linux_dsm_epyc7002/drivers/isdn/gigaset/bas-gigaset.c

2673 lines
71 KiB
C
Raw Normal View History

// SPDX-License-Identifier: GPL-2.0-or-later
/*
* USB driver for Gigaset 307x base via direct USB connection.
*
* Copyright (c) 2001 by Hansjoerg Lipp <hjlipp@web.de>,
* Tilman Schmidt <tilman@imap.cc>,
* Stefan Eilers.
*
* =====================================================================
* =====================================================================
*/
#include "gigaset.h"
#include <linux/usb.h>
#include <linux/module.h>
#include <linux/moduleparam.h>
/* Version Information */
#define DRIVER_AUTHOR "Tilman Schmidt <tilman@imap.cc>, Hansjoerg Lipp <hjlipp@web.de>, Stefan Eilers"
#define DRIVER_DESC "USB Driver for Gigaset 307x"
/* Module parameters */
static int startmode = SM_ISDN;
static int cidmode = 1;
module_param(startmode, int, S_IRUGO);
module_param(cidmode, int, S_IRUGO);
MODULE_PARM_DESC(startmode, "start in isdn4linux mode");
MODULE_PARM_DESC(cidmode, "Call-ID mode");
#define GIGASET_MINORS 1
#define GIGASET_MINOR 16
#define GIGASET_MODULENAME "bas_gigaset"
#define GIGASET_DEVNAME "ttyGB"
/* length limit according to Siemens 3070usb-protokoll.doc ch. 2.1 */
#define IF_WRITEBUF 264
/* interrupt pipe message size according to ibid. ch. 2.2 */
#define IP_MSGSIZE 3
/* Values for the Gigaset 307x */
#define USB_GIGA_VENDOR_ID 0x0681
#define USB_3070_PRODUCT_ID 0x0001
#define USB_3075_PRODUCT_ID 0x0002
#define USB_SX303_PRODUCT_ID 0x0021
#define USB_SX353_PRODUCT_ID 0x0022
/* table of devices that work with this driver */
static const struct usb_device_id gigaset_table[] = {
{ USB_DEVICE(USB_GIGA_VENDOR_ID, USB_3070_PRODUCT_ID) },
{ USB_DEVICE(USB_GIGA_VENDOR_ID, USB_3075_PRODUCT_ID) },
{ USB_DEVICE(USB_GIGA_VENDOR_ID, USB_SX303_PRODUCT_ID) },
{ USB_DEVICE(USB_GIGA_VENDOR_ID, USB_SX353_PRODUCT_ID) },
{ } /* Terminating entry */
};
MODULE_DEVICE_TABLE(usb, gigaset_table);
/*======================= local function prototypes ==========================*/
/* function called if a new device belonging to this driver is connected */
static int gigaset_probe(struct usb_interface *interface,
const struct usb_device_id *id);
/* Function will be called if the device is unplugged */
static void gigaset_disconnect(struct usb_interface *interface);
/* functions called before/after suspend */
static int gigaset_suspend(struct usb_interface *intf, pm_message_t message);
static int gigaset_resume(struct usb_interface *intf);
/* functions called before/after device reset */
static int gigaset_pre_reset(struct usb_interface *intf);
static int gigaset_post_reset(struct usb_interface *intf);
static int atread_submit(struct cardstate *, int);
static void stopurbs(struct bas_bc_state *);
static int req_submit(struct bc_state *, int, int, int);
static int atwrite_submit(struct cardstate *, unsigned char *, int);
static int start_cbsend(struct cardstate *);
/*============================================================================*/
struct bas_cardstate {
struct usb_device *udev; /* USB device pointer */
struct cardstate *cs;
struct usb_interface *interface; /* interface for this device */
unsigned char minor; /* starting minor number */
struct urb *urb_ctrl; /* control pipe default URB */
struct usb_ctrlrequest dr_ctrl;
struct timer_list timer_ctrl; /* control request timeout */
int retry_ctrl;
struct timer_list timer_atrdy; /* AT command ready timeout */
struct urb *urb_cmd_out; /* for sending AT commands */
struct usb_ctrlrequest dr_cmd_out;
int retry_cmd_out;
struct urb *urb_cmd_in; /* for receiving AT replies */
struct usb_ctrlrequest dr_cmd_in;
struct timer_list timer_cmd_in; /* receive request timeout */
unsigned char *rcvbuf; /* AT reply receive buffer */
struct urb *urb_int_in; /* URB for interrupt pipe */
unsigned char *int_in_buf;
struct work_struct int_in_wq; /* for usb_clear_halt() */
struct timer_list timer_int_in; /* int read retry delay */
int retry_int_in;
spinlock_t lock; /* locks all following */
int basstate; /* bitmap (BS_*) */
int pending; /* uncompleted base request */
wait_queue_head_t waitqueue;
int rcvbuf_size; /* size of AT receive buffer */
/* 0: no receive in progress */
int retry_cmd_in; /* receive req retry count */
};
/* status of direct USB connection to 307x base (bits in basstate) */
#define BS_ATOPEN 0x001 /* AT channel open */
#define BS_B1OPEN 0x002 /* B channel 1 open */
#define BS_B2OPEN 0x004 /* B channel 2 open */
#define BS_ATREADY 0x008 /* base ready for AT command */
#define BS_INIT 0x010 /* base has signalled INIT_OK */
#define BS_ATTIMER 0x020 /* waiting for HD_READY_SEND_ATDATA */
#define BS_ATRDPEND 0x040 /* urb_cmd_in in use */
#define BS_ATWRPEND 0x080 /* urb_cmd_out in use */
#define BS_SUSPEND 0x100 /* USB port suspended */
#define BS_RESETTING 0x200 /* waiting for HD_RESET_INTERRUPT_PIPE_ACK */
static struct gigaset_driver *driver;
/* usb specific object needed to register this driver with the usb subsystem */
static struct usb_driver gigaset_usb_driver = {
.name = GIGASET_MODULENAME,
.probe = gigaset_probe,
.disconnect = gigaset_disconnect,
.id_table = gigaset_table,
.suspend = gigaset_suspend,
.resume = gigaset_resume,
.reset_resume = gigaset_post_reset,
.pre_reset = gigaset_pre_reset,
.post_reset = gigaset_post_reset,
USB: Disable hub-initiated LPM for comms devices. Hub-initiated LPM is not good for USB communications devices. Comms devices should be able to tell when their link can go into a lower power state, because they know when an incoming transmission is finished. Ideally, these devices would slam their links into a lower power state, using the device-initiated LPM, after finishing the last packet of their data transfer. If we enable the idle timeouts for the parent hubs to enable hub-initiated LPM, we will get a lot of useless LPM packets on the bus as the devices reject LPM transitions when they're in the middle of receiving data. Worse, some devices might blindly accept the hub-initiated LPM and power down their radios while they're in the middle of receiving a transmission. The Intel Windows folks are disabling hub-initiated LPM for all USB communications devices under a xHCI USB 3.0 host. In order to keep the Linux behavior as close as possible to Windows, we need to do the same in Linux. Set the disable_hub_initiated_lpm flag for for all USB communications drivers. I know there aren't currently any USB 3.0 devices that implement these class specifications, but we should be ready if they do. Signed-off-by: Sarah Sharp <sarah.a.sharp@linux.intel.com> Cc: Marcel Holtmann <marcel@holtmann.org> Cc: Gustavo Padovan <gustavo@padovan.org> Cc: Johan Hedberg <johan.hedberg@gmail.com> Cc: Hansjoerg Lipp <hjlipp@web.de> Cc: Tilman Schmidt <tilman@imap.cc> Cc: Karsten Keil <isdn@linux-pingi.de> Cc: Peter Korsgaard <jacmet@sunsite.dk> Cc: Jan Dumon <j.dumon@option.com> Cc: Petko Manolov <petkan@users.sourceforge.net> Cc: Steve Glendinning <steve.glendinning@smsc.com> Cc: "John W. Linville" <linville@tuxdriver.com> Cc: Kalle Valo <kvalo@qca.qualcomm.com> Cc: "Luis R. Rodriguez" <mcgrof@qca.qualcomm.com> Cc: Jouni Malinen <jouni@qca.qualcomm.com> Cc: Vasanthakumar Thiagarajan <vthiagar@qca.qualcomm.com> Cc: Senthil Balasubramanian <senthilb@qca.qualcomm.com> Cc: Christian Lamparter <chunkeey@googlemail.com> Cc: Brett Rudley <brudley@broadcom.com> Cc: Roland Vossen <rvossen@broadcom.com> Cc: Arend van Spriel <arend@broadcom.com> Cc: "Franky (Zhenhui) Lin" <frankyl@broadcom.com> Cc: Kan Yan <kanyan@broadcom.com> Cc: Dan Williams <dcbw@redhat.com> Cc: Jussi Kivilinna <jussi.kivilinna@mbnet.fi> Cc: Ivo van Doorn <IvDoorn@gmail.com> Cc: Gertjan van Wingerde <gwingerde@gmail.com> Cc: Helmut Schaa <helmut.schaa@googlemail.com> Cc: Herton Ronaldo Krzesinski <herton@canonical.com> Cc: Hin-Tak Leung <htl10@users.sourceforge.net> Cc: Larry Finger <Larry.Finger@lwfinger.net> Cc: Chaoming Li <chaoming_li@realsil.com.cn> Cc: Daniel Drake <dsd@gentoo.org> Cc: Ulrich Kunitz <kune@deine-taler.de> Signed-off-by: Sarah Sharp <sarah.a.sharp@linux.intel.com>
2012-04-24 00:08:51 +07:00
.disable_hub_initiated_lpm = 1,
};
/* get message text for usb_submit_urb return code
*/
static char *get_usb_rcmsg(int rc)
{
static char unkmsg[28];
switch (rc) {
case 0:
return "success";
case -ENOMEM:
return "out of memory";
case -ENODEV:
return "device not present";
case -ENOENT:
return "endpoint not present";
case -ENXIO:
return "URB type not supported";
case -EINVAL:
return "invalid argument";
case -EAGAIN:
return "start frame too early or too much scheduled";
case -EFBIG:
return "too many isoc frames requested";
case -EPIPE:
return "endpoint stalled";
case -EMSGSIZE:
return "invalid packet size";
case -ENOSPC:
return "would overcommit USB bandwidth";
case -ESHUTDOWN:
return "device shut down";
case -EPERM:
return "reject flag set";
case -EHOSTUNREACH:
return "device suspended";
default:
snprintf(unkmsg, sizeof(unkmsg), "unknown error %d", rc);
return unkmsg;
}
}
/* get message text for USB status code
*/
static char *get_usb_statmsg(int status)
{
static char unkmsg[28];
switch (status) {
case 0:
return "success";
case -ENOENT:
return "unlinked (sync)";
case -EINPROGRESS:
return "URB still pending";
case -EPROTO:
return "bitstuff error, timeout, or unknown USB error";
case -EILSEQ:
return "CRC mismatch, timeout, or unknown USB error";
case -ETIME:
return "USB response timeout";
case -EPIPE:
return "endpoint stalled";
case -ECOMM:
return "IN buffer overrun";
case -ENOSR:
return "OUT buffer underrun";
case -EOVERFLOW:
return "endpoint babble";
case -EREMOTEIO:
return "short packet";
case -ENODEV:
return "device removed";
case -EXDEV:
return "partial isoc transfer";
case -EINVAL:
return "ISO madness";
case -ECONNRESET:
return "unlinked (async)";
case -ESHUTDOWN:
return "device shut down";
default:
snprintf(unkmsg, sizeof(unkmsg), "unknown status %d", status);
return unkmsg;
}
}
/* usb_pipetype_str
* retrieve string representation of USB pipe type
*/
static inline char *usb_pipetype_str(int pipe)
{
if (usb_pipeisoc(pipe))
return "Isoc";
if (usb_pipeint(pipe))
return "Int";
if (usb_pipecontrol(pipe))
return "Ctrl";
if (usb_pipebulk(pipe))
return "Bulk";
return "?";
}
/* dump_urb
* write content of URB to syslog for debugging
*/
static inline void dump_urb(enum debuglevel level, const char *tag,
struct urb *urb)
{
#ifdef CONFIG_GIGASET_DEBUG
int i;
gig_dbg(level, "%s urb(0x%08lx)->{", tag, (unsigned long) urb);
if (urb) {
gig_dbg(level,
" dev=0x%08lx, pipe=%s:EP%d/DV%d:%s, "
"hcpriv=0x%08lx, transfer_flags=0x%x,",
(unsigned long) urb->dev,
usb_pipetype_str(urb->pipe),
usb_pipeendpoint(urb->pipe), usb_pipedevice(urb->pipe),
usb_pipein(urb->pipe) ? "in" : "out",
(unsigned long) urb->hcpriv,
urb->transfer_flags);
gig_dbg(level,
" transfer_buffer=0x%08lx[%d], actual_length=%d, "
"setup_packet=0x%08lx,",
(unsigned long) urb->transfer_buffer,
urb->transfer_buffer_length, urb->actual_length,
(unsigned long) urb->setup_packet);
gig_dbg(level,
" start_frame=%d, number_of_packets=%d, interval=%d, "
"error_count=%d,",
urb->start_frame, urb->number_of_packets, urb->interval,
urb->error_count);
gig_dbg(level,
" context=0x%08lx, complete=0x%08lx, "
"iso_frame_desc[]={",
(unsigned long) urb->context,
(unsigned long) urb->complete);
for (i = 0; i < urb->number_of_packets; i++) {
struct usb_iso_packet_descriptor *pifd
= &urb->iso_frame_desc[i];
gig_dbg(level,
" {offset=%u, length=%u, actual_length=%u, "
"status=%u}",
pifd->offset, pifd->length, pifd->actual_length,
pifd->status);
}
}
gig_dbg(level, "}}");
#endif
}
/* read/set modem control bits etc. (m10x only) */
static int gigaset_set_modem_ctrl(struct cardstate *cs, unsigned old_state,
unsigned new_state)
{
return -EINVAL;
}
static int gigaset_baud_rate(struct cardstate *cs, unsigned cflag)
{
return -EINVAL;
}
static int gigaset_set_line_ctrl(struct cardstate *cs, unsigned cflag)
{
return -EINVAL;
}
/* set/clear bits in base connection state, return previous state
*/
static inline int update_basstate(struct bas_cardstate *ucs,
int set, int clear)
{
unsigned long flags;
int state;
spin_lock_irqsave(&ucs->lock, flags);
state = ucs->basstate;
ucs->basstate = (state & ~clear) | set;
spin_unlock_irqrestore(&ucs->lock, flags);
return state;
}
/* error_hangup
* hang up any existing connection because of an unrecoverable error
* This function may be called from any context and takes care of scheduling
* the necessary actions for execution outside of interrupt context.
* cs->lock must not be held.
* argument:
* B channel control structure
*/
static inline void error_hangup(struct bc_state *bcs)
{
struct cardstate *cs = bcs->cs;
gigaset_add_event(cs, &bcs->at_state, EV_HUP, NULL, 0, NULL);
gigaset_schedule_event(cs);
}
/* error_reset
* reset Gigaset device because of an unrecoverable error
* This function may be called from any context, and takes care of
* scheduling the necessary actions for execution outside of interrupt context.
* cs->hw.bas->lock must not be held.
* argument:
* controller state structure
*/
static inline void error_reset(struct cardstate *cs)
{
/* reset interrupt pipe to recover (ignore errors) */
update_basstate(cs->hw.bas, BS_RESETTING, 0);
if (req_submit(cs->bcs, HD_RESET_INTERRUPT_PIPE, 0, BAS_TIMEOUT))
/* submission failed, escalate to USB port reset */
usb_queue_reset_device(cs->hw.bas->interface);
}
/* check_pending
* check for completion of pending control request
* parameter:
* ucs hardware specific controller state structure
*/
static void check_pending(struct bas_cardstate *ucs)
{
unsigned long flags;
spin_lock_irqsave(&ucs->lock, flags);
switch (ucs->pending) {
case 0:
break;
case HD_OPEN_ATCHANNEL:
if (ucs->basstate & BS_ATOPEN)
ucs->pending = 0;
break;
case HD_OPEN_B1CHANNEL:
if (ucs->basstate & BS_B1OPEN)
ucs->pending = 0;
break;
case HD_OPEN_B2CHANNEL:
if (ucs->basstate & BS_B2OPEN)
ucs->pending = 0;
break;
case HD_CLOSE_ATCHANNEL:
if (!(ucs->basstate & BS_ATOPEN))
ucs->pending = 0;
break;
case HD_CLOSE_B1CHANNEL:
if (!(ucs->basstate & BS_B1OPEN))
ucs->pending = 0;
break;
case HD_CLOSE_B2CHANNEL:
if (!(ucs->basstate & BS_B2OPEN))
ucs->pending = 0;
break;
case HD_DEVICE_INIT_ACK: /* no reply expected */
ucs->pending = 0;
break;
case HD_RESET_INTERRUPT_PIPE:
if (!(ucs->basstate & BS_RESETTING))
ucs->pending = 0;
break;
/*
* HD_READ_ATMESSAGE and HD_WRITE_ATMESSAGE are handled separately
* and should never end up here
*/
default:
dev_warn(&ucs->interface->dev,
"unknown pending request 0x%02x cleared\n",
ucs->pending);
ucs->pending = 0;
}
if (!ucs->pending)
del_timer(&ucs->timer_ctrl);
spin_unlock_irqrestore(&ucs->lock, flags);
}
/* cmd_in_timeout
* timeout routine for command input request
* argument:
* controller state structure
*/
static void cmd_in_timeout(struct timer_list *t)
{
struct bas_cardstate *ucs = from_timer(ucs, t, timer_cmd_in);
struct cardstate *cs = ucs->cs;
int rc;
if (!ucs->rcvbuf_size) {
gig_dbg(DEBUG_USBREQ, "%s: no receive in progress", __func__);
return;
}
if (ucs->retry_cmd_in++ >= BAS_RETRY) {
dev_err(cs->dev,
"control read: timeout, giving up after %d tries\n",
ucs->retry_cmd_in);
kfree(ucs->rcvbuf);
ucs->rcvbuf = NULL;
ucs->rcvbuf_size = 0;
error_reset(cs);
return;
}
gig_dbg(DEBUG_USBREQ, "%s: timeout, retry %d",
__func__, ucs->retry_cmd_in);
rc = atread_submit(cs, BAS_TIMEOUT);
if (rc < 0) {
kfree(ucs->rcvbuf);
ucs->rcvbuf = NULL;
ucs->rcvbuf_size = 0;
if (rc != -ENODEV)
error_reset(cs);
}
}
/* read_ctrl_callback
* USB completion handler for control pipe input
* called by the USB subsystem in interrupt context
* parameter:
* urb USB request block
* urb->context = inbuf structure for controller state
*/
IRQ: Maintain regs pointer globally rather than passing to IRQ handlers Maintain a per-CPU global "struct pt_regs *" variable which can be used instead of passing regs around manually through all ~1800 interrupt handlers in the Linux kernel. The regs pointer is used in few places, but it potentially costs both stack space and code to pass it around. On the FRV arch, removing the regs parameter from all the genirq function results in a 20% speed up of the IRQ exit path (ie: from leaving timer_interrupt() to leaving do_IRQ()). Where appropriate, an arch may override the generic storage facility and do something different with the variable. On FRV, for instance, the address is maintained in GR28 at all times inside the kernel as part of general exception handling. Having looked over the code, it appears that the parameter may be handed down through up to twenty or so layers of functions. Consider a USB character device attached to a USB hub, attached to a USB controller that posts its interrupts through a cascaded auxiliary interrupt controller. A character device driver may want to pass regs to the sysrq handler through the input layer which adds another few layers of parameter passing. I've build this code with allyesconfig for x86_64 and i386. I've runtested the main part of the code on FRV and i386, though I can't test most of the drivers. I've also done partial conversion for powerpc and MIPS - these at least compile with minimal configurations. This will affect all archs. Mostly the changes should be relatively easy. Take do_IRQ(), store the regs pointer at the beginning, saving the old one: struct pt_regs *old_regs = set_irq_regs(regs); And put the old one back at the end: set_irq_regs(old_regs); Don't pass regs through to generic_handle_irq() or __do_IRQ(). In timer_interrupt(), this sort of change will be necessary: - update_process_times(user_mode(regs)); - profile_tick(CPU_PROFILING, regs); + update_process_times(user_mode(get_irq_regs())); + profile_tick(CPU_PROFILING); I'd like to move update_process_times()'s use of get_irq_regs() into itself, except that i386, alone of the archs, uses something other than user_mode(). Some notes on the interrupt handling in the drivers: (*) input_dev() is now gone entirely. The regs pointer is no longer stored in the input_dev struct. (*) finish_unlinks() in drivers/usb/host/ohci-q.c needs checking. It does something different depending on whether it's been supplied with a regs pointer or not. (*) Various IRQ handler function pointers have been moved to type irq_handler_t. Signed-Off-By: David Howells <dhowells@redhat.com> (cherry picked from 1b16e7ac850969f38b375e511e3fa2f474a33867 commit)
2006-10-05 20:55:46 +07:00
static void read_ctrl_callback(struct urb *urb)
{
struct inbuf_t *inbuf = urb->context;
struct cardstate *cs = inbuf->cs;
struct bas_cardstate *ucs = cs->hw.bas;
int status = urb->status;
unsigned numbytes;
int rc;
update_basstate(ucs, 0, BS_ATRDPEND);
wake_up(&ucs->waitqueue);
del_timer(&ucs->timer_cmd_in);
switch (status) {
case 0: /* normal completion */
numbytes = urb->actual_length;
if (unlikely(numbytes != ucs->rcvbuf_size)) {
dev_warn(cs->dev,
"control read: received %d chars, expected %d\n",
numbytes, ucs->rcvbuf_size);
if (numbytes > ucs->rcvbuf_size)
numbytes = ucs->rcvbuf_size;
}
/* copy received bytes to inbuf, notify event layer */
if (gigaset_fill_inbuf(inbuf, ucs->rcvbuf, numbytes)) {
gig_dbg(DEBUG_INTR, "%s-->BH", __func__);
gigaset_schedule_event(cs);
}
break;
case -ENOENT: /* cancelled */
case -ECONNRESET: /* cancelled (async) */
case -EINPROGRESS: /* pending */
case -ENODEV: /* device removed */
case -ESHUTDOWN: /* device shut down */
/* no further action necessary */
gig_dbg(DEBUG_USBREQ, "%s: %s",
__func__, get_usb_statmsg(status));
break;
default: /* other errors: retry */
if (ucs->retry_cmd_in++ < BAS_RETRY) {
gig_dbg(DEBUG_USBREQ, "%s: %s, retry %d", __func__,
get_usb_statmsg(status), ucs->retry_cmd_in);
rc = atread_submit(cs, BAS_TIMEOUT);
if (rc >= 0)
/* successfully resubmitted, skip freeing */
return;
if (rc == -ENODEV)
/* disconnect, no further action necessary */
break;
}
dev_err(cs->dev, "control read: %s, giving up after %d tries\n",
get_usb_statmsg(status), ucs->retry_cmd_in);
error_reset(cs);
}
/* read finished, free buffer */
kfree(ucs->rcvbuf);
ucs->rcvbuf = NULL;
ucs->rcvbuf_size = 0;
}
/* atread_submit
* submit an HD_READ_ATMESSAGE command URB and optionally start a timeout
* parameters:
* cs controller state structure
* timeout timeout in 1/10 sec., 0: none
* return value:
* 0 on success
* -EBUSY if another request is pending
* any URB submission error code
*/
static int atread_submit(struct cardstate *cs, int timeout)
{
struct bas_cardstate *ucs = cs->hw.bas;
int basstate;
int ret;
gig_dbg(DEBUG_USBREQ, "-------> HD_READ_ATMESSAGE (%d)",
ucs->rcvbuf_size);
basstate = update_basstate(ucs, BS_ATRDPEND, 0);
if (basstate & BS_ATRDPEND) {
dev_err(cs->dev,
"could not submit HD_READ_ATMESSAGE: URB busy\n");
return -EBUSY;
}
if (basstate & BS_SUSPEND) {
dev_notice(cs->dev,
"HD_READ_ATMESSAGE not submitted, "
"suspend in progress\n");
update_basstate(ucs, 0, BS_ATRDPEND);
/* treat like disconnect */
return -ENODEV;
}
ucs->dr_cmd_in.bRequestType = IN_VENDOR_REQ;
ucs->dr_cmd_in.bRequest = HD_READ_ATMESSAGE;
ucs->dr_cmd_in.wValue = 0;
ucs->dr_cmd_in.wIndex = 0;
ucs->dr_cmd_in.wLength = cpu_to_le16(ucs->rcvbuf_size);
usb_fill_control_urb(ucs->urb_cmd_in, ucs->udev,
usb_rcvctrlpipe(ucs->udev, 0),
(unsigned char *) &ucs->dr_cmd_in,
ucs->rcvbuf, ucs->rcvbuf_size,
read_ctrl_callback, cs->inbuf);
ret = usb_submit_urb(ucs->urb_cmd_in, GFP_ATOMIC);
if (ret != 0) {
update_basstate(ucs, 0, BS_ATRDPEND);
dev_err(cs->dev, "could not submit HD_READ_ATMESSAGE: %s\n",
get_usb_rcmsg(ret));
return ret;
}
if (timeout > 0) {
gig_dbg(DEBUG_USBREQ, "setting timeout of %d/10 secs", timeout);
mod_timer(&ucs->timer_cmd_in, jiffies + timeout * HZ / 10);
}
return 0;
}
/* int_in_work
* workqueue routine to clear halt on interrupt in endpoint
*/
static void int_in_work(struct work_struct *work)
{
struct bas_cardstate *ucs =
container_of(work, struct bas_cardstate, int_in_wq);
struct urb *urb = ucs->urb_int_in;
struct cardstate *cs = urb->context;
int rc;
/* clear halt condition */
rc = usb_clear_halt(ucs->udev, urb->pipe);
gig_dbg(DEBUG_USBREQ, "clear_halt: %s", get_usb_rcmsg(rc));
if (rc == 0)
/* success, resubmit interrupt read URB */
rc = usb_submit_urb(urb, GFP_ATOMIC);
switch (rc) {
case 0: /* success */
case -ENODEV: /* device gone */
case -EINVAL: /* URB already resubmitted, or terminal badness */
break;
default: /* failure: try to recover by resetting the device */
dev_err(cs->dev, "clear halt failed: %s\n", get_usb_rcmsg(rc));
rc = usb_lock_device_for_reset(ucs->udev, ucs->interface);
if (rc == 0) {
rc = usb_reset_device(ucs->udev);
usb_unlock_device(ucs->udev);
}
}
ucs->retry_int_in = 0;
}
/* int_in_resubmit
* timer routine for interrupt read delayed resubmit
* argument:
* controller state structure
*/
static void int_in_resubmit(struct timer_list *t)
{
struct bas_cardstate *ucs = from_timer(ucs, t, timer_int_in);
struct cardstate *cs = ucs->cs;
int rc;
if (ucs->retry_int_in++ >= BAS_RETRY) {
dev_err(cs->dev, "interrupt read: giving up after %d tries\n",
ucs->retry_int_in);
usb_queue_reset_device(ucs->interface);
return;
}
gig_dbg(DEBUG_USBREQ, "%s: retry %d", __func__, ucs->retry_int_in);
rc = usb_submit_urb(ucs->urb_int_in, GFP_ATOMIC);
if (rc != 0 && rc != -ENODEV) {
dev_err(cs->dev, "could not resubmit interrupt URB: %s\n",
get_usb_rcmsg(rc));
usb_queue_reset_device(ucs->interface);
}
}
/* read_int_callback
* USB completion handler for interrupt pipe input
* called by the USB subsystem in interrupt context
* parameter:
* urb USB request block
* urb->context = controller state structure
*/
IRQ: Maintain regs pointer globally rather than passing to IRQ handlers Maintain a per-CPU global "struct pt_regs *" variable which can be used instead of passing regs around manually through all ~1800 interrupt handlers in the Linux kernel. The regs pointer is used in few places, but it potentially costs both stack space and code to pass it around. On the FRV arch, removing the regs parameter from all the genirq function results in a 20% speed up of the IRQ exit path (ie: from leaving timer_interrupt() to leaving do_IRQ()). Where appropriate, an arch may override the generic storage facility and do something different with the variable. On FRV, for instance, the address is maintained in GR28 at all times inside the kernel as part of general exception handling. Having looked over the code, it appears that the parameter may be handed down through up to twenty or so layers of functions. Consider a USB character device attached to a USB hub, attached to a USB controller that posts its interrupts through a cascaded auxiliary interrupt controller. A character device driver may want to pass regs to the sysrq handler through the input layer which adds another few layers of parameter passing. I've build this code with allyesconfig for x86_64 and i386. I've runtested the main part of the code on FRV and i386, though I can't test most of the drivers. I've also done partial conversion for powerpc and MIPS - these at least compile with minimal configurations. This will affect all archs. Mostly the changes should be relatively easy. Take do_IRQ(), store the regs pointer at the beginning, saving the old one: struct pt_regs *old_regs = set_irq_regs(regs); And put the old one back at the end: set_irq_regs(old_regs); Don't pass regs through to generic_handle_irq() or __do_IRQ(). In timer_interrupt(), this sort of change will be necessary: - update_process_times(user_mode(regs)); - profile_tick(CPU_PROFILING, regs); + update_process_times(user_mode(get_irq_regs())); + profile_tick(CPU_PROFILING); I'd like to move update_process_times()'s use of get_irq_regs() into itself, except that i386, alone of the archs, uses something other than user_mode(). Some notes on the interrupt handling in the drivers: (*) input_dev() is now gone entirely. The regs pointer is no longer stored in the input_dev struct. (*) finish_unlinks() in drivers/usb/host/ohci-q.c needs checking. It does something different depending on whether it's been supplied with a regs pointer or not. (*) Various IRQ handler function pointers have been moved to type irq_handler_t. Signed-Off-By: David Howells <dhowells@redhat.com> (cherry picked from 1b16e7ac850969f38b375e511e3fa2f474a33867 commit)
2006-10-05 20:55:46 +07:00
static void read_int_callback(struct urb *urb)
{
struct cardstate *cs = urb->context;
struct bas_cardstate *ucs = cs->hw.bas;
struct bc_state *bcs;
int status = urb->status;
unsigned long flags;
int rc;
unsigned l;
int channel;
switch (status) {
case 0: /* success */
ucs->retry_int_in = 0;
break;
case -EPIPE: /* endpoint stalled */
schedule_work(&ucs->int_in_wq);
/* fall through */
case -ENOENT: /* cancelled */
case -ECONNRESET: /* cancelled (async) */
case -EINPROGRESS: /* pending */
case -ENODEV: /* device removed */
case -ESHUTDOWN: /* device shut down */
/* no further action necessary */
gig_dbg(DEBUG_USBREQ, "%s: %s",
__func__, get_usb_statmsg(status));
return;
case -EPROTO: /* protocol error or unplug */
case -EILSEQ:
case -ETIME:
/* resubmit after delay */
gig_dbg(DEBUG_USBREQ, "%s: %s",
__func__, get_usb_statmsg(status));
mod_timer(&ucs->timer_int_in, jiffies + HZ / 10);
return;
default: /* other errors: just resubmit */
dev_warn(cs->dev, "interrupt read: %s\n",
get_usb_statmsg(status));
goto resubmit;
}
/* drop incomplete packets even if the missing bytes wouldn't matter */
if (unlikely(urb->actual_length < IP_MSGSIZE)) {
dev_warn(cs->dev, "incomplete interrupt packet (%d bytes)\n",
urb->actual_length);
goto resubmit;
}
l = (unsigned) ucs->int_in_buf[1] +
(((unsigned) ucs->int_in_buf[2]) << 8);
gig_dbg(DEBUG_USBREQ, "<-------%d: 0x%02x (%u [0x%02x 0x%02x])",
urb->actual_length, (int)ucs->int_in_buf[0], l,
(int)ucs->int_in_buf[1], (int)ucs->int_in_buf[2]);
channel = 0;
switch (ucs->int_in_buf[0]) {
case HD_DEVICE_INIT_OK:
update_basstate(ucs, BS_INIT, 0);
break;
case HD_READY_SEND_ATDATA:
del_timer(&ucs->timer_atrdy);
update_basstate(ucs, BS_ATREADY, BS_ATTIMER);
start_cbsend(cs);
break;
case HD_OPEN_B2CHANNEL_ACK:
++channel;
/* fall through */
case HD_OPEN_B1CHANNEL_ACK:
bcs = cs->bcs + channel;
update_basstate(ucs, BS_B1OPEN << channel, 0);
gigaset_bchannel_up(bcs);
break;
case HD_OPEN_ATCHANNEL_ACK:
update_basstate(ucs, BS_ATOPEN, 0);
start_cbsend(cs);
break;
case HD_CLOSE_B2CHANNEL_ACK:
++channel;
/* fall through */
case HD_CLOSE_B1CHANNEL_ACK:
bcs = cs->bcs + channel;
update_basstate(ucs, 0, BS_B1OPEN << channel);
stopurbs(bcs->hw.bas);
gigaset_bchannel_down(bcs);
break;
case HD_CLOSE_ATCHANNEL_ACK:
update_basstate(ucs, 0, BS_ATOPEN);
break;
case HD_B2_FLOW_CONTROL:
++channel;
/* fall through */
case HD_B1_FLOW_CONTROL:
bcs = cs->bcs + channel;
atomic_add((l - BAS_NORMFRAME) * BAS_CORRFRAMES,
&bcs->hw.bas->corrbytes);
gig_dbg(DEBUG_ISO,
"Flow control (channel %d, sub %d): 0x%02x => %d",
channel, bcs->hw.bas->numsub, l,
atomic_read(&bcs->hw.bas->corrbytes));
break;
case HD_RECEIVEATDATA_ACK: /* AT response ready to be received */
if (!l) {
dev_warn(cs->dev,
"HD_RECEIVEATDATA_ACK with length 0 ignored\n");
break;
}
spin_lock_irqsave(&cs->lock, flags);
if (ucs->basstate & BS_ATRDPEND) {
spin_unlock_irqrestore(&cs->lock, flags);
dev_warn(cs->dev,
"HD_RECEIVEATDATA_ACK(%d) during HD_READ_ATMESSAGE(%d) ignored\n",
l, ucs->rcvbuf_size);
break;
}
if (ucs->rcvbuf_size) {
/* throw away previous buffer - we have no queue */
dev_err(cs->dev,
"receive AT data overrun, %d bytes lost\n",
ucs->rcvbuf_size);
kfree(ucs->rcvbuf);
ucs->rcvbuf_size = 0;
}
ucs->rcvbuf = kmalloc(l, GFP_ATOMIC);
if (ucs->rcvbuf == NULL) {
spin_unlock_irqrestore(&cs->lock, flags);
dev_err(cs->dev, "out of memory receiving AT data\n");
break;
}
ucs->rcvbuf_size = l;
ucs->retry_cmd_in = 0;
rc = atread_submit(cs, BAS_TIMEOUT);
if (rc < 0) {
kfree(ucs->rcvbuf);
ucs->rcvbuf = NULL;
ucs->rcvbuf_size = 0;
}
spin_unlock_irqrestore(&cs->lock, flags);
if (rc < 0 && rc != -ENODEV)
error_reset(cs);
break;
case HD_RESET_INTERRUPT_PIPE_ACK:
update_basstate(ucs, 0, BS_RESETTING);
dev_notice(cs->dev, "interrupt pipe reset\n");
break;
case HD_SUSPEND_END:
gig_dbg(DEBUG_USBREQ, "HD_SUSPEND_END");
break;
default:
dev_warn(cs->dev,
"unknown Gigaset signal 0x%02x (%u) ignored\n",
(int) ucs->int_in_buf[0], l);
}
check_pending(ucs);
wake_up(&ucs->waitqueue);
resubmit:
rc = usb_submit_urb(urb, GFP_ATOMIC);
if (unlikely(rc != 0 && rc != -ENODEV)) {
dev_err(cs->dev, "could not resubmit interrupt URB: %s\n",
get_usb_rcmsg(rc));
error_reset(cs);
}
}
/* read_iso_callback
* USB completion handler for B channel isochronous input
* called by the USB subsystem in interrupt context
* parameter:
* urb USB request block of completed request
* urb->context = bc_state structure
*/
IRQ: Maintain regs pointer globally rather than passing to IRQ handlers Maintain a per-CPU global "struct pt_regs *" variable which can be used instead of passing regs around manually through all ~1800 interrupt handlers in the Linux kernel. The regs pointer is used in few places, but it potentially costs both stack space and code to pass it around. On the FRV arch, removing the regs parameter from all the genirq function results in a 20% speed up of the IRQ exit path (ie: from leaving timer_interrupt() to leaving do_IRQ()). Where appropriate, an arch may override the generic storage facility and do something different with the variable. On FRV, for instance, the address is maintained in GR28 at all times inside the kernel as part of general exception handling. Having looked over the code, it appears that the parameter may be handed down through up to twenty or so layers of functions. Consider a USB character device attached to a USB hub, attached to a USB controller that posts its interrupts through a cascaded auxiliary interrupt controller. A character device driver may want to pass regs to the sysrq handler through the input layer which adds another few layers of parameter passing. I've build this code with allyesconfig for x86_64 and i386. I've runtested the main part of the code on FRV and i386, though I can't test most of the drivers. I've also done partial conversion for powerpc and MIPS - these at least compile with minimal configurations. This will affect all archs. Mostly the changes should be relatively easy. Take do_IRQ(), store the regs pointer at the beginning, saving the old one: struct pt_regs *old_regs = set_irq_regs(regs); And put the old one back at the end: set_irq_regs(old_regs); Don't pass regs through to generic_handle_irq() or __do_IRQ(). In timer_interrupt(), this sort of change will be necessary: - update_process_times(user_mode(regs)); - profile_tick(CPU_PROFILING, regs); + update_process_times(user_mode(get_irq_regs())); + profile_tick(CPU_PROFILING); I'd like to move update_process_times()'s use of get_irq_regs() into itself, except that i386, alone of the archs, uses something other than user_mode(). Some notes on the interrupt handling in the drivers: (*) input_dev() is now gone entirely. The regs pointer is no longer stored in the input_dev struct. (*) finish_unlinks() in drivers/usb/host/ohci-q.c needs checking. It does something different depending on whether it's been supplied with a regs pointer or not. (*) Various IRQ handler function pointers have been moved to type irq_handler_t. Signed-Off-By: David Howells <dhowells@redhat.com> (cherry picked from 1b16e7ac850969f38b375e511e3fa2f474a33867 commit)
2006-10-05 20:55:46 +07:00
static void read_iso_callback(struct urb *urb)
{
struct bc_state *bcs;
struct bas_bc_state *ubc;
int status = urb->status;
unsigned long flags;
int i, rc;
/* status codes not worth bothering the tasklet with */
if (unlikely(status == -ENOENT ||
status == -ECONNRESET ||
status == -EINPROGRESS ||
status == -ENODEV ||
status == -ESHUTDOWN)) {
gig_dbg(DEBUG_ISO, "%s: %s",
__func__, get_usb_statmsg(status));
return;
}
bcs = urb->context;
ubc = bcs->hw.bas;
spin_lock_irqsave(&ubc->isoinlock, flags);
if (likely(ubc->isoindone == NULL)) {
/* pass URB to tasklet */
ubc->isoindone = urb;
ubc->isoinstatus = status;
tasklet_hi_schedule(&ubc->rcvd_tasklet);
} else {
/* tasklet still busy, drop data and resubmit URB */
gig_dbg(DEBUG_ISO, "%s: overrun", __func__);
ubc->loststatus = status;
for (i = 0; i < BAS_NUMFRAMES; i++) {
ubc->isoinlost += urb->iso_frame_desc[i].actual_length;
if (unlikely(urb->iso_frame_desc[i].status != 0 &&
urb->iso_frame_desc[i].status != -EINPROGRESS))
ubc->loststatus = urb->iso_frame_desc[i].status;
urb->iso_frame_desc[i].status = 0;
urb->iso_frame_desc[i].actual_length = 0;
}
if (likely(ubc->running)) {
/* urb->dev is clobbered by USB subsystem */
urb->dev = bcs->cs->hw.bas->udev;
urb->transfer_flags = URB_ISO_ASAP;
urb->number_of_packets = BAS_NUMFRAMES;
rc = usb_submit_urb(urb, GFP_ATOMIC);
if (unlikely(rc != 0 && rc != -ENODEV)) {
dev_err(bcs->cs->dev,
"could not resubmit isoc read URB: %s\n",
get_usb_rcmsg(rc));
dump_urb(DEBUG_ISO, "isoc read", urb);
error_hangup(bcs);
}
}
}
spin_unlock_irqrestore(&ubc->isoinlock, flags);
}
/* write_iso_callback
* USB completion handler for B channel isochronous output
* called by the USB subsystem in interrupt context
* parameter:
* urb USB request block of completed request
* urb->context = isow_urbctx_t structure
*/
IRQ: Maintain regs pointer globally rather than passing to IRQ handlers Maintain a per-CPU global "struct pt_regs *" variable which can be used instead of passing regs around manually through all ~1800 interrupt handlers in the Linux kernel. The regs pointer is used in few places, but it potentially costs both stack space and code to pass it around. On the FRV arch, removing the regs parameter from all the genirq function results in a 20% speed up of the IRQ exit path (ie: from leaving timer_interrupt() to leaving do_IRQ()). Where appropriate, an arch may override the generic storage facility and do something different with the variable. On FRV, for instance, the address is maintained in GR28 at all times inside the kernel as part of general exception handling. Having looked over the code, it appears that the parameter may be handed down through up to twenty or so layers of functions. Consider a USB character device attached to a USB hub, attached to a USB controller that posts its interrupts through a cascaded auxiliary interrupt controller. A character device driver may want to pass regs to the sysrq handler through the input layer which adds another few layers of parameter passing. I've build this code with allyesconfig for x86_64 and i386. I've runtested the main part of the code on FRV and i386, though I can't test most of the drivers. I've also done partial conversion for powerpc and MIPS - these at least compile with minimal configurations. This will affect all archs. Mostly the changes should be relatively easy. Take do_IRQ(), store the regs pointer at the beginning, saving the old one: struct pt_regs *old_regs = set_irq_regs(regs); And put the old one back at the end: set_irq_regs(old_regs); Don't pass regs through to generic_handle_irq() or __do_IRQ(). In timer_interrupt(), this sort of change will be necessary: - update_process_times(user_mode(regs)); - profile_tick(CPU_PROFILING, regs); + update_process_times(user_mode(get_irq_regs())); + profile_tick(CPU_PROFILING); I'd like to move update_process_times()'s use of get_irq_regs() into itself, except that i386, alone of the archs, uses something other than user_mode(). Some notes on the interrupt handling in the drivers: (*) input_dev() is now gone entirely. The regs pointer is no longer stored in the input_dev struct. (*) finish_unlinks() in drivers/usb/host/ohci-q.c needs checking. It does something different depending on whether it's been supplied with a regs pointer or not. (*) Various IRQ handler function pointers have been moved to type irq_handler_t. Signed-Off-By: David Howells <dhowells@redhat.com> (cherry picked from 1b16e7ac850969f38b375e511e3fa2f474a33867 commit)
2006-10-05 20:55:46 +07:00
static void write_iso_callback(struct urb *urb)
{
struct isow_urbctx_t *ucx;
struct bas_bc_state *ubc;
int status = urb->status;
unsigned long flags;
/* status codes not worth bothering the tasklet with */
if (unlikely(status == -ENOENT ||
status == -ECONNRESET ||
status == -EINPROGRESS ||
status == -ENODEV ||
status == -ESHUTDOWN)) {
gig_dbg(DEBUG_ISO, "%s: %s",
__func__, get_usb_statmsg(status));
return;
}
/* pass URB context to tasklet */
ucx = urb->context;
ubc = ucx->bcs->hw.bas;
ucx->status = status;
spin_lock_irqsave(&ubc->isooutlock, flags);
ubc->isooutovfl = ubc->isooutdone;
ubc->isooutdone = ucx;
spin_unlock_irqrestore(&ubc->isooutlock, flags);
tasklet_hi_schedule(&ubc->sent_tasklet);
}
/* starturbs
* prepare and submit USB request blocks for isochronous input and output
* argument:
* B channel control structure
* return value:
* 0 on success
* < 0 on error (no URBs submitted)
*/
static int starturbs(struct bc_state *bcs)
{
isdn: bas_gigaset: use usb_fill_int_urb() properly The switch to make bas_gigaset use usb_fill_int_urb() - instead of filling that urb "by hand" - missed the subtle ordering of the previous code. See, before the switch urb->dev was set to a member somewhere deep in a complicated structure and then supplied to usb_rcvisocpipe() and usb_sndisocpipe(). After that switch urb->dev wasn't set to anything specific before being supplied to those two macros. This triggers a nasty oops: BUG: unable to handle kernel NULL pointer dereference at 00000000 #PF error: [normal kernel read fault] *pde = 00000000 Oops: 0000 [#1] SMP CPU: 0 PID: 0 Comm: swapper/0 Not tainted 5.1.0-0.rc4.1.local0.fc28.i686 #1 Hardware name: IBM 2525FAG/2525FAG, BIOS 74ET64WW (2.09 ) 12/14/2006 EIP: gigaset_init_bchannel+0x89/0x320 [bas_gigaset] Code: 75 07 83 8b 84 00 00 00 40 8d 47 74 c7 07 01 00 00 00 89 45 f0 8b 44 b7 68 85 c0 0f 84 6a 02 00 00 8b 48 28 8b 93 88 00 00 00 <8b> 09 8d 54 12 03 c1 e2 0f c1 e1 08 09 ca 8b 8b 8c 00 00 00 80 ca EAX: f05ec200 EBX: ed404200 ECX: 00000000 EDX: 00000000 ESI: 00000000 EDI: f065a000 EBP: f30c9f40 ESP: f30c9f20 DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068 EFLAGS: 00010086 CR0: 80050033 CR2: 00000000 CR3: 0ddc7000 CR4: 000006d0 Call Trace: <SOFTIRQ> ? gigaset_isdn_connD+0xf6/0x140 [gigaset] gigaset_handle_event+0x173e/0x1b90 [gigaset] tasklet_action_common.isra.16+0x4e/0xf0 tasklet_action+0x1e/0x20 __do_softirq+0xb2/0x293 ? __irqentry_text_end+0x3/0x3 call_on_stack+0x45/0x50 </SOFTIRQ> ? irq_exit+0xb5/0xc0 ? do_IRQ+0x78/0xd0 ? acpi_idle_enter_s2idle+0x50/0x50 ? common_interrupt+0xd4/0xdc ? acpi_idle_enter_s2idle+0x50/0x50 ? sched_cpu_activate+0x1b/0xf0 ? acpi_fan_resume.cold.7+0x9/0x18 ? cpuidle_enter_state+0x152/0x4c0 ? cpuidle_enter+0x14/0x20 ? call_cpuidle+0x21/0x40 ? do_idle+0x1c8/0x200 ? cpu_startup_entry+0x25/0x30 ? rest_init+0x88/0x8a ? arch_call_rest_init+0xd/0x19 ? start_kernel+0x42f/0x448 ? i386_start_kernel+0xac/0xb0 ? startup_32_smp+0x164/0x168 Modules linked in: ppp_generic slhc capi bas_gigaset gigaset kernelcapi nf_conntrack_netbios_ns nf_conntrack_broadcast xt_CT ip6t_rpfilter ip6t_REJECT nf_reject_ipv6 xt_conntrack ip_set nfnetlink ebtable_nat ebtable_broute bridge stp llc ip6table_nat ip6table_mangle ip6table_raw ip6table_security iptable_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 libcrc32c iptable_mangle iptable_raw iptable_security ebtable_filter ebtables ip6table_filter ip6_tables sunrpc ipw2200 iTCO_wdt gpio_ich snd_intel8x0 libipw iTCO_vendor_support snd_ac97_codec lib80211 ppdev ac97_bus snd_seq cfg80211 snd_seq_device pcspkr thinkpad_acpi lpc_ich snd_pcm i2c_i801 snd_timer ledtrig_audio snd soundcore rfkill parport_pc parport pcc_cpufreq acpi_cpufreq i915 i2c_algo_bit drm_kms_helper syscopyarea sysfillrect sdhci_pci sysimgblt cqhci fb_sys_fops drm sdhci mmc_core tg3 ata_generic serio_raw yenta_socket pata_acpi video CR2: 0000000000000000 ---[ end trace 1fe07487b9200c73 ]--- EIP: gigaset_init_bchannel+0x89/0x320 [bas_gigaset] Code: 75 07 83 8b 84 00 00 00 40 8d 47 74 c7 07 01 00 00 00 89 45 f0 8b 44 b7 68 85 c0 0f 84 6a 02 00 00 8b 48 28 8b 93 88 00 00 00 <8b> 09 8d 54 12 03 c1 e2 0f c1 e1 08 09 ca 8b 8b 8c 00 00 00 80 ca EAX: f05ec200 EBX: ed404200 ECX: 00000000 EDX: 00000000 ESI: 00000000 EDI: f065a000 EBP: f30c9f40 ESP: cddcb3bc DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068 EFLAGS: 00010086 CR0: 80050033 CR2: 00000000 CR3: 0ddc7000 CR4: 000006d0 Kernel panic - not syncing: Fatal exception in interrupt Kernel Offset: 0xcc00000 from 0xc0400000 (relocation range: 0xc0000000-0xf6ffdfff) ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]--- No-one noticed because this Oops is apparently only triggered by setting up an ISDN data connection on a live ISDN line on a gigaset base (ie, the PBX that the gigaset driver support). Very few people do that running present day kernels. Anyhow, a little code reorganization makes this problem go away, while avoiding the subtle ordering that was used in the past. So let's do that. Fixes: 78c696c19578 ("isdn: gigaset: use usb_fill_int_urb()") Signed-off-by: Paul Bolle <pebolle@tiscali.nl> Signed-off-by: David S. Miller <davem@davemloft.net>
2019-05-02 04:19:03 +07:00
struct usb_device *udev = bcs->cs->hw.bas->udev;
struct bas_bc_state *ubc = bcs->hw.bas;
struct urb *urb;
int j, k;
int rc;
/* initialize L2 reception */
if (bcs->proto2 == L2_HDLC)
bcs->inputstate |= INS_flag_hunt;
/* submit all isochronous input URBs */
ubc->running = 1;
for (k = 0; k < BAS_INURBS; k++) {
urb = ubc->isoinurbs[k];
if (!urb) {
rc = -EFAULT;
goto error;
}
isdn: bas_gigaset: use usb_fill_int_urb() properly The switch to make bas_gigaset use usb_fill_int_urb() - instead of filling that urb "by hand" - missed the subtle ordering of the previous code. See, before the switch urb->dev was set to a member somewhere deep in a complicated structure and then supplied to usb_rcvisocpipe() and usb_sndisocpipe(). After that switch urb->dev wasn't set to anything specific before being supplied to those two macros. This triggers a nasty oops: BUG: unable to handle kernel NULL pointer dereference at 00000000 #PF error: [normal kernel read fault] *pde = 00000000 Oops: 0000 [#1] SMP CPU: 0 PID: 0 Comm: swapper/0 Not tainted 5.1.0-0.rc4.1.local0.fc28.i686 #1 Hardware name: IBM 2525FAG/2525FAG, BIOS 74ET64WW (2.09 ) 12/14/2006 EIP: gigaset_init_bchannel+0x89/0x320 [bas_gigaset] Code: 75 07 83 8b 84 00 00 00 40 8d 47 74 c7 07 01 00 00 00 89 45 f0 8b 44 b7 68 85 c0 0f 84 6a 02 00 00 8b 48 28 8b 93 88 00 00 00 <8b> 09 8d 54 12 03 c1 e2 0f c1 e1 08 09 ca 8b 8b 8c 00 00 00 80 ca EAX: f05ec200 EBX: ed404200 ECX: 00000000 EDX: 00000000 ESI: 00000000 EDI: f065a000 EBP: f30c9f40 ESP: f30c9f20 DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068 EFLAGS: 00010086 CR0: 80050033 CR2: 00000000 CR3: 0ddc7000 CR4: 000006d0 Call Trace: <SOFTIRQ> ? gigaset_isdn_connD+0xf6/0x140 [gigaset] gigaset_handle_event+0x173e/0x1b90 [gigaset] tasklet_action_common.isra.16+0x4e/0xf0 tasklet_action+0x1e/0x20 __do_softirq+0xb2/0x293 ? __irqentry_text_end+0x3/0x3 call_on_stack+0x45/0x50 </SOFTIRQ> ? irq_exit+0xb5/0xc0 ? do_IRQ+0x78/0xd0 ? acpi_idle_enter_s2idle+0x50/0x50 ? common_interrupt+0xd4/0xdc ? acpi_idle_enter_s2idle+0x50/0x50 ? sched_cpu_activate+0x1b/0xf0 ? acpi_fan_resume.cold.7+0x9/0x18 ? cpuidle_enter_state+0x152/0x4c0 ? cpuidle_enter+0x14/0x20 ? call_cpuidle+0x21/0x40 ? do_idle+0x1c8/0x200 ? cpu_startup_entry+0x25/0x30 ? rest_init+0x88/0x8a ? arch_call_rest_init+0xd/0x19 ? start_kernel+0x42f/0x448 ? i386_start_kernel+0xac/0xb0 ? startup_32_smp+0x164/0x168 Modules linked in: ppp_generic slhc capi bas_gigaset gigaset kernelcapi nf_conntrack_netbios_ns nf_conntrack_broadcast xt_CT ip6t_rpfilter ip6t_REJECT nf_reject_ipv6 xt_conntrack ip_set nfnetlink ebtable_nat ebtable_broute bridge stp llc ip6table_nat ip6table_mangle ip6table_raw ip6table_security iptable_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 libcrc32c iptable_mangle iptable_raw iptable_security ebtable_filter ebtables ip6table_filter ip6_tables sunrpc ipw2200 iTCO_wdt gpio_ich snd_intel8x0 libipw iTCO_vendor_support snd_ac97_codec lib80211 ppdev ac97_bus snd_seq cfg80211 snd_seq_device pcspkr thinkpad_acpi lpc_ich snd_pcm i2c_i801 snd_timer ledtrig_audio snd soundcore rfkill parport_pc parport pcc_cpufreq acpi_cpufreq i915 i2c_algo_bit drm_kms_helper syscopyarea sysfillrect sdhci_pci sysimgblt cqhci fb_sys_fops drm sdhci mmc_core tg3 ata_generic serio_raw yenta_socket pata_acpi video CR2: 0000000000000000 ---[ end trace 1fe07487b9200c73 ]--- EIP: gigaset_init_bchannel+0x89/0x320 [bas_gigaset] Code: 75 07 83 8b 84 00 00 00 40 8d 47 74 c7 07 01 00 00 00 89 45 f0 8b 44 b7 68 85 c0 0f 84 6a 02 00 00 8b 48 28 8b 93 88 00 00 00 <8b> 09 8d 54 12 03 c1 e2 0f c1 e1 08 09 ca 8b 8b 8c 00 00 00 80 ca EAX: f05ec200 EBX: ed404200 ECX: 00000000 EDX: 00000000 ESI: 00000000 EDI: f065a000 EBP: f30c9f40 ESP: cddcb3bc DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068 EFLAGS: 00010086 CR0: 80050033 CR2: 00000000 CR3: 0ddc7000 CR4: 000006d0 Kernel panic - not syncing: Fatal exception in interrupt Kernel Offset: 0xcc00000 from 0xc0400000 (relocation range: 0xc0000000-0xf6ffdfff) ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]--- No-one noticed because this Oops is apparently only triggered by setting up an ISDN data connection on a live ISDN line on a gigaset base (ie, the PBX that the gigaset driver support). Very few people do that running present day kernels. Anyhow, a little code reorganization makes this problem go away, while avoiding the subtle ordering that was used in the past. So let's do that. Fixes: 78c696c19578 ("isdn: gigaset: use usb_fill_int_urb()") Signed-off-by: Paul Bolle <pebolle@tiscali.nl> Signed-off-by: David S. Miller <davem@davemloft.net>
2019-05-02 04:19:03 +07:00
usb_fill_int_urb(urb, udev,
usb_rcvisocpipe(udev, 3 + 2 * bcs->channel),
ubc->isoinbuf + k * BAS_INBUFSIZE,
BAS_INBUFSIZE, read_iso_callback, bcs,
BAS_FRAMETIME);
urb->transfer_flags = URB_ISO_ASAP;
urb->number_of_packets = BAS_NUMFRAMES;
for (j = 0; j < BAS_NUMFRAMES; j++) {
urb->iso_frame_desc[j].offset = j * BAS_MAXFRAME;
urb->iso_frame_desc[j].length = BAS_MAXFRAME;
urb->iso_frame_desc[j].status = 0;
urb->iso_frame_desc[j].actual_length = 0;
}
dump_urb(DEBUG_ISO, "Initial isoc read", urb);
rc = usb_submit_urb(urb, GFP_ATOMIC);
if (rc != 0)
goto error;
}
/* initialize L2 transmission */
gigaset_isowbuf_init(ubc->isooutbuf, PPP_FLAG);
/* set up isochronous output URBs for flag idling */
for (k = 0; k < BAS_OUTURBS; ++k) {
urb = ubc->isoouturbs[k].urb;
if (!urb) {
rc = -EFAULT;
goto error;
}
isdn: bas_gigaset: use usb_fill_int_urb() properly The switch to make bas_gigaset use usb_fill_int_urb() - instead of filling that urb "by hand" - missed the subtle ordering of the previous code. See, before the switch urb->dev was set to a member somewhere deep in a complicated structure and then supplied to usb_rcvisocpipe() and usb_sndisocpipe(). After that switch urb->dev wasn't set to anything specific before being supplied to those two macros. This triggers a nasty oops: BUG: unable to handle kernel NULL pointer dereference at 00000000 #PF error: [normal kernel read fault] *pde = 00000000 Oops: 0000 [#1] SMP CPU: 0 PID: 0 Comm: swapper/0 Not tainted 5.1.0-0.rc4.1.local0.fc28.i686 #1 Hardware name: IBM 2525FAG/2525FAG, BIOS 74ET64WW (2.09 ) 12/14/2006 EIP: gigaset_init_bchannel+0x89/0x320 [bas_gigaset] Code: 75 07 83 8b 84 00 00 00 40 8d 47 74 c7 07 01 00 00 00 89 45 f0 8b 44 b7 68 85 c0 0f 84 6a 02 00 00 8b 48 28 8b 93 88 00 00 00 <8b> 09 8d 54 12 03 c1 e2 0f c1 e1 08 09 ca 8b 8b 8c 00 00 00 80 ca EAX: f05ec200 EBX: ed404200 ECX: 00000000 EDX: 00000000 ESI: 00000000 EDI: f065a000 EBP: f30c9f40 ESP: f30c9f20 DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068 EFLAGS: 00010086 CR0: 80050033 CR2: 00000000 CR3: 0ddc7000 CR4: 000006d0 Call Trace: <SOFTIRQ> ? gigaset_isdn_connD+0xf6/0x140 [gigaset] gigaset_handle_event+0x173e/0x1b90 [gigaset] tasklet_action_common.isra.16+0x4e/0xf0 tasklet_action+0x1e/0x20 __do_softirq+0xb2/0x293 ? __irqentry_text_end+0x3/0x3 call_on_stack+0x45/0x50 </SOFTIRQ> ? irq_exit+0xb5/0xc0 ? do_IRQ+0x78/0xd0 ? acpi_idle_enter_s2idle+0x50/0x50 ? common_interrupt+0xd4/0xdc ? acpi_idle_enter_s2idle+0x50/0x50 ? sched_cpu_activate+0x1b/0xf0 ? acpi_fan_resume.cold.7+0x9/0x18 ? cpuidle_enter_state+0x152/0x4c0 ? cpuidle_enter+0x14/0x20 ? call_cpuidle+0x21/0x40 ? do_idle+0x1c8/0x200 ? cpu_startup_entry+0x25/0x30 ? rest_init+0x88/0x8a ? arch_call_rest_init+0xd/0x19 ? start_kernel+0x42f/0x448 ? i386_start_kernel+0xac/0xb0 ? startup_32_smp+0x164/0x168 Modules linked in: ppp_generic slhc capi bas_gigaset gigaset kernelcapi nf_conntrack_netbios_ns nf_conntrack_broadcast xt_CT ip6t_rpfilter ip6t_REJECT nf_reject_ipv6 xt_conntrack ip_set nfnetlink ebtable_nat ebtable_broute bridge stp llc ip6table_nat ip6table_mangle ip6table_raw ip6table_security iptable_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 libcrc32c iptable_mangle iptable_raw iptable_security ebtable_filter ebtables ip6table_filter ip6_tables sunrpc ipw2200 iTCO_wdt gpio_ich snd_intel8x0 libipw iTCO_vendor_support snd_ac97_codec lib80211 ppdev ac97_bus snd_seq cfg80211 snd_seq_device pcspkr thinkpad_acpi lpc_ich snd_pcm i2c_i801 snd_timer ledtrig_audio snd soundcore rfkill parport_pc parport pcc_cpufreq acpi_cpufreq i915 i2c_algo_bit drm_kms_helper syscopyarea sysfillrect sdhci_pci sysimgblt cqhci fb_sys_fops drm sdhci mmc_core tg3 ata_generic serio_raw yenta_socket pata_acpi video CR2: 0000000000000000 ---[ end trace 1fe07487b9200c73 ]--- EIP: gigaset_init_bchannel+0x89/0x320 [bas_gigaset] Code: 75 07 83 8b 84 00 00 00 40 8d 47 74 c7 07 01 00 00 00 89 45 f0 8b 44 b7 68 85 c0 0f 84 6a 02 00 00 8b 48 28 8b 93 88 00 00 00 <8b> 09 8d 54 12 03 c1 e2 0f c1 e1 08 09 ca 8b 8b 8c 00 00 00 80 ca EAX: f05ec200 EBX: ed404200 ECX: 00000000 EDX: 00000000 ESI: 00000000 EDI: f065a000 EBP: f30c9f40 ESP: cddcb3bc DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068 EFLAGS: 00010086 CR0: 80050033 CR2: 00000000 CR3: 0ddc7000 CR4: 000006d0 Kernel panic - not syncing: Fatal exception in interrupt Kernel Offset: 0xcc00000 from 0xc0400000 (relocation range: 0xc0000000-0xf6ffdfff) ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]--- No-one noticed because this Oops is apparently only triggered by setting up an ISDN data connection on a live ISDN line on a gigaset base (ie, the PBX that the gigaset driver support). Very few people do that running present day kernels. Anyhow, a little code reorganization makes this problem go away, while avoiding the subtle ordering that was used in the past. So let's do that. Fixes: 78c696c19578 ("isdn: gigaset: use usb_fill_int_urb()") Signed-off-by: Paul Bolle <pebolle@tiscali.nl> Signed-off-by: David S. Miller <davem@davemloft.net>
2019-05-02 04:19:03 +07:00
usb_fill_int_urb(urb, udev,
usb_sndisocpipe(udev, 4 + 2 * bcs->channel),
ubc->isooutbuf->data,
sizeof(ubc->isooutbuf->data),
write_iso_callback, &ubc->isoouturbs[k],
BAS_FRAMETIME);
urb->transfer_flags = URB_ISO_ASAP;
urb->number_of_packets = BAS_NUMFRAMES;
for (j = 0; j < BAS_NUMFRAMES; ++j) {
urb->iso_frame_desc[j].offset = BAS_OUTBUFSIZE;
urb->iso_frame_desc[j].length = BAS_NORMFRAME;
urb->iso_frame_desc[j].status = 0;
urb->iso_frame_desc[j].actual_length = 0;
}
ubc->isoouturbs[k].limit = -1;
}
/* keep one URB free, submit the others */
for (k = 0; k < BAS_OUTURBS - 1; ++k) {
dump_urb(DEBUG_ISO, "Initial isoc write", urb);
rc = usb_submit_urb(ubc->isoouturbs[k].urb, GFP_ATOMIC);
if (rc != 0)
goto error;
}
dump_urb(DEBUG_ISO, "Initial isoc write (free)", urb);
ubc->isooutfree = &ubc->isoouturbs[BAS_OUTURBS - 1];
ubc->isooutdone = ubc->isooutovfl = NULL;
return 0;
error:
stopurbs(ubc);
return rc;
}
/* stopurbs
* cancel the USB request blocks for isochronous input and output
* errors are silently ignored
* argument:
* B channel control structure
*/
static void stopurbs(struct bas_bc_state *ubc)
{
int k, rc;
ubc->running = 0;
for (k = 0; k < BAS_INURBS; ++k) {
rc = usb_unlink_urb(ubc->isoinurbs[k]);
gig_dbg(DEBUG_ISO,
"%s: isoc input URB %d unlinked, result = %s",
__func__, k, get_usb_rcmsg(rc));
}
for (k = 0; k < BAS_OUTURBS; ++k) {
rc = usb_unlink_urb(ubc->isoouturbs[k].urb);
gig_dbg(DEBUG_ISO,
"%s: isoc output URB %d unlinked, result = %s",
__func__, k, get_usb_rcmsg(rc));
}
}
/* Isochronous Write - Bottom Half */
/* =============================== */
/* submit_iso_write_urb
* fill and submit the next isochronous write URB
* parameters:
* ucx context structure containing URB
* return value:
* number of frames submitted in URB
* 0 if URB not submitted because no data available (isooutbuf busy)
* error code < 0 on error
*/
static int submit_iso_write_urb(struct isow_urbctx_t *ucx)
{
struct urb *urb = ucx->urb;
struct bas_bc_state *ubc = ucx->bcs->hw.bas;
struct usb_iso_packet_descriptor *ifd;
int corrbytes, nframe, rc;
/* urb->dev is clobbered by USB subsystem */
urb->dev = ucx->bcs->cs->hw.bas->udev;
urb->transfer_flags = URB_ISO_ASAP;
urb->transfer_buffer = ubc->isooutbuf->data;
urb->transfer_buffer_length = sizeof(ubc->isooutbuf->data);
for (nframe = 0; nframe < BAS_NUMFRAMES; nframe++) {
ifd = &urb->iso_frame_desc[nframe];
/* compute frame length according to flow control */
ifd->length = BAS_NORMFRAME;
corrbytes = atomic_read(&ubc->corrbytes);
if (corrbytes != 0) {
gig_dbg(DEBUG_ISO, "%s: corrbytes=%d",
__func__, corrbytes);
if (corrbytes > BAS_HIGHFRAME - BAS_NORMFRAME)
corrbytes = BAS_HIGHFRAME - BAS_NORMFRAME;
else if (corrbytes < BAS_LOWFRAME - BAS_NORMFRAME)
corrbytes = BAS_LOWFRAME - BAS_NORMFRAME;
ifd->length += corrbytes;
atomic_add(-corrbytes, &ubc->corrbytes);
}
/* retrieve block of data to send */
rc = gigaset_isowbuf_getbytes(ubc->isooutbuf, ifd->length);
if (rc < 0) {
if (rc == -EBUSY) {
gig_dbg(DEBUG_ISO,
"%s: buffer busy at frame %d",
__func__, nframe);
/* tasklet will be restarted from
gigaset_isoc_send_skb() */
} else {
dev_err(ucx->bcs->cs->dev,
"%s: buffer error %d at frame %d\n",
__func__, rc, nframe);
return rc;
}
break;
}
ifd->offset = rc;
ucx->limit = ubc->isooutbuf->nextread;
ifd->status = 0;
ifd->actual_length = 0;
}
if (unlikely(nframe == 0))
return 0; /* no data to send */
urb->number_of_packets = nframe;
rc = usb_submit_urb(urb, GFP_ATOMIC);
if (unlikely(rc)) {
if (rc == -ENODEV)
/* device removed - give up silently */
gig_dbg(DEBUG_ISO, "%s: disconnected", __func__);
else
dev_err(ucx->bcs->cs->dev,
"could not submit isoc write URB: %s\n",
get_usb_rcmsg(rc));
return rc;
}
++ubc->numsub;
return nframe;
}
/* write_iso_tasklet
* tasklet scheduled when an isochronous output URB from the Gigaset device
* has completed
* parameter:
* data B channel state structure
*/
static void write_iso_tasklet(unsigned long data)
{
struct bc_state *bcs = (struct bc_state *) data;
struct bas_bc_state *ubc = bcs->hw.bas;
struct cardstate *cs = bcs->cs;
struct isow_urbctx_t *done, *next, *ovfl;
struct urb *urb;
int status;
struct usb_iso_packet_descriptor *ifd;
unsigned long flags;
int i;
struct sk_buff *skb;
int len;
int rc;
/* loop while completed URBs arrive in time */
for (;;) {
if (unlikely(!(ubc->running))) {
gig_dbg(DEBUG_ISO, "%s: not running", __func__);
return;
}
/* retrieve completed URBs */
spin_lock_irqsave(&ubc->isooutlock, flags);
done = ubc->isooutdone;
ubc->isooutdone = NULL;
ovfl = ubc->isooutovfl;
ubc->isooutovfl = NULL;
spin_unlock_irqrestore(&ubc->isooutlock, flags);
if (ovfl) {
dev_err(cs->dev, "isoc write underrun\n");
error_hangup(bcs);
break;
}
if (!done)
break;
/* submit free URB if available */
spin_lock_irqsave(&ubc->isooutlock, flags);
next = ubc->isooutfree;
ubc->isooutfree = NULL;
spin_unlock_irqrestore(&ubc->isooutlock, flags);
if (next) {
rc = submit_iso_write_urb(next);
if (unlikely(rc <= 0 && rc != -ENODEV)) {
/* could not submit URB, put it back */
spin_lock_irqsave(&ubc->isooutlock, flags);
if (ubc->isooutfree == NULL) {
ubc->isooutfree = next;
next = NULL;
}
spin_unlock_irqrestore(&ubc->isooutlock, flags);
if (next) {
/* couldn't put it back */
dev_err(cs->dev,
"losing isoc write URB\n");
error_hangup(bcs);
}
}
}
/* process completed URB */
urb = done->urb;
status = done->status;
switch (status) {
case -EXDEV: /* partial completion */
gig_dbg(DEBUG_ISO, "%s: URB partially completed",
__func__);
/* fall through - what's the difference anyway? */
case 0: /* normal completion */
/* inspect individual frames
* assumptions (for lack of documentation):
* - actual_length bytes of first frame in error are
* successfully sent
* - all following frames are not sent at all
*/
for (i = 0; i < BAS_NUMFRAMES; i++) {
ifd = &urb->iso_frame_desc[i];
if (ifd->status ||
ifd->actual_length != ifd->length) {
dev_warn(cs->dev,
"isoc write: frame %d[%d/%d]: %s\n",
i, ifd->actual_length,
ifd->length,
get_usb_statmsg(ifd->status));
break;
}
}
break;
case -EPIPE: /* stall - probably underrun */
dev_err(cs->dev, "isoc write: stalled\n");
error_hangup(bcs);
break;
default: /* other errors */
dev_warn(cs->dev, "isoc write: %s\n",
get_usb_statmsg(status));
}
/* mark the write buffer area covered by this URB as free */
if (done->limit >= 0)
ubc->isooutbuf->read = done->limit;
/* mark URB as free */
spin_lock_irqsave(&ubc->isooutlock, flags);
next = ubc->isooutfree;
ubc->isooutfree = done;
spin_unlock_irqrestore(&ubc->isooutlock, flags);
if (next) {
/* only one URB still active - resubmit one */
rc = submit_iso_write_urb(next);
if (unlikely(rc <= 0 && rc != -ENODEV)) {
/* couldn't submit */
error_hangup(bcs);
}
}
}
/* process queued SKBs */
while ((skb = skb_dequeue(&bcs->squeue))) {
/* copy to output buffer, doing L2 encapsulation */
len = skb->len;
if (gigaset_isoc_buildframe(bcs, skb->data, len) == -EAGAIN) {
/* insufficient buffer space, push back onto queue */
skb_queue_head(&bcs->squeue, skb);
gig_dbg(DEBUG_ISO, "%s: skb requeued, qlen=%d",
__func__, skb_queue_len(&bcs->squeue));
break;
}
skb_pull(skb, len);
gigaset_skb_sent(bcs, skb);
dev_kfree_skb_any(skb);
}
}
/* Isochronous Read - Bottom Half */
/* ============================== */
/* read_iso_tasklet
* tasklet scheduled when an isochronous input URB from the Gigaset device
* has completed
* parameter:
* data B channel state structure
*/
static void read_iso_tasklet(unsigned long data)
{
struct bc_state *bcs = (struct bc_state *) data;
struct bas_bc_state *ubc = bcs->hw.bas;
struct cardstate *cs = bcs->cs;
struct urb *urb;
int status;
struct usb_iso_packet_descriptor *ifd;
char *rcvbuf;
unsigned long flags;
int totleft, numbytes, offset, frame, rc;
/* loop while more completed URBs arrive in the meantime */
for (;;) {
/* retrieve URB */
spin_lock_irqsave(&ubc->isoinlock, flags);
urb = ubc->isoindone;
if (!urb) {
spin_unlock_irqrestore(&ubc->isoinlock, flags);
return;
}
status = ubc->isoinstatus;
ubc->isoindone = NULL;
if (unlikely(ubc->loststatus != -EINPROGRESS)) {
dev_warn(cs->dev,
"isoc read overrun, URB dropped (status: %s, %d bytes)\n",
get_usb_statmsg(ubc->loststatus),
ubc->isoinlost);
ubc->loststatus = -EINPROGRESS;
}
spin_unlock_irqrestore(&ubc->isoinlock, flags);
if (unlikely(!(ubc->running))) {
gig_dbg(DEBUG_ISO,
"%s: channel not running, "
"dropped URB with status: %s",
__func__, get_usb_statmsg(status));
return;
}
switch (status) {
case 0: /* normal completion */
break;
case -EXDEV: /* inspect individual frames
(we do that anyway) */
gig_dbg(DEBUG_ISO, "%s: URB partially completed",
__func__);
break;
case -ENOENT:
case -ECONNRESET:
case -EINPROGRESS:
gig_dbg(DEBUG_ISO, "%s: %s",
__func__, get_usb_statmsg(status));
continue; /* -> skip */
case -EPIPE:
dev_err(cs->dev, "isoc read: stalled\n");
error_hangup(bcs);
continue; /* -> skip */
default: /* other error */
dev_warn(cs->dev, "isoc read: %s\n",
get_usb_statmsg(status));
goto error;
}
rcvbuf = urb->transfer_buffer;
totleft = urb->actual_length;
for (frame = 0; totleft > 0 && frame < BAS_NUMFRAMES; frame++) {
ifd = &urb->iso_frame_desc[frame];
numbytes = ifd->actual_length;
switch (ifd->status) {
case 0: /* success */
break;
case -EPROTO: /* protocol error or unplug */
case -EILSEQ:
case -ETIME:
/* probably just disconnected, ignore */
gig_dbg(DEBUG_ISO,
"isoc read: frame %d[%d]: %s\n",
frame, numbytes,
get_usb_statmsg(ifd->status));
break;
default: /* other error */
/* report, assume transferred bytes are ok */
dev_warn(cs->dev,
"isoc read: frame %d[%d]: %s\n",
frame, numbytes,
get_usb_statmsg(ifd->status));
}
if (unlikely(numbytes > BAS_MAXFRAME))
dev_warn(cs->dev,
"isoc read: frame %d[%d]: %s\n",
frame, numbytes,
"exceeds max frame size");
if (unlikely(numbytes > totleft)) {
dev_warn(cs->dev,
"isoc read: frame %d[%d]: %s\n",
frame, numbytes,
"exceeds total transfer length");
numbytes = totleft;
}
offset = ifd->offset;
if (unlikely(offset + numbytes > BAS_INBUFSIZE)) {
dev_warn(cs->dev,
"isoc read: frame %d[%d]: %s\n",
frame, numbytes,
"exceeds end of buffer");
numbytes = BAS_INBUFSIZE - offset;
}
gigaset_isoc_receive(rcvbuf + offset, numbytes, bcs);
totleft -= numbytes;
}
if (unlikely(totleft > 0))
dev_warn(cs->dev, "isoc read: %d data bytes missing\n",
totleft);
error:
/* URB processed, resubmit */
for (frame = 0; frame < BAS_NUMFRAMES; frame++) {
urb->iso_frame_desc[frame].status = 0;
urb->iso_frame_desc[frame].actual_length = 0;
}
/* urb->dev is clobbered by USB subsystem */
urb->dev = bcs->cs->hw.bas->udev;
urb->transfer_flags = URB_ISO_ASAP;
urb->number_of_packets = BAS_NUMFRAMES;
rc = usb_submit_urb(urb, GFP_ATOMIC);
if (unlikely(rc != 0 && rc != -ENODEV)) {
dev_err(cs->dev,
"could not resubmit isoc read URB: %s\n",
get_usb_rcmsg(rc));
dump_urb(DEBUG_ISO, "resubmit isoc read", urb);
error_hangup(bcs);
}
}
}
/* Channel Operations */
/* ================== */
/* req_timeout
* timeout routine for control output request
* argument:
* controller state structure
*/
static void req_timeout(struct timer_list *t)
{
struct bas_cardstate *ucs = from_timer(ucs, t, timer_ctrl);
struct cardstate *cs = ucs->cs;
int pending;
unsigned long flags;
check_pending(ucs);
spin_lock_irqsave(&ucs->lock, flags);
pending = ucs->pending;
ucs->pending = 0;
spin_unlock_irqrestore(&ucs->lock, flags);
switch (pending) {
case 0: /* no pending request */
gig_dbg(DEBUG_USBREQ, "%s: no request pending", __func__);
break;
case HD_OPEN_ATCHANNEL:
dev_err(cs->dev, "timeout opening AT channel\n");
error_reset(cs);
break;
case HD_OPEN_B1CHANNEL:
dev_err(cs->dev, "timeout opening channel 1\n");
error_hangup(&cs->bcs[0]);
break;
case HD_OPEN_B2CHANNEL:
dev_err(cs->dev, "timeout opening channel 2\n");
error_hangup(&cs->bcs[1]);
break;
case HD_CLOSE_ATCHANNEL:
dev_err(cs->dev, "timeout closing AT channel\n");
error_reset(cs);
break;
case HD_CLOSE_B1CHANNEL:
dev_err(cs->dev, "timeout closing channel 1\n");
error_reset(cs);
break;
case HD_CLOSE_B2CHANNEL:
dev_err(cs->dev, "timeout closing channel 2\n");
error_reset(cs);
break;
case HD_RESET_INTERRUPT_PIPE:
/* error recovery escalation */
dev_err(cs->dev,
"reset interrupt pipe timeout, attempting USB reset\n");
usb_queue_reset_device(ucs->interface);
break;
default:
dev_warn(cs->dev, "request 0x%02x timed out, clearing\n",
pending);
}
wake_up(&ucs->waitqueue);
}
/* write_ctrl_callback
* USB completion handler for control pipe output
* called by the USB subsystem in interrupt context
* parameter:
* urb USB request block of completed request
* urb->context = hardware specific controller state structure
*/
IRQ: Maintain regs pointer globally rather than passing to IRQ handlers Maintain a per-CPU global "struct pt_regs *" variable which can be used instead of passing regs around manually through all ~1800 interrupt handlers in the Linux kernel. The regs pointer is used in few places, but it potentially costs both stack space and code to pass it around. On the FRV arch, removing the regs parameter from all the genirq function results in a 20% speed up of the IRQ exit path (ie: from leaving timer_interrupt() to leaving do_IRQ()). Where appropriate, an arch may override the generic storage facility and do something different with the variable. On FRV, for instance, the address is maintained in GR28 at all times inside the kernel as part of general exception handling. Having looked over the code, it appears that the parameter may be handed down through up to twenty or so layers of functions. Consider a USB character device attached to a USB hub, attached to a USB controller that posts its interrupts through a cascaded auxiliary interrupt controller. A character device driver may want to pass regs to the sysrq handler through the input layer which adds another few layers of parameter passing. I've build this code with allyesconfig for x86_64 and i386. I've runtested the main part of the code on FRV and i386, though I can't test most of the drivers. I've also done partial conversion for powerpc and MIPS - these at least compile with minimal configurations. This will affect all archs. Mostly the changes should be relatively easy. Take do_IRQ(), store the regs pointer at the beginning, saving the old one: struct pt_regs *old_regs = set_irq_regs(regs); And put the old one back at the end: set_irq_regs(old_regs); Don't pass regs through to generic_handle_irq() or __do_IRQ(). In timer_interrupt(), this sort of change will be necessary: - update_process_times(user_mode(regs)); - profile_tick(CPU_PROFILING, regs); + update_process_times(user_mode(get_irq_regs())); + profile_tick(CPU_PROFILING); I'd like to move update_process_times()'s use of get_irq_regs() into itself, except that i386, alone of the archs, uses something other than user_mode(). Some notes on the interrupt handling in the drivers: (*) input_dev() is now gone entirely. The regs pointer is no longer stored in the input_dev struct. (*) finish_unlinks() in drivers/usb/host/ohci-q.c needs checking. It does something different depending on whether it's been supplied with a regs pointer or not. (*) Various IRQ handler function pointers have been moved to type irq_handler_t. Signed-Off-By: David Howells <dhowells@redhat.com> (cherry picked from 1b16e7ac850969f38b375e511e3fa2f474a33867 commit)
2006-10-05 20:55:46 +07:00
static void write_ctrl_callback(struct urb *urb)
{
struct bas_cardstate *ucs = urb->context;
int status = urb->status;
int rc;
unsigned long flags;
/* check status */
switch (status) {
case 0: /* normal completion */
spin_lock_irqsave(&ucs->lock, flags);
switch (ucs->pending) {
case HD_DEVICE_INIT_ACK: /* no reply expected */
del_timer(&ucs->timer_ctrl);
ucs->pending = 0;
break;
}
spin_unlock_irqrestore(&ucs->lock, flags);
return;
case -ENOENT: /* cancelled */
case -ECONNRESET: /* cancelled (async) */
case -EINPROGRESS: /* pending */
case -ENODEV: /* device removed */
case -ESHUTDOWN: /* device shut down */
/* ignore silently */
gig_dbg(DEBUG_USBREQ, "%s: %s",
__func__, get_usb_statmsg(status));
break;
default: /* any failure */
/* don't retry if suspend requested */
if (++ucs->retry_ctrl > BAS_RETRY ||
(ucs->basstate & BS_SUSPEND)) {
dev_err(&ucs->interface->dev,
"control request 0x%02x failed: %s\n",
ucs->dr_ctrl.bRequest,
get_usb_statmsg(status));
break; /* give up */
}
dev_notice(&ucs->interface->dev,
"control request 0x%02x: %s, retry %d\n",
ucs->dr_ctrl.bRequest, get_usb_statmsg(status),
ucs->retry_ctrl);
/* urb->dev is clobbered by USB subsystem */
urb->dev = ucs->udev;
rc = usb_submit_urb(urb, GFP_ATOMIC);
if (unlikely(rc)) {
dev_err(&ucs->interface->dev,
"could not resubmit request 0x%02x: %s\n",
ucs->dr_ctrl.bRequest, get_usb_rcmsg(rc));
break;
}
/* resubmitted */
return;
}
/* failed, clear pending request */
spin_lock_irqsave(&ucs->lock, flags);
del_timer(&ucs->timer_ctrl);
ucs->pending = 0;
spin_unlock_irqrestore(&ucs->lock, flags);
wake_up(&ucs->waitqueue);
}
/* req_submit
* submit a control output request without message buffer to the Gigaset base
* and optionally start a timeout
* parameters:
* bcs B channel control structure
* req control request code (HD_*)
* val control request parameter value (set to 0 if unused)
* timeout timeout in seconds (0: no timeout)
* return value:
* 0 on success
* -EBUSY if another request is pending
* any URB submission error code
*/
static int req_submit(struct bc_state *bcs, int req, int val, int timeout)
{
struct bas_cardstate *ucs = bcs->cs->hw.bas;
int ret;
unsigned long flags;
gig_dbg(DEBUG_USBREQ, "-------> 0x%02x (%d)", req, val);
spin_lock_irqsave(&ucs->lock, flags);
if (ucs->pending) {
spin_unlock_irqrestore(&ucs->lock, flags);
dev_err(bcs->cs->dev,
"submission of request 0x%02x failed: "
"request 0x%02x still pending\n",
req, ucs->pending);
return -EBUSY;
}
ucs->dr_ctrl.bRequestType = OUT_VENDOR_REQ;
ucs->dr_ctrl.bRequest = req;
ucs->dr_ctrl.wValue = cpu_to_le16(val);
ucs->dr_ctrl.wIndex = 0;
ucs->dr_ctrl.wLength = 0;
usb_fill_control_urb(ucs->urb_ctrl, ucs->udev,
usb_sndctrlpipe(ucs->udev, 0),
(unsigned char *) &ucs->dr_ctrl, NULL, 0,
write_ctrl_callback, ucs);
ucs->retry_ctrl = 0;
ret = usb_submit_urb(ucs->urb_ctrl, GFP_ATOMIC);
if (unlikely(ret)) {
dev_err(bcs->cs->dev, "could not submit request 0x%02x: %s\n",
req, get_usb_rcmsg(ret));
spin_unlock_irqrestore(&ucs->lock, flags);
return ret;
}
ucs->pending = req;
if (timeout > 0) {
gig_dbg(DEBUG_USBREQ, "setting timeout of %d/10 secs", timeout);
mod_timer(&ucs->timer_ctrl, jiffies + timeout * HZ / 10);
}
spin_unlock_irqrestore(&ucs->lock, flags);
return 0;
}
/* gigaset_init_bchannel
* called by common.c to connect a B channel
* initialize isochronous I/O and tell the Gigaset base to open the channel
* argument:
* B channel control structure
* return value:
* 0 on success, error code < 0 on error
*/
static int gigaset_init_bchannel(struct bc_state *bcs)
{
struct cardstate *cs = bcs->cs;
int req, ret;
unsigned long flags;
spin_lock_irqsave(&cs->lock, flags);
if (unlikely(!cs->connected)) {
gig_dbg(DEBUG_USBREQ, "%s: not connected", __func__);
spin_unlock_irqrestore(&cs->lock, flags);
return -ENODEV;
}
if (cs->hw.bas->basstate & BS_SUSPEND) {
dev_notice(cs->dev,
"not starting isoc I/O, suspend in progress\n");
spin_unlock_irqrestore(&cs->lock, flags);
return -EHOSTUNREACH;
}
ret = starturbs(bcs);
if (ret < 0) {
spin_unlock_irqrestore(&cs->lock, flags);
dev_err(cs->dev,
"could not start isoc I/O for channel B%d: %s\n",
bcs->channel + 1,
ret == -EFAULT ? "null URB" : get_usb_rcmsg(ret));
if (ret != -ENODEV)
error_hangup(bcs);
return ret;
}
req = bcs->channel ? HD_OPEN_B2CHANNEL : HD_OPEN_B1CHANNEL;
ret = req_submit(bcs, req, 0, BAS_TIMEOUT);
if (ret < 0) {
dev_err(cs->dev, "could not open channel B%d\n",
bcs->channel + 1);
stopurbs(bcs->hw.bas);
}
spin_unlock_irqrestore(&cs->lock, flags);
if (ret < 0 && ret != -ENODEV)
error_hangup(bcs);
return ret;
}
/* gigaset_close_bchannel
* called by common.c to disconnect a B channel
* tell the Gigaset base to close the channel
* stopping isochronous I/O and LL notification will be done when the
* acknowledgement for the close arrives
* argument:
* B channel control structure
* return value:
* 0 on success, error code < 0 on error
*/
static int gigaset_close_bchannel(struct bc_state *bcs)
{
struct cardstate *cs = bcs->cs;
int req, ret;
unsigned long flags;
spin_lock_irqsave(&cs->lock, flags);
if (unlikely(!cs->connected)) {
spin_unlock_irqrestore(&cs->lock, flags);
gig_dbg(DEBUG_USBREQ, "%s: not connected", __func__);
return -ENODEV;
}
if (!(cs->hw.bas->basstate & (bcs->channel ? BS_B2OPEN : BS_B1OPEN))) {
/* channel not running: just signal common.c */
spin_unlock_irqrestore(&cs->lock, flags);
gigaset_bchannel_down(bcs);
return 0;
}
/* channel running: tell device to close it */
req = bcs->channel ? HD_CLOSE_B2CHANNEL : HD_CLOSE_B1CHANNEL;
ret = req_submit(bcs, req, 0, BAS_TIMEOUT);
if (ret < 0)
dev_err(cs->dev, "closing channel B%d failed\n",
bcs->channel + 1);
spin_unlock_irqrestore(&cs->lock, flags);
return ret;
}
/* Device Operations */
/* ================= */
/* complete_cb
* unqueue first command buffer from queue, waking any sleepers
* must be called with cs->cmdlock held
* parameter:
* cs controller state structure
*/
static void complete_cb(struct cardstate *cs)
{
struct cmdbuf_t *cb = cs->cmdbuf;
/* unqueue completed buffer */
cs->cmdbytes -= cs->curlen;
gig_dbg(DEBUG_OUTPUT, "write_command: sent %u bytes, %u left",
cs->curlen, cs->cmdbytes);
if (cb->next != NULL) {
cs->cmdbuf = cb->next;
cs->cmdbuf->prev = NULL;
cs->curlen = cs->cmdbuf->len;
} else {
cs->cmdbuf = NULL;
cs->lastcmdbuf = NULL;
cs->curlen = 0;
}
if (cb->wake_tasklet)
tasklet_schedule(cb->wake_tasklet);
kfree(cb);
}
/* write_command_callback
* USB completion handler for AT command transmission
* called by the USB subsystem in interrupt context
* parameter:
* urb USB request block of completed request
* urb->context = controller state structure
*/
IRQ: Maintain regs pointer globally rather than passing to IRQ handlers Maintain a per-CPU global "struct pt_regs *" variable which can be used instead of passing regs around manually through all ~1800 interrupt handlers in the Linux kernel. The regs pointer is used in few places, but it potentially costs both stack space and code to pass it around. On the FRV arch, removing the regs parameter from all the genirq function results in a 20% speed up of the IRQ exit path (ie: from leaving timer_interrupt() to leaving do_IRQ()). Where appropriate, an arch may override the generic storage facility and do something different with the variable. On FRV, for instance, the address is maintained in GR28 at all times inside the kernel as part of general exception handling. Having looked over the code, it appears that the parameter may be handed down through up to twenty or so layers of functions. Consider a USB character device attached to a USB hub, attached to a USB controller that posts its interrupts through a cascaded auxiliary interrupt controller. A character device driver may want to pass regs to the sysrq handler through the input layer which adds another few layers of parameter passing. I've build this code with allyesconfig for x86_64 and i386. I've runtested the main part of the code on FRV and i386, though I can't test most of the drivers. I've also done partial conversion for powerpc and MIPS - these at least compile with minimal configurations. This will affect all archs. Mostly the changes should be relatively easy. Take do_IRQ(), store the regs pointer at the beginning, saving the old one: struct pt_regs *old_regs = set_irq_regs(regs); And put the old one back at the end: set_irq_regs(old_regs); Don't pass regs through to generic_handle_irq() or __do_IRQ(). In timer_interrupt(), this sort of change will be necessary: - update_process_times(user_mode(regs)); - profile_tick(CPU_PROFILING, regs); + update_process_times(user_mode(get_irq_regs())); + profile_tick(CPU_PROFILING); I'd like to move update_process_times()'s use of get_irq_regs() into itself, except that i386, alone of the archs, uses something other than user_mode(). Some notes on the interrupt handling in the drivers: (*) input_dev() is now gone entirely. The regs pointer is no longer stored in the input_dev struct. (*) finish_unlinks() in drivers/usb/host/ohci-q.c needs checking. It does something different depending on whether it's been supplied with a regs pointer or not. (*) Various IRQ handler function pointers have been moved to type irq_handler_t. Signed-Off-By: David Howells <dhowells@redhat.com> (cherry picked from 1b16e7ac850969f38b375e511e3fa2f474a33867 commit)
2006-10-05 20:55:46 +07:00
static void write_command_callback(struct urb *urb)
{
struct cardstate *cs = urb->context;
struct bas_cardstate *ucs = cs->hw.bas;
int status = urb->status;
unsigned long flags;
update_basstate(ucs, 0, BS_ATWRPEND);
wake_up(&ucs->waitqueue);
/* check status */
switch (status) {
case 0: /* normal completion */
break;
case -ENOENT: /* cancelled */
case -ECONNRESET: /* cancelled (async) */
case -EINPROGRESS: /* pending */
case -ENODEV: /* device removed */
case -ESHUTDOWN: /* device shut down */
/* ignore silently */
gig_dbg(DEBUG_USBREQ, "%s: %s",
__func__, get_usb_statmsg(status));
return;
default: /* any failure */
if (++ucs->retry_cmd_out > BAS_RETRY) {
dev_warn(cs->dev,
"command write: %s, "
"giving up after %d retries\n",
get_usb_statmsg(status),
ucs->retry_cmd_out);
break;
}
if (ucs->basstate & BS_SUSPEND) {
dev_warn(cs->dev,
"command write: %s, "
"won't retry - suspend requested\n",
get_usb_statmsg(status));
break;
}
if (cs->cmdbuf == NULL) {
dev_warn(cs->dev,
"command write: %s, "
"cannot retry - cmdbuf gone\n",
get_usb_statmsg(status));
break;
}
dev_notice(cs->dev, "command write: %s, retry %d\n",
get_usb_statmsg(status), ucs->retry_cmd_out);
if (atwrite_submit(cs, cs->cmdbuf->buf, cs->cmdbuf->len) >= 0)
/* resubmitted - bypass regular exit block */
return;
/* command send failed, assume base still waiting */
update_basstate(ucs, BS_ATREADY, 0);
}
spin_lock_irqsave(&cs->cmdlock, flags);
if (cs->cmdbuf != NULL)
complete_cb(cs);
spin_unlock_irqrestore(&cs->cmdlock, flags);
}
/* atrdy_timeout
* timeout routine for AT command transmission
* argument:
* controller state structure
*/
static void atrdy_timeout(struct timer_list *t)
{
struct bas_cardstate *ucs = from_timer(ucs, t, timer_atrdy);
struct cardstate *cs = ucs->cs;
dev_warn(cs->dev, "timeout waiting for HD_READY_SEND_ATDATA\n");
/* fake the missing signal - what else can I do? */
update_basstate(ucs, BS_ATREADY, BS_ATTIMER);
start_cbsend(cs);
}
/* atwrite_submit
* submit an HD_WRITE_ATMESSAGE command URB
* parameters:
* cs controller state structure
* buf buffer containing command to send
* len length of command to send
* return value:
* 0 on success
* -EBUSY if another request is pending
* any URB submission error code
*/
static int atwrite_submit(struct cardstate *cs, unsigned char *buf, int len)
{
struct bas_cardstate *ucs = cs->hw.bas;
int rc;
gig_dbg(DEBUG_USBREQ, "-------> HD_WRITE_ATMESSAGE (%d)", len);
if (update_basstate(ucs, BS_ATWRPEND, 0) & BS_ATWRPEND) {
dev_err(cs->dev,
"could not submit HD_WRITE_ATMESSAGE: URB busy\n");
return -EBUSY;
}
ucs->dr_cmd_out.bRequestType = OUT_VENDOR_REQ;
ucs->dr_cmd_out.bRequest = HD_WRITE_ATMESSAGE;
ucs->dr_cmd_out.wValue = 0;
ucs->dr_cmd_out.wIndex = 0;
ucs->dr_cmd_out.wLength = cpu_to_le16(len);
usb_fill_control_urb(ucs->urb_cmd_out, ucs->udev,
usb_sndctrlpipe(ucs->udev, 0),
(unsigned char *) &ucs->dr_cmd_out, buf, len,
write_command_callback, cs);
rc = usb_submit_urb(ucs->urb_cmd_out, GFP_ATOMIC);
if (unlikely(rc)) {
update_basstate(ucs, 0, BS_ATWRPEND);
dev_err(cs->dev, "could not submit HD_WRITE_ATMESSAGE: %s\n",
get_usb_rcmsg(rc));
return rc;
}
/* submitted successfully, start timeout if necessary */
if (!(update_basstate(ucs, BS_ATTIMER, BS_ATREADY) & BS_ATTIMER)) {
gig_dbg(DEBUG_OUTPUT, "setting ATREADY timeout of %d/10 secs",
ATRDY_TIMEOUT);
mod_timer(&ucs->timer_atrdy, jiffies + ATRDY_TIMEOUT * HZ / 10);
}
return 0;
}
/* start_cbsend
* start transmission of AT command queue if necessary
* parameter:
* cs controller state structure
* return value:
* 0 on success
* error code < 0 on error
*/
static int start_cbsend(struct cardstate *cs)
{
struct cmdbuf_t *cb;
struct bas_cardstate *ucs = cs->hw.bas;
unsigned long flags;
int rc;
int retval = 0;
/* check if suspend requested */
if (ucs->basstate & BS_SUSPEND) {
gig_dbg(DEBUG_OUTPUT, "suspending");
return -EHOSTUNREACH;
}
/* check if AT channel is open */
if (!(ucs->basstate & BS_ATOPEN)) {
gig_dbg(DEBUG_OUTPUT, "AT channel not open");
rc = req_submit(cs->bcs, HD_OPEN_ATCHANNEL, 0, BAS_TIMEOUT);
if (rc < 0) {
/* flush command queue */
spin_lock_irqsave(&cs->cmdlock, flags);
while (cs->cmdbuf != NULL)
complete_cb(cs);
spin_unlock_irqrestore(&cs->cmdlock, flags);
}
return rc;
}
/* try to send first command in queue */
spin_lock_irqsave(&cs->cmdlock, flags);
while ((cb = cs->cmdbuf) != NULL && (ucs->basstate & BS_ATREADY)) {
ucs->retry_cmd_out = 0;
rc = atwrite_submit(cs, cb->buf, cb->len);
if (unlikely(rc)) {
retval = rc;
complete_cb(cs);
}
}
spin_unlock_irqrestore(&cs->cmdlock, flags);
return retval;
}
/* gigaset_write_cmd
* This function is called by the device independent part of the driver
* to transmit an AT command string to the Gigaset device.
* It encapsulates the device specific method for transmission over the
* direct USB connection to the base.
* The command string is added to the queue of commands to send, and
* USB transmission is started if necessary.
* parameters:
* cs controller state structure
* cb command buffer structure
* return value:
* number of bytes queued on success
* error code < 0 on error
*/
static int gigaset_write_cmd(struct cardstate *cs, struct cmdbuf_t *cb)
{
unsigned long flags;
int rc;
gigaset_dbg_buffer(cs->mstate != MS_LOCKED ?
DEBUG_TRANSCMD : DEBUG_LOCKCMD,
"CMD Transmit", cb->len, cb->buf);
/* translate "+++" escape sequence sent as a single separate command
* into "close AT channel" command for error recovery
* The next command will reopen the AT channel automatically.
*/
if (cb->len == 3 && !memcmp(cb->buf, "+++", 3)) {
/* If an HD_RECEIVEATDATA_ACK message remains unhandled
* because of an error, the base never sends another one.
* The response channel is thus effectively blocked.
* Closing and reopening the AT channel does *not* clear
* this condition.
* As a stopgap measure, submit a zero-length AT read
* before closing the AT channel. This has the undocumented
* effect of triggering a new HD_RECEIVEATDATA_ACK message
* from the base if necessary.
* The subsequent AT channel close then discards any pending
* messages.
*/
spin_lock_irqsave(&cs->lock, flags);
if (!(cs->hw.bas->basstate & BS_ATRDPEND)) {
kfree(cs->hw.bas->rcvbuf);
cs->hw.bas->rcvbuf = NULL;
cs->hw.bas->rcvbuf_size = 0;
cs->hw.bas->retry_cmd_in = 0;
atread_submit(cs, 0);
}
spin_unlock_irqrestore(&cs->lock, flags);
rc = req_submit(cs->bcs, HD_CLOSE_ATCHANNEL, 0, BAS_TIMEOUT);
if (cb->wake_tasklet)
tasklet_schedule(cb->wake_tasklet);
if (!rc)
rc = cb->len;
kfree(cb);
return rc;
}
spin_lock_irqsave(&cs->cmdlock, flags);
cb->prev = cs->lastcmdbuf;
if (cs->lastcmdbuf)
cs->lastcmdbuf->next = cb;
else {
cs->cmdbuf = cb;
cs->curlen = cb->len;
}
cs->cmdbytes += cb->len;
cs->lastcmdbuf = cb;
spin_unlock_irqrestore(&cs->cmdlock, flags);
spin_lock_irqsave(&cs->lock, flags);
if (unlikely(!cs->connected)) {
spin_unlock_irqrestore(&cs->lock, flags);
gig_dbg(DEBUG_USBREQ, "%s: not connected", __func__);
/* flush command queue */
spin_lock_irqsave(&cs->cmdlock, flags);
while (cs->cmdbuf != NULL)
complete_cb(cs);
spin_unlock_irqrestore(&cs->cmdlock, flags);
return -ENODEV;
}
rc = start_cbsend(cs);
spin_unlock_irqrestore(&cs->lock, flags);
return rc < 0 ? rc : cb->len;
}
/* gigaset_write_room
* tty_driver.write_room interface routine
* return number of characters the driver will accept to be written via
* gigaset_write_cmd
* parameter:
* controller state structure
* return value:
* number of characters
*/
static int gigaset_write_room(struct cardstate *cs)
{
return IF_WRITEBUF;
}
/* gigaset_chars_in_buffer
* tty_driver.chars_in_buffer interface routine
* return number of characters waiting to be sent
* parameter:
* controller state structure
* return value:
* number of characters
*/
static int gigaset_chars_in_buffer(struct cardstate *cs)
{
return cs->cmdbytes;
}
/* gigaset_brkchars
* implementation of ioctl(GIGASET_BRKCHARS)
* parameter:
* controller state structure
* return value:
* -EINVAL (unimplemented function)
*/
static int gigaset_brkchars(struct cardstate *cs, const unsigned char buf[6])
{
return -EINVAL;
}
/* Device Initialization/Shutdown */
/* ============================== */
/* Free hardware dependent part of the B channel structure
* parameter:
* bcs B channel structure
*/
static void gigaset_freebcshw(struct bc_state *bcs)
{
struct bas_bc_state *ubc = bcs->hw.bas;
int i;
if (!ubc)
return;
/* kill URBs and tasklets before freeing - better safe than sorry */
ubc->running = 0;
gig_dbg(DEBUG_INIT, "%s: killing isoc URBs", __func__);
for (i = 0; i < BAS_OUTURBS; ++i) {
usb_kill_urb(ubc->isoouturbs[i].urb);
usb_free_urb(ubc->isoouturbs[i].urb);
}
for (i = 0; i < BAS_INURBS; ++i) {
usb_kill_urb(ubc->isoinurbs[i]);
usb_free_urb(ubc->isoinurbs[i]);
}
tasklet_kill(&ubc->sent_tasklet);
tasklet_kill(&ubc->rcvd_tasklet);
kfree(ubc->isooutbuf);
kfree(ubc);
bcs->hw.bas = NULL;
}
/* Initialize hardware dependent part of the B channel structure
* parameter:
* bcs B channel structure
* return value:
* 0 on success, error code < 0 on failure
*/
static int gigaset_initbcshw(struct bc_state *bcs)
{
int i;
struct bas_bc_state *ubc;
bcs->hw.bas = ubc = kmalloc(sizeof(struct bas_bc_state), GFP_KERNEL);
if (!ubc) {
pr_err("out of memory\n");
return -ENOMEM;
}
ubc->running = 0;
atomic_set(&ubc->corrbytes, 0);
spin_lock_init(&ubc->isooutlock);
for (i = 0; i < BAS_OUTURBS; ++i) {
ubc->isoouturbs[i].urb = NULL;
ubc->isoouturbs[i].bcs = bcs;
}
ubc->isooutdone = ubc->isooutfree = ubc->isooutovfl = NULL;
ubc->numsub = 0;
ubc->isooutbuf = kmalloc(sizeof(struct isowbuf_t), GFP_KERNEL);
if (!ubc->isooutbuf) {
pr_err("out of memory\n");
kfree(ubc);
bcs->hw.bas = NULL;
return -ENOMEM;
}
tasklet_init(&ubc->sent_tasklet,
write_iso_tasklet, (unsigned long) bcs);
spin_lock_init(&ubc->isoinlock);
for (i = 0; i < BAS_INURBS; ++i)
ubc->isoinurbs[i] = NULL;
ubc->isoindone = NULL;
ubc->loststatus = -EINPROGRESS;
ubc->isoinlost = 0;
ubc->seqlen = 0;
ubc->inbyte = 0;
ubc->inbits = 0;
ubc->goodbytes = 0;
ubc->alignerrs = 0;
ubc->fcserrs = 0;
ubc->frameerrs = 0;
ubc->giants = 0;
ubc->runts = 0;
ubc->aborts = 0;
ubc->shared0s = 0;
ubc->stolen0s = 0;
tasklet_init(&ubc->rcvd_tasklet,
read_iso_tasklet, (unsigned long) bcs);
return 0;
}
static void gigaset_reinitbcshw(struct bc_state *bcs)
{
struct bas_bc_state *ubc = bcs->hw.bas;
bcs->hw.bas->running = 0;
atomic_set(&bcs->hw.bas->corrbytes, 0);
bcs->hw.bas->numsub = 0;
spin_lock_init(&ubc->isooutlock);
spin_lock_init(&ubc->isoinlock);
ubc->loststatus = -EINPROGRESS;
}
static void gigaset_freecshw(struct cardstate *cs)
{
/* timers, URBs and rcvbuf are disposed of in disconnect */
kfree(cs->hw.bas->int_in_buf);
kfree(cs->hw.bas);
cs->hw.bas = NULL;
}
/* Initialize hardware dependent part of the cardstate structure
* parameter:
* cs cardstate structure
* return value:
* 0 on success, error code < 0 on failure
*/
static int gigaset_initcshw(struct cardstate *cs)
{
struct bas_cardstate *ucs;
cs->hw.bas = ucs = kzalloc(sizeof(*ucs), GFP_KERNEL);
if (!ucs) {
pr_err("out of memory\n");
return -ENOMEM;
}
ucs->int_in_buf = kmalloc(IP_MSGSIZE, GFP_KERNEL);
if (!ucs->int_in_buf) {
kfree(ucs);
pr_err("out of memory\n");
return -ENOMEM;
}
spin_lock_init(&ucs->lock);
ucs->cs = cs;
timer_setup(&ucs->timer_ctrl, req_timeout, 0);
timer_setup(&ucs->timer_atrdy, atrdy_timeout, 0);
timer_setup(&ucs->timer_cmd_in, cmd_in_timeout, 0);
timer_setup(&ucs->timer_int_in, int_in_resubmit, 0);
init_waitqueue_head(&ucs->waitqueue);
INIT_WORK(&ucs->int_in_wq, int_in_work);
return 0;
}
/* freeurbs
* unlink and deallocate all URBs unconditionally
* caller must make sure that no commands are still in progress
* parameter:
* cs controller state structure
*/
static void freeurbs(struct cardstate *cs)
{
struct bas_cardstate *ucs = cs->hw.bas;
struct bas_bc_state *ubc;
int i, j;
gig_dbg(DEBUG_INIT, "%s: killing URBs", __func__);
for (j = 0; j < BAS_CHANNELS; ++j) {
ubc = cs->bcs[j].hw.bas;
for (i = 0; i < BAS_OUTURBS; ++i) {
usb_kill_urb(ubc->isoouturbs[i].urb);
usb_free_urb(ubc->isoouturbs[i].urb);
ubc->isoouturbs[i].urb = NULL;
}
for (i = 0; i < BAS_INURBS; ++i) {
usb_kill_urb(ubc->isoinurbs[i]);
usb_free_urb(ubc->isoinurbs[i]);
ubc->isoinurbs[i] = NULL;
}
}
usb_kill_urb(ucs->urb_int_in);
usb_free_urb(ucs->urb_int_in);
ucs->urb_int_in = NULL;
usb_kill_urb(ucs->urb_cmd_out);
usb_free_urb(ucs->urb_cmd_out);
ucs->urb_cmd_out = NULL;
usb_kill_urb(ucs->urb_cmd_in);
usb_free_urb(ucs->urb_cmd_in);
ucs->urb_cmd_in = NULL;
usb_kill_urb(ucs->urb_ctrl);
usb_free_urb(ucs->urb_ctrl);
ucs->urb_ctrl = NULL;
}
/* gigaset_probe
* This function is called when a new USB device is connected.
* It checks whether the new device is handled by this driver.
*/
static int gigaset_probe(struct usb_interface *interface,
const struct usb_device_id *id)
{
struct usb_host_interface *hostif;
struct usb_device *udev = interface_to_usbdev(interface);
struct cardstate *cs = NULL;
struct bas_cardstate *ucs = NULL;
struct bas_bc_state *ubc;
struct usb_endpoint_descriptor *endpoint;
int i, j;
int rc;
gig_dbg(DEBUG_INIT,
"%s: Check if device matches .. (Vendor: 0x%x, Product: 0x%x)",
__func__, le16_to_cpu(udev->descriptor.idVendor),
le16_to_cpu(udev->descriptor.idProduct));
/* set required alternate setting */
hostif = interface->cur_altsetting;
if (hostif->desc.bAlternateSetting != 3) {
gig_dbg(DEBUG_INIT,
"%s: wrong alternate setting %d - trying to switch",
__func__, hostif->desc.bAlternateSetting);
if (usb_set_interface(udev, hostif->desc.bInterfaceNumber, 3)
< 0) {
dev_warn(&udev->dev, "usb_set_interface failed, "
"device %d interface %d altsetting %d\n",
udev->devnum, hostif->desc.bInterfaceNumber,
hostif->desc.bAlternateSetting);
return -ENODEV;
}
hostif = interface->cur_altsetting;
}
/* Reject application specific interfaces
*/
if (hostif->desc.bInterfaceClass != 255) {
dev_warn(&udev->dev, "%s: bInterfaceClass == %d\n",
__func__, hostif->desc.bInterfaceClass);
return -ENODEV;
}
if (hostif->desc.bNumEndpoints < 1)
return -ENODEV;
dev_info(&udev->dev,
"%s: Device matched (Vendor: 0x%x, Product: 0x%x)\n",
__func__, le16_to_cpu(udev->descriptor.idVendor),
le16_to_cpu(udev->descriptor.idProduct));
/* allocate memory for our device state and initialize it */
cs = gigaset_initcs(driver, BAS_CHANNELS, 0, 0, cidmode,
GIGASET_MODULENAME);
if (!cs)
return -ENODEV;
ucs = cs->hw.bas;
/* save off device structure ptrs for later use */
usb_get_dev(udev);
ucs->udev = udev;
ucs->interface = interface;
cs->dev = &interface->dev;
/* allocate URBs:
* - one for the interrupt pipe
* - three for the different uses of the default control pipe
* - three for each isochronous pipe
*/
if (!(ucs->urb_int_in = usb_alloc_urb(0, GFP_KERNEL)) ||
!(ucs->urb_cmd_in = usb_alloc_urb(0, GFP_KERNEL)) ||
!(ucs->urb_cmd_out = usb_alloc_urb(0, GFP_KERNEL)) ||
!(ucs->urb_ctrl = usb_alloc_urb(0, GFP_KERNEL)))
goto allocerr;
for (j = 0; j < BAS_CHANNELS; ++j) {
ubc = cs->bcs[j].hw.bas;
for (i = 0; i < BAS_OUTURBS; ++i)
if (!(ubc->isoouturbs[i].urb =
usb_alloc_urb(BAS_NUMFRAMES, GFP_KERNEL)))
goto allocerr;
for (i = 0; i < BAS_INURBS; ++i)
if (!(ubc->isoinurbs[i] =
usb_alloc_urb(BAS_NUMFRAMES, GFP_KERNEL)))
goto allocerr;
}
ucs->rcvbuf = NULL;
ucs->rcvbuf_size = 0;
/* Fill the interrupt urb and send it to the core */
endpoint = &hostif->endpoint[0].desc;
usb_fill_int_urb(ucs->urb_int_in, udev,
usb_rcvintpipe(udev,
usb_endpoint_num(endpoint)),
ucs->int_in_buf, IP_MSGSIZE, read_int_callback, cs,
endpoint->bInterval);
rc = usb_submit_urb(ucs->urb_int_in, GFP_KERNEL);
if (rc != 0) {
dev_err(cs->dev, "could not submit interrupt URB: %s\n",
get_usb_rcmsg(rc));
goto error;
}
ucs->retry_int_in = 0;
/* tell the device that the driver is ready */
rc = req_submit(cs->bcs, HD_DEVICE_INIT_ACK, 0, 0);
if (rc != 0)
goto error;
/* tell common part that the device is ready */
if (startmode == SM_LOCKED)
cs->mstate = MS_LOCKED;
/* save address of controller structure */
usb_set_intfdata(interface, cs);
rc = gigaset_start(cs);
if (rc < 0)
goto error;
return 0;
allocerr:
dev_err(cs->dev, "could not allocate URBs\n");
rc = -ENOMEM;
error:
freeurbs(cs);
usb_set_intfdata(interface, NULL);
usb_put_dev(udev);
gigaset_freecs(cs);
return rc;
}
/* gigaset_disconnect
* This function is called when the Gigaset base is unplugged.
*/
static void gigaset_disconnect(struct usb_interface *interface)
{
struct cardstate *cs;
struct bas_cardstate *ucs;
int j;
cs = usb_get_intfdata(interface);
ucs = cs->hw.bas;
dev_info(cs->dev, "disconnecting Gigaset base\n");
/* mark base as not ready, all channels disconnected */
ucs->basstate = 0;
/* tell LL all channels are down */
for (j = 0; j < BAS_CHANNELS; ++j)
gigaset_bchannel_down(cs->bcs + j);
/* stop driver (common part) */
gigaset_stop(cs);
/* stop delayed work and URBs, free ressources */
del_timer_sync(&ucs->timer_ctrl);
del_timer_sync(&ucs->timer_atrdy);
del_timer_sync(&ucs->timer_cmd_in);
del_timer_sync(&ucs->timer_int_in);
cancel_work_sync(&ucs->int_in_wq);
freeurbs(cs);
usb_set_intfdata(interface, NULL);
kfree(ucs->rcvbuf);
ucs->rcvbuf = NULL;
ucs->rcvbuf_size = 0;
usb_put_dev(ucs->udev);
ucs->interface = NULL;
ucs->udev = NULL;
cs->dev = NULL;
gigaset_freecs(cs);
}
/* gigaset_suspend
* This function is called before the USB connection is suspended
* or before the USB device is reset.
* In the latter case, message == PMSG_ON.
*/
static int gigaset_suspend(struct usb_interface *intf, pm_message_t message)
{
struct cardstate *cs = usb_get_intfdata(intf);
struct bas_cardstate *ucs = cs->hw.bas;
int rc;
/* set suspend flag; this stops AT command/response traffic */
if (update_basstate(ucs, BS_SUSPEND, 0) & BS_SUSPEND) {
gig_dbg(DEBUG_SUSPEND, "already suspended");
return 0;
}
/* wait a bit for blocking conditions to go away */
rc = wait_event_timeout(ucs->waitqueue,
!(ucs->basstate &
(BS_B1OPEN | BS_B2OPEN | BS_ATRDPEND | BS_ATWRPEND)),
BAS_TIMEOUT * HZ / 10);
gig_dbg(DEBUG_SUSPEND, "wait_event_timeout() -> %d", rc);
/* check for conditions preventing suspend */
if (ucs->basstate & (BS_B1OPEN | BS_B2OPEN | BS_ATRDPEND | BS_ATWRPEND)) {
dev_warn(cs->dev, "cannot suspend:\n");
if (ucs->basstate & BS_B1OPEN)
dev_warn(cs->dev, " B channel 1 open\n");
if (ucs->basstate & BS_B2OPEN)
dev_warn(cs->dev, " B channel 2 open\n");
if (ucs->basstate & BS_ATRDPEND)
dev_warn(cs->dev, " receiving AT reply\n");
if (ucs->basstate & BS_ATWRPEND)
dev_warn(cs->dev, " sending AT command\n");
update_basstate(ucs, 0, BS_SUSPEND);
return -EBUSY;
}
/* close AT channel if open */
if (ucs->basstate & BS_ATOPEN) {
gig_dbg(DEBUG_SUSPEND, "closing AT channel");
rc = req_submit(cs->bcs, HD_CLOSE_ATCHANNEL, 0, 0);
if (rc) {
update_basstate(ucs, 0, BS_SUSPEND);
return rc;
}
wait_event_timeout(ucs->waitqueue, !ucs->pending,
BAS_TIMEOUT * HZ / 10);
/* in case of timeout, proceed anyway */
}
/* kill all URBs and delayed work that might still be pending */
usb_kill_urb(ucs->urb_ctrl);
usb_kill_urb(ucs->urb_int_in);
del_timer_sync(&ucs->timer_ctrl);
del_timer_sync(&ucs->timer_atrdy);
del_timer_sync(&ucs->timer_cmd_in);
del_timer_sync(&ucs->timer_int_in);
/* don't try to cancel int_in_wq from within reset as it
* might be the one requesting the reset
*/
if (message.event != PM_EVENT_ON)
cancel_work_sync(&ucs->int_in_wq);
gig_dbg(DEBUG_SUSPEND, "suspend complete");
return 0;
}
/* gigaset_resume
* This function is called after the USB connection has been resumed.
*/
static int gigaset_resume(struct usb_interface *intf)
{
struct cardstate *cs = usb_get_intfdata(intf);
struct bas_cardstate *ucs = cs->hw.bas;
int rc;
/* resubmit interrupt URB for spontaneous messages from base */
rc = usb_submit_urb(ucs->urb_int_in, GFP_KERNEL);
if (rc) {
dev_err(cs->dev, "could not resubmit interrupt URB: %s\n",
get_usb_rcmsg(rc));
return rc;
}
ucs->retry_int_in = 0;
/* clear suspend flag to reallow activity */
update_basstate(ucs, 0, BS_SUSPEND);
gig_dbg(DEBUG_SUSPEND, "resume complete");
return 0;
}
/* gigaset_pre_reset
* This function is called before the USB connection is reset.
*/
static int gigaset_pre_reset(struct usb_interface *intf)
{
/* handle just like suspend */
return gigaset_suspend(intf, PMSG_ON);
}
/* gigaset_post_reset
* This function is called after the USB connection has been reset.
*/
static int gigaset_post_reset(struct usb_interface *intf)
{
/* FIXME: send HD_DEVICE_INIT_ACK? */
/* resume operations */
return gigaset_resume(intf);
}
static const struct gigaset_ops gigops = {
.write_cmd = gigaset_write_cmd,
.write_room = gigaset_write_room,
.chars_in_buffer = gigaset_chars_in_buffer,
.brkchars = gigaset_brkchars,
.init_bchannel = gigaset_init_bchannel,
.close_bchannel = gigaset_close_bchannel,
.initbcshw = gigaset_initbcshw,
.freebcshw = gigaset_freebcshw,
.reinitbcshw = gigaset_reinitbcshw,
.initcshw = gigaset_initcshw,
.freecshw = gigaset_freecshw,
.set_modem_ctrl = gigaset_set_modem_ctrl,
.baud_rate = gigaset_baud_rate,
.set_line_ctrl = gigaset_set_line_ctrl,
.send_skb = gigaset_isoc_send_skb,
.handle_input = gigaset_isoc_input,
};
/* bas_gigaset_init
* This function is called after the kernel module is loaded.
*/
static int __init bas_gigaset_init(void)
{
int result;
/* allocate memory for our driver state and initialize it */
driver = gigaset_initdriver(GIGASET_MINOR, GIGASET_MINORS,
GIGASET_MODULENAME, GIGASET_DEVNAME,
&gigops, THIS_MODULE);
if (driver == NULL)
goto error;
/* register this driver with the USB subsystem */
result = usb_register(&gigaset_usb_driver);
if (result < 0) {
pr_err("error %d registering USB driver\n", -result);
goto error;
}
pr_info(DRIVER_DESC "\n");
return 0;
error:
if (driver)
gigaset_freedriver(driver);
driver = NULL;
return -1;
}
/* bas_gigaset_exit
* This function is called before the kernel module is unloaded.
*/
static void __exit bas_gigaset_exit(void)
{
struct bas_cardstate *ucs;
int i;
gigaset_blockdriver(driver); /* => probe will fail
* => no gigaset_start any more
*/
/* stop all connected devices */
for (i = 0; i < driver->minors; i++) {
if (gigaset_shutdown(driver->cs + i) < 0)
continue; /* no device */
/* from now on, no isdn callback should be possible */
/* close all still open channels */
ucs = driver->cs[i].hw.bas;
if (ucs->basstate & BS_B1OPEN) {
gig_dbg(DEBUG_INIT, "closing B1 channel");
usb_control_msg(ucs->udev,
usb_sndctrlpipe(ucs->udev, 0),
HD_CLOSE_B1CHANNEL, OUT_VENDOR_REQ,
0, 0, NULL, 0, BAS_TIMEOUT);
}
if (ucs->basstate & BS_B2OPEN) {
gig_dbg(DEBUG_INIT, "closing B2 channel");
usb_control_msg(ucs->udev,
usb_sndctrlpipe(ucs->udev, 0),
HD_CLOSE_B2CHANNEL, OUT_VENDOR_REQ,
0, 0, NULL, 0, BAS_TIMEOUT);
}
if (ucs->basstate & BS_ATOPEN) {
gig_dbg(DEBUG_INIT, "closing AT channel");
usb_control_msg(ucs->udev,
usb_sndctrlpipe(ucs->udev, 0),
HD_CLOSE_ATCHANNEL, OUT_VENDOR_REQ,
0, 0, NULL, 0, BAS_TIMEOUT);
}
ucs->basstate = 0;
}
/* deregister this driver with the USB subsystem */
usb_deregister(&gigaset_usb_driver);
/* this will call the disconnect-callback */
/* from now on, no disconnect/probe callback should be running */
gigaset_freedriver(driver);
driver = NULL;
}
module_init(bas_gigaset_init);
module_exit(bas_gigaset_exit);
MODULE_AUTHOR(DRIVER_AUTHOR);
MODULE_DESCRIPTION(DRIVER_DESC);
MODULE_LICENSE("GPL");