/**
* i2400m_get_device_info - Query the device for detailed device information
*
* @i2400m: device descriptor
*
* Returns: an skb whose skb->data points to a 'struct
* i2400m_tlv_detailed_device_info'. When done, kfree_skb() it. The
* skb is *guaranteed* to contain the whole TLV data structure.
*
* On error, IS_ERR(skb) is true and ERR_PTR(skb) is the error
* code.
*/
struct sk_buff *i2400m_get_device_info(struct i2400m *i2400m)
{
int result;
struct device *dev = i2400m_dev(i2400m);
struct sk_buff *ack_skb;
struct i2400m_l3l4_hdr *cmd;
const struct i2400m_l3l4_hdr *ack;
size_t ack_len;
const struct i2400m_tlv_hdr *tlv;
const struct i2400m_tlv_detailed_device_info *ddi;
char strerr[32];
ack_skb = ERR_PTR(-ENOMEM);
cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
if (cmd == NULL)
goto error_alloc;
cmd->type = cpu_to_le16(I2400M_MT_GET_DEVICE_INFO);
cmd->length = 0;
cmd->version = cpu_to_le16(I2400M_L3L4_VERSION);
ack_skb = i2400m_msg_to_dev(i2400m, cmd, sizeof(*cmd));
if (IS_ERR(ack_skb)) {
dev_err(dev, "Failed to issue 'get device info' command: %ld\n",
PTR_ERR(ack_skb));
goto error_msg_to_dev;
}
ack = wimax_msg_data_len(ack_skb, &ack_len);
result = i2400m_msg_check_status(ack, strerr, sizeof(strerr));
if (result < 0) {
dev_err(dev, "'get device info' (0x%04x) command failed: "
"%d - %s\n", I2400M_MT_GET_DEVICE_INFO, result,
strerr);
goto error_cmd_failed;
}
tlv = i2400m_tlv_find(i2400m, ack->pl, ack_len - sizeof(*ack),
I2400M_TLV_DETAILED_DEVICE_INFO, sizeof(*ddi));
if (tlv == NULL) {
dev_err(dev, "GET DEVICE INFO: "
"detailed device info TLV not found (0x%04x)\n",
I2400M_TLV_DETAILED_DEVICE_INFO);
result = -EIO;
goto error_no_tlv;
}
skb_pull(ack_skb, (void *) tlv - (void *) ack_skb->data);
error_msg_to_dev:
kfree(cmd);
error_alloc:
return ack_skb;
error_no_tlv:
error_cmd_failed:
kfree_skb(ack_skb);
kfree(cmd);
return ERR_PTR(result);
}
/**
* i2400m_set_idle_timeout - Set the device's idle mode timeout
*
* @i2400m: i2400m device descriptor
*
* @msecs: milliseconds for the timeout to enter idle mode. Between
* 100 to 300000 (5m); 0 to disable. In increments of 100.
*
* After this @msecs of the link being idle (no data being sent or
* received), the device will negotiate with the basestation entering
* idle mode for saving power. The connection is maintained, but
* getting out of it (done in tx.c) will require some negotiation,
* possible crypto re-handshake and a possible DHCP re-lease.
*
* Only available if fw_version >= 0x00090002.
*
* Returns: 0 if ok, < 0 errno code on error.
*/
int i2400m_set_idle_timeout(struct i2400m *i2400m, unsigned msecs)
{
int result;
struct device *dev = i2400m_dev(i2400m);
struct sk_buff *ack_skb;
struct {
struct i2400m_l3l4_hdr hdr;
struct i2400m_tlv_config_idle_timeout cit;
} *cmd;
const struct i2400m_l3l4_hdr *ack;
size_t ack_len;
char strerr[32];
result = -ENOSYS;
if (i2400m_le_v1_3(i2400m))
goto error_alloc;
result = -ENOMEM;
cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
if (cmd == NULL)
goto error_alloc;
cmd->hdr.type = cpu_to_le16(I2400M_MT_GET_STATE);
cmd->hdr.length = cpu_to_le16(sizeof(*cmd) - sizeof(cmd->hdr));
cmd->hdr.version = cpu_to_le16(I2400M_L3L4_VERSION);
cmd->cit.hdr.type =
cpu_to_le16(I2400M_TLV_CONFIG_IDLE_TIMEOUT);
cmd->cit.hdr.length = cpu_to_le16(sizeof(cmd->cit.timeout));
cmd->cit.timeout = cpu_to_le32(msecs);
ack_skb = i2400m_msg_to_dev(i2400m, cmd, sizeof(*cmd));
if (IS_ERR(ack_skb)) {
dev_err(dev, "Failed to issue 'set idle timeout' command: "
"%ld\n", PTR_ERR(ack_skb));
result = PTR_ERR(ack_skb);
goto error_msg_to_dev;
}
ack = wimax_msg_data_len(ack_skb, &ack_len);
result = i2400m_msg_check_status(ack, strerr, sizeof(strerr));
if (result < 0) {
dev_err(dev, "'set idle timeout' (0x%04x) command failed: "
"%d - %s\n", I2400M_MT_GET_STATE, result, strerr);
goto error_cmd_failed;
}
result = 0;
kfree_skb(ack_skb);
error_cmd_failed:
error_msg_to_dev:
kfree(cmd);
error_alloc:
return result;
}
/*
* Query the device for its state, update the WiMAX stack's idea of it
*
* @i2400m: device descriptor
*
* Returns: 0 if ok, < 0 errno code on error.
*
* Executes a 'Get State' command and parses the returned
* TLVs.
*
* Because this is almost identical to a 'Report State', we use
* i2400m_report_state_hook() to parse the answer. This will set the
* carrier state, as well as the RF Kill switches state.
*/
static int i2400m_cmd_get_state(struct i2400m *i2400m)
{
int result;
struct device *dev = i2400m_dev(i2400m);
struct sk_buff *ack_skb;
struct i2400m_l3l4_hdr *cmd;
const struct i2400m_l3l4_hdr *ack;
size_t ack_len;
char strerr[32];
result = -ENOMEM;
cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
if (cmd == NULL)
goto error_alloc;
cmd->type = cpu_to_le16(I2400M_MT_GET_STATE);
cmd->length = 0;
cmd->version = cpu_to_le16(I2400M_L3L4_VERSION);
ack_skb = i2400m_msg_to_dev(i2400m, cmd, sizeof(*cmd));
if (IS_ERR(ack_skb)) {
dev_err(dev, "Failed to issue 'get state' command: %ld\n",
PTR_ERR(ack_skb));
result = PTR_ERR(ack_skb);
goto error_msg_to_dev;
}
ack = wimax_msg_data_len(ack_skb, &ack_len);
result = i2400m_msg_check_status(ack, strerr, sizeof(strerr));
if (result < 0) {
dev_err(dev, "'get state' (0x%04x) command failed: "
"%d - %s\n", I2400M_MT_GET_STATE, result, strerr);
goto error_cmd_failed;
}
i2400m_report_state_hook(i2400m, ack, ack_len - sizeof(*ack),
"GET STATE");
result = 0;
kfree_skb(ack_skb);
error_cmd_failed:
error_msg_to_dev:
kfree(cmd);
error_alloc:
return result;
}
/**
* i2400m_msg_to_dev - Send a control message to the device and get a response
*
* @i2400m: device descriptor
*
* @msg_skb: an skb *
*
* @buf: pointer to the buffer containing the message to be sent; it
* has to start with a &struct i2400M_l3l4_hdr and then
* followed by the payload. Once this function returns, the
* buffer can be reused.
*
* @buf_len: buffer size
*
* Returns:
*
* Pointer to skb containing the ack message. You need to check the
* pointer with IS_ERR(), as it might be an error code. Error codes
* could happen because:
*
* - the message wasn't formatted correctly
* - couldn't send the message
* - failed waiting for a response
* - the ack message wasn't formatted correctly
*
* The returned skb has been allocated with wimax_msg_to_user_alloc(),
* it contains the response in a netlink attribute and is ready to be
* passed up to user space with wimax_msg_to_user_send(). To access
* the payload and its length, use wimax_msg_{data,len}() on the skb.
*
* The skb has to be freed with kfree_skb() once done.
*
* Description:
*
* This function delivers a message/command to the device and waits
* for an ack to be received. The format is described in
* linux/wimax/i2400m.h. In summary, a command/get/set is followed by an
* ack.
*
* This function will not check the ack status, that's left up to the
* caller. Once done with the ack skb, it has to be kfree_skb()ed.
*
* The i2400m handles only one message at the same time, thus we need
* the mutex to exclude other players.
*
* We write the message and then wait for an answer to come back. The
* RX path intercepts control messages and handles them in
* i2400m_rx_ctl(). Reports (notifications) are (maybe) processed
* locally and then forwarded (as needed) to user space on the WiMAX
* stack message pipe. Acks are saved and passed back to us through an
* skb in i2400m->ack_skb which is ready to be given to generic
* netlink if need be.
*/
struct sk_buff *i2400m_msg_to_dev(struct i2400m *i2400m,
const void *buf, size_t buf_len)
{
int result;
struct device *dev = i2400m_dev(i2400m);
const struct i2400m_l3l4_hdr *msg_l3l4_hdr;
struct sk_buff *ack_skb;
const struct i2400m_l3l4_hdr *ack_l3l4_hdr;
size_t ack_len;
int ack_timeout;
unsigned msg_type;
unsigned long flags;
d_fnstart(3, dev, "(i2400m %p buf %p len %zu)\n",
i2400m, buf, buf_len);
rmb(); /* Make sure we see what i2400m_dev_reset_handle() */
if (i2400m->boot_mode)
return ERR_PTR(-EL3RST);
msg_l3l4_hdr = buf;
/* Check msg & payload consistency */
result = i2400m_msg_size_check(i2400m, msg_l3l4_hdr, buf_len);
if (result < 0)
goto error_bad_msg;
msg_type = le16_to_cpu(msg_l3l4_hdr->type);
d_printf(1, dev, "CMD/GET/SET 0x%04x %zu bytes\n",
msg_type, buf_len);
d_dump(2, dev, buf, buf_len);
/* Setup the completion, ack_skb ("we are waiting") and send
* the message to the device */
mutex_lock(&i2400m->msg_mutex);
spin_lock_irqsave(&i2400m->rx_lock, flags);
i2400m->ack_skb = ERR_PTR(-EINPROGRESS);
spin_unlock_irqrestore(&i2400m->rx_lock, flags);
init_completion(&i2400m->msg_completion);
result = i2400m_tx(i2400m, buf, buf_len, I2400M_PT_CTRL);
if (result < 0) {
dev_err(dev, "can't send message 0x%04x: %d\n",
le16_to_cpu(msg_l3l4_hdr->type), result);
goto error_tx;
}
/* Some commands take longer to execute because of crypto ops,
* so we give them some more leeway on timeout */
switch (msg_type) {
case I2400M_MT_GET_TLS_OPERATION_RESULT:
case I2400M_MT_CMD_SEND_EAP_RESPONSE:
ack_timeout = 5 * HZ;
break;
default:
ack_timeout = HZ;
}
if (unlikely(i2400m->trace_msg_from_user))
wimax_msg(&i2400m->wimax_dev, "echo", buf, buf_len, GFP_KERNEL);
/* The RX path in rx.c will put any response for this message
* in i2400m->ack_skb and wake us up. If we cancel the wait,
* we need to change the value of i2400m->ack_skb to something
* not -EINPROGRESS so RX knows there is no one waiting. */
result = wait_for_completion_interruptible_timeout(
&i2400m->msg_completion, ack_timeout);
if (result == 0) {
dev_err(dev, "timeout waiting for reply to message 0x%04x\n",
msg_type);
result = -ETIMEDOUT;
i2400m_msg_to_dev_cancel_wait(i2400m, result);
goto error_wait_for_completion;
} else if (result < 0) {
dev_err(dev, "error waiting for reply to message 0x%04x: %d\n",
msg_type, result);
i2400m_msg_to_dev_cancel_wait(i2400m, result);
goto error_wait_for_completion;
}
/* Pull out the ack data from i2400m->ack_skb -- see if it is
* an error and act accordingly */
spin_lock_irqsave(&i2400m->rx_lock, flags);
ack_skb = i2400m->ack_skb;
if (IS_ERR(ack_skb))
result = PTR_ERR(ack_skb);
else
result = 0;
i2400m->ack_skb = NULL;
spin_unlock_irqrestore(&i2400m->rx_lock, flags);
if (result < 0)
goto error_ack_status;
ack_l3l4_hdr = wimax_msg_data_len(ack_skb, &ack_len);
/* Check the ack and deliver it if it is ok */
if (unlikely(i2400m->trace_msg_from_user))
wimax_msg(&i2400m->wimax_dev, "echo",
ack_l3l4_hdr, ack_len, GFP_KERNEL);
result = i2400m_msg_size_check(i2400m, ack_l3l4_hdr, ack_len);
if (result < 0) {
dev_err(dev, "HW BUG? reply to message 0x%04x: %d\n",
msg_type, result);
goto error_bad_ack_len;
}
if (msg_type != le16_to_cpu(ack_l3l4_hdr->type)) {
dev_err(dev, "HW BUG? bad reply 0x%04x to message 0x%04x\n",
le16_to_cpu(ack_l3l4_hdr->type), msg_type);
result = -EIO;
goto error_bad_ack_type;
}
i2400m_msg_ack_hook(i2400m, ack_l3l4_hdr, ack_len);
mutex_unlock(&i2400m->msg_mutex);
d_fnend(3, dev, "(i2400m %p buf %p len %zu) = %p\n",
i2400m, buf, buf_len, ack_skb);
return ack_skb;
error_bad_ack_type:
error_bad_ack_len:
kfree_skb(ack_skb);
error_ack_status:
error_wait_for_completion:
error_tx:
mutex_unlock(&i2400m->msg_mutex);
error_bad_msg:
d_fnend(3, dev, "(i2400m %p buf %p len %zu) = %d\n",
i2400m, buf, buf_len, result);
return ERR_PTR(result);
}
/**
* i2400m_firmware_check - check firmware versions are compatible with
* the driver
*
* @i2400m: device descriptor
*
* Returns: 0 if ok, < 0 errno code an error and a message in the
* kernel log.
*
* Long function, but quite simple; first chunk launches the command
* and double checks the reply for the right TLV. Then we process the
* TLV (where the meat is).
*
* Once we process the TLV that gives us the firmware's interface
* version, we encode it and save it in i2400m->fw_version for future
* reference.
*/
int i2400m_firmware_check(struct i2400m *i2400m)
{
int result;
struct device *dev = i2400m_dev(i2400m);
struct sk_buff *ack_skb;
struct i2400m_l3l4_hdr *cmd;
const struct i2400m_l3l4_hdr *ack;
size_t ack_len;
const struct i2400m_tlv_hdr *tlv;
const struct i2400m_tlv_l4_message_versions *l4mv;
char strerr[32];
unsigned major, minor, branch;
result = -ENOMEM;
cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
if (cmd == NULL)
goto error_alloc;
cmd->type = cpu_to_le16(I2400M_MT_GET_LM_VERSION);
cmd->length = 0;
cmd->version = cpu_to_le16(I2400M_L3L4_VERSION);
ack_skb = i2400m_msg_to_dev(i2400m, cmd, sizeof(*cmd));
if (IS_ERR(ack_skb)) {
result = PTR_ERR(ack_skb);
dev_err(dev, "Failed to issue 'get lm version' command: %-d\n",
result);
goto error_msg_to_dev;
}
ack = wimax_msg_data_len(ack_skb, &ack_len);
result = i2400m_msg_check_status(ack, strerr, sizeof(strerr));
if (result < 0) {
dev_err(dev, "'get lm version' (0x%04x) command failed: "
"%d - %s\n", I2400M_MT_GET_LM_VERSION, result,
strerr);
goto error_cmd_failed;
}
tlv = i2400m_tlv_find(i2400m, ack->pl, ack_len - sizeof(*ack),
I2400M_TLV_L4_MESSAGE_VERSIONS, sizeof(*l4mv));
if (tlv == NULL) {
dev_err(dev, "get lm version: TLV not found (0x%04x)\n",
I2400M_TLV_L4_MESSAGE_VERSIONS);
result = -EIO;
goto error_no_tlv;
}
l4mv = container_of(tlv, typeof(*l4mv), hdr);
major = le16_to_cpu(l4mv->major);
minor = le16_to_cpu(l4mv->minor);
branch = le16_to_cpu(l4mv->branch);
result = -EINVAL;
if (major != I2400M_HDIv_MAJOR) {
dev_err(dev, "unsupported major fw version "
"%u.%u.%u\n", major, minor, branch);
goto error_bad_major;
}
result = 0;
if (minor < I2400M_HDIv_MINOR_2 && minor > I2400M_HDIv_MINOR)
dev_warn(dev, "untested minor fw version %u.%u.%u\n",
major, minor, branch);
/* Yes, we ignore the branch -- we don't have to track it */
i2400m->fw_version = major << 16 | minor;
dev_info(dev, "firmware interface version %u.%u.%u\n",
major, minor, branch);
error_bad_major:
error_no_tlv:
error_cmd_failed:
kfree_skb(ack_skb);
error_msg_to_dev:
kfree(cmd);
error_alloc:
return result;
}
struct sk_buff *i2400m_msg_to_dev(struct i2400m *i2400m,
const void *buf, size_t buf_len)
{
int result;
struct device *dev = i2400m_dev(i2400m);
const struct i2400m_l3l4_hdr *msg_l3l4_hdr;
struct sk_buff *ack_skb;
const struct i2400m_l3l4_hdr *ack_l3l4_hdr;
size_t ack_len;
int ack_timeout;
unsigned msg_type;
unsigned long flags;
d_fnstart(3, dev, "(i2400m %p buf %p len %zu)\n",
i2400m, buf, buf_len);
rmb();
if (i2400m->boot_mode)
return ERR_PTR(-EL3RST);
msg_l3l4_hdr = buf;
result = i2400m_msg_size_check(i2400m, msg_l3l4_hdr, buf_len);
if (result < 0)
goto error_bad_msg;
msg_type = le16_to_cpu(msg_l3l4_hdr->type);
d_printf(1, dev, "CMD/GET/SET 0x%04x %zu bytes\n",
msg_type, buf_len);
d_dump(2, dev, buf, buf_len);
mutex_lock(&i2400m->msg_mutex);
spin_lock_irqsave(&i2400m->rx_lock, flags);
i2400m->ack_skb = ERR_PTR(-EINPROGRESS);
spin_unlock_irqrestore(&i2400m->rx_lock, flags);
init_completion(&i2400m->msg_completion);
result = i2400m_tx(i2400m, buf, buf_len, I2400M_PT_CTRL);
if (result < 0) {
dev_err(dev, "can't send message 0x%04x: %d\n",
le16_to_cpu(msg_l3l4_hdr->type), result);
goto error_tx;
}
switch (msg_type) {
case I2400M_MT_GET_TLS_OPERATION_RESULT:
case I2400M_MT_CMD_SEND_EAP_RESPONSE:
ack_timeout = 5 * HZ;
break;
default:
ack_timeout = HZ;
}
if (unlikely(i2400m->trace_msg_from_user))
wimax_msg(&i2400m->wimax_dev, "echo", buf, buf_len, GFP_KERNEL);
result = wait_for_completion_interruptible_timeout(
&i2400m->msg_completion, ack_timeout);
if (result == 0) {
dev_err(dev, "timeout waiting for reply to message 0x%04x\n",
msg_type);
result = -ETIMEDOUT;
i2400m_msg_to_dev_cancel_wait(i2400m, result);
goto error_wait_for_completion;
} else if (result < 0) {
dev_err(dev, "error waiting for reply to message 0x%04x: %d\n",
msg_type, result);
i2400m_msg_to_dev_cancel_wait(i2400m, result);
goto error_wait_for_completion;
}
spin_lock_irqsave(&i2400m->rx_lock, flags);
ack_skb = i2400m->ack_skb;
if (IS_ERR(ack_skb))
result = PTR_ERR(ack_skb);
else
result = 0;
i2400m->ack_skb = NULL;
spin_unlock_irqrestore(&i2400m->rx_lock, flags);
if (result < 0)
goto error_ack_status;
ack_l3l4_hdr = wimax_msg_data_len(ack_skb, &ack_len);
if (unlikely(i2400m->trace_msg_from_user))
wimax_msg(&i2400m->wimax_dev, "echo",
ack_l3l4_hdr, ack_len, GFP_KERNEL);
result = i2400m_msg_size_check(i2400m, ack_l3l4_hdr, ack_len);
if (result < 0) {
dev_err(dev, "HW BUG? reply to message 0x%04x: %d\n",
msg_type, result);
goto error_bad_ack_len;
}
if (msg_type != le16_to_cpu(ack_l3l4_hdr->type)) {
dev_err(dev, "HW BUG? bad reply 0x%04x to message 0x%04x\n",
le16_to_cpu(ack_l3l4_hdr->type), msg_type);
result = -EIO;
goto error_bad_ack_type;
}
i2400m_msg_ack_hook(i2400m, ack_l3l4_hdr, ack_len);
mutex_unlock(&i2400m->msg_mutex);
d_fnend(3, dev, "(i2400m %p buf %p len %zu) = %p\n",
i2400m, buf, buf_len, ack_skb);
return ack_skb;
error_bad_ack_type:
error_bad_ack_len:
kfree_skb(ack_skb);
error_ack_status:
error_wait_for_completion:
error_tx:
mutex_unlock(&i2400m->msg_mutex);
error_bad_msg:
d_fnend(3, dev, "(i2400m %p buf %p len %zu) = %d\n",
i2400m, buf, buf_len, result);
return ERR_PTR(result);
}
