brcm80211/brcmsmac/mac80211_if.c

0001 /*
0002  * Copyright (c) 2010 Broadcom Corporation
0003  * Copyright (c) 2013 Hauke Mehrtens <hauke@hauke-m.de>
0004  *
0005  * Permission to use, copy, modify, and/or distribute this software for any
0006  * purpose with or without fee is hereby granted, provided that the above
0007  * copyright notice and this permission notice appear in all copies.
0008  *
0009  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
0010  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
0011  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
0012  * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
0013  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
0014  * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
0015  * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
0016  */
0017
0018 #define __UNDEF_NO_VERSION__
0019 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
0020
0021 #include <linux/etherdevice.h>
0022 #include <linux/sched.h>
0023 #include <linux/firmware.h>
0024 #include <linux/interrupt.h>
0025 #include <linux/module.h>
0026 #include <linux/bcma/bcma.h>
0027 #include <net/mac80211.h>
0028 #include <defs.h>
0029 #include "phy/phy_int.h"
0030 #include "d11.h"
0031 #include "channel.h"
0032 #include "scb.h"
0033 #include "pub.h"
0034 #include "ucode_loader.h"
0035 #include "mac80211_if.h"
0036 #include "main.h"
0037 #include "debug.h"
0038 #include "led.h"
0039
0040 #define N_TX_QUEUES 4 /* #tx queues on mac80211<->driver interface */
0041 #define BRCMS_FLUSH_TIMEOUT 500 /* msec */
0042
0043 /* Flags we support */
0044 #define MAC_FILTERS (FIF_ALLMULTI | \
0045     FIF_FCSFAIL | \
0046     FIF_CONTROL | \
0047     FIF_OTHER_BSS | \
0048     FIF_BCN_PRBRESP_PROMISC | \
0049     FIF_PSPOLL)
0050
0051 #define CHAN2GHZ(channel, freqency, chflags)  { \
0052     .band = NL80211_BAND_2GHZ, \
0053     .center_freq = (freqency), \
0054     .hw_value = (channel), \
0055     .flags = chflags, \
0056     .max_antenna_gain = 0, \
0057     .max_power = 19, \
0058 }
0059
0060 #define CHAN5GHZ(channel, chflags)  { \
0061     .band = NL80211_BAND_5GHZ, \
0062     .center_freq = 5000 + 5*(channel), \
0063     .hw_value = (channel), \
0064     .flags = chflags, \
0065     .max_antenna_gain = 0, \
0066     .max_power = 21, \
0067 }
0068
0069 #define RATE(rate100m, _flags) { \
0070     .bitrate = (rate100m), \
0071     .flags = (_flags), \
0072     .hw_value = (rate100m / 5), \
0073 }
0074
0075 struct firmware_hdr {
0076     __le32 offset;
0077     __le32 len;
0078     __le32 idx;
0079 };
0080
0081 static const char * const brcms_firmwares[MAX_FW_IMAGES] = {
0082     "brcm/bcm43xx",
0083     NULL
0084 };
0085
0086 static int n_adapters_found;
0087
0088 MODULE_AUTHOR("Broadcom Corporation");
0089 MODULE_DESCRIPTION("Broadcom 802.11n wireless LAN driver.");
0090 MODULE_LICENSE("Dual BSD/GPL");
0091 /* This needs to be adjusted when brcms_firmwares changes */
0092 MODULE_FIRMWARE("brcm/bcm43xx-0.fw");
0093 MODULE_FIRMWARE("brcm/bcm43xx_hdr-0.fw");
0094
0095 /* recognized BCMA Core IDs */
0096 static struct bcma_device_id brcms_coreid_table[] = {
0097     BCMA_CORE(BCMA_MANUF_BCM, BCMA_CORE_80211, 17, BCMA_ANY_CLASS),
0098     BCMA_CORE(BCMA_MANUF_BCM, BCMA_CORE_80211, 23, BCMA_ANY_CLASS),
0099     BCMA_CORE(BCMA_MANUF_BCM, BCMA_CORE_80211, 24, BCMA_ANY_CLASS),
0100     {},
0101 };
0102 MODULE_DEVICE_TABLE(bcma, brcms_coreid_table);
0103
0104 #if defined(CONFIG_BRCMDBG)
0105 /*
0106  * Module parameter for setting the debug message level. Available
0107  * flags are specified by the BRCM_DL_* macros in
0108  * drivers/net/wireless/brcm80211/include/defs.h.
0109  */
0110 module_param_named(debug, brcm_msg_level, uint, 0644);
0111 #endif
0112
0113 static struct ieee80211_channel brcms_2ghz_chantable[] = {
0114     CHAN2GHZ(1, 2412, IEEE80211_CHAN_NO_HT40MINUS),
0115     CHAN2GHZ(2, 2417, IEEE80211_CHAN_NO_HT40MINUS),
0116     CHAN2GHZ(3, 2422, IEEE80211_CHAN_NO_HT40MINUS),
0117     CHAN2GHZ(4, 2427, IEEE80211_CHAN_NO_HT40MINUS),
0118     CHAN2GHZ(5, 2432, 0),
0119     CHAN2GHZ(6, 2437, 0),
0120     CHAN2GHZ(7, 2442, 0),
0121     CHAN2GHZ(8, 2447, IEEE80211_CHAN_NO_HT40PLUS),
0122     CHAN2GHZ(9, 2452, IEEE80211_CHAN_NO_HT40PLUS),
0123     CHAN2GHZ(10, 2457, IEEE80211_CHAN_NO_HT40PLUS),
0124     CHAN2GHZ(11, 2462, IEEE80211_CHAN_NO_HT40PLUS),
0125     CHAN2GHZ(12, 2467,
0126          IEEE80211_CHAN_NO_IR |
0127          IEEE80211_CHAN_NO_HT40PLUS),
0128     CHAN2GHZ(13, 2472,
0129          IEEE80211_CHAN_NO_IR |
0130          IEEE80211_CHAN_NO_HT40PLUS),
0131     CHAN2GHZ(14, 2484,
0132          IEEE80211_CHAN_NO_IR |
0133          IEEE80211_CHAN_NO_HT40PLUS | IEEE80211_CHAN_NO_HT40MINUS |
0134          IEEE80211_CHAN_NO_OFDM)
0135 };
0136
0137 static struct ieee80211_channel brcms_5ghz_nphy_chantable[] = {
0138     /* UNII-1 */
0139     CHAN5GHZ(36, IEEE80211_CHAN_NO_HT40MINUS),
0140     CHAN5GHZ(40, IEEE80211_CHAN_NO_HT40PLUS),
0141     CHAN5GHZ(44, IEEE80211_CHAN_NO_HT40MINUS),
0142     CHAN5GHZ(48, IEEE80211_CHAN_NO_HT40PLUS),
0143     /* UNII-2 */
0144     CHAN5GHZ(52,
0145          IEEE80211_CHAN_RADAR |
0146          IEEE80211_CHAN_NO_IR | IEEE80211_CHAN_NO_HT40MINUS),
0147     CHAN5GHZ(56,
0148          IEEE80211_CHAN_RADAR |
0149          IEEE80211_CHAN_NO_IR | IEEE80211_CHAN_NO_HT40PLUS),
0150     CHAN5GHZ(60,
0151          IEEE80211_CHAN_RADAR |
0152          IEEE80211_CHAN_NO_IR | IEEE80211_CHAN_NO_HT40MINUS),
0153     CHAN5GHZ(64,
0154          IEEE80211_CHAN_RADAR |
0155          IEEE80211_CHAN_NO_IR | IEEE80211_CHAN_NO_HT40PLUS),
0156     /* MID */
0157     CHAN5GHZ(100,
0158          IEEE80211_CHAN_RADAR |
0159          IEEE80211_CHAN_NO_IR | IEEE80211_CHAN_NO_HT40MINUS),
0160     CHAN5GHZ(104,
0161          IEEE80211_CHAN_RADAR |
0162          IEEE80211_CHAN_NO_IR | IEEE80211_CHAN_NO_HT40PLUS),
0163     CHAN5GHZ(108,
0164          IEEE80211_CHAN_RADAR |
0165          IEEE80211_CHAN_NO_IR | IEEE80211_CHAN_NO_HT40MINUS),
0166     CHAN5GHZ(112,
0167          IEEE80211_CHAN_RADAR |
0168          IEEE80211_CHAN_NO_IR | IEEE80211_CHAN_NO_HT40PLUS),
0169     CHAN5GHZ(116,
0170          IEEE80211_CHAN_RADAR |
0171          IEEE80211_CHAN_NO_IR | IEEE80211_CHAN_NO_HT40MINUS),
0172     CHAN5GHZ(120,
0173          IEEE80211_CHAN_RADAR |
0174          IEEE80211_CHAN_NO_IR | IEEE80211_CHAN_NO_HT40PLUS),
0175     CHAN5GHZ(124,
0176          IEEE80211_CHAN_RADAR |
0177          IEEE80211_CHAN_NO_IR | IEEE80211_CHAN_NO_HT40MINUS),
0178     CHAN5GHZ(128,
0179          IEEE80211_CHAN_RADAR |
0180          IEEE80211_CHAN_NO_IR | IEEE80211_CHAN_NO_HT40PLUS),
0181     CHAN5GHZ(132,
0182          IEEE80211_CHAN_RADAR |
0183          IEEE80211_CHAN_NO_IR | IEEE80211_CHAN_NO_HT40MINUS),
0184     CHAN5GHZ(136,
0185          IEEE80211_CHAN_RADAR |
0186          IEEE80211_CHAN_NO_IR | IEEE80211_CHAN_NO_HT40PLUS),
0187     CHAN5GHZ(140,
0188          IEEE80211_CHAN_RADAR |
0189          IEEE80211_CHAN_NO_IR | IEEE80211_CHAN_NO_HT40PLUS |
0190          IEEE80211_CHAN_NO_HT40MINUS),
0191     /* UNII-3 */
0192     CHAN5GHZ(149, IEEE80211_CHAN_NO_HT40MINUS),
0193     CHAN5GHZ(153, IEEE80211_CHAN_NO_HT40PLUS),
0194     CHAN5GHZ(157, IEEE80211_CHAN_NO_HT40MINUS),
0195     CHAN5GHZ(161, IEEE80211_CHAN_NO_HT40PLUS),
0196     CHAN5GHZ(165, IEEE80211_CHAN_NO_HT40PLUS | IEEE80211_CHAN_NO_HT40MINUS)
0197 };
0198
0199 /*
0200  * The rate table is used for both 2.4G and 5G rates. The
0201  * latter being a subset as it does not support CCK rates.
0202  */
0203 static struct ieee80211_rate legacy_ratetable[] = {
0204     RATE(10, 0),
0205     RATE(20, IEEE80211_RATE_SHORT_PREAMBLE),
0206     RATE(55, IEEE80211_RATE_SHORT_PREAMBLE),
0207     RATE(110, IEEE80211_RATE_SHORT_PREAMBLE),
0208     RATE(60, 0),
0209     RATE(90, 0),
0210     RATE(120, 0),
0211     RATE(180, 0),
0212     RATE(240, 0),
0213     RATE(360, 0),
0214     RATE(480, 0),
0215     RATE(540, 0),
0216 };
0217
0218 static const struct ieee80211_supported_band brcms_band_2GHz_nphy_template = {
0219     .band = NL80211_BAND_2GHZ,
0220     .channels = brcms_2ghz_chantable,
0221     .n_channels = ARRAY_SIZE(brcms_2ghz_chantable),
0222     .bitrates = legacy_ratetable,
0223     .n_bitrates = ARRAY_SIZE(legacy_ratetable),
0224     .ht_cap = {
0225            /* from include/linux/ieee80211.h */
0226            .cap = IEEE80211_HT_CAP_GRN_FLD |
0227               IEEE80211_HT_CAP_SGI_20 | IEEE80211_HT_CAP_SGI_40,
0228            .ht_supported = true,
0229            .ampdu_factor = IEEE80211_HT_MAX_AMPDU_64K,
0230            .ampdu_density = AMPDU_DEF_MPDU_DENSITY,
0231            .mcs = {
0232                /* placeholders for now */
0233                .rx_mask = {0xff, 0xff, 0, 0, 0, 0, 0, 0, 0, 0},
0234                .rx_highest = cpu_to_le16(500),
0235                .tx_params = IEEE80211_HT_MCS_TX_DEFINED}
0236            }
0237 };
0238
0239 static const struct ieee80211_supported_band brcms_band_5GHz_nphy_template = {
0240     .band = NL80211_BAND_5GHZ,
0241     .channels = brcms_5ghz_nphy_chantable,
0242     .n_channels = ARRAY_SIZE(brcms_5ghz_nphy_chantable),
0243     .bitrates = legacy_ratetable + BRCMS_LEGACY_5G_RATE_OFFSET,
0244     .n_bitrates = ARRAY_SIZE(legacy_ratetable) -
0245             BRCMS_LEGACY_5G_RATE_OFFSET,
0246     .ht_cap = {
0247            .cap = IEEE80211_HT_CAP_GRN_FLD | IEEE80211_HT_CAP_SGI_20 |
0248               IEEE80211_HT_CAP_SGI_40,
0249            .ht_supported = true,
0250            .ampdu_factor = IEEE80211_HT_MAX_AMPDU_64K,
0251            .ampdu_density = AMPDU_DEF_MPDU_DENSITY,
0252            .mcs = {
0253                /* placeholders for now */
0254                .rx_mask = {0xff, 0xff, 0, 0, 0, 0, 0, 0, 0, 0},
0255                .rx_highest = cpu_to_le16(500),
0256                .tx_params = IEEE80211_HT_MCS_TX_DEFINED}
0257            }
0258 };
0259
0260 /* flags the given rate in rateset as requested */
0261 static void brcms_set_basic_rate(struct brcm_rateset *rs, u16 rate, bool is_br)
0262 {
0263     u32 i;
0264
0265     for (i = 0; i < rs->count; i++) {
0266         if (rate != (rs->rates[i] & 0x7f))
0267             continue;
0268
0269         if (is_br)
0270             rs->rates[i] |= BRCMS_RATE_FLAG;
0271         else
0272             rs->rates[i] &= BRCMS_RATE_MASK;
0273         return;
0274     }
0275 }
0276
0277 /*
0278  * This function frees the WL per-device resources.
0279  *
0280  * This function frees resources owned by the WL device pointed to
0281  * by the wl parameter.
0282  *
0283  * precondition: can both be called locked and unlocked
0284  */
0285 static void brcms_free(struct brcms_info *wl)
0286 {
0287     struct brcms_timer *t, *next;
0288
0289     /* free ucode data */
0290     if (wl->fw.fw_cnt)
0291         brcms_ucode_data_free(&wl->ucode);
0292     if (wl->irq)
0293         free_irq(wl->irq, wl);
0294
0295     /* kill dpc */
0296     tasklet_kill(&wl->tasklet);
0297
0298     if (wl->pub) {
0299         brcms_debugfs_detach(wl->pub);
0300         brcms_c_module_unregister(wl->pub, "linux", wl);
0301     }
0302
0303     /* free common resources */
0304     if (wl->wlc) {
0305         brcms_c_detach(wl->wlc);
0306         wl->wlc = NULL;
0307         wl->pub = NULL;
0308     }
0309
0310     /* virtual interface deletion is deferred so we cannot spinwait */
0311
0312     /* wait for all pending callbacks to complete */
0313     while (atomic_read(&wl->callbacks) > 0)
0314         schedule();
0315
0316     /* free timers */
0317     for (t = wl->timers; t; t = next) {
0318         next = t->next;
0319 #ifdef DEBUG
0320         kfree(t->name);
0321 #endif
0322         kfree(t);
0323     }
0324 }
0325
0326 /*
0327 * called from both kernel as from this kernel module (error flow on attach)
0328 * precondition: perimeter lock is not acquired.
0329 */
0330 static void brcms_remove(struct bcma_device *pdev)
0331 {
0332     struct ieee80211_hw *hw = bcma_get_drvdata(pdev);
0333     struct brcms_info *wl = hw->priv;
0334
0335     if (wl->wlc) {
0336         brcms_led_unregister(wl);
0337         wiphy_rfkill_set_hw_state(wl->pub->ieee_hw->wiphy, false);
0338         wiphy_rfkill_stop_polling(wl->pub->ieee_hw->wiphy);
0339         ieee80211_unregister_hw(hw);
0340     }
0341
0342     brcms_free(wl);
0343
0344     bcma_set_drvdata(pdev, NULL);
0345     ieee80211_free_hw(hw);
0346 }
0347
0348 /*
0349  * Precondition: Since this function is called in brcms_pci_probe() context,
0350  * no locking is required.
0351  */
0352 static void brcms_release_fw(struct brcms_info *wl)
0353 {
0354     int i;
0355     for (i = 0; i < MAX_FW_IMAGES; i++) {
0356         release_firmware(wl->fw.fw_bin[i]);
0357         release_firmware(wl->fw.fw_hdr[i]);
0358     }
0359 }
0360
0361 /*
0362  * Precondition: Since this function is called in brcms_pci_probe() context,
0363  * no locking is required.
0364  */
0365 static int brcms_request_fw(struct brcms_info *wl, struct bcma_device *pdev)
0366 {
0367     int status;
0368     struct device *device = &pdev->dev;
0369     char fw_name[100];
0370     int i;
0371
0372     memset(&wl->fw, 0, sizeof(struct brcms_firmware));
0373     for (i = 0; i < MAX_FW_IMAGES; i++) {
0374         if (brcms_firmwares[i] == NULL)
0375             break;
0376         sprintf(fw_name, "%s-%d.fw", brcms_firmwares[i],
0377             UCODE_LOADER_API_VER);
0378         status = request_firmware(&wl->fw.fw_bin[i], fw_name, device);
0379         if (status) {
0380             wiphy_err(wl->wiphy, "%s: fail to load firmware %s\n",
0381                   KBUILD_MODNAME, fw_name);
0382             return status;
0383         }
0384         sprintf(fw_name, "%s_hdr-%d.fw", brcms_firmwares[i],
0385             UCODE_LOADER_API_VER);
0386         status = request_firmware(&wl->fw.fw_hdr[i], fw_name, device);
0387         if (status) {
0388             wiphy_err(wl->wiphy, "%s: fail to load firmware %s\n",
0389                   KBUILD_MODNAME, fw_name);
0390             return status;
0391         }
0392         wl->fw.hdr_num_entries[i] =
0393             wl->fw.fw_hdr[i]->size / (sizeof(struct firmware_hdr));
0394     }
0395     wl->fw.fw_cnt = i;
0396     status = brcms_ucode_data_init(wl, &wl->ucode);
0397     brcms_release_fw(wl);
0398     return status;
0399 }
0400
0401 static void brcms_ops_tx(struct ieee80211_hw *hw,
0402              struct ieee80211_tx_control *control,
0403              struct sk_buff *skb)
0404 {
0405     struct brcms_info *wl = hw->priv;
0406     struct ieee80211_tx_info *tx_info = IEEE80211_SKB_CB(skb);
0407
0408     spin_lock_bh(&wl->lock);
0409     if (!wl->pub->up) {
0410         brcms_err(wl->wlc->hw->d11core, "ops->tx called while down\n");
0411         kfree_skb(skb);
0412         goto done;
0413     }
0414     if (brcms_c_sendpkt_mac80211(wl->wlc, skb, hw))
0415         tx_info->rate_driver_data[0] = control->sta;
0416  done:
0417     spin_unlock_bh(&wl->lock);
0418 }
0419
0420 static int brcms_ops_start(struct ieee80211_hw *hw)
0421 {
0422     struct brcms_info *wl = hw->priv;
0423     bool blocked;
0424     int err;
0425
0426     if (!wl->ucode.bcm43xx_bomminor) {
0427         err = brcms_request_fw(wl, wl->wlc->hw->d11core);
0428         if (err)
0429             return -ENOENT;
0430     }
0431
0432     ieee80211_wake_queues(hw);
0433     spin_lock_bh(&wl->lock);
0434     blocked = brcms_rfkill_set_hw_state(wl);
0435     spin_unlock_bh(&wl->lock);
0436     if (!blocked)
0437         wiphy_rfkill_stop_polling(wl->pub->ieee_hw->wiphy);
0438
0439     spin_lock_bh(&wl->lock);
0440     /* avoid acknowledging frames before a non-monitor device is added */
0441     wl->mute_tx = true;
0442
0443     if (!wl->pub->up)
0444         if (!blocked)
0445             err = brcms_up(wl);
0446         else
0447             err = -ERFKILL;
0448     else
0449         err = -ENODEV;
0450     spin_unlock_bh(&wl->lock);
0451
0452     if (err != 0)
0453         brcms_err(wl->wlc->hw->d11core, "%s: brcms_up() returned %d\n",
0454               __func__, err);
0455
0456     bcma_core_pci_power_save(wl->wlc->hw->d11core->bus, true);
0457     return err;
0458 }
0459
0460 static void brcms_ops_stop(struct ieee80211_hw *hw)
0461 {
0462     struct brcms_info *wl = hw->priv;
0463     int status;
0464
0465     ieee80211_stop_queues(hw);
0466
0467     if (wl->wlc == NULL)
0468         return;
0469
0470     spin_lock_bh(&wl->lock);
0471     status = brcms_c_chipmatch(wl->wlc->hw->d11core);
0472     spin_unlock_bh(&wl->lock);
0473     if (!status) {
0474         brcms_err(wl->wlc->hw->d11core,
0475               "wl: brcms_ops_stop: chipmatch failed\n");
0476         return;
0477     }
0478
0479     bcma_core_pci_power_save(wl->wlc->hw->d11core->bus, false);
0480
0481     /* put driver in down state */
0482     spin_lock_bh(&wl->lock);
0483     brcms_down(wl);
0484     spin_unlock_bh(&wl->lock);
0485 }
0486
0487 static int
0488 brcms_ops_add_interface(struct ieee80211_hw *hw, struct ieee80211_vif *vif)
0489 {
0490     struct brcms_info *wl = hw->priv;
0491
0492     /* Just STA, AP and ADHOC for now */
0493     if (vif->type != NL80211_IFTYPE_STATION &&
0494         vif->type != NL80211_IFTYPE_AP &&
0495         vif->type != NL80211_IFTYPE_ADHOC) {
0496         brcms_err(wl->wlc->hw->d11core,
0497               "%s: Attempt to add type %d, only STA, AP and AdHoc for now\n",
0498               __func__, vif->type);
0499         return -EOPNOTSUPP;
0500     }
0501
0502     spin_lock_bh(&wl->lock);
0503     wl->wlc->vif = vif;
0504     wl->mute_tx = false;
0505     brcms_c_mute(wl->wlc, false);
0506     if (vif->type == NL80211_IFTYPE_STATION)
0507         brcms_c_start_station(wl->wlc, vif->addr);
0508     else if (vif->type == NL80211_IFTYPE_AP)
0509         brcms_c_start_ap(wl->wlc, vif->addr, vif->bss_conf.bssid,
0510                  vif->cfg.ssid, vif->cfg.ssid_len);
0511     else if (vif->type == NL80211_IFTYPE_ADHOC)
0512         brcms_c_start_adhoc(wl->wlc, vif->addr);
0513     spin_unlock_bh(&wl->lock);
0514
0515     return 0;
0516 }
0517
0518 static void
0519 brcms_ops_remove_interface(struct ieee80211_hw *hw, struct ieee80211_vif *vif)
0520 {
0521     struct brcms_info *wl = hw->priv;
0522
0523     spin_lock_bh(&wl->lock);
0524     wl->wlc->vif = NULL;
0525     spin_unlock_bh(&wl->lock);
0526 }
0527
0528 static int brcms_ops_config(struct ieee80211_hw *hw, u32 changed)
0529 {
0530     struct ieee80211_conf *conf = &hw->conf;
0531     struct brcms_info *wl = hw->priv;
0532     struct bcma_device *core = wl->wlc->hw->d11core;
0533     int err = 0;
0534     int new_int;
0535
0536     spin_lock_bh(&wl->lock);
0537     if (changed & IEEE80211_CONF_CHANGE_LISTEN_INTERVAL) {
0538         brcms_c_set_beacon_listen_interval(wl->wlc,
0539                            conf->listen_interval);
0540     }
0541     if (changed & IEEE80211_CONF_CHANGE_MONITOR)
0542         brcms_dbg_info(core, "%s: change monitor mode: %s\n",
0543                    __func__, conf->flags & IEEE80211_CONF_MONITOR ?
0544                    "true" : "false");
0545     if (changed & IEEE80211_CONF_CHANGE_PS)
0546         brcms_err(core, "%s: change power-save mode: %s (implement)\n",
0547               __func__, conf->flags & IEEE80211_CONF_PS ?
0548               "true" : "false");
0549
0550     if (changed & IEEE80211_CONF_CHANGE_POWER) {
0551         err = brcms_c_set_tx_power(wl->wlc, conf->power_level);
0552         if (err < 0) {
0553             brcms_err(core, "%s: Error setting power_level\n",
0554                   __func__);
0555             goto config_out;
0556         }
0557         new_int = brcms_c_get_tx_power(wl->wlc);
0558         if (new_int != conf->power_level)
0559             brcms_err(core,
0560                   "%s: Power level req != actual, %d %d\n",
0561                   __func__, conf->power_level,
0562                   new_int);
0563     }
0564     if (changed & IEEE80211_CONF_CHANGE_CHANNEL) {
0565         if (conf->chandef.width == NL80211_CHAN_WIDTH_20 ||
0566             conf->chandef.width == NL80211_CHAN_WIDTH_20_NOHT)
0567             err = brcms_c_set_channel(wl->wlc,
0568                           conf->chandef.chan->hw_value);
0569         else
0570             err = -ENOTSUPP;
0571     }
0572     if (changed & IEEE80211_CONF_CHANGE_RETRY_LIMITS)
0573         err = brcms_c_set_rate_limit(wl->wlc,
0574                          conf->short_frame_max_tx_count,
0575                          conf->long_frame_max_tx_count);
0576
0577  config_out:
0578     spin_unlock_bh(&wl->lock);
0579     return err;
0580 }
0581
0582 static void
0583 brcms_ops_bss_info_changed(struct ieee80211_hw *hw,
0584             struct ieee80211_vif *vif,
0585             struct ieee80211_bss_conf *info, u64 changed)
0586 {
0587     struct brcms_info *wl = hw->priv;
0588     struct bcma_device *core = wl->wlc->hw->d11core;
0589
0590     if (changed & BSS_CHANGED_ASSOC) {
0591         /* association status changed (associated/disassociated)
0592          * also implies a change in the AID.
0593          */
0594         brcms_err(core, "%s: %s: %sassociated\n", KBUILD_MODNAME,
0595               __func__, vif->cfg.assoc ? "" : "dis");
0596         spin_lock_bh(&wl->lock);
0597         brcms_c_associate_upd(wl->wlc, vif->cfg.assoc);
0598         spin_unlock_bh(&wl->lock);
0599     }
0600     if (changed & BSS_CHANGED_ERP_SLOT) {
0601         s8 val;
0602
0603         /* slot timing changed */
0604         if (info->use_short_slot)
0605             val = 1;
0606         else
0607             val = 0;
0608         spin_lock_bh(&wl->lock);
0609         brcms_c_set_shortslot_override(wl->wlc, val);
0610         spin_unlock_bh(&wl->lock);
0611     }
0612
0613     if (changed & BSS_CHANGED_HT) {
0614         /* 802.11n parameters changed */
0615         u16 mode = info->ht_operation_mode;
0616
0617         spin_lock_bh(&wl->lock);
0618         brcms_c_protection_upd(wl->wlc, BRCMS_PROT_N_CFG,
0619             mode & IEEE80211_HT_OP_MODE_PROTECTION);
0620         brcms_c_protection_upd(wl->wlc, BRCMS_PROT_N_NONGF,
0621             mode & IEEE80211_HT_OP_MODE_NON_GF_STA_PRSNT);
0622         brcms_c_protection_upd(wl->wlc, BRCMS_PROT_N_OBSS,
0623             mode & IEEE80211_HT_OP_MODE_NON_HT_STA_PRSNT);
0624         spin_unlock_bh(&wl->lock);
0625     }
0626     if (changed & BSS_CHANGED_BASIC_RATES) {
0627         struct ieee80211_supported_band *bi;
0628         u32 br_mask, i;
0629         u16 rate;
0630         struct brcm_rateset rs;
0631         int error;
0632
0633         /* retrieve the current rates */
0634         spin_lock_bh(&wl->lock);
0635         brcms_c_get_current_rateset(wl->wlc, &rs);
0636         spin_unlock_bh(&wl->lock);
0637
0638         br_mask = info->basic_rates;
0639         bi = hw->wiphy->bands[brcms_c_get_curband(wl->wlc)];
0640         for (i = 0; i < bi->n_bitrates; i++) {
0641             /* convert to internal rate value */
0642             rate = (bi->bitrates[i].bitrate << 1) / 10;
0643
0644             /* set/clear basic rate flag */
0645             brcms_set_basic_rate(&rs, rate, br_mask & 1);
0646             br_mask >>= 1;
0647         }
0648
0649         /* update the rate set */
0650         spin_lock_bh(&wl->lock);
0651         error = brcms_c_set_rateset(wl->wlc, &rs);
0652         spin_unlock_bh(&wl->lock);
0653         if (error)
0654             brcms_err(core, "changing basic rates failed: %d\n",
0655                   error);
0656     }
0657     if (changed & BSS_CHANGED_BEACON_INT) {
0658         /* Beacon interval changed */
0659         spin_lock_bh(&wl->lock);
0660         brcms_c_set_beacon_period(wl->wlc, info->beacon_int);
0661         spin_unlock_bh(&wl->lock);
0662     }
0663     if (changed & BSS_CHANGED_BSSID) {
0664         /* BSSID changed, for whatever reason (IBSS and managed mode) */
0665         spin_lock_bh(&wl->lock);
0666         brcms_c_set_addrmatch(wl->wlc, RCM_BSSID_OFFSET, info->bssid);
0667         spin_unlock_bh(&wl->lock);
0668     }
0669     if (changed & BSS_CHANGED_SSID) {
0670         /* BSSID changed, for whatever reason (IBSS and managed mode) */
0671         spin_lock_bh(&wl->lock);
0672         brcms_c_set_ssid(wl->wlc, vif->cfg.ssid, vif->cfg.ssid_len);
0673         spin_unlock_bh(&wl->lock);
0674     }
0675     if (changed & BSS_CHANGED_BEACON) {
0676         /* Beacon data changed, retrieve new beacon (beaconing modes) */
0677         struct sk_buff *beacon;
0678         u16 tim_offset = 0;
0679
0680         spin_lock_bh(&wl->lock);
0681         beacon = ieee80211_beacon_get_tim(hw, vif, &tim_offset, NULL, 0);
0682         brcms_c_set_new_beacon(wl->wlc, beacon, tim_offset,
0683                        info->dtim_period);
0684         spin_unlock_bh(&wl->lock);
0685     }
0686
0687     if (changed & BSS_CHANGED_AP_PROBE_RESP) {
0688         struct sk_buff *probe_resp;
0689
0690         spin_lock_bh(&wl->lock);
0691         probe_resp = ieee80211_proberesp_get(hw, vif);
0692         brcms_c_set_new_probe_resp(wl->wlc, probe_resp);
0693         spin_unlock_bh(&wl->lock);
0694     }
0695
0696     if (changed & BSS_CHANGED_BEACON_ENABLED) {
0697         /* Beaconing should be enabled/disabled (beaconing modes) */
0698         brcms_err(core, "%s: Beacon enabled: %s\n", __func__,
0699               info->enable_beacon ? "true" : "false");
0700         if (info->enable_beacon &&
0701             hw->wiphy->flags & WIPHY_FLAG_AP_PROBE_RESP_OFFLOAD) {
0702             brcms_c_enable_probe_resp(wl->wlc, true);
0703         } else {
0704             brcms_c_enable_probe_resp(wl->wlc, false);
0705         }
0706     }
0707
0708     if (changed & BSS_CHANGED_CQM) {
0709         /* Connection quality monitor config changed */
0710         brcms_err(core, "%s: cqm change: threshold %d, hys %d "
0711               " (implement)\n", __func__, info->cqm_rssi_thold,
0712               info->cqm_rssi_hyst);
0713     }
0714
0715     if (changed & BSS_CHANGED_IBSS) {
0716         /* IBSS join status changed */
0717         brcms_err(core, "%s: IBSS joined: %s (implement)\n",
0718               __func__, vif->cfg.ibss_joined ? "true" : "false");
0719     }
0720
0721     if (changed & BSS_CHANGED_ARP_FILTER) {
0722         /* Hardware ARP filter address list or state changed */
0723         brcms_err(core, "%s: arp filtering: %d addresses"
0724               " (implement)\n", __func__, vif->cfg.arp_addr_cnt);
0725     }
0726
0727     if (changed & BSS_CHANGED_QOS) {
0728         /*
0729          * QoS for this association was enabled/disabled.
0730          * Note that it is only ever disabled for station mode.
0731          */
0732         brcms_err(core, "%s: qos enabled: %s (implement)\n",
0733               __func__, info->qos ? "true" : "false");
0734     }
0735     return;
0736 }
0737
0738 static void
0739 brcms_ops_configure_filter(struct ieee80211_hw *hw,
0740             unsigned int changed_flags,
0741             unsigned int *total_flags, u64 multicast)
0742 {
0743     struct brcms_info *wl = hw->priv;
0744     struct bcma_device *core = wl->wlc->hw->d11core;
0745
0746     changed_flags &= MAC_FILTERS;
0747     *total_flags &= MAC_FILTERS;
0748
0749     if (changed_flags & FIF_ALLMULTI)
0750         brcms_dbg_info(core, "FIF_ALLMULTI\n");
0751     if (changed_flags & FIF_FCSFAIL)
0752         brcms_dbg_info(core, "FIF_FCSFAIL\n");
0753     if (changed_flags & FIF_CONTROL)
0754         brcms_dbg_info(core, "FIF_CONTROL\n");
0755     if (changed_flags & FIF_OTHER_BSS)
0756         brcms_dbg_info(core, "FIF_OTHER_BSS\n");
0757     if (changed_flags & FIF_PSPOLL)
0758         brcms_dbg_info(core, "FIF_PSPOLL\n");
0759     if (changed_flags & FIF_BCN_PRBRESP_PROMISC)
0760         brcms_dbg_info(core, "FIF_BCN_PRBRESP_PROMISC\n");
0761
0762     spin_lock_bh(&wl->lock);
0763     brcms_c_mac_promisc(wl->wlc, *total_flags);
0764     spin_unlock_bh(&wl->lock);
0765     return;
0766 }
0767
0768 static void brcms_ops_sw_scan_start(struct ieee80211_hw *hw,
0769                     struct ieee80211_vif *vif,
0770                     const u8 *mac_addr)
0771 {
0772     struct brcms_info *wl = hw->priv;
0773     spin_lock_bh(&wl->lock);
0774     brcms_c_scan_start(wl->wlc);
0775     spin_unlock_bh(&wl->lock);
0776     return;
0777 }
0778
0779 static void brcms_ops_sw_scan_complete(struct ieee80211_hw *hw,
0780                        struct ieee80211_vif *vif)
0781 {
0782     struct brcms_info *wl = hw->priv;
0783     spin_lock_bh(&wl->lock);
0784     brcms_c_scan_stop(wl->wlc);
0785     spin_unlock_bh(&wl->lock);
0786     return;
0787 }
0788
0789 static int
0790 brcms_ops_conf_tx(struct ieee80211_hw *hw, struct ieee80211_vif *vif,
0791           unsigned int link_id, u16 queue,
0792           const struct ieee80211_tx_queue_params *params)
0793 {
0794     struct brcms_info *wl = hw->priv;
0795
0796     spin_lock_bh(&wl->lock);
0797     brcms_c_wme_setparams(wl->wlc, queue, params, true);
0798     spin_unlock_bh(&wl->lock);
0799
0800     return 0;
0801 }
0802
0803 static int
0804 brcms_ops_sta_add(struct ieee80211_hw *hw, struct ieee80211_vif *vif,
0805            struct ieee80211_sta *sta)
0806 {
0807     struct brcms_info *wl = hw->priv;
0808     struct scb *scb = &wl->wlc->pri_scb;
0809
0810     brcms_c_init_scb(scb);
0811
0812     wl->pub->global_ampdu = &(scb->scb_ampdu);
0813     wl->pub->global_ampdu->scb = scb;
0814     wl->pub->global_ampdu->max_pdu = 16;
0815
0816     /*
0817      * minstrel_ht initiates addBA on our behalf by calling
0818      * ieee80211_start_tx_ba_session()
0819      */
0820     return 0;
0821 }
0822
0823 static int
0824 brcms_ops_ampdu_action(struct ieee80211_hw *hw,
0825             struct ieee80211_vif *vif,
0826             struct ieee80211_ampdu_params *params)
0827 {
0828     struct brcms_info *wl = hw->priv;
0829     struct scb *scb = &wl->wlc->pri_scb;
0830     int status;
0831     struct ieee80211_sta *sta = params->sta;
0832     enum ieee80211_ampdu_mlme_action action = params->action;
0833     u16 tid = params->tid;
0834     u8 buf_size = params->buf_size;
0835
0836     if (WARN_ON(scb->magic != SCB_MAGIC))
0837         return -EIDRM;
0838     switch (action) {
0839     case IEEE80211_AMPDU_RX_START:
0840         break;
0841     case IEEE80211_AMPDU_RX_STOP:
0842         break;
0843     case IEEE80211_AMPDU_TX_START:
0844         spin_lock_bh(&wl->lock);
0845         status = brcms_c_aggregatable(wl->wlc, tid);
0846         spin_unlock_bh(&wl->lock);
0847         if (!status) {
0848             brcms_dbg_ht(wl->wlc->hw->d11core,
0849                      "START: tid %d is not agg\'able\n", tid);
0850             return -EINVAL;
0851         }
0852         return IEEE80211_AMPDU_TX_START_IMMEDIATE;
0853
0854     case IEEE80211_AMPDU_TX_STOP_CONT:
0855     case IEEE80211_AMPDU_TX_STOP_FLUSH:
0856     case IEEE80211_AMPDU_TX_STOP_FLUSH_CONT:
0857         spin_lock_bh(&wl->lock);
0858         brcms_c_ampdu_flush(wl->wlc, sta, tid);
0859         spin_unlock_bh(&wl->lock);
0860         ieee80211_stop_tx_ba_cb_irqsafe(vif, sta->addr, tid);
0861         break;
0862     case IEEE80211_AMPDU_TX_OPERATIONAL:
0863         /*
0864          * BA window size from ADDBA response ('buf_size') defines how
0865          * many outstanding MPDUs are allowed for the BA stream by
0866          * recipient and traffic class. 'ampdu_factor' gives maximum
0867          * AMPDU size.
0868          */
0869         spin_lock_bh(&wl->lock);
0870         brcms_c_ampdu_tx_operational(wl->wlc, tid, buf_size,
0871             (1 << (IEEE80211_HT_MAX_AMPDU_FACTOR +
0872              sta->deflink.ht_cap.ampdu_factor)) - 1);
0873         spin_unlock_bh(&wl->lock);
0874         /* Power save wakeup */
0875         break;
0876     default:
0877         brcms_err(wl->wlc->hw->d11core,
0878               "%s: Invalid command, ignoring\n", __func__);
0879     }
0880
0881     return 0;
0882 }
0883
0884 static void brcms_ops_rfkill_poll(struct ieee80211_hw *hw)
0885 {
0886     struct brcms_info *wl = hw->priv;
0887     bool blocked;
0888
0889     spin_lock_bh(&wl->lock);
0890     blocked = brcms_c_check_radio_disabled(wl->wlc);
0891     spin_unlock_bh(&wl->lock);
0892
0893     wiphy_rfkill_set_hw_state(wl->pub->ieee_hw->wiphy, blocked);
0894 }
0895
0896 static bool brcms_tx_flush_completed(struct brcms_info *wl)
0897 {
0898     bool result;
0899
0900     spin_lock_bh(&wl->lock);
0901     result = brcms_c_tx_flush_completed(wl->wlc);
0902     spin_unlock_bh(&wl->lock);
0903     return result;
0904 }
0905
0906 static void brcms_ops_flush(struct ieee80211_hw *hw, struct ieee80211_vif *vif,
0907                 u32 queues, bool drop)
0908 {
0909     struct brcms_info *wl = hw->priv;
0910     int ret;
0911
0912     no_printk("%s: drop = %s\n", __func__, drop ? "true" : "false");
0913
0914     ret = wait_event_timeout(wl->tx_flush_wq,
0915                  brcms_tx_flush_completed(wl),
0916                  msecs_to_jiffies(BRCMS_FLUSH_TIMEOUT));
0917
0918     brcms_dbg_mac80211(wl->wlc->hw->d11core,
0919                "ret=%d\n", jiffies_to_msecs(ret));
0920 }
0921
0922 static u64 brcms_ops_get_tsf(struct ieee80211_hw *hw, struct ieee80211_vif *vif)
0923 {
0924     struct brcms_info *wl = hw->priv;
0925     u64 tsf;
0926
0927     spin_lock_bh(&wl->lock);
0928     tsf = brcms_c_tsf_get(wl->wlc);
0929     spin_unlock_bh(&wl->lock);
0930
0931     return tsf;
0932 }
0933
0934 static void brcms_ops_set_tsf(struct ieee80211_hw *hw,
0935                struct ieee80211_vif *vif, u64 tsf)
0936 {
0937     struct brcms_info *wl = hw->priv;
0938
0939     spin_lock_bh(&wl->lock);
0940     brcms_c_tsf_set(wl->wlc, tsf);
0941     spin_unlock_bh(&wl->lock);
0942 }
0943
0944 static int brcms_ops_beacon_set_tim(struct ieee80211_hw *hw,
0945                  struct ieee80211_sta *sta, bool set)
0946 {
0947     struct brcms_info *wl = hw->priv;
0948     struct sk_buff *beacon = NULL;
0949     u16 tim_offset = 0;
0950
0951     spin_lock_bh(&wl->lock);
0952     if (wl->wlc->vif)
0953         beacon = ieee80211_beacon_get_tim(hw, wl->wlc->vif,
0954                           &tim_offset, NULL, 0);
0955     if (beacon)
0956         brcms_c_set_new_beacon(wl->wlc, beacon, tim_offset,
0957                        wl->wlc->vif->bss_conf.dtim_period);
0958     spin_unlock_bh(&wl->lock);
0959
0960     return 0;
0961 }
0962
0963 static const struct ieee80211_ops brcms_ops = {
0964     .tx = brcms_ops_tx,
0965     .start = brcms_ops_start,
0966     .stop = brcms_ops_stop,
0967     .add_interface = brcms_ops_add_interface,
0968     .remove_interface = brcms_ops_remove_interface,
0969     .config = brcms_ops_config,
0970     .bss_info_changed = brcms_ops_bss_info_changed,
0971     .configure_filter = brcms_ops_configure_filter,
0972     .sw_scan_start = brcms_ops_sw_scan_start,
0973     .sw_scan_complete = brcms_ops_sw_scan_complete,
0974     .conf_tx = brcms_ops_conf_tx,
0975     .sta_add = brcms_ops_sta_add,
0976     .ampdu_action = brcms_ops_ampdu_action,
0977     .rfkill_poll = brcms_ops_rfkill_poll,
0978     .flush = brcms_ops_flush,
0979     .get_tsf = brcms_ops_get_tsf,
0980     .set_tsf = brcms_ops_set_tsf,
0981     .set_tim = brcms_ops_beacon_set_tim,
0982 };
0983
0984 void brcms_dpc(struct tasklet_struct *t)
0985 {
0986     struct brcms_info *wl;
0987
0988     wl = from_tasklet(wl, t, tasklet);
0989
0990     spin_lock_bh(&wl->lock);
0991
0992     /* call the common second level interrupt handler */
0993     if (wl->pub->up) {
0994         if (wl->resched) {
0995             unsigned long flags;
0996
0997             spin_lock_irqsave(&wl->isr_lock, flags);
0998             brcms_c_intrsupd(wl->wlc);
0999             spin_unlock_irqrestore(&wl->isr_lock, flags);
1000         }
1001
1002         wl->resched = brcms_c_dpc(wl->wlc, true);
1003     }
1004
1005     /* brcms_c_dpc() may bring the driver down */
1006     if (!wl->pub->up)
1007         goto done;
1008
1009     /* re-schedule dpc */
1010     if (wl->resched)
1011         tasklet_schedule(&wl->tasklet);
1012     else
1013         /* re-enable interrupts */
1014         brcms_intrson(wl);
1015
1016  done:
1017     spin_unlock_bh(&wl->lock);
1018     wake_up(&wl->tx_flush_wq);
1019 }
1020
1021 static irqreturn_t brcms_isr(int irq, void *dev_id)
1022 {
1023     struct brcms_info *wl;
1024     irqreturn_t ret = IRQ_NONE;
1025
1026     wl = (struct brcms_info *) dev_id;
1027
1028     spin_lock(&wl->isr_lock);
1029
1030     /* call common first level interrupt handler */
1031     if (brcms_c_isr(wl->wlc)) {
1032         /* schedule second level handler */
1033         tasklet_schedule(&wl->tasklet);
1034         ret = IRQ_HANDLED;
1035     }
1036
1037     spin_unlock(&wl->isr_lock);
1038
1039     return ret;
1040 }
1041
1042 /*
1043  * is called in brcms_pci_probe() context, therefore no locking required.
1044  */
1045 static int ieee_hw_rate_init(struct ieee80211_hw *hw)
1046 {
1047     struct brcms_info *wl = hw->priv;
1048     struct brcms_c_info *wlc = wl->wlc;
1049     struct ieee80211_supported_band *band;
1050     int has_5g = 0;
1051     u16 phy_type;
1052
1053     hw->wiphy->bands[NL80211_BAND_2GHZ] = NULL;
1054     hw->wiphy->bands[NL80211_BAND_5GHZ] = NULL;
1055
1056     phy_type = brcms_c_get_phy_type(wl->wlc, 0);
1057     if (phy_type == PHY_TYPE_N || phy_type == PHY_TYPE_LCN) {
1058         band = &wlc->bandstate[BAND_2G_INDEX]->band;
1059         *band = brcms_band_2GHz_nphy_template;
1060         if (phy_type == PHY_TYPE_LCN) {
1061             /* Single stream */
1062             band->ht_cap.mcs.rx_mask[1] = 0;
1063             band->ht_cap.mcs.rx_highest = cpu_to_le16(72);
1064         }
1065         hw->wiphy->bands[NL80211_BAND_2GHZ] = band;
1066     } else {
1067         return -EPERM;
1068     }
1069
1070     /* Assume all bands use the same phy.  True for 11n devices. */
1071     if (wl->pub->_nbands > 1) {
1072         has_5g++;
1073         if (phy_type == PHY_TYPE_N || phy_type == PHY_TYPE_LCN) {
1074             band = &wlc->bandstate[BAND_5G_INDEX]->band;
1075             *band = brcms_band_5GHz_nphy_template;
1076             hw->wiphy->bands[NL80211_BAND_5GHZ] = band;
1077         } else {
1078             return -EPERM;
1079         }
1080     }
1081     return 0;
1082 }
1083
1084 /*
1085  * is called in brcms_pci_probe() context, therefore no locking required.
1086  */
1087 static int ieee_hw_init(struct ieee80211_hw *hw)
1088 {
1089     ieee80211_hw_set(hw, AMPDU_AGGREGATION);
1090     ieee80211_hw_set(hw, SIGNAL_DBM);
1091     ieee80211_hw_set(hw, REPORTS_TX_ACK_STATUS);
1092
1093     hw->extra_tx_headroom = brcms_c_get_header_len();
1094     hw->queues = N_TX_QUEUES;
1095     hw->max_rates = 2;  /* Primary rate and 1 fallback rate */
1096
1097     /* channel change time is dependent on chip and band  */
1098     hw->wiphy->interface_modes = BIT(NL80211_IFTYPE_STATION) |
1099                      BIT(NL80211_IFTYPE_AP) |
1100                      BIT(NL80211_IFTYPE_ADHOC);
1101
1102     /*
1103      * deactivate sending probe responses by ucude, because this will
1104      * cause problems when WPS is used.
1105      *
1106      * hw->wiphy->flags |= WIPHY_FLAG_AP_PROBE_RESP_OFFLOAD;
1107      */
1108
1109     wiphy_ext_feature_set(hw->wiphy, NL80211_EXT_FEATURE_CQM_RSSI_LIST);
1110
1111     hw->rate_control_algorithm = "minstrel_ht";
1112
1113     hw->sta_data_size = 0;
1114     return ieee_hw_rate_init(hw);
1115 }
1116
1117 /*
1118  * attach to the WL device.
1119  *
1120  * Attach to the WL device identified by vendor and device parameters.
1121  * regs is a host accessible memory address pointing to WL device registers.
1122  *
1123  * is called in brcms_bcma_probe() context, therefore no locking required.
1124  */
1125 static struct brcms_info *brcms_attach(struct bcma_device *pdev)
1126 {
1127     struct brcms_info *wl = NULL;
1128     int unit, err;
1129     struct ieee80211_hw *hw;
1130     u8 perm[ETH_ALEN];
1131
1132     unit = n_adapters_found;
1133     err = 0;
1134
1135     if (unit < 0)
1136         return NULL;
1137
1138     /* allocate private info */
1139     hw = bcma_get_drvdata(pdev);
1140     if (hw != NULL)
1141         wl = hw->priv;
1142     if (WARN_ON(hw == NULL) || WARN_ON(wl == NULL))
1143         return NULL;
1144     wl->wiphy = hw->wiphy;
1145
1146     atomic_set(&wl->callbacks, 0);
1147
1148     init_waitqueue_head(&wl->tx_flush_wq);
1149
1150     /* setup the bottom half handler */
1151     tasklet_setup(&wl->tasklet, brcms_dpc);
1152
1153     spin_lock_init(&wl->lock);
1154     spin_lock_init(&wl->isr_lock);
1155
1156     /* common load-time initialization */
1157     wl->wlc = brcms_c_attach((void *)wl, pdev, unit, false, &err);
1158     if (!wl->wlc) {
1159         wiphy_err(wl->wiphy, "%s: attach() failed with code %d\n",
1160               KBUILD_MODNAME, err);
1161         goto fail;
1162     }
1163     wl->pub = brcms_c_pub(wl->wlc);
1164
1165     wl->pub->ieee_hw = hw;
1166
1167     /* register our interrupt handler */
1168     if (request_irq(pdev->irq, brcms_isr,
1169             IRQF_SHARED, KBUILD_MODNAME, wl)) {
1170         wiphy_err(wl->wiphy, "wl%d: request_irq() failed\n", unit);
1171         goto fail;
1172     }
1173     wl->irq = pdev->irq;
1174
1175     /* register module */
1176     brcms_c_module_register(wl->pub, "linux", wl, NULL);
1177
1178     if (ieee_hw_init(hw)) {
1179         wiphy_err(wl->wiphy, "wl%d: %s: ieee_hw_init failed!\n", unit,
1180               __func__);
1181         goto fail;
1182     }
1183
1184     brcms_c_regd_init(wl->wlc);
1185
1186     memcpy(perm, &wl->pub->cur_etheraddr, ETH_ALEN);
1187     if (WARN_ON(!is_valid_ether_addr(perm)))
1188         goto fail;
1189     SET_IEEE80211_PERM_ADDR(hw, perm);
1190
1191     err = ieee80211_register_hw(hw);
1192     if (err)
1193         wiphy_err(wl->wiphy, "%s: ieee80211_register_hw failed, status"
1194               "%d\n", __func__, err);
1195
1196     if (wl->pub->srom_ccode[0] &&
1197         regulatory_hint(wl->wiphy, wl->pub->srom_ccode))
1198         wiphy_err(wl->wiphy, "%s: regulatory hint failed\n", __func__);
1199
1200     brcms_debugfs_attach(wl->pub);
1201     brcms_debugfs_create_files(wl->pub);
1202     n_adapters_found++;
1203     return wl;
1204
1205 fail:
1206     brcms_free(wl);
1207     return NULL;
1208 }
1209
1210
1211
1212 /*
1213  * determines if a device is a WL device, and if so, attaches it.
1214  *
1215  * This function determines if a device pointed to by pdev is a WL device,
1216  * and if so, performs a brcms_attach() on it.
1217  *
1218  * Perimeter lock is initialized in the course of this function.
1219  */
1220 static int brcms_bcma_probe(struct bcma_device *pdev)
1221 {
1222     struct brcms_info *wl;
1223     struct ieee80211_hw *hw;
1224     int ret;
1225
1226     dev_info(&pdev->dev, "mfg %x core %x rev %d class %d irq %d\n",
1227          pdev->id.manuf, pdev->id.id, pdev->id.rev, pdev->id.class,
1228          pdev->irq);
1229
1230     if ((pdev->id.manuf != BCMA_MANUF_BCM) ||
1231         (pdev->id.id != BCMA_CORE_80211))
1232         return -ENODEV;
1233
1234     hw = ieee80211_alloc_hw(sizeof(struct brcms_info), &brcms_ops);
1235     if (!hw) {
1236         pr_err("%s: ieee80211_alloc_hw failed\n", __func__);
1237         return -ENOMEM;
1238     }
1239
1240     SET_IEEE80211_DEV(hw, &pdev->dev);
1241
1242     bcma_set_drvdata(pdev, hw);
1243
1244     memset(hw->priv, 0, sizeof(*wl));
1245
1246     wl = brcms_attach(pdev);
1247     if (!wl) {
1248         pr_err("%s: brcms_attach failed!\n", __func__);
1249         ret = -ENODEV;
1250         goto err_free_ieee80211;
1251     }
1252     brcms_led_register(wl);
1253
1254     return 0;
1255
1256 err_free_ieee80211:
1257     ieee80211_free_hw(hw);
1258     return ret;
1259 }
1260
1261 static int brcms_suspend(struct bcma_device *pdev)
1262 {
1263     struct brcms_info *wl;
1264     struct ieee80211_hw *hw;
1265
1266     hw = bcma_get_drvdata(pdev);
1267     wl = hw->priv;
1268     if (!wl) {
1269         pr_err("%s: %s: no driver private struct!\n", KBUILD_MODNAME,
1270                __func__);
1271         return -ENODEV;
1272     }
1273
1274     /* only need to flag hw is down for proper resume */
1275     spin_lock_bh(&wl->lock);
1276     wl->pub->hw_up = false;
1277     spin_unlock_bh(&wl->lock);
1278
1279     brcms_dbg_info(wl->wlc->hw->d11core, "brcms_suspend ok\n");
1280
1281     return 0;
1282 }
1283
1284 static int brcms_resume(struct bcma_device *pdev)
1285 {
1286     return 0;
1287 }
1288
1289 static struct bcma_driver brcms_bcma_driver = {
1290     .name     = KBUILD_MODNAME,
1291     .probe    = brcms_bcma_probe,
1292     .suspend  = brcms_suspend,
1293     .resume   = brcms_resume,
1294     .remove   = brcms_remove,
1295     .id_table = brcms_coreid_table,
1296 };
1297
1298 /*
1299  * This is the main entry point for the brcmsmac driver.
1300  *
1301  * This function is scheduled upon module initialization and
1302  * does the driver registration, which result in brcms_bcma_probe()
1303  * call resulting in the driver bringup.
1304  */
1305 static void brcms_driver_init(struct work_struct *work)
1306 {
1307     int error;
1308
1309     error = bcma_driver_register(&brcms_bcma_driver);
1310     if (error)
1311         pr_err("%s: register returned %d\n", __func__, error);
1312 }
1313
1314 static DECLARE_WORK(brcms_driver_work, brcms_driver_init);
1315
1316 static int __init brcms_module_init(void)
1317 {
1318     brcms_debugfs_init();
1319     if (!schedule_work(&brcms_driver_work))
1320         return -EBUSY;
1321
1322     return 0;
1323 }
1324
1325 /*
1326  * This function unloads the brcmsmac driver from the system.
1327  *
1328  * This function unconditionally unloads the brcmsmac driver module from the
1329  * system.
1330  *
1331  */
1332 static void __exit brcms_module_exit(void)
1333 {
1334     cancel_work_sync(&brcms_driver_work);
1335     bcma_driver_unregister(&brcms_bcma_driver);
1336     brcms_debugfs_exit();
1337 }
1338
1339 module_init(brcms_module_init);
1340 module_exit(brcms_module_exit);
1341
1342 /*
1343  * precondition: perimeter lock has been acquired
1344  */
1345 void brcms_txflowcontrol(struct brcms_info *wl, struct brcms_if *wlif,
1346              bool state, int prio)
1347 {
1348     brcms_err(wl->wlc->hw->d11core, "Shouldn't be here %s\n", __func__);
1349 }
1350
1351 /*
1352  * precondition: perimeter lock has been acquired
1353  */
1354 void brcms_init(struct brcms_info *wl)
1355 {
1356     brcms_dbg_info(wl->wlc->hw->d11core, "Initializing wl%d\n",
1357                wl->pub->unit);
1358     brcms_reset(wl);
1359     brcms_c_init(wl->wlc, wl->mute_tx);
1360 }
1361
1362 /*
1363  * precondition: perimeter lock has been acquired
1364  */
1365 uint brcms_reset(struct brcms_info *wl)
1366 {
1367     brcms_dbg_info(wl->wlc->hw->d11core, "Resetting wl%d\n", wl->pub->unit);
1368     brcms_c_reset(wl->wlc);
1369
1370     /* dpc will not be rescheduled */
1371     wl->resched = false;
1372
1373     /* inform publicly that interface is down */
1374     wl->pub->up = false;
1375
1376     return 0;
1377 }
1378
1379 void brcms_fatal_error(struct brcms_info *wl)
1380 {
1381     brcms_err(wl->wlc->hw->d11core, "wl%d: fatal error, reinitializing\n",
1382           wl->wlc->pub->unit);
1383     brcms_reset(wl);
1384     ieee80211_restart_hw(wl->pub->ieee_hw);
1385 }
1386
1387 /*
1388  * These are interrupt on/off entry points. Disable interrupts
1389  * during interrupt state transition.
1390  */
1391 void brcms_intrson(struct brcms_info *wl)
1392 {
1393     unsigned long flags;
1394
1395     spin_lock_irqsave(&wl->isr_lock, flags);
1396     brcms_c_intrson(wl->wlc);
1397     spin_unlock_irqrestore(&wl->isr_lock, flags);
1398 }
1399
1400 u32 brcms_intrsoff(struct brcms_info *wl)
1401 {
1402     unsigned long flags;
1403     u32 status;
1404
1405     spin_lock_irqsave(&wl->isr_lock, flags);
1406     status = brcms_c_intrsoff(wl->wlc);
1407     spin_unlock_irqrestore(&wl->isr_lock, flags);
1408     return status;
1409 }
1410
1411 void brcms_intrsrestore(struct brcms_info *wl, u32 macintmask)
1412 {
1413     unsigned long flags;
1414
1415     spin_lock_irqsave(&wl->isr_lock, flags);
1416     brcms_c_intrsrestore(wl->wlc, macintmask);
1417     spin_unlock_irqrestore(&wl->isr_lock, flags);
1418 }
1419
1420 /*
1421  * precondition: perimeter lock has been acquired
1422  */
1423 int brcms_up(struct brcms_info *wl)
1424 {
1425     int error = 0;
1426
1427     if (wl->pub->up)
1428         return 0;
1429
1430     error = brcms_c_up(wl->wlc);
1431
1432     return error;
1433 }
1434
1435 /*
1436  * precondition: perimeter lock has been acquired
1437  */
1438 void brcms_down(struct brcms_info *wl)
1439     __must_hold(&wl->lock)
1440 {
1441     uint callbacks, ret_val = 0;
1442
1443     /* call common down function */
1444     ret_val = brcms_c_down(wl->wlc);
1445     callbacks = atomic_read(&wl->callbacks) - ret_val;
1446
1447     /* wait for down callbacks to complete */
1448     spin_unlock_bh(&wl->lock);
1449
1450     /* For HIGH_only driver, it's important to actually schedule other work,
1451      * not just spin wait since everything runs at schedule level
1452      */
1453     SPINWAIT((atomic_read(&wl->callbacks) > callbacks), 100 * 1000);
1454
1455     spin_lock_bh(&wl->lock);
1456 }
1457
1458 /*
1459 * precondition: perimeter lock is not acquired
1460  */
1461 static void _brcms_timer(struct work_struct *work)
1462 {
1463     struct brcms_timer *t = container_of(work, struct brcms_timer,
1464                          dly_wrk.work);
1465
1466     spin_lock_bh(&t->wl->lock);
1467
1468     if (t->set) {
1469         if (t->periodic) {
1470             atomic_inc(&t->wl->callbacks);
1471             ieee80211_queue_delayed_work(t->wl->pub->ieee_hw,
1472                              &t->dly_wrk,
1473                              msecs_to_jiffies(t->ms));
1474         } else {
1475             t->set = false;
1476         }
1477
1478         t->fn(t->arg);
1479     }
1480
1481     atomic_dec(&t->wl->callbacks);
1482
1483     spin_unlock_bh(&t->wl->lock);
1484 }
1485
1486 /*
1487  * Adds a timer to the list. Caller supplies a timer function.
1488  * Is called from wlc.
1489  *
1490  * precondition: perimeter lock has been acquired
1491  */
1492 struct brcms_timer *brcms_init_timer(struct brcms_info *wl,
1493                      void (*fn) (void *arg),
1494                      void *arg, const char *name)
1495 {
1496     struct brcms_timer *t;
1497
1498     t = kzalloc(sizeof(struct brcms_timer), GFP_ATOMIC);
1499     if (!t)
1500         return NULL;
1501
1502     INIT_DELAYED_WORK(&t->dly_wrk, _brcms_timer);
1503     t->wl = wl;
1504     t->fn = fn;
1505     t->arg = arg;
1506     t->next = wl->timers;
1507     wl->timers = t;
1508
1509 #ifdef DEBUG
1510     t->name = kstrdup(name, GFP_ATOMIC);
1511 #endif
1512
1513     return t;
1514 }
1515
1516 /*
1517  * adds only the kernel timer since it's going to be more accurate
1518  * as well as it's easier to make it periodic
1519  *
1520  * precondition: perimeter lock has been acquired
1521  */
1522 void brcms_add_timer(struct brcms_timer *t, uint ms, int periodic)
1523 {
1524     struct ieee80211_hw *hw = t->wl->pub->ieee_hw;
1525
1526 #ifdef DEBUG
1527     if (t->set)
1528         brcms_dbg_info(t->wl->wlc->hw->d11core,
1529                    "%s: Already set. Name: %s, per %d\n",
1530                    __func__, t->name, periodic);
1531 #endif
1532     t->ms = ms;
1533     t->periodic = (bool) periodic;
1534     if (!t->set) {
1535         t->set = true;
1536         atomic_inc(&t->wl->callbacks);
1537     }
1538
1539     ieee80211_queue_delayed_work(hw, &t->dly_wrk, msecs_to_jiffies(ms));
1540 }
1541
1542 /*
1543  * return true if timer successfully deleted, false if still pending
1544  *
1545  * precondition: perimeter lock has been acquired
1546  */
1547 bool brcms_del_timer(struct brcms_timer *t)
1548 {
1549     if (t->set) {
1550         t->set = false;
1551         if (!cancel_delayed_work(&t->dly_wrk))
1552             return false;
1553
1554         atomic_dec(&t->wl->callbacks);
1555     }
1556
1557     return true;
1558 }
1559
1560 /*
1561  * precondition: perimeter lock has been acquired
1562  */
1563 void brcms_free_timer(struct brcms_timer *t)
1564 {
1565     struct brcms_info *wl = t->wl;
1566     struct brcms_timer *tmp;
1567
1568     /* delete the timer in case it is active */
1569     brcms_del_timer(t);
1570
1571     if (wl->timers == t) {
1572         wl->timers = wl->timers->next;
1573 #ifdef DEBUG
1574         kfree(t->name);
1575 #endif
1576         kfree(t);
1577         return;
1578
1579     }
1580
1581     tmp = wl->timers;
1582     while (tmp) {
1583         if (tmp->next == t) {
1584             tmp->next = t->next;
1585 #ifdef DEBUG
1586             kfree(t->name);
1587 #endif
1588             kfree(t);
1589             return;
1590         }
1591         tmp = tmp->next;
1592     }
1593
1594 }
1595
1596 /*
1597  * precondition: no locking required
1598  */
1599 int brcms_ucode_init_buf(struct brcms_info *wl, void **pbuf, u32 idx)
1600 {
1601     int i, entry;
1602     const u8 *pdata;
1603     struct firmware_hdr *hdr;
1604     for (i = 0; i < wl->fw.fw_cnt; i++) {
1605         hdr = (struct firmware_hdr *)wl->fw.fw_hdr[i]->data;
1606         for (entry = 0; entry < wl->fw.hdr_num_entries[i];
1607              entry++, hdr++) {
1608             u32 len = le32_to_cpu(hdr->len);
1609             if (le32_to_cpu(hdr->idx) == idx) {
1610                 pdata = wl->fw.fw_bin[i]->data +
1611                     le32_to_cpu(hdr->offset);
1612                 *pbuf = kvmalloc(len, GFP_KERNEL);
1613                 if (*pbuf == NULL)
1614                     goto fail;
1615                 memcpy(*pbuf, pdata, len);
1616                 return 0;
1617             }
1618         }
1619     }
1620     brcms_err(wl->wlc->hw->d11core,
1621           "ERROR: ucode buf tag:%d can not be found!\n", idx);
1622     *pbuf = NULL;
1623 fail:
1624     return -ENODATA;
1625 }
1626
1627 /*
1628  * Precondition: Since this function is called in brcms_bcma_probe() context,
1629  * no locking is required.
1630  */
1631 int brcms_ucode_init_uint(struct brcms_info *wl, size_t *n_bytes, u32 idx)
1632 {
1633     int i, entry;
1634     const u8 *pdata;
1635     struct firmware_hdr *hdr;
1636     for (i = 0; i < wl->fw.fw_cnt; i++) {
1637         hdr = (struct firmware_hdr *)wl->fw.fw_hdr[i]->data;
1638         for (entry = 0; entry < wl->fw.hdr_num_entries[i];
1639              entry++, hdr++) {
1640             if (le32_to_cpu(hdr->idx) == idx) {
1641                 pdata = wl->fw.fw_bin[i]->data +
1642                     le32_to_cpu(hdr->offset);
1643                 if (le32_to_cpu(hdr->len) != 4) {
1644                     brcms_err(wl->wlc->hw->d11core,
1645                           "ERROR: fw hdr len\n");
1646                     return -ENOMSG;
1647                 }
1648                 *n_bytes = le32_to_cpu(*((__le32 *) pdata));
1649                 return 0;
1650             }
1651         }
1652     }
1653     brcms_err(wl->wlc->hw->d11core,
1654           "ERROR: ucode tag:%d can not be found!\n", idx);
1655     return -ENOMSG;
1656 }
1657
1658 /*
1659  * precondition: can both be called locked and unlocked
1660  */
1661 void brcms_ucode_free_buf(void *p)
1662 {
1663     kvfree(p);
1664 }
1665
1666 /*
1667  * checks validity of all firmware images loaded from user space
1668  *
1669  * Precondition: Since this function is called in brcms_bcma_probe() context,
1670  * no locking is required.
1671  */
1672 int brcms_check_firmwares(struct brcms_info *wl)
1673 {
1674     int i;
1675     int entry;
1676     int rc = 0;
1677     const struct firmware *fw;
1678     const struct firmware *fw_hdr;
1679     struct firmware_hdr *ucode_hdr;
1680     for (i = 0; i < MAX_FW_IMAGES && rc == 0; i++) {
1681         fw =  wl->fw.fw_bin[i];
1682         fw_hdr = wl->fw.fw_hdr[i];
1683         if (fw == NULL && fw_hdr == NULL) {
1684             break;
1685         } else if (fw == NULL || fw_hdr == NULL) {
1686             wiphy_err(wl->wiphy, "%s: invalid bin/hdr fw\n",
1687                   __func__);
1688             rc = -EBADF;
1689         } else if (fw_hdr->size % sizeof(struct firmware_hdr)) {
1690             wiphy_err(wl->wiphy, "%s: non integral fw hdr file "
1691                 "size %zu/%zu\n", __func__, fw_hdr->size,
1692                 sizeof(struct firmware_hdr));
1693             rc = -EBADF;
1694         } else if (fw->size < MIN_FW_SIZE || fw->size > MAX_FW_SIZE) {
1695             wiphy_err(wl->wiphy, "%s: out of bounds fw file size %zu\n",
1696                   __func__, fw->size);
1697             rc = -EBADF;
1698         } else {
1699             /* check if ucode section overruns firmware image */
1700             ucode_hdr = (struct firmware_hdr *)fw_hdr->data;
1701             for (entry = 0; entry < wl->fw.hdr_num_entries[i] &&
1702                  !rc; entry++, ucode_hdr++) {
1703                 if (le32_to_cpu(ucode_hdr->offset) +
1704                     le32_to_cpu(ucode_hdr->len) >
1705                     fw->size) {
1706                     wiphy_err(wl->wiphy,
1707                           "%s: conflicting bin/hdr\n",
1708                           __func__);
1709                     rc = -EBADF;
1710                 }
1711             }
1712         }
1713     }
1714     if (rc == 0 && wl->fw.fw_cnt != i) {
1715         wiphy_err(wl->wiphy, "%s: invalid fw_cnt=%d\n", __func__,
1716             wl->fw.fw_cnt);
1717         rc = -EBADF;
1718     }
1719     return rc;
1720 }
1721
1722 /*
1723  * precondition: perimeter lock has been acquired
1724  */
1725 bool brcms_rfkill_set_hw_state(struct brcms_info *wl)
1726     __must_hold(&wl->lock)
1727 {
1728     bool blocked = brcms_c_check_radio_disabled(wl->wlc);
1729
1730     spin_unlock_bh(&wl->lock);
1731     wiphy_rfkill_set_hw_state(wl->pub->ieee_hw->wiphy, blocked);
1732     if (blocked)
1733         wiphy_rfkill_start_polling(wl->pub->ieee_hw->wiphy);
1734     spin_lock_bh(&wl->lock);
1735     return blocked;
1736 }