dhd_sdio.c revision b948a85c1f26d48395de8c6c7e392f008f1be666
1/* 2 * Copyright (c) 2010 Broadcom Corporation 3 * 4 * Permission to use, copy, modify, and/or distribute this software for any 5 * purpose with or without fee is hereby granted, provided that the above 6 * copyright notice and this permission notice appear in all copies. 7 * 8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY 11 * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION 13 * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN 14 * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 15 */ 16 17#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt 18 19#include <linux/types.h> 20#include <linux/kernel.h> 21#include <linux/kthread.h> 22#include <linux/printk.h> 23#include <linux/pci_ids.h> 24#include <linux/netdevice.h> 25#include <linux/interrupt.h> 26#include <linux/sched.h> 27#include <linux/mmc/sdio.h> 28#include <linux/mmc/sdio_func.h> 29#include <linux/mmc/card.h> 30#include <linux/semaphore.h> 31#include <linux/firmware.h> 32#include <linux/module.h> 33#include <linux/bcma/bcma.h> 34#include <asm/unaligned.h> 35#include <defs.h> 36#include <brcmu_wifi.h> 37#include <brcmu_utils.h> 38#include <brcm_hw_ids.h> 39#include <soc.h> 40#include "sdio_host.h" 41#include "sdio_chip.h" 42 43#define DCMD_RESP_TIMEOUT 2000 /* In milli second */ 44 45#ifdef DEBUG 46 47#define BRCMF_TRAP_INFO_SIZE 80 48 49#define CBUF_LEN (128) 50 51struct rte_log_le { 52 __le32 buf; /* Can't be pointer on (64-bit) hosts */ 53 __le32 buf_size; 54 __le32 idx; 55 char *_buf_compat; /* Redundant pointer for backward compat. */ 56}; 57 58struct rte_console { 59 /* Virtual UART 60 * When there is no UART (e.g. Quickturn), 61 * the host should write a complete 62 * input line directly into cbuf and then write 63 * the length into vcons_in. 64 * This may also be used when there is a real UART 65 * (at risk of conflicting with 66 * the real UART). vcons_out is currently unused. 67 */ 68 uint vcons_in; 69 uint vcons_out; 70 71 /* Output (logging) buffer 72 * Console output is written to a ring buffer log_buf at index log_idx. 73 * The host may read the output when it sees log_idx advance. 74 * Output will be lost if the output wraps around faster than the host 75 * polls. 76 */ 77 struct rte_log_le log_le; 78 79 /* Console input line buffer 80 * Characters are read one at a time into cbuf 81 * until <CR> is received, then 82 * the buffer is processed as a command line. 83 * Also used for virtual UART. 84 */ 85 uint cbuf_idx; 86 char cbuf[CBUF_LEN]; 87}; 88 89#endif /* DEBUG */ 90#include <chipcommon.h> 91 92#include "dhd_bus.h" 93#include "dhd_dbg.h" 94 95#define TXQLEN 2048 /* bulk tx queue length */ 96#define TXHI (TXQLEN - 256) /* turn on flow control above TXHI */ 97#define TXLOW (TXHI - 256) /* turn off flow control below TXLOW */ 98#define PRIOMASK 7 99 100#define TXRETRIES 2 /* # of retries for tx frames */ 101 102#define BRCMF_RXBOUND 50 /* Default for max rx frames in 103 one scheduling */ 104 105#define BRCMF_TXBOUND 20 /* Default for max tx frames in 106 one scheduling */ 107 108#define BRCMF_TXMINMAX 1 /* Max tx frames if rx still pending */ 109 110#define MEMBLOCK 2048 /* Block size used for downloading 111 of dongle image */ 112#define MAX_DATA_BUF (32 * 1024) /* Must be large enough to hold 113 biggest possible glom */ 114 115#define BRCMF_FIRSTREAD (1 << 6) 116 117 118/* SBSDIO_DEVICE_CTL */ 119 120/* 1: device will assert busy signal when receiving CMD53 */ 121#define SBSDIO_DEVCTL_SETBUSY 0x01 122/* 1: assertion of sdio interrupt is synchronous to the sdio clock */ 123#define SBSDIO_DEVCTL_SPI_INTR_SYNC 0x02 124/* 1: mask all interrupts to host except the chipActive (rev 8) */ 125#define SBSDIO_DEVCTL_CA_INT_ONLY 0x04 126/* 1: isolate internal sdio signals, put external pads in tri-state; requires 127 * sdio bus power cycle to clear (rev 9) */ 128#define SBSDIO_DEVCTL_PADS_ISO 0x08 129/* Force SD->SB reset mapping (rev 11) */ 130#define SBSDIO_DEVCTL_SB_RST_CTL 0x30 131/* Determined by CoreControl bit */ 132#define SBSDIO_DEVCTL_RST_CORECTL 0x00 133/* Force backplane reset */ 134#define SBSDIO_DEVCTL_RST_BPRESET 0x10 135/* Force no backplane reset */ 136#define SBSDIO_DEVCTL_RST_NOBPRESET 0x20 137 138/* direct(mapped) cis space */ 139 140/* MAPPED common CIS address */ 141#define SBSDIO_CIS_BASE_COMMON 0x1000 142/* maximum bytes in one CIS */ 143#define SBSDIO_CIS_SIZE_LIMIT 0x200 144/* cis offset addr is < 17 bits */ 145#define SBSDIO_CIS_OFT_ADDR_MASK 0x1FFFF 146 147/* manfid tuple length, include tuple, link bytes */ 148#define SBSDIO_CIS_MANFID_TUPLE_LEN 6 149 150/* intstatus */ 151#define I_SMB_SW0 (1 << 0) /* To SB Mail S/W interrupt 0 */ 152#define I_SMB_SW1 (1 << 1) /* To SB Mail S/W interrupt 1 */ 153#define I_SMB_SW2 (1 << 2) /* To SB Mail S/W interrupt 2 */ 154#define I_SMB_SW3 (1 << 3) /* To SB Mail S/W interrupt 3 */ 155#define I_SMB_SW_MASK 0x0000000f /* To SB Mail S/W interrupts mask */ 156#define I_SMB_SW_SHIFT 0 /* To SB Mail S/W interrupts shift */ 157#define I_HMB_SW0 (1 << 4) /* To Host Mail S/W interrupt 0 */ 158#define I_HMB_SW1 (1 << 5) /* To Host Mail S/W interrupt 1 */ 159#define I_HMB_SW2 (1 << 6) /* To Host Mail S/W interrupt 2 */ 160#define I_HMB_SW3 (1 << 7) /* To Host Mail S/W interrupt 3 */ 161#define I_HMB_SW_MASK 0x000000f0 /* To Host Mail S/W interrupts mask */ 162#define I_HMB_SW_SHIFT 4 /* To Host Mail S/W interrupts shift */ 163#define I_WR_OOSYNC (1 << 8) /* Write Frame Out Of Sync */ 164#define I_RD_OOSYNC (1 << 9) /* Read Frame Out Of Sync */ 165#define I_PC (1 << 10) /* descriptor error */ 166#define I_PD (1 << 11) /* data error */ 167#define I_DE (1 << 12) /* Descriptor protocol Error */ 168#define I_RU (1 << 13) /* Receive descriptor Underflow */ 169#define I_RO (1 << 14) /* Receive fifo Overflow */ 170#define I_XU (1 << 15) /* Transmit fifo Underflow */ 171#define I_RI (1 << 16) /* Receive Interrupt */ 172#define I_BUSPWR (1 << 17) /* SDIO Bus Power Change (rev 9) */ 173#define I_XMTDATA_AVAIL (1 << 23) /* bits in fifo */ 174#define I_XI (1 << 24) /* Transmit Interrupt */ 175#define I_RF_TERM (1 << 25) /* Read Frame Terminate */ 176#define I_WF_TERM (1 << 26) /* Write Frame Terminate */ 177#define I_PCMCIA_XU (1 << 27) /* PCMCIA Transmit FIFO Underflow */ 178#define I_SBINT (1 << 28) /* sbintstatus Interrupt */ 179#define I_CHIPACTIVE (1 << 29) /* chip from doze to active state */ 180#define I_SRESET (1 << 30) /* CCCR RES interrupt */ 181#define I_IOE2 (1U << 31) /* CCCR IOE2 Bit Changed */ 182#define I_ERRORS (I_PC | I_PD | I_DE | I_RU | I_RO | I_XU) 183#define I_DMA (I_RI | I_XI | I_ERRORS) 184 185/* corecontrol */ 186#define CC_CISRDY (1 << 0) /* CIS Ready */ 187#define CC_BPRESEN (1 << 1) /* CCCR RES signal */ 188#define CC_F2RDY (1 << 2) /* set CCCR IOR2 bit */ 189#define CC_CLRPADSISO (1 << 3) /* clear SDIO pads isolation */ 190#define CC_XMTDATAAVAIL_MODE (1 << 4) 191#define CC_XMTDATAAVAIL_CTRL (1 << 5) 192 193/* SDA_FRAMECTRL */ 194#define SFC_RF_TERM (1 << 0) /* Read Frame Terminate */ 195#define SFC_WF_TERM (1 << 1) /* Write Frame Terminate */ 196#define SFC_CRC4WOOS (1 << 2) /* CRC error for write out of sync */ 197#define SFC_ABORTALL (1 << 3) /* Abort all in-progress frames */ 198 199/* HW frame tag */ 200#define SDPCM_FRAMETAG_LEN 4 /* 2 bytes len, 2 bytes check val */ 201 202/* Total length of frame header for dongle protocol */ 203#define SDPCM_HDRLEN (SDPCM_FRAMETAG_LEN + SDPCM_SWHEADER_LEN) 204#define SDPCM_RESERVE (SDPCM_HDRLEN + BRCMF_SDALIGN) 205 206/* 207 * Software allocation of To SB Mailbox resources 208 */ 209 210/* tosbmailbox bits corresponding to intstatus bits */ 211#define SMB_NAK (1 << 0) /* Frame NAK */ 212#define SMB_INT_ACK (1 << 1) /* Host Interrupt ACK */ 213#define SMB_USE_OOB (1 << 2) /* Use OOB Wakeup */ 214#define SMB_DEV_INT (1 << 3) /* Miscellaneous Interrupt */ 215 216/* tosbmailboxdata */ 217#define SMB_DATA_VERSION_SHIFT 16 /* host protocol version */ 218 219/* 220 * Software allocation of To Host Mailbox resources 221 */ 222 223/* intstatus bits */ 224#define I_HMB_FC_STATE I_HMB_SW0 /* Flow Control State */ 225#define I_HMB_FC_CHANGE I_HMB_SW1 /* Flow Control State Changed */ 226#define I_HMB_FRAME_IND I_HMB_SW2 /* Frame Indication */ 227#define I_HMB_HOST_INT I_HMB_SW3 /* Miscellaneous Interrupt */ 228 229/* tohostmailboxdata */ 230#define HMB_DATA_NAKHANDLED 1 /* retransmit NAK'd frame */ 231#define HMB_DATA_DEVREADY 2 /* talk to host after enable */ 232#define HMB_DATA_FC 4 /* per prio flowcontrol update flag */ 233#define HMB_DATA_FWREADY 8 /* fw ready for protocol activity */ 234 235#define HMB_DATA_FCDATA_MASK 0xff000000 236#define HMB_DATA_FCDATA_SHIFT 24 237 238#define HMB_DATA_VERSION_MASK 0x00ff0000 239#define HMB_DATA_VERSION_SHIFT 16 240 241/* 242 * Software-defined protocol header 243 */ 244 245/* Current protocol version */ 246#define SDPCM_PROT_VERSION 4 247 248/* SW frame header */ 249#define SDPCM_PACKET_SEQUENCE(p) (((u8 *)p)[0] & 0xff) 250 251#define SDPCM_CHANNEL_MASK 0x00000f00 252#define SDPCM_CHANNEL_SHIFT 8 253#define SDPCM_PACKET_CHANNEL(p) (((u8 *)p)[1] & 0x0f) 254 255#define SDPCM_NEXTLEN_OFFSET 2 256 257/* Data Offset from SOF (HW Tag, SW Tag, Pad) */ 258#define SDPCM_DOFFSET_OFFSET 3 /* Data Offset */ 259#define SDPCM_DOFFSET_VALUE(p) (((u8 *)p)[SDPCM_DOFFSET_OFFSET] & 0xff) 260#define SDPCM_DOFFSET_MASK 0xff000000 261#define SDPCM_DOFFSET_SHIFT 24 262#define SDPCM_FCMASK_OFFSET 4 /* Flow control */ 263#define SDPCM_FCMASK_VALUE(p) (((u8 *)p)[SDPCM_FCMASK_OFFSET] & 0xff) 264#define SDPCM_WINDOW_OFFSET 5 /* Credit based fc */ 265#define SDPCM_WINDOW_VALUE(p) (((u8 *)p)[SDPCM_WINDOW_OFFSET] & 0xff) 266 267#define SDPCM_SWHEADER_LEN 8 /* SW header is 64 bits */ 268 269/* logical channel numbers */ 270#define SDPCM_CONTROL_CHANNEL 0 /* Control channel Id */ 271#define SDPCM_EVENT_CHANNEL 1 /* Asyc Event Indication Channel Id */ 272#define SDPCM_DATA_CHANNEL 2 /* Data Xmit/Recv Channel Id */ 273#define SDPCM_GLOM_CHANNEL 3 /* For coalesced packets */ 274#define SDPCM_TEST_CHANNEL 15 /* Reserved for test/debug packets */ 275 276#define SDPCM_SEQUENCE_WRAP 256 /* wrap-around val for 8bit frame seq */ 277 278#define SDPCM_GLOMDESC(p) (((u8 *)p)[1] & 0x80) 279 280/* 281 * Shared structure between dongle and the host. 282 * The structure contains pointers to trap or assert information. 283 */ 284#define SDPCM_SHARED_VERSION 0x0002 285#define SDPCM_SHARED_VERSION_MASK 0x00FF 286#define SDPCM_SHARED_ASSERT_BUILT 0x0100 287#define SDPCM_SHARED_ASSERT 0x0200 288#define SDPCM_SHARED_TRAP 0x0400 289 290/* Space for header read, limit for data packets */ 291#define MAX_HDR_READ (1 << 6) 292#define MAX_RX_DATASZ 2048 293 294/* Maximum milliseconds to wait for F2 to come up */ 295#define BRCMF_WAIT_F2RDY 3000 296 297/* Bump up limit on waiting for HT to account for first startup; 298 * if the image is doing a CRC calculation before programming the PMU 299 * for HT availability, it could take a couple hundred ms more, so 300 * max out at a 1 second (1000000us). 301 */ 302#undef PMU_MAX_TRANSITION_DLY 303#define PMU_MAX_TRANSITION_DLY 1000000 304 305/* Value for ChipClockCSR during initial setup */ 306#define BRCMF_INIT_CLKCTL1 (SBSDIO_FORCE_HW_CLKREQ_OFF | \ 307 SBSDIO_ALP_AVAIL_REQ) 308 309/* Flags for SDH calls */ 310#define F2SYNC (SDIO_REQ_4BYTE | SDIO_REQ_FIXED) 311 312#define BRCMF_SDIO_FW_NAME "brcm/brcmfmac-sdio.bin" 313#define BRCMF_SDIO_NV_NAME "brcm/brcmfmac-sdio.txt" 314MODULE_FIRMWARE(BRCMF_SDIO_FW_NAME); 315MODULE_FIRMWARE(BRCMF_SDIO_NV_NAME); 316 317#define BRCMF_IDLE_IMMEDIATE (-1) /* Enter idle immediately */ 318#define BRCMF_IDLE_ACTIVE 0 /* Do not request any SD clock change 319 * when idle 320 */ 321#define BRCMF_IDLE_INTERVAL 1 322 323/* 324 * Conversion of 802.1D priority to precedence level 325 */ 326static uint prio2prec(u32 prio) 327{ 328 return (prio == PRIO_8021D_NONE || prio == PRIO_8021D_BE) ? 329 (prio^2) : prio; 330} 331 332/* core registers */ 333struct sdpcmd_regs { 334 u32 corecontrol; /* 0x00, rev8 */ 335 u32 corestatus; /* rev8 */ 336 u32 PAD[1]; 337 u32 biststatus; /* rev8 */ 338 339 /* PCMCIA access */ 340 u16 pcmciamesportaladdr; /* 0x010, rev8 */ 341 u16 PAD[1]; 342 u16 pcmciamesportalmask; /* rev8 */ 343 u16 PAD[1]; 344 u16 pcmciawrframebc; /* rev8 */ 345 u16 PAD[1]; 346 u16 pcmciaunderflowtimer; /* rev8 */ 347 u16 PAD[1]; 348 349 /* interrupt */ 350 u32 intstatus; /* 0x020, rev8 */ 351 u32 hostintmask; /* rev8 */ 352 u32 intmask; /* rev8 */ 353 u32 sbintstatus; /* rev8 */ 354 u32 sbintmask; /* rev8 */ 355 u32 funcintmask; /* rev4 */ 356 u32 PAD[2]; 357 u32 tosbmailbox; /* 0x040, rev8 */ 358 u32 tohostmailbox; /* rev8 */ 359 u32 tosbmailboxdata; /* rev8 */ 360 u32 tohostmailboxdata; /* rev8 */ 361 362 /* synchronized access to registers in SDIO clock domain */ 363 u32 sdioaccess; /* 0x050, rev8 */ 364 u32 PAD[3]; 365 366 /* PCMCIA frame control */ 367 u8 pcmciaframectrl; /* 0x060, rev8 */ 368 u8 PAD[3]; 369 u8 pcmciawatermark; /* rev8 */ 370 u8 PAD[155]; 371 372 /* interrupt batching control */ 373 u32 intrcvlazy; /* 0x100, rev8 */ 374 u32 PAD[3]; 375 376 /* counters */ 377 u32 cmd52rd; /* 0x110, rev8 */ 378 u32 cmd52wr; /* rev8 */ 379 u32 cmd53rd; /* rev8 */ 380 u32 cmd53wr; /* rev8 */ 381 u32 abort; /* rev8 */ 382 u32 datacrcerror; /* rev8 */ 383 u32 rdoutofsync; /* rev8 */ 384 u32 wroutofsync; /* rev8 */ 385 u32 writebusy; /* rev8 */ 386 u32 readwait; /* rev8 */ 387 u32 readterm; /* rev8 */ 388 u32 writeterm; /* rev8 */ 389 u32 PAD[40]; 390 u32 clockctlstatus; /* rev8 */ 391 u32 PAD[7]; 392 393 u32 PAD[128]; /* DMA engines */ 394 395 /* SDIO/PCMCIA CIS region */ 396 char cis[512]; /* 0x400-0x5ff, rev6 */ 397 398 /* PCMCIA function control registers */ 399 char pcmciafcr[256]; /* 0x600-6ff, rev6 */ 400 u16 PAD[55]; 401 402 /* PCMCIA backplane access */ 403 u16 backplanecsr; /* 0x76E, rev6 */ 404 u16 backplaneaddr0; /* rev6 */ 405 u16 backplaneaddr1; /* rev6 */ 406 u16 backplaneaddr2; /* rev6 */ 407 u16 backplaneaddr3; /* rev6 */ 408 u16 backplanedata0; /* rev6 */ 409 u16 backplanedata1; /* rev6 */ 410 u16 backplanedata2; /* rev6 */ 411 u16 backplanedata3; /* rev6 */ 412 u16 PAD[31]; 413 414 /* sprom "size" & "blank" info */ 415 u16 spromstatus; /* 0x7BE, rev2 */ 416 u32 PAD[464]; 417 418 u16 PAD[0x80]; 419}; 420 421#ifdef DEBUG 422/* Device console log buffer state */ 423struct brcmf_console { 424 uint count; /* Poll interval msec counter */ 425 uint log_addr; /* Log struct address (fixed) */ 426 struct rte_log_le log_le; /* Log struct (host copy) */ 427 uint bufsize; /* Size of log buffer */ 428 u8 *buf; /* Log buffer (host copy) */ 429 uint last; /* Last buffer read index */ 430}; 431#endif /* DEBUG */ 432 433struct sdpcm_shared { 434 u32 flags; 435 u32 trap_addr; 436 u32 assert_exp_addr; 437 u32 assert_file_addr; 438 u32 assert_line; 439 u32 console_addr; /* Address of struct rte_console */ 440 u32 msgtrace_addr; 441 u8 tag[32]; 442}; 443 444struct sdpcm_shared_le { 445 __le32 flags; 446 __le32 trap_addr; 447 __le32 assert_exp_addr; 448 __le32 assert_file_addr; 449 __le32 assert_line; 450 __le32 console_addr; /* Address of struct rte_console */ 451 __le32 msgtrace_addr; 452 u8 tag[32]; 453}; 454 455 456/* misc chip info needed by some of the routines */ 457/* Private data for SDIO bus interaction */ 458struct brcmf_sdio { 459 struct brcmf_sdio_dev *sdiodev; /* sdio device handler */ 460 struct chip_info *ci; /* Chip info struct */ 461 char *vars; /* Variables (from CIS and/or other) */ 462 uint varsz; /* Size of variables buffer */ 463 464 u32 ramsize; /* Size of RAM in SOCRAM (bytes) */ 465 466 u32 hostintmask; /* Copy of Host Interrupt Mask */ 467 u32 intstatus; /* Intstatus bits (events) pending */ 468 bool dpc_sched; /* Indicates DPC schedule (intrpt rcvd) */ 469 bool fcstate; /* State of dongle flow-control */ 470 471 uint blocksize; /* Block size of SDIO transfers */ 472 uint roundup; /* Max roundup limit */ 473 474 struct pktq txq; /* Queue length used for flow-control */ 475 u8 flowcontrol; /* per prio flow control bitmask */ 476 u8 tx_seq; /* Transmit sequence number (next) */ 477 u8 tx_max; /* Maximum transmit sequence allowed */ 478 479 u8 hdrbuf[MAX_HDR_READ + BRCMF_SDALIGN]; 480 u8 *rxhdr; /* Header of current rx frame (in hdrbuf) */ 481 u16 nextlen; /* Next Read Len from last header */ 482 u8 rx_seq; /* Receive sequence number (expected) */ 483 bool rxskip; /* Skip receive (awaiting NAK ACK) */ 484 485 uint rxbound; /* Rx frames to read before resched */ 486 uint txbound; /* Tx frames to send before resched */ 487 uint txminmax; 488 489 struct sk_buff *glomd; /* Packet containing glomming descriptor */ 490 struct sk_buff_head glom; /* Packet list for glommed superframe */ 491 uint glomerr; /* Glom packet read errors */ 492 493 u8 *rxbuf; /* Buffer for receiving control packets */ 494 uint rxblen; /* Allocated length of rxbuf */ 495 u8 *rxctl; /* Aligned pointer into rxbuf */ 496 u8 *databuf; /* Buffer for receiving big glom packet */ 497 u8 *dataptr; /* Aligned pointer into databuf */ 498 uint rxlen; /* Length of valid data in buffer */ 499 500 u8 sdpcm_ver; /* Bus protocol reported by dongle */ 501 502 bool intr; /* Use interrupts */ 503 bool poll; /* Use polling */ 504 bool ipend; /* Device interrupt is pending */ 505 uint intrcount; /* Count of device interrupt callbacks */ 506 uint lastintrs; /* Count as of last watchdog timer */ 507 uint spurious; /* Count of spurious interrupts */ 508 uint pollrate; /* Ticks between device polls */ 509 uint polltick; /* Tick counter */ 510 uint pollcnt; /* Count of active polls */ 511 512#ifdef DEBUG 513 uint console_interval; 514 struct brcmf_console console; /* Console output polling support */ 515 uint console_addr; /* Console address from shared struct */ 516#endif /* DEBUG */ 517 518 uint regfails; /* Count of R_REG failures */ 519 520 uint clkstate; /* State of sd and backplane clock(s) */ 521 bool activity; /* Activity flag for clock down */ 522 s32 idletime; /* Control for activity timeout */ 523 s32 idlecount; /* Activity timeout counter */ 524 s32 idleclock; /* How to set bus driver when idle */ 525 s32 sd_rxchain; 526 bool use_rxchain; /* If brcmf should use PKT chains */ 527 bool sleeping; /* Is SDIO bus sleeping? */ 528 bool rxflow_mode; /* Rx flow control mode */ 529 bool rxflow; /* Is rx flow control on */ 530 bool alp_only; /* Don't use HT clock (ALP only) */ 531/* Field to decide if rx of control frames happen in rxbuf or lb-pool */ 532 bool usebufpool; 533 534 /* Some additional counters */ 535 uint tx_sderrs; /* Count of tx attempts with sd errors */ 536 uint fcqueued; /* Tx packets that got queued */ 537 uint rxrtx; /* Count of rtx requests (NAK to dongle) */ 538 uint rx_toolong; /* Receive frames too long to receive */ 539 uint rxc_errors; /* SDIO errors when reading control frames */ 540 uint rx_hdrfail; /* SDIO errors on header reads */ 541 uint rx_badhdr; /* Bad received headers (roosync?) */ 542 uint rx_badseq; /* Mismatched rx sequence number */ 543 uint fc_rcvd; /* Number of flow-control events received */ 544 uint fc_xoff; /* Number which turned on flow-control */ 545 uint fc_xon; /* Number which turned off flow-control */ 546 uint rxglomfail; /* Failed deglom attempts */ 547 uint rxglomframes; /* Number of glom frames (superframes) */ 548 uint rxglompkts; /* Number of packets from glom frames */ 549 uint f2rxhdrs; /* Number of header reads */ 550 uint f2rxdata; /* Number of frame data reads */ 551 uint f2txdata; /* Number of f2 frame writes */ 552 uint f1regdata; /* Number of f1 register accesses */ 553 uint tickcnt; /* Number of watchdog been schedule */ 554 unsigned long tx_ctlerrs; /* Err of sending ctrl frames */ 555 unsigned long tx_ctlpkts; /* Ctrl frames sent to dongle */ 556 unsigned long rx_ctlerrs; /* Err of processing rx ctrl frames */ 557 unsigned long rx_ctlpkts; /* Ctrl frames processed from dongle */ 558 unsigned long rx_readahead_cnt; /* Number of packets where header 559 * read-ahead was used. */ 560 561 u8 *ctrl_frame_buf; 562 u32 ctrl_frame_len; 563 bool ctrl_frame_stat; 564 565 spinlock_t txqlock; 566 wait_queue_head_t ctrl_wait; 567 wait_queue_head_t dcmd_resp_wait; 568 569 struct timer_list timer; 570 struct completion watchdog_wait; 571 struct task_struct *watchdog_tsk; 572 bool wd_timer_valid; 573 uint save_ms; 574 575 struct task_struct *dpc_tsk; 576 struct completion dpc_wait; 577 struct list_head dpc_tsklst; 578 spinlock_t dpc_tl_lock; 579 580 struct semaphore sdsem; 581 582 const struct firmware *firmware; 583 u32 fw_ptr; 584 585 bool txoff; /* Transmit flow-controlled */ 586}; 587 588/* clkstate */ 589#define CLK_NONE 0 590#define CLK_SDONLY 1 591#define CLK_PENDING 2 /* Not used yet */ 592#define CLK_AVAIL 3 593 594#ifdef DEBUG 595static int qcount[NUMPRIO]; 596static int tx_packets[NUMPRIO]; 597#endif /* DEBUG */ 598 599#define SDIO_DRIVE_STRENGTH 6 /* in milliamps */ 600 601#define RETRYCHAN(chan) ((chan) == SDPCM_EVENT_CHANNEL) 602 603/* Retry count for register access failures */ 604static const uint retry_limit = 2; 605 606/* Limit on rounding up frames */ 607static const uint max_roundup = 512; 608 609#define ALIGNMENT 4 610 611static void pkt_align(struct sk_buff *p, int len, int align) 612{ 613 uint datalign; 614 datalign = (unsigned long)(p->data); 615 datalign = roundup(datalign, (align)) - datalign; 616 if (datalign) 617 skb_pull(p, datalign); 618 __skb_trim(p, len); 619} 620 621/* To check if there's window offered */ 622static bool data_ok(struct brcmf_sdio *bus) 623{ 624 return (u8)(bus->tx_max - bus->tx_seq) != 0 && 625 ((u8)(bus->tx_max - bus->tx_seq) & 0x80) == 0; 626} 627 628/* 629 * Reads a register in the SDIO hardware block. This block occupies a series of 630 * adresses on the 32 bit backplane bus. 631 */ 632static void 633r_sdreg32(struct brcmf_sdio *bus, u32 *regvar, u32 reg_offset, u32 *retryvar) 634{ 635 u8 idx = brcmf_sdio_chip_getinfidx(bus->ci, BCMA_CORE_SDIO_DEV); 636 *retryvar = 0; 637 do { 638 *regvar = brcmf_sdcard_reg_read(bus->sdiodev, 639 bus->ci->c_inf[idx].base + reg_offset, 640 sizeof(u32)); 641 } while (brcmf_sdcard_regfail(bus->sdiodev) && 642 (++(*retryvar) <= retry_limit)); 643 if (*retryvar) { 644 bus->regfails += (*retryvar-1); 645 if (*retryvar > retry_limit) { 646 brcmf_dbg(ERROR, "FAILED READ %Xh\n", reg_offset); 647 *regvar = 0; 648 } 649 } 650} 651 652static void 653w_sdreg32(struct brcmf_sdio *bus, u32 regval, u32 reg_offset, u32 *retryvar) 654{ 655 u8 idx = brcmf_sdio_chip_getinfidx(bus->ci, BCMA_CORE_SDIO_DEV); 656 *retryvar = 0; 657 do { 658 brcmf_sdcard_reg_write(bus->sdiodev, 659 bus->ci->c_inf[idx].base + reg_offset, 660 sizeof(u32), regval); 661 } while (brcmf_sdcard_regfail(bus->sdiodev) && 662 (++(*retryvar) <= retry_limit)); 663 if (*retryvar) { 664 bus->regfails += (*retryvar-1); 665 if (*retryvar > retry_limit) 666 brcmf_dbg(ERROR, "FAILED REGISTER WRITE %Xh\n", 667 reg_offset); 668 } 669} 670 671#define PKT_AVAILABLE() (intstatus & I_HMB_FRAME_IND) 672 673#define HOSTINTMASK (I_HMB_SW_MASK | I_CHIPACTIVE) 674 675/* Packet free applicable unconditionally for sdio and sdspi. 676 * Conditional if bufpool was present for gspi bus. 677 */ 678static void brcmf_sdbrcm_pktfree2(struct brcmf_sdio *bus, struct sk_buff *pkt) 679{ 680 if (bus->usebufpool) 681 brcmu_pkt_buf_free_skb(pkt); 682} 683 684/* Turn backplane clock on or off */ 685static int brcmf_sdbrcm_htclk(struct brcmf_sdio *bus, bool on, bool pendok) 686{ 687 int err; 688 u8 clkctl, clkreq, devctl; 689 unsigned long timeout; 690 691 brcmf_dbg(TRACE, "Enter\n"); 692 693 clkctl = 0; 694 695 if (on) { 696 /* Request HT Avail */ 697 clkreq = 698 bus->alp_only ? SBSDIO_ALP_AVAIL_REQ : SBSDIO_HT_AVAIL_REQ; 699 700 brcmf_sdcard_cfg_write(bus->sdiodev, SDIO_FUNC_1, 701 SBSDIO_FUNC1_CHIPCLKCSR, clkreq, &err); 702 if (err) { 703 brcmf_dbg(ERROR, "HT Avail request error: %d\n", err); 704 return -EBADE; 705 } 706 707 /* Check current status */ 708 clkctl = brcmf_sdcard_cfg_read(bus->sdiodev, SDIO_FUNC_1, 709 SBSDIO_FUNC1_CHIPCLKCSR, &err); 710 if (err) { 711 brcmf_dbg(ERROR, "HT Avail read error: %d\n", err); 712 return -EBADE; 713 } 714 715 /* Go to pending and await interrupt if appropriate */ 716 if (!SBSDIO_CLKAV(clkctl, bus->alp_only) && pendok) { 717 /* Allow only clock-available interrupt */ 718 devctl = brcmf_sdcard_cfg_read(bus->sdiodev, 719 SDIO_FUNC_1, 720 SBSDIO_DEVICE_CTL, &err); 721 if (err) { 722 brcmf_dbg(ERROR, "Devctl error setting CA: %d\n", 723 err); 724 return -EBADE; 725 } 726 727 devctl |= SBSDIO_DEVCTL_CA_INT_ONLY; 728 brcmf_sdcard_cfg_write(bus->sdiodev, SDIO_FUNC_1, 729 SBSDIO_DEVICE_CTL, devctl, &err); 730 brcmf_dbg(INFO, "CLKCTL: set PENDING\n"); 731 bus->clkstate = CLK_PENDING; 732 733 return 0; 734 } else if (bus->clkstate == CLK_PENDING) { 735 /* Cancel CA-only interrupt filter */ 736 devctl = 737 brcmf_sdcard_cfg_read(bus->sdiodev, SDIO_FUNC_1, 738 SBSDIO_DEVICE_CTL, &err); 739 devctl &= ~SBSDIO_DEVCTL_CA_INT_ONLY; 740 brcmf_sdcard_cfg_write(bus->sdiodev, SDIO_FUNC_1, 741 SBSDIO_DEVICE_CTL, devctl, &err); 742 } 743 744 /* Otherwise, wait here (polling) for HT Avail */ 745 timeout = jiffies + 746 msecs_to_jiffies(PMU_MAX_TRANSITION_DLY/1000); 747 while (!SBSDIO_CLKAV(clkctl, bus->alp_only)) { 748 clkctl = brcmf_sdcard_cfg_read(bus->sdiodev, 749 SDIO_FUNC_1, 750 SBSDIO_FUNC1_CHIPCLKCSR, 751 &err); 752 if (time_after(jiffies, timeout)) 753 break; 754 else 755 usleep_range(5000, 10000); 756 } 757 if (err) { 758 brcmf_dbg(ERROR, "HT Avail request error: %d\n", err); 759 return -EBADE; 760 } 761 if (!SBSDIO_CLKAV(clkctl, bus->alp_only)) { 762 brcmf_dbg(ERROR, "HT Avail timeout (%d): clkctl 0x%02x\n", 763 PMU_MAX_TRANSITION_DLY, clkctl); 764 return -EBADE; 765 } 766 767 /* Mark clock available */ 768 bus->clkstate = CLK_AVAIL; 769 brcmf_dbg(INFO, "CLKCTL: turned ON\n"); 770 771#if defined(DEBUG) 772 if (!bus->alp_only) { 773 if (SBSDIO_ALPONLY(clkctl)) 774 brcmf_dbg(ERROR, "HT Clock should be on\n"); 775 } 776#endif /* defined (DEBUG) */ 777 778 bus->activity = true; 779 } else { 780 clkreq = 0; 781 782 if (bus->clkstate == CLK_PENDING) { 783 /* Cancel CA-only interrupt filter */ 784 devctl = brcmf_sdcard_cfg_read(bus->sdiodev, 785 SDIO_FUNC_1, 786 SBSDIO_DEVICE_CTL, &err); 787 devctl &= ~SBSDIO_DEVCTL_CA_INT_ONLY; 788 brcmf_sdcard_cfg_write(bus->sdiodev, SDIO_FUNC_1, 789 SBSDIO_DEVICE_CTL, devctl, &err); 790 } 791 792 bus->clkstate = CLK_SDONLY; 793 brcmf_sdcard_cfg_write(bus->sdiodev, SDIO_FUNC_1, 794 SBSDIO_FUNC1_CHIPCLKCSR, clkreq, &err); 795 brcmf_dbg(INFO, "CLKCTL: turned OFF\n"); 796 if (err) { 797 brcmf_dbg(ERROR, "Failed access turning clock off: %d\n", 798 err); 799 return -EBADE; 800 } 801 } 802 return 0; 803} 804 805/* Change idle/active SD state */ 806static int brcmf_sdbrcm_sdclk(struct brcmf_sdio *bus, bool on) 807{ 808 brcmf_dbg(TRACE, "Enter\n"); 809 810 if (on) 811 bus->clkstate = CLK_SDONLY; 812 else 813 bus->clkstate = CLK_NONE; 814 815 return 0; 816} 817 818/* Transition SD and backplane clock readiness */ 819static int brcmf_sdbrcm_clkctl(struct brcmf_sdio *bus, uint target, bool pendok) 820{ 821#ifdef DEBUG 822 uint oldstate = bus->clkstate; 823#endif /* DEBUG */ 824 825 brcmf_dbg(TRACE, "Enter\n"); 826 827 /* Early exit if we're already there */ 828 if (bus->clkstate == target) { 829 if (target == CLK_AVAIL) { 830 brcmf_sdbrcm_wd_timer(bus, BRCMF_WD_POLL_MS); 831 bus->activity = true; 832 } 833 return 0; 834 } 835 836 switch (target) { 837 case CLK_AVAIL: 838 /* Make sure SD clock is available */ 839 if (bus->clkstate == CLK_NONE) 840 brcmf_sdbrcm_sdclk(bus, true); 841 /* Now request HT Avail on the backplane */ 842 brcmf_sdbrcm_htclk(bus, true, pendok); 843 brcmf_sdbrcm_wd_timer(bus, BRCMF_WD_POLL_MS); 844 bus->activity = true; 845 break; 846 847 case CLK_SDONLY: 848 /* Remove HT request, or bring up SD clock */ 849 if (bus->clkstate == CLK_NONE) 850 brcmf_sdbrcm_sdclk(bus, true); 851 else if (bus->clkstate == CLK_AVAIL) 852 brcmf_sdbrcm_htclk(bus, false, false); 853 else 854 brcmf_dbg(ERROR, "request for %d -> %d\n", 855 bus->clkstate, target); 856 brcmf_sdbrcm_wd_timer(bus, BRCMF_WD_POLL_MS); 857 break; 858 859 case CLK_NONE: 860 /* Make sure to remove HT request */ 861 if (bus->clkstate == CLK_AVAIL) 862 brcmf_sdbrcm_htclk(bus, false, false); 863 /* Now remove the SD clock */ 864 brcmf_sdbrcm_sdclk(bus, false); 865 brcmf_sdbrcm_wd_timer(bus, 0); 866 break; 867 } 868#ifdef DEBUG 869 brcmf_dbg(INFO, "%d -> %d\n", oldstate, bus->clkstate); 870#endif /* DEBUG */ 871 872 return 0; 873} 874 875static int brcmf_sdbrcm_bussleep(struct brcmf_sdio *bus, bool sleep) 876{ 877 uint retries = 0; 878 879 brcmf_dbg(INFO, "request %s (currently %s)\n", 880 sleep ? "SLEEP" : "WAKE", 881 bus->sleeping ? "SLEEP" : "WAKE"); 882 883 /* Done if we're already in the requested state */ 884 if (sleep == bus->sleeping) 885 return 0; 886 887 /* Going to sleep: set the alarm and turn off the lights... */ 888 if (sleep) { 889 /* Don't sleep if something is pending */ 890 if (bus->dpc_sched || bus->rxskip || pktq_len(&bus->txq)) 891 return -EBUSY; 892 893 /* Make sure the controller has the bus up */ 894 brcmf_sdbrcm_clkctl(bus, CLK_AVAIL, false); 895 896 /* Tell device to start using OOB wakeup */ 897 w_sdreg32(bus, SMB_USE_OOB, 898 offsetof(struct sdpcmd_regs, tosbmailbox), &retries); 899 if (retries > retry_limit) 900 brcmf_dbg(ERROR, "CANNOT SIGNAL CHIP, WILL NOT WAKE UP!!\n"); 901 902 /* Turn off our contribution to the HT clock request */ 903 brcmf_sdbrcm_clkctl(bus, CLK_SDONLY, false); 904 905 brcmf_sdcard_cfg_write(bus->sdiodev, SDIO_FUNC_1, 906 SBSDIO_FUNC1_CHIPCLKCSR, 907 SBSDIO_FORCE_HW_CLKREQ_OFF, NULL); 908 909 /* Isolate the bus */ 910 brcmf_sdcard_cfg_write(bus->sdiodev, SDIO_FUNC_1, 911 SBSDIO_DEVICE_CTL, 912 SBSDIO_DEVCTL_PADS_ISO, NULL); 913 914 /* Change state */ 915 bus->sleeping = true; 916 917 } else { 918 /* Waking up: bus power up is ok, set local state */ 919 920 brcmf_sdcard_cfg_write(bus->sdiodev, SDIO_FUNC_1, 921 SBSDIO_FUNC1_CHIPCLKCSR, 0, NULL); 922 923 /* Make sure the controller has the bus up */ 924 brcmf_sdbrcm_clkctl(bus, CLK_AVAIL, false); 925 926 /* Send misc interrupt to indicate OOB not needed */ 927 w_sdreg32(bus, 0, offsetof(struct sdpcmd_regs, tosbmailboxdata), 928 &retries); 929 if (retries <= retry_limit) 930 w_sdreg32(bus, SMB_DEV_INT, 931 offsetof(struct sdpcmd_regs, tosbmailbox), 932 &retries); 933 934 if (retries > retry_limit) 935 brcmf_dbg(ERROR, "CANNOT SIGNAL CHIP TO CLEAR OOB!!\n"); 936 937 /* Make sure we have SD bus access */ 938 brcmf_sdbrcm_clkctl(bus, CLK_SDONLY, false); 939 940 /* Change state */ 941 bus->sleeping = false; 942 } 943 944 return 0; 945} 946 947static void bus_wake(struct brcmf_sdio *bus) 948{ 949 if (bus->sleeping) 950 brcmf_sdbrcm_bussleep(bus, false); 951} 952 953static u32 brcmf_sdbrcm_hostmail(struct brcmf_sdio *bus) 954{ 955 u32 intstatus = 0; 956 u32 hmb_data; 957 u8 fcbits; 958 uint retries = 0; 959 960 brcmf_dbg(TRACE, "Enter\n"); 961 962 /* Read mailbox data and ack that we did so */ 963 r_sdreg32(bus, &hmb_data, 964 offsetof(struct sdpcmd_regs, tohostmailboxdata), &retries); 965 966 if (retries <= retry_limit) 967 w_sdreg32(bus, SMB_INT_ACK, 968 offsetof(struct sdpcmd_regs, tosbmailbox), &retries); 969 bus->f1regdata += 2; 970 971 /* Dongle recomposed rx frames, accept them again */ 972 if (hmb_data & HMB_DATA_NAKHANDLED) { 973 brcmf_dbg(INFO, "Dongle reports NAK handled, expect rtx of %d\n", 974 bus->rx_seq); 975 if (!bus->rxskip) 976 brcmf_dbg(ERROR, "unexpected NAKHANDLED!\n"); 977 978 bus->rxskip = false; 979 intstatus |= I_HMB_FRAME_IND; 980 } 981 982 /* 983 * DEVREADY does not occur with gSPI. 984 */ 985 if (hmb_data & (HMB_DATA_DEVREADY | HMB_DATA_FWREADY)) { 986 bus->sdpcm_ver = 987 (hmb_data & HMB_DATA_VERSION_MASK) >> 988 HMB_DATA_VERSION_SHIFT; 989 if (bus->sdpcm_ver != SDPCM_PROT_VERSION) 990 brcmf_dbg(ERROR, "Version mismatch, dongle reports %d, " 991 "expecting %d\n", 992 bus->sdpcm_ver, SDPCM_PROT_VERSION); 993 else 994 brcmf_dbg(INFO, "Dongle ready, protocol version %d\n", 995 bus->sdpcm_ver); 996 } 997 998 /* 999 * Flow Control has been moved into the RX headers and this out of band 1000 * method isn't used any more. 1001 * remaining backward compatible with older dongles. 1002 */ 1003 if (hmb_data & HMB_DATA_FC) { 1004 fcbits = (hmb_data & HMB_DATA_FCDATA_MASK) >> 1005 HMB_DATA_FCDATA_SHIFT; 1006 1007 if (fcbits & ~bus->flowcontrol) 1008 bus->fc_xoff++; 1009 1010 if (bus->flowcontrol & ~fcbits) 1011 bus->fc_xon++; 1012 1013 bus->fc_rcvd++; 1014 bus->flowcontrol = fcbits; 1015 } 1016 1017 /* Shouldn't be any others */ 1018 if (hmb_data & ~(HMB_DATA_DEVREADY | 1019 HMB_DATA_NAKHANDLED | 1020 HMB_DATA_FC | 1021 HMB_DATA_FWREADY | 1022 HMB_DATA_FCDATA_MASK | HMB_DATA_VERSION_MASK)) 1023 brcmf_dbg(ERROR, "Unknown mailbox data content: 0x%02x\n", 1024 hmb_data); 1025 1026 return intstatus; 1027} 1028 1029static void brcmf_sdbrcm_rxfail(struct brcmf_sdio *bus, bool abort, bool rtx) 1030{ 1031 uint retries = 0; 1032 u16 lastrbc; 1033 u8 hi, lo; 1034 int err; 1035 1036 brcmf_dbg(ERROR, "%sterminate frame%s\n", 1037 abort ? "abort command, " : "", 1038 rtx ? ", send NAK" : ""); 1039 1040 if (abort) 1041 brcmf_sdcard_abort(bus->sdiodev, SDIO_FUNC_2); 1042 1043 brcmf_sdcard_cfg_write(bus->sdiodev, SDIO_FUNC_1, 1044 SBSDIO_FUNC1_FRAMECTRL, 1045 SFC_RF_TERM, &err); 1046 bus->f1regdata++; 1047 1048 /* Wait until the packet has been flushed (device/FIFO stable) */ 1049 for (lastrbc = retries = 0xffff; retries > 0; retries--) { 1050 hi = brcmf_sdcard_cfg_read(bus->sdiodev, SDIO_FUNC_1, 1051 SBSDIO_FUNC1_RFRAMEBCHI, NULL); 1052 lo = brcmf_sdcard_cfg_read(bus->sdiodev, SDIO_FUNC_1, 1053 SBSDIO_FUNC1_RFRAMEBCLO, NULL); 1054 bus->f1regdata += 2; 1055 1056 if ((hi == 0) && (lo == 0)) 1057 break; 1058 1059 if ((hi > (lastrbc >> 8)) && (lo > (lastrbc & 0x00ff))) { 1060 brcmf_dbg(ERROR, "count growing: last 0x%04x now 0x%04x\n", 1061 lastrbc, (hi << 8) + lo); 1062 } 1063 lastrbc = (hi << 8) + lo; 1064 } 1065 1066 if (!retries) 1067 brcmf_dbg(ERROR, "count never zeroed: last 0x%04x\n", lastrbc); 1068 else 1069 brcmf_dbg(INFO, "flush took %d iterations\n", 0xffff - retries); 1070 1071 if (rtx) { 1072 bus->rxrtx++; 1073 w_sdreg32(bus, SMB_NAK, 1074 offsetof(struct sdpcmd_regs, tosbmailbox), &retries); 1075 1076 bus->f1regdata++; 1077 if (retries <= retry_limit) 1078 bus->rxskip = true; 1079 } 1080 1081 /* Clear partial in any case */ 1082 bus->nextlen = 0; 1083 1084 /* If we can't reach the device, signal failure */ 1085 if (err || brcmf_sdcard_regfail(bus->sdiodev)) 1086 bus->sdiodev->bus_if->state = BRCMF_BUS_DOWN; 1087} 1088 1089/* copy a buffer into a pkt buffer chain */ 1090static uint brcmf_sdbrcm_glom_from_buf(struct brcmf_sdio *bus, uint len) 1091{ 1092 uint n, ret = 0; 1093 struct sk_buff *p; 1094 u8 *buf; 1095 1096 buf = bus->dataptr; 1097 1098 /* copy the data */ 1099 skb_queue_walk(&bus->glom, p) { 1100 n = min_t(uint, p->len, len); 1101 memcpy(p->data, buf, n); 1102 buf += n; 1103 len -= n; 1104 ret += n; 1105 if (!len) 1106 break; 1107 } 1108 1109 return ret; 1110} 1111 1112/* return total length of buffer chain */ 1113static uint brcmf_sdbrcm_glom_len(struct brcmf_sdio *bus) 1114{ 1115 struct sk_buff *p; 1116 uint total; 1117 1118 total = 0; 1119 skb_queue_walk(&bus->glom, p) 1120 total += p->len; 1121 return total; 1122} 1123 1124static void brcmf_sdbrcm_free_glom(struct brcmf_sdio *bus) 1125{ 1126 struct sk_buff *cur, *next; 1127 1128 skb_queue_walk_safe(&bus->glom, cur, next) { 1129 skb_unlink(cur, &bus->glom); 1130 brcmu_pkt_buf_free_skb(cur); 1131 } 1132} 1133 1134static u8 brcmf_sdbrcm_rxglom(struct brcmf_sdio *bus, u8 rxseq) 1135{ 1136 u16 dlen, totlen; 1137 u8 *dptr, num = 0; 1138 1139 u16 sublen, check; 1140 struct sk_buff *pfirst, *pnext; 1141 1142 int errcode; 1143 u8 chan, seq, doff, sfdoff; 1144 u8 txmax; 1145 1146 int ifidx = 0; 1147 bool usechain = bus->use_rxchain; 1148 1149 /* If packets, issue read(s) and send up packet chain */ 1150 /* Return sequence numbers consumed? */ 1151 1152 brcmf_dbg(TRACE, "start: glomd %p glom %p\n", 1153 bus->glomd, skb_peek(&bus->glom)); 1154 1155 /* If there's a descriptor, generate the packet chain */ 1156 if (bus->glomd) { 1157 pfirst = pnext = NULL; 1158 dlen = (u16) (bus->glomd->len); 1159 dptr = bus->glomd->data; 1160 if (!dlen || (dlen & 1)) { 1161 brcmf_dbg(ERROR, "bad glomd len(%d), ignore descriptor\n", 1162 dlen); 1163 dlen = 0; 1164 } 1165 1166 for (totlen = num = 0; dlen; num++) { 1167 /* Get (and move past) next length */ 1168 sublen = get_unaligned_le16(dptr); 1169 dlen -= sizeof(u16); 1170 dptr += sizeof(u16); 1171 if ((sublen < SDPCM_HDRLEN) || 1172 ((num == 0) && (sublen < (2 * SDPCM_HDRLEN)))) { 1173 brcmf_dbg(ERROR, "descriptor len %d bad: %d\n", 1174 num, sublen); 1175 pnext = NULL; 1176 break; 1177 } 1178 if (sublen % BRCMF_SDALIGN) { 1179 brcmf_dbg(ERROR, "sublen %d not multiple of %d\n", 1180 sublen, BRCMF_SDALIGN); 1181 usechain = false; 1182 } 1183 totlen += sublen; 1184 1185 /* For last frame, adjust read len so total 1186 is a block multiple */ 1187 if (!dlen) { 1188 sublen += 1189 (roundup(totlen, bus->blocksize) - totlen); 1190 totlen = roundup(totlen, bus->blocksize); 1191 } 1192 1193 /* Allocate/chain packet for next subframe */ 1194 pnext = brcmu_pkt_buf_get_skb(sublen + BRCMF_SDALIGN); 1195 if (pnext == NULL) { 1196 brcmf_dbg(ERROR, "bcm_pkt_buf_get_skb failed, num %d len %d\n", 1197 num, sublen); 1198 break; 1199 } 1200 skb_queue_tail(&bus->glom, pnext); 1201 1202 /* Adhere to start alignment requirements */ 1203 pkt_align(pnext, sublen, BRCMF_SDALIGN); 1204 } 1205 1206 /* If all allocations succeeded, save packet chain 1207 in bus structure */ 1208 if (pnext) { 1209 brcmf_dbg(GLOM, "allocated %d-byte packet chain for %d subframes\n", 1210 totlen, num); 1211 if (BRCMF_GLOM_ON() && bus->nextlen && 1212 totlen != bus->nextlen) { 1213 brcmf_dbg(GLOM, "glomdesc mismatch: nextlen %d glomdesc %d rxseq %d\n", 1214 bus->nextlen, totlen, rxseq); 1215 } 1216 pfirst = pnext = NULL; 1217 } else { 1218 brcmf_sdbrcm_free_glom(bus); 1219 num = 0; 1220 } 1221 1222 /* Done with descriptor packet */ 1223 brcmu_pkt_buf_free_skb(bus->glomd); 1224 bus->glomd = NULL; 1225 bus->nextlen = 0; 1226 } 1227 1228 /* Ok -- either we just generated a packet chain, 1229 or had one from before */ 1230 if (!skb_queue_empty(&bus->glom)) { 1231 if (BRCMF_GLOM_ON()) { 1232 brcmf_dbg(GLOM, "try superframe read, packet chain:\n"); 1233 skb_queue_walk(&bus->glom, pnext) { 1234 brcmf_dbg(GLOM, " %p: %p len 0x%04x (%d)\n", 1235 pnext, (u8 *) (pnext->data), 1236 pnext->len, pnext->len); 1237 } 1238 } 1239 1240 pfirst = skb_peek(&bus->glom); 1241 dlen = (u16) brcmf_sdbrcm_glom_len(bus); 1242 1243 /* Do an SDIO read for the superframe. Configurable iovar to 1244 * read directly into the chained packet, or allocate a large 1245 * packet and and copy into the chain. 1246 */ 1247 if (usechain) { 1248 errcode = brcmf_sdcard_recv_chain(bus->sdiodev, 1249 bus->sdiodev->sbwad, 1250 SDIO_FUNC_2, F2SYNC, &bus->glom); 1251 } else if (bus->dataptr) { 1252 errcode = brcmf_sdcard_recv_buf(bus->sdiodev, 1253 bus->sdiodev->sbwad, 1254 SDIO_FUNC_2, F2SYNC, 1255 bus->dataptr, dlen); 1256 sublen = (u16) brcmf_sdbrcm_glom_from_buf(bus, dlen); 1257 if (sublen != dlen) { 1258 brcmf_dbg(ERROR, "FAILED TO COPY, dlen %d sublen %d\n", 1259 dlen, sublen); 1260 errcode = -1; 1261 } 1262 pnext = NULL; 1263 } else { 1264 brcmf_dbg(ERROR, "COULDN'T ALLOC %d-BYTE GLOM, FORCE FAILURE\n", 1265 dlen); 1266 errcode = -1; 1267 } 1268 bus->f2rxdata++; 1269 1270 /* On failure, kill the superframe, allow a couple retries */ 1271 if (errcode < 0) { 1272 brcmf_dbg(ERROR, "glom read of %d bytes failed: %d\n", 1273 dlen, errcode); 1274 bus->sdiodev->bus_if->dstats.rx_errors++; 1275 1276 if (bus->glomerr++ < 3) { 1277 brcmf_sdbrcm_rxfail(bus, true, true); 1278 } else { 1279 bus->glomerr = 0; 1280 brcmf_sdbrcm_rxfail(bus, true, false); 1281 bus->rxglomfail++; 1282 brcmf_sdbrcm_free_glom(bus); 1283 } 1284 return 0; 1285 } 1286 1287 brcmf_dbg_hex_dump(BRCMF_GLOM_ON(), 1288 pfirst->data, min_t(int, pfirst->len, 48), 1289 "SUPERFRAME:\n"); 1290 1291 /* Validate the superframe header */ 1292 dptr = (u8 *) (pfirst->data); 1293 sublen = get_unaligned_le16(dptr); 1294 check = get_unaligned_le16(dptr + sizeof(u16)); 1295 1296 chan = SDPCM_PACKET_CHANNEL(&dptr[SDPCM_FRAMETAG_LEN]); 1297 seq = SDPCM_PACKET_SEQUENCE(&dptr[SDPCM_FRAMETAG_LEN]); 1298 bus->nextlen = dptr[SDPCM_FRAMETAG_LEN + SDPCM_NEXTLEN_OFFSET]; 1299 if ((bus->nextlen << 4) > MAX_RX_DATASZ) { 1300 brcmf_dbg(INFO, "nextlen too large (%d) seq %d\n", 1301 bus->nextlen, seq); 1302 bus->nextlen = 0; 1303 } 1304 doff = SDPCM_DOFFSET_VALUE(&dptr[SDPCM_FRAMETAG_LEN]); 1305 txmax = SDPCM_WINDOW_VALUE(&dptr[SDPCM_FRAMETAG_LEN]); 1306 1307 errcode = 0; 1308 if ((u16)~(sublen ^ check)) { 1309 brcmf_dbg(ERROR, "(superframe): HW hdr error: len/check 0x%04x/0x%04x\n", 1310 sublen, check); 1311 errcode = -1; 1312 } else if (roundup(sublen, bus->blocksize) != dlen) { 1313 brcmf_dbg(ERROR, "(superframe): len 0x%04x, rounded 0x%04x, expect 0x%04x\n", 1314 sublen, roundup(sublen, bus->blocksize), 1315 dlen); 1316 errcode = -1; 1317 } else if (SDPCM_PACKET_CHANNEL(&dptr[SDPCM_FRAMETAG_LEN]) != 1318 SDPCM_GLOM_CHANNEL) { 1319 brcmf_dbg(ERROR, "(superframe): bad channel %d\n", 1320 SDPCM_PACKET_CHANNEL( 1321 &dptr[SDPCM_FRAMETAG_LEN])); 1322 errcode = -1; 1323 } else if (SDPCM_GLOMDESC(&dptr[SDPCM_FRAMETAG_LEN])) { 1324 brcmf_dbg(ERROR, "(superframe): got 2nd descriptor?\n"); 1325 errcode = -1; 1326 } else if ((doff < SDPCM_HDRLEN) || 1327 (doff > (pfirst->len - SDPCM_HDRLEN))) { 1328 brcmf_dbg(ERROR, "(superframe): Bad data offset %d: HW %d pkt %d min %d\n", 1329 doff, sublen, pfirst->len, SDPCM_HDRLEN); 1330 errcode = -1; 1331 } 1332 1333 /* Check sequence number of superframe SW header */ 1334 if (rxseq != seq) { 1335 brcmf_dbg(INFO, "(superframe) rx_seq %d, expected %d\n", 1336 seq, rxseq); 1337 bus->rx_badseq++; 1338 rxseq = seq; 1339 } 1340 1341 /* Check window for sanity */ 1342 if ((u8) (txmax - bus->tx_seq) > 0x40) { 1343 brcmf_dbg(ERROR, "unlikely tx max %d with tx_seq %d\n", 1344 txmax, bus->tx_seq); 1345 txmax = bus->tx_seq + 2; 1346 } 1347 bus->tx_max = txmax; 1348 1349 /* Remove superframe header, remember offset */ 1350 skb_pull(pfirst, doff); 1351 sfdoff = doff; 1352 num = 0; 1353 1354 /* Validate all the subframe headers */ 1355 skb_queue_walk(&bus->glom, pnext) { 1356 /* leave when invalid subframe is found */ 1357 if (errcode) 1358 break; 1359 1360 dptr = (u8 *) (pnext->data); 1361 dlen = (u16) (pnext->len); 1362 sublen = get_unaligned_le16(dptr); 1363 check = get_unaligned_le16(dptr + sizeof(u16)); 1364 chan = SDPCM_PACKET_CHANNEL(&dptr[SDPCM_FRAMETAG_LEN]); 1365 doff = SDPCM_DOFFSET_VALUE(&dptr[SDPCM_FRAMETAG_LEN]); 1366 brcmf_dbg_hex_dump(BRCMF_GLOM_ON(), 1367 dptr, 32, "subframe:\n"); 1368 1369 if ((u16)~(sublen ^ check)) { 1370 brcmf_dbg(ERROR, "(subframe %d): HW hdr error: len/check 0x%04x/0x%04x\n", 1371 num, sublen, check); 1372 errcode = -1; 1373 } else if ((sublen > dlen) || (sublen < SDPCM_HDRLEN)) { 1374 brcmf_dbg(ERROR, "(subframe %d): length mismatch: len 0x%04x, expect 0x%04x\n", 1375 num, sublen, dlen); 1376 errcode = -1; 1377 } else if ((chan != SDPCM_DATA_CHANNEL) && 1378 (chan != SDPCM_EVENT_CHANNEL)) { 1379 brcmf_dbg(ERROR, "(subframe %d): bad channel %d\n", 1380 num, chan); 1381 errcode = -1; 1382 } else if ((doff < SDPCM_HDRLEN) || (doff > sublen)) { 1383 brcmf_dbg(ERROR, "(subframe %d): Bad data offset %d: HW %d min %d\n", 1384 num, doff, sublen, SDPCM_HDRLEN); 1385 errcode = -1; 1386 } 1387 /* increase the subframe count */ 1388 num++; 1389 } 1390 1391 if (errcode) { 1392 /* Terminate frame on error, request 1393 a couple retries */ 1394 if (bus->glomerr++ < 3) { 1395 /* Restore superframe header space */ 1396 skb_push(pfirst, sfdoff); 1397 brcmf_sdbrcm_rxfail(bus, true, true); 1398 } else { 1399 bus->glomerr = 0; 1400 brcmf_sdbrcm_rxfail(bus, true, false); 1401 bus->rxglomfail++; 1402 brcmf_sdbrcm_free_glom(bus); 1403 } 1404 bus->nextlen = 0; 1405 return 0; 1406 } 1407 1408 /* Basic SD framing looks ok - process each packet (header) */ 1409 1410 skb_queue_walk_safe(&bus->glom, pfirst, pnext) { 1411 dptr = (u8 *) (pfirst->data); 1412 sublen = get_unaligned_le16(dptr); 1413 chan = SDPCM_PACKET_CHANNEL(&dptr[SDPCM_FRAMETAG_LEN]); 1414 seq = SDPCM_PACKET_SEQUENCE(&dptr[SDPCM_FRAMETAG_LEN]); 1415 doff = SDPCM_DOFFSET_VALUE(&dptr[SDPCM_FRAMETAG_LEN]); 1416 1417 brcmf_dbg(GLOM, "Get subframe %d, %p(%p/%d), sublen %d chan %d seq %d\n", 1418 num, pfirst, pfirst->data, 1419 pfirst->len, sublen, chan, seq); 1420 1421 /* precondition: chan == SDPCM_DATA_CHANNEL || 1422 chan == SDPCM_EVENT_CHANNEL */ 1423 1424 if (rxseq != seq) { 1425 brcmf_dbg(GLOM, "rx_seq %d, expected %d\n", 1426 seq, rxseq); 1427 bus->rx_badseq++; 1428 rxseq = seq; 1429 } 1430 rxseq++; 1431 1432 brcmf_dbg_hex_dump(BRCMF_BYTES_ON() && BRCMF_DATA_ON(), 1433 dptr, dlen, "Rx Subframe Data:\n"); 1434 1435 __skb_trim(pfirst, sublen); 1436 skb_pull(pfirst, doff); 1437 1438 if (pfirst->len == 0) { 1439 skb_unlink(pfirst, &bus->glom); 1440 brcmu_pkt_buf_free_skb(pfirst); 1441 continue; 1442 } else if (brcmf_proto_hdrpull(bus->sdiodev->dev, 1443 &ifidx, pfirst) != 0) { 1444 brcmf_dbg(ERROR, "rx protocol error\n"); 1445 bus->sdiodev->bus_if->dstats.rx_errors++; 1446 skb_unlink(pfirst, &bus->glom); 1447 brcmu_pkt_buf_free_skb(pfirst); 1448 continue; 1449 } 1450 1451 brcmf_dbg_hex_dump(BRCMF_GLOM_ON(), 1452 pfirst->data, 1453 min_t(int, pfirst->len, 32), 1454 "subframe %d to stack, %p (%p/%d) nxt/lnk %p/%p\n", 1455 bus->glom.qlen, pfirst, pfirst->data, 1456 pfirst->len, pfirst->next, 1457 pfirst->prev); 1458 } 1459 /* sent any remaining packets up */ 1460 if (bus->glom.qlen) { 1461 up(&bus->sdsem); 1462 brcmf_rx_frame(bus->sdiodev->dev, ifidx, &bus->glom); 1463 down(&bus->sdsem); 1464 } 1465 1466 bus->rxglomframes++; 1467 bus->rxglompkts += bus->glom.qlen; 1468 } 1469 return num; 1470} 1471 1472static int brcmf_sdbrcm_dcmd_resp_wait(struct brcmf_sdio *bus, uint *condition, 1473 bool *pending) 1474{ 1475 DECLARE_WAITQUEUE(wait, current); 1476 int timeout = msecs_to_jiffies(DCMD_RESP_TIMEOUT); 1477 1478 /* Wait until control frame is available */ 1479 add_wait_queue(&bus->dcmd_resp_wait, &wait); 1480 set_current_state(TASK_INTERRUPTIBLE); 1481 1482 while (!(*condition) && (!signal_pending(current) && timeout)) 1483 timeout = schedule_timeout(timeout); 1484 1485 if (signal_pending(current)) 1486 *pending = true; 1487 1488 set_current_state(TASK_RUNNING); 1489 remove_wait_queue(&bus->dcmd_resp_wait, &wait); 1490 1491 return timeout; 1492} 1493 1494static int brcmf_sdbrcm_dcmd_resp_wake(struct brcmf_sdio *bus) 1495{ 1496 if (waitqueue_active(&bus->dcmd_resp_wait)) 1497 wake_up_interruptible(&bus->dcmd_resp_wait); 1498 1499 return 0; 1500} 1501static void 1502brcmf_sdbrcm_read_control(struct brcmf_sdio *bus, u8 *hdr, uint len, uint doff) 1503{ 1504 uint rdlen, pad; 1505 1506 int sdret; 1507 1508 brcmf_dbg(TRACE, "Enter\n"); 1509 1510 /* Set rxctl for frame (w/optional alignment) */ 1511 bus->rxctl = bus->rxbuf; 1512 bus->rxctl += BRCMF_FIRSTREAD; 1513 pad = ((unsigned long)bus->rxctl % BRCMF_SDALIGN); 1514 if (pad) 1515 bus->rxctl += (BRCMF_SDALIGN - pad); 1516 bus->rxctl -= BRCMF_FIRSTREAD; 1517 1518 /* Copy the already-read portion over */ 1519 memcpy(bus->rxctl, hdr, BRCMF_FIRSTREAD); 1520 if (len <= BRCMF_FIRSTREAD) 1521 goto gotpkt; 1522 1523 /* Raise rdlen to next SDIO block to avoid tail command */ 1524 rdlen = len - BRCMF_FIRSTREAD; 1525 if (bus->roundup && bus->blocksize && (rdlen > bus->blocksize)) { 1526 pad = bus->blocksize - (rdlen % bus->blocksize); 1527 if ((pad <= bus->roundup) && (pad < bus->blocksize) && 1528 ((len + pad) < bus->sdiodev->bus_if->maxctl)) 1529 rdlen += pad; 1530 } else if (rdlen % BRCMF_SDALIGN) { 1531 rdlen += BRCMF_SDALIGN - (rdlen % BRCMF_SDALIGN); 1532 } 1533 1534 /* Satisfy length-alignment requirements */ 1535 if (rdlen & (ALIGNMENT - 1)) 1536 rdlen = roundup(rdlen, ALIGNMENT); 1537 1538 /* Drop if the read is too big or it exceeds our maximum */ 1539 if ((rdlen + BRCMF_FIRSTREAD) > bus->sdiodev->bus_if->maxctl) { 1540 brcmf_dbg(ERROR, "%d-byte control read exceeds %d-byte buffer\n", 1541 rdlen, bus->sdiodev->bus_if->maxctl); 1542 bus->sdiodev->bus_if->dstats.rx_errors++; 1543 brcmf_sdbrcm_rxfail(bus, false, false); 1544 goto done; 1545 } 1546 1547 if ((len - doff) > bus->sdiodev->bus_if->maxctl) { 1548 brcmf_dbg(ERROR, "%d-byte ctl frame (%d-byte ctl data) exceeds %d-byte limit\n", 1549 len, len - doff, bus->sdiodev->bus_if->maxctl); 1550 bus->sdiodev->bus_if->dstats.rx_errors++; 1551 bus->rx_toolong++; 1552 brcmf_sdbrcm_rxfail(bus, false, false); 1553 goto done; 1554 } 1555 1556 /* Read remainder of frame body into the rxctl buffer */ 1557 sdret = brcmf_sdcard_recv_buf(bus->sdiodev, 1558 bus->sdiodev->sbwad, 1559 SDIO_FUNC_2, 1560 F2SYNC, (bus->rxctl + BRCMF_FIRSTREAD), rdlen); 1561 bus->f2rxdata++; 1562 1563 /* Control frame failures need retransmission */ 1564 if (sdret < 0) { 1565 brcmf_dbg(ERROR, "read %d control bytes failed: %d\n", 1566 rdlen, sdret); 1567 bus->rxc_errors++; 1568 brcmf_sdbrcm_rxfail(bus, true, true); 1569 goto done; 1570 } 1571 1572gotpkt: 1573 1574 brcmf_dbg_hex_dump(BRCMF_BYTES_ON() && BRCMF_CTL_ON(), 1575 bus->rxctl, len, "RxCtrl:\n"); 1576 1577 /* Point to valid data and indicate its length */ 1578 bus->rxctl += doff; 1579 bus->rxlen = len - doff; 1580 1581done: 1582 /* Awake any waiters */ 1583 brcmf_sdbrcm_dcmd_resp_wake(bus); 1584} 1585 1586/* Pad read to blocksize for efficiency */ 1587static void brcmf_pad(struct brcmf_sdio *bus, u16 *pad, u16 *rdlen) 1588{ 1589 if (bus->roundup && bus->blocksize && *rdlen > bus->blocksize) { 1590 *pad = bus->blocksize - (*rdlen % bus->blocksize); 1591 if (*pad <= bus->roundup && *pad < bus->blocksize && 1592 *rdlen + *pad + BRCMF_FIRSTREAD < MAX_RX_DATASZ) 1593 *rdlen += *pad; 1594 } else if (*rdlen % BRCMF_SDALIGN) { 1595 *rdlen += BRCMF_SDALIGN - (*rdlen % BRCMF_SDALIGN); 1596 } 1597} 1598 1599static void 1600brcmf_alloc_pkt_and_read(struct brcmf_sdio *bus, u16 rdlen, 1601 struct sk_buff **pkt, u8 **rxbuf) 1602{ 1603 int sdret; /* Return code from calls */ 1604 1605 *pkt = brcmu_pkt_buf_get_skb(rdlen + BRCMF_SDALIGN); 1606 if (*pkt == NULL) 1607 return; 1608 1609 pkt_align(*pkt, rdlen, BRCMF_SDALIGN); 1610 *rxbuf = (u8 *) ((*pkt)->data); 1611 /* Read the entire frame */ 1612 sdret = brcmf_sdcard_recv_pkt(bus->sdiodev, bus->sdiodev->sbwad, 1613 SDIO_FUNC_2, F2SYNC, *pkt); 1614 bus->f2rxdata++; 1615 1616 if (sdret < 0) { 1617 brcmf_dbg(ERROR, "(nextlen): read %d bytes failed: %d\n", 1618 rdlen, sdret); 1619 brcmu_pkt_buf_free_skb(*pkt); 1620 bus->sdiodev->bus_if->dstats.rx_errors++; 1621 /* Force retry w/normal header read. 1622 * Don't attempt NAK for 1623 * gSPI 1624 */ 1625 brcmf_sdbrcm_rxfail(bus, true, true); 1626 *pkt = NULL; 1627 } 1628} 1629 1630/* Checks the header */ 1631static int 1632brcmf_check_rxbuf(struct brcmf_sdio *bus, struct sk_buff *pkt, u8 *rxbuf, 1633 u8 rxseq, u16 nextlen, u16 *len) 1634{ 1635 u16 check; 1636 bool len_consistent; /* Result of comparing readahead len and 1637 len from hw-hdr */ 1638 1639 memcpy(bus->rxhdr, rxbuf, SDPCM_HDRLEN); 1640 1641 /* Extract hardware header fields */ 1642 *len = get_unaligned_le16(bus->rxhdr); 1643 check = get_unaligned_le16(bus->rxhdr + sizeof(u16)); 1644 1645 /* All zeros means readahead info was bad */ 1646 if (!(*len | check)) { 1647 brcmf_dbg(INFO, "(nextlen): read zeros in HW header???\n"); 1648 goto fail; 1649 } 1650 1651 /* Validate check bytes */ 1652 if ((u16)~(*len ^ check)) { 1653 brcmf_dbg(ERROR, "(nextlen): HW hdr error: nextlen/len/check 0x%04x/0x%04x/0x%04x\n", 1654 nextlen, *len, check); 1655 bus->rx_badhdr++; 1656 brcmf_sdbrcm_rxfail(bus, false, false); 1657 goto fail; 1658 } 1659 1660 /* Validate frame length */ 1661 if (*len < SDPCM_HDRLEN) { 1662 brcmf_dbg(ERROR, "(nextlen): HW hdr length invalid: %d\n", 1663 *len); 1664 goto fail; 1665 } 1666 1667 /* Check for consistency with readahead info */ 1668 len_consistent = (nextlen != (roundup(*len, 16) >> 4)); 1669 if (len_consistent) { 1670 /* Mismatch, force retry w/normal 1671 header (may be >4K) */ 1672 brcmf_dbg(ERROR, "(nextlen): mismatch, nextlen %d len %d rnd %d; expected rxseq %d\n", 1673 nextlen, *len, roundup(*len, 16), 1674 rxseq); 1675 brcmf_sdbrcm_rxfail(bus, true, true); 1676 goto fail; 1677 } 1678 1679 return 0; 1680 1681fail: 1682 brcmf_sdbrcm_pktfree2(bus, pkt); 1683 return -EINVAL; 1684} 1685 1686/* Return true if there may be more frames to read */ 1687static uint 1688brcmf_sdbrcm_readframes(struct brcmf_sdio *bus, uint maxframes, bool *finished) 1689{ 1690 u16 len, check; /* Extracted hardware header fields */ 1691 u8 chan, seq, doff; /* Extracted software header fields */ 1692 u8 fcbits; /* Extracted fcbits from software header */ 1693 1694 struct sk_buff *pkt; /* Packet for event or data frames */ 1695 u16 pad; /* Number of pad bytes to read */ 1696 u16 rdlen; /* Total number of bytes to read */ 1697 u8 rxseq; /* Next sequence number to expect */ 1698 uint rxleft = 0; /* Remaining number of frames allowed */ 1699 int sdret; /* Return code from calls */ 1700 u8 txmax; /* Maximum tx sequence offered */ 1701 u8 *rxbuf; 1702 int ifidx = 0; 1703 uint rxcount = 0; /* Total frames read */ 1704 1705 brcmf_dbg(TRACE, "Enter\n"); 1706 1707 /* Not finished unless we encounter no more frames indication */ 1708 *finished = false; 1709 1710 for (rxseq = bus->rx_seq, rxleft = maxframes; 1711 !bus->rxskip && rxleft && 1712 bus->sdiodev->bus_if->state != BRCMF_BUS_DOWN; 1713 rxseq++, rxleft--) { 1714 1715 /* Handle glomming separately */ 1716 if (bus->glomd || !skb_queue_empty(&bus->glom)) { 1717 u8 cnt; 1718 brcmf_dbg(GLOM, "calling rxglom: glomd %p, glom %p\n", 1719 bus->glomd, skb_peek(&bus->glom)); 1720 cnt = brcmf_sdbrcm_rxglom(bus, rxseq); 1721 brcmf_dbg(GLOM, "rxglom returned %d\n", cnt); 1722 rxseq += cnt - 1; 1723 rxleft = (rxleft > cnt) ? (rxleft - cnt) : 1; 1724 continue; 1725 } 1726 1727 /* Try doing single read if we can */ 1728 if (bus->nextlen) { 1729 u16 nextlen = bus->nextlen; 1730 bus->nextlen = 0; 1731 1732 rdlen = len = nextlen << 4; 1733 brcmf_pad(bus, &pad, &rdlen); 1734 1735 /* 1736 * After the frame is received we have to 1737 * distinguish whether it is data 1738 * or non-data frame. 1739 */ 1740 brcmf_alloc_pkt_and_read(bus, rdlen, &pkt, &rxbuf); 1741 if (pkt == NULL) { 1742 /* Give up on data, request rtx of events */ 1743 brcmf_dbg(ERROR, "(nextlen): brcmf_alloc_pkt_and_read failed: len %d rdlen %d expected rxseq %d\n", 1744 len, rdlen, rxseq); 1745 continue; 1746 } 1747 1748 if (brcmf_check_rxbuf(bus, pkt, rxbuf, rxseq, nextlen, 1749 &len) < 0) 1750 continue; 1751 1752 /* Extract software header fields */ 1753 chan = SDPCM_PACKET_CHANNEL( 1754 &bus->rxhdr[SDPCM_FRAMETAG_LEN]); 1755 seq = SDPCM_PACKET_SEQUENCE( 1756 &bus->rxhdr[SDPCM_FRAMETAG_LEN]); 1757 doff = SDPCM_DOFFSET_VALUE( 1758 &bus->rxhdr[SDPCM_FRAMETAG_LEN]); 1759 txmax = SDPCM_WINDOW_VALUE( 1760 &bus->rxhdr[SDPCM_FRAMETAG_LEN]); 1761 1762 bus->nextlen = 1763 bus->rxhdr[SDPCM_FRAMETAG_LEN + 1764 SDPCM_NEXTLEN_OFFSET]; 1765 if ((bus->nextlen << 4) > MAX_RX_DATASZ) { 1766 brcmf_dbg(INFO, "(nextlen): got frame w/nextlen too large (%d), seq %d\n", 1767 bus->nextlen, seq); 1768 bus->nextlen = 0; 1769 } 1770 1771 bus->rx_readahead_cnt++; 1772 1773 /* Handle Flow Control */ 1774 fcbits = SDPCM_FCMASK_VALUE( 1775 &bus->rxhdr[SDPCM_FRAMETAG_LEN]); 1776 1777 if (bus->flowcontrol != fcbits) { 1778 if (~bus->flowcontrol & fcbits) 1779 bus->fc_xoff++; 1780 1781 if (bus->flowcontrol & ~fcbits) 1782 bus->fc_xon++; 1783 1784 bus->fc_rcvd++; 1785 bus->flowcontrol = fcbits; 1786 } 1787 1788 /* Check and update sequence number */ 1789 if (rxseq != seq) { 1790 brcmf_dbg(INFO, "(nextlen): rx_seq %d, expected %d\n", 1791 seq, rxseq); 1792 bus->rx_badseq++; 1793 rxseq = seq; 1794 } 1795 1796 /* Check window for sanity */ 1797 if ((u8) (txmax - bus->tx_seq) > 0x40) { 1798 brcmf_dbg(ERROR, "got unlikely tx max %d with tx_seq %d\n", 1799 txmax, bus->tx_seq); 1800 txmax = bus->tx_seq + 2; 1801 } 1802 bus->tx_max = txmax; 1803 1804 brcmf_dbg_hex_dump(BRCMF_BYTES_ON() && BRCMF_DATA_ON(), 1805 rxbuf, len, "Rx Data:\n"); 1806 brcmf_dbg_hex_dump(!(BRCMF_BYTES_ON() && 1807 BRCMF_DATA_ON()) && 1808 BRCMF_HDRS_ON(), 1809 bus->rxhdr, SDPCM_HDRLEN, 1810 "RxHdr:\n"); 1811 1812 if (chan == SDPCM_CONTROL_CHANNEL) { 1813 brcmf_dbg(ERROR, "(nextlen): readahead on control packet %d?\n", 1814 seq); 1815 /* Force retry w/normal header read */ 1816 bus->nextlen = 0; 1817 brcmf_sdbrcm_rxfail(bus, false, true); 1818 brcmf_sdbrcm_pktfree2(bus, pkt); 1819 continue; 1820 } 1821 1822 /* Validate data offset */ 1823 if ((doff < SDPCM_HDRLEN) || (doff > len)) { 1824 brcmf_dbg(ERROR, "(nextlen): bad data offset %d: HW len %d min %d\n", 1825 doff, len, SDPCM_HDRLEN); 1826 brcmf_sdbrcm_rxfail(bus, false, false); 1827 brcmf_sdbrcm_pktfree2(bus, pkt); 1828 continue; 1829 } 1830 1831 /* All done with this one -- now deliver the packet */ 1832 goto deliver; 1833 } 1834 1835 /* Read frame header (hardware and software) */ 1836 sdret = brcmf_sdcard_recv_buf(bus->sdiodev, bus->sdiodev->sbwad, 1837 SDIO_FUNC_2, F2SYNC, bus->rxhdr, 1838 BRCMF_FIRSTREAD); 1839 bus->f2rxhdrs++; 1840 1841 if (sdret < 0) { 1842 brcmf_dbg(ERROR, "RXHEADER FAILED: %d\n", sdret); 1843 bus->rx_hdrfail++; 1844 brcmf_sdbrcm_rxfail(bus, true, true); 1845 continue; 1846 } 1847 brcmf_dbg_hex_dump(BRCMF_BYTES_ON() || BRCMF_HDRS_ON(), 1848 bus->rxhdr, SDPCM_HDRLEN, "RxHdr:\n"); 1849 1850 1851 /* Extract hardware header fields */ 1852 len = get_unaligned_le16(bus->rxhdr); 1853 check = get_unaligned_le16(bus->rxhdr + sizeof(u16)); 1854 1855 /* All zeros means no more frames */ 1856 if (!(len | check)) { 1857 *finished = true; 1858 break; 1859 } 1860 1861 /* Validate check bytes */ 1862 if ((u16) ~(len ^ check)) { 1863 brcmf_dbg(ERROR, "HW hdr err: len/check 0x%04x/0x%04x\n", 1864 len, check); 1865 bus->rx_badhdr++; 1866 brcmf_sdbrcm_rxfail(bus, false, false); 1867 continue; 1868 } 1869 1870 /* Validate frame length */ 1871 if (len < SDPCM_HDRLEN) { 1872 brcmf_dbg(ERROR, "HW hdr length invalid: %d\n", len); 1873 continue; 1874 } 1875 1876 /* Extract software header fields */ 1877 chan = SDPCM_PACKET_CHANNEL(&bus->rxhdr[SDPCM_FRAMETAG_LEN]); 1878 seq = SDPCM_PACKET_SEQUENCE(&bus->rxhdr[SDPCM_FRAMETAG_LEN]); 1879 doff = SDPCM_DOFFSET_VALUE(&bus->rxhdr[SDPCM_FRAMETAG_LEN]); 1880 txmax = SDPCM_WINDOW_VALUE(&bus->rxhdr[SDPCM_FRAMETAG_LEN]); 1881 1882 /* Validate data offset */ 1883 if ((doff < SDPCM_HDRLEN) || (doff > len)) { 1884 brcmf_dbg(ERROR, "Bad data offset %d: HW len %d, min %d seq %d\n", 1885 doff, len, SDPCM_HDRLEN, seq); 1886 bus->rx_badhdr++; 1887 brcmf_sdbrcm_rxfail(bus, false, false); 1888 continue; 1889 } 1890 1891 /* Save the readahead length if there is one */ 1892 bus->nextlen = 1893 bus->rxhdr[SDPCM_FRAMETAG_LEN + SDPCM_NEXTLEN_OFFSET]; 1894 if ((bus->nextlen << 4) > MAX_RX_DATASZ) { 1895 brcmf_dbg(INFO, "(nextlen): got frame w/nextlen too large (%d), seq %d\n", 1896 bus->nextlen, seq); 1897 bus->nextlen = 0; 1898 } 1899 1900 /* Handle Flow Control */ 1901 fcbits = SDPCM_FCMASK_VALUE(&bus->rxhdr[SDPCM_FRAMETAG_LEN]); 1902 1903 if (bus->flowcontrol != fcbits) { 1904 if (~bus->flowcontrol & fcbits) 1905 bus->fc_xoff++; 1906 1907 if (bus->flowcontrol & ~fcbits) 1908 bus->fc_xon++; 1909 1910 bus->fc_rcvd++; 1911 bus->flowcontrol = fcbits; 1912 } 1913 1914 /* Check and update sequence number */ 1915 if (rxseq != seq) { 1916 brcmf_dbg(INFO, "rx_seq %d, expected %d\n", seq, rxseq); 1917 bus->rx_badseq++; 1918 rxseq = seq; 1919 } 1920 1921 /* Check window for sanity */ 1922 if ((u8) (txmax - bus->tx_seq) > 0x40) { 1923 brcmf_dbg(ERROR, "unlikely tx max %d with tx_seq %d\n", 1924 txmax, bus->tx_seq); 1925 txmax = bus->tx_seq + 2; 1926 } 1927 bus->tx_max = txmax; 1928 1929 /* Call a separate function for control frames */ 1930 if (chan == SDPCM_CONTROL_CHANNEL) { 1931 brcmf_sdbrcm_read_control(bus, bus->rxhdr, len, doff); 1932 continue; 1933 } 1934 1935 /* precondition: chan is either SDPCM_DATA_CHANNEL, 1936 SDPCM_EVENT_CHANNEL, SDPCM_TEST_CHANNEL or 1937 SDPCM_GLOM_CHANNEL */ 1938 1939 /* Length to read */ 1940 rdlen = (len > BRCMF_FIRSTREAD) ? (len - BRCMF_FIRSTREAD) : 0; 1941 1942 /* May pad read to blocksize for efficiency */ 1943 if (bus->roundup && bus->blocksize && 1944 (rdlen > bus->blocksize)) { 1945 pad = bus->blocksize - (rdlen % bus->blocksize); 1946 if ((pad <= bus->roundup) && (pad < bus->blocksize) && 1947 ((rdlen + pad + BRCMF_FIRSTREAD) < MAX_RX_DATASZ)) 1948 rdlen += pad; 1949 } else if (rdlen % BRCMF_SDALIGN) { 1950 rdlen += BRCMF_SDALIGN - (rdlen % BRCMF_SDALIGN); 1951 } 1952 1953 /* Satisfy length-alignment requirements */ 1954 if (rdlen & (ALIGNMENT - 1)) 1955 rdlen = roundup(rdlen, ALIGNMENT); 1956 1957 if ((rdlen + BRCMF_FIRSTREAD) > MAX_RX_DATASZ) { 1958 /* Too long -- skip this frame */ 1959 brcmf_dbg(ERROR, "too long: len %d rdlen %d\n", 1960 len, rdlen); 1961 bus->sdiodev->bus_if->dstats.rx_errors++; 1962 bus->rx_toolong++; 1963 brcmf_sdbrcm_rxfail(bus, false, false); 1964 continue; 1965 } 1966 1967 pkt = brcmu_pkt_buf_get_skb(rdlen + 1968 BRCMF_FIRSTREAD + BRCMF_SDALIGN); 1969 if (!pkt) { 1970 /* Give up on data, request rtx of events */ 1971 brcmf_dbg(ERROR, "brcmu_pkt_buf_get_skb failed: rdlen %d chan %d\n", 1972 rdlen, chan); 1973 bus->sdiodev->bus_if->dstats.rx_dropped++; 1974 brcmf_sdbrcm_rxfail(bus, false, RETRYCHAN(chan)); 1975 continue; 1976 } 1977 1978 /* Leave room for what we already read, and align remainder */ 1979 skb_pull(pkt, BRCMF_FIRSTREAD); 1980 pkt_align(pkt, rdlen, BRCMF_SDALIGN); 1981 1982 /* Read the remaining frame data */ 1983 sdret = brcmf_sdcard_recv_pkt(bus->sdiodev, bus->sdiodev->sbwad, 1984 SDIO_FUNC_2, F2SYNC, pkt); 1985 bus->f2rxdata++; 1986 1987 if (sdret < 0) { 1988 brcmf_dbg(ERROR, "read %d %s bytes failed: %d\n", rdlen, 1989 ((chan == SDPCM_EVENT_CHANNEL) ? "event" 1990 : ((chan == SDPCM_DATA_CHANNEL) ? "data" 1991 : "test")), sdret); 1992 brcmu_pkt_buf_free_skb(pkt); 1993 bus->sdiodev->bus_if->dstats.rx_errors++; 1994 brcmf_sdbrcm_rxfail(bus, true, RETRYCHAN(chan)); 1995 continue; 1996 } 1997 1998 /* Copy the already-read portion */ 1999 skb_push(pkt, BRCMF_FIRSTREAD); 2000 memcpy(pkt->data, bus->rxhdr, BRCMF_FIRSTREAD); 2001 2002 brcmf_dbg_hex_dump(BRCMF_BYTES_ON() && BRCMF_DATA_ON(), 2003 pkt->data, len, "Rx Data:\n"); 2004 2005deliver: 2006 /* Save superframe descriptor and allocate packet frame */ 2007 if (chan == SDPCM_GLOM_CHANNEL) { 2008 if (SDPCM_GLOMDESC(&bus->rxhdr[SDPCM_FRAMETAG_LEN])) { 2009 brcmf_dbg(GLOM, "glom descriptor, %d bytes:\n", 2010 len); 2011 brcmf_dbg_hex_dump(BRCMF_GLOM_ON(), 2012 pkt->data, len, 2013 "Glom Data:\n"); 2014 __skb_trim(pkt, len); 2015 skb_pull(pkt, SDPCM_HDRLEN); 2016 bus->glomd = pkt; 2017 } else { 2018 brcmf_dbg(ERROR, "%s: glom superframe w/o " 2019 "descriptor!\n", __func__); 2020 brcmf_sdbrcm_rxfail(bus, false, false); 2021 } 2022 continue; 2023 } 2024 2025 /* Fill in packet len and prio, deliver upward */ 2026 __skb_trim(pkt, len); 2027 skb_pull(pkt, doff); 2028 2029 if (pkt->len == 0) { 2030 brcmu_pkt_buf_free_skb(pkt); 2031 continue; 2032 } else if (brcmf_proto_hdrpull(bus->sdiodev->dev, &ifidx, 2033 pkt) != 0) { 2034 brcmf_dbg(ERROR, "rx protocol error\n"); 2035 brcmu_pkt_buf_free_skb(pkt); 2036 bus->sdiodev->bus_if->dstats.rx_errors++; 2037 continue; 2038 } 2039 2040 /* Unlock during rx call */ 2041 up(&bus->sdsem); 2042 brcmf_rx_packet(bus->sdiodev->dev, ifidx, pkt); 2043 down(&bus->sdsem); 2044 } 2045 rxcount = maxframes - rxleft; 2046 /* Message if we hit the limit */ 2047 if (!rxleft) 2048 brcmf_dbg(DATA, "hit rx limit of %d frames\n", 2049 maxframes); 2050 else 2051 brcmf_dbg(DATA, "processed %d frames\n", rxcount); 2052 /* Back off rxseq if awaiting rtx, update rx_seq */ 2053 if (bus->rxskip) 2054 rxseq--; 2055 bus->rx_seq = rxseq; 2056 2057 return rxcount; 2058} 2059 2060static void 2061brcmf_sdbrcm_wait_for_event(struct brcmf_sdio *bus, bool *lockvar) 2062{ 2063 up(&bus->sdsem); 2064 wait_event_interruptible_timeout(bus->ctrl_wait, !*lockvar, HZ * 2); 2065 down(&bus->sdsem); 2066 return; 2067} 2068 2069static void 2070brcmf_sdbrcm_wait_event_wakeup(struct brcmf_sdio *bus) 2071{ 2072 if (waitqueue_active(&bus->ctrl_wait)) 2073 wake_up_interruptible(&bus->ctrl_wait); 2074 return; 2075} 2076 2077/* Writes a HW/SW header into the packet and sends it. */ 2078/* Assumes: (a) header space already there, (b) caller holds lock */ 2079static int brcmf_sdbrcm_txpkt(struct brcmf_sdio *bus, struct sk_buff *pkt, 2080 uint chan, bool free_pkt) 2081{ 2082 int ret; 2083 u8 *frame; 2084 u16 len, pad = 0; 2085 u32 swheader; 2086 struct sk_buff *new; 2087 int i; 2088 2089 brcmf_dbg(TRACE, "Enter\n"); 2090 2091 frame = (u8 *) (pkt->data); 2092 2093 /* Add alignment padding, allocate new packet if needed */ 2094 pad = ((unsigned long)frame % BRCMF_SDALIGN); 2095 if (pad) { 2096 if (skb_headroom(pkt) < pad) { 2097 brcmf_dbg(INFO, "insufficient headroom %d for %d pad\n", 2098 skb_headroom(pkt), pad); 2099 bus->sdiodev->bus_if->tx_realloc++; 2100 new = brcmu_pkt_buf_get_skb(pkt->len + BRCMF_SDALIGN); 2101 if (!new) { 2102 brcmf_dbg(ERROR, "couldn't allocate new %d-byte packet\n", 2103 pkt->len + BRCMF_SDALIGN); 2104 ret = -ENOMEM; 2105 goto done; 2106 } 2107 2108 pkt_align(new, pkt->len, BRCMF_SDALIGN); 2109 memcpy(new->data, pkt->data, pkt->len); 2110 if (free_pkt) 2111 brcmu_pkt_buf_free_skb(pkt); 2112 /* free the pkt if canned one is not used */ 2113 free_pkt = true; 2114 pkt = new; 2115 frame = (u8 *) (pkt->data); 2116 /* precondition: (frame % BRCMF_SDALIGN) == 0) */ 2117 pad = 0; 2118 } else { 2119 skb_push(pkt, pad); 2120 frame = (u8 *) (pkt->data); 2121 /* precondition: pad + SDPCM_HDRLEN <= pkt->len */ 2122 memset(frame, 0, pad + SDPCM_HDRLEN); 2123 } 2124 } 2125 /* precondition: pad < BRCMF_SDALIGN */ 2126 2127 /* Hardware tag: 2 byte len followed by 2 byte ~len check (all LE) */ 2128 len = (u16) (pkt->len); 2129 *(__le16 *) frame = cpu_to_le16(len); 2130 *(((__le16 *) frame) + 1) = cpu_to_le16(~len); 2131 2132 /* Software tag: channel, sequence number, data offset */ 2133 swheader = 2134 ((chan << SDPCM_CHANNEL_SHIFT) & SDPCM_CHANNEL_MASK) | bus->tx_seq | 2135 (((pad + 2136 SDPCM_HDRLEN) << SDPCM_DOFFSET_SHIFT) & SDPCM_DOFFSET_MASK); 2137 2138 put_unaligned_le32(swheader, frame + SDPCM_FRAMETAG_LEN); 2139 put_unaligned_le32(0, frame + SDPCM_FRAMETAG_LEN + sizeof(swheader)); 2140 2141#ifdef DEBUG 2142 tx_packets[pkt->priority]++; 2143#endif 2144 2145 brcmf_dbg_hex_dump(BRCMF_BYTES_ON() && 2146 ((BRCMF_CTL_ON() && chan == SDPCM_CONTROL_CHANNEL) || 2147 (BRCMF_DATA_ON() && chan != SDPCM_CONTROL_CHANNEL)), 2148 frame, len, "Tx Frame:\n"); 2149 brcmf_dbg_hex_dump(!(BRCMF_BYTES_ON() && 2150 ((BRCMF_CTL_ON() && 2151 chan == SDPCM_CONTROL_CHANNEL) || 2152 (BRCMF_DATA_ON() && 2153 chan != SDPCM_CONTROL_CHANNEL))) && 2154 BRCMF_HDRS_ON(), 2155 frame, min_t(u16, len, 16), "TxHdr:\n"); 2156 2157 /* Raise len to next SDIO block to eliminate tail command */ 2158 if (bus->roundup && bus->blocksize && (len > bus->blocksize)) { 2159 u16 pad = bus->blocksize - (len % bus->blocksize); 2160 if ((pad <= bus->roundup) && (pad < bus->blocksize)) 2161 len += pad; 2162 } else if (len % BRCMF_SDALIGN) { 2163 len += BRCMF_SDALIGN - (len % BRCMF_SDALIGN); 2164 } 2165 2166 /* Some controllers have trouble with odd bytes -- round to even */ 2167 if (len & (ALIGNMENT - 1)) 2168 len = roundup(len, ALIGNMENT); 2169 2170 ret = brcmf_sdcard_send_pkt(bus->sdiodev, bus->sdiodev->sbwad, 2171 SDIO_FUNC_2, F2SYNC, pkt); 2172 bus->f2txdata++; 2173 2174 if (ret < 0) { 2175 /* On failure, abort the command and terminate the frame */ 2176 brcmf_dbg(INFO, "sdio error %d, abort command and terminate frame\n", 2177 ret); 2178 bus->tx_sderrs++; 2179 2180 brcmf_sdcard_abort(bus->sdiodev, SDIO_FUNC_2); 2181 brcmf_sdcard_cfg_write(bus->sdiodev, SDIO_FUNC_1, 2182 SBSDIO_FUNC1_FRAMECTRL, SFC_WF_TERM, 2183 NULL); 2184 bus->f1regdata++; 2185 2186 for (i = 0; i < 3; i++) { 2187 u8 hi, lo; 2188 hi = brcmf_sdcard_cfg_read(bus->sdiodev, 2189 SDIO_FUNC_1, 2190 SBSDIO_FUNC1_WFRAMEBCHI, 2191 NULL); 2192 lo = brcmf_sdcard_cfg_read(bus->sdiodev, 2193 SDIO_FUNC_1, 2194 SBSDIO_FUNC1_WFRAMEBCLO, 2195 NULL); 2196 bus->f1regdata += 2; 2197 if ((hi == 0) && (lo == 0)) 2198 break; 2199 } 2200 2201 } 2202 if (ret == 0) 2203 bus->tx_seq = (bus->tx_seq + 1) % SDPCM_SEQUENCE_WRAP; 2204 2205done: 2206 /* restore pkt buffer pointer before calling tx complete routine */ 2207 skb_pull(pkt, SDPCM_HDRLEN + pad); 2208 up(&bus->sdsem); 2209 brcmf_txcomplete(bus->sdiodev->dev, pkt, ret != 0); 2210 down(&bus->sdsem); 2211 2212 if (free_pkt) 2213 brcmu_pkt_buf_free_skb(pkt); 2214 2215 return ret; 2216} 2217 2218static uint brcmf_sdbrcm_sendfromq(struct brcmf_sdio *bus, uint maxframes) 2219{ 2220 struct sk_buff *pkt; 2221 u32 intstatus = 0; 2222 uint retries = 0; 2223 int ret = 0, prec_out; 2224 uint cnt = 0; 2225 uint datalen; 2226 u8 tx_prec_map; 2227 2228 brcmf_dbg(TRACE, "Enter\n"); 2229 2230 tx_prec_map = ~bus->flowcontrol; 2231 2232 /* Send frames until the limit or some other event */ 2233 for (cnt = 0; (cnt < maxframes) && data_ok(bus); cnt++) { 2234 spin_lock_bh(&bus->txqlock); 2235 pkt = brcmu_pktq_mdeq(&bus->txq, tx_prec_map, &prec_out); 2236 if (pkt == NULL) { 2237 spin_unlock_bh(&bus->txqlock); 2238 break; 2239 } 2240 spin_unlock_bh(&bus->txqlock); 2241 datalen = pkt->len - SDPCM_HDRLEN; 2242 2243 ret = brcmf_sdbrcm_txpkt(bus, pkt, SDPCM_DATA_CHANNEL, true); 2244 if (ret) 2245 bus->sdiodev->bus_if->dstats.tx_errors++; 2246 else 2247 bus->sdiodev->bus_if->dstats.tx_bytes += datalen; 2248 2249 /* In poll mode, need to check for other events */ 2250 if (!bus->intr && cnt) { 2251 /* Check device status, signal pending interrupt */ 2252 r_sdreg32(bus, &intstatus, 2253 offsetof(struct sdpcmd_regs, intstatus), 2254 &retries); 2255 bus->f2txdata++; 2256 if (brcmf_sdcard_regfail(bus->sdiodev)) 2257 break; 2258 if (intstatus & bus->hostintmask) 2259 bus->ipend = true; 2260 } 2261 } 2262 2263 /* Deflow-control stack if needed */ 2264 if (bus->sdiodev->bus_if->drvr_up && 2265 (bus->sdiodev->bus_if->state == BRCMF_BUS_DATA) && 2266 bus->txoff && (pktq_len(&bus->txq) < TXLOW)) { 2267 bus->txoff = OFF; 2268 brcmf_txflowcontrol(bus->sdiodev->dev, 0, OFF); 2269 } 2270 2271 return cnt; 2272} 2273 2274static void brcmf_sdbrcm_bus_stop(struct device *dev) 2275{ 2276 u32 local_hostintmask; 2277 u8 saveclk; 2278 uint retries; 2279 int err; 2280 struct brcmf_bus *bus_if = dev_get_drvdata(dev); 2281 struct brcmf_sdio_dev *sdiodev = bus_if->bus_priv.sdio; 2282 struct brcmf_sdio *bus = sdiodev->bus; 2283 2284 brcmf_dbg(TRACE, "Enter\n"); 2285 2286 if (bus->watchdog_tsk) { 2287 send_sig(SIGTERM, bus->watchdog_tsk, 1); 2288 kthread_stop(bus->watchdog_tsk); 2289 bus->watchdog_tsk = NULL; 2290 } 2291 2292 if (bus->dpc_tsk && bus->dpc_tsk != current) { 2293 send_sig(SIGTERM, bus->dpc_tsk, 1); 2294 kthread_stop(bus->dpc_tsk); 2295 bus->dpc_tsk = NULL; 2296 } 2297 2298 down(&bus->sdsem); 2299 2300 bus_wake(bus); 2301 2302 /* Enable clock for device interrupts */ 2303 brcmf_sdbrcm_clkctl(bus, CLK_AVAIL, false); 2304 2305 /* Disable and clear interrupts at the chip level also */ 2306 w_sdreg32(bus, 0, offsetof(struct sdpcmd_regs, hostintmask), &retries); 2307 local_hostintmask = bus->hostintmask; 2308 bus->hostintmask = 0; 2309 2310 /* Change our idea of bus state */ 2311 bus->sdiodev->bus_if->state = BRCMF_BUS_DOWN; 2312 2313 /* Force clocks on backplane to be sure F2 interrupt propagates */ 2314 saveclk = brcmf_sdcard_cfg_read(bus->sdiodev, SDIO_FUNC_1, 2315 SBSDIO_FUNC1_CHIPCLKCSR, &err); 2316 if (!err) { 2317 brcmf_sdcard_cfg_write(bus->sdiodev, SDIO_FUNC_1, 2318 SBSDIO_FUNC1_CHIPCLKCSR, 2319 (saveclk | SBSDIO_FORCE_HT), &err); 2320 } 2321 if (err) 2322 brcmf_dbg(ERROR, "Failed to force clock for F2: err %d\n", err); 2323 2324 /* Turn off the bus (F2), free any pending packets */ 2325 brcmf_dbg(INTR, "disable SDIO interrupts\n"); 2326 brcmf_sdcard_cfg_write(bus->sdiodev, SDIO_FUNC_0, SDIO_CCCR_IOEx, 2327 SDIO_FUNC_ENABLE_1, NULL); 2328 2329 /* Clear any pending interrupts now that F2 is disabled */ 2330 w_sdreg32(bus, local_hostintmask, 2331 offsetof(struct sdpcmd_regs, intstatus), &retries); 2332 2333 /* Turn off the backplane clock (only) */ 2334 brcmf_sdbrcm_clkctl(bus, CLK_SDONLY, false); 2335 2336 /* Clear the data packet queues */ 2337 brcmu_pktq_flush(&bus->txq, true, NULL, NULL); 2338 2339 /* Clear any held glomming stuff */ 2340 if (bus->glomd) 2341 brcmu_pkt_buf_free_skb(bus->glomd); 2342 brcmf_sdbrcm_free_glom(bus); 2343 2344 /* Clear rx control and wake any waiters */ 2345 bus->rxlen = 0; 2346 brcmf_sdbrcm_dcmd_resp_wake(bus); 2347 2348 /* Reset some F2 state stuff */ 2349 bus->rxskip = false; 2350 bus->tx_seq = bus->rx_seq = 0; 2351 2352 up(&bus->sdsem); 2353} 2354 2355static bool brcmf_sdbrcm_dpc(struct brcmf_sdio *bus) 2356{ 2357 u32 intstatus, newstatus = 0; 2358 uint retries = 0; 2359 uint rxlimit = bus->rxbound; /* Rx frames to read before resched */ 2360 uint txlimit = bus->txbound; /* Tx frames to send before resched */ 2361 uint framecnt = 0; /* Temporary counter of tx/rx frames */ 2362 bool rxdone = true; /* Flag for no more read data */ 2363 bool resched = false; /* Flag indicating resched wanted */ 2364 2365 brcmf_dbg(TRACE, "Enter\n"); 2366 2367 /* Start with leftover status bits */ 2368 intstatus = bus->intstatus; 2369 2370 down(&bus->sdsem); 2371 2372 /* If waiting for HTAVAIL, check status */ 2373 if (bus->clkstate == CLK_PENDING) { 2374 int err; 2375 u8 clkctl, devctl = 0; 2376 2377#ifdef DEBUG 2378 /* Check for inconsistent device control */ 2379 devctl = brcmf_sdcard_cfg_read(bus->sdiodev, SDIO_FUNC_1, 2380 SBSDIO_DEVICE_CTL, &err); 2381 if (err) { 2382 brcmf_dbg(ERROR, "error reading DEVCTL: %d\n", err); 2383 bus->sdiodev->bus_if->state = BRCMF_BUS_DOWN; 2384 } 2385#endif /* DEBUG */ 2386 2387 /* Read CSR, if clock on switch to AVAIL, else ignore */ 2388 clkctl = brcmf_sdcard_cfg_read(bus->sdiodev, SDIO_FUNC_1, 2389 SBSDIO_FUNC1_CHIPCLKCSR, &err); 2390 if (err) { 2391 brcmf_dbg(ERROR, "error reading CSR: %d\n", 2392 err); 2393 bus->sdiodev->bus_if->state = BRCMF_BUS_DOWN; 2394 } 2395 2396 brcmf_dbg(INFO, "DPC: PENDING, devctl 0x%02x clkctl 0x%02x\n", 2397 devctl, clkctl); 2398 2399 if (SBSDIO_HTAV(clkctl)) { 2400 devctl = brcmf_sdcard_cfg_read(bus->sdiodev, 2401 SDIO_FUNC_1, 2402 SBSDIO_DEVICE_CTL, &err); 2403 if (err) { 2404 brcmf_dbg(ERROR, "error reading DEVCTL: %d\n", 2405 err); 2406 bus->sdiodev->bus_if->state = BRCMF_BUS_DOWN; 2407 } 2408 devctl &= ~SBSDIO_DEVCTL_CA_INT_ONLY; 2409 brcmf_sdcard_cfg_write(bus->sdiodev, SDIO_FUNC_1, 2410 SBSDIO_DEVICE_CTL, devctl, &err); 2411 if (err) { 2412 brcmf_dbg(ERROR, "error writing DEVCTL: %d\n", 2413 err); 2414 bus->sdiodev->bus_if->state = BRCMF_BUS_DOWN; 2415 } 2416 bus->clkstate = CLK_AVAIL; 2417 } else { 2418 goto clkwait; 2419 } 2420 } 2421 2422 bus_wake(bus); 2423 2424 /* Make sure backplane clock is on */ 2425 brcmf_sdbrcm_clkctl(bus, CLK_AVAIL, true); 2426 if (bus->clkstate == CLK_PENDING) 2427 goto clkwait; 2428 2429 /* Pending interrupt indicates new device status */ 2430 if (bus->ipend) { 2431 bus->ipend = false; 2432 r_sdreg32(bus, &newstatus, 2433 offsetof(struct sdpcmd_regs, intstatus), &retries); 2434 bus->f1regdata++; 2435 if (brcmf_sdcard_regfail(bus->sdiodev)) 2436 newstatus = 0; 2437 newstatus &= bus->hostintmask; 2438 bus->fcstate = !!(newstatus & I_HMB_FC_STATE); 2439 if (newstatus) { 2440 w_sdreg32(bus, newstatus, 2441 offsetof(struct sdpcmd_regs, intstatus), 2442 &retries); 2443 bus->f1regdata++; 2444 } 2445 } 2446 2447 /* Merge new bits with previous */ 2448 intstatus |= newstatus; 2449 bus->intstatus = 0; 2450 2451 /* Handle flow-control change: read new state in case our ack 2452 * crossed another change interrupt. If change still set, assume 2453 * FC ON for safety, let next loop through do the debounce. 2454 */ 2455 if (intstatus & I_HMB_FC_CHANGE) { 2456 intstatus &= ~I_HMB_FC_CHANGE; 2457 w_sdreg32(bus, I_HMB_FC_CHANGE, 2458 offsetof(struct sdpcmd_regs, intstatus), &retries); 2459 2460 r_sdreg32(bus, &newstatus, 2461 offsetof(struct sdpcmd_regs, intstatus), &retries); 2462 bus->f1regdata += 2; 2463 bus->fcstate = 2464 !!(newstatus & (I_HMB_FC_STATE | I_HMB_FC_CHANGE)); 2465 intstatus |= (newstatus & bus->hostintmask); 2466 } 2467 2468 /* Handle host mailbox indication */ 2469 if (intstatus & I_HMB_HOST_INT) { 2470 intstatus &= ~I_HMB_HOST_INT; 2471 intstatus |= brcmf_sdbrcm_hostmail(bus); 2472 } 2473 2474 /* Generally don't ask for these, can get CRC errors... */ 2475 if (intstatus & I_WR_OOSYNC) { 2476 brcmf_dbg(ERROR, "Dongle reports WR_OOSYNC\n"); 2477 intstatus &= ~I_WR_OOSYNC; 2478 } 2479 2480 if (intstatus & I_RD_OOSYNC) { 2481 brcmf_dbg(ERROR, "Dongle reports RD_OOSYNC\n"); 2482 intstatus &= ~I_RD_OOSYNC; 2483 } 2484 2485 if (intstatus & I_SBINT) { 2486 brcmf_dbg(ERROR, "Dongle reports SBINT\n"); 2487 intstatus &= ~I_SBINT; 2488 } 2489 2490 /* Would be active due to wake-wlan in gSPI */ 2491 if (intstatus & I_CHIPACTIVE) { 2492 brcmf_dbg(INFO, "Dongle reports CHIPACTIVE\n"); 2493 intstatus &= ~I_CHIPACTIVE; 2494 } 2495 2496 /* Ignore frame indications if rxskip is set */ 2497 if (bus->rxskip) 2498 intstatus &= ~I_HMB_FRAME_IND; 2499 2500 /* On frame indication, read available frames */ 2501 if (PKT_AVAILABLE()) { 2502 framecnt = brcmf_sdbrcm_readframes(bus, rxlimit, &rxdone); 2503 if (rxdone || bus->rxskip) 2504 intstatus &= ~I_HMB_FRAME_IND; 2505 rxlimit -= min(framecnt, rxlimit); 2506 } 2507 2508 /* Keep still-pending events for next scheduling */ 2509 bus->intstatus = intstatus; 2510 2511clkwait: 2512 if (data_ok(bus) && bus->ctrl_frame_stat && 2513 (bus->clkstate == CLK_AVAIL)) { 2514 int ret, i; 2515 2516 ret = brcmf_sdcard_send_buf(bus->sdiodev, bus->sdiodev->sbwad, 2517 SDIO_FUNC_2, F2SYNC, (u8 *) bus->ctrl_frame_buf, 2518 (u32) bus->ctrl_frame_len); 2519 2520 if (ret < 0) { 2521 /* On failure, abort the command and 2522 terminate the frame */ 2523 brcmf_dbg(INFO, "sdio error %d, abort command and terminate frame\n", 2524 ret); 2525 bus->tx_sderrs++; 2526 2527 brcmf_sdcard_abort(bus->sdiodev, SDIO_FUNC_2); 2528 2529 brcmf_sdcard_cfg_write(bus->sdiodev, SDIO_FUNC_1, 2530 SBSDIO_FUNC1_FRAMECTRL, SFC_WF_TERM, 2531 NULL); 2532 bus->f1regdata++; 2533 2534 for (i = 0; i < 3; i++) { 2535 u8 hi, lo; 2536 hi = brcmf_sdcard_cfg_read(bus->sdiodev, 2537 SDIO_FUNC_1, 2538 SBSDIO_FUNC1_WFRAMEBCHI, 2539 NULL); 2540 lo = brcmf_sdcard_cfg_read(bus->sdiodev, 2541 SDIO_FUNC_1, 2542 SBSDIO_FUNC1_WFRAMEBCLO, 2543 NULL); 2544 bus->f1regdata += 2; 2545 if ((hi == 0) && (lo == 0)) 2546 break; 2547 } 2548 2549 } 2550 if (ret == 0) 2551 bus->tx_seq = (bus->tx_seq + 1) % SDPCM_SEQUENCE_WRAP; 2552 2553 brcmf_dbg(INFO, "Return_dpc value is : %d\n", ret); 2554 bus->ctrl_frame_stat = false; 2555 brcmf_sdbrcm_wait_event_wakeup(bus); 2556 } 2557 /* Send queued frames (limit 1 if rx may still be pending) */ 2558 else if ((bus->clkstate == CLK_AVAIL) && !bus->fcstate && 2559 brcmu_pktq_mlen(&bus->txq, ~bus->flowcontrol) && txlimit 2560 && data_ok(bus)) { 2561 framecnt = rxdone ? txlimit : min(txlimit, bus->txminmax); 2562 framecnt = brcmf_sdbrcm_sendfromq(bus, framecnt); 2563 txlimit -= framecnt; 2564 } 2565 2566 /* Resched if events or tx frames are pending, 2567 else await next interrupt */ 2568 /* On failed register access, all bets are off: 2569 no resched or interrupts */ 2570 if ((bus->sdiodev->bus_if->state == BRCMF_BUS_DOWN) || 2571 brcmf_sdcard_regfail(bus->sdiodev)) { 2572 brcmf_dbg(ERROR, "failed backplane access over SDIO, halting operation %d\n", 2573 brcmf_sdcard_regfail(bus->sdiodev)); 2574 bus->sdiodev->bus_if->state = BRCMF_BUS_DOWN; 2575 bus->intstatus = 0; 2576 } else if (bus->clkstate == CLK_PENDING) { 2577 brcmf_dbg(INFO, "rescheduled due to CLK_PENDING awaiting I_CHIPACTIVE interrupt\n"); 2578 resched = true; 2579 } else if (bus->intstatus || bus->ipend || 2580 (!bus->fcstate && brcmu_pktq_mlen(&bus->txq, ~bus->flowcontrol) 2581 && data_ok(bus)) || PKT_AVAILABLE()) { 2582 resched = true; 2583 } 2584 2585 bus->dpc_sched = resched; 2586 2587 /* If we're done for now, turn off clock request. */ 2588 if ((bus->clkstate != CLK_PENDING) 2589 && bus->idletime == BRCMF_IDLE_IMMEDIATE) { 2590 bus->activity = false; 2591 brcmf_sdbrcm_clkctl(bus, CLK_NONE, false); 2592 } 2593 2594 up(&bus->sdsem); 2595 2596 return resched; 2597} 2598 2599static inline void brcmf_sdbrcm_adddpctsk(struct brcmf_sdio *bus) 2600{ 2601 struct list_head *new_hd; 2602 unsigned long flags; 2603 2604 if (in_interrupt()) 2605 new_hd = kzalloc(sizeof(struct list_head), GFP_ATOMIC); 2606 else 2607 new_hd = kzalloc(sizeof(struct list_head), GFP_KERNEL); 2608 if (new_hd == NULL) 2609 return; 2610 2611 spin_lock_irqsave(&bus->dpc_tl_lock, flags); 2612 list_add_tail(new_hd, &bus->dpc_tsklst); 2613 spin_unlock_irqrestore(&bus->dpc_tl_lock, flags); 2614} 2615 2616static int brcmf_sdbrcm_dpc_thread(void *data) 2617{ 2618 struct brcmf_sdio *bus = (struct brcmf_sdio *) data; 2619 struct list_head *cur_hd, *tmp_hd; 2620 unsigned long flags; 2621 2622 allow_signal(SIGTERM); 2623 /* Run until signal received */ 2624 while (1) { 2625 if (kthread_should_stop()) 2626 break; 2627 2628 if (list_empty(&bus->dpc_tsklst)) 2629 if (wait_for_completion_interruptible(&bus->dpc_wait)) 2630 break; 2631 2632 spin_lock_irqsave(&bus->dpc_tl_lock, flags); 2633 list_for_each_safe(cur_hd, tmp_hd, &bus->dpc_tsklst) { 2634 spin_unlock_irqrestore(&bus->dpc_tl_lock, flags); 2635 2636 if (bus->sdiodev->bus_if->state == BRCMF_BUS_DOWN) { 2637 /* after stopping the bus, exit thread */ 2638 brcmf_sdbrcm_bus_stop(bus->sdiodev->dev); 2639 bus->dpc_tsk = NULL; 2640 break; 2641 } 2642 2643 if (brcmf_sdbrcm_dpc(bus)) 2644 brcmf_sdbrcm_adddpctsk(bus); 2645 2646 spin_lock_irqsave(&bus->dpc_tl_lock, flags); 2647 list_del(cur_hd); 2648 kfree(cur_hd); 2649 } 2650 spin_unlock_irqrestore(&bus->dpc_tl_lock, flags); 2651 } 2652 return 0; 2653} 2654 2655static int brcmf_sdbrcm_bus_txdata(struct device *dev, struct sk_buff *pkt) 2656{ 2657 int ret = -EBADE; 2658 uint datalen, prec; 2659 struct brcmf_bus *bus_if = dev_get_drvdata(dev); 2660 struct brcmf_sdio_dev *sdiodev = bus_if->bus_priv.sdio; 2661 struct brcmf_sdio *bus = sdiodev->bus; 2662 2663 brcmf_dbg(TRACE, "Enter\n"); 2664 2665 datalen = pkt->len; 2666 2667 /* Add space for the header */ 2668 skb_push(pkt, SDPCM_HDRLEN); 2669 /* precondition: IS_ALIGNED((unsigned long)(pkt->data), 2) */ 2670 2671 prec = prio2prec((pkt->priority & PRIOMASK)); 2672 2673 /* Check for existing queue, current flow-control, 2674 pending event, or pending clock */ 2675 brcmf_dbg(TRACE, "deferring pktq len %d\n", pktq_len(&bus->txq)); 2676 bus->fcqueued++; 2677 2678 /* Priority based enq */ 2679 spin_lock_bh(&bus->txqlock); 2680 if (!brcmf_c_prec_enq(bus->sdiodev->dev, &bus->txq, pkt, prec)) { 2681 skb_pull(pkt, SDPCM_HDRLEN); 2682 brcmf_txcomplete(bus->sdiodev->dev, pkt, false); 2683 brcmu_pkt_buf_free_skb(pkt); 2684 brcmf_dbg(ERROR, "out of bus->txq !!!\n"); 2685 ret = -ENOSR; 2686 } else { 2687 ret = 0; 2688 } 2689 spin_unlock_bh(&bus->txqlock); 2690 2691 if (pktq_len(&bus->txq) >= TXHI) { 2692 bus->txoff = ON; 2693 brcmf_txflowcontrol(bus->sdiodev->dev, 0, ON); 2694 } 2695 2696#ifdef DEBUG 2697 if (pktq_plen(&bus->txq, prec) > qcount[prec]) 2698 qcount[prec] = pktq_plen(&bus->txq, prec); 2699#endif 2700 /* Schedule DPC if needed to send queued packet(s) */ 2701 if (!bus->dpc_sched) { 2702 bus->dpc_sched = true; 2703 if (bus->dpc_tsk) { 2704 brcmf_sdbrcm_adddpctsk(bus); 2705 complete(&bus->dpc_wait); 2706 } 2707 } 2708 2709 return ret; 2710} 2711 2712static int 2713brcmf_sdbrcm_membytes(struct brcmf_sdio *bus, bool write, u32 address, u8 *data, 2714 uint size) 2715{ 2716 int bcmerror = 0; 2717 u32 sdaddr; 2718 uint dsize; 2719 2720 /* Determine initial transfer parameters */ 2721 sdaddr = address & SBSDIO_SB_OFT_ADDR_MASK; 2722 if ((sdaddr + size) & SBSDIO_SBWINDOW_MASK) 2723 dsize = (SBSDIO_SB_OFT_ADDR_LIMIT - sdaddr); 2724 else 2725 dsize = size; 2726 2727 /* Set the backplane window to include the start address */ 2728 bcmerror = brcmf_sdcard_set_sbaddr_window(bus->sdiodev, address); 2729 if (bcmerror) { 2730 brcmf_dbg(ERROR, "window change failed\n"); 2731 goto xfer_done; 2732 } 2733 2734 /* Do the transfer(s) */ 2735 while (size) { 2736 brcmf_dbg(INFO, "%s %d bytes at offset 0x%08x in window 0x%08x\n", 2737 write ? "write" : "read", dsize, 2738 sdaddr, address & SBSDIO_SBWINDOW_MASK); 2739 bcmerror = brcmf_sdcard_rwdata(bus->sdiodev, write, 2740 sdaddr, data, dsize); 2741 if (bcmerror) { 2742 brcmf_dbg(ERROR, "membytes transfer failed\n"); 2743 break; 2744 } 2745 2746 /* Adjust for next transfer (if any) */ 2747 size -= dsize; 2748 if (size) { 2749 data += dsize; 2750 address += dsize; 2751 bcmerror = brcmf_sdcard_set_sbaddr_window(bus->sdiodev, 2752 address); 2753 if (bcmerror) { 2754 brcmf_dbg(ERROR, "window change failed\n"); 2755 break; 2756 } 2757 sdaddr = 0; 2758 dsize = min_t(uint, SBSDIO_SB_OFT_ADDR_LIMIT, size); 2759 } 2760 } 2761 2762xfer_done: 2763 /* Return the window to backplane enumeration space for core access */ 2764 if (brcmf_sdcard_set_sbaddr_window(bus->sdiodev, bus->sdiodev->sbwad)) 2765 brcmf_dbg(ERROR, "FAILED to set window back to 0x%x\n", 2766 bus->sdiodev->sbwad); 2767 2768 return bcmerror; 2769} 2770 2771#ifdef DEBUG 2772#define CONSOLE_LINE_MAX 192 2773 2774static int brcmf_sdbrcm_readconsole(struct brcmf_sdio *bus) 2775{ 2776 struct brcmf_console *c = &bus->console; 2777 u8 line[CONSOLE_LINE_MAX], ch; 2778 u32 n, idx, addr; 2779 int rv; 2780 2781 /* Don't do anything until FWREADY updates console address */ 2782 if (bus->console_addr == 0) 2783 return 0; 2784 2785 /* Read console log struct */ 2786 addr = bus->console_addr + offsetof(struct rte_console, log_le); 2787 rv = brcmf_sdbrcm_membytes(bus, false, addr, (u8 *)&c->log_le, 2788 sizeof(c->log_le)); 2789 if (rv < 0) 2790 return rv; 2791 2792 /* Allocate console buffer (one time only) */ 2793 if (c->buf == NULL) { 2794 c->bufsize = le32_to_cpu(c->log_le.buf_size); 2795 c->buf = kmalloc(c->bufsize, GFP_ATOMIC); 2796 if (c->buf == NULL) 2797 return -ENOMEM; 2798 } 2799 2800 idx = le32_to_cpu(c->log_le.idx); 2801 2802 /* Protect against corrupt value */ 2803 if (idx > c->bufsize) 2804 return -EBADE; 2805 2806 /* Skip reading the console buffer if the index pointer 2807 has not moved */ 2808 if (idx == c->last) 2809 return 0; 2810 2811 /* Read the console buffer */ 2812 addr = le32_to_cpu(c->log_le.buf); 2813 rv = brcmf_sdbrcm_membytes(bus, false, addr, c->buf, c->bufsize); 2814 if (rv < 0) 2815 return rv; 2816 2817 while (c->last != idx) { 2818 for (n = 0; n < CONSOLE_LINE_MAX - 2; n++) { 2819 if (c->last == idx) { 2820 /* This would output a partial line. 2821 * Instead, back up 2822 * the buffer pointer and output this 2823 * line next time around. 2824 */ 2825 if (c->last >= n) 2826 c->last -= n; 2827 else 2828 c->last = c->bufsize - n; 2829 goto break2; 2830 } 2831 ch = c->buf[c->last]; 2832 c->last = (c->last + 1) % c->bufsize; 2833 if (ch == '\n') 2834 break; 2835 line[n] = ch; 2836 } 2837 2838 if (n > 0) { 2839 if (line[n - 1] == '\r') 2840 n--; 2841 line[n] = 0; 2842 pr_debug("CONSOLE: %s\n", line); 2843 } 2844 } 2845break2: 2846 2847 return 0; 2848} 2849#endif /* DEBUG */ 2850 2851static int brcmf_tx_frame(struct brcmf_sdio *bus, u8 *frame, u16 len) 2852{ 2853 int i; 2854 int ret; 2855 2856 bus->ctrl_frame_stat = false; 2857 ret = brcmf_sdcard_send_buf(bus->sdiodev, bus->sdiodev->sbwad, 2858 SDIO_FUNC_2, F2SYNC, frame, len); 2859 2860 if (ret < 0) { 2861 /* On failure, abort the command and terminate the frame */ 2862 brcmf_dbg(INFO, "sdio error %d, abort command and terminate frame\n", 2863 ret); 2864 bus->tx_sderrs++; 2865 2866 brcmf_sdcard_abort(bus->sdiodev, SDIO_FUNC_2); 2867 2868 brcmf_sdcard_cfg_write(bus->sdiodev, SDIO_FUNC_1, 2869 SBSDIO_FUNC1_FRAMECTRL, 2870 SFC_WF_TERM, NULL); 2871 bus->f1regdata++; 2872 2873 for (i = 0; i < 3; i++) { 2874 u8 hi, lo; 2875 hi = brcmf_sdcard_cfg_read(bus->sdiodev, SDIO_FUNC_1, 2876 SBSDIO_FUNC1_WFRAMEBCHI, 2877 NULL); 2878 lo = brcmf_sdcard_cfg_read(bus->sdiodev, SDIO_FUNC_1, 2879 SBSDIO_FUNC1_WFRAMEBCLO, 2880 NULL); 2881 bus->f1regdata += 2; 2882 if (hi == 0 && lo == 0) 2883 break; 2884 } 2885 return ret; 2886 } 2887 2888 bus->tx_seq = (bus->tx_seq + 1) % SDPCM_SEQUENCE_WRAP; 2889 2890 return ret; 2891} 2892 2893static int 2894brcmf_sdbrcm_bus_txctl(struct device *dev, unsigned char *msg, uint msglen) 2895{ 2896 u8 *frame; 2897 u16 len; 2898 u32 swheader; 2899 uint retries = 0; 2900 u8 doff = 0; 2901 int ret = -1; 2902 struct brcmf_bus *bus_if = dev_get_drvdata(dev); 2903 struct brcmf_sdio_dev *sdiodev = bus_if->bus_priv.sdio; 2904 struct brcmf_sdio *bus = sdiodev->bus; 2905 2906 brcmf_dbg(TRACE, "Enter\n"); 2907 2908 /* Back the pointer to make a room for bus header */ 2909 frame = msg - SDPCM_HDRLEN; 2910 len = (msglen += SDPCM_HDRLEN); 2911 2912 /* Add alignment padding (optional for ctl frames) */ 2913 doff = ((unsigned long)frame % BRCMF_SDALIGN); 2914 if (doff) { 2915 frame -= doff; 2916 len += doff; 2917 msglen += doff; 2918 memset(frame, 0, doff + SDPCM_HDRLEN); 2919 } 2920 /* precondition: doff < BRCMF_SDALIGN */ 2921 doff += SDPCM_HDRLEN; 2922 2923 /* Round send length to next SDIO block */ 2924 if (bus->roundup && bus->blocksize && (len > bus->blocksize)) { 2925 u16 pad = bus->blocksize - (len % bus->blocksize); 2926 if ((pad <= bus->roundup) && (pad < bus->blocksize)) 2927 len += pad; 2928 } else if (len % BRCMF_SDALIGN) { 2929 len += BRCMF_SDALIGN - (len % BRCMF_SDALIGN); 2930 } 2931 2932 /* Satisfy length-alignment requirements */ 2933 if (len & (ALIGNMENT - 1)) 2934 len = roundup(len, ALIGNMENT); 2935 2936 /* precondition: IS_ALIGNED((unsigned long)frame, 2) */ 2937 2938 /* Need to lock here to protect txseq and SDIO tx calls */ 2939 down(&bus->sdsem); 2940 2941 bus_wake(bus); 2942 2943 /* Make sure backplane clock is on */ 2944 brcmf_sdbrcm_clkctl(bus, CLK_AVAIL, false); 2945 2946 /* Hardware tag: 2 byte len followed by 2 byte ~len check (all LE) */ 2947 *(__le16 *) frame = cpu_to_le16((u16) msglen); 2948 *(((__le16 *) frame) + 1) = cpu_to_le16(~msglen); 2949 2950 /* Software tag: channel, sequence number, data offset */ 2951 swheader = 2952 ((SDPCM_CONTROL_CHANNEL << SDPCM_CHANNEL_SHIFT) & 2953 SDPCM_CHANNEL_MASK) 2954 | bus->tx_seq | ((doff << SDPCM_DOFFSET_SHIFT) & 2955 SDPCM_DOFFSET_MASK); 2956 put_unaligned_le32(swheader, frame + SDPCM_FRAMETAG_LEN); 2957 put_unaligned_le32(0, frame + SDPCM_FRAMETAG_LEN + sizeof(swheader)); 2958 2959 if (!data_ok(bus)) { 2960 brcmf_dbg(INFO, "No bus credit bus->tx_max %d, bus->tx_seq %d\n", 2961 bus->tx_max, bus->tx_seq); 2962 bus->ctrl_frame_stat = true; 2963 /* Send from dpc */ 2964 bus->ctrl_frame_buf = frame; 2965 bus->ctrl_frame_len = len; 2966 2967 brcmf_sdbrcm_wait_for_event(bus, &bus->ctrl_frame_stat); 2968 2969 if (!bus->ctrl_frame_stat) { 2970 brcmf_dbg(INFO, "ctrl_frame_stat == false\n"); 2971 ret = 0; 2972 } else { 2973 brcmf_dbg(INFO, "ctrl_frame_stat == true\n"); 2974 ret = -1; 2975 } 2976 } 2977 2978 if (ret == -1) { 2979 brcmf_dbg_hex_dump(BRCMF_BYTES_ON() && BRCMF_CTL_ON(), 2980 frame, len, "Tx Frame:\n"); 2981 brcmf_dbg_hex_dump(!(BRCMF_BYTES_ON() && BRCMF_CTL_ON()) && 2982 BRCMF_HDRS_ON(), 2983 frame, min_t(u16, len, 16), "TxHdr:\n"); 2984 2985 do { 2986 ret = brcmf_tx_frame(bus, frame, len); 2987 } while (ret < 0 && retries++ < TXRETRIES); 2988 } 2989 2990 if ((bus->idletime == BRCMF_IDLE_IMMEDIATE) && !bus->dpc_sched) { 2991 bus->activity = false; 2992 brcmf_sdbrcm_clkctl(bus, CLK_NONE, true); 2993 } 2994 2995 up(&bus->sdsem); 2996 2997 if (ret) 2998 bus->tx_ctlerrs++; 2999 else 3000 bus->tx_ctlpkts++; 3001 3002 return ret ? -EIO : 0; 3003} 3004 3005static int 3006brcmf_sdbrcm_bus_rxctl(struct device *dev, unsigned char *msg, uint msglen) 3007{ 3008 int timeleft; 3009 uint rxlen = 0; 3010 bool pending; 3011 struct brcmf_bus *bus_if = dev_get_drvdata(dev); 3012 struct brcmf_sdio_dev *sdiodev = bus_if->bus_priv.sdio; 3013 struct brcmf_sdio *bus = sdiodev->bus; 3014 3015 brcmf_dbg(TRACE, "Enter\n"); 3016 3017 /* Wait until control frame is available */ 3018 timeleft = brcmf_sdbrcm_dcmd_resp_wait(bus, &bus->rxlen, &pending); 3019 3020 down(&bus->sdsem); 3021 rxlen = bus->rxlen; 3022 memcpy(msg, bus->rxctl, min(msglen, rxlen)); 3023 bus->rxlen = 0; 3024 up(&bus->sdsem); 3025 3026 if (rxlen) { 3027 brcmf_dbg(CTL, "resumed on rxctl frame, got %d expected %d\n", 3028 rxlen, msglen); 3029 } else if (timeleft == 0) { 3030 brcmf_dbg(ERROR, "resumed on timeout\n"); 3031 } else if (pending) { 3032 brcmf_dbg(CTL, "cancelled\n"); 3033 return -ERESTARTSYS; 3034 } else { 3035 brcmf_dbg(CTL, "resumed for unknown reason?\n"); 3036 } 3037 3038 if (rxlen) 3039 bus->rx_ctlpkts++; 3040 else 3041 bus->rx_ctlerrs++; 3042 3043 return rxlen ? (int)rxlen : -ETIMEDOUT; 3044} 3045 3046static int brcmf_sdbrcm_downloadvars(struct brcmf_sdio *bus, void *arg, int len) 3047{ 3048 int bcmerror = 0; 3049 3050 brcmf_dbg(TRACE, "Enter\n"); 3051 3052 /* Basic sanity checks */ 3053 if (bus->sdiodev->bus_if->drvr_up) { 3054 bcmerror = -EISCONN; 3055 goto err; 3056 } 3057 if (!len) { 3058 bcmerror = -EOVERFLOW; 3059 goto err; 3060 } 3061 3062 /* Free the old ones and replace with passed variables */ 3063 kfree(bus->vars); 3064 3065 bus->vars = kmalloc(len, GFP_ATOMIC); 3066 bus->varsz = bus->vars ? len : 0; 3067 if (bus->vars == NULL) { 3068 bcmerror = -ENOMEM; 3069 goto err; 3070 } 3071 3072 /* Copy the passed variables, which should include the 3073 terminating double-null */ 3074 memcpy(bus->vars, arg, bus->varsz); 3075err: 3076 return bcmerror; 3077} 3078 3079static int brcmf_sdbrcm_write_vars(struct brcmf_sdio *bus) 3080{ 3081 int bcmerror = 0; 3082 u32 varsize; 3083 u32 varaddr; 3084 u8 *vbuffer; 3085 u32 varsizew; 3086 __le32 varsizew_le; 3087#ifdef DEBUG 3088 char *nvram_ularray; 3089#endif /* DEBUG */ 3090 3091 /* Even if there are no vars are to be written, we still 3092 need to set the ramsize. */ 3093 varsize = bus->varsz ? roundup(bus->varsz, 4) : 0; 3094 varaddr = (bus->ramsize - 4) - varsize; 3095 3096 if (bus->vars) { 3097 vbuffer = kzalloc(varsize, GFP_ATOMIC); 3098 if (!vbuffer) 3099 return -ENOMEM; 3100 3101 memcpy(vbuffer, bus->vars, bus->varsz); 3102 3103 /* Write the vars list */ 3104 bcmerror = 3105 brcmf_sdbrcm_membytes(bus, true, varaddr, vbuffer, varsize); 3106#ifdef DEBUG 3107 /* Verify NVRAM bytes */ 3108 brcmf_dbg(INFO, "Compare NVRAM dl & ul; varsize=%d\n", varsize); 3109 nvram_ularray = kmalloc(varsize, GFP_ATOMIC); 3110 if (!nvram_ularray) { 3111 kfree(vbuffer); 3112 return -ENOMEM; 3113 } 3114 3115 /* Upload image to verify downloaded contents. */ 3116 memset(nvram_ularray, 0xaa, varsize); 3117 3118 /* Read the vars list to temp buffer for comparison */ 3119 bcmerror = 3120 brcmf_sdbrcm_membytes(bus, false, varaddr, nvram_ularray, 3121 varsize); 3122 if (bcmerror) { 3123 brcmf_dbg(ERROR, "error %d on reading %d nvram bytes at 0x%08x\n", 3124 bcmerror, varsize, varaddr); 3125 } 3126 /* Compare the org NVRAM with the one read from RAM */ 3127 if (memcmp(vbuffer, nvram_ularray, varsize)) 3128 brcmf_dbg(ERROR, "Downloaded NVRAM image is corrupted\n"); 3129 else 3130 brcmf_dbg(ERROR, "Download/Upload/Compare of NVRAM ok\n"); 3131 3132 kfree(nvram_ularray); 3133#endif /* DEBUG */ 3134 3135 kfree(vbuffer); 3136 } 3137 3138 /* adjust to the user specified RAM */ 3139 brcmf_dbg(INFO, "Physical memory size: %d\n", bus->ramsize); 3140 brcmf_dbg(INFO, "Vars are at %d, orig varsize is %d\n", 3141 varaddr, varsize); 3142 varsize = ((bus->ramsize - 4) - varaddr); 3143 3144 /* 3145 * Determine the length token: 3146 * Varsize, converted to words, in lower 16-bits, checksum 3147 * in upper 16-bits. 3148 */ 3149 if (bcmerror) { 3150 varsizew = 0; 3151 varsizew_le = cpu_to_le32(0); 3152 } else { 3153 varsizew = varsize / 4; 3154 varsizew = (~varsizew << 16) | (varsizew & 0x0000FFFF); 3155 varsizew_le = cpu_to_le32(varsizew); 3156 } 3157 3158 brcmf_dbg(INFO, "New varsize is %d, length token=0x%08x\n", 3159 varsize, varsizew); 3160 3161 /* Write the length token to the last word */ 3162 bcmerror = brcmf_sdbrcm_membytes(bus, true, (bus->ramsize - 4), 3163 (u8 *)&varsizew_le, 4); 3164 3165 return bcmerror; 3166} 3167 3168static int brcmf_sdbrcm_download_state(struct brcmf_sdio *bus, bool enter) 3169{ 3170 uint retries; 3171 int bcmerror = 0; 3172 struct chip_info *ci = bus->ci; 3173 3174 /* To enter download state, disable ARM and reset SOCRAM. 3175 * To exit download state, simply reset ARM (default is RAM boot). 3176 */ 3177 if (enter) { 3178 bus->alp_only = true; 3179 3180 ci->coredisable(bus->sdiodev, ci, BCMA_CORE_ARM_CM3); 3181 3182 ci->resetcore(bus->sdiodev, ci, BCMA_CORE_INTERNAL_MEM); 3183 3184 /* Clear the top bit of memory */ 3185 if (bus->ramsize) { 3186 u32 zeros = 0; 3187 brcmf_sdbrcm_membytes(bus, true, bus->ramsize - 4, 3188 (u8 *)&zeros, 4); 3189 } 3190 } else { 3191 if (!ci->iscoreup(bus->sdiodev, ci, BCMA_CORE_INTERNAL_MEM)) { 3192 brcmf_dbg(ERROR, "SOCRAM core is down after reset?\n"); 3193 bcmerror = -EBADE; 3194 goto fail; 3195 } 3196 3197 bcmerror = brcmf_sdbrcm_write_vars(bus); 3198 if (bcmerror) { 3199 brcmf_dbg(ERROR, "no vars written to RAM\n"); 3200 bcmerror = 0; 3201 } 3202 3203 w_sdreg32(bus, 0xFFFFFFFF, 3204 offsetof(struct sdpcmd_regs, intstatus), &retries); 3205 3206 ci->resetcore(bus->sdiodev, ci, BCMA_CORE_ARM_CM3); 3207 3208 /* Allow HT Clock now that the ARM is running. */ 3209 bus->alp_only = false; 3210 3211 bus->sdiodev->bus_if->state = BRCMF_BUS_LOAD; 3212 } 3213fail: 3214 return bcmerror; 3215} 3216 3217static int brcmf_sdbrcm_get_image(char *buf, int len, struct brcmf_sdio *bus) 3218{ 3219 if (bus->firmware->size < bus->fw_ptr + len) 3220 len = bus->firmware->size - bus->fw_ptr; 3221 3222 memcpy(buf, &bus->firmware->data[bus->fw_ptr], len); 3223 bus->fw_ptr += len; 3224 return len; 3225} 3226 3227static int brcmf_sdbrcm_download_code_file(struct brcmf_sdio *bus) 3228{ 3229 int offset = 0; 3230 uint len; 3231 u8 *memblock = NULL, *memptr; 3232 int ret; 3233 3234 brcmf_dbg(INFO, "Enter\n"); 3235 3236 ret = request_firmware(&bus->firmware, BRCMF_SDIO_FW_NAME, 3237 &bus->sdiodev->func[2]->dev); 3238 if (ret) { 3239 brcmf_dbg(ERROR, "Fail to request firmware %d\n", ret); 3240 return ret; 3241 } 3242 bus->fw_ptr = 0; 3243 3244 memptr = memblock = kmalloc(MEMBLOCK + BRCMF_SDALIGN, GFP_ATOMIC); 3245 if (memblock == NULL) { 3246 ret = -ENOMEM; 3247 goto err; 3248 } 3249 if ((u32)(unsigned long)memblock % BRCMF_SDALIGN) 3250 memptr += (BRCMF_SDALIGN - 3251 ((u32)(unsigned long)memblock % BRCMF_SDALIGN)); 3252 3253 /* Download image */ 3254 while ((len = 3255 brcmf_sdbrcm_get_image((char *)memptr, MEMBLOCK, bus))) { 3256 ret = brcmf_sdbrcm_membytes(bus, true, offset, memptr, len); 3257 if (ret) { 3258 brcmf_dbg(ERROR, "error %d on writing %d membytes at 0x%08x\n", 3259 ret, MEMBLOCK, offset); 3260 goto err; 3261 } 3262 3263 offset += MEMBLOCK; 3264 } 3265 3266err: 3267 kfree(memblock); 3268 3269 release_firmware(bus->firmware); 3270 bus->fw_ptr = 0; 3271 3272 return ret; 3273} 3274 3275/* 3276 * ProcessVars:Takes a buffer of "<var>=<value>\n" lines read from a file 3277 * and ending in a NUL. 3278 * Removes carriage returns, empty lines, comment lines, and converts 3279 * newlines to NULs. 3280 * Shortens buffer as needed and pads with NULs. End of buffer is marked 3281 * by two NULs. 3282*/ 3283 3284static uint brcmf_process_nvram_vars(char *varbuf, uint len) 3285{ 3286 char *dp; 3287 bool findNewline; 3288 int column; 3289 uint buf_len, n; 3290 3291 dp = varbuf; 3292 3293 findNewline = false; 3294 column = 0; 3295 3296 for (n = 0; n < len; n++) { 3297 if (varbuf[n] == 0) 3298 break; 3299 if (varbuf[n] == '\r') 3300 continue; 3301 if (findNewline && varbuf[n] != '\n') 3302 continue; 3303 findNewline = false; 3304 if (varbuf[n] == '#') { 3305 findNewline = true; 3306 continue; 3307 } 3308 if (varbuf[n] == '\n') { 3309 if (column == 0) 3310 continue; 3311 *dp++ = 0; 3312 column = 0; 3313 continue; 3314 } 3315 *dp++ = varbuf[n]; 3316 column++; 3317 } 3318 buf_len = dp - varbuf; 3319 3320 while (dp < varbuf + n) 3321 *dp++ = 0; 3322 3323 return buf_len; 3324} 3325 3326static int brcmf_sdbrcm_download_nvram(struct brcmf_sdio *bus) 3327{ 3328 uint len; 3329 char *memblock = NULL; 3330 char *bufp; 3331 int ret; 3332 3333 ret = request_firmware(&bus->firmware, BRCMF_SDIO_NV_NAME, 3334 &bus->sdiodev->func[2]->dev); 3335 if (ret) { 3336 brcmf_dbg(ERROR, "Fail to request nvram %d\n", ret); 3337 return ret; 3338 } 3339 bus->fw_ptr = 0; 3340 3341 memblock = kmalloc(MEMBLOCK, GFP_ATOMIC); 3342 if (memblock == NULL) { 3343 ret = -ENOMEM; 3344 goto err; 3345 } 3346 3347 len = brcmf_sdbrcm_get_image(memblock, MEMBLOCK, bus); 3348 3349 if (len > 0 && len < MEMBLOCK) { 3350 bufp = (char *)memblock; 3351 bufp[len] = 0; 3352 len = brcmf_process_nvram_vars(bufp, len); 3353 bufp += len; 3354 *bufp++ = 0; 3355 if (len) 3356 ret = brcmf_sdbrcm_downloadvars(bus, memblock, len + 1); 3357 if (ret) 3358 brcmf_dbg(ERROR, "error downloading vars: %d\n", ret); 3359 } else { 3360 brcmf_dbg(ERROR, "error reading nvram file: %d\n", len); 3361 ret = -EIO; 3362 } 3363 3364err: 3365 kfree(memblock); 3366 3367 release_firmware(bus->firmware); 3368 bus->fw_ptr = 0; 3369 3370 return ret; 3371} 3372 3373static int _brcmf_sdbrcm_download_firmware(struct brcmf_sdio *bus) 3374{ 3375 int bcmerror = -1; 3376 3377 /* Keep arm in reset */ 3378 if (brcmf_sdbrcm_download_state(bus, true)) { 3379 brcmf_dbg(ERROR, "error placing ARM core in reset\n"); 3380 goto err; 3381 } 3382 3383 /* External image takes precedence if specified */ 3384 if (brcmf_sdbrcm_download_code_file(bus)) { 3385 brcmf_dbg(ERROR, "dongle image file download failed\n"); 3386 goto err; 3387 } 3388 3389 /* External nvram takes precedence if specified */ 3390 if (brcmf_sdbrcm_download_nvram(bus)) 3391 brcmf_dbg(ERROR, "dongle nvram file download failed\n"); 3392 3393 /* Take arm out of reset */ 3394 if (brcmf_sdbrcm_download_state(bus, false)) { 3395 brcmf_dbg(ERROR, "error getting out of ARM core reset\n"); 3396 goto err; 3397 } 3398 3399 bcmerror = 0; 3400 3401err: 3402 return bcmerror; 3403} 3404 3405static bool 3406brcmf_sdbrcm_download_firmware(struct brcmf_sdio *bus) 3407{ 3408 bool ret; 3409 3410 /* Download the firmware */ 3411 brcmf_sdbrcm_clkctl(bus, CLK_AVAIL, false); 3412 3413 ret = _brcmf_sdbrcm_download_firmware(bus) == 0; 3414 3415 brcmf_sdbrcm_clkctl(bus, CLK_SDONLY, false); 3416 3417 return ret; 3418} 3419 3420static int brcmf_sdbrcm_bus_init(struct device *dev) 3421{ 3422 struct brcmf_bus *bus_if = dev_get_drvdata(dev); 3423 struct brcmf_sdio_dev *sdiodev = bus_if->bus_priv.sdio; 3424 struct brcmf_sdio *bus = sdiodev->bus; 3425 unsigned long timeout; 3426 uint retries = 0; 3427 u8 ready, enable; 3428 int err, ret = 0; 3429 u8 saveclk; 3430 3431 brcmf_dbg(TRACE, "Enter\n"); 3432 3433 /* try to download image and nvram to the dongle */ 3434 if (bus_if->state == BRCMF_BUS_DOWN) { 3435 if (!(brcmf_sdbrcm_download_firmware(bus))) 3436 return -1; 3437 } 3438 3439 if (!bus->sdiodev->bus_if->drvr) 3440 return 0; 3441 3442 /* Start the watchdog timer */ 3443 bus->tickcnt = 0; 3444 brcmf_sdbrcm_wd_timer(bus, BRCMF_WD_POLL_MS); 3445 3446 down(&bus->sdsem); 3447 3448 /* Make sure backplane clock is on, needed to generate F2 interrupt */ 3449 brcmf_sdbrcm_clkctl(bus, CLK_AVAIL, false); 3450 if (bus->clkstate != CLK_AVAIL) 3451 goto exit; 3452 3453 /* Force clocks on backplane to be sure F2 interrupt propagates */ 3454 saveclk = 3455 brcmf_sdcard_cfg_read(bus->sdiodev, SDIO_FUNC_1, 3456 SBSDIO_FUNC1_CHIPCLKCSR, &err); 3457 if (!err) { 3458 brcmf_sdcard_cfg_write(bus->sdiodev, SDIO_FUNC_1, 3459 SBSDIO_FUNC1_CHIPCLKCSR, 3460 (saveclk | SBSDIO_FORCE_HT), &err); 3461 } 3462 if (err) { 3463 brcmf_dbg(ERROR, "Failed to force clock for F2: err %d\n", err); 3464 goto exit; 3465 } 3466 3467 /* Enable function 2 (frame transfers) */ 3468 w_sdreg32(bus, SDPCM_PROT_VERSION << SMB_DATA_VERSION_SHIFT, 3469 offsetof(struct sdpcmd_regs, tosbmailboxdata), &retries); 3470 enable = (SDIO_FUNC_ENABLE_1 | SDIO_FUNC_ENABLE_2); 3471 3472 brcmf_sdcard_cfg_write(bus->sdiodev, SDIO_FUNC_0, SDIO_CCCR_IOEx, 3473 enable, NULL); 3474 3475 timeout = jiffies + msecs_to_jiffies(BRCMF_WAIT_F2RDY); 3476 ready = 0; 3477 while (enable != ready) { 3478 ready = brcmf_sdcard_cfg_read(bus->sdiodev, SDIO_FUNC_0, 3479 SDIO_CCCR_IORx, NULL); 3480 if (time_after(jiffies, timeout)) 3481 break; 3482 else if (time_after(jiffies, timeout - BRCMF_WAIT_F2RDY + 50)) 3483 /* prevent busy waiting if it takes too long */ 3484 msleep_interruptible(20); 3485 } 3486 3487 brcmf_dbg(INFO, "enable 0x%02x, ready 0x%02x\n", enable, ready); 3488 3489 /* If F2 successfully enabled, set core and enable interrupts */ 3490 if (ready == enable) { 3491 /* Set up the interrupt mask and enable interrupts */ 3492 bus->hostintmask = HOSTINTMASK; 3493 w_sdreg32(bus, bus->hostintmask, 3494 offsetof(struct sdpcmd_regs, hostintmask), &retries); 3495 3496 brcmf_sdcard_cfg_write(bus->sdiodev, SDIO_FUNC_1, 3497 SBSDIO_WATERMARK, 8, &err); 3498 } else { 3499 /* Disable F2 again */ 3500 enable = SDIO_FUNC_ENABLE_1; 3501 brcmf_sdcard_cfg_write(bus->sdiodev, SDIO_FUNC_0, 3502 SDIO_CCCR_IOEx, enable, NULL); 3503 ret = -ENODEV; 3504 } 3505 3506 /* Restore previous clock setting */ 3507 brcmf_sdcard_cfg_write(bus->sdiodev, SDIO_FUNC_1, 3508 SBSDIO_FUNC1_CHIPCLKCSR, saveclk, &err); 3509 3510 /* If we didn't come up, turn off backplane clock */ 3511 if (!ret) 3512 brcmf_sdbrcm_clkctl(bus, CLK_NONE, false); 3513 3514exit: 3515 up(&bus->sdsem); 3516 3517 return ret; 3518} 3519 3520void brcmf_sdbrcm_isr(void *arg) 3521{ 3522 struct brcmf_sdio *bus = (struct brcmf_sdio *) arg; 3523 3524 brcmf_dbg(TRACE, "Enter\n"); 3525 3526 if (!bus) { 3527 brcmf_dbg(ERROR, "bus is null pointer, exiting\n"); 3528 return; 3529 } 3530 3531 if (bus->sdiodev->bus_if->state == BRCMF_BUS_DOWN) { 3532 brcmf_dbg(ERROR, "bus is down. we have nothing to do\n"); 3533 return; 3534 } 3535 /* Count the interrupt call */ 3536 bus->intrcount++; 3537 bus->ipend = true; 3538 3539 /* Shouldn't get this interrupt if we're sleeping? */ 3540 if (bus->sleeping) { 3541 brcmf_dbg(ERROR, "INTERRUPT WHILE SLEEPING??\n"); 3542 return; 3543 } 3544 3545 /* Disable additional interrupts (is this needed now)? */ 3546 if (!bus->intr) 3547 brcmf_dbg(ERROR, "isr w/o interrupt configured!\n"); 3548 3549 bus->dpc_sched = true; 3550 if (bus->dpc_tsk) { 3551 brcmf_sdbrcm_adddpctsk(bus); 3552 complete(&bus->dpc_wait); 3553 } 3554} 3555 3556static bool brcmf_sdbrcm_bus_watchdog(struct brcmf_sdio *bus) 3557{ 3558#ifdef DEBUG 3559 struct brcmf_bus *bus_if = dev_get_drvdata(bus->sdiodev->dev); 3560#endif /* DEBUG */ 3561 3562 brcmf_dbg(TIMER, "Enter\n"); 3563 3564 /* Ignore the timer if simulating bus down */ 3565 if (bus->sleeping) 3566 return false; 3567 3568 down(&bus->sdsem); 3569 3570 /* Poll period: check device if appropriate. */ 3571 if (bus->poll && (++bus->polltick >= bus->pollrate)) { 3572 u32 intstatus = 0; 3573 3574 /* Reset poll tick */ 3575 bus->polltick = 0; 3576 3577 /* Check device if no interrupts */ 3578 if (!bus->intr || (bus->intrcount == bus->lastintrs)) { 3579 3580 if (!bus->dpc_sched) { 3581 u8 devpend; 3582 devpend = brcmf_sdcard_cfg_read(bus->sdiodev, 3583 SDIO_FUNC_0, SDIO_CCCR_INTx, 3584 NULL); 3585 intstatus = 3586 devpend & (INTR_STATUS_FUNC1 | 3587 INTR_STATUS_FUNC2); 3588 } 3589 3590 /* If there is something, make like the ISR and 3591 schedule the DPC */ 3592 if (intstatus) { 3593 bus->pollcnt++; 3594 bus->ipend = true; 3595 3596 bus->dpc_sched = true; 3597 if (bus->dpc_tsk) { 3598 brcmf_sdbrcm_adddpctsk(bus); 3599 complete(&bus->dpc_wait); 3600 } 3601 } 3602 } 3603 3604 /* Update interrupt tracking */ 3605 bus->lastintrs = bus->intrcount; 3606 } 3607#ifdef DEBUG 3608 /* Poll for console output periodically */ 3609 if (bus_if->state == BRCMF_BUS_DATA && 3610 bus->console_interval != 0) { 3611 bus->console.count += BRCMF_WD_POLL_MS; 3612 if (bus->console.count >= bus->console_interval) { 3613 bus->console.count -= bus->console_interval; 3614 /* Make sure backplane clock is on */ 3615 brcmf_sdbrcm_clkctl(bus, CLK_AVAIL, false); 3616 if (brcmf_sdbrcm_readconsole(bus) < 0) 3617 /* stop on error */ 3618 bus->console_interval = 0; 3619 } 3620 } 3621#endif /* DEBUG */ 3622 3623 /* On idle timeout clear activity flag and/or turn off clock */ 3624 if ((bus->idletime > 0) && (bus->clkstate == CLK_AVAIL)) { 3625 if (++bus->idlecount >= bus->idletime) { 3626 bus->idlecount = 0; 3627 if (bus->activity) { 3628 bus->activity = false; 3629 brcmf_sdbrcm_wd_timer(bus, BRCMF_WD_POLL_MS); 3630 } else { 3631 brcmf_sdbrcm_clkctl(bus, CLK_NONE, false); 3632 } 3633 } 3634 } 3635 3636 up(&bus->sdsem); 3637 3638 return bus->ipend; 3639} 3640 3641static bool brcmf_sdbrcm_chipmatch(u16 chipid) 3642{ 3643 if (chipid == BCM4329_CHIP_ID) 3644 return true; 3645 if (chipid == BCM4330_CHIP_ID) 3646 return true; 3647 return false; 3648} 3649 3650static void brcmf_sdbrcm_release_malloc(struct brcmf_sdio *bus) 3651{ 3652 brcmf_dbg(TRACE, "Enter\n"); 3653 3654 kfree(bus->rxbuf); 3655 bus->rxctl = bus->rxbuf = NULL; 3656 bus->rxlen = 0; 3657 3658 kfree(bus->databuf); 3659 bus->databuf = NULL; 3660} 3661 3662static bool brcmf_sdbrcm_probe_malloc(struct brcmf_sdio *bus) 3663{ 3664 brcmf_dbg(TRACE, "Enter\n"); 3665 3666 if (bus->sdiodev->bus_if->maxctl) { 3667 bus->rxblen = 3668 roundup((bus->sdiodev->bus_if->maxctl + SDPCM_HDRLEN), 3669 ALIGNMENT) + BRCMF_SDALIGN; 3670 bus->rxbuf = kmalloc(bus->rxblen, GFP_ATOMIC); 3671 if (!(bus->rxbuf)) 3672 goto fail; 3673 } 3674 3675 /* Allocate buffer to receive glomed packet */ 3676 bus->databuf = kmalloc(MAX_DATA_BUF, GFP_ATOMIC); 3677 if (!(bus->databuf)) { 3678 /* release rxbuf which was already located as above */ 3679 if (!bus->rxblen) 3680 kfree(bus->rxbuf); 3681 goto fail; 3682 } 3683 3684 /* Align the buffer */ 3685 if ((unsigned long)bus->databuf % BRCMF_SDALIGN) 3686 bus->dataptr = bus->databuf + (BRCMF_SDALIGN - 3687 ((unsigned long)bus->databuf % BRCMF_SDALIGN)); 3688 else 3689 bus->dataptr = bus->databuf; 3690 3691 return true; 3692 3693fail: 3694 return false; 3695} 3696 3697static bool 3698brcmf_sdbrcm_probe_attach(struct brcmf_sdio *bus, u32 regsva) 3699{ 3700 u8 clkctl = 0; 3701 int err = 0; 3702 int reg_addr; 3703 u32 reg_val; 3704 u8 idx; 3705 3706 bus->alp_only = true; 3707 3708 /* Return the window to backplane enumeration space for core access */ 3709 if (brcmf_sdcard_set_sbaddr_window(bus->sdiodev, SI_ENUM_BASE)) 3710 brcmf_dbg(ERROR, "FAILED to return to SI_ENUM_BASE\n"); 3711 3712 pr_debug("F1 signature read @0x18000000=0x%4x\n", 3713 brcmf_sdcard_reg_read(bus->sdiodev, SI_ENUM_BASE, 4)); 3714 3715 /* 3716 * Force PLL off until brcmf_sdio_chip_attach() 3717 * programs PLL control regs 3718 */ 3719 3720 brcmf_sdcard_cfg_write(bus->sdiodev, SDIO_FUNC_1, 3721 SBSDIO_FUNC1_CHIPCLKCSR, 3722 BRCMF_INIT_CLKCTL1, &err); 3723 if (!err) 3724 clkctl = 3725 brcmf_sdcard_cfg_read(bus->sdiodev, SDIO_FUNC_1, 3726 SBSDIO_FUNC1_CHIPCLKCSR, &err); 3727 3728 if (err || ((clkctl & ~SBSDIO_AVBITS) != BRCMF_INIT_CLKCTL1)) { 3729 brcmf_dbg(ERROR, "ChipClkCSR access: err %d wrote 0x%02x read 0x%02x\n", 3730 err, BRCMF_INIT_CLKCTL1, clkctl); 3731 goto fail; 3732 } 3733 3734 if (brcmf_sdio_chip_attach(bus->sdiodev, &bus->ci, regsva)) { 3735 brcmf_dbg(ERROR, "brcmf_sdio_chip_attach failed!\n"); 3736 goto fail; 3737 } 3738 3739 if (!brcmf_sdbrcm_chipmatch((u16) bus->ci->chip)) { 3740 brcmf_dbg(ERROR, "unsupported chip: 0x%04x\n", bus->ci->chip); 3741 goto fail; 3742 } 3743 3744 brcmf_sdio_chip_drivestrengthinit(bus->sdiodev, bus->ci, 3745 SDIO_DRIVE_STRENGTH); 3746 3747 /* Get info on the SOCRAM cores... */ 3748 bus->ramsize = bus->ci->ramsize; 3749 if (!(bus->ramsize)) { 3750 brcmf_dbg(ERROR, "failed to find SOCRAM memory!\n"); 3751 goto fail; 3752 } 3753 3754 /* Set core control so an SDIO reset does a backplane reset */ 3755 idx = brcmf_sdio_chip_getinfidx(bus->ci, BCMA_CORE_SDIO_DEV); 3756 reg_addr = bus->ci->c_inf[idx].base + 3757 offsetof(struct sdpcmd_regs, corecontrol); 3758 reg_val = brcmf_sdcard_reg_read(bus->sdiodev, reg_addr, sizeof(u32)); 3759 brcmf_sdcard_reg_write(bus->sdiodev, reg_addr, sizeof(u32), 3760 reg_val | CC_BPRESEN); 3761 3762 brcmu_pktq_init(&bus->txq, (PRIOMASK + 1), TXQLEN); 3763 3764 /* Locate an appropriately-aligned portion of hdrbuf */ 3765 bus->rxhdr = (u8 *) roundup((unsigned long)&bus->hdrbuf[0], 3766 BRCMF_SDALIGN); 3767 3768 /* Set the poll and/or interrupt flags */ 3769 bus->intr = true; 3770 bus->poll = false; 3771 if (bus->poll) 3772 bus->pollrate = 1; 3773 3774 return true; 3775 3776fail: 3777 return false; 3778} 3779 3780static bool brcmf_sdbrcm_probe_init(struct brcmf_sdio *bus) 3781{ 3782 brcmf_dbg(TRACE, "Enter\n"); 3783 3784 /* Disable F2 to clear any intermediate frame state on the dongle */ 3785 brcmf_sdcard_cfg_write(bus->sdiodev, SDIO_FUNC_0, SDIO_CCCR_IOEx, 3786 SDIO_FUNC_ENABLE_1, NULL); 3787 3788 bus->sdiodev->bus_if->state = BRCMF_BUS_DOWN; 3789 bus->sleeping = false; 3790 bus->rxflow = false; 3791 3792 /* Done with backplane-dependent accesses, can drop clock... */ 3793 brcmf_sdcard_cfg_write(bus->sdiodev, SDIO_FUNC_1, 3794 SBSDIO_FUNC1_CHIPCLKCSR, 0, NULL); 3795 3796 /* ...and initialize clock/power states */ 3797 bus->clkstate = CLK_SDONLY; 3798 bus->idletime = BRCMF_IDLE_INTERVAL; 3799 bus->idleclock = BRCMF_IDLE_ACTIVE; 3800 3801 /* Query the F2 block size, set roundup accordingly */ 3802 bus->blocksize = bus->sdiodev->func[2]->cur_blksize; 3803 bus->roundup = min(max_roundup, bus->blocksize); 3804 3805 /* bus module does not support packet chaining */ 3806 bus->use_rxchain = false; 3807 bus->sd_rxchain = false; 3808 3809 return true; 3810} 3811 3812static int 3813brcmf_sdbrcm_watchdog_thread(void *data) 3814{ 3815 struct brcmf_sdio *bus = (struct brcmf_sdio *)data; 3816 3817 allow_signal(SIGTERM); 3818 /* Run until signal received */ 3819 while (1) { 3820 if (kthread_should_stop()) 3821 break; 3822 if (!wait_for_completion_interruptible(&bus->watchdog_wait)) { 3823 brcmf_sdbrcm_bus_watchdog(bus); 3824 /* Count the tick for reference */ 3825 bus->tickcnt++; 3826 } else 3827 break; 3828 } 3829 return 0; 3830} 3831 3832static void 3833brcmf_sdbrcm_watchdog(unsigned long data) 3834{ 3835 struct brcmf_sdio *bus = (struct brcmf_sdio *)data; 3836 3837 if (bus->watchdog_tsk) { 3838 complete(&bus->watchdog_wait); 3839 /* Reschedule the watchdog */ 3840 if (bus->wd_timer_valid) 3841 mod_timer(&bus->timer, 3842 jiffies + BRCMF_WD_POLL_MS * HZ / 1000); 3843 } 3844} 3845 3846static void brcmf_sdbrcm_release_dongle(struct brcmf_sdio *bus) 3847{ 3848 brcmf_dbg(TRACE, "Enter\n"); 3849 3850 if (bus->ci) { 3851 brcmf_sdbrcm_clkctl(bus, CLK_AVAIL, false); 3852 brcmf_sdbrcm_clkctl(bus, CLK_NONE, false); 3853 brcmf_sdio_chip_detach(&bus->ci); 3854 if (bus->vars && bus->varsz) 3855 kfree(bus->vars); 3856 bus->vars = NULL; 3857 } 3858 3859 brcmf_dbg(TRACE, "Disconnected\n"); 3860} 3861 3862/* Detach and free everything */ 3863static void brcmf_sdbrcm_release(struct brcmf_sdio *bus) 3864{ 3865 brcmf_dbg(TRACE, "Enter\n"); 3866 3867 if (bus) { 3868 /* De-register interrupt handler */ 3869 brcmf_sdcard_intr_dereg(bus->sdiodev); 3870 3871 if (bus->sdiodev->bus_if->drvr) { 3872 brcmf_detach(bus->sdiodev->dev); 3873 brcmf_sdbrcm_release_dongle(bus); 3874 } 3875 3876 brcmf_sdbrcm_release_malloc(bus); 3877 3878 kfree(bus); 3879 } 3880 3881 brcmf_dbg(TRACE, "Disconnected\n"); 3882} 3883 3884void *brcmf_sdbrcm_probe(u32 regsva, struct brcmf_sdio_dev *sdiodev) 3885{ 3886 int ret; 3887 struct brcmf_sdio *bus; 3888 3889 brcmf_dbg(TRACE, "Enter\n"); 3890 3891 /* We make an assumption about address window mappings: 3892 * regsva == SI_ENUM_BASE*/ 3893 3894 /* Allocate private bus interface state */ 3895 bus = kzalloc(sizeof(struct brcmf_sdio), GFP_ATOMIC); 3896 if (!bus) 3897 goto fail; 3898 3899 bus->sdiodev = sdiodev; 3900 sdiodev->bus = bus; 3901 skb_queue_head_init(&bus->glom); 3902 bus->txbound = BRCMF_TXBOUND; 3903 bus->rxbound = BRCMF_RXBOUND; 3904 bus->txminmax = BRCMF_TXMINMAX; 3905 bus->tx_seq = SDPCM_SEQUENCE_WRAP - 1; 3906 bus->usebufpool = false; /* Use bufpool if allocated, 3907 else use locally malloced rxbuf */ 3908 3909 /* attempt to attach to the dongle */ 3910 if (!(brcmf_sdbrcm_probe_attach(bus, regsva))) { 3911 brcmf_dbg(ERROR, "brcmf_sdbrcm_probe_attach failed\n"); 3912 goto fail; 3913 } 3914 3915 spin_lock_init(&bus->txqlock); 3916 init_waitqueue_head(&bus->ctrl_wait); 3917 init_waitqueue_head(&bus->dcmd_resp_wait); 3918 3919 /* Set up the watchdog timer */ 3920 init_timer(&bus->timer); 3921 bus->timer.data = (unsigned long)bus; 3922 bus->timer.function = brcmf_sdbrcm_watchdog; 3923 3924 /* Initialize thread based operation and lock */ 3925 sema_init(&bus->sdsem, 1); 3926 3927 /* Initialize watchdog thread */ 3928 init_completion(&bus->watchdog_wait); 3929 bus->watchdog_tsk = kthread_run(brcmf_sdbrcm_watchdog_thread, 3930 bus, "brcmf_watchdog"); 3931 if (IS_ERR(bus->watchdog_tsk)) { 3932 pr_warn("brcmf_watchdog thread failed to start\n"); 3933 bus->watchdog_tsk = NULL; 3934 } 3935 /* Initialize DPC thread */ 3936 init_completion(&bus->dpc_wait); 3937 INIT_LIST_HEAD(&bus->dpc_tsklst); 3938 spin_lock_init(&bus->dpc_tl_lock); 3939 bus->dpc_tsk = kthread_run(brcmf_sdbrcm_dpc_thread, 3940 bus, "brcmf_dpc"); 3941 if (IS_ERR(bus->dpc_tsk)) { 3942 pr_warn("brcmf_dpc thread failed to start\n"); 3943 bus->dpc_tsk = NULL; 3944 } 3945 3946 /* Assign bus interface call back */ 3947 bus->sdiodev->bus_if->brcmf_bus_stop = brcmf_sdbrcm_bus_stop; 3948 bus->sdiodev->bus_if->brcmf_bus_init = brcmf_sdbrcm_bus_init; 3949 bus->sdiodev->bus_if->brcmf_bus_txdata = brcmf_sdbrcm_bus_txdata; 3950 bus->sdiodev->bus_if->brcmf_bus_txctl = brcmf_sdbrcm_bus_txctl; 3951 bus->sdiodev->bus_if->brcmf_bus_rxctl = brcmf_sdbrcm_bus_rxctl; 3952 /* Attach to the brcmf/OS/network interface */ 3953 ret = brcmf_attach(SDPCM_RESERVE, bus->sdiodev->dev); 3954 if (ret != 0) { 3955 brcmf_dbg(ERROR, "brcmf_attach failed\n"); 3956 goto fail; 3957 } 3958 3959 /* Allocate buffers */ 3960 if (!(brcmf_sdbrcm_probe_malloc(bus))) { 3961 brcmf_dbg(ERROR, "brcmf_sdbrcm_probe_malloc failed\n"); 3962 goto fail; 3963 } 3964 3965 if (!(brcmf_sdbrcm_probe_init(bus))) { 3966 brcmf_dbg(ERROR, "brcmf_sdbrcm_probe_init failed\n"); 3967 goto fail; 3968 } 3969 3970 /* Register interrupt callback, but mask it (not operational yet). */ 3971 brcmf_dbg(INTR, "disable SDIO interrupts (not interested yet)\n"); 3972 ret = brcmf_sdcard_intr_reg(bus->sdiodev); 3973 if (ret != 0) { 3974 brcmf_dbg(ERROR, "FAILED: sdcard_intr_reg returned %d\n", ret); 3975 goto fail; 3976 } 3977 brcmf_dbg(INTR, "registered SDIO interrupt function ok\n"); 3978 3979 brcmf_dbg(INFO, "completed!!\n"); 3980 3981 /* if firmware path present try to download and bring up bus */ 3982 ret = brcmf_bus_start(bus->sdiodev->dev); 3983 if (ret != 0) { 3984 if (ret == -ENOLINK) { 3985 brcmf_dbg(ERROR, "dongle is not responding\n"); 3986 goto fail; 3987 } 3988 } 3989 3990 /* add interface and open for business */ 3991 if (brcmf_add_if(bus->sdiodev->dev, 0, "wlan%d", NULL)) { 3992 brcmf_dbg(ERROR, "Add primary net device interface failed!!\n"); 3993 goto fail; 3994 } 3995 3996 return bus; 3997 3998fail: 3999 brcmf_sdbrcm_release(bus); 4000 return NULL; 4001} 4002 4003void brcmf_sdbrcm_disconnect(void *ptr) 4004{ 4005 struct brcmf_sdio *bus = (struct brcmf_sdio *)ptr; 4006 4007 brcmf_dbg(TRACE, "Enter\n"); 4008 4009 if (bus) 4010 brcmf_sdbrcm_release(bus); 4011 4012 brcmf_dbg(TRACE, "Disconnected\n"); 4013} 4014 4015void 4016brcmf_sdbrcm_wd_timer(struct brcmf_sdio *bus, uint wdtick) 4017{ 4018 /* Totally stop the timer */ 4019 if (!wdtick && bus->wd_timer_valid) { 4020 del_timer_sync(&bus->timer); 4021 bus->wd_timer_valid = false; 4022 bus->save_ms = wdtick; 4023 return; 4024 } 4025 4026 /* don't start the wd until fw is loaded */ 4027 if (bus->sdiodev->bus_if->state == BRCMF_BUS_DOWN) 4028 return; 4029 4030 if (wdtick) { 4031 if (bus->save_ms != BRCMF_WD_POLL_MS) { 4032 if (bus->wd_timer_valid) 4033 /* Stop timer and restart at new value */ 4034 del_timer_sync(&bus->timer); 4035 4036 /* Create timer again when watchdog period is 4037 dynamically changed or in the first instance 4038 */ 4039 bus->timer.expires = 4040 jiffies + BRCMF_WD_POLL_MS * HZ / 1000; 4041 add_timer(&bus->timer); 4042 4043 } else { 4044 /* Re arm the timer, at last watchdog period */ 4045 mod_timer(&bus->timer, 4046 jiffies + BRCMF_WD_POLL_MS * HZ / 1000); 4047 } 4048 4049 bus->wd_timer_valid = true; 4050 bus->save_ms = wdtick; 4051 } 4052} 4053