestamp +
844 msecs_to_jiffies(ATH9K_HTC_TX_TIMEOUT_INTERVAL))) {
845 ath_dbg(common, XMIT, "Dropping a packet due to TX timeout\n");
846 return true;
847 }
848
849 return false;
850 }
851
852 static void ath9k_htc_tx_cleanup_queue(struct ath9k_htc_priv *priv,
853 struct sk_buff_head *epid_queue)
854 {
855 bool process = false;
856 unsigned long flags;
857 struct sk_buff *skb, *tmp;
858 struct sk_buff_head queue;
859
860 skb_queue_head_init(&queue);
861
862 spin_lock_irqsave(&epid_queue->lock, flags);
863 skb_queue_walk_safe(epid_queue, skb, tmp) {
864 if (check_packet(priv, skb)) {
865 __skb_unlink(skb, epid_queue);
866 __skb_queue_tail(&queue, skb);
867 process = true;
868 }
869 }
870 spin_unlock_irqrestore(&epid_queue->lock, flags);
871
872 if (process) {
873 skb_queue_walk_safe(&queue, skb, tmp) {
874 __skb_unlink(skb, &queue);
875 ath9k_htc_tx_process(priv, skb, NULL);
876 }
877 }
878 }
879
880 void ath9k_htc_tx_cleanup_timer(unsigned long data)
881 {
882 struct ath9k_htc_priv *priv = (struct ath9k_htc_priv *) data;
883 struct ath_common *common = ath9k_hw_common(priv->ah);
884 struct ath9k_htc_tx_event *event, *tmp;
885 struct sk_buff *skb;
886
887 spin_lock(&priv->wmi->event_lock);
888 list_for_each_entry_safe(event, tmp, &priv->wmi->pending_tx_events, list) {
889
890 skb = ath9k_htc_tx_get_packet(priv, &event->txs);
891 if (skb) {
892 ath_dbg(common, XMIT,
893 "Found packet for cookie: %d, epid: %d\n",
894 event->txs.cookie,
895 MS(event->txs.ts_rate, ATH9K_HTC_TXSTAT_EPID));
896
897 ath9k_htc_tx_process(priv, skb, &event->txs);
898 list_del(&event->list);
899 kfree(event);
900 continue;
901 }
902
903 if (++event->count >= ATH9K_HTC_TX_TIMEOUT_COUNT) {
904 list_del(&event->list);
905 kfree(event);
906 }
907 }
908 spin_unlock(&priv->wmi->event_lock);
909
910 /*
911 * Check if status-pending packets have to be cleaned up.
912 */
913 ath9k_htc_tx_cleanup_queue(priv, &priv->tx.mgmt_ep_queue);
914 ath9k_htc_tx_cleanup_queue(priv, &priv->tx.cab_ep_queue);
915 ath9k_htc_tx_cleanup_queue(priv, &priv->tx.data_be_queue);
916 ath9k_htc_tx_cleanup_queue(priv, &priv->tx.data_bk_queue);
917 ath9k_htc_tx_cleanup_queue(priv, &priv->tx.data_vi_queue);
918 ath9k_htc_tx_cleanup_queue(priv, &priv->tx.data_vo_queue);
919
920 /* Wake TX queues if needed */
921 ath9k_htc_check_wake_queues(priv);
922
923 mod_timer(&priv->tx.cleanup_timer,
924 jiffies + msecs_to_jiffies(ATH9K_HTC_TX_CLEANUP_INTERVAL));
925 }
926
927 int ath9k_tx_init(struct ath9k_htc_priv *priv)
928 {
929 skb_queue_head_init(&priv->tx.mgmt_ep_queue);
930 skb_queue_head_init(&priv->tx.cab_ep_queue);
931 skb_queue_head_init(&priv->tx.data_be_queue);
932 skb_queue_head_init(&priv->tx.data_bk_queue);
933 skb_queue_head_init(&priv->tx.data_vi_queue);
934 skb_queue_head_init(&priv->tx.data_vo_queue);
935 skb_queue_head_init(&priv->tx.tx_failed);
936 return 0;
937 }
938
939 void ath9k_tx_cleanup(struct ath9k_htc_priv *priv)
940 {
941
942 }
943
944 bool ath9k_htc_txq_setup(struct ath9k_htc_priv *priv, int subtype)
945 {
946 struct ath_hw *ah = priv->ah;
947 struct ath_common *common = ath9k_hw_common(ah);
948 struct ath9k_tx_queue_info qi;
949 int qnum;
950
951 memset(&qi, 0, sizeof(qi));
952 ATH9K_HTC_INIT_TXQ(subtype);
953
954 qnum = ath9k_hw_setuptxqueue(priv->ah, ATH9K_TX_QUEUE_DATA, &qi);
955 if (qnum == -1)
956 return false;
957
958 if (qnum >= ARRAY_SIZE(priv->hwq_map)) {
959 ath_err(common, "qnum %u out of range, max %zu!\n",
960 qnum, ARRAY_SIZE(priv->hwq_map));
961 ath9k_hw_releasetxqueue(ah, qnum);
962 return false;
963 }
964
965 priv->hwq_map[subtype] = qnum;
966 return true;
967 }
968
969 int ath9k_htc_cabq_setup(struct ath9k_htc_priv *priv)
970 {
971 struct ath9k_tx_queue_info qi;
972
973 memset(&qi, 0, sizeof(qi));
974 ATH9K_HTC_INIT_TXQ(0);
975
976 return ath9k_hw_setuptxqueue(priv->ah, ATH9K_TX_QUEUE_CAB, &qi);
977 }
978
979 /******/
980 /* RX */
981 /******/
982
983 /*
984 * Calculate the RX filter to be set in the HW.
985 */
986 u32 ath9k_htc_calcrxfilter(struct ath9k_htc_priv *priv)
987 {
988 #define RX_FILTER_PRESERVE (ATH9K_RX_FILTER_PHYERR | ATH9K_RX_FILTER_PHYRADAR)
989
990 struct ath_hw *ah = priv->ah;
991 u32 rfilt;
992
993 rfilt = (ath9k_hw_getrxfilter(ah) & RX_FILTER_PRESERVE)
994 | ATH9K_RX_FILTER_UCAST | ATH9K_RX_FILTER_BCAST
995 | ATH9K_RX_FILTER_MCAST;
996
997 if (priv->rxfilter & FIF_PROBE_REQ)
998 rfilt |= ATH9K_RX_FILTER_PROBEREQ;
999
1000 if (ah->is_monitoring)
1001 rfilt |= ATH9K_RX_FILTER_PROM;
1002
1003 if (priv->rxfilter & FIF_CONTROL)
1004 rfilt |= ATH9K_RX_FILTER_CONTROL;
1005
1006 if ((ah->opmode == NL80211_IFTYPE_STATION) &&
1007 (priv->nvifs <= 1) &&
1008 !(priv->rxfilter & FIF_BCN_PRBRESP_PROMISC))
1009 rfilt |= ATH9K_RX_FILTER_MYBEACON;
1010 else
1011 rfilt |= ATH9K_RX_FILTER_BEACON;
1012
1013 if (conf_is_ht(&priv->hw->conf)) {
1014 rfilt |= ATH9K_RX_FILTER_COMP_BAR;
1015 rfilt |= ATH9K_RX_FILTER_UNCOMP_BA_BAR;
1016 }
1017
1018 if (priv->rxfilter & FIF_PSPOLL)
1019 rfilt |= ATH9K_RX_FILTER_PSPOLL;
1020
1021 if (priv->nvifs > 1 || priv->rxfilter & FIF_OTHER_BSS)
1022 rfilt |= ATH9K_RX_FILTER_MCAST_BCAST_ALL;
1023
1024 return rfilt;
1025
1026 #undef RX_FILTER_PRESERVE
1027 }
1028
1029 /*
1030 * Recv initialization for opmode change.
1031 */
1032 static void ath9k_htc_opmode_init(struct ath9k_htc_priv *priv)
1033 {
1034 struct ath_hw *ah = priv->ah;
1035 u32 rfilt, mfilt[2];
1036
1037 /* configure rx filter */
1038 rfilt = ath9k_htc_calcrxfilter(priv);
1039 ath9k_hw_setrxfilter(ah, rfilt);
1040
1041 /* calculate and install multicast filter */
1042 mfilt[0] = mfilt[1] = ~0;
1043 ath9k_hw_setmcastfilter(ah, mfilt[0], mfilt[1]);
1044 }
1045
1046 void ath9k_host_rx_init(struct ath9k_htc_priv *priv)
1047 {
1048 struct ath_common *common = ath9k_hw_common(priv->ah);
1049 ath9k_hw_rxena(priv->ah);
1050 ath9k_htc_opmode_init(priv);
1051 ath9k_hw_startpcureceive(priv->ah, test_bit(ATH_OP_SCANNING, &common->op_flags));
1052 }
1053
1054 static inline void convert_htc_flag(struct ath_rx_status *rx_stats,
1055 struct ath_htc_rx_status *rxstatus)
1056 {
1057 rx_stats->flag = 0;
1058 if (rxstatus->rs_flags & ATH9K_RX_2040)
1059 rx_stats->flag |= RX_FLAG_40MHZ;
1060 if (rxstatus->rs_flags & ATH9K_RX_GI)
1061 rx_stats->flag |= RX_FLAG_SHORT_GI;
1062 }
1063
1064 static void rx_status_htc_to_ath(struct ath_rx_status *rx_stats,
1065 struct ath_htc_rx_status *rxstatus)
1066 {
1067 rx_stats->rs_datalen = be16_to_cpu(rxstatus->rs_datalen);
1068 rx_stats->rs_status = rxstatus->rs_status;
1069 rx_stats->rs_phyerr = rxstatus->rs_phyerr;
1070 rx_stats->rs_rssi = rxstatus->rs_rssi;
1071 rx_stats->rs_keyix = rxstatus->rs_keyix;
1072 rx_stats->rs_rate = rxstatus->rs_rate;
1073 rx_stats->rs_antenna = rxstatus->rs_antenna;
1074 rx_stats->rs_more = rxstatus->rs_more;
1075
1076 memcpy(rx_stats->rs_rssi_ctl, rxstatus->rs_rssi_ctl,
1077 sizeof(rx_stats->rs_rssi_ctl));
1078 memcpy(rx_stats->rs_rssi_ext, rxstatus->rs_rssi_ext,
1079 sizeof(rx_stats->rs_rssi_ext));
1080
1081 rx_stats->rs_isaggr = rxstatus->rs_isaggr;
1082 rx_stats->rs_moreaggr = rxstatus->rs_moreaggr;
1083 rx_stats->rs_num_delims = rxstatus->rs_num_delims;
1084 convert_htc_flag(rx_stats, rxstatus);
1085 }
1086
1087 static bool ath9k_rx_prepare(struct ath9k_htc_priv *priv,
1088 struct ath9k_htc_rxbuf *rxbuf,
1089 struct ieee80211_rx_status *rx_status)
1090
1091 {
1092 struct ieee80211_hdr *hdr;
1093 struct ieee80211_hw *hw = priv->hw;
1094 struct sk_buff *skb = rxbuf->skb;
1095 struct ath_common *common = ath9k_hw_common(priv->ah);
1096 struct ath_hw *ah = common->ah;
1097 struct ath_htc_rx_status *rxstatus;
1098 struct ath_rx_status rx_stats;
1099 bool decrypt_error = false;
1100
1101 if (skb->len < HTC_RX_FRAME_HEADER_SIZE) {
1102 ath_err(common, "Corrupted RX frame, dropping (len: %d)\n",
1103 skb->len);
1104 goto rx_next;
1105 }
1106
1107 rxstatus = (struct ath_htc_rx_status *)skb->data;
1108
1109 if (be16_to_cpu(rxstatus->rs_datalen) -
1110 (skb->len - HTC_RX_FRAME_HEADER_SIZE) != 0) {
1111 ath_err(common,
1112 "Corrupted RX data len, dropping (dlen: %d, skblen: %d)\n",
1113 rxstatus->rs_datalen, skb->len);
1114 goto rx_next;
1115 }
1116
1117 /* Get the RX status information */
1118
1119 memset(rx_status, 0, sizeof(struct ieee80211_rx_status));
1120
1121 /* Copy everything from ath_htc_rx_status (HTC_RX_FRAME_HEADER).
1122 * After this, we can drop this part of skb. */
1123 rx_status_htc_to_ath(&rx_stats, rxstatus);
1124 ath9k_htc_err_stat_rx(priv, &rx_stats);
1125 rx_status->mactime = be64_to_cpu(rxstatus->rs_tstamp);
1126 skb_pull(skb, HTC_RX_FRAME_HEADER_SIZE);
1127
1128 /*
1129 * everything but the rate is checked here, the rate check is done
1130 * separately to avoid doing two lookups for a rate for each frame.
1131 */
1132 hdr = (struct ieee80211_hdr *)skb->data;
1133
1134 /*
1135 * Process PHY errors and return so that the packet
1136 * can be dropped.
1137 */
1138 if (rx_stats.rs_status & ATH9K_RXERR_PHY) {
1139 /* TODO: Not using DFS processing now. */
1140 if (ath_cmn_process_fft(&priv->spec_priv, hdr,
1141 &rx_stats, rx_status->mactime)) {
1142 /* TODO: Code to collect spectral scan statistics */
1143 }
1144 goto rx_next;
1145 }
1146
1147 if (!ath9k_cmn_rx_accept(common, hdr, rx_status, &rx_stats,
1148 &decrypt_error, priv->rxfilter))
1149 goto rx_next;
1150
1151 ath9k_cmn_rx_skb_postprocess(common, skb, &rx_stats,
1152 rx_status, decrypt_error);
1153
1154 if (ath9k_cmn_process_rate(common, hw, &rx_stats, rx_status))
1155 goto rx_next;
1156
1157 rx_stats.is_mybeacon = ath_is_mybeacon(common, hdr);
1158 ath9k_cmn_process_rssi(common, hw, &rx_stats, rx_status);
1159
1160 rx_status->band = ah->curchan->chan->band;
1161 rx_status->freq = ah->curchan->chan->center_freq;
1162 rx_status->antenna = rx_stats.rs_antenna;
1163 rx_status->flag |= RX_FLAG_MACTIME_END;
1164
1165 return true;
1166 rx_next:
1167 return false;
1168 }
1169
1170 /*
1171 * FIXME: Handle FLUSH later on.
1172 */
1173 void ath9k_rx_tasklet(unsigned long data)
1174 {
1175 struct ath9k_htc_priv *priv = (struct ath9k_htc_priv *)data;
1176 struct ath9k_htc_rxbuf *rxbuf = NULL, *tmp_buf = NULL;
1177 struct ieee80211_rx_status rx_status;
1178 struct sk_buff *skb;
1179 unsigned long flags;
1180 struct ieee80211_hdr *hdr;
1181
1182 do {
1183 spin_lock_irqsave(&priv->rx.rxbuflock, flags);
1184 list_for_each_entry(tmp_buf, &priv->rx.rxbuf, list) {
1185 if (tmp_buf->in_process) {
1186 rxbuf = tmp_buf;
1187 break;
1188 }
1189 }
1190
1191 if (rxbuf == NULL) {
1192 spin_unlock_irqrestore(&priv->rx.rxbuflock, flags);
1193 break;
1194 }
1195
1196 if (!rxbuf->skb)
1197 goto requeue;
1198
1199 if (!ath9k_rx_prepare(priv, rxbuf, &rx_status)) {
1200 dev_kfree_skb_any(rxbuf->skb);
1201 goto requeue;
1202 }
1203
1204 memcpy(IEEE80211_SKB_RXCB(rxbuf->skb), &rx_status,
1205 sizeof(struct ieee80211_rx_status));
1206 skb = rxbuf->skb;
1207 hdr = (struct ieee80211_hdr *) skb->data;
1208
1209 if (ieee80211_is_beacon(hdr->frame_control) && priv->ps_enabled)
1210 ieee80211_queue_work(priv->hw, &priv->ps_work);
1211
1212 spin_unlock_irqrestore(&priv->rx.rxbuflock, flags);
1213
1214 ieee80211_rx(priv->hw, skb);
1215
1216 spin_lock_irqsave(&priv->rx.rxbuflock, flags);
1217 requeue:
1218 rxbuf->in_process = false;
1219 rxbuf->skb = NULL;
1220 list_move_tail(&rxbuf->list, &priv->rx.rxbuf);
1221 rxbuf = NULL;
1222 spin_unlock_irqrestore(&priv->rx.rxbuflock, flags);
1223 } while (1);
1224
1225 }
1226
1227 void ath9k_htc_rxep(void *drv_priv, struct sk_buff *skb,
1228 enum htc_endpoint_id ep_id)
1229 {
1230 struct ath9k_htc_priv *priv = (struct ath9k_htc_priv *)drv_priv;
1231 struct ath_hw *ah = priv->ah;
1232 struct ath_common *common = ath9k_hw_common(ah);
1233 struct ath9k_htc_rxbuf *rxbuf = NULL, *tmp_buf = NULL;
1234
1235 spin_lock(&priv->rx.rxbuflock);
1236 list_for_each_entry(tmp_buf, &priv->rx.rxbuf, list) {
1237 if (!tmp_buf->in_process) {
1238 rxbuf = tmp_buf;
1239 break;
1240 }
1241 }
1242 spin_unlock(&priv->rx.rxbuflock);
1243
1244 if (rxbuf == NULL) {
1245 ath_dbg(common, ANY, "No free RX buffer\n");
1246 goto err;
1247 }
1248
1249 spin_lock(&priv->rx.rxbuflock);
1250 rxbuf->skb = skb;
1251 rxbuf->in_process = true;
1252 spin_unlock(&priv->rx.rxbuflock);
1253
1254 tasklet_schedule(&priv->rx_tasklet);
1255 return;
1256 err:
1257 dev_kfree_skb_any(skb);
1258 }
1259
1260 /* FIXME: Locking for cleanup/init */
1261
1262 void ath9k_rx_cleanup(struct ath9k_htc_priv *priv)
1263 {
1264 struct ath9k_htc_rxbuf *rxbuf, *tbuf;
1265
1266 list_for_each_entry_safe(rxbuf, tbuf, &priv->rx.rxbuf, list) {
1267 list_del(&rxbuf->list);
1268 if (rxbuf->skb)
1269 dev_kfree_skb_any(rxbuf->skb);
1270 kfree(rxbuf);
1271 }
1272 }
1273
1274 int ath9k_rx_init(struct ath9k_htc_priv *priv)
1275 {
1276 int i = 0;
1277
1278 INIT_LIST_HEAD(&priv->rx.rxbuf);
1279 spin_lock_init(&priv->rx.rxbuflock);
1280
1281 for (i = 0; i < ATH9K_HTC_RXBUF; i++) {
1282 struct ath9k_htc_rxbuf *rxbuf =
1283 kzalloc(sizeof(struct ath9k_htc_rxbuf), GFP_KERNEL);
1284 if (rxbuf == NULL)
1285 goto err;
1286
1287 list_add_tail(&rxbuf->list, &priv->rx.rxbuf);
1288 }
1289
1290 return 0;
1291
1292 err:
1293 ath9k_rx_cleanup(priv);
1294 return -ENOMEM;
1295 }
1296
1297 #line 125 "/work/ldvuser/andrianov/work/current--X--drivers/net/wireless/ath/ath9k/--X--defaultlinux-4.5-rc7--X--races--X--cpachecker/linux-4.5-rc7/csd_deg_dscv/74/dscv_tempdir/dscv/ri/races/drivers/net/wireless/ath/ath9k/htc_drv_txrx.o.c.prepared" 1 /*
2 * Copyright (c) 2010-2011 Atheros Communications Inc.
3 *
4 * Permission to use, copy, modify, and/or distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice appear in all copies.
7 *
8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15 */
16
17 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
18
19 #include "htc.h"
20
21 static int htc_issue_send(struct htc_target *target, struct sk_buff* skb,
22 u16 len, u8 flags, u8 epid)
23
24 {
25 struct htc_frame_hdr *hdr;
26 struct htc_endpoint *endpoint = &target->endpoint[epid];
27 int status;
28
29 hdr = (struct htc_frame_hdr *)
30 skb_push(skb, sizeof(struct htc_frame_hdr));
31 hdr->endpoint_id = epid;
32 hdr->flags = flags;
33 hdr->payload_len = cpu_to_be16(len);
34
35 status = target->hif->send(target->hif_dev, endpoint->ul_pipeid, skb);
36
37 return status;
38 }
39
40 static struct htc_endpoint *get_next_avail_ep(struct htc_endpoint *endpoint)
41 {
42 enum htc_endpoint_id avail_epid;
43
44 for (avail_epid = (ENDPOINT_MAX - 1); avail_epid > ENDPOINT0; avail_epid--)
45 if (endpoint[avail_epid].service_id == 0)
46 return &endpoint[avail_epid];
47 return NULL;
48 }
49
50 static u8 service_to_ulpipe(u16 service_id)
51 {
52 switch (service_id) {
53 case WMI_CONTROL_SVC:
54 return 4;
55 case WMI_BEACON_SVC:
56 case WMI_CAB_SVC:
57 case WMI_UAPSD_SVC:
58 case WMI_MGMT_SVC:
59 case WMI_DATA_VO_SVC:
60 case WMI_DATA_VI_SVC:
61 case WMI_DATA_BE_SVC:
62 case WMI_DATA_BK_SVC:
63 return 1;
64 default:
65 return 0;
66 }
67 }
68
69 static u8 service_to_dlpipe(u16 service_id)
70 {
71 switch (service_id) {
72 case WMI_CONTROL_SVC:
73 return 3;
74 case WMI_BEACON_SVC:
75 case WMI_CAB_SVC:
76 case WMI_UAPSD_SVC:
77 case WMI_MGMT_SVC:
78 case WMI_DATA_VO_SVC:
79 case WMI_DATA_VI_SVC:
80 case WMI_DATA_BE_SVC:
81 case WMI_DATA_BK_SVC:
82 return 2;
83 default:
84 return 0;
85 }
86 }
87
88 static void htc_process_target_rdy(struct htc_target *target,
89 void *buf)
90 {
91 struct htc_endpoint *endpoint;
92 struct htc_ready_msg *htc_ready_msg = (struct htc_ready_msg *) buf;
93
94 target->credit_size = be16_to_cpu(htc_ready_msg->credit_size);
95
96 endpoint = &target->endpoint[ENDPOINT0];
97 endpoint->service_id = HTC_CTRL_RSVD_SVC;
98 endpoint->max_msglen = HTC_MAX_CONTROL_MESSAGE_LENGTH;
99 atomic_inc(&target->tgt_ready);
100 complete(&target->target_wait);
101 }
102
103 static void htc_process_conn_rsp(struct htc_target *target,
104 struct htc_frame_hdr *htc_hdr)
105 {
106 struct htc_conn_svc_rspmsg *svc_rspmsg;
107 struct htc_endpoint *endpoint, *tmp_endpoint = NULL;
108 u16 service_id;
109 u16 max_msglen;
110 enum htc_endpoint_id epid, tepid;
111
112 svc_rspmsg = (struct htc_conn_svc_rspmsg *)
113 ((void *) htc_hdr + sizeof(struct htc_frame_hdr));
114
115 if (svc_rspmsg->status == HTC_SERVICE_SUCCESS) {
116 epid = svc_rspmsg->endpoint_id;
117 service_id = be16_to_cpu(svc_rspmsg->service_id);
118 max_msglen = be16_to_cpu(svc_rspmsg->max_msg_len);
119 endpoint = &target->endpoint[epid];
120
121 for (tepid = (ENDPOINT_MAX - 1); tepid > ENDPOINT0; tepid--) {
122 tmp_endpoint = &target->endpoint[tepid];
123 if (tmp_endpoint->service_id == service_id) {
124 tmp_endpoint->service_id = 0;
125 break;
126 }
127 }
128
129 if (tepid == ENDPOINT0)
130 return;
131
132 endpoint->service_id = service_id;
133 endpoint->max_txqdepth = tmp_endpoint->max_txqdepth;
134 endpoint->ep_callbacks = tmp_endpoint->ep_callbacks;
135 endpoint->ul_pipeid = tmp_endpoint->ul_pipeid;
136 endpoint->dl_pipeid = tmp_endpoint->dl_pipeid;
137 endpoint->max_msglen = max_msglen;
138 target->conn_rsp_epid = epid;
139 complete(&target->cmd_wait);
140 } else {
141 target->conn_rsp_epid = ENDPOINT_UNUSED;
142 }
143 }
144
145 static int htc_config_pipe_credits(struct htc_target *target)
146 {
147 struct sk_buff *skb;
148 struct htc_config_pipe_msg *cp_msg;
149 int ret;
150 unsigned long time_left;
151
152 skb = alloc_skb(50 + sizeof(struct htc_frame_hdr), GFP_ATOMIC);
153 if (!skb) {
154 dev_err(target->dev, "failed to allocate send buffer\n");
155 return -ENOMEM;
156 }
157 skb_reserve(skb, sizeof(struct htc_frame_hdr));
158
159 cp_msg = (struct htc_config_pipe_msg *)
160 skb_put(skb, sizeof(struct htc_config_pipe_msg));
161
162 cp_msg->message_id = cpu_to_be16(HTC_MSG_CONFIG_PIPE_ID);
163 cp_msg->pipe_id = USB_WLAN_TX_PIPE;
164 cp_msg->credits = target->credits;
165
166 target->htc_flags |= HTC_OP_CONFIG_PIPE_CREDITS;
167
168 ret = htc_issue_send(target, skb, skb->len, 0, ENDPOINT0);
169 if (ret)
170 goto err;
171
172 time_left = wait_for_completion_timeout(&target->cmd_wait, HZ);
173 if (!time_left) {
174 dev_err(target->dev, "HTC credit config timeout\n");
175 return -ETIMEDOUT;
176 }
177
178 return 0;
179 err:
180 kfree_skb(skb);
181 return -EINVAL;
182 }
183
184 static int htc_setup_complete(struct htc_target *target)
185 {
186 struct sk_buff *skb;
187 struct htc_comp_msg *comp_msg;
188 int ret = 0;
189 unsigned long time_left;
190
191 skb = alloc_skb(50 + sizeof(struct htc_frame_hdr), GFP_ATOMIC);
192 if (!skb) {
193 dev_err(target->dev, "failed to allocate send buffer\n");
194 return -ENOMEM;
195 }
196 skb_reserve(skb, sizeof(struct htc_frame_hdr));
197
198 comp_msg = (struct htc_comp_msg *)
199 skb_put(skb, sizeof(struct htc_comp_msg));
200 comp_msg->msg_id = cpu_to_be16(HTC_MSG_SETUP_COMPLETE_ID);
201
202 target->htc_flags |= HTC_OP_START_WAIT;
203
204 ret = htc_issue_send(target, skb, skb->len, 0, ENDPOINT0);
205 if (ret)
206 goto err;
207
208 time_left = wait_for_completion_timeout(&target->cmd_wait, HZ);
209 if (!time_left) {
210 dev_err(target->dev, "HTC start timeout\n");
211 return -ETIMEDOUT;
212 }
213
214 return 0;
215
216 err:
217 kfree_skb(skb);
218 return -EINVAL;
219 }
220
221 /* HTC APIs */
222
223 int htc_init(struct htc_target *target)
224 {
225 int ret;
226
227 ret = htc_config_pipe_credits(target);
228 if (ret)
229 return ret;
230
231 return htc_setup_complete(target);
232 }
233
234 int htc_connect_service(struct htc_target *target,
235 struct htc_service_connreq *service_connreq,
236 enum htc_endpoint_id *conn_rsp_epid)
237 {
238 struct sk_buff *skb;
239 struct htc_endpoint *endpoint;
240 struct htc_conn_svc_msg *conn_msg;
241 int ret;
242 unsigned long time_left;
243
244 /* Find an available endpoint */
245 endpoint = get_next_avail_ep(target->endpoint);
246 if (!endpoint) {
247 dev_err(target->dev, "Endpoint is not available for"
248 "service %d\n", service_connreq->service_id);
249 return -EINVAL;
250 }
251
252 endpoint->service_id = service_connreq->service_id;
253 endpoint->max_txqdepth = service_connreq->max_send_qdepth;
254 endpoint->ul_pipeid = service_to_ulpipe(service_connreq->service_id);
255 endpoint->dl_pipeid = service_to_dlpipe(service_connreq->service_id);
256 endpoint->ep_callbacks = service_connreq->ep_callbacks;
257
258 skb = alloc_skb(sizeof(struct htc_conn_svc_msg) +
259 sizeof(struct htc_frame_hdr), GFP_ATOMIC);
260 if (!skb) {
261 dev_err(target->dev, "Failed to allocate buf to send"
262 "service connect req\n");
263 return -ENOMEM;
264 }
265
266 skb_reserve(skb, sizeof(struct htc_frame_hdr));
267
268 conn_msg = (struct htc_conn_svc_msg *)
269 skb_put(skb, sizeof(struct htc_conn_svc_msg));
270 conn_msg->service_id = cpu_to_be16(service_connreq->service_id);
271 conn_msg->msg_id = cpu_to_be16(HTC_MSG_CONNECT_SERVICE_ID);
272 conn_msg->con_flags = cpu_to_be16(service_connreq->con_flags);
273 conn_msg->dl_pipeid = endpoint->dl_pipeid;
274 conn_msg->ul_pipeid = endpoint->ul_pipeid;
275
276 ret = htc_issue_send(target, skb, skb->len, 0, ENDPOINT0);
277 if (ret)
278 goto err;
279
280 time_left = wait_for_completion_timeout(&target->cmd_wait, HZ);
281 if (!time_left) {
282 dev_err(target->dev, "Service connection timeout for: %d\n",
283 service_connreq->service_id);
284 return -ETIMEDOUT;
285 }
286
287 *conn_rsp_epid = target->conn_rsp_epid;
288 return 0;
289 err:
290 kfree_skb(skb);
291 return ret;
292 }
293
294 int htc_send(struct htc_target *target, struct sk_buff *skb)
295 {
296 struct ath9k_htc_tx_ctl *tx_ctl;
297
298 tx_ctl = HTC_SKB_CB(skb);
299 return htc_issue_send(target, skb, skb->len, 0, tx_ctl->epid);
300 }
301
302 int htc_send_epid(struct htc_target *target, struct sk_buff *skb,
303 enum htc_endpoint_id epid)
304 {
305 return htc_issue_send(target, skb, skb->len, 0, epid);
306 }
307
308 void htc_stop(struct htc_target *target)
309 {
310 target->hif->stop(target->hif_dev);
311 }
312
313 void htc_start(struct htc_target *target)
314 {
315 target->hif->start(target->hif_dev);
316 }
317
318 void htc_sta_drain(struct htc_target *target, u8 idx)
319 {
320 target->hif->sta_drain(target->hif_dev, idx);
321 }
322
323 void ath9k_htc_txcompletion_cb(struct htc_target *htc_handle,
324 struct sk_buff *skb, bool txok)
325 {
326 struct htc_endpoint *endpoint;
327 struct htc_frame_hdr *htc_hdr = NULL;
328
329 if (htc_handle->htc_flags & HTC_OP_CONFIG_PIPE_CREDITS) {
330 complete(&htc_handle->cmd_wait);
331 htc_handle->htc_flags &= ~HTC_OP_CONFIG_PIPE_CREDITS;
332 goto ret;
333 }
334
335 if (htc_handle->htc_flags & HTC_OP_START_WAIT) {
336 complete(&htc_handle->cmd_wait);
337 htc_handle->htc_flags &= ~HTC_OP_START_WAIT;
338 goto ret;
339 }
340
341 if (skb) {
342 htc_hdr = (struct htc_frame_hdr *) skb->data;
343 endpoint = &htc_handle->endpoint[htc_hdr->endpoint_id];
344 skb_pull(skb, sizeof(struct htc_frame_hdr));
345
346 if (endpoint->ep_callbacks.tx) {
347 endpoint->ep_callbacks.tx(endpoint->ep_callbacks.priv,
348 skb, htc_hdr->endpoint_id,
349 txok);
350 } else {
351 kfree_skb(skb);
352 }
353 }
354
355 return;
356 ret:
357 kfree_skb(skb);
358 }
359
360 static void ath9k_htc_fw_panic_report(struct htc_target *htc_handle,
361 struct sk_buff *skb)
362 {
363 uint32_t *pattern = (uint32_t *)skb->data;
364
365 switch (*pattern) {
366 case 0x33221199:
367 {
368 struct htc_panic_bad_vaddr *htc_panic;
369 htc_panic = (struct htc_panic_bad_vaddr *) skb->data;
370 dev_err(htc_handle->dev, "ath: firmware panic! "
371 "exccause: 0x%08x; pc: 0x%08x; badvaddr: 0x%08x.\n",
372 htc_panic->exccause, htc_panic->pc,
373 htc_panic->badvaddr);
374 break;
375 }
376 case 0x33221299:
377 {
378 struct htc_panic_bad_epid *htc_panic;
379 htc_panic = (struct htc_panic_bad_epid *) skb->data;
380 dev_err(htc_handle->dev, "ath: firmware panic! "
381 "bad epid: 0x%08x\n", htc_panic->epid);
382 break;
383 }
384 default:
385 dev_err(htc_handle->dev, "ath: uknown panic pattern!\n");
386 break;
387 }
388 }
389
390 /*
391 * HTC Messages are handled directly here and the obtained SKB
392 * is freed.
393 *
394 * Service messages (Data, WMI) passed to the corresponding
395 * endpoint RX handlers, which have to free the SKB.
396 */
397 void ath9k_htc_rx_msg(struct htc_target *htc_handle,
398 struct sk_buff *skb, u32 len, u8 pipe_id)
399 {
400 struct htc_frame_hdr *htc_hdr;
401 enum htc_endpoint_id epid;
402 struct htc_endpoint *endpoint;
403 __be16 *msg_id;
404
405 if (!htc_handle || !skb)
406 return;
407
408 htc_hdr = (struct htc_frame_hdr *) skb->data;
409 epid = htc_hdr->endpoint_id;
410
411 if (epid == 0x99) {
412 ath9k_htc_fw_panic_report(htc_handle, skb);
413 kfree_skb(skb);
414 return;
415 }
416
417 if (epid < 0 || epid >= ENDPOINT_MAX) {
418 if (pipe_id != USB_REG_IN_PIPE)
419 dev_kfree_skb_any(skb);
420 else
421 kfree_skb(skb);
422 return;
423 }
424
425 if (epid == ENDPOINT0) {
426
427 /* Handle trailer */
428 if (htc_hdr->flags & HTC_FLAGS_RECV_TRAILER) {
429 if (be32_to_cpu(*(__be32 *) skb->data) == 0x00C60000)
430 /* Move past the Watchdog pattern */
431 htc_hdr = (struct htc_frame_hdr *)(skb->data + 4);
432 }
433
434 /* Get the message ID */
435 msg_id = (__be16 *) ((void *) htc_hdr +
436 sizeof(struct htc_frame_hdr));
437
438 /* Now process HTC messages */
439 switch (be16_to_cpu(*msg_id)) {
440 case HTC_MSG_READY_ID:
441 htc_process_target_rdy(htc_handle, htc_hdr);
442 break;
443 case HTC_MSG_CONNECT_SERVICE_RESPONSE_ID:
444 htc_process_conn_rsp(htc_handle, htc_hdr);
445 break;
446 default:
447 break;
448 }
449
450 kfree_skb(skb);
451
452 } else {
453 if (htc_hdr->flags & HTC_FLAGS_RECV_TRAILER)
454 skb_trim(skb, len - htc_hdr->control[0]);
455
456 skb_pull(skb, sizeof(struct htc_frame_hdr));
457
458 endpoint = &htc_handle->endpoint[epid];
459 if (endpoint->ep_callbacks.rx)
460 endpoint->ep_callbacks.rx(endpoint->ep_callbacks.priv,
461 skb, epid);
462 }
463 }
464
465 struct htc_target *ath9k_htc_hw_alloc(void *hif_handle,
466 struct ath9k_htc_hif *hif,
467 struct device *dev)
468 {
469 struct htc_endpoint *endpoint;
470 struct htc_target *target;
471
472 target = kzalloc(sizeof(struct htc_target), GFP_KERNEL);
473 if (!target)
474 return NULL;
475
476 init_completion(&target->target_wait);
477 init_completion(&target->cmd_wait);
478
479 target->hif = hif;
480 target->hif_dev = hif_handle;
481 target->dev = dev;
482
483 /* Assign control endpoint pipe IDs */
484 endpoint = &target->endpoint[ENDPOINT0];
485 endpoint->ul_pipeid = hif->control_ul_pipe;
486 endpoint->dl_pipeid = hif->control_dl_pipe;
487
488 atomic_set(&target->tgt_ready, 0);
489
490 return target;
491 }
492
493 void ath9k_htc_hw_free(struct htc_target *htc)
494 {
495 kfree(htc);
496 }
497
498 int ath9k_htc_hw_init(struct htc_target *target,
499 struct device *dev, u16 devid,
500 char *product, u32 drv_info)
501 {
502 if (ath9k_htc_probe_device(target, dev, devid, product, drv_info)) {
503 pr_err("Failed to initialize the device\n");
504 return -ENODEV;
505 }
506
507 return 0;
508 }
509
510 void ath9k_htc_hw_deinit(struct htc_target *target, bool hot_unplug)
511 {
512 if (target)
513 ath9k_htc_disconnect_device(target, hot_unplug);
514 } 1 /*
2 * Copyright (c) 2010-2011 Atheros Communications Inc.
3 *
4 * Permission to use, copy, modify, and/or distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice appear in all copies.
7 *
8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15 */
16
17 #include "htc.h"
18
19 static const char *wmi_cmd_to_name(enum wmi_cmd_id wmi_cmd)
20 {
21 switch (wmi_cmd) {
22 case WMI_ECHO_CMDID:
23 return "WMI_ECHO_CMDID";
24 case WMI_ACCESS_MEMORY_CMDID:
25 return "WMI_ACCESS_MEMORY_CMDID";
26 case WMI_GET_FW_VERSION:
27 return "WMI_GET_FW_VERSION";
28 case WMI_DISABLE_INTR_CMDID:
29 return "WMI_DISABLE_INTR_CMDID";
30 case WMI_ENABLE_INTR_CMDID:
31 return "WMI_ENABLE_INTR_CMDID";
32 case WMI_ATH_INIT_CMDID:
33 return "WMI_ATH_INIT_CMDID";
34 case WMI_ABORT_TXQ_CMDID:
35 return "WMI_ABORT_TXQ_CMDID";
36 case WMI_STOP_TX_DMA_CMDID:
37 return "WMI_STOP_TX_DMA_CMDID";
38 case WMI_ABORT_TX_DMA_CMDID:
39 return "WMI_ABORT_TX_DMA_CMDID";
40 case WMI_DRAIN_TXQ_CMDID:
41 return "WMI_DRAIN_TXQ_CMDID";
42 case WMI_DRAIN_TXQ_ALL_CMDID:
43 return "WMI_DRAIN_TXQ_ALL_CMDID";
44 case WMI_START_RECV_CMDID:
45 return "WMI_START_RECV_CMDID";
46 case WMI_STOP_RECV_CMDID:
47 return "WMI_STOP_RECV_CMDID";
48 case WMI_FLUSH_RECV_CMDID:
49 return "WMI_FLUSH_RECV_CMDID";
50 case WMI_SET_MODE_CMDID:
51 return "WMI_SET_MODE_CMDID";
52 case WMI_NODE_CREATE_CMDID:
53 return "WMI_NODE_CREATE_CMDID";
54 case WMI_NODE_REMOVE_CMDID:
55 return "WMI_NODE_REMOVE_CMDID";
56 case WMI_VAP_REMOVE_CMDID:
57 return "WMI_VAP_REMOVE_CMDID";
58 case WMI_VAP_CREATE_CMDID:
59 return "WMI_VAP_CREATE_CMDID";
60 case WMI_REG_READ_CMDID:
61 return "WMI_REG_READ_CMDID";
62 case WMI_REG_WRITE_CMDID:
63 return "WMI_REG_WRITE_CMDID";
64 case WMI_REG_RMW_CMDID:
65 return "WMI_REG_RMW_CMDID";
66 case WMI_RC_STATE_CHANGE_CMDID:
67 return "WMI_RC_STATE_CHANGE_CMDID";
68 case WMI_RC_RATE_UPDATE_CMDID:
69 return "WMI_RC_RATE_UPDATE_CMDID";
70 case WMI_TARGET_IC_UPDATE_CMDID:
71 return "WMI_TARGET_IC_UPDATE_CMDID";
72 case WMI_TX_AGGR_ENABLE_CMDID:
73 return "WMI_TX_AGGR_ENABLE_CMDID";
74 case WMI_TGT_DETACH_CMDID:
75 return "WMI_TGT_DETACH_CMDID";
76 case WMI_NODE_UPDATE_CMDID:
77 return "WMI_NODE_UPDATE_CMDID";
78 case WMI_INT_STATS_CMDID:
79 return "WMI_INT_STATS_CMDID";
80 case WMI_TX_STATS_CMDID:
81 return "WMI_TX_STATS_CMDID";
82 case WMI_RX_STATS_CMDID:
83 return "WMI_RX_STATS_CMDID";
84 case WMI_BITRATE_MASK_CMDID:
85 return "WMI_BITRATE_MASK_CMDID";
86 }
87
88 return "Bogus";
89 }
90
91 struct wmi *ath9k_init_wmi(struct ath9k_htc_priv *priv)
92 {
93 struct wmi *wmi;
94
95 wmi = kzalloc(sizeof(struct wmi), GFP_KERNEL);
96 if (!wmi)
97 return NULL;
98
99 wmi->drv_priv = priv;
100 wmi->stopped = false;
101 skb_queue_head_init(&wmi->wmi_event_queue);
102 spin_lock_init(&wmi->wmi_lock);
103 spin_lock_init(&wmi->event_lock);
104 mutex_init(&wmi->op_mutex);
105 mutex_init(&wmi->multi_write_mutex);
106 mutex_init(&wmi->multi_rmw_mutex);
107 init_completion(&wmi->cmd_wait);
108 INIT_LIST_HEAD(&wmi->pending_tx_events);
109 tasklet_init(&wmi->wmi_event_tasklet, ath9k_wmi_event_tasklet,
110 (unsigned long)wmi);
111
112 return wmi;
113 }
114
115 void ath9k_deinit_wmi(struct ath9k_htc_priv *priv)
116 {
117 struct wmi *wmi = priv->wmi;
118
119 mutex_lock(&wmi->op_mutex);
120 wmi->stopped = true;
121 mutex_unlock(&wmi->op_mutex);
122
123 kfree(priv->wmi);
124 }
125
126 void ath9k_wmi_event_drain(struct ath9k_htc_priv *priv)
127 {
128 unsigned long flags;
129
130 tasklet_kill(&priv->wmi->wmi_event_tasklet);
131 spin_lock_irqsave(&priv->wmi->wmi_lock, flags);
132 __skb_queue_purge(&priv->wmi->wmi_event_queue);
133 spin_unlock_irqrestore(&priv->wmi->wmi_lock, flags);
134 }
135
136 void ath9k_wmi_event_tasklet(unsigned long data)
137 {
138 struct wmi *wmi = (struct wmi *)data;
139 struct ath9k_htc_priv *priv = wmi->drv_priv;
140 struct wmi_cmd_hdr *hdr;
141 void *wmi_event;
142 struct wmi_event_swba *swba;
143 struct sk_buff *skb = NULL;
144 unsigned long flags;
145 u16 cmd_id;
146
147 do {
148 spin_lock_irqsave(&wmi->wmi_lock, flags);
149 skb = __skb_dequeue(&wmi->wmi_event_queue);
150 if (!skb) {
151 spin_unlock_irqrestore(&wmi->wmi_lock, flags);
152 return;
153 }
154 spin_unlock_irqrestore(&wmi->wmi_lock, flags);
155
156 hdr = (struct wmi_cmd_hdr *) skb->data;
157 cmd_id = be16_to_cpu(hdr->command_id);
158 wmi_event = skb_pull(skb, sizeof(struct wmi_cmd_hdr));
159
160 switch (cmd_id) {
161 case WMI_SWBA_EVENTID:
162 swba = (struct wmi_event_swba *) wmi_event;
163 ath9k_htc_swba(priv, swba);
164 break;
165 case WMI_FATAL_EVENTID:
166 ieee80211_queue_work(wmi->drv_priv->hw,
167 &wmi->drv_priv->fatal_work);
168 break;
169 case WMI_TXSTATUS_EVENTID:
170 spin_lock_bh(&priv->tx.tx_lock);
171 if (priv->tx.flags & ATH9K_HTC_OP_TX_DRAIN) {
172 spin_unlock_bh(&priv->tx.tx_lock);
173 break;
174 }
175 spin_unlock_bh(&priv->tx.tx_lock);
176
177 ath9k_htc_txstatus(priv, wmi_event);
178 break;
179 default:
180 break;
181 }
182
183 kfree_skb(skb);
184 } while (1);
185 }
186
187 void ath9k_fatal_work(struct work_struct *work)
188 {
189 struct ath9k_htc_priv *priv = container_of(work, struct ath9k_htc_priv,
190 fatal_work);
191 struct ath_common *common = ath9k_hw_common(priv->ah);
192
193 ath_dbg(common, FATAL, "FATAL Event received, resetting device\n");
194 ath9k_htc_reset(priv);
195 }
196
197 static void ath9k_wmi_rsp_callback(struct wmi *wmi, struct sk_buff *skb)
198 {
199 skb_pull(skb, sizeof(struct wmi_cmd_hdr));
200
201 if (wmi->cmd_rsp_buf != NULL && wmi->cmd_rsp_len != 0)
202 memcpy(wmi->cmd_rsp_buf, skb->data, wmi->cmd_rsp_len);
203
204 complete(&wmi->cmd_wait);
205 }
206
207 static void ath9k_wmi_ctrl_rx(void *priv, struct sk_buff *skb,
208 enum htc_endpoint_id epid)
209 {
210 struct wmi *wmi = (struct wmi *) priv;
211 struct wmi_cmd_hdr *hdr;
212 u16 cmd_id;
213
214 if (unlikely(wmi->stopped))
215 goto free_skb;
216
217 hdr = (struct wmi_cmd_hdr *) skb->data;
218 cmd_id = be16_to_cpu(hdr->command_id);
219
220 if (cmd_id & 0x1000) {
221 spin_lock(&wmi->wmi_lock);
222 __skb_queue_tail(&wmi->wmi_event_queue, skb);
223 spin_unlock(&wmi->wmi_lock);
224 tasklet_schedule(&wmi->wmi_event_tasklet);
225 return;
226 }
227
228 /* Check if there has been a timeout. */
229 spin_lock(&wmi->wmi_lock);
230 if (be16_to_cpu(hdr->seq_no) != wmi->last_seq_id) {
231 spin_unlock(&wmi->wmi_lock);
232 goto free_skb;
233 }
234 spin_unlock(&wmi->wmi_lock);
235
236 /* WMI command response */
237 ath9k_wmi_rsp_callback(wmi, skb);
238
239 free_skb:
240 kfree_skb(skb);
241 }
242
243 static void ath9k_wmi_ctrl_tx(void *priv, struct sk_buff *skb,
244 enum htc_endpoint_id epid, bool txok)
245 {
246 kfree_skb(skb);
247 }
248
249 int ath9k_wmi_connect(struct htc_target *htc, struct wmi *wmi,
250 enum htc_endpoint_id *wmi_ctrl_epid)
251 {
252 struct htc_service_connreq connect;
253 int ret;
254
255 wmi->htc = htc;
256
257 memset(&connect, 0, sizeof(connect));
258
259 connect.ep_callbacks.priv = wmi;
260 connect.ep_callbacks.tx = ath9k_wmi_ctrl_tx;
261 connect.ep_callbacks.rx = ath9k_wmi_ctrl_rx;
262 connect.service_id = WMI_CONTROL_SVC;
263
264 ret = htc_connect_service(htc, &connect, &wmi->ctrl_epid);
265 if (ret)
266 return ret;
267
268 *wmi_ctrl_epid = wmi->ctrl_epid;
269
270 return 0;
271 }
272
273 static int ath9k_wmi_cmd_issue(struct wmi *wmi,
274 struct sk_buff *skb,
275 enum wmi_cmd_id cmd, u16 len)
276 {
277 struct wmi_cmd_hdr *hdr;
278 unsigned long flags;
279
280 hdr = (struct wmi_cmd_hdr *) skb_push(skb, sizeof(struct wmi_cmd_hdr));
281 hdr->command_id = cpu_to_be16(cmd);
282 hdr->seq_no = cpu_to_be16(++wmi->tx_seq_id);
283
284 spin_lock_irqsave(&wmi->wmi_lock, flags);
285 wmi->last_seq_id = wmi->tx_seq_id;
286 spin_unlock_irqrestore(&wmi->wmi_lock, flags);
287
288 return htc_send_epid(wmi->htc, skb, wmi->ctrl_epid);
289 }
290
291 int ath9k_wmi_cmd(struct wmi *wmi, enum wmi_cmd_id cmd_id,
292 u8 *cmd_buf, u32 cmd_len,
293 u8 *rsp_buf, u32 rsp_len,
294 u32 timeout)
295 {
296 struct ath_hw *ah = wmi->drv_priv->ah;
297 struct ath_common *common = ath9k_hw_common(ah);
298 u16 headroom = sizeof(struct htc_frame_hdr) +
299 sizeof(struct wmi_cmd_hdr);
300 struct sk_buff *skb;
301 u8 *data;
302 unsigned long time_left;
303 int ret = 0;
304
305 if (ah->ah_flags & AH_UNPLUGGED)
306 return 0;
307
308 skb = alloc_skb(headroom + cmd_len, GFP_ATOMIC);
309 if (!skb)
310 return -ENOMEM;
311
312 skb_reserve(skb, headroom);
313
314 if (cmd_len != 0 && cmd_buf != NULL) {
315 data = (u8 *) skb_put(skb, cmd_len);
316 memcpy(data, cmd_buf, cmd_len);
317 }
318
319 mutex_lock(&wmi->op_mutex);
320
321 /* check if wmi stopped flag is set */
322 if (unlikely(wmi->stopped)) {
323 ret = -EPROTO;
324 goto out;
325 }
326
327 /* record the rsp buffer and length */
328 wmi->cmd_rsp_buf = rsp_buf;
329 wmi->cmd_rsp_len = rsp_len;
330
331 ret = ath9k_wmi_cmd_issue(wmi, skb, cmd_id, cmd_len);
332 if (ret)
333 goto out;
334
335 time_left = wait_for_completion_timeout(&wmi->cmd_wait, timeout);
336 if (!time_left) {
337 ath_dbg(common, WMI, "Timeout waiting for WMI command: %s\n",
338 wmi_cmd_to_name(cmd_id));
339 mutex_unlock(&wmi->op_mutex);
340 return -ETIMEDOUT;
341 }
342
343 mutex_unlock(&wmi->op_mutex);
344
345 return 0;
346
347 out:
348 ath_dbg(common, WMI, "WMI failure for: %s\n", wmi_cmd_to_name(cmd_id));
349 mutex_unlock(&wmi->op_mutex);
350 kfree_skb(skb);
351
352 return ret;
353 } 1
2 #include <linux/kernel.h>
3 #include <linux/mutex.h>
4 #include <linux/spinlock.h>
5 #include <linux/errno.h>
6 #include <verifier/rcv.h>
7 #include <linux/list.h>
8
9 /* mutexes */
10 extern int mutex_lock_interruptible(struct mutex *lock);
11 extern int mutex_lock_killable(struct mutex *lock);
12 extern void mutex_lock(struct mutex *lock);
13
14 /* mutex model functions */
15 extern void ldv_mutex_lock(struct mutex *lock, char *sign);
16 extern int ldv_mutex_is_locked(struct mutex *lock, char *sign);
17 extern void ldv_mutex_unlock(struct mutex *lock, char *sign);
18
19
20 /* Spin locks */
21 extern void __ldv_spin_lock(spinlock_t *lock);
22 extern void __ldv_spin_unlock(spinlock_t *lock);
23 extern int __ldv_spin_trylock(spinlock_t *lock);
24 extern void __ldv_spin_unlock_wait(spinlock_t *lock);
25 extern void __ldv_spin_can_lock(spinlock_t *lock);
26 extern int __ldv_atomic_dec_and_lock(spinlock_t *lock);
27
28 /* spin model functions */
29 extern void ldv_spin_lock(spinlock_t *lock, char *sign);
30 extern void ldv_spin_unlock(spinlock_t *lock, char *sign);
31 extern int ldv_spin_is_locked(spinlock_t *lock, char *sign);
32
33 /* Support for list binder functions */
34 static inline struct list_head *ldv_list_get_first(struct list_head *head) {
35 return head->next;
36 }
37
38 static inline int ldv_list_is_stop(struct list_head *pos, struct list_head *head) {
39 return pos==head;
40 }
41
42 static inline struct list_head *ldv_list_get_next(struct list_head *pos) {
43 return pos->next;
44 }
45
46 #include <linux/mutex.h>
47 #include <linux/slab.h>
48 #include <verifier/rcv.h>
49 #include <linux/timer.h>
50 #include <linux/rtnetlink.h>
51 #include <linux/gfp.h>
52 extern struct file *fops_xmit_group2;
53 extern int ldv_state_variable_8;
54 extern int ldv_timer_1_3;
55 extern struct ath_common *ath9k_usb_bus_ops_group0;
56 extern struct inode *fops_debug_group1;
57 extern struct inode *fops_queue_group1;
58 extern struct ath_common *ath9k_htc_ps_ops_group0;
59 extern int ldv_state_variable_0;
60 extern int ldv_state_variable_5;
61 extern int ldv_state_variable_13;
62 extern int ldv_state_variable_12;
63 extern struct file *fops_tgt_tx_stats_group2;
64 extern struct file *fops_queue_group2;
65 extern int ldv_state_variable_14;
66 extern int ldv_timer_1_0;
67 extern int ldv_state_variable_9;
68 extern struct inode *fops_tgt_tx_stats_group1;
69 extern struct file *fops_debug_group2;
70 extern int ref_cnt;
71 extern struct mutex key_mtx;
72 extern int ldv_state_variable_1;
73 extern int ldv_state_variable_7;
74 extern struct inode *fops_xmit_group1;
75 extern struct inode *fops_skb_rx_group1;
76 extern struct file *fops_tgt_int_stats_group2;
77 extern struct usb_interface *ath9k_hif_usb_driver_group1;
78 extern struct timer_list * ldv_timer_list_1_3;
79 extern int ldv_state_variable_10;
80 extern struct timer_list * ldv_timer_list_1_1;
81 extern struct timer_list * ldv_timer_list_1_0;
82 extern int ldv_state_variable_6;
83 extern int ldv_timer_1_2;
84 extern int ldv_timer_1_1;
85 extern int ldv_state_variable_2;
86 extern struct timer_list * ldv_timer_list_1_2;
87 extern struct inode *fops_tgt_int_stats_group1;
88 extern struct ieee80211_hw *ath9k_htc_ops_group0;
89 extern int usb_counter;
90 extern int ldv_state_variable_11;
91 extern struct file *fops_slot_group2;
92 extern int LDV_IN_INTERRUPT = 1;
93 extern struct inode *fops_slot_group1;
94 extern struct inode *fops_tgt_rx_stats_group1;
95 extern struct file *fops_tgt_rx_stats_group2;
96 extern struct mutex fs_mutex;
97 extern int ldv_state_variable_3;
98 extern struct mutex ar_mutex;
99 extern struct file *fops_skb_rx_group2;
100 extern int ldv_state_variable_4;
101 extern void ldv_file_operations_7(void);
102 extern void ldv_file_operations_6(void);
103 extern void ldv_file_operations_2(void);
104 extern void activate_pending_timer_1(struct timer_list * timer, unsigned long data, int pending_flag);
105 extern void ldv_initialyze_ath_bus_ops_10(void);
106 extern int evil_hack_12(void);
107 extern void timer_init_1(void);
108 extern void ldv_file_operations_9(void);
109 extern void ldv_usb_driver_13(void);
110 extern void ldv_file_operations_3(void);
111 extern void ldv_file_operations_8(void);
112 extern int reg_timer_1(struct timer_list * timer, void (*function)(unsigned long), unsigned long data);
113 extern void ldv_initialyze_ath_ps_ops_11(void);
114 extern int evil_hack_key_12(void);
115 extern void ldv_initialyze_ieee80211_ops_12(void);
116 extern void disable_suitable_timer_1(struct timer_list * timer);
117 extern void activate_suitable_timer_1(struct timer_list * timer, unsigned long data);
118 extern int evil_hack_fs_lock(void);
119 extern int __VERIFIER_nondet_int(void);
120 extern void ldv_file_operations_5(void);
121 extern void choose_timer_1(void);
122 extern void ldv_timer_1(int state, struct timer_list * timer);
123 extern int evil_hack_ar_lock(void);
124 extern void ldv_file_operations_4(void);
125 #line 1 "/work/ldvuser/andrianov/work/current--X--drivers/net/wireless/ath/ath9k/--X--defaultlinux-4.5-rc7--X--races--X--cpachecker/linux-4.5-rc7/csd_deg_dscv/74/dscv_tempdir/dscv/ri/races/drivers/net/wireless/ath/ath9k/wmi.c"
126 /*
127 * Copyright (c) 2010-2011 Atheros Communications Inc.
128 *
129 * Permission to use, copy, modify, and/or distribute this software for any
130 * purpose with or without fee is hereby granted, provided that the above
131 * copyright notice and this permission notice appear in all copies.
132 *
133 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
134 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
135 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
136 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
137 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
138 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
139 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
140 */
141
142 #include "htc.h"
143
144 static const char *wmi_cmd_to_name(enum wmi_cmd_id wmi_cmd)
145 {
146 switch (wmi_cmd) {
147 case WMI_ECHO_CMDID:
148 return "WMI_ECHO_CMDID";
149 case WMI_ACCESS_MEMORY_CMDID:
150 return "WMI_ACCESS_MEMORY_CMDID";
151 case WMI_GET_FW_VERSION:
152 return "WMI_GET_FW_VERSION";
153 case WMI_DISABLE_INTR_CMDID:
154 return "WMI_DISABLE_INTR_CMDID";
155 case WMI_ENABLE_INTR_CMDID:
156 return "WMI_ENABLE_INTR_CMDID";
157 case WMI_ATH_INIT_CMDID:
158 return "WMI_ATH_INIT_CMDID";
159 case WMI_ABORT_TXQ_CMDID:
160 return "WMI_ABORT_TXQ_CMDID";
161 case WMI_STOP_TX_DMA_CMDID:
162 return "WMI_STOP_TX_DMA_CMDID";
163 case WMI_ABORT_TX_DMA_CMDID:
164 return "WMI_ABORT_TX_DMA_CMDID";
165 case WMI_DRAIN_TXQ_CMDID:
166 return "WMI_DRAIN_TXQ_CMDID";
167 case WMI_DRAIN_TXQ_ALL_CMDID:
168 return "WMI_DRAIN_TXQ_ALL_CMDID";
169 case WMI_START_RECV_CMDID:
170 return "WMI_START_RECV_CMDID";
171 case WMI_STOP_RECV_CMDID:
172 return "WMI_STOP_RECV_CMDID";
173 case WMI_FLUSH_RECV_CMDID:
174 return "WMI_FLUSH_RECV_CMDID";
175 case WMI_SET_MODE_CMDID:
176 return "WMI_SET_MODE_CMDID";
177 case WMI_NODE_CREATE_CMDID:
178 return "WMI_NODE_CREATE_CMDID";
179 case WMI_NODE_REMOVE_CMDID:
180 return "WMI_NODE_REMOVE_CMDID";
181 case WMI_VAP_REMOVE_CMDID:
182 return "WMI_VAP_REMOVE_CMDID";
183 case WMI_VAP_CREATE_CMDID:
184 return "WMI_VAP_CREATE_CMDID";
185 case WMI_REG_READ_CMDID:
186 return "WMI_REG_READ_CMDID";
187 case WMI_REG_WRITE_CMDID:
188 return "WMI_REG_WRITE_CMDID";
189 case WMI_REG_RMW_CMDID:
190 return "WMI_REG_RMW_CMDID";
191 case WMI_RC_STATE_CHANGE_CMDID:
192 return "WMI_RC_STATE_CHANGE_CMDID";
193 case WMI_RC_RATE_UPDATE_CMDID:
194 return "WMI_RC_RATE_UPDATE_CMDID";
195 case WMI_TARGET_IC_UPDATE_CMDID:
196 return "WMI_TARGET_IC_UPDATE_CMDID";
197 case WMI_TX_AGGR_ENABLE_CMDID:
198 return "WMI_TX_AGGR_ENABLE_CMDID";
199 case WMI_TGT_DETACH_CMDID:
200 return "WMI_TGT_DETACH_CMDID";
201 case WMI_NODE_UPDATE_CMDID:
202 return "WMI_NODE_UPDATE_CMDID";
203 case WMI_INT_STATS_CMDID:
204 return "WMI_INT_STATS_CMDID";
205 case WMI_TX_STATS_CMDID:
206 return "WMI_TX_STATS_CMDID";
207 case WMI_RX_STATS_CMDID:
208 return "WMI_RX_STATS_CMDID";
209 case WMI_BITRATE_MASK_CMDID:
210 return "WMI_BITRATE_MASK_CMDID";
211 }
212
213 return "Bogus";
214 }
215
216 struct wmi *ath9k_init_wmi(struct ath9k_htc_priv *priv)
217 {
218 struct wmi *wmi;
219
220 wmi = kzalloc(sizeof(struct wmi), GFP_KERNEL);
221 if (!wmi)
222 return NULL;
223
224 wmi->drv_priv = priv;
225 wmi->stopped = false;
226 skb_queue_head_init(&wmi->wmi_event_queue);
227 spin_lock_init(&wmi->wmi_lock);
228 spin_lock_init(&wmi->event_lock);
229 mutex_init(&wmi->op_mutex);
230 mutex_init(&wmi->multi_write_mutex);
231 mutex_init(&wmi->multi_rmw_mutex);
232 init_completion(&wmi->cmd_wait);
233 INIT_LIST_HEAD(&wmi->pending_tx_events);
234 tasklet_init(&wmi->wmi_event_tasklet, ath9k_wmi_event_tasklet,
235 (unsigned long)wmi);
236
237 return wmi;
238 }
239
240 void ath9k_deinit_wmi(struct ath9k_htc_priv *priv)
241 {
242 struct wmi *wmi = priv->wmi;
243
244 mutex_lock(&wmi->op_mutex);
245 wmi->stopped = true;
246 mutex_unlock(&wmi->op_mutex);
247
248 kfree(priv->wmi);
249 }
250
251 void ath9k_wmi_event_drain(struct ath9k_htc_priv *priv)
252 {
253 unsigned long flags;
254
255 tasklet_kill(&priv->wmi->wmi_event_tasklet);
256 spin_lock_irqsave(&priv->wmi->wmi_lock, flags);
257 __skb_queue_purge(&priv->wmi->wmi_event_queue);
258 spin_unlock_irqrestore(&priv->wmi->wmi_lock, flags);
259 }
260
261 void ath9k_wmi_event_tasklet(unsigned long data)
262 {
263 struct wmi *wmi = (struct wmi *)data;
264 struct ath9k_htc_priv *priv = wmi->drv_priv;
265 struct wmi_cmd_hdr *hdr;
266 void *wmi_event;
267 struct wmi_event_swba *swba;
268 struct sk_buff *skb = NULL;
269 unsigned long flags;
270 u16 cmd_id;
271
272 do {
273 spin_lock_irqsave(&wmi->wmi_lock, flags);
274 skb = __skb_dequeue(&wmi->wmi_event_queue);
275 if (!skb) {
276 spin_unlock_irqrestore(&wmi->wmi_lock, flags);
277 return;
278 }
279 spin_unlock_irqrestore(&wmi->wmi_lock, flags);
280
281 hdr = (struct wmi_cmd_hdr *) skb->data;
282 cmd_id = be16_to_cpu(hdr->command_id);
283 wmi_event = skb_pull(skb, sizeof(struct wmi_cmd_hdr));
284
285 switch (cmd_id) {
286 case WMI_SWBA_EVENTID:
287 swba = (struct wmi_event_swba *) wmi_event;
288 ath9k_htc_swba(priv, swba);
289 break;
290 case WMI_FATAL_EVENTID:
291 ieee80211_queue_work(wmi->drv_priv->hw,
292 &wmi->drv_priv->fatal_work);
293 break;
294 case WMI_TXSTATUS_EVENTID:
295 spin_lock_bh(&priv->tx.tx_lock);
296 if (priv->tx.flags & ATH9K_HTC_OP_TX_DRAIN) {
297 spin_unlock_bh(&priv->tx.tx_lock);
298 break;
299 }
300 spin_unlock_bh(&priv->tx.tx_lock);
301
302 ath9k_htc_txstatus(priv, wmi_event);
303 break;
304 default:
305 break;
306 }
307
308 kfree_skb(skb);
309 } while (1);
310 }
311
312 void ath9k_fatal_work(struct work_struct *work)
313 {
314 struct ath9k_htc_priv *priv = container_of(work, struct ath9k_htc_priv,
315 fatal_work);
316 struct ath_common *common = ath9k_hw_common(priv->ah);
317
318 ath_dbg(common, FATAL, "FATAL Event received, resetting device\n");
319 ath9k_htc_reset(priv);
320 }
321
322 static void ath9k_wmi_rsp_callback(struct wmi *wmi, struct sk_buff *skb)
323 {
324 skb_pull(skb, sizeof(struct wmi_cmd_hdr));
325
326 if (wmi->cmd_rsp_buf != NULL && wmi->cmd_rsp_len != 0)
327 memcpy(wmi->cmd_rsp_buf, skb->data, wmi->cmd_rsp_len);
328
329 complete(&wmi->cmd_wait);
330 }
331
332 static void ath9k_wmi_ctrl_rx(void *priv, struct sk_buff *skb,
333 enum htc_endpoint_id epid)
334 {
335 struct wmi *wmi = (struct wmi *) priv;
336 struct wmi_cmd_hdr *hdr;
337 u16 cmd_id;
338
339 if (unlikely(wmi->stopped))
340 goto free_skb;
341
342 hdr = (struct wmi_cmd_hdr *) skb->data;
343 cmd_id = be16_to_cpu(hdr->command_id);
344
345 if (cmd_id & 0x1000) {
346 spin_lock(&wmi->wmi_lock);
347 __skb_queue_tail(&wmi->wmi_event_queue, skb);
348 spin_unlock(&wmi->wmi_lock);
349 tasklet_schedule(&wmi->wmi_event_tasklet);
350 return;
351 }
352
353 /* Check if there has been a timeout. */
354 spin_lock(&wmi->wmi_lock);
355 if (be16_to_cpu(hdr->seq_no) != wmi->last_seq_id) {
356 spin_unlock(&wmi->wmi_lock);
357 goto free_skb;
358 }
359 spin_unlock(&wmi->wmi_lock);
360
361 /* WMI command response */
362 ath9k_wmi_rsp_callback(wmi, skb);
363
364 free_skb:
365 kfree_skb(skb);
366 }
367
368 static void ath9k_wmi_ctrl_tx(void *priv, struct sk_buff *skb,
369 enum htc_endpoint_id epid, bool txok)
370 {
371 kfree_skb(skb);
372 }
373
374 int ath9k_wmi_connect(struct htc_target *htc, struct wmi *wmi,
375 enum htc_endpoint_id *wmi_ctrl_epid)
376 {
377 struct htc_service_connreq connect;
378 int ret;
379
380 wmi->htc = htc;
381
382 memset(&connect, 0, sizeof(connect));
383
384 connect.ep_callbacks.priv = wmi;
385 connect.ep_callbacks.tx = ath9k_wmi_ctrl_tx;
386 connect.ep_callbacks.rx = ath9k_wmi_ctrl_rx;
387 connect.service_id = WMI_CONTROL_SVC;
388
389 ret = htc_connect_service(htc, &connect, &wmi->ctrl_epid);
390 if (ret)
391 return ret;
392
393 *wmi_ctrl_epid = wmi->ctrl_epid;
394
395 return 0;
396 }
397
398 static int ath9k_wmi_cmd_issue(struct wmi *wmi,
399 struct sk_buff *skb,
400 enum wmi_cmd_id cmd, u16 len)
401 {
402 struct wmi_cmd_hdr *hdr;
403 unsigned long flags;
404
405 hdr = (struct wmi_cmd_hdr *) skb_push(skb, sizeof(struct wmi_cmd_hdr));
406 hdr->command_id = cpu_to_be16(cmd);
407 hdr->seq_no = cpu_to_be16(++wmi->tx_seq_id);
408
409 spin_lock_irqsave(&wmi->wmi_lock, flags);
410 wmi->last_seq_id = wmi->tx_seq_id;
411 spin_unlock_irqrestore(&wmi->wmi_lock, flags);
412
413 return htc_send_epid(wmi->htc, skb, wmi->ctrl_epid);
414 }
415
416 int ath9k_wmi_cmd(struct wmi *wmi, enum wmi_cmd_id cmd_id,
417 u8 *cmd_buf, u32 cmd_len,
418 u8 *rsp_buf, u32 rsp_len,
419 u32 timeout)
420 {
421 struct ath_hw *ah = wmi->drv_priv->ah;
422 struct ath_common *common = ath9k_hw_common(ah);
423 u16 headroom = sizeof(struct htc_frame_hdr) +
424 sizeof(struct wmi_cmd_hdr);
425 struct sk_buff *skb;
426 u8 *data;
427 unsigned long time_left;
428 int ret = 0;
429
430 if (ah->ah_flags & AH_UNPLUGGED)
431 return 0;
432
433 skb = alloc_skb(headroom + cmd_len, GFP_ATOMIC);
434 if (!skb)
435 return -ENOMEM;
436
437 skb_reserve(skb, headroom);
438
439 if (cmd_len != 0 && cmd_buf != NULL) {
440 data = (u8 *) skb_put(skb, cmd_len);
441 memcpy(data, cmd_buf, cmd_len);
442 }
443
444 mutex_lock(&wmi->op_mutex);
445
446 /* check if wmi stopped flag is set */
447 if (unlikely(wmi->stopped)) {
448 ret = -EPROTO;
449 goto out;
450 }
451
452 /* record the rsp buffer and length */
453 wmi->cmd_rsp_buf = rsp_buf;
454 wmi->cmd_rsp_len = rsp_len;
455
456 ret = ath9k_wmi_cmd_issue(wmi, skb, cmd_id, cmd_len);
457 if (ret)
458 goto out;
459
460 time_left = wait_for_completion_timeout(&wmi->cmd_wait, timeout);
461 if (!time_left) {
462 ath_dbg(common, WMI, "Timeout waiting for WMI command: %s\n",
463 wmi_cmd_to_name(cmd_id));
464 mutex_unlock(&wmi->op_mutex);
465 return -ETIMEDOUT;
466 }
467
468 mutex_unlock(&wmi->op_mutex);
469
470 return 0;
471
472 out:
473 ath_dbg(common, WMI, "WMI failure for: %s\n", wmi_cmd_to_name(cmd_id));
474 mutex_unlock(&wmi->op_mutex);
475 kfree_skb(skb);
476
477 return ret;
478 }
479
480 #line 125 "/work/ldvuser/andrianov/work/current--X--drivers/net/wireless/ath/ath9k/--X--defaultlinux-4.5-rc7--X--races--X--cpachecker/linux-4.5-rc7/csd_deg_dscv/74/dscv_tempdir/dscv/ri/races/drivers/net/wireless/ath/ath9k/wmi.o.c.prepared" 1 /*
2 * Copyright (c) 2010-2011 Atheros Communications Inc.
3 *
4 * Permission to use, copy, modify, and/or distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice appear in all copies.
7 *
8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15 */
16
17 #ifndef HTC_H
18 #define HTC_H
19
20 #include <linux/module.h>
21 #include <linux/usb.h>
22 #include <linux/firmware.h>
23 #include <linux/skbuff.h>
24 #include <linux/netdevice.h>
25 #include <linux/etherdevice.h>
26 #include <linux/leds.h>
27 #include <linux/slab.h>
28 #include <net/mac80211.h>
29
30 #include "common.h"
31 #include "htc_hst.h"
32 #include "hif_usb.h"
33 #include "wmi.h"
34
35 #define ATH_STA_SHORT_CALINTERVAL 1000 /* 1 second */
36 #define ATH_AP_SHORT_CALINTERVAL 100 /* 100 ms */
37 #define ATH_ANI_POLLINTERVAL 100 /* 100 ms */
38 #define ATH_LONG_CALINTERVAL 30000 /* 30 seconds */
39 #define ATH_RESTART_CALINTERVAL 1200000 /* 20 minutes */
40
41 #define ATH_DEFAULT_BMISS_LIMIT 10
42 #define TSF_TO_TU(_h, _l) \
43 ((((u32)(_h)) << 22) | (((u32)(_l)) >> 10))
44
45 extern struct ieee80211_ops ath9k_htc_ops;
46 extern int htc_modparam_nohwcrypt;
47 #ifdef CONFIG_MAC80211_LEDS
48 extern int ath9k_htc_led_blink;
49 #endif
50
51 enum htc_phymode {
52 HTC_MODE_11NA = 0,
53 HTC_MODE_11NG = 1
54 };
55
56 enum htc_opmode {
57 HTC_M_STA = 1,
58 HTC_M_IBSS = 0,
59 HTC_M_AHDEMO = 3,
60 HTC_M_HOSTAP = 6,
61 HTC_M_MONITOR = 8,
62 HTC_M_WDS = 2
63 };
64
65 #define ATH9K_HTC_AMPDU 1
66 #define ATH9K_HTC_NORMAL 2
67 #define ATH9K_HTC_BEACON 3
68 #define ATH9K_HTC_MGMT 4
69
70 #define ATH9K_HTC_TX_CTSONLY 0x1
71 #define ATH9K_HTC_TX_RTSCTS 0x2
72
73 struct tx_frame_hdr {
74 u8 data_type;
75 u8 node_idx;
76 u8 vif_idx;
77 u8 tidno;
78 __be32 flags; /* ATH9K_HTC_TX_* */
79 u8 key_type;
80 u8 keyix;
81 u8 cookie;
82 u8 pad;
83 } __packed;
84
85 struct tx_mgmt_hdr {
86 u8 node_idx;
87 u8 vif_idx;
88 u8 tidno;
89 u8 flags;
90 u8 key_type;
91 u8 keyix;
92 u8 cookie;
93 u8 pad;
94 } __packed;
95
96 struct tx_beacon_header {
97 u8 vif_index;
98 u8 len_changed;
99 u16 rev;
100 } __packed;
101
102 #define MAX_TX_AMPDU_SUBFRAMES_9271 17
103 #define MAX_TX_AMPDU_SUBFRAMES_7010 22
104
105 struct ath9k_htc_cap_target {
106 __be32 ampdu_limit;
107 u8 ampdu_subframes;
108 u8 enable_coex;
109 u8 tx_chainmask;
110 u8 pad;
111 } __packed;
112
113 struct ath9k_htc_target_vif {
114 u8 index;
115 u8 opmode;
116 u8 myaddr[ETH_ALEN];
117 u8 ath_cap;
118 __be16 rtsthreshold;
119 u8 pad;
120 } __packed;
121
122 struct ath9k_htc_target_sta {
123 u8 macaddr[ETH_ALEN];
124 u8 bssid[ETH_ALEN];
125 u8 sta_index;
126 u8 vif_index;
127 u8 is_vif_sta;
128 __be16 flags;
129 __be16 htcap;
130 __be16 maxampdu;
131 u8 pad;
132 } __packed;
133
134 struct ath9k_htc_target_aggr {
135 u8 sta_index;
136 u8 tidno;
137 u8 aggr_enable;
138 u8 padding;
139 } __packed;
140
141 #define ATH_HTC_RATE_MAX 30
142
143 #define WLAN_RC_DS_FLAG 0x01
144 #define WLAN_RC_40_FLAG 0x02
145 #define WLAN_RC_SGI_FLAG 0x04
146 #define WLAN_RC_HT_FLAG 0x08
147 #define ATH_RC_TX_STBC_FLAG 0x20
148
149 struct ath9k_htc_rateset {
150 u8 rs_nrates;
151 u8 rs_rates[ATH_HTC_RATE_MAX];
152 };
153
154 struct ath9k_htc_rate {
155 struct ath9k_htc_rateset legacy_rates;
156 struct ath9k_htc_rateset ht_rates;
157 } __packed;
158
159 struct ath9k_htc_target_rate {
160 u8 sta_index;
161 u8 isnew;
162 __be32 capflags;
163 struct ath9k_htc_rate rates;
164 };
165
166 struct ath9k_htc_target_rate_mask {
167 u8 vif_index;
168 u8 band;
169 __be32 mask;
170 u16 pad;
171 } __packed;
172
173 struct ath9k_htc_target_int_stats {
174 __be32 rx;
175 __be32 rxorn;
176 __be32 rxeol;
177 __be32 txurn;
178 __be32 txto;
179 __be32 cst;
180 } __packed;
181
182 struct ath9k_htc_target_tx_stats {
183 __be32 xretries;
184 __be32 fifoerr;
185 __be32 filtered;
186 __be32 timer_exp;
187 __be32 shortretries;
188 __be32 longretries;
189 __be32 qnull;
190 __be32 encap_fail;
191 __be32 nobuf;
192 } __packed;
193
194 struct ath9k_htc_target_rx_stats {
195 __be32 nobuf;
196 __be32 host_send;
197 __be32 host_done;
198 } __packed;
199
200 #define ATH9K_HTC_MAX_VIF 2
201 #define ATH9K_HTC_MAX_BCN_VIF 2
202
203 #define INC_VIF(_priv, _type) do { \
204 switch (_type) { \
205 case NL80211_IFTYPE_STATION: \
206 _priv->num_sta_vif++; \
207 break; \
208 case NL80211_IFTYPE_ADHOC: \
209 _priv->num_ibss_vif++; \
210 break; \
211 case NL80211_IFTYPE_AP: \
212 _priv->num_ap_vif++; \
213 break; \
214 case NL80211_IFTYPE_MESH_POINT: \
215 _priv->num_mbss_vif++; \
216 break; \
217 default: \
218 break; \
219 } \
220 } while (0)
221
222 #define DEC_VIF(_priv, _type) do { \
223 switch (_type) { \
224 case NL80211_IFTYPE_STATION: \
225 _priv->num_sta_vif--; \
226 break; \
227 case NL80211_IFTYPE_ADHOC: \
228 _priv->num_ibss_vif--; \
229 break; \
230 case NL80211_IFTYPE_AP: \
231 _priv->num_ap_vif--; \
232 break; \
233 case NL80211_IFTYPE_MESH_POINT: \
234 _priv->num_mbss_vif--; \
235 break; \
236 default: \
237 break; \
238 } \
239 } while (0)
240
241 struct ath9k_htc_vif {
242 u8 index;
243 u16 seq_no;
244 bool beacon_configured;
245 int bslot;
246 __le64 tsfadjust;
247 };
248
249 struct ath9k_vif_iter_data {
250 const u8 *hw_macaddr;
251 u8 mask[ETH_ALEN];
252 };
253
254 #define ATH9K_HTC_MAX_STA 8
255 #define ATH9K_HTC_MAX_TID 8
256
257 enum tid_aggr_state {
258 AGGR_STOP = 0,
259 AGGR_PROGRESS,
260 AGGR_START,
261 AGGR_OPERATIONAL
262 };
263
264 struct ath9k_htc_sta {
265 u8 index;
266 enum tid_aggr_state tid_state[ATH9K_HTC_MAX_TID];
267 struct work_struct rc_update_work;
268 struct ath9k_htc_priv *htc_priv;
269 };
270
271 #define ATH9K_HTC_RXBUF 256
272 #define HTC_RX_FRAME_HEADER_SIZE 40
273
274 struct ath9k_htc_rxbuf {
275 bool in_process;
276 struct sk_buff *skb;
277 struct ath_htc_rx_status rxstatus;
278 struct list_head list;
279 };
280
281 struct ath9k_htc_rx {
282 struct list_head rxbuf;
283 spinlock_t rxbuflock;
284 };
285
286 #define ATH9K_HTC_TX_CLEANUP_INTERVAL 50 /* ms */
287 #define ATH9K_HTC_TX_TIMEOUT_INTERVAL 3000 /* ms */
288 #define ATH9K_HTC_TX_RESERVE 10
289 #define ATH9K_HTC_TX_TIMEOUT_COUNT 40
290 #define ATH9K_HTC_TX_THRESHOLD (MAX_TX_BUF_NUM - ATH9K_HTC_TX_RESERVE)
291
292 #define ATH9K_HTC_OP_TX_QUEUES_STOP BIT(0)
293 #define ATH9K_HTC_OP_TX_DRAIN BIT(1)
294
295 struct ath9k_htc_tx {
296 u8 flags;
297 int queued_cnt;
298 struct sk_buff_head mgmt_ep_queue;
299 struct sk_buff_head cab_ep_queue;
300 struct sk_buff_head data_be_queue;
301 struct sk_buff_head data_bk_queue;
302 struct sk_buff_head data_vi_queue;
303 struct sk_buff_head data_vo_queue;
304 struct sk_buff_head tx_failed;
305 DECLARE_BITMAP(tx_slot, MAX_TX_BUF_NUM);
306 struct timer_list cleanup_timer;
307 spinlock_t tx_lock;
308 };
309
310 struct ath9k_htc_tx_ctl {
311 u8 type; /* ATH9K_HTC_* */
312 u8 epid;
313 u8 txok;
314 u8 sta_idx;
315 unsigned long timestamp;
316 };
317
318 static inline struct ath9k_htc_tx_ctl *HTC_SKB_CB(struct sk_buff *skb)
319 {
320 struct ieee80211_tx_info *tx_info = IEEE80211_SKB_CB(skb);
321
322 BUILD_BUG_ON(sizeof(struct ath9k_htc_tx_ctl) >
323 IEEE80211_TX_INFO_DRIVER_DATA_SIZE);
324 return (struct ath9k_htc_tx_ctl *) &tx_info->driver_data;
325 }
326
327 #ifdef CONFIG_ATH9K_HTC_DEBUGFS
328
329 #define TX_STAT_INC(c) (hif_dev->htc_handle->drv_priv->debug.tx_stats.c++)
330 #define TX_STAT_ADD(c, a) (hif_dev->htc_handle->drv_priv->debug.tx_stats.c += a)
331 #define RX_STAT_INC(c) (hif_dev->htc_handle->drv_priv->debug.skbrx_stats.c++)
332 #define RX_STAT_ADD(c, a) (hif_dev->htc_handle->drv_priv->debug.skbrx_stats.c += a)
333 #define CAB_STAT_INC priv->debug.tx_stats.cab_queued++
334
335 #define TX_QSTAT_INC(q) (priv->debug.tx_stats.queue_stats[q]++)
336
337 void ath9k_htc_err_stat_rx(struct ath9k_htc_priv *priv,
338 struct ath_rx_status *rs);
339
340 struct ath_tx_stats {
341 u32 buf_queued;
342 u32 buf_completed;
343 u32 skb_queued;
344 u32 skb_success;
345 u32 skb_success_bytes;
346 u32 skb_failed;
347 u32 cab_queued;
348 u32 queue_stats[IEEE80211_NUM_ACS];
349 };
350
351 struct ath_skbrx_stats {
352 u32 skb_allocated;
353 u32 skb_completed;
354 u32 skb_completed_bytes;
355 u32 skb_dropped;
356 };
357
358 struct ath9k_debug {
359 struct dentry *debugfs_phy;
360 struct ath_tx_stats tx_stats;
361 struct ath_rx_stats rx_stats;
362 struct ath_skbrx_stats skbrx_stats;
363 };
364
365 void ath9k_htc_get_et_strings(struct ieee80211_hw *hw,
366 struct ieee80211_vif *vif,
367 u32 sset, u8 *data);
368 int ath9k_htc_get_et_sset_count(struct ieee80211_hw *hw,
369 struct ieee80211_vif *vif, int sset);
370 void ath9k_htc_get_et_stats(struct ieee80211_hw *hw,
371 struct ieee80211_vif *vif,
372 struct ethtool_stats *stats, u64 *data);
373 #else
374
375 #define TX_STAT_INC(c) do { } while (0)
376 #define TX_STAT_ADD(c, a) do { } while (0)
377 #define RX_STAT_INC(c) do { } while (0)
378 #define RX_STAT_ADD(c, a) do { } while (0)
379 #define CAB_STAT_INC do { } while (0)
380
381 #define TX_QSTAT_INC(c) do { } while (0)
382
383 static inline void ath9k_htc_err_stat_rx(struct ath9k_htc_priv *priv,
384 struct ath_rx_status *rs)
385 {
386 }
387
388 #endif /* CONFIG_ATH9K_HTC_DEBUGFS */
389
390 #define ATH_LED_PIN_DEF 1
391 #define ATH_LED_PIN_9287 10
392 #define ATH_LED_PIN_9271 15
393 #define ATH_LED_PIN_7010 12
394
395 #define BSTUCK_THRESHOLD 10
396
397 /*
398 * Adjust these when the max. no of beaconing interfaces is
399 * increased.
400 */
401 #define DEFAULT_SWBA_RESPONSE 40 /* in TUs */
402 #define MIN_SWBA_RESPONSE 10 /* in TUs */
403
404 struct htc_beacon {
405 enum {
406 OK, /* no change needed */
407 UPDATE, /* update pending */
408 COMMIT /* beacon sent, commit change */
409 } updateslot; /* slot time update fsm */
410
411 struct ieee80211_vif *bslot[ATH9K_HTC_MAX_BCN_VIF];
412 u32 bmisscnt;
413 u32 beaconq;
414 int slottime;
415 int slotupdate;
416 };
417
418 struct ath_btcoex {
419 u32 bt_priority_cnt;
420 unsigned long bt_priority_time;
421 int bt_stomp_type; /* Types of BT stomping */
422 u32 btcoex_no_stomp;
423 u32 btcoex_period;
424 u32 btscan_no_stomp;
425 };
426
427 #ifdef CONFIG_ATH9K_BTCOEX_SUPPORT
428 void ath9k_htc_init_btcoex(struct ath9k_htc_priv *priv, char *product);
429 void ath9k_htc_start_btcoex(struct ath9k_htc_priv *priv);
430 void ath9k_htc_stop_btcoex(struct ath9k_htc_priv *priv);
431 #else
432 static inline void ath9k_htc_init_btcoex(struct ath9k_htc_priv *priv, char *product)
433 {
434 }
435 static inline void ath9k_htc_start_btcoex(struct ath9k_htc_priv *priv)
436 {
437 }
438 static inline void ath9k_htc_stop_btcoex(struct ath9k_htc_priv *priv)
439 {
440 }
441 #endif /* CONFIG_ATH9K_BTCOEX_SUPPORT */
442
443 #define OP_BT_PRIORITY_DETECTED 3
444 #define OP_BT_SCAN 4
445 #define OP_TSF_RESET 6
446
447 enum htc_op_flags {
448 HTC_FWFLAG_NO_RMW,
449 };
450
451 struct ath9k_htc_priv {
452 struct device *dev;
453 struct ieee80211_hw *hw;
454 struct ath_hw *ah;
455 struct htc_target *htc;
456 struct wmi *wmi;
457
458 u16 fw_version_major;
459 u16 fw_version_minor;
460
461 enum htc_endpoint_id wmi_cmd_ep;
462 enum htc_endpoint_id beacon_ep;
463 enum htc_endpoint_id cab_ep;
464 enum htc_endpoint_id uapsd_ep;
465 enum htc_endpoint_id mgmt_ep;
466 enum htc_endpoint_id data_be_ep;
467 enum htc_endpoint_id data_bk_ep;
468 enum htc_endpoint_id data_vi_ep;
469 enum htc_endpoint_id data_vo_ep;
470
471 u8 vif_slot;
472 u8 mon_vif_idx;
473 u8 sta_slot;
474 u8 vif_sta_pos[ATH9K_HTC_MAX_VIF];
475 u8 num_ibss_vif;
476 u8 num_mbss_vif;
477 u8 num_sta_vif;
478 u8 num_sta_assoc_vif;
479 u8 num_ap_vif;
480
481 u16 curtxpow;
482 u16 txpowlimit;
483 u16 nvifs;
484 u16 nstations;
485 bool rearm_ani;
486 bool reconfig_beacon;
487 unsigned int rxfilter;
488 unsigned long op_flags;
489 unsigned long fw_flags;
490
491 struct ath9k_hw_cal_data caldata;
492 struct ath_spec_scan_priv spec_priv;
493
494 spinlock_t beacon_lock;
495 struct ath_beacon_config cur_beacon_conf;
496 struct htc_beacon beacon;
497
498 struct ath9k_htc_rx rx;
499 struct ath9k_htc_tx tx;
500
501 struct tasklet_struct swba_tasklet;
502 struct tasklet_struct rx_tasklet;
503 struct delayed_work ani_work;
504 struct tasklet_struct tx_failed_tasklet;
505 struct work_struct ps_work;
506 struct work_struct fatal_work;
507
508 struct mutex htc_pm_lock;
509 unsigned long ps_usecount;
510 bool ps_enabled;
511 bool ps_idle;
512
513 #ifdef CONFIG_MAC80211_LEDS
514 enum led_brightness brightness;
515 bool led_registered;
516 char led_name[32];
517 struct led_classdev led_cdev;
518 struct work_struct led_work;
519 #endif
520
521 int cabq;
522 int hwq_map[IEEE80211_NUM_ACS];
523
524 #ifdef CONFIG_ATH9K_BTCOEX_SUPPORT
525 struct ath_btcoex btcoex;
526 #endif
527
528 struct delayed_work coex_period_work;
529 struct delayed_work duty_cycle_work;
530 #ifdef CONFIG_ATH9K_HTC_DEBUGFS
531 struct ath9k_debug debug;
532 #endif
533 struct mutex mutex;
534 struct ieee80211_vif *csa_vif;
535 };
536
537 static inline void ath_read_cachesize(struct ath_common *common, int *csz)
538 {
539 common->bus_ops->read_cachesize(common, csz);
540 }
541
542 void ath9k_htc_reset(struct ath9k_htc_priv *priv);
543
544 void ath9k_htc_assign_bslot(struct ath9k_htc_priv *priv,
545 struct ieee80211_vif *vif);
546 void ath9k_htc_remove_bslot(struct ath9k_htc_priv *priv,
547 struct ieee80211_vif *vif);
548 void ath9k_htc_set_tsfadjust(struct ath9k_htc_priv *priv,
549 struct ieee80211_vif *vif);
550 void ath9k_htc_beaconq_config(struct ath9k_htc_priv *priv);
551 void ath9k_htc_beacon_config(struct ath9k_htc_priv *priv,
552 struct ieee80211_vif *vif);
553 void ath9k_htc_beacon_reconfig(struct ath9k_htc_priv *priv);
554 void ath9k_htc_swba(struct ath9k_htc_priv *priv,
555 struct wmi_event_swba *swba);
556
557 void ath9k_htc_rxep(void *priv, struct sk_buff *skb,
558 enum htc_endpoint_id ep_id);
559 void ath9k_htc_txep(void *priv, struct sk_buff *skb, enum htc_endpoint_id ep_id,
560 bool txok);
561 void ath9k_htc_beaconep(void *drv_priv, struct sk_buff *skb,
562 enum htc_endpoint_id ep_id, bool txok);
563
564 int ath9k_htc_update_cap_target(struct ath9k_htc_priv *priv,
565 u8 enable_coex);
566 void ath9k_htc_ani_work(struct work_struct *work);
567 void ath9k_htc_start_ani(struct ath9k_htc_priv *priv);
568 void ath9k_htc_stop_ani(struct ath9k_htc_priv *priv);
569
570 int ath9k_tx_init(struct ath9k_htc_priv *priv);
571 int ath9k_htc_tx_start(struct ath9k_htc_priv *priv,
572 struct ieee80211_sta *sta,
573 struct sk_buff *skb, u8 slot, bool is_cab);
574 void ath9k_tx_cleanup(struct ath9k_htc_priv *priv);
575 bool ath9k_htc_txq_setup(struct ath9k_htc_priv *priv, int subtype);
576 int ath9k_htc_cabq_setup(struct ath9k_htc_priv *priv);
577 int get_hw_qnum(u16 queue, int *hwq_map);
578 int ath_htc_txq_update(struct ath9k_htc_priv *priv, int qnum,
579 struct ath9k_tx_queue_info *qinfo);
580 void ath9k_htc_check_stop_queues(struct ath9k_htc_priv *priv);
581 void ath9k_htc_check_wake_queues(struct ath9k_htc_priv *priv);
582 int ath9k_htc_tx_get_slot(struct ath9k_htc_priv *priv);
583 void ath9k_htc_tx_clear_slot(struct ath9k_htc_priv *priv, int slot);
584 void ath9k_htc_tx_drain(struct ath9k_htc_priv *priv);
585 void ath9k_htc_txstatus(struct ath9k_htc_priv *priv, void *wmi_event);
586 void ath9k_tx_failed_tasklet(unsigned long data);
587 void ath9k_htc_tx_cleanup_timer(unsigned long data);
588 bool ath9k_htc_csa_is_finished(struct ath9k_htc_priv *priv);
589
590 int ath9k_rx_init(struct ath9k_htc_priv *priv);
591 void ath9k_rx_cleanup(struct ath9k_htc_priv *priv);
592 void ath9k_host_rx_init(struct ath9k_htc_priv *priv);
593 void ath9k_rx_tasklet(unsigned long data);
594 u32 ath9k_htc_calcrxfilter(struct ath9k_htc_priv *priv);
595
596 void ath9k_htc_ps_wakeup(struct ath9k_htc_priv *priv);
597 void ath9k_htc_ps_restore(struct ath9k_htc_priv *priv);
598 void ath9k_ps_work(struct work_struct *work);
599 bool ath9k_htc_setpower(struct ath9k_htc_priv *priv,
600 enum ath9k_power_mode mode);
601
602 void ath9k_start_rfkill_poll(struct ath9k_htc_priv *priv);
603 void ath9k_htc_rfkill_poll_state(struct ieee80211_hw *hw);
604
605 struct base_eep_header *ath9k_htc_get_eeprom_base(struct ath9k_htc_priv *priv);
606
607 #ifdef CONFIG_MAC80211_LEDS
608 void ath9k_configure_leds(struct ath9k_htc_priv *priv);
609 void ath9k_init_leds(struct ath9k_htc_priv *priv);
610 void ath9k_deinit_leds(struct ath9k_htc_priv *priv);
611 void ath9k_led_work(struct work_struct *work);
612 #else
613 static inline void ath9k_configure_leds(struct ath9k_htc_priv *priv)
614 {
615 }
616
617 static inline void ath9k_init_leds(struct ath9k_htc_priv *priv)
618 {
619 }
620
621 static inline void ath9k_deinit_leds(struct ath9k_htc_priv *priv)
622 {
623 }
624
625 static inline void ath9k_led_work(struct work_struct *work)
626 {
627 }
628 #endif
629
630 int ath9k_htc_probe_device(struct htc_target *htc_handle, struct device *dev,
631 u16 devid, char *product, u32 drv_info);
632 void ath9k_htc_disconnect_device(struct htc_target *htc_handle, bool hotunplug);
633 #ifdef CONFIG_PM
634 void ath9k_htc_suspend(struct htc_target *htc_handle);
635 int ath9k_htc_resume(struct htc_target *htc_handle);
636 #endif
637 #ifdef CONFIG_ATH9K_HTC_DEBUGFS
638 int ath9k_htc_init_debug(struct ath_hw *ah);
639 void ath9k_htc_deinit_debug(struct ath9k_htc_priv *priv);
640 #else
641 static inline int ath9k_htc_init_debug(struct ath_hw *ah) { return 0; };
642 static inline void ath9k_htc_deinit_debug(struct ath9k_htc_priv *priv)
643 {
644 }
645 #endif /* CONFIG_ATH9K_HTC_DEBUGFS */
646
647 #endif /* HTC_H */ 1 /*
2 * Copyright (c) 2008-2011 Atheros Communications Inc.
3 *
4 * Permission to use, copy, modify, and/or distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice appear in all copies.
7 *
8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15 */
16
17 #ifndef HW_H
18 #define HW_H
19
20 #include <linux/if_ether.h>
21 #include <linux/delay.h>
22 #include <linux/io.h>
23 #include <linux/firmware.h>
24
25 #include "mac.h"
26 #include "ani.h"
27 #include "eeprom.h"
28 #include "calib.h"
29 #include "reg.h"
30 #include "reg_mci.h"
31 #include "phy.h"
32 #include "btcoex.h"
33 #include "dynack.h"
34
35 #include "../regd.h"
36
37 #define ATHEROS_VENDOR_ID 0x168c
38
39 #define AR5416_DEVID_PCI 0x0023
40 #define AR5416_DEVID_PCIE 0x0024
41 #define AR9160_DEVID_PCI 0x0027
42 #define AR9280_DEVID_PCI 0x0029
43 #define AR9280_DEVID_PCIE 0x002a
44 #define AR9285_DEVID_PCIE 0x002b
45 #define AR2427_DEVID_PCIE 0x002c
46 #define AR9287_DEVID_PCI 0x002d
47 #define AR9287_DEVID_PCIE 0x002e
48 #define AR9300_DEVID_PCIE 0x0030
49 #define AR9300_DEVID_AR9340 0x0031
50 #define AR9300_DEVID_AR9485_PCIE 0x0032
51 #define AR9300_DEVID_AR9580 0x0033
52 #define AR9300_DEVID_AR9462 0x0034
53 #define AR9300_DEVID_AR9330 0x0035
54 #define AR9300_DEVID_QCA955X 0x0038
55 #define AR9485_DEVID_AR1111 0x0037
56 #define AR9300_DEVID_AR9565 0x0036
57 #define AR9300_DEVID_AR953X 0x003d
58 #define AR9300_DEVID_QCA956X 0x003f
59
60 #define AR5416_AR9100_DEVID 0x000b
61
62 #define AR_SUBVENDOR_ID_NOG 0x0e11
63 #define AR_SUBVENDOR_ID_NEW_A 0x7065
64 #define AR5416_MAGIC 0x19641014
65
66 #define AR9280_COEX2WIRE_SUBSYSID 0x309b
67 #define AT9285_COEX3WIRE_SA_SUBSYSID 0x30aa
68 #define AT9285_COEX3WIRE_DA_SUBSYSID 0x30ab
69
70 #define ATH_AMPDU_LIMIT_MAX (64 * 1024 - 1)
71
72 #define ATH_DEFAULT_NOISE_FLOOR -95
73
74 #define ATH9K_RSSI_BAD -128
75
76 #define ATH9K_NUM_CHANNELS 38
77
78 /* Register read/write primitives */
79 #define REG_WRITE(_ah, _reg, _val) \
80 (_ah)->reg_ops.write((_ah), (_val), (_reg))
81
82 #define REG_READ(_ah, _reg) \
83 (_ah)->reg_ops.read((_ah), (_reg))
84
85 #define REG_READ_MULTI(_ah, _addr, _val, _cnt) \
86 (_ah)->reg_ops.multi_read((_ah), (_addr), (_val), (_cnt))
87
88 #define REG_RMW(_ah, _reg, _set, _clr) \
89 (_ah)->reg_ops.rmw((_ah), (_reg), (_set), (_clr))
90
91 #define ENABLE_REGWRITE_BUFFER(_ah) \
92 do { \
93 if ((_ah)->reg_ops.enable_write_buffer) \
94 (_ah)->reg_ops.enable_write_buffer((_ah)); \
95 } while (0)
96
97 #define REGWRITE_BUFFER_FLUSH(_ah) \
98 do { \
99 if ((_ah)->reg_ops.write_flush) \
100 (_ah)->reg_ops.write_flush((_ah)); \
101 } while (0)
102
103 #define ENABLE_REG_RMW_BUFFER(_ah) \
104 do { \
105 if ((_ah)->reg_ops.enable_rmw_buffer) \
106 (_ah)->reg_ops.enable_rmw_buffer((_ah)); \
107 } while (0)
108
109 #define REG_RMW_BUFFER_FLUSH(_ah) \
110 do { \
111 if ((_ah)->reg_ops.rmw_flush) \
112 (_ah)->reg_ops.rmw_flush((_ah)); \
113 } while (0)
114
115 #define PR_EEP(_s, _val) \
116 do { \
117 len += scnprintf(buf + len, size - len, "%20s : %10d\n",\
118 _s, (_val)); \
119 } while (0)
120
121 #define SM(_v, _f) (((_v) << _f##_S) & _f)
122 #define MS(_v, _f) (((_v) & _f) >> _f##_S)
123 #define REG_RMW_FIELD(_a, _r, _f, _v) \
124 REG_RMW(_a, _r, (((_v) << _f##_S) & _f), (_f))
125 #define REG_READ_FIELD(_a, _r, _f) \
126 (((REG_READ(_a, _r) & _f) >> _f##_S))
127 #define REG_SET_BIT(_a, _r, _f) \
128 REG_RMW(_a, _r, (_f), 0)
129 #define REG_CLR_BIT(_a, _r, _f) \
130 REG_RMW(_a, _r, 0, (_f))
131
132 #define DO_DELAY(x) do { \
133 if (((++(x) % 64) == 0) && \
134 (ath9k_hw_common(ah)->bus_ops->ath_bus_type \
135 != ATH_USB)) \
136 udelay(1); \
137 } while (0)
138
139 #define REG_WRITE_ARRAY(iniarray, column, regWr) \
140 ath9k_hw_write_array(ah, iniarray, column, &(regWr))
141 #define REG_READ_ARRAY(ah, array, size) \
142 ath9k_hw_read_array(ah, array, size)
143
144 #define AR_GPIO_OUTPUT_MUX_AS_OUTPUT 0
145 #define AR_GPIO_OUTPUT_MUX_AS_PCIE_ATTENTION_LED 1
146 #define AR_GPIO_OUTPUT_MUX_AS_PCIE_POWER_LED 2
147 #define AR_GPIO_OUTPUT_MUX_AS_TX_FRAME 3
148 #define AR_GPIO_OUTPUT_MUX_AS_RX_CLEAR_EXTERNAL 4
149 #define AR_GPIO_OUTPUT_MUX_AS_MAC_NETWORK_LED 5
150 #define AR_GPIO_OUTPUT_MUX_AS_MAC_POWER_LED 6
151 #define AR_GPIO_OUTPUT_MUX_AS_MCI_WLAN_DATA 0x16
152 #define AR_GPIO_OUTPUT_MUX_AS_MCI_WLAN_CLK 0x17
153 #define AR_GPIO_OUTPUT_MUX_AS_MCI_BT_DATA 0x18
154 #define AR_GPIO_OUTPUT_MUX_AS_MCI_BT_CLK 0x19
155 #define AR_GPIO_OUTPUT_MUX_AS_WL_IN_TX 0x14
156 #define AR_GPIO_OUTPUT_MUX_AS_WL_IN_RX 0x13
157 #define AR_GPIO_OUTPUT_MUX_AS_BT_IN_TX 9
158 #define AR_GPIO_OUTPUT_MUX_AS_BT_IN_RX 8
159 #define AR_GPIO_OUTPUT_MUX_AS_RUCKUS_STROBE 0x1d
160 #define AR_GPIO_OUTPUT_MUX_AS_RUCKUS_DATA 0x1e
161
162 #define AR_GPIOD_MASK 0x00001FFF
163 #define AR_GPIO_BIT(_gpio) (1 << (_gpio))
164
165 #define BASE_ACTIVATE_DELAY 100
166 #define RTC_PLL_SETTLE_DELAY (AR_SREV_9340(ah) ? 1000 : 100)
167 #define COEF_SCALE_S 24
168 #define HT40_CHANNEL_CENTER_SHIFT 10
169
170 #define ATH9K_ANTENNA0_CHAINMASK 0x1
171 #define ATH9K_ANTENNA1_CHAINMASK 0x2
172
173 #define ATH9K_NUM_DMA_DEBUG_REGS 8
174 #define ATH9K_NUM_QUEUES 10
175
176 #define MAX_RATE_POWER 63
177 #define AH_WAIT_TIMEOUT 100000 /* (us) */
178 #define AH_TSF_WRITE_TIMEOUT 100 /* (us) */
179 #define AH_TIME_QUANTUM 10
180 #define AR_KEYTABLE_SIZE 128
181 #define POWER_UP_TIME 10000
182 #define SPUR_RSSI_THRESH 40
183 #define UPPER_5G_SUB_BAND_START 5700
184 #define MID_5G_SUB_BAND_START 5400
185
186 #define CAB_TIMEOUT_VAL 10
187 #define BEACON_TIMEOUT_VAL 10
188 #define MIN_BEACON_TIMEOUT_VAL 1
189 #define SLEEP_SLOP TU_TO_USEC(3)
190
191 #define INIT_CONFIG_STATUS 0x00000000
192 #define INIT_RSSI_THR 0x00000700
193 #define INIT_BCON_CNTRL_REG 0x00000000
194
195 #define TU_TO_USEC(_tu) ((_tu) << 10)
196
197 #define ATH9K_HW_RX_HP_QDEPTH 16
198 #define ATH9K_HW_RX_LP_QDEPTH 128
199
200 #define PAPRD_GAIN_TABLE_ENTRIES 32
201 #define PAPRD_TABLE_SZ 24
202 #define PAPRD_IDEAL_AGC2_PWR_RANGE 0xe0
203
204 /*
205 * Wake on Wireless
206 */
207
208 /* Keep Alive Frame */
209 #define KAL_FRAME_LEN 28
210 #define KAL_FRAME_TYPE 0x2 /* data frame */
211 #define KAL_FRAME_SUB_TYPE 0x4 /* null data frame */
212 #define KAL_DURATION_ID 0x3d
213 #define KAL_NUM_DATA_WORDS 6
214 #define KAL_NUM_DESC_WORDS 12
215 #define KAL_ANTENNA_MODE 1
216 #define KAL_TO_DS 1
217 #define KAL_DELAY 4 /* delay of 4ms between 2 KAL frames */
218 #define KAL_TIMEOUT 900
219
220 #define MAX_PATTERN_SIZE 256
221 #define MAX_PATTERN_MASK_SIZE 32
222 #define MAX_NUM_PATTERN 16
223 #define MAX_NUM_PATTERN_LEGACY 8
224 #define MAX_NUM_USER_PATTERN 6 /* deducting the disassociate and
225 deauthenticate packets */
226
227 /*
228 * WoW trigger mapping to hardware code
229 */
230
231 #define AH_WOW_USER_PATTERN_EN BIT(0)
232 #define AH_WOW_MAGIC_PATTERN_EN BIT(1)
233 #define AH_WOW_LINK_CHANGE BIT(2)
234 #define AH_WOW_BEACON_MISS BIT(3)
235
236 enum ath_hw_txq_subtype {
237 ATH_TXQ_AC_BK = 0,
238 ATH_TXQ_AC_BE = 1,
239 ATH_TXQ_AC_VI = 2,
240 ATH_TXQ_AC_VO = 3,
241 };
242
243 enum ath_ini_subsys {
244 ATH_INI_PRE = 0,
245 ATH_INI_CORE,
246 ATH_INI_POST,
247 ATH_INI_NUM_SPLIT,
248 };
249
250 enum ath9k_hw_caps {
251 ATH9K_HW_CAP_HT = BIT(0),
252 ATH9K_HW_CAP_RFSILENT = BIT(1),
253 ATH9K_HW_CAP_AUTOSLEEP = BIT(2),
254 ATH9K_HW_CAP_4KB_SPLITTRANS = BIT(3),
255 ATH9K_HW_CAP_EDMA = BIT(4),
256 ATH9K_HW_CAP_RAC_SUPPORTED = BIT(5),
257 ATH9K_HW_CAP_LDPC = BIT(6),
258 ATH9K_HW_CAP_FASTCLOCK = BIT(7),
259 ATH9K_HW_CAP_SGI_20 = BIT(8),
260 ATH9K_HW_CAP_ANT_DIV_COMB = BIT(10),
261 ATH9K_HW_CAP_2GHZ = BIT(11),
262 ATH9K_HW_CAP_5GHZ = BIT(12),
263 ATH9K_HW_CAP_APM = BIT(13),
264 #ifdef CONFIG_ATH9K_PCOEM
265 ATH9K_HW_CAP_RTT = BIT(14),
266 ATH9K_HW_CAP_MCI = BIT(15),
267 ATH9K_HW_CAP_BT_ANT_DIV = BIT(17),
268 #else
269 ATH9K_HW_CAP_RTT = 0,
270 ATH9K_HW_CAP_MCI = 0,
271 ATH9K_HW_CAP_BT_ANT_DIV = 0,
272 #endif
273 ATH9K_HW_CAP_DFS = BIT(18),
274 ATH9K_HW_CAP_PAPRD = BIT(19),
275 ATH9K_HW_CAP_FCC_BAND_SWITCH = BIT(20),
276 };
277
278 /*
279 * WoW device capabilities
280 * @ATH9K_HW_WOW_DEVICE_CAPABLE: device revision is capable of WoW.
281 * @ATH9K_HW_WOW_PATTERN_MATCH_EXACT: device is capable of matching
282 * an exact user defined pattern or de-authentication/disassoc pattern.
283 * @ATH9K_HW_WOW_PATTERN_MATCH_DWORD: device requires the first four
284 * bytes of the pattern for user defined pattern, de-authentication and
285 * disassociation patterns for all types of possible frames recieved
286 * of those types.
287 */
288
289 struct ath9k_hw_wow {
290 u32 wow_event_mask;
291 u32 wow_event_mask2;
292 u8 max_patterns;
293 };
294
295 struct ath9k_hw_capabilities {
296 u32 hw_caps; /* ATH9K_HW_CAP_* from ath9k_hw_caps */
297 u16 rts_aggr_limit;
298 u8 tx_chainmask;
299 u8 rx_chainmask;
300 u8 chip_chainmask;
301 u8 max_txchains;
302 u8 max_rxchains;
303 u8 num_gpio_pins;
304 u8 rx_hp_qdepth;
305 u8 rx_lp_qdepth;
306 u8 rx_status_len;
307 u8 tx_desc_len;
308 u8 txs_len;
309 };
310
311 #define AR_NO_SPUR 0x8000
312 #define AR_BASE_FREQ_2GHZ 2300
313 #define AR_BASE_FREQ_5GHZ 4900
314 #define AR_SPUR_FEEQ_BOUND_HT40 19
315 #define AR_SPUR_FEEQ_BOUND_HT20 10
316
317 enum ath9k_hw_hang_checks {
318 HW_BB_WATCHDOG = BIT(0),
319 HW_PHYRESTART_CLC_WAR = BIT(1),
320 HW_BB_RIFS_HANG = BIT(2),
321 HW_BB_DFS_HANG = BIT(3),
322 HW_BB_RX_CLEAR_STUCK_HANG = BIT(4),
323 HW_MAC_HANG = BIT(5),
324 };
325
326 #define AR_PCIE_PLL_PWRSAVE_CONTROL BIT(0)
327 #define AR_PCIE_PLL_PWRSAVE_ON_D3 BIT(1)
328 #define AR_PCIE_PLL_PWRSAVE_ON_D0 BIT(2)
329 #define AR_PCIE_CDR_PWRSAVE_ON_D3 BIT(3)
330 #define AR_PCIE_CDR_PWRSAVE_ON_D0 BIT(4)
331
332 struct ath9k_ops_config {
333 int dma_beacon_response_time;
334 int sw_beacon_response_time;
335 bool cwm_ignore_extcca;
336 u32 pcie_waen;
337 u8 analog_shiftreg;
338 u32 ofdm_trig_low;
339 u32 ofdm_trig_high;
340 u32 cck_trig_high;
341 u32 cck_trig_low;
342 bool enable_paprd;
343 int serialize_regmode;
344 bool rx_intr_mitigation;
345 bool tx_intr_mitigation;
346 u8 max_txtrig_level;
347 u16 ani_poll_interval; /* ANI poll interval in ms */
348 u16 hw_hang_checks;
349 u16 rimt_first;
350 u16 rimt_last;
351
352 /* Platform specific config */
353 u32 aspm_l1_fix;
354 u32 xlna_gpio;
355 u32 ant_ctrl_comm2g_switch_enable;
356 bool xatten_margin_cfg;
357 bool alt_mingainidx;
358 u8 pll_pwrsave;
359 bool tx_gain_buffalo;
360 bool led_active_high;
361 };
362
363 enum ath9k_int {
364 ATH9K_INT_RX = 0x00000001,
365 ATH9K_INT_RXDESC = 0x00000002,
366 ATH9K_INT_RXHP = 0x00000001,
367 ATH9K_INT_RXLP = 0x00000002,
368 ATH9K_INT_RXNOFRM = 0x00000008,
369 ATH9K_INT_RXEOL = 0x00000010,
370 ATH9K_INT_RXORN = 0x00000020,
371 ATH9K_INT_TX = 0x00000040,
372 ATH9K_INT_TXDESC = 0x00000080,
373 ATH9K_INT_TIM_TIMER = 0x00000100,
374 ATH9K_INT_MCI = 0x00000200,
375 ATH9K_INT_BB_WATCHDOG = 0x00000400,
376 ATH9K_INT_TXURN = 0x00000800,
377 ATH9K_INT_MIB = 0x00001000,
378 ATH9K_INT_RXPHY = 0x00004000,
379 ATH9K_INT_RXKCM = 0x00008000,
380 ATH9K_INT_SWBA = 0x00010000,
381 ATH9K_INT_BMISS = 0x00040000,
382 ATH9K_INT_BNR = 0x00100000,
383 ATH9K_INT_TIM = 0x00200000,
384 ATH9K_INT_DTIM = 0x00400000,
385 ATH9K_INT_DTIMSYNC = 0x00800000,
386 ATH9K_INT_GPIO = 0x01000000,
387 ATH9K_INT_CABEND = 0x02000000,
388 ATH9K_INT_TSFOOR = 0x04000000,
389 ATH9K_INT_GENTIMER = 0x08000000,
390 ATH9K_INT_CST = 0x10000000,
391 ATH9K_INT_GTT = 0x20000000,
392 ATH9K_INT_FATAL = 0x40000000,
393 ATH9K_INT_GLOBAL = 0x80000000,
394 ATH9K_INT_BMISC = ATH9K_INT_TIM |
395 ATH9K_INT_DTIM |
396 ATH9K_INT_DTIMSYNC |
397 ATH9K_INT_TSFOOR |
398 ATH9K_INT_CABEND,
399 ATH9K_INT_COMMON = ATH9K_INT_RXNOFRM |
400 ATH9K_INT_RXDESC |
401 ATH9K_INT_RXEOL |
402 ATH9K_INT_RXORN |
403 ATH9K_INT_TXURN |
404 ATH9K_INT_TXDESC |
405 ATH9K_INT_MIB |
406 ATH9K_INT_RXPHY |
407 ATH9K_INT_RXKCM |
408 ATH9K_INT_SWBA |
409 ATH9K_INT_BMISS |
410 ATH9K_INT_GPIO,
411 ATH9K_INT_NOCARD = 0xffffffff
412 };
413
414 #define MAX_RTT_TABLE_ENTRY 6
415 #define MAX_IQCAL_MEASUREMENT 8
416 #define MAX_CL_TAB_ENTRY 16
417 #define CL_TAB_ENTRY(reg_base) (reg_base + (4 * j))
418
419 enum ath9k_cal_flags {
420 RTT_DONE,
421 PAPRD_PACKET_SENT,
422 PAPRD_DONE,
423 NFCAL_PENDING,
424 NFCAL_INTF,
425 TXIQCAL_DONE,
426 TXCLCAL_DONE,
427 SW_PKDET_DONE,
428 };
429
430 struct ath9k_hw_cal_data {
431 u16 channel;
432 u16 channelFlags;
433 unsigned long cal_flags;
434 int32_t CalValid;
435 int8_t iCoff;
436 int8_t qCoff;
437 u8 caldac[2];
438 u16 small_signal_gain[AR9300_MAX_CHAINS];
439 u32 pa_table[AR9300_MAX_CHAINS][PAPRD_TABLE_SZ];
440 u32 num_measures[AR9300_MAX_CHAINS];
441 int tx_corr_coeff[MAX_IQCAL_MEASUREMENT][AR9300_MAX_CHAINS];
442 u32 tx_clcal[AR9300_MAX_CHAINS][MAX_CL_TAB_ENTRY];
443 u32 rtt_table[AR9300_MAX_CHAINS][MAX_RTT_TABLE_ENTRY];
444 struct ath9k_nfcal_hist nfCalHist[NUM_NF_READINGS];
445 };
446
447 struct ath9k_channel {
448 struct ieee80211_channel *chan;
449 u16 channel;
450 u16 channelFlags;
451 s16 noisefloor;
452 };
453
454 #define CHANNEL_5GHZ BIT(0)
455 #define CHANNEL_HALF BIT(1)
456 #define CHANNEL_QUARTER BIT(2)
457 #define CHANNEL_HT BIT(3)
458 #define CHANNEL_HT40PLUS BIT(4)
459 #define CHANNEL_HT40MINUS BIT(5)
460
461 #define IS_CHAN_5GHZ(_c) (!!((_c)->channelFlags & CHANNEL_5GHZ))
462 #define IS_CHAN_2GHZ(_c) (!IS_CHAN_5GHZ(_c))
463
464 #define IS_CHAN_HALF_RATE(_c) (!!((_c)->channelFlags & CHANNEL_HALF))
465 #define IS_CHAN_QUARTER_RATE(_c) (!!((_c)->channelFlags & CHANNEL_QUARTER))
466 #define IS_CHAN_A_FAST_CLOCK(_ah, _c) \
467 (IS_CHAN_5GHZ(_c) && ((_ah)->caps.hw_caps & ATH9K_HW_CAP_FASTCLOCK))
468
469 #define IS_CHAN_HT(_c) ((_c)->channelFlags & CHANNEL_HT)
470
471 #define IS_CHAN_HT20(_c) (IS_CHAN_HT(_c) && !IS_CHAN_HT40(_c))
472
473 #define IS_CHAN_HT40(_c) \
474 (!!((_c)->channelFlags & (CHANNEL_HT40PLUS | CHANNEL_HT40MINUS)))
475
476 #define IS_CHAN_HT40PLUS(_c) ((_c)->channelFlags & CHANNEL_HT40PLUS)
477 #define IS_CHAN_HT40MINUS(_c) ((_c)->channelFlags & CHANNEL_HT40MINUS)
478
479 enum ath9k_power_mode {
480 ATH9K_PM_AWAKE = 0,
481 ATH9K_PM_FULL_SLEEP,
482 ATH9K_PM_NETWORK_SLEEP,
483 ATH9K_PM_UNDEFINED
484 };
485
486 enum ser_reg_mode {
487 SER_REG_MODE_OFF = 0,
488 SER_REG_MODE_ON = 1,
489 SER_REG_MODE_AUTO = 2,
490 };
491
492 enum ath9k_rx_qtype {
493 ATH9K_RX_QUEUE_HP,
494 ATH9K_RX_QUEUE_LP,
495 ATH9K_RX_QUEUE_MAX,
496 };
497
498 struct ath9k_beacon_state {
499 u32 bs_nexttbtt;
500 u32 bs_nextdtim;
501 u32 bs_intval;
502 #define ATH9K_TSFOOR_THRESHOLD 0x00004240 /* 16k us */
503 u32 bs_dtimperiod;
504 u16 bs_bmissthreshold;
505 u32 bs_sleepduration;
506 u32 bs_tsfoor_threshold;
507 };
508
509 struct chan_centers {
510 u16 synth_center;
511 u16 ctl_center;
512 u16 ext_center;
513 };
514
515 enum {
516 ATH9K_RESET_POWER_ON,
517 ATH9K_RESET_WARM,
518 ATH9K_RESET_COLD,
519 };
520
521 struct ath9k_hw_version {
522 u32 magic;
523 u16 devid;
524 u16 subvendorid;
525 u32 macVersion;
526 u16 macRev;
527 u16 phyRev;
528 u16 analog5GhzRev;
529 u16 analog2GhzRev;
530 enum ath_usb_dev usbdev;
531 };
532
533 /* Generic TSF timer definitions */
534
535 #define ATH_MAX_GEN_TIMER 16
536
537 #define AR_GENTMR_BIT(_index) (1 << (_index))
538
539 struct ath_gen_timer_configuration {
540 u32 next_addr;
541 u32 period_addr;
542 u32 mode_addr;
543 u32 mode_mask;
544 };
545
546 struct ath_gen_timer {
547 void (*trigger)(void *arg);
548 void (*overflow)(void *arg);
549 void *arg;
550 u8 index;
551 };
552
553 struct ath_gen_timer_table {
554 struct ath_gen_timer *timers[ATH_MAX_GEN_TIMER];
555 u16 timer_mask;
556 bool tsf2_enabled;
557 };
558
559 struct ath_hw_antcomb_conf {
560 u8 main_lna_conf;
561 u8 alt_lna_conf;
562 u8 fast_div_bias;
563 u8 main_gaintb;
564 u8 alt_gaintb;
565 int lna1_lna2_delta;
566 int lna1_lna2_switch_delta;
567 u8 div_group;
568 };
569
570 /**
571 * struct ath_hw_radar_conf - radar detection initialization parameters
572 *
573 * @pulse_inband: threshold for checking the ratio of in-band power
574 * to total power for short radar pulses (half dB steps)
575 * @pulse_inband_step: threshold for checking an in-band power to total
576 * power ratio increase for short radar pulses (half dB steps)
577 * @pulse_height: threshold for detecting the beginning of a short
578 * radar pulse (dB step)
579 * @pulse_rssi: threshold for detecting if a short radar pulse is
580 * gone (dB step)
581 * @pulse_maxlen: maximum pulse length (0.8 us steps)
582 *
583 * @radar_rssi: RSSI threshold for starting long radar detection (dB steps)
584 * @radar_inband: threshold for checking the ratio of in-band power
585 * to total power for long radar pulses (half dB steps)
586 * @fir_power: threshold for detecting the end of a long radar pulse (dB)
587 *
588 * @ext_channel: enable extension channel radar detection
589 */
590 struct ath_hw_radar_conf {
591 unsigned int pulse_inband;
592 unsigned int pulse_inband_step;
593 unsigned int pulse_height;
594 unsigned int pulse_rssi;
595 unsigned int pulse_maxlen;
596
597 unsigned int radar_rssi;
598 unsigned int radar_inband;
599 int fir_power;
600
601 bool ext_channel;
602 };
603
604 /**
605 * struct ath_hw_private_ops - callbacks used internally by hardware code
606 *
607 * This structure contains private callbacks designed to only be used internally
608 * by the hardware core.
609 *
610 * @init_cal_settings: setup types of calibrations supported
611 * @init_cal: starts actual calibration
612 *
613 * @init_mode_gain_regs: Initialize TX/RX gain registers
614 *
615 * @rf_set_freq: change frequency
616 * @spur_mitigate_freq: spur mitigation
617 * @set_rf_regs:
618 * @compute_pll_control: compute the PLL control value to use for
619 * AR_RTC_PLL_CONTROL for a given channel
620 * @setup_calibration: set up calibration
621 * @iscal_supported: used to query if a type of calibration is supported
622 *
623 * @ani_cache_ini_regs: cache the values for ANI from the initial
624 * register settings through the register initialization.
625 */
626 struct ath_hw_private_ops {
627 void (*init_hang_checks)(struct ath_hw *ah);
628 bool (*detect_mac_hang)(struct ath_hw *ah);
629 bool (*detect_bb_hang)(struct ath_hw *ah);
630
631 /* Calibration ops */
632 void (*init_cal_settings)(struct ath_hw *ah);
633 bool (*init_cal)(struct ath_hw *ah, struct ath9k_channel *chan);
634
635 void (*init_mode_gain_regs)(struct ath_hw *ah);
636 void (*setup_calibration)(struct ath_hw *ah,
637 struct ath9k_cal_list *currCal);
638
639 /* PHY ops */
640 int (*rf_set_freq)(struct ath_hw *ah,
641 struct ath9k_channel *chan);
642 void (*spur_mitigate_freq)(struct ath_hw *ah,
643 struct ath9k_channel *chan);
644 bool (*set_rf_regs)(struct ath_hw *ah,
645 struct ath9k_channel *chan,
646 u16 modesIndex);
647 void (*set_channel_regs)(struct ath_hw *ah, struct ath9k_channel *chan);
648 void (*init_bb)(struct ath_hw *ah,
649 struct ath9k_channel *chan);
650 int (*process_ini)(struct ath_hw *ah, struct ath9k_channel *chan);
651 void (*olc_init)(struct ath_hw *ah);
652 void (*set_rfmode)(struct ath_hw *ah, struct ath9k_channel *chan);
653 void (*mark_phy_inactive)(struct ath_hw *ah);
654 void (*set_delta_slope)(struct ath_hw *ah, struct ath9k_channel *chan);
655 bool (*rfbus_req)(struct ath_hw *ah);
656 void (*rfbus_done)(struct ath_hw *ah);
657 void (*restore_chainmask)(struct ath_hw *ah);
658 u32 (*compute_pll_control)(struct ath_hw *ah,
659 struct ath9k_channel *chan);
660 bool (*ani_control)(struct ath_hw *ah, enum ath9k_ani_cmd cmd,
661 int param);
662 void (*do_getnf)(struct ath_hw *ah, int16_t nfarray[NUM_NF_READINGS]);
663 void (*set_radar_params)(struct ath_hw *ah,
664 struct ath_hw_radar_conf *conf);
665 int (*fast_chan_change)(struct ath_hw *ah, struct ath9k_channel *chan,
666 u8 *ini_reloaded);
667
668 /* ANI */
669 void (*ani_cache_ini_regs)(struct ath_hw *ah);
670
671 #ifdef CONFIG_ATH9K_BTCOEX_SUPPORT
672 bool (*is_aic_enabled)(struct ath_hw *ah);
673 #endif /* CONFIG_ATH9K_BTCOEX_SUPPORT */
674 };
675
676 /**
677 * struct ath_spec_scan - parameters for Atheros spectral scan
678 *
679 * @enabled: enable/disable spectral scan
680 * @short_repeat: controls whether the chip is in spectral scan mode
681 * for 4 usec (enabled) or 204 usec (disabled)
682 * @count: number of scan results requested. There are special meanings
683 * in some chip revisions:
684 * AR92xx: highest bit set (>=128) for endless mode
685 * (spectral scan won't stopped until explicitly disabled)
686 * AR9300 and newer: 0 for endless mode
687 * @endless: true if endless mode is intended. Otherwise, count value is
688 * corrected to the next possible value.
689 * @period: time duration between successive spectral scan entry points
690 * (period*256*Tclk). Tclk = ath_common->clockrate
691 * @fft_period: PHY passes FFT frames to MAC every (fft_period+1)*4uS
692 *
693 * Note: Tclk = 40MHz or 44MHz depending upon operating mode.
694 * Typically it's 44MHz in 2/5GHz on later chips, but there's
695 * a "fast clock" check for this in 5GHz.
696 *
697 */
698 struct ath_spec_scan {
699 bool enabled;
700 bool short_repeat;
701 bool endless;
702 u8 count;
703 u8 period;
704 u8 fft_period;
705 };
706
707 /**
708 * struct ath_hw_ops - callbacks used by hardware code and driver code
709 *
710 * This structure contains callbacks designed to to be used internally by
711 * hardware code and also by the lower level driver.
712 *
713 * @config_pci_powersave:
714 * @calibrate: periodic calibration for NF, ANI, IQ, ADC gain, ADC-DC
715 *
716 * @spectral_scan_config: set parameters for spectral scan and enable/disable it
717 * @spectral_scan_trigger: trigger a spectral scan run
718 * @spectral_scan_wait: wait for a spectral scan run to finish
719 */
720 struct ath_hw_ops {
721 void (*config_pci_powersave)(struct ath_hw *ah,
722 bool power_off);
723 void (*rx_enable)(struct ath_hw *ah);
724 void (*set_desc_link)(void *ds, u32 link);
725 int (*calibrate)(struct ath_hw *ah, struct ath9k_channel *chan,
726 u8 rxchainmask, bool longcal);
727 bool (*get_isr)(struct ath_hw *ah, enum ath9k_int *masked,
728 u32 *sync_cause_p);
729 void (*set_txdesc)(struct ath_hw *ah, void *ds,
730 struct ath_tx_info *i);
731 int (*proc_txdesc)(struct ath_hw *ah, void *ds,
732 struct ath_tx_status *ts);
733 int (*get_duration)(struct ath_hw *ah, const void *ds, int index);
734 void (*antdiv_comb_conf_get)(struct ath_hw *ah,
735 struct ath_hw_antcomb_conf *antconf);
736 void (*antdiv_comb_conf_set)(struct ath_hw *ah,
737 struct ath_hw_antcomb_conf *antconf);
738 void (*spectral_scan_config)(struct ath_hw *ah,
739 struct ath_spec_scan *param);
740 void (*spectral_scan_trigger)(struct ath_hw *ah);
741 void (*spectral_scan_wait)(struct ath_hw *ah);
742
743 void (*tx99_start)(struct ath_hw *ah, u32 qnum);
744 void (*tx99_stop)(struct ath_hw *ah);
745 void (*tx99_set_txpower)(struct ath_hw *ah, u8 power);
746
747 #ifdef CONFIG_ATH9K_BTCOEX_SUPPORT
748 void (*set_bt_ant_diversity)(struct ath_hw *hw, bool enable);
749 #endif
750 };
751
752 struct ath_nf_limits {
753 s16 max;
754 s16 min;
755 s16 nominal;
756 };
757
758 enum ath_cal_list {
759 TX_IQ_CAL = BIT(0),
760 TX_IQ_ON_AGC_CAL = BIT(1),
761 TX_CL_CAL = BIT(2),
762 };
763
764 /* ah_flags */
765 #define AH_USE_EEPROM 0x1
766 #define AH_UNPLUGGED 0x2 /* The card has been physically removed. */
767 #define AH_FASTCC 0x4
768 #define AH_NO_EEP_SWAP 0x8 /* Do not swap EEPROM data */
769
770 struct ath_hw {
771 struct ath_ops reg_ops;
772
773 struct device *dev;
774 struct ieee80211_hw *hw;
775 struct ath_common common;
776 struct ath9k_hw_version hw_version;
777 struct ath9k_ops_config config;
778 struct ath9k_hw_capabilities caps;
779 struct ath9k_channel channels[ATH9K_NUM_CHANNELS];
780 struct ath9k_channel *curchan;
781
782 union {
783 struct ar5416_eeprom_def def;
784 struct ar5416_eeprom_4k map4k;
785 struct ar9287_eeprom map9287;
786 struct ar9300_eeprom ar9300_eep;
787 } eeprom;
788 const struct eeprom_ops *eep_ops;
789
790 bool sw_mgmt_crypto_tx;
791 bool sw_mgmt_crypto_rx;
792 bool is_pciexpress;
793 bool aspm_enabled;
794 bool is_monitoring;
795 bool need_an_top2_fixup;
796 u16 tx_trig_level;
797
798 u32 nf_regs[6];
799 struct ath_nf_limits nf_2g;
800 struct ath_nf_limits nf_5g;
801 u16 rfsilent;
802 u32 rfkill_gpio;
803 u32 rfkill_polarity;
804 u32 ah_flags;
805
806 bool reset_power_on;
807 bool htc_reset_init;
808
809 enum nl80211_iftype opmode;
810 enum ath9k_power_mode power_mode;
811
812 s8 noise;
813 struct ath9k_hw_cal_data *caldata;
814 struct ath9k_pacal_info pacal_info;
815 struct ar5416Stats stats;
816 struct ath9k_tx_queue_info txq[ATH9K_NUM_TX_QUEUES];
817
818 enum ath9k_int imask;
819 u32 imrs2_reg;
820 u32 txok_interrupt_mask;
821 u32 txerr_interrupt_mask;
822 u32 txdesc_interrupt_mask;
823 u32 txeol_interrupt_mask;
824 u32 txurn_interrupt_mask;
825 atomic_t intr_ref_cnt;
826 bool chip_fullsleep;
827 u32 modes_index;
828
829 /* Calibration */
830 u32 supp_cals;
831 struct ath9k_cal_list iq_caldata;
832 struct ath9k_cal_list adcgain_caldata;
833 struct ath9k_cal_list adcdc_caldata;
834 struct ath9k_cal_list *cal_list;
835 struct ath9k_cal_list *cal_list_last;
836 struct ath9k_cal_list *cal_list_curr;
837 #define totalPowerMeasI meas0.unsign
838 #define totalPowerMeasQ meas1.unsign
839 #define totalIqCorrMeas meas2.sign
840 #define totalAdcIOddPhase meas0.unsign
841 #define totalAdcIEvenPhase meas1.unsign
842 #define totalAdcQOddPhase meas2.unsign
843 #define totalAdcQEvenPhase meas3.unsign
844 #define totalAdcDcOffsetIOddPhase meas0.sign
845 #define totalAdcDcOffsetIEvenPhase meas1.sign
846 #define totalAdcDcOffsetQOddPhase meas2.sign
847 #define totalAdcDcOffsetQEvenPhase meas3.sign
848 union {
849 u32 unsign[AR5416_MAX_CHAINS];
850 int32_t sign[AR5416_MAX_CHAINS];
851 } meas0;
852 union {
853 u32 unsign[AR5416_MAX_CHAINS];
854 int32_t sign[AR5416_MAX_CHAINS];
855 } meas1;
856 union {
857 u32 unsign[AR5416_MAX_CHAINS];
858 int32_t sign[AR5416_MAX_CHAINS];
859 } meas2;
860 union {
861 u32 unsign[AR5416_MAX_CHAINS];
862 int32_t sign[AR5416_MAX_CHAINS];
863 } meas3;
864 u16 cal_samples;
865 u8 enabled_cals;
866
867 u32 sta_id1_defaults;
868 u32 misc_mode;
869
870 /* Private to hardware code */
871 struct ath_hw_private_ops private_ops;
872 /* Accessed by the lower level driver */
873 struct ath_hw_ops ops;
874
875 /* Used to program the radio on non single-chip devices */
876 u32 *analogBank6Data;
877
878 int coverage_class;
879 u32 slottime;
880 u32 globaltxtimeout;
881
882 /* ANI */
883 u32 aniperiod;
884 enum ath9k_ani_cmd ani_function;
885 u32 ani_skip_count;
886 struct ar5416AniState ani;
887
888 #ifdef CONFIG_ATH9K_BTCOEX_SUPPORT
889 struct ath_btcoex_hw btcoex_hw;
890 #endif
891
892 u32 intr_txqs;
893 u8 txchainmask;
894 u8 rxchainmask;
895
896 struct ath_hw_radar_conf radar_conf;
897
898 u32 originalGain[22];
899 int initPDADC;
900 int PDADCdelta;
901 int led_pin;
902 u32 gpio_mask;
903 u32 gpio_val;
904
905 struct ar5416IniArray ini_dfs;
906 struct ar5416IniArray iniModes;
907 struct ar5416IniArray iniCommon;
908 struct ar5416IniArray iniBB_RfGain;
909 struct ar5416IniArray iniBank6;
910 struct ar5416IniArray iniAddac;
911 struct ar5416IniArray iniPcieSerdes;
912 struct ar5416IniArray iniPcieSerdesLowPower;
913 struct ar5416IniArray iniModesFastClock;
914 struct ar5416IniArray iniAdditional;
915 struct ar5416IniArray iniModesRxGain;
916 struct ar5416IniArray ini_modes_rx_gain_bounds;
917 struct ar5416IniArray iniModesTxGain;
918 struct ar5416IniArray iniCckfirNormal;
919 struct ar5416IniArray iniCckfirJapan2484;
920 struct ar5416IniArray iniModes_9271_ANI_reg;
921 struct ar5416IniArray ini_radio_post_sys2ant;
922 struct ar5416IniArray ini_modes_rxgain_xlna;
923 struct ar5416IniArray ini_modes_rxgain_bb_core;
924 struct ar5416IniArray ini_modes_rxgain_bb_postamble;
925
926 struct ar5416IniArray iniMac[ATH_INI_NUM_SPLIT];
927 struct ar5416IniArray iniBB[ATH_INI_NUM_SPLIT];
928 struct ar5416IniArray iniRadio[ATH_INI_NUM_SPLIT];
929 struct ar5416IniArray iniSOC[ATH_INI_NUM_SPLIT];
930
931 u32 intr_gen_timer_trigger;
932 u32 intr_gen_timer_thresh;
933 struct ath_gen_timer_table hw_gen_timers;
934
935 struct ar9003_txs *ts_ring;
936 u32 ts_paddr_start;
937 u32 ts_paddr_end;
938 u16 ts_tail;
939 u16 ts_size;
940
941 u32 bb_watchdog_last_status;
942 u32 bb_watchdog_timeout_ms; /* in ms, 0 to disable */
943 u8 bb_hang_rx_ofdm; /* true if bb hang due to rx_ofdm */
944
945 unsigned int paprd_target_power;
946 unsigned int paprd_training_power;
947 unsigned int paprd_ratemask;
948 unsigned int paprd_ratemask_ht40;
949 bool paprd_table_write_done;
950 u32 paprd_gain_table_entries[PAPRD_GAIN_TABLE_ENTRIES];
951 u8 paprd_gain_table_index[PAPRD_GAIN_TABLE_ENTRIES];
952 /*
953 * Store the permanent value of Reg 0x4004in WARegVal
954 * so we dont have to R/M/W. We should not be reading
955 * this register when in sleep states.
956 */
957 u32 WARegVal;
958
959 /* Enterprise mode cap */
960 u32 ent_mode;
961
962 #ifdef CONFIG_ATH9K_WOW
963 struct ath9k_hw_wow wow;
964 #endif
965 bool is_clk_25mhz;
966 int (*get_mac_revision)(void);
967 int (*external_reset)(void);
968 bool disable_2ghz;
969 bool disable_5ghz;
970
971 const struct firmware *eeprom_blob;
972
973 struct ath_dynack dynack;
974
975 bool tpc_enabled;
976 u8 tx_power[Ar5416RateSize];
977 u8 tx_power_stbc[Ar5416RateSize];
978 };
979
980 struct ath_bus_ops {
981 enum ath_bus_type ath_bus_type;
982 void (*read_cachesize)(struct ath_common *common, int *csz);
983 bool (*eeprom_read)(struct ath_common *common, u32 off, u16 *data);
984 void (*bt_coex_prep)(struct ath_common *common);
985 void (*aspm_init)(struct ath_common *common);
986 };
987
988 static inline struct ath_common *ath9k_hw_common(struct ath_hw *ah)
989 {
990 return &ah->common;
991 }
992
993 static inline struct ath_regulatory *ath9k_hw_regulatory(struct ath_hw *ah)
994 {
995 return &(ath9k_hw_common(ah)->regulatory);
996 }
997
998 static inline struct ath_hw_private_ops *ath9k_hw_private_ops(struct ath_hw *ah)
999 {
1000 return &ah->private_ops;
1001 }
1002
1003 static inline struct ath_hw_ops *ath9k_hw_ops(struct ath_hw *ah)
1004 {
1005 return &ah->ops;
1006 }
1007
1008 static inline u8 get_streams(int mask)
1009 {
1010 return !!(mask & BIT(0)) + !!(mask & BIT(1)) + !!(mask & BIT(2));
1011 }
1012
1013 /* Initialization, Detach, Reset */
1014 void ath9k_hw_deinit(struct ath_hw *ah);
1015 int ath9k_hw_init(struct ath_hw *ah);
1016 int ath9k_hw_reset(struct ath_hw *ah, struct ath9k_channel *chan,
1017 struct ath9k_hw_cal_data *caldata, bool fastcc);
1018 int ath9k_hw_fill_cap_info(struct ath_hw *ah);
1019 u32 ath9k_regd_get_ctl(struct ath_regulatory *reg, struct ath9k_channel *chan);
1020
1021 /* GPIO / RFKILL / Antennae */
1022 void ath9k_hw_cfg_gpio_input(struct ath_hw *ah, u32 gpio);
1023 u32 ath9k_hw_gpio_get(struct ath_hw *ah, u32 gpio);
1024 void ath9k_hw_cfg_output(struct ath_hw *ah, u32 gpio,
1025 u32 ah_signal_type);
1026 void ath9k_hw_set_gpio(struct ath_hw *ah, u32 gpio, u32 val);
1027 void ath9k_hw_request_gpio(struct ath_hw *ah, u32 gpio, const char *label);
1028 void ath9k_hw_setantenna(struct ath_hw *ah, u32 antenna);
1029
1030 /* General Operation */
1031 void ath9k_hw_synth_delay(struct ath_hw *ah, struct ath9k_channel *chan,
1032 int hw_delay);
1033 bool ath9k_hw_wait(struct ath_hw *ah, u32 reg, u32 mask, u32 val, u32 timeout);
1034 void ath9k_hw_write_array(struct ath_hw *ah, const struct ar5416IniArray *array,
1035 int column, unsigned int *writecnt);
1036 void ath9k_hw_read_array(struct ath_hw *ah, u32 array[][2], int size);
1037 u32 ath9k_hw_reverse_bits(u32 val, u32 n);
1038 u16 ath9k_hw_computetxtime(struct ath_hw *ah,
1039 u8 phy, int kbps,
1040 u32 frameLen, u16 rateix, bool shortPreamble);
1041 void ath9k_hw_get_channel_centers(struct ath_hw *ah,
1042 struct ath9k_channel *chan,
1043 struct chan_centers *centers);
1044 u32 ath9k_hw_getrxfilter(struct ath_hw *ah);
1045 void ath9k_hw_setrxfilter(struct ath_hw *ah, u32 bits);
1046 bool ath9k_hw_phy_disable(struct ath_hw *ah);
1047 bool ath9k_hw_disable(struct ath_hw *ah);
1048 void ath9k_hw_set_txpowerlimit(struct ath_hw *ah, u32 limit, bool test);
1049 void ath9k_hw_setopmode(struct ath_hw *ah);
1050 void ath9k_hw_setmcastfilter(struct ath_hw *ah, u32 filter0, u32 filter1);
1051 void ath9k_hw_write_associd(struct ath_hw *ah);
1052 u32 ath9k_hw_gettsf32(struct ath_hw *ah);
1053 u64 ath9k_hw_gettsf64(struct ath_hw *ah);
1054 void ath9k_hw_settsf64(struct ath_hw *ah, u64 tsf64);
1055 void ath9k_hw_reset_tsf(struct ath_hw *ah);
1056 u32 ath9k_hw_get_tsf_offset(struct timespec *last, struct timespec *cur);
1057 void ath9k_hw_set_tsfadjust(struct ath_hw *ah, bool set);
1058 void ath9k_hw_init_global_settings(struct ath_hw *ah);
1059 u32 ar9003_get_pll_sqsum_dvc(struct ath_hw *ah);
1060 void ath9k_hw_set11nmac2040(struct ath_hw *ah, struct ath9k_channel *chan);
1061 void ath9k_hw_beaconinit(struct ath_hw *ah, u32 next_beacon, u32 beacon_period);
1062 void ath9k_hw_set_sta_beacon_timers(struct ath_hw *ah,
1063 const struct ath9k_beacon_state *bs);
1064 void ath9k_hw_check_nav(struct ath_hw *ah);
1065 bool ath9k_hw_check_alive(struct ath_hw *ah);
1066
1067 bool ath9k_hw_setpower(struct ath_hw *ah, enum ath9k_power_mode mode);
1068
1069 /* Generic hw timer primitives */
1070 struct ath_gen_timer *ath_gen_timer_alloc(struct ath_hw *ah,
1071 void (*trigger)(void *),
1072 void (*overflow)(void *),
1073 void *arg,
1074 u8 timer_index);
1075 void ath9k_hw_gen_timer_start(struct ath_hw *ah,
1076 struct ath_gen_timer *timer,
1077 u32 timer_next,
1078 u32 timer_period);
1079 void ath9k_hw_gen_timer_start_tsf2(struct ath_hw *ah);
1080 void ath9k_hw_gen_timer_stop(struct ath_hw *ah, struct ath_gen_timer *timer);
1081
1082 void ath_gen_timer_free(struct ath_hw *ah, struct ath_gen_timer *timer);
1083 void ath_gen_timer_isr(struct ath_hw *hw);
1084
1085 void ath9k_hw_name(struct ath_hw *ah, char *hw_name, size_t len);
1086
1087 /* PHY */
1088 void ath9k_hw_get_delta_slope_vals(struct ath_hw *ah, u32 coef_scaled,
1089 u32 *coef_mantissa, u32 *coef_exponent);
1090 void ath9k_hw_apply_txpower(struct ath_hw *ah, struct ath9k_channel *chan,
1091 bool test);
1092
1093 /*
1094 * Code Specific to AR5008, AR9001 or AR9002,
1095 * we stuff these here to avoid callbacks for AR9003.
1096 */
1097 int ar9002_hw_rf_claim(struct ath_hw *ah);
1098 void ar9002_hw_enable_async_fifo(struct ath_hw *ah);
1099
1100 /*
1101 * Code specific to AR9003, we stuff these here to avoid callbacks
1102 * for older families
1103 */
1104 bool ar9003_hw_bb_watchdog_check(struct ath_hw *ah);
1105 void ar9003_hw_bb_watchdog_config(struct ath_hw *ah);
1106 void ar9003_hw_bb_watchdog_read(struct ath_hw *ah);
1107 void ar9003_hw_bb_watchdog_dbg_info(struct ath_hw *ah);
1108 void ar9003_hw_disable_phy_restart(struct ath_hw *ah);
1109 void ar9003_paprd_enable(struct ath_hw *ah, bool val);
1110 void ar9003_paprd_populate_single_table(struct ath_hw *ah,
1111 struct ath9k_hw_cal_data *caldata,
1112 int chain);
1113 int ar9003_paprd_create_curve(struct ath_hw *ah,
1114 struct ath9k_hw_cal_data *caldata, int chain);
1115 void ar9003_paprd_setup_gain_table(struct ath_hw *ah, int chain);
1116 int ar9003_paprd_init_table(struct ath_hw *ah);
1117 bool ar9003_paprd_is_done(struct ath_hw *ah);
1118 bool ar9003_is_paprd_enabled(struct ath_hw *ah);
1119 void ar9003_hw_set_chain_masks(struct ath_hw *ah, u8 rx, u8 tx);
1120 void ar9003_hw_init_rate_txpower(struct ath_hw *ah, u8 *rate_array,
1121 struct ath9k_channel *chan);
1122 void ar5008_hw_cmn_spur_mitigate(struct ath_hw *ah,
1123 struct ath9k_channel *chan, int bin);
1124 void ar5008_hw_init_rate_txpower(struct ath_hw *ah, int16_t *rate_array,
1125 struct ath9k_channel *chan, int ht40_delta);
1126
1127 /* Hardware family op attach helpers */
1128 int ar5008_hw_attach_phy_ops(struct ath_hw *ah);
1129 void ar9002_hw_attach_phy_ops(struct ath_hw *ah);
1130 void ar9003_hw_attach_phy_ops(struct ath_hw *ah);
1131
1132 void ar9002_hw_attach_calib_ops(struct ath_hw *ah);
1133 void ar9003_hw_attach_calib_ops(struct ath_hw *ah);
1134
1135 int ar9002_hw_attach_ops(struct ath_hw *ah);
1136 void ar9003_hw_attach_ops(struct ath_hw *ah);
1137
1138 void ar9002_hw_load_ani_reg(struct ath_hw *ah, struct ath9k_channel *chan);
1139
1140 void ath9k_ani_reset(struct ath_hw *ah, bool is_scanning);
1141 void ath9k_hw_ani_monitor(struct ath_hw *ah, struct ath9k_channel *chan);
1142
1143 void ath9k_hw_set_ack_timeout(struct ath_hw *ah, u32 us);
1144 void ath9k_hw_set_cts_timeout(struct ath_hw *ah, u32 us);
1145 void ath9k_hw_setslottime(struct ath_hw *ah, u32 us);
1146
1147 #ifdef CONFIG_ATH9K_BTCOEX_SUPPORT
1148 void ar9003_hw_attach_aic_ops(struct ath_hw *ah);
1149 static inline bool ath9k_hw_btcoex_is_enabled(struct ath_hw *ah)
1150 {
1151 return ah->btcoex_hw.enabled;
1152 }
1153 static inline bool ath9k_hw_mci_is_enabled(struct ath_hw *ah)
1154 {
1155 return ah->common.btcoex_enabled &&
1156 (ah->caps.hw_caps & ATH9K_HW_CAP_MCI);
1157
1158 }
1159 void ath9k_hw_btcoex_enable(struct ath_hw *ah);
1160 static inline enum ath_btcoex_scheme
1161 ath9k_hw_get_btcoex_scheme(struct ath_hw *ah)
1162 {
1163 return ah->btcoex_hw.scheme;
1164 }
1165 #else
1166 static inline void ar9003_hw_attach_aic_ops(struct ath_hw *ah)
1167 {
1168 }
1169 static inline bool ath9k_hw_btcoex_is_enabled(struct ath_hw *ah)
1170 {
1171 return false;
1172 }
1173 static inline bool ath9k_hw_mci_is_enabled(struct ath_hw *ah)
1174 {
1175 return false;
1176 }
1177 static inline void ath9k_hw_btcoex_enable(struct ath_hw *ah)
1178 {
1179 }
1180 static inline enum ath_btcoex_scheme
1181 ath9k_hw_get_btcoex_scheme(struct ath_hw *ah)
1182 {
1183 return ATH_BTCOEX_CFG_NONE;
1184 }
1185 #endif /* CONFIG_ATH9K_BTCOEX_SUPPORT */
1186
1187
1188 #ifdef CONFIG_ATH9K_WOW
1189 int ath9k_hw_wow_apply_pattern(struct ath_hw *ah, u8 *user_pattern,
1190 u8 *user_mask, int pattern_count,
1191 int pattern_len);
1192 u32 ath9k_hw_wow_wakeup(struct ath_hw *ah);
1193 void ath9k_hw_wow_enable(struct ath_hw *ah, u32 pattern_enable);
1194 #else
1195 static inline int ath9k_hw_wow_apply_pattern(struct ath_hw *ah,
1196 u8 *user_pattern,
1197 u8 *user_mask,
1198 int pattern_count,
1199 int pattern_len)
1200 {
1201 return 0;
1202 }
1203 static inline u32 ath9k_hw_wow_wakeup(struct ath_hw *ah)
1204 {
1205 return 0;
1206 }
1207 static inline void ath9k_hw_wow_enable(struct ath_hw *ah, u32 pattern_enable)
1208 {
1209 }
1210 #endif
1211
1212 #define ATH9K_CLOCK_RATE_CCK 22
1213 #define ATH9K_CLOCK_RATE_5GHZ_OFDM 40
1214 #define ATH9K_CLOCK_RATE_2GHZ_OFDM 44
1215 #define ATH9K_CLOCK_FAST_RATE_5GHZ_OFDM 44
1216
1217 #endif 1 #ifndef _LDV_RCV_H_
2 #define _LDV_RCV_H_
3
4 /* If expr evaluates to zero, ldv_assert() causes a program to reach the error
5 label like the standard assert(). */
6 #define ldv_assert(expr) ((expr) ? 0 : ldv_error())
7
8 /* The error label wrapper. It is used because of some static verifiers (like
9 BLAST) don't accept multiple error labels through a program. */
10 static inline void ldv_error(void)
11 {
12 LDV_ERROR: goto LDV_ERROR;
13 }
14
15 /* If expr evaluates to zero, ldv_assume() causes an infinite loop that is
16 avoided by verifiers. */
17 #define ldv_assume(expr) ((expr) ? 0 : ldv_stop())
18
19 /* Infinite loop, that causes verifiers to skip such paths. */
20 static inline void ldv_stop(void) {
21 LDV_STOP: goto LDV_STOP;
22 }
23
24 /* Special nondeterministic functions. */
25 int ldv_undef_int(void);
26 void *ldv_undef_ptr(void);
27 unsigned long ldv_undef_ulong(void);
28 long ldv_undef_long(void);
29 /* Return nondeterministic negative integer number. */
30 static inline int ldv_undef_int_negative(void)
31 {
32 int ret = ldv_undef_int();
33
34 ldv_assume(ret < 0);
35
36 return ret;
37 }
38 /* Return nondeterministic nonpositive integer number. */
39 static inline int ldv_undef_int_nonpositive(void)
40 {
41 int ret = ldv_undef_int();
42
43 ldv_assume(ret <= 0);
44
45 return ret;
46 }
47
48 /* Add explicit model for __builin_expect GCC function. Without the model a
49 return value will be treated as nondetermined by verifiers. */
50 static inline long __builtin_expect(long exp, long c)
51 {
52 return exp;
53 }
54
55 /* This function causes the program to exit abnormally. GCC implements this
56 function by using a target-dependent mechanism (such as intentionally executing
57 an illegal instruction) or by calling abort. The mechanism used may vary from
58 release to release so you should not rely on any particular implementation.
59 http://gcc.gnu.org/onlinedocs/gcc/Other-Builtins.html */
60 static inline void __builtin_trap(void)
61 {
62 ldv_assert(0);
63 }
64
65 /* The constant is for simulating an error of ldv_undef_ptr() function. */
66 #define LDV_PTR_MAX 2012
67
68 #endif /* _LDV_RCV_H_ */ |
Here is an explanation of a rule violation arisen while checking your driver against a corresponding kernel.
Note that it may be false positive, i.e. there isn't a real error indeed. Please analyze a given error trace and related source code to understand whether there is an error in your driver.
Error trace column contains a path on which the given rule is violated. You can expand/collapse some entity classes by clicking on corresponding checkboxes in a main menu or in an advanced Others menu. Also you can expand/collapse each particular entity by clicking on +/-. In hovering on some entities you can see some tips. Also the error trace is bound with related source code. Line numbers may be shown as links on the left. You can click on them to open corresponding lines in source code.
Source code column contains a content of files related with the error trace. There is source code of your driver (note that there are some LDV modifications at the end), kernel headers and rule model. Tabs show a currently opened file and other available files. In hovering on them you can see full file names. On clicking a corresponding file content will be shown.
Ядро | Модуль | Правило | Верификатор | Вердикт | Статус | Время создания |
linux-4.5-rc7 | drivers/net/wireless/ath/ath9k/ath9k_htc.ko | races | CPAchecker | Bug | Unreported | 2016-03-14 19:54:08 |
Комментарий
tx is called without locks, config - used several ones, but also may be called without them at all ath9k_htc_tx is called in rcu_read_lock context, thus mutex cannot be used for synchronization. In function ath9k_htc_tx the slot is acquired, __set_bit(slot, priv->tx.tx_slot) (см. ath9k_htc_tx_get_slot) and a mutex_lock in a handler. As a result ath9k_htc_tx_data may send a packet with wrong index sta_idx.
[В начало]